You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@nuttx.apache.org by GitBox <gi...@apache.org> on 2022/10/20 19:36:58 UTC
[GitHub] [incubator-nuttx] pkarashchenko commented on a diff in pull request #7374: wireless/bcm43xxx: correct auth status if PSK is invaild
pkarashchenko commented on code in PR #7374:
URL: https://github.com/apache/incubator-nuttx/pull/7374#discussion_r1001035552
##########
drivers/wireless/ieee80211/bcm43xxx/bcmf_driver.c:
##########
@@ -114,6 +123,48 @@ enum
DL_TYPE_CLM = 2
};
+begin_packed_struct struct wpa_cipher_suite
+{
+ uint8_t oui[3];
+ uint8_t type;
+} end_packed_struct;
+
+typedef struct wpa_cipher_suite wpa_cipher_suite_t;
+
+begin_packed_struct struct wpa_rsn
+{
+ uint16_t version;
+ wpa_cipher_suite_t group;
+ uint16_t scount;
+ wpa_cipher_suite_t pairwise[0];
+} end_packed_struct;
+
+typedef struct wpa_rsn wpa_rsn_t;
+
+begin_packed_struct struct wpa_akm
+{
+ uint16_t scount;
+ wpa_cipher_suite_t suite[0];
+} end_packed_struct;
+
+typedef struct wpa_akm wpa_akm_t;
+
+begin_packed_struct struct wpa_ie_fixed
+{
+ uint8_t tag; /* TAG */
+ uint8_t length; /* TAG length */
+ uint8_t oui[3]; /* IE OUI */
+ uint8_t oui_type; /* OUI type */
+ begin_packed_struct struct
+ {
+ uint8_t low;
+ uint8_t high;
+ }
+ end_packed_struct version; /* IE version */
Review Comment:
```suggestion
end_packed_struct version; /* IE version */
```
##########
drivers/wireless/ieee80211/bcm43xxx/bcmf_driver.c:
##########
@@ -1720,10 +1897,9 @@ int bcmf_wl_get_rssi(FAR struct bcmf_dev_s *priv, struct iwreq *iwr)
int bcmf_wl_set_encode_ext(FAR struct bcmf_dev_s *priv, struct iwreq *iwr)
Review Comment:
```suggestion
int bcmf_wl_set_encode_ext(FAR struct bcmf_dev_s *priv, FAR struct iwreq *iwr)
```
##########
drivers/wireless/ieee80211/bcm43xxx/bcmf_driver.c:
##########
@@ -1779,39 +1957,64 @@ int bcmf_wl_set_ssid(FAR struct bcmf_dev_s *priv, struct iwreq *iwr)
return -EINVAL;
}
- if (iwr->u.essid.flags)
+ out_len = sizeof(scbval);
+ memset(&scbval, 0x0, out_len);
+ ret = bcmf_cdc_ioctl(priv, interface, true,
+ WLC_DISASSOC, (uint8_t *)&scbval, &out_len);
+ if (ret < 0 || !iwr->u.essid.flags)
{
- ssid.ssid_len = iwr->u.essid.length;
- memcpy(ssid.SSID, iwr->u.essid.pointer, iwr->u.essid.length);
-
- /* Configure AP SSID and trig authentication request */
+ goto errout_with_auth;
+ }
- out_len = sizeof(ssid);
+ if (priv->auth_pending)
+ {
+ out_len = sizeof(priv->auth_pmk);
ret = bcmf_cdc_ioctl(priv, interface, true,
- WLC_SET_SSID, (uint8_t *)&ssid, &out_len);
+ WLC_SET_WSEC_PMK,
+ (uint8_t *)&priv->auth_pmk, &out_len);
if (ret < 0)
{
- wlerr("Associate request failure\n");
- return ret;
+ goto errout_with_auth;
}
}
- else
+
+ /* Init authentication signal semaphore */
+
+ ret = nxsem_init(&auth_signal, 0, 0);
+ if (ret == OK)
{
- out_len = sizeof(scbval);
- memset(&scbval, 0x0, out_len);
+ ret = nxsem_set_protocol(&auth_signal, SEM_PRIO_NONE);
+ }
- return bcmf_cdc_ioctl(priv, interface, true,
- WLC_DISASSOC, (uint8_t *)&scbval, &out_len);
+ if (ret < OK)
+ {
+ goto errout_with_auth;
}
- ret = nxsem_tickwait_uninterruptible(&priv->auth_signal,
- MSEC2TICK(BCMF_AUTH_TIMEOUT_MS));
- wlinfo("semwait done ! %d\n", ret);
+ priv->auth_signal = &auth_signal;
+
+ ssid.ssid_len = iwr->u.essid.length;
+ memcpy(ssid.SSID, iwr->u.essid.pointer, iwr->u.essid.length);
+
+ /* Configure AP SSID and trig authentication request */
+
+ out_len = sizeof(ssid);
+ ret = bcmf_cdc_ioctl(priv, interface, true,
+ WLC_SET_SSID,
+ (uint8_t *)&ssid, &out_len);
Review Comment:
```suggestion
(FAR uint8_t *)&ssid, &out_len);
```
##########
drivers/wireless/ieee80211/bcm43xxx/bcmf_driver.c:
##########
@@ -501,14 +549,6 @@ int bcmf_wl_active(FAR struct bcmf_dev_s *priv, bool active)
int bcmf_driver_initialize(FAR struct bcmf_dev_s *priv)
{
- int i;
-
- /* FIXME Configure event mask to enable all asynchronous events */
-
- for (i = 0; i < BCMF_EVENT_COUNT; i++)
- {
- bcmf_event_register(priv, bcmf_wl_default_event_handler, i);
- }
Review Comment:
```suggestion
```
##########
drivers/wireless/ieee80211/bcm43xxx/bcmf_driver.c:
##########
@@ -1766,11 +1943,12 @@ int bcmf_wl_set_encode_ext(FAR struct bcmf_dev_s *priv, struct iwreq *iwr)
int bcmf_wl_set_ssid(FAR struct bcmf_dev_s *priv, struct iwreq *iwr)
Review Comment:
```suggestion
int bcmf_wl_set_ssid(FAR struct bcmf_dev_s *priv, FAR struct iwreq *iwr)
```
##########
drivers/wireless/ieee80211/bcm43xxx/bcmf_driver.c:
##########
@@ -124,9 +175,6 @@ static int bcmf_driver_download_clm(FAR struct bcmf_dev_s *priv);
/* FIXME only for debug purpose */
-static void bcmf_wl_default_event_handler(FAR struct bcmf_dev_s *priv,
- struct bcmf_event_s *event, unsigned int len);
-
static void bcmf_wl_radio_event_handler(FAR struct bcmf_dev_s *priv,
struct bcmf_event_s *event, unsigned int len);
Review Comment:
```suggestion
FAR struct bcmf_event_s *event, unsigned int len);
```
##########
drivers/wireless/ieee80211/bcm43xxx/bcmf_driver.c:
##########
@@ -1720,10 +1897,9 @@ int bcmf_wl_get_rssi(FAR struct bcmf_dev_s *priv, struct iwreq *iwr)
int bcmf_wl_set_encode_ext(FAR struct bcmf_dev_s *priv, struct iwreq *iwr)
{
- int interface;
struct iw_encode_ext *ext;
Review Comment:
```suggestion
FAR struct iw_encode_ext *ext;
```
##########
drivers/wireless/ieee80211/bcm43xxx/bcmf_driver.c:
##########
@@ -578,11 +605,15 @@ void bcmf_wl_auth_event_handler(FAR struct bcmf_dev_s *priv,
struct bcmf_event_s *event,
Review Comment:
```suggestion
FAR struct bcmf_event_s *event,
```
##########
drivers/wireless/ieee80211/bcm43xxx/bcmf_driver.c:
##########
@@ -695,6 +762,128 @@ void bcmf_wl_scan_event_handler(FAR struct bcmf_dev_s *priv,
bss->BSSID.ether_addr_octet[5],
bss->RSSI, bss->phy_noise, bss->SNR);
+ if (strnlen((FAR const char *)bss->SSID,
+ sizeof(bss->SSID)) == 0)
+ {
+ continue;
+ }
+
+ if (bss->ctl_ch == 0)
+ {
+ continue;
+ }
+
+ ie_offset = 0;
+ ie_buffer = (FAR uint8_t *)bss + bss->ie_offset;
+
+ while (1)
+ {
+ size_t ie_frame_size;
+
+ if (bss->ie_length - ie_offset < 2)
+ {
+ /* Minimum Information element size is 2 bytes */
+
+ break;
+ }
+
+ ie_frame_size = ie_buffer[ie_offset + 1] + 2;
+
+ if (ie_frame_size > bss->ie_length - ie_offset)
+ {
+ /* Entry too big */
+
+ break;
+ }
+
+ switch (ie_buffer[ie_offset])
+ {
+ case IEEE80211_ELEMID_RSN:
+ {
+ FAR wpa_rsn_t *rsn = (FAR wpa_rsn_t *)
+ &ie_buffer[ie_offset + 2];
+ FAR wpa_akm_t *akm;
+
+ if (rsn->version != WPA_VERSION)
+ {
+ goto process_next_bss;
+ }
+
+ vaild_bss = false;
+
+ suitelen = sizeof(*rsn) + rsn->scount *
+ sizeof(wpa_cipher_suite_t);
+
+ if (ie_buffer[ie_offset + 1] > suitelen + 2)
+ {
+ akm = (FAR wpa_akm_t *)
+ &ie_buffer[ie_offset + suitelen + 2];
+ for (j = 0; j < akm->scount; j++)
+ {
+ uint32_t suite = ntohl
+ (*(FAR uint32_t *)&akm->suite[j]);
+ if (suite == WLAN_AKM_SUITE_PSK)
+ {
+ goto vaild_bss;
+ }
+ }
+ }
+ break;
+ }
+
+ case IEEE80211_ELEMID_VENDOR:
+ {
+ FAR wpa_ie_fixed_t *ie = (wpa_ie_fixed_t *)
Review Comment:
```suggestion
FAR wpa_ie_fixed_t *ie = (FAR wpa_ie_fixed_t *)
```
##########
drivers/wireless/ieee80211/bcm43xxx/bcmf_driver.c:
##########
@@ -695,6 +762,128 @@ void bcmf_wl_scan_event_handler(FAR struct bcmf_dev_s *priv,
bss->BSSID.ether_addr_octet[5],
bss->RSSI, bss->phy_noise, bss->SNR);
+ if (strnlen((FAR const char *)bss->SSID,
+ sizeof(bss->SSID)) == 0)
+ {
+ continue;
+ }
+
+ if (bss->ctl_ch == 0)
+ {
+ continue;
+ }
+
+ ie_offset = 0;
+ ie_buffer = (FAR uint8_t *)bss + bss->ie_offset;
+
+ while (1)
+ {
+ size_t ie_frame_size;
+
+ if (bss->ie_length - ie_offset < 2)
+ {
+ /* Minimum Information element size is 2 bytes */
+
+ break;
+ }
+
+ ie_frame_size = ie_buffer[ie_offset + 1] + 2;
+
+ if (ie_frame_size > bss->ie_length - ie_offset)
+ {
+ /* Entry too big */
+
+ break;
+ }
+
+ switch (ie_buffer[ie_offset])
+ {
+ case IEEE80211_ELEMID_RSN:
+ {
+ FAR wpa_rsn_t *rsn = (FAR wpa_rsn_t *)
+ &ie_buffer[ie_offset + 2];
+ FAR wpa_akm_t *akm;
+
+ if (rsn->version != WPA_VERSION)
+ {
+ goto process_next_bss;
+ }
+
+ vaild_bss = false;
+
+ suitelen = sizeof(*rsn) + rsn->scount *
+ sizeof(wpa_cipher_suite_t);
+
+ if (ie_buffer[ie_offset + 1] > suitelen + 2)
+ {
+ akm = (FAR wpa_akm_t *)
+ &ie_buffer[ie_offset + suitelen + 2];
+ for (j = 0; j < akm->scount; j++)
+ {
+ uint32_t suite = ntohl
+ (*(FAR uint32_t *)&akm->suite[j]);
+ if (suite == WLAN_AKM_SUITE_PSK)
+ {
+ goto vaild_bss;
+ }
+ }
+ }
+ break;
+ }
+
+ case IEEE80211_ELEMID_VENDOR:
+ {
+ FAR wpa_ie_fixed_t *ie = (wpa_ie_fixed_t *)
+ &ie_buffer[ie_offset];
+ FAR wpa_akm_t *akm;
+ FAR wpa_rsn_t *rsn;
+
+ /* WPA_OUI */
+
+ if (memcmp(&ie->oui[0], "\x00\x50\xf2\x01", 4))
+ {
+ break;
+ }
+
+ vaild_bss = false;
+
+ rsn = (wpa_rsn_t *)&ie_buffer[ie_offset +
Review Comment:
```suggestion
rsn = (FAR wpa_rsn_t *)&ie_buffer[ie_offset +
```
##########
drivers/wireless/ieee80211/bcm43xxx/bcmf_driver.c:
##########
@@ -1779,39 +1957,64 @@ int bcmf_wl_set_ssid(FAR struct bcmf_dev_s *priv, struct iwreq *iwr)
return -EINVAL;
}
- if (iwr->u.essid.flags)
+ out_len = sizeof(scbval);
+ memset(&scbval, 0x0, out_len);
+ ret = bcmf_cdc_ioctl(priv, interface, true,
+ WLC_DISASSOC, (uint8_t *)&scbval, &out_len);
Review Comment:
```suggestion
WLC_DISASSOC, (FAR uint8_t *)&scbval, &out_len);
```
##########
drivers/wireless/ieee80211/bcm43xxx/bcmf_driver.c:
##########
@@ -1779,39 +1957,64 @@ int bcmf_wl_set_ssid(FAR struct bcmf_dev_s *priv, struct iwreq *iwr)
return -EINVAL;
}
- if (iwr->u.essid.flags)
+ out_len = sizeof(scbval);
+ memset(&scbval, 0x0, out_len);
+ ret = bcmf_cdc_ioctl(priv, interface, true,
+ WLC_DISASSOC, (uint8_t *)&scbval, &out_len);
+ if (ret < 0 || !iwr->u.essid.flags)
{
- ssid.ssid_len = iwr->u.essid.length;
- memcpy(ssid.SSID, iwr->u.essid.pointer, iwr->u.essid.length);
-
- /* Configure AP SSID and trig authentication request */
+ goto errout_with_auth;
+ }
- out_len = sizeof(ssid);
+ if (priv->auth_pending)
+ {
+ out_len = sizeof(priv->auth_pmk);
ret = bcmf_cdc_ioctl(priv, interface, true,
- WLC_SET_SSID, (uint8_t *)&ssid, &out_len);
+ WLC_SET_WSEC_PMK,
+ (uint8_t *)&priv->auth_pmk, &out_len);
Review Comment:
```suggestion
(FAR uint8_t *)&priv->auth_pmk, &out_len);
```
##########
drivers/wireless/ieee80211/bcm43xxx/bcmf_driver.h:
##########
@@ -92,8 +92,10 @@ struct bcmf_dev_s
FAR wl_bss_info_t *scan_result; /* Temp buffer that holds results */
unsigned int scan_result_entries; /* Current entries of temp buffer */
- sem_t auth_signal; /* Authentication notification signal */
- int auth_status; /* Authentication status */
+ sem_t *auth_signal; /* Authentication notification signal */
Review Comment:
```suggestion
FAR sem_t *auth_signal; /* Authentication notification signal */
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@nuttx.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org