[PATCHv2 04/21] Avoid access to non-existing interfaces

Michael Braun michael-dev
Thu Jun 6 03:09:17 PDT 2013 

Currently, hostapd_get_vlan_id_ifname is used to determine if a
given vlan is valid *and* to actually determine the interface.
This leads to wpa_set_keys sometimes setting the key on the
wildcard interface name, which does not make sense.

This patch therefore adds hostapd_vlan_id_valid and makes
hostapd_get_vlan_id_ifname not return a wildcard interface.

Signed-hostap: Michael Braun <michael-dev at fami-braun.de>

diff --git a/src/ap/ap_config.c b/src/ap/ap_config.c
index 7ab86fc..4c69dd6 100644
--- a/src/ap/ap_config.c
+++ b/src/ap/ap_config.c
@@ -606,11 +606,22 @@ int hostapd_rate_found(int *list, int rate)
 }
 
 
-const char * hostapd_get_vlan_id_ifname(struct hostapd_vlan *vlan, int vlan_id)
+int hostapd_vlan_id_valid(struct hostapd_vlan *vlan, int vlan_id)
 {
 	struct hostapd_vlan *v = vlan;
 	while (v) {
 		if (v->vlan_id == vlan_id || v->vlan_id == VLAN_ID_WILDCARD)
+			return 1;
+		v = v->next;
+	}
+	return 0;
+}
+
+const char * hostapd_get_vlan_id_ifname(struct hostapd_vlan *vlan, int vlan_id)
+{
+	struct hostapd_vlan *v = vlan;
+	while (v) {
+		if (v->vlan_id == vlan_id)
 			return v->ifname;
 		v = v->next;
 	}
diff --git a/src/ap/ap_config.h b/src/ap/ap_config.h
index 5cb951f..98783fe 100644
--- a/src/ap/ap_config.h
+++ b/src/ap/ap_config.h
@@ -549,6 +549,7 @@ const u8 * hostapd_get_psk(const struct hostapd_bss_config *conf,
 int hostapd_setup_wpa_psk(struct hostapd_bss_config *conf);
 const char * hostapd_get_vlan_id_ifname(struct hostapd_vlan *vlan,
 					int vlan_id);
+int hostapd_vlan_id_valid(struct hostapd_vlan *vlan, int vlan_id);
 struct hostapd_radius_attr *
 hostapd_config_get_radius_attr(struct hostapd_radius_attr *attr, u8 type);
 
diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c
index 2e570c0..5503af1 100644
--- a/src/ap/ieee802_11.c
+++ b/src/ap/ieee802_11.c
@@ -650,8 +650,7 @@ static void handle_auth(struct hostapd_data *hapd,
 	}
 
 	if (vlan_id > 0) {
-		if (hostapd_get_vlan_id_ifname(hapd->conf->vlan,
-					       vlan_id) == NULL) {
+		if (!hostapd_vlan_id_valid(hapd->conf->vlan, vlan_id)) {
 			hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_RADIUS,
 				       HOSTAPD_LEVEL_INFO, "Invalid VLAN ID "
 				       "%d received from RADIUS server",
diff --git a/src/ap/ieee802_1x.c b/src/ap/ieee802_1x.c
index cc5f83c..d3dda14 100644
--- a/src/ap/ieee802_1x.c
+++ b/src/ap/ieee802_1x.c
@@ -1438,8 +1438,7 @@ ieee802_1x_receive_auth(struct radius_msg *msg, struct radius_msg *req,
 			sta->vlan_id = radius_msg_get_vlanid(msg);
 		}
 		if (sta->vlan_id > 0 &&
-		    hostapd_get_vlan_id_ifname(hapd->conf->vlan,
-					       sta->vlan_id)) {
+		    hostapd_vlan_id_valid(hapd->conf->vlan, sta->vlan_id)) {
 			hostapd_logger(hapd, sta->addr,
 				       HOSTAPD_MODULE_RADIUS,
 				       HOSTAPD_LEVEL_INFO,

More information about the Hostap mailing list