aboutsummaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/eap_server/eap.c52
-rw-r--r--src/eap_server/eap_aka.c44
-rw-r--r--src/eap_server/eap_fast.c24
-rw-r--r--src/eap_server/eap_gpsk.c56
-rw-r--r--src/eap_server/eap_gtc.c8
-rw-r--r--src/eap_server/eap_identity.c10
-rw-r--r--src/eap_server/eap_md5.c6
-rw-r--r--src/eap_server/eap_methods.c6
-rw-r--r--src/eap_server/eap_mschapv2.c26
-rw-r--r--src/eap_server/eap_pax.c30
-rw-r--r--src/eap_server/eap_peap.c38
-rw-r--r--src/eap_server/eap_psk.c72
-rw-r--r--src/eap_server/eap_sake.c4
-rw-r--r--src/eap_server/eap_sim.c44
-rw-r--r--src/eap_server/eap_sim_db.c176
-rw-r--r--src/eap_server/eap_tls.c14
-rw-r--r--src/eap_server/eap_tls_common.c42
-rw-r--r--src/eap_server/eap_tlv.c4
-rw-r--r--src/eap_server/eap_ttls.c148
-rw-r--r--src/eap_server/eap_vendor_test.c10
-rw-r--r--src/radius/radius_client.c4
-rw-r--r--src/radius/radius_server.c173
22 files changed, 497 insertions, 494 deletions
diff --git a/src/eap_server/eap.c b/src/eap_server/eap.c
index 04a78a5..567ecec 100644
--- a/src/eap_server/eap.c
+++ b/src/eap_server/eap.c
@@ -127,7 +127,7 @@ SM_STATE(EAP, INITIALIZE)
sm->eap_if.eapSuccess = FALSE;
sm->eap_if.eapFail = FALSE;
sm->eap_if.eapTimeout = FALSE;
- free(sm->eap_if.eapKeyData);
+ os_free(sm->eap_if.eapKeyData);
sm->eap_if.eapKeyData = NULL;
sm->eap_if.eapKeyDataLen = 0;
sm->eap_if.eapKeyAvailable = FALSE;
@@ -276,7 +276,7 @@ SM_STATE(EAP, METHOD_REQUEST)
wpa_printf(MSG_DEBUG, "EAP: building EAP-Request: Identifier %d",
sm->currentId);
sm->lastId = sm->currentId;
- free(sm->eap_if.eapReqData);
+ os_free(sm->eap_if.eapReqData);
sm->eap_if.eapReqData = sm->m->buildReq(sm, sm->eap_method_priv,
sm->currentId,
&sm->eap_if.eapReqDataLen);
@@ -295,7 +295,7 @@ SM_STATE(EAP, METHOD_RESPONSE)
sm->eap_if.eapRespDataLen);
if (sm->m->isDone(sm, sm->eap_method_priv)) {
eap_sm_Policy_update(sm, NULL, 0);
- free(sm->eap_if.eapKeyData);
+ os_free(sm->eap_if.eapKeyData);
if (sm->m->getKey) {
sm->eap_if.eapKeyData = sm->m->getKey(
sm, sm->eap_method_priv,
@@ -396,10 +396,10 @@ SM_STATE(EAP, FAILURE)
{
SM_ENTRY(EAP, FAILURE);
- free(sm->eap_if.eapReqData);
+ os_free(sm->eap_if.eapReqData);
sm->eap_if.eapReqData = eap_sm_buildFailure(sm, sm->currentId,
&sm->eap_if.eapReqDataLen);
- free(sm->lastReqData);
+ os_free(sm->lastReqData);
sm->lastReqData = NULL;
sm->lastReqDataLen = 0;
sm->eap_if.eapFail = TRUE;
@@ -410,10 +410,10 @@ SM_STATE(EAP, SUCCESS)
{
SM_ENTRY(EAP, SUCCESS);
- free(sm->eap_if.eapReqData);
+ os_free(sm->eap_if.eapReqData);
sm->eap_if.eapReqData = eap_sm_buildSuccess(sm, sm->currentId,
&sm->eap_if.eapReqDataLen);
- free(sm->lastReqData);
+ os_free(sm->lastReqData);
sm->lastReqData = NULL;
sm->lastReqDataLen = 0;
if (sm->eap_if.eapKeyData)
@@ -870,7 +870,7 @@ static u8 * eap_sm_buildSuccess(struct eap_sm *sm, int id, size_t *len)
wpa_printf(MSG_DEBUG, "EAP: Building EAP-Success (id=%d)", id);
*len = sizeof(*resp);
- resp = malloc(*len);
+ resp = os_malloc(*len);
if (resp == NULL)
return NULL;
resp->code = EAP_CODE_SUCCESS;
@@ -887,7 +887,7 @@ static u8 * eap_sm_buildFailure(struct eap_sm *sm, int id, size_t *len)
wpa_printf(MSG_DEBUG, "EAP: Building EAP-Failure (id=%d)", id);
*len = sizeof(*resp);
- resp = malloc(*len);
+ resp = os_malloc(*len);
if (resp == NULL)
return NULL;
resp->code = EAP_CODE_FAILURE;
@@ -957,9 +957,9 @@ void eap_sm_process_nak(struct eap_sm *sm, u8 *nak_list, size_t len)
not_found:
/* not found - remove from the list */
- memmove(&sm->user->methods[i], &sm->user->methods[i + 1],
- (EAP_MAX_METHODS - i - 1) *
- sizeof(sm->user->methods[0]));
+ os_memmove(&sm->user->methods[i], &sm->user->methods[i + 1],
+ (EAP_MAX_METHODS - i - 1) *
+ sizeof(sm->user->methods[0]));
sm->user->methods[EAP_MAX_METHODS - 1].vendor =
EAP_VENDOR_IETF;
sm->user->methods[EAP_MAX_METHODS - 1].method = EAP_TYPE_NONE;
@@ -1105,9 +1105,9 @@ static void eap_user_free(struct eap_user *user)
{
if (user == NULL)
return;
- free(user->password);
+ os_free(user->password);
user->password = NULL;
- free(user);
+ os_free(user);
}
@@ -1144,7 +1144,7 @@ struct eap_sm * eap_server_sm_init(void *eapol_ctx,
}
}
if (conf->eap_fast_a_id)
- sm->eap_fast_a_id = strdup(conf->eap_fast_a_id);
+ sm->eap_fast_a_id = os_strdup(conf->eap_fast_a_id);
wpa_printf(MSG_DEBUG, "EAP: Server state machine created");
@@ -1166,18 +1166,18 @@ void eap_server_sm_deinit(struct eap_sm *sm)
wpa_printf(MSG_DEBUG, "EAP: Server state machine removed");
if (sm->m && sm->eap_method_priv)
sm->m->reset(sm, sm->eap_method_priv);
- free(sm->eap_if.eapReqData);
- free(sm->eap_if.eapKeyData);
- free(sm->lastReqData);
- free(sm->eap_if.eapRespData);
- free(sm->identity);
- free(sm->pac_opaque_encr_key);
- free(sm->eap_fast_a_id);
- free(sm->eap_if.aaaEapReqData);
- free(sm->eap_if.aaaEapRespData);
- free(sm->eap_if.aaaEapKeyData);
+ os_free(sm->eap_if.eapReqData);
+ os_free(sm->eap_if.eapKeyData);
+ os_free(sm->lastReqData);
+ os_free(sm->eap_if.eapRespData);
+ os_free(sm->identity);
+ os_free(sm->pac_opaque_encr_key);
+ os_free(sm->eap_fast_a_id);
+ os_free(sm->eap_if.aaaEapReqData);
+ os_free(sm->eap_if.aaaEapRespData);
+ os_free(sm->eap_if.aaaEapKeyData);
eap_user_free(sm->user);
- free(sm);
+ os_free(sm);
}
diff --git a/src/eap_server/eap_aka.c b/src/eap_server/eap_aka.c
index 6a2db0a..4fe4065 100644
--- a/src/eap_server/eap_aka.c
+++ b/src/eap_server/eap_aka.c
@@ -103,9 +103,9 @@ static void * eap_aka_init(struct eap_sm *sm)
static void eap_aka_reset(struct eap_sm *sm, void *priv)
{
struct eap_aka_data *data = priv;
- free(data->next_pseudonym);
- free(data->next_reauth_id);
- free(data);
+ os_free(data->next_pseudonym);
+ os_free(data->next_reauth_id);
+ os_free(data);
}
@@ -131,10 +131,10 @@ static int eap_aka_build_encr(struct eap_sm *sm, struct eap_aka_data *data,
struct eap_sim_msg *msg, u16 counter,
const u8 *nonce_s)
{
- free(data->next_pseudonym);
+ os_free(data->next_pseudonym);
data->next_pseudonym =
eap_sim_db_get_next_pseudonym(sm->eap_sim_db_priv, 1);
- free(data->next_reauth_id);
+ os_free(data->next_reauth_id);
if (data->counter <= EAP_AKA_MAX_FAST_REAUTHS) {
data->next_reauth_id =
eap_sim_db_get_next_reauth_id(sm->eap_sim_db_priv, 1);
@@ -167,18 +167,18 @@ static int eap_aka_build_encr(struct eap_sm *sm, struct eap_aka_data *data,
wpa_printf(MSG_DEBUG, " *AT_NEXT_PSEUDONYM (%s)",
data->next_pseudonym);
eap_sim_msg_add(msg, EAP_SIM_AT_NEXT_PSEUDONYM,
- strlen(data->next_pseudonym),
+ os_strlen(data->next_pseudonym),
(u8 *) data->next_pseudonym,
- strlen(data->next_pseudonym));
+ os_strlen(data->next_pseudonym));
}
if (data->next_reauth_id) {
wpa_printf(MSG_DEBUG, " *AT_NEXT_REAUTH_ID (%s)",
data->next_reauth_id);
eap_sim_msg_add(msg, EAP_SIM_AT_NEXT_REAUTH_ID,
- strlen(data->next_reauth_id),
+ os_strlen(data->next_reauth_id),
(u8 *) data->next_reauth_id,
- strlen(data->next_reauth_id));
+ os_strlen(data->next_reauth_id));
}
if (eap_sim_msg_add_encr_end(msg, data->k_encr, EAP_SIM_AT_PADDING)) {
@@ -385,8 +385,8 @@ static void eap_aka_determine_identity(struct eap_sm *sm,
identity = data->reauth->identity;
identity_len = data->reauth->identity_len;
data->counter = data->reauth->counter;
- memcpy(data->mk, data->reauth->mk,
- EAP_SIM_MK_LEN);
+ os_memcpy(data->mk, data->reauth->mk,
+ EAP_SIM_MK_LEN);
}
}
}
@@ -471,11 +471,11 @@ static void eap_aka_process_identity(struct eap_sm *sm,
}
if (attr->identity) {
- free(sm->identity);
- sm->identity = malloc(attr->identity_len);
+ os_free(sm->identity);
+ sm->identity = os_malloc(attr->identity_len);
if (sm->identity) {
- memcpy(sm->identity, attr->identity,
- attr->identity_len);
+ os_memcpy(sm->identity, attr->identity,
+ attr->identity_len);
sm->identity_len = attr->identity_len;
}
}
@@ -505,7 +505,7 @@ static void eap_aka_process_challenge(struct eap_sm *sm,
}
if (attr->res == NULL || attr->res_len != data->res_len ||
- memcmp(attr->res, data->res, data->res_len) != 0) {
+ os_memcmp(attr->res, data->res, data->res_len) != 0) {
wpa_printf(MSG_WARNING, "EAP-AKA: Challenge message did not "
"include valid AT_RES");
data->notification = EAP_SIM_GENERAL_FAILURE_BEFORE_AUTH;
@@ -615,7 +615,7 @@ static void eap_aka_process_reauth(struct eap_sm *sm,
eattr.counter, data->counter);
goto fail;
}
- free(decrypted);
+ os_free(decrypted);
decrypted = NULL;
wpa_printf(MSG_DEBUG, "EAP-AKA: Re-authentication response includes "
@@ -668,7 +668,7 @@ fail:
eap_aka_state(data, NOTIFICATION);
eap_sim_db_remove_reauth(sm->eap_sim_db_priv, data->reauth);
data->reauth = NULL;
- free(decrypted);
+ os_free(decrypted);
}
@@ -786,10 +786,10 @@ static u8 * eap_aka_getKey(struct eap_sm *sm, void *priv, size_t *len)
if (data->state != SUCCESS)
return NULL;
- key = malloc(EAP_SIM_KEYING_DATA_LEN);
+ key = os_malloc(EAP_SIM_KEYING_DATA_LEN);
if (key == NULL)
return NULL;
- memcpy(key, data->msk, EAP_SIM_KEYING_DATA_LEN);
+ os_memcpy(key, data->msk, EAP_SIM_KEYING_DATA_LEN);
*len = EAP_SIM_KEYING_DATA_LEN;
return key;
}
@@ -803,10 +803,10 @@ static u8 * eap_aka_get_emsk(struct eap_sm *sm, void *priv, size_t *len)
if (data->state != SUCCESS)
return NULL;
- key = malloc(EAP_EMSK_LEN);
+ key = os_malloc(EAP_EMSK_LEN);
if (key == NULL)
return NULL;
- memcpy(key, data->emsk, EAP_EMSK_LEN);
+ os_memcpy(key, data->emsk, EAP_EMSK_LEN);
*len = EAP_EMSK_LEN;
return key;
}
diff --git a/src/eap_server/eap_fast.c b/src/eap_server/eap_fast.c
index 00436a8..d761777 100644
--- a/src/eap_server/eap_fast.c
+++ b/src/eap_server/eap_fast.c
@@ -513,8 +513,8 @@ static void eap_fast_reset(struct eap_sm *sm, void *priv)
if (data->phase2_priv && data->phase2_method)
data->phase2_method->reset(sm, data->phase2_priv);
eap_server_tls_ssl_deinit(sm, &data->ssl);
- free(data->srv_id);
- free(data);
+ os_free(data->srv_id);
+ os_free(data);
}
@@ -527,7 +527,7 @@ static u8 * eap_fast_build_start(struct eap_sm *sm, struct eap_fast_data *data,
size_t srv_id_len = os_strlen(data->srv_id);
*reqDataLen = sizeof(*req) + 2 + sizeof(*a_id) + srv_id_len;
- req = malloc(*reqDataLen);
+ req = os_malloc(*reqDataLen);
if (req == NULL) {
wpa_printf(MSG_ERROR, "EAP-FAST: Failed to allocate memory for"
" request");
@@ -614,7 +614,7 @@ static u8 * eap_fast_encrypt(struct eap_sm *sm, struct eap_fast_data *data,
/* TODO: add support for fragmentation, if needed. This will need to
* add TLS Message Length field, if the frame is fragmented. */
- req = malloc(sizeof(struct eap_hdr) + 2 + data->ssl.tls_out_limit);
+ req = os_malloc(sizeof(struct eap_hdr) + 2 + data->ssl.tls_out_limit);
if (req == NULL)
return NULL;
@@ -631,7 +631,7 @@ static u8 * eap_fast_encrypt(struct eap_sm *sm, struct eap_fast_data *data,
if (res < 0) {
wpa_printf(MSG_INFO, "EAP-FAST: Failed to encrypt Phase 2 "
"data");
- free(req);
+ os_free(req);
return NULL;
}
@@ -919,7 +919,7 @@ static u8 * eap_fast_buildReq(struct eap_sm *sm, void *priv, int id,
wpa_hexdump_key(MSG_DEBUG, "EAP-FAST: Encrypting Phase 2 TLVs",
(u8 *) req, req_len);
encr = eap_fast_encrypt(sm, data, id, req, req_len, reqDataLen);
- free(req);
+ os_free(req);
return encr;
}
@@ -1483,9 +1483,9 @@ static void eap_fast_process_phase2(struct eap_sm *sm,
buf_len = in_len;
if (data->ssl.tls_in_total > buf_len)
buf_len = data->ssl.tls_in_total;
- in_decrypted = malloc(buf_len);
+ in_decrypted = os_malloc(buf_len);
if (in_decrypted == NULL) {
- free(data->ssl.tls_in);
+ os_free(data->ssl.tls_in);
data->ssl.tls_in = NULL;
data->ssl.tls_in_len = 0;
wpa_printf(MSG_WARNING, "EAP-FAST: Failed to allocate memory "
@@ -1496,13 +1496,13 @@ static void eap_fast_process_phase2(struct eap_sm *sm,
len_decrypted = tls_connection_decrypt(sm->ssl_ctx, data->ssl.conn,
in_data, in_len,
in_decrypted, buf_len);
- free(data->ssl.tls_in);
+ os_free(data->ssl.tls_in);
data->ssl.tls_in = NULL;
data->ssl.tls_in_len = 0;
if (len_decrypted < 0) {
wpa_printf(MSG_INFO, "EAP-FAST: Failed to decrypt Phase 2 "
"data");
- free(in_decrypted);
+ os_free(in_decrypted);
eap_fast_state(data, FAILURE);
return;
}
@@ -1512,7 +1512,7 @@ static void eap_fast_process_phase2(struct eap_sm *sm,
eap_fast_process_phase2_tlvs(sm, data, in_decrypted, len_decrypted);
- free(in_decrypted);
+ os_free(in_decrypted);
}
@@ -1560,7 +1560,7 @@ static void eap_fast_process(struct eap_sm *sm, void *priv,
if (data->ssl.tls_in_left == 0) {
data->ssl.tls_in_total = tls_msg_len;
data->ssl.tls_in_left = tls_msg_len;
- free(data->ssl.tls_in);
+ os_free(data->ssl.tls_in);
data->ssl.tls_in = NULL;
data->ssl.tls_in_len = 0;
}
diff --git a/src/eap_server/eap_gpsk.c b/src/eap_server/eap_gpsk.c
index 8c8d367..a57d5df 100644
--- a/src/eap_server/eap_gpsk.c
+++ b/src/eap_server/eap_gpsk.c
@@ -77,9 +77,9 @@ static void * eap_gpsk_init(struct eap_sm *sm)
data->state = GPSK_1;
/* TODO: add support for configuring ID_Server */
- data->id_server = (u8 *) strdup("hostapd");
+ data->id_server = (u8 *) os_strdup("hostapd");
if (data->id_server)
- data->id_server_len = strlen((char *) data->id_server);
+ data->id_server_len = os_strlen((char *) data->id_server);
data->csuite_count = 0;
if (eap_gpsk_supported_ciphersuite(EAP_GPSK_VENDOR_IETF,
@@ -106,9 +106,9 @@ static void * eap_gpsk_init(struct eap_sm *sm)
static void eap_gpsk_reset(struct eap_sm *sm, void *priv)
{
struct eap_gpsk_data *data = priv;
- free(data->id_server);
- free(data->id_peer);
- free(data);
+ os_free(data->id_server);
+ os_free(data->id_peer);
+ os_free(data);
}
@@ -146,16 +146,16 @@ static u8 * eap_gpsk_build_gpsk_1(struct eap_sm *sm,
WPA_PUT_BE16(pos, data->id_server_len);
pos += 2;
if (data->id_server)
- memcpy(pos, data->id_server, data->id_server_len);
+ os_memcpy(pos, data->id_server, data->id_server_len);
pos += data->id_server_len;
- memcpy(pos, data->rand_server, EAP_GPSK_RAND_LEN);
+ os_memcpy(pos, data->rand_server, EAP_GPSK_RAND_LEN);
pos += EAP_GPSK_RAND_LEN;
WPA_PUT_BE16(pos, data->csuite_count * sizeof(struct eap_gpsk_csuite));
pos += 2;
- memcpy(pos, data->csuite_list,
- data->csuite_count * sizeof(struct eap_gpsk_csuite));
+ os_memcpy(pos, data->csuite_list,
+ data->csuite_count * sizeof(struct eap_gpsk_csuite));
return (u8 *) req;
}
@@ -187,14 +187,14 @@ static u8 * eap_gpsk_build_gpsk_3(struct eap_sm *sm,
*pos++ = EAP_GPSK_OPCODE_GPSK_3;
start = pos;
- memcpy(pos, data->rand_peer, EAP_GPSK_RAND_LEN);
+ os_memcpy(pos, data->rand_peer, EAP_GPSK_RAND_LEN);
pos += EAP_GPSK_RAND_LEN;
- memcpy(pos, data->rand_server, EAP_GPSK_RAND_LEN);
+ os_memcpy(pos, data->rand_server, EAP_GPSK_RAND_LEN);
pos += EAP_GPSK_RAND_LEN;
WPA_PUT_BE16(pos, data->id_server_len);
pos += 2;
if (data->id_server)
- memcpy(pos, data->id_server, data->id_server_len);
+ os_memcpy(pos, data->id_server, data->id_server_len);
pos += data->id_server_len;
csuite = (struct eap_gpsk_csuite *) pos;
WPA_PUT_BE32(csuite->vendor, data->vendor);
@@ -208,7 +208,7 @@ static u8 * eap_gpsk_build_gpsk_3(struct eap_sm *sm,
if (eap_gpsk_compute_mic(data->sk, data->sk_len, data->vendor,
data->specifier, start, pos - start, pos) < 0)
{
- free(req);
+ os_free(req);
eap_gpsk_state(data, FAILURE);
return NULL;
}
@@ -298,14 +298,14 @@ static void eap_gpsk_process_gpsk_2(struct eap_sm *sm,
eap_gpsk_state(data, FAILURE);
return;
}
- free(data->id_peer);
- data->id_peer = malloc(alen);
+ os_free(data->id_peer);
+ data->id_peer = os_malloc(alen);
if (data->id_peer == NULL) {
wpa_printf(MSG_DEBUG, "EAP-GPSK: Not enough memory to store "
"%d-octet ID_Peer", alen);
return;
}
- memcpy(data->id_peer, pos, alen);
+ os_memcpy(data->id_peer, pos, alen);
data->id_peer_len = alen;
wpa_hexdump_ascii(MSG_DEBUG, "EAP-GPSK: ID_Peer",
data->id_peer, data->id_peer_len);
@@ -326,7 +326,7 @@ static void eap_gpsk_process_gpsk_2(struct eap_sm *sm,
return;
}
if (alen != data->id_server_len ||
- memcmp(pos, data->id_server, alen) != 0) {
+ os_memcmp(pos, data->id_server, alen) != 0) {
wpa_printf(MSG_DEBUG, "EAP-GPSK: ID_Server in GPSK-1 and "
"GPSK-2 did not match");
eap_gpsk_state(data, FAILURE);
@@ -340,7 +340,7 @@ static void eap_gpsk_process_gpsk_2(struct eap_sm *sm,
eap_gpsk_state(data, FAILURE);
return;
}
- memcpy(data->rand_peer, pos, EAP_GPSK_RAND_LEN);
+ os_memcpy(data->rand_peer, pos, EAP_GPSK_RAND_LEN);
wpa_hexdump(MSG_DEBUG, "EAP-GPSK: RAND_Peer",
data->rand_peer, EAP_GPSK_RAND_LEN);
pos += EAP_GPSK_RAND_LEN;
@@ -351,7 +351,7 @@ static void eap_gpsk_process_gpsk_2(struct eap_sm *sm,
eap_gpsk_state(data, FAILURE);
return;
}
- if (memcmp(data->rand_server, pos, EAP_GPSK_RAND_LEN) != 0) {
+ if (os_memcmp(data->rand_server, pos, EAP_GPSK_RAND_LEN) != 0) {
wpa_printf(MSG_DEBUG, "EAP-GPSK: RAND_Server in GPSK-1 and "
"GPSK-2 did not match");
wpa_hexdump(MSG_DEBUG, "EAP-GPSK: RAND_Server in GPSK-1",
@@ -378,7 +378,7 @@ static void eap_gpsk_process_gpsk_2(struct eap_sm *sm,
return;
}
if (alen != data->csuite_count * sizeof(struct eap_gpsk_csuite) ||
- memcmp(pos, data->csuite_list, alen) != 0) {
+ os_memcmp(pos, data->csuite_list, alen) != 0) {
wpa_printf(MSG_DEBUG, "EAP-GPSK: CSuite_List in GPSK-1 and "
"GPSK-2 did not match");
eap_gpsk_state(data, FAILURE);
@@ -394,8 +394,8 @@ static void eap_gpsk_process_gpsk_2(struct eap_sm *sm,
}
csuite = (const struct eap_gpsk_csuite *) pos;
for (i = 0; i < data->csuite_count; i++) {
- if (memcmp(csuite, &data->csuite_list[i], sizeof(*csuite)) ==
- 0)
+ if (os_memcmp(csuite, &data->csuite_list[i], sizeof(*csuite))
+ == 0)
break;
}
if (i == data->csuite_count) {
@@ -463,7 +463,7 @@ static void eap_gpsk_process_gpsk_2(struct eap_sm *sm,
eap_gpsk_state(data, FAILURE);
return;
}
- if (memcmp(mic, pos, miclen) != 0) {
+ if (os_memcmp(mic, pos, miclen) != 0) {
wpa_printf(MSG_INFO, "EAP-GPSK: Incorrect MIC in GPSK-2");
wpa_hexdump(MSG_DEBUG, "EAP-GPSK: Received MIC", pos, miclen);
wpa_hexdump(MSG_DEBUG, "EAP-GPSK: Computed MIC", mic, miclen);
@@ -530,7 +530,7 @@ static void eap_gpsk_process_gpsk_4(struct eap_sm *sm,
eap_gpsk_state(data, FAILURE);
return;
}
- if (memcmp(mic, pos, miclen) != 0) {
+ if (os_memcmp(mic, pos, miclen) != 0) {
wpa_printf(MSG_INFO, "EAP-GPSK: Incorrect MIC in GPSK-4");
wpa_hexdump(MSG_DEBUG, "EAP-GPSK: Received MIC", pos, miclen);
wpa_hexdump(MSG_DEBUG, "EAP-GPSK: Computed MIC", mic, miclen);
@@ -588,10 +588,10 @@ static u8 * eap_gpsk_getKey(struct eap_sm *sm, void *priv, size_t *len)
if (data->state != SUCCESS)
return NULL;
- key = malloc(EAP_MSK_LEN);
+ key = os_malloc(EAP_MSK_LEN);
if (key == NULL)
return NULL;
- memcpy(key, data->msk, EAP_MSK_LEN);
+ os_memcpy(key, data->msk, EAP_MSK_LEN);
*len = EAP_MSK_LEN;
return key;
@@ -606,10 +606,10 @@ static u8 * eap_gpsk_get_emsk(struct eap_sm *sm, void *priv, size_t *len)
if (data->state != SUCCESS)
return NULL;
- key = malloc(EAP_EMSK_LEN);
+ key = os_malloc(EAP_EMSK_LEN);
if (key == NULL)
return NULL;
- memcpy(key, data->emsk, EAP_EMSK_LEN);
+ os_memcpy(key, data->emsk, EAP_EMSK_LEN);
*len = EAP_EMSK_LEN;
return key;
diff --git a/src/eap_server/eap_gtc.c b/src/eap_server/eap_gtc.c
index 7410a31..c67c708 100644
--- a/src/eap_server/eap_gtc.c
+++ b/src/eap_server/eap_gtc.c
@@ -49,7 +49,7 @@ static void * eap_gtc_init(struct eap_sm *sm)
static void eap_gtc_reset(struct eap_sm *sm, void *priv)
{
struct eap_gtc_data *data = priv;
- free(data);
+ os_free(data);
}
@@ -64,7 +64,7 @@ static u8 * eap_gtc_buildReq(struct eap_sm *sm, void *priv, int id,
msg = data->prefix ? "CHALLENGE=Password" : "Password";
- msg_len = strlen(msg);
+ msg_len = os_strlen(msg);
req = eap_msg_alloc(EAP_VENDOR_IETF, EAP_TYPE_GTC, reqDataLen,
msg_len, EAP_CODE_REQUEST, id, &pos);
if (req == NULL) {
@@ -74,7 +74,7 @@ static u8 * eap_gtc_buildReq(struct eap_sm *sm, void *priv, int id,
return NULL;
}
- memcpy(pos, msg, msg_len);
+ os_memcpy(pos, msg, msg_len);
data->state = CONTINUE;
@@ -173,7 +173,7 @@ static void eap_gtc_process(struct eap_sm *sm, void *priv,
}
if (rlen != sm->user->password_len ||
- memcmp(pos, sm->user->password, rlen) != 0) {
+ os_memcmp(pos, sm->user->password, rlen) != 0) {
wpa_printf(MSG_DEBUG, "EAP-GTC: Done - Failure");
data->state = FAILURE;
} else {
diff --git a/src/eap_server/eap_identity.c b/src/eap_server/eap_identity.c
index fc6db65..a1ef828 100644
--- a/src/eap_server/eap_identity.c
+++ b/src/eap_server/eap_identity.c
@@ -51,7 +51,7 @@ static void * eap_identity_initPickUp(struct eap_sm *sm)
static void eap_identity_reset(struct eap_sm *sm, void *priv)
{
struct eap_identity_data *data = priv;
- free(data);
+ os_free(data);
}
@@ -81,7 +81,7 @@ static u8 * eap_identity_buildReq(struct eap_sm *sm, void *priv, int id,
}
if (req_data)
- memcpy(pos, req_data, req_data_len);
+ os_memcpy(pos, req_data, req_data_len);
return (u8 *) req;
}
@@ -127,12 +127,12 @@ static void eap_identity_process(struct eap_sm *sm, void *priv,
return; /* Should not happen - frame already validated */
wpa_hexdump_ascii(MSG_DEBUG, "EAP-Identity: Peer identity", pos, len);
- free(sm->identity);
- sm->identity = malloc(len ? len : 1);
+ os_free(sm->identity);
+ sm->identity = os_malloc(len ? len : 1);
if (sm->identity == NULL) {
data->state = FAILURE;
} else {
- memcpy(sm->identity, pos, len);
+ os_memcpy(sm->identity, pos, len);
sm->identity_len = len;
data->state = SUCCESS;
}
diff --git a/src/eap_server/eap_md5.c b/src/eap_server/eap_md5.c
index a3359fa..2239892 100644
--- a/src/eap_server/eap_md5.c
+++ b/src/eap_server/eap_md5.c
@@ -44,7 +44,7 @@ static void * eap_md5_init(struct eap_sm *sm)
static void eap_md5_reset(struct eap_sm *sm, void *priv)
{
struct eap_md5_data *data = priv;
- free(data);
+ os_free(data);
}
@@ -71,7 +71,7 @@ static u8 * eap_md5_buildReq(struct eap_sm *sm, void *priv, int id,
}
*pos++ = CHALLENGE_LEN;
- memcpy(pos, data->challenge, CHALLENGE_LEN);
+ os_memcpy(pos, data->challenge, CHALLENGE_LEN);
wpa_hexdump(MSG_MSGDUMP, "EAP-MD5: Challenge", pos, CHALLENGE_LEN);
data->state = CONTINUE;
@@ -138,7 +138,7 @@ static void eap_md5_process(struct eap_sm *sm, void *priv,
len[2] = CHALLENGE_LEN;
md5_vector(3, addr, len, hash);
- if (memcmp(hash, pos, MD5_MAC_LEN) == 0) {
+ if (os_memcmp(hash, pos, MD5_MAC_LEN) == 0) {
wpa_printf(MSG_DEBUG, "EAP-MD5: Done - Success");
data->state = SUCCESS;
} else {
diff --git a/src/eap_server/eap_methods.c b/src/eap_server/eap_methods.c
index 0c561a6..c690318 100644
--- a/src/eap_server/eap_methods.c
+++ b/src/eap_server/eap_methods.c
@@ -52,7 +52,7 @@ EapType eap_server_get_type(const char *name, int *vendor)
{
struct eap_method *m;
for (m = eap_methods; m; m = m->next) {
- if (strcmp(m->name, name) == 0) {
+ if (os_strcmp(m->name, name) == 0) {
*vendor = m->vendor;
return m->method;
}
@@ -95,7 +95,7 @@ struct eap_method * eap_server_method_alloc(int version, int vendor,
*/
void eap_server_method_free(struct eap_method *method)
{
- free(method);
+ os_free(method);
}
@@ -119,7 +119,7 @@ int eap_server_method_register(struct eap_method *method)
for (m = eap_methods; m; m = m->next) {
if ((m->vendor == method->vendor &&
m->method == method->method) ||
- strcmp(m->name, method->name) == 0)
+ os_strcmp(m->name, method->name) == 0)
return -2;
last = m;
}
diff --git a/src/eap_server/eap_mschapv2.c b/src/eap_server/eap_mschapv2.c
index 503975b..bd4db55 100644
--- a/src/eap_server/eap_mschapv2.c
+++ b/src/eap_server/eap_mschapv2.c
@@ -95,8 +95,8 @@ static void eap_mschapv2_reset(struct eap_sm *sm, void *priv)
if (data == NULL)
return;
- free(data->peer_challenge);
- free(data);
+ os_free(data->peer_challenge);
+ os_free(data);
}
@@ -118,7 +118,7 @@ static u8 * eap_mschapv2_build_challenge(struct eap_sm *sm,
return NULL;
}
- ms_len = sizeof(*ms) + 1 + CHALLENGE_LEN + strlen(name);
+ ms_len = sizeof(*ms) + 1 + CHALLENGE_LEN + os_strlen(name);
req = eap_msg_alloc(EAP_VENDOR_IETF, EAP_TYPE_MSCHAPV2, reqDataLen,
ms_len, EAP_CODE_REQUEST, id, &pos);
if (req == NULL) {
@@ -136,11 +136,11 @@ static u8 * eap_mschapv2_build_challenge(struct eap_sm *sm,
pos = (u8 *) (ms + 1);
*pos++ = CHALLENGE_LEN;
if (!data->auth_challenge_from_tls)
- memcpy(pos, data->auth_challenge, CHALLENGE_LEN);
+ os_memcpy(pos, data->auth_challenge, CHALLENGE_LEN);
wpa_hexdump(MSG_MSGDUMP, "EAP-MSCHAPV2: Challenge", pos,
CHALLENGE_LEN);
pos += CHALLENGE_LEN;
- memcpy(pos, name, strlen(name));
+ os_memcpy(pos, name, os_strlen(name));
return (u8 *) req;
}
@@ -157,7 +157,7 @@ static u8 * eap_mschapv2_build_success_req(struct eap_sm *sm,
size_t ms_len;
ms_len = sizeof(*ms) + 2 + 2 * sizeof(data->auth_response) + 1 + 2 +
- strlen(message);
+ os_strlen(message);
req = eap_msg_alloc(EAP_VENDOR_IETF, EAP_TYPE_MSCHAPV2, reqDataLen,
ms_len, EAP_CODE_REQUEST, id, &pos);
if (req == NULL) {
@@ -182,7 +182,7 @@ static u8 * eap_mschapv2_build_success_req(struct eap_sm *sm,
*pos++ = ' ';
*pos++ = 'M';
*pos++ = '=';
- memcpy(pos, message, strlen(message));
+ os_memcpy(pos, message, os_strlen(message));
wpa_hexdump_ascii(MSG_MSGDUMP, "EAP-MSCHAPV2: Success Request Message",
msg, ms_len - sizeof(*ms));
@@ -202,7 +202,7 @@ static u8 * eap_mschapv2_build_failure_req(struct eap_sm *sm,
"M=FAILED";
size_t ms_len;
- ms_len = sizeof(*ms) + strlen(message);
+ ms_len = sizeof(*ms) + os_strlen(message);
req = eap_msg_alloc(EAP_VENDOR_IETF, EAP_TYPE_MSCHAPV2, reqDataLen,
ms_len, EAP_CODE_REQUEST, id, &pos);
if (req == NULL) {
@@ -217,10 +217,10 @@ static u8 * eap_mschapv2_build_failure_req(struct eap_sm *sm,
ms->mschapv2_id = data->resp_mschapv2_id;
WPA_PUT_BE16(ms->ms_length, ms_len);
- memcpy((u8 *) (ms + 1), message, strlen(message));
+ os_memcpy((u8 *) (ms + 1), message, os_strlen(message));
wpa_hexdump_ascii(MSG_MSGDUMP, "EAP-MSCHAPV2: Failure Request Message",
- (u8 *) message, strlen(message));
+ (u8 *) message, os_strlen(message));
return (u8 *) req;
}
@@ -365,7 +365,7 @@ static void eap_mschapv2_process_response(struct eap_sm *sm,
}
if (username_len != user_len ||
- memcmp(username, user, username_len) != 0) {
+ os_memcmp(username, user, username_len) != 0) {
wpa_printf(MSG_DEBUG, "EAP-MSCHAPV2: Mismatch in user names");
wpa_hexdump_ascii(MSG_DEBUG, "EAP-MSCHAPV2: Expected user "
"name", username, username_len);
@@ -392,7 +392,7 @@ static void eap_mschapv2_process_response(struct eap_sm *sm,
expected);
}
- if (memcmp(nt_response, expected, 24) == 0) {
+ if (os_memcmp(nt_response, expected, 24) == 0) {
const u8 *pw_hash;
u8 pw_hash_buf[16], pw_hash_hash[16];
@@ -537,7 +537,7 @@ static u8 * eap_mschapv2_getKey(struct eap_sm *sm, void *priv, size_t *len)
return NULL;
*len = 2 * MSCHAPV2_KEY_LEN;
- key = malloc(*len);
+ key = os_malloc(*len);
if (key == NULL)
return NULL;
get_asymetric_start_key(data->master_key, key, MSCHAPV2_KEY_LEN, 0, 0);
diff --git a/src/eap_server/eap_pax.c b/src/eap_server/eap_pax.c
index 64f9504..df765ef 100644
--- a/src/eap_server/eap_pax.c
+++ b/src/eap_server/eap_pax.c
@@ -68,8 +68,8 @@ static void * eap_pax_init(struct eap_sm *sm)
static void eap_pax_reset(struct eap_sm *sm, void *priv)
{
struct eap_pax_data *data = priv;
- free(data->cid);
- free(data);
+ os_free(data->cid);
+ os_free(data);
}
@@ -89,7 +89,7 @@ static u8 * eap_pax_build_std_1(struct eap_sm *sm,
}
*reqDataLen = sizeof(*req) + 2 + EAP_PAX_RAND_LEN + EAP_PAX_ICV_LEN;
- req = malloc(*reqDataLen);
+ req = os_malloc(*reqDataLen);
if (req == NULL) {
wpa_printf(MSG_ERROR, "EAP-PAX: Failed to allocate memory "
"request");
@@ -109,7 +109,7 @@ static u8 * eap_pax_build_std_1(struct eap_sm *sm,
pos = (u8 *) (req + 1);
*pos++ = 0;
*pos++ = EAP_PAX_RAND_LEN;
- memcpy(pos, data->rand.r.x, EAP_PAX_RAND_LEN);
+ os_memcpy(pos, data->rand.r.x, EAP_PAX_RAND_LEN);
wpa_hexdump(MSG_MSGDUMP, "EAP-PAX: A = X (server rand)",
pos, EAP_PAX_RAND_LEN);
pos += EAP_PAX_RAND_LEN;
@@ -134,7 +134,7 @@ static u8 * eap_pax_build_std_3(struct eap_sm *sm,
wpa_printf(MSG_DEBUG, "EAP-PAX: PAX_STD-3 (sending)");
*reqDataLen = sizeof(*req) + 2 + EAP_PAX_MAC_LEN + EAP_PAX_ICV_LEN;
- req = malloc(*reqDataLen);
+ req = os_malloc(*reqDataLen);
if (req == NULL) {
wpa_printf(MSG_ERROR, "EAP-PAX: Failed to allocate memory "
"request");
@@ -277,7 +277,7 @@ static Boolean eap_pax_check(struct eap_sm *sm, void *priv,
eap_pax_mac(data->mac_id, data->ick, EAP_PAX_ICK_LEN,
respData, len - EAP_PAX_ICV_LEN, NULL, 0, NULL, 0,
icvbuf);
- if (memcmp(icvbuf, icv, EAP_PAX_ICV_LEN) != 0) {
+ if (os_memcmp(icvbuf, icv, EAP_PAX_ICV_LEN) != 0) {
wpa_printf(MSG_INFO, "EAP-PAX: Invalid ICV");
wpa_hexdump(MSG_MSGDUMP, "EAP-PAX: Expected ICV",
icvbuf, EAP_PAX_ICV_LEN);
@@ -315,7 +315,7 @@ static void eap_pax_process_std_2(struct eap_sm *sm,
}
pos += 2;
left -= 2;
- memcpy(data->rand.r.y, pos, EAP_PAX_RAND_LEN);
+ os_memcpy(data->rand.r.y, pos, EAP_PAX_RAND_LEN);
wpa_hexdump(MSG_MSGDUMP, "EAP-PAX: Y (client rand)",
data->rand.r.y, EAP_PAX_RAND_LEN);
pos += EAP_PAX_RAND_LEN;
@@ -326,14 +326,14 @@ static void eap_pax_process_std_2(struct eap_sm *sm,
return;
}
data->cid_len = WPA_GET_BE16(pos);
- free(data->cid);
- data->cid = malloc(data->cid_len);
+ os_free(data->cid);
+ data->cid = os_malloc(data->cid_len);
if (data->cid == NULL) {
wpa_printf(MSG_INFO, "EAP-PAX: Failed to allocate memory for "
"CID");
return;
}
- memcpy(data->cid, pos + 2, data->cid_len);
+ os_memcpy(data->cid, pos + 2, data->cid_len);
pos += 2 + data->cid_len;
left -= 2 + data->cid_len;
wpa_hexdump_ascii(MSG_MSGDUMP, "EAP-PAX: CID",
@@ -384,7 +384,7 @@ static void eap_pax_process_std_2(struct eap_sm *sm,
data->state = FAILURE;
return;
}
- memcpy(data->ak, sm->user->password, EAP_PAX_AK_LEN);
+ os_memcpy(data->ak, sm->user->password, EAP_PAX_AK_LEN);
if (eap_pax_initial_key_derivation(data->mac_id, data->ak,
data->rand.e, data->mk, data->ck,
@@ -400,7 +400,7 @@ static void eap_pax_process_std_2(struct eap_sm *sm,
data->rand.r.x, EAP_PAX_RAND_LEN,
data->rand.r.y, EAP_PAX_RAND_LEN,
(u8 *) data->cid, data->cid_len, mac);
- if (memcmp(mac, pos, EAP_PAX_MAC_LEN) != 0) {
+ if (os_memcmp(mac, pos, EAP_PAX_MAC_LEN) != 0) {
wpa_printf(MSG_INFO, "EAP-PAX: Invalid MAC_CK(A, B, CID) in "
"PAX_STD-2");
wpa_hexdump(MSG_MSGDUMP, "EAP-PAX: Expected MAC_CK(A, B, CID)",
@@ -420,7 +420,7 @@ static void eap_pax_process_std_2(struct eap_sm *sm,
wpa_hexdump(MSG_MSGDUMP, "EAP-PAX: ICV", pos, EAP_PAX_ICV_LEN);
eap_pax_mac(data->mac_id, data->ick, EAP_PAX_ICK_LEN,
respData, len - EAP_PAX_ICV_LEN, NULL, 0, NULL, 0, icvbuf);
- if (memcmp(icvbuf, pos, EAP_PAX_ICV_LEN) != 0) {
+ if (os_memcmp(icvbuf, pos, EAP_PAX_ICV_LEN) != 0) {
wpa_printf(MSG_INFO, "EAP-PAX: Invalid ICV in PAX_STD-2");
wpa_hexdump(MSG_MSGDUMP, "EAP-PAX: Expected ICV",
icvbuf, EAP_PAX_ICV_LEN);
@@ -492,7 +492,7 @@ static u8 * eap_pax_getKey(struct eap_sm *sm, void *priv, size_t *len)
if (data->state != SUCCESS)
return NULL;
- key = malloc(EAP_MSK_LEN);
+ key = os_malloc(EAP_MSK_LEN);
if (key == NULL)
return NULL;
@@ -513,7 +513,7 @@ static u8 * eap_pax_get_emsk(struct eap_sm *sm, void *priv, size_t *len)
if (data->state != SUCCESS)
return NULL;
- key = malloc(EAP_EMSK_LEN);
+ key = os_malloc(EAP_EMSK_LEN);
if (key == NULL)
return NULL;
diff --git a/src/eap_server/eap_peap.c b/src/eap_server/eap_peap.c
index ba288ff..21dd3d2 100644
--- a/src/eap_server/eap_peap.c
+++ b/src/eap_server/eap_peap.c
@@ -159,7 +159,7 @@ static void eap_peap_reset(struct eap_sm *sm, void *priv)
if (data->phase2_priv && data->phase2_method)
data->phase2_method->reset(sm, data->phase2_priv);
eap_server_tls_ssl_deinit(sm, &data->ssl);
- free(data);
+ os_free(data);
}
@@ -170,7 +170,7 @@ static u8 * eap_peap_build_start(struct eap_sm *sm, struct eap_peap_data *data,
u8 *pos;
*reqDataLen = sizeof(*req) + 2;
- req = malloc(*reqDataLen);
+ req = os_malloc(*reqDataLen);
if (req == NULL) {
wpa_printf(MSG_ERROR, "EAP-PEAP: Failed to allocate memory for"
" request");
@@ -224,7 +224,7 @@ static u8 * eap_peap_encrypt(struct eap_sm *sm, struct eap_peap_data *data,
/* TODO: add support for fragmentation, if needed. This will need to
* add TLS Message Length field, if the frame is fragmented. */
- req = malloc(sizeof(struct eap_hdr) + 2 + data->ssl.tls_out_limit);
+ req = os_malloc(sizeof(struct eap_hdr) + 2 + data->ssl.tls_out_limit);
if (req == NULL)
return NULL;
@@ -241,7 +241,7 @@ static u8 * eap_peap_encrypt(struct eap_sm *sm, struct eap_peap_data *data,
if (res < 0) {
wpa_printf(MSG_INFO, "EAP-PEAP: Failed to encrypt Phase 2 "
"data");
- free(req);
+ os_free(req);
return NULL;
}
@@ -273,7 +273,7 @@ static u8 * eap_peap_build_phase2_req(struct eap_sm *sm,
}
encr_req = eap_peap_encrypt(sm, data, id, req, req_len, reqDataLen);
- free(buf);
+ os_free(buf);
return encr_req;
}
@@ -301,7 +301,7 @@ static u8 * eap_peap_build_phase2_term(struct eap_sm *sm,
encr_req = eap_peap_encrypt(sm, data, id, (u8 *) hdr, req_len,
reqDataLen);
- free(hdr);
+ os_free(hdr);
return encr_req;
}
@@ -488,9 +488,9 @@ static void eap_peap_process_phase2(struct eap_sm *sm,
buf_len = in_len;
if (data->ssl.tls_in_total > buf_len)
buf_len = data->ssl.tls_in_total;
- in_decrypted = malloc(buf_len);
+ in_decrypted = os_malloc(buf_len);
if (in_decrypted == NULL) {
- free(data->ssl.tls_in);
+ os_free(data->ssl.tls_in);
data->ssl.tls_in = NULL;
data->ssl.tls_in_len = 0;
wpa_printf(MSG_WARNING, "EAP-PEAP: failed to allocate memory "
@@ -501,13 +501,13 @@ static void eap_peap_process_phase2(struct eap_sm *sm,
len_decrypted = tls_connection_decrypt(sm->ssl_ctx, data->ssl.conn,
in_data, in_len,
in_decrypted, buf_len);
- free(data->ssl.tls_in);
+ os_free(data->ssl.tls_in);
data->ssl.tls_in = NULL;
data->ssl.tls_in_len = 0;
if (len_decrypted < 0) {
wpa_printf(MSG_INFO, "EAP-PEAP: Failed to decrypt Phase 2 "
"data");
- free(in_decrypted);
+ os_free(in_decrypted);
eap_peap_state(data, FAILURE);
return;
}
@@ -518,14 +518,14 @@ static void eap_peap_process_phase2(struct eap_sm *sm,
hdr = (struct eap_hdr *) in_decrypted;
if (data->peap_version == 0 && data->state != PHASE2_TLV) {
- struct eap_hdr *nhdr = malloc(sizeof(struct eap_hdr) +
- len_decrypted);
+ struct eap_hdr *nhdr = os_malloc(sizeof(struct eap_hdr) +
+ len_decrypted);
if (nhdr == NULL) {
- free(in_decrypted);
+ os_free(in_decrypted);
return;
}
- memcpy((u8 *) (nhdr + 1), in_decrypted, len_decrypted);
- free(in_decrypted);
+ os_memcpy((u8 *) (nhdr + 1), in_decrypted, len_decrypted);
+ os_free(in_decrypted);
nhdr->code = resp->code;
nhdr->identifier = resp->identifier;
nhdr->length = host_to_be16(sizeof(struct eap_hdr) +
@@ -536,7 +536,7 @@ static void eap_peap_process_phase2(struct eap_sm *sm,
}
hdr = (struct eap_hdr *) in_decrypted;
if (len_decrypted < (int) sizeof(*hdr)) {
- free(in_decrypted);
+ os_free(in_decrypted);
wpa_printf(MSG_INFO, "EAP-PEAP: Too short Phase 2 "
"EAP frame (len=%d)", len_decrypted);
eap_peap_req_failure(sm, data);
@@ -544,7 +544,7 @@ static void eap_peap_process_phase2(struct eap_sm *sm,
}
len = be_to_host16(hdr->length);
if (len > len_decrypted) {
- free(in_decrypted);
+ os_free(in_decrypted);
wpa_printf(MSG_INFO, "EAP-PEAP: Length mismatch in "
"Phase 2 EAP frame (len=%d hdr->length=%d)",
len_decrypted, len);
@@ -573,7 +573,7 @@ static void eap_peap_process_phase2(struct eap_sm *sm,
break;
}
- free(in_decrypted);
+ os_free(in_decrypted);
}
@@ -621,7 +621,7 @@ static void eap_peap_process(struct eap_sm *sm, void *priv,
if (data->ssl.tls_in_left == 0) {
data->ssl.tls_in_total = tls_msg_len;
data->ssl.tls_in_left = tls_msg_len;
- free(data->ssl.tls_in);
+ os_free(data->ssl.tls_in);
data->ssl.tls_in = NULL;
data->ssl.tls_in_len = 0;
}
diff --git a/src/eap_server/eap_psk.c b/src/eap_server/eap_psk.c
index 4183980..f7b0d48 100644
--- a/src/eap_server/eap_psk.c
+++ b/src/eap_server/eap_psk.c
@@ -53,8 +53,8 @@ static void * eap_psk_init(struct eap_sm *sm)
static void eap_psk_reset(struct eap_sm *sm, void *priv)
{
struct eap_psk_data *data = priv;
- free(data->id_p);
- free(data);
+ os_free(data->id_p);
+ os_free(data);
}
@@ -74,7 +74,7 @@ static u8 * eap_psk_build_1(struct eap_sm *sm, struct eap_psk_data *data,
data->rand_s, EAP_PSK_RAND_LEN);
*reqDataLen = sizeof(*req) + data->id_s_len;
- req = malloc(*reqDataLen);
+ req = os_malloc(*reqDataLen);
if (req == NULL) {
wpa_printf(MSG_ERROR, "EAP-PSK: Failed to allocate memory "
"request");
@@ -87,8 +87,8 @@ static u8 * eap_psk_build_1(struct eap_sm *sm, struct eap_psk_data *data,
req->length = host_to_be16(*reqDataLen);
req->type = EAP_TYPE_PSK;
req->flags = EAP_PSK_FLAGS_SET_T(0); /* T=0 */
- memcpy(req->rand_s, data->rand_s, EAP_PSK_RAND_LEN);
- memcpy((u8 *) (req + 1), data->id_s, data->id_s_len);
+ os_memcpy(req->rand_s, data->rand_s, EAP_PSK_RAND_LEN);
+ os_memcpy((u8 *) (req + 1), data->id_s, data->id_s_len);
return (u8 *) req;
}
@@ -104,7 +104,7 @@ static u8 * eap_psk_build_3(struct eap_sm *sm, struct eap_psk_data *data,
wpa_printf(MSG_DEBUG, "EAP-PSK: PSK-3 (sending)");
*reqDataLen = sizeof(*req) + 4 + 16 + 1;
- req = malloc(*reqDataLen);
+ req = os_malloc(*reqDataLen);
if (req == NULL) {
wpa_printf(MSG_ERROR, "EAP-PSK: Failed to allocate memory "
"request");
@@ -117,20 +117,20 @@ static u8 * eap_psk_build_3(struct eap_sm *sm, struct eap_psk_data *data,
req->length = host_to_be16(*reqDataLen);
req->type = EAP_TYPE_PSK;
req->flags = EAP_PSK_FLAGS_SET_T(2); /* T=2 */
- memcpy(req->rand_s, data->rand_s, EAP_PSK_RAND_LEN);
+ os_memcpy(req->rand_s, data->rand_s, EAP_PSK_RAND_LEN);
/* MAC_S = OMAC1-AES-128(AK, ID_S||RAND_P) */
buflen = data->id_s_len + EAP_PSK_RAND_LEN;
- buf = malloc(buflen);
+ buf = os_malloc(buflen);
if (buf == NULL) {
- free(req);
+ os_free(req);
data->state = FAILURE;
return NULL;
}
- memcpy(buf, data->id_s, data->id_s_len);
- memcpy(buf + data->id_s_len, data->rand_p, EAP_PSK_RAND_LEN);
+ os_memcpy(buf, data->id_s, data->id_s_len);
+ os_memcpy(buf + data->id_s_len, data->rand_p, EAP_PSK_RAND_LEN);
omac1_aes_128(data->ak, buf, buflen, req->mac_s);
- free(buf);
+ os_free(buf);
eap_psk_derive_keys(data->kdk, data->rand_p, data->tek, data->msk,
data->emsk);
@@ -138,10 +138,10 @@ static u8 * eap_psk_build_3(struct eap_sm *sm, struct eap_psk_data *data,
wpa_hexdump_key(MSG_DEBUG, "EAP-PSK: MSK", data->msk, EAP_MSK_LEN);
wpa_hexdump_key(MSG_DEBUG, "EAP-PSK: EMSK", data->emsk, EAP_EMSK_LEN);
- memset(nonce, 0, sizeof(nonce));
+ os_memset(nonce, 0, sizeof(nonce));
pchannel = (u8 *) (req + 1);
- memcpy(pchannel, nonce + 12, 4);
- memset(pchannel + 4, 0, 16); /* Tag */
+ os_memcpy(pchannel, nonce + 12, 4);
+ os_memset(pchannel + 4, 0, 16); /* Tag */
pchannel[4 + 16] = EAP_PSK_R_FLAG_DONE_SUCCESS << 6;
wpa_hexdump(MSG_DEBUG, "EAP-PSK: PCHANNEL (plaintext)",
pchannel, 4 + 16 + 1);
@@ -233,14 +233,14 @@ static void eap_psk_process_2(struct eap_sm *sm,
pos = (u8 *) (resp + 1);
left = len - sizeof(*resp);
- free(data->id_p);
- data->id_p = malloc(left);
+ os_free(data->id_p);
+ data->id_p = os_malloc(left);
if (data->id_p == NULL) {
wpa_printf(MSG_INFO, "EAP-PSK: Failed to allocate memory for "
"ID_P");
return;
}
- memcpy(data->id_p, pos, left);
+ os_memcpy(data->id_p, pos, left);
data->id_p_len = left;
wpa_hexdump_ascii(MSG_MSGDUMP, "EAP-PSK: ID_P",
data->id_p, data->id_p_len);
@@ -286,26 +286,26 @@ static void eap_psk_process_2(struct eap_sm *sm,
wpa_hexdump(MSG_MSGDUMP, "EAP-PSK: RAND_P (client rand)",
resp->rand_p, EAP_PSK_RAND_LEN);
- memcpy(data->rand_p, resp->rand_p, EAP_PSK_RAND_LEN);
+ os_memcpy(data->rand_p, resp->rand_p, EAP_PSK_RAND_LEN);
/* MAC_P = OMAC1-AES-128(AK, ID_P||ID_S||RAND_S||RAND_P) */
buflen = data->id_p_len + data->id_s_len + 2 * EAP_PSK_RAND_LEN;
- buf = malloc(buflen);
+ buf = os_malloc(buflen);
if (buf == NULL) {
data->state = FAILURE;
return;
}
- memcpy(buf, data->id_p, data->id_p_len);
+ os_memcpy(buf, data->id_p, data->id_p_len);
pos = buf + data->id_p_len;
- memcpy(pos, data->id_s, data->id_s_len);
+ os_memcpy(pos, data->id_s, data->id_s_len);
pos += data->id_s_len;
- memcpy(pos, data->rand_s, EAP_PSK_RAND_LEN);
+ os_memcpy(pos, data->rand_s, EAP_PSK_RAND_LEN);
pos += EAP_PSK_RAND_LEN;
- memcpy(pos, data->rand_p, EAP_PSK_RAND_LEN);
+ os_memcpy(pos, data->rand_p, EAP_PSK_RAND_LEN);
omac1_aes_128(data->ak, buf, buflen, mac);
- free(buf);
+ os_free(buf);
wpa_hexdump(MSG_DEBUG, "EAP-PSK: MAC_P", resp->mac_p, EAP_PSK_MAC_LEN);
- if (memcmp(mac, resp->mac_p, EAP_PSK_MAC_LEN) != 0) {
+ if (os_memcmp(mac, resp->mac_p, EAP_PSK_MAC_LEN) != 0) {
wpa_printf(MSG_INFO, "EAP-PSK: Invalid MAC_P");
wpa_hexdump(MSG_MSGDUMP, "EAP-PSK: Expected MAC_P",
mac, EAP_PSK_MAC_LEN);
@@ -348,23 +348,23 @@ static void eap_psk_process_4(struct eap_sm *sm,
return;
}
- memset(nonce, 0, 12);
- memcpy(nonce + 12, pos, 4);
+ os_memset(nonce, 0, 12);
+ os_memcpy(nonce + 12, pos, 4);
pos += 4;
left -= 4;
tag = pos;
pos += 16;
left -= 16;
- decrypted = malloc(left);
+ decrypted = os_malloc(left);
if (decrypted == NULL)
return;
- memcpy(decrypted, pos, left);
+ os_memcpy(decrypted, pos, left);
if (aes_128_eax_decrypt(data->tek, nonce, sizeof(nonce),
respData, 22, decrypted, left, tag)) {
wpa_printf(MSG_WARNING, "EAP-PSK: PCHANNEL decryption failed");
- free(decrypted);
+ os_free(decrypted);
data->state = FAILURE;
return;
}
@@ -386,7 +386,7 @@ static void eap_psk_process_4(struct eap_sm *sm,
data->state = FAILURE;
break;
}
- free(decrypted);
+ os_free(decrypted);
}
@@ -431,10 +431,10 @@ static u8 * eap_psk_getKey(struct eap_sm *sm, void *priv, size_t *len)
if (data->state != SUCCESS)
return NULL;
- key = malloc(EAP_MSK_LEN);
+ key = os_malloc(EAP_MSK_LEN);
if (key == NULL)
return NULL;
- memcpy(key, data->msk, EAP_MSK_LEN);
+ os_memcpy(key, data->msk, EAP_MSK_LEN);
*len = EAP_MSK_LEN;
return key;
@@ -449,10 +449,10 @@ static u8 * eap_psk_get_emsk(struct eap_sm *sm, void *priv, size_t *len)
if (data->state != SUCCESS)
return NULL;
- key = malloc(EAP_EMSK_LEN);
+ key = os_malloc(EAP_EMSK_LEN);
if (key == NULL)
return NULL;
- memcpy(key, data->emsk, EAP_EMSK_LEN);
+ os_memcpy(key, data->emsk, EAP_EMSK_LEN);
*len = EAP_EMSK_LEN;
return key;
diff --git a/src/eap_server/eap_sake.c b/src/eap_server/eap_sake.c
index c80f7b6..df182ed 100644
--- a/src/eap_server/eap_sake.c
+++ b/src/eap_server/eap_sake.c
@@ -83,9 +83,9 @@ static void * eap_sake_init(struct eap_sm *sm)
data->session_id);
/* TODO: add support for configuring SERVERID */
- data->serverid = (u8 *) strdup("hostapd");
+ data->serverid = (u8 *) os_strdup("hostapd");
if (data->serverid)
- data->serverid_len = strlen((char *) data->serverid);
+ data->serverid_len = os_strlen((char *) data->serverid);
return data;
}
diff --git a/src/eap_server/eap_sim.c b/src/eap_server/eap_sim.c
index 3078717..f08a131 100644
--- a/src/eap_server/eap_sim.c
+++ b/src/eap_server/eap_sim.c
@@ -89,9 +89,9 @@ static void * eap_sim_init(struct eap_sm *sm)
static void eap_sim_reset(struct eap_sm *sm, void *priv)
{
struct eap_sim_data *data = priv;
- free(data->next_pseudonym);
- free(data->next_reauth_id);
- free(data);
+ os_free(data->next_pseudonym);
+ os_free(data->next_reauth_id);
+ os_free(data);
}
@@ -122,10 +122,10 @@ static int eap_sim_build_encr(struct eap_sm *sm, struct eap_sim_data *data,
struct eap_sim_msg *msg, u16 counter,
const u8 *nonce_s)
{
- free(data->next_pseudonym);
+ os_free(data->next_pseudonym);
data->next_pseudonym =
eap_sim_db_get_next_pseudonym(sm->eap_sim_db_priv, 0);
- free(data->next_reauth_id);
+ os_free(data->next_reauth_id);
if (data->counter <= EAP_SIM_MAX_FAST_REAUTHS) {
data->next_reauth_id =
eap_sim_db_get_next_reauth_id(sm->eap_sim_db_priv, 0);
@@ -158,18 +158,18 @@ static int eap_sim_build_encr(struct eap_sm *sm, struct eap_sim_data *data,
wpa_printf(MSG_DEBUG, " *AT_NEXT_PSEUDONYM (%s)",
data->next_pseudonym);
eap_sim_msg_add(msg, EAP_SIM_AT_NEXT_PSEUDONYM,
- strlen(data->next_pseudonym),
+ os_strlen(data->next_pseudonym),
(u8 *) data->next_pseudonym,
- strlen(data->next_pseudonym));
+ os_strlen(data->next_pseudonym));
}
if (data->next_reauth_id) {
wpa_printf(MSG_DEBUG, " *AT_NEXT_REAUTH_ID (%s)",
data->next_reauth_id);
eap_sim_msg_add(msg, EAP_SIM_AT_NEXT_REAUTH_ID,
- strlen(data->next_reauth_id),
+ os_strlen(data->next_reauth_id),
(u8 *) data->next_reauth_id,
- strlen(data->next_reauth_id));
+ os_strlen(data->next_reauth_id));
}
if (eap_sim_msg_add_encr_end(msg, data->k_encr, EAP_SIM_AT_PADDING)) {
@@ -344,11 +344,11 @@ static void eap_sim_process_start(struct eap_sm *sm,
}
if (attr->identity) {
- free(sm->identity);
- sm->identity = malloc(attr->identity_len);
+ os_free(sm->identity);
+ sm->identity = os_malloc(attr->identity_len);
if (sm->identity) {
- memcpy(sm->identity, attr->identity,
- attr->identity_len);
+ os_memcpy(sm->identity, attr->identity,
+ attr->identity_len);
sm->identity_len = attr->identity_len;
}
}
@@ -375,8 +375,8 @@ static void eap_sim_process_start(struct eap_sm *sm,
identity = data->reauth->identity;
identity_len = data->reauth->identity_len;
data->counter = data->reauth->counter;
- memcpy(data->mk, data->reauth->mk,
- EAP_SIM_MK_LEN);
+ os_memcpy(data->mk, data->reauth->mk,
+ EAP_SIM_MK_LEN);
}
}
}
@@ -419,7 +419,7 @@ static void eap_sim_process_start(struct eap_sm *sm,
wpa_hexdump_ascii(MSG_DEBUG, "EAP-SIM: Identity for MK derivation",
sm->identity, sm->identity_len);
- memcpy(data->nonce_mt, attr->nonce_mt, EAP_SIM_NONCE_MT_LEN);
+ os_memcpy(data->nonce_mt, attr->nonce_mt, EAP_SIM_NONCE_MT_LEN);
WPA_PUT_BE16(ver_list, EAP_SIM_VERSION);
eap_sim_derive_mk(sm->identity, sm->identity_len, attr->nonce_mt,
attr->selected_version, ver_list, sizeof(ver_list),
@@ -515,7 +515,7 @@ static void eap_sim_process_reauth(struct eap_sm *sm,
eattr.counter, data->counter);
goto fail;
}
- free(decrypted);
+ os_free(decrypted);
decrypted = NULL;
wpa_printf(MSG_DEBUG, "EAP-SIM: Re-authentication response includes "
@@ -558,7 +558,7 @@ fail:
eap_sim_state(data, FAILURE);
eap_sim_db_remove_reauth(sm->eap_sim_db_priv, data->reauth);
data->reauth = NULL;
- free(decrypted);
+ os_free(decrypted);
}
@@ -632,10 +632,10 @@ static u8 * eap_sim_getKey(struct eap_sm *sm, void *priv, size_t *len)
if (data->state != SUCCESS)
return NULL;
- key = malloc(EAP_SIM_KEYING_DATA_LEN);
+ key = os_malloc(EAP_SIM_KEYING_DATA_LEN);
if (key == NULL)
return NULL;
- memcpy(key, data->msk, EAP_SIM_KEYING_DATA_LEN);
+ os_memcpy(key, data->msk, EAP_SIM_KEYING_DATA_LEN);
*len = EAP_SIM_KEYING_DATA_LEN;
return key;
}
@@ -649,10 +649,10 @@ static u8 * eap_sim_get_emsk(struct eap_sm *sm, void *priv, size_t *len)
if (data->state != SUCCESS)
return NULL;
- key = malloc(EAP_EMSK_LEN);
+ key = os_malloc(EAP_EMSK_LEN);
if (key == NULL)
return NULL;
- memcpy(key, data->emsk, EAP_EMSK_LEN);
+ os_memcpy(key, data->emsk, EAP_EMSK_LEN);
*len = EAP_EMSK_LEN;
return key;
}
diff --git a/src/eap_server/eap_sim_db.c b/src/eap_server/eap_sim_db.c
index 3bf4154..bc6e020 100644
--- a/src/eap_server/eap_sim_db.c
+++ b/src/eap_server/eap_sim_db.c
@@ -83,7 +83,7 @@ eap_sim_db_get_pending(struct eap_sim_db_data *data, const u8 *imsi,
entry = data->pending;
while (entry) {
if (entry->aka == aka && entry->imsi_len == imsi_len &&
- memcmp(entry->imsi, imsi, imsi_len) == 0) {
+ os_memcmp(entry->imsi, imsi, imsi_len) == 0) {
if (prev)
prev->next = entry->next;
else
@@ -118,7 +118,7 @@ static void eap_sim_db_sim_resp_auth(struct eap_sim_db_data *data,
* (IMSI = ASCII string, Kc/SRES/RAND = hex string)
*/
- entry = eap_sim_db_get_pending(data, (u8 *) imsi, strlen(imsi), 0);
+ entry = eap_sim_db_get_pending(data, (u8 *) imsi, os_strlen(imsi), 0);
if (entry == NULL) {
wpa_printf(MSG_DEBUG, "EAP-SIM DB: No pending entry for the "
"received message found");
@@ -126,7 +126,7 @@ static void eap_sim_db_sim_resp_auth(struct eap_sim_db_data *data,
}
start = buf;
- if (strncmp(start, "FAILURE", 7) == 0) {
+ if (os_strncmp(start, "FAILURE", 7) == 0) {
wpa_printf(MSG_DEBUG, "EAP-SIM DB: External server reported "
"failure");
entry->state = FAILURE;
@@ -137,11 +137,11 @@ static void eap_sim_db_sim_resp_auth(struct eap_sim_db_data *data,
num_chal = 0;
while (num_chal < EAP_SIM_MAX_CHAL) {
- end = strchr(start, ' ');
+ end = os_strchr(start, ' ');
if (end)
*end = '\0';
- pos = strchr(start, ':');
+ pos = os_strchr(start, ':');
if (pos == NULL)
goto parse_fail;
*pos = '\0';
@@ -150,7 +150,7 @@ static void eap_sim_db_sim_resp_auth(struct eap_sim_db_data *data,
goto parse_fail;
start = pos + 1;
- pos = strchr(start, ':');
+ pos = os_strchr(start, ':');
if (pos == NULL)
goto parse_fail;
*pos = '\0';
@@ -180,7 +180,7 @@ static void eap_sim_db_sim_resp_auth(struct eap_sim_db_data *data,
parse_fail:
wpa_printf(MSG_DEBUG, "EAP-SIM DB: Failed to parse response string");
- free(entry);
+ os_free(entry);
}
@@ -196,7 +196,7 @@ static void eap_sim_db_aka_resp_auth(struct eap_sim_db_data *data,
* (IMSI = ASCII string, RAND/AUTN/IK/CK/RES = hex string)
*/
- entry = eap_sim_db_get_pending(data, (u8 *) imsi, strlen(imsi), 1);
+ entry = eap_sim_db_get_pending(data, (u8 *) imsi, os_strlen(imsi), 1);
if (entry == NULL) {
wpa_printf(MSG_DEBUG, "EAP-SIM DB: No pending entry for the "
"received message found");
@@ -204,7 +204,7 @@ static void eap_sim_db_aka_resp_auth(struct eap_sim_db_data *data,
}
start = buf;
- if (strncmp(start, "FAILURE", 7) == 0) {
+ if (os_strncmp(start, "FAILURE", 7) == 0) {
wpa_printf(MSG_DEBUG, "EAP-SIM DB: External server reported "
"failure");
entry->state = FAILURE;
@@ -213,7 +213,7 @@ static void eap_sim_db_aka_resp_auth(struct eap_sim_db_data *data,
return;
}
- end = strchr(start, ' ');
+ end = os_strchr(start, ' ');
if (end == NULL)
goto parse_fail;
*end = '\0';
@@ -221,7 +221,7 @@ static void eap_sim_db_aka_resp_auth(struct eap_sim_db_data *data,
goto parse_fail;
start = end + 1;
- end = strchr(start, ' ');
+ end = os_strchr(start, ' ');
if (end == NULL)
goto parse_fail;
*end = '\0';
@@ -229,7 +229,7 @@ static void eap_sim_db_aka_resp_auth(struct eap_sim_db_data *data,
goto parse_fail;
start = end + 1;
- end = strchr(start, ' ');
+ end = os_strchr(start, ' ');
if (end == NULL)
goto parse_fail;
*end = '\0';
@@ -237,7 +237,7 @@ static void eap_sim_db_aka_resp_auth(struct eap_sim_db_data *data,
goto parse_fail;
start = end + 1;
- end = strchr(start, ' ');
+ end = os_strchr(start, ' ');
if (end == NULL)
goto parse_fail;
*end = '\0';
@@ -245,7 +245,7 @@ static void eap_sim_db_aka_resp_auth(struct eap_sim_db_data *data,
goto parse_fail;
start = end + 1;
- end = strchr(start, ' ');
+ end = os_strchr(start, ' ');
if (end)
*end = '\0';
else {
@@ -271,7 +271,7 @@ static void eap_sim_db_aka_resp_auth(struct eap_sim_db_data *data,
parse_fail:
wpa_printf(MSG_DEBUG, "EAP-SIM DB: Failed to parse response string");
- free(entry);
+ os_free(entry);
}
@@ -301,21 +301,21 @@ static void eap_sim_db_receive(int sock, void *eloop_ctx, void *sock_ctx)
/* <cmd> <IMSI> ... */
cmd = buf;
- pos = strchr(cmd, ' ');
+ pos = os_strchr(cmd, ' ');
if (pos == NULL)
goto parse_fail;
*pos = '\0';
imsi = pos + 1;
- pos = strchr(imsi, ' ');
+ pos = os_strchr(imsi, ' ');
if (pos == NULL)
goto parse_fail;
*pos = '\0';
wpa_printf(MSG_DEBUG, "EAP-SIM DB: External response=%s for IMSI %s",
cmd, imsi);
- if (strcmp(cmd, "SIM-RESP-AUTH") == 0)
+ if (os_strcmp(cmd, "SIM-RESP-AUTH") == 0)
eap_sim_db_sim_resp_auth(data, imsi, pos + 1);
- else if (strcmp(cmd, "AKA-RESP-AUTH") == 0)
+ else if (os_strcmp(cmd, "AKA-RESP-AUTH") == 0)
eap_sim_db_aka_resp_auth(data, imsi, pos + 1);
else
wpa_printf(MSG_INFO, "EAP-SIM DB: Unknown external response "
@@ -332,7 +332,7 @@ static int eap_sim_db_open_socket(struct eap_sim_db_data *data)
struct sockaddr_un addr;
static int counter = 0;
- if (strncmp(data->fname, "unix:", 5) != 0)
+ if (os_strncmp(data->fname, "unix:", 5) != 0)
return -1;
data->sock = socket(PF_UNIX, SOCK_DGRAM, 0);
@@ -341,11 +341,11 @@ static int eap_sim_db_open_socket(struct eap_sim_db_data *data)
return -1;
}
- memset(&addr, 0, sizeof(addr));
+ os_memset(&addr, 0, sizeof(addr));
addr.sun_family = AF_UNIX;
- snprintf(addr.sun_path, sizeof(addr.sun_path),
- "/tmp/eap_sim_db_%d-%d", getpid(), counter++);
- data->local_sock = strdup(addr.sun_path);
+ os_snprintf(addr.sun_path, sizeof(addr.sun_path),
+ "/tmp/eap_sim_db_%d-%d", getpid(), counter++);
+ data->local_sock = os_strdup(addr.sun_path);
if (bind(data->sock, (struct sockaddr *) &addr, sizeof(addr)) < 0) {
perror("bind(eap_sim_db)");
close(data->sock);
@@ -353,13 +353,14 @@ static int eap_sim_db_open_socket(struct eap_sim_db_data *data)
return -1;
}
- memset(&addr, 0, sizeof(addr));
+ os_memset(&addr, 0, sizeof(addr));
addr.sun_family = AF_UNIX;
os_strlcpy(addr.sun_path, data->fname + 5, sizeof(addr.sun_path));
if (connect(data->sock, (struct sockaddr *) &addr, sizeof(addr)) < 0) {
perror("connect(eap_sim_db)");
wpa_hexdump_ascii(MSG_INFO, "HLR/AuC GW socket",
- (u8 *) addr.sun_path, strlen(addr.sun_path));
+ (u8 *) addr.sun_path,
+ os_strlen(addr.sun_path));
close(data->sock);
data->sock = -1;
return -1;
@@ -380,7 +381,7 @@ static void eap_sim_db_close_socket(struct eap_sim_db_data *data)
}
if (data->local_sock) {
unlink(data->local_sock);
- free(data->local_sock);
+ os_free(data->local_sock);
data->local_sock = NULL;
}
}
@@ -406,11 +407,11 @@ void * eap_sim_db_init(const char *config,
data->sock = -1;
data->get_complete_cb = get_complete_cb;
data->ctx = ctx;
- data->fname = strdup(config);
+ data->fname = os_strdup(config);
if (data->fname == NULL)
goto fail;
- if (strncmp(data->fname, "unix:", 5) == 0) {
+ if (os_strncmp(data->fname, "unix:", 5) == 0) {
if (eap_sim_db_open_socket(data))
goto fail;
}
@@ -419,25 +420,25 @@ void * eap_sim_db_init(const char *config,
fail:
eap_sim_db_close_socket(data);
- free(data->fname);
- free(data);
+ os_free(data->fname);
+ os_free(data);
return NULL;
}
static void eap_sim_db_free_pseudonym(struct eap_sim_pseudonym *p)
{
- free(p->identity);
- free(p->pseudonym);
- free(p);
+ os_free(p->identity);
+ os_free(p->pseudonym);
+ os_free(p);
}
static void eap_sim_db_free_reauth(struct eap_sim_reauth *r)
{
- free(r->identity);
- free(r->reauth_id);
- free(r);
+ os_free(r->identity);
+ os_free(r->reauth_id);
+ os_free(r);
}
@@ -453,7 +454,7 @@ void eap_sim_db_deinit(void *priv)
struct eap_sim_db_pending *pending, *prev_pending;
eap_sim_db_close_socket(data);
- free(data->fname);
+ os_free(data->fname);
p = data->pseudonyms;
while (p) {
@@ -473,10 +474,10 @@ void eap_sim_db_deinit(void *priv)
while (pending) {
prev_pending = pending;
pending = pending->next;
- free(prev_pending);
+ os_free(prev_pending);
}
- free(data);
+ os_free(data);
}
@@ -577,7 +578,7 @@ int eap_sim_db_get_gsm_triplets(void *priv, const u8 *identity,
if (entry->state == FAILURE) {
wpa_printf(MSG_DEBUG, "EAP-SIM DB: Pending entry -> "
"failure");
- free(entry);
+ os_free(entry);
return EAP_SIM_DB_FAILURE;
}
@@ -593,10 +594,11 @@ int eap_sim_db_get_gsm_triplets(void *priv, const u8 *identity,
num_chal = entry->u.sim.num_chal;
if (num_chal > max_chal)
num_chal = max_chal;
- memcpy(_rand, entry->u.sim.rand, num_chal * GSM_RAND_LEN);
- memcpy(sres, entry->u.sim.sres, num_chal * EAP_SIM_SRES_LEN);
- memcpy(kc, entry->u.sim.kc, num_chal * EAP_SIM_KC_LEN);
- free(entry);
+ os_memcpy(_rand, entry->u.sim.rand, num_chal * GSM_RAND_LEN);
+ os_memcpy(sres, entry->u.sim.sres,
+ num_chal * EAP_SIM_SRES_LEN);
+ os_memcpy(kc, entry->u.sim.kc, num_chal * EAP_SIM_KC_LEN);
+ os_free(entry);
return num_chal;
}
@@ -605,12 +607,12 @@ int eap_sim_db_get_gsm_triplets(void *priv, const u8 *identity,
return EAP_SIM_DB_FAILURE;
}
- len = snprintf(msg, sizeof(msg), "SIM-REQ-AUTH ");
+ len = os_snprintf(msg, sizeof(msg), "SIM-REQ-AUTH ");
if (len < 0 || len + identity_len >= sizeof(msg))
return EAP_SIM_DB_FAILURE;
- memcpy(msg + len, identity, identity_len);
+ os_memcpy(msg + len, identity, identity_len);
len += identity_len;
- ret = snprintf(msg + len, sizeof(msg) - len, " %d", max_chal);
+ ret = os_snprintf(msg + len, sizeof(msg) - len, " %d", max_chal);
if (ret < 0 || (size_t) ret >= sizeof(msg) - len)
return EAP_SIM_DB_FAILURE;
len += ret;
@@ -625,7 +627,7 @@ int eap_sim_db_get_gsm_triplets(void *priv, const u8 *identity,
return EAP_SIM_DB_FAILURE;
os_get_time(&entry->timestamp);
- memcpy(entry->imsi, identity, identity_len);
+ os_memcpy(entry->imsi, identity, identity_len);
entry->imsi_len = identity_len;
entry->cb_session_ctx = cb_session_ctx;
entry->state = PENDING;
@@ -657,20 +659,20 @@ eap_sim_db_get_pseudonym(struct eap_sim_db_data *data, const u8 *identity,
len++;
}
- pseudonym = malloc(len + 1);
+ pseudonym = os_malloc(len + 1);
if (pseudonym == NULL)
return NULL;
- memcpy(pseudonym, identity, len);
+ os_memcpy(pseudonym, identity, len);
pseudonym[len] = '\0';
p = data->pseudonyms;
while (p) {
- if (strcmp(p->pseudonym, pseudonym) == 0)
+ if (os_strcmp(p->pseudonym, pseudonym) == 0)
break;
p = p->next;
}
- free(pseudonym);
+ os_free(pseudonym);
return p;
}
@@ -690,7 +692,7 @@ eap_sim_db_get_pseudonym_id(struct eap_sim_db_data *data, const u8 *identity,
p = data->pseudonyms;
while (p) {
if (identity_len == p->identity_len &&
- memcmp(p->identity, identity, identity_len) == 0)
+ os_memcmp(p->identity, identity, identity_len) == 0)
break;
p = p->next;
}
@@ -720,20 +722,20 @@ eap_sim_db_get_reauth(struct eap_sim_db_data *data, const u8 *identity,
len++;
}
- reauth_id = malloc(len + 1);
+ reauth_id = os_malloc(len + 1);
if (reauth_id == NULL)
return NULL;
- memcpy(reauth_id, identity, len);
+ os_memcpy(reauth_id, identity, len);
reauth_id[len] = '\0';
r = data->reauths;
while (r) {
- if (strcmp(r->reauth_id, reauth_id) == 0)
+ if (os_strcmp(r->reauth_id, reauth_id) == 0)
break;
r = r->next;
}
- free(reauth_id);
+ os_free(reauth_id);
return r;
}
@@ -760,7 +762,7 @@ eap_sim_db_get_reauth_id(struct eap_sim_db_data *data, const u8 *identity,
r = data->reauths;
while (r) {
if (identity_len == r->identity_len &&
- memcmp(r->identity, identity, identity_len) == 0)
+ os_memcmp(r->identity, identity, identity_len) == 0)
break;
r = r->next;
}
@@ -826,7 +828,7 @@ static char * eap_sim_db_get_next(struct eap_sim_db_data *data, char prefix)
if (os_get_random(buf, sizeof(buf)))
return NULL;
- id = malloc(sizeof(buf) * 2 + 2);
+ id = os_malloc(sizeof(buf) * 2 + 2);
if (id == NULL)
return NULL;
@@ -908,25 +910,25 @@ int eap_sim_db_add_pseudonym(void *priv, const u8 *identity,
if (p) {
wpa_printf(MSG_DEBUG, "EAP-SIM DB: Replacing previous "
"pseudonym: %s", p->pseudonym);
- free(p->pseudonym);
+ os_free(p->pseudonym);
p->pseudonym = pseudonym;
return 0;
}
p = os_zalloc(sizeof(*p));
if (p == NULL) {
- free(pseudonym);
+ os_free(pseudonym);
return -1;
}
p->next = data->pseudonyms;
- p->identity = malloc(identity_len);
+ p->identity = os_malloc(identity_len);
if (p->identity == NULL) {
- free(p);
- free(pseudonym);
+ os_free(p);
+ os_free(pseudonym);
return -1;
}
- memcpy(p->identity, identity, identity_len);
+ os_memcpy(p->identity, identity, identity_len);
p->identity_len = identity_len;
p->pseudonym = pseudonym;
data->pseudonyms = p;
@@ -968,23 +970,23 @@ int eap_sim_db_add_reauth(void *priv, const u8 *identity,
if (r) {
wpa_printf(MSG_DEBUG, "EAP-SIM DB: Replacing previous "
"reauth_id: %s", r->reauth_id);
- free(r->reauth_id);
+ os_free(r->reauth_id);
r->reauth_id = reauth_id;
} else {
r = os_zalloc(sizeof(*r));
if (r == NULL) {
- free(reauth_id);
+ os_free(reauth_id);
return -1;
}
r->next = data->reauths;
- r->identity = malloc(identity_len);
+ r->identity = os_malloc(identity_len);
if (r->identity == NULL) {
- free(r);
- free(reauth_id);
+ os_free(r);
+ os_free(reauth_id);
return -1;
}
- memcpy(r->identity, identity, identity_len);
+ os_memcpy(r->identity, identity, identity_len);
r->identity_len = identity_len;
r->reauth_id = reauth_id;
data->reauths = r;
@@ -992,7 +994,7 @@ int eap_sim_db_add_reauth(void *priv, const u8 *identity,
}
r->counter = counter;
- memcpy(r->mk, mk, EAP_SIM_MK_LEN);
+ os_memcpy(r->mk, mk, EAP_SIM_MK_LEN);
return 0;
}
@@ -1137,7 +1139,7 @@ int eap_sim_db_get_aka_auth(void *priv, const u8 *identity,
entry = eap_sim_db_get_pending(data, identity, identity_len, 1);
if (entry) {
if (entry->state == FAILURE) {
- free(entry);
+ os_free(entry);
wpa_printf(MSG_DEBUG, "EAP-SIM DB: Failure");
return EAP_SIM_DB_FAILURE;
}
@@ -1150,13 +1152,13 @@ int eap_sim_db_get_aka_auth(void *priv, const u8 *identity,
wpa_printf(MSG_DEBUG, "EAP-SIM DB: Returning successfully "
"received authentication data");
- memcpy(_rand, entry->u.aka.rand, EAP_AKA_RAND_LEN);
- memcpy(autn, entry->u.aka.autn, EAP_AKA_AUTN_LEN);
- memcpy(ik, entry->u.aka.ik, EAP_AKA_IK_LEN);
- memcpy(ck, entry->u.aka.ck, EAP_AKA_CK_LEN);
- memcpy(res, entry->u.aka.res, EAP_AKA_RES_MAX_LEN);
+ os_memcpy(_rand, entry->u.aka.rand, EAP_AKA_RAND_LEN);
+ os_memcpy(autn, entry->u.aka.autn, EAP_AKA_AUTN_LEN);
+ os_memcpy(ik, entry->u.aka.ik, EAP_AKA_IK_LEN);
+ os_memcpy(ck, entry->u.aka.ck, EAP_AKA_CK_LEN);
+ os_memcpy(res, entry->u.aka.res, EAP_AKA_RES_MAX_LEN);
*res_len = entry->u.aka.res_len;
- free(entry);
+ os_free(entry);
return 0;
}
@@ -1165,10 +1167,10 @@ int eap_sim_db_get_aka_auth(void *priv, const u8 *identity,
return EAP_SIM_DB_FAILURE;
}
- len = snprintf(msg, sizeof(msg), "AKA-REQ-AUTH ");
+ len = os_snprintf(msg, sizeof(msg), "AKA-REQ-AUTH ");
if (len < 0 || len + identity_len >= sizeof(msg))
return EAP_SIM_DB_FAILURE;
- memcpy(msg + len, identity, identity_len);
+ os_memcpy(msg + len, identity, identity_len);
len += identity_len;
wpa_hexdump(MSG_DEBUG, "EAP-SIM DB: requesting AKA authentication "
@@ -1182,7 +1184,7 @@ int eap_sim_db_get_aka_auth(void *priv, const u8 *identity,
os_get_time(&entry->timestamp);
entry->aka = 1;
- memcpy(entry->imsi, identity, identity_len);
+ os_memcpy(entry->imsi, identity, identity_len);
entry->imsi_len = identity_len;
entry->cb_session_ctx = cb_session_ctx;
entry->state = PENDING;
@@ -1225,19 +1227,19 @@ int eap_sim_db_resynchronize(void *priv, const u8 *identity,
char msg[100];
int len, ret;
- len = snprintf(msg, sizeof(msg), "AKA-AUTS ");
+ len = os_snprintf(msg, sizeof(msg), "AKA-AUTS ");
if (len < 0 || len + identity_len - 1 >= sizeof(msg))
return -1;
- memcpy(msg + len, identity + 1, identity_len - 1);
+ os_memcpy(msg + len, identity + 1, identity_len - 1);
len += identity_len - 1;
- ret = snprintf(msg + len, sizeof(msg) - len, " ");
+ ret = os_snprintf(msg + len, sizeof(msg) - len, " ");
if (ret < 0 || (size_t) ret >= sizeof(msg) - len)
return -1;
len += ret;
len += wpa_snprintf_hex(msg + len, sizeof(msg) - len,
auts, EAP_AKA_AUTS_LEN);
- ret = snprintf(msg + len, sizeof(msg) - len, " ");
+ ret = os_snprintf(msg + len, sizeof(msg) - len, " ");
if (ret < 0 || (size_t) ret >= sizeof(msg) - len)
return -1;
len += ret;
diff --git a/src/eap_server/eap_tls.c b/src/eap_server/eap_tls.c
index ed973bd..a490928 100644
--- a/src/eap_server/eap_tls.c
+++ b/src/eap_server/eap_tls.c
@@ -54,7 +54,7 @@ static void eap_tls_reset(struct eap_sm *sm, void *priv)
if (data == NULL)
return;
eap_server_tls_ssl_deinit(sm, &data->ssl);
- free(data);
+ os_free(data);
}
@@ -65,7 +65,7 @@ static u8 * eap_tls_build_start(struct eap_sm *sm, struct eap_tls_data *data,
u8 *pos;
*reqDataLen = sizeof(*req) + 2;
- req = malloc(*reqDataLen);
+ req = os_malloc(*reqDataLen);
if (req == NULL) {
wpa_printf(MSG_ERROR, "EAP-TLS: Failed to allocate memory for "
"request");
@@ -172,7 +172,7 @@ static void eap_tls_process(struct eap_sm *sm, void *priv,
if (data->ssl.tls_in_left == 0) {
data->ssl.tls_in_total = tls_msg_len;
data->ssl.tls_in_left = tls_msg_len;
- free(data->ssl.tls_in);
+ os_free(data->ssl.tls_in);
data->ssl.tls_in = NULL;
data->ssl.tls_in_len = 0;
}
@@ -237,11 +237,11 @@ static u8 * eap_tls_get_emsk(struct eap_sm *sm, void *priv, size_t *len)
"client EAP encryption",
EAP_TLS_KEY_LEN + EAP_EMSK_LEN);
if (eapKeyData) {
- emsk = malloc(EAP_EMSK_LEN);
+ emsk = os_malloc(EAP_EMSK_LEN);
if (emsk)
- memcpy(emsk, eapKeyData + EAP_TLS_KEY_LEN,
- EAP_EMSK_LEN);
- free(eapKeyData);
+ os_memcpy(emsk, eapKeyData + EAP_TLS_KEY_LEN,
+ EAP_EMSK_LEN);
+ os_free(eapKeyData);
} else
emsk = NULL;
diff --git a/src/eap_server/eap_tls_common.c b/src/eap_server/eap_tls_common.c
index ebd6afa..60c9e8e 100644
--- a/src/eap_server/eap_tls_common.c
+++ b/src/eap_server/eap_tls_common.c
@@ -58,8 +58,8 @@ int eap_server_tls_ssl_init(struct eap_sm *sm, struct eap_ssl_data *data,
void eap_server_tls_ssl_deinit(struct eap_sm *sm, struct eap_ssl_data *data)
{
tls_connection_deinit(sm->ssl_ctx, data->conn);
- free(data->tls_in);
- free(data->tls_out);
+ os_free(data->tls_in);
+ os_free(data->tls_out);
}
@@ -69,7 +69,7 @@ u8 * eap_server_tls_derive_key(struct eap_sm *sm, struct eap_ssl_data *data,
struct tls_keys keys;
u8 *rnd = NULL, *out;
- out = malloc(len);
+ out = os_malloc(len);
if (out == NULL)
return NULL;
@@ -84,24 +84,24 @@ u8 * eap_server_tls_derive_key(struct eap_sm *sm, struct eap_ssl_data *data,
keys.master_key == NULL)
goto fail;
- rnd = malloc(keys.client_random_len + keys.server_random_len);
+ rnd = os_malloc(keys.client_random_len + keys.server_random_len);
if (rnd == NULL)
goto fail;
- memcpy(rnd, keys.client_random, keys.client_random_len);
- memcpy(rnd + keys.client_random_len, keys.server_random,
- keys.server_random_len);
+ os_memcpy(rnd, keys.client_random, keys.client_random_len);
+ os_memcpy(rnd + keys.client_random_len, keys.server_random,
+ keys.server_random_len);
if (tls_prf(keys.master_key, keys.master_key_len,
label, rnd, keys.client_random_len +
keys.server_random_len, out, len))
goto fail;
- free(rnd);
+ os_free(rnd);
return out;
fail:
- free(out);
- free(rnd);
+ os_free(out);
+ os_free(rnd);
return NULL;
}
@@ -116,23 +116,23 @@ int eap_server_tls_data_reassemble(struct eap_sm *sm,
if (data->tls_in_len + *in_len > 65536) {
/* Limit length to avoid rogue peers from causing large
* memory allocations. */
- free(data->tls_in);
+ os_free(data->tls_in);
data->tls_in = NULL;
data->tls_in_len = 0;
wpa_printf(MSG_INFO, "SSL: Too long TLS fragment (size"
" over 64 kB)");
return -1;
}
- buf = realloc(data->tls_in, data->tls_in_len + *in_len);
+ buf = os_realloc(data->tls_in, data->tls_in_len + *in_len);
if (buf == NULL) {
- free(data->tls_in);
+ os_free(data->tls_in);
data->tls_in = NULL;
data->tls_in_len = 0;
wpa_printf(MSG_INFO, "SSL: Could not allocate memory "
"for TLS data");
return -1;
}
- memcpy(buf + data->tls_in_len, *in_data, *in_len);
+ os_memcpy(buf + data->tls_in_len, *in_data, *in_len);
data->tls_in = buf;
data->tls_in_len += *in_len;
if (*in_len > data->tls_in_left) {
@@ -178,7 +178,7 @@ int eap_server_tls_process_helper(struct eap_sm *sm, struct eap_ssl_data *data,
wpa_printf(MSG_INFO, "SSL: eap_tls_process_helper - "
"pending tls_out data even though "
"tls_out_len = 0");
- free(data->tls_out);
+ os_free(data->tls_out);
WPA_ASSERT(data->tls_out == NULL);
}
data->tls_out = tls_connection_server_handshake(
@@ -187,7 +187,7 @@ int eap_server_tls_process_helper(struct eap_sm *sm, struct eap_ssl_data *data,
/* Clear reassembled input data (if the buffer was needed). */
data->tls_in_left = data->tls_in_total = data->tls_in_len = 0;
- free(data->tls_in);
+ os_free(data->tls_in);
data->tls_in = NULL;
}
@@ -201,7 +201,7 @@ int eap_server_tls_process_helper(struct eap_sm *sm, struct eap_ssl_data *data,
* needing more that should have been catched above based on
* the TLS Message Length field. */
wpa_printf(MSG_DEBUG, "SSL: No data to be sent out");
- free(data->tls_out);
+ os_free(data->tls_out);
data->tls_out = NULL;
if (tls_connection_get_read_alerts(sm->ssl_ctx, data->conn)) {
@@ -233,7 +233,7 @@ int eap_server_tls_buildReq_helper(struct eap_sm *sm,
*out_len = 0;
- req = malloc(sizeof(struct eap_hdr) + 2 + 4 + data->tls_out_limit);
+ req = os_malloc(sizeof(struct eap_hdr) + 2 + 4 + data->tls_out_limit);
if (req == NULL) {
*out_data = NULL;
return -1;
@@ -258,7 +258,7 @@ int eap_server_tls_buildReq_helper(struct eap_sm *sm,
wpa_printf(MSG_DEBUG, "SSL: sending %lu bytes, more fragments "
"will follow", (unsigned long) len);
}
- memcpy(pos, &data->tls_out[data->tls_out_pos], len);
+ os_memcpy(pos, &data->tls_out[data->tls_out_pos], len);
data->tls_out_pos += len;
*out_len = (pos - (u8 *) req) + len;
req->length = host_to_be16(*out_len);
@@ -267,7 +267,7 @@ int eap_server_tls_buildReq_helper(struct eap_sm *sm,
if (!(*flags & EAP_TLS_FLAGS_MORE_FRAGMENTS)) {
data->tls_out_len = 0;
data->tls_out_pos = 0;
- free(data->tls_out);
+ os_free(data->tls_out);
data->tls_out = NULL;
}
@@ -282,7 +282,7 @@ u8 * eap_server_tls_build_ack(size_t *reqDataLen, u8 id, int eap_type,
u8 *pos;
*reqDataLen = sizeof(struct eap_hdr) + 2;
- req = malloc(*reqDataLen);
+ req = os_malloc(*reqDataLen);
if (req == NULL)
return NULL;
wpa_printf(MSG_DEBUG, "SSL: Building ACK");
diff --git a/src/eap_server/eap_tlv.c b/src/eap_server/eap_tlv.c
index c13b60e..714796f 100644
--- a/src/eap_server/eap_tlv.c
+++ b/src/eap_server/eap_tlv.c
@@ -40,7 +40,7 @@ static void * eap_tlv_init(struct eap_sm *sm)
static void eap_tlv_reset(struct eap_sm *sm, void *priv)
{
struct eap_tlv_data *data = priv;
- free(data);
+ os_free(data);
}
@@ -58,7 +58,7 @@ static u8 * eap_tlv_buildReq(struct eap_sm *sm, void *priv, int id,
}
*reqDataLen = sizeof(struct eap_hdr) + 1 + 6;
- req = malloc(*reqDataLen);
+ req = os_malloc(*reqDataLen);
if (req == NULL)
return NULL;
diff --git a/src/eap_server/eap_ttls.c b/src/eap_server/eap_ttls.c
index 13fc14b..aaaf801 100644
--- a/src/eap_server/eap_ttls.c
+++ b/src/eap_server/eap_ttls.c
@@ -121,18 +121,18 @@ static int eap_ttls_avp_encapsulate(u8 **resp, size_t *resp_len, u32 avp_code,
{
u8 *avp, *pos;
- avp = malloc(sizeof(struct ttls_avp) + *resp_len + 4);
+ avp = os_malloc(sizeof(struct ttls_avp) + *resp_len + 4);
if (avp == NULL) {
- free(*resp);
+ os_free(*resp);
*resp_len = 0;
return -1;
}
pos = eap_ttls_avp_hdr(avp, avp_code, 0, mandatory, *resp_len);
- memcpy(pos, *resp, *resp_len);
+ os_memcpy(pos, *resp, *resp_len);
pos += *resp_len;
AVP_PAD(avp, pos);
- free(*resp);
+ os_free(*resp);
*resp = avp;
*resp_len = pos - avp;
return 0;
@@ -170,7 +170,7 @@ static int eap_ttls_avp_parse(u8 *buf, size_t len, struct eap_ttls_avp *parse)
pos = buf;
left = len;
- memset(parse, 0, sizeof(*parse));
+ os_memset(parse, 0, sizeof(*parse));
while (left > 0) {
u32 avp_code, avp_length, vendor_id = 0;
@@ -215,25 +215,25 @@ static int eap_ttls_avp_parse(u8 *buf, size_t len, struct eap_ttls_avp *parse)
if (vendor_id == 0 && avp_code == RADIUS_ATTR_EAP_MESSAGE) {
wpa_printf(MSG_DEBUG, "EAP-TTLS: AVP - EAP Message");
if (parse->eap == NULL) {
- parse->eap = malloc(dlen);
+ parse->eap = os_malloc(dlen);
if (parse->eap == NULL) {
wpa_printf(MSG_WARNING, "EAP-TTLS: "
"failed to allocate memory "
"for Phase 2 EAP data");
goto fail;
}
- memcpy(parse->eap, dpos, dlen);
+ os_memcpy(parse->eap, dpos, dlen);
parse->eap_len = dlen;
} else {
- u8 *neweap = realloc(parse->eap,
- parse->eap_len + dlen);
+ u8 *neweap = os_realloc(parse->eap,
+ parse->eap_len + dlen);
if (neweap == NULL) {
wpa_printf(MSG_WARNING, "EAP-TTLS: "
"failed to allocate memory "
"for Phase 2 EAP data");
goto fail;
}
- memcpy(neweap + parse->eap_len, dpos, dlen);
+ os_memcpy(neweap + parse->eap_len, dpos, dlen);
parse->eap = neweap;
parse->eap_len += dlen;
}
@@ -310,7 +310,7 @@ static int eap_ttls_avp_parse(u8 *buf, size_t len, struct eap_ttls_avp *parse)
return 0;
fail:
- free(parse->eap);
+ os_free(parse->eap);
parse->eap = NULL;
return -1;
}
@@ -327,7 +327,7 @@ static u8 * eap_ttls_implicit_challenge(struct eap_sm *sm,
"ttls challenge", len);
}
- memset(&keys, 0, sizeof(keys));
+ os_memset(&keys, 0, sizeof(keys));
if (tls_connection_get_keys(sm->ssl_ctx, data->ssl.conn, &keys) ||
keys.client_random == NULL || keys.server_random == NULL ||
keys.inner_secret == NULL) {
@@ -337,18 +337,18 @@ static u8 * eap_ttls_implicit_challenge(struct eap_sm *sm,
return NULL;
}
- rnd = malloc(keys.client_random_len + keys.server_random_len);
- challenge = malloc(len);
+ rnd = os_malloc(keys.client_random_len + keys.server_random_len);
+ challenge = os_malloc(len);
if (rnd == NULL || challenge == NULL) {
wpa_printf(MSG_INFO, "EAP-TTLS: No memory for implicit "
"challenge derivation");
- free(rnd);
- free(challenge);
+ os_free(rnd);
+ os_free(challenge);
return NULL;
}
- memcpy(rnd, keys.server_random, keys.server_random_len);
- memcpy(rnd + keys.server_random_len, keys.client_random,
- keys.client_random_len);
+ os_memcpy(rnd, keys.server_random, keys.server_random_len);
+ os_memcpy(rnd + keys.server_random_len, keys.client_random,
+ keys.client_random_len);
if (tls_prf(keys.inner_secret, keys.inner_secret_len,
"inner application challenge", rnd,
@@ -356,12 +356,12 @@ static u8 * eap_ttls_implicit_challenge(struct eap_sm *sm,
challenge, len)) {
wpa_printf(MSG_DEBUG, "EAP-TTLS: Failed to derive implicit "
"challenge");
- free(rnd);
- free(challenge);
+ os_free(rnd);
+ os_free(challenge);
return NULL;
}
- free(rnd);
+ os_free(rnd);
wpa_hexdump_key(MSG_DEBUG, "EAP-TTLS: Derived implicit challenge",
challenge, len);
@@ -417,7 +417,7 @@ static void eap_ttls_reset(struct eap_sm *sm, void *priv)
if (data->phase2_priv && data->phase2_method)
data->phase2_method->reset(sm, data->phase2_priv);
eap_server_tls_ssl_deinit(sm, &data->ssl);
- free(data);
+ os_free(data);
}
@@ -428,7 +428,7 @@ static u8 * eap_ttls_build_start(struct eap_sm *sm, struct eap_ttls_data *data,
u8 *pos;
*reqDataLen = sizeof(*req) + 2;
- req = malloc(*reqDataLen);
+ req = os_malloc(*reqDataLen);
if (req == NULL) {
wpa_printf(MSG_ERROR, "EAP-TTLS: Failed to allocate memory for"
" request");
@@ -482,7 +482,7 @@ static u8 * eap_ttls_encrypt(struct eap_sm *sm, struct eap_ttls_data *data,
/* TODO: add support for fragmentation, if needed. This will need to
* add TLS Message Length field, if the frame is fragmented. */
- req = malloc(sizeof(struct eap_hdr) + 2 + data->ssl.tls_out_limit);
+ req = os_malloc(sizeof(struct eap_hdr) + 2 + data->ssl.tls_out_limit);
if (req == NULL)
return NULL;
@@ -499,7 +499,7 @@ static u8 * eap_ttls_encrypt(struct eap_sm *sm, struct eap_ttls_data *data,
if (res < 0) {
wpa_printf(MSG_INFO, "EAP-TTLS: Failed to encrypt Phase 2 "
"data");
- free(req);
+ os_free(req);
return NULL;
}
@@ -536,7 +536,7 @@ static u8 * eap_ttls_build_phase2_eap_req(struct eap_sm *sm,
"2 data", req, req_len);
encr_req = eap_ttls_encrypt(sm, data, id, req, req_len, reqDataLen);
- free(req);
+ os_free(req);
return encr_req;
}
@@ -550,7 +550,7 @@ static u8 * eap_ttls_build_phase2_mschapv2(struct eap_sm *sm,
int ret;
size_t req_len;
- pos = req = malloc(100);
+ pos = req = os_malloc(100);
if (req == NULL)
return NULL;
end = req + 100;
@@ -559,7 +559,7 @@ static u8 * eap_ttls_build_phase2_mschapv2(struct eap_sm *sm,
pos = eap_ttls_avp_hdr(pos, RADIUS_ATTR_MS_CHAP2_SUCCESS,
RADIUS_VENDOR_ID_MICROSOFT, 1, 43);
*pos++ = data->mschapv2_ident;
- ret = snprintf((char *) pos, end - pos, "S=");
+ ret = os_snprintf((char *) pos, end - pos, "S=");
if (ret >= 0 && ret < end - pos)
pos += ret;
pos += wpa_snprintf_hex_uppercase(
@@ -568,7 +568,7 @@ static u8 * eap_ttls_build_phase2_mschapv2(struct eap_sm *sm,
} else {
pos = eap_ttls_avp_hdr(pos, RADIUS_ATTR_MS_CHAP_ERROR,
RADIUS_VENDOR_ID_MICROSOFT, 1, 6);
- memcpy(pos, "Failed", 6);
+ os_memcpy(pos, "Failed", 6);
pos += 6;
AVP_PAD(req, pos);
}
@@ -578,7 +578,7 @@ static u8 * eap_ttls_build_phase2_mschapv2(struct eap_sm *sm,
"data", req, req_len);
encr_req = eap_ttls_encrypt(sm, data, id, req, req_len, reqDataLen);
- free(req);
+ os_free(req);
return encr_req;
}
@@ -595,7 +595,7 @@ static u8 * eap_ttls_build_phase_finished(struct eap_sm *sm,
const int max_len = 300;
len = sizeof(struct eap_hdr) + 2 + max_len;
- req = malloc(len);
+ req = os_malloc(len);
if (req == NULL)
return NULL;
@@ -610,7 +610,7 @@ static u8 * eap_ttls_build_phase_finished(struct eap_sm *sm,
data->ssl.conn,
final, pos, max_len);
if (len < 0) {
- free(req);
+ os_free(req);
return NULL;
}
@@ -675,11 +675,11 @@ static int eap_ttls_ia_permute_inner_secret(struct eap_sm *sm,
if (key) {
buf_len = 2 + key_len;
- buf = malloc(buf_len);
+ buf = os_malloc(buf_len);
if (buf == NULL)
return -1;
WPA_PUT_BE16(buf, key_len);
- memcpy(buf + 2, key, key_len);
+ os_memcpy(buf + 2, key, key_len);
} else {
buf = NULL;
buf_len = 0;
@@ -690,7 +690,7 @@ static int eap_ttls_ia_permute_inner_secret(struct eap_sm *sm,
ret = tls_connection_ia_permute_inner_secret(sm->ssl_ctx,
data->ssl.conn,
buf, buf_len);
- free(buf);
+ os_free(buf);
return ret;
}
@@ -711,8 +711,8 @@ static void eap_ttls_process_phase2_pap(struct eap_sm *sm,
}
if (sm->user->password_len != user_password_len ||
- memcmp(sm->user->password, user_password, user_password_len) != 0)
- {
+ os_memcmp(sm->user->password, user_password, user_password_len) !=
+ 0) {
wpa_printf(MSG_DEBUG, "EAP-TTLS/PAP: Invalid user password");
eap_ttls_state(data, FAILURE);
return;
@@ -764,14 +764,14 @@ static void eap_ttls_process_phase2_chap(struct eap_sm *sm,
return;
}
- if (memcmp(challenge, chal, EAP_TTLS_CHAP_CHALLENGE_LEN) != 0 ||
+ if (os_memcmp(challenge, chal, EAP_TTLS_CHAP_CHALLENGE_LEN) != 0 ||
password[0] != chal[EAP_TTLS_CHAP_CHALLENGE_LEN]) {
wpa_printf(MSG_DEBUG, "EAP-TTLS/CHAP: Challenge mismatch");
- free(chal);
+ os_free(chal);
eap_ttls_state(data, FAILURE);
return;
}
- free(chal);
+ os_free(chal);
/* MD5(Ident + Password + Challenge) */
addr[0] = password;
@@ -782,7 +782,7 @@ static void eap_ttls_process_phase2_chap(struct eap_sm *sm,
len[2] = challenge_len;
md5_vector(3, addr, len, hash);
- if (memcmp(hash, password + 1, EAP_TTLS_CHAP_PASSWORD_LEN) == 0) {
+ if (os_memcmp(hash, password + 1, EAP_TTLS_CHAP_PASSWORD_LEN) == 0) {
wpa_printf(MSG_DEBUG, "EAP-TTLS/CHAP: Correct user password");
eap_ttls_state(data, data->ttls_version > 0 ? PHASE_FINISHED :
SUCCESS);
@@ -829,14 +829,14 @@ static void eap_ttls_process_phase2_mschap(struct eap_sm *sm,
return;
}
- if (memcmp(challenge, chal, EAP_TTLS_MSCHAP_CHALLENGE_LEN) != 0 ||
+ if (os_memcmp(challenge, chal, EAP_TTLS_MSCHAP_CHALLENGE_LEN) != 0 ||
response[0] != chal[EAP_TTLS_MSCHAP_CHALLENGE_LEN]) {
wpa_printf(MSG_DEBUG, "EAP-TTLS/MSCHAP: Challenge mismatch");
- free(chal);
+ os_free(chal);
eap_ttls_state(data, FAILURE);
return;
}
- free(chal);
+ os_free(chal);
if (sm->user->password_hash)
challenge_response(challenge, sm->user->password, nt_response);
@@ -844,7 +844,7 @@ static void eap_ttls_process_phase2_mschap(struct eap_sm *sm,
nt_challenge_response(challenge, sm->user->password,
sm->user->password_len, nt_response);
- if (memcmp(nt_response, response + 2 + 24, 24) == 0) {
+ if (os_memcmp(nt_response, response + 2 + 24, 24) == 0) {
wpa_printf(MSG_DEBUG, "EAP-TTLS/MSCHAP: Correct response");
eap_ttls_state(data, data->ttls_version > 0 ? PHASE_FINISHED :
SUCCESS);
@@ -911,14 +911,14 @@ static void eap_ttls_process_phase2_mschapv2(struct eap_sm *sm,
return;
}
- if (memcmp(challenge, chal, EAP_TTLS_MSCHAPV2_CHALLENGE_LEN) != 0 ||
+ if (os_memcmp(challenge, chal, EAP_TTLS_MSCHAPV2_CHALLENGE_LEN) != 0 ||
response[0] != chal[EAP_TTLS_MSCHAPV2_CHALLENGE_LEN]) {
wpa_printf(MSG_DEBUG, "EAP-TTLS/MSCHAPV2: Challenge mismatch");
- free(chal);
+ os_free(chal);
eap_ttls_state(data, FAILURE);
return;
}
- free(chal);
+ os_free(chal);
auth_challenge = challenge;
peer_challenge = response + 2;
@@ -944,7 +944,7 @@ static void eap_ttls_process_phase2_mschapv2(struct eap_sm *sm,
}
rx_resp = response + 2 + EAP_TTLS_MSCHAPV2_CHALLENGE_LEN + 8;
- if (memcmp(nt_response, rx_resp, 24) == 0) {
+ if (os_memcmp(nt_response, rx_resp, 24) == 0) {
wpa_printf(MSG_DEBUG, "EAP-TTLS/MSCHAPV2: Correct "
"NT-Response");
data->mschapv2_resp_ok = 1;
@@ -1187,9 +1187,9 @@ static void eap_ttls_process_phase2(struct eap_sm *sm,
buf_len = in_len;
if (data->ssl.tls_in_total > buf_len)
buf_len = data->ssl.tls_in_total;
- in_decrypted = malloc(buf_len);
+ in_decrypted = os_malloc(buf_len);
if (in_decrypted == NULL) {
- free(data->ssl.tls_in);
+ os_free(data->ssl.tls_in);
data->ssl.tls_in = NULL;
data->ssl.tls_in_len = 0;
wpa_printf(MSG_WARNING, "EAP-TTLS: failed to allocate memory "
@@ -1200,13 +1200,13 @@ static void eap_ttls_process_phase2(struct eap_sm *sm,
len_decrypted = tls_connection_decrypt(sm->ssl_ctx, data->ssl.conn,
in_data, in_len,
in_decrypted, buf_len);
- free(data->ssl.tls_in);
+ os_free(data->ssl.tls_in);
data->ssl.tls_in = NULL;
data->ssl.tls_in_len = 0;
if (len_decrypted < 0) {
wpa_printf(MSG_INFO, "EAP-TTLS: Failed to decrypt Phase 2 "
"data");
- free(in_decrypted);
+ os_free(in_decrypted);
eap_ttls_state(data, FAILURE);
return;
}
@@ -1224,7 +1224,7 @@ static void eap_ttls_process_phase2(struct eap_sm *sm,
eap_ttls_state(data, FAILURE);
}
- free(in_decrypted);
+ os_free(in_decrypted);
return;
}
@@ -1233,17 +1233,17 @@ static void eap_ttls_process_phase2(struct eap_sm *sm,
if (eap_ttls_avp_parse(in_decrypted, len_decrypted, &parse) < 0) {
wpa_printf(MSG_DEBUG, "EAP-TTLS: Failed to parse AVPs");
- free(in_decrypted);
+ os_free(in_decrypted);
eap_ttls_state(data, FAILURE);
return;
}
if (parse.user_name) {
- free(sm->identity);
- sm->identity = malloc(parse.user_name_len);
+ os_free(sm->identity);
+ sm->identity = os_malloc(parse.user_name_len);
if (sm->identity) {
- memcpy(sm->identity, parse.user_name,
- parse.user_name_len);
+ os_memcpy(sm->identity, parse.user_name,
+ parse.user_name_len);
sm->identity_len = parse.user_name_len;
}
if (eap_user_get(sm, parse.user_name, parse.user_name_len, 1)
@@ -1282,8 +1282,8 @@ static void eap_ttls_process_phase2(struct eap_sm *sm,
}
done:
- free(in_decrypted);
- free(parse.eap);
+ os_free(in_decrypted);
+ os_free(parse.eap);
}
@@ -1335,7 +1335,7 @@ static void eap_ttls_process(struct eap_sm *sm, void *priv,
if (data->ssl.tls_in_left == 0) {
data->ssl.tls_in_total = tls_msg_len;
data->ssl.tls_in_left = tls_msg_len;
- free(data->ssl.tls_in);
+ os_free(data->ssl.tls_in);
data->ssl.tls_in = NULL;
data->ssl.tls_in_len = 0;
}
@@ -1401,7 +1401,7 @@ static u8 * eap_ttls_v1_derive_key(struct eap_sm *sm,
struct tls_keys keys;
u8 *rnd, *key;
- memset(&keys, 0, sizeof(keys));
+ os_memset(&keys, 0, sizeof(keys));
if (tls_connection_get_keys(sm->ssl_ctx, data->ssl.conn, &keys) ||
keys.client_random == NULL || keys.server_random == NULL ||
keys.inner_secret == NULL) {
@@ -1411,24 +1411,24 @@ static u8 * eap_ttls_v1_derive_key(struct eap_sm *sm,
return NULL;
}
- rnd = malloc(keys.client_random_len + keys.server_random_len);
- key = malloc(EAP_TLS_KEY_LEN);
+ rnd = os_malloc(keys.client_random_len + keys.server_random_len);
+ key = os_malloc(EAP_TLS_KEY_LEN);
if (rnd == NULL || key == NULL) {
wpa_printf(MSG_INFO, "EAP-TTLS: No memory for key derivation");
- free(rnd);
- free(key);
+ os_free(rnd);
+ os_free(key);
return NULL;
}
- memcpy(rnd, keys.client_random, keys.client_random_len);
- memcpy(rnd + keys.client_random_len, keys.server_random,
- keys.server_random_len);
+ os_memcpy(rnd, keys.client_random, keys.client_random_len);
+ os_memcpy(rnd + keys.client_random_len, keys.server_random,
+ keys.server_random_len);
if (tls_prf(keys.inner_secret, keys.inner_secret_len,
"ttls v1 keying material", rnd, keys.client_random_len +
keys.server_random_len, key, EAP_TLS_KEY_LEN)) {
wpa_printf(MSG_DEBUG, "EAP-TTLS: Failed to derive key");
- free(rnd);
- free(key);
+ os_free(rnd);
+ os_free(key);
return NULL;
}
@@ -1437,7 +1437,7 @@ static u8 * eap_ttls_v1_derive_key(struct eap_sm *sm,
wpa_hexdump_key(MSG_DEBUG, "EAP-TTLS: TLS/IA inner secret",
keys.inner_secret, keys.inner_secret_len);
- free(rnd);
+ os_free(rnd);
return key;
}
diff --git a/src/eap_server/eap_vendor_test.c b/src/eap_server/eap_vendor_test.c
index df1ea1e..58d9ae3 100644
--- a/src/eap_server/eap_vendor_test.c
+++ b/src/eap_server/eap_vendor_test.c
@@ -70,7 +70,7 @@ static void * eap_vendor_test_init(struct eap_sm *sm)
static void eap_vendor_test_reset(struct eap_sm *sm, void *priv)
{
struct eap_vendor_test_data *data = priv;
- free(data);
+ os_free(data);
}
@@ -82,7 +82,7 @@ static u8 * eap_vendor_test_buildReq(struct eap_sm *sm, void *priv, int id,
u8 *pos;
*reqDataLen = sizeof(*req) + 8 + 1;
- req = malloc(*reqDataLen);
+ req = os_malloc(*reqDataLen);
if (req == NULL) {
wpa_printf(MSG_ERROR, "EAP-VENDOR-TEST: Failed to allocate "
"memory for request");
@@ -181,12 +181,12 @@ static u8 * eap_vendor_test_getKey(struct eap_sm *sm, void *priv, size_t *len)
if (data->state != SUCCESS)
return NULL;
- key = malloc(key_len);
+ key = os_malloc(key_len);
if (key == NULL)
return NULL;
- memset(key, 0x11, key_len / 2);
- memset(key + key_len / 2, 0x22, key_len / 2);
+ os_memset(key, 0x11, key_len / 2);
+ os_memset(key + key_len / 2, 0x22, key_len / 2);
*len = key_len;
return key;
diff --git a/src/radius/radius_client.c b/src/radius/radius_client.c
index 198c9b8..e76e29e 100644
--- a/src/radius/radius_client.c
+++ b/src/radius/radius_client.c
@@ -1170,8 +1170,8 @@ static int radius_servers_diff(struct hostapd_radius_server *nserv,
if (hostapd_ip_diff(&nserv[i].addr, &oserv[i].addr) ||
nserv[i].port != oserv[i].port ||
nserv[i].shared_secret_len != oserv[i].shared_secret_len ||
- memcmp(nserv[i].shared_secret, oserv[i].shared_secret,
- nserv[i].shared_secret_len) != 0)
+ os_memcmp(nserv[i].shared_secret, oserv[i].shared_secret,
+ nserv[i].shared_secret_len) != 0)
return 1;
}
diff --git a/src/radius/radius_server.c b/src/radius/radius_server.c
index bc9aef2..bb05104 100644
--- a/src/radius/radius_server.c
+++ b/src/radius/radius_server.c
@@ -172,14 +172,14 @@ static void radius_server_session_free(struct radius_server_data *data,
eap_server_sm_deinit(sess->eap);
if (sess->last_msg) {
radius_msg_free(sess->last_msg);
- free(sess->last_msg);
+ os_free(sess->last_msg);
}
- free(sess->last_from_addr);
+ os_free(sess->last_from_addr);
if (sess->last_reply) {
radius_msg_free(sess->last_reply);
- free(sess->last_reply);
+ os_free(sess->last_reply);
}
- free(sess);
+ os_free(sess);
data->num_sess--;
}
@@ -274,21 +274,21 @@ radius_server_get_new_session(struct radius_server_data *data,
RADIUS_DEBUG("Creating a new session");
- user = malloc(256);
+ user = os_malloc(256);
if (user == NULL) {
return NULL;
}
res = radius_msg_get_attr(msg, RADIUS_ATTR_USER_NAME, user, 256);
if (res < 0 || res > 256) {
RADIUS_DEBUG("Could not get User-Name");
- free(user);
+ os_free(user);
return NULL;
}
user_len = res;
RADIUS_DUMP_ASCII("User-Name", user, user_len);
res = data->get_eap_user(data->conf_ctx, user, user_len, 0, NULL);
- free(user);
+ os_free(user);
if (res == 0) {
RADIUS_DEBUG("Matching user entry found");
@@ -302,7 +302,7 @@ radius_server_get_new_session(struct radius_server_data *data,
return NULL;
}
- memset(&eap_conf, 0, sizeof(eap_conf));
+ os_memset(&eap_conf, 0, sizeof(eap_conf));
eap_conf.ssl_ctx = data->ssl_ctx;
eap_conf.eap_sim_db_priv = data->eap_sim_db_priv;
eap_conf.backend_auth = TRUE;
@@ -410,7 +410,7 @@ static int radius_server_reject(struct radius_server_data *data,
return -1;
}
- memset(&eapfail, 0, sizeof(eapfail));
+ os_memset(&eapfail, 0, sizeof(eapfail));
eapfail.code = EAP_CODE_FAILURE;
eapfail.identifier = 0;
eapfail.length = host_to_be16(sizeof(eapfail));
@@ -439,7 +439,7 @@ static int radius_server_reject(struct radius_server_data *data,
}
radius_msg_free(msg);
- free(msg);
+ os_free(msg);
return ret;
}
@@ -556,14 +556,14 @@ static int radius_server_request(struct radius_server_data *data,
} else if (eap_sm_method_pending(sess->eap)) {
if (sess->last_msg) {
radius_msg_free(sess->last_msg);
- free(sess->last_msg);
+ os_free(sess->last_msg);
}
sess->last_msg = msg;
sess->last_from_port = from_port;
- free(sess->last_from_addr);
- sess->last_from_addr = strdup(from_addr);
+ os_free(sess->last_from_addr);
+ sess->last_from_addr = os_strdup(from_addr);
sess->last_fromlen = fromlen;
- memcpy(&sess->last_from, from, fromlen);
+ os_memcpy(&sess->last_from, from, fromlen);
return -2;
} else {
RADIUS_DEBUG("No EAP data from the state machine - ignore this"
@@ -603,7 +603,7 @@ static int radius_server_request(struct radius_server_data *data,
}
if (sess->last_reply) {
radius_msg_free(sess->last_reply);
- free(sess->last_reply);
+ os_free(sess->last_reply);
}
sess->last_reply = reply;
sess->last_from_port = from_port;
@@ -642,7 +642,7 @@ static void radius_server_receive_auth(int sock, void *eloop_ctx,
char abuf[50];
int from_port = 0;
- buf = malloc(RADIUS_MAX_MSG_LEN);
+ buf = os_malloc(RADIUS_MAX_MSG_LEN);
if (buf == NULL) {
goto fail;
}
@@ -697,7 +697,7 @@ static void radius_server_receive_auth(int sock, void *eloop_ctx,
goto fail;
}
- free(buf);
+ os_free(buf);
buf = NULL;
if (wpa_debug_level <= MSG_MSGDUMP) {
@@ -730,9 +730,9 @@ static void radius_server_receive_auth(int sock, void *eloop_ctx,
fail:
if (msg) {
radius_msg_free(msg);
- free(msg);
+ os_free(msg);
}
- free(buf);
+ os_free(buf);
}
@@ -747,7 +747,7 @@ static int radius_server_open_socket(int port)
return -1;
}
- memset(&addr, 0, sizeof(addr));
+ os_memset(&addr, 0, sizeof(addr));
addr.sin_family = AF_INET;
addr.sin_port = htons(port);
if (bind(s, (struct sockaddr *) &addr, sizeof(addr)) < 0) {
@@ -772,9 +772,9 @@ static int radius_server_open_socket6(int port)
return -1;
}
- memset(&addr, 0, sizeof(addr));
+ os_memset(&addr, 0, sizeof(addr));
addr.sin6_family = AF_INET6;
- memcpy(&addr.sin6_addr, &in6addr_any, sizeof(in6addr_any));
+ os_memcpy(&addr.sin6_addr, &in6addr_any, sizeof(in6addr_any));
addr.sin6_port = htons(port);
if (bind(s, (struct sockaddr *) &addr, sizeof(addr)) < 0) {
perror("bind");
@@ -812,8 +812,8 @@ static void radius_server_free_clients(struct radius_server_data *data,
client = client->next;
radius_server_free_sessions(data, prev->sessions);
- free(prev->shared_secret);
- free(prev);
+ os_free(prev->shared_secret);
+ os_free(prev);
}
}
@@ -838,7 +838,7 @@ radius_server_read_clients(const char *client_file, int ipv6)
return NULL;
}
- buf = malloc(buf_size);
+ buf = os_malloc(buf_size);
if (buf == NULL) {
fclose(f);
return NULL;
@@ -901,10 +901,11 @@ radius_server_read_clients(const char *client_file, int ipv6)
/* Convert IPv4 address to IPv6 */
if (mask <= 32)
mask += (128 - 32);
- memset(addr6.s6_addr, 0, 10);
+ os_memset(addr6.s6_addr, 0, 10);
addr6.s6_addr[10] = 0xff;
addr6.s6_addr[11] = 0xff;
- memcpy(addr6.s6_addr + 12, (char *) &addr.s_addr, 4);
+ os_memcpy(addr6.s6_addr + 12, (char *) &addr.s_addr,
+ 4);
}
#endif /* CONFIG_IPV6 */
@@ -922,13 +923,13 @@ radius_server_read_clients(const char *client_file, int ipv6)
failed = 1;
break;
}
- entry->shared_secret = strdup(pos);
+ entry->shared_secret = os_strdup(pos);
if (entry->shared_secret == NULL) {
failed = 1;
- free(entry);
+ os_free(entry);
break;
}
- entry->shared_secret_len = strlen(entry->shared_secret);
+ entry->shared_secret_len = os_strlen(entry->shared_secret);
entry->addr.s_addr = addr.s_addr;
if (!ipv6) {
val = 0;
@@ -940,8 +941,8 @@ radius_server_read_clients(const char *client_file, int ipv6)
if (ipv6) {
int offset = mask / 8;
- memcpy(entry->addr6.s6_addr, addr6.s6_addr, 16);
- memset(entry->mask6.s6_addr, 0xff, offset);
+ os_memcpy(entry->addr6.s6_addr, addr6.s6_addr, 16);
+ os_memset(entry->mask6.s6_addr, 0xff, offset);
val = 0;
for (i = 0; i < (mask % 8); i++)
val |= 1 << (7 - i);
@@ -964,7 +965,7 @@ radius_server_read_clients(const char *client_file, int ipv6)
clients = NULL;
}
- free(buf);
+ os_free(buf);
fclose(f);
return clients;
@@ -1045,7 +1046,7 @@ void radius_server_deinit(struct radius_server_data *data)
radius_server_free_clients(data, data->clients);
- free(data);
+ os_free(data);
}
@@ -1069,40 +1070,40 @@ int radius_server_get_mib(struct radius_server_data *data, char *buf,
os_get_time(&now);
uptime = (now.sec - data->start_time.sec) * 100 +
((now.usec - data->start_time.usec) / 10000) % 100;
- ret = snprintf(pos, end - pos,
- "RADIUS-AUTH-SERVER-MIB\n"
- "radiusAuthServIdent=hostapd\n"
- "radiusAuthServUpTime=%d\n"
- "radiusAuthServResetTime=0\n"
- "radiusAuthServConfigReset=4\n",
- uptime);
+ ret = os_snprintf(pos, end - pos,
+ "RADIUS-AUTH-SERVER-MIB\n"
+ "radiusAuthServIdent=hostapd\n"
+ "radiusAuthServUpTime=%d\n"
+ "radiusAuthServResetTime=0\n"
+ "radiusAuthServConfigReset=4\n",
+ uptime);
if (ret < 0 || ret >= end - pos) {
*pos = '\0';
return pos - buf;
}
pos += ret;
- ret = snprintf(pos, end - pos,
- "radiusAuthServTotalAccessRequests=%u\n"
- "radiusAuthServTotalInvalidRequests=%u\n"
- "radiusAuthServTotalDupAccessRequests=%u\n"
- "radiusAuthServTotalAccessAccepts=%u\n"
- "radiusAuthServTotalAccessRejects=%u\n"
- "radiusAuthServTotalAccessChallenges=%u\n"
- "radiusAuthServTotalMalformedAccessRequests=%u\n"
- "radiusAuthServTotalBadAuthenticators=%u\n"
- "radiusAuthServTotalPacketsDropped=%u\n"
- "radiusAuthServTotalUnknownTypes=%u\n",
- data->counters.access_requests,
- data->counters.invalid_requests,
- data->counters.dup_access_requests,
- data->counters.access_accepts,
- data->counters.access_rejects,
- data->counters.access_challenges,
- data->counters.malformed_access_requests,
- data->counters.bad_authenticators,
- data->counters.packets_dropped,
- data->counters.unknown_types);
+ ret = os_snprintf(pos, end - pos,
+ "radiusAuthServTotalAccessRequests=%u\n"
+ "radiusAuthServTotalInvalidRequests=%u\n"
+ "radiusAuthServTotalDupAccessRequests=%u\n"
+ "radiusAuthServTotalAccessAccepts=%u\n"
+ "radiusAuthServTotalAccessRejects=%u\n"
+ "radiusAuthServTotalAccessChallenges=%u\n"
+ "radiusAuthServTotalMalformedAccessRequests=%u\n"
+ "radiusAuthServTotalBadAuthenticators=%u\n"
+ "radiusAuthServTotalPacketsDropped=%u\n"
+ "radiusAuthServTotalUnknownTypes=%u\n",
+ data->counters.access_requests,
+ data->counters.invalid_requests,
+ data->counters.dup_access_requests,
+ data->counters.access_accepts,
+ data->counters.access_rejects,
+ data->counters.access_challenges,
+ data->counters.malformed_access_requests,
+ data->counters.bad_authenticators,
+ data->counters.packets_dropped,
+ data->counters.unknown_types);
if (ret < 0 || ret >= end - pos) {
*pos = '\0';
return pos - buf;
@@ -1126,29 +1127,29 @@ int radius_server_get_mib(struct radius_server_data *data, char *buf,
os_strlcpy(mbuf, inet_ntoa(cli->mask), sizeof(mbuf));
}
- ret = snprintf(pos, end - pos,
- "radiusAuthClientIndex=%u\n"
- "radiusAuthClientAddress=%s/%s\n"
- "radiusAuthServAccessRequests=%u\n"
- "radiusAuthServDupAccessRequests=%u\n"
- "radiusAuthServAccessAccepts=%u\n"
- "radiusAuthServAccessRejects=%u\n"
- "radiusAuthServAccessChallenges=%u\n"
- "radiusAuthServMalformedAccessRequests=%u\n"
- "radiusAuthServBadAuthenticators=%u\n"
- "radiusAuthServPacketsDropped=%u\n"
- "radiusAuthServUnknownTypes=%u\n",
- idx,
- abuf, mbuf,
- cli->counters.access_requests,
- cli->counters.dup_access_requests,
- cli->counters.access_accepts,
- cli->counters.access_rejects,
- cli->counters.access_challenges,
- cli->counters.malformed_access_requests,
- cli->counters.bad_authenticators,
- cli->counters.packets_dropped,
- cli->counters.unknown_types);
+ ret = os_snprintf(pos, end - pos,
+ "radiusAuthClientIndex=%u\n"
+ "radiusAuthClientAddress=%s/%s\n"
+ "radiusAuthServAccessRequests=%u\n"
+ "radiusAuthServDupAccessRequests=%u\n"
+ "radiusAuthServAccessAccepts=%u\n"
+ "radiusAuthServAccessRejects=%u\n"
+ "radiusAuthServAccessChallenges=%u\n"
+ "radiusAuthServMalformedAccessRequests=%u\n"
+ "radiusAuthServBadAuthenticators=%u\n"
+ "radiusAuthServPacketsDropped=%u\n"
+ "radiusAuthServUnknownTypes=%u\n",
+ idx,
+ abuf, mbuf,
+ cli->counters.access_requests,
+ cli->counters.dup_access_requests,
+ cli->counters.access_accepts,
+ cli->counters.access_rejects,
+ cli->counters.access_challenges,
+ cli->counters.malformed_access_requests,
+ cli->counters.bad_authenticators,
+ cli->counters.packets_dropped,
+ cli->counters.unknown_types);
if (ret < 0 || ret >= end - pos) {
*pos = '\0';
return pos - buf;
@@ -1216,5 +1217,5 @@ void radius_server_eap_pending_cb(struct radius_server_data *data, void *ctx)
return; /* msg was stored with the session */
radius_msg_free(msg);
- free(msg);
+ os_free(msg);
}