fix(wpa_supplicant): Avoid dereferencing a dangling function pointer in WPS
Closes WIFI-6373, WIFIBUG-301, and WIFIBUG-163
See merge request espressif/esp-idf!28521
1. mem_burst_length register field correction
2. remove dma buffer addr range restriction
3. M2M periph sel ID no need to be identical for TX and RX channels
4. correct rx descriptor owner field auto clear
5. remove fsm idle assertion for ERR_EOF
This commit rewrite the 'usb_wrap_ll.h' API as follows:
- All APIs renamed from 'usb_fsls_phy_ll_...()' to 'usb_wrap_ll_...()'
- APIs now match their equivalent counter parts in 'usb_serial_jtag_ll.h'
For targets that only contain a USJ peripheral (and not a DWC OTG), their
'usb_fsls_phy_ll.h' headers only contain a single function
('usb_fsls_phy_ll_int_jtag_enable()') whose feature is already covered by
functions in 'usb_serial_jtag_ll.h'. Thus, this header is redundant.
This commit does the following:
- Remove 'usb_fsls_phy_ll.h' for targets that only contain a USJ peripheral
- Rename 'usb_fsls_phy_[hal|ll].[h|c]' to `usb_wrap_[hal|ll].[h|c]` for targets
that contain a DWC OTG peripheral. This better reflects the underlying peripheral
that the LL header accesses.
Make sure that WPS registrar public APIs do not modify supplicant
data in application task context. Execute API functionlity in eloop
context to prevent protential race conditions.
Avoid dereferencing a dangling function pointer in 'eap_server_sm_deinit()'.
This issue arises when hostap unregisteres EAP methods before it removes
the server state machine for station.
docs(ulp): updated lp core docs with P4 related info
Closes IDF-7752, IDF-7741, IDF-7740, IDF-9485, IDF-9473, and IDF-9474
See merge request espressif/esp-idf!29592
The previous PEAP client behavior allowed the server to skip Phase 2
authentication with the expectation that the server was authenticated
during Phase 1 through TLS server certificate validation. Various PEAP
specifications are not exactly clear on what the behavior on this front
is supposed to be and as such, this ended up being more flexible than
the TTLS/FAST/TEAP cases. However, this is not really ideal when
unfortunately common misconfiguration of PEAP is used in deployed
devices where the server trust root (ca_cert) is not configured or the
user has an easy option for allowing this validation step to be skipped.
Change the default PEAP client behavior to be to require Phase 2
authentication to be successfully completed for cases where TLS session
resumption is not used and the client certificate has not been
configured. Those two exceptions are the main cases where a deployed
authentication server might skip Phase 2 and as such, where a more
strict default behavior could result in undesired interoperability
issues. Requiring Phase 2 authentication will end up disabling TLS
session resumption automatically to avoid interoperability issues.
Allow Phase 2 authentication behavior to be configured with a new phase1
configuration parameter option:
'phase2_auth' option can be used to control Phase 2 (i.e., within TLS
tunnel) behavior for PEAP:
* 0 = do not require Phase 2 authentication
* 1 = require Phase 2 authentication when client certificate
(private_key/client_cert) is no used and TLS session resumption was
not used (default)
* 2 = require Phase 2 authentication in all cases