Merge with upstream master

includes/configure_client.php

@@ -19,6 +19,11 @@ function DisplayWPAConfig()
         $result = 0;
         exec('sudo wpa_cli -i ' . $_SESSION['wifi_client_interface'] . ' select_network '.strval($_POST['connect']));
         $status->addMessage('New network selected', 'success');
+    } elseif (isset($_POST['wpa_reinit'])) {
+        $status->addMessage('Reinitializing wpa_supplicant', 'info', false);
+        $force_remove = true;
+        $result = reinitializeWPA($force_remove);
+        $status->addMessage($result, 'info');
     } elseif (isset($_POST['client_settings'])) {
         $tmp_networks = $networks;
         if ($wpa_file = fopen('/tmp/wifidata', 'w')) {
@@ -93,10 +98,6 @@ function DisplayWPAConfig()
         }
     }
 
-    nearbyWifiStations($networks);
-    connectedWifiStations($networks);
-    sortNetworksByRSSI($networks);
-
     $clientInterface = $_SESSION['wifi_client_interface'];
 
     exec('ip a show '.$clientInterface, $stdoutIp);

includes/functions.php

@@ -603,11 +603,10 @@ function mb_escapeshellarg($arg)
 {
     $isWindows = strtolower(substr(PHP_OS, 0, 3)) === 'win';
     if ($isWindows) {
-        $escaped_arg = str_replace(array('"', '%'), '', $arg);
+        return '"' . str_replace(array('"', '%'), '', $arg) . '"';
     } else {
-        $escaped_arg = str_replace("'", "'\\''", $arg);
+        return "'" . str_replace("'", "'\\''", $arg) . "'";
     }
-    return "\"$escaped_arg\"";
 }
 
 function dnsServers()
@@ -776,3 +775,11 @@ function qr_encode($str)
 {
     return preg_replace('/(?<!\\\)([\":;,])/', '\\\\\1', $str);
 }
+
+function evalHexSequence($string) {
+    $evaluator = function ($input) {
+	return hex2bin($input[1]);
+    };
+    return preg_replace_callback('/\\\x(..)/', $evaluator, $string);
+}
+

includes/hostapd.php

@@ -64,9 +64,8 @@ function DisplayHostAPDConfig()
             }
         }
     }
-
     exec('cat '. RASPI_HOSTAPD_CONFIG, $hostapdconfig);
-    exec('iwgetid '. $_POST['interface'].' -r', $wifiNetworkID);
+    exec('iwgetid '. escapeshellarg($_POST['interface']). ' -r', $wifiNetworkID);
     if (!empty($wifiNetworkID[0])) {
         $managedModeEnabled = true;
     }
@@ -231,11 +230,14 @@ function SaveHostAPDConfig($wpa_array, $enc_types, $modes, $interfaces, $status)
         $good_input = false;
     }
 
-    if ($_POST['wpa'] !== 'none' 
-        && (strlen($_POST['wpa_passphrase']) < 8 || strlen($_POST['wpa_passphrase']) > 63)
-    ) {
+    # NB: A pass-phrase is a sequence of between 8 and 63 ASCII-encoded characters (IEEE Std. 802.11i-2004)
+    # Each character in the pass-phrase must have an encoding in the range of 32 to 126 (decimal). (IEEE Std. 802.11i-2004, Annex H.4.1)
+    if ($_POST['wpa'] !== 'none' && (strlen($_POST['wpa_passphrase']) < 8 || strlen($_POST['wpa_passphrase']) > 63)) {
         $status->addMessage('WPA passphrase must be between 8 and 63 characters', 'danger');
         $good_input = false;
+    } elseif (!ctype_print($_POST['wpa_passphrase'])) {
+        $status->addMessage('WPA passphrase must be comprised of printable ASCII characters', 'danger');
+        $good_input = false;
     }
 
     if (isset($_POST['hiddenSSID'])) {

includes/wifi_functions.php

@@ -18,6 +18,7 @@ function knownWifiStations(&$networks)
                 switch (strtolower($lineArr[0])) {
                 case 'ssid':
                     $ssid = trim($lineArr[1], '"');
+                    $network['ssid'] = $ssid;
                     break;
                 case 'psk':
                     if (array_key_exists('passphrase', $network)) {
@@ -69,17 +70,22 @@ function nearbyWifiStations(&$networks, $cached = true)
 
     foreach (explode("\n", $scan_results) as $network) {
         $arrNetwork = preg_split("/[\t]+/", $network);  // split result into array
-        if (!array_key_exists(4, $arrNetwork) ||
-            trim($arrNetwork[4]) == $ap_ssid) {
+
+        $ssid = trim($arrNetwork[4]);
+        $ssid = evalHexSequence($ssid);
+
+        // exclude raspap ssid
+        if (empty($ssid) || $ssid == $ap_ssid) {
             continue;
         }
 
-        $ssid = trim($arrNetwork[4]);
-        // filter SSID string: anything invisible in 7bit ASCII or quotes -> ignore network
-        if (preg_match('[\x00-\x1f\x7f-\xff\'\`\´\"]', $ssid)) {
+        // filter SSID string: unprintable 7bit ASCII control codes, delete or quotes -> ignore network
+        if (preg_match('[\x00-\x1f\x7f\'\`\´\"]', $ssid)) {
             continue;
         }
 
+        $networks[$ssid]['ssid'] = $ssid;
+
         // If network is saved
         if (array_key_exists($ssid, $networks)) {
             $networks[$ssid]['visible'] = true;
@@ -157,4 +163,20 @@ function getWifiInterface()
         } 
 }
 
-?>
+/*
+ * Reinitializes wpa_supplicant for the wireless client interface
+ * The 'force' parameter deletes the socket in /var/run/wpa_supplicant/
+ *
+ * @param boolean $force
+ */
+function reinitializeWPA($force)
+{
+    if ($force == true) {
+        $cmd = escapeshellcmd("sudo /bin/rm /var/run/wpa_supplicant/".$_SESSION['wifi_client_interface']);
+        $result = exec($cmd);
+    }
+    $cmd = escapeshellcmd("sudo /sbin/wpa_supplicant -B -Dnl80211 -c/etc/wpa_supplicant/wpa_supplicant.conf -i". $_SESSION['wifi_client_interface']);
+    $result = shell_exec($cmd);
+    return $result;
+}
+