mirror of
https://github.com/vanhoefm/fragattacks.git
synced 2024-11-28 18:28:23 -05:00
Move peer certificate wpa_msg() calls to notify.c
This type of wpa_supplicant specific message construction does not need to be at the EAP implementation, so better move it up to notify.c.
This commit is contained in:
parent
ade74830b4
commit
4f525d8e5b
@ -1168,7 +1168,6 @@ static void eap_peer_sm_tls_event(void *ctx, enum tls_event ev,
|
|||||||
{
|
{
|
||||||
struct eap_sm *sm = ctx;
|
struct eap_sm *sm = ctx;
|
||||||
char *hash_hex = NULL;
|
char *hash_hex = NULL;
|
||||||
char *cert_hex = NULL;
|
|
||||||
|
|
||||||
switch (ev) {
|
switch (ev) {
|
||||||
case TLS_CERT_CHAIN_FAILURE:
|
case TLS_CERT_CHAIN_FAILURE:
|
||||||
@ -1180,6 +1179,9 @@ static void eap_peer_sm_tls_event(void *ctx, enum tls_event ev,
|
|||||||
data->cert_fail.reason_txt);
|
data->cert_fail.reason_txt);
|
||||||
break;
|
break;
|
||||||
case TLS_PEER_CERTIFICATE:
|
case TLS_PEER_CERTIFICATE:
|
||||||
|
if (!sm->eapol_cb->notify_cert)
|
||||||
|
break;
|
||||||
|
|
||||||
if (data->peer_cert.hash) {
|
if (data->peer_cert.hash) {
|
||||||
size_t len = data->peer_cert.hash_len * 2 + 1;
|
size_t len = data->peer_cert.hash_len * 2 + 1;
|
||||||
hash_hex = os_malloc(len);
|
hash_hex = os_malloc(len);
|
||||||
@ -1189,38 +1191,15 @@ static void eap_peer_sm_tls_event(void *ctx, enum tls_event ev,
|
|||||||
data->peer_cert.hash_len);
|
data->peer_cert.hash_len);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
wpa_msg(sm->msg_ctx, MSG_INFO, WPA_EVENT_EAP_PEER_CERT
|
|
||||||
"depth=%d subject='%s'%s%s",
|
|
||||||
data->peer_cert.depth, data->peer_cert.subject,
|
|
||||||
hash_hex ? " hash=" : "", hash_hex ? hash_hex : "");
|
|
||||||
|
|
||||||
if (data->peer_cert.cert) {
|
|
||||||
size_t len = wpabuf_len(data->peer_cert.cert) * 2 + 1;
|
|
||||||
cert_hex = os_malloc(len);
|
|
||||||
if (cert_hex == NULL)
|
|
||||||
break;
|
|
||||||
wpa_snprintf_hex(cert_hex, len,
|
|
||||||
wpabuf_head(data->peer_cert.cert),
|
|
||||||
wpabuf_len(data->peer_cert.cert));
|
|
||||||
wpa_msg_ctrl(sm->msg_ctx, MSG_INFO,
|
|
||||||
WPA_EVENT_EAP_PEER_CERT
|
|
||||||
"depth=%d subject='%s' cert=%s",
|
|
||||||
data->peer_cert.depth,
|
|
||||||
data->peer_cert.subject,
|
|
||||||
cert_hex);
|
|
||||||
}
|
|
||||||
if (sm->eapol_cb->notify_cert) {
|
|
||||||
sm->eapol_cb->notify_cert(sm->eapol_ctx,
|
sm->eapol_cb->notify_cert(sm->eapol_ctx,
|
||||||
data->peer_cert.depth,
|
data->peer_cert.depth,
|
||||||
data->peer_cert.subject,
|
data->peer_cert.subject,
|
||||||
hash_hex,
|
hash_hex, data->peer_cert.cert);
|
||||||
data->peer_cert.cert);
|
|
||||||
}
|
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
os_free(hash_hex);
|
os_free(hash_hex);
|
||||||
os_free(cert_hex);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
/*
|
/*
|
||||||
* WPA Supplicant - test code
|
* WPA Supplicant - test code
|
||||||
* Copyright (c) 2003-2007, Jouni Malinen <j@w1.fi>
|
* Copyright (c) 2003-2011, Jouni Malinen <j@w1.fi>
|
||||||
*
|
*
|
||||||
* This program is free software; you can redistribute it and/or modify
|
* This program is free software; you can redistribute it and/or modify
|
||||||
* it under the terms of the GNU General Public License version 2 as
|
* it under the terms of the GNU General Public License version 2 as
|
||||||
@ -29,6 +29,7 @@
|
|||||||
#include "wpa_supplicant_i.h"
|
#include "wpa_supplicant_i.h"
|
||||||
#include "radius/radius.h"
|
#include "radius/radius.h"
|
||||||
#include "radius/radius_client.h"
|
#include "radius/radius_client.h"
|
||||||
|
#include "common/wpa_ctrl.h"
|
||||||
#include "ctrl_iface.h"
|
#include "ctrl_iface.h"
|
||||||
#include "pcsc_funcs.h"
|
#include "pcsc_funcs.h"
|
||||||
|
|
||||||
@ -383,6 +384,35 @@ static void eapol_sm_cb(struct eapol_sm *eapol, int success, void *ctx)
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
static void eapol_test_cert_cb(void *ctx, int depth, const char *subject,
|
||||||
|
const char *cert_hash,
|
||||||
|
const struct wpabuf *cert)
|
||||||
|
{
|
||||||
|
struct eapol_test_data *e = ctx;
|
||||||
|
|
||||||
|
wpa_msg(e->wpa_s, MSG_INFO, WPA_EVENT_EAP_PEER_CERT
|
||||||
|
"depth=%d subject='%s'%s%s",
|
||||||
|
depth, subject,
|
||||||
|
cert_hash ? " hash=" : "",
|
||||||
|
cert_hash ? cert_hash : "");
|
||||||
|
|
||||||
|
if (cert) {
|
||||||
|
char *cert_hex;
|
||||||
|
size_t len = wpabuf_len(cert) * 2 + 1;
|
||||||
|
cert_hex = os_malloc(len);
|
||||||
|
if (cert_hex) {
|
||||||
|
wpa_snprintf_hex(cert_hex, len, wpabuf_head(cert),
|
||||||
|
wpabuf_len(cert));
|
||||||
|
wpa_msg_ctrl(e->wpa_s, MSG_INFO,
|
||||||
|
WPA_EVENT_EAP_PEER_CERT
|
||||||
|
"depth=%d subject='%s' cert=%s",
|
||||||
|
depth, subject, cert_hex);
|
||||||
|
os_free(cert_hex);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
static int test_eapol(struct eapol_test_data *e, struct wpa_supplicant *wpa_s,
|
static int test_eapol(struct eapol_test_data *e, struct wpa_supplicant *wpa_s,
|
||||||
struct wpa_ssid *ssid)
|
struct wpa_ssid *ssid)
|
||||||
{
|
{
|
||||||
@ -408,6 +438,7 @@ static int test_eapol(struct eapol_test_data *e, struct wpa_supplicant *wpa_s,
|
|||||||
ctx->opensc_engine_path = wpa_s->conf->opensc_engine_path;
|
ctx->opensc_engine_path = wpa_s->conf->opensc_engine_path;
|
||||||
ctx->pkcs11_engine_path = wpa_s->conf->pkcs11_engine_path;
|
ctx->pkcs11_engine_path = wpa_s->conf->pkcs11_engine_path;
|
||||||
ctx->pkcs11_module_path = wpa_s->conf->pkcs11_module_path;
|
ctx->pkcs11_module_path = wpa_s->conf->pkcs11_module_path;
|
||||||
|
ctx->cert_cb = eapol_test_cert_cb;
|
||||||
|
|
||||||
wpa_s->eapol = eapol_sm_init(ctx);
|
wpa_s->eapol = eapol_sm_init(ctx);
|
||||||
if (wpa_s->eapol == NULL) {
|
if (wpa_s->eapol == NULL) {
|
||||||
|
@ -561,6 +561,27 @@ void wpas_notify_certification(struct wpa_supplicant *wpa_s, int depth,
|
|||||||
const char *subject, const char *cert_hash,
|
const char *subject, const char *cert_hash,
|
||||||
const struct wpabuf *cert)
|
const struct wpabuf *cert)
|
||||||
{
|
{
|
||||||
|
wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_EAP_PEER_CERT
|
||||||
|
"depth=%d subject='%s'%s%s",
|
||||||
|
depth, subject,
|
||||||
|
cert_hash ? " hash=" : "",
|
||||||
|
cert_hash ? cert_hash : "");
|
||||||
|
|
||||||
|
if (cert) {
|
||||||
|
char *cert_hex;
|
||||||
|
size_t len = wpabuf_len(cert) * 2 + 1;
|
||||||
|
cert_hex = os_malloc(len);
|
||||||
|
if (cert_hex) {
|
||||||
|
wpa_snprintf_hex(cert_hex, len, wpabuf_head(cert),
|
||||||
|
wpabuf_len(cert));
|
||||||
|
wpa_msg_ctrl(wpa_s, MSG_INFO,
|
||||||
|
WPA_EVENT_EAP_PEER_CERT
|
||||||
|
"depth=%d subject='%s' cert=%s",
|
||||||
|
depth, subject, cert_hex);
|
||||||
|
os_free(cert_hex);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
/* notify the old DBus API */
|
/* notify the old DBus API */
|
||||||
wpa_supplicant_dbus_notify_certification(wpa_s, depth, subject,
|
wpa_supplicant_dbus_notify_certification(wpa_s, depth, subject,
|
||||||
cert_hash, cert);
|
cert_hash, cert);
|
||||||
|
Loading…
Reference in New Issue
Block a user