mirror of
https://github.com/vanhoefm/fragattacks.git
synced 2024-11-25 00:38:24 -05:00
EAP peer: Convert Boolean to C99 bool
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This commit is contained in:
parent
c9d70dd329
commit
d15e109e29
@ -37,8 +37,8 @@
|
|||||||
#define EAP_CLIENT_TIMEOUT_DEFAULT 60
|
#define EAP_CLIENT_TIMEOUT_DEFAULT 60
|
||||||
|
|
||||||
|
|
||||||
static Boolean eap_sm_allowMethod(struct eap_sm *sm, int vendor,
|
static bool eap_sm_allowMethod(struct eap_sm *sm, int vendor,
|
||||||
enum eap_type method);
|
enum eap_type method);
|
||||||
static struct wpabuf * eap_sm_buildNak(struct eap_sm *sm, int id);
|
static struct wpabuf * eap_sm_buildNak(struct eap_sm *sm, int id);
|
||||||
static void eap_sm_processIdentity(struct eap_sm *sm,
|
static void eap_sm_processIdentity(struct eap_sm *sm,
|
||||||
const struct wpabuf *req);
|
const struct wpabuf *req);
|
||||||
@ -54,14 +54,14 @@ static void eap_sm_request(struct eap_sm *sm, enum wpa_ctrl_req_type field,
|
|||||||
|
|
||||||
|
|
||||||
|
|
||||||
static Boolean eapol_get_bool(struct eap_sm *sm, enum eapol_bool_var var)
|
static bool eapol_get_bool(struct eap_sm *sm, enum eapol_bool_var var)
|
||||||
{
|
{
|
||||||
return sm->eapol_cb->get_bool(sm->eapol_ctx, var);
|
return sm->eapol_cb->get_bool(sm->eapol_ctx, var);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
static void eapol_set_bool(struct eap_sm *sm, enum eapol_bool_var var,
|
static void eapol_set_bool(struct eap_sm *sm, enum eapol_bool_var var,
|
||||||
Boolean value)
|
bool value)
|
||||||
{
|
{
|
||||||
sm->eapol_cb->set_bool(sm->eapol_ctx, var, value);
|
sm->eapol_cb->set_bool(sm->eapol_ctx, var, value);
|
||||||
}
|
}
|
||||||
@ -210,8 +210,8 @@ static int eap_sm_append_3gpp_realm(struct eap_sm *sm, char *imsi,
|
|||||||
|
|
||||||
/*
|
/*
|
||||||
* This state initializes state machine variables when the machine is
|
* This state initializes state machine variables when the machine is
|
||||||
* activated (portEnabled = TRUE). This is also used when re-starting
|
* activated (portEnabled = true). This is also used when re-starting
|
||||||
* authentication (eapRestart == TRUE).
|
* authentication (eapRestart == true).
|
||||||
*/
|
*/
|
||||||
SM_STATE(EAP, INITIALIZE)
|
SM_STATE(EAP, INITIALIZE)
|
||||||
{
|
{
|
||||||
@ -229,17 +229,17 @@ SM_STATE(EAP, INITIALIZE)
|
|||||||
}
|
}
|
||||||
sm->selectedMethod = EAP_TYPE_NONE;
|
sm->selectedMethod = EAP_TYPE_NONE;
|
||||||
sm->methodState = METHOD_NONE;
|
sm->methodState = METHOD_NONE;
|
||||||
sm->allowNotifications = TRUE;
|
sm->allowNotifications = true;
|
||||||
sm->decision = DECISION_FAIL;
|
sm->decision = DECISION_FAIL;
|
||||||
sm->ClientTimeout = EAP_CLIENT_TIMEOUT_DEFAULT;
|
sm->ClientTimeout = EAP_CLIENT_TIMEOUT_DEFAULT;
|
||||||
eapol_set_int(sm, EAPOL_idleWhile, sm->ClientTimeout);
|
eapol_set_int(sm, EAPOL_idleWhile, sm->ClientTimeout);
|
||||||
eapol_set_bool(sm, EAPOL_eapSuccess, FALSE);
|
eapol_set_bool(sm, EAPOL_eapSuccess, false);
|
||||||
eapol_set_bool(sm, EAPOL_eapFail, FALSE);
|
eapol_set_bool(sm, EAPOL_eapFail, false);
|
||||||
eap_sm_free_key(sm);
|
eap_sm_free_key(sm);
|
||||||
os_free(sm->eapSessionId);
|
os_free(sm->eapSessionId);
|
||||||
sm->eapSessionId = NULL;
|
sm->eapSessionId = NULL;
|
||||||
sm->eapKeyAvailable = FALSE;
|
sm->eapKeyAvailable = false;
|
||||||
eapol_set_bool(sm, EAPOL_eapRestart, FALSE);
|
eapol_set_bool(sm, EAPOL_eapRestart, false);
|
||||||
sm->lastId = -1; /* new session - make sure this does not match with
|
sm->lastId = -1; /* new session - make sure this does not match with
|
||||||
* the first EAP-Packet */
|
* the first EAP-Packet */
|
||||||
/*
|
/*
|
||||||
@ -247,16 +247,16 @@ SM_STATE(EAP, INITIALIZE)
|
|||||||
* seemed to be able to trigger cases where both were set and if EAPOL
|
* seemed to be able to trigger cases where both were set and if EAPOL
|
||||||
* state machine uses eapNoResp first, it may end up not sending a real
|
* state machine uses eapNoResp first, it may end up not sending a real
|
||||||
* reply correctly. This occurred when the workaround in FAIL state set
|
* reply correctly. This occurred when the workaround in FAIL state set
|
||||||
* eapNoResp = TRUE.. Maybe that workaround needs to be fixed to do
|
* eapNoResp = true.. Maybe that workaround needs to be fixed to do
|
||||||
* something else(?)
|
* something else(?)
|
||||||
*/
|
*/
|
||||||
eapol_set_bool(sm, EAPOL_eapResp, FALSE);
|
eapol_set_bool(sm, EAPOL_eapResp, false);
|
||||||
eapol_set_bool(sm, EAPOL_eapNoResp, FALSE);
|
eapol_set_bool(sm, EAPOL_eapNoResp, false);
|
||||||
/*
|
/*
|
||||||
* RFC 4137 does not reset ignore here, but since it is possible for
|
* RFC 4137 does not reset ignore here, but since it is possible for
|
||||||
* some method code paths to end up not setting ignore=FALSE, clear the
|
* some method code paths to end up not setting ignore=false, clear the
|
||||||
* value here to avoid issues if a previous authentication attempt
|
* value here to avoid issues if a previous authentication attempt
|
||||||
* failed with ignore=TRUE being left behind in the last
|
* failed with ignore=true being left behind in the last
|
||||||
* m.check(eapReqData) operation.
|
* m.check(eapReqData) operation.
|
||||||
*/
|
*/
|
||||||
sm->ignore = 0;
|
sm->ignore = 0;
|
||||||
@ -264,7 +264,7 @@ SM_STATE(EAP, INITIALIZE)
|
|||||||
sm->num_rounds_short = 0;
|
sm->num_rounds_short = 0;
|
||||||
sm->prev_failure = 0;
|
sm->prev_failure = 0;
|
||||||
sm->expected_failure = 0;
|
sm->expected_failure = 0;
|
||||||
sm->reauthInit = FALSE;
|
sm->reauthInit = false;
|
||||||
sm->erp_seq = (u32) -1;
|
sm->erp_seq = (u32) -1;
|
||||||
sm->use_machine_cred = 0;
|
sm->use_machine_cred = 0;
|
||||||
}
|
}
|
||||||
@ -272,7 +272,7 @@ SM_STATE(EAP, INITIALIZE)
|
|||||||
|
|
||||||
/*
|
/*
|
||||||
* This state is reached whenever service from the lower layer is interrupted
|
* This state is reached whenever service from the lower layer is interrupted
|
||||||
* or unavailable (portEnabled == FALSE). Immediate transition to INITIALIZE
|
* or unavailable (portEnabled == false). Immediate transition to INITIALIZE
|
||||||
* occurs when the port becomes enabled.
|
* occurs when the port becomes enabled.
|
||||||
*/
|
*/
|
||||||
SM_STATE(EAP, DISABLED)
|
SM_STATE(EAP, DISABLED)
|
||||||
@ -301,7 +301,7 @@ SM_STATE(EAP, IDLE)
|
|||||||
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* This state is entered when an EAP packet is received (eapReq == TRUE) to
|
* This state is entered when an EAP packet is received (eapReq == true) to
|
||||||
* parse the packet header.
|
* parse the packet header.
|
||||||
*/
|
*/
|
||||||
SM_STATE(EAP, RECEIVED)
|
SM_STATE(EAP, RECEIVED)
|
||||||
@ -866,7 +866,7 @@ static int eap_peer_erp_reauth_start(struct eap_sm *sm, u8 eap_id)
|
|||||||
wpa_printf(MSG_DEBUG, "EAP: Sending EAP-Initiate/Re-auth");
|
wpa_printf(MSG_DEBUG, "EAP: Sending EAP-Initiate/Re-auth");
|
||||||
wpabuf_free(sm->eapRespData);
|
wpabuf_free(sm->eapRespData);
|
||||||
sm->eapRespData = msg;
|
sm->eapRespData = msg;
|
||||||
sm->reauthInit = TRUE;
|
sm->reauthInit = true;
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
#endif /* CONFIG_ERP */
|
#endif /* CONFIG_ERP */
|
||||||
@ -964,14 +964,14 @@ SM_STATE(EAP, SEND_RESPONSE)
|
|||||||
os_memcpy(sm->last_sha1, sm->req_sha1, 20);
|
os_memcpy(sm->last_sha1, sm->req_sha1, 20);
|
||||||
sm->lastId = sm->reqId;
|
sm->lastId = sm->reqId;
|
||||||
sm->lastRespData = wpabuf_dup(sm->eapRespData);
|
sm->lastRespData = wpabuf_dup(sm->eapRespData);
|
||||||
eapol_set_bool(sm, EAPOL_eapResp, TRUE);
|
eapol_set_bool(sm, EAPOL_eapResp, true);
|
||||||
} else {
|
} else {
|
||||||
wpa_printf(MSG_DEBUG, "EAP: No eapRespData available");
|
wpa_printf(MSG_DEBUG, "EAP: No eapRespData available");
|
||||||
sm->lastRespData = NULL;
|
sm->lastRespData = NULL;
|
||||||
}
|
}
|
||||||
eapol_set_bool(sm, EAPOL_eapReq, FALSE);
|
eapol_set_bool(sm, EAPOL_eapReq, false);
|
||||||
eapol_set_int(sm, EAPOL_idleWhile, sm->ClientTimeout);
|
eapol_set_int(sm, EAPOL_idleWhile, sm->ClientTimeout);
|
||||||
sm->reauthInit = FALSE;
|
sm->reauthInit = false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
@ -982,8 +982,8 @@ SM_STATE(EAP, SEND_RESPONSE)
|
|||||||
SM_STATE(EAP, DISCARD)
|
SM_STATE(EAP, DISCARD)
|
||||||
{
|
{
|
||||||
SM_ENTRY(EAP, DISCARD);
|
SM_ENTRY(EAP, DISCARD);
|
||||||
eapol_set_bool(sm, EAPOL_eapReq, FALSE);
|
eapol_set_bool(sm, EAPOL_eapReq, false);
|
||||||
eapol_set_bool(sm, EAPOL_eapNoResp, TRUE);
|
eapol_set_bool(sm, EAPOL_eapNoResp, true);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
@ -1048,15 +1048,15 @@ SM_STATE(EAP, SUCCESS)
|
|||||||
|
|
||||||
SM_ENTRY(EAP, SUCCESS);
|
SM_ENTRY(EAP, SUCCESS);
|
||||||
if (sm->eapKeyData != NULL)
|
if (sm->eapKeyData != NULL)
|
||||||
sm->eapKeyAvailable = TRUE;
|
sm->eapKeyAvailable = true;
|
||||||
eapol_set_bool(sm, EAPOL_eapSuccess, TRUE);
|
eapol_set_bool(sm, EAPOL_eapSuccess, true);
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* RFC 4137 does not clear eapReq here, but this seems to be required
|
* RFC 4137 does not clear eapReq here, but this seems to be required
|
||||||
* to avoid processing the same request twice when state machine is
|
* to avoid processing the same request twice when state machine is
|
||||||
* initialized.
|
* initialized.
|
||||||
*/
|
*/
|
||||||
eapol_set_bool(sm, EAPOL_eapReq, FALSE);
|
eapol_set_bool(sm, EAPOL_eapReq, false);
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* RFC 4137 does not set eapNoResp here, but this seems to be required
|
* RFC 4137 does not set eapNoResp here, but this seems to be required
|
||||||
@ -1064,7 +1064,7 @@ SM_STATE(EAP, SUCCESS)
|
|||||||
* addition, either eapResp or eapNoResp is required to be set after
|
* addition, either eapResp or eapNoResp is required to be set after
|
||||||
* processing the received EAP frame.
|
* processing the received EAP frame.
|
||||||
*/
|
*/
|
||||||
eapol_set_bool(sm, EAPOL_eapNoResp, TRUE);
|
eapol_set_bool(sm, EAPOL_eapNoResp, true);
|
||||||
|
|
||||||
wpa_msg(sm->msg_ctx, MSG_INFO, WPA_EVENT_EAP_SUCCESS
|
wpa_msg(sm->msg_ctx, MSG_INFO, WPA_EVENT_EAP_SUCCESS
|
||||||
"EAP authentication completed successfully");
|
"EAP authentication completed successfully");
|
||||||
@ -1083,21 +1083,21 @@ SM_STATE(EAP, SUCCESS)
|
|||||||
SM_STATE(EAP, FAILURE)
|
SM_STATE(EAP, FAILURE)
|
||||||
{
|
{
|
||||||
SM_ENTRY(EAP, FAILURE);
|
SM_ENTRY(EAP, FAILURE);
|
||||||
eapol_set_bool(sm, EAPOL_eapFail, TRUE);
|
eapol_set_bool(sm, EAPOL_eapFail, true);
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* RFC 4137 does not clear eapReq here, but this seems to be required
|
* RFC 4137 does not clear eapReq here, but this seems to be required
|
||||||
* to avoid processing the same request twice when state machine is
|
* to avoid processing the same request twice when state machine is
|
||||||
* initialized.
|
* initialized.
|
||||||
*/
|
*/
|
||||||
eapol_set_bool(sm, EAPOL_eapReq, FALSE);
|
eapol_set_bool(sm, EAPOL_eapReq, false);
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* RFC 4137 does not set eapNoResp here. However, either eapResp or
|
* RFC 4137 does not set eapNoResp here. However, either eapResp or
|
||||||
* eapNoResp is required to be set after processing the received EAP
|
* eapNoResp is required to be set after processing the received EAP
|
||||||
* frame.
|
* frame.
|
||||||
*/
|
*/
|
||||||
eapol_set_bool(sm, EAPOL_eapNoResp, TRUE);
|
eapol_set_bool(sm, EAPOL_eapNoResp, true);
|
||||||
|
|
||||||
wpa_msg(sm->msg_ctx, MSG_INFO, WPA_EVENT_EAP_FAILURE
|
wpa_msg(sm->msg_ctx, MSG_INFO, WPA_EVENT_EAP_FAILURE
|
||||||
"EAP authentication failed");
|
"EAP authentication failed");
|
||||||
@ -1367,19 +1367,19 @@ SM_STEP(EAP)
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
static Boolean eap_sm_allowMethod(struct eap_sm *sm, int vendor,
|
static bool eap_sm_allowMethod(struct eap_sm *sm, int vendor,
|
||||||
enum eap_type method)
|
enum eap_type method)
|
||||||
{
|
{
|
||||||
if (!eap_allowed_method(sm, vendor, method)) {
|
if (!eap_allowed_method(sm, vendor, method)) {
|
||||||
wpa_printf(MSG_DEBUG, "EAP: configuration does not allow: "
|
wpa_printf(MSG_DEBUG, "EAP: configuration does not allow: "
|
||||||
"vendor %u method %u", vendor, method);
|
"vendor %u method %u", vendor, method);
|
||||||
return FALSE;
|
return false;
|
||||||
}
|
}
|
||||||
if (eap_peer_get_eap_method(vendor, method))
|
if (eap_peer_get_eap_method(vendor, method))
|
||||||
return TRUE;
|
return true;
|
||||||
wpa_printf(MSG_DEBUG, "EAP: not included in build: "
|
wpa_printf(MSG_DEBUG, "EAP: not included in build: "
|
||||||
"vendor %u method %u", vendor, method);
|
"vendor %u method %u", vendor, method);
|
||||||
return FALSE;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
@ -1802,7 +1802,7 @@ invalid:
|
|||||||
#endif /* CONFIG_ERP */
|
#endif /* CONFIG_ERP */
|
||||||
wpa_printf(MSG_DEBUG,
|
wpa_printf(MSG_DEBUG,
|
||||||
"EAP: EAP-Initiate/Re-auth-Start - No suitable ERP keys available - try to start full EAP authentication");
|
"EAP: EAP-Initiate/Re-auth-Start - No suitable ERP keys available - try to start full EAP authentication");
|
||||||
eapol_set_bool(sm, EAPOL_eapTriggerStart, TRUE);
|
eapol_set_bool(sm, EAPOL_eapTriggerStart, true);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
@ -1926,9 +1926,9 @@ no_auth_tag:
|
|||||||
if (flags & 0x80 || !auth_tag_ok) {
|
if (flags & 0x80 || !auth_tag_ok) {
|
||||||
wpa_printf(MSG_DEBUG,
|
wpa_printf(MSG_DEBUG,
|
||||||
"EAP: EAP-Finish/Re-auth indicated failure");
|
"EAP: EAP-Finish/Re-auth indicated failure");
|
||||||
eapol_set_bool(sm, EAPOL_eapFail, TRUE);
|
eapol_set_bool(sm, EAPOL_eapFail, true);
|
||||||
eapol_set_bool(sm, EAPOL_eapReq, FALSE);
|
eapol_set_bool(sm, EAPOL_eapReq, false);
|
||||||
eapol_set_bool(sm, EAPOL_eapNoResp, TRUE);
|
eapol_set_bool(sm, EAPOL_eapNoResp, true);
|
||||||
wpa_msg(sm->msg_ctx, MSG_INFO, WPA_EVENT_EAP_FAILURE
|
wpa_msg(sm->msg_ctx, MSG_INFO, WPA_EVENT_EAP_FAILURE
|
||||||
"EAP authentication failed");
|
"EAP authentication failed");
|
||||||
sm->prev_failure = 1;
|
sm->prev_failure = 1;
|
||||||
@ -1957,10 +1957,10 @@ no_auth_tag:
|
|||||||
}
|
}
|
||||||
wpa_hexdump_key(MSG_DEBUG, "EAP: ERP rMSK",
|
wpa_hexdump_key(MSG_DEBUG, "EAP: ERP rMSK",
|
||||||
sm->eapKeyData, sm->eapKeyDataLen);
|
sm->eapKeyData, sm->eapKeyDataLen);
|
||||||
sm->eapKeyAvailable = TRUE;
|
sm->eapKeyAvailable = true;
|
||||||
eapol_set_bool(sm, EAPOL_eapSuccess, TRUE);
|
eapol_set_bool(sm, EAPOL_eapSuccess, true);
|
||||||
eapol_set_bool(sm, EAPOL_eapReq, FALSE);
|
eapol_set_bool(sm, EAPOL_eapReq, false);
|
||||||
eapol_set_bool(sm, EAPOL_eapNoResp, TRUE);
|
eapol_set_bool(sm, EAPOL_eapNoResp, true);
|
||||||
wpa_msg(sm->msg_ctx, MSG_INFO, WPA_EVENT_EAP_SUCCESS
|
wpa_msg(sm->msg_ctx, MSG_INFO, WPA_EVENT_EAP_SUCCESS
|
||||||
"EAP re-authentication completed successfully");
|
"EAP re-authentication completed successfully");
|
||||||
#endif /* CONFIG_ERP */
|
#endif /* CONFIG_ERP */
|
||||||
@ -1973,7 +1973,7 @@ static void eap_sm_parseEapReq(struct eap_sm *sm, const struct wpabuf *req)
|
|||||||
size_t plen;
|
size_t plen;
|
||||||
const u8 *pos;
|
const u8 *pos;
|
||||||
|
|
||||||
sm->rxReq = sm->rxResp = sm->rxSuccess = sm->rxFailure = FALSE;
|
sm->rxReq = sm->rxResp = sm->rxSuccess = sm->rxFailure = false;
|
||||||
sm->reqId = 0;
|
sm->reqId = 0;
|
||||||
sm->reqMethod = EAP_TYPE_NONE;
|
sm->reqMethod = EAP_TYPE_NONE;
|
||||||
sm->reqVendor = EAP_VENDOR_IETF;
|
sm->reqVendor = EAP_VENDOR_IETF;
|
||||||
@ -2007,7 +2007,7 @@ static void eap_sm_parseEapReq(struct eap_sm *sm, const struct wpabuf *req)
|
|||||||
"no Type field");
|
"no Type field");
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
sm->rxReq = TRUE;
|
sm->rxReq = true;
|
||||||
pos = (const u8 *) (hdr + 1);
|
pos = (const u8 *) (hdr + 1);
|
||||||
sm->reqMethod = *pos++;
|
sm->reqMethod = *pos++;
|
||||||
if (sm->reqMethod == EAP_TYPE_EXPANDED) {
|
if (sm->reqMethod == EAP_TYPE_EXPANDED) {
|
||||||
@ -2038,7 +2038,7 @@ static void eap_sm_parseEapReq(struct eap_sm *sm, const struct wpabuf *req)
|
|||||||
"EAP-Response - no Type field");
|
"EAP-Response - no Type field");
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
sm->rxResp = TRUE;
|
sm->rxResp = true;
|
||||||
pos = (const u8 *) (hdr + 1);
|
pos = (const u8 *) (hdr + 1);
|
||||||
sm->reqMethod = *pos;
|
sm->reqMethod = *pos;
|
||||||
wpa_printf(MSG_DEBUG, "EAP: Received EAP-Response for "
|
wpa_printf(MSG_DEBUG, "EAP: Received EAP-Response for "
|
||||||
@ -2051,7 +2051,7 @@ static void eap_sm_parseEapReq(struct eap_sm *sm, const struct wpabuf *req)
|
|||||||
case EAP_CODE_SUCCESS:
|
case EAP_CODE_SUCCESS:
|
||||||
wpa_printf(MSG_DEBUG, "EAP: Received EAP-Success");
|
wpa_printf(MSG_DEBUG, "EAP: Received EAP-Success");
|
||||||
eap_notify_status(sm, "completion", "success");
|
eap_notify_status(sm, "completion", "success");
|
||||||
sm->rxSuccess = TRUE;
|
sm->rxSuccess = true;
|
||||||
break;
|
break;
|
||||||
case EAP_CODE_FAILURE:
|
case EAP_CODE_FAILURE:
|
||||||
wpa_printf(MSG_DEBUG, "EAP: Received EAP-Failure");
|
wpa_printf(MSG_DEBUG, "EAP: Received EAP-Failure");
|
||||||
@ -2065,7 +2065,7 @@ static void eap_sm_parseEapReq(struct eap_sm *sm, const struct wpabuf *req)
|
|||||||
if (error_code != NO_EAP_METHOD_ERROR)
|
if (error_code != NO_EAP_METHOD_ERROR)
|
||||||
eap_report_error(sm, error_code);
|
eap_report_error(sm, error_code);
|
||||||
}
|
}
|
||||||
sm->rxFailure = TRUE;
|
sm->rxFailure = true;
|
||||||
break;
|
break;
|
||||||
case EAP_CODE_INITIATE:
|
case EAP_CODE_INITIATE:
|
||||||
eap_peer_initiate(sm, hdr, plen);
|
eap_peer_initiate(sm, hdr, plen);
|
||||||
@ -2233,7 +2233,7 @@ int eap_peer_sm_step(struct eap_sm *sm)
|
|||||||
{
|
{
|
||||||
int res = 0;
|
int res = 0;
|
||||||
do {
|
do {
|
||||||
sm->changed = FALSE;
|
sm->changed = false;
|
||||||
SM_STEP_RUN(EAP);
|
SM_STEP_RUN(EAP);
|
||||||
if (sm->changed)
|
if (sm->changed)
|
||||||
res = 1;
|
res = 1;
|
||||||
@ -2262,7 +2262,7 @@ void eap_sm_abort(struct eap_sm *sm)
|
|||||||
/* This is not clearly specified in the EAP statemachines draft, but
|
/* This is not clearly specified in the EAP statemachines draft, but
|
||||||
* it seems necessary to make sure that some of the EAPOL variables get
|
* it seems necessary to make sure that some of the EAPOL variables get
|
||||||
* cleared for the next authentication. */
|
* cleared for the next authentication. */
|
||||||
eapol_set_bool(sm, EAPOL_eapSuccess, FALSE);
|
eapol_set_bool(sm, EAPOL_eapSuccess, false);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
@ -3005,8 +3005,8 @@ void eap_notify_lower_layer_success(struct eap_sm *sm)
|
|||||||
return;
|
return;
|
||||||
|
|
||||||
if (sm->eapKeyData != NULL)
|
if (sm->eapKeyData != NULL)
|
||||||
sm->eapKeyAvailable = TRUE;
|
sm->eapKeyAvailable = true;
|
||||||
eapol_set_bool(sm, EAPOL_eapSuccess, TRUE);
|
eapol_set_bool(sm, EAPOL_eapSuccess, true);
|
||||||
wpa_msg(sm->msg_ctx, MSG_INFO, WPA_EVENT_EAP_SUCCESS
|
wpa_msg(sm->msg_ctx, MSG_INFO, WPA_EVENT_EAP_SUCCESS
|
||||||
"EAP authentication completed successfully (based on lower "
|
"EAP authentication completed successfully (based on lower "
|
||||||
"layer success)");
|
"layer success)");
|
||||||
|
@ -44,7 +44,7 @@ enum eapol_bool_var {
|
|||||||
/**
|
/**
|
||||||
* EAPOL_eapRestart - Lower layer request to restart authentication
|
* EAPOL_eapRestart - Lower layer request to restart authentication
|
||||||
*
|
*
|
||||||
* Set to TRUE in lower layer, FALSE in EAP state machine.
|
* Set to true in lower layer, false in EAP state machine.
|
||||||
*/
|
*/
|
||||||
EAPOL_eapRestart,
|
EAPOL_eapRestart,
|
||||||
|
|
||||||
@ -58,21 +58,21 @@ enum eapol_bool_var {
|
|||||||
/**
|
/**
|
||||||
* EAPOL_eapResp - Response to send
|
* EAPOL_eapResp - Response to send
|
||||||
*
|
*
|
||||||
* Set to TRUE in EAP state machine, FALSE in lower layer.
|
* Set to true in EAP state machine, false in lower layer.
|
||||||
*/
|
*/
|
||||||
EAPOL_eapResp,
|
EAPOL_eapResp,
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* EAPOL_eapNoResp - Request has been process; no response to send
|
* EAPOL_eapNoResp - Request has been process; no response to send
|
||||||
*
|
*
|
||||||
* Set to TRUE in EAP state machine, FALSE in lower layer.
|
* Set to true in EAP state machine, false in lower layer.
|
||||||
*/
|
*/
|
||||||
EAPOL_eapNoResp,
|
EAPOL_eapNoResp,
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* EAPOL_eapReq - EAP request available from lower layer
|
* EAPOL_eapReq - EAP request available from lower layer
|
||||||
*
|
*
|
||||||
* Set to TRUE in lower layer, FALSE in EAP state machine.
|
* Set to true in lower layer, false in EAP state machine.
|
||||||
*/
|
*/
|
||||||
EAPOL_eapReq,
|
EAPOL_eapReq,
|
||||||
|
|
||||||
|
@ -1365,24 +1365,24 @@ static struct wpabuf * eap_aka_process(struct eap_sm *sm, void *priv,
|
|||||||
if (eap_get_config_identity(sm, &len) == NULL) {
|
if (eap_get_config_identity(sm, &len) == NULL) {
|
||||||
wpa_printf(MSG_INFO, "EAP-AKA: Identity not configured");
|
wpa_printf(MSG_INFO, "EAP-AKA: Identity not configured");
|
||||||
eap_sm_request_identity(sm);
|
eap_sm_request_identity(sm);
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
pos = eap_hdr_validate(EAP_VENDOR_IETF, data->eap_method, reqData,
|
pos = eap_hdr_validate(EAP_VENDOR_IETF, data->eap_method, reqData,
|
||||||
&len);
|
&len);
|
||||||
if (pos == NULL || len < 3) {
|
if (pos == NULL || len < 3) {
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
req = wpabuf_head(reqData);
|
req = wpabuf_head(reqData);
|
||||||
id = req->identifier;
|
id = req->identifier;
|
||||||
len = be_to_host16(req->length);
|
len = be_to_host16(req->length);
|
||||||
|
|
||||||
ret->ignore = FALSE;
|
ret->ignore = false;
|
||||||
ret->methodState = METHOD_MAY_CONT;
|
ret->methodState = METHOD_MAY_CONT;
|
||||||
ret->decision = DECISION_FAIL;
|
ret->decision = DECISION_FAIL;
|
||||||
ret->allowNotifications = TRUE;
|
ret->allowNotifications = true;
|
||||||
|
|
||||||
subtype = *pos++;
|
subtype = *pos++;
|
||||||
wpa_printf(MSG_DEBUG, "EAP-AKA: Subtype=%d", subtype);
|
wpa_printf(MSG_DEBUG, "EAP-AKA: Subtype=%d", subtype);
|
||||||
@ -1441,14 +1441,14 @@ done:
|
|||||||
ret->methodState = METHOD_CONT;
|
ret->methodState = METHOD_CONT;
|
||||||
|
|
||||||
if (ret->methodState == METHOD_DONE) {
|
if (ret->methodState == METHOD_DONE) {
|
||||||
ret->allowNotifications = FALSE;
|
ret->allowNotifications = false;
|
||||||
}
|
}
|
||||||
|
|
||||||
return res;
|
return res;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
static Boolean eap_aka_has_reauth_data(struct eap_sm *sm, void *priv)
|
static bool eap_aka_has_reauth_data(struct eap_sm *sm, void *priv)
|
||||||
{
|
{
|
||||||
struct eap_aka_data *data = priv;
|
struct eap_aka_data *data = priv;
|
||||||
return data->pseudonym || data->reauth_id;
|
return data->pseudonym || data->reauth_id;
|
||||||
@ -1497,7 +1497,7 @@ static const u8 * eap_aka_get_identity(struct eap_sm *sm, void *priv,
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
static Boolean eap_aka_isKeyAvailable(struct eap_sm *sm, void *priv)
|
static bool eap_aka_isKeyAvailable(struct eap_sm *sm, void *priv)
|
||||||
{
|
{
|
||||||
struct eap_aka_data *data = priv;
|
struct eap_aka_data *data = priv;
|
||||||
return data->state == SUCCESS;
|
return data->state == SUCCESS;
|
||||||
|
@ -211,7 +211,7 @@ static struct wpabuf * eap_eke_build_fail(struct eap_eke_data *data,
|
|||||||
eap_eke_state(data, FAILURE);
|
eap_eke_state(data, FAILURE);
|
||||||
ret->methodState = METHOD_DONE;
|
ret->methodState = METHOD_DONE;
|
||||||
ret->decision = DECISION_FAIL;
|
ret->decision = DECISION_FAIL;
|
||||||
ret->allowNotifications = FALSE;
|
ret->allowNotifications = false;
|
||||||
|
|
||||||
return resp;
|
return resp;
|
||||||
}
|
}
|
||||||
@ -617,7 +617,7 @@ static struct wpabuf * eap_eke_process_confirm(struct eap_eke_data *data,
|
|||||||
eap_eke_state(data, SUCCESS);
|
eap_eke_state(data, SUCCESS);
|
||||||
ret->methodState = METHOD_MAY_CONT;
|
ret->methodState = METHOD_MAY_CONT;
|
||||||
ret->decision = DECISION_COND_SUCC;
|
ret->decision = DECISION_COND_SUCC;
|
||||||
ret->allowNotifications = FALSE;
|
ret->allowNotifications = false;
|
||||||
|
|
||||||
return resp;
|
return resp;
|
||||||
}
|
}
|
||||||
@ -656,7 +656,7 @@ static struct wpabuf * eap_eke_process(struct eap_sm *sm, void *priv,
|
|||||||
|
|
||||||
pos = eap_hdr_validate(EAP_VENDOR_IETF, EAP_TYPE_EKE, reqData, &len);
|
pos = eap_hdr_validate(EAP_VENDOR_IETF, EAP_TYPE_EKE, reqData, &len);
|
||||||
if (pos == NULL || len < 1) {
|
if (pos == NULL || len < 1) {
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -666,10 +666,10 @@ static struct wpabuf * eap_eke_process(struct eap_sm *sm, void *priv,
|
|||||||
wpa_printf(MSG_DEBUG, "EAP-EKE: Received frame: exch %d", eke_exch);
|
wpa_printf(MSG_DEBUG, "EAP-EKE: Received frame: exch %d", eke_exch);
|
||||||
wpa_hexdump(MSG_DEBUG, "EAP-EKE: Received Data", pos, end - pos);
|
wpa_hexdump(MSG_DEBUG, "EAP-EKE: Received Data", pos, end - pos);
|
||||||
|
|
||||||
ret->ignore = FALSE;
|
ret->ignore = false;
|
||||||
ret->methodState = METHOD_MAY_CONT;
|
ret->methodState = METHOD_MAY_CONT;
|
||||||
ret->decision = DECISION_FAIL;
|
ret->decision = DECISION_FAIL;
|
||||||
ret->allowNotifications = TRUE;
|
ret->allowNotifications = true;
|
||||||
|
|
||||||
switch (eke_exch) {
|
switch (eke_exch) {
|
||||||
case EAP_EKE_ID:
|
case EAP_EKE_ID:
|
||||||
@ -689,18 +689,18 @@ static struct wpabuf * eap_eke_process(struct eap_sm *sm, void *priv,
|
|||||||
break;
|
break;
|
||||||
default:
|
default:
|
||||||
wpa_printf(MSG_DEBUG, "EAP-EKE: Ignoring message with unknown EKE-Exch %d", eke_exch);
|
wpa_printf(MSG_DEBUG, "EAP-EKE: Ignoring message with unknown EKE-Exch %d", eke_exch);
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (ret->methodState == METHOD_DONE)
|
if (ret->methodState == METHOD_DONE)
|
||||||
ret->allowNotifications = FALSE;
|
ret->allowNotifications = false;
|
||||||
|
|
||||||
return resp;
|
return resp;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
static Boolean eap_eke_isKeyAvailable(struct eap_sm *sm, void *priv)
|
static bool eap_eke_isKeyAvailable(struct eap_sm *sm, void *priv)
|
||||||
{
|
{
|
||||||
struct eap_eke_data *data = priv;
|
struct eap_eke_data *data = priv;
|
||||||
return data->state == SUCCESS;
|
return data->state == SUCCESS;
|
||||||
|
@ -1688,7 +1688,7 @@ static struct wpabuf * eap_fast_process(struct eap_sm *sm, void *priv,
|
|||||||
|
|
||||||
|
|
||||||
#if 0 /* FIX */
|
#if 0 /* FIX */
|
||||||
static Boolean eap_fast_has_reauth_data(struct eap_sm *sm, void *priv)
|
static bool eap_fast_has_reauth_data(struct eap_sm *sm, void *priv)
|
||||||
{
|
{
|
||||||
struct eap_fast_data *data = priv;
|
struct eap_fast_data *data = priv;
|
||||||
return tls_connection_established(sm->ssl_ctx, data->ssl.conn);
|
return tls_connection_established(sm->ssl_ctx, data->ssl.conn);
|
||||||
@ -1754,7 +1754,7 @@ static int eap_fast_get_status(struct eap_sm *sm, void *priv, char *buf,
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
static Boolean eap_fast_isKeyAvailable(struct eap_sm *sm, void *priv)
|
static bool eap_fast_isKeyAvailable(struct eap_sm *sm, void *priv)
|
||||||
{
|
{
|
||||||
struct eap_fast_data *data = priv;
|
struct eap_fast_data *data = priv;
|
||||||
return data->success;
|
return data->success;
|
||||||
|
@ -280,7 +280,7 @@ static struct wpabuf * eap_gpsk_process_gpsk_1(struct eap_sm *sm,
|
|||||||
struct wpabuf *resp;
|
struct wpabuf *resp;
|
||||||
|
|
||||||
if (data->state != GPSK_1) {
|
if (data->state != GPSK_1) {
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -588,7 +588,7 @@ static struct wpabuf * eap_gpsk_process_gpsk_3(struct eap_sm *sm,
|
|||||||
const u8 *pos, *end;
|
const u8 *pos, *end;
|
||||||
|
|
||||||
if (data->state != GPSK_3) {
|
if (data->state != GPSK_3) {
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -671,7 +671,7 @@ static struct wpabuf * eap_gpsk_process(struct eap_sm *sm, void *priv,
|
|||||||
|
|
||||||
pos = eap_hdr_validate(EAP_VENDOR_IETF, EAP_TYPE_GPSK, reqData, &len);
|
pos = eap_hdr_validate(EAP_VENDOR_IETF, EAP_TYPE_GPSK, reqData, &len);
|
||||||
if (pos == NULL || len < 1) {
|
if (pos == NULL || len < 1) {
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -680,10 +680,10 @@ static struct wpabuf * eap_gpsk_process(struct eap_sm *sm, void *priv,
|
|||||||
len--;
|
len--;
|
||||||
wpa_printf(MSG_DEBUG, "EAP-GPSK: Received frame: opcode %d", opcode);
|
wpa_printf(MSG_DEBUG, "EAP-GPSK: Received frame: opcode %d", opcode);
|
||||||
|
|
||||||
ret->ignore = FALSE;
|
ret->ignore = false;
|
||||||
ret->methodState = METHOD_MAY_CONT;
|
ret->methodState = METHOD_MAY_CONT;
|
||||||
ret->decision = DECISION_FAIL;
|
ret->decision = DECISION_FAIL;
|
||||||
ret->allowNotifications = FALSE;
|
ret->allowNotifications = false;
|
||||||
|
|
||||||
switch (opcode) {
|
switch (opcode) {
|
||||||
case EAP_GPSK_OPCODE_GPSK_1:
|
case EAP_GPSK_OPCODE_GPSK_1:
|
||||||
@ -696,7 +696,7 @@ static struct wpabuf * eap_gpsk_process(struct eap_sm *sm, void *priv,
|
|||||||
wpa_printf(MSG_DEBUG,
|
wpa_printf(MSG_DEBUG,
|
||||||
"EAP-GPSK: Ignoring message with unknown opcode %d",
|
"EAP-GPSK: Ignoring message with unknown opcode %d",
|
||||||
opcode);
|
opcode);
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -704,7 +704,7 @@ static struct wpabuf * eap_gpsk_process(struct eap_sm *sm, void *priv,
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
static Boolean eap_gpsk_isKeyAvailable(struct eap_sm *sm, void *priv)
|
static bool eap_gpsk_isKeyAvailable(struct eap_sm *sm, void *priv)
|
||||||
{
|
{
|
||||||
struct eap_gpsk_data *data = priv;
|
struct eap_gpsk_data *data = priv;
|
||||||
return data->state == SUCCESS;
|
return data->state == SUCCESS;
|
||||||
|
@ -54,7 +54,7 @@ static struct wpabuf * eap_gtc_process(struct eap_sm *sm, void *priv,
|
|||||||
|
|
||||||
pos = eap_hdr_validate(EAP_VENDOR_IETF, EAP_TYPE_GTC, reqData, &len);
|
pos = eap_hdr_validate(EAP_VENDOR_IETF, EAP_TYPE_GTC, reqData, &len);
|
||||||
if (pos == NULL) {
|
if (pos == NULL) {
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
id = eap_get_id(reqData);
|
id = eap_get_id(reqData);
|
||||||
@ -85,15 +85,15 @@ static struct wpabuf * eap_gtc_process(struct eap_sm *sm, void *priv,
|
|||||||
if (password == NULL) {
|
if (password == NULL) {
|
||||||
wpa_printf(MSG_INFO, "EAP-GTC: Password not configured");
|
wpa_printf(MSG_INFO, "EAP-GTC: Password not configured");
|
||||||
eap_sm_request_otp(sm, (const char *) pos, len);
|
eap_sm_request_otp(sm, (const char *) pos, len);
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
ret->ignore = FALSE;
|
ret->ignore = false;
|
||||||
|
|
||||||
ret->methodState = data->prefix ? METHOD_MAY_CONT : METHOD_DONE;
|
ret->methodState = data->prefix ? METHOD_MAY_CONT : METHOD_DONE;
|
||||||
ret->decision = DECISION_COND_SUCC;
|
ret->decision = DECISION_COND_SUCC;
|
||||||
ret->allowNotifications = FALSE;
|
ret->allowNotifications = false;
|
||||||
|
|
||||||
plen = password_len;
|
plen = password_len;
|
||||||
identity = eap_get_config_identity(sm, &identity_len);
|
identity = eap_get_config_identity(sm, &identity_len);
|
||||||
|
@ -38,7 +38,7 @@ struct eap_method_ret {
|
|||||||
/**
|
/**
|
||||||
* ignore - Whether method decided to drop the current packed (OUT)
|
* ignore - Whether method decided to drop the current packed (OUT)
|
||||||
*/
|
*/
|
||||||
Boolean ignore;
|
bool ignore;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* methodState - Method-specific state (IN/OUT)
|
* methodState - Method-specific state (IN/OUT)
|
||||||
@ -53,7 +53,7 @@ struct eap_method_ret {
|
|||||||
/**
|
/**
|
||||||
* allowNotifications - Whether method allows notifications (OUT)
|
* allowNotifications - Whether method allows notifications (OUT)
|
||||||
*/
|
*/
|
||||||
Boolean allowNotifications;
|
bool allowNotifications;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
||||||
@ -123,9 +123,9 @@ struct eap_method {
|
|||||||
* isKeyAvailable - Find out whether EAP method has keying material
|
* isKeyAvailable - Find out whether EAP method has keying material
|
||||||
* @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
|
* @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
|
||||||
* @priv: Pointer to private EAP method data from eap_method::init()
|
* @priv: Pointer to private EAP method data from eap_method::init()
|
||||||
* Returns: %TRUE if key material (eapKeyData) is available
|
* Returns: %true if key material (eapKeyData) is available
|
||||||
*/
|
*/
|
||||||
Boolean (*isKeyAvailable)(struct eap_sm *sm, void *priv);
|
bool (*isKeyAvailable)(struct eap_sm *sm, void *priv);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* getKey - Get EAP method specific keying material (eapKeyData)
|
* getKey - Get EAP method specific keying material (eapKeyData)
|
||||||
@ -161,13 +161,13 @@ struct eap_method {
|
|||||||
* has_reauth_data - Whether method is ready for fast reauthentication
|
* has_reauth_data - Whether method is ready for fast reauthentication
|
||||||
* @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
|
* @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
|
||||||
* @priv: Pointer to private EAP method data from eap_method::init()
|
* @priv: Pointer to private EAP method data from eap_method::init()
|
||||||
* Returns: %TRUE or %FALSE based on whether fast reauthentication is
|
* Returns: %true or %false based on whether fast reauthentication is
|
||||||
* possible
|
* possible
|
||||||
*
|
*
|
||||||
* This function is an optional handler that only EAP methods
|
* This function is an optional handler that only EAP methods
|
||||||
* supporting fast re-authentication need to implement.
|
* supporting fast re-authentication need to implement.
|
||||||
*/
|
*/
|
||||||
Boolean (*has_reauth_data)(struct eap_sm *sm, void *priv);
|
bool (*has_reauth_data)(struct eap_sm *sm, void *priv);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* deinit_for_reauth - Release data that is not needed for fast re-auth
|
* deinit_for_reauth - Release data that is not needed for fast re-auth
|
||||||
@ -318,39 +318,39 @@ struct eap_sm {
|
|||||||
struct wpabuf *lastRespData;
|
struct wpabuf *lastRespData;
|
||||||
EapDecision decision;
|
EapDecision decision;
|
||||||
/* Short-term local variables */
|
/* Short-term local variables */
|
||||||
Boolean rxReq;
|
bool rxReq;
|
||||||
Boolean rxSuccess;
|
bool rxSuccess;
|
||||||
Boolean rxFailure;
|
bool rxFailure;
|
||||||
int reqId;
|
int reqId;
|
||||||
enum eap_type reqMethod;
|
enum eap_type reqMethod;
|
||||||
int reqVendor;
|
int reqVendor;
|
||||||
u32 reqVendorMethod;
|
u32 reqVendorMethod;
|
||||||
Boolean ignore;
|
bool ignore;
|
||||||
/* Constants */
|
/* Constants */
|
||||||
int ClientTimeout;
|
int ClientTimeout;
|
||||||
|
|
||||||
/* Miscellaneous variables */
|
/* Miscellaneous variables */
|
||||||
Boolean allowNotifications; /* peer state machine <-> methods */
|
bool allowNotifications; /* peer state machine <-> methods */
|
||||||
struct wpabuf *eapRespData; /* peer to lower layer */
|
struct wpabuf *eapRespData; /* peer to lower layer */
|
||||||
Boolean eapKeyAvailable; /* peer to lower layer */
|
bool eapKeyAvailable; /* peer to lower layer */
|
||||||
u8 *eapKeyData; /* peer to lower layer */
|
u8 *eapKeyData; /* peer to lower layer */
|
||||||
size_t eapKeyDataLen; /* peer to lower layer */
|
size_t eapKeyDataLen; /* peer to lower layer */
|
||||||
u8 *eapSessionId; /* peer to lower layer */
|
u8 *eapSessionId; /* peer to lower layer */
|
||||||
size_t eapSessionIdLen; /* peer to lower layer */
|
size_t eapSessionIdLen; /* peer to lower layer */
|
||||||
const struct eap_method *m; /* selected EAP method */
|
const struct eap_method *m; /* selected EAP method */
|
||||||
/* not defined in RFC 4137 */
|
/* not defined in RFC 4137 */
|
||||||
Boolean changed;
|
bool changed;
|
||||||
void *eapol_ctx;
|
void *eapol_ctx;
|
||||||
const struct eapol_callbacks *eapol_cb;
|
const struct eapol_callbacks *eapol_cb;
|
||||||
void *eap_method_priv;
|
void *eap_method_priv;
|
||||||
int init_phase2;
|
int init_phase2;
|
||||||
int fast_reauth;
|
int fast_reauth;
|
||||||
Boolean reauthInit; /* send EAP-Identity/Re-auth */
|
bool reauthInit; /* send EAP-Identity/Re-auth */
|
||||||
u32 erp_seq;
|
u32 erp_seq;
|
||||||
|
|
||||||
Boolean rxResp /* LEAP only */;
|
bool rxResp /* LEAP only */;
|
||||||
Boolean leap_done;
|
bool leap_done;
|
||||||
Boolean peap_done;
|
bool peap_done;
|
||||||
u8 req_sha1[20]; /* SHA1() of the current EAP packet */
|
u8 req_sha1[20]; /* SHA1() of the current EAP packet */
|
||||||
u8 last_sha1[20]; /* SHA1() of the previously received EAP packet; used
|
u8 last_sha1[20]; /* SHA1() of the previously received EAP packet; used
|
||||||
* in duplicate request detection. */
|
* in duplicate request detection. */
|
||||||
|
@ -138,9 +138,9 @@ static struct wpabuf * eap_ikev2_build_msg(struct eap_ikev2_data *data,
|
|||||||
u8 flags;
|
u8 flags;
|
||||||
size_t send_len, plen, icv_len = 0;
|
size_t send_len, plen, icv_len = 0;
|
||||||
|
|
||||||
ret->ignore = FALSE;
|
ret->ignore = false;
|
||||||
wpa_printf(MSG_DEBUG, "EAP-IKEV2: Generating Response");
|
wpa_printf(MSG_DEBUG, "EAP-IKEV2: Generating Response");
|
||||||
ret->allowNotifications = TRUE;
|
ret->allowNotifications = true;
|
||||||
|
|
||||||
flags = 0;
|
flags = 0;
|
||||||
send_len = wpabuf_len(data->out_buf) - data->out_used;
|
send_len = wpabuf_len(data->out_buf) - data->out_used;
|
||||||
@ -293,7 +293,7 @@ static struct wpabuf * eap_ikev2_process_fragment(struct eap_ikev2_data *data,
|
|||||||
if (data->in_buf == NULL && !(flags & IKEV2_FLAGS_LENGTH_INCLUDED)) {
|
if (data->in_buf == NULL && !(flags & IKEV2_FLAGS_LENGTH_INCLUDED)) {
|
||||||
wpa_printf(MSG_DEBUG, "EAP-IKEV2: No Message Length field in "
|
wpa_printf(MSG_DEBUG, "EAP-IKEV2: No Message Length field in "
|
||||||
"a fragmented packet");
|
"a fragmented packet");
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -303,14 +303,14 @@ static struct wpabuf * eap_ikev2_process_fragment(struct eap_ikev2_data *data,
|
|||||||
/* Limit maximum memory allocation */
|
/* Limit maximum memory allocation */
|
||||||
wpa_printf(MSG_DEBUG,
|
wpa_printf(MSG_DEBUG,
|
||||||
"EAP-IKEV2: Ignore too long message");
|
"EAP-IKEV2: Ignore too long message");
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
data->in_buf = wpabuf_alloc(message_length);
|
data->in_buf = wpabuf_alloc(message_length);
|
||||||
if (data->in_buf == NULL) {
|
if (data->in_buf == NULL) {
|
||||||
wpa_printf(MSG_DEBUG, "EAP-IKEV2: No memory for "
|
wpa_printf(MSG_DEBUG, "EAP-IKEV2: No memory for "
|
||||||
"message");
|
"message");
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
wpabuf_put_data(data->in_buf, buf, len);
|
wpabuf_put_data(data->in_buf, buf, len);
|
||||||
@ -320,7 +320,7 @@ static struct wpabuf * eap_ikev2_process_fragment(struct eap_ikev2_data *data,
|
|||||||
(unsigned long) wpabuf_tailroom(data->in_buf));
|
(unsigned long) wpabuf_tailroom(data->in_buf));
|
||||||
}
|
}
|
||||||
|
|
||||||
ret->ignore = FALSE;
|
ret->ignore = false;
|
||||||
return eap_ikev2_build_frag_ack(id, EAP_CODE_RESPONSE);
|
return eap_ikev2_build_frag_ack(id, EAP_CODE_RESPONSE);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -338,7 +338,7 @@ static struct wpabuf * eap_ikev2_process(struct eap_sm *sm, void *priv,
|
|||||||
|
|
||||||
pos = eap_hdr_validate(EAP_VENDOR_IETF, EAP_TYPE_IKEV2, reqData, &len);
|
pos = eap_hdr_validate(EAP_VENDOR_IETF, EAP_TYPE_IKEV2, reqData, &len);
|
||||||
if (pos == NULL) {
|
if (pos == NULL) {
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -355,14 +355,14 @@ static struct wpabuf * eap_ikev2_process(struct eap_sm *sm, void *priv,
|
|||||||
if (eap_ikev2_process_icv(data, reqData, flags, pos, &end,
|
if (eap_ikev2_process_icv(data, reqData, flags, pos, &end,
|
||||||
data->state == WAIT_FRAG_ACK && len == 0) < 0)
|
data->state == WAIT_FRAG_ACK && len == 0) < 0)
|
||||||
{
|
{
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (flags & IKEV2_FLAGS_LENGTH_INCLUDED) {
|
if (flags & IKEV2_FLAGS_LENGTH_INCLUDED) {
|
||||||
if (end - pos < 4) {
|
if (end - pos < 4) {
|
||||||
wpa_printf(MSG_DEBUG, "EAP-IKEV2: Message underflow");
|
wpa_printf(MSG_DEBUG, "EAP-IKEV2: Message underflow");
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
message_length = WPA_GET_BE32(pos);
|
message_length = WPA_GET_BE32(pos);
|
||||||
@ -372,7 +372,7 @@ static struct wpabuf * eap_ikev2_process(struct eap_sm *sm, void *priv,
|
|||||||
wpa_printf(MSG_DEBUG, "EAP-IKEV2: Invalid Message "
|
wpa_printf(MSG_DEBUG, "EAP-IKEV2: Invalid Message "
|
||||||
"Length (%d; %ld remaining in this msg)",
|
"Length (%d; %ld remaining in this msg)",
|
||||||
message_length, (long) (end - pos));
|
message_length, (long) (end - pos));
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -384,7 +384,7 @@ static struct wpabuf * eap_ikev2_process(struct eap_sm *sm, void *priv,
|
|||||||
if (len != 0) {
|
if (len != 0) {
|
||||||
wpa_printf(MSG_DEBUG, "EAP-IKEV2: Unexpected payload "
|
wpa_printf(MSG_DEBUG, "EAP-IKEV2: Unexpected payload "
|
||||||
"in WAIT_FRAG_ACK state");
|
"in WAIT_FRAG_ACK state");
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
wpa_printf(MSG_DEBUG, "EAP-IKEV2: Fragment acknowledged");
|
wpa_printf(MSG_DEBUG, "EAP-IKEV2: Fragment acknowledged");
|
||||||
@ -393,10 +393,10 @@ static struct wpabuf * eap_ikev2_process(struct eap_sm *sm, void *priv,
|
|||||||
}
|
}
|
||||||
|
|
||||||
if (data->in_buf && eap_ikev2_process_cont(data, pos, end - pos) < 0) {
|
if (data->in_buf && eap_ikev2_process_cont(data, pos, end - pos) < 0) {
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (flags & IKEV2_FLAGS_MORE_FRAGMENTS) {
|
if (flags & IKEV2_FLAGS_MORE_FRAGMENTS) {
|
||||||
return eap_ikev2_process_fragment(data, ret, id, flags,
|
return eap_ikev2_process_fragment(data, ret, id, flags,
|
||||||
message_length, pos,
|
message_length, pos,
|
||||||
@ -435,7 +435,7 @@ static struct wpabuf * eap_ikev2_process(struct eap_sm *sm, void *priv,
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
static Boolean eap_ikev2_isKeyAvailable(struct eap_sm *sm, void *priv)
|
static bool eap_ikev2_isKeyAvailable(struct eap_sm *sm, void *priv)
|
||||||
{
|
{
|
||||||
struct eap_ikev2_data *data = priv;
|
struct eap_ikev2_data *data = priv;
|
||||||
return data->state == DONE && data->keymat_ok;
|
return data->state == DONE && data->keymat_ok;
|
||||||
|
@ -45,7 +45,7 @@ static void * eap_leap_init(struct eap_sm *sm)
|
|||||||
return NULL;
|
return NULL;
|
||||||
data->state = LEAP_WAIT_CHALLENGE;
|
data->state = LEAP_WAIT_CHALLENGE;
|
||||||
|
|
||||||
sm->leap_done = FALSE;
|
sm->leap_done = false;
|
||||||
return data;
|
return data;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -77,14 +77,14 @@ static struct wpabuf * eap_leap_process_request(struct eap_sm *sm, void *priv,
|
|||||||
pos = eap_hdr_validate(EAP_VENDOR_IETF, EAP_TYPE_LEAP, reqData, &len);
|
pos = eap_hdr_validate(EAP_VENDOR_IETF, EAP_TYPE_LEAP, reqData, &len);
|
||||||
if (pos == NULL || len < 3) {
|
if (pos == NULL || len < 3) {
|
||||||
wpa_printf(MSG_INFO, "EAP-LEAP: Invalid EAP-Request frame");
|
wpa_printf(MSG_INFO, "EAP-LEAP: Invalid EAP-Request frame");
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (*pos != LEAP_VERSION) {
|
if (*pos != LEAP_VERSION) {
|
||||||
wpa_printf(MSG_WARNING, "EAP-LEAP: Unsupported LEAP version "
|
wpa_printf(MSG_WARNING, "EAP-LEAP: Unsupported LEAP version "
|
||||||
"%d", *pos);
|
"%d", *pos);
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
pos++;
|
pos++;
|
||||||
@ -96,7 +96,7 @@ static struct wpabuf * eap_leap_process_request(struct eap_sm *sm, void *priv,
|
|||||||
wpa_printf(MSG_INFO, "EAP-LEAP: Invalid challenge "
|
wpa_printf(MSG_INFO, "EAP-LEAP: Invalid challenge "
|
||||||
"(challenge_len=%d reqDataLen=%lu)",
|
"(challenge_len=%d reqDataLen=%lu)",
|
||||||
challenge_len, (unsigned long) wpabuf_len(reqData));
|
challenge_len, (unsigned long) wpabuf_len(reqData));
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
challenge = pos;
|
challenge = pos;
|
||||||
@ -119,7 +119,7 @@ static struct wpabuf * eap_leap_process_request(struct eap_sm *sm, void *priv,
|
|||||||
(!pwhash &&
|
(!pwhash &&
|
||||||
nt_challenge_response(challenge, password, password_len, rpos))) {
|
nt_challenge_response(challenge, password, password_len, rpos))) {
|
||||||
wpa_printf(MSG_DEBUG, "EAP-LEAP: Failed to derive response");
|
wpa_printf(MSG_DEBUG, "EAP-LEAP: Failed to derive response");
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
wpabuf_free(resp);
|
wpabuf_free(resp);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
@ -153,7 +153,7 @@ static struct wpabuf * eap_leap_process_success(struct eap_sm *sm, void *priv,
|
|||||||
if (data->state != LEAP_WAIT_SUCCESS) {
|
if (data->state != LEAP_WAIT_SUCCESS) {
|
||||||
wpa_printf(MSG_INFO, "EAP-LEAP: EAP-Success received in "
|
wpa_printf(MSG_INFO, "EAP-LEAP: EAP-Success received in "
|
||||||
"unexpected state (%d) - ignored", data->state);
|
"unexpected state (%d) - ignored", data->state);
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -170,7 +170,7 @@ static struct wpabuf * eap_leap_process_success(struct eap_sm *sm, void *priv,
|
|||||||
wpa_printf(MSG_WARNING, "EAP-LEAP: Failed to read random data "
|
wpa_printf(MSG_WARNING, "EAP-LEAP: Failed to read random data "
|
||||||
"for challenge");
|
"for challenge");
|
||||||
wpabuf_free(resp);
|
wpabuf_free(resp);
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
os_memcpy(data->ap_challenge, pos, LEAP_CHALLENGE_LEN);
|
os_memcpy(data->ap_challenge, pos, LEAP_CHALLENGE_LEN);
|
||||||
@ -204,14 +204,14 @@ static struct wpabuf * eap_leap_process_response(struct eap_sm *sm, void *priv,
|
|||||||
pos = eap_hdr_validate(EAP_VENDOR_IETF, EAP_TYPE_LEAP, reqData, &len);
|
pos = eap_hdr_validate(EAP_VENDOR_IETF, EAP_TYPE_LEAP, reqData, &len);
|
||||||
if (pos == NULL || len < 3) {
|
if (pos == NULL || len < 3) {
|
||||||
wpa_printf(MSG_INFO, "EAP-LEAP: Invalid EAP-Response frame");
|
wpa_printf(MSG_INFO, "EAP-LEAP: Invalid EAP-Response frame");
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (*pos != LEAP_VERSION) {
|
if (*pos != LEAP_VERSION) {
|
||||||
wpa_printf(MSG_WARNING, "EAP-LEAP: Unsupported LEAP version "
|
wpa_printf(MSG_WARNING, "EAP-LEAP: Unsupported LEAP version "
|
||||||
"%d", *pos);
|
"%d", *pos);
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
pos++;
|
pos++;
|
||||||
@ -223,7 +223,7 @@ static struct wpabuf * eap_leap_process_response(struct eap_sm *sm, void *priv,
|
|||||||
wpa_printf(MSG_INFO, "EAP-LEAP: Invalid response "
|
wpa_printf(MSG_INFO, "EAP-LEAP: Invalid response "
|
||||||
"(response_len=%d reqDataLen=%lu)",
|
"(response_len=%d reqDataLen=%lu)",
|
||||||
response_len, (unsigned long) wpabuf_len(reqData));
|
response_len, (unsigned long) wpabuf_len(reqData));
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -233,23 +233,23 @@ static struct wpabuf * eap_leap_process_response(struct eap_sm *sm, void *priv,
|
|||||||
|
|
||||||
if (pwhash) {
|
if (pwhash) {
|
||||||
if (hash_nt_password_hash(password, pw_hash_hash)) {
|
if (hash_nt_password_hash(password, pw_hash_hash)) {
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
if (nt_password_hash(password, password_len, pw_hash) ||
|
if (nt_password_hash(password, password_len, pw_hash) ||
|
||||||
hash_nt_password_hash(pw_hash, pw_hash_hash)) {
|
hash_nt_password_hash(pw_hash, pw_hash_hash)) {
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if (challenge_response(data->ap_challenge, pw_hash_hash, expected)) {
|
if (challenge_response(data->ap_challenge, pw_hash_hash, expected)) {
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
ret->methodState = METHOD_DONE;
|
ret->methodState = METHOD_DONE;
|
||||||
ret->allowNotifications = FALSE;
|
ret->allowNotifications = false;
|
||||||
|
|
||||||
if (os_memcmp_const(pos, expected, LEAP_RESPONSE_LEN) != 0) {
|
if (os_memcmp_const(pos, expected, LEAP_RESPONSE_LEN) != 0) {
|
||||||
wpa_printf(MSG_WARNING, "EAP-LEAP: AP sent an invalid "
|
wpa_printf(MSG_WARNING, "EAP-LEAP: AP sent an invalid "
|
||||||
@ -265,7 +265,7 @@ static struct wpabuf * eap_leap_process_response(struct eap_sm *sm, void *priv,
|
|||||||
/* LEAP is somewhat odd method since it sends EAP-Success in the middle
|
/* LEAP is somewhat odd method since it sends EAP-Success in the middle
|
||||||
* of the authentication. Use special variable to transit EAP state
|
* of the authentication. Use special variable to transit EAP state
|
||||||
* machine to SUCCESS state. */
|
* machine to SUCCESS state. */
|
||||||
sm->leap_done = TRUE;
|
sm->leap_done = true;
|
||||||
data->state = LEAP_DONE;
|
data->state = LEAP_DONE;
|
||||||
|
|
||||||
/* No more authentication messages expected; AP will send EAPOL-Key
|
/* No more authentication messages expected; AP will send EAPOL-Key
|
||||||
@ -286,7 +286,7 @@ static struct wpabuf * eap_leap_process(struct eap_sm *sm, void *priv,
|
|||||||
if (password == NULL) {
|
if (password == NULL) {
|
||||||
wpa_printf(MSG_INFO, "EAP-LEAP: Password not configured");
|
wpa_printf(MSG_INFO, "EAP-LEAP: Password not configured");
|
||||||
eap_sm_request_password(sm);
|
eap_sm_request_password(sm);
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -300,16 +300,16 @@ static struct wpabuf * eap_leap_process(struct eap_sm *sm, void *priv,
|
|||||||
if (wpabuf_len(reqData) < sizeof(*eap) ||
|
if (wpabuf_len(reqData) < sizeof(*eap) ||
|
||||||
be_to_host16(eap->length) > wpabuf_len(reqData)) {
|
be_to_host16(eap->length) > wpabuf_len(reqData)) {
|
||||||
wpa_printf(MSG_INFO, "EAP-LEAP: Invalid frame");
|
wpa_printf(MSG_INFO, "EAP-LEAP: Invalid frame");
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
ret->ignore = FALSE;
|
ret->ignore = false;
|
||||||
ret->allowNotifications = TRUE;
|
ret->allowNotifications = true;
|
||||||
ret->methodState = METHOD_MAY_CONT;
|
ret->methodState = METHOD_MAY_CONT;
|
||||||
ret->decision = DECISION_FAIL;
|
ret->decision = DECISION_FAIL;
|
||||||
|
|
||||||
sm->leap_done = FALSE;
|
sm->leap_done = false;
|
||||||
|
|
||||||
switch (eap->code) {
|
switch (eap->code) {
|
||||||
case EAP_CODE_REQUEST:
|
case EAP_CODE_REQUEST:
|
||||||
@ -321,13 +321,13 @@ static struct wpabuf * eap_leap_process(struct eap_sm *sm, void *priv,
|
|||||||
default:
|
default:
|
||||||
wpa_printf(MSG_INFO, "EAP-LEAP: Unexpected EAP code (%d) - "
|
wpa_printf(MSG_INFO, "EAP-LEAP: Unexpected EAP code (%d) - "
|
||||||
"ignored", eap->code);
|
"ignored", eap->code);
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
static Boolean eap_leap_isKeyAvailable(struct eap_sm *sm, void *priv)
|
static bool eap_leap_isKeyAvailable(struct eap_sm *sm, void *priv)
|
||||||
{
|
{
|
||||||
struct eap_leap_data *data = priv;
|
struct eap_leap_data *data = priv;
|
||||||
return data->state == LEAP_DONE;
|
return data->state == LEAP_DONE;
|
||||||
|
@ -39,7 +39,7 @@ static struct wpabuf * eap_md5_process(struct eap_sm *sm, void *priv,
|
|||||||
if (password == NULL) {
|
if (password == NULL) {
|
||||||
wpa_printf(MSG_INFO, "EAP-MD5: Password not configured");
|
wpa_printf(MSG_INFO, "EAP-MD5: Password not configured");
|
||||||
eap_sm_request_password(sm);
|
eap_sm_request_password(sm);
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -47,7 +47,7 @@ static struct wpabuf * eap_md5_process(struct eap_sm *sm, void *priv,
|
|||||||
if (pos == NULL || len == 0) {
|
if (pos == NULL || len == 0) {
|
||||||
wpa_printf(MSG_INFO, "EAP-MD5: Invalid frame (pos=%p len=%lu)",
|
wpa_printf(MSG_INFO, "EAP-MD5: Invalid frame (pos=%p len=%lu)",
|
||||||
pos, (unsigned long) len);
|
pos, (unsigned long) len);
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -60,10 +60,10 @@ static struct wpabuf * eap_md5_process(struct eap_sm *sm, void *priv,
|
|||||||
wpa_printf(MSG_INFO, "EAP-MD5: Invalid challenge "
|
wpa_printf(MSG_INFO, "EAP-MD5: Invalid challenge "
|
||||||
"(challenge_len=%lu len=%lu)",
|
"(challenge_len=%lu len=%lu)",
|
||||||
(unsigned long) challenge_len, (unsigned long) len);
|
(unsigned long) challenge_len, (unsigned long) len);
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
ret->ignore = FALSE;
|
ret->ignore = false;
|
||||||
challenge = pos;
|
challenge = pos;
|
||||||
wpa_hexdump(MSG_MSGDUMP, "EAP-MD5: Challenge",
|
wpa_hexdump(MSG_MSGDUMP, "EAP-MD5: Challenge",
|
||||||
challenge, challenge_len);
|
challenge, challenge_len);
|
||||||
@ -71,7 +71,7 @@ static struct wpabuf * eap_md5_process(struct eap_sm *sm, void *priv,
|
|||||||
wpa_printf(MSG_DEBUG, "EAP-MD5: Generating Challenge Response");
|
wpa_printf(MSG_DEBUG, "EAP-MD5: Generating Challenge Response");
|
||||||
ret->methodState = METHOD_DONE;
|
ret->methodState = METHOD_DONE;
|
||||||
ret->decision = DECISION_COND_SUCC;
|
ret->decision = DECISION_COND_SUCC;
|
||||||
ret->allowNotifications = TRUE;
|
ret->allowNotifications = true;
|
||||||
|
|
||||||
resp = eap_msg_alloc(EAP_VENDOR_IETF, EAP_TYPE_MD5, 1 + CHAP_MD5_LEN,
|
resp = eap_msg_alloc(EAP_VENDOR_IETF, EAP_TYPE_MD5, 1 + CHAP_MD5_LEN,
|
||||||
EAP_CODE_RESPONSE, eap_get_id(reqData));
|
EAP_CODE_RESPONSE, eap_get_id(reqData));
|
||||||
@ -89,7 +89,7 @@ static struct wpabuf * eap_md5_process(struct eap_sm *sm, void *priv,
|
|||||||
if (chap_md5(id, password, password_len, challenge, challenge_len,
|
if (chap_md5(id, password, password_len, challenge, challenge_len,
|
||||||
rpos)) {
|
rpos)) {
|
||||||
wpa_printf(MSG_INFO, "EAP-MD5: CHAP MD5 operation failed");
|
wpa_printf(MSG_INFO, "EAP-MD5: CHAP MD5 operation failed");
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
wpabuf_free(resp);
|
wpabuf_free(resp);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
@ -250,7 +250,7 @@ static struct wpabuf * eap_mschapv2_challenge(
|
|||||||
if (req_len < sizeof(*req) + 1) {
|
if (req_len < sizeof(*req) + 1) {
|
||||||
wpa_printf(MSG_INFO, "EAP-MSCHAPV2: Too short challenge data "
|
wpa_printf(MSG_INFO, "EAP-MSCHAPV2: Too short challenge data "
|
||||||
"(len %lu)", (unsigned long) req_len);
|
"(len %lu)", (unsigned long) req_len);
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
pos = (const u8 *) (req + 1);
|
pos = (const u8 *) (req + 1);
|
||||||
@ -259,7 +259,7 @@ static struct wpabuf * eap_mschapv2_challenge(
|
|||||||
if (challenge_len != MSCHAPV2_CHAL_LEN) {
|
if (challenge_len != MSCHAPV2_CHAL_LEN) {
|
||||||
wpa_printf(MSG_INFO, "EAP-MSCHAPV2: Invalid challenge length "
|
wpa_printf(MSG_INFO, "EAP-MSCHAPV2: Invalid challenge length "
|
||||||
"%lu", (unsigned long) challenge_len);
|
"%lu", (unsigned long) challenge_len);
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -267,7 +267,7 @@ static struct wpabuf * eap_mschapv2_challenge(
|
|||||||
wpa_printf(MSG_INFO, "EAP-MSCHAPV2: Too short challenge"
|
wpa_printf(MSG_INFO, "EAP-MSCHAPV2: Too short challenge"
|
||||||
" packet: len=%lu challenge_len=%lu",
|
" packet: len=%lu challenge_len=%lu",
|
||||||
(unsigned long) len, (unsigned long) challenge_len);
|
(unsigned long) len, (unsigned long) challenge_len);
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -282,10 +282,10 @@ static struct wpabuf * eap_mschapv2_challenge(
|
|||||||
wpa_hexdump_ascii(MSG_DEBUG, "EAP-MSCHAPV2: Authentication Servername",
|
wpa_hexdump_ascii(MSG_DEBUG, "EAP-MSCHAPV2: Authentication Servername",
|
||||||
pos, len);
|
pos, len);
|
||||||
|
|
||||||
ret->ignore = FALSE;
|
ret->ignore = false;
|
||||||
ret->methodState = METHOD_MAY_CONT;
|
ret->methodState = METHOD_MAY_CONT;
|
||||||
ret->decision = DECISION_FAIL;
|
ret->decision = DECISION_FAIL;
|
||||||
ret->allowNotifications = TRUE;
|
ret->allowNotifications = true;
|
||||||
|
|
||||||
return eap_mschapv2_challenge_reply(sm, data, id, req->mschapv2_id,
|
return eap_mschapv2_challenge_reply(sm, data, id, req->mschapv2_id,
|
||||||
challenge);
|
challenge);
|
||||||
@ -377,7 +377,7 @@ static struct wpabuf * eap_mschapv2_success(struct eap_sm *sm,
|
|||||||
if (resp == NULL) {
|
if (resp == NULL) {
|
||||||
wpa_printf(MSG_DEBUG, "EAP-MSCHAPV2: Failed to allocate "
|
wpa_printf(MSG_DEBUG, "EAP-MSCHAPV2: Failed to allocate "
|
||||||
"buffer for success response");
|
"buffer for success response");
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -385,7 +385,7 @@ static struct wpabuf * eap_mschapv2_success(struct eap_sm *sm,
|
|||||||
|
|
||||||
ret->methodState = METHOD_DONE;
|
ret->methodState = METHOD_DONE;
|
||||||
ret->decision = DECISION_UNCOND_SUCC;
|
ret->decision = DECISION_UNCOND_SUCC;
|
||||||
ret->allowNotifications = FALSE;
|
ret->allowNotifications = false;
|
||||||
data->success = 1;
|
data->success = 1;
|
||||||
|
|
||||||
if (data->prev_error == ERROR_PASSWD_EXPIRED)
|
if (data->prev_error == ERROR_PASSWD_EXPIRED)
|
||||||
@ -531,10 +531,10 @@ static struct wpabuf * eap_mschapv2_change_password(
|
|||||||
|
|
||||||
username = mschapv2_remove_domain(username, &username_len);
|
username = mschapv2_remove_domain(username, &username_len);
|
||||||
|
|
||||||
ret->ignore = FALSE;
|
ret->ignore = false;
|
||||||
ret->methodState = METHOD_MAY_CONT;
|
ret->methodState = METHOD_MAY_CONT;
|
||||||
ret->decision = DECISION_COND_SUCC;
|
ret->decision = DECISION_COND_SUCC;
|
||||||
ret->allowNotifications = TRUE;
|
ret->allowNotifications = true;
|
||||||
|
|
||||||
ms_len = sizeof(*ms) + sizeof(*cp);
|
ms_len = sizeof(*ms) + sizeof(*cp);
|
||||||
resp = eap_msg_alloc(EAP_VENDOR_IETF, EAP_TYPE_MSCHAPV2, ms_len,
|
resp = eap_msg_alloc(EAP_VENDOR_IETF, EAP_TYPE_MSCHAPV2, ms_len,
|
||||||
@ -672,10 +672,10 @@ static struct wpabuf * eap_mschapv2_failure(struct eap_sm *sm,
|
|||||||
os_free(buf);
|
os_free(buf);
|
||||||
}
|
}
|
||||||
|
|
||||||
ret->ignore = FALSE;
|
ret->ignore = false;
|
||||||
ret->methodState = METHOD_DONE;
|
ret->methodState = METHOD_DONE;
|
||||||
ret->decision = DECISION_FAIL;
|
ret->decision = DECISION_FAIL;
|
||||||
ret->allowNotifications = FALSE;
|
ret->allowNotifications = false;
|
||||||
|
|
||||||
if (data->prev_error == ERROR_PASSWD_EXPIRED &&
|
if (data->prev_error == ERROR_PASSWD_EXPIRED &&
|
||||||
data->passwd_change_version == 3) {
|
data->passwd_change_version == 3) {
|
||||||
@ -783,7 +783,7 @@ static struct wpabuf * eap_mschapv2_process(struct eap_sm *sm, void *priv,
|
|||||||
u8 id;
|
u8 id;
|
||||||
|
|
||||||
if (eap_mschapv2_check_config(sm)) {
|
if (eap_mschapv2_check_config(sm)) {
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -800,13 +800,13 @@ static struct wpabuf * eap_mschapv2_process(struct eap_sm *sm, void *priv,
|
|||||||
pos = eap_hdr_validate(EAP_VENDOR_IETF, EAP_TYPE_MSCHAPV2, reqData,
|
pos = eap_hdr_validate(EAP_VENDOR_IETF, EAP_TYPE_MSCHAPV2, reqData,
|
||||||
&len);
|
&len);
|
||||||
if (pos == NULL || len < sizeof(*ms) + 1) {
|
if (pos == NULL || len < sizeof(*ms) + 1) {
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
ms = (const struct eap_mschapv2_hdr *) pos;
|
ms = (const struct eap_mschapv2_hdr *) pos;
|
||||||
if (eap_mschapv2_check_mslen(sm, len, ms)) {
|
if (eap_mschapv2_check_mslen(sm, len, ms)) {
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -826,13 +826,13 @@ static struct wpabuf * eap_mschapv2_process(struct eap_sm *sm, void *priv,
|
|||||||
default:
|
default:
|
||||||
wpa_printf(MSG_INFO, "EAP-MSCHAPV2: Unknown op %d - ignored",
|
wpa_printf(MSG_INFO, "EAP-MSCHAPV2: Unknown op %d - ignored",
|
||||||
ms->op_code);
|
ms->op_code);
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
static Boolean eap_mschapv2_isKeyAvailable(struct eap_sm *sm, void *priv)
|
static bool eap_mschapv2_isKeyAvailable(struct eap_sm *sm, void *priv)
|
||||||
{
|
{
|
||||||
struct eap_mschapv2_data *data = priv;
|
struct eap_mschapv2_data *data = priv;
|
||||||
return data->success && data->master_key_valid;
|
return data->success && data->master_key_valid;
|
||||||
|
@ -36,7 +36,7 @@ static struct wpabuf * eap_otp_process(struct eap_sm *sm, void *priv,
|
|||||||
|
|
||||||
pos = eap_hdr_validate(EAP_VENDOR_IETF, EAP_TYPE_OTP, reqData, &len);
|
pos = eap_hdr_validate(EAP_VENDOR_IETF, EAP_TYPE_OTP, reqData, &len);
|
||||||
if (pos == NULL) {
|
if (pos == NULL) {
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
wpa_hexdump_ascii(MSG_MSGDUMP, "EAP-OTP: Request message",
|
wpa_hexdump_ascii(MSG_MSGDUMP, "EAP-OTP: Request message",
|
||||||
@ -53,15 +53,15 @@ static struct wpabuf * eap_otp_process(struct eap_sm *sm, void *priv,
|
|||||||
if (password == NULL) {
|
if (password == NULL) {
|
||||||
wpa_printf(MSG_INFO, "EAP-OTP: Password not configured");
|
wpa_printf(MSG_INFO, "EAP-OTP: Password not configured");
|
||||||
eap_sm_request_otp(sm, (const char *) pos, len);
|
eap_sm_request_otp(sm, (const char *) pos, len);
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
ret->ignore = FALSE;
|
ret->ignore = false;
|
||||||
|
|
||||||
ret->methodState = METHOD_DONE;
|
ret->methodState = METHOD_DONE;
|
||||||
ret->decision = DECISION_COND_SUCC;
|
ret->decision = DECISION_COND_SUCC;
|
||||||
ret->allowNotifications = FALSE;
|
ret->allowNotifications = false;
|
||||||
|
|
||||||
resp = eap_msg_alloc(EAP_VENDOR_IETF, EAP_TYPE_OTP, password_len,
|
resp = eap_msg_alloc(EAP_VENDOR_IETF, EAP_TYPE_OTP, password_len,
|
||||||
EAP_CODE_RESPONSE, eap_get_id(reqData));
|
EAP_CODE_RESPONSE, eap_get_id(reqData));
|
||||||
|
@ -127,14 +127,14 @@ static struct wpabuf * eap_pax_process_std_1(struct eap_pax_data *data,
|
|||||||
if (data->state != PAX_INIT) {
|
if (data->state != PAX_INIT) {
|
||||||
wpa_printf(MSG_INFO, "EAP-PAX: PAX_STD-1 received in "
|
wpa_printf(MSG_INFO, "EAP-PAX: PAX_STD-1 received in "
|
||||||
"unexpected state (%d) - ignored", data->state);
|
"unexpected state (%d) - ignored", data->state);
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (req->flags & EAP_PAX_FLAGS_CE) {
|
if (req->flags & EAP_PAX_FLAGS_CE) {
|
||||||
wpa_printf(MSG_INFO, "EAP-PAX: PAX_STD-1 with CE flag set - "
|
wpa_printf(MSG_INFO, "EAP-PAX: PAX_STD-1 with CE flag set - "
|
||||||
"ignored");
|
"ignored");
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -143,7 +143,7 @@ static struct wpabuf * eap_pax_process_std_1(struct eap_pax_data *data,
|
|||||||
if (left < 2 + EAP_PAX_RAND_LEN) {
|
if (left < 2 + EAP_PAX_RAND_LEN) {
|
||||||
wpa_printf(MSG_INFO, "EAP-PAX: PAX_STD-1 with too short "
|
wpa_printf(MSG_INFO, "EAP-PAX: PAX_STD-1 with too short "
|
||||||
"payload");
|
"payload");
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -152,7 +152,7 @@ static struct wpabuf * eap_pax_process_std_1(struct eap_pax_data *data,
|
|||||||
wpa_printf(MSG_INFO, "EAP-PAX: PAX_STD-1 with incorrect A "
|
wpa_printf(MSG_INFO, "EAP-PAX: PAX_STD-1 with incorrect A "
|
||||||
"length %d (expected %d)",
|
"length %d (expected %d)",
|
||||||
WPA_GET_BE16(pos), EAP_PAX_RAND_LEN);
|
WPA_GET_BE16(pos), EAP_PAX_RAND_LEN);
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -171,7 +171,7 @@ static struct wpabuf * eap_pax_process_std_1(struct eap_pax_data *data,
|
|||||||
|
|
||||||
if (random_get_bytes(data->rand.r.y, EAP_PAX_RAND_LEN)) {
|
if (random_get_bytes(data->rand.r.y, EAP_PAX_RAND_LEN)) {
|
||||||
wpa_printf(MSG_ERROR, "EAP-PAX: Failed to get random data");
|
wpa_printf(MSG_ERROR, "EAP-PAX: Failed to get random data");
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
wpa_hexdump(MSG_MSGDUMP, "EAP-PAX: Y (client rand)",
|
wpa_hexdump(MSG_MSGDUMP, "EAP-PAX: Y (client rand)",
|
||||||
@ -180,7 +180,7 @@ static struct wpabuf * eap_pax_process_std_1(struct eap_pax_data *data,
|
|||||||
if (eap_pax_initial_key_derivation(req->mac_id, data->ak, data->rand.e,
|
if (eap_pax_initial_key_derivation(req->mac_id, data->ak, data->rand.e,
|
||||||
data->mk, data->ck, data->ick,
|
data->mk, data->ck, data->ick,
|
||||||
data->mid) < 0) {
|
data->mid) < 0) {
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -243,14 +243,14 @@ static struct wpabuf * eap_pax_process_std_3(struct eap_pax_data *data,
|
|||||||
if (data->state != PAX_STD_2_SENT) {
|
if (data->state != PAX_STD_2_SENT) {
|
||||||
wpa_printf(MSG_INFO, "EAP-PAX: PAX_STD-3 received in "
|
wpa_printf(MSG_INFO, "EAP-PAX: PAX_STD-3 received in "
|
||||||
"unexpected state (%d) - ignored", data->state);
|
"unexpected state (%d) - ignored", data->state);
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (req->flags & EAP_PAX_FLAGS_CE) {
|
if (req->flags & EAP_PAX_FLAGS_CE) {
|
||||||
wpa_printf(MSG_INFO, "EAP-PAX: PAX_STD-3 with CE flag set - "
|
wpa_printf(MSG_INFO, "EAP-PAX: PAX_STD-3 with CE flag set - "
|
||||||
"ignored");
|
"ignored");
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -259,7 +259,7 @@ static struct wpabuf * eap_pax_process_std_3(struct eap_pax_data *data,
|
|||||||
if (left < 2 + EAP_PAX_MAC_LEN) {
|
if (left < 2 + EAP_PAX_MAC_LEN) {
|
||||||
wpa_printf(MSG_INFO, "EAP-PAX: PAX_STD-3 with too short "
|
wpa_printf(MSG_INFO, "EAP-PAX: PAX_STD-3 with too short "
|
||||||
"payload");
|
"payload");
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -268,7 +268,7 @@ static struct wpabuf * eap_pax_process_std_3(struct eap_pax_data *data,
|
|||||||
wpa_printf(MSG_INFO, "EAP-PAX: PAX_STD-3 with incorrect "
|
wpa_printf(MSG_INFO, "EAP-PAX: PAX_STD-3 with incorrect "
|
||||||
"MAC_CK length %d (expected %d)",
|
"MAC_CK length %d (expected %d)",
|
||||||
WPA_GET_BE16(pos), EAP_PAX_MAC_LEN);
|
WPA_GET_BE16(pos), EAP_PAX_MAC_LEN);
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
pos += 2;
|
pos += 2;
|
||||||
@ -323,7 +323,7 @@ static struct wpabuf * eap_pax_process_std_3(struct eap_pax_data *data,
|
|||||||
data->state = PAX_DONE;
|
data->state = PAX_DONE;
|
||||||
ret->methodState = METHOD_DONE;
|
ret->methodState = METHOD_DONE;
|
||||||
ret->decision = DECISION_UNCOND_SUCC;
|
ret->decision = DECISION_UNCOND_SUCC;
|
||||||
ret->allowNotifications = FALSE;
|
ret->allowNotifications = false;
|
||||||
|
|
||||||
return resp;
|
return resp;
|
||||||
}
|
}
|
||||||
@ -343,7 +343,7 @@ static struct wpabuf * eap_pax_process(struct eap_sm *sm, void *priv,
|
|||||||
|
|
||||||
pos = eap_hdr_validate(EAP_VENDOR_IETF, EAP_TYPE_PAX, reqData, &len);
|
pos = eap_hdr_validate(EAP_VENDOR_IETF, EAP_TYPE_PAX, reqData, &len);
|
||||||
if (pos == NULL || len < sizeof(*req) + EAP_PAX_ICV_LEN) {
|
if (pos == NULL || len < sizeof(*req) + EAP_PAX_ICV_LEN) {
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
id = eap_get_id(reqData);
|
id = eap_get_id(reqData);
|
||||||
@ -363,7 +363,7 @@ static struct wpabuf * eap_pax_process(struct eap_sm *sm, void *priv,
|
|||||||
wpa_printf(MSG_INFO, "EAP-PAX: MAC ID changed during "
|
wpa_printf(MSG_INFO, "EAP-PAX: MAC ID changed during "
|
||||||
"authentication (was 0x%d, is 0x%d)",
|
"authentication (was 0x%d, is 0x%d)",
|
||||||
data->mac_id, req->mac_id);
|
data->mac_id, req->mac_id);
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -371,7 +371,7 @@ static struct wpabuf * eap_pax_process(struct eap_sm *sm, void *priv,
|
|||||||
wpa_printf(MSG_INFO, "EAP-PAX: DH Group ID changed during "
|
wpa_printf(MSG_INFO, "EAP-PAX: DH Group ID changed during "
|
||||||
"authentication (was 0x%d, is 0x%d)",
|
"authentication (was 0x%d, is 0x%d)",
|
||||||
data->dh_group_id, req->dh_group_id);
|
data->dh_group_id, req->dh_group_id);
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -380,7 +380,7 @@ static struct wpabuf * eap_pax_process(struct eap_sm *sm, void *priv,
|
|||||||
wpa_printf(MSG_INFO, "EAP-PAX: Public Key ID changed during "
|
wpa_printf(MSG_INFO, "EAP-PAX: Public Key ID changed during "
|
||||||
"authentication (was 0x%d, is 0x%d)",
|
"authentication (was 0x%d, is 0x%d)",
|
||||||
data->public_key_id, req->public_key_id);
|
data->public_key_id, req->public_key_id);
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -388,21 +388,21 @@ static struct wpabuf * eap_pax_process(struct eap_sm *sm, void *priv,
|
|||||||
if (req->mac_id != EAP_PAX_MAC_HMAC_SHA1_128) {
|
if (req->mac_id != EAP_PAX_MAC_HMAC_SHA1_128) {
|
||||||
wpa_printf(MSG_INFO, "EAP-PAX: Unsupported MAC ID 0x%x",
|
wpa_printf(MSG_INFO, "EAP-PAX: Unsupported MAC ID 0x%x",
|
||||||
req->mac_id);
|
req->mac_id);
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (req->dh_group_id != EAP_PAX_DH_GROUP_NONE) {
|
if (req->dh_group_id != EAP_PAX_DH_GROUP_NONE) {
|
||||||
wpa_printf(MSG_INFO, "EAP-PAX: Unsupported DH Group ID 0x%x",
|
wpa_printf(MSG_INFO, "EAP-PAX: Unsupported DH Group ID 0x%x",
|
||||||
req->dh_group_id);
|
req->dh_group_id);
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (req->public_key_id != EAP_PAX_PUBLIC_KEY_NONE) {
|
if (req->public_key_id != EAP_PAX_PUBLIC_KEY_NONE) {
|
||||||
wpa_printf(MSG_INFO, "EAP-PAX: Unsupported Public Key ID 0x%x",
|
wpa_printf(MSG_INFO, "EAP-PAX: Unsupported Public Key ID 0x%x",
|
||||||
req->public_key_id);
|
req->public_key_id);
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -410,7 +410,7 @@ static struct wpabuf * eap_pax_process(struct eap_sm *sm, void *priv,
|
|||||||
/* TODO: add support for reassembling fragments */
|
/* TODO: add support for reassembling fragments */
|
||||||
wpa_printf(MSG_INFO, "EAP-PAX: fragmentation not supported - "
|
wpa_printf(MSG_INFO, "EAP-PAX: fragmentation not supported - "
|
||||||
"ignored packet");
|
"ignored packet");
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -430,14 +430,14 @@ static struct wpabuf * eap_pax_process(struct eap_sm *sm, void *priv,
|
|||||||
"message");
|
"message");
|
||||||
wpa_hexdump(MSG_MSGDUMP, "EAP-PAX: expected ICV",
|
wpa_hexdump(MSG_MSGDUMP, "EAP-PAX: expected ICV",
|
||||||
icvbuf, EAP_PAX_ICV_LEN);
|
icvbuf, EAP_PAX_ICV_LEN);
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
ret->ignore = FALSE;
|
ret->ignore = false;
|
||||||
ret->methodState = METHOD_MAY_CONT;
|
ret->methodState = METHOD_MAY_CONT;
|
||||||
ret->decision = DECISION_FAIL;
|
ret->decision = DECISION_FAIL;
|
||||||
ret->allowNotifications = TRUE;
|
ret->allowNotifications = true;
|
||||||
|
|
||||||
switch (req->op_code) {
|
switch (req->op_code) {
|
||||||
case EAP_PAX_OP_STD_1:
|
case EAP_PAX_OP_STD_1:
|
||||||
@ -449,19 +449,19 @@ static struct wpabuf * eap_pax_process(struct eap_sm *sm, void *priv,
|
|||||||
default:
|
default:
|
||||||
wpa_printf(MSG_DEBUG, "EAP-PAX: ignoring message with unknown "
|
wpa_printf(MSG_DEBUG, "EAP-PAX: ignoring message with unknown "
|
||||||
"op_code %d", req->op_code);
|
"op_code %d", req->op_code);
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (ret->methodState == METHOD_DONE) {
|
if (ret->methodState == METHOD_DONE) {
|
||||||
ret->allowNotifications = FALSE;
|
ret->allowNotifications = false;
|
||||||
}
|
}
|
||||||
|
|
||||||
return resp;
|
return resp;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
static Boolean eap_pax_isKeyAvailable(struct eap_sm *sm, void *priv)
|
static bool eap_pax_isKeyAvailable(struct eap_sm *sm, void *priv)
|
||||||
{
|
{
|
||||||
struct eap_pax_data *data = priv;
|
struct eap_pax_data *data = priv;
|
||||||
return data->state == PAX_DONE;
|
return data->state == PAX_DONE;
|
||||||
|
@ -137,7 +137,7 @@ static void * eap_peap_init(struct eap_sm *sm)
|
|||||||
data = os_zalloc(sizeof(*data));
|
data = os_zalloc(sizeof(*data));
|
||||||
if (data == NULL)
|
if (data == NULL)
|
||||||
return NULL;
|
return NULL;
|
||||||
sm->peap_done = FALSE;
|
sm->peap_done = false;
|
||||||
data->peap_version = EAP_PEAP_VERSION;
|
data->peap_version = EAP_PEAP_VERSION;
|
||||||
data->force_peap_version = -1;
|
data->force_peap_version = -1;
|
||||||
data->peap_outer_success = 2;
|
data->peap_outer_success = 2;
|
||||||
@ -920,7 +920,7 @@ continue_req:
|
|||||||
/* No EAP-Success expected for Phase 1 (outer,
|
/* No EAP-Success expected for Phase 1 (outer,
|
||||||
* unencrypted auth), so force EAP state
|
* unencrypted auth), so force EAP state
|
||||||
* machine to SUCCESS state. */
|
* machine to SUCCESS state. */
|
||||||
sm->peap_done = TRUE;
|
sm->peap_done = true;
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
/* FIX: ? */
|
/* FIX: ? */
|
||||||
@ -930,7 +930,7 @@ continue_req:
|
|||||||
wpa_printf(MSG_DEBUG, "EAP-PEAP: Phase 2 Failure");
|
wpa_printf(MSG_DEBUG, "EAP-PEAP: Phase 2 Failure");
|
||||||
ret->decision = DECISION_FAIL;
|
ret->decision = DECISION_FAIL;
|
||||||
ret->methodState = METHOD_MAY_CONT;
|
ret->methodState = METHOD_MAY_CONT;
|
||||||
ret->allowNotifications = FALSE;
|
ret->allowNotifications = false;
|
||||||
/* Reply with EAP-Failure within the TLS channel to complete
|
/* Reply with EAP-Failure within the TLS channel to complete
|
||||||
* failure reporting. */
|
* failure reporting. */
|
||||||
resp = wpabuf_alloc(sizeof(struct eap_hdr));
|
resp = wpabuf_alloc(sizeof(struct eap_hdr));
|
||||||
@ -1014,7 +1014,7 @@ static struct wpabuf * eap_peap_process(struct eap_sm *sm, void *priv,
|
|||||||
data->force_peap_version);
|
data->force_peap_version);
|
||||||
ret->methodState = METHOD_DONE;
|
ret->methodState = METHOD_DONE;
|
||||||
ret->decision = DECISION_FAIL;
|
ret->decision = DECISION_FAIL;
|
||||||
ret->allowNotifications = FALSE;
|
ret->allowNotifications = false;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
wpa_printf(MSG_DEBUG, "EAP-PEAP: Using PEAP version %d",
|
wpa_printf(MSG_DEBUG, "EAP-PEAP: Using PEAP version %d",
|
||||||
@ -1166,7 +1166,7 @@ static struct wpabuf * eap_peap_process(struct eap_sm *sm, void *priv,
|
|||||||
}
|
}
|
||||||
|
|
||||||
if (ret->methodState == METHOD_DONE) {
|
if (ret->methodState == METHOD_DONE) {
|
||||||
ret->allowNotifications = FALSE;
|
ret->allowNotifications = false;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (res == 1) {
|
if (res == 1) {
|
||||||
@ -1179,7 +1179,7 @@ static struct wpabuf * eap_peap_process(struct eap_sm *sm, void *priv,
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
static Boolean eap_peap_has_reauth_data(struct eap_sm *sm, void *priv)
|
static bool eap_peap_has_reauth_data(struct eap_sm *sm, void *priv)
|
||||||
{
|
{
|
||||||
struct eap_peap_data *data = priv;
|
struct eap_peap_data *data = priv;
|
||||||
return tls_connection_established(sm->ssl_ctx, data->ssl.conn) &&
|
return tls_connection_established(sm->ssl_ctx, data->ssl.conn) &&
|
||||||
@ -1220,7 +1220,7 @@ static void * eap_peap_init_for_reauth(struct eap_sm *sm, void *priv)
|
|||||||
data->phase2_eap_started = 0;
|
data->phase2_eap_started = 0;
|
||||||
data->resuming = 1;
|
data->resuming = 1;
|
||||||
data->reauth = 1;
|
data->reauth = 1;
|
||||||
sm->peap_done = FALSE;
|
sm->peap_done = false;
|
||||||
return priv;
|
return priv;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -1245,7 +1245,7 @@ static int eap_peap_get_status(struct eap_sm *sm, void *priv, char *buf,
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
static Boolean eap_peap_isKeyAvailable(struct eap_sm *sm, void *priv)
|
static bool eap_peap_isKeyAvailable(struct eap_sm *sm, void *priv)
|
||||||
{
|
{
|
||||||
struct eap_peap_data *data = priv;
|
struct eap_peap_data *data = priv;
|
||||||
return data->key_data != NULL && data->phase2_success;
|
return data->key_data != NULL && data->phase2_success;
|
||||||
|
@ -100,7 +100,7 @@ static struct wpabuf * eap_psk_process_1(struct eap_psk_data *data,
|
|||||||
"length (%lu; expected %lu or more)",
|
"length (%lu; expected %lu or more)",
|
||||||
(unsigned long) len,
|
(unsigned long) len,
|
||||||
(unsigned long) sizeof(*hdr1));
|
(unsigned long) sizeof(*hdr1));
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
wpa_printf(MSG_DEBUG, "EAP-PSK: Flags=0x%x", hdr1->flags);
|
wpa_printf(MSG_DEBUG, "EAP-PSK: Flags=0x%x", hdr1->flags);
|
||||||
@ -120,7 +120,7 @@ static struct wpabuf * eap_psk_process_1(struct eap_psk_data *data,
|
|||||||
if (data->id_s == NULL) {
|
if (data->id_s == NULL) {
|
||||||
wpa_printf(MSG_ERROR, "EAP-PSK: Failed to allocate memory for "
|
wpa_printf(MSG_ERROR, "EAP-PSK: Failed to allocate memory for "
|
||||||
"ID_S (len=%lu)", (unsigned long) data->id_s_len);
|
"ID_S (len=%lu)", (unsigned long) data->id_s_len);
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
wpa_hexdump_ascii(MSG_DEBUG, "EAP-PSK: ID_S",
|
wpa_hexdump_ascii(MSG_DEBUG, "EAP-PSK: ID_S",
|
||||||
@ -128,7 +128,7 @@ static struct wpabuf * eap_psk_process_1(struct eap_psk_data *data,
|
|||||||
|
|
||||||
if (random_get_bytes(data->rand_p, EAP_PSK_RAND_LEN)) {
|
if (random_get_bytes(data->rand_p, EAP_PSK_RAND_LEN)) {
|
||||||
wpa_printf(MSG_ERROR, "EAP-PSK: Failed to get random data");
|
wpa_printf(MSG_ERROR, "EAP-PSK: Failed to get random data");
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -198,7 +198,7 @@ static struct wpabuf * eap_psk_process_3(struct eap_psk_data *data,
|
|||||||
"length (%lu; expected %lu or more)",
|
"length (%lu; expected %lu or more)",
|
||||||
(unsigned long) len,
|
(unsigned long) len,
|
||||||
(unsigned long) sizeof(*hdr3));
|
(unsigned long) sizeof(*hdr3));
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
left = len - sizeof(*hdr3);
|
left = len - sizeof(*hdr3);
|
||||||
@ -220,7 +220,7 @@ static struct wpabuf * eap_psk_process_3(struct eap_psk_data *data,
|
|||||||
wpa_printf(MSG_INFO, "EAP-PSK: Too short PCHANNEL data in "
|
wpa_printf(MSG_INFO, "EAP-PSK: Too short PCHANNEL data in "
|
||||||
"third message (len=%lu, expected 21)",
|
"third message (len=%lu, expected 21)",
|
||||||
(unsigned long) left);
|
(unsigned long) left);
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -377,14 +377,14 @@ static struct wpabuf * eap_psk_process(struct eap_sm *sm, void *priv,
|
|||||||
|
|
||||||
pos = eap_hdr_validate(EAP_VENDOR_IETF, EAP_TYPE_PSK, reqData, &len);
|
pos = eap_hdr_validate(EAP_VENDOR_IETF, EAP_TYPE_PSK, reqData, &len);
|
||||||
if (pos == NULL) {
|
if (pos == NULL) {
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
ret->ignore = FALSE;
|
ret->ignore = false;
|
||||||
ret->methodState = METHOD_MAY_CONT;
|
ret->methodState = METHOD_MAY_CONT;
|
||||||
ret->decision = DECISION_FAIL;
|
ret->decision = DECISION_FAIL;
|
||||||
ret->allowNotifications = TRUE;
|
ret->allowNotifications = true;
|
||||||
|
|
||||||
switch (data->state) {
|
switch (data->state) {
|
||||||
case PSK_INIT:
|
case PSK_INIT:
|
||||||
@ -396,19 +396,19 @@ static struct wpabuf * eap_psk_process(struct eap_sm *sm, void *priv,
|
|||||||
case PSK_DONE:
|
case PSK_DONE:
|
||||||
wpa_printf(MSG_DEBUG, "EAP-PSK: in DONE state - ignore "
|
wpa_printf(MSG_DEBUG, "EAP-PSK: in DONE state - ignore "
|
||||||
"unexpected message");
|
"unexpected message");
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (ret->methodState == METHOD_DONE) {
|
if (ret->methodState == METHOD_DONE) {
|
||||||
ret->allowNotifications = FALSE;
|
ret->allowNotifications = false;
|
||||||
}
|
}
|
||||||
|
|
||||||
return resp;
|
return resp;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
static Boolean eap_psk_isKeyAvailable(struct eap_sm *sm, void *priv)
|
static bool eap_psk_isKeyAvailable(struct eap_sm *sm, void *priv)
|
||||||
{
|
{
|
||||||
struct eap_psk_data *data = priv;
|
struct eap_psk_data *data = priv;
|
||||||
return data->state == PSK_DONE;
|
return data->state == PSK_DONE;
|
||||||
|
@ -257,13 +257,13 @@ eap_pwd_perform_id_exchange(struct eap_sm *sm, struct eap_pwd_data *data,
|
|||||||
struct eap_pwd_id *id;
|
struct eap_pwd_id *id;
|
||||||
|
|
||||||
if (data->state != PWD_ID_Req) {
|
if (data->state != PWD_ID_Req) {
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
eap_pwd_state(data, FAILURE);
|
eap_pwd_state(data, FAILURE);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (payload_len < sizeof(struct eap_pwd_id)) {
|
if (payload_len < sizeof(struct eap_pwd_id)) {
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
eap_pwd_state(data, FAILURE);
|
eap_pwd_state(data, FAILURE);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
@ -369,14 +369,14 @@ eap_pwd_perform_commit_exchange(struct eap_sm *sm, struct eap_pwd_data *data,
|
|||||||
int res;
|
int res;
|
||||||
|
|
||||||
if (data->state != PWD_Commit_Req) {
|
if (data->state != PWD_Commit_Req) {
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
goto fin;
|
goto fin;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!data->grp) {
|
if (!data->grp) {
|
||||||
wpa_printf(MSG_DEBUG,
|
wpa_printf(MSG_DEBUG,
|
||||||
"EAP-PWD (client): uninitialized EAP-pwd group");
|
"EAP-PWD (client): uninitialized EAP-pwd group");
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
goto fin;
|
goto fin;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -696,7 +696,7 @@ eap_pwd_perform_confirm_exchange(struct eap_sm *sm, struct eap_pwd_data *data,
|
|||||||
size_t prime_len = 0, order_len = 0;
|
size_t prime_len = 0, order_len = 0;
|
||||||
|
|
||||||
if (data->state != PWD_Confirm_Req) {
|
if (data->state != PWD_Confirm_Req) {
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
goto fin;
|
goto fin;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -878,14 +878,14 @@ eap_pwd_process(struct eap_sm *sm, void *priv, struct eap_method_ret *ret,
|
|||||||
wpa_printf(MSG_DEBUG, "EAP-pwd: Got a frame but pos is %s and "
|
wpa_printf(MSG_DEBUG, "EAP-pwd: Got a frame but pos is %s and "
|
||||||
"len is %d",
|
"len is %d",
|
||||||
pos == NULL ? "NULL" : "not NULL", (int) len);
|
pos == NULL ? "NULL" : "not NULL", (int) len);
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
ret->ignore = FALSE;
|
ret->ignore = false;
|
||||||
ret->methodState = METHOD_MAY_CONT;
|
ret->methodState = METHOD_MAY_CONT;
|
||||||
ret->decision = DECISION_FAIL;
|
ret->decision = DECISION_FAIL;
|
||||||
ret->allowNotifications = FALSE;
|
ret->allowNotifications = false;
|
||||||
|
|
||||||
lm_exch = *pos;
|
lm_exch = *pos;
|
||||||
pos++; /* skip over the bits and the exch */
|
pos++; /* skip over the bits and the exch */
|
||||||
@ -951,7 +951,7 @@ eap_pwd_process(struct eap_sm *sm, void *priv, struct eap_method_ret *ret,
|
|||||||
if (len < 2) {
|
if (len < 2) {
|
||||||
wpa_printf(MSG_DEBUG,
|
wpa_printf(MSG_DEBUG,
|
||||||
"EAP-pwd: Frame too short to contain Total-Length field");
|
"EAP-pwd: Frame too short to contain Total-Length field");
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
tot_len = WPA_GET_BE16(pos);
|
tot_len = WPA_GET_BE16(pos);
|
||||||
@ -962,7 +962,7 @@ eap_pwd_process(struct eap_sm *sm, void *priv, struct eap_method_ret *ret,
|
|||||||
if (data->inbuf) {
|
if (data->inbuf) {
|
||||||
wpa_printf(MSG_DEBUG,
|
wpa_printf(MSG_DEBUG,
|
||||||
"EAP-pwd: Unexpected new fragment start when previous fragment is still in use");
|
"EAP-pwd: Unexpected new fragment start when previous fragment is still in use");
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
data->inbuf = wpabuf_alloc(tot_len);
|
data->inbuf = wpabuf_alloc(tot_len);
|
||||||
@ -1107,7 +1107,7 @@ eap_pwd_process(struct eap_sm *sm, void *priv, struct eap_method_ret *ret,
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
static Boolean eap_pwd_key_available(struct eap_sm *sm, void *priv)
|
static bool eap_pwd_key_available(struct eap_sm *sm, void *priv)
|
||||||
{
|
{
|
||||||
struct eap_pwd_data *data = priv;
|
struct eap_pwd_data *data = priv;
|
||||||
return data->state == SUCCESS;
|
return data->state == SUCCESS;
|
||||||
|
@ -148,7 +148,7 @@ static struct wpabuf * eap_sake_process_identity(struct eap_sm *sm,
|
|||||||
struct wpabuf *resp;
|
struct wpabuf *resp;
|
||||||
|
|
||||||
if (data->state != IDENTITY) {
|
if (data->state != IDENTITY) {
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -195,7 +195,7 @@ static struct wpabuf * eap_sake_process_challenge(struct eap_sm *sm,
|
|||||||
if (data->state != IDENTITY && data->state != CHALLENGE) {
|
if (data->state != IDENTITY && data->state != CHALLENGE) {
|
||||||
wpa_printf(MSG_DEBUG, "EAP-SAKE: Request/Challenge received "
|
wpa_printf(MSG_DEBUG, "EAP-SAKE: Request/Challenge received "
|
||||||
"in unexpected state (%d)", data->state);
|
"in unexpected state (%d)", data->state);
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
if (data->state == IDENTITY)
|
if (data->state == IDENTITY)
|
||||||
@ -296,7 +296,7 @@ static struct wpabuf * eap_sake_process_confirm(struct eap_sm *sm,
|
|||||||
u8 *rpos;
|
u8 *rpos;
|
||||||
|
|
||||||
if (data->state != CONFIRM) {
|
if (data->state != CONFIRM) {
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -320,7 +320,7 @@ static struct wpabuf * eap_sake_process_confirm(struct eap_sm *sm,
|
|||||||
eap_sake_state(data, FAILURE);
|
eap_sake_state(data, FAILURE);
|
||||||
ret->methodState = METHOD_DONE;
|
ret->methodState = METHOD_DONE;
|
||||||
ret->decision = DECISION_FAIL;
|
ret->decision = DECISION_FAIL;
|
||||||
ret->allowNotifications = FALSE;
|
ret->allowNotifications = false;
|
||||||
wpa_printf(MSG_DEBUG, "EAP-SAKE: Sending Response/Auth-Reject");
|
wpa_printf(MSG_DEBUG, "EAP-SAKE: Sending Response/Auth-Reject");
|
||||||
return eap_sake_build_msg(data, id, 0,
|
return eap_sake_build_msg(data, id, 0,
|
||||||
EAP_SAKE_SUBTYPE_AUTH_REJECT);
|
EAP_SAKE_SUBTYPE_AUTH_REJECT);
|
||||||
@ -330,7 +330,7 @@ static struct wpabuf * eap_sake_process_confirm(struct eap_sm *sm,
|
|||||||
eap_sake_state(data, FAILURE);
|
eap_sake_state(data, FAILURE);
|
||||||
ret->methodState = METHOD_DONE;
|
ret->methodState = METHOD_DONE;
|
||||||
ret->decision = DECISION_FAIL;
|
ret->decision = DECISION_FAIL;
|
||||||
ret->allowNotifications = FALSE;
|
ret->allowNotifications = false;
|
||||||
wpa_printf(MSG_DEBUG, "EAP-SAKE: Sending "
|
wpa_printf(MSG_DEBUG, "EAP-SAKE: Sending "
|
||||||
"Response/Auth-Reject");
|
"Response/Auth-Reject");
|
||||||
return eap_sake_build_msg(data, id, 0,
|
return eap_sake_build_msg(data, id, 0,
|
||||||
@ -361,7 +361,7 @@ static struct wpabuf * eap_sake_process_confirm(struct eap_sm *sm,
|
|||||||
eap_sake_state(data, SUCCESS);
|
eap_sake_state(data, SUCCESS);
|
||||||
ret->methodState = METHOD_DONE;
|
ret->methodState = METHOD_DONE;
|
||||||
ret->decision = DECISION_UNCOND_SUCC;
|
ret->decision = DECISION_UNCOND_SUCC;
|
||||||
ret->allowNotifications = FALSE;
|
ret->allowNotifications = false;
|
||||||
|
|
||||||
return resp;
|
return resp;
|
||||||
}
|
}
|
||||||
@ -380,7 +380,7 @@ static struct wpabuf * eap_sake_process(struct eap_sm *sm, void *priv,
|
|||||||
|
|
||||||
pos = eap_hdr_validate(EAP_VENDOR_IETF, EAP_TYPE_SAKE, reqData, &len);
|
pos = eap_hdr_validate(EAP_VENDOR_IETF, EAP_TYPE_SAKE, reqData, &len);
|
||||||
if (pos == NULL || len < sizeof(struct eap_sake_hdr)) {
|
if (pos == NULL || len < sizeof(struct eap_sake_hdr)) {
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -399,16 +399,16 @@ static struct wpabuf * eap_sake_process(struct eap_sm *sm, void *priv,
|
|||||||
if (data->session_id_set && data->session_id != session_id) {
|
if (data->session_id_set && data->session_id != session_id) {
|
||||||
wpa_printf(MSG_INFO, "EAP-SAKE: Session ID mismatch (%d,%d)",
|
wpa_printf(MSG_INFO, "EAP-SAKE: Session ID mismatch (%d,%d)",
|
||||||
session_id, data->session_id);
|
session_id, data->session_id);
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
data->session_id = session_id;
|
data->session_id = session_id;
|
||||||
data->session_id_set = 1;
|
data->session_id_set = 1;
|
||||||
|
|
||||||
ret->ignore = FALSE;
|
ret->ignore = false;
|
||||||
ret->methodState = METHOD_MAY_CONT;
|
ret->methodState = METHOD_MAY_CONT;
|
||||||
ret->decision = DECISION_FAIL;
|
ret->decision = DECISION_FAIL;
|
||||||
ret->allowNotifications = TRUE;
|
ret->allowNotifications = true;
|
||||||
|
|
||||||
switch (subtype) {
|
switch (subtype) {
|
||||||
case EAP_SAKE_SUBTYPE_IDENTITY:
|
case EAP_SAKE_SUBTYPE_IDENTITY:
|
||||||
@ -426,18 +426,18 @@ static struct wpabuf * eap_sake_process(struct eap_sm *sm, void *priv,
|
|||||||
default:
|
default:
|
||||||
wpa_printf(MSG_DEBUG, "EAP-SAKE: Ignoring message with "
|
wpa_printf(MSG_DEBUG, "EAP-SAKE: Ignoring message with "
|
||||||
"unknown subtype %d", subtype);
|
"unknown subtype %d", subtype);
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (ret->methodState == METHOD_DONE)
|
if (ret->methodState == METHOD_DONE)
|
||||||
ret->allowNotifications = FALSE;
|
ret->allowNotifications = false;
|
||||||
|
|
||||||
return resp;
|
return resp;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
static Boolean eap_sake_isKeyAvailable(struct eap_sm *sm, void *priv)
|
static bool eap_sake_isKeyAvailable(struct eap_sm *sm, void *priv)
|
||||||
{
|
{
|
||||||
struct eap_sake_data *data = priv;
|
struct eap_sake_data *data = priv;
|
||||||
return data->state == SUCCESS;
|
return data->state == SUCCESS;
|
||||||
|
@ -1104,23 +1104,23 @@ static struct wpabuf * eap_sim_process(struct eap_sm *sm, void *priv,
|
|||||||
if (eap_get_config_identity(sm, &len) == NULL) {
|
if (eap_get_config_identity(sm, &len) == NULL) {
|
||||||
wpa_printf(MSG_INFO, "EAP-SIM: Identity not configured");
|
wpa_printf(MSG_INFO, "EAP-SIM: Identity not configured");
|
||||||
eap_sm_request_identity(sm);
|
eap_sm_request_identity(sm);
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
pos = eap_hdr_validate(EAP_VENDOR_IETF, EAP_TYPE_SIM, reqData, &len);
|
pos = eap_hdr_validate(EAP_VENDOR_IETF, EAP_TYPE_SIM, reqData, &len);
|
||||||
if (pos == NULL || len < 3) {
|
if (pos == NULL || len < 3) {
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
req = wpabuf_head(reqData);
|
req = wpabuf_head(reqData);
|
||||||
id = req->identifier;
|
id = req->identifier;
|
||||||
len = be_to_host16(req->length);
|
len = be_to_host16(req->length);
|
||||||
|
|
||||||
ret->ignore = FALSE;
|
ret->ignore = false;
|
||||||
ret->methodState = METHOD_MAY_CONT;
|
ret->methodState = METHOD_MAY_CONT;
|
||||||
ret->decision = DECISION_FAIL;
|
ret->decision = DECISION_FAIL;
|
||||||
ret->allowNotifications = TRUE;
|
ret->allowNotifications = true;
|
||||||
|
|
||||||
subtype = *pos++;
|
subtype = *pos++;
|
||||||
wpa_printf(MSG_DEBUG, "EAP-SIM: Subtype=%d", subtype);
|
wpa_printf(MSG_DEBUG, "EAP-SIM: Subtype=%d", subtype);
|
||||||
@ -1173,14 +1173,14 @@ done:
|
|||||||
ret->methodState = METHOD_CONT;
|
ret->methodState = METHOD_CONT;
|
||||||
|
|
||||||
if (ret->methodState == METHOD_DONE) {
|
if (ret->methodState == METHOD_DONE) {
|
||||||
ret->allowNotifications = FALSE;
|
ret->allowNotifications = false;
|
||||||
}
|
}
|
||||||
|
|
||||||
return res;
|
return res;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
static Boolean eap_sim_has_reauth_data(struct eap_sm *sm, void *priv)
|
static bool eap_sim_has_reauth_data(struct eap_sm *sm, void *priv)
|
||||||
{
|
{
|
||||||
struct eap_sim_data *data = priv;
|
struct eap_sim_data *data = priv;
|
||||||
return data->pseudonym || data->reauth_id;
|
return data->pseudonym || data->reauth_id;
|
||||||
@ -1231,7 +1231,7 @@ static const u8 * eap_sim_get_identity(struct eap_sm *sm, void *priv,
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
static Boolean eap_sim_isKeyAvailable(struct eap_sm *sm, void *priv)
|
static bool eap_sim_isKeyAvailable(struct eap_sm *sm, void *priv)
|
||||||
{
|
{
|
||||||
struct eap_sim_data *data = priv;
|
struct eap_sim_data *data = priv;
|
||||||
return data->state == SUCCESS;
|
return data->state == SUCCESS;
|
||||||
|
@ -1985,7 +1985,7 @@ static struct wpabuf * eap_teap_process(struct eap_sm *sm, void *priv,
|
|||||||
|
|
||||||
|
|
||||||
#if 0 /* TODO */
|
#if 0 /* TODO */
|
||||||
static Boolean eap_teap_has_reauth_data(struct eap_sm *sm, void *priv)
|
static bool eap_teap_has_reauth_data(struct eap_sm *sm, void *priv)
|
||||||
{
|
{
|
||||||
struct eap_teap_data *data = priv;
|
struct eap_teap_data *data = priv;
|
||||||
|
|
||||||
@ -2048,7 +2048,7 @@ static int eap_teap_get_status(struct eap_sm *sm, void *priv, char *buf,
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
static Boolean eap_teap_isKeyAvailable(struct eap_sm *sm, void *priv)
|
static bool eap_teap_isKeyAvailable(struct eap_sm *sm, void *priv)
|
||||||
{
|
{
|
||||||
struct eap_teap_data *data = priv;
|
struct eap_teap_data *data = priv;
|
||||||
|
|
||||||
|
@ -62,12 +62,12 @@ static void * eap_tls_init(struct eap_sm *sm)
|
|||||||
wpa_printf(MSG_DEBUG, "EAP-TLS: Requesting Smartcard "
|
wpa_printf(MSG_DEBUG, "EAP-TLS: Requesting Smartcard "
|
||||||
"PIN");
|
"PIN");
|
||||||
eap_sm_request_pin(sm);
|
eap_sm_request_pin(sm);
|
||||||
sm->ignore = TRUE;
|
sm->ignore = true;
|
||||||
} else if (cert->private_key && !cert->private_key_passwd) {
|
} else if (cert->private_key && !cert->private_key_passwd) {
|
||||||
wpa_printf(MSG_DEBUG, "EAP-TLS: Requesting private "
|
wpa_printf(MSG_DEBUG, "EAP-TLS: Requesting private "
|
||||||
"key passphrase");
|
"key passphrase");
|
||||||
eap_sm_request_passphrase(sm);
|
eap_sm_request_passphrase(sm);
|
||||||
sm->ignore = TRUE;
|
sm->ignore = true;
|
||||||
}
|
}
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
@ -326,7 +326,7 @@ static struct wpabuf * eap_tls_process(struct eap_sm *sm, void *priv,
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
static Boolean eap_tls_has_reauth_data(struct eap_sm *sm, void *priv)
|
static bool eap_tls_has_reauth_data(struct eap_sm *sm, void *priv)
|
||||||
{
|
{
|
||||||
struct eap_tls_data *data = priv;
|
struct eap_tls_data *data = priv;
|
||||||
return tls_connection_established(data->ssl_ctx, data->ssl.conn);
|
return tls_connection_established(data->ssl_ctx, data->ssl.conn);
|
||||||
@ -364,7 +364,7 @@ static int eap_tls_get_status(struct eap_sm *sm, void *priv, char *buf,
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
static Boolean eap_tls_isKeyAvailable(struct eap_sm *sm, void *priv)
|
static bool eap_tls_isKeyAvailable(struct eap_sm *sm, void *priv)
|
||||||
{
|
{
|
||||||
struct eap_tls_data *data = priv;
|
struct eap_tls_data *data = priv;
|
||||||
return data->key_data != NULL;
|
return data->key_data != NULL;
|
||||||
|
@ -269,12 +269,12 @@ static int eap_tls_init_connection(struct eap_sm *sm,
|
|||||||
os_free(config->cert.pin);
|
os_free(config->cert.pin);
|
||||||
config->cert.pin = NULL;
|
config->cert.pin = NULL;
|
||||||
eap_sm_request_pin(sm);
|
eap_sm_request_pin(sm);
|
||||||
sm->ignore = TRUE;
|
sm->ignore = true;
|
||||||
} else if (res == TLS_SET_PARAMS_ENGINE_PRV_INIT_FAILED) {
|
} else if (res == TLS_SET_PARAMS_ENGINE_PRV_INIT_FAILED) {
|
||||||
wpa_printf(MSG_INFO, "TLS: Failed to initialize engine");
|
wpa_printf(MSG_INFO, "TLS: Failed to initialize engine");
|
||||||
} else if (res == TLS_SET_PARAMS_ENGINE_PRV_VERIFY_FAILED) {
|
} else if (res == TLS_SET_PARAMS_ENGINE_PRV_VERIFY_FAILED) {
|
||||||
wpa_printf(MSG_INFO, "TLS: Failed to load private key");
|
wpa_printf(MSG_INFO, "TLS: Failed to load private key");
|
||||||
sm->ignore = TRUE;
|
sm->ignore = true;
|
||||||
}
|
}
|
||||||
if (res) {
|
if (res) {
|
||||||
wpa_printf(MSG_INFO, "TLS: Failed to set TLS connection "
|
wpa_printf(MSG_INFO, "TLS: Failed to set TLS connection "
|
||||||
@ -913,7 +913,7 @@ const u8 * eap_peer_tls_process_init(struct eap_sm *sm,
|
|||||||
|
|
||||||
if (tls_get_errors(data->ssl_ctx)) {
|
if (tls_get_errors(data->ssl_ctx)) {
|
||||||
wpa_printf(MSG_INFO, "SSL: TLS errors detected");
|
wpa_printf(MSG_INFO, "SSL: TLS errors detected");
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -929,14 +929,14 @@ const u8 * eap_peer_tls_process_init(struct eap_sm *sm,
|
|||||||
pos = eap_hdr_validate(EAP_VENDOR_IETF, eap_type, reqData,
|
pos = eap_hdr_validate(EAP_VENDOR_IETF, eap_type, reqData,
|
||||||
&left);
|
&left);
|
||||||
if (pos == NULL) {
|
if (pos == NULL) {
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
if (left == 0) {
|
if (left == 0) {
|
||||||
wpa_printf(MSG_DEBUG, "SSL: Invalid TLS message: no Flags "
|
wpa_printf(MSG_DEBUG, "SSL: Invalid TLS message: no Flags "
|
||||||
"octet included");
|
"octet included");
|
||||||
if (!sm->workaround) {
|
if (!sm->workaround) {
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -954,7 +954,7 @@ const u8 * eap_peer_tls_process_init(struct eap_sm *sm,
|
|||||||
if (left < 4) {
|
if (left < 4) {
|
||||||
wpa_printf(MSG_INFO, "SSL: Short frame with TLS "
|
wpa_printf(MSG_INFO, "SSL: Short frame with TLS "
|
||||||
"length");
|
"length");
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
tls_msg_len = WPA_GET_BE32(pos);
|
tls_msg_len = WPA_GET_BE32(pos);
|
||||||
@ -973,15 +973,15 @@ const u8 * eap_peer_tls_process_init(struct eap_sm *sm,
|
|||||||
wpa_printf(MSG_INFO, "SSL: TLS Message Length (%d "
|
wpa_printf(MSG_INFO, "SSL: TLS Message Length (%d "
|
||||||
"bytes) smaller than this fragment (%d "
|
"bytes) smaller than this fragment (%d "
|
||||||
"bytes)", (int) tls_msg_len, (int) left);
|
"bytes)", (int) tls_msg_len, (int) left);
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
ret->ignore = FALSE;
|
ret->ignore = false;
|
||||||
ret->methodState = METHOD_MAY_CONT;
|
ret->methodState = METHOD_MAY_CONT;
|
||||||
ret->decision = DECISION_FAIL;
|
ret->decision = DECISION_FAIL;
|
||||||
ret->allowNotifications = TRUE;
|
ret->allowNotifications = true;
|
||||||
|
|
||||||
*len = left;
|
*len = left;
|
||||||
return pos;
|
return pos;
|
||||||
|
@ -92,9 +92,9 @@ static struct wpabuf * eap_tnc_build_msg(struct eap_tnc_data *data,
|
|||||||
u8 flags;
|
u8 flags;
|
||||||
size_t send_len, plen;
|
size_t send_len, plen;
|
||||||
|
|
||||||
ret->ignore = FALSE;
|
ret->ignore = false;
|
||||||
wpa_printf(MSG_DEBUG, "EAP-TNC: Generating Response");
|
wpa_printf(MSG_DEBUG, "EAP-TNC: Generating Response");
|
||||||
ret->allowNotifications = TRUE;
|
ret->allowNotifications = true;
|
||||||
|
|
||||||
flags = EAP_TNC_VERSION;
|
flags = EAP_TNC_VERSION;
|
||||||
send_len = wpabuf_len(data->out_buf) - data->out_used;
|
send_len = wpabuf_len(data->out_buf) - data->out_used;
|
||||||
@ -174,7 +174,7 @@ static struct wpabuf * eap_tnc_process_fragment(struct eap_tnc_data *data,
|
|||||||
if (data->in_buf == NULL && !(flags & EAP_TNC_FLAGS_LENGTH_INCLUDED)) {
|
if (data->in_buf == NULL && !(flags & EAP_TNC_FLAGS_LENGTH_INCLUDED)) {
|
||||||
wpa_printf(MSG_DEBUG, "EAP-TNC: No Message Length field in a "
|
wpa_printf(MSG_DEBUG, "EAP-TNC: No Message Length field in a "
|
||||||
"fragmented packet");
|
"fragmented packet");
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -184,7 +184,7 @@ static struct wpabuf * eap_tnc_process_fragment(struct eap_tnc_data *data,
|
|||||||
if (data->in_buf == NULL) {
|
if (data->in_buf == NULL) {
|
||||||
wpa_printf(MSG_DEBUG, "EAP-TNC: No memory for "
|
wpa_printf(MSG_DEBUG, "EAP-TNC: No memory for "
|
||||||
"message");
|
"message");
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
wpabuf_put_data(data->in_buf, buf, len);
|
wpabuf_put_data(data->in_buf, buf, len);
|
||||||
@ -219,7 +219,7 @@ static struct wpabuf * eap_tnc_process(struct eap_sm *sm, void *priv,
|
|||||||
if (pos == NULL) {
|
if (pos == NULL) {
|
||||||
wpa_printf(MSG_INFO, "EAP-TNC: Invalid frame (pos=%p len=%lu)",
|
wpa_printf(MSG_INFO, "EAP-TNC: Invalid frame (pos=%p len=%lu)",
|
||||||
pos, (unsigned long) len);
|
pos, (unsigned long) len);
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -235,14 +235,14 @@ static struct wpabuf * eap_tnc_process(struct eap_sm *sm, void *priv,
|
|||||||
if (len > 0 && (flags & EAP_TNC_VERSION_MASK) != EAP_TNC_VERSION) {
|
if (len > 0 && (flags & EAP_TNC_VERSION_MASK) != EAP_TNC_VERSION) {
|
||||||
wpa_printf(MSG_DEBUG, "EAP-TNC: Unsupported version %d",
|
wpa_printf(MSG_DEBUG, "EAP-TNC: Unsupported version %d",
|
||||||
flags & EAP_TNC_VERSION_MASK);
|
flags & EAP_TNC_VERSION_MASK);
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (flags & EAP_TNC_FLAGS_LENGTH_INCLUDED) {
|
if (flags & EAP_TNC_FLAGS_LENGTH_INCLUDED) {
|
||||||
if (end - pos < 4) {
|
if (end - pos < 4) {
|
||||||
wpa_printf(MSG_DEBUG, "EAP-TNC: Message underflow");
|
wpa_printf(MSG_DEBUG, "EAP-TNC: Message underflow");
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
message_length = WPA_GET_BE32(pos);
|
message_length = WPA_GET_BE32(pos);
|
||||||
@ -253,7 +253,7 @@ static struct wpabuf * eap_tnc_process(struct eap_sm *sm, void *priv,
|
|||||||
wpa_printf(MSG_DEBUG, "EAP-TNC: Invalid Message "
|
wpa_printf(MSG_DEBUG, "EAP-TNC: Invalid Message "
|
||||||
"Length (%d; %ld remaining in this msg)",
|
"Length (%d; %ld remaining in this msg)",
|
||||||
message_length, (long) (end - pos));
|
message_length, (long) (end - pos));
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -265,7 +265,7 @@ static struct wpabuf * eap_tnc_process(struct eap_sm *sm, void *priv,
|
|||||||
if (len > 1) {
|
if (len > 1) {
|
||||||
wpa_printf(MSG_DEBUG, "EAP-TNC: Unexpected payload in "
|
wpa_printf(MSG_DEBUG, "EAP-TNC: Unexpected payload in "
|
||||||
"WAIT_FRAG_ACK state");
|
"WAIT_FRAG_ACK state");
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
wpa_printf(MSG_DEBUG, "EAP-TNC: Fragment acknowledged");
|
wpa_printf(MSG_DEBUG, "EAP-TNC: Fragment acknowledged");
|
||||||
@ -274,10 +274,10 @@ static struct wpabuf * eap_tnc_process(struct eap_sm *sm, void *priv,
|
|||||||
}
|
}
|
||||||
|
|
||||||
if (data->in_buf && eap_tnc_process_cont(data, pos, end - pos) < 0) {
|
if (data->in_buf && eap_tnc_process_cont(data, pos, end - pos) < 0) {
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (flags & EAP_TNC_FLAGS_MORE_FRAGMENTS) {
|
if (flags & EAP_TNC_FLAGS_MORE_FRAGMENTS) {
|
||||||
return eap_tnc_process_fragment(data, ret, id, flags,
|
return eap_tnc_process_fragment(data, ret, id, flags,
|
||||||
message_length, pos,
|
message_length, pos,
|
||||||
@ -294,7 +294,7 @@ static struct wpabuf * eap_tnc_process(struct eap_sm *sm, void *priv,
|
|||||||
if (!(flags & EAP_TNC_FLAGS_START)) {
|
if (!(flags & EAP_TNC_FLAGS_START)) {
|
||||||
wpa_printf(MSG_DEBUG, "EAP-TNC: Server did not use "
|
wpa_printf(MSG_DEBUG, "EAP-TNC: Server did not use "
|
||||||
"start flag in the first message");
|
"start flag in the first message");
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
goto fail;
|
goto fail;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -307,7 +307,7 @@ static struct wpabuf * eap_tnc_process(struct eap_sm *sm, void *priv,
|
|||||||
if (flags & EAP_TNC_FLAGS_START) {
|
if (flags & EAP_TNC_FLAGS_START) {
|
||||||
wpa_printf(MSG_DEBUG, "EAP-TNC: Server used start "
|
wpa_printf(MSG_DEBUG, "EAP-TNC: Server used start "
|
||||||
"flag again");
|
"flag again");
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
goto fail;
|
goto fail;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -316,7 +316,7 @@ static struct wpabuf * eap_tnc_process(struct eap_sm *sm, void *priv,
|
|||||||
wpabuf_len(data->in_buf));
|
wpabuf_len(data->in_buf));
|
||||||
switch (res) {
|
switch (res) {
|
||||||
case TNCCS_PROCESS_ERROR:
|
case TNCCS_PROCESS_ERROR:
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
goto fail;
|
goto fail;
|
||||||
case TNCCS_PROCESS_OK_NO_RECOMMENDATION:
|
case TNCCS_PROCESS_OK_NO_RECOMMENDATION:
|
||||||
case TNCCS_RECOMMENDATION_ERROR:
|
case TNCCS_RECOMMENDATION_ERROR:
|
||||||
@ -345,10 +345,10 @@ static struct wpabuf * eap_tnc_process(struct eap_sm *sm, void *priv,
|
|||||||
wpabuf_free(data->in_buf);
|
wpabuf_free(data->in_buf);
|
||||||
data->in_buf = NULL;
|
data->in_buf = NULL;
|
||||||
|
|
||||||
ret->ignore = FALSE;
|
ret->ignore = false;
|
||||||
ret->methodState = METHOD_MAY_CONT;
|
ret->methodState = METHOD_MAY_CONT;
|
||||||
ret->decision = DECISION_UNCOND_SUCC;
|
ret->decision = DECISION_UNCOND_SUCC;
|
||||||
ret->allowNotifications = TRUE;
|
ret->allowNotifications = true;
|
||||||
|
|
||||||
if (tncs_done) {
|
if (tncs_done) {
|
||||||
resp = eap_msg_alloc(EAP_VENDOR_IETF, EAP_TYPE_TNC, 1,
|
resp = eap_msg_alloc(EAP_VENDOR_IETF, EAP_TYPE_TNC, 1,
|
||||||
|
@ -1578,7 +1578,7 @@ static void eap_ttls_check_auth_status(struct eap_sm *sm,
|
|||||||
struct eap_method_ret *ret)
|
struct eap_method_ret *ret)
|
||||||
{
|
{
|
||||||
if (ret->methodState == METHOD_DONE) {
|
if (ret->methodState == METHOD_DONE) {
|
||||||
ret->allowNotifications = FALSE;
|
ret->allowNotifications = false;
|
||||||
if (ret->decision == DECISION_UNCOND_SUCC ||
|
if (ret->decision == DECISION_UNCOND_SUCC ||
|
||||||
ret->decision == DECISION_COND_SUCC) {
|
ret->decision == DECISION_COND_SUCC) {
|
||||||
wpa_printf(MSG_DEBUG, "EAP-TTLS: Authentication "
|
wpa_printf(MSG_DEBUG, "EAP-TTLS: Authentication "
|
||||||
@ -1673,7 +1673,7 @@ static struct wpabuf * eap_ttls_process(struct eap_sm *sm, void *priv,
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
static Boolean eap_ttls_has_reauth_data(struct eap_sm *sm, void *priv)
|
static bool eap_ttls_has_reauth_data(struct eap_sm *sm, void *priv)
|
||||||
{
|
{
|
||||||
struct eap_ttls_data *data = priv;
|
struct eap_ttls_data *data = priv;
|
||||||
return tls_connection_established(sm->ssl_ctx, data->ssl.conn) &&
|
return tls_connection_established(sm->ssl_ctx, data->ssl.conn) &&
|
||||||
@ -1764,7 +1764,7 @@ static int eap_ttls_get_status(struct eap_sm *sm, void *priv, char *buf,
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
static Boolean eap_ttls_isKeyAvailable(struct eap_sm *sm, void *priv)
|
static bool eap_ttls_isKeyAvailable(struct eap_sm *sm, void *priv)
|
||||||
{
|
{
|
||||||
struct eap_ttls_data *data = priv;
|
struct eap_ttls_data *data = priv;
|
||||||
return data->key_data != NULL && data->phase2_success;
|
return data->key_data != NULL && data->phase2_success;
|
||||||
|
@ -75,28 +75,28 @@ static struct wpabuf * eap_vendor_test_process(struct eap_sm *sm, void *priv,
|
|||||||
|
|
||||||
pos = eap_hdr_validate(EAP_VENDOR_ID, EAP_VENDOR_TYPE, reqData, &len);
|
pos = eap_hdr_validate(EAP_VENDOR_ID, EAP_VENDOR_TYPE, reqData, &len);
|
||||||
if (pos == NULL || len < 1) {
|
if (pos == NULL || len < 1) {
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (data->state == INIT && *pos != 1) {
|
if (data->state == INIT && *pos != 1) {
|
||||||
wpa_printf(MSG_DEBUG, "EAP-VENDOR-TEST: Unexpected message "
|
wpa_printf(MSG_DEBUG, "EAP-VENDOR-TEST: Unexpected message "
|
||||||
"%d in INIT state", *pos);
|
"%d in INIT state", *pos);
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (data->state == CONFIRM && *pos != 3) {
|
if (data->state == CONFIRM && *pos != 3) {
|
||||||
wpa_printf(MSG_DEBUG, "EAP-VENDOR-TEST: Unexpected message "
|
wpa_printf(MSG_DEBUG, "EAP-VENDOR-TEST: Unexpected message "
|
||||||
"%d in CONFIRM state", *pos);
|
"%d in CONFIRM state", *pos);
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (data->state == SUCCESS) {
|
if (data->state == SUCCESS) {
|
||||||
wpa_printf(MSG_DEBUG, "EAP-VENDOR-TEST: Unexpected message "
|
wpa_printf(MSG_DEBUG, "EAP-VENDOR-TEST: Unexpected message "
|
||||||
"in SUCCESS state");
|
"in SUCCESS state");
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -105,17 +105,17 @@ static struct wpabuf * eap_vendor_test_process(struct eap_sm *sm, void *priv,
|
|||||||
data->first_try = 0;
|
data->first_try = 0;
|
||||||
wpa_printf(MSG_DEBUG, "EAP-VENDOR-TEST: Testing "
|
wpa_printf(MSG_DEBUG, "EAP-VENDOR-TEST: Testing "
|
||||||
"pending request");
|
"pending request");
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
eloop_register_timeout(1, 0, eap_vendor_ready, sm,
|
eloop_register_timeout(1, 0, eap_vendor_ready, sm,
|
||||||
NULL);
|
NULL);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
ret->ignore = FALSE;
|
ret->ignore = false;
|
||||||
|
|
||||||
wpa_printf(MSG_DEBUG, "EAP-VENDOR-TEST: Generating Response");
|
wpa_printf(MSG_DEBUG, "EAP-VENDOR-TEST: Generating Response");
|
||||||
ret->allowNotifications = TRUE;
|
ret->allowNotifications = true;
|
||||||
|
|
||||||
resp = eap_msg_alloc(EAP_VENDOR_ID, EAP_VENDOR_TYPE, 1,
|
resp = eap_msg_alloc(EAP_VENDOR_ID, EAP_VENDOR_TYPE, 1,
|
||||||
EAP_CODE_RESPONSE, eap_get_id(reqData));
|
EAP_CODE_RESPONSE, eap_get_id(reqData));
|
||||||
@ -138,7 +138,7 @@ static struct wpabuf * eap_vendor_test_process(struct eap_sm *sm, void *priv,
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
static Boolean eap_vendor_test_isKeyAvailable(struct eap_sm *sm, void *priv)
|
static bool eap_vendor_test_isKeyAvailable(struct eap_sm *sm, void *priv)
|
||||||
{
|
{
|
||||||
struct eap_vendor_test_data *data = priv;
|
struct eap_vendor_test_data *data = priv;
|
||||||
return data->state == SUCCESS;
|
return data->state == SUCCESS;
|
||||||
|
@ -304,9 +304,9 @@ static struct wpabuf * eap_wsc_build_msg(struct eap_wsc_data *data,
|
|||||||
u8 flags;
|
u8 flags;
|
||||||
size_t send_len, plen;
|
size_t send_len, plen;
|
||||||
|
|
||||||
ret->ignore = FALSE;
|
ret->ignore = false;
|
||||||
wpa_printf(MSG_DEBUG, "EAP-WSC: Generating Response");
|
wpa_printf(MSG_DEBUG, "EAP-WSC: Generating Response");
|
||||||
ret->allowNotifications = TRUE;
|
ret->allowNotifications = true;
|
||||||
|
|
||||||
flags = 0;
|
flags = 0;
|
||||||
send_len = wpabuf_len(data->out_buf) - data->out_used;
|
send_len = wpabuf_len(data->out_buf) - data->out_used;
|
||||||
@ -400,7 +400,7 @@ static struct wpabuf * eap_wsc_process_fragment(struct eap_wsc_data *data,
|
|||||||
if (data->in_buf == NULL && !(flags & WSC_FLAGS_LF)) {
|
if (data->in_buf == NULL && !(flags & WSC_FLAGS_LF)) {
|
||||||
wpa_printf(MSG_DEBUG, "EAP-WSC: No Message Length field in a "
|
wpa_printf(MSG_DEBUG, "EAP-WSC: No Message Length field in a "
|
||||||
"fragmented packet");
|
"fragmented packet");
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -410,7 +410,7 @@ static struct wpabuf * eap_wsc_process_fragment(struct eap_wsc_data *data,
|
|||||||
if (data->in_buf == NULL) {
|
if (data->in_buf == NULL) {
|
||||||
wpa_printf(MSG_DEBUG, "EAP-WSC: No memory for "
|
wpa_printf(MSG_DEBUG, "EAP-WSC: No memory for "
|
||||||
"message");
|
"message");
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
data->in_op_code = op_code;
|
data->in_op_code = op_code;
|
||||||
@ -441,7 +441,7 @@ static struct wpabuf * eap_wsc_process(struct eap_sm *sm, void *priv,
|
|||||||
pos = eap_hdr_validate(EAP_VENDOR_WFA, EAP_VENDOR_TYPE_WSC, reqData,
|
pos = eap_hdr_validate(EAP_VENDOR_WFA, EAP_VENDOR_TYPE_WSC, reqData,
|
||||||
&len);
|
&len);
|
||||||
if (pos == NULL || len < 2) {
|
if (pos == NULL || len < 2) {
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -455,7 +455,7 @@ static struct wpabuf * eap_wsc_process(struct eap_sm *sm, void *priv,
|
|||||||
if (flags & WSC_FLAGS_LF) {
|
if (flags & WSC_FLAGS_LF) {
|
||||||
if (end - pos < 2) {
|
if (end - pos < 2) {
|
||||||
wpa_printf(MSG_DEBUG, "EAP-WSC: Message underflow");
|
wpa_printf(MSG_DEBUG, "EAP-WSC: Message underflow");
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
message_length = WPA_GET_BE16(pos);
|
message_length = WPA_GET_BE16(pos);
|
||||||
@ -464,7 +464,7 @@ static struct wpabuf * eap_wsc_process(struct eap_sm *sm, void *priv,
|
|||||||
if (message_length < end - pos || message_length > 50000) {
|
if (message_length < end - pos || message_length > 50000) {
|
||||||
wpa_printf(MSG_DEBUG, "EAP-WSC: Invalid Message "
|
wpa_printf(MSG_DEBUG, "EAP-WSC: Invalid Message "
|
||||||
"Length");
|
"Length");
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -477,7 +477,7 @@ static struct wpabuf * eap_wsc_process(struct eap_sm *sm, void *priv,
|
|||||||
if (op_code != WSC_FRAG_ACK) {
|
if (op_code != WSC_FRAG_ACK) {
|
||||||
wpa_printf(MSG_DEBUG, "EAP-WSC: Unexpected Op-Code %d "
|
wpa_printf(MSG_DEBUG, "EAP-WSC: Unexpected Op-Code %d "
|
||||||
"in WAIT_FRAG_ACK state", op_code);
|
"in WAIT_FRAG_ACK state", op_code);
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
wpa_printf(MSG_DEBUG, "EAP-WSC: Fragment acknowledged");
|
wpa_printf(MSG_DEBUG, "EAP-WSC: Fragment acknowledged");
|
||||||
@ -489,7 +489,7 @@ static struct wpabuf * eap_wsc_process(struct eap_sm *sm, void *priv,
|
|||||||
op_code != WSC_Done && op_code != WSC_Start) {
|
op_code != WSC_Done && op_code != WSC_Start) {
|
||||||
wpa_printf(MSG_DEBUG, "EAP-WSC: Unexpected Op-Code %d",
|
wpa_printf(MSG_DEBUG, "EAP-WSC: Unexpected Op-Code %d",
|
||||||
op_code);
|
op_code);
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -497,7 +497,7 @@ static struct wpabuf * eap_wsc_process(struct eap_sm *sm, void *priv,
|
|||||||
if (op_code != WSC_Start) {
|
if (op_code != WSC_Start) {
|
||||||
wpa_printf(MSG_DEBUG, "EAP-WSC: Unexpected Op-Code %d "
|
wpa_printf(MSG_DEBUG, "EAP-WSC: Unexpected Op-Code %d "
|
||||||
"in WAIT_START state", op_code);
|
"in WAIT_START state", op_code);
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
wpa_printf(MSG_DEBUG, "EAP-WSC: Received start");
|
wpa_printf(MSG_DEBUG, "EAP-WSC: Received start");
|
||||||
@ -507,13 +507,13 @@ static struct wpabuf * eap_wsc_process(struct eap_sm *sm, void *priv,
|
|||||||
} else if (op_code == WSC_Start) {
|
} else if (op_code == WSC_Start) {
|
||||||
wpa_printf(MSG_DEBUG, "EAP-WSC: Unexpected Op-Code %d",
|
wpa_printf(MSG_DEBUG, "EAP-WSC: Unexpected Op-Code %d",
|
||||||
op_code);
|
op_code);
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (data->in_buf &&
|
if (data->in_buf &&
|
||||||
eap_wsc_process_cont(data, pos, end - pos, op_code) < 0) {
|
eap_wsc_process_cont(data, pos, end - pos, op_code) < 0) {
|
||||||
ret->ignore = TRUE;
|
ret->ignore = true;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user