00001
00002
00003
00004
00005
00006
00007
00008
00009
00010
00011
00012
00013
00014
00015 #include "includes.h"
00016
00017 #include "common.h"
00018 #include "eap_server/eap.h"
00019 #include "eapol_auth_sm.h"
00020 #include "eapol_auth_sm_i.h"
00021
00022 static inline const char * port_type_txt(PortTypes pt)
00023 {
00024 switch (pt) {
00025 case ForceUnauthorized: return "ForceUnauthorized";
00026 case ForceAuthorized: return "ForceAuthorized";
00027 case Auto: return "Auto";
00028 default: return "Unknown";
00029 }
00030 }
00031
00032
00033 static inline const char * port_state_txt(PortState ps)
00034 {
00035 switch (ps) {
00036 case Unauthorized: return "Unauthorized";
00037 case Authorized: return "Authorized";
00038 default: return "Unknown";
00039 }
00040 }
00041
00042
00043 static inline const char * ctrl_dir_txt(ControlledDirection dir)
00044 {
00045 switch (dir) {
00046 case Both: return "Both";
00047 case In: return "In";
00048 default: return "Unknown";
00049 }
00050 }
00051
00052
00053 static inline const char * auth_pae_state_txt(int s)
00054 {
00055 switch (s) {
00056 case AUTH_PAE_INITIALIZE: return "INITIALIZE";
00057 case AUTH_PAE_DISCONNECTED: return "DISCONNECTED";
00058 case AUTH_PAE_CONNECTING: return "CONNECTING";
00059 case AUTH_PAE_AUTHENTICATING: return "AUTHENTICATING";
00060 case AUTH_PAE_AUTHENTICATED: return "AUTHENTICATED";
00061 case AUTH_PAE_ABORTING: return "ABORTING";
00062 case AUTH_PAE_HELD: return "HELD";
00063 case AUTH_PAE_FORCE_AUTH: return "FORCE_AUTH";
00064 case AUTH_PAE_FORCE_UNAUTH: return "FORCE_UNAUTH";
00065 case AUTH_PAE_RESTART: return "RESTART";
00066 default: return "Unknown";
00067 }
00068 }
00069
00070
00071 static inline const char * be_auth_state_txt(int s)
00072 {
00073 switch (s) {
00074 case BE_AUTH_REQUEST: return "REQUEST";
00075 case BE_AUTH_RESPONSE: return "RESPONSE";
00076 case BE_AUTH_SUCCESS: return "SUCCESS";
00077 case BE_AUTH_FAIL: return "FAIL";
00078 case BE_AUTH_TIMEOUT: return "TIMEOUT";
00079 case BE_AUTH_IDLE: return "IDLE";
00080 case BE_AUTH_INITIALIZE: return "INITIALIZE";
00081 case BE_AUTH_IGNORE: return "IGNORE";
00082 default: return "Unknown";
00083 }
00084 }
00085
00086
00087 static inline const char * reauth_timer_state_txt(int s)
00088 {
00089 switch (s) {
00090 case REAUTH_TIMER_INITIALIZE: return "INITIALIZE";
00091 case REAUTH_TIMER_REAUTHENTICATE: return "REAUTHENTICATE";
00092 default: return "Unknown";
00093 }
00094 }
00095
00096
00097 static inline const char * auth_key_tx_state_txt(int s)
00098 {
00099 switch (s) {
00100 case AUTH_KEY_TX_NO_KEY_TRANSMIT: return "NO_KEY_TRANSMIT";
00101 case AUTH_KEY_TX_KEY_TRANSMIT: return "KEY_TRANSMIT";
00102 default: return "Unknown";
00103 }
00104 }
00105
00106
00107 static inline const char * key_rx_state_txt(int s)
00108 {
00109 switch (s) {
00110 case KEY_RX_NO_KEY_RECEIVE: return "NO_KEY_RECEIVE";
00111 case KEY_RX_KEY_RECEIVE: return "KEY_RECEIVE";
00112 default: return "Unknown";
00113 }
00114 }
00115
00116
00117 static inline const char * ctrl_dir_state_txt(int s)
00118 {
00119 switch (s) {
00120 case CTRL_DIR_FORCE_BOTH: return "FORCE_BOTH";
00121 case CTRL_DIR_IN_OR_BOTH: return "IN_OR_BOTH";
00122 default: return "Unknown";
00123 }
00124 }
00125
00126
00127 void eapol_auth_dump_state(FILE *f, const char *prefix,
00128 struct eapol_state_machine *sm)
00129 {
00130 fprintf(f, "%sEAPOL state machine:\n", prefix);
00131 fprintf(f, "%s aWhile=%d quietWhile=%d reAuthWhen=%d\n", prefix,
00132 sm->aWhile, sm->quietWhile, sm->reAuthWhen);
00133 #define _SB(b) ((b) ? "TRUE" : "FALSE")
00134 fprintf(f,
00135 "%s authAbort=%s authFail=%s authPortStatus=%s authStart=%s\n"
00136 "%s authTimeout=%s authSuccess=%s eapFail=%s eapolEap=%s\n"
00137 "%s eapSuccess=%s eapTimeout=%s initialize=%s "
00138 "keyAvailable=%s\n"
00139 "%s keyDone=%s keyRun=%s keyTxEnabled=%s portControl=%s\n"
00140 "%s portEnabled=%s portValid=%s reAuthenticate=%s\n",
00141 prefix, _SB(sm->authAbort), _SB(sm->authFail),
00142 port_state_txt(sm->authPortStatus), _SB(sm->authStart),
00143 prefix, _SB(sm->authTimeout), _SB(sm->authSuccess),
00144 _SB(sm->eap_if->eapFail), _SB(sm->eapolEap),
00145 prefix, _SB(sm->eap_if->eapSuccess),
00146 _SB(sm->eap_if->eapTimeout),
00147 _SB(sm->initialize), _SB(sm->eap_if->eapKeyAvailable),
00148 prefix, _SB(sm->keyDone), _SB(sm->keyRun),
00149 _SB(sm->keyTxEnabled), port_type_txt(sm->portControl),
00150 prefix, _SB(sm->eap_if->portEnabled), _SB(sm->portValid),
00151 _SB(sm->reAuthenticate));
00152
00153 fprintf(f, "%s Authenticator PAE:\n"
00154 "%s state=%s\n"
00155 "%s eapolLogoff=%s eapolStart=%s eapRestart=%s\n"
00156 "%s portMode=%s reAuthCount=%d\n"
00157 "%s quietPeriod=%d reAuthMax=%d\n"
00158 "%s authEntersConnecting=%d\n"
00159 "%s authEapLogoffsWhileConnecting=%d\n"
00160 "%s authEntersAuthenticating=%d\n"
00161 "%s authAuthSuccessesWhileAuthenticating=%d\n"
00162 "%s authAuthTimeoutsWhileAuthenticating=%d\n"
00163 "%s authAuthFailWhileAuthenticating=%d\n"
00164 "%s authAuthEapStartsWhileAuthenticating=%d\n"
00165 "%s authAuthEapLogoffWhileAuthenticating=%d\n"
00166 "%s authAuthReauthsWhileAuthenticated=%d\n"
00167 "%s authAuthEapStartsWhileAuthenticated=%d\n"
00168 "%s authAuthEapLogoffWhileAuthenticated=%d\n",
00169 prefix, prefix, auth_pae_state_txt(sm->auth_pae_state), prefix,
00170 _SB(sm->eapolLogoff), _SB(sm->eapolStart),
00171 _SB(sm->eap_if->eapRestart),
00172 prefix, port_type_txt(sm->portMode), sm->reAuthCount,
00173 prefix, sm->quietPeriod, sm->reAuthMax,
00174 prefix, sm->authEntersConnecting,
00175 prefix, sm->authEapLogoffsWhileConnecting,
00176 prefix, sm->authEntersAuthenticating,
00177 prefix, sm->authAuthSuccessesWhileAuthenticating,
00178 prefix, sm->authAuthTimeoutsWhileAuthenticating,
00179 prefix, sm->authAuthFailWhileAuthenticating,
00180 prefix, sm->authAuthEapStartsWhileAuthenticating,
00181 prefix, sm->authAuthEapLogoffWhileAuthenticating,
00182 prefix, sm->authAuthReauthsWhileAuthenticated,
00183 prefix, sm->authAuthEapStartsWhileAuthenticated,
00184 prefix, sm->authAuthEapLogoffWhileAuthenticated);
00185
00186 fprintf(f, "%s Backend Authentication:\n"
00187 "%s state=%s\n"
00188 "%s eapNoReq=%s eapReq=%s eapResp=%s\n"
00189 "%s serverTimeout=%d\n"
00190 "%s backendResponses=%d\n"
00191 "%s backendAccessChallenges=%d\n"
00192 "%s backendOtherRequestsToSupplicant=%d\n"
00193 "%s backendAuthSuccesses=%d\n"
00194 "%s backendAuthFails=%d\n",
00195 prefix, prefix,
00196 be_auth_state_txt(sm->be_auth_state),
00197 prefix, _SB(sm->eap_if->eapNoReq), _SB(sm->eap_if->eapReq),
00198 _SB(sm->eap_if->eapResp),
00199 prefix, sm->serverTimeout,
00200 prefix, sm->backendResponses,
00201 prefix, sm->backendAccessChallenges,
00202 prefix, sm->backendOtherRequestsToSupplicant,
00203 prefix, sm->backendAuthSuccesses,
00204 prefix, sm->backendAuthFails);
00205
00206 fprintf(f, "%s Reauthentication Timer:\n"
00207 "%s state=%s\n"
00208 "%s reAuthPeriod=%d reAuthEnabled=%s\n", prefix, prefix,
00209 reauth_timer_state_txt(sm->reauth_timer_state), prefix,
00210 sm->reAuthPeriod, _SB(sm->reAuthEnabled));
00211
00212 fprintf(f, "%s Authenticator Key Transmit:\n"
00213 "%s state=%s\n", prefix, prefix,
00214 auth_key_tx_state_txt(sm->auth_key_tx_state));
00215
00216 fprintf(f, "%s Key Receive:\n"
00217 "%s state=%s\n"
00218 "%s rxKey=%s\n", prefix, prefix,
00219 key_rx_state_txt(sm->key_rx_state), prefix, _SB(sm->rxKey));
00220
00221 fprintf(f, "%s Controlled Directions:\n"
00222 "%s state=%s\n"
00223 "%s adminControlledDirections=%s "
00224 "operControlledDirections=%s\n"
00225 "%s operEdge=%s\n", prefix, prefix,
00226 ctrl_dir_state_txt(sm->ctrl_dir_state),
00227 prefix, ctrl_dir_txt(sm->adminControlledDirections),
00228 ctrl_dir_txt(sm->operControlledDirections),
00229 prefix, _SB(sm->operEdge));
00230 #undef _SB
00231 }
