#include "includes.h"
#include "common.h"
#include "state_machine.h"
#include "wpabuf.h"
#include "eloop.h"
#include "crypto/crypto.h"
#include "crypto/md5.h"
#include "common/eapol_common.h"
#include "eap_peer/eap.h"
#include "eapol_supp_sm.h"
#include "common/defs.h"
Go to the source code of this file.
Classes | |
struct | eap_key_data |
struct | eapol_sm |
struct | ieee802_1x_eapol_key |
Defines | |
#define | IEEE8021X_ENCR_KEY_LEN 32 |
#define | IEEE8021X_KEY_INDEX_FLAG 0x80 |
#define | IEEE8021X_KEY_INDEX_MASK 0x03 |
#define | IEEE8021X_KEY_IV_LEN 16 |
#define | IEEE8021X_KEY_SIGN_LEN 16 |
#define | IEEE8021X_REPLAY_COUNTER_LEN 8 |
#define | IEEE8021X_SIGN_KEY_LEN 32 |
#define | STATE_MACHINE_DATA struct eapol_sm |
#define | STATE_MACHINE_DEBUG_PREFIX "EAPOL" |
Functions | |
static void | eapol_enable_timer_tick (struct eapol_sm *sm) |
static const char * | eapol_port_control (PortControl ctrl) |
static void | eapol_port_timers_tick (void *eloop_ctx, void *timeout_ctx) |
static void | eapol_sm_abort_cached (struct eapol_sm *sm) |
static void | eapol_sm_abortSupp (struct eapol_sm *sm) |
void | eapol_sm_configure (struct eapol_sm *sm, int heldPeriod, int authPeriod, int startPeriod, int maxStart) |
void | eapol_sm_deinit (struct eapol_sm *sm) |
static void | eapol_sm_eap_param_needed (void *ctx, const char *field, const char *txt) |
static Boolean | eapol_sm_get_bool (void *ctx, enum eapol_bool_var variable) |
static struct eap_peer_config * | eapol_sm_get_config (void *ctx) |
static struct wpa_config_blob * | eapol_sm_get_config_blob (void *ctx, const char *name) |
static struct wpabuf * | eapol_sm_get_eapReqData (void *ctx) |
static unsigned int | eapol_sm_get_int (void *ctx, enum eapol_int_var variable) |
int | eapol_sm_get_key (struct eapol_sm *sm, u8 *key, size_t len) |
static void | eapol_sm_getSuppRsp (struct eapol_sm *sm) |
struct eapol_sm * | eapol_sm_init (struct eapol_ctx *ctx) |
void | eapol_sm_invalidate_cached_session (struct eapol_sm *sm) |
void | eapol_sm_notify_cached (struct eapol_sm *sm) |
void | eapol_sm_notify_config (struct eapol_sm *sm, struct eap_peer_config *config, const struct eapol_config *conf) |
void | eapol_sm_notify_ctrl_attached (struct eapol_sm *sm) |
void | eapol_sm_notify_ctrl_response (struct eapol_sm *sm) |
void | eapol_sm_notify_eap_fail (struct eapol_sm *sm, Boolean fail) |
void | eapol_sm_notify_eap_success (struct eapol_sm *sm, Boolean success) |
void | eapol_sm_notify_logoff (struct eapol_sm *sm, Boolean logoff) |
void | eapol_sm_notify_lower_layer_success (struct eapol_sm *sm, int in_eapol_sm) |
static void | eapol_sm_notify_pending (void *ctx) |
void | eapol_sm_notify_pmkid_attempt (struct eapol_sm *sm, int attempt) |
void | eapol_sm_notify_portControl (struct eapol_sm *sm, PortControl portControl) |
void | eapol_sm_notify_portEnabled (struct eapol_sm *sm, Boolean enabled) |
void | eapol_sm_notify_portValid (struct eapol_sm *sm, Boolean valid) |
void | eapol_sm_notify_tx_eapol_key (struct eapol_sm *sm) |
static void | eapol_sm_processKey (struct eapol_sm *sm) |
void | eapol_sm_register_scard_ctx (struct eapol_sm *sm, void *ctx) |
void | eapol_sm_request_reauth (struct eapol_sm *sm) |
int | eapol_sm_rx_eapol (struct eapol_sm *sm, const u8 *src, const u8 *buf, size_t len) |
static void | eapol_sm_set_bool (void *ctx, enum eapol_bool_var variable, Boolean value) |
static void | eapol_sm_set_config_blob (void *ctx, struct wpa_config_blob *blob) |
static void | eapol_sm_set_int (void *ctx, enum eapol_int_var variable, unsigned int value) |
static void | eapol_sm_set_port_authorized (struct eapol_sm *sm) |
static void | eapol_sm_set_port_unauthorized (struct eapol_sm *sm) |
void | eapol_sm_step (struct eapol_sm *sm) |
static void | eapol_sm_step_timeout (void *eloop_ctx, void *timeout_ctx) |
static void | eapol_sm_txLogoff (struct eapol_sm *sm) |
static void | eapol_sm_txStart (struct eapol_sm *sm) |
static void | eapol_sm_txSuppRsp (struct eapol_sm *sm) |
SM_STATE (SUPP_BE, RECEIVE) | |
SM_STATE (SUPP_BE, INITIALIZE) | |
SM_STATE (SUPP_BE, IDLE) | |
SM_STATE (SUPP_BE, TIMEOUT) | |
SM_STATE (SUPP_BE, FAIL) | |
SM_STATE (SUPP_BE, SUCCESS) | |
SM_STATE (SUPP_BE, RESPONSE) | |
SM_STATE (SUPP_BE, REQUEST) | |
SM_STATE (KEY_RX, KEY_RECEIVE) | |
SM_STATE (KEY_RX, NO_KEY_RECEIVE) | |
SM_STATE (SUPP_PAE, S_FORCE_UNAUTH) | |
SM_STATE (SUPP_PAE, S_FORCE_AUTH) | |
SM_STATE (SUPP_PAE, RESTART) | |
SM_STATE (SUPP_PAE, AUTHENTICATED) | |
SM_STATE (SUPP_PAE, HELD) | |
SM_STATE (SUPP_PAE, AUTHENTICATING) | |
SM_STATE (SUPP_PAE, CONNECTING) | |
SM_STATE (SUPP_PAE, DISCONNECTED) | |
SM_STATE (SUPP_PAE, LOGOFF) | |
SM_STEP (SUPP_BE) | |
SM_STEP (KEY_RX) | |
SM_STEP (SUPP_PAE) | |
Variables | |
static struct eapol_callbacks | eapol_cb |
struct ieee802_1x_eapol_key | STRUCT_PACKED |
#define IEEE8021X_ENCR_KEY_LEN 32 |
Definition at line 644 of file eapol_supp_sm.c.
#define IEEE8021X_KEY_INDEX_FLAG 0x80 |
Definition at line 152 of file eapol_supp_sm.c.
#define IEEE8021X_KEY_INDEX_MASK 0x03 |
Definition at line 153 of file eapol_supp_sm.c.
#define IEEE8021X_KEY_IV_LEN 16 |
Definition at line 150 of file eapol_supp_sm.c.
#define IEEE8021X_KEY_SIGN_LEN 16 |
Definition at line 149 of file eapol_supp_sm.c.
#define IEEE8021X_REPLAY_COUNTER_LEN 8 |
Definition at line 148 of file eapol_supp_sm.c.
#define IEEE8021X_SIGN_KEY_LEN 32 |
Definition at line 645 of file eapol_supp_sm.c.
#define STATE_MACHINE_DATA struct eapol_sm |
Definition at line 27 of file eapol_supp_sm.c.
#define STATE_MACHINE_DEBUG_PREFIX "EAPOL" |
Definition at line 28 of file eapol_supp_sm.c.
static void eapol_enable_timer_tick | ( | struct eapol_sm * | sm | ) | [static] |
Definition at line 238 of file eapol_supp_sm.c.
static const char* eapol_port_control | ( | PortControl | ctrl | ) | [static] |
Definition at line 989 of file eapol_supp_sm.c.
static void eapol_port_timers_tick | ( | void * | eloop_ctx, | |
void * | timeout_ctx | |||
) | [static] |
Definition at line 202 of file eapol_supp_sm.c.
static void eapol_sm_abort_cached | ( | struct eapol_sm * | sm | ) | [static] |
Definition at line 1509 of file eapol_supp_sm.c.
static void eapol_sm_abortSupp | ( | struct eapol_sm * | sm | ) | [static] |
Definition at line 855 of file eapol_supp_sm.c.
void eapol_sm_configure | ( | struct eapol_sm * | sm, | |
int | heldPeriod, | |||
int | authPeriod, | |||
int | startPeriod, | |||
int | maxStart | |||
) |
eapol_sm_configure - Set EAPOL variables : Pointer to EAPOL state machine allocated with eapol_sm_init() : dot1xSuppHeldPeriod : dot1xSuppAuthPeriod : dot1xSuppStartPeriod : dot1xSuppMaxStart
Set configurable EAPOL state machine variables. Each variable can be set to the given value or ignored if set to -1 (to set only some of the variables).
Definition at line 1016 of file eapol_supp_sm.c.
void eapol_sm_deinit | ( | struct eapol_sm * | sm | ) |
eapol_sm_deinit - Deinitialize EAPOL state machine : Pointer to EAPOL state machine allocated with eapol_sm_init()
Deinitialize and free EAPOL state machine.
Definition at line 1887 of file eapol_supp_sm.c.
static void eapol_sm_eap_param_needed | ( | void * | ctx, | |
const char * | field, | |||
const char * | txt | |||
) | [static] |
Definition at line 1801 of file eapol_supp_sm.c.
static Boolean eapol_sm_get_bool | ( | void * | ctx, | |
enum eapol_bool_var | variable | |||
) | [static] |
Definition at line 1665 of file eapol_supp_sm.c.
static struct eap_peer_config* eapol_sm_get_config | ( | void * | ctx | ) | [static, read] |
Definition at line 1648 of file eapol_supp_sm.c.
static struct wpa_config_blob* eapol_sm_get_config_blob | ( | void * | ctx, | |
const char * | name | |||
) | [static, read] |
Definition at line 1771 of file eapol_supp_sm.c.
static struct wpabuf* eapol_sm_get_eapReqData | ( | void * | ctx | ) | [static, read] |
Definition at line 1655 of file eapol_supp_sm.c.
static unsigned int eapol_sm_get_int | ( | void * | ctx, | |
enum eapol_int_var | variable | |||
) | [static] |
Definition at line 1732 of file eapol_supp_sm.c.
eapol_sm_get_key - Get master session key (MSK) from EAP : Pointer to EAPOL state machine allocated with eapol_sm_init() : Pointer for key buffer : Number of bytes to copy to key Returns: 0 on success (len of key available), maximum available key len (>0) if key is available but it is shorter than len, or -1 on failure.
Fetch EAP keying material (MSK, eapKeyData) from EAP state machine. The key is available only after a successful authentication.
Definition at line 1424 of file eapol_supp_sm.c.
static void eapol_sm_getSuppRsp | ( | struct eapol_sm * | sm | ) | [static] |
Definition at line 816 of file eapol_supp_sm.c.
eapol_sm_init - Initialize EAPOL state machine : Pointer to EAPOL context data; this needs to be an allocated buffer and EAPOL state machine will free it in eapol_sm_deinit() Returns: Pointer to the allocated EAPOL state machine or NULL on failure
Allocate and initialize an EAPOL state machine.
Definition at line 1837 of file eapol_supp_sm.c.
void eapol_sm_invalidate_cached_session | ( | struct eapol_sm * | sm | ) |
eapol_sm_invalidate_cached_session - Mark cached EAP session data invalid : Pointer to EAPOL state machine allocated with eapol_sm_init()
Definition at line 1641 of file eapol_supp_sm.c.
void eapol_sm_notify_cached | ( | struct eapol_sm * | sm | ) |
eapol_sm_notify_pmkid_attempt - Notification of successful PMKSA caching : Pointer to EAPOL state machine allocated with eapol_sm_init()
Notify EAPOL state machines that PMKSA caching was successful. This is used to move EAPOL and EAP state machines into authenticated/successful state.
Definition at line 1474 of file eapol_supp_sm.c.
void eapol_sm_notify_config | ( | struct eapol_sm * | sm, | |
struct eap_peer_config * | config, | |||
const struct eapol_config * | conf | |||
) |
eapol_sm_notify_config - Notification of EAPOL configuration change : Pointer to EAPOL state machine allocated with eapol_sm_init() : Pointer to current network EAP configuration : Pointer to EAPOL configuration data
Notify EAPOL state machine that configuration has changed. config will be stored as a backpointer to network configuration. This can be NULL to clear the stored pointed. conf will be copied to local EAPOL/EAP configuration data. If conf is NULL, this part of the configuration change will be skipped.
Definition at line 1389 of file eapol_supp_sm.c.
void eapol_sm_notify_ctrl_attached | ( | struct eapol_sm * | sm | ) |
eapol_sm_notify_ctrl_attached - Notification of attached monitor : Pointer to EAPOL state machine allocated with eapol_sm_init()
Notify EAPOL state machines that a monitor was attached to the control interface to trigger re-sending of pending requests for user input.
Definition at line 1572 of file eapol_supp_sm.c.
void eapol_sm_notify_ctrl_response | ( | struct eapol_sm * | sm | ) |
eapol_sm_notify_ctrl_response - Notification of received user input : Pointer to EAPOL state machine allocated with eapol_sm_init()
Notify EAPOL state machines that a control response, i.e., user input, was received in order to trigger retrying of a pending EAP request.
Definition at line 1587 of file eapol_supp_sm.c.
eapol_sm_notify_eap_fail - Notification of external EAP failure trigger : Pointer to EAPOL state machine allocated with eapol_sm_init() : TRUE = set failure, FALSE = clear failure
Notify EAPOL state machine that external event has forced EAP state to failure (fail = TRUE). This can be cleared by setting fail = FALSE.
Definition at line 1365 of file eapol_supp_sm.c.
eapol_sm_notify_eap_success - Notification of external EAP success trigger : Pointer to EAPOL state machine allocated with eapol_sm_init() : TRUE = set success, FALSE = clear success
Notify the EAPOL state machine that external event has forced EAP state to success (success = TRUE). This can be cleared by setting success = FALSE.
This function is called to update EAP state when WPA-PSK key handshake has been completed successfully since WPA-PSK does not use EAP state machine.
Definition at line 1343 of file eapol_supp_sm.c.
eapol_sm_notify_logoff - Notification of logon/logoff commands : Pointer to EAPOL state machine allocated with eapol_sm_init() : Whether command was logoff
Notify EAPOL state machines that user requested logon/logoff.
Definition at line 1458 of file eapol_supp_sm.c.
void eapol_sm_notify_lower_layer_success | ( | struct eapol_sm * | sm, | |
int | in_eapol_sm | |||
) |
eapol_sm_notify_lower_layer_success - Notification of lower layer success : Pointer to EAPOL state machine allocated with eapol_sm_init() : Whether the caller is already running inside EAPOL state machine loop (eapol_sm_step())
Notify EAPOL (and EAP) state machines that a lower layer has detected a successful authentication. This is used to recover from dropped EAP-Success messages.
Definition at line 1627 of file eapol_supp_sm.c.
static void eapol_sm_notify_pending | ( | void * | ctx | ) | [static] |
Definition at line 1785 of file eapol_supp_sm.c.
void eapol_sm_notify_pmkid_attempt | ( | struct eapol_sm * | sm, | |
int | attempt | |||
) |
eapol_sm_notify_pmkid_attempt - Notification of PMKSA caching : Pointer to EAPOL state machine allocated with eapol_sm_init() : Whether PMKSA caching is tried
Notify EAPOL state machines whether PMKSA caching is used.
Definition at line 1495 of file eapol_supp_sm.c.
void eapol_sm_notify_portControl | ( | struct eapol_sm * | sm, | |
PortControl | portControl | |||
) |
eapol_sm_notify_portControl - Notification of portControl changes : Pointer to EAPOL state machine allocated with eapol_sm_init() : New value for portControl variable
Notify EAPOL state machines that portControl variable has changed.
Definition at line 1554 of file eapol_supp_sm.c.
eapol_sm_notify_portEnabled - Notification about portEnabled change : Pointer to EAPOL state machine allocated with eapol_sm_init() : New portEnabled value
Notify EAPOL state machine about new portEnabled value.
Definition at line 1303 of file eapol_supp_sm.c.
eapol_sm_notify_portValid - Notification about portValid change : Pointer to EAPOL state machine allocated with eapol_sm_init() : New portValid value
Notify EAPOL state machine about new portValid value.
Definition at line 1321 of file eapol_supp_sm.c.
void eapol_sm_notify_tx_eapol_key | ( | struct eapol_sm * | sm | ) |
eapol_sm_notify_tx_eapol_key - Notification about transmitted EAPOL packet : Pointer to EAPOL state machine allocated with eapol_sm_init()
Notify EAPOL state machine about transmitted EAPOL packet from an external component, e.g., WPA. This will update the statistics.
Definition at line 1289 of file eapol_supp_sm.c.
static void eapol_sm_processKey | ( | struct eapol_sm * | sm | ) | [static] |
Definition at line 653 of file eapol_supp_sm.c.
void eapol_sm_register_scard_ctx | ( | struct eapol_sm * | sm, | |
void * | ctx | |||
) |
eapol_sm_register_scard_ctx - Notification of smart card context : Pointer to EAPOL state machine allocated with eapol_sm_init() : Context data for smart card operations
Notify EAPOL state machines of context data for smart card operations. This context data will be used as a parameter for scard_*() functions.
Definition at line 1538 of file eapol_supp_sm.c.
void eapol_sm_request_reauth | ( | struct eapol_sm * | sm | ) |
eapol_sm_request_reauth - Request reauthentication : Pointer to EAPOL state machine allocated with eapol_sm_init()
This function can be used to request EAPOL reauthentication, e.g., when the current PMKSA entry is nearing expiration.
Definition at line 1609 of file eapol_supp_sm.c.
eapol_sm_rx_eapol - Process received EAPOL frames : Pointer to EAPOL state machine allocated with eapol_sm_init() : Source MAC address of the EAPOL packet : Pointer to the beginning of the EAPOL data (EAPOL header) : Length of the EAPOL frame Returns: 1 = EAPOL frame processed, 0 = not for EAPOL state machine, -1 failure
Definition at line 1168 of file eapol_supp_sm.c.
static void eapol_sm_set_bool | ( | void * | ctx, | |
enum eapol_bool_var | variable, | |||
Boolean | value | |||
) | [static] |
Definition at line 1694 of file eapol_supp_sm.c.
static void eapol_sm_set_config_blob | ( | void * | ctx, | |
struct wpa_config_blob * | blob | |||
) | [static] |
Definition at line 1760 of file eapol_supp_sm.c.
static void eapol_sm_set_int | ( | void * | ctx, | |
enum eapol_int_var | variable, | |||
unsigned int | value | |||
) | [static] |
Definition at line 1745 of file eapol_supp_sm.c.
static void eapol_sm_set_port_authorized | ( | struct eapol_sm * | sm | ) | [static] |
Definition at line 873 of file eapol_supp_sm.c.
static void eapol_sm_set_port_unauthorized | ( | struct eapol_sm * | sm | ) | [static] |
Definition at line 880 of file eapol_supp_sm.c.
void eapol_sm_step | ( | struct eapol_sm * | sm | ) |
eapol_sm_step - EAPOL state machine step function : Pointer to EAPOL state machine allocated with eapol_sm_init()
This function is called to notify the state machine about changed external variables. It will step through the EAPOL state machines in loop to process all triggered state changes.
Definition at line 895 of file eapol_supp_sm.c.
static void eapol_sm_step_timeout | ( | void * | eloop_ctx, | |
void * | timeout_ctx | |||
) | [static] |
Definition at line 867 of file eapol_supp_sm.c.
static void eapol_sm_txLogoff | ( | struct eapol_sm * | sm | ) | [static] |
Definition at line 624 of file eapol_supp_sm.c.
static void eapol_sm_txStart | ( | struct eapol_sm * | sm | ) | [static] |
Definition at line 634 of file eapol_supp_sm.c.
static void eapol_sm_txSuppRsp | ( | struct eapol_sm * | sm | ) | [static] |
Definition at line 826 of file eapol_supp_sm.c.
SM_STATE | ( | SUPP_BE | , | |
RECEIVE | ||||
) |
Definition at line 541 of file eapol_supp_sm.c.
SM_STATE | ( | SUPP_BE | , | |
INITIALIZE | ||||
) |
Definition at line 533 of file eapol_supp_sm.c.
SM_STATE | ( | SUPP_BE | , | |
IDLE | ||||
) |
Definition at line 525 of file eapol_supp_sm.c.
SM_STATE | ( | SUPP_BE | , | |
TIMEOUT | ||||
) |
Definition at line 518 of file eapol_supp_sm.c.
SM_STATE | ( | SUPP_BE | , | |
FAIL | ||||
) |
Definition at line 511 of file eapol_supp_sm.c.
SM_STATE | ( | SUPP_BE | , | |
SUCCESS | ||||
) |
Definition at line 497 of file eapol_supp_sm.c.
SM_STATE | ( | SUPP_BE | , | |
RESPONSE | ||||
) |
Definition at line 489 of file eapol_supp_sm.c.
SM_STATE | ( | SUPP_BE | , | |
REQUEST | ||||
) |
Definition at line 480 of file eapol_supp_sm.c.
SM_STATE | ( | KEY_RX | , | |
KEY_RECEIVE | ||||
) |
Definition at line 453 of file eapol_supp_sm.c.
SM_STATE | ( | KEY_RX | , | |
NO_KEY_RECEIVE | ||||
) |
Definition at line 447 of file eapol_supp_sm.c.
SM_STATE | ( | SUPP_PAE | , | |
S_FORCE_UNAUTH | ||||
) |
Definition at line 352 of file eapol_supp_sm.c.
SM_STATE | ( | SUPP_PAE | , | |
S_FORCE_AUTH | ||||
) |
Definition at line 343 of file eapol_supp_sm.c.
SM_STATE | ( | SUPP_PAE | , | |
RESTART | ||||
) |
Definition at line 336 of file eapol_supp_sm.c.
SM_STATE | ( | SUPP_PAE | , | |
AUTHENTICATED | ||||
) |
Definition at line 327 of file eapol_supp_sm.c.
SM_STATE | ( | SUPP_PAE | , | |
HELD | ||||
) |
Definition at line 316 of file eapol_supp_sm.c.
SM_STATE | ( | SUPP_PAE | , | |
AUTHENTICATING | ||||
) |
Definition at line 303 of file eapol_supp_sm.c.
SM_STATE | ( | SUPP_PAE | , | |
CONNECTING | ||||
) |
Definition at line 274 of file eapol_supp_sm.c.
SM_STATE | ( | SUPP_PAE | , | |
DISCONNECTED | ||||
) |
Definition at line 259 of file eapol_supp_sm.c.
SM_STATE | ( | SUPP_PAE | , | |
LOGOFF | ||||
) |
Definition at line 249 of file eapol_supp_sm.c.
SM_STEP | ( | SUPP_BE | ) |
Definition at line 552 of file eapol_supp_sm.c.
SM_STEP | ( | KEY_RX | ) |
Definition at line 461 of file eapol_supp_sm.c.
SM_STEP | ( | SUPP_PAE | ) |
Definition at line 362 of file eapol_supp_sm.c.
struct eapol_callbacks eapol_cb [static] |
{ eapol_sm_get_config, eapol_sm_get_bool, eapol_sm_set_bool, eapol_sm_get_int, eapol_sm_set_int, eapol_sm_get_eapReqData, eapol_sm_set_config_blob, eapol_sm_get_config_blob, eapol_sm_notify_pending, eapol_sm_eap_param_needed }
Definition at line 1814 of file eapol_supp_sm.c.