Kernel
/
iwd
mirror of https://git.kernel.org/pub/scm/network/wireless/iwd.git
3
0
Fork 0
Code Releases Activity
iwd/src/eap.c

748 lines
17 KiB
C
Raw Normal View History

eap: Add initial EAP API Adds eap.c/eap.h with the initial EAP API definitions. No actual EAP methods are added in this patch.
2015-10-30 11:12:13 +01:00
/*
*
* Wireless daemon for Linux
*
eap: Add accessors for the method name and type
2018-11-16 23:15:32 +01:00
* Copyright (C) 2013-2018 Intel Corporation. All rights reserved.
eap: Add initial EAP API Adds eap.c/eap.h with the initial EAP API definitions. No actual EAP methods are added in this patch.
2015-10-30 11:12:13 +01:00
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2.1 of the License, or (at your option) any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
*
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
build: Fix includes for using with -std=c99 compiler option
2018-11-01 22:37:11 +01:00
#define _GNU_SOURCE
eap: Add initial EAP API Adds eap.c/eap.h with the initial EAP API definitions. No actual EAP methods are added in this patch.
2015-10-30 11:12:13 +01:00
#include <stdio.h>
#include <errno.h>
build: Fix includes for using with -std=c99 compiler option
2018-11-01 22:37:11 +01:00
#include <string.h>
eap: Add initial EAP API Adds eap.c/eap.h with the initial EAP API definitions. No actual EAP methods are added in this patch.
2015-10-30 11:12:13 +01:00
#include <ell/ell.h>
build: Add support for including fallbacks for missing defines
2019-04-03 18:34:22 +02:00
#include "src/missing.h"
#include "src/eap.h"
#include "src/eap-private.h"
eap: utilize IWD_MODULE Converts eap into an IWD module.
2019-10-11 21:29:33 +02:00
#include "src/iwd.h"
eap: Add initial EAP API Adds eap.c/eap.h with the initial EAP API definitions. No actual EAP methods are added in this patch.
2015-10-30 11:12:13 +01:00
eap: Load MTU settings from iwd.conf
2016-11-15 23:44:07 +01:00
static uint32_t default_mtu;
eap: Make global variable static
2019-08-15 19:39:27 +02:00
static struct l_queue *eap_methods;
eap: Add initial EAP API Adds eap.c/eap.h with the initial EAP API definitions. No actual EAP methods are added in this patch.
2015-10-30 11:12:13 +01:00
eap: Dump unhandled EAP packets
2018-05-18 17:29:58 +02:00
static void dump_eap(const char *str, void *user_data)
{
const char *prefix = user_data;
l_info("%s%s\n", prefix, str);
}
eap: Add initial EAP API Adds eap.c/eap.h with the initial EAP API definitions. No actual EAP methods are added in this patch.
2015-10-30 11:12:13 +01:00
struct eap_state {
eap_tx_packet_func_t tx_packet;
eap_key_material_func_t set_key_material;
eap_complete_func_t complete;
eap: Add eap event_func This is used to get arbitrary information out of the EAP method. Needed for EAP-WSC to signal credential information obtained from the peer. Other uses include signaling why EAP-WSC failed (e.g. invalid PIN, etc) and processing of M2D discovery messages. The information in M2Ds might be useful to external clients.
2016-09-12 22:26:03 +02:00
eap_event_func_t event_func;
eap: Add initial EAP API Adds eap.c/eap.h with the initial EAP API definitions. No actual EAP methods are added in this patch.
2015-10-30 11:12:13 +01:00
void *user_data;
size_t mtu;
struct eap_method *method;
char *identity;
int last_id;
void *method_state;
bool method_success;
struct l_timeout *complete_timeout;
eap: allow to discard EAP-Success/EAP-Failure pkts
2018-02-23 18:48:44 +01:00
bool discard_success_and_failure:1;
eap: Add initial EAP API Adds eap.c/eap.h with the initial EAP API definitions. No actual EAP methods are added in this patch.
2015-10-30 11:12:13 +01:00
};
struct eap_state *eap_new(eap_tx_packet_func_t tx_packet,
eap_complete_func_t complete, void *user_data)
{
struct eap_state *eap;
eap = l_new(struct eap_state, 1);
eap->last_id = -1;
eap: Load MTU settings from iwd.conf
2016-11-15 23:44:07 +01:00
eap->mtu = default_mtu;
eap: Add initial EAP API Adds eap.c/eap.h with the initial EAP API definitions. No actual EAP methods are added in this patch.
2015-10-30 11:12:13 +01:00
eap->tx_packet = tx_packet;
eap->complete = complete;
eap->user_data = user_data;
return eap;
}
/*
* Setting a non-NULL set_key_material callback for this EAP instance will
* disable the legacy methods that don't generate key material, such
* as EAP-MD5.
*/
void eap_set_key_material_func(struct eap_state *eap,
eap_key_material_func_t func)
{
eap->set_key_material = func;
}
eap: Add eap event_func This is used to get arbitrary information out of the EAP method. Needed for EAP-WSC to signal credential information obtained from the peer. Other uses include signaling why EAP-WSC failed (e.g. invalid PIN, etc) and processing of M2D discovery messages. The information in M2Ds might be useful to external clients.
2016-09-12 22:26:03 +02:00
void eap_set_event_func(struct eap_state *eap, eap_event_func_t func)
{
eap->event_func = func;
}
eap: Introduce state reset This is meant to reset the EAP state back to its original state without affecting any state variables obtained through load_settings. This can be useful for EAP Reauthentication triggered by the AP.
2018-05-30 21:52:22 +02:00
bool eap_reset(struct eap_state *eap)
{
if (eap->method_state && eap->method->reset_state) {
if (!eap->method->reset_state(eap))
return false;
}
eap->method_success = false;
l_timeout_remove(eap->complete_timeout);
eap->complete_timeout = NULL;
return true;
}
eap: Add eap_free_common Many operations performed during an error in load_settings were the same as the ones performed when freeing the eap object. Add eap_free_common to unify these.
2019-04-08 23:24:18 +02:00
static void eap_free_common(struct eap_state *eap)
eap: Add initial EAP API Adds eap.c/eap.h with the initial EAP API definitions. No actual EAP methods are added in this patch.
2015-10-30 11:12:13 +01:00
{
eap: add NULL checks 1. Enforce implementation of handle_request function 2. In case of unimplemented handle_retransmit try to use handle_request instead and rely on method specific mechanism to restart the conversation if necessary 3. Make method->free implementation unrequired
2018-01-23 20:42:44 +01:00
if (eap->method_state && eap->method->free)
eap: Drop method's .probe, rename .remove The EAP-method's .probe methods only checked the method name so do that in eap.c instead and allocate method state in .load_settings. Rename method's .remove method to .free to improve the naming.
2017-09-06 04:12:17 +02:00
eap->method->free(eap);
eap: Add initial EAP API Adds eap.c/eap.h with the initial EAP API definitions. No actual EAP methods are added in this patch.
2015-10-30 11:12:13 +01:00
eap: Add eap_free_common Many operations performed during an error in load_settings were the same as the ones performed when freeing the eap object. Add eap_free_common to unify these.
2019-04-08 23:24:18 +02:00
eap->method = NULL;
if (eap->identity) {
eap: Add initial EAP API Adds eap.c/eap.h with the initial EAP API definitions. No actual EAP methods are added in this patch.
2015-10-30 11:12:13 +01:00
l_free(eap->identity);
eap: Add eap_free_common Many operations performed during an error in load_settings were the same as the ones performed when freeing the eap object. Add eap_free_common to unify these.
2019-04-08 23:24:18 +02:00
eap->identity = NULL;
}
}
eap: Add initial EAP API Adds eap.c/eap.h with the initial EAP API definitions. No actual EAP methods are added in this patch.
2015-10-30 11:12:13 +01:00
eap: Add eap_free_common Many operations performed during an error in load_settings were the same as the ones performed when freeing the eap object. Add eap_free_common to unify these.
2019-04-08 23:24:18 +02:00
void eap_free(struct eap_state *eap)
{
eap_free_common(eap);
eap: Add initial EAP API Adds eap.c/eap.h with the initial EAP API definitions. No actual EAP methods are added in this patch.
2015-10-30 11:12:13 +01:00
l_timeout_remove(eap->complete_timeout);
l_free(eap);
}
/* Note: callers must check for a minimum value */
void eap_set_mtu(struct eap_state *eap, size_t mtu)
{
eap->mtu = mtu;
}
size_t eap_get_mtu(struct eap_state *eap)
{
return eap->mtu;
}
eap: add eap_get_identity
2019-04-10 23:52:31 +02:00
const char *eap_get_identity(struct eap_state *eap)
{
return eap->identity;
}
eap: Add initial support for expanded types
2016-08-10 21:30:57 +02:00
/**
* eap_send_response:
* @eap: EAP state
* @type: Type of response being sent
* @buf: Buffer to send
* @len: Size of the buffer
*
* Sends out a response to a received request. This method first fills the
* EAP header into the buffer based on the EAP type response being sent.
*
* If the response type is EAP_TYPE_EXPANDED, then the Vendor-Id and
* Vendor-Type fields are filled in based on contents of the eap_method
* associated with @eap.
*
* The buffer passed in MUST be at least 12 bytes long if @type is
* EAP_TYPE_EXPANDED and at least 5 bytes for other cases.
**/
void eap_send_response(struct eap_state *eap, enum eap_type type,
uint8_t *buf, size_t len)
eap: Add initial EAP API Adds eap.c/eap.h with the initial EAP API definitions. No actual EAP methods are added in this patch.
2015-10-30 11:12:13 +01:00
{
buf[0] = EAP_CODE_RESPONSE;
buf[1] = eap->last_id;
l_put_be16(len, &buf[2]);
eap: Add initial support for expanded types
2016-08-10 21:30:57 +02:00
buf[4] = type;
if (type == EAP_TYPE_EXPANDED) {
memcpy(buf + 5, eap->method->vendor_id, 3);
l_put_be32(eap->method->vendor_type, buf + 8);
}
eap: Add initial EAP API Adds eap.c/eap.h with the initial EAP API definitions. No actual EAP methods are added in this patch.
2015-10-30 11:12:13 +01:00
eap->tx_packet(buf, len, eap->user_data);
}
static void eap_complete_timeout(struct l_timeout *timeout, void *user_data)
{
struct eap_state *eap = user_data;
eap->complete_timeout = NULL;
eap->complete(eap->method_success ? EAP_RESULT_SUCCESS :
EAP_RESULT_TIMEOUT, eap->user_data);
}
void eap_start_complete_timeout(struct eap_state *eap)
{
if (eap->complete_timeout)
l_timeout_remove(eap->complete_timeout);
eap->complete_timeout = l_timeout_create(5, eap_complete_timeout,
eap, NULL);
}
static void eap_send_identity_response(struct eap_state *eap, char *identity)
{
int len = identity ? strlen(identity) : 0;
uint8_t buf[5 + len];
if (!identity)
identity = "";
memcpy(buf + 5, identity, len);
eap_send_response(eap, EAP_TYPE_IDENTITY, buf, len + 5);
}
eap: make eap_handle_request public
2018-02-14 01:00:40 +01:00
void __eap_handle_request(struct eap_state *eap, uint16_t id,
eap: Add initial EAP API Adds eap.c/eap.h with the initial EAP API definitions. No actual EAP methods are added in this patch.
2015-10-30 11:12:13 +01:00
const uint8_t *pkt, size_t len)
{
eap: Make enums fit with our coding guidelines
2016-08-10 20:06:47 +02:00
enum eap_type type;
eap: Add initial EAP API Adds eap.c/eap.h with the initial EAP API definitions. No actual EAP methods are added in this patch.
2015-10-30 11:12:13 +01:00
uint8_t buf[10];
int buf_len;
eap: Fix crash Some EAP servers might try to send us packets after the EAP connection has been established. When EAP succeeds we destroy the EAP object. If a new EAP request arrives we create a temporary EAP object to handle the request (most likely to NAK it). However, if the packet is not destined to a particular method (e.g. it is a notification) the current logic can result in a crash. src/netdev.c:netdev_set_gtk() 3 ==4300== Invalid read of size 8 ==4300== at 0x14204B: __eap_handle_request (eap.c:203) ==4300== by 0x142339: eap_rx_packet (eap.c:287) ==4300== by 0x12AEF9: eapol_rx_packet (eapol.c:1622) ==4300== by 0x12BBBC: __eapol_rx_packet (eapol.c:2018) ==4300== by 0x116D1E: netdev_pae_read (netdev.c:3121) ==4300== by 0x16672B: io_callback (io.c:123) ==4300== by 0x165239: l_main_iterate (main.c:376) ==4300== by 0x16537D: l_main_run (main.c:423) ==4300== by 0x10F95C: main (main.c:447) ==4300== Address 0x30 is not stack'd, malloc'd or (recently) free'd ==4300==
2018-05-18 17:27:42 +02:00
bool retransmit;
eap: Add initial EAP API Adds eap.c/eap.h with the initial EAP API definitions. No actual EAP methods are added in this patch.
2015-10-30 11:12:13 +01:00
if (len < 1)
/* Invalid packets to be ignored */
return;
eap: Move eap->method NULL check before first dereference Move the eap->method NULL check to fix possible crash.
2017-05-22 10:49:49 +02:00
type = pkt[0];
if (type >= __EAP_TYPE_MIN_METHOD && !eap->method) {
l_warn("EAP server tried method %i while client had no method "
"configured", type);
goto unsupported_method;
}
eap: Fix crash Some EAP servers might try to send us packets after the EAP connection has been established. When EAP succeeds we destroy the EAP object. If a new EAP request arrives we create a temporary EAP object to handle the request (most likely to NAK it). However, if the packet is not destined to a particular method (e.g. it is a notification) the current logic can result in a crash. src/netdev.c:netdev_set_gtk() 3 ==4300== Invalid read of size 8 ==4300== at 0x14204B: __eap_handle_request (eap.c:203) ==4300== by 0x142339: eap_rx_packet (eap.c:287) ==4300== by 0x12AEF9: eapol_rx_packet (eapol.c:1622) ==4300== by 0x12BBBC: __eapol_rx_packet (eapol.c:2018) ==4300== by 0x116D1E: netdev_pae_read (netdev.c:3121) ==4300== by 0x16672B: io_callback (io.c:123) ==4300== by 0x165239: l_main_iterate (main.c:376) ==4300== by 0x16537D: l_main_run (main.c:423) ==4300== by 0x10F95C: main (main.c:447) ==4300== Address 0x30 is not stack'd, malloc'd or (recently) free'd ==4300==
2018-05-18 17:27:42 +02:00
retransmit = id == eap->last_id ? true : false;
eap: Add retransmission support
2016-11-29 23:31:22 +01:00
eap->last_id = id;
eap: Add initial EAP API Adds eap.c/eap.h with the initial EAP API definitions. No actual EAP methods are added in this patch.
2015-10-30 11:12:13 +01:00
if (type >= __EAP_TYPE_MIN_METHOD) {
eap: Fix crash Some EAP servers might try to send us packets after the EAP connection has been established. When EAP succeeds we destroy the EAP object. If a new EAP request arrives we create a temporary EAP object to handle the request (most likely to NAK it). However, if the packet is not destined to a particular method (e.g. it is a notification) the current logic can result in a crash. src/netdev.c:netdev_set_gtk() 3 ==4300== Invalid read of size 8 ==4300== at 0x14204B: __eap_handle_request (eap.c:203) ==4300== by 0x142339: eap_rx_packet (eap.c:287) ==4300== by 0x12AEF9: eapol_rx_packet (eapol.c:1622) ==4300== by 0x12BBBC: __eapol_rx_packet (eapol.c:2018) ==4300== by 0x116D1E: netdev_pae_read (netdev.c:3121) ==4300== by 0x16672B: io_callback (io.c:123) ==4300== by 0x165239: l_main_iterate (main.c:376) ==4300== by 0x16537D: l_main_run (main.c:423) ==4300== by 0x10F95C: main (main.c:447) ==4300== Address 0x30 is not stack'd, malloc'd or (recently) free'd ==4300==
2018-05-18 17:27:42 +02:00
void (*op)(struct eap_state *eap,
const uint8_t *pkt, size_t len);
eap: Move eap->method NULL check before first dereference Move the eap->method NULL check to fix possible crash.
2017-05-22 10:49:49 +02:00
if (type != eap->method->request_type) {
eap: Add initial EAP API Adds eap.c/eap.h with the initial EAP API definitions. No actual EAP methods are added in this patch.
2015-10-30 11:12:13 +01:00
l_warn("EAP server tried method %i while client was "
"configured for method %i",
type, eap->method->request_type);
goto unsupported_method;
}
eap: Fix crash Some EAP servers might try to send us packets after the EAP connection has been established. When EAP succeeds we destroy the EAP object. If a new EAP request arrives we create a temporary EAP object to handle the request (most likely to NAK it). However, if the packet is not destined to a particular method (e.g. it is a notification) the current logic can result in a crash. src/netdev.c:netdev_set_gtk() 3 ==4300== Invalid read of size 8 ==4300== at 0x14204B: __eap_handle_request (eap.c:203) ==4300== by 0x142339: eap_rx_packet (eap.c:287) ==4300== by 0x12AEF9: eapol_rx_packet (eapol.c:1622) ==4300== by 0x12BBBC: __eapol_rx_packet (eapol.c:2018) ==4300== by 0x116D1E: netdev_pae_read (netdev.c:3121) ==4300== by 0x16672B: io_callback (io.c:123) ==4300== by 0x165239: l_main_iterate (main.c:376) ==4300== by 0x16537D: l_main_run (main.c:423) ==4300== by 0x10F95C: main (main.c:447) ==4300== Address 0x30 is not stack'd, malloc'd or (recently) free'd ==4300==
2018-05-18 17:27:42 +02:00
op = retransmit && eap->method->handle_retransmit ?
eap->method->handle_retransmit :
eap->method->handle_request;
eap: expanded methods start packets at opcode Expanded EAP methods should get their packets for handling starting at the op-code field. They're not really interested in type/vendor-id/vendor-type fields.
2016-08-25 04:32:16 +02:00
if (type != EAP_TYPE_EXPANDED) {
eap: Add retransmission support
2016-11-29 23:31:22 +01:00
op(eap, pkt + 1, len - 1);
eap: expanded methods start packets at opcode Expanded EAP methods should get their packets for handling starting at the op-code field. They're not really interested in type/vendor-id/vendor-type fields.
2016-08-25 04:32:16 +02:00
return;
}
eap: Add initial support for expanded types
2016-08-10 21:30:57 +02:00
/*
* TODO: Handle Expanded Nak if our vendor-id / vendor-types
* don't match
*/
eap: expanded methods start packets at opcode Expanded EAP methods should get their packets for handling starting at the op-code field. They're not really interested in type/vendor-id/vendor-type fields.
2016-08-25 04:32:16 +02:00
if (len < 8)
return;
eap: Add initial EAP API Adds eap.c/eap.h with the initial EAP API definitions. No actual EAP methods are added in this patch.
2015-10-30 11:12:13 +01:00
eap: Add retransmission support
2016-11-29 23:31:22 +01:00
op(eap, pkt + 8, len - 8);
eap: Add initial EAP API Adds eap.c/eap.h with the initial EAP API definitions. No actual EAP methods are added in this patch.
2015-10-30 11:12:13 +01:00
return;
}
switch (type) {
case EAP_TYPE_IDENTITY:
if (len >= 2)
eap: clarify warning message
2018-09-07 19:25:20 +02:00
l_debug("Optional EAP server identity prompt: \"%.*s\"",
eap: Fix invalid access When the server sends an identity prompt or a notification, we were trying to print from our local buffer, not from the actual packet. The relevant valgrind trace is: src/netdev.c:netdev_mlme_notify() MLME notification 64 ==4300== Conditional jump or move depends on uninitialised value(s) ==4300== at 0x4C3006E: strnlen (vg_replace_strmem.c:425) ==4300== by 0x508C513: vfprintf (vfprintf.c:1643) ==4300== by 0x508EB75: buffered_vfprintf (vfprintf.c:2329) ==4300== by 0x508C1A1: vfprintf (vfprintf.c:1301) ==4300== by 0x167051: log_stderr (log.c:145) ==4300== by 0x16756E: l_log_with_location (log.c:293) ==4300== by 0x142173: __eap_handle_request (eap.c:235) ==4300== by 0x142339: eap_rx_packet (eap.c:287) ==4300== by 0x12AEF9: eapol_rx_packet (eapol.c:1622) ==4300== by 0x12BBBC: __eapol_rx_packet (eapol.c:2018) ==4300== by 0x116D1E: netdev_pae_read (netdev.c:3121) ==4300== by 0x16672B: io_callback (io.c:123) ==4300== EAP identity prompt: ""
2018-05-18 16:46:12 +02:00
(int) len - 1, pkt + 1);
eap: Add initial EAP API Adds eap.c/eap.h with the initial EAP API definitions. No actual EAP methods are added in this patch.
2015-10-30 11:12:13 +01:00
eap_send_identity_response(eap, eap->identity);
return;
case EAP_TYPE_NOTIFICATION:
if (len < 2)
/* Invalid packets to be ignored */
return;
eap: Fix invalid access When the server sends an identity prompt or a notification, we were trying to print from our local buffer, not from the actual packet. The relevant valgrind trace is: src/netdev.c:netdev_mlme_notify() MLME notification 64 ==4300== Conditional jump or move depends on uninitialised value(s) ==4300== at 0x4C3006E: strnlen (vg_replace_strmem.c:425) ==4300== by 0x508C513: vfprintf (vfprintf.c:1643) ==4300== by 0x508EB75: buffered_vfprintf (vfprintf.c:2329) ==4300== by 0x508C1A1: vfprintf (vfprintf.c:1301) ==4300== by 0x167051: log_stderr (log.c:145) ==4300== by 0x16756E: l_log_with_location (log.c:293) ==4300== by 0x142173: __eap_handle_request (eap.c:235) ==4300== by 0x142339: eap_rx_packet (eap.c:287) ==4300== by 0x12AEF9: eapol_rx_packet (eapol.c:1622) ==4300== by 0x12BBBC: __eapol_rx_packet (eapol.c:2018) ==4300== by 0x116D1E: netdev_pae_read (netdev.c:3121) ==4300== by 0x16672B: io_callback (io.c:123) ==4300== EAP identity prompt: ""
2018-05-18 16:46:12 +02:00
l_warn("EAP notification: \"%.*s\"", (int) len - 1, pkt + 1);
eap: Add initial EAP API Adds eap.c/eap.h with the initial EAP API definitions. No actual EAP methods are added in this patch.
2015-10-30 11:12:13 +01:00
eap_send_response(eap, EAP_TYPE_NOTIFICATION, buf, 5);
return;
default:
unsupported_method:
eap: Dump unhandled EAP packets
2018-05-18 17:29:58 +02:00
if (!eap->method) {
l_info("Received an unhandled EAP packet:");
l_util_hexdump(true, pkt, len, dump_eap, "[EAP] ");
}
eap: Add initial EAP API Adds eap.c/eap.h with the initial EAP API definitions. No actual EAP methods are added in this patch.
2015-10-30 11:12:13 +01:00
/* Send a legacy NAK response */
buf_len = 5;
eap: Add initial support for expanded types
2016-08-10 21:30:57 +02:00
/*
* RFC3748, Section 5.3.1: "A peer supporting Expanded Types
* that receives a Request for an unacceptable authentication
* Type (4-253,255) MAY include the value 254 in the Nak
* Response (Type 3) to indicate the desire for an Expanded
* authentication Type."
*/
eap: Add initial EAP API Adds eap.c/eap.h with the initial EAP API definitions. No actual EAP methods are added in this patch.
2015-10-30 11:12:13 +01:00
buf[buf_len++] = eap->method ? eap->method->request_type : 0;
eap_send_response(eap, EAP_TYPE_NAK, buf, buf_len);
return;
}
}
void eap_rx_packet(struct eap_state *eap, const uint8_t *pkt, size_t len)
{
uint8_t code, id;
uint16_t eap_len;
if (len < 4 || l_get_be16(&pkt[2]) < 4 || len < l_get_be16(&pkt[2]))
/* Invalid packets to be silently discarded */
return;
code = pkt[0];
id = pkt[1];
eap_len = l_get_be16(&pkt[2]);
eap: Make enums fit with our coding guidelines
2016-08-10 20:06:47 +02:00
switch ((enum eap_code) code) {
eap: Add initial EAP API Adds eap.c/eap.h with the initial EAP API definitions. No actual EAP methods are added in this patch.
2015-10-30 11:12:13 +01:00
case EAP_CODE_REQUEST:
eap: make eap_handle_request public
2018-02-14 01:00:40 +01:00
__eap_handle_request(eap, id, pkt + 4, eap_len - 4);
eap: Add initial EAP API Adds eap.c/eap.h with the initial EAP API definitions. No actual EAP methods are added in this patch.
2015-10-30 11:12:13 +01:00
return;
case EAP_CODE_FAILURE:
case EAP_CODE_SUCCESS:
eap: allow to discard EAP-Success/EAP-Failure pkts
2018-02-23 18:48:44 +01:00
if (eap->discard_success_and_failure)
return;
eap: Add initial EAP API Adds eap.c/eap.h with the initial EAP API definitions. No actual EAP methods are added in this patch.
2015-10-30 11:12:13 +01:00
l_timeout_remove(eap->complete_timeout);
eap->complete_timeout = NULL;
eap: interoperability support for Success/Failure pkts
2018-02-15 19:49:08 +01:00
/* RFC3748, Section 4.2
*
* The Identifier field of the Success and Failure packets
* MUST match the Identifier field of the Response packet that
* it is sent in response to. However, many currently deployed
* implementations ignore this rule and increment Identity for
* the Success and Failure packets. In order to support
* interoperability with these products we validate id against
* eap->last_id and its incremented value.
*/
if (id != eap->last_id && id != eap->last_id + 1)
eap: Add initial EAP API Adds eap.c/eap.h with the initial EAP API definitions. No actual EAP methods are added in this patch.
2015-10-30 11:12:13 +01:00
return;
if (eap_len != 4)
/* Invalid packets to be silently discarded */
return;
if (code == EAP_CODE_SUCCESS && !eap->method_success)
/* "Canned" success packets to be discarded */
return;
if (code == EAP_CODE_FAILURE && eap->method_success)
/*
* "On the peer, after success result indications have
* been exchanged by both sides, a Failure packet MUST
* be silently discarded."
*
* "Where the peer authenticates successfully to the
* authenticator, but the authenticator does not send
* a result indication, the authenticator MAY deny
* access by sending a Failure packet where the peer
* is not currently authorized for network access."
* -- eap->method_success implies we've received
* a full result indication.
*/
return;
eap->complete(code == EAP_CODE_SUCCESS ? EAP_RESULT_SUCCESS :
EAP_RESULT_FAIL, eap->user_data);
return;
default:
/* Invalid packets to be silently discarded */
return;
}
}
eap: Validate settings, report passwords needed With the goal of requesting the required passwords/passphrases, such as the TLS private key passphrase, from the agent, add a static method eap_check_settings to validate the settings and calculate what passwords are needed for those settings, if any. This is separate from eap_load_settings because that can only be called later, once we've got an eap state machine object. We need to get all the needed EAP credentials from the user before we even start connecting. While we do this, we also validate the settings and output any error messages through l_error (this could be changed so the messages go somewhere else in the future), so I removed the error messages from eap_load_settings and that method now assumes that eap_check_settings has been called before. eap_check_settings calls the appropriate method's .check_settings method if the settings are complete enough to contain the method name. The policy is that any data can be provided inside the l_settings object (from the network provisioning/config file), but some of the more sensitive fields, like private key passwords, can be optionally omitted and then the UI will ask for them and iwd will be careful with caching them. Within struct eap_secret_info, "id" is mainly for the EAP method to locate the info in the list. "value" is the actual value returned by agent. "parameter" is an optional string to be passed to the agent. For a private key passphrase it may be the path to the key file, for a password it may be the username for which the password is requested.
2018-04-18 07:03:22 +02:00
bool eap_secret_info_match(const void *a, const void *b)
{
const struct eap_secret_info *s = a;
return !strcmp(s->id, b);
}
void eap_append_secret(struct l_queue **out_missing, enum eap_secret_type type,
eap: Add secret cache policy types eap_append_secret now takes a new cache_policy parameter which can be used by the EAP method to signal that the value received from the agent is to never be cached, i.e. each value can only be used once. The parameter value should be EAP_CACHE_NEVER for this and we use this in value EAP-GTC where the secret tokens are one time use. The EAP_CACHE_TEMPORARY value is used in other methods, it preserves the default behaviour where a secret can be cached for as long as the network stays in range (this is the current implementation more than a design choice I believe, I didn't go for a more specific enum name as this may still change I suppose).
2018-08-09 02:33:16 +02:00
const char *id, const char *id2, const char *parameter,
enum eap_secret_cache_policy cache_policy)
eap: Validate settings, report passwords needed With the goal of requesting the required passwords/passphrases, such as the TLS private key passphrase, from the agent, add a static method eap_check_settings to validate the settings and calculate what passwords are needed for those settings, if any. This is separate from eap_load_settings because that can only be called later, once we've got an eap state machine object. We need to get all the needed EAP credentials from the user before we even start connecting. While we do this, we also validate the settings and output any error messages through l_error (this could be changed so the messages go somewhere else in the future), so I removed the error messages from eap_load_settings and that method now assumes that eap_check_settings has been called before. eap_check_settings calls the appropriate method's .check_settings method if the settings are complete enough to contain the method name. The policy is that any data can be provided inside the l_settings object (from the network provisioning/config file), but some of the more sensitive fields, like private key passwords, can be optionally omitted and then the UI will ask for them and iwd will be careful with caching them. Within struct eap_secret_info, "id" is mainly for the EAP method to locate the info in the list. "value" is the actual value returned by agent. "parameter" is an optional string to be passed to the agent. For a private key passphrase it may be the path to the key file, for a password it may be the username for which the password is requested.
2018-04-18 07:03:22 +02:00
{
struct eap_secret_info *info;
if (!*out_missing)
*out_missing = l_queue_new();
info = l_new(struct eap_secret_info, 1);
info->id = l_strdup(id);
eap: Accept a second id parameter in eap_append_secret Accept two setting IDs in eap_append_secret, first for the username and second for the password in case of the EAP_SECRET_REMOTE_USER_PASSWORD EAP secret type. In all other cases only the first setting is used. Until now for EAP_SECRET_REMOTE_USER_PASSWORD secrets we'd generate the two setting names by adding different suffixes to the ID parameter. Using the two different setting names automatically fixes the issues with using the EAP Identity returned by the agent in EAP-MSCHAPv2 and EAP-PWD.
2018-06-14 03:45:23 +02:00
info->id2 = l_strdup(id2);
eap: Validate settings, report passwords needed With the goal of requesting the required passwords/passphrases, such as the TLS private key passphrase, from the agent, add a static method eap_check_settings to validate the settings and calculate what passwords are needed for those settings, if any. This is separate from eap_load_settings because that can only be called later, once we've got an eap state machine object. We need to get all the needed EAP credentials from the user before we even start connecting. While we do this, we also validate the settings and output any error messages through l_error (this could be changed so the messages go somewhere else in the future), so I removed the error messages from eap_load_settings and that method now assumes that eap_check_settings has been called before. eap_check_settings calls the appropriate method's .check_settings method if the settings are complete enough to contain the method name. The policy is that any data can be provided inside the l_settings object (from the network provisioning/config file), but some of the more sensitive fields, like private key passwords, can be optionally omitted and then the UI will ask for them and iwd will be careful with caching them. Within struct eap_secret_info, "id" is mainly for the EAP method to locate the info in the list. "value" is the actual value returned by agent. "parameter" is an optional string to be passed to the agent. For a private key passphrase it may be the path to the key file, for a password it may be the username for which the password is requested.
2018-04-18 07:03:22 +02:00
info->type = type;
info->parameter = l_strdup(parameter);
eap: Add secret cache policy types eap_append_secret now takes a new cache_policy parameter which can be used by the EAP method to signal that the value received from the agent is to never be cached, i.e. each value can only be used once. The parameter value should be EAP_CACHE_NEVER for this and we use this in value EAP-GTC where the secret tokens are one time use. The EAP_CACHE_TEMPORARY value is used in other methods, it preserves the default behaviour where a secret can be cached for as long as the network stays in range (this is the current implementation more than a design choice I believe, I didn't go for a more specific enum name as this may still change I suppose).
2018-08-09 02:33:16 +02:00
info->cache_policy = cache_policy;
eap: Validate settings, report passwords needed With the goal of requesting the required passwords/passphrases, such as the TLS private key passphrase, from the agent, add a static method eap_check_settings to validate the settings and calculate what passwords are needed for those settings, if any. This is separate from eap_load_settings because that can only be called later, once we've got an eap state machine object. We need to get all the needed EAP credentials from the user before we even start connecting. While we do this, we also validate the settings and output any error messages through l_error (this could be changed so the messages go somewhere else in the future), so I removed the error messages from eap_load_settings and that method now assumes that eap_check_settings has been called before. eap_check_settings calls the appropriate method's .check_settings method if the settings are complete enough to contain the method name. The policy is that any data can be provided inside the l_settings object (from the network provisioning/config file), but some of the more sensitive fields, like private key passwords, can be optionally omitted and then the UI will ask for them and iwd will be careful with caching them. Within struct eap_secret_info, "id" is mainly for the EAP method to locate the info in the list. "value" is the actual value returned by agent. "parameter" is an optional string to be passed to the agent. For a private key passphrase it may be the path to the key file, for a password it may be the username for which the password is requested.
2018-04-18 07:03:22 +02:00
l_queue_push_tail(*out_missing, info);
}
void eap_secret_info_free(void *data)
{
struct eap_secret_info *info = data;
if (!info)
return;
if (info->value) {
eap,eapol,crypto: Replace uses of memset with explicit_bzero Replace existing uses of memset to clear secrets with explicit_bzero to make sure it doesn't get optimized away. This has some side effects as documented in gcc docs but is still recommended. In eap_secret_info_free make sure we clear both strings in the case of EAP_SECRET_REMOTE_USER_PASSWORD secrets.
2019-03-22 00:56:53 +01:00
size_t value_len = strlen(info->value) + 1;
if (info->type == EAP_SECRET_REMOTE_USER_PASSWORD)
value_len += strlen(info->value + value_len);
explicit_bzero(info->value, value_len);
eap: Validate settings, report passwords needed With the goal of requesting the required passwords/passphrases, such as the TLS private key passphrase, from the agent, add a static method eap_check_settings to validate the settings and calculate what passwords are needed for those settings, if any. This is separate from eap_load_settings because that can only be called later, once we've got an eap state machine object. We need to get all the needed EAP credentials from the user before we even start connecting. While we do this, we also validate the settings and output any error messages through l_error (this could be changed so the messages go somewhere else in the future), so I removed the error messages from eap_load_settings and that method now assumes that eap_check_settings has been called before. eap_check_settings calls the appropriate method's .check_settings method if the settings are complete enough to contain the method name. The policy is that any data can be provided inside the l_settings object (from the network provisioning/config file), but some of the more sensitive fields, like private key passwords, can be optionally omitted and then the UI will ask for them and iwd will be careful with caching them. Within struct eap_secret_info, "id" is mainly for the EAP method to locate the info in the list. "value" is the actual value returned by agent. "parameter" is an optional string to be passed to the agent. For a private key passphrase it may be the path to the key file, for a password it may be the username for which the password is requested.
2018-04-18 07:03:22 +02:00
l_free(info->value);
}
if (info->parameter) {
eap,eapol,crypto: Replace uses of memset with explicit_bzero Replace existing uses of memset to clear secrets with explicit_bzero to make sure it doesn't get optimized away. This has some side effects as documented in gcc docs but is still recommended. In eap_secret_info_free make sure we clear both strings in the case of EAP_SECRET_REMOTE_USER_PASSWORD secrets.
2019-03-22 00:56:53 +01:00
explicit_bzero(info->parameter, strlen(info->parameter));
eap: Validate settings, report passwords needed With the goal of requesting the required passwords/passphrases, such as the TLS private key passphrase, from the agent, add a static method eap_check_settings to validate the settings and calculate what passwords are needed for those settings, if any. This is separate from eap_load_settings because that can only be called later, once we've got an eap state machine object. We need to get all the needed EAP credentials from the user before we even start connecting. While we do this, we also validate the settings and output any error messages through l_error (this could be changed so the messages go somewhere else in the future), so I removed the error messages from eap_load_settings and that method now assumes that eap_check_settings has been called before. eap_check_settings calls the appropriate method's .check_settings method if the settings are complete enough to contain the method name. The policy is that any data can be provided inside the l_settings object (from the network provisioning/config file), but some of the more sensitive fields, like private key passwords, can be optionally omitted and then the UI will ask for them and iwd will be careful with caching them. Within struct eap_secret_info, "id" is mainly for the EAP method to locate the info in the list. "value" is the actual value returned by agent. "parameter" is an optional string to be passed to the agent. For a private key passphrase it may be the path to the key file, for a password it may be the username for which the password is requested.
2018-04-18 07:03:22 +02:00
l_free(info->parameter);
}
l_free(info->id);
eap: Accept a second id parameter in eap_append_secret Accept two setting IDs in eap_append_secret, first for the username and second for the password in case of the EAP_SECRET_REMOTE_USER_PASSWORD EAP secret type. In all other cases only the first setting is used. Until now for EAP_SECRET_REMOTE_USER_PASSWORD secrets we'd generate the two setting names by adding different suffixes to the ID parameter. Using the two different setting names automatically fixes the issues with using the EAP Identity returned by the agent in EAP-MSCHAPv2 and EAP-PWD.
2018-06-14 03:45:23 +02:00
l_free(info->id2);
eap: Validate settings, report passwords needed With the goal of requesting the required passwords/passphrases, such as the TLS private key passphrase, from the agent, add a static method eap_check_settings to validate the settings and calculate what passwords are needed for those settings, if any. This is separate from eap_load_settings because that can only be called later, once we've got an eap state machine object. We need to get all the needed EAP credentials from the user before we even start connecting. While we do this, we also validate the settings and output any error messages through l_error (this could be changed so the messages go somewhere else in the future), so I removed the error messages from eap_load_settings and that method now assumes that eap_check_settings has been called before. eap_check_settings calls the appropriate method's .check_settings method if the settings are complete enough to contain the method name. The policy is that any data can be provided inside the l_settings object (from the network provisioning/config file), but some of the more sensitive fields, like private key passwords, can be optionally omitted and then the UI will ask for them and iwd will be careful with caching them. Within struct eap_secret_info, "id" is mainly for the EAP method to locate the info in the list. "value" is the actual value returned by agent. "parameter" is an optional string to be passed to the agent. For a private key passphrase it may be the path to the key file, for a password it may be the username for which the password is requested.
2018-04-18 07:03:22 +02:00
l_free(info);
}
eap: Add __eap_check_settings Since PEAP & TTLS expect to use eap_check_settings recursively, make them use a private version of that API that does not perform cleanup and can contain side-effects. eap_check_settings itself will guarantee that no side effects happen on error. It is meant to be used by code outside of the eap subsystem.
2018-06-15 02:10:11 +02:00
int __eap_check_settings(struct l_settings *settings, struct l_queue *secrets,
const char *prefix, bool set_key_material,
struct l_queue **missing)
eap: Validate settings, report passwords needed With the goal of requesting the required passwords/passphrases, such as the TLS private key passphrase, from the agent, add a static method eap_check_settings to validate the settings and calculate what passwords are needed for those settings, if any. This is separate from eap_load_settings because that can only be called later, once we've got an eap state machine object. We need to get all the needed EAP credentials from the user before we even start connecting. While we do this, we also validate the settings and output any error messages through l_error (this could be changed so the messages go somewhere else in the future), so I removed the error messages from eap_load_settings and that method now assumes that eap_check_settings has been called before. eap_check_settings calls the appropriate method's .check_settings method if the settings are complete enough to contain the method name. The policy is that any data can be provided inside the l_settings object (from the network provisioning/config file), but some of the more sensitive fields, like private key passwords, can be optionally omitted and then the UI will ask for them and iwd will be careful with caching them. Within struct eap_secret_info, "id" is mainly for the EAP method to locate the info in the list. "value" is the actual value returned by agent. "parameter" is an optional string to be passed to the agent. For a private key passphrase it may be the path to the key file, for a password it may be the username for which the password is requested.
2018-04-18 07:03:22 +02:00
{
char setting[64];
const char *method_name;
const struct l_queue_entry *entry;
struct eap_method *method;
eap: Allow methods to request the Identity from agent In eap_check_settings move the check for the EAP-Identity setting so that the method's check_setting call back has a chance to request it from the agent. Note the check can be also moved to the EAP methods so that they are free to skip it if not NULL identity is ok.
2018-06-14 03:45:24 +02:00
int ret = 0;
eap: Validate settings, report passwords needed With the goal of requesting the required passwords/passphrases, such as the TLS private key passphrase, from the agent, add a static method eap_check_settings to validate the settings and calculate what passwords are needed for those settings, if any. This is separate from eap_load_settings because that can only be called later, once we've got an eap state machine object. We need to get all the needed EAP credentials from the user before we even start connecting. While we do this, we also validate the settings and output any error messages through l_error (this could be changed so the messages go somewhere else in the future), so I removed the error messages from eap_load_settings and that method now assumes that eap_check_settings has been called before. eap_check_settings calls the appropriate method's .check_settings method if the settings are complete enough to contain the method name. The policy is that any data can be provided inside the l_settings object (from the network provisioning/config file), but some of the more sensitive fields, like private key passwords, can be optionally omitted and then the UI will ask for them and iwd will be careful with caching them. Within struct eap_secret_info, "id" is mainly for the EAP method to locate the info in the list. "value" is the actual value returned by agent. "parameter" is an optional string to be passed to the agent. For a private key passphrase it may be the path to the key file, for a password it may be the username for which the password is requested.
2018-04-18 07:03:22 +02:00
snprintf(setting, sizeof(setting), "%sMethod", prefix);
method_name = l_settings_get_value(settings, "Security", setting);
if (!method_name) {
l_error("Property %s missing", setting);
eap: Return specific error when check_settings fails Change the check_settings eap functions to return a negative errno and return more granular Dbus error from the Connect method.
2018-04-28 04:28:44 +02:00
return -ENOENT;
eap: Validate settings, report passwords needed With the goal of requesting the required passwords/passphrases, such as the TLS private key passphrase, from the agent, add a static method eap_check_settings to validate the settings and calculate what passwords are needed for those settings, if any. This is separate from eap_load_settings because that can only be called later, once we've got an eap state machine object. We need to get all the needed EAP credentials from the user before we even start connecting. While we do this, we also validate the settings and output any error messages through l_error (this could be changed so the messages go somewhere else in the future), so I removed the error messages from eap_load_settings and that method now assumes that eap_check_settings has been called before. eap_check_settings calls the appropriate method's .check_settings method if the settings are complete enough to contain the method name. The policy is that any data can be provided inside the l_settings object (from the network provisioning/config file), but some of the more sensitive fields, like private key passwords, can be optionally omitted and then the UI will ask for them and iwd will be careful with caching them. Within struct eap_secret_info, "id" is mainly for the EAP method to locate the info in the list. "value" is the actual value returned by agent. "parameter" is an optional string to be passed to the agent. For a private key passphrase it may be the path to the key file, for a password it may be the username for which the password is requested.
2018-04-18 07:03:22 +02:00
}
for (entry = l_queue_get_entries(eap_methods); entry;
entry = entry->next) {
method = entry->data;
if (!strcasecmp(method_name, method->name))
break;
}
if (!entry) {
l_error("EAP method \"%s\" unsupported", method_name);
eap: Return specific error when check_settings fails Change the check_settings eap functions to return a negative errno and return more granular Dbus error from the Connect method.
2018-04-28 04:28:44 +02:00
return -ENOTSUP;
eap: Validate settings, report passwords needed With the goal of requesting the required passwords/passphrases, such as the TLS private key passphrase, from the agent, add a static method eap_check_settings to validate the settings and calculate what passwords are needed for those settings, if any. This is separate from eap_load_settings because that can only be called later, once we've got an eap state machine object. We need to get all the needed EAP credentials from the user before we even start connecting. While we do this, we also validate the settings and output any error messages through l_error (this could be changed so the messages go somewhere else in the future), so I removed the error messages from eap_load_settings and that method now assumes that eap_check_settings has been called before. eap_check_settings calls the appropriate method's .check_settings method if the settings are complete enough to contain the method name. The policy is that any data can be provided inside the l_settings object (from the network provisioning/config file), but some of the more sensitive fields, like private key passwords, can be optionally omitted and then the UI will ask for them and iwd will be careful with caching them. Within struct eap_secret_info, "id" is mainly for the EAP method to locate the info in the list. "value" is the actual value returned by agent. "parameter" is an optional string to be passed to the agent. For a private key passphrase it may be the path to the key file, for a password it may be the username for which the password is requested.
2018-04-18 07:03:22 +02:00
}
/* Check if selected method is suitable for 802.1x */
if (set_key_material && !method->exports_msk) {
l_error("EAP method \"%s\" doesn't export key material",
method_name);
eap: Return specific error when check_settings fails Change the check_settings eap functions to return a negative errno and return more granular Dbus error from the Connect method.
2018-04-28 04:28:44 +02:00
return -ENOTSUP;
eap: Validate settings, report passwords needed With the goal of requesting the required passwords/passphrases, such as the TLS private key passphrase, from the agent, add a static method eap_check_settings to validate the settings and calculate what passwords are needed for those settings, if any. This is separate from eap_load_settings because that can only be called later, once we've got an eap state machine object. We need to get all the needed EAP credentials from the user before we even start connecting. While we do this, we also validate the settings and output any error messages through l_error (this could be changed so the messages go somewhere else in the future), so I removed the error messages from eap_load_settings and that method now assumes that eap_check_settings has been called before. eap_check_settings calls the appropriate method's .check_settings method if the settings are complete enough to contain the method name. The policy is that any data can be provided inside the l_settings object (from the network provisioning/config file), but some of the more sensitive fields, like private key passwords, can be optionally omitted and then the UI will ask for them and iwd will be careful with caching them. Within struct eap_secret_info, "id" is mainly for the EAP method to locate the info in the list. "value" is the actual value returned by agent. "parameter" is an optional string to be passed to the agent. For a private key passphrase it may be the path to the key file, for a password it may be the username for which the password is requested.
2018-04-18 07:03:22 +02:00
}
eap: Add __eap_check_settings Since PEAP & TTLS expect to use eap_check_settings recursively, make them use a private version of that API that does not perform cleanup and can contain side-effects. eap_check_settings itself will guarantee that no side effects happen on error. It is meant to be used by code outside of the eap subsystem.
2018-06-15 02:10:11 +02:00
if (method->check_settings) {
eap: Allow methods to request the Identity from agent In eap_check_settings move the check for the EAP-Identity setting so that the method's check_setting call back has a chance to request it from the agent. Note the check can be also moved to the EAP methods so that they are free to skip it if not NULL identity is ok.
2018-06-14 03:45:24 +02:00
ret = method->check_settings(settings, secrets,
eap: Add __eap_check_settings Since PEAP & TTLS expect to use eap_check_settings recursively, make them use a private version of that API that does not perform cleanup and can contain side-effects. eap_check_settings itself will guarantee that no side effects happen on error. It is meant to be used by code outside of the eap subsystem.
2018-06-15 02:10:11 +02:00
prefix, missing);
if (ret < 0)
return ret;
}
eap: Allow methods to request the Identity from agent In eap_check_settings move the check for the EAP-Identity setting so that the method's check_setting call back has a chance to request it from the agent. Note the check can be also moved to the EAP methods so that they are free to skip it if not NULL identity is ok.
2018-06-14 03:45:24 +02:00
/*
eap: Make Identity optional Some of the EAP methods don't require a clear-text identity to be sent with the Identity Response packet. The mandatory identity filed has resulted in unnecessary transmission of the garbage values. This patch makes the Identity field to be optional and shift responsibility to ensure its existence to the individual methods if the field is required. All necessary identity checks have been previously propagated to individual methods.
2019-01-12 00:27:15 +01:00
* Individual methods are responsible for ensuring, inside their
* check_settings(), that they have enough data to return the
* identity after load_settings() if it is required.
eap: Allow methods to request the Identity from agent In eap_check_settings move the check for the EAP-Identity setting so that the method's check_setting call back has a chance to request it from the agent. Note the check can be also moved to the EAP methods so that they are free to skip it if not NULL identity is ok.
2018-06-14 03:45:24 +02:00
*/
eap: Validate settings, report passwords needed With the goal of requesting the required passwords/passphrases, such as the TLS private key passphrase, from the agent, add a static method eap_check_settings to validate the settings and calculate what passwords are needed for those settings, if any. This is separate from eap_load_settings because that can only be called later, once we've got an eap state machine object. We need to get all the needed EAP credentials from the user before we even start connecting. While we do this, we also validate the settings and output any error messages through l_error (this could be changed so the messages go somewhere else in the future), so I removed the error messages from eap_load_settings and that method now assumes that eap_check_settings has been called before. eap_check_settings calls the appropriate method's .check_settings method if the settings are complete enough to contain the method name. The policy is that any data can be provided inside the l_settings object (from the network provisioning/config file), but some of the more sensitive fields, like private key passwords, can be optionally omitted and then the UI will ask for them and iwd will be careful with caching them. Within struct eap_secret_info, "id" is mainly for the EAP method to locate the info in the list. "value" is the actual value returned by agent. "parameter" is an optional string to be passed to the agent. For a private key passphrase it may be the path to the key file, for a password it may be the username for which the password is requested.
2018-04-18 07:03:22 +02:00
eap: Add __eap_check_settings Since PEAP & TTLS expect to use eap_check_settings recursively, make them use a private version of that API that does not perform cleanup and can contain side-effects. eap_check_settings itself will guarantee that no side effects happen on error. It is meant to be used by code outside of the eap subsystem.
2018-06-15 02:10:11 +02:00
return 0;
}
int eap_check_settings(struct l_settings *settings, struct l_queue *secrets,
const char *prefix, bool set_key_material,
struct l_queue **out_missing)
{
struct l_queue *missing = NULL;
int ret = __eap_check_settings(settings, secrets, prefix,
set_key_material, &missing);
if (ret < 0) {
l_queue_destroy(missing, eap_secret_info_free);
return ret;
}
eap: Ensure that we don't return an empty queue
2018-06-15 00:02:09 +02:00
if (missing && l_queue_isempty(missing)) {
l_queue_destroy(missing, NULL);
missing = NULL;
}
network: Fix a bunch of double-frees Missing secrets are freed by eap_send_agent_req() even in case of failure, so it was erroneous to try to free them on error. ==1048== Invalid read of size 8 ==1048== at 0x1603EC: l_queue_clear (queue.c:101) ==1048== by 0x1603B8: l_queue_destroy (queue.c:82) ==1048== by 0x135328: network_connect_8021x (network.c:943) ==1048== by 0x1354C4: network_connect (network.c:987) ==1048== by 0x178DD2: _dbus_object_tree_dispatch (dbus-service.c:1690) ==1048== by 0x16D32A: message_read_handler (dbus.c:285) ==1048== by 0x166EC3: io_callback (io.c:123) ==1048== by 0x165A1A: l_main_iterate (main.c:376) ==1048== by 0x165B58: l_main_run (main.c:423) ==1048== by 0x1102DA: main (main.c:458) ==1048== Address 0x5461850 is 0 bytes inside a block of size 24 free'd ==1048== at 0x4C2C13B: free (vg_replace_malloc.c:530) ==1048== by 0x15ED03: l_free (util.c:136) ==1048== by 0x1603C4: l_queue_destroy (queue.c:83) ==1048== by 0x134BD5: eap_secret_request_free (network.c:719) ==1048== by 0x134EF9: eap_send_agent_req (network.c:817) ==1048== by 0x1352F7: network_connect_8021x (network.c:936) ==1048== by 0x1354C4: network_connect (network.c:987) ==1048== by 0x178DD2: _dbus_object_tree_dispatch (dbus-service.c:1690) ==1048== by 0x16D32A: message_read_handler (dbus.c:285) ==1048== by 0x166EC3: io_callback (io.c:123) ==1048== by 0x165A1A: l_main_iterate (main.c:376) ==1048== by 0x165B58: l_main_run (main.c:423)
2018-06-14 23:57:51 +02:00
*out_missing = missing;
eap: Allow methods to request the Identity from agent In eap_check_settings move the check for the EAP-Identity setting so that the method's check_setting call back has a chance to request it from the agent. Note the check can be also moved to the EAP methods so that they are free to skip it if not NULL identity is ok.
2018-06-14 03:45:24 +02:00
return 0;
eap: Validate settings, report passwords needed With the goal of requesting the required passwords/passphrases, such as the TLS private key passphrase, from the agent, add a static method eap_check_settings to validate the settings and calculate what passwords are needed for those settings, if any. This is separate from eap_load_settings because that can only be called later, once we've got an eap state machine object. We need to get all the needed EAP credentials from the user before we even start connecting. While we do this, we also validate the settings and output any error messages through l_error (this could be changed so the messages go somewhere else in the future), so I removed the error messages from eap_load_settings and that method now assumes that eap_check_settings has been called before. eap_check_settings calls the appropriate method's .check_settings method if the settings are complete enough to contain the method name. The policy is that any data can be provided inside the l_settings object (from the network provisioning/config file), but some of the more sensitive fields, like private key passwords, can be optionally omitted and then the UI will ask for them and iwd will be careful with caching them. Within struct eap_secret_info, "id" is mainly for the EAP method to locate the info in the list. "value" is the actual value returned by agent. "parameter" is an optional string to be passed to the agent. For a private key passphrase it may be the path to the key file, for a password it may be the username for which the password is requested.
2018-04-18 07:03:22 +02:00
}
eap: Add initial EAP API Adds eap.c/eap.h with the initial EAP API definitions. No actual EAP methods are added in this patch.
2015-10-30 11:12:13 +01:00
bool eap_load_settings(struct eap_state *eap, struct l_settings *settings,
const char *prefix)
{
char setting[64];
const char *method_name;
const struct l_queue_entry *entry;
struct eap_method *method;
snprintf(setting, sizeof(setting), "%sMethod", prefix);
method_name = l_settings_get_value(settings, "Security", setting);
if (!method_name)
return false;
for (entry = l_queue_get_entries(eap_methods); entry;
entry = entry->next) {
method = entry->data;
eap: Drop method's .probe, rename .remove The EAP-method's .probe methods only checked the method name so do that in eap.c instead and allocate method state in .load_settings. Rename method's .remove method to .free to improve the naming.
2017-09-06 04:12:17 +02:00
if (!strcasecmp(method_name, method->name)) {
eap: Add initial EAP API Adds eap.c/eap.h with the initial EAP API definitions. No actual EAP methods are added in this patch.
2015-10-30 11:12:13 +01:00
eap->method = method;
break;
}
}
if (!eap->method)
return false;
/* Check if selected method is suitable for 802.1x */
eap: Validate settings, report passwords needed With the goal of requesting the required passwords/passphrases, such as the TLS private key passphrase, from the agent, add a static method eap_check_settings to validate the settings and calculate what passwords are needed for those settings, if any. This is separate from eap_load_settings because that can only be called later, once we've got an eap state machine object. We need to get all the needed EAP credentials from the user before we even start connecting. While we do this, we also validate the settings and output any error messages through l_error (this could be changed so the messages go somewhere else in the future), so I removed the error messages from eap_load_settings and that method now assumes that eap_check_settings has been called before. eap_check_settings calls the appropriate method's .check_settings method if the settings are complete enough to contain the method name. The policy is that any data can be provided inside the l_settings object (from the network provisioning/config file), but some of the more sensitive fields, like private key passwords, can be optionally omitted and then the UI will ask for them and iwd will be careful with caching them. Within struct eap_secret_info, "id" is mainly for the EAP method to locate the info in the list. "value" is the actual value returned by agent. "parameter" is an optional string to be passed to the agent. For a private key passphrase it may be the path to the key file, for a password it may be the username for which the password is requested.
2018-04-18 07:03:22 +02:00
if (eap->set_key_material && !eap->method->exports_msk)
eap: Add initial EAP API Adds eap.c/eap.h with the initial EAP API definitions. No actual EAP methods are added in this patch.
2015-10-30 11:12:13 +01:00
goto err;
eap: new method API for getting EAP-Identity EAP-SIM/AKA/AKA' retrieve the EAP-Identity off the SIM card not from the settings file. This adds a new EAP method API which can optionally be implemented to retrieve the identity. If get_identity is implemented, the EAP layer will use it to retrieve the identity rather than looking in the settings file.
2017-11-09 20:07:55 +01:00
if (eap->method->load_settings)
if (!eap->method->load_settings(eap, settings, prefix))
goto err;
/* get identity from settings or from EAP method */
if (!eap->method->get_identity) {
snprintf(setting, sizeof(setting), "%sIdentity", prefix);
eap: Use l_settings_get_string where needed Replace usages of l_settings_get_value with l_settings_get_string, which will make sure the returned strings are unescaped but also allocates memeory and forces us to use l_free on most of the strings. Some of these strings we explicitly set with l_settings_set_string() in our code so when we retrieved them with l_settings_get_value() we would receive a different string if there were any escapable characters in the string. I didn't replace any of the l_settings_get_value() uses where we're just checking whether a setting is present, or those which are hexstrings or EAP method names assuming that they can't have any special characters, although this isn't future proof. I did use l_settings_get_string() for file paths though.
2018-06-14 03:45:25 +02:00
eap->identity = l_settings_get_string(settings,
"Security", setting);
eap: new method API for getting EAP-Identity EAP-SIM/AKA/AKA' retrieve the EAP-Identity off the SIM card not from the settings file. This adds a new EAP method API which can optionally be implemented to retrieve the identity. If get_identity is implemented, the EAP layer will use it to retrieve the identity rather than looking in the settings file.
2017-11-09 20:07:55 +01:00
} else {
eap->identity = l_strdup(eap->method->get_identity(eap));
}
eap: enforce max identity lengths EAP identites are recommended to follow RFC 4282 (The Network Access Identifier). This RFC recommends a maximum NAI length of 253 octets. It also mentions that RADIUS is only able to support NAIs of 253 octets. Because of this, IWD should not allow EAP identities larger than 253 bytes. This change adds a check in eap_load_settings to verify the identity does not exceed this limit.
2019-04-08 23:01:58 +02:00
/*
* RFC 4282 Section 2.2 - NAI Length Considerations
*
* Devices handling NAIs MUST support an NAI length of at least 72
* octets. Support for an NAI length of 253 octets is RECOMMENDED.
* ...
* RADIUS is unable to support NAI lengths beyond 253 octets
*/
eap: Make sure identity is not NULL
2019-04-08 23:25:31 +02:00
if (eap->identity && strlen(eap->identity) > 253) {
eap: enforce max identity lengths EAP identites are recommended to follow RFC 4282 (The Network Access Identifier). This RFC recommends a maximum NAI length of 253 octets. It also mentions that RADIUS is only able to support NAIs of 253 octets. Because of this, IWD should not allow EAP identities larger than 253 bytes. This change adds a check in eap_load_settings to verify the identity does not exceed this limit.
2019-04-08 23:01:58 +02:00
l_error("Identity is too long");
goto err;
}
eap: Add initial EAP API Adds eap.c/eap.h with the initial EAP API definitions. No actual EAP methods are added in this patch.
2015-10-30 11:12:13 +01:00
return true;
err:
eap: Add eap_free_common Many operations performed during an error in load_settings were the same as the ones performed when freeing the eap object. Add eap_free_common to unify these.
2019-04-08 23:24:18 +02:00
eap_free_common(eap);
eap: Add initial EAP API Adds eap.c/eap.h with the initial EAP API definitions. No actual EAP methods are added in this patch.
2015-10-30 11:12:13 +01:00
return false;
}
void eap_set_data(struct eap_state *eap, void *data)
{
eap->method_state = data;
}
void *eap_get_data(struct eap_state *eap)
{
return eap->method_state;
}
eap: Add accessors for the method name and type
2018-11-16 23:15:32 +01:00
enum eap_type eap_get_method_type(struct eap_state *eap)
{
return eap->method->request_type;
}
const char *eap_get_method_name(struct eap_state *eap)
{
return eap->method->name;
}
eap: Add initial EAP API Adds eap.c/eap.h with the initial EAP API definitions. No actual EAP methods are added in this patch.
2015-10-30 11:12:13 +01:00
void eap_set_key_material(struct eap_state *eap,
const uint8_t *msk_data, size_t msk_len,
const uint8_t *emsk_data, size_t emsk_len,
eap: export session ID as key materials ERP/FILS requires the session ID which is derived internally to an EAP method.
2019-04-10 23:52:26 +02:00
const uint8_t *iv, size_t iv_len,
const uint8_t *session_id, size_t session_len)
eap: Add initial EAP API Adds eap.c/eap.h with the initial EAP API definitions. No actual EAP methods are added in this patch.
2015-10-30 11:12:13 +01:00
{
if (!eap->set_key_material)
return;
eap->set_key_material(msk_data, msk_len, emsk_data, emsk_len,
eap: export session ID as key materials ERP/FILS requires the session ID which is derived internally to an EAP method.
2019-04-10 23:52:26 +02:00
iv, iv_len, session_id, session_len,
eap->user_data);
eap: Add initial EAP API Adds eap.c/eap.h with the initial EAP API definitions. No actual EAP methods are added in this patch.
2015-10-30 11:12:13 +01:00
}
eap: Add eap event_func This is used to get arbitrary information out of the EAP method. Needed for EAP-WSC to signal credential information obtained from the peer. Other uses include signaling why EAP-WSC failed (e.g. invalid PIN, etc) and processing of M2D discovery messages. The information in M2Ds might be useful to external clients.
2016-09-12 22:26:03 +02:00
void eap_method_event(struct eap_state *eap, unsigned int id, const void *data)
{
if (!eap->event_func)
return;
eap->event_func(id, data, eap->user_data);
}
eap: add accessor for method success
2018-02-22 01:47:19 +01:00
bool eap_method_is_success(struct eap_state *eap)
{
return eap->method_success;
}
eap: Add initial EAP API Adds eap.c/eap.h with the initial EAP API definitions. No actual EAP methods are added in this patch.
2015-10-30 11:12:13 +01:00
void eap_method_success(struct eap_state *eap)
{
eap->method_success = true;
}
eap: allow to discard EAP-Success/EAP-Failure pkts
2018-02-23 18:48:44 +01:00
void eap_discard_success_and_failure(struct eap_state *eap, bool discard)
{
eap->discard_success_and_failure = discard;
}
eap: Add initial EAP API Adds eap.c/eap.h with the initial EAP API definitions. No actual EAP methods are added in this patch.
2015-10-30 11:12:13 +01:00
void eap_method_error(struct eap_state *eap)
{
/*
* It looks like neither EAP nor EAP-TLS specify the error handling
* behavior.
*/
eap->complete(EAP_RESULT_FAIL, eap->user_data);
}
void eap_save_last_id(struct eap_state *eap, uint8_t *last_id)
{
*last_id = eap->last_id;
}
void eap_restore_last_id(struct eap_state *eap, uint8_t last_id)
{
eap->last_id = last_id;
}
eap: Make eap_register_method public
2015-11-02 16:54:12 +01:00
int eap_register_method(struct eap_method *method)
eap: Add initial EAP API Adds eap.c/eap.h with the initial EAP API definitions. No actual EAP methods are added in this patch.
2015-10-30 11:12:13 +01:00
{
eap: add NULL checks 1. Enforce implementation of handle_request function 2. In case of unimplemented handle_retransmit try to use handle_request instead and rely on method specific mechanism to restart the conversation if necessary 3. Make method->free implementation unrequired
2018-01-23 20:42:44 +01:00
if (!method->handle_request)
return -EPERM;
eap: Add initial EAP API Adds eap.c/eap.h with the initial EAP API definitions. No actual EAP methods are added in this patch.
2015-10-30 11:12:13 +01:00
l_queue_push_head(eap_methods, method);
eap: Make eap_register_method public
2015-11-02 16:54:12 +01:00
return 0;
eap: Add initial EAP API Adds eap.c/eap.h with the initial EAP API definitions. No actual EAP methods are added in this patch.
2015-10-30 11:12:13 +01:00
}
eap: Add eap_unregister_method
2015-11-03 04:38:45 +01:00
int eap_unregister_method(struct eap_method *method)
{
bool r;
r = l_queue_remove(eap_methods, method);
if (r)
return 0;
return -ENOENT;
}
eap: remove mtu argument from eap_init This was refactored to set the mtu via __eap_set_config rather than passing the MTU into eap_init. This makes eap work in a similar fashion as eapol (i.e. __eapol_set_config). If __eap_set_config is not used, the MTU will be set to 1020, which is the same as previously passing 0 to eap_init.
2019-10-11 21:29:30 +02:00
void __eap_set_config(struct l_settings *config)
{
if (!l_settings_get_uint(config, "EAP", "mtu", &default_mtu))
default_mtu = 1400; /* on WiFi the real MTU is around 2304 */
}
eap: Add dynamic EAP method registration
2015-11-03 04:30:40 +01:00
static void __eap_method_enable(struct eap_method_desc *start,
struct eap_method_desc *stop)
{
eap: Fix whitespace
2017-04-19 00:29:09 +02:00
struct eap_method_desc *desc;
eap: Add dynamic EAP method registration
2015-11-03 04:30:40 +01:00
l_debug("");
if (start == NULL || stop == NULL)
return;
for (desc = start; desc < stop; desc++) {
if (!desc->init)
continue;
desc->init();
}
}
static void __eap_method_disable(struct eap_method_desc *start,
struct eap_method_desc *stop)
{
eap: Fix whitespace
2017-04-19 00:29:09 +02:00
struct eap_method_desc *desc;
eap: Implement EAP-TLS Add the EAP-TLS authentication method. Currently, all the credentials data is read from the provisioning file even though things like the private key passphrase should possibly be obtained from the dbus agent.
2015-10-30 11:12:15 +01:00
eap: Add dynamic EAP method registration
2015-11-03 04:30:40 +01:00
l_debug("");
if (start == NULL || stop == NULL)
return;
for (desc = start; desc < stop; desc++) {
if (!desc->exit)
continue;
desc->exit();
}
eap: Add initial EAP API Adds eap.c/eap.h with the initial EAP API definitions. No actual EAP methods are added in this patch.
2015-10-30 11:12:13 +01:00
}
eap: Add dynamic EAP method registration
2015-11-03 04:30:40 +01:00
extern struct eap_method_desc __start___eap[];
extern struct eap_method_desc __stop___eap[];
eap: utilize IWD_MODULE Converts eap into an IWD module.
2019-10-11 21:29:33 +02:00
int eap_init(void)
eap: Add dynamic EAP method registration
2015-11-03 04:30:40 +01:00
{
eap_methods = l_queue_new();
__eap_method_enable(__start___eap, __stop___eap);
eap: Load MTU settings from iwd.conf
2016-11-15 23:44:07 +01:00
/*
* RFC 3748, Section 3.1, [4], "Minimum MTU":
* EAP is capable of functioning on lower layers that
* provide an EAP MTU size of 1020 octets or greater.
*/
eap: remove mtu argument from eap_init This was refactored to set the mtu via __eap_set_config rather than passing the MTU into eap_init. This makes eap work in a similar fashion as eapol (i.e. __eapol_set_config). If __eap_set_config is not used, the MTU will be set to 1020, which is the same as previously passing 0 to eap_init.
2019-10-11 21:29:30 +02:00
if (default_mtu == 0)
eap: Load MTU settings from iwd.conf
2016-11-15 23:44:07 +01:00
default_mtu = 1020;
eap: utilize IWD_MODULE Converts eap into an IWD module.
2019-10-11 21:29:33 +02:00
return 0;
eap: Add dynamic EAP method registration
2015-11-03 04:30:40 +01:00
}
void eap_exit(void)
{
__eap_method_disable(__start___eap, __stop___eap);
eap: Add initial EAP API Adds eap.c/eap.h with the initial EAP API definitions. No actual EAP methods are added in this patch.
2015-10-30 11:12:13 +01:00
l_queue_destroy(eap_methods, NULL);
}
eap: utilize IWD_MODULE Converts eap into an IWD module.
2019-10-11 21:29:33 +02:00
IWD_MODULE(eap, eap_init, eap_exit);