3
0
mirror of https://git.kernel.org/pub/scm/network/wireless/iwd.git synced 2024-11-29 05:39:24 +01:00

eapol: Store protocol version in eapol_sm

Instead of one global protocol_version, we now store it inside eapol_sm.
This allows us to use the same protocol version for our response as the
request from the authenticator.

For unit tests where we had protocol version mismatches, a new method is
introduced to explicitly set the protocol version to use.
This commit is contained in:
Denis Kenzior 2016-08-10 16:32:45 -05:00
parent 86ad3c4e03
commit 34a537652a
2 changed files with 22 additions and 13 deletions

View File

@ -48,7 +48,6 @@ eapol_install_tk_func_t install_tk = NULL;
eapol_install_gtk_func_t install_gtk = NULL; eapol_install_gtk_func_t install_gtk = NULL;
eapol_deauthenticate_func_t deauthenticate = NULL; eapol_deauthenticate_func_t deauthenticate = NULL;
eapol_rekey_offload_func_t rekey_offload = NULL; eapol_rekey_offload_func_t rekey_offload = NULL;
enum eapol_protocol_version protocol_version = EAPOL_PROTOCOL_VERSION_2004;
#define VERIFY_IS_ZERO(field) \ #define VERIFY_IS_ZERO(field) \
do { \ do { \
@ -587,6 +586,7 @@ struct eapol_key *eapol_create_gtk_2_of_2(
} }
struct eapol_sm { struct eapol_sm {
enum eapol_protocol_version protocol_version;
uint32_t ifindex; uint32_t ifindex;
uint8_t spa[6]; uint8_t spa[6];
uint8_t aa[6]; uint8_t aa[6];
@ -642,6 +642,12 @@ void eapol_sm_free(struct eapol_sm *sm)
eapol_sm_destroy(sm); eapol_sm_destroy(sm);
} }
void eapol_sm_set_protocol_version(struct eapol_sm *sm,
enum eapol_protocol_version protocol_version)
{
sm->protocol_version = protocol_version;
}
void eapol_sm_set_supplicant_address(struct eapol_sm *sm, const uint8_t *spa) void eapol_sm_set_supplicant_address(struct eapol_sm *sm, const uint8_t *spa)
{ {
memcpy(sm->spa, spa, sizeof(sm->spa)); memcpy(sm->spa, spa, sizeof(sm->spa));
@ -857,7 +863,7 @@ static void eapol_handle_ptk_1_of_4(uint32_t ifindex, struct eapol_sm *sm,
ptk, sizeof(sm->ptk), ptk, sizeof(sm->ptk),
use_sha256); use_sha256);
step2 = eapol_create_ptk_2_of_4(protocol_version, step2 = eapol_create_ptk_2_of_4(sm->protocol_version,
ek->key_descriptor_version, ek->key_descriptor_version,
sm->replay_counter, sm->replay_counter,
sm->snonce, sm->snonce,
@ -1185,7 +1191,7 @@ static void eapol_handle_ptk_3_of_4(uint32_t ifindex,
} else } else
gtk = NULL; gtk = NULL;
step4 = eapol_create_ptk_4_of_4(protocol_version, step4 = eapol_create_ptk_4_of_4(sm->protocol_version,
ek->key_descriptor_version, ek->key_descriptor_version,
sm->replay_counter, sm->wpa_ie); sm->replay_counter, sm->wpa_ie);
@ -1265,7 +1271,7 @@ static void eapol_handle_gtk_1_of_2(uint32_t ifindex,
} else } else
gtk_key_index = ek->wpa_key_id; gtk_key_index = ek->wpa_key_id;
step2 = eapol_create_gtk_2_of_2(protocol_version, step2 = eapol_create_gtk_2_of_2(sm->protocol_version,
ek->key_descriptor_version, ek->key_descriptor_version,
sm->replay_counter, sm->wpa_ie, sm->replay_counter, sm->wpa_ie,
ek->wpa_key_id); ek->wpa_key_id);
@ -1502,13 +1508,20 @@ static void eapol_rx_packet(struct eapol_sm *sm,
eh = (const struct eapol_header *) frame; eh = (const struct eapol_header *) frame;
if (eh->protocol_version != EAPOL_PROTOCOL_VERSION_2001 && switch (eh->protocol_version) {
eh->protocol_version != EAPOL_PROTOCOL_VERSION_2004) case EAPOL_PROTOCOL_VERSION_2001:
case EAPOL_PROTOCOL_VERSION_2004:
break;
default:
return; return;
}
if (len < (size_t) 4 + L_BE16_TO_CPU(eh->packet_len)) if (len < (size_t) 4 + L_BE16_TO_CPU(eh->packet_len))
return; return;
if (!sm->protocol_version)
sm->protocol_version = eh->protocol_version;
switch (eh->packet_type) { switch (eh->packet_type) {
case 0: /* EAPOL-EAP */ case 0: /* EAPOL-EAP */
if (!sm->eap) { if (!sm->eap) {
@ -1580,11 +1593,6 @@ void __eapol_set_get_nonce_func(eapol_get_nonce_func_t func)
get_nonce = func; get_nonce = func;
} }
void __eapol_set_protocol_version(enum eapol_protocol_version version)
{
protocol_version = version;
}
void __eapol_set_install_tk_func(eapol_install_tk_func_t func) void __eapol_set_install_tk_func(eapol_install_tk_func_t func)
{ {
install_tk = func; install_tk = func;
@ -1696,7 +1704,6 @@ void eapol_cancel(uint32_t ifindex)
bool eapol_init() bool eapol_init()
{ {
state_machines = l_queue_new(); state_machines = l_queue_new();
protocol_version = EAPOL_PROTOCOL_VERSION_2004;
get_nonce = eapol_get_nonce; get_nonce = eapol_get_nonce;
eap_init(); eap_init();

View File

@ -169,7 +169,6 @@ void __eapol_rx_packet(uint32_t ifindex, const uint8_t *spa, const uint8_t *aa,
void __eapol_set_tx_packet_func(eapol_tx_packet_func_t func); void __eapol_set_tx_packet_func(eapol_tx_packet_func_t func);
void __eapol_set_get_nonce_func(eapol_get_nonce_func_t func); void __eapol_set_get_nonce_func(eapol_get_nonce_func_t func);
void __eapol_set_protocol_version(enum eapol_protocol_version version);
void __eapol_set_install_tk_func(eapol_install_tk_func_t func); void __eapol_set_install_tk_func(eapol_install_tk_func_t func);
void __eapol_set_install_gtk_func(eapol_install_gtk_func_t func); void __eapol_set_install_gtk_func(eapol_install_gtk_func_t func);
void __eapol_set_deauthenticate_func(eapol_deauthenticate_func_t func); void __eapol_set_deauthenticate_func(eapol_deauthenticate_func_t func);
@ -180,6 +179,9 @@ void __eapol_update_replay_counter(uint32_t ifindex, const uint8_t *spa,
struct eapol_sm *eapol_sm_new(); struct eapol_sm *eapol_sm_new();
void eapol_sm_free(struct eapol_sm *sm); void eapol_sm_free(struct eapol_sm *sm);
void eapol_sm_set_protocol_version(struct eapol_sm *sm,
enum eapol_protocol_version protocol_version);
void eapol_sm_set_supplicant_address(struct eapol_sm *sm, const uint8_t *spa); void eapol_sm_set_supplicant_address(struct eapol_sm *sm, const uint8_t *spa);
void eapol_sm_set_authenticator_address(struct eapol_sm *sm, const uint8_t *aa); void eapol_sm_set_authenticator_address(struct eapol_sm *sm, const uint8_t *aa);
void eapol_sm_set_pmk(struct eapol_sm *sm, const uint8_t *pmk); void eapol_sm_set_pmk(struct eapol_sm *sm, const uint8_t *pmk);