Kernel
/
iwd
mirror of https://git.kernel.org/pub/scm/network/wireless/iwd.git
3
0
Fork 0
Code Releases Activity

eap: Simplify sending EAP method responses 

Replace the usage of eap_send_response() in the method implementations
with a new eap_method_respond that skips the redundant "type" parameter.
The new eap_send_packet is used inside eap_method_respond and will be
reused for sending request packets in authenticator side EAP methods.
This commit is contained in:
Andrew Zaborowski 2020-08-13 02:50:17 +02:00 committed by Denis Kenzior
parent 8a5861d3f5
commit c826dd0052
11 changed files with 59 additions and 56 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
src/eap-aka.c
View File

@ -206,7 +206,7 @@ static void check_milenage_cb(const uint8_t *res, const uint8_t *ck,
pos += eap_sim_add_attribute(pos, EAP_SIM_AT_AUTS, pos += eap_sim_add_attribute(pos, EAP_SIM_AT_AUTS,
EAP_SIM_PAD_NONE, auts, EAP_AKA_AUTS_LEN); EAP_SIM_PAD_NONE, auts, EAP_AKA_AUTS_LEN);
eap_send_response(eap, aka->type, response, 24); eap_method_respond(eap, response, 24);
return; return;
} }
@ -285,7 +285,7 @@ static void check_milenage_cb(const uint8_t *res, const uint8_t *ck,
l_free(aka->chal_pkt); l_free(aka->chal_pkt);
aka->chal_pkt = NULL; aka->chal_pkt = NULL;
eap_send_response(eap, aka->type, response, resp_len); eap_method_respond(eap, response, resp_len);
if (!aka->protected) { if (!aka->protected) {
eap_aka_finish(eap); eap_aka_finish(eap);
@ -536,7 +536,7 @@ static void handle_notification(struct eap_state *eap, const uint8_t *pkt,
return; return;
} }
eap_send_response(eap, aka->type, response, pos - response); eap_method_respond(eap, response, pos - response);
aka->state = EAP_AKA_STATE_SUCCESS; aka->state = EAP_AKA_STATE_SUCCESS;
@ -583,7 +583,7 @@ static void handle_identity(struct eap_state *eap, const uint8_t *pkt,
EAP_SIM_PAD_LENGTH, (uint8_t *)aka->identity, EAP_SIM_PAD_LENGTH, (uint8_t *)aka->identity,
strlen(aka->identity)); strlen(aka->identity));
eap_send_response(eap, aka->type, response, pos - response); eap_method_respond(eap, response, pos - response);
} }
static void eap_aka_handle_request(struct eap_state *eap, static void eap_aka_handle_request(struct eap_state *eap,

2
src/eap-gtc.c
View File

@ -64,7 +64,7 @@ static void eap_gtc_handle_request(struct eap_state *eap,
memcpy(response + 5, gtc->password, secret_len); memcpy(response + 5, gtc->password, secret_len);
eap_send_response(eap, EAP_TYPE_GTC, response, 5 + secret_len); eap_method_respond(eap, response, 5 + secret_len);
eap_method_success(eap); eap_method_success(eap);

3
src/eap-md5.c
View File

@ -79,8 +79,7 @@ static void eap_md5_handle_request(struct eap_state *eap,
l_checksum_get_digest(hash, response + 6, 16); l_checksum_get_digest(hash, response + 6, 16);
l_checksum_free(hash); l_checksum_free(hash);
eap_send_response(eap, EAP_TYPE_MD5_CHALLENGE, eap_method_respond(eap, response, sizeof(response));
response, sizeof(response));
/* We have no choice but to call it a success */ /* We have no choice but to call it a success */
eap_method_success(eap); eap_method_success(eap);

4
src/eap-mschapv2.c
View File

@ -253,7 +253,7 @@ static bool eap_mschapv2_send_response(struct eap_state *eap)
MSCHAPV2_CHAL_LEN); MSCHAPV2_CHAL_LEN);
memcpy(response->name, state->user, state->user_len); memcpy(response->name, state->user, state->user_len);
eap_send_response(eap, EAP_TYPE_MSCHAPV2, output, sizeof(output)); eap_method_respond(eap, output, sizeof(output));
return true; return true;
} }
@ -346,7 +346,7 @@ static void eap_mschapv2_handle_success(struct eap_state *eap,
eap_method_success(eap); eap_method_success(eap);
buffer[5] = MSCHAPV2_OP_SUCCESS; buffer[5] = MSCHAPV2_OP_SUCCESS;
eap_send_response(eap, EAP_TYPE_MSCHAPV2, buffer, sizeof(buffer)); eap_method_respond(eap, buffer, sizeof(buffer));
/* The eapol set_key_material only needs msk, and that's all we got */ /* The eapol set_key_material only needs msk, and that's all we got */
eap_set_key_material(eap, session_key, 32, NULL, 0, NULL, 0, NULL, 0); eap_set_key_material(eap, session_key, 32, NULL, 0, NULL, 0, NULL, 0);

5
src/eap-private.h
View File

@ -114,10 +114,6 @@ void *eap_get_data(struct eap_state *eap);
enum eap_type eap_get_method_type(struct eap_state *eap); enum eap_type eap_get_method_type(struct eap_state *eap);
const char *eap_get_method_name(struct eap_state *eap); const char *eap_get_method_name(struct eap_state *eap);
void eap_send_response(struct eap_state *eap,
enum eap_type request_type,
uint8_t *buf, size_t len);
void eap_set_key_material(struct eap_state *eap, void eap_set_key_material(struct eap_state *eap,
const uint8_t *msk_data, size_t msk_len, const uint8_t *msk_data, size_t msk_len,
const uint8_t *emsk_data, size_t emsk_len, const uint8_t *emsk_data, size_t emsk_len,
@ -126,6 +122,7 @@ void eap_set_key_material(struct eap_state *eap,
void eap_start_complete_timeout(struct eap_state *eap); void eap_start_complete_timeout(struct eap_state *eap);
void eap_method_respond(struct eap_state *eap, uint8_t *buf, size_t len);
bool eap_method_is_success(struct eap_state *eap); bool eap_method_is_success(struct eap_state *eap);
void eap_method_success(struct eap_state *eap); void eap_method_success(struct eap_state *eap);
void eap_method_error(struct eap_state *eap); void eap_method_error(struct eap_state *eap);

9
src/eap-pwd.c
View File

@ -194,7 +194,7 @@ static void eap_pwd_send_response(struct eap_state *eap,
/* packet will fit within mtu */ /* packet will fit within mtu */
if (len <= mtu) { if (len <= mtu) {
eap_send_response(eap, EAP_TYPE_PWD, pkt, len); eap_method_respond(eap, pkt, len);
return; return;
} }
@ -218,7 +218,7 @@ static void eap_pwd_send_response(struct eap_state *eap,
l_info("sending initial fragment, %zu bytes", mtu); l_info("sending initial fragment, %zu bytes", mtu);
eap_send_response(eap, EAP_TYPE_PWD, frag, mtu); eap_method_respond(eap, frag, mtu);
/* alloc/copy remainder of packet to frag buf */ /* alloc/copy remainder of packet to frag buf */
pwd->tx_frag_buf = l_malloc(pwd->tx_frag_remaining); pwd->tx_frag_buf = l_malloc(pwd->tx_frag_remaining);
@ -593,7 +593,7 @@ static void eap_pwd_send_ack(struct eap_state *eap)
buf[5] = pwd->state + 1; buf[5] = pwd->state + 1;
eap_send_response(eap, EAP_TYPE_PWD, buf, 6); eap_method_respond(eap, buf, 6);
} }
#define FRAG_BYTES(mtu, remaining) \ #define FRAG_BYTES(mtu, remaining) \
@ -631,8 +631,7 @@ static void eap_pwd_handle_request(struct eap_state *eap,
l_info("sending fragment, %d bytes", l_info("sending fragment, %d bytes",
frag_bytes + EAP_PWD_HDR_LEN); frag_bytes + EAP_PWD_HDR_LEN);
eap_send_response(eap, EAP_TYPE_PWD, frag, eap_method_respond(eap, frag, frag_bytes + EAP_PWD_HDR_LEN);
frag_bytes + EAP_PWD_HDR_LEN);
if (!pwd->tx_frag_remaining) { if (!pwd->tx_frag_remaining) {
/* done sending fragments, free */ /* done sending fragments, free */

6
src/eap-sim.c
View File

@ -290,7 +290,7 @@ static void handle_start(struct eap_state *eap, const uint8_t *pkt,
EAP_SIM_PAD_LENGTH, (uint8_t *)sim->identity, EAP_SIM_PAD_LENGTH, (uint8_t *)sim->identity,
strlen(sim->identity)); strlen(sim->identity));
eap_send_response(eap, EAP_TYPE_SIM, response, resp_len); eap_method_respond(eap, response, resp_len);
return; return;
@ -391,7 +391,7 @@ static void gsm_callback(const uint8_t *sres, const uint8_t *kc,
l_free(sim->chal_pkt); l_free(sim->chal_pkt);
sim->chal_pkt = NULL; sim->chal_pkt = NULL;
eap_send_response(eap, EAP_TYPE_SIM, response, resp_len); eap_method_respond(eap, response, resp_len);
if (!sim->protected) { if (!sim->protected) {
/* /*
@ -565,7 +565,7 @@ static void handle_notification(struct eap_state *eap, const uint8_t *pkt,
return; return;
} }
eap_send_response(eap, EAP_TYPE_SIM, response, pos - response); eap_method_respond(eap, response, pos - response);
sim->state = EAP_SIM_STATE_SUCCESS; sim->state = EAP_SIM_STATE_SUCCESS;
return; return;

7
src/eap-tls-common.c
View File

@ -332,7 +332,7 @@ static void eap_tls_send_fragment(struct eap_state *eap)
memcpy(buf + header_len, memcpy(buf + header_len,
eap_tls->tx_pdu_buf->data + eap_tls->tx_frag_offset, len); eap_tls->tx_pdu_buf->data + eap_tls->tx_frag_offset, len);
eap_send_response(eap, eap_get_method_type(eap), buf, header_len + len); eap_method_respond(eap, buf, header_len + len);
eap_tls->tx_frag_last_len = len; eap_tls->tx_frag_last_len = len;
} }
@ -389,7 +389,7 @@ static void eap_tls_send_response(struct eap_state *eap,
memcpy(buf + EAP_TLS_HEADER_LEN + extra, pdu, pdu_len); memcpy(buf + EAP_TLS_HEADER_LEN + extra, pdu, pdu_len);
eap_send_response(eap, eap_get_method_type(eap), buf, msg_len); eap_method_respond(eap, buf, msg_len);
l_free(buf); l_free(buf);
return; return;
} }
@ -409,8 +409,7 @@ void eap_tls_common_send_empty_response(struct eap_state *eap)
buf[EAP_TLS_HEADER_OCTET_FLAGS + position] = eap_tls->version_negotiated; buf[EAP_TLS_HEADER_OCTET_FLAGS + position] = eap_tls->version_negotiated;
eap_send_response(eap, eap_get_method_type(eap), buf, eap_method_respond(eap, buf, EAP_TLS_HEADER_LEN + position);
EAP_TLS_HEADER_LEN + position);
} }
static int eap_tls_init_request_assembly(struct eap_state *eap, static int eap_tls_init_request_assembly(struct eap_state *eap,

14
src/eap-wsc.c
View File

@ -339,7 +339,7 @@ static void eap_wsc_send_fragment(struct eap_state *eap)
} }
memcpy(buf + header_len, wsc->sent_pdu + wsc->tx_frag_offset, len); memcpy(buf + header_len, wsc->sent_pdu + wsc->tx_frag_offset, len);
eap_send_response(eap, EAP_TYPE_EXPANDED, buf, header_len + len); eap_method_respond(eap, buf, header_len + len);
wsc->tx_last_frag_len = len; wsc->tx_last_frag_len = len;
} }
@ -359,7 +359,7 @@ static void eap_wsc_send_response(struct eap_state *eap,
buf[13] = 0; buf[13] = 0;
memcpy(buf + EAP_WSC_HEADER_LEN, pdu, pdu_len); memcpy(buf + EAP_WSC_HEADER_LEN, pdu, pdu_len);
eap_send_response(eap, EAP_TYPE_EXPANDED, buf, msg_len); eap_method_respond(eap, buf, msg_len);
l_free(buf); l_free(buf);
return; return;
} }
@ -419,8 +419,7 @@ static void eap_wsc_send_nack(struct eap_state *eap,
buf[13] = 0; buf[13] = 0;
memcpy(buf + EAP_WSC_HEADER_LEN, pdu, pdu_len); memcpy(buf + EAP_WSC_HEADER_LEN, pdu, pdu_len);
eap_send_response(eap, EAP_TYPE_EXPANDED, buf, eap_method_respond(eap, buf, pdu_len + EAP_WSC_HEADER_LEN);
pdu_len + EAP_WSC_HEADER_LEN);
l_free(pdu); l_free(pdu);
} }
@ -446,8 +445,7 @@ static void eap_wsc_send_done(struct eap_state *eap)
buf[13] = 0; buf[13] = 0;
memcpy(buf + EAP_WSC_HEADER_LEN, pdu, pdu_len); memcpy(buf + EAP_WSC_HEADER_LEN, pdu, pdu_len);
eap_send_response(eap, EAP_TYPE_EXPANDED, buf, eap_method_respond(eap, buf, pdu_len + EAP_WSC_HEADER_LEN);
pdu_len + EAP_WSC_HEADER_LEN);
l_free(pdu); l_free(pdu);
} }
@ -458,7 +456,7 @@ static void eap_wsc_send_frag_ack(struct eap_state *eap)
buf[12] = WSC_OP_FRAG_ACK; buf[12] = WSC_OP_FRAG_ACK;
buf[13] = 0; buf[13] = 0;
eap_send_response(eap, EAP_TYPE_EXPANDED, buf, EAP_WSC_HEADER_LEN); eap_method_respond(eap, buf, EAP_WSC_HEADER_LEN);
} }
static void eap_wsc_handle_m8(struct eap_state *eap, static void eap_wsc_handle_m8(struct eap_state *eap,
@ -1123,7 +1121,7 @@ static void eap_wsc_handle_retransmit(struct eap_state *eap,
buf[13] = 0; buf[13] = 0;
memcpy(buf + EAP_WSC_HEADER_LEN, wsc->sent_pdu, wsc->sent_len); memcpy(buf + EAP_WSC_HEADER_LEN, wsc->sent_pdu, wsc->sent_len);
eap_send_response(eap, EAP_TYPE_EXPANDED, buf, msg_len); eap_method_respond(eap, buf, msg_len);
} }
} }

55
src/eap.c
View File

@ -149,29 +149,19 @@ const char *eap_get_identity(struct eap_state *eap)
return eap->identity; return eap->identity;
} }
/** static void eap_send_packet(struct eap_state *eap, enum eap_code code,
* eap_send_response: uint8_t id, uint8_t *buf, size_t len)
* @eap: EAP state
* @type: Type of response being sent
* @buf: Buffer to send
* @len: Size of the buffer
*
* Sends out a response to a received request. This method first fills the
* EAP header into the buffer based on the EAP type response being sent.
*
* If the response type is EAP_TYPE_EXPANDED, then the Vendor-Id and
* Vendor-Type fields are filled in based on contents of the eap_method
* associated with @eap.
*
* The buffer passed in MUST be at least 12 bytes long if @type is
* EAP_TYPE_EXPANDED and at least 5 bytes for other cases.
**/
void eap_send_response(struct eap_state *eap, enum eap_type type,
uint8_t *buf, size_t len)
{ {
buf[0] = EAP_CODE_RESPONSE; buf[0] = code;
buf[1] = eap->last_id; buf[1] = id;
l_put_be16(len, &buf[2]); l_put_be16(len, &buf[2]);
eap->tx_packet(buf, len, eap->user_data);
}
static void eap_send_response(struct eap_state *eap, enum eap_type type,
uint8_t *buf, size_t len)
{
buf[4] = type; buf[4] = type;
if (type == EAP_TYPE_EXPANDED) { if (type == EAP_TYPE_EXPANDED) {
@ -179,7 +169,28 @@ void eap_send_response(struct eap_state *eap, enum eap_type type,
l_put_be32(eap->method->vendor_type, buf + 8); l_put_be32(eap->method->vendor_type, buf + 8);
} }
eap->tx_packet(buf, len, eap->user_data); eap_send_packet(eap, EAP_CODE_RESPONSE, eap->last_id, buf, len);
}
/**
* eap_method_respond:
* @eap: EAP state
* @buf: Buffer to send
* @len: Size of the buffer
*
* Sends out a response to a received request. This method first fills
* the EAP header in the buffer based on the method's EAP type being
* sent.
*
* If the method uses an expanded type , then the Vendor-Id and
* Vendor-Type fields are filled in automatically.
*
* The buffer passed in MUST be at least 12 bytes long if method uses
* an expanded type and at least 5 bytes for other cases.
**/
void eap_method_respond(struct eap_state *eap, uint8_t *buf, size_t len)
{
eap_send_response(eap, eap->method->request_type, buf, len);
} }
static void eap_complete_timeout(struct l_timeout *timeout, void *user_data) static void eap_complete_timeout(struct l_timeout *timeout, void *user_data)

2
src/simutil.c
View File

@ -353,7 +353,7 @@ void eap_sim_client_error(struct eap_state *eap, enum eap_type type,
buf[9] = 1; buf[9] = 1;
l_put_be16(code, buf + 10); l_put_be16(code, buf + 10);
eap_send_response(eap, type, buf, 12); eap_method_respond(eap, buf, 12);
} }
size_t eap_sim_add_attribute(uint8_t *buf, enum eap_sim_at attr, size_t eap_sim_add_attribute(uint8_t *buf, enum eap_sim_at attr,