LCOV - code coverage report
Current view: top level - src/eap_peer - eap.c (source / functions) Hit Total Coverage
Test: wpa_supplicant/hostapd combined for hwsim test run 1422976643 Lines: 1040 1257 82.7 %
Date: 2015-02-03 Functions: 96 102 94.1 %

          Line data    Source code
       1             : /*
       2             :  * EAP peer state machines (RFC 4137)
       3             :  * Copyright (c) 2004-2014, Jouni Malinen <j@w1.fi>
       4             :  *
       5             :  * This software may be distributed under the terms of the BSD license.
       6             :  * See README for more details.
       7             :  *
       8             :  * This file implements the Peer State Machine as defined in RFC 4137. The used
       9             :  * states and state transitions match mostly with the RFC. However, there are
      10             :  * couple of additional transitions for working around small issues noticed
      11             :  * during testing. These exceptions are explained in comments within the
      12             :  * functions in this file. The method functions, m.func(), are similar to the
      13             :  * ones used in RFC 4137, but some small changes have used here to optimize
      14             :  * operations and to add functionality needed for fast re-authentication
      15             :  * (session resumption).
      16             :  */
      17             : 
      18             : #include "includes.h"
      19             : 
      20             : #include "common.h"
      21             : #include "pcsc_funcs.h"
      22             : #include "state_machine.h"
      23             : #include "ext_password.h"
      24             : #include "crypto/crypto.h"
      25             : #include "crypto/tls.h"
      26             : #include "crypto/sha256.h"
      27             : #include "common/wpa_ctrl.h"
      28             : #include "eap_common/eap_wsc_common.h"
      29             : #include "eap_i.h"
      30             : #include "eap_config.h"
      31             : 
      32             : #define STATE_MACHINE_DATA struct eap_sm
      33             : #define STATE_MACHINE_DEBUG_PREFIX "EAP"
      34             : 
      35             : #define EAP_MAX_AUTH_ROUNDS 50
      36             : #define EAP_CLIENT_TIMEOUT_DEFAULT 60
      37             : 
      38             : 
      39             : static Boolean eap_sm_allowMethod(struct eap_sm *sm, int vendor,
      40             :                                   EapType method);
      41             : static struct wpabuf * eap_sm_buildNak(struct eap_sm *sm, int id);
      42             : static void eap_sm_processIdentity(struct eap_sm *sm,
      43             :                                    const struct wpabuf *req);
      44             : static void eap_sm_processNotify(struct eap_sm *sm, const struct wpabuf *req);
      45             : static struct wpabuf * eap_sm_buildNotify(int id);
      46             : static void eap_sm_parseEapReq(struct eap_sm *sm, const struct wpabuf *req);
      47             : #if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
      48             : static const char * eap_sm_method_state_txt(EapMethodState state);
      49             : static const char * eap_sm_decision_txt(EapDecision decision);
      50             : #endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
      51             : 
      52             : 
      53             : 
      54      329531 : static Boolean eapol_get_bool(struct eap_sm *sm, enum eapol_bool_var var)
      55             : {
      56      329531 :         return sm->eapol_cb->get_bool(sm->eapol_ctx, var);
      57             : }
      58             : 
      59             : 
      60       56981 : static void eapol_set_bool(struct eap_sm *sm, enum eapol_bool_var var,
      61             :                            Boolean value)
      62             : {
      63       56981 :         sm->eapol_cb->set_bool(sm->eapol_ctx, var, value);
      64       56981 : }
      65             : 
      66             : 
      67       52024 : static unsigned int eapol_get_int(struct eap_sm *sm, enum eapol_int_var var)
      68             : {
      69       52024 :         return sm->eapol_cb->get_int(sm->eapol_ctx, var);
      70             : }
      71             : 
      72             : 
      73       50033 : static void eapol_set_int(struct eap_sm *sm, enum eapol_int_var var,
      74             :                           unsigned int value)
      75             : {
      76       50033 :         sm->eapol_cb->set_int(sm->eapol_ctx, var, value);
      77       50033 : }
      78             : 
      79             : 
      80       11905 : static struct wpabuf * eapol_get_eapReqData(struct eap_sm *sm)
      81             : {
      82       11905 :         return sm->eapol_cb->get_eapReqData(sm->eapol_ctx);
      83             : }
      84             : 
      85             : 
      86        4222 : static void eap_notify_status(struct eap_sm *sm, const char *status,
      87             :                                       const char *parameter)
      88             : {
      89        4222 :         wpa_printf(MSG_DEBUG, "EAP: Status notification: %s (param=%s)",
      90             :                    status, parameter);
      91        4222 :         if (sm->eapol_cb->notify_status)
      92        4222 :                 sm->eapol_cb->notify_status(sm->eapol_ctx, status, parameter);
      93        4222 : }
      94             : 
      95             : 
      96       32703 : static void eap_sm_free_key(struct eap_sm *sm)
      97             : {
      98       32703 :         if (sm->eapKeyData) {
      99         733 :                 bin_clear_free(sm->eapKeyData, sm->eapKeyDataLen);
     100         733 :                 sm->eapKeyData = NULL;
     101             :         }
     102       32703 : }
     103             : 
     104             : 
     105       15557 : static void eap_deinit_prev_method(struct eap_sm *sm, const char *txt)
     106             : {
     107       15557 :         ext_password_free(sm->ext_pw_buf);
     108       15557 :         sm->ext_pw_buf = NULL;
     109             : 
     110       15557 :         if (sm->m == NULL || sm->eap_method_priv == NULL)
     111       29922 :                 return;
     112             : 
     113        2384 :         wpa_printf(MSG_DEBUG, "EAP: deinitialize previously used EAP method "
     114        2384 :                    "(%d, %s) at %s", sm->selectedMethod, sm->m->name, txt);
     115        1192 :         sm->m->deinit(sm, sm->eap_method_priv);
     116        1192 :         sm->eap_method_priv = NULL;
     117        1192 :         sm->m = NULL;
     118             : }
     119             : 
     120             : 
     121             : /**
     122             :  * eap_allowed_method - Check whether EAP method is allowed
     123             :  * @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
     124             :  * @vendor: Vendor-Id for expanded types or 0 = IETF for legacy types
     125             :  * @method: EAP type
     126             :  * Returns: 1 = allowed EAP method, 0 = not allowed
     127             :  */
     128        3495 : int eap_allowed_method(struct eap_sm *sm, int vendor, u32 method)
     129             : {
     130        3495 :         struct eap_peer_config *config = eap_get_config(sm);
     131             :         int i;
     132             :         struct eap_method_type *m;
     133             : 
     134        3495 :         if (config == NULL || config->eap_methods == NULL)
     135           0 :                 return 1;
     136             : 
     137        3495 :         m = config->eap_methods;
     138       14525 :         for (i = 0; m[i].vendor != EAP_VENDOR_IETF ||
     139        7535 :                      m[i].method != EAP_TYPE_NONE; i++) {
     140        3496 :                 if (m[i].vendor == vendor && m[i].method == method)
     141        1333 :                         return 1;
     142             :         }
     143        2162 :         return 0;
     144             : }
     145             : 
     146             : 
     147             : /*
     148             :  * This state initializes state machine variables when the machine is
     149             :  * activated (portEnabled = TRUE). This is also used when re-starting
     150             :  * authentication (eapRestart == TRUE).
     151             :  */
     152        2590 : SM_STATE(EAP, INITIALIZE)
     153             : {
     154        2590 :         SM_ENTRY(EAP, INITIALIZE);
     155        2671 :         if (sm->fast_reauth && sm->m && sm->m->has_reauth_data &&
     156         148 :             sm->m->has_reauth_data(sm, sm->eap_method_priv) &&
     157         134 :             !sm->prev_failure &&
     158          67 :             sm->last_config == eap_get_config(sm)) {
     159          61 :                 wpa_printf(MSG_DEBUG, "EAP: maintaining EAP method data for "
     160             :                            "fast reauthentication");
     161          61 :                 sm->m->deinit_for_reauth(sm, sm->eap_method_priv);
     162             :         } else {
     163        2529 :                 sm->last_config = eap_get_config(sm);
     164        2529 :                 eap_deinit_prev_method(sm, "INITIALIZE");
     165             :         }
     166        2590 :         sm->selectedMethod = EAP_TYPE_NONE;
     167        2590 :         sm->methodState = METHOD_NONE;
     168        2590 :         sm->allowNotifications = TRUE;
     169        2590 :         sm->decision = DECISION_FAIL;
     170        2590 :         sm->ClientTimeout = EAP_CLIENT_TIMEOUT_DEFAULT;
     171        2590 :         eapol_set_int(sm, EAPOL_idleWhile, sm->ClientTimeout);
     172        2590 :         eapol_set_bool(sm, EAPOL_eapSuccess, FALSE);
     173        2590 :         eapol_set_bool(sm, EAPOL_eapFail, FALSE);
     174        2590 :         eap_sm_free_key(sm);
     175        2590 :         os_free(sm->eapSessionId);
     176        2590 :         sm->eapSessionId = NULL;
     177        2590 :         sm->eapKeyAvailable = FALSE;
     178        2590 :         eapol_set_bool(sm, EAPOL_eapRestart, FALSE);
     179        2590 :         sm->lastId = -1; /* new session - make sure this does not match with
     180             :                           * the first EAP-Packet */
     181             :         /*
     182             :          * RFC 4137 does not reset eapResp and eapNoResp here. However, this
     183             :          * seemed to be able to trigger cases where both were set and if EAPOL
     184             :          * state machine uses eapNoResp first, it may end up not sending a real
     185             :          * reply correctly. This occurred when the workaround in FAIL state set
     186             :          * eapNoResp = TRUE.. Maybe that workaround needs to be fixed to do
     187             :          * something else(?)
     188             :          */
     189        2590 :         eapol_set_bool(sm, EAPOL_eapResp, FALSE);
     190        2590 :         eapol_set_bool(sm, EAPOL_eapNoResp, FALSE);
     191        2590 :         sm->num_rounds = 0;
     192        2590 :         sm->prev_failure = 0;
     193        2590 :         sm->expected_failure = 0;
     194        2590 :         sm->reauthInit = FALSE;
     195        2590 :         sm->erp_seq = (u32) -1;
     196        2590 : }
     197             : 
     198             : 
     199             : /*
     200             :  * This state is reached whenever service from the lower layer is interrupted
     201             :  * or unavailable (portEnabled == FALSE). Immediate transition to INITIALIZE
     202             :  * occurs when the port becomes enabled.
     203             :  */
     204       42097 : SM_STATE(EAP, DISABLED)
     205             : {
     206       42097 :         SM_ENTRY(EAP, DISABLED);
     207       42097 :         sm->num_rounds = 0;
     208             :         /*
     209             :          * RFC 4137 does not describe clearing of idleWhile here, but doing so
     210             :          * allows the timer tick to be stopped more quickly when EAP is not in
     211             :          * use.
     212             :          */
     213       42097 :         eapol_set_int(sm, EAPOL_idleWhile, 0);
     214       42097 : }
     215             : 
     216             : 
     217             : /*
     218             :  * The state machine spends most of its time here, waiting for something to
     219             :  * happen. This state is entered unconditionally from INITIALIZE, DISCARD, and
     220             :  * SEND_RESPONSE states.
     221             :  */
     222        8071 : SM_STATE(EAP, IDLE)
     223             : {
     224        8071 :         SM_ENTRY(EAP, IDLE);
     225        8071 : }
     226             : 
     227             : 
     228             : /*
     229             :  * This state is entered when an EAP packet is received (eapReq == TRUE) to
     230             :  * parse the packet header.
     231             :  */
     232        6581 : SM_STATE(EAP, RECEIVED)
     233             : {
     234             :         const struct wpabuf *eapReqData;
     235             : 
     236        6581 :         SM_ENTRY(EAP, RECEIVED);
     237        6581 :         eapReqData = eapol_get_eapReqData(sm);
     238             :         /* parse rxReq, rxSuccess, rxFailure, reqId, reqMethod */
     239        6581 :         eap_sm_parseEapReq(sm, eapReqData);
     240        6581 :         sm->num_rounds++;
     241        6581 : }
     242             : 
     243             : 
     244             : /*
     245             :  * This state is entered when a request for a new type comes in. Either the
     246             :  * correct method is started, or a Nak response is built.
     247             :  */
     248        1332 : SM_STATE(EAP, GET_METHOD)
     249             : {
     250             :         int reinit;
     251             :         EapType method;
     252             :         const struct eap_method *eap_method;
     253             : 
     254        1332 :         SM_ENTRY(EAP, GET_METHOD);
     255             : 
     256        1332 :         if (sm->reqMethod == EAP_TYPE_EXPANDED)
     257         287 :                 method = sm->reqVendorMethod;
     258             :         else
     259        1045 :                 method = sm->reqMethod;
     260             : 
     261        1332 :         eap_method = eap_peer_get_eap_method(sm->reqVendor, method);
     262             : 
     263        1332 :         if (!eap_sm_allowMethod(sm, sm->reqVendor, method)) {
     264          74 :                 wpa_printf(MSG_DEBUG, "EAP: vendor %u method %u not allowed",
     265             :                            sm->reqVendor, method);
     266          74 :                 wpa_msg(sm->msg_ctx, MSG_INFO, WPA_EVENT_EAP_PROPOSED_METHOD
     267             :                         "vendor=%u method=%u -> NAK",
     268             :                         sm->reqVendor, method);
     269          74 :                 eap_notify_status(sm, "refuse proposed method",
     270             :                                   eap_method ?  eap_method->name : "unknown");
     271          74 :                 goto nak;
     272             :         }
     273             : 
     274        1258 :         wpa_msg(sm->msg_ctx, MSG_INFO, WPA_EVENT_EAP_PROPOSED_METHOD
     275             :                 "vendor=%u method=%u", sm->reqVendor, method);
     276             : 
     277        1258 :         eap_notify_status(sm, "accept proposed method",
     278             :                           eap_method ?  eap_method->name : "unknown");
     279             :         /*
     280             :          * RFC 4137 does not define specific operation for fast
     281             :          * re-authentication (session resumption). The design here is to allow
     282             :          * the previously used method data to be maintained for
     283             :          * re-authentication if the method support session resumption.
     284             :          * Otherwise, the previously used method data is freed and a new method
     285             :          * is allocated here.
     286             :          */
     287        2516 :         if (sm->fast_reauth &&
     288        1348 :             sm->m && sm->m->vendor == sm->reqVendor &&
     289          90 :             sm->m->method == method &&
     290          90 :             sm->m->has_reauth_data &&
     291          45 :             sm->m->has_reauth_data(sm, sm->eap_method_priv)) {
     292          45 :                 wpa_printf(MSG_DEBUG, "EAP: Using previous method data"
     293             :                            " for fast re-authentication");
     294          45 :                 reinit = 1;
     295             :         } else {
     296        1213 :                 eap_deinit_prev_method(sm, "GET_METHOD");
     297        1213 :                 reinit = 0;
     298             :         }
     299             : 
     300        1258 :         sm->selectedMethod = sm->reqMethod;
     301        1258 :         if (sm->m == NULL)
     302        1213 :                 sm->m = eap_method;
     303        1258 :         if (!sm->m) {
     304           0 :                 wpa_printf(MSG_DEBUG, "EAP: Could not find selected method: "
     305             :                            "vendor %d method %d",
     306             :                            sm->reqVendor, method);
     307           0 :                 goto nak;
     308             :         }
     309             : 
     310        1258 :         sm->ClientTimeout = EAP_CLIENT_TIMEOUT_DEFAULT;
     311             : 
     312        1258 :         wpa_printf(MSG_DEBUG, "EAP: Initialize selected EAP method: "
     313             :                    "vendor %u method %u (%s)",
     314        1258 :                    sm->reqVendor, method, sm->m->name);
     315        1258 :         if (reinit)
     316          45 :                 sm->eap_method_priv = sm->m->init_for_reauth(
     317             :                         sm, sm->eap_method_priv);
     318             :         else
     319        1213 :                 sm->eap_method_priv = sm->m->init(sm);
     320             : 
     321        1258 :         if (sm->eap_method_priv == NULL) {
     322          21 :                 struct eap_peer_config *config = eap_get_config(sm);
     323          21 :                 wpa_msg(sm->msg_ctx, MSG_INFO,
     324             :                         "EAP: Failed to initialize EAP method: vendor %u "
     325             :                         "method %u (%s)",
     326          21 :                         sm->reqVendor, method, sm->m->name);
     327          21 :                 sm->m = NULL;
     328          21 :                 sm->methodState = METHOD_NONE;
     329          21 :                 sm->selectedMethod = EAP_TYPE_NONE;
     330          22 :                 if (sm->reqMethod == EAP_TYPE_TLS && config &&
     331           2 :                     (config->pending_req_pin ||
     332           1 :                      config->pending_req_passphrase)) {
     333             :                         /*
     334             :                          * Return without generating Nak in order to allow
     335             :                          * entering of PIN code or passphrase to retry the
     336             :                          * current EAP packet.
     337             :                          */
     338           1 :                         wpa_printf(MSG_DEBUG, "EAP: Pending PIN/passphrase "
     339             :                                    "request - skip Nak");
     340           1 :                         return;
     341             :                 }
     342             : 
     343          20 :                 goto nak;
     344             :         }
     345             : 
     346        1237 :         sm->methodState = METHOD_INIT;
     347        1237 :         wpa_msg(sm->msg_ctx, MSG_INFO, WPA_EVENT_EAP_METHOD
     348             :                 "EAP vendor %u method %u (%s) selected",
     349        1237 :                 sm->reqVendor, method, sm->m->name);
     350        1237 :         return;
     351             : 
     352             : nak:
     353          94 :         wpabuf_free(sm->eapRespData);
     354          94 :         sm->eapRespData = NULL;
     355          94 :         sm->eapRespData = eap_sm_buildNak(sm, sm->reqId);
     356             : }
     357             : 
     358             : 
     359             : #ifdef CONFIG_ERP
     360             : 
     361          57 : static char * eap_home_realm(struct eap_sm *sm)
     362             : {
     363          57 :         struct eap_peer_config *config = eap_get_config(sm);
     364             :         char *realm;
     365             :         size_t i, realm_len;
     366             : 
     367          57 :         if (!config)
     368           0 :                 return NULL;
     369             : 
     370          57 :         if (config->identity) {
     371         582 :                 for (i = 0; i < config->identity_len; i++) {
     372         582 :                         if (config->identity[i] == '@')
     373          57 :                                 break;
     374             :                 }
     375          57 :                 if (i < config->identity_len) {
     376          57 :                         realm_len = config->identity_len - i - 1;
     377          57 :                         realm = os_malloc(realm_len + 1);
     378          57 :                         if (realm == NULL)
     379           0 :                                 return NULL;
     380          57 :                         os_memcpy(realm, &config->identity[i + 1], realm_len);
     381          57 :                         realm[realm_len] = '\0';
     382          57 :                         return realm;
     383             :                 }
     384             :         }
     385             : 
     386           0 :         if (config->anonymous_identity) {
     387           0 :                 for (i = 0; i < config->anonymous_identity_len; i++) {
     388           0 :                         if (config->anonymous_identity[i] == '@')
     389           0 :                                 break;
     390             :                 }
     391           0 :                 if (i < config->anonymous_identity_len) {
     392           0 :                         realm_len = config->anonymous_identity_len - i - 1;
     393           0 :                         realm = os_malloc(realm_len + 1);
     394           0 :                         if (realm == NULL)
     395           0 :                                 return NULL;
     396           0 :                         os_memcpy(realm, &config->anonymous_identity[i + 1],
     397             :                                   realm_len);
     398           0 :                         realm[realm_len] = '\0';
     399           0 :                         return realm;
     400             :                 }
     401             :         }
     402             : 
     403           0 :         return os_strdup("");
     404             : }
     405             : 
     406             : 
     407             : static struct eap_erp_key *
     408          58 : eap_erp_get_key(struct eap_sm *sm, const char *realm)
     409             : {
     410             :         struct eap_erp_key *erp;
     411             : 
     412          58 :         dl_list_for_each(erp, &sm->erp_keys, struct eap_erp_key, list) {
     413             :                 char *pos;
     414             : 
     415          21 :                 pos = os_strchr(erp->keyname_nai, '@');
     416          21 :                 if (!pos)
     417           0 :                         continue;
     418          21 :                 pos++;
     419          21 :                 if (os_strcmp(pos, realm) == 0)
     420          21 :                         return erp;
     421             :         }
     422             : 
     423          37 :         return NULL;
     424             : }
     425             : 
     426             : 
     427             : static struct eap_erp_key *
     428          20 : eap_erp_get_key_nai(struct eap_sm *sm, const char *nai)
     429             : {
     430             :         struct eap_erp_key *erp;
     431             : 
     432          20 :         dl_list_for_each(erp, &sm->erp_keys, struct eap_erp_key, list) {
     433          20 :                 if (os_strcmp(erp->keyname_nai, nai) == 0)
     434          20 :                         return erp;
     435             :         }
     436             : 
     437           0 :         return NULL;
     438             : }
     439             : 
     440             : 
     441          18 : static void eap_peer_erp_free_key(struct eap_erp_key *erp)
     442             : {
     443          18 :         dl_list_del(&erp->list);
     444          18 :         bin_clear_free(erp, sizeof(*erp));
     445          18 : }
     446             : 
     447             : 
     448          18 : static void eap_erp_remove_keys_realm(struct eap_sm *sm, const char *realm)
     449             : {
     450             :         struct eap_erp_key *erp;
     451             : 
     452          37 :         while ((erp = eap_erp_get_key(sm, realm)) != NULL) {
     453           1 :                 wpa_printf(MSG_DEBUG, "EAP: Delete old ERP key %s",
     454           1 :                            erp->keyname_nai);
     455           1 :                 eap_peer_erp_free_key(erp);
     456             :         }
     457          18 : }
     458             : 
     459             : #endif /* CONFIG_ERP */
     460             : 
     461             : 
     462         221 : void eap_peer_erp_free_keys(struct eap_sm *sm)
     463             : {
     464             : #ifdef CONFIG_ERP
     465             :         struct eap_erp_key *erp, *tmp;
     466             : 
     467         237 :         dl_list_for_each_safe(erp, tmp, &sm->erp_keys, struct eap_erp_key, list)
     468          16 :                 eap_peer_erp_free_key(erp);
     469             : #endif /* CONFIG_ERP */
     470         221 : }
     471             : 
     472             : 
     473          18 : static void eap_peer_erp_init(struct eap_sm *sm)
     474             : {
     475             : #ifdef CONFIG_ERP
     476          18 :         u8 *emsk = NULL;
     477          18 :         size_t emsk_len = 0;
     478             :         u8 EMSKname[EAP_EMSK_NAME_LEN];
     479             :         u8 len[2];
     480             :         char *realm;
     481             :         size_t realm_len, nai_buf_len;
     482          18 :         struct eap_erp_key *erp = NULL;
     483             :         int pos;
     484             : 
     485          18 :         realm = eap_home_realm(sm);
     486          18 :         if (!realm)
     487          18 :                 return;
     488          18 :         realm_len = os_strlen(realm);
     489          18 :         wpa_printf(MSG_DEBUG, "EAP: Realm for ERP keyName-NAI: %s", realm);
     490          18 :         eap_erp_remove_keys_realm(sm, realm);
     491             : 
     492          18 :         nai_buf_len = 2 * EAP_EMSK_NAME_LEN + 1 + realm_len;
     493          18 :         if (nai_buf_len > 253) {
     494             :                 /*
     495             :                  * keyName-NAI has a maximum length of 253 octet to fit in
     496             :                  * RADIUS attributes.
     497             :                  */
     498           0 :                 wpa_printf(MSG_DEBUG,
     499             :                            "EAP: Too long realm for ERP keyName-NAI maximum length");
     500           0 :                 goto fail;
     501             :         }
     502          18 :         nai_buf_len++; /* null termination */
     503          18 :         erp = os_zalloc(sizeof(*erp) + nai_buf_len);
     504          18 :         if (erp == NULL)
     505           0 :                 goto fail;
     506             : 
     507          18 :         emsk = sm->m->get_emsk(sm, sm->eap_method_priv, &emsk_len);
     508          18 :         if (!emsk || emsk_len == 0 || emsk_len > ERP_MAX_KEY_LEN) {
     509           0 :                 wpa_printf(MSG_DEBUG,
     510             :                            "EAP: No suitable EMSK available for ERP");
     511           0 :                 goto fail;
     512             :         }
     513             : 
     514          18 :         wpa_hexdump_key(MSG_DEBUG, "EAP: EMSK", emsk, emsk_len);
     515             : 
     516          18 :         WPA_PUT_BE16(len, 8);
     517          18 :         if (hmac_sha256_kdf(sm->eapSessionId, sm->eapSessionIdLen, "EMSK",
     518             :                             len, sizeof(len),
     519             :                             EMSKname, EAP_EMSK_NAME_LEN) < 0) {
     520           0 :                 wpa_printf(MSG_DEBUG, "EAP: Could not derive EMSKname");
     521           0 :                 goto fail;
     522             :         }
     523          18 :         wpa_hexdump(MSG_DEBUG, "EAP: EMSKname", EMSKname, EAP_EMSK_NAME_LEN);
     524             : 
     525          18 :         pos = wpa_snprintf_hex(erp->keyname_nai, nai_buf_len,
     526             :                                EMSKname, EAP_EMSK_NAME_LEN);
     527          18 :         erp->keyname_nai[pos] = '@';
     528          18 :         os_memcpy(&erp->keyname_nai[pos + 1], realm, realm_len);
     529             : 
     530          18 :         WPA_PUT_BE16(len, emsk_len);
     531          36 :         if (hmac_sha256_kdf(emsk, emsk_len,
     532             :                             "EAP Re-authentication Root Key@ietf.org",
     533          18 :                             len, sizeof(len), erp->rRK, emsk_len) < 0) {
     534           0 :                 wpa_printf(MSG_DEBUG, "EAP: Could not derive rRK for ERP");
     535           0 :                 goto fail;
     536             :         }
     537          18 :         erp->rRK_len = emsk_len;
     538          18 :         wpa_hexdump_key(MSG_DEBUG, "EAP: ERP rRK", erp->rRK, erp->rRK_len);
     539             : 
     540          36 :         if (hmac_sha256_kdf(erp->rRK, erp->rRK_len,
     541             :                             "EAP Re-authentication Integrity Key@ietf.org",
     542          18 :                             len, sizeof(len), erp->rIK, erp->rRK_len) < 0) {
     543           0 :                 wpa_printf(MSG_DEBUG, "EAP: Could not derive rIK for ERP");
     544           0 :                 goto fail;
     545             :         }
     546          18 :         erp->rIK_len = erp->rRK_len;
     547          18 :         wpa_hexdump_key(MSG_DEBUG, "EAP: ERP rIK", erp->rIK, erp->rIK_len);
     548             : 
     549          18 :         wpa_printf(MSG_DEBUG, "EAP: Stored ERP keys %s", erp->keyname_nai);
     550          18 :         dl_list_add(&sm->erp_keys, &erp->list);
     551          18 :         erp = NULL;
     552             : fail:
     553          18 :         bin_clear_free(emsk, emsk_len);
     554          18 :         bin_clear_free(erp, sizeof(*erp));
     555          18 :         os_free(realm);
     556             : #endif /* CONFIG_ERP */
     557             : }
     558             : 
     559             : 
     560             : #ifdef CONFIG_ERP
     561          39 : static int eap_peer_erp_reauth_start(struct eap_sm *sm,
     562             :                                      const struct eap_hdr *hdr, size_t len)
     563             : {
     564             :         char *realm;
     565             :         struct eap_erp_key *erp;
     566             :         struct wpabuf *msg;
     567             :         u8 hash[SHA256_MAC_LEN];
     568             : 
     569          39 :         realm = eap_home_realm(sm);
     570          39 :         if (!realm)
     571           0 :                 return -1;
     572             : 
     573          39 :         erp = eap_erp_get_key(sm, realm);
     574          39 :         os_free(realm);
     575          39 :         realm = NULL;
     576          39 :         if (!erp)
     577          19 :                 return -1;
     578             : 
     579          20 :         if (erp->next_seq >= 65536)
     580           0 :                 return -1; /* SEQ has range of 0..65535 */
     581             : 
     582             :         /* TODO: check rRK lifetime expiration */
     583             : 
     584          40 :         wpa_printf(MSG_DEBUG, "EAP: Valid ERP key found %s (SEQ=%u)",
     585          20 :                    erp->keyname_nai, erp->next_seq);
     586             : 
     587          40 :         msg = eap_msg_alloc(EAP_VENDOR_IETF, EAP_ERP_TYPE_REAUTH,
     588          20 :                             1 + 2 + 2 + os_strlen(erp->keyname_nai) + 1 + 16,
     589          20 :                             EAP_CODE_INITIATE, hdr->identifier);
     590          20 :         if (msg == NULL)
     591           0 :                 return -1;
     592             : 
     593          20 :         wpabuf_put_u8(msg, 0x20); /* Flags: R=0 B=0 L=1 */
     594          20 :         wpabuf_put_be16(msg, erp->next_seq);
     595             : 
     596          20 :         wpabuf_put_u8(msg, EAP_ERP_TLV_KEYNAME_NAI);
     597          20 :         wpabuf_put_u8(msg, os_strlen(erp->keyname_nai));
     598          20 :         wpabuf_put_str(msg, erp->keyname_nai);
     599             : 
     600          20 :         wpabuf_put_u8(msg, EAP_ERP_CS_HMAC_SHA256_128); /* Cryptosuite */
     601             : 
     602          40 :         if (hmac_sha256(erp->rIK, erp->rIK_len,
     603          20 :                         wpabuf_head(msg), wpabuf_len(msg), hash) < 0) {
     604           0 :                 wpabuf_free(msg);
     605           0 :                 return -1;
     606             :         }
     607          20 :         wpabuf_put_data(msg, hash, 16);
     608             : 
     609          20 :         wpa_printf(MSG_DEBUG, "EAP: Sending EAP-Initiate/Re-auth");
     610          20 :         sm->erp_seq = erp->next_seq;
     611          20 :         erp->next_seq++;
     612          20 :         wpabuf_free(sm->eapRespData);
     613          20 :         sm->eapRespData = msg;
     614          20 :         sm->reauthInit = TRUE;
     615          20 :         return 0;
     616             : }
     617             : #endif /* CONFIG_ERP */
     618             : 
     619             : 
     620             : /*
     621             :  * The method processing happens here. The request from the authenticator is
     622             :  * processed, and an appropriate response packet is built.
     623             :  */
     624        4044 : SM_STATE(EAP, METHOD)
     625             : {
     626             :         struct wpabuf *eapReqData;
     627             :         struct eap_method_ret ret;
     628        4044 :         int min_len = 1;
     629             : 
     630        4044 :         SM_ENTRY(EAP, METHOD);
     631        4044 :         if (sm->m == NULL) {
     632           0 :                 wpa_printf(MSG_WARNING, "EAP::METHOD - method not selected");
     633           0 :                 return;
     634             :         }
     635             : 
     636        4044 :         eapReqData = eapol_get_eapReqData(sm);
     637        4044 :         if (sm->m->vendor == EAP_VENDOR_IETF && sm->m->method == EAP_TYPE_LEAP)
     638          19 :                 min_len = 0; /* LEAP uses EAP-Success without payload */
     639        4044 :         if (!eap_hdr_len_valid(eapReqData, min_len))
     640           0 :                 return;
     641             : 
     642             :         /*
     643             :          * Get ignore, methodState, decision, allowNotifications, and
     644             :          * eapRespData. RFC 4137 uses three separate method procedure (check,
     645             :          * process, and buildResp) in this state. These have been combined into
     646             :          * a single function call to m->process() in order to optimize EAP
     647             :          * method implementation interface a bit. These procedures are only
     648             :          * used from within this METHOD state, so there is no need to keep
     649             :          * these as separate C functions.
     650             :          *
     651             :          * The RFC 4137 procedures return values as follows:
     652             :          * ignore = m.check(eapReqData)
     653             :          * (methodState, decision, allowNotifications) = m.process(eapReqData)
     654             :          * eapRespData = m.buildResp(reqId)
     655             :          */
     656        4044 :         os_memset(&ret, 0, sizeof(ret));
     657        4044 :         ret.ignore = sm->ignore;
     658        4044 :         ret.methodState = sm->methodState;
     659        4044 :         ret.decision = sm->decision;
     660        4044 :         ret.allowNotifications = sm->allowNotifications;
     661        4044 :         wpabuf_free(sm->eapRespData);
     662        4044 :         sm->eapRespData = NULL;
     663        4044 :         sm->eapRespData = sm->m->process(sm, sm->eap_method_priv, &ret,
     664             :                                          eapReqData);
     665        8088 :         wpa_printf(MSG_DEBUG, "EAP: method process -> ignore=%s "
     666             :                    "methodState=%s decision=%s eapRespData=%p",
     667        4044 :                    ret.ignore ? "TRUE" : "FALSE",
     668             :                    eap_sm_method_state_txt(ret.methodState),
     669             :                    eap_sm_decision_txt(ret.decision),
     670             :                    sm->eapRespData);
     671             : 
     672        4044 :         sm->ignore = ret.ignore;
     673        4044 :         if (sm->ignore)
     674          92 :                 return;
     675        3952 :         sm->methodState = ret.methodState;
     676        3952 :         sm->decision = ret.decision;
     677        3952 :         sm->allowNotifications = ret.allowNotifications;
     678             : 
     679        6562 :         if (sm->m->isKeyAvailable && sm->m->getKey &&
     680        2610 :             sm->m->isKeyAvailable(sm, sm->eap_method_priv)) {
     681         714 :                 struct eap_peer_config *config = eap_get_config(sm);
     682             : 
     683         714 :                 eap_sm_free_key(sm);
     684         714 :                 sm->eapKeyData = sm->m->getKey(sm, sm->eap_method_priv,
     685             :                                                &sm->eapKeyDataLen);
     686         714 :                 os_free(sm->eapSessionId);
     687         714 :                 sm->eapSessionId = NULL;
     688         714 :                 if (sm->m->getSessionId) {
     689         700 :                         sm->eapSessionId = sm->m->getSessionId(
     690             :                                 sm, sm->eap_method_priv,
     691             :                                 &sm->eapSessionIdLen);
     692        1400 :                         wpa_hexdump(MSG_DEBUG, "EAP: Session-Id",
     693         700 :                                     sm->eapSessionId, sm->eapSessionIdLen);
     694             :                 }
     695         714 :                 if (config->erp && sm->m->get_emsk && sm->eapSessionId)
     696          18 :                         eap_peer_erp_init(sm);
     697             :         }
     698             : }
     699             : 
     700             : 
     701             : /*
     702             :  * This state signals the lower layer that a response packet is ready to be
     703             :  * sent.
     704             :  */
     705        5346 : SM_STATE(EAP, SEND_RESPONSE)
     706             : {
     707        5346 :         SM_ENTRY(EAP, SEND_RESPONSE);
     708        5346 :         wpabuf_free(sm->lastRespData);
     709        5346 :         if (sm->eapRespData) {
     710        5289 :                 if (sm->workaround)
     711        5289 :                         os_memcpy(sm->last_md5, sm->req_md5, 16);
     712        5289 :                 sm->lastId = sm->reqId;
     713        5289 :                 sm->lastRespData = wpabuf_dup(sm->eapRespData);
     714        5289 :                 eapol_set_bool(sm, EAPOL_eapResp, TRUE);
     715             :         } else {
     716          57 :                 wpa_printf(MSG_DEBUG, "EAP: No eapRespData available");
     717          57 :                 sm->lastRespData = NULL;
     718             :         }
     719        5346 :         eapol_set_bool(sm, EAPOL_eapReq, FALSE);
     720        5346 :         eapol_set_int(sm, EAPOL_idleWhile, sm->ClientTimeout);
     721        5346 :         sm->reauthInit = FALSE;
     722        5346 : }
     723             : 
     724             : 
     725             : /*
     726             :  * This state signals the lower layer that the request was discarded, and no
     727             :  * response packet will be sent at this time.
     728             :  */
     729         135 : SM_STATE(EAP, DISCARD)
     730             : {
     731         135 :         SM_ENTRY(EAP, DISCARD);
     732         135 :         eapol_set_bool(sm, EAPOL_eapReq, FALSE);
     733         135 :         eapol_set_bool(sm, EAPOL_eapNoResp, TRUE);
     734         135 : }
     735             : 
     736             : 
     737             : /*
     738             :  * Handles requests for Identity method and builds a response.
     739             :  */
     740        1274 : SM_STATE(EAP, IDENTITY)
     741             : {
     742             :         const struct wpabuf *eapReqData;
     743             : 
     744        1274 :         SM_ENTRY(EAP, IDENTITY);
     745        1274 :         eapReqData = eapol_get_eapReqData(sm);
     746        1274 :         if (!eap_hdr_len_valid(eapReqData, 1))
     747        1274 :                 return;
     748        1274 :         eap_sm_processIdentity(sm, eapReqData);
     749        1274 :         wpabuf_free(sm->eapRespData);
     750        1274 :         sm->eapRespData = NULL;
     751        1274 :         sm->eapRespData = eap_sm_buildIdentity(sm, sm->reqId, 0);
     752             : }
     753             : 
     754             : 
     755             : /*
     756             :  * Handles requests for Notification method and builds a response.
     757             :  */
     758           6 : SM_STATE(EAP, NOTIFICATION)
     759             : {
     760             :         const struct wpabuf *eapReqData;
     761             : 
     762           6 :         SM_ENTRY(EAP, NOTIFICATION);
     763           6 :         eapReqData = eapol_get_eapReqData(sm);
     764           6 :         if (!eap_hdr_len_valid(eapReqData, 1))
     765           6 :                 return;
     766           6 :         eap_sm_processNotify(sm, eapReqData);
     767           6 :         wpabuf_free(sm->eapRespData);
     768           6 :         sm->eapRespData = NULL;
     769           6 :         sm->eapRespData = eap_sm_buildNotify(sm->reqId);
     770             : }
     771             : 
     772             : 
     773             : /*
     774             :  * This state retransmits the previous response packet.
     775             :  */
     776          15 : SM_STATE(EAP, RETRANSMIT)
     777             : {
     778          15 :         SM_ENTRY(EAP, RETRANSMIT);
     779          15 :         wpabuf_free(sm->eapRespData);
     780          15 :         if (sm->lastRespData)
     781          15 :                 sm->eapRespData = wpabuf_dup(sm->lastRespData);
     782             :         else
     783           0 :                 sm->eapRespData = NULL;
     784          15 : }
     785             : 
     786             : 
     787             : /*
     788             :  * This state is entered in case of a successful completion of authentication
     789             :  * and state machine waits here until port is disabled or EAP authentication is
     790             :  * restarted.
     791             :  */
     792         602 : SM_STATE(EAP, SUCCESS)
     793             : {
     794         602 :         SM_ENTRY(EAP, SUCCESS);
     795         602 :         if (sm->eapKeyData != NULL)
     796         596 :                 sm->eapKeyAvailable = TRUE;
     797         602 :         eapol_set_bool(sm, EAPOL_eapSuccess, TRUE);
     798             : 
     799             :         /*
     800             :          * RFC 4137 does not clear eapReq here, but this seems to be required
     801             :          * to avoid processing the same request twice when state machine is
     802             :          * initialized.
     803             :          */
     804         602 :         eapol_set_bool(sm, EAPOL_eapReq, FALSE);
     805             : 
     806             :         /*
     807             :          * RFC 4137 does not set eapNoResp here, but this seems to be required
     808             :          * to get EAPOL Supplicant backend state machine into SUCCESS state. In
     809             :          * addition, either eapResp or eapNoResp is required to be set after
     810             :          * processing the received EAP frame.
     811             :          */
     812         602 :         eapol_set_bool(sm, EAPOL_eapNoResp, TRUE);
     813             : 
     814         602 :         wpa_msg(sm->msg_ctx, MSG_INFO, WPA_EVENT_EAP_SUCCESS
     815             :                 "EAP authentication completed successfully");
     816         602 : }
     817             : 
     818             : 
     819             : /*
     820             :  * This state is entered in case of a failure and state machine waits here
     821             :  * until port is disabled or EAP authentication is restarted.
     822             :  */
     823         499 : SM_STATE(EAP, FAILURE)
     824             : {
     825         499 :         SM_ENTRY(EAP, FAILURE);
     826         499 :         eapol_set_bool(sm, EAPOL_eapFail, TRUE);
     827             : 
     828             :         /*
     829             :          * RFC 4137 does not clear eapReq here, but this seems to be required
     830             :          * to avoid processing the same request twice when state machine is
     831             :          * initialized.
     832             :          */
     833         499 :         eapol_set_bool(sm, EAPOL_eapReq, FALSE);
     834             : 
     835             :         /*
     836             :          * RFC 4137 does not set eapNoResp here. However, either eapResp or
     837             :          * eapNoResp is required to be set after processing the received EAP
     838             :          * frame.
     839             :          */
     840         499 :         eapol_set_bool(sm, EAPOL_eapNoResp, TRUE);
     841             : 
     842         499 :         wpa_msg(sm->msg_ctx, MSG_INFO, WPA_EVENT_EAP_FAILURE
     843             :                 "EAP authentication failed");
     844             : 
     845         499 :         sm->prev_failure = 1;
     846         499 : }
     847             : 
     848             : 
     849         110 : static int eap_success_workaround(struct eap_sm *sm, int reqId, int lastId)
     850             : {
     851             :         /*
     852             :          * At least Microsoft IAS and Meetinghouse Aegis seem to be sending
     853             :          * EAP-Success/Failure with lastId + 1 even though RFC 3748 and
     854             :          * RFC 4137 require that reqId == lastId. In addition, it looks like
     855             :          * Ringmaster v2.1.2.0 would be using lastId + 2 in EAP-Success.
     856             :          *
     857             :          * Accept this kind of Id if EAP workarounds are enabled. These are
     858             :          * unauthenticated plaintext messages, so this should have minimal
     859             :          * security implications (bit easier to fake EAP-Success/Failure).
     860             :          */
     861         114 :         if (sm->workaround && (reqId == ((lastId + 1) & 0xff) ||
     862           4 :                                reqId == ((lastId + 2) & 0xff))) {
     863         107 :                 wpa_printf(MSG_DEBUG, "EAP: Workaround for unexpected "
     864             :                            "identifier field in EAP Success: "
     865             :                            "reqId=%d lastId=%d (these are supposed to be "
     866             :                            "same)", reqId, lastId);
     867         107 :                 return 1;
     868             :         }
     869           3 :         wpa_printf(MSG_DEBUG, "EAP: EAP-Success Id mismatch - reqId=%d "
     870             :                    "lastId=%d", reqId, lastId);
     871           3 :         return 0;
     872             : }
     873             : 
     874             : 
     875             : /*
     876             :  * RFC 4137 - Appendix A.1: EAP Peer State Machine - State transitions
     877             :  */
     878             : 
     879       32593 : static void eap_peer_sm_step_idle(struct eap_sm *sm)
     880             : {
     881             :         /*
     882             :          * The first three transitions are from RFC 4137. The last two are
     883             :          * local additions to handle special cases with LEAP and PEAP server
     884             :          * not sending EAP-Success in some cases.
     885             :          */
     886       32593 :         if (eapol_get_bool(sm, EAPOL_eapReq))
     887        6581 :                 SM_ENTER(EAP, RECEIVED);
     888       26012 :         else if ((eapol_get_bool(sm, EAPOL_altAccept) &&
     889       26012 :                   sm->decision != DECISION_FAIL) ||
     890       26012 :                  (eapol_get_int(sm, EAPOL_idleWhile) == 0 &&
     891           0 :                   sm->decision == DECISION_UNCOND_SUCC))
     892           0 :                 SM_ENTER(EAP, SUCCESS);
     893       52024 :         else if (eapol_get_bool(sm, EAPOL_altReject) ||
     894       26012 :                  (eapol_get_int(sm, EAPOL_idleWhile) == 0 &&
     895       26012 :                   sm->decision != DECISION_UNCOND_SUCC) ||
     896       26012 :                  (eapol_get_bool(sm, EAPOL_altAccept) &&
     897           0 :                   sm->methodState != METHOD_CONT &&
     898           0 :                   sm->decision == DECISION_FAIL))
     899           0 :                 SM_ENTER(EAP, FAILURE);
     900       26074 :         else if (sm->selectedMethod == EAP_TYPE_LEAP &&
     901          64 :                  sm->leap_done && sm->decision != DECISION_FAIL &&
     902           1 :                  sm->methodState == METHOD_DONE)
     903           1 :                 SM_ENTER(EAP, SUCCESS);
     904       27157 :         else if (sm->selectedMethod == EAP_TYPE_PEAP &&
     905        1146 :                  sm->peap_done && sm->decision != DECISION_FAIL &&
     906           0 :                  sm->methodState == METHOD_DONE)
     907           0 :                 SM_ENTER(EAP, SUCCESS);
     908       32593 : }
     909             : 
     910             : 
     911        6580 : static int eap_peer_req_is_duplicate(struct eap_sm *sm)
     912             : {
     913             :         int duplicate;
     914             : 
     915        6580 :         duplicate = (sm->reqId == sm->lastId) && sm->rxReq;
     916        6598 :         if (sm->workaround && duplicate &&
     917          18 :             os_memcmp(sm->req_md5, sm->last_md5, 16) != 0) {
     918             :                 /*
     919             :                  * RFC 4137 uses (reqId == lastId) as the only verification for
     920             :                  * duplicate EAP requests. However, this misses cases where the
     921             :                  * AS is incorrectly using the same id again; and
     922             :                  * unfortunately, such implementations exist. Use MD5 hash as
     923             :                  * an extra verification for the packets being duplicate to
     924             :                  * workaround these issues.
     925             :                  */
     926           3 :                 wpa_printf(MSG_DEBUG, "EAP: AS used the same Id again, but "
     927             :                            "EAP packets were not identical");
     928           3 :                 wpa_printf(MSG_DEBUG, "EAP: workaround - assume this is not a "
     929             :                            "duplicate packet");
     930           3 :                 duplicate = 0;
     931             :         }
     932             : 
     933        6580 :         return duplicate;
     934             : }
     935             : 
     936             : 
     937           4 : static int eap_peer_sm_allow_canned(struct eap_sm *sm)
     938             : {
     939           4 :         struct eap_peer_config *config = eap_get_config(sm);
     940             : 
     941           4 :         return config && config->phase1 &&
     942           0 :                 os_strstr(config->phase1, "allow_canned_success=1");
     943             : }
     944             : 
     945             : 
     946        6580 : static void eap_peer_sm_step_received(struct eap_sm *sm)
     947             : {
     948        6580 :         int duplicate = eap_peer_req_is_duplicate(sm);
     949             : 
     950             :         /*
     951             :          * Two special cases below for LEAP are local additions to work around
     952             :          * odd LEAP behavior (EAP-Success in the middle of authentication and
     953             :          * then swapped roles). Other transitions are based on RFC 4137.
     954             :          */
     955        7182 :         if (sm->rxSuccess && sm->decision != DECISION_FAIL &&
     956         606 :             (sm->reqId == sm->lastId ||
     957           4 :              eap_success_workaround(sm, sm->reqId, sm->lastId)))
     958         601 :                 SM_ENTER(EAP, SUCCESS);
     959        5979 :         else if (sm->workaround && sm->lastId == -1 && sm->rxSuccess &&
     960           0 :                  !sm->rxFailure && !sm->rxReq && eap_peer_sm_allow_canned(sm))
     961           0 :                 SM_ENTER(EAP, SUCCESS); /* EAP-Success prior any EAP method */
     962        5979 :         else if (sm->workaround && sm->lastId == -1 && sm->rxFailure &&
     963           0 :                  !sm->rxReq && sm->methodState != METHOD_CONT &&
     964           0 :                  eap_peer_sm_allow_canned(sm))
     965           0 :                 SM_ENTER(EAP, FAILURE); /* EAP-Failure prior any EAP method */
     966        5983 :         else if (sm->workaround && sm->rxSuccess && !sm->rxFailure &&
     967          12 :                  !sm->rxReq && sm->methodState != METHOD_CONT &&
     968           4 :                  eap_peer_sm_allow_canned(sm))
     969           0 :                 SM_ENTER(EAP, SUCCESS); /* EAP-Success after Identity */
     970       11948 :         else if (sm->methodState != METHOD_CONT &&
     971        6451 :                  ((sm->rxFailure &&
     972        5969 :                    sm->decision != DECISION_UNCOND_SUCC) ||
     973        5494 :                   (sm->rxSuccess && sm->decision == DECISION_FAIL &&
     974           4 :                    (sm->selectedMethod != EAP_TYPE_LEAP ||
     975         485 :                     sm->methodState != METHOD_MAY_CONT))) &&
     976         590 :                  (sm->reqId == sm->lastId ||
     977         106 :                   eap_success_workaround(sm, sm->reqId, sm->lastId)))
     978         482 :                 SM_ENTER(EAP, FAILURE);
     979        5497 :         else if (sm->rxReq && duplicate)
     980          15 :                 SM_ENTER(EAP, RETRANSMIT);
     981       10895 :         else if (sm->rxReq && !duplicate &&
     982        5419 :                  sm->reqMethod == EAP_TYPE_NOTIFICATION &&
     983           6 :                  sm->allowNotifications)
     984           6 :                 SM_ENTER(EAP, NOTIFICATION);
     985       10883 :         else if (sm->rxReq && !duplicate &&
     986        8013 :                  sm->selectedMethod == EAP_TYPE_NONE &&
     987        2606 :                  sm->reqMethod == EAP_TYPE_IDENTITY)
     988        1274 :                 SM_ENTER(EAP, IDENTITY);
     989        8335 :         else if (sm->rxReq && !duplicate &&
     990        5465 :                  sm->selectedMethod == EAP_TYPE_NONE &&
     991        2664 :                  sm->reqMethod != EAP_TYPE_IDENTITY &&
     992        1332 :                  sm->reqMethod != EAP_TYPE_NOTIFICATION)
     993        1332 :                 SM_ENTER(EAP, GET_METHOD);
     994        5671 :         else if (sm->rxReq && !duplicate &&
     995        5602 :                  sm->reqMethod == sm->selectedMethod &&
     996        2801 :                  sm->methodState != METHOD_DONE)
     997        2800 :                 SM_ENTER(EAP, METHOD);
     998          77 :         else if (sm->selectedMethod == EAP_TYPE_LEAP &&
     999          13 :                  (sm->rxSuccess || sm->rxResp))
    1000           7 :                 SM_ENTER(EAP, METHOD);
    1001          63 :         else if (sm->reauthInit)
    1002          20 :                 SM_ENTER(EAP, SEND_RESPONSE);
    1003             :         else
    1004          43 :                 SM_ENTER(EAP, DISCARD);
    1005        6580 : }
    1006             : 
    1007             : 
    1008       64079 : static void eap_peer_sm_step_local(struct eap_sm *sm)
    1009             : {
    1010       64079 :         switch (sm->EAP_state) {
    1011             :         case EAP_INITIALIZE:
    1012        2590 :                 SM_ENTER(EAP, IDLE);
    1013        2590 :                 break;
    1014             :         case EAP_DISABLED:
    1015        2554 :                 if (eapol_get_bool(sm, EAPOL_portEnabled) &&
    1016        1277 :                     !sm->force_disabled)
    1017        1277 :                         SM_ENTER(EAP, INITIALIZE);
    1018        1277 :                 break;
    1019             :         case EAP_IDLE:
    1020       32593 :                 eap_peer_sm_step_idle(sm);
    1021       32593 :                 break;
    1022             :         case EAP_RECEIVED:
    1023        6580 :                 eap_peer_sm_step_received(sm);
    1024        6580 :                 break;
    1025             :         case EAP_GET_METHOD:
    1026        1332 :                 if (sm->selectedMethod == sm->reqMethod)
    1027        1237 :                         SM_ENTER(EAP, METHOD);
    1028             :                 else
    1029          95 :                         SM_ENTER(EAP, SEND_RESPONSE);
    1030        1332 :                 break;
    1031             :         case EAP_METHOD:
    1032             :                 /*
    1033             :                  * Note: RFC 4137 uses methodState == DONE && decision == FAIL
    1034             :                  * as the condition. eapRespData == NULL here is used to allow
    1035             :                  * final EAP method response to be sent without having to change
    1036             :                  * all methods to either use methodState MAY_CONT or leaving
    1037             :                  * decision to something else than FAIL in cases where the only
    1038             :                  * expected response is EAP-Failure.
    1039             :                  */
    1040        4044 :                 if (sm->ignore)
    1041          92 :                         SM_ENTER(EAP, DISCARD);
    1042        4797 :                 else if (sm->methodState == METHOD_DONE &&
    1043        1267 :                          sm->decision == DECISION_FAIL && !sm->eapRespData)
    1044          16 :                         SM_ENTER(EAP, FAILURE);
    1045             :                 else
    1046        3936 :                         SM_ENTER(EAP, SEND_RESPONSE);
    1047        4044 :                 break;
    1048             :         case EAP_SEND_RESPONSE:
    1049        5346 :                 SM_ENTER(EAP, IDLE);
    1050        5346 :                 break;
    1051             :         case EAP_DISCARD:
    1052         135 :                 SM_ENTER(EAP, IDLE);
    1053         135 :                 break;
    1054             :         case EAP_IDENTITY:
    1055        1274 :                 SM_ENTER(EAP, SEND_RESPONSE);
    1056        1274 :                 break;
    1057             :         case EAP_NOTIFICATION:
    1058           6 :                 SM_ENTER(EAP, SEND_RESPONSE);
    1059           6 :                 break;
    1060             :         case EAP_RETRANSMIT:
    1061          15 :                 SM_ENTER(EAP, SEND_RESPONSE);
    1062          15 :                 break;
    1063             :         case EAP_SUCCESS:
    1064        6390 :                 break;
    1065             :         case EAP_FAILURE:
    1066        2497 :                 break;
    1067             :         }
    1068       64079 : }
    1069             : 
    1070             : 
    1071      107495 : SM_STEP(EAP)
    1072             : {
    1073             :         /* Global transitions */
    1074      108808 :         if (eapol_get_bool(sm, EAPOL_eapRestart) &&
    1075        1313 :             eapol_get_bool(sm, EAPOL_portEnabled))
    1076        1313 :                 SM_ENTER_GLOBAL(EAP, INITIALIZE);
    1077      106182 :         else if (!eapol_get_bool(sm, EAPOL_portEnabled) || sm->force_disabled)
    1078       42097 :                 SM_ENTER_GLOBAL(EAP, DISABLED);
    1079       64085 :         else if (sm->num_rounds > EAP_MAX_AUTH_ROUNDS) {
    1080             :                 /* RFC 4137 does not place any limit on number of EAP messages
    1081             :                  * in an authentication session. However, some error cases have
    1082             :                  * ended up in a state were EAP messages were sent between the
    1083             :                  * peer and server in a loop (e.g., TLS ACK frame in both
    1084             :                  * direction). Since this is quite undesired outcome, limit the
    1085             :                  * total number of EAP round-trips and abort authentication if
    1086             :                  * this limit is exceeded.
    1087             :                  */
    1088           6 :                 if (sm->num_rounds == EAP_MAX_AUTH_ROUNDS + 1) {
    1089           1 :                         wpa_msg(sm->msg_ctx, MSG_INFO, "EAP: more than %d "
    1090             :                                 "authentication rounds - abort",
    1091             :                                 EAP_MAX_AUTH_ROUNDS);
    1092           1 :                         sm->num_rounds++;
    1093           1 :                         SM_ENTER_GLOBAL(EAP, FAILURE);
    1094             :                 }
    1095             :         } else {
    1096             :                 /* Local transitions */
    1097       64079 :                 eap_peer_sm_step_local(sm);
    1098             :         }
    1099      107495 : }
    1100             : 
    1101             : 
    1102        1332 : static Boolean eap_sm_allowMethod(struct eap_sm *sm, int vendor,
    1103             :                                   EapType method)
    1104             : {
    1105        1332 :         if (!eap_allowed_method(sm, vendor, method)) {
    1106          74 :                 wpa_printf(MSG_DEBUG, "EAP: configuration does not allow: "
    1107             :                            "vendor %u method %u", vendor, method);
    1108          74 :                 return FALSE;
    1109             :         }
    1110        1258 :         if (eap_peer_get_eap_method(vendor, method))
    1111        1258 :                 return TRUE;
    1112           0 :         wpa_printf(MSG_DEBUG, "EAP: not included in build: "
    1113             :                    "vendor %u method %u", vendor, method);
    1114           0 :         return FALSE;
    1115             : }
    1116             : 
    1117             : 
    1118           1 : static struct wpabuf * eap_sm_build_expanded_nak(
    1119             :         struct eap_sm *sm, int id, const struct eap_method *methods,
    1120             :         size_t count)
    1121             : {
    1122             :         struct wpabuf *resp;
    1123           1 :         int found = 0;
    1124             :         const struct eap_method *m;
    1125             : 
    1126           1 :         wpa_printf(MSG_DEBUG, "EAP: Building expanded EAP-Nak");
    1127             : 
    1128             :         /* RFC 3748 - 5.3.2: Expanded Nak */
    1129           1 :         resp = eap_msg_alloc(EAP_VENDOR_IETF, EAP_TYPE_EXPANDED,
    1130             :                              8 + 8 * (count + 1), EAP_CODE_RESPONSE, id);
    1131           1 :         if (resp == NULL)
    1132           0 :                 return NULL;
    1133             : 
    1134           1 :         wpabuf_put_be24(resp, EAP_VENDOR_IETF);
    1135           1 :         wpabuf_put_be32(resp, EAP_TYPE_NAK);
    1136             : 
    1137          25 :         for (m = methods; m; m = m->next) {
    1138          26 :                 if (sm->reqVendor == m->vendor &&
    1139           2 :                     sm->reqVendorMethod == m->method)
    1140           1 :                         continue; /* do not allow the current method again */
    1141          23 :                 if (eap_allowed_method(sm, m->vendor, m->method)) {
    1142           1 :                         wpa_printf(MSG_DEBUG, "EAP: allowed type: "
    1143             :                                    "vendor=%u method=%u",
    1144           1 :                                    m->vendor, m->method);
    1145           1 :                         wpabuf_put_u8(resp, EAP_TYPE_EXPANDED);
    1146           1 :                         wpabuf_put_be24(resp, m->vendor);
    1147           1 :                         wpabuf_put_be32(resp, m->method);
    1148             : 
    1149           1 :                         found++;
    1150             :                 }
    1151             :         }
    1152           1 :         if (!found) {
    1153           0 :                 wpa_printf(MSG_DEBUG, "EAP: no more allowed methods");
    1154           0 :                 wpabuf_put_u8(resp, EAP_TYPE_EXPANDED);
    1155           0 :                 wpabuf_put_be24(resp, EAP_VENDOR_IETF);
    1156           0 :                 wpabuf_put_be32(resp, EAP_TYPE_NONE);
    1157             :         }
    1158             : 
    1159           1 :         eap_update_len(resp);
    1160             : 
    1161           1 :         return resp;
    1162             : }
    1163             : 
    1164             : 
    1165          94 : static struct wpabuf * eap_sm_buildNak(struct eap_sm *sm, int id)
    1166             : {
    1167             :         struct wpabuf *resp;
    1168             :         u8 *start;
    1169          94 :         int found = 0, expanded_found = 0;
    1170             :         size_t count;
    1171             :         const struct eap_method *methods, *m;
    1172             : 
    1173         188 :         wpa_printf(MSG_DEBUG, "EAP: Building EAP-Nak (requested type %u "
    1174          94 :                    "vendor=%u method=%u not allowed)", sm->reqMethod,
    1175             :                    sm->reqVendor, sm->reqVendorMethod);
    1176          94 :         methods = eap_peer_get_methods(&count);
    1177          94 :         if (methods == NULL)
    1178           0 :                 return NULL;
    1179          94 :         if (sm->reqMethod == EAP_TYPE_EXPANDED)
    1180           1 :                 return eap_sm_build_expanded_nak(sm, id, methods, count);
    1181             : 
    1182             :         /* RFC 3748 - 5.3.1: Legacy Nak */
    1183          93 :         resp = eap_msg_alloc(EAP_VENDOR_IETF, EAP_TYPE_NAK,
    1184             :                              sizeof(struct eap_hdr) + 1 + count + 1,
    1185             :                              EAP_CODE_RESPONSE, id);
    1186          93 :         if (resp == NULL)
    1187           0 :                 return NULL;
    1188             : 
    1189          93 :         start = wpabuf_put(resp, 0);
    1190        2325 :         for (m = methods; m; m = m->next) {
    1191        2232 :                 if (m->vendor == EAP_VENDOR_IETF && m->method == sm->reqMethod)
    1192          93 :                         continue; /* do not allow the current method again */
    1193        2139 :                 if (eap_allowed_method(sm, m->vendor, m->method)) {
    1194          73 :                         if (m->vendor != EAP_VENDOR_IETF) {
    1195           0 :                                 if (expanded_found)
    1196           0 :                                         continue;
    1197           0 :                                 expanded_found = 1;
    1198           0 :                                 wpabuf_put_u8(resp, EAP_TYPE_EXPANDED);
    1199             :                         } else
    1200          73 :                                 wpabuf_put_u8(resp, m->method);
    1201          73 :                         found++;
    1202             :                 }
    1203             :         }
    1204          93 :         if (!found)
    1205          20 :                 wpabuf_put_u8(resp, EAP_TYPE_NONE);
    1206          93 :         wpa_hexdump(MSG_DEBUG, "EAP: allowed methods", start, found);
    1207             : 
    1208          93 :         eap_update_len(resp);
    1209             : 
    1210          93 :         return resp;
    1211             : }
    1212             : 
    1213             : 
    1214        1274 : static void eap_sm_processIdentity(struct eap_sm *sm, const struct wpabuf *req)
    1215             : {
    1216             :         const u8 *pos;
    1217             :         size_t msg_len;
    1218             : 
    1219        1274 :         wpa_msg(sm->msg_ctx, MSG_INFO, WPA_EVENT_EAP_STARTED
    1220             :                 "EAP authentication started");
    1221        1274 :         eap_notify_status(sm, "started", "");
    1222             : 
    1223        1274 :         pos = eap_hdr_validate(EAP_VENDOR_IETF, EAP_TYPE_IDENTITY, req,
    1224             :                                &msg_len);
    1225        1274 :         if (pos == NULL)
    1226        1274 :                 return;
    1227             : 
    1228             :         /*
    1229             :          * RFC 3748 - 5.1: Identity
    1230             :          * Data field may contain a displayable message in UTF-8. If this
    1231             :          * includes NUL-character, only the data before that should be
    1232             :          * displayed. Some EAP implementasitons may piggy-back additional
    1233             :          * options after the NUL.
    1234             :          */
    1235             :         /* TODO: could save displayable message so that it can be shown to the
    1236             :          * user in case of interaction is required */
    1237        1274 :         wpa_hexdump_ascii(MSG_DEBUG, "EAP: EAP-Request Identity data",
    1238             :                           pos, msg_len);
    1239             : }
    1240             : 
    1241             : 
    1242             : #ifdef PCSC_FUNCS
    1243             : 
    1244             : /*
    1245             :  * Rules for figuring out MNC length based on IMSI for SIM cards that do not
    1246             :  * include MNC length field.
    1247             :  */
    1248             : static int mnc_len_from_imsi(const char *imsi)
    1249             : {
    1250             :         char mcc_str[4];
    1251             :         unsigned int mcc;
    1252             : 
    1253             :         os_memcpy(mcc_str, imsi, 3);
    1254             :         mcc_str[3] = '\0';
    1255             :         mcc = atoi(mcc_str);
    1256             : 
    1257             :         if (mcc == 228)
    1258             :                 return 2; /* Networks in Switzerland use 2-digit MNC */
    1259             :         if (mcc == 244)
    1260             :                 return 2; /* Networks in Finland use 2-digit MNC */
    1261             : 
    1262             :         return -1;
    1263             : }
    1264             : 
    1265             : 
    1266             : static int eap_sm_append_3gpp_realm(struct eap_sm *sm, char *imsi,
    1267             :                                     size_t max_len, size_t *imsi_len)
    1268             : {
    1269             :         int mnc_len;
    1270             :         char *pos, mnc[4];
    1271             : 
    1272             :         if (*imsi_len + 36 > max_len) {
    1273             :                 wpa_printf(MSG_WARNING, "No room for realm in IMSI buffer");
    1274             :                 return -1;
    1275             :         }
    1276             : 
    1277             :         /* MNC (2 or 3 digits) */
    1278             :         mnc_len = scard_get_mnc_len(sm->scard_ctx);
    1279             :         if (mnc_len < 0)
    1280             :                 mnc_len = mnc_len_from_imsi(imsi);
    1281             :         if (mnc_len < 0) {
    1282             :                 wpa_printf(MSG_INFO, "Failed to get MNC length from (U)SIM "
    1283             :                            "assuming 3");
    1284             :                 mnc_len = 3;
    1285             :         }
    1286             : 
    1287             :         if (mnc_len == 2) {
    1288             :                 mnc[0] = '0';
    1289             :                 mnc[1] = imsi[3];
    1290             :                 mnc[2] = imsi[4];
    1291             :         } else if (mnc_len == 3) {
    1292             :                 mnc[0] = imsi[3];
    1293             :                 mnc[1] = imsi[4];
    1294             :                 mnc[2] = imsi[5];
    1295             :         }
    1296             :         mnc[3] = '\0';
    1297             : 
    1298             :         pos = imsi + *imsi_len;
    1299             :         pos += os_snprintf(pos, imsi + max_len - pos,
    1300             :                            "@wlan.mnc%s.mcc%c%c%c.3gppnetwork.org",
    1301             :                            mnc, imsi[0], imsi[1], imsi[2]);
    1302             :         *imsi_len = pos - imsi;
    1303             : 
    1304             :         return 0;
    1305             : }
    1306             : 
    1307             : 
    1308             : static int eap_sm_imsi_identity(struct eap_sm *sm,
    1309             :                                 struct eap_peer_config *conf)
    1310             : {
    1311             :         enum { EAP_SM_SIM, EAP_SM_AKA, EAP_SM_AKA_PRIME } method = EAP_SM_SIM;
    1312             :         char imsi[100];
    1313             :         size_t imsi_len;
    1314             :         struct eap_method_type *m = conf->eap_methods;
    1315             :         int i;
    1316             : 
    1317             :         imsi_len = sizeof(imsi);
    1318             :         if (scard_get_imsi(sm->scard_ctx, imsi, &imsi_len)) {
    1319             :                 wpa_printf(MSG_WARNING, "Failed to get IMSI from SIM");
    1320             :                 return -1;
    1321             :         }
    1322             : 
    1323             :         wpa_hexdump_ascii(MSG_DEBUG, "IMSI", (u8 *) imsi, imsi_len);
    1324             : 
    1325             :         if (imsi_len < 7) {
    1326             :                 wpa_printf(MSG_WARNING, "Too short IMSI for SIM identity");
    1327             :                 return -1;
    1328             :         }
    1329             : 
    1330             :         if (eap_sm_append_3gpp_realm(sm, imsi, sizeof(imsi), &imsi_len) < 0) {
    1331             :                 wpa_printf(MSG_WARNING, "Could not add realm to SIM identity");
    1332             :                 return -1;
    1333             :         }
    1334             :         wpa_hexdump_ascii(MSG_DEBUG, "IMSI + realm", (u8 *) imsi, imsi_len);
    1335             : 
    1336             :         for (i = 0; m && (m[i].vendor != EAP_VENDOR_IETF ||
    1337             :                           m[i].method != EAP_TYPE_NONE); i++) {
    1338             :                 if (m[i].vendor == EAP_VENDOR_IETF &&
    1339             :                     m[i].method == EAP_TYPE_AKA_PRIME) {
    1340             :                         method = EAP_SM_AKA_PRIME;
    1341             :                         break;
    1342             :                 }
    1343             : 
    1344             :                 if (m[i].vendor == EAP_VENDOR_IETF &&
    1345             :                     m[i].method == EAP_TYPE_AKA) {
    1346             :                         method = EAP_SM_AKA;
    1347             :                         break;
    1348             :                 }
    1349             :         }
    1350             : 
    1351             :         os_free(conf->identity);
    1352             :         conf->identity = os_malloc(1 + imsi_len);
    1353             :         if (conf->identity == NULL) {
    1354             :                 wpa_printf(MSG_WARNING, "Failed to allocate buffer for "
    1355             :                            "IMSI-based identity");
    1356             :                 return -1;
    1357             :         }
    1358             : 
    1359             :         switch (method) {
    1360             :         case EAP_SM_SIM:
    1361             :                 conf->identity[0] = '1';
    1362             :                 break;
    1363             :         case EAP_SM_AKA:
    1364             :                 conf->identity[0] = '0';
    1365             :                 break;
    1366             :         case EAP_SM_AKA_PRIME:
    1367             :                 conf->identity[0] = '6';
    1368             :                 break;
    1369             :         }
    1370             :         os_memcpy(conf->identity + 1, imsi, imsi_len);
    1371             :         conf->identity_len = 1 + imsi_len;
    1372             : 
    1373             :         return 0;
    1374             : }
    1375             : 
    1376             : #endif /* PCSC_FUNCS */
    1377             : 
    1378             : 
    1379           0 : static int eap_sm_set_scard_pin(struct eap_sm *sm,
    1380             :                                 struct eap_peer_config *conf)
    1381             : {
    1382             : #ifdef PCSC_FUNCS
    1383             :         if (scard_set_pin(sm->scard_ctx, conf->pin)) {
    1384             :                 /*
    1385             :                  * Make sure the same PIN is not tried again in order to avoid
    1386             :                  * blocking SIM.
    1387             :                  */
    1388             :                 os_free(conf->pin);
    1389             :                 conf->pin = NULL;
    1390             : 
    1391             :                 wpa_printf(MSG_WARNING, "PIN validation failed");
    1392             :                 eap_sm_request_pin(sm);
    1393             :                 return -1;
    1394             :         }
    1395             :         return 0;
    1396             : #else /* PCSC_FUNCS */
    1397           0 :         return -1;
    1398             : #endif /* PCSC_FUNCS */
    1399             : }
    1400             : 
    1401           0 : static int eap_sm_get_scard_identity(struct eap_sm *sm,
    1402             :                                      struct eap_peer_config *conf)
    1403             : {
    1404             : #ifdef PCSC_FUNCS
    1405             :         if (eap_sm_set_scard_pin(sm, conf))
    1406             :                 return -1;
    1407             : 
    1408             :         return eap_sm_imsi_identity(sm, conf);
    1409             : #else /* PCSC_FUNCS */
    1410           0 :         return -1;
    1411             : #endif /* PCSC_FUNCS */
    1412             : }
    1413             : 
    1414             : 
    1415             : /**
    1416             :  * eap_sm_buildIdentity - Build EAP-Identity/Response for the current network
    1417             :  * @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
    1418             :  * @id: EAP identifier for the packet
    1419             :  * @encrypted: Whether the packet is for encrypted tunnel (EAP phase 2)
    1420             :  * Returns: Pointer to the allocated EAP-Identity/Response packet or %NULL on
    1421             :  * failure
    1422             :  *
    1423             :  * This function allocates and builds an EAP-Identity/Response packet for the
    1424             :  * current network. The caller is responsible for freeing the returned data.
    1425             :  */
    1426        1350 : struct wpabuf * eap_sm_buildIdentity(struct eap_sm *sm, int id, int encrypted)
    1427             : {
    1428        1350 :         struct eap_peer_config *config = eap_get_config(sm);
    1429             :         struct wpabuf *resp;
    1430             :         const u8 *identity;
    1431             :         size_t identity_len;
    1432             : 
    1433        1350 :         if (config == NULL) {
    1434           0 :                 wpa_printf(MSG_WARNING, "EAP: buildIdentity: configuration "
    1435             :                            "was not available");
    1436           0 :                 return NULL;
    1437             :         }
    1438             : 
    1439        1377 :         if (sm->m && sm->m->get_identity &&
    1440          27 :             (identity = sm->m->get_identity(sm, sm->eap_method_priv,
    1441             :                                             &identity_len)) != NULL) {
    1442          27 :                 wpa_hexdump_ascii(MSG_DEBUG, "EAP: using method re-auth "
    1443             :                                   "identity", identity, identity_len);
    1444        1323 :         } else if (!encrypted && config->anonymous_identity) {
    1445         197 :                 identity = config->anonymous_identity;
    1446         197 :                 identity_len = config->anonymous_identity_len;
    1447         197 :                 wpa_hexdump_ascii(MSG_DEBUG, "EAP: using anonymous identity",
    1448             :                                   identity, identity_len);
    1449             :         } else {
    1450        1126 :                 identity = config->identity;
    1451        1126 :                 identity_len = config->identity_len;
    1452        1126 :                 wpa_hexdump_ascii(MSG_DEBUG, "EAP: using real identity",
    1453             :                                   identity, identity_len);
    1454             :         }
    1455             : 
    1456        1350 :         if (identity == NULL) {
    1457           0 :                 wpa_printf(MSG_WARNING, "EAP: buildIdentity: identity "
    1458             :                            "configuration was not available");
    1459           0 :                 if (config->pcsc) {
    1460           0 :                         if (eap_sm_get_scard_identity(sm, config) < 0)
    1461           0 :                                 return NULL;
    1462           0 :                         identity = config->identity;
    1463           0 :                         identity_len = config->identity_len;
    1464           0 :                         wpa_hexdump_ascii(MSG_DEBUG, "permanent identity from "
    1465             :                                           "IMSI", identity, identity_len);
    1466             :                 } else {
    1467           0 :                         eap_sm_request_identity(sm);
    1468           0 :                         return NULL;
    1469             :                 }
    1470        1350 :         } else if (config->pcsc) {
    1471           0 :                 if (eap_sm_set_scard_pin(sm, config) < 0)
    1472           0 :                         return NULL;
    1473             :         }
    1474             : 
    1475        1350 :         resp = eap_msg_alloc(EAP_VENDOR_IETF, EAP_TYPE_IDENTITY, identity_len,
    1476             :                              EAP_CODE_RESPONSE, id);
    1477        1350 :         if (resp == NULL)
    1478           0 :                 return NULL;
    1479             : 
    1480        1350 :         wpabuf_put_data(resp, identity, identity_len);
    1481             : 
    1482        1350 :         return resp;
    1483             : }
    1484             : 
    1485             : 
    1486           6 : static void eap_sm_processNotify(struct eap_sm *sm, const struct wpabuf *req)
    1487             : {
    1488             :         const u8 *pos;
    1489             :         char *msg;
    1490             :         size_t i, msg_len;
    1491             : 
    1492           6 :         pos = eap_hdr_validate(EAP_VENDOR_IETF, EAP_TYPE_NOTIFICATION, req,
    1493             :                                &msg_len);
    1494           6 :         if (pos == NULL)
    1495           0 :                 return;
    1496           6 :         wpa_hexdump_ascii(MSG_DEBUG, "EAP: EAP-Request Notification data",
    1497             :                           pos, msg_len);
    1498             : 
    1499           6 :         msg = os_malloc(msg_len + 1);
    1500           6 :         if (msg == NULL)
    1501           0 :                 return;
    1502          12 :         for (i = 0; i < msg_len; i++)
    1503           6 :                 msg[i] = isprint(pos[i]) ? (char) pos[i] : '_';
    1504           6 :         msg[msg_len] = '\0';
    1505           6 :         wpa_msg(sm->msg_ctx, MSG_INFO, "%s%s",
    1506             :                 WPA_EVENT_EAP_NOTIFICATION, msg);
    1507           6 :         os_free(msg);
    1508             : }
    1509             : 
    1510             : 
    1511           6 : static struct wpabuf * eap_sm_buildNotify(int id)
    1512             : {
    1513             :         struct wpabuf *resp;
    1514             : 
    1515           6 :         wpa_printf(MSG_DEBUG, "EAP: Generating EAP-Response Notification");
    1516           6 :         resp = eap_msg_alloc(EAP_VENDOR_IETF, EAP_TYPE_NOTIFICATION, 0,
    1517             :                              EAP_CODE_RESPONSE, id);
    1518           6 :         if (resp == NULL)
    1519           0 :                 return NULL;
    1520             : 
    1521           6 :         return resp;
    1522             : }
    1523             : 
    1524             : 
    1525          39 : static void eap_peer_initiate(struct eap_sm *sm, const struct eap_hdr *hdr,
    1526             :                               size_t len)
    1527             : {
    1528             : #ifdef CONFIG_ERP
    1529          39 :         const u8 *pos = (const u8 *) (hdr + 1);
    1530          39 :         const u8 *end = ((const u8 *) hdr) + len;
    1531             :         struct erp_tlvs parse;
    1532             : 
    1533          39 :         if (len < sizeof(*hdr) + 1) {
    1534           0 :                 wpa_printf(MSG_DEBUG, "EAP: Ignored too short EAP-Initiate");
    1535           0 :                 return;
    1536             :         }
    1537             : 
    1538          39 :         if (*pos != EAP_ERP_TYPE_REAUTH_START) {
    1539           0 :                 wpa_printf(MSG_DEBUG,
    1540             :                            "EAP: Ignored unexpected EAP-Initiate Type=%u",
    1541           0 :                            *pos);
    1542           0 :                 return;
    1543             :         }
    1544             : 
    1545          39 :         pos++;
    1546          39 :         if (pos >= end) {
    1547           0 :                 wpa_printf(MSG_DEBUG,
    1548             :                            "EAP: Too short EAP-Initiate/Re-auth-Start");
    1549           0 :                 return;
    1550             :         }
    1551          39 :         pos++; /* Reserved */
    1552          39 :         wpa_hexdump(MSG_DEBUG, "EAP: EAP-Initiate/Re-auth-Start TVs/TLVs",
    1553          39 :                     pos, end - pos);
    1554             : 
    1555          39 :         if (erp_parse_tlvs(pos, end, &parse, 0) < 0)
    1556           0 :                 goto invalid;
    1557             : 
    1558          39 :         if (parse.domain) {
    1559          78 :                 wpa_hexdump_ascii(MSG_DEBUG,
    1560             :                                   "EAP: EAP-Initiate/Re-auth-Start - Domain name",
    1561          78 :                                   parse.domain, parse.domain_len);
    1562             :                 /* TODO: Derivation of domain specific keys for local ER */
    1563             :         }
    1564             : 
    1565          39 :         if (eap_peer_erp_reauth_start(sm, hdr, len) == 0)
    1566          20 :                 return;
    1567             : 
    1568             : invalid:
    1569             : #endif /* CONFIG_ERP */
    1570          19 :         wpa_printf(MSG_DEBUG,
    1571             :                    "EAP: EAP-Initiate/Re-auth-Start - No suitable ERP keys available - try to start full EAP authentication");
    1572          19 :         eapol_set_bool(sm, EAPOL_eapTriggerStart, TRUE);
    1573             : }
    1574             : 
    1575             : 
    1576          20 : static void eap_peer_finish(struct eap_sm *sm, const struct eap_hdr *hdr,
    1577             :                             size_t len)
    1578             : {
    1579             : #ifdef CONFIG_ERP
    1580          20 :         const u8 *pos = (const u8 *) (hdr + 1);
    1581          20 :         const u8 *end = ((const u8 *) hdr) + len;
    1582             :         const u8 *start;
    1583             :         struct erp_tlvs parse;
    1584             :         u8 flags;
    1585             :         u16 seq;
    1586             :         u8 hash[SHA256_MAC_LEN];
    1587             :         size_t hash_len;
    1588             :         struct eap_erp_key *erp;
    1589             :         int max_len;
    1590             :         char nai[254];
    1591             :         u8 seed[4];
    1592          20 :         int auth_tag_ok = 0;
    1593             : 
    1594          20 :         if (len < sizeof(*hdr) + 1) {
    1595           0 :                 wpa_printf(MSG_DEBUG, "EAP: Ignored too short EAP-Finish");
    1596           0 :                 return;
    1597             :         }
    1598             : 
    1599          20 :         if (*pos != EAP_ERP_TYPE_REAUTH) {
    1600           0 :                 wpa_printf(MSG_DEBUG,
    1601           0 :                            "EAP: Ignored unexpected EAP-Finish Type=%u", *pos);
    1602           0 :                 return;
    1603             :         }
    1604             : 
    1605          20 :         if (len < sizeof(*hdr) + 4) {
    1606           0 :                 wpa_printf(MSG_DEBUG,
    1607             :                            "EAP: Ignored too short EAP-Finish/Re-auth");
    1608           0 :                 return;
    1609             :         }
    1610             : 
    1611          20 :         pos++;
    1612          20 :         flags = *pos++;
    1613          20 :         seq = WPA_GET_BE16(pos);
    1614          20 :         pos += 2;
    1615          20 :         wpa_printf(MSG_DEBUG, "EAP: Flags=0x%x SEQ=%u", flags, seq);
    1616             : 
    1617          20 :         if (seq != sm->erp_seq) {
    1618           0 :                 wpa_printf(MSG_DEBUG,
    1619             :                            "EAP: Unexpected EAP-Finish/Re-auth SEQ=%u", seq);
    1620           0 :                 return;
    1621             :         }
    1622             : 
    1623             :         /*
    1624             :          * Parse TVs/TLVs. Since we do not yet know the length of the
    1625             :          * Authentication Tag, stop parsing if an unknown TV/TLV is seen and
    1626             :          * just try to find the keyName-NAI first so that we can check the
    1627             :          * Authentication Tag.
    1628             :          */
    1629          20 :         if (erp_parse_tlvs(pos, end, &parse, 1) < 0)
    1630           0 :                 return;
    1631             : 
    1632          20 :         if (!parse.keyname) {
    1633           0 :                 wpa_printf(MSG_DEBUG,
    1634             :                            "EAP: No keyName-NAI in EAP-Finish/Re-auth Packet");
    1635           0 :                 return;
    1636             :         }
    1637             : 
    1638          40 :         wpa_hexdump_ascii(MSG_DEBUG, "EAP: EAP-Finish/Re-auth - keyName-NAI",
    1639          40 :                           parse.keyname, parse.keyname_len);
    1640          20 :         if (parse.keyname_len > 253) {
    1641           0 :                 wpa_printf(MSG_DEBUG,
    1642             :                            "EAP: Too long keyName-NAI in EAP-Finish/Re-auth");
    1643           0 :                 return;
    1644             :         }
    1645          20 :         os_memcpy(nai, parse.keyname, parse.keyname_len);
    1646          20 :         nai[parse.keyname_len] = '\0';
    1647             : 
    1648          20 :         erp = eap_erp_get_key_nai(sm, nai);
    1649          20 :         if (!erp) {
    1650           0 :                 wpa_printf(MSG_DEBUG, "EAP: No matching ERP key found for %s",
    1651             :                            nai);
    1652           0 :                 return;
    1653             :         }
    1654             : 
    1655             :         /* Is there enough room for Cryptosuite and Authentication Tag? */
    1656          20 :         start = parse.keyname + parse.keyname_len;
    1657          20 :         max_len = end - start;
    1658          20 :         hash_len = 16;
    1659          20 :         if (max_len < 1 + (int) hash_len) {
    1660           1 :                 wpa_printf(MSG_DEBUG,
    1661             :                            "EAP: Not enough room for Authentication Tag");
    1662           1 :                 if (flags & 0x80)
    1663           1 :                         goto no_auth_tag;
    1664           0 :                 return;
    1665             :         }
    1666          19 :         if (end[-17] != EAP_ERP_CS_HMAC_SHA256_128) {
    1667           0 :                 wpa_printf(MSG_DEBUG, "EAP: Different Cryptosuite used");
    1668           0 :                 if (flags & 0x80)
    1669           0 :                         goto no_auth_tag;
    1670           0 :                 return;
    1671             :         }
    1672             : 
    1673          19 :         if (hmac_sha256(erp->rIK, erp->rIK_len, (const u8 *) hdr,
    1674          19 :                         end - ((const u8 *) hdr) - hash_len, hash) < 0)
    1675           0 :                 return;
    1676          19 :         if (os_memcmp(end - hash_len, hash, hash_len) != 0) {
    1677           0 :                 wpa_printf(MSG_DEBUG,
    1678             :                            "EAP: Authentication Tag mismatch");
    1679           0 :                 return;
    1680             :         }
    1681          19 :         auth_tag_ok = 1;
    1682          19 :         end -= 1 + hash_len;
    1683             : 
    1684             : no_auth_tag:
    1685             :         /*
    1686             :          * Parse TVs/TLVs again now that we know the exact part of the buffer
    1687             :          * that contains them.
    1688             :          */
    1689          20 :         wpa_hexdump(MSG_DEBUG, "EAP: EAP-Finish/Re-Auth TVs/TLVs",
    1690          20 :                     pos, end - pos);
    1691          20 :         if (erp_parse_tlvs(pos, end, &parse, 0) < 0)
    1692           0 :                 return;
    1693             : 
    1694          20 :         if (flags & 0x80 || !auth_tag_ok) {
    1695           1 :                 wpa_printf(MSG_DEBUG,
    1696             :                            "EAP: EAP-Finish/Re-auth indicated failure");
    1697           1 :                 eapol_set_bool(sm, EAPOL_eapFail, TRUE);
    1698           1 :                 eapol_set_bool(sm, EAPOL_eapReq, FALSE);
    1699           1 :                 eapol_set_bool(sm, EAPOL_eapNoResp, TRUE);
    1700           1 :                 wpa_msg(sm->msg_ctx, MSG_INFO, WPA_EVENT_EAP_FAILURE
    1701             :                         "EAP authentication failed");
    1702           1 :                 sm->prev_failure = 1;
    1703           1 :                 wpa_printf(MSG_DEBUG,
    1704             :                            "EAP: Drop ERP key to try full authentication on next attempt");
    1705           1 :                 eap_peer_erp_free_key(erp);
    1706           1 :                 return;
    1707             :         }
    1708             : 
    1709          19 :         eap_sm_free_key(sm);
    1710          19 :         sm->eapKeyDataLen = 0;
    1711          19 :         sm->eapKeyData = os_malloc(erp->rRK_len);
    1712          19 :         if (!sm->eapKeyData)
    1713           0 :                 return;
    1714          19 :         sm->eapKeyDataLen = erp->rRK_len;
    1715             : 
    1716          19 :         WPA_PUT_BE16(seed, seq);
    1717          19 :         WPA_PUT_BE16(&seed[2], erp->rRK_len);
    1718          19 :         if (hmac_sha256_kdf(erp->rRK, erp->rRK_len,
    1719             :                             "Re-authentication Master Session Key@ietf.org",
    1720             :                             seed, sizeof(seed),
    1721             :                             sm->eapKeyData, erp->rRK_len) < 0) {
    1722           0 :                 wpa_printf(MSG_DEBUG, "EAP: Could not derive rMSK for ERP");
    1723           0 :                 eap_sm_free_key(sm);
    1724           0 :                 return;
    1725             :         }
    1726          38 :         wpa_hexdump_key(MSG_DEBUG, "EAP: ERP rMSK",
    1727          19 :                         sm->eapKeyData, sm->eapKeyDataLen);
    1728          19 :         sm->eapKeyAvailable = TRUE;
    1729          19 :         eapol_set_bool(sm, EAPOL_eapSuccess, TRUE);
    1730          19 :         eapol_set_bool(sm, EAPOL_eapReq, FALSE);
    1731          19 :         eapol_set_bool(sm, EAPOL_eapNoResp, TRUE);
    1732          19 :         wpa_msg(sm->msg_ctx, MSG_INFO, WPA_EVENT_EAP_SUCCESS
    1733             :                 "EAP re-authentication completed successfully");
    1734             : #endif /* CONFIG_ERP */
    1735             : }
    1736             : 
    1737             : 
    1738        6581 : static void eap_sm_parseEapReq(struct eap_sm *sm, const struct wpabuf *req)
    1739             : {
    1740             :         const struct eap_hdr *hdr;
    1741             :         size_t plen;
    1742             :         const u8 *pos;
    1743             : 
    1744        6581 :         sm->rxReq = sm->rxResp = sm->rxSuccess = sm->rxFailure = FALSE;
    1745        6581 :         sm->reqId = 0;
    1746        6581 :         sm->reqMethod = EAP_TYPE_NONE;
    1747        6581 :         sm->reqVendor = EAP_VENDOR_IETF;
    1748        6581 :         sm->reqVendorMethod = EAP_TYPE_NONE;
    1749             : 
    1750        6581 :         if (req == NULL || wpabuf_len(req) < sizeof(*hdr))
    1751           0 :                 return;
    1752             : 
    1753        6581 :         hdr = wpabuf_head(req);
    1754        6581 :         plen = be_to_host16(hdr->length);
    1755        6581 :         if (plen > wpabuf_len(req)) {
    1756           0 :                 wpa_printf(MSG_DEBUG, "EAP: Ignored truncated EAP-Packet "
    1757             :                            "(len=%lu plen=%lu)",
    1758             :                            (unsigned long) wpabuf_len(req),
    1759             :                            (unsigned long) plen);
    1760           0 :                 return;
    1761             :         }
    1762             : 
    1763        6581 :         sm->reqId = hdr->identifier;
    1764             : 
    1765        6581 :         if (sm->workaround) {
    1766             :                 const u8 *addr[1];
    1767        6581 :                 addr[0] = wpabuf_head(req);
    1768        6581 :                 md5_vector(1, addr, &plen, sm->req_md5);
    1769             :         }
    1770             : 
    1771        6581 :         switch (hdr->code) {
    1772             :         case EAP_CODE_REQUEST:
    1773        5429 :                 if (plen < sizeof(*hdr) + 1) {
    1774           0 :                         wpa_printf(MSG_DEBUG, "EAP: Too short EAP-Request - "
    1775             :                                    "no Type field");
    1776           0 :                         return;
    1777             :                 }
    1778        5429 :                 sm->rxReq = TRUE;
    1779        5429 :                 pos = (const u8 *) (hdr + 1);
    1780        5429 :                 sm->reqMethod = *pos++;
    1781        5429 :                 if (sm->reqMethod == EAP_TYPE_EXPANDED) {
    1782        1358 :                         if (plen < sizeof(*hdr) + 8) {
    1783           0 :                                 wpa_printf(MSG_DEBUG, "EAP: Ignored truncated "
    1784             :                                            "expanded EAP-Packet (plen=%lu)",
    1785             :                                            (unsigned long) plen);
    1786           0 :                                 return;
    1787             :                         }
    1788        1358 :                         sm->reqVendor = WPA_GET_BE24(pos);
    1789        1358 :                         pos += 3;
    1790        1358 :                         sm->reqVendorMethod = WPA_GET_BE32(pos);
    1791             :                 }
    1792       10858 :                 wpa_printf(MSG_DEBUG, "EAP: Received EAP-Request id=%d "
    1793             :                            "method=%u vendor=%u vendorMethod=%u",
    1794        5429 :                            sm->reqId, sm->reqMethod, sm->reqVendor,
    1795             :                            sm->reqVendorMethod);
    1796        5429 :                 break;
    1797             :         case EAP_CODE_RESPONSE:
    1798           6 :                 if (sm->selectedMethod == EAP_TYPE_LEAP) {
    1799             :                         /*
    1800             :                          * LEAP differs from RFC 4137 by using reversed roles
    1801             :                          * for mutual authentication and because of this, we
    1802             :                          * need to accept EAP-Response frames if LEAP is used.
    1803             :                          */
    1804           6 :                         if (plen < sizeof(*hdr) + 1) {
    1805           0 :                                 wpa_printf(MSG_DEBUG, "EAP: Too short "
    1806             :                                            "EAP-Response - no Type field");
    1807           0 :                                 return;
    1808             :                         }
    1809           6 :                         sm->rxResp = TRUE;
    1810           6 :                         pos = (const u8 *) (hdr + 1);
    1811           6 :                         sm->reqMethod = *pos;
    1812          12 :                         wpa_printf(MSG_DEBUG, "EAP: Received EAP-Response for "
    1813             :                                    "LEAP method=%d id=%d",
    1814           6 :                                    sm->reqMethod, sm->reqId);
    1815           6 :                         break;
    1816             :                 }
    1817           0 :                 wpa_printf(MSG_DEBUG, "EAP: Ignored EAP-Response");
    1818           0 :                 break;
    1819             :         case EAP_CODE_SUCCESS:
    1820         605 :                 wpa_printf(MSG_DEBUG, "EAP: Received EAP-Success");
    1821         605 :                 eap_notify_status(sm, "completion", "success");
    1822         605 :                 sm->rxSuccess = TRUE;
    1823         605 :                 break;
    1824             :         case EAP_CODE_FAILURE:
    1825         482 :                 wpa_printf(MSG_DEBUG, "EAP: Received EAP-Failure");
    1826         482 :                 eap_notify_status(sm, "completion", "failure");
    1827         482 :                 sm->rxFailure = TRUE;
    1828         482 :                 break;
    1829             :         case EAP_CODE_INITIATE:
    1830          39 :                 eap_peer_initiate(sm, hdr, plen);
    1831          39 :                 break;
    1832             :         case EAP_CODE_FINISH:
    1833          20 :                 eap_peer_finish(sm, hdr, plen);
    1834          20 :                 break;
    1835             :         default:
    1836           0 :                 wpa_printf(MSG_DEBUG, "EAP: Ignored EAP-Packet with unknown "
    1837           0 :                            "code %d", hdr->code);
    1838           0 :                 break;
    1839             :         }
    1840             : }
    1841             : 
    1842             : 
    1843        1012 : static void eap_peer_sm_tls_event(void *ctx, enum tls_event ev,
    1844             :                                   union tls_event_data *data)
    1845             : {
    1846        1012 :         struct eap_sm *sm = ctx;
    1847        1012 :         char *hash_hex = NULL;
    1848             : 
    1849        1012 :         switch (ev) {
    1850             :         case TLS_CERT_CHAIN_SUCCESS:
    1851         482 :                 eap_notify_status(sm, "remote certificate verification",
    1852             :                                   "success");
    1853         482 :                 break;
    1854             :         case TLS_CERT_CHAIN_FAILURE:
    1855          44 :                 wpa_msg(sm->msg_ctx, MSG_INFO, WPA_EVENT_EAP_TLS_CERT_ERROR
    1856             :                         "reason=%d depth=%d subject='%s' err='%s'",
    1857          22 :                         data->cert_fail.reason,
    1858             :                         data->cert_fail.depth,
    1859             :                         data->cert_fail.subject,
    1860             :                         data->cert_fail.reason_txt);
    1861          22 :                 eap_notify_status(sm, "remote certificate verification",
    1862             :                                   data->cert_fail.reason_txt);
    1863          22 :                 break;
    1864             :         case TLS_PEER_CERTIFICATE:
    1865         483 :                 if (!sm->eapol_cb->notify_cert)
    1866           0 :                         break;
    1867             : 
    1868         483 :                 if (data->peer_cert.hash) {
    1869         483 :                         size_t len = data->peer_cert.hash_len * 2 + 1;
    1870         483 :                         hash_hex = os_malloc(len);
    1871         483 :                         if (hash_hex) {
    1872         483 :                                 wpa_snprintf_hex(hash_hex, len,
    1873             :                                                  data->peer_cert.hash,
    1874             :                                                  data->peer_cert.hash_len);
    1875             :                         }
    1876             :                 }
    1877             : 
    1878         966 :                 sm->eapol_cb->notify_cert(sm->eapol_ctx,
    1879             :                                           data->peer_cert.depth,
    1880             :                                           data->peer_cert.subject,
    1881         483 :                                           data->peer_cert.altsubject,
    1882             :                                           data->peer_cert.num_altsubject,
    1883             :                                           hash_hex, data->peer_cert.cert);
    1884         483 :                 break;
    1885             :         case TLS_ALERT:
    1886          25 :                 if (data->alert.is_local)
    1887          25 :                         eap_notify_status(sm, "local TLS alert",
    1888             :                                           data->alert.description);
    1889             :                 else
    1890           0 :                         eap_notify_status(sm, "remote TLS alert",
    1891             :                                           data->alert.description);
    1892          25 :                 break;
    1893             :         }
    1894             : 
    1895        1012 :         os_free(hash_hex);
    1896        1012 : }
    1897             : 
    1898             : 
    1899             : /**
    1900             :  * eap_peer_sm_init - Allocate and initialize EAP peer state machine
    1901             :  * @eapol_ctx: Context data to be used with eapol_cb calls
    1902             :  * @eapol_cb: Pointer to EAPOL callback functions
    1903             :  * @msg_ctx: Context data for wpa_msg() calls
    1904             :  * @conf: EAP configuration
    1905             :  * Returns: Pointer to the allocated EAP state machine or %NULL on failure
    1906             :  *
    1907             :  * This function allocates and initializes an EAP state machine. In addition,
    1908             :  * this initializes TLS library for the new EAP state machine. eapol_cb pointer
    1909             :  * will be in use until eap_peer_sm_deinit() is used to deinitialize this EAP
    1910             :  * state machine. Consequently, the caller must make sure that this data
    1911             :  * structure remains alive while the EAP state machine is active.
    1912             :  */
    1913         206 : struct eap_sm * eap_peer_sm_init(void *eapol_ctx,
    1914             :                                  struct eapol_callbacks *eapol_cb,
    1915             :                                  void *msg_ctx, struct eap_config *conf)
    1916             : {
    1917             :         struct eap_sm *sm;
    1918             :         struct tls_config tlsconf;
    1919             : 
    1920         206 :         sm = os_zalloc(sizeof(*sm));
    1921         206 :         if (sm == NULL)
    1922           2 :                 return NULL;
    1923         204 :         sm->eapol_ctx = eapol_ctx;
    1924         204 :         sm->eapol_cb = eapol_cb;
    1925         204 :         sm->msg_ctx = msg_ctx;
    1926         204 :         sm->ClientTimeout = EAP_CLIENT_TIMEOUT_DEFAULT;
    1927         204 :         sm->wps = conf->wps;
    1928         204 :         dl_list_init(&sm->erp_keys);
    1929             : 
    1930         204 :         os_memset(&tlsconf, 0, sizeof(tlsconf));
    1931         204 :         tlsconf.opensc_engine_path = conf->opensc_engine_path;
    1932         204 :         tlsconf.pkcs11_engine_path = conf->pkcs11_engine_path;
    1933         204 :         tlsconf.pkcs11_module_path = conf->pkcs11_module_path;
    1934         204 :         tlsconf.openssl_ciphers = conf->openssl_ciphers;
    1935             : #ifdef CONFIG_FIPS
    1936             :         tlsconf.fips_mode = 1;
    1937             : #endif /* CONFIG_FIPS */
    1938         204 :         tlsconf.event_cb = eap_peer_sm_tls_event;
    1939         204 :         tlsconf.cb_ctx = sm;
    1940         204 :         tlsconf.cert_in_cb = conf->cert_in_cb;
    1941         204 :         sm->ssl_ctx = tls_init(&tlsconf);
    1942         204 :         if (sm->ssl_ctx == NULL) {
    1943           2 :                 wpa_printf(MSG_WARNING, "SSL: Failed to initialize TLS "
    1944             :                            "context.");
    1945           2 :                 os_free(sm);
    1946           2 :                 return NULL;
    1947             :         }
    1948             : 
    1949         202 :         sm->ssl_ctx2 = tls_init(&tlsconf);
    1950         202 :         if (sm->ssl_ctx2 == NULL) {
    1951           2 :                 wpa_printf(MSG_INFO, "SSL: Failed to initialize TLS "
    1952             :                            "context (2).");
    1953             :                 /* Run without separate TLS context within TLS tunnel */
    1954             :         }
    1955             : 
    1956         202 :         return sm;
    1957             : }
    1958             : 
    1959             : 
    1960             : /**
    1961             :  * eap_peer_sm_deinit - Deinitialize and free an EAP peer state machine
    1962             :  * @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
    1963             :  *
    1964             :  * This function deinitializes EAP state machine and frees all allocated
    1965             :  * resources.
    1966             :  */
    1967         202 : void eap_peer_sm_deinit(struct eap_sm *sm)
    1968             : {
    1969         202 :         if (sm == NULL)
    1970         202 :                 return;
    1971         202 :         eap_deinit_prev_method(sm, "EAP deinit");
    1972         202 :         eap_sm_abort(sm);
    1973         202 :         if (sm->ssl_ctx2)
    1974         200 :                 tls_deinit(sm->ssl_ctx2);
    1975         202 :         tls_deinit(sm->ssl_ctx);
    1976         202 :         eap_peer_erp_free_keys(sm);
    1977         202 :         os_free(sm);
    1978             : }
    1979             : 
    1980             : 
    1981             : /**
    1982             :  * eap_peer_sm_step - Step EAP peer state machine
    1983             :  * @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
    1984             :  * Returns: 1 if EAP state was changed or 0 if not
    1985             :  *
    1986             :  * This function advances EAP state machine to a new state to match with the
    1987             :  * current variables. This should be called whenever variables used by the EAP
    1988             :  * state machine have changed.
    1989             :  */
    1990       74443 : int eap_peer_sm_step(struct eap_sm *sm)
    1991             : {
    1992       74443 :         int res = 0;
    1993             :         do {
    1994      107495 :                 sm->changed = FALSE;
    1995      107495 :                 SM_STEP_RUN(EAP);
    1996      107495 :                 if (sm->changed)
    1997       33052 :                         res = 1;
    1998      107495 :         } while (sm->changed);
    1999       74443 :         return res;
    2000             : }
    2001             : 
    2002             : 
    2003             : /**
    2004             :  * eap_sm_abort - Abort EAP authentication
    2005             :  * @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
    2006             :  *
    2007             :  * Release system resources that have been allocated for the authentication
    2008             :  * session without fully deinitializing the EAP state machine.
    2009             :  */
    2010       29380 : void eap_sm_abort(struct eap_sm *sm)
    2011             : {
    2012       29380 :         wpabuf_free(sm->lastRespData);
    2013       29380 :         sm->lastRespData = NULL;
    2014       29380 :         wpabuf_free(sm->eapRespData);
    2015       29380 :         sm->eapRespData = NULL;
    2016       29380 :         eap_sm_free_key(sm);
    2017       29380 :         os_free(sm->eapSessionId);
    2018       29380 :         sm->eapSessionId = NULL;
    2019             : 
    2020             :         /* This is not clearly specified in the EAP statemachines draft, but
    2021             :          * it seems necessary to make sure that some of the EAPOL variables get
    2022             :          * cleared for the next authentication. */
    2023       29380 :         eapol_set_bool(sm, EAPOL_eapSuccess, FALSE);
    2024       29380 : }
    2025             : 
    2026             : 
    2027             : #ifdef CONFIG_CTRL_IFACE
    2028         262 : static const char * eap_sm_state_txt(int state)
    2029             : {
    2030         262 :         switch (state) {
    2031             :         case EAP_INITIALIZE:
    2032           0 :                 return "INITIALIZE";
    2033             :         case EAP_DISABLED:
    2034           0 :                 return "DISABLED";
    2035             :         case EAP_IDLE:
    2036           1 :                 return "IDLE";
    2037             :         case EAP_RECEIVED:
    2038           0 :                 return "RECEIVED";
    2039             :         case EAP_GET_METHOD:
    2040           0 :                 return "GET_METHOD";
    2041             :         case EAP_METHOD:
    2042           0 :                 return "METHOD";
    2043             :         case EAP_SEND_RESPONSE:
    2044           0 :                 return "SEND_RESPONSE";
    2045             :         case EAP_DISCARD:
    2046           0 :                 return "DISCARD";
    2047             :         case EAP_IDENTITY:
    2048           0 :                 return "IDENTITY";
    2049             :         case EAP_NOTIFICATION:
    2050           0 :                 return "NOTIFICATION";
    2051             :         case EAP_RETRANSMIT:
    2052           0 :                 return "RETRANSMIT";
    2053             :         case EAP_SUCCESS:
    2054         261 :                 return "SUCCESS";
    2055             :         case EAP_FAILURE:
    2056           0 :                 return "FAILURE";
    2057             :         default:
    2058           0 :                 return "UNKNOWN";
    2059             :         }
    2060             : }
    2061             : #endif /* CONFIG_CTRL_IFACE */
    2062             : 
    2063             : 
    2064             : #if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
    2065        4045 : static const char * eap_sm_method_state_txt(EapMethodState state)
    2066             : {
    2067        4045 :         switch (state) {
    2068             :         case METHOD_NONE:
    2069           0 :                 return "NONE";
    2070             :         case METHOD_INIT:
    2071          78 :                 return "INIT";
    2072             :         case METHOD_CONT:
    2073          10 :                 return "CONT";
    2074             :         case METHOD_MAY_CONT:
    2075        3111 :                 return "MAY_CONT";
    2076             :         case METHOD_DONE:
    2077         846 :                 return "DONE";
    2078             :         default:
    2079           0 :                 return "UNKNOWN";
    2080             :         }
    2081             : }
    2082             : 
    2083             : 
    2084        4045 : static const char * eap_sm_decision_txt(EapDecision decision)
    2085             : {
    2086        4045 :         switch (decision) {
    2087             :         case DECISION_FAIL:
    2088        3401 :                 return "FAIL";
    2089             :         case DECISION_COND_SUCC:
    2090         144 :                 return "COND_SUCC";
    2091             :         case DECISION_UNCOND_SUCC:
    2092         500 :                 return "UNCOND_SUCC";
    2093             :         default:
    2094           0 :                 return "UNKNOWN";
    2095             :         }
    2096             : }
    2097             : #endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
    2098             : 
    2099             : 
    2100             : #ifdef CONFIG_CTRL_IFACE
    2101             : 
    2102             : /**
    2103             :  * eap_sm_get_status - Get EAP state machine status
    2104             :  * @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
    2105             :  * @buf: Buffer for status information
    2106             :  * @buflen: Maximum buffer length
    2107             :  * @verbose: Whether to include verbose status information
    2108             :  * Returns: Number of bytes written to buf.
    2109             :  *
    2110             :  * Query EAP state machine for status information. This function fills in a
    2111             :  * text area with current status information from the EAPOL state machine. If
    2112             :  * the buffer (buf) is not large enough, status information will be truncated
    2113             :  * to fit the buffer.
    2114             :  */
    2115         262 : int eap_sm_get_status(struct eap_sm *sm, char *buf, size_t buflen, int verbose)
    2116             : {
    2117             :         int len, ret;
    2118             : 
    2119         262 :         if (sm == NULL)
    2120           0 :                 return 0;
    2121             : 
    2122         262 :         len = os_snprintf(buf, buflen,
    2123             :                           "EAP state=%s\n",
    2124         262 :                           eap_sm_state_txt(sm->EAP_state));
    2125         262 :         if (os_snprintf_error(buflen, len))
    2126           0 :                 return 0;
    2127             : 
    2128         262 :         if (sm->selectedMethod != EAP_TYPE_NONE) {
    2129             :                 const char *name;
    2130         261 :                 if (sm->m) {
    2131         261 :                         name = sm->m->name;
    2132             :                 } else {
    2133           0 :                         const struct eap_method *m =
    2134           0 :                                 eap_peer_get_eap_method(EAP_VENDOR_IETF,
    2135             :                                                         sm->selectedMethod);
    2136           0 :                         if (m)
    2137           0 :                                 name = m->name;
    2138             :                         else
    2139           0 :                                 name = "?";
    2140             :                 }
    2141         261 :                 ret = os_snprintf(buf + len, buflen - len,
    2142             :                                   "selectedMethod=%d (EAP-%s)\n",
    2143         261 :                                   sm->selectedMethod, name);
    2144         261 :                 if (os_snprintf_error(buflen - len, ret))
    2145           0 :                         return len;
    2146         261 :                 len += ret;
    2147             : 
    2148         261 :                 if (sm->m && sm->m->get_status) {
    2149         133 :                         len += sm->m->get_status(sm, sm->eap_method_priv,
    2150             :                                                  buf + len, buflen - len,
    2151             :                                                  verbose);
    2152             :                 }
    2153             :         }
    2154             : 
    2155         262 :         if (verbose) {
    2156           2 :                 ret = os_snprintf(buf + len, buflen - len,
    2157             :                                   "reqMethod=%d\n"
    2158             :                                   "methodState=%s\n"
    2159             :                                   "decision=%s\n"
    2160             :                                   "ClientTimeout=%d\n",
    2161           1 :                                   sm->reqMethod,
    2162             :                                   eap_sm_method_state_txt(sm->methodState),
    2163             :                                   eap_sm_decision_txt(sm->decision),
    2164             :                                   sm->ClientTimeout);
    2165           1 :                 if (os_snprintf_error(buflen - len, ret))
    2166           0 :                         return len;
    2167           1 :                 len += ret;
    2168             :         }
    2169             : 
    2170         262 :         return len;
    2171             : }
    2172             : #endif /* CONFIG_CTRL_IFACE */
    2173             : 
    2174             : 
    2175             : #if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
    2176          32 : static void eap_sm_request(struct eap_sm *sm, enum wpa_ctrl_req_type field,
    2177             :                            const char *msg, size_t msglen)
    2178             : {
    2179             :         struct eap_peer_config *config;
    2180          32 :         const char *txt = NULL;
    2181             :         char *tmp;
    2182             : 
    2183          32 :         if (sm == NULL)
    2184           0 :                 return;
    2185          32 :         config = eap_get_config(sm);
    2186          32 :         if (config == NULL)
    2187           0 :                 return;
    2188             : 
    2189          32 :         switch (field) {
    2190             :         case WPA_CTRL_REQ_EAP_IDENTITY:
    2191           1 :                 config->pending_req_identity++;
    2192           1 :                 break;
    2193             :         case WPA_CTRL_REQ_EAP_PASSWORD:
    2194           7 :                 config->pending_req_password++;
    2195           7 :                 break;
    2196             :         case WPA_CTRL_REQ_EAP_NEW_PASSWORD:
    2197           0 :                 config->pending_req_new_password++;
    2198           0 :                 break;
    2199             :         case WPA_CTRL_REQ_EAP_PIN:
    2200           0 :                 config->pending_req_pin++;
    2201           0 :                 break;
    2202             :         case WPA_CTRL_REQ_EAP_OTP:
    2203           2 :                 if (msg) {
    2204           2 :                         tmp = os_malloc(msglen + 3);
    2205           2 :                         if (tmp == NULL)
    2206           0 :                                 return;
    2207           2 :                         tmp[0] = '[';
    2208           2 :                         os_memcpy(tmp + 1, msg, msglen);
    2209           2 :                         tmp[msglen + 1] = ']';
    2210           2 :                         tmp[msglen + 2] = '\0';
    2211           2 :                         txt = tmp;
    2212           2 :                         os_free(config->pending_req_otp);
    2213           2 :                         config->pending_req_otp = tmp;
    2214           2 :                         config->pending_req_otp_len = msglen + 3;
    2215             :                 } else {
    2216           0 :                         if (config->pending_req_otp == NULL)
    2217           0 :                                 return;
    2218           0 :                         txt = config->pending_req_otp;
    2219             :                 }
    2220           2 :                 break;
    2221             :         case WPA_CTRL_REQ_EAP_PASSPHRASE:
    2222           1 :                 config->pending_req_passphrase++;
    2223           1 :                 break;
    2224             :         case WPA_CTRL_REQ_SIM:
    2225          21 :                 txt = msg;
    2226          21 :                 break;
    2227             :         default:
    2228           0 :                 return;
    2229             :         }
    2230             : 
    2231          32 :         if (sm->eapol_cb->eap_param_needed)
    2232          32 :                 sm->eapol_cb->eap_param_needed(sm->eapol_ctx, field, txt);
    2233             : }
    2234             : #else /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
    2235             : #define eap_sm_request(sm, type, msg, msglen) do { } while (0)
    2236             : #endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
    2237             : 
    2238        1118 : const char * eap_sm_get_method_name(struct eap_sm *sm)
    2239             : {
    2240        1118 :         if (sm->m == NULL)
    2241         376 :                 return "UNKNOWN";
    2242         742 :         return sm->m->name;
    2243             : }
    2244             : 
    2245             : 
    2246             : /**
    2247             :  * eap_sm_request_identity - Request identity from user (ctrl_iface)
    2248             :  * @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
    2249             :  *
    2250             :  * EAP methods can call this function to request identity information for the
    2251             :  * current network. This is normally called when the identity is not included
    2252             :  * in the network configuration. The request will be sent to monitor programs
    2253             :  * through the control interface.
    2254             :  */
    2255           1 : void eap_sm_request_identity(struct eap_sm *sm)
    2256             : {
    2257           1 :         eap_sm_request(sm, WPA_CTRL_REQ_EAP_IDENTITY, NULL, 0);
    2258           1 : }
    2259             : 
    2260             : 
    2261             : /**
    2262             :  * eap_sm_request_password - Request password from user (ctrl_iface)
    2263             :  * @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
    2264             :  *
    2265             :  * EAP methods can call this function to request password information for the
    2266             :  * current network. This is normally called when the password is not included
    2267             :  * in the network configuration. The request will be sent to monitor programs
    2268             :  * through the control interface.
    2269             :  */
    2270           7 : void eap_sm_request_password(struct eap_sm *sm)
    2271             : {
    2272           7 :         eap_sm_request(sm, WPA_CTRL_REQ_EAP_PASSWORD, NULL, 0);
    2273           7 : }
    2274             : 
    2275             : 
    2276             : /**
    2277             :  * eap_sm_request_new_password - Request new password from user (ctrl_iface)
    2278             :  * @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
    2279             :  *
    2280             :  * EAP methods can call this function to request new password information for
    2281             :  * the current network. This is normally called when the EAP method indicates
    2282             :  * that the current password has expired and password change is required. The
    2283             :  * request will be sent to monitor programs through the control interface.
    2284             :  */
    2285           0 : void eap_sm_request_new_password(struct eap_sm *sm)
    2286             : {
    2287           0 :         eap_sm_request(sm, WPA_CTRL_REQ_EAP_NEW_PASSWORD, NULL, 0);
    2288           0 : }
    2289             : 
    2290             : 
    2291             : /**
    2292             :  * eap_sm_request_pin - Request SIM or smart card PIN from user (ctrl_iface)
    2293             :  * @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
    2294             :  *
    2295             :  * EAP methods can call this function to request SIM or smart card PIN
    2296             :  * information for the current network. This is normally called when the PIN is
    2297             :  * not included in the network configuration. The request will be sent to
    2298             :  * monitor programs through the control interface.
    2299             :  */
    2300           0 : void eap_sm_request_pin(struct eap_sm *sm)
    2301             : {
    2302           0 :         eap_sm_request(sm, WPA_CTRL_REQ_EAP_PIN, NULL, 0);
    2303           0 : }
    2304             : 
    2305             : 
    2306             : /**
    2307             :  * eap_sm_request_otp - Request one time password from user (ctrl_iface)
    2308             :  * @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
    2309             :  * @msg: Message to be displayed to the user when asking for OTP
    2310             :  * @msg_len: Length of the user displayable message
    2311             :  *
    2312             :  * EAP methods can call this function to request open time password (OTP) for
    2313             :  * the current network. The request will be sent to monitor programs through
    2314             :  * the control interface.
    2315             :  */
    2316           2 : void eap_sm_request_otp(struct eap_sm *sm, const char *msg, size_t msg_len)
    2317             : {
    2318           2 :         eap_sm_request(sm, WPA_CTRL_REQ_EAP_OTP, msg, msg_len);
    2319           2 : }
    2320             : 
    2321             : 
    2322             : /**
    2323             :  * eap_sm_request_passphrase - Request passphrase from user (ctrl_iface)
    2324             :  * @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
    2325             :  *
    2326             :  * EAP methods can call this function to request passphrase for a private key
    2327             :  * for the current network. This is normally called when the passphrase is not
    2328             :  * included in the network configuration. The request will be sent to monitor
    2329             :  * programs through the control interface.
    2330             :  */
    2331           1 : void eap_sm_request_passphrase(struct eap_sm *sm)
    2332             : {
    2333           1 :         eap_sm_request(sm, WPA_CTRL_REQ_EAP_PASSPHRASE, NULL, 0);
    2334           1 : }
    2335             : 
    2336             : 
    2337             : /**
    2338             :  * eap_sm_request_sim - Request external SIM processing
    2339             :  * @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
    2340             :  * @req: EAP method specific request
    2341             :  */
    2342          21 : void eap_sm_request_sim(struct eap_sm *sm, const char *req)
    2343             : {
    2344          21 :         eap_sm_request(sm, WPA_CTRL_REQ_SIM, req, os_strlen(req));
    2345          21 : }
    2346             : 
    2347             : 
    2348             : /**
    2349             :  * eap_sm_notify_ctrl_attached - Notification of attached monitor
    2350             :  * @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
    2351             :  *
    2352             :  * Notify EAP state machines that a monitor was attached to the control
    2353             :  * interface to trigger re-sending of pending requests for user input.
    2354             :  */
    2355         452 : void eap_sm_notify_ctrl_attached(struct eap_sm *sm)
    2356             : {
    2357         452 :         struct eap_peer_config *config = eap_get_config(sm);
    2358             : 
    2359         452 :         if (config == NULL)
    2360         748 :                 return;
    2361             : 
    2362             :         /* Re-send any pending requests for user data since a new control
    2363             :          * interface was added. This handles cases where the EAP authentication
    2364             :          * starts immediately after system startup when the user interface is
    2365             :          * not yet running. */
    2366         156 :         if (config->pending_req_identity)
    2367           0 :                 eap_sm_request_identity(sm);
    2368         156 :         if (config->pending_req_password)
    2369           0 :                 eap_sm_request_password(sm);
    2370         156 :         if (config->pending_req_new_password)
    2371           0 :                 eap_sm_request_new_password(sm);
    2372         156 :         if (config->pending_req_otp)
    2373           0 :                 eap_sm_request_otp(sm, NULL, 0);
    2374         156 :         if (config->pending_req_pin)
    2375           0 :                 eap_sm_request_pin(sm);
    2376         156 :         if (config->pending_req_passphrase)
    2377           0 :                 eap_sm_request_passphrase(sm);
    2378             : }
    2379             : 
    2380             : 
    2381         289 : static int eap_allowed_phase2_type(int vendor, int type)
    2382             : {
    2383         289 :         if (vendor != EAP_VENDOR_IETF)
    2384          36 :                 return 0;
    2385         253 :         return type != EAP_TYPE_PEAP && type != EAP_TYPE_TTLS &&
    2386             :                 type != EAP_TYPE_FAST;
    2387             : }
    2388             : 
    2389             : 
    2390             : /**
    2391             :  * eap_get_phase2_type - Get EAP type for the given EAP phase 2 method name
    2392             :  * @name: EAP method name, e.g., MD5
    2393             :  * @vendor: Buffer for returning EAP Vendor-Id
    2394             :  * Returns: EAP method type or %EAP_TYPE_NONE if not found
    2395             :  *
    2396             :  * This function maps EAP type names into EAP type numbers that are allowed for
    2397             :  * Phase 2, i.e., for tunneled authentication. Phase 2 is used, e.g., with
    2398             :  * EAP-PEAP, EAP-TTLS, and EAP-FAST.
    2399             :  */
    2400          73 : u32 eap_get_phase2_type(const char *name, int *vendor)
    2401             : {
    2402             :         int v;
    2403          73 :         u8 type = eap_peer_get_type(name, &v);
    2404          73 :         if (eap_allowed_phase2_type(v, type)) {
    2405          73 :                 *vendor = v;
    2406          73 :                 return type;
    2407             :         }
    2408           0 :         *vendor = EAP_VENDOR_IETF;
    2409           0 :         return EAP_TYPE_NONE;
    2410             : }
    2411             : 
    2412             : 
    2413             : /**
    2414             :  * eap_get_phase2_types - Get list of allowed EAP phase 2 types
    2415             :  * @config: Pointer to a network configuration
    2416             :  * @count: Pointer to a variable to be filled with number of returned EAP types
    2417             :  * Returns: Pointer to allocated type list or %NULL on failure
    2418             :  *
    2419             :  * This function generates an array of allowed EAP phase 2 (tunneled) types for
    2420             :  * the given network configuration.
    2421             :  */
    2422           9 : struct eap_method_type * eap_get_phase2_types(struct eap_peer_config *config,
    2423             :                                               size_t *count)
    2424             : {
    2425             :         struct eap_method_type *buf;
    2426             :         u32 method;
    2427             :         int vendor;
    2428             :         size_t mcount;
    2429             :         const struct eap_method *methods, *m;
    2430             : 
    2431           9 :         methods = eap_peer_get_methods(&mcount);
    2432           9 :         if (methods == NULL)
    2433           0 :                 return NULL;
    2434           9 :         *count = 0;
    2435           9 :         buf = os_malloc(mcount * sizeof(struct eap_method_type));
    2436           9 :         if (buf == NULL)
    2437           0 :                 return NULL;
    2438             : 
    2439         225 :         for (m = methods; m; m = m->next) {
    2440         216 :                 vendor = m->vendor;
    2441         216 :                 method = m->method;
    2442         216 :                 if (eap_allowed_phase2_type(vendor, method)) {
    2443         153 :                         if (vendor == EAP_VENDOR_IETF &&
    2444          18 :                             method == EAP_TYPE_TLS && config &&
    2445           9 :                             config->private_key2 == NULL)
    2446           9 :                                 continue;
    2447         144 :                         buf[*count].vendor = vendor;
    2448         144 :                         buf[*count].method = method;
    2449         144 :                         (*count)++;
    2450             :                 }
    2451             :         }
    2452             : 
    2453           9 :         return buf;
    2454             : }
    2455             : 
    2456             : 
    2457             : /**
    2458             :  * eap_set_fast_reauth - Update fast_reauth setting
    2459             :  * @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
    2460             :  * @enabled: 1 = Fast reauthentication is enabled, 0 = Disabled
    2461             :  */
    2462        2479 : void eap_set_fast_reauth(struct eap_sm *sm, int enabled)
    2463             : {
    2464        2479 :         sm->fast_reauth = enabled;
    2465        2479 : }
    2466             : 
    2467             : 
    2468             : /**
    2469             :  * eap_set_workaround - Update EAP workarounds setting
    2470             :  * @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
    2471             :  * @workaround: 1 = Enable EAP workarounds, 0 = Disable EAP workarounds
    2472             :  */
    2473        2479 : void eap_set_workaround(struct eap_sm *sm, unsigned int workaround)
    2474             : {
    2475        2479 :         sm->workaround = workaround;
    2476        2479 : }
    2477             : 
    2478             : 
    2479             : /**
    2480             :  * eap_get_config - Get current network configuration
    2481             :  * @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
    2482             :  * Returns: Pointer to the current network configuration or %NULL if not found
    2483             :  *
    2484             :  * EAP peer methods should avoid using this function if they can use other
    2485             :  * access functions, like eap_get_config_identity() and
    2486             :  * eap_get_config_password(), that do not require direct access to
    2487             :  * struct eap_peer_config.
    2488             :  */
    2489       13846 : struct eap_peer_config * eap_get_config(struct eap_sm *sm)
    2490             : {
    2491       13846 :         return sm->eapol_cb->get_config(sm->eapol_ctx);
    2492             : }
    2493             : 
    2494             : 
    2495             : /**
    2496             :  * eap_get_config_identity - Get identity from the network configuration
    2497             :  * @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
    2498             :  * @len: Buffer for the length of the identity
    2499             :  * Returns: Pointer to the identity or %NULL if not found
    2500             :  */
    2501        1777 : const u8 * eap_get_config_identity(struct eap_sm *sm, size_t *len)
    2502             : {
    2503        1777 :         struct eap_peer_config *config = eap_get_config(sm);
    2504        1777 :         if (config == NULL)
    2505           0 :                 return NULL;
    2506        1777 :         *len = config->identity_len;
    2507        1777 :         return config->identity;
    2508             : }
    2509             : 
    2510             : 
    2511           6 : static int eap_get_ext_password(struct eap_sm *sm,
    2512             :                                 struct eap_peer_config *config)
    2513             : {
    2514             :         char *name;
    2515             : 
    2516           6 :         if (config->password == NULL)
    2517           0 :                 return -1;
    2518             : 
    2519           6 :         name = os_zalloc(config->password_len + 1);
    2520           6 :         if (name == NULL)
    2521           0 :                 return -1;
    2522           6 :         os_memcpy(name, config->password, config->password_len);
    2523             : 
    2524           6 :         ext_password_free(sm->ext_pw_buf);
    2525           6 :         sm->ext_pw_buf = ext_password_get(sm->ext_pw, name);
    2526           6 :         os_free(name);
    2527             : 
    2528           6 :         return sm->ext_pw_buf == NULL ? -1 : 0;
    2529             : }
    2530             : 
    2531             : 
    2532             : /**
    2533             :  * eap_get_config_password - Get password from the network configuration
    2534             :  * @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
    2535             :  * @len: Buffer for the length of the password
    2536             :  * Returns: Pointer to the password or %NULL if not found
    2537             :  */
    2538         885 : const u8 * eap_get_config_password(struct eap_sm *sm, size_t *len)
    2539             : {
    2540         885 :         struct eap_peer_config *config = eap_get_config(sm);
    2541         885 :         if (config == NULL)
    2542           0 :                 return NULL;
    2543             : 
    2544         885 :         if (config->flags & EAP_CONFIG_FLAGS_EXT_PASSWORD) {
    2545           4 :                 if (eap_get_ext_password(sm, config) < 0)
    2546           0 :                         return NULL;
    2547           4 :                 *len = wpabuf_len(sm->ext_pw_buf);
    2548           4 :                 return wpabuf_head(sm->ext_pw_buf);
    2549             :         }
    2550             : 
    2551         881 :         *len = config->password_len;
    2552         881 :         return config->password;
    2553             : }
    2554             : 
    2555             : 
    2556             : /**
    2557             :  * eap_get_config_password2 - Get password from the network configuration
    2558             :  * @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
    2559             :  * @len: Buffer for the length of the password
    2560             :  * @hash: Buffer for returning whether the password is stored as a
    2561             :  * NtPasswordHash instead of plaintext password; can be %NULL if this
    2562             :  * information is not needed
    2563             :  * Returns: Pointer to the password or %NULL if not found
    2564             :  */
    2565         167 : const u8 * eap_get_config_password2(struct eap_sm *sm, size_t *len, int *hash)
    2566             : {
    2567         167 :         struct eap_peer_config *config = eap_get_config(sm);
    2568         167 :         if (config == NULL)
    2569           0 :                 return NULL;
    2570             : 
    2571         167 :         if (config->flags & EAP_CONFIG_FLAGS_EXT_PASSWORD) {
    2572           2 :                 if (eap_get_ext_password(sm, config) < 0)
    2573           0 :                         return NULL;
    2574           2 :                 if (hash)
    2575           2 :                         *hash = 0;
    2576           2 :                 *len = wpabuf_len(sm->ext_pw_buf);
    2577           2 :                 return wpabuf_head(sm->ext_pw_buf);
    2578             :         }
    2579             : 
    2580         165 :         *len = config->password_len;
    2581         165 :         if (hash)
    2582         165 :                 *hash = !!(config->flags & EAP_CONFIG_FLAGS_PASSWORD_NTHASH);
    2583         165 :         return config->password;
    2584             : }
    2585             : 
    2586             : 
    2587             : /**
    2588             :  * eap_get_config_new_password - Get new password from network configuration
    2589             :  * @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
    2590             :  * @len: Buffer for the length of the new password
    2591             :  * Returns: Pointer to the new password or %NULL if not found
    2592             :  */
    2593           0 : const u8 * eap_get_config_new_password(struct eap_sm *sm, size_t *len)
    2594             : {
    2595           0 :         struct eap_peer_config *config = eap_get_config(sm);
    2596           0 :         if (config == NULL)
    2597           0 :                 return NULL;
    2598           0 :         *len = config->new_password_len;
    2599           0 :         return config->new_password;
    2600             : }
    2601             : 
    2602             : 
    2603             : /**
    2604             :  * eap_get_config_otp - Get one-time password from the network configuration
    2605             :  * @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
    2606             :  * @len: Buffer for the length of the one-time password
    2607             :  * Returns: Pointer to the one-time password or %NULL if not found
    2608             :  */
    2609          17 : const u8 * eap_get_config_otp(struct eap_sm *sm, size_t *len)
    2610             : {
    2611          17 :         struct eap_peer_config *config = eap_get_config(sm);
    2612          17 :         if (config == NULL)
    2613           0 :                 return NULL;
    2614          17 :         *len = config->otp_len;
    2615          17 :         return config->otp;
    2616             : }
    2617             : 
    2618             : 
    2619             : /**
    2620             :  * eap_clear_config_otp - Clear used one-time password
    2621             :  * @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
    2622             :  *
    2623             :  * This function clears a used one-time password (OTP) from the current network
    2624             :  * configuration. This should be called when the OTP has been used and is not
    2625             :  * needed anymore.
    2626             :  */
    2627           2 : void eap_clear_config_otp(struct eap_sm *sm)
    2628             : {
    2629           2 :         struct eap_peer_config *config = eap_get_config(sm);
    2630           2 :         if (config == NULL)
    2631           2 :                 return;
    2632           2 :         os_memset(config->otp, 0, config->otp_len);
    2633           2 :         os_free(config->otp);
    2634           2 :         config->otp = NULL;
    2635           2 :         config->otp_len = 0;
    2636             : }
    2637             : 
    2638             : 
    2639             : /**
    2640             :  * eap_get_config_phase1 - Get phase1 data from the network configuration
    2641             :  * @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
    2642             :  * Returns: Pointer to the phase1 data or %NULL if not found
    2643             :  */
    2644         701 : const char * eap_get_config_phase1(struct eap_sm *sm)
    2645             : {
    2646         701 :         struct eap_peer_config *config = eap_get_config(sm);
    2647         701 :         if (config == NULL)
    2648           0 :                 return NULL;
    2649         701 :         return config->phase1;
    2650             : }
    2651             : 
    2652             : 
    2653             : /**
    2654             :  * eap_get_config_phase2 - Get phase2 data from the network configuration
    2655             :  * @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
    2656             :  * Returns: Pointer to the phase1 data or %NULL if not found
    2657             :  */
    2658           0 : const char * eap_get_config_phase2(struct eap_sm *sm)
    2659             : {
    2660           0 :         struct eap_peer_config *config = eap_get_config(sm);
    2661           0 :         if (config == NULL)
    2662           0 :                 return NULL;
    2663           0 :         return config->phase2;
    2664             : }
    2665             : 
    2666             : 
    2667         348 : int eap_get_config_fragment_size(struct eap_sm *sm)
    2668             : {
    2669         348 :         struct eap_peer_config *config = eap_get_config(sm);
    2670         348 :         if (config == NULL)
    2671           0 :                 return -1;
    2672         348 :         return config->fragment_size;
    2673             : }
    2674             : 
    2675             : 
    2676             : /**
    2677             :  * eap_key_available - Get key availability (eapKeyAvailable variable)
    2678             :  * @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
    2679             :  * Returns: 1 if EAP keying material is available, 0 if not
    2680             :  */
    2681        5256 : int eap_key_available(struct eap_sm *sm)
    2682             : {
    2683        5256 :         return sm ? sm->eapKeyAvailable : 0;
    2684             : }
    2685             : 
    2686             : 
    2687             : /**
    2688             :  * eap_notify_success - Notify EAP state machine about external success trigger
    2689             :  * @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
    2690             :  *
    2691             :  * This function is called when external event, e.g., successful completion of
    2692             :  * WPA-PSK key handshake, is indicating that EAP state machine should move to
    2693             :  * success state. This is mainly used with security modes that do not use EAP
    2694             :  * state machine (e.g., WPA-PSK).
    2695             :  */
    2696        1124 : void eap_notify_success(struct eap_sm *sm)
    2697             : {
    2698        1124 :         if (sm) {
    2699        1124 :                 sm->decision = DECISION_COND_SUCC;
    2700        1124 :                 sm->EAP_state = EAP_SUCCESS;
    2701             :         }
    2702        1124 : }
    2703             : 
    2704             : 
    2705             : /**
    2706             :  * eap_notify_lower_layer_success - Notification of lower layer success
    2707             :  * @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
    2708             :  *
    2709             :  * Notify EAP state machines that a lower layer has detected a successful
    2710             :  * authentication. This is used to recover from dropped EAP-Success messages.
    2711             :  */
    2712        2635 : void eap_notify_lower_layer_success(struct eap_sm *sm)
    2713             : {
    2714        2635 :         if (sm == NULL)
    2715           0 :                 return;
    2716             : 
    2717        3612 :         if (eapol_get_bool(sm, EAPOL_eapSuccess) ||
    2718        1402 :             sm->decision == DECISION_FAIL ||
    2719         815 :             (sm->methodState != METHOD_MAY_CONT &&
    2720         390 :              sm->methodState != METHOD_DONE))
    2721        2271 :                 return;
    2722             : 
    2723         364 :         if (sm->eapKeyData != NULL)
    2724           4 :                 sm->eapKeyAvailable = TRUE;
    2725         364 :         eapol_set_bool(sm, EAPOL_eapSuccess, TRUE);
    2726         364 :         wpa_msg(sm->msg_ctx, MSG_INFO, WPA_EVENT_EAP_SUCCESS
    2727             :                 "EAP authentication completed successfully (based on lower "
    2728             :                 "layer success)");
    2729             : }
    2730             : 
    2731             : 
    2732             : /**
    2733             :  * eap_get_eapSessionId - Get Session-Id from EAP state machine
    2734             :  * @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
    2735             :  * @len: Pointer to variable that will be set to number of bytes in the session
    2736             :  * Returns: Pointer to the EAP Session-Id or %NULL on failure
    2737             :  *
    2738             :  * Fetch EAP Session-Id from the EAP state machine. The Session-Id is available
    2739             :  * only after a successful authentication. EAP state machine continues to manage
    2740             :  * the Session-Id and the caller must not change or free the returned data.
    2741             :  */
    2742        1054 : const u8 * eap_get_eapSessionId(struct eap_sm *sm, size_t *len)
    2743             : {
    2744        1054 :         if (sm == NULL || sm->eapSessionId == NULL) {
    2745         808 :                 *len = 0;
    2746         808 :                 return NULL;
    2747             :         }
    2748             : 
    2749         246 :         *len = sm->eapSessionIdLen;
    2750         246 :         return sm->eapSessionId;
    2751             : }
    2752             : 
    2753             : 
    2754             : /**
    2755             :  * eap_get_eapKeyData - Get master session key (MSK) from EAP state machine
    2756             :  * @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
    2757             :  * @len: Pointer to variable that will be set to number of bytes in the key
    2758             :  * Returns: Pointer to the EAP keying data or %NULL on failure
    2759             :  *
    2760             :  * Fetch EAP keying material (MSK, eapKeyData) from the EAP state machine. The
    2761             :  * key is available only after a successful authentication. EAP state machine
    2762             :  * continues to manage the key data and the caller must not change or free the
    2763             :  * returned data.
    2764             :  */
    2765        1212 : const u8 * eap_get_eapKeyData(struct eap_sm *sm, size_t *len)
    2766             : {
    2767        1212 :         if (sm == NULL || sm->eapKeyData == NULL) {
    2768           0 :                 *len = 0;
    2769           0 :                 return NULL;
    2770             :         }
    2771             : 
    2772        1212 :         *len = sm->eapKeyDataLen;
    2773        1212 :         return sm->eapKeyData;
    2774             : }
    2775             : 
    2776             : 
    2777             : /**
    2778             :  * eap_get_eapKeyData - Get EAP response data
    2779             :  * @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
    2780             :  * Returns: Pointer to the EAP response (eapRespData) or %NULL on failure
    2781             :  *
    2782             :  * Fetch EAP response (eapRespData) from the EAP state machine. This data is
    2783             :  * available when EAP state machine has processed an incoming EAP request. The
    2784             :  * EAP state machine does not maintain a reference to the response after this
    2785             :  * function is called and the caller is responsible for freeing the data.
    2786             :  */
    2787        5288 : struct wpabuf * eap_get_eapRespData(struct eap_sm *sm)
    2788             : {
    2789             :         struct wpabuf *resp;
    2790             : 
    2791        5288 :         if (sm == NULL || sm->eapRespData == NULL)
    2792           0 :                 return NULL;
    2793             : 
    2794        5288 :         resp = sm->eapRespData;
    2795        5288 :         sm->eapRespData = NULL;
    2796             : 
    2797        5288 :         return resp;
    2798             : }
    2799             : 
    2800             : 
    2801             : /**
    2802             :  * eap_sm_register_scard_ctx - Notification of smart card context
    2803             :  * @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
    2804             :  * @ctx: Context data for smart card operations
    2805             :  *
    2806             :  * Notify EAP state machines of context data for smart card operations. This
    2807             :  * context data will be used as a parameter for scard_*() functions.
    2808             :  */
    2809         186 : void eap_register_scard_ctx(struct eap_sm *sm, void *ctx)
    2810             : {
    2811         186 :         if (sm)
    2812         186 :                 sm->scard_ctx = ctx;
    2813         186 : }
    2814             : 
    2815             : 
    2816             : /**
    2817             :  * eap_set_config_blob - Set or add a named configuration blob
    2818             :  * @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
    2819             :  * @blob: New value for the blob
    2820             :  *
    2821             :  * Adds a new configuration blob or replaces the current value of an existing
    2822             :  * blob.
    2823             :  */
    2824           9 : void eap_set_config_blob(struct eap_sm *sm, struct wpa_config_blob *blob)
    2825             : {
    2826             : #ifndef CONFIG_NO_CONFIG_BLOBS
    2827           9 :         sm->eapol_cb->set_config_blob(sm->eapol_ctx, blob);
    2828             : #endif /* CONFIG_NO_CONFIG_BLOBS */
    2829           9 : }
    2830             : 
    2831             : 
    2832             : /**
    2833             :  * eap_get_config_blob - Get a named configuration blob
    2834             :  * @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
    2835             :  * @name: Name of the blob
    2836             :  * Returns: Pointer to blob data or %NULL if not found
    2837             :  */
    2838          23 : const struct wpa_config_blob * eap_get_config_blob(struct eap_sm *sm,
    2839             :                                                    const char *name)
    2840             : {
    2841             : #ifndef CONFIG_NO_CONFIG_BLOBS
    2842          23 :         return sm->eapol_cb->get_config_blob(sm->eapol_ctx, name);
    2843             : #else /* CONFIG_NO_CONFIG_BLOBS */
    2844             :         return NULL;
    2845             : #endif /* CONFIG_NO_CONFIG_BLOBS */
    2846             : }
    2847             : 
    2848             : 
    2849             : /**
    2850             :  * eap_set_force_disabled - Set force_disabled flag
    2851             :  * @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
    2852             :  * @disabled: 1 = EAP disabled, 0 = EAP enabled
    2853             :  *
    2854             :  * This function is used to force EAP state machine to be disabled when it is
    2855             :  * not in use (e.g., with WPA-PSK or plaintext connections).
    2856             :  */
    2857        2479 : void eap_set_force_disabled(struct eap_sm *sm, int disabled)
    2858             : {
    2859        2479 :         sm->force_disabled = disabled;
    2860        2479 : }
    2861             : 
    2862             : 
    2863             : /**
    2864             :  * eap_set_external_sim - Set external_sim flag
    2865             :  * @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
    2866             :  * @external_sim: Whether external SIM/USIM processing is used
    2867             :  */
    2868        2479 : void eap_set_external_sim(struct eap_sm *sm, int external_sim)
    2869             : {
    2870        2479 :         sm->external_sim = external_sim;
    2871        2479 : }
    2872             : 
    2873             : 
    2874             :  /**
    2875             :  * eap_notify_pending - Notify that EAP method is ready to re-process a request
    2876             :  * @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
    2877             :  *
    2878             :  * An EAP method can perform a pending operation (e.g., to get a response from
    2879             :  * an external process). Once the response is available, this function can be
    2880             :  * used to request EAPOL state machine to retry delivering the previously
    2881             :  * received (and still unanswered) EAP request to EAP state machine.
    2882             :  */
    2883           1 : void eap_notify_pending(struct eap_sm *sm)
    2884             : {
    2885           1 :         sm->eapol_cb->notify_pending(sm->eapol_ctx);
    2886           1 : }
    2887             : 
    2888             : 
    2889             : /**
    2890             :  * eap_invalidate_cached_session - Mark cached session data invalid
    2891             :  * @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
    2892             :  */
    2893       11613 : void eap_invalidate_cached_session(struct eap_sm *sm)
    2894             : {
    2895       11613 :         if (sm)
    2896       11613 :                 eap_deinit_prev_method(sm, "invalidate");
    2897       11613 : }
    2898             : 
    2899             : 
    2900        3528 : int eap_is_wps_pbc_enrollee(struct eap_peer_config *conf)
    2901             : {
    2902        4711 :         if (conf->identity_len != WSC_ID_ENROLLEE_LEN ||
    2903        1183 :             os_memcmp(conf->identity, WSC_ID_ENROLLEE, WSC_ID_ENROLLEE_LEN))
    2904        2345 :                 return 0; /* Not a WPS Enrollee */
    2905             : 
    2906        1183 :         if (conf->phase1 == NULL || os_strstr(conf->phase1, "pbc=1") == NULL)
    2907         850 :                 return 0; /* Not using PBC */
    2908             : 
    2909         333 :         return 1;
    2910             : }
    2911             : 
    2912             : 
    2913        1432 : int eap_is_wps_pin_enrollee(struct eap_peer_config *conf)
    2914             : {
    2915        2116 :         if (conf->identity_len != WSC_ID_ENROLLEE_LEN ||
    2916         684 :             os_memcmp(conf->identity, WSC_ID_ENROLLEE, WSC_ID_ENROLLEE_LEN))
    2917         748 :                 return 0; /* Not a WPS Enrollee */
    2918             : 
    2919         684 :         if (conf->phase1 == NULL || os_strstr(conf->phase1, "pin=") == NULL)
    2920          61 :                 return 0; /* Not using PIN */
    2921             : 
    2922         623 :         return 1;
    2923             : }
    2924             : 
    2925             : 
    2926         199 : void eap_sm_set_ext_pw_ctx(struct eap_sm *sm, struct ext_password_data *ext)
    2927             : {
    2928         199 :         ext_password_free(sm->ext_pw_buf);
    2929         199 :         sm->ext_pw_buf = NULL;
    2930         199 :         sm->ext_pw = ext;
    2931         199 : }
    2932             : 
    2933             : 
    2934             : /**
    2935             :  * eap_set_anon_id - Set or add anonymous identity
    2936             :  * @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
    2937             :  * @id: Anonymous identity (e.g., EAP-SIM pseudonym) or %NULL to clear
    2938             :  * @len: Length of anonymous identity in octets
    2939             :  */
    2940          52 : void eap_set_anon_id(struct eap_sm *sm, const u8 *id, size_t len)
    2941             : {
    2942          52 :         if (sm->eapol_cb->set_anon_id)
    2943          52 :                 sm->eapol_cb->set_anon_id(sm->eapol_ctx, id, len);
    2944          52 : }
    2945             : 
    2946             : 
    2947         500 : int eap_peer_was_failure_expected(struct eap_sm *sm)
    2948             : {
    2949         500 :         return sm->expected_failure;
    2950             : }

Generated by: LCOV version 1.10