LCOV - code coverage report
Current view: top level - src/eap_peer - eap_gtc.c (source / functions) Hit Total Coverage
Test: wpa_supplicant/hostapd combined for hwsim test run 1422976643 Lines: 61 71 85.9 %
Date: 2015-02-03 Functions: 4 4 100.0 %

          Line data    Source code
       1             : /*
       2             :  * EAP peer method: EAP-GTC (RFC 3748)
       3             :  * Copyright (c) 2004-2006, Jouni Malinen <j@w1.fi>
       4             :  *
       5             :  * This software may be distributed under the terms of the BSD license.
       6             :  * See README for more details.
       7             :  */
       8             : 
       9             : #include "includes.h"
      10             : 
      11             : #include "common.h"
      12             : #include "eap_i.h"
      13             : 
      14             : 
      15             : struct eap_gtc_data {
      16             :         int prefix;
      17             : };
      18             : 
      19             : 
      20          12 : static void * eap_gtc_init(struct eap_sm *sm)
      21             : {
      22             :         struct eap_gtc_data *data;
      23          12 :         data = os_zalloc(sizeof(*data));
      24          12 :         if (data == NULL)
      25           0 :                 return NULL;
      26             : 
      27          24 :         if (sm->m && sm->m->vendor == EAP_VENDOR_IETF &&
      28          12 :             sm->m->method == EAP_TYPE_FAST) {
      29           7 :                 wpa_printf(MSG_DEBUG, "EAP-GTC: EAP-FAST tunnel - use prefix "
      30             :                            "with challenge/response");
      31           7 :                 data->prefix = 1;
      32             :         }
      33          12 :         return data;
      34             : }
      35             : 
      36             : 
      37          12 : static void eap_gtc_deinit(struct eap_sm *sm, void *priv)
      38             : {
      39          12 :         struct eap_gtc_data *data = priv;
      40          12 :         os_free(data);
      41          12 : }
      42             : 
      43             : 
      44          14 : static struct wpabuf * eap_gtc_process(struct eap_sm *sm, void *priv,
      45             :                                        struct eap_method_ret *ret,
      46             :                                        const struct wpabuf *reqData)
      47             : {
      48          14 :         struct eap_gtc_data *data = priv;
      49             :         struct wpabuf *resp;
      50             :         const u8 *pos, *password, *identity;
      51             :         size_t password_len, identity_len, len, plen;
      52             :         int otp;
      53             :         u8 id;
      54             : 
      55          14 :         pos = eap_hdr_validate(EAP_VENDOR_IETF, EAP_TYPE_GTC, reqData, &len);
      56          14 :         if (pos == NULL) {
      57           0 :                 ret->ignore = TRUE;
      58           0 :                 return NULL;
      59             :         }
      60          14 :         id = eap_get_id(reqData);
      61             : 
      62          14 :         wpa_hexdump_ascii(MSG_MSGDUMP, "EAP-GTC: Request message", pos, len);
      63          21 :         if (data->prefix &&
      64          14 :             (len < 10 || os_memcmp(pos, "CHALLENGE=", 10) != 0)) {
      65           0 :                 wpa_printf(MSG_DEBUG, "EAP-GTC: Challenge did not start with "
      66             :                            "expected prefix");
      67             : 
      68             :                 /* Send an empty response in order to allow tunneled
      69             :                  * acknowledgement of the failure. This will also cover the
      70             :                  * error case which seems to use EAP-MSCHAPv2 like error
      71             :                  * reporting with EAP-GTC inside EAP-FAST tunnel. */
      72           0 :                 resp = eap_msg_alloc(EAP_VENDOR_IETF, EAP_TYPE_GTC,
      73             :                                      0, EAP_CODE_RESPONSE, id);
      74           0 :                 return resp;
      75             :         }
      76             : 
      77          14 :         password = eap_get_config_otp(sm, &password_len);
      78          14 :         if (password)
      79           1 :                 otp = 1;
      80             :         else {
      81          13 :                 password = eap_get_config_password(sm, &password_len);
      82          13 :                 otp = 0;
      83             :         }
      84             : 
      85          14 :         if (password == NULL) {
      86           1 :                 wpa_printf(MSG_INFO, "EAP-GTC: Password not configured");
      87           1 :                 eap_sm_request_otp(sm, (const char *) pos, len);
      88           1 :                 ret->ignore = TRUE;
      89           1 :                 return NULL;
      90             :         }
      91             : 
      92          13 :         ret->ignore = FALSE;
      93             : 
      94          13 :         ret->methodState = data->prefix ? METHOD_MAY_CONT : METHOD_DONE;
      95          13 :         ret->decision = DECISION_COND_SUCC;
      96          13 :         ret->allowNotifications = FALSE;
      97             : 
      98          13 :         plen = password_len;
      99          13 :         identity = eap_get_config_identity(sm, &identity_len);
     100          13 :         if (identity == NULL)
     101           0 :                 return NULL;
     102          13 :         if (data->prefix)
     103           7 :                 plen += 9 + identity_len + 1;
     104          13 :         resp = eap_msg_alloc(EAP_VENDOR_IETF, EAP_TYPE_GTC, plen,
     105             :                              EAP_CODE_RESPONSE, id);
     106          13 :         if (resp == NULL)
     107           0 :                 return NULL;
     108          13 :         if (data->prefix) {
     109           7 :                 wpabuf_put_data(resp, "RESPONSE=", 9);
     110           7 :                 wpabuf_put_data(resp, identity, identity_len);
     111           7 :                 wpabuf_put_u8(resp, '\0');
     112             :         }
     113          13 :         wpabuf_put_data(resp, password, password_len);
     114          13 :         wpa_hexdump_ascii_key(MSG_MSGDUMP, "EAP-GTC: Response",
     115          13 :                               wpabuf_head_u8(resp) + sizeof(struct eap_hdr) +
     116             :                               1, plen);
     117             : 
     118          13 :         if (otp) {
     119           1 :                 wpa_printf(MSG_DEBUG, "EAP-GTC: Forgetting used password");
     120           1 :                 eap_clear_config_otp(sm);
     121             :         }
     122             : 
     123          13 :         return resp;
     124             : }
     125             : 
     126             : 
     127          30 : int eap_peer_gtc_register(void)
     128             : {
     129             :         struct eap_method *eap;
     130             :         int ret;
     131             : 
     132          30 :         eap = eap_peer_method_alloc(EAP_PEER_METHOD_INTERFACE_VERSION,
     133             :                                     EAP_VENDOR_IETF, EAP_TYPE_GTC, "GTC");
     134          30 :         if (eap == NULL)
     135           0 :                 return -1;
     136             : 
     137          30 :         eap->init = eap_gtc_init;
     138          30 :         eap->deinit = eap_gtc_deinit;
     139          30 :         eap->process = eap_gtc_process;
     140             : 
     141          30 :         ret = eap_peer_method_register(eap);
     142          30 :         if (ret)
     143           0 :                 eap_peer_method_free(eap);
     144          30 :         return ret;
     145             : }

Generated by: LCOV version 1.10