LCOV - code coverage report
Current view: top level - src/eap_server - eap_server_md5.c (source / functions) Hit Total Coverage
Test: wpa_supplicant/hostapd combined for hwsim test run 1443382998 Lines: 66 80 82.5 %
Date: 2015-09-27 Functions: 8 8 100.0 % 

          Line data    Source code
       1             : /*
       2             :  * hostapd / EAP-MD5 server
       3             :  * Copyright (c) 2004-2012, Jouni Malinen <j@w1.fi>
       4             :  *
       5             :  * This software may be distributed under the terms of the BSD license.
       6             :  * See README for more details.
       7             :  */
       8             : 
       9             : #include "includes.h"
      10             : 
      11             : #include "common.h"
      12             : #include "crypto/random.h"
      13             : #include "eap_i.h"
      14             : #include "eap_common/chap.h"
      15             : 
      16             : 
      17             : #define CHALLENGE_LEN 16
      18             : 
      19             : struct eap_md5_data {
      20             :         u8 challenge[CHALLENGE_LEN];
      21             :         enum { CONTINUE, SUCCESS, FAILURE } state;
      22             : };
      23             : 
      24             : 
      25           7 : static void * eap_md5_init(struct eap_sm *sm)
      26             : {
      27             :         struct eap_md5_data *data;
      28             : 
      29           7 :         data = os_zalloc(sizeof(*data));
      30           7 :         if (data == NULL)
      31           1 :                 return NULL;
      32           6 :         data->state = CONTINUE;
      33             : 
      34           6 :         return data;
      35             : }
      36             : 
      37             : 
      38           6 : static void eap_md5_reset(struct eap_sm *sm, void *priv)
      39             : {
      40           6 :         struct eap_md5_data *data = priv;
      41           6 :         os_free(data);
      42           6 : }
      43             : 
      44             : 
      45           6 : static struct wpabuf * eap_md5_buildReq(struct eap_sm *sm, void *priv, u8 id)
      46             : {
      47           6 :         struct eap_md5_data *data = priv;
      48             :         struct wpabuf *req;
      49             : 
      50           6 :         if (random_get_bytes(data->challenge, CHALLENGE_LEN)) {
      51           0 :                 wpa_printf(MSG_ERROR, "EAP-MD5: Failed to get random data");
      52           0 :                 data->state = FAILURE;
      53           0 :                 return NULL;
      54             :         }
      55             : 
      56           6 :         req = eap_msg_alloc(EAP_VENDOR_IETF, EAP_TYPE_MD5, 1 + CHALLENGE_LEN,
      57             :                             EAP_CODE_REQUEST, id);
      58           6 :         if (req == NULL) {
      59           1 :                 wpa_printf(MSG_ERROR, "EAP-MD5: Failed to allocate memory for "
      60             :                            "request");
      61           1 :                 data->state = FAILURE;
      62           1 :                 return NULL;
      63             :         }
      64             : 
      65           5 :         wpabuf_put_u8(req, CHALLENGE_LEN);
      66           5 :         wpabuf_put_data(req, data->challenge, CHALLENGE_LEN);
      67           5 :         wpa_hexdump(MSG_MSGDUMP, "EAP-MD5: Challenge", data->challenge,
      68             :                     CHALLENGE_LEN);
      69             : 
      70           5 :         data->state = CONTINUE;
      71             : 
      72           5 :         return req;
      73             : }
      74             : 
      75             : 
      76           5 : static Boolean eap_md5_check(struct eap_sm *sm, void *priv,
      77             :                              struct wpabuf *respData)
      78             : {
      79             :         const u8 *pos;
      80             :         size_t len;
      81             : 
      82           5 :         pos = eap_hdr_validate(EAP_VENDOR_IETF, EAP_TYPE_MD5, respData, &len);
      83           5 :         if (pos == NULL || len < 1) {
      84           0 :                 wpa_printf(MSG_INFO, "EAP-MD5: Invalid frame");
      85           0 :                 return TRUE;
      86             :         }
      87           5 :         if (*pos != CHAP_MD5_LEN || 1 + CHAP_MD5_LEN > len) {
      88           0 :                 wpa_printf(MSG_INFO, "EAP-MD5: Invalid response "
      89             :                            "(response_len=%d payload_len=%lu",
      90           0 :                            *pos, (unsigned long) len);
      91           0 :                 return TRUE;
      92             :         }
      93             : 
      94           5 :         return FALSE;
      95             : }
      96             : 
      97             : 
      98           5 : static void eap_md5_process(struct eap_sm *sm, void *priv,
      99             :                             struct wpabuf *respData)
     100             : {
     101           5 :         struct eap_md5_data *data = priv;
     102             :         const u8 *pos;
     103             :         size_t plen;
     104             :         u8 hash[CHAP_MD5_LEN], id;
     105             : 
     106           9 :         if (sm->user == NULL || sm->user->password == NULL ||
     107           4 :             sm->user->password_hash) {
     108           1 :                 wpa_printf(MSG_INFO, "EAP-MD5: Plaintext password not "
     109             :                            "configured");
     110           1 :                 data->state = FAILURE;
     111           2 :                 return;
     112             :         }
     113             : 
     114           4 :         pos = eap_hdr_validate(EAP_VENDOR_IETF, EAP_TYPE_MD5, respData, &plen);
     115           4 :         if (pos == NULL || *pos != CHAP_MD5_LEN || plen < 1 + CHAP_MD5_LEN)
     116           0 :                 return; /* Should not happen - frame already validated */
     117             : 
     118           4 :         pos++; /* Skip response len */
     119           4 :         wpa_hexdump(MSG_MSGDUMP, "EAP-MD5: Response", pos, CHAP_MD5_LEN);
     120             : 
     121           4 :         id = eap_get_id(respData);
     122           4 :         if (chap_md5(id, sm->user->password, sm->user->password_len,
     123           4 :                      data->challenge, CHALLENGE_LEN, hash)) {
     124           0 :                 wpa_printf(MSG_INFO, "EAP-MD5: CHAP MD5 operation failed");
     125           0 :                 data->state = FAILURE;
     126           0 :                 return;
     127             :         }
     128             : 
     129           4 :         if (os_memcmp_const(hash, pos, CHAP_MD5_LEN) == 0) {
     130           3 :                 wpa_printf(MSG_DEBUG, "EAP-MD5: Done - Success");
     131           3 :                 data->state = SUCCESS;
     132             :         } else {
     133           1 :                 wpa_printf(MSG_DEBUG, "EAP-MD5: Done - Failure");
     134           1 :                 data->state = FAILURE;
     135             :         }
     136             : }
     137             : 
     138             : 
     139           5 : static Boolean eap_md5_isDone(struct eap_sm *sm, void *priv)
     140             : {
     141           5 :         struct eap_md5_data *data = priv;
     142           5 :         return data->state != CONTINUE;
     143             : }
     144             : 
     145             : 
     146           5 : static Boolean eap_md5_isSuccess(struct eap_sm *sm, void *priv)
     147             : {
     148           5 :         struct eap_md5_data *data = priv;
     149           5 :         return data->state == SUCCESS;
     150             : }
     151             : 
     152             : 
     153          25 : int eap_server_md5_register(void)
     154             : {
     155             :         struct eap_method *eap;
     156             :         int ret;
     157             : 
     158          25 :         eap = eap_server_method_alloc(EAP_SERVER_METHOD_INTERFACE_VERSION,
     159             :                                       EAP_VENDOR_IETF, EAP_TYPE_MD5, "MD5");
     160          25 :         if (eap == NULL)
     161           0 :                 return -1;
     162             : 
     163          25 :         eap->init = eap_md5_init;
     164          25 :         eap->reset = eap_md5_reset;
     165          25 :         eap->buildReq = eap_md5_buildReq;
     166          25 :         eap->check = eap_md5_check;
     167          25 :         eap->process = eap_md5_process;
     168          25 :         eap->isDone = eap_md5_isDone;
     169          25 :         eap->isSuccess = eap_md5_isSuccess;
     170             : 
     171          25 :         ret = eap_server_method_register(eap);
     172          25 :         if (ret)
     173           0 :                 eap_server_method_free(eap);
     174          25 :         return ret;
     175             : }

Generated by: LCOV version 1.10