1/*
2 * EAP peer state machines (RFC 4137)
3 * Copyright (c) 2004-2012, Jouni Malinen <j@w1.fi>
4 *
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
7 *
8 * This file implements the Peer State Machine as defined in RFC 4137. The used
9 * states and state transitions match mostly with the RFC. However, there are
10 * couple of additional transitions for working around small issues noticed
11 * during testing. These exceptions are explained in comments within the
12 * functions in this file. The method functions, m.func(), are similar to the
13 * ones used in RFC 4137, but some small changes have used here to optimize
14 * operations and to add functionality needed for fast re-authentication
15 * (session resumption).
16 */
17
18#include "includes.h"
19
20#include "common.h"
21#include "pcsc_funcs.h"
22#include "state_machine.h"
23#include "ext_password.h"
24#include "crypto/crypto.h"
25#include "crypto/tls.h"
26#include "common/wpa_ctrl.h"
27#include "eap_common/eap_wsc_common.h"
28#include "eap_i.h"
29#include "eap_config.h"
30
31#define STATE_MACHINE_DATA struct eap_sm
32#define STATE_MACHINE_DEBUG_PREFIX "EAP"
33
34#define EAP_MAX_AUTH_ROUNDS 50
35#define EAP_CLIENT_TIMEOUT_DEFAULT 60
36
37
38static Boolean eap_sm_allowMethod(struct eap_sm *sm, int vendor,
39				  EapType method);
40static struct wpabuf * eap_sm_buildNak(struct eap_sm *sm, int id);
41static void eap_sm_processIdentity(struct eap_sm *sm,
42				   const struct wpabuf *req);
43static void eap_sm_processNotify(struct eap_sm *sm, const struct wpabuf *req);
44static struct wpabuf * eap_sm_buildNotify(int id);
45static void eap_sm_parseEapReq(struct eap_sm *sm, const struct wpabuf *req);
46#if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
47static const char * eap_sm_method_state_txt(EapMethodState state);
48static const char * eap_sm_decision_txt(EapDecision decision);
49#endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
50
51
52
53static Boolean eapol_get_bool(struct eap_sm *sm, enum eapol_bool_var var)
54{
55	return sm->eapol_cb->get_bool(sm->eapol_ctx, var);
56}
57
58
59static void eapol_set_bool(struct eap_sm *sm, enum eapol_bool_var var,
60			   Boolean value)
61{
62	sm->eapol_cb->set_bool(sm->eapol_ctx, var, value);
63}
64
65
66static unsigned int eapol_get_int(struct eap_sm *sm, enum eapol_int_var var)
67{
68	return sm->eapol_cb->get_int(sm->eapol_ctx, var);
69}
70
71
72static void eapol_set_int(struct eap_sm *sm, enum eapol_int_var var,
73			  unsigned int value)
74{
75	sm->eapol_cb->set_int(sm->eapol_ctx, var, value);
76}
77
78
79static struct wpabuf * eapol_get_eapReqData(struct eap_sm *sm)
80{
81	return sm->eapol_cb->get_eapReqData(sm->eapol_ctx);
82}
83
84
85static void eap_notify_status(struct eap_sm *sm, const char *status,
86				      const char *parameter)
87{
88	wpa_printf(MSG_DEBUG, "EAP: Status notification: %s (param=%s)",
89		   status, parameter);
90	if (sm->eapol_cb->notify_status)
91		sm->eapol_cb->notify_status(sm->eapol_ctx, status, parameter);
92}
93
94
95static void eap_deinit_prev_method(struct eap_sm *sm, const char *txt)
96{
97	ext_password_free(sm->ext_pw_buf);
98	sm->ext_pw_buf = NULL;
99
100	if (sm->m == NULL || sm->eap_method_priv == NULL)
101		return;
102
103	wpa_printf(MSG_DEBUG, "EAP: deinitialize previously used EAP method "
104		   "(%d, %s) at %s", sm->selectedMethod, sm->m->name, txt);
105	sm->m->deinit(sm, sm->eap_method_priv);
106	sm->eap_method_priv = NULL;
107	sm->m = NULL;
108}
109
110
111/**
112 * eap_allowed_method - Check whether EAP method is allowed
113 * @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
114 * @vendor: Vendor-Id for expanded types or 0 = IETF for legacy types
115 * @method: EAP type
116 * Returns: 1 = allowed EAP method, 0 = not allowed
117 */
118int eap_allowed_method(struct eap_sm *sm, int vendor, u32 method)
119{
120	struct eap_peer_config *config = eap_get_config(sm);
121	int i;
122	struct eap_method_type *m;
123
124	if (config == NULL || config->eap_methods == NULL)
125		return 1;
126
127	m = config->eap_methods;
128	for (i = 0; m[i].vendor != EAP_VENDOR_IETF ||
129		     m[i].method != EAP_TYPE_NONE; i++) {
130		if (m[i].vendor == vendor && m[i].method == method)
131			return 1;
132	}
133	return 0;
134}
135
136
137/*
138 * This state initializes state machine variables when the machine is
139 * activated (portEnabled = TRUE). This is also used when re-starting
140 * authentication (eapRestart == TRUE).
141 */
142SM_STATE(EAP, INITIALIZE)
143{
144	SM_ENTRY(EAP, INITIALIZE);
145	if (sm->fast_reauth && sm->m && sm->m->has_reauth_data &&
146	    sm->m->has_reauth_data(sm, sm->eap_method_priv) &&
147	    !sm->prev_failure) {
148		wpa_printf(MSG_DEBUG, "EAP: maintaining EAP method data for "
149			   "fast reauthentication");
150		sm->m->deinit_for_reauth(sm, sm->eap_method_priv);
151	} else {
152		eap_deinit_prev_method(sm, "INITIALIZE");
153	}
154	sm->selectedMethod = EAP_TYPE_NONE;
155	sm->methodState = METHOD_NONE;
156	sm->allowNotifications = TRUE;
157	sm->decision = DECISION_FAIL;
158	sm->ClientTimeout = EAP_CLIENT_TIMEOUT_DEFAULT;
159	eapol_set_int(sm, EAPOL_idleWhile, sm->ClientTimeout);
160	eapol_set_bool(sm, EAPOL_eapSuccess, FALSE);
161	eapol_set_bool(sm, EAPOL_eapFail, FALSE);
162	os_free(sm->eapKeyData);
163	sm->eapKeyData = NULL;
164	os_free(sm->eapSessionId);
165	sm->eapSessionId = NULL;
166	sm->eapKeyAvailable = FALSE;
167	eapol_set_bool(sm, EAPOL_eapRestart, FALSE);
168	sm->lastId = -1; /* new session - make sure this does not match with
169			  * the first EAP-Packet */
170	/*
171	 * RFC 4137 does not reset eapResp and eapNoResp here. However, this
172	 * seemed to be able to trigger cases where both were set and if EAPOL
173	 * state machine uses eapNoResp first, it may end up not sending a real
174	 * reply correctly. This occurred when the workaround in FAIL state set
175	 * eapNoResp = TRUE.. Maybe that workaround needs to be fixed to do
176	 * something else(?)
177	 */
178	eapol_set_bool(sm, EAPOL_eapResp, FALSE);
179	eapol_set_bool(sm, EAPOL_eapNoResp, FALSE);
180	sm->num_rounds = 0;
181	sm->prev_failure = 0;
182}
183
184
185/*
186 * This state is reached whenever service from the lower layer is interrupted
187 * or unavailable (portEnabled == FALSE). Immediate transition to INITIALIZE
188 * occurs when the port becomes enabled.
189 */
190SM_STATE(EAP, DISABLED)
191{
192	SM_ENTRY(EAP, DISABLED);
193	sm->num_rounds = 0;
194	/*
195	 * RFC 4137 does not describe clearing of idleWhile here, but doing so
196	 * allows the timer tick to be stopped more quickly when EAP is not in
197	 * use.
198	 */
199	eapol_set_int(sm, EAPOL_idleWhile, 0);
200}
201
202
203/*
204 * The state machine spends most of its time here, waiting for something to
205 * happen. This state is entered unconditionally from INITIALIZE, DISCARD, and
206 * SEND_RESPONSE states.
207 */
208SM_STATE(EAP, IDLE)
209{
210	SM_ENTRY(EAP, IDLE);
211}
212
213
214/*
215 * This state is entered when an EAP packet is received (eapReq == TRUE) to
216 * parse the packet header.
217 */
218SM_STATE(EAP, RECEIVED)
219{
220	const struct wpabuf *eapReqData;
221
222	SM_ENTRY(EAP, RECEIVED);
223	eapReqData = eapol_get_eapReqData(sm);
224	/* parse rxReq, rxSuccess, rxFailure, reqId, reqMethod */
225	eap_sm_parseEapReq(sm, eapReqData);
226	sm->num_rounds++;
227}
228
229
230/*
231 * This state is entered when a request for a new type comes in. Either the
232 * correct method is started, or a Nak response is built.
233 */
234SM_STATE(EAP, GET_METHOD)
235{
236	int reinit;
237	EapType method;
238	const struct eap_method *eap_method;
239
240	SM_ENTRY(EAP, GET_METHOD);
241
242	if (sm->reqMethod == EAP_TYPE_EXPANDED)
243		method = sm->reqVendorMethod;
244	else
245		method = sm->reqMethod;
246
247	eap_method = eap_peer_get_eap_method(sm->reqVendor, method);
248
249	if (!eap_sm_allowMethod(sm, sm->reqVendor, method)) {
250		wpa_printf(MSG_DEBUG, "EAP: vendor %u method %u not allowed",
251			   sm->reqVendor, method);
252		wpa_msg(sm->msg_ctx, MSG_INFO, WPA_EVENT_EAP_PROPOSED_METHOD
253			"vendor=%u method=%u -> NAK",
254			sm->reqVendor, method);
255		eap_notify_status(sm, "refuse proposed method",
256				  eap_method ?  eap_method->name : "unknown");
257		goto nak;
258	}
259
260	wpa_msg(sm->msg_ctx, MSG_INFO, WPA_EVENT_EAP_PROPOSED_METHOD
261		"vendor=%u method=%u", sm->reqVendor, method);
262
263	eap_notify_status(sm, "accept proposed method",
264			  eap_method ?  eap_method->name : "unknown");
265	/*
266	 * RFC 4137 does not define specific operation for fast
267	 * re-authentication (session resumption). The design here is to allow
268	 * the previously used method data to be maintained for
269	 * re-authentication if the method support session resumption.
270	 * Otherwise, the previously used method data is freed and a new method
271	 * is allocated here.
272	 */
273	if (sm->fast_reauth &&
274	    sm->m && sm->m->vendor == sm->reqVendor &&
275	    sm->m->method == method &&
276	    sm->m->has_reauth_data &&
277	    sm->m->has_reauth_data(sm, sm->eap_method_priv)) {
278		wpa_printf(MSG_DEBUG, "EAP: Using previous method data"
279			   " for fast re-authentication");
280		reinit = 1;
281	} else {
282		eap_deinit_prev_method(sm, "GET_METHOD");
283		reinit = 0;
284	}
285
286	sm->selectedMethod = sm->reqMethod;
287	if (sm->m == NULL)
288		sm->m = eap_method;
289	if (!sm->m) {
290		wpa_printf(MSG_DEBUG, "EAP: Could not find selected method: "
291			   "vendor %d method %d",
292			   sm->reqVendor, method);
293		goto nak;
294	}
295
296	sm->ClientTimeout = EAP_CLIENT_TIMEOUT_DEFAULT;
297
298	wpa_printf(MSG_DEBUG, "EAP: Initialize selected EAP method: "
299		   "vendor %u method %u (%s)",
300		   sm->reqVendor, method, sm->m->name);
301	if (reinit)
302		sm->eap_method_priv = sm->m->init_for_reauth(
303			sm, sm->eap_method_priv);
304	else
305		sm->eap_method_priv = sm->m->init(sm);
306
307	if (sm->eap_method_priv == NULL) {
308		struct eap_peer_config *config = eap_get_config(sm);
309		wpa_msg(sm->msg_ctx, MSG_INFO,
310			"EAP: Failed to initialize EAP method: vendor %u "
311			"method %u (%s)",
312			sm->reqVendor, method, sm->m->name);
313		sm->m = NULL;
314		sm->methodState = METHOD_NONE;
315		sm->selectedMethod = EAP_TYPE_NONE;
316		if (sm->reqMethod == EAP_TYPE_TLS && config &&
317		    (config->pending_req_pin ||
318		     config->pending_req_passphrase)) {
319			/*
320			 * Return without generating Nak in order to allow
321			 * entering of PIN code or passphrase to retry the
322			 * current EAP packet.
323			 */
324			wpa_printf(MSG_DEBUG, "EAP: Pending PIN/passphrase "
325				   "request - skip Nak");
326			return;
327		}
328
329		goto nak;
330	}
331
332	sm->methodState = METHOD_INIT;
333	wpa_msg(sm->msg_ctx, MSG_INFO, WPA_EVENT_EAP_METHOD
334		"EAP vendor %u method %u (%s) selected",
335		sm->reqVendor, method, sm->m->name);
336	return;
337
338nak:
339	wpabuf_free(sm->eapRespData);
340	sm->eapRespData = NULL;
341	sm->eapRespData = eap_sm_buildNak(sm, sm->reqId);
342}
343
344
345/*
346 * The method processing happens here. The request from the authenticator is
347 * processed, and an appropriate response packet is built.
348 */
349SM_STATE(EAP, METHOD)
350{
351	struct wpabuf *eapReqData;
352	struct eap_method_ret ret;
353	int min_len = 1;
354
355	SM_ENTRY(EAP, METHOD);
356	if (sm->m == NULL) {
357		wpa_printf(MSG_WARNING, "EAP::METHOD - method not selected");
358		return;
359	}
360
361	eapReqData = eapol_get_eapReqData(sm);
362	if (sm->m->vendor == EAP_VENDOR_IETF && sm->m->method == EAP_TYPE_LEAP)
363		min_len = 0; /* LEAP uses EAP-Success without payload */
364	if (!eap_hdr_len_valid(eapReqData, min_len))
365		return;
366
367	/*
368	 * Get ignore, methodState, decision, allowNotifications, and
369	 * eapRespData. RFC 4137 uses three separate method procedure (check,
370	 * process, and buildResp) in this state. These have been combined into
371	 * a single function call to m->process() in order to optimize EAP
372	 * method implementation interface a bit. These procedures are only
373	 * used from within this METHOD state, so there is no need to keep
374	 * these as separate C functions.
375	 *
376	 * The RFC 4137 procedures return values as follows:
377	 * ignore = m.check(eapReqData)
378	 * (methodState, decision, allowNotifications) = m.process(eapReqData)
379	 * eapRespData = m.buildResp(reqId)
380	 */
381	os_memset(&ret, 0, sizeof(ret));
382	ret.ignore = sm->ignore;
383	ret.methodState = sm->methodState;
384	ret.decision = sm->decision;
385	ret.allowNotifications = sm->allowNotifications;
386	wpabuf_free(sm->eapRespData);
387	sm->eapRespData = NULL;
388	sm->eapRespData = sm->m->process(sm, sm->eap_method_priv, &ret,
389					 eapReqData);
390	wpa_printf(MSG_DEBUG, "EAP: method process -> ignore=%s "
391		   "methodState=%s decision=%s",
392		   ret.ignore ? "TRUE" : "FALSE",
393		   eap_sm_method_state_txt(ret.methodState),
394		   eap_sm_decision_txt(ret.decision));
395
396	sm->ignore = ret.ignore;
397	if (sm->ignore)
398		return;
399	sm->methodState = ret.methodState;
400	sm->decision = ret.decision;
401	sm->allowNotifications = ret.allowNotifications;
402
403	if (sm->m->isKeyAvailable && sm->m->getKey &&
404	    sm->m->isKeyAvailable(sm, sm->eap_method_priv)) {
405		os_free(sm->eapKeyData);
406		sm->eapKeyData = sm->m->getKey(sm, sm->eap_method_priv,
407					       &sm->eapKeyDataLen);
408		os_free(sm->eapSessionId);
409		sm->eapSessionId = sm->m->getSessionId(sm, sm->eap_method_priv,
410						       &sm->eapSessionIdLen);
411		if (sm->eapSessionId) {
412			wpa_hexdump(MSG_DEBUG, "EAP: Session-Id",
413				    sm->eapSessionId, sm->eapSessionIdLen);
414		}
415	}
416}
417
418
419/*
420 * This state signals the lower layer that a response packet is ready to be
421 * sent.
422 */
423SM_STATE(EAP, SEND_RESPONSE)
424{
425	SM_ENTRY(EAP, SEND_RESPONSE);
426	wpabuf_free(sm->lastRespData);
427	if (sm->eapRespData) {
428		if (sm->workaround)
429			os_memcpy(sm->last_md5, sm->req_md5, 16);
430		sm->lastId = sm->reqId;
431		sm->lastRespData = wpabuf_dup(sm->eapRespData);
432		eapol_set_bool(sm, EAPOL_eapResp, TRUE);
433	} else
434		sm->lastRespData = NULL;
435	eapol_set_bool(sm, EAPOL_eapReq, FALSE);
436	eapol_set_int(sm, EAPOL_idleWhile, sm->ClientTimeout);
437}
438
439
440/*
441 * This state signals the lower layer that the request was discarded, and no
442 * response packet will be sent at this time.
443 */
444SM_STATE(EAP, DISCARD)
445{
446	SM_ENTRY(EAP, DISCARD);
447	eapol_set_bool(sm, EAPOL_eapReq, FALSE);
448	eapol_set_bool(sm, EAPOL_eapNoResp, TRUE);
449}
450
451
452/*
453 * Handles requests for Identity method and builds a response.
454 */
455SM_STATE(EAP, IDENTITY)
456{
457	const struct wpabuf *eapReqData;
458
459	SM_ENTRY(EAP, IDENTITY);
460	eapReqData = eapol_get_eapReqData(sm);
461	if (!eap_hdr_len_valid(eapReqData, 1))
462		return;
463	eap_sm_processIdentity(sm, eapReqData);
464	wpabuf_free(sm->eapRespData);
465	sm->eapRespData = NULL;
466	sm->eapRespData = eap_sm_buildIdentity(sm, sm->reqId, 0);
467}
468
469
470/*
471 * Handles requests for Notification method and builds a response.
472 */
473SM_STATE(EAP, NOTIFICATION)
474{
475	const struct wpabuf *eapReqData;
476
477	SM_ENTRY(EAP, NOTIFICATION);
478	eapReqData = eapol_get_eapReqData(sm);
479	if (!eap_hdr_len_valid(eapReqData, 1))
480		return;
481	eap_sm_processNotify(sm, eapReqData);
482	wpabuf_free(sm->eapRespData);
483	sm->eapRespData = NULL;
484	sm->eapRespData = eap_sm_buildNotify(sm->reqId);
485}
486
487
488/*
489 * This state retransmits the previous response packet.
490 */
491SM_STATE(EAP, RETRANSMIT)
492{
493	SM_ENTRY(EAP, RETRANSMIT);
494	wpabuf_free(sm->eapRespData);
495	if (sm->lastRespData)
496		sm->eapRespData = wpabuf_dup(sm->lastRespData);
497	else
498		sm->eapRespData = NULL;
499}
500
501
502/*
503 * This state is entered in case of a successful completion of authentication
504 * and state machine waits here until port is disabled or EAP authentication is
505 * restarted.
506 */
507SM_STATE(EAP, SUCCESS)
508{
509	SM_ENTRY(EAP, SUCCESS);
510	if (sm->eapKeyData != NULL)
511		sm->eapKeyAvailable = TRUE;
512	eapol_set_bool(sm, EAPOL_eapSuccess, TRUE);
513
514	/*
515	 * RFC 4137 does not clear eapReq here, but this seems to be required
516	 * to avoid processing the same request twice when state machine is
517	 * initialized.
518	 */
519	eapol_set_bool(sm, EAPOL_eapReq, FALSE);
520
521	/*
522	 * RFC 4137 does not set eapNoResp here, but this seems to be required
523	 * to get EAPOL Supplicant backend state machine into SUCCESS state. In
524	 * addition, either eapResp or eapNoResp is required to be set after
525	 * processing the received EAP frame.
526	 */
527	eapol_set_bool(sm, EAPOL_eapNoResp, TRUE);
528
529	wpa_msg(sm->msg_ctx, MSG_INFO, WPA_EVENT_EAP_SUCCESS
530		"EAP authentication completed successfully");
531}
532
533
534/*
535 * This state is entered in case of a failure and state machine waits here
536 * until port is disabled or EAP authentication is restarted.
537 */
538SM_STATE(EAP, FAILURE)
539{
540	SM_ENTRY(EAP, FAILURE);
541	eapol_set_bool(sm, EAPOL_eapFail, TRUE);
542
543	/*
544	 * RFC 4137 does not clear eapReq here, but this seems to be required
545	 * to avoid processing the same request twice when state machine is
546	 * initialized.
547	 */
548	eapol_set_bool(sm, EAPOL_eapReq, FALSE);
549
550	/*
551	 * RFC 4137 does not set eapNoResp here. However, either eapResp or
552	 * eapNoResp is required to be set after processing the received EAP
553	 * frame.
554	 */
555	eapol_set_bool(sm, EAPOL_eapNoResp, TRUE);
556
557	wpa_msg(sm->msg_ctx, MSG_INFO, WPA_EVENT_EAP_FAILURE
558		"EAP authentication failed");
559
560	sm->prev_failure = 1;
561}
562
563
564static int eap_success_workaround(struct eap_sm *sm, int reqId, int lastId)
565{
566	/*
567	 * At least Microsoft IAS and Meetinghouse Aegis seem to be sending
568	 * EAP-Success/Failure with lastId + 1 even though RFC 3748 and
569	 * RFC 4137 require that reqId == lastId. In addition, it looks like
570	 * Ringmaster v2.1.2.0 would be using lastId + 2 in EAP-Success.
571	 *
572	 * Accept this kind of Id if EAP workarounds are enabled. These are
573	 * unauthenticated plaintext messages, so this should have minimal
574	 * security implications (bit easier to fake EAP-Success/Failure).
575	 */
576	if (sm->workaround && (reqId == ((lastId + 1) & 0xff) ||
577			       reqId == ((lastId + 2) & 0xff))) {
578		wpa_printf(MSG_DEBUG, "EAP: Workaround for unexpected "
579			   "identifier field in EAP Success: "
580			   "reqId=%d lastId=%d (these are supposed to be "
581			   "same)", reqId, lastId);
582		return 1;
583	}
584	wpa_printf(MSG_DEBUG, "EAP: EAP-Success Id mismatch - reqId=%d "
585		   "lastId=%d", reqId, lastId);
586	return 0;
587}
588
589
590/*
591 * RFC 4137 - Appendix A.1: EAP Peer State Machine - State transitions
592 */
593
594static void eap_peer_sm_step_idle(struct eap_sm *sm)
595{
596	/*
597	 * The first three transitions are from RFC 4137. The last two are
598	 * local additions to handle special cases with LEAP and PEAP server
599	 * not sending EAP-Success in some cases.
600	 */
601	if (eapol_get_bool(sm, EAPOL_eapReq))
602		SM_ENTER(EAP, RECEIVED);
603	else if ((eapol_get_bool(sm, EAPOL_altAccept) &&
604		  sm->decision != DECISION_FAIL) ||
605		 (eapol_get_int(sm, EAPOL_idleWhile) == 0 &&
606		  sm->decision == DECISION_UNCOND_SUCC))
607		SM_ENTER(EAP, SUCCESS);
608	else if (eapol_get_bool(sm, EAPOL_altReject) ||
609		 (eapol_get_int(sm, EAPOL_idleWhile) == 0 &&
610		  sm->decision != DECISION_UNCOND_SUCC) ||
611		 (eapol_get_bool(sm, EAPOL_altAccept) &&
612		  sm->methodState != METHOD_CONT &&
613		  sm->decision == DECISION_FAIL))
614		SM_ENTER(EAP, FAILURE);
615	else if (sm->selectedMethod == EAP_TYPE_LEAP &&
616		 sm->leap_done && sm->decision != DECISION_FAIL &&
617		 sm->methodState == METHOD_DONE)
618		SM_ENTER(EAP, SUCCESS);
619	else if (sm->selectedMethod == EAP_TYPE_PEAP &&
620		 sm->peap_done && sm->decision != DECISION_FAIL &&
621		 sm->methodState == METHOD_DONE)
622		SM_ENTER(EAP, SUCCESS);
623}
624
625
626static int eap_peer_req_is_duplicate(struct eap_sm *sm)
627{
628	int duplicate;
629
630	duplicate = (sm->reqId == sm->lastId) && sm->rxReq;
631	if (sm->workaround && duplicate &&
632	    os_memcmp(sm->req_md5, sm->last_md5, 16) != 0) {
633		/*
634		 * RFC 4137 uses (reqId == lastId) as the only verification for
635		 * duplicate EAP requests. However, this misses cases where the
636		 * AS is incorrectly using the same id again; and
637		 * unfortunately, such implementations exist. Use MD5 hash as
638		 * an extra verification for the packets being duplicate to
639		 * workaround these issues.
640		 */
641		wpa_printf(MSG_DEBUG, "EAP: AS used the same Id again, but "
642			   "EAP packets were not identical");
643		wpa_printf(MSG_DEBUG, "EAP: workaround - assume this is not a "
644			   "duplicate packet");
645		duplicate = 0;
646	}
647
648	return duplicate;
649}
650
651
652static void eap_peer_sm_step_received(struct eap_sm *sm)
653{
654	int duplicate = eap_peer_req_is_duplicate(sm);
655
656	/*
657	 * Two special cases below for LEAP are local additions to work around
658	 * odd LEAP behavior (EAP-Success in the middle of authentication and
659	 * then swapped roles). Other transitions are based on RFC 4137.
660	 */
661	if (sm->rxSuccess && sm->decision != DECISION_FAIL &&
662	    (sm->reqId == sm->lastId ||
663	     eap_success_workaround(sm, sm->reqId, sm->lastId)))
664		SM_ENTER(EAP, SUCCESS);
665	else if (sm->methodState != METHOD_CONT &&
666		 ((sm->rxFailure &&
667		   sm->decision != DECISION_UNCOND_SUCC) ||
668		  (sm->rxSuccess && sm->decision == DECISION_FAIL &&
669		   (sm->selectedMethod != EAP_TYPE_LEAP ||
670		    sm->methodState != METHOD_MAY_CONT))) &&
671		 (sm->reqId == sm->lastId ||
672		  eap_success_workaround(sm, sm->reqId, sm->lastId)))
673		SM_ENTER(EAP, FAILURE);
674	else if (sm->rxReq && duplicate)
675		SM_ENTER(EAP, RETRANSMIT);
676	else if (sm->rxReq && !duplicate &&
677		 sm->reqMethod == EAP_TYPE_NOTIFICATION &&
678		 sm->allowNotifications)
679		SM_ENTER(EAP, NOTIFICATION);
680	else if (sm->rxReq && !duplicate &&
681		 sm->selectedMethod == EAP_TYPE_NONE &&
682		 sm->reqMethod == EAP_TYPE_IDENTITY)
683		SM_ENTER(EAP, IDENTITY);
684	else if (sm->rxReq && !duplicate &&
685		 sm->selectedMethod == EAP_TYPE_NONE &&
686		 sm->reqMethod != EAP_TYPE_IDENTITY &&
687		 sm->reqMethod != EAP_TYPE_NOTIFICATION)
688		SM_ENTER(EAP, GET_METHOD);
689	else if (sm->rxReq && !duplicate &&
690		 sm->reqMethod == sm->selectedMethod &&
691		 sm->methodState != METHOD_DONE)
692		SM_ENTER(EAP, METHOD);
693	else if (sm->selectedMethod == EAP_TYPE_LEAP &&
694		 (sm->rxSuccess || sm->rxResp))
695		SM_ENTER(EAP, METHOD);
696	else
697		SM_ENTER(EAP, DISCARD);
698}
699
700
701static void eap_peer_sm_step_local(struct eap_sm *sm)
702{
703	switch (sm->EAP_state) {
704	case EAP_INITIALIZE:
705		SM_ENTER(EAP, IDLE);
706		break;
707	case EAP_DISABLED:
708		if (eapol_get_bool(sm, EAPOL_portEnabled) &&
709		    !sm->force_disabled)
710			SM_ENTER(EAP, INITIALIZE);
711		break;
712	case EAP_IDLE:
713		eap_peer_sm_step_idle(sm);
714		break;
715	case EAP_RECEIVED:
716		eap_peer_sm_step_received(sm);
717		break;
718	case EAP_GET_METHOD:
719		if (sm->selectedMethod == sm->reqMethod)
720			SM_ENTER(EAP, METHOD);
721		else
722			SM_ENTER(EAP, SEND_RESPONSE);
723		break;
724	case EAP_METHOD:
725		if (sm->ignore)
726			SM_ENTER(EAP, DISCARD);
727		else
728			SM_ENTER(EAP, SEND_RESPONSE);
729		break;
730	case EAP_SEND_RESPONSE:
731		SM_ENTER(EAP, IDLE);
732		break;
733	case EAP_DISCARD:
734		SM_ENTER(EAP, IDLE);
735		break;
736	case EAP_IDENTITY:
737		SM_ENTER(EAP, SEND_RESPONSE);
738		break;
739	case EAP_NOTIFICATION:
740		SM_ENTER(EAP, SEND_RESPONSE);
741		break;
742	case EAP_RETRANSMIT:
743		SM_ENTER(EAP, SEND_RESPONSE);
744		break;
745	case EAP_SUCCESS:
746		break;
747	case EAP_FAILURE:
748		break;
749	}
750}
751
752
753SM_STEP(EAP)
754{
755	/* Global transitions */
756	if (eapol_get_bool(sm, EAPOL_eapRestart) &&
757	    eapol_get_bool(sm, EAPOL_portEnabled))
758		SM_ENTER_GLOBAL(EAP, INITIALIZE);
759	else if (!eapol_get_bool(sm, EAPOL_portEnabled) || sm->force_disabled)
760		SM_ENTER_GLOBAL(EAP, DISABLED);
761	else if (sm->num_rounds > EAP_MAX_AUTH_ROUNDS) {
762		/* RFC 4137 does not place any limit on number of EAP messages
763		 * in an authentication session. However, some error cases have
764		 * ended up in a state were EAP messages were sent between the
765		 * peer and server in a loop (e.g., TLS ACK frame in both
766		 * direction). Since this is quite undesired outcome, limit the
767		 * total number of EAP round-trips and abort authentication if
768		 * this limit is exceeded.
769		 */
770		if (sm->num_rounds == EAP_MAX_AUTH_ROUNDS + 1) {
771			wpa_msg(sm->msg_ctx, MSG_INFO, "EAP: more than %d "
772				"authentication rounds - abort",
773				EAP_MAX_AUTH_ROUNDS);
774			sm->num_rounds++;
775			SM_ENTER_GLOBAL(EAP, FAILURE);
776		}
777	} else {
778		/* Local transitions */
779		eap_peer_sm_step_local(sm);
780	}
781}
782
783
784static Boolean eap_sm_allowMethod(struct eap_sm *sm, int vendor,
785				  EapType method)
786{
787	if (!eap_allowed_method(sm, vendor, method)) {
788		wpa_printf(MSG_DEBUG, "EAP: configuration does not allow: "
789			   "vendor %u method %u", vendor, method);
790		return FALSE;
791	}
792	if (eap_peer_get_eap_method(vendor, method))
793		return TRUE;
794	wpa_printf(MSG_DEBUG, "EAP: not included in build: "
795		   "vendor %u method %u", vendor, method);
796	return FALSE;
797}
798
799
800static struct wpabuf * eap_sm_build_expanded_nak(
801	struct eap_sm *sm, int id, const struct eap_method *methods,
802	size_t count)
803{
804	struct wpabuf *resp;
805	int found = 0;
806	const struct eap_method *m;
807
808	wpa_printf(MSG_DEBUG, "EAP: Building expanded EAP-Nak");
809
810	/* RFC 3748 - 5.3.2: Expanded Nak */
811	resp = eap_msg_alloc(EAP_VENDOR_IETF, EAP_TYPE_EXPANDED,
812			     8 + 8 * (count + 1), EAP_CODE_RESPONSE, id);
813	if (resp == NULL)
814		return NULL;
815
816	wpabuf_put_be24(resp, EAP_VENDOR_IETF);
817	wpabuf_put_be32(resp, EAP_TYPE_NAK);
818
819	for (m = methods; m; m = m->next) {
820		if (sm->reqVendor == m->vendor &&
821		    sm->reqVendorMethod == m->method)
822			continue; /* do not allow the current method again */
823		if (eap_allowed_method(sm, m->vendor, m->method)) {
824			wpa_printf(MSG_DEBUG, "EAP: allowed type: "
825				   "vendor=%u method=%u",
826				   m->vendor, m->method);
827			wpabuf_put_u8(resp, EAP_TYPE_EXPANDED);
828			wpabuf_put_be24(resp, m->vendor);
829			wpabuf_put_be32(resp, m->method);
830
831			found++;
832		}
833	}
834	if (!found) {
835		wpa_printf(MSG_DEBUG, "EAP: no more allowed methods");
836		wpabuf_put_u8(resp, EAP_TYPE_EXPANDED);
837		wpabuf_put_be24(resp, EAP_VENDOR_IETF);
838		wpabuf_put_be32(resp, EAP_TYPE_NONE);
839	}
840
841	eap_update_len(resp);
842
843	return resp;
844}
845
846
847static struct wpabuf * eap_sm_buildNak(struct eap_sm *sm, int id)
848{
849	struct wpabuf *resp;
850	u8 *start;
851	int found = 0, expanded_found = 0;
852	size_t count;
853	const struct eap_method *methods, *m;
854
855	wpa_printf(MSG_DEBUG, "EAP: Building EAP-Nak (requested type %u "
856		   "vendor=%u method=%u not allowed)", sm->reqMethod,
857		   sm->reqVendor, sm->reqVendorMethod);
858	methods = eap_peer_get_methods(&count);
859	if (methods == NULL)
860		return NULL;
861	if (sm->reqMethod == EAP_TYPE_EXPANDED)
862		return eap_sm_build_expanded_nak(sm, id, methods, count);
863
864	/* RFC 3748 - 5.3.1: Legacy Nak */
865	resp = eap_msg_alloc(EAP_VENDOR_IETF, EAP_TYPE_NAK,
866			     sizeof(struct eap_hdr) + 1 + count + 1,
867			     EAP_CODE_RESPONSE, id);
868	if (resp == NULL)
869		return NULL;
870
871	start = wpabuf_put(resp, 0);
872	for (m = methods; m; m = m->next) {
873		if (m->vendor == EAP_VENDOR_IETF && m->method == sm->reqMethod)
874			continue; /* do not allow the current method again */
875		if (eap_allowed_method(sm, m->vendor, m->method)) {
876			if (m->vendor != EAP_VENDOR_IETF) {
877				if (expanded_found)
878					continue;
879				expanded_found = 1;
880				wpabuf_put_u8(resp, EAP_TYPE_EXPANDED);
881			} else
882				wpabuf_put_u8(resp, m->method);
883			found++;
884		}
885	}
886	if (!found)
887		wpabuf_put_u8(resp, EAP_TYPE_NONE);
888	wpa_hexdump(MSG_DEBUG, "EAP: allowed methods", start, found);
889
890	eap_update_len(resp);
891
892	return resp;
893}
894
895
896static void eap_sm_processIdentity(struct eap_sm *sm, const struct wpabuf *req)
897{
898	const u8 *pos;
899	size_t msg_len;
900
901	wpa_msg(sm->msg_ctx, MSG_INFO, WPA_EVENT_EAP_STARTED
902		"EAP authentication started");
903	eap_notify_status(sm, "started", "");
904
905	pos = eap_hdr_validate(EAP_VENDOR_IETF, EAP_TYPE_IDENTITY, req,
906			       &msg_len);
907	if (pos == NULL)
908		return;
909
910	/*
911	 * RFC 3748 - 5.1: Identity
912	 * Data field may contain a displayable message in UTF-8. If this
913	 * includes NUL-character, only the data before that should be
914	 * displayed. Some EAP implementasitons may piggy-back additional
915	 * options after the NUL.
916	 */
917	/* TODO: could save displayable message so that it can be shown to the
918	 * user in case of interaction is required */
919	wpa_hexdump_ascii(MSG_DEBUG, "EAP: EAP-Request Identity data",
920			  pos, msg_len);
921}
922
923
924#ifdef PCSC_FUNCS
925
926/*
927 * Rules for figuring out MNC length based on IMSI for SIM cards that do not
928 * include MNC length field.
929 */
930static int mnc_len_from_imsi(const char *imsi)
931{
932	char mcc_str[4];
933	unsigned int mcc;
934
935	os_memcpy(mcc_str, imsi, 3);
936	mcc_str[3] = '\0';
937	mcc = atoi(mcc_str);
938
939	if (mcc == 244)
940		return 2; /* Networks in Finland use 2-digit MNC */
941
942	return -1;
943}
944
945
946static int eap_sm_append_3gpp_realm(struct eap_sm *sm, char *imsi,
947				    size_t max_len, size_t *imsi_len)
948{
949	int mnc_len;
950	char *pos, mnc[4];
951
952	if (*imsi_len + 36 > max_len) {
953		wpa_printf(MSG_WARNING, "No room for realm in IMSI buffer");
954		return -1;
955	}
956
957	/* MNC (2 or 3 digits) */
958	mnc_len = scard_get_mnc_len(sm->scard_ctx);
959	if (mnc_len < 0)
960		mnc_len = mnc_len_from_imsi(imsi);
961	if (mnc_len < 0) {
962		wpa_printf(MSG_INFO, "Failed to get MNC length from (U)SIM "
963			   "assuming 3");
964		mnc_len = 3;
965	}
966
967	if (mnc_len == 2) {
968		mnc[0] = '0';
969		mnc[1] = imsi[3];
970		mnc[2] = imsi[4];
971	} else if (mnc_len == 3) {
972		mnc[0] = imsi[3];
973		mnc[1] = imsi[4];
974		mnc[2] = imsi[5];
975	}
976	mnc[3] = '\0';
977
978	pos = imsi + *imsi_len;
979	pos += os_snprintf(pos, imsi + max_len - pos,
980			   "@wlan.mnc%s.mcc%c%c%c.3gppnetwork.org",
981			   mnc, imsi[0], imsi[1], imsi[2]);
982	*imsi_len = pos - imsi;
983
984	return 0;
985}
986
987
988static int eap_sm_imsi_identity(struct eap_sm *sm,
989				struct eap_peer_config *conf)
990{
991	enum { EAP_SM_SIM, EAP_SM_AKA, EAP_SM_AKA_PRIME } method = EAP_SM_SIM;
992	char imsi[100];
993	size_t imsi_len;
994	struct eap_method_type *m = conf->eap_methods;
995	int i;
996
997	imsi_len = sizeof(imsi);
998	if (scard_get_imsi(sm->scard_ctx, imsi, &imsi_len)) {
999		wpa_printf(MSG_WARNING, "Failed to get IMSI from SIM");
1000		return -1;
1001	}
1002
1003	wpa_hexdump_ascii(MSG_DEBUG, "IMSI", (u8 *) imsi, imsi_len);
1004
1005	if (imsi_len < 7) {
1006		wpa_printf(MSG_WARNING, "Too short IMSI for SIM identity");
1007		return -1;
1008	}
1009
1010	if (eap_sm_append_3gpp_realm(sm, imsi, sizeof(imsi), &imsi_len) < 0) {
1011		wpa_printf(MSG_WARNING, "Could not add realm to SIM identity");
1012		return -1;
1013	}
1014	wpa_hexdump_ascii(MSG_DEBUG, "IMSI + realm", (u8 *) imsi, imsi_len);
1015
1016	for (i = 0; m && (m[i].vendor != EAP_VENDOR_IETF ||
1017			  m[i].method != EAP_TYPE_NONE); i++) {
1018		if (m[i].vendor == EAP_VENDOR_IETF &&
1019		    m[i].method == EAP_TYPE_AKA_PRIME) {
1020			method = EAP_SM_AKA_PRIME;
1021			break;
1022		}
1023
1024		if (m[i].vendor == EAP_VENDOR_IETF &&
1025		    m[i].method == EAP_TYPE_AKA) {
1026			method = EAP_SM_AKA;
1027			break;
1028		}
1029	}
1030
1031	os_free(conf->identity);
1032	conf->identity = os_malloc(1 + imsi_len);
1033	if (conf->identity == NULL) {
1034		wpa_printf(MSG_WARNING, "Failed to allocate buffer for "
1035			   "IMSI-based identity");
1036		return -1;
1037	}
1038
1039	switch (method) {
1040	case EAP_SM_SIM:
1041		conf->identity[0] = '1';
1042		break;
1043	case EAP_SM_AKA:
1044		conf->identity[0] = '0';
1045		break;
1046	case EAP_SM_AKA_PRIME:
1047		conf->identity[0] = '6';
1048		break;
1049	}
1050	os_memcpy(conf->identity + 1, imsi, imsi_len);
1051	conf->identity_len = 1 + imsi_len;
1052
1053	return 0;
1054}
1055
1056#endif /* PCSC_FUNCS */
1057
1058
1059static int eap_sm_set_scard_pin(struct eap_sm *sm,
1060				struct eap_peer_config *conf)
1061{
1062#ifdef PCSC_FUNCS
1063	if (scard_set_pin(sm->scard_ctx, conf->pin)) {
1064		/*
1065		 * Make sure the same PIN is not tried again in order to avoid
1066		 * blocking SIM.
1067		 */
1068		os_free(conf->pin);
1069		conf->pin = NULL;
1070
1071		wpa_printf(MSG_WARNING, "PIN validation failed");
1072		eap_sm_request_pin(sm);
1073		return -1;
1074	}
1075	return 0;
1076#else /* PCSC_FUNCS */
1077	return -1;
1078#endif /* PCSC_FUNCS */
1079}
1080
1081static int eap_sm_get_scard_identity(struct eap_sm *sm,
1082				     struct eap_peer_config *conf)
1083{
1084#ifdef PCSC_FUNCS
1085	if (eap_sm_set_scard_pin(sm, conf))
1086		return -1;
1087
1088	return eap_sm_imsi_identity(sm, conf);
1089#else /* PCSC_FUNCS */
1090	return -1;
1091#endif /* PCSC_FUNCS */
1092}
1093
1094
1095/**
1096 * eap_sm_buildIdentity - Build EAP-Identity/Response for the current network
1097 * @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
1098 * @id: EAP identifier for the packet
1099 * @encrypted: Whether the packet is for encrypted tunnel (EAP phase 2)
1100 * Returns: Pointer to the allocated EAP-Identity/Response packet or %NULL on
1101 * failure
1102 *
1103 * This function allocates and builds an EAP-Identity/Response packet for the
1104 * current network. The caller is responsible for freeing the returned data.
1105 */
1106struct wpabuf * eap_sm_buildIdentity(struct eap_sm *sm, int id, int encrypted)
1107{
1108	struct eap_peer_config *config = eap_get_config(sm);
1109	struct wpabuf *resp;
1110	const u8 *identity;
1111	size_t identity_len;
1112
1113	if (config == NULL) {
1114		wpa_printf(MSG_WARNING, "EAP: buildIdentity: configuration "
1115			   "was not available");
1116		return NULL;
1117	}
1118
1119	if (sm->m && sm->m->get_identity &&
1120	    (identity = sm->m->get_identity(sm, sm->eap_method_priv,
1121					    &identity_len)) != NULL) {
1122		wpa_hexdump_ascii(MSG_DEBUG, "EAP: using method re-auth "
1123				  "identity", identity, identity_len);
1124	} else if (!encrypted && config->anonymous_identity) {
1125		identity = config->anonymous_identity;
1126		identity_len = config->anonymous_identity_len;
1127		wpa_hexdump_ascii(MSG_DEBUG, "EAP: using anonymous identity",
1128				  identity, identity_len);
1129	} else {
1130		identity = config->identity;
1131		identity_len = config->identity_len;
1132		wpa_hexdump_ascii(MSG_DEBUG, "EAP: using real identity",
1133				  identity, identity_len);
1134	}
1135
1136	if (identity == NULL) {
1137		wpa_printf(MSG_WARNING, "EAP: buildIdentity: identity "
1138			   "configuration was not available");
1139		if (config->pcsc) {
1140			if (eap_sm_get_scard_identity(sm, config) < 0)
1141				return NULL;
1142			identity = config->identity;
1143			identity_len = config->identity_len;
1144			wpa_hexdump_ascii(MSG_DEBUG, "permanent identity from "
1145					  "IMSI", identity, identity_len);
1146		} else {
1147			eap_sm_request_identity(sm);
1148			return NULL;
1149		}
1150	} else if (config->pcsc) {
1151		if (eap_sm_set_scard_pin(sm, config) < 0)
1152			return NULL;
1153	}
1154
1155	resp = eap_msg_alloc(EAP_VENDOR_IETF, EAP_TYPE_IDENTITY, identity_len,
1156			     EAP_CODE_RESPONSE, id);
1157	if (resp == NULL)
1158		return NULL;
1159
1160	wpabuf_put_data(resp, identity, identity_len);
1161
1162	return resp;
1163}
1164
1165
1166static void eap_sm_processNotify(struct eap_sm *sm, const struct wpabuf *req)
1167{
1168	const u8 *pos;
1169	char *msg;
1170	size_t i, msg_len;
1171
1172	pos = eap_hdr_validate(EAP_VENDOR_IETF, EAP_TYPE_NOTIFICATION, req,
1173			       &msg_len);
1174	if (pos == NULL)
1175		return;
1176	wpa_hexdump_ascii(MSG_DEBUG, "EAP: EAP-Request Notification data",
1177			  pos, msg_len);
1178
1179	msg = os_malloc(msg_len + 1);
1180	if (msg == NULL)
1181		return;
1182	for (i = 0; i < msg_len; i++)
1183		msg[i] = isprint(pos[i]) ? (char) pos[i] : '_';
1184	msg[msg_len] = '\0';
1185	wpa_msg(sm->msg_ctx, MSG_INFO, "%s%s",
1186		WPA_EVENT_EAP_NOTIFICATION, msg);
1187	os_free(msg);
1188}
1189
1190
1191static struct wpabuf * eap_sm_buildNotify(int id)
1192{
1193	struct wpabuf *resp;
1194
1195	wpa_printf(MSG_DEBUG, "EAP: Generating EAP-Response Notification");
1196	resp = eap_msg_alloc(EAP_VENDOR_IETF, EAP_TYPE_NOTIFICATION, 0,
1197			     EAP_CODE_RESPONSE, id);
1198	if (resp == NULL)
1199		return NULL;
1200
1201	return resp;
1202}
1203
1204
1205static void eap_sm_parseEapReq(struct eap_sm *sm, const struct wpabuf *req)
1206{
1207	const struct eap_hdr *hdr;
1208	size_t plen;
1209	const u8 *pos;
1210
1211	sm->rxReq = sm->rxResp = sm->rxSuccess = sm->rxFailure = FALSE;
1212	sm->reqId = 0;
1213	sm->reqMethod = EAP_TYPE_NONE;
1214	sm->reqVendor = EAP_VENDOR_IETF;
1215	sm->reqVendorMethod = EAP_TYPE_NONE;
1216
1217	if (req == NULL || wpabuf_len(req) < sizeof(*hdr))
1218		return;
1219
1220	hdr = wpabuf_head(req);
1221	plen = be_to_host16(hdr->length);
1222	if (plen > wpabuf_len(req)) {
1223		wpa_printf(MSG_DEBUG, "EAP: Ignored truncated EAP-Packet "
1224			   "(len=%lu plen=%lu)",
1225			   (unsigned long) wpabuf_len(req),
1226			   (unsigned long) plen);
1227		return;
1228	}
1229
1230	sm->reqId = hdr->identifier;
1231
1232	if (sm->workaround) {
1233		const u8 *addr[1];
1234		addr[0] = wpabuf_head(req);
1235		md5_vector(1, addr, &plen, sm->req_md5);
1236	}
1237
1238	switch (hdr->code) {
1239	case EAP_CODE_REQUEST:
1240		if (plen < sizeof(*hdr) + 1) {
1241			wpa_printf(MSG_DEBUG, "EAP: Too short EAP-Request - "
1242				   "no Type field");
1243			return;
1244		}
1245		sm->rxReq = TRUE;
1246		pos = (const u8 *) (hdr + 1);
1247		sm->reqMethod = *pos++;
1248		if (sm->reqMethod == EAP_TYPE_EXPANDED) {
1249			if (plen < sizeof(*hdr) + 8) {
1250				wpa_printf(MSG_DEBUG, "EAP: Ignored truncated "
1251					   "expanded EAP-Packet (plen=%lu)",
1252					   (unsigned long) plen);
1253				return;
1254			}
1255			sm->reqVendor = WPA_GET_BE24(pos);
1256			pos += 3;
1257			sm->reqVendorMethod = WPA_GET_BE32(pos);
1258		}
1259		wpa_printf(MSG_DEBUG, "EAP: Received EAP-Request id=%d "
1260			   "method=%u vendor=%u vendorMethod=%u",
1261			   sm->reqId, sm->reqMethod, sm->reqVendor,
1262			   sm->reqVendorMethod);
1263		break;
1264	case EAP_CODE_RESPONSE:
1265		if (sm->selectedMethod == EAP_TYPE_LEAP) {
1266			/*
1267			 * LEAP differs from RFC 4137 by using reversed roles
1268			 * for mutual authentication and because of this, we
1269			 * need to accept EAP-Response frames if LEAP is used.
1270			 */
1271			if (plen < sizeof(*hdr) + 1) {
1272				wpa_printf(MSG_DEBUG, "EAP: Too short "
1273					   "EAP-Response - no Type field");
1274				return;
1275			}
1276			sm->rxResp = TRUE;
1277			pos = (const u8 *) (hdr + 1);
1278			sm->reqMethod = *pos;
1279			wpa_printf(MSG_DEBUG, "EAP: Received EAP-Response for "
1280				   "LEAP method=%d id=%d",
1281				   sm->reqMethod, sm->reqId);
1282			break;
1283		}
1284		wpa_printf(MSG_DEBUG, "EAP: Ignored EAP-Response");
1285		break;
1286	case EAP_CODE_SUCCESS:
1287		wpa_printf(MSG_DEBUG, "EAP: Received EAP-Success");
1288		eap_notify_status(sm, "completion", "success");
1289		sm->rxSuccess = TRUE;
1290		break;
1291	case EAP_CODE_FAILURE:
1292		wpa_printf(MSG_DEBUG, "EAP: Received EAP-Failure");
1293		eap_notify_status(sm, "completion", "failure");
1294		sm->rxFailure = TRUE;
1295		break;
1296	default:
1297		wpa_printf(MSG_DEBUG, "EAP: Ignored EAP-Packet with unknown "
1298			   "code %d", hdr->code);
1299		break;
1300	}
1301}
1302
1303
1304static void eap_peer_sm_tls_event(void *ctx, enum tls_event ev,
1305				  union tls_event_data *data)
1306{
1307	struct eap_sm *sm = ctx;
1308	char *hash_hex = NULL;
1309
1310	switch (ev) {
1311	case TLS_CERT_CHAIN_SUCCESS:
1312		eap_notify_status(sm, "remote certificate verification",
1313				  "success");
1314		break;
1315	case TLS_CERT_CHAIN_FAILURE:
1316		wpa_msg(sm->msg_ctx, MSG_INFO, WPA_EVENT_EAP_TLS_CERT_ERROR
1317			"reason=%d depth=%d subject='%s' err='%s'",
1318			data->cert_fail.reason,
1319			data->cert_fail.depth,
1320			data->cert_fail.subject,
1321			data->cert_fail.reason_txt);
1322		eap_notify_status(sm, "remote certificate verification",
1323				  data->cert_fail.reason_txt);
1324		break;
1325	case TLS_PEER_CERTIFICATE:
1326		if (!sm->eapol_cb->notify_cert)
1327			break;
1328
1329		if (data->peer_cert.hash) {
1330			size_t len = data->peer_cert.hash_len * 2 + 1;
1331			hash_hex = os_malloc(len);
1332			if (hash_hex) {
1333				wpa_snprintf_hex(hash_hex, len,
1334						 data->peer_cert.hash,
1335						 data->peer_cert.hash_len);
1336			}
1337		}
1338
1339		sm->eapol_cb->notify_cert(sm->eapol_ctx,
1340					  data->peer_cert.depth,
1341					  data->peer_cert.subject,
1342					  hash_hex, data->peer_cert.cert);
1343		break;
1344	case TLS_ALERT:
1345		if (data->alert.is_local)
1346			eap_notify_status(sm, "local TLS alert",
1347					  data->alert.description);
1348		else
1349			eap_notify_status(sm, "remote TLS alert",
1350					  data->alert.description);
1351		break;
1352	}
1353
1354	os_free(hash_hex);
1355}
1356
1357
1358/**
1359 * eap_peer_sm_init - Allocate and initialize EAP peer state machine
1360 * @eapol_ctx: Context data to be used with eapol_cb calls
1361 * @eapol_cb: Pointer to EAPOL callback functions
1362 * @msg_ctx: Context data for wpa_msg() calls
1363 * @conf: EAP configuration
1364 * Returns: Pointer to the allocated EAP state machine or %NULL on failure
1365 *
1366 * This function allocates and initializes an EAP state machine. In addition,
1367 * this initializes TLS library for the new EAP state machine. eapol_cb pointer
1368 * will be in use until eap_peer_sm_deinit() is used to deinitialize this EAP
1369 * state machine. Consequently, the caller must make sure that this data
1370 * structure remains alive while the EAP state machine is active.
1371 */
1372struct eap_sm * eap_peer_sm_init(void *eapol_ctx,
1373				 struct eapol_callbacks *eapol_cb,
1374				 void *msg_ctx, struct eap_config *conf)
1375{
1376	struct eap_sm *sm;
1377	struct tls_config tlsconf;
1378
1379	sm = os_zalloc(sizeof(*sm));
1380	if (sm == NULL)
1381		return NULL;
1382	sm->eapol_ctx = eapol_ctx;
1383	sm->eapol_cb = eapol_cb;
1384	sm->msg_ctx = msg_ctx;
1385	sm->ClientTimeout = EAP_CLIENT_TIMEOUT_DEFAULT;
1386	sm->wps = conf->wps;
1387
1388	os_memset(&tlsconf, 0, sizeof(tlsconf));
1389	tlsconf.opensc_engine_path = conf->opensc_engine_path;
1390	tlsconf.pkcs11_engine_path = conf->pkcs11_engine_path;
1391	tlsconf.pkcs11_module_path = conf->pkcs11_module_path;
1392#ifdef CONFIG_FIPS
1393	tlsconf.fips_mode = 1;
1394#endif /* CONFIG_FIPS */
1395	tlsconf.event_cb = eap_peer_sm_tls_event;
1396	tlsconf.cb_ctx = sm;
1397	tlsconf.cert_in_cb = conf->cert_in_cb;
1398	sm->ssl_ctx = tls_init(&tlsconf);
1399	if (sm->ssl_ctx == NULL) {
1400		wpa_printf(MSG_WARNING, "SSL: Failed to initialize TLS "
1401			   "context.");
1402		os_free(sm);
1403		return NULL;
1404	}
1405
1406	sm->ssl_ctx2 = tls_init(&tlsconf);
1407	if (sm->ssl_ctx2 == NULL) {
1408		wpa_printf(MSG_INFO, "SSL: Failed to initialize TLS "
1409			   "context (2).");
1410		/* Run without separate TLS context within TLS tunnel */
1411	}
1412
1413	return sm;
1414}
1415
1416
1417/**
1418 * eap_peer_sm_deinit - Deinitialize and free an EAP peer state machine
1419 * @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
1420 *
1421 * This function deinitializes EAP state machine and frees all allocated
1422 * resources.
1423 */
1424void eap_peer_sm_deinit(struct eap_sm *sm)
1425{
1426	if (sm == NULL)
1427		return;
1428	eap_deinit_prev_method(sm, "EAP deinit");
1429	eap_sm_abort(sm);
1430	if (sm->ssl_ctx2)
1431		tls_deinit(sm->ssl_ctx2);
1432	tls_deinit(sm->ssl_ctx);
1433	os_free(sm);
1434}
1435
1436
1437/**
1438 * eap_peer_sm_step - Step EAP peer state machine
1439 * @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
1440 * Returns: 1 if EAP state was changed or 0 if not
1441 *
1442 * This function advances EAP state machine to a new state to match with the
1443 * current variables. This should be called whenever variables used by the EAP
1444 * state machine have changed.
1445 */
1446int eap_peer_sm_step(struct eap_sm *sm)
1447{
1448	int res = 0;
1449	do {
1450		sm->changed = FALSE;
1451		SM_STEP_RUN(EAP);
1452		if (sm->changed)
1453			res = 1;
1454	} while (sm->changed);
1455	return res;
1456}
1457
1458
1459/**
1460 * eap_sm_abort - Abort EAP authentication
1461 * @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
1462 *
1463 * Release system resources that have been allocated for the authentication
1464 * session without fully deinitializing the EAP state machine.
1465 */
1466void eap_sm_abort(struct eap_sm *sm)
1467{
1468	wpabuf_free(sm->lastRespData);
1469	sm->lastRespData = NULL;
1470	wpabuf_free(sm->eapRespData);
1471	sm->eapRespData = NULL;
1472	os_free(sm->eapKeyData);
1473	sm->eapKeyData = NULL;
1474	os_free(sm->eapSessionId);
1475	sm->eapSessionId = NULL;
1476
1477	/* This is not clearly specified in the EAP statemachines draft, but
1478	 * it seems necessary to make sure that some of the EAPOL variables get
1479	 * cleared for the next authentication. */
1480	eapol_set_bool(sm, EAPOL_eapSuccess, FALSE);
1481}
1482
1483
1484#ifdef CONFIG_CTRL_IFACE
1485static const char * eap_sm_state_txt(int state)
1486{
1487	switch (state) {
1488	case EAP_INITIALIZE:
1489		return "INITIALIZE";
1490	case EAP_DISABLED:
1491		return "DISABLED";
1492	case EAP_IDLE:
1493		return "IDLE";
1494	case EAP_RECEIVED:
1495		return "RECEIVED";
1496	case EAP_GET_METHOD:
1497		return "GET_METHOD";
1498	case EAP_METHOD:
1499		return "METHOD";
1500	case EAP_SEND_RESPONSE:
1501		return "SEND_RESPONSE";
1502	case EAP_DISCARD:
1503		return "DISCARD";
1504	case EAP_IDENTITY:
1505		return "IDENTITY";
1506	case EAP_NOTIFICATION:
1507		return "NOTIFICATION";
1508	case EAP_RETRANSMIT:
1509		return "RETRANSMIT";
1510	case EAP_SUCCESS:
1511		return "SUCCESS";
1512	case EAP_FAILURE:
1513		return "FAILURE";
1514	default:
1515		return "UNKNOWN";
1516	}
1517}
1518#endif /* CONFIG_CTRL_IFACE */
1519
1520
1521#if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
1522static const char * eap_sm_method_state_txt(EapMethodState state)
1523{
1524	switch (state) {
1525	case METHOD_NONE:
1526		return "NONE";
1527	case METHOD_INIT:
1528		return "INIT";
1529	case METHOD_CONT:
1530		return "CONT";
1531	case METHOD_MAY_CONT:
1532		return "MAY_CONT";
1533	case METHOD_DONE:
1534		return "DONE";
1535	default:
1536		return "UNKNOWN";
1537	}
1538}
1539
1540
1541static const char * eap_sm_decision_txt(EapDecision decision)
1542{
1543	switch (decision) {
1544	case DECISION_FAIL:
1545		return "FAIL";
1546	case DECISION_COND_SUCC:
1547		return "COND_SUCC";
1548	case DECISION_UNCOND_SUCC:
1549		return "UNCOND_SUCC";
1550	default:
1551		return "UNKNOWN";
1552	}
1553}
1554#endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
1555
1556
1557#ifdef CONFIG_CTRL_IFACE
1558
1559/**
1560 * eap_sm_get_status - Get EAP state machine status
1561 * @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
1562 * @buf: Buffer for status information
1563 * @buflen: Maximum buffer length
1564 * @verbose: Whether to include verbose status information
1565 * Returns: Number of bytes written to buf.
1566 *
1567 * Query EAP state machine for status information. This function fills in a
1568 * text area with current status information from the EAPOL state machine. If
1569 * the buffer (buf) is not large enough, status information will be truncated
1570 * to fit the buffer.
1571 */
1572int eap_sm_get_status(struct eap_sm *sm, char *buf, size_t buflen, int verbose)
1573{
1574	int len, ret;
1575
1576	if (sm == NULL)
1577		return 0;
1578
1579	len = os_snprintf(buf, buflen,
1580			  "EAP state=%s\n",
1581			  eap_sm_state_txt(sm->EAP_state));
1582	if (len < 0 || (size_t) len >= buflen)
1583		return 0;
1584
1585	if (sm->selectedMethod != EAP_TYPE_NONE) {
1586		const char *name;
1587		if (sm->m) {
1588			name = sm->m->name;
1589		} else {
1590			const struct eap_method *m =
1591				eap_peer_get_eap_method(EAP_VENDOR_IETF,
1592							sm->selectedMethod);
1593			if (m)
1594				name = m->name;
1595			else
1596				name = "?";
1597		}
1598		ret = os_snprintf(buf + len, buflen - len,
1599				  "selectedMethod=%d (EAP-%s)\n",
1600				  sm->selectedMethod, name);
1601		if (ret < 0 || (size_t) ret >= buflen - len)
1602			return len;
1603		len += ret;
1604
1605		if (sm->m && sm->m->get_status) {
1606			len += sm->m->get_status(sm, sm->eap_method_priv,
1607						 buf + len, buflen - len,
1608						 verbose);
1609		}
1610	}
1611
1612	if (verbose) {
1613		ret = os_snprintf(buf + len, buflen - len,
1614				  "reqMethod=%d\n"
1615				  "methodState=%s\n"
1616				  "decision=%s\n"
1617				  "ClientTimeout=%d\n",
1618				  sm->reqMethod,
1619				  eap_sm_method_state_txt(sm->methodState),
1620				  eap_sm_decision_txt(sm->decision),
1621				  sm->ClientTimeout);
1622		if (ret < 0 || (size_t) ret >= buflen - len)
1623			return len;
1624		len += ret;
1625	}
1626
1627	return len;
1628}
1629#endif /* CONFIG_CTRL_IFACE */
1630
1631
1632#if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
1633static void eap_sm_request(struct eap_sm *sm, enum wpa_ctrl_req_type field,
1634			   const char *msg, size_t msglen)
1635{
1636	struct eap_peer_config *config;
1637	char *txt = NULL, *tmp;
1638
1639	if (sm == NULL)
1640		return;
1641	config = eap_get_config(sm);
1642	if (config == NULL)
1643		return;
1644
1645	switch (field) {
1646	case WPA_CTRL_REQ_EAP_IDENTITY:
1647		config->pending_req_identity++;
1648		break;
1649	case WPA_CTRL_REQ_EAP_PASSWORD:
1650		config->pending_req_password++;
1651		break;
1652	case WPA_CTRL_REQ_EAP_NEW_PASSWORD:
1653		config->pending_req_new_password++;
1654		break;
1655	case WPA_CTRL_REQ_EAP_PIN:
1656		config->pending_req_pin++;
1657		break;
1658	case WPA_CTRL_REQ_EAP_OTP:
1659		if (msg) {
1660			tmp = os_malloc(msglen + 3);
1661			if (tmp == NULL)
1662				return;
1663			tmp[0] = '[';
1664			os_memcpy(tmp + 1, msg, msglen);
1665			tmp[msglen + 1] = ']';
1666			tmp[msglen + 2] = '\0';
1667			txt = tmp;
1668			os_free(config->pending_req_otp);
1669			config->pending_req_otp = tmp;
1670			config->pending_req_otp_len = msglen + 3;
1671		} else {
1672			if (config->pending_req_otp == NULL)
1673				return;
1674			txt = config->pending_req_otp;
1675		}
1676		break;
1677	case WPA_CTRL_REQ_EAP_PASSPHRASE:
1678		config->pending_req_passphrase++;
1679		break;
1680	default:
1681		return;
1682	}
1683
1684	if (sm->eapol_cb->eap_param_needed)
1685		sm->eapol_cb->eap_param_needed(sm->eapol_ctx, field, txt);
1686}
1687#else /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
1688#define eap_sm_request(sm, type, msg, msglen) do { } while (0)
1689#endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
1690
1691const char * eap_sm_get_method_name(struct eap_sm *sm)
1692{
1693	if (sm->m == NULL)
1694		return "UNKNOWN";
1695	return sm->m->name;
1696}
1697
1698
1699/**
1700 * eap_sm_request_identity - Request identity from user (ctrl_iface)
1701 * @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
1702 *
1703 * EAP methods can call this function to request identity information for the
1704 * current network. This is normally called when the identity is not included
1705 * in the network configuration. The request will be sent to monitor programs
1706 * through the control interface.
1707 */
1708void eap_sm_request_identity(struct eap_sm *sm)
1709{
1710	eap_sm_request(sm, WPA_CTRL_REQ_EAP_IDENTITY, NULL, 0);
1711}
1712
1713
1714/**
1715 * eap_sm_request_password - Request password from user (ctrl_iface)
1716 * @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
1717 *
1718 * EAP methods can call this function to request password information for the
1719 * current network. This is normally called when the password is not included
1720 * in the network configuration. The request will be sent to monitor programs
1721 * through the control interface.
1722 */
1723void eap_sm_request_password(struct eap_sm *sm)
1724{
1725	eap_sm_request(sm, WPA_CTRL_REQ_EAP_PASSWORD, NULL, 0);
1726}
1727
1728
1729/**
1730 * eap_sm_request_new_password - Request new password from user (ctrl_iface)
1731 * @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
1732 *
1733 * EAP methods can call this function to request new password information for
1734 * the current network. This is normally called when the EAP method indicates
1735 * that the current password has expired and password change is required. The
1736 * request will be sent to monitor programs through the control interface.
1737 */
1738void eap_sm_request_new_password(struct eap_sm *sm)
1739{
1740	eap_sm_request(sm, WPA_CTRL_REQ_EAP_NEW_PASSWORD, NULL, 0);
1741}
1742
1743
1744/**
1745 * eap_sm_request_pin - Request SIM or smart card PIN from user (ctrl_iface)
1746 * @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
1747 *
1748 * EAP methods can call this function to request SIM or smart card PIN
1749 * information for the current network. This is normally called when the PIN is
1750 * not included in the network configuration. The request will be sent to
1751 * monitor programs through the control interface.
1752 */
1753void eap_sm_request_pin(struct eap_sm *sm)
1754{
1755	eap_sm_request(sm, WPA_CTRL_REQ_EAP_PIN, NULL, 0);
1756}
1757
1758
1759/**
1760 * eap_sm_request_otp - Request one time password from user (ctrl_iface)
1761 * @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
1762 * @msg: Message to be displayed to the user when asking for OTP
1763 * @msg_len: Length of the user displayable message
1764 *
1765 * EAP methods can call this function to request open time password (OTP) for
1766 * the current network. The request will be sent to monitor programs through
1767 * the control interface.
1768 */
1769void eap_sm_request_otp(struct eap_sm *sm, const char *msg, size_t msg_len)
1770{
1771	eap_sm_request(sm, WPA_CTRL_REQ_EAP_OTP, msg, msg_len);
1772}
1773
1774
1775/**
1776 * eap_sm_request_passphrase - Request passphrase from user (ctrl_iface)
1777 * @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
1778 *
1779 * EAP methods can call this function to request passphrase for a private key
1780 * for the current network. This is normally called when the passphrase is not
1781 * included in the network configuration. The request will be sent to monitor
1782 * programs through the control interface.
1783 */
1784void eap_sm_request_passphrase(struct eap_sm *sm)
1785{
1786	eap_sm_request(sm, WPA_CTRL_REQ_EAP_PASSPHRASE, NULL, 0);
1787}
1788
1789
1790/**
1791 * eap_sm_notify_ctrl_attached - Notification of attached monitor
1792 * @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
1793 *
1794 * Notify EAP state machines that a monitor was attached to the control
1795 * interface to trigger re-sending of pending requests for user input.
1796 */
1797void eap_sm_notify_ctrl_attached(struct eap_sm *sm)
1798{
1799	struct eap_peer_config *config = eap_get_config(sm);
1800
1801	if (config == NULL)
1802		return;
1803
1804	/* Re-send any pending requests for user data since a new control
1805	 * interface was added. This handles cases where the EAP authentication
1806	 * starts immediately after system startup when the user interface is
1807	 * not yet running. */
1808	if (config->pending_req_identity)
1809		eap_sm_request_identity(sm);
1810	if (config->pending_req_password)
1811		eap_sm_request_password(sm);
1812	if (config->pending_req_new_password)
1813		eap_sm_request_new_password(sm);
1814	if (config->pending_req_otp)
1815		eap_sm_request_otp(sm, NULL, 0);
1816	if (config->pending_req_pin)
1817		eap_sm_request_pin(sm);
1818	if (config->pending_req_passphrase)
1819		eap_sm_request_passphrase(sm);
1820}
1821
1822
1823static int eap_allowed_phase2_type(int vendor, int type)
1824{
1825	if (vendor != EAP_VENDOR_IETF)
1826		return 0;
1827	return type != EAP_TYPE_PEAP && type != EAP_TYPE_TTLS &&
1828		type != EAP_TYPE_FAST;
1829}
1830
1831
1832/**
1833 * eap_get_phase2_type - Get EAP type for the given EAP phase 2 method name
1834 * @name: EAP method name, e.g., MD5
1835 * @vendor: Buffer for returning EAP Vendor-Id
1836 * Returns: EAP method type or %EAP_TYPE_NONE if not found
1837 *
1838 * This function maps EAP type names into EAP type numbers that are allowed for
1839 * Phase 2, i.e., for tunneled authentication. Phase 2 is used, e.g., with
1840 * EAP-PEAP, EAP-TTLS, and EAP-FAST.
1841 */
1842u32 eap_get_phase2_type(const char *name, int *vendor)
1843{
1844	int v;
1845	u8 type = eap_peer_get_type(name, &v);
1846	if (eap_allowed_phase2_type(v, type)) {
1847		*vendor = v;
1848		return type;
1849	}
1850	*vendor = EAP_VENDOR_IETF;
1851	return EAP_TYPE_NONE;
1852}
1853
1854
1855/**
1856 * eap_get_phase2_types - Get list of allowed EAP phase 2 types
1857 * @config: Pointer to a network configuration
1858 * @count: Pointer to a variable to be filled with number of returned EAP types
1859 * Returns: Pointer to allocated type list or %NULL on failure
1860 *
1861 * This function generates an array of allowed EAP phase 2 (tunneled) types for
1862 * the given network configuration.
1863 */
1864struct eap_method_type * eap_get_phase2_types(struct eap_peer_config *config,
1865					      size_t *count)
1866{
1867	struct eap_method_type *buf;
1868	u32 method;
1869	int vendor;
1870	size_t mcount;
1871	const struct eap_method *methods, *m;
1872
1873	methods = eap_peer_get_methods(&mcount);
1874	if (methods == NULL)
1875		return NULL;
1876	*count = 0;
1877	buf = os_malloc(mcount * sizeof(struct eap_method_type));
1878	if (buf == NULL)
1879		return NULL;
1880
1881	for (m = methods; m; m = m->next) {
1882		vendor = m->vendor;
1883		method = m->method;
1884		if (eap_allowed_phase2_type(vendor, method)) {
1885			if (vendor == EAP_VENDOR_IETF &&
1886			    method == EAP_TYPE_TLS && config &&
1887			    config->private_key2 == NULL)
1888				continue;
1889			buf[*count].vendor = vendor;
1890			buf[*count].method = method;
1891			(*count)++;
1892		}
1893	}
1894
1895	return buf;
1896}
1897
1898
1899/**
1900 * eap_set_fast_reauth - Update fast_reauth setting
1901 * @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
1902 * @enabled: 1 = Fast reauthentication is enabled, 0 = Disabled
1903 */
1904void eap_set_fast_reauth(struct eap_sm *sm, int enabled)
1905{
1906	sm->fast_reauth = enabled;
1907}
1908
1909
1910/**
1911 * eap_set_workaround - Update EAP workarounds setting
1912 * @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
1913 * @workaround: 1 = Enable EAP workarounds, 0 = Disable EAP workarounds
1914 */
1915void eap_set_workaround(struct eap_sm *sm, unsigned int workaround)
1916{
1917	sm->workaround = workaround;
1918}
1919
1920
1921/**
1922 * eap_get_config - Get current network configuration
1923 * @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
1924 * Returns: Pointer to the current network configuration or %NULL if not found
1925 *
1926 * EAP peer methods should avoid using this function if they can use other
1927 * access functions, like eap_get_config_identity() and
1928 * eap_get_config_password(), that do not require direct access to
1929 * struct eap_peer_config.
1930 */
1931struct eap_peer_config * eap_get_config(struct eap_sm *sm)
1932{
1933	return sm->eapol_cb->get_config(sm->eapol_ctx);
1934}
1935
1936
1937/**
1938 * eap_get_config_identity - Get identity from the network configuration
1939 * @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
1940 * @len: Buffer for the length of the identity
1941 * Returns: Pointer to the identity or %NULL if not found
1942 */
1943const u8 * eap_get_config_identity(struct eap_sm *sm, size_t *len)
1944{
1945	struct eap_peer_config *config = eap_get_config(sm);
1946	if (config == NULL)
1947		return NULL;
1948	*len = config->identity_len;
1949	return config->identity;
1950}
1951
1952
1953static int eap_get_ext_password(struct eap_sm *sm,
1954				struct eap_peer_config *config)
1955{
1956	char *name;
1957
1958	if (config->password == NULL)
1959		return -1;
1960
1961	name = os_zalloc(config->password_len + 1);
1962	if (name == NULL)
1963		return -1;
1964	os_memcpy(name, config->password, config->password_len);
1965
1966	ext_password_free(sm->ext_pw_buf);
1967	sm->ext_pw_buf = ext_password_get(sm->ext_pw, name);
1968	os_free(name);
1969
1970	return sm->ext_pw_buf == NULL ? -1 : 0;
1971}
1972
1973
1974/**
1975 * eap_get_config_password - Get password from the network configuration
1976 * @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
1977 * @len: Buffer for the length of the password
1978 * Returns: Pointer to the password or %NULL if not found
1979 */
1980const u8 * eap_get_config_password(struct eap_sm *sm, size_t *len)
1981{
1982	struct eap_peer_config *config = eap_get_config(sm);
1983	if (config == NULL)
1984		return NULL;
1985
1986	if (config->flags & EAP_CONFIG_FLAGS_EXT_PASSWORD) {
1987		if (eap_get_ext_password(sm, config) < 0)
1988			return NULL;
1989		*len = wpabuf_len(sm->ext_pw_buf);
1990		return wpabuf_head(sm->ext_pw_buf);
1991	}
1992
1993	*len = config->password_len;
1994	return config->password;
1995}
1996
1997
1998/**
1999 * eap_get_config_password2 - Get password from the network configuration
2000 * @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
2001 * @len: Buffer for the length of the password
2002 * @hash: Buffer for returning whether the password is stored as a
2003 * NtPasswordHash instead of plaintext password; can be %NULL if this
2004 * information is not needed
2005 * Returns: Pointer to the password or %NULL if not found
2006 */
2007const u8 * eap_get_config_password2(struct eap_sm *sm, size_t *len, int *hash)
2008{
2009	struct eap_peer_config *config = eap_get_config(sm);
2010	if (config == NULL)
2011		return NULL;
2012
2013	if (config->flags & EAP_CONFIG_FLAGS_EXT_PASSWORD) {
2014		if (eap_get_ext_password(sm, config) < 0)
2015			return NULL;
2016		*len = wpabuf_len(sm->ext_pw_buf);
2017		return wpabuf_head(sm->ext_pw_buf);
2018	}
2019
2020	*len = config->password_len;
2021	if (hash)
2022		*hash = !!(config->flags & EAP_CONFIG_FLAGS_PASSWORD_NTHASH);
2023	return config->password;
2024}
2025
2026
2027/**
2028 * eap_get_config_new_password - Get new password from network configuration
2029 * @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
2030 * @len: Buffer for the length of the new password
2031 * Returns: Pointer to the new password or %NULL if not found
2032 */
2033const u8 * eap_get_config_new_password(struct eap_sm *sm, size_t *len)
2034{
2035	struct eap_peer_config *config = eap_get_config(sm);
2036	if (config == NULL)
2037		return NULL;
2038	*len = config->new_password_len;
2039	return config->new_password;
2040}
2041
2042
2043/**
2044 * eap_get_config_otp - Get one-time password from the network configuration
2045 * @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
2046 * @len: Buffer for the length of the one-time password
2047 * Returns: Pointer to the one-time password or %NULL if not found
2048 */
2049const u8 * eap_get_config_otp(struct eap_sm *sm, size_t *len)
2050{
2051	struct eap_peer_config *config = eap_get_config(sm);
2052	if (config == NULL)
2053		return NULL;
2054	*len = config->otp_len;
2055	return config->otp;
2056}
2057
2058
2059/**
2060 * eap_clear_config_otp - Clear used one-time password
2061 * @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
2062 *
2063 * This function clears a used one-time password (OTP) from the current network
2064 * configuration. This should be called when the OTP has been used and is not
2065 * needed anymore.
2066 */
2067void eap_clear_config_otp(struct eap_sm *sm)
2068{
2069	struct eap_peer_config *config = eap_get_config(sm);
2070	if (config == NULL)
2071		return;
2072	os_memset(config->otp, 0, config->otp_len);
2073	os_free(config->otp);
2074	config->otp = NULL;
2075	config->otp_len = 0;
2076}
2077
2078
2079/**
2080 * eap_get_config_phase1 - Get phase1 data from the network configuration
2081 * @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
2082 * Returns: Pointer to the phase1 data or %NULL if not found
2083 */
2084const char * eap_get_config_phase1(struct eap_sm *sm)
2085{
2086	struct eap_peer_config *config = eap_get_config(sm);
2087	if (config == NULL)
2088		return NULL;
2089	return config->phase1;
2090}
2091
2092
2093/**
2094 * eap_get_config_phase2 - Get phase2 data from the network configuration
2095 * @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
2096 * Returns: Pointer to the phase1 data or %NULL if not found
2097 */
2098const char * eap_get_config_phase2(struct eap_sm *sm)
2099{
2100	struct eap_peer_config *config = eap_get_config(sm);
2101	if (config == NULL)
2102		return NULL;
2103	return config->phase2;
2104}
2105
2106
2107int eap_get_config_fragment_size(struct eap_sm *sm)
2108{
2109	struct eap_peer_config *config = eap_get_config(sm);
2110	if (config == NULL)
2111		return -1;
2112	return config->fragment_size;
2113}
2114
2115
2116/**
2117 * eap_key_available - Get key availability (eapKeyAvailable variable)
2118 * @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
2119 * Returns: 1 if EAP keying material is available, 0 if not
2120 */
2121int eap_key_available(struct eap_sm *sm)
2122{
2123	return sm ? sm->eapKeyAvailable : 0;
2124}
2125
2126
2127/**
2128 * eap_notify_success - Notify EAP state machine about external success trigger
2129 * @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
2130 *
2131 * This function is called when external event, e.g., successful completion of
2132 * WPA-PSK key handshake, is indicating that EAP state machine should move to
2133 * success state. This is mainly used with security modes that do not use EAP
2134 * state machine (e.g., WPA-PSK).
2135 */
2136void eap_notify_success(struct eap_sm *sm)
2137{
2138	if (sm) {
2139		sm->decision = DECISION_COND_SUCC;
2140		sm->EAP_state = EAP_SUCCESS;
2141	}
2142}
2143
2144
2145/**
2146 * eap_notify_lower_layer_success - Notification of lower layer success
2147 * @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
2148 *
2149 * Notify EAP state machines that a lower layer has detected a successful
2150 * authentication. This is used to recover from dropped EAP-Success messages.
2151 */
2152void eap_notify_lower_layer_success(struct eap_sm *sm)
2153{
2154	if (sm == NULL)
2155		return;
2156
2157	if (eapol_get_bool(sm, EAPOL_eapSuccess) ||
2158	    sm->decision == DECISION_FAIL ||
2159	    (sm->methodState != METHOD_MAY_CONT &&
2160	     sm->methodState != METHOD_DONE))
2161		return;
2162
2163	if (sm->eapKeyData != NULL)
2164		sm->eapKeyAvailable = TRUE;
2165	eapol_set_bool(sm, EAPOL_eapSuccess, TRUE);
2166	wpa_msg(sm->msg_ctx, MSG_INFO, WPA_EVENT_EAP_SUCCESS
2167		"EAP authentication completed successfully (based on lower "
2168		"layer success)");
2169}
2170
2171
2172/**
2173 * eap_get_eapSessionId - Get Session-Id from EAP state machine
2174 * @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
2175 * @len: Pointer to variable that will be set to number of bytes in the session
2176 * Returns: Pointer to the EAP Session-Id or %NULL on failure
2177 *
2178 * Fetch EAP Session-Id from the EAP state machine. The Session-Id is available
2179 * only after a successful authentication. EAP state machine continues to manage
2180 * the Session-Id and the caller must not change or free the returned data.
2181 */
2182const u8 * eap_get_eapSessionId(struct eap_sm *sm, size_t *len)
2183{
2184	if (sm == NULL || sm->eapSessionId == NULL) {
2185		*len = 0;
2186		return NULL;
2187	}
2188
2189	*len = sm->eapSessionIdLen;
2190	return sm->eapSessionId;
2191}
2192
2193
2194/**
2195 * eap_get_eapKeyData - Get master session key (MSK) from EAP state machine
2196 * @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
2197 * @len: Pointer to variable that will be set to number of bytes in the key
2198 * Returns: Pointer to the EAP keying data or %NULL on failure
2199 *
2200 * Fetch EAP keying material (MSK, eapKeyData) from the EAP state machine. The
2201 * key is available only after a successful authentication. EAP state machine
2202 * continues to manage the key data and the caller must not change or free the
2203 * returned data.
2204 */
2205const u8 * eap_get_eapKeyData(struct eap_sm *sm, size_t *len)
2206{
2207	if (sm == NULL || sm->eapKeyData == NULL) {
2208		*len = 0;
2209		return NULL;
2210	}
2211
2212	*len = sm->eapKeyDataLen;
2213	return sm->eapKeyData;
2214}
2215
2216
2217/**
2218 * eap_get_eapKeyData - Get EAP response data
2219 * @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
2220 * Returns: Pointer to the EAP response (eapRespData) or %NULL on failure
2221 *
2222 * Fetch EAP response (eapRespData) from the EAP state machine. This data is
2223 * available when EAP state machine has processed an incoming EAP request. The
2224 * EAP state machine does not maintain a reference to the response after this
2225 * function is called and the caller is responsible for freeing the data.
2226 */
2227struct wpabuf * eap_get_eapRespData(struct eap_sm *sm)
2228{
2229	struct wpabuf *resp;
2230
2231	if (sm == NULL || sm->eapRespData == NULL)
2232		return NULL;
2233
2234	resp = sm->eapRespData;
2235	sm->eapRespData = NULL;
2236
2237	return resp;
2238}
2239
2240
2241/**
2242 * eap_sm_register_scard_ctx - Notification of smart card context
2243 * @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
2244 * @ctx: Context data for smart card operations
2245 *
2246 * Notify EAP state machines of context data for smart card operations. This
2247 * context data will be used as a parameter for scard_*() functions.
2248 */
2249void eap_register_scard_ctx(struct eap_sm *sm, void *ctx)
2250{
2251	if (sm)
2252		sm->scard_ctx = ctx;
2253}
2254
2255
2256/**
2257 * eap_set_config_blob - Set or add a named configuration blob
2258 * @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
2259 * @blob: New value for the blob
2260 *
2261 * Adds a new configuration blob or replaces the current value of an existing
2262 * blob.
2263 */
2264void eap_set_config_blob(struct eap_sm *sm, struct wpa_config_blob *blob)
2265{
2266#ifndef CONFIG_NO_CONFIG_BLOBS
2267	sm->eapol_cb->set_config_blob(sm->eapol_ctx, blob);
2268#endif /* CONFIG_NO_CONFIG_BLOBS */
2269}
2270
2271
2272/**
2273 * eap_get_config_blob - Get a named configuration blob
2274 * @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
2275 * @name: Name of the blob
2276 * Returns: Pointer to blob data or %NULL if not found
2277 */
2278const struct wpa_config_blob * eap_get_config_blob(struct eap_sm *sm,
2279						   const char *name)
2280{
2281#ifndef CONFIG_NO_CONFIG_BLOBS
2282	return sm->eapol_cb->get_config_blob(sm->eapol_ctx, name);
2283#else /* CONFIG_NO_CONFIG_BLOBS */
2284	return NULL;
2285#endif /* CONFIG_NO_CONFIG_BLOBS */
2286}
2287
2288
2289/**
2290 * eap_set_force_disabled - Set force_disabled flag
2291 * @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
2292 * @disabled: 1 = EAP disabled, 0 = EAP enabled
2293 *
2294 * This function is used to force EAP state machine to be disabled when it is
2295 * not in use (e.g., with WPA-PSK or plaintext connections).
2296 */
2297void eap_set_force_disabled(struct eap_sm *sm, int disabled)
2298{
2299	sm->force_disabled = disabled;
2300}
2301
2302
2303 /**
2304 * eap_notify_pending - Notify that EAP method is ready to re-process a request
2305 * @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
2306 *
2307 * An EAP method can perform a pending operation (e.g., to get a response from
2308 * an external process). Once the response is available, this function can be
2309 * used to request EAPOL state machine to retry delivering the previously
2310 * received (and still unanswered) EAP request to EAP state machine.
2311 */
2312void eap_notify_pending(struct eap_sm *sm)
2313{
2314	sm->eapol_cb->notify_pending(sm->eapol_ctx);
2315}
2316
2317
2318/**
2319 * eap_invalidate_cached_session - Mark cached session data invalid
2320 * @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
2321 */
2322void eap_invalidate_cached_session(struct eap_sm *sm)
2323{
2324	if (sm)
2325		eap_deinit_prev_method(sm, "invalidate");
2326}
2327
2328
2329int eap_is_wps_pbc_enrollee(struct eap_peer_config *conf)
2330{
2331	if (conf->identity_len != WSC_ID_ENROLLEE_LEN ||
2332	    os_memcmp(conf->identity, WSC_ID_ENROLLEE, WSC_ID_ENROLLEE_LEN))
2333		return 0; /* Not a WPS Enrollee */
2334
2335	if (conf->phase1 == NULL || os_strstr(conf->phase1, "pbc=1") == NULL)
2336		return 0; /* Not using PBC */
2337
2338	return 1;
2339}
2340
2341
2342int eap_is_wps_pin_enrollee(struct eap_peer_config *conf)
2343{
2344	if (conf->identity_len != WSC_ID_ENROLLEE_LEN ||
2345	    os_memcmp(conf->identity, WSC_ID_ENROLLEE, WSC_ID_ENROLLEE_LEN))
2346		return 0; /* Not a WPS Enrollee */
2347
2348	if (conf->phase1 == NULL || os_strstr(conf->phase1, "pin=") == NULL)
2349		return 0; /* Not using PIN */
2350
2351	return 1;
2352}
2353
2354
2355void eap_sm_set_ext_pw_ctx(struct eap_sm *sm, struct ext_password_data *ext)
2356{
2357	ext_password_free(sm->ext_pw_buf);
2358	sm->ext_pw_buf = NULL;
2359	sm->ext_pw = ext;
2360}
2361
2362
2363/**
2364 * eap_set_anon_id - Set or add anonymous identity
2365 * @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
2366 * @id: Anonymous identity (e.g., EAP-SIM pseudonym) or %NULL to clear
2367 * @len: Length of anonymous identity in octets
2368 */
2369void eap_set_anon_id(struct eap_sm *sm, const u8 *id, size_t len)
2370{
2371	if (sm->eapol_cb->set_anon_id)
2372		sm->eapol_cb->set_anon_id(sm->eapol_ctx, id, len);
2373}
2374