~ubuntu-branches/ubuntu/lucid/wpasupplicant/lucid-updates

« back to all changes in this revision

Viewing changes to eap_fast.c

  • Committer: Bazaar Package Importer
  • Author(s): Kel Modderman
  • Date: 2006-10-05 08:04:01 UTC
  • mfrom: (1.1.5 upstream) (3 etch)
  • mto: This revision was merged to the branch mainline in revision 4.
  • Revision ID: james.westby@ubuntu.com-20061005080401-r8lqlix4390yos7b
Tags: 0.5.5-2
* Update madwifi headers to latest SVN. (Closes: #388316)
* Remove failed attempt at action locking. [debian/functions.sh,
  debian/wpa_action.sh]
* Add hysteresis checking functions, to avoid "event loops" while
  using wpa-roam. [debian/functions.sh, debian/wpa_action.sh]
* Change of co-maintainer email address.
* Add ishex() function to functions.sh to determine wpa-psk value type in
  plaintext or hex. This effectively eliminates the need for the bogus and
  somewhat confusing wpa-passphrase contruct specific to our scripts and
  allows wpa-psk to work with either a 8 to 63 character long plaintext
  string or 64 character long hex string.
* Adjust README.modes to not refer to the redundant wpa-passphrase stuff.
* Add big fat NOTE about acceptable wpa-psk's to top of example gallery.
* Strip surrounding quotes from wpa-ssid if present, instead of just whining
  about them.
* Update email address in copyright blurb of functions.sh, ifupdown.sh and
  wpa_action.sh.  

Show diffs side-by-side

added added

removed removed

Lines of Context:
469
469
                           size_t len, int txt)
470
470
{
471
471
        size_t i, need;
 
472
        int ret;
472
473
 
473
474
        if (data == NULL || *buf == NULL)
474
475
                return;
488
489
                *buf_len += need;
489
490
        }
490
491
 
491
 
        *pos += snprintf(*pos, *buf + *buf_len - *pos, "%s=", field);
 
492
        ret = snprintf(*pos, *buf + *buf_len - *pos, "%s=", field);
 
493
        if (ret < 0 || ret >= *buf + *buf_len - *pos)
 
494
                return;
 
495
        *pos += ret;
492
496
        *pos += wpa_snprintf_hex(*pos, *buf + *buf_len - *pos, data, len);
493
 
        *pos += snprintf(*pos, *buf + *buf_len - *pos, "\n");
 
497
        ret = snprintf(*pos, *buf + *buf_len - *pos, "\n");
 
498
        if (ret < 0 || ret >= *buf + *buf_len - *pos)
 
499
                return;
 
500
        *pos += ret;
494
501
 
495
502
        if (txt) {
496
 
                *pos += snprintf(*pos, *buf + *buf_len - *pos,
497
 
                                 "%s-txt=", field);
 
503
                ret = snprintf(*pos, *buf + *buf_len - *pos,
 
504
                               "%s-txt=", field);
 
505
                if (ret < 0 || ret >= *buf + *buf_len - *pos)
 
506
                        return;
 
507
                *pos += ret;
498
508
                for (i = 0; i < len; i++) {
499
 
                        *pos += snprintf(*pos, *buf + *buf_len - *pos,
500
 
                                         "%c", data[i]);
 
509
                        ret = snprintf(*pos, *buf + *buf_len - *pos,
 
510
                                       "%c", data[i]);
 
511
                        if (ret < 0 || ret >= *buf + *buf_len - *pos)
 
512
                                return;
 
513
                        *pos += ret;
501
514
                }
502
 
                *pos += snprintf(*pos, *buf + *buf_len - *pos, "\n");
 
515
                ret = snprintf(*pos, *buf + *buf_len - *pos, "\n");
 
516
                if (ret < 0 || ret >= *buf + *buf_len - *pos)
 
517
                        return;
 
518
                *pos += ret;
503
519
        }
504
520
}
505
521
 
509
525
{
510
526
        FILE *f;
511
527
        struct eap_fast_pac *pac;
512
 
        int count = 0;
 
528
        int count = 0, ret;
513
529
        char *buf, *pos;
514
530
        size_t buf_len;
515
531
 
521
537
        if (buf == NULL)
522
538
                return -1;
523
539
 
524
 
        pos += snprintf(pos, buf + buf_len - pos, "%s\n", pac_file_hdr);
 
540
        ret = snprintf(pos, buf + buf_len - pos, "%s\n", pac_file_hdr);
 
541
        if (ret < 0 || ret >= buf + buf_len - pos)
 
542
                return -1;
 
543
        pos += ret;
525
544
 
526
545
        pac = data->pac;
527
546
        while (pac) {
528
 
                pos += snprintf(pos, buf + buf_len - pos, "START\n");
 
547
                ret = snprintf(pos, buf + buf_len - pos, "START\n");
 
548
                if (ret < 0 || ret >= buf + buf_len - pos)
 
549
                        return -1;
 
550
                pos += ret;
529
551
                eap_fast_write(&buf, &pos, &buf_len, "PAC-Key", pac->pac_key,
530
552
                               EAP_FAST_PAC_KEY_LEN, 0);
531
553
                eap_fast_write(&buf, &pos, &buf_len, "PAC-Opaque",
538
560
                               pac->i_id_len, 1);
539
561
                eap_fast_write(&buf, &pos, &buf_len, "A-ID-Info",
540
562
                               pac->a_id_info, pac->a_id_info_len, 1);
541
 
                pos += snprintf(pos, buf + buf_len - pos, "END\n");
 
563
                ret = snprintf(pos, buf + buf_len - pos, "END\n");
 
564
                if (ret < 0 || ret >= buf + buf_len - pos)
 
565
                        return -1;
 
566
                pos += ret;
542
567
                count++;
543
568
                pac = pac->next;
544
569
 
1851
1876
                        }
1852
1877
                        free(tlv);
1853
1878
                } else {
 
1879
                        u8 ciphers[2];
1854
1880
                        if (!data->provisioning_allowed) {
1855
1881
                                wpa_printf(MSG_DEBUG, "EAP-FAST: No PAC found "
1856
1882
                                           "and provisioning disabled");
1858
1884
                        }
1859
1885
                        wpa_printf(MSG_DEBUG, "EAP-FAST: No PAC found - "
1860
1886
                                   "starting provisioning");
1861
 
                        if (tls_connection_set_anon_dh(sm->ssl_ctx,
1862
 
                                                       data->ssl.conn)) {
 
1887
                        ciphers[0] = TLS_CIPHER_ANON_DH_AES128_SHA;
 
1888
                        ciphers[1] = TLS_CIPHER_NONE;
 
1889
                        if (tls_connection_set_cipher_list(sm->ssl_ctx,
 
1890
                                                           data->ssl.conn,
 
1891
                                                           ciphers)) {
1863
1892
                                wpa_printf(MSG_INFO, "EAP-FAST: Could not "
1864
1893
                                           "configure anonymous DH for TLS "
1865
1894
                                           "connection");
1938
1967
                free(data);
1939
1968
                return NULL;
1940
1969
        }
 
1970
        if (data->phase2_priv && data->phase2_method &&
 
1971
            data->phase2_method->init_for_reauth)
 
1972
                data->phase2_method->init_for_reauth(sm, data->phase2_priv);
1941
1973
        data->phase2_success = 0;
1942
1974
        data->resuming = 1;
1943
1975
        data->provisioning = 0;
1950
1982
                               size_t buflen, int verbose)
1951
1983
{
1952
1984
        struct eap_fast_data *data = priv;
1953
 
        int len;
 
1985
        int len, ret;
1954
1986
 
1955
1987
        len = eap_tls_status(sm, &data->ssl, buf, buflen, verbose);
1956
1988
        if (data->phase2_method) {
1957
 
                len += snprintf(buf + len, buflen - len,
1958
 
                                "EAP-FAST Phase2 method=%s\n",
1959
 
                                data->phase2_method->name);
 
1989
                ret = snprintf(buf + len, buflen - len,
 
1990
                               "EAP-FAST Phase2 method=%s\n",
 
1991
                               data->phase2_method->name);
 
1992
                if (ret < 0 || (size_t) ret >= buflen - len)
 
1993
                        return len;
 
1994
                len += ret;
1960
1995
        }
1961
1996
        return len;
1962
1997
}