2
* EAP peer method: EAP-TLV (draft-josefsson-pppext-eap-tls-eap-07.txt)
3
* Copyright (c) 2004-2006, Jouni Malinen <j@w1.fi>
5
* This program is free software; you can redistribute it and/or modify
6
* it under the terms of the GNU General Public License version 2 as
7
* published by the Free Software Foundation.
9
* Alternatively, this software may be distributed under the terms of BSD
12
* See README and COPYING for more details.
23
* eap_tlv_build_nak - Build EAP-TLV NAK message
24
* @id: EAP identifier for the header
25
* @nak_type: TLV type (EAP_TLV_*)
26
* @resp_len: Buffer for returning the response length
27
* Returns: Buffer to the allocated EAP-TLV NAK message or %NULL on failure
29
* This funtion builds an EAP-TLV NAK message. The caller is responsible for
30
* freeing the returned buffer.
32
u8 * eap_tlv_build_nak(int id, u16 nak_type, size_t *resp_len)
37
hdr = eap_msg_alloc(EAP_VENDOR_IETF, EAP_TYPE_TLV, resp_len,
38
10, EAP_CODE_RESPONSE, id, &pos);
42
*pos++ = 0x80; /* Mandatory */
43
*pos++ = EAP_TLV_NAK_TLV;
53
WPA_PUT_BE16(pos, nak_type);
60
* eap_tlv_build_result - Build EAP-TLV Result message
61
* @id: EAP identifier for the header
62
* @status: Status (EAP_TLV_RESULT_SUCCESS or EAP_TLV_RESULT_FAILURE)
63
* @resp_len: Buffer for returning the response length
64
* Returns: Buffer to the allocated EAP-TLV Result message or %NULL on failure
66
* This funtion builds an EAP-TLV Result message. The caller is responsible for
67
* freeing the returned buffer.
69
u8 * eap_tlv_build_result(int id, u16 status, size_t *resp_len)
74
hdr = eap_msg_alloc(EAP_VENDOR_IETF, EAP_TYPE_TLV, resp_len,
75
6, EAP_CODE_RESPONSE, id, &pos);
79
*pos++ = 0x80; /* Mandatory */
80
*pos++ = EAP_TLV_RESULT_TLV;
85
WPA_PUT_BE16(pos, status);
92
* eap_tlv_process - Process a received EAP-TLV message and generate a response
93
* @sm: Pointer to EAP state machine allocated with eap_sm_init()
94
* @ret: Return values from EAP request validation and processing
95
* @hdr: EAP-TLV request to be processed. The caller must have validated that
96
* the buffer is large enough to contain full request (hdr->length bytes) and
97
* that the EAP type is EAP_TYPE_TLV.
98
* @resp: Buffer to return a pointer to the allocated response message. This
99
* field should be initialized to %NULL before the call. The value will be
100
* updated if a response message is generated. The caller is responsible for
101
* freeing the allocated message.
102
* @resp_len: Buffer for returning the response length
103
* Returns: 0 on success, -1 on failure
105
int eap_tlv_process(struct eap_sm *sm, struct eap_method_ret *ret,
106
const struct eap_hdr *hdr, u8 **resp, size_t *resp_len)
108
size_t left, tlv_len;
110
const u8 *result_tlv = NULL;
111
size_t result_tlv_len = 0;
112
int tlv_type, mandatory;
115
left = be_to_host16(hdr->length) - sizeof(struct eap_hdr) - 1;
116
pos = (const u8 *) (hdr + 1);
118
wpa_hexdump(MSG_DEBUG, "EAP-TLV: Received TLVs", pos, left);
120
mandatory = !!(pos[0] & 0x80);
121
tlv_type = WPA_GET_BE16(pos) & 0x3fff;
123
tlv_len = WPA_GET_BE16(pos);
126
if (tlv_len > left) {
127
wpa_printf(MSG_DEBUG, "EAP-TLV: TLV underrun "
128
"(tlv_len=%lu left=%lu)",
129
(unsigned long) tlv_len,
130
(unsigned long) left);
134
case EAP_TLV_RESULT_TLV:
136
result_tlv_len = tlv_len;
139
wpa_printf(MSG_DEBUG, "EAP-TLV: Unsupported TLV Type "
141
mandatory ? " (mandatory)" : "");
143
/* NAK TLV and ignore all TLVs in this packet.
145
*resp = eap_tlv_build_nak(hdr->identifier,
147
return *resp == NULL ? -1 : 0;
149
/* Ignore this TLV, but process other TLVs */
157
wpa_printf(MSG_DEBUG, "EAP-TLV: Last TLV too short in "
158
"Request (left=%lu)", (unsigned long) left);
162
/* Process supported TLVs */
164
int status, resp_status;
165
wpa_hexdump(MSG_DEBUG, "EAP-TLV: Result TLV",
166
result_tlv, result_tlv_len);
167
if (result_tlv_len < 2) {
168
wpa_printf(MSG_INFO, "EAP-TLV: Too short Result TLV "
170
(unsigned long) result_tlv_len);
173
status = WPA_GET_BE16(result_tlv);
174
if (status == EAP_TLV_RESULT_SUCCESS) {
175
wpa_printf(MSG_INFO, "EAP-TLV: TLV Result - Success "
176
"- EAP-TLV/Phase2 Completed");
177
resp_status = EAP_TLV_RESULT_SUCCESS;
178
ret->decision = DECISION_UNCOND_SUCC;
179
} else if (status == EAP_TLV_RESULT_FAILURE) {
180
wpa_printf(MSG_INFO, "EAP-TLV: TLV Result - Failure");
181
resp_status = EAP_TLV_RESULT_FAILURE;
182
ret->decision = DECISION_FAIL;
184
wpa_printf(MSG_INFO, "EAP-TLV: Unknown TLV Result "
185
"Status %d", status);
186
resp_status = EAP_TLV_RESULT_FAILURE;
187
ret->decision = DECISION_FAIL;
189
ret->methodState = METHOD_DONE;
191
*resp = eap_tlv_build_result(hdr->identifier, resp_status,