← Back to branch summary

~ubuntu-branches/ubuntu/vivid/wpasupplicant/vivid

« back to all changes in this revision

Viewing changes to src/eap_peer/eap_tnc.c

  • Committer: Bazaar Package Importer
  • Author(s): Kel Modderman
  • Date: 2008-03-12 20:03:04 UTC
  • mfrom: (1.1.10 upstream)
  • mto: This revision was merged to the branch mainline in revision 4.
  • Revision ID: james.westby@ubuntu.com-20080312200304-4331y9wj46pdd34z
Tags: 0.6.3-1
http://bugs.debian.org/466910
* New upstream release.
* Drop patches applied upstream:
  - debian/patches/30_wpa_gui_qt4_eventhistoryui_rework.patch
  - debian/patches/31_wpa_gui_qt4_eventhistory_always_scrollbar.patch
  - debian/patches/32_wpa_gui_qt4_eventhistory_scroll_with_events.patch
  - debian/patches/40_dbus_ssid_data.patch
* Tidy up the clean target of debian/rules. Now that the madwifi headers are
  handled differently we no longer need to do any cleanup.
* Fix formatting error in debian/ifupdown/wpa_action.8 to make lintian
  quieter.
* Add patch to fix formatting errors in manpages build from sgml source. Use
  <emphasis> tags to hightlight keywords instead of surrounding them in
  strong quotes.
  - debian/patches/41_manpage_format_fixes.patch
* wpasupplicant binary package no longer suggests pcscd, guessnet, iproute
  or wireless-tools, nor does it recommend dhcp3-client. These are not
  needed.
* Add debian/patches/10_silence_siocsiwauth_icotl_failure.patch to disable
  ioctl failure messages that occur under normal conditions.
* Cherry pick two upstream git commits concerning the dbus interface:
  - debian/patches/11_avoid_dbus_version_namespace.patch
  - debian/patches/12_fix_potential_use_after_free.patch
* Add debian/patches/42_manpage_explain_available_drivers.patch to explain
  that not all of the driver backends are available in the provided
  wpa_supplicant binary, and that the canonical list of supported driver
  backends can be retrieved from the wpa_supplicant -h (help) output.
  (Closes: #466910)
* Add debian/patches/20_wpa_gui_qt4_disable_link_prl.patch to remove
  link_prl CONFIG compile flag added by qmake-qt4 >= 4.3.4-2 to avoid excess
  linking.

Show diffs side-by-side

added added

removed removed

Lines of Context:
src/eap_peer/eap_tnc.c
 
1
/*
 
2
 * EAP peer method: EAP-TNC (Trusted Network Connect)
 
3
 * Copyright (c) 2007, Jouni Malinen <j@w1.fi>
 
4
 *
 
5
 * This program is free software; you can redistribute it and/or modify
 
6
 * it under the terms of the GNU General Public License version 2 as
 
7
 * published by the Free Software Foundation.
 
8
 *
 
9
 * Alternatively, this software may be distributed under the terms of BSD
 
10
 * license.
 
11
 *
 
12
 * See README and COPYING for more details.
 
13
 */
 
14
 
 
15
#include "includes.h"
 
16
 
 
17
#include "common.h"
 
18
#include "base64.h"
 
19
#include "eap_i.h"
 
20
#include "tncc.h"
 
21
 
 
22
 
 
23
struct eap_tnc_data {
 
24
        EapMethodState state;
 
25
        struct tncc_data *tncc;
 
26
};
 
27
 
 
28
 
 
29
/* EAP-TNC Flags */
 
30
#define EAP_TNC_FLAGS_LENGTH_INCLUDED 0x80
 
31
#define EAP_TNC_FLAGS_MORE_FRAGMENTS 0x40
 
32
#define EAP_TNC_FLAGS_START 0x20
 
33
#define EAP_TNC_VERSION_MASK 0x07
 
34
 
 
35
#define EAP_TNC_VERSION 1
 
36
 
 
37
 
 
38
static void * eap_tnc_init(struct eap_sm *sm)
 
39
{
 
40
        struct eap_tnc_data *data;
 
41
 
 
42
        data = os_zalloc(sizeof(*data));
 
43
        if (data == NULL)
 
44
                return NULL;
 
45
        data->state = METHOD_INIT;
 
46
        data->tncc = tncc_init();
 
47
        if (data->tncc == NULL) {
 
48
                os_free(data);
 
49
                return NULL;
 
50
        }
 
51
 
 
52
        return data;
 
53
}
 
54
 
 
55
 
 
56
static void eap_tnc_deinit(struct eap_sm *sm, void *priv)
 
57
{
 
58
        struct eap_tnc_data *data = priv;
 
59
 
 
60
        tncc_deinit(data->tncc);
 
61
        os_free(data);
 
62
}
 
63
 
 
64
 
 
65
static struct wpabuf * eap_tnc_process(struct eap_sm *sm, void *priv,
 
66
                                       struct eap_method_ret *ret,
 
67
                                       const struct wpabuf *reqData)
 
68
{
 
69
        struct eap_tnc_data *data = priv;
 
70
        struct wpabuf *resp;
 
71
        const u8 *pos;
 
72
        u8 *rpos, *rpos1, *start;
 
73
        size_t len, rlen;
 
74
        size_t imc_len;
 
75
        char *start_buf, *end_buf;
 
76
        size_t start_len, end_len;
 
77
        int tncs_done = 0;
 
78
 
 
79
        pos = eap_hdr_validate(EAP_VENDOR_IETF, EAP_TYPE_TNC, reqData, &len);
 
80
        if (pos == NULL || len == 0) {
 
81
                wpa_printf(MSG_INFO, "EAP-TNC: Invalid frame (pos=%p len=%lu)",
 
82
                           pos, (unsigned long) len);
 
83
                ret->ignore = TRUE;
 
84
                return NULL;
 
85
        }
 
86
 
 
87
        wpa_hexdump_ascii(MSG_MSGDUMP, "EAP-TNC: Received payload", pos, len);
 
88
 
 
89
        if ((*pos & EAP_TNC_VERSION_MASK) != EAP_TNC_VERSION) {
 
90
                wpa_printf(MSG_DEBUG, "EAP-TNC: Unsupported version %d",
 
91
                           *pos & EAP_TNC_VERSION_MASK);
 
92
                ret->ignore = TRUE;
 
93
                return NULL;
 
94
        }
 
95
 
 
96
        if (data->state == METHOD_INIT) {
 
97
                if (!(*pos & EAP_TNC_FLAGS_START)) {
 
98
                        wpa_printf(MSG_DEBUG, "EAP-TNC: Server did not use "
 
99
                                   "start flag in the first message");
 
100
                        ret->ignore = TRUE;
 
101
                        return NULL;
 
102
                }
 
103
 
 
104
                tncc_init_connection(data->tncc);
 
105
 
 
106
                data->state = METHOD_MAY_CONT;
 
107
        } else {
 
108
                enum tncc_process_res res;
 
109
 
 
110
                if (*pos & EAP_TNC_FLAGS_START) {
 
111
                        wpa_printf(MSG_DEBUG, "EAP-TNC: Server used start "
 
112
                                   "flag again");
 
113
                        ret->ignore = TRUE;
 
114
                        return NULL;
 
115
                }
 
116
 
 
117
                res = tncc_process_if_tnccs(data->tncc, pos + 1, len - 1);
 
118
                switch (res) {
 
119
                case TNCCS_PROCESS_ERROR:
 
120
                        ret->ignore = TRUE;
 
121
                        return NULL;
 
122
                case TNCCS_PROCESS_OK_NO_RECOMMENDATION:
 
123
                case TNCCS_RECOMMENDATION_ERROR:
 
124
                        wpa_printf(MSG_DEBUG, "EAP-TNC: No "
 
125
                                   "TNCCS-Recommendation received");
 
126
                        break;
 
127
                case TNCCS_RECOMMENDATION_ALLOW:
 
128
                        wpa_msg(sm->msg_ctx, MSG_INFO,
 
129
                                "TNC: Recommendation = allow");
 
130
                        tncs_done = 1;
 
131
                        break;
 
132
                case TNCCS_RECOMMENDATION_NONE:
 
133
                        wpa_msg(sm->msg_ctx, MSG_INFO,
 
134
                                "TNC: Recommendation = none");
 
135
                        tncs_done = 1;
 
136
                        break;
 
137
                case TNCCS_RECOMMENDATION_ISOLATE:
 
138
                        wpa_msg(sm->msg_ctx, MSG_INFO,
 
139
                                "TNC: Recommendation = isolate");
 
140
                        tncs_done = 1;
 
141
                        break;
 
142
                }
 
143
        }
 
144
 
 
145
        ret->ignore = FALSE;
 
146
        ret->methodState = data->state;
 
147
        ret->decision = DECISION_UNCOND_SUCC;
 
148
        ret->allowNotifications = TRUE;
 
149
 
 
150
        if (tncs_done) {
 
151
                resp = eap_msg_alloc(EAP_VENDOR_IETF, EAP_TYPE_TNC, 1,
 
152
                                     EAP_CODE_RESPONSE, eap_get_id(reqData));
 
153
                if (resp == NULL)
 
154
                        return NULL;
 
155
 
 
156
                wpabuf_put_u8(resp, EAP_TNC_VERSION);
 
157
                wpa_printf(MSG_DEBUG, "EAP-TNC: TNCS done - reply with an "
 
158
                           "empty ACK message");
 
159
                return resp;
 
160
        }
 
161
 
 
162
        imc_len = tncc_total_send_len(data->tncc);
 
163
 
 
164
        start_buf = tncc_if_tnccs_start(data->tncc);
 
165
        if (start_buf == NULL)
 
166
                return NULL;
 
167
        start_len = os_strlen(start_buf);
 
168
        end_buf = tncc_if_tnccs_end();
 
169
        if (end_buf == NULL) {
 
170
                os_free(start_buf);
 
171
                return NULL;
 
172
        }
 
173
        end_len = os_strlen(end_buf);
 
174
 
 
175
        rlen = 1 + start_len + imc_len + end_len;
 
176
        resp = eap_msg_alloc(EAP_VENDOR_IETF, EAP_TYPE_TNC, rlen,
 
177
                             EAP_CODE_RESPONSE, eap_get_id(reqData));
 
178
        if (resp == NULL) {
 
179
                os_free(start_buf);
 
180
                os_free(end_buf);
 
181
                return NULL;
 
182
        }
 
183
 
 
184
        start = wpabuf_put(resp, 0);
 
185
        wpabuf_put_u8(resp, EAP_TNC_VERSION);
 
186
        wpabuf_put_data(resp, start_buf, start_len);
 
187
        os_free(start_buf);
 
188
 
 
189
        rpos1 = wpabuf_put(resp, 0);
 
190
        rpos = tncc_copy_send_buf(data->tncc, rpos1);
 
191
        wpabuf_put(resp, rpos - rpos1);
 
192
 
 
193
        wpabuf_put_data(resp, end_buf, end_len);
 
194
        os_free(end_buf);
 
195
 
 
196
        wpa_hexdump_ascii(MSG_MSGDUMP, "EAP-TNC: Response", start, rlen);
 
197
 
 
198
        return resp;
 
199
}
 
200
 
 
201
 
 
202
int eap_peer_tnc_register(void)
 
203
{
 
204
        struct eap_method *eap;
 
205
        int ret;
 
206
 
 
207
        eap = eap_peer_method_alloc(EAP_PEER_METHOD_INTERFACE_VERSION,
 
208
                                    EAP_VENDOR_IETF, EAP_TYPE_TNC, "TNC");
 
209
        if (eap == NULL)
 
210
                return -1;
 
211
 
 
212
        eap->init = eap_tnc_init;
 
213
        eap->deinit = eap_tnc_deinit;
 
214
        eap->process = eap_tnc_process;
 
215
 
 
216
        ret = eap_peer_method_register(eap);
 
217
        if (ret)
 
218
                eap_peer_method_free(eap);
 
219
        return ret;
 
220
}