本文整理汇总了C++中eap_get_config_identity函数的典型用法代码示例。如果您正苦于以下问题:C++ eap_get_config_identity函数的具体用法?C++ eap_get_config_identity怎么用?C++ eap_get_config_identity使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了eap_get_config_identity函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C++代码示例。
示例1: eap_pwd_init
static void * eap_pwd_init(struct eap_sm *sm)
{
struct eap_pwd_data *data;
const u8 *identity, *password;
size_t identity_len, password_len;
password = eap_get_config_password(sm, &password_len);
if (password == NULL) {
wpa_printf(MSG_INFO, "EAP-PWD: No password configured!");
return NULL;
}
identity = eap_get_config_identity(sm, &identity_len);
if (identity == NULL) {
wpa_printf(MSG_INFO, "EAP-PWD: No identity configured!");
return NULL;
}
if ((data = os_zalloc(sizeof(*data))) == NULL) {
wpa_printf(MSG_INFO, "EAP-PWD: memory allocation data fail");
return NULL;
}
if ((data->bnctx = BN_CTX_new()) == NULL) {
wpa_printf(MSG_INFO, "EAP-PWD: bn context allocation fail");
os_free(data);
return NULL;
}
if ((data->id_peer = os_malloc(identity_len)) == NULL) {
wpa_printf(MSG_INFO, "EAP-PWD: memory allocation id fail");
BN_CTX_free(data->bnctx);
os_free(data);
return NULL;
}
os_memcpy(data->id_peer, identity, identity_len);
data->id_peer_len = identity_len;
if ((data->password = os_malloc(password_len)) == NULL) {
wpa_printf(MSG_INFO, "EAP-PWD: memory allocation psk fail");
BN_CTX_free(data->bnctx);
os_free(data->id_peer);
os_free(data);
return NULL;
}
os_memcpy(data->password, password, password_len);
data->password_len = password_len;
data->out_frag_pos = data->in_frag_pos = 0;
data->inbuf = data->outbuf = NULL;
data->mtu = 1020; /* default from RFC 5931, make it configurable! */
data->state = PWD_ID_Req;
return data;
}示例2: eap_mschapv2_challenge
/**
* eap_mschapv2_process - Process an EAP-MSCHAPv2 challenge message
* @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
* @data: Pointer to private EAP method data from eap_mschapv2_init()
* @ret: Return values from EAP request validation and processing
* @req: Pointer to EAP-MSCHAPv2 header from the request
* @req_len: Length of the EAP-MSCHAPv2 data
* @id: EAP identifier used in the request
* Returns: Pointer to allocated EAP response packet (eapRespData) or %NULL if
* no reply available
*/
static struct wpabuf * eap_mschapv2_challenge(
struct eap_sm *sm, struct eap_mschapv2_data *data,
struct eap_method_ret *ret, const struct eap_mschapv2_hdr *req,
size_t req_len, u8 id)
{
size_t len, challenge_len;
const u8 *pos, *challenge;
if (eap_get_config_identity(sm, &len) == NULL ||
eap_get_config_password(sm, &len) == NULL)
return NULL;
wpa_printf(MSG_DEBUG, "EAP-MSCHAPV2: Received challenge");
if (req_len < sizeof(*req) + 1) {
wpa_printf(MSG_INFO, "EAP-MSCHAPV2: Too short challenge data "
"(len %lu)", (unsigned long) req_len);
ret->ignore = TRUE;
return NULL;
}
pos = (const u8 *) (req + 1);
challenge_len = *pos++;
len = req_len - sizeof(*req) - 1;
if (challenge_len != MSCHAPV2_CHAL_LEN) {
wpa_printf(MSG_INFO, "EAP-MSCHAPV2: Invalid challenge length "
"%lu", (unsigned long) challenge_len);
ret->ignore = TRUE;
return NULL;
}
if (len < challenge_len) {
wpa_printf(MSG_INFO, "EAP-MSCHAPV2: Too short challenge"
" packet: len=%lu challenge_len=%lu",
(unsigned long) len, (unsigned long) challenge_len);
ret->ignore = TRUE;
return NULL;
}
if (data->passwd_change_challenge_valid) {
wpa_printf(MSG_DEBUG, "EAP-MSCHAPV2: Using challenge from the "
"failure message");
challenge = data->passwd_change_challenge;
} else
challenge = pos;
pos += challenge_len;
len -= challenge_len;
wpa_hexdump_ascii(MSG_DEBUG, "EAP-MSCHAPV2: Authentication Servername",
pos, len);
ret->ignore = FALSE;
ret->methodState = METHOD_MAY_CONT;
ret->decision = DECISION_FAIL;
ret->allowNotifications = TRUE;
return eap_mschapv2_challenge_reply(sm, data, id, req->mschapv2_id,
challenge);
}示例3: eap_sim_response_start
static u8 * eap_sim_response_start(struct eap_sm *sm,
struct eap_sim_data *data,
const struct eap_hdr *req,
size_t *respDataLen,
enum eap_sim_id_req id_req)
{
const u8 *identity = NULL;
size_t identity_len = 0;
struct eap_sim_msg *msg;
data->reauth = 0;
if (id_req == ANY_ID && data->reauth_id) {
identity = data->reauth_id;
identity_len = data->reauth_id_len;
data->reauth = 1;
} else if ((id_req == ANY_ID || id_req == FULLAUTH_ID) &&
data->pseudonym) {
identity = data->pseudonym;
identity_len = data->pseudonym_len;
eap_sim_clear_identities(data, CLEAR_REAUTH_ID);
} else if (id_req != NO_ID_REQ) {
identity = eap_get_config_identity(sm, &identity_len);
if (identity) {
eap_sim_clear_identities(data, CLEAR_PSEUDONYM |
CLEAR_REAUTH_ID);
}
}
if (id_req != NO_ID_REQ)
eap_sim_clear_identities(data, CLEAR_EAP_ID);
wpa_printf(MSG_DEBUG, "Generating EAP-SIM Start (id=%d)",
req->identifier);
msg = eap_sim_msg_init(EAP_CODE_RESPONSE, req->identifier,
EAP_TYPE_SIM, EAP_SIM_SUBTYPE_START);
if (!data->reauth) {
wpa_hexdump(MSG_DEBUG, " AT_NONCE_MT",
data->nonce_mt, EAP_SIM_NONCE_MT_LEN);
eap_sim_msg_add(msg, EAP_SIM_AT_NONCE_MT, 0,
data->nonce_mt, EAP_SIM_NONCE_MT_LEN);
wpa_printf(MSG_DEBUG, " AT_SELECTED_VERSION %d",
data->selected_version);
eap_sim_msg_add(msg, EAP_SIM_AT_SELECTED_VERSION,
data->selected_version, NULL, 0);
}
if (identity) {
wpa_hexdump_ascii(MSG_DEBUG, " AT_IDENTITY",
identity, identity_len);
eap_sim_msg_add(msg, EAP_SIM_AT_IDENTITY, identity_len,
identity, identity_len);
}
return eap_sim_msg_finish(msg, respDataLen, NULL, NULL, 0);
}示例4: eap_leap_process_success
static u8 * eap_leap_process_success(struct eap_sm *sm, void *priv,
struct eap_method_ret *ret,
const u8 *reqData, size_t *respDataLen)
{
struct eap_leap_data *data = priv;
const struct eap_hdr *req;
struct eap_hdr *resp;
u8 *pos;
const u8 *identity;
size_t identity_len;
wpa_printf(MSG_DEBUG, "EAP-LEAP: Processing EAP-Success");
identity = eap_get_config_identity(sm, &identity_len);
if (identity == NULL)
return NULL;
if (data->state != LEAP_WAIT_SUCCESS) {
wpa_printf(MSG_INFO, "EAP-LEAP: EAP-Success received in "
"unexpected state (%d) - ignored", data->state);
ret->ignore = TRUE;
return NULL;
}
req = (const struct eap_hdr *) reqData;
resp = eap_msg_alloc(EAP_VENDOR_IETF, EAP_TYPE_LEAP, respDataLen,
3 + LEAP_CHALLENGE_LEN + identity_len,
EAP_CODE_REQUEST, req->identifier, &pos);
if (resp == NULL)
return NULL;
*pos++ = LEAP_VERSION;
*pos++ = 0; /* unused */
*pos++ = LEAP_CHALLENGE_LEN;
if (hostapd_get_rand(pos, LEAP_CHALLENGE_LEN)) {
wpa_printf(MSG_WARNING, "EAP-LEAP: Failed to read random data "
"for challenge");
os_free(resp);
ret->ignore = TRUE;
return NULL;
}
os_memcpy(data->ap_challenge, pos, LEAP_CHALLENGE_LEN);
wpa_hexdump(MSG_MSGDUMP, "EAP-LEAP: Challenge to AP/AS", pos,
LEAP_CHALLENGE_LEN);
pos += LEAP_CHALLENGE_LEN;
os_memcpy(pos, identity, identity_len);
data->state = LEAP_WAIT_RESPONSE;
return (u8 *) resp;
}示例5: eap_gpsk_init
static void * eap_gpsk_init(struct eap_sm *sm)
{
struct eap_gpsk_data *data;
const u8 *identity, *password;
size_t identity_len, password_len;
const char *phase1;
password = eap_get_config_password(sm, &password_len);
if (password == NULL) {
wpa_printf(MSG_INFO, "EAP-GPSK: No key (password) configured");
return NULL;
}
data = os_zalloc(sizeof(*data));
if (data == NULL)
return NULL;
data->state = GPSK_1;
identity = eap_get_config_identity(sm, &identity_len);
if (identity) {
data->id_peer = os_malloc(identity_len);
if (data->id_peer == NULL) {
eap_gpsk_deinit(sm, data);
return NULL;
}
os_memcpy(data->id_peer, identity, identity_len);
data->id_peer_len = identity_len;
}
phase1 = eap_get_config_phase1(sm);
if (phase1) {
const char *pos;
pos = os_strstr(phase1, "cipher=");
if (pos) {
data->forced_cipher = atoi(pos + 7);
wpa_printf(MSG_DEBUG, "EAP-GPSK: Forced cipher %u",
data->forced_cipher);
}
}
data->psk = os_malloc(password_len);
if (data->psk == NULL) {
eap_gpsk_deinit(sm, data);
return NULL;
}
os_memcpy(data->psk, password, password_len);
data->psk_len = password_len;
return data;
}示例6: eap_ikev2_init
static void * eap_ikev2_init(struct eap_sm *sm)
{
struct eap_ikev2_data *data;
const u8 *identity, *password;
size_t identity_len, password_len;
int fragment_size;
identity = eap_get_config_identity(sm, &identity_len);
if (identity == NULL) {
wpa_printf(MSG_INFO, "EAP-IKEV2: No identity available");
return NULL;
}
data = os_zalloc(sizeof(*data));
if (data == NULL)
return NULL;
data->state = WAIT_START;
fragment_size = eap_get_config_fragment_size(sm);
if (fragment_size <= 0)
data->fragment_size = IKEV2_FRAGMENT_SIZE;
else
data->fragment_size = fragment_size;
data->ikev2.state = SA_INIT;
data->ikev2.peer_auth = PEER_AUTH_SECRET;
data->ikev2.key_pad = (u8 *) os_strdup("Key Pad for EAP-IKEv2");
if (data->ikev2.key_pad == NULL)
goto failed;
data->ikev2.key_pad_len = 21;
data->ikev2.IDr = os_malloc(identity_len);
if (data->ikev2.IDr == NULL)
goto failed;
os_memcpy(data->ikev2.IDr, identity, identity_len);
data->ikev2.IDr_len = identity_len;
password = eap_get_config_password(sm, &password_len);
if (password) {
data->ikev2.shared_secret = os_malloc(password_len);
if (data->ikev2.shared_secret == NULL)
goto failed;
os_memcpy(data->ikev2.shared_secret, password, password_len);
data->ikev2.shared_secret_len = password_len;
}
return data;
failed:
ikev2_responder_deinit(&data->ikev2);
os_free(data);
return NULL;
}示例7: eap_leap_process_success
static struct wpabuf * eap_leap_process_success(struct eap_sm *sm, void *priv,
struct eap_method_ret *ret,
const struct wpabuf *reqData)
{
struct eap_leap_data *data = priv;
struct wpabuf *resp;
u8 *pos;
const u8 *identity;
size_t identity_len;
wpa_printf(MSG_DEBUG, "EAP-LEAP: Processing EAP-Success");
identity = eap_get_config_identity(sm, &identity_len);
if (identity == NULL)
return NULL;
if (data->state != LEAP_WAIT_SUCCESS) {
wpa_printf(MSG_INFO, "EAP-LEAP: EAP-Success received in "
"unexpected state (%d) - ignored", data->state);
ret->ignore = TRUE;
return NULL;
}
resp = eap_msg_alloc(EAP_VENDOR_IETF, EAP_TYPE_LEAP,
3 + LEAP_CHALLENGE_LEN + identity_len,
EAP_CODE_REQUEST, eap_get_id(reqData));
if (resp == NULL)
return NULL;
wpabuf_put_u8(resp, LEAP_VERSION);
wpabuf_put_u8(resp, 0); /* unused */
wpabuf_put_u8(resp, LEAP_CHALLENGE_LEN);
pos = wpabuf_put(resp, LEAP_CHALLENGE_LEN);
if (random_get_bytes(pos, LEAP_CHALLENGE_LEN)) {
wpa_printf(MSG_WARNING, "EAP-LEAP: Failed to read random data "
"for challenge");
wpabuf_free(resp);
ret->ignore = TRUE;
return NULL;
}
os_memcpy(data->ap_challenge, pos, LEAP_CHALLENGE_LEN);
wpa_hexdump(MSG_MSGDUMP, "EAP-LEAP: Challenge to AP/AS", pos,
LEAP_CHALLENGE_LEN);
wpabuf_put_data(resp, identity, identity_len);
data->state = LEAP_WAIT_RESPONSE;
return resp;
}示例8: eap_mschapv2_check_config
static int eap_mschapv2_check_config(struct eap_sm *sm)
{
size_t len;
if (eap_get_config_identity(sm, &len) == NULL) {
wpa_printf(MSG_INFO, "EAP-MSCHAPV2: Identity not configured");
eap_sm_request_identity(sm);
return -1;
}
if (eap_get_config_password(sm, &len) == NULL) {
wpa_printf(MSG_INFO, "EAP-MSCHAPV2: Password not configured");
eap_sm_request_password(sm);
return -1;
}
return 0;
}示例9: eap_aka_response_identity
static u8 * eap_aka_response_identity(struct eap_sm *sm,
struct eap_aka_data *data,
const struct eap_hdr *req,
size_t *respDataLen,
enum eap_sim_id_req id_req)
{
const u8 *identity = NULL;
size_t identity_len = 0;
struct eap_sim_msg *msg;
data->reauth = 0;
if (id_req == ANY_ID && data->reauth_id) {
identity = data->reauth_id;
identity_len = data->reauth_id_len;
data->reauth = 1;
} else if ((id_req == ANY_ID || id_req == FULLAUTH_ID) &&
data->pseudonym) {
identity = data->pseudonym;
identity_len = data->pseudonym_len;
eap_aka_clear_identities(data, CLEAR_REAUTH_ID);
} else if (id_req != NO_ID_REQ) {
identity = eap_get_config_identity(sm, &identity_len);
if (identity) {
eap_aka_clear_identities(data, CLEAR_PSEUDONYM |
CLEAR_REAUTH_ID);
}
}
if (id_req != NO_ID_REQ)
eap_aka_clear_identities(data, CLEAR_EAP_ID);
wpa_printf(MSG_DEBUG, "Generating EAP-AKA Identity (id=%d)",
req->identifier);
msg = eap_sim_msg_init(EAP_CODE_RESPONSE, req->identifier,
EAP_TYPE_AKA, EAP_AKA_SUBTYPE_IDENTITY);
if (identity) {
wpa_hexdump_ascii(MSG_DEBUG, " AT_IDENTITY",
identity, identity_len);
eap_sim_msg_add(msg, EAP_SIM_AT_IDENTITY, identity_len,
identity, identity_len);
}
return eap_sim_msg_finish(msg, respDataLen, NULL, NULL, 0);
}示例10: eap_psk_init
static void * eap_psk_init(struct eap_sm *sm)
{
struct eap_psk_data *data;
const u8 *identity, *password;
size_t identity_len, password_len;
password = eap_get_config_password(sm, &password_len);
if (!password || password_len != 16) {
wpa_printf(MSG_INFO, "EAP-PSK: 16-octet pre-shared key not "
"configured");
return NULL;
}
data = os_zalloc(sizeof(*data));
if (data == NULL)
return NULL;
if (eap_psk_key_setup(password, data->ak, data->kdk)) {
os_free(data);
return NULL;
}
wpa_hexdump_key(MSG_DEBUG, "EAP-PSK: AK", data->ak, EAP_PSK_AK_LEN);
wpa_hexdump_key(MSG_DEBUG, "EAP-PSK: KDK", data->kdk, EAP_PSK_KDK_LEN);
data->state = PSK_INIT;
identity = eap_get_config_identity(sm, &identity_len);
if (identity) {
data->id_p = os_malloc(identity_len);
if (data->id_p)
os_memcpy(data->id_p, identity, identity_len);
data->id_p_len = identity_len;
}
if (data->id_p == NULL) {
wpa_printf(MSG_INFO, "EAP-PSK: could not get own identity");
os_free(data);
return NULL;
}
return data;
}示例11: eap_sake_init
static void * eap_sake_init(struct eap_sm *sm)
{
struct eap_sake_data *data;
const u8 *identity, *password;
size_t identity_len, password_len;
password = eap_get_config_password(sm, &password_len);
if (!password || password_len != 2 * EAP_SAKE_ROOT_SECRET_LEN) {
wpa_printf(MSG_INFO, "EAP-SAKE: No key of correct length "
"configured");
return NULL;
}
data = os_zalloc(sizeof(*data));
if (data == NULL)
return NULL;
data->state = IDENTITY;
identity = eap_get_config_identity(sm, &identity_len);
if (identity) {
data->peerid = os_malloc(identity_len);
if (data->peerid == NULL) {
eap_sake_deinit(sm, data);
return NULL;
}
os_memcpy(data->peerid, identity, identity_len);
data->peerid_len = identity_len;
}
os_memcpy(data->root_secret_a, password, EAP_SAKE_ROOT_SECRET_LEN);
os_memcpy(data->root_secret_b,
password + EAP_SAKE_ROOT_SECRET_LEN,
EAP_SAKE_ROOT_SECRET_LEN);
return data;
}示例12: eap_pax_init
static void * eap_pax_init(struct eap_sm *sm)
{
struct eap_pax_data *data;
const u8 *identity, *password;
size_t identity_len, password_len;
identity = eap_get_config_identity(sm, &identity_len);
password = eap_get_config_password(sm, &password_len);
if (!identity || !password) {
wpa_printf(MSG_INFO, "EAP-PAX: CID (nai) or key (password) "
"not configured");
return NULL;
}
if (password_len != EAP_PAX_AK_LEN) {
wpa_printf(MSG_INFO, "EAP-PAX: Invalid PSK length");
return NULL;
}
data = os_zalloc(sizeof(*data));
if (data == NULL)
return NULL;
data->state = PAX_INIT;
data->cid = os_malloc(identity_len);
if (data->cid == NULL) {
eap_pax_deinit(sm, data);
return NULL;
}
os_memcpy(data->cid, identity, identity_len);
data->cid_len = identity_len;
os_memcpy(data->ak, password, EAP_PAX_AK_LEN);
return data;
}示例13: eap_sim_process
static u8 * eap_sim_process(struct eap_sm *sm, void *priv,
struct eap_method_ret *ret,
const u8 *reqData, size_t reqDataLen,
size_t *respDataLen)
{
struct eap_sim_data *data = priv;
const struct eap_hdr *req;
u8 subtype, *res;
const u8 *pos;
struct eap_sim_attrs attr;
size_t len;
wpa_hexdump(MSG_DEBUG, "EAP-SIM: EAP data", reqData, reqDataLen);
if (eap_get_config_identity(sm, &len) == NULL) {
wpa_printf(MSG_INFO, "EAP-SIM: Identity not configured");
eap_sm_request_identity(sm);
ret->ignore = TRUE;
return NULL;
}
pos = eap_hdr_validate(EAP_VENDOR_IETF, EAP_TYPE_SIM,
reqData, reqDataLen, &len);
if (pos == NULL || len < 1) {
ret->ignore = TRUE;
return NULL;
}
req = (const struct eap_hdr *) reqData;
len = be_to_host16(req->length);
ret->ignore = FALSE;
ret->methodState = METHOD_MAY_CONT;
ret->decision = DECISION_FAIL;
ret->allowNotifications = TRUE;
subtype = *pos++;
wpa_printf(MSG_DEBUG, "EAP-SIM: Subtype=%d", subtype);
pos += 2; /* Reserved */
if (eap_sim_parse_attr(pos, reqData + len, &attr, 0, 0)) {
res = eap_sim_client_error(data, req, respDataLen,
EAP_SIM_UNABLE_TO_PROCESS_PACKET);
goto done;
}
switch (subtype) {
case EAP_SIM_SUBTYPE_START:
res = eap_sim_process_start(sm, data, req,
respDataLen, &attr);
break;
case EAP_SIM_SUBTYPE_CHALLENGE:
res = eap_sim_process_challenge(sm, data, req, len,
respDataLen, &attr);
break;
case EAP_SIM_SUBTYPE_NOTIFICATION:
res = eap_sim_process_notification(sm, data, req, len,
respDataLen, &attr);
break;
case EAP_SIM_SUBTYPE_REAUTHENTICATION:
res = eap_sim_process_reauthentication(sm, data, req, len,
respDataLen, &attr);
break;
case EAP_SIM_SUBTYPE_CLIENT_ERROR:
wpa_printf(MSG_DEBUG, "EAP-SIM: subtype Client-Error");
res = eap_sim_client_error(data, req, respDataLen,
EAP_SIM_UNABLE_TO_PROCESS_PACKET);
break;
default:
wpa_printf(MSG_DEBUG, "EAP-SIM: Unknown subtype=%d", subtype);
res = eap_sim_client_error(data, req, respDataLen,
EAP_SIM_UNABLE_TO_PROCESS_PACKET);
break;
}
done:
if (data->state == FAILURE) {
ret->decision = DECISION_FAIL;
ret->methodState = METHOD_DONE;
} else if (data->state == SUCCESS) {
ret->decision = DECISION_COND_SUCC;
ret->methodState = METHOD_DONE;
}
if (ret->methodState == METHOD_DONE) {
ret->allowNotifications = FALSE;
}
return res;
}示例14: eap_sim_process_challenge
static struct wpabuf * eap_sim_process_challenge(struct eap_sm *sm,
struct eap_sim_data *data,
u8 id,
const struct wpabuf *reqData,
struct eap_sim_attrs *attr)
{
const u8 *identity;
size_t identity_len;
struct eap_sim_attrs eattr;
wpa_printf(MSG_DEBUG, "EAP-SIM: subtype Challenge");
data->reauth = 0;
if (!attr->mac || !attr->rand) {
wpa_printf(MSG_WARNING, "EAP-SIM: Challenge message "
"did not include%s%s",
!attr->mac ? " AT_MAC" : "",
!attr->rand ? " AT_RAND" : "");
return eap_sim_client_error(data, id,
EAP_SIM_UNABLE_TO_PROCESS_PACKET);
}
wpa_printf(MSG_DEBUG, "EAP-SIM: %lu challenges",
(unsigned long) attr->num_chal);
if (attr->num_chal < data->min_num_chal) {
wpa_printf(MSG_INFO, "EAP-SIM: Insufficient number of "
"challenges (%lu)", (unsigned long) attr->num_chal);
return eap_sim_client_error(data, id,
EAP_SIM_INSUFFICIENT_NUM_OF_CHAL);
}
if (attr->num_chal > 3) {
wpa_printf(MSG_INFO, "EAP-SIM: Too many challenges "
"(%lu)", (unsigned long) attr->num_chal);
return eap_sim_client_error(data, id,
EAP_SIM_UNABLE_TO_PROCESS_PACKET);
}
/* Verify that RANDs are different */
if (os_memcmp(attr->rand, attr->rand + GSM_RAND_LEN,
GSM_RAND_LEN) == 0 ||
(attr->num_chal > 2 &&
(os_memcmp(attr->rand, attr->rand + 2 * GSM_RAND_LEN,
GSM_RAND_LEN) == 0 ||
os_memcmp(attr->rand + GSM_RAND_LEN,
attr->rand + 2 * GSM_RAND_LEN,
GSM_RAND_LEN) == 0))) {
wpa_printf(MSG_INFO, "EAP-SIM: Same RAND used multiple times");
return eap_sim_client_error(data, id,
EAP_SIM_RAND_NOT_FRESH);
}
os_memcpy(data->rand, attr->rand, attr->num_chal * GSM_RAND_LEN);
data->num_chal = attr->num_chal;
if (eap_sim_gsm_auth(sm, data)) {
wpa_printf(MSG_WARNING, "EAP-SIM: GSM authentication failed");
return eap_sim_client_error(data, id,
EAP_SIM_UNABLE_TO_PROCESS_PACKET);
}
if (data->last_eap_identity) {
identity = data->last_eap_identity;
identity_len = data->last_eap_identity_len;
} else if (data->pseudonym) {
identity = data->pseudonym;
identity_len = data->pseudonym_len;
} else
identity = eap_get_config_identity(sm, &identity_len);
wpa_hexdump_ascii(MSG_DEBUG, "EAP-SIM: Selected identity for MK "
"derivation", identity, identity_len);
eap_sim_derive_mk(identity, identity_len, data->nonce_mt,
data->selected_version, data->ver_list,
data->ver_list_len, data->num_chal,
(const u8 *) data->kc, data->mk);
eap_sim_derive_keys(data->mk, data->k_encr, data->k_aut, data->msk,
data->emsk);
if (eap_sim_verify_mac(data->k_aut, reqData, attr->mac, data->nonce_mt,
EAP_SIM_NONCE_MT_LEN)) {
wpa_printf(MSG_WARNING, "EAP-SIM: Challenge message "
"used invalid AT_MAC");
return eap_sim_client_error(data, id,
EAP_SIM_UNABLE_TO_PROCESS_PACKET);
}
/* Old reauthentication identity must not be used anymore. In
* other words, if no new reauth identity is received, full
* authentication will be used on next reauthentication (using
* pseudonym identity or permanent identity). */
eap_sim_clear_identities(data, CLEAR_REAUTH_ID | CLEAR_EAP_ID);
if (attr->encr_data) {
u8 *decrypted;
decrypted = eap_sim_parse_encr(data->k_encr, attr->encr_data,
attr->encr_data_len, attr->iv,
&eattr, 0);
if (decrypted == NULL) {
return eap_sim_client_error(
data, id, EAP_SIM_UNABLE_TO_PROCESS_PACKET);
}
eap_sim_learn_ids(sm, data, &eattr);
os_free(decrypted);
}
//.........这里部分代码省略.........
示例15: eap_wsc_init
static void * eap_wsc_init(struct eap_sm *sm)
{
struct eap_wsc_data *data;
const u8 *identity;
size_t identity_len;
int registrar;
struct wps_config cfg;
const char *pos;
const char *phase1;
struct wps_context *wps;
struct wps_credential new_ap_settings;
int res;
wps = sm->wps;
if (wps == NULL) {
wpa_printf(MSG_ERROR, "EAP-WSC: WPS context not available");
return NULL;
}
identity = eap_get_config_identity(sm, &identity_len);
if (identity && identity_len == WSC_ID_REGISTRAR_LEN &&
os_memcmp(identity, WSC_ID_REGISTRAR, WSC_ID_REGISTRAR_LEN) == 0)
registrar = 1; /* Supplicant is Registrar */
else if (identity && identity_len == WSC_ID_ENROLLEE_LEN &&
os_memcmp(identity, WSC_ID_ENROLLEE, WSC_ID_ENROLLEE_LEN) == 0)
registrar = 0; /* Supplicant is Enrollee */
else {
wpa_hexdump_ascii(MSG_INFO, "EAP-WSC: Unexpected identity",
identity, identity_len);
return NULL;
}
data = os_zalloc(sizeof(*data));
if (data == NULL)
return NULL;
data->state = registrar ? MESG : WAIT_START;
data->registrar = registrar;
data->wps_ctx = wps;
os_memset(&cfg, 0, sizeof(cfg));
cfg.wps = wps;
cfg.registrar = registrar;
phase1 = eap_get_config_phase1(sm);
if (phase1 == NULL) {
wpa_printf(MSG_INFO, "EAP-WSC: phase1 configuration data not "
"set");
os_free(data);
return NULL;
}
pos = os_strstr(phase1, "pin=");
if (pos) {
pos += 4;
cfg.pin = (const u8 *) pos;
while (*pos != '\0' && *pos != ' ')
pos++;
cfg.pin_len = pos - (const char *) cfg.pin;
} else {
pos = os_strstr(phase1, "pbc=1");
if (pos)
cfg.pbc = 1;
}
if (cfg.pin == NULL && !cfg.pbc) {
wpa_printf(MSG_INFO, "EAP-WSC: PIN or PBC not set in phase1 "
"configuration data");
os_free(data);
return NULL;
}
pos = os_strstr(phase1, "dev_pw_id=");
if (pos && cfg.pin)
cfg.dev_pw_id = atoi(pos + 10);
res = eap_wsc_new_ap_settings(&new_ap_settings, phase1);
if (res < 0) {
os_free(data);
return NULL;
}
if (res == 1) {
wpa_printf(MSG_DEBUG, "EAP-WSC: Provide new AP settings for "
"WPS");
cfg.new_ap_settings = &new_ap_settings;
}
data->wps = wps_init(&cfg);
if (data->wps == NULL) {
os_free(data);
return NULL;
}
res = eap_get_config_fragment_size(sm);
if (res > 0)
data->fragment_size = res;
else
data->fragment_size = WSC_FRAGMENT_SIZE;
wpa_printf(MSG_DEBUG, "EAP-WSC: Fragment size limit %u",
(unsigned int) data->fragment_size);
//.........这里部分代码省略.........