Rename EAP server defines from EAP_* to EAP_SERVER_*
This allows separate set of EAP server and peer methods to be built into a single binary.
This commit is contained in:
parent
1581b38b67
commit
1e5839e06f
19 changed files with 145 additions and 145 deletions
|
@ -201,19 +201,19 @@ endif
|
||||||
|
|
||||||
|
|
||||||
ifdef CONFIG_EAP_MD5
|
ifdef CONFIG_EAP_MD5
|
||||||
CFLAGS += -DEAP_MD5
|
CFLAGS += -DEAP_SERVER_MD5
|
||||||
OBJS += ../src/eap_server/eap_md5.o
|
OBJS += ../src/eap_server/eap_md5.o
|
||||||
CHAP=y
|
CHAP=y
|
||||||
endif
|
endif
|
||||||
|
|
||||||
ifdef CONFIG_EAP_TLS
|
ifdef CONFIG_EAP_TLS
|
||||||
CFLAGS += -DEAP_TLS
|
CFLAGS += -DEAP_SERVER_TLS
|
||||||
OBJS += ../src/eap_server/eap_tls.o
|
OBJS += ../src/eap_server/eap_tls.o
|
||||||
TLS_FUNCS=y
|
TLS_FUNCS=y
|
||||||
endif
|
endif
|
||||||
|
|
||||||
ifdef CONFIG_EAP_PEAP
|
ifdef CONFIG_EAP_PEAP
|
||||||
CFLAGS += -DEAP_PEAP
|
CFLAGS += -DEAP_SERVER_PEAP
|
||||||
OBJS += ../src/eap_server/eap_peap.o
|
OBJS += ../src/eap_server/eap_peap.o
|
||||||
OBJS += ../src/eap_common/eap_peap_common.o
|
OBJS += ../src/eap_common/eap_peap_common.o
|
||||||
TLS_FUNCS=y
|
TLS_FUNCS=y
|
||||||
|
@ -221,37 +221,37 @@ CONFIG_EAP_MSCHAPV2=y
|
||||||
endif
|
endif
|
||||||
|
|
||||||
ifdef CONFIG_EAP_TTLS
|
ifdef CONFIG_EAP_TTLS
|
||||||
CFLAGS += -DEAP_TTLS
|
CFLAGS += -DEAP_SERVER_TTLS
|
||||||
OBJS += ../src/eap_server/eap_ttls.o
|
OBJS += ../src/eap_server/eap_ttls.o
|
||||||
TLS_FUNCS=y
|
TLS_FUNCS=y
|
||||||
CHAP=y
|
CHAP=y
|
||||||
endif
|
endif
|
||||||
|
|
||||||
ifdef CONFIG_EAP_MSCHAPV2
|
ifdef CONFIG_EAP_MSCHAPV2
|
||||||
CFLAGS += -DEAP_MSCHAPv2
|
CFLAGS += -DEAP_SERVER_MSCHAPV2
|
||||||
OBJS += ../src/eap_server/eap_mschapv2.o
|
OBJS += ../src/eap_server/eap_mschapv2.o
|
||||||
MS_FUNCS=y
|
MS_FUNCS=y
|
||||||
endif
|
endif
|
||||||
|
|
||||||
ifdef CONFIG_EAP_GTC
|
ifdef CONFIG_EAP_GTC
|
||||||
CFLAGS += -DEAP_GTC
|
CFLAGS += -DEAP_SERVER_GTC
|
||||||
OBJS += ../src/eap_server/eap_gtc.o
|
OBJS += ../src/eap_server/eap_gtc.o
|
||||||
endif
|
endif
|
||||||
|
|
||||||
ifdef CONFIG_EAP_SIM
|
ifdef CONFIG_EAP_SIM
|
||||||
CFLAGS += -DEAP_SIM
|
CFLAGS += -DEAP_SERVER_SIM
|
||||||
OBJS += ../src/eap_server/eap_sim.o
|
OBJS += ../src/eap_server/eap_sim.o
|
||||||
CONFIG_EAP_SIM_COMMON=y
|
CONFIG_EAP_SIM_COMMON=y
|
||||||
endif
|
endif
|
||||||
|
|
||||||
ifdef CONFIG_EAP_AKA
|
ifdef CONFIG_EAP_AKA
|
||||||
CFLAGS += -DEAP_AKA
|
CFLAGS += -DEAP_SERVER_AKA
|
||||||
OBJS += ../src/eap_server/eap_aka.o
|
OBJS += ../src/eap_server/eap_aka.o
|
||||||
CONFIG_EAP_SIM_COMMON=y
|
CONFIG_EAP_SIM_COMMON=y
|
||||||
endif
|
endif
|
||||||
|
|
||||||
ifdef CONFIG_EAP_AKA_PRIME
|
ifdef CONFIG_EAP_AKA_PRIME
|
||||||
CFLAGS += -DEAP_AKA_PRIME
|
CFLAGS += -DEAP_SERVER_AKA_PRIME
|
||||||
endif
|
endif
|
||||||
|
|
||||||
ifdef CONFIG_EAP_SIM_COMMON
|
ifdef CONFIG_EAP_SIM_COMMON
|
||||||
|
@ -264,36 +264,36 @@ NEED_FIPS186_2_PRF=y
|
||||||
endif
|
endif
|
||||||
|
|
||||||
ifdef CONFIG_EAP_PAX
|
ifdef CONFIG_EAP_PAX
|
||||||
CFLAGS += -DEAP_PAX
|
CFLAGS += -DEAP_SERVER_PAX
|
||||||
OBJS += ../src/eap_server/eap_pax.o ../src/eap_common/eap_pax_common.o
|
OBJS += ../src/eap_server/eap_pax.o ../src/eap_common/eap_pax_common.o
|
||||||
endif
|
endif
|
||||||
|
|
||||||
ifdef CONFIG_EAP_PSK
|
ifdef CONFIG_EAP_PSK
|
||||||
CFLAGS += -DEAP_PSK
|
CFLAGS += -DEAP_SERVER_PSK
|
||||||
OBJS += ../src/eap_server/eap_psk.o ../src/eap_common/eap_psk_common.o
|
OBJS += ../src/eap_server/eap_psk.o ../src/eap_common/eap_psk_common.o
|
||||||
endif
|
endif
|
||||||
|
|
||||||
ifdef CONFIG_EAP_SAKE
|
ifdef CONFIG_EAP_SAKE
|
||||||
CFLAGS += -DEAP_SAKE
|
CFLAGS += -DEAP_SERVER_SAKE
|
||||||
OBJS += ../src/eap_server/eap_sake.o ../src/eap_common/eap_sake_common.o
|
OBJS += ../src/eap_server/eap_sake.o ../src/eap_common/eap_sake_common.o
|
||||||
endif
|
endif
|
||||||
|
|
||||||
ifdef CONFIG_EAP_GPSK
|
ifdef CONFIG_EAP_GPSK
|
||||||
CFLAGS += -DEAP_GPSK
|
CFLAGS += -DEAP_SERVER_GPSK
|
||||||
OBJS += ../src/eap_server/eap_gpsk.o ../src/eap_common/eap_gpsk_common.o
|
OBJS += ../src/eap_server/eap_gpsk.o ../src/eap_common/eap_gpsk_common.o
|
||||||
ifdef CONFIG_EAP_GPSK_SHA256
|
ifdef CONFIG_EAP_GPSK_SHA256
|
||||||
CFLAGS += -DEAP_GPSK_SHA256
|
CFLAGS += -DEAP_SERVER_GPSK_SHA256
|
||||||
endif
|
endif
|
||||||
NEED_SHA256=y
|
NEED_SHA256=y
|
||||||
endif
|
endif
|
||||||
|
|
||||||
ifdef CONFIG_EAP_VENDOR_TEST
|
ifdef CONFIG_EAP_VENDOR_TEST
|
||||||
CFLAGS += -DEAP_VENDOR_TEST
|
CFLAGS += -DEAP_SERVER_VENDOR_TEST
|
||||||
OBJS += ../src/eap_server/eap_vendor_test.o
|
OBJS += ../src/eap_server/eap_vendor_test.o
|
||||||
endif
|
endif
|
||||||
|
|
||||||
ifdef CONFIG_EAP_FAST
|
ifdef CONFIG_EAP_FAST
|
||||||
CFLAGS += -DEAP_FAST
|
CFLAGS += -DEAP_SERVER_FAST
|
||||||
OBJS += ../src/eap_server/eap_fast.o
|
OBJS += ../src/eap_server/eap_fast.o
|
||||||
OBJS += ../src/eap_common/eap_fast_common.o
|
OBJS += ../src/eap_common/eap_fast_common.o
|
||||||
TLS_FUNCS=y
|
TLS_FUNCS=y
|
||||||
|
@ -301,7 +301,7 @@ NEED_T_PRF=y
|
||||||
endif
|
endif
|
||||||
|
|
||||||
ifdef CONFIG_WPS
|
ifdef CONFIG_WPS
|
||||||
CFLAGS += -DCONFIG_WPS -DEAP_WSC
|
CFLAGS += -DCONFIG_WPS -DEAP_SERVER_WSC
|
||||||
OBJS += ../src/utils/uuid.o
|
OBJS += ../src/utils/uuid.o
|
||||||
OBJS += wps_hostapd.o
|
OBJS += wps_hostapd.o
|
||||||
OBJS += ../src/eap_server/eap_wsc.o ../src/eap_common/eap_wsc_common.o
|
OBJS += ../src/eap_server/eap_wsc.o ../src/eap_common/eap_wsc_common.o
|
||||||
|
@ -355,14 +355,14 @@ endif
|
||||||
endif
|
endif
|
||||||
|
|
||||||
ifdef CONFIG_EAP_IKEV2
|
ifdef CONFIG_EAP_IKEV2
|
||||||
CFLAGS += -DEAP_IKEV2
|
CFLAGS += -DEAP_SERVER_IKEV2
|
||||||
OBJS += ../src/eap_server/eap_ikev2.o ../src/eap_server/ikev2.o
|
OBJS += ../src/eap_server/eap_ikev2.o ../src/eap_server/ikev2.o
|
||||||
OBJS += ../src/eap_common/eap_ikev2_common.o ../src/eap_common/ikev2_common.o
|
OBJS += ../src/eap_common/eap_ikev2_common.o ../src/eap_common/ikev2_common.o
|
||||||
NEED_DH_GROUPS=y
|
NEED_DH_GROUPS=y
|
||||||
endif
|
endif
|
||||||
|
|
||||||
ifdef CONFIG_EAP_TNC
|
ifdef CONFIG_EAP_TNC
|
||||||
CFLAGS += -DEAP_TNC
|
CFLAGS += -DEAP_SERVER_TNC
|
||||||
OBJS += ../src/eap_server/eap_tnc.o
|
OBJS += ../src/eap_server/eap_tnc.o
|
||||||
OBJS += ../src/eap_server/tncs.o
|
OBJS += ../src/eap_server/tncs.o
|
||||||
NEED_BASE64=y
|
NEED_BASE64=y
|
||||||
|
|
|
@ -189,12 +189,12 @@ static void hostapd_config_defaults_bss(struct hostapd_bss_config *bss)
|
||||||
bss->assoc_sa_query_max_timeout = 1000;
|
bss->assoc_sa_query_max_timeout = 1000;
|
||||||
bss->assoc_sa_query_retry_timeout = 201;
|
bss->assoc_sa_query_retry_timeout = 201;
|
||||||
#endif /* CONFIG_IEEE80211W */
|
#endif /* CONFIG_IEEE80211W */
|
||||||
#ifdef EAP_FAST
|
#ifdef EAP_SERVER_FAST
|
||||||
/* both anonymous and authenticated provisioning */
|
/* both anonymous and authenticated provisioning */
|
||||||
bss->eap_fast_prov = 3;
|
bss->eap_fast_prov = 3;
|
||||||
bss->pac_key_lifetime = 7 * 24 * 60 * 60;
|
bss->pac_key_lifetime = 7 * 24 * 60 * 60;
|
||||||
bss->pac_key_refresh_time = 1 * 24 * 60 * 60;
|
bss->pac_key_refresh_time = 1 * 24 * 60 * 60;
|
||||||
#endif /* EAP_FAST */
|
#endif /* EAP_SERVER_FAST */
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@ -1573,7 +1573,7 @@ struct hostapd_config * hostapd_config_read(const char *fname)
|
||||||
} else if (os_strcmp(buf, "dh_file") == 0) {
|
} else if (os_strcmp(buf, "dh_file") == 0) {
|
||||||
os_free(bss->dh_file);
|
os_free(bss->dh_file);
|
||||||
bss->dh_file = os_strdup(pos);
|
bss->dh_file = os_strdup(pos);
|
||||||
#ifdef EAP_FAST
|
#ifdef EAP_SERVER_FAST
|
||||||
} else if (os_strcmp(buf, "pac_opaque_encr_key") == 0) {
|
} else if (os_strcmp(buf, "pac_opaque_encr_key") == 0) {
|
||||||
os_free(bss->pac_opaque_encr_key);
|
os_free(bss->pac_opaque_encr_key);
|
||||||
bss->pac_opaque_encr_key = os_malloc(16);
|
bss->pac_opaque_encr_key = os_malloc(16);
|
||||||
|
@ -1615,18 +1615,18 @@ struct hostapd_config * hostapd_config_read(const char *fname)
|
||||||
bss->pac_key_lifetime = atoi(pos);
|
bss->pac_key_lifetime = atoi(pos);
|
||||||
} else if (os_strcmp(buf, "pac_key_refresh_time") == 0) {
|
} else if (os_strcmp(buf, "pac_key_refresh_time") == 0) {
|
||||||
bss->pac_key_refresh_time = atoi(pos);
|
bss->pac_key_refresh_time = atoi(pos);
|
||||||
#endif /* EAP_FAST */
|
#endif /* EAP_SERVER_FAST */
|
||||||
#ifdef EAP_SIM
|
#ifdef EAP_SERVER_SIM
|
||||||
} else if (os_strcmp(buf, "eap_sim_db") == 0) {
|
} else if (os_strcmp(buf, "eap_sim_db") == 0) {
|
||||||
os_free(bss->eap_sim_db);
|
os_free(bss->eap_sim_db);
|
||||||
bss->eap_sim_db = os_strdup(pos);
|
bss->eap_sim_db = os_strdup(pos);
|
||||||
} else if (os_strcmp(buf, "eap_sim_aka_result_ind") == 0) {
|
} else if (os_strcmp(buf, "eap_sim_aka_result_ind") == 0) {
|
||||||
bss->eap_sim_aka_result_ind = atoi(pos);
|
bss->eap_sim_aka_result_ind = atoi(pos);
|
||||||
#endif /* EAP_SIM */
|
#endif /* EAP_SERVER_SIM */
|
||||||
#ifdef EAP_TNC
|
#ifdef EAP_SERVER_TNC
|
||||||
} else if (os_strcmp(buf, "tnc") == 0) {
|
} else if (os_strcmp(buf, "tnc") == 0) {
|
||||||
bss->tnc = atoi(pos);
|
bss->tnc = atoi(pos);
|
||||||
#endif /* EAP_TNC */
|
#endif /* EAP_SERVER_TNC */
|
||||||
#endif /* EAP_SERVER */
|
#endif /* EAP_SERVER */
|
||||||
} else if (os_strcmp(buf, "eap_message") == 0) {
|
} else if (os_strcmp(buf, "eap_message") == 0) {
|
||||||
char *term;
|
char *term;
|
||||||
|
|
|
@ -1834,9 +1834,9 @@ static int hostapd_global_init(struct hapd_interfaces *interfaces)
|
||||||
|
|
||||||
static void hostapd_global_deinit(const char *pid_file)
|
static void hostapd_global_deinit(const char *pid_file)
|
||||||
{
|
{
|
||||||
#ifdef EAP_TNC
|
#ifdef EAP_SERVER_TNC
|
||||||
tncs_global_deinit();
|
tncs_global_deinit();
|
||||||
#endif /* EAP_TNC */
|
#endif /* EAP_SERVER_TNC */
|
||||||
|
|
||||||
eloop_destroy();
|
eloop_destroy();
|
||||||
|
|
||||||
|
@ -1900,7 +1900,7 @@ static struct hostapd_iface * hostapd_interface_init(const char *config_fname,
|
||||||
static int hostapd_global_run(struct hapd_interfaces *ifaces, int daemonize,
|
static int hostapd_global_run(struct hapd_interfaces *ifaces, int daemonize,
|
||||||
const char *pid_file)
|
const char *pid_file)
|
||||||
{
|
{
|
||||||
#ifdef EAP_TNC
|
#ifdef EAP_SERVER_TNC
|
||||||
int tnc = 0;
|
int tnc = 0;
|
||||||
size_t i, k;
|
size_t i, k;
|
||||||
|
|
||||||
|
@ -1917,7 +1917,7 @@ static int hostapd_global_run(struct hapd_interfaces *ifaces, int daemonize,
|
||||||
wpa_printf(MSG_ERROR, "Failed to initialize TNCS");
|
wpa_printf(MSG_ERROR, "Failed to initialize TNCS");
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
#endif /* EAP_TNC */
|
#endif /* EAP_SERVER_TNC */
|
||||||
|
|
||||||
if (daemonize && os_daemonize(pid_file)) {
|
if (daemonize && os_daemonize(pid_file)) {
|
||||||
perror("daemon");
|
perror("daemon");
|
||||||
|
|
|
@ -791,7 +791,7 @@ void crypto_global_deinit(void)
|
||||||
#endif /* CONFIG_TLS_INTERNAL */
|
#endif /* CONFIG_TLS_INTERNAL */
|
||||||
|
|
||||||
|
|
||||||
#if defined(EAP_FAST) || defined(CONFIG_WPS)
|
#if defined(EAP_FAST) || defined(EAP_SERVER_FAST) || defined(CONFIG_WPS)
|
||||||
|
|
||||||
int crypto_mod_exp(const u8 *base, size_t base_len,
|
int crypto_mod_exp(const u8 *base, size_t base_len,
|
||||||
const u8 *power, size_t power_len,
|
const u8 *power, size_t power_len,
|
||||||
|
@ -828,7 +828,7 @@ error:
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
#endif /* EAP_FAST || CONFIG_WPS */
|
#endif /* EAP_FAST || EAP_SERVER_FAST || CONFIG_WPS */
|
||||||
|
|
||||||
|
|
||||||
#endif /* CONFIG_CRYPTO_INTERNAL */
|
#endif /* CONFIG_CRYPTO_INTERNAL */
|
||||||
|
|
|
@ -697,7 +697,7 @@ void crypto_global_deinit(void)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
#ifdef EAP_FAST
|
#if defined(EAP_FAST) || defined(EAP_SERVER_FAST)
|
||||||
|
|
||||||
int crypto_mod_exp(const u8 *base, size_t base_len,
|
int crypto_mod_exp(const u8 *base, size_t base_len,
|
||||||
const u8 *power, size_t power_len,
|
const u8 *power, size_t power_len,
|
||||||
|
@ -729,7 +729,7 @@ fail:
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
#endif /* EAP_FAST */
|
#endif /* EAP_FAST || EAP_SERVER_FAST */
|
||||||
|
|
||||||
#endif /* CONFIG_TLS_INTERNAL */
|
#endif /* CONFIG_TLS_INTERNAL */
|
||||||
|
|
||||||
|
|
|
@ -2339,7 +2339,7 @@ int tls_connection_enable_workaround(void *ssl_ctx,
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
#if defined(EAP_FAST) || defined(EAP_FAST_DYNAMIC)
|
#if defined(EAP_FAST) || defined(EAP_FAST_DYNAMIC) || defined(EAP_SERVER_FAST)
|
||||||
/* ClientHello TLS extensions require a patch to openssl, so this function is
|
/* ClientHello TLS extensions require a patch to openssl, so this function is
|
||||||
* commented out unless explicitly needed for EAP-FAST in order to be able to
|
* commented out unless explicitly needed for EAP-FAST in order to be able to
|
||||||
* build this file with unmodified openssl. */
|
* build this file with unmodified openssl. */
|
||||||
|
@ -2362,7 +2362,7 @@ int tls_connection_client_hello_ext(void *ssl_ctx, struct tls_connection *conn,
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
#endif /* EAP_FAST || EAP_FAST_DYNAMIC */
|
#endif /* EAP_FAST || EAP_FAST_DYNAMIC || EAP_SERVER_FAST */
|
||||||
|
|
||||||
|
|
||||||
int tls_connection_get_failed(void *ssl_ctx, struct tls_connection *conn)
|
int tls_connection_get_failed(void *ssl_ctx, struct tls_connection *conn)
|
||||||
|
@ -2553,7 +2553,7 @@ int tls_connection_ia_permute_inner_secret(void *tls_ctx,
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
#if defined(EAP_FAST) || defined(EAP_FAST_DYNAMIC)
|
#if defined(EAP_FAST) || defined(EAP_FAST_DYNAMIC) || defined(EAP_SERVER_FAST)
|
||||||
/* Pre-shared secred requires a patch to openssl, so this function is
|
/* Pre-shared secred requires a patch to openssl, so this function is
|
||||||
* commented out unless explicitly needed for EAP-FAST in order to be able to
|
* commented out unless explicitly needed for EAP-FAST in order to be able to
|
||||||
* build this file with unmodified openssl. */
|
* build this file with unmodified openssl. */
|
||||||
|
@ -2666,7 +2666,7 @@ static int tls_hello_ext_cb(SSL *s, TLS_EXTENSION *ext, void *arg)
|
||||||
}
|
}
|
||||||
#endif /* SSL_OP_NO_TICKET */
|
#endif /* SSL_OP_NO_TICKET */
|
||||||
#endif /* CONFIG_OPENSSL_TICKET_OVERRIDE */
|
#endif /* CONFIG_OPENSSL_TICKET_OVERRIDE */
|
||||||
#endif /* EAP_FAST || EAP_FAST_DYNAMIC */
|
#endif /* EAP_FAST || EAP_FAST_DYNAMIC || EAP_SERVER_FAST */
|
||||||
|
|
||||||
|
|
||||||
int tls_connection_set_session_ticket_cb(void *tls_ctx,
|
int tls_connection_set_session_ticket_cb(void *tls_ctx,
|
||||||
|
@ -2674,7 +2674,7 @@ int tls_connection_set_session_ticket_cb(void *tls_ctx,
|
||||||
tls_session_ticket_cb cb,
|
tls_session_ticket_cb cb,
|
||||||
void *ctx)
|
void *ctx)
|
||||||
{
|
{
|
||||||
#if defined(EAP_FAST) || defined(EAP_FAST_DYNAMIC)
|
#if defined(EAP_FAST) || defined(EAP_FAST_DYNAMIC) || defined(EAP_SERVER_FAST)
|
||||||
conn->session_ticket_cb = cb;
|
conn->session_ticket_cb = cb;
|
||||||
conn->session_ticket_cb_ctx = ctx;
|
conn->session_ticket_cb_ctx = ctx;
|
||||||
|
|
||||||
|
@ -2712,7 +2712,7 @@ int tls_connection_set_session_ticket_cb(void *tls_ctx,
|
||||||
}
|
}
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
#else /* EAP_FAST || EAP_FAST_DYNAMIC */
|
#else /* EAP_FAST || EAP_FAST_DYNAMIC || EAP_SERVER_FAST */
|
||||||
return -1;
|
return -1;
|
||||||
#endif /* EAP_FAST || EAP_FAST_DYNAMIC */
|
#endif /* EAP_FAST || EAP_FAST_DYNAMIC || EAP_SERVER_FAST */
|
||||||
}
|
}
|
||||||
|
|
|
@ -233,7 +233,7 @@ void eap_sim_add_mac(const u8 *k_aut, const u8 *msg, size_t msg_len, u8 *mac,
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
#ifdef EAP_AKA_PRIME
|
#if defined(EAP_AKA_PRIME) || defined(EAP_SERVER_AKA_PRIME)
|
||||||
static void prf_prime(const u8 *k, const char *seed1,
|
static void prf_prime(const u8 *k, const char *seed1,
|
||||||
const u8 *seed2, size_t seed2_len,
|
const u8 *seed2, size_t seed2_len,
|
||||||
const u8 *seed3, size_t seed3_len,
|
const u8 *seed3, size_t seed3_len,
|
||||||
|
@ -496,7 +496,7 @@ void eap_aka_prime_derive_ck_ik_prime(u8 *ck, u8 *ik, const u8 *sqn_ak,
|
||||||
wpa_hexdump_key(MSG_DEBUG, "EAP-AKA': CK'", ck, EAP_AKA_CK_LEN);
|
wpa_hexdump_key(MSG_DEBUG, "EAP-AKA': CK'", ck, EAP_AKA_CK_LEN);
|
||||||
wpa_hexdump_key(MSG_DEBUG, "EAP-AKA': IK'", ik, EAP_AKA_IK_LEN);
|
wpa_hexdump_key(MSG_DEBUG, "EAP-AKA': IK'", ik, EAP_AKA_IK_LEN);
|
||||||
}
|
}
|
||||||
#endif /* EAP_AKA_PRIME */
|
#endif /* EAP_AKA_PRIME || EAP_SERVER_AKA_PRIME */
|
||||||
|
|
||||||
|
|
||||||
int eap_sim_parse_attr(const u8 *start, const u8 *end,
|
int eap_sim_parse_attr(const u8 *start, const u8 *end,
|
||||||
|
@ -858,7 +858,7 @@ int eap_sim_parse_attr(const u8 *start, const u8 *end,
|
||||||
wpa_printf(MSG_DEBUG, "EAP-SIM: AT_RESULT_IND");
|
wpa_printf(MSG_DEBUG, "EAP-SIM: AT_RESULT_IND");
|
||||||
attr->result_ind = 1;
|
attr->result_ind = 1;
|
||||||
break;
|
break;
|
||||||
#ifdef EAP_AKA_PRIME
|
#if defined(EAP_AKA_PRIME) || defined(EAP_SERVER_AKA_PRIME)
|
||||||
case EAP_SIM_AT_KDF_INPUT:
|
case EAP_SIM_AT_KDF_INPUT:
|
||||||
if (aka != 2) {
|
if (aka != 2) {
|
||||||
wpa_printf(MSG_INFO, "EAP-AKA: Unexpected "
|
wpa_printf(MSG_INFO, "EAP-AKA: Unexpected "
|
||||||
|
@ -913,7 +913,7 @@ int eap_sim_parse_attr(const u8 *start, const u8 *end,
|
||||||
}
|
}
|
||||||
attr->bidding = apos;
|
attr->bidding = apos;
|
||||||
break;
|
break;
|
||||||
#endif /* EAP_AKA_PRIME */
|
#endif /* EAP_AKA_PRIME || EAP_SERVER_AKA_PRIME */
|
||||||
default:
|
default:
|
||||||
if (pos[0] < 128) {
|
if (pos[0] < 128) {
|
||||||
wpa_printf(MSG_INFO, "EAP-SIM: Unrecognized "
|
wpa_printf(MSG_INFO, "EAP-SIM: Unrecognized "
|
||||||
|
@ -1023,14 +1023,14 @@ struct wpabuf * eap_sim_msg_finish(struct eap_sim_msg *msg, const u8 *k_aut,
|
||||||
eap = wpabuf_mhead(msg->buf);
|
eap = wpabuf_mhead(msg->buf);
|
||||||
eap->length = host_to_be16(wpabuf_len(msg->buf));
|
eap->length = host_to_be16(wpabuf_len(msg->buf));
|
||||||
|
|
||||||
#ifdef EAP_AKA_PRIME
|
#if defined(EAP_AKA_PRIME) || defined(EAP_SERVER_AKA_PRIME)
|
||||||
if (k_aut && msg->mac && msg->type == EAP_TYPE_AKA_PRIME) {
|
if (k_aut && msg->mac && msg->type == EAP_TYPE_AKA_PRIME) {
|
||||||
eap_sim_add_mac_sha256(k_aut, (u8 *) wpabuf_head(msg->buf),
|
eap_sim_add_mac_sha256(k_aut, (u8 *) wpabuf_head(msg->buf),
|
||||||
wpabuf_len(msg->buf),
|
wpabuf_len(msg->buf),
|
||||||
(u8 *) wpabuf_mhead(msg->buf) +
|
(u8 *) wpabuf_mhead(msg->buf) +
|
||||||
msg->mac, extra, extra_len);
|
msg->mac, extra, extra_len);
|
||||||
} else
|
} else
|
||||||
#endif /* EAP_AKA_PRIME */
|
#endif /* EAP_AKA_PRIME || EAP_SERVER_AKA_PRIME */
|
||||||
if (k_aut && msg->mac) {
|
if (k_aut && msg->mac) {
|
||||||
eap_sim_add_mac(k_aut, (u8 *) wpabuf_head(msg->buf),
|
eap_sim_add_mac(k_aut, (u8 *) wpabuf_head(msg->buf),
|
||||||
wpabuf_len(msg->buf),
|
wpabuf_len(msg->buf),
|
||||||
|
|
|
@ -94,7 +94,7 @@ int eap_sim_verify_mac(const u8 *k_aut, const struct wpabuf *req,
|
||||||
void eap_sim_add_mac(const u8 *k_aut, const u8 *msg, size_t msg_len, u8 *mac,
|
void eap_sim_add_mac(const u8 *k_aut, const u8 *msg, size_t msg_len, u8 *mac,
|
||||||
const u8 *extra, size_t extra_len);
|
const u8 *extra, size_t extra_len);
|
||||||
|
|
||||||
#ifdef EAP_AKA_PRIME
|
#if defined(EAP_AKA_PRIME) || defined(EAP_SERVER_AKA_PRIME)
|
||||||
void eap_aka_prime_derive_keys(const u8 *identity, size_t identity_len,
|
void eap_aka_prime_derive_keys(const u8 *identity, size_t identity_len,
|
||||||
const u8 *ik, const u8 *ck, u8 *k_encr,
|
const u8 *ik, const u8 *ck, u8 *k_encr,
|
||||||
u8 *k_aut, u8 *k_re, u8 *msk, u8 *emsk);
|
u8 *k_aut, u8 *k_re, u8 *msk, u8 *emsk);
|
||||||
|
@ -110,7 +110,7 @@ void eap_sim_add_mac_sha256(const u8 *k_aut, const u8 *msg, size_t msg_len,
|
||||||
void eap_aka_prime_derive_ck_ik_prime(u8 *ck, u8 *ik, const u8 *sqn_ak,
|
void eap_aka_prime_derive_ck_ik_prime(u8 *ck, u8 *ik, const u8 *sqn_ak,
|
||||||
const u8 *network_name,
|
const u8 *network_name,
|
||||||
size_t network_name_len);
|
size_t network_name_len);
|
||||||
#else /* EAP_AKA_PRIME */
|
#else /* EAP_AKA_PRIME || EAP_SERVER_AKA_PRIME */
|
||||||
static inline void eap_aka_prime_derive_keys(const u8 *identity,
|
static inline void eap_aka_prime_derive_keys(const u8 *identity,
|
||||||
size_t identity_len,
|
size_t identity_len,
|
||||||
const u8 *ik, const u8 *ck,
|
const u8 *ik, const u8 *ck,
|
||||||
|
@ -135,7 +135,7 @@ static inline int eap_sim_verify_mac_sha256(const u8 *k_aut,
|
||||||
{
|
{
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
#endif /* EAP_AKA_PRIME */
|
#endif /* EAP_AKA_PRIME || EAP_SERVER_AKA_PRIME */
|
||||||
|
|
||||||
|
|
||||||
/* EAP-SIM/AKA Attributes (0..127 non-skippable) */
|
/* EAP-SIM/AKA Attributes (0..127 non-skippable) */
|
||||||
|
|
|
@ -116,7 +116,7 @@ static void * eap_aka_init(struct eap_sm *sm)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
#ifdef EAP_AKA_PRIME
|
#ifdef EAP_SERVER_AKA_PRIME
|
||||||
static void * eap_aka_prime_init(struct eap_sm *sm)
|
static void * eap_aka_prime_init(struct eap_sm *sm)
|
||||||
{
|
{
|
||||||
struct eap_aka_data *data;
|
struct eap_aka_data *data;
|
||||||
|
@ -148,7 +148,7 @@ static void * eap_aka_prime_init(struct eap_sm *sm)
|
||||||
|
|
||||||
return data;
|
return data;
|
||||||
}
|
}
|
||||||
#endif /* EAP_AKA_PRIME */
|
#endif /* EAP_SERVER_AKA_PRIME */
|
||||||
|
|
||||||
|
|
||||||
static void eap_aka_reset(struct eap_sm *sm, void *priv)
|
static void eap_aka_reset(struct eap_sm *sm, void *priv)
|
||||||
|
@ -399,7 +399,7 @@ static struct wpabuf * eap_aka_build_challenge(struct eap_sm *sm,
|
||||||
eap_sim_msg_add(msg, EAP_SIM_AT_RESULT_IND, 0, NULL, 0);
|
eap_sim_msg_add(msg, EAP_SIM_AT_RESULT_IND, 0, NULL, 0);
|
||||||
}
|
}
|
||||||
|
|
||||||
#ifdef EAP_AKA_PRIME
|
#ifdef EAP_SERVER_AKA_PRIME
|
||||||
if (data->eap_method == EAP_TYPE_AKA) {
|
if (data->eap_method == EAP_TYPE_AKA) {
|
||||||
u16 flags = 0;
|
u16 flags = 0;
|
||||||
int i;
|
int i;
|
||||||
|
@ -426,7 +426,7 @@ static struct wpabuf * eap_aka_build_challenge(struct eap_sm *sm,
|
||||||
flags |= EAP_AKA_BIDDING_FLAG_D;
|
flags |= EAP_AKA_BIDDING_FLAG_D;
|
||||||
eap_sim_msg_add(msg, EAP_SIM_AT_BIDDING, flags, NULL, 0);
|
eap_sim_msg_add(msg, EAP_SIM_AT_BIDDING, flags, NULL, 0);
|
||||||
}
|
}
|
||||||
#endif /* EAP_AKA_PRIME */
|
#endif /* EAP_SERVER_AKA_PRIME */
|
||||||
|
|
||||||
wpa_printf(MSG_DEBUG, " AT_MAC");
|
wpa_printf(MSG_DEBUG, " AT_MAC");
|
||||||
eap_sim_msg_add_mac(msg, EAP_SIM_AT_MAC);
|
eap_sim_msg_add_mac(msg, EAP_SIM_AT_MAC);
|
||||||
|
@ -701,7 +701,7 @@ static void eap_aka_determine_identity(struct eap_sm *sm,
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
#ifdef EAP_AKA_PRIME
|
#ifdef EAP_SERVER_AKA_PRIME
|
||||||
if (data->eap_method == EAP_TYPE_AKA_PRIME) {
|
if (data->eap_method == EAP_TYPE_AKA_PRIME) {
|
||||||
/* Note: AUTN = (SQN ^ AK) || AMF || MAC which gives us the
|
/* Note: AUTN = (SQN ^ AK) || AMF || MAC which gives us the
|
||||||
* needed 6-octet SQN ^AK for CK',IK' derivation */
|
* needed 6-octet SQN ^AK for CK',IK' derivation */
|
||||||
|
@ -710,7 +710,7 @@ static void eap_aka_determine_identity(struct eap_sm *sm,
|
||||||
data->network_name,
|
data->network_name,
|
||||||
data->network_name_len);
|
data->network_name_len);
|
||||||
}
|
}
|
||||||
#endif /* EAP_AKA_PRIME */
|
#endif /* EAP_SERVER_AKA_PRIME */
|
||||||
|
|
||||||
data->reauth = NULL;
|
data->reauth = NULL;
|
||||||
data->counter = 0; /* reset re-auth counter since this is full auth */
|
data->counter = 0; /* reset re-auth counter since this is full auth */
|
||||||
|
@ -807,7 +807,7 @@ static void eap_aka_process_challenge(struct eap_sm *sm,
|
||||||
|
|
||||||
wpa_printf(MSG_DEBUG, "EAP-AKA: Processing Challenge");
|
wpa_printf(MSG_DEBUG, "EAP-AKA: Processing Challenge");
|
||||||
|
|
||||||
#ifdef EAP_AKA_PRIME
|
#ifdef EAP_SERVER_AKA_PRIME
|
||||||
#if 0
|
#if 0
|
||||||
/* KDF negotiation; to be enabled only after more than one KDF is
|
/* KDF negotiation; to be enabled only after more than one KDF is
|
||||||
* supported */
|
* supported */
|
||||||
|
@ -830,7 +830,7 @@ static void eap_aka_process_challenge(struct eap_sm *sm,
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
#endif /* EAP_AKA_PRIME */
|
#endif /* EAP_SERVER_AKA_PRIME */
|
||||||
|
|
||||||
if (attr->checkcode &&
|
if (attr->checkcode &&
|
||||||
eap_aka_verify_checkcode(data, attr->checkcode,
|
eap_aka_verify_checkcode(data, attr->checkcode,
|
||||||
|
@ -892,7 +892,7 @@ static void eap_aka_process_challenge(struct eap_sm *sm,
|
||||||
}
|
}
|
||||||
if (data->next_reauth_id) {
|
if (data->next_reauth_id) {
|
||||||
if (data->eap_method == EAP_TYPE_AKA_PRIME) {
|
if (data->eap_method == EAP_TYPE_AKA_PRIME) {
|
||||||
#ifdef EAP_AKA_PRIME
|
#ifdef EAP_SERVER_AKA_PRIME
|
||||||
eap_sim_db_add_reauth_prime(sm->eap_sim_db_priv,
|
eap_sim_db_add_reauth_prime(sm->eap_sim_db_priv,
|
||||||
identity,
|
identity,
|
||||||
identity_len,
|
identity_len,
|
||||||
|
@ -900,7 +900,7 @@ static void eap_aka_process_challenge(struct eap_sm *sm,
|
||||||
data->counter + 1,
|
data->counter + 1,
|
||||||
data->k_encr, data->k_aut,
|
data->k_encr, data->k_aut,
|
||||||
data->k_re);
|
data->k_re);
|
||||||
#endif /* EAP_AKA_PRIME */
|
#endif /* EAP_SERVER_AKA_PRIME */
|
||||||
} else {
|
} else {
|
||||||
eap_sim_db_add_reauth(sm->eap_sim_db_priv, identity,
|
eap_sim_db_add_reauth(sm->eap_sim_db_priv, identity,
|
||||||
identity_len,
|
identity_len,
|
||||||
|
@ -1031,7 +1031,7 @@ static void eap_aka_process_reauth(struct eap_sm *sm,
|
||||||
}
|
}
|
||||||
if (data->next_reauth_id) {
|
if (data->next_reauth_id) {
|
||||||
if (data->eap_method == EAP_TYPE_AKA_PRIME) {
|
if (data->eap_method == EAP_TYPE_AKA_PRIME) {
|
||||||
#ifdef EAP_AKA_PRIME
|
#ifdef EAP_SERVER_AKA_PRIME
|
||||||
eap_sim_db_add_reauth_prime(sm->eap_sim_db_priv,
|
eap_sim_db_add_reauth_prime(sm->eap_sim_db_priv,
|
||||||
identity,
|
identity,
|
||||||
identity_len,
|
identity_len,
|
||||||
|
@ -1039,7 +1039,7 @@ static void eap_aka_process_reauth(struct eap_sm *sm,
|
||||||
data->counter + 1,
|
data->counter + 1,
|
||||||
data->k_encr, data->k_aut,
|
data->k_encr, data->k_aut,
|
||||||
data->k_re);
|
data->k_re);
|
||||||
#endif /* EAP_AKA_PRIME */
|
#endif /* EAP_SERVER_AKA_PRIME */
|
||||||
} else {
|
} else {
|
||||||
eap_sim_db_add_reauth(sm->eap_sim_db_priv, identity,
|
eap_sim_db_add_reauth(sm->eap_sim_db_priv, identity,
|
||||||
identity_len,
|
identity_len,
|
||||||
|
@ -1247,7 +1247,7 @@ int eap_server_aka_register(void)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
#ifdef EAP_AKA_PRIME
|
#ifdef EAP_SERVER_AKA_PRIME
|
||||||
int eap_server_aka_prime_register(void)
|
int eap_server_aka_prime_register(void)
|
||||||
{
|
{
|
||||||
struct eap_method *eap;
|
struct eap_method *eap;
|
||||||
|
@ -1275,4 +1275,4 @@ int eap_server_aka_prime_register(void)
|
||||||
|
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
#endif /* EAP_AKA_PRIME */
|
#endif /* EAP_SERVER_AKA_PRIME */
|
||||||
|
|
|
@ -942,7 +942,7 @@ static void eap_fast_process_phase2_response(struct eap_sm *sm,
|
||||||
left = in_len - sizeof(*hdr);
|
left = in_len - sizeof(*hdr);
|
||||||
wpa_hexdump(MSG_DEBUG, "EAP-FAST: Phase2 type Nak'ed; "
|
wpa_hexdump(MSG_DEBUG, "EAP-FAST: Phase2 type Nak'ed; "
|
||||||
"allowed types", pos + 1, left - 1);
|
"allowed types", pos + 1, left - 1);
|
||||||
#ifdef EAP_TNC
|
#ifdef EAP_SERVER_TNC
|
||||||
if (m && m->vendor == EAP_VENDOR_IETF &&
|
if (m && m->vendor == EAP_VENDOR_IETF &&
|
||||||
m->method == EAP_TYPE_TNC) {
|
m->method == EAP_TYPE_TNC) {
|
||||||
wpa_printf(MSG_DEBUG, "EAP-FAST: Peer Nak'ed required "
|
wpa_printf(MSG_DEBUG, "EAP-FAST: Peer Nak'ed required "
|
||||||
|
@ -951,7 +951,7 @@ static void eap_fast_process_phase2_response(struct eap_sm *sm,
|
||||||
eap_fast_phase2_init(sm, data, next_type);
|
eap_fast_phase2_init(sm, data, next_type);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
#endif /* EAP_TNC */
|
#endif /* EAP_SERVER_TNC */
|
||||||
eap_sm_process_nak(sm, pos + 1, left - 1);
|
eap_sm_process_nak(sm, pos + 1, left - 1);
|
||||||
if (sm->user && sm->user_eap_method_index < EAP_MAX_METHODS &&
|
if (sm->user && sm->user_eap_method_index < EAP_MAX_METHODS &&
|
||||||
sm->user->methods[sm->user_eap_method_index].method !=
|
sm->user->methods[sm->user_eap_method_index].method !=
|
||||||
|
@ -1019,13 +1019,13 @@ static void eap_fast_process_phase2_response(struct eap_sm *sm,
|
||||||
eap_fast_state(data, CRYPTO_BINDING);
|
eap_fast_state(data, CRYPTO_BINDING);
|
||||||
data->eap_seq++;
|
data->eap_seq++;
|
||||||
next_type = EAP_TYPE_NONE;
|
next_type = EAP_TYPE_NONE;
|
||||||
#ifdef EAP_TNC
|
#ifdef EAP_SERVER_TNC
|
||||||
if (sm->tnc && !data->tnc_started) {
|
if (sm->tnc && !data->tnc_started) {
|
||||||
wpa_printf(MSG_DEBUG, "EAP-FAST: Initialize TNC");
|
wpa_printf(MSG_DEBUG, "EAP-FAST: Initialize TNC");
|
||||||
next_type = EAP_TYPE_TNC;
|
next_type = EAP_TYPE_TNC;
|
||||||
data->tnc_started = 1;
|
data->tnc_started = 1;
|
||||||
}
|
}
|
||||||
#endif /* EAP_TNC */
|
#endif /* EAP_SERVER_TNC */
|
||||||
break;
|
break;
|
||||||
case FAILURE:
|
case FAILURE:
|
||||||
break;
|
break;
|
||||||
|
|
|
@ -33,14 +33,14 @@ static void * eap_gtc_init(struct eap_sm *sm)
|
||||||
return NULL;
|
return NULL;
|
||||||
data->state = CONTINUE;
|
data->state = CONTINUE;
|
||||||
|
|
||||||
#ifdef EAP_FAST
|
#ifdef EAP_SERVER_FAST
|
||||||
if (sm->m && sm->m->vendor == EAP_VENDOR_IETF &&
|
if (sm->m && sm->m->vendor == EAP_VENDOR_IETF &&
|
||||||
sm->m->method == EAP_TYPE_FAST) {
|
sm->m->method == EAP_TYPE_FAST) {
|
||||||
wpa_printf(MSG_DEBUG, "EAP-GTC: EAP-FAST tunnel - use prefix "
|
wpa_printf(MSG_DEBUG, "EAP-GTC: EAP-FAST tunnel - use prefix "
|
||||||
"with challenge/response");
|
"with challenge/response");
|
||||||
data->prefix = 1;
|
data->prefix = 1;
|
||||||
}
|
}
|
||||||
#endif /* EAP_FAST */
|
#endif /* EAP_SERVER_FAST */
|
||||||
|
|
||||||
return data;
|
return data;
|
||||||
}
|
}
|
||||||
|
@ -109,7 +109,7 @@ static void eap_gtc_process(struct eap_sm *sm, void *priv,
|
||||||
|
|
||||||
wpa_hexdump_ascii_key(MSG_MSGDUMP, "EAP-GTC: Response", pos, rlen);
|
wpa_hexdump_ascii_key(MSG_MSGDUMP, "EAP-GTC: Response", pos, rlen);
|
||||||
|
|
||||||
#ifdef EAP_FAST
|
#ifdef EAP_SERVER_FAST
|
||||||
if (data->prefix) {
|
if (data->prefix) {
|
||||||
const u8 *pos2, *end;
|
const u8 *pos2, *end;
|
||||||
/* "RESPONSE=<user>\0<password>" */
|
/* "RESPONSE=<user>\0<password>" */
|
||||||
|
@ -170,7 +170,7 @@ static void eap_gtc_process(struct eap_sm *sm, void *priv,
|
||||||
"EAP-GTC: Response password",
|
"EAP-GTC: Response password",
|
||||||
pos, rlen);
|
pos, rlen);
|
||||||
}
|
}
|
||||||
#endif /* EAP_FAST */
|
#endif /* EAP_SERVER_FAST */
|
||||||
|
|
||||||
if (sm->user == NULL || sm->user->password == NULL ||
|
if (sm->user == NULL || sm->user->password == NULL ||
|
||||||
sm->user->password_hash) {
|
sm->user->password_hash) {
|
||||||
|
|
|
@ -149,138 +149,138 @@ int eap_server_register_methods(void)
|
||||||
ret = eap_server_identity_register();
|
ret = eap_server_identity_register();
|
||||||
}
|
}
|
||||||
|
|
||||||
#ifdef EAP_MD5
|
#ifdef EAP_SERVER_MD5
|
||||||
if (ret == 0) {
|
if (ret == 0) {
|
||||||
int eap_server_md5_register(void);
|
int eap_server_md5_register(void);
|
||||||
ret = eap_server_md5_register();
|
ret = eap_server_md5_register();
|
||||||
}
|
}
|
||||||
#endif /* EAP_MD5 */
|
#endif /* EAP_SERVER_MD5 */
|
||||||
|
|
||||||
#ifdef EAP_TLS
|
#ifdef EAP_SERVER_TLS
|
||||||
if (ret == 0) {
|
if (ret == 0) {
|
||||||
int eap_server_tls_register(void);
|
int eap_server_tls_register(void);
|
||||||
ret = eap_server_tls_register();
|
ret = eap_server_tls_register();
|
||||||
}
|
}
|
||||||
#endif /* EAP_TLS */
|
#endif /* EAP_SERVER_TLS */
|
||||||
|
|
||||||
#ifdef EAP_MSCHAPv2
|
#ifdef EAP_SERVER_MSCHAPV2
|
||||||
if (ret == 0) {
|
if (ret == 0) {
|
||||||
int eap_server_mschapv2_register(void);
|
int eap_server_mschapv2_register(void);
|
||||||
ret = eap_server_mschapv2_register();
|
ret = eap_server_mschapv2_register();
|
||||||
}
|
}
|
||||||
#endif /* EAP_MSCHAPv2 */
|
#endif /* EAP_SERVER_MSCHAPV2 */
|
||||||
|
|
||||||
#ifdef EAP_PEAP
|
#ifdef EAP_SERVER_PEAP
|
||||||
if (ret == 0) {
|
if (ret == 0) {
|
||||||
int eap_server_peap_register(void);
|
int eap_server_peap_register(void);
|
||||||
ret = eap_server_peap_register();
|
ret = eap_server_peap_register();
|
||||||
}
|
}
|
||||||
#endif /* EAP_PEAP */
|
#endif /* EAP_SERVER_PEAP */
|
||||||
|
|
||||||
#ifdef EAP_TLV
|
#ifdef EAP_SERVER_TLV
|
||||||
if (ret == 0) {
|
if (ret == 0) {
|
||||||
int eap_server_tlv_register(void);
|
int eap_server_tlv_register(void);
|
||||||
ret = eap_server_tlv_register();
|
ret = eap_server_tlv_register();
|
||||||
}
|
}
|
||||||
#endif /* EAP_TLV */
|
#endif /* EAP_SERVER_TLV */
|
||||||
|
|
||||||
#ifdef EAP_GTC
|
#ifdef EAP_SERVER_GTC
|
||||||
if (ret == 0) {
|
if (ret == 0) {
|
||||||
int eap_server_gtc_register(void);
|
int eap_server_gtc_register(void);
|
||||||
ret = eap_server_gtc_register();
|
ret = eap_server_gtc_register();
|
||||||
}
|
}
|
||||||
#endif /* EAP_GTC */
|
#endif /* EAP_SERVER_GTC */
|
||||||
|
|
||||||
#ifdef EAP_TTLS
|
#ifdef EAP_SERVER_TTLS
|
||||||
if (ret == 0) {
|
if (ret == 0) {
|
||||||
int eap_server_ttls_register(void);
|
int eap_server_ttls_register(void);
|
||||||
ret = eap_server_ttls_register();
|
ret = eap_server_ttls_register();
|
||||||
}
|
}
|
||||||
#endif /* EAP_TTLS */
|
#endif /* EAP_SERVER_TTLS */
|
||||||
|
|
||||||
#ifdef EAP_SIM
|
#ifdef EAP_SERVER_SIM
|
||||||
if (ret == 0) {
|
if (ret == 0) {
|
||||||
int eap_server_sim_register(void);
|
int eap_server_sim_register(void);
|
||||||
ret = eap_server_sim_register();
|
ret = eap_server_sim_register();
|
||||||
}
|
}
|
||||||
#endif /* EAP_SIM */
|
#endif /* EAP_SERVER_SIM */
|
||||||
|
|
||||||
#ifdef EAP_AKA
|
#ifdef EAP_SERVER_AKA
|
||||||
if (ret == 0) {
|
if (ret == 0) {
|
||||||
int eap_server_aka_register(void);
|
int eap_server_aka_register(void);
|
||||||
ret = eap_server_aka_register();
|
ret = eap_server_aka_register();
|
||||||
}
|
}
|
||||||
#endif /* EAP_AKA */
|
#endif /* EAP_SERVER_AKA */
|
||||||
|
|
||||||
#ifdef EAP_AKA_PRIME
|
#ifdef EAP_SERVER_AKA_PRIME
|
||||||
if (ret == 0) {
|
if (ret == 0) {
|
||||||
int eap_server_aka_prime_register(void);
|
int eap_server_aka_prime_register(void);
|
||||||
ret = eap_server_aka_prime_register();
|
ret = eap_server_aka_prime_register();
|
||||||
}
|
}
|
||||||
#endif /* EAP_AKA_PRIME */
|
#endif /* EAP_SERVER_AKA_PRIME */
|
||||||
|
|
||||||
#ifdef EAP_PAX
|
#ifdef EAP_SERVER_PAX
|
||||||
if (ret == 0) {
|
if (ret == 0) {
|
||||||
int eap_server_pax_register(void);
|
int eap_server_pax_register(void);
|
||||||
ret = eap_server_pax_register();
|
ret = eap_server_pax_register();
|
||||||
}
|
}
|
||||||
#endif /* EAP_PAX */
|
#endif /* EAP_SERVER_PAX */
|
||||||
|
|
||||||
#ifdef EAP_PSK
|
#ifdef EAP_SERVER_PSK
|
||||||
if (ret == 0) {
|
if (ret == 0) {
|
||||||
int eap_server_psk_register(void);
|
int eap_server_psk_register(void);
|
||||||
ret = eap_server_psk_register();
|
ret = eap_server_psk_register();
|
||||||
}
|
}
|
||||||
#endif /* EAP_PSK */
|
#endif /* EAP_SERVER_PSK */
|
||||||
|
|
||||||
#ifdef EAP_SAKE
|
#ifdef EAP_SERVER_SAKE
|
||||||
if (ret == 0) {
|
if (ret == 0) {
|
||||||
int eap_server_sake_register(void);
|
int eap_server_sake_register(void);
|
||||||
ret = eap_server_sake_register();
|
ret = eap_server_sake_register();
|
||||||
}
|
}
|
||||||
#endif /* EAP_SAKE */
|
#endif /* EAP_SERVER_SAKE */
|
||||||
|
|
||||||
#ifdef EAP_GPSK
|
#ifdef EAP_SERVER_GPSK
|
||||||
if (ret == 0) {
|
if (ret == 0) {
|
||||||
int eap_server_gpsk_register(void);
|
int eap_server_gpsk_register(void);
|
||||||
ret = eap_server_gpsk_register();
|
ret = eap_server_gpsk_register();
|
||||||
}
|
}
|
||||||
#endif /* EAP_GPSK */
|
#endif /* EAP_SERVER_GPSK */
|
||||||
|
|
||||||
#ifdef EAP_VENDOR_TEST
|
#ifdef EAP_SERVER_VENDOR_TEST
|
||||||
if (ret == 0) {
|
if (ret == 0) {
|
||||||
int eap_server_vendor_test_register(void);
|
int eap_server_vendor_test_register(void);
|
||||||
ret = eap_server_vendor_test_register();
|
ret = eap_server_vendor_test_register();
|
||||||
}
|
}
|
||||||
#endif /* EAP_VENDOR_TEST */
|
#endif /* EAP_SERVER_VENDOR_TEST */
|
||||||
|
|
||||||
#ifdef EAP_FAST
|
#ifdef EAP_SERVER_FAST
|
||||||
if (ret == 0) {
|
if (ret == 0) {
|
||||||
int eap_server_fast_register(void);
|
int eap_server_fast_register(void);
|
||||||
ret = eap_server_fast_register();
|
ret = eap_server_fast_register();
|
||||||
}
|
}
|
||||||
#endif /* EAP_FAST */
|
#endif /* EAP_SERVER_FAST */
|
||||||
|
|
||||||
#ifdef EAP_WSC
|
#ifdef EAP_SERVER_WSC
|
||||||
if (ret == 0) {
|
if (ret == 0) {
|
||||||
int eap_server_wsc_register(void);
|
int eap_server_wsc_register(void);
|
||||||
ret = eap_server_wsc_register();
|
ret = eap_server_wsc_register();
|
||||||
}
|
}
|
||||||
#endif /* EAP_WSC */
|
#endif /* EAP_SERVER_WSC */
|
||||||
|
|
||||||
#ifdef EAP_IKEV2
|
#ifdef EAP_SERVER_IKEV2
|
||||||
if (ret == 0) {
|
if (ret == 0) {
|
||||||
int eap_server_ikev2_register(void);
|
int eap_server_ikev2_register(void);
|
||||||
ret = eap_server_ikev2_register();
|
ret = eap_server_ikev2_register();
|
||||||
}
|
}
|
||||||
#endif /* EAP_IKEV2 */
|
#endif /* EAP_SERVER_IKEV2 */
|
||||||
|
|
||||||
#ifdef EAP_TNC
|
#ifdef EAP_SERVER_TNC
|
||||||
if (ret == 0) {
|
if (ret == 0) {
|
||||||
int eap_server_tnc_register(void);
|
int eap_server_tnc_register(void);
|
||||||
ret = eap_server_tnc_register();
|
ret = eap_server_tnc_register();
|
||||||
}
|
}
|
||||||
#endif /* EAP_TNC */
|
#endif /* EAP_SERVER_TNC */
|
||||||
|
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
|
@ -267,7 +267,7 @@ static struct wpabuf * eap_peap_build_phase2_req(struct eap_sm *sm,
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
#ifdef EAP_TNC
|
#ifdef EAP_SERVER_TNC
|
||||||
static struct wpabuf * eap_peap_build_phase2_soh(struct eap_sm *sm,
|
static struct wpabuf * eap_peap_build_phase2_soh(struct eap_sm *sm,
|
||||||
struct eap_peap_data *data,
|
struct eap_peap_data *data,
|
||||||
u8 id)
|
u8 id)
|
||||||
|
@ -303,7 +303,7 @@ static struct wpabuf * eap_peap_build_phase2_soh(struct eap_sm *sm,
|
||||||
|
|
||||||
return encr_req;
|
return encr_req;
|
||||||
}
|
}
|
||||||
#endif /* EAP_TNC */
|
#endif /* EAP_SERVER_TNC */
|
||||||
|
|
||||||
|
|
||||||
static void eap_peap_get_isk(struct eap_peap_data *data,
|
static void eap_peap_get_isk(struct eap_peap_data *data,
|
||||||
|
@ -375,10 +375,10 @@ static struct wpabuf * eap_peap_build_phase2_tlv(struct eap_sm *sm,
|
||||||
mlen = 6; /* Result TLV */
|
mlen = 6; /* Result TLV */
|
||||||
if (data->crypto_binding != NO_BINDING)
|
if (data->crypto_binding != NO_BINDING)
|
||||||
mlen += 60; /* Cryptobinding TLV */
|
mlen += 60; /* Cryptobinding TLV */
|
||||||
#ifdef EAP_TNC
|
#ifdef EAP_SERVER_TNC
|
||||||
if (data->soh_response)
|
if (data->soh_response)
|
||||||
mlen += wpabuf_len(data->soh_response);
|
mlen += wpabuf_len(data->soh_response);
|
||||||
#endif /* EAP_TNC */
|
#endif /* EAP_SERVER_TNC */
|
||||||
|
|
||||||
buf = eap_msg_alloc(EAP_VENDOR_IETF, EAP_TYPE_TLV, mlen,
|
buf = eap_msg_alloc(EAP_VENDOR_IETF, EAP_TYPE_TLV, mlen,
|
||||||
EAP_CODE_REQUEST, id);
|
EAP_CODE_REQUEST, id);
|
||||||
|
@ -401,7 +401,7 @@ static struct wpabuf * eap_peap_build_phase2_tlv(struct eap_sm *sm,
|
||||||
size_t len[2];
|
size_t len[2];
|
||||||
u16 tlv_type;
|
u16 tlv_type;
|
||||||
|
|
||||||
#ifdef EAP_TNC
|
#ifdef EAP_SERVER_TNC
|
||||||
if (data->soh_response) {
|
if (data->soh_response) {
|
||||||
wpa_printf(MSG_DEBUG, "EAP-PEAP: Adding MS-SOH "
|
wpa_printf(MSG_DEBUG, "EAP-PEAP: Adding MS-SOH "
|
||||||
"Response TLV");
|
"Response TLV");
|
||||||
|
@ -409,7 +409,7 @@ static struct wpabuf * eap_peap_build_phase2_tlv(struct eap_sm *sm,
|
||||||
wpabuf_free(data->soh_response);
|
wpabuf_free(data->soh_response);
|
||||||
data->soh_response = NULL;
|
data->soh_response = NULL;
|
||||||
}
|
}
|
||||||
#endif /* EAP_TNC */
|
#endif /* EAP_SERVER_TNC */
|
||||||
|
|
||||||
if (eap_peap_derive_cmk(sm, data) < 0 ||
|
if (eap_peap_derive_cmk(sm, data) < 0 ||
|
||||||
os_get_random(data->binding_nonce, 32)) {
|
os_get_random(data->binding_nonce, 32)) {
|
||||||
|
@ -517,13 +517,13 @@ static struct wpabuf * eap_peap_buildReq(struct eap_sm *sm, void *priv, u8 id)
|
||||||
data->ssl.out_used = 0;
|
data->ssl.out_used = 0;
|
||||||
data->ssl.out_buf = eap_peap_build_phase2_req(sm, data, id);
|
data->ssl.out_buf = eap_peap_build_phase2_req(sm, data, id);
|
||||||
break;
|
break;
|
||||||
#ifdef EAP_TNC
|
#ifdef EAP_SERVER_TNC
|
||||||
case PHASE2_SOH:
|
case PHASE2_SOH:
|
||||||
wpabuf_free(data->ssl.out_buf);
|
wpabuf_free(data->ssl.out_buf);
|
||||||
data->ssl.out_used = 0;
|
data->ssl.out_used = 0;
|
||||||
data->ssl.out_buf = eap_peap_build_phase2_soh(sm, data, id);
|
data->ssl.out_buf = eap_peap_build_phase2_soh(sm, data, id);
|
||||||
break;
|
break;
|
||||||
#endif /* EAP_TNC */
|
#endif /* EAP_SERVER_TNC */
|
||||||
case PHASE2_TLV:
|
case PHASE2_TLV:
|
||||||
wpabuf_free(data->ssl.out_buf);
|
wpabuf_free(data->ssl.out_buf);
|
||||||
data->ssl.out_used = 0;
|
data->ssl.out_used = 0;
|
||||||
|
@ -757,7 +757,7 @@ static void eap_peap_process_phase2_tlv(struct eap_sm *sm,
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
#ifdef EAP_TNC
|
#ifdef EAP_SERVER_TNC
|
||||||
static void eap_peap_process_phase2_soh(struct eap_sm *sm,
|
static void eap_peap_process_phase2_soh(struct eap_sm *sm,
|
||||||
struct eap_peap_data *data,
|
struct eap_peap_data *data,
|
||||||
struct wpabuf *in_data)
|
struct wpabuf *in_data)
|
||||||
|
@ -885,7 +885,7 @@ auth_method:
|
||||||
wpa_printf(MSG_DEBUG, "EAP-PEAP: try EAP type %d", next_type);
|
wpa_printf(MSG_DEBUG, "EAP-PEAP: try EAP type %d", next_type);
|
||||||
eap_peap_phase2_init(sm, data, next_type);
|
eap_peap_phase2_init(sm, data, next_type);
|
||||||
}
|
}
|
||||||
#endif /* EAP_TNC */
|
#endif /* EAP_SERVER_TNC */
|
||||||
|
|
||||||
|
|
||||||
static void eap_peap_process_phase2_response(struct eap_sm *sm,
|
static void eap_peap_process_phase2_response(struct eap_sm *sm,
|
||||||
|
@ -902,12 +902,12 @@ static void eap_peap_process_phase2_response(struct eap_sm *sm,
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
#ifdef EAP_TNC
|
#ifdef EAP_SERVER_TNC
|
||||||
if (data->state == PHASE2_SOH) {
|
if (data->state == PHASE2_SOH) {
|
||||||
eap_peap_process_phase2_soh(sm, data, in_data);
|
eap_peap_process_phase2_soh(sm, data, in_data);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
#endif /* EAP_TNC */
|
#endif /* EAP_SERVER_TNC */
|
||||||
|
|
||||||
if (data->phase2_priv == NULL) {
|
if (data->phase2_priv == NULL) {
|
||||||
wpa_printf(MSG_DEBUG, "EAP-PEAP: %s - Phase2 not "
|
wpa_printf(MSG_DEBUG, "EAP-PEAP: %s - Phase2 not "
|
||||||
|
@ -991,7 +991,7 @@ static void eap_peap_process_phase2_response(struct eap_sm *sm,
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
#ifdef EAP_TNC
|
#ifdef EAP_SERVER_TNC
|
||||||
if (data->state != PHASE2_SOH && sm->tnc &&
|
if (data->state != PHASE2_SOH && sm->tnc &&
|
||||||
data->peap_version == 0) {
|
data->peap_version == 0) {
|
||||||
eap_peap_state(data, PHASE2_SOH);
|
eap_peap_state(data, PHASE2_SOH);
|
||||||
|
@ -1000,7 +1000,7 @@ static void eap_peap_process_phase2_response(struct eap_sm *sm,
|
||||||
next_type = EAP_TYPE_NONE;
|
next_type = EAP_TYPE_NONE;
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
#endif /* EAP_TNC */
|
#endif /* EAP_SERVER_TNC */
|
||||||
|
|
||||||
eap_peap_state(data, PHASE2_METHOD);
|
eap_peap_state(data, PHASE2_METHOD);
|
||||||
next_type = sm->user->methods[0].method;
|
next_type = sm->user->methods[0].method;
|
||||||
|
|
|
@ -1023,7 +1023,7 @@ int eap_sim_db_add_reauth(void *priv, const u8 *identity,
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
#ifdef EAP_AKA_PRIME
|
#ifdef EAP_SERVER_AKA_PRIME
|
||||||
/**
|
/**
|
||||||
* eap_sim_db_add_reauth_prime - EAP-AKA' DB: Add new re-authentication entry
|
* eap_sim_db_add_reauth_prime - EAP-AKA' DB: Add new re-authentication entry
|
||||||
* @priv: Private data pointer from eap_sim_db_init()
|
* @priv: Private data pointer from eap_sim_db_init()
|
||||||
|
@ -1062,7 +1062,7 @@ int eap_sim_db_add_reauth_prime(void *priv, const u8 *identity,
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
#endif /* EAP_AKA_PRIME */
|
#endif /* EAP_SERVER_AKA_PRIME */
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
|
@ -15,7 +15,7 @@
|
||||||
#ifndef EAP_SIM_DB_H
|
#ifndef EAP_SIM_DB_H
|
||||||
#define EAP_SIM_DB_H
|
#define EAP_SIM_DB_H
|
||||||
|
|
||||||
#ifdef EAP_SIM
|
#ifdef EAP_SERVER_SIM
|
||||||
|
|
||||||
#include "eap_common/eap_sim_common.h"
|
#include "eap_common/eap_sim_common.h"
|
||||||
|
|
||||||
|
@ -90,7 +90,7 @@ int eap_sim_db_resynchronize(void *priv, const u8 *identity,
|
||||||
size_t identity_len, const u8 *auts,
|
size_t identity_len, const u8 *auts,
|
||||||
const u8 *_rand);
|
const u8 *_rand);
|
||||||
|
|
||||||
#else /* EAP_SIM */
|
#else /* EAP_SERVER_SIM */
|
||||||
static inline void *
|
static inline void *
|
||||||
eap_sim_db_init(const char *config,
|
eap_sim_db_init(const char *config,
|
||||||
void (*get_complete_cb)(void *ctx, void *session_ctx),
|
void (*get_complete_cb)(void *ctx, void *session_ctx),
|
||||||
|
@ -102,6 +102,6 @@ eap_sim_db_init(const char *config,
|
||||||
static inline void eap_sim_db_deinit(void *priv)
|
static inline void eap_sim_db_deinit(void *priv)
|
||||||
{
|
{
|
||||||
}
|
}
|
||||||
#endif /* EAP_SIM */
|
#endif /* EAP_SERVER_SIM */
|
||||||
|
|
||||||
#endif /* EAP_SIM_DB_H */
|
#endif /* EAP_SIM_DB_H */
|
||||||
|
|
|
@ -1221,14 +1221,14 @@ static void eap_ttls_process_phase2(struct eap_sm *sm,
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
#ifdef EAP_TNC
|
#ifdef EAP_SERVER_TNC
|
||||||
if (data->tnc_started && parse.eap == NULL) {
|
if (data->tnc_started && parse.eap == NULL) {
|
||||||
wpa_printf(MSG_DEBUG, "EAP-TTLS: TNC started but no EAP "
|
wpa_printf(MSG_DEBUG, "EAP-TTLS: TNC started but no EAP "
|
||||||
"response from peer");
|
"response from peer");
|
||||||
eap_ttls_state(data, FAILURE);
|
eap_ttls_state(data, FAILURE);
|
||||||
goto done;
|
goto done;
|
||||||
}
|
}
|
||||||
#endif /* EAP_TNC */
|
#endif /* EAP_SERVER_TNC */
|
||||||
|
|
||||||
if (parse.eap) {
|
if (parse.eap) {
|
||||||
eap_ttls_process_phase2_eap(sm, data, parse.eap,
|
eap_ttls_process_phase2_eap(sm, data, parse.eap,
|
||||||
|
@ -1264,7 +1264,7 @@ done:
|
||||||
|
|
||||||
static void eap_ttls_start_tnc(struct eap_sm *sm, struct eap_ttls_data *data)
|
static void eap_ttls_start_tnc(struct eap_sm *sm, struct eap_ttls_data *data)
|
||||||
{
|
{
|
||||||
#ifdef EAP_TNC
|
#ifdef EAP_SERVER_TNC
|
||||||
if (!sm->tnc || data->state != SUCCESS || data->tnc_started)
|
if (!sm->tnc || data->state != SUCCESS || data->tnc_started)
|
||||||
return;
|
return;
|
||||||
|
|
||||||
|
@ -1277,7 +1277,7 @@ static void eap_ttls_start_tnc(struct eap_sm *sm, struct eap_ttls_data *data)
|
||||||
|
|
||||||
data->tnc_started = 1;
|
data->tnc_started = 1;
|
||||||
eap_ttls_state(data, PHASE2_METHOD);
|
eap_ttls_state(data, PHASE2_METHOD);
|
||||||
#endif /* EAP_TNC */
|
#endif /* EAP_SERVER_TNC */
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -546,7 +546,7 @@ int tlsv1_server_get_keyblock_size(struct tlsv1_server *conn)
|
||||||
*/
|
*/
|
||||||
int tlsv1_server_set_cipher_list(struct tlsv1_server *conn, u8 *ciphers)
|
int tlsv1_server_set_cipher_list(struct tlsv1_server *conn, u8 *ciphers)
|
||||||
{
|
{
|
||||||
#ifdef EAP_FAST
|
#ifdef EAP_SERVER_FAST
|
||||||
size_t count;
|
size_t count;
|
||||||
u16 *suites;
|
u16 *suites;
|
||||||
|
|
||||||
|
@ -572,9 +572,9 @@ int tlsv1_server_set_cipher_list(struct tlsv1_server *conn, u8 *ciphers)
|
||||||
}
|
}
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
#else /* EAP_FAST */
|
#else /* EAP_SERVER_FAST */
|
||||||
return -1;
|
return -1;
|
||||||
#endif /* EAP_FAST */
|
#endif /* EAP_SERVER_FAST */
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -571,7 +571,7 @@ static int tls_process_client_key_exchange_rsa(
|
||||||
static int tls_process_client_key_exchange_dh_anon(
|
static int tls_process_client_key_exchange_dh_anon(
|
||||||
struct tlsv1_server *conn, const u8 *pos, const u8 *end)
|
struct tlsv1_server *conn, const u8 *pos, const u8 *end)
|
||||||
{
|
{
|
||||||
#ifdef EAP_FAST
|
#ifdef EAP_SERVER_FAST
|
||||||
const u8 *dh_yc;
|
const u8 *dh_yc;
|
||||||
u16 dh_yc_len;
|
u16 dh_yc_len;
|
||||||
u8 *shared;
|
u8 *shared;
|
||||||
|
@ -669,9 +669,9 @@ static int tls_process_client_key_exchange_dh_anon(
|
||||||
}
|
}
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
#else /* EAP_FAST */
|
#else /* EAP_SERVER_FAST */
|
||||||
return -1;
|
return -1;
|
||||||
#endif /* EAP_FAST */
|
#endif /* EAP_SERVER_FAST */
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -247,12 +247,12 @@ static int tls_write_server_key_exchange(struct tlsv1_server *conn,
|
||||||
{
|
{
|
||||||
tls_key_exchange keyx;
|
tls_key_exchange keyx;
|
||||||
const struct tls_cipher_suite *suite;
|
const struct tls_cipher_suite *suite;
|
||||||
#ifdef EAP_FAST
|
#ifdef EAP_SERVER_FAST
|
||||||
u8 *pos, *rhdr, *hs_start, *hs_length;
|
u8 *pos, *rhdr, *hs_start, *hs_length;
|
||||||
size_t rlen;
|
size_t rlen;
|
||||||
u8 *dh_ys;
|
u8 *dh_ys;
|
||||||
size_t dh_ys_len;
|
size_t dh_ys_len;
|
||||||
#endif /* EAP_FAST */
|
#endif /* EAP_SERVER_FAST */
|
||||||
|
|
||||||
suite = tls_get_cipher_suite(conn->rl.cipher_suite);
|
suite = tls_get_cipher_suite(conn->rl.cipher_suite);
|
||||||
if (suite == NULL)
|
if (suite == NULL)
|
||||||
|
@ -272,7 +272,7 @@ static int tls_write_server_key_exchange(struct tlsv1_server *conn,
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
#ifdef EAP_FAST
|
#ifdef EAP_SERVER_FAST
|
||||||
if (conn->cred == NULL || conn->cred->dh_p == NULL ||
|
if (conn->cred == NULL || conn->cred->dh_p == NULL ||
|
||||||
conn->cred->dh_g == NULL) {
|
conn->cred->dh_g == NULL) {
|
||||||
wpa_printf(MSG_DEBUG, "TLSv1: No DH parameters available for "
|
wpa_printf(MSG_DEBUG, "TLSv1: No DH parameters available for "
|
||||||
|
@ -433,9 +433,9 @@ static int tls_write_server_key_exchange(struct tlsv1_server *conn,
|
||||||
*msgpos = pos;
|
*msgpos = pos;
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
#else /* EAP_FAST */
|
#else /* EAP_SERVER_FAST */
|
||||||
return -1;
|
return -1;
|
||||||
#endif /* EAP_FAST */
|
#endif /* EAP_SERVER_FAST */
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue