eapol_test: Update with src/ap/ieee802_1x.c changes

eapol_test.c contains variants of couple of functions from the hostapd
implementation. Those had not been updated for a while and this commit
brings in the main changes to keep the implementations closer to
each other.

Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen 2022-04-17 12:04:14 +03:00
parent 747c5f2281
commit b0f016b873

View file

@ -773,20 +773,20 @@ static void ieee802_1x_decapsulate_radius(struct eapol_test_data *e)
msg = e->last_recv_radius; msg = e->last_recv_radius;
eap = radius_msg_get_eap(msg); eap = radius_msg_get_eap(msg);
if (eap == NULL) { if (!eap) {
/* draft-aboba-radius-rfc2869bis-20.txt, Chap. 2.6.3: /* RFC 3579, Chap. 2.6.3:
* RADIUS server SHOULD NOT send Access-Reject/no EAP-Message * RADIUS server SHOULD NOT send Access-Reject/no EAP-Message
* attribute */ * attribute */
wpa_printf(MSG_DEBUG, "could not extract " wpa_printf(MSG_DEBUG,
"EAP-Message from RADIUS message"); "could not extract EAP-Message from RADIUS message");
wpabuf_free(e->last_eap_radius); wpabuf_free(e->last_eap_radius);
e->last_eap_radius = NULL; e->last_eap_radius = NULL;
return; return;
} }
if (wpabuf_len(eap) < sizeof(*hdr)) { if (wpabuf_len(eap) < sizeof(*hdr)) {
wpa_printf(MSG_DEBUG, "too short EAP packet " wpa_printf(MSG_DEBUG,
"received from authentication server"); "too short EAP packet received from authentication server");
wpabuf_free(eap); wpabuf_free(eap);
return; return;
} }
@ -822,11 +822,11 @@ static void ieee802_1x_decapsulate_radius(struct eapol_test_data *e)
wpa_hexdump_buf(MSG_DEBUG, "Decapsulated EAP packet", eap); wpa_hexdump_buf(MSG_DEBUG, "Decapsulated EAP packet", eap);
break; break;
} }
wpa_printf(MSG_DEBUG, "decapsulated EAP packet (code=%d " buf[sizeof(buf) - 1] = '\0';
"id=%d len=%d) from RADIUS server: %s", wpa_printf(MSG_DEBUG,
hdr->code, hdr->identifier, ntohs(hdr->length), buf); "decapsulated EAP packet (code=%d id=%d len=%d) from RADIUS server: %s",
hdr->code, hdr->identifier, be_to_host16(hdr->length),
/* sta->eapol_sm->be_auth.idFromServer = hdr->identifier; */ buf);
wpabuf_free(e->last_eap_radius); wpabuf_free(e->last_eap_radius);
e->last_eap_radius = eap; e->last_eap_radius = eap;
@ -859,7 +859,7 @@ static void ieee802_1x_get_keys(struct eapol_test_data *e,
keys = radius_msg_get_ms_keys(msg, req, shared_secret, keys = radius_msg_get_ms_keys(msg, req, shared_secret,
shared_secret_len); shared_secret_len);
if (keys && keys->send == NULL && keys->recv == NULL) { if (keys && !keys->send && !keys->recv) {
os_free(keys); os_free(keys);
keys = radius_msg_get_cisco_keys(msg, req, shared_secret, keys = radius_msg_get_cisco_keys(msg, req, shared_secret,
shared_secret_len); shared_secret_len);
@ -920,20 +920,19 @@ ieee802_1x_receive_auth(struct radius_msg *msg, struct radius_msg *req,
radius_msg_get_attr(msg, RADIUS_ATTR_MESSAGE_AUTHENTICATOR, NULL, radius_msg_get_attr(msg, RADIUS_ATTR_MESSAGE_AUTHENTICATOR, NULL,
0) < 0 && 0) < 0 &&
radius_msg_get_attr(msg, RADIUS_ATTR_EAP_MESSAGE, NULL, 0) < 0) { radius_msg_get_attr(msg, RADIUS_ATTR_EAP_MESSAGE, NULL, 0) < 0) {
wpa_printf(MSG_DEBUG, "Allowing RADIUS " wpa_printf(MSG_DEBUG,
"Access-Reject without Message-Authenticator " "Allowing RADIUS Access-Reject without Message-Authenticator since it does not include EAP-Message");
"since it does not include EAP-Message\n");
} else if (radius_msg_verify(msg, shared_secret, shared_secret_len, } else if (radius_msg_verify(msg, shared_secret, shared_secret_len,
req, 1)) { req, 1)) {
printf("Incoming RADIUS packet did not have correct " wpa_printf(MSG_INFO,
"Message-Authenticator - dropped\n"); "Incoming RADIUS packet did not have correct Message-Authenticator - dropped");
return RADIUS_RX_UNKNOWN; return RADIUS_RX_INVALID_AUTHENTICATOR;
} }
if (hdr->code != RADIUS_CODE_ACCESS_ACCEPT && if (hdr->code != RADIUS_CODE_ACCESS_ACCEPT &&
hdr->code != RADIUS_CODE_ACCESS_REJECT && hdr->code != RADIUS_CODE_ACCESS_REJECT &&
hdr->code != RADIUS_CODE_ACCESS_CHALLENGE) { hdr->code != RADIUS_CODE_ACCESS_CHALLENGE) {
printf("Unknown RADIUS message code\n"); wpa_printf(MSG_INFO, "Unknown RADIUS message code");
return RADIUS_RX_UNKNOWN; return RADIUS_RX_UNKNOWN;
} }