Make HOSTAPD_DUMP_STATE configurable with CONFIG_NO_DUMP_STATE
This removes the hardcoded definition from Makefile and cleans up source code by moving the mail HOSTAPD_DUMP_STATE blocks into separate files to avoid conditional compilation within files.
This commit is contained in:
parent
281c950be4
commit
b60d6f61e4
7 changed files with 420 additions and 371 deletions
|
@ -6,10 +6,6 @@ ifndef CFLAGS
|
||||||
CFLAGS = -MMD -O2 -Wall -g
|
CFLAGS = -MMD -O2 -Wall -g
|
||||||
endif
|
endif
|
||||||
|
|
||||||
# define HOSTAPD_DUMP_STATE to include SIGUSR1 handler for dumping state to
|
|
||||||
# a file (undefine it, if you want to save in binary size)
|
|
||||||
CFLAGS += -DHOSTAPD_DUMP_STATE
|
|
||||||
|
|
||||||
CFLAGS += -I../src
|
CFLAGS += -I../src
|
||||||
CFLAGS += -I../src/crypto
|
CFLAGS += -I../src/crypto
|
||||||
CFLAGS += -I../src/utils
|
CFLAGS += -I../src/utils
|
||||||
|
@ -65,6 +61,15 @@ OBJS += ../src/common/wpa_common.o
|
||||||
|
|
||||||
OBJS += ../src/eapol_auth/eapol_auth_sm.o
|
OBJS += ../src/eapol_auth/eapol_auth_sm.o
|
||||||
|
|
||||||
|
|
||||||
|
ifndef CONFIG_NO_DUMP_STATE
|
||||||
|
# define HOSTAPD_DUMP_STATE to include SIGUSR1 handler for dumping state to
|
||||||
|
# a file (undefine it, if you want to save in binary size)
|
||||||
|
CFLAGS += -DHOSTAPD_DUMP_STATE
|
||||||
|
OBJS += dump_state.o
|
||||||
|
OBJS += ../src/eapol_auth/eapol_auth_dump.o
|
||||||
|
endif
|
||||||
|
|
||||||
ifdef CONFIG_NO_RADIUS
|
ifdef CONFIG_NO_RADIUS
|
||||||
CFLAGS += -DCONFIG_NO_RADIUS
|
CFLAGS += -DCONFIG_NO_RADIUS
|
||||||
CONFIG_NO_ACCOUNTING=y
|
CONFIG_NO_ACCOUNTING=y
|
||||||
|
|
|
@ -151,3 +151,8 @@ CONFIG_IPV6=y
|
||||||
|
|
||||||
# Remove support for VLANs
|
# Remove support for VLANs
|
||||||
#CONFIG_NO_VLAN=y
|
#CONFIG_NO_VLAN=y
|
||||||
|
|
||||||
|
# Remove support for dumping state into a file on SIGUSR1 signal
|
||||||
|
# This can be used to reduce binary size at the cost of disabling a debugging
|
||||||
|
# option.
|
||||||
|
#CONFIG_NO_DUMP_STATE=y
|
||||||
|
|
176
hostapd/dump_state.c
Normal file
176
hostapd/dump_state.c
Normal file
|
@ -0,0 +1,176 @@
|
||||||
|
/*
|
||||||
|
* hostapd / State dump
|
||||||
|
* Copyright (c) 2002-2009, Jouni Malinen <j@w1.fi>
|
||||||
|
*
|
||||||
|
* This program is free software; you can redistribute it and/or modify
|
||||||
|
* it under the terms of the GNU General Public License version 2 as
|
||||||
|
* published by the Free Software Foundation.
|
||||||
|
*
|
||||||
|
* Alternatively, this software may be distributed under the terms of BSD
|
||||||
|
* license.
|
||||||
|
*
|
||||||
|
* See README and COPYING for more details.
|
||||||
|
*/
|
||||||
|
|
||||||
|
|
||||||
|
#include "includes.h"
|
||||||
|
|
||||||
|
#include "common.h"
|
||||||
|
#include "hostapd.h"
|
||||||
|
#include "config.h"
|
||||||
|
#include "sta_flags.h"
|
||||||
|
#include "sta_info.h"
|
||||||
|
#include "radius/radius_client.h"
|
||||||
|
#include "radius/radius_server.h"
|
||||||
|
#include "eapol_auth/eapol_auth_sm.h"
|
||||||
|
#include "eap_server/eap.h"
|
||||||
|
|
||||||
|
|
||||||
|
static void fprint_char(FILE *f, char c)
|
||||||
|
{
|
||||||
|
if (c >= 32 && c < 127)
|
||||||
|
fprintf(f, "%c", c);
|
||||||
|
else
|
||||||
|
fprintf(f, "<%02x>", c);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
static void ieee802_1x_dump_state(FILE *f, const char *prefix,
|
||||||
|
struct sta_info *sta)
|
||||||
|
{
|
||||||
|
struct eapol_state_machine *sm = sta->eapol_sm;
|
||||||
|
if (sm == NULL)
|
||||||
|
return;
|
||||||
|
|
||||||
|
fprintf(f, "%sIEEE 802.1X:\n", prefix);
|
||||||
|
|
||||||
|
if (sm->identity) {
|
||||||
|
size_t i;
|
||||||
|
fprintf(f, "%sidentity=", prefix);
|
||||||
|
for (i = 0; i < sm->identity_len; i++)
|
||||||
|
fprint_char(f, sm->identity[i]);
|
||||||
|
fprintf(f, "\n");
|
||||||
|
}
|
||||||
|
|
||||||
|
fprintf(f, "%slast EAP type: Authentication Server: %d (%s) "
|
||||||
|
"Supplicant: %d (%s)\n", prefix,
|
||||||
|
sm->eap_type_authsrv,
|
||||||
|
eap_server_get_name(0, sm->eap_type_authsrv),
|
||||||
|
sm->eap_type_supp, eap_server_get_name(0, sm->eap_type_supp));
|
||||||
|
|
||||||
|
fprintf(f, "%scached_packets=%s\n", prefix,
|
||||||
|
sm->last_recv_radius ? "[RX RADIUS]" : "");
|
||||||
|
|
||||||
|
eapol_auth_dump_state(f, prefix, sm);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
/**
|
||||||
|
* hostapd_dump_state - SIGUSR1 handler to dump hostapd state to a text file
|
||||||
|
*/
|
||||||
|
static void hostapd_dump_state(struct hostapd_data *hapd)
|
||||||
|
{
|
||||||
|
FILE *f;
|
||||||
|
time_t now;
|
||||||
|
struct sta_info *sta;
|
||||||
|
int i;
|
||||||
|
char *buf;
|
||||||
|
|
||||||
|
if (!hapd->conf->dump_log_name) {
|
||||||
|
wpa_printf(MSG_DEBUG, "Dump file not defined - ignoring dump "
|
||||||
|
"request");
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
wpa_printf(MSG_DEBUG, "Dumping hostapd state to '%s'",
|
||||||
|
hapd->conf->dump_log_name);
|
||||||
|
f = fopen(hapd->conf->dump_log_name, "w");
|
||||||
|
if (f == NULL) {
|
||||||
|
wpa_printf(MSG_WARNING, "Could not open dump file '%s' for "
|
||||||
|
"writing.", hapd->conf->dump_log_name);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
time(&now);
|
||||||
|
fprintf(f, "hostapd state dump - %s", ctime(&now));
|
||||||
|
fprintf(f, "num_sta=%d num_sta_non_erp=%d "
|
||||||
|
"num_sta_no_short_slot_time=%d\n"
|
||||||
|
"num_sta_no_short_preamble=%d\n",
|
||||||
|
hapd->num_sta, hapd->iface->num_sta_non_erp,
|
||||||
|
hapd->iface->num_sta_no_short_slot_time,
|
||||||
|
hapd->iface->num_sta_no_short_preamble);
|
||||||
|
|
||||||
|
for (sta = hapd->sta_list; sta != NULL; sta = sta->next) {
|
||||||
|
fprintf(f, "\nSTA=" MACSTR "\n", MAC2STR(sta->addr));
|
||||||
|
|
||||||
|
fprintf(f,
|
||||||
|
" AID=%d flags=0x%x %s%s%s%s%s%s%s%s%s%s%s%s%s%s\n"
|
||||||
|
" capability=0x%x listen_interval=%d\n",
|
||||||
|
sta->aid,
|
||||||
|
sta->flags,
|
||||||
|
(sta->flags & WLAN_STA_AUTH ? "[AUTH]" : ""),
|
||||||
|
(sta->flags & WLAN_STA_ASSOC ? "[ASSOC]" : ""),
|
||||||
|
(sta->flags & WLAN_STA_PS ? "[PS]" : ""),
|
||||||
|
(sta->flags & WLAN_STA_TIM ? "[TIM]" : ""),
|
||||||
|
(sta->flags & WLAN_STA_PERM ? "[PERM]" : ""),
|
||||||
|
(sta->flags & WLAN_STA_AUTHORIZED ? "[AUTHORIZED]" :
|
||||||
|
""),
|
||||||
|
(sta->flags & WLAN_STA_PENDING_POLL ? "[PENDING_POLL" :
|
||||||
|
""),
|
||||||
|
(sta->flags & WLAN_STA_SHORT_PREAMBLE ?
|
||||||
|
"[SHORT_PREAMBLE]" : ""),
|
||||||
|
(sta->flags & WLAN_STA_PREAUTH ? "[PREAUTH]" : ""),
|
||||||
|
(sta->flags & WLAN_STA_WMM ? "[WMM]" : ""),
|
||||||
|
(sta->flags & WLAN_STA_MFP ? "[MFP]" : ""),
|
||||||
|
(sta->flags & WLAN_STA_WPS ? "[WPS]" : ""),
|
||||||
|
(sta->flags & WLAN_STA_MAYBE_WPS ? "[MAYBE_WPS]" : ""),
|
||||||
|
(sta->flags & WLAN_STA_NONERP ? "[NonERP]" : ""),
|
||||||
|
sta->capability,
|
||||||
|
sta->listen_interval);
|
||||||
|
|
||||||
|
fprintf(f, " supported_rates=");
|
||||||
|
for (i = 0; i < sta->supported_rates_len; i++)
|
||||||
|
fprintf(f, "%02x ", sta->supported_rates[i]);
|
||||||
|
fprintf(f, "\n");
|
||||||
|
|
||||||
|
fprintf(f,
|
||||||
|
" timeout_next=%s\n",
|
||||||
|
(sta->timeout_next == STA_NULLFUNC ? "NULLFUNC POLL" :
|
||||||
|
(sta->timeout_next == STA_DISASSOC ? "DISASSOC" :
|
||||||
|
"DEAUTH")));
|
||||||
|
|
||||||
|
ieee802_1x_dump_state(f, " ", sta);
|
||||||
|
}
|
||||||
|
|
||||||
|
buf = os_malloc(4096);
|
||||||
|
if (buf) {
|
||||||
|
int count = radius_client_get_mib(hapd->radius, buf, 4096);
|
||||||
|
if (count < 0)
|
||||||
|
count = 0;
|
||||||
|
else if (count > 4095)
|
||||||
|
count = 4095;
|
||||||
|
buf[count] = '\0';
|
||||||
|
fprintf(f, "%s", buf);
|
||||||
|
|
||||||
|
count = radius_server_get_mib(hapd->radius_srv, buf, 4096);
|
||||||
|
if (count < 0)
|
||||||
|
count = 0;
|
||||||
|
else if (count > 4095)
|
||||||
|
count = 4095;
|
||||||
|
buf[count] = '\0';
|
||||||
|
fprintf(f, "%s", buf);
|
||||||
|
os_free(buf);
|
||||||
|
}
|
||||||
|
fclose(f);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
int handle_dump_state_iface(struct hostapd_iface *iface, void *ctx)
|
||||||
|
{
|
||||||
|
size_t i;
|
||||||
|
|
||||||
|
for (i = 0; i < iface->num_bss; i++)
|
||||||
|
hostapd_dump_state(iface->bss[i]);
|
||||||
|
|
||||||
|
return 0;
|
||||||
|
}
|
|
@ -190,119 +190,6 @@ int handle_reload_iface(struct hostapd_iface *iface, void *ctx)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
#ifdef HOSTAPD_DUMP_STATE
|
|
||||||
/**
|
|
||||||
* hostapd_dump_state - SIGUSR1 handler to dump hostapd state to a text file
|
|
||||||
*/
|
|
||||||
static void hostapd_dump_state(struct hostapd_data *hapd)
|
|
||||||
{
|
|
||||||
FILE *f;
|
|
||||||
time_t now;
|
|
||||||
struct sta_info *sta;
|
|
||||||
int i;
|
|
||||||
char *buf;
|
|
||||||
|
|
||||||
if (!hapd->conf->dump_log_name) {
|
|
||||||
wpa_printf(MSG_DEBUG, "Dump file not defined - ignoring dump "
|
|
||||||
"request");
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
wpa_printf(MSG_DEBUG, "Dumping hostapd state to '%s'",
|
|
||||||
hapd->conf->dump_log_name);
|
|
||||||
f = fopen(hapd->conf->dump_log_name, "w");
|
|
||||||
if (f == NULL) {
|
|
||||||
wpa_printf(MSG_WARNING, "Could not open dump file '%s' for "
|
|
||||||
"writing.", hapd->conf->dump_log_name);
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
time(&now);
|
|
||||||
fprintf(f, "hostapd state dump - %s", ctime(&now));
|
|
||||||
fprintf(f, "num_sta=%d num_sta_non_erp=%d "
|
|
||||||
"num_sta_no_short_slot_time=%d\n"
|
|
||||||
"num_sta_no_short_preamble=%d\n",
|
|
||||||
hapd->num_sta, hapd->iface->num_sta_non_erp,
|
|
||||||
hapd->iface->num_sta_no_short_slot_time,
|
|
||||||
hapd->iface->num_sta_no_short_preamble);
|
|
||||||
|
|
||||||
for (sta = hapd->sta_list; sta != NULL; sta = sta->next) {
|
|
||||||
fprintf(f, "\nSTA=" MACSTR "\n", MAC2STR(sta->addr));
|
|
||||||
|
|
||||||
fprintf(f,
|
|
||||||
" AID=%d flags=0x%x %s%s%s%s%s%s%s%s%s%s%s%s%s%s\n"
|
|
||||||
" capability=0x%x listen_interval=%d\n",
|
|
||||||
sta->aid,
|
|
||||||
sta->flags,
|
|
||||||
(sta->flags & WLAN_STA_AUTH ? "[AUTH]" : ""),
|
|
||||||
(sta->flags & WLAN_STA_ASSOC ? "[ASSOC]" : ""),
|
|
||||||
(sta->flags & WLAN_STA_PS ? "[PS]" : ""),
|
|
||||||
(sta->flags & WLAN_STA_TIM ? "[TIM]" : ""),
|
|
||||||
(sta->flags & WLAN_STA_PERM ? "[PERM]" : ""),
|
|
||||||
(sta->flags & WLAN_STA_AUTHORIZED ? "[AUTHORIZED]" :
|
|
||||||
""),
|
|
||||||
(sta->flags & WLAN_STA_PENDING_POLL ? "[PENDING_POLL" :
|
|
||||||
""),
|
|
||||||
(sta->flags & WLAN_STA_SHORT_PREAMBLE ?
|
|
||||||
"[SHORT_PREAMBLE]" : ""),
|
|
||||||
(sta->flags & WLAN_STA_PREAUTH ? "[PREAUTH]" : ""),
|
|
||||||
(sta->flags & WLAN_STA_WMM ? "[WMM]" : ""),
|
|
||||||
(sta->flags & WLAN_STA_MFP ? "[MFP]" : ""),
|
|
||||||
(sta->flags & WLAN_STA_WPS ? "[WPS]" : ""),
|
|
||||||
(sta->flags & WLAN_STA_MAYBE_WPS ? "[MAYBE_WPS]" : ""),
|
|
||||||
(sta->flags & WLAN_STA_NONERP ? "[NonERP]" : ""),
|
|
||||||
sta->capability,
|
|
||||||
sta->listen_interval);
|
|
||||||
|
|
||||||
fprintf(f, " supported_rates=");
|
|
||||||
for (i = 0; i < sta->supported_rates_len; i++)
|
|
||||||
fprintf(f, "%02x ", sta->supported_rates[i]);
|
|
||||||
fprintf(f, "\n");
|
|
||||||
|
|
||||||
fprintf(f,
|
|
||||||
" timeout_next=%s\n",
|
|
||||||
(sta->timeout_next == STA_NULLFUNC ? "NULLFUNC POLL" :
|
|
||||||
(sta->timeout_next == STA_DISASSOC ? "DISASSOC" :
|
|
||||||
"DEAUTH")));
|
|
||||||
|
|
||||||
ieee802_1x_dump_state(f, " ", sta);
|
|
||||||
}
|
|
||||||
|
|
||||||
buf = os_malloc(4096);
|
|
||||||
if (buf) {
|
|
||||||
int count = radius_client_get_mib(hapd->radius, buf, 4096);
|
|
||||||
if (count < 0)
|
|
||||||
count = 0;
|
|
||||||
else if (count > 4095)
|
|
||||||
count = 4095;
|
|
||||||
buf[count] = '\0';
|
|
||||||
fprintf(f, "%s", buf);
|
|
||||||
|
|
||||||
count = radius_server_get_mib(hapd->radius_srv, buf, 4096);
|
|
||||||
if (count < 0)
|
|
||||||
count = 0;
|
|
||||||
else if (count > 4095)
|
|
||||||
count = 4095;
|
|
||||||
buf[count] = '\0';
|
|
||||||
fprintf(f, "%s", buf);
|
|
||||||
os_free(buf);
|
|
||||||
}
|
|
||||||
fclose(f);
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
int handle_dump_state_iface(struct hostapd_iface *iface, void *ctx)
|
|
||||||
{
|
|
||||||
size_t i;
|
|
||||||
|
|
||||||
for (i = 0; i < iface->num_bss; i++)
|
|
||||||
hostapd_dump_state(iface->bss[i]);
|
|
||||||
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
#endif /* HOSTAPD_DUMP_STATE */
|
|
||||||
|
|
||||||
|
|
||||||
static void hostapd_broadcast_key_clear_iface(struct hostapd_data *hapd,
|
static void hostapd_broadcast_key_clear_iface(struct hostapd_data *hapd,
|
||||||
char *ifname)
|
char *ifname)
|
||||||
{
|
{
|
||||||
|
|
|
@ -1389,46 +1389,6 @@ void ieee802_1x_abort_auth(struct hostapd_data *hapd, struct sta_info *sta)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
#ifdef HOSTAPD_DUMP_STATE
|
|
||||||
static void fprint_char(FILE *f, char c)
|
|
||||||
{
|
|
||||||
if (c >= 32 && c < 127)
|
|
||||||
fprintf(f, "%c", c);
|
|
||||||
else
|
|
||||||
fprintf(f, "<%02x>", c);
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
void ieee802_1x_dump_state(FILE *f, const char *prefix, struct sta_info *sta)
|
|
||||||
{
|
|
||||||
struct eapol_state_machine *sm = sta->eapol_sm;
|
|
||||||
if (sm == NULL)
|
|
||||||
return;
|
|
||||||
|
|
||||||
fprintf(f, "%sIEEE 802.1X:\n", prefix);
|
|
||||||
|
|
||||||
if (sm->identity) {
|
|
||||||
size_t i;
|
|
||||||
fprintf(f, "%sidentity=", prefix);
|
|
||||||
for (i = 0; i < sm->identity_len; i++)
|
|
||||||
fprint_char(f, sm->identity[i]);
|
|
||||||
fprintf(f, "\n");
|
|
||||||
}
|
|
||||||
|
|
||||||
fprintf(f, "%slast EAP type: Authentication Server: %d (%s) "
|
|
||||||
"Supplicant: %d (%s)\n", prefix,
|
|
||||||
sm->eap_type_authsrv,
|
|
||||||
eap_server_get_name(0, sm->eap_type_authsrv),
|
|
||||||
sm->eap_type_supp, eap_server_get_name(0, sm->eap_type_supp));
|
|
||||||
|
|
||||||
fprintf(f, "%scached_packets=%s\n", prefix,
|
|
||||||
sm->last_recv_radius ? "[RX RADIUS]" : "");
|
|
||||||
|
|
||||||
eapol_auth_dump_state(f, prefix, sm);
|
|
||||||
}
|
|
||||||
#endif /* HOSTAPD_DUMP_STATE */
|
|
||||||
|
|
||||||
|
|
||||||
static int ieee802_1x_rekey_broadcast(struct hostapd_data *hapd)
|
static int ieee802_1x_rekey_broadcast(struct hostapd_data *hapd)
|
||||||
{
|
{
|
||||||
struct eapol_authenticator *eapol = hapd->eapol_auth;
|
struct eapol_authenticator *eapol = hapd->eapol_auth;
|
||||||
|
|
230
src/eapol_auth/eapol_auth_dump.c
Normal file
230
src/eapol_auth/eapol_auth_dump.c
Normal file
|
@ -0,0 +1,230 @@
|
||||||
|
/*
|
||||||
|
* IEEE 802.1X-2004 Authenticator - State dump
|
||||||
|
* Copyright (c) 2002-2009, Jouni Malinen <j@w1.fi>
|
||||||
|
*
|
||||||
|
* This program is free software; you can redistribute it and/or modify
|
||||||
|
* it under the terms of the GNU General Public License version 2 as
|
||||||
|
* published by the Free Software Foundation.
|
||||||
|
*
|
||||||
|
* Alternatively, this software may be distributed under the terms of BSD
|
||||||
|
* license.
|
||||||
|
*
|
||||||
|
* See README and COPYING for more details.
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include "includes.h"
|
||||||
|
|
||||||
|
#include "common.h"
|
||||||
|
#include "eap_server/eap.h"
|
||||||
|
#include "eapol_auth_sm.h"
|
||||||
|
|
||||||
|
static inline const char * port_type_txt(PortTypes pt)
|
||||||
|
{
|
||||||
|
switch (pt) {
|
||||||
|
case ForceUnauthorized: return "ForceUnauthorized";
|
||||||
|
case ForceAuthorized: return "ForceAuthorized";
|
||||||
|
case Auto: return "Auto";
|
||||||
|
default: return "Unknown";
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
static inline const char * port_state_txt(PortState ps)
|
||||||
|
{
|
||||||
|
switch (ps) {
|
||||||
|
case Unauthorized: return "Unauthorized";
|
||||||
|
case Authorized: return "Authorized";
|
||||||
|
default: return "Unknown";
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
static inline const char * ctrl_dir_txt(ControlledDirection dir)
|
||||||
|
{
|
||||||
|
switch (dir) {
|
||||||
|
case Both: return "Both";
|
||||||
|
case In: return "In";
|
||||||
|
default: return "Unknown";
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
static inline const char * auth_pae_state_txt(int s)
|
||||||
|
{
|
||||||
|
switch (s) {
|
||||||
|
case AUTH_PAE_INITIALIZE: return "INITIALIZE";
|
||||||
|
case AUTH_PAE_DISCONNECTED: return "DISCONNECTED";
|
||||||
|
case AUTH_PAE_CONNECTING: return "CONNECTING";
|
||||||
|
case AUTH_PAE_AUTHENTICATING: return "AUTHENTICATING";
|
||||||
|
case AUTH_PAE_AUTHENTICATED: return "AUTHENTICATED";
|
||||||
|
case AUTH_PAE_ABORTING: return "ABORTING";
|
||||||
|
case AUTH_PAE_HELD: return "HELD";
|
||||||
|
case AUTH_PAE_FORCE_AUTH: return "FORCE_AUTH";
|
||||||
|
case AUTH_PAE_FORCE_UNAUTH: return "FORCE_UNAUTH";
|
||||||
|
case AUTH_PAE_RESTART: return "RESTART";
|
||||||
|
default: return "Unknown";
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
static inline const char * be_auth_state_txt(int s)
|
||||||
|
{
|
||||||
|
switch (s) {
|
||||||
|
case BE_AUTH_REQUEST: return "REQUEST";
|
||||||
|
case BE_AUTH_RESPONSE: return "RESPONSE";
|
||||||
|
case BE_AUTH_SUCCESS: return "SUCCESS";
|
||||||
|
case BE_AUTH_FAIL: return "FAIL";
|
||||||
|
case BE_AUTH_TIMEOUT: return "TIMEOUT";
|
||||||
|
case BE_AUTH_IDLE: return "IDLE";
|
||||||
|
case BE_AUTH_INITIALIZE: return "INITIALIZE";
|
||||||
|
case BE_AUTH_IGNORE: return "IGNORE";
|
||||||
|
default: return "Unknown";
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
static inline const char * reauth_timer_state_txt(int s)
|
||||||
|
{
|
||||||
|
switch (s) {
|
||||||
|
case REAUTH_TIMER_INITIALIZE: return "INITIALIZE";
|
||||||
|
case REAUTH_TIMER_REAUTHENTICATE: return "REAUTHENTICATE";
|
||||||
|
default: return "Unknown";
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
static inline const char * auth_key_tx_state_txt(int s)
|
||||||
|
{
|
||||||
|
switch (s) {
|
||||||
|
case AUTH_KEY_TX_NO_KEY_TRANSMIT: return "NO_KEY_TRANSMIT";
|
||||||
|
case AUTH_KEY_TX_KEY_TRANSMIT: return "KEY_TRANSMIT";
|
||||||
|
default: return "Unknown";
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
static inline const char * key_rx_state_txt(int s)
|
||||||
|
{
|
||||||
|
switch (s) {
|
||||||
|
case KEY_RX_NO_KEY_RECEIVE: return "NO_KEY_RECEIVE";
|
||||||
|
case KEY_RX_KEY_RECEIVE: return "KEY_RECEIVE";
|
||||||
|
default: return "Unknown";
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
static inline const char * ctrl_dir_state_txt(int s)
|
||||||
|
{
|
||||||
|
switch (s) {
|
||||||
|
case CTRL_DIR_FORCE_BOTH: return "FORCE_BOTH";
|
||||||
|
case CTRL_DIR_IN_OR_BOTH: return "IN_OR_BOTH";
|
||||||
|
default: return "Unknown";
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
void eapol_auth_dump_state(FILE *f, const char *prefix,
|
||||||
|
struct eapol_state_machine *sm)
|
||||||
|
{
|
||||||
|
fprintf(f, "%sEAPOL state machine:\n", prefix);
|
||||||
|
fprintf(f, "%s aWhile=%d quietWhile=%d reAuthWhen=%d\n", prefix,
|
||||||
|
sm->aWhile, sm->quietWhile, sm->reAuthWhen);
|
||||||
|
#define _SB(b) ((b) ? "TRUE" : "FALSE")
|
||||||
|
fprintf(f,
|
||||||
|
"%s authAbort=%s authFail=%s authPortStatus=%s authStart=%s\n"
|
||||||
|
"%s authTimeout=%s authSuccess=%s eapFail=%s eapolEap=%s\n"
|
||||||
|
"%s eapSuccess=%s eapTimeout=%s initialize=%s "
|
||||||
|
"keyAvailable=%s\n"
|
||||||
|
"%s keyDone=%s keyRun=%s keyTxEnabled=%s portControl=%s\n"
|
||||||
|
"%s portEnabled=%s portValid=%s reAuthenticate=%s\n",
|
||||||
|
prefix, _SB(sm->authAbort), _SB(sm->authFail),
|
||||||
|
port_state_txt(sm->authPortStatus), _SB(sm->authStart),
|
||||||
|
prefix, _SB(sm->authTimeout), _SB(sm->authSuccess),
|
||||||
|
_SB(sm->eap_if->eapFail), _SB(sm->eapolEap),
|
||||||
|
prefix, _SB(sm->eap_if->eapSuccess),
|
||||||
|
_SB(sm->eap_if->eapTimeout),
|
||||||
|
_SB(sm->initialize), _SB(sm->eap_if->eapKeyAvailable),
|
||||||
|
prefix, _SB(sm->keyDone), _SB(sm->keyRun),
|
||||||
|
_SB(sm->keyTxEnabled), port_type_txt(sm->portControl),
|
||||||
|
prefix, _SB(sm->eap_if->portEnabled), _SB(sm->portValid),
|
||||||
|
_SB(sm->reAuthenticate));
|
||||||
|
|
||||||
|
fprintf(f, "%s Authenticator PAE:\n"
|
||||||
|
"%s state=%s\n"
|
||||||
|
"%s eapolLogoff=%s eapolStart=%s eapRestart=%s\n"
|
||||||
|
"%s portMode=%s reAuthCount=%d\n"
|
||||||
|
"%s quietPeriod=%d reAuthMax=%d\n"
|
||||||
|
"%s authEntersConnecting=%d\n"
|
||||||
|
"%s authEapLogoffsWhileConnecting=%d\n"
|
||||||
|
"%s authEntersAuthenticating=%d\n"
|
||||||
|
"%s authAuthSuccessesWhileAuthenticating=%d\n"
|
||||||
|
"%s authAuthTimeoutsWhileAuthenticating=%d\n"
|
||||||
|
"%s authAuthFailWhileAuthenticating=%d\n"
|
||||||
|
"%s authAuthEapStartsWhileAuthenticating=%d\n"
|
||||||
|
"%s authAuthEapLogoffWhileAuthenticating=%d\n"
|
||||||
|
"%s authAuthReauthsWhileAuthenticated=%d\n"
|
||||||
|
"%s authAuthEapStartsWhileAuthenticated=%d\n"
|
||||||
|
"%s authAuthEapLogoffWhileAuthenticated=%d\n",
|
||||||
|
prefix, prefix, auth_pae_state_txt(sm->auth_pae_state), prefix,
|
||||||
|
_SB(sm->eapolLogoff), _SB(sm->eapolStart),
|
||||||
|
_SB(sm->eap_if->eapRestart),
|
||||||
|
prefix, port_type_txt(sm->portMode), sm->reAuthCount,
|
||||||
|
prefix, sm->quietPeriod, sm->reAuthMax,
|
||||||
|
prefix, sm->authEntersConnecting,
|
||||||
|
prefix, sm->authEapLogoffsWhileConnecting,
|
||||||
|
prefix, sm->authEntersAuthenticating,
|
||||||
|
prefix, sm->authAuthSuccessesWhileAuthenticating,
|
||||||
|
prefix, sm->authAuthTimeoutsWhileAuthenticating,
|
||||||
|
prefix, sm->authAuthFailWhileAuthenticating,
|
||||||
|
prefix, sm->authAuthEapStartsWhileAuthenticating,
|
||||||
|
prefix, sm->authAuthEapLogoffWhileAuthenticating,
|
||||||
|
prefix, sm->authAuthReauthsWhileAuthenticated,
|
||||||
|
prefix, sm->authAuthEapStartsWhileAuthenticated,
|
||||||
|
prefix, sm->authAuthEapLogoffWhileAuthenticated);
|
||||||
|
|
||||||
|
fprintf(f, "%s Backend Authentication:\n"
|
||||||
|
"%s state=%s\n"
|
||||||
|
"%s eapNoReq=%s eapReq=%s eapResp=%s\n"
|
||||||
|
"%s serverTimeout=%d\n"
|
||||||
|
"%s backendResponses=%d\n"
|
||||||
|
"%s backendAccessChallenges=%d\n"
|
||||||
|
"%s backendOtherRequestsToSupplicant=%d\n"
|
||||||
|
"%s backendAuthSuccesses=%d\n"
|
||||||
|
"%s backendAuthFails=%d\n",
|
||||||
|
prefix, prefix,
|
||||||
|
be_auth_state_txt(sm->be_auth_state),
|
||||||
|
prefix, _SB(sm->eap_if->eapNoReq), _SB(sm->eap_if->eapReq),
|
||||||
|
_SB(sm->eap_if->eapResp),
|
||||||
|
prefix, sm->serverTimeout,
|
||||||
|
prefix, sm->backendResponses,
|
||||||
|
prefix, sm->backendAccessChallenges,
|
||||||
|
prefix, sm->backendOtherRequestsToSupplicant,
|
||||||
|
prefix, sm->backendAuthSuccesses,
|
||||||
|
prefix, sm->backendAuthFails);
|
||||||
|
|
||||||
|
fprintf(f, "%s Reauthentication Timer:\n"
|
||||||
|
"%s state=%s\n"
|
||||||
|
"%s reAuthPeriod=%d reAuthEnabled=%s\n", prefix, prefix,
|
||||||
|
reauth_timer_state_txt(sm->reauth_timer_state), prefix,
|
||||||
|
sm->reAuthPeriod, _SB(sm->reAuthEnabled));
|
||||||
|
|
||||||
|
fprintf(f, "%s Authenticator Key Transmit:\n"
|
||||||
|
"%s state=%s\n", prefix, prefix,
|
||||||
|
auth_key_tx_state_txt(sm->auth_key_tx_state));
|
||||||
|
|
||||||
|
fprintf(f, "%s Key Receive:\n"
|
||||||
|
"%s state=%s\n"
|
||||||
|
"%s rxKey=%s\n", prefix, prefix,
|
||||||
|
key_rx_state_txt(sm->key_rx_state), prefix, _SB(sm->rxKey));
|
||||||
|
|
||||||
|
fprintf(f, "%s Controlled Directions:\n"
|
||||||
|
"%s state=%s\n"
|
||||||
|
"%s adminControlledDirections=%s "
|
||||||
|
"operControlledDirections=%s\n"
|
||||||
|
"%s operEdge=%s\n", prefix, prefix,
|
||||||
|
ctrl_dir_state_txt(sm->ctrl_dir_state),
|
||||||
|
prefix, ctrl_dir_txt(sm->adminControlledDirections),
|
||||||
|
ctrl_dir_txt(sm->operControlledDirections),
|
||||||
|
prefix, _SB(sm->operEdge));
|
||||||
|
#undef _SB
|
||||||
|
}
|
|
@ -982,220 +982,6 @@ static void eapol_auth_initialize(struct eapol_state_machine *sm)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
#ifdef HOSTAPD_DUMP_STATE
|
|
||||||
static inline const char * port_type_txt(PortTypes pt)
|
|
||||||
{
|
|
||||||
switch (pt) {
|
|
||||||
case ForceUnauthorized: return "ForceUnauthorized";
|
|
||||||
case ForceAuthorized: return "ForceAuthorized";
|
|
||||||
case Auto: return "Auto";
|
|
||||||
default: return "Unknown";
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
static inline const char * port_state_txt(PortState ps)
|
|
||||||
{
|
|
||||||
switch (ps) {
|
|
||||||
case Unauthorized: return "Unauthorized";
|
|
||||||
case Authorized: return "Authorized";
|
|
||||||
default: return "Unknown";
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
static inline const char * ctrl_dir_txt(ControlledDirection dir)
|
|
||||||
{
|
|
||||||
switch (dir) {
|
|
||||||
case Both: return "Both";
|
|
||||||
case In: return "In";
|
|
||||||
default: return "Unknown";
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
static inline const char * auth_pae_state_txt(int s)
|
|
||||||
{
|
|
||||||
switch (s) {
|
|
||||||
case AUTH_PAE_INITIALIZE: return "INITIALIZE";
|
|
||||||
case AUTH_PAE_DISCONNECTED: return "DISCONNECTED";
|
|
||||||
case AUTH_PAE_CONNECTING: return "CONNECTING";
|
|
||||||
case AUTH_PAE_AUTHENTICATING: return "AUTHENTICATING";
|
|
||||||
case AUTH_PAE_AUTHENTICATED: return "AUTHENTICATED";
|
|
||||||
case AUTH_PAE_ABORTING: return "ABORTING";
|
|
||||||
case AUTH_PAE_HELD: return "HELD";
|
|
||||||
case AUTH_PAE_FORCE_AUTH: return "FORCE_AUTH";
|
|
||||||
case AUTH_PAE_FORCE_UNAUTH: return "FORCE_UNAUTH";
|
|
||||||
case AUTH_PAE_RESTART: return "RESTART";
|
|
||||||
default: return "Unknown";
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
static inline const char * be_auth_state_txt(int s)
|
|
||||||
{
|
|
||||||
switch (s) {
|
|
||||||
case BE_AUTH_REQUEST: return "REQUEST";
|
|
||||||
case BE_AUTH_RESPONSE: return "RESPONSE";
|
|
||||||
case BE_AUTH_SUCCESS: return "SUCCESS";
|
|
||||||
case BE_AUTH_FAIL: return "FAIL";
|
|
||||||
case BE_AUTH_TIMEOUT: return "TIMEOUT";
|
|
||||||
case BE_AUTH_IDLE: return "IDLE";
|
|
||||||
case BE_AUTH_INITIALIZE: return "INITIALIZE";
|
|
||||||
case BE_AUTH_IGNORE: return "IGNORE";
|
|
||||||
default: return "Unknown";
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
static inline const char * reauth_timer_state_txt(int s)
|
|
||||||
{
|
|
||||||
switch (s) {
|
|
||||||
case REAUTH_TIMER_INITIALIZE: return "INITIALIZE";
|
|
||||||
case REAUTH_TIMER_REAUTHENTICATE: return "REAUTHENTICATE";
|
|
||||||
default: return "Unknown";
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
static inline const char * auth_key_tx_state_txt(int s)
|
|
||||||
{
|
|
||||||
switch (s) {
|
|
||||||
case AUTH_KEY_TX_NO_KEY_TRANSMIT: return "NO_KEY_TRANSMIT";
|
|
||||||
case AUTH_KEY_TX_KEY_TRANSMIT: return "KEY_TRANSMIT";
|
|
||||||
default: return "Unknown";
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
static inline const char * key_rx_state_txt(int s)
|
|
||||||
{
|
|
||||||
switch (s) {
|
|
||||||
case KEY_RX_NO_KEY_RECEIVE: return "NO_KEY_RECEIVE";
|
|
||||||
case KEY_RX_KEY_RECEIVE: return "KEY_RECEIVE";
|
|
||||||
default: return "Unknown";
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
static inline const char * ctrl_dir_state_txt(int s)
|
|
||||||
{
|
|
||||||
switch (s) {
|
|
||||||
case CTRL_DIR_FORCE_BOTH: return "FORCE_BOTH";
|
|
||||||
case CTRL_DIR_IN_OR_BOTH: return "IN_OR_BOTH";
|
|
||||||
default: return "Unknown";
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
void eapol_auth_dump_state(FILE *f, const char *prefix,
|
|
||||||
struct eapol_state_machine *sm)
|
|
||||||
{
|
|
||||||
fprintf(f, "%sEAPOL state machine:\n", prefix);
|
|
||||||
fprintf(f, "%s aWhile=%d quietWhile=%d reAuthWhen=%d\n", prefix,
|
|
||||||
sm->aWhile, sm->quietWhile, sm->reAuthWhen);
|
|
||||||
#define _SB(b) ((b) ? "TRUE" : "FALSE")
|
|
||||||
fprintf(f,
|
|
||||||
"%s authAbort=%s authFail=%s authPortStatus=%s authStart=%s\n"
|
|
||||||
"%s authTimeout=%s authSuccess=%s eapFail=%s eapolEap=%s\n"
|
|
||||||
"%s eapSuccess=%s eapTimeout=%s initialize=%s "
|
|
||||||
"keyAvailable=%s\n"
|
|
||||||
"%s keyDone=%s keyRun=%s keyTxEnabled=%s portControl=%s\n"
|
|
||||||
"%s portEnabled=%s portValid=%s reAuthenticate=%s\n",
|
|
||||||
prefix, _SB(sm->authAbort), _SB(sm->authFail),
|
|
||||||
port_state_txt(sm->authPortStatus), _SB(sm->authStart),
|
|
||||||
prefix, _SB(sm->authTimeout), _SB(sm->authSuccess),
|
|
||||||
_SB(sm->eap_if->eapFail), _SB(sm->eapolEap),
|
|
||||||
prefix, _SB(sm->eap_if->eapSuccess),
|
|
||||||
_SB(sm->eap_if->eapTimeout),
|
|
||||||
_SB(sm->initialize), _SB(sm->eap_if->eapKeyAvailable),
|
|
||||||
prefix, _SB(sm->keyDone), _SB(sm->keyRun),
|
|
||||||
_SB(sm->keyTxEnabled), port_type_txt(sm->portControl),
|
|
||||||
prefix, _SB(sm->eap_if->portEnabled), _SB(sm->portValid),
|
|
||||||
_SB(sm->reAuthenticate));
|
|
||||||
|
|
||||||
fprintf(f, "%s Authenticator PAE:\n"
|
|
||||||
"%s state=%s\n"
|
|
||||||
"%s eapolLogoff=%s eapolStart=%s eapRestart=%s\n"
|
|
||||||
"%s portMode=%s reAuthCount=%d\n"
|
|
||||||
"%s quietPeriod=%d reAuthMax=%d\n"
|
|
||||||
"%s authEntersConnecting=%d\n"
|
|
||||||
"%s authEapLogoffsWhileConnecting=%d\n"
|
|
||||||
"%s authEntersAuthenticating=%d\n"
|
|
||||||
"%s authAuthSuccessesWhileAuthenticating=%d\n"
|
|
||||||
"%s authAuthTimeoutsWhileAuthenticating=%d\n"
|
|
||||||
"%s authAuthFailWhileAuthenticating=%d\n"
|
|
||||||
"%s authAuthEapStartsWhileAuthenticating=%d\n"
|
|
||||||
"%s authAuthEapLogoffWhileAuthenticating=%d\n"
|
|
||||||
"%s authAuthReauthsWhileAuthenticated=%d\n"
|
|
||||||
"%s authAuthEapStartsWhileAuthenticated=%d\n"
|
|
||||||
"%s authAuthEapLogoffWhileAuthenticated=%d\n",
|
|
||||||
prefix, prefix, auth_pae_state_txt(sm->auth_pae_state), prefix,
|
|
||||||
_SB(sm->eapolLogoff), _SB(sm->eapolStart),
|
|
||||||
_SB(sm->eap_if->eapRestart),
|
|
||||||
prefix, port_type_txt(sm->portMode), sm->reAuthCount,
|
|
||||||
prefix, sm->quietPeriod, sm->reAuthMax,
|
|
||||||
prefix, sm->authEntersConnecting,
|
|
||||||
prefix, sm->authEapLogoffsWhileConnecting,
|
|
||||||
prefix, sm->authEntersAuthenticating,
|
|
||||||
prefix, sm->authAuthSuccessesWhileAuthenticating,
|
|
||||||
prefix, sm->authAuthTimeoutsWhileAuthenticating,
|
|
||||||
prefix, sm->authAuthFailWhileAuthenticating,
|
|
||||||
prefix, sm->authAuthEapStartsWhileAuthenticating,
|
|
||||||
prefix, sm->authAuthEapLogoffWhileAuthenticating,
|
|
||||||
prefix, sm->authAuthReauthsWhileAuthenticated,
|
|
||||||
prefix, sm->authAuthEapStartsWhileAuthenticated,
|
|
||||||
prefix, sm->authAuthEapLogoffWhileAuthenticated);
|
|
||||||
|
|
||||||
fprintf(f, "%s Backend Authentication:\n"
|
|
||||||
"%s state=%s\n"
|
|
||||||
"%s eapNoReq=%s eapReq=%s eapResp=%s\n"
|
|
||||||
"%s serverTimeout=%d\n"
|
|
||||||
"%s backendResponses=%d\n"
|
|
||||||
"%s backendAccessChallenges=%d\n"
|
|
||||||
"%s backendOtherRequestsToSupplicant=%d\n"
|
|
||||||
"%s backendAuthSuccesses=%d\n"
|
|
||||||
"%s backendAuthFails=%d\n",
|
|
||||||
prefix, prefix,
|
|
||||||
be_auth_state_txt(sm->be_auth_state),
|
|
||||||
prefix, _SB(sm->eap_if->eapNoReq), _SB(sm->eap_if->eapReq),
|
|
||||||
_SB(sm->eap_if->eapResp),
|
|
||||||
prefix, sm->serverTimeout,
|
|
||||||
prefix, sm->backendResponses,
|
|
||||||
prefix, sm->backendAccessChallenges,
|
|
||||||
prefix, sm->backendOtherRequestsToSupplicant,
|
|
||||||
prefix, sm->backendAuthSuccesses,
|
|
||||||
prefix, sm->backendAuthFails);
|
|
||||||
|
|
||||||
fprintf(f, "%s Reauthentication Timer:\n"
|
|
||||||
"%s state=%s\n"
|
|
||||||
"%s reAuthPeriod=%d reAuthEnabled=%s\n", prefix, prefix,
|
|
||||||
reauth_timer_state_txt(sm->reauth_timer_state), prefix,
|
|
||||||
sm->reAuthPeriod, _SB(sm->reAuthEnabled));
|
|
||||||
|
|
||||||
fprintf(f, "%s Authenticator Key Transmit:\n"
|
|
||||||
"%s state=%s\n", prefix, prefix,
|
|
||||||
auth_key_tx_state_txt(sm->auth_key_tx_state));
|
|
||||||
|
|
||||||
fprintf(f, "%s Key Receive:\n"
|
|
||||||
"%s state=%s\n"
|
|
||||||
"%s rxKey=%s\n", prefix, prefix,
|
|
||||||
key_rx_state_txt(sm->key_rx_state), prefix, _SB(sm->rxKey));
|
|
||||||
|
|
||||||
fprintf(f, "%s Controlled Directions:\n"
|
|
||||||
"%s state=%s\n"
|
|
||||||
"%s adminControlledDirections=%s "
|
|
||||||
"operControlledDirections=%s\n"
|
|
||||||
"%s operEdge=%s\n", prefix, prefix,
|
|
||||||
ctrl_dir_state_txt(sm->ctrl_dir_state),
|
|
||||||
prefix, ctrl_dir_txt(sm->adminControlledDirections),
|
|
||||||
ctrl_dir_txt(sm->operControlledDirections),
|
|
||||||
prefix, _SB(sm->operEdge));
|
|
||||||
#undef _SB
|
|
||||||
}
|
|
||||||
#endif /* HOSTAPD_DUMP_STATE */
|
|
||||||
|
|
||||||
|
|
||||||
static int eapol_sm_get_eap_user(void *ctx, const u8 *identity,
|
static int eapol_sm_get_eap_user(void *ctx, const u8 *identity,
|
||||||
size_t identity_len, int phase2,
|
size_t identity_len, int phase2,
|
||||||
struct eap_user *user)
|
struct eap_user *user)
|
||||||
|
|
Loading…
Reference in a new issue