Add EAPOL_REAUTH hostapd command to trigger EAPOL reauthentication
This new control interface command "EAPOL_REAUTH <MAC address>" can be used to implement the IEEE 802.1X PAE Reauthenticate operation. Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
parent
778325501b
commit
cfb5c08f21
3 changed files with 34 additions and 2 deletions
|
@ -25,6 +25,7 @@
|
|||
#include "common/ieee802_11_defs.h"
|
||||
#include "crypto/tls.h"
|
||||
#include "drivers/driver.h"
|
||||
#include "eapol_auth/eapol_auth_sm.h"
|
||||
#include "radius/radius_client.h"
|
||||
#include "radius/radius_server.h"
|
||||
#include "l2_packet/l2_packet.h"
|
||||
|
@ -1886,6 +1887,24 @@ static int hostapd_ctrl_iface_vendor(struct hostapd_data *hapd, char *cmd,
|
|||
}
|
||||
|
||||
|
||||
static int hostapd_ctrl_iface_eapol_reauth(struct hostapd_data *hapd,
|
||||
const char *cmd)
|
||||
{
|
||||
u8 addr[ETH_ALEN];
|
||||
struct sta_info *sta;
|
||||
|
||||
if (hwaddr_aton(cmd, addr))
|
||||
return -1;
|
||||
|
||||
sta = ap_get_sta(hapd, addr);
|
||||
if (!sta || !sta->eapol_sm)
|
||||
return -1;
|
||||
|
||||
eapol_auth_reauthenticate(sta->eapol_sm);
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
static void hostapd_ctrl_iface_receive(int sock, void *eloop_ctx,
|
||||
void *sock_ctx)
|
||||
{
|
||||
|
@ -2135,6 +2154,9 @@ static void hostapd_ctrl_iface_receive(int sock, void *eloop_ctx,
|
|||
#ifdef RADIUS_SERVER
|
||||
radius_server_erp_flush(hapd->radius_srv);
|
||||
#endif /* RADIUS_SERVER */
|
||||
} else if (os_strncmp(buf, "EAPOL_REAUTH ", 13) == 0) {
|
||||
if (hostapd_ctrl_iface_eapol_reauth(hapd, buf + 13))
|
||||
reply_len = -1;
|
||||
} else {
|
||||
os_memcpy(reply, "UNKNOWN COMMAND\n", 16);
|
||||
reply_len = 16;
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
/*
|
||||
* IEEE 802.1X-2004 Authenticator - EAPOL state machine
|
||||
* Copyright (c) 2002-2014, Jouni Malinen <j@w1.fi>
|
||||
* Copyright (c) 2002-2015, Jouni Malinen <j@w1.fi>
|
||||
*
|
||||
* This software may be distributed under the terms of the BSD license.
|
||||
* See README for more details.
|
||||
|
@ -1080,6 +1080,15 @@ int eapol_auth_eap_pending_cb(struct eapol_state_machine *sm, void *ctx)
|
|||
}
|
||||
|
||||
|
||||
void eapol_auth_reauthenticate(struct eapol_state_machine *sm)
|
||||
{
|
||||
wpa_printf(MSG_DEBUG, "EAPOL: External reauthentication trigger for "
|
||||
MACSTR, MAC2STR(sm->addr));
|
||||
sm->reAuthenticate = TRUE;
|
||||
eapol_auth_step(sm);
|
||||
}
|
||||
|
||||
|
||||
static int eapol_auth_conf_clone(struct eapol_auth_config *dst,
|
||||
struct eapol_auth_config *src)
|
||||
{
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
/*
|
||||
* IEEE 802.1X-2004 Authenticator - EAPOL state machine
|
||||
* Copyright (c) 2002-2009, Jouni Malinen <j@w1.fi>
|
||||
* Copyright (c) 2002-2015, Jouni Malinen <j@w1.fi>
|
||||
*
|
||||
* This software may be distributed under the terms of the BSD license.
|
||||
* See README for more details.
|
||||
|
@ -94,5 +94,6 @@ void eapol_auth_step(struct eapol_state_machine *sm);
|
|||
int eapol_auth_dump_state(struct eapol_state_machine *sm, char *buf,
|
||||
size_t buflen);
|
||||
int eapol_auth_eap_pending_cb(struct eapol_state_machine *sm, void *ctx);
|
||||
void eapol_auth_reauthenticate(struct eapol_state_machine *sm);
|
||||
|
||||
#endif /* EAPOL_AUTH_SM_H */
|
||||
|
|
Loading…
Reference in a new issue