diff options
Diffstat (limited to 'contrib/wpa/src/eap_server/eap_server_aka.c')
-rw-r--r-- | contrib/wpa/src/eap_server/eap_server_aka.c | 74 |
1 files changed, 38 insertions, 36 deletions
diff --git a/contrib/wpa/src/eap_server/eap_server_aka.c b/contrib/wpa/src/eap_server/eap_server_aka.c index 4dadfe197c6b..e9bf0300c16f 100644 --- a/contrib/wpa/src/eap_server/eap_server_aka.c +++ b/contrib/wpa/src/eap_server/eap_server_aka.c @@ -100,7 +100,7 @@ static int eap_aka_check_identity_reauth(struct eap_sm *sm, return 0; wpa_printf(MSG_DEBUG, "EAP-AKA: Reauth username '%s'", username); - data->reauth = eap_sim_db_get_reauth_entry(sm->eap_sim_db_priv, + data->reauth = eap_sim_db_get_reauth_entry(sm->cfg->eap_sim_db_priv, username); if (data->reauth == NULL) { wpa_printf(MSG_DEBUG, "EAP-AKA: Unknown reauth identity - " @@ -157,7 +157,7 @@ static void eap_aka_check_identity(struct eap_sm *sm, wpa_printf(MSG_DEBUG, "EAP-AKA: Pseudonym username '%s'", username); permanent = eap_sim_db_get_permanent( - sm->eap_sim_db_priv, username); + sm->cfg->eap_sim_db_priv, username); if (permanent == NULL) { os_free(username); wpa_printf(MSG_DEBUG, "EAP-AKA: Unknown pseudonym " @@ -182,7 +182,7 @@ static void * eap_aka_init(struct eap_sm *sm) { struct eap_aka_data *data; - if (sm->eap_sim_db_priv == NULL) { + if (!sm->cfg->eap_sim_db_priv) { wpa_printf(MSG_WARNING, "EAP-AKA: eap_sim_db not configured"); return NULL; } @@ -208,7 +208,7 @@ static void * eap_aka_prime_init(struct eap_sm *sm) /* TODO: make ANID configurable; see 3GPP TS 24.302 */ char *network_name = "WLAN"; - if (sm->eap_sim_db_priv == NULL) { + if (sm->cfg->eap_sim_db_priv == NULL) { wpa_printf(MSG_WARNING, "EAP-AKA: eap_sim_db not configured"); return NULL; } @@ -393,13 +393,13 @@ static int eap_aka_build_encr(struct eap_sm *sm, struct eap_aka_data *data, const u8 *nonce_s) { os_free(data->next_pseudonym); - if (!(sm->eap_sim_id & 0x01)) { + if (!(sm->cfg->eap_sim_id & 0x01)) { /* Use of pseudonyms disabled in configuration */ data->next_pseudonym = NULL; } else if (!nonce_s) { data->next_pseudonym = eap_sim_db_get_next_pseudonym( - sm->eap_sim_db_priv, + sm->cfg->eap_sim_db_priv, data->eap_method == EAP_TYPE_AKA_PRIME ? EAP_SIM_DB_AKA_PRIME : EAP_SIM_DB_AKA); } else { @@ -407,13 +407,13 @@ static int eap_aka_build_encr(struct eap_sm *sm, struct eap_aka_data *data, data->next_pseudonym = NULL; } os_free(data->next_reauth_id); - if (!(sm->eap_sim_id & 0x02)) { + if (!(sm->cfg->eap_sim_id & 0x02)) { /* Use of fast reauth disabled in configuration */ data->next_reauth_id = NULL; } else if (data->counter <= EAP_AKA_MAX_FAST_REAUTHS) { data->next_reauth_id = eap_sim_db_get_next_reauth_id( - sm->eap_sim_db_priv, + sm->cfg->eap_sim_db_priv, data->eap_method == EAP_TYPE_AKA_PRIME ? EAP_SIM_DB_AKA_PRIME : EAP_SIM_DB_AKA); } else { @@ -505,7 +505,7 @@ static struct wpabuf * eap_aka_build_challenge(struct eap_sm *sm, eap_aka_add_checkcode(data, msg); - if (sm->eap_sim_aka_result_ind) { + if (sm->cfg->eap_sim_aka_result_ind) { wpa_printf(MSG_DEBUG, " AT_RESULT_IND"); eap_sim_msg_add(msg, EAP_SIM_AT_RESULT_IND, 0, NULL, 0); } @@ -582,7 +582,7 @@ static struct wpabuf * eap_aka_build_reauth(struct eap_sm *sm, eap_aka_add_checkcode(data, msg); - if (sm->eap_sim_aka_result_ind) { + if (sm->cfg->eap_sim_aka_result_ind) { wpa_printf(MSG_DEBUG, " AT_RESULT_IND"); eap_sim_msg_add(msg, EAP_SIM_AT_RESULT_IND, 0, NULL, 0); } @@ -664,8 +664,8 @@ static struct wpabuf * eap_aka_buildReq(struct eap_sm *sm, void *priv, u8 id) } -static Boolean eap_aka_check(struct eap_sm *sm, void *priv, - struct wpabuf *respData) +static bool eap_aka_check(struct eap_sm *sm, void *priv, + struct wpabuf *respData) { struct eap_aka_data *data = priv; const u8 *pos; @@ -675,25 +675,25 @@ static Boolean eap_aka_check(struct eap_sm *sm, void *priv, &len); if (pos == NULL || len < 3) { wpa_printf(MSG_INFO, "EAP-AKA: Invalid frame"); - return TRUE; + return true; } - return FALSE; + return false; } -static Boolean eap_aka_subtype_ok(struct eap_aka_data *data, u8 subtype) +static bool eap_aka_subtype_ok(struct eap_aka_data *data, u8 subtype) { if (subtype == EAP_AKA_SUBTYPE_CLIENT_ERROR || subtype == EAP_AKA_SUBTYPE_AUTHENTICATION_REJECT) - return FALSE; + return false; switch (data->state) { case IDENTITY: if (subtype != EAP_AKA_SUBTYPE_IDENTITY) { wpa_printf(MSG_INFO, "EAP-AKA: Unexpected response " "subtype %d", subtype); - return TRUE; + return true; } break; case CHALLENGE: @@ -701,30 +701,30 @@ static Boolean eap_aka_subtype_ok(struct eap_aka_data *data, u8 subtype) subtype != EAP_AKA_SUBTYPE_SYNCHRONIZATION_FAILURE) { wpa_printf(MSG_INFO, "EAP-AKA: Unexpected response " "subtype %d", subtype); - return TRUE; + return true; } break; case REAUTH: if (subtype != EAP_AKA_SUBTYPE_REAUTHENTICATION) { wpa_printf(MSG_INFO, "EAP-AKA: Unexpected response " "subtype %d", subtype); - return TRUE; + return true; } break; case NOTIFICATION: if (subtype != EAP_AKA_SUBTYPE_NOTIFICATION) { wpa_printf(MSG_INFO, "EAP-AKA: Unexpected response " "subtype %d", subtype); - return TRUE; + return true; } break; default: wpa_printf(MSG_INFO, "EAP-AKA: Unexpected state (%d) for " "processing a response", data->state); - return TRUE; + return true; } - return FALSE; + return false; } @@ -767,7 +767,7 @@ static void eap_aka_determine_identity(struct eap_sm *sm, wpa_printf(MSG_DEBUG, "EAP-AKA: Pseudonym username '%s'", username); permanent = eap_sim_db_get_permanent( - sm->eap_sim_db_priv, username); + sm->cfg->eap_sim_db_priv, username); os_free(username); if (permanent == NULL) { wpa_printf(MSG_DEBUG, "EAP-AKA: Unknown pseudonym " @@ -803,7 +803,7 @@ static void eap_aka_fullauth(struct eap_sm *sm, struct eap_aka_data *data) size_t identity_len; int res; - res = eap_sim_db_get_aka_auth(sm->eap_sim_db_priv, data->permanent, + res = eap_sim_db_get_aka_auth(sm->cfg->eap_sim_db_priv, data->permanent, data->rand, data->autn, data->ik, data->ck, data->res, &data->res_len, sm); if (res == EAP_SIM_DB_PENDING) { @@ -998,7 +998,7 @@ static void eap_aka_process_challenge(struct eap_sm *sm, wpa_printf(MSG_DEBUG, "EAP-AKA: Challenge response includes the " "correct AT_MAC"); - if (sm->eap_sim_aka_result_ind && attr->result_ind) { + if (sm->cfg->eap_sim_aka_result_ind && attr->result_ind) { data->use_result_ind = 1; data->notification = EAP_SIM_SUCCESS; eap_aka_state(data, NOTIFICATION); @@ -1006,14 +1006,15 @@ static void eap_aka_process_challenge(struct eap_sm *sm, eap_aka_state(data, SUCCESS); if (data->next_pseudonym) { - eap_sim_db_add_pseudonym(sm->eap_sim_db_priv, data->permanent, + eap_sim_db_add_pseudonym(sm->cfg->eap_sim_db_priv, + data->permanent, data->next_pseudonym); data->next_pseudonym = NULL; } if (data->next_reauth_id) { if (data->eap_method == EAP_TYPE_AKA_PRIME) { #ifdef EAP_SERVER_AKA_PRIME - eap_sim_db_add_reauth_prime(sm->eap_sim_db_priv, + eap_sim_db_add_reauth_prime(sm->cfg->eap_sim_db_priv, data->permanent, data->next_reauth_id, data->counter + 1, @@ -1021,7 +1022,7 @@ static void eap_aka_process_challenge(struct eap_sm *sm, data->k_re); #endif /* EAP_SERVER_AKA_PRIME */ } else { - eap_sim_db_add_reauth(sm->eap_sim_db_priv, + eap_sim_db_add_reauth(sm->cfg->eap_sim_db_priv, data->permanent, data->next_reauth_id, data->counter + 1, @@ -1051,7 +1052,7 @@ static void eap_aka_process_sync_failure(struct eap_sm *sm, * maintaining a local flag stating whether this AUTS has already been * reported. */ if (!data->auts_reported && - eap_sim_db_resynchronize(sm->eap_sim_db_priv, data->permanent, + eap_sim_db_resynchronize(sm->cfg->eap_sim_db_priv, data->permanent, attr->auts, data->rand)) { wpa_printf(MSG_WARNING, "EAP-AKA: Resynchronization failed"); data->notification = EAP_SIM_GENERAL_FAILURE_BEFORE_AUTH; @@ -1118,7 +1119,7 @@ static void eap_aka_process_reauth(struct eap_sm *sm, return; } - if (sm->eap_sim_aka_result_ind && attr->result_ind) { + if (sm->cfg->eap_sim_aka_result_ind && attr->result_ind) { data->use_result_ind = 1; data->notification = EAP_SIM_SUCCESS; eap_aka_state(data, NOTIFICATION); @@ -1128,7 +1129,7 @@ static void eap_aka_process_reauth(struct eap_sm *sm, if (data->next_reauth_id) { if (data->eap_method == EAP_TYPE_AKA_PRIME) { #ifdef EAP_SERVER_AKA_PRIME - eap_sim_db_add_reauth_prime(sm->eap_sim_db_priv, + eap_sim_db_add_reauth_prime(sm->cfg->eap_sim_db_priv, data->permanent, data->next_reauth_id, data->counter + 1, @@ -1136,7 +1137,7 @@ static void eap_aka_process_reauth(struct eap_sm *sm, data->k_re); #endif /* EAP_SERVER_AKA_PRIME */ } else { - eap_sim_db_add_reauth(sm->eap_sim_db_priv, + eap_sim_db_add_reauth(sm->cfg->eap_sim_db_priv, data->permanent, data->next_reauth_id, data->counter + 1, @@ -1144,7 +1145,8 @@ static void eap_aka_process_reauth(struct eap_sm *sm, } data->next_reauth_id = NULL; } else { - eap_sim_db_remove_reauth(sm->eap_sim_db_priv, data->reauth); + eap_sim_db_remove_reauth(sm->cfg->eap_sim_db_priv, + data->reauth); data->reauth = NULL; } @@ -1153,7 +1155,7 @@ static void eap_aka_process_reauth(struct eap_sm *sm, fail: data->notification = EAP_SIM_GENERAL_FAILURE_BEFORE_AUTH; eap_aka_state(data, NOTIFICATION); - eap_sim_db_remove_reauth(sm->eap_sim_db_priv, data->reauth); + eap_sim_db_remove_reauth(sm->cfg->eap_sim_db_priv, data->reauth); data->reauth = NULL; os_free(decrypted); } @@ -1267,7 +1269,7 @@ static void eap_aka_process(struct eap_sm *sm, void *priv, } -static Boolean eap_aka_isDone(struct eap_sm *sm, void *priv) +static bool eap_aka_isDone(struct eap_sm *sm, void *priv) { struct eap_aka_data *data = priv; return data->state == SUCCESS || data->state == FAILURE; @@ -1306,7 +1308,7 @@ static u8 * eap_aka_get_emsk(struct eap_sm *sm, void *priv, size_t *len) } -static Boolean eap_aka_isSuccess(struct eap_sm *sm, void *priv) +static bool eap_aka_isSuccess(struct eap_sm *sm, void *priv) { struct eap_aka_data *data = priv; return data->state == SUCCESS; |