2 * EAP common peer/server definitions
3 * Copyright (c) 2004-2014, Jouni Malinen <j@w1.fi>
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
13 #include "eap_common.h"
16 * eap_hdr_len_valid - Validate EAP header length field
17 * @msg: EAP frame (starting with EAP header)
18 * @min_payload: Minimum payload length needed
19 * Returns: 1 for valid header, 0 for invalid
21 * This is a helper function that does minimal validation of EAP messages. The
22 * length field is verified to be large enough to include the header and not
23 * too large to go beyond the end of the buffer.
25 int eap_hdr_len_valid(const struct wpabuf
*msg
, size_t min_payload
)
27 const struct eap_hdr
*hdr
;
33 hdr
= wpabuf_head(msg
);
35 if (wpabuf_len(msg
) < sizeof(*hdr
)) {
36 wpa_printf(MSG_INFO
, "EAP: Too short EAP frame");
40 len
= be_to_host16(hdr
->length
);
41 if (len
< sizeof(*hdr
) + min_payload
|| len
> wpabuf_len(msg
)) {
42 wpa_printf(MSG_INFO
, "EAP: Invalid EAP length");
51 * eap_hdr_validate - Validate EAP header
52 * @vendor: Expected EAP Vendor-Id (0 = IETF)
53 * @eap_type: Expected EAP type number
54 * @msg: EAP frame (starting with EAP header)
55 * @plen: Pointer to variable to contain the returned payload length
56 * Returns: Pointer to EAP payload (after type field), or %NULL on failure
58 * This is a helper function for EAP method implementations. This is usually
59 * called in the beginning of struct eap_method::process() function to verify
60 * that the received EAP request packet has a valid header. This function is
61 * able to process both legacy and expanded EAP headers and in most cases, the
62 * caller can just use the returned payload pointer (into *plen) for processing
63 * the payload regardless of whether the packet used the expanded EAP header or
66 const u8
* eap_hdr_validate(int vendor
, EapType eap_type
,
67 const struct wpabuf
*msg
, size_t *plen
)
69 const struct eap_hdr
*hdr
;
73 if (!eap_hdr_len_valid(msg
, 1))
76 hdr
= wpabuf_head(msg
);
77 len
= be_to_host16(hdr
->length
);
78 pos
= (const u8
*) (hdr
+ 1);
80 if (*pos
== EAP_TYPE_EXPANDED
) {
83 if (len
< sizeof(*hdr
) + 8) {
84 wpa_printf(MSG_INFO
, "EAP: Invalid expanded EAP "
89 exp_vendor
= WPA_GET_BE24(pos
);
91 exp_type
= WPA_GET_BE32(pos
);
93 if (exp_vendor
!= vendor
|| exp_type
!= (u32
) eap_type
) {
94 wpa_printf(MSG_INFO
, "EAP: Invalid expanded frame "
99 *plen
= len
- sizeof(*hdr
) - 8;
102 if (vendor
!= EAP_VENDOR_IETF
|| *pos
!= eap_type
) {
103 wpa_printf(MSG_INFO
, "EAP: Invalid frame type");
106 *plen
= len
- sizeof(*hdr
) - 1;
113 * eap_msg_alloc - Allocate a buffer for an EAP message
114 * @vendor: Vendor-Id (0 = IETF)
116 * @payload_len: Payload length in bytes (data after Type)
117 * @code: Message Code (EAP_CODE_*)
118 * @identifier: Identifier
119 * Returns: Pointer to the allocated message buffer or %NULL on error
121 * This function can be used to allocate a buffer for an EAP message and fill
122 * in the EAP header. This function is automatically using expanded EAP header
123 * if the selected Vendor-Id is not IETF. In other words, most EAP methods do
124 * not need to separately select which header type to use when using this
125 * function to allocate the message buffers. The returned buffer has room for
126 * payload_len bytes and has the EAP header and Type field already filled in.
128 struct wpabuf
* eap_msg_alloc(int vendor
, EapType type
, size_t payload_len
,
129 u8 code
, u8 identifier
)
135 len
= sizeof(struct eap_hdr
) + (vendor
== EAP_VENDOR_IETF
? 1 : 8) +
137 buf
= wpabuf_alloc(len
);
141 hdr
= wpabuf_put(buf
, sizeof(*hdr
));
143 hdr
->identifier
= identifier
;
144 hdr
->length
= host_to_be16(len
);
146 if (vendor
== EAP_VENDOR_IETF
) {
147 wpabuf_put_u8(buf
, type
);
149 wpabuf_put_u8(buf
, EAP_TYPE_EXPANDED
);
150 wpabuf_put_be24(buf
, vendor
);
151 wpabuf_put_be32(buf
, type
);
159 * eap_update_len - Update EAP header length
160 * @msg: EAP message from eap_msg_alloc
162 * This function updates the length field in the EAP header to match with the
163 * current length for the buffer. This allows eap_msg_alloc() to be used to
164 * allocate a larger buffer than the exact message length (e.g., if exact
165 * message length is not yet known).
167 void eap_update_len(struct wpabuf
*msg
)
170 hdr
= wpabuf_mhead(msg
);
171 if (wpabuf_len(msg
) < sizeof(*hdr
))
173 hdr
->length
= host_to_be16(wpabuf_len(msg
));
178 * eap_get_id - Get EAP Identifier from wpabuf
179 * @msg: Buffer starting with an EAP header
180 * Returns: The Identifier field from the EAP header
182 u8
eap_get_id(const struct wpabuf
*msg
)
184 const struct eap_hdr
*eap
;
186 if (wpabuf_len(msg
) < sizeof(*eap
))
189 eap
= wpabuf_head(msg
);
190 return eap
->identifier
;
195 * eap_get_type - Get EAP Type from wpabuf
196 * @msg: Buffer starting with an EAP header
197 * Returns: The EAP Type after the EAP header
199 EapType
eap_get_type(const struct wpabuf
*msg
)
201 if (wpabuf_len(msg
) < sizeof(struct eap_hdr
) + 1)
202 return EAP_TYPE_NONE
;
204 return ((const u8
*) wpabuf_head(msg
))[sizeof(struct eap_hdr
)];
209 int erp_parse_tlvs(const u8
*pos
, const u8
*end
, struct erp_tlvs
*tlvs
,
212 os_memset(tlvs
, 0, sizeof(*tlvs
));
215 u8 tlv_type
, tlv_len
;
219 case EAP_ERP_TV_RRK_LIFETIME
:
220 case EAP_ERP_TV_RMSK_LIFETIME
:
223 wpa_printf(MSG_DEBUG
, "EAP: Too short TV");
228 case EAP_ERP_TLV_DOMAIN_NAME
:
229 case EAP_ERP_TLV_KEYNAME_NAI
:
230 case EAP_ERP_TLV_CRYPTOSUITES
:
231 case EAP_ERP_TLV_AUTHORIZATION_INDICATION
:
232 case EAP_ERP_TLV_CALLED_STATION_ID
:
233 case EAP_ERP_TLV_CALLING_STATION_ID
:
234 case EAP_ERP_TLV_NAS_IDENTIFIER
:
235 case EAP_ERP_TLV_NAS_IP_ADDRESS
:
236 case EAP_ERP_TLV_NAS_IPV6_ADDRESS
:
238 wpa_printf(MSG_DEBUG
, "EAP: Too short TLV");
242 if (tlv_len
> (unsigned) (end
- pos
)) {
243 wpa_printf(MSG_DEBUG
, "EAP: Truncated TLV");
246 if (tlv_type
== EAP_ERP_TLV_KEYNAME_NAI
) {
248 wpa_printf(MSG_DEBUG
,
249 "EAP: More than one keyName-NAI");
253 tlvs
->keyname_len
= tlv_len
;
256 } else if (tlv_type
== EAP_ERP_TLV_DOMAIN_NAME
) {
258 tlvs
->domain_len
= tlv_len
;
263 if (tlv_type
>= 128 && tlv_type
<= 191) {
266 wpa_printf(MSG_DEBUG
,
267 "EAP: Too short TLV");
271 if (tlv_len
> (unsigned) (end
- pos
)) {
272 wpa_printf(MSG_DEBUG
,
273 "EAP: Truncated TLV");
279 wpa_printf(MSG_DEBUG
, "EAP: Unknown TV/TLV type %u",
288 #endif /* CONFIG_ERP */