Signed-off-by: Jouni Malinen <j@w1.fi>
len = sizeof(*xhdr) + datalen;
buf = os_zalloc(len);
len = sizeof(*xhdr) + datalen;
buf = os_zalloc(len);
- if (buf == NULL) {
- wpa_printf(MSG_ERROR, "malloc() failed for "
- "ieee802_1x_send(len=%lu)",
- (unsigned long) len);
+ if (!buf) {
+ wpa_printf(MSG_ERROR, "malloc() failed for %s(len=%lu)",
+ __func__, (unsigned long) len);
size_t len, ekey_len;
struct eapol_state_machine *sm = sta->eapol_sm;
size_t len, ekey_len;
struct eapol_state_machine *sm = sta->eapol_sm;
return;
len = sizeof(*key) + key_len;
buf = os_zalloc(sizeof(*hdr) + len);
return;
len = sizeof(*key) + key_len;
buf = os_zalloc(sizeof(*hdr) + len);
return;
hdr = (struct ieee802_1x_hdr *) buf;
return;
hdr = (struct ieee802_1x_hdr *) buf;
/* Key is encrypted using "Key-IV + MSK[0..31]" as the RC4-key and
* MSK[32..63] is used to sign the message. */
/* Key is encrypted using "Key-IV + MSK[0..31]" as the RC4-key and
* MSK[32..63] is used to sign the message. */
- if (sm->eap_if->eapKeyData == NULL || sm->eap_if->eapKeyDataLen < 64) {
- wpa_printf(MSG_ERROR, "No eapKeyData available for encrypting "
- "and signing EAPOL-Key");
+ if (!sm->eap_if->eapKeyData || sm->eap_if->eapKeyDataLen < 64) {
+ wpa_printf(MSG_ERROR,
+ "No eapKeyData available for encrypting and signing EAPOL-Key");
os_free(buf);
return;
}
os_memcpy((u8 *) (key + 1), key_data, key_len);
ekey_len = sizeof(key->key_iv) + 32;
ekey = os_malloc(ekey_len);
os_free(buf);
return;
}
os_memcpy((u8 *) (key + 1), key_data, key_len);
ekey_len = sizeof(key->key_iv) + 32;
ekey = os_malloc(ekey_len);
wpa_printf(MSG_ERROR, "Could not encrypt key");
os_free(buf);
return;
wpa_printf(MSG_ERROR, "Could not encrypt key");
os_free(buf);
return;
struct eapol_authenticator *eapol = hapd->eapol_auth;
struct eapol_state_machine *sm = sta->eapol_sm;
struct eapol_authenticator *eapol = hapd->eapol_auth;
struct eapol_state_machine *sm = sta->eapol_sm;
- if (sm == NULL || !sm->eap_if->eapKeyData)
+ if (!sm || !sm->eap_if->eapKeyData)
return;
wpa_printf(MSG_DEBUG, "IEEE 802.1X: Sending EAPOL-Key(s) to " MACSTR,
return;
wpa_printf(MSG_DEBUG, "IEEE 802.1X: Sending EAPOL-Key(s) to " MACSTR,
if (hapd->conf->individual_wep_key_len > 0) {
u8 *ikey;
if (hapd->conf->individual_wep_key_len > 0) {
u8 *ikey;
ikey = os_malloc(hapd->conf->individual_wep_key_len);
ikey = os_malloc(hapd->conf->individual_wep_key_len);
random_get_bytes(ikey, hapd->conf->individual_wep_key_len))
{
random_get_bytes(ikey, hapd->conf->individual_wep_key_len))
{
- wpa_printf(MSG_ERROR, "Could not generate random "
- "individual WEP key.");
+ wpa_printf(MSG_ERROR,
+ "Could not generate random individual WEP key");
if (hostapd_drv_set_key(hapd->conf->iface, hapd, WPA_ALG_WEP,
sta->addr, 0, 1, NULL, 0, ikey,
hapd->conf->individual_wep_key_len)) {
if (hostapd_drv_set_key(hapd->conf->iface, hapd, WPA_ALG_WEP,
sta->addr, 0, 1, NULL, 0, ikey,
hapd->conf->individual_wep_key_len)) {
- wpa_printf(MSG_ERROR, "Could not set individual WEP "
- "encryption.");
+ wpa_printf(MSG_ERROR,
+ "Could not set individual WEP encryption");
eap_erp_update_identity(sm->eap, eap, len);
identity = eap_get_identity(sm->eap, &identity_len);
eap_erp_update_identity(sm->eap, eap, len);
identity = eap_get_identity(sm->eap, &identity_len);
return;
/* Save station identity for future RADIUS packets */
os_free(sm->identity);
sm->identity = (u8 *) dup_binstr(identity, identity_len);
return;
/* Save station identity for future RADIUS packets */
os_free(sm->identity);
sm->identity = (u8 *) dup_binstr(identity, identity_len);
- if (sm->identity == NULL) {
sm->identity_len = 0;
return;
}
sm->identity_len = 0;
return;
}
if (!radius_msg_add_attr(msg, attr->type,
wpabuf_head(attr->val),
wpabuf_len(attr->val))) {
if (!radius_msg_add_attr(msg, attr->type,
wpabuf_head(attr->val),
wpabuf_len(attr->val))) {
- wpa_printf(MSG_ERROR, "Could not add RADIUS "
- "attribute");
+ wpa_printf(MSG_ERROR, "Could not add RADIUS attribute");
struct radius_msg *msg;
struct eapol_state_machine *sm = sta->eapol_sm;
struct radius_msg *msg;
struct eapol_state_machine *sm = sta->eapol_sm;
return;
ieee802_1x_learn_identity(hapd, sm, eap, len);
return;
ieee802_1x_learn_identity(hapd, sm, eap, len);
- wpa_printf(MSG_DEBUG, "Encapsulating EAP message into a RADIUS "
- "packet");
+ wpa_printf(MSG_DEBUG, "Encapsulating EAP message into a RADIUS packet");
sm->radius_identifier = radius_client_get_id(hapd->radius);
msg = radius_msg_new(RADIUS_CODE_ACCESS_REQUEST,
sm->radius_identifier);
sm->radius_identifier = radius_client_get_id(hapd->radius);
msg = radius_msg_new(RADIUS_CODE_ACCESS_REQUEST,
sm->radius_identifier);
wpa_printf(MSG_INFO, "Could not create new RADIUS packet");
return;
}
wpa_printf(MSG_INFO, "Could not create new RADIUS packet");
return;
}
int res = radius_msg_copy_attr(msg, sm->last_recv_radius,
RADIUS_ATTR_STATE);
if (res < 0) {
int res = radius_msg_copy_attr(msg, sm->last_recv_radius,
RADIUS_ATTR_STATE);
if (res < 0) {
- wpa_printf(MSG_INFO, "Could not copy State attribute from previous Access-Challenge");
+ wpa_printf(MSG_INFO,
+ "Could not copy State attribute from previous Access-Challenge");
wpa_printf(MSG_DEBUG, "Copied RADIUS State Attribute");
wpa_printf(MSG_DEBUG, "Copied RADIUS State Attribute");
}
if (hapd->conf->radius_request_cui) {
}
if (hapd->conf->radius_request_cui) {
if (!radius_msg_add_wfa(
msg, RADIUS_VENDOR_ATTR_WFA_HS20_AP_VERSION,
&ver, 1)) {
if (!radius_msg_add_wfa(
msg, RADIUS_VENDOR_ATTR_WFA_HS20_AP_VERSION,
&ver, 1)) {
- wpa_printf(MSG_ERROR, "Could not add HS 2.0 AP "
- "version");
+ wpa_printf(MSG_ERROR,
+ "Could not add HS 2.0 AP version");
const u8 *pos;
u8 buf[3];
u16 id;
const u8 *pos;
u8 buf[3];
u16 id;
pos = wpabuf_head_u8(sta->hs20_ie);
buf[0] = (*pos) >> 4;
if (((*pos) & HS20_PPS_MO_ID_PRESENT) &&
pos = wpabuf_head_u8(sta->hs20_ie);
buf[0] = (*pos) >> 4;
if (((*pos) & HS20_PPS_MO_ID_PRESENT) &&
msg,
RADIUS_VENDOR_ATTR_WFA_HS20_STA_VERSION,
buf, sizeof(buf))) {
msg,
RADIUS_VENDOR_ATTR_WFA_HS20_STA_VERSION,
buf, sizeof(buf))) {
- wpa_printf(MSG_ERROR, "Could not add HS 2.0 "
- "STA version");
+ wpa_printf(MSG_ERROR,
+ "Could not add HS 2.0 STA version");
{
u8 type, *data;
struct eapol_state_machine *sm = sta->eapol_sm;
{
u8 type, *data;
struct eapol_state_machine *sm = sta->eapol_sm;
return;
data = (u8 *) (eap + 1);
if (len < sizeof(*eap) + 1) {
return;
data = (u8 *) (eap + 1);
if (len < sizeof(*eap) + 1) {
- wpa_printf(MSG_INFO, "handle_eap_response: too short response data");
+ wpa_printf(MSG_INFO, "%s: too short response data", __func__);
u8 type, *data;
struct eapol_state_machine *sm = sta->eapol_sm;
u8 type, *data;
struct eapol_state_machine *sm = sta->eapol_sm;
return;
if (len < sizeof(*eap) + 1) {
return;
if (len < sizeof(*eap) + 1) {
- wpa_printf(MSG_INFO,
- "handle_eap_initiate: too short response data");
+ wpa_printf(MSG_INFO, "%s: too short response data", __func__);
type = data[0];
hostapd_logger(hapd, sm->addr, HOSTAPD_MODULE_IEEE8021X,
type = data[0];
hostapd_logger(hapd, sm->addr, HOSTAPD_MODULE_IEEE8021X,
- HOSTAPD_LEVEL_DEBUG, "received EAP packet (code=%d "
- "id=%d len=%d) from STA: EAP Initiate type %u",
+ HOSTAPD_LEVEL_DEBUG,
+ "received EAP packet (code=%d id=%d len=%d) from STA: EAP Initiate type %u",
eap->code, eap->identifier, be_to_host16(eap->length),
type);
eap->code, eap->identifier, be_to_host16(eap->length),
type);
wpa_printf(MSG_DEBUG, " Invalid EAP length");
return;
} else if (eap_len > len) {
wpa_printf(MSG_DEBUG, " Invalid EAP length");
return;
} else if (eap_len > len) {
- wpa_printf(MSG_DEBUG, " Too short frame to contain this EAP "
- "packet");
+ wpa_printf(MSG_DEBUG,
+ " Too short frame to contain this EAP packet");
return;
} else if (eap_len < len) {
return;
} else if (eap_len < len) {
- wpa_printf(MSG_DEBUG, " Ignoring %lu extra bytes after EAP "
- "packet", (unsigned long) len - eap_len);
+ wpa_printf(MSG_DEBUG,
+ " Ignoring %lu extra bytes after EAP packet",
+ (unsigned long) len - eap_len);
ieee802_1x_alloc_eapol_sm(struct hostapd_data *hapd, struct sta_info *sta)
{
int flags = 0;
ieee802_1x_alloc_eapol_sm(struct hostapd_data *hapd, struct sta_info *sta)
{
int flags = 0;
if (sta->flags & WLAN_STA_PREAUTH)
flags |= EAPOL_SM_PREAUTH;
if (sta->wpa_sm) {
if (sta->flags & WLAN_STA_PREAUTH)
flags |= EAPOL_SM_PREAUTH;
if (sta->wpa_sm) {
sta = ap_get_sta(hapd, sa);
if (!sta || (!(sta->flags & (WLAN_STA_ASSOC | WLAN_STA_PREAUTH)) &&
!(hapd->iface->drv_flags & WPA_DRIVER_FLAGS_WIRED))) {
sta = ap_get_sta(hapd, sa);
if (!sta || (!(sta->flags & (WLAN_STA_ASSOC | WLAN_STA_PREAUTH)) &&
!(hapd->iface->drv_flags & WPA_DRIVER_FLAGS_WIRED))) {
- wpa_printf(MSG_DEBUG, "IEEE 802.1X data frame from not "
- "associated/Pre-authenticating STA");
+ wpa_printf(MSG_DEBUG,
+ "IEEE 802.1X data frame from not associated/Pre-authenticating STA");
if (sta && (sta->flags & WLAN_STA_AUTH)) {
wpa_printf(MSG_DEBUG, "Saving EAPOL frame from " MACSTR
if (sta && (sta->flags & WLAN_STA_AUTH)) {
wpa_printf(MSG_DEBUG, "Saving EAPOL frame from " MACSTR
hdr->version, hdr->type, datalen);
if (len - sizeof(*hdr) < datalen) {
hdr->version, hdr->type, datalen);
if (len - sizeof(*hdr) < datalen) {
- wpa_printf(MSG_INFO, " frame too short for this IEEE 802.1X packet");
+ wpa_printf(MSG_INFO,
+ " frame too short for this IEEE 802.1X packet");
if (sta->eapol_sm)
sta->eapol_sm->dot1xAuthEapLengthErrorFramesRx++;
return;
}
if (len - sizeof(*hdr) > datalen) {
if (sta->eapol_sm)
sta->eapol_sm->dot1xAuthEapLengthErrorFramesRx++;
return;
}
if (len - sizeof(*hdr) > datalen) {
- wpa_printf(MSG_DEBUG, " ignoring %lu extra octets after "
- "IEEE 802.1X packet",
+ wpa_printf(MSG_DEBUG,
+ " ignoring %lu extra octets after IEEE 802.1X packet",
(unsigned long) len - sizeof(*hdr) - datalen);
}
(unsigned long) len - sizeof(*hdr) - datalen);
}
if (!hapd->conf->ieee802_1x && !hapd->conf->osen &&
!(sta->flags & (WLAN_STA_WPS | WLAN_STA_MAYBE_WPS))) {
if (!hapd->conf->ieee802_1x && !hapd->conf->osen &&
!(sta->flags & (WLAN_STA_WPS | WLAN_STA_MAYBE_WPS))) {
- wpa_printf(MSG_DEBUG, "IEEE 802.1X: Ignore EAPOL message - "
- "802.1X not enabled and WPS not used");
+ wpa_printf(MSG_DEBUG,
+ "IEEE 802.1X: Ignore EAPOL message - 802.1X not enabled and WPS not used");
if (key_mgmt != -1 &&
(wpa_key_mgmt_wpa_psk(key_mgmt) || key_mgmt == WPA_KEY_MGMT_OWE ||
key_mgmt == WPA_KEY_MGMT_DPP)) {
if (key_mgmt != -1 &&
(wpa_key_mgmt_wpa_psk(key_mgmt) || key_mgmt == WPA_KEY_MGMT_OWE ||
key_mgmt == WPA_KEY_MGMT_DPP)) {
- wpa_printf(MSG_DEBUG, "IEEE 802.1X: Ignore EAPOL message - "
- "STA is using PSK");
+ wpa_printf(MSG_DEBUG,
+ "IEEE 802.1X: Ignore EAPOL message - STA is using PSK");
* skipped if the STA is known to support WPS
* 2.0.
*/
* skipped if the STA is known to support WPS
* 2.0.
*/
- wpa_printf(MSG_DEBUG, "WPS: Do not start "
- "EAPOL until EAPOL-Start is "
- "received");
+ wpa_printf(MSG_DEBUG,
+ "WPS: Do not start EAPOL until EAPOL-Start is received");
sta->eapol_sm->flags |= EAPOL_SM_WAIT_START;
}
}
sta->eapol_sm->flags |= EAPOL_SM_WAIT_START;
}
}
case IEEE802_1X_TYPE_EAPOL_START:
hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE8021X,
case IEEE802_1X_TYPE_EAPOL_START:
hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE8021X,
- HOSTAPD_LEVEL_DEBUG, "received EAPOL-Start "
- "from STA");
+ HOSTAPD_LEVEL_DEBUG,
+ "received EAPOL-Start from STA");
sta->eapol_sm->flags &= ~EAPOL_SM_WAIT_START;
pmksa = wpa_auth_sta_get_pmksa(sta->wpa_sm);
if (pmksa) {
hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_WPA,
sta->eapol_sm->flags &= ~EAPOL_SM_WAIT_START;
pmksa = wpa_auth_sta_get_pmksa(sta->wpa_sm);
if (pmksa) {
hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_WPA,
- HOSTAPD_LEVEL_DEBUG, "cached PMKSA "
- "available - ignore it since "
- "STA sent EAPOL-Start");
+ HOSTAPD_LEVEL_DEBUG,
+ "cached PMKSA available - ignore it since STA sent EAPOL-Start");
wpa_auth_sta_clear_pmksa(sta->wpa_sm, pmksa);
}
sta->eapol_sm->eapolStart = TRUE;
wpa_auth_sta_clear_pmksa(sta->wpa_sm, pmksa);
}
sta->eapol_sm->eapolStart = TRUE;
case IEEE802_1X_TYPE_EAPOL_LOGOFF:
hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE8021X,
case IEEE802_1X_TYPE_EAPOL_LOGOFF:
hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE8021X,
- HOSTAPD_LEVEL_DEBUG, "received EAPOL-Logoff "
- "from STA");
+ HOSTAPD_LEVEL_DEBUG,
+ "received EAPOL-Logoff from STA");
sta->acct_terminate_cause =
RADIUS_ACCT_TERMINATE_CAUSE_USER_REQUEST;
accounting_sta_stop(hapd, sta);
sta->acct_terminate_cause =
RADIUS_ACCT_TERMINATE_CAUSE_USER_REQUEST;
accounting_sta_stop(hapd, sta);
case IEEE802_1X_TYPE_EAPOL_KEY:
wpa_printf(MSG_DEBUG, " EAPOL-Key");
if (!ap_sta_is_authorized(sta)) {
case IEEE802_1X_TYPE_EAPOL_KEY:
wpa_printf(MSG_DEBUG, " EAPOL-Key");
if (!ap_sta_is_authorized(sta)) {
- wpa_printf(MSG_DEBUG, " Dropped key data from "
- "unauthorized Supplicant");
+ wpa_printf(MSG_DEBUG,
+ " Dropped key data from unauthorized Supplicant");
#endif /* CONFIG_WPS */
if (!force_1x && !hapd->conf->ieee802_1x && !hapd->conf->osen) {
#endif /* CONFIG_WPS */
if (!force_1x && !hapd->conf->ieee802_1x && !hapd->conf->osen) {
- wpa_printf(MSG_DEBUG, "IEEE 802.1X: Ignore STA - "
- "802.1X not enabled or forced for WPS");
+ wpa_printf(MSG_DEBUG,
+ "IEEE 802.1X: Ignore STA - 802.1X not enabled or forced for WPS");
/*
* Clear any possible EAPOL authenticator state to support
* reassociation change from WPS to PSK.
/*
* Clear any possible EAPOL authenticator state to support
* reassociation change from WPS to PSK.
- if (sta->eapol_sm == NULL) {
hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE8021X,
HOSTAPD_LEVEL_DEBUG, "start authentication");
sta->eapol_sm = ieee802_1x_alloc_eapol_sm(hapd, sta);
hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE8021X,
HOSTAPD_LEVEL_DEBUG, "start authentication");
sta->eapol_sm = ieee802_1x_alloc_eapol_sm(hapd, sta);
- if (sta->eapol_sm == NULL) {
hostapd_logger(hapd, sta->addr,
HOSTAPD_MODULE_IEEE8021X,
HOSTAPD_LEVEL_INFO,
hostapd_logger(hapd, sta->addr,
HOSTAPD_MODULE_IEEE8021X,
HOSTAPD_LEVEL_INFO,
* initiates the handshake with EAPOL-Start. Only allow the
* wait to be skipped if the STA is known to support WPS 2.0.
*/
* initiates the handshake with EAPOL-Start. Only allow the
* wait to be skipped if the STA is known to support WPS 2.0.
*/
- wpa_printf(MSG_DEBUG, "WPS: Do not start EAPOL until "
- "EAPOL-Start is received");
+ wpa_printf(MSG_DEBUG,
+ "WPS: Do not start EAPOL until EAPOL-Start is received");
sta->eapol_sm->flags |= EAPOL_SM_WAIT_START;
}
#endif /* CONFIG_WPS */
sta->eapol_sm->flags |= EAPOL_SM_WAIT_START;
}
#endif /* CONFIG_WPS */
sta->pending_eapol_rx = NULL;
}
sta->pending_eapol_rx = NULL;
}
return;
sta->eapol_sm = NULL;
return;
sta->eapol_sm = NULL;
struct radius_msg *msg;
struct eapol_state_machine *sm = sta->eapol_sm;
struct radius_msg *msg;
struct eapol_state_machine *sm = sta->eapol_sm;
- if (sm == NULL || sm->last_recv_radius == NULL) {
+ if (!sm || !sm->last_recv_radius) {
if (sm)
sm->eap_if->aaaEapNoReq = TRUE;
return;
if (sm)
sm->eap_if->aaaEapNoReq = TRUE;
return;
msg = sm->last_recv_radius;
eap = radius_msg_get_eap(msg);
msg = sm->last_recv_radius;
eap = radius_msg_get_eap(msg);
/* RFC 3579, Chap. 2.6.3:
* RADIUS server SHOULD NOT send Access-Reject/no EAP-Message
* attribute */
hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE8021X,
/* RFC 3579, Chap. 2.6.3:
* RADIUS server SHOULD NOT send Access-Reject/no EAP-Message
* attribute */
hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE8021X,
- HOSTAPD_LEVEL_WARNING, "could not extract "
- "EAP-Message from RADIUS message");
+ HOSTAPD_LEVEL_WARNING,
+ "could not extract EAP-Message from RADIUS message");
sm->eap_if->aaaEapNoReq = TRUE;
return;
}
if (wpabuf_len(eap) < sizeof(*hdr)) {
hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE8021X,
sm->eap_if->aaaEapNoReq = TRUE;
return;
}
if (wpabuf_len(eap) < sizeof(*hdr)) {
hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE8021X,
- HOSTAPD_LEVEL_WARNING, "too short EAP packet "
- "received from authentication server");
+ HOSTAPD_LEVEL_WARNING,
+ "too short EAP packet received from authentication server");
wpabuf_free(eap);
sm->eap_if->aaaEapNoReq = TRUE;
return;
wpabuf_free(eap);
sm->eap_if->aaaEapNoReq = TRUE;
return;
}
buf[sizeof(buf) - 1] = '\0';
hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE8021X,
}
buf[sizeof(buf) - 1] = '\0';
hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE8021X,
- HOSTAPD_LEVEL_DEBUG, "decapsulated EAP packet (code=%d "
- "id=%d len=%d) from RADIUS server: %s",
+ HOSTAPD_LEVEL_DEBUG,
+ "decapsulated EAP packet (code=%d id=%d len=%d) from RADIUS server: %s",
hdr->code, hdr->identifier, be_to_host16(hdr->length),
buf);
sm->eap_if->aaaEapReq = TRUE;
hdr->code, hdr->identifier, be_to_host16(hdr->length),
buf);
sm->eap_if->aaaEapReq = TRUE;
u8 *buf;
size_t len;
struct eapol_state_machine *sm = sta->eapol_sm;
u8 *buf;
size_t len;
struct eapol_state_machine *sm = sta->eapol_sm;
return;
keys = radius_msg_get_ms_keys(msg, req, shared_secret,
return;
keys = radius_msg_get_ms_keys(msg, req, shared_secret,
struct radius_attr_data *nclass;
size_t nclass_count;
struct radius_attr_data *nclass;
size_t nclass_count;
- if (!hapd->conf->radius->acct_server || hapd->radius == NULL ||
- sm == NULL)
+ if (!hapd->conf->radius->acct_server || !hapd->radius || !sm)
return;
radius_free_class(&sm->radius_class);
return;
radius_free_class(&sm->radius_class);
return;
nclass = os_calloc(count, sizeof(struct radius_attr_data));
return;
nclass = os_calloc(count, sizeof(struct radius_attr_data));
return;
nclass_count = 0;
return;
nclass_count = 0;
} while (class_len < 1);
nclass[nclass_count].data = os_memdup(attr_class, class_len);
} while (class_len < 1);
nclass[nclass_count].data = os_memdup(attr_class, class_len);
- if (nclass[nclass_count].data == NULL)
+ if (!nclass[nclass_count].data)
break;
nclass[nclass_count].len = class_len;
break;
nclass[nclass_count].len = class_len;
sm->radius_class.attr = nclass;
sm->radius_class.count = nclass_count;
sm->radius_class.attr = nclass;
sm->radius_class.count = nclass_count;
- wpa_printf(MSG_DEBUG, "IEEE 802.1X: Stored %lu RADIUS Class "
- "attributes for " MACSTR,
+ wpa_printf(MSG_DEBUG,
+ "IEEE 802.1X: Stored %lu RADIUS Class attributes for "
+ MACSTR,
(unsigned long) sm->radius_class.count,
MAC2STR(sta->addr));
}
(unsigned long) sm->radius_class.count,
MAC2STR(sta->addr));
}
size_t len;
struct eapol_state_machine *sm = sta->eapol_sm;
size_t len;
struct eapol_state_machine *sm = sta->eapol_sm;
return;
if (radius_msg_get_attr_ptr(msg, RADIUS_ATTR_USER_NAME, &buf, &len,
return;
if (radius_msg_get_attr_ptr(msg, RADIUS_ATTR_USER_NAME, &buf, &len,
return;
identity = (u8 *) dup_binstr(buf, len);
return;
identity = (u8 *) dup_binstr(buf, len);
return;
hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE8021X,
return;
hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE8021X,
- HOSTAPD_LEVEL_DEBUG, "old identity '%s' updated with "
- "User-Name from Access-Accept '%s'",
+ HOSTAPD_LEVEL_DEBUG,
+ "old identity '%s' updated with User-Name from Access-Accept '%s'",
sm->identity ? (char *) sm->identity : "N/A",
(char *) identity);
sm->identity ? (char *) sm->identity : "N/A",
(char *) identity);
return;
if (radius_msg_get_attr_ptr(msg, RADIUS_ATTR_CHARGEABLE_USER_IDENTITY,
return;
if (radius_msg_get_attr_ptr(msg, RADIUS_ATTR_CHARGEABLE_USER_IDENTITY,
return;
cui = wpabuf_alloc_copy(buf, len);
return;
cui = wpabuf_alloc_copy(buf, len);
return;
wpabuf_free(sm->radius_cui);
return;
wpabuf_free(sm->radius_cui);
sta->remediation_method = pos[0];
os_memcpy(sta->remediation_url, pos + 1, len - 1);
sta->remediation_url[len - 1] = '\0';
sta->remediation_method = pos[0];
os_memcpy(sta->remediation_url, pos + 1, len - 1);
sta->remediation_url[len - 1] = '\0';
- wpa_printf(MSG_DEBUG, "HS 2.0: Subscription remediation needed "
- "for " MACSTR " - server method %u URL %s",
+ wpa_printf(MSG_DEBUG,
+ "HS 2.0: Subscription remediation needed for "
+ MACSTR " - server method %u URL %s",
MAC2STR(sta->addr), sta->remediation_method,
sta->remediation_url);
} else {
sta->remediation_url = NULL;
MAC2STR(sta->addr), sta->remediation_method,
sta->remediation_url);
} else {
sta->remediation_url = NULL;
- wpa_printf(MSG_DEBUG, "HS 2.0: Subscription remediation needed "
- "for " MACSTR, MAC2STR(sta->addr));
+ wpa_printf(MSG_DEBUG,
+ "HS 2.0: Subscription remediation needed for "
+ MACSTR, MAC2STR(sta->addr));
}
/* TODO: assign the STA into remediation VLAN or add filtering */
}
}
/* TODO: assign the STA into remediation VLAN or add filtering */
}
if (len < 3)
return; /* Malformed information */
sta->hs20_deauth_requested = 1;
if (len < 3)
return; /* Malformed information */
sta->hs20_deauth_requested = 1;
- wpa_printf(MSG_DEBUG, "HS 2.0: Deauthentication request - Code %u "
- "Re-auth Delay %u",
+ wpa_printf(MSG_DEBUG,
+ "HS 2.0: Deauthentication request - Code %u Re-auth Delay %u",
*pos, WPA_GET_LE16(pos + 1));
wpabuf_free(sta->hs20_deauth_req);
sta->hs20_deauth_req = wpabuf_alloc(len + 1);
*pos, WPA_GET_LE16(pos + 1));
wpabuf_free(sta->hs20_deauth_req);
sta->hs20_deauth_req = wpabuf_alloc(len + 1);
return; /* Malformed information */
os_free(sta->hs20_session_info_url);
sta->hs20_session_info_url = os_malloc(len);
return; /* Malformed information */
os_free(sta->hs20_session_info_url);
sta->hs20_session_info_url = os_malloc(len);
- if (sta->hs20_session_info_url == NULL)
+ if (!sta->hs20_session_info_url)
return;
swt = pos[0];
os_memcpy(sta->hs20_session_info_url, pos + 1, len - 1);
sta->hs20_session_info_url[len - 1] = '\0';
return;
swt = pos[0];
os_memcpy(sta->hs20_session_info_url, pos + 1, len - 1);
sta->hs20_session_info_url[len - 1] = '\0';
- wpa_printf(MSG_DEBUG, "HS 2.0: Session Information URL='%s' SWT=%u "
- "(session_timeout=%d)",
+ wpa_printf(MSG_DEBUG,
+ "HS 2.0: Session Information URL='%s' SWT=%u (session_timeout=%d)",
sta->hs20_session_info_url, swt, session_timeout);
if (session_timeout < 0) {
sta->hs20_session_info_url, swt, session_timeout);
if (session_timeout < 0) {
- wpa_printf(MSG_DEBUG, "HS 2.0: No Session-Timeout set - ignore session info URL");
+ wpa_printf(MSG_DEBUG,
+ "HS 2.0: No Session-Timeout set - ignore session info URL");
return;
}
if (swt == 255)
return;
}
if (swt == 255)
ieee802_1x_search_radius_identifier(struct hostapd_data *hapd, u8 identifier)
{
struct sta_id_search id_search;
ieee802_1x_search_radius_identifier(struct hostapd_data *hapd, u8 identifier)
{
struct sta_id_search id_search;
id_search.identifier = identifier;
id_search.sm = NULL;
ap_for_each_sta(hapd, ieee802_1x_select_radius_identifier, &id_search);
id_search.identifier = identifier;
id_search.sm = NULL;
ap_for_each_sta(hapd, ieee802_1x_select_radius_identifier, &id_search);
struct radius_hdr *hdr = radius_msg_get_hdr(msg);
sm = ieee802_1x_search_radius_identifier(hapd, hdr->identifier);
struct radius_hdr *hdr = radius_msg_get_hdr(msg);
sm = ieee802_1x_search_radius_identifier(hapd, hdr->identifier);
- if (sm == NULL) {
- wpa_printf(MSG_DEBUG, "IEEE 802.1X: Could not find matching "
- "station for this RADIUS message");
+ if (!sm) {
+ wpa_printf(MSG_DEBUG,
+ "IEEE 802.1X: Could not find matching station for this RADIUS message");
return RADIUS_RX_UNKNOWN;
}
sta = sm->sta;
return RADIUS_RX_UNKNOWN;
}
sta = sm->sta;
radius_msg_get_attr(msg, RADIUS_ATTR_MESSAGE_AUTHENTICATOR, NULL,
0) < 0 &&
radius_msg_get_attr(msg, RADIUS_ATTR_EAP_MESSAGE, NULL, 0) < 0) {
radius_msg_get_attr(msg, RADIUS_ATTR_MESSAGE_AUTHENTICATOR, NULL,
0) < 0 &&
radius_msg_get_attr(msg, RADIUS_ATTR_EAP_MESSAGE, NULL, 0) < 0) {
- wpa_printf(MSG_DEBUG, "Allowing RADIUS Access-Reject without "
- "Message-Authenticator since it does not include "
- "EAP-Message");
+ wpa_printf(MSG_DEBUG,
+ "Allowing RADIUS Access-Reject without Message-Authenticator since it does not include EAP-Message");
} else if (radius_msg_verify(msg, shared_secret, shared_secret_len,
req, 1)) {
} else if (radius_msg_verify(msg, shared_secret, shared_secret_len,
req, 1)) {
- wpa_printf(MSG_INFO, "Incoming RADIUS packet did not have correct Message-Authenticator - dropped");
+ wpa_printf(MSG_INFO,
+ "Incoming RADIUS packet did not have correct Message-Authenticator - dropped");
return RADIUS_RX_INVALID_AUTHENTICATOR;
}
return RADIUS_RX_INVALID_AUTHENTICATOR;
}
hostapd_logger(hapd, sta->addr,
HOSTAPD_MODULE_IEEE8021X,
HOSTAPD_LEVEL_INFO,
hostapd_logger(hapd, sta->addr,
HOSTAPD_MODULE_IEEE8021X,
HOSTAPD_LEVEL_INFO,
- "ignored too small "
- "Acct-Interim-Interval %d",
+ "ignored too small Acct-Interim-Interval %d",
acct_interim_interval);
} else
sta->acct_interim_interval = acct_interim_interval;
acct_interim_interval);
} else
sta->acct_interim_interval = acct_interim_interval;
hostapd_logger(hapd, sm->addr,
HOSTAPD_MODULE_IEEE8021X,
HOSTAPD_LEVEL_DEBUG,
hostapd_logger(hapd, sm->addr,
HOSTAPD_MODULE_IEEE8021X,
HOSTAPD_LEVEL_DEBUG,
- "using EAP timeout of %d seconds (from "
- "RADIUS)",
+ "using EAP timeout of %d seconds (from RADIUS)",
sm->eap_if->aaaMethodTimeout);
} else {
/*
sm->eap_if->aaaMethodTimeout);
} else {
/*
void ieee802_1x_abort_auth(struct hostapd_data *hapd, struct sta_info *sta)
{
struct eapol_state_machine *sm = sta->eapol_sm;
void ieee802_1x_abort_auth(struct hostapd_data *hapd, struct sta_info *sta)
{
struct eapol_state_machine *sm = sta->eapol_sm;
return;
hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE8021X,
return;
hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE8021X,
os_free(eapol->default_wep_key);
eapol->default_wep_key = os_malloc(hapd->conf->default_wep_key_len);
os_free(eapol->default_wep_key);
eapol->default_wep_key = os_malloc(hapd->conf->default_wep_key_len);
- if (eapol->default_wep_key == NULL ||
+ if (!eapol->default_wep_key ||
random_get_bytes(eapol->default_wep_key,
hapd->conf->default_wep_key_len)) {
wpa_printf(MSG_INFO, "Could not generate random WEP key");
random_get_bytes(eapol->default_wep_key,
hapd->conf->default_wep_key_len)) {
wpa_printf(MSG_INFO, "Could not generate random WEP key");
if (ieee802_1x_rekey_broadcast(hapd)) {
hostapd_logger(hapd, NULL, HOSTAPD_MODULE_IEEE8021X,
if (ieee802_1x_rekey_broadcast(hapd)) {
hostapd_logger(hapd, NULL, HOSTAPD_MODULE_IEEE8021X,
- HOSTAPD_LEVEL_WARNING, "failed to generate a "
- "new broadcast key");
+ HOSTAPD_LEVEL_WARNING,
+ "failed to generate a new broadcast key");
os_free(eapol->default_wep_key);
eapol->default_wep_key = NULL;
return;
os_free(eapol->default_wep_key);
eapol->default_wep_key = NULL;
return;
eapol->default_wep_key,
hapd->conf->default_wep_key_len)) {
hostapd_logger(hapd, NULL, HOSTAPD_MODULE_IEEE8021X,
eapol->default_wep_key,
hapd->conf->default_wep_key_len)) {
hostapd_logger(hapd, NULL, HOSTAPD_MODULE_IEEE8021X,
- HOSTAPD_LEVEL_WARNING, "failed to configure a "
- "new broadcast key");
+ HOSTAPD_LEVEL_WARNING,
+ "failed to configure a new broadcast key");
os_free(eapol->default_wep_key);
eapol->default_wep_key = NULL;
return;
os_free(eapol->default_wep_key);
eapol->default_wep_key = NULL;
return;
(identity_len == WSC_ID_REGISTRAR_LEN &&
os_memcmp(identity, WSC_ID_REGISTRAR,
WSC_ID_REGISTRAR_LEN) == 0))) {
(identity_len == WSC_ID_REGISTRAR_LEN &&
os_memcmp(identity, WSC_ID_REGISTRAR,
WSC_ID_REGISTRAR_LEN) == 0))) {
- wpa_printf(MSG_DEBUG, "WPS: WLAN_STA_MAYBE_WPS -> "
- "WLAN_STA_WPS");
+ wpa_printf(MSG_DEBUG,
+ "WPS: WLAN_STA_MAYBE_WPS -> WLAN_STA_WPS");
sta->flags |= WLAN_STA_WPS;
}
}
sta->flags |= WLAN_STA_WPS;
}
}
{
struct hostapd_data *hapd = ctx;
struct sta_info *sta = sta_ctx;
{
struct hostapd_data *hapd = ctx;
struct sta_info *sta = sta_ctx;
if (preauth)
rsn_preauth_finished(hapd, sta, success);
else
if (preauth)
rsn_preauth_finished(hapd, sta, success);
else
int rv = -1;
eap_user = hostapd_get_eap_user(hapd, identity, identity_len, phase2);
int rv = -1;
eap_user = hostapd_get_eap_user(hapd, identity, identity_len, phase2);
goto out;
os_memset(user, 0, sizeof(*user));
goto out;
os_memset(user, 0, sizeof(*user));
if (eap_user->password) {
user->password = os_memdup(eap_user->password,
eap_user->password_len);
if (eap_user->password) {
user->password = os_memdup(eap_user->password,
eap_user->password_len);
- if (user->password == NULL)
goto out;
user->password_len = eap_user->password_len;
user->password_hash = eap_user->password_hash;
goto out;
user->password_len = eap_user->password_len;
user->password_hash = eap_user->password_hash;
{
struct hostapd_data *hapd = ctx;
struct sta_info *sta;
{
struct hostapd_data *hapd = ctx;
struct sta_info *sta;
sta = ap_get_sta(hapd, addr);
sta = ap_get_sta(hapd, addr);
- if (sta == NULL || sta->eapol_sm == NULL)
+ if (!sta || !sta->eapol_sm)
{
struct hostapd_data *hapd = ctx;
struct sta_info *sta = sta_ctx;
{
struct hostapd_data *hapd = ctx;
struct sta_info *sta = sta_ctx;
ieee802_1x_set_sta_authorized(hapd, sta, authorized);
}
ieee802_1x_set_sta_authorized(hapd, sta, authorized);
}
{
struct hostapd_data *hapd = ctx;
struct sta_info *sta = sta_ctx;
{
struct hostapd_data *hapd = ctx;
struct sta_info *sta = sta_ctx;
ieee802_1x_abort_auth(hapd, sta);
}
ieee802_1x_abort_auth(hapd, sta);
}
#ifndef CONFIG_NO_RC4
struct hostapd_data *hapd = ctx;
struct sta_info *sta = sta_ctx;
#ifndef CONFIG_NO_RC4
struct hostapd_data *hapd = ctx;
struct sta_info *sta = sta_ctx;
ieee802_1x_tx_key(hapd, sta);
#endif /* CONFIG_NO_RC4 */
#endif /* CONFIG_FIPS */
ieee802_1x_tx_key(hapd, sta);
#endif /* CONFIG_NO_RC4 */
#endif /* CONFIG_FIPS */
{
/* struct hostapd_data *hapd = ctx; */
struct sta_info *sta = sta_ctx;
{
/* struct hostapd_data *hapd = ctx; */
struct sta_info *sta = sta_ctx;
switch (type) {
case EAPOL_AUTH_SM_CHANGE:
wpa_auth_sm_notify(sta->wpa_sm);
switch (type) {
case EAPOL_AUTH_SM_CHANGE:
wpa_auth_sm_notify(sta->wpa_sm);
#endif /* CONFIG_ERP */
hapd->eapol_auth = eapol_auth_init(&conf, &cb);
#endif /* CONFIG_ERP */
hapd->eapol_auth = eapol_auth_init(&conf, &cb);
- if (hapd->eapol_auth == NULL)
return -1;
if ((hapd->conf->ieee802_1x || hapd->conf->wpa) &&
return -1;
if ((hapd->conf->ieee802_1x || hapd->conf->wpa) &&
ieee802_1x_rekey(hapd, NULL);
ieee802_1x_rekey(hapd, NULL);
- if (hapd->eapol_auth->default_wep_key == NULL)
+ if (!hapd->eapol_auth->default_wep_key)
const unsigned char rfc1042_hdr[ETH_ALEN] =
{ 0xaa, 0xaa, 0x03, 0x00, 0x00, 0x00 };
const unsigned char rfc1042_hdr[ETH_ALEN] =
{ 0xaa, 0xaa, 0x03, 0x00, 0x00, 0x00 };
return -1;
if (len < sizeof(*hdr) + sizeof(rfc1042_hdr) + 2)
return 0;
return -1;
if (len < sizeof(*hdr) + sizeof(rfc1042_hdr) + 2)
return 0;
if (len < (int) sizeof(*xhdr))
return 0;
if (len < (int) sizeof(*xhdr))
return 0;
- wpa_printf(MSG_DEBUG, "IEEE 802.1X: " MACSTR " TX status - version=%d "
- "type=%d length=%d - ack=%d",
+ wpa_printf(MSG_DEBUG, "IEEE 802.1X: " MACSTR
+ " TX status - version=%d type=%d length=%d - ack=%d",
MAC2STR(sta->addr), xhdr->version, xhdr->type,
be_to_host16(xhdr->length), ack);
MAC2STR(sta->addr), xhdr->version, xhdr->type,
be_to_host16(xhdr->length), ack);
if (pos + sizeof(struct wpa_eapol_key) <= buf + len) {
const struct wpa_eapol_key *wpa;
if (pos + sizeof(struct wpa_eapol_key) <= buf + len) {
const struct wpa_eapol_key *wpa;
wpa = (const struct wpa_eapol_key *) pos;
if (wpa->type == EAPOL_KEY_TYPE_RSN ||
wpa->type == EAPOL_KEY_TYPE_WPA)
wpa = (const struct wpa_eapol_key *) pos;
if (wpa->type == EAPOL_KEY_TYPE_RSN ||
wpa->type == EAPOL_KEY_TYPE_WPA)
if (!ack && pos + sizeof(*key) <= buf + len) {
key = (struct ieee802_1x_eapol_key *) pos;
hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE8021X,
if (!ack && pos + sizeof(*key) <= buf + len) {
key = (struct ieee802_1x_eapol_key *) pos;
hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE8021X,
- HOSTAPD_LEVEL_DEBUG, "did not Ack EAPOL-Key "
- "frame (%scast index=%d)",
+ HOSTAPD_LEVEL_DEBUG,
+ "did not Ack EAPOL-Key frame (%scast index=%d)",
key->key_index & BIT(7) ? "uni" : "broad",
key->key_index & ~BIT(7));
/* TODO: re-send EAPOL-Key couple of times (with short delay
key->key_index & BIT(7) ? "uni" : "broad",
key->key_index & ~BIT(7));
/* TODO: re-send EAPOL-Key couple of times (with short delay
u8 * ieee802_1x_get_identity(struct eapol_state_machine *sm, size_t *len)
{
u8 * ieee802_1x_get_identity(struct eapol_state_machine *sm, size_t *len)
{
- if (sm == NULL || sm->identity == NULL)
+ if (!sm || !sm->identity)
return NULL;
*len = sm->identity_len;
return NULL;
*len = sm->identity_len;
u8 * ieee802_1x_get_radius_class(struct eapol_state_machine *sm, size_t *len,
int idx)
{
u8 * ieee802_1x_get_radius_class(struct eapol_state_machine *sm, size_t *len,
int idx)
{
- if (sm == NULL || sm->radius_class.attr == NULL ||
+ if (!sm || !sm->radius_class.attr ||
idx >= (int) sm->radius_class.count)
return NULL;
idx >= (int) sm->radius_class.count)
return NULL;
struct wpabuf * ieee802_1x_get_radius_cui(struct eapol_state_machine *sm)
{
struct wpabuf * ieee802_1x_get_radius_cui(struct eapol_state_machine *sm)
{
return NULL;
return sm->radius_cui;
}
return NULL;
return sm->radius_cui;
}
const u8 * ieee802_1x_get_key(struct eapol_state_machine *sm, size_t *len)
{
*len = 0;
const u8 * ieee802_1x_get_key(struct eapol_state_machine *sm, size_t *len)
{
*len = 0;
return NULL;
*len = sm->eap_if->eapKeyDataLen;
return NULL;
*len = sm->eap_if->eapKeyDataLen;
void ieee802_1x_notify_port_enabled(struct eapol_state_machine *sm,
int enabled)
{
void ieee802_1x_notify_port_enabled(struct eapol_state_machine *sm,
int enabled)
{
return;
sm->eap_if->portEnabled = enabled ? TRUE : FALSE;
eapol_auth_step(sm);
return;
sm->eap_if->portEnabled = enabled ? TRUE : FALSE;
eapol_auth_step(sm);
void ieee802_1x_notify_port_valid(struct eapol_state_machine *sm,
int valid)
{
void ieee802_1x_notify_port_valid(struct eapol_state_machine *sm,
int valid)
{
return;
sm->portValid = valid ? TRUE : FALSE;
eapol_auth_step(sm);
return;
sm->portValid = valid ? TRUE : FALSE;
eapol_auth_step(sm);
void ieee802_1x_notify_pre_auth(struct eapol_state_machine *sm, int pre_auth)
{
void ieee802_1x_notify_pre_auth(struct eapol_state_machine *sm, int pre_auth)
{
return;
if (pre_auth)
sm->flags |= EAPOL_SM_PREAUTH;
return;
if (pre_auth)
sm->flags |= EAPOL_SM_PREAUTH;
const char *name2;
char *identity_buf = NULL;
const char *name2;
char *identity_buf = NULL;
return 0;
ret = os_snprintf(buf + len, buflen - len,
return 0;
ret = os_snprintf(buf + len, buflen - len,