EAP-SIM/AKA: Pass EAP type as argument to eap_sim_msg_finish()

This makes it easier for static analyzers to figure out which code paths
are possible within eap_sim_msg_finish() for EAP-SIM. This will
hopefully avoid some false warnings (CID 68110, CID 68113, CID 68114).

Signed-off-by: Jouni Malinen <j@w1.fi>

diff --git a/src/eap_common/eap_sim_common.c b/src/eap_common/eap_sim_common.c
index ae0218589ce61dad3fdae7edf1aac174de515827..8232be37c5e6ce9deaf0d3973e664158eb3e8070 100644 (file)
--- a/src/eap_common/eap_sim_common.c
+++ b/src/eap_common/eap_sim_common.c
@@ -972,7 +972,6 @@ u8 * eap_sim_parse_encr(const u8 *k_encr, const u8 *encr_data,
 struct eap_sim_msg {
        struct wpabuf *buf;
        size_t mac, iv, encr; /* index from buf */
-       int type;
 };
 
 
@@ -986,7 +985,6 @@ struct eap_sim_msg * eap_sim_msg_init(int code, int id, int type, int subtype)
        if (msg == NULL)
                return NULL;
 
-       msg->type = type;
        msg->buf = wpabuf_alloc(EAP_SIM_INIT_LEN);
        if (msg->buf == NULL) {
                os_free(msg);
@@ -1006,7 +1004,8 @@ struct eap_sim_msg * eap_sim_msg_init(int code, int id, int type, int subtype)
 }
 
 
-struct wpabuf * eap_sim_msg_finish(struct eap_sim_msg *msg, const u8 *k_aut,
+struct wpabuf * eap_sim_msg_finish(struct eap_sim_msg *msg, int type,
+                                  const u8 *k_aut,
                                   const u8 *extra, size_t extra_len)
 {
        struct eap_hdr *eap;
@@ -1019,7 +1018,7 @@ struct wpabuf * eap_sim_msg_finish(struct eap_sim_msg *msg, const u8 *k_aut,
        eap->length = host_to_be16(wpabuf_len(msg->buf));
 
 #if defined(EAP_AKA_PRIME) || defined(EAP_SERVER_AKA_PRIME)
-       if (k_aut && msg->mac && msg->type == EAP_TYPE_AKA_PRIME) {
+       if (k_aut && msg->mac && type == EAP_TYPE_AKA_PRIME) {
                eap_sim_add_mac_sha256(k_aut, (u8 *) wpabuf_head(msg->buf),
                                       wpabuf_len(msg->buf),
                                       (u8 *) wpabuf_mhead(msg->buf) +

diff --git a/src/eap_common/eap_sim_common.h b/src/eap_common/eap_sim_common.h
index 6021bd2e2baecebe97f4adad639d7ad183ec1322..daeb0e2da0c4d2dd9fc3ebf2ffb1d6a32ec4dee7 100644 (file)
--- a/src/eap_common/eap_sim_common.h
+++ b/src/eap_common/eap_sim_common.h
@@ -211,7 +211,8 @@ u8 * eap_sim_parse_encr(const u8 *k_encr, const u8 *encr_data,
 struct eap_sim_msg;
 
 struct eap_sim_msg * eap_sim_msg_init(int code, int id, int type, int subtype);
-struct wpabuf * eap_sim_msg_finish(struct eap_sim_msg *msg, const u8 *k_aut,
+struct wpabuf * eap_sim_msg_finish(struct eap_sim_msg *msg, int type,
+                                  const u8 *k_aut,
                                   const u8 *extra, size_t extra_len);
 void eap_sim_msg_free(struct eap_sim_msg *msg);
 u8 * eap_sim_msg_add_full(struct eap_sim_msg *msg, u8 attr,

diff --git a/src/eap_peer/eap_aka.c b/src/eap_peer/eap_aka.c
index 3f31866bec96f7b20a9eb9ff50c54946dc08c0c4..04d7c89808ddf8ab98c5db4938833bfb50073186 100644 (file)
--- a/src/eap_peer/eap_aka.c
+++ b/src/eap_peer/eap_aka.c
@@ -532,7 +532,7 @@ static struct wpabuf * eap_aka_client_error(struct eap_aka_data *data, u8 id,
        msg = eap_sim_msg_init(EAP_CODE_RESPONSE, id, data->eap_method,
                               EAP_AKA_SUBTYPE_CLIENT_ERROR);
        eap_sim_msg_add(msg, EAP_SIM_AT_CLIENT_ERROR_CODE, err, NULL, 0);
-       return eap_sim_msg_finish(msg, NULL, NULL, 0);
+       return eap_sim_msg_finish(msg, data->eap_method, NULL, NULL, 0);
 }
 
 
@@ -549,7 +549,7 @@ static struct wpabuf * eap_aka_authentication_reject(struct eap_aka_data *data,
                   "(id=%d)", id);
        msg = eap_sim_msg_init(EAP_CODE_RESPONSE, id, data->eap_method,
                               EAP_AKA_SUBTYPE_AUTHENTICATION_REJECT);
-       return eap_sim_msg_finish(msg, NULL, NULL, 0);
+       return eap_sim_msg_finish(msg, data->eap_method, NULL, NULL, 0);
 }
 
 
@@ -568,7 +568,7 @@ static struct wpabuf * eap_aka_synchronization_failure(
        wpa_printf(MSG_DEBUG, "   AT_AUTS");
        eap_sim_msg_add_full(msg, EAP_SIM_AT_AUTS, data->auts,
                             EAP_AKA_AUTS_LEN);
-       return eap_sim_msg_finish(msg, NULL, NULL, 0);
+       return eap_sim_msg_finish(msg, data->eap_method, NULL, NULL, 0);
 }
 
 
@@ -612,7 +612,7 @@ static struct wpabuf * eap_aka_response_identity(struct eap_sm *sm,
                                identity, identity_len);
        }
 
-       return eap_sim_msg_finish(msg, NULL, NULL, 0);
+       return eap_sim_msg_finish(msg, data->eap_method, NULL, NULL, 0);
 }
 
 
@@ -634,7 +634,8 @@ static struct wpabuf * eap_aka_response_challenge(struct eap_aka_data *data,
        }
        wpa_printf(MSG_DEBUG, "   AT_MAC");
        eap_sim_msg_add_mac(msg, EAP_SIM_AT_MAC);
-       return eap_sim_msg_finish(msg, data->k_aut, (u8 *) "", 0);
+       return eap_sim_msg_finish(msg, data->eap_method, data->k_aut, (u8 *) "",
+                                 0);
 }
 
 
@@ -676,7 +677,7 @@ static struct wpabuf * eap_aka_response_reauth(struct eap_aka_data *data,
        }
        wpa_printf(MSG_DEBUG, "   AT_MAC");
        eap_sim_msg_add_mac(msg, EAP_SIM_AT_MAC);
-       return eap_sim_msg_finish(msg, data->k_aut, nonce_s,
+       return eap_sim_msg_finish(msg, data->eap_method, data->k_aut, nonce_s,
                                  EAP_SIM_NONCE_S_LEN);
 }
 
@@ -710,7 +711,7 @@ static struct wpabuf * eap_aka_response_notification(struct eap_aka_data *data,
                wpa_printf(MSG_DEBUG, "   AT_MAC");
                eap_sim_msg_add_mac(msg, EAP_SIM_AT_MAC);
        }
-       return eap_sim_msg_finish(msg, k_aut, (u8 *) "", 0);
+       return eap_sim_msg_finish(msg, data->eap_method, k_aut, (u8 *) "", 0);
 }
 
 
@@ -790,7 +791,7 @@ static struct wpabuf * eap_aka_prime_kdf_select(struct eap_aka_data *data,
                               EAP_AKA_SUBTYPE_CHALLENGE);
        wpa_printf(MSG_DEBUG, "   AT_KDF");
        eap_sim_msg_add(msg, EAP_SIM_AT_KDF, kdf, NULL, 0);
-       return eap_sim_msg_finish(msg, NULL, NULL, 0);
+       return eap_sim_msg_finish(msg, data->eap_method, NULL, NULL, 0);
 }
 
 

diff --git a/src/eap_peer/eap_sim.c b/src/eap_peer/eap_sim.c
index 63c89396cd5591d21e9e866e91a1ea7b6fedd021..9e0c08fa542a07aa2b058edbcdbfcff24fef83e8 100644 (file)
--- a/src/eap_peer/eap_sim.c
+++ b/src/eap_peer/eap_sim.c
@@ -449,7 +449,7 @@ static struct wpabuf * eap_sim_client_error(struct eap_sim_data *data, u8 id,
        msg = eap_sim_msg_init(EAP_CODE_RESPONSE, id, EAP_TYPE_SIM,
                               EAP_SIM_SUBTYPE_CLIENT_ERROR);
        eap_sim_msg_add(msg, EAP_SIM_AT_CLIENT_ERROR_CODE, err, NULL, 0);
-       return eap_sim_msg_finish(msg, NULL, NULL, 0);
+       return eap_sim_msg_finish(msg, EAP_TYPE_SIM, NULL, NULL, 0);
 }
 
 
@@ -502,7 +502,7 @@ static struct wpabuf * eap_sim_response_start(struct eap_sm *sm,
                                identity, identity_len);
        }
 
-       return eap_sim_msg_finish(msg, NULL, NULL, 0);
+       return eap_sim_msg_finish(msg, EAP_TYPE_SIM, NULL, NULL, 0);
 }
 
 
@@ -520,7 +520,8 @@ static struct wpabuf * eap_sim_response_challenge(struct eap_sim_data *data,
        }
        wpa_printf(MSG_DEBUG, "   AT_MAC");
        eap_sim_msg_add_mac(msg, EAP_SIM_AT_MAC);
-       return eap_sim_msg_finish(msg, data->k_aut, (u8 *) data->sres,
+       return eap_sim_msg_finish(msg, EAP_TYPE_SIM, data->k_aut,
+                                 (u8 *) data->sres,
                                  data->num_chal * EAP_SIM_SRES_LEN);
 }
 
@@ -562,7 +563,7 @@ static struct wpabuf * eap_sim_response_reauth(struct eap_sim_data *data,
        }
        wpa_printf(MSG_DEBUG, "   AT_MAC");
        eap_sim_msg_add_mac(msg, EAP_SIM_AT_MAC);
-       return eap_sim_msg_finish(msg, data->k_aut, nonce_s,
+       return eap_sim_msg_finish(msg, EAP_TYPE_SIM, data->k_aut, nonce_s,
                                  EAP_SIM_NONCE_S_LEN);
 }
 
@@ -596,7 +597,7 @@ static struct wpabuf * eap_sim_response_notification(struct eap_sim_data *data,
                wpa_printf(MSG_DEBUG, "   AT_MAC");
                eap_sim_msg_add_mac(msg, EAP_SIM_AT_MAC);
        }
-       return eap_sim_msg_finish(msg, k_aut, (u8 *) "", 0);
+       return eap_sim_msg_finish(msg, EAP_TYPE_SIM, k_aut, (u8 *) "", 0);
 }
 
 

diff --git a/src/eap_server/eap_server_aka.c b/src/eap_server/eap_server_aka.c
index 46fc45847f8bd6882728c6c43624ad36de64f2aa..565c971edd1158555d48380ac8b9fda43f08e176 100644 (file)
--- a/src/eap_server/eap_server_aka.c
+++ b/src/eap_server/eap_server_aka.c
@@ -377,7 +377,7 @@ static struct wpabuf * eap_aka_build_identity(struct eap_sm *sm,
                wpa_printf(MSG_DEBUG, "   AT_PERMANENT_ID_REQ");
                eap_sim_msg_add(msg, EAP_SIM_AT_PERMANENT_ID_REQ, 0, NULL, 0);
        }
-       buf = eap_sim_msg_finish(msg, NULL, NULL, 0);
+       buf = eap_sim_msg_finish(msg, data->eap_method, NULL, NULL, 0);
        if (eap_aka_add_id_msg(data, buf) < 0) {
                wpabuf_free(buf);
                return NULL;
@@ -534,7 +534,7 @@ static struct wpabuf * eap_aka_build_challenge(struct eap_sm *sm,
 
        wpa_printf(MSG_DEBUG, "   AT_MAC");
        eap_sim_msg_add_mac(msg, EAP_SIM_AT_MAC);
-       return eap_sim_msg_finish(msg, data->k_aut, NULL, 0);
+       return eap_sim_msg_finish(msg, data->eap_method, data->k_aut, NULL, 0);
 }
 
 
@@ -581,7 +581,7 @@ static struct wpabuf * eap_aka_build_reauth(struct eap_sm *sm,
 
        wpa_printf(MSG_DEBUG, "   AT_MAC");
        eap_sim_msg_add_mac(msg, EAP_SIM_AT_MAC);
-       return eap_sim_msg_finish(msg, data->k_aut, NULL, 0);
+       return eap_sim_msg_finish(msg, data->eap_method, data->k_aut, NULL, 0);
 }
 
 
@@ -620,7 +620,7 @@ static struct wpabuf * eap_aka_build_notification(struct eap_sm *sm,
                wpa_printf(MSG_DEBUG, "   AT_MAC");
                eap_sim_msg_add_mac(msg, EAP_SIM_AT_MAC);
        }
-       return eap_sim_msg_finish(msg, data->k_aut, NULL, 0);
+       return eap_sim_msg_finish(msg, data->eap_method, data->k_aut, NULL, 0);
 }
 
 

diff --git a/src/eap_server/eap_server_sim.c b/src/eap_server/eap_server_sim.c
index b531241e84e1f79bf1f1daf5672b378c4e194757..cd87a8bed53cbe2a346c3fb668297c4bb91bded2 100644 (file)
--- a/src/eap_server/eap_server_sim.c
+++ b/src/eap_server/eap_server_sim.c
@@ -140,7 +140,7 @@ static struct wpabuf * eap_sim_build_start(struct eap_sm *sm,
        ver[1] = EAP_SIM_VERSION;
        eap_sim_msg_add(msg, EAP_SIM_AT_VERSION_LIST, sizeof(ver),
                        ver, sizeof(ver));
-       return eap_sim_msg_finish(msg, NULL, NULL, 0);
+       return eap_sim_msg_finish(msg, EAP_TYPE_SIM, NULL, NULL, 0);
 }
 
 
@@ -240,8 +240,8 @@ static struct wpabuf * eap_sim_build_challenge(struct eap_sm *sm,
 
        wpa_printf(MSG_DEBUG, "   AT_MAC");
        eap_sim_msg_add_mac(msg, EAP_SIM_AT_MAC);
-       return eap_sim_msg_finish(msg, data->k_aut, data->nonce_mt,
-                                 EAP_SIM_NONCE_MT_LEN);
+       return eap_sim_msg_finish(msg, EAP_TYPE_SIM, data->k_aut,
+                                 data->nonce_mt, EAP_SIM_NONCE_MT_LEN);
 }
 
 
@@ -278,7 +278,7 @@ static struct wpabuf * eap_sim_build_reauth(struct eap_sm *sm,
 
        wpa_printf(MSG_DEBUG, "   AT_MAC");
        eap_sim_msg_add_mac(msg, EAP_SIM_AT_MAC);
-       return eap_sim_msg_finish(msg, data->k_aut, NULL, 0);
+       return eap_sim_msg_finish(msg, EAP_TYPE_SIM, data->k_aut, NULL, 0);
 }
 
 
@@ -317,7 +317,7 @@ static struct wpabuf * eap_sim_build_notification(struct eap_sm *sm,
                wpa_printf(MSG_DEBUG, "   AT_MAC");
                eap_sim_msg_add_mac(msg, EAP_SIM_AT_MAC);
        }
-       return eap_sim_msg_finish(msg, data->k_aut, NULL, 0);
+       return eap_sim_msg_finish(msg, EAP_TYPE_SIM, data->k_aut, NULL, 0);
 }