eapol_sm.c File Reference

WPA Supplicant / EAPOL state machines. More...

#include <stdlib.h>
#include <stdio.h>
#include <string.h>
#include "common.h"
#include "eapol_sm.h"
#include "eap.h"
#include "eloop.h"
#include "l2_packet.h"
#include "wpa.h"
#include "md5.h"
#include "rc4.h"

Include dependency graph for eapol_sm.c:

Go to the source code of this file.

Defines
#define	IEEE8021X_REPLAY_COUNTER_LEN   8
#define	IEEE8021X_KEY_SIGN_LEN   16
#define	IEEE8021X_KEY_IV_LEN   16
#define	IEEE8021X_KEY_INDEX_FLAG   0x80
#define	IEEE8021X_KEY_INDEX_MASK   0x03
#define	SM_STATE(machine, state)
#define	SM_ENTRY(machine, state)
#define	SM_ENTER(machine, state)   sm_ ## machine ## _ ## state ## _Enter(sm, 0)
#define	SM_ENTER_GLOBAL(machine, state)   sm_ ## machine ## _ ## state ## _Enter(sm, 1)
#define	SM_STEP(machine)   static void sm_ ## machine ## _Step(struct eapol_sm *sm)
#define	SM_STEP_RUN(machine)   sm_ ## machine ## _Step(sm)
#define	IEEE8021X_ENCR_KEY_LEN   32
#define	IEEE8021X_SIGN_KEY_LEN   32
Functions
	SM_STATE (SUPP_PAE, LOGOFF)
	SM_STATE (SUPP_PAE, DISCONNECTED)
	SM_STATE (SUPP_PAE, CONNECTING)
	SM_STATE (SUPP_PAE, AUTHENTICATING)
	SM_STATE (SUPP_PAE, HELD)
	SM_STATE (SUPP_PAE, AUTHENTICATED)
	SM_STATE (SUPP_PAE, RESTART)
	SM_STATE (SUPP_PAE, S_FORCE_AUTH)
	SM_STATE (SUPP_PAE, S_FORCE_UNAUTH)
	SM_STEP (SUPP_PAE)
	SM_STATE (KEY_RX, NO_KEY_RECEIVE)
	SM_STATE (KEY_RX, KEY_RECEIVE)
	SM_STEP (KEY_RX)
	SM_STATE (SUPP_BE, REQUEST)
	SM_STATE (SUPP_BE, RESPONSE)
	SM_STATE (SUPP_BE, SUCCESS)
	SM_STATE (SUPP_BE, FAIL)
	SM_STATE (SUPP_BE, TIMEOUT)
	SM_STATE (SUPP_BE, IDLE)
	SM_STATE (SUPP_BE, INITIALIZE)
	SM_STATE (SUPP_BE, RECEIVE)
	SM_STEP (SUPP_BE)
void	eapol_sm_step (struct eapol_sm *sm)
	EAPOL state machine step function.
void	eapol_sm_configure (struct eapol_sm *sm, int heldPeriod, int authPeriod, int startPeriod, int maxStart)
	Set EAPOL variables.
int	eapol_sm_get_status (struct eapol_sm *sm, char *buf, size_t buflen, int verbose)
	Get EAPOL state machine status.
int	eapol_sm_get_mib (struct eapol_sm *sm, char *buf, size_t buflen)
	Get EAPOL state machine MIBs.
int	eapol_sm_rx_eapol (struct eapol_sm *sm, const u8 *src, const u8 *buf, size_t len)
	Process received EAPOL frames.
void	eapol_sm_notify_tx_eapol_key (struct eapol_sm *sm)
	Notification about transmitted EAPOL packet.
void	eapol_sm_notify_portEnabled (struct eapol_sm *sm, Boolean enabled)
	Notification about portEnabled change.
void	eapol_sm_notify_portValid (struct eapol_sm *sm, Boolean valid)
	Notification about portValid change.
void	eapol_sm_notify_eap_success (struct eapol_sm *sm, Boolean success)
	Notification of external EAP success trigger.
void	eapol_sm_notify_eap_fail (struct eapol_sm *sm, Boolean fail)
	Notification of external EAP failure trigger.
void	eapol_sm_notify_config (struct eapol_sm *sm, struct wpa_ssid *config, const struct eapol_config *conf)
	Notification of EAPOL configuration change.
int	eapol_sm_get_key (struct eapol_sm *sm, u8 *key, size_t len)
	Get master session key (MSK) from EAP.
void	eapol_sm_notify_logoff (struct eapol_sm *sm, Boolean logoff)
	Notification of logon/logoff commands.
void	eapol_sm_notify_cached (struct eapol_sm *sm)
	Notification of successful PMKSA caching.
void	eapol_sm_notify_pmkid_attempt (struct eapol_sm *sm, int attempt)
	Notification of PMKSA caching.
void	eapol_sm_register_scard_ctx (struct eapol_sm *sm, void *ctx)
	Notification of smart card context.
void	eapol_sm_notify_portControl (struct eapol_sm *sm, PortControl portControl)
	Notification of portControl changes.
void	eapol_sm_notify_ctrl_attached (struct eapol_sm *sm)
	Notification of attached monitor.
void	eapol_sm_notify_ctrl_response (struct eapol_sm *sm)
	Notification of received user input.
void	eapol_sm_request_reauth (struct eapol_sm *sm)
	Request reauthentication.
void	eapol_sm_notify_lower_layer_success (struct eapol_sm *sm)
	Notification of lower layer success.
eapol_sm *	eapol_sm_init (struct eapol_ctx *ctx)
	Initialize EAPOL state machine.
void	eapol_sm_deinit (struct eapol_sm *sm)
	Deinitialize EAPOL state machine.
Variables
ieee802_1x_eapol_key	packed

---

Detailed Description

WPA Supplicant / EAPOL state machines.

Copyright

Copyright (c) 2004-2005, Jouni Malinen <[email protected]>

This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License version 2 as published by the Free Software Foundation.

Alternatively, this software may be distributed under the terms of BSD license.

See README and COPYING for more details.

Definition in file eapol_sm.c.

---

Define Documentation

#define SM_ENTRY (  machine, state   )

Value: if (!global || sm->machine ## _state != machine ## _ ## state) { \ sm->changed = TRUE; \ wpa_printf(MSG_DEBUG, "EAPOL: " #machine " entering state " #state); \ } \ sm->machine ## _state = machine ## _ ## state; Definition at line 195 of file eapol_sm.c.

#define SM_STATE (  machine, state   )

Value: static void sm_ ## machine ## _ ## state ## _Enter(struct eapol_sm *sm, \ int global) Definition at line 191 of file eapol_sm.c.

---

Function Documentation

void eapol_sm_configure (  struct eapol_sm *  sm, int  heldPeriod, int  authPeriod, int  startPeriod, int  maxStart )

Set EAPOL variables. Parameters: sm  Pointer to EAPOL state machine allocated with eapol_sm_init() heldPeriod  dot1xSuppHeldPeriod authPeriod  dot1xSuppAuthPeriod startPeriod  dot1xSuppStartPeriod maxStart  dot1xSuppMaxStart Set configurable EAPOL state machine variables. Each variable can be set to the given value or ignored if set to -1 (to set only some of the variables). Definition at line 962 of file eapol_sm.c.

void eapol_sm_deinit (  struct eapol_sm *  sm  )

Deinitialize EAPOL state machine. Parameters: sm  Pointer to EAPOL state machine allocated with eapol_sm_init() Deinitialize and free EAPOL state machine. Definition at line 1742 of file eapol_sm.c. Here is the call graph for this function:

int eapol_sm_get_key (  struct eapol_sm *  sm, u8 *  key, size_t  len )

Get master session key (MSK) from EAP. Parameters: sm  Pointer to EAPOL state machine allocated with eapol_sm_init() key  Pointer for key buffer len  Number of bytes to copy to key Returns: 0 on success (len of key available), maximum available key len (>0) if key is available but it is shorter than len, or -1 on failure. Fetch EAP keying material (MSK, eapKeyData) from EAP state machine. The key is available only after a successful authentication. Definition at line 1335 of file eapol_sm.c. Here is the call graph for this function:

int eapol_sm_get_mib (  struct eapol_sm *  sm, char *  buf, size_t  buflen )

Get EAPOL state machine MIBs. Parameters: sm  Pointer to EAPOL state machine allocated with eapol_sm_init() buf  Buffer for MIB information buflen  Maximum buffer length Returns: Number of bytes written to buf. Query EAPOL state machine for MIB information. This function fills in a text area with current MIB information from the EAPOL state machine. If the buffer (buf) is not large enough, MIB information will be truncated to fit the buffer. Definition at line 1040 of file eapol_sm.c.

int eapol_sm_get_status (  struct eapol_sm *  sm, char *  buf, size_t  buflen, int  verbose )

Get EAPOL state machine status. Parameters: sm  Pointer to EAPOL state machine allocated with eapol_sm_init() buf  Buffer for status information buflen  Maximum buffer length verbose  Whether to include verbose status information Returns: Number of bytes written to buf. Query EAPOL state machine for status information. This function fills in a text area with current status information from the EAPOL state machine. If the buffer (buf) is not large enough, status information will be truncated to fit the buffer. Definition at line 992 of file eapol_sm.c. Here is the call graph for this function:

struct eapol_sm* eapol_sm_init (  struct eapol_ctx *  ctx  )

Initialize EAPOL state machine. Parameters: ctx  Pointer to EAPOL context data; this needs to be an allocated buffer and EAPOL state machine will free it in eapol_sm_deinit() Returns: Pointer to the allocated EAPOL state machine or NULL on failure Allocate and initialize an EAPOL state machine. Definition at line 1692 of file eapol_sm.c. Here is the call graph for this function:

void eapol_sm_notify_cached (  struct eapol_sm *  sm  )

Notification of successful PMKSA caching. Parameters: sm  Pointer to EAPOL state machine allocated with eapol_sm_init() Notify EAPOL state machines that PMKSA caching was successful. This is used to move EAPOL and EAP state machines into authenticated/successful state. Definition at line 1377 of file eapol_sm.c. Here is the call graph for this function:

void eapol_sm_notify_config (  struct eapol_sm *  sm, struct wpa_ssid *  config, const struct eapol_config *  conf )

Notification of EAPOL configuration change. Parameters: sm  Pointer to EAPOL state machine allocated with eapol_sm_init() config  Pointer to current network configuration conf  Pointer to EAPOL configuration data Notify EAPOL station machine that configuration has changed. config will be stored as a backpointer to network configuration. This can be NULL to clear the stored pointed. conf will be copied to local EAPOL/EAP configuration data. If conf is NULL, this part of the configuration change will be skipped. Definition at line 1301 of file eapol_sm.c. Here is the call graph for this function:

void eapol_sm_notify_ctrl_attached (  struct eapol_sm *  sm  )

Notification of attached monitor. Parameters: sm  Pointer to EAPOL state machine allocated with eapol_sm_init() Notify EAPOL state machines that a monitor was attached to the control interface to trigger re-sending of pending requests for user input. Definition at line 1473 of file eapol_sm.c. Here is the call graph for this function:

void eapol_sm_notify_ctrl_response (  struct eapol_sm *  sm  )

Notification of received user input. Parameters: sm  Pointer to EAPOL state machine allocated with eapol_sm_init() Notify EAPOL state machines that a control response, i.e., user input, was received in order to trigger retrying of a pending EAP request. Definition at line 1489 of file eapol_sm.c. Here is the call graph for this function:

void eapol_sm_notify_eap_fail (  struct eapol_sm *  sm, Boolean  fail )

Notification of external EAP failure trigger. Parameters: sm  Pointer to EAPOL state machine allocated with eapol_sm_init() fail  TRUE = set failure, FALSE = clear failure Notify EAPOL station machine that external event has forced EAP state to failure (fail = TRUE). This can be cleared by setting fail = FALSE. Definition at line 1276 of file eapol_sm.c. Here is the call graph for this function:

void eapol_sm_notify_eap_success (  struct eapol_sm *  sm, Boolean  success )

Notification of external EAP success trigger. Parameters: sm  Pointer to EAPOL state machine allocated with eapol_sm_init() success  TRUE = set success, FALSE = clear success Notify EAPOL station machine that external event has forced EAP state to success (success = TRUE). This can be cleared by setting success = FALSE. This function is called to update EAP state when WPA-PSK key handshake has been completed successfully since WPA-PSK does not use EAP state machine. Definition at line 1253 of file eapol_sm.c. Here is the call graph for this function:

void eapol_sm_notify_logoff (  struct eapol_sm *  sm, Boolean  logoff )

Notification of logon/logoff commands. Parameters: sm  Pointer to EAPOL state machine allocated with eapol_sm_init() logoff  Whether command was logoff Notify EAPOL state machines that user requested logon/logoff. Definition at line 1360 of file eapol_sm.c. Here is the call graph for this function:

void eapol_sm_notify_lower_layer_success (  struct eapol_sm *  sm  )

Notification of lower layer success. Parameters: sm  Pointer to EAPOL state machine allocated with eapol_sm_init() Notify EAPOL (and EAP) state machines that a lower layer has detected a successful authentication. This is used to recover from dropped EAP-Success messages. Definition at line 1529 of file eapol_sm.c. Here is the call graph for this function:

void eapol_sm_notify_pmkid_attempt (  struct eapol_sm *  sm, int  attempt )

Notification of PMKSA caching. Parameters: sm  Pointer to EAPOL state machine allocated with eapol_sm_init() attempt  Whether PMKSA caching is tried Notify EAPOL state machines whether PMKSA caching is used. Definition at line 1395 of file eapol_sm.c. Here is the call graph for this function:

void eapol_sm_notify_portControl (  struct eapol_sm *  sm, PortControl  portControl )

Notification of portControl changes. Parameters: sm  Pointer to EAPOL state machine allocated with eapol_sm_init() portControl  New value for portControl variable Notify EAPOL state machines that portControl variable has changed. Definition at line 1454 of file eapol_sm.c. Here is the call graph for this function:

void eapol_sm_notify_portEnabled (  struct eapol_sm *  sm, Boolean  enabled )

Notification about portEnabled change. Parameters: sm  Pointer to EAPOL state machine allocated with eapol_sm_init() enabled  New portEnabled value Notify EAPOL station machine about new portEnabled value. Definition at line 1211 of file eapol_sm.c. Here is the call graph for this function:

void eapol_sm_notify_portValid (  struct eapol_sm *  sm, Boolean  valid )

Notification about portValid change. Parameters: sm  Pointer to EAPOL state machine allocated with eapol_sm_init() valid  New portValid value Notify EAPOL station machine about new portValid value. Definition at line 1230 of file eapol_sm.c. Here is the call graph for this function:

void eapol_sm_notify_tx_eapol_key (  struct eapol_sm *  sm  )

Notification about transmitted EAPOL packet. Parameters: sm  Pointer to EAPOL state machine allocated with eapol_sm_init() Notify EAPOL station machine about transmitted EAPOL packet from an external component, e.g., WPA. This will update the statistics. Definition at line 1196 of file eapol_sm.c.

void eapol_sm_register_scard_ctx (  struct eapol_sm *  sm, void *  ctx )

Notification of smart card context. Parameters: sm  Pointer to EAPOL state machine allocated with eapol_sm_init() ctx  Context data for smart card operations Notify EAPOL state machines of context data for smart card operations. This context data will be used as a parameter for scard_*() functions. Definition at line 1437 of file eapol_sm.c. Here is the call graph for this function:

void eapol_sm_request_reauth (  struct eapol_sm *  sm  )

Request reauthentication. Parameters: sm  Pointer to EAPOL state machine allocated with eapol_sm_init() This function can be used to request EAPOL reauthentication, e.g., when the current PMKSA entry is nearing expiration. Definition at line 1512 of file eapol_sm.c.

int eapol_sm_rx_eapol (  struct eapol_sm *  sm, const u8 *  src, const u8 *  buf, size_t  len )

Process received EAPOL frames. Parameters: sm  Pointer to EAPOL state machine allocated with eapol_sm_init() src  Source MAC address of the EAPOL packet buf  Pointer to the beginning of the EAPOL data (EAPOL header) len  Length of the EAPOL frame Returns: 1 = EAPOL frame processed, 0 = not for EAPOL state machine, -1 failure Definition at line 1097 of file eapol_sm.c. Here is the call graph for this function:

void eapol_sm_step (  struct eapol_sm *  sm  )

EAPOL state machine step function. Parameters: sm  Pointer to EAPOL state machine allocated with eapol_sm_init() This function is called to notify the state machine about changed external variables. It will step through the EAPOL state machines in loop to process all triggered state changes. Definition at line 846 of file eapol_sm.c. Here is the call graph for this function:

---