static int eap_aka_learn_ids(struct eap_sm *sm, struct eap_aka_data *data,
struct eap_sim_attrs *attr)
{
if (attr->next_pseudonym) {
const u8 *identity = NULL;
size_t identity_len = 0;
const u8 *realm = NULL;
size_t realm_len = 0;
wpa_hexdump_ascii(MSG_DEBUG,
"EAP-AKA: (encr) AT_NEXT_PSEUDONYM",
attr->next_pseudonym,
attr->next_pseudonym_len);
os_free(data->pseudonym);
/* Look for the realm of the permanent identity */
identity = eap_get_config_identity(sm, &identity_len);
if (identity) {
for (realm = identity, realm_len = identity_len;
realm_len > 0; realm_len--, realm++) {
if (*realm == '@')
break;
}
}
data->pseudonym = os_malloc(attr->next_pseudonym_len +
realm_len);
if (data->pseudonym == NULL) {
wpa_printf(MSG_INFO, "EAP-AKA: (encr) No memory for "
"next pseudonym");
data->pseudonym_len = 0;
return -1;
}
os_memcpy(data->pseudonym, attr->next_pseudonym,
attr->next_pseudonym_len);
if (realm_len) {
os_memcpy(data->pseudonym + attr->next_pseudonym_len,
realm, realm_len);
}
data->pseudonym_len = attr->next_pseudonym_len + realm_len;
}
if (attr->next_reauth_id) {
os_free(data->reauth_id);
data->reauth_id = os_malloc(attr->next_reauth_id_len);
if (data->reauth_id == NULL) {
wpa_printf(MSG_INFO, "EAP-AKA: (encr) No memory for "
"next reauth_id");
data->reauth_id_len = 0;
return -1;
}
os_memcpy(data->reauth_id, attr->next_reauth_id,
attr->next_reauth_id_len);
data->reauth_id_len = attr->next_reauth_id_len;
wpa_hexdump_ascii(MSG_DEBUG,
"EAP-AKA: (encr) AT_NEXT_REAUTH_ID",
data->reauth_id,
data->reauth_id_len);
}
return 0;
}
static void * eap_pwd_init(struct eap_sm *sm)
{
struct eap_pwd_data *data;
const u8 *identity, *password;
size_t identity_len, password_len;
password = eap_get_config_password(sm, &password_len);
if (password == NULL) {
wpa_printf(MSG_INFO, "EAP-PWD: No password configured!");
return NULL;
}
identity = eap_get_config_identity(sm, &identity_len);
if (identity == NULL) {
wpa_printf(MSG_INFO, "EAP-PWD: No identity configured!");
return NULL;
}
if ((data = os_zalloc(sizeof(*data))) == NULL) {
wpa_printf(MSG_INFO, "EAP-PWD: memory allocation data fail");
return NULL;
}
if ((data->bnctx = BN_CTX_new()) == NULL) {
wpa_printf(MSG_INFO, "EAP-PWD: bn context allocation fail");
os_free(data);
return NULL;
}
if ((data->id_peer = os_malloc(identity_len)) == NULL) {
wpa_printf(MSG_INFO, "EAP-PWD: memory allocation id fail");
BN_CTX_free(data->bnctx);
os_free(data);
return NULL;
}
os_memcpy(data->id_peer, identity, identity_len);
data->id_peer_len = identity_len;
if ((data->password = os_malloc(password_len)) == NULL) {
wpa_printf(MSG_INFO, "EAP-PWD: memory allocation psk fail");
BN_CTX_free(data->bnctx);
os_free(data->id_peer);
os_free(data);
return NULL;
}
os_memcpy(data->password, password, password_len);
data->password_len = password_len;
data->out_frag_pos = data->in_frag_pos = 0;
data->inbuf = data->outbuf = NULL;
data->mtu = 1020; /* default from RFC 5931, make it configurable! */
data->state = PWD_ID_Req;
return data;
}
/**
* eap_mschapv2_process - Process an EAP-MSCHAPv2 challenge message
* @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
* @data: Pointer to private EAP method data from eap_mschapv2_init()
* @ret: Return values from EAP request validation and processing
* @req: Pointer to EAP-MSCHAPv2 header from the request
* @req_len: Length of the EAP-MSCHAPv2 data
* @id: EAP identifier used in the request
* Returns: Pointer to allocated EAP response packet (eapRespData) or %NULL if
* no reply available
*/
static struct wpabuf * eap_mschapv2_challenge(
struct eap_sm *sm, struct eap_mschapv2_data *data,
struct eap_method_ret *ret, const struct eap_mschapv2_hdr *req,
size_t req_len, u8 id)
{
size_t len, challenge_len;
const u8 *pos, *challenge;
if (eap_get_config_identity(sm, &len) == NULL ||
eap_get_config_password(sm, &len) == NULL)
return NULL;
wpa_printf(MSG_DEBUG, "EAP-MSCHAPV2: Received challenge");
if (req_len < sizeof(*req) + 1) {
wpa_printf(MSG_INFO, "EAP-MSCHAPV2: Too short challenge data "
"(len %lu)", (unsigned long) req_len);
ret->ignore = TRUE;
return NULL;
}
pos = (const u8 *) (req + 1);
challenge_len = *pos++;
len = req_len - sizeof(*req) - 1;
if (challenge_len != MSCHAPV2_CHAL_LEN) {
wpa_printf(MSG_INFO, "EAP-MSCHAPV2: Invalid challenge length "
"%lu", (unsigned long) challenge_len);
ret->ignore = TRUE;
return NULL;
}
if (len < challenge_len) {
wpa_printf(MSG_INFO, "EAP-MSCHAPV2: Too short challenge"
" packet: len=%lu challenge_len=%lu",
(unsigned long) len, (unsigned long) challenge_len);
ret->ignore = TRUE;
return NULL;
}
if (data->passwd_change_challenge_valid) {
wpa_printf(MSG_DEBUG, "EAP-MSCHAPV2: Using challenge from the "
"failure message");
challenge = data->passwd_change_challenge;
} else
challenge = pos;
pos += challenge_len;
len -= challenge_len;
wpa_hexdump_ascii(MSG_DEBUG, "EAP-MSCHAPV2: Authentication Servername",
pos, len);
ret->ignore = FALSE;
ret->methodState = METHOD_MAY_CONT;
ret->decision = DECISION_FAIL;
ret->allowNotifications = TRUE;
return eap_mschapv2_challenge_reply(sm, data, id, req->mschapv2_id,
challenge);
}
static u8 * eap_sim_response_start(struct eap_sm *sm,
struct eap_sim_data *data,
const struct eap_hdr *req,
size_t *respDataLen,
enum eap_sim_id_req id_req)
{
const u8 *identity = NULL;
size_t identity_len = 0;
struct eap_sim_msg *msg;
data->reauth = 0;
if (id_req == ANY_ID && data->reauth_id) {
identity = data->reauth_id;
identity_len = data->reauth_id_len;
data->reauth = 1;
} else if ((id_req == ANY_ID || id_req == FULLAUTH_ID) &&
data->pseudonym) {
identity = data->pseudonym;
identity_len = data->pseudonym_len;
eap_sim_clear_identities(data, CLEAR_REAUTH_ID);
} else if (id_req != NO_ID_REQ) {
identity = eap_get_config_identity(sm, &identity_len);
if (identity) {
eap_sim_clear_identities(data, CLEAR_PSEUDONYM |
CLEAR_REAUTH_ID);
}
}
if (id_req != NO_ID_REQ)
eap_sim_clear_identities(data, CLEAR_EAP_ID);
wpa_printf(MSG_DEBUG, "Generating EAP-SIM Start (id=%d)",
req->identifier);
msg = eap_sim_msg_init(EAP_CODE_RESPONSE, req->identifier,
EAP_TYPE_SIM, EAP_SIM_SUBTYPE_START);
if (!data->reauth) {
wpa_hexdump(MSG_DEBUG, " AT_NONCE_MT",
data->nonce_mt, EAP_SIM_NONCE_MT_LEN);
eap_sim_msg_add(msg, EAP_SIM_AT_NONCE_MT, 0,
data->nonce_mt, EAP_SIM_NONCE_MT_LEN);
wpa_printf(MSG_DEBUG, " AT_SELECTED_VERSION %d",
data->selected_version);
eap_sim_msg_add(msg, EAP_SIM_AT_SELECTED_VERSION,
data->selected_version, NULL, 0);
}
if (identity) {
wpa_hexdump_ascii(MSG_DEBUG, " AT_IDENTITY",
identity, identity_len);
eap_sim_msg_add(msg, EAP_SIM_AT_IDENTITY, identity_len,
identity, identity_len);
}
return eap_sim_msg_finish(msg, respDataLen, NULL, NULL, 0);
}
static u8 * eap_leap_process_success(struct eap_sm *sm, void *priv,
struct eap_method_ret *ret,
const u8 *reqData, size_t *respDataLen)
{
struct eap_leap_data *data = priv;
const struct eap_hdr *req;
struct eap_hdr *resp;
u8 *pos;
const u8 *identity;
size_t identity_len;
wpa_printf(MSG_DEBUG, "EAP-LEAP: Processing EAP-Success");
identity = eap_get_config_identity(sm, &identity_len);
if (identity == NULL)
return NULL;
if (data->state != LEAP_WAIT_SUCCESS) {
wpa_printf(MSG_INFO, "EAP-LEAP: EAP-Success received in "
"unexpected state (%d) - ignored", data->state);
ret->ignore = TRUE;
return NULL;
}
req = (const struct eap_hdr *) reqData;
resp = eap_msg_alloc(EAP_VENDOR_IETF, EAP_TYPE_LEAP, respDataLen,
3 + LEAP_CHALLENGE_LEN + identity_len,
EAP_CODE_REQUEST, req->identifier, &pos);
if (resp == NULL)
return NULL;
*pos++ = LEAP_VERSION;
*pos++ = 0; /* unused */
*pos++ = LEAP_CHALLENGE_LEN;
if (hostapd_get_rand(pos, LEAP_CHALLENGE_LEN)) {
wpa_printf(MSG_WARNING, "EAP-LEAP: Failed to read random data "
"for challenge");
os_free(resp);
ret->ignore = TRUE;
return NULL;
}
os_memcpy(data->ap_challenge, pos, LEAP_CHALLENGE_LEN);
wpa_hexdump(MSG_MSGDUMP, "EAP-LEAP: Challenge to AP/AS", pos,
LEAP_CHALLENGE_LEN);
pos += LEAP_CHALLENGE_LEN;
os_memcpy(pos, identity, identity_len);
data->state = LEAP_WAIT_RESPONSE;
return (u8 *) resp;
}
static void * eap_gpsk_init(struct eap_sm *sm)
{
struct eap_gpsk_data *data;
const u8 *identity, *password;
size_t identity_len, password_len;
const char *phase1;
password = eap_get_config_password(sm, &password_len);
if (password == NULL) {
wpa_printf(MSG_INFO, "EAP-GPSK: No key (password) configured");
return NULL;
}
data = os_zalloc(sizeof(*data));
if (data == NULL)
return NULL;
data->state = GPSK_1;
identity = eap_get_config_identity(sm, &identity_len);
if (identity) {
data->id_peer = os_malloc(identity_len);
if (data->id_peer == NULL) {
eap_gpsk_deinit(sm, data);
return NULL;
}
os_memcpy(data->id_peer, identity, identity_len);
data->id_peer_len = identity_len;
}
phase1 = eap_get_config_phase1(sm);
if (phase1) {
const char *pos;
pos = os_strstr(phase1, "cipher=");
if (pos) {
data->forced_cipher = atoi(pos + 7);
wpa_printf(MSG_DEBUG, "EAP-GPSK: Forced cipher %u",
data->forced_cipher);
}
}
data->psk = os_malloc(password_len);
if (data->psk == NULL) {
eap_gpsk_deinit(sm, data);
return NULL;
}
os_memcpy(data->psk, password, password_len);
data->psk_len = password_len;
return data;
}
static void * eap_ikev2_init(struct eap_sm *sm)
{
struct eap_ikev2_data *data;
const u8 *identity, *password;
size_t identity_len, password_len;
int fragment_size;
identity = eap_get_config_identity(sm, &identity_len);
if (identity == NULL) {
wpa_printf(MSG_INFO, "EAP-IKEV2: No identity available");
return NULL;
}
data = os_zalloc(sizeof(*data));
if (data == NULL)
return NULL;
data->state = WAIT_START;
fragment_size = eap_get_config_fragment_size(sm);
if (fragment_size <= 0)
data->fragment_size = IKEV2_FRAGMENT_SIZE;
else
data->fragment_size = fragment_size;
data->ikev2.state = SA_INIT;
data->ikev2.peer_auth = PEER_AUTH_SECRET;
data->ikev2.key_pad = (u8 *) os_strdup("Key Pad for EAP-IKEv2");
if (data->ikev2.key_pad == NULL)
goto failed;
data->ikev2.key_pad_len = 21;
data->ikev2.IDr = os_malloc(identity_len);
if (data->ikev2.IDr == NULL)
goto failed;
os_memcpy(data->ikev2.IDr, identity, identity_len);
data->ikev2.IDr_len = identity_len;
password = eap_get_config_password(sm, &password_len);
if (password) {
data->ikev2.shared_secret = os_malloc(password_len);
if (data->ikev2.shared_secret == NULL)
goto failed;
os_memcpy(data->ikev2.shared_secret, password, password_len);
data->ikev2.shared_secret_len = password_len;
}
return data;
failed:
ikev2_responder_deinit(&data->ikev2);
os_free(data);
return NULL;
}
static struct wpabuf * eap_leap_process_success(struct eap_sm *sm, void *priv,
struct eap_method_ret *ret,
const struct wpabuf *reqData)
{
struct eap_leap_data *data = priv;
struct wpabuf *resp;
u8 *pos;
const u8 *identity;
size_t identity_len;
wpa_printf(MSG_DEBUG, "EAP-LEAP: Processing EAP-Success");
identity = eap_get_config_identity(sm, &identity_len);
if (identity == NULL)
return NULL;
if (data->state != LEAP_WAIT_SUCCESS) {
wpa_printf(MSG_INFO, "EAP-LEAP: EAP-Success received in "
"unexpected state (%d) - ignored", data->state);
ret->ignore = TRUE;
return NULL;
}
resp = eap_msg_alloc(EAP_VENDOR_IETF, EAP_TYPE_LEAP,
3 + LEAP_CHALLENGE_LEN + identity_len,
EAP_CODE_REQUEST, eap_get_id(reqData));
if (resp == NULL)
return NULL;
wpabuf_put_u8(resp, LEAP_VERSION);
wpabuf_put_u8(resp, 0); /* unused */
wpabuf_put_u8(resp, LEAP_CHALLENGE_LEN);
pos = wpabuf_put(resp, LEAP_CHALLENGE_LEN);
if (random_get_bytes(pos, LEAP_CHALLENGE_LEN)) {
wpa_printf(MSG_WARNING, "EAP-LEAP: Failed to read random data "
"for challenge");
wpabuf_free(resp);
ret->ignore = TRUE;
return NULL;
}
os_memcpy(data->ap_challenge, pos, LEAP_CHALLENGE_LEN);
wpa_hexdump(MSG_MSGDUMP, "EAP-LEAP: Challenge to AP/AS", pos,
LEAP_CHALLENGE_LEN);
wpabuf_put_data(resp, identity, identity_len);
data->state = LEAP_WAIT_RESPONSE;
return resp;
}
static struct wpabuf *
eap_mschapv2_challenge(
struct eap_sm *sm, struct eap_mschapv2_data *data,
struct eap_method_ret *ret, const struct eap_mschapv2_hdr *req,
size_t req_len, u8 id)
{
size_t len, challenge_len;
const u8 *pos, *challenge;
if (eap_get_config_identity(sm, &len) == NULL ||
eap_get_config_password(sm, &len) == NULL)
return NULL;
if (req_len < sizeof(*req) + 1) {
ret->ignore = true;
return NULL;
}
pos = (const u8 *)(req + 1);
challenge_len = *pos++;
len = req_len - sizeof(*req) - 1;
if (challenge_len != MSCHAPV2_CHAL_LEN) {
ret->ignore = true;
return NULL;
}
if (len < challenge_len) {
ret->ignore = true;
return NULL;
}
if (data->passwd_change_challenge_valid)
challenge = data->passwd_change_challenge;
else
challenge = pos;
pos += challenge_len;
len -= challenge_len;
ret->ignore = false;
ret->methodState = METHOD_MAY_CONT;
ret->decision = DECISION_FAIL;
ret->allowNotifications = true;
return eap_mschapv2_challenge_reply(sm, data, id, req->mschapv2_id,
challenge);
}
static int eap_mschapv2_check_config(struct eap_sm *sm)
{
size_t len;
if (eap_get_config_identity(sm, &len) == NULL) {
wpa_printf(MSG_INFO, "EAP-MSCHAPV2: Identity not configured");
eap_sm_request_identity(sm);
return -1;
}
if (eap_get_config_password(sm, &len) == NULL) {
wpa_printf(MSG_INFO, "EAP-MSCHAPV2: Password not configured");
eap_sm_request_password(sm);
return -1;
}
return 0;
}
static u8 * eap_aka_response_identity(struct eap_sm *sm,
struct eap_aka_data *data,
const struct eap_hdr *req,
size_t *respDataLen,
enum eap_sim_id_req id_req)
{
const u8 *identity = NULL;
size_t identity_len = 0;
struct eap_sim_msg *msg;
data->reauth = 0;
if (id_req == ANY_ID && data->reauth_id) {
identity = data->reauth_id;
identity_len = data->reauth_id_len;
data->reauth = 1;
} else if ((id_req == ANY_ID || id_req == FULLAUTH_ID) &&
data->pseudonym) {
identity = data->pseudonym;
identity_len = data->pseudonym_len;
eap_aka_clear_identities(data, CLEAR_REAUTH_ID);
} else if (id_req != NO_ID_REQ) {
identity = eap_get_config_identity(sm, &identity_len);
if (identity) {
eap_aka_clear_identities(data, CLEAR_PSEUDONYM |
CLEAR_REAUTH_ID);
}
}
if (id_req != NO_ID_REQ)
eap_aka_clear_identities(data, CLEAR_EAP_ID);
wpa_printf(MSG_DEBUG, "Generating EAP-AKA Identity (id=%d)",
req->identifier);
msg = eap_sim_msg_init(EAP_CODE_RESPONSE, req->identifier,
EAP_TYPE_AKA, EAP_AKA_SUBTYPE_IDENTITY);
if (identity) {
wpa_hexdump_ascii(MSG_DEBUG, " AT_IDENTITY",
identity, identity_len);
eap_sim_msg_add(msg, EAP_SIM_AT_IDENTITY, identity_len,
identity, identity_len);
}
return eap_sim_msg_finish(msg, respDataLen, NULL, NULL, 0);
}
static void * eap_psk_init(struct eap_sm *sm)
{
struct eap_psk_data *data;
const u8 *identity, *password;
size_t identity_len, password_len;
password = eap_get_config_password(sm, &password_len);
if (!password || password_len != 16) {
wpa_printf(MSG_INFO, "EAP-PSK: 16-octet pre-shared key not "
"configured");
return NULL;
}
data = os_zalloc(sizeof(*data));
if (data == NULL)
return NULL;
if (eap_psk_key_setup(password, data->ak, data->kdk)) {
os_free(data);
return NULL;
}
wpa_hexdump_key(MSG_DEBUG, "EAP-PSK: AK", data->ak, EAP_PSK_AK_LEN);
wpa_hexdump_key(MSG_DEBUG, "EAP-PSK: KDK", data->kdk, EAP_PSK_KDK_LEN);
data->state = PSK_INIT;
identity = eap_get_config_identity(sm, &identity_len);
if (identity) {
data->id_p = os_malloc(identity_len);
if (data->id_p)
os_memcpy(data->id_p, identity, identity_len);
data->id_p_len = identity_len;
}
if (data->id_p == NULL) {
wpa_printf(MSG_INFO, "EAP-PSK: could not get own identity");
os_free(data);
return NULL;
}
return data;
}
static void * eap_gpsk_init(struct eap_sm *sm)
{
struct eap_gpsk_data *data;
const u8 *identity, *password;
size_t identity_len, password_len;
password = eap_get_config_password(sm, &password_len);
if (password == NULL) {
wpa_printf(MSG_INFO, "EAP-GPSK: No key (password) configured");
return NULL;
}
data = os_zalloc(sizeof(*data));
if (data == NULL)
return NULL;
data->state = GPSK_1;
identity = eap_get_config_identity(sm, &identity_len);
if (identity) {
data->id_peer = os_malloc(identity_len);
if (data->id_peer == NULL) {
eap_gpsk_deinit(sm, data);
return NULL;
}
os_memcpy(data->id_peer, identity, identity_len);
data->id_peer_len = identity_len;
}
data->psk = os_malloc(password_len);
if (data->psk == NULL) {
eap_gpsk_deinit(sm, data);
return NULL;
}
os_memcpy(data->psk, password, password_len);
data->psk_len = password_len;
return data;
}
static void * eap_sake_init(struct eap_sm *sm)
{
struct eap_sake_data *data;
const u8 *identity, *password;
size_t identity_len, password_len;
password = eap_get_config_password(sm, &password_len);
if (!password || password_len != 2 * EAP_SAKE_ROOT_SECRET_LEN) {
wpa_printf(MSG_INFO, "EAP-SAKE: No key of correct length "
"configured");
return NULL;
}
data = os_zalloc(sizeof(*data));
if (data == NULL)
return NULL;
data->state = IDENTITY;
identity = eap_get_config_identity(sm, &identity_len);
if (identity) {
data->peerid = os_malloc(identity_len);
if (data->peerid == NULL) {
eap_sake_deinit(sm, data);
return NULL;
}
os_memcpy(data->peerid, identity, identity_len);
data->peerid_len = identity_len;
}
os_memcpy(data->root_secret_a, password, EAP_SAKE_ROOT_SECRET_LEN);
os_memcpy(data->root_secret_b,
password + EAP_SAKE_ROOT_SECRET_LEN,
EAP_SAKE_ROOT_SECRET_LEN);
return data;
}
static void * eap_pax_init(struct eap_sm *sm)
{
struct eap_pax_data *data;
const u8 *identity, *password;
size_t identity_len, password_len;
identity = eap_get_config_identity(sm, &identity_len);
password = eap_get_config_password(sm, &password_len);
if (!identity || !password) {
wpa_printf(MSG_INFO, "EAP-PAX: CID (nai) or key (password) "
"not configured");
return NULL;
}
if (password_len != EAP_PAX_AK_LEN) {
wpa_printf(MSG_INFO, "EAP-PAX: Invalid PSK length");
return NULL;
}
data = os_zalloc(sizeof(*data));
if (data == NULL)
return NULL;
data->state = PAX_INIT;
data->cid = os_malloc(identity_len);
if (data->cid == NULL) {
eap_pax_deinit(sm, data);
return NULL;
}
os_memcpy(data->cid, identity, identity_len);
data->cid_len = identity_len;
os_memcpy(data->ak, password, EAP_PAX_AK_LEN);
return data;
}
static u8 * eap_sim_process(struct eap_sm *sm, void *priv,
struct eap_method_ret *ret,
const u8 *reqData, size_t reqDataLen,
size_t *respDataLen)
{
struct eap_sim_data *data = priv;
const struct eap_hdr *req;
u8 subtype, *res;
const u8 *pos;
struct eap_sim_attrs attr;
size_t len;
wpa_hexdump(MSG_DEBUG, "EAP-SIM: EAP data", reqData, reqDataLen);
if (eap_get_config_identity(sm, &len) == NULL) {
wpa_printf(MSG_INFO, "EAP-SIM: Identity not configured");
eap_sm_request_identity(sm);
ret->ignore = TRUE;
return NULL;
}
pos = eap_hdr_validate(EAP_VENDOR_IETF, EAP_TYPE_SIM,
reqData, reqDataLen, &len);
if (pos == NULL || len < 1) {
ret->ignore = TRUE;
return NULL;
}
req = (const struct eap_hdr *) reqData;
len = be_to_host16(req->length);
ret->ignore = FALSE;
ret->methodState = METHOD_MAY_CONT;
ret->decision = DECISION_FAIL;
ret->allowNotifications = TRUE;
subtype = *pos++;
wpa_printf(MSG_DEBUG, "EAP-SIM: Subtype=%d", subtype);
pos += 2; /* Reserved */
if (eap_sim_parse_attr(pos, reqData + len, &attr, 0, 0)) {
res = eap_sim_client_error(data, req, respDataLen,
EAP_SIM_UNABLE_TO_PROCESS_PACKET);
goto done;
}
switch (subtype) {
case EAP_SIM_SUBTYPE_START:
res = eap_sim_process_start(sm, data, req,
respDataLen, &attr);
break;
case EAP_SIM_SUBTYPE_CHALLENGE:
res = eap_sim_process_challenge(sm, data, req, len,
respDataLen, &attr);
break;
case EAP_SIM_SUBTYPE_NOTIFICATION:
res = eap_sim_process_notification(sm, data, req, len,
respDataLen, &attr);
break;
case EAP_SIM_SUBTYPE_REAUTHENTICATION:
res = eap_sim_process_reauthentication(sm, data, req, len,
respDataLen, &attr);
break;
case EAP_SIM_SUBTYPE_CLIENT_ERROR:
wpa_printf(MSG_DEBUG, "EAP-SIM: subtype Client-Error");
res = eap_sim_client_error(data, req, respDataLen,
EAP_SIM_UNABLE_TO_PROCESS_PACKET);
break;
default:
wpa_printf(MSG_DEBUG, "EAP-SIM: Unknown subtype=%d", subtype);
res = eap_sim_client_error(data, req, respDataLen,
EAP_SIM_UNABLE_TO_PROCESS_PACKET);
break;
}
done:
if (data->state == FAILURE) {
ret->decision = DECISION_FAIL;
ret->methodState = METHOD_DONE;
} else if (data->state == SUCCESS) {
ret->decision = DECISION_COND_SUCC;
ret->methodState = METHOD_DONE;
}
if (ret->methodState == METHOD_DONE) {
ret->allowNotifications = FALSE;
}
return res;
}
static struct wpabuf * eap_aka_process(struct eap_sm *sm, void *priv,
struct eap_method_ret *ret,
const struct wpabuf *reqData)
{
struct eap_aka_data *data = priv;
const struct eap_hdr *req;
u8 subtype, id;
struct wpabuf *res;
const u8 *pos;
struct eap_sim_attrs attr;
size_t len;
wpa_hexdump_buf(MSG_DEBUG, "EAP-AKA: EAP data", reqData);
if (eap_get_config_identity(sm, &len) == NULL) {
wpa_printf(MSG_INFO, "EAP-AKA: Identity not configured");
eap_sm_request_identity(sm);
ret->ignore = TRUE;
return NULL;
}
pos = eap_hdr_validate(EAP_VENDOR_IETF, data->eap_method, reqData,
&len);
if (pos == NULL || len < 1) {
ret->ignore = TRUE;
return NULL;
}
req = wpabuf_head(reqData);
id = req->identifier;
len = be_to_host16(req->length);
ret->ignore = FALSE;
ret->methodState = METHOD_MAY_CONT;
ret->decision = DECISION_FAIL;
ret->allowNotifications = TRUE;
subtype = *pos++;
wpa_printf(MSG_DEBUG, "EAP-AKA: Subtype=%d", subtype);
pos += 2; /* Reserved */
if (eap_sim_parse_attr(pos, wpabuf_head_u8(reqData) + len, &attr,
data->eap_method == EAP_TYPE_AKA_PRIME ? 2 : 1,
0)) {
res = eap_aka_client_error(data, id,
EAP_AKA_UNABLE_TO_PROCESS_PACKET);
goto done;
}
switch (subtype) {
case EAP_AKA_SUBTYPE_IDENTITY:
res = eap_aka_process_identity(sm, data, id, reqData, &attr);
break;
case EAP_AKA_SUBTYPE_CHALLENGE:
res = eap_aka_process_challenge(sm, data, id, reqData, &attr);
break;
case EAP_AKA_SUBTYPE_NOTIFICATION:
res = eap_aka_process_notification(sm, data, id, reqData,
&attr);
break;
case EAP_AKA_SUBTYPE_REAUTHENTICATION:
res = eap_aka_process_reauthentication(sm, data, id, reqData,
&attr);
break;
case EAP_AKA_SUBTYPE_CLIENT_ERROR:
wpa_printf(MSG_DEBUG, "EAP-AKA: subtype Client-Error");
res = eap_aka_client_error(data, id,
EAP_AKA_UNABLE_TO_PROCESS_PACKET);
break;
default:
wpa_printf(MSG_DEBUG, "EAP-AKA: Unknown subtype=%d", subtype);
res = eap_aka_client_error(data, id,
EAP_AKA_UNABLE_TO_PROCESS_PACKET);
break;
}
done:
if (data->state == FAILURE) {
ret->decision = DECISION_FAIL;
ret->methodState = METHOD_DONE;
} else if (data->state == SUCCESS) {
ret->decision = data->use_result_ind ?
DECISION_UNCOND_SUCC : DECISION_COND_SUCC;
/*
* It is possible for the server to reply with AKA
* Notification, so we must allow the method to continue and
* not only accept EAP-Success at this point.
*/
ret->methodState = data->use_result_ind ?
METHOD_DONE : METHOD_MAY_CONT;
} else if (data->state == RESULT_FAILURE)
ret->methodState = METHOD_CONT;
else if (data->state == RESULT_SUCCESS)
ret->methodState = METHOD_CONT;
if (ret->methodState == METHOD_DONE) {
ret->allowNotifications = FALSE;
}
return res;
}
static struct wpabuf * eap_sim_process_challenge(struct eap_sm *sm,
struct eap_sim_data *data,
u8 id,
const struct wpabuf *reqData,
struct eap_sim_attrs *attr)
{
const u8 *identity;
size_t identity_len;
struct eap_sim_attrs eattr;
wpa_printf(MSG_DEBUG, "EAP-SIM: subtype Challenge");
data->reauth = 0;
if (!attr->mac || !attr->rand) {
wpa_printf(MSG_WARNING, "EAP-SIM: Challenge message "
"did not include%s%s",
!attr->mac ? " AT_MAC" : "",
!attr->rand ? " AT_RAND" : "");
return eap_sim_client_error(data, id,
EAP_SIM_UNABLE_TO_PROCESS_PACKET);
}
wpa_printf(MSG_DEBUG, "EAP-SIM: %lu challenges",
(unsigned long) attr->num_chal);
if (attr->num_chal < data->min_num_chal) {
wpa_printf(MSG_INFO, "EAP-SIM: Insufficient number of "
"challenges (%lu)", (unsigned long) attr->num_chal);
return eap_sim_client_error(data, id,
EAP_SIM_INSUFFICIENT_NUM_OF_CHAL);
}
if (attr->num_chal > 3) {
wpa_printf(MSG_INFO, "EAP-SIM: Too many challenges "
"(%lu)", (unsigned long) attr->num_chal);
return eap_sim_client_error(data, id,
EAP_SIM_UNABLE_TO_PROCESS_PACKET);
}
/* Verify that RANDs are different */
if (os_memcmp(attr->rand, attr->rand + GSM_RAND_LEN,
GSM_RAND_LEN) == 0 ||
(attr->num_chal > 2 &&
(os_memcmp(attr->rand, attr->rand + 2 * GSM_RAND_LEN,
GSM_RAND_LEN) == 0 ||
os_memcmp(attr->rand + GSM_RAND_LEN,
attr->rand + 2 * GSM_RAND_LEN,
GSM_RAND_LEN) == 0))) {
wpa_printf(MSG_INFO, "EAP-SIM: Same RAND used multiple times");
return eap_sim_client_error(data, id,
EAP_SIM_RAND_NOT_FRESH);
}
os_memcpy(data->rand, attr->rand, attr->num_chal * GSM_RAND_LEN);
data->num_chal = attr->num_chal;
if (eap_sim_gsm_auth(sm, data)) {
wpa_printf(MSG_WARNING, "EAP-SIM: GSM authentication failed");
return eap_sim_client_error(data, id,
EAP_SIM_UNABLE_TO_PROCESS_PACKET);
}
if (data->last_eap_identity) {
identity = data->last_eap_identity;
identity_len = data->last_eap_identity_len;
} else if (data->pseudonym) {
identity = data->pseudonym;
identity_len = data->pseudonym_len;
} else
identity = eap_get_config_identity(sm, &identity_len);
wpa_hexdump_ascii(MSG_DEBUG, "EAP-SIM: Selected identity for MK "
"derivation", identity, identity_len);
eap_sim_derive_mk(identity, identity_len, data->nonce_mt,
data->selected_version, data->ver_list,
data->ver_list_len, data->num_chal,
(const u8 *) data->kc, data->mk);
eap_sim_derive_keys(data->mk, data->k_encr, data->k_aut, data->msk,
data->emsk);
if (eap_sim_verify_mac(data->k_aut, reqData, attr->mac, data->nonce_mt,
EAP_SIM_NONCE_MT_LEN)) {
wpa_printf(MSG_WARNING, "EAP-SIM: Challenge message "
"used invalid AT_MAC");
return eap_sim_client_error(data, id,
EAP_SIM_UNABLE_TO_PROCESS_PACKET);
}
/* Old reauthentication identity must not be used anymore. In
* other words, if no new reauth identity is received, full
* authentication will be used on next reauthentication (using
* pseudonym identity or permanent identity). */
eap_sim_clear_identities(data, CLEAR_REAUTH_ID | CLEAR_EAP_ID);
if (attr->encr_data) {
u8 *decrypted;
decrypted = eap_sim_parse_encr(data->k_encr, attr->encr_data,
attr->encr_data_len, attr->iv,
&eattr, 0);
if (decrypted == NULL) {
return eap_sim_client_error(
data, id, EAP_SIM_UNABLE_TO_PROCESS_PACKET);
}
eap_sim_learn_ids(sm, data, &eattr);
os_free(decrypted);
}
if (data->result_ind && attr->result_ind)
data->use_result_ind = 1;
if (data->state != FAILURE && data->state != RESULT_FAILURE) {
eap_sim_state(data, data->use_result_ind ?
RESULT_SUCCESS : SUCCESS);
}
data->num_id_req = 0;
data->num_notification = 0;
/* RFC 4186 specifies that counter is initialized to one after
* fullauth, but initializing it to zero makes it easier to implement
* reauth verification. */
data->counter = 0;
return eap_sim_response_challenge(data, id);
}
static void * eap_wsc_init(struct eap_sm *sm)
{
struct eap_wsc_data *data;
const u8 *identity;
size_t identity_len;
int registrar;
struct wps_config cfg;
const char *pos;
const char *phase1;
struct wps_context *wps;
struct wps_credential new_ap_settings;
int res;
wps = sm->wps;
if (wps == NULL) {
wpa_printf(MSG_ERROR, "EAP-WSC: WPS context not available");
return NULL;
}
identity = eap_get_config_identity(sm, &identity_len);
if (identity && identity_len == WSC_ID_REGISTRAR_LEN &&
os_memcmp(identity, WSC_ID_REGISTRAR, WSC_ID_REGISTRAR_LEN) == 0)
registrar = 1; /* Supplicant is Registrar */
else if (identity && identity_len == WSC_ID_ENROLLEE_LEN &&
os_memcmp(identity, WSC_ID_ENROLLEE, WSC_ID_ENROLLEE_LEN) == 0)
registrar = 0; /* Supplicant is Enrollee */
else {
wpa_hexdump_ascii(MSG_INFO, "EAP-WSC: Unexpected identity",
identity, identity_len);
return NULL;
}
data = os_zalloc(sizeof(*data));
if (data == NULL)
return NULL;
data->state = registrar ? MESG : WAIT_START;
data->registrar = registrar;
data->wps_ctx = wps;
os_memset(&cfg, 0, sizeof(cfg));
cfg.wps = wps;
cfg.registrar = registrar;
phase1 = eap_get_config_phase1(sm);
if (phase1 == NULL) {
wpa_printf(MSG_INFO, "EAP-WSC: phase1 configuration data not "
"set");
os_free(data);
return NULL;
}
pos = os_strstr(phase1, "pin=");
if (pos) {
pos += 4;
cfg.pin = (const u8 *) pos;
while (*pos != '\0' && *pos != ' ')
pos++;
cfg.pin_len = pos - (const char *) cfg.pin;
} else {
pos = os_strstr(phase1, "pbc=1");
if (pos)
cfg.pbc = 1;
}
if (cfg.pin == NULL && !cfg.pbc) {
wpa_printf(MSG_INFO, "EAP-WSC: PIN or PBC not set in phase1 "
"configuration data");
os_free(data);
return NULL;
}
pos = os_strstr(phase1, "dev_pw_id=");
if (pos && cfg.pin)
cfg.dev_pw_id = atoi(pos + 10);
res = eap_wsc_new_ap_settings(&new_ap_settings, phase1);
if (res < 0) {
os_free(data);
return NULL;
}
if (res == 1) {
wpa_printf(MSG_DEBUG, "EAP-WSC: Provide new AP settings for "
"WPS");
cfg.new_ap_settings = &new_ap_settings;
}
data->wps = wps_init(&cfg);
if (data->wps == NULL) {
os_free(data);
return NULL;
}
res = eap_get_config_fragment_size(sm);
if (res > 0)
data->fragment_size = res;
else
data->fragment_size = WSC_FRAGMENT_SIZE;
wpa_printf(MSG_DEBUG, "EAP-WSC: Fragment size limit %u",
(unsigned int) data->fragment_size);
if (registrar && cfg.pin) {
wps_registrar_add_pin(data->wps_ctx->registrar, NULL,
cfg.pin, cfg.pin_len, 0);
}
return data;
}
static u8 * eap_aka_process_challenge(struct eap_sm *sm,
struct eap_aka_data *data,
const struct eap_hdr *req,
size_t reqDataLen,
size_t *respDataLen,
struct eap_sim_attrs *attr)
{
const u8 *identity;
size_t identity_len;
int res;
struct eap_sim_attrs eattr;
wpa_printf(MSG_DEBUG, "EAP-AKA: subtype Challenge");
data->reauth = 0;
if (!attr->mac || !attr->rand || !attr->autn) {
wpa_printf(MSG_WARNING, "EAP-AKA: Challenge message "
"did not include%s%s%s",
!attr->mac ? " AT_MAC" : "",
!attr->rand ? " AT_RAND" : "",
!attr->autn ? " AT_AUTN" : "");
return eap_aka_client_error(data, req, respDataLen,
EAP_AKA_UNABLE_TO_PROCESS_PACKET);
}
os_memcpy(data->rand, attr->rand, EAP_AKA_RAND_LEN);
os_memcpy(data->autn, attr->autn, EAP_AKA_AUTN_LEN);
res = eap_aka_umts_auth(sm, data);
if (res == -1) {
wpa_printf(MSG_WARNING, "EAP-AKA: UMTS authentication "
"failed (AUTN)");
return eap_aka_authentication_reject(data, req, respDataLen);
} else if (res == -2) {
wpa_printf(MSG_WARNING, "EAP-AKA: UMTS authentication "
"failed (AUTN seq# -> AUTS)");
return eap_aka_synchronization_failure(data, req, respDataLen);
} else if (res) {
wpa_printf(MSG_WARNING, "EAP-AKA: UMTS authentication failed");
return eap_aka_client_error(data, req, respDataLen,
EAP_AKA_UNABLE_TO_PROCESS_PACKET);
}
if (data->last_eap_identity) {
identity = data->last_eap_identity;
identity_len = data->last_eap_identity_len;
} else if (data->pseudonym) {
identity = data->pseudonym;
identity_len = data->pseudonym_len;
} else
identity = eap_get_config_identity(sm, &identity_len);
wpa_hexdump_ascii(MSG_DEBUG, "EAP-AKA: Selected identity for MK "
"derivation", identity, identity_len);
eap_aka_derive_mk(identity, identity_len, data->ik, data->ck,
data->mk);
eap_sim_derive_keys(data->mk, data->k_encr, data->k_aut, data->msk,
data->emsk);
if (eap_sim_verify_mac(data->k_aut, (const u8 *) req, reqDataLen,
attr->mac, (u8 *) "", 0)) {
wpa_printf(MSG_WARNING, "EAP-AKA: Challenge message "
"used invalid AT_MAC");
return eap_aka_client_error(data, req, respDataLen,
EAP_AKA_UNABLE_TO_PROCESS_PACKET);
}
/* Old reauthentication and pseudonym identities must not be used
* anymore. In other words, if no new identities are received, full
* authentication will be used on next reauthentication. */
eap_aka_clear_identities(data, CLEAR_PSEUDONYM | CLEAR_REAUTH_ID |
CLEAR_EAP_ID);
if (attr->encr_data) {
u8 *decrypted;
decrypted = eap_sim_parse_encr(data->k_encr, attr->encr_data,
attr->encr_data_len, attr->iv,
&eattr, 0);
if (decrypted == NULL) {
return eap_aka_client_error(
data, req, respDataLen,
EAP_AKA_UNABLE_TO_PROCESS_PACKET);
}
eap_aka_learn_ids(data, &eattr);
os_free(decrypted);
}
if (data->state != FAILURE)
data->state = SUCCESS;
data->num_id_req = 0;
data->num_notification = 0;
/* RFC 4187 specifies that counter is initialized to one after
* fullauth, but initializing it to zero makes it easier to implement
* reauth verification. */
data->counter = 0;
return eap_aka_response_challenge(data, req, respDataLen);
}
static struct wpabuf * eap_gtc_process(struct eap_sm *sm, void *priv,
struct eap_method_ret *ret,
const struct wpabuf *reqData)
{
struct eap_gtc_data *data = priv;
struct wpabuf *resp;
const u8 *pos, *password, *identity;
size_t password_len, identity_len, len, plen;
int otp;
u8 id;
pos = eap_hdr_validate(EAP_VENDOR_IETF, EAP_TYPE_GTC, reqData, &len);
if (pos == NULL) {
ret->ignore = TRUE;
return NULL;
}
id = eap_get_id(reqData);
wpa_hexdump_ascii(MSG_MSGDUMP, "EAP-GTC: Request message", pos, len);
if (data->prefix &&
(len < 10 || os_memcmp(pos, "CHALLENGE=", 10) != 0)) {
wpa_printf(MSG_DEBUG, "EAP-GTC: Challenge did not start with "
"expected prefix");
wpa_printf(MSG_DEBUG, "Unrecoverable error - Restarting\n");
/* Send an empty response in order to allow tunneled
* acknowledgement of the failure. This will also cover the
* error case which seems to use EAP-MSCHAPv2 like error
* reporting with EAP-GTC inside EAP-FAST tunnel. */
resp = eap_msg_alloc(EAP_VENDOR_IETF, EAP_TYPE_GTC,
0, EAP_CODE_RESPONSE, id);
return resp;
}
password = eap_get_config_otp(sm, &password_len);
if (password)
otp = 1;
else {
password = eap_get_config_password(sm, &password_len);
otp = 0;
}
if (password == NULL) {
wpa_printf(MSG_INFO, "EAP-GTC: Password not configured");
eap_sm_request_otp(sm, (const char *) pos, len);
ret->ignore = TRUE;
return NULL;
}
ret->ignore = FALSE;
ret->methodState = data->prefix ? METHOD_MAY_CONT : METHOD_DONE;
ret->decision = DECISION_COND_SUCC;
ret->allowNotifications = FALSE;
plen = password_len;
identity = eap_get_config_identity(sm, &identity_len);
if (identity == NULL)
return NULL;
if (data->prefix)
plen += 9 + identity_len + 1;
resp = eap_msg_alloc(EAP_VENDOR_IETF, EAP_TYPE_GTC, plen,
EAP_CODE_RESPONSE, id);
if (resp == NULL)
return NULL;
if (data->prefix) {
wpabuf_put_data(resp, "RESPONSE=", 9);
wpabuf_put_data(resp, identity, identity_len);
wpabuf_put_u8(resp, '\0');
}
wpabuf_put_data(resp, password, password_len);
wpa_hexdump_ascii_key(MSG_MSGDUMP, "EAP-GTC: Response",
wpabuf_head_u8(resp) + sizeof(struct eap_hdr) +
1, plen);
if (otp) {
wpa_printf(MSG_DEBUG, "EAP-GTC: Forgetting used password");
eap_clear_config_otp(sm);
}
return resp;
}
static void * eap_wsc_init(struct eap_sm *sm)
{
struct eap_wsc_data *data;
const u8 *identity;
size_t identity_len;
int registrar;
struct wps_config cfg;
const char *pos, *end;
const char *phase1;
struct wps_context *wps;
struct wps_credential new_ap_settings;
int res;
int nfc = 0;
u8 pkhash[WPS_OOB_PUBKEY_HASH_LEN];
wps = sm->wps;
if (wps == NULL) {
wpa_printf(MSG_ERROR, "EAP-WSC: WPS context not available");
return NULL;
}
identity = eap_get_config_identity(sm, &identity_len);
if (identity && identity_len == WSC_ID_REGISTRAR_LEN &&
os_memcmp(identity, WSC_ID_REGISTRAR, WSC_ID_REGISTRAR_LEN) == 0)
registrar = 1; /* Supplicant is Registrar */
else if (identity && identity_len == WSC_ID_ENROLLEE_LEN &&
os_memcmp(identity, WSC_ID_ENROLLEE, WSC_ID_ENROLLEE_LEN) == 0)
registrar = 0; /* Supplicant is Enrollee */
else {
wpa_hexdump_ascii(MSG_INFO, "EAP-WSC: Unexpected identity",
identity, identity_len);
return NULL;
}
data = os_zalloc(sizeof(*data));
if (data == NULL)
return NULL;
data->state = registrar ? MESG : WAIT_START;
data->registrar = registrar;
data->wps_ctx = wps;
os_memset(&cfg, 0, sizeof(cfg));
cfg.wps = wps;
cfg.registrar = registrar;
phase1 = eap_get_config_phase1(sm);
if (phase1 == NULL) {
wpa_printf(MSG_INFO, "EAP-WSC: phase1 configuration data not "
"set");
os_free(data);
return NULL;
}
pos = os_strstr(phase1, "pin=");
if (pos) {
pos += 4;
cfg.pin = (const u8 *) pos;
while (*pos != '\0' && *pos != ' ')
pos++;
cfg.pin_len = pos - (const char *) cfg.pin;
if (cfg.pin_len == 6 &&
os_strncmp((const char *) cfg.pin, "nfc-pw", 6) == 0) {
cfg.pin = NULL;
cfg.pin_len = 0;
nfc = 1;
}
} else {
pos = os_strstr(phase1, "pbc=1");
if (pos)
cfg.pbc = 1;
}
pos = os_strstr(phase1, "dev_pw_id=");
if (pos) {
u16 id = atoi(pos + 10);
if (id == DEV_PW_NFC_CONNECTION_HANDOVER)
nfc = 1;
if (cfg.pin || id == DEV_PW_NFC_CONNECTION_HANDOVER)
cfg.dev_pw_id = id;
}
if (cfg.pin == NULL && !cfg.pbc && !nfc) {
wpa_printf(MSG_INFO, "EAP-WSC: PIN or PBC not set in phase1 "
"configuration data");
os_free(data);
return NULL;
}
pos = os_strstr(phase1, " pkhash=");
if (pos) {
size_t len;
pos += 8;
end = os_strchr(pos, ' ');
if (end)
len = end - pos;
else
len = os_strlen(pos);
if (len != 2 * WPS_OOB_PUBKEY_HASH_LEN ||
hexstr2bin(pos, pkhash, WPS_OOB_PUBKEY_HASH_LEN)) {
wpa_printf(MSG_INFO, "EAP-WSC: Invalid pkhash");
os_free(data);
return NULL;
}
cfg.peer_pubkey_hash = pkhash;
}
res = eap_wsc_new_ap_settings(&new_ap_settings, phase1);
if (res < 0) {
os_free(data);
wpa_printf(MSG_DEBUG, "EAP-WSC: Failed to parse new AP "
"settings");
return NULL;
}
if (res == 1) {
wpa_printf(MSG_DEBUG, "EAP-WSC: Provide new AP settings for "
"WPS");
cfg.new_ap_settings = &new_ap_settings;
}
data->wps = wps_init(&cfg);
if (data->wps == NULL) {
os_free(data);
wpa_printf(MSG_DEBUG, "EAP-WSC: wps_init failed");
return NULL;
}
res = eap_get_config_fragment_size(sm);
if (res > 0)
data->fragment_size = res;
else
data->fragment_size = WSC_FRAGMENT_SIZE;
wpa_printf(MSG_DEBUG, "EAP-WSC: Fragment size limit %u",
(unsigned int) data->fragment_size);
if (registrar && cfg.pin) {
wps_registrar_add_pin(data->wps_ctx->registrar, NULL, NULL,
cfg.pin, cfg.pin_len, 0);
}
/* Use reduced client timeout for WPS to avoid long wait */
if (sm->ClientTimeout > 30)
sm->ClientTimeout = 30;
return data;
}
static struct wpabuf * eap_leap_process_request(struct eap_sm *sm, void *priv,
struct eap_method_ret *ret,
const struct wpabuf *reqData)
{
struct eap_leap_data *data = priv;
struct wpabuf *resp;
const u8 *pos, *challenge, *identity, *password;
u8 challenge_len, *rpos;
size_t identity_len, password_len, len;
int pwhash;
wpa_printf(MSG_DEBUG, "EAP-LEAP: Processing EAP-Request");
identity = eap_get_config_identity(sm, &identity_len);
password = eap_get_config_password2(sm, &password_len, &pwhash);
if (identity == NULL || password == NULL)
return NULL;
pos = eap_hdr_validate(EAP_VENDOR_IETF, EAP_TYPE_LEAP, reqData, &len);
if (pos == NULL || len < 3) {
wpa_printf(MSG_INFO, "EAP-LEAP: Invalid EAP-Request frame");
ret->ignore = TRUE;
return NULL;
}
if (*pos != LEAP_VERSION) {
wpa_printf(MSG_WARNING, "EAP-LEAP: Unsupported LEAP version "
"%d", *pos);
ret->ignore = TRUE;
return NULL;
}
pos++;
pos++; /* skip unused byte */
challenge_len = *pos++;
if (challenge_len != LEAP_CHALLENGE_LEN || challenge_len > len - 3) {
wpa_printf(MSG_INFO, "EAP-LEAP: Invalid challenge "
"(challenge_len=%d reqDataLen=%lu)",
challenge_len, (unsigned long) wpabuf_len(reqData));
ret->ignore = TRUE;
return NULL;
}
challenge = pos;
os_memcpy(data->peer_challenge, challenge, LEAP_CHALLENGE_LEN);
wpa_hexdump(MSG_MSGDUMP, "EAP-LEAP: Challenge from AP",
challenge, LEAP_CHALLENGE_LEN);
wpa_printf(MSG_DEBUG, "EAP-LEAP: Generating Challenge Response");
resp = eap_msg_alloc(EAP_VENDOR_IETF, EAP_TYPE_LEAP,
3 + LEAP_RESPONSE_LEN + identity_len,
EAP_CODE_RESPONSE, eap_get_id(reqData));
if (resp == NULL)
return NULL;
wpabuf_put_u8(resp, LEAP_VERSION);
wpabuf_put_u8(resp, 0); /* unused */
wpabuf_put_u8(resp, LEAP_RESPONSE_LEN);
rpos = wpabuf_put(resp, LEAP_RESPONSE_LEN);
if (pwhash)
challenge_response(challenge, password, rpos);
else
nt_challenge_response(challenge, password, password_len, rpos);
os_memcpy(data->peer_response, rpos, LEAP_RESPONSE_LEN);
wpa_hexdump(MSG_MSGDUMP, "EAP-LEAP: Response",
rpos, LEAP_RESPONSE_LEN);
wpabuf_put_data(resp, identity, identity_len);
data->state = LEAP_WAIT_SUCCESS;
return resp;
}
static void * eap_wsc_init(struct eap_sm *sm)
{
struct eap_wsc_data *data;
const u8 *identity;
size_t identity_len;
int registrar;
struct wps_config cfg;
const char *pos;
const char *phase1;
struct wps_context *wps;
struct wps_credential new_ap_settings;
int res;
u8 dev_pw[WPS_OOB_DEVICE_PASSWORD_LEN];
int nfc = 0;
wps = sm->wps;
if (wps == NULL) {
wpa_printf(MSG_ERROR, "EAP-WSC: WPS context not available");
return NULL;
}
identity = eap_get_config_identity(sm, &identity_len);
if (identity && identity_len == WSC_ID_REGISTRAR_LEN &&
os_memcmp(identity, WSC_ID_REGISTRAR, WSC_ID_REGISTRAR_LEN) == 0)
registrar = 1; /* Supplicant is Registrar */
else if (identity && identity_len == WSC_ID_ENROLLEE_LEN &&
os_memcmp(identity, WSC_ID_ENROLLEE, WSC_ID_ENROLLEE_LEN) == 0)
registrar = 0; /* Supplicant is Enrollee */
else {
wpa_hexdump_ascii(MSG_INFO, "EAP-WSC: Unexpected identity",
identity, identity_len);
return NULL;
}
data = os_zalloc(sizeof(*data));
if (data == NULL)
return NULL;
data->state = registrar ? MESG : WAIT_START;
data->registrar = registrar;
data->wps_ctx = wps;
os_memset(&cfg, 0, sizeof(cfg));
cfg.wps = wps;
cfg.registrar = registrar;
phase1 = eap_get_config_phase1(sm);
if (phase1 == NULL) {
wpa_printf(MSG_INFO, "EAP-WSC: phase1 configuration data not "
"set");
os_free(data);
return NULL;
}
pos = os_strstr(phase1, "pin=");
if (pos) {
pos += 4;
cfg.pin = (const u8 *) pos;
while (*pos != '\0' && *pos != ' ')
pos++;
cfg.pin_len = pos - (const char *) cfg.pin;
if (cfg.pin_len >= WPS_OOB_DEVICE_PASSWORD_MIN_LEN * 2 &&
cfg.pin_len <= WPS_OOB_DEVICE_PASSWORD_LEN * 2 &&
hexstr2bin((const char *) cfg.pin, dev_pw,
cfg.pin_len / 2) == 0) {
/* Convert OOB Device Password to binary */
cfg.pin = dev_pw;
cfg.pin_len /= 2;
}
if (cfg.pin_len == 6 &&
os_strncmp((const char *) cfg.pin, "nfc-pw", 6) == 0) {
cfg.pin = NULL;
cfg.pin_len = 0;
nfc = 1;
}
} else {
pos = os_strstr(phase1, "pbc=1");
if (pos)
cfg.pbc = 1;
}
if (cfg.pin == NULL && !cfg.pbc && !nfc) {
wpa_printf(MSG_INFO, "EAP-WSC: PIN or PBC not set in phase1 "
"configuration data");
os_free(data);
return NULL;
}
pos = os_strstr(phase1, "dev_pw_id=");
if (pos && cfg.pin)
cfg.dev_pw_id = atoi(pos + 10);
res = eap_wsc_new_ap_settings(&new_ap_settings, phase1);
if (res < 0) {
os_free(data);
return NULL;
}
if (res == 1) {
wpa_printf(MSG_DEBUG, "EAP-WSC: Provide new AP settings for "
"WPS");
cfg.new_ap_settings = &new_ap_settings;
}
data->wps = wps_init(&cfg);
if (data->wps == NULL) {
os_free(data);
return NULL;
}
res = eap_get_config_fragment_size(sm);
if (res > 0)
data->fragment_size = res;
else
data->fragment_size = WSC_FRAGMENT_SIZE;
wpa_printf(MSG_DEBUG, "EAP-WSC: Fragment size limit %u",
(unsigned int) data->fragment_size);
if (registrar && cfg.pin) {
wps_registrar_add_pin(data->wps_ctx->registrar, NULL, NULL,
cfg.pin, cfg.pin_len, 0);
}
/* Use reduced client timeout for WPS to avoid long wait */
if (sm->ClientTimeout > 30)
sm->ClientTimeout = 30;
return data;
}
static struct wpabuf * eap_aka_process_challenge(struct eap_sm *sm,
struct eap_aka_data *data,
u8 id,
const struct wpabuf *reqData,
struct eap_sim_attrs *attr)
{
const u8 *identity;
size_t identity_len;
int res;
struct eap_sim_attrs eattr;
wpa_printf(MSG_DEBUG, "EAP-AKA: subtype Challenge");
if (attr->checkcode &&
eap_aka_verify_checkcode(data, attr->checkcode,
attr->checkcode_len)) {
wpa_printf(MSG_WARNING, "EAP-AKA: Invalid AT_CHECKCODE in the "
"message");
return eap_aka_client_error(data, id,
EAP_AKA_UNABLE_TO_PROCESS_PACKET);
}
#ifdef EAP_AKA_PRIME
if (data->eap_method == EAP_TYPE_AKA_PRIME) {
if (!attr->kdf_input || attr->kdf_input_len == 0) {
wpa_printf(MSG_WARNING, "EAP-AKA': Challenge message "
"did not include non-empty AT_KDF_INPUT");
/* Fail authentication as if AUTN had been incorrect */
return eap_aka_authentication_reject(data, id);
}
os_free(data->network_name);
data->network_name = os_malloc(attr->kdf_input_len);
if (data->network_name == NULL) {
wpa_printf(MSG_WARNING, "EAP-AKA': No memory for "
"storing Network Name");
return eap_aka_authentication_reject(data, id);
}
os_memcpy(data->network_name, attr->kdf_input,
attr->kdf_input_len);
data->network_name_len = attr->kdf_input_len;
wpa_hexdump_ascii(MSG_DEBUG, "EAP-AKA': Network Name "
"(AT_KDF_INPUT)",
data->network_name, data->network_name_len);
/* TODO: check Network Name per 3GPP.33.402 */
if (!eap_aka_prime_kdf_valid(data, attr))
return eap_aka_authentication_reject(data, id);
if (attr->kdf[0] != EAP_AKA_PRIME_KDF)
return eap_aka_prime_kdf_neg(data, id, attr);
data->kdf = EAP_AKA_PRIME_KDF;
wpa_printf(MSG_DEBUG, "EAP-AKA': KDF %d selected", data->kdf);
}
if (data->eap_method == EAP_TYPE_AKA && attr->bidding) {
u16 flags = WPA_GET_BE16(attr->bidding);
if ((flags & EAP_AKA_BIDDING_FLAG_D) &&
eap_allowed_method(sm, EAP_VENDOR_IETF,
EAP_TYPE_AKA_PRIME)) {
wpa_printf(MSG_WARNING, "EAP-AKA: Bidding down from "
"AKA' to AKA detected");
/* Fail authentication as if AUTN had been incorrect */
return eap_aka_authentication_reject(data, id);
}
}
#endif /* EAP_AKA_PRIME */
data->reauth = 0;
if (!attr->mac || !attr->rand || !attr->autn) {
wpa_printf(MSG_WARNING, "EAP-AKA: Challenge message "
"did not include%s%s%s",
!attr->mac ? " AT_MAC" : "",
!attr->rand ? " AT_RAND" : "",
!attr->autn ? " AT_AUTN" : "");
return eap_aka_client_error(data, id,
EAP_AKA_UNABLE_TO_PROCESS_PACKET);
}
os_memcpy(data->rand, attr->rand, EAP_AKA_RAND_LEN);
os_memcpy(data->autn, attr->autn, EAP_AKA_AUTN_LEN);
res = eap_aka_umts_auth(sm, data);
if(res != 0) {
wpa_printf(MSG_ERROR, "EAP-AKA: No more data send to APDU server");
//SCardDisconnect(0,0);
}
if (res == -1) {
wpa_printf(MSG_WARNING, "EAP-AKA: UMTS authentication "
"failed (AUTN)");
return eap_aka_authentication_reject(data, id);
} else if (res == -2) {
wpa_printf(MSG_WARNING, "EAP-AKA: UMTS authentication "
"failed (AUTN seq# -> AUTS)");
return eap_aka_synchronization_failure(data, id);
} else if (res) {
wpa_printf(MSG_WARNING, "EAP-AKA: UMTS authentication failed");
return eap_aka_client_error(data, id,
EAP_AKA_UNABLE_TO_PROCESS_PACKET);
}
#ifdef EAP_AKA_PRIME
if (data->eap_method == EAP_TYPE_AKA_PRIME) {
/* Note: AUTN = (SQN ^ AK) || AMF || MAC which gives us the
* needed 6-octet SQN ^ AK for CK',IK' derivation */
u16 amf = WPA_GET_BE16(data->autn + 6);
if (!(amf & 0x8000)) {
wpa_printf(MSG_WARNING, "EAP-AKA': AMF separation bit "
"not set (AMF=0x%4x)", amf);
return eap_aka_authentication_reject(data, id);
}
eap_aka_prime_derive_ck_ik_prime(data->ck, data->ik,
data->autn,
data->network_name,
data->network_name_len);
}
#endif /* EAP_AKA_PRIME */
if (data->last_eap_identity) {
identity = data->last_eap_identity;
identity_len = data->last_eap_identity_len;
} else if (data->pseudonym) {
identity = data->pseudonym;
identity_len = data->pseudonym_len;
} else
identity = eap_get_config_identity(sm, &identity_len);
wpa_hexdump_ascii(MSG_DEBUG, "EAP-AKA: Selected identity for MK "
"derivation", identity, identity_len);
if (data->eap_method == EAP_TYPE_AKA_PRIME) {
eap_aka_prime_derive_keys(identity, identity_len, data->ik,
data->ck, data->k_encr, data->k_aut,
data->k_re, data->msk, data->emsk);
} else {
eap_aka_derive_mk(identity, identity_len, data->ik, data->ck,
data->mk);
eap_sim_derive_keys(data->mk, data->k_encr, data->k_aut,
data->msk, data->emsk);
}
if (eap_aka_verify_mac(data, reqData, attr->mac, (u8 *) "", 0)) {
wpa_printf(MSG_WARNING, "EAP-AKA: Challenge message "
"used invalid AT_MAC");
return eap_aka_client_error(data, id,
EAP_AKA_UNABLE_TO_PROCESS_PACKET);
}
/* Old reauthentication identity must not be used anymore. In
* other words, if no new identities are received, full
* authentication will be used on next reauthentication (using
* pseudonym identity or permanent identity). */
eap_aka_clear_identities(data, CLEAR_REAUTH_ID | CLEAR_EAP_ID);
if (attr->encr_data) {
u8 *decrypted;
decrypted = eap_sim_parse_encr(data->k_encr, attr->encr_data,
attr->encr_data_len, attr->iv,
&eattr, 0);
if (decrypted == NULL) {
return eap_aka_client_error(
data, id, EAP_AKA_UNABLE_TO_PROCESS_PACKET);
}
eap_aka_learn_ids(sm, data, &eattr);
os_free(decrypted);
}
if (data->result_ind && attr->result_ind)
data->use_result_ind = 1;
if (data->state != FAILURE && data->state != RESULT_FAILURE) {
eap_aka_state(data, data->use_result_ind ?
RESULT_SUCCESS : SUCCESS);
}
data->num_id_req = 0;
data->num_notification = 0;
/* RFC 4187 specifies that counter is initialized to one after
* fullauth, but initializing it to zero makes it easier to implement
* reauth verification. */
data->counter = 0;
return eap_aka_response_challenge(data, id);
}
static struct wpabuf *
eap_mschapv2_challenge_reply(
struct eap_sm *sm, struct eap_mschapv2_data *data,
u8 id, u8 mschapv2_id, const u8 *auth_challenge)
{
struct wpabuf *resp;
struct eap_mschapv2_hdr *ms;
u8 *peer_challenge;
int ms_len;
struct ms_response *r;
size_t identity_len, password_len;
const u8 *identity, *password;
int pwhash;
wpa_printf(MSG_DEBUG, "EAP-MSCHAPV2: Generate Challenge Response\n");
identity = eap_get_config_identity(sm, &identity_len);
password = eap_get_config_password2(sm, &password_len, &pwhash);
if (identity == NULL || password == NULL)
return NULL;
ms_len = sizeof(*ms) + 1 + sizeof(*r) + identity_len;
resp = eap_msg_alloc(EAP_VENDOR_IETF, EAP_TYPE_MSCHAPV2,
ms_len, EAP_CODE_RESPONSE, id);
if (resp == NULL)
return NULL;
ms = wpabuf_put(resp, sizeof(*ms));
ms->op_code = MSCHAPV2_OP_RESPONSE;
ms->mschapv2_id = mschapv2_id;
if (data->prev_error)
ms->mschapv2_id++;
WPA_PUT_BE16(ms->ms_length, ms_len);
wpabuf_put_u8(resp, sizeof(*r));
/* Response */
r = wpabuf_put(resp, sizeof(*r));
peer_challenge = r->peer_challenge;
if (data->peer_challenge) {
peer_challenge = data->peer_challenge;
os_memset(r->peer_challenge, 0, MSCHAPV2_CHAL_LEN);
} else if (random_get_bytes(peer_challenge, MSCHAPV2_CHAL_LEN)) {
wpabuf_free(resp);
return NULL;
}
os_memset(r->reserved, 0, 8);
if (data->auth_challenge)
auth_challenge = data->auth_challenge;
if (mschapv2_derive_response(identity, identity_len, password,
password_len, pwhash, auth_challenge,
peer_challenge, r->nt_response,
data->auth_response, data->master_key)) {
wpabuf_free(resp);
return NULL;
}
data->auth_response_valid = 1;
data->master_key_valid = 1;
r->flags = 0;
wpabuf_put_data(resp, identity, identity_len);
return resp;
}
static u8 * eap_leap_process_request(struct eap_sm *sm, void *priv,
struct eap_method_ret *ret,
const u8 *reqData, size_t reqDataLen,
size_t *respDataLen)
{
struct eap_leap_data *data = priv;
const struct eap_hdr *req;
struct eap_hdr *resp;
const u8 *pos, *challenge, *identity, *password;
u8 challenge_len, *rpos;
size_t identity_len, password_len;
wpa_printf(MSG_DEBUG, "EAP-LEAP: Processing EAP-Request");
identity = eap_get_config_identity(sm, &identity_len);
password = eap_get_config_password(sm, &password_len);
if (identity == NULL || password == NULL)
return NULL;
req = (const struct eap_hdr *) reqData;
pos = (const u8 *) (req + 1);
if (reqDataLen < sizeof(*req) + 4 || *pos != EAP_TYPE_LEAP) {
wpa_printf(MSG_INFO, "EAP-LEAP: Invalid EAP-Request frame");
ret->ignore = TRUE;
return NULL;
}
pos++;
if (*pos != LEAP_VERSION) {
wpa_printf(MSG_WARNING, "EAP-LEAP: Unsupported LEAP version "
"%d", *pos);
ret->ignore = TRUE;
return NULL;
}
pos++;
pos++; /* skip unused byte */
challenge_len = *pos++;
if (challenge_len != LEAP_CHALLENGE_LEN ||
challenge_len > reqDataLen - sizeof(*req) - 4) {
wpa_printf(MSG_INFO, "EAP-LEAP: Invalid challenge "
"(challenge_len=%d reqDataLen=%lu)",
challenge_len, (unsigned long) reqDataLen);
ret->ignore = TRUE;
return NULL;
}
challenge = pos;
os_memcpy(data->peer_challenge, challenge, LEAP_CHALLENGE_LEN);
wpa_hexdump(MSG_MSGDUMP, "EAP-LEAP: Challenge from AP",
challenge, LEAP_CHALLENGE_LEN);
wpa_printf(MSG_DEBUG, "EAP-LEAP: Generating Challenge Response");
resp = eap_msg_alloc(EAP_VENDOR_IETF, EAP_TYPE_LEAP, respDataLen,
3 + LEAP_RESPONSE_LEN + identity_len,
EAP_CODE_RESPONSE, req->identifier, &rpos);
if (resp == NULL)
return NULL;
*rpos++ = LEAP_VERSION;
*rpos++ = 0; /* unused */
*rpos++ = LEAP_RESPONSE_LEN;
nt_challenge_response(challenge, password, password_len, rpos);
os_memcpy(data->peer_response, rpos, LEAP_RESPONSE_LEN);
wpa_hexdump(MSG_MSGDUMP, "EAP-LEAP: Response",
rpos, LEAP_RESPONSE_LEN);
rpos += LEAP_RESPONSE_LEN;
os_memcpy(rpos, identity, identity_len);
data->state = LEAP_WAIT_SUCCESS;
return (u8 *) resp;
}
static u8 * eap_mschapv2_challenge(struct eap_sm *sm,
struct eap_mschapv2_data *data,
struct eap_method_ret *ret,
const struct eap_mschapv2_hdr *req,
size_t *respDataLen)
{
u8 *challenge, *peer_challenge, *pos;
int ms_len;
size_t i, len, challenge_len, username_len, identity_len, password_len;
struct eap_mschapv2_hdr *resp;
u8 password_hash[16], password_hash_hash[16];
const u8 *username, *identity, *password;
identity = eap_get_config_identity(sm, &identity_len);
password = eap_get_config_password(sm, &password_len);
if (identity == NULL || password == NULL)
return NULL;
/* MSCHAPv2 does not include optional domain name in the
* challenge-response calculation, so remove domain prefix
* (if present). */
username = identity;
username_len = identity_len;
for (i = 0; i < username_len; i++) {
if (username[i] == '\\') {
username_len -= i + 1;
username += i + 1;
break;
}
}
wpa_printf(MSG_DEBUG, "EAP-MSCHAPV2: Received challenge");
len = be_to_host16(req->length);
pos = (u8 *) (req + 1);
challenge_len = *pos++;
if (challenge_len != 16) {
wpa_printf(MSG_INFO, "EAP-MSCHAPV2: Invalid challenge length "
"%lu", (unsigned long) challenge_len);
ret->ignore = TRUE;
return NULL;
}
if (len < 10 || len - 10 < challenge_len) {
wpa_printf(MSG_INFO, "EAP-MSCHAPV2: Too short challenge"
" packet: len=%lu challenge_len=%lu",
(unsigned long) len, (unsigned long) challenge_len);
ret->ignore = TRUE;
return NULL;
}
if (data->passwd_change_challenge_valid) {
wpa_printf(MSG_DEBUG, "EAP-MSCHAPV2: Using challenge from the "
"failure message");
challenge = data->passwd_change_challenge;
} else
challenge = pos;
pos += challenge_len;
wpa_hexdump_ascii(MSG_DEBUG, "EAP-MSCHAPV2: Authentication Servername",
pos, len - challenge_len - 10);
ret->ignore = FALSE;
ret->methodState = METHOD_MAY_CONT;
ret->decision = DECISION_FAIL;
ret->allowNotifications = TRUE;
wpa_printf(MSG_DEBUG, "EAP-MSCHAPV2: Generating Challenge Response");
*respDataLen = sizeof(*resp) + 1 + MSCHAPV2_RESP_LEN + identity_len;
resp = wpa_zalloc(*respDataLen);
if (resp == NULL)
return NULL;
resp->code = EAP_CODE_RESPONSE;
resp->identifier = req->identifier;
resp->length = host_to_be16(*respDataLen);
resp->type = EAP_TYPE_MSCHAPV2;
resp->op_code = MSCHAPV2_OP_RESPONSE;
resp->mschapv2_id = req->mschapv2_id;
if (data->prev_error) {
/*
* TODO: this does not seem to be enough when processing two
* or more failure messages. IAS did not increment mschapv2_id
* in its own packets, but it seemed to expect the peer to
* increment this for all packets(?).
*/
resp->mschapv2_id++;
}
ms_len = *respDataLen - 5;
WPA_PUT_BE16(resp->ms_length, ms_len);
pos = (u8 *) (resp + 1);
*pos++ = MSCHAPV2_RESP_LEN; /* Value-Size */
/* Response */
peer_challenge = pos;
if (data->peer_challenge) {
wpa_printf(MSG_DEBUG, "EAP-MSCHAPV2: peer_challenge generated "
"in Phase 1");
peer_challenge = data->peer_challenge;
} else if (hostapd_get_rand(peer_challenge, 16)) {
free(resp);
return NULL;
}
pos += 16;
pos += 8; /* Reserved, must be zero */
if (data->auth_challenge) {
wpa_printf(MSG_DEBUG, "EAP-MSCHAPV2: auth_challenge generated "
"in Phase 1");
challenge = data->auth_challenge;
}
wpa_hexdump(MSG_DEBUG, "EAP-MSCHAPV2: auth_challenge", challenge, 16);
wpa_hexdump(MSG_DEBUG, "EAP-MSCHAPV2: peer_challenge",
peer_challenge, 16);
wpa_hexdump_ascii(MSG_DEBUG, "EAP-MSCHAPV2: username",
username, username_len);
wpa_hexdump_ascii_key(MSG_DEBUG, "EAP-MSCHAPV2: password",
password, password_len);
generate_nt_response(challenge, peer_challenge, username, username_len,
password, password_len, pos);
wpa_hexdump(MSG_DEBUG, "EAP-MSCHAPV2: response", pos, 24);
/* Authenticator response is not really needed yet, but calculate it
* here so that challenges need not be saved. */
generate_authenticator_response(password, password_len,
peer_challenge, challenge,
username, username_len, pos,
data->auth_response);
data->auth_response_valid = 1;
/* Likewise, generate master_key here since we have the needed data
* available. */
nt_password_hash(password, password_len, password_hash);
hash_nt_password_hash(password_hash, password_hash_hash);
get_master_key(password_hash_hash, pos /* nt_response */,
data->master_key);
data->master_key_valid = 1;
pos += 24;
pos++; /* Flag / reserved, must be zero */
memcpy(pos, identity, identity_len);
wpa_printf(MSG_DEBUG, "EAP-MSCHAPV2: TX identifier %d mschapv2_id %d "
"(response)", resp->identifier, resp->mschapv2_id);
return (u8 *) resp;
}
static u8 * eap_mschapv2_process(struct eap_sm *sm, void *priv,
struct eap_method_ret *ret,
const u8 *reqData, size_t reqDataLen,
size_t *respDataLen)
{
struct eap_mschapv2_data *data = priv;
struct wpa_ssid *config = eap_get_config(sm);
const struct eap_mschapv2_hdr *req;
int using_prev_challenge = 0;
const u8 *pos;
size_t ms_len, len;
if (eap_get_config_identity(sm, &len) == NULL) {
wpa_printf(MSG_INFO, "EAP-MSCHAPV2: Identity not configured");
eap_sm_request_identity(sm);
ret->ignore = TRUE;
return NULL;
}
if (eap_get_config_password(sm, &len) == NULL) {
wpa_printf(MSG_INFO, "EAP-MSCHAPV2: Password not configured");
eap_sm_request_password(sm);
ret->ignore = TRUE;
return NULL;
}
if (config->mschapv2_retry && data->prev_challenge &&
data->prev_error == ERROR_AUTHENTICATION_FAILURE) {
wpa_printf(MSG_DEBUG, "EAP-MSCHAPV2: Replacing pending packet "
"with the previous challenge");
reqData = data->prev_challenge;
reqDataLen = data->prev_challenge_len;
using_prev_challenge = 1;
config->mschapv2_retry = 0;
}
pos = eap_hdr_validate(EAP_VENDOR_IETF, EAP_TYPE_MSCHAPV2,
reqData, reqDataLen, &len);
if (pos == NULL || len < 5) {
ret->ignore = TRUE;
return NULL;
}
req = (const struct eap_mschapv2_hdr *) reqData;
len = be_to_host16(req->length);
ms_len = WPA_GET_BE16(req->ms_length);
if (ms_len != len - 5) {
wpa_printf(MSG_INFO, "EAP-MSCHAPV2: Invalid header: len=%lu "
"ms_len=%lu", (unsigned long) len,
(unsigned long) ms_len);
if (sm->workaround) {
/* Some authentication servers use invalid ms_len,
* ignore it for interoperability. */
wpa_printf(MSG_INFO, "EAP-MSCHAPV2: workaround, ignore"
" invalid ms_len");
} else {
ret->ignore = TRUE;
return NULL;
}
}
wpa_printf(MSG_DEBUG, "EAP-MSCHAPV2: RX identifier %d mschapv2_id %d",
req->identifier, req->mschapv2_id);
switch (req->op_code) {
case MSCHAPV2_OP_CHALLENGE:
if (!using_prev_challenge) {
free(data->prev_challenge);
data->prev_challenge = malloc(len);
if (data->prev_challenge) {
data->prev_challenge_len = len;
memcpy(data->prev_challenge, reqData, len);
}
}
return eap_mschapv2_challenge(sm, data, ret, req, respDataLen);
case MSCHAPV2_OP_SUCCESS:
return eap_mschapv2_success(sm, data, ret, req, respDataLen);
case MSCHAPV2_OP_FAILURE:
return eap_mschapv2_failure(sm, data, ret, req, respDataLen);
default:
wpa_printf(MSG_INFO, "EAP-MSCHAPV2: Unknown op %d - ignored",
req->op_code);
ret->ignore = TRUE;
return NULL;
}
}
static struct wpabuf *
eap_mschapv2_change_password(
struct eap_sm *sm, struct eap_mschapv2_data *data,
struct eap_method_ret *ret, const struct eap_mschapv2_hdr *req, u8 id)
{
struct wpabuf *resp;
int ms_len;
const u8 *username, *password, *new_password;
size_t username_len, password_len, new_password_len;
struct eap_mschapv2_hdr *ms;
struct ms_change_password *cp;
u8 password_hash[16], password_hash_hash[16];
int pwhash;
username = eap_get_config_identity(sm, &username_len);
password = eap_get_config_password2(sm, &password_len, &pwhash);
new_password = eap_get_config_new_password(sm, &new_password_len);
if (username == NULL || password == NULL || new_password == NULL)
return NULL;
username = mschapv2_remove_domain(username, &username_len);
ret->ignore = false;
ret->methodState = METHOD_MAY_CONT;
ret->decision = DECISION_COND_SUCC;
ret->allowNotifications = TRUE;
ms_len = sizeof(*ms) + sizeof(*cp);
resp = eap_msg_alloc(EAP_VENDOR_IETF, EAP_TYPE_MSCHAPV2, ms_len,
EAP_CODE_RESPONSE, id);
if (resp == NULL)
return NULL;
ms = wpabuf_put(resp, sizeof(*ms));
ms->op_code = MSCHAPV2_OP_CHANGE_PASSWORD;
ms->mschapv2_id = req->mschapv2_id + 1;
WPA_PUT_BE16(ms->ms_length, ms_len);
cp = wpabuf_put(resp, sizeof(*cp));
if (pwhash) {
if (encrypt_pw_block_with_password_hash(
new_password, new_password_len,
password, cp->encr_password))
goto fail;
} else {
if (new_password_encrypted_with_old_nt_password_hash(
new_password, new_password_len,
password, password_len, cp->encr_password))
goto fail;
}
if (pwhash) {
u8 new_password_hash[16];
nt_password_hash(new_password, new_password_len,
new_password_hash);
nt_password_hash_encrypted_with_block(password,
new_password_hash,
cp->encr_hash);
} else {
old_nt_password_hash_encrypted_with_new_nt_password_hash(
new_password, new_password_len,
password, password_len, cp->encr_hash);
}
if (random_get_bytes(cp->peer_challenge, MSCHAPV2_CHAL_LEN))
goto fail;
os_memset(cp->reserved, 0, 8);
generate_nt_response(data->passwd_change_challenge, cp->peer_challenge,
username, username_len, new_password,
new_password_len, cp->nt_response);
generate_authenticator_response(new_password, new_password_len,
cp->peer_challenge,
data->passwd_change_challenge,
username, username_len,
cp->nt_response, data->auth_response);
data->auth_response_valid = 1;
nt_password_hash(new_password, new_password_len, password_hash);
hash_nt_password_hash(password_hash, password_hash_hash);
get_master_key(password_hash_hash, cp->nt_response, data->master_key);
data->master_key_valid = 1;
os_memset(cp->flags, 0, 2);
return resp;
fail:
wpabuf_free(resp);
return NULL;
}
