SM_STATE(AUTH_PAE, DISCONNECTED) { int from_initialize = sm->auth_pae.state == AUTH_PAE_INITIALIZE; if (sm->auth_pae.state == AUTH_PAE_CONNECTING && sm->auth_pae.eapLogoff) sm->auth_pae.authEapLogoffsWhileConnecting++; SM_ENTRY(AUTH_PAE, DISCONNECTED, auth_pae); sm->portStatus = Unauthorized; setPortUnauthorized(); sm->auth_pae.eapLogoff = FALSE; sm->auth_pae.reAuthCount = 0; /* IEEE 802.1X state machine uses txCannedFail() always in this state. * However, sending EAP packet with failure code seems to cause WinXP * Supplicant to deauthenticate, which will set portEnabled = FALSE and * state machines end back to INITIALIZE and then back here to send * canned failure, and so on.. Avoid this by not sending failure packet * when DISCONNECTED state is entered from INITIALIZE state. */ if (!from_initialize) { txCannedFail(sm->currentId); sm->currentId++; } }
void auth_disconnected(auth_t* auth_1x) { #ifdef DEBUG_STATS g_debug_stats.auth_stats.d++; #endif /* DEBUG_STATS */ auth_1x->global.reAuthenticate = BFALSE; auth_1x->global.txWhenTimeout = BFALSE; auth_1x->global.authPortStatus = UNAUTHORIZED; auth_1x->auth_pae.reAuthCount = 0; auth_1x->auth_pae.eapolLogoff = BFALSE; /* Set authentication state */ auth_1x->auth_pae.state = AS_DISCONNECTED; /* If this state is not entered after an initialization */ /* relay a Failure frame */ if(auth_1x->global.currentId != 0) { /* Set authentication backend state */ auth_1x->auth_bak.state = ABS_FAIL; txCannedFail(auth_1x); stop_auth_rsna_fsm((rsna_auth_persta_t*)(auth_1x->rsna_ptr)); } }
SM_STATE(BE_AUTH, TIMEOUT) { SM_ENTRY(BE_AUTH, TIMEOUT, be_auth); if (sm->portStatus == Unauthorized) txCannedFail(sm->currentId); sm->authTimeout = TRUE; }
SM_STATE(AUTH_PAE, FORCE_UNAUTH) { SM_ENTRY_MA(AUTH_PAE, FORCE_UNAUTH, auth_pae); sm->authPortStatus = Unauthorized; setPortUnauthorized(); sm->portMode = ForceUnauthorized; sm->eapolStart = FALSE; txCannedFail(); }
SM_STATE(AUTH_PAE, FORCE_UNAUTH) { SM_ENTRY(AUTH_PAE, FORCE_UNAUTH, auth_pae); sm->portStatus = Unauthorized; setPortUnauthorized(); sm->auth_pae.portMode = ForceUnauthorized; sm->auth_pae.eapStart = FALSE; txCannedFail(sm->currentId); sm->currentId++; }
void auth_force_unauth(auth_t* auth_1x) { #ifdef DEBUG_STATS g_debug_stats.auth_stats.fua++; #endif /* DEBUG_STATS */ auth_1x->global.authPortStatus = UNAUTHORIZED; auth_1x->auth_pae.portMode = FORCE_UNAUTHORIZED; auth_1x->auth_pae.eapolStart = BFALSE; /* Set authentication backend state */ auth_1x->auth_bak.state = ABS_FAIL; txCannedFail(auth_1x); /* Set authentication state */ auth_1x->auth_pae.state = AS_FORCE_UNAUTH; }