void eapol_auth_reauthenticate(struct eapol_state_machine *sm)
{
wpa_printf(MSG_DEBUG, "EAPOL: External reauthentication trigger for "
MACSTR, MAC2STR(sm->addr));
sm->reAuthenticate = TRUE;
eapol_auth_step(sm);
}
int eapol_auth_eap_pending_cb(struct eapol_state_machine *sm, void *ctx)
{
if (sm == NULL || ctx == NULL || ctx != sm->eap)
return -1;
eap_sm_pending_cb(sm->eap);
eapol_auth_step(sm);
return 0;
}
static void eapol_sm_step_run(struct eapol_state_machine *sm)
{
struct eapol_authenticator *eapol = sm->eapol;
u8 addr[ETH_ALEN];
unsigned int prev_auth_pae, prev_be_auth, prev_reauth_timer,
prev_auth_key_tx, prev_key_rx, prev_ctrl_dir;
int max_steps = 100;
os_memcpy(addr, sm->addr, ETH_ALEN);
/*
* Allow EAPOL state machines to run as long as there are state
* changes, but exit and return here through event loop if more than
* 100 steps is needed as a precaution against infinite loops inside
* eloop callback.
*/
restart:
prev_auth_pae = sm->auth_pae_state;
prev_be_auth = sm->be_auth_state;
prev_reauth_timer = sm->reauth_timer_state;
prev_auth_key_tx = sm->auth_key_tx_state;
prev_key_rx = sm->key_rx_state;
prev_ctrl_dir = sm->ctrl_dir_state;
SM_STEP_RUN(AUTH_PAE);
if (sm->initializing || eapol_sm_sta_entry_alive(eapol, addr))
SM_STEP_RUN(BE_AUTH);
if (sm->initializing || eapol_sm_sta_entry_alive(eapol, addr))
SM_STEP_RUN(REAUTH_TIMER);
if (sm->initializing || eapol_sm_sta_entry_alive(eapol, addr))
SM_STEP_RUN(AUTH_KEY_TX);
if (sm->initializing || eapol_sm_sta_entry_alive(eapol, addr))
SM_STEP_RUN(KEY_RX);
if (sm->initializing || eapol_sm_sta_entry_alive(eapol, addr))
SM_STEP_RUN(CTRL_DIR);
if (prev_auth_pae != sm->auth_pae_state ||
prev_be_auth != sm->be_auth_state ||
prev_reauth_timer != sm->reauth_timer_state ||
prev_auth_key_tx != sm->auth_key_tx_state ||
prev_key_rx != sm->key_rx_state ||
prev_ctrl_dir != sm->ctrl_dir_state) {
if (--max_steps > 0)
goto restart;
/* Re-run from eloop timeout */
eapol_auth_step(sm);
return;
}
if (eapol_sm_sta_entry_alive(eapol, addr) && sm->eap) {
if (eap_server_sm_step(sm->eap)) {
if (--max_steps > 0)
goto restart;
/* Re-run from eloop timeout */
eapol_auth_step(sm);
return;
}
/* TODO: find a better location for this */
if (sm->eap_if->aaaEapResp) {
sm->eap_if->aaaEapResp = FALSE;
if (sm->eap_if->aaaEapRespData == NULL) {
wpa_printf(MSG_DEBUG, "EAPOL: aaaEapResp set, "
"but no aaaEapRespData available");
return;
}
sm->eapol->cb.aaa_send(
sm->eapol->conf.ctx, sm->sta,
wpabuf_head(sm->eap_if->aaaEapRespData),
wpabuf_len(sm->eap_if->aaaEapRespData));
}
}
if (eapol_sm_sta_entry_alive(eapol, addr))
sm->eapol->cb.eapol_event(sm->eapol->conf.ctx, sm->sta,
EAPOL_AUTH_SM_CHANGE);
}
int eapol_auth_set_conf(struct eapol_state_machine *sm, const char *param,
const char *value)
{
wpa_printf(MSG_DEBUG, "EAPOL: External configuration operation for "
MACSTR " - param=%s value=%s",
MAC2STR(sm->addr), param, value);
if (os_strcasecmp(param, "AdminControlledDirections") == 0) {
if (os_strcmp(value, "Both") == 0)
sm->adminControlledDirections = Both;
else if (os_strcmp(value, "In") == 0)
sm->adminControlledDirections = In;
else
return -1;
eapol_auth_step(sm);
return 0;
}
if (os_strcasecmp(param, "AdminControlledPortControl") == 0) {
if (os_strcmp(value, "ForceAuthorized") == 0)
sm->portControl = ForceAuthorized;
else if (os_strcmp(value, "ForceUnauthorized") == 0)
sm->portControl = ForceUnauthorized;
else if (os_strcmp(value, "Auto") == 0)
sm->portControl = Auto;
else
return -1;
eapol_auth_step(sm);
return 0;
}
if (os_strcasecmp(param, "quietPeriod") == 0) {
sm->quietPeriod = atoi(value);
return 0;
}
if (os_strcasecmp(param, "serverTimeout") == 0) {
sm->serverTimeout = atoi(value);
return 0;
}
if (os_strcasecmp(param, "reAuthPeriod") == 0) {
sm->reAuthPeriod = atoi(value);
return 0;
}
if (os_strcasecmp(param, "reAuthEnabled") == 0) {
if (os_strcmp(value, "TRUE") == 0)
sm->reAuthEnabled = TRUE;
else if (os_strcmp(value, "FALSE") == 0)
sm->reAuthEnabled = FALSE;
else
return -1;
eapol_auth_step(sm);
return 0;
}
if (os_strcasecmp(param, "KeyTransmissionEnabled") == 0) {
if (os_strcmp(value, "TRUE") == 0)
sm->keyTxEnabled = TRUE;
else if (os_strcmp(value, "FALSE") == 0)
sm->keyTxEnabled = FALSE;
else
return -1;
eapol_auth_step(sm);
return 0;
}
return -1;
}