/**
* eapol_sm_rx_eapol - Process received EAPOL frames
* @sm: Pointer to EAPOL state machine allocated with eapol_sm_init()
* @src: Source MAC address of the EAPOL packet
* @buf: Pointer to the beginning of the EAPOL data (EAPOL header)
* @len: Length of the EAPOL frame
* Returns: 1 = EAPOL frame processed, 0 = not for EAPOL state machine,
* -1 failure
*/
int eapol_sm_rx_eapol(struct eapol_sm *sm, const u8 *src, const u8 *buf,
size_t len)
{
const struct ieee802_1x_hdr *hdr;
const struct ieee802_1x_eapol_key *key;
int data_len;
int res = 1;
size_t plen;
if (sm == NULL)
return 0;
sm->dot1xSuppEapolFramesRx++;
if (len < sizeof(*hdr)) {
sm->dot1xSuppInvalidEapolFramesRx++;
return 0;
}
hdr = (const struct ieee802_1x_hdr *) buf;
sm->dot1xSuppLastEapolFrameVersion = hdr->version;
os_memcpy(sm->dot1xSuppLastEapolFrameSource, src, ETH_ALEN);
if (hdr->version < EAPOL_VERSION) {
/* TODO: backwards compatibility */
}
plen = be_to_host16(hdr->length);
if (plen > len - sizeof(*hdr)) {
sm->dot1xSuppEapLengthErrorFramesRx++;
return 0;
}
#ifdef CONFIG_WPS
if (sm->conf.workaround &&
plen < len - sizeof(*hdr) &&
hdr->type == IEEE802_1X_TYPE_EAP_PACKET &&
len - sizeof(*hdr) > sizeof(struct eap_hdr)) {
const struct eap_hdr *ehdr =
(const struct eap_hdr *) (hdr + 1);
u16 elen;
elen = be_to_host16(ehdr->length);
if (elen > plen && elen <= len - sizeof(*hdr)) {
/*
* Buffalo WHR-G125 Ver.1.47 seems to send EAP-WPS
* packets with too short EAPOL header length field
* (14 octets). This is fixed in firmware Ver.1.49.
* As a workaround, fix the EAPOL header based on the
* correct length in the EAP packet.
*/
wpa_printf(MSG_DEBUG, "EAPOL: Workaround - fix EAPOL "
"payload length based on EAP header: "
"%d -> %d", (int) plen, elen);
plen = elen;
}
}
#endif /* CONFIG_WPS */
data_len = plen + sizeof(*hdr);
switch (hdr->type) {
case IEEE802_1X_TYPE_EAP_PACKET:
if (sm->cached_pmk) {
/* Trying to use PMKSA caching, but Authenticator did
* not seem to have a matching entry. Need to restart
* EAPOL state machines.
*/
eapol_sm_abort_cached(sm);
}
wpabuf_free(sm->eapReqData);
sm->eapReqData = wpabuf_alloc_copy(hdr + 1, plen);
if (sm->eapReqData) {
wpa_printf(MSG_DEBUG, "EAPOL: Received EAP-Packet "
"frame");
sm->eapolEap = TRUE;
eapol_sm_step(sm);
}
break;
case IEEE802_1X_TYPE_EAPOL_KEY:
if (plen < sizeof(*key)) {
wpa_printf(MSG_DEBUG, "EAPOL: Too short EAPOL-Key "
"frame received");
break;
}
key = (const struct ieee802_1x_eapol_key *) (hdr + 1);
if (key->type == EAPOL_KEY_TYPE_WPA ||
key->type == EAPOL_KEY_TYPE_RSN) {
/* WPA Supplicant takes care of this frame. */
wpa_printf(MSG_DEBUG, "EAPOL: Ignoring WPA EAPOL-Key "
"frame in EAPOL state machines");
res = 0;
break;
}
if (key->type != EAPOL_KEY_TYPE_RC4) {
wpa_printf(MSG_DEBUG, "EAPOL: Ignored unknown "
"EAPOL-Key type %d", key->type);
break;
}
os_free(sm->last_rx_key);
sm->last_rx_key = os_malloc(data_len);
if (sm->last_rx_key) {
wpa_printf(MSG_DEBUG, "EAPOL: Received EAPOL-Key "
"frame");
os_memcpy(sm->last_rx_key, buf, data_len);
sm->last_rx_key_len = data_len;
sm->rxKey = TRUE;
eapol_sm_step(sm);
}
break;
default:
wpa_printf(MSG_DEBUG, "EAPOL: Received unknown EAPOL type %d",
hdr->type);
sm->dot1xSuppInvalidEapolFramesRx++;
break;
}
return res;
}
/**
* eapol_sm_rx_eapol - Process received EAPOL frames
* @sm: Pointer to EAPOL state machine allocated with eapol_sm_init()
* @src: Source MAC address of the EAPOL packet
* @buf: Pointer to the beginning of the EAPOL data (EAPOL header)
* @len: Length of the EAPOL frame
* Returns: 1 = EAPOL frame processed, 0 = not for EAPOL state machine,
* -1 failure
*/
int eapol_sm_rx_eapol(struct eapol_sm *sm, const u8 *src, const u8 *buf,
size_t len)
{
const struct ieee802_1x_hdr *hdr;
const struct ieee802_1x_eapol_key *key;
int data_len;
int res = 1;
size_t plen;
if (sm == NULL)
return 0;
sm->dot1xSuppEapolFramesRx++;
if (len < sizeof(*hdr)) {
sm->dot1xSuppInvalidEapolFramesRx++;
return 0;
}
hdr = (const struct ieee802_1x_hdr *) buf;
sm->dot1xSuppLastEapolFrameVersion = hdr->version;
os_memcpy(sm->dot1xSuppLastEapolFrameSource, src, ETH_ALEN);
if (hdr->version < EAPOL_VERSION) {
/* TODO: backwards compatibility */
}
plen = be_to_host16(hdr->length);
if (plen > len - sizeof(*hdr)) {
sm->dot1xSuppEapLengthErrorFramesRx++;
return 0;
}
data_len = plen + sizeof(*hdr);
switch (hdr->type) {
case IEEE802_1X_TYPE_EAP_PACKET:
if (sm->cached_pmk) {
/* Trying to use PMKSA caching, but Authenticator did
* not seem to have a matching entry. Need to restart
* EAPOL state machines.
*/
eapol_sm_abort_cached(sm);
}
os_free(sm->eapReqData);
sm->eapReqDataLen = plen;
sm->eapReqData = os_malloc(sm->eapReqDataLen);
if (sm->eapReqData) {
wpa_printf(MSG_DEBUG, "EAPOL: Received EAP-Packet "
"frame");
os_memcpy(sm->eapReqData, (u8 *) (hdr + 1),
sm->eapReqDataLen);
sm->eapolEap = TRUE;
eapol_sm_step(sm);
}
break;
case IEEE802_1X_TYPE_EAPOL_KEY:
if (plen < sizeof(*key)) {
wpa_printf(MSG_DEBUG, "EAPOL: Too short EAPOL-Key "
"frame received");
break;
}
key = (const struct ieee802_1x_eapol_key *) (hdr + 1);
if (key->type == EAPOL_KEY_TYPE_WPA ||
key->type == EAPOL_KEY_TYPE_RSN) {
/* WPA Supplicant takes care of this frame. */
wpa_printf(MSG_DEBUG, "EAPOL: Ignoring WPA EAPOL-Key "
"frame in EAPOL state machines");
res = 0;
break;
}
if (key->type != EAPOL_KEY_TYPE_RC4) {
wpa_printf(MSG_DEBUG, "EAPOL: Ignored unknown "
"EAPOL-Key type %d", key->type);
break;
}
os_free(sm->last_rx_key);
sm->last_rx_key = os_malloc(data_len);
if (sm->last_rx_key) {
wpa_printf(MSG_DEBUG, "EAPOL: Received EAPOL-Key "
"frame");
os_memcpy(sm->last_rx_key, buf, data_len);
sm->last_rx_key_len = data_len;
sm->rxKey = TRUE;
eapol_sm_step(sm);
}
break;
default:
wpa_printf(MSG_DEBUG, "EAPOL: Received unknown EAPOL type %d",
hdr->type);
sm->dot1xSuppInvalidEapolFramesRx++;
break;
}
return res;
}
