2 * hostapd / EAP Full Authenticator state machine (RFC 4137)
3 * Copyright (c) 2004-2007, Jouni Malinen <j@w1.fi>
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
8 * This state machine is based on the full authenticator state machine defined
9 * in RFC 4137. However, to support backend authentication in RADIUS
10 * authentication server functionality, parts of backend authenticator (also
11 * from RFC 4137) are mixed in. This functionality is enabled by setting
12 * backend_auth configuration variable to TRUE.
19 #include "state_machine.h"
20 #include "common/wpa_ctrl.h"
22 #define STATE_MACHINE_DATA struct eap_sm
23 #define STATE_MACHINE_DEBUG_PREFIX "EAP"
25 #define EAP_MAX_AUTH_ROUNDS 50
27 static void eap_user_free(struct eap_user *user);
30 /* EAP state machines are described in RFC 4137 */
32 static int eap_sm_calculateTimeout(struct eap_sm *sm, int retransCount,
33 int eapSRTT, int eapRTTVAR,
35 static void eap_sm_parseEapResp(struct eap_sm *sm, const struct wpabuf *resp);
36 static int eap_sm_getId(const struct wpabuf *data);
37 static struct wpabuf * eap_sm_buildSuccess(struct eap_sm *sm, u8 id);
38 static struct wpabuf * eap_sm_buildFailure(struct eap_sm *sm, u8 id);
39 static int eap_sm_nextId(struct eap_sm *sm, int id);
40 static void eap_sm_Policy_update(struct eap_sm *sm, const u8 *nak_list,
42 static EapType eap_sm_Policy_getNextMethod(struct eap_sm *sm, int *vendor);
43 static int eap_sm_Policy_getDecision(struct eap_sm *sm);
44 static Boolean eap_sm_Policy_doPickUp(struct eap_sm *sm, EapType method);
47 static int eap_copy_buf(struct wpabuf **dst, const struct wpabuf *src)
53 *dst = wpabuf_dup(src);
58 static int eap_copy_data(u8 **dst, size_t *dst_len,
59 const u8 *src, size_t src_len)
65 *dst = os_malloc(src_len);
67 os_memcpy(*dst, src, src_len);
76 #define EAP_COPY(dst, src) \
77 eap_copy_data((dst), (dst ## Len), (src), (src ## Len))
81 * eap_user_get - Fetch user information from the database
82 * @sm: Pointer to EAP state machine allocated with eap_server_sm_init()
83 * @identity: Identity (User-Name) of the user
84 * @identity_len: Length of identity in bytes
85 * @phase2: 0 = EAP phase1 user, 1 = EAP phase2 (tunneled) user
86 * Returns: 0 on success, or -1 on failure
88 * This function is used to fetch user information for EAP. The user will be
89 * selected based on the specified identity. sm->user and
90 * sm->user_eap_method_index are updated for the new user when a matching user
91 * is found. sm->user can be used to get user information (e.g., password).
93 int eap_user_get(struct eap_sm *sm, const u8 *identity, size_t identity_len,
96 struct eap_user *user;
98 if (sm == NULL || sm->eapol_cb == NULL ||
99 sm->eapol_cb->get_eap_user == NULL)
102 eap_user_free(sm->user);
105 user = os_zalloc(sizeof(*user));
109 if (sm->eapol_cb->get_eap_user(sm->eapol_ctx, identity,
110 identity_len, phase2, user) != 0) {
116 sm->user_eap_method_index = 0;
122 SM_STATE(EAP, DISABLED)
124 SM_ENTRY(EAP, DISABLED);
129 SM_STATE(EAP, INITIALIZE)
131 SM_ENTRY(EAP, INITIALIZE);
133 if (sm->eap_if.eapRestart && !sm->eap_server && sm->identity) {
135 * Need to allow internal Identity method to be used instead
136 * of passthrough at the beginning of reauthentication.
138 eap_server_clear_identity(sm);
142 sm->eap_if.eapSuccess = FALSE;
143 sm->eap_if.eapFail = FALSE;
144 sm->eap_if.eapTimeout = FALSE;
145 os_free(sm->eap_if.eapKeyData);
146 sm->eap_if.eapKeyData = NULL;
147 sm->eap_if.eapKeyDataLen = 0;
148 sm->eap_if.eapKeyAvailable = FALSE;
149 sm->eap_if.eapRestart = FALSE;
152 * This is not defined in RFC 4137, but method state needs to be
153 * reseted here so that it does not remain in success state when
154 * re-authentication starts.
156 if (sm->m && sm->eap_method_priv) {
157 sm->m->reset(sm, sm->eap_method_priv);
158 sm->eap_method_priv = NULL;
161 sm->user_eap_method_index = 0;
163 if (sm->backend_auth) {
164 sm->currentMethod = EAP_TYPE_NONE;
165 /* parse rxResp, respId, respMethod */
166 eap_sm_parseEapResp(sm, sm->eap_if.eapRespData);
168 sm->currentId = sm->respId;
172 sm->method_pending = METHOD_PENDING_NONE;
174 wpa_msg(sm->msg_ctx, MSG_INFO, WPA_EVENT_EAP_STARTED
175 MACSTR, MAC2STR(sm->peer_addr));
179 SM_STATE(EAP, PICK_UP_METHOD)
181 SM_ENTRY(EAP, PICK_UP_METHOD);
183 if (eap_sm_Policy_doPickUp(sm, sm->respMethod)) {
184 sm->currentMethod = sm->respMethod;
185 if (sm->m && sm->eap_method_priv) {
186 sm->m->reset(sm, sm->eap_method_priv);
187 sm->eap_method_priv = NULL;
189 sm->m = eap_server_get_eap_method(EAP_VENDOR_IETF,
191 if (sm->m && sm->m->initPickUp) {
192 sm->eap_method_priv = sm->m->initPickUp(sm);
193 if (sm->eap_method_priv == NULL) {
194 wpa_printf(MSG_DEBUG, "EAP: Failed to "
195 "initialize EAP method %d",
198 sm->currentMethod = EAP_TYPE_NONE;
202 sm->currentMethod = EAP_TYPE_NONE;
206 wpa_msg(sm->msg_ctx, MSG_INFO, WPA_EVENT_EAP_PROPOSED_METHOD
207 "method=%u", sm->currentMethod);
215 sm->eap_if.retransWhile = eap_sm_calculateTimeout(
216 sm, sm->retransCount, sm->eap_if.eapSRTT, sm->eap_if.eapRTTVAR,
221 SM_STATE(EAP, RETRANSMIT)
223 SM_ENTRY(EAP, RETRANSMIT);
226 if (sm->retransCount <= sm->MaxRetrans && sm->lastReqData) {
227 if (eap_copy_buf(&sm->eap_if.eapReqData, sm->lastReqData) == 0)
228 sm->eap_if.eapReq = TRUE;
233 SM_STATE(EAP, RECEIVED)
235 SM_ENTRY(EAP, RECEIVED);
237 /* parse rxResp, respId, respMethod */
238 eap_sm_parseEapResp(sm, sm->eap_if.eapRespData);
243 SM_STATE(EAP, DISCARD)
245 SM_ENTRY(EAP, DISCARD);
246 sm->eap_if.eapResp = FALSE;
247 sm->eap_if.eapNoReq = TRUE;
251 SM_STATE(EAP, SEND_REQUEST)
253 SM_ENTRY(EAP, SEND_REQUEST);
255 sm->retransCount = 0;
256 if (sm->eap_if.eapReqData) {
257 if (eap_copy_buf(&sm->lastReqData, sm->eap_if.eapReqData) == 0)
259 sm->eap_if.eapResp = FALSE;
260 sm->eap_if.eapReq = TRUE;
262 sm->eap_if.eapResp = FALSE;
263 sm->eap_if.eapReq = FALSE;
266 wpa_printf(MSG_INFO, "EAP: SEND_REQUEST - no eapReqData");
267 sm->eap_if.eapResp = FALSE;
268 sm->eap_if.eapReq = FALSE;
269 sm->eap_if.eapNoReq = TRUE;
274 SM_STATE(EAP, INTEGRITY_CHECK)
276 SM_ENTRY(EAP, INTEGRITY_CHECK);
278 if (!eap_hdr_len_valid(sm->eap_if.eapRespData, 1)) {
284 sm->ignore = sm->m->check(sm, sm->eap_method_priv,
285 sm->eap_if.eapRespData);
290 SM_STATE(EAP, METHOD_REQUEST)
292 SM_ENTRY(EAP, METHOD_REQUEST);
295 wpa_printf(MSG_DEBUG, "EAP: method not initialized");
299 sm->currentId = eap_sm_nextId(sm, sm->currentId);
300 wpa_printf(MSG_DEBUG, "EAP: building EAP-Request: Identifier %d",
302 sm->lastId = sm->currentId;
303 wpabuf_free(sm->eap_if.eapReqData);
304 sm->eap_if.eapReqData = sm->m->buildReq(sm, sm->eap_method_priv,
306 if (sm->m->getTimeout)
307 sm->methodTimeout = sm->m->getTimeout(sm, sm->eap_method_priv);
309 sm->methodTimeout = 0;
313 SM_STATE(EAP, METHOD_RESPONSE)
315 SM_ENTRY(EAP, METHOD_RESPONSE);
317 if (!eap_hdr_len_valid(sm->eap_if.eapRespData, 1))
320 sm->m->process(sm, sm->eap_method_priv, sm->eap_if.eapRespData);
321 if (sm->m->isDone(sm, sm->eap_method_priv)) {
322 eap_sm_Policy_update(sm, NULL, 0);
323 os_free(sm->eap_if.eapKeyData);
325 sm->eap_if.eapKeyData = sm->m->getKey(
326 sm, sm->eap_method_priv,
327 &sm->eap_if.eapKeyDataLen);
329 sm->eap_if.eapKeyData = NULL;
330 sm->eap_if.eapKeyDataLen = 0;
332 sm->methodState = METHOD_END;
334 sm->methodState = METHOD_CONTINUE;
339 SM_STATE(EAP, PROPOSE_METHOD)
344 SM_ENTRY(EAP, PROPOSE_METHOD);
347 type = eap_sm_Policy_getNextMethod(sm, &vendor);
348 if (vendor == EAP_VENDOR_IETF)
349 sm->currentMethod = type;
351 sm->currentMethod = EAP_TYPE_EXPANDED;
352 if (sm->m && sm->eap_method_priv) {
353 sm->m->reset(sm, sm->eap_method_priv);
354 sm->eap_method_priv = NULL;
356 sm->m = eap_server_get_eap_method(vendor, type);
358 sm->eap_method_priv = sm->m->init(sm);
359 if (sm->eap_method_priv == NULL) {
360 wpa_printf(MSG_DEBUG, "EAP: Failed to initialize EAP "
361 "method %d", sm->currentMethod);
363 sm->currentMethod = EAP_TYPE_NONE;
364 goto try_another_method;
368 wpa_printf(MSG_DEBUG, "EAP: Could not find suitable EAP method");
369 sm->decision = DECISION_FAILURE;
372 if (sm->currentMethod == EAP_TYPE_IDENTITY ||
373 sm->currentMethod == EAP_TYPE_NOTIFICATION)
374 sm->methodState = METHOD_CONTINUE;
376 sm->methodState = METHOD_PROPOSED;
378 wpa_msg(sm->msg_ctx, MSG_INFO, WPA_EVENT_EAP_PROPOSED_METHOD
379 "vendor=%u method=%u", vendor, sm->currentMethod);
385 const struct eap_hdr *nak;
388 const u8 *nak_list = NULL;
392 if (sm->eap_method_priv) {
393 sm->m->reset(sm, sm->eap_method_priv);
394 sm->eap_method_priv = NULL;
398 if (!eap_hdr_len_valid(sm->eap_if.eapRespData, 1))
401 nak = wpabuf_head(sm->eap_if.eapRespData);
402 if (nak && wpabuf_len(sm->eap_if.eapRespData) > sizeof(*nak)) {
403 len = be_to_host16(nak->length);
404 if (len > wpabuf_len(sm->eap_if.eapRespData))
405 len = wpabuf_len(sm->eap_if.eapRespData);
406 pos = (const u8 *) (nak + 1);
408 if (*pos == EAP_TYPE_NAK) {
414 eap_sm_Policy_update(sm, nak_list, len);
418 SM_STATE(EAP, SELECT_ACTION)
420 SM_ENTRY(EAP, SELECT_ACTION);
422 sm->decision = eap_sm_Policy_getDecision(sm);
426 SM_STATE(EAP, TIMEOUT_FAILURE)
428 SM_ENTRY(EAP, TIMEOUT_FAILURE);
430 sm->eap_if.eapTimeout = TRUE;
434 SM_STATE(EAP, FAILURE)
436 SM_ENTRY(EAP, FAILURE);
438 wpabuf_free(sm->eap_if.eapReqData);
439 sm->eap_if.eapReqData = eap_sm_buildFailure(sm, sm->currentId);
440 wpabuf_free(sm->lastReqData);
441 sm->lastReqData = NULL;
442 sm->eap_if.eapFail = TRUE;
444 wpa_msg(sm->msg_ctx, MSG_INFO, WPA_EVENT_EAP_FAILURE
445 MACSTR, MAC2STR(sm->peer_addr));
449 SM_STATE(EAP, SUCCESS)
451 SM_ENTRY(EAP, SUCCESS);
453 wpabuf_free(sm->eap_if.eapReqData);
454 sm->eap_if.eapReqData = eap_sm_buildSuccess(sm, sm->currentId);
455 wpabuf_free(sm->lastReqData);
456 sm->lastReqData = NULL;
457 if (sm->eap_if.eapKeyData)
458 sm->eap_if.eapKeyAvailable = TRUE;
459 sm->eap_if.eapSuccess = TRUE;
461 wpa_msg(sm->msg_ctx, MSG_INFO, WPA_EVENT_EAP_SUCCESS
462 MACSTR, MAC2STR(sm->peer_addr));
466 SM_STATE(EAP, INITIALIZE_PASSTHROUGH)
468 SM_ENTRY(EAP, INITIALIZE_PASSTHROUGH);
470 wpabuf_free(sm->eap_if.aaaEapRespData);
471 sm->eap_if.aaaEapRespData = NULL;
477 SM_ENTRY(EAP, IDLE2);
479 sm->eap_if.retransWhile = eap_sm_calculateTimeout(
480 sm, sm->retransCount, sm->eap_if.eapSRTT, sm->eap_if.eapRTTVAR,
485 SM_STATE(EAP, RETRANSMIT2)
487 SM_ENTRY(EAP, RETRANSMIT2);
490 if (sm->retransCount <= sm->MaxRetrans && sm->lastReqData) {
491 if (eap_copy_buf(&sm->eap_if.eapReqData, sm->lastReqData) == 0)
492 sm->eap_if.eapReq = TRUE;
497 SM_STATE(EAP, RECEIVED2)
499 SM_ENTRY(EAP, RECEIVED2);
501 /* parse rxResp, respId, respMethod */
502 eap_sm_parseEapResp(sm, sm->eap_if.eapRespData);
506 SM_STATE(EAP, DISCARD2)
508 SM_ENTRY(EAP, DISCARD2);
509 sm->eap_if.eapResp = FALSE;
510 sm->eap_if.eapNoReq = TRUE;
514 SM_STATE(EAP, SEND_REQUEST2)
516 SM_ENTRY(EAP, SEND_REQUEST2);
518 sm->retransCount = 0;
519 if (sm->eap_if.eapReqData) {
520 if (eap_copy_buf(&sm->lastReqData, sm->eap_if.eapReqData) == 0)
522 sm->eap_if.eapResp = FALSE;
523 sm->eap_if.eapReq = TRUE;
525 sm->eap_if.eapResp = FALSE;
526 sm->eap_if.eapReq = FALSE;
529 wpa_printf(MSG_INFO, "EAP: SEND_REQUEST2 - no eapReqData");
530 sm->eap_if.eapResp = FALSE;
531 sm->eap_if.eapReq = FALSE;
532 sm->eap_if.eapNoReq = TRUE;
537 SM_STATE(EAP, AAA_REQUEST)
539 SM_ENTRY(EAP, AAA_REQUEST);
541 if (sm->eap_if.eapRespData == NULL) {
542 wpa_printf(MSG_INFO, "EAP: AAA_REQUEST - no eapRespData");
547 * if (respMethod == IDENTITY)
548 * aaaIdentity = eapRespData
549 * This is already taken care of by the EAP-Identity method which
550 * stores the identity into sm->identity.
553 eap_copy_buf(&sm->eap_if.aaaEapRespData, sm->eap_if.eapRespData);
557 SM_STATE(EAP, AAA_RESPONSE)
559 SM_ENTRY(EAP, AAA_RESPONSE);
561 eap_copy_buf(&sm->eap_if.eapReqData, sm->eap_if.aaaEapReqData);
562 sm->currentId = eap_sm_getId(sm->eap_if.eapReqData);
563 sm->methodTimeout = sm->eap_if.aaaMethodTimeout;
567 SM_STATE(EAP, AAA_IDLE)
569 SM_ENTRY(EAP, AAA_IDLE);
571 sm->eap_if.aaaFail = FALSE;
572 sm->eap_if.aaaSuccess = FALSE;
573 sm->eap_if.aaaEapReq = FALSE;
574 sm->eap_if.aaaEapNoReq = FALSE;
575 sm->eap_if.aaaEapResp = TRUE;
579 SM_STATE(EAP, TIMEOUT_FAILURE2)
581 SM_ENTRY(EAP, TIMEOUT_FAILURE2);
583 sm->eap_if.eapTimeout = TRUE;
587 SM_STATE(EAP, FAILURE2)
589 SM_ENTRY(EAP, FAILURE2);
591 eap_copy_buf(&sm->eap_if.eapReqData, sm->eap_if.aaaEapReqData);
592 sm->eap_if.eapFail = TRUE;
596 SM_STATE(EAP, SUCCESS2)
598 SM_ENTRY(EAP, SUCCESS2);
600 eap_copy_buf(&sm->eap_if.eapReqData, sm->eap_if.aaaEapReqData);
602 sm->eap_if.eapKeyAvailable = sm->eap_if.aaaEapKeyAvailable;
603 if (sm->eap_if.aaaEapKeyAvailable) {
604 EAP_COPY(&sm->eap_if.eapKeyData, sm->eap_if.aaaEapKeyData);
606 os_free(sm->eap_if.eapKeyData);
607 sm->eap_if.eapKeyData = NULL;
608 sm->eap_if.eapKeyDataLen = 0;
611 sm->eap_if.eapSuccess = TRUE;
614 * Start reauthentication with identity request even though we know the
615 * previously used identity. This is needed to get reauthentication
618 sm->start_reauth = TRUE;
624 if (sm->eap_if.eapRestart && sm->eap_if.portEnabled)
625 SM_ENTER_GLOBAL(EAP, INITIALIZE);
626 else if (!sm->eap_if.portEnabled)
627 SM_ENTER_GLOBAL(EAP, DISABLED);
628 else if (sm->num_rounds > EAP_MAX_AUTH_ROUNDS) {
629 if (sm->num_rounds == EAP_MAX_AUTH_ROUNDS + 1) {
630 wpa_printf(MSG_DEBUG, "EAP: more than %d "
631 "authentication rounds - abort",
632 EAP_MAX_AUTH_ROUNDS);
634 SM_ENTER_GLOBAL(EAP, FAILURE);
636 } else switch (sm->EAP_state) {
638 if (sm->backend_auth) {
640 SM_ENTER(EAP, SELECT_ACTION);
641 else if (sm->rxResp &&
642 (sm->respMethod == EAP_TYPE_NAK ||
643 (sm->respMethod == EAP_TYPE_EXPANDED &&
644 sm->respVendor == EAP_VENDOR_IETF &&
645 sm->respVendorMethod == EAP_TYPE_NAK)))
648 SM_ENTER(EAP, PICK_UP_METHOD);
650 SM_ENTER(EAP, SELECT_ACTION);
653 case EAP_PICK_UP_METHOD:
654 if (sm->currentMethod == EAP_TYPE_NONE) {
655 SM_ENTER(EAP, SELECT_ACTION);
657 SM_ENTER(EAP, METHOD_RESPONSE);
661 if (sm->eap_if.portEnabled)
662 SM_ENTER(EAP, INITIALIZE);
665 if (sm->eap_if.retransWhile == 0)
666 SM_ENTER(EAP, RETRANSMIT);
667 else if (sm->eap_if.eapResp)
668 SM_ENTER(EAP, RECEIVED);
671 if (sm->retransCount > sm->MaxRetrans)
672 SM_ENTER(EAP, TIMEOUT_FAILURE);
677 if (sm->rxResp && (sm->respId == sm->currentId) &&
678 (sm->respMethod == EAP_TYPE_NAK ||
679 (sm->respMethod == EAP_TYPE_EXPANDED &&
680 sm->respVendor == EAP_VENDOR_IETF &&
681 sm->respVendorMethod == EAP_TYPE_NAK))
682 && (sm->methodState == METHOD_PROPOSED))
684 else if (sm->rxResp && (sm->respId == sm->currentId) &&
685 ((sm->respMethod == sm->currentMethod) ||
686 (sm->respMethod == EAP_TYPE_EXPANDED &&
687 sm->respVendor == EAP_VENDOR_IETF &&
688 sm->respVendorMethod == sm->currentMethod)))
689 SM_ENTER(EAP, INTEGRITY_CHECK);
691 wpa_printf(MSG_DEBUG, "EAP: RECEIVED->DISCARD: "
692 "rxResp=%d respId=%d currentId=%d "
693 "respMethod=%d currentMethod=%d",
694 sm->rxResp, sm->respId, sm->currentId,
695 sm->respMethod, sm->currentMethod);
696 SM_ENTER(EAP, DISCARD);
702 case EAP_SEND_REQUEST:
705 case EAP_INTEGRITY_CHECK:
707 SM_ENTER(EAP, DISCARD);
709 SM_ENTER(EAP, METHOD_RESPONSE);
711 case EAP_METHOD_REQUEST:
714 * This transition is not mentioned in RFC 4137, but it
715 * is needed to handle cleanly a case where EAP method
716 * initialization fails.
718 SM_ENTER(EAP, FAILURE);
721 SM_ENTER(EAP, SEND_REQUEST);
723 case EAP_METHOD_RESPONSE:
725 * Note: Mechanism to allow EAP methods to wait while going
726 * through pending processing is an extension to RFC 4137
727 * which only defines the transits to SELECT_ACTION and
728 * METHOD_REQUEST from this METHOD_RESPONSE state.
730 if (sm->methodState == METHOD_END)
731 SM_ENTER(EAP, SELECT_ACTION);
732 else if (sm->method_pending == METHOD_PENDING_WAIT) {
733 wpa_printf(MSG_DEBUG, "EAP: Method has pending "
734 "processing - wait before proceeding to "
735 "METHOD_REQUEST state");
736 } else if (sm->method_pending == METHOD_PENDING_CONT) {
737 wpa_printf(MSG_DEBUG, "EAP: Method has completed "
738 "pending processing - reprocess pending "
740 sm->method_pending = METHOD_PENDING_NONE;
741 SM_ENTER(EAP, METHOD_RESPONSE);
743 SM_ENTER(EAP, METHOD_REQUEST);
745 case EAP_PROPOSE_METHOD:
747 * Note: Mechanism to allow EAP methods to wait while going
748 * through pending processing is an extension to RFC 4137
749 * which only defines the transit to METHOD_REQUEST from this
750 * PROPOSE_METHOD state.
752 if (sm->method_pending == METHOD_PENDING_WAIT) {
753 wpa_printf(MSG_DEBUG, "EAP: Method has pending "
754 "processing - wait before proceeding to "
755 "METHOD_REQUEST state");
756 if (sm->user_eap_method_index > 0)
757 sm->user_eap_method_index--;
758 } else if (sm->method_pending == METHOD_PENDING_CONT) {
759 wpa_printf(MSG_DEBUG, "EAP: Method has completed "
760 "pending processing - reprocess pending "
762 sm->method_pending = METHOD_PENDING_NONE;
763 SM_ENTER(EAP, PROPOSE_METHOD);
765 SM_ENTER(EAP, METHOD_REQUEST);
768 SM_ENTER(EAP, SELECT_ACTION);
770 case EAP_SELECT_ACTION:
771 if (sm->decision == DECISION_FAILURE)
772 SM_ENTER(EAP, FAILURE);
773 else if (sm->decision == DECISION_SUCCESS)
774 SM_ENTER(EAP, SUCCESS);
775 else if (sm->decision == DECISION_PASSTHROUGH)
776 SM_ENTER(EAP, INITIALIZE_PASSTHROUGH);
778 SM_ENTER(EAP, PROPOSE_METHOD);
780 case EAP_TIMEOUT_FAILURE:
787 case EAP_INITIALIZE_PASSTHROUGH:
788 if (sm->currentId == -1)
789 SM_ENTER(EAP, AAA_IDLE);
791 SM_ENTER(EAP, AAA_REQUEST);
794 if (sm->eap_if.eapResp)
795 SM_ENTER(EAP, RECEIVED2);
796 else if (sm->eap_if.retransWhile == 0)
797 SM_ENTER(EAP, RETRANSMIT2);
799 case EAP_RETRANSMIT2:
800 if (sm->retransCount > sm->MaxRetrans)
801 SM_ENTER(EAP, TIMEOUT_FAILURE2);
803 SM_ENTER(EAP, IDLE2);
806 if (sm->rxResp && (sm->respId == sm->currentId))
807 SM_ENTER(EAP, AAA_REQUEST);
809 SM_ENTER(EAP, DISCARD2);
812 SM_ENTER(EAP, IDLE2);
814 case EAP_SEND_REQUEST2:
815 SM_ENTER(EAP, IDLE2);
817 case EAP_AAA_REQUEST:
818 SM_ENTER(EAP, AAA_IDLE);
820 case EAP_AAA_RESPONSE:
821 SM_ENTER(EAP, SEND_REQUEST2);
824 if (sm->eap_if.aaaFail)
825 SM_ENTER(EAP, FAILURE2);
826 else if (sm->eap_if.aaaSuccess)
827 SM_ENTER(EAP, SUCCESS2);
828 else if (sm->eap_if.aaaEapReq)
829 SM_ENTER(EAP, AAA_RESPONSE);
830 else if (sm->eap_if.aaaTimeout)
831 SM_ENTER(EAP, TIMEOUT_FAILURE2);
833 case EAP_TIMEOUT_FAILURE2:
843 static int eap_sm_calculateTimeout(struct eap_sm *sm, int retransCount,
844 int eapSRTT, int eapRTTVAR,
851 * EAP method (either internal or through AAA server, provided
852 * timeout hint. Use that as-is as a timeout for retransmitting
853 * the EAP request if no response is received.
855 wpa_printf(MSG_DEBUG, "EAP: retransmit timeout %d seconds "
856 "(from EAP method hint)", methodTimeout);
857 return methodTimeout;
861 * RFC 3748 recommends algorithms described in RFC 2988 for estimation
862 * of the retransmission timeout. This should be implemented once
863 * round-trip time measurements are available. For nowm a simple
864 * backoff mechanism is used instead if there are no EAP method
867 * SRTT = smoothed round-trip time
868 * RTTVAR = round-trip time variation
869 * RTO = retransmission timeout
873 * RFC 2988, 2.1: before RTT measurement, set RTO to 3 seconds for
874 * initial retransmission and then double the RTO to provide back off
875 * per 5.5. Limit the maximum RTO to 20 seconds per RFC 3748, 4.3
879 for (i = 0; i < retransCount; i++) {
887 wpa_printf(MSG_DEBUG, "EAP: retransmit timeout %d seconds "
888 "(from dynamic back off; retransCount=%d)",
895 static void eap_sm_parseEapResp(struct eap_sm *sm, const struct wpabuf *resp)
897 const struct eap_hdr *hdr;
900 /* parse rxResp, respId, respMethod */
903 sm->respMethod = EAP_TYPE_NONE;
904 sm->respVendor = EAP_VENDOR_IETF;
905 sm->respVendorMethod = EAP_TYPE_NONE;
907 if (resp == NULL || wpabuf_len(resp) < sizeof(*hdr)) {
908 wpa_printf(MSG_DEBUG, "EAP: parseEapResp: invalid resp=%p "
910 resp ? (unsigned long) wpabuf_len(resp) : 0);
914 hdr = wpabuf_head(resp);
915 plen = be_to_host16(hdr->length);
916 if (plen > wpabuf_len(resp)) {
917 wpa_printf(MSG_DEBUG, "EAP: Ignored truncated EAP-Packet "
918 "(len=%lu plen=%lu)",
919 (unsigned long) wpabuf_len(resp),
920 (unsigned long) plen);
924 sm->respId = hdr->identifier;
926 if (hdr->code == EAP_CODE_RESPONSE)
929 if (plen > sizeof(*hdr)) {
930 u8 *pos = (u8 *) (hdr + 1);
931 sm->respMethod = *pos++;
932 if (sm->respMethod == EAP_TYPE_EXPANDED) {
933 if (plen < sizeof(*hdr) + 8) {
934 wpa_printf(MSG_DEBUG, "EAP: Ignored truncated "
935 "expanded EAP-Packet (plen=%lu)",
936 (unsigned long) plen);
939 sm->respVendor = WPA_GET_BE24(pos);
941 sm->respVendorMethod = WPA_GET_BE32(pos);
945 wpa_printf(MSG_DEBUG, "EAP: parseEapResp: rxResp=%d respId=%d "
946 "respMethod=%u respVendor=%u respVendorMethod=%u",
947 sm->rxResp, sm->respId, sm->respMethod, sm->respVendor,
948 sm->respVendorMethod);
952 static int eap_sm_getId(const struct wpabuf *data)
954 const struct eap_hdr *hdr;
956 if (data == NULL || wpabuf_len(data) < sizeof(*hdr))
959 hdr = wpabuf_head(data);
960 wpa_printf(MSG_DEBUG, "EAP: getId: id=%d", hdr->identifier);
961 return hdr->identifier;
965 static struct wpabuf * eap_sm_buildSuccess(struct eap_sm *sm, u8 id)
968 struct eap_hdr *resp;
969 wpa_printf(MSG_DEBUG, "EAP: Building EAP-Success (id=%d)", id);
971 msg = wpabuf_alloc(sizeof(*resp));
974 resp = wpabuf_put(msg, sizeof(*resp));
975 resp->code = EAP_CODE_SUCCESS;
976 resp->identifier = id;
977 resp->length = host_to_be16(sizeof(*resp));
983 static struct wpabuf * eap_sm_buildFailure(struct eap_sm *sm, u8 id)
986 struct eap_hdr *resp;
987 wpa_printf(MSG_DEBUG, "EAP: Building EAP-Failure (id=%d)", id);
989 msg = wpabuf_alloc(sizeof(*resp));
992 resp = wpabuf_put(msg, sizeof(*resp));
993 resp->code = EAP_CODE_FAILURE;
994 resp->identifier = id;
995 resp->length = host_to_be16(sizeof(*resp));
1001 static int eap_sm_nextId(struct eap_sm *sm, int id)
1004 /* RFC 3748 Ch 4.1: recommended to initialize Identifier with a
1007 if (id != sm->lastId)
1010 return (id + 1) & 0xff;
1015 * eap_sm_process_nak - Process EAP-Response/Nak
1016 * @sm: Pointer to EAP state machine allocated with eap_server_sm_init()
1017 * @nak_list: Nak list (allowed methods) from the supplicant
1018 * @len: Length of nak_list in bytes
1020 * This function is called when EAP-Response/Nak is received from the
1021 * supplicant. This can happen for both phase 1 and phase 2 authentications.
1023 void eap_sm_process_nak(struct eap_sm *sm, const u8 *nak_list, size_t len)
1028 if (sm->user == NULL)
1031 wpa_printf(MSG_MSGDUMP, "EAP: processing NAK (current EAP method "
1032 "index %d)", sm->user_eap_method_index);
1034 wpa_hexdump(MSG_MSGDUMP, "EAP: configured methods",
1035 (u8 *) sm->user->methods,
1036 EAP_MAX_METHODS * sizeof(sm->user->methods[0]));
1037 wpa_hexdump(MSG_MSGDUMP, "EAP: list of methods supported by the peer",
1040 i = sm->user_eap_method_index;
1041 while (i < EAP_MAX_METHODS &&
1042 (sm->user->methods[i].vendor != EAP_VENDOR_IETF ||
1043 sm->user->methods[i].method != EAP_TYPE_NONE)) {
1044 if (sm->user->methods[i].vendor != EAP_VENDOR_IETF)
1046 for (j = 0; j < len; j++) {
1047 if (nak_list[j] == sm->user->methods[i].method) {
1059 /* not found - remove from the list */
1060 if (i + 1 < EAP_MAX_METHODS) {
1061 os_memmove(&sm->user->methods[i],
1062 &sm->user->methods[i + 1],
1063 (EAP_MAX_METHODS - i - 1) *
1064 sizeof(sm->user->methods[0]));
1066 sm->user->methods[EAP_MAX_METHODS - 1].vendor =
1068 sm->user->methods[EAP_MAX_METHODS - 1].method = EAP_TYPE_NONE;
1071 wpa_hexdump(MSG_MSGDUMP, "EAP: new list of configured methods",
1072 (u8 *) sm->user->methods, EAP_MAX_METHODS *
1073 sizeof(sm->user->methods[0]));
1077 static void eap_sm_Policy_update(struct eap_sm *sm, const u8 *nak_list,
1080 if (nak_list == NULL || sm == NULL || sm->user == NULL)
1083 if (sm->user->phase2) {
1084 wpa_printf(MSG_DEBUG, "EAP: EAP-Nak received after Phase2 user"
1085 " info was selected - reject");
1086 sm->decision = DECISION_FAILURE;
1090 eap_sm_process_nak(sm, nak_list, len);
1094 static EapType eap_sm_Policy_getNextMethod(struct eap_sm *sm, int *vendor)
1097 int idx = sm->user_eap_method_index;
1099 /* In theory, there should be no problems with starting
1100 * re-authentication with something else than EAP-Request/Identity and
1101 * this does indeed work with wpa_supplicant. However, at least Funk
1102 * Supplicant seemed to ignore re-auth if it skipped
1103 * EAP-Request/Identity.
1104 * Re-auth sets currentId == -1, so that can be used here to select
1105 * whether Identity needs to be requested again. */
1106 if (sm->identity == NULL || sm->currentId == -1) {
1107 *vendor = EAP_VENDOR_IETF;
1108 next = EAP_TYPE_IDENTITY;
1109 sm->update_user = TRUE;
1110 } else if (sm->user && idx < EAP_MAX_METHODS &&
1111 (sm->user->methods[idx].vendor != EAP_VENDOR_IETF ||
1112 sm->user->methods[idx].method != EAP_TYPE_NONE)) {
1113 *vendor = sm->user->methods[idx].vendor;
1114 next = sm->user->methods[idx].method;
1115 sm->user_eap_method_index++;
1117 *vendor = EAP_VENDOR_IETF;
1118 next = EAP_TYPE_NONE;
1120 wpa_printf(MSG_DEBUG, "EAP: getNextMethod: vendor %d type %d",
1126 static int eap_sm_Policy_getDecision(struct eap_sm *sm)
1128 if (!sm->eap_server && sm->identity && !sm->start_reauth) {
1129 wpa_printf(MSG_DEBUG, "EAP: getDecision: -> PASSTHROUGH");
1130 return DECISION_PASSTHROUGH;
1133 if (sm->m && sm->currentMethod != EAP_TYPE_IDENTITY &&
1134 sm->m->isSuccess(sm, sm->eap_method_priv)) {
1135 wpa_printf(MSG_DEBUG, "EAP: getDecision: method succeeded -> "
1137 sm->update_user = TRUE;
1138 return DECISION_SUCCESS;
1141 if (sm->m && sm->m->isDone(sm, sm->eap_method_priv) &&
1142 !sm->m->isSuccess(sm, sm->eap_method_priv)) {
1143 wpa_printf(MSG_DEBUG, "EAP: getDecision: method failed -> "
1145 sm->update_user = TRUE;
1146 return DECISION_FAILURE;
1149 if ((sm->user == NULL || sm->update_user) && sm->identity &&
1150 !sm->start_reauth) {
1152 * Allow Identity method to be started once to allow identity
1153 * selection hint to be sent from the authentication server,
1154 * but prevent a loop of Identity requests by only allowing
1155 * this to happen once.
1158 if (sm->user && sm->currentMethod == EAP_TYPE_IDENTITY &&
1159 sm->user->methods[0].vendor == EAP_VENDOR_IETF &&
1160 sm->user->methods[0].method == EAP_TYPE_IDENTITY)
1162 if (eap_user_get(sm, sm->identity, sm->identity_len, 0) != 0) {
1163 wpa_printf(MSG_DEBUG, "EAP: getDecision: user not "
1164 "found from database -> FAILURE");
1165 return DECISION_FAILURE;
1167 if (id_req && sm->user &&
1168 sm->user->methods[0].vendor == EAP_VENDOR_IETF &&
1169 sm->user->methods[0].method == EAP_TYPE_IDENTITY) {
1170 wpa_printf(MSG_DEBUG, "EAP: getDecision: stop "
1171 "identity request loop -> FAILURE");
1172 sm->update_user = TRUE;
1173 return DECISION_FAILURE;
1175 sm->update_user = FALSE;
1177 sm->start_reauth = FALSE;
1179 if (sm->user && sm->user_eap_method_index < EAP_MAX_METHODS &&
1180 (sm->user->methods[sm->user_eap_method_index].vendor !=
1182 sm->user->methods[sm->user_eap_method_index].method !=
1184 wpa_printf(MSG_DEBUG, "EAP: getDecision: another method "
1185 "available -> CONTINUE");
1186 return DECISION_CONTINUE;
1189 if (sm->identity == NULL || sm->currentId == -1) {
1190 wpa_printf(MSG_DEBUG, "EAP: getDecision: no identity known "
1192 return DECISION_CONTINUE;
1195 wpa_printf(MSG_DEBUG, "EAP: getDecision: no more methods available -> "
1197 return DECISION_FAILURE;
1201 static Boolean eap_sm_Policy_doPickUp(struct eap_sm *sm, EapType method)
1203 return method == EAP_TYPE_IDENTITY ? TRUE : FALSE;
1208 * eap_server_sm_step - Step EAP server state machine
1209 * @sm: Pointer to EAP state machine allocated with eap_server_sm_init()
1210 * Returns: 1 if EAP state was changed or 0 if not
1212 * This function advances EAP state machine to a new state to match with the
1213 * current variables. This should be called whenever variables used by the EAP
1214 * state machine have changed.
1216 int eap_server_sm_step(struct eap_sm *sm)
1220 sm->changed = FALSE;
1224 } while (sm->changed);
1229 static void eap_user_free(struct eap_user *user)
1233 os_free(user->password);
1234 user->password = NULL;
1240 * eap_server_sm_init - Allocate and initialize EAP server state machine
1241 * @eapol_ctx: Context data to be used with eapol_cb calls
1242 * @eapol_cb: Pointer to EAPOL callback functions
1243 * @conf: EAP configuration
1244 * Returns: Pointer to the allocated EAP state machine or %NULL on failure
1246 * This function allocates and initializes an EAP state machine.
1248 struct eap_sm * eap_server_sm_init(void *eapol_ctx,
1249 struct eapol_callbacks *eapol_cb,
1250 struct eap_config *conf)
1254 sm = os_zalloc(sizeof(*sm));
1257 sm->eapol_ctx = eapol_ctx;
1258 sm->eapol_cb = eapol_cb;
1259 sm->MaxRetrans = 5; /* RFC 3748: max 3-5 retransmissions suggested */
1260 sm->ssl_ctx = conf->ssl_ctx;
1261 sm->msg_ctx = conf->msg_ctx;
1262 sm->eap_sim_db_priv = conf->eap_sim_db_priv;
1263 sm->backend_auth = conf->backend_auth;
1264 sm->eap_server = conf->eap_server;
1265 if (conf->pac_opaque_encr_key) {
1266 sm->pac_opaque_encr_key = os_malloc(16);
1267 if (sm->pac_opaque_encr_key) {
1268 os_memcpy(sm->pac_opaque_encr_key,
1269 conf->pac_opaque_encr_key, 16);
1272 if (conf->eap_fast_a_id) {
1273 sm->eap_fast_a_id = os_malloc(conf->eap_fast_a_id_len);
1274 if (sm->eap_fast_a_id) {
1275 os_memcpy(sm->eap_fast_a_id, conf->eap_fast_a_id,
1276 conf->eap_fast_a_id_len);
1277 sm->eap_fast_a_id_len = conf->eap_fast_a_id_len;
1280 if (conf->eap_fast_a_id_info)
1281 sm->eap_fast_a_id_info = os_strdup(conf->eap_fast_a_id_info);
1282 sm->eap_fast_prov = conf->eap_fast_prov;
1283 sm->pac_key_lifetime = conf->pac_key_lifetime;
1284 sm->pac_key_refresh_time = conf->pac_key_refresh_time;
1285 sm->eap_sim_aka_result_ind = conf->eap_sim_aka_result_ind;
1286 sm->tnc = conf->tnc;
1287 sm->wps = conf->wps;
1288 if (conf->assoc_wps_ie)
1289 sm->assoc_wps_ie = wpabuf_dup(conf->assoc_wps_ie);
1290 if (conf->assoc_p2p_ie)
1291 sm->assoc_p2p_ie = wpabuf_dup(conf->assoc_p2p_ie);
1292 if (conf->peer_addr)
1293 os_memcpy(sm->peer_addr, conf->peer_addr, ETH_ALEN);
1294 sm->fragment_size = conf->fragment_size;
1295 sm->pwd_group = conf->pwd_group;
1296 sm->pbc_in_m1 = conf->pbc_in_m1;
1297 sm->server_id = conf->server_id;
1298 sm->server_id_len = conf->server_id_len;
1300 wpa_printf(MSG_DEBUG, "EAP: Server state machine created");
1307 * eap_server_sm_deinit - Deinitialize and free an EAP server state machine
1308 * @sm: Pointer to EAP state machine allocated with eap_server_sm_init()
1310 * This function deinitializes EAP state machine and frees all allocated
1313 void eap_server_sm_deinit(struct eap_sm *sm)
1317 wpa_printf(MSG_DEBUG, "EAP: Server state machine removed");
1318 if (sm->m && sm->eap_method_priv)
1319 sm->m->reset(sm, sm->eap_method_priv);
1320 wpabuf_free(sm->eap_if.eapReqData);
1321 os_free(sm->eap_if.eapKeyData);
1322 wpabuf_free(sm->lastReqData);
1323 wpabuf_free(sm->eap_if.eapRespData);
1324 os_free(sm->identity);
1325 os_free(sm->pac_opaque_encr_key);
1326 os_free(sm->eap_fast_a_id);
1327 os_free(sm->eap_fast_a_id_info);
1328 wpabuf_free(sm->eap_if.aaaEapReqData);
1329 wpabuf_free(sm->eap_if.aaaEapRespData);
1330 os_free(sm->eap_if.aaaEapKeyData);
1331 eap_user_free(sm->user);
1332 wpabuf_free(sm->assoc_wps_ie);
1333 wpabuf_free(sm->assoc_p2p_ie);
1339 * eap_sm_notify_cached - Notify EAP state machine of cached PMK
1340 * @sm: Pointer to EAP state machine allocated with eap_server_sm_init()
1342 * This function is called when PMKSA caching is used to skip EAP
1345 void eap_sm_notify_cached(struct eap_sm *sm)
1350 sm->EAP_state = EAP_SUCCESS;
1355 * eap_sm_pending_cb - EAP state machine callback for a pending EAP request
1356 * @sm: Pointer to EAP state machine allocated with eap_server_sm_init()
1358 * This function is called when data for a pending EAP-Request is received.
1360 void eap_sm_pending_cb(struct eap_sm *sm)
1364 wpa_printf(MSG_DEBUG, "EAP: Callback for pending request received");
1365 if (sm->method_pending == METHOD_PENDING_WAIT)
1366 sm->method_pending = METHOD_PENDING_CONT;
1371 * eap_sm_method_pending - Query whether EAP method is waiting for pending data
1372 * @sm: Pointer to EAP state machine allocated with eap_server_sm_init()
1373 * Returns: 1 if method is waiting for pending data or 0 if not
1375 int eap_sm_method_pending(struct eap_sm *sm)
1379 return sm->method_pending == METHOD_PENDING_WAIT;
1384 * eap_get_identity - Get the user identity (from EAP-Response/Identity)
1385 * @sm: Pointer to EAP state machine allocated with eap_server_sm_init()
1386 * @len: Buffer for returning identity length
1387 * Returns: Pointer to the user identity or %NULL if not available
1389 const u8 * eap_get_identity(struct eap_sm *sm, size_t *len)
1391 *len = sm->identity_len;
1392 return sm->identity;
1397 * eap_get_interface - Get pointer to EAP-EAPOL interface data
1398 * @sm: Pointer to EAP state machine allocated with eap_server_sm_init()
1399 * Returns: Pointer to the EAP-EAPOL interface data
1401 struct eap_eapol_interface * eap_get_interface(struct eap_sm *sm)
1408 * eap_server_clear_identity - Clear EAP identity information
1409 * @sm: Pointer to EAP state machine allocated with eap_server_sm_init()
1411 * This function can be used to clear the EAP identity information in the EAP
1412 * server context. This allows the EAP/Identity method to be used again after
1413 * EAPOL-Start or EAPOL-Logoff.
1415 void eap_server_clear_identity(struct eap_sm *sm)
1417 os_free(sm->identity);
1418 sm->identity = NULL;