📄 eapaka.c
字号:
/******************************************************************* * EAPOL Function implementations for supplicant * * File: eapaka.c * * Licensed under a dual GPL/BSD license. (See LICENSE file for more info.) * * Authors: Chris.Hessing@utah.edu * * $Id: eapaka.c,v 1.13 2006/06/01 22:49:50 galimorerpg Exp $ * $Date: 2006/06/01 22:49:50 $ * $Log: eapaka.c,v $ * Revision 1.13 2006/06/01 22:49:50 galimorerpg * Converted all instances of u_char to uint8_t * Fixed a bad #include in the generic frame handler. * * Revision 1.12 2006/05/26 22:04:58 chessing * Fixed some memory access errors, and cleaned up some wext stuff that was causing issues with the madwifi driver in wext mode. * * Revision 1.11 2006/04/25 01:17:43 chessing * LOTS of code cleanups, new error checking/debugging code added, and other misc. fixes/changes. * * Revision 1.10 2006/03/08 00:16:04 chessing * Fixed EAP hints code to work correctly when the request ID packet is padded out with null bytes. (Observed in Aruba APs.) Some changes/fixes for the EAP-AKA module. * * Revision 1.9 2006/02/23 22:26:53 chessing * Fix for bug id #1415020. 'Building Xsupplicant 1.2.3 Fails on FC4'. * * Revision 1.8 2005/08/14 02:11:09 chessing * Fixes for EAP-AKA. It should now really behave the way it is supposed to. ;) * * Revision 1.7 2005/08/09 01:39:15 chessing * Cleaned out old commit notes from the released version. Added a few small features including the ability to disable the friendly warnings that are spit out. (Such as the warning that is displayed when keys aren't rotated after 10 minutes.) We should also be able to start when the interface is down. Last, but not least, we can handle empty network configs. (This may be useful for situations where there isn't a good reason to have a default network defined.) * * *******************************************************************//******************************************************************* * * The development of the EAP/AKA support was funded by Internet * Foundation Austria (http://www.nic.at/ipa) * *******************************************************************/#ifdef EAP_SIM_ENABLE // Only build this if it has been enabled.#include <inttypes.h>#include <stdio.h>#include <openssl/hmac.h>#include <openssl/sha.h>#include <string.h>#include <unistd.h>#include <stdlib.h>#include "winscard.h"#include "profile.h"#include "xsupconfig.h"#include "eap.h"#include "eapaka.h"#include "../sim/eapsim.h"#include "../sim/sm_handler.h"#include "../sim/fips.h"#include "xsup_debug.h"#include "xsup_err.h"#include "aka.h"#ifdef USE_EFENCE#include <efence.h>#endifint eapaka_get_username(struct interface_data *thisint){ char *imsi; char realm[25], card_mode=0; char *readers, *username; struct config_eap_aka *userdata; struct generic_eap_data mydata; struct config_network *network_data; SCARDCONTEXT ctx; SCARDHANDLE hdl; if (!xsup_assert((thisint != NULL), "thisint != NULL", FALSE)) return XEMALLOC; network_data = config_get_network_config(); if (!xsup_assert((network_data != NULL), "network_data != NULL", FALSE)) return XEBADCONFIG; userdata = (struct config_eap_aka *)network_data->methods->method_data; mydata.eap_conf_data = userdata; // Initalize our smartcard context, and get ready to authenticate. if (sm_handler_init_ctx(&ctx) != 0) { debug_printf(DEBUG_NORMAL, "Couldn't initialize smart card context!\n"); return XESIMGENERR; } readers = sm_handler_get_readers(&ctx); if (readers == NULL) { debug_printf(DEBUG_NORMAL, "Couldn't list available readers!\n"); return XESIMGENERR; } // Connect to the smart card. if (sm_handler_card_connect(&ctx, &hdl, readers) != 0) { debug_printf(DEBUG_NORMAL, "Error connecting to smart card reader!\n"); return XESIMGENERR; } // Wait for up to 10 seconds for the smartcard to become ready. if (sm_handler_wait_card_ready(&hdl, 10) != 0) { debug_printf(DEBUG_NORMAL, "Smart Card wasn't ready after 10 seconds!\n"); return XESIMGENERR; } imsi = sm_handler_3g_imsi(&hdl, card_mode, userdata->password); if (imsi == NULL) { debug_printf(DEBUG_NORMAL, "Error starting smart card, and getting IMSI!\n"); return XESIMGENERR; } debug_printf(DEBUG_AUTHTYPES, "SIM IMSI (AKA) : %s\n",imsi); if (network_data->identity != NULL) { free(network_data->identity); } network_data->identity = (char *)malloc(50); // 50 should be plenty! if (network_data->identity == NULL) { debug_printf(DEBUG_NORMAL, "Couldn't allocate memory for identity!\n"); return XEMALLOC; } username = network_data->identity; userdata->username = username; bzero(username, 50); username[0] = '1'; // An IMSI should always start with a 1. strncpy(&username[1], imsi, 18); if (userdata->auto_realm == TRUE) { bzero(&realm, 25); sprintf((char *)&realm, "@mnc%c%c%c.mcc%c%c%c.owlan.org", username[4], username[5], username[6], username[1], username[2], username[3]); debug_printf(DEBUG_AUTHTYPES, "Realm Portion : %s\n",realm); strcat(username, realm); } // Close the smartcard, so that we know what state we are in. sm_handler_close_sc(&hdl, &ctx); free(imsi); imsi = NULL; free(readers); readers = NULL; debug_printf(DEBUG_AUTHTYPES, "Username is now : %s\n", username); return XENONE;}int eapaka_setup(struct generic_eap_data *thisint){ struct aka_eaptypedata *mydata; struct config_eap_aka *userdata; char *imsi; debug_printf(DEBUG_AUTHTYPES, "(EAP-AKA) Initalized\n"); if (!xsup_assert((thisint != NULL), "thisint != NULL", FALSE)) return XEMALLOC; thisint->eap_data = (char *)malloc(sizeof(struct aka_eaptypedata)); if (thisint->eap_data == NULL) { debug_printf(DEBUG_NORMAL, "Couldn't allocate memory for EAP-AKA specific data structure!\n"); return XEMALLOC; } mydata = (struct aka_eaptypedata *)thisint->eap_data; userdata = (struct config_eap_aka *)thisint->eap_conf_data; mydata->numrands = 0; mydata->nonce_mt = NULL; mydata->keyingMaterial = NULL; thisint->eap_data = (void *)mydata;#ifndef RADIATOR_TEST // Initalize our smartcard context, and get ready to authenticate. if (sm_handler_init_ctx(&mydata->scntx) != 0) { debug_printf(DEBUG_NORMAL, "Couldn't initialize smart card context!\n"); return XESIMGENERR; } mydata->readers = sm_handler_get_readers(&mydata->scntx); if (mydata->readers == NULL) { debug_printf(DEBUG_NORMAL, "Couldn't get any available readers!\n"); return XESIMGENERR; } // Connect to the smart card. if (sm_handler_card_connect(&mydata->scntx, &mydata->shdl, mydata->readers) != 0) { debug_printf(DEBUG_NORMAL, "Error connecting to smart card reader!\n"); return XESIMGENERR; } // Wait for up to 20 seconds for the smartcard to become ready. if (sm_handler_wait_card_ready(&mydata->shdl, 20) != 0) { debug_printf(DEBUG_NORMAL, "Smart Card wasn't ready after 20 seconds!\n"); return XESIMGENERR; } imsi = sm_handler_3g_imsi(&mydata->shdl, mydata->card_mode, userdata->password); if (imsi == NULL) { debug_printf(DEBUG_NORMAL, "Error starting smart card, and getting IMSI!\n"); return XESIMGENERR; }#endif if (userdata->username == NULL) { userdata->username = imsi; } else {#ifndef RADIATOR_TEST free(imsi); imsi = NULL;#endif } return XENONE;}int eapaka_process(struct generic_eap_data *thisint, uint8_t *dataoffs, int insize, uint8_t *out, int *outsize){ int packet_offset, outptr, i, value16, retsize, retval; struct typelength *typelen; struct typelengthres *typelenres; struct aka_eaptypedata *mydata; char *username, *framecpy, mac_val[16], mac_calc[20], reslen = 0, reallen; unsigned char sres[16]; struct config_eap_aka *userdata; if (!xsup_assert((thisint != NULL), "thisint != NULL", FALSE)) return XEMALLOC; if (!xsup_assert((thisint->eap_data != NULL), "thisint->eap_data != NULL", FALSE)) return XEMALLOC; mydata = (struct aka_eaptypedata *)thisint->eap_data; userdata = (struct config_eap_aka *)thisint->eap_conf_data; if (!xsup_assert((userdata != NULL), "userdata != NULL", FALSE))⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -