📄 peap_phase2.c
字号:
memcpy(padded_frame, in, in_size);
}
if (eframe != 1)
{
peap_pad_frame(in, in_size, (uint8_t *) padded_frame, &padded_size);
}
new_frame = (uint8_t *)Malloc(1522);
if (new_frame == NULL)
{
debug_printf(DEBUG_NORMAL, "ACK! We can't allocate memory!\n");
ipc_events_malloc_failed(NULL);
retval = XEMALLOC;
goto out;
}
retval = do_peap_version1(p2d, padded_frame, padded_size,
(uint8_t *) new_frame, &new_frame_size);
if (eframe != 1)
{
peap_unpad_frame((uint8_t *) new_frame, new_frame_size, out, out_size);
} else {
memcpy(out, new_frame, new_frame_size);
*out_size = new_frame_size;
}
out:
FREE(new_frame);
FREE(padded_frame);
return retval;
}
/************************************************************************
*
* Check to make sure we have enough data to do a phase 2 authentication.
*
************************************************************************/
void peap_phase2_check(eap_type_data *eapdata)
{
struct config_eap_peap *peapconf;
if (!xsup_assert((eapdata != NULL), "eapdata != NULL", FALSE))
return;
if (!xsup_assert((eapdata->eap_conf_data != NULL),
"eapdata->eap_conf_data != NULL", FALSE))
{
eap_type_common_fail(eapdata);
return;
}
peapconf = (struct config_eap_peap *)eapdata->eap_conf_data;
if (peapconf->phase2 == NULL)
{
eap_type_common_fail(eapdata);
return;
}
}
/************************************************************************
*
* Init our phase 2 data.
*
************************************************************************/
uint8_t peap_phase2_init(eap_type_data *eapdata)
{
struct tls_vars *mytls_vars = NULL;
struct phase2_data *p2d = NULL;
struct config_eap_peap *peapconf = NULL;
context *ctx = NULL;
if (!xsup_assert((eapdata != NULL), "eapdata != NULL", FALSE))
return FALSE;
if (!xsup_assert((eapdata->eap_data != NULL),
"eapdata->eap_data != NULL", FALSE))
return FALSE;
mytls_vars = (struct tls_vars *)eapdata->eap_data;
if (mytls_vars->phase2data == NULL)
{
// Allocate memory for phase 2 data.
mytls_vars->phase2data = Malloc(sizeof(struct phase2_data));
if (mytls_vars->phase2data == NULL)
{
debug_printf(DEBUG_NORMAL, "Couldn't allocate memory for phase 2"
" data!\n");
ipc_events_malloc_failed(NULL);
return FALSE;
}
}
peapconf = (struct config_eap_peap *)eapdata->eap_conf_data;
if (!xsup_assert((peapconf != NULL), "peapconf != NULL", FALSE))
return FALSE;
p2d = mytls_vars->phase2data;
if (p2d->sm != NULL)
{
// Clear out the old state machine, so we don't end up with any weirdness.
eap_sm_deinit(&p2d->sm);
}
if (eap_sm_init(&p2d->sm) != XENONE)
{
debug_printf(DEBUG_NORMAL, "Couldn't init inner EAP state machine."
"\n");
return FALSE;
}
p2d->sm->phase = 2;
p2d->sm->curMethods = peapconf->phase2;
p2d->sm->portEnabled = TRUE;
p2d->sm->idleWhile = config_get_idleWhile();
ctx = event_core_get_active_ctx();
if ((ctx != NULL) && (ctx->prof != NULL) && (ctx->prof->temp_username != NULL))
{
p2d->sm->ident = ctx->prof->temp_username;
}
else if (peapconf->identity != NULL)
{
p2d->sm->ident = peapconf->identity;
}
else
{
p2d->sm->ident = NULL;
}
eap_sm_run(p2d->sm);
return TRUE;
}
/************************************************************************
*
* Process a phase 2 packet.
*
************************************************************************/
void peap_phase2_process(eap_type_data *eapdata, uint8_t *indata,
uint16_t insize)
{
struct tls_vars *mytls_vars;
struct phase2_data *p2d;
struct config_eap_peap *peapconf;
int res = 0;
if (!xsup_assert((eapdata != NULL), "eapdata != NULL", FALSE))
return;
if (!xsup_assert((eapdata->eap_data != NULL), "eapdata->eap_data != NULL",
FALSE))
return;
if (!xsup_assert((eapdata->eap_conf_data != NULL), "eapdata->eap_conf_data != NULL",
FALSE))
return;
mytls_vars = (struct tls_vars *)eapdata->eap_data;
if (indata == NULL)
{
debug_printf(DEBUG_NORMAL, "No valid data passed in to PEAP phase 2!\n");
eap_type_common_fail(eapdata);
return;
}
peapconf = (struct config_eap_peap *)eapdata->eap_conf_data;
if ((peapconf->identity != NULL) && (eapdata->ident != peapconf->identity))
eapdata->ident = peapconf->identity;
p2d = mytls_vars->phase2data;
if (!xsup_assert((p2d != NULL), "p2d != NULL", FALSE))
{
eap_type_common_fail(eapdata);
return;
}
p2d->result_data = Malloc(1520);
if (p2d->result_data == NULL)
{
debug_printf(DEBUG_NORMAL, "Couldn't allocate memory to store resulting"
" packet.\n");
ipc_events_malloc_failed(NULL);
eap_type_common_fail(eapdata);
return;
}
switch (p2d->peap_version)
{
case 0:
debug_printf(DEBUG_AUTHTYPES, "Doing PEAP v0!\n");
res = do_peap_version0(p2d, indata, insize, p2d->result_data,
&p2d->result_size);
if ((res != XENONE) && (res != XEINNERDONE))
{
debug_printf(DEBUG_NORMAL, "Inner PEAP v0 method failed.\n");
eap_type_common_fail(eapdata);
}
if (res == XEINNERDONE)
{
debug_printf(DEBUG_AUTHTYPES, "Inner authentication complete!\n");
eapdata->methodState = p2d->sm->methodState;
eapdata->decision = p2d->sm->decision;
eapdata->ignore = p2d->sm->ignore;
eapdata->altAccept = p2d->sm->eapSuccess;
eapdata->altReject = p2d->sm->eapFail;
}
break;
case 1:
debug_printf(DEBUG_AUTHTYPES, "Doing PEAP v1!\n");
res = do_peap_version1(p2d, indata, insize, p2d->result_data,
&p2d->result_size);
if ((res != XENONE) && (res != XEINNERDONE))
{
debug_printf(DEBUG_NORMAL, "Inner PEAP v1 method failed.\n");
eap_type_common_fail(eapdata);
}
if (res == XEINNERDONE)
{
debug_printf(DEBUG_AUTHTYPES, "Inner authentication complete!\n");
eapdata->methodState = p2d->sm->methodState;
eapdata->decision = p2d->sm->decision;
eapdata->ignore = p2d->sm->ignore;
// eapdata->altAccept = p2d->sm->eapSuccess;
eapdata->altReject = p2d->sm->eapFail;
}
break;
default:
debug_printf(DEBUG_NORMAL, "Unknown PEAP version %d!\n",
p2d->peap_version);
ipc_events_error(NULL, IPC_EVENT_ERROR_UNKNOWN_PEAP_VERSION, NULL);
eap_type_common_fail(eapdata);
break;
}
}
/************************************************************************
*
* Create a phase 2 response.
*
************************************************************************/
void peap_phase2_buildResp(eap_type_data *eapdata, uint8_t *outdata,
uint16_t *outsize)
{
struct tls_vars *mytls_vars;
struct phase2_data *p2d;
if (!xsup_assert((eapdata != NULL), "eapdata != NULL", FALSE))
{
*outsize = 0;
return;
}
if (!xsup_assert((eapdata->eap_data != NULL), "eapdata->eap_data != NULL",
FALSE))
{
*outsize = 0;
return;
}
mytls_vars = (struct tls_vars *)eapdata->eap_data;
p2d = mytls_vars->phase2data;
if (!xsup_assert((p2d != NULL), "p2d != NULL", FALSE))
{
eap_type_common_fail(eapdata);
*outsize = 0;
return;
}
if (p2d->result_data == NULL)
{
debug_printf(DEBUG_AUTHTYPES, "Nothing to return. ACKing.\n");
*outsize = 0;
return;
}
*outsize = p2d->result_size;
memcpy(outdata, p2d->result_data, p2d->result_size);
FREE(p2d->result_data);
// We need to update the state to return to the phase 1 state machine.
eapdata->ignore = p2d->sm->ignore;
}
/************************************************************************
*
* Clean up anything we have done.
*
************************************************************************/
void peap_phase2_deinit(eap_type_data *eapdata)
{
struct tls_vars *mytls_vars;
struct phase2_data *p2d;
if (!xsup_assert((eapdata != NULL), "eapdata != NULL", FALSE))
return;
if (!xsup_assert((eapdata->eap_data != NULL), "eapdata->eap_data != NULL",
FALSE))
return;
mytls_vars = (struct tls_vars *)eapdata->eap_data;
p2d = mytls_vars->phase2data;
if ((p2d != NULL) && (p2d->sm != NULL))
{
eap_sm_deinit(&p2d->sm);
}
FREE(mytls_vars->phase2data);
}
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -