From patchwork Wed Mar 20 15:22:44 2013 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Chris Hessing X-Patchwork-Id: 229414 Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Received: from maxx.maxx.shmoo.com (maxx.shmoo.com [205.134.188.171]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "maxx.shmoo.com", Issuer "CA Cert Signing Authority" (not verified)) by ozlabs.org (Postfix) with ESMTPS id 8B9F62C00BA for ; Thu, 21 Mar 2013 02:22:47 +1100 (EST) Received: from localhost (localhost [127.0.0.1]) by maxx.maxx.shmoo.com (Postfix) with ESMTP id 00E359C230; Wed, 20 Mar 2013 11:22:45 -0400 (EDT) X-Virus-Scanned: amavisd-new at maxx.shmoo.com Received: from maxx.maxx.shmoo.com ([127.0.0.1]) by localhost (maxx.shmoo.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PFCJTYUtF3LY; Wed, 20 Mar 2013 11:22:44 -0400 (EDT) Received: from maxx.shmoo.com (localhost [127.0.0.1]) by maxx.maxx.shmoo.com (Postfix) with ESMTP id 005079C235; Wed, 20 Mar 2013 11:22:36 -0400 (EDT) X-Original-To: mailman-post+hostap@maxx.shmoo.com Delivered-To: mailman-post+hostap@maxx.shmoo.com Received: from localhost (localhost [127.0.0.1]) by maxx.maxx.shmoo.com (Postfix) with ESMTP id 9243E9C230 for ; Wed, 20 Mar 2013 11:22:34 -0400 (EDT) X-Virus-Scanned: amavisd-new at maxx.shmoo.com Received: from maxx.maxx.shmoo.com ([127.0.0.1]) by localhost (maxx.shmoo.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cany8f+8R0q3 for ; Wed, 20 Mar 2013 11:22:30 -0400 (EDT) Received: from mail-pb0-f48.google.com (mail-pb0-f48.google.com [209.85.160.48]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority" (not verified)) by maxx.maxx.shmoo.com (Postfix) with ESMTPS id 6E3719C210 for ; Wed, 20 Mar 2013 11:22:30 -0400 (EDT) Received: by mail-pb0-f48.google.com with SMTP id wy12so1430280pbc.7 for ; Wed, 20 Mar 2013 08:22:29 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=x-received:message-id:date:from:user-agent:mime-version:to:subject :content-type:content-transfer-encoding:x-gm-message-state; bh=vaHPl/jUZHIMmfi0QvJJ6k7XPWP0uTqIPJVx2rbit34=; b=HBLqIW8WlPRdm7ZOnhLD1giYauSVGQdBpQ9zbvDqE4uywQ347dWN9ZoExekYp6hj8G M2+BUhZyTPtuSHX94n53YWbr+2z0mQOOo8vM1J6Qh35gQ0a8eRZFP/tvy+aGMJ3U/j7u Tl6pg6YwCDcpH8ree/4BgICUvtUirNgDqRtds9i5Rq5897RwzyFQIRzvxMf+8zOHJ3gV 2OWufgKUo676594xNm/xqyc79+vF01B0XbaxPvTwiuMPhyap4dGkQnkymLIAY54+ON+h hmkHBcI+uNn1ETxw5+gTlP5JUDWpaqA0rWdklXPRhB/HNmVTjyH9S8vhouRzKqpgl351 xMLQ== X-Received: by 10.66.249.231 with SMTP id yx7mr9868009pac.118.1363792949412; Wed, 20 Mar 2013 08:22:29 -0700 (PDT) Received: from [172.16.1.10] ([63.230.20.238]) by mx.google.com with ESMTPS id rr14sm2450592pbb.34.2013.03.20.08.22.27 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Wed, 20 Mar 2013 08:22:28 -0700 (PDT) Message-ID: <5149D444.5020300@cloudpath.net> Date: Wed, 20 Mar 2013 09:22:44 -0600 From: Chris Hessing User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:17.0) Gecko/20130215 Thunderbird/17.0.3 MIME-Version: 1.0 To: hostap@lists.shmoo.com Subject: [PATCH] Provide TLS alerts to CLI/UI X-Gm-Message-State: ALoCoQlbRWBsZbTP/i+e+804RxU44jjKUhWV7g6rBgWKlLwCSKbh6Y9MqiEq5XWS7mzXzZOV7b1u X-BeenThere: hostap@lists.shmoo.com X-Mailman-Version: 2.1.9 Precedence: list List-Id: HostAP Project List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: hostap-bounces@lists.shmoo.com Errors-To: hostap-bounces@lists.shmoo.com The following small patch enables sending of TLS alerts to a connected CLI or UI. It is useful for situations where the only diagnostic capabilities you have are via the CLI or UI such as some embedded systems like Android. diff --git a/src/common/wpa_ctrl.h b/src/common/wpa_ctrl.h index 84f1195..089802e 100644 --- a/src/common/wpa_ctrl.h +++ b/src/common/wpa_ctrl.h @@ -44,6 +44,8 @@ extern "C" { #define WPA_EVENT_EAP_PEER_CERT "CTRL-EVENT-EAP-PEER-CERT " /** EAP TLS certificate chain validation error */ #define WPA_EVENT_EAP_TLS_CERT_ERROR "CTRL-EVENT-EAP-TLS-CERT-ERROR " + /** EAP TLS alert */ +#define WPA_EVENT_EAP_TLS_ALERT "CTRL-EVENT-EAP-TLS-ALERT " /** EAP authentication completed successfully */ #define WPA_EVENT_EAP_SUCCESS "CTRL-EVENT-EAP-SUCCESS " /** EAP authentication failed (EAP-Failure received) */ diff --git a/src/eap_peer/eap.c b/src/eap_peer/eap.c index a4c9b25..dc145b1 100644 --- a/src/eap_peer/eap.c +++ b/src/eap_peer/eap.c @@ -1332,12 +1332,21 @@ static void eap_peer_sm_tls_event(void *ctx, enum tls_event ev, hash_hex, data->peer_cert.cert); break; case TLS_ALERT: - if (data->alert.is_local) - eap_notify_status(sm, "local TLS alert", - data->alert.description); - else - eap_notify_status(sm, "remote TLS alert", + if (data->alert.is_local) { + wpa_msg(sm->msg_ctx, MSG_INFO, WPA_EVENT_EAP_TLS_ALERT + "type='local' alert='%s'", + data->alert.description); + + eap_notify_status(sm, "local TLS alert", data->alert.description); + } else { + wpa_msg(sm->msg_ctx, MSG_INFO, WPA_EVENT_EAP_TLS_ALERT + "type='remote' alert='%s'", + data->alert.description); + + eap_notify_status(sm, "remote TLS alert", + data->alert.description); + } break; }