Message ID | 057fd543-1a68-32f5-6814-4991d7d47e26@ecs.vuw.ac.nz |
---|---|
State | Accepted |
Headers | show |
Series | Added event messages for more eap states. | expand |
Apologies forgot to sign the patch off. So have added it below. On 28/09/17 18:53, Michael Baird wrote: > While using an external RADIUS server SUCCESS messages were not being > sent (internal was fine). > Also added event messages for other states that others might find > useful, and consistency between the two. > Signed-off-by: Michael Baird <Michael.Baird@ecs.vuw.ac.nz> > --- > src/common/wpa_ctrl.h | 11 +++++++++++ > src/eap_server/eap_server.c | 27 +++++++++++++++++++++++++++ > 2 files changed, 38 insertions(+) > > diff --git a/src/common/wpa_ctrl.h b/src/common/wpa_ctrl.h > index c59bc60..7577387 100644 > --- a/src/common/wpa_ctrl.h > +++ b/src/common/wpa_ctrl.h > @@ -50,10 +50,21 @@ extern "C" { > #define WPA_EVENT_EAP_TLS_CERT_ERROR "CTRL-EVENT-EAP-TLS-CERT-ERROR " > /** EAP status */ > #define WPA_EVENT_EAP_STATUS "CTRL-EVENT-EAP-STATUS " > +/** EAP statemachine is waiting */ > +#define WPA_EVENT_EAP_IDLE "CTRL-EVENT-EAP-IDLE " > +#define WPA_EVENT_EAP_IDLE2 "CTRL-EVENT-EAP-IDLE2 " > +/** Retransmits the previous request packet */ > +#define WPA_EVENT_EAP_RETRANSMIT "CTRL-EVENT-EAP-RETRANSMIT " > +#define WPA_EVENT_EAP_RETRANSMIT2 "CTRL-EVENT-EAP-RETRANSMIT2 " > /** EAP authentication completed successfully */ > #define WPA_EVENT_EAP_SUCCESS "CTRL-EVENT-EAP-SUCCESS " > +#define WPA_EVENT_EAP_SUCCESS2 "CTRL-EVENT-EAP-SUCCESS2 " > /** EAP authentication failed (EAP-Failure received) */ > #define WPA_EVENT_EAP_FAILURE "CTRL-EVENT-EAP-FAILURE " > +#define WPA_EVENT_EAP_FAILURE2 "CTRL-EVENT-EAP-FAILURE2 " > +/** EAP authentication failed due to no response received */ > +#define WPA_EVENT_EAP_TIMEOUT_FAILURE "CTRL-EVENT-EAP-TIMEOUT-FAILURE " > +#define WPA_EVENT_EAP_TIMEOUT_FAILURE2 > "CTRL-EVENT-EAP-TIMEOUT-FAILURE2 " > /** Network block temporarily disabled (e.g., due to authentication > failure) */ > #define WPA_EVENT_TEMP_DISABLED "CTRL-EVENT-SSID-TEMP-DISABLED " > /** Temporarily disabled network block re-enabled */ > diff --git a/src/eap_server/eap_server.c b/src/eap_server/eap_server.c > index 9706e25..53873d6 100644 > --- a/src/eap_server/eap_server.c > +++ b/src/eap_server/eap_server.c > @@ -314,6 +314,8 @@ SM_STATE(EAP, IDLE) > sm->eap_if.retransWhile = eap_sm_calculateTimeout( > sm, sm->retransCount, sm->eap_if.eapSRTT, sm->eap_if.eapRTTVAR, > sm->methodTimeout); > + wpa_msg(sm->msg_ctx, MSG_INFO, WPA_EVENT_EAP_FAILURE > + MACSTR, MAC2STR(sm->peer_addr)); > } > > > @@ -326,6 +328,9 @@ SM_STATE(EAP, RETRANSMIT) > if (eap_copy_buf(&sm->eap_if.eapReqData, sm->lastReqData) == 0) > sm->eap_if.eapReq = TRUE; > } > + > + wpa_msg(sm->msg_ctx, MSG_INFO, WPA_EVENT_EAP_RETRANSMIT > + MACSTR, MAC2STR(sm->peer_addr)); > } > > > @@ -634,6 +639,9 @@ SM_STATE(EAP, TIMEOUT_FAILURE) > SM_ENTRY(EAP, TIMEOUT_FAILURE); > > sm->eap_if.eapTimeout = TRUE; > + > + wpa_msg(sm->msg_ctx, MSG_INFO, WPA_EVENT_EAP_TIMEOUT_FAILURE > + MACSTR, MAC2STR(sm->peer_addr)); > } > > > @@ -999,6 +1007,9 @@ SM_STATE(EAP, IDLE2) > sm->eap_if.retransWhile = eap_sm_calculateTimeout( > sm, sm->retransCount, sm->eap_if.eapSRTT, sm->eap_if.eapRTTVAR, > sm->methodTimeout); > + > + wpa_msg(sm->msg_ctx, MSG_INFO, WPA_EVENT_EAP_IDLE2 > + MACSTR, MAC2STR(sm->peer_addr)); > } > > > @@ -1011,6 +1022,9 @@ SM_STATE(EAP, RETRANSMIT2) > if (eap_copy_buf(&sm->eap_if.eapReqData, sm->lastReqData) == 0) > sm->eap_if.eapReq = TRUE; > } > + > + wpa_msg(sm->msg_ctx, MSG_INFO, WPA_EVENT_EAP_RETRANSMIT2 > + MACSTR, MAC2STR(sm->peer_addr)); > } > > > @@ -1093,6 +1107,9 @@ SM_STATE(EAP, AAA_IDLE) > sm->eap_if.aaaEapReq = FALSE; > sm->eap_if.aaaEapNoReq = FALSE; > sm->eap_if.aaaEapResp = TRUE; > + > + wpa_msg(sm->msg_ctx, MSG_INFO, WPA_EVENT_EAP_IDLE > + MACSTR, MAC2STR(sm->peer_addr)); > } > > > @@ -1101,6 +1118,9 @@ SM_STATE(EAP, TIMEOUT_FAILURE2) > SM_ENTRY(EAP, TIMEOUT_FAILURE2); > > sm->eap_if.eapTimeout = TRUE; > + > + wpa_msg(sm->msg_ctx, MSG_INFO, WPA_EVENT_EAP_TIMEOUT_FAILURE2 > + MACSTR, MAC2STR(sm->peer_addr)); > } > > > @@ -1110,6 +1130,9 @@ SM_STATE(EAP, FAILURE2) > > eap_copy_buf(&sm->eap_if.eapReqData, sm->eap_if.aaaEapReqData); > sm->eap_if.eapFail = TRUE; > + > + wpa_msg(sm->msg_ctx, MSG_INFO, WPA_EVENT_EAP_FAILURE2 > + MACSTR, MAC2STR(sm->peer_addr)); > } > > > @@ -1136,6 +1159,10 @@ SM_STATE(EAP, SUCCESS2) > * started properly. > */ > sm->start_reauth = TRUE; > + > + wpa_msg(sm->msg_ctx, MSG_INFO, WPA_EVENT_EAP_SUCCESS2 > + MACSTR, MAC2STR(sm->peer_addr)); > + > } > > > -- 2.7.4 >
On Thu, Sep 28, 2017 at 06:53:35PM +1300, Michael Baird wrote: > While using an external RADIUS server SUCCESS messages were not being sent (internal was fine). > Also added event messages for other states that others might find useful, and consistency between the two. Thanks, applied. Though, I had to drop these two events since the large number if IDLE events broke number of hwsim test cases: > +#define WPA_EVENT_EAP_IDLE "CTRL-EVENT-EAP-IDLE " > +#define WPA_EVENT_EAP_IDLE2 "CTRL-EVENT-EAP-IDLE2 " Do you have a specific use case in mind for these two?
diff --git a/src/common/wpa_ctrl.h b/src/common/wpa_ctrl.h index c59bc60..7577387 100644 --- a/src/common/wpa_ctrl.h +++ b/src/common/wpa_ctrl.h @@ -50,10 +50,21 @@ extern "C" { #define WPA_EVENT_EAP_TLS_CERT_ERROR "CTRL-EVENT-EAP-TLS-CERT-ERROR " /** EAP status */ #define WPA_EVENT_EAP_STATUS "CTRL-EVENT-EAP-STATUS " +/** EAP statemachine is waiting */ +#define WPA_EVENT_EAP_IDLE "CTRL-EVENT-EAP-IDLE " +#define WPA_EVENT_EAP_IDLE2 "CTRL-EVENT-EAP-IDLE2 " +/** Retransmits the previous request packet */ +#define WPA_EVENT_EAP_RETRANSMIT "CTRL-EVENT-EAP-RETRANSMIT " +#define WPA_EVENT_EAP_RETRANSMIT2 "CTRL-EVENT-EAP-RETRANSMIT2 " /** EAP authentication completed successfully */ #define WPA_EVENT_EAP_SUCCESS "CTRL-EVENT-EAP-SUCCESS " +#define WPA_EVENT_EAP_SUCCESS2 "CTRL-EVENT-EAP-SUCCESS2 " /** EAP authentication failed (EAP-Failure received) */ #define WPA_EVENT_EAP_FAILURE "CTRL-EVENT-EAP-FAILURE " +#define WPA_EVENT_EAP_FAILURE2 "CTRL-EVENT-EAP-FAILURE2 " +/** EAP authentication failed due to no response received */ +#define WPA_EVENT_EAP_TIMEOUT_FAILURE "CTRL-EVENT-EAP-TIMEOUT-FAILURE " +#define WPA_EVENT_EAP_TIMEOUT_FAILURE2 "CTRL-EVENT-EAP-TIMEOUT-FAILURE2 " /** Network block temporarily disabled (e.g., due to authentication failure) */ #define WPA_EVENT_TEMP_DISABLED "CTRL-EVENT-SSID-TEMP-DISABLED " /** Temporarily disabled network block re-enabled */ diff --git a/src/eap_server/eap_server.c b/src/eap_server/eap_server.c index 9706e25..53873d6 100644 --- a/src/eap_server/eap_server.c +++ b/src/eap_server/eap_server.c @@ -314,6 +314,8 @@ SM_STATE(EAP, IDLE) sm->eap_if.retransWhile = eap_sm_calculateTimeout( sm, sm->retransCount, sm->eap_if.eapSRTT, sm->eap_if.eapRTTVAR, sm->methodTimeout); + wpa_msg(sm->msg_ctx, MSG_INFO, WPA_EVENT_EAP_FAILURE + MACSTR, MAC2STR(sm->peer_addr)); } @@ -326,6 +328,9 @@ SM_STATE(EAP, RETRANSMIT) if (eap_copy_buf(&sm->eap_if.eapReqData, sm->lastReqData) == 0) sm->eap_if.eapReq = TRUE; } + + wpa_msg(sm->msg_ctx, MSG_INFO, WPA_EVENT_EAP_RETRANSMIT + MACSTR, MAC2STR(sm->peer_addr)); } @@ -634,6 +639,9 @@ SM_STATE(EAP, TIMEOUT_FAILURE) SM_ENTRY(EAP, TIMEOUT_FAILURE); sm->eap_if.eapTimeout = TRUE; + + wpa_msg(sm->msg_ctx, MSG_INFO, WPA_EVENT_EAP_TIMEOUT_FAILURE + MACSTR, MAC2STR(sm->peer_addr)); } @@ -999,6 +1007,9 @@ SM_STATE(EAP, IDLE2) sm->eap_if.retransWhile = eap_sm_calculateTimeout( sm, sm->retransCount, sm->eap_if.eapSRTT, sm->eap_if.eapRTTVAR, sm->methodTimeout); + + wpa_msg(sm->msg_ctx, MSG_INFO, WPA_EVENT_EAP_IDLE2 + MACSTR, MAC2STR(sm->peer_addr)); } @@ -1011,6 +1022,9 @@ SM_STATE(EAP, RETRANSMIT2) if (eap_copy_buf(&sm->eap_if.eapReqData, sm->lastReqData) == 0) sm->eap_if.eapReq = TRUE; } + + wpa_msg(sm->msg_ctx, MSG_INFO, WPA_EVENT_EAP_RETRANSMIT2 + MACSTR, MAC2STR(sm->peer_addr)); } @@ -1093,6 +1107,9 @@ SM_STATE(EAP, AAA_IDLE) sm->eap_if.aaaEapReq = FALSE; sm->eap_if.aaaEapNoReq = FALSE; sm->eap_if.aaaEapResp = TRUE; + + wpa_msg(sm->msg_ctx, MSG_INFO, WPA_EVENT_EAP_IDLE + MACSTR, MAC2STR(sm->peer_addr)); } @@ -1101,6 +1118,9 @@ SM_STATE(EAP, TIMEOUT_FAILURE2) SM_ENTRY(EAP, TIMEOUT_FAILURE2); sm->eap_if.eapTimeout = TRUE; + + wpa_msg(sm->msg_ctx, MSG_INFO, WPA_EVENT_EAP_TIMEOUT_FAILURE2 + MACSTR, MAC2STR(sm->peer_addr)); } @@ -1110,6 +1130,9 @@ SM_STATE(EAP, FAILURE2) eap_copy_buf(&sm->eap_if.eapReqData, sm->eap_if.aaaEapReqData); sm->eap_if.eapFail = TRUE; + + wpa_msg(sm->msg_ctx, MSG_INFO, WPA_EVENT_EAP_FAILURE2 + MACSTR, MAC2STR(sm->peer_addr)); } @@ -1136,6 +1159,10 @@ SM_STATE(EAP, SUCCESS2) * started properly. */ sm->start_reauth = TRUE; + + wpa_msg(sm->msg_ctx, MSG_INFO, WPA_EVENT_EAP_SUCCESS2 + MACSTR, MAC2STR(sm->peer_addr)); + }