Changes to print KAY specific details via ctrl_iface

Message ID	CAGNNFCb7336A-yASKi=HWKP+n-dqKCvxkPtC5AOUmDJC0i9Vwg@mail.gmail.com
State	Accepted
Headers	show Return-Path: <hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org> MIME-Version: 1.0 From: Badrish Adiga H R <badrish.adigahr@gmail.com> Date: Fri, 16 Dec 2016 01:40:53 +0530 Message-ID: <CAGNNFCb7336A-yASKi=HWKP+n-dqKCvxkPtC5AOUmDJC0i9Vwg@mail.gmail.com> Subject: [PATCH] Changes to print KAY specific details via ctrl_iface To: hostap@lists.infradead.org summary: Content analysis details: (-2.7 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at http://www.dnswl.org/, low trust [2607:f8b0:4002:c05:0:0:0:244 listed in] [list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (badrish.adigahr[at]gmail.com) -1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1% [score: 0.0000] -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid Precedence: list Cc: badrishadighar <badrish.adighar@gmail.com> Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "Hostap" <hostap-bounces@lists.infradead.org> Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org

Message ID

CAGNNFCb7336A-yASKi=HWKP+n-dqKCvxkPtC5AOUmDJC0i9Vwg@mail.gmail.com

State

Accepted

Headers

MIME-Version: 1.0
From: Badrish Adiga H R <badrish.adigahr@gmail.com>
Date: Fri, 16 Dec 2016 01:40:53 +0530
Message-ID: <CAGNNFCb7336A-yASKi=HWKP+n-dqKCvxkPtC5AOUmDJC0i9Vwg@mail.gmail.com>
Subject: [PATCH] Changes to print KAY specific details via ctrl_iface
To: hostap@lists.infradead.org
Precedence: list
Cc: badrishadighar <badrish.adighar@gmail.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: "Hostap" <hostap-bounces@lists.infradead.org>
Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org

Commit Message

Badrish Adiga H R Dec. 15, 2016, 8:10 p.m. UTC

Below are changes to print KAY specific details via ctrl_iface...

Signed-off-by: Badrish Adiga H R <badrish.adigahr@hpe.com>
---
 src/pae/ieee802_1x_kay.c    | 47 +++++++++++++++++++++++++++++++++++++++++++++
 src/pae/ieee802_1x_kay.h    |  3 +++
 wpa_supplicant/ctrl_iface.c |  6 ++++++
 3 files changed, 56 insertions(+)

                char *start = pos;
--
2.6.1.133.gf5b6079

Comments

Jouni Malinen Dec. 19, 2016, 8:56 p.m. UTC | #1

On Fri, Dec 16, 2016 at 01:40:53AM +0530, Badrish Adiga H R wrote:
> Below are changes to print KAY specific details via ctrl_iface...

Thanks, applied with this fixed:

> diff --git a/wpa_supplicant/ctrl_iface.c b/wpa_supplicant/ctrl_iface.c
> @@ -2050,6 +2050,12 @@ static int
> wpa_supplicant_ctrl_iface_status(struct wpa_supplicant *wpa_s,

> +#ifdef CONFIG_MACSEC
> +       ieee802_1x_kay_get_status(wpa_s->kay, pos, end - pos);
> +       if (res >= 0)
> +               pos += res;
> +#endif /* CONFIG_MACSEC */

That would use incorrect res value; the one returned by
ieee802_1x_kay_get_status() needs to be used here.. Was this patch
actually tested or even compile tested (a modern compiler would warn
about res being potentially used uninitialized here).

Badrish Adiga H R Dec. 21, 2016, 12:02 p.m. UTC | #2

Hi Jouni,

Thanks for accepting the patch. I had tested with code
         res = ieee802_1x_kay_get_status(wpa_s->kay, pos, end - pos);
It seems that, I inadvertently missed `res =` while submitting the patch...
Apologies for this..

regards,
Badrish

On Tue, Dec 20, 2016 at 2:26 AM, Jouni Malinen <j@w1.fi> wrote:
> On Fri, Dec 16, 2016 at 01:40:53AM +0530, Badrish Adiga H R wrote:
>> Below are changes to print KAY specific details via ctrl_iface...
>
> Thanks, applied with this fixed:
>
>> diff --git a/wpa_supplicant/ctrl_iface.c b/wpa_supplicant/ctrl_iface.c
>> @@ -2050,6 +2050,12 @@ static int
>> wpa_supplicant_ctrl_iface_status(struct wpa_supplicant *wpa_s,
>
>> +#ifdef CONFIG_MACSEC
>> +       ieee802_1x_kay_get_status(wpa_s->kay, pos, end - pos);
>> +       if (res >= 0)
>> +               pos += res;
>> +#endif /* CONFIG_MACSEC */
>
> That would use incorrect res value; the one returned by
> ieee802_1x_kay_get_status() needs to be used here.. Was this patch
> actually tested or even compile tested (a modern compiler would warn
> about res being potentially used uninitialized here).
>
> --
> Jouni Malinen                                            PGP id EFC895FA

diff --git a/src/pae/ieee802_1x_kay.c b/src/pae/ieee802_1x_kay.c
index 1d6d9a9..818b3bc 100644
--- a/src/pae/ieee802_1x_kay.c
+++ b/src/pae/ieee802_1x_kay.c
@@ -1641,6 +1641,7 @@  ieee802_1x_mka_decode_dist_sak_body(
        ieee802_1x_cp_signal_newsak(kay->cp);
        ieee802_1x_cp_sm_step(kay->cp);

+       kay->rcvd_keys++;
        participant->to_use_sak = TRUE;

        return 0;
@@ -3519,3 +3520,49 @@  ieee802_1x_kay_change_cipher_suite(struct
ieee802_1x_kay *kay,

        return 0;
 }
+
+#ifdef CONFIG_CTRL_IFACE
+/**
+ * ieee802_1x_kay_get_status - Get IEEE 802.1X KAY status details
+ * @sm: Pointer to KAY allocated with ieee802_1x_kay_init
+ * @buf: Buffer for status information
+ * @buflen: Maximum buffer length
+ * @verbose: Whether to include verbose status information
+ * Returns: Number of bytes written to buf.
+ *
+ * Query KAY status information. This function fills in a text area
with current
+ * status information. If the buffer (buf) is not large enough, status
+ * information will be truncated to fit the buffer.
+ */
+int ieee802_1x_kay_get_status(struct ieee802_1x_kay *kay, char *buf,
+                              size_t buflen)
+{
+       int len;
+       if (kay == NULL)
+               return 0;
+
+       len = os_snprintf(buf, buflen,
+                         "PAE KAY status=%s\n"
+                         "Authenticated=%s\n"
+                         "Secured=%s\n"
+                         "Failed=%s\n"
+                         "Actor Priority=%u\n"
+                         "Key Server Priority=%u\n"
+                         "Is Key Server=%s\n"
+                         "Number of Keys Distributed=%u\n"
+                         "Number of Keys Received=%u\n",
+                         (kay->active)?"Active":"Not-Active",
+                         (kay->authenticated)?"Yes":"No",
+                         (kay->secured)?"Yes":"No",
+                         (kay->failed)?"Yes":"No",
+                         kay->actor_priority,
+                         kay->key_server_priority,
+                         (kay->is_key_server)?"Yes":"No",
+                         (kay->dist_kn - 1),
+                         kay->rcvd_keys);
+       if (os_snprintf_error(buflen, len))
+               return 0;
+
+       return len;
+}
+#endif /* CONFIG_CTRL_IFACE */
diff --git a/src/pae/ieee802_1x_kay.h b/src/pae/ieee802_1x_kay.h
index 9a92d1c..0f54057 100644
--- a/src/pae/ieee802_1x_kay.h
+++ b/src/pae/ieee802_1x_kay.h
@@ -208,6 +208,7 @@  struct ieee802_1x_kay {
        int mka_algindex;  /* MKA alg table index */

        u32 dist_kn;
+       u32 rcvd_keys;
        u8 dist_an;
        time_t dist_time;

@@ -267,5 +268,7 @@  int ieee802_1x_kay_enable_tx_sas(struct ieee802_1x_kay *kay,
 int ieee802_1x_kay_enable_rx_sas(struct ieee802_1x_kay *kay,
                                 struct ieee802_1x_mka_ki *lki);
 int ieee802_1x_kay_enable_new_info(struct ieee802_1x_kay *kay);
+int ieee802_1x_kay_get_status(struct ieee802_1x_kay *kay, char *buf,
+                              size_t buflen);

 #endif /* IEEE802_1X_KAY_H */
diff --git a/wpa_supplicant/ctrl_iface.c b/wpa_supplicant/ctrl_iface.c
index 4439efb..b5b1380 100644
--- a/wpa_supplicant/ctrl_iface.c
+++ b/wpa_supplicant/ctrl_iface.c
@@ -2050,6 +2050,12 @@  static int
wpa_supplicant_ctrl_iface_status(struct wpa_supplicant *wpa_s,
                        pos += res;
        }

+#ifdef CONFIG_MACSEC
+       ieee802_1x_kay_get_status(wpa_s->kay, pos, end - pos);
+       if (res >= 0)
+               pos += res;
+#endif /* CONFIG_MACSEC */
+
        sess_id = eapol_sm_get_session_id(wpa_s->eapol, &sess_id_len);
        if (sess_id) {

Changes to print KAY specific details via ctrl_iface

Commit Message

Comments

Patch