Message ID | CAGNNFCb7336A-yASKi=HWKP+n-dqKCvxkPtC5AOUmDJC0i9Vwg@mail.gmail.com |
---|---|
State | Accepted |
Headers | show |
On Fri, Dec 16, 2016 at 01:40:53AM +0530, Badrish Adiga H R wrote: > Below are changes to print KAY specific details via ctrl_iface... Thanks, applied with this fixed: > diff --git a/wpa_supplicant/ctrl_iface.c b/wpa_supplicant/ctrl_iface.c > @@ -2050,6 +2050,12 @@ static int > wpa_supplicant_ctrl_iface_status(struct wpa_supplicant *wpa_s, > +#ifdef CONFIG_MACSEC > + ieee802_1x_kay_get_status(wpa_s->kay, pos, end - pos); > + if (res >= 0) > + pos += res; > +#endif /* CONFIG_MACSEC */ That would use incorrect res value; the one returned by ieee802_1x_kay_get_status() needs to be used here.. Was this patch actually tested or even compile tested (a modern compiler would warn about res being potentially used uninitialized here).
Hi Jouni, Thanks for accepting the patch. I had tested with code res = ieee802_1x_kay_get_status(wpa_s->kay, pos, end - pos); It seems that, I inadvertently missed `res =` while submitting the patch... Apologies for this.. regards, Badrish On Tue, Dec 20, 2016 at 2:26 AM, Jouni Malinen <j@w1.fi> wrote: > On Fri, Dec 16, 2016 at 01:40:53AM +0530, Badrish Adiga H R wrote: >> Below are changes to print KAY specific details via ctrl_iface... > > Thanks, applied with this fixed: > >> diff --git a/wpa_supplicant/ctrl_iface.c b/wpa_supplicant/ctrl_iface.c >> @@ -2050,6 +2050,12 @@ static int >> wpa_supplicant_ctrl_iface_status(struct wpa_supplicant *wpa_s, > >> +#ifdef CONFIG_MACSEC >> + ieee802_1x_kay_get_status(wpa_s->kay, pos, end - pos); >> + if (res >= 0) >> + pos += res; >> +#endif /* CONFIG_MACSEC */ > > That would use incorrect res value; the one returned by > ieee802_1x_kay_get_status() needs to be used here.. Was this patch > actually tested or even compile tested (a modern compiler would warn > about res being potentially used uninitialized here). > > -- > Jouni Malinen PGP id EFC895FA
diff --git a/src/pae/ieee802_1x_kay.c b/src/pae/ieee802_1x_kay.c index 1d6d9a9..818b3bc 100644 --- a/src/pae/ieee802_1x_kay.c +++ b/src/pae/ieee802_1x_kay.c @@ -1641,6 +1641,7 @@ ieee802_1x_mka_decode_dist_sak_body( ieee802_1x_cp_signal_newsak(kay->cp); ieee802_1x_cp_sm_step(kay->cp); + kay->rcvd_keys++; participant->to_use_sak = TRUE; return 0; @@ -3519,3 +3520,49 @@ ieee802_1x_kay_change_cipher_suite(struct ieee802_1x_kay *kay, return 0; } + +#ifdef CONFIG_CTRL_IFACE +/** + * ieee802_1x_kay_get_status - Get IEEE 802.1X KAY status details + * @sm: Pointer to KAY allocated with ieee802_1x_kay_init + * @buf: Buffer for status information + * @buflen: Maximum buffer length + * @verbose: Whether to include verbose status information + * Returns: Number of bytes written to buf. + * + * Query KAY status information. This function fills in a text area with current + * status information. If the buffer (buf) is not large enough, status + * information will be truncated to fit the buffer. + */ +int ieee802_1x_kay_get_status(struct ieee802_1x_kay *kay, char *buf, + size_t buflen) +{ + int len; + if (kay == NULL) + return 0; + + len = os_snprintf(buf, buflen, + "PAE KAY status=%s\n" + "Authenticated=%s\n" + "Secured=%s\n" + "Failed=%s\n" + "Actor Priority=%u\n" + "Key Server Priority=%u\n" + "Is Key Server=%s\n" + "Number of Keys Distributed=%u\n" + "Number of Keys Received=%u\n", + (kay->active)?"Active":"Not-Active", + (kay->authenticated)?"Yes":"No", + (kay->secured)?"Yes":"No", + (kay->failed)?"Yes":"No", + kay->actor_priority, + kay->key_server_priority, + (kay->is_key_server)?"Yes":"No", + (kay->dist_kn - 1), + kay->rcvd_keys); + if (os_snprintf_error(buflen, len)) + return 0; + + return len; +} +#endif /* CONFIG_CTRL_IFACE */ diff --git a/src/pae/ieee802_1x_kay.h b/src/pae/ieee802_1x_kay.h index 9a92d1c..0f54057 100644 --- a/src/pae/ieee802_1x_kay.h +++ b/src/pae/ieee802_1x_kay.h @@ -208,6 +208,7 @@ struct ieee802_1x_kay { int mka_algindex; /* MKA alg table index */ u32 dist_kn; + u32 rcvd_keys; u8 dist_an; time_t dist_time; @@ -267,5 +268,7 @@ int ieee802_1x_kay_enable_tx_sas(struct ieee802_1x_kay *kay, int ieee802_1x_kay_enable_rx_sas(struct ieee802_1x_kay *kay, struct ieee802_1x_mka_ki *lki); int ieee802_1x_kay_enable_new_info(struct ieee802_1x_kay *kay); +int ieee802_1x_kay_get_status(struct ieee802_1x_kay *kay, char *buf, + size_t buflen); #endif /* IEEE802_1X_KAY_H */ diff --git a/wpa_supplicant/ctrl_iface.c b/wpa_supplicant/ctrl_iface.c index 4439efb..b5b1380 100644 --- a/wpa_supplicant/ctrl_iface.c +++ b/wpa_supplicant/ctrl_iface.c @@ -2050,6 +2050,12 @@ static int wpa_supplicant_ctrl_iface_status(struct wpa_supplicant *wpa_s, pos += res; } +#ifdef CONFIG_MACSEC + ieee802_1x_kay_get_status(wpa_s->kay, pos, end - pos); + if (res >= 0) + pos += res; +#endif /* CONFIG_MACSEC */ + sess_id = eapol_sm_get_session_id(wpa_s->eapol, &sess_id_len); if (sess_id) {
Below are changes to print KAY specific details via ctrl_iface... Signed-off-by: Badrish Adiga H R <badrish.adigahr@hpe.com> --- src/pae/ieee802_1x_kay.c | 47 +++++++++++++++++++++++++++++++++++++++++++++ src/pae/ieee802_1x_kay.h | 3 +++ wpa_supplicant/ctrl_iface.c | 6 ++++++ 3 files changed, 56 insertions(+) char *start = pos; -- 2.6.1.133.gf5b6079