search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Nuke debug prints.
[dragonfly.git] / contrib / hostapd-0.5.8 / eap_md5.c
blob234a319b69099e24008edecc7f37eedfa5d619ca
1 /*
2 * hostapd / EAP-MD5 server
3 * Copyright (c) 2004-2006, Jouni Malinen <j@w1.fi>
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
8 *
9 * Alternatively, this software may be distributed under the terms of BSD
10 * license.
11 *
12 * See README and COPYING for more details.
13 */
14
15 #include "includes.h"
16
17 #include "hostapd.h"
18 #include "common.h"
19 #include "eap_i.h"
20 #include "md5.h"
21 #include "crypto.h"
22
23
24 #define CHALLENGE_LEN 16
25
26 struct eap_md5_data {
27 u8 challenge[CHALLENGE_LEN];
28 enum { CONTINUE, SUCCESS, FAILURE } state;
29 };
30
31
32 static void * eap_md5_init(struct eap_sm *sm)
33 {
34 struct eap_md5_data *data;
35
36 data = wpa_zalloc(sizeof(*data));
37 if (data == NULL)
38 return NULL;
39 data->state = CONTINUE;
40
41 return data;
42 }
43
44
45 static void eap_md5_reset(struct eap_sm *sm, void *priv)
46 {
47 struct eap_md5_data *data = priv;
48 free(data);
49 }
50
51
52 static u8 * eap_md5_buildReq(struct eap_sm *sm, void *priv, int id,
53 size_t *reqDataLen)
54 {
55 struct eap_md5_data *data = priv;
56 struct eap_hdr *req;
57 u8 *pos;
58
59 if (hostapd_get_rand(data->challenge, CHALLENGE_LEN)) {
60 wpa_printf(MSG_ERROR, "EAP-MD5: Failed to get random data");
61 data->state = FAILURE;
62 return NULL;
63 }
64
65 req = eap_msg_alloc(EAP_VENDOR_IETF, EAP_TYPE_MD5, reqDataLen,
66 1 + CHALLENGE_LEN, EAP_CODE_REQUEST, id, &pos);
67 if (req == NULL) {
68 wpa_printf(MSG_ERROR, "EAP-MD5: Failed to allocate memory for "
69 "request");
70 data->state = FAILURE;
71 return NULL;
72 }
73
74 *pos++ = CHALLENGE_LEN;
75 memcpy(pos, data->challenge, CHALLENGE_LEN);
76 wpa_hexdump(MSG_MSGDUMP, "EAP-MD5: Challenge", pos, CHALLENGE_LEN);
77
78 data->state = CONTINUE;
79
80 return (u8 *) req;
81 }
82
83
84 static Boolean eap_md5_check(struct eap_sm *sm, void *priv,
85 u8 *respData, size_t respDataLen)
86 {
87 const u8 *pos;
88 size_t len;
89
90 pos = eap_hdr_validate(EAP_VENDOR_IETF, EAP_TYPE_MD5,
91 respData, respDataLen, &len);
92 if (pos == NULL || len < 1) {
93 wpa_printf(MSG_INFO, "EAP-MD5: Invalid frame");
94 return TRUE;
95 }
96 if (*pos != MD5_MAC_LEN || 1 + MD5_MAC_LEN > len) {
97 wpa_printf(MSG_INFO, "EAP-MD5: Invalid response "
98 "(response_len=%d payload_len=%lu",
99 *pos, (unsigned long) len);
100 return TRUE;
101 }
102
103 return FALSE;
104 }
105
106
107 static void eap_md5_process(struct eap_sm *sm, void *priv,
108 u8 *respData, size_t respDataLen)
109 {
110 struct eap_md5_data *data = priv;
111 struct eap_hdr *resp;
112 const u8 *pos;
113 const u8 *addr[3];
114 size_t len[3], plen;
115 u8 hash[MD5_MAC_LEN];
116
117 if (sm->user == NULL || sm->user->password == NULL ||
118 sm->user->password_hash) {
119 wpa_printf(MSG_INFO, "EAP-MD5: Plaintext password not "
120 "configured");
121 data->state = FAILURE;
122 return;
123 }
124
125 pos = eap_hdr_validate(EAP_VENDOR_IETF, EAP_TYPE_MD5,
126 respData, respDataLen, &plen);
127 if (pos == NULL || *pos != MD5_MAC_LEN || plen < 1 + MD5_MAC_LEN)
128 return; /* Should not happen - frame already validated */
129
130 pos++; /* Skip response len */
131 wpa_hexdump(MSG_MSGDUMP, "EAP-MD5: Response", pos, MD5_MAC_LEN);
132
133 resp = (struct eap_hdr *) respData;
134 addr[0] = &resp->identifier;
135 len[0] = 1;
136 addr[1] = sm->user->password;
137 len[1] = sm->user->password_len;
138 addr[2] = data->challenge;
139 len[2] = CHALLENGE_LEN;
140 md5_vector(3, addr, len, hash);
141
142 if (memcmp(hash, pos, MD5_MAC_LEN) == 0) {
143 wpa_printf(MSG_DEBUG, "EAP-MD5: Done - Success");
144 data->state = SUCCESS;
145 } else {
146 wpa_printf(MSG_DEBUG, "EAP-MD5: Done - Failure");
147 data->state = FAILURE;
148 }
149 }
150
151
152 static Boolean eap_md5_isDone(struct eap_sm *sm, void *priv)
153 {
154 struct eap_md5_data *data = priv;
155 return data->state != CONTINUE;
156 }
157
158
159 static Boolean eap_md5_isSuccess(struct eap_sm *sm, void *priv)
160 {
161 struct eap_md5_data *data = priv;
162 return data->state == SUCCESS;
163 }
164
165
166 int eap_server_md5_register(void)
167 {
168 struct eap_method *eap;
169 int ret;
170
171 eap = eap_server_method_alloc(EAP_SERVER_METHOD_INTERFACE_VERSION,
172 EAP_VENDOR_IETF, EAP_TYPE_MD5, "MD5");
173 if (eap == NULL)
174 return -1;
175
176 eap->init = eap_md5_init;
177 eap->reset = eap_md5_reset;
178 eap->buildReq = eap_md5_buildReq;
179 eap->check = eap_md5_check;
180 eap->process = eap_md5_process;
181 eap->isDone = eap_md5_isDone;
182 eap->isSuccess = eap_md5_isSuccess;
183
184 ret = eap_server_method_register(eap);
185 if (ret)
186 eap_server_method_free(eap);
187 return ret;
188 }
DragonFly BSD