12  * functions in this file. The method functions, m.func(), are similar to the
40 				  EapType method);
123 	wpa_printf(MSG_DEBUG, "EAP: deinitialize previously used EAP method "
132  * eap_config_allowed_method - Check whether EAP method is allowed
136  * @method: EAP type
137  * Returns: 1 = allowed EAP method, 0 = not allowed
141 				     int vendor, u32 method)
151 		     m[i].method != EAP_TYPE_NONE; i++) {
152 		if (m[i].vendor == vendor && m[i].method == method)
160  * eap_allowed_method - Check whether EAP method is allowed
163  * @method: EAP type
164  * Returns: 1 = allowed EAP method, 0 = not allowed
166 int eap_allowed_method(struct eap_sm *sm, int vendor, u32 method)
169 					 method);
222 		wpa_printf(MSG_DEBUG, "EAP: maintaining EAP method data for "
256 	 * some method code paths to end up not setting ignore=FALSE, clear the
317  * correct method is started, or a Nak response is built.
322 	EapType method;
328 		method = sm->reqVendorMethod;
330 		method = sm->reqMethod;
332 	eap_method = eap_peer_get_eap_method(sm->reqVendor, method);
334 	if (!eap_sm_allowMethod(sm, sm->reqVendor, method)) {
335 		wpa_printf(MSG_DEBUG, "EAP: vendor %u method %u not allowed",
336 			   sm->reqVendor, method);
338 			"vendor=%u method=%u -> NAK",
339 			sm->reqVendor, method);
340 		eap_notify_status(sm, "refuse proposed method",
346 		"vendor=%u method=%u", sm->reqVendor, method);
348 	eap_notify_status(sm, "accept proposed method",
353 	 * the previously used method data to be maintained for
354 	 * re-authentication if the method support session resumption.
355 	 * Otherwise, the previously used method data is freed and a new method
360 	    sm->m->method == method &&
363 		wpa_printf(MSG_DEBUG, "EAP: Using previous method data"
375 		wpa_printf(MSG_DEBUG, "EAP: Could not find selected method: "
376 			   "vendor %d method %d",
377 			   sm->reqVendor, method);
383 	wpa_printf(MSG_DEBUG, "EAP: Initialize selected EAP method: "
384 		   "vendor %u method %u (%s)",
385 		   sm->reqVendor, method, sm->m->name);
398 			"EAP: Failed to initialize EAP method: vendor %u "
399 			"method %u (%s)",
400 			sm->reqVendor, method, sm->m->name);
422 		"EAP vendor %u method %u (%s) selected",
423 		sm->reqVendor, method, sm->m->name);
867  * The method processing happens here. The request from the authenticator is
878 		wpa_printf(MSG_WARNING, "EAP::METHOD - method not selected");
883 	if (sm->m->vendor == EAP_VENDOR_IETF && sm->m->method == EAP_TYPE_LEAP)
890 	 * eapRespData. RFC 4137 uses three separate method procedure (check,
893 	 * method implementation interface a bit. These procedures are only
911 	wpa_printf(MSG_DEBUG, "EAP: method process -> ignore=%s "
980  * Handles requests for Identity method and builds a response.
998  * Handles requests for Notification method and builds a response.
1210 		SM_ENTER(EAP, SUCCESS); /* EAP-Success prior any EAP method */
1214 		SM_ENTER(EAP, FAILURE); /* EAP-Failure prior any EAP method */
1284 		 * final EAP method response to be sent without having to change
1352 				  EapType method)
1354 	if (!eap_allowed_method(sm, vendor, method)) {
1356 			   "vendor %u method %u", vendor, method);
1359 	if (eap_peer_get_eap_method(vendor, method))
1362 		   "vendor %u method %u", vendor, method);
1388 		    sm->reqVendorMethod == m->method)
1389 			continue; /* do not allow the current method again */
1390 		if (eap_allowed_method(sm, m->vendor, m->method)) {
1392 				   "vendor=%u method=%u",
1393 				   m->vendor, m->method);
1396 			wpabuf_put_be32(resp, m->method);
1423 		   "vendor=%u method=%u not allowed)", sm->reqMethod,
1440 		if (m->vendor == EAP_VENDOR_IETF && m->method == sm->reqMethod)
1441 			continue; /* do not allow the current method again */
1442 		if (eap_allowed_method(sm, m->vendor, m->method)) {
1449 				wpabuf_put_u8(resp, m->method);
1518 	enum { EAP_SM_SIM, EAP_SM_AKA, EAP_SM_AKA_PRIME } method = EAP_SM_SIM;
1555 			  m[i].method != EAP_TYPE_NONE); i++) {
1557 		    m[i].method == EAP_TYPE_AKA_PRIME) {
1558 			method = EAP_SM_AKA_PRIME;
1563 		    m[i].method == EAP_TYPE_AKA) {
1564 			method = EAP_SM_AKA;
1577 	switch (method) {
1653 		wpa_hexdump_ascii(MSG_DEBUG, "EAP: using method re-auth "
2001 			   "method=%u vendor=%u vendorMethod=%u",
2021 				   "LEAP method=%d id=%d",
2036 		/* Get the error code from method */
2501  * the current network. This is normally called when the EAP method indicates
2560  * @req: EAP method specific request
2611  * eap_get_phase2_type - Get EAP type for the given EAP phase 2 method name
2612  * @name: EAP method name, e.g., MD5
2614  * Returns: EAP method type or %EAP_TYPE_NONE if not found
2646 	u32 method;
2661 		method = m->method;
2662 		if (eap_allowed_phase2_type(vendor, method)) {
2664 			    method == EAP_TYPE_TLS && config &&
2668 			buf[*count].method = method;
3095  * eap_notify_pending - Notify that EAP method is ready to re-process a request
3098  * An EAP method can perform a pending operation (e.g., to get a response from

Indexes created Sun Jun 23 19:15:37 MDT 2024