155714Skris/* 255714Skris * EAP common peer/server definitions 355714Skris * Copyright (c) 2004-2007, Jouni Malinen <j@w1.fi> 455714Skris * 555714Skris * This program is free software; you can redistribute it and/or modify 655714Skris * it under the terms of the GNU General Public License version 2 as 755714Skris * published by the Free Software Foundation. 8296465Sdelphij * 955714Skris * Alternatively, this software may be distributed under the terms of BSD 1055714Skris * license. 1155714Skris * 1255714Skris * See README and COPYING for more details. 1355714Skris */ 1455714Skris 15296465Sdelphij#include "includes.h" 1655714Skris 1755714Skris#include "common.h" 1855714Skris#include "eap_defs.h" 1955714Skris#include "eap_common.h" 2055714Skris 2155714Skris/** 22296465Sdelphij * eap_hdr_validate - Validate EAP header 2355714Skris * @vendor: Expected EAP Vendor-Id (0 = IETF) 2455714Skris * @eap_type: Expected EAP type number 2555714Skris * @msg: EAP frame (starting with EAP header) 2655714Skris * @plen: Pointer to variable to contain the returned payload length 2755714Skris * Returns: Pointer to EAP payload (after type field), or %NULL on failure 2855714Skris * 2955714Skris * This is a helper function for EAP method implementations. This is usually 3055714Skris * called in the beginning of struct eap_method::process() function to verify 3155714Skris * that the received EAP request packet has a valid header. This function is 3255714Skris * able to process both legacy and expanded EAP headers and in most cases, the 3355714Skris * caller can just use the returned payload pointer (into *plen) for processing 3455714Skris * the payload regardless of whether the packet used the expanded EAP header or 3555714Skris * not. 3655714Skris */ 37296465Sdelphijconst u8 * eap_hdr_validate(int vendor, EapType eap_type, 3855714Skris const struct wpabuf *msg, size_t *plen) 3955714Skris{ 40296465Sdelphij const struct eap_hdr *hdr; 4155714Skris const u8 *pos; 4255714Skris size_t len; 4355714Skris 4455714Skris hdr = wpabuf_head(msg); 4555714Skris 4655714Skris if (wpabuf_len(msg) < sizeof(*hdr)) { 4755714Skris wpa_printf(MSG_INFO, "EAP: Too short EAP frame"); 4855714Skris return NULL; 4955714Skris } 5055714Skris 5155714Skris len = be_to_host16(hdr->length); 52296465Sdelphij if (len < sizeof(*hdr) + 1 || len > wpabuf_len(msg)) { 5355714Skris wpa_printf(MSG_INFO, "EAP: Invalid EAP length"); 5455714Skris return NULL; 5555714Skris } 5655714Skris 5755714Skris pos = (const u8 *) (hdr + 1); 5855714Skris 59296465Sdelphij if (*pos == EAP_TYPE_EXPANDED) { 60296465Sdelphij int exp_vendor; 6155714Skris u32 exp_type; 6255714Skris if (len < sizeof(*hdr) + 8) { 6355714Skris wpa_printf(MSG_INFO, "EAP: Invalid expanded EAP " 6455714Skris "length"); 6555714Skris return NULL; 6655714Skris } 67296465Sdelphij pos++; 68296465Sdelphij exp_vendor = WPA_GET_BE24(pos); 69296465Sdelphij pos += 3; 70296465Sdelphij exp_type = WPA_GET_BE32(pos); 71296465Sdelphij pos += 4; 7255714Skris if (exp_vendor != vendor || exp_type != (u32) eap_type) { 7355714Skris wpa_printf(MSG_INFO, "EAP: Invalid expanded frame " 74296465Sdelphij "type"); 75296465Sdelphij return NULL; 76296465Sdelphij } 77296465Sdelphij 78296465Sdelphij *plen = len - sizeof(*hdr) - 8; 79296465Sdelphij return pos; 80296465Sdelphij } else { 81296465Sdelphij if (vendor != EAP_VENDOR_IETF || *pos != eap_type) { 82296465Sdelphij wpa_printf(MSG_INFO, "EAP: Invalid frame type"); 8355714Skris return NULL; 8455714Skris } 85296465Sdelphij *plen = len - sizeof(*hdr) - 1; 86296465Sdelphij return pos + 1; 87296465Sdelphij } 88296465Sdelphij} 89296465Sdelphij 9055714Skris 9155714Skris/** 92296465Sdelphij * eap_msg_alloc - Allocate a buffer for an EAP message 93296465Sdelphij * @vendor: Vendor-Id (0 = IETF) 94296465Sdelphij * @type: EAP type 95296465Sdelphij * @payload_len: Payload length in bytes (data after Type) 96296465Sdelphij * @code: Message Code (EAP_CODE_*) 97296465Sdelphij * @identifier: Identifier 98296465Sdelphij * Returns: Pointer to the allocated message buffer or %NULL on error 99296465Sdelphij * 100296465Sdelphij * This function can be used to allocate a buffer for an EAP message and fill 101296465Sdelphij * in the EAP header. This function is automatically using expanded EAP header 102296465Sdelphij * if the selected Vendor-Id is not IETF. In other words, most EAP methods do 10355714Skris * not need to separately select which header type to use when using this 104296465Sdelphij * function to allocate the message buffers. The returned buffer has room for 105296465Sdelphij * payload_len bytes and has the EAP header and Type field already filled in. 10655714Skris */ 107296465Sdelphijstruct wpabuf * eap_msg_alloc(int vendor, EapType type, size_t payload_len, 108296465Sdelphij u8 code, u8 identifier) 109296465Sdelphij{ 110296465Sdelphij struct wpabuf *buf; 111296465Sdelphij struct eap_hdr *hdr; 112296465Sdelphij size_t len; 113296465Sdelphij 114296465Sdelphij len = sizeof(struct eap_hdr) + (vendor == EAP_VENDOR_IETF ? 1 : 8) + 115296465Sdelphij payload_len; 116296465Sdelphij buf = wpabuf_alloc(len); 117296465Sdelphij if (buf == NULL) 118296465Sdelphij return NULL; 11955714Skris 120296465Sdelphij hdr = wpabuf_put(buf, sizeof(*hdr)); 121296465Sdelphij hdr->code = code; 12255714Skris hdr->identifier = identifier; 123296465Sdelphij hdr->length = host_to_be16(len); 124296465Sdelphij 12555714Skris if (vendor == EAP_VENDOR_IETF) { 12655714Skris wpabuf_put_u8(buf, type); 127296465Sdelphij } else { 12855714Skris wpabuf_put_u8(buf, EAP_TYPE_EXPANDED); 12955714Skris wpabuf_put_be24(buf, vendor); 130296465Sdelphij wpabuf_put_be32(buf, type); 13155714Skris } 132296465Sdelphij 13355714Skris return buf; 13455714Skris} 135296465Sdelphij 136296465Sdelphij 137296465Sdelphij/** 138296465Sdelphij * eap_update_len - Update EAP header length 139296465Sdelphij * @msg: EAP message from eap_msg_alloc 140296465Sdelphij * 141296465Sdelphij * This function updates the length field in the EAP header to match with the 142296465Sdelphij * current length for the buffer. This allows eap_msg_alloc() to be used to 14355714Skris * allocate a larger buffer than the exact message length (e.g., if exact 144296465Sdelphij * message length is not yet known). 145296465Sdelphij */ 146296465Sdelphijvoid eap_update_len(struct wpabuf *msg) 147296465Sdelphij{ 148296465Sdelphij struct eap_hdr *hdr; 149296465Sdelphij hdr = wpabuf_mhead(msg); 150296465Sdelphij if (wpabuf_len(msg) < sizeof(*hdr)) 151296465Sdelphij return; 152296465Sdelphij hdr->length = host_to_be16(wpabuf_len(msg)); 153296465Sdelphij} 154296465Sdelphij 155296465Sdelphij 15655714Skris/** 157296465Sdelphij * eap_get_id - Get EAP Identifier from wpabuf 158296465Sdelphij * @msg: Buffer starting with an EAP header 159296465Sdelphij * Returns: The Identifier field from the EAP header 16055714Skris */ 161296465Sdelphiju8 eap_get_id(const struct wpabuf *msg) 162296465Sdelphij{ 163296465Sdelphij const struct eap_hdr *eap; 164296465Sdelphij 165296465Sdelphij if (wpabuf_len(msg) < sizeof(*eap)) 166296465Sdelphij return 0; 167296465Sdelphij 168296465Sdelphij eap = wpabuf_head(msg); 169296465Sdelphij return eap->identifier; 170296465Sdelphij} 171296465Sdelphij 172296465Sdelphij 173296465Sdelphij/** 174296465Sdelphij * eap_get_id - Get EAP Type from wpabuf 175296465Sdelphij * @msg: Buffer starting with an EAP header 176296465Sdelphij * Returns: The EAP Type after the EAP header 177296465Sdelphij */ 178296465SdelphijEapType eap_get_type(const struct wpabuf *msg) 179296465Sdelphij{ 180296465Sdelphij if (wpabuf_len(msg) < sizeof(struct eap_hdr) + 1) 181296465Sdelphij return EAP_TYPE_NONE; 182296465Sdelphij 183296465Sdelphij return ((const u8 *) wpabuf_head(msg))[sizeof(struct eap_hdr)]; 184296465Sdelphij} 185296465Sdelphij