|
1 /* |
|
2 * Copyright (c) 2001-2006 Nokia Corporation and/or its subsidiary(-ies). |
|
3 * All rights reserved. |
|
4 * This component and the accompanying materials are made available |
|
5 * under the terms of the License "Eclipse Public License v1.0" |
|
6 * which accompanies this distribution, and is available |
|
7 * at the URL "http://www.eclipse.org/legal/epl-v10.html". |
|
8 * |
|
9 * Initial Contributors: |
|
10 * Nokia Corporation - initial contribution. |
|
11 * |
|
12 * Contributors: |
|
13 * |
|
14 * Description: EAP and WLAN authentication protocols. |
|
15 * |
|
16 */ |
|
17 |
|
18 |
|
19 // This is enumeration of EAPOL source code. |
|
20 #if defined(USE_EAP_MINIMUM_RELEASE_TRACES) |
|
21 #undef EAP_FILE_NUMBER_ENUM |
|
22 #define EAP_FILE_NUMBER_ENUM 115 |
|
23 #undef EAP_FILE_NUMBER_DATE |
|
24 #define EAP_FILE_NUMBER_DATE 1127594498 |
|
25 #endif //#if defined(USE_EAP_MINIMUM_RELEASE_TRACES) |
|
26 |
|
27 |
|
28 // INCLUDE FILES |
|
29 |
|
30 #include "eap_am_memory.h" |
|
31 #include "eap_state_notification.h" |
|
32 #include "eap_memory_store_variable_data.h" |
|
33 #include "eap_type_securid.h" |
|
34 #include "eap_type_securid_types.h" |
|
35 #include "eap_buffer.h" |
|
36 #include "eap_master_session_key.h" |
|
37 #include "eap_config.h" |
|
38 |
|
39 static const u32_t EAP_SECURID_EAP_HEADER_SIZE = 5; |
|
40 |
|
41 /** |
|
42 * Constructor initializes all member attributes. |
|
43 */ |
|
44 |
|
45 EAP_FUNC_EXPORT eap_type_securid_c::eap_type_securid_c( |
|
46 abs_eap_am_tools_c * const tools, |
|
47 abs_eap_base_type_c * const partner, |
|
48 eap_am_type_securid_c * const am_type_securid, |
|
49 const bool free_am_type_securid, |
|
50 const eap_type_value_e current_eap_type, ///< This the current EAP-type (GTC or SecurID). |
|
51 const bool is_client_when_true, |
|
52 const eap_am_network_id_c * const receive_network_id) |
|
53 : eap_base_type_c(tools, partner) |
|
54 , m_am_type_securid(am_type_securid) |
|
55 , m_is_valid(false) |
|
56 , m_is_client(is_client_when_true) |
|
57 , m_eap_type(current_eap_type) |
|
58 , m_free_am_type_securid(free_am_type_securid) |
|
59 , m_use_EAP_FAST_response(false) |
|
60 , m_am_tools(tools) |
|
61 , m_send_network_id(tools) |
|
62 , m_identity(tools) |
|
63 , m_passcode(tools) |
|
64 , m_pincode(tools) |
|
65 , m_is_first_passcode_query(true) |
|
66 , m_is_first_pincode_query(true) |
|
67 , m_identity_asked(false) |
|
68 , m_is_pending(false) |
|
69 , m_state(is_client_when_true) |
|
70 , m_is_reauthentication(false) |
|
71 , m_use_eap_expanded_type(false) |
|
72 #if defined(USE_EAP_CONFIGURATION_TO_SKIP_USER_INTERACTIONS) |
|
73 , m_skip_user_interactions(false) |
|
74 #endif //#if defined(USE_EAP_CONFIGURATION_TO_SKIP_USER_INTERACTIONS) |
|
75 { |
|
76 EAP_TRACE_BEGIN(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
77 |
|
78 EAP_TRACE_DEBUG( |
|
79 m_am_tools, |
|
80 TRACE_FLAGS_DEFAULT, |
|
81 (EAPL("eap_type_securid_c::eap_type_securid_c(): this = 0x%08x, ") |
|
82 EAPL("partner 0x%08x, type partner 0x%08x, compiled %s %s\n"), |
|
83 this, |
|
84 partner, |
|
85 get_type_partner(), |
|
86 __DATE__, |
|
87 __TIME__)); |
|
88 |
|
89 m_am_type_securid->set_am_partner(this); |
|
90 |
|
91 { |
|
92 // Here we swap the addresses. |
|
93 eap_am_network_id_c send_network_id(m_am_tools, |
|
94 receive_network_id->get_destination_id(), |
|
95 receive_network_id->get_source_id(), |
|
96 receive_network_id->get_type()); |
|
97 |
|
98 eap_status_e status = m_send_network_id.set_copy_of_network_id(&send_network_id); |
|
99 |
|
100 if (status != eap_status_ok |
|
101 || m_send_network_id.get_is_valid_data() == false) |
|
102 { |
|
103 (void)EAP_STATUS_RETURN(m_am_tools, eap_status_allocation_error); |
|
104 return; |
|
105 } |
|
106 } |
|
107 |
|
108 set_is_valid(); |
|
109 |
|
110 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
111 } |
|
112 |
|
113 //-------------------------------------------------- |
|
114 |
|
115 EAP_FUNC_EXPORT eap_type_securid_c::~eap_type_securid_c() |
|
116 { |
|
117 EAP_TRACE_BEGIN(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
118 |
|
119 EAP_TRACE_DEBUG( |
|
120 m_am_tools, |
|
121 TRACE_FLAGS_DEFAULT, |
|
122 (EAPL("eap_type_securid_c::~eap_type_securid_c(): this = 0x%08x\n"), |
|
123 this)); |
|
124 |
|
125 if (m_free_am_type_securid == true) |
|
126 { |
|
127 delete m_am_type_securid; |
|
128 } |
|
129 |
|
130 m_free_am_type_securid = false; |
|
131 |
|
132 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
133 } |
|
134 |
|
135 //-------------------------------------------------- |
|
136 |
|
137 EAP_FUNC_EXPORT eap_status_e eap_type_securid_c::shutdown() |
|
138 { |
|
139 EAP_TRACE_BEGIN(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
140 |
|
141 EAP_TRACE_DEBUG( |
|
142 m_am_tools, |
|
143 TRACE_FLAGS_DEFAULT, |
|
144 (EAPL("eap_type_securid_c::shutdown(): this = 0x%08x\n"), |
|
145 this)); |
|
146 |
|
147 m_am_type_securid->shutdown(); |
|
148 |
|
149 EAP_TRACE_DEBUG( |
|
150 m_am_tools, |
|
151 TRACE_FLAGS_DEFAULT, |
|
152 (EAPL("eap_type_securid_c::shutdown(): this = 0x%08x returns\n"), |
|
153 this)); |
|
154 |
|
155 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
156 return EAP_STATUS_RETURN(m_am_tools, eap_status_ok); |
|
157 } |
|
158 |
|
159 //-------------------------------------------------- |
|
160 |
|
161 EAP_FUNC_EXPORT eap_status_e eap_type_securid_c::eap_acknowledge( |
|
162 const eap_am_network_id_c * const /* receive_network_id */) |
|
163 { |
|
164 EAP_TRACE_BEGIN(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
165 |
|
166 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
167 return EAP_STATUS_RETURN(m_am_tools, eap_status_not_supported); |
|
168 } |
|
169 |
|
170 //-------------------------------------------------- |
|
171 |
|
172 EAP_FUNC_EXPORT eap_status_e eap_type_securid_c::set_initial_eap_identifier( |
|
173 const eap_am_network_id_c * const /*receive_network_id*/, |
|
174 const u8_t /*initial_identifier*/) |
|
175 { |
|
176 EAP_TRACE_BEGIN(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
177 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
178 return EAP_STATUS_RETURN(m_am_tools, eap_status_ok); |
|
179 } |
|
180 |
|
181 //-------------------------------------------------- |
|
182 |
|
183 EAP_FUNC_EXPORT void eap_type_securid_c::set_is_valid() |
|
184 { |
|
185 EAP_TRACE_BEGIN(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
186 m_is_valid = true; |
|
187 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
188 } |
|
189 |
|
190 //-------------------------------------------------- |
|
191 |
|
192 EAP_FUNC_EXPORT bool eap_type_securid_c::get_is_valid() |
|
193 { |
|
194 EAP_TRACE_BEGIN(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
195 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
196 return m_is_valid; |
|
197 } |
|
198 |
|
199 //-------------------------------------------------- |
|
200 |
|
201 EAP_FUNC_EXPORT bool eap_type_securid_c::get_is_client() |
|
202 { |
|
203 EAP_TRACE_BEGIN(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
204 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
205 return m_is_client; |
|
206 } |
|
207 |
|
208 //-------------------------------------------------- |
|
209 |
|
210 eap_buf_chain_wr_c * eap_type_securid_c::create_send_packet(u32_t length) |
|
211 { |
|
212 EAP_TRACE_BEGIN(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
213 eap_buf_chain_wr_c * packet = new eap_buf_chain_wr_c( |
|
214 eap_write_buffer, |
|
215 m_am_tools, |
|
216 length + m_offset + m_trailer_length); |
|
217 if (!packet) |
|
218 { |
|
219 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
220 return 0; |
|
221 } |
|
222 if (packet->get_is_valid() == false) |
|
223 { |
|
224 delete packet; |
|
225 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
226 return 0; |
|
227 } |
|
228 packet->set_data_length(length + m_offset); |
|
229 |
|
230 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
231 return packet; |
|
232 } |
|
233 |
|
234 //-------------------------------------------------- |
|
235 |
|
236 eap_status_e eap_type_securid_c::packet_send( |
|
237 eap_buf_chain_wr_c * const data, |
|
238 const u32_t data_length) |
|
239 { |
|
240 EAP_TRACE_BEGIN(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
241 if (m_mtu_length < data->get_data_length()) |
|
242 { |
|
243 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
244 return EAP_STATUS_RETURN(m_am_tools, eap_status_process_general_error); |
|
245 } |
|
246 |
|
247 if (data->get_is_valid_data() == false) |
|
248 { |
|
249 EAP_TRACE_DEBUG(m_am_tools, TRACE_FLAGS_DEFAULT, (EAPL("packet buffer corrupted.\n"))); |
|
250 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
251 return EAP_STATUS_RETURN(m_am_tools, eap_status_allocation_error); |
|
252 } |
|
253 |
|
254 eap_status_e status = get_type_partner()->packet_send( |
|
255 &m_send_network_id, |
|
256 data, |
|
257 m_offset, |
|
258 data_length, |
|
259 data->get_buffer_length()); |
|
260 |
|
261 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
262 return EAP_STATUS_RETURN(m_am_tools, status); |
|
263 } |
|
264 |
|
265 //-------------------------------------------------- |
|
266 |
|
267 EAP_FUNC_EXPORT eap_status_e eap_type_securid_c::finish_successful_authentication() |
|
268 { |
|
269 EAP_TRACE_BEGIN(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
270 EAP_TRACE_DEBUG( |
|
271 m_am_tools, |
|
272 TRACE_FLAGS_DEFAULT, |
|
273 (EAPL("EAP_type_SECURID: function: finish_successful_authentication(), EAP-SUCCESS\n"))); |
|
274 |
|
275 eap_master_session_key_c empty_key( |
|
276 m_am_tools, |
|
277 m_eap_type); |
|
278 u8_t key[1] = ""; |
|
279 |
|
280 eap_status_e status = empty_key.set_buffer( |
|
281 key, |
|
282 0ul, |
|
283 false, |
|
284 false); |
|
285 if (status != eap_status_ok) |
|
286 { |
|
287 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
288 return EAP_STATUS_RETURN(m_am_tools, status); |
|
289 } |
|
290 |
|
291 // This needed in PEAPv2. Just an empty key is given to PEAPv2. |
|
292 status = get_type_partner()->packet_data_crypto_keys( |
|
293 &m_send_network_id, |
|
294 &empty_key); |
|
295 if (status != eap_status_ok) |
|
296 { |
|
297 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
298 return EAP_STATUS_RETURN(m_am_tools, status); |
|
299 } |
|
300 |
|
301 eap_state_notification_c notification( |
|
302 m_am_tools, |
|
303 &m_send_network_id, |
|
304 m_is_client, |
|
305 eap_state_notification_eap, |
|
306 eap_protocol_layer_eap, |
|
307 m_eap_type, |
|
308 eap_state_none, |
|
309 eap_state_authentication_finished_successfully, |
|
310 m_identifier, |
|
311 true); |
|
312 get_type_partner()->state_notification(¬ification); |
|
313 |
|
314 // Store úsername for reauthentication (client only) |
|
315 if (m_is_client) |
|
316 { |
|
317 eap_variable_data_c key(m_am_tools); |
|
318 status = m_am_type_securid->get_memory_store_key(&key); |
|
319 if (status != eap_status_ok) |
|
320 { |
|
321 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
322 return EAP_STATUS_RETURN(m_am_tools, status); |
|
323 } |
|
324 |
|
325 |
|
326 eap_tlv_message_data_c tlv_data(m_am_tools); |
|
327 |
|
328 status = tlv_data.add_message_data( |
|
329 eap_type_gtc_stored_identity, |
|
330 m_identity.get_data_length(), |
|
331 m_identity.get_data()); |
|
332 if (status != eap_status_ok) |
|
333 { |
|
334 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
335 return EAP_STATUS_RETURN(m_am_tools, status); |
|
336 } |
|
337 |
|
338 status = m_am_tools->memory_store_add_data( |
|
339 &key, |
|
340 &tlv_data, |
|
341 eap_type_default_credential_timeout); |
|
342 if (status != eap_status_ok) |
|
343 { |
|
344 EAP_TRACE_DEBUG( |
|
345 m_am_tools, |
|
346 TRACE_FLAGS_DEFAULT, |
|
347 (EAPL("EAP_type_SECURID: function: finish_successful_authentication(): cannot store credentials\n"))); |
|
348 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
349 return EAP_STATUS_RETURN(m_am_tools, status); |
|
350 } |
|
351 |
|
352 EAP_TRACE_DEBUG( |
|
353 m_am_tools, |
|
354 TRACE_FLAGS_DEFAULT, |
|
355 (EAPL("EAP_type_GTC: function: finish_successful_authentication(): ") |
|
356 EAPL("username stored if no errors\n"))); |
|
357 } |
|
358 |
|
359 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
360 return EAP_STATUS_RETURN(m_am_tools, eap_status_ok); |
|
361 } |
|
362 |
|
363 //-------------------------------------------------- |
|
364 |
|
365 EAP_FUNC_EXPORT eap_status_e eap_type_securid_c::finish_unsuccessful_authentication( |
|
366 const bool authentication_cancelled) |
|
367 { |
|
368 EAP_TRACE_BEGIN(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
369 EAP_TRACE_DEBUG( |
|
370 m_am_tools, |
|
371 TRACE_FLAGS_DEFAULT, |
|
372 (EAPL("EAP_type_SECURID: function: finish_unsuccessful_authentication()\n"))); |
|
373 |
|
374 if (authentication_cancelled == true) |
|
375 { |
|
376 eap_state_notification_c notification( |
|
377 m_am_tools, |
|
378 &m_send_network_id, |
|
379 m_is_client, |
|
380 eap_state_notification_eap, |
|
381 eap_protocol_layer_general, // This must be used with eap_general_state_authentication_cancelled. |
|
382 m_eap_type, |
|
383 eap_state_none, |
|
384 eap_general_state_authentication_cancelled, |
|
385 m_identifier, |
|
386 false); |
|
387 |
|
388 notification.set_authentication_error(eap_status_authentication_failure); |
|
389 |
|
390 get_type_partner()->state_notification(¬ification); |
|
391 } |
|
392 else |
|
393 { |
|
394 eap_state_notification_c notification( |
|
395 m_am_tools, |
|
396 &m_send_network_id, |
|
397 m_is_client, |
|
398 eap_state_notification_eap, |
|
399 eap_protocol_layer_eap, |
|
400 m_eap_type, |
|
401 eap_state_none, |
|
402 eap_state_authentication_terminated_unsuccessfully, |
|
403 m_identifier, |
|
404 false); |
|
405 |
|
406 notification.set_authentication_error(eap_status_authentication_failure); |
|
407 |
|
408 if (m_is_client == true) |
|
409 { |
|
410 eap_variable_data_c string(m_am_tools); |
|
411 eap_status_e status = m_am_type_securid->read_auth_failure_string(&string); |
|
412 if (status == eap_status_ok) |
|
413 { |
|
414 notification.set_notification_string(&string, true); |
|
415 } |
|
416 } |
|
417 get_type_partner()->state_notification(¬ification); |
|
418 } |
|
419 |
|
420 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
421 return EAP_STATUS_RETURN(m_am_tools, eap_status_ok); |
|
422 } |
|
423 |
|
424 //-------------------------------------------------- |
|
425 |
|
426 EAP_FUNC_EXPORT eap_status_e eap_type_securid_c::packet_process( |
|
427 const eap_am_network_id_c * const /*receive_network_id*/, |
|
428 eap_header_wr_c * const received_eap, |
|
429 const u32_t eap_packet_length) |
|
430 { |
|
431 EAP_TRACE_BEGIN(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
432 eap_status_e status = eap_status_process_general_error; |
|
433 |
|
434 if (eap_packet_length < EAP_SECURID_EAP_HEADER_SIZE - 1) // Without type code |
|
435 { |
|
436 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
437 return EAP_STATUS_RETURN(m_am_tools, eap_status_drop_packet_quietly); |
|
438 } |
|
439 |
|
440 if (eap_packet_length > received_eap->get_header_buffer_length()) |
|
441 { |
|
442 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
443 return EAP_STATUS_RETURN(m_am_tools, eap_status_drop_packet_quietly); |
|
444 } |
|
445 |
|
446 if (received_eap->get_type() == eap_type_notification) |
|
447 { |
|
448 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
449 return EAP_STATUS_RETURN(m_am_tools, eap_status_drop_packet_quietly); |
|
450 } |
|
451 |
|
452 |
|
453 #ifdef EAP_SECURID_SERVER |
|
454 if (m_is_client) // Client |
|
455 { |
|
456 #endif |
|
457 |
|
458 status = client_packet_process( |
|
459 received_eap, |
|
460 eap_packet_length); |
|
461 |
|
462 #ifdef EAP_SECURID_SERVER |
|
463 } |
|
464 else // Server |
|
465 { |
|
466 status = server_packet_process( |
|
467 received_eap, |
|
468 eap_packet_length); |
|
469 } |
|
470 #endif |
|
471 |
|
472 if (status == eap_status_ok) |
|
473 { |
|
474 EAP_GENERAL_HEADER_SET_ERROR_DETECTED(received_eap, false); |
|
475 } |
|
476 |
|
477 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
478 return EAP_STATUS_RETURN(m_am_tools, status); |
|
479 } |
|
480 |
|
481 //-------------------------------------------------- |
|
482 |
|
483 EAP_FUNC_EXPORT eap_status_e eap_type_securid_c::remove_username_store() |
|
484 { |
|
485 EAP_TRACE_BEGIN(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
486 |
|
487 EAP_TRACE_DEBUG( |
|
488 m_am_tools, |
|
489 TRACE_FLAGS_DEFAULT, |
|
490 (EAPL("eap_type_securid_c::remove_username_store: Start\n"))); |
|
491 |
|
492 eap_status_e status = eap_status_process_general_error; |
|
493 |
|
494 eap_variable_data_c key(m_am_tools); |
|
495 status = m_am_type_securid->get_memory_store_key(&key); |
|
496 if (status != eap_status_ok) |
|
497 { |
|
498 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
499 return EAP_STATUS_RETURN(m_am_tools, status); |
|
500 } |
|
501 |
|
502 eap_tlv_message_data_c tlv_data(m_am_tools); |
|
503 |
|
504 status = m_am_tools->memory_store_get_data( |
|
505 &key, |
|
506 &tlv_data); |
|
507 if (status != eap_status_ok) |
|
508 { |
|
509 EAP_TRACE_DEBUG( |
|
510 m_am_tools, |
|
511 TRACE_FLAGS_DEFAULT, |
|
512 (EAPL("EAP_type_SECURID: function: remove_username_store(): cannot get credentials, status=%d\n"), |
|
513 status)); |
|
514 } |
|
515 else |
|
516 { |
|
517 EAP_TRACE_DEBUG( |
|
518 m_am_tools, |
|
519 TRACE_FLAGS_DEFAULT, |
|
520 (EAPL("EAP_type_SECURID: function: remove_username_store(): credentials found\n"))); |
|
521 |
|
522 // Parse read data. |
|
523 eap_array_c<eap_tlv_header_c> tlv_blocks(m_am_tools); |
|
524 |
|
525 status = tlv_data.parse_message_data(&tlv_blocks); |
|
526 if (status != eap_status_ok) |
|
527 { |
|
528 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
529 return EAP_STATUS_RETURN(m_am_tools, status); |
|
530 } |
|
531 |
|
532 for (u32_t ind = 0ul; ind < tlv_blocks.get_object_count(); ind++) |
|
533 { |
|
534 eap_tlv_header_c * const tlv = tlv_blocks.get_object(ind); |
|
535 if (tlv != 0) |
|
536 { |
|
537 if (tlv->get_type() == eap_type_gtc_stored_identity) |
|
538 { |
|
539 status = m_identity.set_copy_of_buffer( |
|
540 tlv->get_value(tlv->get_value_length()), |
|
541 tlv->get_value_length()); |
|
542 if (status != eap_status_ok) |
|
543 { |
|
544 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
545 return EAP_STATUS_RETURN(m_am_tools, status); |
|
546 } |
|
547 } |
|
548 else |
|
549 { |
|
550 EAP_TRACE_DEBUG( |
|
551 m_am_tools, |
|
552 TRACE_FLAGS_DEFAULT, |
|
553 (EAPL("EAP_type_SECURID: function: unknown credential type %d, length %d\n"), |
|
554 tlv->get_type(), |
|
555 tlv->get_value_length())); |
|
556 } |
|
557 } |
|
558 } |
|
559 |
|
560 status = m_am_tools->memory_store_remove_data(&key); |
|
561 EAP_TRACE_DEBUG( |
|
562 m_am_tools, |
|
563 TRACE_FLAGS_DEFAULT, |
|
564 (EAPL("EAP_type_SECURID: function: remove_username_store(): credentials removed from eapol\n"))); |
|
565 |
|
566 m_is_reauthentication = true; |
|
567 m_identity_asked = true; |
|
568 |
|
569 } |
|
570 |
|
571 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
572 return EAP_STATUS_RETURN(m_am_tools, status); |
|
573 } |
|
574 |
|
575 //-------------------------------------------------- |
|
576 |
|
577 EAP_FUNC_EXPORT eap_status_e eap_type_securid_c::configure() |
|
578 { |
|
579 EAP_TRACE_BEGIN(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
580 |
|
581 EAP_TRACE_DEBUG( |
|
582 m_am_tools, |
|
583 TRACE_FLAGS_DEFAULT, |
|
584 (EAPL("eap_type_securid_c::configure(): this = 0x%08x\n"), |
|
585 this)); |
|
586 |
|
587 eap_status_e status = eap_status_process_general_error; |
|
588 |
|
589 status = m_am_type_securid->configure(); |
|
590 if (status != eap_status_ok) |
|
591 { |
|
592 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
593 return EAP_STATUS_RETURN(m_am_tools, status); |
|
594 } |
|
595 |
|
596 m_offset = get_type_partner()->get_header_offset(&m_mtu_length, &m_trailer_length); |
|
597 |
|
598 // Check if the case is reauthentication (client only) |
|
599 if (m_is_client) |
|
600 { |
|
601 remove_username_store(); |
|
602 } |
|
603 |
|
604 // read configures |
|
605 if (m_eap_type == eap_type_securid) |
|
606 { |
|
607 (void) m_am_type_securid->type_configure_read( |
|
608 cf_str_EAP_SECURID_identity.get_field(), |
|
609 &m_identity); |
|
610 // Status does not matter. |
|
611 |
|
612 if (m_is_client == false) |
|
613 { |
|
614 (void) m_am_type_securid->type_configure_read( |
|
615 cf_str_EAP_SECURID_passcode.get_field(), |
|
616 &m_pincode); |
|
617 } |
|
618 } |
|
619 else |
|
620 { |
|
621 (void) m_am_type_securid->type_configure_read( |
|
622 cf_str_EAP_GTC_identity.get_field(), |
|
623 &m_identity); |
|
624 // Status does not matter. |
|
625 |
|
626 if (m_is_client == false) |
|
627 { |
|
628 (void) m_am_type_securid->type_configure_read( |
|
629 cf_str_EAP_GTC_passcode.get_field(), |
|
630 &m_passcode); |
|
631 } |
|
632 } |
|
633 |
|
634 //---------------------------------------------------------- |
|
635 |
|
636 #if defined(USE_EAP_EXPANDED_TYPES) |
|
637 { |
|
638 eap_variable_data_c use_eap_expanded_type(m_am_tools); |
|
639 eap_status_e status(eap_status_process_general_error); |
|
640 |
|
641 if (m_eap_type == eap_type_securid) |
|
642 { |
|
643 status = m_am_type_securid->type_configure_read( |
|
644 cf_str_EAP_SECURID_use_eap_expanded_type.get_field(), |
|
645 &use_eap_expanded_type); |
|
646 } |
|
647 else |
|
648 { |
|
649 status = m_am_type_securid->type_configure_read( |
|
650 cf_str_EAP_GTC_use_eap_expanded_type.get_field(), |
|
651 &use_eap_expanded_type); |
|
652 } |
|
653 |
|
654 if (status != eap_status_ok) |
|
655 { |
|
656 status = m_am_type_securid->type_configure_read( |
|
657 cf_str_EAP_CORE_use_eap_expanded_type.get_field(), |
|
658 &use_eap_expanded_type); |
|
659 } |
|
660 |
|
661 if (status == eap_status_ok |
|
662 && use_eap_expanded_type.get_data_length() == sizeof(u32_t) |
|
663 && use_eap_expanded_type.get_data() != 0) |
|
664 { |
|
665 u32_t *flag = reinterpret_cast<u32_t *>(use_eap_expanded_type.get_data(use_eap_expanded_type.get_data_length())); |
|
666 |
|
667 if (flag != 0) |
|
668 { |
|
669 if ((*flag) != 0ul) |
|
670 { |
|
671 m_use_eap_expanded_type = true; |
|
672 } |
|
673 else |
|
674 { |
|
675 m_use_eap_expanded_type = false; |
|
676 } |
|
677 } |
|
678 } |
|
679 } |
|
680 #endif //#if defined(USE_EAP_EXPANDED_TYPES) |
|
681 |
|
682 |
|
683 //---------------------------------------------------------- |
|
684 |
|
685 #if defined(USE_FAST_EAP_TYPE) |
|
686 |
|
687 { |
|
688 eap_variable_data_c use_EAP_FAST_response(m_am_tools); |
|
689 |
|
690 status = m_am_type_securid->type_configure_read( |
|
691 cf_str_EAP_GTC_use_EAP_FAST_response.get_field(), |
|
692 &use_EAP_FAST_response); |
|
693 if (status == eap_status_ok) |
|
694 { |
|
695 const u32_t * const flag = reinterpret_cast<u32_t *>( |
|
696 use_EAP_FAST_response.get_data(sizeof(u32_t))); |
|
697 if (flag != 0 && *flag != 0) |
|
698 { |
|
699 m_use_EAP_FAST_response = true; |
|
700 } |
|
701 else |
|
702 { |
|
703 m_use_EAP_FAST_response = false; |
|
704 } |
|
705 } |
|
706 } |
|
707 |
|
708 #endif //#if defined(USE_FAST_EAP_TYPE) |
|
709 |
|
710 //---------------------------------------------------------- |
|
711 |
|
712 #if defined(USE_EAP_CONFIGURATION_TO_SKIP_USER_INTERACTIONS) |
|
713 { |
|
714 eap_variable_data_c skip_user_interactions(m_am_tools); |
|
715 |
|
716 status = m_am_type_securid->type_configure_read( |
|
717 cf_str_EAP_skip_user_interactions_for_testing_purposes.get_field(), |
|
718 &skip_user_interactions); |
|
719 if (status == eap_status_ok |
|
720 && skip_user_interactions.get_is_valid_data() == true) |
|
721 { |
|
722 u32_t *skip_user_interactions_flag = reinterpret_cast<u32_t *>( |
|
723 skip_user_interactions.get_data(sizeof(u32_t))); |
|
724 if (skip_user_interactions_flag != 0) |
|
725 { |
|
726 if (*skip_user_interactions_flag != 0) |
|
727 { |
|
728 m_skip_user_interactions = true; |
|
729 } |
|
730 else |
|
731 { |
|
732 m_skip_user_interactions = false; |
|
733 } |
|
734 } |
|
735 } |
|
736 } |
|
737 |
|
738 if (m_skip_user_interactions == true) |
|
739 { |
|
740 (void) m_am_type_securid->type_configure_read( |
|
741 cf_str_EAP_GTC_passcode.get_field(), |
|
742 &m_passcode); |
|
743 } |
|
744 #endif //#if defined(USE_EAP_CONFIGURATION_TO_SKIP_USER_INTERACTIONS) |
|
745 |
|
746 //---------------------------------------------------------- |
|
747 |
|
748 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
749 return EAP_STATUS_RETURN(m_am_tools, eap_status_ok); |
|
750 } |
|
751 |
|
752 //-------------------------------------------------- |
|
753 |
|
754 // This function is to allow reuse of this object. |
|
755 // The whole object state must be reset. |
|
756 EAP_FUNC_EXPORT eap_status_e eap_type_securid_c::reset() |
|
757 { |
|
758 EAP_TRACE_BEGIN(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
759 |
|
760 EAP_TRACE_DEBUG( |
|
761 m_am_tools, |
|
762 TRACE_FLAGS_DEFAULT, |
|
763 (EAPL("eap_type_securid_c::reset(): m_is_client=%d, m_eap_type=%d\n"), |
|
764 m_is_client, |
|
765 convert_eap_type_to_u32_t(m_eap_type))); |
|
766 |
|
767 if (m_is_client) |
|
768 { |
|
769 remove_username_store(); |
|
770 } |
|
771 |
|
772 // read configures |
|
773 if (m_eap_type == eap_type_securid) |
|
774 { |
|
775 m_am_type_securid->type_configure_read( |
|
776 cf_str_EAP_SECURID_identity.get_field(), |
|
777 &m_identity); |
|
778 // Status does not matter. |
|
779 } |
|
780 else |
|
781 { |
|
782 m_am_type_securid->type_configure_read( |
|
783 cf_str_EAP_GTC_identity.get_field(), |
|
784 &m_identity); |
|
785 // Status does not matter. |
|
786 } |
|
787 |
|
788 m_state.set_state(eap_type_securid_state_none); |
|
789 m_identity_asked = false; |
|
790 m_is_pending = false; |
|
791 |
|
792 eap_status_e status = m_am_type_securid->reset(); |
|
793 if (status != eap_status_ok) |
|
794 { |
|
795 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
796 return EAP_STATUS_RETURN(m_am_tools, status); |
|
797 } |
|
798 |
|
799 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
800 return EAP_STATUS_RETURN(m_am_tools, eap_status_ok); |
|
801 } |
|
802 |
|
803 //-------------------------------------------------- |
|
804 |
|
805 |
|
806 // End. |