aboutsummaryrefslogtreecommitdiffstats
path: root/src/eapol_supp/eapol_supp_sm.c
diff options
context:
space:
mode:
authorJouni Malinen <jouni.malinen@atheros.com>2009-04-22 13:01:37 (GMT)
committerJouni Malinen <j@w1.fi>2009-04-22 13:01:37 (GMT)
commit4bc181ecc7e918759a032c4c37ac4e7f6f47e147 (patch)
tree46996dc7b99b5e390d18aefc519a0c4bf99e94b3 /src/eapol_supp/eapol_supp_sm.c
parentf55802e8bfe8725efa238f1393a8d234f4e51d03 (diff)
downloadhostap-4bc181ecc7e918759a032c4c37ac4e7f6f47e147.zip
hostap-4bc181ecc7e918759a032c4c37ac4e7f6f47e147.tar.gz
hostap-4bc181ecc7e918759a032c4c37ac4e7f6f47e147.tar.bz2
Add new wpa_supplicant driver op for setting 802.1X port status
This can be used with drivers that implement PAE to control whether normal data frames (non-EAPOL) are allowed.
Diffstat (limited to 'src/eapol_supp/eapol_supp_sm.c')
-rw-r--r--src/eapol_supp/eapol_supp_sm.c24
1 files changed, 24 insertions, 0 deletions
diff --git a/src/eapol_supp/eapol_supp_sm.c b/src/eapol_supp/eapol_supp_sm.c
index 537f06d..e4c0700 100644
--- a/src/eapol_supp/eapol_supp_sm.c
+++ b/src/eapol_supp/eapol_supp_sm.c
@@ -193,6 +193,8 @@ static void eapol_sm_txSuppRsp(struct eapol_sm *sm);
static void eapol_sm_abortSupp(struct eapol_sm *sm);
static void eapol_sm_abort_cached(struct eapol_sm *sm);
static void eapol_sm_step_timeout(void *eloop_ctx, void *timeout_ctx);
+static void eapol_sm_set_port_authorized(struct eapol_sm *sm);
+static void eapol_sm_set_port_unauthorized(struct eapol_sm *sm);
/* Port Timers state machine - implemented as a function that will be called
@@ -250,6 +252,7 @@ SM_STATE(SUPP_PAE, LOGOFF)
eapol_sm_txLogoff(sm);
sm->logoffSent = TRUE;
sm->suppPortStatus = Unauthorized;
+ eapol_sm_set_port_unauthorized(sm);
}
@@ -260,6 +263,7 @@ SM_STATE(SUPP_PAE, DISCONNECTED)
sm->startCount = 0;
sm->logoffSent = FALSE;
sm->suppPortStatus = Unauthorized;
+ eapol_sm_set_port_unauthorized(sm);
sm->suppAbort = TRUE;
sm->unicast_key_received = FALSE;
@@ -315,6 +319,7 @@ SM_STATE(SUPP_PAE, HELD)
sm->heldWhile = sm->heldPeriod;
eapol_enable_timer_tick(sm);
sm->suppPortStatus = Unauthorized;
+ eapol_sm_set_port_unauthorized(sm);
sm->cb_status = EAPOL_CB_FAILURE;
}
@@ -323,6 +328,7 @@ SM_STATE(SUPP_PAE, AUTHENTICATED)
{
SM_ENTRY(SUPP_PAE, AUTHENTICATED);
sm->suppPortStatus = Authorized;
+ eapol_sm_set_port_authorized(sm);
sm->cb_status = EAPOL_CB_SUCCESS;
}
@@ -338,6 +344,7 @@ SM_STATE(SUPP_PAE, S_FORCE_AUTH)
{
SM_ENTRY(SUPP_PAE, S_FORCE_AUTH);
sm->suppPortStatus = Authorized;
+ eapol_sm_set_port_authorized(sm);
sm->sPortMode = ForceAuthorized;
}
@@ -346,6 +353,7 @@ SM_STATE(SUPP_PAE, S_FORCE_UNAUTH)
{
SM_ENTRY(SUPP_PAE, S_FORCE_UNAUTH);
sm->suppPortStatus = Unauthorized;
+ eapol_sm_set_port_unauthorized(sm);
sm->sPortMode = ForceUnauthorized;
eapol_sm_txLogoff(sm);
}
@@ -862,6 +870,20 @@ static void eapol_sm_step_timeout(void *eloop_ctx, void *timeout_ctx)
}
+static void eapol_sm_set_port_authorized(struct eapol_sm *sm)
+{
+ if (sm->ctx->port_cb)
+ sm->ctx->port_cb(sm->ctx->ctx, 1);
+}
+
+
+static void eapol_sm_set_port_unauthorized(struct eapol_sm *sm)
+{
+ if (sm->ctx->port_cb)
+ sm->ctx->port_cb(sm->ctx->ctx, 0);
+}
+
+
/**
* eapol_sm_step - EAPOL state machine step function
* @sm: Pointer to EAPOL state machine allocated with eapol_sm_init()
@@ -1456,6 +1478,7 @@ void eapol_sm_notify_cached(struct eapol_sm *sm)
wpa_printf(MSG_DEBUG, "EAPOL: PMKSA caching was used - skip EAPOL");
sm->SUPP_PAE_state = SUPP_PAE_AUTHENTICATED;
sm->suppPortStatus = Authorized;
+ eapol_sm_set_port_authorized(sm);
sm->portValid = TRUE;
eap_notify_success(sm->eap);
eapol_sm_step(sm);
@@ -1492,6 +1515,7 @@ static void eapol_sm_abort_cached(struct eapol_sm *sm)
sm->cached_pmk = FALSE;
sm->SUPP_PAE_state = SUPP_PAE_CONNECTING;
sm->suppPortStatus = Unauthorized;
+ eapol_sm_set_port_unauthorized(sm);
/* Make sure we do not start sending EAPOL-Start frames first, but
* instead move to RESTART state to start EAPOL authentication. */