aboutsummaryrefslogtreecommitdiffstats
path: root/src/eapol_supp
diff options
context:
space:
mode:
authorJouni Malinen <j@w1.fi>2014-11-29 21:14:40 (GMT)
committerJouni Malinen <j@w1.fi>2014-12-04 10:16:29 (GMT)
commit02a8d45ace2933dd7ecc7509206d170ac6c44357 (patch)
tree0475b8bd1903cdab2e06f1e373325a737f23adb7 /src/eapol_supp
parentd3bddd8b84dc345f7aa0c20536f45a68e0a5ba85 (diff)
downloadhostap-02a8d45ace2933dd7ecc7509206d170ac6c44357.zip
hostap-02a8d45ace2933dd7ecc7509206d170ac6c44357.tar.gz
hostap-02a8d45ace2933dd7ecc7509206d170ac6c44357.tar.bz2
ERP: Add support for ERP on EAP peer
Derive rRK and rIK on EAP peer if ERP is enabled. The new wpa_supplicant network configuration parameter erp=1 can now be used to configure the EAP peer to derive EMSK, rRK, and rIK at the successful completion of an EAP authentication method. This functionality is not included in the default build and can be enabled with CONFIG_ERP=y. If EAP authenticator indicates support for re-authentication protocol, initiate this with EAP-Initiate/Re-auth and complete protocol when receiving EAP-Finish/Re-auth. Signed-off-by: Jouni Malinen <j@w1.fi>
Diffstat (limited to 'src/eapol_supp')
-rw-r--r--src/eapol_supp/eapol_supp_sm.c14
1 files changed, 14 insertions, 0 deletions
diff --git a/src/eapol_supp/eapol_supp_sm.c b/src/eapol_supp/eapol_supp_sm.c
index 5cc0508..d375114 100644
--- a/src/eapol_supp/eapol_supp_sm.c
+++ b/src/eapol_supp/eapol_supp_sm.c
@@ -128,6 +128,7 @@ struct eapol_sm {
struct wpabuf *eapReqData; /* for EAP */
Boolean altAccept; /* for EAP */
Boolean altReject; /* for EAP */
+ Boolean eapTriggerStart;
Boolean replay_counter_valid;
u8 last_replay_counter[16];
struct eapol_config conf;
@@ -222,6 +223,7 @@ SM_STATE(SUPP_PAE, DISCONNECTED)
SM_ENTRY(SUPP_PAE, DISCONNECTED);
sm->sPortMode = Auto;
sm->startCount = 0;
+ sm->eapTriggerStart = FALSE;
sm->logoffSent = FALSE;
eapol_sm_set_port_unauthorized(sm);
sm->suppAbort = TRUE;
@@ -244,6 +246,11 @@ SM_STATE(SUPP_PAE, CONNECTING)
{
int send_start = sm->SUPP_PAE_state == SUPP_PAE_CONNECTING;
SM_ENTRY(SUPP_PAE, CONNECTING);
+
+ if (sm->eapTriggerStart)
+ send_start = 1;
+ sm->eapTriggerStart = FALSE;
+
if (send_start) {
sm->startWhen = sm->startPeriod;
sm->startCount++;
@@ -386,6 +393,8 @@ SM_STEP(SUPP_PAE)
SM_ENTER(SUPP_PAE, HELD);
else if (sm->suppTimeout)
SM_ENTER(SUPP_PAE, CONNECTING);
+ else if (sm->eapTriggerStart)
+ SM_ENTER(SUPP_PAE, CONNECTING);
break;
case SUPP_PAE_HELD:
if (sm->heldWhile == 0)
@@ -1822,6 +1831,8 @@ static Boolean eapol_sm_get_bool(void *ctx, enum eapol_bool_var variable)
return sm->altAccept;
case EAPOL_altReject:
return sm->altReject;
+ case EAPOL_eapTriggerStart:
+ return sm->eapTriggerStart;
}
return FALSE;
}
@@ -1861,6 +1872,9 @@ static void eapol_sm_set_bool(void *ctx, enum eapol_bool_var variable,
case EAPOL_altReject:
sm->altReject = value;
break;
+ case EAPOL_eapTriggerStart:
+ sm->eapTriggerStart = value;
+ break;
}
}