aboutsummaryrefslogtreecommitdiffstats
path: root/src/eapol_supp
diff options
context:
space:
mode:
authorJouni Malinen <j@w1.fi>2014-01-08 08:24:05 (GMT)
committerJouni Malinen <j@w1.fi>2014-01-08 14:42:15 (GMT)
commitc60ba9f7abfcd294c7403f54dd53641eafc7d15a (patch)
treec33242730292cf5d4ff096e65cdd6f0f64cbf270 /src/eapol_supp
parent7185e16a91b600f4d9976118af6844e8cf8526f5 (diff)
downloadhostap-c60ba9f7abfcd294c7403f54dd53641eafc7d15a.zip
hostap-c60ba9f7abfcd294c7403f54dd53641eafc7d15a.tar.gz
hostap-c60ba9f7abfcd294c7403f54dd53641eafc7d15a.tar.bz2
Skip network disabling on expected EAP failure
Some EAP methods can go through a step that is expected to fail and as such, should not trigger temporary network disabling when processing EAP-Failure or deauthentication. EAP-WSC for WPS was already handled as a special case, but similar behavior is needed for EAP-FAST with unauthenticated provisioning. Signed-hostap: Jouni Malinen <j@w1.fi>
Diffstat (limited to 'src/eapol_supp')
-rw-r--r--src/eapol_supp/eapol_supp_sm.c10
-rw-r--r--src/eapol_supp/eapol_supp_sm.h11
2 files changed, 17 insertions, 4 deletions
diff --git a/src/eapol_supp/eapol_supp_sm.c b/src/eapol_supp/eapol_supp_sm.c
index 05b9851..cbcde7e 100644
--- a/src/eapol_supp/eapol_supp_sm.c
+++ b/src/eapol_supp/eapol_supp_sm.c
@@ -940,9 +940,15 @@ void eapol_sm_step(struct eapol_sm *sm)
}
if (sm->ctx->cb && sm->cb_status != EAPOL_CB_IN_PROGRESS) {
- int success = sm->cb_status == EAPOL_CB_SUCCESS ? 1 : 0;
+ enum eapol_supp_result result;
+ if (sm->cb_status == EAPOL_CB_SUCCESS)
+ result = EAPOL_SUPP_RESULT_SUCCESS;
+ else if (eap_peer_was_failure_expected(sm->eap))
+ result = EAPOL_SUPP_RESULT_EXPECTED_FAILURE;
+ else
+ result = EAPOL_SUPP_RESULT_FAILURE;
sm->cb_status = EAPOL_CB_IN_PROGRESS;
- sm->ctx->cb(sm, success, sm->ctx->cb_ctx);
+ sm->ctx->cb(sm, result, sm->ctx->cb_ctx);
}
}
diff --git a/src/eapol_supp/eapol_supp_sm.h b/src/eapol_supp/eapol_supp_sm.h
index 54e8a27..934eda0 100644
--- a/src/eapol_supp/eapol_supp_sm.h
+++ b/src/eapol_supp/eapol_supp_sm.h
@@ -63,6 +63,12 @@ struct eapol_config {
struct eapol_sm;
struct wpa_config_blob;
+enum eapol_supp_result {
+ EAPOL_SUPP_RESULT_FAILURE,
+ EAPOL_SUPP_RESULT_SUCCESS,
+ EAPOL_SUPP_RESULT_EXPECTED_FAILURE
+};
+
/**
* struct eapol_ctx - Global (for all networks) EAPOL state machine context
*/
@@ -83,7 +89,7 @@ struct eapol_ctx {
/**
* cb - Function to be called when EAPOL negotiation has been completed
* @eapol: Pointer to EAPOL state machine data
- * @success: Whether the authentication was completed successfully
+ * @result: Whether the authentication was completed successfully
* @ctx: Pointer to context data (cb_ctx)
*
* This optional callback function will be called when the EAPOL
@@ -91,7 +97,8 @@ struct eapol_ctx {
* EAPOL state machine to process the key and terminate the EAPOL state
* machine. Currently, this is used only in RSN pre-authentication.
*/
- void (*cb)(struct eapol_sm *eapol, int success, void *ctx);
+ void (*cb)(struct eapol_sm *eapol, enum eapol_supp_result result,
+ void *ctx);
/**
* cb_ctx - Callback context for cb()