aboutsummaryrefslogtreecommitdiffstats
path: root/src/eap_server/eap_server_ikev2.c
Commit message (Collapse)AuthorAgeFilesLines
* EAP server: Use struct eap_config to avoid duplicated definitionsJouni Malinen2019-08-181-5/+5
| | | | | | | | | Use struct eap_config as-is within struct eap_sm and EAPOL authenticator to avoid having to duplicate all the configuration variables at each interface. Split the couple of session specific variables into a separate struct to allow a single const struct eap_config to be used. Signed-off-by: Jouni Malinen <j@w1.fi>
* Silence new gcc warnings on switch statement fallthroughsJouni Malinen2018-05-151-1/+1
| | | | | | | Reword the comments to make gcc 8.1 recognize these as designed cases and not trigger implicit-fallthrough warnings. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* Use os_memdup()Johannes Berg2017-03-071-2/+1
| | | | | | | | | | | | | | | | | | | | | | This leads to cleaner code overall, and also reduces the size of the hostapd and wpa_supplicant binaries (in hwsim test build on x86_64) by about 2.5 and 3.5KiB respectively. The mechanical conversions all over the code were done with the following spatch: @@ expression SIZE, SRC; expression a; @@ -a = os_malloc(SIZE); +a = os_memdup(SRC, SIZE); <... if (!a) {...} ...> -os_memcpy(a, SRC, SIZE); Signed-off-by: Johannes Berg <johannes.berg@intel.com>
* EAP server: Simplify EAP method registration callJouni Malinen2016-01-131-5/+1
| | | | | | | | | Free the allocated structure in error cases to remove need for each EAP method to handle the error cases separately. Each registration function can simply do "return eap_server_method_register(eap);" in the end of the function. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* EAP-IKEv2: Add explicit limit for maximum message lengthJouni Malinen2014-12-201-0/+6
| | | | | | This avoids accepting unnecessarily large memory allocations. Signed-off-by: Jouni Malinen <j@w1.fi>
* EAP server: Add getSessionIdJouni Malinen2014-11-301-0/+31
| | | | | | | This extends EAP server implementation to derive Session-Id similarly to the existing EAP peer implementation. Signed-off-by: Jouni Malinen <j@w1.fi>
* EAP server: Clear keying material on deinitJouni Malinen2014-07-021-1/+1
| | | | | | | | | Reduce the amount of time keying material (MSK, EMSK, temporary private data) remains in memory in EAP methods. This provides additional protection should there be any issues that could expose process memory to external observers. Signed-off-by: Jouni Malinen <j@w1.fi>
* EAP-IKEv2: Allow frag ack without integrity checksumJouni Malinen2014-05-111-3/+6
| | | | | | | | | | RFC 5106 is not exactly clear on the requirements for the "no data" packet that is used to acknowledge a fragmented message. Allow it to be processed without the integrity checksum data field since it is possible to interpret the RFC as this not being included. This fixes reassembly of fragmented frames after keys have been derived. Signed-off-by: Jouni Malinen <j@w1.fi>
* EAP-IKEv2 server: Use configured server identityJouni Malinen2013-07-071-2/+5
| | | | Signed-hostap: Jouni Malinen <j@w1.fi>
* Remove the GPL notification from files contributed by Jouni MalinenJouni Malinen2012-02-111-8/+2
| | | | | | | Remove the GPL notification text from the files that were initially contributed by myself. Signed-hostap: Jouni Malinen <j@w1.fi>
* EAP server: Add support for configuring fragment sizeJouni Malinen2010-07-211-1/+2
|
* Rename EAP server source files to avoid duplicate namesJouni Malinen2010-02-191-0/+538
This makes it easier to build both EAP peer and server functionality into the same project with some toolchains.