1 /*
2 * hostapd - PMKSA cache for IEEE 802.11i RSN
3 * Copyright (c) 2004-2008, 2012-2015, Jouni Malinen <j@w1.fi>
4 *
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
7 */
8
9 #include "utils/includes.h"
10
11 #include "utils/common.h"
12 #include "utils/eloop.h"
13 #include "eapol_auth/eapol_auth_sm.h"
14 #include "eapol_auth/eapol_auth_sm_i.h"
15 #ifndef EXT_CODE_CROP
16 #include "radius/radius_das.h"
17 #endif /* EXT_CODE_CROP */
18 #include "sta_info.h"
19 #include "ap_config.h"
20 #include "pmksa_cache_auth.h"
21
22 #ifndef EXT_CODE_CROP
23 static const int pmksa_cache_max_entries = 1024;
24 #else
25 /* The value of WPA should be greater than the driver's default value of 32,
26 and the default value of WPA is set to 36 */
27 static const int pmksa_cache_max_entries = 36;
28 #endif
29 static const int dot11RSNAConfigPMKLifetime = 43200;
30
31 struct rsn_pmksa_cache {
32 #define PMKID_HASH_SIZE 128
33 #define PMKID_HASH(pmkid) (unsigned int) ((pmkid)[0] & 0x7f)
34 struct rsn_pmksa_cache_entry *pmkid[PMKID_HASH_SIZE];
35 struct rsn_pmksa_cache_entry *pmksa;
36 int pmksa_count;
37
38 void (*free_cb)(struct rsn_pmksa_cache_entry *entry, void *ctx);
39 void *ctx;
40 };
41
42
43 static void pmksa_cache_set_expiration(struct rsn_pmksa_cache *pmksa);
44
45
_pmksa_cache_free_entry(struct rsn_pmksa_cache_entry * entry)46 static void _pmksa_cache_free_entry(struct rsn_pmksa_cache_entry *entry)
47 {
48 #ifndef LOS_CONFIG_NO_VLAN
49 os_free(entry->vlan_desc);
50 #endif
51 os_free(entry->identity);
52 wpabuf_free(entry->cui);
53 #ifndef CONFIG_NO_RADIUS
54 radius_free_class(&entry->radius_class);
55 #endif /* CONFIG_NO_RADIUS */
56 bin_clear_free(entry, sizeof(*entry));
57 }
58
59
pmksa_cache_free_entry(struct rsn_pmksa_cache * pmksa,struct rsn_pmksa_cache_entry * entry)60 void pmksa_cache_free_entry(struct rsn_pmksa_cache *pmksa,
61 struct rsn_pmksa_cache_entry *entry)
62 {
63 struct rsn_pmksa_cache_entry *pos, *prev;
64 unsigned int hash;
65
66 pmksa->pmksa_count--;
67 pmksa->free_cb(entry, pmksa->ctx);
68
69 /* unlink from hash list */
70 hash = PMKID_HASH(entry->pmkid);
71 pos = pmksa->pmkid[hash];
72 prev = NULL;
73 while (pos) {
74 if (pos == entry) {
75 if (prev != NULL)
76 prev->hnext = entry->hnext;
77 else
78 pmksa->pmkid[hash] = entry->hnext;
79 break;
80 }
81 prev = pos;
82 pos = pos->hnext;
83 }
84
85 /* unlink from entry list */
86 pos = pmksa->pmksa;
87 prev = NULL;
88 while (pos) {
89 if (pos == entry) {
90 if (prev != NULL)
91 prev->next = entry->next;
92 else
93 pmksa->pmksa = entry->next;
94 break;
95 }
96 prev = pos;
97 pos = pos->next;
98 }
99
100 _pmksa_cache_free_entry(entry);
101 }
102
103
104 /**
105 * pmksa_cache_auth_flush - Flush all PMKSA cache entries
106 * @pmksa: Pointer to PMKSA cache data from pmksa_cache_auth_init()
107 */
pmksa_cache_auth_flush(struct rsn_pmksa_cache * pmksa)108 void pmksa_cache_auth_flush(struct rsn_pmksa_cache *pmksa)
109 {
110 while (pmksa->pmksa) {
111 wpa_warning_log4(MSG_DEBUG, "RSN: Flush PMKSA cache entry for "
112 "%02x:xx:xx:%02x:%02x:%02x",
113 (pmksa->pmksa->spa)[0], (pmksa->pmksa->spa)[3], (pmksa->pmksa->spa)[4], (pmksa->pmksa->spa)[5]);
114 pmksa_cache_free_entry(pmksa, pmksa->pmksa);
115 }
116 }
117
118
pmksa_cache_expire(void * eloop_ctx,void * timeout_ctx)119 static void pmksa_cache_expire(void *eloop_ctx, void *timeout_ctx)
120 {
121 struct rsn_pmksa_cache *pmksa = eloop_ctx;
122 struct os_reltime now;
123
124 (void)timeout_ctx;
125 os_get_reltime(&now);
126 while (pmksa->pmksa && pmksa->pmksa->expiration <= now.sec) {
127 wpa_warning_log4(MSG_DEBUG, "RSN: expired PMKSA cache entry for "
128 "%02x:xx:xx:%02x:%02x:%02x",
129 (pmksa->pmksa->spa)[0], (pmksa->pmksa->spa)[3], (pmksa->pmksa->spa)[4], (pmksa->pmksa->spa)[5]);
130 pmksa_cache_free_entry(pmksa, pmksa->pmksa);
131 }
132
133 pmksa_cache_set_expiration(pmksa);
134 }
135
136
pmksa_cache_set_expiration(struct rsn_pmksa_cache * pmksa)137 static void pmksa_cache_set_expiration(struct rsn_pmksa_cache *pmksa)
138 {
139 int sec;
140 struct os_reltime now;
141
142 eloop_cancel_timeout(pmksa_cache_expire, pmksa, NULL);
143 if (pmksa->pmksa == NULL)
144 return;
145 os_get_reltime(&now);
146 sec = pmksa->pmksa->expiration - now.sec;
147 if (sec < 0)
148 sec = 0;
149 eloop_register_timeout(sec + 1, 0, pmksa_cache_expire, pmksa, NULL);
150 }
151
152
pmksa_cache_from_eapol_data(struct rsn_pmksa_cache_entry * entry,struct eapol_state_machine * eapol)153 static void pmksa_cache_from_eapol_data(struct rsn_pmksa_cache_entry *entry,
154 struct eapol_state_machine *eapol)
155 {
156 #ifndef LOS_CONFIG_NO_VLAN
157 struct vlan_description *vlan_desc;
158 #endif
159 if (eapol == NULL)
160 return;
161
162 if (eapol->identity) {
163 entry->identity = os_malloc(eapol->identity_len);
164 if (entry->identity) {
165 entry->identity_len = eapol->identity_len;
166 os_memcpy(entry->identity, eapol->identity,
167 eapol->identity_len);
168 }
169 }
170 #ifndef EXT_CODE_CROP
171 if (eapol->radius_cui)
172 entry->cui = wpabuf_dup(eapol->radius_cui);
173
174 #ifndef CONFIG_NO_RADIUS
175 radius_copy_class(&entry->radius_class, &eapol->radius_class);
176 #endif /* CONFIG_NO_RADIUS */
177 #endif /* EXT_CODE_CROP */
178 entry->eap_type_authsrv = eapol->eap_type_authsrv;
179 #ifndef LOS_CONFIG_NO_VLAN
180 vlan_desc = ((struct sta_info *) eapol->sta)->vlan_desc;
181 if (vlan_desc && vlan_desc->notempty) {
182 entry->vlan_desc = os_zalloc(sizeof(struct vlan_description));
183 if (entry->vlan_desc)
184 *entry->vlan_desc = *vlan_desc;
185 } else {
186 entry->vlan_desc = NULL;
187 }
188
189 entry->acct_multi_session_id = eapol->acct_multi_session_id;
190 #endif /* EXT_CODE_CROP */
191 }
192
193
pmksa_cache_to_eapol_data(struct hostapd_data * hapd,struct rsn_pmksa_cache_entry * entry,struct eapol_state_machine * eapol)194 void pmksa_cache_to_eapol_data(struct hostapd_data *hapd,
195 struct rsn_pmksa_cache_entry *entry,
196 struct eapol_state_machine *eapol)
197 {
198 if (entry == NULL || eapol == NULL)
199 return;
200
201 if (entry->identity) {
202 os_free(eapol->identity);
203 eapol->identity = os_malloc(entry->identity_len);
204 if (eapol->identity) {
205 eapol->identity_len = entry->identity_len;
206 os_memcpy(eapol->identity, entry->identity,
207 entry->identity_len);
208 }
209 wpa_hexdump_ascii(MSG_DEBUG, "STA identity from PMKSA",
210 eapol->identity, eapol->identity_len);
211 }
212 #ifndef EXT_CODE_CROP
213 if (entry->cui) {
214 wpabuf_free(eapol->radius_cui);
215 eapol->radius_cui = wpabuf_dup(entry->cui);
216 }
217 #endif /* EXT_CODE_CROP */
218 #ifndef CONFIG_NO_RADIUS
219 radius_free_class(&eapol->radius_class);
220 radius_copy_class(&eapol->radius_class, &entry->radius_class);
221 #endif /* CONFIG_NO_RADIUS */
222 #ifndef EXT_CODE_CROP
223 if (eapol->radius_class.attr) {
224 wpa_printf(MSG_DEBUG, "Copied %lu Class attribute(s) from "
225 "PMKSA", (unsigned long) eapol->radius_class.count);
226 }
227 #endif /* EXT_CODE_CROP */
228 eapol->eap_type_authsrv = entry->eap_type_authsrv;
229 #ifndef CONFIG_NO_VLAN
230 ap_sta_set_vlan(hapd, eapol->sta, entry->vlan_desc);
231 #else
232 (void)hapd;
233 #endif /* CONFIG_NO_VLAN */
234
235 #ifndef EXT_CODE_CROP
236 eapol->acct_multi_session_id = entry->acct_multi_session_id;
237 #endif /* EXT_CODE_CROP */
238 }
239
240
pmksa_cache_link_entry(struct rsn_pmksa_cache * pmksa,struct rsn_pmksa_cache_entry * entry)241 static void pmksa_cache_link_entry(struct rsn_pmksa_cache *pmksa,
242 struct rsn_pmksa_cache_entry *entry)
243 {
244 struct rsn_pmksa_cache_entry *pos, *prev;
245 int hash;
246
247 /* Add the new entry; order by expiration time */
248 pos = pmksa->pmksa;
249 prev = NULL;
250 while (pos) {
251 if (pos->expiration > entry->expiration)
252 break;
253 prev = pos;
254 pos = pos->next;
255 }
256 if (prev == NULL) {
257 entry->next = pmksa->pmksa;
258 pmksa->pmksa = entry;
259 } else {
260 entry->next = prev->next;
261 prev->next = entry;
262 }
263
264 hash = PMKID_HASH(entry->pmkid);
265 entry->hnext = pmksa->pmkid[hash];
266 pmksa->pmkid[hash] = entry;
267
268 pmksa->pmksa_count++;
269 if (prev == NULL)
270 pmksa_cache_set_expiration(pmksa);
271 wpa_warning_log4(MSG_DEBUG, "RSN: added PMKSA cache entry for " "%02x:xx:xx:%02x:%02x:%02x",
272 (entry->spa)[0], (entry->spa)[3], (entry->spa)[4], (entry->spa)[5]);
273 wpa_hexdump(MSG_DEBUG, "RSN: added PMKID", entry->pmkid, PMKID_LEN);
274 }
275
276
277 /**
278 * pmksa_cache_auth_add - Add a PMKSA cache entry
279 * @pmksa: Pointer to PMKSA cache data from pmksa_cache_auth_init()
280 * @pmk: The new pairwise master key
281 * @pmk_len: PMK length in bytes, usually PMK_LEN (32)
282 * @pmkid: Calculated PMKID
283 * @kck: Key confirmation key or %NULL if not yet derived
284 * @kck_len: KCK length in bytes
285 * @aa: Authenticator address
286 * @spa: Supplicant address
287 * @session_timeout: Session timeout
288 * @eapol: Pointer to EAPOL state machine data
289 * @akmp: WPA_KEY_MGMT_* used in key derivation
290 * Returns: Pointer to the added PMKSA cache entry or %NULL on error
291 *
292 * This function create a PMKSA entry for a new PMK and adds it to the PMKSA
293 * cache. If an old entry is already in the cache for the same Supplicant,
294 * this entry will be replaced with the new entry. PMKID will be calculated
295 * based on the PMK.
296 */
297 struct rsn_pmksa_cache_entry *
pmksa_cache_auth_add(struct rsn_pmksa_cache * pmksa,const u8 * pmk,size_t pmk_len,const u8 * pmkid,const u8 * kck,size_t kck_len,const u8 * aa,const u8 * spa,int session_timeout,struct eapol_state_machine * eapol,int akmp)298 pmksa_cache_auth_add(struct rsn_pmksa_cache *pmksa,
299 const u8 *pmk, size_t pmk_len, const u8 *pmkid,
300 const u8 *kck, size_t kck_len,
301 const u8 *aa, const u8 *spa, int session_timeout,
302 struct eapol_state_machine *eapol, int akmp)
303 {
304 struct rsn_pmksa_cache_entry *entry;
305
306 entry = pmksa_cache_auth_create_entry(pmk, pmk_len, pmkid, kck, kck_len,
307 aa, spa, session_timeout, eapol,
308 akmp);
309
310 if (pmksa_cache_auth_add_entry(pmksa, entry) < 0)
311 return NULL;
312
313 return entry;
314 }
315
316
317 /**
318 * pmksa_cache_auth_create_entry - Create a PMKSA cache entry
319 * @pmk: The new pairwise master key
320 * @pmk_len: PMK length in bytes, usually PMK_LEN (32)
321 * @pmkid: Calculated PMKID
322 * @kck: Key confirmation key or %NULL if not yet derived
323 * @kck_len: KCK length in bytes
324 * @aa: Authenticator address
325 * @spa: Supplicant address
326 * @session_timeout: Session timeout
327 * @eapol: Pointer to EAPOL state machine data
328 * @akmp: WPA_KEY_MGMT_* used in key derivation
329 * Returns: Pointer to the added PMKSA cache entry or %NULL on error
330 *
331 * This function creates a PMKSA entry.
332 */
333 struct rsn_pmksa_cache_entry *
pmksa_cache_auth_create_entry(const u8 * pmk,size_t pmk_len,const u8 * pmkid,const u8 * kck,size_t kck_len,const u8 * aa,const u8 * spa,int session_timeout,struct eapol_state_machine * eapol,int akmp)334 pmksa_cache_auth_create_entry(const u8 *pmk, size_t pmk_len, const u8 *pmkid,
335 const u8 *kck, size_t kck_len, const u8 *aa,
336 const u8 *spa, int session_timeout,
337 struct eapol_state_machine *eapol, int akmp)
338 {
339 struct rsn_pmksa_cache_entry *entry;
340 struct os_reltime now;
341
342 #ifdef EXT_WPA_KEY_MGMT_CROP
343 (void)kck;
344 (void)kck_len;
345 #endif /* EXT_WPA_KEY_MGMT_CROP */
346 if (pmk_len > PMK_LEN_MAX)
347 return NULL;
348 #ifndef EXT_WPA_KEY_MGMT_CROP
349 if (wpa_key_mgmt_suite_b(akmp) && !kck)
350 return NULL;
351 #endif /* EXT_WPA_KEY_MGMT_CROP */
352 entry = os_zalloc(sizeof(*entry));
353 if (entry == NULL)
354 return NULL;
355 os_memcpy(entry->pmk, pmk, pmk_len);
356 entry->pmk_len = pmk_len;
357 if (pmkid)
358 os_memcpy(entry->pmkid, pmkid, PMKID_LEN);
359 #ifndef EXT_WPA_KEY_MGMT_CROP
360 else if (akmp == WPA_KEY_MGMT_IEEE8021X_SUITE_B_192)
361 rsn_pmkid_suite_b_192(kck, kck_len, aa, spa, entry->pmkid);
362 else if (wpa_key_mgmt_suite_b(akmp))
363 rsn_pmkid_suite_b(kck, kck_len, aa, spa, entry->pmkid);
364 #endif /* EXT_WPA_KEY_MGMT_CROP */
365 else
366 rsn_pmkid(pmk, pmk_len, aa, spa, entry->pmkid, akmp);
367 os_get_reltime(&now);
368 entry->expiration = now.sec;
369 if (session_timeout > 0)
370 entry->expiration += session_timeout;
371 else
372 entry->expiration += dot11RSNAConfigPMKLifetime;
373 entry->akmp = akmp;
374 os_memcpy(entry->spa, spa, ETH_ALEN);
375 pmksa_cache_from_eapol_data(entry, eapol);
376
377 return entry;
378 }
379
380
381 /**
382 * pmksa_cache_auth_add_entry - Add a PMKSA cache entry
383 * @pmksa: Pointer to PMKSA cache data from pmksa_cache_auth_init()
384 * @entry: Pointer to PMKSA cache entry
385 *
386 * This function adds PMKSA cache entry to the PMKSA cache. If an old entry is
387 * already in the cache for the same Supplicant, this entry will be replaced
388 * with the new entry. PMKID will be calculated based on the PMK.
389 */
pmksa_cache_auth_add_entry(struct rsn_pmksa_cache * pmksa,struct rsn_pmksa_cache_entry * entry)390 int pmksa_cache_auth_add_entry(struct rsn_pmksa_cache *pmksa,
391 struct rsn_pmksa_cache_entry *entry)
392 {
393 struct rsn_pmksa_cache_entry *pos;
394
395 if (entry == NULL)
396 return -1;
397
398 /* Replace an old entry for the same STA (if found) with the new entry
399 */
400 pos = pmksa_cache_auth_get(pmksa, entry->spa, NULL);
401 if (pos)
402 pmksa_cache_free_entry(pmksa, pos);
403
404 if (pmksa->pmksa_count >= pmksa_cache_max_entries && pmksa->pmksa) {
405 /* Remove the oldest entry to make room for the new entry */
406 wpa_warning_log4(MSG_DEBUG, "RSN: removed the oldest PMKSA cache "
407 "entry (for " "%02x:xx:xx:%02x:%02x:%02x" ") to make room for new one",
408 (pmksa->pmksa->spa)[0], (pmksa->pmksa->spa)[3], (pmksa->pmksa->spa)[4], (pmksa->pmksa->spa)[5]);
409 pmksa_cache_free_entry(pmksa, pmksa->pmksa);
410 }
411
412 pmksa_cache_link_entry(pmksa, entry);
413
414 return 0;
415 }
416
417
418 struct rsn_pmksa_cache_entry *
pmksa_cache_add_okc(struct rsn_pmksa_cache * pmksa,const struct rsn_pmksa_cache_entry * old_entry,const u8 * aa,const u8 * pmkid)419 pmksa_cache_add_okc(struct rsn_pmksa_cache *pmksa,
420 const struct rsn_pmksa_cache_entry *old_entry,
421 const u8 *aa, const u8 *pmkid)
422 {
423 struct rsn_pmksa_cache_entry *entry;
424
425 (void)aa;
426 entry = os_zalloc(sizeof(*entry));
427 if (entry == NULL)
428 return NULL;
429 os_memcpy(entry->pmkid, pmkid, PMKID_LEN);
430 os_memcpy(entry->pmk, old_entry->pmk, old_entry->pmk_len);
431 entry->pmk_len = old_entry->pmk_len;
432 entry->expiration = old_entry->expiration;
433 entry->akmp = old_entry->akmp;
434 os_memcpy(entry->spa, old_entry->spa, ETH_ALEN);
435 entry->opportunistic = 1;
436 if (old_entry->identity) {
437 entry->identity = os_malloc(old_entry->identity_len);
438 if (entry->identity) {
439 entry->identity_len = old_entry->identity_len;
440 os_memcpy(entry->identity, old_entry->identity,
441 old_entry->identity_len);
442 }
443 }
444 if (old_entry->cui)
445 entry->cui = wpabuf_dup(old_entry->cui);
446 #ifndef CONFIG_NO_RADIUS
447 radius_copy_class(&entry->radius_class, &old_entry->radius_class);
448 #endif /* CONFIG_NO_RADIUS */
449 entry->eap_type_authsrv = old_entry->eap_type_authsrv;
450 #ifndef LOS_CONFIG_NO_VLAN
451 if (old_entry->vlan_desc) {
452 entry->vlan_desc = os_zalloc(sizeof(struct vlan_description));
453 if (entry->vlan_desc)
454 *entry->vlan_desc = *old_entry->vlan_desc;
455 } else {
456 entry->vlan_desc = NULL;
457 }
458 #endif
459 entry->opportunistic = 1;
460
461 pmksa_cache_link_entry(pmksa, entry);
462
463 return entry;
464 }
465
466
467 /**
468 * pmksa_cache_auth_deinit - Free all entries in PMKSA cache
469 * @pmksa: Pointer to PMKSA cache data from pmksa_cache_auth_init()
470 */
pmksa_cache_auth_deinit(struct rsn_pmksa_cache * pmksa)471 void pmksa_cache_auth_deinit(struct rsn_pmksa_cache *pmksa)
472 {
473 struct rsn_pmksa_cache_entry *entry, *prev;
474 int i;
475
476 if (pmksa == NULL)
477 return;
478
479 entry = pmksa->pmksa;
480 while (entry) {
481 prev = entry;
482 entry = entry->next;
483 _pmksa_cache_free_entry(prev);
484 }
485 eloop_cancel_timeout(pmksa_cache_expire, pmksa, NULL);
486 pmksa->pmksa_count = 0;
487 pmksa->pmksa = NULL;
488 for (i = 0; i < PMKID_HASH_SIZE; i++)
489 pmksa->pmkid[i] = NULL;
490 os_free(pmksa);
491 }
492
493
494 /**
495 * pmksa_cache_auth_get - Fetch a PMKSA cache entry
496 * @pmksa: Pointer to PMKSA cache data from pmksa_cache_auth_init()
497 * @spa: Supplicant address or %NULL to match any
498 * @pmkid: PMKID or %NULL to match any
499 * Returns: Pointer to PMKSA cache entry or %NULL if no match was found
500 */
501 struct rsn_pmksa_cache_entry *
pmksa_cache_auth_get(struct rsn_pmksa_cache * pmksa,const u8 * spa,const u8 * pmkid)502 pmksa_cache_auth_get(struct rsn_pmksa_cache *pmksa,
503 const u8 *spa, const u8 *pmkid)
504 {
505 struct rsn_pmksa_cache_entry *entry;
506
507 if (pmkid) {
508 for (entry = pmksa->pmkid[PMKID_HASH(pmkid)]; entry;
509 entry = entry->hnext) {
510 if ((spa == NULL ||
511 os_memcmp(entry->spa, spa, ETH_ALEN) == 0) &&
512 os_memcmp(entry->pmkid, pmkid, PMKID_LEN) == 0)
513 return entry;
514 }
515 } else {
516 for (entry = pmksa->pmksa; entry; entry = entry->next) {
517 if (spa == NULL ||
518 os_memcmp(entry->spa, spa, ETH_ALEN) == 0)
519 return entry;
520 }
521 }
522
523 return NULL;
524 }
525
526
527 /**
528 * pmksa_cache_get_okc - Fetch a PMKSA cache entry using OKC
529 * @pmksa: Pointer to PMKSA cache data from pmksa_cache_auth_init()
530 * @aa: Authenticator address
531 * @spa: Supplicant address
532 * @pmkid: PMKID
533 * Returns: Pointer to PMKSA cache entry or %NULL if no match was found
534 *
535 * Use opportunistic key caching (OKC) to find a PMK for a supplicant.
536 */
pmksa_cache_get_okc(struct rsn_pmksa_cache * pmksa,const u8 * aa,const u8 * spa,const u8 * pmkid)537 struct rsn_pmksa_cache_entry * pmksa_cache_get_okc(
538 struct rsn_pmksa_cache *pmksa, const u8 *aa, const u8 *spa,
539 const u8 *pmkid)
540 {
541 struct rsn_pmksa_cache_entry *entry;
542 u8 new_pmkid[PMKID_LEN];
543
544 for (entry = pmksa->pmksa; entry; entry = entry->next) {
545 if (os_memcmp(entry->spa, spa, ETH_ALEN) != 0)
546 continue;
547 if (wpa_key_mgmt_sae(entry->akmp) ||
548 wpa_key_mgmt_fils(entry->akmp)) {
549 if (os_memcmp(entry->pmkid, pmkid, PMKID_LEN) == 0)
550 return entry;
551 continue;
552 }
553 rsn_pmkid(entry->pmk, entry->pmk_len, aa, spa, new_pmkid,
554 entry->akmp);
555 if (os_memcmp(new_pmkid, pmkid, PMKID_LEN) == 0)
556 return entry;
557 }
558 return NULL;
559 }
560
561
562 /**
563 * pmksa_cache_auth_init - Initialize PMKSA cache
564 * @free_cb: Callback function to be called when a PMKSA cache entry is freed
565 * @ctx: Context pointer for free_cb function
566 * Returns: Pointer to PMKSA cache data or %NULL on failure
567 */
568 struct rsn_pmksa_cache *
pmksa_cache_auth_init(void (* free_cb)(struct rsn_pmksa_cache_entry * entry,void * ctx),void * ctx)569 pmksa_cache_auth_init(void (*free_cb)(struct rsn_pmksa_cache_entry *entry,
570 void *ctx), void *ctx)
571 {
572 struct rsn_pmksa_cache *pmksa;
573
574 pmksa = os_zalloc(sizeof(*pmksa));
575 if (pmksa) {
576 pmksa->free_cb = free_cb;
577 pmksa->ctx = ctx;
578 }
579
580 return pmksa;
581 }
582
583 #ifndef EXT_CODE_CROP
das_attr_match(struct rsn_pmksa_cache_entry * entry,struct radius_das_attrs * attr)584 static int das_attr_match(struct rsn_pmksa_cache_entry *entry,
585 struct radius_das_attrs *attr)
586 {
587 int match = 0;
588
589 if (attr->sta_addr) {
590 if (os_memcmp(attr->sta_addr, entry->spa, ETH_ALEN) != 0)
591 return 0;
592 match++;
593 }
594
595 if (attr->acct_multi_session_id) {
596 char buf[20];
597
598 if (attr->acct_multi_session_id_len != 16)
599 return 0;
600 os_snprintf(buf, sizeof(buf), "%016llX",
601 (unsigned long long) entry->acct_multi_session_id);
602 if (os_memcmp(attr->acct_multi_session_id, buf, 16) != 0)
603 return 0;
604 match++;
605 }
606
607 if (attr->cui) {
608 if (!entry->cui ||
609 attr->cui_len != wpabuf_len(entry->cui) ||
610 os_memcmp(attr->cui, wpabuf_head(entry->cui),
611 attr->cui_len) != 0)
612 return 0;
613 match++;
614 }
615
616 if (attr->user_name) {
617 if (!entry->identity ||
618 attr->user_name_len != entry->identity_len ||
619 os_memcmp(attr->user_name, entry->identity,
620 attr->user_name_len) != 0)
621 return 0;
622 match++;
623 }
624
625 return match;
626 }
627
628
pmksa_cache_auth_radius_das_disconnect(struct rsn_pmksa_cache * pmksa,struct radius_das_attrs * attr)629 int pmksa_cache_auth_radius_das_disconnect(struct rsn_pmksa_cache *pmksa,
630 struct radius_das_attrs *attr)
631 {
632 int found = 0;
633 struct rsn_pmksa_cache_entry *entry, *prev;
634
635 if (attr->acct_session_id)
636 return -1;
637
638 entry = pmksa->pmksa;
639 while (entry) {
640 if (das_attr_match(entry, attr)) {
641 found++;
642 prev = entry;
643 entry = entry->next;
644 pmksa_cache_free_entry(pmksa, prev);
645 continue;
646 }
647 entry = entry->next;
648 }
649
650 return found ? 0 : -1;
651 }
652 #endif /* EXT_CODE_CROP */
653
654 /**
655 * pmksa_cache_auth_list - Dump text list of entries in PMKSA cache
656 * @pmksa: Pointer to PMKSA cache data from pmksa_cache_auth_init()
657 * @buf: Buffer for the list
658 * @len: Length of the buffer
659 * Returns: Number of bytes written to buffer
660 *
661 * This function is used to generate a text format representation of the
662 * current PMKSA cache contents for the ctrl_iface PMKSA command.
663 */
pmksa_cache_auth_list(struct rsn_pmksa_cache * pmksa,char * buf,size_t len)664 int pmksa_cache_auth_list(struct rsn_pmksa_cache *pmksa, char *buf, size_t len)
665 {
666 int i, ret;
667 char *pos = buf;
668 struct rsn_pmksa_cache_entry *entry;
669 struct os_reltime now;
670
671 os_get_reltime(&now);
672 ret = os_snprintf(pos, buf + len - pos,
673 "Index / SPA / PMKID / expiration (in seconds) / opportunistic\n");
674 if (os_snprintf_error(buf + len - pos, ret))
675 return pos - buf;
676 pos += ret;
677 i = 0;
678 entry = pmksa->pmksa;
679 while (entry) {
680 ret = os_snprintf(pos, buf + len - pos, "%d " MACSTR " ",
681 i, MAC2STR(entry->spa));
682 if (os_snprintf_error(buf + len - pos, ret))
683 return pos - buf;
684 pos += ret;
685 pos += wpa_snprintf_hex(pos, buf + len - pos, entry->pmkid,
686 PMKID_LEN);
687 ret = os_snprintf(pos, buf + len - pos, " %d %d\n",
688 (int) (entry->expiration - now.sec),
689 entry->opportunistic);
690 if (os_snprintf_error(buf + len - pos, ret))
691 return pos - buf;
692 pos += ret;
693 entry = entry->next;
694 }
695 return pos - buf;
696 }
697
698
699 #ifdef CONFIG_PMKSA_CACHE_EXTERNAL
700 #ifdef CONFIG_MESH
701
702 /**
703 * pmksa_cache_auth_list_mesh - Dump text list of entries in PMKSA cache
704 * @pmksa: Pointer to PMKSA cache data from pmksa_cache_auth_init()
705 * @addr: MAC address of the peer (NULL means any)
706 * @buf: Buffer for the list
707 * @len: Length of the buffer
708 * Returns: Number of bytes written to buffer
709 *
710 * This function is used to generate a text format representation of the
711 * current PMKSA cache contents for the ctrl_iface PMKSA_GET command to store
712 * in external storage.
713 */
pmksa_cache_auth_list_mesh(struct rsn_pmksa_cache * pmksa,const u8 * addr,char * buf,size_t len)714 int pmksa_cache_auth_list_mesh(struct rsn_pmksa_cache *pmksa, const u8 *addr,
715 char *buf, size_t len)
716 {
717 int ret;
718 char *pos, *end;
719 struct rsn_pmksa_cache_entry *entry;
720 struct os_reltime now;
721
722 pos = buf;
723 end = buf + len;
724 os_get_reltime(&now);
725
726
727 /*
728 * Entry format:
729 * <BSSID> <PMKID> <PMK> <expiration in seconds>
730 */
731 for (entry = pmksa->pmksa; entry; entry = entry->next) {
732 if (addr && os_memcmp(entry->spa, addr, ETH_ALEN) != 0)
733 continue;
734
735 ret = os_snprintf(pos, end - pos, MACSTR " ",
736 MAC2STR(entry->spa));
737 if (os_snprintf_error(end - pos, ret))
738 return 0;
739 pos += ret;
740
741 pos += wpa_snprintf_hex(pos, end - pos, entry->pmkid,
742 PMKID_LEN);
743
744 ret = os_snprintf(pos, end - pos, " ");
745 if (os_snprintf_error(end - pos, ret))
746 return 0;
747 pos += ret;
748
749 pos += wpa_snprintf_hex(pos, end - pos, entry->pmk,
750 entry->pmk_len);
751
752 ret = os_snprintf(pos, end - pos, " %d\n",
753 (int) (entry->expiration - now.sec));
754 if (os_snprintf_error(end - pos, ret))
755 return 0;
756 pos += ret;
757 }
758
759 return pos - buf;
760 }
761
762 #endif /* CONFIG_MESH */
763 #endif /* CONFIG_PMKSA_CACHE_EXTERNAL */
764