1 /*
2 * EAP common peer/server definitions
3 * Copyright (c) 2004-2007, Jouni Malinen <j@w1.fi>
4 *
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
7 */
8
9 #include "includes.h"
10
11 #include "common.h"
12 #include "eap_defs.h"
13 #include "eap_common.h"
14
15 /**
16 * eap_hdr_validate - Validate EAP header
17 * @vendor: Expected EAP Vendor-Id (0 = IETF)
18 * @eap_type: Expected EAP type number
19 * @msg: EAP frame (starting with EAP header)
20 * @plen: Pointer to variable to contain the returned payload length
21 * Returns: Pointer to EAP payload (after type field), or %NULL on failure
22 *
23 * This is a helper function for EAP method implementations. This is usually
24 * called in the beginning of struct eap_method::process() function to verify
25 * that the received EAP request packet has a valid header. This function is
26 * able to process both legacy and expanded EAP headers and in most cases, the
27 * caller can just use the returned payload pointer (into *plen) for processing
28 * the payload regardless of whether the packet used the expanded EAP header or
29 * not.
30 */
eap_hdr_validate(int vendor,EapType eap_type,const struct wpabuf * msg,size_t * plen)31 const u8 * eap_hdr_validate(int vendor, EapType eap_type,
32 const struct wpabuf *msg, size_t *plen)
33 {
34 const struct eap_hdr *hdr;
35 const u8 *pos;
36 size_t len;
37
38 hdr = wpabuf_head(msg);
39
40 if (wpabuf_len(msg) < sizeof(*hdr)) {
41 wpa_printf(MSG_INFO, "EAP: Too short EAP frame");
42 return NULL;
43 }
44
45 len = be_to_host16(hdr->length);
46 if (len < sizeof(*hdr) + 1 || len > wpabuf_len(msg)) {
47 wpa_printf(MSG_INFO, "EAP: Invalid EAP length");
48 return NULL;
49 }
50
51 pos = (const u8 *) (hdr + 1);
52
53 if (*pos == EAP_TYPE_EXPANDED) {
54 int exp_vendor;
55 u32 exp_type;
56 if (len < sizeof(*hdr) + 8) {
57 wpa_printf(MSG_INFO, "EAP: Invalid expanded EAP "
58 "length");
59 return NULL;
60 }
61 pos++;
62 exp_vendor = WPA_GET_BE24(pos);
63 pos += 3;
64 exp_type = WPA_GET_BE32(pos);
65 pos += 4;
66 if (exp_vendor != vendor || exp_type != (u32) eap_type) {
67 wpa_printf(MSG_INFO, "EAP: Invalid expanded frame "
68 "type");
69 return NULL;
70 }
71
72 *plen = len - sizeof(*hdr) - 8;
73 return pos;
74 } else {
75 if (vendor != EAP_VENDOR_IETF || *pos != eap_type) {
76 wpa_printf(MSG_INFO, "EAP: Invalid frame type");
77 return NULL;
78 }
79 *plen = len - sizeof(*hdr) - 1;
80 return pos + 1;
81 }
82 }
83
84
85 /**
86 * eap_msg_alloc - Allocate a buffer for an EAP message
87 * @vendor: Vendor-Id (0 = IETF)
88 * @type: EAP type
89 * @payload_len: Payload length in bytes (data after Type)
90 * @code: Message Code (EAP_CODE_*)
91 * @identifier: Identifier
92 * Returns: Pointer to the allocated message buffer or %NULL on error
93 *
94 * This function can be used to allocate a buffer for an EAP message and fill
95 * in the EAP header. This function is automatically using expanded EAP header
96 * if the selected Vendor-Id is not IETF. In other words, most EAP methods do
97 * not need to separately select which header type to use when using this
98 * function to allocate the message buffers. The returned buffer has room for
99 * payload_len bytes and has the EAP header and Type field already filled in.
100 */
eap_msg_alloc(int vendor,EapType type,size_t payload_len,u8 code,u8 identifier)101 struct wpabuf * eap_msg_alloc(int vendor, EapType type, size_t payload_len,
102 u8 code, u8 identifier)
103 {
104 struct wpabuf *buf;
105 struct eap_hdr *hdr;
106 size_t len;
107
108 len = sizeof(struct eap_hdr) + (vendor == EAP_VENDOR_IETF ? 1 : 8) +
109 payload_len;
110 buf = wpabuf_alloc(len);
111 if (buf == NULL)
112 return NULL;
113
114 hdr = wpabuf_put(buf, sizeof(*hdr));
115 hdr->code = code;
116 hdr->identifier = identifier;
117 hdr->length = host_to_be16(len);
118
119 if (vendor == EAP_VENDOR_IETF) {
120 wpabuf_put_u8(buf, type);
121 } else {
122 wpabuf_put_u8(buf, EAP_TYPE_EXPANDED);
123 wpabuf_put_be24(buf, vendor);
124 wpabuf_put_be32(buf, type);
125 }
126
127 return buf;
128 }
129
130
131 /**
132 * eap_update_len - Update EAP header length
133 * @msg: EAP message from eap_msg_alloc
134 *
135 * This function updates the length field in the EAP header to match with the
136 * current length for the buffer. This allows eap_msg_alloc() to be used to
137 * allocate a larger buffer than the exact message length (e.g., if exact
138 * message length is not yet known).
139 */
eap_update_len(struct wpabuf * msg)140 void eap_update_len(struct wpabuf *msg)
141 {
142 struct eap_hdr *hdr;
143 hdr = wpabuf_mhead(msg);
144 if (wpabuf_len(msg) < sizeof(*hdr))
145 return;
146 hdr->length = host_to_be16(wpabuf_len(msg));
147 }
148
149
150 /**
151 * eap_get_id - Get EAP Identifier from wpabuf
152 * @msg: Buffer starting with an EAP header
153 * Returns: The Identifier field from the EAP header
154 */
eap_get_id(const struct wpabuf * msg)155 u8 eap_get_id(const struct wpabuf *msg)
156 {
157 const struct eap_hdr *eap;
158
159 if (wpabuf_len(msg) < sizeof(*eap))
160 return 0;
161
162 eap = wpabuf_head(msg);
163 return eap->identifier;
164 }
165
166
167 /**
168 * eap_get_id - Get EAP Type from wpabuf
169 * @msg: Buffer starting with an EAP header
170 * Returns: The EAP Type after the EAP header
171 */
eap_get_type(const struct wpabuf * msg)172 EapType eap_get_type(const struct wpabuf *msg)
173 {
174 if (wpabuf_len(msg) < sizeof(struct eap_hdr) + 1)
175 return EAP_TYPE_NONE;
176
177 return ((const u8 *) wpabuf_head(msg))[sizeof(struct eap_hdr)];
178 }
179