[PATCH] Add eapol_sm_notify_eap_config function to eapol_supp_sm.c.
David Smith (☕)
dds
Tue Jan 13 18:37:02 PST 2009
This function is for reconfiguring the EAPOL state machine when the EAP
configuration is changed, either by reconfiguring smartcard modules over
DBus or a reload of the config file.
Also, modify ctrl_iface_dbus_handlers.c and wpa_supplicant.c to use new
interface.
---
src/eapol_supp/eapol_supp_sm.c | 30
+++++++++++++++++++++++++++-
src/eapol_supp/eapol_supp_sm.h | 8 +++++++
wpa_supplicant/ctrl_iface_dbus_handlers.c | 11 +++++++--
wpa_supplicant/wpa_supplicant.c | 14 +++++++++---
4 files changed, 54 insertions(+), 9 deletions(-)
diff --git a/src/eapol_supp/eapol_supp_sm.c b/src/eapol_supp/eapol_supp_sm.c
index f382ee6..d7b7876 100644
--- a/src/eapol_supp/eapol_supp_sm.c
+++ b/src/eapol_supp/eapol_supp_sm.c
@@ -1772,6 +1772,32 @@ static struct eapol_callbacks eapol_cb =
/**
+ * eapol_sm_notify_eap_config - Notification of EAP config change
+ * @sm: Pointer to EAPOL state machine allocated with eapol_sm_init()
+ * @eap_config: Pointer to EAP configuration data
+ * Returns: TRUE if successful, FALSE if not.
+ *
+ * Notify EAPOL state machine that EAP configuration has changed.
+ */
+Boolean eapol_sm_notify_eap_config(struct eapol_sm *sm,
+ struct eap_config *config)
+{
+ if (sm == NULL || config == NULL)
+ return FALSE;
+
+ eapol_sm_invalidate_cached_session(sm);
+ if (sm->eap)
+ eap_peer_sm_deinit(sm->eap);
+ sm->eap = eap_peer_sm_init(sm, &eapol_cb, sm->ctx->msg_ctx,
+ config);
+
+ if (sm->eap == NULL)
+ return FALSE;
+ else
+ return TRUE;
+}
+
+/**
* eapol_sm_init - Initialize EAPOL state machine
* @ctx: Pointer to EAPOL context data; this needs to be an allocated buffer
* and EAPOL state machine will free it in eapol_sm_deinit()
@@ -1806,8 +1832,8 @@ struct eapol_sm *eapol_sm_init(struct eapol_ctx *ctx)
#endif /* EAP_TLS_OPENSSL */
conf.wps = ctx->wps;
- sm->eap = eap_peer_sm_init(sm, &eapol_cb, sm->ctx->msg_ctx, &conf);
- if (sm->eap == NULL) {
+ if (! eapol_sm_notify_eap_config(sm, &conf))
+ {
os_free(sm);
return NULL;
}
diff --git a/src/eapol_supp/eapol_supp_sm.h b/src/eapol_supp/eapol_supp_sm.h
index 57d7bc1..ba97dcd 100644
--- a/src/eapol_supp/eapol_supp_sm.h
+++ b/src/eapol_supp/eapol_supp_sm.h
@@ -16,6 +16,7 @@
#define EAPOL_SUPP_SM_H
#include "defs.h"
+#include "eap_peer/eap.h"
typedef enum { Unauthorized, Authorized } PortStatus;
typedef enum { Auto, ForceUnauthorized, ForceAuthorized } PortControl;
@@ -250,6 +251,9 @@ void eapol_sm_notify_ctrl_response(struct eapol_sm *sm);
void eapol_sm_request_reauth(struct eapol_sm *sm);
void eapol_sm_notify_lower_layer_success(struct eapol_sm *sm, int
in_eapol_sm);
void eapol_sm_invalidate_cached_session(struct eapol_sm *sm);
+Boolean eapol_sm_notify_eap_config(struct eapol_sm *sm,
+ struct eap_config *config);
+
#else /* IEEE8021X_EAPOL */
static inline struct eapol_sm *eapol_sm_init(struct eapol_ctx *ctx)
{
@@ -337,6 +341,10 @@ static inline void
eapol_sm_notify_lower_layer_success(struct eapol_sm *sm,
static inline void eapol_sm_invalidate_cached_session(struct eapol_sm *sm)
{
}
+static inline Boolean eapol_sm_notify_eap_config(struct eapol_sm *sm,
+ struct eap_config *config)
+{
+}
#endif /* IEEE8021X_EAPOL */
#endif /* EAPOL_SUPP_SM_H */
diff --git a/wpa_supplicant/ctrl_iface_dbus_handlers.c
b/wpa_supplicant/ctrl_iface_dbus_handlers.c
index 3c29804..a19e291 100644
--- a/wpa_supplicant/ctrl_iface_dbus_handlers.c
+++ b/wpa_supplicant/ctrl_iface_dbus_handlers.c
@@ -1205,6 +1205,7 @@ DBusMessage * wpas_dbus_iface_set_smartcard_modules(
char *pkcs11_engine_path = NULL;
char *pkcs11_module_path = NULL;
struct wpa_dbus_dict_entry entry;
+ struct eap_config conf;
if (!dbus_message_iter_init(message, &iter))
goto error;
@@ -1244,13 +1245,17 @@ DBusMessage * wpas_dbus_iface_set_smartcard_modules(
wpa_s->conf->pkcs11_engine_path = pkcs11_engine_path;
os_free(wpa_s->conf->pkcs11_module_path);
wpa_s->conf->pkcs11_module_path = pkcs11_module_path;
-#endif /* EAP_TLS_OPENSSL */
- eapol_sm_deinit(wpa_s->eapol);
- wpa_supplicant_init_eapol(wpa_s);
+ os_memset(&conf, 0, sizeof(conf));
+ conf.opensc_engine_path = wpa_s->conf->opensc_engine_path;
+ conf.pkcs11_engine_path = wpa_s->conf->pkcs11_engine_path;
+ conf.pkcs11_module_path = wpa_s->conf->pkcs11_module_path;
+ eapol_sm_notify_eap_config(wpa_s->eapol, &conf);
+#endif /* EAP_TLS_OPENSSL */
return wpas_dbus_new_success_reply(message);
+
error:
os_free(opensc_engine_path);
os_free(pkcs11_engine_path);
diff --git a/wpa_supplicant/wpa_supplicant.c
b/wpa_supplicant/wpa_supplicant.c
index d23220d..b8aa289 100644
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
@@ -537,6 +537,7 @@ static void wpa_supplicant_clear_status(struct
wpa_supplicant *wpa_s)
int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s)
{
struct wpa_config *conf;
+ struct eap_config eap_conf;
int reconf_ctrl;
if (wpa_s->confname == NULL)
return -1;
@@ -559,10 +560,15 @@ int wpa_supplicant_reload_configuration(struct
wpa_supplicant *wpa_s)
eapol_sm_invalidate_cached_session(wpa_s->eapol);
wpa_s->current_ssid = NULL;
- /*
- * TODO: should notify EAPOL SM about changes in opensc_engine_path,
- * pkcs11_engine_path, pkcs11_module_path.
- */
+
+ os_memset(&eap_conf, 0, sizeof(conf));
+#ifdef EAP_TLS_OPENSSL
+ eap_conf.opensc_engine_path = conf->opensc_engine_path;
+ eap_conf.pkcs11_engine_path = conf->pkcs11_engine_path;
+ eap_conf.pkcs11_module_path = conf->pkcs11_module_path;
+#endif /* EAP_TLS_OPENSSL */
+ eapol_sm_notify_eap_config(wpa_s->eapol, &eap_conf);
+
if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) {
/*
* Clear forced success to clear EAP state for next
--
1.5.6.3
--
- dds
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.shmoo.com/pipermail/hostap/attachments/20090114/85367f06/attachment.htm
More information about the Hostap
mailing list