[PATCH 1/2] eap_sim_db.c: implements eap_sim_db_expire_pending

Frederic Leroy frederic.leroy
Mon Sep 21 02:30:14 PDT 2015 

For eap-aka, expires pending db request after 1 second.
If there is no answer from hlr_auc_gw on the unix socket, the eap state
for the user remains in "pending" state.
Next authentication try will fail.
This patch sets a timeout for hlr_auc_gw queries in order to release the
session pending state.

Signed-off-by: Frederic Leroy <frederic.leroy at b-com.com>
---
 src/eap_server/eap_sim_db.c | 28 +++++++++++++++++++++++++---
 src/eap_server/eap_sim_db.h |  3 +++
 2 files changed, 28 insertions(+), 3 deletions(-)

diff --git a/src/eap_server/eap_sim_db.c b/src/eap_server/eap_sim_db.c
index acf5435..2714166 100644
--- a/src/eap_server/eap_sim_db.c
+++ b/src/eap_server/eap_sim_db.c
@@ -832,12 +832,34 @@ static int eap_sim_db_send(struct eap_sim_db_data *data, const char *msg,
 	return 0;
 }
 
+void eap_sim_db_del_pending(struct eap_sim_db_data *data, struct eap_sim_db_pending *entry) {
+	struct eap_sim_db_pending **pp = &data->pending;
+	if ( entry == NULL )
+		return;
+
+	wpa_printf(MSG_DEBUG, "EAP-SIM DB: data->pending=%p entry=%p\n", data, entry);
+	while ( *pp != NULL ) {
+		if ( *pp == entry ) {
+			*pp = entry->next;
+			os_free(entry);
+			return;
+		}
+		pp = &(*pp)->next;
+	}
+}
+
+void eap_sim_db_query_timeout(void *eloop_ctx, void *user_ctx) {
+	struct eap_sim_db_data *data = user_ctx;
+	struct eap_sim_db_pending *entry = eloop_ctx;
+	eap_sim_db_del_pending(data, entry);
+}
 
-static void eap_sim_db_expire_pending(struct eap_sim_db_data *data)
+static void eap_sim_db_expire_pending(struct eap_sim_db_data *data, struct eap_sim_db_pending *entry)
 {
 	/* TODO: add limit for maximum length for pending list; remove latest
 	 * (i.e., last) entry from the list if the limit is reached; could also
 	 * use timeout to expire pending entries */
+	eloop_register_timeout(EAP_SIM_DB_QUERY_TIMEOUT_SEC, EAP_SIM_DB_QUERY_TIMEOUT_USEC, eap_sim_db_query_timeout, entry, data);
 }
 
 
@@ -945,7 +967,7 @@ int eap_sim_db_get_gsm_triplets(struct eap_sim_db_data *data,
 	entry->cb_session_ctx = cb_session_ctx;
 	entry->state = PENDING;
 	eap_sim_db_add_pending(data, entry);
-	eap_sim_db_expire_pending(data);
+	eap_sim_db_expire_pending(data, entry);
 
 	return EAP_SIM_DB_PENDING;
 }
@@ -1406,7 +1428,7 @@ int eap_sim_db_get_aka_auth(struct eap_sim_db_data *data, const char *username,
 	entry->cb_session_ctx = cb_session_ctx;
 	entry->state = PENDING;
 	eap_sim_db_add_pending(data, entry);
-	eap_sim_db_expire_pending(data);
+	eap_sim_db_expire_pending(data, entry);
 
 	return EAP_SIM_DB_PENDING;
 }
diff --git a/src/eap_server/eap_sim_db.h b/src/eap_server/eap_sim_db.h
index 53a1a7c..6098c84 100644
--- a/src/eap_server/eap_sim_db.h
+++ b/src/eap_server/eap_sim_db.h
@@ -45,6 +45,9 @@ int eap_sim_db_get_gsm_triplets(struct eap_sim_db_data *data,
 #define EAP_SIM_DB_FAILURE -1
 #define EAP_SIM_DB_PENDING -2
 
+#define EAP_SIM_DB_QUERY_TIMEOUT_SEC 1
+#define EAP_SIM_DB_QUERY_TIMEOUT_USEC 0
+
 char * eap_sim_db_get_next_pseudonym(struct eap_sim_db_data *data,
 				     enum eap_sim_db_method method);
 
-- 
2.1.4

More information about the Hostap mailing list