|
|
6c9f0c |
From 7508c2ad99cef6d0691190063ec7735b7759f836 Mon Sep 17 00:00:00 2001
|
|
|
6c9f0c |
Message-Id: <7508c2ad99cef6d0691190063ec7735b7759f836.1488376602.git.dcaratti@redhat.com>
|
|
|
6c9f0c |
From: Badrish Adiga H R <badrish.adigahr@gmail.com>
|
|
|
6c9f0c |
Date: Fri, 16 Dec 2016 01:40:53 +0530
|
|
|
6c9f0c |
Subject: [PATCH] PAE: Make KaY specific details available via control
|
|
|
6c9f0c |
interface
|
|
|
6c9f0c |
|
|
|
6c9f0c |
Add KaY details to the STATUS command output.
|
|
|
6c9f0c |
|
|
|
6c9f0c |
Signed-off-by: Badrish Adiga H R <badrish.adigahr@hpe.com>
|
|
|
6c9f0c |
---
|
|
|
6c9f0c |
src/pae/ieee802_1x_kay.c | 49 +++++++++++++++++++++++++++++++++++++++++++++
|
|
|
6c9f0c |
src/pae/ieee802_1x_kay.h | 3 +++
|
|
|
6c9f0c |
wpa_supplicant/ctrl_iface.c | 6 ++++++
|
|
|
6c9f0c |
3 files changed, 58 insertions(+)
|
|
|
6c9f0c |
|
|
|
6c9f0c |
diff --git a/src/pae/ieee802_1x_kay.c b/src/pae/ieee802_1x_kay.c
|
|
|
6c9f0c |
index 1d6d9a9..cf5782a 100644
|
|
|
6c9f0c |
--- a/src/pae/ieee802_1x_kay.c
|
|
|
6c9f0c |
+++ b/src/pae/ieee802_1x_kay.c
|
|
|
6c9f0c |
@@ -1641,6 +1641,7 @@ ieee802_1x_mka_decode_dist_sak_body(
|
|
|
6c9f0c |
ieee802_1x_cp_signal_newsak(kay->cp);
|
|
|
6c9f0c |
ieee802_1x_cp_sm_step(kay->cp);
|
|
|
6c9f0c |
|
|
|
6c9f0c |
+ kay->rcvd_keys++;
|
|
|
6c9f0c |
participant->to_use_sak = TRUE;
|
|
|
6c9f0c |
|
|
|
6c9f0c |
return 0;
|
|
|
6c9f0c |
@@ -3519,3 +3520,51 @@ ieee802_1x_kay_change_cipher_suite(struct ieee802_1x_kay *kay,
|
|
|
6c9f0c |
|
|
|
6c9f0c |
return 0;
|
|
|
6c9f0c |
}
|
|
|
6c9f0c |
+
|
|
|
6c9f0c |
+
|
|
|
6c9f0c |
+#ifdef CONFIG_CTRL_IFACE
|
|
|
6c9f0c |
+/**
|
|
|
6c9f0c |
+ * ieee802_1x_kay_get_status - Get IEEE 802.1X KaY status details
|
|
|
6c9f0c |
+ * @sm: Pointer to KaY allocated with ieee802_1x_kay_init()
|
|
|
6c9f0c |
+ * @buf: Buffer for status information
|
|
|
6c9f0c |
+ * @buflen: Maximum buffer length
|
|
|
6c9f0c |
+ * @verbose: Whether to include verbose status information
|
|
|
6c9f0c |
+ * Returns: Number of bytes written to buf.
|
|
|
6c9f0c |
+ *
|
|
|
6c9f0c |
+ * Query KAY status information. This function fills in a text area with current
|
|
|
6c9f0c |
+ * status information. If the buffer (buf) is not large enough, status
|
|
|
6c9f0c |
+ * information will be truncated to fit the buffer.
|
|
|
6c9f0c |
+ */
|
|
|
6c9f0c |
+int ieee802_1x_kay_get_status(struct ieee802_1x_kay *kay, char *buf,
|
|
|
6c9f0c |
+ size_t buflen)
|
|
|
6c9f0c |
+{
|
|
|
6c9f0c |
+ int len;
|
|
|
6c9f0c |
+
|
|
|
6c9f0c |
+ if (!kay)
|
|
|
6c9f0c |
+ return 0;
|
|
|
6c9f0c |
+
|
|
|
6c9f0c |
+ len = os_snprintf(buf, buflen,
|
|
|
6c9f0c |
+ "PAE KaY status=%s\n"
|
|
|
6c9f0c |
+ "Authenticated=%s\n"
|
|
|
6c9f0c |
+ "Secured=%s\n"
|
|
|
6c9f0c |
+ "Failed=%s\n"
|
|
|
6c9f0c |
+ "Actor Priority=%u\n"
|
|
|
6c9f0c |
+ "Key Server Priority=%u\n"
|
|
|
6c9f0c |
+ "Is Key Server=%s\n"
|
|
|
6c9f0c |
+ "Number of Keys Distributed=%u\n"
|
|
|
6c9f0c |
+ "Number of Keys Received=%u\n",
|
|
|
6c9f0c |
+ kay->active ? "Active" : "Not-Active",
|
|
|
6c9f0c |
+ kay->authenticated ? "Yes" : "No",
|
|
|
6c9f0c |
+ kay->secured ? "Yes" : "No",
|
|
|
6c9f0c |
+ kay->failed ? "Yes" : "No",
|
|
|
6c9f0c |
+ kay->actor_priority,
|
|
|
6c9f0c |
+ kay->key_server_priority,
|
|
|
6c9f0c |
+ kay->is_key_server ? "Yes" : "No",
|
|
|
6c9f0c |
+ kay->dist_kn - 1,
|
|
|
6c9f0c |
+ kay->rcvd_keys);
|
|
|
6c9f0c |
+ if (os_snprintf_error(buflen, len))
|
|
|
6c9f0c |
+ return 0;
|
|
|
6c9f0c |
+
|
|
|
6c9f0c |
+ return len;
|
|
|
6c9f0c |
+}
|
|
|
6c9f0c |
+#endif /* CONFIG_CTRL_IFACE */
|
|
|
6c9f0c |
diff --git a/src/pae/ieee802_1x_kay.h b/src/pae/ieee802_1x_kay.h
|
|
|
6c9f0c |
index 9a92d1c..b38e814 100644
|
|
|
6c9f0c |
--- a/src/pae/ieee802_1x_kay.h
|
|
|
6c9f0c |
+++ b/src/pae/ieee802_1x_kay.h
|
|
|
6c9f0c |
@@ -208,6 +208,7 @@ struct ieee802_1x_kay {
|
|
|
6c9f0c |
int mka_algindex; /* MKA alg table index */
|
|
|
6c9f0c |
|
|
|
6c9f0c |
u32 dist_kn;
|
|
|
6c9f0c |
+ u32 rcvd_keys;
|
|
|
6c9f0c |
u8 dist_an;
|
|
|
6c9f0c |
time_t dist_time;
|
|
|
6c9f0c |
|
|
|
6c9f0c |
@@ -267,5 +268,7 @@ int ieee802_1x_kay_enable_tx_sas(struct ieee802_1x_kay *kay,
|
|
|
6c9f0c |
int ieee802_1x_kay_enable_rx_sas(struct ieee802_1x_kay *kay,
|
|
|
6c9f0c |
struct ieee802_1x_mka_ki *lki);
|
|
|
6c9f0c |
int ieee802_1x_kay_enable_new_info(struct ieee802_1x_kay *kay);
|
|
|
6c9f0c |
+int ieee802_1x_kay_get_status(struct ieee802_1x_kay *kay, char *buf,
|
|
|
6c9f0c |
+ size_t buflen);
|
|
|
6c9f0c |
|
|
|
6c9f0c |
#endif /* IEEE802_1X_KAY_H */
|
|
|
6c9f0c |
diff --git a/wpa_supplicant/ctrl_iface.c b/wpa_supplicant/ctrl_iface.c
|
|
|
6c9f0c |
index c943dee..624e894 100644
|
|
|
6c9f0c |
--- a/wpa_supplicant/ctrl_iface.c
|
|
|
6c9f0c |
+++ b/wpa_supplicant/ctrl_iface.c
|
|
|
6c9f0c |
@@ -2050,6 +2050,12 @@ static int wpa_supplicant_ctrl_iface_status(struct wpa_supplicant *wpa_s,
|
|
|
6c9f0c |
pos += res;
|
|
|
6c9f0c |
}
|
|
|
6c9f0c |
|
|
|
6c9f0c |
+#ifdef CONFIG_MACSEC
|
|
|
6c9f0c |
+ res = ieee802_1x_kay_get_status(wpa_s->kay, pos, end - pos);
|
|
|
6c9f0c |
+ if (res > 0)
|
|
|
6c9f0c |
+ pos += res;
|
|
|
6c9f0c |
+#endif /* CONFIG_MACSEC */
|
|
|
6c9f0c |
+
|
|
|
6c9f0c |
sess_id = eapol_sm_get_session_id(wpa_s->eapol, &sess_id_len);
|
|
|
6c9f0c |
if (sess_id) {
|
|
|
6c9f0c |
char *start = pos;
|
|
|
6c9f0c |
--
|
|
|
6c9f0c |
2.7.4
|
|
|
6c9f0c |
|