X-Git-Url: http://www.project-moonshot.org/gitweb/?a=blobdiff_plain;f=libeap%2Fsrc%2Feap_peer%2Feap_md5.c;fp=libeap%2Fsrc%2Feap_peer%2Feap_md5.c;h=0edbae8f74d378d54c5f8564472e5c4338257452;hb=fa210a112d16848a282d662f16f9b8589dd371df;hp=0000000000000000000000000000000000000000;hpb=a3d666260a9b578b9ad6f7ffd15671530ec632d9;p=mech_eap.orig diff --git a/libeap/src/eap_peer/eap_md5.c b/libeap/src/eap_peer/eap_md5.c new file mode 100644 index 0000000..0edbae8 --- /dev/null +++ b/libeap/src/eap_peer/eap_md5.c @@ -0,0 +1,120 @@ +/* + * EAP peer method: EAP-MD5 (RFC 3748 and RFC 1994) + * Copyright (c) 2004-2006, Jouni Malinen + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 2 as + * published by the Free Software Foundation. + * + * Alternatively, this software may be distributed under the terms of BSD + * license. + * + * See README and COPYING for more details. + */ + +#include "includes.h" + +#include "common.h" +#include "eap_i.h" +#include "eap_common/chap.h" + + +static void * eap_md5_init(struct eap_sm *sm) +{ + /* No need for private data. However, must return non-NULL to indicate + * success. */ + return (void *) 1; +} + + +static void eap_md5_deinit(struct eap_sm *sm, void *priv) +{ +} + + +static struct wpabuf * eap_md5_process(struct eap_sm *sm, void *priv, + struct eap_method_ret *ret, + const struct wpabuf *reqData) +{ + struct wpabuf *resp; + const u8 *pos, *challenge, *password; + u8 *rpos, id; + size_t len, challenge_len, password_len; + + password = eap_get_config_password(sm, &password_len); + if (password == NULL) { + wpa_printf(MSG_INFO, "EAP-MD5: Password not configured"); + eap_sm_request_password(sm); + ret->ignore = TRUE; + return NULL; + } + + pos = eap_hdr_validate(EAP_VENDOR_IETF, EAP_TYPE_MD5, reqData, &len); + if (pos == NULL || len == 0) { + wpa_printf(MSG_INFO, "EAP-MD5: Invalid frame (pos=%p len=%lu)", + pos, (unsigned long) len); + ret->ignore = TRUE; + return NULL; + } + + /* + * CHAP Challenge: + * Value-Size (1 octet) | Value(Challenge) | Name(optional) + */ + challenge_len = *pos++; + if (challenge_len == 0 || challenge_len > len - 1) { + wpa_printf(MSG_INFO, "EAP-MD5: Invalid challenge " + "(challenge_len=%lu len=%lu)", + (unsigned long) challenge_len, (unsigned long) len); + ret->ignore = TRUE; + return NULL; + } + ret->ignore = FALSE; + challenge = pos; + wpa_hexdump(MSG_MSGDUMP, "EAP-MD5: Challenge", + challenge, challenge_len); + + wpa_printf(MSG_DEBUG, "EAP-MD5: Generating Challenge Response"); + ret->methodState = METHOD_DONE; + ret->decision = DECISION_COND_SUCC; + ret->allowNotifications = TRUE; + + resp = eap_msg_alloc(EAP_VENDOR_IETF, EAP_TYPE_MD5, 1 + CHAP_MD5_LEN, + EAP_CODE_RESPONSE, eap_get_id(reqData)); + if (resp == NULL) + return NULL; + + /* + * CHAP Response: + * Value-Size (1 octet) | Value(Response) | Name(optional) + */ + wpabuf_put_u8(resp, CHAP_MD5_LEN); + + id = eap_get_id(resp); + rpos = wpabuf_put(resp, CHAP_MD5_LEN); + chap_md5(id, password, password_len, challenge, challenge_len, rpos); + wpa_hexdump(MSG_MSGDUMP, "EAP-MD5: Response", rpos, CHAP_MD5_LEN); + + return resp; +} + + +int eap_peer_md5_register(void) +{ + struct eap_method *eap; + int ret; + + eap = eap_peer_method_alloc(EAP_PEER_METHOD_INTERFACE_VERSION, + EAP_VENDOR_IETF, EAP_TYPE_MD5, "MD5"); + if (eap == NULL) + return -1; + + eap->init = eap_md5_init; + eap->deinit = eap_md5_deinit; + eap->process = eap_md5_process; + + ret = eap_peer_method_register(eap); + if (ret) + eap_peer_method_free(eap); + return ret; +}