X-Git-Url: http://www.project-moonshot.org/gitweb/?a=blobdiff_plain;f=wpa_supplicant%2Feapol_test.c;h=6548bd17b11f83ccb639bc5be0ce767ea9c52b80;hb=4d7aab78bd11d6ff15f769761221e67b1160e562;hp=65e6742fe2e2e4854b82573a0915cd941c2b9db8;hpb=0f3d578efcff5f29d3b8af13edc3c1a9a3222129;p=mech_eap.git diff --git a/wpa_supplicant/eapol_test.c b/wpa_supplicant/eapol_test.c index 65e6742..6548bd1 100644 --- a/wpa_supplicant/eapol_test.c +++ b/wpa_supplicant/eapol_test.c @@ -1,6 +1,6 @@ /* * WPA Supplicant - test code - * Copyright (c) 2003-2011, Jouni Malinen + * Copyright (c) 2003-2013, Jouni Malinen * * This software may be distributed under the terms of the BSD license. * See README for more details. @@ -13,6 +13,8 @@ #include #include "common.h" +#include "utils/ext_password.h" +#include "common/version.h" #include "config.h" #include "eapol_supp/eapol_supp_sm.h" #include "eap_peer/eap.h" @@ -20,19 +22,16 @@ #include "eloop.h" #include "utils/base64.h" #include "rsn_supp/wpa.h" -#include "eap_peer/eap_i.h" #include "wpa_supplicant_i.h" #include "radius/radius.h" #include "radius/radius_client.h" #include "common/wpa_ctrl.h" #include "ctrl_iface.h" #include "pcsc_funcs.h" +#include "wpas_glue.h" -extern int wpa_debug_level; -extern int wpa_debug_show_keys; - -struct wpa_driver_ops *wpa_drivers[] = { NULL }; +const struct wpa_driver_ops *const wpa_drivers[] = { NULL }; struct extra_radius_attr { @@ -48,6 +47,7 @@ struct eapol_test_data { int eapol_test_num_reauths; int no_mppe_keys; int num_mppe_ok, num_mppe_mismatch; + int req_eap_key_name; u8 radius_identifier; struct radius_msg *last_recv_radius; @@ -55,12 +55,13 @@ struct eapol_test_data { struct radius_client_data *radius; struct hostapd_radius_servers *radius_conf; - u8 *last_eap_radius; /* last received EAP Response from Authentication - * Server */ - size_t last_eap_radius_len; + /* last received EAP Response from Authentication Server */ + struct wpabuf *last_eap_radius; u8 authenticator_pmk[PMK_LEN]; size_t authenticator_pmk_len; + u8 authenticator_eap_key_name[256]; + size_t authenticator_eap_key_name_len; int radius_access_accept_received; int radius_access_reject_received; int auth_timed_out; @@ -73,6 +74,12 @@ struct eapol_test_data { struct extra_radius_attr *extra_attrs; FILE *server_cert_file; + + const char *pcsc_reader; + const char *pcsc_pin; + + unsigned int ctrl_iface:1; + unsigned int id_req_sent:1; }; static struct eapol_test_data eapol_test; @@ -98,7 +105,7 @@ static int add_extra_attr(struct radius_msg *msg, size_t len; char *pos; u32 val; - char buf[128]; + char buf[RADIUS_MAX_ATTR_LEN + 1]; switch (attr->syntax) { case 's': @@ -114,7 +121,7 @@ static int add_extra_attr(struct radius_msg *msg, if (pos[0] == '0' && pos[1] == 'x') pos += 2; len = os_strlen(pos); - if ((len & 1) || (len / 2) > sizeof(buf)) { + if ((len & 1) || (len / 2) > RADIUS_MAX_ATTR_LEN) { printf("Invalid extra attribute hexstring\n"); return -1; } @@ -171,7 +178,7 @@ static void ieee802_1x_encapsulate_radius(struct eapol_test_data *e, const u8 *eap, size_t len) { struct radius_msg *msg; - char buf[128]; + char buf[RADIUS_MAX_ATTR_LEN + 1]; const struct eap_hdr *hdr; const u8 *pos; @@ -186,7 +193,7 @@ static void ieee802_1x_encapsulate_radius(struct eapol_test_data *e, return; } - radius_msg_make_authenticator(msg, (u8 *) e, sizeof(*e)); + radius_msg_make_authenticator(msg); hdr = (const struct eap_hdr *) eap; pos = (const u8 *) (hdr + 1); @@ -211,6 +218,13 @@ static void ieee802_1x_encapsulate_radius(struct eapol_test_data *e, goto fail; } + if (e->req_eap_key_name && + !radius_msg_add_attr(msg, RADIUS_ATTR_EAP_KEY_NAME, (u8 *) "\0", + 1)) { + printf("Could not add EAP-Key-Name\n"); + goto fail; + } + if (!find_extra_attr(e->extra_attrs, RADIUS_ATTR_NAS_IP_ADDRESS) && !radius_msg_add_attr(msg, RADIUS_ATTR_NAS_IP_ADDRESS, (u8 *) &e->own_ip_addr, 4)) { @@ -244,6 +258,13 @@ static void ieee802_1x_encapsulate_radius(struct eapol_test_data *e, goto fail; } + if (!find_extra_attr(e->extra_attrs, RADIUS_ATTR_SERVICE_TYPE) && + !radius_msg_add_attr_int32(msg, RADIUS_ATTR_SERVICE_TYPE, + RADIUS_SERVICE_TYPE_FRAMED)) { + printf("Could not add Service-Type\n"); + goto fail; + } + os_snprintf(buf, sizeof(buf), "%s", e->connect_info); if (!find_extra_attr(e->extra_attrs, RADIUS_ATTR_CONNECT_INFO) && !radius_msg_add_attr(msg, RADIUS_ATTR_CONNECT_INFO, @@ -278,7 +299,9 @@ static void ieee802_1x_encapsulate_radius(struct eapol_test_data *e, } } - radius_client_send(e->radius, msg, RADIUS_AUTH, e->wpa_s->own_addr); + if (radius_client_send(e->radius, msg, RADIUS_AUTH, e->wpa_s->own_addr) + < 0) + goto fail; return; fail: @@ -317,7 +340,11 @@ eapol_test_get_config_blob(void *ctx, const char *name) static void eapol_test_eapol_done_cb(void *ctx) { + struct eapol_test_data *e = ctx; + printf("WPA: EAPOL processing complete\n"); + wpa_supplicant_cancel_auth_timeout(e->wpa_s); + wpa_supplicant_set_state(e->wpa_s, WPA_COMPLETED); } @@ -334,6 +361,8 @@ static int eapol_test_compare_pmk(struct eapol_test_data *e) { u8 pmk[PMK_LEN]; int ret = 1; + const u8 *sess_id; + size_t sess_id_len; if (eapol_sm_get_key(e->wpa_s->eapol, pmk, PMK_LEN) == 0) { wpa_hexdump(MSG_DEBUG, "PMK from EAPOL", pmk, PMK_LEN); @@ -362,14 +391,40 @@ static int eapol_test_compare_pmk(struct eapol_test_data *e) else if (!e->no_mppe_keys) e->num_mppe_ok++; + sess_id = eapol_sm_get_session_id(e->wpa_s->eapol, &sess_id_len); + if (!sess_id) + return ret; + if (e->authenticator_eap_key_name_len == 0) { + wpa_printf(MSG_INFO, "No EAP-Key-Name received from server"); + return ret; + } + + if (e->authenticator_eap_key_name_len != sess_id_len || + os_memcmp(e->authenticator_eap_key_name, sess_id, sess_id_len) != 0) + { + wpa_printf(MSG_INFO, + "Locally derived EAP Session-Id does not match EAP-Key-Name from server"); + wpa_hexdump(MSG_DEBUG, "EAP Session-Id", sess_id, sess_id_len); + wpa_hexdump(MSG_DEBUG, "EAP-Key-Name from server", + e->authenticator_eap_key_name, + e->authenticator_eap_key_name_len); + } else { + wpa_printf(MSG_INFO, + "Locally derived EAP Session-Id matches EAP-Key-Name from server"); + } + return ret; } -static void eapol_sm_cb(struct eapol_sm *eapol, int success, void *ctx) +static void eapol_sm_cb(struct eapol_sm *eapol, enum eapol_supp_result result, + void *ctx) { struct eapol_test_data *e = ctx; - printf("eapol_sm_cb: success=%d\n", success); + printf("eapol_sm_cb: result=%d\n", result); + e->id_req_sent = 0; + if (e->ctrl_iface) + return; e->eapol_test_num_reauths--; if (e->eapol_test_num_reauths < 0) eloop_terminate(); @@ -394,7 +449,56 @@ static void eapol_test_write_cert(FILE *f, const char *subject, } +#if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG) +static void eapol_test_eap_param_needed(void *ctx, enum wpa_ctrl_req_type field, + const char *default_txt) +{ + struct eapol_test_data *e = ctx; + struct wpa_supplicant *wpa_s = e->wpa_s; + struct wpa_ssid *ssid = wpa_s->current_ssid; + const char *field_name, *txt = NULL; + char *buf; + size_t buflen; + int len; + + if (ssid == NULL) + return; + + field_name = wpa_supplicant_ctrl_req_to_string(field, default_txt, + &txt); + if (field_name == NULL) { + wpa_printf(MSG_WARNING, "Unhandled EAP param %d needed", + field); + return; + } + + buflen = 100 + os_strlen(txt) + ssid->ssid_len; + buf = os_malloc(buflen); + if (buf == NULL) + return; + len = os_snprintf(buf, buflen, + WPA_CTRL_REQ "%s-%d:%s needed for SSID ", + field_name, ssid->id, txt); + if (os_snprintf_error(buflen, len)) { + os_free(buf); + return; + } + if (ssid->ssid && buflen > len + ssid->ssid_len) { + os_memcpy(buf + len, ssid->ssid, ssid->ssid_len); + len += ssid->ssid_len; + buf[len] = '\0'; + } + buf[buflen - 1] = '\0'; + wpa_msg(wpa_s, MSG_INFO, "%s", buf); + os_free(buf); +} +#else /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */ +#define eapol_test_eap_param_needed NULL +#endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */ + + static void eapol_test_cert_cb(void *ctx, int depth, const char *subject, + const char *altsubject[], int num_altsubject, const char *cert_hash, const struct wpabuf *cert) { @@ -424,6 +528,54 @@ static void eapol_test_cert_cb(void *ctx, int depth, const char *subject, eapol_test_write_cert(e->server_cert_file, subject, cert); } + + if (altsubject) { + int i; + + for (i = 0; i < num_altsubject; i++) + wpa_msg(e->wpa_s, MSG_INFO, WPA_EVENT_EAP_PEER_ALT + "depth=%d %s", depth, altsubject[i]); + } +} + + +static void eapol_test_set_anon_id(void *ctx, const u8 *id, size_t len) +{ + struct eapol_test_data *e = ctx; + struct wpa_supplicant *wpa_s = e->wpa_s; + char *str; + int res; + + wpa_hexdump_ascii(MSG_DEBUG, "EAP method updated anonymous_identity", + id, len); + + if (wpa_s->current_ssid == NULL) + return; + + if (id == NULL) { + if (wpa_config_set(wpa_s->current_ssid, "anonymous_identity", + "NULL", 0) < 0) + return; + } else { + str = os_malloc(len * 2 + 1); + if (str == NULL) + return; + wpa_snprintf_hex(str, len * 2 + 1, id, len); + res = wpa_config_set(wpa_s->current_ssid, "anonymous_identity", + str, 0); + os_free(str); + if (res < 0) + return; + } +} + + +static enum wpa_states eapol_test_get_state(void *ctx) +{ + struct eapol_test_data *e = ctx; + struct wpa_supplicant *wpa_s = e->wpa_s; + + return wpa_s->wpa_state; } @@ -432,6 +584,7 @@ static int test_eapol(struct eapol_test_data *e, struct wpa_supplicant *wpa_s, { struct eapol_config eapol_conf; struct eapol_ctx *ctx; + struct wpa_sm_ctx *wctx; ctx = os_zalloc(sizeof(*ctx)); if (ctx == NULL) { @@ -452,8 +605,11 @@ static int test_eapol(struct eapol_test_data *e, struct wpa_supplicant *wpa_s, ctx->opensc_engine_path = wpa_s->conf->opensc_engine_path; ctx->pkcs11_engine_path = wpa_s->conf->pkcs11_engine_path; ctx->pkcs11_module_path = wpa_s->conf->pkcs11_module_path; + ctx->openssl_ciphers = wpa_s->conf->openssl_ciphers; + ctx->eap_param_needed = eapol_test_eap_param_needed; ctx->cert_cb = eapol_test_cert_cb; ctx->cert_in_cb = 1; + ctx->set_anon_id = eapol_test_set_anon_id; wpa_s->eapol = eapol_sm_init(ctx); if (wpa_s->eapol == NULL) { @@ -462,12 +618,32 @@ static int test_eapol(struct eapol_test_data *e, struct wpa_supplicant *wpa_s, return -1; } + wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA; + wctx = os_zalloc(sizeof(*wctx)); + if (wctx == NULL) { + os_free(ctx); + return -1; + } + wctx->ctx = e; + wctx->msg_ctx = wpa_s; + wctx->get_state = eapol_test_get_state; + wpa_s->wpa = wpa_sm_init(wctx); + if (!wpa_s->wpa) { + os_free(ctx); + os_free(wctx); + return -1; + } + + if (!ssid) + return 0; + wpa_s->current_ssid = ssid; os_memset(&eapol_conf, 0, sizeof(eapol_conf)); eapol_conf.accept_802_1x_keys = 1; eapol_conf.required_keys = 0; eapol_conf.fast_reauth = wpa_s->conf->fast_reauth; eapol_conf.workaround = ssid->eap_workaround; + eapol_conf.external_sim = wpa_s->conf->external_sim; eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf); eapol_sm_register_scard_ctx(wpa_s->eapol, wpa_s->scard); @@ -485,8 +661,10 @@ static void test_eapol_clean(struct eapol_test_data *e, { struct extra_radius_attr *p, *prev; + wpa_sm_deinit(wpa_s->wpa); + wpa_s->wpa = NULL; radius_client_deinit(e->radius); - os_free(e->last_eap_radius); + wpabuf_free(e->last_eap_radius); radius_msg_free(e->last_recv_radius); e->last_recv_radius = NULL; os_free(e->eap_identity); @@ -504,6 +682,10 @@ static void test_eapol_clean(struct eapol_test_data *e, wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface); wpa_s->ctrl_iface = NULL; } + + ext_password_deinit(wpa_s->ext_pw); + wpa_s->ext_pw = NULL; + wpa_config_free(wpa_s->conf); p = e->extra_attrs; @@ -572,9 +754,8 @@ static char *eap_type_text(u8 type) static void ieee802_1x_decapsulate_radius(struct eapol_test_data *e) { - u8 *eap; - size_t len; - struct eap_hdr *hdr; + struct wpabuf *eap; + const struct eap_hdr *hdr; int eap_type = -1; char buf[64]; struct radius_msg *msg; @@ -584,30 +765,29 @@ static void ieee802_1x_decapsulate_radius(struct eapol_test_data *e) msg = e->last_recv_radius; - eap = radius_msg_get_eap(msg, &len); + eap = radius_msg_get_eap(msg); if (eap == NULL) { /* draft-aboba-radius-rfc2869bis-20.txt, Chap. 2.6.3: * RADIUS server SHOULD NOT send Access-Reject/no EAP-Message * attribute */ wpa_printf(MSG_DEBUG, "could not extract " "EAP-Message from RADIUS message"); - os_free(e->last_eap_radius); + wpabuf_free(e->last_eap_radius); e->last_eap_radius = NULL; - e->last_eap_radius_len = 0; return; } - if (len < sizeof(*hdr)) { + if (wpabuf_len(eap) < sizeof(*hdr)) { wpa_printf(MSG_DEBUG, "too short EAP packet " "received from authentication server"); - os_free(eap); + wpabuf_free(eap); return; } - if (len > sizeof(*hdr)) - eap_type = eap[sizeof(*hdr)]; + if (wpabuf_len(eap) > sizeof(*hdr)) + eap_type = (wpabuf_head_u8(eap))[sizeof(*hdr)]; - hdr = (struct eap_hdr *) eap; + hdr = wpabuf_head(eap); switch (hdr->code) { case EAP_CODE_REQUEST: os_snprintf(buf, sizeof(buf), "EAP-Request-%s (%d)", @@ -626,11 +806,13 @@ static void ieee802_1x_decapsulate_radius(struct eapol_test_data *e) break; case EAP_CODE_FAILURE: os_strlcpy(buf, "EAP Failure", sizeof(buf)); + if (e->ctrl_iface) + break; eloop_terminate(); break; default: os_strlcpy(buf, "unknown EAP code", sizeof(buf)); - wpa_hexdump(MSG_DEBUG, "Decapsulated EAP packet", eap, len); + wpa_hexdump_buf(MSG_DEBUG, "Decapsulated EAP packet", eap); break; } wpa_printf(MSG_DEBUG, "decapsulated EAP packet (code=%d " @@ -639,20 +821,21 @@ static void ieee802_1x_decapsulate_radius(struct eapol_test_data *e) /* sta->eapol_sm->be_auth.idFromServer = hdr->identifier; */ - os_free(e->last_eap_radius); + wpabuf_free(e->last_eap_radius); e->last_eap_radius = eap; - e->last_eap_radius_len = len; { struct ieee802_1x_hdr *dot1x; - dot1x = os_malloc(sizeof(*dot1x) + len); + dot1x = os_malloc(sizeof(*dot1x) + wpabuf_len(eap)); assert(dot1x != NULL); dot1x->version = EAPOL_VERSION; dot1x->type = IEEE802_1X_TYPE_EAP_PACKET; - dot1x->length = htons(len); - os_memcpy((u8 *) (dot1x + 1), eap, len); + dot1x->length = htons(wpabuf_len(eap)); + os_memcpy((u8 *) (dot1x + 1), wpabuf_head(eap), + wpabuf_len(eap)); eapol_sm_rx_eapol(e->wpa_s->eapol, e->wpa_s->bssid, - (u8 *) dot1x, sizeof(*dot1x) + len); + (u8 *) dot1x, + sizeof(*dot1x) + wpabuf_len(eap)); os_free(dot1x); } } @@ -664,6 +847,8 @@ static void ieee802_1x_get_keys(struct eapol_test_data *e, size_t shared_secret_len) { struct radius_ms_mppe_keys *keys; + u8 *buf; + size_t len; keys = radius_msg_get_ms_keys(msg, req, shared_secret, shared_secret_len); @@ -702,6 +887,14 @@ static void ieee802_1x_get_keys(struct eapol_test_data *e, os_free(keys->recv); os_free(keys); } + + if (radius_msg_get_attr_ptr(msg, RADIUS_ATTR_EAP_KEY_NAME, &buf, &len, + NULL) == 0) { + os_memcpy(e->authenticator_eap_key_name, buf, len); + e->authenticator_eap_key_name_len = len; + } else { + e->authenticator_eap_key_name_len = 0; + } } @@ -759,25 +952,66 @@ ieee802_1x_receive_auth(struct radius_msg *msg, struct radius_msg *req, if ((hdr->code == RADIUS_CODE_ACCESS_ACCEPT && e->eapol_test_num_reauths < 0) || hdr->code == RADIUS_CODE_ACCESS_REJECT) { - eloop_terminate(); + if (!e->ctrl_iface) + eloop_terminate(); } return RADIUS_RX_QUEUED; } +static int driver_get_ssid(void *priv, u8 *ssid) +{ + ssid[0] = 0; + return 0; +} + + +static int driver_get_bssid(void *priv, u8 *bssid) +{ + struct eapol_test_data *e = priv; + + if (e->ctrl_iface && !e->id_req_sent) { + eloop_register_timeout(0, 0, send_eap_request_identity, + e->wpa_s, NULL); + e->id_req_sent = 1; + } + + os_memset(bssid, 0, ETH_ALEN); + bssid[5] = 1; + return 0; +} + + +static int driver_get_capa(void *priv, struct wpa_driver_capa *capa) +{ + os_memset(capa, 0, sizeof(*capa)); + capa->flags = WPA_DRIVER_FLAGS_WIRED; + return 0; +} + + +struct wpa_driver_ops eapol_test_drv_ops = { + .name = "test", + .get_ssid = driver_get_ssid, + .get_bssid = driver_get_bssid, + .get_capa = driver_get_capa, +}; + static void wpa_init_conf(struct eapol_test_data *e, struct wpa_supplicant *wpa_s, const char *authsrv, int port, const char *secret, - const char *cli_addr) + const char *cli_addr, const char *ifname) { struct hostapd_radius_server *as; int res; + wpa_s->driver = &eapol_test_drv_ops; + wpa_s->drv_priv = e; wpa_s->bssid[5] = 1; os_memcpy(wpa_s->own_addr, e->own_addr, ETH_ALEN); e->own_ip_addr.s_addr = htonl((127 << 24) | 1); - os_strlcpy(wpa_s->ifname, "test", sizeof(wpa_s->ifname)); + os_strlcpy(wpa_s->ifname, ifname, sizeof(wpa_s->ifname)); e->radius_conf = os_zalloc(sizeof(struct hostapd_radius_servers)); assert(e->radius_conf != NULL); @@ -796,9 +1030,12 @@ static void wpa_init_conf(struct eapol_test_data *e, *pos++ = a[3]; } #else /* CONFIG_NATIVE_WINDOWS or CONFIG_ANSI_C_EXTRA */ - inet_aton(authsrv, &as->addr.u.v4); + if (hostapd_parse_ip_addr(authsrv, &as->addr) < 0) { + wpa_printf(MSG_ERROR, "Invalid IP address '%s'", + authsrv); + assert(0); + } #endif /* CONFIG_NATIVE_WINDOWS or CONFIG_ANSI_C_EXTRA */ - as->addr.af = AF_INET; as->port = port; as->shared_secret = (u8 *) os_strdup(secret); as->shared_secret_len = os_strlen(secret); @@ -825,7 +1062,7 @@ static void wpa_init_conf(struct eapol_test_data *e, } -static int scard_test(void) +static int scard_test(struct eapol_test_data *e) { struct scard_data *scard; size_t len; @@ -856,10 +1093,10 @@ static int scard_test(void) unsigned char aka_ik[IK_LEN]; unsigned char aka_ck[CK_LEN]; - scard = scard_init(SCARD_TRY_BOTH); + scard = scard_init(e->pcsc_reader); if (scard == NULL) return -1; - if (scard_set_pin(scard, "1234")) { + if (scard_set_pin(scard, e->pcsc_pin)) { wpa_printf(MSG_WARNING, "PIN validation failed"); scard_deinit(scard); return -1; @@ -934,7 +1171,7 @@ failed: } -static int scard_get_triplets(int argc, char *argv[]) +static int scard_get_triplets(struct eapol_test_data *e, int argc, char *argv[]) { struct scard_data *scard; size_t len; @@ -956,7 +1193,7 @@ static int scard_get_triplets(int argc, char *argv[]) wpa_debug_level = 99; } - scard = scard_init(SCARD_GSM_SIM_ONLY); + scard = scard_init(e->pcsc_reader); if (scard == NULL) { printf("Failed to open smartcard connection\n"); return -1; @@ -1010,12 +1247,13 @@ static void eapol_test_terminate(int sig, void *signal_ctx) static void usage(void) { printf("usage:\n" - "eapol_test [-nWS] -c [-a] [-p] " + "eapol_test [-enWSv] -c [-a] [-p] " "[-s]\\\n" " [-r] [-t] [-C] \\\n" " [-M] [-o] \\\n" - " [-A]\n" + " [-N] [-R] " + "[-P] \\\n" + " [-A] [-i] [-T]\n" "eapol_test scard\n" "eapol_test sim [debug]\n" "\n"); @@ -1030,9 +1268,11 @@ static void usage(void) " -A = IP address of the client, default: select " "automatically\n" " -r = number of re-authentications\n" + " -e = Request EAP-Key-Name\n" " -W = wait for a control interface monitor before starting\n" " -S = save configuration after authentication\n" " -n = no MPPE keys expected\n" + " -v = show version\n" " -t = sets timeout in seconds (default: 30 s)\n" " -C = RADIUS Connect-Info (default: " "CONNECT 11Mbps 802.11b)\n" @@ -1058,6 +1298,7 @@ static void usage(void) int main(int argc, char *argv[]) { + struct wpa_global global; struct wpa_supplicant wpa_s; int c, ret = 1, wait_for_monitor = 0, save_config = 0; char *as_addr = "127.0.0.1"; @@ -1068,6 +1309,8 @@ int main(int argc, char *argv[]) int timeout = 30; char *pos; struct extra_radius_attr *p = NULL, *p1; + const char *ifname = "test"; + const char *ctrl_iface = NULL; if (os_program_init()) return -1; @@ -1077,12 +1320,13 @@ int main(int argc, char *argv[]) os_memset(&eapol_test, 0, sizeof(eapol_test)); eapol_test.connect_info = "CONNECT 11Mbps 802.11b"; os_memcpy(eapol_test.own_addr, "\x02\x00\x00\x00\x00\x01", ETH_ALEN); + eapol_test.pcsc_pin = "1234"; wpa_debug_level = 0; wpa_debug_show_keys = 1; for (;;) { - c = getopt(argc, argv, "a:A:c:C:M:nN:o:p:r:s:St:W"); + c = getopt(argc, argv, "a:A:c:C:ei:M:nN:o:p:P:r:R:s:St:T:vW"); if (c < 0) break; switch (c) { @@ -1098,6 +1342,12 @@ int main(int argc, char *argv[]) case 'C': eapol_test.connect_info = optarg; break; + case 'e': + eapol_test.req_eap_key_name = 1; + break; + case 'i': + ifname = optarg; + break; case 'M': if (hwaddr_aton(optarg, eapol_test.own_addr)) { usage(); @@ -1120,9 +1370,15 @@ int main(int argc, char *argv[]) case 'p': as_port = atoi(optarg); break; + case 'P': + eapol_test.pcsc_pin = optarg; + break; case 'r': eapol_test.eapol_test_num_reauths = atoi(optarg); break; + case 'R': + eapol_test.pcsc_reader = optarg; + break; case 's': as_secret = optarg; break; @@ -1132,11 +1388,18 @@ int main(int argc, char *argv[]) case 't': timeout = atoi(optarg); break; + case 'T': + ctrl_iface = optarg; + eapol_test.ctrl_iface = 1; + break; + case 'v': + printf("eapol_test v" VERSION_STR "\n"); + return 0; case 'W': wait_for_monitor++; break; case 'N': - p1 = os_zalloc(sizeof(p1)); + p1 = os_zalloc(sizeof(*p1)); if (p1 == NULL) break; if (!p) @@ -1170,15 +1433,15 @@ int main(int argc, char *argv[]) } if (argc > optind && os_strcmp(argv[optind], "scard") == 0) { - return scard_test(); + return scard_test(&eapol_test); } if (argc > optind && os_strcmp(argv[optind], "sim") == 0) { - return scard_get_triplets(argc - optind - 1, + return scard_get_triplets(&eapol_test, argc - optind - 1, &argv[optind + 1]); } - if (conf == NULL) { + if (conf == NULL && !ctrl_iface) { usage(); printf("Configuration file is required.\n"); return -1; @@ -1194,20 +1457,32 @@ int main(int argc, char *argv[]) return -1; } + os_memset(&global, 0, sizeof(global)); os_memset(&wpa_s, 0, sizeof(wpa_s)); + wpa_s.global = &global; eapol_test.wpa_s = &wpa_s; - wpa_s.conf = wpa_config_read(conf); + dl_list_init(&wpa_s.bss); + dl_list_init(&wpa_s.bss_id); + if (conf) + wpa_s.conf = wpa_config_read(conf, NULL); + else + wpa_s.conf = wpa_config_alloc_empty(ctrl_iface, NULL); if (wpa_s.conf == NULL) { printf("Failed to parse configuration file '%s'.\n", conf); return -1; } - if (wpa_s.conf->ssid == NULL) { + if (!ctrl_iface && wpa_s.conf->ssid == NULL) { printf("No networks defined.\n"); return -1; } + if (eapol_test.pcsc_reader) { + os_free(wpa_s.conf->pcsc_reader); + wpa_s.conf->pcsc_reader = os_strdup(eapol_test.pcsc_reader); + } + wpa_init_conf(&eapol_test, &wpa_s, as_addr, as_port, as_secret, - cli_addr); + cli_addr, ifname); wpa_s.ctrl_iface = wpa_supplicant_ctrl_iface_init(&wpa_s); if (wpa_s.ctrl_iface == NULL) { printf("Failed to initialize control interface '%s'.\n" @@ -1220,18 +1495,25 @@ int main(int argc, char *argv[]) wpa_s.conf->ctrl_interface); return -1; } - if (wpa_supplicant_scard_init(&wpa_s, wpa_s.conf->ssid)) + if (wpa_s.conf->ssid && + wpa_supplicant_scard_init(&wpa_s, wpa_s.conf->ssid)) return -1; if (test_eapol(&eapol_test, &wpa_s, wpa_s.conf->ssid)) return -1; + if (wpas_init_ext_pw(&wpa_s) < 0) + return -1; + if (wait_for_monitor) wpa_supplicant_ctrl_iface_wait(wpa_s.ctrl_iface); - eloop_register_timeout(timeout, 0, eapol_test_timeout, &eapol_test, - NULL); - eloop_register_timeout(0, 0, send_eap_request_identity, &wpa_s, NULL); + if (!ctrl_iface) { + eloop_register_timeout(timeout, 0, eapol_test_timeout, + &eapol_test, NULL); + eloop_register_timeout(0, 0, send_eap_request_identity, &wpa_s, + NULL); + } eloop_register_signal_terminate(eapol_test_terminate, &wpa_s); eloop_register_signal_reconfig(eapol_test_terminate, &wpa_s); eloop_run();