Add new ctrl_iface event for EAP methods proposed by the server

This makes it easier for external programs to probe EAP server
preferences and potentially automatically detect which method
could be used.

diff --git a/src/common/wpa_ctrl.h b/src/common/wpa_ctrl.h
index d7643e1..6a3bcf7 100644 (file)
--- a/src/common/wpa_ctrl.h
+++ b/src/common/wpa_ctrl.h
@@ -40,6 +40,8 @@ extern "C" {
 #define WPA_EVENT_EAP_NOTIFICATION "CTRL-EVENT-EAP-NOTIFICATION "
 /** EAP authentication started (EAP-Request/Identity received) */
 #define WPA_EVENT_EAP_STARTED "CTRL-EVENT-EAP-STARTED "
+/** EAP method proposed by the server */
+#define WPA_EVENT_EAP_PROPOSED_METHOD "CTRL-EVENT-EAP-PROPOSED-METHOD "
 /** EAP method selected */
 #define WPA_EVENT_EAP_METHOD "CTRL-EVENT-EAP-METHOD "
 /** EAP authentication completed successfully */

diff --git a/src/eap_peer/eap.c b/src/eap_peer/eap.c
index 0630f9a..b337d89 100644 (file)
--- a/src/eap_peer/eap.c
+++ b/src/eap_peer/eap.c
@@ -228,9 +228,15 @@ SM_STATE(EAP, GET_METHOD)
        if (!eap_sm_allowMethod(sm, sm->reqVendor, method)) {
                wpa_printf(MSG_DEBUG, "EAP: vendor %u method %u not allowed",
                           sm->reqVendor, method);
+               wpa_msg(sm->msg_ctx, MSG_INFO, WPA_EVENT_EAP_PROPOSED_METHOD
+                       "vendor=%u method=%u -> NAK",
+                       sm->reqVendor, method);
                goto nak;
        }
 
+       wpa_msg(sm->msg_ctx, MSG_INFO, WPA_EVENT_EAP_PROPOSED_METHOD
+               "vendor=%u method=%u", sm->reqVendor, method);
+
        /*
         * RFC 4137 does not define specific operation for fast
         * re-authentication (session resumption). The design here is to allow