Home Explore Help
Register Sign In
wareck
/
krackattacks
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

PAE: Make KaY specific details available via control interface

Add KaY details to the STATUS command output.

Signed-off-by: Badrish Adiga H R <badrish.adigahr@hpe.com>
Badrish Adiga H R 8 years ago
parent
bae93012cd
commit
7508c2ad99
3 changed files with 58 additions and 0 deletions
Unified View Show Diff Stats
  1. 49 0
      src/pae/ieee802_1x_kay.c
  2. 3 0
      src/pae/ieee802_1x_kay.h
  3. 6 0
      wpa_supplicant/ctrl_iface.c

+ 49 - 0
src/pae/ieee802_1x_kay.c
View File 

@@ -1641,6 +1641,7 @@ ieee802_1x_mka_decode_dist_sak_body(
 
 	ieee802_1x_cp_signal_newsak(kay->cp);
 
 	ieee802_1x_cp_signal_newsak(kay->cp);
 
 	ieee802_1x_cp_sm_step(kay->cp);
 
 	ieee802_1x_cp_sm_step(kay->cp);
 
 
 
+	kay->rcvd_keys++;
 
 	participant->to_use_sak = TRUE;
 
 	participant->to_use_sak = TRUE;
 
 
 
 	return 0;
 
 	return 0;
 
@@ -3519,3 +3520,51 @@ ieee802_1x_kay_change_cipher_suite(struct ieee802_1x_kay *kay,
 
 
 
 	return 0;
 
 	return 0;
 
 }
 
 }
 
+
 
+
 
+#ifdef CONFIG_CTRL_IFACE
 
+/**
 
+ * ieee802_1x_kay_get_status - Get IEEE 802.1X KaY status details
 
+ * @sm: Pointer to KaY allocated with ieee802_1x_kay_init()
 
+ * @buf: Buffer for status information
 
+ * @buflen: Maximum buffer length
 
+ * @verbose: Whether to include verbose status information
 
+ * Returns: Number of bytes written to buf.
 
+ *
 
+ * Query KAY status information. This function fills in a text area with current
 
+ * status information. If the buffer (buf) is not large enough, status
 
+ * information will be truncated to fit the buffer.
 
+ */
 
+int ieee802_1x_kay_get_status(struct ieee802_1x_kay *kay, char *buf,
 
+			      size_t buflen)
 
+{
 
+	int len;
 
+
 
+	if (!kay)
 
+		return 0;
 
+
 
+	len = os_snprintf(buf, buflen,
 
+			  "PAE KaY status=%s\n"
 
+			  "Authenticated=%s\n"
 
+			  "Secured=%s\n"
 
+			  "Failed=%s\n"
 
+			  "Actor Priority=%u\n"
 
+			  "Key Server Priority=%u\n"
 
+			  "Is Key Server=%s\n"
 
+			  "Number of Keys Distributed=%u\n"
 
+			  "Number of Keys Received=%u\n",
 
+			  kay->active ? "Active" : "Not-Active",
 
+			  kay->authenticated ? "Yes" : "No",
 
+			  kay->secured ? "Yes" : "No",
 
+			  kay->failed ? "Yes" : "No",
 
+			  kay->actor_priority,
 
+			  kay->key_server_priority,
 
+			  kay->is_key_server ? "Yes" : "No",
 
+			  kay->dist_kn - 1,
 
+			  kay->rcvd_keys);
 
+	if (os_snprintf_error(buflen, len))
 
+		return 0;
 
+
 
+	return len;
 
+}
 
+#endif /* CONFIG_CTRL_IFACE */

+ 3 - 0
src/pae/ieee802_1x_kay.h
View File 

@@ -208,6 +208,7 @@ struct ieee802_1x_kay {
 
 	int mka_algindex;  /* MKA alg table index */
 
 	int mka_algindex;  /* MKA alg table index */
 
 
 
 	u32 dist_kn;
 
 	u32 dist_kn;
 
+	u32 rcvd_keys;
 
 	u8 dist_an;
 
 	u8 dist_an;
 
 	time_t dist_time;
 
 	time_t dist_time;
 
 
 
@@ -267,5 +268,7 @@ int ieee802_1x_kay_enable_tx_sas(struct ieee802_1x_kay *kay,
 
 int ieee802_1x_kay_enable_rx_sas(struct ieee802_1x_kay *kay,
 
 int ieee802_1x_kay_enable_rx_sas(struct ieee802_1x_kay *kay,
 
 				 struct ieee802_1x_mka_ki *lki);
 
 				 struct ieee802_1x_mka_ki *lki);
 
 int ieee802_1x_kay_enable_new_info(struct ieee802_1x_kay *kay);
 
 int ieee802_1x_kay_enable_new_info(struct ieee802_1x_kay *kay);
 
+int ieee802_1x_kay_get_status(struct ieee802_1x_kay *kay, char *buf,
 
+			      size_t buflen);
 
 
 
 #endif /* IEEE802_1X_KAY_H */
 
 #endif /* IEEE802_1X_KAY_H */

+ 6 - 0
wpa_supplicant/ctrl_iface.c
View File 

@@ -2050,6 +2050,12 @@ static int wpa_supplicant_ctrl_iface_status(struct wpa_supplicant *wpa_s,
 
 			pos += res;
 
 			pos += res;
 
 	}
 
 	}
 
 
 
+#ifdef CONFIG_MACSEC
 
+	res = ieee802_1x_kay_get_status(wpa_s->kay, pos, end - pos);
 
+	if (res > 0)
 
+		pos += res;
 
+#endif /* CONFIG_MACSEC */
 
+
 
 	sess_id = eapol_sm_get_session_id(wpa_s->eapol, &sess_id_len);
 
 	sess_id = eapol_sm_get_session_id(wpa_s->eapol, &sess_id_len);
 
 	if (sess_id) {
 
 	if (sess_id) {
 
 		char *start = pos;
 
 		char *start = pos;