Browse Source

TNC: Add more debug infor to EAP-TNC server state changes

Jouni Malinen 15 years ago
parent
commit
e4cbe058d6
1 changed files with 60 additions and 26 deletions
  1. 60 26
      src/eap_server/eap_server_tnc.c

+ 60 - 26
src/eap_server/eap_server_tnc.c

@@ -21,8 +21,10 @@
 
 
 struct eap_tnc_data {
-	enum { START, CONTINUE, RECOMMENDATION, FRAG_ACK, WAIT_FRAG_ACK, DONE,
-	       FAIL } state;
+	enum eap_tnc_state {
+		START, CONTINUE, RECOMMENDATION, FRAG_ACK, WAIT_FRAG_ACK, DONE,
+		FAIL
+	} state;
 	enum { ALLOW, ISOLATE, NO_ACCESS, NO_RECOMMENDATION } recommendation;
 	struct tncs_data *tncs;
 	struct wpabuf *in_buf;
@@ -43,6 +45,38 @@ struct eap_tnc_data {
 #define EAP_TNC_VERSION 1
 
 
+static const char * eap_tnc_state_txt(enum eap_tnc_state state)
+{
+	switch (state) {
+	case START:
+		return "START";
+	case CONTINUE:
+		return "CONTINUE";
+	case RECOMMENDATION:
+		return "RECOMMENDATION";
+	case FRAG_ACK:
+		return "FRAG_ACK";
+	case WAIT_FRAG_ACK:
+		return "WAIT_FRAG_ACK";
+	case DONE:
+		return "DONE";
+	case FAIL:
+		return "FAIL";
+	}
+	return "??";
+}
+
+
+static void eap_tnc_set_state(struct eap_tnc_data *data,
+			      enum eap_tnc_state new_state)
+{
+	wpa_printf(MSG_DEBUG, "EAP-TNC: %s -> %s",
+		   eap_tnc_state_txt(data->state),
+		   eap_tnc_state_txt(new_state));
+	data->state = new_state;
+}
+
+
 static void * eap_tnc_init(struct eap_sm *sm)
 {
 	struct eap_tnc_data *data;
@@ -50,7 +84,7 @@ static void * eap_tnc_init(struct eap_sm *sm)
 	data = os_zalloc(sizeof(*data));
 	if (data == NULL)
 		return NULL;
-	data->state = START;
+	eap_tnc_set_state(data, START);
 	data->tncs = tncs_init();
 	if (data->tncs == NULL) {
 		os_free(data);
@@ -83,13 +117,13 @@ static struct wpabuf * eap_tnc_build_start(struct eap_sm *sm,
 	if (req == NULL) {
 		wpa_printf(MSG_ERROR, "EAP-TNC: Failed to allocate memory for "
 			   "request");
-		data->state = FAIL;
+		eap_tnc_set_state(data, FAIL);
 		return NULL;
 	}
 
 	wpabuf_put_u8(req, EAP_TNC_FLAGS_START | EAP_TNC_VERSION);
 
-	data->state = CONTINUE;
+	eap_tnc_set_state(data, CONTINUE);
 
 	return req;
 }
@@ -148,17 +182,17 @@ static struct wpabuf * eap_tnc_build_recommendation(struct eap_sm *sm,
 {
 	switch (data->recommendation) {
 	case ALLOW:
-		data->state = DONE;
+		eap_tnc_set_state(data, DONE);
 		break;
 	case ISOLATE:
-		data->state = FAIL;
+		eap_tnc_set_state(data, FAIL);
 		/* TODO: support assignment to a different VLAN */
 		break;
 	case NO_ACCESS:
-		data->state = FAIL;
+		eap_tnc_set_state(data, FAIL);
 		break;
 	case NO_RECOMMENDATION:
-		data->state = DONE;
+		eap_tnc_set_state(data, DONE);
 		break;
 	default:
 		wpa_printf(MSG_DEBUG, "EAP-TNC: Unknown recommendation");
@@ -230,9 +264,9 @@ static struct wpabuf * eap_tnc_build_msg(struct eap_tnc_data *data, u8 id)
 		data->out_buf = NULL;
 		data->out_used = 0;
 		if (data->was_fail)
-			data->state = FAIL;
+			eap_tnc_set_state(data, FAIL);
 		else if (data->was_done)
-			data->state = DONE;
+			eap_tnc_set_state(data, DONE);
 	} else {
 		wpa_printf(MSG_DEBUG, "EAP-TNC: Sending out %lu bytes "
 			   "(%lu more to send)", (unsigned long) send_len,
@@ -242,7 +276,7 @@ static struct wpabuf * eap_tnc_build_msg(struct eap_tnc_data *data, u8 id)
 			data->was_fail = 1;
 		else if (data->state == DONE)
 			data->was_done = 1;
-		data->state = WAIT_FRAG_ACK;
+		eap_tnc_set_state(data, WAIT_FRAG_ACK);
 	}
 
 	return req;
@@ -338,27 +372,27 @@ static void tncs_process(struct eap_tnc_data *data, struct wpabuf *inbuf)
 	switch (res) {
 	case TNCCS_RECOMMENDATION_ALLOW:
 		wpa_printf(MSG_DEBUG, "EAP-TNC: TNCS allowed access");
-		data->state = RECOMMENDATION;
+		eap_tnc_set_state(data, RECOMMENDATION);
 		data->recommendation = ALLOW;
 		break;
 	case TNCCS_RECOMMENDATION_NO_RECOMMENDATION:
 		wpa_printf(MSG_DEBUG, "EAP-TNC: TNCS has no recommendation");
-		data->state = RECOMMENDATION;
+		eap_tnc_set_state(data, RECOMMENDATION);
 		data->recommendation = NO_RECOMMENDATION;
 		break;
 	case TNCCS_RECOMMENDATION_ISOLATE:
 		wpa_printf(MSG_DEBUG, "EAP-TNC: TNCS requested isolation");
-		data->state = RECOMMENDATION;
+		eap_tnc_set_state(data, RECOMMENDATION);
 		data->recommendation = ISOLATE;
 		break;
 	case TNCCS_RECOMMENDATION_NO_ACCESS:
 		wpa_printf(MSG_DEBUG, "EAP-TNC: TNCS rejected access");
-		data->state = RECOMMENDATION;
+		eap_tnc_set_state(data, RECOMMENDATION);
 		data->recommendation = NO_ACCESS;
 		break;
 	case TNCCS_PROCESS_ERROR:
 		wpa_printf(MSG_DEBUG, "EAP-TNC: TNCS processing error");
-		data->state = FAIL;
+		eap_tnc_set_state(data, FAIL);
 		break;
 	default:
 		break;
@@ -372,7 +406,7 @@ static int eap_tnc_process_cont(struct eap_tnc_data *data,
 	/* Process continuation of a pending message */
 	if (len > wpabuf_tailroom(data->in_buf)) {
 		wpa_printf(MSG_DEBUG, "EAP-TNC: Fragment overflow");
-		data->state = FAIL;
+		eap_tnc_set_state(data, FAIL);
 		return -1;
 	}
 
@@ -446,7 +480,7 @@ static void eap_tnc_process(struct eap_sm *sm, void *priv,
 	if (flags & EAP_TNC_FLAGS_LENGTH_INCLUDED) {
 		if (end - pos < 4) {
 			wpa_printf(MSG_DEBUG, "EAP-TNC: Message underflow");
-			data->state = FAIL;
+			eap_tnc_set_state(data, FAIL);
 			return;
 		}
 		message_length = WPA_GET_BE32(pos);
@@ -456,7 +490,7 @@ static void eap_tnc_process(struct eap_sm *sm, void *priv,
 			wpa_printf(MSG_DEBUG, "EAP-TNC: Invalid Message "
 				   "Length (%d; %ld remaining in this msg)",
 				   message_length, (long) (end - pos));
-			data->state = FAIL;
+			eap_tnc_set_state(data, FAIL);
 			return;
 		}
 	}
@@ -467,29 +501,29 @@ static void eap_tnc_process(struct eap_sm *sm, void *priv,
 		if (len > 1) {
 			wpa_printf(MSG_DEBUG, "EAP-TNC: Unexpected payload "
 				   "in WAIT_FRAG_ACK state");
-			data->state = FAIL;
+			eap_tnc_set_state(data, FAIL);
 			return;
 		}
 		wpa_printf(MSG_DEBUG, "EAP-TNC: Fragment acknowledged");
-		data->state = CONTINUE;
+		eap_tnc_set_state(data, CONTINUE);
 		return;
 	}
 
 	if (data->in_buf && eap_tnc_process_cont(data, pos, end - pos) < 0) {
-		data->state = FAIL;
+		eap_tnc_set_state(data, FAIL);
 		return;
 	}
 		
 	if (flags & EAP_TNC_FLAGS_MORE_FRAGMENTS) {
 		if (eap_tnc_process_fragment(data, flags, message_length,
 					     pos, end - pos) < 0)
-			data->state = FAIL;
+			eap_tnc_set_state(data, FAIL);
 		else
-			data->state = FRAG_ACK;
+			eap_tnc_set_state(data, FRAG_ACK);
 		return;
 	} else if (data->state == FRAG_ACK) {
 		wpa_printf(MSG_DEBUG, "EAP-TNC: All fragments received");
-		data->state = CONTINUE;
+		eap_tnc_set_state(data, CONTINUE);
 	}
 
 	if (data->in_buf == NULL) {