eap__md5_8c_source.html

 /*
  * Copyright (C) 2024 Michael Brown <mbrown@fensystems.co.uk>.
  *
  * This program is free software; you can redistribute it and/or
  * modify it under the terms of the GNU General Public License as
  * published by the Free Software Foundation; either version 2 of the
  * License, or any later version.
  *
  * This program is distributed in the hope that it will be useful, but
  * WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  * General Public License for more details.
  *
  * You should have received a copy of the GNU General Public License
  * along with this program; if not, write to the Free Software
  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
  * 02110-1301, USA.
  *
  * You can also choose to distribute this program under the terms of
  * the Unmodified Binary Distribution Licence (as given in the file
  * COPYING.UBDL), provided that you have satisfied its requirements.
  */

 FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
 FILE_SECBOOT ( PERMITTED );

 #include <stdlib.h>
 #include <string.h>
 #include <errno.h>
 #include <ipxe/md5.h>
 #include <ipxe/chap.h>
 #include <ipxe/eap.h>

 /** @file
  *
  * EAP MD5-Challenge authentication method
  *
  */

 /**
  * Handle EAP MD5-Challenge
  *
  * @v supplicant        EAP supplicant
  * @v req               Request type data
  * @v req_len           Length of request type data
  * @ret rc              Return status code
  */
 static int eap_rx_md5 ( struct eap_supplicant *supplicant,
                         const void *req, size_t req_len ) {
         struct net_device *netdev = supplicant->netdev;
         const struct eap_md5 *md5req = req;
         struct {
                 uint8_t len;
                 uint8_t value[MD5_DIGEST_SIZE];
         } __attribute__ (( packed )) md5rsp;
         struct chap_response chap;
         void *secret;
         int secret_len;
         int rc;

         /* Sanity checks */
         if ( req_len < sizeof ( *md5req ) ) {
                 DBGC ( netdev, "EAP %s underlength MD5-Challenge:\n",
                        netdev->name );
                 DBGC_HDA ( netdev, 0, req, req_len );
                 rc = -EINVAL;
                 goto err_sanity;
         }
         if ( ( req_len - sizeof ( *md5req ) ) < md5req->len ) {
                 DBGC ( netdev, "EAP %s truncated MD5-Challenge:\n",
                        netdev->name );
                 DBGC_HDA ( netdev, 0, req, req_len );
                 rc = -EINVAL;
                 goto err_sanity;
         }

         /* Construct response */
         if ( ( rc = chap_init ( &chap, &md5_algorithm ) ) != 0 ) {
                 DBGC ( netdev, "EAP %s could not initialise CHAP: %s\n",
                        netdev->name, strerror ( rc ) );
                 goto err_chap;
         }
         chap_set_identifier ( &chap, supplicant->id );
         secret_len = fetch_raw_setting_copy ( netdev_settings ( netdev ),
                                               &password_setting, &secret );
         if ( secret_len < 0 ) {
                 rc = secret_len;
                 DBGC ( netdev, "EAP %s has no secret: %s\n",
                        netdev->name, strerror ( rc ) );
                 goto err_secret;
         }
         chap_update ( &chap, secret, secret_len );
         chap_update ( &chap, md5req->value, md5req->len );
         chap_respond ( &chap );
         assert ( chap.response_len == sizeof ( md5rsp.value ) );
         md5rsp.len = sizeof ( md5rsp.value );
         memcpy ( md5rsp.value, chap.response, sizeof ( md5rsp.value ) );

         /* Transmit response */
         if ( ( rc = eap_tx_response ( supplicant, &md5rsp,
                                       sizeof ( md5rsp ) ) ) != 0 )
                 goto err_tx;

  err_tx:
         free ( secret );
  err_secret:
         chap_finish ( &chap );
  err_chap:
  err_sanity:
         return rc;
 }

 /** EAP MD5-Challenge method */
 struct eap_method eap_md5_method __eap_method = {
         .type = EAP_TYPE_MD5,
         .rx = eap_rx_md5,
 };
__attribute__
#define __attribute__(x)
Definition: compiler.h:10

EINVAL
#define EINVAL
Invalid argument.
Definition: errno.h:429

rc
struct arbelprm_rc_send_wqe rc
Definition: arbel.h:14

chap_response
A CHAP response.
Definition: chap.h:19

chap_response::response
uint8_t * response
CHAP response.
Definition: chap.h:25

fetch_raw_setting_copy
int fetch_raw_setting_copy(struct settings *settings, const struct setting *setting, void **data)
Fetch value of setting.
Definition: settings.c:822

errno.h
Error codes.

EAP_TYPE_MD5
#define EAP_TYPE_MD5
EAP MD5 challenge request/response.
Definition: eap.h:54

DBGC
#define DBGC(...)
Definition: compiler.h:505

chap_respond
void chap_respond(struct chap_response *chap)
Respond to the CHAP challenge.
Definition: chap.c:105

eap_md5
EAP MD5 challenge request/response type data.
Definition: eap.h:57

eap_supplicant
An EAP supplicant.
Definition: eap.h:139

eap_rx_md5
static int eap_rx_md5(struct eap_supplicant *supplicant, const void *req, size_t req_len)
Handle EAP MD5-Challenge.
Definition: eap_md5.c:48

__eap_method
struct eap_method eap_md5_method __eap_method
EAP MD5-Challenge method.
Definition: eap_md5.c:114

eap_supplicant::id
uint8_t id
ID for current request/response.
Definition: eap.h:145

netdev_settings
static struct settings * netdev_settings(struct net_device *netdev)
Get per-netdevice configuration settings block.
Definition: netdevice.h:587

eap_method::type
uint8_t type
Type.
Definition: eap.h:180

memcpy
void * memcpy(void *dest, const void *src, size_t len) __nonnull

eap_tx_response
int eap_tx_response(struct eap_supplicant *supplicant, const void *rsp, size_t rsp_len)
Transmit EAP response.
Definition: eap.c:48

assert
assert((readw(&hdr->flags) &(GTF_reading|GTF_writing))==0)

FILE_SECBOOT
FILE_SECBOOT(PERMITTED)

DBGC_HDA
#define DBGC_HDA(...)
Definition: compiler.h:506

chap_init
int chap_init(struct chap_response *chap, struct digest_algorithm *digest)
Initialise CHAP challenge/response.
Definition: chap.c:52

netdev
static struct net_device * netdev
Definition: gdbudp.c:52

eap_md5::len
uint8_t len
Value length.
Definition: eap.h:59

FILE_LICENCE
FILE_LICENCE(GPL2_OR_LATER_OR_UBDL)

strerror
char * strerror(int errno)
Retrieve string representation of error number.
Definition: strerror.c:79

free
static void(* free)(struct refcnt *refcnt))
Definition: refcnt.h:55

chap_finish
void chap_finish(struct chap_response *chap)
Free resources used by a CHAP response.
Definition: chap.c:123

chap.h
CHAP protocol.

net_device
A network device.
Definition: netdevice.h:353

uint8_t
unsigned char uint8_t
Definition: stdint.h:10

chap_response::response_len
size_t response_len
Length of CHAP response.
Definition: chap.h:27

chap_set_identifier
static void chap_set_identifier(struct chap_response *chap, unsigned int identifier)
Add identifier data to the CHAP challenge.
Definition: chap.h:47

net_device::name
char name[NETDEV_NAME_LEN]
Name of this network device.
Definition: netdevice.h:363

eap_md5::value
uint8_t value[0]
Value.
Definition: eap.h:61

MD5_DIGEST_SIZE
#define MD5_DIGEST_SIZE
MD5 digest size.
Definition: md5.h:73

stdlib.h

eap_supplicant::netdev
struct net_device * netdev
Network device.
Definition: eap.h:141

md5.h
MD5 algorithm.

chap_update
void chap_update(struct chap_response *chap, const void *data, size_t len)
Add data to the CHAP challenge.
Definition: chap.c:86

string.h
String functions.

eap.h
Extensible Authentication Protocol.

md5_algorithm
struct digest_algorithm md5_algorithm
MD5 algorithm.
Definition: md5.c:287

eap_method
An EAP method.
Definition: eap.h:178