summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 219fd44)
raw | patch | inline | side by side (parent: 219fd44)
author | Jouni Malinen <j@w1.fi> | |
Thu, 8 Dec 2011 22:15:04 +0000 (00:15 +0200) | ||
committer | Jouni Malinen <j@w1.fi> | |
Thu, 8 Dec 2011 22:15:04 +0000 (00:15 +0200) |
Testing code can now be enabled in the hostapd RADIUS server to dump
each derived MSK into a text file (e.g., to be used as an input to
wlantest). This functionality is not included in the default build
and can be enabled by adding the following line to hostapd/.config:
CFLAGS += -DCONFIG_RADIUS_TEST
The MSK dump file is specified with dump_msk_file parameter in
hostapd.conf (path to the dump file). If this variable is not set,
MSK dump mechanism is not enabled at run time.
Signed-hostap: Jouni Malinen <j@w1.fi>
each derived MSK into a text file (e.g., to be used as an input to
wlantest). This functionality is not included in the default build
and can be enabled by adding the following line to hostapd/.config:
CFLAGS += -DCONFIG_RADIUS_TEST
The MSK dump file is specified with dump_msk_file parameter in
hostapd.conf (path to the dump file). If this variable is not set,
MSK dump mechanism is not enabled at run time.
Signed-hostap: Jouni Malinen <j@w1.fi>
diff --git a/hostapd/config_file.c b/hostapd/config_file.c
index 5eb7b499234fbd21a08ea8dfc9ad72d84b3b17cb..9d39b481b508c8082ace4ee88fd964e38561f9a9 100644 (file)
--- a/hostapd/config_file.c
+++ b/hostapd/config_file.c
if (parse_roaming_consortium(bss, pos, line) < 0)
errors++;
#endif /* CONFIG_INTERWORKING */
+#ifdef CONFIG_RADIUS_TEST
+ } else if (os_strcmp(buf, "dump_msk_file") == 0) {
+ os_free(bss->dump_msk_file);
+ bss->dump_msk_file = os_strdup(pos);
+#endif /* CONFIG_RADIUS_TEST */
} else {
wpa_printf(MSG_ERROR, "Line %d: unknown configuration "
"item '%s'", line, buf);
diff --git a/src/ap/ap_config.c b/src/ap/ap_config.c
index cfb6b2d195d701001497b24e9a7d6bcb5a683e02..b24cd907be53d4c1560ed0a8ef410b44ad67cdd2 100644 (file)
--- a/src/ap/ap_config.c
+++ b/src/ap/ap_config.c
#endif /* CONFIG_WPS */
os_free(conf->roaming_consortium);
+
+#ifdef CONFIG_RADIUS_TEST
+ os_free(conf->dump_msk_file);
+#endif /* CONFIG_RADIUS_TEST */
}
diff --git a/src/ap/ap_config.h b/src/ap/ap_config.h
index 2b201df7e1cd53ac79c8cd456366a54cff4cfb35..637c9292d9b8fea1715fa4c5e70b06f8342e24cf 100644 (file)
--- a/src/ap/ap_config.h
+++ b/src/ap/ap_config.h
struct hostapd_roaming_consortium *roaming_consortium;
u8 wps_rf_bands; /* RF bands for WPS (WPS_RF_*) */
+
+#ifdef CONFIG_RADIUS_TEST
+ char *dump_msk_file;
+#endif /* CONFIG_RADIUS_TEST */
};
diff --git a/src/ap/authsrv.c b/src/ap/authsrv.c
index f0001c0944a4238683148d86125f099e2b08f404..6f56c95a6393c42663de42d31fcf8a19f43296da 100644 (file)
--- a/src/ap/authsrv.c
+++ b/src/ap/authsrv.c
srv.eap_req_id_text = conf->eap_req_id_text;
srv.eap_req_id_text_len = conf->eap_req_id_text_len;
srv.pwd_group = conf->pwd_group;
+#ifdef CONFIG_RADIUS_TEST
+ srv.dump_msk_file = conf->dump_msk_file;
+#endif /* CONFIG_RADIUS_TEST */
hapd->radius_srv = radius_server_init(&srv);
if (hapd->radius_srv == NULL) {
index 6f1c3a50be8730adfc44f0efbc143951a60d87a6..47948bc4b93724d40a86359c31a6c7bc882f9454 100644 (file)
/*
* RADIUS authentication server
- * Copyright (c) 2005-2009, Jouni Malinen <j@w1.fi>
+ * Copyright (c) 2005-2009, 2011, Jouni Malinen <j@w1.fi>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License version 2 as
* msg_ctx - Context data for wpa_msg() calls
*/
void *msg_ctx;
+
+#ifdef CONFIG_RADIUS_TEST
+ char *dump_msk_file;
+#endif /* CONFIG_RADIUS_TEST */
};
if (code == RADIUS_CODE_ACCESS_ACCEPT && sess->eap_if->eapKeyData) {
int len;
+#ifdef CONFIG_RADIUS_TEST
+ if (data->dump_msk_file) {
+ FILE *f;
+ char buf[2 * 64 + 1];
+ f = fopen(data->dump_msk_file, "a");
+ if (f) {
+ len = sess->eap_if->eapKeyDataLen;
+ if (len > 64)
+ len = 64;
+ len = wpa_snprintf_hex(
+ buf, sizeof(buf),
+ sess->eap_if->eapKeyData, len);
+ buf[len] = '\0';
+ fprintf(f, "%s\n", buf);
+ fclose(f);
+ }
+ }
+#endif /* CONFIG_RADIUS_TEST */
if (sess->eap_if->eapKeyDataLen > 64) {
len = 32;
} else {
}
}
+#ifdef CONFIG_RADIUS_TEST
+ if (conf->dump_msk_file)
+ data->dump_msk_file = os_strdup(conf->dump_msk_file);
+#endif /* CONFIG_RADIUS_TEST */
+
data->clients = radius_server_read_clients(conf->client_file,
conf->ipv6);
if (data->clients == NULL) {
os_free(data->eap_fast_a_id);
os_free(data->eap_fast_a_id_info);
os_free(data->eap_req_id_text);
+#ifdef CONFIG_RADIUS_TEST
+ os_free(data->dump_msk_file);
+#endif /* CONFIG_RADIUS_TEST */
os_free(data);
}
index 126e31446af8e3045eda3208b19b8d80ac4c61de..8d6e2ab60d00c04051e18fcb7e666fba8d42ca9b 100644 (file)
/*
* RADIUS authentication server
- * Copyright (c) 2005-2009, Jouni Malinen <j@w1.fi>
+ * Copyright (c) 2005-2009, 2011, Jouni Malinen <j@w1.fi>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License version 2 as
* msg_ctx - Context data for wpa_msg() calls
*/
void *msg_ctx;
+
+#ifdef CONFIG_RADIUS_TEST
+ const char *dump_msk_file;
+#endif /* CONFIG_RADIUS_TEST */
};