Add MSK dump mechanism into hostapd RADIUS server for testing

Testing code can now be enabled in the hostapd RADIUS server to dump
each derived MSK into a text file (e.g., to be used as an input to
wlantest). This functionality is not included in the default build
and can be enabled by adding the following line to hostapd/.config:
CFLAGS += -DCONFIG_RADIUS_TEST

The MSK dump file is specified with dump_msk_file parameter in
hostapd.conf (path to the dump file). If this variable is not set,
MSK dump mechanism is not enabled at run time.

Signed-hostap: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen 2011-12-09 00:15:04 +02:00
parent 219fd441fd
commit 505a36941e
6 changed files with 52 additions and 2 deletions

View file

@ -2155,6 +2155,11 @@ struct hostapd_config * hostapd_config_read(const char *fname)
if (parse_roaming_consortium(bss, pos, line) < 0)
errors++;
#endif /* CONFIG_INTERWORKING */
#ifdef CONFIG_RADIUS_TEST
} else if (os_strcmp(buf, "dump_msk_file") == 0) {
os_free(bss->dump_msk_file);
bss->dump_msk_file = os_strdup(pos);
#endif /* CONFIG_RADIUS_TEST */
} else {
wpa_printf(MSG_ERROR, "Line %d: unknown configuration "
"item '%s'", line, buf);

View file

@ -471,6 +471,10 @@ static void hostapd_config_free_bss(struct hostapd_bss_config *conf)
#endif /* CONFIG_WPS */
os_free(conf->roaming_consortium);
#ifdef CONFIG_RADIUS_TEST
os_free(conf->dump_msk_file);
#endif /* CONFIG_RADIUS_TEST */
}

View file

@ -362,6 +362,10 @@ struct hostapd_bss_config {
struct hostapd_roaming_consortium *roaming_consortium;
u8 wps_rf_bands; /* RF bands for WPS (WPS_RF_*) */
#ifdef CONFIG_RADIUS_TEST
char *dump_msk_file;
#endif /* CONFIG_RADIUS_TEST */
};

View file

@ -117,6 +117,9 @@ static int hostapd_setup_radius_srv(struct hostapd_data *hapd)
srv.eap_req_id_text = conf->eap_req_id_text;
srv.eap_req_id_text_len = conf->eap_req_id_text_len;
srv.pwd_group = conf->pwd_group;
#ifdef CONFIG_RADIUS_TEST
srv.dump_msk_file = conf->dump_msk_file;
#endif /* CONFIG_RADIUS_TEST */
hapd->radius_srv = radius_server_init(&srv);
if (hapd->radius_srv == NULL) {

View file

@ -1,6 +1,6 @@
/*
* RADIUS authentication server
* Copyright (c) 2005-2009, Jouni Malinen <j@w1.fi>
* Copyright (c) 2005-2009, 2011, Jouni Malinen <j@w1.fi>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License version 2 as
@ -292,6 +292,10 @@ struct radius_server_data {
* msg_ctx - Context data for wpa_msg() calls
*/
void *msg_ctx;
#ifdef CONFIG_RADIUS_TEST
char *dump_msk_file;
#endif /* CONFIG_RADIUS_TEST */
};
@ -574,6 +578,24 @@ radius_server_encapsulate_eap(struct radius_server_data *data,
if (code == RADIUS_CODE_ACCESS_ACCEPT && sess->eap_if->eapKeyData) {
int len;
#ifdef CONFIG_RADIUS_TEST
if (data->dump_msk_file) {
FILE *f;
char buf[2 * 64 + 1];
f = fopen(data->dump_msk_file, "a");
if (f) {
len = sess->eap_if->eapKeyDataLen;
if (len > 64)
len = 64;
len = wpa_snprintf_hex(
buf, sizeof(buf),
sess->eap_if->eapKeyData, len);
buf[len] = '\0';
fprintf(f, "%s\n", buf);
fclose(f);
}
}
#endif /* CONFIG_RADIUS_TEST */
if (sess->eap_if->eapKeyDataLen > 64) {
len = 32;
} else {
@ -1277,6 +1299,11 @@ radius_server_init(struct radius_server_conf *conf)
}
}
#ifdef CONFIG_RADIUS_TEST
if (conf->dump_msk_file)
data->dump_msk_file = os_strdup(conf->dump_msk_file);
#endif /* CONFIG_RADIUS_TEST */
data->clients = radius_server_read_clients(conf->client_file,
conf->ipv6);
if (data->clients == NULL) {
@ -1328,6 +1355,9 @@ void radius_server_deinit(struct radius_server_data *data)
os_free(data->eap_fast_a_id);
os_free(data->eap_fast_a_id_info);
os_free(data->eap_req_id_text);
#ifdef CONFIG_RADIUS_TEST
os_free(data->dump_msk_file);
#endif /* CONFIG_RADIUS_TEST */
os_free(data);
}

View file

@ -1,6 +1,6 @@
/*
* RADIUS authentication server
* Copyright (c) 2005-2009, Jouni Malinen <j@w1.fi>
* Copyright (c) 2005-2009, 2011, Jouni Malinen <j@w1.fi>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License version 2 as
@ -201,6 +201,10 @@ struct radius_server_conf {
* msg_ctx - Context data for wpa_msg() calls
*/
void *msg_ctx;
#ifdef CONFIG_RADIUS_TEST
const char *dump_msk_file;
#endif /* CONFIG_RADIUS_TEST */
};