MACsec: Convert Boolean to C99 bool
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This commit is contained in:
parent
db81d81451
commit
5e5eb5a312
13 changed files with 427 additions and 428 deletions
|
@ -52,7 +52,7 @@ static int hapd_macsec_get_capability(void *priv, enum macsec_cap *cap)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
static int hapd_enable_protect_frames(void *priv, Boolean enabled)
|
static int hapd_enable_protect_frames(void *priv, bool enabled)
|
||||||
{
|
{
|
||||||
struct hostapd_data *hapd = priv;
|
struct hostapd_data *hapd = priv;
|
||||||
|
|
||||||
|
@ -62,7 +62,7 @@ static int hapd_enable_protect_frames(void *priv, Boolean enabled)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
static int hapd_enable_encrypt(void *priv, Boolean enabled)
|
static int hapd_enable_encrypt(void *priv, bool enabled)
|
||||||
{
|
{
|
||||||
struct hostapd_data *hapd = priv;
|
struct hostapd_data *hapd = priv;
|
||||||
|
|
||||||
|
@ -72,7 +72,7 @@ static int hapd_enable_encrypt(void *priv, Boolean enabled)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
static int hapd_set_replay_protect(void *priv, Boolean enabled, u32 window)
|
static int hapd_set_replay_protect(void *priv, bool enabled, u32 window)
|
||||||
{
|
{
|
||||||
struct hostapd_data *hapd = priv;
|
struct hostapd_data *hapd = priv;
|
||||||
|
|
||||||
|
@ -93,7 +93,7 @@ static int hapd_set_current_cipher_suite(void *priv, u64 cs)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
static int hapd_enable_controlled_port(void *priv, Boolean enabled)
|
static int hapd_enable_controlled_port(void *priv, bool enabled)
|
||||||
{
|
{
|
||||||
struct hostapd_data *hapd = priv;
|
struct hostapd_data *hapd = priv;
|
||||||
|
|
||||||
|
@ -465,7 +465,7 @@ void * ieee802_1x_notify_create_actor_hapd(struct hostapd_data *hapd,
|
||||||
wpa_hexdump(MSG_DEBUG, "Derived CKN", ckn->name, ckn->len);
|
wpa_hexdump(MSG_DEBUG, "Derived CKN", ckn->name, ckn->len);
|
||||||
|
|
||||||
res = ieee802_1x_kay_create_mka(hapd->kay, ckn, cak, 0, EAP_EXCHANGE,
|
res = ieee802_1x_kay_create_mka(hapd->kay, ckn, cak, 0, EAP_EXCHANGE,
|
||||||
TRUE);
|
true);
|
||||||
|
|
||||||
fail:
|
fail:
|
||||||
bin_clear_free(msk, sizeof(*msk));
|
bin_clear_free(msk, sizeof(*msk));
|
||||||
|
@ -507,7 +507,7 @@ void * ieee802_1x_create_preshared_mka_hapd(struct hostapd_data *hapd,
|
||||||
ckn->len = hapd->conf->mka_ckn_len;;
|
ckn->len = hapd->conf->mka_ckn_len;;
|
||||||
os_memcpy(ckn->name, hapd->conf->mka_ckn, ckn->len);
|
os_memcpy(ckn->name, hapd->conf->mka_ckn, ckn->len);
|
||||||
|
|
||||||
res = ieee802_1x_kay_create_mka(hapd->kay, ckn, cak, 0, PSK, TRUE);
|
res = ieee802_1x_kay_create_mka(hapd->kay, ckn, cak, 0, PSK, true);
|
||||||
if (res)
|
if (res)
|
||||||
goto free_cak;
|
goto free_cak;
|
||||||
|
|
||||||
|
|
|
@ -2306,9 +2306,9 @@ struct wmm_params {
|
||||||
|
|
||||||
#ifdef CONFIG_MACSEC
|
#ifdef CONFIG_MACSEC
|
||||||
struct macsec_init_params {
|
struct macsec_init_params {
|
||||||
Boolean always_include_sci;
|
bool always_include_sci;
|
||||||
Boolean use_es;
|
bool use_es;
|
||||||
Boolean use_scb;
|
bool use_scb;
|
||||||
};
|
};
|
||||||
#endif /* CONFIG_MACSEC */
|
#endif /* CONFIG_MACSEC */
|
||||||
|
|
||||||
|
@ -4003,30 +4003,30 @@ struct wpa_driver_ops {
|
||||||
/**
|
/**
|
||||||
* enable_protect_frames - Set protect frames status
|
* enable_protect_frames - Set protect frames status
|
||||||
* @priv: Private driver interface data
|
* @priv: Private driver interface data
|
||||||
* @enabled: TRUE = protect frames enabled
|
* @enabled: true = protect frames enabled
|
||||||
* FALSE = protect frames disabled
|
* false = protect frames disabled
|
||||||
* Returns: 0 on success, -1 on failure (or if not supported)
|
* Returns: 0 on success, -1 on failure (or if not supported)
|
||||||
*/
|
*/
|
||||||
int (*enable_protect_frames)(void *priv, Boolean enabled);
|
int (*enable_protect_frames)(void *priv, bool enabled);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* enable_encrypt - Set encryption status
|
* enable_encrypt - Set encryption status
|
||||||
* @priv: Private driver interface data
|
* @priv: Private driver interface data
|
||||||
* @enabled: TRUE = encrypt outgoing traffic
|
* @enabled: true = encrypt outgoing traffic
|
||||||
* FALSE = integrity-only protection on outgoing traffic
|
* false = integrity-only protection on outgoing traffic
|
||||||
* Returns: 0 on success, -1 on failure (or if not supported)
|
* Returns: 0 on success, -1 on failure (or if not supported)
|
||||||
*/
|
*/
|
||||||
int (*enable_encrypt)(void *priv, Boolean enabled);
|
int (*enable_encrypt)(void *priv, bool enabled);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* set_replay_protect - Set replay protect status and window size
|
* set_replay_protect - Set replay protect status and window size
|
||||||
* @priv: Private driver interface data
|
* @priv: Private driver interface data
|
||||||
* @enabled: TRUE = replay protect enabled
|
* @enabled: true = replay protect enabled
|
||||||
* FALSE = replay protect disabled
|
* false = replay protect disabled
|
||||||
* @window: replay window size, valid only when replay protect enabled
|
* @window: replay window size, valid only when replay protect enabled
|
||||||
* Returns: 0 on success, -1 on failure (or if not supported)
|
* Returns: 0 on success, -1 on failure (or if not supported)
|
||||||
*/
|
*/
|
||||||
int (*set_replay_protect)(void *priv, Boolean enabled, u32 window);
|
int (*set_replay_protect)(void *priv, bool enabled, u32 window);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* set_current_cipher_suite - Set current cipher suite
|
* set_current_cipher_suite - Set current cipher suite
|
||||||
|
@ -4039,11 +4039,11 @@ struct wpa_driver_ops {
|
||||||
/**
|
/**
|
||||||
* enable_controlled_port - Set controlled port status
|
* enable_controlled_port - Set controlled port status
|
||||||
* @priv: Private driver interface data
|
* @priv: Private driver interface data
|
||||||
* @enabled: TRUE = controlled port enabled
|
* @enabled: true = controlled port enabled
|
||||||
* FALSE = controlled port disabled
|
* false = controlled port disabled
|
||||||
* Returns: 0 on success, -1 on failure (or if not supported)
|
* Returns: 0 on success, -1 on failure (or if not supported)
|
||||||
*/
|
*/
|
||||||
int (*enable_controlled_port)(void *priv, Boolean enabled);
|
int (*enable_controlled_port)(void *priv, bool enabled);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* get_receive_lowest_pn - Get receive lowest pn
|
* get_receive_lowest_pn - Get receive lowest pn
|
||||||
|
|
|
@ -59,24 +59,24 @@ struct macsec_drv_data {
|
||||||
int parent_ifi;
|
int parent_ifi;
|
||||||
int use_pae_group_addr;
|
int use_pae_group_addr;
|
||||||
|
|
||||||
Boolean created_link;
|
bool created_link;
|
||||||
|
|
||||||
Boolean controlled_port_enabled;
|
bool controlled_port_enabled;
|
||||||
Boolean controlled_port_enabled_set;
|
bool controlled_port_enabled_set;
|
||||||
|
|
||||||
Boolean protect_frames;
|
bool protect_frames;
|
||||||
Boolean protect_frames_set;
|
bool protect_frames_set;
|
||||||
|
|
||||||
Boolean encrypt;
|
bool encrypt;
|
||||||
Boolean encrypt_set;
|
bool encrypt_set;
|
||||||
|
|
||||||
Boolean replay_protect;
|
bool replay_protect;
|
||||||
Boolean replay_protect_set;
|
bool replay_protect_set;
|
||||||
|
|
||||||
u32 replay_window;
|
u32 replay_window;
|
||||||
|
|
||||||
u8 encoding_sa;
|
u8 encoding_sa;
|
||||||
Boolean encoding_sa_set;
|
bool encoding_sa_set;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
||||||
|
@ -197,7 +197,7 @@ static int try_commit(struct macsec_drv_data *drv)
|
||||||
|
|
||||||
rtnl_link_put(change);
|
rtnl_link_put(change);
|
||||||
|
|
||||||
drv->controlled_port_enabled_set = FALSE;
|
drv->controlled_port_enabled_set = false;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (drv->protect_frames_set) {
|
if (drv->protect_frames_set) {
|
||||||
|
@ -236,9 +236,9 @@ static int try_commit(struct macsec_drv_data *drv)
|
||||||
if (err < 0)
|
if (err < 0)
|
||||||
return err;
|
return err;
|
||||||
|
|
||||||
drv->protect_frames_set = FALSE;
|
drv->protect_frames_set = false;
|
||||||
drv->encrypt_set = FALSE;
|
drv->encrypt_set = false;
|
||||||
drv->replay_protect_set = FALSE;
|
drv->replay_protect_set = false;
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
@ -390,17 +390,17 @@ static int macsec_drv_get_capability(void *priv, enum macsec_cap *cap)
|
||||||
/**
|
/**
|
||||||
* macsec_drv_enable_protect_frames - Set protect frames status
|
* macsec_drv_enable_protect_frames - Set protect frames status
|
||||||
* @priv: Private driver interface data
|
* @priv: Private driver interface data
|
||||||
* @enabled: TRUE = protect frames enabled
|
* @enabled: true = protect frames enabled
|
||||||
* FALSE = protect frames disabled
|
* false = protect frames disabled
|
||||||
* Returns: 0 on success, -1 on failure (or if not supported)
|
* Returns: 0 on success, -1 on failure (or if not supported)
|
||||||
*/
|
*/
|
||||||
static int macsec_drv_enable_protect_frames(void *priv, Boolean enabled)
|
static int macsec_drv_enable_protect_frames(void *priv, bool enabled)
|
||||||
{
|
{
|
||||||
struct macsec_drv_data *drv = priv;
|
struct macsec_drv_data *drv = priv;
|
||||||
|
|
||||||
wpa_printf(MSG_DEBUG, "%s -> %s", __func__, enabled ? "TRUE" : "FALSE");
|
wpa_printf(MSG_DEBUG, "%s -> %s", __func__, enabled ? "TRUE" : "FALSE");
|
||||||
|
|
||||||
drv->protect_frames_set = TRUE;
|
drv->protect_frames_set = true;
|
||||||
drv->protect_frames = enabled;
|
drv->protect_frames = enabled;
|
||||||
|
|
||||||
return try_commit(drv);
|
return try_commit(drv);
|
||||||
|
@ -410,17 +410,17 @@ static int macsec_drv_enable_protect_frames(void *priv, Boolean enabled)
|
||||||
/**
|
/**
|
||||||
* macsec_drv_enable_encrypt - Set protect frames status
|
* macsec_drv_enable_encrypt - Set protect frames status
|
||||||
* @priv: Private driver interface data
|
* @priv: Private driver interface data
|
||||||
* @enabled: TRUE = protect frames enabled
|
* @enabled: true = protect frames enabled
|
||||||
* FALSE = protect frames disabled
|
* false = protect frames disabled
|
||||||
* Returns: 0 on success, -1 on failure (or if not supported)
|
* Returns: 0 on success, -1 on failure (or if not supported)
|
||||||
*/
|
*/
|
||||||
static int macsec_drv_enable_encrypt(void *priv, Boolean enabled)
|
static int macsec_drv_enable_encrypt(void *priv, bool enabled)
|
||||||
{
|
{
|
||||||
struct macsec_drv_data *drv = priv;
|
struct macsec_drv_data *drv = priv;
|
||||||
|
|
||||||
wpa_printf(MSG_DEBUG, "%s -> %s", __func__, enabled ? "TRUE" : "FALSE");
|
wpa_printf(MSG_DEBUG, "%s -> %s", __func__, enabled ? "TRUE" : "FALSE");
|
||||||
|
|
||||||
drv->encrypt_set = TRUE;
|
drv->encrypt_set = true;
|
||||||
drv->encrypt = enabled;
|
drv->encrypt = enabled;
|
||||||
|
|
||||||
return try_commit(drv);
|
return try_commit(drv);
|
||||||
|
@ -430,12 +430,12 @@ static int macsec_drv_enable_encrypt(void *priv, Boolean enabled)
|
||||||
/**
|
/**
|
||||||
* macsec_drv_set_replay_protect - Set replay protect status and window size
|
* macsec_drv_set_replay_protect - Set replay protect status and window size
|
||||||
* @priv: Private driver interface data
|
* @priv: Private driver interface data
|
||||||
* @enabled: TRUE = replay protect enabled
|
* @enabled: true = replay protect enabled
|
||||||
* FALSE = replay protect disabled
|
* false = replay protect disabled
|
||||||
* @window: replay window size, valid only when replay protect enabled
|
* @window: replay window size, valid only when replay protect enabled
|
||||||
* Returns: 0 on success, -1 on failure (or if not supported)
|
* Returns: 0 on success, -1 on failure (or if not supported)
|
||||||
*/
|
*/
|
||||||
static int macsec_drv_set_replay_protect(void *priv, Boolean enabled,
|
static int macsec_drv_set_replay_protect(void *priv, bool enabled,
|
||||||
u32 window)
|
u32 window)
|
||||||
{
|
{
|
||||||
struct macsec_drv_data *drv = priv;
|
struct macsec_drv_data *drv = priv;
|
||||||
|
@ -443,7 +443,7 @@ static int macsec_drv_set_replay_protect(void *priv, Boolean enabled,
|
||||||
wpa_printf(MSG_DEBUG, "%s -> %s, %u", __func__,
|
wpa_printf(MSG_DEBUG, "%s -> %s, %u", __func__,
|
||||||
enabled ? "TRUE" : "FALSE", window);
|
enabled ? "TRUE" : "FALSE", window);
|
||||||
|
|
||||||
drv->replay_protect_set = TRUE;
|
drv->replay_protect_set = true;
|
||||||
drv->replay_protect = enabled;
|
drv->replay_protect = enabled;
|
||||||
if (enabled)
|
if (enabled)
|
||||||
drv->replay_window = window;
|
drv->replay_window = window;
|
||||||
|
@ -468,18 +468,18 @@ static int macsec_drv_set_current_cipher_suite(void *priv, u64 cs)
|
||||||
/**
|
/**
|
||||||
* macsec_drv_enable_controlled_port - Set controlled port status
|
* macsec_drv_enable_controlled_port - Set controlled port status
|
||||||
* @priv: Private driver interface data
|
* @priv: Private driver interface data
|
||||||
* @enabled: TRUE = controlled port enabled
|
* @enabled: true = controlled port enabled
|
||||||
* FALSE = controlled port disabled
|
* false = controlled port disabled
|
||||||
* Returns: 0 on success, -1 on failure (or if not supported)
|
* Returns: 0 on success, -1 on failure (or if not supported)
|
||||||
*/
|
*/
|
||||||
static int macsec_drv_enable_controlled_port(void *priv, Boolean enabled)
|
static int macsec_drv_enable_controlled_port(void *priv, bool enabled)
|
||||||
{
|
{
|
||||||
struct macsec_drv_data *drv = priv;
|
struct macsec_drv_data *drv = priv;
|
||||||
|
|
||||||
wpa_printf(MSG_DEBUG, "%s -> %s", __func__, enabled ? "TRUE" : "FALSE");
|
wpa_printf(MSG_DEBUG, "%s -> %s", __func__, enabled ? "TRUE" : "FALSE");
|
||||||
|
|
||||||
drv->controlled_port_enabled = enabled;
|
drv->controlled_port_enabled = enabled;
|
||||||
drv->controlled_port_enabled_set = TRUE;
|
drv->controlled_port_enabled_set = true;
|
||||||
|
|
||||||
return try_commit(drv);
|
return try_commit(drv);
|
||||||
}
|
}
|
||||||
|
@ -986,7 +986,7 @@ nla_put_failure:
|
||||||
|
|
||||||
|
|
||||||
static int set_active_rx_sa(const struct macsec_genl_ctx *ctx, int ifindex,
|
static int set_active_rx_sa(const struct macsec_genl_ctx *ctx, int ifindex,
|
||||||
u64 sci, unsigned char an, Boolean state)
|
u64 sci, unsigned char an, bool state)
|
||||||
{
|
{
|
||||||
struct nl_msg *msg;
|
struct nl_msg *msg;
|
||||||
struct nlattr *nest;
|
struct nlattr *nest;
|
||||||
|
@ -1036,7 +1036,7 @@ static int macsec_drv_enable_receive_sa(void *priv, struct receive_sa *sa)
|
||||||
SCI2STR(sa->sc->sci.addr, sa->sc->sci.port));
|
SCI2STR(sa->sc->sci.addr, sa->sc->sci.port));
|
||||||
|
|
||||||
return set_active_rx_sa(ctx, drv->ifi, mka_sci_u64(&sa->sc->sci),
|
return set_active_rx_sa(ctx, drv->ifi, mka_sci_u64(&sa->sc->sci),
|
||||||
sa->an, TRUE);
|
sa->an, true);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@ -1056,7 +1056,7 @@ static int macsec_drv_disable_receive_sa(void *priv, struct receive_sa *sa)
|
||||||
SCI2STR(sa->sc->sci.addr, sa->sc->sci.port));
|
SCI2STR(sa->sc->sci.addr, sa->sc->sci.port));
|
||||||
|
|
||||||
return set_active_rx_sa(ctx, drv->ifi, mka_sci_u64(&sa->sc->sci),
|
return set_active_rx_sa(ctx, drv->ifi, mka_sci_u64(&sa->sc->sci),
|
||||||
sa->an, FALSE);
|
sa->an, false);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@ -1117,13 +1117,13 @@ static int macsec_drv_create_transmit_sc(
|
||||||
sci = mka_sci_u64(&sc->sci);
|
sci = mka_sci_u64(&sc->sci);
|
||||||
rtnl_link_macsec_set_sci(link, sci);
|
rtnl_link_macsec_set_sci(link, sci);
|
||||||
|
|
||||||
drv->created_link = TRUE;
|
drv->created_link = true;
|
||||||
|
|
||||||
err = rtnl_link_add(drv->sk, link, NLM_F_CREATE);
|
err = rtnl_link_add(drv->sk, link, NLM_F_CREATE);
|
||||||
if (err == -NLE_BUSY) {
|
if (err == -NLE_BUSY) {
|
||||||
wpa_printf(MSG_INFO,
|
wpa_printf(MSG_INFO,
|
||||||
DRV_PREFIX "link already exists, using it");
|
DRV_PREFIX "link already exists, using it");
|
||||||
drv->created_link = FALSE;
|
drv->created_link = false;
|
||||||
} else if (err < 0) {
|
} else if (err < 0) {
|
||||||
rtnl_link_put(link);
|
rtnl_link_put(link);
|
||||||
wpa_printf(MSG_ERROR, DRV_PREFIX "couldn't create link: err %d",
|
wpa_printf(MSG_ERROR, DRV_PREFIX "couldn't create link: err %d",
|
||||||
|
@ -1296,7 +1296,7 @@ nla_put_failure:
|
||||||
|
|
||||||
|
|
||||||
static int set_active_tx_sa(const struct macsec_genl_ctx *ctx, int ifindex,
|
static int set_active_tx_sa(const struct macsec_genl_ctx *ctx, int ifindex,
|
||||||
unsigned char an, Boolean state)
|
unsigned char an, bool state)
|
||||||
{
|
{
|
||||||
struct nl_msg *msg;
|
struct nl_msg *msg;
|
||||||
struct nlattr *nest;
|
struct nlattr *nest;
|
||||||
|
@ -1344,13 +1344,13 @@ static int macsec_drv_enable_transmit_sa(void *priv, struct transmit_sa *sa)
|
||||||
SCISTR, drv->ifname, sa->an,
|
SCISTR, drv->ifname, sa->an,
|
||||||
SCI2STR(sa->sc->sci.addr, sa->sc->sci.port));
|
SCI2STR(sa->sc->sci.addr, sa->sc->sci.port));
|
||||||
|
|
||||||
ret = set_active_tx_sa(ctx, drv->ifi, sa->an, TRUE);
|
ret = set_active_tx_sa(ctx, drv->ifi, sa->an, true);
|
||||||
if (ret < 0) {
|
if (ret < 0) {
|
||||||
wpa_printf(MSG_ERROR, DRV_PREFIX "failed to enable txsa");
|
wpa_printf(MSG_ERROR, DRV_PREFIX "failed to enable txsa");
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
drv->encoding_sa_set = TRUE;
|
drv->encoding_sa_set = true;
|
||||||
drv->encoding_sa = sa->an;
|
drv->encoding_sa = sa->an;
|
||||||
|
|
||||||
return try_commit(drv);
|
return try_commit(drv);
|
||||||
|
@ -1372,7 +1372,7 @@ static int macsec_drv_disable_transmit_sa(void *priv, struct transmit_sa *sa)
|
||||||
SCISTR, drv->ifname, sa->an,
|
SCISTR, drv->ifname, sa->an,
|
||||||
SCI2STR(sa->sc->sci.addr, sa->sc->sci.port));
|
SCI2STR(sa->sc->sci.addr, sa->sc->sci.port));
|
||||||
|
|
||||||
return set_active_tx_sa(ctx, drv->ifi, sa->an, FALSE);
|
return set_active_tx_sa(ctx, drv->ifi, sa->an, false);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -70,11 +70,11 @@ struct macsec_qca_data {
|
||||||
u32 secy_id;
|
u32 secy_id;
|
||||||
|
|
||||||
/* shadow */
|
/* shadow */
|
||||||
Boolean always_include_sci;
|
bool always_include_sci;
|
||||||
Boolean use_es;
|
bool use_es;
|
||||||
Boolean use_scb;
|
bool use_scb;
|
||||||
Boolean protect_frames;
|
bool protect_frames;
|
||||||
Boolean replay_protect;
|
bool replay_protect;
|
||||||
u32 replay_window;
|
u32 replay_window;
|
||||||
|
|
||||||
struct channel_map receive_channel_map[MAXSC];
|
struct channel_map receive_channel_map[MAXSC];
|
||||||
|
@ -91,7 +91,7 @@ static void __macsec_drv_init(struct macsec_qca_data *drv)
|
||||||
wpa_printf(MSG_INFO, "%s: secy_id=%d", __func__, drv->secy_id);
|
wpa_printf(MSG_INFO, "%s: secy_id=%d", __func__, drv->secy_id);
|
||||||
|
|
||||||
/* Enable Secy and Let EAPoL bypass */
|
/* Enable Secy and Let EAPoL bypass */
|
||||||
ret = nss_macsec_secy_en_set(drv->secy_id, TRUE);
|
ret = nss_macsec_secy_en_set(drv->secy_id, true);
|
||||||
if (ret)
|
if (ret)
|
||||||
wpa_printf(MSG_ERROR, "nss_macsec_secy_en_set: FAIL");
|
wpa_printf(MSG_ERROR, "nss_macsec_secy_en_set: FAIL");
|
||||||
|
|
||||||
|
@ -123,7 +123,7 @@ static void __macsec_drv_init(struct macsec_qca_data *drv)
|
||||||
|
|
||||||
static void __macsec_drv_deinit(struct macsec_qca_data *drv)
|
static void __macsec_drv_deinit(struct macsec_qca_data *drv)
|
||||||
{
|
{
|
||||||
nss_macsec_secy_en_set(drv->secy_id, FALSE);
|
nss_macsec_secy_en_set(drv->secy_id, false);
|
||||||
nss_macsec_secy_rx_sc_del_all(drv->secy_id);
|
nss_macsec_secy_rx_sc_del_all(drv->secy_id);
|
||||||
nss_macsec_secy_tx_sc_del_all(drv->secy_id);
|
nss_macsec_secy_tx_sc_del_all(drv->secy_id);
|
||||||
}
|
}
|
||||||
|
@ -422,7 +422,7 @@ static int macsec_qca_get_capability(void *priv, enum macsec_cap *cap)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
static int macsec_qca_enable_protect_frames(void *priv, Boolean enabled)
|
static int macsec_qca_enable_protect_frames(void *priv, bool enabled)
|
||||||
{
|
{
|
||||||
struct macsec_qca_data *drv = priv;
|
struct macsec_qca_data *drv = priv;
|
||||||
int ret = 0;
|
int ret = 0;
|
||||||
|
@ -435,7 +435,7 @@ static int macsec_qca_enable_protect_frames(void *priv, Boolean enabled)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
static int macsec_qca_set_replay_protect(void *priv, Boolean enabled,
|
static int macsec_qca_set_replay_protect(void *priv, bool enabled,
|
||||||
unsigned int window)
|
unsigned int window)
|
||||||
{
|
{
|
||||||
struct macsec_qca_data *drv = priv;
|
struct macsec_qca_data *drv = priv;
|
||||||
|
@ -480,7 +480,7 @@ static int macsec_qca_set_current_cipher_suite(void *priv, u64 cs)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
static int macsec_qca_enable_controlled_port(void *priv, Boolean enabled)
|
static int macsec_qca_enable_controlled_port(void *priv, bool enabled)
|
||||||
{
|
{
|
||||||
struct macsec_qca_data *drv = priv;
|
struct macsec_qca_data *drv = priv;
|
||||||
int ret = 0;
|
int ret = 0;
|
||||||
|
@ -560,7 +560,7 @@ static int macsec_qca_get_receive_lowest_pn(void *priv, struct receive_sa *sa)
|
||||||
struct macsec_qca_data *drv = priv;
|
struct macsec_qca_data *drv = priv;
|
||||||
int ret = 0;
|
int ret = 0;
|
||||||
u32 next_pn = 0;
|
u32 next_pn = 0;
|
||||||
bool enabled = FALSE;
|
bool enabled = false;
|
||||||
u32 win;
|
u32 win;
|
||||||
u32 channel;
|
u32 channel;
|
||||||
|
|
||||||
|
@ -629,7 +629,7 @@ static int macsec_qca_get_available_receive_sc(void *priv, u32 *channel)
|
||||||
struct macsec_qca_data *drv = priv;
|
struct macsec_qca_data *drv = priv;
|
||||||
int ret = 0;
|
int ret = 0;
|
||||||
u32 sc_ch = 0;
|
u32 sc_ch = 0;
|
||||||
bool in_use = FALSE;
|
bool in_use = false;
|
||||||
|
|
||||||
for (sc_ch = 0; sc_ch < MAXSC; sc_ch++) {
|
for (sc_ch = 0; sc_ch < MAXSC; sc_ch++) {
|
||||||
ret = nss_macsec_secy_rx_sc_in_used_get(drv->secy_id, sc_ch,
|
ret = nss_macsec_secy_rx_sc_in_used_get(drv->secy_id, sc_ch,
|
||||||
|
@ -794,7 +794,7 @@ static int macsec_qca_enable_receive_sa(void *priv, struct receive_sa *sa)
|
||||||
sa->an);
|
sa->an);
|
||||||
|
|
||||||
ret += nss_macsec_secy_rx_sa_en_set(drv->secy_id, channel, sa->an,
|
ret += nss_macsec_secy_rx_sa_en_set(drv->secy_id, channel, sa->an,
|
||||||
TRUE);
|
true);
|
||||||
|
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
@ -814,7 +814,7 @@ static int macsec_qca_disable_receive_sa(void *priv, struct receive_sa *sa)
|
||||||
sa->an);
|
sa->an);
|
||||||
|
|
||||||
ret += nss_macsec_secy_rx_sa_en_set(drv->secy_id, channel, sa->an,
|
ret += nss_macsec_secy_rx_sa_en_set(drv->secy_id, channel, sa->an,
|
||||||
FALSE);
|
false);
|
||||||
|
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
@ -824,7 +824,7 @@ static int macsec_qca_get_available_transmit_sc(void *priv, u32 *channel)
|
||||||
{
|
{
|
||||||
struct macsec_qca_data *drv = priv;
|
struct macsec_qca_data *drv = priv;
|
||||||
u32 sc_ch = 0;
|
u32 sc_ch = 0;
|
||||||
bool in_use = FALSE;
|
bool in_use = false;
|
||||||
|
|
||||||
for (sc_ch = 0; sc_ch < MAXSC; sc_ch++) {
|
for (sc_ch = 0; sc_ch < MAXSC; sc_ch++) {
|
||||||
if (nss_macsec_secy_tx_sc_in_used_get(drv->secy_id, sc_ch,
|
if (nss_macsec_secy_tx_sc_in_used_get(drv->secy_id, sc_ch,
|
||||||
|
@ -988,7 +988,7 @@ static int macsec_qca_enable_transmit_sa(void *priv, struct transmit_sa *sa)
|
||||||
sa->an);
|
sa->an);
|
||||||
|
|
||||||
ret += nss_macsec_secy_tx_sa_en_set(drv->secy_id, channel, sa->an,
|
ret += nss_macsec_secy_tx_sa_en_set(drv->secy_id, channel, sa->an,
|
||||||
TRUE);
|
true);
|
||||||
|
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
@ -1008,7 +1008,7 @@ static int macsec_qca_disable_transmit_sa(void *priv, struct transmit_sa *sa)
|
||||||
sa->an);
|
sa->an);
|
||||||
|
|
||||||
ret += nss_macsec_secy_tx_sa_en_set(drv->secy_id, channel, sa->an,
|
ret += nss_macsec_secy_tx_sa_en_set(drv->secy_id, channel, sa->an,
|
||||||
FALSE);
|
false);
|
||||||
|
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
|
@ -31,50 +31,50 @@ struct ieee802_1x_cp_sm {
|
||||||
CP_SECURED, CP_RECEIVE, CP_RECEIVING, CP_READY, CP_TRANSMIT,
|
CP_SECURED, CP_RECEIVE, CP_RECEIVING, CP_READY, CP_TRANSMIT,
|
||||||
CP_TRANSMITTING, CP_ABANDON, CP_RETIRE
|
CP_TRANSMITTING, CP_ABANDON, CP_RETIRE
|
||||||
} CP_state;
|
} CP_state;
|
||||||
Boolean changed;
|
bool changed;
|
||||||
|
|
||||||
/* CP -> Client */
|
/* CP -> Client */
|
||||||
Boolean port_valid;
|
bool port_valid;
|
||||||
|
|
||||||
/* Logon -> CP */
|
/* Logon -> CP */
|
||||||
enum connect_type connect;
|
enum connect_type connect;
|
||||||
|
|
||||||
/* KaY -> CP */
|
/* KaY -> CP */
|
||||||
Boolean chgd_server; /* clear by CP */
|
bool chgd_server; /* clear by CP */
|
||||||
Boolean elected_self;
|
bool elected_self;
|
||||||
enum confidentiality_offset cipher_offset;
|
enum confidentiality_offset cipher_offset;
|
||||||
u64 cipher_suite;
|
u64 cipher_suite;
|
||||||
Boolean new_sak; /* clear by CP */
|
bool new_sak; /* clear by CP */
|
||||||
struct ieee802_1x_mka_ki distributed_ki;
|
struct ieee802_1x_mka_ki distributed_ki;
|
||||||
u8 distributed_an;
|
u8 distributed_an;
|
||||||
Boolean using_receive_sas;
|
bool using_receive_sas;
|
||||||
Boolean all_receiving;
|
bool all_receiving;
|
||||||
Boolean server_transmitting;
|
bool server_transmitting;
|
||||||
Boolean using_transmit_sa;
|
bool using_transmit_sa;
|
||||||
|
|
||||||
/* CP -> KaY */
|
/* CP -> KaY */
|
||||||
struct ieee802_1x_mka_ki *lki;
|
struct ieee802_1x_mka_ki *lki;
|
||||||
u8 lan;
|
u8 lan;
|
||||||
Boolean ltx;
|
bool ltx;
|
||||||
Boolean lrx;
|
bool lrx;
|
||||||
struct ieee802_1x_mka_ki *oki;
|
struct ieee802_1x_mka_ki *oki;
|
||||||
u8 oan;
|
u8 oan;
|
||||||
Boolean otx;
|
bool otx;
|
||||||
Boolean orx;
|
bool orx;
|
||||||
|
|
||||||
/* CP -> SecY */
|
/* CP -> SecY */
|
||||||
Boolean protect_frames;
|
bool protect_frames;
|
||||||
enum validate_frames validate_frames;
|
enum validate_frames validate_frames;
|
||||||
|
|
||||||
Boolean replay_protect;
|
bool replay_protect;
|
||||||
u32 replay_window;
|
u32 replay_window;
|
||||||
|
|
||||||
u64 current_cipher_suite;
|
u64 current_cipher_suite;
|
||||||
enum confidentiality_offset confidentiality_offset;
|
enum confidentiality_offset confidentiality_offset;
|
||||||
Boolean controlled_port_enabled;
|
bool controlled_port_enabled;
|
||||||
|
|
||||||
/* SecY -> CP */
|
/* SecY -> CP */
|
||||||
Boolean port_enabled; /* SecY->CP */
|
bool port_enabled; /* SecY->CP */
|
||||||
|
|
||||||
/* private */
|
/* private */
|
||||||
u32 transmit_when;
|
u32 transmit_when;
|
||||||
|
@ -109,23 +109,23 @@ SM_STATE(CP, INIT)
|
||||||
{
|
{
|
||||||
SM_ENTRY(CP, INIT);
|
SM_ENTRY(CP, INIT);
|
||||||
|
|
||||||
sm->controlled_port_enabled = FALSE;
|
sm->controlled_port_enabled = false;
|
||||||
secy_cp_control_enable_port(sm->kay, sm->controlled_port_enabled);
|
secy_cp_control_enable_port(sm->kay, sm->controlled_port_enabled);
|
||||||
|
|
||||||
sm->port_valid = FALSE;
|
sm->port_valid = false;
|
||||||
|
|
||||||
os_free(sm->lki);
|
os_free(sm->lki);
|
||||||
sm->lki = NULL;
|
sm->lki = NULL;
|
||||||
sm->ltx = FALSE;
|
sm->ltx = false;
|
||||||
sm->lrx = FALSE;
|
sm->lrx = false;
|
||||||
|
|
||||||
os_free(sm->oki);
|
os_free(sm->oki);
|
||||||
sm->oki = NULL;
|
sm->oki = NULL;
|
||||||
sm->otx = FALSE;
|
sm->otx = false;
|
||||||
sm->orx = FALSE;
|
sm->orx = false;
|
||||||
|
|
||||||
sm->port_enabled = TRUE;
|
sm->port_enabled = true;
|
||||||
sm->chgd_server = FALSE;
|
sm->chgd_server = false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@ -133,8 +133,8 @@ SM_STATE(CP, CHANGE)
|
||||||
{
|
{
|
||||||
SM_ENTRY(CP, CHANGE);
|
SM_ENTRY(CP, CHANGE);
|
||||||
|
|
||||||
sm->port_valid = FALSE;
|
sm->port_valid = false;
|
||||||
sm->controlled_port_enabled = FALSE;
|
sm->controlled_port_enabled = false;
|
||||||
secy_cp_control_enable_port(sm->kay, sm->controlled_port_enabled);
|
secy_cp_control_enable_port(sm->kay, sm->controlled_port_enabled);
|
||||||
|
|
||||||
if (sm->lki)
|
if (sm->lki)
|
||||||
|
@ -147,15 +147,15 @@ SM_STATE(CP, CHANGE)
|
||||||
*/
|
*/
|
||||||
os_free(sm->oki);
|
os_free(sm->oki);
|
||||||
sm->oki = NULL;
|
sm->oki = NULL;
|
||||||
sm->otx = FALSE;
|
sm->otx = false;
|
||||||
sm->orx = FALSE;
|
sm->orx = false;
|
||||||
sm->oan = 0;
|
sm->oan = 0;
|
||||||
ieee802_1x_kay_set_old_sa_attr(sm->kay, sm->oki, sm->oan,
|
ieee802_1x_kay_set_old_sa_attr(sm->kay, sm->oki, sm->oan,
|
||||||
sm->otx, sm->orx);
|
sm->otx, sm->orx);
|
||||||
os_free(sm->lki);
|
os_free(sm->lki);
|
||||||
sm->lki = NULL;
|
sm->lki = NULL;
|
||||||
sm->lrx = FALSE;
|
sm->lrx = false;
|
||||||
sm->ltx = FALSE;
|
sm->ltx = false;
|
||||||
sm->lan = 0;
|
sm->lan = 0;
|
||||||
ieee802_1x_kay_set_latest_sa_attr(sm->kay, sm->lki, sm->lan,
|
ieee802_1x_kay_set_latest_sa_attr(sm->kay, sm->lki, sm->lan,
|
||||||
sm->ltx, sm->lrx);
|
sm->ltx, sm->lrx);
|
||||||
|
@ -166,12 +166,12 @@ SM_STATE(CP, ALLOWED)
|
||||||
{
|
{
|
||||||
SM_ENTRY(CP, ALLOWED);
|
SM_ENTRY(CP, ALLOWED);
|
||||||
|
|
||||||
sm->protect_frames = FALSE;
|
sm->protect_frames = false;
|
||||||
sm->replay_protect = FALSE;
|
sm->replay_protect = false;
|
||||||
sm->validate_frames = Checked;
|
sm->validate_frames = Checked;
|
||||||
|
|
||||||
sm->port_valid = FALSE;
|
sm->port_valid = false;
|
||||||
sm->controlled_port_enabled = TRUE;
|
sm->controlled_port_enabled = true;
|
||||||
|
|
||||||
secy_cp_control_enable_port(sm->kay, sm->controlled_port_enabled);
|
secy_cp_control_enable_port(sm->kay, sm->controlled_port_enabled);
|
||||||
secy_cp_control_protect_frames(sm->kay, sm->protect_frames);
|
secy_cp_control_protect_frames(sm->kay, sm->protect_frames);
|
||||||
|
@ -185,12 +185,12 @@ SM_STATE(CP, AUTHENTICATED)
|
||||||
{
|
{
|
||||||
SM_ENTRY(CP, AUTHENTICATED);
|
SM_ENTRY(CP, AUTHENTICATED);
|
||||||
|
|
||||||
sm->protect_frames = FALSE;
|
sm->protect_frames = false;
|
||||||
sm->replay_protect = FALSE;
|
sm->replay_protect = false;
|
||||||
sm->validate_frames = Checked;
|
sm->validate_frames = Checked;
|
||||||
|
|
||||||
sm->port_valid = FALSE;
|
sm->port_valid = false;
|
||||||
sm->controlled_port_enabled = TRUE;
|
sm->controlled_port_enabled = true;
|
||||||
|
|
||||||
secy_cp_control_enable_port(sm->kay, sm->controlled_port_enabled);
|
secy_cp_control_enable_port(sm->kay, sm->controlled_port_enabled);
|
||||||
secy_cp_control_protect_frames(sm->kay, sm->protect_frames);
|
secy_cp_control_protect_frames(sm->kay, sm->protect_frames);
|
||||||
|
@ -204,7 +204,7 @@ SM_STATE(CP, SECURED)
|
||||||
{
|
{
|
||||||
SM_ENTRY(CP, SECURED);
|
SM_ENTRY(CP, SECURED);
|
||||||
|
|
||||||
sm->chgd_server = FALSE;
|
sm->chgd_server = false;
|
||||||
|
|
||||||
sm->protect_frames = sm->kay->macsec_protect;
|
sm->protect_frames = sm->kay->macsec_protect;
|
||||||
sm->replay_protect = sm->kay->macsec_replay_protect;
|
sm->replay_protect = sm->kay->macsec_replay_protect;
|
||||||
|
@ -216,7 +216,7 @@ SM_STATE(CP, SECURED)
|
||||||
|
|
||||||
sm->confidentiality_offset = sm->cipher_offset;
|
sm->confidentiality_offset = sm->cipher_offset;
|
||||||
|
|
||||||
sm->port_valid = TRUE;
|
sm->port_valid = true;
|
||||||
|
|
||||||
secy_cp_control_confidentiality_offset(sm->kay,
|
secy_cp_control_confidentiality_offset(sm->kay,
|
||||||
sm->confidentiality_offset);
|
sm->confidentiality_offset);
|
||||||
|
@ -238,14 +238,14 @@ SM_STATE(CP, RECEIVE)
|
||||||
}
|
}
|
||||||
os_memcpy(sm->lki, &sm->distributed_ki, sizeof(*sm->lki));
|
os_memcpy(sm->lki, &sm->distributed_ki, sizeof(*sm->lki));
|
||||||
sm->lan = sm->distributed_an;
|
sm->lan = sm->distributed_an;
|
||||||
sm->ltx = FALSE;
|
sm->ltx = false;
|
||||||
sm->lrx = FALSE;
|
sm->lrx = false;
|
||||||
ieee802_1x_kay_set_latest_sa_attr(sm->kay, sm->lki, sm->lan,
|
ieee802_1x_kay_set_latest_sa_attr(sm->kay, sm->lki, sm->lan,
|
||||||
sm->ltx, sm->lrx);
|
sm->ltx, sm->lrx);
|
||||||
ieee802_1x_kay_create_sas(sm->kay, sm->lki);
|
ieee802_1x_kay_create_sas(sm->kay, sm->lki);
|
||||||
ieee802_1x_kay_enable_rx_sas(sm->kay, sm->lki);
|
ieee802_1x_kay_enable_rx_sas(sm->kay, sm->lki);
|
||||||
sm->new_sak = FALSE;
|
sm->new_sak = false;
|
||||||
sm->all_receiving = FALSE;
|
sm->all_receiving = false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@ -253,7 +253,7 @@ SM_STATE(CP, RECEIVING)
|
||||||
{
|
{
|
||||||
SM_ENTRY(CP, RECEIVING);
|
SM_ENTRY(CP, RECEIVING);
|
||||||
|
|
||||||
sm->lrx = TRUE;
|
sm->lrx = true;
|
||||||
ieee802_1x_kay_set_latest_sa_attr(sm->kay, sm->lki, sm->lan,
|
ieee802_1x_kay_set_latest_sa_attr(sm->kay, sm->lki, sm->lan,
|
||||||
sm->ltx, sm->lrx);
|
sm->ltx, sm->lrx);
|
||||||
sm->transmit_when = sm->transmit_delay;
|
sm->transmit_when = sm->transmit_delay;
|
||||||
|
@ -264,8 +264,8 @@ SM_STATE(CP, RECEIVING)
|
||||||
* but the CP will transmit from RECEIVING to READY under
|
* but the CP will transmit from RECEIVING to READY under
|
||||||
* the !electedSelf when KaY is not key server */
|
* the !electedSelf when KaY is not key server */
|
||||||
ieee802_1x_cp_sm_step(sm);
|
ieee802_1x_cp_sm_step(sm);
|
||||||
sm->using_receive_sas = FALSE;
|
sm->using_receive_sas = false;
|
||||||
sm->server_transmitting = FALSE;
|
sm->server_transmitting = false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@ -281,14 +281,14 @@ SM_STATE(CP, TRANSMIT)
|
||||||
{
|
{
|
||||||
SM_ENTRY(CP, TRANSMIT);
|
SM_ENTRY(CP, TRANSMIT);
|
||||||
|
|
||||||
sm->controlled_port_enabled = TRUE;
|
sm->controlled_port_enabled = true;
|
||||||
secy_cp_control_enable_port(sm->kay, sm->controlled_port_enabled);
|
secy_cp_control_enable_port(sm->kay, sm->controlled_port_enabled);
|
||||||
sm->ltx = TRUE;
|
sm->ltx = true;
|
||||||
ieee802_1x_kay_set_latest_sa_attr(sm->kay, sm->lki, sm->lan,
|
ieee802_1x_kay_set_latest_sa_attr(sm->kay, sm->lki, sm->lan,
|
||||||
sm->ltx, sm->lrx);
|
sm->ltx, sm->lrx);
|
||||||
ieee802_1x_kay_enable_tx_sas(sm->kay, sm->lki);
|
ieee802_1x_kay_enable_tx_sas(sm->kay, sm->lki);
|
||||||
sm->all_receiving = FALSE;
|
sm->all_receiving = false;
|
||||||
sm->server_transmitting = FALSE;
|
sm->server_transmitting = false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@ -296,21 +296,21 @@ SM_STATE(CP, TRANSMITTING)
|
||||||
{
|
{
|
||||||
SM_ENTRY(CP, TRANSMITTING);
|
SM_ENTRY(CP, TRANSMITTING);
|
||||||
sm->retire_when = sm->orx ? sm->retire_delay : 0;
|
sm->retire_when = sm->orx ? sm->retire_delay : 0;
|
||||||
sm->otx = FALSE;
|
sm->otx = false;
|
||||||
ieee802_1x_kay_set_old_sa_attr(sm->kay, sm->oki, sm->oan,
|
ieee802_1x_kay_set_old_sa_attr(sm->kay, sm->oki, sm->oan,
|
||||||
sm->otx, sm->orx);
|
sm->otx, sm->orx);
|
||||||
ieee802_1x_kay_enable_new_info(sm->kay);
|
ieee802_1x_kay_enable_new_info(sm->kay);
|
||||||
eloop_cancel_timeout(ieee802_1x_cp_retire_when_timeout, sm, NULL);
|
eloop_cancel_timeout(ieee802_1x_cp_retire_when_timeout, sm, NULL);
|
||||||
eloop_register_timeout(sm->retire_when / 1000, 0,
|
eloop_register_timeout(sm->retire_when / 1000, 0,
|
||||||
ieee802_1x_cp_retire_when_timeout, sm, NULL);
|
ieee802_1x_cp_retire_when_timeout, sm, NULL);
|
||||||
sm->using_transmit_sa = FALSE;
|
sm->using_transmit_sa = false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
SM_STATE(CP, ABANDON)
|
SM_STATE(CP, ABANDON)
|
||||||
{
|
{
|
||||||
SM_ENTRY(CP, ABANDON);
|
SM_ENTRY(CP, ABANDON);
|
||||||
sm->lrx = FALSE;
|
sm->lrx = false;
|
||||||
ieee802_1x_kay_set_latest_sa_attr(sm->kay, sm->lki, sm->lan,
|
ieee802_1x_kay_set_latest_sa_attr(sm->kay, sm->lki, sm->lan,
|
||||||
sm->ltx, sm->lrx);
|
sm->ltx, sm->lrx);
|
||||||
ieee802_1x_kay_delete_sas(sm->kay, sm->lki);
|
ieee802_1x_kay_delete_sas(sm->kay, sm->lki);
|
||||||
|
@ -337,8 +337,8 @@ SM_STATE(CP, RETIRE)
|
||||||
ieee802_1x_kay_set_old_sa_attr(sm->kay, sm->oki, sm->oan,
|
ieee802_1x_kay_set_old_sa_attr(sm->kay, sm->oki, sm->oan,
|
||||||
sm->otx, sm->orx);
|
sm->otx, sm->orx);
|
||||||
sm->lki = NULL;
|
sm->lki = NULL;
|
||||||
sm->ltx = FALSE;
|
sm->ltx = false;
|
||||||
sm->lrx = FALSE;
|
sm->lrx = false;
|
||||||
sm->lan = 0;
|
sm->lan = 0;
|
||||||
ieee802_1x_kay_set_latest_sa_attr(sm->kay, sm->lki, sm->lan,
|
ieee802_1x_kay_set_latest_sa_attr(sm->kay, sm->lki, sm->lan,
|
||||||
sm->ltx, sm->lrx);
|
sm->ltx, sm->lrx);
|
||||||
|
@ -455,23 +455,23 @@ struct ieee802_1x_cp_sm * ieee802_1x_cp_sm_init(struct ieee802_1x_kay *kay)
|
||||||
|
|
||||||
sm->kay = kay;
|
sm->kay = kay;
|
||||||
|
|
||||||
sm->port_valid = FALSE;
|
sm->port_valid = false;
|
||||||
|
|
||||||
sm->chgd_server = FALSE;
|
sm->chgd_server = false;
|
||||||
|
|
||||||
sm->protect_frames = kay->macsec_protect;
|
sm->protect_frames = kay->macsec_protect;
|
||||||
sm->validate_frames = kay->macsec_validate;
|
sm->validate_frames = kay->macsec_validate;
|
||||||
sm->replay_protect = kay->macsec_replay_protect;
|
sm->replay_protect = kay->macsec_replay_protect;
|
||||||
sm->replay_window = kay->macsec_replay_window;
|
sm->replay_window = kay->macsec_replay_window;
|
||||||
|
|
||||||
sm->controlled_port_enabled = FALSE;
|
sm->controlled_port_enabled = false;
|
||||||
|
|
||||||
sm->lki = NULL;
|
sm->lki = NULL;
|
||||||
sm->lrx = FALSE;
|
sm->lrx = false;
|
||||||
sm->ltx = FALSE;
|
sm->ltx = false;
|
||||||
sm->oki = NULL;
|
sm->oki = NULL;
|
||||||
sm->orx = FALSE;
|
sm->orx = false;
|
||||||
sm->otx = FALSE;
|
sm->otx = false;
|
||||||
|
|
||||||
sm->current_cipher_suite = default_cs_id;
|
sm->current_cipher_suite = default_cs_id;
|
||||||
sm->cipher_suite = default_cs_id;
|
sm->cipher_suite = default_cs_id;
|
||||||
|
@ -480,7 +480,7 @@ struct ieee802_1x_cp_sm * ieee802_1x_cp_sm_init(struct ieee802_1x_kay *kay)
|
||||||
sm->transmit_delay = MKA_LIFE_TIME;
|
sm->transmit_delay = MKA_LIFE_TIME;
|
||||||
sm->retire_delay = MKA_SAK_RETIRE_TIME;
|
sm->retire_delay = MKA_SAK_RETIRE_TIME;
|
||||||
sm->CP_state = CP_BEGIN;
|
sm->CP_state = CP_BEGIN;
|
||||||
sm->changed = FALSE;
|
sm->changed = false;
|
||||||
|
|
||||||
wpa_printf(MSG_DEBUG, "CP: state machine created");
|
wpa_printf(MSG_DEBUG, "CP: state machine created");
|
||||||
|
|
||||||
|
@ -588,14 +588,14 @@ void ieee802_1x_cp_signal_chgdserver(void *cp_ctx)
|
||||||
{
|
{
|
||||||
struct ieee802_1x_cp_sm *sm = cp_ctx;
|
struct ieee802_1x_cp_sm *sm = cp_ctx;
|
||||||
|
|
||||||
sm->chgd_server = TRUE;
|
sm->chgd_server = true;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* ieee802_1x_cp_set_electedself -
|
* ieee802_1x_cp_set_electedself -
|
||||||
*/
|
*/
|
||||||
void ieee802_1x_cp_set_electedself(void *cp_ctx, Boolean status)
|
void ieee802_1x_cp_set_electedself(void *cp_ctx, bool status)
|
||||||
{
|
{
|
||||||
struct ieee802_1x_cp_sm *sm = cp_ctx;
|
struct ieee802_1x_cp_sm *sm = cp_ctx;
|
||||||
sm->elected_self = status;
|
sm->elected_self = status;
|
||||||
|
@ -628,7 +628,7 @@ void ieee802_1x_cp_set_offset(void *cp_ctx, enum confidentiality_offset offset)
|
||||||
void ieee802_1x_cp_signal_newsak(void *cp_ctx)
|
void ieee802_1x_cp_signal_newsak(void *cp_ctx)
|
||||||
{
|
{
|
||||||
struct ieee802_1x_cp_sm *sm = cp_ctx;
|
struct ieee802_1x_cp_sm *sm = cp_ctx;
|
||||||
sm->new_sak = TRUE;
|
sm->new_sak = true;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@ -656,7 +656,7 @@ void ieee802_1x_cp_set_distributedan(void *cp_ctx, u8 an)
|
||||||
/**
|
/**
|
||||||
* ieee802_1x_cp_set_usingreceivesas -
|
* ieee802_1x_cp_set_usingreceivesas -
|
||||||
*/
|
*/
|
||||||
void ieee802_1x_cp_set_usingreceivesas(void *cp_ctx, Boolean status)
|
void ieee802_1x_cp_set_usingreceivesas(void *cp_ctx, bool status)
|
||||||
{
|
{
|
||||||
struct ieee802_1x_cp_sm *sm = cp_ctx;
|
struct ieee802_1x_cp_sm *sm = cp_ctx;
|
||||||
sm->using_receive_sas = status;
|
sm->using_receive_sas = status;
|
||||||
|
@ -666,7 +666,7 @@ void ieee802_1x_cp_set_usingreceivesas(void *cp_ctx, Boolean status)
|
||||||
/**
|
/**
|
||||||
* ieee802_1x_cp_set_allreceiving -
|
* ieee802_1x_cp_set_allreceiving -
|
||||||
*/
|
*/
|
||||||
void ieee802_1x_cp_set_allreceiving(void *cp_ctx, Boolean status)
|
void ieee802_1x_cp_set_allreceiving(void *cp_ctx, bool status)
|
||||||
{
|
{
|
||||||
struct ieee802_1x_cp_sm *sm = cp_ctx;
|
struct ieee802_1x_cp_sm *sm = cp_ctx;
|
||||||
sm->all_receiving = status;
|
sm->all_receiving = status;
|
||||||
|
@ -676,7 +676,7 @@ void ieee802_1x_cp_set_allreceiving(void *cp_ctx, Boolean status)
|
||||||
/**
|
/**
|
||||||
* ieee802_1x_cp_set_servertransmitting -
|
* ieee802_1x_cp_set_servertransmitting -
|
||||||
*/
|
*/
|
||||||
void ieee802_1x_cp_set_servertransmitting(void *cp_ctx, Boolean status)
|
void ieee802_1x_cp_set_servertransmitting(void *cp_ctx, bool status)
|
||||||
{
|
{
|
||||||
struct ieee802_1x_cp_sm *sm = cp_ctx;
|
struct ieee802_1x_cp_sm *sm = cp_ctx;
|
||||||
sm->server_transmitting = status;
|
sm->server_transmitting = status;
|
||||||
|
@ -686,7 +686,7 @@ void ieee802_1x_cp_set_servertransmitting(void *cp_ctx, Boolean status)
|
||||||
/**
|
/**
|
||||||
* ieee802_1x_cp_set_usingtransmitsas -
|
* ieee802_1x_cp_set_usingtransmitsas -
|
||||||
*/
|
*/
|
||||||
void ieee802_1x_cp_set_usingtransmitas(void *cp_ctx, Boolean status)
|
void ieee802_1x_cp_set_usingtransmitas(void *cp_ctx, bool status)
|
||||||
{
|
{
|
||||||
struct ieee802_1x_cp_sm *sm = cp_ctx;
|
struct ieee802_1x_cp_sm *sm = cp_ctx;
|
||||||
sm->using_transmit_sa = status;
|
sm->using_transmit_sa = status;
|
||||||
|
|
|
@ -24,16 +24,16 @@ void ieee802_1x_cp_connect_unauthenticated(void *cp_ctx);
|
||||||
void ieee802_1x_cp_connect_authenticated(void *cp_ctx);
|
void ieee802_1x_cp_connect_authenticated(void *cp_ctx);
|
||||||
void ieee802_1x_cp_connect_secure(void *cp_ctx);
|
void ieee802_1x_cp_connect_secure(void *cp_ctx);
|
||||||
void ieee802_1x_cp_signal_chgdserver(void *cp_ctx);
|
void ieee802_1x_cp_signal_chgdserver(void *cp_ctx);
|
||||||
void ieee802_1x_cp_set_electedself(void *cp_ctx, Boolean status);
|
void ieee802_1x_cp_set_electedself(void *cp_ctx, bool status);
|
||||||
void ieee802_1x_cp_set_ciphersuite(void *cp_ctx, u64 cs);
|
void ieee802_1x_cp_set_ciphersuite(void *cp_ctx, u64 cs);
|
||||||
void ieee802_1x_cp_set_offset(void *cp_ctx, enum confidentiality_offset offset);
|
void ieee802_1x_cp_set_offset(void *cp_ctx, enum confidentiality_offset offset);
|
||||||
void ieee802_1x_cp_signal_newsak(void *cp_ctx);
|
void ieee802_1x_cp_signal_newsak(void *cp_ctx);
|
||||||
void ieee802_1x_cp_set_distributedki(void *cp_ctx,
|
void ieee802_1x_cp_set_distributedki(void *cp_ctx,
|
||||||
const struct ieee802_1x_mka_ki *dki);
|
const struct ieee802_1x_mka_ki *dki);
|
||||||
void ieee802_1x_cp_set_distributedan(void *cp_ctx, u8 an);
|
void ieee802_1x_cp_set_distributedan(void *cp_ctx, u8 an);
|
||||||
void ieee802_1x_cp_set_usingreceivesas(void *cp_ctx, Boolean status);
|
void ieee802_1x_cp_set_usingreceivesas(void *cp_ctx, bool status);
|
||||||
void ieee802_1x_cp_set_allreceiving(void *cp_ctx, Boolean status);
|
void ieee802_1x_cp_set_allreceiving(void *cp_ctx, bool status);
|
||||||
void ieee802_1x_cp_set_servertransmitting(void *cp_ctx, Boolean status);
|
void ieee802_1x_cp_set_servertransmitting(void *cp_ctx, bool status);
|
||||||
void ieee802_1x_cp_set_usingtransmitas(void *cp_ctx, Boolean status);
|
void ieee802_1x_cp_set_usingtransmitas(void *cp_ctx, bool status);
|
||||||
|
|
||||||
#endif /* IEEE802_1X_CP_H */
|
#endif /* IEEE802_1X_CP_H */
|
||||||
|
|
|
@ -354,7 +354,7 @@ ieee802_1x_kay_get_live_peer(struct ieee802_1x_mka_participant *participant,
|
||||||
/**
|
/**
|
||||||
* ieee802_1x_kay_is_in_potential_peer
|
* ieee802_1x_kay_is_in_potential_peer
|
||||||
*/
|
*/
|
||||||
static Boolean
|
static bool
|
||||||
ieee802_1x_kay_is_in_potential_peer(
|
ieee802_1x_kay_is_in_potential_peer(
|
||||||
struct ieee802_1x_mka_participant *participant, const u8 *mi)
|
struct ieee802_1x_mka_participant *participant, const u8 *mi)
|
||||||
{
|
{
|
||||||
|
@ -365,7 +365,7 @@ ieee802_1x_kay_is_in_potential_peer(
|
||||||
/**
|
/**
|
||||||
* ieee802_1x_kay_is_in_live_peer
|
* ieee802_1x_kay_is_in_live_peer
|
||||||
*/
|
*/
|
||||||
static Boolean
|
static bool
|
||||||
ieee802_1x_kay_is_in_live_peer(
|
ieee802_1x_kay_is_in_live_peer(
|
||||||
struct ieee802_1x_mka_participant *participant, const u8 *mi)
|
struct ieee802_1x_mka_participant *participant, const u8 *mi)
|
||||||
{
|
{
|
||||||
|
@ -426,8 +426,8 @@ u64 mka_sci_u64(struct ieee802_1x_mka_sci *sci)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
static Boolean sci_equal(const struct ieee802_1x_mka_sci *a,
|
static bool sci_equal(const struct ieee802_1x_mka_sci *a,
|
||||||
const struct ieee802_1x_mka_sci *b)
|
const struct ieee802_1x_mka_sci *b)
|
||||||
{
|
{
|
||||||
return os_memcmp(a, b, sizeof(struct ieee802_1x_mka_sci)) == 0;
|
return os_memcmp(a, b, sizeof(struct ieee802_1x_mka_sci)) == 0;
|
||||||
}
|
}
|
||||||
|
@ -486,7 +486,7 @@ ieee802_1x_kay_init_receive_sa(struct receive_sc *psc, u8 an, u32 lowest_pn,
|
||||||
psa->sc = psc;
|
psa->sc = psc;
|
||||||
|
|
||||||
os_get_time(&psa->created_time);
|
os_get_time(&psa->created_time);
|
||||||
psa->in_use = FALSE;
|
psa->in_use = false;
|
||||||
|
|
||||||
dl_list_add(&psc->sa_list, &psa->list);
|
dl_list_add(&psc->sa_list, &psa->list);
|
||||||
wpa_printf(MSG_DEBUG,
|
wpa_printf(MSG_DEBUG,
|
||||||
|
@ -534,7 +534,7 @@ ieee802_1x_kay_init_receive_sc(const struct ieee802_1x_mka_sci *psci)
|
||||||
os_memcpy(&psc->sci, psci, sizeof(psc->sci));
|
os_memcpy(&psc->sci, psci, sizeof(psc->sci));
|
||||||
|
|
||||||
os_get_time(&psc->created_time);
|
os_get_time(&psc->created_time);
|
||||||
psc->receiving = FALSE;
|
psc->receiving = false;
|
||||||
|
|
||||||
dl_list_init(&psc->sa_list);
|
dl_list_init(&psc->sa_list);
|
||||||
wpa_printf(MSG_DEBUG, "KaY: Create receive SC: SCI %s",
|
wpa_printf(MSG_DEBUG, "KaY: Create receive SC: SCI %s",
|
||||||
|
@ -594,7 +594,7 @@ ieee802_1x_kay_create_peer(const u8 *mi, u32 mn)
|
||||||
os_memcpy(peer->mi, mi, MI_LEN);
|
os_memcpy(peer->mi, mi, MI_LEN);
|
||||||
peer->mn = mn;
|
peer->mn = mn;
|
||||||
peer->expire = time(NULL) + MKA_LIFE_TIME / 1000;
|
peer->expire = time(NULL) + MKA_LIFE_TIME / 1000;
|
||||||
peer->sak_used = FALSE;
|
peer->sak_used = false;
|
||||||
peer->missing_sak_use_count = 0;
|
peer->missing_sak_use_count = 0;
|
||||||
|
|
||||||
return peer;
|
return peer;
|
||||||
|
@ -706,11 +706,11 @@ ieee802_1x_kay_move_live_peer(struct ieee802_1x_mka_participant *participant,
|
||||||
/**
|
/**
|
||||||
* ieee802_1x_mka_basic_body_present -
|
* ieee802_1x_mka_basic_body_present -
|
||||||
*/
|
*/
|
||||||
static Boolean
|
static bool
|
||||||
ieee802_1x_mka_basic_body_present(
|
ieee802_1x_mka_basic_body_present(
|
||||||
struct ieee802_1x_mka_participant *participant)
|
struct ieee802_1x_mka_participant *participant)
|
||||||
{
|
{
|
||||||
return TRUE;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@ -774,14 +774,14 @@ ieee802_1x_mka_encode_basic_body(
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
static Boolean
|
static bool
|
||||||
reset_participant_mi(struct ieee802_1x_mka_participant *participant)
|
reset_participant_mi(struct ieee802_1x_mka_participant *participant)
|
||||||
{
|
{
|
||||||
if (os_get_random(participant->mi, sizeof(participant->mi)) < 0)
|
if (os_get_random(participant->mi, sizeof(participant->mi)) < 0)
|
||||||
return FALSE;
|
return false;
|
||||||
participant->mn = 0;
|
participant->mn = 0;
|
||||||
|
|
||||||
return TRUE;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@ -888,13 +888,13 @@ ieee802_1x_mka_decode_basic_body(struct ieee802_1x_kay *kay, const u8 *mka_msg,
|
||||||
|
|
||||||
peer->macsec_desired = body->macsec_desired;
|
peer->macsec_desired = body->macsec_desired;
|
||||||
peer->macsec_capability = body->macsec_capability;
|
peer->macsec_capability = body->macsec_capability;
|
||||||
peer->is_key_server = (Boolean) body->key_server;
|
peer->is_key_server = body->key_server;
|
||||||
peer->key_server_priority = body->priority;
|
peer->key_server_priority = body->priority;
|
||||||
} else if (peer->mn < be_to_host32(body->actor_mn)) {
|
} else if (peer->mn < be_to_host32(body->actor_mn)) {
|
||||||
peer->mn = be_to_host32(body->actor_mn);
|
peer->mn = be_to_host32(body->actor_mn);
|
||||||
peer->macsec_desired = body->macsec_desired;
|
peer->macsec_desired = body->macsec_desired;
|
||||||
peer->macsec_capability = body->macsec_capability;
|
peer->macsec_capability = body->macsec_capability;
|
||||||
peer->is_key_server = (Boolean) body->key_server;
|
peer->is_key_server = body->key_server;
|
||||||
peer->key_server_priority = body->priority;
|
peer->key_server_priority = body->priority;
|
||||||
} else {
|
} else {
|
||||||
wpa_printf(MSG_WARNING,
|
wpa_printf(MSG_WARNING,
|
||||||
|
@ -909,7 +909,7 @@ ieee802_1x_mka_decode_basic_body(struct ieee802_1x_kay *kay, const u8 *mka_msg,
|
||||||
/**
|
/**
|
||||||
* ieee802_1x_mka_live_peer_body_present
|
* ieee802_1x_mka_live_peer_body_present
|
||||||
*/
|
*/
|
||||||
static Boolean
|
static bool
|
||||||
ieee802_1x_mka_live_peer_body_present(
|
ieee802_1x_mka_live_peer_body_present(
|
||||||
struct ieee802_1x_mka_participant *participant)
|
struct ieee802_1x_mka_participant *participant)
|
||||||
{
|
{
|
||||||
|
@ -969,7 +969,7 @@ ieee802_1x_mka_encode_live_peer_body(
|
||||||
/**
|
/**
|
||||||
* ieee802_1x_mka_potential_peer_body_present
|
* ieee802_1x_mka_potential_peer_body_present
|
||||||
*/
|
*/
|
||||||
static Boolean
|
static bool
|
||||||
ieee802_1x_mka_potential_peer_body_present(
|
ieee802_1x_mka_potential_peer_body_present(
|
||||||
struct ieee802_1x_mka_participant *participant)
|
struct ieee802_1x_mka_participant *participant)
|
||||||
{
|
{
|
||||||
|
@ -1030,7 +1030,7 @@ ieee802_1x_mka_encode_potential_peer_body(
|
||||||
/**
|
/**
|
||||||
* ieee802_1x_mka_i_in_peerlist -
|
* ieee802_1x_mka_i_in_peerlist -
|
||||||
*/
|
*/
|
||||||
static Boolean
|
static bool
|
||||||
ieee802_1x_mka_i_in_peerlist(struct ieee802_1x_mka_participant *participant,
|
ieee802_1x_mka_i_in_peerlist(struct ieee802_1x_mka_participant *participant,
|
||||||
const u8 *mka_msg, size_t msg_len)
|
const u8 *mka_msg, size_t msg_len)
|
||||||
{
|
{
|
||||||
|
@ -1055,7 +1055,7 @@ ieee802_1x_mka_i_in_peerlist(struct ieee802_1x_mka_participant *participant,
|
||||||
left_len, MKA_HDR_LEN,
|
left_len, MKA_HDR_LEN,
|
||||||
MKA_ALIGN_LENGTH(body_len),
|
MKA_ALIGN_LENGTH(body_len),
|
||||||
DEFAULT_ICV_LEN);
|
DEFAULT_ICV_LEN);
|
||||||
return FALSE;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (body_type != MKA_LIVE_PEER_LIST &&
|
if (body_type != MKA_LIVE_PEER_LIST &&
|
||||||
|
@ -1096,12 +1096,12 @@ ieee802_1x_mka_i_in_peerlist(struct ieee802_1x_mka_participant *participant,
|
||||||
if (mn == participant->mn ||
|
if (mn == participant->mn ||
|
||||||
(participant->mn > 1 &&
|
(participant->mn > 1 &&
|
||||||
mn == participant->mn - 1))
|
mn == participant->mn - 1))
|
||||||
return TRUE;
|
return true;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
return FALSE;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@ -1116,7 +1116,7 @@ static int ieee802_1x_mka_decode_live_peer_body(
|
||||||
struct ieee802_1x_kay_peer *peer;
|
struct ieee802_1x_kay_peer *peer;
|
||||||
size_t body_len;
|
size_t body_len;
|
||||||
size_t i;
|
size_t i;
|
||||||
Boolean is_included;
|
bool is_included;
|
||||||
|
|
||||||
is_included = ieee802_1x_kay_is_in_live_peer(
|
is_included = ieee802_1x_kay_is_in_live_peer(
|
||||||
participant, participant->current_peer_id.mi);
|
participant, participant->current_peer_id.mi);
|
||||||
|
@ -1209,7 +1209,7 @@ ieee802_1x_mka_decode_potential_peer_body(
|
||||||
/**
|
/**
|
||||||
* ieee802_1x_mka_sak_use_body_present
|
* ieee802_1x_mka_sak_use_body_present
|
||||||
*/
|
*/
|
||||||
static Boolean
|
static bool
|
||||||
ieee802_1x_mka_sak_use_body_present(
|
ieee802_1x_mka_sak_use_body_present(
|
||||||
struct ieee802_1x_mka_participant *participant)
|
struct ieee802_1x_mka_participant *participant)
|
||||||
{
|
{
|
||||||
|
@ -1296,12 +1296,12 @@ ieee802_1x_mka_encode_sak_use_body(
|
||||||
set_mka_param_body_len(body, length - MKA_HDR_LEN);
|
set_mka_param_body_len(body, length - MKA_HDR_LEN);
|
||||||
|
|
||||||
if (length == MKA_HDR_LEN) {
|
if (length == MKA_HDR_LEN) {
|
||||||
body->ptx = TRUE;
|
body->ptx = true;
|
||||||
body->prx = TRUE;
|
body->prx = true;
|
||||||
body->lan = 0;
|
body->lan = 0;
|
||||||
body->lrx = FALSE;
|
body->lrx = false;
|
||||||
body->ltx = FALSE;
|
body->ltx = false;
|
||||||
body->delay_protect = FALSE;
|
body->delay_protect = false;
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -1321,13 +1321,13 @@ ieee802_1x_mka_encode_sak_use_body(
|
||||||
if (llpn > kay->pn_exhaustion) {
|
if (llpn > kay->pn_exhaustion) {
|
||||||
wpa_printf(MSG_WARNING,
|
wpa_printf(MSG_WARNING,
|
||||||
"KaY: My LLPN exhaustion");
|
"KaY: My LLPN exhaustion");
|
||||||
participant->new_sak = TRUE;
|
participant->new_sak = true;
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
if (olpn > kay->pn_exhaustion) {
|
if (olpn > kay->pn_exhaustion) {
|
||||||
wpa_printf(MSG_WARNING,
|
wpa_printf(MSG_WARNING,
|
||||||
"KaY: My OLPN exhaustion");
|
"KaY: My OLPN exhaustion");
|
||||||
participant->new_sak = TRUE;
|
participant->new_sak = true;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -1347,23 +1347,23 @@ ieee802_1x_mka_encode_sak_use_body(
|
||||||
body->oan = participant->oan;
|
body->oan = participant->oan;
|
||||||
if (participant->oki.kn != participant->lki.kn &&
|
if (participant->oki.kn != participant->lki.kn &&
|
||||||
participant->oki.kn != 0) {
|
participant->oki.kn != 0) {
|
||||||
body->otx = TRUE;
|
body->otx = true;
|
||||||
body->orx = TRUE;
|
body->orx = true;
|
||||||
os_memcpy(body->osrv_mi, participant->oki.mi,
|
os_memcpy(body->osrv_mi, participant->oki.mi,
|
||||||
sizeof(body->osrv_mi));
|
sizeof(body->osrv_mi));
|
||||||
body->okn = host_to_be32(participant->oki.kn);
|
body->okn = host_to_be32(participant->oki.kn);
|
||||||
} else {
|
} else {
|
||||||
body->otx = FALSE;
|
body->otx = false;
|
||||||
body->orx = FALSE;
|
body->orx = false;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* set CP's variable */
|
/* set CP's variable */
|
||||||
if (body->ltx) {
|
if (body->ltx) {
|
||||||
kay->tx_enable = TRUE;
|
kay->tx_enable = true;
|
||||||
kay->port_enable = TRUE;
|
kay->port_enable = true;
|
||||||
}
|
}
|
||||||
if (body->lrx)
|
if (body->lrx)
|
||||||
kay->rx_enable = TRUE;
|
kay->rx_enable = true;
|
||||||
|
|
||||||
ieee802_1x_mka_dump_sak_use_body(body);
|
ieee802_1x_mka_dump_sak_use_body(body);
|
||||||
return 0;
|
return 0;
|
||||||
|
@ -1485,26 +1485,26 @@ ieee802_1x_mka_decode_sak_use_body(
|
||||||
*/
|
*/
|
||||||
if (participant->is_key_server) {
|
if (participant->is_key_server) {
|
||||||
struct ieee802_1x_kay_peer *peer_iter;
|
struct ieee802_1x_kay_peer *peer_iter;
|
||||||
Boolean all_receiving = TRUE;
|
bool all_receiving = true;
|
||||||
|
|
||||||
/* Distributed keys are equal from above comparison. */
|
/* Distributed keys are equal from above comparison. */
|
||||||
peer->sak_used = TRUE;
|
peer->sak_used = true;
|
||||||
|
|
||||||
dl_list_for_each(peer_iter, &participant->live_peers,
|
dl_list_for_each(peer_iter, &participant->live_peers,
|
||||||
struct ieee802_1x_kay_peer, list) {
|
struct ieee802_1x_kay_peer, list) {
|
||||||
if (!peer_iter->sak_used) {
|
if (!peer_iter->sak_used) {
|
||||||
all_receiving = FALSE;
|
all_receiving = false;
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if (all_receiving) {
|
if (all_receiving) {
|
||||||
participant->to_dist_sak = FALSE;
|
participant->to_dist_sak = false;
|
||||||
ieee802_1x_cp_set_allreceiving(kay->cp, TRUE);
|
ieee802_1x_cp_set_allreceiving(kay->cp, true);
|
||||||
ieee802_1x_cp_sm_step(kay->cp);
|
ieee802_1x_cp_sm_step(kay->cp);
|
||||||
}
|
}
|
||||||
} else if (peer->is_key_server) {
|
} else if (peer->is_key_server) {
|
||||||
if (body->ltx) {
|
if (body->ltx) {
|
||||||
ieee802_1x_cp_set_servertransmitting(kay->cp, TRUE);
|
ieee802_1x_cp_set_servertransmitting(kay->cp, true);
|
||||||
ieee802_1x_cp_sm_step(kay->cp);
|
ieee802_1x_cp_sm_step(kay->cp);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -1516,7 +1516,7 @@ ieee802_1x_mka_decode_sak_use_body(
|
||||||
* has already been exhausted.
|
* has already been exhausted.
|
||||||
*/
|
*/
|
||||||
if (participant->is_key_server && lpn > kay->pn_exhaustion) {
|
if (participant->is_key_server && lpn > kay->pn_exhaustion) {
|
||||||
participant->new_sak = TRUE;
|
participant->new_sak = true;
|
||||||
wpa_printf(MSG_WARNING, "KaY: Peer LPN exhaustion");
|
wpa_printf(MSG_WARNING, "KaY: Peer LPN exhaustion");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -1528,14 +1528,14 @@ ieee802_1x_mka_decode_sak_use_body(
|
||||||
if (body->delay_protect) {
|
if (body->delay_protect) {
|
||||||
struct receive_sc *rxsc;
|
struct receive_sc *rxsc;
|
||||||
struct receive_sa *rxsa;
|
struct receive_sa *rxsa;
|
||||||
Boolean found = FALSE;
|
bool found = false;
|
||||||
|
|
||||||
dl_list_for_each(rxsc, &participant->rxsc_list,
|
dl_list_for_each(rxsc, &participant->rxsc_list,
|
||||||
struct receive_sc, list) {
|
struct receive_sc, list) {
|
||||||
dl_list_for_each(rxsa, &rxsc->sa_list,
|
dl_list_for_each(rxsa, &rxsc->sa_list,
|
||||||
struct receive_sa, list) {
|
struct receive_sa, list) {
|
||||||
if (sa_key && rxsa->pkey == sa_key) {
|
if (sa_key && rxsa->pkey == sa_key) {
|
||||||
found = TRUE;
|
found = true;
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -1570,7 +1570,7 @@ ieee802_1x_mka_decode_sak_use_body(
|
||||||
/**
|
/**
|
||||||
* ieee802_1x_mka_dist_sak_body_present
|
* ieee802_1x_mka_dist_sak_body_present
|
||||||
*/
|
*/
|
||||||
static Boolean
|
static bool
|
||||||
ieee802_1x_mka_dist_sak_body_present(
|
ieee802_1x_mka_dist_sak_body_present(
|
||||||
struct ieee802_1x_mka_participant *participant)
|
struct ieee802_1x_mka_participant *participant)
|
||||||
{
|
{
|
||||||
|
@ -1663,8 +1663,8 @@ ieee802_1x_mka_encode_dist_sak_body(
|
||||||
*/
|
*/
|
||||||
static void ieee802_1x_kay_init_data_key(struct data_key *pkey)
|
static void ieee802_1x_kay_init_data_key(struct data_key *pkey)
|
||||||
{
|
{
|
||||||
pkey->transmits = TRUE;
|
pkey->transmits = true;
|
||||||
pkey->receives = TRUE;
|
pkey->receives = true;
|
||||||
os_get_time(&pkey->created_time);
|
os_get_time(&pkey->created_time);
|
||||||
|
|
||||||
pkey->next_pn = 1;
|
pkey->next_pn = 1;
|
||||||
|
@ -1730,21 +1730,21 @@ ieee802_1x_mka_decode_dist_sak_body(
|
||||||
}
|
}
|
||||||
|
|
||||||
if (body_len == 0) {
|
if (body_len == 0) {
|
||||||
kay->authenticated = TRUE;
|
kay->authenticated = true;
|
||||||
kay->secured = FALSE;
|
kay->secured = false;
|
||||||
kay->failed = FALSE;
|
kay->failed = false;
|
||||||
participant->advised_desired = FALSE;
|
participant->advised_desired = false;
|
||||||
ieee802_1x_cp_connect_authenticated(kay->cp);
|
ieee802_1x_cp_connect_authenticated(kay->cp);
|
||||||
ieee802_1x_cp_sm_step(kay->cp);
|
ieee802_1x_cp_sm_step(kay->cp);
|
||||||
wpa_printf(MSG_WARNING, "KaY: The Key server advise no MACsec");
|
wpa_printf(MSG_WARNING, "KaY: The Key server advise no MACsec");
|
||||||
participant->to_use_sak = FALSE;
|
participant->to_use_sak = false;
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
participant->advised_desired = TRUE;
|
participant->advised_desired = true;
|
||||||
kay->authenticated = FALSE;
|
kay->authenticated = false;
|
||||||
kay->secured = TRUE;
|
kay->secured = true;
|
||||||
kay->failed = FALSE;
|
kay->failed = false;
|
||||||
ieee802_1x_cp_connect_secure(kay->cp);
|
ieee802_1x_cp_connect_secure(kay->cp);
|
||||||
ieee802_1x_cp_sm_step(kay->cp);
|
ieee802_1x_cp_sm_step(kay->cp);
|
||||||
|
|
||||||
|
@ -1825,7 +1825,7 @@ ieee802_1x_mka_decode_dist_sak_body(
|
||||||
ieee802_1x_cp_sm_step(kay->cp);
|
ieee802_1x_cp_sm_step(kay->cp);
|
||||||
|
|
||||||
kay->rcvd_keys++;
|
kay->rcvd_keys++;
|
||||||
participant->to_use_sak = TRUE;
|
participant->to_use_sak = true;
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
@ -1834,10 +1834,10 @@ ieee802_1x_mka_decode_dist_sak_body(
|
||||||
/**
|
/**
|
||||||
* ieee802_1x_mka_icv_body_present
|
* ieee802_1x_mka_icv_body_present
|
||||||
*/
|
*/
|
||||||
static Boolean
|
static bool
|
||||||
ieee802_1x_mka_icv_body_present(struct ieee802_1x_mka_participant *participant)
|
ieee802_1x_mka_icv_body_present(struct ieee802_1x_mka_participant *participant)
|
||||||
{
|
{
|
||||||
return TRUE;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@ -2002,7 +2002,7 @@ struct mka_param_body_handler {
|
||||||
int (*body_rx)(struct ieee802_1x_mka_participant *participant,
|
int (*body_rx)(struct ieee802_1x_mka_participant *participant,
|
||||||
const u8 *mka_msg, size_t msg_len);
|
const u8 *mka_msg, size_t msg_len);
|
||||||
int (*body_length)(struct ieee802_1x_mka_participant *participant);
|
int (*body_length)(struct ieee802_1x_mka_participant *participant);
|
||||||
Boolean (*body_present)(struct ieee802_1x_mka_participant *participant);
|
bool (*body_present)(struct ieee802_1x_mka_participant *participant);
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
||||||
|
@ -2229,7 +2229,7 @@ ieee802_1x_kay_generate_new_sak(struct ieee802_1x_mka_participant *participant)
|
||||||
|
|
||||||
dl_list_for_each(peer, &participant->live_peers,
|
dl_list_for_each(peer, &participant->live_peers,
|
||||||
struct ieee802_1x_kay_peer, list)
|
struct ieee802_1x_kay_peer, list)
|
||||||
peer->sak_used = FALSE;
|
peer->sak_used = false;
|
||||||
|
|
||||||
kay->dist_kn++;
|
kay->dist_kn++;
|
||||||
kay->dist_an++;
|
kay->dist_an++;
|
||||||
|
@ -2269,13 +2269,13 @@ ieee802_1x_kay_elect_key_server(struct ieee802_1x_mka_participant *participant)
|
||||||
struct ieee802_1x_kay_peer *peer;
|
struct ieee802_1x_kay_peer *peer;
|
||||||
struct ieee802_1x_kay_peer *key_server = NULL;
|
struct ieee802_1x_kay_peer *key_server = NULL;
|
||||||
struct ieee802_1x_kay *kay = participant->kay;
|
struct ieee802_1x_kay *kay = participant->kay;
|
||||||
Boolean i_is_key_server;
|
bool i_is_key_server;
|
||||||
int priority_comparison;
|
int priority_comparison;
|
||||||
|
|
||||||
if (participant->is_obliged_key_server) {
|
if (participant->is_obliged_key_server) {
|
||||||
participant->new_sak = TRUE;
|
participant->new_sak = true;
|
||||||
participant->to_dist_sak = FALSE;
|
participant->to_dist_sak = false;
|
||||||
ieee802_1x_cp_set_electedself(kay->cp, TRUE);
|
ieee802_1x_cp_set_electedself(kay->cp, true);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -2295,7 +2295,7 @@ ieee802_1x_kay_elect_key_server(struct ieee802_1x_mka_participant *participant)
|
||||||
}
|
}
|
||||||
|
|
||||||
/* elect the key server between me and the above elected peer */
|
/* elect the key server between me and the above elected peer */
|
||||||
i_is_key_server = FALSE;
|
i_is_key_server = false;
|
||||||
if (key_server && participant->can_be_key_server) {
|
if (key_server && participant->can_be_key_server) {
|
||||||
struct ieee802_1x_kay_peer tmp;
|
struct ieee802_1x_kay_peer tmp;
|
||||||
|
|
||||||
|
@ -2303,29 +2303,29 @@ ieee802_1x_kay_elect_key_server(struct ieee802_1x_mka_participant *participant)
|
||||||
os_memcpy(&tmp.sci, &kay->actor_sci, sizeof(tmp.sci));
|
os_memcpy(&tmp.sci, &kay->actor_sci, sizeof(tmp.sci));
|
||||||
priority_comparison = compare_priorities(&tmp, key_server);
|
priority_comparison = compare_priorities(&tmp, key_server);
|
||||||
if (priority_comparison < 0) {
|
if (priority_comparison < 0) {
|
||||||
i_is_key_server = TRUE;
|
i_is_key_server = true;
|
||||||
} else if (priority_comparison == 0) {
|
} else if (priority_comparison == 0) {
|
||||||
wpa_printf(MSG_WARNING,
|
wpa_printf(MSG_WARNING,
|
||||||
"KaY: Cannot elect key server between me and peer, duplicate MAC detected");
|
"KaY: Cannot elect key server between me and peer, duplicate MAC detected");
|
||||||
key_server = NULL;
|
key_server = NULL;
|
||||||
}
|
}
|
||||||
} else if (participant->can_be_key_server) {
|
} else if (participant->can_be_key_server) {
|
||||||
i_is_key_server = TRUE;
|
i_is_key_server = true;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (i_is_key_server) {
|
if (i_is_key_server) {
|
||||||
ieee802_1x_cp_set_electedself(kay->cp, TRUE);
|
ieee802_1x_cp_set_electedself(kay->cp, true);
|
||||||
if (!sci_equal(&kay->key_server_sci, &kay->actor_sci)) {
|
if (!sci_equal(&kay->key_server_sci, &kay->actor_sci)) {
|
||||||
ieee802_1x_cp_signal_chgdserver(kay->cp);
|
ieee802_1x_cp_signal_chgdserver(kay->cp);
|
||||||
ieee802_1x_cp_sm_step(kay->cp);
|
ieee802_1x_cp_sm_step(kay->cp);
|
||||||
}
|
}
|
||||||
|
|
||||||
participant->is_key_server = TRUE;
|
participant->is_key_server = true;
|
||||||
participant->principal = TRUE;
|
participant->principal = true;
|
||||||
participant->new_sak = TRUE;
|
participant->new_sak = true;
|
||||||
wpa_printf(MSG_DEBUG, "KaY: I am elected as key server");
|
wpa_printf(MSG_DEBUG, "KaY: I am elected as key server");
|
||||||
participant->to_dist_sak = FALSE;
|
participant->to_dist_sak = false;
|
||||||
participant->is_elected = TRUE;
|
participant->is_elected = true;
|
||||||
|
|
||||||
os_memcpy(&kay->key_server_sci, &kay->actor_sci,
|
os_memcpy(&kay->key_server_sci, &kay->actor_sci,
|
||||||
sizeof(kay->key_server_sci));
|
sizeof(kay->key_server_sci));
|
||||||
|
@ -2334,23 +2334,23 @@ ieee802_1x_kay_elect_key_server(struct ieee802_1x_mka_participant *participant)
|
||||||
wpa_printf(MSG_DEBUG,
|
wpa_printf(MSG_DEBUG,
|
||||||
"KaY: Peer %s was elected as the key server",
|
"KaY: Peer %s was elected as the key server",
|
||||||
mi_txt(key_server->mi));
|
mi_txt(key_server->mi));
|
||||||
ieee802_1x_cp_set_electedself(kay->cp, FALSE);
|
ieee802_1x_cp_set_electedself(kay->cp, false);
|
||||||
if (!sci_equal(&kay->key_server_sci, &key_server->sci)) {
|
if (!sci_equal(&kay->key_server_sci, &key_server->sci)) {
|
||||||
ieee802_1x_cp_signal_chgdserver(kay->cp);
|
ieee802_1x_cp_signal_chgdserver(kay->cp);
|
||||||
ieee802_1x_cp_sm_step(kay->cp);
|
ieee802_1x_cp_sm_step(kay->cp);
|
||||||
}
|
}
|
||||||
|
|
||||||
participant->is_key_server = FALSE;
|
participant->is_key_server = false;
|
||||||
participant->principal = TRUE;
|
participant->principal = true;
|
||||||
participant->is_elected = TRUE;
|
participant->is_elected = true;
|
||||||
|
|
||||||
os_memcpy(&kay->key_server_sci, &key_server->sci,
|
os_memcpy(&kay->key_server_sci, &key_server->sci,
|
||||||
sizeof(kay->key_server_sci));
|
sizeof(kay->key_server_sci));
|
||||||
kay->key_server_priority = key_server->key_server_priority;
|
kay->key_server_priority = key_server->key_server_priority;
|
||||||
} else {
|
} else {
|
||||||
participant->principal = FALSE;
|
participant->principal = false;
|
||||||
participant->is_key_server = FALSE;
|
participant->is_key_server = false;
|
||||||
participant->is_elected = FALSE;
|
participant->is_elected = false;
|
||||||
}
|
}
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
|
@ -2370,24 +2370,24 @@ ieee802_1x_kay_decide_macsec_use(
|
||||||
struct ieee802_1x_kay *kay = participant->kay;
|
struct ieee802_1x_kay *kay = participant->kay;
|
||||||
struct ieee802_1x_kay_peer *peer;
|
struct ieee802_1x_kay_peer *peer;
|
||||||
enum macsec_cap less_capability;
|
enum macsec_cap less_capability;
|
||||||
Boolean has_peer;
|
bool has_peer;
|
||||||
|
|
||||||
if (!participant->is_key_server)
|
if (!participant->is_key_server)
|
||||||
return -1;
|
return -1;
|
||||||
|
|
||||||
/* key server self is MACsec-desired and requesting MACsec */
|
/* key server self is MACsec-desired and requesting MACsec */
|
||||||
if (!kay->macsec_desired) {
|
if (!kay->macsec_desired) {
|
||||||
participant->advised_desired = FALSE;
|
participant->advised_desired = false;
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
if (kay->macsec_capable == MACSEC_CAP_NOT_IMPLEMENTED) {
|
if (kay->macsec_capable == MACSEC_CAP_NOT_IMPLEMENTED) {
|
||||||
participant->advised_desired = FALSE;
|
participant->advised_desired = false;
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
less_capability = kay->macsec_capable;
|
less_capability = kay->macsec_capable;
|
||||||
|
|
||||||
/* at least one of peers is MACsec-desired and requesting MACsec */
|
/* at least one of peers is MACsec-desired and requesting MACsec */
|
||||||
has_peer = FALSE;
|
has_peer = false;
|
||||||
dl_list_for_each(peer, &participant->live_peers,
|
dl_list_for_each(peer, &participant->live_peers,
|
||||||
struct ieee802_1x_kay_peer, list) {
|
struct ieee802_1x_kay_peer, list) {
|
||||||
if (!peer->macsec_desired)
|
if (!peer->macsec_desired)
|
||||||
|
@ -2398,24 +2398,24 @@ ieee802_1x_kay_decide_macsec_use(
|
||||||
|
|
||||||
less_capability = (less_capability < peer->macsec_capability) ?
|
less_capability = (less_capability < peer->macsec_capability) ?
|
||||||
less_capability : peer->macsec_capability;
|
less_capability : peer->macsec_capability;
|
||||||
has_peer = TRUE;
|
has_peer = true;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (has_peer) {
|
if (has_peer) {
|
||||||
participant->advised_desired = TRUE;
|
participant->advised_desired = true;
|
||||||
participant->advised_capability = less_capability;
|
participant->advised_capability = less_capability;
|
||||||
kay->authenticated = FALSE;
|
kay->authenticated = false;
|
||||||
kay->secured = TRUE;
|
kay->secured = true;
|
||||||
kay->failed = FALSE;
|
kay->failed = false;
|
||||||
ieee802_1x_cp_connect_secure(kay->cp);
|
ieee802_1x_cp_connect_secure(kay->cp);
|
||||||
ieee802_1x_cp_sm_step(kay->cp);
|
ieee802_1x_cp_sm_step(kay->cp);
|
||||||
} else {
|
} else {
|
||||||
participant->advised_desired = FALSE;
|
participant->advised_desired = false;
|
||||||
participant->advised_capability = MACSEC_CAP_NOT_IMPLEMENTED;
|
participant->advised_capability = MACSEC_CAP_NOT_IMPLEMENTED;
|
||||||
participant->to_use_sak = FALSE;
|
participant->to_use_sak = false;
|
||||||
kay->authenticated = TRUE;
|
kay->authenticated = true;
|
||||||
kay->secured = FALSE;
|
kay->secured = false;
|
||||||
kay->failed = FALSE;
|
kay->failed = false;
|
||||||
kay->ltx_kn = 0;
|
kay->ltx_kn = 0;
|
||||||
kay->ltx_an = 0;
|
kay->ltx_an = 0;
|
||||||
kay->lrx_kn = 0;
|
kay->lrx_kn = 0;
|
||||||
|
@ -2514,8 +2514,8 @@ ieee802_1x_participant_send_mkpdu(
|
||||||
l2_packet_send(kay->l2_mka, NULL, 0, wpabuf_head(buf), wpabuf_len(buf));
|
l2_packet_send(kay->l2_mka, NULL, 0, wpabuf_head(buf), wpabuf_len(buf));
|
||||||
wpabuf_free(buf);
|
wpabuf_free(buf);
|
||||||
|
|
||||||
kay->active = TRUE;
|
kay->active = true;
|
||||||
participant->active = TRUE;
|
participant->active = true;
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
@ -2541,7 +2541,7 @@ static void ieee802_1x_participant_timer(void *eloop_ctx, void *timeout_ctx)
|
||||||
struct ieee802_1x_kay *kay;
|
struct ieee802_1x_kay *kay;
|
||||||
struct ieee802_1x_kay_peer *peer, *pre_peer;
|
struct ieee802_1x_kay_peer *peer, *pre_peer;
|
||||||
time_t now = time(NULL);
|
time_t now = time(NULL);
|
||||||
Boolean lp_changed;
|
bool lp_changed;
|
||||||
struct receive_sc *rxsc, *pre_rxsc;
|
struct receive_sc *rxsc, *pre_rxsc;
|
||||||
struct transmit_sa *txsa, *pre_txsa;
|
struct transmit_sa *txsa, *pre_txsa;
|
||||||
|
|
||||||
|
@ -2565,7 +2565,7 @@ static void ieee802_1x_participant_timer(void *eloop_ctx, void *timeout_ctx)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
lp_changed = FALSE;
|
lp_changed = false;
|
||||||
dl_list_for_each_safe(peer, pre_peer, &participant->live_peers,
|
dl_list_for_each_safe(peer, pre_peer, &participant->live_peers,
|
||||||
struct ieee802_1x_kay_peer, list) {
|
struct ieee802_1x_kay_peer, list) {
|
||||||
if (now > peer->expire) {
|
if (now > peer->expire) {
|
||||||
|
@ -2583,25 +2583,25 @@ static void ieee802_1x_participant_timer(void *eloop_ctx, void *timeout_ctx)
|
||||||
}
|
}
|
||||||
dl_list_del(&peer->list);
|
dl_list_del(&peer->list);
|
||||||
os_free(peer);
|
os_free(peer);
|
||||||
lp_changed = TRUE;
|
lp_changed = true;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (lp_changed) {
|
if (lp_changed) {
|
||||||
if (dl_list_empty(&participant->live_peers)) {
|
if (dl_list_empty(&participant->live_peers)) {
|
||||||
participant->advised_desired = FALSE;
|
participant->advised_desired = false;
|
||||||
participant->advised_capability =
|
participant->advised_capability =
|
||||||
MACSEC_CAP_NOT_IMPLEMENTED;
|
MACSEC_CAP_NOT_IMPLEMENTED;
|
||||||
participant->to_use_sak = FALSE;
|
participant->to_use_sak = false;
|
||||||
participant->ltx = FALSE;
|
participant->ltx = false;
|
||||||
participant->lrx = FALSE;
|
participant->lrx = false;
|
||||||
participant->otx = FALSE;
|
participant->otx = false;
|
||||||
participant->orx = FALSE;
|
participant->orx = false;
|
||||||
participant->is_key_server = FALSE;
|
participant->is_key_server = false;
|
||||||
participant->is_elected = FALSE;
|
participant->is_elected = false;
|
||||||
kay->authenticated = FALSE;
|
kay->authenticated = false;
|
||||||
kay->secured = FALSE;
|
kay->secured = false;
|
||||||
kay->failed = FALSE;
|
kay->failed = false;
|
||||||
kay->ltx_kn = 0;
|
kay->ltx_kn = 0;
|
||||||
kay->ltx_an = 0;
|
kay->ltx_an = 0;
|
||||||
kay->lrx_kn = 0;
|
kay->lrx_kn = 0;
|
||||||
|
@ -2638,9 +2638,9 @@ static void ieee802_1x_participant_timer(void *eloop_ctx, void *timeout_ctx)
|
||||||
|
|
||||||
if (participant->new_sak && participant->is_key_server) {
|
if (participant->new_sak && participant->is_key_server) {
|
||||||
if (!ieee802_1x_kay_generate_new_sak(participant))
|
if (!ieee802_1x_kay_generate_new_sak(participant))
|
||||||
participant->to_dist_sak = TRUE;
|
participant->to_dist_sak = true;
|
||||||
|
|
||||||
participant->new_sak = FALSE;
|
participant->new_sak = false;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (participant->retry_count < MAX_RETRY_CNT ||
|
if (participant->retry_count < MAX_RETRY_CNT ||
|
||||||
|
@ -2656,9 +2656,9 @@ static void ieee802_1x_participant_timer(void *eloop_ctx, void *timeout_ctx)
|
||||||
return;
|
return;
|
||||||
|
|
||||||
delete_mka:
|
delete_mka:
|
||||||
kay->authenticated = FALSE;
|
kay->authenticated = false;
|
||||||
kay->secured = FALSE;
|
kay->secured = false;
|
||||||
kay->failed = TRUE;
|
kay->failed = true;
|
||||||
ieee802_1x_kay_delete_mka(kay, &participant->ckn);
|
ieee802_1x_kay_delete_mka(kay, &participant->ckn);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -2672,8 +2672,8 @@ ieee802_1x_kay_init_transmit_sa(struct transmit_sc *psc, u8 an, u32 next_PN,
|
||||||
{
|
{
|
||||||
struct transmit_sa *psa;
|
struct transmit_sa *psa;
|
||||||
|
|
||||||
key->tx_latest = TRUE;
|
key->tx_latest = true;
|
||||||
key->rx_latest = TRUE;
|
key->rx_latest = true;
|
||||||
|
|
||||||
psa = os_zalloc(sizeof(*psa));
|
psa = os_zalloc(sizeof(*psa));
|
||||||
if (!psa) {
|
if (!psa) {
|
||||||
|
@ -2683,9 +2683,9 @@ ieee802_1x_kay_init_transmit_sa(struct transmit_sc *psc, u8 an, u32 next_PN,
|
||||||
|
|
||||||
if (key->confidentiality_offset >= CONFIDENTIALITY_OFFSET_0 &&
|
if (key->confidentiality_offset >= CONFIDENTIALITY_OFFSET_0 &&
|
||||||
key->confidentiality_offset <= CONFIDENTIALITY_OFFSET_50)
|
key->confidentiality_offset <= CONFIDENTIALITY_OFFSET_50)
|
||||||
psa->confidentiality = TRUE;
|
psa->confidentiality = true;
|
||||||
else
|
else
|
||||||
psa->confidentiality = FALSE;
|
psa->confidentiality = false;
|
||||||
|
|
||||||
psa->an = an;
|
psa->an = an;
|
||||||
ieee802_1x_kay_use_data_key(key);
|
ieee802_1x_kay_use_data_key(key);
|
||||||
|
@ -2694,7 +2694,7 @@ ieee802_1x_kay_init_transmit_sa(struct transmit_sc *psc, u8 an, u32 next_PN,
|
||||||
psa->sc = psc;
|
psa->sc = psc;
|
||||||
|
|
||||||
os_get_time(&psa->created_time);
|
os_get_time(&psa->created_time);
|
||||||
psa->in_use = FALSE;
|
psa->in_use = false;
|
||||||
|
|
||||||
dl_list_add(&psc->sa_list, &psa->list);
|
dl_list_add(&psc->sa_list, &psa->list);
|
||||||
wpa_printf(MSG_DEBUG,
|
wpa_printf(MSG_DEBUG,
|
||||||
|
@ -2736,9 +2736,9 @@ ieee802_1x_kay_init_transmit_sc(const struct ieee802_1x_mka_sci *sci)
|
||||||
os_memcpy(&psc->sci, sci, sizeof(psc->sci));
|
os_memcpy(&psc->sci, sci, sizeof(psc->sci));
|
||||||
|
|
||||||
os_get_time(&psc->created_time);
|
os_get_time(&psc->created_time);
|
||||||
psc->transmitting = FALSE;
|
psc->transmitting = false;
|
||||||
psc->encoding_sa = FALSE;
|
psc->encoding_sa = false;
|
||||||
psc->enciphering_sa = FALSE;
|
psc->enciphering_sa = false;
|
||||||
|
|
||||||
dl_list_init(&psc->sa_list);
|
dl_list_init(&psc->sa_list);
|
||||||
wpa_printf(MSG_DEBUG, "KaY: Create transmit SC - SCI: %s",
|
wpa_printf(MSG_DEBUG, "KaY: Create transmit SC - SCI: %s",
|
||||||
|
@ -2772,7 +2772,7 @@ ieee802_1x_kay_deinit_transmit_sc(
|
||||||
*/
|
*/
|
||||||
int ieee802_1x_kay_set_latest_sa_attr(struct ieee802_1x_kay *kay,
|
int ieee802_1x_kay_set_latest_sa_attr(struct ieee802_1x_kay *kay,
|
||||||
struct ieee802_1x_mka_ki *lki, u8 lan,
|
struct ieee802_1x_mka_ki *lki, u8 lan,
|
||||||
Boolean ltx, Boolean lrx)
|
bool ltx, bool lrx)
|
||||||
{
|
{
|
||||||
struct ieee802_1x_mka_participant *principal;
|
struct ieee802_1x_mka_participant *principal;
|
||||||
|
|
||||||
|
@ -2807,7 +2807,7 @@ int ieee802_1x_kay_set_latest_sa_attr(struct ieee802_1x_kay *kay,
|
||||||
*/
|
*/
|
||||||
int ieee802_1x_kay_set_old_sa_attr(struct ieee802_1x_kay *kay,
|
int ieee802_1x_kay_set_old_sa_attr(struct ieee802_1x_kay *kay,
|
||||||
struct ieee802_1x_mka_ki *oki,
|
struct ieee802_1x_mka_ki *oki,
|
||||||
u8 oan, Boolean otx, Boolean orx)
|
u8 oan, bool otx, bool orx)
|
||||||
{
|
{
|
||||||
struct ieee802_1x_mka_participant *principal;
|
struct ieee802_1x_mka_participant *principal;
|
||||||
|
|
||||||
|
@ -2883,13 +2883,13 @@ int ieee802_1x_kay_create_sas(struct ieee802_1x_kay *kay,
|
||||||
latest_sak = NULL;
|
latest_sak = NULL;
|
||||||
dl_list_for_each(sa_key, &principal->sak_list, struct data_key, list) {
|
dl_list_for_each(sa_key, &principal->sak_list, struct data_key, list) {
|
||||||
if (is_ki_equal(&sa_key->key_identifier, lki)) {
|
if (is_ki_equal(&sa_key->key_identifier, lki)) {
|
||||||
sa_key->rx_latest = TRUE;
|
sa_key->rx_latest = true;
|
||||||
sa_key->tx_latest = TRUE;
|
sa_key->tx_latest = true;
|
||||||
latest_sak = sa_key;
|
latest_sak = sa_key;
|
||||||
principal->to_use_sak = TRUE;
|
principal->to_use_sak = true;
|
||||||
} else {
|
} else {
|
||||||
sa_key->rx_latest = FALSE;
|
sa_key->rx_latest = false;
|
||||||
sa_key->tx_latest = FALSE;
|
sa_key->tx_latest = false;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if (!latest_sak) {
|
if (!latest_sak) {
|
||||||
|
@ -2993,10 +2993,10 @@ int ieee802_1x_kay_enable_tx_sas(struct ieee802_1x_kay *kay,
|
||||||
dl_list_for_each(txsa, &principal->txsc->sa_list, struct transmit_sa,
|
dl_list_for_each(txsa, &principal->txsc->sa_list, struct transmit_sa,
|
||||||
list) {
|
list) {
|
||||||
if (is_ki_equal(&txsa->pkey->key_identifier, lki)) {
|
if (is_ki_equal(&txsa->pkey->key_identifier, lki)) {
|
||||||
txsa->in_use = TRUE;
|
txsa->in_use = true;
|
||||||
secy_enable_transmit_sa(kay, txsa);
|
secy_enable_transmit_sa(kay, txsa);
|
||||||
ieee802_1x_cp_set_usingtransmitas(
|
ieee802_1x_cp_set_usingtransmitas(
|
||||||
principal->kay->cp, TRUE);
|
principal->kay->cp, true);
|
||||||
ieee802_1x_cp_sm_step(principal->kay->cp);
|
ieee802_1x_cp_sm_step(principal->kay->cp);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -3023,10 +3023,10 @@ int ieee802_1x_kay_enable_rx_sas(struct ieee802_1x_kay *kay,
|
||||||
dl_list_for_each(rxsa, &rxsc->sa_list, struct receive_sa, list)
|
dl_list_for_each(rxsa, &rxsc->sa_list, struct receive_sa, list)
|
||||||
{
|
{
|
||||||
if (is_ki_equal(&rxsa->pkey->key_identifier, lki)) {
|
if (is_ki_equal(&rxsa->pkey->key_identifier, lki)) {
|
||||||
rxsa->in_use = TRUE;
|
rxsa->in_use = true;
|
||||||
secy_enable_receive_sa(kay, rxsa);
|
secy_enable_receive_sa(kay, rxsa);
|
||||||
ieee802_1x_cp_set_usingreceivesas(
|
ieee802_1x_cp_set_usingreceivesas(
|
||||||
principal->kay->cp, TRUE);
|
principal->kay->cp, true);
|
||||||
ieee802_1x_cp_sm_step(principal->kay->cp);
|
ieee802_1x_cp_sm_step(principal->kay->cp);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -3208,10 +3208,10 @@ static int ieee802_1x_kay_decode_mkpdu(struct ieee802_1x_kay *kay,
|
||||||
u8 body_type;
|
u8 body_type;
|
||||||
int i;
|
int i;
|
||||||
const u8 *pos;
|
const u8 *pos;
|
||||||
Boolean handled[256];
|
bool handled[256];
|
||||||
Boolean bad_sak_use = FALSE; /* Error detected while processing SAK Use
|
bool bad_sak_use = false; /* Error detected while processing SAK Use
|
||||||
* parameter set */
|
* parameter set */
|
||||||
Boolean i_in_peerlist, is_in_live_peer, is_in_potential_peer;
|
bool i_in_peerlist, is_in_live_peer, is_in_potential_peer;
|
||||||
|
|
||||||
wpa_printf(MSG_DEBUG, "KaY: Decode received MKPDU (ifname=%s)",
|
wpa_printf(MSG_DEBUG, "KaY: Decode received MKPDU (ifname=%s)",
|
||||||
kay->if_name);
|
kay->if_name);
|
||||||
|
@ -3268,9 +3268,9 @@ static int ieee802_1x_kay_decode_mkpdu(struct ieee802_1x_kay *kay,
|
||||||
* Each parameter set should be present only once.
|
* Each parameter set should be present only once.
|
||||||
*/
|
*/
|
||||||
for (i = 0; i < 256; i++)
|
for (i = 0; i < 256; i++)
|
||||||
handled[i] = FALSE;
|
handled[i] = false;
|
||||||
|
|
||||||
handled[0] = TRUE;
|
handled[0] = true;
|
||||||
for (; left_len > MKA_HDR_LEN + DEFAULT_ICV_LEN;
|
for (; left_len > MKA_HDR_LEN + DEFAULT_ICV_LEN;
|
||||||
pos += body_len + MKA_HDR_LEN,
|
pos += body_len + MKA_HDR_LEN,
|
||||||
left_len -= body_len + MKA_HDR_LEN) {
|
left_len -= body_len + MKA_HDR_LEN) {
|
||||||
|
@ -3296,7 +3296,7 @@ static int ieee802_1x_kay_decode_mkpdu(struct ieee802_1x_kay *kay,
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
|
|
||||||
handled[body_type] = TRUE;
|
handled[body_type] = true;
|
||||||
if (body_type < ARRAY_SIZE(mka_body_handler) &&
|
if (body_type < ARRAY_SIZE(mka_body_handler) &&
|
||||||
mka_body_handler[body_type].body_rx) {
|
mka_body_handler[body_type].body_rx) {
|
||||||
if (mka_body_handler[body_type].body_rx
|
if (mka_body_handler[body_type].body_rx
|
||||||
|
@ -3317,7 +3317,7 @@ static int ieee802_1x_kay_decode_mkpdu(struct ieee802_1x_kay *kay,
|
||||||
* that it somehow processes DIST-SAK before
|
* that it somehow processes DIST-SAK before
|
||||||
* SAK-USE, just ignore SAK-USE failures if
|
* SAK-USE, just ignore SAK-USE failures if
|
||||||
* DIST-SAK is also present in this MKPDU. */
|
* DIST-SAK is also present in this MKPDU. */
|
||||||
bad_sak_use = TRUE;
|
bad_sak_use = true;
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
wpa_printf(MSG_ERROR,
|
wpa_printf(MSG_ERROR,
|
||||||
|
@ -3386,9 +3386,9 @@ static int ieee802_1x_kay_decode_mkpdu(struct ieee802_1x_kay *kay,
|
||||||
* from 'potential_peers' to 'live_peers'. */
|
* from 'potential_peers' to 'live_peers'. */
|
||||||
}
|
}
|
||||||
|
|
||||||
kay->active = TRUE;
|
kay->active = true;
|
||||||
participant->retry_count = 0;
|
participant->retry_count = 0;
|
||||||
participant->active = TRUE;
|
participant->active = true;
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
@ -3455,7 +3455,7 @@ static void kay_l2_receive(void *ctx, const u8 *src_addr, const u8 *buf,
|
||||||
*/
|
*/
|
||||||
struct ieee802_1x_kay *
|
struct ieee802_1x_kay *
|
||||||
ieee802_1x_kay_init(struct ieee802_1x_kay_ctx *ctx, enum macsec_policy policy,
|
ieee802_1x_kay_init(struct ieee802_1x_kay_ctx *ctx, enum macsec_policy policy,
|
||||||
Boolean macsec_replay_protect, u32 macsec_replay_window,
|
bool macsec_replay_protect, u32 macsec_replay_window,
|
||||||
u16 port, u8 priority, const char *ifname, const u8 *addr)
|
u16 port, u8 priority, const char *ifname, const u8 *addr)
|
||||||
{
|
{
|
||||||
struct ieee802_1x_kay *kay;
|
struct ieee802_1x_kay *kay;
|
||||||
|
@ -3472,12 +3472,12 @@ ieee802_1x_kay_init(struct ieee802_1x_kay_ctx *ctx, enum macsec_policy policy,
|
||||||
|
|
||||||
kay->ctx = ctx;
|
kay->ctx = ctx;
|
||||||
|
|
||||||
kay->enable = TRUE;
|
kay->enable = true;
|
||||||
kay->active = FALSE;
|
kay->active = false;
|
||||||
|
|
||||||
kay->authenticated = FALSE;
|
kay->authenticated = false;
|
||||||
kay->secured = FALSE;
|
kay->secured = false;
|
||||||
kay->failed = FALSE;
|
kay->failed = false;
|
||||||
kay->policy = policy;
|
kay->policy = policy;
|
||||||
|
|
||||||
os_strlcpy(kay->if_name, ifname, IFNAMSIZ);
|
os_strlcpy(kay->if_name, ifname, IFNAMSIZ);
|
||||||
|
@ -3509,23 +3509,23 @@ ieee802_1x_kay_init(struct ieee802_1x_kay_ctx *ctx, enum macsec_policy policy,
|
||||||
if (policy == DO_NOT_SECURE ||
|
if (policy == DO_NOT_SECURE ||
|
||||||
kay->macsec_capable == MACSEC_CAP_NOT_IMPLEMENTED) {
|
kay->macsec_capable == MACSEC_CAP_NOT_IMPLEMENTED) {
|
||||||
kay->macsec_capable = MACSEC_CAP_NOT_IMPLEMENTED;
|
kay->macsec_capable = MACSEC_CAP_NOT_IMPLEMENTED;
|
||||||
kay->macsec_desired = FALSE;
|
kay->macsec_desired = false;
|
||||||
kay->macsec_protect = FALSE;
|
kay->macsec_protect = false;
|
||||||
kay->macsec_encrypt = FALSE;
|
kay->macsec_encrypt = false;
|
||||||
kay->macsec_validate = Disabled;
|
kay->macsec_validate = Disabled;
|
||||||
kay->macsec_replay_protect = FALSE;
|
kay->macsec_replay_protect = false;
|
||||||
kay->macsec_replay_window = 0;
|
kay->macsec_replay_window = 0;
|
||||||
kay->macsec_confidentiality = CONFIDENTIALITY_NONE;
|
kay->macsec_confidentiality = CONFIDENTIALITY_NONE;
|
||||||
kay->mka_hello_time = MKA_HELLO_TIME;
|
kay->mka_hello_time = MKA_HELLO_TIME;
|
||||||
} else {
|
} else {
|
||||||
kay->macsec_desired = TRUE;
|
kay->macsec_desired = true;
|
||||||
kay->macsec_protect = TRUE;
|
kay->macsec_protect = true;
|
||||||
if (kay->macsec_capable >= MACSEC_CAP_INTEG_AND_CONF &&
|
if (kay->macsec_capable >= MACSEC_CAP_INTEG_AND_CONF &&
|
||||||
policy == SHOULD_ENCRYPT) {
|
policy == SHOULD_ENCRYPT) {
|
||||||
kay->macsec_encrypt = TRUE;
|
kay->macsec_encrypt = true;
|
||||||
kay->macsec_confidentiality = CONFIDENTIALITY_OFFSET_0;
|
kay->macsec_confidentiality = CONFIDENTIALITY_OFFSET_0;
|
||||||
} else { /* SHOULD_SECURE */
|
} else { /* SHOULD_SECURE */
|
||||||
kay->macsec_encrypt = FALSE;
|
kay->macsec_encrypt = false;
|
||||||
kay->macsec_confidentiality = CONFIDENTIALITY_NONE;
|
kay->macsec_confidentiality = CONFIDENTIALITY_NONE;
|
||||||
}
|
}
|
||||||
kay->macsec_validate = Strict;
|
kay->macsec_validate = Strict;
|
||||||
|
@ -3623,7 +3623,7 @@ struct ieee802_1x_mka_participant *
|
||||||
ieee802_1x_kay_create_mka(struct ieee802_1x_kay *kay,
|
ieee802_1x_kay_create_mka(struct ieee802_1x_kay *kay,
|
||||||
const struct mka_key_name *ckn,
|
const struct mka_key_name *ckn,
|
||||||
const struct mka_key *cak, u32 life,
|
const struct mka_key *cak, u32 life,
|
||||||
enum mka_created_mode mode, Boolean is_authenticator)
|
enum mka_created_mode mode, bool is_authenticator)
|
||||||
{
|
{
|
||||||
struct ieee802_1x_mka_participant *participant;
|
struct ieee802_1x_mka_participant *participant;
|
||||||
unsigned int usecs;
|
unsigned int usecs;
|
||||||
|
@ -3671,40 +3671,40 @@ ieee802_1x_kay_create_mka(struct ieee802_1x_kay *kay,
|
||||||
switch (mode) {
|
switch (mode) {
|
||||||
case EAP_EXCHANGE:
|
case EAP_EXCHANGE:
|
||||||
if (is_authenticator) {
|
if (is_authenticator) {
|
||||||
participant->is_obliged_key_server = TRUE;
|
participant->is_obliged_key_server = true;
|
||||||
participant->can_be_key_server = TRUE;
|
participant->can_be_key_server = true;
|
||||||
participant->is_key_server = TRUE;
|
participant->is_key_server = true;
|
||||||
participant->principal = TRUE;
|
participant->principal = true;
|
||||||
|
|
||||||
os_memcpy(&kay->key_server_sci, &kay->actor_sci,
|
os_memcpy(&kay->key_server_sci, &kay->actor_sci,
|
||||||
sizeof(kay->key_server_sci));
|
sizeof(kay->key_server_sci));
|
||||||
kay->key_server_priority = kay->actor_priority;
|
kay->key_server_priority = kay->actor_priority;
|
||||||
participant->is_elected = TRUE;
|
participant->is_elected = true;
|
||||||
} else {
|
} else {
|
||||||
participant->is_obliged_key_server = FALSE;
|
participant->is_obliged_key_server = false;
|
||||||
participant->can_be_key_server = FALSE;
|
participant->can_be_key_server = false;
|
||||||
participant->is_key_server = FALSE;
|
participant->is_key_server = false;
|
||||||
participant->is_elected = TRUE;
|
participant->is_elected = true;
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
|
|
||||||
default:
|
default:
|
||||||
participant->is_obliged_key_server = FALSE;
|
participant->is_obliged_key_server = false;
|
||||||
participant->can_be_key_server = TRUE;
|
participant->can_be_key_server = true;
|
||||||
participant->is_key_server = TRUE;
|
participant->is_key_server = true;
|
||||||
participant->is_elected = FALSE;
|
participant->is_elected = false;
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
participant->cached = FALSE;
|
participant->cached = false;
|
||||||
|
|
||||||
participant->active = FALSE;
|
participant->active = false;
|
||||||
participant->participant = FALSE;
|
participant->participant = false;
|
||||||
participant->retain = FALSE;
|
participant->retain = false;
|
||||||
participant->activate = DEFAULT;
|
participant->activate = DEFAULT;
|
||||||
|
|
||||||
if (participant->is_key_server)
|
if (participant->is_key_server)
|
||||||
participant->principal = TRUE;
|
participant->principal = true;
|
||||||
|
|
||||||
dl_list_init(&participant->live_peers);
|
dl_list_init(&participant->live_peers);
|
||||||
dl_list_init(&participant->potential_peers);
|
dl_list_init(&participant->potential_peers);
|
||||||
|
@ -3717,13 +3717,13 @@ ieee802_1x_kay_create_mka(struct ieee802_1x_kay *kay,
|
||||||
wpa_printf(MSG_DEBUG, "KaY: Selected random MI: %s",
|
wpa_printf(MSG_DEBUG, "KaY: Selected random MI: %s",
|
||||||
mi_txt(participant->mi));
|
mi_txt(participant->mi));
|
||||||
|
|
||||||
participant->lrx = FALSE;
|
participant->lrx = false;
|
||||||
participant->ltx = FALSE;
|
participant->ltx = false;
|
||||||
participant->orx = FALSE;
|
participant->orx = false;
|
||||||
participant->otx = FALSE;
|
participant->otx = false;
|
||||||
participant->to_dist_sak = FALSE;
|
participant->to_dist_sak = false;
|
||||||
participant->to_use_sak = FALSE;
|
participant->to_use_sak = false;
|
||||||
participant->new_sak = FALSE;
|
participant->new_sak = false;
|
||||||
dl_list_init(&participant->sak_list);
|
dl_list_init(&participant->sak_list);
|
||||||
participant->new_key = NULL;
|
participant->new_key = NULL;
|
||||||
dl_list_init(&participant->rxsc_list);
|
dl_list_init(&participant->rxsc_list);
|
||||||
|
@ -3856,8 +3856,7 @@ ieee802_1x_kay_delete_mka(struct ieee802_1x_kay *kay, struct mka_key_name *ckn)
|
||||||
* ieee802_1x_kay_mka_participate -
|
* ieee802_1x_kay_mka_participate -
|
||||||
*/
|
*/
|
||||||
void ieee802_1x_kay_mka_participate(struct ieee802_1x_kay *kay,
|
void ieee802_1x_kay_mka_participate(struct ieee802_1x_kay *kay,
|
||||||
struct mka_key_name *ckn,
|
struct mka_key_name *ckn, bool status)
|
||||||
Boolean status)
|
|
||||||
{
|
{
|
||||||
struct ieee802_1x_mka_participant *participant;
|
struct ieee802_1x_mka_participant *participant;
|
||||||
|
|
||||||
|
@ -3887,7 +3886,7 @@ ieee802_1x_kay_new_sak(struct ieee802_1x_kay *kay)
|
||||||
if (!participant)
|
if (!participant)
|
||||||
return -1;
|
return -1;
|
||||||
|
|
||||||
participant->new_sak = TRUE;
|
participant->new_sak = true;
|
||||||
wpa_printf(MSG_DEBUG, "KaY: new SAK signal");
|
wpa_printf(MSG_DEBUG, "KaY: new SAK signal");
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
|
@ -3916,7 +3915,7 @@ ieee802_1x_kay_change_cipher_suite(struct ieee802_1x_kay *kay,
|
||||||
return -2;
|
return -2;
|
||||||
|
|
||||||
if (cs_index == 0)
|
if (cs_index == 0)
|
||||||
kay->macsec_desired = FALSE;
|
kay->macsec_desired = false;
|
||||||
|
|
||||||
kay->macsec_csindex = cs_index;
|
kay->macsec_csindex = cs_index;
|
||||||
kay->macsec_capable = cipher_suite_tbl[kay->macsec_csindex].capable;
|
kay->macsec_capable = cipher_suite_tbl[kay->macsec_csindex].capable;
|
||||||
|
@ -3930,7 +3929,7 @@ ieee802_1x_kay_change_cipher_suite(struct ieee802_1x_kay *kay,
|
||||||
participant = ieee802_1x_kay_get_principal_participant(kay);
|
participant = ieee802_1x_kay_get_principal_participant(kay);
|
||||||
if (participant) {
|
if (participant) {
|
||||||
wpa_printf(MSG_INFO, "KaY: Cipher Suite changed");
|
wpa_printf(MSG_INFO, "KaY: Cipher Suite changed");
|
||||||
participant->new_sak = TRUE;
|
participant->new_sak = true;
|
||||||
}
|
}
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
|
@ -4044,7 +4043,7 @@ int ieee802_1x_kay_get_status(struct ieee802_1x_kay *kay, char *buf,
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
static const char * true_false(Boolean val)
|
static const char * true_false(bool val)
|
||||||
{
|
{
|
||||||
return val ? "true" : "false";
|
return val ? "true" : "false";
|
||||||
}
|
}
|
||||||
|
@ -4067,7 +4066,7 @@ static const char * activate_control_txt(enum activate_ctrl activate)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
static char * mka_mib_peer(struct dl_list *peers, Boolean live, char *buf,
|
static char * mka_mib_peer(struct dl_list *peers, bool live, char *buf,
|
||||||
char *end)
|
char *end)
|
||||||
{
|
{
|
||||||
char *pos = buf;
|
char *pos = buf;
|
||||||
|
@ -4134,8 +4133,8 @@ int ieee802_1x_kay_get_mib(struct ieee802_1x_kay *kay, char *buf,
|
||||||
pos2 += res;
|
pos2 += res;
|
||||||
pos = pos2;
|
pos = pos2;
|
||||||
|
|
||||||
pos = mka_mib_peer(&p->live_peers, TRUE, pos, end);
|
pos = mka_mib_peer(&p->live_peers, true, pos, end);
|
||||||
pos = mka_mib_peer(&p->potential_peers, FALSE, pos, end);
|
pos = mka_mib_peer(&p->potential_peers, false, pos, end);
|
||||||
}
|
}
|
||||||
|
|
||||||
return pos - buf;
|
return pos - buf;
|
||||||
|
|
|
@ -62,14 +62,14 @@ struct data_key {
|
||||||
struct ieee802_1x_mka_ki key_identifier;
|
struct ieee802_1x_mka_ki key_identifier;
|
||||||
enum confidentiality_offset confidentiality_offset;
|
enum confidentiality_offset confidentiality_offset;
|
||||||
u8 an;
|
u8 an;
|
||||||
Boolean transmits;
|
bool transmits;
|
||||||
Boolean receives;
|
bool receives;
|
||||||
struct os_time created_time;
|
struct os_time created_time;
|
||||||
u32 next_pn;
|
u32 next_pn;
|
||||||
|
|
||||||
/* not defined data */
|
/* not defined data */
|
||||||
Boolean rx_latest;
|
bool rx_latest;
|
||||||
Boolean tx_latest;
|
bool tx_latest;
|
||||||
|
|
||||||
int user;
|
int user;
|
||||||
|
|
||||||
|
@ -79,7 +79,7 @@ struct data_key {
|
||||||
/* TransmitSC in IEEE Std 802.1AE-2006, Figure 10-6 */
|
/* TransmitSC in IEEE Std 802.1AE-2006, Figure 10-6 */
|
||||||
struct transmit_sc {
|
struct transmit_sc {
|
||||||
struct ieee802_1x_mka_sci sci; /* const SCI sci */
|
struct ieee802_1x_mka_sci sci; /* const SCI sci */
|
||||||
Boolean transmitting; /* bool transmitting (read only) */
|
bool transmitting; /* bool transmitting (read only) */
|
||||||
|
|
||||||
struct os_time created_time; /* Time createdTime */
|
struct os_time created_time; /* Time createdTime */
|
||||||
|
|
||||||
|
@ -93,14 +93,14 @@ struct transmit_sc {
|
||||||
|
|
||||||
/* TransmitSA in IEEE Std 802.1AE-2006, Figure 10-6 */
|
/* TransmitSA in IEEE Std 802.1AE-2006, Figure 10-6 */
|
||||||
struct transmit_sa {
|
struct transmit_sa {
|
||||||
Boolean in_use; /* bool inUse (read only) */
|
bool in_use; /* bool inUse (read only) */
|
||||||
u32 next_pn; /* PN nextPN (read only) */
|
u32 next_pn; /* PN nextPN (read only) */
|
||||||
struct os_time created_time; /* Time createdTime */
|
struct os_time created_time; /* Time createdTime */
|
||||||
|
|
||||||
Boolean enable_transmit; /* bool EnableTransmit */
|
bool enable_transmit; /* bool EnableTransmit */
|
||||||
|
|
||||||
u8 an;
|
u8 an;
|
||||||
Boolean confidentiality;
|
bool confidentiality;
|
||||||
struct data_key *pkey;
|
struct data_key *pkey;
|
||||||
|
|
||||||
struct transmit_sc *sc;
|
struct transmit_sc *sc;
|
||||||
|
@ -110,7 +110,7 @@ struct transmit_sa {
|
||||||
/* ReceiveSC in IEEE Std 802.1AE-2006, Figure 10-6 */
|
/* ReceiveSC in IEEE Std 802.1AE-2006, Figure 10-6 */
|
||||||
struct receive_sc {
|
struct receive_sc {
|
||||||
struct ieee802_1x_mka_sci sci; /* const SCI sci */
|
struct ieee802_1x_mka_sci sci; /* const SCI sci */
|
||||||
Boolean receiving; /* bool receiving (read only) */
|
bool receiving; /* bool receiving (read only) */
|
||||||
|
|
||||||
struct os_time created_time; /* Time createdTime */
|
struct os_time created_time; /* Time createdTime */
|
||||||
|
|
||||||
|
@ -120,8 +120,8 @@ struct receive_sc {
|
||||||
|
|
||||||
/* ReceiveSA in IEEE Std 802.1AE-2006, Figure 10-6 */
|
/* ReceiveSA in IEEE Std 802.1AE-2006, Figure 10-6 */
|
||||||
struct receive_sa {
|
struct receive_sa {
|
||||||
Boolean enable_receive; /* bool enableReceive */
|
bool enable_receive; /* bool enableReceive */
|
||||||
Boolean in_use; /* bool inUse (read only) */
|
bool in_use; /* bool inUse (read only) */
|
||||||
|
|
||||||
u32 next_pn; /* PN nextPN (read only) */
|
u32 next_pn; /* PN nextPN (read only) */
|
||||||
u32 lowest_pn; /* PN lowestPN (read only) */
|
u32 lowest_pn; /* PN lowestPN (read only) */
|
||||||
|
@ -142,11 +142,11 @@ struct ieee802_1x_kay_ctx {
|
||||||
int (*macsec_init)(void *ctx, struct macsec_init_params *params);
|
int (*macsec_init)(void *ctx, struct macsec_init_params *params);
|
||||||
int (*macsec_deinit)(void *ctx);
|
int (*macsec_deinit)(void *ctx);
|
||||||
int (*macsec_get_capability)(void *priv, enum macsec_cap *cap);
|
int (*macsec_get_capability)(void *priv, enum macsec_cap *cap);
|
||||||
int (*enable_protect_frames)(void *ctx, Boolean enabled);
|
int (*enable_protect_frames)(void *ctx, bool enabled);
|
||||||
int (*enable_encrypt)(void *ctx, Boolean enabled);
|
int (*enable_encrypt)(void *ctx, bool enabled);
|
||||||
int (*set_replay_protect)(void *ctx, Boolean enabled, u32 window);
|
int (*set_replay_protect)(void *ctx, bool enabled, u32 window);
|
||||||
int (*set_current_cipher_suite)(void *ctx, u64 cs);
|
int (*set_current_cipher_suite)(void *ctx, u64 cs);
|
||||||
int (*enable_controlled_port)(void *ctx, Boolean enabled);
|
int (*enable_controlled_port)(void *ctx, bool enabled);
|
||||||
int (*get_receive_lowest_pn)(void *ctx, struct receive_sa *sa);
|
int (*get_receive_lowest_pn)(void *ctx, struct receive_sa *sa);
|
||||||
int (*get_transmit_next_pn)(void *ctx, struct transmit_sa *sa);
|
int (*get_transmit_next_pn)(void *ctx, struct transmit_sa *sa);
|
||||||
int (*set_transmit_next_pn)(void *ctx, struct transmit_sa *sa);
|
int (*set_transmit_next_pn)(void *ctx, struct transmit_sa *sa);
|
||||||
|
@ -169,12 +169,12 @@ struct ieee802_1x_kay_ctx {
|
||||||
};
|
};
|
||||||
|
|
||||||
struct ieee802_1x_kay {
|
struct ieee802_1x_kay {
|
||||||
Boolean enable;
|
bool enable;
|
||||||
Boolean active;
|
bool active;
|
||||||
|
|
||||||
Boolean authenticated;
|
bool authenticated;
|
||||||
Boolean secured;
|
bool secured;
|
||||||
Boolean failed;
|
bool failed;
|
||||||
|
|
||||||
struct ieee802_1x_mka_sci actor_sci;
|
struct ieee802_1x_mka_sci actor_sci;
|
||||||
u8 actor_priority;
|
u8 actor_priority;
|
||||||
|
@ -182,10 +182,10 @@ struct ieee802_1x_kay {
|
||||||
u8 key_server_priority;
|
u8 key_server_priority;
|
||||||
|
|
||||||
enum macsec_cap macsec_capable;
|
enum macsec_cap macsec_capable;
|
||||||
Boolean macsec_desired;
|
bool macsec_desired;
|
||||||
Boolean macsec_protect;
|
bool macsec_protect;
|
||||||
Boolean macsec_encrypt;
|
bool macsec_encrypt;
|
||||||
Boolean macsec_replay_protect;
|
bool macsec_replay_protect;
|
||||||
u32 macsec_replay_window;
|
u32 macsec_replay_window;
|
||||||
enum validate_frames macsec_validate;
|
enum validate_frames macsec_validate;
|
||||||
enum confidentiality_offset macsec_confidentiality;
|
enum confidentiality_offset macsec_confidentiality;
|
||||||
|
@ -203,8 +203,8 @@ struct ieee802_1x_kay {
|
||||||
|
|
||||||
/* not defined in IEEE802.1X */
|
/* not defined in IEEE802.1X */
|
||||||
struct ieee802_1x_kay_ctx *ctx;
|
struct ieee802_1x_kay_ctx *ctx;
|
||||||
Boolean is_key_server;
|
bool is_key_server;
|
||||||
Boolean is_obliged_key_server;
|
bool is_obliged_key_server;
|
||||||
char if_name[IFNAMSIZ];
|
char if_name[IFNAMSIZ];
|
||||||
|
|
||||||
unsigned int macsec_csindex; /* MACsec cipher suite table index */
|
unsigned int macsec_csindex; /* MACsec cipher suite table index */
|
||||||
|
@ -219,9 +219,9 @@ struct ieee802_1x_kay {
|
||||||
u8 algo_agility[4];
|
u8 algo_agility[4];
|
||||||
|
|
||||||
u32 pn_exhaustion;
|
u32 pn_exhaustion;
|
||||||
Boolean port_enable;
|
bool port_enable;
|
||||||
Boolean rx_enable;
|
bool rx_enable;
|
||||||
Boolean tx_enable;
|
bool tx_enable;
|
||||||
|
|
||||||
struct dl_list participant_list;
|
struct dl_list participant_list;
|
||||||
enum macsec_policy policy;
|
enum macsec_policy policy;
|
||||||
|
@ -239,7 +239,7 @@ u64 mka_sci_u64(struct ieee802_1x_mka_sci *sci);
|
||||||
|
|
||||||
struct ieee802_1x_kay *
|
struct ieee802_1x_kay *
|
||||||
ieee802_1x_kay_init(struct ieee802_1x_kay_ctx *ctx, enum macsec_policy policy,
|
ieee802_1x_kay_init(struct ieee802_1x_kay_ctx *ctx, enum macsec_policy policy,
|
||||||
Boolean macsec_replay_protect, u32 macsec_replay_window,
|
bool macsec_replay_protect, u32 macsec_replay_window,
|
||||||
u16 port, u8 priority, const char *ifname, const u8 *addr);
|
u16 port, u8 priority, const char *ifname, const u8 *addr);
|
||||||
void ieee802_1x_kay_deinit(struct ieee802_1x_kay *kay);
|
void ieee802_1x_kay_deinit(struct ieee802_1x_kay *kay);
|
||||||
|
|
||||||
|
@ -248,22 +248,22 @@ ieee802_1x_kay_create_mka(struct ieee802_1x_kay *kay,
|
||||||
const struct mka_key_name *ckn,
|
const struct mka_key_name *ckn,
|
||||||
const struct mka_key *cak,
|
const struct mka_key *cak,
|
||||||
u32 life, enum mka_created_mode mode,
|
u32 life, enum mka_created_mode mode,
|
||||||
Boolean is_authenticator);
|
bool is_authenticator);
|
||||||
void ieee802_1x_kay_delete_mka(struct ieee802_1x_kay *kay,
|
void ieee802_1x_kay_delete_mka(struct ieee802_1x_kay *kay,
|
||||||
struct mka_key_name *ckn);
|
struct mka_key_name *ckn);
|
||||||
void ieee802_1x_kay_mka_participate(struct ieee802_1x_kay *kay,
|
void ieee802_1x_kay_mka_participate(struct ieee802_1x_kay *kay,
|
||||||
struct mka_key_name *ckn,
|
struct mka_key_name *ckn,
|
||||||
Boolean status);
|
bool status);
|
||||||
int ieee802_1x_kay_new_sak(struct ieee802_1x_kay *kay);
|
int ieee802_1x_kay_new_sak(struct ieee802_1x_kay *kay);
|
||||||
int ieee802_1x_kay_change_cipher_suite(struct ieee802_1x_kay *kay,
|
int ieee802_1x_kay_change_cipher_suite(struct ieee802_1x_kay *kay,
|
||||||
unsigned int cs_index);
|
unsigned int cs_index);
|
||||||
|
|
||||||
int ieee802_1x_kay_set_latest_sa_attr(struct ieee802_1x_kay *kay,
|
int ieee802_1x_kay_set_latest_sa_attr(struct ieee802_1x_kay *kay,
|
||||||
struct ieee802_1x_mka_ki *lki, u8 lan,
|
struct ieee802_1x_mka_ki *lki, u8 lan,
|
||||||
Boolean ltx, Boolean lrx);
|
bool ltx, bool lrx);
|
||||||
int ieee802_1x_kay_set_old_sa_attr(struct ieee802_1x_kay *kay,
|
int ieee802_1x_kay_set_old_sa_attr(struct ieee802_1x_kay *kay,
|
||||||
struct ieee802_1x_mka_ki *oki,
|
struct ieee802_1x_mka_ki *oki,
|
||||||
u8 oan, Boolean otx, Boolean orx);
|
u8 oan, bool otx, bool orx);
|
||||||
int ieee802_1x_kay_create_sas(struct ieee802_1x_kay *kay,
|
int ieee802_1x_kay_create_sas(struct ieee802_1x_kay *kay,
|
||||||
struct ieee802_1x_mka_ki *lki);
|
struct ieee802_1x_mka_ki *lki);
|
||||||
int ieee802_1x_kay_delete_sas(struct ieee802_1x_kay *kay,
|
int ieee802_1x_kay_delete_sas(struct ieee802_1x_kay *kay,
|
||||||
|
|
|
@ -46,11 +46,11 @@ struct ieee802_1x_kay_peer {
|
||||||
u8 mi[MI_LEN];
|
u8 mi[MI_LEN];
|
||||||
u32 mn;
|
u32 mn;
|
||||||
time_t expire;
|
time_t expire;
|
||||||
Boolean is_key_server;
|
bool is_key_server;
|
||||||
u8 key_server_priority;
|
u8 key_server_priority;
|
||||||
Boolean macsec_desired;
|
bool macsec_desired;
|
||||||
enum macsec_cap macsec_capability;
|
enum macsec_cap macsec_capability;
|
||||||
Boolean sak_used;
|
bool sak_used;
|
||||||
int missing_sak_use_count;
|
int missing_sak_use_count;
|
||||||
struct dl_list list;
|
struct dl_list list;
|
||||||
};
|
};
|
||||||
|
@ -87,18 +87,18 @@ struct ieee802_1x_mka_participant {
|
||||||
/* used for active and potential participant */
|
/* used for active and potential participant */
|
||||||
struct mka_key_name ckn;
|
struct mka_key_name ckn;
|
||||||
struct mka_key cak;
|
struct mka_key cak;
|
||||||
Boolean cached;
|
bool cached;
|
||||||
|
|
||||||
/* used by management to monitor and control activation */
|
/* used by management to monitor and control activation */
|
||||||
Boolean active;
|
bool active;
|
||||||
Boolean participant;
|
bool participant;
|
||||||
Boolean retain;
|
bool retain;
|
||||||
enum mka_created_mode mode;
|
enum mka_created_mode mode;
|
||||||
|
|
||||||
enum activate_ctrl { DEFAULT, DISABLED, ON_OPER_UP, ALWAYS } activate;
|
enum activate_ctrl { DEFAULT, DISABLED, ON_OPER_UP, ALWAYS } activate;
|
||||||
|
|
||||||
/* used for active participant */
|
/* used for active participant */
|
||||||
Boolean principal;
|
bool principal;
|
||||||
struct dl_list live_peers;
|
struct dl_list live_peers;
|
||||||
struct dl_list potential_peers;
|
struct dl_list potential_peers;
|
||||||
|
|
||||||
|
@ -110,18 +110,18 @@ struct ieee802_1x_mka_participant {
|
||||||
|
|
||||||
struct ieee802_1x_mka_ki lki;
|
struct ieee802_1x_mka_ki lki;
|
||||||
u8 lan;
|
u8 lan;
|
||||||
Boolean ltx;
|
bool ltx;
|
||||||
Boolean lrx;
|
bool lrx;
|
||||||
|
|
||||||
struct ieee802_1x_mka_ki oki;
|
struct ieee802_1x_mka_ki oki;
|
||||||
u8 oan;
|
u8 oan;
|
||||||
Boolean otx;
|
bool otx;
|
||||||
Boolean orx;
|
bool orx;
|
||||||
|
|
||||||
Boolean is_key_server;
|
bool is_key_server;
|
||||||
Boolean is_obliged_key_server;
|
bool is_obliged_key_server;
|
||||||
Boolean can_be_key_server;
|
bool can_be_key_server;
|
||||||
Boolean is_elected;
|
bool is_elected;
|
||||||
|
|
||||||
struct dl_list sak_list;
|
struct dl_list sak_list;
|
||||||
struct dl_list rxsc_list;
|
struct dl_list rxsc_list;
|
||||||
|
@ -137,11 +137,11 @@ struct ieee802_1x_mka_participant {
|
||||||
|
|
||||||
time_t cak_life;
|
time_t cak_life;
|
||||||
time_t mka_life;
|
time_t mka_life;
|
||||||
Boolean to_dist_sak;
|
bool to_dist_sak;
|
||||||
Boolean to_use_sak;
|
bool to_use_sak;
|
||||||
Boolean new_sak;
|
bool new_sak;
|
||||||
|
|
||||||
Boolean advised_desired;
|
bool advised_desired;
|
||||||
enum macsec_cap advised_capability;
|
enum macsec_cap advised_capability;
|
||||||
|
|
||||||
struct data_key *new_key;
|
struct data_key *new_key;
|
||||||
|
|
|
@ -25,7 +25,7 @@ int secy_cp_control_validate_frames(struct ieee802_1x_kay *kay,
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
int secy_cp_control_protect_frames(struct ieee802_1x_kay *kay, Boolean enabled)
|
int secy_cp_control_protect_frames(struct ieee802_1x_kay *kay, bool enabled)
|
||||||
{
|
{
|
||||||
struct ieee802_1x_kay_ctx *ops;
|
struct ieee802_1x_kay_ctx *ops;
|
||||||
|
|
||||||
|
@ -45,7 +45,7 @@ int secy_cp_control_protect_frames(struct ieee802_1x_kay *kay, Boolean enabled)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
int secy_cp_control_encrypt(struct ieee802_1x_kay *kay, Boolean enabled)
|
int secy_cp_control_encrypt(struct ieee802_1x_kay *kay, bool enabled)
|
||||||
{
|
{
|
||||||
struct ieee802_1x_kay_ctx *ops;
|
struct ieee802_1x_kay_ctx *ops;
|
||||||
|
|
||||||
|
@ -65,7 +65,7 @@ int secy_cp_control_encrypt(struct ieee802_1x_kay *kay, Boolean enabled)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
int secy_cp_control_replay(struct ieee802_1x_kay *kay, Boolean enabled, u32 win)
|
int secy_cp_control_replay(struct ieee802_1x_kay *kay, bool enabled, u32 win)
|
||||||
{
|
{
|
||||||
struct ieee802_1x_kay_ctx *ops;
|
struct ieee802_1x_kay_ctx *ops;
|
||||||
|
|
||||||
|
@ -113,7 +113,7 @@ int secy_cp_control_confidentiality_offset(struct ieee802_1x_kay *kay,
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
int secy_cp_control_enable_port(struct ieee802_1x_kay *kay, Boolean enabled)
|
int secy_cp_control_enable_port(struct ieee802_1x_kay *kay, bool enabled)
|
||||||
{
|
{
|
||||||
struct ieee802_1x_kay_ctx *ops;
|
struct ieee802_1x_kay_ctx *ops;
|
||||||
|
|
||||||
|
@ -333,7 +333,7 @@ int secy_enable_receive_sa(struct ieee802_1x_kay *kay, struct receive_sa *rxsa)
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
rxsa->enable_receive = TRUE;
|
rxsa->enable_receive = true;
|
||||||
|
|
||||||
return ops->enable_receive_sa(ops->ctx, rxsa);
|
return ops->enable_receive_sa(ops->ctx, rxsa);
|
||||||
}
|
}
|
||||||
|
@ -355,7 +355,7 @@ int secy_disable_receive_sa(struct ieee802_1x_kay *kay, struct receive_sa *rxsa)
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
rxsa->enable_receive = FALSE;
|
rxsa->enable_receive = false;
|
||||||
|
|
||||||
return ops->disable_receive_sa(ops->ctx, rxsa);
|
return ops->disable_receive_sa(ops->ctx, rxsa);
|
||||||
}
|
}
|
||||||
|
@ -462,7 +462,7 @@ int secy_enable_transmit_sa(struct ieee802_1x_kay *kay,
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
txsa->enable_transmit = TRUE;
|
txsa->enable_transmit = true;
|
||||||
|
|
||||||
return ops->enable_transmit_sa(ops->ctx, txsa);
|
return ops->enable_transmit_sa(ops->ctx, txsa);
|
||||||
}
|
}
|
||||||
|
@ -485,7 +485,7 @@ int secy_disable_transmit_sa(struct ieee802_1x_kay *kay,
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
txsa->enable_transmit = FALSE;
|
txsa->enable_transmit = false;
|
||||||
|
|
||||||
return ops->disable_transmit_sa(ops->ctx, txsa);
|
return ops->disable_transmit_sa(ops->ctx, txsa);
|
||||||
}
|
}
|
||||||
|
@ -509,9 +509,9 @@ int secy_init_macsec(struct ieee802_1x_kay *kay)
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
params.use_es = FALSE;
|
params.use_es = false;
|
||||||
params.use_scb = FALSE;
|
params.use_scb = false;
|
||||||
params.always_include_sci = TRUE;
|
params.always_include_sci = true;
|
||||||
|
|
||||||
ret = ops->macsec_init(ops->ctx, ¶ms);
|
ret = ops->macsec_init(ops->ctx, ¶ms);
|
||||||
|
|
||||||
|
|
|
@ -20,13 +20,13 @@ int secy_deinit_macsec(struct ieee802_1x_kay *kay);
|
||||||
/****** CP -> SecY ******/
|
/****** CP -> SecY ******/
|
||||||
int secy_cp_control_validate_frames(struct ieee802_1x_kay *kay,
|
int secy_cp_control_validate_frames(struct ieee802_1x_kay *kay,
|
||||||
enum validate_frames vf);
|
enum validate_frames vf);
|
||||||
int secy_cp_control_protect_frames(struct ieee802_1x_kay *kay, Boolean flag);
|
int secy_cp_control_protect_frames(struct ieee802_1x_kay *kay, bool flag);
|
||||||
int secy_cp_control_encrypt(struct ieee802_1x_kay *kay, Boolean enabled);
|
int secy_cp_control_encrypt(struct ieee802_1x_kay *kay, bool enabled);
|
||||||
int secy_cp_control_replay(struct ieee802_1x_kay *kay, Boolean flag, u32 win);
|
int secy_cp_control_replay(struct ieee802_1x_kay *kay, bool flag, u32 win);
|
||||||
int secy_cp_control_current_cipher_suite(struct ieee802_1x_kay *kay, u64 cs);
|
int secy_cp_control_current_cipher_suite(struct ieee802_1x_kay *kay, u64 cs);
|
||||||
int secy_cp_control_confidentiality_offset(struct ieee802_1x_kay *kay,
|
int secy_cp_control_confidentiality_offset(struct ieee802_1x_kay *kay,
|
||||||
enum confidentiality_offset co);
|
enum confidentiality_offset co);
|
||||||
int secy_cp_control_enable_port(struct ieee802_1x_kay *kay, Boolean flag);
|
int secy_cp_control_enable_port(struct ieee802_1x_kay *kay, bool flag);
|
||||||
|
|
||||||
/****** KaY -> SecY *******/
|
/****** KaY -> SecY *******/
|
||||||
int secy_get_capability(struct ieee802_1x_kay *kay, enum macsec_cap *cap);
|
int secy_get_capability(struct ieee802_1x_kay *kay, enum macsec_cap *cap);
|
||||||
|
|
|
@ -778,7 +778,7 @@ static inline int wpa_drv_macsec_get_capability(struct wpa_supplicant *wpa_s,
|
||||||
}
|
}
|
||||||
|
|
||||||
static inline int wpa_drv_enable_protect_frames(struct wpa_supplicant *wpa_s,
|
static inline int wpa_drv_enable_protect_frames(struct wpa_supplicant *wpa_s,
|
||||||
Boolean enabled)
|
bool enabled)
|
||||||
{
|
{
|
||||||
if (!wpa_s->driver->enable_protect_frames)
|
if (!wpa_s->driver->enable_protect_frames)
|
||||||
return -1;
|
return -1;
|
||||||
|
@ -786,7 +786,7 @@ static inline int wpa_drv_enable_protect_frames(struct wpa_supplicant *wpa_s,
|
||||||
}
|
}
|
||||||
|
|
||||||
static inline int wpa_drv_enable_encrypt(struct wpa_supplicant *wpa_s,
|
static inline int wpa_drv_enable_encrypt(struct wpa_supplicant *wpa_s,
|
||||||
Boolean enabled)
|
bool enabled)
|
||||||
{
|
{
|
||||||
if (!wpa_s->driver->enable_encrypt)
|
if (!wpa_s->driver->enable_encrypt)
|
||||||
return -1;
|
return -1;
|
||||||
|
@ -794,7 +794,7 @@ static inline int wpa_drv_enable_encrypt(struct wpa_supplicant *wpa_s,
|
||||||
}
|
}
|
||||||
|
|
||||||
static inline int wpa_drv_set_replay_protect(struct wpa_supplicant *wpa_s,
|
static inline int wpa_drv_set_replay_protect(struct wpa_supplicant *wpa_s,
|
||||||
Boolean enabled, u32 window)
|
bool enabled, u32 window)
|
||||||
{
|
{
|
||||||
if (!wpa_s->driver->set_replay_protect)
|
if (!wpa_s->driver->set_replay_protect)
|
||||||
return -1;
|
return -1;
|
||||||
|
@ -811,7 +811,7 @@ static inline int wpa_drv_set_current_cipher_suite(struct wpa_supplicant *wpa_s,
|
||||||
}
|
}
|
||||||
|
|
||||||
static inline int wpa_drv_enable_controlled_port(struct wpa_supplicant *wpa_s,
|
static inline int wpa_drv_enable_controlled_port(struct wpa_supplicant *wpa_s,
|
||||||
Boolean enabled)
|
bool enabled)
|
||||||
{
|
{
|
||||||
if (!wpa_s->driver->enable_controlled_port)
|
if (!wpa_s->driver->enable_controlled_port)
|
||||||
return -1;
|
return -1;
|
||||||
|
|
|
@ -44,19 +44,19 @@ static int wpas_macsec_get_capability(void *priv, enum macsec_cap *cap)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
static int wpas_enable_protect_frames(void *wpa_s, Boolean enabled)
|
static int wpas_enable_protect_frames(void *wpa_s, bool enabled)
|
||||||
{
|
{
|
||||||
return wpa_drv_enable_protect_frames(wpa_s, enabled);
|
return wpa_drv_enable_protect_frames(wpa_s, enabled);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
static int wpas_enable_encrypt(void *wpa_s, Boolean enabled)
|
static int wpas_enable_encrypt(void *wpa_s, bool enabled)
|
||||||
{
|
{
|
||||||
return wpa_drv_enable_encrypt(wpa_s, enabled);
|
return wpa_drv_enable_encrypt(wpa_s, enabled);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
static int wpas_set_replay_protect(void *wpa_s, Boolean enabled, u32 window)
|
static int wpas_set_replay_protect(void *wpa_s, bool enabled, u32 window)
|
||||||
{
|
{
|
||||||
return wpa_drv_set_replay_protect(wpa_s, enabled, window);
|
return wpa_drv_set_replay_protect(wpa_s, enabled, window);
|
||||||
}
|
}
|
||||||
|
@ -68,7 +68,7 @@ static int wpas_set_current_cipher_suite(void *wpa_s, u64 cs)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
static int wpas_enable_controlled_port(void *wpa_s, Boolean enabled)
|
static int wpas_enable_controlled_port(void *wpa_s, bool enabled)
|
||||||
{
|
{
|
||||||
return wpa_drv_enable_controlled_port(wpa_s, enabled);
|
return wpa_drv_enable_controlled_port(wpa_s, enabled);
|
||||||
}
|
}
|
||||||
|
@ -376,7 +376,7 @@ void * ieee802_1x_notify_create_actor(struct wpa_supplicant *wpa_s,
|
||||||
wpa_hexdump(MSG_DEBUG, "Derived CKN", ckn->name, ckn->len);
|
wpa_hexdump(MSG_DEBUG, "Derived CKN", ckn->name, ckn->len);
|
||||||
|
|
||||||
res = ieee802_1x_kay_create_mka(wpa_s->kay, ckn, cak, 0,
|
res = ieee802_1x_kay_create_mka(wpa_s->kay, ckn, cak, 0,
|
||||||
EAP_EXCHANGE, FALSE);
|
EAP_EXCHANGE, false);
|
||||||
|
|
||||||
fail:
|
fail:
|
||||||
if (msk) {
|
if (msk) {
|
||||||
|
@ -424,7 +424,7 @@ void * ieee802_1x_create_preshared_mka(struct wpa_supplicant *wpa_s,
|
||||||
ckn->len = ssid->mka_ckn_len;
|
ckn->len = ssid->mka_ckn_len;
|
||||||
os_memcpy(ckn->name, ssid->mka_ckn, ckn->len);
|
os_memcpy(ckn->name, ssid->mka_ckn, ckn->len);
|
||||||
|
|
||||||
res = ieee802_1x_kay_create_mka(wpa_s->kay, ckn, cak, 0, PSK, FALSE);
|
res = ieee802_1x_kay_create_mka(wpa_s->kay, ckn, cak, 0, PSK, false);
|
||||||
if (res)
|
if (res)
|
||||||
goto free_cak;
|
goto free_cak;
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue