diff --git a/src/pae/ieee802_1x_kay.c b/src/pae/ieee802_1x_kay.c index 6c88e0e43..016260c1a 100644 --- a/src/pae/ieee802_1x_kay.c +++ b/src/pae/ieee802_1x_kay.c @@ -3881,6 +3881,7 @@ ieee802_1x_kay_change_cipher_suite(struct ieee802_1x_kay *kay, #ifdef CONFIG_CTRL_IFACE + /** * ieee802_1x_kay_get_status - Get IEEE 802.1X KaY status details * @sm: Pointer to KaY allocated with ieee802_1x_kay_init() @@ -3984,4 +3985,103 @@ int ieee802_1x_kay_get_status(struct ieee802_1x_kay *kay, char *buf, return pos - buf; } + + +static const char * true_false(Boolean val) +{ + return val ? "true" : "false"; +} + + +static const char * activate_control_txt(enum activate_ctrl activate) +{ + switch (activate) { + case DEFAULT: + return "default"; + case DISABLED: + return "disabled"; + case ON_OPER_UP: + return "onOperUp"; + case ALWAYS: + return "always"; + } + + return "?"; +} + + +static char * mka_mib_peer(struct dl_list *peers, Boolean live, char *buf, + char *end) +{ + char *pos = buf; + struct ieee802_1x_kay_peer *p; + int res; + + dl_list_for_each(p, peers, struct ieee802_1x_kay_peer, list) { + res = os_snprintf(pos, end - pos, + "ieee8021XKayMkaPeerListMI=%s\n" + "ieee8021XKayMkaPeerListMN=%u\n" + "ieee8021XKayMkaPeerListType=%u\n" + "ieee8021XKayMkaPeerListSCI=%s\n", + mi_txt(p->mi), + p->mn, + live ? 1 : 2, + sci_txt(&p->sci)); + if (os_snprintf_error(end - pos, res)) + return pos; + pos += res; + } + + return pos; +} + + +int ieee802_1x_kay_get_mib(struct ieee802_1x_kay *kay, char *buf, + size_t buflen) +{ + char *pos, *end; + int res; + struct ieee802_1x_mka_participant *p; + + if (!kay) + return 0; + + pos = buf; + end = buf + buflen; + + dl_list_for_each(p, &kay->participant_list, + struct ieee802_1x_mka_participant, list) { + char *pos2 = pos; + + res = os_snprintf(pos2, end - pos2, "ieee8021XKayMkaPartCKN="); + if (os_snprintf_error(buflen, res)) + return end - pos; + pos2 += res; + + pos2 += wpa_snprintf_hex(pos2, end - pos2, p->ckn.name, + p->ckn.len); + + res = os_snprintf(pos2, end - pos2, + "\nieee8021XKayMkaPartCached=%s\n" + "ieee8021XKayMkaPartActive=%s\n" + "ieee8021XKayMkaPartRetain=%s\n" + "ieee8021XKayMkaPartActivateControl=%s\n" + "ieee8021XKayMkaPartPrincipal=%s\n", + true_false(p->cached), + true_false(p->active), + true_false(p->retain), + activate_control_txt(p->activate), + true_false(p->principal)); + if (os_snprintf_error(buflen, res)) + return end - pos; + pos2 += res; + pos = pos2; + + pos = mka_mib_peer(&p->live_peers, TRUE, pos, end); + pos = mka_mib_peer(&p->potential_peers, FALSE, pos, end); + } + + return pos - buf; +} + #endif /* CONFIG_CTRL_IFACE */ diff --git a/src/pae/ieee802_1x_kay.h b/src/pae/ieee802_1x_kay.h index eedf02ad9..3367d3aaa 100644 --- a/src/pae/ieee802_1x_kay.h +++ b/src/pae/ieee802_1x_kay.h @@ -275,5 +275,7 @@ int ieee802_1x_kay_enable_rx_sas(struct ieee802_1x_kay *kay, int ieee802_1x_kay_enable_new_info(struct ieee802_1x_kay *kay); int ieee802_1x_kay_get_status(struct ieee802_1x_kay *kay, char *buf, size_t buflen); +int ieee802_1x_kay_get_mib(struct ieee802_1x_kay *kay, char *buf, + size_t buflen); #endif /* IEEE802_1X_KAY_H */ diff --git a/src/pae/ieee802_1x_kay_i.h b/src/pae/ieee802_1x_kay_i.h index 497cc3fea..1d1589cb6 100644 --- a/src/pae/ieee802_1x_kay_i.h +++ b/src/pae/ieee802_1x_kay_i.h @@ -95,7 +95,7 @@ struct ieee802_1x_mka_participant { Boolean retain; enum mka_created_mode mode; - enum { DEFAULT, DISABLED, ON_OPER_UP, ALWAYS } activate; + enum activate_ctrl { DEFAULT, DISABLED, ON_OPER_UP, ALWAYS } activate; /* used for active participant */ Boolean principal; diff --git a/wpa_supplicant/ctrl_iface.c b/wpa_supplicant/ctrl_iface.c index 591d30f22..767a00643 100644 --- a/wpa_supplicant/ctrl_iface.c +++ b/wpa_supplicant/ctrl_iface.c @@ -9896,6 +9896,11 @@ char * wpa_supplicant_ctrl_iface_process(struct wpa_supplicant *wpa_s, reply_len += eapol_sm_get_mib(wpa_s->eapol, reply + reply_len, reply_size - reply_len); +#ifdef CONFIG_MACSEC + reply_len += ieee802_1x_kay_get_mib( + wpa_s->kay, reply + reply_len, + reply_size - reply_len); +#endif /* CONFIG_MACSEC */ } } else if (os_strncmp(buf, "STATUS", 6) == 0) { reply_len = wpa_supplicant_ctrl_iface_status(