base/SOURCES/macsec-0031-PAE-Make-KaY-sp...

From 7508c2ad99cef6d0691190063ec7735b7759f836 Mon Sep 17 00:00:00 2001
Message-Id: <7508c2ad99cef6d0691190063ec7735b7759f836.1488376602.git.dcaratti@redhat.com>
From: Badrish Adiga H R <badrish.adigahr@gmail.com>
Date: Fri, 16 Dec 2016 01:40:53 +0530
Subject: [PATCH] PAE: Make KaY specific details available via control
 interface

Add KaY details to the STATUS command output.

Signed-off-by: Badrish Adiga H R <badrish.adigahr@hpe.com>
---
 src/pae/ieee802_1x_kay.c    | 49 +++++++++++++++++++++++++++++++++++++++++++++
 src/pae/ieee802_1x_kay.h    |  3 +++
 wpa_supplicant/ctrl_iface.c |  6 ++++++
 3 files changed, 58 insertions(+)

diff --git a/src/pae/ieee802_1x_kay.c b/src/pae/ieee802_1x_kay.c
index 1d6d9a9..cf5782a 100644
--- a/src/pae/ieee802_1x_kay.c
+++ b/src/pae/ieee802_1x_kay.c
@@ -1641,6 +1641,7 @@ ieee802_1x_mka_decode_dist_sak_body(
 	ieee802_1x_cp_signal_newsak(kay->cp);
 	ieee802_1x_cp_sm_step(kay->cp);
 
+	kay->rcvd_keys++;
 	participant->to_use_sak = TRUE;
 
 	return 0;
@@ -3519,3 +3520,51 @@ ieee802_1x_kay_change_cipher_suite(struct ieee802_1x_kay *kay,
 
 	return 0;
 }
+
+
+#ifdef CONFIG_CTRL_IFACE
+/**
+ * ieee802_1x_kay_get_status - Get IEEE 802.1X KaY status details
+ * @sm: Pointer to KaY allocated with ieee802_1x_kay_init()
+ * @buf: Buffer for status information
+ * @buflen: Maximum buffer length
+ * @verbose: Whether to include verbose status information
+ * Returns: Number of bytes written to buf.
+ *
+ * Query KAY status information. This function fills in a text area with current
+ * status information. If the buffer (buf) is not large enough, status
+ * information will be truncated to fit the buffer.
+ */
+int ieee802_1x_kay_get_status(struct ieee802_1x_kay *kay, char *buf,
+			      size_t buflen)
+{
+	int len;
+
+	if (!kay)
+		return 0;
+
+	len = os_snprintf(buf, buflen,
+			  "PAE KaY status=%s\n"
+			  "Authenticated=%s\n"
+			  "Secured=%s\n"
+			  "Failed=%s\n"
+			  "Actor Priority=%u\n"
+			  "Key Server Priority=%u\n"
+			  "Is Key Server=%s\n"
+			  "Number of Keys Distributed=%u\n"
+			  "Number of Keys Received=%u\n",
+			  kay->active ? "Active" : "Not-Active",
+			  kay->authenticated ? "Yes" : "No",
+			  kay->secured ? "Yes" : "No",
+			  kay->failed ? "Yes" : "No",
+			  kay->actor_priority,
+			  kay->key_server_priority,
+			  kay->is_key_server ? "Yes" : "No",
+			  kay->dist_kn - 1,
+			  kay->rcvd_keys);
+	if (os_snprintf_error(buflen, len))
+		return 0;
+
+	return len;
+}
+#endif /* CONFIG_CTRL_IFACE */
diff --git a/src/pae/ieee802_1x_kay.h b/src/pae/ieee802_1x_kay.h
index 9a92d1c..b38e814 100644
--- a/src/pae/ieee802_1x_kay.h
+++ b/src/pae/ieee802_1x_kay.h
@@ -208,6 +208,7 @@ struct ieee802_1x_kay {
 	int mka_algindex;  /* MKA alg table index */
 
 	u32 dist_kn;
+	u32 rcvd_keys;
 	u8 dist_an;
 	time_t dist_time;
 
@@ -267,5 +268,7 @@ int ieee802_1x_kay_enable_tx_sas(struct ieee802_1x_kay *kay,
 int ieee802_1x_kay_enable_rx_sas(struct ieee802_1x_kay *kay,
 				 struct ieee802_1x_mka_ki *lki);
 int ieee802_1x_kay_enable_new_info(struct ieee802_1x_kay *kay);
+int ieee802_1x_kay_get_status(struct ieee802_1x_kay *kay, char *buf,
+			      size_t buflen);
 
 #endif /* IEEE802_1X_KAY_H */
diff --git a/wpa_supplicant/ctrl_iface.c b/wpa_supplicant/ctrl_iface.c
index c943dee..624e894 100644
--- a/wpa_supplicant/ctrl_iface.c
+++ b/wpa_supplicant/ctrl_iface.c
@@ -2050,6 +2050,12 @@ static int wpa_supplicant_ctrl_iface_status(struct wpa_supplicant *wpa_s,
 			pos += res;
 	}
 
+#ifdef CONFIG_MACSEC
+	res = ieee802_1x_kay_get_status(wpa_s->kay, pos, end - pos);
+	if (res > 0)
+		pos += res;
+#endif /* CONFIG_MACSEC */
+
 	sess_id = eapol_sm_get_session_id(wpa_s->eapol, &sess_id_len);
 	if (sess_id) {
 		char *start = pos;
-- 
2.7.4
wpa_supplicant package update Signed-off-by: basebuilder_pel7ppc64bebuilder0 <basebuilder@powerel.org> 7 years ago			`From 7508c2ad99cef6d0691190063ec7735b7759f836 Mon Sep 17 00:00:00 2001`
			`Message-Id: <7508c2ad99cef6d0691190063ec7735b7759f836.1488376602.git.dcaratti@redhat.com>`
			`From: Badrish Adiga H R <badrish.adigahr@gmail.com>`
			`Date: Fri, 16 Dec 2016 01:40:53 +0530`
			`Subject: [PATCH] PAE: Make KaY specific details available via control`
			`interface`

			`Add KaY details to the STATUS command output.`

			`Signed-off-by: Badrish Adiga H R <badrish.adigahr@hpe.com>`
			`---`
			`src/pae/ieee802_1x_kay.c \| 49 +++++++++++++++++++++++++++++++++++++++++++++`
			`src/pae/ieee802_1x_kay.h \| 3 +++`
			`wpa_supplicant/ctrl_iface.c \| 6 ++++++`
			`3 files changed, 58 insertions(+)`

			`diff --git a/src/pae/ieee802_1x_kay.c b/src/pae/ieee802_1x_kay.c`
			`index 1d6d9a9..cf5782a 100644`
			`--- a/src/pae/ieee802_1x_kay.c`
			`+++ b/src/pae/ieee802_1x_kay.c`
			`@@ -1641,6 +1641,7 @@ ieee802_1x_mka_decode_dist_sak_body(`
			`ieee802_1x_cp_signal_newsak(kay->cp);`
			`ieee802_1x_cp_sm_step(kay->cp);`

			`+ kay->rcvd_keys++;`
			`participant->to_use_sak = TRUE;`

			`return 0;`
			`@@ -3519,3 +3520,51 @@ ieee802_1x_kay_change_cipher_suite(struct ieee802_1x_kay *kay,`

			`return 0;`
			`}`
			`+`
			`+`
			`+#ifdef CONFIG_CTRL_IFACE`
			`+/**`
			`+ * ieee802_1x_kay_get_status - Get IEEE 802.1X KaY status details`
			`+ * @sm: Pointer to KaY allocated with ieee802_1x_kay_init()`
			`+ * @buf: Buffer for status information`
			`+ * @buflen: Maximum buffer length`
			`+ * @verbose: Whether to include verbose status information`
			`+ * Returns: Number of bytes written to buf.`
			`+ *`
			`+ * Query KAY status information. This function fills in a text area with current`
			`+ * status information. If the buffer (buf) is not large enough, status`
			`+ * information will be truncated to fit the buffer.`
			`+ */`
			`+int ieee802_1x_kay_get_status(struct ieee802_1x_kay kay, char buf,`
			`+ size_t buflen)`
			`+{`
			`+ int len;`
			`+`
			`+ if (!kay)`
			`+ return 0;`
			`+`
			`+ len = os_snprintf(buf, buflen,`
			`+ "PAE KaY status=%s\n"`
			`+ "Authenticated=%s\n"`
			`+ "Secured=%s\n"`
			`+ "Failed=%s\n"`
			`+ "Actor Priority=%u\n"`
			`+ "Key Server Priority=%u\n"`
			`+ "Is Key Server=%s\n"`
			`+ "Number of Keys Distributed=%u\n"`
			`+ "Number of Keys Received=%u\n",`
			`+ kay->active ? "Active" : "Not-Active",`
			`+ kay->authenticated ? "Yes" : "No",`
			`+ kay->secured ? "Yes" : "No",`
			`+ kay->failed ? "Yes" : "No",`
			`+ kay->actor_priority,`
			`+ kay->key_server_priority,`
			`+ kay->is_key_server ? "Yes" : "No",`
			`+ kay->dist_kn - 1,`
			`+ kay->rcvd_keys);`
			`+ if (os_snprintf_error(buflen, len))`
			`+ return 0;`
			`+`
			`+ return len;`
			`+}`
			`+#endif /* CONFIG_CTRL_IFACE */`
			`diff --git a/src/pae/ieee802_1x_kay.h b/src/pae/ieee802_1x_kay.h`
			`index 9a92d1c..b38e814 100644`
			`--- a/src/pae/ieee802_1x_kay.h`
			`+++ b/src/pae/ieee802_1x_kay.h`
			`@@ -208,6 +208,7 @@ struct ieee802_1x_kay {`
			`int mka_algindex; /* MKA alg table index */`

			`u32 dist_kn;`
			`+ u32 rcvd_keys;`
			`u8 dist_an;`
			`time_t dist_time;`

			`@@ -267,5 +268,7 @@ int ieee802_1x_kay_enable_tx_sas(struct ieee802_1x_kay *kay,`
			`int ieee802_1x_kay_enable_rx_sas(struct ieee802_1x_kay *kay,`
			`struct ieee802_1x_mka_ki *lki);`
			`int ieee802_1x_kay_enable_new_info(struct ieee802_1x_kay *kay);`
			`+int ieee802_1x_kay_get_status(struct ieee802_1x_kay kay, char buf,`
			`+ size_t buflen);`

			`#endif /* IEEE802_1X_KAY_H */`
			`diff --git a/wpa_supplicant/ctrl_iface.c b/wpa_supplicant/ctrl_iface.c`
			`index c943dee..624e894 100644`
			`--- a/wpa_supplicant/ctrl_iface.c`
			`+++ b/wpa_supplicant/ctrl_iface.c`
			`@@ -2050,6 +2050,12 @@ static int wpa_supplicant_ctrl_iface_status(struct wpa_supplicant *wpa_s,`
			`pos += res;`
			`}`

			`+#ifdef CONFIG_MACSEC`
			`+ res = ieee802_1x_kay_get_status(wpa_s->kay, pos, end - pos);`
			`+ if (res > 0)`
			`+ pos += res;`
			`+#endif /* CONFIG_MACSEC */`
			`+`
			`sess_id = eapol_sm_get_session_id(wpa_s->eapol, &sess_id_len);`
			`if (sess_id) {`
			`char *start = pos;`
			`--`
			`2.7.4`