1 /* 2 * IEEE 802.1X-2004 Authenticator - State dump 3 * Copyright (c) 2002-2009, Jouni Malinen <j (at) w1.fi> 4 * 5 * This program is free software; you can redistribute it and/or modify 6 * it under the terms of the GNU General Public License version 2 as 7 * published by the Free Software Foundation. 8 * 9 * Alternatively, this software may be distributed under the terms of BSD 10 * license. 11 * 12 * See README and COPYING for more details. 13 */ 14 15 #include "includes.h" 16 17 #include "common.h" 18 #include "eap_server/eap.h" 19 #include "eapol_auth_sm.h" 20 #include "eapol_auth_sm_i.h" 21 22 static inline const char * port_type_txt(PortTypes pt) 23 { 24 switch (pt) { 25 case ForceUnauthorized: return "ForceUnauthorized"; 26 case ForceAuthorized: return "ForceAuthorized"; 27 case Auto: return "Auto"; 28 default: return "Unknown"; 29 } 30 } 31 32 33 static inline const char * port_state_txt(PortState ps) 34 { 35 switch (ps) { 36 case Unauthorized: return "Unauthorized"; 37 case Authorized: return "Authorized"; 38 default: return "Unknown"; 39 } 40 } 41 42 43 static inline const char * ctrl_dir_txt(ControlledDirection dir) 44 { 45 switch (dir) { 46 case Both: return "Both"; 47 case In: return "In"; 48 default: return "Unknown"; 49 } 50 } 51 52 53 static inline const char * auth_pae_state_txt(int s) 54 { 55 switch (s) { 56 case AUTH_PAE_INITIALIZE: return "INITIALIZE"; 57 case AUTH_PAE_DISCONNECTED: return "DISCONNECTED"; 58 case AUTH_PAE_CONNECTING: return "CONNECTING"; 59 case AUTH_PAE_AUTHENTICATING: return "AUTHENTICATING"; 60 case AUTH_PAE_AUTHENTICATED: return "AUTHENTICATED"; 61 case AUTH_PAE_ABORTING: return "ABORTING"; 62 case AUTH_PAE_HELD: return "HELD"; 63 case AUTH_PAE_FORCE_AUTH: return "FORCE_AUTH"; 64 case AUTH_PAE_FORCE_UNAUTH: return "FORCE_UNAUTH"; 65 case AUTH_PAE_RESTART: return "RESTART"; 66 default: return "Unknown"; 67 } 68 } 69 70 71 static inline const char * be_auth_state_txt(int s) 72 { 73 switch (s) { 74 case BE_AUTH_REQUEST: return "REQUEST"; 75 case BE_AUTH_RESPONSE: return "RESPONSE"; 76 case BE_AUTH_SUCCESS: return "SUCCESS"; 77 case BE_AUTH_FAIL: return "FAIL"; 78 case BE_AUTH_TIMEOUT: return "TIMEOUT"; 79 case BE_AUTH_IDLE: return "IDLE"; 80 case BE_AUTH_INITIALIZE: return "INITIALIZE"; 81 case BE_AUTH_IGNORE: return "IGNORE"; 82 default: return "Unknown"; 83 } 84 } 85 86 87 static inline const char * reauth_timer_state_txt(int s) 88 { 89 switch (s) { 90 case REAUTH_TIMER_INITIALIZE: return "INITIALIZE"; 91 case REAUTH_TIMER_REAUTHENTICATE: return "REAUTHENTICATE"; 92 default: return "Unknown"; 93 } 94 } 95 96 97 static inline const char * auth_key_tx_state_txt(int s) 98 { 99 switch (s) { 100 case AUTH_KEY_TX_NO_KEY_TRANSMIT: return "NO_KEY_TRANSMIT"; 101 case AUTH_KEY_TX_KEY_TRANSMIT: return "KEY_TRANSMIT"; 102 default: return "Unknown"; 103 } 104 } 105 106 107 static inline const char * key_rx_state_txt(int s) 108 { 109 switch (s) { 110 case KEY_RX_NO_KEY_RECEIVE: return "NO_KEY_RECEIVE"; 111 case KEY_RX_KEY_RECEIVE: return "KEY_RECEIVE"; 112 default: return "Unknown"; 113 } 114 } 115 116 117 static inline const char * ctrl_dir_state_txt(int s) 118 { 119 switch (s) { 120 case CTRL_DIR_FORCE_BOTH: return "FORCE_BOTH"; 121 case CTRL_DIR_IN_OR_BOTH: return "IN_OR_BOTH"; 122 default: return "Unknown"; 123 } 124 } 125 126 127 void eapol_auth_dump_state(FILE *f, const char *prefix, 128 struct eapol_state_machine *sm) 129 { 130 fprintf(f, "%sEAPOL state machine:\n", prefix); 131 fprintf(f, "%s aWhile=%d quietWhile=%d reAuthWhen=%d\n", prefix, 132 sm->aWhile, sm->quietWhile, sm->reAuthWhen); 133 #define _SB(b) ((b) ? "TRUE" : "FALSE") 134 fprintf(f, 135 "%s authAbort=%s authFail=%s authPortStatus=%s authStart=%s\n" 136 "%s authTimeout=%s authSuccess=%s eapFail=%s eapolEap=%s\n" 137 "%s eapSuccess=%s eapTimeout=%s initialize=%s " 138 "keyAvailable=%s\n" 139 "%s keyDone=%s keyRun=%s keyTxEnabled=%s portControl=%s\n" 140 "%s portEnabled=%s portValid=%s reAuthenticate=%s\n", 141 prefix, _SB(sm->authAbort), _SB(sm->authFail), 142 port_state_txt(sm->authPortStatus), _SB(sm->authStart), 143 prefix, _SB(sm->authTimeout), _SB(sm->authSuccess), 144 _SB(sm->eap_if->eapFail), _SB(sm->eapolEap), 145 prefix, _SB(sm->eap_if->eapSuccess), 146 _SB(sm->eap_if->eapTimeout), 147 _SB(sm->initialize), _SB(sm->eap_if->eapKeyAvailable), 148 prefix, _SB(sm->keyDone), _SB(sm->keyRun), 149 _SB(sm->keyTxEnabled), port_type_txt(sm->portControl), 150 prefix, _SB(sm->eap_if->portEnabled), _SB(sm->portValid), 151 _SB(sm->reAuthenticate)); 152 153 fprintf(f, "%s Authenticator PAE:\n" 154 "%s state=%s\n" 155 "%s eapolLogoff=%s eapolStart=%s eapRestart=%s\n" 156 "%s portMode=%s reAuthCount=%d\n" 157 "%s quietPeriod=%d reAuthMax=%d\n" 158 "%s authEntersConnecting=%d\n" 159 "%s authEapLogoffsWhileConnecting=%d\n" 160 "%s authEntersAuthenticating=%d\n" 161 "%s authAuthSuccessesWhileAuthenticating=%d\n" 162 "%s authAuthTimeoutsWhileAuthenticating=%d\n" 163 "%s authAuthFailWhileAuthenticating=%d\n" 164 "%s authAuthEapStartsWhileAuthenticating=%d\n" 165 "%s authAuthEapLogoffWhileAuthenticating=%d\n" 166 "%s authAuthReauthsWhileAuthenticated=%d\n" 167 "%s authAuthEapStartsWhileAuthenticated=%d\n" 168 "%s authAuthEapLogoffWhileAuthenticated=%d\n", 169 prefix, prefix, auth_pae_state_txt(sm->auth_pae_state), prefix, 170 _SB(sm->eapolLogoff), _SB(sm->eapolStart), 171 _SB(sm->eap_if->eapRestart), 172 prefix, port_type_txt(sm->portMode), sm->reAuthCount, 173 prefix, sm->quietPeriod, sm->reAuthMax, 174 prefix, sm->authEntersConnecting, 175 prefix, sm->authEapLogoffsWhileConnecting, 176 prefix, sm->authEntersAuthenticating, 177 prefix, sm->authAuthSuccessesWhileAuthenticating, 178 prefix, sm->authAuthTimeoutsWhileAuthenticating, 179 prefix, sm->authAuthFailWhileAuthenticating, 180 prefix, sm->authAuthEapStartsWhileAuthenticating, 181 prefix, sm->authAuthEapLogoffWhileAuthenticating, 182 prefix, sm->authAuthReauthsWhileAuthenticated, 183 prefix, sm->authAuthEapStartsWhileAuthenticated, 184 prefix, sm->authAuthEapLogoffWhileAuthenticated); 185 186 fprintf(f, "%s Backend Authentication:\n" 187 "%s state=%s\n" 188 "%s eapNoReq=%s eapReq=%s eapResp=%s\n" 189 "%s serverTimeout=%d\n" 190 "%s backendResponses=%d\n" 191 "%s backendAccessChallenges=%d\n" 192 "%s backendOtherRequestsToSupplicant=%d\n" 193 "%s backendAuthSuccesses=%d\n" 194 "%s backendAuthFails=%d\n", 195 prefix, prefix, 196 be_auth_state_txt(sm->be_auth_state), 197 prefix, _SB(sm->eap_if->eapNoReq), _SB(sm->eap_if->eapReq), 198 _SB(sm->eap_if->eapResp), 199 prefix, sm->serverTimeout, 200 prefix, sm->backendResponses, 201 prefix, sm->backendAccessChallenges, 202 prefix, sm->backendOtherRequestsToSupplicant, 203 prefix, sm->backendAuthSuccesses, 204 prefix, sm->backendAuthFails); 205 206 fprintf(f, "%s Reauthentication Timer:\n" 207 "%s state=%s\n" 208 "%s reAuthPeriod=%d reAuthEnabled=%s\n", prefix, prefix, 209 reauth_timer_state_txt(sm->reauth_timer_state), prefix, 210 sm->reAuthPeriod, _SB(sm->reAuthEnabled)); 211 212 fprintf(f, "%s Authenticator Key Transmit:\n" 213 "%s state=%s\n", prefix, prefix, 214 auth_key_tx_state_txt(sm->auth_key_tx_state)); 215 216 fprintf(f, "%s Key Receive:\n" 217 "%s state=%s\n" 218 "%s rxKey=%s\n", prefix, prefix, 219 key_rx_state_txt(sm->key_rx_state), prefix, _SB(sm->rxKey)); 220 221 fprintf(f, "%s Controlled Directions:\n" 222 "%s state=%s\n" 223 "%s adminControlledDirections=%s " 224 "operControlledDirections=%s\n" 225 "%s operEdge=%s\n", prefix, prefix, 226 ctrl_dir_state_txt(sm->ctrl_dir_state), 227 prefix, ctrl_dir_txt(sm->adminControlledDirections), 228 ctrl_dir_txt(sm->operControlledDirections), 229 prefix, _SB(sm->operEdge)); 230 #undef _SB 231 } 232
