Lines Matching +full:cmd +full:- +full:db
2 * hostapd / EAP-SIM database/authenticator gateway
3 * Copyright (c) 2005-2010, 2012, Jouni Malinen <j@w1.fi>
8 * This is an example implementation of the EAP-SIM/AKA database/authentication
12 * EAP-SIM/AKA pseudonyms and re-auth identities. It can be used with different
14 * completely replaced if the in-memory database of pseudonyms/re-auth
86 static int db_table_exists(sqlite3 *db, const char *name) in db_table_exists() argument
88 char cmd[128]; in db_table_exists() local
89 os_snprintf(cmd, sizeof(cmd), "SELECT 1 FROM %s;", name); in db_table_exists()
90 return sqlite3_exec(db, cmd, NULL, NULL, NULL) == SQLITE_OK; in db_table_exists()
94 static int db_table_create_pseudonym(sqlite3 *db) in db_table_create_pseudonym() argument
103 wpa_printf(MSG_DEBUG, "EAP-SIM DB: Adding database table for " in db_table_create_pseudonym()
105 if (sqlite3_exec(db, sql, NULL, NULL, &err) != SQLITE_OK) { in db_table_create_pseudonym()
106 wpa_printf(MSG_ERROR, "EAP-SIM DB: SQLite error: %s", err); in db_table_create_pseudonym()
108 return -1; in db_table_create_pseudonym()
115 static int db_table_create_reauth(sqlite3 *db) in db_table_create_reauth() argument
129 wpa_printf(MSG_DEBUG, "EAP-SIM DB: Adding database table for " in db_table_create_reauth()
131 if (sqlite3_exec(db, sql, NULL, NULL, &err) != SQLITE_OK) { in db_table_create_reauth()
132 wpa_printf(MSG_ERROR, "EAP-SIM DB: SQLite error: %s", err); in db_table_create_reauth()
134 return -1; in db_table_create_reauth()
143 sqlite3 *db; in db_open() local
145 if (sqlite3_open(db_file, &db)) { in db_open()
146 wpa_printf(MSG_ERROR, "EAP-SIM DB: Failed to open database " in db_open()
147 "%s: %s", db_file, sqlite3_errmsg(db)); in db_open()
148 sqlite3_close(db); in db_open()
152 if (!db_table_exists(db, "pseudonyms") && in db_open()
153 db_table_create_pseudonym(db) < 0) { in db_open()
154 sqlite3_close(db); in db_open()
158 if (!db_table_exists(db, "reauth") && in db_open()
159 db_table_create_reauth(db) < 0) { in db_open()
160 sqlite3_close(db); in db_open()
164 return db; in db_open()
184 char cmd[128]; in db_add_pseudonym() local
189 return -1; in db_add_pseudonym()
192 os_snprintf(cmd, sizeof(cmd), "INSERT OR REPLACE INTO pseudonyms " in db_add_pseudonym()
196 if (sqlite3_exec(data->sqlite_db, cmd, NULL, NULL, &err) != SQLITE_OK) in db_add_pseudonym()
198 wpa_printf(MSG_ERROR, "EAP-SIM DB: SQLite error: %s", err); in db_add_pseudonym()
200 return -1; in db_add_pseudonym()
214 os_strlcpy(data->db_tmp_identity, argv[i], in get_pseudonym_cb()
215 sizeof(data->db_tmp_identity)); in get_pseudonym_cb()
226 char cmd[128]; in db_get_pseudonym() local
230 os_memset(&data->db_tmp_identity, 0, sizeof(data->db_tmp_identity)); in db_get_pseudonym()
231 os_snprintf(cmd, sizeof(cmd), in db_get_pseudonym()
234 if (sqlite3_exec(data->sqlite_db, cmd, get_pseudonym_cb, data, NULL) != in db_get_pseudonym()
237 if (data->db_tmp_identity[0] == '\0') in db_get_pseudonym()
239 return data->db_tmp_identity; in db_get_pseudonym()
247 char cmd[2000], *pos, *end; in db_add_reauth() local
252 return -1; in db_add_reauth()
255 pos = cmd; in db_add_reauth()
256 end = pos + sizeof(cmd); in db_add_reauth()
257 pos += os_snprintf(pos, end - pos, "INSERT OR REPLACE INTO reauth " in db_add_reauth()
268 pos += os_snprintf(pos, end - pos, ", '"); in db_add_reauth()
269 pos += wpa_snprintf_hex(pos, end - pos, mk, EAP_SIM_MK_LEN); in db_add_reauth()
270 pos += os_snprintf(pos, end - pos, "'"); in db_add_reauth()
274 pos += os_snprintf(pos, end - pos, ", '"); in db_add_reauth()
275 pos += wpa_snprintf_hex(pos, end - pos, k_encr, in db_add_reauth()
277 pos += os_snprintf(pos, end - pos, "'"); in db_add_reauth()
281 pos += os_snprintf(pos, end - pos, ", '"); in db_add_reauth()
282 pos += wpa_snprintf_hex(pos, end - pos, k_aut, in db_add_reauth()
284 pos += os_snprintf(pos, end - pos, "'"); in db_add_reauth()
288 pos += os_snprintf(pos, end - pos, ", '"); in db_add_reauth()
289 pos += wpa_snprintf_hex(pos, end - pos, k_re, in db_add_reauth()
291 pos += os_snprintf(pos, end - pos, "'"); in db_add_reauth()
294 os_snprintf(pos, end - pos, ");"); in db_add_reauth()
296 if (sqlite3_exec(data->sqlite_db, cmd, NULL, NULL, &err) != SQLITE_OK) in db_add_reauth()
298 wpa_printf(MSG_ERROR, "EAP-SIM DB: SQLite error: %s", err); in db_add_reauth()
300 return -1; in db_add_reauth()
311 struct eap_sim_reauth *reauth = &data->db_tmp_reauth; in get_reauth_cb()
315 os_strlcpy(data->db_tmp_identity, argv[i], in get_reauth_cb()
316 sizeof(data->db_tmp_identity)); in get_reauth_cb()
317 reauth->permanent = data->db_tmp_identity; in get_reauth_cb()
319 reauth->counter = atoi(argv[i]); in get_reauth_cb()
321 hexstr2bin(argv[i], reauth->mk, sizeof(reauth->mk)); in get_reauth_cb()
323 hexstr2bin(argv[i], reauth->k_encr, in get_reauth_cb()
324 sizeof(reauth->k_encr)); in get_reauth_cb()
326 hexstr2bin(argv[i], reauth->k_aut, in get_reauth_cb()
327 sizeof(reauth->k_aut)); in get_reauth_cb()
329 hexstr2bin(argv[i], reauth->k_re, in get_reauth_cb()
330 sizeof(reauth->k_re)); in get_reauth_cb()
341 char cmd[256]; in db_get_reauth() local
345 os_memset(&data->db_tmp_reauth, 0, sizeof(data->db_tmp_reauth)); in db_get_reauth()
346 os_strlcpy(data->db_tmp_pseudonym_str, reauth_id, in db_get_reauth()
347 sizeof(data->db_tmp_pseudonym_str)); in db_get_reauth()
348 data->db_tmp_reauth.reauth_id = data->db_tmp_pseudonym_str; in db_get_reauth()
349 os_snprintf(cmd, sizeof(cmd), in db_get_reauth()
351 if (sqlite3_exec(data->sqlite_db, cmd, get_reauth_cb, data, NULL) != in db_get_reauth()
354 if (data->db_tmp_reauth.permanent == NULL) in db_get_reauth()
356 return &data->db_tmp_reauth; in db_get_reauth()
363 char cmd[256]; in db_remove_reauth() local
365 if (!valid_db_string(reauth->permanent)) in db_remove_reauth()
367 os_snprintf(cmd, sizeof(cmd), in db_remove_reauth()
369 reauth->permanent); in db_remove_reauth()
370 sqlite3_exec(data->sqlite_db, cmd, NULL, NULL, NULL); in db_remove_reauth()
381 entry = data->pending; in eap_sim_db_get_pending()
383 if (entry->aka == aka && os_strcmp(entry->imsi, imsi) == 0) { in eap_sim_db_get_pending()
385 prev->next = entry->next; in eap_sim_db_get_pending()
387 data->pending = entry->next; in eap_sim_db_get_pending()
391 entry = entry->next; in eap_sim_db_get_pending()
400 entry->next = data->pending; in eap_sim_db_add_pending()
401 data->pending = entry; in eap_sim_db_add_pending()
417 struct eap_sim_db_pending **pp = &data->pending; in eap_sim_db_del_pending()
421 *pp = entry->next; in eap_sim_db_del_pending()
425 pp = &(*pp)->next; in eap_sim_db_del_pending()
435 wpa_printf(MSG_DEBUG, "EAP-SIM DB: Delete query timeout for %p", entry); in eap_sim_db_del_timeout()
449 wpa_printf(MSG_DEBUG, "EAP-SIM DB: Query timeout for %p", entry); in eap_sim_db_query_timeout()
450 entry->state = FAILURE; in eap_sim_db_query_timeout()
451 data->get_complete_cb(data->ctx, entry->cb_session_ctx); in eap_sim_db_query_timeout()
464 * SIM-RESP-AUTH <IMSI> Kc(i):SRES(i):RAND(i) ... in eap_sim_db_sim_resp_auth()
465 * SIM-RESP-AUTH <IMSI> FAILURE in eap_sim_db_sim_resp_auth()
471 wpa_printf(MSG_DEBUG, "EAP-SIM DB: No pending entry for the " in eap_sim_db_sim_resp_auth()
478 wpa_printf(MSG_DEBUG, "EAP-SIM DB: External server reported " in eap_sim_db_sim_resp_auth()
480 entry->state = FAILURE; in eap_sim_db_sim_resp_auth()
482 data->get_complete_cb(data->ctx, entry->cb_session_ctx); in eap_sim_db_sim_resp_auth()
496 if (hexstr2bin(start, entry->u.sim.kc[num_chal], in eap_sim_db_sim_resp_auth()
505 if (hexstr2bin(start, entry->u.sim.sres[num_chal], in eap_sim_db_sim_resp_auth()
510 if (hexstr2bin(start, entry->u.sim.rand[num_chal], in eap_sim_db_sim_resp_auth()
520 entry->u.sim.num_chal = num_chal; in eap_sim_db_sim_resp_auth()
522 entry->state = SUCCESS; in eap_sim_db_sim_resp_auth()
523 wpa_printf(MSG_DEBUG, "EAP-SIM DB: Authentication data parsed " in eap_sim_db_sim_resp_auth()
524 "successfully - callback"); in eap_sim_db_sim_resp_auth()
526 data->get_complete_cb(data->ctx, entry->cb_session_ctx); in eap_sim_db_sim_resp_auth()
530 wpa_printf(MSG_DEBUG, "EAP-SIM DB: Failed to parse response string"); in eap_sim_db_sim_resp_auth()
542 * AKA-RESP-AUTH <IMSI> <RAND> <AUTN> <IK> <CK> <RES> in eap_sim_db_aka_resp_auth()
543 * AKA-RESP-AUTH <IMSI> FAILURE in eap_sim_db_aka_resp_auth()
549 wpa_printf(MSG_DEBUG, "EAP-SIM DB: No pending entry for the " in eap_sim_db_aka_resp_auth()
556 wpa_printf(MSG_DEBUG, "EAP-SIM DB: External server reported " in eap_sim_db_aka_resp_auth()
558 entry->state = FAILURE; in eap_sim_db_aka_resp_auth()
560 data->get_complete_cb(data->ctx, entry->cb_session_ctx); in eap_sim_db_aka_resp_auth()
568 if (hexstr2bin(start, entry->u.aka.rand, EAP_AKA_RAND_LEN)) in eap_sim_db_aka_resp_auth()
576 if (hexstr2bin(start, entry->u.aka.autn, EAP_AKA_AUTN_LEN)) in eap_sim_db_aka_resp_auth()
584 if (hexstr2bin(start, entry->u.aka.ik, EAP_AKA_IK_LEN)) in eap_sim_db_aka_resp_auth()
592 if (hexstr2bin(start, entry->u.aka.ck, EAP_AKA_CK_LEN)) in eap_sim_db_aka_resp_auth()
604 entry->u.aka.res_len = (end - start) / 2; in eap_sim_db_aka_resp_auth()
605 if (entry->u.aka.res_len > EAP_AKA_RES_MAX_LEN) { in eap_sim_db_aka_resp_auth()
606 wpa_printf(MSG_DEBUG, "EAP-SIM DB: Too long RES"); in eap_sim_db_aka_resp_auth()
607 entry->u.aka.res_len = 0; in eap_sim_db_aka_resp_auth()
610 if (hexstr2bin(start, entry->u.aka.res, entry->u.aka.res_len)) in eap_sim_db_aka_resp_auth()
613 entry->state = SUCCESS; in eap_sim_db_aka_resp_auth()
614 wpa_printf(MSG_DEBUG, "EAP-SIM DB: Authentication data parsed " in eap_sim_db_aka_resp_auth()
615 "successfully - callback"); in eap_sim_db_aka_resp_auth()
617 data->get_complete_cb(data->ctx, entry->cb_session_ctx); in eap_sim_db_aka_resp_auth()
621 wpa_printf(MSG_DEBUG, "EAP-SIM DB: Failed to parse response string"); in eap_sim_db_aka_resp_auth()
629 char buf[1000], *pos, *cmd, *imsi; in eap_sim_db_receive() local
632 res = recv(sock, buf, sizeof(buf) - 1, 0); in eap_sim_db_receive()
636 wpa_hexdump_ascii_key(MSG_MSGDUMP, "EAP-SIM DB: Received from an " in eap_sim_db_receive()
641 if (data->get_complete_cb == NULL) { in eap_sim_db_receive()
642 wpa_printf(MSG_DEBUG, "EAP-SIM DB: No get_complete_cb " in eap_sim_db_receive()
647 /* <cmd> <IMSI> ... */ in eap_sim_db_receive()
649 cmd = buf; in eap_sim_db_receive()
650 pos = os_strchr(cmd, ' '); in eap_sim_db_receive()
659 wpa_printf(MSG_DEBUG, "EAP-SIM DB: External response=%s for IMSI %s", in eap_sim_db_receive()
660 cmd, imsi); in eap_sim_db_receive()
662 if (os_strcmp(cmd, "SIM-RESP-AUTH") == 0) in eap_sim_db_receive()
664 else if (os_strcmp(cmd, "AKA-RESP-AUTH") == 0) in eap_sim_db_receive()
667 wpa_printf(MSG_INFO, "EAP-SIM DB: Unknown external response " in eap_sim_db_receive()
668 "'%s'", cmd); in eap_sim_db_receive()
672 wpa_printf(MSG_DEBUG, "EAP-SIM DB: Failed to parse response string"); in eap_sim_db_receive()
681 if (os_strncmp(data->fname, "unix:", 5) != 0) in eap_sim_db_open_socket()
682 return -1; in eap_sim_db_open_socket()
684 data->sock = socket(PF_UNIX, SOCK_DGRAM, 0); in eap_sim_db_open_socket()
685 if (data->sock < 0) { in eap_sim_db_open_socket()
687 return -1; in eap_sim_db_open_socket()
693 "/tmp/eap_sim_db_%d-%d", getpid(), counter++); in eap_sim_db_open_socket()
694 os_free(data->local_sock); in eap_sim_db_open_socket()
695 data->local_sock = os_strdup(addr.sun_path); in eap_sim_db_open_socket()
696 if (data->local_sock == NULL) { in eap_sim_db_open_socket()
697 close(data->sock); in eap_sim_db_open_socket()
698 data->sock = -1; in eap_sim_db_open_socket()
699 return -1; in eap_sim_db_open_socket()
701 if (bind(data->sock, (struct sockaddr *) &addr, sizeof(addr)) < 0) { in eap_sim_db_open_socket()
703 close(data->sock); in eap_sim_db_open_socket()
704 data->sock = -1; in eap_sim_db_open_socket()
705 return -1; in eap_sim_db_open_socket()
710 os_strlcpy(addr.sun_path, data->fname + 5, sizeof(addr.sun_path)); in eap_sim_db_open_socket()
711 if (connect(data->sock, (struct sockaddr *) &addr, sizeof(addr)) < 0) { in eap_sim_db_open_socket()
717 close(data->sock); in eap_sim_db_open_socket()
718 data->sock = -1; in eap_sim_db_open_socket()
719 unlink(data->local_sock); in eap_sim_db_open_socket()
720 os_free(data->local_sock); in eap_sim_db_open_socket()
721 data->local_sock = NULL; in eap_sim_db_open_socket()
722 return -1; in eap_sim_db_open_socket()
725 eloop_register_read_sock(data->sock, eap_sim_db_receive, data, NULL); in eap_sim_db_open_socket()
733 if (data->sock >= 0) { in eap_sim_db_close_socket()
734 eloop_unregister_read_sock(data->sock); in eap_sim_db_close_socket()
735 close(data->sock); in eap_sim_db_close_socket()
736 data->sock = -1; in eap_sim_db_close_socket()
738 if (data->local_sock) { in eap_sim_db_close_socket()
739 unlink(data->local_sock); in eap_sim_db_close_socket()
740 os_free(data->local_sock); in eap_sim_db_close_socket()
741 data->local_sock = NULL; in eap_sim_db_close_socket()
747 * eap_sim_db_init - Initialize EAP-SIM DB / authentication gateway interface
766 data->sock = -1; in eap_sim_db_init()
767 data->get_complete_cb = get_complete_cb; in eap_sim_db_init()
768 data->ctx = ctx; in eap_sim_db_init()
769 data->eap_sim_db_timeout = db_timeout; in eap_sim_db_init()
770 data->fname = os_strdup(config); in eap_sim_db_init()
771 if (data->fname == NULL) in eap_sim_db_init()
773 pos = os_strstr(data->fname, " db="); in eap_sim_db_init()
778 data->sqlite_db = db_open(pos); in eap_sim_db_init()
779 if (data->sqlite_db == NULL) in eap_sim_db_init()
784 if (os_strncmp(data->fname, "unix:", 5) == 0) { in eap_sim_db_init()
786 wpa_printf(MSG_DEBUG, "EAP-SIM DB: External database " in eap_sim_db_init()
787 "connection not available - will retry " in eap_sim_db_init()
796 os_free(data->fname); in eap_sim_db_init()
804 os_free(p->permanent); in eap_sim_db_free_pseudonym()
805 os_free(p->pseudonym); in eap_sim_db_free_pseudonym()
812 os_free(r->permanent); in eap_sim_db_free_reauth()
813 os_free(r->reauth_id); in eap_sim_db_free_reauth()
819 * eap_sim_db_deinit - Deinitialize EAP-SIM DB/authentication gw interface
830 if (data->sqlite_db) { in eap_sim_db_deinit()
831 sqlite3_close(data->sqlite_db); in eap_sim_db_deinit()
832 data->sqlite_db = NULL; in eap_sim_db_deinit()
837 os_free(data->fname); in eap_sim_db_deinit()
839 p = data->pseudonyms; in eap_sim_db_deinit()
842 p = p->next; in eap_sim_db_deinit()
846 r = data->reauths; in eap_sim_db_deinit()
849 r = r->next; in eap_sim_db_deinit()
853 pending = data->pending; in eap_sim_db_deinit()
856 pending = pending->next; in eap_sim_db_deinit()
869 if (send(data->sock, msg, len, 0) < 0) { in eap_sim_db_send()
871 wpa_printf(MSG_INFO, "send[EAP-SIM DB UNIX]: %s", in eap_sim_db_send()
880 return -1; in eap_sim_db_send()
881 wpa_printf(MSG_DEBUG, "EAP-SIM DB: Reconnected to the " in eap_sim_db_send()
883 if (send(data->sock, msg, len, 0) < 0) { in eap_sim_db_send()
884 wpa_printf(MSG_INFO, "send[EAP-SIM DB UNIX]: %s", in eap_sim_db_send()
886 return -1; in eap_sim_db_send()
897 eloop_register_timeout(data->eap_sim_db_timeout, 0, in eap_sim_db_expire_pending()
903 * eap_sim_db_get_gsm_triplets - Get GSM triplets
912 * max_chal), -1 (EAP_SIM_DB_FAILURE) on error (e.g., user not found), or
913 * -2 (EAP_SIM_DB_PENDING) if results are not yet available. In this case, the
937 username[1] == '\0' || os_strlen(username) > sizeof(entry->imsi)) { in eap_sim_db_get_gsm_triplets()
938 wpa_printf(MSG_DEBUG, "EAP-SIM DB: unexpected username '%s'", in eap_sim_db_get_gsm_triplets()
943 wpa_printf(MSG_DEBUG, "EAP-SIM DB: Get GSM triplets for IMSI '%s'", in eap_sim_db_get_gsm_triplets()
949 if (entry->state == FAILURE) { in eap_sim_db_get_gsm_triplets()
950 wpa_printf(MSG_DEBUG, "EAP-SIM DB: Pending entry -> " in eap_sim_db_get_gsm_triplets()
956 if (entry->state == PENDING) { in eap_sim_db_get_gsm_triplets()
957 wpa_printf(MSG_DEBUG, "EAP-SIM DB: Pending entry -> " in eap_sim_db_get_gsm_triplets()
963 wpa_printf(MSG_DEBUG, "EAP-SIM DB: Pending entry -> " in eap_sim_db_get_gsm_triplets()
964 "%d challenges", entry->u.sim.num_chal); in eap_sim_db_get_gsm_triplets()
965 num_chal = entry->u.sim.num_chal; in eap_sim_db_get_gsm_triplets()
968 os_memcpy(_rand, entry->u.sim.rand, num_chal * GSM_RAND_LEN); in eap_sim_db_get_gsm_triplets()
969 os_memcpy(sres, entry->u.sim.sres, in eap_sim_db_get_gsm_triplets()
971 os_memcpy(kc, entry->u.sim.kc, num_chal * EAP_SIM_KC_LEN); in eap_sim_db_get_gsm_triplets()
976 if (data->sock < 0) { in eap_sim_db_get_gsm_triplets()
982 len = os_snprintf(msg, sizeof(msg), "SIM-REQ-AUTH "); in eap_sim_db_get_gsm_triplets()
988 ret = os_snprintf(msg + len, sizeof(msg) - len, " %d", max_chal); in eap_sim_db_get_gsm_triplets()
989 if (os_snprintf_error(sizeof(msg) - len, ret)) in eap_sim_db_get_gsm_triplets()
993 wpa_printf(MSG_DEBUG, "EAP-SIM DB: requesting SIM authentication " in eap_sim_db_get_gsm_triplets()
1002 os_strlcpy(entry->imsi, imsi, sizeof(entry->imsi)); in eap_sim_db_get_gsm_triplets()
1003 entry->cb_session_ctx = cb_session_ctx; in eap_sim_db_get_gsm_triplets()
1004 entry->state = PENDING; in eap_sim_db_get_gsm_triplets()
1007 wpa_printf(MSG_DEBUG, "EAP-SIM DB: Added query %p", entry); in eap_sim_db_get_gsm_triplets()
1027 wpa_snprintf_hex(pos, end - pos, buf, sizeof(buf)); in eap_sim_db_get_next()
1034 * eap_sim_db_get_next_pseudonym - EAP-SIM DB: Get next pseudonym
1039 * This function is used to generate a pseudonym for EAP-SIM. The returned
1066 * eap_sim_db_get_next_reauth_id - EAP-SIM DB: Get next reauth_id
1071 * This function is used to generate a fast re-authentication identity for
1072 * EAP-SIM. The returned reauth_id is not added to database at this point; it
1099 * eap_sim_db_add_pseudonym - EAP-SIM DB: Add new pseudonym
1105 * Returns: 0 on success, -1 on failure
1107 * This function adds a new pseudonym for EAP-SIM user. EAP-SIM DB is
1114 wpa_printf(MSG_DEBUG, "EAP-SIM DB: Add pseudonym '%s' for permanent " in eap_sim_db_add_pseudonym()
1119 if (data->sqlite_db) in eap_sim_db_add_pseudonym()
1122 for (p = data->pseudonyms; p; p = p->next) { in eap_sim_db_add_pseudonym()
1123 if (os_strcmp(permanent, p->permanent) == 0) in eap_sim_db_add_pseudonym()
1127 wpa_printf(MSG_DEBUG, "EAP-SIM DB: Replacing previous " in eap_sim_db_add_pseudonym()
1128 "pseudonym: %s", p->pseudonym); in eap_sim_db_add_pseudonym()
1129 os_free(p->pseudonym); in eap_sim_db_add_pseudonym()
1130 p->pseudonym = pseudonym; in eap_sim_db_add_pseudonym()
1137 return -1; in eap_sim_db_add_pseudonym()
1140 p->next = data->pseudonyms; in eap_sim_db_add_pseudonym()
1141 p->permanent = os_strdup(permanent); in eap_sim_db_add_pseudonym()
1142 if (p->permanent == NULL) { in eap_sim_db_add_pseudonym()
1145 return -1; in eap_sim_db_add_pseudonym()
1147 p->pseudonym = pseudonym; in eap_sim_db_add_pseudonym()
1148 data->pseudonyms = p; in eap_sim_db_add_pseudonym()
1150 wpa_printf(MSG_DEBUG, "EAP-SIM DB: Added new pseudonym entry"); in eap_sim_db_add_pseudonym()
1162 for (r = data->reauths; r; r = r->next) { in eap_sim_db_add_reauth_data()
1163 if (os_strcmp(r->permanent, permanent) == 0) in eap_sim_db_add_reauth_data()
1168 wpa_printf(MSG_DEBUG, "EAP-SIM DB: Replacing previous " in eap_sim_db_add_reauth_data()
1169 "reauth_id: %s", r->reauth_id); in eap_sim_db_add_reauth_data()
1170 os_free(r->reauth_id); in eap_sim_db_add_reauth_data()
1171 r->reauth_id = reauth_id; in eap_sim_db_add_reauth_data()
1179 r->next = data->reauths; in eap_sim_db_add_reauth_data()
1180 r->permanent = os_strdup(permanent); in eap_sim_db_add_reauth_data()
1181 if (r->permanent == NULL) { in eap_sim_db_add_reauth_data()
1186 r->reauth_id = reauth_id; in eap_sim_db_add_reauth_data()
1187 data->reauths = r; in eap_sim_db_add_reauth_data()
1188 wpa_printf(MSG_DEBUG, "EAP-SIM DB: Added new reauth entry"); in eap_sim_db_add_reauth_data()
1191 r->counter = counter; in eap_sim_db_add_reauth_data()
1198 * eap_sim_db_add_reauth - EAP-SIM DB: Add new re-authentication entry
1205 * @counter: AT_COUNTER value for fast re-authentication
1206 * @mk: 16-byte MK from the previous full authentication or %NULL
1207 * Returns: 0 on success, -1 on failure
1209 * This function adds a new re-authentication entry for an EAP-SIM user.
1210 * EAP-SIM DB is responsible of freeing reauth_id buffer once it is not needed
1218 wpa_printf(MSG_DEBUG, "EAP-SIM DB: Add reauth_id '%s' for permanent " in eap_sim_db_add_reauth()
1222 if (data->sqlite_db) in eap_sim_db_add_reauth()
1228 return -1; in eap_sim_db_add_reauth()
1230 os_memcpy(r->mk, mk, EAP_SIM_MK_LEN); in eap_sim_db_add_reauth()
1238 * eap_sim_db_add_reauth_prime - EAP-AKA' DB: Add new re-authentication entry
1244 * @counter: AT_COUNTER value for fast re-authentication
1247 * @k_re: 32-byte K_re from the previous full authentication
1248 * Returns: 0 on success, -1 on failure
1250 * This function adds a new re-authentication entry for an EAP-AKA' user.
1251 * EAP-SIM DB is responsible of freeing reauth_id buffer once it is not needed
1261 wpa_printf(MSG_DEBUG, "EAP-SIM DB: Add reauth_id '%s' for permanent " in eap_sim_db_add_reauth_prime()
1265 if (data->sqlite_db) in eap_sim_db_add_reauth_prime()
1271 return -1; in eap_sim_db_add_reauth_prime()
1273 os_memcpy(r->k_encr, k_encr, EAP_SIM_K_ENCR_LEN); in eap_sim_db_add_reauth_prime()
1274 os_memcpy(r->k_aut, k_aut, EAP_AKA_PRIME_K_AUT_LEN); in eap_sim_db_add_reauth_prime()
1275 os_memcpy(r->k_re, k_re, EAP_AKA_PRIME_K_RE_LEN); in eap_sim_db_add_reauth_prime()
1283 * eap_sim_db_get_permanent - EAP-SIM DB: Get permanent identity
1294 if (data->sqlite_db) in eap_sim_db_get_permanent()
1298 p = data->pseudonyms; in eap_sim_db_get_permanent()
1300 if (os_strcmp(p->pseudonym, pseudonym) == 0) in eap_sim_db_get_permanent()
1301 return p->permanent; in eap_sim_db_get_permanent()
1302 p = p->next; in eap_sim_db_get_permanent()
1310 * eap_sim_db_get_reauth_entry - EAP-SIM DB: Get re-authentication entry
1312 * @reauth_id: Fast re-authentication username
1313 * Returns: Pointer to the re-auth entry, or %NULL if not found
1322 if (data->sqlite_db) in eap_sim_db_get_reauth_entry()
1326 r = data->reauths; in eap_sim_db_get_reauth_entry()
1328 if (os_strcmp(r->reauth_id, reauth_id) == 0) in eap_sim_db_get_reauth_entry()
1330 r = r->next; in eap_sim_db_get_reauth_entry()
1338 * eap_sim_db_remove_reauth - EAP-SIM DB: Remove re-authentication entry
1340 * @reauth: Pointer to re-authentication entry from
1348 if (data->sqlite_db) { in eap_sim_db_remove_reauth()
1353 r = data->reauths; in eap_sim_db_remove_reauth()
1357 prev->next = r->next; in eap_sim_db_remove_reauth()
1359 data->reauths = r->next; in eap_sim_db_remove_reauth()
1364 r = r->next; in eap_sim_db_remove_reauth()
1370 * eap_sim_db_get_aka_auth - Get AKA authentication values
1380 * Returns: 0 on success, -1 (EAP_SIM_DB_FAILURE) on error (e.g., user not
1381 * found), or -2 (EAP_SIM_DB_PENDING) if results are not yet available. In this
1406 username[1] == '\0' || os_strlen(username) > sizeof(entry->imsi)) { in eap_sim_db_get_aka_auth()
1407 wpa_printf(MSG_DEBUG, "EAP-SIM DB: unexpected username '%s'", in eap_sim_db_get_aka_auth()
1412 wpa_printf(MSG_DEBUG, "EAP-SIM DB: Get AKA auth for IMSI '%s'", in eap_sim_db_get_aka_auth()
1417 if (entry->state == FAILURE) { in eap_sim_db_get_aka_auth()
1419 wpa_printf(MSG_DEBUG, "EAP-SIM DB: Failure"); in eap_sim_db_get_aka_auth()
1423 if (entry->state == PENDING) { in eap_sim_db_get_aka_auth()
1425 wpa_printf(MSG_DEBUG, "EAP-SIM DB: Pending"); in eap_sim_db_get_aka_auth()
1429 wpa_printf(MSG_DEBUG, "EAP-SIM DB: Returning successfully " in eap_sim_db_get_aka_auth()
1431 os_memcpy(_rand, entry->u.aka.rand, EAP_AKA_RAND_LEN); in eap_sim_db_get_aka_auth()
1432 os_memcpy(autn, entry->u.aka.autn, EAP_AKA_AUTN_LEN); in eap_sim_db_get_aka_auth()
1433 os_memcpy(ik, entry->u.aka.ik, EAP_AKA_IK_LEN); in eap_sim_db_get_aka_auth()
1434 os_memcpy(ck, entry->u.aka.ck, EAP_AKA_CK_LEN); in eap_sim_db_get_aka_auth()
1435 os_memcpy(res, entry->u.aka.res, EAP_AKA_RES_MAX_LEN); in eap_sim_db_get_aka_auth()
1436 *res_len = entry->u.aka.res_len; in eap_sim_db_get_aka_auth()
1441 if (data->sock < 0) { in eap_sim_db_get_aka_auth()
1447 len = os_snprintf(msg, sizeof(msg), "AKA-REQ-AUTH "); in eap_sim_db_get_aka_auth()
1454 wpa_printf(MSG_DEBUG, "EAP-SIM DB: requesting AKA authentication " in eap_sim_db_get_aka_auth()
1463 entry->aka = 1; in eap_sim_db_get_aka_auth()
1464 os_strlcpy(entry->imsi, imsi, sizeof(entry->imsi)); in eap_sim_db_get_aka_auth()
1465 entry->cb_session_ctx = cb_session_ctx; in eap_sim_db_get_aka_auth()
1466 entry->state = PENDING; in eap_sim_db_get_aka_auth()
1469 wpa_printf(MSG_DEBUG, "EAP-SIM DB: Added query %p", entry); in eap_sim_db_get_aka_auth()
1476 * eap_sim_db_resynchronize - Resynchronize AKA AUTN
1481 * Returns: 0 on success, -1 on failure
1500 wpa_printf(MSG_DEBUG, "EAP-SIM DB: unexpected username '%s'", in eap_sim_db_resynchronize()
1502 return -1; in eap_sim_db_resynchronize()
1505 wpa_printf(MSG_DEBUG, "EAP-SIM DB: Get AKA auth for IMSI '%s'", in eap_sim_db_resynchronize()
1508 if (data->sock >= 0) { in eap_sim_db_resynchronize()
1513 len = os_snprintf(msg, sizeof(msg), "AKA-AUTS "); in eap_sim_db_resynchronize()
1516 return -1; in eap_sim_db_resynchronize()
1520 ret = os_snprintf(msg + len, sizeof(msg) - len, " "); in eap_sim_db_resynchronize()
1521 if (os_snprintf_error(sizeof(msg) - len, ret)) in eap_sim_db_resynchronize()
1522 return -1; in eap_sim_db_resynchronize()
1524 len += wpa_snprintf_hex(msg + len, sizeof(msg) - len, in eap_sim_db_resynchronize()
1526 ret = os_snprintf(msg + len, sizeof(msg) - len, " "); in eap_sim_db_resynchronize()
1527 if (os_snprintf_error(sizeof(msg) - len, ret)) in eap_sim_db_resynchronize()
1528 return -1; in eap_sim_db_resynchronize()
1530 len += wpa_snprintf_hex(msg + len, sizeof(msg) - len, in eap_sim_db_resynchronize()
1532 wpa_printf(MSG_DEBUG, "EAP-SIM DB: reporting AKA AUTS for " in eap_sim_db_resynchronize()
1535 return -1; in eap_sim_db_resynchronize()
1543 * sim_get_username - Extract username from SIM identity