Removed extra memory frees from KMP socket and eapol if and fixed KMP comments

Author: Mika Leppänen

source/Security/kmp/kmp_addr.c

@@ -31,7 +31,7 @@
 
 #ifdef HAVE_WS
 
-#define TRACE_GROUP "kmpaddr"
+#define TRACE_GROUP "kmar"
 
 #define KMP_ADDR_DYN_ALLOC        0x80
 #define KMP_ADDR_TYPE_MASK        0x0F

source/Security/kmp/kmp_api.c

@@ -33,7 +33,7 @@
 
 #ifdef HAVE_WS
 
-#define TRACE_GROUP "kmpc"
+#define TRACE_GROUP "kmap"
 
 struct kmp_api_s {
     void                         *app_data_ptr;         /**< Opaque pointer for application data */
@@ -199,14 +199,17 @@ static int8_t kmp_sec_prot_send(sec_prot_t *prot, void *pdu, uint16_t size)
         kmp_id -= IEEE_802_1X_INITIAL_KEY;
     }
 
+    int8_t result = -1;
+
     if (kmp->service->send) {
-        int8_t result;
         result = kmp->service->send(kmp->service, kmp_id, kmp->addr, pdu, size);
-        return result;
-    } else {
+    }
+
+    if (result < 0) {
         ns_dyn_mem_free(pdu);
-        return -1;
     }
+
+    return result;
 }
 
 static void kmp_sec_prot_timer_start(sec_prot_t *prot)

source/Security/kmp/kmp_api.h

@@ -18,6 +18,16 @@
 #ifndef KMP_API_H_
 #define KMP_API_H_
 
+/*
+ * KMP API and KMP service module. KMP API offers key management security
+ * protocols interface towards application.
+ *
+ * KMP service provides security protocols access to network, timing
+ * services and callback services. Application must configure KMP service
+ * before using KMP API.
+ *
+ */
+
 typedef enum {
     IEEE_802_1X_MKA = 1,
     IEEE_802_11_4WH = 6,

source/Security/kmp/kmp_eapol_pdu_if.c

@@ -31,7 +31,7 @@
 
 #ifdef HAVE_WS
 
-#define TRACE_GROUP "kmpeif"
+#define TRACE_GROUP "kmep"
 
 #define EAPOL_PDU_IF_HEADER_SIZE                 1
 
@@ -99,7 +99,6 @@ int8_t kmp_eapol_pdu_if_unregister(kmp_service_t *service)
 static int8_t kmp_eapol_pdu_if_send(kmp_service_t *service, kmp_type_e kmp_id, const kmp_addr_t *addr, void *pdu, uint16_t size)
 {
     if (!service || !addr || !pdu) {
-        ns_dyn_mem_free(pdu);
         return -1;
     }
 
@@ -113,13 +112,11 @@ static int8_t kmp_eapol_pdu_if_send(kmp_service_t *service, kmp_type_e kmp_id, c
     }
 
     if (!interface_ptr) {
-        ns_dyn_mem_free(pdu);
         return -1;
     }
 
     const uint8_t *eui_64 = kmp_address_eui_64_get(addr);
     if (!eui_64) {
-        ns_dyn_mem_free(pdu);
         return -1;
     }
 

source/Security/kmp/kmp_eapol_pdu_if.h

@@ -18,8 +18,45 @@
 #ifndef KMP_EAPOL_PDU_IF_H_
 #define KMP_EAPOL_PDU_IF_H_
 
+/*
+ * Supplicant KMP interface to/from EAPOL PDU interface (to MPX).
+ */
+
+/**
+ * kmp_eapol_pdu_if_register register EAPOL PDU interface to KMP service
+ *
+ * \param service KMP service to register to
+ * \param interface_ptr interface
+ *
+ * \return < 0 failure
+ * \return >= 0 success
+ *
+ */
 int8_t kmp_eapol_pdu_if_register(kmp_service_t *service, protocol_interface_info_entry_t *interface_ptr);
+
+/**
+ * kmp_eapol_pdu_if_unregister unregister EAPOL PDU interface from KMP service
+ *
+ * \param service KMP service to unregister from
+ *
+ * \return < 0 failure
+ * \return >= 0 success
+ *
+ */
 int8_t kmp_eapol_pdu_if_unregister(kmp_service_t *service);
+
+/**
+ * kmp_eapol_pdu_if_receive receive EAPOL PDU to KMP service
+ *
+ * \param interface_ptr interface
+ * \param eui_64 source EUI-64
+ * \param pdu EAPOL pdu
+ * \param size EAPOL pdu size
+ *
+ * \return < 0 failure
+ * \return >= 0 success
+ *
+ */
 int8_t kmp_eapol_pdu_if_receive(protocol_interface_info_entry_t *interface_ptr, const uint8_t *eui_64, void *pdu, uint16_t size);
 
 #endif /* KMP_EAPOL_PDU_IF_H_ */

source/Security/kmp/kmp_socket_if.c

@@ -15,12 +15,12 @@
  * limitations under the License.
  */
 
-//#include <stddef.h>
 #include "nsconfig.h"
 #include <string.h>
 #include "ns_types.h"
 #include "ns_list.h"
 #include "ns_trace.h"
+#include "ns_address.h"
 #include "nsdynmemLIB.h"
 #include "eventOS_event.h"
 #include "eventOS_scheduler.h"
@@ -36,13 +36,13 @@
 
 #ifdef HAVE_WS
 
-#define TRACE_GROUP "kmpsif"
+#define TRACE_GROUP "kmsi"
 
 #define SOCKET_IF_HEADER_SIZE    27
 
 typedef struct {
     kmp_service_t *kmp_service;                       /**< KMP service */
-    protocol_interface_info_entry_t *interface_ptr;   /**< Interface pointer */
+    ns_address_t remote_addr;                         /**< Remote address */
     int8_t socket_id;                                 /**< Socket ID */
     ns_list_link_t link;                              /**< Link */
 } kmp_socket_if_t;
@@ -52,14 +52,14 @@ static void kmp_socket_if_socket_cb(void *ptr);
 
 static NS_LIST_DEFINE(kmp_socket_if_list, kmp_socket_if_t, link);
 
-int8_t kmp_socket_if_register(kmp_service_t *service, protocol_interface_info_entry_t *interface_ptr)
+int8_t kmp_socket_if_register(kmp_service_t *service, uint16_t local_port, const uint8_t *remote_addr, uint16_t remote_port)
 {
-    if (!service || !interface_ptr) {
+    if (!service || !remote_addr) {
         return -1;
     }
 
     ns_list_foreach(kmp_socket_if_t, entry, &kmp_socket_if_list) {
-        if (entry->kmp_service == service || entry->interface_ptr == interface_ptr) {
+        if (entry->kmp_service == service) {
             return -1;
         }
     }
@@ -70,9 +70,12 @@ int8_t kmp_socket_if_register(kmp_service_t *service, protocol_interface_info_en
     }
 
     socket_if->kmp_service = service;
-    socket_if->interface_ptr = interface_ptr;
-    socket_if->socket_id = socket_open(IPV6_NH_UDP, 10254, &kmp_socket_if_socket_cb);
 
+    socket_if->remote_addr.type = ADDRESS_IPV6;
+    memcpy(&socket_if->remote_addr.address, remote_addr, 16);
+    socket_if->remote_addr.identifier = remote_port;
+
+    socket_if->socket_id = socket_open(IPV6_NH_UDP, local_port, &kmp_socket_if_socket_cb);
     if (socket_if->socket_id < 0) {
         ns_dyn_mem_free(socket_if);
         return -1;
@@ -108,7 +111,6 @@ int8_t kmp_socket_if_unregister(kmp_service_t *service)
 static int8_t kmp_socket_if_send(kmp_service_t *service, kmp_type_e kmp_id, const kmp_addr_t *addr, void *pdu, uint16_t size)
 {
     if (!service || !pdu || !addr) {
-        ns_dyn_mem_free(pdu);
         return -1;
     }
 
@@ -122,17 +124,9 @@ static int8_t kmp_socket_if_send(kmp_service_t *service, kmp_type_e kmp_id, cons
     }
 
     if (!socket_if) {
-        ns_dyn_mem_free(pdu);
         return -1;
     }
 
-    ns_address_t dest_addr;
-    if (addr_interface_get_ll_address(socket_if->interface_ptr, &dest_addr.address[0], 1) < 0) {
-        ns_dyn_mem_free(pdu);
-        return -1;
-    }
-    dest_addr.type = ADDRESS_IPV6;
-    dest_addr.identifier = 10253;
     //Build UPD Relay
     uint8_t *ptr = pdu;
     memcpy(ptr, kmp_address_ip_get(addr), 16);
@@ -142,8 +136,7 @@ static int8_t kmp_socket_if_send(kmp_service_t *service, kmp_type_e kmp_id, cons
     ptr += 8;
     *ptr = kmp_id;
 
-    socket_sendto(socket_if->socket_id, &dest_addr, pdu, size);
-
+    socket_sendto(socket_if->socket_id, &socket_if->remote_addr, pdu, size);
     ns_dyn_mem_free(pdu);
 
     return 0;

source/Security/kmp/kmp_socket_if.h

@@ -18,7 +18,40 @@
 #ifndef KMP_SOCKET_IF_H_
 #define KMP_SOCKET_IF_H_
 
-int8_t kmp_socket_if_register(kmp_service_t *service, protocol_interface_info_entry_t *interface);
+/*
+ * Authenticator KMP socket interface to/from EAPOL authenticator relay. EAPOL
+ * authenticator relay address and port are provided in register call (remote
+ * address and remote port parameters)
+ *
+ * Authenticator KMP socket must be bound to port that EAPOL authenticator
+ * uses to send messages to Authenticator KMP. Default port is 10254 (local port
+ * parameter)
+ *
+ */
+
+/**
+ * kmp_socket_if_register register socket interface to KMP service
+ *
+ * \param service KMP service to register to
+ * \param local_port local port
+ * \param remote_addr remote address
+ * \param remote_port remote port
+ *
+ * \return < 0 failure
+ * \return >= 0 success
+ *
+ */
+int8_t kmp_socket_if_register(kmp_service_t *service, uint16_t local_port, const uint8_t *remote_addr, uint16_t remote_port);
+
+/**
+ * kmp_socket_if_unregister unregister socket interface from KMP service
+ *
+ * \param service KMP service to unregister from
+ *
+ * \return < 0 failure
+ * \return >= 0 success
+ *
+ */
 int8_t kmp_socket_if_unregister(kmp_service_t *service);
 
 #endif /* KMP_SOCKET_IF_H_ */