Added support for retries and multiple sockets to RADIUS client (ARMmbed#2426)

* Added support for retries and multiple sockets to RADIUS client

- RADIUS EAP-TLS and client now supports retries
- RADIUS client now allocates message identifiers from a poll
- Message identifiers on the poll are freed for re-use based in timer
- If message identifier space runs out (255) a new socket is created
- Maximum number of sockets is 3
- Added shared component support to security protocols to allow
  creation of message identifier pools
- Improved peer message deletion by adding peer delete callback to
  security protocols

Author: Mika Leppänen

source/6LoWPAN/ws/ws_pae_auth.c

@@ -94,6 +94,7 @@ typedef struct {
     ws_pae_auth_nw_info_updated *nw_info_updated;            /**< Security keys network info updated callback */
     ws_pae_auth_ip_addr_get *ip_addr_get;                    /**< IP address get callback */
     supp_list_t active_supp_list;                            /**< List of active supplicants */
+    shared_comp_list_t shared_comp_list;                     /**< Shared component list */
     arm_event_storage_t *timer;                              /**< Timer */
     sec_prot_gtk_keys_t *next_gtks;                          /**< Next GTKs */
     const sec_prot_certs_t *certs;                           /**< Certificates */
@@ -121,6 +122,8 @@ static int8_t ws_pae_auth_timer_if_start(kmp_service_t *service, kmp_api_t *kmp)
 static int8_t ws_pae_auth_timer_if_stop(kmp_service_t *service, kmp_api_t *kmp);
 static int8_t ws_pae_auth_timer_start(pae_auth_t *pae_auth);
 static int8_t ws_pae_auth_timer_stop(pae_auth_t *pae_auth);
+static int8_t ws_pae_auth_shared_comp_add(kmp_service_t *service, kmp_shared_comp_t *data);
+static int8_t ws_pae_auth_shared_comp_remove(kmp_service_t *service, kmp_shared_comp_t *data);
 static bool ws_pae_auth_timer_running(pae_auth_t *pae_auth);
 static void ws_pae_auth_kmp_service_addr_get(kmp_service_t *service, kmp_api_t *kmp, kmp_addr_t *local_addr, kmp_addr_t *remote_addr);
 static void ws_pae_auth_kmp_service_ip_addr_get(kmp_service_t *service, kmp_api_t *kmp, uint8_t *address);
@@ -156,6 +159,7 @@ int8_t ws_pae_auth_init(protocol_interface_info_entry_t *interface_ptr, sec_prot
     pae_auth->pan_id = 0xffff;
     pae_auth->interface_ptr = interface_ptr;
     ws_pae_lib_supp_list_init(&pae_auth->active_supp_list);
+    ws_pae_lib_shared_comp_list_init(&pae_auth->shared_comp_list);
     pae_auth->timer = NULL;
 
     pae_auth->hash_set = NULL;
@@ -192,6 +196,10 @@ int8_t ws_pae_auth_init(protocol_interface_info_entry_t *interface_ptr, sec_prot
         goto error;
     }
 
+    if (kmp_service_shared_comp_if_register(pae_auth->kmp_service, ws_pae_auth_shared_comp_add, ws_pae_auth_shared_comp_remove)) {
+        goto error;
+    }
+
     if (auth_key_sec_prot_register(pae_auth->kmp_service) < 0) {
         goto error;
     }
@@ -594,6 +602,8 @@ static void ws_pae_auth_free(pae_auth_t *pae_auth)
         return;
     }
 
+    ws_pae_lib_shared_comp_list_free(&pae_auth->shared_comp_list);
+
     ws_pae_lib_supp_list_delete(&pae_auth->active_supp_list);
 
     kmp_socket_if_unregister(pae_auth->kmp_service);
@@ -741,6 +751,8 @@ void ws_pae_auth_slow_timer(uint16_t seconds)
         }
 
         ws_pae_lib_supp_list_slow_timer_update(&pae_auth->active_supp_list, seconds);
+
+        ws_pae_lib_shared_comp_list_timeout(&pae_auth->shared_comp_list, seconds);
     }
 
     // Update key storage timer
@@ -837,6 +849,26 @@ static int8_t ws_pae_auth_timer_if_stop(kmp_service_t *service, kmp_api_t *kmp)
     return 0;
 }
 
+static int8_t ws_pae_auth_shared_comp_add(kmp_service_t *service, kmp_shared_comp_t *data)
+{
+    pae_auth_t *pae_auth = ws_pae_auth_by_kmp_service_get(service);
+    if (!pae_auth) {
+        return -1;
+    }
+
+    return ws_pae_lib_shared_comp_list_add(&pae_auth->shared_comp_list, data);
+}
+
+static int8_t ws_pae_auth_shared_comp_remove(kmp_service_t *service, kmp_shared_comp_t *data)
+{
+    pae_auth_t *pae_auth = ws_pae_auth_by_kmp_service_get(service);
+    if (!pae_auth) {
+        return -1;
+    }
+
+    return ws_pae_lib_shared_comp_list_remove(&pae_auth->shared_comp_list, data);
+}
+
 static int8_t ws_pae_auth_timer_start(pae_auth_t *pae_auth)
 {
     pae_auth->timer_running = true;

source/6LoWPAN/ws/ws_pae_lib.c

@@ -448,4 +448,64 @@ supp_entry_t *ws_pae_lib_supp_list_entry_retry_timer_get(supp_list_t *supp_list)
     return retry_supp;
 }
 
+int8_t ws_pae_lib_shared_comp_list_init(shared_comp_list_t *comp_list)
+{
+    ns_list_init(comp_list);
+    return 0;
+}
+
+int8_t ws_pae_lib_shared_comp_list_free(shared_comp_list_t *comp_list)
+{
+    ns_list_foreach_safe(shared_comp_entry_t, entry, comp_list) {
+        if (entry->data->delete) {
+            entry->data->delete ();
+        }
+        ns_list_remove(comp_list, entry);
+        ns_dyn_mem_free(entry);
+    }
+    return 0;
+}
+
+int8_t ws_pae_lib_shared_comp_list_add(shared_comp_list_t *comp_list, kmp_shared_comp_t *data)
+{
+    ns_list_foreach(shared_comp_entry_t, entry, comp_list) {
+        if (entry->data == data) {
+            return -1;
+        }
+    }
+
+    shared_comp_entry_t *entry = ns_dyn_mem_alloc(sizeof(shared_comp_entry_t));
+    if (!entry) {
+        return -1;
+    }
+    entry->data = data;
+    ns_list_add_to_end(comp_list, entry);
+
+    return 0;
+}
+
+int8_t ws_pae_lib_shared_comp_list_remove(shared_comp_list_t *comp_list, kmp_shared_comp_t *data)
+{
+    ns_list_foreach(shared_comp_entry_t, entry, comp_list) {
+        if (entry->data == data) {
+            ns_list_remove(comp_list, entry);
+            ns_dyn_mem_free(entry);
+            return 0;
+        }
+    }
+
+    return 0;
+}
+
+int8_t ws_pae_lib_shared_comp_list_timeout(shared_comp_list_t *comp_list, uint16_t ticks)
+{
+    ns_list_foreach(shared_comp_entry_t, entry, comp_list) {
+        if (entry->data->timeout) {
+            entry->data->timeout(ticks);
+        }
+    }
+
+    return 0;
+}
+
 #endif /* HAVE_WS */

source/6LoWPAN/ws/ws_pae_lib.h

@@ -45,6 +45,13 @@ typedef struct supp_entry_s {
 
 typedef NS_LIST_HEAD(supp_entry_t, link) supp_list_t;
 
+typedef struct {
+    kmp_shared_comp_t *data;           /**< KMP shared component data */
+    ns_list_link_t link;               /**< Link */
+} shared_comp_entry_t;
+
+typedef NS_LIST_HEAD(shared_comp_entry_t, link) shared_comp_list_t;
+
 /**
  * ws_pae_lib_kmp_list_init initializes KMP list
  *
@@ -388,4 +395,62 @@ kmp_api_t *ws_pae_lib_supp_list_kmp_receive_check(supp_list_t *supp_list, const
  */
 supp_entry_t *ws_pae_lib_supp_list_entry_retry_timer_get(supp_list_t *supp_list);
 
+/**
+ *  ws_pae_lib_shared_comp_list_init init shared component list
+ *
+ * \param comp_list component list
+ *
+ * \return < 0 failure
+ * \return >= 0 success
+ *
+ */
+int8_t ws_pae_lib_shared_comp_list_init(shared_comp_list_t *comp_list);
+
+/**
+ *  ws_pae_lib_shared_comp_list_free free shared component list
+ *
+ * \param comp_list component list
+ *
+ * \return < 0 failure
+ * \return >= 0 success
+ *
+ */
+int8_t ws_pae_lib_shared_comp_list_free(shared_comp_list_t *comp_list);
+
+/**
+ *  ws_pae_lib_shared_comp_list_add add to shared component list
+ *
+ * \param comp_list component list
+ * \param data shared component
+ *
+ * \return < 0 failure
+ * \return >= 0 success
+ *
+ */
+int8_t ws_pae_lib_shared_comp_list_add(shared_comp_list_t *comp_list, kmp_shared_comp_t *data);
+
+/**
+ *  ws_pae_lib_shared_comp_list_remove remove from shared component list
+ *
+ * \param comp_list component list
+ * \param data shared component
+ *
+ * \return < 0 failure
+ * \return >= 0 success
+ *
+ */
+int8_t ws_pae_lib_shared_comp_list_remove(shared_comp_list_t *comp_list, kmp_shared_comp_t *data);
+
+/**
+ *  ws_pae_lib_shared_comp_list_timeout timeout to shared component list
+ *
+ * \param comp_list component list
+ * \param ticks elapsed time in seconds
+ *
+ * \return < 0 failure
+ * \return >= 0 success
+ *
+ */
+int8_t ws_pae_lib_shared_comp_list_timeout(shared_comp_list_t *comp_list, uint16_t ticks);
+
 #endif /* WS_PAE_AUTH_H_ */