Gitiles
Code Review Sign In
gerrit.omnirom.org / android_external_wpa_supplicant_8 / 8d520ff1dc2da35cdca849e982051b86468016d8 / . / src / eap_server / eap.h
blob: 6b2907519e148320746fdfa0314634f5bc969223 [file] [log] [blame]
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame^]1/*
2 * hostapd / EAP Full Authenticator state machine (RFC 4137)
3 * Copyright (c) 2004-2007, Jouni Malinen <j@w1.fi>
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
8 *
9 * Alternatively, this software may be distributed under the terms of BSD
10 * license.
11 *
12 * See README and COPYING for more details.
13 */
14
15#ifndef EAP_H
16#define EAP_H
17
18#include "common/defs.h"
19#include "eap_common/eap_defs.h"
20#include "eap_server/eap_methods.h"
21#include "wpabuf.h"
22
23struct eap_sm;
24
25#define EAP_MAX_METHODS 8
26
27#define EAP_TTLS_AUTH_PAP 1
28#define EAP_TTLS_AUTH_CHAP 2
29#define EAP_TTLS_AUTH_MSCHAP 4
30#define EAP_TTLS_AUTH_MSCHAPV2 8
31
32struct eap_user {
33 struct {
34 int vendor;
35 u32 method;
36 } methods[EAP_MAX_METHODS];
37 u8 *password;
38 size_t password_len;
39 int password_hash; /* whether password is hashed with
40 * nt_password_hash() */
41 int phase2;
42 int force_version;
43 int ttls_auth; /* bitfield of
44 * EAP_TTLS_AUTH_{PAP,CHAP,MSCHAP,MSCHAPV2} */
45};
46
47struct eap_eapol_interface {
48 /* Lower layer to full authenticator variables */
49 Boolean eapResp; /* shared with EAPOL Backend Authentication */
50 struct wpabuf *eapRespData;
51 Boolean portEnabled;
52 int retransWhile;
53 Boolean eapRestart; /* shared with EAPOL Authenticator PAE */
54 int eapSRTT;
55 int eapRTTVAR;
56
57 /* Full authenticator to lower layer variables */
58 Boolean eapReq; /* shared with EAPOL Backend Authentication */
59 Boolean eapNoReq; /* shared with EAPOL Backend Authentication */
60 Boolean eapSuccess;
61 Boolean eapFail;
62 Boolean eapTimeout;
63 struct wpabuf *eapReqData;
64 u8 *eapKeyData;
65 size_t eapKeyDataLen;
66 Boolean eapKeyAvailable; /* called keyAvailable in IEEE 802.1X-2004 */
67
68 /* AAA interface to full authenticator variables */
69 Boolean aaaEapReq;
70 Boolean aaaEapNoReq;
71 Boolean aaaSuccess;
72 Boolean aaaFail;
73 struct wpabuf *aaaEapReqData;
74 u8 *aaaEapKeyData;
75 size_t aaaEapKeyDataLen;
76 Boolean aaaEapKeyAvailable;
77 int aaaMethodTimeout;
78
79 /* Full authenticator to AAA interface variables */
80 Boolean aaaEapResp;
81 struct wpabuf *aaaEapRespData;
82 /* aaaIdentity -> eap_get_identity() */
83 Boolean aaaTimeout;
84};
85
86struct eapol_callbacks {
87 int (*get_eap_user)(void *ctx, const u8 *identity, size_t identity_len,
88 int phase2, struct eap_user *user);
89 const char * (*get_eap_req_id_text)(void *ctx, size_t *len);
90};
91
92struct eap_config {
93 void *ssl_ctx;
94 void *msg_ctx;
95 void *eap_sim_db_priv;
96 Boolean backend_auth;
97 int eap_server;
98 u16 pwd_group;
99 u8 *pac_opaque_encr_key;
100 u8 *eap_fast_a_id;
101 size_t eap_fast_a_id_len;
102 char *eap_fast_a_id_info;
103 int eap_fast_prov;
104 int pac_key_lifetime;
105 int pac_key_refresh_time;
106 int eap_sim_aka_result_ind;
107 int tnc;
108 struct wps_context *wps;
109 const struct wpabuf *assoc_wps_ie;
110 const struct wpabuf *assoc_p2p_ie;
111 const u8 *peer_addr;
112 int fragment_size;
113};
114
115
116struct eap_sm * eap_server_sm_init(void *eapol_ctx,
117 struct eapol_callbacks *eapol_cb,
118 struct eap_config *eap_conf);
119void eap_server_sm_deinit(struct eap_sm *sm);
120int eap_server_sm_step(struct eap_sm *sm);
121void eap_sm_notify_cached(struct eap_sm *sm);
122void eap_sm_pending_cb(struct eap_sm *sm);
123int eap_sm_method_pending(struct eap_sm *sm);
124const u8 * eap_get_identity(struct eap_sm *sm, size_t *len);
125struct eap_eapol_interface * eap_get_interface(struct eap_sm *sm);
126void eap_server_clear_identity(struct eap_sm *sm);
127
128#endif /* EAP_H */