eap.h revision f21452aea786ac056eb01f1cbba4f553bd502747
14f39fd99568ce175f04b5ed72062bfed0fa41803daniel@transgaming.com/* 216004fca1a4c2addaaed17f5746039a622057b2aNicolas Capens * hostapd / EAP Full Authenticator state machine (RFC 4137) 34f39fd99568ce175f04b5ed72062bfed0fa41803daniel@transgaming.com * Copyright (c) 2004-2007, Jouni Malinen <j@w1.fi> 44f39fd99568ce175f04b5ed72062bfed0fa41803daniel@transgaming.com * 54f39fd99568ce175f04b5ed72062bfed0fa41803daniel@transgaming.com * This software may be distributed under the terms of the BSD license. 64f39fd99568ce175f04b5ed72062bfed0fa41803daniel@transgaming.com * See README for more details. 74f39fd99568ce175f04b5ed72062bfed0fa41803daniel@transgaming.com */ 84f39fd99568ce175f04b5ed72062bfed0fa41803daniel@transgaming.com 9d4a3a3171ce8b72123e4eaa85a3c5d2b3130878cJamie Madill#ifndef EAP_H 1017732823f9c21bdba9cc51ffaceb545ce3857a8cGeoff Lang#define EAP_H 1117732823f9c21bdba9cc51ffaceb545ce3857a8cGeoff Lang 12b1a85f48a6cb63c32e884a9dea86b1ca7275bf7cJamie Madill#include "common/defs.h" 1317732823f9c21bdba9cc51ffaceb545ce3857a8cGeoff Lang#include "eap_common/eap_defs.h" 14b401a92b48599a64cbb44e463aef1b2976b3fbf8daniel@transgaming.com#include "eap_server/eap_methods.h" 154f39fd99568ce175f04b5ed72062bfed0fa41803daniel@transgaming.com#include "wpabuf.h" 164f39fd99568ce175f04b5ed72062bfed0fa41803daniel@transgaming.com 170578f81c9adb4697a783ee620fae4ebabf42f1dddaniel@transgaming.comstruct eap_sm; 180578f81c9adb4697a783ee620fae4ebabf42f1dddaniel@transgaming.com 190578f81c9adb4697a783ee620fae4ebabf42f1dddaniel@transgaming.com#define EAP_TTLS_AUTH_PAP 1 200578f81c9adb4697a783ee620fae4ebabf42f1dddaniel@transgaming.com#define EAP_TTLS_AUTH_CHAP 2 214f39fd99568ce175f04b5ed72062bfed0fa41803daniel@transgaming.com#define EAP_TTLS_AUTH_MSCHAP 4 224f39fd99568ce175f04b5ed72062bfed0fa41803daniel@transgaming.com#define EAP_TTLS_AUTH_MSCHAPV2 8 234f39fd99568ce175f04b5ed72062bfed0fa41803daniel@transgaming.com 244f39fd99568ce175f04b5ed72062bfed0fa41803daniel@transgaming.comstruct eap_user { 254f39fd99568ce175f04b5ed72062bfed0fa41803daniel@transgaming.com struct { 264f39fd99568ce175f04b5ed72062bfed0fa41803daniel@transgaming.com int vendor; 274f39fd99568ce175f04b5ed72062bfed0fa41803daniel@transgaming.com u32 method; 28183bde5527317fa2208401e5e6b803ef51a0fdcbJamie Madill } methods[EAP_MAX_METHODS]; 29476541f6351d640deaa0735b7177adda483858c3kbr@chromium.org u8 *password; 30476541f6351d640deaa0735b7177adda483858c3kbr@chromium.org size_t password_len; 31476541f6351d640deaa0735b7177adda483858c3kbr@chromium.org int password_hash; /* whether password is hashed with 32476541f6351d640deaa0735b7177adda483858c3kbr@chromium.org * nt_password_hash() */ 33476541f6351d640deaa0735b7177adda483858c3kbr@chromium.org int phase2; 34476541f6351d640deaa0735b7177adda483858c3kbr@chromium.org int force_version; 35476541f6351d640deaa0735b7177adda483858c3kbr@chromium.org unsigned int remediation:1; 36476541f6351d640deaa0735b7177adda483858c3kbr@chromium.org int ttls_auth; /* bitfield of 37476541f6351d640deaa0735b7177adda483858c3kbr@chromium.org * EAP_TTLS_AUTH_{PAP,CHAP,MSCHAP,MSCHAPV2} */ 38476541f6351d640deaa0735b7177adda483858c3kbr@chromium.org}; 39476541f6351d640deaa0735b7177adda483858c3kbr@chromium.org 40476541f6351d640deaa0735b7177adda483858c3kbr@chromium.orgstruct eap_eapol_interface { 41099c0f33a06c76e99ab5496b8cb2eeeb93138865Jamie Madill /* Lower layer to full authenticator variables */ 421566ef70741486c17153a6de1aa00557dc157f18Jamie Madill Boolean eapResp; /* shared with EAPOL Backend Authentication */ 4373bc298e3f0688d40c07c13d94197c4146ae1b49alokp@chromium.org struct wpabuf *eapRespData; 445524db0c05c8df6002489a077b18dd6fd5746448shannon.woods%transgaming.com@gtempaccount.com Boolean portEnabled; 455524db0c05c8df6002489a077b18dd6fd5746448shannon.woods%transgaming.com@gtempaccount.com int retransWhile; 4673bc298e3f0688d40c07c13d94197c4146ae1b49alokp@chromium.org Boolean eapRestart; /* shared with EAPOL Authenticator PAE */ 47476541f6351d640deaa0735b7177adda483858c3kbr@chromium.org int eapSRTT; 480578f81c9adb4697a783ee620fae4ebabf42f1dddaniel@transgaming.com int eapRTTVAR; 490578f81c9adb4697a783ee620fae4ebabf42f1dddaniel@transgaming.com 50183bde5527317fa2208401e5e6b803ef51a0fdcbJamie Madill /* Full authenticator to lower layer variables */ 514888ceb6681c3668d3afcbdafdbe2b7efdaa3d04alokp@chromium.org Boolean eapReq; /* shared with EAPOL Backend Authentication */ 525524db0c05c8df6002489a077b18dd6fd5746448shannon.woods%transgaming.com@gtempaccount.com Boolean eapNoReq; /* shared with EAPOL Backend Authentication */ 530f4cefe9462e53627f02f10b34d76f8665c72521apatrick@chromium.org Boolean eapSuccess; 540f4cefe9462e53627f02f10b34d76f8665c72521apatrick@chromium.org Boolean eapFail; 550578f81c9adb4697a783ee620fae4ebabf42f1dddaniel@transgaming.com Boolean eapTimeout; 560578f81c9adb4697a783ee620fae4ebabf42f1dddaniel@transgaming.com struct wpabuf *eapReqData; 57476541f6351d640deaa0735b7177adda483858c3kbr@chromium.org u8 *eapKeyData; 580578f81c9adb4697a783ee620fae4ebabf42f1dddaniel@transgaming.com size_t eapKeyDataLen; 590578f81c9adb4697a783ee620fae4ebabf42f1dddaniel@transgaming.com Boolean eapKeyAvailable; /* called keyAvailable in IEEE 802.1X-2004 */ 60dc4b4f85516fec32b746d1841c1df00865d96214zmo@google.com 61cbb6b6a0416552b5e3fa8589194288532558ccb8shannon.woods%transgaming.com@gtempaccount.com /* AAA interface to full authenticator variables */ 62099c0f33a06c76e99ab5496b8cb2eeeb93138865Jamie Madill Boolean aaaEapReq; 631566ef70741486c17153a6de1aa00557dc157f18Jamie Madill Boolean aaaEapNoReq; 6475fe6b76d27174fd42ae4235df11a009bb3ed36dalokp@chromium.org Boolean aaaSuccess; 6573bc298e3f0688d40c07c13d94197c4146ae1b49alokp@chromium.org Boolean aaaFail; 6673bc298e3f0688d40c07c13d94197c4146ae1b49alokp@chromium.org struct wpabuf *aaaEapReqData; 6773bc298e3f0688d40c07c13d94197c4146ae1b49alokp@chromium.org u8 *aaaEapKeyData; 6875fe6b76d27174fd42ae4235df11a009bb3ed36dalokp@chromium.org size_t aaaEapKeyDataLen; 694f39fd99568ce175f04b5ed72062bfed0fa41803daniel@transgaming.com Boolean aaaEapKeyAvailable; 705524db0c05c8df6002489a077b18dd6fd5746448shannon.woods%transgaming.com@gtempaccount.com int aaaMethodTimeout; 716b495719afd7d340dadc7440ed55e21732dd92d3alokp@chromium.org 72646ea1ec4b97de7f7f4ad49cd64536269a634cd8alokp@chromium.org /* Full authenticator to AAA interface variables */ 73075edd84dd682b91279132317d34b09e8028ae6fJamie Madill Boolean aaaEapResp; 74c6b3b3c74532d218e8d6240ae58bdbc2a2af40admaxvujovic@gmail.com struct wpabuf *aaaEapRespData; 75075edd84dd682b91279132317d34b09e8028ae6fJamie Madill /* aaaIdentity -> eap_get_identity() */ 76c6b3b3c74532d218e8d6240ae58bdbc2a2af40admaxvujovic@gmail.com Boolean aaaTimeout; 778b851c6db4ba79cbd5b658e799076b8e7a908f6dalokp@chromium.org}; 780578f81c9adb4697a783ee620fae4ebabf42f1dddaniel@transgaming.com 794f39fd99568ce175f04b5ed72062bfed0fa41803daniel@transgaming.comstruct eapol_callbacks { 805c09702f4550e9c5d52eff305e411da06aa11c78Jamie Madill int (*get_eap_user)(void *ctx, const u8 *identity, size_t identity_len, 815c09702f4550e9c5d52eff305e411da06aa11c78Jamie Madill int phase2, struct eap_user *user); 825c09702f4550e9c5d52eff305e411da06aa11c78Jamie Madill const char * (*get_eap_req_id_text)(void *ctx, size_t *len); 83075edd84dd682b91279132317d34b09e8028ae6fJamie Madill}; 84075edd84dd682b91279132317d34b09e8028ae6fJamie Madill 8575fe6b76d27174fd42ae4235df11a009bb3ed36dalokp@chromium.orgstruct eap_config { 86075edd84dd682b91279132317d34b09e8028ae6fJamie Madill void *ssl_ctx; 87075edd84dd682b91279132317d34b09e8028ae6fJamie Madill void *msg_ctx; 88075edd84dd682b91279132317d34b09e8028ae6fJamie Madill void *eap_sim_db_priv; 89075edd84dd682b91279132317d34b09e8028ae6fJamie Madill Boolean backend_auth; 90075edd84dd682b91279132317d34b09e8028ae6fJamie Madill int eap_server; 91075edd84dd682b91279132317d34b09e8028ae6fJamie Madill u16 pwd_group; 920578f81c9adb4697a783ee620fae4ebabf42f1dddaniel@transgaming.com u8 *pac_opaque_encr_key; 930578f81c9adb4697a783ee620fae4ebabf42f1dddaniel@transgaming.com u8 *eap_fast_a_id; 94075edd84dd682b91279132317d34b09e8028ae6fJamie Madill size_t eap_fast_a_id_len; 95075edd84dd682b91279132317d34b09e8028ae6fJamie Madill char *eap_fast_a_id_info; 96075edd84dd682b91279132317d34b09e8028ae6fJamie Madill int eap_fast_prov; 97075edd84dd682b91279132317d34b09e8028ae6fJamie Madill int pac_key_lifetime; 98075edd84dd682b91279132317d34b09e8028ae6fJamie Madill int pac_key_refresh_time; 99075edd84dd682b91279132317d34b09e8028ae6fJamie Madill int eap_sim_aka_result_ind; 100075edd84dd682b91279132317d34b09e8028ae6fJamie Madill int tnc; 101075edd84dd682b91279132317d34b09e8028ae6fJamie Madill struct wps_context *wps; 102075edd84dd682b91279132317d34b09e8028ae6fJamie Madill const struct wpabuf *assoc_wps_ie; 103075edd84dd682b91279132317d34b09e8028ae6fJamie Madill const struct wpabuf *assoc_p2p_ie; 104075edd84dd682b91279132317d34b09e8028ae6fJamie Madill const u8 *peer_addr; 105075edd84dd682b91279132317d34b09e8028ae6fJamie Madill int fragment_size; 106075edd84dd682b91279132317d34b09e8028ae6fJamie Madill 107075edd84dd682b91279132317d34b09e8028ae6fJamie Madill int pbc_in_m1; 108075edd84dd682b91279132317d34b09e8028ae6fJamie Madill 109075edd84dd682b91279132317d34b09e8028ae6fJamie Madill const u8 *server_id; 110075edd84dd682b91279132317d34b09e8028ae6fJamie Madill size_t server_id_len; 111075edd84dd682b91279132317d34b09e8028ae6fJamie Madill}; 112075edd84dd682b91279132317d34b09e8028ae6fJamie Madill 1138b851c6db4ba79cbd5b658e799076b8e7a908f6dalokp@chromium.org 1147a217defadc01251788efe9a9eae20a2cc9f5884Jamie Madillstruct eap_sm * eap_server_sm_init(void *eapol_ctx, 11573bc298e3f0688d40c07c13d94197c4146ae1b49alokp@chromium.org struct eapol_callbacks *eapol_cb, 11609c323a40ad0de489eee946bfe171d337616e09czmo@google.com struct eap_config *eap_conf); 1175d287f508ba9817e86d1cf98f00346841700505cJamie Madillvoid eap_server_sm_deinit(struct eap_sm *sm); 118075edd84dd682b91279132317d34b09e8028ae6fJamie Madillint eap_server_sm_step(struct eap_sm *sm); 119075edd84dd682b91279132317d34b09e8028ae6fJamie Madillvoid eap_sm_notify_cached(struct eap_sm *sm); 12075fe6b76d27174fd42ae4235df11a009bb3ed36dalokp@chromium.orgvoid eap_sm_pending_cb(struct eap_sm *sm); 12175fe6b76d27174fd42ae4235df11a009bb3ed36dalokp@chromium.orgint eap_sm_method_pending(struct eap_sm *sm); 12275fe6b76d27174fd42ae4235df11a009bb3ed36dalokp@chromium.orgconst u8 * eap_get_identity(struct eap_sm *sm, size_t *len); 123075edd84dd682b91279132317d34b09e8028ae6fJamie Madillstruct eap_eapol_interface * eap_get_interface(struct eap_sm *sm); 124075edd84dd682b91279132317d34b09e8028ae6fJamie Madillvoid eap_server_clear_identity(struct eap_sm *sm); 1250578f81c9adb4697a783ee620fae4ebabf42f1dddaniel@transgaming.com 12675fe6b76d27174fd42ae4235df11a009bb3ed36dalokp@chromium.org#endif /* EAP_H */ 1270f376cacdd038ce691e9cba262be1dd770959785shannonwoods@chromium.org