1/*
2 * IEEE 802.1X-2004 Authenticator - EAPOL state machine
3 * Copyright (c) 2002-2009, Jouni Malinen <j@w1.fi>
4 *
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
7 */
8
9#ifndef EAPOL_AUTH_SM_H
10#define EAPOL_AUTH_SM_H
11
12#define EAPOL_SM_PREAUTH BIT(0)
13#define EAPOL_SM_WAIT_START BIT(1)
14#define EAPOL_SM_USES_WPA BIT(2)
15#define EAPOL_SM_FROM_PMKSA_CACHE BIT(3)
16
17struct eapol_auth_config {
18	int eap_reauth_period;
19	int wpa;
20	int individual_wep_key_len;
21	int eap_server;
22	void *ssl_ctx;
23	void *msg_ctx;
24	void *eap_sim_db_priv;
25	char *eap_req_id_text; /* a copy of this will be allocated */
26	size_t eap_req_id_text_len;
27	int erp_send_reauth_start;
28	char *erp_domain; /* a copy of this will be allocated */
29	int erp; /* Whether ERP is enabled on authentication server */
30	u8 *pac_opaque_encr_key;
31	u8 *eap_fast_a_id;
32	size_t eap_fast_a_id_len;
33	char *eap_fast_a_id_info;
34	int eap_fast_prov;
35	int pac_key_lifetime;
36	int pac_key_refresh_time;
37	int eap_sim_aka_result_ind;
38	int tnc;
39	struct wps_context *wps;
40	int fragment_size;
41	u16 pwd_group;
42	int pbc_in_m1;
43	const u8 *server_id;
44	size_t server_id_len;
45
46	/* Opaque context pointer to owner data for callback functions */
47	void *ctx;
48};
49
50struct eap_user;
51struct eap_server_erp_key;
52
53typedef enum {
54	EAPOL_LOGGER_DEBUG, EAPOL_LOGGER_INFO, EAPOL_LOGGER_WARNING
55} eapol_logger_level;
56
57enum eapol_event {
58	EAPOL_AUTH_SM_CHANGE,
59	EAPOL_AUTH_REAUTHENTICATE
60};
61
62struct eapol_auth_cb {
63	void (*eapol_send)(void *ctx, void *sta_ctx, u8 type, const u8 *data,
64			   size_t datalen);
65	void (*aaa_send)(void *ctx, void *sta_ctx, const u8 *data,
66			 size_t datalen);
67	void (*finished)(void *ctx, void *sta_ctx, int success, int preauth,
68			 int remediation);
69	int (*get_eap_user)(void *ctx, const u8 *identity, size_t identity_len,
70			    int phase2, struct eap_user *user);
71	int (*sta_entry_alive)(void *ctx, const u8 *addr);
72	void (*logger)(void *ctx, const u8 *addr, eapol_logger_level level,
73		       const char *txt);
74	void (*set_port_authorized)(void *ctx, void *sta_ctx, int authorized);
75	void (*abort_auth)(void *ctx, void *sta_ctx);
76	void (*tx_key)(void *ctx, void *sta_ctx);
77	void (*eapol_event)(void *ctx, void *sta_ctx, enum eapol_event type);
78	struct eap_server_erp_key * (*erp_get_key)(void *ctx,
79						   const char *keyname);
80	int (*erp_add_key)(void *ctx, struct eap_server_erp_key *erp);
81};
82
83
84struct eapol_authenticator * eapol_auth_init(struct eapol_auth_config *conf,
85					     struct eapol_auth_cb *cb);
86void eapol_auth_deinit(struct eapol_authenticator *eapol);
87struct eapol_state_machine *
88eapol_auth_alloc(struct eapol_authenticator *eapol, const u8 *addr,
89		 int flags, const struct wpabuf *assoc_wps_ie,
90		 const struct wpabuf *assoc_p2p_ie, void *sta_ctx,
91		 const char *identity, const char *radius_cui);
92void eapol_auth_free(struct eapol_state_machine *sm);
93void eapol_auth_step(struct eapol_state_machine *sm);
94int eapol_auth_dump_state(struct eapol_state_machine *sm, char *buf,
95			  size_t buflen);
96int eapol_auth_eap_pending_cb(struct eapol_state_machine *sm, void *ctx);
97
98#endif /* EAPOL_AUTH_SM_H */
99