path: root/src/eap_common/eap_defs.h
Commit message (Collapse)AuthorAgeFilesLines
* Replace EapType typedef with enum eap_typeJouni Malinen2019-08-171-2/+2
| | | | | | | This cleans up coding style of the EAP implementation by avoiding typedef of an enum hiding the type of the variables. Signed-off-by: Jouni Malinen <j@w1.fi>
* EAP-TEAP server and peer implementation (RFC 7170)Jouni Malinen2019-07-091-0/+1
| | | | | | | | | | | | | | | | | This adds support for a new EAP method: EAP-TEAP (Tunnel Extensible Authentication Protocol). This should be considered experimental since RFC 7170 has number of conflicting statements and missing details to allow unambiguous interpretation. As such, there may be interoperability issues with other implementations and this version should not be deployed for production purposes until those unclear areas are resolved. This does not yet support use of NewSessionTicket message to deliver a new PAC (either in the server or peer implementation). In other words, only the in-tunnel distribution of PAC-Opaque is supported for now. Use of the NewSessionTicket mechanism would require TLS library support to allow arbitrary data to be specified as the contents of the message. Signed-off-by: Jouni Malinen <j@w1.fi>
* ERP: Add defines for EAP Re-Authentication ProtocolJouni Malinen2014-12-031-2/+32
| | | | Signed-off-by: Jouni Malinen <j@w1.fi>
* HS 2.0R2: Add WFA server-only EAP-TLS peer methodJouni Malinen2014-02-251-2/+5
| | | | Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* EAP-EKE: Add peer implementationJouni Malinen2013-07-071-0/+1
| | | | | | This adds a new password-based EAP method defined in RFC 6124. Signed-hostap: Jouni Malinen <j@w1.fi>
* Add UNAUTH-TLS vendor specific EAP typeJouni Malinen2012-08-221-0/+3
| | | | | | | | | | | | | | | This EAP type uses a vendor specific expanded EAP header to encapsulate EAP-TLS with a configuration where the EAP server does not authenticate the EAP peer. In other words, this method includes only server authentication. The peer is configured with only the ca_cert parameter (similarly to other TLS-based EAP methods). This method can be used for cases where the network provides free access to anyone, but use of RSN with a securely derived unique PMK for each station is desired. The expanded EAP header uses the hostapd/wpa_supplicant vendor code 39068 and vendor type 1 to identify the UNAUTH-TLS method. Signed-hostap: Jouni Malinen <j@w1.fi>
* Use proper private enterprise number for EAP VENDOR-TESTJouni Malinen2012-08-221-1/+2
| | | | | | | Now that the project has its own code, it should be used with the VENDOR-TEST EAP method. Signed-hostap: Jouni Malinen <j@w1.fi>
* EAP-AKA': Update to RFC 5448Jouni Malinen2012-05-021-1/+1
| | | | | | | | | | | | | | | There was a technical change between the last IETF draft version (draft-arkko-eap-aka-kdf-10) and RFC 5448 in the leading characters used in the username (i.e., use unique characters for EAP-AKA' instead of reusing the EAP-AKA ones). This commit updates EAP-AKA' server and peer implementations to use the leading characters based on the final RFC. Note: This will make EAP-AKA' not interoperate between the earlier draft version and the new version. Signed-hostap: Jouni Malinen <j@w1.fi> intended-for: hostap-1
* Remove the GPL notification from files contributed by Jouni MalinenJouni Malinen2012-02-111-8/+2
| | | | | | | Remove the GPL notification text from the files that were initially contributed by myself. Signed-hostap: Jouni Malinen <j@w1.fi>
* EAP-pwd: Add support for EAP-pwd server and peer functionalityDan Harkins2010-09-151-0/+1
| | | | | This adds an initial EAP-pwd (RFC 5931) implementation. For now, this requires OpenSSL.
* Update EAP-GPSK references from internet draft to RFC 5433Jouni Malinen2009-02-261-1/+1
* IANA allocated EAP method type 51 to EAP-GPSKJouni Malinen2008-12-201-3/+2
* Add a starting point for EAP-AKA' (draft-arkko-eap-aka-kdf-10)Jouni Malinen2008-12-021-0/+1
| | | | | | | | | | | | | This is just making an as-is copy of EAP-AKA server and peer implementation into a new file and by using the different EAP method type that is allocated for EAP-AKA' (50). None of the other differences between EAP-AKA and EAP-AKA' are not yet included. It is likely that once EAP-AKA' implementation is done and is found to work correctly, large part of the EAP-AKA and EAP-AKA' code will be shared. However, it is not reasonable to destabilize EAP-AKA implementation at this point before it is clearer what the final differences will be.
* Updated EAP-TTLSv0 references to use RFC 5281Jouni Malinen2008-08-161-1/+1
* TNC: Added preliminary code for IF-TNCCS-SOH server side supportJouni Malinen2008-03-301-0/+1
| | | | | | | If TNC is enabled, PEAPv0 server is now sending out SoH request to initiate IF-TNCCS-SOH (Microsoft NAP / Statement of Health) handshake. The results are currently only shown in debug log and they do not affect authentication or authorization result.
* Re-initialize hostapd/wpa_supplicant git repository based on 0.6.3 releaseJouni Malinen2008-02-281-0/+84