eap_i.h

Go to the documentation of this file.
00001 
00016 #ifndef EAP_I_H
00017 #define EAP_I_H
00018 
00019 #include "wpabuf.h"
00020 #include "eap_server/eap.h"
00021 #include "eap_common/eap_common.h"
00022 
00023 /* RFC 4137 - EAP Standalone Authenticator */
00024 
00032 struct eap_method {
00033         int vendor;
00034         EapType method;
00035         const char *name;
00036 
00037         void * (*init)(struct eap_sm *sm);
00038         void * (*initPickUp)(struct eap_sm *sm);
00039         void (*reset)(struct eap_sm *sm, void *priv);
00040 
00041         struct wpabuf * (*buildReq)(struct eap_sm *sm, void *priv, u8 id);
00042         int (*getTimeout)(struct eap_sm *sm, void *priv);
00043         Boolean (*check)(struct eap_sm *sm, void *priv,
00044                          struct wpabuf *respData);
00045         void (*process)(struct eap_sm *sm, void *priv,
00046                         struct wpabuf *respData);
00047         Boolean (*isDone)(struct eap_sm *sm, void *priv);
00048         u8 * (*getKey)(struct eap_sm *sm, void *priv, size_t *len);
00049         /* isSuccess is not specified in draft-ietf-eap-statemachine-05.txt,
00050          * but it is useful in implementing Policy.getDecision() */
00051         Boolean (*isSuccess)(struct eap_sm *sm, void *priv);
00052 
00067         void (*free)(struct eap_method *method);
00068 
00069 #define EAP_SERVER_METHOD_INTERFACE_VERSION 1
00070 
00079         int version;
00080 
00088         struct eap_method *next;
00089 
00102         u8 * (*get_emsk)(struct eap_sm *sm, void *priv, size_t *len);
00103 };
00104 
00109 struct eap_sm {
00110         enum {
00111                 EAP_DISABLED, EAP_INITIALIZE, EAP_IDLE, EAP_RECEIVED,
00112                 EAP_INTEGRITY_CHECK, EAP_METHOD_RESPONSE, EAP_METHOD_REQUEST,
00113                 EAP_PROPOSE_METHOD, EAP_SELECT_ACTION, EAP_SEND_REQUEST,
00114                 EAP_DISCARD, EAP_NAK, EAP_RETRANSMIT, EAP_SUCCESS, EAP_FAILURE,
00115                 EAP_TIMEOUT_FAILURE, EAP_PICK_UP_METHOD,
00116                 EAP_INITIALIZE_PASSTHROUGH, EAP_IDLE2, EAP_RETRANSMIT2,
00117                 EAP_RECEIVED2, EAP_DISCARD2, EAP_SEND_REQUEST2,
00118                 EAP_AAA_REQUEST, EAP_AAA_RESPONSE, EAP_AAA_IDLE,
00119                 EAP_TIMEOUT_FAILURE2, EAP_FAILURE2, EAP_SUCCESS2
00120         } EAP_state;
00121 
00122         /* Constants */
00123         int MaxRetrans;
00124 
00125         struct eap_eapol_interface eap_if;
00126 
00127         /* Full authenticator state machine local variables */
00128 
00129         /* Long-term (maintained betwen packets) */
00130         EapType currentMethod;
00131         int currentId;
00132         enum {
00133                 METHOD_PROPOSED, METHOD_CONTINUE, METHOD_END
00134         } methodState;
00135         int retransCount;
00136         struct wpabuf *lastReqData;
00137         int methodTimeout;
00138 
00139         /* Short-term (not maintained between packets) */
00140         Boolean rxResp;
00141         int respId;
00142         EapType respMethod;
00143         int respVendor;
00144         u32 respVendorMethod;
00145         Boolean ignore;
00146         enum {
00147                 DECISION_SUCCESS, DECISION_FAILURE, DECISION_CONTINUE,
00148                 DECISION_PASSTHROUGH
00149         } decision;
00150 
00151         /* Miscellaneous variables */
00152         const struct eap_method *m; /* selected EAP method */
00153         /* not defined in RFC 4137 */
00154         Boolean changed;
00155         void *eapol_ctx, *msg_ctx;
00156         struct eapol_callbacks *eapol_cb;
00157         void *eap_method_priv;
00158         u8 *identity;
00159         size_t identity_len;
00160         /* Whether Phase 2 method should validate identity match */
00161         int require_identity_match;
00162         int lastId; /* Identifier used in the last EAP-Packet */
00163         struct eap_user *user;
00164         int user_eap_method_index;
00165         int init_phase2;
00166         void *ssl_ctx;
00167         void *eap_sim_db_priv;
00168         Boolean backend_auth;
00169         Boolean update_user;
00170         int eap_server;
00171 
00172         int num_rounds;
00173         enum {
00174                 METHOD_PENDING_NONE, METHOD_PENDING_WAIT, METHOD_PENDING_CONT
00175         } method_pending;
00176 
00177         u8 *auth_challenge;
00178         u8 *peer_challenge;
00179 
00180         u8 *pac_opaque_encr_key;
00181         u8 *eap_fast_a_id;
00182         size_t eap_fast_a_id_len;
00183         char *eap_fast_a_id_info;
00184         enum {
00185                 NO_PROV, ANON_PROV, AUTH_PROV, BOTH_PROV
00186         } eap_fast_prov;
00187         int pac_key_lifetime;
00188         int pac_key_refresh_time;
00189         int eap_sim_aka_result_ind;
00190         int tnc;
00191         struct wps_context *wps;
00192         struct wpabuf *assoc_wps_ie;
00193 
00194         Boolean start_reauth;
00195 
00196         u8 peer_addr[ETH_ALEN];
00197 };
00198 
00199 int eap_user_get(struct eap_sm *sm, const u8 *identity, size_t identity_len,
00200                  int phase2);
00201 void eap_sm_process_nak(struct eap_sm *sm, const u8 *nak_list, size_t len);
00202 
00203 #endif /* EAP_I_H */
00204
 All Data Structures Files Functions Variables Typedefs Enumerations Enumerator Defines
Generated on Sat Nov 21 23:16:51 2009 for hostapd by  doxygen 1.6.1