aboutsummaryrefslogtreecommitdiffstats
path: root/src/eapol_auth/eapol_auth_sm.h
diff options
context:
space:
mode:
authorJouni Malinen <j@w1.fi>2014-11-29 19:28:24 (GMT)
committerJouni Malinen <j@w1.fi>2014-12-04 10:16:27 (GMT)
commitd3bddd8b84dc345f7aa0c20536f45a68e0a5ba85 (patch)
treef0c4554d3333a842697020f28d1b0c98929f2bec /src/eapol_auth/eapol_auth_sm.h
parente2ee327b191d2c64c31f3f535cc42e955fb084a4 (diff)
downloadhostap-d3bddd8b84dc345f7aa0c20536f45a68e0a5ba85.zip
hostap-d3bddd8b84dc345f7aa0c20536f45a68e0a5ba85.tar.gz
hostap-d3bddd8b84dc345f7aa0c20536f45a68e0a5ba85.tar.bz2
ERP: Add support for ERP on EAP server and authenticator
Derive rRK and rIK on EAP server if ERP is enabled and use these keys to allow EAP re-authentication to be used and to derive rMSK. The new hostapd configuration parameter eap_server_erp=1 can now be used to configure the integrated EAP server to derive EMSK, rRK, and rIK at the successful completion of an EAP authentication method. This functionality is not included in the default build and can be enabled with CONFIG_ERP=y. Signed-off-by: Jouni Malinen <j@w1.fi>
Diffstat (limited to 'src/eapol_auth/eapol_auth_sm.h')
-rw-r--r--src/eapol_auth/eapol_auth_sm.h5
1 files changed, 5 insertions, 0 deletions
diff --git a/src/eapol_auth/eapol_auth_sm.h b/src/eapol_auth/eapol_auth_sm.h
index 90194d1..ebed19a 100644
--- a/src/eapol_auth/eapol_auth_sm.h
+++ b/src/eapol_auth/eapol_auth_sm.h
@@ -26,6 +26,7 @@ struct eapol_auth_config {
size_t eap_req_id_text_len;
int erp_send_reauth_start;
char *erp_domain; /* a copy of this will be allocated */
+ int erp; /* Whether ERP is enabled on authentication server */
u8 *pac_opaque_encr_key;
u8 *eap_fast_a_id;
size_t eap_fast_a_id_len;
@@ -47,6 +48,7 @@ struct eapol_auth_config {
};
struct eap_user;
+struct eap_server_erp_key;
typedef enum {
EAPOL_LOGGER_DEBUG, EAPOL_LOGGER_INFO, EAPOL_LOGGER_WARNING
@@ -73,6 +75,9 @@ struct eapol_auth_cb {
void (*abort_auth)(void *ctx, void *sta_ctx);
void (*tx_key)(void *ctx, void *sta_ctx);
void (*eapol_event)(void *ctx, void *sta_ctx, enum eapol_event type);
+ struct eap_server_erp_key * (*erp_get_key)(void *ctx,
+ const char *keyname);
+ int (*erp_add_key)(void *ctx, struct eap_server_erp_key *erp);
};