path: root/src/eapol_auth/eapol_auth_sm.h
Commit message (Collapse)AuthorAgeFilesLines
* EAP server: Add tls_session_lifetime configurationJouni Malinen2015-08-231-0/+1
| | | | | | | | | | This new hostapd configuration parameter can be used to enable TLS session resumption. This commit adds the configuration parameter through the configuration system and RADIUS/EAPOL/EAP server components. The actual changes to enable session caching will be addressed in followup commits. Signed-off-by: Jouni Malinen <j@w1.fi>
* Add EAPOL_SET hostapd command to configure EAPOL parametersJouni Malinen2015-07-121-0/+2
| | | | | | | | This new control interface command "EAPOL_REAUTH <MAC address> <parameter> <value>" can be used to implement the IEEE 802.1X PAE Set Authenticator Configuration operation. Signed-off-by: Jouni Malinen <j@w1.fi>
* Add EAPOL_REAUTH hostapd command to trigger EAPOL reauthenticationJouni Malinen2015-07-121-1/+2
| | | | | | | This new control interface command "EAPOL_REAUTH <MAC address>" can be used to implement the IEEE 802.1X PAE Reauthenticate operation. Signed-off-by: Jouni Malinen <j@w1.fi>
* ERP: Add support for ERP on EAP server and authenticatorJouni Malinen2014-12-041-0/+5
| | | | | | | | | | | | | Derive rRK and rIK on EAP server if ERP is enabled and use these keys to allow EAP re-authentication to be used and to derive rMSK. The new hostapd configuration parameter eap_server_erp=1 can now be used to configure the integrated EAP server to derive EMSK, rRK, and rIK at the successful completion of an EAP authentication method. This functionality is not included in the default build and can be enabled with CONFIG_ERP=y. Signed-off-by: Jouni Malinen <j@w1.fi>
* ERP: Add optional EAP-Initiate/Re-auth-Start transmissionJouni Malinen2014-12-041-0/+2
| | | | | | | | | hostapd can now be configured to transmit EAP-Initiate/Re-auth-Start before EAP-Request/Identity to try to initiate ERP. This is disabled by default and can be enabled with erp_send_reauth_start=1 and optional erp_reauth_start_domain=<domain>. Signed-off-by: Jouni Malinen <j@w1.fi>
* HS 2.0R2: RADIUS server support to request Subscr RemediationJouni Malinen2014-02-251-1/+2
| | | | | | | | | The new hostapd.conf parameter subscr_remediation_url can be used to define the URL of the Subscription Remediation Server that will be added in a WFA VSA to Access-Accept message if the SQLite user database indicates that the user need subscription remediation. Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* Convert EAPOL authenticator dump into easier to parse formatJouni Malinen2014-01-021-2/+2
| | | | | | | Use name=value entries one per each line and rename the state entries to have unique names. Signed-hostap: Jouni Malinen <j@w1.fi>
* Add server identity configuration for EAP serverJouni Malinen2013-07-071-0/+2
| | | | | | | | The new server_id parameter in hostapd.conf can now be used to specify which identity is delivered to the EAP peer with EAP methods that support authenticated server identity. Signed-hostap: Jouni Malinen <j@w1.fi>
* Initialize EAPOL auth identity/cui with STA entry dataMichael Braun2012-08-191-1/+2
| | | | | | | If RADIUS ACL was used for the STA, identity/cui may already be known at this point. Signed-hostap: Michael Braun <michael-dev@fami-braun.de>
* Remove the GPL notification from files contributed by Jouni MalinenJouni Malinen2012-02-111-8/+2
| | | | | | | Remove the GPL notification text from the files that were initially contributed by myself. Signed-hostap: Jouni Malinen <j@w1.fi>
* WPS: Add a workaround for Windows 7 capability discovery for PBCJouni Malinen2011-05-171-0/+1
| | | | | | | | | | | | Windows 7 uses incorrect way of figuring out AP's WPS capabilities by acting as a Registrar and using M1 from the AP. The config methods attribute in that message is supposed to indicate only the configuration method supported by the AP in Enrollee role, i.e., to add an external Registrar. For that case, PBC shall not be used and as such, the PushButton config method is removed from M1 by default. If pbc_in_m1=1 is included in the configuration file, the PushButton config method is left in M1 (if included in config_methods parameter) to allow Windows 7 to use PBC instead of PIN (e.g., from a label in the AP).
* EAP-pwd: Add support for EAP-pwd server and peer functionalityDan Harkins2010-09-151-0/+1
| | | | | This adds an initial EAP-pwd (RFC 5931) implementation. For now, this requires OpenSSL.
* P2P: Use PSK format in WPS CredentialJouni Malinen2010-09-091-1/+2
* EAP server: Add support for configuring fragment sizeJouni Malinen2010-07-211-0/+1
* AP: Add wpa_msg() events for EAP server state machineGregory Detal2010-04-071-0/+1
* Move internal EAPOL authenticator defines into their own fileJouni Malinen2009-11-291-170/+4
| | | | | | | | This is an initial step in further cleaning up the EAPOL authenticator use to avoid requiring direct accesses to the internal data structures. For now, number of external files are still including the internal definitions from eapol_auth_sm_i.h, but eventually, these direct references should be removed.
* Move EAPOL authenticator state machine into src/eapol_authJouni Malinen2009-11-291-0/+254
This is now completely independent from hostapd-specific code, so it can be moved to be under the src tree.