wpa_supplicant/devel/eap__server_2eap__i_8h_source.html

 #ifndef EAP_I_H

 #define EAP_I_H


 #include "wpabuf.h"

 #include "eap_server/eap.h"

 #include "eap_common/eap_common.h"


 /* RFC 4137 - EAP Standalone Authenticator */


 struct eap_method {

         int vendor;

         EapType method;

         const char *name;


         void * (*init)(struct eap_sm *sm);

         void * (*initPickUp)(struct eap_sm *sm);

         void (*reset)(struct eap_sm *sm, void *priv);


         struct wpabuf * (*buildReq)(struct eap_sm *sm, void *priv, u8 id);

         int (*getTimeout)(struct eap_sm *sm, void *priv);

         Boolean (*check)(struct eap_sm *sm, void *priv,

                          struct wpabuf *respData);

         void (*process)(struct eap_sm *sm, void *priv,

                         struct wpabuf *respData);

         Boolean (*isDone)(struct eap_sm *sm, void *priv);

         u8 * (*getKey)(struct eap_sm *sm, void *priv, size_t *len);

         /* isSuccess is not specified in draft-ietf-eap-statemachine-05.txt,

          * but it is useful in implementing Policy.getDecision() */

         Boolean (*isSuccess)(struct eap_sm *sm, void *priv);


         void (*free)(struct eap_method *method);


 #define EAP_SERVER_METHOD_INTERFACE_VERSION 1


         int version;


         struct eap_method *next;


         u8 * (*get_emsk)(struct eap_sm *sm, void *priv, size_t *len);


         u8 * (*getSessionId)(struct eap_sm *sm, void *priv, size_t *len);

 };


 struct eap_sm {

         enum {

                 EAP_DISABLED, EAP_INITIALIZE, EAP_IDLE, EAP_RECEIVED,

                 EAP_INTEGRITY_CHECK, EAP_METHOD_RESPONSE, EAP_METHOD_REQUEST,

                 EAP_PROPOSE_METHOD, EAP_SELECT_ACTION, EAP_SEND_REQUEST,

                 EAP_DISCARD, EAP_NAK, EAP_RETRANSMIT, EAP_SUCCESS, EAP_FAILURE,

                 EAP_TIMEOUT_FAILURE, EAP_PICK_UP_METHOD,

                 EAP_INITIALIZE_PASSTHROUGH, EAP_IDLE2, EAP_RETRANSMIT2,

                 EAP_RECEIVED2, EAP_DISCARD2, EAP_SEND_REQUEST2,

                 EAP_AAA_REQUEST, EAP_AAA_RESPONSE, EAP_AAA_IDLE,

                 EAP_TIMEOUT_FAILURE2, EAP_FAILURE2, EAP_SUCCESS2,

                 EAP_INITIATE_REAUTH_START, EAP_INITIATE_RECEIVED

         } EAP_state;


         /* Constants */

         int MaxRetrans;


         struct eap_eapol_interface eap_if;


         /* Full authenticator state machine local variables */


         /* Long-term (maintained between packets) */

         EapType currentMethod;

         int currentId;

         enum {

                 METHOD_PROPOSED, METHOD_CONTINUE, METHOD_END

         } methodState;

         int retransCount;

         struct wpabuf *lastReqData;

         int methodTimeout;


         /* Short-term (not maintained between packets) */

         Boolean rxResp;

         Boolean rxInitiate;

         int respId;

         EapType respMethod;

         int respVendor;

         u32 respVendorMethod;

         Boolean ignore;

         enum {

                 DECISION_SUCCESS, DECISION_FAILURE, DECISION_CONTINUE,

                 DECISION_PASSTHROUGH, DECISION_INITIATE_REAUTH_START

         } decision;


         /* Miscellaneous variables */

         const struct eap_method *m; /* selected EAP method */

         /* not defined in RFC 4137 */

         Boolean changed;

         void *eapol_ctx, *msg_ctx;

         const struct eapol_callbacks *eapol_cb;

         void *eap_method_priv;

         u8 *identity;

         size_t identity_len;

         /* Whether Phase 2 method should validate identity match */

         int require_identity_match;

         int lastId; /* Identifier used in the last EAP-Packet */

         struct eap_user *user;

         int user_eap_method_index;

         int init_phase2;

         void *ssl_ctx;

         struct eap_sim_db_data *eap_sim_db_priv;

         Boolean backend_auth;

         Boolean update_user;

         int eap_server;


         int num_rounds;

         enum {

                 METHOD_PENDING_NONE, METHOD_PENDING_WAIT, METHOD_PENDING_CONT

         } method_pending;


         u8 *auth_challenge;

         u8 *peer_challenge;


         u8 *pac_opaque_encr_key;

         u8 *eap_fast_a_id;

         size_t eap_fast_a_id_len;

         char *eap_fast_a_id_info;

         enum {

                 NO_PROV, ANON_PROV, AUTH_PROV, BOTH_PROV

         } eap_fast_prov;

         int pac_key_lifetime;

         int pac_key_refresh_time;

         int eap_sim_aka_result_ind;

         int tnc;

         u16 pwd_group;

         struct wps_context *wps;

         struct wpabuf *assoc_wps_ie;

         struct wpabuf *assoc_p2p_ie;


         Boolean start_reauth;


         u8 peer_addr[ETH_ALEN];


         /* Fragmentation size for EAP method init() handler */

         int fragment_size;


         int pbc_in_m1;


         const u8 *server_id;

         size_t server_id_len;


         Boolean initiate_reauth_start_sent;

         Boolean try_initiate_reauth;

         int erp;

         unsigned int tls_session_lifetime;


 #ifdef CONFIG_TESTING_OPTIONS

         u32 tls_test_flags;

 #endif /* CONFIG_TESTING_OPTIONS */

 };


 int eap_user_get(struct eap_sm *sm, const u8 *identity, size_t identity_len,

                  int phase2);

 void eap_log_msg(struct eap_sm *sm, const char *fmt, ...)

 PRINTF_FORMAT(2, 3);

 void eap_sm_process_nak(struct eap_sm *sm, const u8 *nak_list, size_t len);


 #endif /* EAP_I_H */

eap_method::process
struct wpabuf *(* process)(struct eap_sm *sm, void *priv, struct eap_method_ret *ret, const struct wpabuf *reqData)
Process an EAP request.
Definition: eap_i.h:120

eap_method::vendor
int vendor
EAP Vendor-ID (EAP_VENDOR_*) (0 = IETF)
Definition: eap_i.h:70

wpabuf
Definition: wpabuf.h:16

eap_method::next
struct eap_method * next
Pointer to the next EAP method.
Definition: eap_i.h:246

eap_user
Definition: eap.h:21

eap_eapol_interface
Definition: eap.h:39

wpabuf.h
Dynamic data buffer.

eap_sim_db_data
Definition: eap_sim_db.c:56

eap_method::method
EapType method
EAP type number (EAP_TYPE_*)
Definition: eap_i.h:76

eap_method::free
void(* free)(struct eap_method *method)
Free EAP method data.
Definition: eap_i.h:225

eap_sm_process_nak
void void eap_sm_process_nak(struct eap_sm *sm, const u8 *nak_list, size_t len)
Process EAP-Response/Nak.
Definition: eap_server.c:1580

eapol_callbacks
Callback functions from EAP to lower layer.
Definition: eap.h:147

eap_method::name
const char * name
Name of the method (e.g., "TLS")
Definition: eap_i.h:82

eap.h
hostapd / EAP Full Authenticator state machine (RFC 4137)

eapol_ctx
Global (for all networks) EAPOL state machine context.
Definition: eapol_supp_sm.h:87

eap_user_get
int eap_user_get(struct eap_sm *sm, const u8 *identity, size_t identity_len, int phase2)
Fetch user information from the database.
Definition: eap_server.c:158

eap_common.h
EAP common peer/server definitions.

eap_method::version
int version
Version of the EAP peer method interface.
Definition: eap_i.h:237

eap_sm
EAP state machine data.
Definition: eap_i.h:302

wps_context
Long term WPS context data.
Definition: wps.h:623

eap_method
EAP method interface This structure defines the EAP method interface. Each method will need to regist...
Definition: eap_i.h:65