wpa_supplicant / hostapd  2.5
 All Data Structures Files Functions Variables Typedefs Enumerations Enumerator Macros Pages
eapol_supp_sm.h
Go to the documentation of this file.
1 
5 #ifndef EAPOL_SUPP_SM_H
6 #define EAPOL_SUPP_SM_H
7 
8 #include "common/defs.h"
9 
10 typedef enum { Unauthorized, Authorized } PortStatus;
11 typedef enum { Auto, ForceUnauthorized, ForceAuthorized } PortControl;
12 
17 struct eapol_config {
27  int accept_802_1x_keys;
28 
29 #define EAPOL_REQUIRE_KEY_UNICAST BIT(0)
30 #define EAPOL_REQUIRE_KEY_BROADCAST BIT(1)
31 
39  int required_keys;
40 
45  int fast_reauth;
46 
51  unsigned int workaround;
52 
57  int eap_disabled;
58 
63  int external_sim;
64 
65 #define EAPOL_LOCAL_WPS_IN_USE BIT(0)
66 #define EAPOL_PEER_IS_WPS20_AP BIT(1)
67 
71  int wps;
72 };
73 
74 struct eapol_sm;
75 struct wpa_config_blob;
76 
77 enum eapol_supp_result {
78  EAPOL_SUPP_RESULT_FAILURE,
79  EAPOL_SUPP_RESULT_SUCCESS,
80  EAPOL_SUPP_RESULT_EXPECTED_FAILURE
81 };
82 
87 struct eapol_ctx {
92  void *ctx;
93 
101  int preauth;
102 
114  void (*cb)(struct eapol_sm *eapol, enum eapol_supp_result result,
115  void *ctx);
116 
121  void *cb_ctx;
122 
127  void *msg_ctx;
128 
135  void *scard_ctx;
136 
141  void *eapol_send_ctx;
142 
151  void (*eapol_done_cb)(void *ctx);
152 
161  int (*eapol_send)(void *ctx, int type, const u8 *buf, size_t len);
162 
172  int (*set_wep_key)(void *ctx, int unicast, int keyidx,
173  const u8 *key, size_t keylen);
174 
183  void (*set_config_blob)(void *ctx, struct wpa_config_blob *blob);
184 
191  const struct wpa_config_blob * (*get_config_blob)(void *ctx,
192  const char *name);
193 
198  void (*aborted_cached)(void *ctx);
199 
207  const char *opensc_engine_path;
208 
216  const char *pkcs11_engine_path;
217 
226  const char *pkcs11_module_path;
227 
236  const char *openssl_ciphers;
237 
244  struct wps_context *wps;
245 
252  void (*eap_param_needed)(void *ctx, enum wpa_ctrl_req_type field,
253  const char *txt);
254 
260  void (*port_cb)(void *ctx, int authorized);
261 
272  void (*cert_cb)(void *ctx, int depth, const char *subject,
273  const char *altsubject[], int num_altsubject,
274  const char *cert_hash, const struct wpabuf *cert);
275 
280  int cert_in_cb;
281 
288  void (*status_cb)(void *ctx, const char *status,
289  const char *parameter);
290 
291 #ifdef CONFIG_EAP_PROXY
292 
296  void (*eap_proxy_cb)(void *ctx);
297 #endif /* CONFIG_EAP_PROXY */
298 
305  void (*set_anon_id)(void *ctx, const u8 *id, size_t len);
306 };
307 
308 
309 struct eap_peer_config;
310 struct ext_password_data;
311 
312 #ifdef IEEE8021X_EAPOL
313 struct eapol_sm *eapol_sm_init(struct eapol_ctx *ctx);
314 void eapol_sm_deinit(struct eapol_sm *sm);
315 void eapol_sm_step(struct eapol_sm *sm);
316 int eapol_sm_get_status(struct eapol_sm *sm, char *buf, size_t buflen,
317  int verbose);
318 int eapol_sm_get_mib(struct eapol_sm *sm, char *buf, size_t buflen);
319 void eapol_sm_configure(struct eapol_sm *sm, int heldPeriod, int authPeriod,
320  int startPeriod, int maxStart);
321 int eapol_sm_rx_eapol(struct eapol_sm *sm, const u8 *src, const u8 *buf,
322  size_t len);
323 void eapol_sm_notify_tx_eapol_key(struct eapol_sm *sm);
324 void eapol_sm_notify_portEnabled(struct eapol_sm *sm, Boolean enabled);
325 void eapol_sm_notify_portValid(struct eapol_sm *sm, Boolean valid);
326 void eapol_sm_notify_eap_success(struct eapol_sm *sm, Boolean success);
327 void eapol_sm_notify_eap_fail(struct eapol_sm *sm, Boolean fail);
328 void eapol_sm_notify_config(struct eapol_sm *sm,
329  struct eap_peer_config *config,
330  const struct eapol_config *conf);
331 int eapol_sm_get_key(struct eapol_sm *sm, u8 *key, size_t len);
332 const u8 * eapol_sm_get_session_id(struct eapol_sm *sm, size_t *len);
333 void eapol_sm_notify_logoff(struct eapol_sm *sm, Boolean logoff);
334 void eapol_sm_notify_cached(struct eapol_sm *sm);
335 void eapol_sm_notify_pmkid_attempt(struct eapol_sm *sm);
336 void eapol_sm_register_scard_ctx(struct eapol_sm *sm, void *ctx);
337 void eapol_sm_notify_portControl(struct eapol_sm *sm, PortControl portControl);
338 void eapol_sm_notify_ctrl_attached(struct eapol_sm *sm);
339 void eapol_sm_notify_ctrl_response(struct eapol_sm *sm);
340 void eapol_sm_request_reauth(struct eapol_sm *sm);
341 void eapol_sm_notify_lower_layer_success(struct eapol_sm *sm, int in_eapol_sm);
342 void eapol_sm_invalidate_cached_session(struct eapol_sm *sm);
343 const char * eapol_sm_get_method_name(struct eapol_sm *sm);
344 void eapol_sm_set_ext_pw_ctx(struct eapol_sm *sm,
345  struct ext_password_data *ext);
346 int eapol_sm_failed(struct eapol_sm *sm);
347 void eapol_sm_erp_flush(struct eapol_sm *sm);
348 int eapol_sm_get_eap_proxy_imsi(struct eapol_sm *sm, char *imsi, size_t *len);
349 #else /* IEEE8021X_EAPOL */
350 static inline struct eapol_sm *eapol_sm_init(struct eapol_ctx *ctx)
351 {
352  free(ctx);
353  return (struct eapol_sm *) 1;
354 }
355 static inline void eapol_sm_deinit(struct eapol_sm *sm)
356 {
357 }
358 static inline void eapol_sm_step(struct eapol_sm *sm)
359 {
360 }
361 static inline int eapol_sm_get_status(struct eapol_sm *sm, char *buf,
362  size_t buflen, int verbose)
363 {
364  return 0;
365 }
366 static inline int eapol_sm_get_mib(struct eapol_sm *sm, char *buf,
367  size_t buflen)
368 {
369  return 0;
370 }
371 static inline void eapol_sm_configure(struct eapol_sm *sm, int heldPeriod,
372  int authPeriod, int startPeriod,
373  int maxStart)
374 {
375 }
376 static inline int eapol_sm_rx_eapol(struct eapol_sm *sm, const u8 *src,
377  const u8 *buf, size_t len)
378 {
379  return 0;
380 }
381 static inline void eapol_sm_notify_tx_eapol_key(struct eapol_sm *sm)
382 {
383 }
384 static inline void eapol_sm_notify_portEnabled(struct eapol_sm *sm,
385  Boolean enabled)
386 {
387 }
388 static inline void eapol_sm_notify_portValid(struct eapol_sm *sm,
389  Boolean valid)
390 {
391 }
392 static inline void eapol_sm_notify_eap_success(struct eapol_sm *sm,
393  Boolean success)
394 {
395 }
396 static inline void eapol_sm_notify_eap_fail(struct eapol_sm *sm, Boolean fail)
397 {
398 }
399 static inline void eapol_sm_notify_config(struct eapol_sm *sm,
400  struct eap_peer_config *config,
401  struct eapol_config *conf)
402 {
403 }
404 static inline int eapol_sm_get_key(struct eapol_sm *sm, u8 *key, size_t len)
405 {
406  return -1;
407 }
408 static inline const u8 *
409 eapol_sm_get_session_id(struct eapol_sm *sm, size_t *len)
410 {
411  return NULL;
412 }
413 static inline void eapol_sm_notify_logoff(struct eapol_sm *sm, Boolean logoff)
414 {
415 }
416 static inline void eapol_sm_notify_cached(struct eapol_sm *sm)
417 {
418 }
419 static inline void eapol_sm_notify_pmkid_attempt(struct eapol_sm *sm)
420 {
421 }
422 #define eapol_sm_register_scard_ctx(sm, ctx) do { } while (0)
423 static inline void eapol_sm_notify_portControl(struct eapol_sm *sm,
424  PortControl portControl)
425 {
426 }
427 static inline void eapol_sm_notify_ctrl_attached(struct eapol_sm *sm)
428 {
429 }
430 static inline void eapol_sm_notify_ctrl_response(struct eapol_sm *sm)
431 {
432 }
433 static inline void eapol_sm_request_reauth(struct eapol_sm *sm)
434 {
435 }
436 static inline void eapol_sm_notify_lower_layer_success(struct eapol_sm *sm,
437  int in_eapol_sm)
438 {
439 }
440 static inline void eapol_sm_invalidate_cached_session(struct eapol_sm *sm)
441 {
442 }
443 static inline const char * eapol_sm_get_method_name(struct eapol_sm *sm)
444 {
445  return NULL;
446 }
447 static inline void eapol_sm_set_ext_pw_ctx(struct eapol_sm *sm,
448  struct ext_password_data *ext)
449 {
450 }
451 static inline int eapol_sm_failed(struct eapol_sm *sm)
452 {
453  return 0;
454 }
455 static inline void eapol_sm_erp_flush(struct eapol_sm *sm)
456 {
457 }
458 #endif /* IEEE8021X_EAPOL */
459 
460 #endif /* EAPOL_SUPP_SM_H */
eapol_ctx::pkcs11_engine_path
const char * pkcs11_engine_path
Path to the OpenSSL engine for PKCS#11.
Definition: eapol_supp_sm.h:216
eapol_ctx::set_anon_id
void(* set_anon_id)(void *ctx, const u8 *id, size_t len)
Set or add anonymous identity.
Definition: eapol_supp_sm.h:305
eapol_sm_get_session_id
const u8 * eapol_sm_get_session_id(struct eapol_sm *sm, size_t *len)
Get EAP Session-Id.
Definition: eapol_supp_sm.c:1594
eapol_config::external_sim
int external_sim
Use external processing for SIM/USIM operations.
Definition: eapol_supp_sm.h:63
eapol_sm_notify_eap_fail
void eapol_sm_notify_eap_fail(struct eapol_sm *sm, Boolean fail)
Notification of external EAP failure trigger.
Definition: eapol_supp_sm.c:1470
eapol_sm_notify_ctrl_response
void eapol_sm_notify_ctrl_response(struct eapol_sm *sm)
Notification of received user input.
Definition: eapol_supp_sm.c:1734
eapol_ctx::cb_ctx
void * cb_ctx
Callback context for cb()
Definition: eapol_supp_sm.h:121
eapol_sm_notify_tx_eapol_key
void eapol_sm_notify_tx_eapol_key(struct eapol_sm *sm)
Notification about transmitted EAPOL packet.
Definition: eapol_supp_sm.c:1392
eapol_ctx::openssl_ciphers
const char * openssl_ciphers
OpenSSL cipher string.
Definition: eapol_supp_sm.h:236
eapol_ctx::eapol_send_ctx
void * eapol_send_ctx
Callback context for eapol_send() calls.
Definition: eapol_supp_sm.h:141
eapol_sm_step
void eapol_sm_step(struct eapol_sm *sm)
EAPOL state machine step function.
Definition: eapol_supp_sm.c:928
eapol_ctx::cb
void(* cb)(struct eapol_sm *eapol, enum eapol_supp_result result, void *ctx)
Function to be called when EAPOL negotiation has been completed.
Definition: eapol_supp_sm.h:114
eapol_ctx::cert_cb
void(* cert_cb)(void *ctx, int depth, const char *subject, const char *altsubject[], int num_altsubject, const char *cert_hash, const struct wpabuf *cert)
Notification of a peer certificate.
Definition: eapol_supp_sm.h:272
eapol_ctx::status_cb
void(* status_cb)(void *ctx, const char *status, const char *parameter)
Notification of a change in EAP status.
Definition: eapol_supp_sm.h:288
eapol_ctx::eapol_done_cb
void(* eapol_done_cb)(void *ctx)
Function to be called at successful completion.
Definition: eapol_supp_sm.h:151
eapol_config::workaround
unsigned int workaround
Whether EAP workarounds are enabled.
Definition: eapol_supp_sm.h:51
eapol_ctx::port_cb
void(* port_cb)(void *ctx, int authorized)
Set port authorized/unauthorized callback (optional)
Definition: eapol_supp_sm.h:260
eapol_ctx::pkcs11_module_path
const char * pkcs11_module_path
Path to the OpenSSL OpenSC/PKCS#11 module.
Definition: eapol_supp_sm.h:226
eapol_ctx::eap_param_needed
void(* eap_param_needed)(void *ctx, enum wpa_ctrl_req_type field, const char *txt)
Notify that EAP parameter is needed.
Definition: eapol_supp_sm.h:252
eapol_sm_notify_lower_layer_success
void eapol_sm_notify_lower_layer_success(struct eapol_sm *sm, int in_eapol_sm)
Notification of lower layer success.
Definition: eapol_supp_sm.c:1774
defs.h
WPA Supplicant - Common definitions.
eapol_sm_notify_cached
void eapol_sm_notify_cached(struct eapol_sm *sm)
Notification of successful PMKSA caching.
Definition: eapol_supp_sm.c:1631
wpabuf
Definition: wpabuf.h:16
eapol_sm_notify_portEnabled
void eapol_sm_notify_portEnabled(struct eapol_sm *sm, Boolean enabled)
Notification about portEnabled change.
Definition: eapol_supp_sm.c:1406
eapol_sm_notify_config
void eapol_sm_notify_config(struct eapol_sm *sm, struct eap_peer_config *config, const struct eapol_config *conf)
Notification of EAPOL configuration change.
Definition: eapol_supp_sm.c:1494
eapol_config::accept_802_1x_keys
int accept_802_1x_keys
Accept IEEE 802.1X (non-WPA) EAPOL-Key frames.
Definition: eapol_supp_sm.h:27
eapol_sm_deinit
void eapol_sm_deinit(struct eapol_sm *sm)
Deinitialize EAPOL state machine.
Definition: eapol_supp_sm.c:2098
eapol_sm_register_scard_ctx
void eapol_sm_register_scard_ctx(struct eapol_sm *sm, void *ctx)
Notification of smart card context.
Definition: eapol_supp_sm.c:1685
eapol_ctx::preauth
int preauth
IEEE 802.11i/RSN pre-authentication.
Definition: eapol_supp_sm.h:101
eapol_ctx::cert_in_cb
int cert_in_cb
Include server certificates in callback.
Definition: eapol_supp_sm.h:280
eapol_config::fast_reauth
int fast_reauth
Whether fast EAP reauthentication is enabled.
Definition: eapol_supp_sm.h:45
eapol_sm_request_reauth
void eapol_sm_request_reauth(struct eapol_sm *sm)
Request reauthentication.
Definition: eapol_supp_sm.c:1756
eapol_sm_notify_portValid
void eapol_sm_notify_portValid(struct eapol_sm *sm, Boolean valid)
Notification about portValid change.
Definition: eapol_supp_sm.c:1426
wpa_config_blob
Named configuration blob.
Definition: eap_config.h:812
eapol_sm_init
struct eapol_sm * eapol_sm_init(struct eapol_ctx *ctx)
Initialize EAPOL state machine.
Definition: eapol_supp_sm.c:2037
eapol_config
Per network configuration for EAPOL state machines.
Definition: eapol_supp_sm.h:17
ext_password_data
Definition: ext_password.c:26
eapol_sm_notify_ctrl_attached
void eapol_sm_notify_ctrl_attached(struct eapol_sm *sm)
Notification of attached monitor.
Definition: eapol_supp_sm.c:1719
eapol_config::eap_disabled
int eap_disabled
Whether EAP is disabled.
Definition: eapol_supp_sm.h:57
eapol_ctx::eapol_send
int(* eapol_send)(void *ctx, int type, const u8 *buf, size_t len)
Send EAPOL packets.
Definition: eapol_supp_sm.h:161
eapol_sm_notify_logoff
void eapol_sm_notify_logoff(struct eapol_sm *sm, Boolean logoff)
Notification of logon/logoff commands.
Definition: eapol_supp_sm.c:1611
wpa_ctrl_req_type
wpa_ctrl_req_type
Control interface request types.
Definition: defs.h:315
eapol_sm_notify_portControl
void eapol_sm_notify_portControl(struct eapol_sm *sm, PortControl portControl)
Notification of portControl changes.
Definition: eapol_supp_sm.c:1701
eapol_sm_notify_pmkid_attempt
void eapol_sm_notify_pmkid_attempt(struct eapol_sm *sm)
Notification of PMKSA caching.
Definition: eapol_supp_sm.c:1648
eapol_ctx::wps
struct wps_context * wps
WPS context data.
Definition: eapol_supp_sm.h:244
eapol_sm_get_status
int eapol_sm_get_status(struct eapol_sm *sm, char *buf, size_t buflen, int verbose)
Get EAPOL state machine status.
Definition: eapol_supp_sm.c:1107
eapol_ctx::msg_ctx
void * msg_ctx
Callback context for wpa_msg() calls.
Definition: eapol_supp_sm.h:127
eapol_sm_get_key
int eapol_sm_get_key(struct eapol_sm *sm, u8 *key, size_t len)
Get master session key (MSK) from EAP.
Definition: eapol_supp_sm.c:1540
eapol_ctx
Global (for all networks) EAPOL state machine context.
Definition: eapol_supp_sm.h:87
eapol_sm
Internal data for EAPOL state machines.
Definition: eapol_supp_sm.c:28
eapol_ctx::ctx
void * ctx
Pointer to arbitrary upper level context.
Definition: eapol_supp_sm.h:92
eapol_sm_configure
void eapol_sm_configure(struct eapol_sm *sm, int heldPeriod, int authPeriod, int startPeriod, int maxStart)
Set EAPOL variables.
Definition: eapol_supp_sm.c:1062
eapol_sm_notify_eap_success
void eapol_sm_notify_eap_success(struct eapol_sm *sm, Boolean success)
Notification of external EAP success trigger.
Definition: eapol_supp_sm.c:1448
eapol_ctx::set_wep_key
int(* set_wep_key)(void *ctx, int unicast, int keyidx, const u8 *key, size_t keylen)
Configure WEP keys.
Definition: eapol_supp_sm.h:172
eapol_sm_rx_eapol
int eapol_sm_rx_eapol(struct eapol_sm *sm, const u8 *src, const u8 *buf, size_t len)
Process received EAPOL frames.
Definition: eapol_supp_sm.c:1236
eapol_sm_invalidate_cached_session
void eapol_sm_invalidate_cached_session(struct eapol_sm *sm)
Mark cached EAP session data invalid.
Definition: eapol_supp_sm.c:1788
eapol_sm_get_method_name
const char * eapol_sm_get_method_name(struct eapol_sm *sm)
Get EAPOL method name.
Definition: eapol_supp_sm.c:1083
eap_peer_config
EAP peer configuration/credentials.
Definition: eap_config.h:12
eapol_ctx::aborted_cached
void(* aborted_cached)(void *ctx)
Notify that cached PMK attempt was aborted.
Definition: eapol_supp_sm.h:198
wpa_config_blob::name
char * name
Blob name.
Definition: eap_config.h:817
eapol_ctx::opensc_engine_path
const char * opensc_engine_path
Path to the OpenSSL engine for opensc.
Definition: eapol_supp_sm.h:207
eapol_ctx::set_config_blob
void(* set_config_blob)(void *ctx, struct wpa_config_blob *blob)
Set or add a named configuration blob.
Definition: eapol_supp_sm.h:183
eapol_config::wps
int wps
Whether this connection is used for WPS.
Definition: eapol_supp_sm.h:71
eapol_ctx::scard_ctx
void * scard_ctx
Callback context for PC/SC scard_*() function calls.
Definition: eapol_supp_sm.h:135
wps_context
Long term WPS context data.
Definition: wps.h:623
eapol_sm_get_mib
int eapol_sm_get_mib(struct eapol_sm *sm, char *buf, size_t buflen)
Get EAPOL state machine MIBs.
Definition: eapol_supp_sm.c:1166
eapol_config::required_keys
int required_keys
Which EAPOL-Key packets are required.
Definition: eapol_supp_sm.h:39
Generated on Sun Sep 27 2015 22:08:07 for wpa_supplicant / hostapd by   doxygen 1.8.6