eap_i.h

Go to the documentation of this file.

/*
 * EAP peer state machines internal structures (RFC 4137)
 * Copyright (c) 2004-2007, Jouni Malinen <j@w1.fi>
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License version 2 as
 * published by the Free Software Foundation.
 *
 * Alternatively, this software may be distributed under the terms of BSD
 * license.
 *
 * See README and COPYING for more details.
 */

#ifndef EAP_I_H
#define EAP_I_H

#include "wpabuf.h"
#include "eap_peer/eap.h"
#include "eap_common/eap_common.h"

/* RFC 4137 - EAP Peer state machine */

typedef enum {
        DECISION_FAIL, DECISION_COND_SUCC, DECISION_UNCOND_SUCC
} EapDecision;

typedef enum {
        METHOD_NONE, METHOD_INIT, METHOD_CONT, METHOD_MAY_CONT, METHOD_DONE
} EapMethodState;

struct eap_method_ret {
        Boolean ignore;

        EapMethodState methodState;

        EapDecision decision;

        Boolean allowNotifications;
};


struct eap_method {
        int vendor;

        EapType method;

        const char *name;

        void * (*init)(struct eap_sm *sm);

        void (*deinit)(struct eap_sm *sm, void *priv);

        struct wpabuf * (*process)(struct eap_sm *sm, void *priv,
                                   struct eap_method_ret *ret,
                                   const struct wpabuf *reqData);

        Boolean (*isKeyAvailable)(struct eap_sm *sm, void *priv);

        u8 * (*getKey)(struct eap_sm *sm, void *priv, size_t *len);

        int (*get_status)(struct eap_sm *sm, void *priv, char *buf,
                          size_t buflen, int verbose);

        Boolean (*has_reauth_data)(struct eap_sm *sm, void *priv);

        void (*deinit_for_reauth)(struct eap_sm *sm, void *priv);

        void * (*init_for_reauth)(struct eap_sm *sm, void *priv);

        const u8 * (*get_identity)(struct eap_sm *sm, void *priv, size_t *len);

        void (*free)(struct eap_method *method);

#define EAP_PEER_METHOD_INTERFACE_VERSION 1

        int version;

        struct eap_method *next;

#ifdef CONFIG_DYNAMIC_EAP_METHODS

        void *dl_handle;
#endif /* CONFIG_DYNAMIC_EAP_METHODS */

        u8 * (*get_emsk)(struct eap_sm *sm, void *priv, size_t *len);
};


struct eap_sm {
        enum {
                EAP_INITIALIZE, EAP_DISABLED, EAP_IDLE, EAP_RECEIVED,
                EAP_GET_METHOD, EAP_METHOD, EAP_SEND_RESPONSE, EAP_DISCARD,
                EAP_IDENTITY, EAP_NOTIFICATION, EAP_RETRANSMIT, EAP_SUCCESS,
                EAP_FAILURE
        } EAP_state;
        /* Long-term local variables */
        EapType selectedMethod;
        EapMethodState methodState;
        int lastId;
        struct wpabuf *lastRespData;
        EapDecision decision;
        /* Short-term local variables */
        Boolean rxReq;
        Boolean rxSuccess;
        Boolean rxFailure;
        int reqId;
        EapType reqMethod;
        int reqVendor;
        u32 reqVendorMethod;
        Boolean ignore;
        /* Constants */
        int ClientTimeout;

        /* Miscellaneous variables */
        Boolean allowNotifications; /* peer state machine <-> methods */
        struct wpabuf *eapRespData; /* peer to lower layer */
        Boolean eapKeyAvailable; /* peer to lower layer */
        u8 *eapKeyData; /* peer to lower layer */
        size_t eapKeyDataLen; /* peer to lower layer */
        const struct eap_method *m; /* selected EAP method */
        /* not defined in RFC 4137 */
        Boolean changed;
        void *eapol_ctx;
        struct eapol_callbacks *eapol_cb;
        void *eap_method_priv;
        int init_phase2;
        int fast_reauth;

        Boolean rxResp /* LEAP only */;
        Boolean leap_done;
        Boolean peap_done;
        u8 req_md5[16]; /* MD5() of the current EAP packet */
        u8 last_md5[16]; /* MD5() of the previously received EAP packet; used
                          * in duplicate request detection. */

        void *msg_ctx;
        void *scard_ctx;
        void *ssl_ctx;

        unsigned int workaround;

        /* Optional challenges generated in Phase 1 (EAP-FAST) */
        u8 *peer_challenge, *auth_challenge;

        int num_rounds;
        int force_disabled;

        struct wps_context *wps;

        int prev_failure;
};

const u8 * eap_get_config_identity(struct eap_sm *sm, size_t *len);
const u8 * eap_get_config_password(struct eap_sm *sm, size_t *len);
const u8 * eap_get_config_password2(struct eap_sm *sm, size_t *len, int *hash);
const u8 * eap_get_config_new_password(struct eap_sm *sm, size_t *len);
const u8 * eap_get_config_otp(struct eap_sm *sm, size_t *len);
void eap_clear_config_otp(struct eap_sm *sm);
const char * eap_get_config_phase1(struct eap_sm *sm);
const char * eap_get_config_phase2(struct eap_sm *sm);
struct eap_peer_config * eap_get_config(struct eap_sm *sm);
void eap_set_config_blob(struct eap_sm *sm, struct wpa_config_blob *blob);
const struct wpa_config_blob *
eap_get_config_blob(struct eap_sm *sm, const char *name);
void eap_notify_pending(struct eap_sm *sm);
int eap_allowed_method(struct eap_sm *sm, int vendor, u32 method);

#endif /* EAP_I_H */