00001
00002
00003
00004
00005
00006
00007
00008
00009
00010
00011
00012
00013
00014
00015 #ifndef EAPOL_AUTH_SM_I_H
00016 #define EAPOL_AUTH_SM_I_H
00017
00018 #include "common/defs.h"
00019 #include "radius/radius.h"
00020
00021
00022
00023 typedef enum { ForceUnauthorized = 1, ForceAuthorized = 3, Auto = 2 }
00024 PortTypes;
00025 typedef enum { Unauthorized = 2, Authorized = 1 } PortState;
00026 typedef enum { Both = 0, In = 1 } ControlledDirection;
00027 typedef unsigned int Counter;
00028
00029
00033 struct eapol_authenticator {
00034 struct eapol_auth_config conf;
00035 struct eapol_auth_cb cb;
00036
00037 u8 *default_wep_key;
00038 u8 default_wep_key_idx;
00039 };
00040
00041
00045 struct eapol_state_machine {
00046
00047 int aWhile;
00048 int quietWhile;
00049 int reAuthWhen;
00050
00051
00052 Boolean authAbort;
00053 Boolean authFail;
00054 PortState authPortStatus;
00055 Boolean authStart;
00056 Boolean authTimeout;
00057 Boolean authSuccess;
00058 Boolean eapolEap;
00059 Boolean initialize;
00060 Boolean keyDone;
00061 Boolean keyRun;
00062 Boolean keyTxEnabled;
00063 PortTypes portControl;
00064 Boolean portValid;
00065 Boolean reAuthenticate;
00066
00067
00068
00069
00070
00071 enum { AUTH_PAE_INITIALIZE, AUTH_PAE_DISCONNECTED, AUTH_PAE_CONNECTING,
00072 AUTH_PAE_AUTHENTICATING, AUTH_PAE_AUTHENTICATED,
00073 AUTH_PAE_ABORTING, AUTH_PAE_HELD, AUTH_PAE_FORCE_AUTH,
00074 AUTH_PAE_FORCE_UNAUTH, AUTH_PAE_RESTART } auth_pae_state;
00075
00076 Boolean eapolLogoff;
00077 Boolean eapolStart;
00078 PortTypes portMode;
00079 unsigned int reAuthCount;
00080
00081 unsigned int quietPeriod;
00082 #define AUTH_PAE_DEFAULT_quietPeriod 60
00083 unsigned int reAuthMax;
00084 #define AUTH_PAE_DEFAULT_reAuthMax 2
00085
00086 Counter authEntersConnecting;
00087 Counter authEapLogoffsWhileConnecting;
00088 Counter authEntersAuthenticating;
00089 Counter authAuthSuccessesWhileAuthenticating;
00090 Counter authAuthTimeoutsWhileAuthenticating;
00091 Counter authAuthFailWhileAuthenticating;
00092 Counter authAuthEapStartsWhileAuthenticating;
00093 Counter authAuthEapLogoffWhileAuthenticating;
00094 Counter authAuthReauthsWhileAuthenticated;
00095 Counter authAuthEapStartsWhileAuthenticated;
00096 Counter authAuthEapLogoffWhileAuthenticated;
00097
00098
00099 enum { BE_AUTH_REQUEST, BE_AUTH_RESPONSE, BE_AUTH_SUCCESS,
00100 BE_AUTH_FAIL, BE_AUTH_TIMEOUT, BE_AUTH_IDLE, BE_AUTH_INITIALIZE,
00101 BE_AUTH_IGNORE
00102 } be_auth_state;
00103
00104 unsigned int serverTimeout;
00105 #define BE_AUTH_DEFAULT_serverTimeout 30
00106
00107 Counter backendResponses;
00108 Counter backendAccessChallenges;
00109 Counter backendOtherRequestsToSupplicant;
00110 Counter backendAuthSuccesses;
00111 Counter backendAuthFails;
00112
00113
00114 enum { REAUTH_TIMER_INITIALIZE, REAUTH_TIMER_REAUTHENTICATE
00115 } reauth_timer_state;
00116
00117 unsigned int reAuthPeriod;
00118 Boolean reAuthEnabled;
00119
00120
00121 enum { AUTH_KEY_TX_NO_KEY_TRANSMIT, AUTH_KEY_TX_KEY_TRANSMIT
00122 } auth_key_tx_state;
00123
00124
00125 enum { KEY_RX_NO_KEY_RECEIVE, KEY_RX_KEY_RECEIVE } key_rx_state;
00126
00127 Boolean rxKey;
00128
00129
00130 enum { CTRL_DIR_FORCE_BOTH, CTRL_DIR_IN_OR_BOTH } ctrl_dir_state;
00131
00132 ControlledDirection adminControlledDirections;
00133 ControlledDirection operControlledDirections;
00134 Boolean operEdge;
00135
00136
00137 Counter dot1xAuthEapolFramesRx;
00138 Counter dot1xAuthEapolFramesTx;
00139 Counter dot1xAuthEapolStartFramesRx;
00140 Counter dot1xAuthEapolLogoffFramesRx;
00141 Counter dot1xAuthEapolRespIdFramesRx;
00142 Counter dot1xAuthEapolRespFramesRx;
00143 Counter dot1xAuthEapolReqIdFramesTx;
00144 Counter dot1xAuthEapolReqFramesTx;
00145 Counter dot1xAuthInvalidEapolFramesRx;
00146 Counter dot1xAuthEapLengthErrorFramesRx;
00147 Counter dot1xAuthLastEapolFrameVersion;
00148
00149
00150 u8 addr[ETH_ALEN];
00151 int flags;
00152
00153
00154 struct eap_eapol_interface *eap_if;
00155
00156 int radius_identifier;
00157
00158 struct radius_msg *last_recv_radius;
00159 u8 last_eap_id;
00160 u8 *identity;
00161 size_t identity_len;
00162 u8 eap_type_authsrv;
00163
00164 u8 eap_type_supp;
00165 struct radius_class_data radius_class;
00166
00167
00168 u8 *eapol_key_sign;
00169 size_t eapol_key_sign_len;
00170 u8 *eapol_key_crypt;
00171 size_t eapol_key_crypt_len;
00172
00173 struct eap_sm *eap;
00174
00175 Boolean initializing;
00176 Boolean changed;
00177
00178 struct eapol_authenticator *eapol;
00179
00180 void *sta;
00181 };
00182
00183 #endif