eap_i.h

Go to the documentation of this file.

#ifndef EAP_I_H
#define EAP_I_H

#include "eap.h"

/* RFC 4137 - EAP Peer state machine */

typedef enum {
        DECISION_FAIL, DECISION_COND_SUCC, DECISION_UNCOND_SUCC
} EapDecision;

typedef enum {
        METHOD_NONE, METHOD_INIT, METHOD_CONT, METHOD_MAY_CONT, METHOD_DONE
} EapMethodState;

struct eap_method_ret {
        Boolean ignore;

        EapMethodState methodState;

        EapDecision decision;

        Boolean allowNotifications;
};


struct eap_method {
        EapType method;

        const char *name;

        void * (*init)(struct eap_sm *sm);

        void (*deinit)(struct eap_sm *sm, void *priv);

        u8 * (*process)(struct eap_sm *sm, void *priv,
                        struct eap_method_ret *ret,
                        const u8 *reqData, size_t reqDataLen,
                        size_t *respDataLen);

        Boolean (*isKeyAvailable)(struct eap_sm *sm, void *priv);

        u8 * (*getKey)(struct eap_sm *sm, void *priv, size_t *len);

        int (*get_status)(struct eap_sm *sm, void *priv, char *buf,
                          size_t buflen, int verbose);

        Boolean (*has_reauth_data)(struct eap_sm *sm, void *priv);

        void (*deinit_for_reauth)(struct eap_sm *sm, void *priv);

        void * (*init_for_reauth)(struct eap_sm *sm, void *priv);

        const u8 * (*get_identity)(struct eap_sm *sm, void *priv, size_t *len);
};


struct eap_sm {
        enum {
                EAP_INITIALIZE, EAP_DISABLED, EAP_IDLE, EAP_RECEIVED,
                EAP_GET_METHOD, EAP_METHOD, EAP_SEND_RESPONSE, EAP_DISCARD,
                EAP_IDENTITY, EAP_NOTIFICATION, EAP_RETRANSMIT, EAP_SUCCESS,
                EAP_FAILURE
        } EAP_state;
        /* Long-term local variables */
        EapType selectedMethod;
        EapMethodState methodState;
        int lastId;
        u8 *lastRespData;
        size_t lastRespDataLen;
        EapDecision decision;
        /* Short-term local variables */
        Boolean rxReq;
        Boolean rxSuccess;
        Boolean rxFailure;
        int reqId;
        EapType reqMethod;
        Boolean ignore;
        /* Constants */
        int ClientTimeout;

        /* Miscellaneous variables */
        Boolean allowNotifications; /* peer state machine <-> methods */
        u8 *eapRespData; /* peer to lower layer */
        size_t eapRespDataLen; /* peer to lower layer */
        Boolean eapKeyAvailable; /* peer to lower layer */
        u8 *eapKeyData; /* peer to lower layer */
        size_t eapKeyDataLen; /* peer to lower layer */
        const struct eap_method *m; /* selected EAP method */
        /* not defined in RFC 4137 */
        Boolean changed;
        void *eapol_ctx;
        struct eapol_callbacks *eapol_cb;
        void *eap_method_priv;
        int init_phase2;
        int fast_reauth;

        Boolean rxResp /* LEAP only */;
        Boolean leap_done;
        Boolean peap_done;
        u8 req_md5[16]; /* MD5() of the current EAP packet */
        u8 last_md5[16]; /* MD5() of the previously received EAP packet; used
                          * in duplicate request detection. */

        void *msg_ctx;
        void *scard_ctx;
        void *ssl_ctx;

        unsigned int workaround;

        /* Optional challenges generated in Phase 1 (EAP-FAST) */
        u8 *peer_challenge, *auth_challenge;

        int num_rounds;
        int force_disabled;
};

const u8 * eap_hdr_validate(EapType eap_type, const u8 *msg, size_t msglen,
                            size_t *plen);
void eap_set_config_blob(struct eap_sm *sm, struct wpa_config_blob *blob);
const struct wpa_config_blob *
eap_get_config_blob(struct eap_sm *sm, const char *name);

#endif /* EAP_I_H */

---