00001
00016 #ifndef EAPOL_SM_H
00017 #define EAPOL_SM_H
00018
00019 #include "defs.h"
00020
00021 typedef enum { Unauthorized, Authorized } PortStatus;
00022 typedef enum { Auto, ForceUnauthorized, ForceAuthorized } PortControl;
00023
00028 struct eapol_config {
00038 int accept_802_1x_keys;
00039
00040 #define EAPOL_REQUIRE_KEY_UNICAST BIT(0)
00041 #define EAPOL_REQUIRE_KEY_BROADCAST BIT(1)
00042
00050 int required_keys;
00051
00056 int fast_reauth;
00057
00062 unsigned int workaround;
00063
00068 int eap_disabled;
00069 };
00070
00071 struct eapol_sm;
00072 struct wpa_config_blob;
00073
00078 struct eapol_ctx {
00083 void *ctx;
00084
00092 int preauth;
00093
00106 void (*cb)(struct eapol_sm *eapol, int success, void *ctx);
00107
00112 void *cb_ctx;
00113
00118 void *msg_ctx;
00119
00126 void *scard_ctx;
00127
00132 void *eapol_send_ctx;
00133
00143 void (*eapol_done_cb)(void *ctx);
00144
00154 int (*eapol_send)(void *ctx, int type, const u8 *buf, size_t len);
00155
00166 int (*set_wep_key)(void *ctx, int unicast, int keyidx,
00167 const u8 *key, size_t keylen);
00168
00178 void (*set_config_blob)(void *ctx, struct wpa_config_blob *blob);
00179
00187 const struct wpa_config_blob * (*get_config_blob)(void *ctx,
00188 const char *name);
00189
00195 void (*aborted_cached)(void *ctx);
00196
00204 const char *opensc_engine_path;
00205
00213 const char *pkcs11_engine_path;
00214
00223 const char *pkcs11_module_path;
00224 };
00225
00226
00227 struct wpa_ssid;
00228
00229 #ifdef IEEE8021X_EAPOL
00230 struct eapol_sm *eapol_sm_init(struct eapol_ctx *ctx);
00231 void eapol_sm_deinit(struct eapol_sm *sm);
00232 void eapol_sm_step(struct eapol_sm *sm);
00233 int eapol_sm_get_status(struct eapol_sm *sm, char *buf, size_t buflen,
00234 int verbose);
00235 int eapol_sm_get_mib(struct eapol_sm *sm, char *buf, size_t buflen);
00236 void eapol_sm_configure(struct eapol_sm *sm, int heldPeriod, int authPeriod,
00237 int startPeriod, int maxStart);
00238 int eapol_sm_rx_eapol(struct eapol_sm *sm, const u8 *src, const u8 *buf,
00239 size_t len);
00240 void eapol_sm_notify_tx_eapol_key(struct eapol_sm *sm);
00241 void eapol_sm_notify_portEnabled(struct eapol_sm *sm, Boolean enabled);
00242 void eapol_sm_notify_portValid(struct eapol_sm *sm, Boolean valid);
00243 void eapol_sm_notify_eap_success(struct eapol_sm *sm, Boolean success);
00244 void eapol_sm_notify_eap_fail(struct eapol_sm *sm, Boolean fail);
00245 void eapol_sm_notify_config(struct eapol_sm *sm, struct wpa_ssid *config,
00246 const struct eapol_config *conf);
00247 int eapol_sm_get_key(struct eapol_sm *sm, u8 *key, size_t len);
00248 void eapol_sm_notify_logoff(struct eapol_sm *sm, Boolean logoff);
00249 void eapol_sm_notify_cached(struct eapol_sm *sm);
00250 void eapol_sm_notify_pmkid_attempt(struct eapol_sm *sm, int attempt);
00251 void eapol_sm_register_scard_ctx(struct eapol_sm *sm, void *ctx);
00252 void eapol_sm_notify_portControl(struct eapol_sm *sm, PortControl portControl);
00253 void eapol_sm_notify_ctrl_attached(struct eapol_sm *sm);
00254 void eapol_sm_notify_ctrl_response(struct eapol_sm *sm);
00255 void eapol_sm_request_reauth(struct eapol_sm *sm);
00256 void eapol_sm_notify_lower_layer_success(struct eapol_sm *sm);
00257 #else
00258 static inline struct eapol_sm *eapol_sm_init(struct eapol_ctx *ctx)
00259 {
00260 free(ctx);
00261 return (struct eapol_sm *) 1;
00262 }
00263 static inline void eapol_sm_deinit(struct eapol_sm *sm)
00264 {
00265 }
00266 static inline void eapol_sm_step(struct eapol_sm *sm)
00267 {
00268 }
00269 static inline int eapol_sm_get_status(struct eapol_sm *sm, char *buf,
00270 size_t buflen, int verbose)
00271 {
00272 return 0;
00273 }
00274 static inline int eapol_sm_get_mib(struct eapol_sm *sm, char *buf,
00275 size_t buflen)
00276 {
00277 return 0;
00278 }
00279 static inline void eapol_sm_configure(struct eapol_sm *sm, int heldPeriod,
00280 int authPeriod, int startPeriod,
00281 int maxStart)
00282 {
00283 }
00284 static inline int eapol_sm_rx_eapol(struct eapol_sm *sm, const u8 *src,
00285 const u8 *buf, size_t len)
00286 {
00287 return 0;
00288 }
00289 static inline void eapol_sm_notify_tx_eapol_key(struct eapol_sm *sm)
00290 {
00291 }
00292 static inline void eapol_sm_notify_portEnabled(struct eapol_sm *sm,
00293 Boolean enabled)
00294 {
00295 }
00296 static inline void eapol_sm_notify_portValid(struct eapol_sm *sm,
00297 Boolean valid)
00298 {
00299 }
00300 static inline void eapol_sm_notify_eap_success(struct eapol_sm *sm,
00301 Boolean success)
00302 {
00303 }
00304 static inline void eapol_sm_notify_eap_fail(struct eapol_sm *sm, Boolean fail)
00305 {
00306 }
00307 static inline void eapol_sm_notify_config(struct eapol_sm *sm,
00308 struct wpa_ssid *config,
00309 struct eapol_config *conf)
00310 {
00311 }
00312 static inline int eapol_sm_get_key(struct eapol_sm *sm, u8 *key, size_t len)
00313 {
00314 return -1;
00315 }
00316 static inline void eapol_sm_notify_logoff(struct eapol_sm *sm, Boolean logoff)
00317 {
00318 }
00319 static inline void eapol_sm_notify_cached(struct eapol_sm *sm)
00320 {
00321 }
00322 #define eapol_sm_notify_pmkid_attempt(sm, attempt) do { } while (0)
00323 #define eapol_sm_register_scard_ctx(sm, ctx) do { } while (0)
00324 static inline void eapol_sm_notify_portControl(struct eapol_sm *sm,
00325 PortControl portControl)
00326 {
00327 }
00328 static inline void eapol_sm_notify_ctrl_attached(struct eapol_sm *sm)
00329 {
00330 }
00331 static inline void eapol_sm_notify_ctrl_response(struct eapol_sm *sm)
00332 {
00333 }
00334 static inline void eapol_sm_request_reauth(struct eapol_sm *sm)
00335 {
00336 }
00337 static inline void eapol_sm_notify_lower_layer_success(struct eapol_sm *sm)
00338 {
00339 }
00340 #endif
00341
00342 #endif
00343
