hostapd
eapol_supp_sm.h
1 /*
2  * EAPOL supplicant state machines
3  * Copyright (c) 2004-2012, Jouni Malinen <j@w1.fi>
4  *
5  * This software may be distributed under the terms of the BSD license.
6  * See README for more details.
7  */
8 
9 #ifndef EAPOL_SUPP_SM_H
10 #define EAPOL_SUPP_SM_H
11 
12 #include "common/defs.h"
13 
14 typedef enum { Unauthorized, Authorized } PortStatus;
15 typedef enum { Auto, ForceUnauthorized, ForceAuthorized } PortControl;
16 
20 struct eapol_config {
29  int accept_802_1x_keys;
30 
31 #define EAPOL_REQUIRE_KEY_UNICAST BIT(0)
32 #define EAPOL_REQUIRE_KEY_BROADCAST BIT(1)
33 
40  int required_keys;
41 
45  int fast_reauth;
46 
50  unsigned int workaround;
51 
55  int eap_disabled;
56 
60  int external_sim;
61 
62 #define EAPOL_LOCAL_WPS_IN_USE BIT(0)
63 #define EAPOL_PEER_IS_WPS20_AP BIT(1)
64 
67  int wps;
68 };
69 
70 struct eapol_sm;
71 struct wpa_config_blob;
72 
73 enum eapol_supp_result {
74  EAPOL_SUPP_RESULT_FAILURE,
75  EAPOL_SUPP_RESULT_SUCCESS,
76  EAPOL_SUPP_RESULT_EXPECTED_FAILURE
77 };
78 
82 struct eapol_ctx {
86  void *ctx;
87 
94  int preauth;
95 
107  void (*cb)(struct eapol_sm *eapol, enum eapol_supp_result result,
108  void *ctx);
109 
113  void *cb_ctx;
114 
118  void *msg_ctx;
119 
125  void *scard_ctx;
126 
130  void *eapol_send_ctx;
131 
140  void (*eapol_done_cb)(void *ctx);
141 
150  int (*eapol_send)(void *ctx, int type, const u8 *buf, size_t len);
151 
161  int (*set_wep_key)(void *ctx, int unicast, int keyidx,
162  const u8 *key, size_t keylen);
163 
172  void (*set_config_blob)(void *ctx, struct wpa_config_blob *blob);
173 
180  const struct wpa_config_blob * (*get_config_blob)(void *ctx,
181  const char *name);
182 
187  void (*aborted_cached)(void *ctx);
188 
195  const char *opensc_engine_path;
196 
203  const char *pkcs11_engine_path;
204 
212  const char *pkcs11_module_path;
213 
221  const char *openssl_ciphers;
222 
228  struct wps_context *wps;
229 
236  void (*eap_param_needed)(void *ctx, enum wpa_ctrl_req_type field,
237  const char *txt);
238 
244  void (*port_cb)(void *ctx, int authorized);
245 
256  void (*cert_cb)(void *ctx, int depth, const char *subject,
257  const char *altsubject[], int num_altsubject,
258  const char *cert_hash, const struct wpabuf *cert);
259 
263  int cert_in_cb;
264 
271  void (*status_cb)(void *ctx, const char *status,
272  const char *parameter);
273 
274 #ifdef CONFIG_EAP_PROXY
275 
279  void (*eap_proxy_cb)(void *ctx);
280 
286  void (*eap_proxy_notify_sim_status)(void *ctx,
287  enum eap_proxy_sim_state sim_state);
288 #endif /* CONFIG_EAP_PROXY */
289 
296  void (*set_anon_id)(void *ctx, const u8 *id, size_t len);
297 };
298 
299 
300 struct eap_peer_config;
301 struct ext_password_data;
302 
303 #ifdef IEEE8021X_EAPOL
304 struct eapol_sm *eapol_sm_init(struct eapol_ctx *ctx);
305 void eapol_sm_deinit(struct eapol_sm *sm);
306 void eapol_sm_step(struct eapol_sm *sm);
307 int eapol_sm_get_status(struct eapol_sm *sm, char *buf, size_t buflen,
308  int verbose);
309 int eapol_sm_get_mib(struct eapol_sm *sm, char *buf, size_t buflen);
310 void eapol_sm_configure(struct eapol_sm *sm, int heldPeriod, int authPeriod,
311  int startPeriod, int maxStart);
312 int eapol_sm_rx_eapol(struct eapol_sm *sm, const u8 *src, const u8 *buf,
313  size_t len);
314 void eapol_sm_notify_tx_eapol_key(struct eapol_sm *sm);
315 void eapol_sm_notify_portEnabled(struct eapol_sm *sm, Boolean enabled);
316 void eapol_sm_notify_portValid(struct eapol_sm *sm, Boolean valid);
317 void eapol_sm_notify_eap_success(struct eapol_sm *sm, Boolean success);
318 void eapol_sm_notify_eap_fail(struct eapol_sm *sm, Boolean fail);
319 void eapol_sm_notify_config(struct eapol_sm *sm,
320  struct eap_peer_config *config,
321  const struct eapol_config *conf);
322 int eapol_sm_get_key(struct eapol_sm *sm, u8 *key, size_t len);
323 const u8 * eapol_sm_get_session_id(struct eapol_sm *sm, size_t *len);
324 void eapol_sm_notify_logoff(struct eapol_sm *sm, Boolean logoff);
325 void eapol_sm_notify_cached(struct eapol_sm *sm);
326 void eapol_sm_notify_pmkid_attempt(struct eapol_sm *sm);
327 void eapol_sm_register_scard_ctx(struct eapol_sm *sm, void *ctx);
328 void eapol_sm_notify_portControl(struct eapol_sm *sm, PortControl portControl);
329 void eapol_sm_notify_ctrl_attached(struct eapol_sm *sm);
330 void eapol_sm_notify_ctrl_response(struct eapol_sm *sm);
331 void eapol_sm_request_reauth(struct eapol_sm *sm);
332 void eapol_sm_notify_lower_layer_success(struct eapol_sm *sm, int in_eapol_sm);
333 void eapol_sm_invalidate_cached_session(struct eapol_sm *sm);
334 const char * eapol_sm_get_method_name(struct eapol_sm *sm);
335 void eapol_sm_set_ext_pw_ctx(struct eapol_sm *sm,
336  struct ext_password_data *ext);
337 int eapol_sm_failed(struct eapol_sm *sm);
338 void eapol_sm_erp_flush(struct eapol_sm *sm);
339 struct wpabuf * eapol_sm_build_erp_reauth_start(struct eapol_sm *sm);
340 void eapol_sm_process_erp_finish(struct eapol_sm *sm, const u8 *buf,
341  size_t len);
342 int eapol_sm_get_eap_proxy_imsi(struct eapol_sm *sm, char *imsi, size_t *len);
343 #else /* IEEE8021X_EAPOL */
344 static inline struct eapol_sm *eapol_sm_init(struct eapol_ctx *ctx)
345 {
346  free(ctx);
347  return (struct eapol_sm *) 1;
348 }
349 static inline void eapol_sm_deinit(struct eapol_sm *sm)
350 {
351 }
352 static inline void eapol_sm_step(struct eapol_sm *sm)
353 {
354 }
355 static inline int eapol_sm_get_status(struct eapol_sm *sm, char *buf,
356  size_t buflen, int verbose)
357 {
358  return 0;
359 }
360 static inline int eapol_sm_get_mib(struct eapol_sm *sm, char *buf,
361  size_t buflen)
362 {
363  return 0;
364 }
365 static inline void eapol_sm_configure(struct eapol_sm *sm, int heldPeriod,
366  int authPeriod, int startPeriod,
367  int maxStart)
368 {
369 }
370 static inline int eapol_sm_rx_eapol(struct eapol_sm *sm, const u8 *src,
371  const u8 *buf, size_t len)
372 {
373  return 0;
374 }
375 static inline void eapol_sm_notify_tx_eapol_key(struct eapol_sm *sm)
376 {
377 }
378 static inline void eapol_sm_notify_portEnabled(struct eapol_sm *sm,
379  Boolean enabled)
380 {
381 }
382 static inline void eapol_sm_notify_portValid(struct eapol_sm *sm,
383  Boolean valid)
384 {
385 }
386 static inline void eapol_sm_notify_eap_success(struct eapol_sm *sm,
387  Boolean success)
388 {
389 }
390 static inline void eapol_sm_notify_eap_fail(struct eapol_sm *sm, Boolean fail)
391 {
392 }
393 static inline void eapol_sm_notify_config(struct eapol_sm *sm,
394  struct eap_peer_config *config,
395  struct eapol_config *conf)
396 {
397 }
398 static inline int eapol_sm_get_key(struct eapol_sm *sm, u8 *key, size_t len)
399 {
400  return -1;
401 }
402 static inline const u8 *
403 eapol_sm_get_session_id(struct eapol_sm *sm, size_t *len)
404 {
405  return NULL;
406 }
407 static inline void eapol_sm_notify_logoff(struct eapol_sm *sm, Boolean logoff)
408 {
409 }
410 static inline void eapol_sm_notify_cached(struct eapol_sm *sm)
411 {
412 }
413 static inline void eapol_sm_notify_pmkid_attempt(struct eapol_sm *sm)
414 {
415 }
416 #define eapol_sm_register_scard_ctx(sm, ctx) do { } while (0)
417 static inline void eapol_sm_notify_portControl(struct eapol_sm *sm,
418  PortControl portControl)
419 {
420 }
421 static inline void eapol_sm_notify_ctrl_attached(struct eapol_sm *sm)
422 {
423 }
424 static inline void eapol_sm_notify_ctrl_response(struct eapol_sm *sm)
425 {
426 }
427 static inline void eapol_sm_request_reauth(struct eapol_sm *sm)
428 {
429 }
430 static inline void eapol_sm_notify_lower_layer_success(struct eapol_sm *sm,
431  int in_eapol_sm)
432 {
433 }
434 static inline void eapol_sm_invalidate_cached_session(struct eapol_sm *sm)
435 {
436 }
437 static inline const char * eapol_sm_get_method_name(struct eapol_sm *sm)
438 {
439  return NULL;
440 }
441 static inline void eapol_sm_set_ext_pw_ctx(struct eapol_sm *sm,
442  struct ext_password_data *ext)
443 {
444 }
445 static inline int eapol_sm_failed(struct eapol_sm *sm)
446 {
447  return 0;
448 }
449 static inline void eapol_sm_erp_flush(struct eapol_sm *sm)
450 {
451 }
452 static inline struct wpabuf *
453 eapol_sm_build_erp_reauth_start(struct eapol_sm *sm)
454 {
455  return NULL;
456 }
457 static inline void eapol_sm_process_erp_finish(struct eapol_sm *sm,
458  const u8 *buf, size_t len)
459 {
460 }
461 #endif /* IEEE8021X_EAPOL */
462 
463 #endif /* EAPOL_SUPP_SM_H */
eapol_ctx::pkcs11_engine_path
const char * pkcs11_engine_path
pkcs11_engine_path - Path to the OpenSSL engine for PKCS#11
Definition: eapol_supp_sm.h:203
eapol_config::external_sim
int external_sim
external_sim - Use external processing for SIM/USIM operations
Definition: eapol_supp_sm.h:60
eapol_ctx::cb_ctx
void * cb_ctx
cb_ctx - Callback context for cb()
Definition: eapol_supp_sm.h:113
eapol_ctx::openssl_ciphers
const char * openssl_ciphers
openssl_ciphers - OpenSSL cipher string
Definition: eapol_supp_sm.h:221
eapol_ctx::eapol_send_ctx
void * eapol_send_ctx
eapol_send_ctx - Callback context for eapol_send() calls
Definition: eapol_supp_sm.h:130
eapol_config::workaround
unsigned int workaround
workaround - Whether EAP workarounds are enabled
Definition: eapol_supp_sm.h:50
eapol_ctx::pkcs11_module_path
const char * pkcs11_module_path
pkcs11_module_path - Path to the OpenSSL OpenSC/PKCS#11 module
Definition: eapol_supp_sm.h:212
config
Definition: config.py:1
wpabuf
Definition: wpabuf.h:20
eapol_config::accept_802_1x_keys
int accept_802_1x_keys
accept_802_1x_keys - Accept IEEE 802.1X (non-WPA) EAPOL-Key frames
Definition: eapol_supp_sm.h:29
eapol_ctx::preauth
int preauth
preauth - IEEE 802.11i/RSN pre-authentication
Definition: eapol_supp_sm.h:94
eapol_ctx::cert_in_cb
int cert_in_cb
cert_in_cb - Include server certificates in callback
Definition: eapol_supp_sm.h:263
eapol_config::fast_reauth
int fast_reauth
fast_reauth - Whether fast EAP reauthentication is enabled
Definition: eapol_supp_sm.h:45
wpa_config_blob
struct wpa_config_blob - Named configuration blob
Definition: eap_config.h:766
eapol_config
struct eapol_config - Per network configuration for EAPOL state machines
Definition: eapol_supp_sm.h:20
ext_password_data
Definition: ext_password.c:26
eapol_config::eap_disabled
int eap_disabled
eap_disabled - Whether EAP is disabled
Definition: eapol_supp_sm.h:55
eapol_ctx::wps
struct wps_context * wps
wps - WPS context data
Definition: eapol_supp_sm.h:228
eapol_ctx::msg_ctx
void * msg_ctx
msg_ctx - Callback context for wpa_msg() calls
Definition: eapol_supp_sm.h:118
eapol_ctx
struct eapol_ctx - Global (for all networks) EAPOL state machine context
Definition: eapol_supp_sm.h:82
eapol_sm
struct eapol_sm - Internal data for EAPOL state machines
Definition: eapol_supp_sm.c:31
eapol_ctx::ctx
void * ctx
ctx - Pointer to arbitrary upper level context
Definition: eapol_supp_sm.h:86
eap_peer_config
struct eap_peer_config - EAP peer configuration/credentials
Definition: eap_config.h:15
wpa_config_blob::name
char * name
name - Blob name
Definition: eap_config.h:770
eapol_ctx::opensc_engine_path
const char * opensc_engine_path
opensc_engine_path - Path to the OpenSSL engine for opensc
Definition: eapol_supp_sm.h:195
eapol_config::wps
int wps
wps - Whether this connection is used for WPS
Definition: eapol_supp_sm.h:67
eapol_ctx::scard_ctx
void * scard_ctx
scard_ctx - Callback context for PC/SC scard_*() function calls
Definition: eapol_supp_sm.h:125
wps_context
struct wps_context - Long term WPS context data
Definition: wps.h:594
eapol_config::required_keys
int required_keys
required_keys - Which EAPOL-Key packets are required
Definition: eapol_supp_sm.h:40
Generated by   doxygen 1.8.12