2 * eap.h Header file containing the interfaces for all EAP types.
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 2 of the License, or
9 * (at your option) any later version.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, write to the Free Software
18 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
20 * Copyright 2001 hereUare Communications, Inc. <raghud@hereuare.com>
21 * Copyright 2003 Alan DeKok <aland@freeradius.org>
28 #ifdef HAVE_SYS_TYPES_H
29 #include <sys/types.h>
32 #ifdef HAVE_NETINET_IN_H
33 #include <netinet/in.h>
42 #include "rad_assert.h"
44 #define PW_EAP_REQUEST 1
45 #define PW_EAP_RESPONSE 2
46 #define PW_EAP_SUCCESS 3
47 #define PW_EAP_FAILURE 4
48 #define PW_EAP_MAX_CODES 4
50 #define PW_EAP_IDENTITY 1
51 #define PW_EAP_NOTIFICATION 2
57 #define PW_EAP_LEAP 17
58 #define PW_EAP_TTLS 21
59 #define PW_EAP_PEAP 25
60 #define PW_EAP_MSCHAPV2 29
61 #define PW_EAP_MAX_TYPES 29
63 #define EAP_HEADER_LEN 4
66 * EAP-Type specific data.
68 typedef struct eaptype_t {
75 * Structure to hold EAP data.
77 * length = code + id + length + type + type.data
80 typedef struct eap_packet {
86 unsigned char *packet;
90 * EAP_DS contains all the received/sending information
91 * response = Received EAP packet
92 * request = Sending EAP packet
94 * Note: We are authentication server,
95 * we get ONLY EAP-Responses and
96 * we send EAP-Request/EAP-success/EAP-failure
98 typedef struct eap_ds {
105 * Currently there are only 2 types
106 * of operations defined,
107 * apart from attach & detach for each EAP-Type.
109 typedef enum operation_t {
117 * EAP_HANDLER is the interface for any EAP-Type.
118 * Each handler contains information for one specific EAP-Type.
119 * This way we don't need to change any interfaces in future.
120 * It is also a list of EAP-request handlers waiting for EAP-response
121 * eap_id = copy of the eap packet we sent to the
123 * next = pointer to next
124 * state = state attribute from the reply we sent
125 * state_len = length of data in the state attribute.
126 * src_ipaddr = client which sent us the RADIUS request containing
127 * this EAP conversation.
128 * eap_id = copy of EAP id we sent to the client.
129 * timestamp = timestamp when this handler was last used.
130 * identity = Identity, as obtained, from EAP-Identity response.
131 * request = RADIUS request data structure
132 * prev_eapds = Previous EAP request, for which eap_ds contains the response.
133 * eap_ds = Current EAP response.
134 * opaque = EAP-Type holds some data that corresponds to the current
135 * EAP-request/response
136 * free_opaque = To release memory held by opaque,
137 * when this handler is timedout & needs to be deleted.
138 * It is the responsibility of the specific EAP-TYPE
139 * to avoid any memory leaks in opaque
140 * Hence this pointer should be provided by the EAP-Type
141 * if opaque is not NULL
142 * status = finished/onhold/..
144 #define EAP_STATE_LEN (AUTH_VECTOR_LEN)
145 typedef struct _eap_handler {
146 struct _eap_handler *next;
148 uint8_t state[EAP_STATE_LEN];
151 unsigned int eap_type;
157 char *identity; /* User name from EAP-Identity */
163 void (*free_opaque)(void *opaque);
171 * Interface to call EAP sub mdoules
173 typedef struct eap_type_t {
175 int (*attach)(CONF_SECTION *conf, void **type_data);
176 int (*initiate)(void *type_data, EAP_HANDLER *handler);
177 int (*authorize)(void *type_data, EAP_HANDLER *handler);
178 int (*authenticate)(void *type_data, EAP_HANDLER *handler);
179 int (*detach)(void *type_data);