X-Git-Url: http://www.project-moonshot.org/gitweb/?a=blobdiff_plain;f=gssapiP_eap.h;h=35cc154bad19d28d32c832a012521e90886585cd;hb=1f273eda615c04331df6849cfbf3cfad069ea8b0;hp=f6da26076b22de673643d4764a66b41ffc2cdff4;hpb=7f8be643b9781277f22ec8ad49e2280510975910;p=mech_eap.orig

diff --git a/gssapiP_eap.h b/gssapiP_eap.h
index f6da260..35cc154 100644
--- a/gssapiP_eap.h
+++ b/gssapiP_eap.h
@@ -33,9 +33,13 @@
 #ifndef _GSSAPIP_EAP_H_
 #define _GSSAPIP_EAP_H_ 1
 
+#define BUILTIN_EAP 1
+
 #include <assert.h>
 #include <string.h>
 #include <errno.h>
+#include <unistd.h>
+#include <stdlib.h>
 #include <time.h>
 
 /* GSS includes */
@@ -44,34 +48,35 @@
 #include "gssapi_eap.h"
 #include "util.h"
 
-/* EAP includes */
-#define IEEE8021X_EAPOL 1
+/* Kerberos includes */
+#include <krb5.h>
 
+/* EAP includes */
+#ifndef __cplusplus
 #include <common.h>
 #include <eap_peer/eap.h>
 #include <eap_peer/eap_config.h>
+#include <crypto/tls.h>                     /* XXX testing implementation only */
 #include <wpabuf.h>
-
-/* Kerberos includes */
-#include <krb5.h>
+#endif
 
 #define NAME_FLAG_NAI                       0x00000001
 #define NAME_FLAG_SERVICE                   0x00000002
-#define NAME_FLAG_SAML                      0x00000010
-#define NAME_FLAG_RADIUS                    0x00000020
+#define NAME_FLAG_RADIUS_ATTRIBUTES         0x00000004
+#define NAME_FLAG_SAML_ATTRIBUTES           0x00000008
 
-#define NAME_HAS_ATTRIBUTES(name)           ((name)->flags & \
-                                             (NAME_FLAG_SAML | NAME_FLAG_RADIUS))
+#define NAME_HAS_ATTRIBUTES(name)           \
+                (((name)->flags & (NAME_FLAG_RADIUS_ATTRIBUTES | \
+                                   NAME_FLAG_SAML_ATTRIBUTES)) != 0)
 
-struct eap_gss_saml_assertion;
-struct eap_gss_avp_list;
+struct gss_eap_saml_attr_ctx;
 
 struct gss_name_struct {
     GSSEAP_MUTEX mutex; /* mutex protecting attributes */
     OM_uint32 flags;
     krb5_principal krbPrincipal; /* this is immutable */
-    struct eap_gss_saml_assertion *assertion;
-    struct eap_gss_avp_list *avps;
+    struct gss_eap_radius_attr_ctx *radiusCtx;
+    struct gss_eap_saml_attr_ctx *samlCtx;
 };
 
 #define CRED_FLAG_INITIATE                  0x00000001
@@ -92,10 +97,12 @@ struct gss_cred_id_struct {
 
 #define CTX_IS_INITIATOR(ctx)               (((ctx)->flags & CTX_FLAG_INITIATOR) != 0)
 
-enum eap_gss_state {
-    EAP_STATE_AUTHENTICATE = 1,
+enum gss_eap_state {
+    EAP_STATE_AUTHENTICATE = 0,
+#if 0
     EAP_STATE_KEY_TRANSPORT,
     EAP_STATE_SECURE_ASSOCIATION,
+#endif
     EAP_STATE_GSS_CHANNEL_BINDINGS,
     EAP_STATE_ESTABLISHED
 };
@@ -113,61 +120,43 @@ enum eap_gss_state {
 #define CTX_FLAG_EAP_ALT_ACCEPT             0x00800000
 #define CTX_FLAG_EAP_ALT_REJECT             0x01000000
 
-struct eap_gss_initiator_ctx {
-    struct wpabuf *eapReqData;
+struct gss_eap_initiator_ctx {
     unsigned int idleWhile;
-    struct eap_peer_config eapConfig;
+#ifndef __cplusplus
+    struct eap_peer_config eapPeerConfig;
     struct eap_sm *eap;
+    struct wpabuf reqData;
+#endif
 };
 
-typedef OM_uint32 (*eap_gss_initiator_sm)(OM_uint32 *,
-                                          gss_cred_id_t,
-                                          gss_ctx_id_t *,
-                                          gss_OID,
-                                          OM_uint32,
-                                          OM_uint32,
-                                          gss_channel_bindings_t,
-                                          gss_buffer_t,
-                                          gss_OID *,
-                                          gss_buffer_t,
-                                          OM_uint32 *,
-                                          OM_uint32 *);
-
-/* Acceptor context flags */
-struct eap_gss_acceptor_ctx {
+struct gss_eap_acceptor_ctx {
+#if defined(BUILTIN_EAP) && !defined(__cplusplus)
+    struct eap_eapol_interface *eapPolInterface;
+    void *tlsContext;
+    struct eap_sm *eap;
+#endif
 };
 
-typedef OM_uint32 (*eap_gss_acceptor_sm)(OM_uint32 *,
-                                         gss_ctx_id_t *,
-                                         gss_cred_id_t,
-                                         gss_buffer_t,
-                                         gss_channel_bindings_t,
-                                         gss_name_t *,
-                                         gss_buffer_t,
-                                         OM_uint32 *,
-                                         OM_uint32 *,
-                                         gss_cred_id_t *);
-
 struct gss_ctx_id_struct {
     GSSEAP_MUTEX mutex;
-    enum eap_gss_state state;
+    enum gss_eap_state state;
     OM_uint32 flags;
     OM_uint32 gssFlags;
     gss_OID mechanismUsed;
-    krb5_enctype encryptionType;
     krb5_cksumtype checksumType;
+    krb5_enctype encryptionType;
     krb5_keyblock rfc3961Key;
     gss_name_t initiatorName;
     gss_name_t acceptorName;
     time_t expiryTime;
+    uint64_t sendSeq, recvSeq;
+    void *seqState;
     union {
-        struct eap_gss_initiator_ctx initiator;
+        struct gss_eap_initiator_ctx initiator;
         #define initiatorCtx         ctxU.initiator
-        struct eap_gss_acceptor_ctx  acceptor;
+        struct gss_eap_acceptor_ctx  acceptor;
         #define acceptorCtx          ctxU.acceptor
     } ctxU;
-    uint64_t sendSeq, recvSeq;
-    void *seqState;
 };
 
 #define TOK_FLAG_SENDER_IS_ACCEPTOR         0x01
@@ -178,6 +167,7 @@ struct gss_ctx_id_struct {
 #define KEY_USAGE_ACCEPTOR_SIGN             23
 #define KEY_USAGE_INITIATOR_SEAL            24
 #define KEY_USAGE_INITIATOR_SIGN            25
+#define KEY_USAGE_CHANNEL_BINDINGS          64
 
 /* wrap_iov.c */
 OM_uint32
@@ -198,5 +188,4 @@ gssEapUnwrapOrVerifyMIC(OM_uint32 *minor_status,
                         int iov_count,
                         enum gss_eap_token_type toktype);
 
-
 #endif /* _GSSAPIP_EAP_H_ */