2 * Example application showing how EAP server code from hostapd can be used as
4 * Copyright (c) 2007, Jouni Malinen <j@w1.fi>
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License version 2 as
8 * published by the Free Software Foundation.
10 * Alternatively, this software may be distributed under the terms of BSD
13 * See README and COPYING for more details.
19 #include "eap_server/eap.h"
23 void eap_example_peer_rx(const u8 *data, size_t data_len);
26 struct eap_server_ctx {
27 struct eap_eapol_interface *eap_if;
32 static struct eap_server_ctx eap_ctx;
35 static int server_get_eap_user(void *ctx, const u8 *identity,
36 size_t identity_len, int phase2,
37 struct eap_user *user)
39 os_memset(user, 0, sizeof(*user));
42 /* Only allow EAP-PEAP as the Phase 1 method */
43 user->methods[0].vendor = EAP_VENDOR_IETF;
44 user->methods[0].method = EAP_TYPE_PEAP;
48 if (identity_len != 4 || identity == NULL ||
49 os_memcmp(identity, "user", 4) != 0) {
50 printf("Unknown user\n");
54 /* Only allow EAP-MSCHAPv2 as the Phase 2 method */
55 user->methods[0].vendor = EAP_VENDOR_IETF;
56 user->methods[0].method = EAP_TYPE_MSCHAPV2;
57 user->password = (u8 *) os_strdup("password");
58 user->password_len = 8;
64 static const char * server_get_eap_req_id_text(void *ctx, size_t *len)
71 static struct eapol_callbacks eap_cb;
72 static struct eap_config eap_conf;
74 static int eap_example_server_init_tls(void)
76 struct tls_config tconf;
77 struct tls_connection_params tparams;
79 os_memset(&tconf, 0, sizeof(tconf));
80 eap_ctx.tls_ctx = tls_init(&tconf);
81 if (eap_ctx.tls_ctx == NULL)
84 os_memset(&tparams, 0, sizeof(tparams));
85 tparams.ca_cert = "ca.pem";
86 tparams.client_cert = "server.pem";
87 /* tparams.private_key = "server.key"; */
88 tparams.private_key = "server-key.pem";
89 /* tparams.private_key_passwd = "whatever"; */
91 if (tls_global_set_params(eap_ctx.tls_ctx, &tparams)) {
92 printf("Failed to set TLS parameters\n");
96 if (tls_global_set_verify(eap_ctx.tls_ctx, 0)) {
97 printf("Failed to set check_crl\n");
105 int eap_example_server_init(void)
107 if (eap_server_register_methods() < 0)
110 os_memset(&eap_ctx, 0, sizeof(eap_ctx));
112 if (eap_example_server_init_tls() < 0)
115 os_memset(&eap_cb, 0, sizeof(eap_cb));
116 eap_cb.get_eap_user = server_get_eap_user;
117 eap_cb.get_eap_req_id_text = server_get_eap_req_id_text;
119 os_memset(&eap_conf, 0, sizeof(eap_conf));
120 eap_conf.eap_server = 1;
121 eap_conf.ssl_ctx = eap_ctx.tls_ctx;
123 eap_ctx.eap = eap_server_sm_init(&eap_ctx, &eap_cb, &eap_conf);
124 if (eap_ctx.eap == NULL)
127 eap_ctx.eap_if = eap_get_interface(eap_ctx.eap);
129 /* Enable "port" and request EAP to start authentication. */
130 eap_ctx.eap_if->portEnabled = TRUE;
131 eap_ctx.eap_if->eapRestart = TRUE;
137 void eap_example_server_deinit(void)
139 eap_server_sm_deinit(eap_ctx.eap);
140 eap_server_unregister_methods();
141 tls_deinit(eap_ctx.tls_ctx);
145 int eap_example_server_step(void)
147 int res, process = 0;
149 res = eap_server_sm_step(eap_ctx.eap);
151 if (eap_ctx.eap_if->eapReq) {
152 printf("==> Request\n");
154 eap_ctx.eap_if->eapReq = 0;
157 if (eap_ctx.eap_if->eapSuccess) {
158 printf("==> Success\n");
161 eap_ctx.eap_if->eapSuccess = 0;
163 if (eap_ctx.eap_if->eapKeyAvailable) {
164 wpa_hexdump(MSG_DEBUG, "EAP keying material",
165 eap_ctx.eap_if->eapKeyData,
166 eap_ctx.eap_if->eapKeyDataLen);
170 if (eap_ctx.eap_if->eapFail) {
171 printf("==> Fail\n");
173 eap_ctx.eap_if->eapFail = 0;
176 if (process && eap_ctx.eap_if->eapReqData) {
177 /* Send EAP response to the server */
178 eap_example_peer_rx(wpabuf_head(eap_ctx.eap_if->eapReqData),
179 wpabuf_len(eap_ctx.eap_if->eapReqData));
186 void eap_example_server_rx(const u8 *data, size_t data_len)
188 /* Make received EAP message available to the EAP library */
189 wpabuf_free(eap_ctx.eap_if->eapRespData);
190 eap_ctx.eap_if->eapRespData = wpabuf_alloc_copy(data, data_len);
191 if (eap_ctx.eap_if->eapRespData)
192 eap_ctx.eap_if->eapResp = TRUE;
projects / libeap.git / blob