class eap_core_c : public abs_eap_core_map_c |
Inherited Functions | |
---|---|
abs_eap_core_map_c::abs_eap_core_map_c() | |
abs_eap_core_map_c::~abs_eap_core_map_c() |
EAP_FUNC_IMPORT | eap_core_c | ( | abs_eap_am_tools_c *const | tools, |
abs_eap_core_c *const | partner, | |||
const bool | is_client_when_true, | |||
const eap_am_network_id_c *const | receive_network_id, | |||
const bool | is_tunneled_eap | |||
) |
The constructor initializes member attributes using parameters passed to it. abs_eap_am_tools_c.
abs_eap_am_tools_c *const tools | is pointer to the tools class. |
abs_eap_core_c *const partner | is back pointer to object which created this object. |
const bool is_client_when_true | indicates whether the network entity should act |
const eap_am_network_id_c *const receive_network_id | |
const bool is_tunneled_eap | tells the EAP is run in tunnel (PEAP or other). as a client (true) or server (false), in terms of EAP-protocol whether this network entity is EAP-supplicant (true) or EAP-authenticator (false). |
EAP_FUNC_IMPORT | ~eap_core_c | ( | ) | [virtual] |
The destructor of the eap_core class does nothing special.
EAP_FUNC_IMPORT eap_status_e | add_rogue_ap | ( | eap_array_c< eap_rogue_ap_entry_c > & | rogue_ap_list | ) |
eap_array_c< eap_rogue_ap_entry_c > & rogue_ap_list |
EAP_FUNC_IMPORT eap_status_e | asynchronous_init_remove_eap_session | ( | ) | [private] |
EAP_FUNC_IMPORT eap_status_e | cancel_asynchronous_init_remove_eap_session | ( | ) | [private] |
EAP_FUNC_IMPORT eap_status_e | cancel_eap_failure_timeout | ( | ) | [private] |
This function cancels timeout for received EAP-Failure.
EAP_FUNC_IMPORT eap_status_e | cancel_retransmission | ( | ) | [private] |
Re-transmission is used to test protocols. This function cancels retransmissions.
EAP_FUNC_IMPORT eap_status_e | cancel_session_timeout | ( | ) | [private] |
This function cancels timeout for a session.
EAP_FUNC_IMPORT eap_status_e | cancel_timer | ( | abs_eap_base_timer_c *const | p_initializer, |
const u32_t | p_id | |||
) |
abs_eap_base_timer_c *const p_initializer | |
const u32_t p_id |
EAP_FUNC_IMPORT eap_status_e | check_is_valid_eap_type | ( | const eap_type_value_e | eap_type | ) |
Add configuration of accepted EAP-types. }
const eap_type_value_e eap_type |
EAP_FUNC_IMPORT eap_status_e | client_proposes_eap_types | ( | const eap_am_network_id_c *const | receive_network_id, |
const u8_t | eap_identifier | |||
) | [private] |
const eap_am_network_id_c *const receive_network_id | |
const u8_t eap_identifier |
EAP_FUNC_IMPORT eap_status_e | complete_eap_identity_query | ( | const eap_am_network_id_c *const | send_network_id, |
const eap_variable_data_c *const | identity, | |||
const u8_t | eap_identifier | |||
) |
const eap_am_network_id_c *const send_network_id | |
const eap_variable_data_c *const identity | |
const u8_t eap_identifier |
EAP_FUNC_IMPORT eap_status_e | create_eap_identity_response | ( | eap_buf_chain_wr_c *const | response_packet, |
const eap_variable_data_c *const | identity, | |||
const u8_t | eap_identifier | |||
) | [private] |
This function creates EAP-Response/Identity.
eap_buf_chain_wr_c *const response_packet | |
const eap_variable_data_c *const identity | |
const u8_t eap_identifier |
EAP_FUNC_IMPORT eap_status_e | eap_acknowledge | ( | const eap_am_network_id_c *const | receive_network_id | ) |
The adaptation module calls the eap_acknowledge() function after any Network Protocol packet is received. This is used as a success indication. This is described in RFC 2284 "PPP Extensible Authentication Protocol (EAP)". Mostly there is only one session in the client. The server does not need eap_acknowledge() function because server (EAP-authenticator) sends the EAP-success message.
const eap_am_network_id_c *const receive_network_id |
EAP_FUNC_IMPORT eap_status_e | get_eap_type_list | ( | eap_array_c< eap_type_value_e > *const | eap_type_list | ) |
eap_array_c< eap_type_value_e > *const eap_type_list |
EAP_FUNC_IMPORT u32_t | get_header_offset | ( | u32_t *const | MTU, |
u32_t *const | trailer_length | |||
) |
EAP_FUNC_IMPORT bool | get_marked_removed | ( | ) |
Gets flag whether this session is marked removed. Session is removed later if it is not reused.
EAP_FUNC_IMPORT abs_eap_core_c * | get_partner | ( | ) |
The get_partner() function returns pointer to partner class.
EAP_FUNC_IMPORT eap_status_e | get_saved_eap_identity | ( | eap_variable_data_c *const | identity | ) |
eap_variable_data_c *const identity |
EAP_FUNC_IMPORT eap_status_e | handle_eap_identity_request | ( | const eap_type_value_e | used_eap_type, |
const u8_t | eap_identifier, | |||
const eap_am_network_id_c *const | receive_network_id | |||
) | [private] |
This function handles EAP-Request/Identity.
const eap_type_value_e used_eap_type | |
const u8_t eap_identifier | |
const eap_am_network_id_c *const receive_network_id |
eap_status_e | init_end_of_session | ( | const abs_eap_state_notification_c *const | state | ) | [private] |
const abs_eap_state_notification_c *const state |
EAP_FUNC_IMPORT eap_status_e | init_retransmission | ( | const eap_am_network_id_c *const | send_network_id, |
eap_buf_chain_wr_c *const | sent_packet, | |||
const u32_t | header_offset, | |||
const u32_t | data_length, | |||
const eap_code_value_e | eap_code, | |||
const u8_t | eap_identifier, | |||
const eap_type_value_e | eap_type | |||
) | [private] |
Re-transmission is used to test protocols. This function inits retransmission of sent packet.
const eap_am_network_id_c *const send_network_id | |
eap_buf_chain_wr_c *const sent_packet | |
const u32_t header_offset | |
const u32_t data_length | |
const eap_code_value_e eap_code | |
const u8_t eap_identifier | |
const eap_type_value_e eap_type |
EAP_FUNC_IMPORT eap_status_e | initialize_asynchronous_init_remove_eap_session | ( | const u32_t | remove_session_timeout | ) | [private] |
const u32_t remove_session_timeout |
EAP_FUNC_IMPORT eap_status_e | initialize_session_timeout | ( | const u32_t | session_timeout_ms | ) | [private] |
This function cancels previous session timeout and initializes new timeout for the session.
const u32_t session_timeout_ms |
EAP_FUNC_IMPORT eap_status_e | load_module | ( | const eap_type_value_e | type, |
const | eap_type_value_e, | |||
abs_eap_base_type_c *const | partner, | |||
eap_base_type_c **const | eap_type, | |||
const bool | is_client_when_true, | |||
const eap_am_network_id_c *const | receive_network_id | |||
) |
const eap_type_value_e type | |
const eap_type_value_e | |
abs_eap_base_type_c *const partner | |
eap_base_type_c **const eap_type | |
const bool is_client_when_true | |
const eap_am_network_id_c *const receive_network_id |
EAP_FUNC_IMPORT eap_base_type_c * | load_type | ( | const eap_type_value_e | type, |
const eap_type_value_e | tunneling_type, | |||
const eap_am_network_id_c *const | receive_network_id | |||
) |
The load_type() function function indicates the lower level to load new module including EAP-type. The type parameter is the requested EAP-type.
const eap_type_value_e type | is the identifier of the required EAP type. |
const eap_type_value_e tunneling_type | |
const eap_am_network_id_c *const receive_network_id |
EAP_FUNC_IMPORT u32_t | object_decrease_reference_count | ( | ) |
eap_core_map_c class increases reference count each time reference to stored object is get. Here is always just one state for one session so no references are used.
EAP_FUNC_IMPORT void | object_increase_reference_count | ( | ) |
eap_core_map_c class increases reference count each time reference to stored object is get. Here is always just one state for one session so no references are used.
EAP_FUNC_IMPORT eap_status_e | packet_data_crypto_keys | ( | const eap_am_network_id_c *const | send_network_id, |
const eap_master_session_key_c *const | master_session_key | |||
) |
const eap_am_network_id_c *const send_network_id | |
const eap_master_session_key_c *const master_session_key |
EAP_FUNC_IMPORT eap_status_e | packet_process | ( | const eap_am_network_id_c *const | receive_network_id, |
eap_general_header_base_c *const | packet_data, | |||
const u32_t | packet_length | |||
) |
2003-10-01 draft-ietf-eap-rfc2284bis-06.txt chapter 2.1 Support for sequences: An EAP conversation MAY utilize a sequence of methods. A common example of this is an Identity request followed by a single EAP authentication method such as an MD5-Challenge. However the peer and authenticator MUST utilize only one authentication method (Type 4 or greater) within an EAP conversation, after which the authenticator MUST send a Success or Failure packet. Once a peer has sent a Response of the same Type as the initial Request, an authenticator MUST NOT send a Request of a different Type prior to completion of the final round of a given method (with the exception of a Notification-Request) and MUST NOT send a Request for an additional method of any Type after completion of the initial authentication method; a peer receiving such Requests MUST treat them as invalid, and silently discard them. As a result, Identity Requery is not supported. A peer MUST NOT send a Nak (legacy or expanded) in reply to a Request, after an initial non-Nak Response has been sent. Since spoofed EAP Request packets may be sent by an attacker, an authenticator receiving an unexpected Nak SHOULD discard it and log the event. Multiple authentication methods within an EAP conversation are not supported due to their vulnerability to man-in-the-middle attacks (see Section 7.4) and incompatibility with existing implementations. }
const eap_am_network_id_c *const receive_network_id | |
eap_general_header_base_c *const packet_data | |
const u32_t packet_length |
EAP_FUNC_IMPORT eap_status_e | packet_process_type | ( | const eap_type_value_e | used_eap_type, |
const eap_am_network_id_c *const | receive_network_id, | |||
eap_general_header_base_c *const | packet_data, | |||
const u32_t | packet_length | |||
) | [private] |
This function processes EAP-packet with known EAP-type.
const eap_type_value_e used_eap_type | |
const eap_am_network_id_c *const receive_network_id | |
eap_general_header_base_c *const packet_data | |
const u32_t packet_length |
EAP_FUNC_IMPORT eap_status_e | packet_send | ( | const eap_am_network_id_c *const | send_network_id, |
eap_buf_chain_wr_c *const | sent_packet, | |||
const u32_t | header_offset, | |||
const u32_t | data_length, | |||
const u32_t | buffer_length | |||
) |
const eap_am_network_id_c *const send_network_id | |
eap_buf_chain_wr_c *const sent_packet | |
const u32_t header_offset | |
const u32_t data_length | |
const u32_t buffer_length |
EAP_FUNC_IMPORT eap_status_e | read_configure | ( | const eap_configuration_field_c *const | field, |
eap_variable_data_c *const | data | |||
) | [virtual] |
const eap_configuration_field_c *const field | |
eap_variable_data_c *const data |
EAP_FUNC_IMPORT eap_status_e | resend_packet | ( | const eap_am_network_id_c *const | send_network_id, |
eap_buf_chain_wr_c *const | sent_packet, | |||
const u32_t | header_offset, | |||
const u32_t | data_length, | |||
const u32_t | buffer_free, | |||
const u32_t | retransmission_counter | |||
) | [private] |
Re-transmission is used to test protocols. This function resends the packet.
const eap_am_network_id_c *const send_network_id | |
eap_buf_chain_wr_c *const sent_packet | |
const u32_t header_offset | |
const u32_t data_length | |
const u32_t buffer_free | |
const u32_t retransmission_counter |
EAP_FUNC_IMPORT eap_status_e | reset | ( | ) |
This function must reset the state of object to same as state was after the configure() function call. If object reset succeeds this function must return eap_status_ok. If object reset fails this function must return corresponding error status.
EAP_FUNC_IMPORT eap_status_e | reset_operation | ( | eap_base_type_c *const | handler, |
abs_eap_am_tools_c *const | m_am_tools | |||
) | [private, static] |
This function calls reset() for one eap_base_type_c object.
eap_base_type_c *const handler | |
abs_eap_am_tools_c *const m_am_tools |
EAP_FUNC_IMPORT eap_status_e | restart_authentication | ( | const eap_am_network_id_c *const | send_network_id, |
const bool | is_client_when_true | |||
) |
const eap_am_network_id_c *const send_network_id | |
const bool is_client_when_true |
EAP_FUNC_IMPORT eap_status_e | send_eap_identity_response | ( | const eap_am_network_id_c *const | send_network_id, |
const eap_variable_data_c *const | identity, | |||
const u8_t | eap_identifier | |||
) | [private] |
This function sends EAP-Response/Identity.
const eap_am_network_id_c *const send_network_id | |
const eap_variable_data_c *const identity | |
const u8_t eap_identifier |
EAP_FUNC_IMPORT eap_status_e | send_eap_nak_response | ( | const eap_am_network_id_c *const | receive_network_id, |
const u8_t | eap_identifier, | |||
const eap_array_c< eap_type_value_e > *const | eap_type_list | |||
) |
The EAP Core calls the send_eap_nak_response() function when EAP-authentication with requested EAP type is not possible.
const eap_am_network_id_c *const receive_network_id | includes the addresses (network identity) and packet type. |
const u8_t eap_identifier | is the EAP-Identifier to be used with EAP-Nak message. |
const eap_array_c< eap_type_value_e > *const eap_type_list |
EAP_FUNC_IMPORT eap_status_e | send_eap_notification_response | ( | const eap_am_network_id_c *const | send_network_id, |
const u8_t | eap_identifier | |||
) | [private] |
This function sends EAP-Response/Notification.
const eap_am_network_id_c *const send_network_id | |
const u8_t eap_identifier |
EAP_FUNC_IMPORT eap_status_e | set_authentication_role | ( | const bool | when_true_set_client | ) |
const bool when_true_set_client |
EAP_FUNC_IMPORT eap_status_e | set_eap_failure_timeout | ( | ) | [private] |
This function initializes timeout for received EAP-Failure.
eap_status_e | set_eap_identity_routing_info_and_nai_decoration | ( | eap_variable_data_c *const | identity | ) | [private] |
eap_variable_data_c *const identity |
EAP_FUNC_IMPORT void | set_marked_removed | ( | ) |
Marks this session removed. Session is removed later if it is not reused.
EAP_FUNC_IMPORT void | set_partner | ( | abs_eap_core_c *const | partner | ) |
The set_partner() function sets pointer to partner class.
abs_eap_core_c *const partner |
EAP_FUNC_IMPORT eap_status_e | set_session_timeout | ( | const u32_t | session_timeout_ms | ) |
const u32_t session_timeout_ms |
EAP_FUNC_IMPORT eap_status_e | set_timer | ( | abs_eap_base_timer_c *const | p_initializer, |
const u32_t | p_id, | |||
void *const | p_data, | |||
const u32_t | p_time_ms | |||
) |
abs_eap_base_timer_c *const p_initializer | |
const u32_t p_id | |
void *const p_data | |
const u32_t p_time_ms |
EAP_FUNC_IMPORT eap_status_e | shutdown_operation | ( | eap_base_type_c *const | value, |
abs_eap_am_tools_c *const | m_am_tools | |||
) | [private, static] |
This function calls shutdown() for one eap_base_type_c object.
eap_base_type_c *const value | |
abs_eap_am_tools_c *const m_am_tools |
EAP_FUNC_IMPORT void | state_notification | ( | const abs_eap_state_notification_c *const | state | ) |
const abs_eap_state_notification_c *const state |
EAP_FUNC_IMPORT eap_status_e | timer_delete_data | ( | const u32_t | id, |
void * | data | |||
) |
const u32_t id | |
void * data |
EAP_FUNC_IMPORT eap_status_e | timer_expired | ( | const u32_t | id, |
void * | data | |||
) |
const u32_t id | |
void * data |
EAP_FUNC_IMPORT void | trace_eap_packet | ( | eap_const_string | prefix, |
const eap_header_wr_c *const | eap_header | |||
) |
eap_const_string prefix | |
const eap_header_wr_c *const eap_header |
EAP_FUNC_IMPORT eap_status_e | unload_module | ( | const eap_type_value_e | type | ) |
const eap_type_value_e type |
EAP_FUNC_IMPORT void | unset_marked_removed | ( | ) |
Marks this session not removed. Session is not removed it is reused.
EAP_FUNC_IMPORT eap_status_e | write_configure | ( | const eap_configuration_field_c *const | field, |
eap_variable_data_c *const | data | |||
) | [virtual] |
const eap_configuration_field_c *const field | |
eap_variable_data_c *const data |
bool | m_client_restart_authentication_initiated | [private] |
eap_type_value_e | m_current_eap_type | [private] |
This stores the current EAP-type. When requested, we send our ID using our default EAP-type. This is our best quess of other peer's EAP-type. Other peer will sent the real EAP-type later and we can NAK it then and send our own EAP-type. This is due the limitations of EAP-protocol.
eap_variable_data_c | m_eap_identity | [private] |
This is the queried EAP-identity. This is saved because other EAP-types may be load afterwards and they may query EAP-identity.
u8_t | m_eap_identity_request_identifier_client | [private] |
Latest received EAP-identifier. Used only for EAP-Request/Identity handling in client. Ensures that the EAP-Response/Identity is sent with the latest EAP-identifier.
bool | m_eap_identity_response_accepted | [private] |
This flag prevents server receiving of multiple EAP-Response/Identity message. This is set true after the server accepts EAP-Response/Identity message.
bool | m_eap_type_response_sent | [private] |
Server received EAP-Response from client. Server must not sent any other EAP-type. Server could send EAP-Failure or EAP-Success. Client sent a response. Client must not accept any other EAP-type.
bool | m_is_client | [private] |
This indicates whether this object is client (true) or server (false). In terms of EAP-protocol whether this network entity is EAP-supplicant (true) or EAP-authenticator (false).
bool | m_is_client_role | [private] |
This indicates whether the authentication role of this object is client (true) or server (false). In terms of EAP-protocol whether this network entitys authentication role is EAP-supplicant (true) or EAP-authenticator (false). NOTE the LEAP type changes authentication role during the authentication session.
bool | m_is_tunneled_eap | [private] |
Tells whether this is tunneled EAP-session. For example inside PEAP or TTLS tunnel. This causes some changes to timeouts.
bool | m_marked_removed | [private] |
This flag indicates that this object is marked to removed asynchronously. The very same object could be taken use before the removing timer elapses.
abs_eap_core_c * | m_partner | [private] |
This is back pointer to object which created this object. Packets are sent to the partner.
eap_core_retransmission_c * | m_retransmission | [private] |
Re-transmission is used to test protocols. This stores the information to resent a message. This is used for testing purposes.
u32_t | m_retransmission_counter | [private] |
Re-transmission is used to test protocols. This is the maximum count of retransmission of one message. This is used for testing purposes.
u32_t | m_retransmission_time | [private] |
Re-transmission is used to test protocols. This is the time after resent a message. This is used for testing purposes.
u32_t | m_session_timeout | [private] |
This is the maximum time authentication could succeed. Authentication is terminated after this time elapses. The EAP-type could change the timeout by calling set_session_timeout() function.
eap_core_map_c< eap_base_type_c, abs_eap_core_map_c, eap_variable_data_c > | m_type_map | [private] |
Copyright ©2010 Nokia Corporation and/or its subsidiary(-ies).
All rights
reserved. Unless otherwise stated, these materials are provided under the terms of the Eclipse Public License
v1.0.