1 /* |
|
2 * Copyright (c) 2001-2006 Nokia Corporation and/or its subsidiary(-ies). |
|
3 * All rights reserved. |
|
4 * This component and the accompanying materials are made available |
|
5 * under the terms of the License "Eclipse Public License v1.0" |
|
6 * which accompanies this distribution, and is available |
|
7 * at the URL "http://www.eclipse.org/legal/epl-v10.html". |
|
8 * |
|
9 * Initial Contributors: |
|
10 * Nokia Corporation - initial contribution. |
|
11 * |
|
12 * Contributors: |
|
13 * |
|
14 * Description: EAP and WLAN authentication protocols. |
|
15 * |
|
16 */ |
|
17 |
|
18 /* |
|
19 * %version: % |
|
20 */ |
|
21 |
|
22 /** |
|
23 * @mainpage EAP Core documentation. |
|
24 * |
|
25 * @section intro Introduction |
|
26 * This is a EAP Core documentation generated by doxygen. |
|
27 * First read <a href="../S60_3_1_EAP_Core.doc">S60_3_1_EAP_Core.doc</a> |
|
28 * file from <a href="..">EAPOL/documentation</a> directory. |
|
29 * Release notes are in file <a href="../../../../../wlan_linux/wlaneapol_linux/release_notes.txt">release_notes.txt</a> |
|
30 * |
|
31 * @section install Installation |
|
32 * Installation instructions are in file <a href="../../../../../wlan_linux/wlaneapol_linux/readme.txt">EAPOL/readme.txt</a>. |
|
33 * |
|
34 * @section classes Most crucial classes |
|
35 * The most crucial classes are dummy_eap_core_c, abs_eap_core_c, |
|
36 * eap_base_type_c and abs_eap_base_type_c. |
|
37 * |
|
38 * Header files are stored to a directory <a href="../../../include">EAPOL/include</a>. |
|
39 * Implementation of dummy_eap_core_c class is in a file <a href="../../../core/eap_core.cpp"> |
|
40 * EAPOL/core/eap_core.cpp</a>. Implementation of eap_base_type_c class is in a file |
|
41 * <a href="../../../common/eap_base_type.cpp">EAPOL/common/eap_base_type.cpp</a>. |
|
42 * |
|
43 * @section eap_types Implemented EAP-types |
|
44 * |
|
45 * @subsection GSMSIM EAP/SIM |
|
46 * EAP/SIM implementation is in a directory |
|
47 * <a href="../../../type/gsmsim">EAPOL/type/gsmsim</a>. |
|
48 * EAP/SIM is specified in draft-haverinen-pppext-eap-sim-xx.txt. |
|
49 * The most current is |
|
50 * <a href="../../type/gsmsim/doc/rfc4186.txt"> |
|
51 * RFC 4186</a>. |
|
52 * IETF drafts and RFC are stored to a directory <a href="../../type/gsmsim/doc"> |
|
53 * EAPOL/type/gsmsim/documentation</a>. |
|
54 * The document |
|
55 * <a href="../../type/gsmsim/doc/GSMSIM.doc">GSMSIM.doc</a> |
|
56 * includes implementation notes of GSMSIM. |
|
57 * |
|
58 * @subsection EAP_AKA EAP/AKA |
|
59 * EAP/AKA implementation is in a directory |
|
60 * <a href="../../../type/aka">EAPOL/type/aka</a>. |
|
61 * EAP/AKA is specified in draft-arkko-pppext-eap-aka-xx.txt. |
|
62 * The most current is |
|
63 * <a href="../../type/aka/doc/rfc4187.txt"> |
|
64 * RFC 4187</a>. |
|
65 * IETF drafts are stored to a directory <a href="../../type/aka/doc"> |
|
66 * EAPOL/type/aka/documentation</a>. |
|
67 * |
|
68 * @subsection EAP_TLS_PEAP EAP/TLS, PEAP and TTLS |
|
69 * Implementation design and architecture of EAP/TLS, PEAP and TTLS is in |
|
70 * <a href="../../type/tls_peap/doc/EAP_TLS_PEAP.doc">EAP_TLS_PEAP.doc</a> |
|
71 * file in <a href="../../type/tls_peap/doc">EAPOL/type/tls_peap/documentation</a> directory. |
|
72 * EAP/TLS and PEAP implementation will be in a directory |
|
73 * <a href="../../../type/tls_peap">EAPOL/type/tls_peap</a>. |
|
74 * TLS is specified in <a href="../../type/tls_peap/doc/rfc2246.txt">rfc2246.txt</a>. |
|
75 * EAP/TLS is specified in <a href="../../type/tls_peap/doc/rfc2716.txt">rfc2716.txt</a>. |
|
76 * PEAPv2 is specified in <a href="../../type/tls_peap/doc/draft-josefsson-pppext-eap-tls-eap-08.txt">draft-josefsson-pppext-eap-tls-eap-08.txt</a>. |
|
77 * PEAPv1 is specified in <a href="../../type/tls_peap/doc/draft-josefsson-pppext-eap-tls-eap-05.txt">draft-josefsson-pppext-eap-tls-eap-05.txt</a>. |
|
78 * Windows XP- PEAPv0 is specified in <a href="../../type/tls_peap/doc/draft-kamath-pppext-peapv0-00.txt">draft-kamath-pppext-peapv0-00.txt</a>. |
|
79 * TTLS is specified in <a href="../../type/tls_peap/doc/draft-ietf-pppext-eap-ttls-04.txt">draft-ietf-pppext-eap-ttls-04.txt</a>. |
|
80 * |
|
81 * @subsection EAP_MsChapv2 EAP/MsChapv2 |
|
82 * EAP/MsChapv2 implementation is in a directory |
|
83 * <a href="../../../type/mschapv2">EAPOL/type/mschapv2</a>. |
|
84 * EAP/MsChapv2 is specified in draft-kamath-pppext-eap-mschapv2-XX.txt, rfc2433.txt and rfc2759.txt. |
|
85 * The most current is |
|
86 * <a href="../../type/mschapv2/doc/draft-kamath-pppext-eap-mschapv2-01.txt"> |
|
87 * EAP/MsChapv2 draft version 2</a>. |
|
88 * See also <a href="../../type/mschapv2/doc/rfc2433.txt">rfc2433.txt</a> |
|
89 * and <a href="../../type/mschapv2/doc/rfc2759.txt">rfc2759.txt</a>. |
|
90 * IETF drafts are stored to a directory <a href="../../type/mschapv2/doc"> |
|
91 * EAPOL/type/mschapv2/doc</a>. |
|
92 * |
|
93 * @subsection EAP_SecurID_GTC EAP/SecurID and GTC |
|
94 * EAP/SecurID implementation is in a directory |
|
95 * <a href="../../../type/securid">EAPOL/type/securid</a>. |
|
96 * EAP/SecurID is specified in draft-josefsson-eap-securid-XX.txt. |
|
97 * The most current is |
|
98 * <a href="../../type/securid/doc/draft-josefsson-eap-securid-01.txt"> |
|
99 * EAP/SecurID draft version 1</a>. |
|
100 * IETF drafts are stored to a directory <a href="../../type/securid/doc"> |
|
101 * EAPOL/type/securid/documentation</a>. |
|
102 * |
|
103 * @subsection EAP_LEAP EAP/LEAP |
|
104 * EAP/LEAP implementation is in a directory |
|
105 * <a href="../../../type/leap">EAPOL/type/leap</a>. |
|
106 * EAP/LEAP documentation is not included here. |
|
107 * |
|
108 * @subsection SAE Experimental Security Association for EAPOL (not used) |
|
109 * SAE implementation is in a directory <a href="../../../../../wlan_testing/wlaneapol_testing/SAE">EAPOL/SAE</a>. |
|
110 * Document defining SAE is <a href="../../../../../wlan_testing/wlaneapol_testing/SAE/documentation/EAPOL_SA.doc">EAPOL_SA.doc</a>. |
|
111 * This is a very experimental test implementation. |
|
112 * Idea is to use Diffie-Hellman to create keys for a anonymous EAPOL tunnel. |
|
113 * Any EAP-type could then run inside the tunnel. |
|
114 * This fixes the problem of current EAPOL over WLAN. |
|
115 * EAP was designed for poin to point environment and EAPOL to non-shared environment. |
|
116 * |
|
117 * NOTE SAE is not used anywhere. |
|
118 * |
|
119 * @section Symbian Symbian Plug-in |
|
120 * EAP Type Plug-in Architecture for Symbian is specified in |
|
121 * <a href="../../am/type/symbian/plugin/doc/eap_plugin_architecture.doc"> |
|
122 * eap_plugin_architecture.doc</a>. |
|
123 * |
|
124 */ |
|
125 |
|
126 |
|
127 #if !defined(_DUMMY_EAP_CORE_H_) |
|
128 #define _DUMMY_EAP_CORE_H_ |
|
129 |
|
130 #include "eap_am_export.h" |
|
131 #include "abs_eap_base_type.h" |
|
132 #include "eap_core_map.h" |
|
133 #include "eap_am_network_id.h" |
|
134 #include "abs_eap_stack_interface.h" |
|
135 #include "eap_configuration_field.h" |
|
136 #include "abs_eap_core_map.h" |
|
137 #include "eap_core.h" |
|
138 |
|
139 class abs_eap_core_c; |
|
140 class abs_eap_am_tools_c; |
|
141 class eap_core_retransmission_c; |
|
142 class eap_base_type_c; |
|
143 class eap_variable_data_c; |
|
144 |
|
145 //-------------------------------------------------------------------------------------------------- |
|
146 |
|
147 /** |
|
148 * @defgroup EAP_Core_config_options Configuration options of EAP Core. |
|
149 * The following configuration options are read through abs_eap_base_type_c::read_configure() function. |
|
150 * @{ |
|
151 */ |
|
152 |
|
153 |
|
154 |
|
155 //-------------------------------------------------------------------------------------------------- |
|
156 |
|
157 |
|
158 |
|
159 /// A eap_core_c class implements the basic functionality of EAP-type. |
|
160 class EAP_EXPORT dummy_eap_core_c |
|
161 : public abs_eap_core_map_c |
|
162 , public abs_eap_base_type_c |
|
163 , public abs_eap_base_timer_c |
|
164 , public abs_eap_stack_interface_c |
|
165 { |
|
166 private: |
|
167 //-------------------------------------------------- |
|
168 |
|
169 /// This is back pointer to object which created this object. |
|
170 /// Packets are sent to the partner. |
|
171 abs_eap_core_c *m_partner; |
|
172 |
|
173 /// This is pointer to the tools class. |
|
174 abs_eap_am_tools_c * const m_am_tools; |
|
175 |
|
176 /// This stores eap_base_type objects using eap_variable_data selector. |
|
177 eap_core_map_c<eap_base_type_c, abs_eap_core_map_c, eap_variable_data_c> m_type_map; |
|
178 |
|
179 /// This stores the current EAP-type. When requested, we send our ID using |
|
180 /// our default EAP-type. This is our best quess of other peer's EAP-type. |
|
181 /// Other peer will sent the real EAP-type later and we can NAK it then |
|
182 /// and send our own EAP-type. This is due the limitations of EAP-protocol. |
|
183 eap_type_value_e m_current_eap_type; |
|
184 |
|
185 /// This is our default EAP-type. |
|
186 eap_type_value_e m_default_eap_type; |
|
187 |
|
188 /// This is the queried EAP-identity. |
|
189 /// This is saved because other EAP-types may be load afterwards |
|
190 /// and they may query EAP-identity. |
|
191 eap_variable_data_c m_eap_identity; |
|
192 |
|
193 /// This is offset in bytes of the EAP-type header. |
|
194 u32_t m_eap_header_offset; |
|
195 |
|
196 /// This is maximum transfer unit in bytes. |
|
197 u32_t m_MTU; |
|
198 |
|
199 /// This is length of the trailer in bytes. |
|
200 u32_t m_trailer_length; |
|
201 |
|
202 /// This is network identity of the received packet. |
|
203 eap_am_network_id_c m_receive_network_id; |
|
204 |
|
205 /// Re-transmission is used to test protocols. |
|
206 /// This stores the information to resent a message. This is used for testing purposes. |
|
207 eap_core_retransmission_c *m_retransmission; |
|
208 |
|
209 /// Re-transmission is used to test protocols. |
|
210 /// This is the time after resent a message. This is used for testing purposes. |
|
211 u32_t m_retransmission_time; |
|
212 |
|
213 /// Re-transmission is used to test protocols. |
|
214 /// This is the maximum count of retransmission of one message. This is used for testing purposes. |
|
215 u32_t m_retransmission_counter; |
|
216 |
|
217 /// This is the maximum time authentication could succeed. |
|
218 /// Authentication is terminated after this time elapses. |
|
219 /// The EAP-type could change the timeout by calling set_session_timeout() function. |
|
220 u32_t m_session_timeout; |
|
221 |
|
222 u32_t m_eap_core_failure_received_timeout; |
|
223 |
|
224 u32_t m_remove_session_timeout; |
|
225 |
|
226 #if defined(USE_EAP_CORE_WAIT_REQUEST_TYPE_TIMER) |
|
227 u32_t m_wait_eap_request_type_timeout; |
|
228 bool m_wait_eap_request_type_timeout_set; |
|
229 #endif //#if defined(USE_EAP_CORE_WAIT_REQUEST_TYPE_TIMER) |
|
230 |
|
231 /// Latest received EAP-identifier. Used only for EAP-Request/Identity handling in client. |
|
232 /// Ensures that the EAP-Response/Identity is sent with the latest EAP-identifier. |
|
233 u8_t m_eap_identity_request_identifier_client; |
|
234 |
|
235 /// This indicates whether this object is client (true) or server (false). |
|
236 /// In terms of EAP-protocol whether this network entity is EAP-supplicant (true) or EAP-authenticator (false). |
|
237 bool m_is_client; |
|
238 |
|
239 /// This indicates whether the authentication role of this object is client (true) or server (false). |
|
240 /// In terms of EAP-protocol whether this network entitys authentication role is EAP-supplicant (true) or EAP-authenticator (false). |
|
241 /// NOTE the LEAP type changes authentication role during the authentication session. |
|
242 bool m_is_client_role; |
|
243 |
|
244 /// This indicates whether this object was generated successfully. |
|
245 bool m_is_valid; |
|
246 |
|
247 /// Client has initiated restart. |
|
248 bool m_client_restart_authentication_initiated; |
|
249 |
|
250 /// This flag indicates that this object is marked to removed asynchronously. |
|
251 /// The very same object could be taken use before the removing timer elapses. |
|
252 bool m_marked_removed; |
|
253 |
|
254 /// This flag prevents server receiving of multiple EAP-Response/Identity message. |
|
255 /// This is set true after the server accepts EAP-Response/Identity message. |
|
256 bool m_eap_identity_response_accepted; |
|
257 |
|
258 /// Function shutdown() is called already. |
|
259 bool m_shutdown_was_called; |
|
260 |
|
261 /// Server received EAP-Response from client. Server must not sent any other EAP-type. Server could send EAP-Failure or EAP-Success. |
|
262 /// Client sent a response. Client must not accept any other EAP-type. |
|
263 bool m_eap_type_response_sent; |
|
264 |
|
265 /// Tells whether this is tunneled EAP-session. For example inside PEAP or TTLS tunnel. |
|
266 /// This causes some changes to timeouts. |
|
267 bool m_is_tunneled_eap; |
|
268 |
|
269 #if defined(USE_EAP_CORE_SERVER) |
|
270 /// If this flag is true EAP-Response/Nak is processed immediately. |
|
271 /// If this flag is false EAP-Response/Nak is processed after a timeout. |
|
272 /// There might be received more suitable EAP-Response. |
|
273 bool m_process_eap_nak_immediately; |
|
274 |
|
275 /// EAP-Response/Nak is initiated. |
|
276 bool m_nak_process_timer_active; |
|
277 |
|
278 /// This flag prevents server sending of multiple EAP-Request/Identity message. |
|
279 bool m_eap_identity_request_send; |
|
280 |
|
281 /// This is set true after the server receives EAP-Response/Identity message. |
|
282 bool m_eap_identity_response_received; |
|
283 |
|
284 /// This flag is set true after a EAP-Failure is sent. |
|
285 bool m_eap_failure_sent; |
|
286 |
|
287 /// This flag selects whether EAP-Success is send after state notification is forwarded to lower layer (true) |
|
288 /// or EAP-Success is send before state notification is forwarded to lower layer (false). |
|
289 bool m_send_eap_success_after_notification; |
|
290 |
|
291 #if defined(USE_EAP_CORE_WAIT_REQUEST_TYPE_TIMER) |
|
292 // This flag selects whether EAP-Request/Identity is send (true) or not (false). |
|
293 bool m_skip_eap_request_identity; |
|
294 #endif //#if defined(USE_EAP_CORE_WAIT_REQUEST_TYPE_TIMER) |
|
295 #endif //#if defined(USE_EAP_CORE_SERVER) |
|
296 |
|
297 bool m_use_eap_expanded_type; |
|
298 |
|
299 /// Some of the protocols terminates with EAP-Failure. This flag tells to ignore EAP-Failure. |
|
300 bool m_ignore_eap_failure; |
|
301 |
|
302 bool m_ignore_notifications; |
|
303 |
|
304 // - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - |
|
305 |
|
306 /** |
|
307 * Re-transmission is used to test protocols. |
|
308 * This function resends the packet. |
|
309 */ |
|
310 EAP_FUNC_IMPORT eap_status_e resend_packet( |
|
311 const eap_am_network_id_c * const send_network_id, |
|
312 eap_buf_chain_wr_c * const sent_packet, |
|
313 const u32_t header_offset, |
|
314 const u32_t data_length, |
|
315 const u32_t buffer_free, |
|
316 const u32_t retransmission_counter |
|
317 ); |
|
318 |
|
319 /** |
|
320 * Re-transmission is used to test protocols. |
|
321 * This function cancels retransmissions. |
|
322 */ |
|
323 EAP_FUNC_IMPORT eap_status_e cancel_retransmission(); |
|
324 |
|
325 /** |
|
326 * Re-transmission is used to test protocols. |
|
327 * This function inits retransmission of sent packet. |
|
328 */ |
|
329 EAP_FUNC_IMPORT eap_status_e init_retransmission( |
|
330 const eap_am_network_id_c * const send_network_id, |
|
331 eap_buf_chain_wr_c * const sent_packet, |
|
332 const u32_t header_offset, |
|
333 const u32_t data_length, |
|
334 const eap_code_value_e eap_code, |
|
335 const u8_t eap_identifier, |
|
336 const eap_type_value_e eap_type |
|
337 ); |
|
338 |
|
339 /** |
|
340 * This function cancels previous session timeout and initializes new timeout for the session. |
|
341 */ |
|
342 EAP_FUNC_IMPORT eap_status_e initialize_session_timeout( |
|
343 const u32_t session_timeout_ms); |
|
344 |
|
345 /** |
|
346 * This function cancels timeout for a session. |
|
347 */ |
|
348 EAP_FUNC_IMPORT eap_status_e cancel_session_timeout(); |
|
349 |
|
350 /** |
|
351 * This function calls shutdown() for one eap_base_type_c object. |
|
352 */ |
|
353 EAP_FUNC_IMPORT static eap_status_e shutdown_operation( |
|
354 eap_base_type_c * const value, |
|
355 abs_eap_am_tools_c * const m_am_tools); |
|
356 |
|
357 /** |
|
358 * This function calls reset() for one eap_base_type_c object. |
|
359 */ |
|
360 EAP_FUNC_IMPORT static eap_status_e reset_operation( |
|
361 eap_base_type_c * const handler, |
|
362 abs_eap_am_tools_c * const m_am_tools); |
|
363 |
|
364 EAP_FUNC_IMPORT eap_status_e client_proposes_eap_types( |
|
365 const eap_am_network_id_c * const receive_network_id, |
|
366 const u8_t eap_identifier); |
|
367 |
|
368 /** |
|
369 * This function processes EAP-packet with known EAP-type. |
|
370 */ |
|
371 EAP_FUNC_IMPORT eap_status_e packet_process_type( |
|
372 const eap_type_value_e used_eap_type, |
|
373 const eap_am_network_id_c * const receive_network_id, |
|
374 eap_general_header_base_c * const packet_data, |
|
375 const u32_t packet_length); |
|
376 |
|
377 #if defined(USE_EAP_CORE_SERVER) |
|
378 /** |
|
379 * This function re-starts authentication with new EAP-type. |
|
380 * Only server calls this function. |
|
381 */ |
|
382 EAP_FUNC_IMPORT eap_status_e restart_with_new_type( |
|
383 const eap_type_value_e used_eap_type, |
|
384 const eap_am_network_id_c * const receive_network_id, |
|
385 const u8_t eap_identifier); |
|
386 #endif //#if defined(USE_EAP_CORE_SERVER) |
|
387 |
|
388 #if defined(USE_EAP_CORE_SERVER) |
|
389 EAP_FUNC_IMPORT eap_status_e handle_eap_identity_response( |
|
390 eap_base_type_c * const handler, |
|
391 const eap_type_value_e used_eap_type, |
|
392 const eap_am_network_id_c * const receive_network_id, |
|
393 eap_header_wr_c * const eap, |
|
394 const u32_t packet_length); |
|
395 #endif //#if defined(USE_EAP_CORE_SERVER) |
|
396 |
|
397 /** |
|
398 * This function handles EAP-Request/Identity. |
|
399 */ |
|
400 EAP_FUNC_IMPORT eap_status_e handle_eap_identity_request( |
|
401 const eap_type_value_e used_eap_type, |
|
402 const u8_t eap_identifier, |
|
403 const eap_am_network_id_c * const receive_network_id); |
|
404 |
|
405 /** |
|
406 * This function creates EAP-Response/Identity. |
|
407 */ |
|
408 EAP_FUNC_IMPORT eap_status_e create_eap_identity_response( |
|
409 eap_buf_chain_wr_c * const response_packet, |
|
410 const eap_variable_data_c * const identity, |
|
411 const u8_t eap_identifier |
|
412 ); |
|
413 |
|
414 /** |
|
415 * This function sends EAP-Response/Identity. |
|
416 */ |
|
417 EAP_FUNC_IMPORT eap_status_e send_eap_identity_response( |
|
418 const eap_am_network_id_c * const send_network_id, |
|
419 const eap_variable_data_c * const identity, |
|
420 const u8_t eap_identifier); |
|
421 |
|
422 /** |
|
423 * This function sends EAP-Response/Notification. |
|
424 */ |
|
425 EAP_FUNC_IMPORT eap_status_e send_eap_notification_response( |
|
426 const eap_am_network_id_c * const send_network_id, |
|
427 const u8_t eap_identifier); |
|
428 |
|
429 /** |
|
430 * This function initializes timeout for received EAP-Failure. |
|
431 */ |
|
432 EAP_FUNC_IMPORT eap_status_e set_eap_failure_timeout(); |
|
433 |
|
434 /** |
|
435 * This function cancels timeout for received EAP-Failure. |
|
436 */ |
|
437 EAP_FUNC_IMPORT eap_status_e cancel_eap_failure_timeout(); |
|
438 |
|
439 #if defined(USE_EAP_CORE_WAIT_REQUEST_TYPE_TIMER) |
|
440 eap_status_e set_wait_eap_request_type_timeout(); |
|
441 |
|
442 eap_status_e cancel_wait_eap_request_type_timeout(); |
|
443 #endif //#if defined(USE_EAP_CORE_WAIT_REQUEST_TYPE_TIMER) |
|
444 |
|
445 EAP_FUNC_IMPORT eap_status_e asynchronous_init_remove_eap_session(); |
|
446 |
|
447 EAP_FUNC_IMPORT eap_status_e initialize_asynchronous_init_remove_eap_session( |
|
448 const u32_t remove_session_timeout); |
|
449 |
|
450 EAP_FUNC_IMPORT eap_status_e cancel_asynchronous_init_remove_eap_session(); |
|
451 |
|
452 eap_status_e init_end_of_session( |
|
453 const abs_eap_state_notification_c * const state); |
|
454 |
|
455 eap_status_e set_eap_identity_routing_info_and_nai_decoration( |
|
456 eap_variable_data_c * const identity); |
|
457 |
|
458 //-------------------------------------------------- |
|
459 protected: |
|
460 //-------------------------------------------------- |
|
461 |
|
462 //-------------------------------------------------- |
|
463 public: |
|
464 //-------------------------------------------------- |
|
465 |
|
466 /** |
|
467 * The destructor of the eap_core class does nothing special. |
|
468 */ |
|
469 EAP_FUNC_IMPORT virtual ~dummy_eap_core_c(); |
|
470 |
|
471 /** |
|
472 * The constructor initializes member attributes using parameters passed to it. |
|
473 * @param tools is pointer to the tools class. @see abs_eap_am_tools_c. |
|
474 * @param partner is back pointer to object which created this object. |
|
475 * @param is_client_when_true indicates whether the network entity should act |
|
476 * @param is_tunneled_eap tells the EAP is run in tunnel (PEAP or other). |
|
477 * as a client (true) or server (false), in terms of EAP-protocol |
|
478 * whether this network entity is EAP-supplicant (true) or EAP-authenticator (false). |
|
479 */ |
|
480 EAP_FUNC_IMPORT dummy_eap_core_c( |
|
481 abs_eap_am_tools_c * const tools, |
|
482 abs_eap_core_c * const partner, |
|
483 const bool is_client_when_true, |
|
484 const eap_am_network_id_c * const receive_network_id, |
|
485 const bool is_tunneled_eap); |
|
486 |
|
487 /** |
|
488 * The load_type() function function indicates the lower level to load |
|
489 * new module including EAP-type. The type parameter is the requested EAP-type. |
|
490 * @param type is the identifier of the required EAP type. |
|
491 * @return Function returns pointer to the EAP type object. |
|
492 */ |
|
493 EAP_FUNC_IMPORT eap_base_type_c * load_type( |
|
494 const eap_type_value_e type, |
|
495 const eap_type_value_e tunneling_type, |
|
496 const eap_am_network_id_c * const receive_network_id); |
|
497 |
|
498 EAP_FUNC_IMPORT void trace_eap_packet( |
|
499 eap_const_string prefix, |
|
500 const eap_header_wr_c * const eap_header); |
|
501 |
|
502 // This is documented in abs_eap_stack_interface_c::packet_process(). |
|
503 EAP_FUNC_IMPORT eap_status_e packet_process( |
|
504 const eap_am_network_id_c * const receive_network_id, |
|
505 eap_general_header_base_c * const packet_data, |
|
506 const u32_t packet_length); |
|
507 |
|
508 // This is documented in abs_eap_base_type_c::packet_send(). |
|
509 EAP_FUNC_IMPORT eap_status_e packet_send( |
|
510 const eap_am_network_id_c * const send_network_id, |
|
511 eap_buf_chain_wr_c * const sent_packet, |
|
512 const u32_t header_offset, |
|
513 const u32_t data_length, |
|
514 const u32_t buffer_length); |
|
515 |
|
516 /** |
|
517 * The get_partner() function returns pointer to partner class. |
|
518 */ |
|
519 EAP_FUNC_IMPORT abs_eap_core_c * get_partner(); |
|
520 |
|
521 /** |
|
522 * The set_partner() function sets pointer to partner class. |
|
523 */ |
|
524 EAP_FUNC_IMPORT void set_partner(abs_eap_core_c * const partner); |
|
525 |
|
526 // This is documented in abs_eap_base_type_c::get_header_offset(). |
|
527 EAP_FUNC_IMPORT u32_t get_header_offset( |
|
528 u32_t * const MTU, |
|
529 u32_t * const trailer_length); |
|
530 |
|
531 // This is documented in abs_eap_base_type_c::load_module(). |
|
532 EAP_FUNC_IMPORT eap_status_e load_module( |
|
533 const eap_type_value_e type, |
|
534 const eap_type_value_e /* tunneling_type */, |
|
535 abs_eap_base_type_c * const partner, |
|
536 eap_base_type_c ** const eap_type, |
|
537 const bool is_client_when_true, |
|
538 const eap_am_network_id_c * const receive_network_id); |
|
539 |
|
540 // This is documented in abs_eap_base_type_c::unload_module(). |
|
541 EAP_FUNC_IMPORT eap_status_e unload_module( |
|
542 const eap_type_value_e type); |
|
543 |
|
544 /** |
|
545 * The adaptation module calls the eap_acknowledge() function after |
|
546 * any Network Protocol packet is received. This is used as a success indication. |
|
547 * This is described in RFC 2284 "PPP Extensible Authentication Protocol (EAP)". |
|
548 * Mostly there is only one session in the client. |
|
549 * The server does not need eap_acknowledge() function because |
|
550 * server (EAP-authenticator) sends the EAP-success message. |
|
551 */ |
|
552 EAP_FUNC_IMPORT eap_status_e eap_acknowledge( |
|
553 const eap_am_network_id_c * const receive_network_id); |
|
554 |
|
555 // This is documented in abs_eap_base_type_c::restart_authentication(). |
|
556 EAP_FUNC_IMPORT eap_status_e restart_authentication( |
|
557 const eap_am_network_id_c * const send_network_id, |
|
558 const bool is_client_when_true); |
|
559 |
|
560 /** |
|
561 * The EAP Core calls the send_eap_nak_response() function |
|
562 * when EAP-authentication with requested EAP type is not possible. |
|
563 * @param receive_network_id includes the addresses (network identity) and packet type. |
|
564 * @param eap_identifier is the EAP-Identifier to be used with EAP-Nak message. |
|
565 * @param preferred_eap_type is the acceptable EAP-Type to be informed with an other peer. |
|
566 */ |
|
567 EAP_FUNC_IMPORT eap_status_e send_eap_nak_response( |
|
568 const eap_am_network_id_c * const receive_network_id, |
|
569 const u8_t eap_identifier, |
|
570 const eap_array_c<eap_type_value_e> * const eap_type_list); |
|
571 |
|
572 |
|
573 #if defined(USE_EAP_CORE_SERVER) |
|
574 |
|
575 /** |
|
576 * The EAP Core calls the send_eap_identity_request() function |
|
577 * when EAP-authentication is needed with another peer. |
|
578 * @param network_id includes the addresses (network identity) and packet type. |
|
579 */ |
|
580 EAP_FUNC_IMPORT eap_status_e send_eap_identity_request( |
|
581 const eap_am_network_id_c * const network_id); |
|
582 |
|
583 /** |
|
584 * This function sends EAP-Success. |
|
585 */ |
|
586 EAP_FUNC_IMPORT eap_status_e send_eap_success( |
|
587 const eap_am_network_id_c * const send_network_id, |
|
588 const u8_t eap_identifier); |
|
589 |
|
590 /** |
|
591 * This function sends EAP-Failure. |
|
592 */ |
|
593 EAP_FUNC_IMPORT eap_status_e send_eap_failure( |
|
594 const eap_am_network_id_c * const send_network_id, |
|
595 const u8_t eap_identifier); |
|
596 |
|
597 #endif //#if defined(USE_EAP_CORE_SERVER) |
|
598 |
|
599 |
|
600 // This is documented in abs_eap_base_type_c::packet_data_crypto_keys(). |
|
601 EAP_FUNC_IMPORT eap_status_e packet_data_crypto_keys( |
|
602 const eap_am_network_id_c * const send_network_id, |
|
603 const eap_master_session_key_c * const master_session_key |
|
604 ); |
|
605 |
|
606 // This is documented in abs_eap_stack_interface_c::configure(). |
|
607 EAP_FUNC_IMPORT eap_status_e configure(); |
|
608 |
|
609 // This is documented in abs_eap_stack_interface_c::shutdown(). |
|
610 EAP_FUNC_IMPORT eap_status_e shutdown(); |
|
611 |
|
612 // This is documented in abs_eap_base_type_c::read_configure(). |
|
613 EAP_FUNC_IMPORT virtual eap_status_e read_configure( |
|
614 const eap_configuration_field_c * const field, |
|
615 eap_variable_data_c * const data); |
|
616 |
|
617 // This is documented in abs_eap_base_type_c::write_configure(). |
|
618 EAP_FUNC_IMPORT virtual eap_status_e write_configure( |
|
619 const eap_configuration_field_c * const field, |
|
620 eap_variable_data_c * const data); |
|
621 |
|
622 // This is documented in abs_eap_stack_interface_c::set_is_valid(). |
|
623 EAP_FUNC_IMPORT void set_is_valid(); |
|
624 |
|
625 // This is documented in abs_eap_stack_interface_c::get_is_valid(). |
|
626 EAP_FUNC_IMPORT bool get_is_valid(); |
|
627 |
|
628 // This is documented in abs_eap_base_type_c::state_notification(). |
|
629 EAP_FUNC_IMPORT void state_notification( |
|
630 const abs_eap_state_notification_c * const state); |
|
631 |
|
632 // See abs_eap_base_timer_c::timer_expired(). |
|
633 EAP_FUNC_IMPORT eap_status_e timer_expired( |
|
634 const u32_t id, void *data); |
|
635 |
|
636 // See abs_eap_base_timer_c::timer_delete_data(). |
|
637 EAP_FUNC_IMPORT eap_status_e timer_delete_data( |
|
638 const u32_t id, void *data); |
|
639 |
|
640 /** |
|
641 * eap_core_map_c class increases reference count each time reference to stored object is get. |
|
642 * Here is always just one state for one session so no references are used. |
|
643 */ |
|
644 EAP_FUNC_IMPORT void object_increase_reference_count(); |
|
645 |
|
646 /** |
|
647 * eap_core_map_c class increases reference count each time reference to stored object is get. |
|
648 * Here is always just one state for one session so no references are used. |
|
649 */ |
|
650 EAP_FUNC_IMPORT u32_t object_decrease_reference_count(); |
|
651 |
|
652 /** |
|
653 * @{ Add configuration of accepted EAP-types. } |
|
654 */ |
|
655 // This is documented in abs_eap_base_type_c::check_is_valid_eap_type(). |
|
656 EAP_FUNC_IMPORT eap_status_e check_is_valid_eap_type(const eap_type_value_e eap_type); |
|
657 |
|
658 // This is commented in abs_eap_base_type_c::get_eap_type_list(). |
|
659 EAP_FUNC_IMPORT eap_status_e get_eap_type_list( |
|
660 eap_array_c<eap_type_value_e> * const eap_type_list); |
|
661 |
|
662 /** |
|
663 * Gets flag whether this session is marked removed. |
|
664 * Session is removed later if it is not reused. |
|
665 */ |
|
666 EAP_FUNC_IMPORT bool get_marked_removed(); |
|
667 |
|
668 /** |
|
669 * Marks this session removed. |
|
670 * Session is removed later if it is not reused. |
|
671 */ |
|
672 EAP_FUNC_IMPORT void set_marked_removed(); |
|
673 |
|
674 /** |
|
675 * Marks this session not removed. |
|
676 * Session is not removed it is reused. |
|
677 */ |
|
678 EAP_FUNC_IMPORT void unset_marked_removed(); |
|
679 |
|
680 /** |
|
681 * Prevents all notifications. |
|
682 */ |
|
683 EAP_FUNC_IMPORT void ignore_notifications(); |
|
684 |
|
685 /** |
|
686 * This function must reset the state of object to same as |
|
687 * state was after the configure() function call. |
|
688 * If object reset succeeds this function must return eap_status_ok. |
|
689 * If object reset fails this function must return corresponding error status. |
|
690 * @return This function returns the status of reset operation. |
|
691 */ |
|
692 EAP_FUNC_IMPORT eap_status_e reset(); |
|
693 |
|
694 // This is documented in abs_eap_base_type_c::complete_eap_identity_query(). |
|
695 EAP_FUNC_IMPORT eap_status_e complete_eap_identity_query( |
|
696 const eap_am_network_id_c * const send_network_id, |
|
697 const eap_variable_data_c * const identity, |
|
698 const u8_t eap_identifier); |
|
699 |
|
700 // This is documented in abs_eap_base_type_c::get_saved_eap_identity(). |
|
701 EAP_FUNC_IMPORT eap_status_e get_saved_eap_identity(eap_variable_data_c * const identity); |
|
702 |
|
703 // This is documented in abs_eap_base_type_c::set_session_timeout(). |
|
704 EAP_FUNC_IMPORT eap_status_e set_session_timeout( |
|
705 const u32_t session_timeout_ms); |
|
706 |
|
707 // This is documented in abs_eap_base_type_c::set_timer(). |
|
708 EAP_FUNC_IMPORT eap_status_e set_timer( |
|
709 abs_eap_base_timer_c * const p_initializer, |
|
710 const u32_t p_id, |
|
711 void * const p_data, |
|
712 const u32_t p_time_ms); |
|
713 |
|
714 // This is documented in abs_eap_base_type_c::cancel_timer(). |
|
715 EAP_FUNC_IMPORT eap_status_e cancel_timer( |
|
716 abs_eap_base_timer_c * const p_initializer, |
|
717 const u32_t p_id); |
|
718 |
|
719 // This is documented in abs_eap_base_type_c::set_authentication_role(). |
|
720 EAP_FUNC_IMPORT eap_status_e set_authentication_role(const bool when_true_set_client); |
|
721 |
|
722 // This is documented in abs_eap_base_type_c::add_rogue_ap(). |
|
723 EAP_FUNC_IMPORT eap_status_e add_rogue_ap(eap_array_c<eap_rogue_ap_entry_c> & rogue_ap_list); |
|
724 |
|
725 // This is documented in abs_eap_base_type_c::get_is_tunneled(). |
|
726 EAP_FUNC_IMPORT bool get_is_tunneled_eap() const; |
|
727 |
|
728 //-------------------------------------------------- |
|
729 }; // class dummy_eap_core_c |
|
730 |
|
731 |
|
732 #endif //#if !defined(_DUMMY_EAP_CORE_H_) |
|
733 |
|
734 //-------------------------------------------------- |
|
735 |
|
736 |
|
737 |
|
738 // End. |
|