eaptls.h

linux下可以用来通过802.1x认证

/**
 * A client-side 802.1x implementation supporting EAP/TLS
 *
 * This code is released under both the GPL version 2 and BSD licenses.
 * Either license may be used.  The respective licenses are found below.
 *
 * Copyright (C) 2002 Bryan D. Payne & Nick L. Petroni Jr.
 * All Rights Reserved
 *
 * --- GPL Version 2 License ---
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License
 * as published by the Free Software Foundation; either version 2
 * of the License, or (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
 *
 * --- BSD License ---
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions are met:
 *
 *  - Redistributions of source code must retain the above copyright notice,
 *    this list of conditions and the following disclaimer.
 *  - Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 *  - All advertising materials mentioning features or use of this software
 *    must display the following acknowledgement:
 *       This product includes software developed by the University of
 *       Maryland at College Park and its contributors.
 *  - Neither the name of the University nor the names of its contributors
 *    may be used to endorse or promote products derived from this software
 *    without specific prior written permission.
 *
 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
 * POSSIBILITY OF SUCH DAMAGE.
 */

/*******************************************************************
 * EAPTLS Header 
 * 
 * File: eaptls.h
 *
 * Authors: bdpayne@cs.umd.edu, npetroni@cs.umd.edu
 *
 * $Id: eaptls.h,v 1.5 2003/03/10 23:35:45 chessing Exp $
 * $Date: 2003/03/10 23:35:45 $
 * $Log: eaptls.h,v $
 * Revision 1.5  2003/03/10 23:35:45  chessing
 * Patches to try to get TLS working with RADIUS servers other than FreeRADIUS.
 *
 * Revision 1.4  2003/03/05 21:18:46  npetroni
 * migration to libdnet. Please notify developers of build problems AFTER doing a cvs update.
 *
 * Revision 1.3  2003/01/14 23:52:07  chessing
 * More work on the TLS code.  It should be mostly stable now.  There is a problem if get_pass("") in eaptls_auth_challenge is called twice.
 *
 * Revision 1.2  2003/01/14 19:12:54  chessing
 * TLS code now uses OpenSSL!  Cleaned out some of the no longer needed stuff from the TLS code.  Still needs more work on error checking.
 *
 * Revision 1.1  2003/01/02 19:35:47  chessing
 * Add some files that were missed in the last import..
 *
 * Revision 1.7  2002/10/30 01:11:27  chris
 * More TLS fixes...
 *
 * Revision 1.6  2002/10/24 21:37:43  chris
 * MD5 and TLS fixes...  TLS *should* work...
 *
 * Revision 1.5  2002/10/24 03:49:41  chris
 * MD5/TLS updates.. Fixed -a option from the command line.
 *
 * Revision 1.4  2002/10/21 21:04:37  terry
 * Encapsulation of one_x_globals
 *
 * Revision 1.3  2002/10/21 20:51:28  chris
 * Broke TLS, fixed MD5, fixed MD5/TLS Response bug.  TLS now gets as far as
 * it did in the original attempts, however, I am fairly sure that some of the
 * pointers are messed...
 *
 * Revision 1.2  2002/10/17 20:14:33  chris
 * Wireless support is back in...  More cleanups...
 *
 * Revision 1.1.1.1  2002/10/15 17:38:30  chris
 * Import of new codebase
 *
 * Revision 1.3  2002/10/03 21:05:51  chris
 * Moved globals to a structure, working toward state machine overhaul
 *
 * Revision 1.2  2002/10/03 18:21:07  chris
 * testme
 *
 * Revision 1.2  2002/08/30 13:56:32  bdpayne
 * removed cvs logging information from old server (i.e., before
 * the transition to sourceforge.net)
 *
 * Revision 1.1.1.1  2002/08/30 13:44:50  bdpayne
 * initial import of xsupplicant code tree
 *
 *******************************************************************/
/***
 *** Specifics for EAPTLS can be found in 
 *** IETF 2716
 ***/

#ifndef EAPTLS_H
#define EAPTLS_H
#include <sys/types.h>

/*********** MACRO DEFINITIONS ******************/
#define EAP_TYPE_TLS 0x0d   /* the EAP type of EAPTLS */
#define EAP_NAME_TLS "TLS"

#define EAPTLS_LENGTH_INCL 0x80
#define EAPTLS_MORE_FRAGS 0x40
#define EAPTLS_START 0x20
#define EAPTLS_LENGTH_MORE 0xc0

#define EAPTLS_MAX_SIZE 1398

#define l2n(l,c)        (*((c)++)=(unsigned char)(((l)>>24)&0xff), \
                         *((c)++)=(unsigned char)(((l)>>16)&0xff), \
		         *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
		         *((c)++)=(unsigned char)(((l)    )&0xff))

#define n2l(c,l)        (l =((unsigned long)(*((c)++)))<<24, \
                         l|=((unsigned long)(*((c)++)))<<16, \
		         l|=((unsigned long)(*((c)++)))<< 8, \
		         l|=((unsigned long)(*((c)++))))

#define s2n(s,c)        (*((c)++)=(unsigned char)(((s)>> 8)&0xff), \
		         *((c)++)=(unsigned char)(((s)    )&0xff))

#define n2s(c,s)        (s =((unsigned short)(*((c)++)))<< 8, \
		         s|=((unsigned short)(*((c)++))))
/*********** STRUCTURE DEFINITIONS **************/

/*********** FUNCTION PROTOTYPES ****************/

/**
 * Initialize Function for EAPOL package 
 */
int init_eaptls(char *, char *);

//Clean up after ourselves.
int
eaptls_shutdown();

/**
 * Function to handle packets and manage state machine
 * for EAPTLS
 *
 * return -1 if fails
 *         0 otherwise
 */
int
eaptls_decode_packet(u_char *, /* The incoming eaptls packet */
		     int,      /* it's total length */
		     u_char *, /* The outgoing eaptls packet (if is one) */
		     int *    /* The length of that packet */
		     );

/**
 * Pump the data through OpenSSL.
 */
int eaptls_parse_data(u_char *,     /* Incoming SSL data */
		      int           /* Size of the data */
		      );

/**
 * Return hunks of data back to the server.
 */
int eaptls_return_data(u_char *,    /* Data to send out */
		       int *        /* Size of data to send out */
		       );

/**
 * Preparse TLS for a new handshake (the necessary setup before each)
 */
int eaptls_reset();

/**
 * blah
 */
int
eaptls_build_ack(u_char *out,
                 int *out_size
                 );

/**
 * blah
 */
int
eaptls_add_message(u_char *buf,
                   unsigned long length
		   );

/**
 * Request the password for the certificate.
 */
int
eaptls_auth_challenge();

#endif /* _EAPTLS_H_ */

/*** EOF ***/