--- /dev/null
+/*
+ * eap-tls.h
+ *
+ * Copyright (c) Beniamino Galvani 2005 All rights reserved.
+ * Jan Just Keijser 2006-2019 All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. The name(s) of the authors of this software must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission.
+ *
+ * THE AUTHORS OF THIS SOFTWARE DISCLAIM ALL WARRANTIES WITH REGARD TO
+ * THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
+ * AND FITNESS, IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY
+ * SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN
+ * AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
+ * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ *
+ */
+
+#ifndef __EAP_TLS_H__
+#define __EAP_TLS_H__
+
+#include "eap.h"
+
+#include <openssl/ssl.h>
+#include <openssl/bio.h>
+
+#define EAP_TLS_FLAGS_LI 128 /* length included flag */
+#define EAP_TLS_FLAGS_MF 64 /* more fragments flag */
+#define EAP_TLS_FLAGS_START 32 /* start flag */
+
+#define EAP_TLS_MAX_LEN 65536 /* max eap tls packet size */
+
+struct eaptls_session
+{
+ u_char *data; /* buffered data */
+ int datalen; /* buffered data len */
+ int offset; /* from where to send */
+ int tlslen; /* total length of tls data */
+ bool frag; /* packet is fragmented */
+ bool tls_v13; /* whether we've negotiated TLSv1.3 */
+ SSL_CTX *ctx;
+ SSL *ssl; /* ssl connection */
+ BIO *from_ssl;
+ BIO *into_ssl;
+ char peer[MAXWORDLEN]; /* peer name */
+ char peercertfile[MAXWORDLEN];
+ bool alert_sent;
+ u_char alert_sent_desc;
+ bool alert_recv;
+ u_char alert_recv_desc;
+ char rtx[EAP_TLS_MAX_LEN]; /* retransmission buffer */
+ int rtx_len;
+ int mtu; /* unit mtu */
+};
+
+
+SSL_CTX *eaptls_init_ssl(int init_server, char *cacertfile, char *capath,
+ char *certfile, char *peer_certfile, char *privkeyfile);
+int eaptls_init_ssl_server(eap_state * esp);
+int eaptls_init_ssl_client(eap_state * esp);
+void eaptls_free_session(struct eaptls_session *ets);
+
+int eaptls_is_init_finished(struct eaptls_session *ets);
+
+int eaptls_receive(struct eaptls_session *ets, u_char * inp, int len);
+int eaptls_send(struct eaptls_session *ets, u_char ** outp);
+void eaptls_retransmit(struct eaptls_session *ets, u_char ** outp);
+
+int get_eaptls_secret(int unit, char *client, char *server,
+ char *clicertfile, char *servcertfile, char *cacertfile,
+ char *capath, char *pkfile, int am_server);
+
+#ifdef MPPE
+#include "mppe.h" /* MPPE_MAX_KEY_LEN */
+extern u_char mppe_send_key[MPPE_MAX_KEY_LEN];
+extern u_char mppe_recv_key[MPPE_MAX_KEY_LEN];
+extern int mppe_keys_set;
+
+void eaptls_gen_mppe_keys(struct eaptls_session *ets, int client);
+#endif
+
+#endif