X-Git-Url: https://git.ozlabs.org/?a=blobdiff_plain;f=pppd%2Feap.h;h=fbc72017da68a60ae74b2b425edf29db7ee2aeb9;hb=bdd34ab1f2f87acb23c6d92feee7354ac53005ff;hp=56bef136d75590a7f9b6073d9ab93c7adb2f2c98;hpb=75870d7b55e36af526a0786fff94912989c73fd1;p=ppp.git diff --git a/pppd/eap.h b/pppd/eap.h index 56bef13..fbc7201 100644 --- a/pppd/eap.h +++ b/pppd/eap.h @@ -20,6 +20,8 @@ * $Id: eap.h,v 1.2 2003/06/11 23:56:26 paulus Exp $ */ +#include "pppdconf.h" + #ifndef PPP_EAP_H #define PPP_EAP_H @@ -59,6 +61,18 @@ extern "C" { #define EAPT_NOKIACARD 18 /* Nokia IP smart card */ #define EAPT_SRP 19 /* Secure Remote Password */ /* 20 is deprecated */ +#define EAPT_TTLS 21 /* EAP Tunneled TLS Authentication Protocol RFC5281 */ +#define EAPT_RAS 22 /* Remote Access Service */ +#define EAPT_AKA 23 /* EAP method for 3rd Generation Authentication and Key Agreement RFC4187 */ +#define EAPT_3COM 24 /* EAP-3Com Wireless */ +#define EAPT_PEAP 25 /* Protected EAP */ +#define EAPT_MSCHAPV2 26 /* EAP-MSCHAPv2 RFC-draft-kamath-pppext-eap-mschapv2-02 */ + +/* OpCodes for MSCHAPv2 */ +#define CHAP_CHALLENGE 1 +#define CHAP_RESPONSE 2 +#define CHAP_SUCCESS 3 +#define CHAP_FAILURE 4 /* EAP SRP-SHA1 Subtypes */ #define EAPSRP_CHALLENGE 1 /* Request 1 - Challenge */ @@ -98,6 +112,7 @@ enum eap_state_code { eapSRP2, /* Sent EAP SRP-SHA1 Subtype 2 */ eapSRP3, /* Sent EAP SRP-SHA1 Subtype 3 */ eapMD5Chall, /* Sent MD5-Challenge */ + eapMSCHAPv2Chall, /* Sent MSCHAPv2-Challenge */ eapOpen, /* Completed authentication */ eapSRP4, /* Sent EAP SRP-SHA1 Subtype 4 */ eapBadAuth /* Failed authentication */ @@ -107,15 +122,15 @@ enum eap_state_code { "Initial", "Pending", "Closed", "Listen", "Identify", \ "TlsStart", "TlsRecv", "TlsSendAck", "TlsSend", "TlsRecvAck", "TlsRecvClient",\ "TlsSendAlert", "TlsRecvAlertAck" , "TlsRecvSuccess", "TlsRecvFailure", \ - "SRP1", "SRP2", "SRP3", "MD5Chall", "Open", "SRP4", "BadAuth" + "SRP1", "SRP2", "SRP3", "MD5Chall", "MSCHAPv2Chall", "Open", "SRP4", "BadAuth" -#ifdef USE_EAPTLS +#ifdef PPP_WITH_EAPTLS #define eap_client_active(esp) ((esp)->es_client.ea_state != eapInitial &&\ (esp)->es_client.ea_state != eapPending &&\ (esp)->es_client.ea_state != eapClosed) #else #define eap_client_active(esp) ((esp)->es_client.ea_state == eapListen) -#endif /* USE_EAPTLS */ +#endif /* PPP_WITH_EAPTLS */ #define eap_server_active(esp) \ ((esp)->es_server.ea_state >= eapIdentify && \ @@ -131,15 +146,18 @@ struct eap_auth { u_short ea_namelen; /* Length of our name */ u_short ea_peerlen; /* Length of peer's name */ enum eap_state_code ea_state; -#ifdef USE_EAPTLS +#ifdef PPP_WITH_EAPTLS enum eap_state_code ea_prev_state; +#endif +#ifdef PPP_WITH_CHAPMS + struct chap_digest_type *digest; #endif u_char ea_id; /* Current id */ u_char ea_requests; /* Number of Requests sent/received */ u_char ea_responses; /* Number of Responses */ u_char ea_type; /* One of EAPT_* */ u_int32_t ea_keyflags; /* SRP shared key usage flags */ -#ifdef USE_EAPTLS +#ifdef PPP_WITH_EAPTLS bool ea_using_eaptls; #endif }; @@ -151,6 +169,9 @@ typedef struct eap_state { int es_unit; /* Interface unit number */ struct eap_auth es_client; /* Client (authenticatee) data */ struct eap_auth es_server; /* Server (authenticator) data */ +#ifdef PPP_WITH_PEAP + struct peap_state *ea_peap; /* Client PEAP (authenticator) data */ +#endif int es_savedtime; /* Saved timeout */ int es_rechallenge; /* EAP rechallenge interval */ int es_lwrechallenge; /* SRP lightweight rechallenge inter */ @@ -164,12 +185,12 @@ typedef struct eap_state { * Timeouts. */ #define EAP_DEFTIMEOUT 3 /* Timeout (seconds) for rexmit */ -#ifdef USE_EAPTLS +#ifdef PPP_WITH_EAPTLS #define EAP_DEFTRANSMITS 30 /* max # times to transmit */ /* certificates can be long ... */ #else #define EAP_DEFTRANSMITS 10 /* max # times to transmit */ -#endif /* USE_EAPTLS */ +#endif /* PPP_WITH_EAPTLS */ #define EAP_DEFREQTIME 20 /* Time to wait for peer request */ #define EAP_DEFALLOWREQ 20 /* max # times to accept requests */