1 /*
2  * eap_peap.h
3  *
4  * Version:     $Id: 7b803f8c61069db87b80f3659f1bb4e3edec83c4 $
5  *
6  *   This program is free software; you can redistribute it and/or modify
7  *   it under the terms of the GNU General Public License as published by
8  *   the Free Software Foundation; either version 2 of the License, or
9  *   (at your option) any later version.
10  *
11  *   This program is distributed in the hope that it will be useful,
12  *   but WITHOUT ANY WARRANTY; without even the implied warranty of
13  *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
14  *   GNU General Public License for more details.
15  *
16  *   You should have received a copy of the GNU General Public License
17  *   along with this program; if not, write to the Free Software
18  *   Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
19  *
20  * Copyright 2003 Alan DeKok <aland@freeradius.org>
21  * Copyright 2006 The FreeRADIUS server project
22  */
23 #ifndef _EAP_PEAP_H
24 #define _EAP_PEAP_H
25 
26 RCSIDH(eap_peap_h, "$Id: 7b803f8c61069db87b80f3659f1bb4e3edec83c4 $")
27 
28 #include "eap_tls.h"
29 #include <freeradius-devel/soh.h>
30 
31 typedef enum {
32 	PEAP_STATUS_INVALID,
33 	PEAP_STATUS_SENT_TLV_SUCCESS,
34 	PEAP_STATUS_SENT_TLV_FAILURE,
35 	PEAP_STATUS_TUNNEL_ESTABLISHED,
36 	PEAP_STATUS_INNER_IDENTITY_REQ_SENT,
37 	PEAP_STATUS_PHASE2_INIT,
38 	PEAP_STATUS_PHASE2,
39 	PEAP_STATUS_WAIT_FOR_SOH_RESPONSE
40 } peap_status;
41 
42 typedef enum {
43 	PEAP_RESUMPTION_NO,
44 	PEAP_RESUMPTION_YES,
45 	PEAP_RESUMPTION_MAYBE
46 } peap_resumption;
47 
48 typedef struct peap_tunnel_t {
49 	VALUE_PAIR	*username;
50 	VALUE_PAIR	*state;
51 	VALUE_PAIR	*accept_vps;
52 	peap_status	status;
53 	bool		home_access_accept;
54 	int		default_method;
55 	bool		copy_request_to_tunnel;
56 	bool		use_tunneled_reply;
57 	bool		proxy_tunneled_request_as_eap;
58 	char const	*virtual_server;
59 	bool		soh;
60 	char const	*soh_virtual_server;
61 	VALUE_PAIR	*soh_reply_vps;
62 	peap_resumption	session_resumption_state;
63 } peap_tunnel_t;
64 
65 
66 #define EAP_TLV_SUCCESS (1)
67 #define EAP_TLV_FAILURE (2)
68 #define EAP_TLV_ACK_RESULT (3)
69 
70 #define PW_EAP_TLV 33
71 
72 /*
73  *	Process the PEAP portion of an EAP-PEAP request.
74  */
75 rlm_rcode_t eappeap_process(eap_handler_t *handler, tls_session_t *tls_session, int auth_type_eap) CC_HINT(nonnull);
76 #endif /* _EAP_PEAP_H */
77