/*
* eap-tls.h
*
* Copyright (c) Beniamino Galvani 2005 All rights reserved.
*               Jan Just Keijser  2006-2019 All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
*    notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
*    notice, this list of conditions and the following disclaimer in
*    the documentation and/or other materials provided with the
*    distribution.
*
* 3. The name(s) of the authors of this software must not be used to
*    endorse or promote products derived from this software without
*    prior written permission.
*
* THE AUTHORS OF THIS SOFTWARE DISCLAIM ALL WARRANTIES WITH REGARD TO
* THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
* AND FITNESS, IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY
* SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN
* AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
* OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*
*/

#ifndef PPP_EAP_TLS_H
#define PPP_EAP_TLS_H

#include "pppdconf.h"
#include "eap.h"

#include <openssl/ssl.h>
#include <openssl/bio.h>

#define EAP_TLS_FLAGS_LI        128    /* length included flag */
#define EAP_TLS_FLAGS_MF        64     /* more fragments flag */
#define EAP_TLS_FLAGS_START     32     /* start flag */

#define EAP_TLS_MAX_LEN         65536  /* max eap tls packet size */

struct tls_info;

struct eaptls_session
{
   u_char *data;               /* buffered data */
   int datalen;                /* buffered data len */
   int offset;                 /* from where to send */
   int tlslen;                 /* total length of tls data */
   bool frag;                  /* packet is fragmented */
   bool tls_v13;               /* whether we've negotiated TLSv1.3 */
   SSL_CTX *ctx;
   SSL *ssl;                   /* ssl connection */
   BIO *from_ssl;
   BIO *into_ssl;
   char peercertfile[MAXWORDLEN];
   bool alert_sent;
   u_char alert_sent_desc;
   bool alert_recv;
   u_char alert_recv_desc;
   char rtx[EAP_TLS_MAX_LEN];  /* retransmission buffer */
   int rtx_len;
   int mtu;                    /* unit mtu */
   struct tls_info *info;
};


SSL_CTX *eaptls_init_ssl(int init_server, char *cacertfile, char *capath,
           char *certfile, char *privkeyfile, char *pkcs12);
int eaptls_init_ssl_server(eap_state * esp);
int eaptls_init_ssl_client(eap_state * esp);
void eaptls_free_session(struct eaptls_session *ets);

int eaptls_is_init_finished(struct eaptls_session *ets);

int eaptls_receive(struct eaptls_session *ets, u_char * inp, int len);
int eaptls_send(struct eaptls_session *ets, u_char ** outp);
void eaptls_retransmit(struct eaptls_session *ets, u_char ** outp);

int get_eaptls_secret(int unit, char *client, char *server,
             char *clicertfile, char *servcertfile, char *cacertfile,
             char *capath, char *pkfile, char *pkcs12, int am_server);

#ifdef PPP_WITH_MPPE
void eaptls_gen_mppe_keys(struct eaptls_session *ets, int client);
#endif

#endif

You are viewing proxied material from ftp.icm.edu.pl. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.