diff options
Diffstat (limited to 'src/ap/wpa_auth.h')
-rw-r--r-- | src/ap/wpa_auth.h | 29 |
1 files changed, 25 insertions, 4 deletions
diff --git a/src/ap/wpa_auth.h b/src/ap/wpa_auth.h index 8f0b5a79..3b32fe39 100644 --- a/src/ap/wpa_auth.h +++ b/src/ap/wpa_auth.h @@ -1,6 +1,6 @@ /* * hostapd - IEEE 802.11i-2004 / WPA Authenticator - * Copyright (c) 2004-2017, Jouni Malinen <j@w1.fi> + * Copyright (c) 2004-2022, Jouni Malinen <j@w1.fi> * * This software may be distributed under the terms of the BSD license. * See README for more details. @@ -242,6 +242,7 @@ struct wpa_auth_config { int ft_rsnxe_used; unsigned int skip_send_eapol:1; unsigned int enable_eapol_large_timeout:1; + bool delay_eapol_tx; #endif /* CONFIG_TESTING_OPTIONS */ unsigned int oci_freq_override_eapol_m3; unsigned int oci_freq_override_eapol_g1; @@ -257,7 +258,7 @@ struct wpa_auth_config { unsigned int fils_cache_id_set:1; u8 fils_cache_id[FILS_CACHE_ID_LEN]; #endif /* CONFIG_FILS */ - int sae_pwe; + enum sae_pwe sae_pwe; bool sae_pk; unsigned int secure_ltf:1; @@ -275,6 +276,8 @@ struct wpa_auth_config { * PTK derivation regardless of advertised capabilities. */ bool force_kdk_derivation; + + bool radius_psk; }; typedef enum { @@ -322,6 +325,9 @@ struct wpa_auth_callbacks { void (*store_ptksa)(void *ctx, const u8 *addr, int cipher, u32 life_time, const struct wpa_ptk *ptk); void (*clear_ptksa)(void *ctx, const u8 *addr, int cipher); + void (*request_radius_psk)(void *ctx, const u8 *addr, int key_mgmt, + const u8 *anonce, + const u8 *eapol, size_t eapol_len); #ifdef CONFIG_IEEE80211R_AP struct wpa_state_machine * (*add_sta)(void *ctx, const u8 *sta_addr); int (*add_sta_ft)(void *ctx, const u8 *sta_addr); @@ -347,6 +353,10 @@ struct wpa_auth_callbacks { #ifdef CONFIG_MESH int (*start_ampe)(void *ctx, const u8 *sta_addr); #endif /* CONFIG_MESH */ +#ifdef CONFIG_PASN + int (*set_ltf_keyseed)(void *ctx, const u8 *addr, const u8 *ltf_keyseed, + size_t ltf_keyseed_len); +#endif /* CONFIG_PASN */ }; struct wpa_authenticator * wpa_init(const u8 *addr, @@ -403,6 +413,7 @@ void wpa_auth_countermeasures_start(struct wpa_authenticator *wpa_auth); int wpa_auth_pairwise_set(struct wpa_state_machine *sm); int wpa_auth_get_pairwise(struct wpa_state_machine *sm); const u8 * wpa_auth_get_pmk(struct wpa_state_machine *sm, int *len); +const u8 * wpa_auth_get_dpp_pkhash(struct wpa_state_machine *sm); int wpa_auth_sta_key_mgmt(struct wpa_state_machine *sm); int wpa_auth_sta_wpa_version(struct wpa_state_machine *sm); int wpa_auth_sta_ft_tk_already_set(struct wpa_state_machine *sm); @@ -422,11 +433,15 @@ int wpa_auth_pmksa_add_preauth(struct wpa_authenticator *wpa_auth, int session_timeout, struct eapol_state_machine *eapol); int wpa_auth_pmksa_add_sae(struct wpa_authenticator *wpa_auth, const u8 *addr, - const u8 *pmk, const u8 *pmkid); + const u8 *pmk, size_t pmk_len, const u8 *pmkid, + int akmp); void wpa_auth_add_sae_pmkid(struct wpa_state_machine *sm, const u8 *pmkid); int wpa_auth_pmksa_add2(struct wpa_authenticator *wpa_auth, const u8 *addr, const u8 *pmk, size_t pmk_len, const u8 *pmkid, int session_timeout, int akmp); +int wpa_auth_pmksa_add3(struct wpa_authenticator *wpa_auth, const u8 *addr, + const u8 *pmk, size_t pmk_len, const u8 *pmkid, + int session_timeout, int akmp, const u8 *dpp_pkhash); void wpa_auth_pmksa_remove(struct wpa_authenticator *wpa_auth, const u8 *sta_addr); int wpa_auth_pmksa_list(struct wpa_authenticator *wpa_auth, char *buf, @@ -436,9 +451,12 @@ int wpa_auth_pmksa_list_mesh(struct wpa_authenticator *wpa_auth, const u8 *addr, char *buf, size_t len); struct rsn_pmksa_cache_entry * wpa_auth_pmksa_create_entry(const u8 *aa, const u8 *spa, const u8 *pmk, + size_t pmk_len, int akmp, const u8 *pmkid, int expiration); int wpa_auth_pmksa_add_entry(struct wpa_authenticator *wpa_auth, struct rsn_pmksa_cache_entry *entry); +struct rsn_pmksa_cache * +wpa_auth_get_pmksa_cache(struct wpa_authenticator *wpa_auth); struct rsn_pmksa_cache_entry * wpa_auth_pmksa_get(struct wpa_authenticator *wpa_auth, const u8 *sta_addr, const u8 *pmkid); @@ -526,7 +544,8 @@ int wpa_fils_validate_key_confirm(struct wpa_state_machine *sm, const u8 *ies, int get_sta_tx_parameters(struct wpa_state_machine *sm, int ap_max_chanwidth, int ap_seg1_idx, int *bandwidth, int *seg1_idx); -int wpa_auth_write_fte(struct wpa_authenticator *wpa_auth, int use_sha384, +int wpa_auth_write_fte(struct wpa_authenticator *wpa_auth, + struct wpa_state_machine *sm, u8 *buf, size_t len); void wpa_auth_get_fils_aead_params(struct wpa_state_machine *sm, u8 *fils_anonce, u8 *fils_snonce, @@ -578,4 +597,6 @@ void wpa_auth_set_skip_send_eapol(struct wpa_authenticator *wpa_auth, void wpa_auth_set_enable_eapol_large_timeout(struct wpa_authenticator *wpa_auth, u8 val); +void wpa_auth_sta_radius_psk_resp(struct wpa_state_machine *sm, bool success); + #endif /* WPA_AUTH_H */ |