eap

package
v0.0.0-...-f14cf1c Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 27, 2024 License: BSD-3-Clause Imports: 9 Imported by: 0

Documentation

Overview

package eap implements an XML eap-config parser compliant with the XML schema found at https://github.com/GEANT/CAT/blob/master/devices/eap_config/eap-metadata.xsd A part of this was generated with xgen https://github.com/xuri/xgen By hand modified: - Use NonEAPAuthNumbers as alias instead of hardcoded int - Removed -Properties

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func LocalizedInteractiveValue 

func LocalizedInteractiveValue(slice []*LocalizedInteractive) (string, error)

LocalizedInteractiveValue gets the first non-nil value from the localized interactive slice if no value is available, it returns an error

func LocalizedNonInteractiveValue 

func LocalizedNonInteractiveValue(slice []*LocalizedNonInteractive) (string, error)

LocalizedNonInteractiveValue gets the first non-nil value from the localized non interactive slice if no value is available, it returns an error

Types

type AuthenticationMethod 

type AuthenticationMethod struct {
	EAPMethod                 *EAPMethod                   `xml:"EAPMethod"`
	ServerSideCredential      *ServerCredentialVariants    `xml:"ServerSideCredential"`
	ClientSideCredential      *ClientCredentialVariants    `xml:"ClientSideCredential"`
	InnerAuthenticationMethod []*InnerAuthenticationMethod `xml:"InnerAuthenticationMethod"`
}

AuthenticationMethod ...

func (*AuthenticationMethod) Network 

func (am *AuthenticationMethod) Network(ssid string, minrsn string, pinfo network.ProviderInfo) (network.Network, error)

Network gets a network for an authentication method, the SSID and MinRSN are strings that are based to the network

func (*AuthenticationMethod) NonTLSNetwork 

func (am *AuthenticationMethod) NonTLSNetwork(base network.Base) (network.Network, error)

NonTLSNetwork creates a network that is Non-TLS using the authentication method The base that is passed here are settings that are common between TLS and NON-TLS networks

func (*AuthenticationMethod) TLSNetwork 

func (am *AuthenticationMethod) TLSNetwork(base network.Base) (network.Network, error)

TLSNetwork creates a TLS network using the authentication method. The base that is passed here are settings that are common between TLS and NON-TLS networks

type AuthenticationMethods 

type AuthenticationMethods struct {
	AuthenticationMethod []*AuthenticationMethod `xml:"AuthenticationMethod"`
}

AuthenticationMethods ...

type CertData 

type CertData struct {
	FormatAttr   string `xml:"format,attr"`
	EncodingAttr string `xml:"encoding,attr"`
	Value        string `xml:",chardata"`
}

CertData ...

type ClientCredentialVariants 

type ClientCredentialVariants struct {
	AllowsaveAttr       bool   `xml:"allow_save,attr,omitempty"`
	OuterIdentity       string `xml:"OuterIdentity"`
	InnerIdentityPrefix string `xml:"InnerIdentityPrefix"`
	InnerIdentitySuffix string `xml:"InnerIdentitySuffix"`
	InnerIdentityHint   bool   `xml:"InnerIdentityHint"`
	// TODO: support `Username` (notice the n lowercase)?
	// See: https://github.com/geteduroam/windows-app/pull/39
	// Probably not needed as that pr states it is still not used
	// But maybe good to define here so we can check what is all in the xml?
	UserName                  string      `xml:"UserName"`
	Password                  string      `xml:"Password"`
	ClientCertificate         *CertData   `xml:"ClientCertificate"`
	IntermediateCACertificate []*CertData `xml:"IntermediateCACertificate"`
	Passphrase                string      `xml:"Passphrase"`
	PAC                       string      `xml:"PAC"`
	ProvisionPAC              bool        `xml:"ProvisionPAC"`
}

ClientCredentialVariants is Not all EAP types and non-EAP authentication methods need or 

support all types of credentials in the list below. While the
Schema allows to put all kinds of credential information inside
every AuthenticationMethod, even where the information is not
applicable, tags which are not applicable for an authentication
EAP or non-EAP type
   SHOULD NOT be included in the corresponding instance of
     AuthenticationMethod or InnerAuthenticationMethod when
     producing the XML file, and
   MUST be ignored by the entity consuming the XML file if
     present in the XML file.

type CredentialApplicabilityType 

type CredentialApplicabilityType struct {
	IEEE80211 []*IEEE80211 `xml:"IEEE80211"`
	IEEE8023  []*IEEE8023  `xml:"IEEE8023"`
}

CredentialApplicabilityType ...

type EAPIdentityProvider 

type EAPIdentityProvider struct {
	IDAttr                  string                       `xml:"ID,attr"`
	NamespaceAttr           string                       `xml:"namespace,attr"`
	VersionAttr             int                          `xml:"version,attr,omitempty"`
	LangAttr                string                       `xml:"lang,attr,omitempty"`
	ValidUntil              string                       `xml:"ValidUntil"`
	AuthenticationMethods   *AuthenticationMethods       `xml:"AuthenticationMethods"`
	CredentialApplicability *CredentialApplicabilityType `xml:"CredentialApplicability"`
	ProviderInfo            *ProviderInfoElements        `xml:"ProviderInfo"`
	VendorSpecific          *VendorSpecificExtension     `xml:"VendorSpecific"`
}

EAPIdentityProvider ...

func (*EAPIdentityProvider) AuthMethods 

func (p *EAPIdentityProvider) AuthMethods() ([]*AuthenticationMethod, error)

AuthMethods gets a list of authentication methods by checking if it is NON-NULL and NON-EMPTY

func (*EAPIdentityProvider) PInfo 

func (p *EAPIdentityProvider) PInfo() network.ProviderInfo

PInfo gets the ProviderInfo element from the EAP identity provider If it cannot find certain values this will fallback to the default of the type, e.g. an empty string TODO: Log errors here

func (*EAPIdentityProvider) SSIDSettings 

func (p *EAPIdentityProvider) SSIDSettings() (string, string, error)

SSIDSettings returns the first valid SSID and the MinRSNProto associated with it It loops through the credential applicability list and gets the first valid candidate The candidate filtering was based on https://github.com/geteduroam/windows-app/blob/f11f00dee3eb71abd38537e18881463f83b180d3/EduroamConfigure/EapConfig.cs#L84 A candidate is valid if:

  • MinRSNProto is not empty, TODO: shouldn't we just default to CCMP?
  • The SSID is not empty
  • The MinRSNProto is NOT TKIP as that is insecure

type EAPIdentityProviderList 

type EAPIdentityProviderList struct {
	EAPIdentityProvider *EAPIdentityProvider `xml:"EAPIdentityProvider"`
}

EAPIdentityProviderList ...

func Parse 

func Parse(data []byte) (*EAPIdentityProviderList, error)

Parse parses a byte array into the main EAPIdentityProviderList struct. It returns nil if error

func (*EAPIdentityProviderList) Network 

func (eap *EAPIdentityProviderList) Network() (network.Network, error)

Network creates a TLS or NON-TLS secured network from the EAP config This network can then afterwards be imported into NetworkManager using the `nm` package

type EAPMethod 

type EAPMethod struct {
	Type           int                        `xml:"Type"`
	TypeSpecific   *TypeSpecificExtension     `xml:"TypeSpecific"`
	VendorSpecific []*VendorSpecificExtension `xml:"VendorSpecific"`
}

EAPMethod ...

type HelpdeskDetailElements 

type HelpdeskDetailElements struct {
	EmailAddress []*LocalizedInteractive    `xml:"EmailAddress"`
	WebAddress   []*LocalizedNonInteractive `xml:"WebAddress"`
	Phone        []*LocalizedInteractive    `xml:"Phone"`
}

HelpdeskDetailElements ...

type IEEE80211 

type IEEE80211 struct {
	XMLName       xml.Name `xml:"IEEE80211"`
	SSID          string   `xml:"SSID"`
	ConsortiumOID string   `xml:"ConsortiumOID"`
	MinRSNProto   string   `xml:"MinRSNProto"`
}

IEEE80211 is The conditions inside this element are considered AND conditions. 

It does e.g. not make sense to have multiple SSIDs in one
IEEE80211 field because the condition would never
match. To specify multiple ORed network properties, use multiple
IEEE80211 instances.

type IEEE80211RSNProtocols 

type IEEE80211RSNProtocols string

IEEE80211RSNProtocols is CTR with CBC-MAC Protocol (if used, only crypto setting 

"WPA2/AES" and possible future protos are acceptable).

type IEEE8023 

type IEEE8023 struct {
	XMLName   xml.Name `xml:"IEEE8023"`
	NetworkID string   `xml:"NetworkID"`
}

IEEE8023 ...

type InnerAuthenticationMethod 

type InnerAuthenticationMethod struct {
	EAPMethod            *EAPMethod                `xml:"EAPMethod"`
	NonEAPAuthMethod     *NonEAPAuthMethod         `xml:"NonEAPAuthMethod"`
	ServerSideCredential *ServerCredentialVariants `xml:"ServerSideCredential"`
	ClientSideCredential *ClientCredentialVariants `xml:"ClientSideCredential"`
}

InnerAuthenticationMethod ...

type LocalizedInteractive 

type LocalizedInteractive struct {
	LangAttr string `xml:"lang,attr,omitempty"`
	Value    string `xml:",chardata"`
}

LocalizedInteractive ...

type LocalizedNonInteractive 

type LocalizedNonInteractive struct {
	LangAttr string `xml:"lang,attr,omitempty"`
	Value    string `xml:",chardata"`
}

LocalizedNonInteractive ...

type LocationElements 

type LocationElements struct {
	Longitude string `xml:"Longitude"`
	Latitude  string `xml:"Latitude"`
}

LocationElements ...

type LogoData 

type LogoData struct {
	MimeAttr     string `xml:"mime,attr"`
	EncodingAttr string `xml:"encoding,attr"`
	Value        string `xml:",chardata"`
}

LogoData ...

type NonEAPAuthMethod 

type NonEAPAuthMethod struct {
	Type           NonEAPAuthNumbers          `xml:"Type"`
	TypeSpecific   *TypeSpecificExtension     `xml:"TypeSpecific"`
	VendorSpecific []*VendorSpecificExtension `xml:"VendorSpecific"`
}

NonEAPAuthMethod ...

type NonEAPAuthNumbers 

type NonEAPAuthNumbers = int

NonEAPAuthNumbers is MSCHAPv2

type ProviderInfoElements 

type ProviderInfoElements struct {
	DisplayName      []*LocalizedNonInteractive `xml:"DisplayName"`
	Description      []*LocalizedNonInteractive `xml:"Description"`
	ProviderLocation []*LocationElements        `xml:"ProviderLocation"`
	TermsOfUse       []*LocalizedNonInteractive `xml:"TermsOfUse"`
	Helpdesk         *HelpdeskDetailElements    `xml:"Helpdesk"`
}

ProviderInfoElements ... 

func (pi *ProviderInfoElements) Logo() (string, error)

Logo returns the logo for the provider info elements If the logo is an unexpected type: nil, no PNG, no base64, we return an empty string and an error TODO: Note that right now we assume that every logo is a base64 and PNG, we need to determine if this is the only possible type that will be returned

type ServerCredentialVariants 

type ServerCredentialVariants struct {
	CA       []*CertData `xml:"CA"`
	ServerID []string    `xml:"ServerID"`
}

ServerCredentialVariants is Not all EAP types and non-EAP authentication methods need or 

support all types of credentials in the list below. While the
Schema allows to put all kinds of credential information inside
every AuthenticationMethod, even where the information is not
applicable, tags which are not applicable for an authentication
EAP or non-EAP type
   SHOULD NOT be included in the corresponding instance of
     AuthenticationMethod or InnerAuthenticationMethod when
     producing the XML file, and
   MUST be ignored by the entity consuming the XML file if
     present in the XML file.

func (*ServerCredentialVariants) CAList 

func (ss *ServerCredentialVariants) CAList() (*cert.Certs, error)

CaList gets a list of certificates by looping through the certificate list and returning all *valid* certificates

type TypeSpecificExtension 

type TypeSpecificExtension struct{}

TypeSpecificExtension ...

type VendorSpecificExtension 

type VendorSpecificExtension struct {
	VendorAttr int `xml:"vendor,attr"`
}

VendorSpecificExtension ...

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.