eap__fast_8h_source.html

#pragma once

/*

 *   This program is free software; you can redistribute it and/or modify

 *   it under the terms of the GNU General Public License as published by

 *   the Free Software Foundation; either version 2 of the License, or (at

 *   your option) any later version.

 *

 *   This program is distributed in the hope that it will be useful,

 *   but WITHOUT ANY WARRANTY; without even the implied warranty of

 *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

 *   GNU General Public License for more details.

 *

 *   You should have received a copy of the GNU General Public License

 *   along with this program; if not, write to the Free Software

 *   Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA

 */


/**

 * $Id: 8cdb16bc45b495e6b0d7996bb985e88c190bbdc1 $

 * @file eap_fast.h

 * @brief Function declarations and packet structures

 *

 * @author Alexander Clouter (alex@digriz.org.uk)

 *

 * @copyright 2016 Alan DeKok (aland@freeradius.org)

 * @copyright 2016 The FreeRADIUS server project

 */

RCSIDH(eap_fast_h, "$Id: 8cdb16bc45b495e6b0d7996bb985e88c190bbdc1 $")


#include <freeradius-devel/eap/tls.h>

#include <freeradius-devel/radius/radius.h>

#include <freeradius-devel/util/chap.h>


#define EAP_FAST_VERSION                        1


#define EAP_FAST_KEY_LEN                        64

#define EAP_EMSK_LEN                            64

#define EAP_FAST_SKS_LEN                        40

#define EAP_FAST_SIMCK_LEN                      40

#define EAP_FAST_CMK_LEN                        20


#define EAP_FAST_TLV_MANDATORY                  0x8000

#define EAP_FAST_TLV_TYPE                       0x3fff


#define EAP_FAST_FATAL_ERROR                    2000

#define EAP_FAST_ERR_TUNNEL_COMPROMISED         2001

#define EAP_FAST_ERR_UNEXPECTED_TLV             2002


#define EAP_FAST_TLV_RESULT_SUCCESS             1

#define EAP_FAST_TLV_RESULT_FAILURE             2


typedef enum {

        EAP_FAST_TLS_SESSION_HANDSHAKE = 0,

        EAP_FAST_AUTHENTICATION,

        EAP_FAST_CRYPTOBIND_CHECK,

        EAP_FAST_PROVISIONING,

        EAP_FAST_COMPLETE

} eap_fast_stage_t;


typedef enum {

        EAP_FAST_UNKNOWN = 0,

        EAP_FAST_PROVISIONING_ANON,

        EAP_FAST_PROVISIONING_AUTH,

        EAP_FAST_NORMAL_AUTH

} eap_fast_auth_type_t;


typedef enum {

        PAC_TYPE_TUNNEL = 1,    // 1

        PAC_TYPE_MACHINE_AUTH,  // 2

        PAC_TYPE_USER_AUTHZ,    // 3

        PAC_TYPE_MAX

} eap_fast_pac_type_t;


#define PAC_KEY_LENGTH          32

#define PAC_A_ID_LENGTH         16

#define PAC_I_ID_LENGTH         16

#define PAC_A_ID_INFO_LENGTH    32


typedef struct {

        uint16_t                        type;

        uint16_t                        length;

} CC_HINT(__packed__) eap_fast_pac_attr_hdr_t;


typedef struct {

        eap_fast_pac_attr_hdr_t         hdr;

        uint32_t                        data;   // secs since epoch

} CC_HINT(__packed__) eap_fast_pac_attr_lifetime_t;


typedef struct {

        eap_fast_pac_attr_hdr_t         hdr;

        uint8_t                         data[PAC_A_ID_LENGTH];

} CC_HINT(__packed__) eap_fast_pac_attr_a_id_t;


typedef struct {

        eap_fast_pac_attr_hdr_t         hdr;

        uint8_t                         data[PAC_I_ID_LENGTH];

} CC_HINT(__packed__) eap_fast_pac_attr_i_id_t;


typedef struct {

        eap_fast_pac_attr_hdr_t         hdr;

        uint8_t                         data[PAC_A_ID_INFO_LENGTH];

} CC_HINT(__packed__) eap_fast_pac_attr_a_id_info_t;


typedef struct {

        eap_fast_pac_attr_hdr_t         hdr;

        uint16_t                        data;

} CC_HINT(__packed__) eap_fast_pac_attr_pac_type_t;


typedef struct {

        eap_fast_pac_attr_hdr_t         hdr;

        uint8_t                         data[PAC_KEY_LENGTH];

} CC_HINT(__packed__) eap_fast_pac_attr_pac_key_t;


typedef struct {

        eap_fast_pac_attr_pac_type_t    type;

        eap_fast_pac_attr_lifetime_t    lifetime;

        eap_fast_pac_attr_pac_key_t     key;

} CC_HINT(__packed__) eap_fast_attr_pac_opaque_plaintext_t;


typedef struct {

        eap_fast_pac_attr_hdr_t         hdr;

        unsigned char                   aad[PAC_A_ID_LENGTH];

        unsigned char                   iv[EVP_MAX_IV_LENGTH];

        unsigned char                   tag[EVP_GCM_TLS_TAG_LEN];

        uint8_t                         data[sizeof(eap_fast_attr_pac_opaque_plaintext_t) * 2]; // space for EVP

} CC_HINT(__packed__) eap_fast_attr_pac_opaque_t;


typedef struct {

        eap_fast_pac_attr_hdr_t         hdr;

        eap_fast_pac_attr_lifetime_t    lifetime;

        eap_fast_pac_attr_a_id_t        a_id;

        eap_fast_pac_attr_a_id_info_t   a_id_info;

        eap_fast_pac_attr_pac_type_t    type;

} CC_HINT(__packed__) eap_fast_attr_pac_info_t;


typedef struct {

        eap_fast_pac_attr_pac_key_t     key;

        eap_fast_attr_pac_info_t        info;

        eap_fast_attr_pac_opaque_t      opaque; // has to be last!

} CC_HINT(__packed__) eap_fast_pac_t;


/* RFC 4851, Section 4.2.8 - Crypto-Binding TLV */


typedef struct {

        uint16_t tlv_type;

        uint16_t length;

        uint8_t reserved;

        uint8_t version;

        uint8_t received_version;

        uint8_t subtype;

        uint8_t nonce[32];

        uint8_t compound_mac[20];

} CC_HINT(__packed__) eap_tlv_crypto_binding_tlv_t;


typedef enum eap_fast_tlv_crypto_binding_tlv_subtype_t {

        EAP_FAST_TLV_CRYPTO_BINDING_SUBTYPE_REQUEST = 0,        // 0

        EAP_FAST_TLV_CRYPTO_BINDING_SUBTYPE_RESPONSE            // 1

} eap_fast_tlv_crypto_binding_tlv_subtype_t;


/* RFC 5422: Section 3.3 - Key Derivations Used in the EAP-FAST Provisioning Exchange */


typedef struct {

        uint8_t session_key_seed[EAP_FAST_SKS_LEN];

        uint8_t server_challenge[MD5_DIGEST_LENGTH];

        uint8_t client_challenge[MD5_DIGEST_LENGTH];

} CC_HINT(__packed__) eap_fast_keyblock_t;


typedef struct {

        fr_pair_t               *username;


        bool                    authenticated;


        int                     mode;

        eap_fast_stage_t        stage;

        eap_fast_keyblock_t     *keyblock;

        uint8_t                 *s_imck;

        uint8_t                 *cmk;

        int                     imck_count;


        struct {

                uint8_t         mppe_send[MD5_DIGEST_LENGTH];

                uint8_t         mppe_recv[MD5_DIGEST_LENGTH];

        } CC_HINT(__packed__)   isk;


        uint8_t                 *msk;

        uint8_t                 *emsk;


        int                     default_method;

        int                     default_provisioning_method;


        fr_time_delta_t         pac_lifetime;

        char const              *authority_identity;

        uint8_t const           *a_id;

        uint8_t const           *pac_opaque_key;


        struct {

                uint8_t                 *key;

                eap_fast_pac_type_t     type;

                fr_time_t               expires;

                bool                    expired;

                bool                    send;

        }                       pac;


        bool                    result_final;


#ifdef WITH_PROXY

        bool            proxy_tunneled_request_as_eap;  //!< Proxy tunneled session as EAP, or as de-capsulated

                                                        //!< protocol.

#endif

        CONF_SECTION    *server_cs;

} eap_fast_tunnel_t;


extern HIDDEN fr_dict_attr_t const *attr_eap_tls_require_client_cert;

extern HIDDEN fr_dict_attr_t const *attr_eap_type;

extern HIDDEN fr_dict_attr_t const *attr_ms_chap_challenge;

extern HIDDEN fr_dict_attr_t const *attr_ms_chap_peer_challenge;

extern HIDDEN fr_dict_attr_t const *attr_proxy_to_realm;


extern HIDDEN fr_dict_attr_t const *attr_eap_message;

extern HIDDEN fr_dict_attr_t const *attr_eap_msk;

extern HIDDEN fr_dict_attr_t const *attr_eap_emsk;

extern HIDDEN fr_dict_attr_t const *attr_freeradius_proxied_to;

extern HIDDEN fr_dict_attr_t const *attr_ms_mppe_send_key;

extern HIDDEN fr_dict_attr_t const *attr_ms_mppe_recv_key;

extern HIDDEN fr_dict_attr_t const *attr_user_name;

extern HIDDEN fr_dict_attr_t const *attr_user_password;


extern HIDDEN fr_dict_attr_t const *attr_eap_fast_crypto_binding;

extern HIDDEN fr_dict_attr_t const *attr_eap_fast_eap_payload;

extern HIDDEN fr_dict_attr_t const *attr_eap_fast_error;

extern HIDDEN fr_dict_attr_t const *attr_eap_fast_intermediate_result;

extern HIDDEN fr_dict_attr_t const *attr_eap_fast_nak;

extern HIDDEN fr_dict_attr_t const *attr_eap_fast_pac_a_id;

extern HIDDEN fr_dict_attr_t const *attr_eap_fast_pac_a_id_info;

extern HIDDEN fr_dict_attr_t const *attr_eap_fast_pac_acknowledge;

extern HIDDEN fr_dict_attr_t const *attr_eap_fast_pac_i_id;

extern HIDDEN fr_dict_attr_t const *attr_eap_fast_pac_info_a_id;

extern HIDDEN fr_dict_attr_t const *attr_eap_fast_pac_info_a_id_info;

extern HIDDEN fr_dict_attr_t const *attr_eap_fast_pac_info_i_id;

extern HIDDEN fr_dict_attr_t const *attr_eap_fast_pac_info_pac_lifetime;

extern HIDDEN fr_dict_attr_t const *attr_eap_fast_pac_info_pac_type;

extern HIDDEN fr_dict_attr_t const *attr_eap_fast_pac_info_tlv;

extern HIDDEN fr_dict_attr_t const *attr_eap_fast_pac_key;

extern HIDDEN fr_dict_attr_t const *attr_eap_fast_pac_lifetime;

extern HIDDEN fr_dict_attr_t const *attr_eap_fast_pac_opaque_i_id;

extern HIDDEN fr_dict_attr_t const *attr_eap_fast_pac_opaque_pac_key;

extern HIDDEN fr_dict_attr_t const *attr_eap_fast_pac_opaque_pac_lifetime;

extern HIDDEN fr_dict_attr_t const *attr_eap_fast_pac_opaque_pac_type;

extern HIDDEN fr_dict_attr_t const *attr_eap_fast_pac_opaque_tlv;

extern HIDDEN fr_dict_attr_t const *attr_eap_fast_pac_tlv;

extern HIDDEN fr_dict_attr_t const *attr_eap_fast_pac_type;

extern HIDDEN fr_dict_attr_t const *attr_eap_fast_result;

extern HIDDEN fr_dict_attr_t const *attr_eap_fast_vendor_specific;

extern HIDDEN fr_dict_t const *dict_eap_fast;


/*

 *      Process the FAST portion of an EAP-FAST request.

 */

void eap_fast_tlv_append(fr_tls_session_t *tls_session, fr_dict_attr_t const *da, bool mandatory,

                         int length, const void *data) CC_HINT(nonnull);

fr_radius_packet_code_t eap_fast_process(request_t *request, eap_session_t *eap_session, fr_tls_session_t *tls_session) CC_HINT(nonnull);


/*

 *      A bunch of EAP-FAST helper functions.

 */

ssize_t         eap_fast_decode_pair(TALLOC_CTX *ctx, fr_pair_list_t *out, fr_dict_attr_t const *parent,

                                     uint8_t const *data, size_t data_len,

                                     UNUSED void *decode_ctx);

RCSIDH
#define RCSIDH(h, id)
Definition build.h:484

HIDDEN
#define HIDDEN
Definition build.h:314

UNUSED
#define UNUSED
Definition build.h:315

cf_section
A section grouping multiple CONF_PAIR.
Definition cf_priv.h:101

fr_radius_packet_code_t
fr_radius_packet_code_t
RADIUS packet codes.
Definition defs.h:31

attr_eap_fast_pac_info_i_id
HIDDEN fr_dict_attr_t const  * attr_eap_fast_pac_info_i_id
Definition rlm_eap_fast.c:120

attr_eap_fast_result
HIDDEN fr_dict_attr_t const  * attr_eap_fast_result
Definition rlm_eap_fast.c:133

eap_tlv_crypto_binding_tlv_t::tlv_type
uint16_t tlv_type
Definition eap_fast.h:144

attr_eap_fast_pac_info_a_id_info
HIDDEN fr_dict_attr_t const  * attr_eap_fast_pac_info_a_id_info
Definition rlm_eap_fast.c:119

attr_eap_fast_nak
HIDDEN fr_dict_attr_t const  * attr_eap_fast_nak
Definition rlm_eap_fast.c:113

attr_proxy_to_realm
HIDDEN fr_dict_attr_t const  * attr_proxy_to_realm
Definition rlm_eap_fast.c:100

eap_fast_tunnel_t::result_final
bool result_final
Definition eap_fast.h:200

eap_fast_tunnel_t::a_id
uint8_t const  * a_id
Definition eap_fast.h:189

EAP_FAST_SKS_LEN
#define EAP_FAST_SKS_LEN
Definition eap_fast.h:38

eap_fast_attr_pac_opaque_plaintext_t::lifetime
eap_fast_pac_attr_lifetime_t lifetime
Definition eap_fast.h:116

eap_fast_pac_attr_i_id_t::hdr
eap_fast_pac_attr_hdr_t hdr
Definition eap_fast.h:95

attr_eap_fast_pac_a_id_info
HIDDEN fr_dict_attr_t const  * attr_eap_fast_pac_a_id_info
Definition rlm_eap_fast.c:115

eap_fast_tunnel_t::authenticated
bool authenticated
Definition eap_fast.h:169

eap_fast_pac_attr_a_id_info_t::hdr
eap_fast_pac_attr_hdr_t hdr
Definition eap_fast.h:100

attr_eap_fast_pac_key
HIDDEN fr_dict_attr_t const  * attr_eap_fast_pac_key
Definition rlm_eap_fast.c:124

eap_fast_decode_pair
ssize_t eap_fast_decode_pair(TALLOC_CTX *ctx, fr_pair_list_t *out, fr_dict_attr_t const *parent, uint8_t const *data, size_t data_len, UNUSED void *decode_ctx)

attr_eap_fast_pac_info_tlv
HIDDEN fr_dict_attr_t const  * attr_eap_fast_pac_info_tlv
Definition rlm_eap_fast.c:123

eap_fast_attr_pac_info_t::lifetime
eap_fast_pac_attr_lifetime_t lifetime
Definition eap_fast.h:130

attr_eap_fast_error
HIDDEN fr_dict_attr_t const  * attr_eap_fast_error
Definition rlm_eap_fast.c:111

eap_fast_tunnel_t::stage
eap_fast_stage_t stage
Definition eap_fast.h:172

attr_user_name
HIDDEN fr_dict_attr_t const  * attr_user_name
Definition base.c:104

eap_fast_pac_attr_pac_type_t::data
uint16_t data
Definition eap_fast.h:106

attr_ms_mppe_send_key
HIDDEN fr_dict_attr_t const  * attr_ms_mppe_send_key
Definition base.c:101

PAC_A_ID_LENGTH
#define PAC_A_ID_LENGTH
Definition eap_fast.h:75

eap_fast_pac_t::key
eap_fast_pac_attr_pac_key_t key
Definition eap_fast.h:137

eap_fast_tunnel_t::keyblock
eap_fast_keyblock_t * keyblock
Definition eap_fast.h:173

eap_fast_pac_attr_lifetime_t::hdr
eap_fast_pac_attr_hdr_t hdr
Definition eap_fast.h:85

eap_fast_tunnel_t::pac_lifetime
fr_time_delta_t pac_lifetime
Definition eap_fast.h:187

eap_fast_tunnel_t::s_imck
uint8_t * s_imck
Definition eap_fast.h:174

eap_fast_pac_attr_lifetime_t::data
uint32_t data
Definition eap_fast.h:86

eap_fast_tlv_crypto_binding_tlv_subtype_t
eap_fast_tlv_crypto_binding_tlv_subtype_t
Definition eap_fast.h:154

EAP_FAST_TLV_CRYPTO_BINDING_SUBTYPE_REQUEST
@ EAP_FAST_TLV_CRYPTO_BINDING_SUBTYPE_REQUEST
Definition eap_fast.h:155

EAP_FAST_TLV_CRYPTO_BINDING_SUBTYPE_RESPONSE
@ EAP_FAST_TLV_CRYPTO_BINDING_SUBTYPE_RESPONSE
Definition eap_fast.h:156

eap_tlv_crypto_binding_tlv_t::reserved
uint8_t reserved
Definition eap_fast.h:146

attr_eap_fast_pac_info_pac_type
HIDDEN fr_dict_attr_t const  * attr_eap_fast_pac_info_pac_type
Definition rlm_eap_fast.c:122

attr_eap_fast_pac_info_pac_lifetime
HIDDEN fr_dict_attr_t const  * attr_eap_fast_pac_info_pac_lifetime
Definition rlm_eap_fast.c:121

eap_fast_pac_attr_hdr_t::type
uint16_t type
Definition eap_fast.h:80

eap_fast_attr_pac_info_t::a_id_info
eap_fast_pac_attr_a_id_info_t a_id_info
Definition eap_fast.h:132

attr_ms_chap_peer_challenge
HIDDEN fr_dict_attr_t const  * attr_ms_chap_peer_challenge
Definition rlm_eap_fast.c:99

eap_tlv_crypto_binding_tlv_t::subtype
uint8_t subtype
Definition eap_fast.h:149

eap_tlv_crypto_binding_tlv_t::version
uint8_t version
Definition eap_fast.h:147

eap_fast_tunnel_t::default_provisioning_method
int default_provisioning_method
Definition eap_fast.h:185

eap_fast_attr_pac_info_t::hdr
eap_fast_pac_attr_hdr_t hdr
Definition eap_fast.h:129

attr_ms_mppe_recv_key
HIDDEN fr_dict_attr_t const  * attr_ms_mppe_recv_key
Definition base.c:102

attr_eap_tls_require_client_cert
HIDDEN fr_dict_attr_t const  * attr_eap_tls_require_client_cert
Definition rlm_eap_fast.c:96

PAC_I_ID_LENGTH
#define PAC_I_ID_LENGTH
Definition eap_fast.h:76

eap_fast_tunnel_t::default_method
int default_method
Definition eap_fast.h:184

attr_eap_fast_pac_type
HIDDEN fr_dict_attr_t const  * attr_eap_fast_pac_type
Definition rlm_eap_fast.c:132

attr_user_password
HIDDEN fr_dict_attr_t const  * attr_user_password
Definition rlm_eap_fast.c:107

eap_tlv_crypto_binding_tlv_t::length
uint16_t length
Definition eap_fast.h:145

eap_fast_tunnel_t::username
fr_pair_t * username
Definition eap_fast.h:167

eap_fast_attr_pac_opaque_t::hdr
eap_fast_pac_attr_hdr_t hdr
Definition eap_fast.h:121

attr_eap_fast_intermediate_result
HIDDEN fr_dict_attr_t const  * attr_eap_fast_intermediate_result
Definition rlm_eap_fast.c:112

attr_ms_chap_challenge
HIDDEN fr_dict_attr_t const  * attr_ms_chap_challenge
Definition rlm_eap_fast.c:98

eap_fast_tunnel_t::emsk
uint8_t * emsk
Definition eap_fast.h:182

attr_eap_fast_pac_opaque_pac_type
HIDDEN fr_dict_attr_t const  * attr_eap_fast_pac_opaque_pac_type
Definition rlm_eap_fast.c:129

attr_eap_fast_pac_tlv
HIDDEN fr_dict_attr_t const  * attr_eap_fast_pac_tlv
Definition rlm_eap_fast.c:131

eap_fast_pac_attr_pac_key_t::hdr
eap_fast_pac_attr_hdr_t hdr
Definition eap_fast.h:110

eap_fast_pac_t::opaque
eap_fast_attr_pac_opaque_t opaque
Definition eap_fast.h:139

attr_eap_fast_eap_payload
HIDDEN fr_dict_attr_t const  * attr_eap_fast_eap_payload
Definition rlm_eap_fast.c:110

eap_fast_attr_pac_opaque_plaintext_t::type
eap_fast_pac_attr_pac_type_t type
Definition eap_fast.h:115

attr_eap_fast_crypto_binding
HIDDEN fr_dict_attr_t const  * attr_eap_fast_crypto_binding
Definition rlm_eap_fast.c:109

eap_fast_process
fr_radius_packet_code_t eap_fast_process(request_t *request, eap_session_t *eap_session, fr_tls_session_t *tls_session)
Definition eap_fast.c:898

attr_eap_fast_vendor_specific
HIDDEN fr_dict_attr_t const  * attr_eap_fast_vendor_specific
Definition rlm_eap_fast.c:134

eap_fast_pac_attr_a_id_t::hdr
eap_fast_pac_attr_hdr_t hdr
Definition eap_fast.h:90

dict_eap_fast
HIDDEN fr_dict_t const  * dict_eap_fast
Definition rlm_eap_fast.c:84

attr_eap_fast_pac_info_a_id
HIDDEN fr_dict_attr_t const  * attr_eap_fast_pac_info_a_id
Definition rlm_eap_fast.c:118

attr_freeradius_proxied_to
HIDDEN fr_dict_attr_t const  * attr_freeradius_proxied_to
Definition base.c:100

eap_fast_tunnel_t::authority_identity
char const  * authority_identity
Definition eap_fast.h:188

attr_eap_msk
HIDDEN fr_dict_attr_t const  * attr_eap_msk
Definition base.c:97

eap_fast_pac_t::info
eap_fast_attr_pac_info_t info
Definition eap_fast.h:138

PAC_A_ID_INFO_LENGTH
#define PAC_A_ID_INFO_LENGTH
Definition eap_fast.h:77

eap_fast_attr_pac_info_t::a_id
eap_fast_pac_attr_a_id_t a_id
Definition eap_fast.h:131

attr_eap_fast_pac_opaque_i_id
HIDDEN fr_dict_attr_t const  * attr_eap_fast_pac_opaque_i_id
Definition rlm_eap_fast.c:126

eap_fast_pac_attr_pac_type_t::hdr
eap_fast_pac_attr_hdr_t hdr
Definition eap_fast.h:105

attr_eap_fast_pac_i_id
HIDDEN fr_dict_attr_t const  * attr_eap_fast_pac_i_id
Definition rlm_eap_fast.c:117

attr_eap_fast_pac_opaque_pac_lifetime
HIDDEN fr_dict_attr_t const  * attr_eap_fast_pac_opaque_pac_lifetime
Definition rlm_eap_fast.c:128

eap_fast_tunnel_t::cmk
uint8_t * cmk
Definition eap_fast.h:175

eap_fast_attr_pac_info_t::type
eap_fast_pac_attr_pac_type_t type
Definition eap_fast.h:133

eap_fast_pac_attr_hdr_t::length
uint16_t length
Definition eap_fast.h:81

eap_fast_tunnel_t::mode
int mode
Definition eap_fast.h:171

eap_fast_stage_t
eap_fast_stage_t
Definition eap_fast.h:52

EAP_FAST_COMPLETE
@ EAP_FAST_COMPLETE
Definition eap_fast.h:57

EAP_FAST_AUTHENTICATION
@ EAP_FAST_AUTHENTICATION
Definition eap_fast.h:54

EAP_FAST_CRYPTOBIND_CHECK
@ EAP_FAST_CRYPTOBIND_CHECK
Definition eap_fast.h:55

EAP_FAST_PROVISIONING
@ EAP_FAST_PROVISIONING
Definition eap_fast.h:56

EAP_FAST_TLS_SESSION_HANDSHAKE
@ EAP_FAST_TLS_SESSION_HANDSHAKE
Definition eap_fast.h:53

eap_fast_tlv_append
void eap_fast_tlv_append(fr_tls_session_t *tls_session, fr_dict_attr_t const *da, bool mandatory, int length, const void *data)
Definition eap_fast.c:108

PAC_KEY_LENGTH
#define PAC_KEY_LENGTH
Definition eap_fast.h:74

attr_eap_fast_pac_opaque_pac_key
HIDDEN fr_dict_attr_t const  * attr_eap_fast_pac_opaque_pac_key
Definition rlm_eap_fast.c:127

eap_fast_auth_type_t
eap_fast_auth_type_t
Definition eap_fast.h:60

EAP_FAST_UNKNOWN
@ EAP_FAST_UNKNOWN
Definition eap_fast.h:61

EAP_FAST_NORMAL_AUTH
@ EAP_FAST_NORMAL_AUTH
Definition eap_fast.h:64

EAP_FAST_PROVISIONING_ANON
@ EAP_FAST_PROVISIONING_ANON
Definition eap_fast.h:62

EAP_FAST_PROVISIONING_AUTH
@ EAP_FAST_PROVISIONING_AUTH
Definition eap_fast.h:63

attr_eap_fast_pac_opaque_tlv
HIDDEN fr_dict_attr_t const  * attr_eap_fast_pac_opaque_tlv
Definition rlm_eap_fast.c:130

eap_fast_tunnel_t::imck_count
int imck_count
Definition eap_fast.h:176

eap_fast_tunnel_t::server_cs
CONF_SECTION * server_cs
Definition eap_fast.h:206

eap_fast_attr_pac_opaque_plaintext_t::key
eap_fast_pac_attr_pac_key_t key
Definition eap_fast.h:117

attr_eap_fast_pac_a_id
HIDDEN fr_dict_attr_t const  * attr_eap_fast_pac_a_id
Definition rlm_eap_fast.c:114

attr_eap_fast_pac_lifetime
HIDDEN fr_dict_attr_t const  * attr_eap_fast_pac_lifetime
Definition rlm_eap_fast.c:125

attr_eap_emsk
HIDDEN fr_dict_attr_t const  * attr_eap_emsk
Definition base.c:98

attr_eap_message
HIDDEN fr_dict_attr_t const  * attr_eap_message
Definition base.c:96

attr_eap_type
HIDDEN fr_dict_attr_t const  * attr_eap_type
Definition base.c:92

eap_fast_pac_type_t
eap_fast_pac_type_t
Definition eap_fast.h:67

PAC_TYPE_MAX
@ PAC_TYPE_MAX
Definition eap_fast.h:71

PAC_TYPE_USER_AUTHZ
@ PAC_TYPE_USER_AUTHZ
Definition eap_fast.h:70

PAC_TYPE_TUNNEL
@ PAC_TYPE_TUNNEL
Definition eap_fast.h:68

PAC_TYPE_MACHINE_AUTH
@ PAC_TYPE_MACHINE_AUTH
Definition eap_fast.h:69

eap_tlv_crypto_binding_tlv_t::received_version
uint8_t received_version
Definition eap_fast.h:148

eap_fast_tunnel_t::pac_opaque_key
uint8_t const  * pac_opaque_key
Definition eap_fast.h:190

attr_eap_fast_pac_acknowledge
HIDDEN fr_dict_attr_t const  * attr_eap_fast_pac_acknowledge
Definition rlm_eap_fast.c:116

eap_fast_tunnel_t::msk
uint8_t * msk
Definition eap_fast.h:181

eap_fast_attr_pac_info_t
Definition eap_fast.h:128

eap_fast_attr_pac_opaque_plaintext_t
Definition eap_fast.h:114

eap_fast_attr_pac_opaque_t
Definition eap_fast.h:120

eap_fast_keyblock_t
Definition eap_fast.h:160

eap_fast_pac_attr_a_id_info_t
Definition eap_fast.h:99

eap_fast_pac_attr_a_id_t
Definition eap_fast.h:89

eap_fast_pac_attr_hdr_t
Definition eap_fast.h:79

eap_fast_pac_attr_i_id_t
Definition eap_fast.h:94

eap_fast_pac_attr_lifetime_t
Definition eap_fast.h:84

eap_fast_pac_attr_pac_key_t
Definition eap_fast.h:109

eap_fast_pac_attr_pac_type_t
Definition eap_fast.h:104

eap_fast_pac_t
Definition eap_fast.h:136

eap_fast_tunnel_t
Definition eap_fast.h:166

eap_tlv_crypto_binding_tlv_t
Definition eap_fast.h:143

eap_session_s
Tracks the progress of a single session of any EAP method.
Definition session.h:40

MD5_DIGEST_LENGTH
#define MD5_DIGEST_LENGTH
Definition merged_model.c:248

uint16_t
unsigned short uint16_t
Definition merged_model.c:31

uint32_t
unsigned int uint32_t
Definition merged_model.c:33

ssize_t
long int ssize_t
Definition merged_model.c:24

uint8_t
unsigned char uint8_t
Definition merged_model.c:30

fr_dict_attr_t
Definition merged_model.c:133

fr_dict_t
Definition merged_model.c:198

request_t
Definition merged_model.c:210

type
fr_aka_sim_id_type_t type
Definition state_machine.c:3623

pair_list_s
Definition pair.h:52

value_pair_s
Stores an attribute, a value and various bits of other data.
Definition pair.h:68

fr_time_delta_s
A time delta, a difference in time measured in nanoseconds.
Definition time.h:80

fr_time_s
"server local" time.
Definition time.h:69

parent
static fr_slen_t parent
Definition pair.h:851

data
static fr_slen_t data
Definition value.h:1265

nonnull
int nonnull(2, 5))

out
static size_t char ** out
Definition value.h:997