rlm__eap__aka_8c_source.html

 /*

  *   This program is is free software; you can redistribute it and/or modify

  *   it under the terms of the GNU General Public License as published by

  *   the Free Software Foundation; either version 2 of the License, or (at

  *   your option) any later version.

  *

  *   This program is distributed in the hope that it will be useful,

  *   but WITHOUT ANY WARRANTY; without even the implied warranty of

  *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

  *   GNU General Public License for more details.

  *

  *   You should have received a copy of the GNU General Public License

  *   along with this program; if not, write to the Free Software

  *   Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA

  */


 /**

  * $Id: e0bf27f2f3786e19679fa86f82a6d29b1dea2d79 $

  * @file rlm_eap_aka.c

  * @brief Implements EAP-AKA

  *

  * @author Arran Cudbard-Bell (a.cudbardb@freeradius.org)

  *

  * @copyright 2021 Arran Cudbard-Bell (a.cudbardb@freeradius.org)

  * @copyright 2016 The FreeRADIUS server project

  * @copyright 2016 Network RADIUS SAS (legal.com)

  */

 RCSID("$Id: e0bf27f2f3786e19679fa86f82a6d29b1dea2d79 $")


 #include <freeradius-devel/eap/base.h>

 #include <freeradius-devel/eap_aka_sim/attrs.h>

 #include <freeradius-devel/eap_aka_sim/base.h>

 #include <freeradius-devel/eap_aka_sim/module.h>

 #include <freeradius-devel/server/virtual_servers.h>

 #include <freeradius-devel/unlang/module.h>

 #include <freeradius-devel/util/rand.h>

 #include <freeradius-devel/util/debug.h>


 static conf_parser_t submodule_config[] = {

         { FR_CONF_OFFSET_TYPE_FLAGS("virtual_server", FR_TYPE_VOID, 0, eap_aka_sim_module_conf_t, virtual_server), .func = virtual_server_cf_parse },

         { FR_CONF_OFFSET_IS_SET("prefer_aka_prime", FR_TYPE_BOOL, 0, eap_aka_sim_module_conf_t, aka.send_at_bidding_prefer_prime ), .dflt = "no" },


         CONF_PARSER_TERMINATOR

 };


 extern rlm_eap_submodule_t rlm_eap_aka;


 static unlang_action_t mod_session_init(rlm_rcode_t *p_result, module_ctx_t const *mctx, request_t *request)

 {

         eap_session_t                   *eap_session = eap_session_get(request->parent);

         eap_aka_sim_mod_session_t       *mod_session;


         MEM(mod_session = talloc_zero(eap_session, eap_aka_sim_mod_session_t));

         mod_session->id = (uint8_t)(fr_rand() & 0xff);

         mod_session->ctx.hmac_md = mod_session->ctx.checkcode_md = EVP_sha1();

         eap_session->opaque = mod_session;

         eap_session->process = eap_aka_sim_process;


         return eap_session->process(p_result, mctx, request);

 }


 static int mod_instantiate(module_inst_ctx_t const *mctx)

 {

         eap_aka_sim_module_conf_t       *inst = talloc_get_type_abort(mctx->mi->data, eap_aka_sim_module_conf_t);

         CONF_SECTION                    *conf = mctx->mi->conf;


         inst->type = rlm_eap_aka.provides[0];


         /*

          *      If the user didn't specify a bidding value

          *      infer whether we need to send the bidding

          *      attribute, by whether the EAP module has

          *      has the AKA-Prime module enabled.

          */

         if (!inst->aka.send_at_bidding_prefer_prime_is_set) {

                 CONF_SECTION    *parent = cf_item_to_section(cf_parent(conf));

                 CONF_PAIR       *cp = NULL;


                 while ((cp = cf_pair_find_next(parent, cp, "type"))) {

                         if (strcmp(cf_pair_value(cp), "aka-prime") == 0) {

                                 cf_log_debug(conf, "Setting 'prefer_aka_prime = yes', as EAP-AKA-Prime is enabled");

                                 inst->aka.send_at_bidding_prefer_prime = true;

                                 inst->aka.send_at_bidding_prefer_prime_is_set = true;

                                 break;

                         }

                 }

         }


         return 0;

 }


 static eap_type_t mod_type_identity(UNUSED void *instance, char const *id, size_t len)

 {

         if (fr_aka_sim_id_to_eap_type(id, len) == FR_EAP_METHOD_AKA) return FR_EAP_METHOD_AKA;


         return FR_EAP_METHOD_INVALID;

 }


 static int mod_load(void)

 {

         if (fr_aka_sim_init() < 0) return -1;


         fr_aka_sim_xlat_func_register();


         return 0;

 }


 static void mod_unload(void)

 {

         fr_aka_sim_xlat_func_unregister();


         fr_aka_sim_free();

 }


 /*

  *      The module name should be the only globally exported symbol.

  *      That is, everything else should be 'static'.

  */

 rlm_eap_submodule_t rlm_eap_aka = {

         .common = {

                 .magic          = MODULE_MAGIC_INIT,

                 .name           = "eap_aka",


                 .inst_size      = sizeof(eap_aka_sim_module_conf_t),

                 .inst_type      = "eap_aka_sim_module_conf_t",

                 .config         = submodule_config,


                 .onload         = mod_load,

                 .unload         = mod_unload,


                 .instantiate    = mod_instantiate,

         },

         .provides       = { FR_EAP_METHOD_AKA },

         .type_identity  = mod_type_identity,

         .session_init   = mod_session_init,

         .namespace      = &dict_eap_aka_sim

 };

unlang_action_t
unlang_action_t
Returned by unlang_op_t calls, determine the next action of the interpreter.
Definition: action.h:35

RCSID
#define RCSID(id)
Definition: build.h:481

UNUSED
#define UNUSED
Definition: build.h:313

CONF_PARSER_TERMINATOR
#define CONF_PARSER_TERMINATOR
Definition: cf_parse.h:627

FR_CONF_OFFSET_IS_SET
#define FR_CONF_OFFSET_IS_SET(_name, _type, _flags, _struct, _field)
conf_parser_t which parses a single CONF_PAIR, writing the result to a field in a struct,...
Definition: cf_parse.h:282

FR_CONF_OFFSET_TYPE_FLAGS
#define FR_CONF_OFFSET_TYPE_FLAGS(_name, _type, _flags, _struct, _field)
conf_parser_t which parses a single CONF_PAIR, writing the result to a field in a struct
Definition: cf_parse.h:241

conf_parser_s
Defines a CONF_PAIR to C data type mapping.
Definition: cf_parse.h:564

cf_pair
Configuration AVP similar to a fr_pair_t.
Definition: cf_priv.h:70

cf_section
A section grouping multiple CONF_PAIR.
Definition: cf_priv.h:101

cf_pair_value
char const  * cf_pair_value(CONF_PAIR const *pair)
Return the value of a CONF_PAIR.
Definition: cf_util.c:1594

cf_item_to_section
CONF_SECTION * cf_item_to_section(CONF_ITEM const *ci)
Cast a CONF_ITEM to a CONF_SECTION.
Definition: cf_util.c:684

cf_pair_find_next
CONF_PAIR * cf_pair_find_next(CONF_SECTION const *cs, CONF_PAIR const *prev, char const *attr)
Find a pair with a name matching attr, after specified pair.
Definition: cf_util.c:1453

cf_parent
#define cf_parent(_cf)
Definition: cf_util.h:101

cf_log_debug
#define cf_log_debug(_cf, _fmt,...)
Definition: cf_util.h:292

MODULE_MAGIC_INIT
#define MODULE_MAGIC_INIT
Stop people using different module/library/server versions together.
Definition: dl_module.h:63

eap_type_t
enum eap_type eap_type_t

FR_EAP_METHOD_AKA
@ FR_EAP_METHOD_AKA
Definition: types.h:68

FR_EAP_METHOD_INVALID
@ FR_EAP_METHOD_INVALID
Definition: types.h:45

fr_aka_sim_xlat_func_register
int fr_aka_sim_xlat_func_register(void)
Definition: xlat.c:497

fr_aka_sim_ctx_t::hmac_md
EVP_MD const  * hmac_md
HMAC digest algorithm, usually EVP_sha1().
Definition: base.h:240

fr_aka_sim_ctx_t::checkcode_md
EVP_MD const  * checkcode_md
HMAC we use for calculating the checkcode.
Definition: base.h:241

fr_aka_sim_xlat_func_unregister
void fr_aka_sim_xlat_func_unregister(void)
Definition: xlat.c:521

eap_aka_sim_mod_session_t::ctx
fr_aka_sim_ctx_t ctx
Definition: module.h:79

eap_aka_sim_mod_session_t::id
uint8_t id
Last ID used, monotonically increments.
Definition: module.h:72

eap_aka_sim_mod_session_t
Structure used to track session state at the module level.
Definition: module.h:71

eap_aka_sim_module_conf_t
Definition: module.h:39

eap_session_s::opaque
void * opaque
Opaque data used by EAP methods.
Definition: session.h:62

eap_session_s::process
module_method_t process
Callback that should be used to process the next round.
Definition: session.h:64

eap_session_get
static eap_session_t * eap_session_get(request_t *request)
Definition: session.h:82

eap_session_s
Tracks the progress of a single session of any EAP method.
Definition: session.h:40

dict_eap_aka_sim
fr_dict_t const  * dict_eap_aka_sim
Definition: base.c:48

fr_aka_sim_free
void fr_aka_sim_free(void)
Definition: base.c:315

fr_aka_sim_init
int fr_aka_sim_init(void)
Definition: base.c:284

fr_aka_sim_id_to_eap_type
eap_type_t fr_aka_sim_id_to_eap_type(char const *id, size_t len)
Determine if a given identity is a 3gpp identity, and return the EAP method hinted.
Definition: id.c:306

FR_TYPE_VOID
@ FR_TYPE_VOID
User data.
Definition: merged_model.c:127

FR_TYPE_BOOL
@ FR_TYPE_BOOL
A truth value.
Definition: merged_model.c:95

uint8_t
unsigned char uint8_t
Definition: merged_model.c:30

request_t
Definition: merged_model.c:210

module_inst_ctx_t::mi
module_instance_t * mi
Instance of the module being instantiated.
Definition: module_ctx.h:51

module_ctx_t
Temporary structure to hold arguments for module calls.
Definition: module_ctx.h:41

module_inst_ctx_t
Temporary structure to hold arguments for instantiation calls.
Definition: module_ctx.h:50

config
static const conf_parser_t config[]
Definition: base.c:183

conf
static rs_t * conf
Definition: radsniff.c:53

fr_rand
uint32_t fr_rand(void)
Return a 32-bit random number.
Definition: rand.c:106

rlm_rcode_t
rlm_rcode_t
Return codes indicating the result of the module call.
Definition: rcode.h:40

mod_load
static int mod_load(void)
Definition: rlm_eap_aka.c:99

mod_unload
static void mod_unload(void)
Definition: rlm_eap_aka.c:108

submodule_config
static conf_parser_t submodule_config[]
Definition: rlm_eap_aka.c:39

mod_instantiate
static int mod_instantiate(module_inst_ctx_t const *mctx)
Definition: rlm_eap_aka.c:62

rlm_eap_aka
rlm_eap_submodule_t rlm_eap_aka
Definition: rlm_eap_aka.c:119

mod_type_identity
static eap_type_t mod_type_identity(UNUSED void *instance, char const *id, size_t len)
Definition: rlm_eap_aka.c:92

mod_session_init
static unlang_action_t mod_session_init(rlm_rcode_t *p_result, module_ctx_t const *mctx, request_t *request)
Definition: rlm_eap_aka.c:48

instantiate
static int instantiate(module_inst_ctx_t const *mctx)
Definition: rlm_rest.c:1302

module_instance_s::conf
CONF_SECTION * conf
Module's instance configuration.
Definition: module.h:329

module_instance_s::data
void * data
Module's instance data.
Definition: module.h:271

eap_aka_sim_process
unlang_action_t eap_aka_sim_process(rlm_rcode_t *p_result, module_ctx_t const *mctx, request_t *request)
Decode EAP session data into attribute.
Definition: module.c:297

MEM
MEM(pair_append_request(&vp, attr_eap_aka_sim_identity) >=0)

inst
eap_aka_sim_process_conf_t * inst
Definition: state_machine.c:3620

eap_aka_sim_process_conf_t::type
eap_type_t type
The preferred EAP-Type of this instance of the EAP-SIM/AKA/AKA' state machine.
Definition: state_machine.h:188

rlm_eap_submodule_t::common
module_t common
Common fields provided by all modules.
Definition: submodule.h:50

rlm_eap_submodule_t::provides
eap_type_t provides[MAX_PROVIDED_METHODS]
Allow the module to register itself for more than one EAP-Method.
Definition: submodule.h:52

rlm_eap_submodule_t
Interface exported by EAP submodules.
Definition: submodule.h:49

parent
static fr_slen_t parent
Definition: pair.h:851

virtual_server_cf_parse
int virtual_server_cf_parse(UNUSED TALLOC_CTX *ctx, void *out, UNUSED void *parent, CONF_ITEM *ci, UNUSED conf_parser_t const *rule)
Wrapper for the config parser to allow pass1 resolution of virtual servers.
Definition: virtual_servers.c:946