rlm__eap__aka_8c_source.html

/*

 *   This program is free software; you can redistribute it and/or modify

 *   it under the terms of the GNU General Public License as published by

 *   the Free Software Foundation; either version 2 of the License, or (at

 *   your option) any later version.

 *

 *   This program is distributed in the hope that it will be useful,

 *   but WITHOUT ANY WARRANTY; without even the implied warranty of

 *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

 *   GNU General Public License for more details.

 *

 *   You should have received a copy of the GNU General Public License

 *   along with this program; if not, write to the Free Software

 *   Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA

 */


/**

 * $Id: cf3beb12d488aa4cadf720eb2f33249ad226765d $

 * @file rlm_eap_aka.c

 * @brief Implements EAP-AKA

 *

 * @author Arran Cudbard-Bell (a.cudbardb@freeradius.org)

 *

 * @copyright 2021 Arran Cudbard-Bell (a.cudbardb@freeradius.org)

 * @copyright 2016 The FreeRADIUS server project

 * @copyright 2016 Network RADIUS SAS (legal.com)

 */

RCSID("$Id: cf3beb12d488aa4cadf720eb2f33249ad226765d $")


#include <freeradius-devel/eap/base.h>

#include <freeradius-devel/eap_aka_sim/attrs.h>

#include <freeradius-devel/eap_aka_sim/base.h>

#include <freeradius-devel/eap_aka_sim/module.h>

#include <freeradius-devel/util/rand.h>


static conf_parser_t submodule_config[] = {

        { FR_CONF_OFFSET_TYPE_FLAGS("virtual_server", FR_TYPE_VOID, 0, eap_aka_sim_module_conf_t, virtual_server),

                                    .func = virtual_server_cf_parse,

                                    .uctx = &(virtual_server_cf_parse_uctx_t){

                                            .process_module_name = "eap_aka",

                                    } },

        { FR_CONF_OFFSET_IS_SET("prefer_aka_prime", FR_TYPE_BOOL, 0, eap_aka_sim_module_conf_t, aka.send_at_bidding_prefer_prime ), .dflt = "no" },


        CONF_PARSER_TERMINATOR

};


extern rlm_eap_submodule_t rlm_eap_aka;


static unlang_action_t mod_session_init(unlang_result_t *p_result, module_ctx_t const *mctx, request_t *request)

{

        eap_session_t                   *eap_session = eap_session_get(request->parent);

        eap_aka_sim_mod_session_t       *mod_session;


        MEM(mod_session = talloc_zero(eap_session, eap_aka_sim_mod_session_t));

        mod_session->id = (uint8_t)(fr_rand() & 0xff);

        mod_session->ctx.hmac_md = mod_session->ctx.checkcode_md = EVP_sha1();

        eap_session->opaque = mod_session;

        eap_session->process = eap_aka_sim_process;


        return eap_session->process(p_result, mctx, request);

}


static int mod_instantiate(module_inst_ctx_t const *mctx)

{

        eap_aka_sim_module_conf_t       *inst = talloc_get_type_abort(mctx->mi->data, eap_aka_sim_module_conf_t);

        CONF_SECTION                    *conf = mctx->mi->conf;


        inst->type = rlm_eap_aka.provides[0];


        /*

         *      If the user didn't specify a bidding value

         *      infer whether we need to send the bidding

         *      attribute, by whether the EAP module has

         *      has the AKA-Prime module enabled.

         */

        if (!inst->aka.send_at_bidding_prefer_prime_is_set) {

                CONF_SECTION    *parent = cf_item_to_section(cf_parent(conf));

                CONF_PAIR       *cp = NULL;


                while ((cp = cf_pair_find_next(parent, cp, "type"))) {

                        if (strcmp(cf_pair_value(cp), "aka-prime") == 0) {

                                cf_log_debug(conf, "Setting 'prefer_aka_prime = yes', as EAP-AKA-Prime is enabled");

                                inst->aka.send_at_bidding_prefer_prime = true;

                                inst->aka.send_at_bidding_prefer_prime_is_set = true;

                                break;

                        }

                }

        }


        return 0;

}


static eap_type_t mod_type_identity(UNUSED void *instance, char const *id, size_t len)

{

        if (fr_aka_sim_id_to_eap_type(id, len) == FR_EAP_METHOD_AKA) return FR_EAP_METHOD_AKA;


        return FR_EAP_METHOD_INVALID;

}


static int mod_load(void)

{

        if (fr_aka_sim_init() < 0) return -1;


        fr_aka_sim_xlat_func_register();


        return 0;

}


static void mod_unload(void)

{

        fr_aka_sim_xlat_func_unregister();


        fr_aka_sim_free();

}


/*

 *      The module name should be the only globally exported symbol.

 *      That is, everything else should be 'static'.

 */


rlm_eap_submodule_t rlm_eap_aka = {

        .common = {

                .magic          = MODULE_MAGIC_INIT,

                .name           = "eap_aka",


                .inst_size      = sizeof(eap_aka_sim_module_conf_t),

                .inst_type      = "eap_aka_sim_module_conf_t",

                .config         = submodule_config,


                .onload         = mod_load,

                .unload         = mod_unload,


                .instantiate    = mod_instantiate,

        },

        .provides       = { FR_EAP_METHOD_AKA },

        .type_identity  = mod_type_identity,

        .session_init   = mod_session_init,

        .namespace      = &dict_eap_aka_sim

};


unlang_action_t
unlang_action_t
Returned by unlang_op_t calls, determine the next action of the interpreter.
Definition action.h:35

RCSID
#define RCSID(id)
Definition build.h:506

UNUSED
#define UNUSED
Definition build.h:336

CONF_PARSER_TERMINATOR
#define CONF_PARSER_TERMINATOR
Definition cf_parse.h:657

conf_parser_s::func
cf_parse_t func
Override default parsing behaviour for the specified type with a custom parsing function.
Definition cf_parse.h:611

FR_CONF_OFFSET_IS_SET
#define FR_CONF_OFFSET_IS_SET(_name, _type, _flags, _struct, _field)
conf_parser_t which parses a single CONF_PAIR, writing the result to a field in a struct,...
Definition cf_parse.h:294

FR_CONF_OFFSET_TYPE_FLAGS
#define FR_CONF_OFFSET_TYPE_FLAGS(_name, _type, _flags, _struct, _field)
conf_parser_t which parses a single CONF_PAIR, writing the result to a field in a struct
Definition cf_parse.h:238

conf_parser_s
Defines a CONF_PAIR to C data type mapping.
Definition cf_parse.h:594

cf_pair
Configuration AVP similar to a fr_pair_t.
Definition cf_priv.h:72

cf_section
A section grouping multiple CONF_PAIR.
Definition cf_priv.h:101

cf_pair_find_next
CONF_PAIR * cf_pair_find_next(CONF_SECTION const *cs, CONF_PAIR const *prev, char const *attr)
Find a pair with a name matching attr, after specified pair.
Definition cf_util.c:1436

cf_item_to_section
CONF_SECTION * cf_item_to_section(CONF_ITEM const *ci)
Cast a CONF_ITEM to a CONF_SECTION.
Definition cf_util.c:685

cf_pair_value
char const * cf_pair_value(CONF_PAIR const *pair)
Return the value of a CONF_PAIR.
Definition cf_util.c:1581

cf_parent
#define cf_parent(_cf)
Definition cf_util.h:98

cf_log_debug
#define cf_log_debug(_cf, _fmt,...)
Definition cf_util.h:288

MEM
#define MEM(x)
Definition debug.h:46

MODULE_MAGIC_INIT
#define MODULE_MAGIC_INIT
Stop people using different module/library/server versions together.
Definition dl_module.h:63

eap_type_t
enum eap_type eap_type_t

FR_EAP_METHOD_AKA
@ FR_EAP_METHOD_AKA
Definition types.h:68

FR_EAP_METHOD_INVALID
@ FR_EAP_METHOD_INVALID
Definition types.h:45

fr_aka_sim_xlat_func_register
int fr_aka_sim_xlat_func_register(void)
Definition xlat.c:498

fr_aka_sim_ctx_t::hmac_md
EVP_MD const  * hmac_md
HMAC digest algorithm, usually EVP_sha1().
Definition base.h:240

fr_aka_sim_ctx_t::checkcode_md
EVP_MD const  * checkcode_md
HMAC we use for calculating the checkcode.
Definition base.h:241

fr_aka_sim_xlat_func_unregister
void fr_aka_sim_xlat_func_unregister(void)
Definition xlat.c:532

eap_aka_sim_mod_session_t::ctx
fr_aka_sim_ctx_t ctx
Definition module.h:83

eap_aka_sim_mod_session_t::id
uint8_t id
Last ID used, monotonically increments.
Definition module.h:74

eap_aka_sim_mod_session_t
Structure used to track session state at the module level.
Definition module.h:73

eap_aka_sim_module_conf_t
Definition module.h:41

unlang_result_t
Definition interpret.h:133

eap_session_get
static eap_session_t * eap_session_get(request_t *request)
Definition session.h:85

eap_session_s::opaque
void * opaque
Opaque data used by EAP methods.
Definition session.h:63

eap_session_s::process
module_method_t process
Callback that should be used to process the next round.
Definition session.h:65

eap_session_s
Tracks the progress of a single session of any EAP method.
Definition session.h:41

dict_eap_aka_sim
fr_dict_t const  * dict_eap_aka_sim
Definition base.c:48

fr_aka_sim_free
void fr_aka_sim_free(void)
Definition base.c:315

fr_aka_sim_init
int fr_aka_sim_init(void)
Definition base.c:284

fr_aka_sim_id_to_eap_type
eap_type_t fr_aka_sim_id_to_eap_type(char const *id, size_t len)
Determine if a given identity is a 3gpp identity, and return the EAP method hinted.
Definition id.c:306

FR_TYPE_VOID
@ FR_TYPE_VOID
User data.
Definition merged_model.c:127

FR_TYPE_BOOL
@ FR_TYPE_BOOL
A truth value.
Definition merged_model.c:95

uint8_t
unsigned char uint8_t
Definition merged_model.c:30

request_t
Definition merged_model.c:210

module_inst_ctx_t::mi
module_instance_t * mi
Instance of the module being instantiated.
Definition module_ctx.h:51

module_ctx_t
Temporary structure to hold arguments for module calls.
Definition module_ctx.h:41

module_inst_ctx_t
Temporary structure to hold arguments for instantiation calls.
Definition module_ctx.h:50

config
static const conf_parser_t config[]
Definition base.c:163

conf
static rs_t * conf
Definition radsniff.c:52

fr_rand
uint32_t fr_rand(void)
Return a 32-bit random number.
Definition rand.c:104

mod_load
static int mod_load(void)
Definition rlm_eap_aka.c:100

mod_unload
static void mod_unload(void)
Definition rlm_eap_aka.c:109

submodule_config
static conf_parser_t submodule_config[]
Definition rlm_eap_aka.c:36

mod_session_init
static unlang_action_t mod_session_init(unlang_result_t *p_result, module_ctx_t const *mctx, request_t *request)
Definition rlm_eap_aka.c:49

mod_instantiate
static int mod_instantiate(module_inst_ctx_t const *mctx)
Definition rlm_eap_aka.c:63

rlm_eap_aka
rlm_eap_submodule_t rlm_eap_aka
Definition rlm_eap_aka.c:120

mod_type_identity
static eap_type_t mod_type_identity(UNUSED void *instance, char const *id, size_t len)
Definition rlm_eap_aka.c:93

module_instance_s::conf
CONF_SECTION * conf
Module's instance configuration.
Definition module.h:351

module_s::inst_size
size_t inst_size
Size of the module's instance data.
Definition module.h:212

module_instance_s::data
void * data
Module's instance data.
Definition module.h:293

eap_aka_sim_process
unlang_action_t eap_aka_sim_process(unlang_result_t *p_result, module_ctx_t const *mctx, request_t *request)
Decode EAP session data into attribute.
Definition module.c:292

inst
eap_aka_sim_process_conf_t * inst
Definition state_machine.c:3645

eap_aka_sim_process_conf_t::type
eap_type_t type
The preferred EAP-Type of this instance of the EAP-SIM/AKA/AKA' state machine.
Definition state_machine.h:191

rlm_eap_submodule_t::common
module_t common
Common fields provided by all modules.
Definition submodule.h:50

rlm_eap_submodule_t::provides
eap_type_t provides[MAX_PROVIDED_METHODS]
Allow the module to register itself for more than one EAP-Method.
Definition submodule.h:52

rlm_eap_submodule_t
Interface exported by EAP submodules.
Definition submodule.h:49

parent
static fr_slen_t parent
Definition pair.h:858

virtual_server_cf_parse
int virtual_server_cf_parse(UNUSED TALLOC_CTX *ctx, void *out, UNUSED void *parent, CONF_ITEM *ci, UNUSED conf_parser_t const *rule)
Wrapper for the config parser to allow pass1 resolution of virtual servers.
Definition virtual_servers.c:1023

virtual_server_cf_parse_uctx_t
Additional validation rules for virtual server lookup.
Definition virtual_servers.h:112