The FreeRADIUS server  $Id: 15bac2a4c627c01d1aa2047687b3418955ac7f00 $
Data Structures | Functions | Variables
rlm_eap_fast.c File Reference

contains the interfaces that are called from eap More...

#include <freeradius-devel/util/md5.h>
#include "eap_fast.h"
#include "eap_fast_crypto.h"
+ Include dependency graph for rlm_eap_fast.c:

Go to the source code of this file.

Data Structures

struct  rlm_eap_fast_t
 
struct  rlm_eap_fast_thread_t
 

Functions

static int _session_secret (SSL *s, void *secret, int *secret_len, UNUSED STACK_OF(SSL_CIPHER) *peer_ciphers, UNUSED SSL_CIPHER const **cipher, void *arg)
 
static int _session_ticket (SSL *s, uint8_t const *data, int len, void *arg)
 
static eap_fast_tunnel_teap_fast_alloc (TALLOC_CTX *ctx, rlm_eap_fast_t const *inst)
 Allocate the FAST per-session data. More...
 
static void eap_fast_session_ticket (fr_tls_session_t *tls_session, const SSL *s, uint8_t *secret, int *secret_len)
 
static unlang_action_t mod_handshake_process (UNUSED rlm_rcode_t *p_result, UNUSED module_ctx_t const *mctx, request_t *request)
 
static unlang_action_t mod_handshake_resume (rlm_rcode_t *p_result, module_ctx_t const *mctx, request_t *request)
 
static int mod_instantiate (module_inst_ctx_t const *mctx)
 
static unlang_action_t mod_session_init (rlm_rcode_t *p_result, module_ctx_t const *mctx, request_t *request)
 
static int mod_thread_detach (module_thread_inst_ctx_t const *mctx)
 
static int mod_thread_instantiate (module_thread_inst_ctx_t const *mctx)
 

Variables

fr_dict_attr_t const * attr_eap_emsk
 
fr_dict_attr_t const * attr_eap_fast_crypto_binding
 
fr_dict_attr_t const * attr_eap_fast_eap_payload
 
fr_dict_attr_t const * attr_eap_fast_error
 
fr_dict_attr_t const * attr_eap_fast_intermediate_result
 
fr_dict_attr_t const * attr_eap_fast_nak
 
fr_dict_attr_t const * attr_eap_fast_pac_a_id
 
fr_dict_attr_t const * attr_eap_fast_pac_a_id_info
 
fr_dict_attr_t const * attr_eap_fast_pac_acknowledge
 
fr_dict_attr_t const * attr_eap_fast_pac_i_id
 
fr_dict_attr_t const * attr_eap_fast_pac_info_a_id
 
fr_dict_attr_t const * attr_eap_fast_pac_info_a_id_info
 
fr_dict_attr_t const * attr_eap_fast_pac_info_i_id
 
fr_dict_attr_t const * attr_eap_fast_pac_info_pac_lifetime
 
fr_dict_attr_t const * attr_eap_fast_pac_info_pac_type
 
fr_dict_attr_t const * attr_eap_fast_pac_info_tlv
 
fr_dict_attr_t const * attr_eap_fast_pac_key
 
fr_dict_attr_t const * attr_eap_fast_pac_lifetime
 
fr_dict_attr_t const * attr_eap_fast_pac_opaque_i_id
 
fr_dict_attr_t const * attr_eap_fast_pac_opaque_pac_key
 
fr_dict_attr_t const * attr_eap_fast_pac_opaque_pac_lifetime
 
fr_dict_attr_t const * attr_eap_fast_pac_opaque_pac_type
 
fr_dict_attr_t const * attr_eap_fast_pac_opaque_tlv
 
fr_dict_attr_t const * attr_eap_fast_pac_tlv
 
fr_dict_attr_t const * attr_eap_fast_pac_type
 
fr_dict_attr_t const * attr_eap_fast_result
 
fr_dict_attr_t const * attr_eap_fast_vendor_specific
 
fr_dict_attr_t const * attr_eap_message
 
fr_dict_attr_t const * attr_eap_msk
 
fr_dict_attr_t const * attr_eap_tls_require_client_cert
 
fr_dict_attr_t const * attr_eap_type
 
fr_dict_attr_t const * attr_freeradius_proxied_to
 
fr_dict_attr_t const * attr_ms_chap_challenge
 
fr_dict_attr_t const * attr_ms_chap_peer_challenge
 
fr_dict_attr_t const * attr_ms_mppe_recv_key
 
fr_dict_attr_t const * attr_ms_mppe_send_key
 
fr_dict_attr_t const * attr_proxy_to_realm
 
fr_dict_attr_t const * attr_user_name
 
fr_dict_attr_t const * attr_user_password
 
fr_dict_t const * dict_eap_fast
 
static fr_dict_t const * dict_freeradius
 
static fr_dict_t const * dict_radius
 
rlm_eap_submodule_t rlm_eap_fast
 
fr_dict_autoload_t rlm_eap_fast_dict []
 
fr_dict_attr_autoload_t rlm_eap_fast_dict_attr []
 
static conf_parser_t submodule_config []
 

Detailed Description

contains the interfaces that are called from eap

Id
2b126812c0f442c6c6af6595d8ef55bc8b2d2350
Author
Alexander Clouter (alex@.nosp@m.digr.nosp@m.iz.or.nosp@m.g.uk)
Copyright
2016 Alan DeKok (aland.nosp@m.@fre.nosp@m.eradi.nosp@m.us.o.nosp@m.rg)
2016 The FreeRADIUS server project

Definition in file rlm_eap_fast.c.

Data Structure Documentation

◆ rlm_eap_fast_t

struct rlm_eap_fast_t

Definition at line 42 of file rlm_eap_fast.c.

+ Collaboration diagram for rlm_eap_fast_t:
Data Fields
uint8_t a_id[PAC_A_ID_LENGTH] The identity we present in the EAP-TLS.
char const * authority_identity The identity we present in the EAP-TLS.
char const * cipher_list cipher list specific to EAP-FAST
int default_provisioning_method
char const * default_provisioning_method_name
fr_time_delta_t pac_lifetime seconds to add to current time to describe PAC lifetime
char const * pac_opaque_key The key used to encrypt PAC-Opaque.
bool req_client_cert Whether we require a client cert in the outer tunnel.
CONF_SECTION * server_cs
int stage Processing stage.
fr_tls_conf_t * tls_conf TLS config pointer.
char const * tls_conf_name Name of shared TLS config.
char const * virtual_server Virtual server to use for processing inner EAP method.

◆ rlm_eap_fast_thread_t

struct rlm_eap_fast_thread_t

Definition at line 35 of file rlm_eap_fast.c.

Data Fields
SSL_CTX * ssl_ctx Thread local SSL_CTX.

Function Documentation

◆ _session_secret()

static int _session_secret ( SSL *  s,
void *  secret,
int *  secret_len,
UNUSED STACK_OF(SSL_CIPHER) *  peer_ciphers,
UNUSED SSL_CIPHER const **  cipher,
void *  arg 
)
static

Definition at line 221 of file rlm_eap_fast.c.

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ _session_ticket()

static int _session_ticket ( SSL *  s,
uint8_t const *  data,
int  len,
void *  arg 
)
static

Definition at line 255 of file rlm_eap_fast.c.

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ eap_fast_alloc()

static eap_fast_tunnel_t* eap_fast_alloc ( TALLOC_CTX *  ctx,
rlm_eap_fast_t const *  inst 
)
static

Allocate the FAST per-session data.

Definition at line 186 of file rlm_eap_fast.c.

+ Here is the caller graph for this function:

◆ eap_fast_session_ticket()

static void eap_fast_session_ticket ( fr_tls_session_t *  tls_session,
const SSL *  s,
uint8_t secret,
int *  secret_len 
)
static

Definition at line 205 of file rlm_eap_fast.c.

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ mod_handshake_process()

static unlang_action_t mod_handshake_process ( UNUSED rlm_rcode_t p_result,
UNUSED module_ctx_t const *  mctx,
request_t request 
)
static

Definition at line 507 of file rlm_eap_fast.c.

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ mod_handshake_resume()

static unlang_action_t mod_handshake_resume ( rlm_rcode_t p_result,
module_ctx_t const *  mctx,
request_t request 
)
static

Definition at line 385 of file rlm_eap_fast.c.

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ mod_instantiate()

static int mod_instantiate ( module_inst_ctx_t const *  mctx)
static

Definition at line 628 of file rlm_eap_fast.c.

+ Here is the call graph for this function:

◆ mod_session_init()

static unlang_action_t mod_session_init ( rlm_rcode_t p_result,
module_ctx_t const *  mctx,
request_t request 
)
static

Definition at line 526 of file rlm_eap_fast.c.

+ Here is the call graph for this function:

◆ mod_thread_detach()

static int mod_thread_detach ( module_thread_inst_ctx_t const *  mctx)
static

Definition at line 615 of file rlm_eap_fast.c.

◆ mod_thread_instantiate()

static int mod_thread_instantiate ( module_thread_inst_ctx_t const *  mctx)
static

Definition at line 604 of file rlm_eap_fast.c.

Variable Documentation

◆ attr_eap_emsk

fr_dict_attr_t const* attr_eap_emsk

Definition at line 94 of file rlm_eap_fast.c.

◆ attr_eap_fast_crypto_binding

fr_dict_attr_t const* attr_eap_fast_crypto_binding

Definition at line 109 of file rlm_eap_fast.c.

◆ attr_eap_fast_eap_payload

fr_dict_attr_t const* attr_eap_fast_eap_payload

Definition at line 110 of file rlm_eap_fast.c.

◆ attr_eap_fast_error

fr_dict_attr_t const* attr_eap_fast_error

Definition at line 111 of file rlm_eap_fast.c.

◆ attr_eap_fast_intermediate_result

fr_dict_attr_t const* attr_eap_fast_intermediate_result

Definition at line 112 of file rlm_eap_fast.c.

◆ attr_eap_fast_nak

fr_dict_attr_t const* attr_eap_fast_nak

Definition at line 113 of file rlm_eap_fast.c.

◆ attr_eap_fast_pac_a_id

fr_dict_attr_t const* attr_eap_fast_pac_a_id

Definition at line 114 of file rlm_eap_fast.c.

◆ attr_eap_fast_pac_a_id_info

fr_dict_attr_t const* attr_eap_fast_pac_a_id_info

Definition at line 115 of file rlm_eap_fast.c.

◆ attr_eap_fast_pac_acknowledge

fr_dict_attr_t const* attr_eap_fast_pac_acknowledge

Definition at line 116 of file rlm_eap_fast.c.

◆ attr_eap_fast_pac_i_id

fr_dict_attr_t const* attr_eap_fast_pac_i_id

Definition at line 117 of file rlm_eap_fast.c.

◆ attr_eap_fast_pac_info_a_id

fr_dict_attr_t const* attr_eap_fast_pac_info_a_id

Definition at line 118 of file rlm_eap_fast.c.

◆ attr_eap_fast_pac_info_a_id_info

fr_dict_attr_t const* attr_eap_fast_pac_info_a_id_info

Definition at line 119 of file rlm_eap_fast.c.

◆ attr_eap_fast_pac_info_i_id

fr_dict_attr_t const* attr_eap_fast_pac_info_i_id

Definition at line 120 of file rlm_eap_fast.c.

◆ attr_eap_fast_pac_info_pac_lifetime

fr_dict_attr_t const* attr_eap_fast_pac_info_pac_lifetime

Definition at line 121 of file rlm_eap_fast.c.

◆ attr_eap_fast_pac_info_pac_type

fr_dict_attr_t const* attr_eap_fast_pac_info_pac_type

Definition at line 122 of file rlm_eap_fast.c.

◆ attr_eap_fast_pac_info_tlv

fr_dict_attr_t const* attr_eap_fast_pac_info_tlv

Definition at line 123 of file rlm_eap_fast.c.

◆ attr_eap_fast_pac_key

fr_dict_attr_t const* attr_eap_fast_pac_key

Definition at line 124 of file rlm_eap_fast.c.

◆ attr_eap_fast_pac_lifetime

fr_dict_attr_t const* attr_eap_fast_pac_lifetime

Definition at line 125 of file rlm_eap_fast.c.

◆ attr_eap_fast_pac_opaque_i_id

fr_dict_attr_t const* attr_eap_fast_pac_opaque_i_id

Definition at line 126 of file rlm_eap_fast.c.

◆ attr_eap_fast_pac_opaque_pac_key

fr_dict_attr_t const* attr_eap_fast_pac_opaque_pac_key

Definition at line 127 of file rlm_eap_fast.c.

◆ attr_eap_fast_pac_opaque_pac_lifetime

fr_dict_attr_t const* attr_eap_fast_pac_opaque_pac_lifetime

Definition at line 128 of file rlm_eap_fast.c.

◆ attr_eap_fast_pac_opaque_pac_type

fr_dict_attr_t const* attr_eap_fast_pac_opaque_pac_type

Definition at line 129 of file rlm_eap_fast.c.

◆ attr_eap_fast_pac_opaque_tlv

fr_dict_attr_t const* attr_eap_fast_pac_opaque_tlv

Definition at line 130 of file rlm_eap_fast.c.

◆ attr_eap_fast_pac_tlv

fr_dict_attr_t const* attr_eap_fast_pac_tlv

Definition at line 131 of file rlm_eap_fast.c.

◆ attr_eap_fast_pac_type

fr_dict_attr_t const* attr_eap_fast_pac_type

Definition at line 132 of file rlm_eap_fast.c.

◆ attr_eap_fast_result

fr_dict_attr_t const* attr_eap_fast_result

Definition at line 133 of file rlm_eap_fast.c.

◆ attr_eap_fast_vendor_specific

fr_dict_attr_t const* attr_eap_fast_vendor_specific

Definition at line 134 of file rlm_eap_fast.c.

◆ attr_eap_message

fr_dict_attr_t const* attr_eap_message

Definition at line 102 of file rlm_eap_fast.c.

◆ attr_eap_msk

fr_dict_attr_t const* attr_eap_msk

Definition at line 95 of file rlm_eap_fast.c.

◆ attr_eap_tls_require_client_cert

fr_dict_attr_t const* attr_eap_tls_require_client_cert

Definition at line 96 of file rlm_eap_fast.c.

◆ attr_eap_type

fr_dict_attr_t const* attr_eap_type

Definition at line 97 of file rlm_eap_fast.c.

◆ attr_freeradius_proxied_to

fr_dict_attr_t const* attr_freeradius_proxied_to

Definition at line 103 of file rlm_eap_fast.c.

◆ attr_ms_chap_challenge

fr_dict_attr_t const* attr_ms_chap_challenge

Definition at line 98 of file rlm_eap_fast.c.

◆ attr_ms_chap_peer_challenge

fr_dict_attr_t const* attr_ms_chap_peer_challenge

Definition at line 99 of file rlm_eap_fast.c.

◆ attr_ms_mppe_recv_key

fr_dict_attr_t const* attr_ms_mppe_recv_key

Definition at line 105 of file rlm_eap_fast.c.

◆ attr_ms_mppe_send_key

fr_dict_attr_t const* attr_ms_mppe_send_key

Definition at line 104 of file rlm_eap_fast.c.

◆ attr_proxy_to_realm

fr_dict_attr_t const* attr_proxy_to_realm

Definition at line 100 of file rlm_eap_fast.c.

◆ attr_user_name

fr_dict_attr_t const* attr_user_name

Definition at line 106 of file rlm_eap_fast.c.

◆ attr_user_password

fr_dict_attr_t const* attr_user_password

Definition at line 107 of file rlm_eap_fast.c.

◆ dict_eap_fast

fr_dict_t const* dict_eap_fast

Definition at line 84 of file rlm_eap_fast.c.

◆ dict_freeradius

fr_dict_t const* dict_freeradius
static

Definition at line 82 of file rlm_eap_fast.c.

◆ dict_radius

fr_dict_t const* dict_radius
static

Definition at line 83 of file rlm_eap_fast.c.

◆ rlm_eap_fast

rlm_eap_submodule_t rlm_eap_fast
Initial value:
= {
.common = {
.magic = MODULE_MAGIC_INIT,
.name = "eap_fast",
.inst_size = sizeof(rlm_eap_fast_t),
.config = submodule_config,
.instantiate = mod_instantiate,
.thread_inst_size = sizeof(rlm_eap_fast_thread_t),
.thread_instantiate = mod_thread_instantiate,
.thread_detach = mod_thread_detach,
},
.provides = { FR_EAP_METHOD_FAST },
.session_init = mod_session_init,
}
MODULE_MAGIC_INIT
#define MODULE_MAGIC_INIT
Stop people using different module/library/server versions together.
Definition: dl_module.h:63
FR_EAP_METHOD_FAST
@ FR_EAP_METHOD_FAST
Definition: types.h:89
config
static const conf_parser_t config[]
Definition: base.c:183
mod_thread_instantiate
static int mod_thread_instantiate(module_thread_inst_ctx_t const *mctx)
Definition: rlm_eap_fast.c:604
submodule_config
static conf_parser_t submodule_config[]
Definition: rlm_eap_fast.c:65
mod_thread_detach
static int mod_thread_detach(module_thread_inst_ctx_t const *mctx)
Definition: rlm_eap_fast.c:615
mod_instantiate
static int mod_instantiate(module_inst_ctx_t const *mctx)
Definition: rlm_eap_fast.c:628
mod_session_init
static unlang_action_t mod_session_init(rlm_rcode_t *p_result, module_ctx_t const *mctx, request_t *request)
Definition: rlm_eap_fast.c:526
rlm_eap_fast_t
Definition: rlm_eap_fast.c:42
rlm_eap_fast_thread_t
Definition: rlm_eap_fast.c:35
instantiate
static int instantiate(module_inst_ctx_t const *mctx)
Definition: rlm_rest.c:1302

Definition at line 696 of file rlm_eap_fast.c.

◆ rlm_eap_fast_dict

fr_dict_autoload_t rlm_eap_fast_dict
Initial value:
= {
{ .out = &dict_freeradius, .proto = "freeradius" },
{ .out = &dict_radius, .proto = "radius" },
{ .out = &dict_eap_fast, .base_dir = "eap/fast", .proto = "eap-fast" },
{ NULL }
}
dict_freeradius
static fr_dict_t const * dict_freeradius
Definition: rlm_eap_fast.c:82
dict_radius
static fr_dict_t const * dict_radius
Definition: rlm_eap_fast.c:83
dict_eap_fast
fr_dict_t const * dict_eap_fast
Definition: rlm_eap_fast.c:84

Definition at line 87 of file rlm_eap_fast.c.

◆ rlm_eap_fast_dict_attr

fr_dict_attr_autoload_t rlm_eap_fast_dict_attr

Definition at line 137 of file rlm_eap_fast.c.

◆ submodule_config

conf_parser_t submodule_config[]
static
Initial value:
= {
{ FR_CONF_OFFSET("tls", rlm_eap_fast_t, tls_conf_name) },
{ FR_CONF_OFFSET("default_provisioning_eap_type", rlm_eap_fast_t, default_provisioning_method_name), .dflt = "mschapv2" },
{ FR_CONF_OFFSET_FLAGS("virtual_server", CONF_FLAG_REQUIRED | CONF_FLAG_NOT_EMPTY, rlm_eap_fast_t, virtual_server) },
{ FR_CONF_OFFSET("cipher_list", rlm_eap_fast_t, cipher_list) },
{ FR_CONF_OFFSET("require_client_cert", rlm_eap_fast_t, req_client_cert), .dflt = "no" },
{ FR_CONF_OFFSET("pac_lifetime", rlm_eap_fast_t, pac_lifetime), .dflt = "604800" },
{ FR_CONF_OFFSET_FLAGS("authority_identity", CONF_FLAG_REQUIRED, rlm_eap_fast_t, authority_identity) },
{ FR_CONF_OFFSET_FLAGS("pac_opaque_key", CONF_FLAG_REQUIRED, rlm_eap_fast_t, pac_opaque_key) },
CONF_PARSER_TERMINATOR
}
CONF_PARSER_TERMINATOR
#define CONF_PARSER_TERMINATOR
Definition: cf_parse.h:627
FR_CONF_OFFSET
#define FR_CONF_OFFSET(_name, _struct, _field)
conf_parser_t which parses a single CONF_PAIR, writing the result to a field in a struct
Definition: cf_parse.h:268
FR_CONF_OFFSET_FLAGS
#define FR_CONF_OFFSET_FLAGS(_name, _flags, _struct, _field)
conf_parser_t which parses a single CONF_PAIR, writing the result to a field in a struct
Definition: cf_parse.h:256
CONF_FLAG_REQUIRED
@ CONF_FLAG_REQUIRED
Error out if no matching CONF_PAIR is found, and no dflt value is set.
Definition: cf_parse.h:405
CONF_FLAG_NOT_EMPTY
@ CONF_FLAG_NOT_EMPTY
CONF_PAIR is required to have a non zero length value.
Definition: cf_parse.h:420

Definition at line 65 of file rlm_eap_fast.c.

Generated by   doxygen 1.9.1