The FreeRADIUS server $Id: 15bac2a4c627c01d1aa2047687b3418955ac7f00 $
Loading...
Searching...
No Matches
Data Structures | Macros | Enumerations | Functions | Variables
rlm_eap_peap.c File Reference
#include <freeradius-devel/eap/tls.h>
+ Include dependency graph for rlm_eap_peap.c:

Go to the source code of this file.

Data Structures

struct  peap_tunnel_t
 
struct  rlm_eap_peap_t
 
struct  rlm_eap_peap_thread_t
 

Macros

#define EAP_TLV_ACK_RESULT   (3)
 
#define EAP_TLV_FAILURE   (2)
 
#define EAP_TLV_SUCCESS   (1)
 
#define FR_PEAP_EXTENSIONS_TYPE   33
 

Enumerations

enum  peap_resumption {
  PEAP_RESUMPTION_NO ,
  PEAP_RESUMPTION_YES ,
  PEAP_RESUMPTION_MAYBE
}
 
enum  peap_status {
  PEAP_STATUS_INVALID ,
  PEAP_STATUS_SENT_TLV_SUCCESS ,
  PEAP_STATUS_SENT_TLV_FAILURE ,
  PEAP_STATUS_TUNNEL_ESTABLISHED ,
  PEAP_STATUS_INNER_IDENTITY_REQ_SENT ,
  PEAP_STATUS_PHASE2_INIT ,
  PEAP_STATUS_PHASE2
}
 

Functions

static int eap_peap_check_tlv (request_t *request, uint8_t const *data, size_t data_len)
 
static int eap_peap_failure (request_t *request, eap_session_t *eap_session, fr_tls_session_t *tls_session)
 
static int eap_peap_identity (request_t *request, eap_session_t *eap_session, fr_tls_session_t *tls_session)
 
static int eap_peap_inner_from_pairs (request_t *request, fr_tls_session_t *tls_session, fr_pair_list_t *vps)
 
static void eap_peap_inner_to_pairs (TALLOC_CTX *ctx, fr_pair_list_t *pairs, eap_round_t *eap_round, uint8_t const *data, size_t data_len)
 
static unlang_action_t eap_peap_process (unlang_result_t *p_result, module_ctx_t const *mctx, request_t *request, eap_session_t *eap_session, fr_tls_session_t *tls_session)
 
static int eap_peap_success (request_t *request, eap_session_t *eap_session, fr_tls_session_t *tls_session)
 
static int eap_peap_verify (request_t *request, peap_tunnel_t *peap_tunnel, uint8_t const *data, size_t data_len)
 
static unlang_action_t mod_handshake_process (UNUSED unlang_result_t *p_result, UNUSED module_ctx_t const *mctx, request_t *request)
 
static unlang_action_t mod_handshake_resume (unlang_result_t *p_result, module_ctx_t const *mctx, request_t *request)
 
static int mod_instantiate (module_inst_ctx_t const *mctx)
 
static unlang_action_t mod_session_init (UNUSED unlang_result_t *p_result, module_ctx_t const *mctx, request_t *request)
 
static unlang_action_t mod_session_init_resume (unlang_result_t *p_result, module_ctx_t const *mctx, request_t *request)
 
static int mod_thread_detach (module_thread_inst_ctx_t const *mctx)
 
static int mod_thread_instantiate (module_thread_inst_ctx_t const *mctx)
 
static peap_tunnel_tpeap_alloc (TALLOC_CTX *ctx)
 
static char const * peap_state (peap_tunnel_t *t)
 
static unlang_action_t process_rcode (unlang_result_t *p_result, module_ctx_t const *mctx, request_t *request)
 
static unlang_action_t process_reply (unlang_result_t *p_result, request_t *request, UNUSED void *uctx)
 

Variables

fr_dict_attr_t const * attr_auth_type
 
fr_dict_attr_t const * attr_eap_message
 
fr_dict_attr_t const * attr_eap_tls_require_client_cert
 
fr_dict_attr_t const * attr_user_name
 
static fr_dict_t const * dict_freeradius
 
static fr_dict_t const * dict_radius
 
rlm_eap_submodule_t rlm_eap_peap
 
fr_dict_autoload_t rlm_eap_peap_dict []
 
fr_dict_attr_autoload_t rlm_eap_peap_dict_attr []
 
static conf_parser_t submodule_config []
 

Data Structure Documentation

◆ peap_tunnel_t

struct peap_tunnel_t

Definition at line 63 of file rlm_eap_peap.c.

+ Collaboration diagram for peap_tunnel_t:
Data Fields
int default_method
bool home_access_accept
peap_resumption session_resumption_state
peap_status status
fr_pair_t * username

◆ rlm_eap_peap_t

struct rlm_eap_peap_t

Definition at line 31 of file rlm_eap_peap.c.

+ Collaboration diagram for rlm_eap_peap_t:
Data Fields
bool copy_request_to_tunnel Use SOME of the request attributes from outside of the tunneled session in the tunneled request.
bool req_client_cert Do we do require a client cert?
CONF_SECTION * server_cs
fr_tls_conf_t * tls_conf
char const * tls_conf_name TLS configuration.
bool use_tunneled_reply Use the reply attributes from the tunneled session in the non-tunneled reply to the client.
virtual_server_t * virtual_server Virtual server for inner tunnel session.

◆ rlm_eap_peap_thread_t

struct rlm_eap_peap_thread_t

Definition at line 27 of file rlm_eap_peap.c.

Data Fields
SSL_CTX * ssl_ctx Thread local SSL_CTX.

Macro Definition Documentation

◆ EAP_TLV_ACK_RESULT

#define EAP_TLV_ACK_RESULT   (3)

Definition at line 73 of file rlm_eap_peap.c.

◆ EAP_TLV_FAILURE

#define EAP_TLV_FAILURE   (2)

Definition at line 72 of file rlm_eap_peap.c.

◆ EAP_TLV_SUCCESS

#define EAP_TLV_SUCCESS   (1)

Definition at line 71 of file rlm_eap_peap.c.

◆ FR_PEAP_EXTENSIONS_TYPE

#define FR_PEAP_EXTENSIONS_TYPE   33

Definition at line 75 of file rlm_eap_peap.c.

Enumeration Type Documentation

◆ peap_resumption

Enumerator
PEAP_RESUMPTION_NO 
PEAP_RESUMPTION_YES 
PEAP_RESUMPTION_MAYBE 

Definition at line 57 of file rlm_eap_peap.c.

◆ peap_status

Enumerator
PEAP_STATUS_INVALID 
PEAP_STATUS_SENT_TLV_SUCCESS 
PEAP_STATUS_SENT_TLV_FAILURE 
PEAP_STATUS_TUNNEL_ESTABLISHED 
PEAP_STATUS_INNER_IDENTITY_REQ_SENT 
PEAP_STATUS_PHASE2_INIT 
PEAP_STATUS_PHASE2 

Definition at line 47 of file rlm_eap_peap.c.

Function Documentation

◆ eap_peap_check_tlv()

static int eap_peap_check_tlv ( request_t request,
uint8_t const *  data,
size_t  data_len 
)
static

Definition at line 332 of file rlm_eap_peap.c.

+ Here is the caller graph for this function:

◆ eap_peap_failure()

static int eap_peap_failure ( request_t request,
eap_session_t eap_session,
fr_tls_session_t *  tls_session 
)
static

Definition at line 124 of file rlm_eap_peap.c.

+ Here is the caller graph for this function:

◆ eap_peap_identity()

static int eap_peap_identity ( request_t request,
eap_session_t eap_session,
fr_tls_session_t *  tls_session 
)
static

Definition at line 186 of file rlm_eap_peap.c.

+ Here is the caller graph for this function:

◆ eap_peap_inner_from_pairs()

static int eap_peap_inner_from_pairs ( request_t request,
fr_tls_session_t *  tls_session,
fr_pair_list_t vps 
)
static

Definition at line 300 of file rlm_eap_peap.c.

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ eap_peap_inner_to_pairs()

static void eap_peap_inner_to_pairs ( TALLOC_CTX *  ctx,
fr_pair_list_t pairs,
eap_round_t eap_round,
uint8_t const *  data,
size_t  data_len 
)
static

Definition at line 260 of file rlm_eap_peap.c.

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ eap_peap_process()

static unlang_action_t eap_peap_process ( unlang_result_t p_result,
module_ctx_t const *  mctx,
request_t request,
eap_session_t eap_session,
fr_tls_session_t *  tls_session 
)
static

Definition at line 459 of file rlm_eap_peap.c.

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ eap_peap_success()

static int eap_peap_success ( request_t request,
eap_session_t eap_session,
fr_tls_session_t *  tls_session 
)
static

Definition at line 157 of file rlm_eap_peap.c.

+ Here is the caller graph for this function:

◆ eap_peap_verify()

static int eap_peap_verify ( request_t request,
peap_tunnel_t peap_tunnel,
uint8_t const *  data,
size_t  data_len 
)
static

Definition at line 206 of file rlm_eap_peap.c.

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ mod_handshake_process()

static unlang_action_t mod_handshake_process ( UNUSED unlang_result_t p_result,
UNUSED module_ctx_t const *  mctx,
request_t request 
)
static

Definition at line 888 of file rlm_eap_peap.c.

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ mod_handshake_resume()

static unlang_action_t mod_handshake_resume ( unlang_result_t p_result,
module_ctx_t const *  mctx,
request_t request 
)
static

Definition at line 802 of file rlm_eap_peap.c.

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ mod_instantiate()

static int mod_instantiate ( module_inst_ctx_t const *  mctx)
static

Definition at line 1010 of file rlm_eap_peap.c.

+ Here is the call graph for this function:

◆ mod_session_init()

static unlang_action_t mod_session_init ( UNUSED unlang_result_t p_result,
module_ctx_t const *  mctx,
request_t request 
)
static

Definition at line 972 of file rlm_eap_peap.c.

+ Here is the call graph for this function:

◆ mod_session_init_resume()

static unlang_action_t mod_session_init_resume ( unlang_result_t p_result,
module_ctx_t const *  mctx,
request_t request 
)
static

Definition at line 904 of file rlm_eap_peap.c.

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ mod_thread_detach()

static int mod_thread_detach ( module_thread_inst_ctx_t const *  mctx)
static

Definition at line 997 of file rlm_eap_peap.c.

◆ mod_thread_instantiate()

static int mod_thread_instantiate ( module_thread_inst_ctx_t const *  mctx)
static

Definition at line 986 of file rlm_eap_peap.c.

◆ peap_alloc()

static peap_tunnel_t * peap_alloc ( TALLOC_CTX *  ctx)
static

Definition at line 726 of file rlm_eap_peap.c.

+ Here is the caller graph for this function:

◆ peap_state()

static char const * peap_state ( peap_tunnel_t t)
static

Definition at line 429 of file rlm_eap_peap.c.

+ Here is the caller graph for this function:

◆ process_rcode()

static unlang_action_t process_rcode ( unlang_result_t p_result,
module_ctx_t const *  mctx,
request_t request 
)
static

Definition at line 739 of file rlm_eap_peap.c.

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ process_reply()

static unlang_action_t process_reply ( unlang_result_t p_result,
request_t request,
UNUSED void *  uctx 
)
static

Definition at line 362 of file rlm_eap_peap.c.

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

Variable Documentation

◆ attr_auth_type

fr_dict_attr_t const* attr_auth_type

Definition at line 102 of file rlm_eap_peap.c.

◆ attr_eap_message

fr_dict_attr_t const* attr_eap_message

Definition at line 105 of file rlm_eap_peap.c.

◆ attr_eap_tls_require_client_cert

fr_dict_attr_t const* attr_eap_tls_require_client_cert

Definition at line 103 of file rlm_eap_peap.c.

◆ attr_user_name

fr_dict_attr_t const* attr_user_name

Definition at line 106 of file rlm_eap_peap.c.

◆ dict_freeradius

fr_dict_t const* dict_freeradius
static

Definition at line 92 of file rlm_eap_peap.c.

◆ dict_radius

fr_dict_t const* dict_radius
static

Definition at line 93 of file rlm_eap_peap.c.

◆ rlm_eap_peap

rlm_eap_submodule_t rlm_eap_peap
Initial value:
= {
.common = {
.name = "eap_peap",
.inst_size = sizeof(rlm_eap_peap_t),
.instantiate = mod_instantiate,
.thread_inst_size = sizeof(rlm_eap_peap_thread_t),
.thread_instantiate = mod_thread_instantiate,
.thread_detach = mod_thread_detach,
},
.provides = { FR_EAP_METHOD_PEAP },
.session_init = mod_session_init,
}
#define MODULE_MAGIC_INIT
Stop people using different module/library/server versions together.
Definition dl_module.h:63
@ FR_EAP_METHOD_PEAP
Definition types.h:70
static const conf_parser_t config[]
Definition base.c:186
static int mod_thread_instantiate(module_thread_inst_ctx_t const *mctx)
static conf_parser_t submodule_config[]
static unlang_action_t mod_session_init(UNUSED unlang_result_t *p_result, module_ctx_t const *mctx, request_t *request)
static int mod_thread_detach(module_thread_inst_ctx_t const *mctx)
static int mod_instantiate(module_inst_ctx_t const *mctx)

Definition at line 1037 of file rlm_eap_peap.c.

◆ rlm_eap_peap_dict

fr_dict_autoload_t rlm_eap_peap_dict
Initial value:
= {
{ .out = &dict_freeradius, .proto = "freeradius" },
{ .out = &dict_radius, .proto = "radius" },
{ NULL }
}
static fr_dict_t const * dict_freeradius
static fr_dict_t const * dict_radius

Definition at line 96 of file rlm_eap_peap.c.

◆ rlm_eap_peap_dict_attr

fr_dict_attr_autoload_t rlm_eap_peap_dict_attr
Initial value:
= {
{ .out = &attr_auth_type, .name = "Auth-Type", .type = FR_TYPE_UINT32, .dict = &dict_freeradius },
{ .out = &attr_eap_tls_require_client_cert, .name = "EAP-TLS-Require-Client-Cert", .type = FR_TYPE_UINT32, .dict = &dict_freeradius },
{ .out = &attr_eap_message, .name = "EAP-Message", .type = FR_TYPE_OCTETS, .dict = &dict_radius },
{ .out = &attr_user_name, .name = "User-Name", .type = FR_TYPE_STRING, .dict = &dict_radius },
{ NULL }
}
@ FR_TYPE_STRING
String of printable characters.
@ FR_TYPE_UINT32
32 Bit unsigned integer.
@ FR_TYPE_OCTETS
Raw octets.
fr_dict_attr_t const * attr_eap_message
fr_dict_attr_t const * attr_eap_tls_require_client_cert
fr_dict_attr_t const * attr_auth_type
fr_dict_attr_t const * attr_user_name

Definition at line 109 of file rlm_eap_peap.c.

◆ submodule_config

conf_parser_t submodule_config[]
static
Initial value:
= {
{ FR_CONF_OFFSET("tls", rlm_eap_peap_t, tls_conf_name) },
{ FR_CONF_DEPRECATED("copy_request_to_tunnel", rlm_eap_peap_t, NULL), .dflt = "no" },
{ FR_CONF_DEPRECATED("use_tunneled_reply", rlm_eap_peap_t, NULL), .dflt = "no" },
.uctx = &(virtual_server_cf_parse_uctx_t){ .process_module_name = "radius"} },
{ FR_CONF_OFFSET("require_client_cert", rlm_eap_peap_t, req_client_cert), .dflt = "no" },
}
#define CONF_PARSER_TERMINATOR
Definition cf_parse.h:662
#define FR_CONF_DEPRECATED(_name, _struct, _field)
conf_parser_t entry which raises an error if a matching CONF_PAIR is found
Definition cf_parse.h:414
#define FR_CONF_OFFSET(_name, _struct, _field)
conf_parser_t which parses a single CONF_PAIR, writing the result to a field in a struct
Definition cf_parse.h:284
@ CONF_FLAG_REQUIRED
Error out if no matching CONF_PAIR is found, and no dflt value is set.
Definition cf_parse.h:434
@ CONF_FLAG_NOT_EMPTY
CONF_PAIR is required to have a non zero length value.
Definition cf_parse.h:452
#define FR_CONF_OFFSET_TYPE_FLAGS(_name, _type, _flags, _struct, _field)
conf_parser_t which parses a single CONF_PAIR, writing the result to a field in a struct
Definition cf_parse.h:241
@ FR_TYPE_VOID
User data.
int virtual_server_cf_parse(UNUSED TALLOC_CTX *ctx, void *out, UNUSED void *parent, CONF_ITEM *ci, UNUSED conf_parser_t const *rule)
Wrapper for the config parser to allow pass1 resolution of virtual servers.
Additional validation rules for virtual server lookup.

Definition at line 77 of file rlm_eap_peap.c.