rlm_eap_ttls.c File Reference

EAP-TTLS as defined by RFC 5281. More...

#include <freeradius-devel/eap/tls.h>
#include <freeradius-devel/eap/chbind.h>
#include <freeradius-devel/tls/strerror.h>

Include dependency graph for rlm_eap_ttls.c:

Go to the source code of this file.

Data Structures
struct	rlm_eap_ttls_t
struct	rlm_eap_ttls_thread_t
struct	ttls_tunnel_t

Macros
#define	FR_DIAMETER_AVP_FLAG_MANDATORY   0x40
#define	FR_DIAMETER_AVP_FLAG_VENDOR   0x80

Functions
static int	diameter_verify (request_t *request, uint8_t const *data, unsigned int data_len)
static ssize_t	eap_ttls_decode_pair (request_t *request, TALLOC_CTX *ctx, fr_pair_list_t *out, fr_dict_attr_t const *parent, uint8_t const *data, size_t data_len, void *decode_ctx)
static unlang_action_t	eap_ttls_process (unlang_result_t *p_result, module_ctx_t const *mctx, request_t *request, eap_session_t *eap_session, fr_tls_session_t *tls_session)
static unlang_action_t	eap_ttls_success (unlang_result_t *p_result, request_t *request, eap_session_t *eap_session)
static unlang_action_t	mod_handshake_process (UNUSED unlang_result_t *p_result, UNUSED module_ctx_t const *mctx, request_t *request)
static unlang_action_t	mod_handshake_resume (unlang_result_t *p_result, module_ctx_t const *mctx, request_t *request)
static int	mod_instantiate (module_inst_ctx_t const *mctx)
static unlang_action_t	mod_session_init (UNUSED unlang_result_t *p_result, module_ctx_t const *mctx, request_t *request)
static unlang_action_t	mod_session_init_resume (unlang_result_t *p_result, module_ctx_t const *mctx, request_t *request)
static int	mod_thread_detach (module_thread_inst_ctx_t const *mctx)
static int	mod_thread_instantiate (module_thread_inst_ctx_t const *mctx)
static unlang_action_t	process_reply (unlang_result_t *p_result, module_ctx_t const *mctx, request_t *request)
static ttls_tunnel_t *	ttls_alloc (TALLOC_CTX *ctx)
static int	vp2diameter (request_t *request, fr_tls_session_t *tls_session, fr_pair_list_t *list)

Variables
static fr_dict_attr_t const *	attr_chap_challenge
static fr_dict_attr_t const *	attr_eap_channel_binding_message
static fr_dict_attr_t const *	attr_eap_message
static fr_dict_attr_t const *	attr_eap_tls_require_client_cert
static fr_dict_attr_t const *	attr_ms_chap2_success
static fr_dict_attr_t const *	attr_ms_chap_challenge
static fr_dict_attr_t const *	attr_reply_message
static fr_dict_attr_t const *	attr_user_name
static fr_dict_attr_t const *	attr_user_password
static fr_dict_attr_t const *	attr_vendor_specific
static fr_dict_t const *	dict_freeradius
static fr_dict_t const *	dict_radius
rlm_eap_submodule_t	rlm_eap_ttls
fr_dict_autoload_t	rlm_eap_ttls_dict []
fr_dict_attr_autoload_t	rlm_eap_ttls_dict_attr []
static conf_parser_t	submodule_config []

Detailed Description

EAP-TTLS as defined by RFC 5281.

Id

2df37f0e540692ac185cb0d4c079d883f5b665a5

Copyright

2003 Alan DeKok (aland.nosp@m.@fre.nosp@m.eradi.nosp@m.us.o.nosp@m.rg)

2006 The FreeRADIUS server project

Definition in file rlm_eap_ttls.c.

---

Data Structure Documentation

rlm_eap_ttls_t

struct rlm_eap_ttls_t

Definition at line 37 of file rlm_eap_ttls.c.

Collaboration diagram for rlm_eap_ttls_t:

Data Fields
bool	include_length
bool	req_client_cert
CONF_SECTION *	server_cs
fr_tls_conf_t *	tls_conf
char const *	tls_conf_name
virtual_server_t *	virtual_server

rlm_eap_ttls_thread_t

struct rlm_eap_ttls_thread_t

Definition at line 33 of file rlm_eap_ttls.c.

Data Fields
SSL_CTX *	ssl_ctx	Thread local SSL_CTX.

ttls_tunnel_t

struct ttls_tunnel_t

Definition at line 67 of file rlm_eap_ttls.c.

Collaboration diagram for ttls_tunnel_t:

Data Fields
bool	authenticated
fr_pair_t *	username

Macro Definition Documentation

FR_DIAMETER_AVP_FLAG_MANDATORY

#define FR_DIAMETER_AVP_FLAG_MANDATORY   0x40

Definition at line 124 of file rlm_eap_ttls.c.

FR_DIAMETER_AVP_FLAG_VENDOR

#define FR_DIAMETER_AVP_FLAG_VENDOR   0x80

Definition at line 123 of file rlm_eap_ttls.c.

Function Documentation

diameter_verify()

static int diameter_verify ( request_t *  request, uint8_t const *  data, unsigned int  data_len  )

static

Definition at line 142 of file rlm_eap_ttls.c.

Here is the caller graph for this function:

eap_ttls_decode_pair()

static ssize_t eap_ttls_decode_pair ( request_t *  request, TALLOC_CTX *  ctx, fr_pair_list_t *  out, fr_dict_attr_t const *  parent, uint8_t const *  data, size_t  data_len, void *  decode_ctx  )

static

Definition at line 233 of file rlm_eap_ttls.c.

Here is the call graph for this function:

Here is the caller graph for this function:

eap_ttls_process()

static unlang_action_t eap_ttls_process ( unlang_result_t *  p_result, module_ctx_t const *  mctx, request_t *  request, eap_session_t *  eap_session, fr_tls_session_t *  tls_session  )

static

Definition at line 721 of file rlm_eap_ttls.c.

Here is the call graph for this function:

Here is the caller graph for this function:

eap_ttls_success()

static unlang_action_t eap_ttls_success ( unlang_result_t *  p_result, request_t *  request, eap_session_t *  eap_session  )

static

Definition at line 569 of file rlm_eap_ttls.c.

Here is the call graph for this function:

Here is the caller graph for this function:

mod_handshake_process()

static unlang_action_t mod_handshake_process ( UNUSED unlang_result_t *  p_result, UNUSED module_ctx_t const *  mctx, request_t *  request  )

static

Definition at line 946 of file rlm_eap_ttls.c.

Here is the call graph for this function:

Here is the caller graph for this function:

mod_handshake_resume()

static unlang_action_t mod_handshake_resume ( unlang_result_t *  p_result, module_ctx_t const *  mctx, request_t *  request  )

static

Definition at line 876 of file rlm_eap_ttls.c.

Here is the call graph for this function:

Here is the caller graph for this function:

mod_instantiate()

static int mod_instantiate ( module_inst_ctx_t const *  mctx )

static

Definition at line 1047 of file rlm_eap_ttls.c.

Here is the call graph for this function:

mod_session_init()

static unlang_action_t mod_session_init ( UNUSED unlang_result_t *  p_result, module_ctx_t const *  mctx, request_t *  request  )

static

Definition at line 1009 of file rlm_eap_ttls.c.

Here is the call graph for this function:

mod_session_init_resume()

static unlang_action_t mod_session_init_resume ( unlang_result_t *  p_result, module_ctx_t const *  mctx, request_t *  request  )

static

Definition at line 962 of file rlm_eap_ttls.c.

Here is the call graph for this function:

Here is the caller graph for this function:

mod_thread_detach()

static int mod_thread_detach ( module_thread_inst_ctx_t const *  mctx )

static

Definition at line 1034 of file rlm_eap_ttls.c.

mod_thread_instantiate()

static int mod_thread_instantiate ( module_thread_inst_ctx_t const *  mctx )

static

Definition at line 1023 of file rlm_eap_ttls.c.

process_reply()

static unlang_action_t process_reply ( unlang_result_t *  p_result, module_ctx_t const *  mctx, request_t *  request  )

static

Definition at line 608 of file rlm_eap_ttls.c.

Here is the call graph for this function:

Here is the caller graph for this function:

ttls_alloc()

static ttls_tunnel_t * ttls_alloc ( TALLOC_CTX *  ctx )

static

Definition at line 867 of file rlm_eap_ttls.c.

Here is the caller graph for this function:

vp2diameter()

static int vp2diameter ( request_t *  request, fr_tls_session_t *  tls_session, fr_pair_list_t *  list  )

static

Definition at line 421 of file rlm_eap_ttls.c.

Here is the call graph for this function:

Here is the caller graph for this function:

Variable Documentation

attr_chap_challenge

fr_dict_attr_t const* attr_chap_challenge

static

Definition at line 96 of file rlm_eap_ttls.c.

attr_eap_channel_binding_message

fr_dict_attr_t const* attr_eap_channel_binding_message

static

Definition at line 101 of file rlm_eap_ttls.c.

attr_eap_message

fr_dict_attr_t const* attr_eap_message

static

Definition at line 98 of file rlm_eap_ttls.c.

attr_eap_tls_require_client_cert

fr_dict_attr_t const* attr_eap_tls_require_client_cert

static

Definition at line 94 of file rlm_eap_ttls.c.

attr_ms_chap2_success

fr_dict_attr_t const* attr_ms_chap2_success

static

Definition at line 97 of file rlm_eap_ttls.c.

attr_ms_chap_challenge

fr_dict_attr_t const* attr_ms_chap_challenge

static

Definition at line 99 of file rlm_eap_ttls.c.

attr_reply_message

fr_dict_attr_t const* attr_reply_message

static

Definition at line 100 of file rlm_eap_ttls.c.

attr_user_name

fr_dict_attr_t const* attr_user_name

static

Definition at line 102 of file rlm_eap_ttls.c.

attr_user_password

fr_dict_attr_t const* attr_user_password

static

Definition at line 103 of file rlm_eap_ttls.c.

attr_vendor_specific

fr_dict_attr_t const* attr_vendor_specific

static

Definition at line 104 of file rlm_eap_ttls.c.

dict_freeradius

fr_dict_t const* dict_freeradius

static

Definition at line 84 of file rlm_eap_ttls.c.

dict_radius

fr_dict_t const* dict_radius

static

Definition at line 85 of file rlm_eap_ttls.c.

rlm_eap_ttls

rlm_eap_submodule_t rlm_eap_ttls

Initial value:

= {
        .common = {
                .magic                  = MODULE_MAGIC_INIT,
                .name                   = "eap_ttls",
 
                .inst_size              = sizeof(rlm_eap_ttls_t),
                .config                 = submodule_config,
                .instantiate            = mod_instantiate,      
 
                .thread_inst_size       = sizeof(rlm_eap_ttls_thread_t),
                .thread_instantiate     = mod_thread_instantiate,
                .thread_detach          = mod_thread_detach,
        },
        .provides               = { FR_EAP_METHOD_TTLS },
        .session_init           = mod_session_init,     
}

Definition at line 1072 of file rlm_eap_ttls.c.

rlm_eap_ttls_dict

fr_dict_autoload_t rlm_eap_ttls_dict

Initial value:

= {
        { .out = &dict_freeradius, .proto = "freeradius" },
        { .out = &dict_radius, .proto = "radius" },
        { NULL }
}

Definition at line 88 of file rlm_eap_ttls.c.

rlm_eap_ttls_dict_attr

fr_dict_attr_autoload_t rlm_eap_ttls_dict_attr

Initial value:

= {
        { .out = &attr_eap_tls_require_client_cert, .name = "EAP-TLS-Require-Client-Cert", .type = FR_TYPE_UINT32, .dict = &dict_freeradius },
 
        { .out = &attr_chap_challenge, .name = "CHAP-Challenge", .type = FR_TYPE_OCTETS, .dict = &dict_radius },
        { .out = &attr_eap_message, .name = "EAP-Message", .type = FR_TYPE_OCTETS, .dict = &dict_radius },
        { .out = &attr_ms_chap_challenge, .name = "Vendor-Specific.Microsoft.CHAP-Challenge", .type = FR_TYPE_OCTETS, .dict = &dict_radius },
        { .out = &attr_ms_chap2_success, .name = "Vendor-Specific.Microsoft.CHAP2-Success", .type = FR_TYPE_OCTETS, .dict = &dict_radius },
        { .out = &attr_reply_message, .name = "Reply-Message", .type = FR_TYPE_STRING, .dict = &dict_radius },
        { .out = &attr_eap_channel_binding_message, .name = "Vendor-Specific.UKERNA.EAP-Channel-Binding-Message", .type = FR_TYPE_OCTETS, .dict = &dict_radius },
        { .out = &attr_user_name, .name = "User-Name", .type = FR_TYPE_STRING, .dict = &dict_radius },
        { .out = &attr_user_password, .name = "User-Password", .type = FR_TYPE_STRING, .dict = &dict_radius },
        { .out = &attr_vendor_specific, .name = "Vendor-Specific", .type = FR_TYPE_VSA, .dict = &dict_radius },
        { NULL }
}

Definition at line 107 of file rlm_eap_ttls.c.

submodule_config

conf_parser_t submodule_config[]

static

Initial value:

= {
        { FR_CONF_OFFSET("tls", rlm_eap_ttls_t, tls_conf_name) },
        { FR_CONF_DEPRECATED("copy_request_to_tunnel", rlm_eap_ttls_t, NULL), .dflt = "no" },
        { FR_CONF_DEPRECATED("use_tunneled_reply", rlm_eap_ttls_t, NULL), .dflt = "no" },
        { FR_CONF_OFFSET_TYPE_FLAGS("virtual_server", FR_TYPE_VOID, CONF_FLAG_REQUIRED | CONF_FLAG_NOT_EMPTY, rlm_eap_ttls_t, virtual_server),
                                    .func = virtual_server_cf_parse,
                                    .uctx = &(virtual_server_cf_parse_uctx_t){ .process_module_name = "radius"} },
        { FR_CONF_OFFSET("include_length", rlm_eap_ttls_t, include_length), .dflt = "yes" },
        { FR_CONF_OFFSET("require_client_cert", rlm_eap_ttls_t, req_client_cert), .dflt = "no" },
        CONF_PARSER_TERMINATOR
}

Definition at line 72 of file rlm_eap_ttls.c.