The FreeRADIUS server $Id: 15bac2a4c627c01d1aa2047687b3418955ac7f00 $
Loading...
Searching...
No Matches
rlm_mschap.h
Go to the documentation of this file.
1#pragma once
2/* @copyright 2006-2015 The FreeRADIUS server project */
3RCSIDH(rlm_mschap_h, "$Id: a90d61621f82047e786e07051d5fea1079b4a6ff $")
4
5#include "config.h"
6#include "mschap.h"
7
8#include <freeradius-devel/util/dict.h>
9#include <freeradius-devel/util/slab.h>
10#include <freeradius-devel/server/tmpl.h>
11
12#ifdef WITH_AUTH_WINBIND
13# include <wbclient.h>
14#endif
15
16/* Method of authentication we are going to use */
17typedef enum {
18 AUTH_INTERNAL = 0, /* MS-CHAP-Use-NTLM-Auth = no */
19 AUTH_NTLMAUTH_EXEC = 1, /* MS-CHAP-Use-NTLM-Auth = yes */
20 AUTH_AUTO = 2, /* MS-CHAP-Use-NTLM-Auth = auto */
21#ifdef WITH_AUTH_WINBIND
22 AUTH_WBCLIENT = 3
23#endif
24} MSCHAP_AUTH_METHOD;
25
26extern HIDDEN fr_dict_attr_t const *attr_auth_type;
27extern HIDDEN fr_dict_attr_t const *attr_cleartext_password;
28extern HIDDEN fr_dict_attr_t const *attr_eap_identity;
29extern HIDDEN fr_dict_attr_t const *attr_nt_password;
30extern HIDDEN fr_dict_attr_t const *attr_lm_password;
31extern HIDDEN fr_dict_attr_t const *attr_ms_chap_use_ntlm_auth;
32
33extern HIDDEN fr_dict_attr_t const *attr_ms_chap_user_name;
34
35extern HIDDEN fr_dict_attr_t const *attr_ms_chap_peer_challenge;
36extern HIDDEN fr_dict_attr_t const *attr_ms_chap_new_nt_password;
37extern HIDDEN fr_dict_attr_t const *attr_ms_chap_new_cleartext_password;
38extern HIDDEN fr_dict_attr_t const *attr_smb_account_ctrl;
39extern HIDDEN fr_dict_attr_t const *attr_smb_account_ctrl_text;
40
41typedef struct {
42 fr_dict_enum_value_t *auth_type;
43
44 bool normify;
45
46 bool use_mppe;
47 bool require_encryption;
48 bool require_strong;
49 bool with_ntdomain_hack; /* this should be in another module */
50
51 char const *ntlm_auth;
52 fr_time_delta_t ntlm_auth_timeout;
53 char const *ntlm_cpw;
54
55 bool allow_retry;
56 char const *retry_msg;
57 MSCHAP_AUTH_METHOD method;
58 char const *wb_username;
59#ifdef WITH_AUTH_WINBIND
60 bool wb_retry_with_normalised_username;
61 fr_slab_config_t reuse;
62#endif
63#ifdef __APPLE__
64 bool open_directory;
65#endif
66} rlm_mschap_t;
67
68#ifdef WITH_AUTH_WINBIND
69typedef struct {
70 struct wbcContext *ctx;
71} winbind_ctx_t;
72
73FR_SLAB_TYPES(mschap, winbind_ctx_t);
74FR_SLAB_FUNCS(mschap, winbind_ctx_t)
75
76typedef struct {
77 rlm_mschap_t const *inst; //!< Instance of rlm_mschap.
78 mschap_slab_list_t *slab; //!< Slab list for winbind handles.
79} rlm_mschap_thread_t;
80#endif
101
102typedef struct {
103 fr_value_box_list_t cpw_user;
104 fr_value_box_list_t cpw_domain;
105 fr_value_box_list_t local_cpw_result;
106 uint8_t new_nt_encrypted[516];
107 uint8_t old_nt_hash[NT_DIGEST_LENGTH];
108 fr_pair_t *new_hash;
109} mschap_cpw_ctx_t;
110
111typedef struct {
112 char const *name;
113 rlm_mschap_t const *inst;
114 mschap_auth_call_env_t *env_data;
115 MSCHAP_AUTH_METHOD method;
116 fr_pair_t *nt_password;
117 fr_pair_t *smb_ctrl;
118 fr_pair_t *cpw;
119 mschap_cpw_ctx_t *cpw_ctx;
120#ifdef WITH_AUTH_WINBIND
121 rlm_mschap_thread_t *t;
122#endif
123} mschap_auth_ctx_t;
RCSIDH
#define RCSIDH(h, id)
Definition build.h:484
HIDDEN
#define HIDDEN
Definition build.h:314
fr_dict_enum_value_t
Value of an enumerated attribute.
Definition dict.h:227
uint8_t
unsigned char uint8_t
Definition merged_model.c:30
fr_dict_attr_t
Definition merged_model.c:133
fr_value_box_t
Definition merged_model.c:136
tmpl_t
Definition merged_model.c:225
NT_DIGEST_LENGTH
#define NT_DIGEST_LENGTH
Definition mschap.h:7
rlm_mschap_t::ntlm_cpw
char const * ntlm_cpw
Definition rlm_mschap.h:53
attr_smb_account_ctrl
HIDDEN fr_dict_attr_t const * attr_smb_account_ctrl
Definition rlm_mschap.c:243
rlm_mschap_t::wb_username
char const * wb_username
Definition rlm_mschap.h:58
mschap_auth_call_env_t::username
tmpl_t const * username
Definition rlm_mschap.h:82
rlm_mschap_t::auth_type
fr_dict_enum_value_t * auth_type
Definition rlm_mschap.h:42
rlm_mschap_t::use_mppe
bool use_mppe
Definition rlm_mschap.h:46
attr_auth_type
HIDDEN fr_dict_attr_t const * attr_auth_type
Definition rlm_eap_peap.c:72
mschap_auth_call_env_t::wb_domain
fr_value_box_t wb_domain
Definition rlm_mschap.h:96
mschap_auth_ctx_t::method
MSCHAP_AUTH_METHOD method
Definition rlm_mschap.h:115
rlm_mschap_t::method
MSCHAP_AUTH_METHOD method
Definition rlm_mschap.h:57
mschap_auth_call_env_t::mppe_encryption_types
tmpl_t const * mppe_encryption_types
Definition rlm_mschap.h:92
rlm_mschap_t::ntlm_auth_timeout
fr_time_delta_t ntlm_auth_timeout
Definition rlm_mschap.h:52
mschap_auth_ctx_t::cpw
fr_pair_t * cpw
Definition rlm_mschap.h:118
attr_eap_identity
HIDDEN fr_dict_attr_t const * attr_eap_identity
Definition base.c:91
attr_nt_password
HIDDEN fr_dict_attr_t const * attr_nt_password
Definition rlm_ldap.c:323
rlm_mschap_t::ntlm_auth
char const * ntlm_auth
Definition rlm_mschap.h:51
mschap_auth_ctx_t::name
char const * name
Definition rlm_mschap.h:112
attr_ms_chap_new_nt_password
HIDDEN fr_dict_attr_t const * attr_ms_chap_new_nt_password
Definition rlm_mschap.c:237
attr_ms_chap_peer_challenge
HIDDEN fr_dict_attr_t const * attr_ms_chap_peer_challenge
Definition rlm_eap_fast.c:99
mschap_auth_call_env_t::ntlm_cpw_domain
tmpl_t const * ntlm_cpw_domain
Definition rlm_mschap.h:98
mschap_cpw_ctx_t::new_hash
fr_pair_t * new_hash
Definition rlm_mschap.h:108
mschap_auth_call_env_t::ntlm_cpw_username
tmpl_t const * ntlm_cpw_username
Definition rlm_mschap.h:97
mschap_auth_call_env_t::wb_username
fr_value_box_t wb_username
Definition rlm_mschap.h:95
attr_lm_password
HIDDEN fr_dict_attr_t const * attr_lm_password
mschap_auth_call_env_t::chap_nt_enc_pw
tmpl_t const * chap_nt_enc_pw
Definition rlm_mschap.h:94
mschap_auth_call_env_t::mppe_send_key
tmpl_t const * mppe_send_key
Definition rlm_mschap.h:91
attr_ms_chap_new_cleartext_password
HIDDEN fr_dict_attr_t const * attr_ms_chap_new_cleartext_password
Definition rlm_mschap.c:236
rlm_mschap_t::retry_msg
char const * retry_msg
Definition rlm_mschap.h:56
rlm_mschap_t::allow_retry
bool allow_retry
Definition rlm_mschap.h:55
mschap_auth_ctx_t::inst
rlm_mschap_t const * inst
Definition rlm_mschap.h:113
mschap_cpw_ctx_t::cpw_user
fr_value_box_list_t cpw_user
Definition rlm_mschap.h:103
mschap_auth_call_env_t::chap_response
tmpl_t const * chap_response
Definition rlm_mschap.h:85
rlm_mschap_t::require_encryption
bool require_encryption
Definition rlm_mschap.h:47
mschap_auth_call_env_t::local_cpw
tmpl_t const * local_cpw
Definition rlm_mschap.h:99
mschap_cpw_ctx_t::cpw_domain
fr_value_box_list_t cpw_domain
Definition rlm_mschap.h:104
mschap_auth_ctx_t::smb_ctrl
fr_pair_t * smb_ctrl
Definition rlm_mschap.h:117
mschap_auth_call_env_t::chap_challenge
tmpl_t const * chap_challenge
Definition rlm_mschap.h:84
mschap_auth_call_env_t::chap2_response
tmpl_t const * chap2_response
Definition rlm_mschap.h:86
rlm_mschap_t::require_strong
bool require_strong
Definition rlm_mschap.h:48
mschap_cpw_ctx_t::local_cpw_result
fr_value_box_list_t local_cpw_result
Definition rlm_mschap.h:105
mschap_auth_call_env_t::mppe_encryption_policy
tmpl_t const * mppe_encryption_policy
Definition rlm_mschap.h:89
rlm_mschap_t::with_ntdomain_hack
bool with_ntdomain_hack
Definition rlm_mschap.h:49
rlm_mschap_t::normify
bool normify
Definition rlm_mschap.h:44
mschap_auth_ctx_t::env_data
mschap_auth_call_env_t * env_data
Definition rlm_mschap.h:114
attr_ms_chap_user_name
HIDDEN fr_dict_attr_t const * attr_ms_chap_user_name
Definition rlm_mschap.c:240
mschap_auth_call_env_t::mppe_recv_key
tmpl_t const * mppe_recv_key
Definition rlm_mschap.h:90
mschap_auth_call_env_t::chap_error
tmpl_t const * chap_error
Definition rlm_mschap.h:83
mschap_auth_call_env_t::chap2_cpw
tmpl_t const * chap2_cpw
Definition rlm_mschap.h:93
mschap_auth_call_env_t::chap2_success
tmpl_t const * chap2_success
Definition rlm_mschap.h:87
mschap_auth_ctx_t::cpw_ctx
mschap_cpw_ctx_t * cpw_ctx
Definition rlm_mschap.h:119
mschap_auth_ctx_t::nt_password
fr_pair_t * nt_password
Definition rlm_mschap.h:116
MSCHAP_AUTH_METHOD
MSCHAP_AUTH_METHOD
Definition rlm_mschap.h:17
AUTH_AUTO
@ AUTH_AUTO
Definition rlm_mschap.h:20
AUTH_INTERNAL
@ AUTH_INTERNAL
Definition rlm_mschap.h:18
AUTH_NTLMAUTH_EXEC
@ AUTH_NTLMAUTH_EXEC
Definition rlm_mschap.h:19
attr_smb_account_ctrl_text
HIDDEN fr_dict_attr_t const * attr_smb_account_ctrl_text
Definition rlm_mschap.c:242
attr_cleartext_password
HIDDEN fr_dict_attr_t const * attr_cleartext_password
Definition rlm_ldap.c:320
mschap_auth_call_env_t::chap_mppe_keys
tmpl_t const * chap_mppe_keys
Definition rlm_mschap.h:88
attr_ms_chap_use_ntlm_auth
HIDDEN fr_dict_attr_t const * attr_ms_chap_use_ntlm_auth
Definition rlm_mschap.c:239
mschap_auth_call_env_t
Definition rlm_mschap.h:81
mschap_auth_ctx_t
Definition rlm_mschap.h:111
mschap_cpw_ctx_t
Definition rlm_mschap.h:102
rlm_mschap_t
Definition rlm_mschap.h:41
winbind_ctx_t
Definition rlm_winbind.h:19
FR_SLAB_FUNCS
#define FR_SLAB_FUNCS(_name, _type)
Define type specific wrapper functions for slabs and slab elements.
Definition slab.h:120
FR_SLAB_TYPES
#define FR_SLAB_TYPES(_name, _type)
Define type specific wrapper structs for slabs and slab elements.
Definition slab.h:72
fr_slab_config_t
Tuneable parameters for slabs.
Definition slab.h:42
inst
eap_aka_sim_process_conf_t * inst
Definition state_machine.c:3620
value_pair_s
Stores an attribute, a value and various bits of other data.
Definition pair.h:68
fr_time_delta_s
A time delta, a difference in time measured in nanoseconds.
Definition time.h:80
Generated by   doxygen 1.9.8