]> git.ipfire.org Git - thirdparty/freeradius-server.git/commitdiff
projects / thirdparty / freeradius-server.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 2067aa2)
Call `new session` if configured when starting TLS session for PEAP
authorNick Porter <nick@portercomputing.co.uk>
Mon, 5 May 2025 08:54:36 +0000 (09:54 +0100)
committerNick Porter <nick@portercomputing.co.uk>
Mon, 5 May 2025 08:54:36 +0000 (09:54 +0100)
src/modules/rlm_eap/types/rlm_eap_peap/rlm_eap_peap.c patch | blob | blame | history

diff --git a/src/modules/rlm_eap/types/rlm_eap_peap/rlm_eap_peap.c b/src/modules/rlm_eap/types/rlm_eap_peap/rlm_eap_peap.c
index abca7b08acbd8ee0dc87e91608fc2a89e6faa44e..7f62c61c94fe9abad0657b6d383d9f60c39b1a18 100644 (file)
--- a/src/modules/rlm_eap/types/rlm_eap_peap/rlm_eap_peap.c
+++ b/src/modules/rlm_eap/types/rlm_eap_peap/rlm_eap_peap.c
@@ -268,10 +268,7 @@ static unlang_action_t mod_handshake_process(UNUSED rlm_rcode_t *p_result, UNUSE
        return eap_tls_process(request, eap_session);
 }
 
-/*
- *     Send an initial eap-tls request to the peer, using the libeap functions.
- */
-static unlang_action_t mod_session_init(rlm_rcode_t *p_result, module_ctx_t const *mctx, request_t *request)
+static unlang_action_t mod_session_init_resume(rlm_rcode_t *p_result, module_ctx_t const *mctx, request_t *request)
 {
        rlm_eap_peap_t          *inst = talloc_get_type_abort(mctx->mi->data, rlm_eap_peap_t);
        rlm_eap_peap_thread_t   *t = talloc_get_type_abort(mctx->thread, rlm_eap_peap_thread_t);
@@ -282,8 +279,6 @@ static unlang_action_t mod_session_init(rlm_rcode_t *p_result, module_ctx_t cons
        fr_pair_t               *vp;
        bool                    client_cert;
 
-       eap_session->tls = true;
-
        /*
         *      EAP-TLS-Require-Client-Cert attribute will override
         *      the require_client_cert configuration option.
@@ -338,6 +333,23 @@ static unlang_action_t mod_session_init(rlm_rcode_t *p_result, module_ctx_t cons
        RETURN_MODULE_HANDLED;
 }
 
+/*
+ *     Send an initial eap-tls request to the peer, using the libeap functions.
+ */
+static unlang_action_t mod_session_init(UNUSED rlm_rcode_t *p_result, module_ctx_t const *mctx, request_t *request)
+{
+       rlm_eap_peap_t          *inst = talloc_get_type_abort(mctx->mi->data, rlm_eap_peap_t);
+       eap_session_t           *eap_session = eap_session_get(request->parent);
+
+       eap_session->tls = true;
+
+       (void) unlang_module_yield(request, mod_session_init_resume, NULL, 0, NULL);
+
+       if (inst->tls_conf->new_session) return fr_tls_new_session_push(request, inst->tls_conf);
+
+       return UNLANG_ACTION_CALCULATE_RESULT;
+}
+
 static int mod_thread_instantiate(module_thread_inst_ctx_t const *mctx)
 {
        rlm_eap_peap_t          *inst = talloc_get_type_abort(mctx->mi->data, rlm_eap_peap_t);
Mirror of https://github.com/FreeRADIUS/freeradius-server.git