/* MPPE key generation */
-void eaptls_gen_mppe_keys(VALUE_PAIR **reply_vps, SSL *s,
- const char *prf_label);
+void eaptls_gen_mppe_keys(REQUEST *request, SSL *s,
+ const char *prf_label);
void eapttls_gen_challenge(SSL *s, uint8_t *buffer, size_t size);
void eaptls_gen_eap_key(RADIUS_PACKET *packet, SSL *s, uint32_t header, VALUE_PAIR **vps);
extern VALUE_PAIR *eap_packet2vp(RADIUS_PACKET *packet,
const eap_packet_raw_t *reply);
extern eap_packet_raw_t *eap_vp2packet(VALUE_PAIR *vps);
+void eap_add_reply(REQUEST *request,
+ const char *name, const uint8_t *value, int len);
#endif /* _EAP_TYPES_H */
return eap_packet;
}
+
+/*
+ * Add raw hex data to the reply.
+ */
+void eap_add_reply(REQUEST *request,
+ const char *name, const uint8_t *value, int len)
+{
+ VALUE_PAIR *vp;
+
+ vp = pairmake(name, "", T_OP_EQ);
+ if (!vp) {
+ RDEBUGE("Did not create attribute %s: %s\n",
+ name, fr_strerror());
+ return;
+ }
+
+ memcpy(vp->vp_octets, value, len);
+ vp->length = len;
+ pairadd(&request->reply->vps, vp);
+}
#include <openssl/hmac.h>
#include "eap_tls.h"
-/*
- * Add value pair to reply
- */
-static void add_reply(VALUE_PAIR** vp,
- const char* name, const uint8_t * value, int len)
-{
- VALUE_PAIR *reply_attr;
- reply_attr = pairmake(name, "", T_OP_EQ);
- if (!reply_attr) {
- DEBUG("rlm_eap_tls: "
- "add_reply failed to create attribute %s: %s\n",
- name, fr_strerror());
- return;
- }
-
- memcpy(reply_attr->vp_octets, value, len);
- reply_attr->length = len;
- pairadd(vp, reply_attr);
-}
-
/*
* TLS PRF from RFC 2246
*/
/*
* Generate keys according to RFC 2716 and add to reply
*/
-void eaptls_gen_mppe_keys(VALUE_PAIR **reply_vps, SSL *s,
+void eaptls_gen_mppe_keys(REQUEST *request, SSL *s,
const char *prf_label)
{
unsigned char out[4*EAPTLS_MPPE_KEY_LEN], buf[4*EAPTLS_MPPE_KEY_LEN];
size_t prf_size;
if (!s->s3) {
- DEBUG("ERROR: No SSLv3 information");
+ RDEBUG("ERROR: No SSLv3 information");
return;
}
seed, prf_size, out, buf, sizeof(out));
p = out;
- add_reply(reply_vps, "MS-MPPE-Recv-Key", p, EAPTLS_MPPE_KEY_LEN);
+ eap_add_reply(request, "MS-MPPE-Recv-Key", p, EAPTLS_MPPE_KEY_LEN);
p += EAPTLS_MPPE_KEY_LEN;
- add_reply(reply_vps, "MS-MPPE-Send-Key", p, EAPTLS_MPPE_KEY_LEN);
+ eap_add_reply(request, "MS-MPPE-Send-Key", p, EAPTLS_MPPE_KEY_LEN);
- add_reply(reply_vps, "EAP-MSK", out, 64);
- add_reply(reply_vps, "EAP-EMSK", out + 64, 64);
+ eap_add_reply(request, "EAP-MSK", out, 64);
+ eap_add_reply(request, "EAP-EMSK", out + 64, 64);
}
#define IKEV2_MPPE_KEY_LEN 32
-
-/*
- * Add value pair to reply: copied from FreeRADIUS
- */
-static void add_reply(VALUE_PAIR** vp,
- const char* name, const char* value, int len)
-{
- VALUE_PAIR *reply_attr;
- reply_attr = pairmake(name, "", T_OP_EQ);
- if (!reply_attr) {
- radlog(L_INFO, IKEv2_LOG_PREFIX "add_reply failed to create attribute %s: %s", name, fr_strerror());
- return;
- }
-
- memcpy(reply_attr->vp_octets, value, len);
- reply_attr->length = len;
- pairadd(vp, reply_attr);
-}
-
static int set_mppe_keys(eap_handler_t *handler)
{
unsigned char *p;
struct IKEv2Session *session;
- VALUE_PAIR **outvps;
session = ((struct IKEv2Data*)handler->opaque)->session;
return 1;
}
- /* outvps is the session to the client. */
- outvps= &handler->request->reply->vps;
-
p = session->eapKeyData;
- add_reply(outvps, "MS-MPPE-Recv-Key",(const char*) p, IKEV2_MPPE_KEY_LEN);
+ eap_add_reply(handler->request,
+ "MS-MPPE-Recv-Key",(const char*) p, IKEV2_MPPE_KEY_LEN);
p += IKEV2_MPPE_KEY_LEN;
- add_reply(outvps, "MS-MPPE-Send-Key",(const char*) p, IKEV2_MPPE_KEY_LEN);
+ eap_add_reply(handler->request,
+ "MS-MPPE-Send-Key",(const char*) p, IKEV2_MPPE_KEY_LEN);
return 0;
}
{ NULL, -1, 0, NULL, NULL }
};
-/*
- * stolen from rlm_eap_sim: Add value pair to reply
- */
-static void add_reply(VALUE_PAIR** vp,
- const char* name, const uint8_t *value, size_t len)
-{
- VALUE_PAIR *reply_attr;
- reply_attr = pairmake(name, "", T_OP_EQ);
- if (!reply_attr) {
- DEBUG("rlm_eap_pwd: "
- "add_reply failed to create attribute %s: %s\n",
- name, fr_strerror());
- return;
- }
-
- memcpy(reply_attr->vp_strvalue, value, len);
- reply_attr->length = len;
- pairadd(vp, reply_attr);
-}
-
static int
eap_pwd_detach (void *arg)
{
pwd_id_packet *id;
eap_packet_t *response;
REQUEST *request, *fake;
- VALUE_PAIR *pw, **outvps, *vp;
+ VALUE_PAIR *pw, *vp;
EAP_DS *eap_ds;
int len, ret = 0;
eap_pwd_t *inst = (eap_pwd_t *)arg;
/*
* return the MSK (in halves)
*/
- outvps = &handler->request->reply->vps;
- add_reply(outvps, "MS-MPPE-Recv-Key", msk, MPPE_KEY_LEN);
- add_reply(outvps, "MS-MPPE-Send-Key", msk+MPPE_KEY_LEN, MPPE_KEY_LEN);
+ eap_add_reply(handler->request,
+ "MS-MPPE-Recv-Key", msk, MPPE_KEY_LEN);
+ eap_add_reply(handler->request,
+ "MS-MPPE-Send-Key", msk+MPPE_KEY_LEN, MPPE_KEY_LEN);
ret = 1;
break;
default:
int sim_id;
};
-/*
- * Add value pair to reply
- */
-static void add_reply(VALUE_PAIR** vp,
- const char* name, const uint8_t *value, size_t len)
-{
- VALUE_PAIR *reply_attr;
- reply_attr = pairmake(name, "", T_OP_EQ);
- if (!reply_attr) {
- DEBUG("rlm_eap_sim: "
- "add_reply failed to create attribute %s: %s\n",
- name, fr_strerror());
- return;
- }
-
- memcpy(reply_attr->vp_strvalue, value, len);
- reply_attr->length = len;
- pairadd(vp, reply_attr);
-}
-
static void eap_sim_state_free(void *opaque)
{
struct eap_sim_server_state *ess = (struct eap_sim_server_state *)opaque;
{
unsigned char *p;
struct eap_sim_server_state *ess;
- VALUE_PAIR **outvps;
- VALUE_PAIR *newvp;
+ VALUE_PAIR *vp;
RADIUS_PACKET *packet;
/* outvps is the data to the client. */
packet = handler->request->reply;
- outvps= &packet->vps;
ess = (struct eap_sim_server_state *)handler->opaque;
/* set the EAP_ID - new value */
- newvp = paircreate(packet, ATTRIBUTE_EAP_ID, 0);
- newvp->vp_integer = ess->sim_id++;
- pairreplace(outvps, newvp);
+ vp = paircreate(packet, ATTRIBUTE_EAP_ID, 0);
+ vp->vp_integer = ess->sim_id++;
+ pairreplace(handler->request->reply, vp);
p = ess->keys.msk;
- add_reply(outvps, "MS-MPPE-Recv-Key", p, EAPTLS_MPPE_KEY_LEN);
+ eap_add_reply(handler->request, "MS-MPPE-Recv-Key", p, EAPTLS_MPPE_KEY_LEN);
p += EAPTLS_MPPE_KEY_LEN;
- add_reply(outvps, "MS-MPPE-Send-Key", p, EAPTLS_MPPE_KEY_LEN);
+ eap_add_reply(handler->request, "MS-MPPE-Send-Key", p, EAPTLS_MPPE_KEY_LEN);
return 1;
}
TNC_ConnectionState connection_state;
uint8_t code = 0;
+ REQUEST *request = handler->request;
if (handler->eap_ds->response->type.num != PW_EAP_TNC) {
radlog(L_ERR, "rlm_eap_tnc: Incorrect response type");
*/
conn_id = *((TNC_ConnectionID *) (handler->opaque));
- DEBUG2("rlm_eap_tnc: Starting authentication for connection ID %lX",
+ RDEBUG2("Starting authentication for connection ID %lX",
conn_id);
/*
handler->eap_ds->response->type.length,
&data, &datalen, &connection_state);
if (result != TNC_RESULT_SUCCESS) {
- radlog(L_ERR, "rlm_eap_tnc: NAA-EAP processEAPTNCData returned "
- "an error code");
+ RDEBUG("NAA-EAP processEAPTNCData returned "
+ "an error code");
return 0;
}
projects / thirdparty / freeradius-server.git / commitdiff
