From: Alan T. DeKok Date: Mon, 18 Mar 2013 18:39:25 +0000 (-0400) Subject: Expose add_reply() X-Git-Tag: release_3_0_0_beta1~705 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=3e152a885acc69d2e3996ba913a01ce4cf1d623f;p=thirdparty%2Ffreeradius-server.git Expose add_reply() Which is used in many, many, places --- diff --git a/src/modules/rlm_eap/libeap/eap_tls.h b/src/modules/rlm_eap/libeap/eap_tls.h index ff453078998..2a91f34c645 100644 --- a/src/modules/rlm_eap/libeap/eap_tls.h +++ b/src/modules/rlm_eap/libeap/eap_tls.h @@ -67,8 +67,8 @@ int eaptls_request(EAP_DS *eap_ds, tls_session_t *ssn); /* MPPE key generation */ -void eaptls_gen_mppe_keys(VALUE_PAIR **reply_vps, SSL *s, - const char *prf_label); +void eaptls_gen_mppe_keys(REQUEST *request, SSL *s, + const char *prf_label); void eapttls_gen_challenge(SSL *s, uint8_t *buffer, size_t size); void eaptls_gen_eap_key(RADIUS_PACKET *packet, SSL *s, uint32_t header, VALUE_PAIR **vps); diff --git a/src/modules/rlm_eap/libeap/eap_types.h b/src/modules/rlm_eap/libeap/eap_types.h index 7d14189a0f9..875ade8f265 100644 --- a/src/modules/rlm_eap/libeap/eap_types.h +++ b/src/modules/rlm_eap/libeap/eap_types.h @@ -165,5 +165,7 @@ extern int eap_basic_compose(RADIUS_PACKET *packet, eap_packet_t *reply); extern VALUE_PAIR *eap_packet2vp(RADIUS_PACKET *packet, const eap_packet_raw_t *reply); extern eap_packet_raw_t *eap_vp2packet(VALUE_PAIR *vps); +void eap_add_reply(REQUEST *request, + const char *name, const uint8_t *value, int len); #endif /* _EAP_TYPES_H */ diff --git a/src/modules/rlm_eap/libeap/eapcommon.c b/src/modules/rlm_eap/libeap/eapcommon.c index 9c9ec40b682..dc843df3b29 100644 --- a/src/modules/rlm_eap/libeap/eapcommon.c +++ b/src/modules/rlm_eap/libeap/eapcommon.c @@ -373,3 +373,23 @@ eap_packet_raw_t *eap_vp2packet(VALUE_PAIR *vps) return eap_packet; } + +/* + * Add raw hex data to the reply. + */ +void eap_add_reply(REQUEST *request, + const char *name, const uint8_t *value, int len) +{ + VALUE_PAIR *vp; + + vp = pairmake(name, "", T_OP_EQ); + if (!vp) { + RDEBUGE("Did not create attribute %s: %s\n", + name, fr_strerror()); + return; + } + + memcpy(vp->vp_octets, value, len); + vp->length = len; + pairadd(&request->reply->vps, vp); +} diff --git a/src/modules/rlm_eap/libeap/mppe_keys.c b/src/modules/rlm_eap/libeap/mppe_keys.c index d773c12ab3b..34ae0dbf563 100644 --- a/src/modules/rlm_eap/libeap/mppe_keys.c +++ b/src/modules/rlm_eap/libeap/mppe_keys.c @@ -28,26 +28,6 @@ RCSID("$Id$") #include #include "eap_tls.h" -/* - * Add value pair to reply - */ -static void add_reply(VALUE_PAIR** vp, - const char* name, const uint8_t * value, int len) -{ - VALUE_PAIR *reply_attr; - reply_attr = pairmake(name, "", T_OP_EQ); - if (!reply_attr) { - DEBUG("rlm_eap_tls: " - "add_reply failed to create attribute %s: %s\n", - name, fr_strerror()); - return; - } - - memcpy(reply_attr->vp_octets, value, len); - reply_attr->length = len; - pairadd(vp, reply_attr); -} - /* * TLS PRF from RFC 2246 */ @@ -124,7 +104,7 @@ static void PRF(const unsigned char *secret, unsigned int secret_len, /* * Generate keys according to RFC 2716 and add to reply */ -void eaptls_gen_mppe_keys(VALUE_PAIR **reply_vps, SSL *s, +void eaptls_gen_mppe_keys(REQUEST *request, SSL *s, const char *prf_label) { unsigned char out[4*EAPTLS_MPPE_KEY_LEN], buf[4*EAPTLS_MPPE_KEY_LEN]; @@ -133,7 +113,7 @@ void eaptls_gen_mppe_keys(VALUE_PAIR **reply_vps, SSL *s, size_t prf_size; if (!s->s3) { - DEBUG("ERROR: No SSLv3 information"); + RDEBUG("ERROR: No SSLv3 information"); return; } @@ -153,12 +133,12 @@ void eaptls_gen_mppe_keys(VALUE_PAIR **reply_vps, SSL *s, seed, prf_size, out, buf, sizeof(out)); p = out; - add_reply(reply_vps, "MS-MPPE-Recv-Key", p, EAPTLS_MPPE_KEY_LEN); + eap_add_reply(request, "MS-MPPE-Recv-Key", p, EAPTLS_MPPE_KEY_LEN); p += EAPTLS_MPPE_KEY_LEN; - add_reply(reply_vps, "MS-MPPE-Send-Key", p, EAPTLS_MPPE_KEY_LEN); + eap_add_reply(request, "MS-MPPE-Send-Key", p, EAPTLS_MPPE_KEY_LEN); - add_reply(reply_vps, "EAP-MSK", out, 64); - add_reply(reply_vps, "EAP-EMSK", out + 64, 64); + eap_add_reply(request, "EAP-MSK", out, 64); + eap_add_reply(request, "EAP-EMSK", out + 64, 64); } diff --git a/src/modules/rlm_eap/types/rlm_eap_ikev2/rlm_eap_ikev2.c b/src/modules/rlm_eap/types/rlm_eap_ikev2/rlm_eap_ikev2.c index 9951e0b100d..c928b768de8 100644 --- a/src/modules/rlm_eap/types/rlm_eap_ikev2/rlm_eap_ikev2.c +++ b/src/modules/rlm_eap/types/rlm_eap_ikev2/rlm_eap_ikev2.c @@ -50,30 +50,10 @@ #define IKEV2_MPPE_KEY_LEN 32 - -/* - * Add value pair to reply: copied from FreeRADIUS - */ -static void add_reply(VALUE_PAIR** vp, - const char* name, const char* value, int len) -{ - VALUE_PAIR *reply_attr; - reply_attr = pairmake(name, "", T_OP_EQ); - if (!reply_attr) { - radlog(L_INFO, IKEv2_LOG_PREFIX "add_reply failed to create attribute %s: %s", name, fr_strerror()); - return; - } - - memcpy(reply_attr->vp_octets, value, len); - reply_attr->length = len; - pairadd(vp, reply_attr); -} - static int set_mppe_keys(eap_handler_t *handler) { unsigned char *p; struct IKEv2Session *session; - VALUE_PAIR **outvps; session = ((struct IKEv2Data*)handler->opaque)->session; @@ -82,13 +62,12 @@ static int set_mppe_keys(eap_handler_t *handler) return 1; } - /* outvps is the session to the client. */ - outvps= &handler->request->reply->vps; - p = session->eapKeyData; - add_reply(outvps, "MS-MPPE-Recv-Key",(const char*) p, IKEV2_MPPE_KEY_LEN); + eap_add_reply(handler->request, + "MS-MPPE-Recv-Key",(const char*) p, IKEV2_MPPE_KEY_LEN); p += IKEV2_MPPE_KEY_LEN; - add_reply(outvps, "MS-MPPE-Send-Key",(const char*) p, IKEV2_MPPE_KEY_LEN); + eap_add_reply(handler->request, + "MS-MPPE-Send-Key",(const char*) p, IKEV2_MPPE_KEY_LEN); return 0; } diff --git a/src/modules/rlm_eap/types/rlm_eap_pwd/rlm_eap_pwd.c b/src/modules/rlm_eap/types/rlm_eap_pwd/rlm_eap_pwd.c index bd8b57bfa09..64bb5957e81 100644 --- a/src/modules/rlm_eap/types/rlm_eap_pwd/rlm_eap_pwd.c +++ b/src/modules/rlm_eap/types/rlm_eap_pwd/rlm_eap_pwd.c @@ -53,26 +53,6 @@ static CONF_PARSER pwd_module_config[] = { { NULL, -1, 0, NULL, NULL } }; -/* - * stolen from rlm_eap_sim: Add value pair to reply - */ -static void add_reply(VALUE_PAIR** vp, - const char* name, const uint8_t *value, size_t len) -{ - VALUE_PAIR *reply_attr; - reply_attr = pairmake(name, "", T_OP_EQ); - if (!reply_attr) { - DEBUG("rlm_eap_pwd: " - "add_reply failed to create attribute %s: %s\n", - name, fr_strerror()); - return; - } - - memcpy(reply_attr->vp_strvalue, value, len); - reply_attr->length = len; - pairadd(vp, reply_attr); -} - static int eap_pwd_detach (void *arg) { @@ -304,7 +284,7 @@ eap_pwd_authenticate (void *arg, eap_handler_t *handler) pwd_id_packet *id; eap_packet_t *response; REQUEST *request, *fake; - VALUE_PAIR *pw, **outvps, *vp; + VALUE_PAIR *pw, *vp; EAP_DS *eap_ds; int len, ret = 0; eap_pwd_t *inst = (eap_pwd_t *)arg; @@ -609,9 +589,10 @@ eap_pwd_authenticate (void *arg, eap_handler_t *handler) /* * return the MSK (in halves) */ - outvps = &handler->request->reply->vps; - add_reply(outvps, "MS-MPPE-Recv-Key", msk, MPPE_KEY_LEN); - add_reply(outvps, "MS-MPPE-Send-Key", msk+MPPE_KEY_LEN, MPPE_KEY_LEN); + eap_add_reply(handler->request, + "MS-MPPE-Recv-Key", msk, MPPE_KEY_LEN); + eap_add_reply(handler->request, + "MS-MPPE-Send-Key", msk+MPPE_KEY_LEN, MPPE_KEY_LEN); ret = 1; break; default: diff --git a/src/modules/rlm_eap/types/rlm_eap_sim/rlm_eap_sim.c b/src/modules/rlm_eap/types/rlm_eap_sim/rlm_eap_sim.c index 4ddc8d8b806..1afba3a7674 100644 --- a/src/modules/rlm_eap/types/rlm_eap_sim/rlm_eap_sim.c +++ b/src/modules/rlm_eap/types/rlm_eap_sim/rlm_eap_sim.c @@ -43,26 +43,6 @@ struct eap_sim_server_state { int sim_id; }; -/* - * Add value pair to reply - */ -static void add_reply(VALUE_PAIR** vp, - const char* name, const uint8_t *value, size_t len) -{ - VALUE_PAIR *reply_attr; - reply_attr = pairmake(name, "", T_OP_EQ); - if (!reply_attr) { - DEBUG("rlm_eap_sim: " - "add_reply failed to create attribute %s: %s\n", - name, fr_strerror()); - return; - } - - memcpy(reply_attr->vp_strvalue, value, len); - reply_attr->length = len; - pairadd(vp, reply_attr); -} - static void eap_sim_state_free(void *opaque) { struct eap_sim_server_state *ess = (struct eap_sim_server_state *)opaque; @@ -310,24 +290,22 @@ static int eap_sim_sendsuccess(eap_handler_t *handler) { unsigned char *p; struct eap_sim_server_state *ess; - VALUE_PAIR **outvps; - VALUE_PAIR *newvp; + VALUE_PAIR *vp; RADIUS_PACKET *packet; /* outvps is the data to the client. */ packet = handler->request->reply; - outvps= &packet->vps; ess = (struct eap_sim_server_state *)handler->opaque; /* set the EAP_ID - new value */ - newvp = paircreate(packet, ATTRIBUTE_EAP_ID, 0); - newvp->vp_integer = ess->sim_id++; - pairreplace(outvps, newvp); + vp = paircreate(packet, ATTRIBUTE_EAP_ID, 0); + vp->vp_integer = ess->sim_id++; + pairreplace(handler->request->reply, vp); p = ess->keys.msk; - add_reply(outvps, "MS-MPPE-Recv-Key", p, EAPTLS_MPPE_KEY_LEN); + eap_add_reply(handler->request, "MS-MPPE-Recv-Key", p, EAPTLS_MPPE_KEY_LEN); p += EAPTLS_MPPE_KEY_LEN; - add_reply(outvps, "MS-MPPE-Send-Key", p, EAPTLS_MPPE_KEY_LEN); + eap_add_reply(handler->request, "MS-MPPE-Send-Key", p, EAPTLS_MPPE_KEY_LEN); return 1; } diff --git a/src/modules/rlm_eap/types/rlm_eap_tnc/rlm_eap_tnc.c b/src/modules/rlm_eap/types/rlm_eap_tnc/rlm_eap_tnc.c index d1614059de1..6e000325902 100644 --- a/src/modules/rlm_eap/types/rlm_eap_tnc/rlm_eap_tnc.c +++ b/src/modules/rlm_eap/types/rlm_eap_tnc/rlm_eap_tnc.c @@ -273,6 +273,7 @@ static int tnc_authenticate(UNUSED void *instance, eap_handler_t *handler) TNC_ConnectionState connection_state; uint8_t code = 0; + REQUEST *request = handler->request; if (handler->eap_ds->response->type.num != PW_EAP_TNC) { radlog(L_ERR, "rlm_eap_tnc: Incorrect response type"); @@ -285,7 +286,7 @@ static int tnc_authenticate(UNUSED void *instance, eap_handler_t *handler) */ conn_id = *((TNC_ConnectionID *) (handler->opaque)); - DEBUG2("rlm_eap_tnc: Starting authentication for connection ID %lX", + RDEBUG2("Starting authentication for connection ID %lX", conn_id); /* @@ -300,8 +301,8 @@ static int tnc_authenticate(UNUSED void *instance, eap_handler_t *handler) handler->eap_ds->response->type.length, &data, &datalen, &connection_state); if (result != TNC_RESULT_SUCCESS) { - radlog(L_ERR, "rlm_eap_tnc: NAA-EAP processEAPTNCData returned " - "an error code"); + RDEBUG("NAA-EAP processEAPTNCData returned " + "an error code"); return 0; }