/*
* Acknowledge received is for one of the following messages sent earlier
* 1. Handshake completed Message, so now send, EAP-Success
* 2. Alert Message, now send, EAP-Failure
* 3. Fragment Message, now send, next Fragment
*/
static eaptls_status_t eaptls_ack_handler(EAP_HANDLER *handler)
{
tls_session_t *tls_session;
REQUEST *request = handler->request;
tls_session = (tls_session_t *)handler->opaque;
if (tls_session == NULL){
radlog_request(L_ERR, 0, request, "FAIL: Unexpected ACK received. Could not obtain session information.");
return EAPTLS_FAIL;
}
if (tls_session->info.initialized == 0) {
RDEBUG("No SSL info available. Waiting for more SSL data.");
return EAPTLS_REQUEST;
}
if ((tls_session->info.content_type == handshake) &&
(tls_session->info.origin == 0)) {
radlog_request(L_ERR, 0, request, "FAIL: ACK without earlier message.");
return EAPTLS_FAIL;
}
switch (tls_session->info.content_type) {
case alert:
RDEBUG2("ACK alert");
eaptls_fail(handler, tls_session->peap_flag);
return EAPTLS_FAIL;
case handshake:
if ((tls_session->info.handshake_type == finished) &&
(tls_session->dirty_out.used == 0)) {
RDEBUG2("ACK handshake is finished");
/*
* From now on all the content is
* application data set it here as nobody else
* sets it.
*/
tls_session->info.content_type = application_data;
return EAPTLS_SUCCESS;
} /* else more data to send */
RDEBUG2("ACK handshake fragment handler");
/* Fragmentation handler, send next fragment */
return EAPTLS_REQUEST;
case application_data:
RDEBUG2("ACK handshake fragment handler in application data");
return EAPTLS_REQUEST;
/*
* For the rest of the conditions, switch over
* to the default section below.
*/
default:
RDEBUG2("ACK default");
radlog_request(L_ERR, 0, request, "Invalid ACK received: %d",
tls_session->info.content_type);
return EAPTLS_FAIL;
}
}
/*
* Do authentication, by letting EAP-TLS do most of the work.
*/
static int mod_authenticate(void *arg, eap_handler_t *handler)
{
int rcode;
fr_tls_status_t status;
rlm_eap_peap_t *inst = (rlm_eap_peap_t *) arg;
tls_session_t *tls_session = (tls_session_t *) handler->opaque;
peap_tunnel_t *peap = tls_session->opaque;
REQUEST *request = handler->request;
/*
* Session resumption requires the storage of data, so
* allocate it if it doesn't already exist.
*/
if (!tls_session->opaque) {
peap = tls_session->opaque = peap_alloc(tls_session, inst);
}
status = eaptls_process(handler);
RDEBUG2("eaptls_process returned %d\n", status);
switch (status) {
/*
* EAP-TLS handshake was successful, tell the
* client to keep talking.
*
* If this was EAP-TLS, we would just return
* an EAP-TLS-Success packet here.
*/
case FR_TLS_SUCCESS:
RDEBUG2("FR_TLS_SUCCESS");
peap->status = PEAP_STATUS_TUNNEL_ESTABLISHED;
break;
/*
* The TLS code is still working on the TLS
* exchange, and it's a valid TLS request.
* do nothing.
*/
case FR_TLS_HANDLED:
/*
* FIXME: If the SSL session is established, grab the state
* and EAP id from the inner tunnel, and update it with
* the expected EAP id!
*/
RDEBUG2("FR_TLS_HANDLED");
return 1;
/*
* Handshake is done, proceed with decoding tunneled
* data.
*/
case FR_TLS_OK:
RDEBUG2("FR_TLS_OK");
break;
/*
* Anything else: fail.
*/
default:
RDEBUG2("FR_TLS_OTHERS");
return 0;
}
/*
* Session is established, proceed with decoding
* tunneled data.
*/
RDEBUG2("Session established. Decoding tunneled attributes");
/*
* We may need PEAP data associated with the session, so
* allocate it here, if it wasn't already alloacted.
*/
if (!tls_session->opaque) {
tls_session->opaque = peap_alloc(tls_session, inst);
}
/*
* Process the PEAP portion of the request.
*/
rcode = eappeap_process(handler, tls_session);
switch (rcode) {
case RLM_MODULE_REJECT:
eaptls_fail(handler, 0);
return 0;
case RLM_MODULE_HANDLED:
eaptls_request(handler->eap_ds, tls_session);
return 1;
case RLM_MODULE_OK:
/*
* Move the saved VP's from the Access-Accept to
* our Access-Accept.
*/
peap = tls_session->opaque;
if (peap->soh_reply_vps) {
RDEBUG2("Using saved attributes from the SoH reply");
debug_pair_list(peap->soh_reply_vps);
pairfilter(handler->request->reply,
&handler->request->reply->vps,
&peap->soh_reply_vps, 0, 0, TAG_ANY);
}
if (peap->accept_vps) {
RDEBUG2("Using saved attributes from the original Access-Accept");
debug_pair_list(peap->accept_vps);
pairfilter(handler->request->reply,
&handler->request->reply->vps,
&peap->accept_vps, 0, 0, TAG_ANY);
}
/*
* Success: Automatically return MPPE keys.
*/
return eaptls_success(handler, 0);
/*
* No response packet, MUST be proxying it.
* The main EAP module will take care of discovering
* that the request now has a "proxy" packet, and
* will proxy it, rather than returning an EAP packet.
*/
case RLM_MODULE_UPDATED:
#ifdef WITH_PROXY
rad_assert(handler->request->proxy != NULL);
#endif
return 1;
break;
default:
break;
}
eaptls_fail(handler, 0);
return 0;
}
/*
* Do authentication, by letting EAP-TLS do most of the work.
*/
static int eapttls_authenticate(void *arg, EAP_HANDLER *handler)
{
int rcode;
fr_tls_status_t status;
rlm_eap_ttls_t *inst = (rlm_eap_ttls_t *) arg;
tls_session_t *tls_session = (tls_session_t *) handler->opaque;
ttls_tunnel_t *t = (ttls_tunnel_t *) tls_session->opaque;
REQUEST *request = handler->request;
RDEBUG2("Authenticate");
tls_session->length_flag = inst->include_length;
/*
* Process TLS layer until done.
*/
status = eaptls_process(handler);
RDEBUG2("eaptls_process returned %d\n", status);
switch (status) {
/*
* EAP-TLS handshake was successful, tell the
* client to keep talking.
*
* If this was EAP-TLS, we would just return
* an EAP-TLS-Success packet here.
*/
case FR_TLS_SUCCESS:
if (SSL_session_reused(tls_session->ssl)) {
RDEBUG("Skipping Phase2 due to session resumption");
goto do_keys;
}
if (t && t->authenticated) {
RDEBUG2("Using saved attributes from the original Access-Accept");
debug_pair_list(t->accept_vps);
pairadd(&handler->request->reply->vps,
t->accept_vps);
t->accept_vps = NULL;
do_keys:
/*
* Success: Automatically return MPPE keys.
*/
return eaptls_success(handler, 0);
} else {
eaptls_request(handler->eap_ds, tls_session);
}
return 1;
/*
* The TLS code is still working on the TLS
* exchange, and it's a valid TLS request.
* do nothing.
*/
case FR_TLS_HANDLED:
return 1;
/*
* Handshake is done, proceed with decoding tunneled
* data.
*/
case FR_TLS_OK:
break;
/*
* Anything else: fail.
*/
default:
return 0;
}
/*
* Session is established, proceed with decoding
* tunneled data.
*/
RDEBUG2("Session established. Proceeding to decode tunneled attributes.");
/*
* We may need TTLS data associated with the session, so
* allocate it here, if it wasn't already alloacted.
*/
if (!tls_session->opaque) {
tls_session->opaque = ttls_alloc(inst);
tls_session->free_opaque = ttls_free;
}
/*
* Process the TTLS portion of the request.
*/
rcode = eapttls_process(handler, tls_session);
switch (rcode) {
case PW_AUTHENTICATION_REJECT:
eaptls_fail(handler, 0);
return 0;
/*
* Access-Challenge, continue tunneled conversation.
*/
case PW_ACCESS_CHALLENGE:
eaptls_request(handler->eap_ds, tls_session);
return 1;
/*
* Success: Automatically return MPPE keys.
*/
case PW_AUTHENTICATION_ACK:
return eaptls_success(handler, 0);
/*
* No response packet, MUST be proxying it.
* The main EAP module will take care of discovering
* that the request now has a "proxy" packet, and
* will proxy it, rather than returning an EAP packet.
*/
case PW_STATUS_CLIENT:
#ifdef WITH_PROXY
rad_assert(handler->request->proxy != NULL);
#endif
return 1;
break;
default:
break;
}
/*
* Something we don't understand: Reject it.
*/
eaptls_fail(handler, 0);
return 0;
}
/*
* Do authentication, by letting EAP-TLS do most of the work.
*/
static int eaptls_authenticate(void *arg, EAP_HANDLER *handler)
{
eaptls_status_t status;
tls_session_t *tls_session = (tls_session_t *) handler->opaque;
REQUEST *request = handler->request;
eap_tls_t *inst = (eap_tls_t *) arg;
RDEBUG2("Authenticate");
status = eaptls_process(handler);
RDEBUG2("eaptls_process returned %d\n", status);
switch (status) {
/*
* EAP-TLS handshake was successful, return an
* EAP-TLS-Success packet here.
*/
case EAPTLS_SUCCESS:
break;
/*
* The TLS code is still working on the TLS
* exchange, and it's a valid TLS request.
* do nothing.
*/
case EAPTLS_HANDLED:
return 1;
/*
* Handshake is done, proceed with decoding tunneled
* data.
*/
case EAPTLS_OK:
RDEBUG2("Received unexpected tunneled data after successful handshake.");
#ifndef NDEBUG
if ((debug_flag > 2) && fr_log_fp) {
unsigned int i;
unsigned int data_len;
unsigned char buffer[1024];
data_len = (tls_session->record_minus)(&tls_session->dirty_in,
buffer, sizeof(buffer));
log_debug(" Tunneled data (%u bytes)\n", data_len);
for (i = 0; i < data_len; i++) {
if ((i & 0x0f) == 0x00) fprintf(fr_log_fp, " %x: ", i);
if ((i & 0x0f) == 0x0f) fprintf(fr_log_fp, "\n");
fprintf(fr_log_fp, "%02x ", buffer[i]);
}
fprintf(fr_log_fp, "\n");
}
#endif
eaptls_fail(handler, 0);
return 0;
break;
/*
* Anything else: fail.
*
* Also, remove the session from the cache so that
* the client can't re-use it.
*/
default:
if (inst->conf->session_cache_enable) {
SSL_CTX_remove_session(inst->ctx,
tls_session->ssl->session);
}
return 0;
}
/*
* New sessions cause some additional information to be
* cached.
*/
if (!SSL_session_reused(tls_session->ssl)) {
/*
* FIXME: Store miscellaneous data.
*/
RDEBUG2("Adding user data to cached session");
#if 0
SSL_SESSION_set_ex_data(tls_session->ssl->session,
ssl_session_idx_user_session, session_data);
#endif
} else {
/*
* FIXME: Retrieve miscellaneous data.
*/
#if 0
data = SSL_SESSION_get_ex_data(tls_session->ssl->session,
ssl_session_idx_user_session);
if (!session_data) {
radlog_request(L_ERR, 0, request,
"No user session data in cached session - "
" REJECTING");
return 0;
}
#endif
RDEBUG2("Retrieved session data from cached session");
}
/*
* Success: Automatically return MPPE keys.
*/
return eaptls_success(handler, 0);
}
/*
* Do authentication, by letting EAP-TLS do most of the work.
*/
static int CC_HINT(nonnull) mod_authenticate(void *type_arg, eap_handler_t *handler)
{
fr_tls_status_t status;
tls_session_t *tls_session = (tls_session_t *) handler->opaque;
REQUEST *request = handler->request;
rlm_eap_tls_t *inst;
inst = type_arg;
RDEBUG2("Authenticate");
status = eaptls_process(handler);
RDEBUG2("eaptls_process returned %d\n", status);
switch (status) {
/*
* EAP-TLS handshake was successful, return an
* EAP-TLS-Success packet here.
*
* If a virtual server was configured, check that
* it accepts the certificates, too.
*/
case FR_TLS_SUCCESS:
if (inst->virtual_server) {
VALUE_PAIR *vp;
REQUEST *fake;
/* create a fake request */
fake = request_alloc_fake(request);
rad_assert(!fake->packet->vps);
fake->packet->vps = paircopy(fake->packet, request->packet->vps);
/* set the virtual server to use */
if ((vp = pairfind(request->config_items, PW_VIRTUAL_SERVER, 0, TAG_ANY)) != NULL) {
fake->server = vp->vp_strvalue;
} else {
fake->server = inst->virtual_server;
}
RDEBUG("Processing EAP-TLS Certificate check:");
debug_pair_list(fake->packet->vps);
RDEBUG("server %s {", fake->server);
rad_virtual_server(fake);
RDEBUG("} # server %s", fake->server);
/* copy the reply vps back to our reply */
pairfilter(request->reply, &request->reply->vps,
&fake->reply->vps, 0, 0, TAG_ANY);
/* reject if virtual server didn't return accept */
if (fake->reply->code != PW_CODE_AUTHENTICATION_ACK) {
RDEBUG2("Certificates were rejected by the virtual server");
request_free(&fake);
eaptls_fail(handler, 0);
return 0;
}
request_free(&fake);
/* success */
}
break;
/*
* The TLS code is still working on the TLS
* exchange, and it's a valid TLS request.
* do nothing.
*/
case FR_TLS_HANDLED:
return 1;
/*
* Handshake is done, proceed with decoding tunneled
* data.
*/
case FR_TLS_OK:
RDEBUG2("Received unexpected tunneled data after successful handshake");
#ifndef NDEBUG
if ((debug_flag > 2) && fr_log_fp) {
unsigned int i;
unsigned int data_len;
unsigned char buffer[1024];
data_len = (tls_session->record_minus)(&tls_session->dirty_in,
buffer, sizeof(buffer));
DEBUG(" Tunneled data (%u bytes)", data_len);
for (i = 0; i < data_len; i++) {
if ((i & 0x0f) == 0x00) fprintf(fr_log_fp, " %x: ", i);
if ((i & 0x0f) == 0x0f) fprintf(fr_log_fp, "\n");
fprintf(fr_log_fp, "%02x ", buffer[i]);
}
fprintf(fr_log_fp, "\n");
}
#endif
eaptls_fail(handler, 0);
return 0;
break;
/*
* Anything else: fail.
*
* Also, remove the session from the cache so that
* the client can't re-use it.
*/
default:
tls_fail(tls_session);
return 0;
}
/*
* Success: Automatically return MPPE keys.
*/
return eaptls_success(handler, 0);
}
/*
* To process the TLS,
* INCOMING DATA:
* 1. EAP-TLS should get the compelete TLS data from the peer.
* 2. Store that data in a data structure with any other required info
* 3. Handle that data structure to the TLS module.
* 4. TLS module will perform its operations on the data and
* handle back to EAP-TLS
*
* OUTGOING DATA:
* 1. EAP-TLS if necessary will fragment it and send it to the
* destination.
*
* During EAP-TLS initialization, TLS Context object will be
* initialized and stored. For every new authentication
* requests, TLS will open a new session object and that session
* object should be maintained even after the session is
* completed for session resumption. (Probably later as a feature
* as we donot know who maintains these session objects ie,
* SSL_CTX (internally) or TLS module(explicitly). If TLS module,
* then how to let SSL API know about these sessions.)
*/
static eaptls_status_t eaptls_operation(eaptls_status_t status,
EAP_HANDLER *handler)
{
tls_session_t *tls_session;
tls_session = (tls_session_t *)handler->opaque;
if ((status == EAPTLS_MORE_FRAGMENTS) ||
(status == EAPTLS_MORE_FRAGMENTS_WITH_LENGTH) ||
(status == EAPTLS_FIRST_FRAGMENT)) {
/*
* Send the ACK.
*/
eaptls_send_ack(handler->eap_ds, tls_session->peap_flag);
return EAPTLS_HANDLED;
}
/*
* We have the complete TLS-data or TLS-message.
*
* Clean the dirty message.
*
* Authenticate the user and send
* Success/Failure.
*
* If more info
* is required then send another request.
*/
if (!tls_handshake_recv(tls_session)) {
DEBUG2("TLS receive handshake failed during operation");
eaptls_fail(handler, tls_session->peap_flag);
return EAPTLS_FAIL;
}
/*
* FIXME: return success/fail.
*
* TLS proper can decide what to do, then.
*/
if (tls_session->dirty_out.used > 0) {
eaptls_request(handler->eap_ds, tls_session);
return EAPTLS_HANDLED;
}
/*
* If there is no data to send i.e
* dirty_out.used <=0 and if the SSL
* handshake is finished, then return a
* EPTLS_SUCCESS
*/
if (SSL_is_init_finished(tls_session->ssl)) {
/*
* Init is finished. The rest is
* application data.
*/
tls_session->info.content_type = application_data;
return EAPTLS_SUCCESS;
}
/*
* Who knows what happened...
*/
DEBUG2("TLS failed during operation");
return EAPTLS_FAIL;
}
int eaptls_success(EAP_HANDLER *handler, int peap_flag)
{
EAPTLS_PACKET reply;
VALUE_PAIR *vp, *vps = NULL;
REQUEST *request = handler->request;
tls_session_t *tls_session = handler->opaque;
reply.code = EAPTLS_SUCCESS;
reply.length = TLS_HEADER_LEN;
reply.flags = peap_flag;
reply.data = NULL;
reply.dlen = 0;
/*
* If there's no session resumption, delete the entry
* from the cache. This means either it's disabled
* globally for this SSL context, OR we were told to
* disable it for this user.
*
* This also means you can't turn it on just for one
* user.
*/
if ((!tls_session->allow_session_resumption) ||
(((vp = pairfind(request->config_items, 1127)) != NULL) &&
(vp->vp_integer == 0))) {
SSL_CTX_remove_session(tls_session->ctx,
tls_session->ssl->session);
tls_session->allow_session_resumption = 0;
/*
* If we're in a resumed session and it's
* not allowed,
*/
if (SSL_session_reused(tls_session->ssl)) {
RDEBUG("FAIL: Forcibly stopping session resumption as it is not allowed.");
return eaptls_fail(handler, peap_flag);
}
/*
* Else resumption IS allowed, so we store the
* user data in the cache.
*/
} else if (!SSL_session_reused(tls_session->ssl)) {
RDEBUG2("Saving response in the cache");
vp = paircopy2(request->reply->vps, PW_USER_NAME);
pairadd(&vps, vp);
vp = paircopy2(request->packet->vps, PW_STRIPPED_USER_NAME);
pairadd(&vps, vp);
if (vps) {
SSL_SESSION_set_ex_data(tls_session->ssl->session,
eaptls_session_idx, vps);
} else {
RDEBUG2("WARNING: No information to cache: session caching will be disabled for this session.");
SSL_CTX_remove_session(tls_session->ctx,
tls_session->ssl->session);
}
/*
* Else the session WAS allowed. Copy the cached
* reply.
*/
} else {
vp = SSL_SESSION_get_ex_data(tls_session->ssl->session,
eaptls_session_idx);
if (!vp) {
RDEBUG("WARNING: No information in cached session!");
return eaptls_fail(handler, peap_flag);
} else {
RDEBUG("Adding cached attributes to the reply:");
debug_pair_list(vp);
pairadd(&request->reply->vps, paircopy(vp));
/*
* Mark the request as resumed.
*/
vp = pairmake("EAP-Session-Resumed", "1", T_OP_SET);
if (vp) pairadd(&request->packet->vps, vp);
}
}
/*
* Call compose AFTER checking for cached data.
*/
eaptls_compose(handler->eap_ds, &reply);
/*
* Automatically generate MPPE keying material.
*/
if (tls_session->prf_label) {
eaptls_gen_mppe_keys(&handler->request->reply->vps,
tls_session->ssl, tls_session->prf_label);
} else {
RDEBUG("WARNING: Not adding MPPE keys because there is no PRF label");
}
return 1;
}
/*
* Do post-proxy processing,
*/
static int CC_HINT(nonnull) eapttls_postproxy(eap_handler_t *handler, void *data)
{
int rcode;
tls_session_t *tls_session = (tls_session_t *) data;
REQUEST *fake, *request = handler->request;
RDEBUG("Passing reply from proxy back into the tunnel");
/*
* If there was a fake request associated with the proxied
* request, do more processing of it.
*/
fake = (REQUEST *) request_data_get(handler->request,
handler->request->proxy,
REQUEST_DATA_EAP_MSCHAP_TUNNEL_CALLBACK);
/*
* Do the callback, if it exists, and if it was a success.
*/
if (fake && (handler->request->proxy_reply->code == PW_CODE_ACCESS_ACCEPT)) {
/*
* Terrible hacks.
*/
rad_assert(!fake->packet);
fake->packet = talloc_steal(fake, request->proxy);
fake->packet->src_ipaddr = request->packet->src_ipaddr;
request->proxy = NULL;
rad_assert(!fake->reply);
fake->reply = talloc_steal(fake, request->proxy_reply);
request->proxy_reply = NULL;
if ((rad_debug_lvl > 0) && fr_log_fp) {
fprintf(fr_log_fp, "server %s {\n",
(!fake->server) ? "" : fake->server);
}
/*
* Perform a post-auth stage for the tunneled
* session.
*/
fake->options &= ~RAD_REQUEST_OPTION_PROXY_EAP;
rcode = rad_postauth(fake);
RDEBUG2("post-auth returns %d", rcode);
if ((rad_debug_lvl > 0) && fr_log_fp) {
fprintf(fr_log_fp, "} # server %s\n",
(!fake->server) ? "" : fake->server);
RDEBUG("Final reply from tunneled session code %d", fake->reply->code);
rdebug_pair_list(L_DBG_LVL_1, request, fake->reply->vps, NULL);
}
/*
* Terrible hacks.
*/
request->proxy = talloc_steal(request, fake->packet);
fake->packet = NULL;
request->proxy_reply = talloc_steal(request, fake->reply);
fake->reply = NULL;
/*
* And we're done with this request.
*/
switch (rcode) {
case RLM_MODULE_FAIL:
talloc_free(fake);
eaptls_fail(handler, 0);
return 0;
default: /* Don't Do Anything */
RDEBUG2("Got reply %d",
request->proxy_reply->code);
break;
}
}
talloc_free(fake); /* robust if !fake */
/*
* Process the reply from the home server.
*/
rcode = process_reply(handler, tls_session, handler->request, handler->request->proxy_reply);
/*
* The proxy code uses the reply from the home server as
* the basis for the reply to the NAS. We don't want that,
* so we toss it, after we've had our way with it.
*/
fr_pair_list_free(&handler->request->proxy_reply->vps);
switch (rcode) {
case RLM_MODULE_REJECT:
RDEBUG("Reply was rejected");
break;
case RLM_MODULE_HANDLED:
RDEBUG("Reply was handled");
eaptls_request(handler->eap_ds, tls_session);
request->proxy_reply->code = PW_CODE_ACCESS_CHALLENGE;
return 1;
case RLM_MODULE_OK:
RDEBUG("Reply was OK");
/*
* Success: Automatically return MPPE keys.
*/
return eaptls_success(handler, 0);
default:
RDEBUG("Reply was unknown");
break;
}
eaptls_fail(handler, 0);
return 0;
}
