static int hostapd_radius_get_eap_user(void *ctx, const u8 *identity, size_t identity_len, int phase2, struct eap_user *user) { const struct hostapd_eap_user *eap_user; int i; eap_user = hostapd_get_eap_user(ctx, identity, identity_len, phase2); if (eap_user == NULL) return -1; if (user == NULL) return 0; os_memset(user, 0, sizeof(*user)); for (i = 0; i < EAP_MAX_METHODS; i++) { user->methods[i].vendor = eap_user->methods[i].vendor; user->methods[i].method = eap_user->methods[i].method; } if (eap_user->password) { user->password = os_malloc(eap_user->password_len); if (user->password == NULL) return -1; os_memcpy(user->password, eap_user->password, eap_user->password_len); user->password_len = eap_user->password_len; user->password_hash = eap_user->password_hash; } user->force_version = eap_user->force_version; user->ttls_auth = eap_user->ttls_auth; return 0; }
static struct radius_session * radius_server_get_new_session(struct radius_server_data *data, struct radius_client *client, struct radius_msg *msg) { u8 *user; size_t user_len; const struct hostapd_eap_user *eap_user; int res; struct radius_session *sess; struct eap_config eap_conf; RADIUS_DEBUG("Creating a new session"); user = VM_MALLOC(256); if (user == NULL) { return NULL; } res = radius_msg_get_attr(msg, RADIUS_ATTR_USER_NAME, user, 256); if (res < 0 || res > 256) { RADIUS_DEBUG("Could not get User-Name"); VM_FREE(user); return NULL; } user_len = res; RADIUS_DUMP_ASCII("User-Name", user, user_len); eap_user = hostapd_get_eap_user(data->hostapd_conf, user, user_len, 0); VM_FREE(user); if (eap_user) { RADIUS_DEBUG("Matching user entry found"); sess = radius_server_new_session(data, client); if (sess == NULL) { RADIUS_DEBUG("Failed to create a new session"); return NULL; } } else { RADIUS_DEBUG("User-Name not found from user database"); return NULL; } memset(&eap_conf, 0, sizeof(eap_conf)); eap_conf.ssl_ctx = data->ssl_ctx; eap_conf.eap_sim_db_priv = data->eap_sim_db_priv; eap_conf.backend_auth = TRUE; sess->eap = eap_sm_init(sess, &radius_server_eapol_cb, &eap_conf); if (sess->eap == NULL) { RADIUS_DEBUG("Failed to initialize EAP state machine for the " "new session"); radius_server_session_free(data, sess); return NULL; } sess->eapRestart = TRUE; sess->portEnabled = TRUE; RADIUS_DEBUG("New session 0x%x initialized", sess->sess_id); return sess; }
static int radius_server_get_eap_user(void *ctx, const u8 *identity, size_t identity_len, int phase2, struct eap_user *user) { struct radius_session *sess = ctx; const struct hostapd_eap_user *eap_user; int i, count; eap_user = hostapd_get_eap_user(sess->server->hostapd_conf, identity, identity_len, phase2); if (eap_user == NULL) return -1; memset(user, 0, sizeof(*user)); count = EAP_USER_MAX_METHODS; if (count > EAP_MAX_METHODS) count = EAP_MAX_METHODS; for (i = 0; i < count; i++) { user->methods[i].vendor = eap_user->methods[i].vendor; user->methods[i].method = eap_user->methods[i].method; } if (eap_user->password) { user->password = VM_MALLOC(eap_user->password_len); if (user->password == NULL) return -1; memcpy(user->password, eap_user->password, eap_user->password_len); user->password_len = eap_user->password_len; user->password_hash = eap_user->password_hash; } user->force_version = eap_user->force_version; return 0; }
static int radius_server_get_eap_user(void *ctx, const u8 *identity, size_t identity_len, int phase2, struct eap_user *user) { struct radius_session *sess = ctx; const struct hostapd_eap_user *eap_user; eap_user = hostapd_get_eap_user(sess->server->hostapd_conf, identity, identity_len, phase2); if (eap_user == NULL) return -1; memset(user, 0, sizeof(*user)); memcpy(user->methods, eap_user->methods, EAP_USER_MAX_METHODS > EAP_MAX_METHODS ? EAP_USER_MAX_METHODS : EAP_MAX_METHODS); if (eap_user->password) { user->password = malloc(eap_user->password_len); if (user->password == NULL) return -1; memcpy(user->password, eap_user->password, eap_user->password_len); user->password_len = eap_user->password_len; } user->force_version = eap_user->force_version; return 0; }
static int hostapd_radius_get_eap_user(void *ctx, const u8 *identity, size_t identity_len, int phase2, struct eap_user *user) { const struct hostapd_eap_user *eap_user; int i; int rv = -1; eap_user = hostapd_get_eap_user(ctx, identity, identity_len, phase2); if (eap_user == NULL) goto out; if (user == NULL) return 0; os_memset(user, 0, sizeof(*user)); for (i = 0; i < EAP_MAX_METHODS; i++) { user->methods[i].vendor = eap_user->methods[i].vendor; user->methods[i].method = eap_user->methods[i].method; } if (eap_user->password) { user->password = os_malloc(eap_user->password_len); if (user->password == NULL) goto out; os_memcpy(user->password, eap_user->password, eap_user->password_len); user->password_len = eap_user->password_len; user->password_hash = eap_user->password_hash; } user->force_version = eap_user->force_version; user->macacl = eap_user->macacl; user->ttls_auth = eap_user->ttls_auth; user->remediation = eap_user->remediation; user->accept_attr = eap_user->accept_attr; rv = 0; out: if (rv) wpa_printf(MSG_DEBUG, "%s: Failed to find user", __func__); return rv; }