/* * Acknowledge received is for one of the following messages sent earlier * 1. Handshake completed Message, so now send, EAP-Success * 2. Alert Message, now send, EAP-Failure * 3. Fragment Message, now send, next Fragment */ static eaptls_status_t eaptls_ack_handler(EAP_HANDLER *handler) { tls_session_t *tls_session; REQUEST *request = handler->request; tls_session = (tls_session_t *)handler->opaque; if (tls_session == NULL){ radlog_request(L_ERR, 0, request, "FAIL: Unexpected ACK received. Could not obtain session information."); return EAPTLS_FAIL; } if (tls_session->info.initialized == 0) { RDEBUG("No SSL info available. Waiting for more SSL data."); return EAPTLS_REQUEST; } if ((tls_session->info.content_type == handshake) && (tls_session->info.origin == 0)) { radlog_request(L_ERR, 0, request, "FAIL: ACK without earlier message."); return EAPTLS_FAIL; } switch (tls_session->info.content_type) { case alert: RDEBUG2("ACK alert"); eaptls_fail(handler, tls_session->peap_flag); return EAPTLS_FAIL; case handshake: if ((tls_session->info.handshake_type == finished) && (tls_session->dirty_out.used == 0)) { RDEBUG2("ACK handshake is finished"); /* * From now on all the content is * application data set it here as nobody else * sets it. */ tls_session->info.content_type = application_data; return EAPTLS_SUCCESS; } /* else more data to send */ RDEBUG2("ACK handshake fragment handler"); /* Fragmentation handler, send next fragment */ return EAPTLS_REQUEST; case application_data: RDEBUG2("ACK handshake fragment handler in application data"); return EAPTLS_REQUEST; /* * For the rest of the conditions, switch over * to the default section below. */ default: RDEBUG2("ACK default"); radlog_request(L_ERR, 0, request, "Invalid ACK received: %d", tls_session->info.content_type); return EAPTLS_FAIL; } }
/* * Do authentication, by letting EAP-TLS do most of the work. */ static int mod_authenticate(void *arg, eap_handler_t *handler) { int rcode; fr_tls_status_t status; rlm_eap_peap_t *inst = (rlm_eap_peap_t *) arg; tls_session_t *tls_session = (tls_session_t *) handler->opaque; peap_tunnel_t *peap = tls_session->opaque; REQUEST *request = handler->request; /* * Session resumption requires the storage of data, so * allocate it if it doesn't already exist. */ if (!tls_session->opaque) { peap = tls_session->opaque = peap_alloc(tls_session, inst); } status = eaptls_process(handler); RDEBUG2("eaptls_process returned %d\n", status); switch (status) { /* * EAP-TLS handshake was successful, tell the * client to keep talking. * * If this was EAP-TLS, we would just return * an EAP-TLS-Success packet here. */ case FR_TLS_SUCCESS: RDEBUG2("FR_TLS_SUCCESS"); peap->status = PEAP_STATUS_TUNNEL_ESTABLISHED; break; /* * The TLS code is still working on the TLS * exchange, and it's a valid TLS request. * do nothing. */ case FR_TLS_HANDLED: /* * FIXME: If the SSL session is established, grab the state * and EAP id from the inner tunnel, and update it with * the expected EAP id! */ RDEBUG2("FR_TLS_HANDLED"); return 1; /* * Handshake is done, proceed with decoding tunneled * data. */ case FR_TLS_OK: RDEBUG2("FR_TLS_OK"); break; /* * Anything else: fail. */ default: RDEBUG2("FR_TLS_OTHERS"); return 0; } /* * Session is established, proceed with decoding * tunneled data. */ RDEBUG2("Session established. Decoding tunneled attributes"); /* * We may need PEAP data associated with the session, so * allocate it here, if it wasn't already alloacted. */ if (!tls_session->opaque) { tls_session->opaque = peap_alloc(tls_session, inst); } /* * Process the PEAP portion of the request. */ rcode = eappeap_process(handler, tls_session); switch (rcode) { case RLM_MODULE_REJECT: eaptls_fail(handler, 0); return 0; case RLM_MODULE_HANDLED: eaptls_request(handler->eap_ds, tls_session); return 1; case RLM_MODULE_OK: /* * Move the saved VP's from the Access-Accept to * our Access-Accept. */ peap = tls_session->opaque; if (peap->soh_reply_vps) { RDEBUG2("Using saved attributes from the SoH reply"); debug_pair_list(peap->soh_reply_vps); pairfilter(handler->request->reply, &handler->request->reply->vps, &peap->soh_reply_vps, 0, 0, TAG_ANY); } if (peap->accept_vps) { RDEBUG2("Using saved attributes from the original Access-Accept"); debug_pair_list(peap->accept_vps); pairfilter(handler->request->reply, &handler->request->reply->vps, &peap->accept_vps, 0, 0, TAG_ANY); } /* * Success: Automatically return MPPE keys. */ return eaptls_success(handler, 0); /* * No response packet, MUST be proxying it. * The main EAP module will take care of discovering * that the request now has a "proxy" packet, and * will proxy it, rather than returning an EAP packet. */ case RLM_MODULE_UPDATED: #ifdef WITH_PROXY rad_assert(handler->request->proxy != NULL); #endif return 1; break; default: break; } eaptls_fail(handler, 0); return 0; }
/* * Do authentication, by letting EAP-TLS do most of the work. */ static int eapttls_authenticate(void *arg, EAP_HANDLER *handler) { int rcode; fr_tls_status_t status; rlm_eap_ttls_t *inst = (rlm_eap_ttls_t *) arg; tls_session_t *tls_session = (tls_session_t *) handler->opaque; ttls_tunnel_t *t = (ttls_tunnel_t *) tls_session->opaque; REQUEST *request = handler->request; RDEBUG2("Authenticate"); tls_session->length_flag = inst->include_length; /* * Process TLS layer until done. */ status = eaptls_process(handler); RDEBUG2("eaptls_process returned %d\n", status); switch (status) { /* * EAP-TLS handshake was successful, tell the * client to keep talking. * * If this was EAP-TLS, we would just return * an EAP-TLS-Success packet here. */ case FR_TLS_SUCCESS: if (SSL_session_reused(tls_session->ssl)) { RDEBUG("Skipping Phase2 due to session resumption"); goto do_keys; } if (t && t->authenticated) { RDEBUG2("Using saved attributes from the original Access-Accept"); debug_pair_list(t->accept_vps); pairadd(&handler->request->reply->vps, t->accept_vps); t->accept_vps = NULL; do_keys: /* * Success: Automatically return MPPE keys. */ return eaptls_success(handler, 0); } else { eaptls_request(handler->eap_ds, tls_session); } return 1; /* * The TLS code is still working on the TLS * exchange, and it's a valid TLS request. * do nothing. */ case FR_TLS_HANDLED: return 1; /* * Handshake is done, proceed with decoding tunneled * data. */ case FR_TLS_OK: break; /* * Anything else: fail. */ default: return 0; } /* * Session is established, proceed with decoding * tunneled data. */ RDEBUG2("Session established. Proceeding to decode tunneled attributes."); /* * We may need TTLS data associated with the session, so * allocate it here, if it wasn't already alloacted. */ if (!tls_session->opaque) { tls_session->opaque = ttls_alloc(inst); tls_session->free_opaque = ttls_free; } /* * Process the TTLS portion of the request. */ rcode = eapttls_process(handler, tls_session); switch (rcode) { case PW_AUTHENTICATION_REJECT: eaptls_fail(handler, 0); return 0; /* * Access-Challenge, continue tunneled conversation. */ case PW_ACCESS_CHALLENGE: eaptls_request(handler->eap_ds, tls_session); return 1; /* * Success: Automatically return MPPE keys. */ case PW_AUTHENTICATION_ACK: return eaptls_success(handler, 0); /* * No response packet, MUST be proxying it. * The main EAP module will take care of discovering * that the request now has a "proxy" packet, and * will proxy it, rather than returning an EAP packet. */ case PW_STATUS_CLIENT: #ifdef WITH_PROXY rad_assert(handler->request->proxy != NULL); #endif return 1; break; default: break; } /* * Something we don't understand: Reject it. */ eaptls_fail(handler, 0); return 0; }
/* * Do authentication, by letting EAP-TLS do most of the work. */ static int eaptls_authenticate(void *arg, EAP_HANDLER *handler) { eaptls_status_t status; tls_session_t *tls_session = (tls_session_t *) handler->opaque; REQUEST *request = handler->request; eap_tls_t *inst = (eap_tls_t *) arg; RDEBUG2("Authenticate"); status = eaptls_process(handler); RDEBUG2("eaptls_process returned %d\n", status); switch (status) { /* * EAP-TLS handshake was successful, return an * EAP-TLS-Success packet here. */ case EAPTLS_SUCCESS: break; /* * The TLS code is still working on the TLS * exchange, and it's a valid TLS request. * do nothing. */ case EAPTLS_HANDLED: return 1; /* * Handshake is done, proceed with decoding tunneled * data. */ case EAPTLS_OK: RDEBUG2("Received unexpected tunneled data after successful handshake."); #ifndef NDEBUG if ((debug_flag > 2) && fr_log_fp) { unsigned int i; unsigned int data_len; unsigned char buffer[1024]; data_len = (tls_session->record_minus)(&tls_session->dirty_in, buffer, sizeof(buffer)); log_debug(" Tunneled data (%u bytes)\n", data_len); for (i = 0; i < data_len; i++) { if ((i & 0x0f) == 0x00) fprintf(fr_log_fp, " %x: ", i); if ((i & 0x0f) == 0x0f) fprintf(fr_log_fp, "\n"); fprintf(fr_log_fp, "%02x ", buffer[i]); } fprintf(fr_log_fp, "\n"); } #endif eaptls_fail(handler, 0); return 0; break; /* * Anything else: fail. * * Also, remove the session from the cache so that * the client can't re-use it. */ default: if (inst->conf->session_cache_enable) { SSL_CTX_remove_session(inst->ctx, tls_session->ssl->session); } return 0; } /* * New sessions cause some additional information to be * cached. */ if (!SSL_session_reused(tls_session->ssl)) { /* * FIXME: Store miscellaneous data. */ RDEBUG2("Adding user data to cached session"); #if 0 SSL_SESSION_set_ex_data(tls_session->ssl->session, ssl_session_idx_user_session, session_data); #endif } else { /* * FIXME: Retrieve miscellaneous data. */ #if 0 data = SSL_SESSION_get_ex_data(tls_session->ssl->session, ssl_session_idx_user_session); if (!session_data) { radlog_request(L_ERR, 0, request, "No user session data in cached session - " " REJECTING"); return 0; } #endif RDEBUG2("Retrieved session data from cached session"); } /* * Success: Automatically return MPPE keys. */ return eaptls_success(handler, 0); }
/* * Do authentication, by letting EAP-TLS do most of the work. */ static int CC_HINT(nonnull) mod_authenticate(void *type_arg, eap_handler_t *handler) { fr_tls_status_t status; tls_session_t *tls_session = (tls_session_t *) handler->opaque; REQUEST *request = handler->request; rlm_eap_tls_t *inst; inst = type_arg; RDEBUG2("Authenticate"); status = eaptls_process(handler); RDEBUG2("eaptls_process returned %d\n", status); switch (status) { /* * EAP-TLS handshake was successful, return an * EAP-TLS-Success packet here. * * If a virtual server was configured, check that * it accepts the certificates, too. */ case FR_TLS_SUCCESS: if (inst->virtual_server) { VALUE_PAIR *vp; REQUEST *fake; /* create a fake request */ fake = request_alloc_fake(request); rad_assert(!fake->packet->vps); fake->packet->vps = paircopy(fake->packet, request->packet->vps); /* set the virtual server to use */ if ((vp = pairfind(request->config_items, PW_VIRTUAL_SERVER, 0, TAG_ANY)) != NULL) { fake->server = vp->vp_strvalue; } else { fake->server = inst->virtual_server; } RDEBUG("Processing EAP-TLS Certificate check:"); debug_pair_list(fake->packet->vps); RDEBUG("server %s {", fake->server); rad_virtual_server(fake); RDEBUG("} # server %s", fake->server); /* copy the reply vps back to our reply */ pairfilter(request->reply, &request->reply->vps, &fake->reply->vps, 0, 0, TAG_ANY); /* reject if virtual server didn't return accept */ if (fake->reply->code != PW_CODE_AUTHENTICATION_ACK) { RDEBUG2("Certificates were rejected by the virtual server"); request_free(&fake); eaptls_fail(handler, 0); return 0; } request_free(&fake); /* success */ } break; /* * The TLS code is still working on the TLS * exchange, and it's a valid TLS request. * do nothing. */ case FR_TLS_HANDLED: return 1; /* * Handshake is done, proceed with decoding tunneled * data. */ case FR_TLS_OK: RDEBUG2("Received unexpected tunneled data after successful handshake"); #ifndef NDEBUG if ((debug_flag > 2) && fr_log_fp) { unsigned int i; unsigned int data_len; unsigned char buffer[1024]; data_len = (tls_session->record_minus)(&tls_session->dirty_in, buffer, sizeof(buffer)); DEBUG(" Tunneled data (%u bytes)", data_len); for (i = 0; i < data_len; i++) { if ((i & 0x0f) == 0x00) fprintf(fr_log_fp, " %x: ", i); if ((i & 0x0f) == 0x0f) fprintf(fr_log_fp, "\n"); fprintf(fr_log_fp, "%02x ", buffer[i]); } fprintf(fr_log_fp, "\n"); } #endif eaptls_fail(handler, 0); return 0; break; /* * Anything else: fail. * * Also, remove the session from the cache so that * the client can't re-use it. */ default: tls_fail(tls_session); return 0; } /* * Success: Automatically return MPPE keys. */ return eaptls_success(handler, 0); }
/* * To process the TLS, * INCOMING DATA: * 1. EAP-TLS should get the compelete TLS data from the peer. * 2. Store that data in a data structure with any other required info * 3. Handle that data structure to the TLS module. * 4. TLS module will perform its operations on the data and * handle back to EAP-TLS * * OUTGOING DATA: * 1. EAP-TLS if necessary will fragment it and send it to the * destination. * * During EAP-TLS initialization, TLS Context object will be * initialized and stored. For every new authentication * requests, TLS will open a new session object and that session * object should be maintained even after the session is * completed for session resumption. (Probably later as a feature * as we donot know who maintains these session objects ie, * SSL_CTX (internally) or TLS module(explicitly). If TLS module, * then how to let SSL API know about these sessions.) */ static eaptls_status_t eaptls_operation(eaptls_status_t status, EAP_HANDLER *handler) { tls_session_t *tls_session; tls_session = (tls_session_t *)handler->opaque; if ((status == EAPTLS_MORE_FRAGMENTS) || (status == EAPTLS_MORE_FRAGMENTS_WITH_LENGTH) || (status == EAPTLS_FIRST_FRAGMENT)) { /* * Send the ACK. */ eaptls_send_ack(handler->eap_ds, tls_session->peap_flag); return EAPTLS_HANDLED; } /* * We have the complete TLS-data or TLS-message. * * Clean the dirty message. * * Authenticate the user and send * Success/Failure. * * If more info * is required then send another request. */ if (!tls_handshake_recv(tls_session)) { DEBUG2("TLS receive handshake failed during operation"); eaptls_fail(handler, tls_session->peap_flag); return EAPTLS_FAIL; } /* * FIXME: return success/fail. * * TLS proper can decide what to do, then. */ if (tls_session->dirty_out.used > 0) { eaptls_request(handler->eap_ds, tls_session); return EAPTLS_HANDLED; } /* * If there is no data to send i.e * dirty_out.used <=0 and if the SSL * handshake is finished, then return a * EPTLS_SUCCESS */ if (SSL_is_init_finished(tls_session->ssl)) { /* * Init is finished. The rest is * application data. */ tls_session->info.content_type = application_data; return EAPTLS_SUCCESS; } /* * Who knows what happened... */ DEBUG2("TLS failed during operation"); return EAPTLS_FAIL; }
int eaptls_success(EAP_HANDLER *handler, int peap_flag) { EAPTLS_PACKET reply; VALUE_PAIR *vp, *vps = NULL; REQUEST *request = handler->request; tls_session_t *tls_session = handler->opaque; reply.code = EAPTLS_SUCCESS; reply.length = TLS_HEADER_LEN; reply.flags = peap_flag; reply.data = NULL; reply.dlen = 0; /* * If there's no session resumption, delete the entry * from the cache. This means either it's disabled * globally for this SSL context, OR we were told to * disable it for this user. * * This also means you can't turn it on just for one * user. */ if ((!tls_session->allow_session_resumption) || (((vp = pairfind(request->config_items, 1127)) != NULL) && (vp->vp_integer == 0))) { SSL_CTX_remove_session(tls_session->ctx, tls_session->ssl->session); tls_session->allow_session_resumption = 0; /* * If we're in a resumed session and it's * not allowed, */ if (SSL_session_reused(tls_session->ssl)) { RDEBUG("FAIL: Forcibly stopping session resumption as it is not allowed."); return eaptls_fail(handler, peap_flag); } /* * Else resumption IS allowed, so we store the * user data in the cache. */ } else if (!SSL_session_reused(tls_session->ssl)) { RDEBUG2("Saving response in the cache"); vp = paircopy2(request->reply->vps, PW_USER_NAME); pairadd(&vps, vp); vp = paircopy2(request->packet->vps, PW_STRIPPED_USER_NAME); pairadd(&vps, vp); if (vps) { SSL_SESSION_set_ex_data(tls_session->ssl->session, eaptls_session_idx, vps); } else { RDEBUG2("WARNING: No information to cache: session caching will be disabled for this session."); SSL_CTX_remove_session(tls_session->ctx, tls_session->ssl->session); } /* * Else the session WAS allowed. Copy the cached * reply. */ } else { vp = SSL_SESSION_get_ex_data(tls_session->ssl->session, eaptls_session_idx); if (!vp) { RDEBUG("WARNING: No information in cached session!"); return eaptls_fail(handler, peap_flag); } else { RDEBUG("Adding cached attributes to the reply:"); debug_pair_list(vp); pairadd(&request->reply->vps, paircopy(vp)); /* * Mark the request as resumed. */ vp = pairmake("EAP-Session-Resumed", "1", T_OP_SET); if (vp) pairadd(&request->packet->vps, vp); } } /* * Call compose AFTER checking for cached data. */ eaptls_compose(handler->eap_ds, &reply); /* * Automatically generate MPPE keying material. */ if (tls_session->prf_label) { eaptls_gen_mppe_keys(&handler->request->reply->vps, tls_session->ssl, tls_session->prf_label); } else { RDEBUG("WARNING: Not adding MPPE keys because there is no PRF label"); } return 1; }
/* * Do post-proxy processing, */ static int CC_HINT(nonnull) eapttls_postproxy(eap_handler_t *handler, void *data) { int rcode; tls_session_t *tls_session = (tls_session_t *) data; REQUEST *fake, *request = handler->request; RDEBUG("Passing reply from proxy back into the tunnel"); /* * If there was a fake request associated with the proxied * request, do more processing of it. */ fake = (REQUEST *) request_data_get(handler->request, handler->request->proxy, REQUEST_DATA_EAP_MSCHAP_TUNNEL_CALLBACK); /* * Do the callback, if it exists, and if it was a success. */ if (fake && (handler->request->proxy_reply->code == PW_CODE_ACCESS_ACCEPT)) { /* * Terrible hacks. */ rad_assert(!fake->packet); fake->packet = talloc_steal(fake, request->proxy); fake->packet->src_ipaddr = request->packet->src_ipaddr; request->proxy = NULL; rad_assert(!fake->reply); fake->reply = talloc_steal(fake, request->proxy_reply); request->proxy_reply = NULL; if ((rad_debug_lvl > 0) && fr_log_fp) { fprintf(fr_log_fp, "server %s {\n", (!fake->server) ? "" : fake->server); } /* * Perform a post-auth stage for the tunneled * session. */ fake->options &= ~RAD_REQUEST_OPTION_PROXY_EAP; rcode = rad_postauth(fake); RDEBUG2("post-auth returns %d", rcode); if ((rad_debug_lvl > 0) && fr_log_fp) { fprintf(fr_log_fp, "} # server %s\n", (!fake->server) ? "" : fake->server); RDEBUG("Final reply from tunneled session code %d", fake->reply->code); rdebug_pair_list(L_DBG_LVL_1, request, fake->reply->vps, NULL); } /* * Terrible hacks. */ request->proxy = talloc_steal(request, fake->packet); fake->packet = NULL; request->proxy_reply = talloc_steal(request, fake->reply); fake->reply = NULL; /* * And we're done with this request. */ switch (rcode) { case RLM_MODULE_FAIL: talloc_free(fake); eaptls_fail(handler, 0); return 0; default: /* Don't Do Anything */ RDEBUG2("Got reply %d", request->proxy_reply->code); break; } } talloc_free(fake); /* robust if !fake */ /* * Process the reply from the home server. */ rcode = process_reply(handler, tls_session, handler->request, handler->request->proxy_reply); /* * The proxy code uses the reply from the home server as * the basis for the reply to the NAS. We don't want that, * so we toss it, after we've had our way with it. */ fr_pair_list_free(&handler->request->proxy_reply->vps); switch (rcode) { case RLM_MODULE_REJECT: RDEBUG("Reply was rejected"); break; case RLM_MODULE_HANDLED: RDEBUG("Reply was handled"); eaptls_request(handler->eap_ds, tls_session); request->proxy_reply->code = PW_CODE_ACCESS_CHALLENGE; return 1; case RLM_MODULE_OK: RDEBUG("Reply was OK"); /* * Success: Automatically return MPPE keys. */ return eaptls_success(handler, 0); default: RDEBUG("Reply was unknown"); break; } eaptls_fail(handler, 0); return 0; }