LCOV - code coverage report
Current view: top level - src/radius - radius_server.c (source / functions) Hit Total Coverage
Test: wpa_supplicant/hostapd combined for hwsim test run 1422976643 Lines: 683 914 74.7 %
Date: 2015-02-03 Functions: 33 34 97.1 %

          Line data    Source code
       1             : /*
       2             :  * RADIUS authentication server
       3             :  * Copyright (c) 2005-2009, 2011-2014, Jouni Malinen <j@w1.fi>
       4             :  *
       5             :  * This software may be distributed under the terms of the BSD license.
       6             :  * See README for more details.
       7             :  */
       8             : 
       9             : #include "includes.h"
      10             : #include <net/if.h>
      11             : #ifdef CONFIG_SQLITE
      12             : #include <sqlite3.h>
      13             : #endif /* CONFIG_SQLITE */
      14             : 
      15             : #include "common.h"
      16             : #include "radius.h"
      17             : #include "eloop.h"
      18             : #include "eap_server/eap.h"
      19             : #include "ap/ap_config.h"
      20             : #include "crypto/tls.h"
      21             : #include "radius_server.h"
      22             : 
      23             : /**
      24             :  * RADIUS_SESSION_TIMEOUT - Session timeout in seconds
      25             :  */
      26             : #define RADIUS_SESSION_TIMEOUT 60
      27             : 
      28             : /**
      29             :  * RADIUS_MAX_SESSION - Maximum number of active sessions
      30             :  */
      31             : #define RADIUS_MAX_SESSION 100
      32             : 
      33             : /**
      34             :  * RADIUS_MAX_MSG_LEN - Maximum message length for incoming RADIUS messages
      35             :  */
      36             : #define RADIUS_MAX_MSG_LEN 3000
      37             : 
      38             : static struct eapol_callbacks radius_server_eapol_cb;
      39             : 
      40             : struct radius_client;
      41             : struct radius_server_data;
      42             : 
      43             : /**
      44             :  * struct radius_server_counters - RADIUS server statistics counters
      45             :  */
      46             : struct radius_server_counters {
      47             :         u32 access_requests;
      48             :         u32 invalid_requests;
      49             :         u32 dup_access_requests;
      50             :         u32 access_accepts;
      51             :         u32 access_rejects;
      52             :         u32 access_challenges;
      53             :         u32 malformed_access_requests;
      54             :         u32 bad_authenticators;
      55             :         u32 packets_dropped;
      56             :         u32 unknown_types;
      57             : 
      58             :         u32 acct_requests;
      59             :         u32 invalid_acct_requests;
      60             :         u32 acct_responses;
      61             :         u32 malformed_acct_requests;
      62             :         u32 acct_bad_authenticators;
      63             :         u32 unknown_acct_types;
      64             : };
      65             : 
      66             : /**
      67             :  * struct radius_session - Internal RADIUS server data for a session
      68             :  */
      69             : struct radius_session {
      70             :         struct radius_session *next;
      71             :         struct radius_client *client;
      72             :         struct radius_server_data *server;
      73             :         unsigned int sess_id;
      74             :         struct eap_sm *eap;
      75             :         struct eap_eapol_interface *eap_if;
      76             :         char *username; /* from User-Name attribute */
      77             :         char *nas_ip;
      78             : 
      79             :         struct radius_msg *last_msg;
      80             :         char *last_from_addr;
      81             :         int last_from_port;
      82             :         struct sockaddr_storage last_from;
      83             :         socklen_t last_fromlen;
      84             :         u8 last_identifier;
      85             :         struct radius_msg *last_reply;
      86             :         u8 last_authenticator[16];
      87             : 
      88             :         unsigned int remediation:1;
      89             :         unsigned int macacl:1;
      90             : 
      91             :         struct hostapd_radius_attr *accept_attr;
      92             : };
      93             : 
      94             : /**
      95             :  * struct radius_client - Internal RADIUS server data for a client
      96             :  */
      97             : struct radius_client {
      98             :         struct radius_client *next;
      99             :         struct in_addr addr;
     100             :         struct in_addr mask;
     101             : #ifdef CONFIG_IPV6
     102             :         struct in6_addr addr6;
     103             :         struct in6_addr mask6;
     104             : #endif /* CONFIG_IPV6 */
     105             :         char *shared_secret;
     106             :         int shared_secret_len;
     107             :         struct radius_session *sessions;
     108             :         struct radius_server_counters counters;
     109             : };
     110             : 
     111             : /**
     112             :  * struct radius_server_data - Internal RADIUS server data
     113             :  */
     114             : struct radius_server_data {
     115             :         /**
     116             :          * auth_sock - Socket for RADIUS authentication messages
     117             :          */
     118             :         int auth_sock;
     119             : 
     120             :         /**
     121             :          * acct_sock - Socket for RADIUS accounting messages
     122             :          */
     123             :         int acct_sock;
     124             : 
     125             :         /**
     126             :          * clients - List of authorized RADIUS clients
     127             :          */
     128             :         struct radius_client *clients;
     129             : 
     130             :         /**
     131             :          * next_sess_id - Next session identifier
     132             :          */
     133             :         unsigned int next_sess_id;
     134             : 
     135             :         /**
     136             :          * conf_ctx - Context pointer for callbacks
     137             :          *
     138             :          * This is used as the ctx argument in get_eap_user() calls.
     139             :          */
     140             :         void *conf_ctx;
     141             : 
     142             :         /**
     143             :          * num_sess - Number of active sessions
     144             :          */
     145             :         int num_sess;
     146             : 
     147             :         /**
     148             :          * eap_sim_db_priv - EAP-SIM/AKA database context
     149             :          *
     150             :          * This is passed to the EAP-SIM/AKA server implementation as a
     151             :          * callback context.
     152             :          */
     153             :         void *eap_sim_db_priv;
     154             : 
     155             :         /**
     156             :          * ssl_ctx - TLS context
     157             :          *
     158             :          * This is passed to the EAP server implementation as a callback
     159             :          * context for TLS operations.
     160             :          */
     161             :         void *ssl_ctx;
     162             : 
     163             :         /**
     164             :          * pac_opaque_encr_key - PAC-Opaque encryption key for EAP-FAST
     165             :          *
     166             :          * This parameter is used to set a key for EAP-FAST to encrypt the
     167             :          * PAC-Opaque data. It can be set to %NULL if EAP-FAST is not used. If
     168             :          * set, must point to a 16-octet key.
     169             :          */
     170             :         u8 *pac_opaque_encr_key;
     171             : 
     172             :         /**
     173             :          * eap_fast_a_id - EAP-FAST authority identity (A-ID)
     174             :          *
     175             :          * If EAP-FAST is not used, this can be set to %NULL. In theory, this
     176             :          * is a variable length field, but due to some existing implementations
     177             :          * requiring A-ID to be 16 octets in length, it is recommended to use
     178             :          * that length for the field to provide interoperability with deployed
     179             :          * peer implementations.
     180             :          */
     181             :         u8 *eap_fast_a_id;
     182             : 
     183             :         /**
     184             :          * eap_fast_a_id_len - Length of eap_fast_a_id buffer in octets
     185             :          */
     186             :         size_t eap_fast_a_id_len;
     187             : 
     188             :         /**
     189             :          * eap_fast_a_id_info - EAP-FAST authority identifier information
     190             :          *
     191             :          * This A-ID-Info contains a user-friendly name for the A-ID. For
     192             :          * example, this could be the enterprise and server names in
     193             :          * human-readable format. This field is encoded as UTF-8. If EAP-FAST
     194             :          * is not used, this can be set to %NULL.
     195             :          */
     196             :         char *eap_fast_a_id_info;
     197             : 
     198             :         /**
     199             :          * eap_fast_prov - EAP-FAST provisioning modes
     200             :          *
     201             :          * 0 = provisioning disabled, 1 = only anonymous provisioning allowed,
     202             :          * 2 = only authenticated provisioning allowed, 3 = both provisioning
     203             :          * modes allowed.
     204             :          */
     205             :         int eap_fast_prov;
     206             : 
     207             :         /**
     208             :          * pac_key_lifetime - EAP-FAST PAC-Key lifetime in seconds
     209             :          *
     210             :          * This is the hard limit on how long a provisioned PAC-Key can be
     211             :          * used.
     212             :          */
     213             :         int pac_key_lifetime;
     214             : 
     215             :         /**
     216             :          * pac_key_refresh_time - EAP-FAST PAC-Key refresh time in seconds
     217             :          *
     218             :          * This is a soft limit on the PAC-Key. The server will automatically
     219             :          * generate a new PAC-Key when this number of seconds (or fewer) of the
     220             :          * lifetime remains.
     221             :          */
     222             :         int pac_key_refresh_time;
     223             : 
     224             :         /**
     225             :          * eap_sim_aka_result_ind - EAP-SIM/AKA protected success indication
     226             :          *
     227             :          * This controls whether the protected success/failure indication
     228             :          * (AT_RESULT_IND) is used with EAP-SIM and EAP-AKA.
     229             :          */
     230             :         int eap_sim_aka_result_ind;
     231             : 
     232             :         /**
     233             :          * tnc - Trusted Network Connect (TNC)
     234             :          *
     235             :          * This controls whether TNC is enabled and will be required before the
     236             :          * peer is allowed to connect. Note: This is only used with EAP-TTLS
     237             :          * and EAP-FAST. If any other EAP method is enabled, the peer will be
     238             :          * allowed to connect without TNC.
     239             :          */
     240             :         int tnc;
     241             : 
     242             :         /**
     243             :          * pwd_group - The D-H group assigned for EAP-pwd
     244             :          *
     245             :          * If EAP-pwd is not used it can be set to zero.
     246             :          */
     247             :         u16 pwd_group;
     248             : 
     249             :         /**
     250             :          * server_id - Server identity
     251             :          */
     252             :         const char *server_id;
     253             : 
     254             :         /**
     255             :          * erp - Whether EAP Re-authentication Protocol (ERP) is enabled
     256             :          *
     257             :          * This controls whether the authentication server derives ERP key
     258             :          * hierarchy (rRK and rIK) from full EAP authentication and allows
     259             :          * these keys to be used to perform ERP to derive rMSK instead of full
     260             :          * EAP authentication to derive MSK.
     261             :          */
     262             :         int erp;
     263             : 
     264             :         const char *erp_domain;
     265             : 
     266             :         struct dl_list erp_keys; /* struct eap_server_erp_key */
     267             : 
     268             :         /**
     269             :          * wps - Wi-Fi Protected Setup context
     270             :          *
     271             :          * If WPS is used with an external RADIUS server (which is quite
     272             :          * unlikely configuration), this is used to provide a pointer to WPS
     273             :          * context data. Normally, this can be set to %NULL.
     274             :          */
     275             :         struct wps_context *wps;
     276             : 
     277             :         /**
     278             :          * ipv6 - Whether to enable IPv6 support in the RADIUS server
     279             :          */
     280             :         int ipv6;
     281             : 
     282             :         /**
     283             :          * start_time - Timestamp of server start
     284             :          */
     285             :         struct os_reltime start_time;
     286             : 
     287             :         /**
     288             :          * counters - Statistics counters for server operations
     289             :          *
     290             :          * These counters are the sum over all clients.
     291             :          */
     292             :         struct radius_server_counters counters;
     293             : 
     294             :         /**
     295             :          * get_eap_user - Callback for fetching EAP user information
     296             :          * @ctx: Context data from conf_ctx
     297             :          * @identity: User identity
     298             :          * @identity_len: identity buffer length in octets
     299             :          * @phase2: Whether this is for Phase 2 identity
     300             :          * @user: Data structure for filling in the user information
     301             :          * Returns: 0 on success, -1 on failure
     302             :          *
     303             :          * This is used to fetch information from user database. The callback
     304             :          * will fill in information about allowed EAP methods and the user
     305             :          * password. The password field will be an allocated copy of the
     306             :          * password data and RADIUS server will free it after use.
     307             :          */
     308             :         int (*get_eap_user)(void *ctx, const u8 *identity, size_t identity_len,
     309             :                             int phase2, struct eap_user *user);
     310             : 
     311             :         /**
     312             :          * eap_req_id_text - Optional data for EAP-Request/Identity
     313             :          *
     314             :          * This can be used to configure an optional, displayable message that
     315             :          * will be sent in EAP-Request/Identity. This string can contain an
     316             :          * ASCII-0 character (nul) to separate network infromation per RFC
     317             :          * 4284. The actual string length is explicit provided in
     318             :          * eap_req_id_text_len since nul character will not be used as a string
     319             :          * terminator.
     320             :          */
     321             :         char *eap_req_id_text;
     322             : 
     323             :         /**
     324             :          * eap_req_id_text_len - Length of eap_req_id_text buffer in octets
     325             :          */
     326             :         size_t eap_req_id_text_len;
     327             : 
     328             :         /*
     329             :          * msg_ctx - Context data for wpa_msg() calls
     330             :          */
     331             :         void *msg_ctx;
     332             : 
     333             : #ifdef CONFIG_RADIUS_TEST
     334             :         char *dump_msk_file;
     335             : #endif /* CONFIG_RADIUS_TEST */
     336             : 
     337             :         char *subscr_remediation_url;
     338             :         u8 subscr_remediation_method;
     339             : 
     340             : #ifdef CONFIG_SQLITE
     341             :         sqlite3 *db;
     342             : #endif /* CONFIG_SQLITE */
     343             : };
     344             : 
     345             : 
     346             : #define RADIUS_DEBUG(args...) \
     347             : wpa_printf(MSG_DEBUG, "RADIUS SRV: " args)
     348             : #define RADIUS_ERROR(args...) \
     349             : wpa_printf(MSG_ERROR, "RADIUS SRV: " args)
     350             : #define RADIUS_DUMP(args...) \
     351             : wpa_hexdump(MSG_MSGDUMP, "RADIUS SRV: " args)
     352             : #define RADIUS_DUMP_ASCII(args...) \
     353             : wpa_hexdump_ascii(MSG_MSGDUMP, "RADIUS SRV: " args)
     354             : 
     355             : 
     356             : static void radius_server_session_timeout(void *eloop_ctx, void *timeout_ctx);
     357             : static void radius_server_session_remove_timeout(void *eloop_ctx,
     358             :                                                  void *timeout_ctx);
     359             : 
     360             : void srv_log(struct radius_session *sess, const char *fmt, ...)
     361             : PRINTF_FORMAT(2, 3);
     362             : 
     363        3623 : void srv_log(struct radius_session *sess, const char *fmt, ...)
     364             : {
     365             :         va_list ap;
     366             :         char *buf;
     367             :         int buflen;
     368             : 
     369        3623 :         va_start(ap, fmt);
     370        3623 :         buflen = vsnprintf(NULL, 0, fmt, ap) + 1;
     371        3623 :         va_end(ap);
     372             : 
     373        3623 :         buf = os_malloc(buflen);
     374        3623 :         if (buf == NULL)
     375        3623 :                 return;
     376        3623 :         va_start(ap, fmt);
     377        3623 :         vsnprintf(buf, buflen, fmt, ap);
     378        3623 :         va_end(ap);
     379             : 
     380        3623 :         RADIUS_DEBUG("[0x%x %s] %s", sess->sess_id, sess->nas_ip, buf);
     381             : 
     382             : #ifdef CONFIG_SQLITE
     383        3623 :         if (sess->server->db) {
     384             :                 char *sql;
     385           6 :                 sql = sqlite3_mprintf("INSERT INTO authlog"
     386             :                                       "(timestamp,session,nas_ip,username,note)"
     387             :                                       " VALUES ("
     388             :                                       "strftime('%%Y-%%m-%%d %%H:%%M:%%f',"
     389             :                                       "'now'),%u,%Q,%Q,%Q)",
     390             :                                       sess->sess_id, sess->nas_ip,
     391             :                                       sess->username, buf);
     392           6 :                 if (sql) {
     393           6 :                         if (sqlite3_exec(sess->server->db, sql, NULL, NULL,
     394             :                                          NULL) != SQLITE_OK) {
     395           0 :                                 RADIUS_ERROR("Failed to add authlog entry into sqlite database: %s",
     396             :                                              sqlite3_errmsg(sess->server->db));
     397             :                         }
     398           6 :                         sqlite3_free(sql);
     399             :                 }
     400             :         }
     401             : #endif /* CONFIG_SQLITE */
     402             : 
     403        3623 :         os_free(buf);
     404             : }
     405             : 
     406             : 
     407             : static struct radius_client *
     408        3307 : radius_server_get_client(struct radius_server_data *data, struct in_addr *addr,
     409             :                          int ipv6)
     410             : {
     411        3307 :         struct radius_client *client = data->clients;
     412             : 
     413        6614 :         while (client) {
     414             : #ifdef CONFIG_IPV6
     415        3307 :                 if (ipv6) {
     416             :                         struct in6_addr *addr6;
     417             :                         int i;
     418             : 
     419           7 :                         addr6 = (struct in6_addr *) addr;
     420         119 :                         for (i = 0; i < 16; i++) {
     421         224 :                                 if ((addr6->s6_addr[i] &
     422         112 :                                      client->mask6.s6_addr[i]) !=
     423         112 :                                     (client->addr6.s6_addr[i] &
     424             :                                      client->mask6.s6_addr[i])) {
     425           0 :                                         i = 17;
     426           0 :                                         break;
     427             :                                 }
     428             :                         }
     429           7 :                         if (i == 16) {
     430           7 :                                 break;
     431             :                         }
     432             :                 }
     433             : #endif /* CONFIG_IPV6 */
     434        6600 :                 if (!ipv6 && (client->addr.s_addr & client->mask.s_addr) ==
     435        3300 :                     (addr->s_addr & client->mask.s_addr)) {
     436        3300 :                         break;
     437             :                 }
     438             : 
     439           0 :                 client = client->next;
     440             :         }
     441             : 
     442        3307 :         return client;
     443             : }
     444             : 
     445             : 
     446             : static struct radius_session *
     447        2156 : radius_server_get_session(struct radius_client *client, unsigned int sess_id)
     448             : {
     449        2156 :         struct radius_session *sess = client->sessions;
     450             : 
     451        4321 :         while (sess) {
     452        2165 :                 if (sess->sess_id == sess_id) {
     453        2156 :                         break;
     454             :                 }
     455           9 :                 sess = sess->next;
     456             :         }
     457             : 
     458        2156 :         return sess;
     459             : }
     460             : 
     461             : 
     462         683 : static void radius_server_session_free(struct radius_server_data *data,
     463             :                                        struct radius_session *sess)
     464             : {
     465         683 :         eloop_cancel_timeout(radius_server_session_timeout, data, sess);
     466         683 :         eloop_cancel_timeout(radius_server_session_remove_timeout, data, sess);
     467         683 :         eap_server_sm_deinit(sess->eap);
     468         683 :         radius_msg_free(sess->last_msg);
     469         683 :         os_free(sess->last_from_addr);
     470         683 :         radius_msg_free(sess->last_reply);
     471         683 :         os_free(sess->username);
     472         683 :         os_free(sess->nas_ip);
     473         683 :         os_free(sess);
     474         683 :         data->num_sess--;
     475         683 : }
     476             : 
     477             : 
     478         650 : static void radius_server_session_remove(struct radius_server_data *data,
     479             :                                          struct radius_session *sess)
     480             : {
     481         650 :         struct radius_client *client = sess->client;
     482             :         struct radius_session *session, *prev;
     483             : 
     484         650 :         eloop_cancel_timeout(radius_server_session_remove_timeout, data, sess);
     485             : 
     486         650 :         prev = NULL;
     487         650 :         session = client->sessions;
     488        6822 :         while (session) {
     489        6172 :                 if (session == sess) {
     490         650 :                         if (prev == NULL) {
     491          45 :                                 client->sessions = sess->next;
     492             :                         } else {
     493         605 :                                 prev->next = sess->next;
     494             :                         }
     495         650 :                         radius_server_session_free(data, sess);
     496         650 :                         break;
     497             :                 }
     498        5522 :                 prev = session;
     499        5522 :                 session = session->next;
     500             :         }
     501         650 : }
     502             : 
     503             : 
     504         629 : static void radius_server_session_remove_timeout(void *eloop_ctx,
     505             :                                                  void *timeout_ctx)
     506             : {
     507         629 :         struct radius_server_data *data = eloop_ctx;
     508         629 :         struct radius_session *sess = timeout_ctx;
     509         629 :         RADIUS_DEBUG("Removing completed session 0x%x", sess->sess_id);
     510         629 :         radius_server_session_remove(data, sess);
     511         629 : }
     512             : 
     513             : 
     514          21 : static void radius_server_session_timeout(void *eloop_ctx, void *timeout_ctx)
     515             : {
     516          21 :         struct radius_server_data *data = eloop_ctx;
     517          21 :         struct radius_session *sess = timeout_ctx;
     518             : 
     519          21 :         RADIUS_DEBUG("Timing out authentication session 0x%x", sess->sess_id);
     520          21 :         radius_server_session_remove(data, sess);
     521          21 : }
     522             : 
     523             : 
     524             : static struct radius_session *
     525         683 : radius_server_new_session(struct radius_server_data *data,
     526             :                           struct radius_client *client)
     527             : {
     528             :         struct radius_session *sess;
     529             : 
     530         683 :         if (data->num_sess >= RADIUS_MAX_SESSION) {
     531           0 :                 RADIUS_DEBUG("Maximum number of existing session - no room "
     532             :                              "for a new session");
     533           0 :                 return NULL;
     534             :         }
     535             : 
     536         683 :         sess = os_zalloc(sizeof(*sess));
     537         683 :         if (sess == NULL)
     538           0 :                 return NULL;
     539             : 
     540         683 :         sess->server = data;
     541         683 :         sess->client = client;
     542         683 :         sess->sess_id = data->next_sess_id++;
     543         683 :         sess->next = client->sessions;
     544         683 :         client->sessions = sess;
     545         683 :         eloop_register_timeout(RADIUS_SESSION_TIMEOUT, 0,
     546             :                                radius_server_session_timeout, data, sess);
     547         683 :         data->num_sess++;
     548         683 :         return sess;
     549             : }
     550             : 
     551             : 
     552             : #ifdef CONFIG_TESTING_OPTIONS
     553           0 : static void radius_server_testing_options_tls(struct radius_session *sess,
     554             :                                               const char *tls,
     555             :                                               struct eap_config *eap_conf)
     556             : {
     557           0 :         int test = atoi(tls);
     558             : 
     559           0 :         switch (test) {
     560             :         case 1:
     561           0 :                 srv_log(sess, "TLS test - break VerifyData");
     562           0 :                 eap_conf->tls_test_flags = TLS_BREAK_VERIFY_DATA;
     563           0 :                 break;
     564             :         case 2:
     565           0 :                 srv_log(sess, "TLS test - break ServerKeyExchange ServerParams hash");
     566           0 :                 eap_conf->tls_test_flags = TLS_BREAK_SRV_KEY_X_HASH;
     567           0 :                 break;
     568             :         case 3:
     569           0 :                 srv_log(sess, "TLS test - break ServerKeyExchange ServerParams Signature");
     570           0 :                 eap_conf->tls_test_flags = TLS_BREAK_SRV_KEY_X_SIGNATURE;
     571           0 :                 break;
     572             :         case 4:
     573           0 :                 srv_log(sess, "TLS test - RSA-DHE using a short 511-bit prime");
     574           0 :                 eap_conf->tls_test_flags = TLS_DHE_PRIME_511B;
     575           0 :                 break;
     576             :         case 5:
     577           0 :                 srv_log(sess, "TLS test - RSA-DHE using a short 767-bit prime");
     578           0 :                 eap_conf->tls_test_flags = TLS_DHE_PRIME_767B;
     579           0 :                 break;
     580             :         case 6:
     581           0 :                 srv_log(sess, "TLS test - RSA-DHE using a bogus 15 \"prime\"");
     582           0 :                 eap_conf->tls_test_flags = TLS_DHE_PRIME_15;
     583           0 :                 break;
     584             :         case 7:
     585           0 :                 srv_log(sess, "TLS test - RSA-DHE using a short 58-bit prime in long container");
     586           0 :                 eap_conf->tls_test_flags = TLS_DHE_PRIME_58B;
     587           0 :                 break;
     588             :         case 8:
     589           0 :                 srv_log(sess, "TLS test - RSA-DHE using a non-prime");
     590           0 :                 eap_conf->tls_test_flags = TLS_DHE_NON_PRIME;
     591           0 :                 break;
     592             :         default:
     593           0 :                 srv_log(sess, "Unrecognized TLS test");
     594           0 :                 break;
     595             :         }
     596           0 : }
     597             : #endif /* CONFIG_TESTING_OPTIONS */
     598             : 
     599         683 : static void radius_server_testing_options(struct radius_session *sess,
     600             :                                           struct eap_config *eap_conf)
     601             : {
     602             : #ifdef CONFIG_TESTING_OPTIONS
     603             :         const char *pos;
     604             : 
     605         683 :         pos = os_strstr(sess->username, "@test-");
     606         683 :         if (pos == NULL)
     607        1366 :                 return;
     608           0 :         pos += 6;
     609           0 :         if (os_strncmp(pos, "tls-", 4) == 0)
     610           0 :                 radius_server_testing_options_tls(sess, pos + 4, eap_conf);
     611             :         else
     612           0 :                 srv_log(sess, "Unrecognized test: %s", pos);
     613             : #endif /* CONFIG_TESTING_OPTIONS */
     614             : }
     615             : 
     616             : 
     617             : static struct radius_session *
     618         684 : radius_server_get_new_session(struct radius_server_data *data,
     619             :                               struct radius_client *client,
     620             :                               struct radius_msg *msg, const char *from_addr)
     621             : {
     622             :         u8 *user;
     623             :         size_t user_len;
     624             :         int res;
     625             :         struct radius_session *sess;
     626             :         struct eap_config eap_conf;
     627             :         struct eap_user tmp;
     628             : 
     629         684 :         RADIUS_DEBUG("Creating a new session");
     630             : 
     631         684 :         if (radius_msg_get_attr_ptr(msg, RADIUS_ATTR_USER_NAME, &user,
     632             :                                     &user_len, NULL) < 0) {
     633           1 :                 RADIUS_DEBUG("Could not get User-Name");
     634           1 :                 return NULL;
     635             :         }
     636         683 :         RADIUS_DUMP_ASCII("User-Name", user, user_len);
     637             : 
     638         683 :         os_memset(&tmp, 0, sizeof(tmp));
     639         683 :         res = data->get_eap_user(data->conf_ctx, user, user_len, 0, &tmp);
     640         683 :         bin_clear_free(tmp.password, tmp.password_len);
     641             : 
     642         683 :         if (res != 0) {
     643           0 :                 RADIUS_DEBUG("User-Name not found from user database");
     644           0 :                 return NULL;
     645             :         }
     646             : 
     647         683 :         RADIUS_DEBUG("Matching user entry found");
     648         683 :         sess = radius_server_new_session(data, client);
     649         683 :         if (sess == NULL) {
     650           0 :                 RADIUS_DEBUG("Failed to create a new session");
     651           0 :                 return NULL;
     652             :         }
     653         683 :         sess->accept_attr = tmp.accept_attr;
     654         683 :         sess->macacl = tmp.macacl;
     655             : 
     656         683 :         sess->username = os_malloc(user_len * 4 + 1);
     657         683 :         if (sess->username == NULL) {
     658           0 :                 radius_server_session_free(data, sess);
     659           0 :                 return NULL;
     660             :         }
     661         683 :         printf_encode(sess->username, user_len * 4 + 1, user, user_len);
     662             : 
     663         683 :         sess->nas_ip = os_strdup(from_addr);
     664         683 :         if (sess->nas_ip == NULL) {
     665           0 :                 radius_server_session_free(data, sess);
     666           0 :                 return NULL;
     667             :         }
     668             : 
     669         683 :         srv_log(sess, "New session created");
     670             : 
     671         683 :         os_memset(&eap_conf, 0, sizeof(eap_conf));
     672         683 :         eap_conf.ssl_ctx = data->ssl_ctx;
     673         683 :         eap_conf.msg_ctx = data->msg_ctx;
     674         683 :         eap_conf.eap_sim_db_priv = data->eap_sim_db_priv;
     675         683 :         eap_conf.backend_auth = TRUE;
     676         683 :         eap_conf.eap_server = 1;
     677         683 :         eap_conf.pac_opaque_encr_key = data->pac_opaque_encr_key;
     678         683 :         eap_conf.eap_fast_a_id = data->eap_fast_a_id;
     679         683 :         eap_conf.eap_fast_a_id_len = data->eap_fast_a_id_len;
     680         683 :         eap_conf.eap_fast_a_id_info = data->eap_fast_a_id_info;
     681         683 :         eap_conf.eap_fast_prov = data->eap_fast_prov;
     682         683 :         eap_conf.pac_key_lifetime = data->pac_key_lifetime;
     683         683 :         eap_conf.pac_key_refresh_time = data->pac_key_refresh_time;
     684         683 :         eap_conf.eap_sim_aka_result_ind = data->eap_sim_aka_result_ind;
     685         683 :         eap_conf.tnc = data->tnc;
     686         683 :         eap_conf.wps = data->wps;
     687         683 :         eap_conf.pwd_group = data->pwd_group;
     688         683 :         eap_conf.server_id = (const u8 *) data->server_id;
     689         683 :         eap_conf.server_id_len = os_strlen(data->server_id);
     690         683 :         eap_conf.erp = data->erp;
     691         683 :         radius_server_testing_options(sess, &eap_conf);
     692         683 :         sess->eap = eap_server_sm_init(sess, &radius_server_eapol_cb,
     693             :                                        &eap_conf);
     694         683 :         if (sess->eap == NULL) {
     695           0 :                 RADIUS_DEBUG("Failed to initialize EAP state machine for the "
     696             :                              "new session");
     697           0 :                 radius_server_session_free(data, sess);
     698           0 :                 return NULL;
     699             :         }
     700         683 :         sess->eap_if = eap_get_interface(sess->eap);
     701         683 :         sess->eap_if->eapRestart = TRUE;
     702         683 :         sess->eap_if->portEnabled = TRUE;
     703             : 
     704         683 :         RADIUS_DEBUG("New session 0x%x initialized", sess->sess_id);
     705             : 
     706         683 :         return sess;
     707             : }
     708             : 
     709             : 
     710             : static struct radius_msg *
     711        2824 : radius_server_encapsulate_eap(struct radius_server_data *data,
     712             :                               struct radius_client *client,
     713             :                               struct radius_session *sess,
     714             :                               struct radius_msg *request)
     715             : {
     716             :         struct radius_msg *msg;
     717             :         int code;
     718             :         unsigned int sess_id;
     719        2824 :         struct radius_hdr *hdr = radius_msg_get_hdr(request);
     720             : 
     721        2824 :         if (sess->eap_if->eapFail) {
     722          92 :                 sess->eap_if->eapFail = FALSE;
     723          92 :                 code = RADIUS_CODE_ACCESS_REJECT;
     724        2732 :         } else if (sess->eap_if->eapSuccess) {
     725         570 :                 sess->eap_if->eapSuccess = FALSE;
     726         570 :                 code = RADIUS_CODE_ACCESS_ACCEPT;
     727             :         } else {
     728        2162 :                 sess->eap_if->eapReq = FALSE;
     729        2162 :                 code = RADIUS_CODE_ACCESS_CHALLENGE;
     730             :         }
     731             : 
     732        2824 :         msg = radius_msg_new(code, hdr->identifier);
     733        2824 :         if (msg == NULL) {
     734           0 :                 RADIUS_DEBUG("Failed to allocate reply message");
     735           0 :                 return NULL;
     736             :         }
     737             : 
     738        2824 :         sess_id = htonl(sess->sess_id);
     739        4986 :         if (code == RADIUS_CODE_ACCESS_CHALLENGE &&
     740        2162 :             !radius_msg_add_attr(msg, RADIUS_ATTR_STATE,
     741             :                                  (u8 *) &sess_id, sizeof(sess_id))) {
     742           0 :                 RADIUS_DEBUG("Failed to add State attribute");
     743             :         }
     744             : 
     745        5648 :         if (sess->eap_if->eapReqData &&
     746        2824 :             !radius_msg_add_eap(msg, wpabuf_head(sess->eap_if->eapReqData),
     747        2824 :                                 wpabuf_len(sess->eap_if->eapReqData))) {
     748           0 :                 RADIUS_DEBUG("Failed to add EAP-Message attribute");
     749             :         }
     750             : 
     751        2824 :         if (code == RADIUS_CODE_ACCESS_ACCEPT && sess->eap_if->eapKeyData) {
     752             :                 int len;
     753             : #ifdef CONFIG_RADIUS_TEST
     754             :                 if (data->dump_msk_file) {
     755             :                         FILE *f;
     756             :                         char buf[2 * 64 + 1];
     757             :                         f = fopen(data->dump_msk_file, "a");
     758             :                         if (f) {
     759             :                                 len = sess->eap_if->eapKeyDataLen;
     760             :                                 if (len > 64)
     761             :                                         len = 64;
     762             :                                 len = wpa_snprintf_hex(
     763             :                                         buf, sizeof(buf),
     764             :                                         sess->eap_if->eapKeyData, len);
     765             :                                 buf[len] = '\0';
     766             :                                 fprintf(f, "%s\n", buf);
     767             :                                 fclose(f);
     768             :                         }
     769             :                 }
     770             : #endif /* CONFIG_RADIUS_TEST */
     771         570 :                 if (sess->eap_if->eapKeyDataLen > 64) {
     772           0 :                         len = 32;
     773             :                 } else {
     774         570 :                         len = sess->eap_if->eapKeyDataLen / 2;
     775             :                 }
     776        2850 :                 if (!radius_msg_add_mppe_keys(msg, hdr->authenticator,
     777         570 :                                               (u8 *) client->shared_secret,
     778         570 :                                               client->shared_secret_len,
     779         570 :                                               sess->eap_if->eapKeyData + len,
     780         570 :                                               len, sess->eap_if->eapKeyData,
     781             :                                               len)) {
     782           0 :                         RADIUS_DEBUG("Failed to add MPPE key attributes");
     783             :                 }
     784             :         }
     785             : 
     786             : #ifdef CONFIG_HS20
     787        2825 :         if (code == RADIUS_CODE_ACCESS_ACCEPT && sess->remediation &&
     788           2 :             data->subscr_remediation_url) {
     789             :                 u8 *buf;
     790           1 :                 size_t url_len = os_strlen(data->subscr_remediation_url);
     791           1 :                 buf = os_malloc(1 + url_len);
     792           1 :                 if (buf == NULL) {
     793           0 :                         radius_msg_free(msg);
     794           0 :                         return NULL;
     795             :                 }
     796           1 :                 buf[0] = data->subscr_remediation_method;
     797           1 :                 os_memcpy(&buf[1], data->subscr_remediation_url, url_len);
     798           1 :                 if (!radius_msg_add_wfa(
     799             :                             msg, RADIUS_VENDOR_ATTR_WFA_HS20_SUBSCR_REMEDIATION,
     800             :                             buf, 1 + url_len)) {
     801           0 :                         RADIUS_DEBUG("Failed to add WFA-HS20-SubscrRem");
     802             :                 }
     803           1 :                 os_free(buf);
     804        2823 :         } else if (code == RADIUS_CODE_ACCESS_ACCEPT && sess->remediation) {
     805             :                 u8 buf[1];
     806           0 :                 if (!radius_msg_add_wfa(
     807             :                             msg, RADIUS_VENDOR_ATTR_WFA_HS20_SUBSCR_REMEDIATION,
     808             :                             buf, 0)) {
     809           0 :                         RADIUS_DEBUG("Failed to add WFA-HS20-SubscrRem");
     810             :                 }
     811             :         }
     812             : #endif /* CONFIG_HS20 */
     813             : 
     814        2824 :         if (radius_msg_copy_attr(msg, request, RADIUS_ATTR_PROXY_STATE) < 0) {
     815           0 :                 RADIUS_DEBUG("Failed to copy Proxy-State attribute(s)");
     816           0 :                 radius_msg_free(msg);
     817           0 :                 return NULL;
     818             :         }
     819             : 
     820        2824 :         if (code == RADIUS_CODE_ACCESS_ACCEPT) {
     821             :                 struct hostapd_radius_attr *attr;
     822         609 :                 for (attr = sess->accept_attr; attr; attr = attr->next) {
     823          78 :                         if (!radius_msg_add_attr(msg, attr->type,
     824          39 :                                                  wpabuf_head(attr->val),
     825          39 :                                                  wpabuf_len(attr->val))) {
     826           0 :                                 wpa_printf(MSG_ERROR, "Could not add RADIUS attribute");
     827           0 :                                 radius_msg_free(msg);
     828           0 :                                 return NULL;
     829             :                         }
     830             :                 }
     831             :         }
     832             : 
     833        2824 :         if (radius_msg_finish_srv(msg, (u8 *) client->shared_secret,
     834        2824 :                                   client->shared_secret_len,
     835        2824 :                                   hdr->authenticator) < 0) {
     836           0 :                 RADIUS_DEBUG("Failed to add Message-Authenticator attribute");
     837             :         }
     838             : 
     839        2824 :         return msg;
     840             : }
     841             : 
     842             : 
     843             : static struct radius_msg *
     844           3 : radius_server_macacl(struct radius_server_data *data,
     845             :                      struct radius_client *client,
     846             :                      struct radius_session *sess,
     847             :                      struct radius_msg *request)
     848             : {
     849             :         struct radius_msg *msg;
     850             :         int code;
     851           3 :         struct radius_hdr *hdr = radius_msg_get_hdr(request);
     852             :         u8 *pw;
     853             :         size_t pw_len;
     854             : 
     855           3 :         code = RADIUS_CODE_ACCESS_ACCEPT;
     856             : 
     857           3 :         if (radius_msg_get_attr_ptr(request, RADIUS_ATTR_USER_PASSWORD, &pw,
     858             :                                     &pw_len, NULL) < 0) {
     859           0 :                 RADIUS_DEBUG("Could not get User-Password");
     860           0 :                 code = RADIUS_CODE_ACCESS_REJECT;
     861             :         } else {
     862             :                 int res;
     863             :                 struct eap_user tmp;
     864             : 
     865           3 :                 os_memset(&tmp, 0, sizeof(tmp));
     866           6 :                 res = data->get_eap_user(data->conf_ctx, (u8 *) sess->username,
     867           3 :                                          os_strlen(sess->username), 0, &tmp);
     868           3 :                 if (res || !tmp.macacl || tmp.password == NULL) {
     869           0 :                         RADIUS_DEBUG("No MAC ACL user entry");
     870           0 :                         bin_clear_free(tmp.password, tmp.password_len);
     871           0 :                         code = RADIUS_CODE_ACCESS_REJECT;
     872             :                 } else {
     873             :                         u8 buf[128];
     874           9 :                         res = radius_user_password_hide(
     875           3 :                                 request, tmp.password, tmp.password_len,
     876           3 :                                 (u8 *) client->shared_secret,
     877           3 :                                 client->shared_secret_len,
     878             :                                 buf, sizeof(buf));
     879           3 :                         bin_clear_free(tmp.password, tmp.password_len);
     880             : 
     881           6 :                         if (res < 0 || pw_len != (size_t) res ||
     882           3 :                             os_memcmp_const(pw, buf, res) != 0) {
     883           0 :                                 RADIUS_DEBUG("Incorrect User-Password");
     884           0 :                                 code = RADIUS_CODE_ACCESS_REJECT;
     885             :                         }
     886             :                 }
     887             :         }
     888             : 
     889           3 :         msg = radius_msg_new(code, hdr->identifier);
     890           3 :         if (msg == NULL) {
     891           0 :                 RADIUS_DEBUG("Failed to allocate reply message");
     892           0 :                 return NULL;
     893             :         }
     894             : 
     895           3 :         if (radius_msg_copy_attr(msg, request, RADIUS_ATTR_PROXY_STATE) < 0) {
     896           0 :                 RADIUS_DEBUG("Failed to copy Proxy-State attribute(s)");
     897           0 :                 radius_msg_free(msg);
     898           0 :                 return NULL;
     899             :         }
     900             : 
     901           3 :         if (code == RADIUS_CODE_ACCESS_ACCEPT) {
     902             :                 struct hostapd_radius_attr *attr;
     903           4 :                 for (attr = sess->accept_attr; attr; attr = attr->next) {
     904           2 :                         if (!radius_msg_add_attr(msg, attr->type,
     905           1 :                                                  wpabuf_head(attr->val),
     906           1 :                                                  wpabuf_len(attr->val))) {
     907           0 :                                 wpa_printf(MSG_ERROR, "Could not add RADIUS attribute");
     908           0 :                                 radius_msg_free(msg);
     909           0 :                                 return NULL;
     910             :                         }
     911             :                 }
     912             :         }
     913             : 
     914           3 :         if (radius_msg_finish_srv(msg, (u8 *) client->shared_secret,
     915           3 :                                   client->shared_secret_len,
     916           3 :                                   hdr->authenticator) < 0) {
     917           0 :                 RADIUS_DEBUG("Failed to add Message-Authenticator attribute");
     918             :         }
     919             : 
     920           3 :         return msg;
     921             : }
     922             : 
     923             : 
     924           1 : static int radius_server_reject(struct radius_server_data *data,
     925             :                                 struct radius_client *client,
     926             :                                 struct radius_msg *request,
     927             :                                 struct sockaddr *from, socklen_t fromlen,
     928             :                                 const char *from_addr, int from_port)
     929             : {
     930             :         struct radius_msg *msg;
     931           1 :         int ret = 0;
     932             :         struct eap_hdr eapfail;
     933             :         struct wpabuf *buf;
     934           1 :         struct radius_hdr *hdr = radius_msg_get_hdr(request);
     935             : 
     936           1 :         RADIUS_DEBUG("Reject invalid request from %s:%d",
     937             :                      from_addr, from_port);
     938             : 
     939           1 :         msg = radius_msg_new(RADIUS_CODE_ACCESS_REJECT, hdr->identifier);
     940           1 :         if (msg == NULL) {
     941           0 :                 return -1;
     942             :         }
     943             : 
     944           1 :         os_memset(&eapfail, 0, sizeof(eapfail));
     945           1 :         eapfail.code = EAP_CODE_FAILURE;
     946           1 :         eapfail.identifier = 0;
     947           1 :         eapfail.length = host_to_be16(sizeof(eapfail));
     948             : 
     949           1 :         if (!radius_msg_add_eap(msg, (u8 *) &eapfail, sizeof(eapfail))) {
     950           0 :                 RADIUS_DEBUG("Failed to add EAP-Message attribute");
     951             :         }
     952             : 
     953           1 :         if (radius_msg_copy_attr(msg, request, RADIUS_ATTR_PROXY_STATE) < 0) {
     954           0 :                 RADIUS_DEBUG("Failed to copy Proxy-State attribute(s)");
     955           0 :                 radius_msg_free(msg);
     956           0 :                 return -1;
     957             :         }
     958             : 
     959           1 :         if (radius_msg_finish_srv(msg, (u8 *) client->shared_secret,
     960           1 :                                   client->shared_secret_len,
     961           1 :                                   hdr->authenticator) <
     962             :             0) {
     963           0 :                 RADIUS_DEBUG("Failed to add Message-Authenticator attribute");
     964             :         }
     965             : 
     966           1 :         if (wpa_debug_level <= MSG_MSGDUMP) {
     967           1 :                 radius_msg_dump(msg);
     968             :         }
     969             : 
     970           1 :         data->counters.access_rejects++;
     971           1 :         client->counters.access_rejects++;
     972           1 :         buf = radius_msg_get_buf(msg);
     973           1 :         if (sendto(data->auth_sock, wpabuf_head(buf), wpabuf_len(buf), 0,
     974             :                    (struct sockaddr *) from, sizeof(*from)) < 0) {
     975           0 :                 wpa_printf(MSG_INFO, "sendto[RADIUS SRV]: %s", strerror(errno));
     976           0 :                 ret = -1;
     977             :         }
     978             : 
     979           1 :         radius_msg_free(msg);
     980             : 
     981           1 :         return ret;
     982             : }
     983             : 
     984             : 
     985        2918 : static int radius_server_request(struct radius_server_data *data,
     986             :                                  struct radius_msg *msg,
     987             :                                  struct sockaddr *from, socklen_t fromlen,
     988             :                                  struct radius_client *client,
     989             :                                  const char *from_addr, int from_port,
     990             :                                  struct radius_session *force_sess)
     991             : {
     992        2918 :         struct wpabuf *eap = NULL;
     993        2918 :         int res, state_included = 0;
     994             :         u8 statebuf[4];
     995             :         unsigned int state;
     996             :         struct radius_session *sess;
     997             :         struct radius_msg *reply;
     998        2918 :         int is_complete = 0;
     999             : 
    1000        2918 :         if (force_sess)
    1001          78 :                 sess = force_sess;
    1002             :         else {
    1003        2840 :                 res = radius_msg_get_attr(msg, RADIUS_ATTR_STATE, statebuf,
    1004             :                                           sizeof(statebuf));
    1005        2840 :                 state_included = res >= 0;
    1006        2840 :                 if (res == sizeof(statebuf)) {
    1007        2156 :                         state = WPA_GET_BE32(statebuf);
    1008        2156 :                         sess = radius_server_get_session(client, state);
    1009             :                 } else {
    1010         684 :                         sess = NULL;
    1011             :                 }
    1012             :         }
    1013             : 
    1014        2918 :         if (sess) {
    1015        2234 :                 RADIUS_DEBUG("Request for session 0x%x", sess->sess_id);
    1016         684 :         } else if (state_included) {
    1017           0 :                 RADIUS_DEBUG("State attribute included but no session found");
    1018           0 :                 radius_server_reject(data, client, msg, from, fromlen,
    1019             :                                      from_addr, from_port);
    1020           0 :                 return -1;
    1021             :         } else {
    1022         684 :                 sess = radius_server_get_new_session(data, client, msg,
    1023             :                                                      from_addr);
    1024         684 :                 if (sess == NULL) {
    1025           1 :                         RADIUS_DEBUG("Could not create a new session");
    1026           1 :                         radius_server_reject(data, client, msg, from, fromlen,
    1027             :                                              from_addr, from_port);
    1028           1 :                         return -1;
    1029             :                 }
    1030             :         }
    1031             : 
    1032        5151 :         if (sess->last_from_port == from_port &&
    1033        2242 :             sess->last_identifier == radius_msg_get_hdr(msg)->identifier &&
    1034           8 :             os_memcmp(sess->last_authenticator,
    1035             :                       radius_msg_get_hdr(msg)->authenticator, 16) == 0) {
    1036           8 :                 RADIUS_DEBUG("Duplicate message from %s", from_addr);
    1037           8 :                 data->counters.dup_access_requests++;
    1038           8 :                 client->counters.dup_access_requests++;
    1039             : 
    1040           8 :                 if (sess->last_reply) {
    1041             :                         struct wpabuf *buf;
    1042           8 :                         buf = radius_msg_get_buf(sess->last_reply);
    1043           8 :                         res = sendto(data->auth_sock, wpabuf_head(buf),
    1044             :                                      wpabuf_len(buf), 0,
    1045             :                                      (struct sockaddr *) from, fromlen);
    1046           8 :                         if (res < 0) {
    1047           0 :                                 wpa_printf(MSG_INFO, "sendto[RADIUS SRV]: %s",
    1048           0 :                                            strerror(errno));
    1049             :                         }
    1050           8 :                         return 0;
    1051             :                 }
    1052             : 
    1053           0 :                 RADIUS_DEBUG("No previous reply available for duplicate "
    1054             :                              "message");
    1055           0 :                 return -1;
    1056             :         }
    1057             :                       
    1058        2909 :         eap = radius_msg_get_eap(msg);
    1059        2909 :         if (eap == NULL && sess->macacl) {
    1060           3 :                 reply = radius_server_macacl(data, client, sess, msg);
    1061           3 :                 if (reply == NULL)
    1062           0 :                         return -1;
    1063           3 :                 goto send_reply;
    1064             :         }
    1065        2906 :         if (eap == NULL) {
    1066           0 :                 RADIUS_DEBUG("No EAP-Message in RADIUS packet from %s",
    1067             :                              from_addr);
    1068           0 :                 data->counters.packets_dropped++;
    1069           0 :                 client->counters.packets_dropped++;
    1070           0 :                 return -1;
    1071             :         }
    1072             : 
    1073        2906 :         RADIUS_DUMP("Received EAP data", wpabuf_head(eap), wpabuf_len(eap));
    1074             : 
    1075             :         /* FIX: if Code is Request, Success, or Failure, send Access-Reject;
    1076             :          * RFC3579 Sect. 2.6.2.
    1077             :          * Include EAP-Response/Nak with no preferred method if
    1078             :          * code == request.
    1079             :          * If code is not 1-4, discard the packet silently.
    1080             :          * Or is this already done by the EAP state machine? */
    1081             : 
    1082        2906 :         wpabuf_free(sess->eap_if->eapRespData);
    1083        2906 :         sess->eap_if->eapRespData = eap;
    1084        2906 :         sess->eap_if->eapResp = TRUE;
    1085        2906 :         eap_server_sm_step(sess->eap);
    1086             : 
    1087        3080 :         if ((sess->eap_if->eapReq || sess->eap_if->eapSuccess ||
    1088        2998 :              sess->eap_if->eapFail) && sess->eap_if->eapReqData) {
    1089        2824 :                 RADIUS_DUMP("EAP data from the state machine",
    1090             :                             wpabuf_head(sess->eap_if->eapReqData),
    1091             :                             wpabuf_len(sess->eap_if->eapReqData));
    1092          82 :         } else if (sess->eap_if->eapFail) {
    1093           0 :                 RADIUS_DEBUG("No EAP data from the state machine, but eapFail "
    1094             :                              "set");
    1095          82 :         } else if (eap_sm_method_pending(sess->eap)) {
    1096          78 :                 radius_msg_free(sess->last_msg);
    1097          78 :                 sess->last_msg = msg;
    1098          78 :                 sess->last_from_port = from_port;
    1099          78 :                 os_free(sess->last_from_addr);
    1100          78 :                 sess->last_from_addr = os_strdup(from_addr);
    1101          78 :                 sess->last_fromlen = fromlen;
    1102          78 :                 os_memcpy(&sess->last_from, from, fromlen);
    1103          78 :                 return -2;
    1104             :         } else {
    1105           4 :                 RADIUS_DEBUG("No EAP data from the state machine - ignore this"
    1106             :                              " Access-Request silently (assuming it was a "
    1107             :                              "duplicate)");
    1108           4 :                 data->counters.packets_dropped++;
    1109           4 :                 client->counters.packets_dropped++;
    1110           4 :                 return -1;
    1111             :         }
    1112             : 
    1113        2824 :         if (sess->eap_if->eapSuccess || sess->eap_if->eapFail)
    1114         662 :                 is_complete = 1;
    1115        2824 :         if (sess->eap_if->eapFail)
    1116          92 :                 srv_log(sess, "EAP authentication failed");
    1117        2732 :         else if (sess->eap_if->eapSuccess)
    1118         570 :                 srv_log(sess, "EAP authentication succeeded");
    1119             : 
    1120        2824 :         reply = radius_server_encapsulate_eap(data, client, sess, msg);
    1121             : 
    1122             : send_reply:
    1123        2827 :         if (reply) {
    1124             :                 struct wpabuf *buf;
    1125             :                 struct radius_hdr *hdr;
    1126             : 
    1127        2827 :                 RADIUS_DEBUG("Reply to %s:%d", from_addr, from_port);
    1128        2827 :                 if (wpa_debug_level <= MSG_MSGDUMP) {
    1129        2827 :                         radius_msg_dump(reply);
    1130             :                 }
    1131             : 
    1132        2827 :                 switch (radius_msg_get_hdr(reply)->code) {
    1133             :                 case RADIUS_CODE_ACCESS_ACCEPT:
    1134         573 :                         srv_log(sess, "Sending Access-Accept");
    1135         573 :                         data->counters.access_accepts++;
    1136         573 :                         client->counters.access_accepts++;
    1137         573 :                         break;
    1138             :                 case RADIUS_CODE_ACCESS_REJECT:
    1139          92 :                         srv_log(sess, "Sending Access-Reject");
    1140          92 :                         data->counters.access_rejects++;
    1141          92 :                         client->counters.access_rejects++;
    1142          92 :                         break;
    1143             :                 case RADIUS_CODE_ACCESS_CHALLENGE:
    1144        2162 :                         data->counters.access_challenges++;
    1145        2162 :                         client->counters.access_challenges++;
    1146        2162 :                         break;
    1147             :                 }
    1148        2827 :                 buf = radius_msg_get_buf(reply);
    1149        2827 :                 res = sendto(data->auth_sock, wpabuf_head(buf),
    1150             :                              wpabuf_len(buf), 0,
    1151             :                              (struct sockaddr *) from, fromlen);
    1152        2827 :                 if (res < 0) {
    1153           0 :                         wpa_printf(MSG_INFO, "sendto[RADIUS SRV]: %s",
    1154           0 :                                    strerror(errno));
    1155             :                 }
    1156        2827 :                 radius_msg_free(sess->last_reply);
    1157        2827 :                 sess->last_reply = reply;
    1158        2827 :                 sess->last_from_port = from_port;
    1159        2827 :                 hdr = radius_msg_get_hdr(msg);
    1160        2827 :                 sess->last_identifier = hdr->identifier;
    1161        2827 :                 os_memcpy(sess->last_authenticator, hdr->authenticator, 16);
    1162             :         } else {
    1163           0 :                 data->counters.packets_dropped++;
    1164           0 :                 client->counters.packets_dropped++;
    1165             :         }
    1166             : 
    1167        2827 :         if (is_complete) {
    1168         662 :                 RADIUS_DEBUG("Removing completed session 0x%x after timeout",
    1169             :                              sess->sess_id);
    1170         662 :                 eloop_cancel_timeout(radius_server_session_remove_timeout,
    1171             :                                      data, sess);
    1172         662 :                 eloop_register_timeout(10, 0,
    1173             :                                        radius_server_session_remove_timeout,
    1174             :                                        data, sess);
    1175             :         }
    1176             : 
    1177        2827 :         return 0;
    1178             : }
    1179             : 
    1180             : 
    1181        2841 : static void radius_server_receive_auth(int sock, void *eloop_ctx,
    1182             :                                        void *sock_ctx)
    1183             : {
    1184        2841 :         struct radius_server_data *data = eloop_ctx;
    1185        2841 :         u8 *buf = NULL;
    1186             :         union {
    1187             :                 struct sockaddr_storage ss;
    1188             :                 struct sockaddr_in sin;
    1189             : #ifdef CONFIG_IPV6
    1190             :                 struct sockaddr_in6 sin6;
    1191             : #endif /* CONFIG_IPV6 */
    1192             :         } from;
    1193             :         socklen_t fromlen;
    1194             :         int len;
    1195        2841 :         struct radius_client *client = NULL;
    1196        2841 :         struct radius_msg *msg = NULL;
    1197             :         char abuf[50];
    1198        2841 :         int from_port = 0;
    1199             : 
    1200        2841 :         buf = os_malloc(RADIUS_MAX_MSG_LEN);
    1201        2841 :         if (buf == NULL) {
    1202           0 :                 goto fail;
    1203             :         }
    1204             : 
    1205        2841 :         fromlen = sizeof(from);
    1206        2841 :         len = recvfrom(sock, buf, RADIUS_MAX_MSG_LEN, 0,
    1207             :                        (struct sockaddr *) &from.ss, &fromlen);
    1208        2841 :         if (len < 0) {
    1209           0 :                 wpa_printf(MSG_INFO, "recvfrom[radius_server]: %s",
    1210           0 :                            strerror(errno));
    1211           0 :                 goto fail;
    1212             :         }
    1213             : 
    1214             : #ifdef CONFIG_IPV6
    1215        2841 :         if (data->ipv6) {
    1216           3 :                 if (inet_ntop(AF_INET6, &from.sin6.sin6_addr, abuf,
    1217             :                               sizeof(abuf)) == NULL)
    1218           0 :                         abuf[0] = '\0';
    1219           3 :                 from_port = ntohs(from.sin6.sin6_port);
    1220           3 :                 RADIUS_DEBUG("Received %d bytes from %s:%d",
    1221             :                              len, abuf, from_port);
    1222             : 
    1223           3 :                 client = radius_server_get_client(data,
    1224             :                                                   (struct in_addr *)
    1225             :                                                   &from.sin6.sin6_addr, 1);
    1226             :         }
    1227             : #endif /* CONFIG_IPV6 */
    1228             : 
    1229        2841 :         if (!data->ipv6) {
    1230        2838 :                 os_strlcpy(abuf, inet_ntoa(from.sin.sin_addr), sizeof(abuf));
    1231        2838 :                 from_port = ntohs(from.sin.sin_port);
    1232        2838 :                 RADIUS_DEBUG("Received %d bytes from %s:%d",
    1233             :                              len, abuf, from_port);
    1234             : 
    1235        2838 :                 client = radius_server_get_client(data, &from.sin.sin_addr, 0);
    1236             :         }
    1237             : 
    1238        2841 :         RADIUS_DUMP("Received data", buf, len);
    1239             : 
    1240        2841 :         if (client == NULL) {
    1241           0 :                 RADIUS_DEBUG("Unknown client %s - packet ignored", abuf);
    1242           0 :                 data->counters.invalid_requests++;
    1243           0 :                 goto fail;
    1244             :         }
    1245             : 
    1246        2841 :         msg = radius_msg_parse(buf, len);
    1247        2841 :         if (msg == NULL) {
    1248           0 :                 RADIUS_DEBUG("Parsing incoming RADIUS frame failed");
    1249           0 :                 data->counters.malformed_access_requests++;
    1250           0 :                 client->counters.malformed_access_requests++;
    1251           0 :                 goto fail;
    1252             :         }
    1253             : 
    1254        2841 :         os_free(buf);
    1255        2841 :         buf = NULL;
    1256             : 
    1257        2841 :         if (wpa_debug_level <= MSG_MSGDUMP) {
    1258        2841 :                 radius_msg_dump(msg);
    1259             :         }
    1260             : 
    1261        2841 :         if (radius_msg_get_hdr(msg)->code != RADIUS_CODE_ACCESS_REQUEST) {
    1262           0 :                 RADIUS_DEBUG("Unexpected RADIUS code %d",
    1263             :                              radius_msg_get_hdr(msg)->code);
    1264           0 :                 data->counters.unknown_types++;
    1265           0 :                 client->counters.unknown_types++;
    1266           0 :                 goto fail;
    1267             :         }
    1268             : 
    1269        2841 :         data->counters.access_requests++;
    1270        2841 :         client->counters.access_requests++;
    1271             : 
    1272        2841 :         if (radius_msg_verify_msg_auth(msg, (u8 *) client->shared_secret,
    1273        2841 :                                        client->shared_secret_len, NULL)) {
    1274           1 :                 RADIUS_DEBUG("Invalid Message-Authenticator from %s", abuf);
    1275           1 :                 data->counters.bad_authenticators++;
    1276           1 :                 client->counters.bad_authenticators++;
    1277           1 :                 goto fail;
    1278             :         }
    1279             : 
    1280        2840 :         if (radius_server_request(data, msg, (struct sockaddr *) &from,
    1281             :                                   fromlen, client, abuf, from_port, NULL) ==
    1282             :             -2)
    1283        2919 :                 return; /* msg was stored with the session */
    1284             : 
    1285             : fail:
    1286        2763 :         radius_msg_free(msg);
    1287        2763 :         os_free(buf);
    1288             : }
    1289             : 
    1290             : 
    1291         466 : static void radius_server_receive_acct(int sock, void *eloop_ctx,
    1292             :                                        void *sock_ctx)
    1293             : {
    1294         466 :         struct radius_server_data *data = eloop_ctx;
    1295         466 :         u8 *buf = NULL;
    1296             :         union {
    1297             :                 struct sockaddr_storage ss;
    1298             :                 struct sockaddr_in sin;
    1299             : #ifdef CONFIG_IPV6
    1300             :                 struct sockaddr_in6 sin6;
    1301             : #endif /* CONFIG_IPV6 */
    1302             :         } from;
    1303             :         socklen_t fromlen;
    1304             :         int len, res;
    1305         466 :         struct radius_client *client = NULL;
    1306         466 :         struct radius_msg *msg = NULL, *resp = NULL;
    1307             :         char abuf[50];
    1308         466 :         int from_port = 0;
    1309             :         struct radius_hdr *hdr;
    1310             :         struct wpabuf *rbuf;
    1311             : 
    1312         466 :         buf = os_malloc(RADIUS_MAX_MSG_LEN);
    1313         466 :         if (buf == NULL) {
    1314           0 :                 goto fail;
    1315             :         }
    1316             : 
    1317         466 :         fromlen = sizeof(from);
    1318         466 :         len = recvfrom(sock, buf, RADIUS_MAX_MSG_LEN, 0,
    1319             :                        (struct sockaddr *) &from.ss, &fromlen);
    1320         466 :         if (len < 0) {
    1321           0 :                 wpa_printf(MSG_INFO, "recvfrom[radius_server]: %s",
    1322           0 :                            strerror(errno));
    1323           0 :                 goto fail;
    1324             :         }
    1325             : 
    1326             : #ifdef CONFIG_IPV6
    1327         466 :         if (data->ipv6) {
    1328           4 :                 if (inet_ntop(AF_INET6, &from.sin6.sin6_addr, abuf,
    1329             :                               sizeof(abuf)) == NULL)
    1330           0 :                         abuf[0] = '\0';
    1331           4 :                 from_port = ntohs(from.sin6.sin6_port);
    1332           4 :                 RADIUS_DEBUG("Received %d bytes from %s:%d",
    1333             :                              len, abuf, from_port);
    1334             : 
    1335           4 :                 client = radius_server_get_client(data,
    1336             :                                                   (struct in_addr *)
    1337             :                                                   &from.sin6.sin6_addr, 1);
    1338             :         }
    1339             : #endif /* CONFIG_IPV6 */
    1340             : 
    1341         466 :         if (!data->ipv6) {
    1342         462 :                 os_strlcpy(abuf, inet_ntoa(from.sin.sin_addr), sizeof(abuf));
    1343         462 :                 from_port = ntohs(from.sin.sin_port);
    1344         462 :                 RADIUS_DEBUG("Received %d bytes from %s:%d",
    1345             :                              len, abuf, from_port);
    1346             : 
    1347         462 :                 client = radius_server_get_client(data, &from.sin.sin_addr, 0);
    1348             :         }
    1349             : 
    1350         466 :         RADIUS_DUMP("Received data", buf, len);
    1351             : 
    1352         466 :         if (client == NULL) {
    1353           0 :                 RADIUS_DEBUG("Unknown client %s - packet ignored", abuf);
    1354           0 :                 data->counters.invalid_acct_requests++;
    1355           0 :                 goto fail;
    1356             :         }
    1357             : 
    1358         466 :         msg = radius_msg_parse(buf, len);
    1359         466 :         if (msg == NULL) {
    1360           0 :                 RADIUS_DEBUG("Parsing incoming RADIUS frame failed");
    1361           0 :                 data->counters.malformed_acct_requests++;
    1362           0 :                 client->counters.malformed_acct_requests++;
    1363           0 :                 goto fail;
    1364             :         }
    1365             : 
    1366         466 :         os_free(buf);
    1367         466 :         buf = NULL;
    1368             : 
    1369         466 :         if (wpa_debug_level <= MSG_MSGDUMP) {
    1370         466 :                 radius_msg_dump(msg);
    1371             :         }
    1372             : 
    1373         466 :         if (radius_msg_get_hdr(msg)->code != RADIUS_CODE_ACCOUNTING_REQUEST) {
    1374           0 :                 RADIUS_DEBUG("Unexpected RADIUS code %d",
    1375             :                              radius_msg_get_hdr(msg)->code);
    1376           0 :                 data->counters.unknown_acct_types++;
    1377           0 :                 client->counters.unknown_acct_types++;
    1378           0 :                 goto fail;
    1379             :         }
    1380             : 
    1381         466 :         data->counters.acct_requests++;
    1382         466 :         client->counters.acct_requests++;
    1383             : 
    1384         466 :         if (radius_msg_verify_acct_req(msg, (u8 *) client->shared_secret,
    1385         466 :                                        client->shared_secret_len)) {
    1386           1 :                 RADIUS_DEBUG("Invalid Authenticator from %s", abuf);
    1387           1 :                 data->counters.acct_bad_authenticators++;
    1388           1 :                 client->counters.acct_bad_authenticators++;
    1389           1 :                 goto fail;
    1390             :         }
    1391             : 
    1392             :         /* TODO: Write accounting information to a file or database */
    1393             : 
    1394         465 :         hdr = radius_msg_get_hdr(msg);
    1395             : 
    1396         465 :         resp = radius_msg_new(RADIUS_CODE_ACCOUNTING_RESPONSE, hdr->identifier);
    1397         465 :         if (resp == NULL)
    1398           0 :                 goto fail;
    1399             : 
    1400         465 :         radius_msg_finish_acct_resp(resp, (u8 *) client->shared_secret,
    1401         465 :                                     client->shared_secret_len,
    1402         465 :                                     hdr->authenticator);
    1403             : 
    1404         465 :         RADIUS_DEBUG("Reply to %s:%d", abuf, from_port);
    1405         465 :         if (wpa_debug_level <= MSG_MSGDUMP) {
    1406         465 :                 radius_msg_dump(resp);
    1407             :         }
    1408         465 :         rbuf = radius_msg_get_buf(resp);
    1409         465 :         data->counters.acct_responses++;
    1410         465 :         client->counters.acct_responses++;
    1411         465 :         res = sendto(data->acct_sock, wpabuf_head(rbuf), wpabuf_len(rbuf), 0,
    1412             :                      (struct sockaddr *) &from.ss, fromlen);
    1413         465 :         if (res < 0) {
    1414           0 :                 wpa_printf(MSG_INFO, "sendto[RADIUS SRV]: %s",
    1415           0 :                            strerror(errno));
    1416             :         }
    1417             : 
    1418             : fail:
    1419         466 :         radius_msg_free(resp);
    1420         466 :         radius_msg_free(msg);
    1421         466 :         os_free(buf);
    1422         466 : }
    1423             : 
    1424             : 
    1425          20 : static int radius_server_disable_pmtu_discovery(int s)
    1426             : {
    1427          20 :         int r = -1;
    1428             : #if defined(IP_MTU_DISCOVER) && defined(IP_PMTUDISC_DONT)
    1429             :         /* Turn off Path MTU discovery on IPv4/UDP sockets. */
    1430          20 :         int action = IP_PMTUDISC_DONT;
    1431          20 :         r = setsockopt(s, IPPROTO_IP, IP_MTU_DISCOVER, &action,
    1432             :                        sizeof(action));
    1433          20 :         if (r == -1)
    1434           0 :                 wpa_printf(MSG_ERROR, "Failed to set IP_MTU_DISCOVER: "
    1435           0 :                            "%s", strerror(errno));
    1436             : #endif
    1437          20 :         return r;
    1438             : }
    1439             : 
    1440             : 
    1441          20 : static int radius_server_open_socket(int port)
    1442             : {
    1443             :         int s;
    1444             :         struct sockaddr_in addr;
    1445             : 
    1446          20 :         s = socket(PF_INET, SOCK_DGRAM, 0);
    1447          20 :         if (s < 0) {
    1448           0 :                 wpa_printf(MSG_INFO, "RADIUS: socket: %s", strerror(errno));
    1449           0 :                 return -1;
    1450             :         }
    1451             : 
    1452          20 :         radius_server_disable_pmtu_discovery(s);
    1453             : 
    1454          20 :         os_memset(&addr, 0, sizeof(addr));
    1455          20 :         addr.sin_family = AF_INET;
    1456          20 :         addr.sin_port = htons(port);
    1457          20 :         if (bind(s, (struct sockaddr *) &addr, sizeof(addr)) < 0) {
    1458           0 :                 wpa_printf(MSG_INFO, "RADIUS: bind: %s", strerror(errno));
    1459           0 :                 close(s);
    1460           0 :                 return -1;
    1461             :         }
    1462             : 
    1463          20 :         return s;
    1464             : }
    1465             : 
    1466             : 
    1467             : #ifdef CONFIG_IPV6
    1468           2 : static int radius_server_open_socket6(int port)
    1469             : {
    1470             :         int s;
    1471             :         struct sockaddr_in6 addr;
    1472             : 
    1473           2 :         s = socket(PF_INET6, SOCK_DGRAM, 0);
    1474           2 :         if (s < 0) {
    1475           0 :                 wpa_printf(MSG_INFO, "RADIUS: socket[IPv6]: %s",
    1476           0 :                            strerror(errno));
    1477           0 :                 return -1;
    1478             :         }
    1479             : 
    1480           2 :         os_memset(&addr, 0, sizeof(addr));
    1481           2 :         addr.sin6_family = AF_INET6;
    1482           2 :         os_memcpy(&addr.sin6_addr, &in6addr_any, sizeof(in6addr_any));
    1483           2 :         addr.sin6_port = htons(port);
    1484           2 :         if (bind(s, (struct sockaddr *) &addr, sizeof(addr)) < 0) {
    1485           0 :                 wpa_printf(MSG_INFO, "RADIUS: bind: %s", strerror(errno));
    1486           0 :                 close(s);
    1487           0 :                 return -1;
    1488             :         }
    1489             : 
    1490           2 :         return s;
    1491             : }
    1492             : #endif /* CONFIG_IPV6 */
    1493             : 
    1494             : 
    1495          16 : static void radius_server_free_sessions(struct radius_server_data *data,
    1496             :                                         struct radius_session *sessions)
    1497             : {
    1498             :         struct radius_session *session, *prev;
    1499             : 
    1500          16 :         session = sessions;
    1501          65 :         while (session) {
    1502          33 :                 prev = session;
    1503          33 :                 session = session->next;
    1504          33 :                 radius_server_session_free(data, prev);
    1505             :         }
    1506          16 : }
    1507             : 
    1508             : 
    1509          16 : static void radius_server_free_clients(struct radius_server_data *data,
    1510             :                                        struct radius_client *clients)
    1511             : {
    1512             :         struct radius_client *client, *prev;
    1513             : 
    1514          16 :         client = clients;
    1515          48 :         while (client) {
    1516          16 :                 prev = client;
    1517          16 :                 client = client->next;
    1518             : 
    1519          16 :                 radius_server_free_sessions(data, prev->sessions);
    1520          16 :                 os_free(prev->shared_secret);
    1521          16 :                 os_free(prev);
    1522             :         }
    1523          16 : }
    1524             : 
    1525             : 
    1526             : static struct radius_client *
    1527          16 : radius_server_read_clients(const char *client_file, int ipv6)
    1528             : {
    1529             :         FILE *f;
    1530          16 :         const int buf_size = 1024;
    1531             :         char *buf, *pos;
    1532             :         struct radius_client *clients, *tail, *entry;
    1533          16 :         int line = 0, mask, failed = 0, i;
    1534             :         struct in_addr addr;
    1535             : #ifdef CONFIG_IPV6
    1536             :         struct in6_addr addr6;
    1537             : #endif /* CONFIG_IPV6 */
    1538             :         unsigned int val;
    1539             : 
    1540          16 :         f = fopen(client_file, "r");
    1541          16 :         if (f == NULL) {
    1542           0 :                 RADIUS_ERROR("Could not open client file '%s'", client_file);
    1543           0 :                 return NULL;
    1544             :         }
    1545             : 
    1546          16 :         buf = os_malloc(buf_size);
    1547          16 :         if (buf == NULL) {
    1548           0 :                 fclose(f);
    1549           0 :                 return NULL;
    1550             :         }
    1551             : 
    1552          16 :         clients = tail = NULL;
    1553          48 :         while (fgets(buf, buf_size, f)) {
    1554             :                 /* Configuration file format:
    1555             :                  * 192.168.1.0/24 secret
    1556             :                  * 192.168.1.2 secret
    1557             :                  * fe80::211:22ff:fe33:4455/64 secretipv6
    1558             :                  */
    1559          16 :                 line++;
    1560          16 :                 buf[buf_size - 1] = '\0';
    1561          16 :                 pos = buf;
    1562         282 :                 while (*pos != '\0' && *pos != '\n')
    1563         250 :                         pos++;
    1564          16 :                 if (*pos == '\n')
    1565          16 :                         *pos = '\0';
    1566          16 :                 if (*buf == '\0' || *buf == '#')
    1567           0 :                         continue;
    1568             : 
    1569          16 :                 pos = buf;
    1570         158 :                 while ((*pos >= '0' && *pos <= '9') || *pos == '.' ||
    1571          34 :                        (*pos >= 'a' && *pos <= 'f') || *pos == ':' ||
    1572          16 :                        (*pos >= 'A' && *pos <= 'F')) {
    1573         108 :                         pos++;
    1574             :                 }
    1575             : 
    1576          16 :                 if (*pos == '\0') {
    1577           0 :                         failed = 1;
    1578           0 :                         break;
    1579             :                 }
    1580             : 
    1581          16 :                 if (*pos == '/') {
    1582             :                         char *end;
    1583          15 :                         *pos++ = '\0';
    1584          15 :                         mask = strtol(pos, &end, 10);
    1585          15 :                         if ((pos == end) ||
    1586          15 :                             (mask < 0 || mask > (ipv6 ? 128 : 32))) {
    1587           0 :                                 failed = 1;
    1588           0 :                                 break;
    1589             :                         }
    1590          15 :                         pos = end;
    1591             :                 } else {
    1592           1 :                         mask = ipv6 ? 128 : 32;
    1593           1 :                         *pos++ = '\0';
    1594             :                 }
    1595             : 
    1596          16 :                 if (!ipv6 && inet_aton(buf, &addr) == 0) {
    1597           0 :                         failed = 1;
    1598           0 :                         break;
    1599             :                 }
    1600             : #ifdef CONFIG_IPV6
    1601          16 :                 if (ipv6 && inet_pton(AF_INET6, buf, &addr6) <= 0) {
    1602           0 :                         if (inet_pton(AF_INET, buf, &addr) <= 0) {
    1603           0 :                                 failed = 1;
    1604           0 :                                 break;
    1605             :                         }
    1606             :                         /* Convert IPv4 address to IPv6 */
    1607           0 :                         if (mask <= 32)
    1608           0 :                                 mask += (128 - 32);
    1609           0 :                         os_memset(addr6.s6_addr, 0, 10);
    1610           0 :                         addr6.s6_addr[10] = 0xff;
    1611           0 :                         addr6.s6_addr[11] = 0xff;
    1612           0 :                         os_memcpy(addr6.s6_addr + 12, (char *) &addr.s_addr,
    1613             :                                   4);
    1614             :                 }
    1615             : #endif /* CONFIG_IPV6 */
    1616             : 
    1617          47 :                 while (*pos == ' ' || *pos == '\t') {
    1618          15 :                         pos++;
    1619             :                 }
    1620             : 
    1621          16 :                 if (*pos == '\0') {
    1622           0 :                         failed = 1;
    1623           0 :                         break;
    1624             :                 }
    1625             : 
    1626          16 :                 entry = os_zalloc(sizeof(*entry));
    1627          16 :                 if (entry == NULL) {
    1628           0 :                         failed = 1;
    1629           0 :                         break;
    1630             :                 }
    1631          16 :                 entry->shared_secret = os_strdup(pos);
    1632          16 :                 if (entry->shared_secret == NULL) {
    1633           0 :                         failed = 1;
    1634           0 :                         os_free(entry);
    1635           0 :                         break;
    1636             :                 }
    1637          16 :                 entry->shared_secret_len = os_strlen(entry->shared_secret);
    1638          16 :                 if (!ipv6) {
    1639          15 :                         entry->addr.s_addr = addr.s_addr;
    1640          15 :                         val = 0;
    1641          15 :                         for (i = 0; i < mask; i++)
    1642           0 :                                 val |= 1 << (31 - i);
    1643          15 :                         entry->mask.s_addr = htonl(val);
    1644             :                 }
    1645             : #ifdef CONFIG_IPV6
    1646          16 :                 if (ipv6) {
    1647           1 :                         int offset = mask / 8;
    1648             : 
    1649           1 :                         os_memcpy(entry->addr6.s6_addr, addr6.s6_addr, 16);
    1650           1 :                         os_memset(entry->mask6.s6_addr, 0xff, offset);
    1651           1 :                         val = 0;
    1652           1 :                         for (i = 0; i < (mask % 8); i++)
    1653           0 :                                 val |= 1 << (7 - i);
    1654           1 :                         if (offset < 16)
    1655           0 :                                 entry->mask6.s6_addr[offset] = val;
    1656             :                 }
    1657             : #endif /* CONFIG_IPV6 */
    1658             : 
    1659          16 :                 if (tail == NULL) {
    1660          16 :                         clients = tail = entry;
    1661             :                 } else {
    1662           0 :                         tail->next = entry;
    1663           0 :                         tail = entry;
    1664             :                 }
    1665             :         }
    1666             : 
    1667          16 :         if (failed) {
    1668           0 :                 RADIUS_ERROR("Invalid line %d in '%s'", line, client_file);
    1669           0 :                 radius_server_free_clients(NULL, clients);
    1670           0 :                 clients = NULL;
    1671             :         }
    1672             : 
    1673          16 :         os_free(buf);
    1674          16 :         fclose(f);
    1675             : 
    1676          16 :         return clients;
    1677             : }
    1678             : 
    1679             : 
    1680             : /**
    1681             :  * radius_server_init - Initialize RADIUS server
    1682             :  * @conf: Configuration for the RADIUS server
    1683             :  * Returns: Pointer to private RADIUS server context or %NULL on failure
    1684             :  *
    1685             :  * This initializes a RADIUS server instance and returns a context pointer that
    1686             :  * will be used in other calls to the RADIUS server module. The server can be
    1687             :  * deinitialize by calling radius_server_deinit().
    1688             :  */
    1689             : struct radius_server_data *
    1690          16 : radius_server_init(struct radius_server_conf *conf)
    1691             : {
    1692             :         struct radius_server_data *data;
    1693             : 
    1694             : #ifndef CONFIG_IPV6
    1695             :         if (conf->ipv6) {
    1696             :                 wpa_printf(MSG_ERROR, "RADIUS server compiled without IPv6 support");
    1697             :                 return NULL;
    1698             :         }
    1699             : #endif /* CONFIG_IPV6 */
    1700             : 
    1701          16 :         data = os_zalloc(sizeof(*data));
    1702          16 :         if (data == NULL)
    1703           0 :                 return NULL;
    1704             : 
    1705          16 :         dl_list_init(&data->erp_keys);
    1706          16 :         os_get_reltime(&data->start_time);
    1707          16 :         data->conf_ctx = conf->conf_ctx;
    1708          16 :         data->eap_sim_db_priv = conf->eap_sim_db_priv;
    1709          16 :         data->ssl_ctx = conf->ssl_ctx;
    1710          16 :         data->msg_ctx = conf->msg_ctx;
    1711          16 :         data->ipv6 = conf->ipv6;
    1712          16 :         if (conf->pac_opaque_encr_key) {
    1713          12 :                 data->pac_opaque_encr_key = os_malloc(16);
    1714          12 :                 os_memcpy(data->pac_opaque_encr_key, conf->pac_opaque_encr_key,
    1715             :                           16);
    1716             :         }
    1717          16 :         if (conf->eap_fast_a_id) {
    1718          12 :                 data->eap_fast_a_id = os_malloc(conf->eap_fast_a_id_len);
    1719          12 :                 if (data->eap_fast_a_id) {
    1720          12 :                         os_memcpy(data->eap_fast_a_id, conf->eap_fast_a_id,
    1721             :                                   conf->eap_fast_a_id_len);
    1722          12 :                         data->eap_fast_a_id_len = conf->eap_fast_a_id_len;
    1723             :                 }
    1724             :         }
    1725          16 :         if (conf->eap_fast_a_id_info)
    1726          12 :                 data->eap_fast_a_id_info = os_strdup(conf->eap_fast_a_id_info);
    1727          16 :         data->eap_fast_prov = conf->eap_fast_prov;
    1728          16 :         data->pac_key_lifetime = conf->pac_key_lifetime;
    1729          16 :         data->pac_key_refresh_time = conf->pac_key_refresh_time;
    1730          16 :         data->get_eap_user = conf->get_eap_user;
    1731          16 :         data->eap_sim_aka_result_ind = conf->eap_sim_aka_result_ind;
    1732          16 :         data->tnc = conf->tnc;
    1733          16 :         data->wps = conf->wps;
    1734          16 :         data->pwd_group = conf->pwd_group;
    1735          16 :         data->server_id = conf->server_id;
    1736          16 :         if (conf->eap_req_id_text) {
    1737           0 :                 data->eap_req_id_text = os_malloc(conf->eap_req_id_text_len);
    1738           0 :                 if (data->eap_req_id_text) {
    1739           0 :                         os_memcpy(data->eap_req_id_text, conf->eap_req_id_text,
    1740             :                                   conf->eap_req_id_text_len);
    1741           0 :                         data->eap_req_id_text_len = conf->eap_req_id_text_len;
    1742             :                 }
    1743             :         }
    1744          16 :         data->erp = conf->erp;
    1745          16 :         data->erp_domain = conf->erp_domain;
    1746             : 
    1747          16 :         if (conf->subscr_remediation_url) {
    1748           1 :                 data->subscr_remediation_url =
    1749           1 :                         os_strdup(conf->subscr_remediation_url);
    1750             :         }
    1751          16 :         data->subscr_remediation_method = conf->subscr_remediation_method;
    1752             : 
    1753             : #ifdef CONFIG_SQLITE
    1754          16 :         if (conf->sqlite_file) {
    1755           1 :                 if (sqlite3_open(conf->sqlite_file, &data->db)) {
    1756           0 :                         RADIUS_ERROR("Could not open SQLite file '%s'",
    1757             :                                      conf->sqlite_file);
    1758           0 :                         radius_server_deinit(data);
    1759           0 :                         return NULL;
    1760             :                 }
    1761             :         }
    1762             : #endif /* CONFIG_SQLITE */
    1763             : 
    1764             : #ifdef CONFIG_RADIUS_TEST
    1765             :         if (conf->dump_msk_file)
    1766             :                 data->dump_msk_file = os_strdup(conf->dump_msk_file);
    1767             : #endif /* CONFIG_RADIUS_TEST */
    1768             : 
    1769          16 :         data->clients = radius_server_read_clients(conf->client_file,
    1770             :                                                    conf->ipv6);
    1771          16 :         if (data->clients == NULL) {
    1772           0 :                 wpa_printf(MSG_ERROR, "No RADIUS clients configured");
    1773           0 :                 radius_server_deinit(data);
    1774           0 :                 return NULL;
    1775             :         }
    1776             : 
    1777             : #ifdef CONFIG_IPV6
    1778          16 :         if (conf->ipv6)
    1779           1 :                 data->auth_sock = radius_server_open_socket6(conf->auth_port);
    1780             :         else
    1781             : #endif /* CONFIG_IPV6 */
    1782          15 :         data->auth_sock = radius_server_open_socket(conf->auth_port);
    1783          16 :         if (data->auth_sock < 0) {
    1784           0 :                 wpa_printf(MSG_ERROR, "Failed to open UDP socket for RADIUS authentication server");
    1785           0 :                 radius_server_deinit(data);
    1786           0 :                 return NULL;
    1787             :         }
    1788          16 :         if (eloop_register_read_sock(data->auth_sock,
    1789             :                                      radius_server_receive_auth,
    1790             :                                      data, NULL)) {
    1791           0 :                 radius_server_deinit(data);
    1792           0 :                 return NULL;
    1793             :         }
    1794             : 
    1795          16 :         if (conf->acct_port) {
    1796             : #ifdef CONFIG_IPV6
    1797           6 :                 if (conf->ipv6)
    1798           1 :                         data->acct_sock = radius_server_open_socket6(
    1799             :                                 conf->acct_port);
    1800             :                 else
    1801             : #endif /* CONFIG_IPV6 */
    1802           5 :                 data->acct_sock = radius_server_open_socket(conf->acct_port);
    1803           6 :                 if (data->acct_sock < 0) {
    1804           0 :                         wpa_printf(MSG_ERROR, "Failed to open UDP socket for RADIUS accounting server");
    1805           0 :                         radius_server_deinit(data);
    1806           0 :                         return NULL;
    1807             :                 }
    1808           6 :                 if (eloop_register_read_sock(data->acct_sock,
    1809             :                                              radius_server_receive_acct,
    1810             :                                              data, NULL)) {
    1811           0 :                         radius_server_deinit(data);
    1812           0 :                         return NULL;
    1813             :                 }
    1814             :         } else {
    1815          10 :                 data->acct_sock = -1;
    1816             :         }
    1817             : 
    1818          16 :         return data;
    1819             : }
    1820             : 
    1821             : 
    1822             : /**
    1823             :  * radius_server_erp_flush - Flush all ERP keys
    1824             :  * @data: RADIUS server context from radius_server_init()
    1825             :  */
    1826          17 : void radius_server_erp_flush(struct radius_server_data *data)
    1827             : {
    1828             :         struct eap_server_erp_key *erp;
    1829             : 
    1830          17 :         if (data == NULL)
    1831          18 :                 return;
    1832          45 :         while ((erp = dl_list_first(&data->erp_keys, struct eap_server_erp_key,
    1833             :                                     list)) != NULL) {
    1834          13 :                 dl_list_del(&erp->list);
    1835          13 :                 bin_clear_free(erp, sizeof(*erp));
    1836             :         }
    1837             : }
    1838             : 
    1839             : 
    1840             : /**
    1841             :  * radius_server_deinit - Deinitialize RADIUS server
    1842             :  * @data: RADIUS server context from radius_server_init()
    1843             :  */
    1844         987 : void radius_server_deinit(struct radius_server_data *data)
    1845             : {
    1846         987 :         if (data == NULL)
    1847        1958 :                 return;
    1848             : 
    1849          16 :         if (data->auth_sock >= 0) {
    1850          16 :                 eloop_unregister_read_sock(data->auth_sock);
    1851          16 :                 close(data->auth_sock);
    1852             :         }
    1853             : 
    1854          16 :         if (data->acct_sock >= 0) {
    1855           6 :                 eloop_unregister_read_sock(data->acct_sock);
    1856           6 :                 close(data->acct_sock);
    1857             :         }
    1858             : 
    1859          16 :         radius_server_free_clients(data, data->clients);
    1860             : 
    1861          16 :         os_free(data->pac_opaque_encr_key);
    1862          16 :         os_free(data->eap_fast_a_id);
    1863          16 :         os_free(data->eap_fast_a_id_info);
    1864          16 :         os_free(data->eap_req_id_text);
    1865             : #ifdef CONFIG_RADIUS_TEST
    1866             :         os_free(data->dump_msk_file);
    1867             : #endif /* CONFIG_RADIUS_TEST */
    1868          16 :         os_free(data->subscr_remediation_url);
    1869             : 
    1870             : #ifdef CONFIG_SQLITE
    1871          16 :         if (data->db)
    1872           1 :                 sqlite3_close(data->db);
    1873             : #endif /* CONFIG_SQLITE */
    1874             : 
    1875          16 :         radius_server_erp_flush(data);
    1876             : 
    1877          16 :         os_free(data);
    1878             : }
    1879             : 
    1880             : 
    1881             : /**
    1882             :  * radius_server_get_mib - Get RADIUS server MIB information
    1883             :  * @data: RADIUS server context from radius_server_init()
    1884             :  * @buf: Buffer for returning the MIB data in text format
    1885             :  * @buflen: buf length in octets
    1886             :  * Returns: Number of octets written into buf
    1887             :  */
    1888           8 : int radius_server_get_mib(struct radius_server_data *data, char *buf,
    1889             :                           size_t buflen)
    1890             : {
    1891             :         int ret, uptime;
    1892             :         unsigned int idx;
    1893             :         char *end, *pos;
    1894             :         struct os_reltime now;
    1895             :         struct radius_client *cli;
    1896             : 
    1897             :         /* RFC 2619 - RADIUS Authentication Server MIB */
    1898             : 
    1899           8 :         if (data == NULL || buflen == 0)
    1900           0 :                 return 0;
    1901             : 
    1902           8 :         pos = buf;
    1903           8 :         end = buf + buflen;
    1904             : 
    1905           8 :         os_get_reltime(&now);
    1906          16 :         uptime = (now.sec - data->start_time.sec) * 100 +
    1907           8 :                 ((now.usec - data->start_time.usec) / 10000) % 100;
    1908           8 :         ret = os_snprintf(pos, end - pos,
    1909             :                           "RADIUS-AUTH-SERVER-MIB\n"
    1910             :                           "radiusAuthServIdent=hostapd\n"
    1911             :                           "radiusAuthServUpTime=%d\n"
    1912             :                           "radiusAuthServResetTime=0\n"
    1913             :                           "radiusAuthServConfigReset=4\n",
    1914             :                           uptime);
    1915           8 :         if (os_snprintf_error(end - pos, ret)) {
    1916           0 :                 *pos = '\0';
    1917           0 :                 return pos - buf;
    1918             :         }
    1919           8 :         pos += ret;
    1920             : 
    1921           8 :         ret = os_snprintf(pos, end - pos,
    1922             :                           "radiusAuthServTotalAccessRequests=%u\n"
    1923             :                           "radiusAuthServTotalInvalidRequests=%u\n"
    1924             :                           "radiusAuthServTotalDupAccessRequests=%u\n"
    1925             :                           "radiusAuthServTotalAccessAccepts=%u\n"
    1926             :                           "radiusAuthServTotalAccessRejects=%u\n"
    1927             :                           "radiusAuthServTotalAccessChallenges=%u\n"
    1928             :                           "radiusAuthServTotalMalformedAccessRequests=%u\n"
    1929             :                           "radiusAuthServTotalBadAuthenticators=%u\n"
    1930             :                           "radiusAuthServTotalPacketsDropped=%u\n"
    1931             :                           "radiusAuthServTotalUnknownTypes=%u\n"
    1932             :                           "radiusAccServTotalRequests=%u\n"
    1933             :                           "radiusAccServTotalInvalidRequests=%u\n"
    1934             :                           "radiusAccServTotalResponses=%u\n"
    1935             :                           "radiusAccServTotalMalformedRequests=%u\n"
    1936             :                           "radiusAccServTotalBadAuthenticators=%u\n"
    1937             :                           "radiusAccServTotalUnknownTypes=%u\n",
    1938             :                           data->counters.access_requests,
    1939             :                           data->counters.invalid_requests,
    1940             :                           data->counters.dup_access_requests,
    1941             :                           data->counters.access_accepts,
    1942             :                           data->counters.access_rejects,
    1943             :                           data->counters.access_challenges,
    1944             :                           data->counters.malformed_access_requests,
    1945             :                           data->counters.bad_authenticators,
    1946             :                           data->counters.packets_dropped,
    1947             :                           data->counters.unknown_types,
    1948             :                           data->counters.acct_requests,
    1949             :                           data->counters.invalid_acct_requests,
    1950             :                           data->counters.acct_responses,
    1951             :                           data->counters.malformed_acct_requests,
    1952             :                           data->counters.acct_bad_authenticators,
    1953             :                           data->counters.unknown_acct_types);
    1954           8 :         if (os_snprintf_error(end - pos, ret)) {
    1955           0 :                 *pos = '\0';
    1956           0 :                 return pos - buf;
    1957             :         }
    1958           8 :         pos += ret;
    1959             : 
    1960          16 :         for (cli = data->clients, idx = 0; cli; cli = cli->next, idx++) {
    1961             :                 char abuf[50], mbuf[50];
    1962             : #ifdef CONFIG_IPV6
    1963           8 :                 if (data->ipv6) {
    1964           0 :                         if (inet_ntop(AF_INET6, &cli->addr6, abuf,
    1965             :                                       sizeof(abuf)) == NULL)
    1966           0 :                                 abuf[0] = '\0';
    1967           0 :                         if (inet_ntop(AF_INET6, &cli->mask6, mbuf,
    1968             :                                       sizeof(mbuf)) == NULL)
    1969           0 :                                 mbuf[0] = '\0';
    1970             :                 }
    1971             : #endif /* CONFIG_IPV6 */
    1972           8 :                 if (!data->ipv6) {
    1973           8 :                         os_strlcpy(abuf, inet_ntoa(cli->addr), sizeof(abuf));
    1974           8 :                         os_strlcpy(mbuf, inet_ntoa(cli->mask), sizeof(mbuf));
    1975             :                 }
    1976             : 
    1977           8 :                 ret = os_snprintf(pos, end - pos,
    1978             :                                   "radiusAuthClientIndex=%u\n"
    1979             :                                   "radiusAuthClientAddress=%s/%s\n"
    1980             :                                   "radiusAuthServAccessRequests=%u\n"
    1981             :                                   "radiusAuthServDupAccessRequests=%u\n"
    1982             :                                   "radiusAuthServAccessAccepts=%u\n"
    1983             :                                   "radiusAuthServAccessRejects=%u\n"
    1984             :                                   "radiusAuthServAccessChallenges=%u\n"
    1985             :                                   "radiusAuthServMalformedAccessRequests=%u\n"
    1986             :                                   "radiusAuthServBadAuthenticators=%u\n"
    1987             :                                   "radiusAuthServPacketsDropped=%u\n"
    1988             :                                   "radiusAuthServUnknownTypes=%u\n"
    1989             :                                   "radiusAccServTotalRequests=%u\n"
    1990             :                                   "radiusAccServTotalInvalidRequests=%u\n"
    1991             :                                   "radiusAccServTotalResponses=%u\n"
    1992             :                                   "radiusAccServTotalMalformedRequests=%u\n"
    1993             :                                   "radiusAccServTotalBadAuthenticators=%u\n"
    1994             :                                   "radiusAccServTotalUnknownTypes=%u\n",
    1995             :                                   idx,
    1996             :                                   abuf, mbuf,
    1997             :                                   cli->counters.access_requests,
    1998             :                                   cli->counters.dup_access_requests,
    1999             :                                   cli->counters.access_accepts,
    2000             :                                   cli->counters.access_rejects,
    2001             :                                   cli->counters.access_challenges,
    2002             :                                   cli->counters.malformed_access_requests,
    2003             :                                   cli->counters.bad_authenticators,
    2004             :                                   cli->counters.packets_dropped,
    2005             :                                   cli->counters.unknown_types,
    2006             :                                   cli->counters.acct_requests,
    2007             :                                   cli->counters.invalid_acct_requests,
    2008             :                                   cli->counters.acct_responses,
    2009             :                                   cli->counters.malformed_acct_requests,
    2010             :                                   cli->counters.acct_bad_authenticators,
    2011             :                                   cli->counters.unknown_acct_types);
    2012           8 :                 if (os_snprintf_error(end - pos, ret)) {
    2013           0 :                         *pos = '\0';
    2014           0 :                         return pos - buf;
    2015             :                 }
    2016           8 :                 pos += ret;
    2017             :         }
    2018             : 
    2019           8 :         return pos - buf;
    2020             : }
    2021             : 
    2022             : 
    2023         923 : static int radius_server_get_eap_user(void *ctx, const u8 *identity,
    2024             :                                       size_t identity_len, int phase2,
    2025             :                                       struct eap_user *user)
    2026             : {
    2027         923 :         struct radius_session *sess = ctx;
    2028         923 :         struct radius_server_data *data = sess->server;
    2029             :         int ret;
    2030             : 
    2031         923 :         ret = data->get_eap_user(data->conf_ctx, identity, identity_len,
    2032             :                                  phase2, user);
    2033         923 :         if (ret == 0 && user) {
    2034         920 :                 sess->accept_attr = user->accept_attr;
    2035         920 :                 sess->remediation = user->remediation;
    2036         920 :                 sess->macacl = user->macacl;
    2037             :         }
    2038         923 :         return ret;
    2039             : }
    2040             : 
    2041             : 
    2042          41 : static const char * radius_server_get_eap_req_id_text(void *ctx, size_t *len)
    2043             : {
    2044          41 :         struct radius_session *sess = ctx;
    2045          41 :         struct radius_server_data *data = sess->server;
    2046          41 :         *len = data->eap_req_id_text_len;
    2047          41 :         return data->eap_req_id_text;
    2048             : }
    2049             : 
    2050             : 
    2051        1613 : static void radius_server_log_msg(void *ctx, const char *msg)
    2052             : {
    2053        1613 :         struct radius_session *sess = ctx;
    2054        1613 :         srv_log(sess, "EAP: %s", msg);
    2055        1613 : }
    2056             : 
    2057             : 
    2058             : #ifdef CONFIG_ERP
    2059             : 
    2060          13 : static const char * radius_server_get_erp_domain(void *ctx)
    2061             : {
    2062          13 :         struct radius_session *sess = ctx;
    2063          13 :         struct radius_server_data *data = sess->server;
    2064             : 
    2065          13 :         return data->erp_domain;
    2066             : }
    2067             : 
    2068             : 
    2069             : static struct eap_server_erp_key *
    2070          15 : radius_server_erp_get_key(void *ctx, const char *keyname)
    2071             : {
    2072          15 :         struct radius_session *sess = ctx;
    2073          15 :         struct radius_server_data *data = sess->server;
    2074             :         struct eap_server_erp_key *erp;
    2075             : 
    2076          15 :         dl_list_for_each(erp, &data->erp_keys, struct eap_server_erp_key,
    2077             :                          list) {
    2078          15 :                 if (os_strcmp(erp->keyname_nai, keyname) == 0)
    2079          15 :                         return erp;
    2080             :         }
    2081             : 
    2082           0 :         return NULL;
    2083             : }
    2084             : 
    2085             : 
    2086          13 : static int radius_server_erp_add_key(void *ctx, struct eap_server_erp_key *erp)
    2087             : {
    2088          13 :         struct radius_session *sess = ctx;
    2089          13 :         struct radius_server_data *data = sess->server;
    2090             : 
    2091          13 :         dl_list_add(&data->erp_keys, &erp->list);
    2092          13 :         return 0;
    2093             : }
    2094             : 
    2095             : #endif /* CONFIG_ERP */
    2096             : 
    2097             : 
    2098             : static struct eapol_callbacks radius_server_eapol_cb =
    2099             : {
    2100             :         .get_eap_user = radius_server_get_eap_user,
    2101             :         .get_eap_req_id_text = radius_server_get_eap_req_id_text,
    2102             :         .log_msg = radius_server_log_msg,
    2103             : #ifdef CONFIG_ERP
    2104             :         .get_erp_send_reauth_start = NULL,
    2105             :         .get_erp_domain = radius_server_get_erp_domain,
    2106             :         .erp_get_key = radius_server_erp_get_key,
    2107             :         .erp_add_key = radius_server_erp_add_key,
    2108             : #endif /* CONFIG_ERP */
    2109             : };
    2110             : 
    2111             : 
    2112             : /**
    2113             :  * radius_server_eap_pending_cb - Pending EAP data notification
    2114             :  * @data: RADIUS server context from radius_server_init()
    2115             :  * @ctx: Pending EAP context pointer
    2116             :  *
    2117             :  * This function is used to notify EAP server module that a pending operation
    2118             :  * has been completed and processing of the EAP session can proceed.
    2119             :  */
    2120          78 : void radius_server_eap_pending_cb(struct radius_server_data *data, void *ctx)
    2121             : {
    2122             :         struct radius_client *cli;
    2123          78 :         struct radius_session *s, *sess = NULL;
    2124             :         struct radius_msg *msg;
    2125             : 
    2126          78 :         if (data == NULL)
    2127           0 :                 return;
    2128             : 
    2129          78 :         for (cli = data->clients; cli; cli = cli->next) {
    2130          78 :                 for (s = cli->sessions; s; s = s->next) {
    2131          78 :                         if (s->eap == ctx && s->last_msg) {
    2132          78 :                                 sess = s;
    2133          78 :                                 break;
    2134             :                         }
    2135             :                 }
    2136          78 :                 if (sess)
    2137          78 :                         break;
    2138             :         }
    2139             : 
    2140          78 :         if (sess == NULL) {
    2141           0 :                 RADIUS_DEBUG("No session matched callback ctx");
    2142           0 :                 return;
    2143             :         }
    2144             : 
    2145          78 :         msg = sess->last_msg;
    2146          78 :         sess->last_msg = NULL;
    2147          78 :         eap_sm_pending_cb(sess->eap);
    2148         234 :         if (radius_server_request(data, msg,
    2149          78 :                                   (struct sockaddr *) &sess->last_from,
    2150             :                                   sess->last_fromlen, cli,
    2151          78 :                                   sess->last_from_addr,
    2152             :                                   sess->last_from_port, sess) == -2)
    2153           0 :                 return; /* msg was stored with the session */
    2154             : 
    2155          78 :         radius_msg_free(msg);
    2156             : }

Generated by: LCOV version 1.10