6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 2 of the License, or
9 * (at your option) any later version.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, write to the Free Software
18 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
20 * Copyright 2001 hereUare Communications, Inc. <raghud@hereuare.com>
21 * Copyright 2003 Alan DeKok <aland@freeradius.org>
30 #include <sys/types.h>
31 #include <sys/socket.h>
32 #include <netinet/in.h>
33 #include <netinet/tcp.h>
40 #include <arpa/inet.h>
52 * For RH 9, which apparently needs this.
54 #ifndef OPENSSL_NO_KRB5
55 #define OPENSSL_NO_KRB5
57 #include <openssl/err.h>
58 #ifdef HAVE_OPENSSL_ENGINE_H
59 #include <openssl/engine.h>
61 #include <openssl/ssl.h>
62 #endif /* !defined(NO_OPENSSL) */
67 EAPTLS_INVALID = 0, /* invalid, don't reply */
68 EAPTLS_REQUEST, /* request, ok to send, invalid to receive */
69 EAPTLS_RESPONSE, /* response, ok to receive, invalid to send */
70 EAPTLS_SUCCESS, /* success, send success */
71 EAPTLS_FAIL, /* fail, send fail */
72 EAPTLS_NOOP, /* noop, continue */
74 EAPTLS_START, /* start, ok to send, invalid to receive */
75 EAPTLS_OK, /* ok, continue */
76 EAPTLS_ACK, /* acknowledge, continue */
77 EAPTLS_FIRST_FRAGMENT, /* first fragment */
78 EAPTLS_MORE_FRAGMENTS, /* more fragments, to send/receive */
79 EAPTLS_LENGTH_INCLUDED, /* length included */
80 EAPTLS_MORE_FRAGMENTS_WITH_LENGTH, /* more fragments with length */
81 EAPTLS_HANDLED /* tls code has handled it */
84 #define MAX_RECORD_SIZE 16384
87 * A single TLS record may be up to 16384 octets in length, but a
88 * TLS message may span multiple TLS records, and a TLS
89 * certificate message may in principle be as long as 16MB.
91 * However, note that in order to protect against reassembly
92 * lockup and denial of service attacks, it may be desirable for
93 * an implementation to set a maximum size for one such group of
96 * The TLS Message Length field is four octets, and provides the
97 * total length of the TLS message or set of messages that is
98 * being fragmented; this simplifies buffer allocation.
102 * FIXME: Dynamic allocation of buffer to overcome MAX_RECORD_SIZE overflows.
103 * or configure TLS not to exceed MAX_RECORD_SIZE.
105 typedef struct _record_t {
106 unsigned char data[MAX_RECORD_SIZE];
110 typedef struct _tls_info_t {
111 unsigned char origin;
112 unsigned char content_type;
113 unsigned char handshake_type;
114 unsigned char alert_level;
115 unsigned char alert_description;
116 char info_description[256];
123 * tls_session_t Structure gets stored as opaque in EAP_HANDLER
124 * This contains EAP-REQUEST specific data
125 * (ie EAPTLS_DATA(fragment), EAPTLS-ALERT, EAPTLS-REQUEST ...)
127 * clean_in - data that needs to be sent but only after it is soiled.
128 * dirty_in - data EAP server receives.
129 * clean_out - data that is cleaned after receiving.
130 * dirty_out - data EAP server sends.
131 * offset - current fragment size transmitted
132 * fragment - Flag, In fragment mode or not.
133 * tls_msg_len - Actual/Total TLS message length.
134 * length_flag - A flag to include length in every TLS Data/Alert packet
135 * if set to no then only the first fragment contains length
137 typedef struct _tls_session_t {
148 void (*record_init)(record_t *buf);
149 void (*record_close)(record_t *buf);
150 unsigned int (*record_plus)(record_t *buf, const void *ptr,
152 unsigned int (*record_minus)(record_t *buf, void *ptr,
157 * Framed-MTU attribute in RADIUS,
158 * if present, can also be used to set this
161 unsigned int tls_msg_len;
167 * Used by TTLS & PEAP to keep track of other per-session
171 void (*free_opaque)(void *opaque);
176 * Externally exported TLS functions.
178 eaptls_status_t eaptls_process(EAP_HANDLER *handler);
180 int eaptls_success(EAP_DS *eap_ds, int peap_flag);
181 int eaptls_fail(EAP_DS *eap_ds, int peap_flag);
182 int eaptls_request(EAP_DS *eap_ds, tls_session_t *ssn);
185 /* MPPE key generation */
186 void eaptls_gen_mppe_keys(VALUE_PAIR **reply_vps, SSL *s,
187 const char *prf_label);
188 void eapttls_gen_challenge(SSL *s, char *buffer, int size);
190 #define BUFFER_SIZE 1024
192 #define EAP_TLS_START 1
193 #define EAP_TLS_ACK 2
194 #define EAP_TLS_SUCCESS 3
195 #define EAP_TLS_FAIL 4
196 #define EAP_TLS_ALERT 9
198 #define TLS_HEADER_LEN 4
201 * RFC 2716, Section 4.2:
210 * L = Length included
215 #define TLS_START(x) (((x) & 0x20) != 0)
216 #define TLS_MORE_FRAGMENTS(x) (((x) & 0x40) != 0)
217 #define TLS_LENGTH_INCLUDED(x) (((x) & 0x80) != 0)
219 #define TLS_CHANGE_CIPHER_SPEC(x) (((x) & 0x0014) == 0x0014)
220 #define TLS_ALERT(x) (((x) & 0x0015) == 0x0015)
221 #define TLS_HANDSHAKE(x) (((x) & 0x0016) == 0x0016)
223 #define SET_START(x) ((x) | (0x20))
224 #define SET_MORE_FRAGMENTS(x) ((x) | (0x40))
225 #define SET_LENGTH_INCLUDED(x) ((x) | (0x80))
229 * Following enums from rfc2246
231 * Hmm... since we dpeend on OpenSSL, it would be smarter to
232 * use the OpenSSL names for these.
235 change_cipher_spec = 20,
238 application_data = 23
246 enum AlertDescription {
248 unexpected_message = 10,
250 decryption_failed = 21,
251 record_overflow = 22,
252 decompression_failure = 30,
253 handshake_failure = 40,
254 bad_certificate = 42,
255 unsupported_certificate = 43,
256 certificate_revoked = 44,
257 certificate_expired = 45,
258 certificate_unknown = 46,
259 illegal_parameter = 47,
264 export_restriction = 60,
265 protocol_version = 70,
266 insufficient_security = 71,
269 no_renegotiation = 100
277 server_key_exchange = 12,
278 certificate_request = 13,
279 server_hello_done = 14,
280 certificate_verify = 15,
281 client_key_exchange = 16,
300 The L bit (length included) is set to indicate the presence of the
301 four octet TLS Message Length field, and MUST be set for the first
302 fragment of a fragmented TLS message or set of messages. The M bit
303 (more fragments) is set on all but the last fragment. The S bit
304 (EAP-TLS start) is set in an EAP-TLS Start message. This
305 differentiates the EAP-TLS Start message from a fragment
310 The TLS Message Length field is four octets, and is present only
311 if the L bit is set. This field provides the total length of the
312 TLS message or set of messages that is being fragmented.
316 The TLS data consists of the encapsulated TLS packet in TLS record
319 * The data structures present here
320 * maps only to the typedata in the EAP packet
322 * Based on the L bit flag, first 4 bytes of data indicate the length
324 typedef struct tls_packet_t {
329 typedef struct tls_packet {
337 //uint8_t *packet; /* Wired EAP-TLS packet as found in typdedata of EAP_PACKET */
341 /* configured values goes right here */
342 typedef struct eap_tls_conf {
343 char *private_key_password;
344 char *private_key_file;
345 char *certificate_file;
360 * Always < 4096 (due to radius limit), 0 by default = 2048
368 /* This structure gets stored in arg */
369 typedef struct _eap_tls_t {
375 /* EAP-TLS framework */
376 EAPTLS_PACKET *eaptls_alloc(void);
377 void eaptls_free(EAPTLS_PACKET **eaptls_packet_ptr);
378 int eaptls_start(EAP_DS *eap_ds, int peap);
379 int eaptls_compose(EAP_DS *eap_ds, EAPTLS_PACKET *reply);
382 int cbtls_password(char *buf, int num, int rwflag, void *userdata);
383 void cbtls_info(const SSL *s, int where, int ret);
384 int cbtls_verify(int ok, X509_STORE_CTX *ctx);
385 void cbtls_msg(int write_p, int msg_version, int content_type,
386 const void *buf, size_t len, SSL *ssl, void *arg);
387 RSA *cbtls_rsa(SSL *s, int is_export, int keylength);
390 tls_session_t *eaptls_new_session(SSL_CTX *ssl_ctx, int client_cert);
391 int tls_handshake_recv(tls_session_t *ssn);
392 int tls_handshake_send(tls_session_t *ssn);
393 void tls_session_information(tls_session_t *tls_session);
396 void session_free(void *ssn);
397 void session_close(tls_session_t *ssn);
398 void session_init(tls_session_t *ssn);
400 #endif /*_EAP_TLS_H*/