* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
*
* Copyright 2003 Alan DeKok <aland@freeradius.org>
+ * Copyright 2006 The FreeRADIUS server project
*/
+#include <freeradius-devel/ident.h>
+RCSID("$Id$")
+
#include <freeradius-devel/autoconf.h>
#include "eap_ttls.h"
{
rlm_eap_ttls_t *inst = (rlm_eap_ttls_t *) arg;
- if (inst->default_eap_type_name) free(inst->default_eap_type_name);
free(inst);
pairfree(&t->username);
pairfree(&t->state);
+ pairfree(&t->reply);
free(t);
}
/*
- * Free the TTLS per-session data
+ * Allocate the TTLS per-session data
*/
static ttls_tunnel_t *ttls_alloc(rlm_eap_ttls_t *inst)
{
eaptls_status_t status;
rlm_eap_ttls_t *inst = (rlm_eap_ttls_t *) arg;
tls_session_t *tls_session = (tls_session_t *) handler->opaque;
+ ttls_tunnel_t *t = (ttls_tunnel_t *) tls_session->opaque;
DEBUG2(" rlm_eap_ttls: Authenticate");
* an EAP-TLS-Success packet here.
*/
case EAPTLS_SUCCESS:
- eaptls_request(handler->eap_ds, tls_session);
+ if (t->authenticated) {
+ if (t->reply) {
+ pairadd(&handler->request->reply->vps, t->reply);
+ t->reply = NULL;
+ }
+ eaptls_success(handler->eap_ds, 0);
+ eaptls_gen_mppe_keys(&handler->request->reply->vps,
+ tls_session->ssl,
+ "ttls keying material");
+ } else {
+ eaptls_request(handler->eap_ds, tls_session);
+ }
return 1;
/*