"failure"
};
+static int eaptype_free(void *ctx)
+{
+ EAP_TYPES *node;
+
+ node = talloc_get_type_abort(ctx, EAP_TYPES);
+
+ if (node->type->detach) (node->type->detach)(node->type_data);
+ if (node->handle) lt_dlclose(node->handle);
+
+ return 0;
+}
+
/*
* Load all the required eap authentication types.
* Get all the supported EAP-types from config file.
snprintf(buffer, sizeof(buffer), "rlm_eap_%s", eaptype_name);
/* Make room for the EAP-Type */
- node = (EAP_TYPES *)malloc(sizeof(EAP_TYPES));
- if (node == NULL) {
- radlog(L_ERR, "rlm_eap: out of memory");
- return -1;
- }
- memset(node, 0, sizeof(*node));
+ *type = node = talloc_zero(cs, EAP_TYPES);
+ if (!node) return -1;
+
+ talloc_set_destructor((void *) node, eaptype_free);
/* fill in the structure */
node->cs = cs;
/* Link the loaded EAP-Type */
node->handle = lt_dlopenext(buffer);
if (node->handle == NULL) {
- free(node);
radlog(L_ERR, "rlm_eap: Failed to link EAP-Type/%s: %s",
eaptype_name, lt_dlerror());
return -1;
if (!node->type) {
radlog(L_ERR, "rlm_eap: Failed linking to %s structure in %s: %s",
buffer, eaptype_name, lt_dlerror());
- lt_dlclose(node->handle); /* ignore any errors */
- free(node);
return -1;
}
radlog(L_ERR, "rlm_eap: Failed to initialize type %s",
eaptype_name);
- lt_dlclose(node->handle);
- free(node);
+ talloc_steal(node, node->type_data);
return -1;
}
+ if (node->type_data) {
+ talloc_steal(node, node->type_data);
+ }
*type = node;
return 0;
}
}
}
-void eaptype_free(EAP_TYPES *i)
-{
- if (i->type->detach) (i->type->detach)(i->type_data);
- i->type_data = NULL;
- if (i->handle) lt_dlclose(i->handle);
- free(i);
-}
-
-
void eaplist_free(rlm_eap_t *inst)
{
EAP_HANDLER *node, *next;
inst->session_tail = NULL;
}
eap_handler_free(inst, handler);
+ } else {
+ break;
}
}
}
static int eap_detach(void *instance)
{
rlm_eap_t *inst;
- int i;
inst = (rlm_eap_t *)instance;
inst->session_tree = NULL;
eaplist_free(inst);
- for (i = 0; i < PW_EAP_MAX_TYPES; i++) {
- if (inst->types[i]) eaptype_free(inst->types[i]);
- inst->types[i] = NULL;
- }
-
return 0;
}
* Load the type.
*/
if (eaptype_load(&inst->types[eap_type], eap_type, scs) < 0) {
+ talloc_steal(inst, inst->types[eap_type]);
eap_detach(inst);
return -1;
}
+ talloc_steal(inst, inst->types[eap_type]);
num_types++; /* successfully loaded one more types */
}
/* EAP-Type */
int eaptype_load(EAP_TYPES **type, int eap_type, CONF_SECTION *cs);
int eaptype_select(rlm_eap_t *inst, EAP_HANDLER *h);
-void eaptype_free(EAP_TYPES *tl);
/* EAP */
int eap_start(rlm_eap_t *inst, REQUEST *request);
};
-/*
- * Detach the module.
- */
-static int gtc_detach(void *arg)
-{
- rlm_eap_gtc_t *inst = (rlm_eap_gtc_t *) arg;
-
-
- free(inst);
-
- return 0;
-}
/*
* Attach the module.
rlm_eap_gtc_t *inst;
DICT_VALUE *dval;
- inst = malloc(sizeof(*inst));
- if (!inst) {
- radlog(L_ERR, "rlm_eap_gtc: out of memory");
- return -1;
- }
- memset(inst, 0, sizeof(*inst));
+ *instance = inst = talloc_zero(cs, rlm_eap_gtc_t);
+ if (!inst) return -1;
/*
* Parse the configuration attributes.
*/
if (cf_section_parse(cs, inst, module_config) < 0) {
- gtc_detach(inst);
return -1;
}
if (!dval) {
radlog(L_ERR, "rlm_eap_gtc: Unknown Auth-Type %s",
inst->auth_type_name);
- gtc_detach(inst);
return -1;
}
inst->auth_type = dval->value;
- *instance = inst;
-
return 0;
}
gtc_initiate, /* Start the initial request */
NULL, /* authorization */
gtc_authenticate, /* authentication */
- gtc_detach /* detach */
+ NULL /* detach */
};
static int ikev2_detach(void *type_data)
{
- radlog(L_DBG,IKEv2_LOG_PREFIX "dettach");
- struct ikev2_ctx *data=(struct ikev2_ctx*)type_data;
- if(data) {
- Free_ikev2_ctx(data);
- data=NULL;
+ struct ikev2_ctx *data = (struct ikev2_ctx *) type_data;
+ if (data) {
+ Free_ikev2_ctx(data);
+ data=NULL;
}
return 0;
}
static int ikev2_attach(CONF_SECTION *conf, void **type_data)
{
- radlog(L_DBG,IKEv2_LOG_PREFIX "attach");
char *default_authtype=NULL;
char *usersfilename=NULL;
char *server_authtype=NULL;
i2 = Create_ikev2_ctx();
if (i2 == NULL) {
- radlog(L_ERR,IKEv2_LOG_PREFIX "Error: Can't allocate mem for i2.");
return -1;
}
- *type_data=i2;
+ *type_data =i2;
if (cf_section_parse(conf,i2, module_config) < 0) {
- ikev2_detach(i2);
return -1;
}
hexalize(&i2->id,&i2->idlen);
- //hexalize(&i2->pwd,&i2->pwdlen);
-
i2->authtype=rad_get_authtype(server_authtype);
if(!i2->id) {
- ikev2_detach(i2);
radlog(L_ERR,IKEv2_LOG_PREFIX "'id' configuration option is required!!!");
return -1;
}
break;
case IKEv2_AUTH_CERT:
if(!i2->certfile || !i2->pkfile) {
- ikev2_detach(i2);
radlog(L_ERR,IKEv2_LOG_PREFIX "'certificate_file' and 'private_key_file' items are required for 'cert' auth type");
return -1;
}
if(!file_exists(i2->certfile)) {
radlog(L_ERR,IKEv2_LOG_PREFIX "Can not open 'certificate_file' %s",i2->certfile);
- ikev2_detach(i2);
return -1;
}
if(!file_exists(i2->pkfile)) {
radlog(L_ERR,IKEv2_LOG_PREFIX "Can not open 'private_key_file' %s",i2->pkfile);
- ikev2_detach(i2);
return -1;
}
} else {
if(!file_exists(i2->trusted)) {
radlog(L_ERR,IKEv2_LOG_PREFIX "Can not open 'CA_file' %s",i2->trusted);
- ikev2_detach(i2);
return -1;
}
}
if(i2->crl_file) {
if(!file_exists(i2->crl_file)) {
radlog(L_ERR,IKEv2_LOG_PREFIX "Can not open 'crl_file' %s",i2->crl_file);
- ikev2_detach(i2);
return -1;
}
- radlog(L_DBG,IKEv2_LOG_PREFIX "Using CRL file: %s",i2->crl_file);
}
i2->idtype=IdTypeFromName(server_idtype);
if(i2->idtype<=0) {
radlog(L_ERR,IKEv2_LOG_PREFIX "Unsupported 'idtype': %s",server_idtype);
- free(server_idtype);
- server_idtype=NULL;
- ikev2_detach(i2);
return -1;
}
- free(server_idtype);
- server_idtype=NULL;
-
- radlog(L_DBG,IKEv2_LOG_PREFIX "Reading proposals ...");
if(rad_load_proposals(i2,conf)) {
- ikev2_detach(i2);
radlog(L_ERR,IKEv2_LOG_PREFIX "Failed to load proposals");
return -1;
}
int res=rad_load_credentials(i2,usersfilename,default_authtype);
- free(default_authtype);
- default_authtype=NULL;
- free(usersfilename);
- usersfilename=NULL;
- free(server_authtype);
- server_authtype=NULL;
if(res==-1) {
- ikev2_detach(i2);
radlog(L_ERR,IKEv2_LOG_PREFIX "Error while loading users credentials");
return -1;
}
i2->x509_store = NULL;
if(CertInit(i2)){
- ikev2_detach(i2);
radlog(L_ERR,IKEv2_LOG_PREFIX "Error while loading certs/crl");
return -1;
}
free(data);
}
-/*
- * Detach the module.
- */
-static int mschapv2_detach(void *arg)
-{
- rlm_eap_mschapv2_t *inst = (rlm_eap_mschapv2_t *) arg;
-
- free(inst);
-
- return 0;
-}
-
/*
* Attach the module.
{
rlm_eap_mschapv2_t *inst;
- inst = malloc(sizeof(*inst));
- if (!inst) {
- radlog(L_ERR, "rlm_eap_mschapv2: out of memory");
- return -1;
- }
- memset(inst, 0, sizeof(*inst));
+ *instance = inst = talloc_zero(cs, rlm_eap_mschapv2_t);
+ if (!inst) return -1;
/*
* Parse the configuration attributes.
*/
if (cf_section_parse(cs, inst, module_config) < 0) {
- mschapv2_detach(inst);
return -1;
}
- *instance = inst;
-
return 0;
}
mschapv2_initiate, /* Start the initial request */
NULL, /* authorization */
mschapv2_authenticate, /* authentication */
- mschapv2_detach /* detach */
+ NULL /* detach */
};
{ NULL, -1, 0, NULL, NULL } /* end the list */
};
-/*
- * Detach the module.
- */
-static int eappeap_detach(void *arg)
-{
- rlm_eap_peap_t *inst = (rlm_eap_peap_t *) arg;
-
- free(inst);
-
- return 0;
-}
/*
* Attach the module.
{
rlm_eap_peap_t *inst;
- inst = malloc(sizeof(*inst));
- if (!inst) {
- radlog(L_ERR, "rlm_eap_peap: out of memory");
- return -1;
- }
- memset(inst, 0, sizeof(*inst));
+ *instance = inst = talloc_zero(cs, rlm_eap_peap_t);
+ if (!inst) return -1;
/*
* Parse the configuration attributes.
*/
if (cf_section_parse(cs, inst, module_config) < 0) {
- eappeap_detach(inst);
return -1;
}
if (inst->default_eap_type < 0) {
radlog(L_ERR, "rlm_eap_peap: Unknown EAP type %s",
inst->default_eap_type_name);
- eappeap_detach(inst);
return -1;
}
if (!inst->tls_conf) {
radlog(L_ERR, "rlm_eap_peap: Failed initializing SSL context");
- eappeap_detach(inst);
return -1;
}
- *instance = inst;
-
return 0;
}
eappeap_initiate, /* Start the initial request */
NULL, /* authorization */
eappeap_authenticate, /* authentication */
- eappeap_detach /* detach */
+ NULL /* detach */
};
EAP_PWD_CONF *conf;
eap_pwd_t *inst;
- inst = (eap_pwd_t *)arg;
- if (inst == NULL) {
- return -1;
- }
- conf = inst->conf;
- if (conf != NULL) {
- memset(conf, 0, sizeof(*conf));
- free(inst->conf);
- inst->conf = NULL;
- }
- if (inst->bnctx != NULL) {
+ inst = (eap_pwd_t *) arg;
+
+ if (inst->bnctx) {
BN_CTX_free(inst->bnctx);
}
- free(inst);
return 0;
}
EAP_PWD_CONF *conf;
eap_pwd_t *inst;
- if ((inst = (eap_pwd_t *)malloc(sizeof(*inst))) == NULL) {
- radlog(L_ERR, "rlm_eap_pwd: attach, out of memory (1)");
- return -1;
- }
- if ((conf = (EAP_PWD_CONF *)malloc(sizeof(*conf))) == NULL) {
- radlog(L_ERR, "rlm_eap_pwd: attach, out of memory (2)");
- free(inst);
- return -1;
- }
- memset(conf, 0, sizeof(*conf));
- inst->conf = conf;
+ *instance = inst = talloc_zero(cs, eap_pwd_t);
+ if (!inst) return -1;
+
+ inst->conf = talloc_zero(inst, EAP_PWD_CONF);
+ if (!inst->conf) return -1;
+
if (cf_section_parse(cs, conf, pwd_module_config) < 0) {
- radlog(L_ERR, "rlm_eap_pwd: failed to initialize module");
- eap_pwd_detach(inst);
return -1;
}
+
if ((inst->bnctx = BN_CTX_new()) == NULL) {
radlog(L_ERR, "rlm_eap_pwd: failed to get BN context!");
- eap_pwd_detach(inst);
return -1;
}
- *instance = inst;
return 0;
}
#include <sys/stat.h>
#endif
-/*
- * Detach the EAP-TLS module.
- */
-static int eaptls_detach(void *arg)
-{
- rlm_eap_tls_t *inst = (rlm_eap_tls_t *) arg;
-
- free(inst);
-
- return 0;
-}
-
-
static CONF_PARSER module_config[] = {
{ "tls", PW_TYPE_STRING_PTR,
offsetof(rlm_eap_tls_t, tls_conf_name), NULL, NULL },
/*
* Parse the config file & get all the configured values
*/
- inst = rad_malloc(sizeof(*inst));
- if (!inst) {
- radlog(L_ERR, "rlm_eap_tls: out of memory");
- return -1;
- }
- memset(inst, 0, sizeof(*inst));
+ *instance = inst = talloc_zero(cs, rlm_eap_tls_t);
+ if (!inst) return -1;
if (cf_section_parse(cs, inst, module_config) < 0) {
- eaptls_detach(inst);
return -1;
}
if (!inst->tls_conf) {
radlog(L_ERR, "rlm_eap_tls: Failed initializing SSL context");
- eaptls_detach(inst);
return -1;
}
- *instance = inst;
-
return 0;
}
eaptls_initiate, /* Start the initial request */
NULL, /* authorization */
eaptls_authenticate, /* authentication */
- eaptls_detach /* detach */
+ NULL /* detach */
};
return 1;
}
-/*
- * Detach the EAP-TNC module.
- */
-static int tnc_detach(void *arg)
-{
- free(arg);
- return 0;
-}
-
static CONF_PARSER module_config[] = {
{ "vlan_access", PW_TYPE_STRING_PTR,
{
rlm_eap_tnc_t *inst;
- inst = malloc(sizeof(*inst));
+ *instance = inst = talloc_zero(cs, rlm_eap_tnc_t);
if (!inst) return -1;
- memset(inst, 0, sizeof(*inst));
if (cf_section_parse(cs, inst, module_config) < 0) {
- tnc_detach(inst);
return -1;
}
if (!inst->vlan_access || !inst->vlan_isolate) {
radlog(L_ERR, "rlm_eap_tnc: Must set both vlan_access and vlan_isolate");
- tnc_detach(inst);
return -1;
}
- *instance = inst;
return 0;
}
tnc_initiate, /* Start the initial request */
NULL, /* authorization */
tnc_authenticate, /* authentication */
- tnc_detach /* detach */
+ NULL /* detach */
};
{ NULL, -1, 0, NULL, NULL } /* end the list */
};
-/*
- * Detach the module.
- */
-static int eapttls_detach(void *arg)
-{
- rlm_eap_ttls_t *inst = (rlm_eap_ttls_t *) arg;
-
- free(inst);
-
- return 0;
-}
/*
* Attach the module.
{
rlm_eap_ttls_t *inst;
- inst = malloc(sizeof(*inst));
- if (!inst) {
- radlog(L_ERR, "rlm_eap_ttls: out of memory");
- return -1;
- }
- memset(inst, 0, sizeof(*inst));
+ *instance = inst = talloc_zero(cs, rlm_eap_ttls_t);
+ if (!inst) return -1;
/*
* Parse the configuration attributes.
*/
if (cf_section_parse(cs, inst, module_config) < 0) {
- eapttls_detach(inst);
return -1;
}
if (inst->default_eap_type < 0) {
radlog(L_ERR, "rlm_eap_ttls: Unknown EAP type %s",
inst->default_eap_type_name);
- eapttls_detach(inst);
return -1;
}
if (!inst->tls_conf) {
radlog(L_ERR, "rlm_eap_ttls: Failed initializing SSL context");
- eapttls_detach(inst);
return -1;
}
- *instance = inst;
return 0;
}
eapttls_initiate, /* Start the initial request */
NULL, /* authorization */
eapttls_authenticate, /* authentication */
- eapttls_detach /* detach */
+ NULL /* detach */
};