2 * mem.c Memory allocation, deallocation stuff.
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 2 of the License, or
9 * (at your option) any later version.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, write to the Free Software
18 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
20 * Copyright 2000,2001 The FreeRADIUS server project
21 * Copyright 2001 hereUare Communications, Inc. <raghud@hereuare.com>
26 static const char rcsid[] = "$Id$";
29 * Allocate a new EAP_PACKET
31 EAP_PACKET *eap_packet_alloc(void)
35 rp = rad_malloc(sizeof(EAP_PACKET));
36 memset(rp, 0, sizeof(EAP_PACKET));
43 void eap_packet_free(EAP_PACKET **eap_packet_ptr)
45 EAP_PACKET *eap_packet;
47 if (!eap_packet_ptr) return;
48 eap_packet = *eap_packet_ptr;
49 if (!eap_packet) return;
51 if (eap_packet->type.data) {
53 * This is just a pointer in the packet
54 * so we do not free it but we NULL it
55 free(eap_packet->type.data);
57 eap_packet->type.data = NULL;
60 if (eap_packet->packet) {
61 free(eap_packet->packet);
62 eap_packet->packet = NULL;
67 *eap_packet_ptr = NULL;
71 * Allocate a new EAP_PACKET
73 EAP_DS *eap_ds_alloc(void)
77 eap_ds = rad_malloc(sizeof(EAP_DS));
78 memset(eap_ds, 0, sizeof(EAP_DS));
79 if ((eap_ds->response = eap_packet_alloc()) == NULL) {
83 if ((eap_ds->request = eap_packet_alloc()) == NULL) {
91 void eap_ds_free(EAP_DS **eap_ds_p)
95 if (!eap_ds_p) return;
100 if (eap_ds->response) eap_packet_free(&(eap_ds->response));
101 if (eap_ds->request) eap_packet_free(&(eap_ds->request));
108 * Allocate a new EAP_HANDLER
110 EAP_HANDLER *eap_handler_alloc(void)
112 EAP_HANDLER *handler;
114 handler = rad_malloc(sizeof(EAP_HANDLER));
115 memset(handler, 0, sizeof(EAP_HANDLER));
119 void eap_handler_free(EAP_HANDLER **handler_p)
121 EAP_HANDLER *handler;
123 if ((handler_p == NULL) || (*handler_p == NULL))
126 handler = *handler_p;
127 if (handler->identity) {
128 free(handler->identity);
129 handler->identity = NULL;
132 if (handler->prev_eapds) eap_ds_free(&(handler->prev_eapds));
133 if (handler->eap_ds) eap_ds_free(&(handler->eap_ds));
135 if ((handler->opaque) && (handler->free_opaque)) {
136 handler->free_opaque(handler->opaque);
137 handler->opaque = NULL;
139 else if ((handler->opaque) && (handler->free_opaque == NULL))
140 radlog(L_ERR, "Possible memory leak ...");
142 handler->opaque = NULL;
143 handler->free_opaque = NULL;
144 handler->next = NULL;
150 void eaptype_free(EAP_TYPES *i)
152 if (i->type->detach) (i->type->detach)(i->type_data);
154 if (i->handle) lt_dlclose(i->handle);
157 void eaplist_free(rlm_eap_t *inst)
162 * The sessions are split out into an array, which makes
163 * looking them up a bit faster.
165 for (i = 0; i < 256; i++) {
166 EAP_HANDLER *node, *next;
168 if (inst->sessions[i]) continue;
170 node = inst->sessions[i];
173 eap_handler_free(&node);
177 inst->sessions[i] = NULL;
182 * Add a handler to the set of active sessions.
184 * Since we're adding it to the list, we guess that this means
185 * the packet needs a State attribute. So add one.
187 int eaplist_add(rlm_eap_t *inst, EAP_HANDLER *handler)
192 rad_assert(handler != NULL);
193 rad_assert(handler->request != NULL);
196 * Generate State, since we've been asked to add it to
199 state = generate_state(handler->request->timestamp);
200 pairadd(&(handler->request->reply->vps), state);
203 * Create a unique 'key' for the handler, based
204 * on State, Client-IP-Address, and EAP ID.
206 rad_assert(state->length == EAP_STATE_LEN);
208 memcpy(handler->state, state->strvalue, sizeof(handler->state));
209 handler->src_ipaddr = handler->request->packet->src_ipaddr;
210 handler->eap_id = handler->eap_ds->request->id;
212 #ifdef HAVE_PTHREAD_H
214 * Playing with a data structure shared among threads
215 * means that we need a lock, to avoid conflict.
217 pthread_mutex_lock(&(inst->session_mutex));
221 * We key the array based on the challenge, which is
222 * a random number. This "fans out" the sessions, and
223 * helps to minimize the amount of work we've got to do
226 last = &(inst->sessions[state->strvalue[0]]);
228 while (*last) last = &((*last)->next);
233 * The time at which this request was made was the time
234 * at which it was received by the RADIUS server.
236 handler->timestamp = handler->request->timestamp;
238 handler->next = NULL;
240 #ifdef HAVE_PTHREAD_H
242 * Now that we've finished mucking with the list,
245 pthread_mutex_unlock(&(inst->session_mutex));
249 * We don't need this any more.
251 handler->request = NULL;
257 * Find a a previous EAP-Request sent by us, which matches
258 * the current EAP-Response.
260 * Then, release the handle from the list, and return it to
263 * Also since we fill the eap_ds with the present EAP-Response we
264 * got to free the prev_eapds & move the eap_ds to prev_eapds
266 EAP_HANDLER *eaplist_find(rlm_eap_t *inst, REQUEST *request,
267 eap_packet_t *eap_packet)
269 EAP_HANDLER *node, *next;
271 EAP_HANDLER **first, **last;
274 * We key the sessions off of the 'state' attribute, so it
277 state = pairfind(request->packet->vps, PW_STATE);
279 (state->length != EAP_STATE_LEN)) {
283 #ifdef HAVE_PTHREAD_H
285 * Playing with a data structure shared among threads
286 * means that we need a lock, to avoid conflict.
288 pthread_mutex_lock(&(inst->session_mutex));
291 last = first = &(inst->sessions[state->strvalue[0]]);
293 for (node = *first; node; node = next) {
297 * If the time on this entry has expired,
298 * delete it. We do this while walking the list,
299 * in order to spread out the work of deleting old
302 if ((request->timestamp - node->timestamp) > inst->timer_limit) {
304 eap_handler_free(&node);
309 * Find the previous part of the same conversation,
310 * keying off of the EAP ID, the client IP, and
311 * the State attribute.
313 * If we've found a conversation, then we don't
314 * have to check entries later in the list for
315 * timeout, as they're guaranteed to be newer than
318 if ((node->eap_id == eap_packet->id) &&
319 (node->src_ipaddr == request->packet->src_ipaddr) &&
320 (memcmp(node->state, state->strvalue, state->length) == 0)) {
322 * Check against replays. The client can
323 * re-play a State attribute verbatim, so
324 * we wish to ensure that the attribute falls
325 * within the valid time window, which is
326 * the second at which it was sent out.
328 if (verify_state(state, node->timestamp) != 0) {
329 radlog(L_ERR, "rlm_eap: State verification failed.");
334 DEBUG2(" rlm_eap: Request found, released from the list");
336 * detach the node from the list
342 * Don't bother updating handler->request, etc.
343 * eap_handler() will do that for us.
347 * Remember what the previous request was.
349 eap_ds_free(&(node->prev_eapds));
350 node->prev_eapds = node->eap_ds;
358 last = &(node->next);
362 #ifdef HAVE_PTHREAD_H
363 pthread_mutex_unlock(&(inst->session_mutex));
367 DEBUG2(" rlm_eap: Request not found in the list");