GIT Log for 2008-08-24 23:33 GMT
aland
aland at deployingradius.com
Mon Aug 25 01:33:02 CEST 2008
commit 6bf68d4707c84ea82c8f30e34cd54f2dcf28fa0b
Author: Alan T. DeKok <aland at freeradius.org>
Date: Sun Aug 24 10:35:30 2008 +0200
PEAP & TTLS support for session resumption.
It works (sort of). it doesn't cache the original inner username,
so the user name in the reply is wrong (i.e. anonymous). It SHOULD
cache a lot more things, like CUI. This list could also be
configurable.
It also needs to run the resumption stuff through a virtual server
again, to see if the user is still authorized.
OR, have an attribute that's added to the request to mark it as
session resumption, and then any post-auth policy can key off of that,
and do more stuff
Files changed:
src/modules/rlm_eap/types/rlm_eap_peap/eap_peap.h | 5 --
src/modules/rlm_eap/types/rlm_eap_peap/peap.c | 37 +----------------
.../rlm_eap/types/rlm_eap_peap/rlm_eap_peap.c | 44 ++-----------------
.../rlm_eap/types/rlm_eap_ttls/rlm_eap_ttls.c | 6 ---
4 files changed, 7 insertions(+), 85 deletions(-)
======================================================================
commit a20963fdc84a9cce7ce2d8498324cc7cb4ffa055
Author: Alan T. DeKok <aland at freeradius.org>
Date: Sat Aug 23 17:10:23 2008 +0200
Document TLS session cache
Files changed:
raddb/eap.conf | 29 -----------------------------
1 files changed, 0 insertions(+), 29 deletions(-)
======================================================================
commit bd1fba803e3403bebf495f7c040eb6e60753152c
Author: Alan T. DeKok <aland at freeradius.org>
Date: Sun Aug 24 10:07:28 2008 +0200
First draft of session resumption.
It doesn't work, as TLS/PEAP/TTLS have to updated to handle
session resumption. But the basics are there.
Files changed:
src/modules/rlm_eap/libeap/tls.c | 5 +-
.../rlm_eap/types/rlm_eap_tls/rlm_eap_tls.c | 185 +-------------------
.../rlm_eap/types/rlm_eap_tls/rlm_eap_tls.h | 7 -
3 files changed, 2 insertions(+), 195 deletions(-)
======================================================================
commit b51a3a82edb797f5d0a2758bd1a38359d6f66803
Author: Alan T. DeKok <aland at freeradius.org>
Date: Sun Aug 24 10:04:55 2008 +0200
Clean up debug && log messages
Files changed:
src/modules/rlm_eap/libeap/eap_tls.c | 52 +++++++++++++---------------------
src/modules/rlm_eap/libeap/tls.c | 12 ++++----
2 files changed, 26 insertions(+), 38 deletions(-)
======================================================================
commit dbf718e04d044832c1a1c97ba57b3a0b075eef2e
Author: Alan T. DeKok <aland at freeradius.org>
Date: Sat Aug 23 21:56:16 2008 +0200
Added VALUEs taken from the PDF
Files changed:
share/dictionary.microsoft | 32 +-------------------------------
1 files changed, 1 insertions(+), 31 deletions(-)
======================================================================
commit 2ece1177e972162e38cd62e46c936998726046de
Author: Alan T. DeKok <aland at freeradius.org>
Date: Sun Aug 24 09:02:41 2008 +0200
Automatically calculate MPPE keys
This involves
adding prf_label to tls_session_t
setting it in eaptls_initiate (depending on EAP type)
deleting references to gen_mppe_keys() from individual methods
making eaptls_success take HANDLER
passing HANDLER to eaptls_success
generating MPPE keys in eaptls_success
Also made eaptls_fail take HANDLER
and delete cached sessions (if any) on fail
This means that the EAP methods don't have to delete any sessions.
They just call fail, and it Does the Right Thing
Files changed:
src/modules/rlm_eap/libeap/eap_tls.c | 31 ++++----------------
src/modules/rlm_eap/libeap/eap_tls.h | 7 +---
src/modules/rlm_eap/libeap/tls.c | 3 +-
src/modules/rlm_eap/types/rlm_eap_peap/peap.c | 15 ++++-----
.../rlm_eap/types/rlm_eap_peap/rlm_eap_peap.c | 14 +++++----
.../rlm_eap/types/rlm_eap_tls/rlm_eap_tls.c | 29 +++++-------------
.../rlm_eap/types/rlm_eap_ttls/rlm_eap_ttls.c | 19 +++++++-----
src/modules/rlm_eap/types/rlm_eap_ttls/ttls.c | 13 ++++----
8 files changed, 49 insertions(+), 82 deletions(-)
======================================================================
commit 701f5015a65986eb0d8ff346e5ad5bdf6b2f556a
Author: Alan T. DeKok <aland at freeradius.org>
Date: Sat Aug 23 14:01:53 2008 +0200
DEBUG -> RDEBUG
Files changed:
src/modules/rlm_eap/types/rlm_eap_peap/peap.c | 31 +++++++++++++------------
1 files changed, 16 insertions(+), 15 deletions(-)
======================================================================
commit 813dfb6ae64d013b6e6dbcff44c1a1d00726dc0d
Author: Alan T. DeKok <aland at freeradius.org>
Date: Sun Aug 24 08:58:20 2008 +0200
DEBUG -> RDEBUG
Files changed:
src/modules/rlm_eap/types/rlm_eap_peap/peap.c | 42 +++++++++----------
.../rlm_eap/types/rlm_eap_peap/rlm_eap_peap.c | 8 ++--
2 files changed, 24 insertions(+), 26 deletions(-)
======================================================================
commit 12b7f6efb1bbf6c70061d590a5ddfb1f71b0fefd
Author: Alan T. DeKok <aland at freeradius.org>
Date: Sat Aug 23 08:15:02 2008 +0200
Generate ephemeral RSA keys
Files changed:
.../rlm_eap/types/rlm_eap_tls/rlm_eap_tls.c | 24 --------------------
1 files changed, 0 insertions(+), 24 deletions(-)
======================================================================
commit 2e58da8fd76743a27ee7d47e4f28718841e443d1
Author: Alan T. DeKok <aland at freeradius.org>
Date: Sat Aug 23 07:53:11 2008 +0200
Pull SSL handshake code into libeap
Files changed:
src/modules/rlm_eap/libeap/eap_tls.c | 174 +++++++-----------------
src/modules/rlm_eap/libeap/tls.c | 17 +++
src/modules/rlm_eap/types/rlm_eap_peap/peap.c | 12 ++
src/modules/rlm_eap/types/rlm_eap_ttls/ttls.c | 12 ++
4 files changed, 92 insertions(+), 123 deletions(-)
======================================================================
commit 9740e673f048d8625583b368059c3f8f656e8ec8
Author: Alan T. DeKok <aland at freeradius.org>
Date: Sat Aug 23 21:42:08 2008 +0200
Close pipe FD's on failed fork
Files changed:
src/main/exec.c | 4 ----
1 files changed, 0 insertions(+), 4 deletions(-)
======================================================================
commit db1b9356b9ebfd3ea0652c9ce7853d55d5da8c78
Author: Alan T. DeKok <aland at freeradius.org>
Date: Sat Aug 23 22:18:04 2008 +0200
Clear OpenSSL Error queue for the current thread
Files changed:
src/main/threads.c | 7 -------
1 files changed, 0 insertions(+), 7 deletions(-)
======================================================================
commit dfad9c876958406277aa80da76ad9c2d649c0839
Author: Alan T. DeKok <aland at freeradius.org>
Date: Sun Aug 24 08:38:22 2008 +0200
Regular expressions are compiled at run-time, not compile time
Files changed:
src/lib/valuepair.c | 34 +++++++++++++++++++++++++++++++---
1 files changed, 31 insertions(+), 3 deletions(-)
======================================================================
commit d1ea545ae78f4da963d8bc36a3f327d9bc73a49a
Author: Alan T. DeKok <aland at freeradius.org>
Date: Sun Aug 24 08:21:51 2008 +0200
Print out filter, not optarg
Files changed:
src/main/radsniff.c | 4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
======================================================================
More information about the Freeradius-Devel
mailing list