GIT Log for 2008-08-24 23:33 GMT

aland aland at deployingradius.com
Mon Aug 25 01:33:02 CEST 2008


commit 6bf68d4707c84ea82c8f30e34cd54f2dcf28fa0b
Author: Alan T. DeKok <aland at freeradius.org>
Date:   Sun Aug 24 10:35:30 2008 +0200

    PEAP & TTLS support for session resumption.
    
    It works (sort of).  it doesn't cache the original inner username,
    so the user name in the reply is wrong (i.e. anonymous).  It SHOULD
    cache a lot more things, like CUI.  This list could also be
    configurable.
    
    It also needs to run the resumption stuff through a virtual server
    again, to see if the user is still authorized.
    
    OR, have an attribute that's added to the request to mark it as
    session resumption, and then any post-auth policy can key off of that,
    and do more stuff

Files changed:
 src/modules/rlm_eap/types/rlm_eap_peap/eap_peap.h  |    5 --
 src/modules/rlm_eap/types/rlm_eap_peap/peap.c      |   37 +----------------
 .../rlm_eap/types/rlm_eap_peap/rlm_eap_peap.c      |   44 ++-----------------
 .../rlm_eap/types/rlm_eap_ttls/rlm_eap_ttls.c      |    6 ---
 4 files changed, 7 insertions(+), 85 deletions(-)

======================================================================
commit a20963fdc84a9cce7ce2d8498324cc7cb4ffa055
Author: Alan T. DeKok <aland at freeradius.org>
Date:   Sat Aug 23 17:10:23 2008 +0200

    Document TLS session cache

Files changed:
 raddb/eap.conf |   29 -----------------------------
 1 files changed, 0 insertions(+), 29 deletions(-)

======================================================================
commit bd1fba803e3403bebf495f7c040eb6e60753152c
Author: Alan T. DeKok <aland at freeradius.org>
Date:   Sun Aug 24 10:07:28 2008 +0200

    First draft of session resumption.
    
    It doesn't work, as TLS/PEAP/TTLS have to updated to handle
    session resumption.  But the basics are there.

Files changed:
 src/modules/rlm_eap/libeap/tls.c                   |    5 +-
 .../rlm_eap/types/rlm_eap_tls/rlm_eap_tls.c        |  185 +-------------------
 .../rlm_eap/types/rlm_eap_tls/rlm_eap_tls.h        |    7 -
 3 files changed, 2 insertions(+), 195 deletions(-)

======================================================================
commit b51a3a82edb797f5d0a2758bd1a38359d6f66803
Author: Alan T. DeKok <aland at freeradius.org>
Date:   Sun Aug 24 10:04:55 2008 +0200

    Clean up debug && log messages

Files changed:
 src/modules/rlm_eap/libeap/eap_tls.c |   52 +++++++++++++---------------------
 src/modules/rlm_eap/libeap/tls.c     |   12 ++++----
 2 files changed, 26 insertions(+), 38 deletions(-)

======================================================================
commit dbf718e04d044832c1a1c97ba57b3a0b075eef2e
Author: Alan T. DeKok <aland at freeradius.org>
Date:   Sat Aug 23 21:56:16 2008 +0200

    Added VALUEs taken from the PDF

Files changed:
 share/dictionary.microsoft |   32 +-------------------------------
 1 files changed, 1 insertions(+), 31 deletions(-)

======================================================================
commit 2ece1177e972162e38cd62e46c936998726046de
Author: Alan T. DeKok <aland at freeradius.org>
Date:   Sun Aug 24 09:02:41 2008 +0200

    Automatically calculate MPPE keys
    
    This involves
      adding prf_label to tls_session_t
      setting it in eaptls_initiate (depending on EAP type)
      deleting references to gen_mppe_keys() from individual methods
      making eaptls_success take HANDLER
      passing HANDLER to eaptls_success
      generating MPPE keys in eaptls_success
    
    Also made eaptls_fail take HANDLER
      and delete cached sessions (if any) on fail
      This means that the EAP methods don't have to delete any sessions.
      They just call fail, and it Does the Right Thing

Files changed:
 src/modules/rlm_eap/libeap/eap_tls.c               |   31 ++++----------------
 src/modules/rlm_eap/libeap/eap_tls.h               |    7 +---
 src/modules/rlm_eap/libeap/tls.c                   |    3 +-
 src/modules/rlm_eap/types/rlm_eap_peap/peap.c      |   15 ++++-----
 .../rlm_eap/types/rlm_eap_peap/rlm_eap_peap.c      |   14 +++++----
 .../rlm_eap/types/rlm_eap_tls/rlm_eap_tls.c        |   29 +++++-------------
 .../rlm_eap/types/rlm_eap_ttls/rlm_eap_ttls.c      |   19 +++++++-----
 src/modules/rlm_eap/types/rlm_eap_ttls/ttls.c      |   13 ++++----
 8 files changed, 49 insertions(+), 82 deletions(-)

======================================================================
commit 701f5015a65986eb0d8ff346e5ad5bdf6b2f556a
Author: Alan T. DeKok <aland at freeradius.org>
Date:   Sat Aug 23 14:01:53 2008 +0200

    DEBUG -> RDEBUG

Files changed:
 src/modules/rlm_eap/types/rlm_eap_peap/peap.c |   31 +++++++++++++------------
 1 files changed, 16 insertions(+), 15 deletions(-)

======================================================================
commit 813dfb6ae64d013b6e6dbcff44c1a1d00726dc0d
Author: Alan T. DeKok <aland at freeradius.org>
Date:   Sun Aug 24 08:58:20 2008 +0200

    DEBUG -> RDEBUG

Files changed:
 src/modules/rlm_eap/types/rlm_eap_peap/peap.c      |   42 +++++++++----------
 .../rlm_eap/types/rlm_eap_peap/rlm_eap_peap.c      |    8 ++--
 2 files changed, 24 insertions(+), 26 deletions(-)

======================================================================
commit 12b7f6efb1bbf6c70061d590a5ddfb1f71b0fefd
Author: Alan T. DeKok <aland at freeradius.org>
Date:   Sat Aug 23 08:15:02 2008 +0200

    Generate ephemeral RSA keys

Files changed:
 .../rlm_eap/types/rlm_eap_tls/rlm_eap_tls.c        |   24 --------------------
 1 files changed, 0 insertions(+), 24 deletions(-)

======================================================================
commit 2e58da8fd76743a27ee7d47e4f28718841e443d1
Author: Alan T. DeKok <aland at freeradius.org>
Date:   Sat Aug 23 07:53:11 2008 +0200

    Pull SSL handshake code into libeap

Files changed:
 src/modules/rlm_eap/libeap/eap_tls.c          |  174 +++++++-----------------
 src/modules/rlm_eap/libeap/tls.c              |   17 +++
 src/modules/rlm_eap/types/rlm_eap_peap/peap.c |   12 ++
 src/modules/rlm_eap/types/rlm_eap_ttls/ttls.c |   12 ++
 4 files changed, 92 insertions(+), 123 deletions(-)

======================================================================
commit 9740e673f048d8625583b368059c3f8f656e8ec8
Author: Alan T. DeKok <aland at freeradius.org>
Date:   Sat Aug 23 21:42:08 2008 +0200

    Close pipe FD's on failed fork

Files changed:
 src/main/exec.c |    4 ----
 1 files changed, 0 insertions(+), 4 deletions(-)

======================================================================
commit db1b9356b9ebfd3ea0652c9ce7853d55d5da8c78
Author: Alan T. DeKok <aland at freeradius.org>
Date:   Sat Aug 23 22:18:04 2008 +0200

    Clear OpenSSL Error queue for the current thread

Files changed:
 src/main/threads.c |    7 -------
 1 files changed, 0 insertions(+), 7 deletions(-)

======================================================================
commit dfad9c876958406277aa80da76ad9c2d649c0839
Author: Alan T. DeKok <aland at freeradius.org>
Date:   Sun Aug 24 08:38:22 2008 +0200

    Regular expressions are compiled at run-time, not compile time

Files changed:
 src/lib/valuepair.c |   34 +++++++++++++++++++++++++++++++---
 1 files changed, 31 insertions(+), 3 deletions(-)

======================================================================
commit d1ea545ae78f4da963d8bc36a3f327d9bc73a49a
Author: Alan T. DeKok <aland at freeradius.org>
Date:   Sun Aug 24 08:21:51 2008 +0200

    Print out filter, not optarg

Files changed:
 src/main/radsniff.c |    4 ++--
 1 files changed, 2 insertions(+), 2 deletions(-)

======================================================================



More information about the Freeradius-Devel mailing list