"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "src/modules/rlm_eap/types/rlm_eap_fast/rlm_eap_fast.c" between
freeradius-server-3.0.22.tar.bz2 and freeradius-server-3.0.23.tar.bz2

About: FreeRADIUS Server Project - a high performance and highly configurable RADIUS server.

rlm_eap_fast.c  (freeradius-server-3.0.22.tar.bz2):rlm_eap_fast.c  (freeradius-server-3.0.23.tar.bz2)
/* /*
* rlm_eap_fast.c contains the interfaces that are called from eap * rlm_eap_fast.c contains the interfaces that are called from eap
* *
* Version: $Id: 34688b06bfd792115a9d3c37415abc13effee66f $ * Version: $Id: 02ea77f3c220daf7284e8d3e970d8ce9f1acad64 $
* *
* This program is free software; you can redistribute it and/or modify * This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or * the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. * (at your option) any later version.
* *
* This program is distributed in the hope that it will be useful, * This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of * but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details. * GNU General Public License for more details.
* *
* You should have received a copy of the GNU General Public License * You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software * along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
* *
* Copyright 2016 Alan DeKok <aland@freeradius.org> * Copyright 2016 Alan DeKok <aland@freeradius.org>
* Copyright 2016 The FreeRADIUS server project * Copyright 2016 The FreeRADIUS server project
*/ */
RCSID("$Id: 34688b06bfd792115a9d3c37415abc13effee66f $") RCSID("$Id: 02ea77f3c220daf7284e8d3e970d8ce9f1acad64 $")
USES_APPLE_DEPRECATED_API /* OpenSSL API has been deprecated by Apple */ USES_APPLE_DEPRECATED_API /* OpenSSL API has been deprecated by Apple */
#include "eap_fast.h" #include "eap_fast.h"
#include "eap_fast_crypto.h" #include "eap_fast_crypto.h"
#include <freeradius-devel/md5.h> #include <freeradius-devel/md5.h>
/* /*
* An instance of EAP-FAST * An instance of EAP-FAST
*/ */
skipping to change at line 137 skipping to change at line 137
ERROR("rlm_eap_fast.pac_lifetime: must be non-zero"); ERROR("rlm_eap_fast.pac_lifetime: must be non-zero");
return -1; return -1;
} }
#ifdef TLS1_3_VERSION #ifdef TLS1_3_VERSION
if (inst->tls_conf->min_version == TLS1_3_VERSION) { if (inst->tls_conf->min_version == TLS1_3_VERSION) {
ERROR("There are no standards for using TLS 1.3 with EAP-FAST."); ERROR("There are no standards for using TLS 1.3 with EAP-FAST.");
ERROR("You MUST enable TLS 1.2 for EAP-FAST to work."); ERROR("You MUST enable TLS 1.2 for EAP-FAST to work.");
return -1; return -1;
} }
if ((inst->tls_conf->max_version == TLS1_3_VERSION) ||
(inst->tls_conf->min_version == TLS1_3_VERSION)) {
WARN("!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!");
WARN("!! There is no standard for using EAP-FAST with TLS 1.3");
WARN("!! Please set tls_max_version = \"1.2\"");
WARN("!! FreeRADIUS only supports TLS 1.3 for special builds of w
pa_supplicant and Windows");
WARN("!! This limitation is likely to change in late 2021.");
WARN("!! If you are using this version of FreeRADIUS after 2021,
you will probably need to upgrade");
WARN("!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!");
}
#endif #endif
rad_assert(PAC_A_ID_LENGTH == MD5_DIGEST_LENGTH); rad_assert(PAC_A_ID_LENGTH == MD5_DIGEST_LENGTH);
FR_MD5_CTX ctx; FR_MD5_CTX ctx;
fr_md5_init(&ctx); fr_md5_init(&ctx);
fr_md5_update(&ctx, inst->authority_identity, talloc_array_length(inst->a uthority_identity) - 1); fr_md5_update(&ctx, inst->authority_identity, talloc_array_length(inst->a uthority_identity) - 1);
fr_md5_final(inst->a_id, &ctx); fr_md5_final(inst->a_id, &ctx);
return 0; return 0;
} }
 End of changes. 3 change blocks. 
2 lines changed or deleted 17 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)