radius: implemented Class, Termination-Action attributes

4 files changed, 29 insertions, 4 deletions

diff --git a/accel-pptpd/radius/auth.c b/accel-pptpd/radius/auth.c
index 2e764397..0667075e 100644
--- a/accel-pptpd/radius/auth.c
+++ b/accel-pptpd/radius/auth.c
@@ -159,9 +159,10 @@ static int rad_auth_send(struct rad_req_t *req)
 	if (!req->reply)
 		log_ppp_warn("radius:auth: no response\n");
 	else if (req->reply->code == CODE_ACCESS_ACCEPT) {
-		rad_proc_attrs(req);
+		if (rad_proc_attrs(req))
+			return PWDB_DENIED;
 		return PWDB_SUCCESS;
-}
+	}
 
 out:
 	return PWDB_DENIED;
diff --git a/accel-pptpd/radius/radius.c b/accel-pptpd/radius/radius.c
index f24724fa..9f50dede 100644
--- a/accel-pptpd/radius/radius.c
+++ b/accel-pptpd/radius/radius.c
@@ -45,9 +45,10 @@ static struct ipdb_t ipdb;
 
 static mempool_t rpd_pool;
 
-void rad_proc_attrs(struct rad_req_t *req)
+int rad_proc_attrs(struct rad_req_t *req)
 {
 	struct rad_attr_t *attr;
+	int res = 0;
 
 	list_for_each_entry(attr, &req->reply->attrs, entry) {
 		if (attr->vendor)
@@ -68,8 +69,22 @@ void rad_proc_attrs(struct rad_req_t *req)
 			case Session_Timeout:
 				req->rpd->session_timeout.expire_tv.tv_sec = attr->val.integer;
 				break;
+			case Class:
+				req->rpd->class = _malloc(attr->len);
+				if (!req->rpd->class) {
+					log_emerg("radius: out of memory\n");
+					return -1;
+				}
+				memcpy(req->rpd->class, attr->val.octets, attr->len);
+				req->rpd->class_len = attr->len;
+				break;
+			case Termination_Action:
+				if (attr->val.integer != 0)
+					res = -1;
 		}
 	}
+
+	return res;
 }
 
 static int check(struct pwdb_t *pwdb, struct ppp_t *ppp, const char *username, int type, va_list _args)
@@ -177,6 +192,9 @@ static void ppp_finished(struct ppp_t *ppp)
 	if (rpd->session_timeout.tpd)
 		triton_timer_del(&rpd->session_timeout);
 
+	if (rpd->class)
+		_free(rpd->class);
+
 	list_del(&rpd->pd.entry);
 	
 	mempool_free(rpd);
diff --git a/accel-pptpd/radius/radius_p.h b/accel-pptpd/radius/radius_p.h
index d7f009d8..af7af06e 100644
--- a/accel-pptpd/radius/radius_p.h
+++ b/accel-pptpd/radius/radius_p.h
@@ -31,6 +31,9 @@ struct radius_pd_t
 	struct ipdb_item_t ipaddr;
 	int acct_interim_interval;
 	int acct_delay_time;
+	
+	uint8_t *class;
+	int class_len;
 };
 
 struct rad_req_t
@@ -75,7 +78,7 @@ int rad_req_send(struct rad_req_t *);
 int rad_req_wait(struct rad_req_t *, int);
 
 struct radius_pd_t *find_pd(struct ppp_t *ppp);
-void rad_proc_attrs(struct rad_req_t *req);
+int rad_proc_attrs(struct rad_req_t *req);
 
 int rad_auth_pap(struct radius_pd_t *rpd, const char *username, va_list args);
 int rad_auth_chap_md5(struct radius_pd_t *rpd, const char *username, va_list args);
diff --git a/accel-pptpd/radius/req.c b/accel-pptpd/radius/req.c
index 1941321d..a1156c3c 100644
--- a/accel-pptpd/radius/req.c
+++ b/accel-pptpd/radius/req.c
@@ -70,6 +70,9 @@ struct rad_req_t *rad_req_alloc(struct radius_pd_t *rpd, int code, const char *u
 	if (rpd->ppp->ctrl->called_station_id)
 		if (rad_packet_add_str(req->pack, "Called-Station-Id", rpd->ppp->ctrl->called_station_id, strlen(rpd->ppp->ctrl->called_station_id)))
 			goto out_err;
+	if (rpd->class)
+		if (rad_packet_add_octets(req->pack, "Class", rpd->class, rpd->class_len))
+			goto out_err;
 
 	return req;