diff options
| author | Dmitry Kozlov <xeb@mail.ru> | 2016-04-02 20:25:13 +0300 |
|---|---|---|
| committer | Dmitry Kozlov <xeb@mail.ru> | 2016-04-02 20:25:13 +0300 |
| commit | 7def2aa4a0af5eb26fc290257585a8c2901c0c3c (patch) | |
| tree | 5aa0750758e7d48865d3c017db2a107a35baf440 | |
| parent | 60a945d8f075a5b90882455fa50678e2888b1d0f (diff) | |
| download | accel-ppp-7def2aa4a0af5eb26fc290257585a8c2901c0c3c.tar.gz accel-ppp-7def2aa4a0af5eb26fc290257585a8c2901c0c3c.zip | |
for single-session=deny make early check for duplicate username (before calling radius)
| -rw-r--r-- | accel-pppd/include/ap_session.h | 1 | ||||
| -rw-r--r-- | accel-pppd/pwdb.c | 10 | ||||
| -rw-r--r-- | accel-pppd/session.c | 20 |
3 files changed, 31 insertions, 0 deletions
diff --git a/accel-pppd/include/ap_session.h b/accel-pppd/include/ap_session.h index c6f15dd8..230eb260 100644 --- a/accel-pppd/include/ap_session.h +++ b/accel-pppd/include/ap_session.h @@ -140,6 +140,7 @@ void ap_session_terminate(struct ap_session *ses, int cause, int hard); void ap_session_activate(struct ap_session *ses); void ap_session_accounting_started(struct ap_session *ses); int ap_session_set_username(struct ap_session *ses, char *username); +int ap_check_username(const char *username); void ap_session_ifup(struct ap_session *ses); void ap_session_ifdown(struct ap_session *ses); diff --git a/accel-pppd/pwdb.c b/accel-pppd/pwdb.c index f42a3a88..6fe015bf 100644 --- a/accel-pppd/pwdb.c +++ b/accel-pppd/pwdb.c @@ -1,8 +1,11 @@ #include <stdlib.h> +#include <sys/socket.h> #include "triton.h" #include "pwdb.h" +#include "ap_session.h" +#include "log.h" #include "memdebug.h" @@ -14,6 +17,11 @@ int __export pwdb_check(struct ap_session *ses, pwdb_callback cb, void *cb_arg, int r, res = PWDB_NO_IMPL; va_list args; + if (ap_check_username(username)) { + log_ppp_info1("%s: second session denied\n", username); + return PWDB_DENIED; + } + va_start(args, type); list_for_each_entry(pwdb, &pwdb_handlers, entry) { @@ -31,6 +39,7 @@ int __export pwdb_check(struct ap_session *ses, pwdb_callback cb, void *cb_arg, return res; } + __export char *pwdb_get_passwd(struct ap_session *ses, const char *username) { struct pwdb_t *pwdb; @@ -51,6 +60,7 @@ void __export pwdb_register(struct pwdb_t *pwdb) { list_add_tail(&pwdb->entry, &pwdb_handlers); } + void __export pwdb_unregister(struct pwdb_t *pwdb) { list_del(&pwdb->entry); diff --git a/accel-pppd/session.c b/accel-pppd/session.c index 1fbac101..ad164f3f 100644 --- a/accel-pppd/session.c +++ b/accel-pppd/session.c @@ -428,6 +428,26 @@ int __export ap_session_set_username(struct ap_session *s, char *username) return 0; } +int __export ap_check_username(const char *username) +{ + struct ap_session *ses; + int r = 0; + + if (conf_single_session) + return 0; + + pthread_rwlock_rdlock(&ses_lock); + list_for_each_entry(ses, &ses_list, entry) { + if (ses->username && !strcmp(ses->username, username)) { + r = 1; + break; + } + } + pthread_rwlock_unlock(&ses_lock); + + return r; +} + static void save_seq(void) { FILE *f; |