summaryrefslogtreecommitdiff
path: root/accel-pptpd/radius
diff options
context:
space:
mode:
Diffstat (limited to 'accel-pptpd/radius')
-rw-r--r--accel-pptpd/radius/acct.c2
-rw-r--r--accel-pptpd/radius/auth.c40
-rw-r--r--accel-pptpd/radius/dict.c16
-rw-r--r--accel-pptpd/radius/dm_coa.c27
-rw-r--r--accel-pptpd/radius/packet.c21
-rw-r--r--accel-pptpd/radius/radius.c2
-rw-r--r--accel-pptpd/radius/radius.h81
-rw-r--r--accel-pptpd/radius/radius_p.h90
-rw-r--r--accel-pptpd/radius/req.c2
9 files changed, 173 insertions, 108 deletions
diff --git a/accel-pptpd/radius/acct.c b/accel-pptpd/radius/acct.c
index 785eab3a..72e6df34 100644
--- a/accel-pptpd/radius/acct.c
+++ b/accel-pptpd/radius/acct.c
@@ -8,7 +8,7 @@
#include <openssl/md5.h>
#include "log.h"
-#include "radius.h"
+#include "radius_p.h"
static int req_set_RA(struct rad_req_t *req, const char *secret)
{
diff --git a/accel-pptpd/radius/auth.c b/accel-pptpd/radius/auth.c
index 29c6efd3..92406b34 100644
--- a/accel-pptpd/radius/auth.c
+++ b/accel-pptpd/radius/auth.c
@@ -2,10 +2,12 @@
#include <string.h>
#include <openssl/md5.h>
+#include "triton.h"
+#include "events.h"
#include "log.h"
#include "pwdb.h"
-#include "radius.h"
+#include "radius_p.h"
static uint8_t* encrypt_password(const char *passwd, const char *secret, const uint8_t *RA, int *epasswd_len)
@@ -97,7 +99,15 @@ int rad_auth_pap(struct radius_pd_t *rpd, const char *username, va_list args)
free(epasswd);
- rad_auth_send(req);
+ r = rad_auth_send(req);
+ if (r == PWDB_SUCCESS) {
+ struct ev_radius_t ev = {
+ .ppp = rpd->ppp,
+ .request = req->pack,
+ .reply = req->reply,
+ };
+ triton_event_fire(EV_RADIUS_ACCESS_ACCEPT, &ev);
+ }
out:
rad_req_free(req);
@@ -134,6 +144,14 @@ int rad_auth_chap_md5(struct radius_pd_t *rpd, const char *username, va_list arg
goto out;
r = rad_auth_send(req);
+ if (r == PWDB_SUCCESS) {
+ struct ev_radius_t ev = {
+ .ppp = rpd->ppp,
+ .request = req->pack,
+ .reply = req->reply,
+ };
+ triton_event_fire(EV_RADIUS_ACCESS_ACCEPT, &ev);
+ }
out:
rad_req_free(req);
@@ -154,7 +172,7 @@ int rad_auth_mschap_v1(struct radius_pd_t *rpd, const char *username, va_list ar
const uint8_t *nt_response = va_arg(args, const uint8_t *);
int flags = va_arg(args, int);
- req = rad_req_alloc(rpd, CODE_ACCESS_REQUEST, username);
+ req = rad_req_alloc(rpd, CODE_ACCESS_ACCEPT, username);
if (!req)
return PWDB_DENIED;
@@ -170,6 +188,14 @@ int rad_auth_mschap_v1(struct radius_pd_t *rpd, const char *username, va_list ar
goto out;
r = rad_auth_send(req);
+ if (r == PWDB_SUCCESS) {
+ struct ev_radius_t ev = {
+ .ppp = rpd->ppp,
+ .request = req->pack,
+ .reply = req->reply,
+ };
+ triton_event_fire(EV_RADIUS_ACCESS_ACCEPT, &ev);
+ }
out:
rad_req_free(req);
@@ -217,6 +243,14 @@ int rad_auth_mschap_v2(struct radius_pd_t *rpd, const char *username, va_list ar
} else
memcpy(authenticator, ra->val.octets + 3, 40);
}
+ if (r == PWDB_SUCCESS) {
+ struct ev_radius_t ev = {
+ .ppp = rpd->ppp,
+ .request = req->pack,
+ .reply = req->reply,
+ };
+ triton_event_fire(EV_RADIUS_ACCESS_ACCEPT, &ev);
+ }
out:
rad_req_free(req);
diff --git a/accel-pptpd/radius/dict.c b/accel-pptpd/radius/dict.c
index 6db77813..bd7a4ef3 100644
--- a/accel-pptpd/radius/dict.c
+++ b/accel-pptpd/radius/dict.c
@@ -5,7 +5,7 @@
#include <limits.h>
#include "list.h"
-#include "radius.h"
+#include "radius_p.h"
#include "log.h"
static struct rad_dict_t *dict;
@@ -281,12 +281,12 @@ static struct rad_dict_attr_t *dict_find_attr(struct list_head *items, const cha
return NULL;
}
-struct rad_dict_attr_t *rad_dict_find_attr(const char *name)
+__export struct rad_dict_attr_t *rad_dict_find_attr(const char *name)
{
return dict_find_attr(&dict->items, name);
}
-struct rad_dict_attr_t *rad_dict_find_attr_id(struct rad_dict_vendor_t *vendor, int id)
+__export struct rad_dict_attr_t *rad_dict_find_attr_id(struct rad_dict_vendor_t *vendor, int id)
{
struct rad_dict_attr_t *attr;
struct list_head *items = vendor ? &vendor->items : &dict->items;
@@ -298,7 +298,7 @@ struct rad_dict_attr_t *rad_dict_find_attr_id(struct rad_dict_vendor_t *vendor,
return NULL;
}
-struct rad_dict_value_t *rad_dict_find_val_name(struct rad_dict_attr_t *attr, const char *name)
+__export struct rad_dict_value_t *rad_dict_find_val_name(struct rad_dict_attr_t *attr, const char *name)
{
struct rad_dict_value_t *val;
@@ -309,7 +309,7 @@ struct rad_dict_value_t *rad_dict_find_val_name(struct rad_dict_attr_t *attr, co
return NULL;
}
-struct rad_dict_value_t *rad_dict_find_val(struct rad_dict_attr_t *attr, rad_value_t v)
+__export struct rad_dict_value_t *rad_dict_find_val(struct rad_dict_attr_t *attr, rad_value_t v)
{
struct rad_dict_value_t *val;
@@ -323,7 +323,7 @@ struct rad_dict_value_t *rad_dict_find_val(struct rad_dict_attr_t *attr, rad_val
return NULL;
}
-struct rad_dict_vendor_t *rad_dict_find_vendor_name(const char *name)
+__export struct rad_dict_vendor_t *rad_dict_find_vendor_name(const char *name)
{
struct rad_dict_vendor_t *vendor;
@@ -335,7 +335,7 @@ struct rad_dict_vendor_t *rad_dict_find_vendor_name(const char *name)
return NULL;
}
-struct rad_dict_vendor_t *rad_dict_find_vendor_id(int id)
+__export struct rad_dict_vendor_t *rad_dict_find_vendor_id(int id)
{
struct rad_dict_vendor_t *vendor;
@@ -347,7 +347,7 @@ struct rad_dict_vendor_t *rad_dict_find_vendor_id(int id)
return NULL;
}
-struct rad_dict_attr_t *rad_dict_find_vendor_attr(struct rad_dict_vendor_t *vendor, const char *name)
+__export struct rad_dict_attr_t *rad_dict_find_vendor_attr(struct rad_dict_vendor_t *vendor, const char *name)
{
return dict_find_attr(&vendor->items, name);
}
diff --git a/accel-pptpd/radius/dm_coa.c b/accel-pptpd/radius/dm_coa.c
index 784ad826..f515f873 100644
--- a/accel-pptpd/radius/dm_coa.c
+++ b/accel-pptpd/radius/dm_coa.c
@@ -12,9 +12,10 @@
#include <openssl/md5.h>
#include "triton.h"
+#include "events.h"
#include "log.h"
-#include "radius.h"
+#include "radius_p.h"
#define PD_COA_PORT 3799
@@ -98,7 +99,8 @@ static int dm_coa_send_nak(int fd, struct rad_packet_t *req, struct sockaddr_in
reply->id = req->id;
- rad_packet_add_int(reply, "Error-Cause", err_code);
+ if (err_code)
+ rad_packet_add_int(reply, "Error-Cause", err_code);
if (rad_packet_build(reply, RA)) {
rad_packet_free(reply);
@@ -137,14 +139,28 @@ static void disconnect_request(struct radius_pd_t *rpd)
static void coa_request(struct radius_pd_t *rpd)
{
+ struct ev_radius_t ev = {
+ .ppp = rpd->ppp,
+ .request = rpd->dm_coa_req,
+ };
+
if (conf_verbose) {
log_ppp_debug("recv ");
rad_packet_print(rpd->dm_coa_req, log_ppp_debug);
}
-/// TODO: CoA handling
+
+ triton_event_fire(EV_RADIUS_COA, &ev);
+
+ if (ev.res)
+ dm_coa_send_nak(serv.hnd.fd, rpd->dm_coa_req, &rpd->dm_coa_addr, 0);
+ else
+ dm_coa_send_ack(serv.hnd.fd, rpd->dm_coa_req, &rpd->dm_coa_addr);
rad_packet_free(rpd->dm_coa_req);
+
+ pthread_mutex_lock(&rpd->lock);
rpd->dm_coa_req = NULL;
+ pthread_mutex_unlock(&rpd->lock);
}
static int dm_coa_read(struct triton_md_handler_t *h)
@@ -187,6 +203,11 @@ static int dm_coa_read(struct triton_md_handler_t *h)
goto out_err;
}
+ if (rpd->dm_coa_req) {
+ pthread_mutex_unlock(&rpd->lock);
+ goto out_err_no_reply;
+ }
+
rpd->dm_coa_req = pack;
memcpy(&rpd->dm_coa_addr, &addr, sizeof(addr));
diff --git a/accel-pptpd/radius/packet.c b/accel-pptpd/radius/packet.c
index 0aeafa54..9e7df01d 100644
--- a/accel-pptpd/radius/packet.c
+++ b/accel-pptpd/radius/packet.c
@@ -8,7 +8,7 @@
#include "log.h"
-#include "radius.h"
+#include "radius_p.h"
struct rad_packet_t *rad_packet_alloc(int code)
{
@@ -165,7 +165,8 @@ struct rad_packet_t *rad_packet_recv(int fd, struct sockaddr_in *addr)
n -= 2 + len;
} else
log_ppp_warn("radius:packet: vendor %s not found\n", id);
- }
+ } else
+ vendor = NULL;
da = rad_dict_find_attr_id(vendor, id);
if (da) {
attr = malloc(sizeof(*attr));
@@ -257,28 +258,28 @@ void rad_packet_print(struct rad_packet_t *pack, void (*print)(const char *fmt,
print("Access-Reject");
break;
case CODE_ACCOUNTING_REQUEST:
- printf("Accounting-Request");
+ print("Accounting-Request");
break;
case CODE_ACCOUNTING_RESPONSE:
- printf("Accounting-Response");
+ print("Accounting-Response");
break;
case CODE_DISCONNECT_REQUEST:
- printf("Disconnect-Request");
+ print("Disconnect-Request");
break;
case CODE_DISCONNECT_ACK:
- printf("Disconnect-ACK");
+ print("Disconnect-ACK");
break;
case CODE_DISCONNECT_NAK:
- printf("Disconnect-NAK");
+ print("Disconnect-NAK");
break;
case CODE_COA_REQUEST:
- printf("CoA-Request");
+ print("CoA-Request");
break;
case CODE_COA_ACK:
- printf("CoA-ACK");
+ print("CoA-ACK");
break;
case CODE_COA_NAK:
- printf("CoA-NAK");
+ print("CoA-NAK");
break;
default:
print("Unknown (%i)", pack->code);
diff --git a/accel-pptpd/radius/radius.c b/accel-pptpd/radius/radius.c
index 133ed29c..04e41332 100644
--- a/accel-pptpd/radius/radius.c
+++ b/accel-pptpd/radius/radius.c
@@ -11,7 +11,7 @@
#include "pwdb.h"
#include "ipdb.h"
-#include "radius.h"
+#include "radius_p.h"
#define CHAP_MD5 5
#define MSCHAP_V1 0x80
diff --git a/accel-pptpd/radius/radius.h b/accel-pptpd/radius/radius.h
index 8403b339..dca93d4f 100644
--- a/accel-pptpd/radius/radius.h
+++ b/accel-pptpd/radius/radius.h
@@ -2,12 +2,6 @@
#define __RADIUS_H
#include <stdint.h>
-#include <netinet/in.h>
-#include <pthread.h>
-
-#include "triton.h"
-#include "ppp.h"
-#include "ipdb.h"
#define REQ_LENGTH_MAX 4096
@@ -32,23 +26,6 @@
#define CODE_COA_ACK 44
#define CODE_COA_NAK 45
-struct radius_pd_t
-{
- struct list_head entry;
- struct ppp_pd_t pd;
- struct ppp_t *ppp;
- pthread_mutex_t lock;
-
- struct rad_req_t *acct_req;
- struct triton_timer_t acct_interim_timer;
-
- struct rad_packet_t *dm_coa_req;
- struct sockaddr_in dm_coa_addr;
-
- struct ipdb_item_t ipaddr;
- int acct_interim_interval;
-};
-
typedef union
{
int integer;
@@ -106,41 +83,7 @@ struct rad_packet_t
struct list_head attrs;
void *buf;
};
-struct rad_req_t
-{
- struct triton_context_t ctx;
- struct triton_md_handler_t hnd;
- struct triton_timer_t timeout;
- uint8_t RA[16];
- struct rad_packet_t *pack;
- struct rad_packet_t *reply;
- const char *server_name;
- int server_port;
-
- struct radius_pd_t *rpd;
-};
-
-extern int conf_max_try;
-extern int conf_timeout;
-extern int conf_verbose;
-extern char *conf_nas_identifier;
-extern char *conf_nas_ip_address;
-extern char *conf_gw_ip_address;
-extern char *conf_auth_server;
-extern char *conf_auth_secret;
-extern int conf_auth_server_port;
-extern char *conf_acct_server;
-extern char *conf_acct_secret;
-extern int conf_acct_server_port;
-extern char *conf_dm_coa_secret;
-
-int rad_check_nas_pack(struct rad_packet_t *pack);
-struct radius_pd_t *rad_find_session(const char *sessionid, const char *username, int port_id, in_addr_t ipaddr);
-struct radius_pd_t *rad_find_session_pack(struct rad_packet_t *pack);
-
-int rad_dict_load(const char *fname);
-void rad_dict_free(struct rad_dict_t *dict);
struct rad_dict_attr_t *rad_dict_find_attr(const char *name);
struct rad_dict_attr_t *rad_dict_find_attr_id(struct rad_dict_vendor_t *vendor, int type);
struct rad_dict_value_t *rad_dict_find_val_name(struct rad_dict_attr_t *, const char *name);
@@ -149,12 +92,6 @@ struct rad_dict_vendor_t *rad_dict_find_vendor_name(const char *name);
struct rad_dict_vendor_t *rad_dict_find_vendor_id(int id);
struct rad_dict_attr_t *rad_dict_find_vendor_attr(struct rad_dict_vendor_t *vendor, const char *name);
-struct rad_req_t *rad_req_alloc(struct radius_pd_t *rpd, int code, const char *username);
-int rad_req_acct_fill(struct rad_req_t *);
-void rad_req_free(struct rad_req_t *);
-int rad_req_send(struct rad_req_t *);
-int rad_req_wait(struct rad_req_t *, int);
-
struct rad_attr_t *rad_packet_find_attr(struct rad_packet_t *pack, const char *name);
int rad_packet_add_int(struct rad_packet_t *pack, const char *name, int val);
int rad_packet_add_val(struct rad_packet_t *pack, const char *name, const char *val);
@@ -165,23 +102,5 @@ int rad_packet_change_val(struct rad_packet_t *pack, const char *name, const cha
int rad_packet_add_vendor_octets(struct rad_packet_t *pack, const char *vendor_name, const char *name, const uint8_t *val, int len);
struct rad_attr_t *rad_packet_find_vendor_attr(struct rad_packet_t *pack, const char *vendor_name, const char *name);
-struct rad_packet_t *rad_packet_alloc(int code);
-int rad_packet_build(struct rad_packet_t *pack, uint8_t *RA);
-struct rad_packet_t *rad_packet_recv(int fd, struct sockaddr_in *addr);
-void rad_packet_free(struct rad_packet_t *);
-void rad_packet_print(struct rad_packet_t *pack, void (*print)(const char *fmt, ...));
-int rad_packet_send(struct rad_packet_t *pck, int fd, struct sockaddr_in *addr);
-
-struct radius_pd_t *find_pd(struct ppp_t *ppp);
-void rad_proc_attrs(struct rad_req_t *req);
-
-int rad_auth_pap(struct radius_pd_t *rpd, const char *username, va_list args);
-int rad_auth_chap_md5(struct radius_pd_t *rpd, const char *username, va_list args);
-int rad_auth_mschap_v1(struct radius_pd_t *rpd, const char *username, va_list args);
-int rad_auth_mschap_v2(struct radius_pd_t *rpd, const char *username, va_list args);
-
-int rad_acct_start(struct radius_pd_t *rpd);
-void rad_acct_stop(struct radius_pd_t *rpd);
-
#endif
diff --git a/accel-pptpd/radius/radius_p.h b/accel-pptpd/radius/radius_p.h
new file mode 100644
index 00000000..3aa54064
--- /dev/null
+++ b/accel-pptpd/radius/radius_p.h
@@ -0,0 +1,90 @@
+#ifndef __RADIUS_P_H
+#define __RADIUS_P_H
+
+#include <netinet/in.h>
+#include <pthread.h>
+
+#include "triton.h"
+#include "radius.h"
+#include "ppp.h"
+#include "ipdb.h"
+
+struct radius_pd_t
+{
+ struct list_head entry;
+ struct ppp_pd_t pd;
+ struct ppp_t *ppp;
+ pthread_mutex_t lock;
+
+ struct rad_req_t *acct_req;
+ struct triton_timer_t acct_interim_timer;
+
+ struct rad_packet_t *dm_coa_req;
+ struct sockaddr_in dm_coa_addr;
+
+ struct ipdb_item_t ipaddr;
+ int acct_interim_interval;
+};
+
+struct rad_req_t
+{
+ struct triton_context_t ctx;
+ struct triton_md_handler_t hnd;
+ struct triton_timer_t timeout;
+ uint8_t RA[16];
+ struct rad_packet_t *pack;
+ struct rad_packet_t *reply;
+ const char *server_name;
+ int server_port;
+
+ struct radius_pd_t *rpd;
+};
+
+extern int conf_max_try;
+extern int conf_timeout;
+extern int conf_verbose;
+extern char *conf_nas_identifier;
+extern char *conf_nas_ip_address;
+extern char *conf_gw_ip_address;
+extern char *conf_auth_server;
+extern char *conf_auth_secret;
+extern int conf_auth_server_port;
+extern char *conf_acct_server;
+extern char *conf_acct_secret;
+extern int conf_acct_server_port;
+extern char *conf_dm_coa_secret;
+
+int rad_check_nas_pack(struct rad_packet_t *pack);
+struct radius_pd_t *rad_find_session(const char *sessionid, const char *username, int port_id, in_addr_t ipaddr);
+struct radius_pd_t *rad_find_session_pack(struct rad_packet_t *pack);
+
+int rad_dict_load(const char *fname);
+void rad_dict_free(struct rad_dict_t *dict);
+
+struct rad_req_t *rad_req_alloc(struct radius_pd_t *rpd, int code, const char *username);
+int rad_req_acct_fill(struct rad_req_t *);
+void rad_req_free(struct rad_req_t *);
+int rad_req_send(struct rad_req_t *);
+int rad_req_wait(struct rad_req_t *, int);
+
+struct radius_pd_t *find_pd(struct ppp_t *ppp);
+void rad_proc_attrs(struct rad_req_t *req);
+
+int rad_auth_pap(struct radius_pd_t *rpd, const char *username, va_list args);
+int rad_auth_chap_md5(struct radius_pd_t *rpd, const char *username, va_list args);
+int rad_auth_mschap_v1(struct radius_pd_t *rpd, const char *username, va_list args);
+int rad_auth_mschap_v2(struct radius_pd_t *rpd, const char *username, va_list args);
+
+int rad_acct_start(struct radius_pd_t *rpd);
+void rad_acct_stop(struct radius_pd_t *rpd);
+
+struct rad_packet_t *rad_packet_alloc(int code);
+int rad_packet_build(struct rad_packet_t *pack, uint8_t *RA);
+struct rad_packet_t *rad_packet_recv(int fd, struct sockaddr_in *addr);
+void rad_packet_free(struct rad_packet_t *);
+void rad_packet_print(struct rad_packet_t *pack, void (*print)(const char *fmt, ...));
+int rad_packet_send(struct rad_packet_t *pck, int fd, struct sockaddr_in *addr);
+
+
+#endif
+
diff --git a/accel-pptpd/radius/req.c b/accel-pptpd/radius/req.c
index e6f29c53..a9192bb4 100644
--- a/accel-pptpd/radius/req.c
+++ b/accel-pptpd/radius/req.c
@@ -9,7 +9,7 @@
#include <arpa/inet.h>
#include "log.h"
-#include "radius.h"
+#include "radius_p.h"
static int urandom_fd;
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-10 11:45:27 +0000