From e1603a51f450ad7ee52fe89ef5d78b82845fdcc2 Mon Sep 17 00:00:00 2001 From: Dmitry Kozlov Date: Thu, 28 Oct 2010 01:02:37 +0400 Subject: radius: rewrited Termination-Action attribute handling so it is rfc compliant now --- accel-pptpd/auth/auth_chap_md5.c | 44 +++++++++++++++++++++++++++------------ accel-pptpd/auth/auth_mschap_v1.c | 43 ++++++++++++++++++++++++++------------ accel-pptpd/auth/auth_mschap_v2.c | 43 ++++++++++++++++++++++++++------------ accel-pptpd/auth/auth_pap.c | 6 +++--- 4 files changed, 94 insertions(+), 42 deletions(-) (limited to 'accel-pptpd/auth') diff --git a/accel-pptpd/auth/auth_chap_md5.c b/accel-pptpd/auth/auth_chap_md5.c index a29cedb0..89124105 100644 --- a/accel-pptpd/auth/auth_chap_md5.c +++ b/accel-pptpd/auth/auth_chap_md5.c @@ -81,8 +81,8 @@ struct chap_auth_data_t static void chap_send_challenge(struct chap_auth_data_t *ad); static void chap_recv(struct ppp_handler_t *h); -static void chap_timeout(struct triton_timer_t *t); -static void chap_restart(struct triton_timer_t *t); +static void chap_timeout_timer(struct triton_timer_t *t); +static void chap_restart_timer(struct triton_timer_t *t); static void print_buf(const uint8_t *buf, int size) { @@ -112,6 +112,12 @@ static void auth_data_free(struct ppp_t *ppp, struct auth_data_t *auth) { struct chap_auth_data_t *d = container_of(auth, typeof(*d), auth); + if (d->timeout.tpd) + triton_timer_del(&d->timeout); + + if (d->interval.tpd) + triton_timer_del(&d->interval); + _free(d); } @@ -121,9 +127,9 @@ static int chap_start(struct ppp_t *ppp, struct auth_data_t *auth) d->h.proto = PPP_CHAP; d->h.recv = chap_recv; - d->timeout.expire = chap_timeout; + d->timeout.expire = chap_timeout_timer; d->timeout.period = conf_timeout * 1000; - d->interval.expire = chap_restart; + d->interval.expire = chap_restart_timer; d->interval.period = conf_interval * 1000; ppp_register_chan_handler(ppp, &d->h); @@ -148,7 +154,7 @@ static int chap_finish(struct ppp_t *ppp, struct auth_data_t *auth) return 0; } -static void chap_timeout(struct triton_timer_t *t) +static void chap_timeout_timer(struct triton_timer_t *t) { struct chap_auth_data_t *d = container_of(t, typeof(*d), timeout); @@ -159,14 +165,14 @@ static void chap_timeout(struct triton_timer_t *t) if (d->started) ppp_terminate(d->ppp, TERM_USER_ERROR, 0); else - auth_failed(d->ppp); + ppp_auth_failed(d->ppp); } else { --d->id; chap_send_challenge(d); } } -static void chap_restart(struct triton_timer_t *t) +static void chap_restart_timer(struct triton_timer_t *t) { struct chap_auth_data_t *d = container_of(t, typeof(*d), interval); @@ -305,7 +311,7 @@ static void chap_recv_response(struct chap_auth_data_t *ad, struct chap_hdr_t *h if (ad->started) ppp_terminate(ad->ppp, TERM_USER_ERROR, 0); else - auth_failed(ad->ppp); + ppp_auth_failed(ad->ppp); }else { chap_send_success(ad); @@ -313,8 +319,9 @@ static void chap_recv_response(struct chap_auth_data_t *ad, struct chap_hdr_t *h ad->started = 1; if (conf_interval) triton_timer_add(ad->ppp->ctrl->ctx, &ad->interval, 0); - auth_successed(ad->ppp, name); - } + ppp_auth_successed(ad->ppp, name); + } else + _free(name); } _free(passwd); } else if (r == PWDB_DENIED) { @@ -323,15 +330,16 @@ static void chap_recv_response(struct chap_auth_data_t *ad, struct chap_hdr_t *h if (ad->started) ppp_terminate(ad->ppp, TERM_USER_ERROR, 0); else - auth_failed(ad->ppp); + ppp_auth_failed(ad->ppp); } else { chap_send_success(ad); if (!ad->started) { ad->started = 1; if (conf_interval) triton_timer_add(ad->ppp->ctrl->ctx, &ad->interval, 0); - auth_successed(ad->ppp, name); - } + ppp_auth_successed(ad->ppp, name); + } else + _free(name); } } @@ -340,6 +348,15 @@ static int chap_check(uint8_t *ptr) return *ptr == CHAP_MD5; } +static int chap_restart(struct ppp_t *ppp, struct auth_data_t *auth) +{ + struct chap_auth_data_t *d = container_of(auth, typeof(*d), auth); + + chap_send_challenge(d); + + return 0; +} + static struct ppp_auth_handler_t chap= { .name = "CHAP-md5", @@ -350,6 +367,7 @@ static struct ppp_auth_handler_t chap= .start = chap_start, .finish = chap_finish, .check = chap_check, + .restart = chap_restart, }; static void chap_recv(struct ppp_handler_t *h) diff --git a/accel-pptpd/auth/auth_mschap_v1.c b/accel-pptpd/auth/auth_mschap_v1.c index d74f8e92..8208ef22 100644 --- a/accel-pptpd/auth/auth_mschap_v1.c +++ b/accel-pptpd/auth/auth_mschap_v1.c @@ -95,8 +95,8 @@ struct chap_auth_data_t static void chap_send_challenge(struct chap_auth_data_t *ad); static void chap_recv(struct ppp_handler_t *h); static int chap_check_response(struct chap_auth_data_t *ad, struct chap_response_t *res, const char *name); -static void chap_timeout(struct triton_timer_t *t); -static void chap_restart(struct triton_timer_t *t); +static void chap_timeout_timer(struct triton_timer_t *t); +static void chap_restart_timer(struct triton_timer_t *t); static void print_buf(const uint8_t *buf,int size) { @@ -126,6 +126,12 @@ static void auth_data_free(struct ppp_t *ppp, struct auth_data_t *auth) { struct chap_auth_data_t *d = container_of(auth, typeof(*d), auth); + if (d->timeout.tpd) + triton_timer_del(&d->timeout); + + if (d->interval.tpd) + triton_timer_del(&d->interval); + _free(d); } @@ -135,9 +141,9 @@ static int chap_start(struct ppp_t *ppp, struct auth_data_t *auth) d->h.proto = PPP_CHAP; d->h.recv = chap_recv; - d->timeout.expire = chap_timeout; + d->timeout.expire = chap_timeout_timer; d->timeout.period = conf_timeout * 1000; - d->interval.expire = chap_restart; + d->interval.expire = chap_restart_timer; d->interval.period = conf_interval * 1000; ppp_register_chan_handler(ppp, &d->h); @@ -162,7 +168,7 @@ static int chap_finish(struct ppp_t *ppp, struct auth_data_t *auth) return 0; } -static void chap_timeout(struct triton_timer_t *t) +static void chap_timeout_timer(struct triton_timer_t *t) { struct chap_auth_data_t *d = container_of(t, typeof(*d), timeout); @@ -173,14 +179,14 @@ static void chap_timeout(struct triton_timer_t *t) if (d->started) ppp_terminate(d->ppp, TERM_USER_ERROR, 0); else - auth_failed(d->ppp); + ppp_auth_failed(d->ppp); } else { --d->id; chap_send_challenge(d); } } -static void chap_restart(struct triton_timer_t *t) +static void chap_restart_timer(struct triton_timer_t *t) { struct chap_auth_data_t *d = container_of(t, typeof(*d), interval); @@ -283,7 +289,7 @@ static void chap_recv_response(struct chap_auth_data_t *ad, struct chap_hdr_t *h if (ad->started) ppp_terminate(ad->ppp, TERM_USER_ERROR, 0); else - auth_failed(ad->ppp); + ppp_auth_failed(ad->ppp); } if (msg->val_size != RESPONSE_VALUE_SIZE) { @@ -292,7 +298,7 @@ static void chap_recv_response(struct chap_auth_data_t *ad, struct chap_hdr_t *h if (ad->started) ppp_terminate(ad->ppp, TERM_AUTH_ERROR, 0); else - auth_failed(ad->ppp); + ppp_auth_failed(ad->ppp); } name = _strndup(msg->name, ntohs(msg->hdr.len) - sizeof(*msg) + 2); @@ -301,7 +307,7 @@ static void chap_recv_response(struct chap_auth_data_t *ad, struct chap_hdr_t *h if (ad->started) ppp_terminate(ad->ppp, TERM_NAS_ERROR, 0); else - auth_failed(ad->ppp); + ppp_auth_failed(ad->ppp); return; } @@ -315,7 +321,7 @@ static void chap_recv_response(struct chap_auth_data_t *ad, struct chap_hdr_t *h if (ad->started) ppp_terminate(ad->ppp, TERM_AUTH_ERROR, 0); else - auth_failed(ad->ppp); + ppp_auth_failed(ad->ppp); _free(name); } else { chap_send_success(ad); @@ -323,8 +329,9 @@ static void chap_recv_response(struct chap_auth_data_t *ad, struct chap_hdr_t *h ad->started = 1; if (conf_interval) triton_timer_add(ad->ppp->ctrl->ctx, &ad->interval, 0); - auth_successed(ad->ppp, name); - } + ppp_auth_successed(ad->ppp, name); + } else + _free(name); } } @@ -400,6 +407,15 @@ static int chap_check(uint8_t *ptr) return *ptr == MSCHAP_V1; } +static int chap_restart(struct ppp_t *ppp, struct auth_data_t *auth) +{ + struct chap_auth_data_t *d = container_of(auth, typeof(*d), auth); + + chap_send_challenge(d); + + return 0; +} + static struct ppp_auth_handler_t chap = { .name = "MSCHAP-v1", .init = auth_data_init, @@ -409,6 +425,7 @@ static struct ppp_auth_handler_t chap = { .start = chap_start, .finish = chap_finish, .check = chap_check, + .restart = chap_restart, }; static void chap_recv(struct ppp_handler_t *h) diff --git a/accel-pptpd/auth/auth_mschap_v2.c b/accel-pptpd/auth/auth_mschap_v2.c index 8e4a7c08..08cdde93 100644 --- a/accel-pptpd/auth/auth_mschap_v2.c +++ b/accel-pptpd/auth/auth_mschap_v2.c @@ -109,8 +109,8 @@ struct chap_auth_data_t static void chap_send_challenge(struct chap_auth_data_t *ad); static void chap_recv(struct ppp_handler_t *h); static int chap_check_response(struct chap_auth_data_t *ad, struct chap_response_t *msg, const char *name); -static void chap_timeout(struct triton_timer_t *t); -static void chap_restart(struct triton_timer_t *t); +static void chap_timeout_timer(struct triton_timer_t *t); +static void chap_restart_timer(struct triton_timer_t *t); static void print_buf(const uint8_t *buf, int size) { @@ -141,6 +141,12 @@ static void auth_data_free(struct ppp_t *ppp, struct auth_data_t *auth) { struct chap_auth_data_t *d = container_of(auth, typeof(*d), auth); + if (d->timeout.tpd) + triton_timer_del(&d->timeout); + + if (d->interval.tpd) + triton_timer_del(&d->interval); + _free(d); } @@ -150,9 +156,9 @@ static int chap_start(struct ppp_t *ppp, struct auth_data_t *auth) d->h.proto = PPP_CHAP; d->h.recv = chap_recv; - d->timeout.expire = chap_timeout; + d->timeout.expire = chap_timeout_timer; d->timeout.period = conf_timeout * 1000; - d->interval.expire = chap_restart; + d->interval.expire = chap_restart_timer; d->interval.period = conf_interval * 1000; ppp_register_chan_handler(ppp, &d->h); @@ -177,7 +183,7 @@ static int chap_finish(struct ppp_t *ppp, struct auth_data_t *auth) return 0; } -static void chap_timeout(struct triton_timer_t *t) +static void chap_timeout_timer(struct triton_timer_t *t) { struct chap_auth_data_t *d = container_of(t, typeof(*d), timeout); @@ -188,14 +194,14 @@ static void chap_timeout(struct triton_timer_t *t) if (d->started) ppp_terminate(d->ppp, TERM_USER_ERROR, 0); else - auth_failed(d->ppp); + ppp_auth_failed(d->ppp); } else { --d->id; chap_send_challenge(d); } } -static void chap_restart(struct triton_timer_t *t) +static void chap_restart_timer(struct triton_timer_t *t) { struct chap_auth_data_t *d = container_of(t, typeof(*d), interval); @@ -358,7 +364,7 @@ static void chap_recv_response(struct chap_auth_data_t *ad, struct chap_hdr_t *h if (ad->started) ppp_terminate(ad->ppp, TERM_USER_ERROR, 0); else - auth_failed(ad->ppp); + ppp_auth_failed(ad->ppp); } if (msg->val_size != RESPONSE_VALUE_SIZE) { @@ -367,7 +373,7 @@ static void chap_recv_response(struct chap_auth_data_t *ad, struct chap_hdr_t *h if (ad->started) ppp_terminate(ad->ppp, TERM_USER_ERROR, 0); else - auth_failed(ad->ppp); + ppp_auth_failed(ad->ppp); } name = _strndup(msg->name, ntohs(msg->hdr.len) - sizeof(*msg) + 2); @@ -376,7 +382,7 @@ static void chap_recv_response(struct chap_auth_data_t *ad, struct chap_hdr_t *h if (ad->started) ppp_terminate(ad->ppp, TERM_NAS_ERROR, 0); else - auth_failed(ad->ppp); + ppp_auth_failed(ad->ppp); return; } @@ -395,7 +401,7 @@ static void chap_recv_response(struct chap_auth_data_t *ad, struct chap_hdr_t *h if (ad->started) ppp_terminate(ad->ppp, TERM_AUTH_ERROR, 0); else - auth_failed(ad->ppp); + ppp_auth_failed(ad->ppp); _free(name); } else { chap_send_success(ad, msg, authenticator); @@ -403,8 +409,9 @@ static void chap_recv_response(struct chap_auth_data_t *ad, struct chap_hdr_t *h ad->started = 1; if (conf_interval) triton_timer_add(ad->ppp->ctrl->ctx, &ad->interval, 0); - auth_successed(ad->ppp, name); - } + ppp_auth_successed(ad->ppp, name); + } else + _free(name); } } @@ -489,6 +496,15 @@ static int chap_check(uint8_t *ptr) return *ptr == MSCHAP_V2; } +static int chap_restart(struct ppp_t *ppp, struct auth_data_t *auth) +{ + struct chap_auth_data_t *d = container_of(auth, typeof(*d), auth); + + chap_send_challenge(d); + + return 0; +} + static struct ppp_auth_handler_t chap= { .name = "MSCHAP-v2", @@ -499,6 +515,7 @@ static struct ppp_auth_handler_t chap= .start = chap_start, .finish = chap_finish, .check = chap_check, + .restart = chap_restart, }; static void chap_recv(struct ppp_handler_t *h) diff --git a/accel-pptpd/auth/auth_pap.c b/accel-pptpd/auth/auth_pap.c index 814d02db..96640a1a 100644 --- a/accel-pptpd/auth/auth_pap.c +++ b/accel-pptpd/auth/auth_pap.c @@ -118,7 +118,7 @@ static void pap_timeout(struct triton_timer_t *t) if (conf_ppp_verbose) log_ppp_warn("pap: timeout\n"); - auth_failed(d->ppp); + ppp_auth_failed(d->ppp); } static int lcp_send_conf_req(struct ppp_t *ppp, struct auth_data_t *d, uint8_t *ptr) @@ -213,14 +213,14 @@ static int pap_recv_req(struct pap_auth_data_t *p, struct pap_hdr_t *hdr) if (p->started) ppp_terminate(p->ppp, TERM_AUTH_ERROR, 0); else - auth_failed(p->ppp); + ppp_auth_failed(p->ppp); ret=-1; _free(peer_id); } else { pap_send_ack(p, hdr->id); if (!p->started) { p->started = 1; - auth_successed(p->ppp, peer_id); + ppp_auth_successed(p->ppp, peer_id); } ret = 0; } -- cgit v1.2.3