summaryrefslogtreecommitdiff
path: root/accel-pppd
diff options
context:
space:
mode:
authorKozlov Dmitry <xeb@mail.ru>2012-04-30 00:28:01 +0400
committerKozlov Dmitry <xeb@mail.ru>2012-04-30 00:28:01 +0400
commit7d5c456ceba4732293aa0e85c6fef87a48daa5a6 (patch)
treeda3f49a5d10d5e9bb306c52facef2a8cbf340c56 /accel-pppd
parentefdff96653311924ac3241ec4acb4609e1d36e19 (diff)
downloadaccel-ppp-xebd-7d5c456ceba4732293aa0e85c6fef87a48daa5a6.tar.gz
accel-ppp-xebd-7d5c456ceba4732293aa0e85c6fef87a48daa5a6.zip
ippool: implemented vendor/attr options to specify which radius attribute containes pool name
Diffstat (limited to 'accel-pppd')
-rw-r--r--accel-pppd/accel-ppp.conf3
-rw-r--r--accel-pppd/accel-ppp.conf.56
-rw-r--r--accel-pppd/extra/ippool.c87
-rw-r--r--accel-pppd/radius/radius.c6
4 files changed, 96 insertions, 6 deletions
diff --git a/accel-pppd/accel-ppp.conf b/accel-pppd/accel-ppp.conf
index 86741f5..da56dae 100644
--- a/accel-pppd/accel-ppp.conf
+++ b/accel-pppd/accel-ppp.conf
@@ -107,6 +107,9 @@ verbose=1
[ip-pool]
gw-ip-address=192.168.0.1
+#vendor=Cisco
+#attr=Cisco-AVPair
+attr=Framed-Pool
192.168.0.2-255
192.168.1.1-255,pool1
192.168.2.1-255,pool2
diff --git a/accel-pppd/accel-ppp.conf.5 b/accel-pppd/accel-ppp.conf.5
index 4591d66..201ade7 100644
--- a/accel-pppd/accel-ppp.conf.5
+++ b/accel-pppd/accel-ppp.conf.5
@@ -495,6 +495,12 @@ Specifies range of remote address of ppp interfaces if form:
.BI "x.x.x.x/mask[,pool_name] or x.x.x.x-y[,pool_name]"
Also specifies range of remote address of ppp interfaces.
.TP
+.BI "attr=" attribute
+Specifies which Radius attribute containes pool name.
+.TP
+.BI "vendor=" vendor
+If attribute is vendor-specific then specify vendor name in this option.
+.TP
.SH [ipv6-pool]
.br
Configuration of ipv6pool module.
diff --git a/accel-pppd/extra/ippool.c b/accel-pppd/extra/ippool.c
index e9a7b0f..7117c3e 100644
--- a/accel-pppd/extra/ippool.c
+++ b/accel-pppd/extra/ippool.c
@@ -5,10 +5,15 @@
#include <string.h>
#include <arpa/inet.h>
+#include "events.h"
#include "ipdb.h"
#include "list.h"
#include "spinlock.h"
+#ifdef RADIUS
+#include "radius.h"
+#endif
+
#include "memdebug.h"
struct ippool_t
@@ -37,6 +42,9 @@ struct ipaddr_t
static struct ipdb_t ipdb;
static in_addr_t conf_gw_ip_address;
+static int conf_vendor = 0;
+static int conf_attr = 88; // Framed-Pool
+
static int cnt;
static LIST_HEAD(pool_list);
static struct ippool_t *def_pool;
@@ -235,6 +243,74 @@ static struct ipdb_t ipdb = {
.put_ipv4 = put_ip,
};
+#ifdef RADIUS
+static int parse_attr(struct ppp_t *ppp, struct rad_attr_t *attr)
+{
+ if (attr->len > sizeof("ip:addr-pool=") && memcmp(attr->val.string, "ip:addr-pool=", sizeof("ip:addr-pool=") - 1) == 0)
+ ppp->ipv4_pool_name = _strdup(attr->val.string + sizeof("ip:addr-pool=") - 1);
+ else if (!attr->vendor)
+ ppp->ipv4_pool_name = _strdup(attr->val.string);
+ else
+ return -1;
+
+ return 0;
+}
+
+static void ev_radius_access_accept(struct ev_radius_t *ev)
+{
+ struct rad_attr_t *attr;
+
+ list_for_each_entry(attr, &ev->reply->attrs, entry) {
+ if (attr->attr->type != ATTR_TYPE_STRING)
+ continue;
+ if (attr->vendor && attr->vendor->id != conf_vendor)
+ continue;
+ if (!attr->vendor && conf_vendor)
+ continue;
+ if (attr->attr->id != conf_attr)
+ continue;
+ if (parse_attr(ev->ppp, attr))
+ continue;
+ break;
+ }
+}
+
+static int parse_attr_opt(const char *opt)
+{
+ struct rad_dict_attr_t *attr;
+ struct rad_dict_vendor_t *vendor;
+
+ if (conf_vendor)
+ vendor = rad_dict_find_vendor_id(conf_vendor);
+ else
+ vendor = NULL;
+
+ if (conf_vendor) {
+ if (vendor)
+ attr = rad_dict_find_vendor_attr(vendor, opt);
+ else
+ attr = NULL;
+ }else
+ attr = rad_dict_find_attr(opt);
+
+ if (attr)
+ return attr->id;
+
+ return atoi(opt);
+}
+
+static int parse_vendor_opt(const char *opt)
+{
+ struct rad_dict_vendor_t *vendor;
+
+ vendor = rad_dict_find_vendor_name(opt);
+ if (vendor)
+ return vendor->id;
+
+ return atoi(opt);
+}
+#endif
+
static void ippool_init(void)
{
struct conf_sect_t *s = conf_get_section("ip-pool");
@@ -248,6 +324,13 @@ static void ippool_init(void)
def_pool = create_pool(NULL);
list_for_each_entry(opt, &s->items, entry) {
+#ifdef RADIUS
+ if (!strcmp(opt->name, "vendor"))
+ conf_vendor = parse_vendor_opt(opt->val);
+ else if (!strcmp(opt->name, "attr"))
+ conf_attr = parse_attr_opt(opt->val);
+ else
+#endif
if (!strcmp(opt->name, "gw-ip-address"))
parse_gw_ip_address(opt->val);
else {
@@ -273,6 +356,10 @@ static void ippool_init(void)
generate_pool(p);
ipdb_register(&ipdb);
+
+#ifdef RADIUS
+ triton_event_register_handler(EV_RADIUS_ACCESS_ACCEPT, (triton_event_func)ev_radius_access_accept);
+#endif
}
DEFINE_INIT(51, ippool_init);
diff --git a/accel-pppd/radius/radius.c b/accel-pppd/radius/radius.c
index ca022db..8f17fcc 100644
--- a/accel-pppd/radius/radius.c
+++ b/accel-pppd/radius/radius.c
@@ -129,12 +129,6 @@ int rad_proc_attrs(struct rad_req_t *req)
a->addr = attr->val.ipv6prefix.prefix;
list_add_tail(&a->entry, &req->rpd->ipv6_dp.prefix_list);
break;
- case Framed_Pool:
- req->rpd->ppp->ipv4_pool_name = _strdup(attr->val.string);
- break;
- case Framed_IPv6_Pool:
- req->rpd->ppp->ipv6_pool_name = _strdup(attr->val.string);
- break;
}
}