diff options
| author | Rene Mayrhofer <rene@mayrhofer.eu.org> | 2009-10-21 11:18:20 +0000 |
|---|---|---|
| committer | Rene Mayrhofer <rene@mayrhofer.eu.org> | 2009-10-21 11:18:20 +0000 |
| commit | a9b7f8d4a4a4202facd9690580b38542e7933f00 (patch) | |
| tree | d82a9d506c62cff257e5292845b68df3ca5c60dc /src/charon/plugins/eap_radius | |
| parent | 12263dccbbb6747d53b97333c3d6f0f17e1bffea (diff) | |
| download | vyos-strongswan-a9b7f8d4a4a4202facd9690580b38542e7933f00.tar.gz vyos-strongswan-a9b7f8d4a4a4202facd9690580b38542e7933f00.zip | |
- New upstream release.
- Don't disable internal crypto plugins, pluto expects to find them in
some cases.
- Enable integrity checking.
Diffstat (limited to 'src/charon/plugins/eap_radius')
| -rw-r--r-- | src/charon/plugins/eap_radius/Makefile.am | 2 | ||||
| -rw-r--r-- | src/charon/plugins/eap_radius/Makefile.in | 7 | ||||
| -rw-r--r-- | src/charon/plugins/eap_radius/eap_radius.c | 21 | ||||
| -rw-r--r-- | src/charon/plugins/eap_radius/radius_client.c | 5 |
4 files changed, 26 insertions, 9 deletions
diff --git a/src/charon/plugins/eap_radius/Makefile.am b/src/charon/plugins/eap_radius/Makefile.am index f7de2f14f..df5c94656 100644 --- a/src/charon/plugins/eap_radius/Makefile.am +++ b/src/charon/plugins/eap_radius/Makefile.am @@ -10,5 +10,5 @@ libstrongswan_eapradius_la_SOURCES = \ eap_radius.h eap_radius.c \ radius_client.h radius_client.c \ radius_message.h radius_message.c -libstrongswan_eapradius_la_LDFLAGS = -module +libstrongswan_eapradius_la_LDFLAGS = -module -avoid-version diff --git a/src/charon/plugins/eap_radius/Makefile.in b/src/charon/plugins/eap_radius/Makefile.in index e7a4cd0f8..c30111fad 100644 --- a/src/charon/plugins/eap_radius/Makefile.in +++ b/src/charon/plugins/eap_radius/Makefile.in @@ -76,12 +76,14 @@ ETAGS = etags CTAGS = ctags DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) ACLOCAL = @ACLOCAL@ +ALLOCA = @ALLOCA@ AMTAR = @AMTAR@ AR = @AR@ AUTOCONF = @AUTOCONF@ AUTOHEADER = @AUTOHEADER@ AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ +BTLIB = @BTLIB@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ @@ -146,6 +148,7 @@ RUBYINCLUDE = @RUBYINCLUDE@ SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ +SOCKLIB = @SOCKLIB@ STRIP = @STRIP@ VERSION = @VERSION@ YACC = @YACC@ @@ -186,7 +189,9 @@ includedir = @includedir@ infodir = @infodir@ install_sh = @install_sh@ ipsecdir = @ipsecdir@ +ipsecgid = @ipsecgid@ ipsecgroup = @ipsecgroup@ +ipsecuid = @ipsecuid@ ipsecuser = @ipsecuser@ libdir = @libdir@ libexecdir = @libexecdir@ @@ -229,7 +234,7 @@ libstrongswan_eapradius_la_SOURCES = \ radius_client.h radius_client.c \ radius_message.h radius_message.c -libstrongswan_eapradius_la_LDFLAGS = -module +libstrongswan_eapradius_la_LDFLAGS = -module -avoid-version all: all-am .SUFFIXES: diff --git a/src/charon/plugins/eap_radius/eap_radius.c b/src/charon/plugins/eap_radius/eap_radius.c index ee2477440..deb3b648b 100644 --- a/src/charon/plugins/eap_radius/eap_radius.c +++ b/src/charon/plugins/eap_radius/eap_radius.c @@ -66,6 +66,11 @@ struct private_eap_radius_t { * TRUE to use EAP-Start, FALSE to send EAP-Identity Response directly */ bool eap_start; + + /** + * Prefix to prepend to EAP identity + */ + char *id_prefix; }; /** @@ -86,18 +91,20 @@ static void add_eap_identity(private_eap_radius_t *this, /** identity data */ u_int8_t data[]; } __attribute__((__packed__)) *hdr; - chunk_t id; + chunk_t id, prefix; size_t len; id = this->peer->get_encoding(this->peer); - len = sizeof(*hdr) + id.len; + prefix = chunk_create(this->id_prefix, strlen(this->id_prefix)); + len = sizeof(*hdr) + prefix.len + id.len; hdr = alloca(len); hdr->code = EAP_RESPONSE; hdr->identifier = 0; hdr->length = htons(len); hdr->type = EAP_IDENTITY; - memcpy(hdr->data, id.ptr, id.len); + memcpy(hdr->data, prefix.ptr, prefix.len); + memcpy(hdr->data + prefix.len, id.ptr, id.len); request->add(request, RAT_EAP_MESSAGE, chunk_create((u_char*)hdr, len)); } @@ -136,9 +143,12 @@ static status_t initiate(private_eap_radius_t *this, eap_payload_t **out) { radius_message_t *request, *response; status_t status = FAILED; + chunk_t username; request = radius_message_create_request(); - request->add(request, RAT_USER_NAME, this->peer->get_encoding(this->peer)); + username = chunk_create(this->id_prefix, strlen(this->id_prefix)); + username = chunk_cata("cc", username, this->peer->get_encoding(this->peer)); + request->add(request, RAT_USER_NAME, username); if (this->eap_start) { @@ -283,7 +293,8 @@ eap_radius_t *eap_radius_create(identification_t *server, identification_t *peer this->msk = chunk_empty; this->eap_start = lib->settings->get_bool(lib->settings, "charon.plugins.eap_radius.eap_start", FALSE); - + this->id_prefix = lib->settings->get_str(lib->settings, + "charon.plugins.eap_radius.id_prefix", ""); return &this->public; } diff --git a/src/charon/plugins/eap_radius/radius_client.c b/src/charon/plugins/eap_radius/radius_client.c index 57d3f8f21..de1bafc6d 100644 --- a/src/charon/plugins/eap_radius/radius_client.c +++ b/src/charon/plugins/eap_radius/radius_client.c @@ -161,8 +161,8 @@ bool radius_client_init() "charon.plugins.eap_radius.sockets", 1); sockets = linked_list_create(); - mutex = mutex_create(MUTEX_DEFAULT); - condvar = condvar_create(CONDVAR_DEFAULT); + mutex = mutex_create(MUTEX_TYPE_DEFAULT); + condvar = condvar_create(CONDVAR_TYPE_DEFAULT); for (i = 0; i < count; i++) { fd = socket(host->get_family(host), SOCK_DGRAM, IPPROTO_UDP); @@ -353,6 +353,7 @@ static radius_message_t* request(private_radius_client_t *this, } DBG1(DBG_CFG, "RADIUS server is not responding"); put_socket(socket); + charon->bus->alert(charon->bus, ALERT_RADIUS_NOT_RESPONDING); return NULL; } |