From a9b7f8d4a4a4202facd9690580b38542e7933f00 Mon Sep 17 00:00:00 2001
From: Rene Mayrhofer <rene@mayrhofer.eu.org>
Date: Wed, 21 Oct 2009 11:18:20 +0000
Subject: - New upstream release. - Don't disable internal crypto plugins,
 pluto expects to find them in   some cases. - Enable integrity checking.

---
 src/charon/plugins/eap_radius/Makefile.am     |  2 +-
 src/charon/plugins/eap_radius/Makefile.in     |  7 ++++++-
 src/charon/plugins/eap_radius/eap_radius.c    | 21 ++++++++++++++++-----
 src/charon/plugins/eap_radius/radius_client.c |  5 +++--
 4 files changed, 26 insertions(+), 9 deletions(-)

(limited to 'src/charon/plugins/eap_radius')

diff --git a/src/charon/plugins/eap_radius/Makefile.am b/src/charon/plugins/eap_radius/Makefile.am
index f7de2f14f..df5c94656 100644
--- a/src/charon/plugins/eap_radius/Makefile.am
+++ b/src/charon/plugins/eap_radius/Makefile.am
@@ -10,5 +10,5 @@ libstrongswan_eapradius_la_SOURCES = \
   eap_radius.h eap_radius.c \
   radius_client.h radius_client.c \
   radius_message.h radius_message.c
-libstrongswan_eapradius_la_LDFLAGS = -module
+libstrongswan_eapradius_la_LDFLAGS = -module -avoid-version
 
diff --git a/src/charon/plugins/eap_radius/Makefile.in b/src/charon/plugins/eap_radius/Makefile.in
index e7a4cd0f8..c30111fad 100644
--- a/src/charon/plugins/eap_radius/Makefile.in
+++ b/src/charon/plugins/eap_radius/Makefile.in
@@ -76,12 +76,14 @@ ETAGS = etags
 CTAGS = ctags
 DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
 ACLOCAL = @ACLOCAL@
+ALLOCA = @ALLOCA@
 AMTAR = @AMTAR@
 AR = @AR@
 AUTOCONF = @AUTOCONF@
 AUTOHEADER = @AUTOHEADER@
 AUTOMAKE = @AUTOMAKE@
 AWK = @AWK@
+BTLIB = @BTLIB@
 CC = @CC@
 CCDEPMODE = @CCDEPMODE@
 CFLAGS = @CFLAGS@
@@ -146,6 +148,7 @@ RUBYINCLUDE = @RUBYINCLUDE@
 SED = @SED@
 SET_MAKE = @SET_MAKE@
 SHELL = @SHELL@
+SOCKLIB = @SOCKLIB@
 STRIP = @STRIP@
 VERSION = @VERSION@
 YACC = @YACC@
@@ -186,7 +189,9 @@ includedir = @includedir@
 infodir = @infodir@
 install_sh = @install_sh@
 ipsecdir = @ipsecdir@
+ipsecgid = @ipsecgid@
 ipsecgroup = @ipsecgroup@
+ipsecuid = @ipsecuid@
 ipsecuser = @ipsecuser@
 libdir = @libdir@
 libexecdir = @libexecdir@
@@ -229,7 +234,7 @@ libstrongswan_eapradius_la_SOURCES = \
   radius_client.h radius_client.c \
   radius_message.h radius_message.c
 
-libstrongswan_eapradius_la_LDFLAGS = -module
+libstrongswan_eapradius_la_LDFLAGS = -module -avoid-version
 all: all-am
 
 .SUFFIXES:
diff --git a/src/charon/plugins/eap_radius/eap_radius.c b/src/charon/plugins/eap_radius/eap_radius.c
index ee2477440..deb3b648b 100644
--- a/src/charon/plugins/eap_radius/eap_radius.c
+++ b/src/charon/plugins/eap_radius/eap_radius.c
@@ -66,6 +66,11 @@ struct private_eap_radius_t {
 	 * TRUE to use EAP-Start, FALSE to send EAP-Identity Response directly
 	 */
 	bool eap_start;
+	
+	/**
+	 * Prefix to prepend to EAP identity
+	 */
+	char *id_prefix;
 };
 
 /**
@@ -86,18 +91,20 @@ static void add_eap_identity(private_eap_radius_t *this,
 		/** identity data */
 		u_int8_t data[];
 	} __attribute__((__packed__)) *hdr;
-	chunk_t id;
+	chunk_t id, prefix;
 	size_t len;
 	
 	id = this->peer->get_encoding(this->peer);
-	len = sizeof(*hdr) + id.len;
+	prefix = chunk_create(this->id_prefix, strlen(this->id_prefix));
+	len = sizeof(*hdr) + prefix.len + id.len;
 	
 	hdr = alloca(len);
 	hdr->code = EAP_RESPONSE;
 	hdr->identifier = 0;
 	hdr->length = htons(len);
 	hdr->type = EAP_IDENTITY;
-	memcpy(hdr->data, id.ptr, id.len);
+	memcpy(hdr->data, prefix.ptr, prefix.len);
+	memcpy(hdr->data + prefix.len, id.ptr, id.len);
 	
 	request->add(request, RAT_EAP_MESSAGE, chunk_create((u_char*)hdr, len));
 }
@@ -136,9 +143,12 @@ static status_t initiate(private_eap_radius_t *this, eap_payload_t **out)
 {
 	radius_message_t *request, *response;
 	status_t status = FAILED;
+	chunk_t username;
 	
 	request = radius_message_create_request();
-	request->add(request, RAT_USER_NAME, this->peer->get_encoding(this->peer));
+	username = chunk_create(this->id_prefix, strlen(this->id_prefix));
+	username = chunk_cata("cc", username, this->peer->get_encoding(this->peer));
+	request->add(request, RAT_USER_NAME, username);
 	
 	if (this->eap_start)
 	{
@@ -283,7 +293,8 @@ eap_radius_t *eap_radius_create(identification_t *server, identification_t *peer
 	this->msk = chunk_empty;
 	this->eap_start = lib->settings->get_bool(lib->settings, 
 								"charon.plugins.eap_radius.eap_start", FALSE);
-	
+	this->id_prefix = lib->settings->get_str(lib->settings,
+								"charon.plugins.eap_radius.id_prefix", "");
 	return &this->public;
 }
 
diff --git a/src/charon/plugins/eap_radius/radius_client.c b/src/charon/plugins/eap_radius/radius_client.c
index 57d3f8f21..de1bafc6d 100644
--- a/src/charon/plugins/eap_radius/radius_client.c
+++ b/src/charon/plugins/eap_radius/radius_client.c
@@ -161,8 +161,8 @@ bool radius_client_init()
 					"charon.plugins.eap_radius.sockets", 1);
 	
 	sockets = linked_list_create();
-	mutex = mutex_create(MUTEX_DEFAULT);
-	condvar = condvar_create(CONDVAR_DEFAULT);
+	mutex = mutex_create(MUTEX_TYPE_DEFAULT);
+	condvar = condvar_create(CONDVAR_TYPE_DEFAULT);
 	for (i = 0; i < count; i++)
 	{
 		fd = socket(host->get_family(host), SOCK_DGRAM, IPPROTO_UDP);
@@ -353,6 +353,7 @@ static radius_message_t* request(private_radius_client_t *this,
 	}
 	DBG1(DBG_CFG, "RADIUS server is not responding");
 	put_socket(socket);
+	charon->bus->alert(charon->bus, ALERT_RADIUS_NOT_RESPONDING);
 	return NULL;
 }
 
-- 
cgit v1.2.3