embedaddon/mpd/src/radius.c - diff

Return to radius.c CVS log

Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / mpd / src

Diff for /embedaddon/mpd/src/radius.c between versions 1.1.1.1 and 1.1.1.2

version 1.1.1.1, 2012/02/21 23:32:47	version 1.1.1.2, 2013/07/22 08:44:29
Line 49	Line 49
/* Set menu options */	/* Set menu options */

enum {	enum {
	UNSET_SERVER,
SET_SERVER,	SET_SERVER,
SET_ME,	SET_ME,
SET_MEV6,	SET_MEV6,
Line 63	Line 64
/*	/*
* GLOBAL VARIABLES	* GLOBAL VARIABLES
*/	*/
	const struct cmdtab RadiusUnSetCmds[] = {
	{ "server {name} [{auth port}] [{acct port}]", "Unset (remove) radius server" ,
	RadiusSetCommand, NULL, 2, (void *) UNSET_SERVER },
	{ NULL },
	};

const struct cmdtab RadiusSetCmds[] = {	const struct cmdtab RadiusSetCmds[] = {
{ "server {name} {secret} [{auth port}] [{acct port}]", "Set radius server parameters" ,	{ "server {name} {secret} [{auth port}] [{acct port}]", "Set radius server parameters" ,
RadiusSetCommand, NULL, 2, (void *) SET_SERVER },	RadiusSetCommand, NULL, 2, (void *) SET_SERVER },
Line 344 RadiusSetCommand(Context ctx, int ac, char *av[], void	Line 350 RadiusSetCommand(Context ctx, int ac, char *av[], void
RadConf const conf = &ctx->lnk->lcp.auth.conf.radius;	RadConf const conf = &ctx->lnk->lcp.auth.conf.radius;
RadServe_Conf server;	RadServe_Conf server;
RadServe_Conf t_server;	RadServe_Conf t_server;
	RadServe_Conf next, prev;
int val, count;	int val, count;
struct u_addr t;	struct u_addr t;
int auth_port = 1812;	int auth_port = 1812;
Line 354 RadiusSetCommand(Context ctx, int ac, char *av[], void	Line 361 RadiusSetCommand(Context ctx, int ac, char *av[], void

switch ((intptr_t)arg) {	switch ((intptr_t)arg) {

	case UNSET_SERVER:

	if (ac > 3 \|\| ac < 1) {
	return(-1);
	}
	for ( prev = NULL, t_server = conf->server ;
	t_server != NULL && (next = t_server->next, 1) ;
	prev = t_server, t_server = next) {

	if (strcmp(t_server->hostname, av[0]) != 0)
	continue;
	if (ac > 1 && t_server->auth_port != atoi(av[1]))
	continue;
	if (ac > 2 && t_server->acct_port != atoi(av[2]))
	continue;

	if (t_server == conf->server) {
	conf->server = t_server->next;
	} else {
	prev->next = t_server->next;
	t_server->next = NULL;
	}

	Freee(t_server->hostname);
	Freee(t_server->sharedsecret);
	Freee(t_server);
	t_server = prev;
	}

	break;

case SET_SERVER:	case SET_SERVER:
if (ac > 4 \|\| ac < 2) {	if (ac > 4 \|\| ac < 2) {
return(-1);	return(-1);
Line 1421 RadiusGetParams(AuthData auth, int eap_proxy)	Line 1459 RadiusGetParams(AuthData auth, int eap_proxy)

case RAD_FRAMED_IP_ADDRESS:	case RAD_FRAMED_IP_ADDRESS:
ip = rad_cvt_addr(data);	ip = rad_cvt_addr(data);
Log(LG_RADIUS2, ("[%s] RADIUS: Get RAD_FRAMED_IP_ADDRESS: %s ",	Log(LG_RADIUS2, ("[%s] RADIUS: Get RAD_FRAMED_IP_ADDRESS: %s",
auth->info.lnkname, inet_ntoa(ip)));	auth->info.lnkname, inet_ntoa(ip)));

if (strcmp(inet_ntoa(ip), "255.255.255.255") == 0) {	if (strcmp(inet_ntoa(ip), "255.255.255.255") == 0) {
/* the peer can choose an address */	/* the peer can choose an address */
Log(LG_RADIUS2, ("[%s] the peer can choose an address", auth->info.lnkname));	Log(LG_RADIUS2, ("[%s] the peer can choose an address", auth->info.lnkname));
Line 1446 RadiusGetParams(AuthData auth, int eap_proxy)	Line 1484 RadiusGetParams(AuthData auth, int eap_proxy)
/* copy it into the persistent data struct */	/* copy it into the persistent data struct */
strlcpy(auth->params.authname, tmpval, sizeof(auth->params.authname));	strlcpy(auth->params.authname, tmpval, sizeof(auth->params.authname));
free(tmpval);	free(tmpval);
Log(LG_RADIUS2, ("[%s] RADIUS: Get RAD_USER_NAME: %s ",	Log(LG_RADIUS2, ("[%s] RADIUS: Get RAD_USER_NAME: %s",
auth->info.lnkname, auth->params.authname));	auth->info.lnkname, auth->params.authname));
break;	break;

case RAD_FRAMED_IP_NETMASK:	case RAD_FRAMED_IP_NETMASK:
ip = rad_cvt_addr(data);	ip = rad_cvt_addr(data);
auth->params.netmask = in_addrtowidth(&ip);	auth->params.netmask = in_addrtowidth(&ip);
Log(LG_RADIUS2, ("[%s] RADIUS: Get RAD_FRAMED_IP_NETMASK: %s (/%d) ",	Log(LG_RADIUS2, ("[%s] RADIUS: Get RAD_FRAMED_IP_NETMASK: %s (/%d)",
auth->info.lnkname, inet_ntoa(ip), auth->params.netmask));	auth->info.lnkname, inet_ntoa(ip), auth->params.netmask));
break;	break;

case RAD_FRAMED_ROUTE:	case RAD_FRAMED_ROUTE:
route = rad_cvt_string(data, len);	route = rad_cvt_string(data, len);
Log(LG_RADIUS2, ("[%s] RADIUS: Get RAD_FRAMED_ROUTE: %s ",	Log(LG_RADIUS2, ("[%s] RADIUS: Get RAD_FRAMED_ROUTE: %s",
auth->info.lnkname, route));	auth->info.lnkname, route));
if (!ParseRange(route, &range, ALLOW_IPV4)) {	if (!ParseRange(route, &range, ALLOW_IPV4)) {
Log(LG_RADIUS, ("[%s] RADIUS: Get RAD_FRAMED_ROUTE: Bad route \"%s\"",	Log(LG_RADIUS, ("[%s] RADIUS: Get RAD_FRAMED_ROUTE: Bad route \"%s\"",
Line 1488 RadiusGetParams(AuthData auth, int eap_proxy)	Line 1526 RadiusGetParams(AuthData auth, int eap_proxy)

case RAD_FRAMED_IPV6_ROUTE:	case RAD_FRAMED_IPV6_ROUTE:
route = rad_cvt_string(data, len);	route = rad_cvt_string(data, len);
Log(LG_RADIUS2, ("[%s] RADIUS: Get RAD_FRAMED_IPV6_ROUTE: %s ",	Log(LG_RADIUS2, ("[%s] RADIUS: Get RAD_FRAMED_IPV6_ROUTE: %s",
auth->info.lnkname, route));	auth->info.lnkname, route));
if (!ParseRange(route, &range, ALLOW_IPV6)) {	if (!ParseRange(route, &range, ALLOW_IPV6)) {
Log(LG_RADIUS, ("[%s] RADIUS: Get RAD_FRAMED_IPV6_ROUTE: Bad route \"%s\"", auth->info.lnkname, route));	Log(LG_RADIUS, ("[%s] RADIUS: Get RAD_FRAMED_IPV6_ROUTE: Bad route \"%s\"", auth->info.lnkname, route));
Line 1516 RadiusGetParams(AuthData auth, int eap_proxy)	Line 1554 RadiusGetParams(AuthData auth, int eap_proxy)

case RAD_SESSION_TIMEOUT:	case RAD_SESSION_TIMEOUT:
auth->params.session_timeout = rad_cvt_int(data);	auth->params.session_timeout = rad_cvt_int(data);
Log(LG_RADIUS2, ("[%s] RADIUS: Get RAD_SESSION_TIMEOUT: %u ",	Log(LG_RADIUS2, ("[%s] RADIUS: Get RAD_SESSION_TIMEOUT: %u",
auth->info.lnkname, auth->params.session_timeout));	auth->info.lnkname, auth->params.session_timeout));
break;	break;

case RAD_IDLE_TIMEOUT:	case RAD_IDLE_TIMEOUT:
auth->params.idle_timeout = rad_cvt_int(data);	auth->params.idle_timeout = rad_cvt_int(data);
Log(LG_RADIUS2, ("[%s] RADIUS: Get RAD_IDLE_TIMEOUT: %u ",	Log(LG_RADIUS2, ("[%s] RADIUS: Get RAD_IDLE_TIMEOUT: %u",
auth->info.lnkname, auth->params.idle_timeout));	auth->info.lnkname, auth->params.idle_timeout));
break;	break;

case RAD_ACCT_INTERIM_INTERVAL:	case RAD_ACCT_INTERIM_INTERVAL:
auth->params.acct_update = rad_cvt_int(data);	auth->params.acct_update = rad_cvt_int(data);
Log(LG_RADIUS2, ("[%s] RADIUS: Get RAD_ACCT_INTERIM_INTERVAL: %u ",	Log(LG_RADIUS2, ("[%s] RADIUS: Get RAD_ACCT_INTERIM_INTERVAL: %u",
auth->info.lnkname, auth->params.acct_update));	auth->info.lnkname, auth->params.acct_update));
break;	break;

case RAD_FRAMED_MTU:	case RAD_FRAMED_MTU:
i = rad_cvt_int(data);	i = rad_cvt_int(data);
Log(LG_RADIUS2, ("[%s] RADIUS: Get RAD_FRAMED_MTU: %u ",	Log(LG_RADIUS2, ("[%s] RADIUS: Get RAD_FRAMED_MTU: %u",
auth->info.lnkname, i));	auth->info.lnkname, i));
if (i < IFACE_MIN_MTU \|\| i > IFACE_MAX_MTU) {	if (i < IFACE_MIN_MTU \|\| i > IFACE_MAX_MTU) {
Log(LG_RADIUS, ("[%s] RADIUS: Get RAD_FRAMED_MTU: invalid MTU: %u ",	Log(LG_RADIUS, ("[%s] RADIUS: Get RAD_FRAMED_MTU: invalid MTU: %u",
auth->info.lnkname, i));	auth->info.lnkname, i));
auth->params.mtu = 0;	auth->params.mtu = 0;
break;	break;
Line 1576 RadiusGetParams(AuthData auth, int eap_proxy)	Line 1614 RadiusGetParams(AuthData auth, int eap_proxy)
break;	break;

case RAD_REPLY_MESSAGE:	case RAD_REPLY_MESSAGE:
	Freee(auth->reply_message);
	auth->reply_message = NULL;
	if (len == 0)
	break;
tmpval = rad_cvt_string(data, len);	tmpval = rad_cvt_string(data, len);
Log(LG_RADIUS2, ("[%s] RADIUS: Get RAD_REPLY_MESSAGE: %s ",
auth->info.lnkname, tmpval));
auth->reply_message = Mdup(MB_AUTH, tmpval, len + 1);	auth->reply_message = Mdup(MB_AUTH, tmpval, len + 1);
free(tmpval);	free(tmpval);
	Log(LG_RADIUS2, ("[%s] RADIUS: Get RAD_REPLY_MESSAGE: %s",
	auth->info.lnkname, auth->reply_message));
break;	break;

case RAD_FRAMED_POOL:	case RAD_FRAMED_POOL:
Line 1588 RadiusGetParams(AuthData auth, int eap_proxy)	Line 1630 RadiusGetParams(AuthData auth, int eap_proxy)
/* copy it into the persistent data struct */	/* copy it into the persistent data struct */
strlcpy(auth->params.ippool, tmpval, sizeof(auth->params.ippool));	strlcpy(auth->params.ippool, tmpval, sizeof(auth->params.ippool));
free(tmpval);	free(tmpval);
Log(LG_RADIUS2, ("[%s] RADIUS: Get RAD_FRAMED_POOL: %s ",	Log(LG_RADIUS2, ("[%s] RADIUS: Get RAD_FRAMED_POOL: %s",
auth->info.lnkname, auth->params.ippool));	auth->info.lnkname, auth->params.ippool));
break;	break;

case RAD_VENDOR_SPECIFIC:	case RAD_VENDOR_SPECIFIC:
if ((res = rad_get_vendor_attr(&vendor, &data, &len)) == -1) {	if ((res = rad_get_vendor_attr(&vendor, &data, &len)) == -1) {
Log(LG_RADIUS, ("[%s] RADIUS: Get vendor attr failed: %s ",	Log(LG_RADIUS, ("[%s] RADIUS: Get vendor attr failed: %s",
auth->info.lnkname, rad_strerror(auth->radius.handle)));	auth->info.lnkname, rad_strerror(auth->radius.handle)));
return RAD_NACK;	return RAD_NACK;
}	}
Line 1653 RadiusGetParams(AuthData auth, int eap_proxy)	Line 1695 RadiusGetParams(AuthData auth, int eap_proxy)

case RAD_MICROSOFT_MS_CHAP_DOMAIN:	case RAD_MICROSOFT_MS_CHAP_DOMAIN:
Freee(auth->params.msdomain);	Freee(auth->params.msdomain);
	auth->params.msdomain = NULL;
	if (len == 0)
	break;
tmpval = rad_cvt_string(data, len);	tmpval = rad_cvt_string(data, len);
auth->params.msdomain = Mdup(MB_AUTH, tmpval, len + 1);	auth->params.msdomain = Mdup(MB_AUTH, tmpval, len + 1);
free(tmpval);	free(tmpval);
Line 1724 RadiusGetParams(AuthData auth, int eap_proxy)	Line 1769 RadiusGetParams(AuthData auth, int eap_proxy)

case RAD_MICROSOFT_MS_MPPE_ENCRYPTION_TYPES:	case RAD_MICROSOFT_MS_MPPE_ENCRYPTION_TYPES:
{	{
char buf[64];	char buf[48];
auth->params.msoft.types = rad_cvt_int(data);	auth->params.msoft.types = rad_cvt_int(data);
Log(LG_RADIUS2, ("[%s] RADIUS: Get RAD_MICROSOFT_MS_MPPE_ENCRYPTION_TYPES: %d (%s)",	Log(LG_RADIUS2, ("[%s] RADIUS: Get RAD_MICROSOFT_MS_MPPE_ENCRYPTION_TYPES: %d (%s)",
auth->info.lnkname, auth->params.msoft.types,	auth->info.lnkname, auth->params.msoft.types,
Line 1757 RadiusGetParams(AuthData auth, int eap_proxy)	Line 1802 RadiusGetParams(AuthData auth, int eap_proxy)
break;	break;

default:	default:
Log(LG_RADIUS2, ("[%s] RADIUS: Dropping MICROSOFT vendor specific attribute: %d ",	Log(LG_RADIUS2, ("[%s] RADIUS: Dropping MICROSOFT vendor specific attribute: %d",
auth->info.lnkname, res));	auth->info.lnkname, res));
break;	break;
}	}
Line 1843 RadiusGetParams(AuthData auth, int eap_proxy)	Line 1888 RadiusGetParams(AuthData auth, int eap_proxy)
Log(LG_RADIUS2, ("[%s] RADIUS: Get RAD_MPD_FILTER: %s",	Log(LG_RADIUS2, ("[%s] RADIUS: Get RAD_MPD_FILTER: %s",
auth->info.lnkname, acl));	auth->info.lnkname, acl));
acl2 = strsep(&acl1, "#");	acl2 = strsep(&acl1, "#");
i = atol(acl2);	i = atoi(acl2);
if (i <= 0 \|\| i > ACL_FILTERS) {	if (i <= 0 \|\| i > ACL_FILTERS) {
Log(LG_RADIUS, ("[%s] RADIUS: Wrong filter number: %i",	Log(LG_RADIUS, ("[%s] RADIUS: Wrong filter number: %i",
auth->info.lnkname, i));	auth->info.lnkname, i));
Line 1892 RadiusGetParams(AuthData auth, int eap_proxy)	Line 1937 RadiusGetParams(AuthData auth, int eap_proxy)
}	}
#if defined(USE_NG_BPF) \|\| defined(USE_IPFW)	#if defined(USE_NG_BPF) \|\| defined(USE_IPFW)
if (acl1 == NULL) {	if (acl1 == NULL) {
Log(LG_ERR, ("[%s] RADIUS: Incorrect acl!",	Log(LG_ERR, ("[%s] RADIUS: Incorrect acl!", auth->info.lnkname));
auth->info.lnkname));
free(acl);	free(acl);
break;	break;
}	}

acl3 = acl1;	acl3 = acl1;
strsep(&acl3, "=");	strsep(&acl3, "=");
acl2 = acl1;	acl2 = acl1;
strsep(&acl2, "#");	strsep(&acl2, "#");
i = atol(acl1);	i = atoi(acl1);
if (i <= 0) {	if (i <= 0) {
Log(LG_ERR, ("[%s] RADIUS: Wrong acl number: %i",	Log(LG_ERR, ("[%s] RADIUS: Wrong acl number: %i",
auth->info.lnkname, i));	auth->info.lnkname, i));
Line 1933 RadiusGetParams(AuthData auth, int eap_proxy)	Line 1977 RadiusGetParams(AuthData auth, int eap_proxy)
} else if (((*acls)->number == acls1->number) &&	} else if (((*acls)->number == acls1->number) &&
(res != RAD_MPD_TABLE) &&	(res != RAD_MPD_TABLE) &&
(res != RAD_MPD_TABLE_STATIC)) {	(res != RAD_MPD_TABLE_STATIC)) {
Log(LG_ERR, ("[%s] RADIUS: Duplicate acl",	Log(LG_ERR, ("[%s] RADIUS: Duplicate acl", auth->info.lnkname));
auth->info.lnkname));
Freee(acls1);	Freee(acls1);
free(acl);	free(acl);
break;	break;
Line 1948 RadiusGetParams(AuthData auth, int eap_proxy)	Line 1991 RadiusGetParams(AuthData auth, int eap_proxy)
#endif /* USE_NG_BPF or USE_IPFW */	#endif /* USE_NG_BPF or USE_IPFW */

default:	default:
Log(LG_RADIUS2, ("[%s] RADIUS: Dropping vendor %d attribute: %d ",	Log(LG_RADIUS2, ("[%s] RADIUS: Dropping vendor %d attribute: %d",
auth->info.lnkname, vendor, res));	auth->info.lnkname, vendor, res));
break;	break;
}	}
break;	break;

default:	default:
Log(LG_RADIUS2, ("[%s] RADIUS: Dropping attribute: %d ",	Log(LG_RADIUS2, ("[%s] RADIUS: Dropping attribute: %d",
auth->info.lnkname, res));	auth->info.lnkname, res));
break;	break;
}	}

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>

Removed from v.1.1.1.1
changed lines
	Added in v.1.1.1.2