|
version 1.1.1.2, 2013/07/22 08:44:29
|
version 1.1.1.3, 2016/11/01 09:56:12
|
|
Line 45
|
Line 45
|
| static int RadiusPutAcct(AuthData auth); |
static int RadiusPutAcct(AuthData auth); |
| static int RadiusGetParams(AuthData auth, int eap_proxy); |
static int RadiusGetParams(AuthData auth, int eap_proxy); |
| static int RadiusSendRequest(AuthData auth); |
static int RadiusSendRequest(AuthData auth); |
| |
static void RadiusLogError(AuthData auth, const char *errmsg); |
| |
|
| /* Set menu options */ |
/* Set menu options */ |
| |
|
| enum { |
enum { |
| UNSET_SERVER, |
UNSET_SERVER, |
| SET_SERVER, |
SET_SERVER, |
| |
#ifdef HAVE_RAD_BIND |
| |
SET_SRC_ADDR, |
| |
#endif |
| SET_ME, |
SET_ME, |
| SET_MEV6, |
SET_MEV6, |
| SET_IDENTIFIER, |
SET_IDENTIFIER, |
|
Line 73
|
Line 77
|
| const struct cmdtab RadiusSetCmds[] = { |
const struct cmdtab RadiusSetCmds[] = { |
| { "server {name} {secret} [{auth port}] [{acct port}]", "Set radius server parameters" , |
{ "server {name} {secret} [{auth port}] [{acct port}]", "Set radius server parameters" , |
| RadiusSetCommand, NULL, 2, (void *) SET_SERVER }, |
RadiusSetCommand, NULL, 2, (void *) SET_SERVER }, |
| |
#ifdef HAVE_RAD_BIND |
| |
{ "src-addr {ip}", "Set source address for request" , |
| |
RadiusSetCommand, NULL, 2, (void *) SET_SRC_ADDR }, |
| |
#endif |
| { "me {ip}", "Set NAS IP address" , |
{ "me {ip}", "Set NAS IP address" , |
| RadiusSetCommand, NULL, 2, (void *) SET_ME }, |
RadiusSetCommand, NULL, 2, (void *) SET_ME }, |
| { "v6me {ip}", "Set NAS IPv6 address" , |
{ "v6me {ip}", "Set NAS IPv6 address" , |
|
Line 196 RadiusEapProxy(void *arg)
|
Line 204 RadiusEapProxy(void *arg)
|
| AuthData auth = (AuthData)arg; |
AuthData auth = (AuthData)arg; |
| int pos = 0, mlen = RAD_MAX_ATTR_LEN; |
int pos = 0, mlen = RAD_MAX_ATTR_LEN; |
| |
|
| Log(LG_RADIUS, ("[%s] RADIUS: EAP proxying user '%s'", | Log(LG_RADIUS, ("[%s] RADIUS: EAP proxying user '%s'", |
| auth->info.lnkname, auth->params.authname)); |
auth->info.lnkname, auth->params.authname)); |
| |
|
| if (RadiusStart(auth, RAD_ACCESS_REQUEST) == RAD_NACK) { |
if (RadiusStart(auth, RAD_ACCESS_REQUEST) == RAD_NACK) { |
| auth->status = AUTH_STATUS_FAIL; | auth->status = AUTH_STATUS_FAIL; |
| return; |
return; |
| } |
} |
| |
|
| Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_USER_NAME: %s", |
Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_USER_NAME: %s", |
| auth->info.lnkname, auth->params.authname)); |
auth->info.lnkname, auth->params.authname)); |
| if (rad_put_string(auth->radius.handle, RAD_USER_NAME, auth->params.authname) == -1) { |
if (rad_put_string(auth->radius.handle, RAD_USER_NAME, auth->params.authname) == -1) { |
| Log(LG_RADIUS, ("[%s] RADIUS: Put RAD_USER_NAME failed %s", | RadiusLogError(auth, "Put RAD_USER_NAME failed"); |
| auth->info.lnkname, rad_strerror(auth->radius.handle))); | auth->status = AUTH_STATUS_FAIL; |
| auth->status = AUTH_STATUS_FAIL; | |
| return; |
return; |
| } |
} |
| |
|
|
Line 223 RadiusEapProxy(void *arg)
|
Line 230 RadiusEapProxy(void *arg)
|
| auth->info.lnkname, mlen, auth->params.eapmsg_len)); |
auth->info.lnkname, mlen, auth->params.eapmsg_len)); |
| memcpy(chunk, &auth->params.eapmsg[pos], mlen); |
memcpy(chunk, &auth->params.eapmsg[pos], mlen); |
| if (rad_put_attr(auth->radius.handle, RAD_EAP_MESSAGE, chunk, mlen) == -1) { |
if (rad_put_attr(auth->radius.handle, RAD_EAP_MESSAGE, chunk, mlen) == -1) { |
| Log(LG_RADIUS, ("[%s] RADIUS: Put RAD_EAP_MESSAGE failed %s", | RadiusLogError(auth, "Put RAD_EAP_MESSAGE failed"); |
| auth->info.lnkname, rad_strerror(auth->radius.handle))); | auth->status = AUTH_STATUS_FAIL; |
| auth->status = AUTH_STATUS_FAIL; | |
| return; |
return; |
| } |
} |
| } |
} |
|
Line 260 RadStat(Context ctx, int ac, char *av[], void *arg)
|
Line 266 RadStat(Context ctx, int ac, char *av[], void *arg)
|
| Printf("\tTimeout : %d\r\n", conf->radius_timeout); |
Printf("\tTimeout : %d\r\n", conf->radius_timeout); |
| Printf("\tRetries : %d\r\n", conf->radius_retries); |
Printf("\tRetries : %d\r\n", conf->radius_retries); |
| Printf("\tConfig-file : %s\r\n", (conf->file ? conf->file : "none")); |
Printf("\tConfig-file : %s\r\n", (conf->file ? conf->file : "none")); |
| |
#ifdef HAVE_RAD_BIND |
| |
Printf("\tSrc address : %s\r\n", inet_ntoa(conf->src_addr)); |
| |
#endif |
| Printf("\tMe (NAS-IP) : %s\r\n", inet_ntoa(conf->radius_me)); |
Printf("\tMe (NAS-IP) : %s\r\n", inet_ntoa(conf->radius_me)); |
| Printf("\tv6Me (NAS-IP): %s\r\n", u_addrtoa(&conf->radius_mev6, buf1, sizeof(buf1))); |
Printf("\tv6Me (NAS-IP): %s\r\n", u_addrtoa(&conf->radius_mev6, buf1, sizeof(buf1))); |
| Printf("\tIdentifier : %s\r\n", (conf->identifier ? conf->identifier : "")); |
Printf("\tIdentifier : %s\r\n", (conf->identifier ? conf->identifier : "")); |
|
Line 296 RadStat(Context ctx, int ac, char *av[], void *arg)
|
Line 305 RadStat(Context ctx, int ac, char *av[], void *arg)
|
| Printf("\tClass : 0x%s\r\n", buf); |
Printf("\tClass : 0x%s\r\n", buf); |
| Freee(buf); |
Freee(buf); |
| |
|
| |
Printf("\tFilter Id : %s\r\n", (a->params.filter_id ? a->params.filter_id : "")); |
| return (0); |
return (0); |
| } |
} |
| |
|
|
Line 319 RadiusAddServer(AuthData auth, short request_type)
|
Line 329 RadiusAddServer(AuthData auth, short request_type)
|
| s->sharedsecret, |
s->sharedsecret, |
| c->radius_timeout, |
c->radius_timeout, |
| c->radius_retries) == -1) { |
c->radius_retries) == -1) { |
| Log(LG_RADIUS, ("[%s] RADIUS: Adding server error: %s", auth->info.lnkname, | RadiusLogError(auth, "Adding server error"); |
| rad_strerror(auth->radius.handle))); | |
| return (RAD_NACK); |
return (RAD_NACK); |
| } |
} |
| } |
} |
|
Line 331 RadiusAddServer(AuthData auth, short request_type)
|
Line 340 RadiusAddServer(AuthData auth, short request_type)
|
| s->sharedsecret, |
s->sharedsecret, |
| c->radius_timeout, |
c->radius_timeout, |
| c->radius_retries) == -1) { |
c->radius_retries) == -1) { |
| Log(LG_RADIUS, ("[%s] RADIUS: Adding server error: %s", auth->info.lnkname, | RadiusLogError(auth, "Adding server error"); |
| rad_strerror(auth->radius.handle))); | |
| return (RAD_NACK); |
return (RAD_NACK); |
| } |
} |
| } |
} |
| |
|
| s = s->next; |
s = s->next; |
| } |
} |
| |
#ifdef HAVE_RAD_BIND |
| |
if (c->src_addr.s_addr != INADDR_ANY) |
| |
rad_bind_to(auth->radius.handle, c->src_addr.s_addr); |
| |
#endif |
| |
|
| return (RAD_ACK); |
return (RAD_ACK); |
| } |
} |
|
Line 435 RadiusSetCommand(Context ctx, int ac, char *av[], void
|
Line 447 RadiusSetCommand(Context ctx, int ac, char *av[], void
|
| |
|
| break; |
break; |
| |
|
| |
#ifdef HAVE_RAD_BIND |
| |
case SET_SRC_ADDR: |
| |
if (ParseAddr(*av, &t, ALLOW_IPV4)) { |
| |
u_addrtoin_addr(&t, &conf->src_addr); |
| |
} else |
| |
Error("Bad Src address '%s'.", *av); |
| |
break; |
| |
#endif |
| |
|
| case SET_ME: |
case SET_ME: |
| if (ParseAddr(*av, &t, ALLOW_IPV4)) { |
if (ParseAddr(*av, &t, ALLOW_IPV4)) { |
| u_addrtoin_addr(&t,&conf->radius_me); | u_addrtoin_addr(&t, &conf->radius_me); |
| } else |
} else |
| Error("Bad NAS address '%s'.", *av); |
Error("Bad NAS address '%s'.", *av); |
| break; |
break; |
|
Line 507 RadiusOpen(AuthData auth, short request_type)
|
Line 528 RadiusOpen(AuthData auth, short request_type)
|
| if (request_type == RAD_ACCESS_REQUEST) { |
if (request_type == RAD_ACCESS_REQUEST) { |
| |
|
| if ((auth->radius.handle = rad_open()) == NULL) { |
if ((auth->radius.handle = rad_open()) == NULL) { |
| Log(LG_RADIUS, ("[%s] RADIUS: rad_open failed", auth->info.lnkname)); | Log(LG_ERR|LG_RADIUS, ("[%s] RADIUS: rad_open failed", |
| | auth->info.lnkname)); |
| return (RAD_NACK); |
return (RAD_NACK); |
| } |
} |
| } else { /* RAD_ACCOUNTING_REQUEST */ |
} else { /* RAD_ACCOUNTING_REQUEST */ |
| |
|
| if ((auth->radius.handle = rad_acct_open()) == NULL) { |
if ((auth->radius.handle = rad_acct_open()) == NULL) { |
| Log(LG_RADIUS, ("[%s] RADIUS: rad_acct_open failed", auth->info.lnkname)); | Log(LG_ERR|LG_RADIUS, ("[%s] RADIUS: rad_acct_open failed", |
| | auth->info.lnkname)); |
| return (RAD_NACK); |
return (RAD_NACK); |
| } |
} |
| } |
} |
|
Line 521 RadiusOpen(AuthData auth, short request_type)
|
Line 544 RadiusOpen(AuthData auth, short request_type)
|
| if (conf->file && strlen(conf->file)) { |
if (conf->file && strlen(conf->file)) { |
| Log(LG_RADIUS2, ("[%s] RADIUS: using %s", auth->info.lnkname, conf->file)); |
Log(LG_RADIUS2, ("[%s] RADIUS: using %s", auth->info.lnkname, conf->file)); |
| if (rad_config(auth->radius.handle, conf->file) != 0) { |
if (rad_config(auth->radius.handle, conf->file) != 0) { |
| Log(LG_RADIUS, ("[%s] RADIUS: rad_config: %s", auth->info.lnkname, | RadiusLogError(auth, "rad_config"); |
| rad_strerror(auth->radius.handle))); | |
| return (RAD_NACK); |
return (RAD_NACK); |
| } |
} |
| } |
} |
|
Line 555 RadiusStart(AuthData auth, short request_type)
|
Line 577 RadiusStart(AuthData auth, short request_type)
|
| tmpval = conf->identifier; |
tmpval = conf->identifier; |
| } else { |
} else { |
| if (gethostname(host, sizeof(host)) == -1) { |
if (gethostname(host, sizeof(host)) == -1) { |
| Log(LG_RADIUS, ("[%s] RADIUS: gethostname() for RAD_NAS_IDENTIFIER failed", | Log(LG_ERR|LG_RADIUS, |
| | ("[%s] RADIUS: gethostname() for RAD_NAS_IDENTIFIER failed", |
| auth->info.lnkname)); |
auth->info.lnkname)); |
| return (RAD_NACK); |
return (RAD_NACK); |
| } |
} |
|
Line 564 RadiusStart(AuthData auth, short request_type)
|
Line 587 RadiusStart(AuthData auth, short request_type)
|
| Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_NAS_IDENTIFIER: %s", |
Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_NAS_IDENTIFIER: %s", |
| auth->info.lnkname, tmpval)); |
auth->info.lnkname, tmpval)); |
| if (rad_put_string(auth->radius.handle, RAD_NAS_IDENTIFIER, tmpval) == -1) { |
if (rad_put_string(auth->radius.handle, RAD_NAS_IDENTIFIER, tmpval) == -1) { |
| Log(LG_RADIUS, ("[%s] RADIUS: Put RAD_NAS_IDENTIFIER failed %s", auth->info.lnkname, | RadiusLogError(auth, "Put RAD_NAS_IDENTIFIER failed"); |
| rad_strerror(auth->radius.handle))); | |
| return (RAD_NACK); |
return (RAD_NACK); |
| } |
} |
| |
|
|
Line 573 RadiusStart(AuthData auth, short request_type)
|
Line 595 RadiusStart(AuthData auth, short request_type)
|
| Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_NAS_IP_ADDRESS: %s", |
Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_NAS_IP_ADDRESS: %s", |
| auth->info.lnkname, inet_ntoa(conf->radius_me))); |
auth->info.lnkname, inet_ntoa(conf->radius_me))); |
| if (rad_put_addr(auth->radius.handle, RAD_NAS_IP_ADDRESS, conf->radius_me) == -1) { |
if (rad_put_addr(auth->radius.handle, RAD_NAS_IP_ADDRESS, conf->radius_me) == -1) { |
| Log(LG_RADIUS, ("[%s] RADIUS: Put RAD_NAS_IP_ADDRESS failed %s", | RadiusLogError(auth, "Put RAD_NAS_IP_ADDRESS failed"); |
| auth->info.lnkname, rad_strerror(auth->radius.handle))); | return (RAD_NACK); |
| return (RAD_NACK); | |
| } |
} |
| } |
} |
| |
|
| if (!u_addrempty(&conf->radius_mev6)) { |
if (!u_addrempty(&conf->radius_mev6)) { |
| Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_NAS_IPV6_ADDRESS: %s", |
Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_NAS_IPV6_ADDRESS: %s", |
| auth->info.lnkname, u_addrtoa(&conf->radius_mev6,buf,sizeof(buf)))); |
auth->info.lnkname, u_addrtoa(&conf->radius_mev6,buf,sizeof(buf)))); |
| |
#ifdef HAVE_RAD_ADDR6 |
| |
if (rad_put_addr6(auth->radius.handle, RAD_NAS_IPV6_ADDRESS, conf->radius_mev6.u.ip6) == -1) { |
| |
#else |
| if (rad_put_attr(auth->radius.handle, RAD_NAS_IPV6_ADDRESS, &conf->radius_mev6.u.ip6, sizeof(conf->radius_mev6.u.ip6)) == -1) { |
if (rad_put_attr(auth->radius.handle, RAD_NAS_IPV6_ADDRESS, &conf->radius_mev6.u.ip6, sizeof(conf->radius_mev6.u.ip6)) == -1) { |
| Log(LG_RADIUS, ("[%s] RADIUS: Put RAD_NAS_IPV6_ADDRESS failed %s", | #endif |
| auth->info.lnkname, rad_strerror(auth->radius.handle))); | RadiusLogError(auth, "Put RAD_NAS_IPV6_ADDRESS failed"); |
| return (RAD_NACK); | return (RAD_NACK); |
| } |
} |
| } |
} |
| |
|
|
Line 597 RadiusStart(AuthData auth, short request_type)
|
Line 621 RadiusStart(AuthData auth, short request_type)
|
| && request_type != RAD_ACCOUNTING_REQUEST) { |
&& request_type != RAD_ACCOUNTING_REQUEST) { |
| Log(LG_RADIUS2, ("[%s] RADIUS: Put Message Authenticator", auth->info.lnkname)); |
Log(LG_RADIUS2, ("[%s] RADIUS: Put Message Authenticator", auth->info.lnkname)); |
| if (rad_put_message_authentic(auth->radius.handle) == -1) { |
if (rad_put_message_authentic(auth->radius.handle) == -1) { |
| Log(LG_RADIUS, ("[%s] RADIUS: Put message_authentic failed %s", | RadiusLogError(auth, "Put message_authentic failed"); |
| auth->info.lnkname, rad_strerror(auth->radius.handle))); | return (RAD_NACK); |
| return (RAD_NACK); | |
| } |
} |
| } |
} |
| |
|
| Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_ACCT_SESSION_ID: %s", |
Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_ACCT_SESSION_ID: %s", |
| auth->info.lnkname, auth->info.session_id)); |
auth->info.lnkname, auth->info.session_id)); |
| if (rad_put_string(auth->radius.handle, RAD_ACCT_SESSION_ID, auth->info.session_id) != 0) { |
if (rad_put_string(auth->radius.handle, RAD_ACCT_SESSION_ID, auth->info.session_id) != 0) { |
| Log(LG_RADIUS, ("[%s] RADIUS: Put RAD_ACCT_SESSION_ID: %s", | RadiusLogError(auth, "Put RAD_ACCT_SESSION_ID failed"); |
| auth->info.lnkname, rad_strerror(auth->radius.handle))); | |
| return (RAD_NACK); |
return (RAD_NACK); |
| } |
} |
| |
|
| Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_NAS_PORT: %d", |
Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_NAS_PORT: %d", |
| auth->info.lnkname, auth->info.linkID)); |
auth->info.lnkname, auth->info.linkID)); |
| if (rad_put_int(auth->radius.handle, RAD_NAS_PORT, auth->info.linkID) == -1) { |
if (rad_put_int(auth->radius.handle, RAD_NAS_PORT, auth->info.linkID) == -1) { |
| Log(LG_RADIUS, ("[%s] RADIUS: Put RAD_NAS_PORT failed %s", | RadiusLogError(auth, "Put RAD_NAS_PORT failed"); |
| auth->info.lnkname, rad_strerror(auth->radius.handle))); | |
| return (RAD_NACK); |
return (RAD_NACK); |
| } |
} |
| |
|
|
Line 640 RadiusStart(AuthData auth, short request_type)
|
Line 661 RadiusStart(AuthData auth, short request_type)
|
| Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_NAS_PORT_TYPE: %d", |
Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_NAS_PORT_TYPE: %d", |
| auth->info.lnkname, porttype)); |
auth->info.lnkname, porttype)); |
| if (rad_put_int(auth->radius.handle, RAD_NAS_PORT_TYPE, porttype) == -1) { |
if (rad_put_int(auth->radius.handle, RAD_NAS_PORT_TYPE, porttype) == -1) { |
| Log(LG_RADIUS, ("[%s] RADIUS: Put RAD_NAS_PORT_TYPE failed %s", | RadiusLogError(auth, "Put RAD_NAS_PORT_TYPE failed"); |
| auth->info.lnkname, rad_strerror(auth->radius.handle))); | |
| return (RAD_NACK); |
return (RAD_NACK); |
| } |
} |
| |
|
| Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_SERVICE_TYPE: RAD_FRAMED", |
Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_SERVICE_TYPE: RAD_FRAMED", |
| auth->info.lnkname)); |
auth->info.lnkname)); |
| if (rad_put_int(auth->radius.handle, RAD_SERVICE_TYPE, RAD_FRAMED) == -1) { |
if (rad_put_int(auth->radius.handle, RAD_SERVICE_TYPE, RAD_FRAMED) == -1) { |
| Log(LG_RADIUS, ("[%s] RADIUS: Put RAD_SERVICE_TYPE failed %s", | RadiusLogError(auth, "Put RAD_SERVICE_TYPE failed"); |
| auth->info.lnkname, rad_strerror(auth->radius.handle))); | |
| return (RAD_NACK); |
return (RAD_NACK); |
| } |
} |
| | |
| Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_FRAMED_PROTOCOL: RAD_PPP", |
Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_FRAMED_PROTOCOL: RAD_PPP", |
| auth->info.lnkname)); |
auth->info.lnkname)); |
| if (rad_put_int(auth->radius.handle, RAD_FRAMED_PROTOCOL, RAD_PPP) == -1) { |
if (rad_put_int(auth->radius.handle, RAD_FRAMED_PROTOCOL, RAD_PPP) == -1) { |
| Log(LG_RADIUS, ("[%s] RADIUS: Put RAD_FRAMED_PROTOCOL failed %s", | RadiusLogError(auth, "Put RAD_FRAMED_PROTOCOL failed"); |
| auth->info.lnkname, rad_strerror(auth->radius.handle))); | |
| return (RAD_NACK); |
return (RAD_NACK); |
| } |
} |
| |
|
|
Line 666 RadiusStart(AuthData auth, short request_type)
|
Line 684 RadiusStart(AuthData auth, short request_type)
|
| Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_STATE: 0x%s", auth->info.lnkname, tmpval)); |
Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_STATE: 0x%s", auth->info.lnkname, tmpval)); |
| Freee(tmpval); |
Freee(tmpval); |
| if (rad_put_attr(auth->radius.handle, RAD_STATE, auth->params.state, auth->params.state_len) == -1) { |
if (rad_put_attr(auth->radius.handle, RAD_STATE, auth->params.state, auth->params.state_len) == -1) { |
| Log(LG_RADIUS, ("[%s] RADIUS: Put RAD_STATE failed %s", | RadiusLogError(auth, "Put RAD_STATE failed"); |
| auth->info.lnkname, rad_strerror(auth->radius.handle))); | return (RAD_NACK); |
| return (RAD_NACK); | |
| } |
} |
| } |
} |
| |
|
|
Line 677 RadiusStart(AuthData auth, short request_type)
|
Line 694 RadiusStart(AuthData auth, short request_type)
|
| Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_CLASS: 0x%s", auth->info.lnkname, tmpval)); |
Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_CLASS: 0x%s", auth->info.lnkname, tmpval)); |
| Freee(tmpval); |
Freee(tmpval); |
| if (rad_put_attr(auth->radius.handle, RAD_CLASS, auth->params.class, auth->params.class_len) == -1) { |
if (rad_put_attr(auth->radius.handle, RAD_CLASS, auth->params.class, auth->params.class_len) == -1) { |
| Log(LG_RADIUS, ("[%s] RADIUS: Put RAD_CLASS failed %s", | RadiusLogError(auth, "Put RAD_CLASS failed"); |
| auth->info.lnkname, rad_strerror(auth->radius.handle))); | return (RAD_NACK); |
| return (RAD_NACK); | |
| } |
} |
| } |
} |
| |
|
| Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_CALLING_STATION_ID: %s", |
Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_CALLING_STATION_ID: %s", |
| auth->info.lnkname, auth->params.callingnum)); | auth->info.lnkname, auth->params.callingnum)); |
| if (rad_put_string(auth->radius.handle, RAD_CALLING_STATION_ID, |
if (rad_put_string(auth->radius.handle, RAD_CALLING_STATION_ID, |
| auth->params.callingnum) == -1) { | auth->params.callingnum) == -1) { |
| Log(LG_RADIUS, ("[%s] RADIUS: Put RAD_CALLING_STATION_ID failed %s", | RadiusLogError(auth, "Put RAD_CALLING_STATION_ID failed"); |
| auth->info.lnkname, rad_strerror(auth->radius.handle))); | return (RAD_NACK); |
| return (RAD_NACK); | |
| } |
} |
| Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_CALLED_STATION_ID: %s", |
Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_CALLED_STATION_ID: %s", |
| auth->info.lnkname, auth->params.callednum)); |
auth->info.lnkname, auth->params.callednum)); |
| if (rad_put_string(auth->radius.handle, RAD_CALLED_STATION_ID, |
if (rad_put_string(auth->radius.handle, RAD_CALLED_STATION_ID, |
| auth->params.callednum) == -1) { | auth->params.callednum) == -1) { |
| Log(LG_RADIUS, ("[%s] RADIUS: Put RAD_CALLED_STATION_ID failed %s", | RadiusLogError(auth, "Put RAD_CALLED_STATION_ID failed"); |
| auth->info.lnkname, rad_strerror(auth->radius.handle))); | |
| return (RAD_NACK); |
return (RAD_NACK); |
| } |
} |
| |
|
|
Line 705 RadiusStart(AuthData auth, short request_type)
|
Line 719 RadiusStart(AuthData auth, short request_type)
|
| auth->info.lnkname, auth->params.peeriface)); |
auth->info.lnkname, auth->params.peeriface)); |
| if (rad_put_string(auth->radius.handle, RAD_NAS_PORT_ID, |
if (rad_put_string(auth->radius.handle, RAD_NAS_PORT_ID, |
| auth->params.peeriface) == -1) { |
auth->params.peeriface) == -1) { |
| Log(LG_RADIUS, ("[%s] RADIUS: Put RAD_NAS_PORT_ID failed %s", | RadiusLogError(auth, "Put RAD_NAS_PORT_ID failed"); |
| auth->info.lnkname, rad_strerror(auth->radius.handle))); | return (RAD_NACK); |
| return (RAD_NACK); | |
| } |
} |
| } |
} |
| |
|
| Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_MPD_LINK: %s", |
Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_MPD_LINK: %s", |
| auth->info.lnkname, auth->info.lnkname)); | auth->info.lnkname, auth->info.lnkname)); |
| if (rad_put_vendor_string(auth->radius.handle, RAD_VENDOR_MPD, RAD_MPD_LINK, auth->info.lnkname) != 0) { |
if (rad_put_vendor_string(auth->radius.handle, RAD_VENDOR_MPD, RAD_MPD_LINK, auth->info.lnkname) != 0) { |
| Log(LG_RADIUS, ("[%s] RADIUS: Put RAD_MPD_LINK: %s", auth->info.lnkname, | RadiusLogError(auth, "Put RAD_MPD_LINK failed"); |
| rad_strerror(auth->radius.handle))); | return (RAD_NACK); |
| return (RAD_NACK); | |
| } |
} |
| |
|
| Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_MPD_PEER_IDENT: %s", |
Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_MPD_PEER_IDENT: %s", |
| auth->info.lnkname, auth->info.peer_ident)); |
auth->info.lnkname, auth->info.peer_ident)); |
| if (rad_put_vendor_string(auth->radius.handle, RAD_VENDOR_MPD, |
if (rad_put_vendor_string(auth->radius.handle, RAD_VENDOR_MPD, |
| RAD_MPD_PEER_IDENT, auth->info.peer_ident) != 0) { |
RAD_MPD_PEER_IDENT, auth->info.peer_ident) != 0) { |
| Log(LG_RADIUS, ("[%s] RADIUS: Put RAD_MPD_PEER_IDENT failed %s", | RadiusLogError(auth, "Put RAD_MPD_PEER_IDENT failed"); |
| auth->info.lnkname, rad_strerror(auth->radius.handle))); | |
| return (RAD_NACK); |
return (RAD_NACK); |
| } |
} |
| |
|
|
Line 760 RadiusStart(AuthData auth, short request_type)
|
Line 771 RadiusStart(AuthData auth, short request_type)
|
| Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_TUNNEL_TYPE: %d", |
Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_TUNNEL_TYPE: %d", |
| auth->info.lnkname, porttype)); |
auth->info.lnkname, porttype)); |
| if (rad_put_int(auth->radius.handle, RAD_TUNNEL_TYPE, porttype) == -1) { |
if (rad_put_int(auth->radius.handle, RAD_TUNNEL_TYPE, porttype) == -1) { |
| Log(LG_RADIUS, ("[%s] RADIUS: Put RAD_TUNNEL_TYPE failed %s", | RadiusLogError(auth, "Put RAD_TUNNEL_TYPE failed"); |
| auth->info.lnkname, rad_strerror(auth->radius.handle))); | |
| return (RAD_NACK); |
return (RAD_NACK); |
| } |
} |
| } |
} |
|
Line 779 RadiusStart(AuthData auth, short request_type)
|
Line 789 RadiusStart(AuthData auth, short request_type)
|
| Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_TUNNEL_MEDIUM_TYPE: %d", |
Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_TUNNEL_MEDIUM_TYPE: %d", |
| auth->info.lnkname, porttype)); |
auth->info.lnkname, porttype)); |
| if (rad_put_int(auth->radius.handle, RAD_TUNNEL_MEDIUM_TYPE, porttype) == -1) { |
if (rad_put_int(auth->radius.handle, RAD_TUNNEL_MEDIUM_TYPE, porttype) == -1) { |
| Log(LG_RADIUS, ("[%s] RADIUS: Put RAD_TUNNEL_MEDIUM_TYPE failed %s", | RadiusLogError(auth, "Put RAD_TUNNEL_MEDIUM_TYPE failed"); |
| auth->info.lnkname, rad_strerror(auth->radius.handle))); | |
| return (RAD_NACK); |
return (RAD_NACK); |
| } |
} |
| if (auth->info.originate == LINK_ORIGINATE_LOCAL) { |
if (auth->info.originate == LINK_ORIGINATE_LOCAL) { |
|
Line 790 RadiusStart(AuthData auth, short request_type)
|
Line 799 RadiusStart(AuthData auth, short request_type)
|
| } |
} |
| if (tmpval[0]) { |
if (tmpval[0]) { |
| Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_TUNNEL_SERVER_ENDPOINT: %s", |
Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_TUNNEL_SERVER_ENDPOINT: %s", |
| auth->info.lnkname, tmpval)); | auth->info.lnkname, tmpval)); |
| if (rad_put_string_tag(auth->radius.handle, RAD_TUNNEL_SERVER_ENDPOINT, |
if (rad_put_string_tag(auth->radius.handle, RAD_TUNNEL_SERVER_ENDPOINT, |
| 0, tmpval) == -1) { | 0, tmpval) == -1) { |
| Log(LG_RADIUS, ("[%s] RADIUS: Put RAD_TUNNEL_SERVER_ENDPOINT failed %s", | RadiusLogError(auth, "Put RAD_TUNNEL_SERVER_ENDPOINT failed"); |
| auth->info.lnkname, rad_strerror(auth->radius.handle))); | return (RAD_NACK); |
| return (RAD_NACK); | |
| } |
} |
| } |
} |
| if (auth->info.originate == LINK_ORIGINATE_LOCAL) { |
if (auth->info.originate == LINK_ORIGINATE_LOCAL) { |
|
Line 805 RadiusStart(AuthData auth, short request_type)
|
Line 813 RadiusStart(AuthData auth, short request_type)
|
| } |
} |
| if (tmpval[0]) { |
if (tmpval[0]) { |
| Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_TUNNEL_CLIENT_ENDPOINT: %s", |
Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_TUNNEL_CLIENT_ENDPOINT: %s", |
| auth->info.lnkname, tmpval)); | auth->info.lnkname, tmpval)); |
| if (rad_put_string_tag(auth->radius.handle, RAD_TUNNEL_CLIENT_ENDPOINT, |
if (rad_put_string_tag(auth->radius.handle, RAD_TUNNEL_CLIENT_ENDPOINT, |
| 0, tmpval) == -1) { | 0, tmpval) == -1) { |
| Log(LG_RADIUS, ("[%s] RADIUS: Put RAD_TUNNEL_CLIENT_ENDPOINT failed %s", | RadiusLogError(auth, "Put RAD_TUNNEL_CLIENT_ENDPOINT failed"); |
| auth->info.lnkname, rad_strerror(auth->radius.handle))); | return (RAD_NACK); |
| return (RAD_NACK); | |
| } |
} |
| } |
} |
| if (auth->info.originate == LINK_ORIGINATE_LOCAL) { |
if (auth->info.originate == LINK_ORIGINATE_LOCAL) { |
|
Line 820 RadiusStart(AuthData auth, short request_type)
|
Line 827 RadiusStart(AuthData auth, short request_type)
|
| } |
} |
| if (tmpval[0]) { |
if (tmpval[0]) { |
| Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_TUNNEL_SERVER_AUTH_ID: %s", |
Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_TUNNEL_SERVER_AUTH_ID: %s", |
| auth->info.lnkname, tmpval)); | auth->info.lnkname, tmpval)); |
| if (rad_put_string_tag(auth->radius.handle, RAD_TUNNEL_SERVER_AUTH_ID, |
if (rad_put_string_tag(auth->radius.handle, RAD_TUNNEL_SERVER_AUTH_ID, |
| 0, tmpval) == -1) { | 0, tmpval) == -1) { |
| Log(LG_RADIUS, ("[%s] RADIUS: Put RAD_TUNNEL_SERVER_AUTH_ID failed %s", | RadiusLogError(auth, "Put RAD_TUNNEL_SERVER_AUTH_ID failed"); |
| auth->info.lnkname, rad_strerror(auth->radius.handle))); | return (RAD_NACK); |
| return (RAD_NACK); | |
| } |
} |
| } |
} |
| if (auth->info.originate == LINK_ORIGINATE_LOCAL) { |
if (auth->info.originate == LINK_ORIGINATE_LOCAL) { |
|
Line 835 RadiusStart(AuthData auth, short request_type)
|
Line 841 RadiusStart(AuthData auth, short request_type)
|
| } |
} |
| if (tmpval[0]) { |
if (tmpval[0]) { |
| Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_TUNNEL_CLIENT_AUTH_ID: %s", |
Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_TUNNEL_CLIENT_AUTH_ID: %s", |
| auth->info.lnkname, tmpval)); | auth->info.lnkname, tmpval)); |
| if (rad_put_string_tag(auth->radius.handle, RAD_TUNNEL_CLIENT_AUTH_ID, |
if (rad_put_string_tag(auth->radius.handle, RAD_TUNNEL_CLIENT_AUTH_ID, |
| 0, tmpval) == -1) { | 0, tmpval) == -1) { |
| Log(LG_RADIUS, ("[%s] RADIUS: Put RAD_TUNNEL_CLIENT_AUTH_ID failed %s", | RadiusLogError(auth, "Put RAD_TUNNEL_CLIENT_AUTH_ID failed"); |
| auth->info.lnkname, rad_strerror(auth->radius.handle))); | return (RAD_NACK); |
| return (RAD_NACK); | |
| } |
} |
| } |
} |
| } |
} |
|
Line 848 RadiusStart(AuthData auth, short request_type)
|
Line 853 RadiusStart(AuthData auth, short request_type)
|
| if (auth->info.phys_type == &gPppoePhysType) { |
if (auth->info.phys_type == &gPppoePhysType) { |
| if (auth->params.selfname[0]) { |
if (auth->params.selfname[0]) { |
| Log(LG_RADIUS2, ("[%s] RADIUS: Put ADSL-Agent-Circuit-Id: %s", |
Log(LG_RADIUS2, ("[%s] RADIUS: Put ADSL-Agent-Circuit-Id: %s", |
| auth->info.lnkname, auth->params.selfname)); | auth->info.lnkname, auth->params.selfname)); |
| if (rad_put_vendor_string(auth->radius.handle, 3561, 1, |
if (rad_put_vendor_string(auth->radius.handle, 3561, 1, |
| auth->params.selfname) == -1) { | auth->params.selfname) == -1) { |
| Log(LG_RADIUS, ("[%s] RADIUS: Put ADSL-Agent-Circuit-Id failed %s", | RadiusLogError(auth, "Put ADSL-Agent-Circuit-Id failed"); |
| auth->info.lnkname, rad_strerror(auth->radius.handle))); | return (RAD_NACK); |
| return (RAD_NACK); | |
| } |
} |
| } |
} |
| if (auth->params.peername[0]) { |
if (auth->params.peername[0]) { |
| Log(LG_RADIUS2, ("[%s] RADIUS: Put ADSL-Agent-Remote-Id: %s", |
Log(LG_RADIUS2, ("[%s] RADIUS: Put ADSL-Agent-Remote-Id: %s", |
| auth->info.lnkname, auth->params.peername)); | auth->info.lnkname, auth->params.peername)); |
| if (rad_put_vendor_string(auth->radius.handle, 3561, 2, |
if (rad_put_vendor_string(auth->radius.handle, 3561, 2, |
| auth->params.peername) == -1) { | auth->params.peername) == -1) { |
| Log(LG_RADIUS, ("[%s] RADIUS: Put ADSL-Agent-Remote-Id failed %s", | RadiusLogError(auth, "Put ADSL-Agent-Remote-Id failed"); |
| auth->info.lnkname, rad_strerror(auth->radius.handle))); | return (RAD_NACK); |
| return (RAD_NACK); | |
| } |
} |
| } |
} |
| } |
} |
|
Line 887 RadiusPutAuth(AuthData auth)
|
Line 890 RadiusPutAuth(AuthData auth)
|
| Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_USER_NAME: %s", |
Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_USER_NAME: %s", |
| auth->info.lnkname, auth->params.authname)); |
auth->info.lnkname, auth->params.authname)); |
| if (rad_put_string(auth->radius.handle, RAD_USER_NAME, auth->params.authname) == -1) { |
if (rad_put_string(auth->radius.handle, RAD_USER_NAME, auth->params.authname) == -1) { |
| Log(LG_RADIUS, ("[%s] RADIUS: Put RAD_USER_NAME failed %s", | RadiusLogError(auth, "Put RAD_USER_NAME failed"); |
| auth->info.lnkname, rad_strerror(auth->radius.handle))); | |
| return (RAD_NACK); |
return (RAD_NACK); |
| } |
} |
| |
|
|
Line 897 RadiusPutAuth(AuthData auth)
|
Line 899 RadiusPutAuth(AuthData auth)
|
| |
|
| case CHAP_ALG_MSOFT: |
case CHAP_ALG_MSOFT: |
| if (cp->value_len != 49) { |
if (cp->value_len != 49) { |
| Log(LG_RADIUS, ("[%s] RADIUS: RADIUS_CHAP (MSOFTv1) unrecognised key length %d/%d", | Log(LG_ERR|LG_RADIUS, ("[%s] RADIUS: RADIUS_CHAP (MSOFTv1) unrecognised key length %d/%d", |
| auth->info.lnkname, cp->value_len, 49)); |
auth->info.lnkname, cp->value_len, 49)); |
| return (RAD_NACK); |
return (RAD_NACK); |
| } |
} |
|
Line 906 RadiusPutAuth(AuthData auth)
|
Line 908 RadiusPutAuth(AuthData auth)
|
| auth->info.lnkname)); |
auth->info.lnkname)); |
| if (rad_put_vendor_attr(auth->radius.handle, RAD_VENDOR_MICROSOFT, RAD_MICROSOFT_MS_CHAP_CHALLENGE, |
if (rad_put_vendor_attr(auth->radius.handle, RAD_VENDOR_MICROSOFT, RAD_MICROSOFT_MS_CHAP_CHALLENGE, |
| cp->chal_data, cp->chal_len) == -1) { |
cp->chal_data, cp->chal_len) == -1) { |
| Log(LG_RADIUS, ("[%s] RADIUS: Put RAD_MICROSOFT_MS_CHAP_CHALLENGE failed %s", | RadiusLogError(auth, "Put RAD_MICROSOFT_MS_CHAP_CHALLENGE failed"); |
| auth->info.lnkname, rad_strerror(auth->radius.handle))); | |
| return (RAD_NACK); |
return (RAD_NACK); |
| } |
} |
| |
|
|
Line 921 RadiusPutAuth(AuthData auth)
|
Line 922 RadiusPutAuth(AuthData auth)
|
| auth->info.lnkname)); |
auth->info.lnkname)); |
| if (rad_put_vendor_attr(auth->radius.handle, RAD_VENDOR_MICROSOFT, RAD_MICROSOFT_MS_CHAP_RESPONSE, |
if (rad_put_vendor_attr(auth->radius.handle, RAD_VENDOR_MICROSOFT, RAD_MICROSOFT_MS_CHAP_RESPONSE, |
| &rad_mschapval, sizeof(rad_mschapval)) == -1) { |
&rad_mschapval, sizeof(rad_mschapval)) == -1) { |
| Log(LG_RADIUS, ("[%s] RADIUS: Put RAD_MICROSOFT_MS_CHAP_RESPONSE failed %s", | RadiusLogError(auth, "Put RAD_MICROSOFT_MS_CHAP_RESPONSE failed"); |
| auth->info.lnkname, rad_strerror(auth->radius.handle))); | |
| return (RAD_NACK); |
return (RAD_NACK); |
| } |
} |
| break; |
break; |
| |
|
| case CHAP_ALG_MSOFTv2: |
case CHAP_ALG_MSOFTv2: |
| if (cp->value_len != sizeof(*mschapv2val)) { |
if (cp->value_len != sizeof(*mschapv2val)) { |
| Log(LG_RADIUS, ("[%s] RADIUS: RADIUS_CHAP (MSOFTv2) unrecognised key length %d/%d", | Log(LG_ERR|LG_RADIUS, ("[%s] RADIUS: RADIUS_CHAP (MSOFTv2) unrecognised key length %d/%d", |
| auth->info.lnkname, cp->value_len, (int)sizeof(*mschapv2val))); |
auth->info.lnkname, cp->value_len, (int)sizeof(*mschapv2val))); |
| return (RAD_NACK); |
return (RAD_NACK); |
| } |
} |
|
Line 938 RadiusPutAuth(AuthData auth)
|
Line 938 RadiusPutAuth(AuthData auth)
|
| auth->info.lnkname)); |
auth->info.lnkname)); |
| if (rad_put_vendor_attr(auth->radius.handle, RAD_VENDOR_MICROSOFT, |
if (rad_put_vendor_attr(auth->radius.handle, RAD_VENDOR_MICROSOFT, |
| RAD_MICROSOFT_MS_CHAP_CHALLENGE, cp->chal_data, cp->chal_len) == -1) { |
RAD_MICROSOFT_MS_CHAP_CHALLENGE, cp->chal_data, cp->chal_len) == -1) { |
| Log(LG_RADIUS, ("[%s] RADIUS: Put RAD_MICROSOFT_MS_CHAP_CHALLENGE failed %s", | RadiusLogError(auth, "Put RAD_MICROSOFT_MS_CHAP_CHALLENGE failed"); |
| auth->info.lnkname, rad_strerror(auth->radius.handle))); | |
| return (RAD_NACK); |
return (RAD_NACK); |
| } |
} |
| |
|
|
Line 957 RadiusPutAuth(AuthData auth)
|
Line 956 RadiusPutAuth(AuthData auth)
|
| auth->info.lnkname)); |
auth->info.lnkname)); |
| if (rad_put_vendor_attr(auth->radius.handle, RAD_VENDOR_MICROSOFT, RAD_MICROSOFT_MS_CHAP2_RESPONSE, |
if (rad_put_vendor_attr(auth->radius.handle, RAD_VENDOR_MICROSOFT, RAD_MICROSOFT_MS_CHAP2_RESPONSE, |
| &rad_mschapv2val, sizeof(rad_mschapv2val)) == -1) { |
&rad_mschapv2val, sizeof(rad_mschapv2val)) == -1) { |
| Log(LG_RADIUS, ("[%s] RADIUS: Put vendor_attr(RAD_MICROSOFT_MS_CHAP2_RESPONSE failed %s", | RadiusLogError(auth, "Put vendor_attr(RAD_MICROSOFT_MS_CHAP2_RESPONSE failed"); |
| auth->info.lnkname, rad_strerror(auth->radius.handle))); | |
| return (RAD_NACK); |
return (RAD_NACK); |
| } |
} |
| break; |
break; |
|
Line 970 RadiusPutAuth(AuthData auth)
|
Line 968 RadiusPutAuth(AuthData auth)
|
| Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_CHAP_CHALLENGE", |
Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_CHAP_CHALLENGE", |
| auth->info.lnkname)); |
auth->info.lnkname)); |
| if (rad_put_attr(auth->radius.handle, RAD_CHAP_CHALLENGE, cp->chal_data, cp->chal_len) == -1) { |
if (rad_put_attr(auth->radius.handle, RAD_CHAP_CHALLENGE, cp->chal_data, cp->chal_len) == -1) { |
| Log(LG_RADIUS, ("[%s] RADIUS: Put RAD_CHAP_CHALLENGE failed %s", | RadiusLogError(auth, "Put RAD_CHAP_CHALLENGE failed"); |
| auth->info.lnkname, rad_strerror(auth->radius.handle))); | |
| return (RAD_NACK); |
return (RAD_NACK); |
| } |
} |
| Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_CHAP_PASSWORD", |
Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_CHAP_PASSWORD", |
| auth->info.lnkname)); |
auth->info.lnkname)); |
| if (rad_put_attr(auth->radius.handle, RAD_CHAP_PASSWORD, &rad_chapval, cp->value_len + 1) == -1) { |
if (rad_put_attr(auth->radius.handle, RAD_CHAP_PASSWORD, &rad_chapval, cp->value_len + 1) == -1) { |
| Log(LG_RADIUS, ("[%s] RADIUS: Put RAD_CHAP_PASSWORD failed %s", | RadiusLogError(auth, "Put RAD_CHAP_PASSWORD failed"); |
| auth->info.lnkname, rad_strerror(auth->radius.handle))); | |
| return (RAD_NACK); |
return (RAD_NACK); |
| } |
} |
| break; |
break; |
| |
|
| default: |
default: |
| Log(LG_RADIUS, ("[%s] RADIUS: RADIUS unkown CHAP ALG %d", | Log(LG_ERR|LG_RADIUS, ("[%s] RADIUS: RADIUS unkown CHAP ALG: %d", |
| auth->info.lnkname, auth->alg)); |
auth->info.lnkname, auth->alg)); |
| return (RAD_NACK); |
return (RAD_NACK); |
| } |
} |
| } else if (auth->proto == PROTO_PAP) { |
} else if (auth->proto == PROTO_PAP) { |
| | Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_USER_PASSWORD", auth->info.lnkname)); |
| Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_USER_PASSWORD", | |
| auth->info.lnkname)); | |
| if (rad_put_string(auth->radius.handle, RAD_USER_PASSWORD, pp->peer_pass) == -1) { |
if (rad_put_string(auth->radius.handle, RAD_USER_PASSWORD, pp->peer_pass) == -1) { |
| Log(LG_RADIUS, ("[%s] RADIUS: Put RAD_USER_PASSWORD failed %s", | RadiusLogError(auth, "Put RAD_USER_PASSWORD failed"); |
| auth->info.lnkname, rad_strerror(auth->radius.handle))); | |
| return (RAD_NACK); |
return (RAD_NACK); |
| } |
} |
| |
|
| } else { |
} else { |
| Log(LG_RADIUS, ("[%s] RADIUS: RADIUS unkown Proto %d", | Log(LG_ERR|LG_RADIUS, ("[%s] RADIUS: RADIUS unkown Proto: %d", |
| auth->info.lnkname, auth->proto)); |
auth->info.lnkname, auth->proto)); |
| return (RAD_NACK); |
return (RAD_NACK); |
| } |
} |
|
Line 1013 RadiusPutAcct(AuthData auth)
|
Line 1005 RadiusPutAcct(AuthData auth)
|
| { |
{ |
| char *username; |
char *username; |
| int authentic; |
int authentic; |
| |
char buf[64]; |
| |
|
| if (auth->acct_type == AUTH_ACCT_START) { |
if (auth->acct_type == AUTH_ACCT_START) { |
| Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_ACCT_STATUS_TYPE: RAD_START", |
Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_ACCT_STATUS_TYPE: RAD_START", |
| auth->info.lnkname)); | auth->info.lnkname)); |
| if (rad_put_int(auth->radius.handle, RAD_ACCT_STATUS_TYPE, RAD_START)) { |
if (rad_put_int(auth->radius.handle, RAD_ACCT_STATUS_TYPE, RAD_START)) { |
| Log(LG_RADIUS, ("[%s] RADIUS: Put STATUS_TYPE: %s", | RadiusLogError(auth, "Put STATUS_TYPE failed"); |
| auth->info.lnkname, rad_strerror(auth->radius.handle))); | return (RAD_NACK); |
| return (RAD_NACK); | |
| } |
} |
| } |
} |
| |
|
| Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_FRAMED_IP_ADDRESS: %s", |
Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_FRAMED_IP_ADDRESS: %s", |
| auth->info.lnkname, inet_ntoa(auth->info.peer_addr))); |
auth->info.lnkname, inet_ntoa(auth->info.peer_addr))); |
| if (rad_put_addr(auth->radius.handle, RAD_FRAMED_IP_ADDRESS, auth->info.peer_addr)) { |
if (rad_put_addr(auth->radius.handle, RAD_FRAMED_IP_ADDRESS, auth->info.peer_addr)) { |
| Log(LG_RADIUS, ("[%s] RADIUS: Put RAD_FRAMED_IP_ADDRESS: %s", | RadiusLogError(auth, "Put RAD_FRAMED_IP_ADDRESS failed"); |
| auth->info.lnkname, rad_strerror(auth->radius.handle))); | |
| return (RAD_NACK); |
return (RAD_NACK); |
| } |
} |
| |
|
|
Line 1038 RadiusPutAcct(AuthData auth)
|
Line 1029 RadiusPutAcct(AuthData auth)
|
| Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_FRAMED_IP_NETMASK: %s", |
Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_FRAMED_IP_NETMASK: %s", |
| auth->info.lnkname, inet_ntoa(ip))); |
auth->info.lnkname, inet_ntoa(ip))); |
| if (rad_put_addr(auth->radius.handle, RAD_FRAMED_IP_NETMASK, ip)) { |
if (rad_put_addr(auth->radius.handle, RAD_FRAMED_IP_NETMASK, ip)) { |
| Log(LG_RADIUS, ("[%s] RADIUS: Put RAD_FRAMED_IP_NETMASK: %s", | RadiusLogError(auth, "Put RAD_FRAMED_IP_NETMASK failed"); |
| auth->info.lnkname, rad_strerror(auth->radius.handle))); | |
| return (RAD_NACK); |
return (RAD_NACK); |
| } |
} |
| } |
} |
| |
|
| |
#ifdef HAVE_RAD_ADDR6 |
| |
Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_FRAMED_IPV6_ADDRESS: %s", |
| |
auth->info.lnkname, inet_ntop(AF_INET6, &auth->info.peer_addr6, buf, |
| |
sizeof(buf)))); |
| |
if (rad_put_addr6(auth->radius.handle, RAD_FRAMED_IPV6_ADDRESS, auth->info.peer_addr6)) { |
| |
RadiusLogError(auth, "Put RAD_FRAMED_IPV6_ADDRESS failed"); |
| |
return (RAD_NACK); |
| |
} |
| |
#endif |
| |
|
| username = auth->params.authname; |
username = auth->params.authname; |
| Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_USER_NAME: %s", |
Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_USER_NAME: %s", |
| auth->info.lnkname, username)); |
auth->info.lnkname, username)); |
| if (rad_put_string(auth->radius.handle, RAD_USER_NAME, username) != 0) { |
if (rad_put_string(auth->radius.handle, RAD_USER_NAME, username) != 0) { |
| Log(LG_RADIUS, ("[%s] RADIUS: Put RAD_USER_NAME: %s", | RadiusLogError(auth, "Put RAD_USER_NAME failed"); |
| auth->info.lnkname, rad_strerror(auth->radius.handle))); | |
| return (RAD_NACK); |
return (RAD_NACK); |
| } |
} |
| |
|
| Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_ACCT_MULTI_SESSION_ID: %s", |
Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_ACCT_MULTI_SESSION_ID: %s", |
| auth->info.lnkname, auth->info.msession_id)); |
auth->info.lnkname, auth->info.msession_id)); |
| if (rad_put_string(auth->radius.handle, RAD_ACCT_MULTI_SESSION_ID, auth->info.msession_id) != 0) { |
if (rad_put_string(auth->radius.handle, RAD_ACCT_MULTI_SESSION_ID, auth->info.msession_id) != 0) { |
| Log(LG_RADIUS, ("[%s] RADIUS: Put RAD_ACCT_MULTI_SESSION_ID: %s", | RadiusLogError(auth, "Put RAD_ACCT_MULTI_SESSION_ID failed"); |
| auth->info.lnkname, rad_strerror(auth->radius.handle))); | |
| return (RAD_NACK); |
return (RAD_NACK); |
| } |
} |
| |
|
| Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_MPD_BUNDLE: %s", |
Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_MPD_BUNDLE: %s", |
| auth->info.lnkname, auth->info.bundname)); |
auth->info.lnkname, auth->info.bundname)); |
| if (rad_put_vendor_string(auth->radius.handle, RAD_VENDOR_MPD, RAD_MPD_BUNDLE, auth->info.bundname) != 0) { |
if (rad_put_vendor_string(auth->radius.handle, RAD_VENDOR_MPD, RAD_MPD_BUNDLE, auth->info.bundname) != 0) { |
| Log(LG_RADIUS, ("[%s] RADIUS: Put RAD_MPD_BUNDLE: %s", auth->info.lnkname, | RadiusLogError(auth, "Put RAD_MPD_BUNDLE failed"); |
| rad_strerror(auth->radius.handle))); | |
| return (RAD_NACK); |
return (RAD_NACK); |
| } |
} |
| |
|
| Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_MPD_IFACE: %s", |
Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_MPD_IFACE: %s", |
| auth->info.lnkname, auth->info.ifname)); |
auth->info.lnkname, auth->info.ifname)); |
| if (rad_put_vendor_string(auth->radius.handle, RAD_VENDOR_MPD, RAD_MPD_IFACE, auth->info.ifname) != 0) { |
if (rad_put_vendor_string(auth->radius.handle, RAD_VENDOR_MPD, RAD_MPD_IFACE, auth->info.ifname) != 0) { |
| Log(LG_RADIUS, ("[%s] RADIUS: Put RAD_MPD_IFACE: %s", auth->info.lnkname, | RadiusLogError(auth, "Put RAD_MPD_IFACE failed"); |
| rad_strerror(auth->radius.handle))); | |
| return (RAD_NACK); |
return (RAD_NACK); |
| } |
} |
| |
|
| Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_MPD_IFACE_INDEX: %u", |
Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_MPD_IFACE_INDEX: %u", |
| auth->info.lnkname, auth->info.ifindex)); |
auth->info.lnkname, auth->info.ifindex)); |
| if (rad_put_vendor_int(auth->radius.handle, RAD_VENDOR_MPD, RAD_MPD_IFACE_INDEX, auth->info.ifindex) != 0) { |
if (rad_put_vendor_int(auth->radius.handle, RAD_VENDOR_MPD, RAD_MPD_IFACE_INDEX, auth->info.ifindex) != 0) { |
| Log(LG_RADIUS, ("[%s] RADIUS: Put RAD_MPD_IFACE_INDEX: %s", auth->info.lnkname, | RadiusLogError(auth, "Put RAD_MPD_IFACE_INDEX failed"); |
| rad_strerror(auth->radius.handle))); | |
| return (RAD_NACK); |
return (RAD_NACK); |
| } |
} |
| |
|
| Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_MPD_PEER_IDENT: %s", |
Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_MPD_PEER_IDENT: %s", |
| auth->info.lnkname, auth->info.peer_ident)); |
auth->info.lnkname, auth->info.peer_ident)); |
| if (rad_put_vendor_string(auth->radius.handle, RAD_VENDOR_MPD, RAD_MPD_PEER_IDENT, auth->info.peer_ident) != 0) { |
if (rad_put_vendor_string(auth->radius.handle, RAD_VENDOR_MPD, RAD_MPD_PEER_IDENT, auth->info.peer_ident) != 0) { |
| Log(LG_RADIUS, ("[%s] RADIUS: Put RAD_MPD_PEER_IDENT failed %s", | RadiusLogError(auth, "Put RAD_MPD_PEER_IDENT failed"); |
| auth->info.lnkname, rad_strerror(auth->radius.handle))); | |
| return (RAD_NACK); |
return (RAD_NACK); |
| } |
} |
| |
|
| Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_ACCT_LINK_COUNT: %d", |
Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_ACCT_LINK_COUNT: %d", |
| auth->info.lnkname, auth->info.n_links)); |
auth->info.lnkname, auth->info.n_links)); |
| if (rad_put_int(auth->radius.handle, RAD_ACCT_LINK_COUNT, auth->info.n_links) != 0) { |
if (rad_put_int(auth->radius.handle, RAD_ACCT_LINK_COUNT, auth->info.n_links) != 0) { |
| Log(LG_RADIUS, ("[%s] RADIUS: Put RAD_ACCT_LINK_COUNT failed: %s", | RadiusLogError(auth, "Put RAD_ACCT_LINK_COUNT failed"); |
| auth->info.lnkname, rad_strerror(auth->radius.handle))); | |
| return (RAD_NACK); |
return (RAD_NACK); |
| } |
} |
| |
|
|
Line 1109 RadiusPutAcct(AuthData auth)
|
Line 1102 RadiusPutAcct(AuthData auth)
|
| Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_ACCT_AUTHENTIC: %d", |
Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_ACCT_AUTHENTIC: %d", |
| auth->info.lnkname, authentic)); |
auth->info.lnkname, authentic)); |
| if (rad_put_int(auth->radius.handle, RAD_ACCT_AUTHENTIC, authentic) != 0) { |
if (rad_put_int(auth->radius.handle, RAD_ACCT_AUTHENTIC, authentic) != 0) { |
| Log(LG_RADIUS, ("[%s] RADIUS: Put RAD_ACCT_AUTHENTIC failed: %s", | RadiusLogError(auth, "Put RAD_ACCT_AUTHENTIC failed"); |
| auth->info.lnkname, rad_strerror(auth->radius.handle))); | |
| return (RAD_NACK); |
return (RAD_NACK); |
| } |
} |
| |
|
|
Line 1126 RadiusPutAcct(AuthData auth)
|
Line 1118 RadiusPutAcct(AuthData auth)
|
| Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_ACCT_STATUS_TYPE: RAD_STOP", |
Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_ACCT_STATUS_TYPE: RAD_STOP", |
| auth->info.lnkname)); |
auth->info.lnkname)); |
| if (rad_put_int(auth->radius.handle, RAD_ACCT_STATUS_TYPE, RAD_STOP)) { |
if (rad_put_int(auth->radius.handle, RAD_ACCT_STATUS_TYPE, RAD_STOP)) { |
| Log(LG_RADIUS, ("[%s] RADIUS: Put RAD_ACCT_STATUS_TYPE: %s", | RadiusLogError(auth, "Put RAD_ACCT_STATUS_TYPE failed"); |
| auth->info.lnkname, rad_strerror(auth->radius.handle))); | |
| return (RAD_NACK); |
return (RAD_NACK); |
| } |
} |
| |
|
|
Line 1160 RadiusPutAcct(AuthData auth)
|
Line 1151 RadiusPutAcct(AuthData auth)
|
| auth->info.lnkname, auth->info.downReason, termCause)); |
auth->info.lnkname, auth->info.downReason, termCause)); |
| |
|
| if (rad_put_int(auth->radius.handle, RAD_ACCT_TERMINATE_CAUSE, termCause) != 0) { |
if (rad_put_int(auth->radius.handle, RAD_ACCT_TERMINATE_CAUSE, termCause) != 0) { |
| Log(LG_RADIUS, ("[%s] RADIUS: Put RAD_ACCT_TERMINATE_CAUSE failed: %s", | RadiusLogError(auth, "Put RAD_ACCT_TERMINATE_CAUSE failed"); |
| auth->info.lnkname, rad_strerror(auth->radius.handle))); | |
| return (RAD_NACK); |
return (RAD_NACK); |
| } |
} |
| } else { |
} else { |
| Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_ACCT_STATUS_TYPE: RAD_UPDATE", |
Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_ACCT_STATUS_TYPE: RAD_UPDATE", |
| auth->info.lnkname)); |
auth->info.lnkname)); |
| if (rad_put_int(auth->radius.handle, RAD_ACCT_STATUS_TYPE, RAD_UPDATE)) { |
if (rad_put_int(auth->radius.handle, RAD_ACCT_STATUS_TYPE, RAD_UPDATE)) { |
| Log(LG_RADIUS, ("[%s] RADIUS: Put RAD_ACCT_STATUS_TYPE: %s", | RadiusLogError(auth, "Put RAD_ACCT_STATUS_TYPE failed"); |
| auth->info.lnkname, rad_strerror(auth->radius.handle))); | |
| return (RAD_NACK); |
return (RAD_NACK); |
| } |
} |
| } |
} |
|
Line 1177 RadiusPutAcct(AuthData auth)
|
Line 1166 RadiusPutAcct(AuthData auth)
|
| Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_ACCT_SESSION_TIME: %ld", |
Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_ACCT_SESSION_TIME: %ld", |
| auth->info.lnkname, (long int)(time(NULL) - auth->info.last_up))); |
auth->info.lnkname, (long int)(time(NULL) - auth->info.last_up))); |
| if (rad_put_int(auth->radius.handle, RAD_ACCT_SESSION_TIME, time(NULL) - auth->info.last_up) != 0) { |
if (rad_put_int(auth->radius.handle, RAD_ACCT_SESSION_TIME, time(NULL) - auth->info.last_up) != 0) { |
| Log(LG_RADIUS, ("[%s] RADIUS: Put RAD_ACCT_SESSION_TIME failed: %s", | RadiusLogError(auth, "Put RAD_ACCT_SESSION_TIME failed"); |
| auth->info.lnkname, rad_strerror(auth->radius.handle))); | |
| return (RAD_NACK); |
return (RAD_NACK); |
| } |
} |
| |
|
|
Line 1194 RadiusPutAcct(AuthData auth)
|
Line 1182 RadiusPutAcct(AuthData auth)
|
| if (rad_put_int(auth->radius.handle, RAD_ACCT_INPUT_OCTETS, auth->info.stats.recvOctets % MAX_U_INT32) != 0 || |
if (rad_put_int(auth->radius.handle, RAD_ACCT_INPUT_OCTETS, auth->info.stats.recvOctets % MAX_U_INT32) != 0 || |
| rad_put_int(auth->radius.handle, RAD_ACCT_INPUT_PACKETS, auth->info.stats.recvFrames) != 0 || |
rad_put_int(auth->radius.handle, RAD_ACCT_INPUT_PACKETS, auth->info.stats.recvFrames) != 0 || |
| rad_put_int(auth->radius.handle, RAD_ACCT_INPUT_GIGAWORDS, auth->info.stats.recvOctets / MAX_U_INT32) != 0) { |
rad_put_int(auth->radius.handle, RAD_ACCT_INPUT_GIGAWORDS, auth->info.stats.recvOctets / MAX_U_INT32) != 0) { |
| Log(LG_RADIUS, ("[%s] RADIUS: Put input stats: %s", auth->info.lnkname, | RadiusLogError(auth, "Put input stats failed"); |
| rad_strerror(auth->radius.handle))); | |
| return (RAD_NACK); |
return (RAD_NACK); |
| } |
} |
| #ifdef USE_NG_BPF |
#ifdef USE_NG_BPF |
|
Line 1211 RadiusPutAcct(AuthData auth)
|
Line 1198 RadiusPutAcct(AuthData auth)
|
| if (rad_put_int(auth->radius.handle, RAD_ACCT_OUTPUT_OCTETS, auth->info.stats.xmitOctets % MAX_U_INT32) != 0 || |
if (rad_put_int(auth->radius.handle, RAD_ACCT_OUTPUT_OCTETS, auth->info.stats.xmitOctets % MAX_U_INT32) != 0 || |
| rad_put_int(auth->radius.handle, RAD_ACCT_OUTPUT_PACKETS, auth->info.stats.xmitFrames) != 0 || |
rad_put_int(auth->radius.handle, RAD_ACCT_OUTPUT_PACKETS, auth->info.stats.xmitFrames) != 0 || |
| rad_put_int(auth->radius.handle, RAD_ACCT_OUTPUT_GIGAWORDS, auth->info.stats.xmitOctets / MAX_U_INT32) != 0) { |
rad_put_int(auth->radius.handle, RAD_ACCT_OUTPUT_GIGAWORDS, auth->info.stats.xmitOctets / MAX_U_INT32) != 0) { |
| Log(LG_RADIUS, ("[%s] RADIUS: Put output stats: %s", auth->info.lnkname, | RadiusLogError(auth, "Put output stats failed"); |
| rad_strerror(auth->radius.handle))); | |
| return (RAD_NACK); |
return (RAD_NACK); |
| } |
} |
| #ifdef USE_NG_BPF |
#ifdef USE_NG_BPF |
|
Line 1222 RadiusPutAcct(AuthData auth)
|
Line 1208 RadiusPutAcct(AuthData auth)
|
| snprintf(str, sizeof(str), "%s:%llu", |
snprintf(str, sizeof(str), "%s:%llu", |
| ssr->name, (long long unsigned)ssr->Octets); |
ssr->name, (long long unsigned)ssr->Octets); |
| Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_MPD_INPUT_OCTETS: %s", |
Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_MPD_INPUT_OCTETS: %s", |
| auth->info.lnkname, str)); | auth->info.lnkname, str)); |
| if (rad_put_vendor_string(auth->radius.handle, RAD_VENDOR_MPD, RAD_MPD_INPUT_OCTETS, str) != 0) { |
if (rad_put_vendor_string(auth->radius.handle, RAD_VENDOR_MPD, RAD_MPD_INPUT_OCTETS, str) != 0) { |
| Log(LG_RADIUS, ("[%s] RADIUS: Put RAD_MPD_INPUT_OCTETS: %s", auth->info.lnkname, | RadiusLogError(auth, "Put RAD_MPD_INPUT_OCTETS failed"); |
| rad_strerror(auth->radius.handle))); | return (RAD_NACK); |
| } |
} |
| snprintf(str, sizeof(str), "%s:%llu", |
snprintf(str, sizeof(str), "%s:%llu", |
| ssr->name, (long long unsigned)ssr->Packets); |
ssr->name, (long long unsigned)ssr->Packets); |
| Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_MPD_INPUT_PACKETS: %s", |
Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_MPD_INPUT_PACKETS: %s", |
| auth->info.lnkname, str)); | auth->info.lnkname, str)); |
| if (rad_put_vendor_string(auth->radius.handle, RAD_VENDOR_MPD, RAD_MPD_INPUT_PACKETS, str) != 0) { |
if (rad_put_vendor_string(auth->radius.handle, RAD_VENDOR_MPD, RAD_MPD_INPUT_PACKETS, str) != 0) { |
| Log(LG_RADIUS, ("[%s] RADIUS: Put RAD_MPD_INPUT_PACKETS: %s", auth->info.lnkname, | RadiusLogError(auth, "Put RAD_MPD_INPUT_PACKETS failed"); |
| rad_strerror(auth->radius.handle))); | return (RAD_NACK); |
| } |
} |
| if (strcmp(ssr->name,auth->params.std_acct[0]) == 0) { |
if (strcmp(ssr->name,auth->params.std_acct[0]) == 0) { |
| Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_ACCT_INPUT_OCTETS: %lu", |
Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_ACCT_INPUT_OCTETS: %lu", |
| auth->info.lnkname, (long unsigned int)(ssr->Octets % MAX_U_INT32))); | auth->info.lnkname, (long unsigned int)(ssr->Octets % MAX_U_INT32))); |
| Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_ACCT_INPUT_GIGAWORDS: %lu", |
Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_ACCT_INPUT_GIGAWORDS: %lu", |
| auth->info.lnkname, (long unsigned int)(ssr->Octets / MAX_U_INT32))); | auth->info.lnkname, (long unsigned int)(ssr->Octets / MAX_U_INT32))); |
| Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_ACCT_INPUT_PACKETS: %lu", |
Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_ACCT_INPUT_PACKETS: %lu", |
| auth->info.lnkname, (long unsigned int)(ssr->Packets))); | auth->info.lnkname, (long unsigned int)(ssr->Packets))); |
| if (rad_put_int(auth->radius.handle, RAD_ACCT_INPUT_OCTETS, ssr->Octets % MAX_U_INT32) != 0 || |
if (rad_put_int(auth->radius.handle, RAD_ACCT_INPUT_OCTETS, ssr->Octets % MAX_U_INT32) != 0 || |
| rad_put_int(auth->radius.handle, RAD_ACCT_INPUT_PACKETS, ssr->Packets) != 0 || |
rad_put_int(auth->radius.handle, RAD_ACCT_INPUT_PACKETS, ssr->Packets) != 0 || |
| rad_put_int(auth->radius.handle, RAD_ACCT_INPUT_GIGAWORDS, ssr->Octets / MAX_U_INT32) != 0) { |
rad_put_int(auth->radius.handle, RAD_ACCT_INPUT_GIGAWORDS, ssr->Octets / MAX_U_INT32) != 0) { |
| Log(LG_RADIUS, ("[%s] RADIUS: Put input stats: %s", auth->info.lnkname, | RadiusLogError(auth, "Put input stats failed"); |
| rad_strerror(auth->radius.handle))); | return (RAD_NACK); |
| return (RAD_NACK); | |
| } |
} |
| } |
} |
| } |
} |
|
Line 1256 RadiusPutAcct(AuthData auth)
|
Line 1241 RadiusPutAcct(AuthData auth)
|
| snprintf(str, sizeof(str), "%s:%llu", |
snprintf(str, sizeof(str), "%s:%llu", |
| ssr->name, (long long unsigned)ssr->Octets); |
ssr->name, (long long unsigned)ssr->Octets); |
| Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_MPD_OUTPUT_OCTETS: %s", |
Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_MPD_OUTPUT_OCTETS: %s", |
| auth->info.lnkname, str)); | auth->info.lnkname, str)); |
| if (rad_put_vendor_string(auth->radius.handle, RAD_VENDOR_MPD, RAD_MPD_OUTPUT_OCTETS, str) != 0) { |
if (rad_put_vendor_string(auth->radius.handle, RAD_VENDOR_MPD, RAD_MPD_OUTPUT_OCTETS, str) != 0) { |
| Log(LG_RADIUS, ("[%s] RADIUS: Put RAD_MPD_OUTPUT_OCTETS: %s", auth->info.lnkname, | RadiusLogError(auth, "Put RAD_MPD_OUTPUT_OCTETS failed"); |
| rad_strerror(auth->radius.handle))); | return (RAD_NACK); |
| } |
} |
| snprintf(str, sizeof(str), "%s:%llu", |
snprintf(str, sizeof(str), "%s:%llu", |
| ssr->name, (long long unsigned)ssr->Packets); |
ssr->name, (long long unsigned)ssr->Packets); |
| Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_MPD_OUTPUT_PACKETS: %s", |
Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_MPD_OUTPUT_PACKETS: %s", |
| auth->info.lnkname, str)); | auth->info.lnkname, str)); |
| if (rad_put_vendor_string(auth->radius.handle, RAD_VENDOR_MPD, RAD_MPD_OUTPUT_PACKETS, str) != 0) { |
if (rad_put_vendor_string(auth->radius.handle, RAD_VENDOR_MPD, RAD_MPD_OUTPUT_PACKETS, str) != 0) { |
| Log(LG_RADIUS, ("[%s] RADIUS: Put RAD_MPD_OUTPUT_PACKETS: %s", auth->info.lnkname, | RadiusLogError(auth, "Put RAD_MPD_OUTPUT_PACKETS failed"); |
| rad_strerror(auth->radius.handle))); | return (RAD_NACK); |
| } |
} |
| if (strcmp(ssr->name,auth->params.std_acct[1]) == 0) { |
if (strcmp(ssr->name,auth->params.std_acct[1]) == 0) { |
| Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_ACCT_OUTPUT_OCTETS: %lu", |
Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_ACCT_OUTPUT_OCTETS: %lu", |
| auth->info.lnkname, (long unsigned int)(ssr->Octets % MAX_U_INT32))); | auth->info.lnkname, (long unsigned int)(ssr->Octets % MAX_U_INT32))); |
| Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_ACCT_OUTPUT_GIGAWORDS: %lu", |
Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_ACCT_OUTPUT_GIGAWORDS: %lu", |
| auth->info.lnkname, (long unsigned int)(ssr->Octets / MAX_U_INT32))); | auth->info.lnkname, (long unsigned int)(ssr->Octets / MAX_U_INT32))); |
| Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_ACCT_OUTPUT_PACKETS: %lu", |
Log(LG_RADIUS2, ("[%s] RADIUS: Put RAD_ACCT_OUTPUT_PACKETS: %lu", |
| auth->info.lnkname, (long unsigned int)(ssr->Packets))); | auth->info.lnkname, (long unsigned int)(ssr->Packets))); |
| if (rad_put_int(auth->radius.handle, RAD_ACCT_OUTPUT_OCTETS, ssr->Octets % MAX_U_INT32) != 0 || |
if (rad_put_int(auth->radius.handle, RAD_ACCT_OUTPUT_OCTETS, ssr->Octets % MAX_U_INT32) != 0 || |
| rad_put_int(auth->radius.handle, RAD_ACCT_OUTPUT_PACKETS, ssr->Packets) != 0 || |
rad_put_int(auth->radius.handle, RAD_ACCT_OUTPUT_PACKETS, ssr->Packets) != 0 || |
| rad_put_int(auth->radius.handle, RAD_ACCT_OUTPUT_GIGAWORDS, ssr->Octets / MAX_U_INT32) != 0) { |
rad_put_int(auth->radius.handle, RAD_ACCT_OUTPUT_GIGAWORDS, ssr->Octets / MAX_U_INT32) != 0) { |
| Log(LG_RADIUS, ("[%s] RADIUS: Put output stats: %s", auth->info.lnkname, | RadiusLogError(auth, "Put output stats failed"); |
| rad_strerror(auth->radius.handle))); | return (RAD_NACK); |
| return (RAD_NACK); | |
| } |
} |
| } |
} |
| } |
} |
|
Line 1302 RadiusSendRequest(AuthData auth)
|
Line 1286 RadiusSendRequest(AuthData auth)
|
| auth->info.lnkname, auth->params.authname)); |
auth->info.lnkname, auth->params.authname)); |
| n = rad_init_send_request(auth->radius.handle, &fd, &tv); |
n = rad_init_send_request(auth->radius.handle, &fd, &tv); |
| if (n != 0) { |
if (n != 0) { |
| Log(LG_RADIUS, ("[%s] RADIUS: rad_init_send_request failed: %d %s", | Log(LG_ERR|LG_RADIUS, ("[%s] RADIUS: rad_init_send_request failed: %d %s", |
| auth->info.lnkname, n, rad_strerror(auth->radius.handle))); | auth->info.lnkname, n, rad_strerror(auth->radius.handle))); |
| return (RAD_NACK); | return (RAD_NACK); |
| } |
} |
| |
|
| gettimeofday(&timelimit, NULL); |
gettimeofday(&timelimit, NULL); |
|
Line 1320 RadiusSendRequest(AuthData auth)
|
Line 1304 RadiusSendRequest(AuthData auth)
|
| n = poll(fds,1,tv.tv_sec*1000+tv.tv_usec/1000); |
n = poll(fds,1,tv.tv_sec*1000+tv.tv_usec/1000); |
| |
|
| if (n == -1) { |
if (n == -1) { |
| Log(LG_RADIUS, ("[%s] RADIUS: poll failed %s", auth->info.lnkname, | Log(LG_ERR|LG_RADIUS, ("[%s] RADIUS: poll failed %s", |
| strerror(errno))); | auth->info.lnkname, strerror(errno))); |
| return (RAD_NACK); | return (RAD_NACK); |
| } |
} |
| |
|
| if ((fds[0].revents&POLLIN)!=POLLIN) { |
if ((fds[0].revents&POLLIN)!=POLLIN) { |
|
Line 1375 RadiusSendRequest(AuthData auth)
|
Line 1359 RadiusSendRequest(AuthData auth)
|
| return (RAD_NACK); |
return (RAD_NACK); |
| |
|
| default: |
default: |
| Log(LG_RADIUS, ("[%s] RADIUS: rad_send_request: unexpected return value: %d", | Log(LG_ERR|LG_RADIUS, ("[%s] RADIUS: rad_send_request: unexpected return value: %d", |
| auth->info.lnkname, n)); |
auth->info.lnkname, n)); |
| return (RAD_NACK); |
return (RAD_NACK); |
| } |
} |
|
Line 1393 RadiusGetParams(AuthData auth, int eap_proxy)
|
Line 1377 RadiusGetParams(AuthData auth, int eap_proxy)
|
| char *route; |
char *route; |
| char *tmpval; |
char *tmpval; |
| struct in_addr ip; |
struct in_addr ip; |
| |
struct in6_addr ipv6; |
| |
char buf[64]; |
| #if defined(USE_NG_BPF) || defined(USE_IPFW) |
#if defined(USE_NG_BPF) || defined(USE_IPFW) |
| struct acl **acls, *acls1; |
struct acl **acls, *acls1; |
| char *acl, *acl1, *acl2, *acl3; |
char *acl, *acl1, *acl2, *acl3; |
|
Line 1462 RadiusGetParams(AuthData auth, int eap_proxy)
|
Line 1448 RadiusGetParams(AuthData auth, int eap_proxy)
|
| Log(LG_RADIUS2, ("[%s] RADIUS: Get RAD_FRAMED_IP_ADDRESS: %s", |
Log(LG_RADIUS2, ("[%s] RADIUS: Get RAD_FRAMED_IP_ADDRESS: %s", |
| auth->info.lnkname, inet_ntoa(ip))); |
auth->info.lnkname, inet_ntoa(ip))); |
| |
|
| if (strcmp(inet_ntoa(ip), "255.255.255.255") == 0) { | if (ip.s_addr == INADDR_BROADCAST) { |
| /* the peer can choose an address */ |
/* the peer can choose an address */ |
| Log(LG_RADIUS2, ("[%s] the peer can choose an address", auth->info.lnkname)); |
Log(LG_RADIUS2, ("[%s] the peer can choose an address", auth->info.lnkname)); |
| ip.s_addr=0; |
ip.s_addr=0; |
|
Line 1479 RadiusGetParams(AuthData auth, int eap_proxy)
|
Line 1465 RadiusGetParams(AuthData auth, int eap_proxy)
|
| } |
} |
| break; |
break; |
| |
|
| |
#ifdef HAVE_RAD_ADDR6 |
| |
case RAD_FRAMED_IPV6_ADDRESS: |
| |
ipv6 = rad_cvt_addr6(data); |
| |
Log(LG_RADIUS2, ("[%s] RADIUS: Get RAD_FRAMED_IPV6_ADDRESS: %s", |
| |
auth->info.lnkname, inet_ntop(AF_INET6, &ipv6, buf, sizeof(buf)))); |
| |
in6_addrtou_range(&ipv6, 64, &auth->params.range); |
| |
auth->params.range_valid = 1; |
| |
break; |
| |
#endif |
| |
|
| case RAD_USER_NAME: |
case RAD_USER_NAME: |
| tmpval = rad_cvt_string(data, len); |
tmpval = rad_cvt_string(data, len); |
| /* copy it into the persistent data struct */ |
/* copy it into the persistent data struct */ |
|
Line 1500 RadiusGetParams(AuthData auth, int eap_proxy)
|
Line 1496 RadiusGetParams(AuthData auth, int eap_proxy)
|
| Log(LG_RADIUS2, ("[%s] RADIUS: Get RAD_FRAMED_ROUTE: %s", |
Log(LG_RADIUS2, ("[%s] RADIUS: Get RAD_FRAMED_ROUTE: %s", |
| auth->info.lnkname, route)); |
auth->info.lnkname, route)); |
| if (!ParseRange(route, &range, ALLOW_IPV4)) { |
if (!ParseRange(route, &range, ALLOW_IPV4)) { |
| Log(LG_RADIUS, ("[%s] RADIUS: Get RAD_FRAMED_ROUTE: Bad route \"%s\"", | Log(LG_ERR|LG_RADIUS, ("[%s] RADIUS: Get RAD_FRAMED_ROUTE: Bad route \"%s\"", |
| auth->info.lnkname, route)); |
auth->info.lnkname, route)); |
| free(route); |
free(route); |
| break; |
break; |
|
Line 1511 RadiusGetParams(AuthData auth, int eap_proxy)
|
Line 1507 RadiusGetParams(AuthData auth, int eap_proxy)
|
| j = 0; |
j = 0; |
| SLIST_FOREACH(r1, &auth->params.routes, next) { |
SLIST_FOREACH(r1, &auth->params.routes, next) { |
| if (!u_rangecompare(&r->dest, &r1->dest)) { |
if (!u_rangecompare(&r->dest, &r1->dest)) { |
| Log(LG_RADIUS, ("[%s] RADIUS: Duplicate route %s", | Log(LG_ERR|LG_RADIUS, ("[%s] RADIUS: Duplicate route %s", |
| auth->info.lnkname, route)); |
auth->info.lnkname, route)); |
| j = 1; |
j = 1; |
| } |
} |
|
Line 1529 RadiusGetParams(AuthData auth, int eap_proxy)
|
Line 1525 RadiusGetParams(AuthData auth, int eap_proxy)
|
| Log(LG_RADIUS2, ("[%s] RADIUS: Get RAD_FRAMED_IPV6_ROUTE: %s", |
Log(LG_RADIUS2, ("[%s] RADIUS: Get RAD_FRAMED_IPV6_ROUTE: %s", |
| auth->info.lnkname, route)); |
auth->info.lnkname, route)); |
| if (!ParseRange(route, &range, ALLOW_IPV6)) { |
if (!ParseRange(route, &range, ALLOW_IPV6)) { |
| Log(LG_RADIUS, ("[%s] RADIUS: Get RAD_FRAMED_IPV6_ROUTE: Bad route \"%s\"", auth->info.lnkname, route)); | Log(LG_ERR|LG_RADIUS, ("[%s] RADIUS: Get RAD_FRAMED_IPV6_ROUTE: Bad route \"%s\"", auth->info.lnkname, route)); |
| free(route); |
free(route); |
| break; |
break; |
| } |
} |
|
Line 1539 RadiusGetParams(AuthData auth, int eap_proxy)
|
Line 1535 RadiusGetParams(AuthData auth, int eap_proxy)
|
| j = 0; |
j = 0; |
| SLIST_FOREACH(r1, &auth->params.routes, next) { |
SLIST_FOREACH(r1, &auth->params.routes, next) { |
| if (!u_rangecompare(&r->dest, &r1->dest)) { |
if (!u_rangecompare(&r->dest, &r1->dest)) { |
| Log(LG_RADIUS, ("[%s] RADIUS: Duplicate route %s", | Log(LG_ERR|LG_RADIUS, ("[%s] RADIUS: Duplicate route %s", |
| auth->info.lnkname, route)); |
auth->info.lnkname, route)); |
| j = 1; |
j = 1; |
| } |
} |
|
Line 1575 RadiusGetParams(AuthData auth, int eap_proxy)
|
Line 1571 RadiusGetParams(AuthData auth, int eap_proxy)
|
| Log(LG_RADIUS2, ("[%s] RADIUS: Get RAD_FRAMED_MTU: %u", |
Log(LG_RADIUS2, ("[%s] RADIUS: Get RAD_FRAMED_MTU: %u", |
| auth->info.lnkname, i)); |
auth->info.lnkname, i)); |
| if (i < IFACE_MIN_MTU || i > IFACE_MAX_MTU) { |
if (i < IFACE_MIN_MTU || i > IFACE_MAX_MTU) { |
| Log(LG_RADIUS, ("[%s] RADIUS: Get RAD_FRAMED_MTU: invalid MTU: %u", | Log(LG_ERR|LG_RADIUS, ("[%s] RADIUS: Get RAD_FRAMED_MTU: invalid MTU: %u", |
| auth->info.lnkname, i)); |
auth->info.lnkname, i)); |
| auth->params.mtu = 0; |
auth->params.mtu = 0; |
| break; |
break; |
|
Line 1602 RadiusGetParams(AuthData auth, int eap_proxy)
|
Line 1598 RadiusGetParams(AuthData auth, int eap_proxy)
|
| break; |
break; |
| |
|
| case RAD_FILTER_ID: |
case RAD_FILTER_ID: |
| |
Freee(auth->params.filter_id); |
| |
auth->params.filter_id = NULL; |
| |
if (len == 0) |
| |
break; |
| tmpval = rad_cvt_string(data, len); |
tmpval = rad_cvt_string(data, len); |
| Log(LG_RADIUS2, ("[%s] RADIUS: Get (RAD_FILTER_ID: %s)", | auth->params.filter_id = Mdup(MB_AUTH, tmpval, len + 1); |
| auth->info.lnkname, tmpval)); | |
| free(tmpval); |
free(tmpval); |
| |
Log(LG_RADIUS2, ("[%s] RADIUS: Get RAD_FILTER_ID: %s", |
| |
auth->info.lnkname, auth->params.filter_id)); |
| break; |
break; |
| |
|
| case RAD_SERVICE_TYPE: |
case RAD_SERVICE_TYPE: |
|
Line 1712 RadiusGetParams(AuthData auth, int eap_proxy)
|
Line 1713 RadiusGetParams(AuthData auth, int eap_proxy)
|
| auth->info.lnkname)); |
auth->info.lnkname)); |
| tmpkey = rad_demangle_mppe_key(auth->radius.handle, data, len, &tmpkey_len); |
tmpkey = rad_demangle_mppe_key(auth->radius.handle, data, len, &tmpkey_len); |
| if (!tmpkey) { |
if (!tmpkey) { |
| Log(LG_RADIUS, ("[%s] RADIUS: rad_demangle_mppe_key failed: %s", | RadiusLogError(auth, "rad_demangle_mppe_key failed"); |
| auth->info.lnkname, rad_strerror(auth->radius.handle))); | |
| return RAD_NACK; |
return RAD_NACK; |
| } |
} |
| |
|
|
Line 1727 RadiusGetParams(AuthData auth, int eap_proxy)
|
Line 1727 RadiusGetParams(AuthData auth, int eap_proxy)
|
| auth->info.lnkname)); |
auth->info.lnkname)); |
| tmpkey = rad_demangle_mppe_key(auth->radius.handle, data, len, &tmpkey_len); |
tmpkey = rad_demangle_mppe_key(auth->radius.handle, data, len, &tmpkey_len); |
| if (!tmpkey) { |
if (!tmpkey) { |
| Log(LG_RADIUS, ("[%s] RADIUS: rad_demangle_mppe_key failed: %s", | RadiusLogError(auth, "rad_demangle_mppe_key failed"); |
| auth->info.lnkname, rad_strerror(auth->radius.handle))); | |
| return RAD_NACK; |
return RAD_NACK; |
| } |
} |
| memcpy(auth->params.msoft.xmit_key, tmpkey, MPPE_KEY_LEN); |
memcpy(auth->params.msoft.xmit_key, tmpkey, MPPE_KEY_LEN); |
|
Line 1742 RadiusGetParams(AuthData auth, int eap_proxy)
|
Line 1741 RadiusGetParams(AuthData auth, int eap_proxy)
|
| auth->info.lnkname)); |
auth->info.lnkname)); |
| |
|
| if (len != 32) { |
if (len != 32) { |
| Log(LG_RADIUS, ("[%s] RADIUS: Server returned garbage %d of expected %d Bytes", | Log(LG_ERR|LG_RADIUS, ("[%s] RADIUS: Server returned garbage %d of expected %d Bytes", |
| auth->info.lnkname, (int)len, 32)); |
auth->info.lnkname, (int)len, 32)); |
| return RAD_NACK; |
return RAD_NACK; |
| } |
} |
| |
|
| tmpkey = rad_demangle(auth->radius.handle, data, len); |
tmpkey = rad_demangle(auth->radius.handle, data, len); |
| if (tmpkey == NULL) { |
if (tmpkey == NULL) { |
| Log(LG_RADIUS, ("[%s] RADIUS: rad_demangle failed: %s", | RadiusLogError(auth, "rad_demangle failed"); |
| auth->info.lnkname, rad_strerror(auth->radius.handle))); | |
| return RAD_NACK; |
return RAD_NACK; |
| } |
} |
| memcpy(auth->params.msoft.lm_hash, tmpkey, sizeof(auth->params.msoft.lm_hash)); |
memcpy(auth->params.msoft.lm_hash, tmpkey, sizeof(auth->params.msoft.lm_hash)); |
|
Line 1890 RadiusGetParams(AuthData auth, int eap_proxy)
|
Line 1888 RadiusGetParams(AuthData auth, int eap_proxy)
|
| acl2 = strsep(&acl1, "#"); |
acl2 = strsep(&acl1, "#"); |
| i = atoi(acl2); |
i = atoi(acl2); |
| if (i <= 0 || i > ACL_FILTERS) { |
if (i <= 0 || i > ACL_FILTERS) { |
| Log(LG_RADIUS, ("[%s] RADIUS: Wrong filter number: %i", | Log(LG_ERR|LG_RADIUS, ("[%s] RADIUS: Wrong filter number: %i", |
| auth->info.lnkname, i)); |
auth->info.lnkname, i)); |
| free(acl); |
free(acl); |
| break; |
break; |
|
Line 1906 RadiusGetParams(AuthData auth, int eap_proxy)
|
Line 1904 RadiusGetParams(AuthData auth, int eap_proxy)
|
| } else if (strcasecmp(acl2, "out") == 0) { |
} else if (strcasecmp(acl2, "out") == 0) { |
| i = 1; |
i = 1; |
| } else { |
} else { |
| Log(LG_ERR, ("[%s] RADIUS: Wrong limit direction: '%s'", | Log(LG_ERR|LG_ERR, ("[%s] RADIUS: Wrong limit direction: '%s'", |
| auth->info.lnkname, acl2)); |
auth->info.lnkname, acl2)); |
| free(acl); |
free(acl); |
| break; |
break; |
|
Line 2009 RadiusGetParams(AuthData auth, int eap_proxy)
|
Line 2007 RadiusGetParams(AuthData auth, int eap_proxy)
|
| /* sanity check, this happens when FreeRADIUS has no msoft-dictionary loaded */ |
/* sanity check, this happens when FreeRADIUS has no msoft-dictionary loaded */ |
| if (auth->proto == PROTO_CHAP && auth->alg == CHAP_ALG_MSOFTv2 |
if (auth->proto == PROTO_CHAP && auth->alg == CHAP_ALG_MSOFTv2 |
| && auth->mschapv2resp == NULL && auth->status == AUTH_STATUS_SUCCESS) { |
&& auth->mschapv2resp == NULL && auth->status == AUTH_STATUS_SUCCESS) { |
| Log(LG_RADIUS, ("[%s] RADIUS: PANIC no MS-CHAP2-Success received from server!", | Log(LG_ERR|LG_RADIUS, |
| | ("[%s] RADIUS: PANIC no MS-CHAP2-Success received from server!", |
| auth->info.lnkname)); |
auth->info.lnkname)); |
| return RAD_NACK; |
return RAD_NACK; |
| } |
} |
|
Line 2018 RadiusGetParams(AuthData auth, int eap_proxy)
|
Line 2017 RadiusGetParams(AuthData auth, int eap_proxy)
|
| /* print warning, because MPPE doesen't work */ |
/* print warning, because MPPE doesen't work */ |
| if (!(auth->params.msoft.has_keys || auth->params.msoft.has_nt_hash || auth->params.msoft.has_lm_hash) && |
if (!(auth->params.msoft.has_keys || auth->params.msoft.has_nt_hash || auth->params.msoft.has_lm_hash) && |
| auth->params.msoft.policy != MPPE_POLICY_NONE) { |
auth->params.msoft.policy != MPPE_POLICY_NONE) { |
| Log(LG_RADIUS, ("[%s] RADIUS: WARNING no MPPE-Keys received, MPPE will not work", | Log(LG_ERR|LG_RADIUS, |
| | ("[%s] RADIUS: WARNING no MPPE-Keys received, MPPE will not work", |
| auth->info.lnkname)); |
auth->info.lnkname)); |
| } |
} |
| |
|
|
Line 2029 RadiusGetParams(AuthData auth, int eap_proxy)
|
Line 2029 RadiusGetParams(AuthData auth, int eap_proxy)
|
| (auth->params.msoft.has_keys || auth->params.msoft.has_nt_hash || auth->params.msoft.has_lm_hash)) { |
(auth->params.msoft.has_keys || auth->params.msoft.has_nt_hash || auth->params.msoft.has_lm_hash)) { |
| auth->params.msoft.policy = MPPE_POLICY_ALLOWED; |
auth->params.msoft.policy = MPPE_POLICY_ALLOWED; |
| auth->params.msoft.types = MPPE_TYPE_40BIT | MPPE_TYPE_128BIT | MPPE_TYPE_56BIT; |
auth->params.msoft.types = MPPE_TYPE_40BIT | MPPE_TYPE_128BIT | MPPE_TYPE_56BIT; |
| Log(LG_RADIUS, ("[%s] RADIUS: MPPE-Keys present, but no MPPE-Infos received => allowing MPPE with all types", | Log(LG_ERR|LG_RADIUS, |
| | ("[%s] RADIUS: MPPE-Keys present, but no MPPE-Infos received => allowing MPPE with all types", |
| auth->info.lnkname)); |
auth->info.lnkname)); |
| } |
} |
| |
|
|
Line 2046 RadiusGetParams(AuthData auth, int eap_proxy)
|
Line 2047 RadiusGetParams(AuthData auth, int eap_proxy)
|
| j = 0; |
j = 0; |
| SLIST_FOREACH(r1, &auth->params.routes, next) { |
SLIST_FOREACH(r1, &auth->params.routes, next) { |
| if (!u_rangecompare(&r->dest, &r1->dest)) { |
if (!u_rangecompare(&r->dest, &r1->dest)) { |
| Log(LG_RADIUS, ("[%s] RADIUS: Duplicate route", auth->info.lnkname)); | Log(LG_ERR|LG_RADIUS, |
| | ("[%s] RADIUS: Duplicate route", auth->info.lnkname)); |
| j = 1; |
j = 1; |
| } |
} |
| }; |
}; |
|
Line 2059 RadiusGetParams(AuthData auth, int eap_proxy)
|
Line 2061 RadiusGetParams(AuthData auth, int eap_proxy)
|
| } |
} |
| |
|
| return (RAD_ACK); |
return (RAD_ACK); |
| |
} |
| |
|
| |
static void |
| |
RadiusLogError(AuthData auth, const char *errmsg) |
| |
{ |
| |
Log(LG_ERR|LG_RADIUS, ("[%s] RADIUS: %s: %s", |
| |
auth->info.lnkname, errmsg, rad_strerror(auth->radius.handle))); |
| } |
} |
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to radius.c CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / mpd / src