Mercurial > hg > freeDiameter
annotate extensions/app_radgw/rgw_clients.c @ 546:0790fcf2fbfc
Add a trace in the purge thread
author | Sebastien Decugis <sdecugis@nict.go.jp> |
---|---|
date | Tue, 14 Sep 2010 16:24:09 +0900 |
parents | b0f9b0e1b564 |
children | 77b575250103 |
rev | line source |
---|---|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
1 /********************************************************************************************************* |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
2 * Software License Agreement (BSD License) * |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
3 * Author: Sebastien Decugis <sdecugis@nict.go.jp> * |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
4 * * |
258
5df55136361b
Updated copyright information
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
254
diff
changeset
|
5 * Copyright (c) 2010, WIDE Project and NICT * |
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
6 * All rights reserved. * |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
7 * * |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
8 * Redistribution and use of this software in source and binary forms, with or without modification, are * |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
9 * permitted provided that the following conditions are met: * |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
10 * * |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
11 * * Redistributions of source code must retain the above * |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
12 * copyright notice, this list of conditions and the * |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
13 * following disclaimer. * |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
14 * * |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
15 * * Redistributions in binary form must reproduce the above * |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
16 * copyright notice, this list of conditions and the * |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
17 * following disclaimer in the documentation and/or other * |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
18 * materials provided with the distribution. * |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
19 * * |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
20 * * Neither the name of the WIDE Project or NICT nor the * |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
21 * names of its contributors may be used to endorse or * |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
22 * promote products derived from this software without * |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
23 * specific prior written permission of WIDE Project and * |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
24 * NICT. * |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
25 * * |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
26 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED * |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
27 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A * |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
28 * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR * |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
29 * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT * |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
30 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
31 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR * |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
32 * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF * |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
33 * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
34 *********************************************************************************************************/ |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
35 |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
36 /* Manage the list of RADIUS clients, along with their shared secrets. */ |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
37 |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
38 /* Probably some changes are needed to support RADIUS Proxies */ |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
39 |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
40 #include "rgw.h" |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
41 |
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
42 #define REVERSE_DNS_SIZE_MAX 512 /* length of our buffer for reverse DNS */ |
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
43 #define DUPLICATE_CHECK_LIFETIME 60 /* number of seconds that the received RADIUS records are kept for duplicate checking . TODO: make it configurable if needed */ |
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
44 |
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
45 /* Ordered lists of clients. The order relationship is a memcmp on the address zone. |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
46 For same addresses, the port is compared. |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
47 The same address cannot be added twice, once with a 0-port and once with another port value. |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
48 */ |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
49 static struct fd_list cli_ip = FD_LIST_INITIALIZER(cli_ip); |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
50 static struct fd_list cli_ip6 = FD_LIST_INITIALIZER(cli_ip6); |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
51 |
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
52 /* Lock to protect the previous lists. We use a rwlock because this list is mostly static, to allow parallel reading */ |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
53 static pthread_rwlock_t cli_rwl = PTHREAD_RWLOCK_INITIALIZER; |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
54 |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
55 /* Structure describing one received RADIUS message, for duplicate checks purpose. */ |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
56 struct req_info { |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
57 uint16_t port; /* UDP source port of the request */ |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
58 uint8_t id; /* The identifier in the request header */ |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
59 uint8_t auth[16]; /* Request authenticator, since some RADIUS clients do not implement the id mechanism properly. */ |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
60 struct radius_msg *ans; /* The replied answer if any, in case the previous answer got lost. */ |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
61 |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
62 int nbdup; /* Number of times this request was received as a duplicate */ |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
63 struct fd_list by_id; /* The list of requests ordered by their id, port, and auth */ |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
64 time_t received; /* When was the last duplicate received? */ |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
65 struct fd_list by_time; /* The list of requests ordered by the 'received' value . */ |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
66 }; |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
67 |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
68 static pthread_t dbt_expire = (pthread_t)NULL; /* The thread that will remove old requests information from all clients (one thread for all) */ |
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
69 |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
70 /* Structure describing one client */ |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
71 struct rgw_client { |
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
72 /* Link information in global list (cli_ip or cli_ip6) */ |
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
73 struct fd_list chain; |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
74 |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
75 /* Reference count */ |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
76 int refcount; |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
77 |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
78 /* The address and optional port (alloc'd during configuration file parsing). */ |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
79 union { |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
80 struct sockaddr *sa; /* generic pointer */ |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
81 struct sockaddr_in *sin; |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
82 struct sockaddr_in6 *sin6; |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
83 }; |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
84 |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
85 /* The FQDN, realm, and optional aliases */ |
500
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
86 int is_local; /* true if the RADIUS client runs on the same host -- we use Diameter Identity in that case */ |
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
87 enum rgw_cli_type type; /* is it a proxy ? */ |
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
88 char *fqdn; |
442
02e3976b9163
Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
403
diff
changeset
|
89 size_t fqdn_len; |
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
90 char *realm; |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
91 char **aliases; |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
92 size_t aliases_nb; |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
93 |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
94 /* The secret key data. */ |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
95 struct { |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
96 unsigned char * data; |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
97 size_t len; |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
98 } key; |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
99 |
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
100 /* information of previous msg received, for duplicate checks. */ |
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
101 struct { |
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
102 pthread_mutex_t dupl_lock; /* The mutex protecting the following lists */ |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
103 struct fd_list dupl_by_id; /* The list of req_info structures ordered by their id, port, and auth */ |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
104 struct fd_list dupl_by_time; /* The list of req_info structures ordered by their time (approximative) */ |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
105 } dupl_info[2]; /*[0] for auth, [1] for acct. */ |
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
106 }; |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
107 |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
108 |
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
109 /* Create a new req_info structure and initialize its data from a RADIUS request message */ |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
110 static struct req_info * dupl_new_req_info(struct rgw_radius_msg_meta *msg) { |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
111 struct req_info * ret = NULL; |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
112 CHECK_MALLOC_DO( ret = malloc(sizeof(struct req_info)), return NULL ); |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
113 memset(ret, 0, sizeof(struct req_info)); |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
114 ret->port = msg->port; |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
115 ret->id = msg->radius.hdr->identifier; |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
116 memcpy(&ret->auth[0], &msg->radius.hdr->authenticator[0], 16); |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
117 fd_list_init(&ret->by_id, ret); |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
118 fd_list_init(&ret->by_time, ret); |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
119 ret->received = time(NULL); |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
120 return ret; |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
121 } |
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
122 |
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
123 /* Destroy a req_info structure, after it has been unlinked */ |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
124 static void dupl_free_req_info(struct req_info * r) { |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
125 CHECK_PARAMS_DO( r && FD_IS_LIST_EMPTY(&r->by_id) && FD_IS_LIST_EMPTY(&r->by_time), return ); |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
126 if (r->ans) { |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
127 /* Free this RADIUS message */ |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
128 radius_msg_free(r->ans); |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
129 free(r->ans); |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
130 } |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
131 |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
132 /* Use r->nbdup for some purpose? */ |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
133 |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
134 free(r); |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
135 } |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
136 |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
137 /* The core of the purge thread */ |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
138 static int dupl_purge_list(struct fd_list * clients) { |
545
b0f9b0e1b564
Fix invalid initialization
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
544
diff
changeset
|
139 |
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
140 struct fd_list *li = NULL; |
545
b0f9b0e1b564
Fix invalid initialization
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
544
diff
changeset
|
141 |
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
142 for (li = clients->next; li != clients; li = li->next) { |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
143 struct rgw_client * client = (struct rgw_client *)li; |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
144 int p; |
545
b0f9b0e1b564
Fix invalid initialization
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
544
diff
changeset
|
145 |
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
146 for (p=0; p<=1; p++) { |
545
b0f9b0e1b564
Fix invalid initialization
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
544
diff
changeset
|
147 |
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
148 /* Lock this list */ |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
149 time_t now; |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
150 CHECK_POSIX( pthread_mutex_lock(&client->dupl_info[p].dupl_lock) ); |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
151 |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
152 now = time(NULL); |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
153 |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
154 while (!FD_IS_LIST_EMPTY(&client->dupl_info[p].dupl_by_time)) { |
545
b0f9b0e1b564
Fix invalid initialization
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
544
diff
changeset
|
155 |
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
156 /* Check the first item in the list */ |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
157 struct req_info * r = (struct req_info *)(client->dupl_info[p].dupl_by_time.next->o); |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
158 |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
159 if (now - r->received > DUPLICATE_CHECK_LIFETIME) { |
546
0790fcf2fbfc
Add a trace in the purge thread
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
545
diff
changeset
|
160 |
0790fcf2fbfc
Add a trace in the purge thread
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
545
diff
changeset
|
161 TRACE_DEBUG(ANNOYING + 1, "Purging RADIUS request (id: %02hhx, port: %hu, dup #%d, age %d secs)", r->id, ntohs(r->port), r->nbdup, now - r->received); |
0790fcf2fbfc
Add a trace in the purge thread
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
545
diff
changeset
|
162 |
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
163 /* Remove this record */ |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
164 fd_list_unlink(&r->by_time); |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
165 fd_list_unlink(&r->by_id); |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
166 dupl_free_req_info(r); |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
167 } else { |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
168 /* We are done for this list */ |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
169 break; |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
170 } |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
171 } |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
172 |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
173 CHECK_POSIX( pthread_mutex_unlock(&client->dupl_info[p].dupl_lock) ); |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
174 } |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
175 } |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
176 return 0; |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
177 } |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
178 |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
179 /* Thread that purges old RADIUS requests */ |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
180 static void * dupl_th(void * arg) { |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
181 /* Set the thread name */ |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
182 fd_log_threadname ( "app_radgw:duplicate_purge" ); |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
183 |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
184 /* The thread will be canceled */ |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
185 while (1) { |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
186 |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
187 /* We don't use a cond var, we simply wake up every 5 seconds. If the size of the duplicate cache is critical, it might be changed */ |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
188 sleep(5); |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
189 |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
190 /* When we wake up, we will check all clients duplicate lists one by one */ |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
191 CHECK_POSIX_DO( pthread_rwlock_rdlock(&cli_rwl), break ); |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
192 |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
193 CHECK_FCT_DO( dupl_purge_list(&cli_ip), break ); |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
194 CHECK_FCT_DO( dupl_purge_list(&cli_ip6), break ); |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
195 |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
196 CHECK_POSIX_DO( pthread_rwlock_unlock(&cli_rwl), break ); |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
197 |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
198 /* Loop */ |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
199 } |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
200 |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
201 /* If we reach this part, some fatal error was encountered */ |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
202 CHECK_FCT_DO(fd_event_send(fd_g_config->cnf_main_ev, FDEV_TERMINATE, 0, NULL), ); |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
203 TRACE_DEBUG(FULL, "Thread terminated"); |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
204 return NULL; |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
205 } |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
206 |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
207 |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
208 /* create a new rgw_client. the arguments are MOVED into the structure (to limit malloc & free calls). */ |
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
209 static int client_create(struct rgw_client ** res, struct sockaddr ** ip_port, unsigned char ** key, size_t keylen, enum rgw_cli_type type ) |
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
210 { |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
211 struct rgw_client *tmp = NULL; |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
212 char buf[255]; |
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
213 int ret, i; |
500
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
214 int loc = 0; |
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
215 |
500
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
216 /* Check if the IP address is local */ |
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
217 if ( ( ((*ip_port)->sa_family == AF_INET ) && ( IN_IS_ADDR_LOOPBACK( &((struct sockaddr_in *)(*ip_port))->sin_addr ) ) ) |
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
218 ||( ((*ip_port)->sa_family == AF_INET6) && ( IN6_IS_ADDR_LOOPBACK( &((struct sockaddr_in6 *)(*ip_port))->sin6_addr) ) )) { |
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
219 /* The client is local */ |
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
220 loc = 1; |
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
221 } else { |
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
222 |
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
223 /* Search FQDN for the client */ |
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
224 ret = getnameinfo( *ip_port, sizeof(struct sockaddr_storage), &buf[0], sizeof(buf), NULL, 0, 0 ); |
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
225 if (ret) { |
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
226 TRACE_DEBUG(INFO, "Unable to resolve peer name: %s", gai_strerror(ret)); |
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
227 return EINVAL; |
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
228 } |
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
229 } |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
230 |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
231 /* Create the new object */ |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
232 CHECK_MALLOC( tmp = malloc(sizeof (struct rgw_client)) ); |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
233 memset(tmp, 0, sizeof(struct rgw_client)); |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
234 fd_list_init(&tmp->chain, NULL); |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
235 |
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
236 /* Initialize the duplicate list info */ |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
237 for (i=0; i<=1; i++) { |
545
b0f9b0e1b564
Fix invalid initialization
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
544
diff
changeset
|
238 CHECK_POSIX( pthread_mutex_init(&tmp->dupl_info[i].dupl_lock, NULL) ); |
b0f9b0e1b564
Fix invalid initialization
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
544
diff
changeset
|
239 fd_list_init(&tmp->dupl_info[i].dupl_by_id, NULL); |
b0f9b0e1b564
Fix invalid initialization
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
544
diff
changeset
|
240 fd_list_init(&tmp->dupl_info[i].dupl_by_time, NULL); |
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
241 } |
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
242 tmp->type = type; |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
243 |
500
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
244 if (loc) { |
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
245 tmp->is_local = 1; |
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
246 } else { |
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
247 /* Copy the fqdn */ |
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
248 CHECK_MALLOC( tmp->fqdn = strdup(buf) ); |
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
249 tmp->fqdn_len = strlen(tmp->fqdn); |
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
250 /* Find an appropriate realm */ |
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
251 tmp->realm = strchr(tmp->fqdn, '.'); |
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
252 if (tmp->realm) |
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
253 tmp->realm += 1; |
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
254 if ((!tmp->realm) || (*tmp->realm == '\0')) /* in case the fqdn was "localhost." for example, if it is possible... */ |
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
255 tmp->realm = fd_g_config->cnf_diamrlm; |
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
256 } |
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
257 |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
258 /* move the sa info reference */ |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
259 tmp->sa = *ip_port; |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
260 *ip_port = NULL; |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
261 |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
262 /* move the key material */ |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
263 tmp->key.data = *key; |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
264 tmp->key.len = keylen; |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
265 *key = NULL; |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
266 |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
267 /* Done! */ |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
268 *res = tmp; |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
269 return 0; |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
270 } |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
271 |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
272 /* Decrease refcount on a client; the lock must be held when this function is called. */ |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
273 static void client_unlink(struct rgw_client * client) |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
274 { |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
275 client->refcount -= 1; |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
276 |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
277 if (client->refcount <= 0) { |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
278 int idx; |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
279 /* to be sure: the refcount should be 0 only when client_fini is called */ |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
280 ASSERT( FD_IS_LIST_EMPTY(&client->chain) ); |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
281 |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
282 /* Free the data */ |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
283 for (idx = 0; idx < client->aliases_nb; idx++) |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
284 free(client->aliases[idx]); |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
285 free(client->aliases); |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
286 free(client->fqdn); |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
287 free(client->sa); |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
288 free(client->key.data); |
530
825a2992e3b9
Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
521
diff
changeset
|
289 |
825a2992e3b9
Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
521
diff
changeset
|
290 /* Free the duplicate info */ |
825a2992e3b9
Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
521
diff
changeset
|
291 for (idx=0; idx <= 1; idx++){ |
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
292 CHECK_POSIX_DO( pthread_mutex_lock( &client->dupl_info[idx].dupl_lock ), /* continue */ ); |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
293 |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
294 while (!FD_IS_LIST_EMPTY(&client->dupl_info[idx].dupl_by_id)) { |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
295 struct req_info * r = (struct req_info *)(client->dupl_info[idx].dupl_by_id.next->o); |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
296 fd_list_unlink( &r->by_id ); |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
297 fd_list_unlink( &r->by_time ); |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
298 dupl_free_req_info(r); |
530
825a2992e3b9
Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
521
diff
changeset
|
299 } |
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
300 |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
301 CHECK_POSIX_DO( pthread_mutex_unlock( &client->dupl_info[idx].dupl_lock ), /* continue */ ); |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
302 |
530
825a2992e3b9
Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
521
diff
changeset
|
303 } |
825a2992e3b9
Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
521
diff
changeset
|
304 |
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
305 free(client); |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
306 } |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
307 } |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
308 |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
309 |
500
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
310 /* Macro to avoid duplicating the code in the next function */ |
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
311 #define client_search_family( _family_ ) \ |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
312 case AF_INET##_family_: { \ |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
313 struct sockaddr_in##_family_ * sin##_family_ = (struct sockaddr_in##_family_ *)ip_port; \ |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
314 for (ref = cli_ip##_family_.next; ref != &cli_ip##_family_; ref = ref->next) { \ |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
315 cmp = memcmp(&sin##_family_->sin##_family_##_addr, \ |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
316 &((struct rgw_client *)ref)->sin##_family_->sin##_family_##_addr, \ |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
317 sizeof(struct in##_family_##_addr)); \ |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
318 if (cmp > 0) continue; /* search further in the list */ \ |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
319 if (cmp < 0) break; /* this IP is not in the list */ \ |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
320 /* Now compare the ports as follow: */ \ |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
321 /* If the ip_port we are searching does not contain a port, just return the first match result */ \ |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
322 if ( (sin##_family_->sin##_family_##_port == 0) \ |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
323 /* If the entry in the list does not contain a port, return it as a match */ \ |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
324 || (((struct rgw_client *)ref)->sin##_family_->sin##_family_##_port == 0) \ |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
325 /* If both ports are equal, it is a match */ \ |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
326 || (sin##_family_->sin##_family_##_port == \ |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
327 ((struct rgw_client *)ref)->sin##_family_->sin##_family_##_port)) { \ |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
328 *res = (struct rgw_client *)ref; \ |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
329 return EEXIST; \ |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
330 } \ |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
331 /* Otherwise, the list is ordered by port value (byte order does not matter */ \ |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
332 if (sin##_family_->sin##_family_##_port \ |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
333 > ((struct rgw_client *)ref)->sin##_family_->sin##_family_##_port) continue; \ |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
334 else break; \ |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
335 } \ |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
336 *res = (struct rgw_client *)(ref->prev); \ |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
337 return ENOENT; \ |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
338 } |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
339 /* Function to look for an existing rgw_client, or the previous element. |
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
340 The cli_rwl must be held for reading (at least) when calling this function. |
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
341 Returns ENOENT if the matching client does not exist, and res points to the previous element in the list. |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
342 Returns EEXIST if the matching client is found, and res points to this element. |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
343 Returns other error code on other error. */ |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
344 static int client_search(struct rgw_client ** res, struct sockaddr * ip_port ) |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
345 { |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
346 int cmp; |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
347 struct fd_list *ref = NULL; |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
348 |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
349 CHECK_PARAMS(res && ip_port); |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
350 |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
351 switch (ip_port->sa_family) { |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
352 client_search_family() |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
353 break; |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
354 |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
355 client_search_family( 6 ) |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
356 break; |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
357 } |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
358 |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
359 /* We're never supposed to reach this point */ |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
360 ASSERT(0); |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
361 return EINVAL; |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
362 } |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
363 |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
364 int rgw_clients_getkey(struct rgw_client * cli, unsigned char **key, size_t *key_len) |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
365 { |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
366 CHECK_PARAMS( cli && key && key_len ); |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
367 *key = cli->key.data; |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
368 *key_len = cli->key.len; |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
369 return 0; |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
370 } |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
371 |
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
372 int rgw_clients_gettype(struct rgw_client * cli, enum rgw_cli_type *type) |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
373 { |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
374 CHECK_PARAMS( cli && type ); |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
375 *type = cli->type; |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
376 return 0; |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
377 } |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
378 |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
379 |
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
380 int rgw_clients_search(struct sockaddr * ip_port, struct rgw_client ** ref) |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
381 { |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
382 int ret = 0; |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
383 |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
384 TRACE_ENTRY("%p %p", ip_port, ref); |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
385 |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
386 CHECK_PARAMS(ip_port && ref); |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
387 |
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
388 CHECK_POSIX( pthread_rwlock_rdlock(&cli_rwl) ); |
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
389 |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
390 ret = client_search(ref, ip_port); |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
391 if (ret == EEXIST) { |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
392 (*ref)->refcount ++; |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
393 ret = 0; |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
394 } else { |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
395 *ref = NULL; |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
396 } |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
397 |
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
398 CHECK_POSIX( pthread_rwlock_unlock(&cli_rwl) ); |
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
399 |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
400 return ret; |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
401 } |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
402 |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
403 int rgw_clients_check_dup(struct rgw_radius_msg_meta **msg, struct rgw_client *cli) |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
404 { |
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
405 int p, dup = 0; |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
406 struct fd_list * li; |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
407 struct req_info * r; |
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
408 |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
409 TRACE_ENTRY("%p %p", msg, cli); |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
410 |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
411 CHECK_PARAMS( msg && cli ); |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
412 |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
413 if ((*msg)->serv_type == RGW_PLG_TYPE_AUTH) |
530
825a2992e3b9
Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
521
diff
changeset
|
414 p = 0; |
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
415 else |
530
825a2992e3b9
Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
521
diff
changeset
|
416 p = 1; |
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
417 |
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
418 CHECK_POSIX( pthread_mutex_lock( &cli->dupl_info[p].dupl_lock ) ); |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
419 |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
420 /* Search if we have this message in our list */ |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
421 for (li = cli->dupl_info[p].dupl_by_id.next; li != &cli->dupl_info[p].dupl_by_id; li = li->next) { |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
422 int cmp = 0; |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
423 r = (struct req_info *)(li->o); |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
424 if (r->id < (*msg)->radius.hdr->identifier) |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
425 continue; |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
426 if (r->id > (*msg)->radius.hdr->identifier) |
530
825a2992e3b9
Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
521
diff
changeset
|
427 break; |
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
428 if (r->port < (*msg)->port) |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
429 continue; |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
430 if (r->port > (*msg)->port) |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
431 break; |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
432 cmp = memcmp(&r->auth[0], &(*msg)->radius.hdr->authenticator[0], 16); |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
433 if (cmp < 0) |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
434 continue; |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
435 if (cmp > 0); |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
436 break; |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
437 dup = 1; |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
438 break; |
530
825a2992e3b9
Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
521
diff
changeset
|
439 } |
825a2992e3b9
Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
521
diff
changeset
|
440 |
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
441 if (dup) { |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
442 time_t now = time(NULL); |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
443 r->nbdup += 1; |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
444 TRACE_DEBUG(INFO, "Received duplicated RADIUS message (id: %02hhx, port: %hu, dup #%d, previously seen %d secs ago).", |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
445 r->id, ntohs(r->port), r->nbdup, now - r->received); |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
446 |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
447 if (r->ans) { |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
448 /* Resend the answer */ |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
449 CHECK_FCT_DO( rgw_servers_send((*msg)->serv_type, r->ans->buf, r->ans->buf_used, cli->sa, r->port), ); |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
450 |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
451 /* Should we delete 'r' so that a further duplicate will again be converted to Diameter? */ |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
452 } |
530
825a2992e3b9
Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
521
diff
changeset
|
453 |
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
454 /* Update the timestamp */ |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
455 r->received = now; |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
456 fd_list_unlink(&r->by_time); |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
457 fd_list_insert_before(&cli->dupl_info[p].dupl_by_time, &r->by_time); /* Move as last entry, since it is the most recent */ |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
458 |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
459 /* Delete the request message */ |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
460 rgw_msg_free(msg); |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
461 |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
462 } else { |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
463 /* The message was not a duplicate, we save it */ |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
464 /* li currently points the the next entry in list_by_id */ |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
465 CHECK_MALLOC_DO( r= dupl_new_req_info(*msg), { CHECK_POSIX_DO(pthread_mutex_unlock( &cli->dupl_info[p].dupl_lock ), ); return ENOMEM; } ); |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
466 fd_list_insert_before(li, &r->by_id); |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
467 fd_list_insert_before(&cli->dupl_info[p].dupl_by_time, &r->by_time); /* it is the most recent */ |
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
468 } |
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
469 |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
470 CHECK_POSIX( pthread_mutex_unlock( &cli->dupl_info[p].dupl_lock ) ); |
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
471 |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
472 return 0; |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
473 } |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
474 |
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
475 /* Check if the message has a valid authenticator, and update the meta-data accordingly */ |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
476 int rgw_clients_auth_check(struct rgw_radius_msg_meta * msg, struct rgw_client * cli, uint8_t * req_auth) |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
477 { |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
478 unsigned char * key; |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
479 size_t keylen; |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
480 int count; |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
481 |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
482 TRACE_ENTRY("%p %p %p", msg, cli, req_auth); |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
483 |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
484 CHECK_PARAMS(msg && cli); |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
485 |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
486 CHECK_FCT(rgw_clients_getkey(cli, &key, &keylen)); |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
487 |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
488 count = radius_msg_count_attr(&msg->radius, RADIUS_ATTR_MESSAGE_AUTHENTICATOR, 0); |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
489 if (count > 1) { |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
490 TRACE_DEBUG(INFO, "Too many Message-Authenticator attributes (%d), discarding message.", count); |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
491 return EINVAL; |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
492 } |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
493 if (count == 0) { |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
494 TRACE_DEBUG(FULL, "Message does not contain a Message-Authenticator attributes."); |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
495 msg->valid_mac = 0; |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
496 } else { |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
497 if (radius_msg_verify_msg_auth( &msg->radius, key, keylen, req_auth )) { |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
498 TRACE_DEBUG(INFO, "Invalid Message-Authenticator received, discarding message."); |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
499 return EINVAL; |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
500 } |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
501 msg->valid_mac = 1; |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
502 } |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
503 |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
504 return 0; |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
505 } |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
506 |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
507 static struct dict_object * cache_orig_host = NULL; |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
508 static struct dict_object * cache_orig_realm = NULL; |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
509 static struct dict_object * cache_route_record = NULL; |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
510 |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
511 int rgw_clients_init(void) |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
512 { |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
513 TRACE_ENTRY(); |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
514 CHECK_FCT( fd_dict_search(fd_g_config->cnf_dict, DICT_AVP, AVP_BY_NAME, "Origin-Host", &cache_orig_host, ENOENT) ); |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
515 CHECK_FCT( fd_dict_search(fd_g_config->cnf_dict, DICT_AVP, AVP_BY_NAME, "Origin-Realm", &cache_orig_realm, ENOENT) ); |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
516 CHECK_FCT( fd_dict_search(fd_g_config->cnf_dict, DICT_AVP, AVP_BY_NAME, "Route-Record", &cache_route_record, ENOENT) ); |
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
517 |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
518 /* Create the thread that will purge old RADIUS duplicates */ |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
519 CHECK_POSIX( pthread_create( &dbt_expire, NULL, dupl_th, NULL) ); |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
520 |
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
521 return 0; |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
522 } |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
523 |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
524 |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
525 /* The following function checks if a RADIUS message contains a valid NAS identifier, and initializes an empty Diameter |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
526 message with the appropriate routing information */ |
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
527 /* Check that the NAS-IP-Adress or NAS-Identifier is coherent with the IP the packet was received from */ |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
528 /* Also update the client list of aliases if needed */ |
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
529 int rgw_clients_create_origin(struct rgw_radius_msg_meta *msg, struct rgw_client * cli, struct msg ** diam) |
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
530 { |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
531 int idx; |
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
532 int valid_nas_info = 0; |
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
533 struct radius_attr_hdr *nas_ip = NULL, *nas_ip6 = NULL, *nas_id = NULL; |
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
534 char * oh_str = NULL; |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
535 char * or_str = NULL; |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
536 char * rr_str = NULL; |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
537 char buf[REVERSE_DNS_SIZE_MAX]; /* to store DNS lookups results */ |
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
538 |
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
539 struct avp *avp = NULL; |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
540 union avp_value avp_val; |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
541 |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
542 TRACE_ENTRY("%p %p %p", msg, cli, diam); |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
543 CHECK_PARAMS(msg && cli && diam && (*diam == NULL)); |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
544 |
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
545 /* Find the relevant attributes, if any */ |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
546 for (idx = 0; idx < msg->radius.attr_used; idx++) { |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
547 struct radius_attr_hdr * attr = (struct radius_attr_hdr *)(msg->radius.buf + msg->radius.attr_pos[idx]); |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
548 size_t attr_len = attr->length - sizeof(struct radius_attr_hdr); |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
549 |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
550 if ((attr->type == RADIUS_ATTR_NAS_IP_ADDRESS) && (attr_len = 4)) { |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
551 nas_ip = attr; |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
552 continue; |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
553 } |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
554 |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
555 if ((attr->type == RADIUS_ATTR_NAS_IDENTIFIER) && (attr_len > 0)) { |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
556 nas_id = attr; |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
557 continue; |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
558 } |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
559 |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
560 if ((attr->type == RADIUS_ATTR_NAS_IPV6_ADDRESS) && (attr_len = 16)) { |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
561 nas_ip6 = attr; |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
562 continue; |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
563 } |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
564 } |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
565 |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
566 if (!nas_ip && !nas_ip6 && !nas_id) { |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
567 TRACE_DEBUG(FULL, "The message does not contain any NAS identification attribute."); |
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
568 |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
569 /* Get information on this peer */ |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
570 CHECK_FCT( rgw_clients_get_origin(cli, &oh_str, &or_str) ); |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
571 |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
572 goto diameter; |
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
573 } |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
574 |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
575 /* Check if the message was received from the IP in NAS-IP-Address attribute */ |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
576 if (nas_ip && (cli->sa->sa_family == AF_INET) && !memcmp(nas_ip+1, &cli->sin->sin_addr, sizeof(struct in_addr))) { |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
577 TRACE_DEBUG(FULL, "NAS-IP-Address contains the same address as the message was received from."); |
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
578 valid_nas_info |= 1; |
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
579 } |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
580 if (nas_ip6 && (cli->sa->sa_family == AF_INET6) && !memcmp(nas_ip6+1, &cli->sin6->sin6_addr, sizeof(struct in6_addr))) { |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
581 TRACE_DEBUG(FULL, "NAS-IPv6-Address contains the same address as the message was received from."); |
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
582 valid_nas_info |= 2; |
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
583 } |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
584 |
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
585 |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
586 /* |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
587 In RADIUS it would be possible for a rogue NAS to forge the NAS-IP- |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
588 Address attribute value. Diameter/RADIUS translation agents MUST |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
589 check a received NAS-IP-Address or NAS-IPv6-Address attribute against |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
590 the source address of the RADIUS packet. If they do not match and |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
591 the Diameter/RADIUS translation agent does not know whether the |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
592 packet was sent by a RADIUS proxy or NAS (e.g., no Proxy-State |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
593 attribute), then by default it is assumed that the source address |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
594 corresponds to a RADIUS proxy, and that the NAS Address is behind |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
595 that proxy, potentially with some additional RADIUS proxies in |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
596 between. The Diameter/RADIUS translation agent MUST insert entries |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
597 in the Route-Record AVP corresponding to the apparent route. This |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
598 implies doing a reverse lookup on the source address and NAS-IP- |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
599 Address or NAS-IPv6-Address attributes to determine the corresponding |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
600 FQDNs. |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
601 |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
602 If the source address and the NAS-IP-Address or NAS-IPv6-Address do |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
603 not match, and the Diameter/RADIUS translation agent knows that it is |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
604 talking directly to the NAS (e.g., there are no RADIUS proxies |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
605 between it and the NAS), then the error should be logged, and the |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
606 packet MUST be discarded. |
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
607 |
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
608 Diameter agents and servers MUST check whether the NAS-IP-Address AVP |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
609 corresponds to an entry in the Route-Record AVP. This is done by |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
610 doing a reverse lookup (PTR RR) for the NAS-IP-Address to retrieve |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
611 the corresponding FQDN, and by checking for a match with the Route- |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
612 Record AVP. If no match is found, then an error is logged, but no |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
613 other action is taken. |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
614 */ |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
615 if (nas_ip || nas_ip6) { |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
616 if (!valid_nas_info) { |
520
9b5422e5385c
Better handle localhost RADIUS clients
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
519
diff
changeset
|
617 if ((!cli->is_local) && (cli->type == RGW_CLI_NAS)) { |
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
618 TRACE_DEBUG(INFO, "Message received with a NAS-IP-Address or NAS-IPv6-Address different \nfrom the sender's. Please configure as Proxy if this is expected.\n Message discarded."); |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
619 return EINVAL; |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
620 } else { |
520
9b5422e5385c
Better handle localhost RADIUS clients
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
519
diff
changeset
|
621 /* the peer is configured as a proxy, or running on localhost, so accept the message */ |
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
622 sSS ss; |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
623 |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
624 /* In that case, the cli will be stored as Route-Record and the NAS-IP-Address as origin */ |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
625 if (!cli->is_local) { |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
626 rr_str = cli->fqdn; |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
627 } |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
628 |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
629 /* We must DNS-reverse the NAS-IP*-Address */ |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
630 memset(&ss, 0 , sizeof(sSS)); |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
631 if (nas_ip) { |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
632 sSA4 * sin = (sSA4 *)&ss; |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
633 sin->sin_family = AF_INET; |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
634 memcpy(&sin->sin_addr, nas_ip + 1, sizeof(struct in_addr)); |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
635 } else { |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
636 sSA6 * sin6 = (sSA6 *)&ss; |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
637 sin6->sin6_family = AF_INET6; |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
638 memcpy(&sin6->sin6_addr, nas_ip6 + 1, sizeof(struct in6_addr)); |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
639 } |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
640 CHECK_SYS_DO( getnameinfo( (sSA *)&ss, sSAlen(&ss), &buf[0], sizeof(buf), NULL, 0, NI_NAMEREQD), |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
641 { |
520
9b5422e5385c
Better handle localhost RADIUS clients
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
519
diff
changeset
|
642 if (cli->is_local) { |
9b5422e5385c
Better handle localhost RADIUS clients
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
519
diff
changeset
|
643 CHECK_FCT( rgw_clients_get_origin(cli, &oh_str, &or_str) ); |
9b5422e5385c
Better handle localhost RADIUS clients
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
519
diff
changeset
|
644 goto diameter; |
9b5422e5385c
Better handle localhost RADIUS clients
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
519
diff
changeset
|
645 } |
9b5422e5385c
Better handle localhost RADIUS clients
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
519
diff
changeset
|
646 |
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
647 TRACE_DEBUG(INFO, "The NAS-IP*-Address cannot be DNS reversed in order to create the Origin-Host AVP; rejecting the message (translation is impossible)."); |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
648 return EINVAL; |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
649 } ); |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
650 |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
651 oh_str = &buf[0]; |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
652 or_str = strchr(oh_str, '.'); |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
653 if (or_str) { |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
654 or_str ++; /* move after the first dot */ |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
655 if (*or_str == '\0') |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
656 or_str = NULL; /* Discard this realm, we will use the local realm later */ |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
657 } |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
658 } |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
659 } else { |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
660 /* The attribute matches the source address, just use this in origin-host */ |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
661 CHECK_FCT( rgw_clients_get_origin(cli, &oh_str, &or_str) ); |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
662 } |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
663 |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
664 goto diameter; /* we ignore the nas_id in that case */ |
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
665 } |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
666 |
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
667 /* We don't have a NAS-IP*-Address attribute if we are here */ |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
668 if (cli->is_local) { |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
669 /* Simple: we use our own configuration */ |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
670 CHECK_FCT( rgw_clients_get_origin(cli, &oh_str, &or_str) ); |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
671 goto diameter; |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
672 } |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
673 |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
674 /* At this point, we only have nas_id, and the client is not local */ |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
675 ASSERT(nas_id); |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
676 |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
677 { |
442
02e3976b9163
Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
403
diff
changeset
|
678 int found, ret; |
02e3976b9163
Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
403
diff
changeset
|
679 struct addrinfo hint, *res, *ptr; |
02e3976b9163
Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
403
diff
changeset
|
680 |
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
681 /* |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
682 In RADIUS it would be possible for a rogue NAS to forge the NAS- |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
683 Identifier attribute. Diameter/RADIUS translation agents SHOULD |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
684 attempt to check a received NAS-Identifier attribute against the |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
685 source address of the RADIUS packet, by doing an A/AAAA RR query. If |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
686 the NAS-Identifier attribute contains an FQDN, then such a query |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
687 would resolve to an IP address matching the source address. However, |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
688 the NAS-Identifier attribute is not required to contain an FQDN, so |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
689 such a query could fail. If it fails, an error should be logged, but |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
690 no action should be taken, other than a reverse lookup on the source |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
691 address and insert the resulting FQDN into the Route-Record AVP. |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
692 |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
693 Diameter agents and servers SHOULD check whether a NAS-Identifier AVP |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
694 corresponds to an entry in the Route-Record AVP. If no match is |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
695 found, then an error is logged, but no other action is taken. |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
696 */ |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
697 |
442
02e3976b9163
Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
403
diff
changeset
|
698 /* first, check if the nas_id is the fqdn of the peer or a known alias */ |
02e3976b9163
Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
403
diff
changeset
|
699 if ((cli->fqdn_len == (nas_id->length - sizeof(struct radius_attr_hdr))) |
02e3976b9163
Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
403
diff
changeset
|
700 && (!strncasecmp((char *)(nas_id + 1), cli->fqdn, nas_id->length - sizeof(struct radius_attr_hdr)))) { |
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
701 TRACE_DEBUG(FULL, "NAS-Identifier contains the fqdn of the client"); |
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
702 found = 1; |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
703 } else { |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
704 for (idx = 0; idx < cli->aliases_nb; idx++) { |
442
02e3976b9163
Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
403
diff
changeset
|
705 if (((nas_id->length - sizeof(struct radius_attr_hdr)) == strlen(cli->aliases[idx])) |
02e3976b9163
Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
403
diff
changeset
|
706 && (!strncasecmp((char *)(nas_id + 1), cli->aliases[idx], nas_id->length - sizeof(struct radius_attr_hdr)))) { |
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
707 TRACE_DEBUG(FULL, "NAS-Identifier valid value found in the cache"); |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
708 found = 1; |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
709 break; |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
710 } |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
711 } |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
712 } |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
713 |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
714 if (found) { |
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
715 /* The NAS-Identifier matches the source IP */ |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
716 CHECK_FCT( rgw_clients_get_origin(cli, &oh_str, &or_str) ); |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
717 |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
718 goto diameter; |
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
719 } |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
720 |
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
721 /* Attempt DNS resolution of the identifier */ |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
722 ASSERT( nas_id->length - sizeof(struct radius_attr_hdr) < sizeof(buf) ); |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
723 memcpy(buf, nas_id + 1, nas_id->length - sizeof(struct radius_attr_hdr)); |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
724 buf[nas_id->length - sizeof(struct radius_attr_hdr)] = '\0'; |
442
02e3976b9163
Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
403
diff
changeset
|
725 |
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
726 /* Now check if this alias is valid for this peer */ |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
727 memset(&hint, 0, sizeof(hint)); |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
728 hint.ai_flags = AI_CANONNAME; |
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
729 ret = getaddrinfo(buf, NULL, &hint, &res); |
442
02e3976b9163
Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
403
diff
changeset
|
730 if (ret == 0) { |
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
731 strncpy(buf, res->ai_canonname, sizeof(buf)); |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
732 /* The name was resolved correctly, does it match the IP of the client? */ |
442
02e3976b9163
Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
403
diff
changeset
|
733 for (ptr = res; ptr != NULL; ptr = ptr->ai_next) { |
02e3976b9163
Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
403
diff
changeset
|
734 if (cli->sa->sa_family != ptr->ai_family) |
02e3976b9163
Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
403
diff
changeset
|
735 continue; |
02e3976b9163
Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
403
diff
changeset
|
736 if (memcmp(cli->sa, ptr->ai_addr, sSAlen(cli->sa))) |
02e3976b9163
Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
403
diff
changeset
|
737 continue; |
02e3976b9163
Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
403
diff
changeset
|
738 |
02e3976b9163
Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
403
diff
changeset
|
739 found = 1; |
02e3976b9163
Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
403
diff
changeset
|
740 break; |
02e3976b9163
Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
403
diff
changeset
|
741 } |
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
742 freeaddrinfo(res); |
442
02e3976b9163
Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
403
diff
changeset
|
743 |
02e3976b9163
Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
403
diff
changeset
|
744 if (!found) { |
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
745 if (cli->type == RGW_CLI_NAS) { |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
746 TRACE_DEBUG(INFO, "The NAS-Identifier value '%.*s' resolves to a different IP than the client's, discarding the message. \nConfigure this client as a Proxy if this message should be valid.", |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
747 nas_id->length - sizeof(struct radius_attr_hdr), nas_id + 1); |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
748 return EINVAL; |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
749 } else { |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
750 /* This identifier matches a different IP, assume it is a proxied message */ |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
751 if (!cli->is_local) { |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
752 rr_str = cli->fqdn; |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
753 } |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
754 oh_str = &buf[0]; /* The canonname resolved */ |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
755 or_str = strchr(oh_str, '.'); |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
756 if (or_str) { |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
757 or_str ++; /* move after the first dot */ |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
758 if (*or_str == '\0') |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
759 or_str = NULL; /* Discard this realm, we will use the local realm later */ |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
760 } |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
761 } |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
762 } else { |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
763 /* It is a valid alias, save it */ |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
764 CHECK_MALLOC( cli->aliases = realloc(cli->aliases, (cli->aliases_nb + 1) * sizeof(char *)) ); |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
765 CHECK_MALLOC( cli->aliases[cli->aliases_nb + 1] = malloc( 1 + nas_id->length - sizeof(struct radius_attr_hdr) )); |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
766 memcpy( cli->aliases[cli->aliases_nb + 1], nas_id + 1, nas_id->length - sizeof(struct radius_attr_hdr)); |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
767 *(cli->aliases[cli->aliases_nb + 1] + nas_id->length - sizeof(struct radius_attr_hdr)) = '\0'; |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
768 cli->aliases_nb ++; |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
769 TRACE_DEBUG(FULL, "Saved valid alias for client: '%s' -> '%s'", cli->aliases[cli->aliases_nb + 1], cli->fqdn); |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
770 CHECK_FCT( rgw_clients_get_origin(cli, &oh_str, &or_str) ); |
442
02e3976b9163
Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
403
diff
changeset
|
771 } |
02e3976b9163
Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
403
diff
changeset
|
772 } else { |
02e3976b9163
Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
403
diff
changeset
|
773 /* Error resolving the name */ |
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
774 TRACE_DEBUG(INFO, "NAS-Identifier '%s' cannot be resolved: %s. Ignoring...", buf, gai_strerror(ret)); |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
775 /* Assume this is a valid identifier for the client */ |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
776 CHECK_FCT( rgw_clients_get_origin(cli, &oh_str, &or_str) ); |
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
777 } |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
778 } |
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
779 |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
780 /* Now, let's create the empty Diameter message with Origin-Host, -Realm, and Route-Record if needed. */ |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
781 diameter: |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
782 ASSERT(oh_str); /* If it is not defined here, there is a bug... */ |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
783 if (!or_str) |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
784 or_str = fd_g_config->cnf_diamrlm; /* Use local realm in that case */ |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
785 |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
786 /* Create an empty Diameter message so that extensions can store their AVPs */ |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
787 CHECK_FCT( fd_msg_new ( NULL, MSGFL_ALLOC_ETEID, diam ) ); |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
788 |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
789 /* Add the Origin-Host as next AVP */ |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
790 CHECK_FCT( fd_msg_avp_new ( cache_orig_host, 0, &avp ) ); |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
791 memset(&avp_val, 0, sizeof(avp_val)); |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
792 avp_val.os.data = (unsigned char *)oh_str; |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
793 avp_val.os.len = strlen(oh_str); |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
794 CHECK_FCT( fd_msg_avp_setvalue ( avp, &avp_val ) ); |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
795 CHECK_FCT( fd_msg_avp_add ( *diam, MSG_BRW_LAST_CHILD, avp) ); |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
796 |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
797 /* Add the Origin-Realm as next AVP */ |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
798 CHECK_FCT( fd_msg_avp_new ( cache_orig_realm, 0, &avp ) ); |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
799 memset(&avp_val, 0, sizeof(avp_val)); |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
800 avp_val.os.data = (unsigned char *)or_str; |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
801 avp_val.os.len = strlen(or_str); |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
802 CHECK_FCT( fd_msg_avp_setvalue ( avp, &avp_val ) ); |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
803 CHECK_FCT( fd_msg_avp_add ( *diam, MSG_BRW_LAST_CHILD, avp) ); |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
804 |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
805 if (rr_str) { |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
806 CHECK_FCT( fd_msg_avp_new ( cache_route_record, 0, &avp ) ); |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
807 memset(&avp_val, 0, sizeof(avp_val)); |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
808 avp_val.os.data = (unsigned char *)rr_str; |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
809 avp_val.os.len = strlen(rr_str); |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
810 CHECK_FCT( fd_msg_avp_setvalue ( avp, &avp_val ) ); |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
811 CHECK_FCT( fd_msg_avp_add ( *diam, MSG_BRW_LAST_CHILD, avp) ); |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
812 } |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
813 |
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
814 /* Done! */ |
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
815 return 0; |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
816 } |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
817 |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
818 int rgw_clients_get_origin(struct rgw_client *cli, char **fqdn, char **realm) |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
819 { |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
820 TRACE_ENTRY("%p %p %p", cli, fqdn, realm); |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
821 CHECK_PARAMS(cli && fqdn); |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
822 |
500
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
823 if (cli->is_local) { |
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
824 *fqdn = fd_g_config->cnf_diamid; |
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
825 if (realm) |
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
826 *realm= fd_g_config->cnf_diamrlm; |
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
827 } else { |
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
828 *fqdn = cli->fqdn; |
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
829 if (realm) |
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
830 *realm= cli->realm; |
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
831 } |
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
832 |
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
833 return 0; |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
834 } |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
835 |
271
411314907b43
Added translation of Accounting messages
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
261
diff
changeset
|
836 char * rgw_clients_id(struct rgw_client *cli) |
411314907b43
Added translation of Accounting messages
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
261
diff
changeset
|
837 { |
500
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
838 return cli->is_local ? "(local)" : cli->fqdn; |
271
411314907b43
Added translation of Accounting messages
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
261
diff
changeset
|
839 } |
411314907b43
Added translation of Accounting messages
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
261
diff
changeset
|
840 |
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
841 |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
842 void rgw_clients_dispose(struct rgw_client ** ref) |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
843 { |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
844 TRACE_ENTRY("%p", ref); |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
845 CHECK_PARAMS_DO(ref, return); |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
846 |
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
847 CHECK_POSIX_DO( pthread_rwlock_wrlock(&cli_rwl), ); |
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
848 client_unlink(*ref); |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
849 *ref = NULL; |
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
850 CHECK_POSIX_DO( pthread_rwlock_unlock(&cli_rwl), ); |
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
851 } |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
852 |
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
853 int rgw_clients_add( struct sockaddr * ip_port, unsigned char ** key, size_t keylen, enum rgw_cli_type type ) |
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
854 { |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
855 struct rgw_client * prev = NULL, *new = NULL; |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
856 int ret; |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
857 |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
858 TRACE_ENTRY("%p %p %lu", ip_port, key, keylen); |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
859 |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
860 CHECK_PARAMS( ip_port && key && *key && keylen ); |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
861 CHECK_PARAMS( (ip_port->sa_family == AF_INET) || (ip_port->sa_family == AF_INET6) ); |
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
862 CHECK_PARAMS( (type == RGW_CLI_NAS) || (type == RGW_CLI_PXY) ); |
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
863 |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
864 /* Dump the entry in debug mode */ |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
865 if (TRACE_BOOL(FULL + 1 )) { |
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
866 TRACE_DEBUG(FULL, "Adding %s:", (type == RGW_CLI_NAS) ? "NAS" : "PROXY" ); |
260 | 867 TRACE_DEBUG_sSA(FULL, "\tIP : ", ip_port, NI_NUMERICHOST | NI_NUMERICSERV, "" ); |
868 TRACE_DEBUG_BUFFER(FULL, "\tKey: [", *key, keylen, "]" ); | |
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
869 } |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
870 |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
871 /* Lock the lists */ |
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
872 CHECK_POSIX( pthread_rwlock_wrlock(&cli_rwl) ); |
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
873 |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
874 /* Check if the same entry does not already exist */ |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
875 ret = client_search(&prev, ip_port ); |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
876 if (ret == ENOENT) { |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
877 /* No duplicate found, Ok to add */ |
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
878 CHECK_FCT_DO( ret = client_create( &new, &ip_port, key, keylen, type ), goto end ); |
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
879 fd_list_insert_after(&prev->chain, &new->chain); |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
880 new->refcount++; |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
881 ret = 0; |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
882 goto end; |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
883 } |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
884 |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
885 if (ret == EEXIST) { |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
886 /* Check if the key is the same, then skip or return an error */ |
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
887 if ((keylen == prev->key.len ) && ( ! memcmp(*key, prev->key.data, keylen) ) && (type == prev->type)) { |
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
888 TRACE_DEBUG(INFO, "Skipping duplicate client description"); |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
889 ret = 0; |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
890 goto end; |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
891 } |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
892 |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
893 fd_log_debug("ERROR: Conflicting RADIUS clients descriptions!\n"); |
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
894 TRACE_DEBUG(NONE, "Previous entry: %s", (prev->type == RGW_CLI_NAS) ? "NAS" : "PROXY"); |
260 | 895 TRACE_DEBUG_sSA(NONE, "\tIP : ", prev->sa, NI_NUMERICHOST | NI_NUMERICSERV, "" ); |
896 TRACE_DEBUG_BUFFER(NONE, "\tKey: [", prev->key.data, prev->key.len, "]" ); | |
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
897 TRACE_DEBUG(NONE, "Conflicting entry: %s", (type == RGW_CLI_NAS) ? "NAS" : "PROXY"); |
260 | 898 TRACE_DEBUG_sSA(NONE, "\tIP : ", ip_port, NI_NUMERICHOST | NI_NUMERICSERV, "" ); |
899 TRACE_DEBUG_BUFFER(NONE, "\tKey: [", *key, keylen, "]" ); | |
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
900 } |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
901 end: |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
902 /* release the lists */ |
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
903 CHECK_POSIX( pthread_rwlock_unlock(&cli_rwl) ); |
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
904 |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
905 return ret; |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
906 } |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
907 |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
908 static void dump_cli_list(struct fd_list *senti) |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
909 { |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
910 struct rgw_client * client = NULL; |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
911 struct fd_list *ref = NULL; |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
912 |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
913 for (ref = senti->next; ref != senti; ref = ref->next) { |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
914 client = (struct rgw_client *)ref; |
521
b793d43e4686
Fix compilation problem
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
520
diff
changeset
|
915 TRACE_DEBUG_sSA(NONE, " - ", client->sa, NI_NUMERICHOST | NI_NUMERICSERV, (client->type == RGW_CLI_NAS) ? "" : " [PROXY]" ); |
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
916 } |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
917 } |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
918 |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
919 void rgw_clients_dump(void) |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
920 { |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
921 if ( ! TRACE_BOOL(FULL) ) |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
922 return; |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
923 |
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
924 CHECK_POSIX_DO( pthread_rwlock_rdlock(&cli_rwl), /* ignore error */ ); |
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
925 |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
926 if (!FD_IS_LIST_EMPTY(&cli_ip)) |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
927 fd_log_debug(" RADIUS IP clients list:\n"); |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
928 dump_cli_list(&cli_ip); |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
929 |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
930 if (!FD_IS_LIST_EMPTY(&cli_ip6)) |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
931 fd_log_debug(" RADIUS IPv6 clients list:\n"); |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
932 dump_cli_list(&cli_ip6); |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
933 |
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
934 CHECK_POSIX_DO( pthread_rwlock_unlock(&cli_rwl), /* ignore error */ ); |
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
935 } |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
936 |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
937 void rgw_clients_fini(void) |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
938 { |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
939 struct fd_list * client; |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
940 |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
941 TRACE_ENTRY(); |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
942 |
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
943 CHECK_POSIX_DO( pthread_rwlock_wrlock(&cli_rwl), /* ignore error */ ); |
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
944 |
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
945 CHECK_FCT_DO( fd_thr_term(&dbt_expire), /* continue */ ); |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
946 |
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
947 /* empty the lists */ |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
948 while ( ! FD_IS_LIST_EMPTY(&cli_ip) ) { |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
949 client = cli_ip.next; |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
950 fd_list_unlink(client); |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
951 client_unlink((struct rgw_client *)client); |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
952 } |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
953 while (! FD_IS_LIST_EMPTY(&cli_ip6)) { |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
954 client = cli_ip6.next; |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
955 fd_list_unlink(client); |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
956 client_unlink((struct rgw_client *)client); |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
957 } |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
958 |
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
959 CHECK_POSIX_DO( pthread_rwlock_unlock(&cli_rwl), /* ignore error */ ); |
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
960 |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
961 } |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
962 |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
963 int rgw_client_finish_send(struct radius_msg ** msg, struct rgw_radius_msg_meta * req, struct rgw_client * cli) |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
964 { |
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
965 int p; |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
966 struct fd_list * li; |
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
967 |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
968 TRACE_ENTRY("%p %p %p", msg, req, cli); |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
969 CHECK_PARAMS( msg && *msg && cli ); |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
970 |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
971 if (!req) { |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
972 /* We don't support this case yet */ |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
973 ASSERT(0); |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
974 return ENOTSUP; |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
975 } |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
976 |
539
6994e9a3c528
The previous commit provoked an Accounting-Response with empty authenticator... Should be fixed now.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
538
diff
changeset
|
977 if (radius_msg_finish_srv(*msg, cli->key.data, cli->key.len, req->radius.hdr->authenticator)) { |
6994e9a3c528
The previous commit provoked an Accounting-Response with empty authenticator... Should be fixed now.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
538
diff
changeset
|
978 TRACE_DEBUG(INFO, "An error occurred while preparing the RADIUS answer"); |
6994e9a3c528
The previous commit provoked an Accounting-Response with empty authenticator... Should be fixed now.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
538
diff
changeset
|
979 radius_msg_free(*msg); |
6994e9a3c528
The previous commit provoked an Accounting-Response with empty authenticator... Should be fixed now.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
538
diff
changeset
|
980 free(*msg); |
6994e9a3c528
The previous commit provoked an Accounting-Response with empty authenticator... Should be fixed now.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
538
diff
changeset
|
981 *msg = NULL; |
6994e9a3c528
The previous commit provoked an Accounting-Response with empty authenticator... Should be fixed now.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
538
diff
changeset
|
982 return EINVAL; |
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
983 } |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
984 |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
985 /* Debug */ |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
986 TRACE_DEBUG(FULL, "RADIUS message ready for sending:"); |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
987 rgw_msg_dump((struct rgw_radius_msg_meta *)*msg); |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
988 |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
989 /* Send the message */ |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
990 CHECK_FCT( rgw_servers_send(req->serv_type, (*msg)->buf, (*msg)->buf_used, cli->sa, req->port) ); |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
991 |
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
992 /* update the duplicate cache */ |
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
993 if (req->serv_type == RGW_PLG_TYPE_AUTH) |
530
825a2992e3b9
Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
521
diff
changeset
|
994 p = 0; |
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
995 else |
530
825a2992e3b9
Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
521
diff
changeset
|
996 p = 1; |
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
997 |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
998 CHECK_POSIX( pthread_mutex_lock( &cli->dupl_info[p].dupl_lock ) ); |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
999 |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1000 /* Search this message in our list */ |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1001 for (li = cli->dupl_info[p].dupl_by_id.next; li != &cli->dupl_info[p].dupl_by_id; li = li->next) { |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1002 int cmp = 0; |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1003 struct req_info * r = (struct req_info *)(li->o); |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1004 if (r->id < req->radius.hdr->identifier) |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1005 continue; |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1006 if (r->id > req->radius.hdr->identifier) |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1007 break; |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1008 if (r->port < req->port) |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1009 continue; |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1010 if (r->port > req->port) |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1011 break; |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1012 cmp = memcmp(&r->auth[0], &req->radius.hdr->authenticator[0], 16); |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1013 if (cmp < 0) |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1014 continue; |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1015 if (cmp > 0); |
530
825a2992e3b9
Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
521
diff
changeset
|
1016 break; |
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1017 |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1018 /* We have the request in our duplicate cache */ |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1019 /* This should not happen, but just in case... */ |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1020 if (r->ans) { |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1021 radius_msg_free(r->ans); |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1022 free(r->ans); |
530
825a2992e3b9
Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
521
diff
changeset
|
1023 } |
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1024 |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1025 /* Now save the message */ |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1026 r->ans = *msg; |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1027 *msg = NULL; |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1028 |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1029 /* Update the timestamp */ |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1030 { |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1031 time_t now = time(NULL); |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1032 TRACE_DEBUG(FULL, "Sent RADIUS answer %d seconds after the request was received.", now - r->received); |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1033 r->received = now; |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1034 fd_list_unlink(&r->by_time); /* Move as last entry, since it is the most recent */ |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1035 fd_list_insert_before(&cli->dupl_info[p].dupl_by_time, &r->by_time); |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1036 } |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1037 break; |
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
1038 } |
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1039 |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1040 CHECK_POSIX( pthread_mutex_unlock( &cli->dupl_info[p].dupl_lock ) ); |
530
825a2992e3b9
Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
521
diff
changeset
|
1041 |
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1042 /* If we have not found the request in our list, the purge time is probably too small */ |
530
825a2992e3b9
Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
521
diff
changeset
|
1043 if (*msg) { |
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1044 TODO("Augment the purge time..."); |
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1045 /* If we receive the duplicate request again, it will be converted to Diameter... */ |
530
825a2992e3b9
Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
521
diff
changeset
|
1046 radius_msg_free(*msg); |
825a2992e3b9
Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
521
diff
changeset
|
1047 free(*msg); |
825a2992e3b9
Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
521
diff
changeset
|
1048 *msg = NULL; |
825a2992e3b9
Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
521
diff
changeset
|
1049 } |
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
1050 |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
1051 /* Finished */ |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
1052 return 0; |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
1053 } |
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
1054 |