Mercurial > hg > freeDiameter
annotate extensions/app_radgw/rgw_clients.c @ 1554:566bb46cc73f
Updated copyright information
| author | Sebastien Decugis <sdecugis@freediameter.net> |
|---|---|
| date | Tue, 06 Oct 2020 21:34:53 +0800 |
| parents | 915450ee91c7 |
| children |
| rev | line source |
|---|---|
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
1 /********************************************************************************************************* |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
2 * Software License Agreement (BSD License) * |
|
740
4a9f08d6b6ba
Updated my mail address
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
738
diff
changeset
|
3 * Author: Sebastien Decugis <sdecugis@freediameter.net> * |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
4 * * |
|
1554
566bb46cc73f
Updated copyright information
Sebastien Decugis <sdecugis@freediameter.net>
parents:
1442
diff
changeset
|
5 * Copyright (c) 2020, WIDE Project and NICT * |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
6 * All rights reserved. * |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
7 * * |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
8 * Redistribution and use of this software in source and binary forms, with or without modification, are * |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
9 * permitted provided that the following conditions are met: * |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
10 * * |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
11 * * Redistributions of source code must retain the above * |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
12 * copyright notice, this list of conditions and the * |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
13 * following disclaimer. * |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
14 * * |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
15 * * Redistributions in binary form must reproduce the above * |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
16 * copyright notice, this list of conditions and the * |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
17 * following disclaimer in the documentation and/or other * |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
18 * materials provided with the distribution. * |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
19 * * |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
20 * * Neither the name of the WIDE Project or NICT nor the * |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
21 * names of its contributors may be used to endorse or * |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
22 * promote products derived from this software without * |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
23 * specific prior written permission of WIDE Project and * |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
24 * NICT. * |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
25 * * |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
26 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED * |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
27 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A * |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
28 * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR * |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
29 * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT * |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
30 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
31 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR * |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
32 * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF * |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
33 * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
34 *********************************************************************************************************/ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
35 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
36 /* Manage the list of RADIUS clients, along with their shared secrets. */ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
37 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
38 /* Probably some changes are needed to support RADIUS Proxies */ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
39 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
40 #include "rgw.h" |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
41 |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
42 #define REVERSE_DNS_SIZE_MAX 512 /* length of our buffer for reverse DNS */ |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
43 #define DUPLICATE_CHECK_LIFETIME 60 /* number of seconds that the received RADIUS records are kept for duplicate checking . TODO: make it configurable if needed */ |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
44 |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
45 /* Ordered lists of clients. The order relationship is a memcmp on the address zone. |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
46 For same addresses, the port is compared. |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
47 The same address cannot be added twice, once with a 0-port and once with another port value. |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
48 */ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
49 static struct fd_list cli_ip = FD_LIST_INITIALIZER(cli_ip); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
50 static struct fd_list cli_ip6 = FD_LIST_INITIALIZER(cli_ip6); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
51 |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
52 /* Lock to protect the previous lists. We use a rwlock because this list is mostly static, to allow parallel reading */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
53 static pthread_rwlock_t cli_rwl = PTHREAD_RWLOCK_INITIALIZER; |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
54 |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
55 /* Structure describing one received RADIUS message, for duplicate checks purpose. */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
56 struct req_info { |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
57 uint16_t port; /* UDP source port of the request */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
58 uint8_t id; /* The identifier in the request header */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
59 uint8_t auth[16]; /* Request authenticator, since some RADIUS clients do not implement the id mechanism properly. */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
60 struct radius_msg *ans; /* The replied answer if any, in case the previous answer got lost. */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
61 |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
62 int nbdup; /* Number of times this request was received as a duplicate */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
63 struct fd_list by_id; /* The list of requests ordered by their id, port, and auth */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
64 time_t received; /* When was the last duplicate received? */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
65 struct fd_list by_time; /* The list of requests ordered by the 'received' value . */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
66 }; |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
67 |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
68 static pthread_t dbt_expire = (pthread_t)NULL; /* The thread that will remove old requests information from all clients (one thread for all) */ |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
69 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
70 /* Structure describing one client */ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
71 struct rgw_client { |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
72 /* Link information in global list (cli_ip or cli_ip6) */ |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
73 struct fd_list chain; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
74 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
75 /* Reference count */ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
76 int refcount; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
77 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
78 /* The address and optional port (alloc'd during configuration file parsing). */ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
79 union { |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
80 struct sockaddr *sa; /* generic pointer */ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
81 struct sockaddr_in *sin; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
82 struct sockaddr_in6 *sin6; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
83 }; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
84 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
85 /* The FQDN, realm, and optional aliases */ |
|
500
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
86 int is_local; /* true if the RADIUS client runs on the same host -- we use Diameter Identity in that case */ |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
87 enum rgw_cli_type type; /* is it a proxy ? */ |
|
706
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
88 DiamId_t fqdn; /* malloc'd here */ |
|
442
02e3976b9163
Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
403
diff
changeset
|
89 size_t fqdn_len; |
|
706
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
90 DiamId_t realm; /* references another string, do not free */ |
|
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
91 size_t realm_len; |
|
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
92 struct { |
|
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
93 os0_t name; |
|
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
94 size_t len; |
|
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
95 } *aliases; /* Received aliases */ |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
96 size_t aliases_nb; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
97 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
98 /* The secret key data. */ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
99 struct { |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
100 unsigned char * data; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
101 size_t len; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
102 } key; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
103 |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
104 /* information of previous msg received, for duplicate checks. */ |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
105 struct { |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
106 pthread_mutex_t dupl_lock; /* The mutex protecting the following lists */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
107 struct fd_list dupl_by_id; /* The list of req_info structures ordered by their id, port, and auth */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
108 struct fd_list dupl_by_time; /* The list of req_info structures ordered by their time (approximative) */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
109 } dupl_info[2]; /*[0] for auth, [1] for acct. */ |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
110 }; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
111 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
112 |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
113 /* Create a new req_info structure and initialize its data from a RADIUS request message */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
114 static struct req_info * dupl_new_req_info(struct rgw_radius_msg_meta *msg) { |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
115 struct req_info * ret = NULL; |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
116 CHECK_MALLOC_DO( ret = malloc(sizeof(struct req_info)), return NULL ); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
117 memset(ret, 0, sizeof(struct req_info)); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
118 ret->port = msg->port; |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
119 ret->id = msg->radius.hdr->identifier; |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
120 memcpy(&ret->auth[0], &msg->radius.hdr->authenticator[0], 16); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
121 fd_list_init(&ret->by_id, ret); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
122 fd_list_init(&ret->by_time, ret); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
123 ret->received = time(NULL); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
124 return ret; |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
125 } |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
126 |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
127 /* Destroy a req_info structure, after it has been unlinked */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
128 static void dupl_free_req_info(struct req_info * r) { |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
129 CHECK_PARAMS_DO( r && FD_IS_LIST_EMPTY(&r->by_id) && FD_IS_LIST_EMPTY(&r->by_time), return ); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
130 if (r->ans) { |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
131 /* Free this RADIUS message */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
132 radius_msg_free(r->ans); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
133 free(r->ans); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
134 } |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
135 |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
136 /* Use r->nbdup for some purpose? */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
137 |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
138 free(r); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
139 } |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
140 |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
141 /* The core of the purge thread */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
142 static int dupl_purge_list(struct fd_list * clients) { |
|
545
b0f9b0e1b564
Fix invalid initialization
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
544
diff
changeset
|
143 |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
144 struct fd_list *li = NULL; |
|
545
b0f9b0e1b564
Fix invalid initialization
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
544
diff
changeset
|
145 |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
146 for (li = clients->next; li != clients; li = li->next) { |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
147 struct rgw_client * client = (struct rgw_client *)li; |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
148 int p; |
|
545
b0f9b0e1b564
Fix invalid initialization
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
544
diff
changeset
|
149 |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
150 for (p=0; p<=1; p++) { |
|
545
b0f9b0e1b564
Fix invalid initialization
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
544
diff
changeset
|
151 |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
152 /* Lock this list */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
153 time_t now; |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
154 CHECK_POSIX( pthread_mutex_lock(&client->dupl_info[p].dupl_lock) ); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
155 |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
156 now = time(NULL); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
157 |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
158 while (!FD_IS_LIST_EMPTY(&client->dupl_info[p].dupl_by_time)) { |
|
545
b0f9b0e1b564
Fix invalid initialization
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
544
diff
changeset
|
159 |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
160 /* Check the first item in the list */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
161 struct req_info * r = (struct req_info *)(client->dupl_info[p].dupl_by_time.next->o); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
162 |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
163 if (now - r->received > DUPLICATE_CHECK_LIFETIME) { |
|
546
0790fcf2fbfc
Add a trace in the purge thread
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
545
diff
changeset
|
164 |
|
1027
0117a7746b21
Fix a number of errors and warnings introduced/highlighted by recent commits
Sebastien Decugis <sdecugis@freediameter.net>
parents:
977
diff
changeset
|
165 TRACE_DEBUG(ANNOYING + 1, "Purging RADIUS request (id: %02hhx, port: %hu, dup #%d, age %ld secs)", r->id, ntohs(r->port), r->nbdup, (long)(now - r->received)); |
|
546
0790fcf2fbfc
Add a trace in the purge thread
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
545
diff
changeset
|
166 |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
167 /* Remove this record */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
168 fd_list_unlink(&r->by_time); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
169 fd_list_unlink(&r->by_id); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
170 dupl_free_req_info(r); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
171 } else { |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
172 /* We are done for this list */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
173 break; |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
174 } |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
175 } |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
176 |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
177 CHECK_POSIX( pthread_mutex_unlock(&client->dupl_info[p].dupl_lock) ); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
178 } |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
179 } |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
180 return 0; |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
181 } |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
182 |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
183 /* Thread that purges old RADIUS requests */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
184 static void * dupl_th(void * arg) { |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
185 /* Set the thread name */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
186 fd_log_threadname ( "app_radgw:duplicate_purge" ); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
187 |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
188 /* The thread will be canceled */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
189 while (1) { |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
190 |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
191 /* We don't use a cond var, we simply wake up every 5 seconds. If the size of the duplicate cache is critical, it might be changed */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
192 sleep(5); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
193 |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
194 /* When we wake up, we will check all clients duplicate lists one by one */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
195 CHECK_POSIX_DO( pthread_rwlock_rdlock(&cli_rwl), break ); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
196 |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
197 CHECK_FCT_DO( dupl_purge_list(&cli_ip), break ); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
198 CHECK_FCT_DO( dupl_purge_list(&cli_ip6), break ); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
199 |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
200 CHECK_POSIX_DO( pthread_rwlock_unlock(&cli_rwl), break ); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
201 |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
202 /* Loop */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
203 } |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
204 |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
205 /* If we reach this part, some fatal error was encountered */ |
|
1190
6a1042d8075b
Replace FDEV_TERMINATE events with calls to fd_core_shutdown to handle the core state properly
Sebastien Decugis <sdecugis@freediameter.net>
parents:
1127
diff
changeset
|
206 CHECK_FCT_DO(fd_core_shutdown(), ); |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
207 TRACE_DEBUG(FULL, "Thread terminated"); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
208 return NULL; |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
209 } |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
210 |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
211 |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
212 /* create a new rgw_client. the arguments are MOVED into the structure (to limit malloc & free calls). */ |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
213 static int client_create(struct rgw_client ** res, struct sockaddr ** ip_port, unsigned char ** key, size_t keylen, enum rgw_cli_type type ) |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
214 { |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
215 struct rgw_client *tmp = NULL; |
|
706
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
216 DiamId_t fqdn; |
|
717
571b3abaa5df
Support for Diameter Redirects through rt_redirect.fdx extension (EXPERIMENTAL)
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
706
diff
changeset
|
217 size_t fqdn_len = 0; |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
218 int ret, i; |
|
500
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
219 int loc = 0; |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
220 |
|
500
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
221 /* Check if the IP address is local */ |
|
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
222 if ( ( ((*ip_port)->sa_family == AF_INET ) && ( IN_IS_ADDR_LOOPBACK( &((struct sockaddr_in *)(*ip_port))->sin_addr ) ) ) |
|
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
223 ||( ((*ip_port)->sa_family == AF_INET6) && ( IN6_IS_ADDR_LOOPBACK( &((struct sockaddr_in6 *)(*ip_port))->sin6_addr) ) )) { |
|
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
224 /* The client is local */ |
|
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
225 loc = 1; |
|
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
226 } else { |
|
706
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
227 char buf[255]; |
|
500
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
228 |
|
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
229 /* Search FQDN for the client */ |
|
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
230 ret = getnameinfo( *ip_port, sizeof(struct sockaddr_storage), &buf[0], sizeof(buf), NULL, 0, 0 ); |
|
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
231 if (ret) { |
|
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
232 TRACE_DEBUG(INFO, "Unable to resolve peer name: %s", gai_strerror(ret)); |
|
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
233 return EINVAL; |
|
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
234 } |
|
706
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
235 fqdn = &buf[0]; |
|
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
236 CHECK_FCT_DO( ret = fd_os_validate_DiameterIdentity(&fqdn, &fqdn_len, 1), |
|
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
237 { |
|
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
238 TRACE_DEBUG(INFO, "Unable to use resolved peer name '%s' as DiameterIdentity: %s", buf, strerror(ret)); |
|
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
239 return ret; |
|
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
240 } ); |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
241 } |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
242 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
243 /* Create the new object */ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
244 CHECK_MALLOC( tmp = malloc(sizeof (struct rgw_client)) ); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
245 memset(tmp, 0, sizeof(struct rgw_client)); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
246 fd_list_init(&tmp->chain, NULL); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
247 |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
248 /* Initialize the duplicate list info */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
249 for (i=0; i<=1; i++) { |
|
545
b0f9b0e1b564
Fix invalid initialization
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
544
diff
changeset
|
250 CHECK_POSIX( pthread_mutex_init(&tmp->dupl_info[i].dupl_lock, NULL) ); |
|
b0f9b0e1b564
Fix invalid initialization
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
544
diff
changeset
|
251 fd_list_init(&tmp->dupl_info[i].dupl_by_id, NULL); |
|
b0f9b0e1b564
Fix invalid initialization
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
544
diff
changeset
|
252 fd_list_init(&tmp->dupl_info[i].dupl_by_time, NULL); |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
253 } |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
254 tmp->type = type; |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
255 |
|
500
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
256 if (loc) { |
|
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
257 tmp->is_local = 1; |
|
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
258 } else { |
|
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
259 /* Copy the fqdn */ |
|
706
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
260 tmp->fqdn = fqdn; |
|
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
261 tmp->fqdn_len = fqdn_len; |
|
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
262 |
|
500
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
263 /* Find an appropriate realm */ |
|
706
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
264 tmp->realm = strchr(fqdn, '.'); |
|
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
265 if (tmp->realm) { |
|
500
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
266 tmp->realm += 1; |
|
706
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
267 tmp->realm_len = tmp->fqdn_len - (tmp->realm - fqdn); |
|
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
268 } |
|
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
269 if ((!tmp->realm) || (*tmp->realm == '\0')) { /* in case the fqdn was "localhost." for example, if it is possible... */ |
|
500
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
270 tmp->realm = fd_g_config->cnf_diamrlm; |
|
706
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
271 tmp->realm_len = fd_g_config->cnf_diamrlm_len; |
|
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
272 } |
|
500
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
273 } |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
274 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
275 /* move the sa info reference */ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
276 tmp->sa = *ip_port; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
277 *ip_port = NULL; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
278 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
279 /* move the key material */ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
280 tmp->key.data = *key; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
281 tmp->key.len = keylen; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
282 *key = NULL; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
283 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
284 /* Done! */ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
285 *res = tmp; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
286 return 0; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
287 } |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
288 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
289 /* Decrease refcount on a client; the lock must be held when this function is called. */ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
290 static void client_unlink(struct rgw_client * client) |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
291 { |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
292 client->refcount -= 1; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
293 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
294 if (client->refcount <= 0) { |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
295 int idx; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
296 /* to be sure: the refcount should be 0 only when client_fini is called */ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
297 ASSERT( FD_IS_LIST_EMPTY(&client->chain) ); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
298 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
299 /* Free the data */ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
300 for (idx = 0; idx < client->aliases_nb; idx++) |
|
706
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
301 free(client->aliases[idx].name); |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
302 free(client->aliases); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
303 free(client->fqdn); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
304 free(client->sa); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
305 free(client->key.data); |
|
530
825a2992e3b9
Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
521
diff
changeset
|
306 |
|
825a2992e3b9
Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
521
diff
changeset
|
307 /* Free the duplicate info */ |
|
825a2992e3b9
Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
521
diff
changeset
|
308 for (idx=0; idx <= 1; idx++){ |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
309 CHECK_POSIX_DO( pthread_mutex_lock( &client->dupl_info[idx].dupl_lock ), /* continue */ ); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
310 |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
311 while (!FD_IS_LIST_EMPTY(&client->dupl_info[idx].dupl_by_id)) { |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
312 struct req_info * r = (struct req_info *)(client->dupl_info[idx].dupl_by_id.next->o); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
313 fd_list_unlink( &r->by_id ); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
314 fd_list_unlink( &r->by_time ); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
315 dupl_free_req_info(r); |
|
530
825a2992e3b9
Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
521
diff
changeset
|
316 } |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
317 |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
318 CHECK_POSIX_DO( pthread_mutex_unlock( &client->dupl_info[idx].dupl_lock ), /* continue */ ); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
319 |
|
530
825a2992e3b9
Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
521
diff
changeset
|
320 } |
|
825a2992e3b9
Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
521
diff
changeset
|
321 |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
322 free(client); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
323 } |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
324 } |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
325 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
326 |
|
500
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
327 /* Macro to avoid duplicating the code in the next function */ |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
328 #define client_search_family( _family_ ) \ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
329 case AF_INET##_family_: { \ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
330 struct sockaddr_in##_family_ * sin##_family_ = (struct sockaddr_in##_family_ *)ip_port; \ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
331 for (ref = cli_ip##_family_.next; ref != &cli_ip##_family_; ref = ref->next) { \ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
332 cmp = memcmp(&sin##_family_->sin##_family_##_addr, \ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
333 &((struct rgw_client *)ref)->sin##_family_->sin##_family_##_addr, \ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
334 sizeof(struct in##_family_##_addr)); \ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
335 if (cmp > 0) continue; /* search further in the list */ \ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
336 if (cmp < 0) break; /* this IP is not in the list */ \ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
337 /* Now compare the ports as follow: */ \ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
338 /* If the ip_port we are searching does not contain a port, just return the first match result */ \ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
339 if ( (sin##_family_->sin##_family_##_port == 0) \ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
340 /* If the entry in the list does not contain a port, return it as a match */ \ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
341 || (((struct rgw_client *)ref)->sin##_family_->sin##_family_##_port == 0) \ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
342 /* If both ports are equal, it is a match */ \ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
343 || (sin##_family_->sin##_family_##_port == \ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
344 ((struct rgw_client *)ref)->sin##_family_->sin##_family_##_port)) { \ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
345 *res = (struct rgw_client *)ref; \ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
346 return EEXIST; \ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
347 } \ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
348 /* Otherwise, the list is ordered by port value (byte order does not matter */ \ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
349 if (sin##_family_->sin##_family_##_port \ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
350 > ((struct rgw_client *)ref)->sin##_family_->sin##_family_##_port) continue; \ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
351 else break; \ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
352 } \ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
353 *res = (struct rgw_client *)(ref->prev); \ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
354 return ENOENT; \ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
355 } |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
356 /* Function to look for an existing rgw_client, or the previous element. |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
357 The cli_rwl must be held for reading (at least) when calling this function. |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
358 Returns ENOENT if the matching client does not exist, and res points to the previous element in the list. |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
359 Returns EEXIST if the matching client is found, and res points to this element. |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
360 Returns other error code on other error. */ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
361 static int client_search(struct rgw_client ** res, struct sockaddr * ip_port ) |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
362 { |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
363 int cmp; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
364 struct fd_list *ref = NULL; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
365 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
366 CHECK_PARAMS(res && ip_port); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
367 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
368 switch (ip_port->sa_family) { |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
369 client_search_family() |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
370 break; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
371 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
372 client_search_family( 6 ) |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
373 break; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
374 } |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
375 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
376 /* We're never supposed to reach this point */ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
377 ASSERT(0); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
378 return EINVAL; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
379 } |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
380 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
381 int rgw_clients_getkey(struct rgw_client * cli, unsigned char **key, size_t *key_len) |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
382 { |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
383 CHECK_PARAMS( cli && key && key_len ); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
384 *key = cli->key.data; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
385 *key_len = cli->key.len; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
386 return 0; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
387 } |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
388 |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
389 int rgw_clients_gettype(struct rgw_client * cli, enum rgw_cli_type *type) |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
390 { |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
391 CHECK_PARAMS( cli && type ); |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
392 *type = cli->type; |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
393 return 0; |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
394 } |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
395 |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
396 |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
397 int rgw_clients_search(struct sockaddr * ip_port, struct rgw_client ** ref) |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
398 { |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
399 int ret = 0; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
400 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
401 TRACE_ENTRY("%p %p", ip_port, ref); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
402 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
403 CHECK_PARAMS(ip_port && ref); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
404 |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
405 CHECK_POSIX( pthread_rwlock_rdlock(&cli_rwl) ); |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
406 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
407 ret = client_search(ref, ip_port); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
408 if (ret == EEXIST) { |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
409 (*ref)->refcount ++; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
410 ret = 0; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
411 } else { |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
412 *ref = NULL; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
413 } |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
414 |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
415 CHECK_POSIX( pthread_rwlock_unlock(&cli_rwl) ); |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
416 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
417 return ret; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
418 } |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
419 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
420 int rgw_clients_check_dup(struct rgw_radius_msg_meta **msg, struct rgw_client *cli) |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
421 { |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
422 int p, dup = 0; |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
423 struct fd_list * li; |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
424 struct req_info * r; |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
425 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
426 TRACE_ENTRY("%p %p", msg, cli); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
427 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
428 CHECK_PARAMS( msg && cli ); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
429 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
430 if ((*msg)->serv_type == RGW_PLG_TYPE_AUTH) |
|
530
825a2992e3b9
Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
521
diff
changeset
|
431 p = 0; |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
432 else |
|
530
825a2992e3b9
Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
521
diff
changeset
|
433 p = 1; |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
434 |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
435 CHECK_POSIX( pthread_mutex_lock( &cli->dupl_info[p].dupl_lock ) ); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
436 |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
437 /* Search if we have this message in our list */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
438 for (li = cli->dupl_info[p].dupl_by_id.next; li != &cli->dupl_info[p].dupl_by_id; li = li->next) { |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
439 int cmp = 0; |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
440 r = (struct req_info *)(li->o); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
441 if (r->id < (*msg)->radius.hdr->identifier) |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
442 continue; |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
443 if (r->id > (*msg)->radius.hdr->identifier) |
|
530
825a2992e3b9
Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
521
diff
changeset
|
444 break; |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
445 if (r->port < (*msg)->port) |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
446 continue; |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
447 if (r->port > (*msg)->port) |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
448 break; |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
449 cmp = memcmp(&r->auth[0], &(*msg)->radius.hdr->authenticator[0], 16); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
450 if (cmp < 0) |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
451 continue; |
|
547
77b575250103
Fix erroneous ; in the file
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
546
diff
changeset
|
452 if (cmp > 0) |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
453 break; |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
454 dup = 1; |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
455 break; |
|
530
825a2992e3b9
Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
521
diff
changeset
|
456 } |
|
825a2992e3b9
Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
521
diff
changeset
|
457 |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
458 if (dup) { |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
459 time_t now = time(NULL); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
460 r->nbdup += 1; |
|
1027
0117a7746b21
Fix a number of errors and warnings introduced/highlighted by recent commits
Sebastien Decugis <sdecugis@freediameter.net>
parents:
977
diff
changeset
|
461 TRACE_DEBUG(INFO, "Received duplicated RADIUS message (id: %02hhx, port: %hu, dup #%d, previously seen %ld secs ago).", |
|
0117a7746b21
Fix a number of errors and warnings introduced/highlighted by recent commits
Sebastien Decugis <sdecugis@freediameter.net>
parents:
977
diff
changeset
|
462 r->id, ntohs(r->port), r->nbdup, (long)(now - r->received)); |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
463 |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
464 if (r->ans) { |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
465 /* Resend the answer */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
466 CHECK_FCT_DO( rgw_servers_send((*msg)->serv_type, r->ans->buf, r->ans->buf_used, cli->sa, r->port), ); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
467 |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
468 /* Should we delete 'r' so that a further duplicate will again be converted to Diameter? */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
469 } |
|
530
825a2992e3b9
Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
521
diff
changeset
|
470 |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
471 /* Update the timestamp */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
472 r->received = now; |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
473 fd_list_unlink(&r->by_time); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
474 fd_list_insert_before(&cli->dupl_info[p].dupl_by_time, &r->by_time); /* Move as last entry, since it is the most recent */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
475 |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
476 /* Delete the request message */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
477 rgw_msg_free(msg); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
478 |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
479 } else { |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
480 /* The message was not a duplicate, we save it */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
481 /* li currently points the the next entry in list_by_id */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
482 CHECK_MALLOC_DO( r= dupl_new_req_info(*msg), { CHECK_POSIX_DO(pthread_mutex_unlock( &cli->dupl_info[p].dupl_lock ), ); return ENOMEM; } ); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
483 fd_list_insert_before(li, &r->by_id); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
484 fd_list_insert_before(&cli->dupl_info[p].dupl_by_time, &r->by_time); /* it is the most recent */ |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
485 } |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
486 |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
487 CHECK_POSIX( pthread_mutex_unlock( &cli->dupl_info[p].dupl_lock ) ); |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
488 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
489 return 0; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
490 } |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
491 |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
492 /* Check if the message has a valid authenticator, and update the meta-data accordingly */ |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
493 int rgw_clients_auth_check(struct rgw_radius_msg_meta * msg, struct rgw_client * cli, uint8_t * req_auth) |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
494 { |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
495 unsigned char * key; |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
496 size_t keylen; |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
497 int count; |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
498 |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
499 TRACE_ENTRY("%p %p %p", msg, cli, req_auth); |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
500 |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
501 CHECK_PARAMS(msg && cli); |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
502 |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
503 CHECK_FCT(rgw_clients_getkey(cli, &key, &keylen)); |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
504 |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
505 count = radius_msg_count_attr(&msg->radius, RADIUS_ATTR_MESSAGE_AUTHENTICATOR, 0); |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
506 if (count > 1) { |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
507 TRACE_DEBUG(INFO, "Too many Message-Authenticator attributes (%d), discarding message.", count); |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
508 return EINVAL; |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
509 } |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
510 if (count == 0) { |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
511 TRACE_DEBUG(FULL, "Message does not contain a Message-Authenticator attributes."); |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
512 msg->valid_mac = 0; |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
513 } else { |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
514 if (radius_msg_verify_msg_auth( &msg->radius, key, keylen, req_auth )) { |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
515 TRACE_DEBUG(INFO, "Invalid Message-Authenticator received, discarding message."); |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
516 return EINVAL; |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
517 } |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
518 msg->valid_mac = 1; |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
519 } |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
520 |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
521 return 0; |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
522 } |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
523 |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
524 static struct dict_object * cache_orig_host = NULL; |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
525 static struct dict_object * cache_orig_realm = NULL; |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
526 static struct dict_object * cache_route_record = NULL; |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
527 |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
528 int rgw_clients_init(void) |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
529 { |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
530 TRACE_ENTRY(); |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
531 CHECK_FCT( fd_dict_search(fd_g_config->cnf_dict, DICT_AVP, AVP_BY_NAME, "Origin-Host", &cache_orig_host, ENOENT) ); |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
532 CHECK_FCT( fd_dict_search(fd_g_config->cnf_dict, DICT_AVP, AVP_BY_NAME, "Origin-Realm", &cache_orig_realm, ENOENT) ); |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
533 CHECK_FCT( fd_dict_search(fd_g_config->cnf_dict, DICT_AVP, AVP_BY_NAME, "Route-Record", &cache_route_record, ENOENT) ); |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
534 |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
535 /* Create the thread that will purge old RADIUS duplicates */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
536 CHECK_POSIX( pthread_create( &dbt_expire, NULL, dupl_th, NULL) ); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
537 |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
538 return 0; |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
539 } |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
540 |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
541 |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
542 /* The following function checks if a RADIUS message contains a valid NAS identifier, and initializes an empty Diameter |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
543 message with the appropriate routing information */ |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
544 /* Check that the NAS-IP-Adress or NAS-Identifier is coherent with the IP the packet was received from */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
545 /* Also update the client list of aliases if needed */ |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
546 int rgw_clients_create_origin(struct rgw_radius_msg_meta *msg, struct rgw_client * cli, struct msg ** diam) |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
547 { |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
548 int idx; |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
549 int valid_nas_info = 0; |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
550 struct radius_attr_hdr *nas_ip = NULL, *nas_ip6 = NULL, *nas_id = NULL; |
| 1405 | 551 size_t nas_id_len = 0; |
|
717
571b3abaa5df
Support for Diameter Redirects through rt_redirect.fdx extension (EXPERIMENTAL)
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
706
diff
changeset
|
552 char * oh_str = NULL; size_t oh_strlen = 0; int oh_free = 0; |
|
571b3abaa5df
Support for Diameter Redirects through rt_redirect.fdx extension (EXPERIMENTAL)
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
706
diff
changeset
|
553 char * or_str = NULL; size_t or_strlen = 0; |
|
571b3abaa5df
Support for Diameter Redirects through rt_redirect.fdx extension (EXPERIMENTAL)
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
706
diff
changeset
|
554 char * rr_str = NULL; size_t rr_strlen = 0; |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
555 char buf[REVERSE_DNS_SIZE_MAX]; /* to store DNS lookups results */ |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
556 |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
557 struct avp *avp = NULL; |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
558 union avp_value avp_val; |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
559 |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
560 TRACE_ENTRY("%p %p %p", msg, cli, diam); |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
561 CHECK_PARAMS(msg && cli && diam && (*diam == NULL)); |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
562 |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
563 /* Find the relevant attributes, if any */ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
564 for (idx = 0; idx < msg->radius.attr_used; idx++) { |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
565 struct radius_attr_hdr * attr = (struct radius_attr_hdr *)(msg->radius.buf + msg->radius.attr_pos[idx]); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
566 size_t attr_len = attr->length - sizeof(struct radius_attr_hdr); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
567 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
568 if ((attr->type == RADIUS_ATTR_NAS_IP_ADDRESS) && (attr_len = 4)) { |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
569 nas_ip = attr; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
570 continue; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
571 } |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
572 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
573 if ((attr->type == RADIUS_ATTR_NAS_IDENTIFIER) && (attr_len > 0)) { |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
574 nas_id = attr; |
|
706
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
575 nas_id_len = attr_len; |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
576 continue; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
577 } |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
578 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
579 if ((attr->type == RADIUS_ATTR_NAS_IPV6_ADDRESS) && (attr_len = 16)) { |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
580 nas_ip6 = attr; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
581 continue; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
582 } |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
583 } |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
584 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
585 if (!nas_ip && !nas_ip6 && !nas_id) { |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
586 TRACE_DEBUG(FULL, "The message does not contain any NAS identification attribute."); |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
587 |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
588 /* Get information on this peer */ |
|
706
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
589 CHECK_FCT( rgw_clients_get_origin(cli, &oh_str, &oh_strlen, &or_str, &or_strlen) ); |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
590 |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
591 goto diameter; |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
592 } |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
593 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
594 /* Check if the message was received from the IP in NAS-IP-Address attribute */ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
595 if (nas_ip && (cli->sa->sa_family == AF_INET) && !memcmp(nas_ip+1, &cli->sin->sin_addr, sizeof(struct in_addr))) { |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
596 TRACE_DEBUG(FULL, "NAS-IP-Address contains the same address as the message was received from."); |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
597 valid_nas_info |= 1; |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
598 } |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
599 if (nas_ip6 && (cli->sa->sa_family == AF_INET6) && !memcmp(nas_ip6+1, &cli->sin6->sin6_addr, sizeof(struct in6_addr))) { |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
600 TRACE_DEBUG(FULL, "NAS-IPv6-Address contains the same address as the message was received from."); |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
601 valid_nas_info |= 2; |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
602 } |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
603 |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
604 |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
605 /* |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
606 In RADIUS it would be possible for a rogue NAS to forge the NAS-IP- |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
607 Address attribute value. Diameter/RADIUS translation agents MUST |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
608 check a received NAS-IP-Address or NAS-IPv6-Address attribute against |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
609 the source address of the RADIUS packet. If they do not match and |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
610 the Diameter/RADIUS translation agent does not know whether the |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
611 packet was sent by a RADIUS proxy or NAS (e.g., no Proxy-State |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
612 attribute), then by default it is assumed that the source address |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
613 corresponds to a RADIUS proxy, and that the NAS Address is behind |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
614 that proxy, potentially with some additional RADIUS proxies in |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
615 between. The Diameter/RADIUS translation agent MUST insert entries |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
616 in the Route-Record AVP corresponding to the apparent route. This |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
617 implies doing a reverse lookup on the source address and NAS-IP- |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
618 Address or NAS-IPv6-Address attributes to determine the corresponding |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
619 FQDNs. |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
620 |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
621 If the source address and the NAS-IP-Address or NAS-IPv6-Address do |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
622 not match, and the Diameter/RADIUS translation agent knows that it is |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
623 talking directly to the NAS (e.g., there are no RADIUS proxies |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
624 between it and the NAS), then the error should be logged, and the |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
625 packet MUST be discarded. |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
626 |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
627 Diameter agents and servers MUST check whether the NAS-IP-Address AVP |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
628 corresponds to an entry in the Route-Record AVP. This is done by |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
629 doing a reverse lookup (PTR RR) for the NAS-IP-Address to retrieve |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
630 the corresponding FQDN, and by checking for a match with the Route- |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
631 Record AVP. If no match is found, then an error is logged, but no |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
632 other action is taken. |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
633 */ |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
634 if (nas_ip || nas_ip6) { |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
635 if (!valid_nas_info) { |
|
520
9b5422e5385c
Better handle localhost RADIUS clients
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
519
diff
changeset
|
636 if ((!cli->is_local) && (cli->type == RGW_CLI_NAS)) { |
|
977
b28d3c623096
Remove more newlines and fix function name.
Thomas Klausner <tk@giga.or.at>
parents:
974
diff
changeset
|
637 TRACE_DEBUG(INFO, "Message received with a NAS-IP-Address or NAS-IPv6-Address different from the sender's. Please configure as Proxy if this is expected. Message discarded."); |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
638 return EINVAL; |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
639 } else { |
|
706
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
640 int ret; |
|
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
641 sSS ss; |
|
520
9b5422e5385c
Better handle localhost RADIUS clients
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
519
diff
changeset
|
642 /* the peer is configured as a proxy, or running on localhost, so accept the message */ |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
643 |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
644 /* In that case, the cli will be stored as Route-Record and the NAS-IP-Address as origin */ |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
645 if (!cli->is_local) { |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
646 rr_str = cli->fqdn; |
|
706
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
647 rr_strlen = cli->fqdn_len; |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
648 } |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
649 |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
650 /* We must DNS-reverse the NAS-IP*-Address */ |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
651 memset(&ss, 0 , sizeof(sSS)); |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
652 if (nas_ip) { |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
653 sSA4 * sin = (sSA4 *)&ss; |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
654 sin->sin_family = AF_INET; |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
655 memcpy(&sin->sin_addr, nas_ip + 1, sizeof(struct in_addr)); |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
656 } else { |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
657 sSA6 * sin6 = (sSA6 *)&ss; |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
658 sin6->sin6_family = AF_INET6; |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
659 memcpy(&sin6->sin6_addr, nas_ip6 + 1, sizeof(struct in6_addr)); |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
660 } |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
661 CHECK_SYS_DO( getnameinfo( (sSA *)&ss, sSAlen(&ss), &buf[0], sizeof(buf), NULL, 0, NI_NAMEREQD), |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
662 { |
|
520
9b5422e5385c
Better handle localhost RADIUS clients
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
519
diff
changeset
|
663 if (cli->is_local) { |
|
706
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
664 CHECK_FCT( rgw_clients_get_origin(cli, &oh_str, &oh_strlen, &or_str, &or_strlen) ); |
|
520
9b5422e5385c
Better handle localhost RADIUS clients
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
519
diff
changeset
|
665 goto diameter; |
|
9b5422e5385c
Better handle localhost RADIUS clients
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
519
diff
changeset
|
666 } |
|
9b5422e5385c
Better handle localhost RADIUS clients
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
519
diff
changeset
|
667 |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
668 TRACE_DEBUG(INFO, "The NAS-IP*-Address cannot be DNS reversed in order to create the Origin-Host AVP; rejecting the message (translation is impossible)."); |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
669 return EINVAL; |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
670 } ); |
|
706
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
671 |
|
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
672 oh_str = &buf[0]; |
|
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
673 CHECK_FCT_DO( ret = fd_os_validate_DiameterIdentity(&oh_str, &oh_strlen, 1), |
|
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
674 { |
|
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
675 if (cli->is_local) { |
|
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
676 CHECK_FCT( rgw_clients_get_origin(cli, &oh_str, &oh_strlen, &or_str, &or_strlen) ); |
|
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
677 goto diameter; |
|
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
678 } |
|
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
679 |
|
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
680 TRACE_DEBUG(INFO, "Unable to use resolved client name '%s' as DiameterIdentity: %s", buf, strerror(ret)); |
|
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
681 return ret; |
|
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
682 } ); |
|
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
683 oh_free = 1; |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
684 |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
685 or_str = strchr(oh_str, '.'); |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
686 if (or_str) { |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
687 or_str ++; /* move after the first dot */ |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
688 if (*or_str == '\0') |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
689 or_str = NULL; /* Discard this realm, we will use the local realm later */ |
|
706
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
690 else |
|
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
691 or_strlen = oh_strlen - (or_str - oh_str); |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
692 } |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
693 } |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
694 } else { |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
695 /* The attribute matches the source address, just use this in origin-host */ |
|
706
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
696 CHECK_FCT( rgw_clients_get_origin(cli, &oh_str, &oh_strlen, &or_str, &or_strlen) ); |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
697 } |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
698 |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
699 goto diameter; /* we ignore the nas_id in that case */ |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
700 } |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
701 |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
702 /* We don't have a NAS-IP*-Address attribute if we are here */ |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
703 if (cli->is_local) { |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
704 /* Simple: we use our own configuration */ |
|
706
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
705 CHECK_FCT( rgw_clients_get_origin(cli, &oh_str, &oh_strlen, &or_str, &or_strlen) ); |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
706 goto diameter; |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
707 } |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
708 |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
709 /* At this point, we only have nas_id, and the client is not local */ |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
710 ASSERT(nas_id); |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
711 |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
712 { |
|
1417
0918e88f7c33
fix warnings detected by Apple clang 11.0.0
Luke Mewburn <luke@mewburn.net>
parents:
1405
diff
changeset
|
713 int found = 0, ret; |
|
442
02e3976b9163
Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
403
diff
changeset
|
714 struct addrinfo hint, *res, *ptr; |
|
02e3976b9163
Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
403
diff
changeset
|
715 |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
716 /* |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
717 In RADIUS it would be possible for a rogue NAS to forge the NAS- |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
718 Identifier attribute. Diameter/RADIUS translation agents SHOULD |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
719 attempt to check a received NAS-Identifier attribute against the |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
720 source address of the RADIUS packet, by doing an A/AAAA RR query. If |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
721 the NAS-Identifier attribute contains an FQDN, then such a query |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
722 would resolve to an IP address matching the source address. However, |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
723 the NAS-Identifier attribute is not required to contain an FQDN, so |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
724 such a query could fail. If it fails, an error should be logged, but |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
725 no action should be taken, other than a reverse lookup on the source |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
726 address and insert the resulting FQDN into the Route-Record AVP. |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
727 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
728 Diameter agents and servers SHOULD check whether a NAS-Identifier AVP |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
729 corresponds to an entry in the Route-Record AVP. If no match is |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
730 found, then an error is logged, but no other action is taken. |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
731 */ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
732 |
|
442
02e3976b9163
Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
403
diff
changeset
|
733 /* first, check if the nas_id is the fqdn of the peer or a known alias */ |
|
738
d666051658bd
Fix broken 'almostcasecmp' logic
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
718
diff
changeset
|
734 if (!fd_os_almostcasesrch(nas_id + 1, nas_id_len, |
|
d666051658bd
Fix broken 'almostcasecmp' logic
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
718
diff
changeset
|
735 cli->fqdn, cli->fqdn_len, NULL)) { |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
736 TRACE_DEBUG(FULL, "NAS-Identifier contains the fqdn of the client"); |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
737 found = 1; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
738 } else { |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
739 for (idx = 0; idx < cli->aliases_nb; idx++) { |
|
706
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
740 if (!fd_os_cmp(nas_id + 1, nas_id_len, |
|
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
741 cli->aliases[idx].name, cli->aliases[idx].len)) { |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
742 TRACE_DEBUG(FULL, "NAS-Identifier valid value found in the cache"); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
743 found = 1; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
744 break; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
745 } |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
746 } |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
747 } |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
748 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
749 if (found) { |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
750 /* The NAS-Identifier matches the source IP */ |
|
706
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
751 CHECK_FCT( rgw_clients_get_origin(cli, &oh_str, &oh_strlen, &or_str, &or_strlen) ); |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
752 |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
753 goto diameter; |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
754 } |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
755 |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
756 /* Attempt DNS resolution of the identifier */ |
|
706
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
757 ASSERT( nas_id_len < sizeof(buf) ); |
|
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
758 memcpy(buf, nas_id + 1, nas_id_len); |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
759 buf[nas_id->length - sizeof(struct radius_attr_hdr)] = '\0'; |
|
442
02e3976b9163
Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
403
diff
changeset
|
760 |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
761 /* Now check if this alias is valid for this peer */ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
762 memset(&hint, 0, sizeof(hint)); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
763 hint.ai_flags = AI_CANONNAME; |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
764 ret = getaddrinfo(buf, NULL, &hint, &res); |
|
442
02e3976b9163
Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
403
diff
changeset
|
765 if (ret == 0) { |
|
1442
915450ee91c7
fix gcc 9.1.1 compile warnings
Luke Mewburn <luke@mewburn.net>
parents:
1417
diff
changeset
|
766 snprintf(buf, sizeof(buf), "%s", res->ai_canonname); |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
767 /* The name was resolved correctly, does it match the IP of the client? */ |
|
442
02e3976b9163
Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
403
diff
changeset
|
768 for (ptr = res; ptr != NULL; ptr = ptr->ai_next) { |
|
02e3976b9163
Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
403
diff
changeset
|
769 if (cli->sa->sa_family != ptr->ai_family) |
|
02e3976b9163
Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
403
diff
changeset
|
770 continue; |
|
02e3976b9163
Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
403
diff
changeset
|
771 if (memcmp(cli->sa, ptr->ai_addr, sSAlen(cli->sa))) |
|
02e3976b9163
Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
403
diff
changeset
|
772 continue; |
|
02e3976b9163
Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
403
diff
changeset
|
773 |
|
02e3976b9163
Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
403
diff
changeset
|
774 found = 1; |
|
02e3976b9163
Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
403
diff
changeset
|
775 break; |
|
02e3976b9163
Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
403
diff
changeset
|
776 } |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
777 freeaddrinfo(res); |
|
442
02e3976b9163
Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
403
diff
changeset
|
778 |
|
02e3976b9163
Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
403
diff
changeset
|
779 if (!found) { |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
780 if (cli->type == RGW_CLI_NAS) { |
|
977
b28d3c623096
Remove more newlines and fix function name.
Thomas Klausner <tk@giga.or.at>
parents:
974
diff
changeset
|
781 TRACE_DEBUG(INFO, "The NAS-Identifier value '%.*s' resolves to a different IP than the client's, discarding the message. Configure this client as a Proxy if this message should be valid.", |
|
1027
0117a7746b21
Fix a number of errors and warnings introduced/highlighted by recent commits
Sebastien Decugis <sdecugis@freediameter.net>
parents:
977
diff
changeset
|
782 (int)nas_id_len, (char *)(nas_id + 1)); |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
783 return EINVAL; |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
784 } else { |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
785 /* This identifier matches a different IP, assume it is a proxied message */ |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
786 if (!cli->is_local) { |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
787 rr_str = cli->fqdn; |
|
706
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
788 rr_strlen = cli->fqdn_len; |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
789 } |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
790 oh_str = &buf[0]; /* The canonname resolved */ |
|
717
571b3abaa5df
Support for Diameter Redirects through rt_redirect.fdx extension (EXPERIMENTAL)
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
706
diff
changeset
|
791 oh_strlen = 0; |
|
706
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
792 CHECK_FCT_DO( ret = fd_os_validate_DiameterIdentity(&oh_str, &oh_strlen, 1), |
|
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
793 { |
|
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
794 TRACE_DEBUG(INFO, "Unable to use resolved client name '%s' as DiameterIdentity: %s", buf, strerror(ret)); |
|
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
795 return ret; |
|
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
796 } ); |
|
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
797 oh_free = 1; |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
798 or_str = strchr(oh_str, '.'); |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
799 if (or_str) { |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
800 or_str ++; /* move after the first dot */ |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
801 if (*or_str == '\0') |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
802 or_str = NULL; /* Discard this realm, we will use the local realm later */ |
|
706
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
803 else |
|
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
804 or_strlen = oh_strlen - (or_str - oh_str); |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
805 } |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
806 } |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
807 } else { |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
808 /* It is a valid alias, save it */ |
|
706
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
809 CHECK_MALLOC( cli->aliases = realloc(cli->aliases, (cli->aliases_nb + 1) * sizeof(cli->aliases[0])) ); |
|
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
810 |
|
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
811 CHECK_MALLOC( cli->aliases[cli->aliases_nb + 1].name = os0dup(nas_id + 1, nas_id_len ) ); |
|
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
812 cli->aliases[cli->aliases_nb + 1].len = nas_id_len; |
|
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
813 |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
814 cli->aliases_nb ++; |
|
1027
0117a7746b21
Fix a number of errors and warnings introduced/highlighted by recent commits
Sebastien Decugis <sdecugis@freediameter.net>
parents:
977
diff
changeset
|
815 TRACE_DEBUG(FULL, "Saved valid alias for client: '%.*s' -> '%s'", (int)nas_id_len, (char *)(nas_id + 1), cli->fqdn); |
|
706
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
816 CHECK_FCT( rgw_clients_get_origin(cli, &oh_str, &oh_strlen, &or_str, &or_strlen) ); |
|
442
02e3976b9163
Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
403
diff
changeset
|
817 } |
|
02e3976b9163
Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
403
diff
changeset
|
818 } else { |
|
02e3976b9163
Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
403
diff
changeset
|
819 /* Error resolving the name */ |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
820 TRACE_DEBUG(INFO, "NAS-Identifier '%s' cannot be resolved: %s. Ignoring...", buf, gai_strerror(ret)); |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
821 /* Assume this is a valid identifier for the client */ |
|
706
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
822 CHECK_FCT( rgw_clients_get_origin(cli, &oh_str, &oh_strlen, &or_str, &or_strlen) ); |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
823 } |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
824 } |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
825 |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
826 /* Now, let's create the empty Diameter message with Origin-Host, -Realm, and Route-Record if needed. */ |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
827 diameter: |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
828 ASSERT(oh_str); /* If it is not defined here, there is a bug... */ |
|
706
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
829 if (!or_str) { |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
830 or_str = fd_g_config->cnf_diamrlm; /* Use local realm in that case */ |
|
706
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
831 or_strlen = fd_g_config->cnf_diamrlm_len; |
|
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
832 } |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
833 |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
834 /* Create an empty Diameter message so that extensions can store their AVPs */ |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
835 CHECK_FCT( fd_msg_new ( NULL, MSGFL_ALLOC_ETEID, diam ) ); |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
836 |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
837 /* Add the Origin-Host as next AVP */ |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
838 CHECK_FCT( fd_msg_avp_new ( cache_orig_host, 0, &avp ) ); |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
839 memset(&avp_val, 0, sizeof(avp_val)); |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
840 avp_val.os.data = (unsigned char *)oh_str; |
|
706
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
841 avp_val.os.len = oh_strlen; |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
842 CHECK_FCT( fd_msg_avp_setvalue ( avp, &avp_val ) ); |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
843 CHECK_FCT( fd_msg_avp_add ( *diam, MSG_BRW_LAST_CHILD, avp) ); |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
844 |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
845 /* Add the Origin-Realm as next AVP */ |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
846 CHECK_FCT( fd_msg_avp_new ( cache_orig_realm, 0, &avp ) ); |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
847 memset(&avp_val, 0, sizeof(avp_val)); |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
848 avp_val.os.data = (unsigned char *)or_str; |
|
706
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
849 avp_val.os.len = or_strlen; |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
850 CHECK_FCT( fd_msg_avp_setvalue ( avp, &avp_val ) ); |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
851 CHECK_FCT( fd_msg_avp_add ( *diam, MSG_BRW_LAST_CHILD, avp) ); |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
852 |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
853 if (rr_str) { |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
854 CHECK_FCT( fd_msg_avp_new ( cache_route_record, 0, &avp ) ); |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
855 memset(&avp_val, 0, sizeof(avp_val)); |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
856 avp_val.os.data = (unsigned char *)rr_str; |
|
706
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
857 avp_val.os.len = rr_strlen; |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
858 CHECK_FCT( fd_msg_avp_setvalue ( avp, &avp_val ) ); |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
859 CHECK_FCT( fd_msg_avp_add ( *diam, MSG_BRW_LAST_CHILD, avp) ); |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
860 } |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
861 |
|
706
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
862 if (oh_free) |
|
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
863 free(oh_str); |
|
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
864 |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
865 /* Done! */ |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
866 return 0; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
867 } |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
868 |
|
706
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
869 int rgw_clients_get_origin(struct rgw_client *cli, DiamId_t *fqdn, size_t *fqdnlen, DiamId_t *realm, size_t *realmlen) |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
870 { |
|
706
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
871 TRACE_ENTRY("%p %p %p %p %p", cli, fqdn, fqdnlen, realm, realmlen); |
|
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
872 CHECK_PARAMS(cli && fqdn && fqdnlen); |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
873 |
|
500
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
874 if (cli->is_local) { |
|
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
875 *fqdn = fd_g_config->cnf_diamid; |
|
706
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
876 *fqdnlen = fd_g_config->cnf_diamid_len; |
|
500
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
877 if (realm) |
|
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
878 *realm= fd_g_config->cnf_diamrlm; |
|
706
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
879 if (realmlen) |
|
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
880 *realmlen= fd_g_config->cnf_diamrlm_len; |
|
500
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
881 } else { |
|
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
882 *fqdn = cli->fqdn; |
|
706
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
883 *fqdnlen = cli->fqdn_len; |
|
500
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
884 if (realm) |
|
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
885 *realm= cli->realm; |
|
706
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
886 if (realmlen) |
|
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
554
diff
changeset
|
887 *realmlen= cli->realm_len; |
|
500
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
888 } |
|
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
889 |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
890 return 0; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
891 } |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
892 |
|
271
411314907b43
Added translation of Accounting messages
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
261
diff
changeset
|
893 char * rgw_clients_id(struct rgw_client *cli) |
|
411314907b43
Added translation of Accounting messages
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
261
diff
changeset
|
894 { |
|
500
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
895 return cli->is_local ? "(local)" : cli->fqdn; |
|
271
411314907b43
Added translation of Accounting messages
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
261
diff
changeset
|
896 } |
|
411314907b43
Added translation of Accounting messages
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
261
diff
changeset
|
897 |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
898 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
899 void rgw_clients_dispose(struct rgw_client ** ref) |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
900 { |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
901 TRACE_ENTRY("%p", ref); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
902 CHECK_PARAMS_DO(ref, return); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
903 |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
904 CHECK_POSIX_DO( pthread_rwlock_wrlock(&cli_rwl), ); |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
905 client_unlink(*ref); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
906 *ref = NULL; |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
907 CHECK_POSIX_DO( pthread_rwlock_unlock(&cli_rwl), ); |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
908 } |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
909 |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
910 int rgw_clients_add( struct sockaddr * ip_port, unsigned char ** key, size_t keylen, enum rgw_cli_type type ) |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
911 { |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
912 struct rgw_client * prev = NULL, *new = NULL; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
913 int ret; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
914 |
|
1033
000e1904074c
Fix a number of additional warnings
Sebastien Decugis <sdecugis@freediameter.net>
parents:
1027
diff
changeset
|
915 TRACE_ENTRY("%p %p %zu", ip_port, key, keylen); |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
916 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
917 CHECK_PARAMS( ip_port && key && *key && keylen ); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
918 CHECK_PARAMS( (ip_port->sa_family == AF_INET) || (ip_port->sa_family == AF_INET6) ); |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
919 CHECK_PARAMS( (type == RGW_CLI_NAS) || (type == RGW_CLI_PXY) ); |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
920 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
921 /* Dump the entry in debug mode */ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
922 if (TRACE_BOOL(FULL + 1 )) { |
|
1107
96f2051215c8
Replaced calls to TRACE_sSA and sSA_DUMP_NODE* macros
Sebastien Decugis <sdecugis@freediameter.net>
parents:
1033
diff
changeset
|
923 char sa_buf[sSA_DUMP_STRLEN]; |
|
96f2051215c8
Replaced calls to TRACE_sSA and sSA_DUMP_NODE* macros
Sebastien Decugis <sdecugis@freediameter.net>
parents:
1033
diff
changeset
|
924 fd_sa_sdump_numeric(sa_buf, ip_port); |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
925 TRACE_DEBUG(FULL, "Adding %s:", (type == RGW_CLI_NAS) ? "NAS" : "PROXY" ); |
|
1107
96f2051215c8
Replaced calls to TRACE_sSA and sSA_DUMP_NODE* macros
Sebastien Decugis <sdecugis@freediameter.net>
parents:
1033
diff
changeset
|
926 TRACE_DEBUG(FULL, "\tIP : %s", sa_buf ); |
|
965
9b37f34c1b1f
Some modifications to logging code:
Sebastien Decugis <sdecugis@freediameter.net>
parents:
740
diff
changeset
|
927 TRACE_BUFFER(FD_LOG_DEBUG, FULL, "\tKey: [", *key, keylen, "]" ); |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
928 } |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
929 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
930 /* Lock the lists */ |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
931 CHECK_POSIX( pthread_rwlock_wrlock(&cli_rwl) ); |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
932 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
933 /* Check if the same entry does not already exist */ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
934 ret = client_search(&prev, ip_port ); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
935 if (ret == ENOENT) { |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
936 /* No duplicate found, Ok to add */ |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
937 CHECK_FCT_DO( ret = client_create( &new, &ip_port, key, keylen, type ), goto end ); |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
938 fd_list_insert_after(&prev->chain, &new->chain); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
939 new->refcount++; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
940 ret = 0; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
941 goto end; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
942 } |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
943 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
944 if (ret == EEXIST) { |
|
1107
96f2051215c8
Replaced calls to TRACE_sSA and sSA_DUMP_NODE* macros
Sebastien Decugis <sdecugis@freediameter.net>
parents:
1033
diff
changeset
|
945 char sa_buf[sSA_DUMP_STRLEN]; |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
946 /* Check if the key is the same, then skip or return an error */ |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
947 if ((keylen == prev->key.len ) && ( ! memcmp(*key, prev->key.data, keylen) ) && (type == prev->type)) { |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
948 TRACE_DEBUG(INFO, "Skipping duplicate client description"); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
949 ret = 0; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
950 goto end; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
951 } |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
952 |
|
977
b28d3c623096
Remove more newlines and fix function name.
Thomas Klausner <tk@giga.or.at>
parents:
974
diff
changeset
|
953 fd_log_error("ERROR: Conflicting RADIUS clients descriptions!"); |
|
965
9b37f34c1b1f
Some modifications to logging code:
Sebastien Decugis <sdecugis@freediameter.net>
parents:
740
diff
changeset
|
954 TRACE_ERROR("Previous entry: %s", (prev->type == RGW_CLI_NAS) ? "NAS" : "PROXY"); |
|
1107
96f2051215c8
Replaced calls to TRACE_sSA and sSA_DUMP_NODE* macros
Sebastien Decugis <sdecugis@freediameter.net>
parents:
1033
diff
changeset
|
955 fd_sa_sdump_numeric(sa_buf, prev->sa); |
|
96f2051215c8
Replaced calls to TRACE_sSA and sSA_DUMP_NODE* macros
Sebastien Decugis <sdecugis@freediameter.net>
parents:
1033
diff
changeset
|
956 TRACE_ERROR("\tIP : %s", sa_buf); |
|
965
9b37f34c1b1f
Some modifications to logging code:
Sebastien Decugis <sdecugis@freediameter.net>
parents:
740
diff
changeset
|
957 TRACE_BUFFER(FD_LOG_ERROR, NONE, "\tKey: [", prev->key.data, prev->key.len, "]" ); |
|
9b37f34c1b1f
Some modifications to logging code:
Sebastien Decugis <sdecugis@freediameter.net>
parents:
740
diff
changeset
|
958 TRACE_ERROR("Conflicting entry: %s", (type == RGW_CLI_NAS) ? "NAS" : "PROXY"); |
|
1107
96f2051215c8
Replaced calls to TRACE_sSA and sSA_DUMP_NODE* macros
Sebastien Decugis <sdecugis@freediameter.net>
parents:
1033
diff
changeset
|
959 fd_sa_sdump_numeric(sa_buf, ip_port); |
|
96f2051215c8
Replaced calls to TRACE_sSA and sSA_DUMP_NODE* macros
Sebastien Decugis <sdecugis@freediameter.net>
parents:
1033
diff
changeset
|
960 TRACE_ERROR("\tIP : %s", sa_buf); |
|
965
9b37f34c1b1f
Some modifications to logging code:
Sebastien Decugis <sdecugis@freediameter.net>
parents:
740
diff
changeset
|
961 TRACE_BUFFER(FD_LOG_ERROR, NONE, "\tKey: [", *key, keylen, "]" ); |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
962 } |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
963 end: |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
964 /* release the lists */ |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
965 CHECK_POSIX( pthread_rwlock_unlock(&cli_rwl) ); |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
966 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
967 return ret; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
968 } |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
969 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
970 static void dump_cli_list(struct fd_list *senti) |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
971 { |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
972 struct rgw_client * client = NULL; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
973 struct fd_list *ref = NULL; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
974 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
975 for (ref = senti->next; ref != senti; ref = ref->next) { |
|
1107
96f2051215c8
Replaced calls to TRACE_sSA and sSA_DUMP_NODE* macros
Sebastien Decugis <sdecugis@freediameter.net>
parents:
1033
diff
changeset
|
976 char sa_buf[sSA_DUMP_STRLEN]; |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
977 client = (struct rgw_client *)ref; |
|
1119
79dd22145f52
Fix a number of compilation warnings
Sebastien Decugis <sdecugis@freediameter.net>
parents:
1107
diff
changeset
|
978 fd_sa_sdump_numeric(sa_buf, client->sa); |
|
79dd22145f52
Fix a number of compilation warnings
Sebastien Decugis <sdecugis@freediameter.net>
parents:
1107
diff
changeset
|
979 LOG_D(" - %s%s", sa_buf, (client->type == RGW_CLI_NAS) ? "" : " [PROXY]" ); |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
980 } |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
981 } |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
982 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
983 void rgw_clients_dump(void) |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
984 { |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
985 if ( ! TRACE_BOOL(FULL) ) |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
986 return; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
987 |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
988 CHECK_POSIX_DO( pthread_rwlock_rdlock(&cli_rwl), /* ignore error */ ); |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
989 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
990 if (!FD_IS_LIST_EMPTY(&cli_ip)) |
|
974
2091bf698fb1
Remove newlines from fd_log_debug, TRACE_DEBUG, TRACE_ERROR, and TRACE_DEBUG_ERROR
Thomas Klausner <tk@giga.or.at>
parents:
965
diff
changeset
|
991 fd_log_debug(" RADIUS IP clients list:"); |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
992 dump_cli_list(&cli_ip); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
993 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
994 if (!FD_IS_LIST_EMPTY(&cli_ip6)) |
|
974
2091bf698fb1
Remove newlines from fd_log_debug, TRACE_DEBUG, TRACE_ERROR, and TRACE_DEBUG_ERROR
Thomas Klausner <tk@giga.or.at>
parents:
965
diff
changeset
|
995 fd_log_debug(" RADIUS IPv6 clients list:"); |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
996 dump_cli_list(&cli_ip6); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
997 |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
998 CHECK_POSIX_DO( pthread_rwlock_unlock(&cli_rwl), /* ignore error */ ); |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
999 } |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
1000 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
1001 void rgw_clients_fini(void) |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
1002 { |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
1003 struct fd_list * client; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
1004 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
1005 TRACE_ENTRY(); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
1006 |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1007 CHECK_POSIX_DO( pthread_rwlock_wrlock(&cli_rwl), /* ignore error */ ); |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
1008 |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1009 CHECK_FCT_DO( fd_thr_term(&dbt_expire), /* continue */ ); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1010 |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
1011 /* empty the lists */ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
1012 while ( ! FD_IS_LIST_EMPTY(&cli_ip) ) { |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
1013 client = cli_ip.next; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
1014 fd_list_unlink(client); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
1015 client_unlink((struct rgw_client *)client); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
1016 } |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
1017 while (! FD_IS_LIST_EMPTY(&cli_ip6)) { |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
1018 client = cli_ip6.next; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
1019 fd_list_unlink(client); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
1020 client_unlink((struct rgw_client *)client); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
1021 } |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
1022 |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1023 CHECK_POSIX_DO( pthread_rwlock_unlock(&cli_rwl), /* ignore error */ ); |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
1024 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
1025 } |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
1026 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
1027 int rgw_client_finish_send(struct radius_msg ** msg, struct rgw_radius_msg_meta * req, struct rgw_client * cli) |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
1028 { |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1029 int p; |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1030 struct fd_list * li; |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
1031 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
1032 TRACE_ENTRY("%p %p %p", msg, req, cli); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
1033 CHECK_PARAMS( msg && *msg && cli ); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
1034 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
1035 if (!req) { |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
1036 /* We don't support this case yet */ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
1037 ASSERT(0); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
1038 return ENOTSUP; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
1039 } |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
1040 |
|
550
4c935aecee6c
Hide and automate the Proxy-State attributes management in RADIUS gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
548
diff
changeset
|
1041 /* Add all the Proxy-States back in the message */ |
|
4c935aecee6c
Hide and automate the Proxy-State attributes management in RADIUS gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
548
diff
changeset
|
1042 for (p = 0; p < req->ps_nb; p++) { |
|
4c935aecee6c
Hide and automate the Proxy-State attributes management in RADIUS gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
548
diff
changeset
|
1043 struct radius_attr_hdr * attr = (struct radius_attr_hdr *)(req->radius.buf + req->radius.attr_pos[req->ps_first + p]); |
|
4c935aecee6c
Hide and automate the Proxy-State attributes management in RADIUS gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
548
diff
changeset
|
1044 |
|
4c935aecee6c
Hide and automate the Proxy-State attributes management in RADIUS gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
548
diff
changeset
|
1045 if (radius_msg_add_attr_to_array(*msg, attr)) { |
|
4c935aecee6c
Hide and automate the Proxy-State attributes management in RADIUS gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
548
diff
changeset
|
1046 TRACE_DEBUG(INFO, "Error in radius_msg_add_attr_to_array, ENOMEM"); |
|
4c935aecee6c
Hide and automate the Proxy-State attributes management in RADIUS gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
548
diff
changeset
|
1047 radius_msg_free(*msg); |
|
4c935aecee6c
Hide and automate the Proxy-State attributes management in RADIUS gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
548
diff
changeset
|
1048 free(*msg); |
|
4c935aecee6c
Hide and automate the Proxy-State attributes management in RADIUS gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
548
diff
changeset
|
1049 *msg = NULL; |
|
4c935aecee6c
Hide and automate the Proxy-State attributes management in RADIUS gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
548
diff
changeset
|
1050 return ENOMEM; |
|
4c935aecee6c
Hide and automate the Proxy-State attributes management in RADIUS gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
548
diff
changeset
|
1051 } |
|
4c935aecee6c
Hide and automate the Proxy-State attributes management in RADIUS gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
548
diff
changeset
|
1052 } |
|
4c935aecee6c
Hide and automate the Proxy-State attributes management in RADIUS gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
548
diff
changeset
|
1053 |
|
4c935aecee6c
Hide and automate the Proxy-State attributes management in RADIUS gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
548
diff
changeset
|
1054 /* Add the Message-Authenticator if needed, and other final tasks */ |
|
539
6994e9a3c528
The previous commit provoked an Accounting-Response with empty authenticator... Should be fixed now.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
538
diff
changeset
|
1055 if (radius_msg_finish_srv(*msg, cli->key.data, cli->key.len, req->radius.hdr->authenticator)) { |
|
6994e9a3c528
The previous commit provoked an Accounting-Response with empty authenticator... Should be fixed now.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
538
diff
changeset
|
1056 TRACE_DEBUG(INFO, "An error occurred while preparing the RADIUS answer"); |
|
6994e9a3c528
The previous commit provoked an Accounting-Response with empty authenticator... Should be fixed now.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
538
diff
changeset
|
1057 radius_msg_free(*msg); |
|
6994e9a3c528
The previous commit provoked an Accounting-Response with empty authenticator... Should be fixed now.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
538
diff
changeset
|
1058 free(*msg); |
|
6994e9a3c528
The previous commit provoked an Accounting-Response with empty authenticator... Should be fixed now.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
538
diff
changeset
|
1059 *msg = NULL; |
|
6994e9a3c528
The previous commit provoked an Accounting-Response with empty authenticator... Should be fixed now.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
538
diff
changeset
|
1060 return EINVAL; |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
1061 } |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
1062 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
1063 /* Debug */ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
1064 TRACE_DEBUG(FULL, "RADIUS message ready for sending:"); |
| 553 | 1065 rgw_msg_dump((struct rgw_radius_msg_meta *)*msg, 0); |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
1066 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
1067 /* Send the message */ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
1068 CHECK_FCT( rgw_servers_send(req->serv_type, (*msg)->buf, (*msg)->buf_used, cli->sa, req->port) ); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
1069 |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1070 /* update the duplicate cache */ |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
1071 if (req->serv_type == RGW_PLG_TYPE_AUTH) |
|
530
825a2992e3b9
Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
521
diff
changeset
|
1072 p = 0; |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
1073 else |
|
530
825a2992e3b9
Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
521
diff
changeset
|
1074 p = 1; |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1075 |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1076 CHECK_POSIX( pthread_mutex_lock( &cli->dupl_info[p].dupl_lock ) ); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1077 |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1078 /* Search this message in our list */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1079 for (li = cli->dupl_info[p].dupl_by_id.next; li != &cli->dupl_info[p].dupl_by_id; li = li->next) { |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1080 int cmp = 0; |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1081 struct req_info * r = (struct req_info *)(li->o); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1082 if (r->id < req->radius.hdr->identifier) |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1083 continue; |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1084 if (r->id > req->radius.hdr->identifier) |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1085 break; |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1086 if (r->port < req->port) |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1087 continue; |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1088 if (r->port > req->port) |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1089 break; |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1090 cmp = memcmp(&r->auth[0], &req->radius.hdr->authenticator[0], 16); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1091 if (cmp < 0) |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1092 continue; |
|
547
77b575250103
Fix erroneous ; in the file
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
546
diff
changeset
|
1093 if (cmp > 0) |
|
530
825a2992e3b9
Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
521
diff
changeset
|
1094 break; |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1095 |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1096 /* We have the request in our duplicate cache */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1097 /* This should not happen, but just in case... */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1098 if (r->ans) { |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1099 radius_msg_free(r->ans); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1100 free(r->ans); |
|
530
825a2992e3b9
Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
521
diff
changeset
|
1101 } |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1102 |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1103 /* Now save the message */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1104 r->ans = *msg; |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1105 *msg = NULL; |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1106 |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1107 /* Update the timestamp */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1108 { |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1109 time_t now = time(NULL); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1110 r->received = now; |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1111 fd_list_unlink(&r->by_time); /* Move as last entry, since it is the most recent */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1112 fd_list_insert_before(&cli->dupl_info[p].dupl_by_time, &r->by_time); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1113 } |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1114 break; |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
1115 } |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1116 |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1117 CHECK_POSIX( pthread_mutex_unlock( &cli->dupl_info[p].dupl_lock ) ); |
|
530
825a2992e3b9
Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
521
diff
changeset
|
1118 |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1119 /* If we have not found the request in our list, the purge time is probably too small */ |
|
530
825a2992e3b9
Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
521
diff
changeset
|
1120 if (*msg) { |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1121 TODO("Augment the purge time..."); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1122 /* If we receive the duplicate request again, it will be converted to Diameter... */ |
|
530
825a2992e3b9
Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
521
diff
changeset
|
1123 radius_msg_free(*msg); |
|
825a2992e3b9
Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
521
diff
changeset
|
1124 free(*msg); |
|
825a2992e3b9
Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
521
diff
changeset
|
1125 *msg = NULL; |
|
825a2992e3b9
Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
521
diff
changeset
|
1126 } |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
1127 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
1128 /* Finished */ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
1129 return 0; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
1130 } |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
1131 |
|
548
345537783a90
Allow duplicate messages to be processed after Diameter answer has been received.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
547
diff
changeset
|
1132 /* Call this function when a RADIUS request has explicitely no answer (mainly accounting) so |
|
345537783a90
Allow duplicate messages to be processed after Diameter answer has been received.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
547
diff
changeset
|
1133 that we purge the duplicate cache and allow further message to be translated again. |
|
345537783a90
Allow duplicate messages to be processed after Diameter answer has been received.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
547
diff
changeset
|
1134 This is useful for example when a temporary error occurred in Diameter (like UNABLE_TO_DELIVER) */ |
|
345537783a90
Allow duplicate messages to be processed after Diameter answer has been received.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
547
diff
changeset
|
1135 int rgw_client_finish_nosend(struct rgw_radius_msg_meta * req, struct rgw_client * cli) |
|
345537783a90
Allow duplicate messages to be processed after Diameter answer has been received.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
547
diff
changeset
|
1136 { |
|
345537783a90
Allow duplicate messages to be processed after Diameter answer has been received.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
547
diff
changeset
|
1137 int p; |
|
345537783a90
Allow duplicate messages to be processed after Diameter answer has been received.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
547
diff
changeset
|
1138 struct fd_list * li; |
|
345537783a90
Allow duplicate messages to be processed after Diameter answer has been received.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
547
diff
changeset
|
1139 |
|
345537783a90
Allow duplicate messages to be processed after Diameter answer has been received.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
547
diff
changeset
|
1140 TRACE_ENTRY("%p %p", req, cli); |
|
345537783a90
Allow duplicate messages to be processed after Diameter answer has been received.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
547
diff
changeset
|
1141 CHECK_PARAMS( req && cli ); |
|
345537783a90
Allow duplicate messages to be processed after Diameter answer has been received.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
547
diff
changeset
|
1142 |
|
345537783a90
Allow duplicate messages to be processed after Diameter answer has been received.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
547
diff
changeset
|
1143 /* update the duplicate cache */ |
|
345537783a90
Allow duplicate messages to be processed after Diameter answer has been received.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
547
diff
changeset
|
1144 if (req->serv_type == RGW_PLG_TYPE_AUTH) |
|
345537783a90
Allow duplicate messages to be processed after Diameter answer has been received.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
547
diff
changeset
|
1145 p = 0; |
|
345537783a90
Allow duplicate messages to be processed after Diameter answer has been received.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
547
diff
changeset
|
1146 else |
|
345537783a90
Allow duplicate messages to be processed after Diameter answer has been received.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
547
diff
changeset
|
1147 p = 1; |
|
345537783a90
Allow duplicate messages to be processed after Diameter answer has been received.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
547
diff
changeset
|
1148 |
|
345537783a90
Allow duplicate messages to be processed after Diameter answer has been received.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
547
diff
changeset
|
1149 CHECK_POSIX( pthread_mutex_lock( &cli->dupl_info[p].dupl_lock ) ); |
|
345537783a90
Allow duplicate messages to be processed after Diameter answer has been received.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
547
diff
changeset
|
1150 |
|
345537783a90
Allow duplicate messages to be processed after Diameter answer has been received.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
547
diff
changeset
|
1151 /* Search this message in our list */ |
|
345537783a90
Allow duplicate messages to be processed after Diameter answer has been received.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
547
diff
changeset
|
1152 for (li = cli->dupl_info[p].dupl_by_id.next; li != &cli->dupl_info[p].dupl_by_id; li = li->next) { |
|
345537783a90
Allow duplicate messages to be processed after Diameter answer has been received.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
547
diff
changeset
|
1153 int cmp = 0; |
|
345537783a90
Allow duplicate messages to be processed after Diameter answer has been received.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
547
diff
changeset
|
1154 struct req_info * r = (struct req_info *)(li->o); |
|
345537783a90
Allow duplicate messages to be processed after Diameter answer has been received.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
547
diff
changeset
|
1155 if (r->id < req->radius.hdr->identifier) |
|
345537783a90
Allow duplicate messages to be processed after Diameter answer has been received.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
547
diff
changeset
|
1156 continue; |
|
345537783a90
Allow duplicate messages to be processed after Diameter answer has been received.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
547
diff
changeset
|
1157 if (r->id > req->radius.hdr->identifier) |
|
345537783a90
Allow duplicate messages to be processed after Diameter answer has been received.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
547
diff
changeset
|
1158 break; |
|
345537783a90
Allow duplicate messages to be processed after Diameter answer has been received.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
547
diff
changeset
|
1159 if (r->port < req->port) |
|
345537783a90
Allow duplicate messages to be processed after Diameter answer has been received.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
547
diff
changeset
|
1160 continue; |
|
345537783a90
Allow duplicate messages to be processed after Diameter answer has been received.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
547
diff
changeset
|
1161 if (r->port > req->port) |
|
345537783a90
Allow duplicate messages to be processed after Diameter answer has been received.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
547
diff
changeset
|
1162 break; |
|
345537783a90
Allow duplicate messages to be processed after Diameter answer has been received.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
547
diff
changeset
|
1163 cmp = memcmp(&r->auth[0], &req->radius.hdr->authenticator[0], 16); |
|
345537783a90
Allow duplicate messages to be processed after Diameter answer has been received.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
547
diff
changeset
|
1164 if (cmp < 0) |
|
345537783a90
Allow duplicate messages to be processed after Diameter answer has been received.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
547
diff
changeset
|
1165 continue; |
|
345537783a90
Allow duplicate messages to be processed after Diameter answer has been received.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
547
diff
changeset
|
1166 if (cmp > 0) |
|
345537783a90
Allow duplicate messages to be processed after Diameter answer has been received.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
547
diff
changeset
|
1167 break; |
|
345537783a90
Allow duplicate messages to be processed after Diameter answer has been received.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
547
diff
changeset
|
1168 |
|
345537783a90
Allow duplicate messages to be processed after Diameter answer has been received.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
547
diff
changeset
|
1169 /* We have the request in our duplicate cache, remove it */ |
|
345537783a90
Allow duplicate messages to be processed after Diameter answer has been received.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
547
diff
changeset
|
1170 fd_list_unlink(&r->by_id); |
|
345537783a90
Allow duplicate messages to be processed after Diameter answer has been received.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
547
diff
changeset
|
1171 fd_list_unlink(&r->by_time); |
|
345537783a90
Allow duplicate messages to be processed after Diameter answer has been received.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
547
diff
changeset
|
1172 dupl_free_req_info(r); |
|
345537783a90
Allow duplicate messages to be processed after Diameter answer has been received.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
547
diff
changeset
|
1173 break; |
|
345537783a90
Allow duplicate messages to be processed after Diameter answer has been received.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
547
diff
changeset
|
1174 } |
|
345537783a90
Allow duplicate messages to be processed after Diameter answer has been received.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
547
diff
changeset
|
1175 |
|
345537783a90
Allow duplicate messages to be processed after Diameter answer has been received.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
547
diff
changeset
|
1176 CHECK_POSIX( pthread_mutex_unlock( &cli->dupl_info[p].dupl_lock ) ); |
|
345537783a90
Allow duplicate messages to be processed after Diameter answer has been received.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
547
diff
changeset
|
1177 |
|
345537783a90
Allow duplicate messages to be processed after Diameter answer has been received.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
547
diff
changeset
|
1178 /* Finished */ |
|
345537783a90
Allow duplicate messages to be processed after Diameter answer has been received.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
547
diff
changeset
|
1179 return 0; |
|
345537783a90
Allow duplicate messages to be processed after Diameter answer has been received.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
547
diff
changeset
|
1180 } |
|
345537783a90
Allow duplicate messages to be processed after Diameter answer has been received.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
547
diff
changeset
|
1181 |