freeDiameter: extensions/app_radgw/rgw

annotate extensions/app_radgw/rgw_clients.c @ 544:a0e3af6f94fb

Improve the RADIUS duplicates management. Default cache is set to 60 seconds.

author	Sebastien Decugis <sdecugis@nict.go.jp>
date	Tue, 14 Sep 2010 16:04:59 +0900
parents	6994e9a3c528
children	b0f9b0e1b564

rev	line source
254 a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	1 /*********************************************************************************************************
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	2 * Software License Agreement (BSD License) *
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	3 * Author: Sebastien Decugis <sdecugis@nict.go.jp> *
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	4 * *
258 5df55136361b Updated copyright information Sebastien Decugis <sdecugis@nict.go.jp> parents: 254 diff changeset	5 * Copyright (c) 2010, WIDE Project and NICT *
254 a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	6 * All rights reserved. *
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	7 * *
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	8 * Redistribution and use of this software in source and binary forms, with or without modification, are *
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	9 * permitted provided that the following conditions are met: *
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	10 * *
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	11 * * Redistributions of source code must retain the above *
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	12 * copyright notice, this list of conditions and the *
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	13 * following disclaimer. *
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	14 * *
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	15 * * Redistributions in binary form must reproduce the above *
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	16 * copyright notice, this list of conditions and the *
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	17 * following disclaimer in the documentation and/or other *
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	18 * materials provided with the distribution. *
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	19 * *
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	20 * * Neither the name of the WIDE Project or NICT nor the *
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	21 * names of its contributors may be used to endorse or *
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	22 * promote products derived from this software without *
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	23 * specific prior written permission of WIDE Project and *
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	24 * NICT. *
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	25 * *
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	26 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED *
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	27 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A *
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	28 * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR *
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	29 * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT *
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	30 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS *
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	31 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR *
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	32 * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF *
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	33 * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. *
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	34 *********************************************************************************************************/
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	35
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	36 /* Manage the list of RADIUS clients, along with their shared secrets. */
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	37
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	38 /* Probably some changes are needed to support RADIUS Proxies */
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	39
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	40 #include "rgw.h"
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	41
516 1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	42 #define REVERSE_DNS_SIZE_MAX 512 /* length of our buffer for reverse DNS */
544 a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	43 #define DUPLICATE_CHECK_LIFETIME 60 /* number of seconds that the received RADIUS records are kept for duplicate checking . TODO: make it configurable if needed */
516 1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	44
254 a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	45 /* Ordered lists of clients. The order relationship is a memcmp on the address zone.
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	46 For same addresses, the port is compared.
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	47 The same address cannot be added twice, once with a 0-port and once with another port value.
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	48 */
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	49 static struct fd_list cli_ip = FD_LIST_INITIALIZER(cli_ip);
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	50 static struct fd_list cli_ip6 = FD_LIST_INITIALIZER(cli_ip6);
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	51
544 a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	52 /* Lock to protect the previous lists. We use a rwlock because this list is mostly static, to allow parallel reading */
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	53 static pthread_rwlock_t cli_rwl = PTHREAD_RWLOCK_INITIALIZER;
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	54
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	55 /* Structure describing one received RADIUS message, for duplicate checks purpose. */
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	56 struct req_info {
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	57 uint16_t port; /* UDP source port of the request */
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	58 uint8_t id; /* The identifier in the request header */
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	59 uint8_t auth[16]; /* Request authenticator, since some RADIUS clients do not implement the id mechanism properly. */
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	60 struct radius_msg ans; / The replied answer if any, in case the previous answer got lost. */
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	61
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	62 int nbdup; /* Number of times this request was received as a duplicate */
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	63 struct fd_list by_id; /* The list of requests ordered by their id, port, and auth */
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	64 time_t received; /* When was the last duplicate received? */
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	65 struct fd_list by_time; /* The list of requests ordered by the 'received' value . */
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	66 };
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	67
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	68 static pthread_t dbt_expire = (pthread_t)NULL; /* The thread that will remove old requests information from all clients (one thread for all) */
254 a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	69
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	70 /* Structure describing one client */
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	71 struct rgw_client {
544 a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	72 /* Link information in global list (cli_ip or cli_ip6) */
254 a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	73 struct fd_list chain;
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	74
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	75 /* Reference count */
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	76 int refcount;
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	77
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	78 /* The address and optional port (alloc'd during configuration file parsing). */
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	79 union {
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	80 struct sockaddr sa; / generic pointer */
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	81 struct sockaddr_in *sin;
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	82 struct sockaddr_in6 *sin6;
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	83 };
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	84
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	85 /* The FQDN, realm, and optional aliases */
500 d4fc98a3b79c Handle more nicely the local RADIUS clients in the gateway Sebastien Decugis <sdecugis@nict.go.jp> parents: 442 diff changeset	86 int is_local; /* true if the RADIUS client runs on the same host -- we use Diameter Identity in that case */
516 1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	87 enum rgw_cli_type type; /* is it a proxy ? */
254 a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	88 char *fqdn;
442 02e3976b9163 Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling Sebastien Decugis <sdecugis@nict.go.jp> parents: 403 diff changeset	89 size_t fqdn_len;
254 a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	90 char *realm;
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	91 char **aliases;
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	92 size_t aliases_nb;
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	93
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	94 /* The secret key data. */
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	95 struct {
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	96 unsigned char * data;
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	97 size_t len;
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	98 } key;
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	99
544 a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	100 /* information of previous msg received, for duplicate checks. */
254 a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	101 struct {
544 a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	102 pthread_mutex_t dupl_lock; /* The mutex protecting the following lists */
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	103 struct fd_list dupl_by_id; /* The list of req_info structures ordered by their id, port, and auth */
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	104 struct fd_list dupl_by_time; /* The list of req_info structures ordered by their time (approximative) */
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	105 } dupl_info[2]; /[0] for auth, [1] for acct. /
254 a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	106 };
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	107
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	108
544 a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	109 /* Create a new req_info structure and initialize its data from a RADIUS request message */
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	110 static struct req_info * dupl_new_req_info(struct rgw_radius_msg_meta *msg) {
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	111 struct req_info * ret = NULL;
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	112 CHECK_MALLOC_DO( ret = malloc(sizeof(struct req_info)), return NULL );
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	113 memset(ret, 0, sizeof(struct req_info));
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	114 ret->port = msg->port;
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	115 ret->id = msg->radius.hdr->identifier;
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	116 memcpy(&ret->auth[0], &msg->radius.hdr->authenticator[0], 16);
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	117 fd_list_init(&ret->by_id, ret);
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	118 fd_list_init(&ret->by_time, ret);
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	119 ret->received = time(NULL);
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	120 return ret;
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	121 }
254 a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	122
544 a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	123 /* Destroy a req_info structure, after it has been unlinked */
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	124 static void dupl_free_req_info(struct req_info * r) {
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	125 CHECK_PARAMS_DO( r && FD_IS_LIST_EMPTY(&r->by_id) && FD_IS_LIST_EMPTY(&r->by_time), return );
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	126 if (r->ans) {
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	127 /* Free this RADIUS message */
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	128 radius_msg_free(r->ans);
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	129 free(r->ans);
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	130 }
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	131
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	132 /* Use r->nbdup for some purpose? */
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	133
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	134 free(r);
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	135 }
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	136
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	137 /* The core of the purge thread */
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	138 static int dupl_purge_list(struct fd_list * clients) {
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	139 struct fd_list *li = NULL;
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	140 for (li = clients->next; li != clients; li = li->next) {
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	141 struct rgw_client * client = (struct rgw_client *)li;
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	142 int p;
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	143 for (p=0; p<=1; p++) {
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	144 /* Lock this list */
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	145 time_t now;
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	146 CHECK_POSIX( pthread_mutex_lock(&client->dupl_info[p].dupl_lock) );
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	147
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	148 now = time(NULL);
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	149
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	150 while (!FD_IS_LIST_EMPTY(&client->dupl_info[p].dupl_by_time)) {
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	151 /* Check the first item in the list */
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	152 struct req_info * r = (struct req_info *)(client->dupl_info[p].dupl_by_time.next->o);
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	153
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	154 if (now - r->received > DUPLICATE_CHECK_LIFETIME) {
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	155 /* Remove this record */
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	156 fd_list_unlink(&r->by_time);
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	157 fd_list_unlink(&r->by_id);
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	158 dupl_free_req_info(r);
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	159 } else {
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	160 /* We are done for this list */
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	161 break;
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	162 }
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	163 }
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	164
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	165 CHECK_POSIX( pthread_mutex_unlock(&client->dupl_info[p].dupl_lock) );
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	166 }
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	167 }
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	168 return 0;
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	169 }
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	170
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	171 /* Thread that purges old RADIUS requests */
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	172 static void * dupl_th(void * arg) {
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	173 /* Set the thread name */
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	174 fd_log_threadname ( "app_radgw:duplicate_purge" );
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	175
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	176 /* The thread will be canceled */
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	177 while (1) {
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	178
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	179 /* We don't use a cond var, we simply wake up every 5 seconds. If the size of the duplicate cache is critical, it might be changed */
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	180 sleep(5);
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	181
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	182 /* When we wake up, we will check all clients duplicate lists one by one */
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	183 CHECK_POSIX_DO( pthread_rwlock_rdlock(&cli_rwl), break );
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	184
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	185 CHECK_FCT_DO( dupl_purge_list(&cli_ip), break );
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	186 CHECK_FCT_DO( dupl_purge_list(&cli_ip6), break );
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	187
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	188 CHECK_POSIX_DO( pthread_rwlock_unlock(&cli_rwl), break );
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	189
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	190 /* Loop */
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	191 }
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	192
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	193 /* If we reach this part, some fatal error was encountered */
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	194 CHECK_FCT_DO(fd_event_send(fd_g_config->cnf_main_ev, FDEV_TERMINATE, 0, NULL), );
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	195 TRACE_DEBUG(FULL, "Thread terminated");
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	196 return NULL;
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	197 }
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	198
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	199
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	200 /* create a new rgw_client. the arguments are MOVED into the structure (to limit malloc & free calls). */
516 1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	201 static int client_create(struct rgw_client res, struct sockaddr ip_port, unsigned char ** key, size_t keylen, enum rgw_cli_type type )
254 a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	202 {
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	203 struct rgw_client *tmp = NULL;
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	204 char buf[255];
544 a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	205 int ret, i;
500 d4fc98a3b79c Handle more nicely the local RADIUS clients in the gateway Sebastien Decugis <sdecugis@nict.go.jp> parents: 442 diff changeset	206 int loc = 0;
254 a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	207
500 d4fc98a3b79c Handle more nicely the local RADIUS clients in the gateway Sebastien Decugis <sdecugis@nict.go.jp> parents: 442 diff changeset	208 /* Check if the IP address is local */
d4fc98a3b79c Handle more nicely the local RADIUS clients in the gateway Sebastien Decugis <sdecugis@nict.go.jp> parents: 442 diff changeset	209 if ( ( ((ip_port)->sa_family == AF_INET ) && ( IN_IS_ADDR_LOOPBACK( &((struct sockaddr_in )(*ip_port))->sin_addr ) ) )
d4fc98a3b79c Handle more nicely the local RADIUS clients in the gateway Sebastien Decugis <sdecugis@nict.go.jp> parents: 442 diff changeset	210 \|\|( ((ip_port)->sa_family == AF_INET6) && ( IN6_IS_ADDR_LOOPBACK( &((struct sockaddr_in6 )(*ip_port))->sin6_addr) ) )) {
d4fc98a3b79c Handle more nicely the local RADIUS clients in the gateway Sebastien Decugis <sdecugis@nict.go.jp> parents: 442 diff changeset	211 /* The client is local */
d4fc98a3b79c Handle more nicely the local RADIUS clients in the gateway Sebastien Decugis <sdecugis@nict.go.jp> parents: 442 diff changeset	212 loc = 1;
d4fc98a3b79c Handle more nicely the local RADIUS clients in the gateway Sebastien Decugis <sdecugis@nict.go.jp> parents: 442 diff changeset	213 } else {
d4fc98a3b79c Handle more nicely the local RADIUS clients in the gateway Sebastien Decugis <sdecugis@nict.go.jp> parents: 442 diff changeset	214
d4fc98a3b79c Handle more nicely the local RADIUS clients in the gateway Sebastien Decugis <sdecugis@nict.go.jp> parents: 442 diff changeset	215 /* Search FQDN for the client */
d4fc98a3b79c Handle more nicely the local RADIUS clients in the gateway Sebastien Decugis <sdecugis@nict.go.jp> parents: 442 diff changeset	216 ret = getnameinfo( *ip_port, sizeof(struct sockaddr_storage), &buf[0], sizeof(buf), NULL, 0, 0 );
d4fc98a3b79c Handle more nicely the local RADIUS clients in the gateway Sebastien Decugis <sdecugis@nict.go.jp> parents: 442 diff changeset	217 if (ret) {
d4fc98a3b79c Handle more nicely the local RADIUS clients in the gateway Sebastien Decugis <sdecugis@nict.go.jp> parents: 442 diff changeset	218 TRACE_DEBUG(INFO, "Unable to resolve peer name: %s", gai_strerror(ret));
d4fc98a3b79c Handle more nicely the local RADIUS clients in the gateway Sebastien Decugis <sdecugis@nict.go.jp> parents: 442 diff changeset	219 return EINVAL;
d4fc98a3b79c Handle more nicely the local RADIUS clients in the gateway Sebastien Decugis <sdecugis@nict.go.jp> parents: 442 diff changeset	220 }
254 a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	221 }
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	222
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	223 /* Create the new object */
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	224 CHECK_MALLOC( tmp = malloc(sizeof (struct rgw_client)) );
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	225 memset(tmp, 0, sizeof(struct rgw_client));
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	226 fd_list_init(&tmp->chain, NULL);
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	227
544 a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	228 /* Initialize the duplicate list info */
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	229 for (i=0; i<=1; i++) {
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	230 CHECK_POSIX( pthread_mutex_init(&tmp->dupl_info[0].dupl_lock, NULL) );
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	231 fd_list_init(&tmp->dupl_info[0].dupl_by_id, NULL);
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	232 fd_list_init(&tmp->dupl_info[0].dupl_by_time, NULL);
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	233 }
516 1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	234 tmp->type = type;
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	235
500 d4fc98a3b79c Handle more nicely the local RADIUS clients in the gateway Sebastien Decugis <sdecugis@nict.go.jp> parents: 442 diff changeset	236 if (loc) {
d4fc98a3b79c Handle more nicely the local RADIUS clients in the gateway Sebastien Decugis <sdecugis@nict.go.jp> parents: 442 diff changeset	237 tmp->is_local = 1;
d4fc98a3b79c Handle more nicely the local RADIUS clients in the gateway Sebastien Decugis <sdecugis@nict.go.jp> parents: 442 diff changeset	238 } else {
d4fc98a3b79c Handle more nicely the local RADIUS clients in the gateway Sebastien Decugis <sdecugis@nict.go.jp> parents: 442 diff changeset	239 /* Copy the fqdn */
d4fc98a3b79c Handle more nicely the local RADIUS clients in the gateway Sebastien Decugis <sdecugis@nict.go.jp> parents: 442 diff changeset	240 CHECK_MALLOC( tmp->fqdn = strdup(buf) );
d4fc98a3b79c Handle more nicely the local RADIUS clients in the gateway Sebastien Decugis <sdecugis@nict.go.jp> parents: 442 diff changeset	241 tmp->fqdn_len = strlen(tmp->fqdn);
d4fc98a3b79c Handle more nicely the local RADIUS clients in the gateway Sebastien Decugis <sdecugis@nict.go.jp> parents: 442 diff changeset	242 /* Find an appropriate realm */
d4fc98a3b79c Handle more nicely the local RADIUS clients in the gateway Sebastien Decugis <sdecugis@nict.go.jp> parents: 442 diff changeset	243 tmp->realm = strchr(tmp->fqdn, '.');
d4fc98a3b79c Handle more nicely the local RADIUS clients in the gateway Sebastien Decugis <sdecugis@nict.go.jp> parents: 442 diff changeset	244 if (tmp->realm)
d4fc98a3b79c Handle more nicely the local RADIUS clients in the gateway Sebastien Decugis <sdecugis@nict.go.jp> parents: 442 diff changeset	245 tmp->realm += 1;
d4fc98a3b79c Handle more nicely the local RADIUS clients in the gateway Sebastien Decugis <sdecugis@nict.go.jp> parents: 442 diff changeset	246 if ((!tmp->realm) \|\| (tmp->realm == '\0')) / in case the fqdn was "localhost." for example, if it is possible... */
d4fc98a3b79c Handle more nicely the local RADIUS clients in the gateway Sebastien Decugis <sdecugis@nict.go.jp> parents: 442 diff changeset	247 tmp->realm = fd_g_config->cnf_diamrlm;
d4fc98a3b79c Handle more nicely the local RADIUS clients in the gateway Sebastien Decugis <sdecugis@nict.go.jp> parents: 442 diff changeset	248 }
254 a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	249
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	250 /* move the sa info reference */
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	251 tmp->sa = *ip_port;
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	252 *ip_port = NULL;
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	253
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	254 /* move the key material */
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	255 tmp->key.data = *key;
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	256 tmp->key.len = keylen;
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	257 *key = NULL;
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	258
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	259 /* Done! */
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	260 *res = tmp;
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	261 return 0;
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	262 }
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	263
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	264 /* Decrease refcount on a client; the lock must be held when this function is called. */
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	265 static void client_unlink(struct rgw_client * client)
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	266 {
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	267 client->refcount -= 1;
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	268
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	269 if (client->refcount <= 0) {
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	270 int idx;
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	271 /* to be sure: the refcount should be 0 only when client_fini is called */
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	272 ASSERT( FD_IS_LIST_EMPTY(&client->chain) );
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	273
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	274 /* Free the data */
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	275 for (idx = 0; idx < client->aliases_nb; idx++)
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	276 free(client->aliases[idx]);
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	277 free(client->aliases);
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	278 free(client->fqdn);
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	279 free(client->sa);
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	280 free(client->key.data);
530 825a2992e3b9 Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon Sebastien Decugis <sdecugis@nict.go.jp> parents: 521 diff changeset	281
825a2992e3b9 Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon Sebastien Decugis <sdecugis@nict.go.jp> parents: 521 diff changeset	282 /* Free the duplicate info */
825a2992e3b9 Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon Sebastien Decugis <sdecugis@nict.go.jp> parents: 521 diff changeset	283 for (idx=0; idx <= 1; idx++){
544 a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	284 CHECK_POSIX_DO( pthread_mutex_lock( &client->dupl_info[idx].dupl_lock ), /* continue */ );
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	285
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	286 while (!FD_IS_LIST_EMPTY(&client->dupl_info[idx].dupl_by_id)) {
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	287 struct req_info * r = (struct req_info *)(client->dupl_info[idx].dupl_by_id.next->o);
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	288 fd_list_unlink( &r->by_id );
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	289 fd_list_unlink( &r->by_time );
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	290 dupl_free_req_info(r);
530 825a2992e3b9 Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon Sebastien Decugis <sdecugis@nict.go.jp> parents: 521 diff changeset	291 }
544 a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	292
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	293 CHECK_POSIX_DO( pthread_mutex_unlock( &client->dupl_info[idx].dupl_lock ), /* continue */ );
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	294
530 825a2992e3b9 Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon Sebastien Decugis <sdecugis@nict.go.jp> parents: 521 diff changeset	295 }
825a2992e3b9 Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon Sebastien Decugis <sdecugis@nict.go.jp> parents: 521 diff changeset	296
254 a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	297 free(client);
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	298 }
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	299 }
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	300
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	301
500 d4fc98a3b79c Handle more nicely the local RADIUS clients in the gateway Sebastien Decugis <sdecugis@nict.go.jp> parents: 442 diff changeset	302 /* Macro to avoid duplicating the code in the next function */
254 a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	303 #define client_search_family( _family_ ) \
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	304 case AF_INET##_family_: { \
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	305 struct sockaddr_in##_family_ * sin##_family_ = (struct sockaddr_in##_family_ *)ip_port; \
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	306 for (ref = cli_ip##_family_.next; ref != &cli_ip##_family_; ref = ref->next) { \
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	307 cmp = memcmp(&sin##_family_->sin##_family_##_addr, \
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	308 &((struct rgw_client *)ref)->sin##_family_->sin##_family_##_addr, \
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	309 sizeof(struct in##_family_##_addr)); \
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	310 if (cmp > 0) continue; /* search further in the list */ \
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	311 if (cmp < 0) break; /* this IP is not in the list */ \
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	312 /* Now compare the ports as follow: */ \
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	313 /* If the ip_port we are searching does not contain a port, just return the first match result */ \
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	314 if ( (sin##_family_->sin##_family_##_port == 0) \
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	315 /* If the entry in the list does not contain a port, return it as a match */ \
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	316 \|\| (((struct rgw_client *)ref)->sin##_family_->sin##_family_##_port == 0) \
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	317 /* If both ports are equal, it is a match */ \
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	318 \|\| (sin##_family_->sin##_family_##_port == \
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	319 ((struct rgw_client *)ref)->sin##_family_->sin##_family_##_port)) { \
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	320 res = (struct rgw_client )ref; \
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	321 return EEXIST; \
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	322 } \
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	323 /* Otherwise, the list is ordered by port value (byte order does not matter */ \
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	324 if (sin##_family_->sin##_family_##_port \
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	325 > ((struct rgw_client *)ref)->sin##_family_->sin##_family_##_port) continue; \
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	326 else break; \
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	327 } \
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	328 res = (struct rgw_client )(ref->prev); \
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	329 return ENOENT; \
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	330 }
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	331 /* Function to look for an existing rgw_client, or the previous element.
544 a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	332 The cli_rwl must be held for reading (at least) when calling this function.
254 a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	333 Returns ENOENT if the matching client does not exist, and res points to the previous element in the list.
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	334 Returns EEXIST if the matching client is found, and res points to this element.
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	335 Returns other error code on other error. */
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	336 static int client_search(struct rgw_client ** res, struct sockaddr * ip_port )
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	337 {
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	338 int cmp;
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	339 struct fd_list *ref = NULL;
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	340
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	341 CHECK_PARAMS(res && ip_port);
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	342
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	343 switch (ip_port->sa_family) {
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	344 client_search_family()
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	345 break;
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	346
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	347 client_search_family( 6 )
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	348 break;
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	349 }
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	350
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	351 /* We're never supposed to reach this point */
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	352 ASSERT(0);
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	353 return EINVAL;
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	354 }
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	355
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	356 int rgw_clients_getkey(struct rgw_client * cli, unsigned char *key, size_t key_len)
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	357 {
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	358 CHECK_PARAMS( cli && key && key_len );
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	359 *key = cli->key.data;
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	360 *key_len = cli->key.len;
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	361 return 0;
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	362 }
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	363
516 1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	364 int rgw_clients_gettype(struct rgw_client * cli, enum rgw_cli_type *type)
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	365 {
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	366 CHECK_PARAMS( cli && type );
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	367 *type = cli->type;
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	368 return 0;
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	369 }
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	370
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	371
254 a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	372 int rgw_clients_search(struct sockaddr * ip_port, struct rgw_client ** ref)
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	373 {
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	374 int ret = 0;
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	375
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	376 TRACE_ENTRY("%p %p", ip_port, ref);
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	377
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	378 CHECK_PARAMS(ip_port && ref);
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	379
544 a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	380 CHECK_POSIX( pthread_rwlock_rdlock(&cli_rwl) );
254 a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	381
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	382 ret = client_search(ref, ip_port);
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	383 if (ret == EEXIST) {
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	384 (*ref)->refcount ++;
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	385 ret = 0;
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	386 } else {
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	387 *ref = NULL;
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	388 }
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	389
544 a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	390 CHECK_POSIX( pthread_rwlock_unlock(&cli_rwl) );
254 a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	391
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	392 return ret;
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	393 }
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	394
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	395 int rgw_clients_check_dup(struct rgw_radius_msg_meta *msg, struct rgw_client cli)
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	396 {
544 a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	397 int p, dup = 0;
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	398 struct fd_list * li;
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	399 struct req_info * r;
254 a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	400
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	401 TRACE_ENTRY("%p %p", msg, cli);
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	402
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	403 CHECK_PARAMS( msg && cli );
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	404
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	405 if ((*msg)->serv_type == RGW_PLG_TYPE_AUTH)
530 825a2992e3b9 Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon Sebastien Decugis <sdecugis@nict.go.jp> parents: 521 diff changeset	406 p = 0;
254 a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	407 else
530 825a2992e3b9 Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon Sebastien Decugis <sdecugis@nict.go.jp> parents: 521 diff changeset	408 p = 1;
254 a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	409
544 a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	410 CHECK_POSIX( pthread_mutex_lock( &cli->dupl_info[p].dupl_lock ) );
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	411
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	412 /* Search if we have this message in our list */
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	413 for (li = cli->dupl_info[p].dupl_by_id.next; li != &cli->dupl_info[p].dupl_by_id; li = li->next) {
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	414 int cmp = 0;
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	415 r = (struct req_info *)(li->o);
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	416 if (r->id < (*msg)->radius.hdr->identifier)
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	417 continue;
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	418 if (r->id > (*msg)->radius.hdr->identifier)
530 825a2992e3b9 Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon Sebastien Decugis <sdecugis@nict.go.jp> parents: 521 diff changeset	419 break;
544 a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	420 if (r->port < (*msg)->port)
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	421 continue;
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	422 if (r->port > (*msg)->port)
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	423 break;
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	424 cmp = memcmp(&r->auth[0], &(*msg)->radius.hdr->authenticator[0], 16);
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	425 if (cmp < 0)
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	426 continue;
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	427 if (cmp > 0);
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	428 break;
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	429 dup = 1;
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	430 break;
530 825a2992e3b9 Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon Sebastien Decugis <sdecugis@nict.go.jp> parents: 521 diff changeset	431 }
825a2992e3b9 Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon Sebastien Decugis <sdecugis@nict.go.jp> parents: 521 diff changeset	432
544 a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	433 if (dup) {
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	434 time_t now = time(NULL);
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	435 r->nbdup += 1;
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	436 TRACE_DEBUG(INFO, "Received duplicated RADIUS message (id: %02hhx, port: %hu, dup #%d, previously seen %d secs ago).",
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	437 r->id, ntohs(r->port), r->nbdup, now - r->received);
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	438
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	439 if (r->ans) {
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	440 /* Resend the answer */
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	441 CHECK_FCT_DO( rgw_servers_send((*msg)->serv_type, r->ans->buf, r->ans->buf_used, cli->sa, r->port), );
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	442
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	443 /* Should we delete 'r' so that a further duplicate will again be converted to Diameter? */
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	444 }
530 825a2992e3b9 Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon Sebastien Decugis <sdecugis@nict.go.jp> parents: 521 diff changeset	445
544 a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	446 /* Update the timestamp */
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	447 r->received = now;
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	448 fd_list_unlink(&r->by_time);
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	449 fd_list_insert_before(&cli->dupl_info[p].dupl_by_time, &r->by_time); /* Move as last entry, since it is the most recent */
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	450
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	451 /* Delete the request message */
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	452 rgw_msg_free(msg);
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	453
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	454 } else {
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	455 /* The message was not a duplicate, we save it */
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	456 /* li currently points the the next entry in list_by_id */
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	457 CHECK_MALLOC_DO( r= dupl_new_req_info(*msg), { CHECK_POSIX_DO(pthread_mutex_unlock( &cli->dupl_info[p].dupl_lock ), ); return ENOMEM; } );
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	458 fd_list_insert_before(li, &r->by_id);
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	459 fd_list_insert_before(&cli->dupl_info[p].dupl_by_time, &r->by_time); /* it is the most recent */
254 a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	460 }
544 a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	461
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	462 CHECK_POSIX( pthread_mutex_unlock( &cli->dupl_info[p].dupl_lock ) );
254 a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	463
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	464 return 0;
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	465 }
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	466
516 1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	467 /* Check if the message has a valid authenticator, and update the meta-data accordingly */
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	468 int rgw_clients_auth_check(struct rgw_radius_msg_meta * msg, struct rgw_client * cli, uint8_t * req_auth)
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	469 {
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	470 unsigned char * key;
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	471 size_t keylen;
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	472 int count;
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	473
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	474 TRACE_ENTRY("%p %p %p", msg, cli, req_auth);
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	475
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	476 CHECK_PARAMS(msg && cli);
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	477
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	478 CHECK_FCT(rgw_clients_getkey(cli, &key, &keylen));
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	479
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	480 count = radius_msg_count_attr(&msg->radius, RADIUS_ATTR_MESSAGE_AUTHENTICATOR, 0);
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	481 if (count > 1) {
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	482 TRACE_DEBUG(INFO, "Too many Message-Authenticator attributes (%d), discarding message.", count);
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	483 return EINVAL;
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	484 }
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	485 if (count == 0) {
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	486 TRACE_DEBUG(FULL, "Message does not contain a Message-Authenticator attributes.");
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	487 msg->valid_mac = 0;
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	488 } else {
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	489 if (radius_msg_verify_msg_auth( &msg->radius, key, keylen, req_auth )) {
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	490 TRACE_DEBUG(INFO, "Invalid Message-Authenticator received, discarding message.");
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	491 return EINVAL;
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	492 }
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	493 msg->valid_mac = 1;
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	494 }
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	495
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	496 return 0;
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	497 }
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	498
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	499 static struct dict_object * cache_orig_host = NULL;
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	500 static struct dict_object * cache_orig_realm = NULL;
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	501 static struct dict_object * cache_route_record = NULL;
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	502
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	503 int rgw_clients_init(void)
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	504 {
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	505 TRACE_ENTRY();
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	506 CHECK_FCT( fd_dict_search(fd_g_config->cnf_dict, DICT_AVP, AVP_BY_NAME, "Origin-Host", &cache_orig_host, ENOENT) );
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	507 CHECK_FCT( fd_dict_search(fd_g_config->cnf_dict, DICT_AVP, AVP_BY_NAME, "Origin-Realm", &cache_orig_realm, ENOENT) );
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	508 CHECK_FCT( fd_dict_search(fd_g_config->cnf_dict, DICT_AVP, AVP_BY_NAME, "Route-Record", &cache_route_record, ENOENT) );
544 a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	509
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	510 /* Create the thread that will purge old RADIUS duplicates */
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	511 CHECK_POSIX( pthread_create( &dbt_expire, NULL, dupl_th, NULL) );
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	512
516 1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	513 return 0;
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	514 }
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	515
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	516
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	517 /* The following function checks if a RADIUS message contains a valid NAS identifier, and initializes an empty Diameter
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	518 message with the appropriate routing information */
544 a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	519 /* Check that the NAS-IP-Adress or NAS-Identifier is coherent with the IP the packet was received from */
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	520 /* Also update the client list of aliases if needed */
516 1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	521 int rgw_clients_create_origin(struct rgw_radius_msg_meta msg, struct rgw_client cli, struct msg ** diam)
254 a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	522 {
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	523 int idx;
516 1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	524 int valid_nas_info = 0;
254 a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	525 struct radius_attr_hdr nas_ip = NULL, nas_ip6 = NULL, *nas_id = NULL;
516 1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	526 char * oh_str = NULL;
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	527 char * or_str = NULL;
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	528 char * rr_str = NULL;
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	529 char buf[REVERSE_DNS_SIZE_MAX]; /* to store DNS lookups results */
254 a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	530
516 1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	531 struct avp *avp = NULL;
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	532 union avp_value avp_val;
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	533
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	534 TRACE_ENTRY("%p %p %p", msg, cli, diam);
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	535 CHECK_PARAMS(msg && cli && diam && (*diam == NULL));
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	536
254 a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	537 /* Find the relevant attributes, if any */
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	538 for (idx = 0; idx < msg->radius.attr_used; idx++) {
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	539 struct radius_attr_hdr * attr = (struct radius_attr_hdr *)(msg->radius.buf + msg->radius.attr_pos[idx]);
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	540 size_t attr_len = attr->length - sizeof(struct radius_attr_hdr);
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	541
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	542 if ((attr->type == RADIUS_ATTR_NAS_IP_ADDRESS) && (attr_len = 4)) {
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	543 nas_ip = attr;
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	544 continue;
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	545 }
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	546
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	547 if ((attr->type == RADIUS_ATTR_NAS_IDENTIFIER) && (attr_len > 0)) {
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	548 nas_id = attr;
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	549 continue;
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	550 }
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	551
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	552 if ((attr->type == RADIUS_ATTR_NAS_IPV6_ADDRESS) && (attr_len = 16)) {
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	553 nas_ip6 = attr;
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	554 continue;
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	555 }
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	556 }
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	557
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	558 if (!nas_ip && !nas_ip6 && !nas_id) {
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	559 TRACE_DEBUG(FULL, "The message does not contain any NAS identification attribute.");
516 1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	560
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	561 /* Get information on this peer */
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	562 CHECK_FCT( rgw_clients_get_origin(cli, &oh_str, &or_str) );
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	563
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	564 goto diameter;
254 a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	565 }
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	566
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	567 /* Check if the message was received from the IP in NAS-IP-Address attribute */
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	568 if (nas_ip && (cli->sa->sa_family == AF_INET) && !memcmp(nas_ip+1, &cli->sin->sin_addr, sizeof(struct in_addr))) {
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	569 TRACE_DEBUG(FULL, "NAS-IP-Address contains the same address as the message was received from.");
516 1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	570 valid_nas_info \|= 1;
254 a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	571 }
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	572 if (nas_ip6 && (cli->sa->sa_family == AF_INET6) && !memcmp(nas_ip6+1, &cli->sin6->sin6_addr, sizeof(struct in6_addr))) {
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	573 TRACE_DEBUG(FULL, "NAS-IPv6-Address contains the same address as the message was received from.");
516 1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	574 valid_nas_info \|= 2;
254 a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	575 }
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	576
516 1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	577
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	578 /*
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	579 In RADIUS it would be possible for a rogue NAS to forge the NAS-IP-
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	580 Address attribute value. Diameter/RADIUS translation agents MUST
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	581 check a received NAS-IP-Address or NAS-IPv6-Address attribute against
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	582 the source address of the RADIUS packet. If they do not match and
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	583 the Diameter/RADIUS translation agent does not know whether the
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	584 packet was sent by a RADIUS proxy or NAS (e.g., no Proxy-State
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	585 attribute), then by default it is assumed that the source address
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	586 corresponds to a RADIUS proxy, and that the NAS Address is behind
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	587 that proxy, potentially with some additional RADIUS proxies in
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	588 between. The Diameter/RADIUS translation agent MUST insert entries
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	589 in the Route-Record AVP corresponding to the apparent route. This
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	590 implies doing a reverse lookup on the source address and NAS-IP-
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	591 Address or NAS-IPv6-Address attributes to determine the corresponding
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	592 FQDNs.
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	593
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	594 If the source address and the NAS-IP-Address or NAS-IPv6-Address do
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	595 not match, and the Diameter/RADIUS translation agent knows that it is
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	596 talking directly to the NAS (e.g., there are no RADIUS proxies
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	597 between it and the NAS), then the error should be logged, and the
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	598 packet MUST be discarded.
254 a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	599
516 1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	600 Diameter agents and servers MUST check whether the NAS-IP-Address AVP
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	601 corresponds to an entry in the Route-Record AVP. This is done by
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	602 doing a reverse lookup (PTR RR) for the NAS-IP-Address to retrieve
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	603 the corresponding FQDN, and by checking for a match with the Route-
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	604 Record AVP. If no match is found, then an error is logged, but no
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	605 other action is taken.
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	606 */
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	607 if (nas_ip \|\| nas_ip6) {
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	608 if (!valid_nas_info) {
520 9b5422e5385c Better handle localhost RADIUS clients Sebastien Decugis <sdecugis@nict.go.jp> parents: 519 diff changeset	609 if ((!cli->is_local) && (cli->type == RGW_CLI_NAS)) {
516 1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	610 TRACE_DEBUG(INFO, "Message received with a NAS-IP-Address or NAS-IPv6-Address different \nfrom the sender's. Please configure as Proxy if this is expected.\n Message discarded.");
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	611 return EINVAL;
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	612 } else {
520 9b5422e5385c Better handle localhost RADIUS clients Sebastien Decugis <sdecugis@nict.go.jp> parents: 519 diff changeset	613 /* the peer is configured as a proxy, or running on localhost, so accept the message */
516 1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	614 sSS ss;
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	615
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	616 /* In that case, the cli will be stored as Route-Record and the NAS-IP-Address as origin */
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	617 if (!cli->is_local) {
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	618 rr_str = cli->fqdn;
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	619 }
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	620
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	621 /* We must DNS-reverse the NAS-IP-Address /
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	622 memset(&ss, 0 , sizeof(sSS));
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	623 if (nas_ip) {
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	624 sSA4 * sin = (sSA4 *)&ss;
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	625 sin->sin_family = AF_INET;
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	626 memcpy(&sin->sin_addr, nas_ip + 1, sizeof(struct in_addr));
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	627 } else {
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	628 sSA6 * sin6 = (sSA6 *)&ss;
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	629 sin6->sin6_family = AF_INET6;
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	630 memcpy(&sin6->sin6_addr, nas_ip6 + 1, sizeof(struct in6_addr));
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	631 }
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	632 CHECK_SYS_DO( getnameinfo( (sSA *)&ss, sSAlen(&ss), &buf[0], sizeof(buf), NULL, 0, NI_NAMEREQD),
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	633 {
520 9b5422e5385c Better handle localhost RADIUS clients Sebastien Decugis <sdecugis@nict.go.jp> parents: 519 diff changeset	634 if (cli->is_local) {
9b5422e5385c Better handle localhost RADIUS clients Sebastien Decugis <sdecugis@nict.go.jp> parents: 519 diff changeset	635 CHECK_FCT( rgw_clients_get_origin(cli, &oh_str, &or_str) );
9b5422e5385c Better handle localhost RADIUS clients Sebastien Decugis <sdecugis@nict.go.jp> parents: 519 diff changeset	636 goto diameter;
9b5422e5385c Better handle localhost RADIUS clients Sebastien Decugis <sdecugis@nict.go.jp> parents: 519 diff changeset	637 }
9b5422e5385c Better handle localhost RADIUS clients Sebastien Decugis <sdecugis@nict.go.jp> parents: 519 diff changeset	638
516 1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	639 TRACE_DEBUG(INFO, "The NAS-IP*-Address cannot be DNS reversed in order to create the Origin-Host AVP; rejecting the message (translation is impossible).");
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	640 return EINVAL;
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	641 } );
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	642
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	643 oh_str = &buf[0];
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	644 or_str = strchr(oh_str, '.');
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	645 if (or_str) {
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	646 or_str ++; /* move after the first dot */
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	647 if (*or_str == '\0')
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	648 or_str = NULL; /* Discard this realm, we will use the local realm later */
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	649 }
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	650 }
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	651 } else {
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	652 /* The attribute matches the source address, just use this in origin-host */
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	653 CHECK_FCT( rgw_clients_get_origin(cli, &oh_str, &or_str) );
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	654 }
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	655
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	656 goto diameter; /* we ignore the nas_id in that case */
254 a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	657 }
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	658
516 1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	659 /* We don't have a NAS-IP-Address attribute if we are here /
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	660 if (cli->is_local) {
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	661 /* Simple: we use our own configuration */
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	662 CHECK_FCT( rgw_clients_get_origin(cli, &oh_str, &or_str) );
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	663 goto diameter;
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	664 }
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	665
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	666 /* At this point, we only have nas_id, and the client is not local */
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	667 ASSERT(nas_id);
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	668
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	669 {
442 02e3976b9163 Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling Sebastien Decugis <sdecugis@nict.go.jp> parents: 403 diff changeset	670 int found, ret;
02e3976b9163 Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling Sebastien Decugis <sdecugis@nict.go.jp> parents: 403 diff changeset	671 struct addrinfo hint, res, ptr;
02e3976b9163 Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling Sebastien Decugis <sdecugis@nict.go.jp> parents: 403 diff changeset	672
254 a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	673 /*
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	674 In RADIUS it would be possible for a rogue NAS to forge the NAS-
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	675 Identifier attribute. Diameter/RADIUS translation agents SHOULD
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	676 attempt to check a received NAS-Identifier attribute against the
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	677 source address of the RADIUS packet, by doing an A/AAAA RR query. If
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	678 the NAS-Identifier attribute contains an FQDN, then such a query
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	679 would resolve to an IP address matching the source address. However,
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	680 the NAS-Identifier attribute is not required to contain an FQDN, so
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	681 such a query could fail. If it fails, an error should be logged, but
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	682 no action should be taken, other than a reverse lookup on the source
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	683 address and insert the resulting FQDN into the Route-Record AVP.
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	684
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	685 Diameter agents and servers SHOULD check whether a NAS-Identifier AVP
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	686 corresponds to an entry in the Route-Record AVP. If no match is
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	687 found, then an error is logged, but no other action is taken.
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	688 */
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	689
442 02e3976b9163 Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling Sebastien Decugis <sdecugis@nict.go.jp> parents: 403 diff changeset	690 /* first, check if the nas_id is the fqdn of the peer or a known alias */
02e3976b9163 Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling Sebastien Decugis <sdecugis@nict.go.jp> parents: 403 diff changeset	691 if ((cli->fqdn_len == (nas_id->length - sizeof(struct radius_attr_hdr)))
02e3976b9163 Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling Sebastien Decugis <sdecugis@nict.go.jp> parents: 403 diff changeset	692 && (!strncasecmp((char *)(nas_id + 1), cli->fqdn, nas_id->length - sizeof(struct radius_attr_hdr)))) {
516 1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	693 TRACE_DEBUG(FULL, "NAS-Identifier contains the fqdn of the client");
254 a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	694 found = 1;
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	695 } else {
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	696 for (idx = 0; idx < cli->aliases_nb; idx++) {
442 02e3976b9163 Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling Sebastien Decugis <sdecugis@nict.go.jp> parents: 403 diff changeset	697 if (((nas_id->length - sizeof(struct radius_attr_hdr)) == strlen(cli->aliases[idx]))
02e3976b9163 Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling Sebastien Decugis <sdecugis@nict.go.jp> parents: 403 diff changeset	698 && (!strncasecmp((char *)(nas_id + 1), cli->aliases[idx], nas_id->length - sizeof(struct radius_attr_hdr)))) {
254 a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	699 TRACE_DEBUG(FULL, "NAS-Identifier valid value found in the cache");
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	700 found = 1;
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	701 break;
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	702 }
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	703 }
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	704 }
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	705
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	706 if (found) {
516 1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	707 /* The NAS-Identifier matches the source IP */
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	708 CHECK_FCT( rgw_clients_get_origin(cli, &oh_str, &or_str) );
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	709
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	710 goto diameter;
254 a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	711 }
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	712
516 1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	713 /* Attempt DNS resolution of the identifier */
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	714 ASSERT( nas_id->length - sizeof(struct radius_attr_hdr) < sizeof(buf) );
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	715 memcpy(buf, nas_id + 1, nas_id->length - sizeof(struct radius_attr_hdr));
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	716 buf[nas_id->length - sizeof(struct radius_attr_hdr)] = '\0';
442 02e3976b9163 Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling Sebastien Decugis <sdecugis@nict.go.jp> parents: 403 diff changeset	717
254 a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	718 /* Now check if this alias is valid for this peer */
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	719 memset(&hint, 0, sizeof(hint));
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	720 hint.ai_flags = AI_CANONNAME;
516 1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	721 ret = getaddrinfo(buf, NULL, &hint, &res);
442 02e3976b9163 Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling Sebastien Decugis <sdecugis@nict.go.jp> parents: 403 diff changeset	722 if (ret == 0) {
516 1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	723 strncpy(buf, res->ai_canonname, sizeof(buf));
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	724 /* The name was resolved correctly, does it match the IP of the client? */
442 02e3976b9163 Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling Sebastien Decugis <sdecugis@nict.go.jp> parents: 403 diff changeset	725 for (ptr = res; ptr != NULL; ptr = ptr->ai_next) {
02e3976b9163 Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling Sebastien Decugis <sdecugis@nict.go.jp> parents: 403 diff changeset	726 if (cli->sa->sa_family != ptr->ai_family)
02e3976b9163 Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling Sebastien Decugis <sdecugis@nict.go.jp> parents: 403 diff changeset	727 continue;
02e3976b9163 Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling Sebastien Decugis <sdecugis@nict.go.jp> parents: 403 diff changeset	728 if (memcmp(cli->sa, ptr->ai_addr, sSAlen(cli->sa)))
02e3976b9163 Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling Sebastien Decugis <sdecugis@nict.go.jp> parents: 403 diff changeset	729 continue;
02e3976b9163 Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling Sebastien Decugis <sdecugis@nict.go.jp> parents: 403 diff changeset	730
02e3976b9163 Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling Sebastien Decugis <sdecugis@nict.go.jp> parents: 403 diff changeset	731 found = 1;
02e3976b9163 Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling Sebastien Decugis <sdecugis@nict.go.jp> parents: 403 diff changeset	732 break;
02e3976b9163 Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling Sebastien Decugis <sdecugis@nict.go.jp> parents: 403 diff changeset	733 }
254 a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	734 freeaddrinfo(res);
442 02e3976b9163 Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling Sebastien Decugis <sdecugis@nict.go.jp> parents: 403 diff changeset	735
02e3976b9163 Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling Sebastien Decugis <sdecugis@nict.go.jp> parents: 403 diff changeset	736 if (!found) {
516 1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	737 if (cli->type == RGW_CLI_NAS) {
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	738 TRACE_DEBUG(INFO, "The NAS-Identifier value '%.*s' resolves to a different IP than the client's, discarding the message. \nConfigure this client as a Proxy if this message should be valid.",
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	739 nas_id->length - sizeof(struct radius_attr_hdr), nas_id + 1);
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	740 return EINVAL;
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	741 } else {
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	742 /* This identifier matches a different IP, assume it is a proxied message */
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	743 if (!cli->is_local) {
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	744 rr_str = cli->fqdn;
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	745 }
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	746 oh_str = &buf[0]; /* The canonname resolved */
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	747 or_str = strchr(oh_str, '.');
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	748 if (or_str) {
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	749 or_str ++; /* move after the first dot */
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	750 if (*or_str == '\0')
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	751 or_str = NULL; /* Discard this realm, we will use the local realm later */
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	752 }
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	753 }
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	754 } else {
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	755 /* It is a valid alias, save it */
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	756 CHECK_MALLOC( cli->aliases = realloc(cli->aliases, (cli->aliases_nb + 1) * sizeof(char *)) );
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	757 CHECK_MALLOC( cli->aliases[cli->aliases_nb + 1] = malloc( 1 + nas_id->length - sizeof(struct radius_attr_hdr) ));
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	758 memcpy( cli->aliases[cli->aliases_nb + 1], nas_id + 1, nas_id->length - sizeof(struct radius_attr_hdr));
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	759 *(cli->aliases[cli->aliases_nb + 1] + nas_id->length - sizeof(struct radius_attr_hdr)) = '\0';
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	760 cli->aliases_nb ++;
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	761 TRACE_DEBUG(FULL, "Saved valid alias for client: '%s' -> '%s'", cli->aliases[cli->aliases_nb + 1], cli->fqdn);
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	762 CHECK_FCT( rgw_clients_get_origin(cli, &oh_str, &or_str) );
442 02e3976b9163 Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling Sebastien Decugis <sdecugis@nict.go.jp> parents: 403 diff changeset	763 }
02e3976b9163 Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling Sebastien Decugis <sdecugis@nict.go.jp> parents: 403 diff changeset	764 } else {
02e3976b9163 Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling Sebastien Decugis <sdecugis@nict.go.jp> parents: 403 diff changeset	765 /* Error resolving the name */
516 1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	766 TRACE_DEBUG(INFO, "NAS-Identifier '%s' cannot be resolved: %s. Ignoring...", buf, gai_strerror(ret));
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	767 /* Assume this is a valid identifier for the client */
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	768 CHECK_FCT( rgw_clients_get_origin(cli, &oh_str, &or_str) );
254 a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	769 }
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	770 }
516 1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	771
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	772 /* Now, let's create the empty Diameter message with Origin-Host, -Realm, and Route-Record if needed. */
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	773 diameter:
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	774 ASSERT(oh_str); /* If it is not defined here, there is a bug... */
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	775 if (!or_str)
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	776 or_str = fd_g_config->cnf_diamrlm; /* Use local realm in that case */
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	777
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	778 /* Create an empty Diameter message so that extensions can store their AVPs */
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	779 CHECK_FCT( fd_msg_new ( NULL, MSGFL_ALLOC_ETEID, diam ) );
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	780
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	781 /* Add the Origin-Host as next AVP */
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	782 CHECK_FCT( fd_msg_avp_new ( cache_orig_host, 0, &avp ) );
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	783 memset(&avp_val, 0, sizeof(avp_val));
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	784 avp_val.os.data = (unsigned char *)oh_str;
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	785 avp_val.os.len = strlen(oh_str);
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	786 CHECK_FCT( fd_msg_avp_setvalue ( avp, &avp_val ) );
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	787 CHECK_FCT( fd_msg_avp_add ( *diam, MSG_BRW_LAST_CHILD, avp) );
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	788
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	789 /* Add the Origin-Realm as next AVP */
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	790 CHECK_FCT( fd_msg_avp_new ( cache_orig_realm, 0, &avp ) );
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	791 memset(&avp_val, 0, sizeof(avp_val));
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	792 avp_val.os.data = (unsigned char *)or_str;
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	793 avp_val.os.len = strlen(or_str);
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	794 CHECK_FCT( fd_msg_avp_setvalue ( avp, &avp_val ) );
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	795 CHECK_FCT( fd_msg_avp_add ( *diam, MSG_BRW_LAST_CHILD, avp) );
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	796
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	797 if (rr_str) {
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	798 CHECK_FCT( fd_msg_avp_new ( cache_route_record, 0, &avp ) );
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	799 memset(&avp_val, 0, sizeof(avp_val));
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	800 avp_val.os.data = (unsigned char *)rr_str;
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	801 avp_val.os.len = strlen(rr_str);
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	802 CHECK_FCT( fd_msg_avp_setvalue ( avp, &avp_val ) );
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	803 CHECK_FCT( fd_msg_avp_add ( *diam, MSG_BRW_LAST_CHILD, avp) );
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	804 }
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	805
1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	806 /* Done! */
254 a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	807 return 0;
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	808 }
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	809
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	810 int rgw_clients_get_origin(struct rgw_client cli, char fqdn, char *realm)
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	811 {
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	812 TRACE_ENTRY("%p %p %p", cli, fqdn, realm);
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	813 CHECK_PARAMS(cli && fqdn);
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	814
500 d4fc98a3b79c Handle more nicely the local RADIUS clients in the gateway Sebastien Decugis <sdecugis@nict.go.jp> parents: 442 diff changeset	815 if (cli->is_local) {
d4fc98a3b79c Handle more nicely the local RADIUS clients in the gateway Sebastien Decugis <sdecugis@nict.go.jp> parents: 442 diff changeset	816 *fqdn = fd_g_config->cnf_diamid;
d4fc98a3b79c Handle more nicely the local RADIUS clients in the gateway Sebastien Decugis <sdecugis@nict.go.jp> parents: 442 diff changeset	817 if (realm)
d4fc98a3b79c Handle more nicely the local RADIUS clients in the gateway Sebastien Decugis <sdecugis@nict.go.jp> parents: 442 diff changeset	818 *realm= fd_g_config->cnf_diamrlm;
d4fc98a3b79c Handle more nicely the local RADIUS clients in the gateway Sebastien Decugis <sdecugis@nict.go.jp> parents: 442 diff changeset	819 } else {
d4fc98a3b79c Handle more nicely the local RADIUS clients in the gateway Sebastien Decugis <sdecugis@nict.go.jp> parents: 442 diff changeset	820 *fqdn = cli->fqdn;
d4fc98a3b79c Handle more nicely the local RADIUS clients in the gateway Sebastien Decugis <sdecugis@nict.go.jp> parents: 442 diff changeset	821 if (realm)
d4fc98a3b79c Handle more nicely the local RADIUS clients in the gateway Sebastien Decugis <sdecugis@nict.go.jp> parents: 442 diff changeset	822 *realm= cli->realm;
d4fc98a3b79c Handle more nicely the local RADIUS clients in the gateway Sebastien Decugis <sdecugis@nict.go.jp> parents: 442 diff changeset	823 }
d4fc98a3b79c Handle more nicely the local RADIUS clients in the gateway Sebastien Decugis <sdecugis@nict.go.jp> parents: 442 diff changeset	824
254 a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	825 return 0;
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	826 }
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	827
271 411314907b43 Added translation of Accounting messages Sebastien Decugis <sdecugis@nict.go.jp> parents: 261 diff changeset	828 char * rgw_clients_id(struct rgw_client *cli)
411314907b43 Added translation of Accounting messages Sebastien Decugis <sdecugis@nict.go.jp> parents: 261 diff changeset	829 {
500 d4fc98a3b79c Handle more nicely the local RADIUS clients in the gateway Sebastien Decugis <sdecugis@nict.go.jp> parents: 442 diff changeset	830 return cli->is_local ? "(local)" : cli->fqdn;
271 411314907b43 Added translation of Accounting messages Sebastien Decugis <sdecugis@nict.go.jp> parents: 261 diff changeset	831 }
411314907b43 Added translation of Accounting messages Sebastien Decugis <sdecugis@nict.go.jp> parents: 261 diff changeset	832
254 a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	833
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	834 void rgw_clients_dispose(struct rgw_client ** ref)
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	835 {
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	836 TRACE_ENTRY("%p", ref);
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	837 CHECK_PARAMS_DO(ref, return);
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	838
544 a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	839 CHECK_POSIX_DO( pthread_rwlock_wrlock(&cli_rwl), );
254 a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	840 client_unlink(*ref);
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	841 *ref = NULL;
544 a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	842 CHECK_POSIX_DO( pthread_rwlock_unlock(&cli_rwl), );
254 a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	843 }
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	844
516 1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	845 int rgw_clients_add( struct sockaddr * ip_port, unsigned char ** key, size_t keylen, enum rgw_cli_type type )
254 a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	846 {
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	847 struct rgw_client * prev = NULL, *new = NULL;
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	848 int ret;
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	849
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	850 TRACE_ENTRY("%p %p %lu", ip_port, key, keylen);
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	851
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	852 CHECK_PARAMS( ip_port && key && *key && keylen );
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	853 CHECK_PARAMS( (ip_port->sa_family == AF_INET) \|\| (ip_port->sa_family == AF_INET6) );
516 1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	854 CHECK_PARAMS( (type == RGW_CLI_NAS) \|\| (type == RGW_CLI_PXY) );
254 a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	855
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	856 /* Dump the entry in debug mode */
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	857 if (TRACE_BOOL(FULL + 1 )) {
516 1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	858 TRACE_DEBUG(FULL, "Adding %s:", (type == RGW_CLI_NAS) ? "NAS" : "PROXY" );
260 4c2656ff3400 Cleanup newlines Sebastien Decugis <sdecugis@nict.go.jp> parents: 258 diff changeset	859 TRACE_DEBUG_sSA(FULL, "\tIP : ", ip_port, NI_NUMERICHOST \| NI_NUMERICSERV, "" );
4c2656ff3400 Cleanup newlines Sebastien Decugis <sdecugis@nict.go.jp> parents: 258 diff changeset	860 TRACE_DEBUG_BUFFER(FULL, "\tKey: [", *key, keylen, "]" );
254 a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	861 }
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	862
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	863 /* Lock the lists */
544 a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	864 CHECK_POSIX( pthread_rwlock_wrlock(&cli_rwl) );
254 a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	865
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	866 /* Check if the same entry does not already exist */
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	867 ret = client_search(&prev, ip_port );
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	868 if (ret == ENOENT) {
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	869 /* No duplicate found, Ok to add */
516 1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	870 CHECK_FCT_DO( ret = client_create( &new, &ip_port, key, keylen, type ), goto end );
254 a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	871 fd_list_insert_after(&prev->chain, &new->chain);
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	872 new->refcount++;
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	873 ret = 0;
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	874 goto end;
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	875 }
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	876
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	877 if (ret == EEXIST) {
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	878 /* Check if the key is the same, then skip or return an error */
516 1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	879 if ((keylen == prev->key.len ) && ( ! memcmp(*key, prev->key.data, keylen) ) && (type == prev->type)) {
254 a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	880 TRACE_DEBUG(INFO, "Skipping duplicate client description");
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	881 ret = 0;
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	882 goto end;
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	883 }
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	884
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	885 fd_log_debug("ERROR: Conflicting RADIUS clients descriptions!\n");
516 1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	886 TRACE_DEBUG(NONE, "Previous entry: %s", (prev->type == RGW_CLI_NAS) ? "NAS" : "PROXY");
260 4c2656ff3400 Cleanup newlines Sebastien Decugis <sdecugis@nict.go.jp> parents: 258 diff changeset	887 TRACE_DEBUG_sSA(NONE, "\tIP : ", prev->sa, NI_NUMERICHOST \| NI_NUMERICSERV, "" );
4c2656ff3400 Cleanup newlines Sebastien Decugis <sdecugis@nict.go.jp> parents: 258 diff changeset	888 TRACE_DEBUG_BUFFER(NONE, "\tKey: [", prev->key.data, prev->key.len, "]" );
516 1c2f5ee38039 Allow RADIUS Proxies with the app_radgw extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 500 diff changeset	889 TRACE_DEBUG(NONE, "Conflicting entry: %s", (type == RGW_CLI_NAS) ? "NAS" : "PROXY");
260 4c2656ff3400 Cleanup newlines Sebastien Decugis <sdecugis@nict.go.jp> parents: 258 diff changeset	890 TRACE_DEBUG_sSA(NONE, "\tIP : ", ip_port, NI_NUMERICHOST \| NI_NUMERICSERV, "" );
4c2656ff3400 Cleanup newlines Sebastien Decugis <sdecugis@nict.go.jp> parents: 258 diff changeset	891 TRACE_DEBUG_BUFFER(NONE, "\tKey: [", *key, keylen, "]" );
254 a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	892 }
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	893 end:
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	894 /* release the lists */
544 a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	895 CHECK_POSIX( pthread_rwlock_unlock(&cli_rwl) );
254 a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	896
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	897 return ret;
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	898 }
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	899
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	900 static void dump_cli_list(struct fd_list *senti)
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	901 {
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	902 struct rgw_client * client = NULL;
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	903 struct fd_list *ref = NULL;
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	904
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	905 for (ref = senti->next; ref != senti; ref = ref->next) {
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	906 client = (struct rgw_client *)ref;
521 b793d43e4686 Fix compilation problem Sebastien Decugis <sdecugis@nict.go.jp> parents: 520 diff changeset	907 TRACE_DEBUG_sSA(NONE, " - ", client->sa, NI_NUMERICHOST \| NI_NUMERICSERV, (client->type == RGW_CLI_NAS) ? "" : " [PROXY]" );
254 a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	908 }
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	909 }
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	910
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	911 void rgw_clients_dump(void)
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	912 {
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	913 if ( ! TRACE_BOOL(FULL) )
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	914 return;
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	915
544 a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	916 CHECK_POSIX_DO( pthread_rwlock_rdlock(&cli_rwl), /* ignore error */ );
254 a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	917
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	918 if (!FD_IS_LIST_EMPTY(&cli_ip))
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	919 fd_log_debug(" RADIUS IP clients list:\n");
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	920 dump_cli_list(&cli_ip);
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	921
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	922 if (!FD_IS_LIST_EMPTY(&cli_ip6))
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	923 fd_log_debug(" RADIUS IPv6 clients list:\n");
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	924 dump_cli_list(&cli_ip6);
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	925
544 a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	926 CHECK_POSIX_DO( pthread_rwlock_unlock(&cli_rwl), /* ignore error */ );
254 a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	927 }
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	928
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	929 void rgw_clients_fini(void)
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	930 {
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	931 struct fd_list * client;
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	932
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	933 TRACE_ENTRY();
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	934
544 a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	935 CHECK_POSIX_DO( pthread_rwlock_wrlock(&cli_rwl), /* ignore error */ );
254 a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	936
544 a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	937 CHECK_FCT_DO( fd_thr_term(&dbt_expire), /* continue */ );
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	938
254 a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	939 /* empty the lists */
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	940 while ( ! FD_IS_LIST_EMPTY(&cli_ip) ) {
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	941 client = cli_ip.next;
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	942 fd_list_unlink(client);
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	943 client_unlink((struct rgw_client *)client);
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	944 }
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	945 while (! FD_IS_LIST_EMPTY(&cli_ip6)) {
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	946 client = cli_ip6.next;
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	947 fd_list_unlink(client);
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	948 client_unlink((struct rgw_client *)client);
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	949 }
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	950
544 a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	951 CHECK_POSIX_DO( pthread_rwlock_unlock(&cli_rwl), /* ignore error */ );
254 a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	952
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	953 }
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	954
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	955 int rgw_client_finish_send(struct radius_msg ** msg, struct rgw_radius_msg_meta * req, struct rgw_client * cli)
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	956 {
544 a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	957 int p;
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	958 struct fd_list * li;
254 a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	959
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	960 TRACE_ENTRY("%p %p %p", msg, req, cli);
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	961 CHECK_PARAMS( msg && *msg && cli );
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	962
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	963 if (!req) {
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	964 /* We don't support this case yet */
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	965 ASSERT(0);
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	966 return ENOTSUP;
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	967 }
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	968
539 6994e9a3c528 The previous commit provoked an Accounting-Response with empty authenticator... Should be fixed now. Sebastien Decugis <sdecugis@nict.go.jp> parents: 538 diff changeset	969 if (radius_msg_finish_srv(*msg, cli->key.data, cli->key.len, req->radius.hdr->authenticator)) {
6994e9a3c528 The previous commit provoked an Accounting-Response with empty authenticator... Should be fixed now. Sebastien Decugis <sdecugis@nict.go.jp> parents: 538 diff changeset	970 TRACE_DEBUG(INFO, "An error occurred while preparing the RADIUS answer");
6994e9a3c528 The previous commit provoked an Accounting-Response with empty authenticator... Should be fixed now. Sebastien Decugis <sdecugis@nict.go.jp> parents: 538 diff changeset	971 radius_msg_free(*msg);
6994e9a3c528 The previous commit provoked an Accounting-Response with empty authenticator... Should be fixed now. Sebastien Decugis <sdecugis@nict.go.jp> parents: 538 diff changeset	972 free(*msg);
6994e9a3c528 The previous commit provoked an Accounting-Response with empty authenticator... Should be fixed now. Sebastien Decugis <sdecugis@nict.go.jp> parents: 538 diff changeset	973 *msg = NULL;
6994e9a3c528 The previous commit provoked an Accounting-Response with empty authenticator... Should be fixed now. Sebastien Decugis <sdecugis@nict.go.jp> parents: 538 diff changeset	974 return EINVAL;
254 a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	975 }
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	976
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	977 /* Debug */
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	978 TRACE_DEBUG(FULL, "RADIUS message ready for sending:");
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	979 rgw_msg_dump((struct rgw_radius_msg_meta )msg);
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	980
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	981 /* Send the message */
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	982 CHECK_FCT( rgw_servers_send(req->serv_type, (msg)->buf, (msg)->buf_used, cli->sa, req->port) );
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	983
544 a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	984 /* update the duplicate cache */
254 a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	985 if (req->serv_type == RGW_PLG_TYPE_AUTH)
530 825a2992e3b9 Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon Sebastien Decugis <sdecugis@nict.go.jp> parents: 521 diff changeset	986 p = 0;
254 a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	987 else
530 825a2992e3b9 Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon Sebastien Decugis <sdecugis@nict.go.jp> parents: 521 diff changeset	988 p = 1;
544 a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	989
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	990 CHECK_POSIX( pthread_mutex_lock( &cli->dupl_info[p].dupl_lock ) );
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	991
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	992 /* Search this message in our list */
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	993 for (li = cli->dupl_info[p].dupl_by_id.next; li != &cli->dupl_info[p].dupl_by_id; li = li->next) {
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	994 int cmp = 0;
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	995 struct req_info * r = (struct req_info *)(li->o);
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	996 if (r->id < req->radius.hdr->identifier)
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	997 continue;
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	998 if (r->id > req->radius.hdr->identifier)
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	999 break;
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	1000 if (r->port < req->port)
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	1001 continue;
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	1002 if (r->port > req->port)
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	1003 break;
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	1004 cmp = memcmp(&r->auth[0], &req->radius.hdr->authenticator[0], 16);
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	1005 if (cmp < 0)
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	1006 continue;
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	1007 if (cmp > 0);
530 825a2992e3b9 Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon Sebastien Decugis <sdecugis@nict.go.jp> parents: 521 diff changeset	1008 break;
544 a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	1009
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	1010 /* We have the request in our duplicate cache */
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	1011 /* This should not happen, but just in case... */
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	1012 if (r->ans) {
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	1013 radius_msg_free(r->ans);
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	1014 free(r->ans);
530 825a2992e3b9 Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon Sebastien Decugis <sdecugis@nict.go.jp> parents: 521 diff changeset	1015 }
544 a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	1016
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	1017 /* Now save the message */
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	1018 r->ans = *msg;
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	1019 *msg = NULL;
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	1020
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	1021 /* Update the timestamp */
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	1022 {
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	1023 time_t now = time(NULL);
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	1024 TRACE_DEBUG(FULL, "Sent RADIUS answer %d seconds after the request was received.", now - r->received);
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	1025 r->received = now;
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	1026 fd_list_unlink(&r->by_time); /* Move as last entry, since it is the most recent */
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	1027 fd_list_insert_before(&cli->dupl_info[p].dupl_by_time, &r->by_time);
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	1028 }
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	1029 break;
254 a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	1030 }
544 a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	1031
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	1032 CHECK_POSIX( pthread_mutex_unlock( &cli->dupl_info[p].dupl_lock ) );
530 825a2992e3b9 Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon Sebastien Decugis <sdecugis@nict.go.jp> parents: 521 diff changeset	1033
544 a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	1034 /* If we have not found the request in our list, the purge time is probably too small */
530 825a2992e3b9 Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon Sebastien Decugis <sdecugis@nict.go.jp> parents: 521 diff changeset	1035 if (*msg) {
544 a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	1036 TODO("Augment the purge time...");
a0e3af6f94fb Improve the RADIUS duplicates management. Default cache is set to 60 seconds. Sebastien Decugis <sdecugis@nict.go.jp> parents: 539 diff changeset	1037 /* If we receive the duplicate request again, it will be converted to Diameter... */
530 825a2992e3b9 Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon Sebastien Decugis <sdecugis@nict.go.jp> parents: 521 diff changeset	1038 radius_msg_free(*msg);
825a2992e3b9 Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon Sebastien Decugis <sdecugis@nict.go.jp> parents: 521 diff changeset	1039 free(*msg);
825a2992e3b9 Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon Sebastien Decugis <sdecugis@nict.go.jp> parents: 521 diff changeset	1040 *msg = NULL;
825a2992e3b9 Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon Sebastien Decugis <sdecugis@nict.go.jp> parents: 521 diff changeset	1041 }
254 a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	1042
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	1043 /* Finished */
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	1044 return 0;
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	1045 }
a857024cb48b Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later. Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	1046

Mercurial > hg > freeDiameter

annotate extensions/app_radgw/rgw_clients.c @ 544:a0e3af6f94fb