Mercurial > hg > freeDiameter
annotate extensions/app_radgw/rgw_clients.c @ 545:b0f9b0e1b564
Fix invalid initialization
| author | Sebastien Decugis <sdecugis@nict.go.jp> |
|---|---|
| date | Tue, 14 Sep 2010 16:14:52 +0900 |
| parents | a0e3af6f94fb |
| children | 0790fcf2fbfc |
| rev | line source |
|---|---|
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
1 /********************************************************************************************************* |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
2 * Software License Agreement (BSD License) * |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
3 * Author: Sebastien Decugis <sdecugis@nict.go.jp> * |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
4 * * |
|
258
5df55136361b
Updated copyright information
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
254
diff
changeset
|
5 * Copyright (c) 2010, WIDE Project and NICT * |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
6 * All rights reserved. * |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
7 * * |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
8 * Redistribution and use of this software in source and binary forms, with or without modification, are * |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
9 * permitted provided that the following conditions are met: * |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
10 * * |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
11 * * Redistributions of source code must retain the above * |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
12 * copyright notice, this list of conditions and the * |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
13 * following disclaimer. * |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
14 * * |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
15 * * Redistributions in binary form must reproduce the above * |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
16 * copyright notice, this list of conditions and the * |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
17 * following disclaimer in the documentation and/or other * |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
18 * materials provided with the distribution. * |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
19 * * |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
20 * * Neither the name of the WIDE Project or NICT nor the * |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
21 * names of its contributors may be used to endorse or * |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
22 * promote products derived from this software without * |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
23 * specific prior written permission of WIDE Project and * |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
24 * NICT. * |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
25 * * |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
26 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED * |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
27 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A * |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
28 * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR * |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
29 * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT * |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
30 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
31 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR * |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
32 * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF * |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
33 * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
34 *********************************************************************************************************/ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
35 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
36 /* Manage the list of RADIUS clients, along with their shared secrets. */ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
37 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
38 /* Probably some changes are needed to support RADIUS Proxies */ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
39 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
40 #include "rgw.h" |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
41 |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
42 #define REVERSE_DNS_SIZE_MAX 512 /* length of our buffer for reverse DNS */ |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
43 #define DUPLICATE_CHECK_LIFETIME 60 /* number of seconds that the received RADIUS records are kept for duplicate checking . TODO: make it configurable if needed */ |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
44 |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
45 /* Ordered lists of clients. The order relationship is a memcmp on the address zone. |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
46 For same addresses, the port is compared. |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
47 The same address cannot be added twice, once with a 0-port and once with another port value. |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
48 */ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
49 static struct fd_list cli_ip = FD_LIST_INITIALIZER(cli_ip); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
50 static struct fd_list cli_ip6 = FD_LIST_INITIALIZER(cli_ip6); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
51 |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
52 /* Lock to protect the previous lists. We use a rwlock because this list is mostly static, to allow parallel reading */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
53 static pthread_rwlock_t cli_rwl = PTHREAD_RWLOCK_INITIALIZER; |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
54 |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
55 /* Structure describing one received RADIUS message, for duplicate checks purpose. */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
56 struct req_info { |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
57 uint16_t port; /* UDP source port of the request */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
58 uint8_t id; /* The identifier in the request header */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
59 uint8_t auth[16]; /* Request authenticator, since some RADIUS clients do not implement the id mechanism properly. */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
60 struct radius_msg *ans; /* The replied answer if any, in case the previous answer got lost. */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
61 |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
62 int nbdup; /* Number of times this request was received as a duplicate */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
63 struct fd_list by_id; /* The list of requests ordered by their id, port, and auth */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
64 time_t received; /* When was the last duplicate received? */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
65 struct fd_list by_time; /* The list of requests ordered by the 'received' value . */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
66 }; |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
67 |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
68 static pthread_t dbt_expire = (pthread_t)NULL; /* The thread that will remove old requests information from all clients (one thread for all) */ |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
69 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
70 /* Structure describing one client */ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
71 struct rgw_client { |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
72 /* Link information in global list (cli_ip or cli_ip6) */ |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
73 struct fd_list chain; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
74 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
75 /* Reference count */ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
76 int refcount; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
77 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
78 /* The address and optional port (alloc'd during configuration file parsing). */ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
79 union { |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
80 struct sockaddr *sa; /* generic pointer */ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
81 struct sockaddr_in *sin; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
82 struct sockaddr_in6 *sin6; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
83 }; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
84 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
85 /* The FQDN, realm, and optional aliases */ |
|
500
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
86 int is_local; /* true if the RADIUS client runs on the same host -- we use Diameter Identity in that case */ |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
87 enum rgw_cli_type type; /* is it a proxy ? */ |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
88 char *fqdn; |
|
442
02e3976b9163
Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
403
diff
changeset
|
89 size_t fqdn_len; |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
90 char *realm; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
91 char **aliases; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
92 size_t aliases_nb; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
93 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
94 /* The secret key data. */ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
95 struct { |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
96 unsigned char * data; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
97 size_t len; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
98 } key; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
99 |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
100 /* information of previous msg received, for duplicate checks. */ |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
101 struct { |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
102 pthread_mutex_t dupl_lock; /* The mutex protecting the following lists */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
103 struct fd_list dupl_by_id; /* The list of req_info structures ordered by their id, port, and auth */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
104 struct fd_list dupl_by_time; /* The list of req_info structures ordered by their time (approximative) */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
105 } dupl_info[2]; /*[0] for auth, [1] for acct. */ |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
106 }; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
107 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
108 |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
109 /* Create a new req_info structure and initialize its data from a RADIUS request message */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
110 static struct req_info * dupl_new_req_info(struct rgw_radius_msg_meta *msg) { |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
111 struct req_info * ret = NULL; |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
112 CHECK_MALLOC_DO( ret = malloc(sizeof(struct req_info)), return NULL ); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
113 memset(ret, 0, sizeof(struct req_info)); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
114 ret->port = msg->port; |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
115 ret->id = msg->radius.hdr->identifier; |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
116 memcpy(&ret->auth[0], &msg->radius.hdr->authenticator[0], 16); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
117 fd_list_init(&ret->by_id, ret); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
118 fd_list_init(&ret->by_time, ret); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
119 ret->received = time(NULL); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
120 return ret; |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
121 } |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
122 |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
123 /* Destroy a req_info structure, after it has been unlinked */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
124 static void dupl_free_req_info(struct req_info * r) { |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
125 CHECK_PARAMS_DO( r && FD_IS_LIST_EMPTY(&r->by_id) && FD_IS_LIST_EMPTY(&r->by_time), return ); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
126 if (r->ans) { |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
127 /* Free this RADIUS message */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
128 radius_msg_free(r->ans); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
129 free(r->ans); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
130 } |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
131 |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
132 /* Use r->nbdup for some purpose? */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
133 |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
134 free(r); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
135 } |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
136 |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
137 /* The core of the purge thread */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
138 static int dupl_purge_list(struct fd_list * clients) { |
|
545
b0f9b0e1b564
Fix invalid initialization
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
544
diff
changeset
|
139 |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
140 struct fd_list *li = NULL; |
|
545
b0f9b0e1b564
Fix invalid initialization
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
544
diff
changeset
|
141 |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
142 for (li = clients->next; li != clients; li = li->next) { |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
143 struct rgw_client * client = (struct rgw_client *)li; |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
144 int p; |
|
545
b0f9b0e1b564
Fix invalid initialization
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
544
diff
changeset
|
145 |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
146 for (p=0; p<=1; p++) { |
|
545
b0f9b0e1b564
Fix invalid initialization
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
544
diff
changeset
|
147 |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
148 /* Lock this list */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
149 time_t now; |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
150 CHECK_POSIX( pthread_mutex_lock(&client->dupl_info[p].dupl_lock) ); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
151 |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
152 now = time(NULL); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
153 |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
154 while (!FD_IS_LIST_EMPTY(&client->dupl_info[p].dupl_by_time)) { |
|
545
b0f9b0e1b564
Fix invalid initialization
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
544
diff
changeset
|
155 |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
156 /* Check the first item in the list */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
157 struct req_info * r = (struct req_info *)(client->dupl_info[p].dupl_by_time.next->o); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
158 |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
159 if (now - r->received > DUPLICATE_CHECK_LIFETIME) { |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
160 /* Remove this record */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
161 fd_list_unlink(&r->by_time); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
162 fd_list_unlink(&r->by_id); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
163 dupl_free_req_info(r); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
164 } else { |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
165 /* We are done for this list */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
166 break; |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
167 } |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
168 } |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
169 |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
170 CHECK_POSIX( pthread_mutex_unlock(&client->dupl_info[p].dupl_lock) ); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
171 } |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
172 } |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
173 return 0; |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
174 } |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
175 |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
176 /* Thread that purges old RADIUS requests */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
177 static void * dupl_th(void * arg) { |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
178 /* Set the thread name */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
179 fd_log_threadname ( "app_radgw:duplicate_purge" ); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
180 |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
181 /* The thread will be canceled */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
182 while (1) { |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
183 |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
184 /* We don't use a cond var, we simply wake up every 5 seconds. If the size of the duplicate cache is critical, it might be changed */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
185 sleep(5); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
186 |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
187 /* When we wake up, we will check all clients duplicate lists one by one */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
188 CHECK_POSIX_DO( pthread_rwlock_rdlock(&cli_rwl), break ); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
189 |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
190 CHECK_FCT_DO( dupl_purge_list(&cli_ip), break ); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
191 CHECK_FCT_DO( dupl_purge_list(&cli_ip6), break ); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
192 |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
193 CHECK_POSIX_DO( pthread_rwlock_unlock(&cli_rwl), break ); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
194 |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
195 /* Loop */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
196 } |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
197 |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
198 /* If we reach this part, some fatal error was encountered */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
199 CHECK_FCT_DO(fd_event_send(fd_g_config->cnf_main_ev, FDEV_TERMINATE, 0, NULL), ); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
200 TRACE_DEBUG(FULL, "Thread terminated"); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
201 return NULL; |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
202 } |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
203 |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
204 |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
205 /* create a new rgw_client. the arguments are MOVED into the structure (to limit malloc & free calls). */ |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
206 static int client_create(struct rgw_client ** res, struct sockaddr ** ip_port, unsigned char ** key, size_t keylen, enum rgw_cli_type type ) |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
207 { |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
208 struct rgw_client *tmp = NULL; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
209 char buf[255]; |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
210 int ret, i; |
|
500
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
211 int loc = 0; |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
212 |
|
500
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
213 /* Check if the IP address is local */ |
|
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
214 if ( ( ((*ip_port)->sa_family == AF_INET ) && ( IN_IS_ADDR_LOOPBACK( &((struct sockaddr_in *)(*ip_port))->sin_addr ) ) ) |
|
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
215 ||( ((*ip_port)->sa_family == AF_INET6) && ( IN6_IS_ADDR_LOOPBACK( &((struct sockaddr_in6 *)(*ip_port))->sin6_addr) ) )) { |
|
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
216 /* The client is local */ |
|
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
217 loc = 1; |
|
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
218 } else { |
|
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
219 |
|
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
220 /* Search FQDN for the client */ |
|
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
221 ret = getnameinfo( *ip_port, sizeof(struct sockaddr_storage), &buf[0], sizeof(buf), NULL, 0, 0 ); |
|
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
222 if (ret) { |
|
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
223 TRACE_DEBUG(INFO, "Unable to resolve peer name: %s", gai_strerror(ret)); |
|
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
224 return EINVAL; |
|
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
225 } |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
226 } |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
227 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
228 /* Create the new object */ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
229 CHECK_MALLOC( tmp = malloc(sizeof (struct rgw_client)) ); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
230 memset(tmp, 0, sizeof(struct rgw_client)); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
231 fd_list_init(&tmp->chain, NULL); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
232 |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
233 /* Initialize the duplicate list info */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
234 for (i=0; i<=1; i++) { |
|
545
b0f9b0e1b564
Fix invalid initialization
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
544
diff
changeset
|
235 CHECK_POSIX( pthread_mutex_init(&tmp->dupl_info[i].dupl_lock, NULL) ); |
|
b0f9b0e1b564
Fix invalid initialization
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
544
diff
changeset
|
236 fd_list_init(&tmp->dupl_info[i].dupl_by_id, NULL); |
|
b0f9b0e1b564
Fix invalid initialization
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
544
diff
changeset
|
237 fd_list_init(&tmp->dupl_info[i].dupl_by_time, NULL); |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
238 } |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
239 tmp->type = type; |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
240 |
|
500
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
241 if (loc) { |
|
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
242 tmp->is_local = 1; |
|
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
243 } else { |
|
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
244 /* Copy the fqdn */ |
|
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
245 CHECK_MALLOC( tmp->fqdn = strdup(buf) ); |
|
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
246 tmp->fqdn_len = strlen(tmp->fqdn); |
|
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
247 /* Find an appropriate realm */ |
|
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
248 tmp->realm = strchr(tmp->fqdn, '.'); |
|
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
249 if (tmp->realm) |
|
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
250 tmp->realm += 1; |
|
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
251 if ((!tmp->realm) || (*tmp->realm == '\0')) /* in case the fqdn was "localhost." for example, if it is possible... */ |
|
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
252 tmp->realm = fd_g_config->cnf_diamrlm; |
|
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
253 } |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
254 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
255 /* move the sa info reference */ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
256 tmp->sa = *ip_port; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
257 *ip_port = NULL; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
258 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
259 /* move the key material */ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
260 tmp->key.data = *key; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
261 tmp->key.len = keylen; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
262 *key = NULL; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
263 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
264 /* Done! */ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
265 *res = tmp; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
266 return 0; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
267 } |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
268 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
269 /* Decrease refcount on a client; the lock must be held when this function is called. */ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
270 static void client_unlink(struct rgw_client * client) |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
271 { |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
272 client->refcount -= 1; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
273 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
274 if (client->refcount <= 0) { |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
275 int idx; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
276 /* to be sure: the refcount should be 0 only when client_fini is called */ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
277 ASSERT( FD_IS_LIST_EMPTY(&client->chain) ); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
278 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
279 /* Free the data */ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
280 for (idx = 0; idx < client->aliases_nb; idx++) |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
281 free(client->aliases[idx]); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
282 free(client->aliases); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
283 free(client->fqdn); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
284 free(client->sa); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
285 free(client->key.data); |
|
530
825a2992e3b9
Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
521
diff
changeset
|
286 |
|
825a2992e3b9
Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
521
diff
changeset
|
287 /* Free the duplicate info */ |
|
825a2992e3b9
Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
521
diff
changeset
|
288 for (idx=0; idx <= 1; idx++){ |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
289 CHECK_POSIX_DO( pthread_mutex_lock( &client->dupl_info[idx].dupl_lock ), /* continue */ ); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
290 |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
291 while (!FD_IS_LIST_EMPTY(&client->dupl_info[idx].dupl_by_id)) { |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
292 struct req_info * r = (struct req_info *)(client->dupl_info[idx].dupl_by_id.next->o); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
293 fd_list_unlink( &r->by_id ); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
294 fd_list_unlink( &r->by_time ); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
295 dupl_free_req_info(r); |
|
530
825a2992e3b9
Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
521
diff
changeset
|
296 } |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
297 |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
298 CHECK_POSIX_DO( pthread_mutex_unlock( &client->dupl_info[idx].dupl_lock ), /* continue */ ); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
299 |
|
530
825a2992e3b9
Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
521
diff
changeset
|
300 } |
|
825a2992e3b9
Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
521
diff
changeset
|
301 |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
302 free(client); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
303 } |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
304 } |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
305 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
306 |
|
500
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
307 /* Macro to avoid duplicating the code in the next function */ |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
308 #define client_search_family( _family_ ) \ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
309 case AF_INET##_family_: { \ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
310 struct sockaddr_in##_family_ * sin##_family_ = (struct sockaddr_in##_family_ *)ip_port; \ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
311 for (ref = cli_ip##_family_.next; ref != &cli_ip##_family_; ref = ref->next) { \ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
312 cmp = memcmp(&sin##_family_->sin##_family_##_addr, \ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
313 &((struct rgw_client *)ref)->sin##_family_->sin##_family_##_addr, \ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
314 sizeof(struct in##_family_##_addr)); \ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
315 if (cmp > 0) continue; /* search further in the list */ \ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
316 if (cmp < 0) break; /* this IP is not in the list */ \ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
317 /* Now compare the ports as follow: */ \ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
318 /* If the ip_port we are searching does not contain a port, just return the first match result */ \ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
319 if ( (sin##_family_->sin##_family_##_port == 0) \ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
320 /* If the entry in the list does not contain a port, return it as a match */ \ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
321 || (((struct rgw_client *)ref)->sin##_family_->sin##_family_##_port == 0) \ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
322 /* If both ports are equal, it is a match */ \ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
323 || (sin##_family_->sin##_family_##_port == \ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
324 ((struct rgw_client *)ref)->sin##_family_->sin##_family_##_port)) { \ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
325 *res = (struct rgw_client *)ref; \ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
326 return EEXIST; \ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
327 } \ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
328 /* Otherwise, the list is ordered by port value (byte order does not matter */ \ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
329 if (sin##_family_->sin##_family_##_port \ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
330 > ((struct rgw_client *)ref)->sin##_family_->sin##_family_##_port) continue; \ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
331 else break; \ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
332 } \ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
333 *res = (struct rgw_client *)(ref->prev); \ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
334 return ENOENT; \ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
335 } |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
336 /* Function to look for an existing rgw_client, or the previous element. |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
337 The cli_rwl must be held for reading (at least) when calling this function. |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
338 Returns ENOENT if the matching client does not exist, and res points to the previous element in the list. |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
339 Returns EEXIST if the matching client is found, and res points to this element. |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
340 Returns other error code on other error. */ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
341 static int client_search(struct rgw_client ** res, struct sockaddr * ip_port ) |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
342 { |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
343 int cmp; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
344 struct fd_list *ref = NULL; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
345 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
346 CHECK_PARAMS(res && ip_port); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
347 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
348 switch (ip_port->sa_family) { |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
349 client_search_family() |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
350 break; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
351 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
352 client_search_family( 6 ) |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
353 break; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
354 } |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
355 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
356 /* We're never supposed to reach this point */ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
357 ASSERT(0); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
358 return EINVAL; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
359 } |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
360 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
361 int rgw_clients_getkey(struct rgw_client * cli, unsigned char **key, size_t *key_len) |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
362 { |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
363 CHECK_PARAMS( cli && key && key_len ); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
364 *key = cli->key.data; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
365 *key_len = cli->key.len; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
366 return 0; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
367 } |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
368 |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
369 int rgw_clients_gettype(struct rgw_client * cli, enum rgw_cli_type *type) |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
370 { |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
371 CHECK_PARAMS( cli && type ); |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
372 *type = cli->type; |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
373 return 0; |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
374 } |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
375 |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
376 |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
377 int rgw_clients_search(struct sockaddr * ip_port, struct rgw_client ** ref) |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
378 { |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
379 int ret = 0; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
380 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
381 TRACE_ENTRY("%p %p", ip_port, ref); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
382 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
383 CHECK_PARAMS(ip_port && ref); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
384 |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
385 CHECK_POSIX( pthread_rwlock_rdlock(&cli_rwl) ); |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
386 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
387 ret = client_search(ref, ip_port); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
388 if (ret == EEXIST) { |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
389 (*ref)->refcount ++; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
390 ret = 0; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
391 } else { |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
392 *ref = NULL; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
393 } |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
394 |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
395 CHECK_POSIX( pthread_rwlock_unlock(&cli_rwl) ); |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
396 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
397 return ret; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
398 } |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
399 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
400 int rgw_clients_check_dup(struct rgw_radius_msg_meta **msg, struct rgw_client *cli) |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
401 { |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
402 int p, dup = 0; |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
403 struct fd_list * li; |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
404 struct req_info * r; |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
405 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
406 TRACE_ENTRY("%p %p", msg, cli); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
407 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
408 CHECK_PARAMS( msg && cli ); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
409 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
410 if ((*msg)->serv_type == RGW_PLG_TYPE_AUTH) |
|
530
825a2992e3b9
Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
521
diff
changeset
|
411 p = 0; |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
412 else |
|
530
825a2992e3b9
Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
521
diff
changeset
|
413 p = 1; |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
414 |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
415 CHECK_POSIX( pthread_mutex_lock( &cli->dupl_info[p].dupl_lock ) ); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
416 |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
417 /* Search if we have this message in our list */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
418 for (li = cli->dupl_info[p].dupl_by_id.next; li != &cli->dupl_info[p].dupl_by_id; li = li->next) { |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
419 int cmp = 0; |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
420 r = (struct req_info *)(li->o); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
421 if (r->id < (*msg)->radius.hdr->identifier) |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
422 continue; |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
423 if (r->id > (*msg)->radius.hdr->identifier) |
|
530
825a2992e3b9
Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
521
diff
changeset
|
424 break; |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
425 if (r->port < (*msg)->port) |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
426 continue; |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
427 if (r->port > (*msg)->port) |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
428 break; |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
429 cmp = memcmp(&r->auth[0], &(*msg)->radius.hdr->authenticator[0], 16); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
430 if (cmp < 0) |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
431 continue; |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
432 if (cmp > 0); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
433 break; |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
434 dup = 1; |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
435 break; |
|
530
825a2992e3b9
Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
521
diff
changeset
|
436 } |
|
825a2992e3b9
Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
521
diff
changeset
|
437 |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
438 if (dup) { |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
439 time_t now = time(NULL); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
440 r->nbdup += 1; |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
441 TRACE_DEBUG(INFO, "Received duplicated RADIUS message (id: %02hhx, port: %hu, dup #%d, previously seen %d secs ago).", |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
442 r->id, ntohs(r->port), r->nbdup, now - r->received); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
443 |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
444 if (r->ans) { |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
445 /* Resend the answer */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
446 CHECK_FCT_DO( rgw_servers_send((*msg)->serv_type, r->ans->buf, r->ans->buf_used, cli->sa, r->port), ); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
447 |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
448 /* Should we delete 'r' so that a further duplicate will again be converted to Diameter? */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
449 } |
|
530
825a2992e3b9
Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
521
diff
changeset
|
450 |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
451 /* Update the timestamp */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
452 r->received = now; |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
453 fd_list_unlink(&r->by_time); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
454 fd_list_insert_before(&cli->dupl_info[p].dupl_by_time, &r->by_time); /* Move as last entry, since it is the most recent */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
455 |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
456 /* Delete the request message */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
457 rgw_msg_free(msg); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
458 |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
459 } else { |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
460 /* The message was not a duplicate, we save it */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
461 /* li currently points the the next entry in list_by_id */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
462 CHECK_MALLOC_DO( r= dupl_new_req_info(*msg), { CHECK_POSIX_DO(pthread_mutex_unlock( &cli->dupl_info[p].dupl_lock ), ); return ENOMEM; } ); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
463 fd_list_insert_before(li, &r->by_id); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
464 fd_list_insert_before(&cli->dupl_info[p].dupl_by_time, &r->by_time); /* it is the most recent */ |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
465 } |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
466 |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
467 CHECK_POSIX( pthread_mutex_unlock( &cli->dupl_info[p].dupl_lock ) ); |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
468 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
469 return 0; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
470 } |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
471 |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
472 /* Check if the message has a valid authenticator, and update the meta-data accordingly */ |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
473 int rgw_clients_auth_check(struct rgw_radius_msg_meta * msg, struct rgw_client * cli, uint8_t * req_auth) |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
474 { |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
475 unsigned char * key; |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
476 size_t keylen; |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
477 int count; |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
478 |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
479 TRACE_ENTRY("%p %p %p", msg, cli, req_auth); |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
480 |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
481 CHECK_PARAMS(msg && cli); |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
482 |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
483 CHECK_FCT(rgw_clients_getkey(cli, &key, &keylen)); |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
484 |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
485 count = radius_msg_count_attr(&msg->radius, RADIUS_ATTR_MESSAGE_AUTHENTICATOR, 0); |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
486 if (count > 1) { |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
487 TRACE_DEBUG(INFO, "Too many Message-Authenticator attributes (%d), discarding message.", count); |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
488 return EINVAL; |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
489 } |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
490 if (count == 0) { |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
491 TRACE_DEBUG(FULL, "Message does not contain a Message-Authenticator attributes."); |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
492 msg->valid_mac = 0; |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
493 } else { |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
494 if (radius_msg_verify_msg_auth( &msg->radius, key, keylen, req_auth )) { |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
495 TRACE_DEBUG(INFO, "Invalid Message-Authenticator received, discarding message."); |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
496 return EINVAL; |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
497 } |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
498 msg->valid_mac = 1; |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
499 } |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
500 |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
501 return 0; |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
502 } |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
503 |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
504 static struct dict_object * cache_orig_host = NULL; |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
505 static struct dict_object * cache_orig_realm = NULL; |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
506 static struct dict_object * cache_route_record = NULL; |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
507 |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
508 int rgw_clients_init(void) |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
509 { |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
510 TRACE_ENTRY(); |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
511 CHECK_FCT( fd_dict_search(fd_g_config->cnf_dict, DICT_AVP, AVP_BY_NAME, "Origin-Host", &cache_orig_host, ENOENT) ); |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
512 CHECK_FCT( fd_dict_search(fd_g_config->cnf_dict, DICT_AVP, AVP_BY_NAME, "Origin-Realm", &cache_orig_realm, ENOENT) ); |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
513 CHECK_FCT( fd_dict_search(fd_g_config->cnf_dict, DICT_AVP, AVP_BY_NAME, "Route-Record", &cache_route_record, ENOENT) ); |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
514 |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
515 /* Create the thread that will purge old RADIUS duplicates */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
516 CHECK_POSIX( pthread_create( &dbt_expire, NULL, dupl_th, NULL) ); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
517 |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
518 return 0; |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
519 } |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
520 |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
521 |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
522 /* The following function checks if a RADIUS message contains a valid NAS identifier, and initializes an empty Diameter |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
523 message with the appropriate routing information */ |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
524 /* Check that the NAS-IP-Adress or NAS-Identifier is coherent with the IP the packet was received from */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
525 /* Also update the client list of aliases if needed */ |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
526 int rgw_clients_create_origin(struct rgw_radius_msg_meta *msg, struct rgw_client * cli, struct msg ** diam) |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
527 { |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
528 int idx; |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
529 int valid_nas_info = 0; |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
530 struct radius_attr_hdr *nas_ip = NULL, *nas_ip6 = NULL, *nas_id = NULL; |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
531 char * oh_str = NULL; |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
532 char * or_str = NULL; |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
533 char * rr_str = NULL; |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
534 char buf[REVERSE_DNS_SIZE_MAX]; /* to store DNS lookups results */ |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
535 |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
536 struct avp *avp = NULL; |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
537 union avp_value avp_val; |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
538 |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
539 TRACE_ENTRY("%p %p %p", msg, cli, diam); |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
540 CHECK_PARAMS(msg && cli && diam && (*diam == NULL)); |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
541 |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
542 /* Find the relevant attributes, if any */ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
543 for (idx = 0; idx < msg->radius.attr_used; idx++) { |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
544 struct radius_attr_hdr * attr = (struct radius_attr_hdr *)(msg->radius.buf + msg->radius.attr_pos[idx]); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
545 size_t attr_len = attr->length - sizeof(struct radius_attr_hdr); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
546 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
547 if ((attr->type == RADIUS_ATTR_NAS_IP_ADDRESS) && (attr_len = 4)) { |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
548 nas_ip = attr; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
549 continue; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
550 } |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
551 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
552 if ((attr->type == RADIUS_ATTR_NAS_IDENTIFIER) && (attr_len > 0)) { |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
553 nas_id = attr; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
554 continue; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
555 } |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
556 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
557 if ((attr->type == RADIUS_ATTR_NAS_IPV6_ADDRESS) && (attr_len = 16)) { |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
558 nas_ip6 = attr; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
559 continue; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
560 } |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
561 } |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
562 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
563 if (!nas_ip && !nas_ip6 && !nas_id) { |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
564 TRACE_DEBUG(FULL, "The message does not contain any NAS identification attribute."); |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
565 |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
566 /* Get information on this peer */ |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
567 CHECK_FCT( rgw_clients_get_origin(cli, &oh_str, &or_str) ); |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
568 |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
569 goto diameter; |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
570 } |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
571 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
572 /* Check if the message was received from the IP in NAS-IP-Address attribute */ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
573 if (nas_ip && (cli->sa->sa_family == AF_INET) && !memcmp(nas_ip+1, &cli->sin->sin_addr, sizeof(struct in_addr))) { |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
574 TRACE_DEBUG(FULL, "NAS-IP-Address contains the same address as the message was received from."); |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
575 valid_nas_info |= 1; |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
576 } |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
577 if (nas_ip6 && (cli->sa->sa_family == AF_INET6) && !memcmp(nas_ip6+1, &cli->sin6->sin6_addr, sizeof(struct in6_addr))) { |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
578 TRACE_DEBUG(FULL, "NAS-IPv6-Address contains the same address as the message was received from."); |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
579 valid_nas_info |= 2; |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
580 } |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
581 |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
582 |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
583 /* |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
584 In RADIUS it would be possible for a rogue NAS to forge the NAS-IP- |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
585 Address attribute value. Diameter/RADIUS translation agents MUST |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
586 check a received NAS-IP-Address or NAS-IPv6-Address attribute against |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
587 the source address of the RADIUS packet. If they do not match and |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
588 the Diameter/RADIUS translation agent does not know whether the |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
589 packet was sent by a RADIUS proxy or NAS (e.g., no Proxy-State |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
590 attribute), then by default it is assumed that the source address |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
591 corresponds to a RADIUS proxy, and that the NAS Address is behind |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
592 that proxy, potentially with some additional RADIUS proxies in |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
593 between. The Diameter/RADIUS translation agent MUST insert entries |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
594 in the Route-Record AVP corresponding to the apparent route. This |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
595 implies doing a reverse lookup on the source address and NAS-IP- |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
596 Address or NAS-IPv6-Address attributes to determine the corresponding |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
597 FQDNs. |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
598 |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
599 If the source address and the NAS-IP-Address or NAS-IPv6-Address do |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
600 not match, and the Diameter/RADIUS translation agent knows that it is |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
601 talking directly to the NAS (e.g., there are no RADIUS proxies |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
602 between it and the NAS), then the error should be logged, and the |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
603 packet MUST be discarded. |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
604 |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
605 Diameter agents and servers MUST check whether the NAS-IP-Address AVP |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
606 corresponds to an entry in the Route-Record AVP. This is done by |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
607 doing a reverse lookup (PTR RR) for the NAS-IP-Address to retrieve |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
608 the corresponding FQDN, and by checking for a match with the Route- |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
609 Record AVP. If no match is found, then an error is logged, but no |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
610 other action is taken. |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
611 */ |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
612 if (nas_ip || nas_ip6) { |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
613 if (!valid_nas_info) { |
|
520
9b5422e5385c
Better handle localhost RADIUS clients
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
519
diff
changeset
|
614 if ((!cli->is_local) && (cli->type == RGW_CLI_NAS)) { |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
615 TRACE_DEBUG(INFO, "Message received with a NAS-IP-Address or NAS-IPv6-Address different \nfrom the sender's. Please configure as Proxy if this is expected.\n Message discarded."); |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
616 return EINVAL; |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
617 } else { |
|
520
9b5422e5385c
Better handle localhost RADIUS clients
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
519
diff
changeset
|
618 /* the peer is configured as a proxy, or running on localhost, so accept the message */ |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
619 sSS ss; |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
620 |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
621 /* In that case, the cli will be stored as Route-Record and the NAS-IP-Address as origin */ |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
622 if (!cli->is_local) { |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
623 rr_str = cli->fqdn; |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
624 } |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
625 |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
626 /* We must DNS-reverse the NAS-IP*-Address */ |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
627 memset(&ss, 0 , sizeof(sSS)); |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
628 if (nas_ip) { |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
629 sSA4 * sin = (sSA4 *)&ss; |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
630 sin->sin_family = AF_INET; |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
631 memcpy(&sin->sin_addr, nas_ip + 1, sizeof(struct in_addr)); |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
632 } else { |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
633 sSA6 * sin6 = (sSA6 *)&ss; |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
634 sin6->sin6_family = AF_INET6; |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
635 memcpy(&sin6->sin6_addr, nas_ip6 + 1, sizeof(struct in6_addr)); |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
636 } |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
637 CHECK_SYS_DO( getnameinfo( (sSA *)&ss, sSAlen(&ss), &buf[0], sizeof(buf), NULL, 0, NI_NAMEREQD), |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
638 { |
|
520
9b5422e5385c
Better handle localhost RADIUS clients
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
519
diff
changeset
|
639 if (cli->is_local) { |
|
9b5422e5385c
Better handle localhost RADIUS clients
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
519
diff
changeset
|
640 CHECK_FCT( rgw_clients_get_origin(cli, &oh_str, &or_str) ); |
|
9b5422e5385c
Better handle localhost RADIUS clients
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
519
diff
changeset
|
641 goto diameter; |
|
9b5422e5385c
Better handle localhost RADIUS clients
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
519
diff
changeset
|
642 } |
|
9b5422e5385c
Better handle localhost RADIUS clients
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
519
diff
changeset
|
643 |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
644 TRACE_DEBUG(INFO, "The NAS-IP*-Address cannot be DNS reversed in order to create the Origin-Host AVP; rejecting the message (translation is impossible)."); |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
645 return EINVAL; |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
646 } ); |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
647 |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
648 oh_str = &buf[0]; |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
649 or_str = strchr(oh_str, '.'); |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
650 if (or_str) { |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
651 or_str ++; /* move after the first dot */ |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
652 if (*or_str == '\0') |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
653 or_str = NULL; /* Discard this realm, we will use the local realm later */ |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
654 } |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
655 } |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
656 } else { |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
657 /* The attribute matches the source address, just use this in origin-host */ |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
658 CHECK_FCT( rgw_clients_get_origin(cli, &oh_str, &or_str) ); |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
659 } |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
660 |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
661 goto diameter; /* we ignore the nas_id in that case */ |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
662 } |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
663 |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
664 /* We don't have a NAS-IP*-Address attribute if we are here */ |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
665 if (cli->is_local) { |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
666 /* Simple: we use our own configuration */ |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
667 CHECK_FCT( rgw_clients_get_origin(cli, &oh_str, &or_str) ); |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
668 goto diameter; |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
669 } |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
670 |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
671 /* At this point, we only have nas_id, and the client is not local */ |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
672 ASSERT(nas_id); |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
673 |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
674 { |
|
442
02e3976b9163
Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
403
diff
changeset
|
675 int found, ret; |
|
02e3976b9163
Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
403
diff
changeset
|
676 struct addrinfo hint, *res, *ptr; |
|
02e3976b9163
Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
403
diff
changeset
|
677 |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
678 /* |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
679 In RADIUS it would be possible for a rogue NAS to forge the NAS- |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
680 Identifier attribute. Diameter/RADIUS translation agents SHOULD |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
681 attempt to check a received NAS-Identifier attribute against the |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
682 source address of the RADIUS packet, by doing an A/AAAA RR query. If |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
683 the NAS-Identifier attribute contains an FQDN, then such a query |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
684 would resolve to an IP address matching the source address. However, |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
685 the NAS-Identifier attribute is not required to contain an FQDN, so |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
686 such a query could fail. If it fails, an error should be logged, but |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
687 no action should be taken, other than a reverse lookup on the source |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
688 address and insert the resulting FQDN into the Route-Record AVP. |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
689 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
690 Diameter agents and servers SHOULD check whether a NAS-Identifier AVP |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
691 corresponds to an entry in the Route-Record AVP. If no match is |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
692 found, then an error is logged, but no other action is taken. |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
693 */ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
694 |
|
442
02e3976b9163
Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
403
diff
changeset
|
695 /* first, check if the nas_id is the fqdn of the peer or a known alias */ |
|
02e3976b9163
Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
403
diff
changeset
|
696 if ((cli->fqdn_len == (nas_id->length - sizeof(struct radius_attr_hdr))) |
|
02e3976b9163
Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
403
diff
changeset
|
697 && (!strncasecmp((char *)(nas_id + 1), cli->fqdn, nas_id->length - sizeof(struct radius_attr_hdr)))) { |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
698 TRACE_DEBUG(FULL, "NAS-Identifier contains the fqdn of the client"); |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
699 found = 1; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
700 } else { |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
701 for (idx = 0; idx < cli->aliases_nb; idx++) { |
|
442
02e3976b9163
Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
403
diff
changeset
|
702 if (((nas_id->length - sizeof(struct radius_attr_hdr)) == strlen(cli->aliases[idx])) |
|
02e3976b9163
Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
403
diff
changeset
|
703 && (!strncasecmp((char *)(nas_id + 1), cli->aliases[idx], nas_id->length - sizeof(struct radius_attr_hdr)))) { |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
704 TRACE_DEBUG(FULL, "NAS-Identifier valid value found in the cache"); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
705 found = 1; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
706 break; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
707 } |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
708 } |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
709 } |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
710 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
711 if (found) { |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
712 /* The NAS-Identifier matches the source IP */ |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
713 CHECK_FCT( rgw_clients_get_origin(cli, &oh_str, &or_str) ); |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
714 |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
715 goto diameter; |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
716 } |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
717 |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
718 /* Attempt DNS resolution of the identifier */ |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
719 ASSERT( nas_id->length - sizeof(struct radius_attr_hdr) < sizeof(buf) ); |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
720 memcpy(buf, nas_id + 1, nas_id->length - sizeof(struct radius_attr_hdr)); |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
721 buf[nas_id->length - sizeof(struct radius_attr_hdr)] = '\0'; |
|
442
02e3976b9163
Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
403
diff
changeset
|
722 |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
723 /* Now check if this alias is valid for this peer */ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
724 memset(&hint, 0, sizeof(hint)); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
725 hint.ai_flags = AI_CANONNAME; |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
726 ret = getaddrinfo(buf, NULL, &hint, &res); |
|
442
02e3976b9163
Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
403
diff
changeset
|
727 if (ret == 0) { |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
728 strncpy(buf, res->ai_canonname, sizeof(buf)); |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
729 /* The name was resolved correctly, does it match the IP of the client? */ |
|
442
02e3976b9163
Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
403
diff
changeset
|
730 for (ptr = res; ptr != NULL; ptr = ptr->ai_next) { |
|
02e3976b9163
Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
403
diff
changeset
|
731 if (cli->sa->sa_family != ptr->ai_family) |
|
02e3976b9163
Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
403
diff
changeset
|
732 continue; |
|
02e3976b9163
Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
403
diff
changeset
|
733 if (memcmp(cli->sa, ptr->ai_addr, sSAlen(cli->sa))) |
|
02e3976b9163
Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
403
diff
changeset
|
734 continue; |
|
02e3976b9163
Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
403
diff
changeset
|
735 |
|
02e3976b9163
Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
403
diff
changeset
|
736 found = 1; |
|
02e3976b9163
Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
403
diff
changeset
|
737 break; |
|
02e3976b9163
Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
403
diff
changeset
|
738 } |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
739 freeaddrinfo(res); |
|
442
02e3976b9163
Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
403
diff
changeset
|
740 |
|
02e3976b9163
Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
403
diff
changeset
|
741 if (!found) { |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
742 if (cli->type == RGW_CLI_NAS) { |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
743 TRACE_DEBUG(INFO, "The NAS-Identifier value '%.*s' resolves to a different IP than the client's, discarding the message. \nConfigure this client as a Proxy if this message should be valid.", |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
744 nas_id->length - sizeof(struct radius_attr_hdr), nas_id + 1); |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
745 return EINVAL; |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
746 } else { |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
747 /* This identifier matches a different IP, assume it is a proxied message */ |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
748 if (!cli->is_local) { |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
749 rr_str = cli->fqdn; |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
750 } |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
751 oh_str = &buf[0]; /* The canonname resolved */ |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
752 or_str = strchr(oh_str, '.'); |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
753 if (or_str) { |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
754 or_str ++; /* move after the first dot */ |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
755 if (*or_str == '\0') |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
756 or_str = NULL; /* Discard this realm, we will use the local realm later */ |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
757 } |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
758 } |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
759 } else { |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
760 /* It is a valid alias, save it */ |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
761 CHECK_MALLOC( cli->aliases = realloc(cli->aliases, (cli->aliases_nb + 1) * sizeof(char *)) ); |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
762 CHECK_MALLOC( cli->aliases[cli->aliases_nb + 1] = malloc( 1 + nas_id->length - sizeof(struct radius_attr_hdr) )); |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
763 memcpy( cli->aliases[cli->aliases_nb + 1], nas_id + 1, nas_id->length - sizeof(struct radius_attr_hdr)); |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
764 *(cli->aliases[cli->aliases_nb + 1] + nas_id->length - sizeof(struct radius_attr_hdr)) = '\0'; |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
765 cli->aliases_nb ++; |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
766 TRACE_DEBUG(FULL, "Saved valid alias for client: '%s' -> '%s'", cli->aliases[cli->aliases_nb + 1], cli->fqdn); |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
767 CHECK_FCT( rgw_clients_get_origin(cli, &oh_str, &or_str) ); |
|
442
02e3976b9163
Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
403
diff
changeset
|
768 } |
|
02e3976b9163
Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
403
diff
changeset
|
769 } else { |
|
02e3976b9163
Attempt at fixing a problem with NAS-Identifier RADIUS attribute handling
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
403
diff
changeset
|
770 /* Error resolving the name */ |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
771 TRACE_DEBUG(INFO, "NAS-Identifier '%s' cannot be resolved: %s. Ignoring...", buf, gai_strerror(ret)); |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
772 /* Assume this is a valid identifier for the client */ |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
773 CHECK_FCT( rgw_clients_get_origin(cli, &oh_str, &or_str) ); |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
774 } |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
775 } |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
776 |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
777 /* Now, let's create the empty Diameter message with Origin-Host, -Realm, and Route-Record if needed. */ |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
778 diameter: |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
779 ASSERT(oh_str); /* If it is not defined here, there is a bug... */ |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
780 if (!or_str) |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
781 or_str = fd_g_config->cnf_diamrlm; /* Use local realm in that case */ |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
782 |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
783 /* Create an empty Diameter message so that extensions can store their AVPs */ |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
784 CHECK_FCT( fd_msg_new ( NULL, MSGFL_ALLOC_ETEID, diam ) ); |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
785 |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
786 /* Add the Origin-Host as next AVP */ |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
787 CHECK_FCT( fd_msg_avp_new ( cache_orig_host, 0, &avp ) ); |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
788 memset(&avp_val, 0, sizeof(avp_val)); |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
789 avp_val.os.data = (unsigned char *)oh_str; |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
790 avp_val.os.len = strlen(oh_str); |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
791 CHECK_FCT( fd_msg_avp_setvalue ( avp, &avp_val ) ); |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
792 CHECK_FCT( fd_msg_avp_add ( *diam, MSG_BRW_LAST_CHILD, avp) ); |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
793 |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
794 /* Add the Origin-Realm as next AVP */ |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
795 CHECK_FCT( fd_msg_avp_new ( cache_orig_realm, 0, &avp ) ); |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
796 memset(&avp_val, 0, sizeof(avp_val)); |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
797 avp_val.os.data = (unsigned char *)or_str; |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
798 avp_val.os.len = strlen(or_str); |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
799 CHECK_FCT( fd_msg_avp_setvalue ( avp, &avp_val ) ); |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
800 CHECK_FCT( fd_msg_avp_add ( *diam, MSG_BRW_LAST_CHILD, avp) ); |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
801 |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
802 if (rr_str) { |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
803 CHECK_FCT( fd_msg_avp_new ( cache_route_record, 0, &avp ) ); |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
804 memset(&avp_val, 0, sizeof(avp_val)); |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
805 avp_val.os.data = (unsigned char *)rr_str; |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
806 avp_val.os.len = strlen(rr_str); |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
807 CHECK_FCT( fd_msg_avp_setvalue ( avp, &avp_val ) ); |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
808 CHECK_FCT( fd_msg_avp_add ( *diam, MSG_BRW_LAST_CHILD, avp) ); |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
809 } |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
810 |
|
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
811 /* Done! */ |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
812 return 0; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
813 } |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
814 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
815 int rgw_clients_get_origin(struct rgw_client *cli, char **fqdn, char **realm) |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
816 { |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
817 TRACE_ENTRY("%p %p %p", cli, fqdn, realm); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
818 CHECK_PARAMS(cli && fqdn); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
819 |
|
500
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
820 if (cli->is_local) { |
|
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
821 *fqdn = fd_g_config->cnf_diamid; |
|
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
822 if (realm) |
|
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
823 *realm= fd_g_config->cnf_diamrlm; |
|
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
824 } else { |
|
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
825 *fqdn = cli->fqdn; |
|
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
826 if (realm) |
|
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
827 *realm= cli->realm; |
|
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
828 } |
|
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
829 |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
830 return 0; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
831 } |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
832 |
|
271
411314907b43
Added translation of Accounting messages
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
261
diff
changeset
|
833 char * rgw_clients_id(struct rgw_client *cli) |
|
411314907b43
Added translation of Accounting messages
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
261
diff
changeset
|
834 { |
|
500
d4fc98a3b79c
Handle more nicely the local RADIUS clients in the gateway
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
442
diff
changeset
|
835 return cli->is_local ? "(local)" : cli->fqdn; |
|
271
411314907b43
Added translation of Accounting messages
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
261
diff
changeset
|
836 } |
|
411314907b43
Added translation of Accounting messages
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
261
diff
changeset
|
837 |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
838 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
839 void rgw_clients_dispose(struct rgw_client ** ref) |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
840 { |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
841 TRACE_ENTRY("%p", ref); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
842 CHECK_PARAMS_DO(ref, return); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
843 |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
844 CHECK_POSIX_DO( pthread_rwlock_wrlock(&cli_rwl), ); |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
845 client_unlink(*ref); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
846 *ref = NULL; |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
847 CHECK_POSIX_DO( pthread_rwlock_unlock(&cli_rwl), ); |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
848 } |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
849 |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
850 int rgw_clients_add( struct sockaddr * ip_port, unsigned char ** key, size_t keylen, enum rgw_cli_type type ) |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
851 { |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
852 struct rgw_client * prev = NULL, *new = NULL; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
853 int ret; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
854 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
855 TRACE_ENTRY("%p %p %lu", ip_port, key, keylen); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
856 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
857 CHECK_PARAMS( ip_port && key && *key && keylen ); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
858 CHECK_PARAMS( (ip_port->sa_family == AF_INET) || (ip_port->sa_family == AF_INET6) ); |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
859 CHECK_PARAMS( (type == RGW_CLI_NAS) || (type == RGW_CLI_PXY) ); |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
860 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
861 /* Dump the entry in debug mode */ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
862 if (TRACE_BOOL(FULL + 1 )) { |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
863 TRACE_DEBUG(FULL, "Adding %s:", (type == RGW_CLI_NAS) ? "NAS" : "PROXY" ); |
| 260 | 864 TRACE_DEBUG_sSA(FULL, "\tIP : ", ip_port, NI_NUMERICHOST | NI_NUMERICSERV, "" ); |
| 865 TRACE_DEBUG_BUFFER(FULL, "\tKey: [", *key, keylen, "]" ); | |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
866 } |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
867 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
868 /* Lock the lists */ |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
869 CHECK_POSIX( pthread_rwlock_wrlock(&cli_rwl) ); |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
870 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
871 /* Check if the same entry does not already exist */ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
872 ret = client_search(&prev, ip_port ); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
873 if (ret == ENOENT) { |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
874 /* No duplicate found, Ok to add */ |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
875 CHECK_FCT_DO( ret = client_create( &new, &ip_port, key, keylen, type ), goto end ); |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
876 fd_list_insert_after(&prev->chain, &new->chain); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
877 new->refcount++; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
878 ret = 0; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
879 goto end; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
880 } |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
881 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
882 if (ret == EEXIST) { |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
883 /* Check if the key is the same, then skip or return an error */ |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
884 if ((keylen == prev->key.len ) && ( ! memcmp(*key, prev->key.data, keylen) ) && (type == prev->type)) { |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
885 TRACE_DEBUG(INFO, "Skipping duplicate client description"); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
886 ret = 0; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
887 goto end; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
888 } |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
889 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
890 fd_log_debug("ERROR: Conflicting RADIUS clients descriptions!\n"); |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
891 TRACE_DEBUG(NONE, "Previous entry: %s", (prev->type == RGW_CLI_NAS) ? "NAS" : "PROXY"); |
| 260 | 892 TRACE_DEBUG_sSA(NONE, "\tIP : ", prev->sa, NI_NUMERICHOST | NI_NUMERICSERV, "" ); |
| 893 TRACE_DEBUG_BUFFER(NONE, "\tKey: [", prev->key.data, prev->key.len, "]" ); | |
|
516
1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
500
diff
changeset
|
894 TRACE_DEBUG(NONE, "Conflicting entry: %s", (type == RGW_CLI_NAS) ? "NAS" : "PROXY"); |
| 260 | 895 TRACE_DEBUG_sSA(NONE, "\tIP : ", ip_port, NI_NUMERICHOST | NI_NUMERICSERV, "" ); |
| 896 TRACE_DEBUG_BUFFER(NONE, "\tKey: [", *key, keylen, "]" ); | |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
897 } |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
898 end: |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
899 /* release the lists */ |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
900 CHECK_POSIX( pthread_rwlock_unlock(&cli_rwl) ); |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
901 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
902 return ret; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
903 } |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
904 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
905 static void dump_cli_list(struct fd_list *senti) |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
906 { |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
907 struct rgw_client * client = NULL; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
908 struct fd_list *ref = NULL; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
909 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
910 for (ref = senti->next; ref != senti; ref = ref->next) { |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
911 client = (struct rgw_client *)ref; |
|
521
b793d43e4686
Fix compilation problem
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
520
diff
changeset
|
912 TRACE_DEBUG_sSA(NONE, " - ", client->sa, NI_NUMERICHOST | NI_NUMERICSERV, (client->type == RGW_CLI_NAS) ? "" : " [PROXY]" ); |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
913 } |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
914 } |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
915 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
916 void rgw_clients_dump(void) |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
917 { |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
918 if ( ! TRACE_BOOL(FULL) ) |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
919 return; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
920 |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
921 CHECK_POSIX_DO( pthread_rwlock_rdlock(&cli_rwl), /* ignore error */ ); |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
922 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
923 if (!FD_IS_LIST_EMPTY(&cli_ip)) |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
924 fd_log_debug(" RADIUS IP clients list:\n"); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
925 dump_cli_list(&cli_ip); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
926 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
927 if (!FD_IS_LIST_EMPTY(&cli_ip6)) |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
928 fd_log_debug(" RADIUS IPv6 clients list:\n"); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
929 dump_cli_list(&cli_ip6); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
930 |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
931 CHECK_POSIX_DO( pthread_rwlock_unlock(&cli_rwl), /* ignore error */ ); |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
932 } |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
933 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
934 void rgw_clients_fini(void) |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
935 { |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
936 struct fd_list * client; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
937 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
938 TRACE_ENTRY(); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
939 |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
940 CHECK_POSIX_DO( pthread_rwlock_wrlock(&cli_rwl), /* ignore error */ ); |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
941 |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
942 CHECK_FCT_DO( fd_thr_term(&dbt_expire), /* continue */ ); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
943 |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
944 /* empty the lists */ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
945 while ( ! FD_IS_LIST_EMPTY(&cli_ip) ) { |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
946 client = cli_ip.next; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
947 fd_list_unlink(client); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
948 client_unlink((struct rgw_client *)client); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
949 } |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
950 while (! FD_IS_LIST_EMPTY(&cli_ip6)) { |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
951 client = cli_ip6.next; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
952 fd_list_unlink(client); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
953 client_unlink((struct rgw_client *)client); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
954 } |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
955 |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
956 CHECK_POSIX_DO( pthread_rwlock_unlock(&cli_rwl), /* ignore error */ ); |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
957 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
958 } |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
959 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
960 int rgw_client_finish_send(struct radius_msg ** msg, struct rgw_radius_msg_meta * req, struct rgw_client * cli) |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
961 { |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
962 int p; |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
963 struct fd_list * li; |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
964 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
965 TRACE_ENTRY("%p %p %p", msg, req, cli); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
966 CHECK_PARAMS( msg && *msg && cli ); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
967 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
968 if (!req) { |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
969 /* We don't support this case yet */ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
970 ASSERT(0); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
971 return ENOTSUP; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
972 } |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
973 |
|
539
6994e9a3c528
The previous commit provoked an Accounting-Response with empty authenticator... Should be fixed now.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
538
diff
changeset
|
974 if (radius_msg_finish_srv(*msg, cli->key.data, cli->key.len, req->radius.hdr->authenticator)) { |
|
6994e9a3c528
The previous commit provoked an Accounting-Response with empty authenticator... Should be fixed now.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
538
diff
changeset
|
975 TRACE_DEBUG(INFO, "An error occurred while preparing the RADIUS answer"); |
|
6994e9a3c528
The previous commit provoked an Accounting-Response with empty authenticator... Should be fixed now.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
538
diff
changeset
|
976 radius_msg_free(*msg); |
|
6994e9a3c528
The previous commit provoked an Accounting-Response with empty authenticator... Should be fixed now.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
538
diff
changeset
|
977 free(*msg); |
|
6994e9a3c528
The previous commit provoked an Accounting-Response with empty authenticator... Should be fixed now.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
538
diff
changeset
|
978 *msg = NULL; |
|
6994e9a3c528
The previous commit provoked an Accounting-Response with empty authenticator... Should be fixed now.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
538
diff
changeset
|
979 return EINVAL; |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
980 } |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
981 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
982 /* Debug */ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
983 TRACE_DEBUG(FULL, "RADIUS message ready for sending:"); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
984 rgw_msg_dump((struct rgw_radius_msg_meta *)*msg); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
985 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
986 /* Send the message */ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
987 CHECK_FCT( rgw_servers_send(req->serv_type, (*msg)->buf, (*msg)->buf_used, cli->sa, req->port) ); |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
988 |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
989 /* update the duplicate cache */ |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
990 if (req->serv_type == RGW_PLG_TYPE_AUTH) |
|
530
825a2992e3b9
Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
521
diff
changeset
|
991 p = 0; |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
992 else |
|
530
825a2992e3b9
Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
521
diff
changeset
|
993 p = 1; |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
994 |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
995 CHECK_POSIX( pthread_mutex_lock( &cli->dupl_info[p].dupl_lock ) ); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
996 |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
997 /* Search this message in our list */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
998 for (li = cli->dupl_info[p].dupl_by_id.next; li != &cli->dupl_info[p].dupl_by_id; li = li->next) { |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
999 int cmp = 0; |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1000 struct req_info * r = (struct req_info *)(li->o); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1001 if (r->id < req->radius.hdr->identifier) |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1002 continue; |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1003 if (r->id > req->radius.hdr->identifier) |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1004 break; |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1005 if (r->port < req->port) |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1006 continue; |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1007 if (r->port > req->port) |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1008 break; |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1009 cmp = memcmp(&r->auth[0], &req->radius.hdr->authenticator[0], 16); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1010 if (cmp < 0) |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1011 continue; |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1012 if (cmp > 0); |
|
530
825a2992e3b9
Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
521
diff
changeset
|
1013 break; |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1014 |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1015 /* We have the request in our duplicate cache */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1016 /* This should not happen, but just in case... */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1017 if (r->ans) { |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1018 radius_msg_free(r->ans); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1019 free(r->ans); |
|
530
825a2992e3b9
Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
521
diff
changeset
|
1020 } |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1021 |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1022 /* Now save the message */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1023 r->ans = *msg; |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1024 *msg = NULL; |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1025 |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1026 /* Update the timestamp */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1027 { |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1028 time_t now = time(NULL); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1029 TRACE_DEBUG(FULL, "Sent RADIUS answer %d seconds after the request was received.", now - r->received); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1030 r->received = now; |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1031 fd_list_unlink(&r->by_time); /* Move as last entry, since it is the most recent */ |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1032 fd_list_insert_before(&cli->dupl_info[p].dupl_by_time, &r->by_time); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1033 } |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1034 break; |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
1035 } |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1036 |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1037 CHECK_POSIX( pthread_mutex_unlock( &cli->dupl_info[p].dupl_lock ) ); |
|
530
825a2992e3b9
Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
521
diff
changeset
|
1038 |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1039 /* If we have not found the request in our list, the purge time is probably too small */ |
|
530
825a2992e3b9
Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
521
diff
changeset
|
1040 if (*msg) { |
|
544
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1041 TODO("Augment the purge time..."); |
|
a0e3af6f94fb
Improve the RADIUS duplicates management. Default cache is set to 60 seconds.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
539
diff
changeset
|
1042 /* If we receive the duplicate request again, it will be converted to Diameter... */ |
|
530
825a2992e3b9
Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
521
diff
changeset
|
1043 radius_msg_free(*msg); |
|
825a2992e3b9
Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
521
diff
changeset
|
1044 free(*msg); |
|
825a2992e3b9
Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
521
diff
changeset
|
1045 *msg = NULL; |
|
825a2992e3b9
Improved duplicate detection in RADIUS/Diameter gw. It will be changed again soon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
521
diff
changeset
|
1046 } |
|
254
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
1047 |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
1048 /* Finished */ |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
1049 return 0; |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
1050 } |
|
a857024cb48b
Ported the RADIUS/Diameter translation code from waaad project. Not tested yet. Gateway plugins to come later.
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
1051 |