Mercurial > hg > freeDiameter
diff extensions/app_radgw/rgw_msg.c @ 516:1c2f5ee38039
Allow RADIUS Proxies with the app_radgw extension
author | Sebastien Decugis <sdecugis@nict.go.jp> |
---|---|
date | Fri, 27 Aug 2010 10:59:51 +0900 |
parents | e203fc0c95e3 |
children | d5383f28b96e |
line wrap: on
line diff
--- a/extensions/app_radgw/rgw_msg.c Thu Aug 26 14:10:03 2010 +0900 +++ b/extensions/app_radgw/rgw_msg.c Fri Aug 27 10:59:51 2010 +0900 @@ -78,38 +78,6 @@ return 0; } -/* Check if the message has a valid authenticator, and update the meta-data accordingly */ -int rgw_msg_auth_check(struct rgw_radius_msg_meta * msg, struct rgw_client * cli, uint8_t * req_auth) -{ - unsigned char * key; - size_t keylen; - int count; - - TRACE_ENTRY("%p %p %p", msg, cli, req_auth); - - CHECK_PARAMS(msg && cli); - - CHECK_FCT(rgw_clients_getkey(cli, &key, &keylen)); - - count = radius_msg_count_attr(&msg->radius, RADIUS_ATTR_MESSAGE_AUTHENTICATOR, 0); - if (count > 1) { - TRACE_DEBUG(INFO, "Too many Message-Authenticator attributes (%d), discarding message.", count); - return EINVAL; - } - if (count == 0) { - TRACE_DEBUG(FULL, "Message does not contain a Message-Authenticator attributes."); - msg->valid_mac = 0; - } else { - if (radius_msg_verify_msg_auth( &msg->radius, key, keylen, req_auth )) { - TRACE_DEBUG(INFO, "Invalid Message-Authenticator received, discarding message."); - return EINVAL; - } - msg->valid_mac = 1; - } - - return 0; -} - /* Dump a message (inspired from radius_msg_dump) -- can be used safely with a struct radius_msg as parameter (we don't dump the metadata) */ void rgw_msg_dump(struct rgw_radius_msg_meta * msg) { @@ -131,56 +99,8 @@ for (i = 0; i < msg->radius.attr_used; i++) { struct radius_attr_hdr *attr = (struct radius_attr_hdr *)(msg->radius.buf + msg->radius.attr_pos[i]); fd_log_debug(" - len:%3hhu, type:0x%02hhx (%s)\n", attr->length, attr->type, rgw_msg_attrtype_str(attr->type)); - /* If we need to dump the value, it's better to call directly radius_msg_dump instead... */ + radius_msg_dump_attr_val(attr); } fd_log_debug("-----------------------------\n"); } -static struct dict_object * cache_orig_host = NULL; -static struct dict_object * cache_orig_realm = NULL; - -int rgw_msg_init(void) -{ - TRACE_ENTRY(); - CHECK_FCT( fd_dict_search(fd_g_config->cnf_dict, DICT_AVP, AVP_BY_NAME, "Origin-Host", &cache_orig_host, ENOENT) ); - CHECK_FCT( fd_dict_search(fd_g_config->cnf_dict, DICT_AVP, AVP_BY_NAME, "Origin-Realm", &cache_orig_realm, ENOENT) ); - return 0; -} - -/* Create a new Diameter msg with origin-host & realm */ -int rgw_msg_create_base(struct rgw_client * cli, struct msg ** diam) -{ - char * fqdn; - char * realm; - - struct avp *avp = NULL; - union avp_value avp_val; - - TRACE_ENTRY("%p %p", cli, diam); - CHECK_PARAMS( cli && diam && (*diam == NULL) ); - - /* Get information on this peer */ - CHECK_FCT( rgw_clients_get_origin(cli, &fqdn, &realm) ); - - /* Create an empty Diameter message so that extensions can store their AVPs */ - CHECK_FCT( fd_msg_new ( NULL, MSGFL_ALLOC_ETEID, diam ) ); - - /* Add the Origin-Host as next AVP */ - CHECK_FCT( fd_msg_avp_new ( cache_orig_host, 0, &avp ) ); - memset(&avp_val, 0, sizeof(avp_val)); - avp_val.os.data = (unsigned char *)fqdn; - avp_val.os.len = strlen(fqdn); - CHECK_FCT( fd_msg_avp_setvalue ( avp, &avp_val ) ); - CHECK_FCT( fd_msg_avp_add ( *diam, MSG_BRW_LAST_CHILD, avp) ); - - /* Add the Origin-Realm as next AVP */ - CHECK_FCT( fd_msg_avp_new ( cache_orig_realm, 0, &avp ) ); - memset(&avp_val, 0, sizeof(avp_val)); - avp_val.os.data = (unsigned char *)realm; - avp_val.os.len = strlen(realm); - CHECK_FCT( fd_msg_avp_setvalue ( avp, &avp_val ) ); - CHECK_FCT( fd_msg_avp_add ( *diam, MSG_BRW_LAST_CHILD, avp) ); - - /* Done! */ - return 0; -}