Mercurial > hg > waaad
changeset 348:7907e7cc0aef
Some stub files for the gateway extension
| author | Sebastien Decugis <sdecugis@nict.go.jp> |
|---|---|
| date | Thu, 30 Apr 2009 17:23:31 +0900 |
| parents | 1410a823ede0 |
| children | 087d76efb83d |
| files | extensions/radius_gw/CMakeLists.txt extensions/radius_gw/notes.txt extensions/radius_gw/radius_gw.c extensions/radius_gw/radius_gw.h extensions/radius_gw/radius_gw.l extensions/radius_gw/radius_gw.y extensions/radius_gw/radius_msg.c |
| diffstat | 7 files changed, 317 insertions(+), 2 deletions(-) [+] |
line wrap: on
line diff
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/extensions/radius_gw/CMakeLists.txt Thu Apr 30 17:23:31 2009 +0900 @@ -0,0 +1,35 @@ +# The rt_default extension +PROJECT("RADIUS/Diameter extensible gateway extension for waaad" C) + +# Parser files +BISON_FILE(radius_gw.y) +FLEX_FILE(radius_gw.l) +SET_SOURCE_FILES_PROPERTIES(lex.radius_gw.c radius_gw.tab.c PROPERTIES COMPILE_FLAGS "-I ${CMAKE_CURRENT_SOURCE_DIR}") + +# List of source files +SET( RGW_DEFAULT_SRC + radius_gw.c + lex.radius_gw.c + radius_gw.tab.c + radius_gw.tab.h +) + +SET( RGW_DEFAULT_HEADER + radius_gw.h +) + +# Compile these files as a module +ADD_LIBRARY(radius_gw MODULE ${RGW_DEFAULT_SRC} ${RGW_DEFAULT_HEADER}) + +# Example of support extension: +# OPTION(BUILD_RADIUS_GW_2865 "Build support for RFC2865? (RADIUS base Authentication support)" ON) +# IF (BUILD_RADIUS_GW_2865) +# BISON_FILE(2865.y) +# FLEX_FILE(2865.l) +# SET_SOURCE_FILES_PROPERTIES(lex.2865.c 2865.tab.c PROPERTIES COMPILE_FLAGS "-I ${CMAKE_CURRENT_SOURCE_DIR}") +# ADD_LIBRARY(2865 MODULE ${RGW_DEFAULT_HEADER} +# 2865.c +# lex.2865.c +# 2865.tab.c +# 2865.tab.h) +# ENDIF (BUILD_RADIUS_GW_2865)
--- a/extensions/radius_gw/notes.txt Tue Apr 28 14:51:43 2009 +0900 +++ b/extensions/radius_gw/notes.txt Thu Apr 30 17:23:31 2009 +0900 @@ -1,10 +1,52 @@ Several extensions will be built from this directory. radius_gw: base code for the gateway. -This extension alone does nothing but logging messages with unknown attributes. +This extension alone does nothing but logging messages with unknown codes or attributes. Other extensions register callbacks to handle messages / attributes. These sub-extensions are loaded according to the configuration of the main extension. Several sub-extensions should not register for the same attribute / message. -This design is not fixed yet, it may change. +Extensions are registered by RADIUS request codes. Examples of codes are: + 1: Access-Request + 4: Accounting-Request + +The complete list can be found there: http://www.iana.org/assignments/radius-types (RADIUS Packet Type Codes registry) + +*** Basic principles *** + +When a RADIUS request is received (answers are discarded): + - parse and validate the request + - format + - authenticator + - duplicate + - ... + - creates a structure as described in radius_gw.h to hold the RADIUS message information: + - data + - metadata: + - attribute description + - already handled by an extension? (always initialized to 0) + - session object ?? + - Create a new empty Diameter message + - Pass the RADIUS parsed message, diameter message, and session to all registered extensions, + in the order specified in configuration + - each extension may modify all its input (it must in particular set the "handled" flag to RADIUS attributes it + converted to Diameter) + - The extension returns an error code. The error may mean: + - stop processing and return an immediate error to the RADIUS client (critical error). + - (eventually for later) continue processing if a fallback extension is registered (not supported in initial version) + - (eventually for later) An immediate RADIUS answer must be sent, without going to Diameter network. This can be used for example for + fragmented RADIUS requests (not supported in initial version, may require change in the design...). + - When all extensions have been called, the Diameter message is checked for consistency. If it is a valid message, + it is sent on the Diameter Network, and the RADIUS message is saved in the session. If the Diameter message is + not valid, an error is returned to the RADIUS client and all data is discarded (after logging all useful information) + +When the Diameter answer is received, the radius_gw retrieves the corresponding RADIUS request from + the session, then creates a matching empty Answer message. + - It calls all registered extensions with: + - session pointer + - RADIUS request + - RADIUS answer (to add attributes) + - Diameter answer (with linked Diameter Request inside) + - When all extensions have been called, the RADIUS answer is generated, with appropriate authenticator and all, and + sent to the RADIUS client.
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/extensions/radius_gw/radius_gw.c Thu Apr 30 17:23:31 2009 +0900 @@ -0,0 +1,34 @@ +/********************************************************************************************************* +* Software License Agreement (BSD License) * +* Author: Sebastien Decugis <sdecugis@nict.go.jp> * +* * +* Copyright (c) 2008, WIDE Project and NICT * +* All rights reserved. * +* * +* Redistribution and use of this software in source and binary forms, with or without modification, are * +* permitted provided that the following conditions are met: * +* * +* * Redistributions of source code must retain the above * +* copyright notice, this list of conditions and the * +* following disclaimer. * +* * +* * Redistributions in binary form must reproduce the above * +* copyright notice, this list of conditions and the * +* following disclaimer in the documentation and/or other * +* materials provided with the distribution. * +* * +* * Neither the name of the WIDE Project or NICT nor the * +* names of its contributors may be used to endorse or * +* promote products derived from this software without * +* specific prior written permission of WIDE Project and * +* NICT. * +* * +* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED * +* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A * +* PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR * +* ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT * +* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * +* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR * +* TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF * +* ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * +*********************************************************************************************************/
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/extensions/radius_gw/radius_gw.h Thu Apr 30 17:23:31 2009 +0900 @@ -0,0 +1,51 @@ +/********************************************************************************************************* +* Software License Agreement (BSD License) * +* Author: Sebastien Decugis <sdecugis@nict.go.jp> * +* * +* Copyright (c) 2008, WIDE Project and NICT * +* All rights reserved. * +* * +* Redistribution and use of this software in source and binary forms, with or without modification, are * +* permitted provided that the following conditions are met: * +* * +* * Redistributions of source code must retain the above * +* copyright notice, this list of conditions and the * +* following disclaimer. * +* * +* * Redistributions in binary form must reproduce the above * +* copyright notice, this list of conditions and the * +* following disclaimer in the documentation and/or other * +* materials provided with the distribution. * +* * +* * Neither the name of the WIDE Project or NICT nor the * +* names of its contributors may be used to endorse or * +* promote products derived from this software without * +* specific prior written permission of WIDE Project and * +* NICT. * +* * +* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED * +* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A * +* PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR * +* ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT * +* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * +* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR * +* TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF * +* ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * +*********************************************************************************************************/ +/* This file contains the description of the API between the base radius_gw extension and + its extensions that add support for specific RADIUS attributes and/or commands. + The "notes.txt" file contains the basic mechanism for use of this API. */ + +#ifndef _RADIUS_GW_H +#define _RADIUS_GW_H + +/* This file extends definitions from the standard waaad API */ +#include <waaad/waaad.h> + +/* We use the same lists as the main daemon */ + + + + +#endif /* _RADIUS_GW_H */ +
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/extensions/radius_gw/radius_gw.l Thu Apr 30 17:23:31 2009 +0900 @@ -0,0 +1,34 @@ +/********************************************************************************************************* +* Software License Agreement (BSD License) * +* Author: Sebastien Decugis <sdecugis@nict.go.jp> * +* * +* Copyright (c) 2008, WIDE Project and NICT * +* All rights reserved. * +* * +* Redistribution and use of this software in source and binary forms, with or without modification, are * +* permitted provided that the following conditions are met: * +* * +* * Redistributions of source code must retain the above * +* copyright notice, this list of conditions and the * +* following disclaimer. * +* * +* * Redistributions in binary form must reproduce the above * +* copyright notice, this list of conditions and the * +* following disclaimer in the documentation and/or other * +* materials provided with the distribution. * +* * +* * Neither the name of the WIDE Project or NICT nor the * +* names of its contributors may be used to endorse or * +* promote products derived from this software without * +* specific prior written permission of WIDE Project and * +* NICT. * +* * +* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED * +* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A * +* PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR * +* ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT * +* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * +* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR * +* TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF * +* ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * +*********************************************************************************************************/
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/extensions/radius_gw/radius_gw.y Thu Apr 30 17:23:31 2009 +0900 @@ -0,0 +1,34 @@ +/********************************************************************************************************* +* Software License Agreement (BSD License) * +* Author: Sebastien Decugis <sdecugis@nict.go.jp> * +* * +* Copyright (c) 2008, WIDE Project and NICT * +* All rights reserved. * +* * +* Redistribution and use of this software in source and binary forms, with or without modification, are * +* permitted provided that the following conditions are met: * +* * +* * Redistributions of source code must retain the above * +* copyright notice, this list of conditions and the * +* following disclaimer. * +* * +* * Redistributions in binary form must reproduce the above * +* copyright notice, this list of conditions and the * +* following disclaimer in the documentation and/or other * +* materials provided with the distribution. * +* * +* * Neither the name of the WIDE Project or NICT nor the * +* names of its contributors may be used to endorse or * +* promote products derived from this software without * +* specific prior written permission of WIDE Project and * +* NICT. * +* * +* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED * +* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A * +* PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR * +* ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT * +* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * +* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR * +* TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF * +* ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * +*********************************************************************************************************/
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/extensions/radius_gw/radius_msg.c Thu Apr 30 17:23:31 2009 +0900 @@ -0,0 +1,85 @@ +/********************************************************************************************************* +* Software License Agreement (BSD License) * +* Author: Sebastien Decugis <sdecugis@nict.go.jp> * +* * +* Copyright (c) 2008, WIDE Project and NICT * +* All rights reserved. * +* * +* Redistribution and use of this software in source and binary forms, with or without modification, are * +* permitted provided that the following conditions are met: * +* * +* * Redistributions of source code must retain the above * +* copyright notice, this list of conditions and the * +* following disclaimer. * +* * +* * Redistributions in binary form must reproduce the above * +* copyright notice, this list of conditions and the * +* following disclaimer in the documentation and/or other * +* materials provided with the distribution. * +* * +* * Neither the name of the WIDE Project or NICT nor the * +* names of its contributors may be used to endorse or * +* promote products derived from this software without * +* specific prior written permission of WIDE Project and * +* NICT. * +* * +* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED * +* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A * +* PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR * +* ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT * +* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * +* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR * +* TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF * +* ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * +*********************************************************************************************************/ +/* Note on copyright: Some parts of this header have been copied from the Hostap project. + Files from this project are dual-licensed GPL2 and BSD. + Credits go to the original authors for these parts. + */ + +/* This file contains all support functions to parse, create, and manipulate RADIUS messages. Other +modules do not need to "know" the actual representation of RADIUS messages on the network. They only +receive the logical view as exposed in the radius_gw.h file. */ + + +/* To ensure packed structures with some common compilers */ +#ifdef __GNUC__ +#define STRUCT_PACKED __attribute__ ((packed)) +#else +#define STRUCT_PACKED +#endif +#ifdef _MSC_VER +#pragma pack(push, 1) +#endif /* _MSC_VER */ + +struct radius_hdr { + u8 code; + u8 identifier; + u16 length; /* including this header */ + u8 authenticator[16]; + /* followed by length-20 octets of attributes */ +} STRUCT_PACKED; + +struct radius_attr_hdr { + u8 type; + u8 length; /* including this header */ + /* followed by length-2 octets of attribute value */ +} STRUCT_PACKED; + +struct radius_attr_vendor { + u8 vendor_type; + u8 vendor_length; +} STRUCT_PACKED; + +#ifdef _MSC_VER +#pragma pack(pop) +#endif /* _MSC_VER */ + +/* Default size to be allocated for new RADIUS messages */ +#define RADIUS_DEFAULT_MSG_SIZE 1024 + +/* Default size to be allocated for attribute array */ +#define RADIUS_DEFAULT_ATTR_COUNT 16 + + +