38 #include <arpa/inet.h>
40 #include <uuid/uuid.h>
41 #include <openssl/md5.h>
128 static unsigned char *addradattr(
struct radius_packet *packet,
char type,
unsigned char *val,
char len) {
138 memcpy(data + 2, val, len);
141 packet->
len += data[1];
153 addradattr(packet, type, (
unsigned char *)&tval,
sizeof(tval));
163 tval = inet_addr(ipaddr);
164 addradattr(packet, type, (
unsigned char *)&tval,
sizeof(tval));
172 addradattr(packet, type, (
unsigned char *)str, strlen(str));
175 static void addradattrpasswd(
struct radius_packet *packet,
const char *pw,
const char *secret) {
186 memcpy(pwbuff, pw, len);
199 MD5_Update(&c, secret, strlen(secret));
208 MD5_Final(digest, &c);
210 pwbuff[i + n] ^= digest[i];
224 if ((packet = malloc(
sizeof(*packet)))) {
225 memset(packet, 0,
sizeof(*packet));
233 static int32_t hash_session(
const void *data,
int key) {
236 const unsigned char *hashkey = (key) ? data : &session->
id;
238 ret = *hashkey << 24;
243 static int32_t hash_connex(
const void *data,
int key) {
246 const int *hashkey = (key) ? data : &connex->
socket;
253 static int32_t hash_server(
const void *data,
int key) {
256 const unsigned char *hashkey = (key) ? data : &server->
id;
263 static void del_radserver(
void *data) {
267 free((
char *)server->
name);
276 free((
char *)server->
secret);
289 extern void add_radserver(
const char *ipaddr,
const char *auth,
const char *acct,
const char *secret,
int timeout) {
292 if ((server =
objalloc(
sizeof(*server), del_radserver))) {
302 gettimeofday(&server->
service, NULL);
309 static void del_radsession(
void *data) {
313 free((
void *)session->
passwd);
324 if ((session =
objalloc(
sizeof(*session), del_radsession))) {
329 session->
id = packet->
id;
344 unsigned char *vector;
350 struct timeval curtime;
353 gettimeofday(&curtime, NULL);
359 (server->
service.tv_sec > curtime.tv_sec)) {
365 connex = radconnect(server);
381 if ((connex = radconnect(server))) {
397 packet->
id = connex->
id;
398 session->
id = packet->
id;
405 packet->
id = connex->
id;
406 session = rad_session(packet, connex, userpass, read_cb, cb_data);
412 addradattrpasswd(packet, session->
passwd, server->
secret);
417 packet->
len = htons(len);
420 scnt = send(connex->
socket->
sock, packet, len, 0);
426 session->
sent = curtime;
453 return (_send_radpacket(packet, userpass, NULL, read_cb, cb_data));
457 return (_send_radpacket(NULL, NULL, session, NULL, NULL));
464 unsigned int tdiff, len, scnt;
465 unsigned char *vector;
467 gettimeofday(&tv, NULL);
471 tdiff = tv.tv_sec - session->
sent.tv_sec;
475 resend_radpacket(session);
496 resend_radpacket(session);
505 static void radius_recv(
void **data) {
514 chk = recv(connex->
socket->
sock, buff, 4096, 0);
517 if (errno == ECONNREFUSED) {
518 printf(
"Connection Bad\n");
523 printf(
"Taking server off line for %is\n", connex->
server->
timeout);
530 plen = ntohs(packet->
len);
533 printf(
"OOps Did not get proper packet\n");
540 printf(
"Could not find session\n");
548 if (
md5cmp(rtok, rtok2)) {
549 printf(
"Invalid Signature");
562 static void *rad_return(
void *data) {
564 fd_set rd_set, act_set;
576 selfd = select(connex->
socket->
sock + 1, &act_set, NULL, NULL, &tv);
578 if ((selfd < 0 && errno == EINTR) || (!selfd)) {
586 if (FD_ISSET(connex->
socket->
sock, &act_set)) {
595 static void del_radconnect(
void *data) {
607 if ((connex =
objalloc(
sizeof(*connex), del_radconnect))) {
612 setsockopt(connex->
socket->
sock, SOL_IP, IP_RECVERR,(
char *)&val,
sizeof(val));
628 return (packet->
attrs);
638 if (!(offset - attr[1])) {
642 return (attr + attr[1]);
int md5cmp(unsigned char *digest1, unsigned char *digest2)
Compare two md5 hashes.
struct radius_packet * new_radpacket(unsigned char code)
Create a new radius packet.
void * create_bucketlist(int bitmask, blisthash hash_function)
struct radius_packet * packet
Radius packet.
int timeout
Server timeout.
int objref(void *data)
Reference a object.
unsigned char token[RAD_AUTH_TOKEN_LEN]
Authentification token.
void addradattrip(struct radius_packet *packet, char type, char *ipaddr)
Add a integer attribute too the packet.
const char * passwd
Password requires special handling.
int objlock(void *data)
Lock the reference.
unsigned short len
Packet length.
unsigned char id
Connection ID.
void addradattrstr(struct radius_packet *packet, char type, char *str)
Add a integer attribute too the packet.
#define RAD_AUTH_TOKEN_LEN
Auth token length.
#define RAD_ATTR_MESSAGE
Radius attribute message.
unsigned short id
Session id.
void * objalloc(int size, objdestroy)
Allocate a referenced lockable object.
const char * name
Server name.
#define RAD_AUTH_PACKET_LEN
Auth packet length.
int bucket_list_cnt(struct bucket_list *blist)
Return number of items in the list.
void md5hmac(unsigned char *buff, const void *data, unsigned long len, const void *key, unsigned long klen)
Hash Message Authentication Codes (HMAC) MD5.
#define RAD_AUTH_HDR_LEN
Authentification header length.
void * next_bucket_loop(struct bucket_loop *bloop)
Return a reference to the next item in the list this could be the first item.
void add_radserver(const char *ipaddr, const char *auth, const char *acct, const char *secret, int timeout)
Add new radius server to list of servers.
void addradattrint(struct radius_packet *packet, char type, unsigned int val)
Add a integer attribute too the packet.
DTS Application library API Include file.
unsigned char code
Radius packet code.
#define RAD_ATTR_USER_PASSWORD
Radius attribute password.
void md5sum2(unsigned char *buff, const void *data, unsigned long len, const void *data2, unsigned long len2)
Calculate the MD5 hash accross 2 data chunks.
unsigned int olen
Original length of packet.
struct thread_pvt * framework_mkthread(threadfunc, threadcleanup, threadsighandler, void *data, int flags)
create a thread result must be unreferenced
struct bucket_list * connex
Bucket list of connextions.
int genrand(void *buf, int len)
Generate random sequence.
#define RAD_MAX_PASS_LEN
Auth max password length.
struct fwsocket * udpconnect(const char *ipaddr, const char *port, void *ssl)
UDP Socket client.
unsigned char id
Packet ID.
const char * secret
Server secret.
char retries
Retries available.
const char * authport
Server authport.
struct timeval service
Server out of service time.
unsigned char id
Server hash based on server count.
int objunlock(void *data)
Unlock a reference.
const char * acctport
Server accounting port.
int framework_threadok(void)
let threads check there status.
struct bucket_list * sessions
Bucket list of sessions.
unsigned char * radius_attr_first(struct radius_packet *packet)
Return first packet attribute.
void * cb_data
Callback data passed to callback.
unsigned char request[RAD_AUTH_TOKEN_LEN]
Radius request auth token.
struct timeval sent
Time packet was sent.
void(* radius_cb)(struct radius_packet *, void *)
Callback to call when response arrives.
struct radius_server * server
Reference to radius server.
void remove_bucket_loop(struct bucket_loop *bloop)
Safely remove a item from a list while iterating in a loop.
char minserver
Minimum id of server to use.
#define ALLOC_CONST(const_var, val)
Macro to assign values to char const.
radius_cb read_cb
Radius callback.
int addtobucket(struct bucket_list *blist, void *data)
Add a reference to the bucketlist.
void * bucket_list_find_key(struct bucket_list *list, const void *key)
Find and return a reference to a item matching supplied key.
void remove_bucket_item(struct bucket_list *blist, void *data)
Remove and unreference a item from the list.
struct fwsocket * socket
Reference to socket.
int send_radpacket(struct radius_packet *packet, const char *userpass, radius_cb read_cb, void *cb_data)
Send radius packet.
int objunref(void *data)
Drop reference held.
unsigned char attrs[RAD_AUTH_PACKET_LEN-RAD_AUTH_HDR_LEN]
Radius Attributes.
unsigned char * radius_attr_next(struct radius_packet *packet, unsigned char *attr)
Return next packet attribute.
struct bucket_loop * init_bucket_loop(struct bucket_list *blist)
Create a bucket list iterator to safely iterate the list.
Bucket list, hold hashed objects in buckets.