Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Use proper environment variables for Accounting-Request #9

Open
wants to merge 8 commits into
base: master
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
65 changes: 42 additions & 23 deletions AuthenticationProcess.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,8 @@ void AuthenticationProcess::Authentication(PluginContext * context)
{
UserAuth * user; /**<The user to authenticate.*/
int command; /**<A command from the parent process.*/

int step = 0;

//Tell the parent everythink is ok.
try
{
Expand All @@ -58,6 +59,7 @@ void AuthenticationProcess::Authentication(PluginContext * context)
// Event loop
while (1)
{
step=0;
// get a command from foreground process
command = context->authsocketforegr.recvInt();

Expand All @@ -70,67 +72,84 @@ void AuthenticationProcess::Authentication(PluginContext * context)
{
user=new UserAuth;
//get the user informations
step++;//1
user->setUsername(context->authsocketforegr.recvStr());
user->setPassword(context->authsocketforegr.recvStr());
user->setDev(context->authsocketforegr.recvStr());
user->setPortnumber(context->authsocketforegr.recvInt());
user->setSessionId(context->authsocketforegr.recvStr());
user->setCallingStationId(context->authsocketforegr.recvStr());
user->setCommonname(context->authsocketforegr.recvStr());
step++;//2
user->setPassword(context->authsocketforegr.recvStr());
step++;//3
user->setDev(context->authsocketforegr.recvStr());
step++;//4
user->setPortnumber(context->authsocketforegr.recvInt());
step++;//5
user->setSessionId(context->authsocketforegr.recvStr());
step++;//6
user->setCallingStationId(context->authsocketforegr.recvStr());
step++;//7
user->setCommonname(context->authsocketforegr.recvStr());
// framed-ip is an @IP if we're renegotiating, "" otherwise
user->setFramedIp(context->authsocketforegr.recvStr());
step++;//8
user->setFramedIp(context->authsocketforegr.recvStr());

if (DEBUG (context->getVerbosity()) && (user->getFramedIp().compare("") == 0))
if (DEBUG (context->getVerbosity()) && (user->getFramedIp().compare("") == 0))
cerr << getTime() << "RADIUS-PLUGIN: BACKGROUND AUTH: New user auth: username: " << user->getUsername() << ", password: *****, calling station: " << user->getCallingStationId() << ", commonname: " << user->getCommonname() << ".\n";

if (DEBUG (context->getVerbosity()) && (user->getFramedIp().compare("") !=0 ))
cerr << getTime() << "RADIUS-PLUGIN: BACKGROUND AUTH: Old user ReAuth: username: " << user->getUsername() << ", password: *****, calling station: " << user->getCallingStationId() << ", commonname: " << user->getCommonname() << ".\n";

//send the AcceptRequestPacket
if (user->sendAcceptRequestPacket(context)==0) /* Succeeded */
step++;//9
if (user->sendAcceptRequestPacket(context)==0) /* Succeeded */
{
//if the authentication succeeded
//create the user configuration file
//Unless this is a renegotiation (ie: if FramedIP is already set)
if (user->createCcdFile(context)>0 && (user->getFramedIp().compare("") == 0))
step++;//10
if (user->createCcdFile(context)>0 && (user->getFramedIp().compare("") == 0))
{
throw Exception ("RADIUS-PLUGIN: BACKGROUND AUTH: Ccd-file could not created for user with commonname: "+user->getCommonname()+"!\n");
}

//tell the parent process
context->authsocketforegr.send(RESPONSE_SUCCEEDED);
step++;//11
context->authsocketforegr.send(RESPONSE_SUCCEEDED);

//send the routes to the parent process
context->authsocketforegr.send(user->getFramedRoutes());
step++;//12
context->authsocketforegr.send(user->getFramedRoutes());

//send the framed ip to the parent process
context->authsocketforegr.send(user->getFramedIp());
step++;//13
context->authsocketforegr.send(user->getFramedIp());

//send the IPv6 routes to the parent process
context->authsocketforegr.send(user->getFramedRoutes6());
step++;//14
context->authsocketforegr.send(user->getFramedRoutes6());

//send the framed IPv6 to the parent process
context->authsocketforegr.send(user->getFramedIp6());
step++;//15
context->authsocketforegr.send(user->getFramedIp6());

//send the interval to the parent process
context->authsocketforegr.send(user->getAcctInterimInterval());
step++;//16
context->authsocketforegr.send(user->getAcctInterimInterval());

//send the vsa buffer
context->authsocketforegr.send(user->getVsaBuf(), user->getVsaBufLen());
step++;//17
context->authsocketforegr.send(user->getVsaBuf(), user->getVsaBufLen());


//free user_context_auth
delete user;
step++;//18
delete user;

if (DEBUG (context->getVerbosity()))
cerr << getTime() << "RADIUS-PLUGIN: BACKGROUND AUTH: Auth succeeded in radius_server().\n";



}
else /* Failed */
{
context->authsocketforegr.send(RESPONSE_FAILED);
step++;//10
context->authsocketforegr.send(RESPONSE_FAILED);
throw Exception("RADIUS-PLUGIN: BACKGROUND AUTH: Auth failed!.\n");
}
}
Expand All @@ -144,7 +163,7 @@ void AuthenticationProcess::Authentication(PluginContext * context)
}
}
catch(std::bad_alloc){
cerr << getTime() << "RADIUS-PLUGIN: BACKGROUND AUTH: New failed for UserAuth." << endl;
cerr << getTime() << "RADIUS-PLUGIN: BACKGROUND AUTH: New failed for UserAuth. (step = "<<step<< ")" << endl;
goto done;
}
catch (...)
Expand Down
60 changes: 43 additions & 17 deletions RadiusClass/RadiusPacket.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -317,10 +317,11 @@ int RadiusPacket::unShapeRadiusPacket(void)
{
RadiusAttribute *ra;
int pos,i;
char *value;
char *value;
unsigned int len;

//if the buffer is empty
if(!this->recvbuffer||this->recvbufferlen<=0)
if(!this->recvbuffer||this->recvbufferlen<=4)
{
return NO_BUFFER_TO_UNSHAPE;
}
Expand All @@ -329,15 +330,23 @@ int RadiusPacket::unShapeRadiusPacket(void)
// RADIUS packet header decoding
this->code=this->recvbuffer[0];
//cerr << getTime() << "\n\nCODE: %s\n\n", this->code);

this->identifier=this->recvbuffer[1];

len = this->recvbuffer[2]*256 + this->recvbuffer[3];

if (this->recvbufferlen < len)
{
return BAD_LENGTH;
}

memcpy(this->authenticator,recvbuffer+4,RADIUS_PACKET_AUTHENTICATOR_LEN);


// RADIUS packet attributes decoding
pos=20;

while(pos<this->recvbufferlen)
while(pos<len)
{
//for every turn create a new attribute
if(!(ra=new RadiusAttribute))
Expand All @@ -355,9 +364,12 @@ int RadiusPacket::unShapeRadiusPacket(void)
{
return TO_BIG_ATTRIBUTE_LENGTH;
}
else if (ra->getLength()<2)
{
return BAD_LENGTH;
}
else
{

value=new char [ra->getLength()-2];
for(i=0;i<(ra->getLength()-2);i++)
{
Expand All @@ -373,7 +385,7 @@ int RadiusPacket::unShapeRadiusPacket(void)
delete ra;
}
//set the right length
this->length=this->recvbufferlen;
this->length=len;


return 0;
Expand Down Expand Up @@ -479,54 +491,61 @@ int RadiusPacket::radiusReceive(list<RadiusServer> *serverlist)
int i_server=serverlist->size(),i=0;
server=serverlist->begin();

int step = 0;

while (i<i_server)
{
try
{
// Get server IP address (no check if input is IP address or DNS name
if(!(h=gethostbyname(server->getName().c_str())))
{
return UNKNOWN_HOST;
}

remoteServAddr.sin_family=h->h_addrtype;

remoteServAddr.sin_port=htons(server->getAuthPort());
remoteServAddr.sin_port=htons(server->getAuthPort());


//retry the sending if there is no result
while (retries<=server->getRetry())
while (retries<=server->getRetry())
{
step = 0;
// wait for the specified time for a response
tv.tv_sec = server->getWait();
tv.tv_usec = 0;
FD_ZERO(&set); // clear out the set
FD_SET(this->sock, &set); // wait only for the RADIUS UDP socket
result = select(FD_SETSIZE, &set, NULL, NULL, &tv);
step++;
result = select(FD_SETSIZE, &set, NULL, NULL, &tv);

if (result>0)
{

//clear the attributes
attribs.clear();


//allocate enough space for the buffer (RFC says maximum 4096=RADIUS_MAX_PACKET_LEN Bytes)
if(!(this->recvbuffer=new Octet[RADIUS_MAX_PACKET_LEN]))
step++;
if(!(this->recvbuffer=new Octet[RADIUS_MAX_PACKET_LEN]))
{
return (ALLOC_ERROR);
}
//set the buffer to 0
memset(this->recvbuffer,0,RADIUS_MAX_PACKET_LEN);
len=sizeof(struct sockaddr_in);
this->recvbufferlen=recvfrom(this->sock,this->recvbuffer,RADIUS_MAX_PACKET_LEN,0,(struct sockaddr*)&remoteServAddr,&len);
step++;
this->recvbufferlen=recvfrom(this->sock,this->recvbuffer,RADIUS_MAX_PACKET_LEN,0,(struct sockaddr*)&remoteServAddr,&len);
close(this->sock);
this->sock=0;
//unshape the packet
if(this->unShapeRadiusPacket()!=0)
step++;
if(this->unShapeRadiusPacket()!=0)
{
return UNSHAPE_ERROR;
}

if (this->authenticateReceivedPacket(server->getSharedSecret().c_str())!=0)
step++;
if (this->authenticateReceivedPacket(server->getSharedSecret().c_str())!=0)
{

return WRONG_AUTHENTICATOR_IN_RECV_PACKET;
Expand All @@ -541,7 +560,8 @@ int RadiusPacket::radiusReceive(list<RadiusServer> *serverlist)
//the server retries
if(retries <= server->getRetry())
{
this->radiusSend(server);
step+=100;
this->radiusSend(server);
}
}
retries++;
Expand All @@ -551,6 +571,12 @@ int RadiusPacket::radiusReceive(list<RadiusServer> *serverlist)
i++;
//set the retries=0, for the new server
retries=0;
}
catch(std::bad_alloc&)
{
cerr << "-------- RADIUS-PLUGIN: radiusReceive bad_alloc. (step = "<<step<< ")" << endl;
throw;
}
}

return NO_RESPONSE;
Expand Down
Loading