Lines Matching refs:r
148 demangle(struct radius *r, const void *mangled, size_t mlen, in demangle() argument
168 if (rad_request_authenticator(r->cx.rad, R, sizeof R) != AUTH_LEN) { in demangle()
178 S = rad_server_secret(r->cx.rad); /* We need the RADIUS secret */ in demangle()
248 radius_Process(struct radius *r, int got) in radius_Process() argument
265 r->cx.fd = -1; /* Stop select()ing */ in radius_Process()
266 stype = r->cx.auth ? "auth" : "acct"; in radius_Process()
272 if (!r->cx.auth) { in radius_Process()
273 rad_close(r->cx.rad); in radius_Process()
281 if (!r->cx.auth) { in radius_Process()
282 rad_close(r->cx.rad); in radius_Process()
291 if (r->cx.auth) in radius_Process()
292 auth_Failure(r->cx.auth); in radius_Process()
293 rad_close(r->cx.rad); in radius_Process()
305 if (r->cx.auth) in radius_Process()
306 auth_Failure(r->cx.auth); /* unexpected !!! */ in radius_Process()
309 rad_close(r->cx.rad); in radius_Process()
314 "radius(%s): %s\n", stype, rad_strerror(r->cx.rad)); in radius_Process()
315 if (r->cx.auth) in radius_Process()
316 auth_Failure(r->cx.auth); in radius_Process()
317 rad_close(r->cx.rad); in radius_Process()
322 got, rad_strerror(r->cx.rad)); in radius_Process()
323 if (r->cx.auth) in radius_Process()
324 auth_Failure(r->cx.auth); in radius_Process()
325 rad_close(r->cx.rad); in radius_Process()
330 r->ip.s_addr = r->mask.s_addr = INADDR_NONE; in radius_Process()
331 r->mtu = 0; in radius_Process()
332 r->vj = 0; in radius_Process()
333 while ((res = rad_get_attr(r->cx.rad, &data, &len)) > 0) { in radius_Process()
336 r->ip = rad_cvt_addr(data); in radius_Process()
338 " IP %s\n", inet_ntoa(r->ip)); in radius_Process()
342 free(r->filterid); in radius_Process()
343 if ((r->filterid = rad_cvt_string(data, len)) == NULL) { in radius_Process()
344 log_Printf(LogERROR, "rad_cvt_string: %s\n", rad_strerror(r->cx.rad)); in radius_Process()
345 auth_Failure(r->cx.auth); in radius_Process()
346 rad_close(r->cx.rad); in radius_Process()
350 " Filter \"%s\"\n", r->filterid); in radius_Process()
354 r->sessiontime = rad_cvt_int(data); in radius_Process()
356 " Session-Timeout %lu\n", r->sessiontime); in radius_Process()
360 r->mask = rad_cvt_addr(data); in radius_Process()
362 " Netmask %s\n", inet_ntoa(r->mask)); in radius_Process()
366 r->mtu = rad_cvt_int(data); in radius_Process()
368 " MTU %lu\n", r->mtu); in radius_Process()
379 r->vj = rad_cvt_int(data) == 1 ? 1 : 0; in radius_Process()
381 " VJ %sabled\n", r->vj ? "en" : "dis"); in radius_Process()
393 log_Printf(LogERROR, "rad_cvt_string: %s\n", rad_strerror(r->cx.rad)); in radius_Process()
394 auth_Failure(r->cx.auth); in radius_Process()
395 rad_close(r->cx.rad); in radius_Process()
401 bundle = r->cx.auth->physical->dl->bundle; in radius_Process()
437 route_Add(&r->routes, addrs, &dest, &gw); in radius_Process()
443 free(r->repstr); in radius_Process()
444 if ((r->repstr = rad_cvt_string(data, len)) == NULL) { in radius_Process()
445 log_Printf(LogERROR, "rad_cvt_string: %s\n", rad_strerror(r->cx.rad)); in radius_Process()
446 auth_Failure(r->cx.auth); in radius_Process()
447 rad_close(r->cx.rad); in radius_Process()
451 " Reply-Message \"%s\"\n", r->repstr); in radius_Process()
456 free(r->ipv6prefix); in radius_Process()
457 if ((r->ipv6prefix = rad_cvt_ipv6prefix(data, len)) == NULL) { in radius_Process()
460 auth_Failure(r->cx.auth); in radius_Process()
461 rad_close(r->cx.rad); in radius_Process()
464 inet_ntop(AF_INET6, &r->ipv6prefix[2], ipv6addr, sizeof(ipv6addr)); in radius_Process()
466 " IPv6 %s/%d\n", ipv6addr, r->ipv6prefix[1]); in radius_Process()
478 log_Printf(LogERROR, "rad_cvt_string: %s\n", rad_strerror(r->cx.rad)); in radius_Process()
479 auth_Failure(r->cx.auth); in radius_Process()
480 rad_close(r->cx.rad); in radius_Process()
486 bundle = r->cx.auth->physical->dl->bundle; in radius_Process()
515 route_Add(&r->ipv6routes, addrs, &dest, &gw); in radius_Process()
524 rad_strerror(r->cx.rad)); in radius_Process()
525 auth_Failure(r->cx.auth); in radius_Process()
526 rad_close(r->cx.rad); in radius_Process()
535 free(r->errstr); in radius_Process()
537 r->errstr = NULL; in radius_Process()
549 if ((r->errstr = rad_cvt_string((const char *)data, in radius_Process()
552 rad_strerror(r->cx.rad)); in radius_Process()
553 auth_Failure(r->cx.auth); in radius_Process()
554 rad_close(r->cx.rad); in radius_Process()
558 " MS-CHAP-Error \"%s\"\n", r->errstr); in radius_Process()
563 free(r->msrepstr); in radius_Process()
565 r->msrepstr = NULL; in radius_Process()
577 if ((r->msrepstr = rad_cvt_string((const char *)data, in radius_Process()
580 rad_strerror(r->cx.rad)); in radius_Process()
581 auth_Failure(r->cx.auth); in radius_Process()
582 rad_close(r->cx.rad); in radius_Process()
586 " MS-CHAP2-Success \"%s\"\n", r->msrepstr); in radius_Process()
591 r->mppe.policy = rad_cvt_int(data); in radius_Process()
594 radius_policyname(r->mppe.policy)); in radius_Process()
598 r->mppe.types = rad_cvt_int(data); in radius_Process()
601 radius_typesname(r->mppe.types)); in radius_Process()
605 free(r->mppe.recvkey); in radius_Process()
606 demangle(r, data, len, &r->mppe.recvkey, &r->mppe.recvkeylen); in radius_Process()
612 demangle(r, data, len, &r->mppe.sendkey, &r->mppe.sendkeylen); in radius_Process()
640 rad_strerror(r->cx.rad)); in radius_Process()
641 auth_Failure(r->cx.auth); in radius_Process()
643 auth_Failure(r->cx.auth); in radius_Process()
645 r->valid = 1; in radius_Process()
646 auth_Success(r->cx.auth); in radius_Process()
648 rad_close(r->cx.rad); in radius_Process()
655 radius_Continue(struct radius *r, int sel) in radius_Continue() argument
660 timer_Stop(&r->cx.timer); in radius_Continue()
661 if ((got = rad_continue_send_request(r->cx.rad, sel, &r->cx.fd, &tv)) == 0) { in radius_Continue()
664 r->cx.timer.load = tv.tv_usec / TICKUNIT + tv.tv_sec * SECTICKS; in radius_Continue()
665 timer_Start(&r->cx.timer); in radius_Continue()
669 radius_Process(r, got); in radius_Continue()
695 radius_Flush(struct radius *r) in radius_Flush() argument
700 while (r->cx.fd != -1) { in radius_Flush()
702 FD_SET(r->cx.fd, &s); in radius_Flush()
705 select(r->cx.fd + 1, &s, NULL, NULL, &tv); in radius_Flush()
706 radius_Continue(r, 1); in radius_Flush()
714 radius_UpdateSet(struct fdescriptor *d, fd_set *r, fd_set *w __unused, in radius_UpdateSet() argument
719 if (r && rad->cx.fd != -1) { in radius_UpdateSet()
720 FD_SET(rad->cx.fd, r); in radius_UpdateSet()
736 struct radius *r = descriptor2radius(d); in radius_IsSet() local
738 return r && r->cx.fd != -1 && FD_ISSET(r->cx.fd, fdset); in radius_IsSet()
757 radius_Init(struct radius *r) in radius_Init() argument
759 r->desc.type = RADIUS_DESCRIPTOR; in radius_Init()
760 r->desc.UpdateSet = radius_UpdateSet; in radius_Init()
761 r->desc.IsSet = radius_IsSet; in radius_Init()
762 r->desc.Read = radius_Read; in radius_Init()
763 r->desc.Write = radius_Write; in radius_Init()
764 r->cx.fd = -1; in radius_Init()
765 r->cx.rad = NULL; in radius_Init()
766 memset(&r->cx.timer, '\0', sizeof r->cx.timer); in radius_Init()
767 r->cx.auth = NULL; in radius_Init()
768 r->valid = 0; in radius_Init()
769 r->vj = 0; in radius_Init()
770 r->ip.s_addr = INADDR_ANY; in radius_Init()
771 r->mask.s_addr = INADDR_NONE; in radius_Init()
772 r->routes = NULL; in radius_Init()
773 r->mtu = DEF_MTU; in radius_Init()
774 r->msrepstr = NULL; in radius_Init()
775 r->repstr = NULL; in radius_Init()
777 r->ipv6prefix = NULL; in radius_Init()
778 r->ipv6routes = NULL; in radius_Init()
780 r->errstr = NULL; in radius_Init()
781 r->mppe.policy = 0; in radius_Init()
782 r->mppe.types = 0; in radius_Init()
783 r->mppe.recvkey = NULL; in radius_Init()
784 r->mppe.recvkeylen = 0; in radius_Init()
785 r->mppe.sendkey = NULL; in radius_Init()
786 r->mppe.sendkeylen = 0; in radius_Init()
787 *r->cfg.file = '\0';; in radius_Init()
795 radius_Destroy(struct radius *r) in radius_Destroy() argument
797 r->valid = 0; in radius_Destroy()
799 timer_Stop(&r->cx.timer); in radius_Destroy()
800 route_DeleteAll(&r->routes); in radius_Destroy()
802 route_DeleteAll(&r->ipv6routes); in radius_Destroy()
804 free(r->filterid); in radius_Destroy()
805 r->filterid = NULL; in radius_Destroy()
806 free(r->msrepstr); in radius_Destroy()
807 r->msrepstr = NULL; in radius_Destroy()
808 free(r->repstr); in radius_Destroy()
809 r->repstr = NULL; in radius_Destroy()
811 free(r->ipv6prefix); in radius_Destroy()
812 r->ipv6prefix = NULL; in radius_Destroy()
814 free(r->errstr); in radius_Destroy()
815 r->errstr = NULL; in radius_Destroy()
816 free(r->mppe.recvkey); in radius_Destroy()
817 r->mppe.recvkey = NULL; in radius_Destroy()
818 r->mppe.recvkeylen = 0; in radius_Destroy()
819 free(r->mppe.sendkey); in radius_Destroy()
820 r->mppe.sendkey = NULL; in radius_Destroy()
821 r->mppe.sendkeylen = 0; in radius_Destroy()
822 if (r->cx.fd != -1) { in radius_Destroy()
823 r->cx.fd = -1; in radius_Destroy()
824 rad_close(r->cx.rad); in radius_Destroy()
893 radius_Authenticate(struct radius *r, struct authinfo *authp, const char *name, in radius_Authenticate() argument
910 if (!*r->cfg.file) in radius_Authenticate()
913 if (r->cx.fd != -1) in radius_Authenticate()
920 radius_Destroy(r); in radius_Authenticate()
922 if ((r->cx.rad = rad_auth_open()) == NULL) { in radius_Authenticate()
927 if (rad_config(r->cx.rad, r->cfg.file) != 0) { in radius_Authenticate()
928 log_Printf(LogERROR, "rad_config: %s\n", rad_strerror(r->cx.rad)); in radius_Authenticate()
929 rad_close(r->cx.rad); in radius_Authenticate()
933 if (rad_create_request(r->cx.rad, RAD_ACCESS_REQUEST) != 0) { in radius_Authenticate()
934 log_Printf(LogERROR, "rad_create_request: %s\n", rad_strerror(r->cx.rad)); in radius_Authenticate()
935 rad_close(r->cx.rad); in radius_Authenticate()
939 if (rad_put_string(r->cx.rad, RAD_USER_NAME, name) != 0 || in radius_Authenticate()
940 rad_put_int(r->cx.rad, RAD_SERVICE_TYPE, RAD_FRAMED) != 0 || in radius_Authenticate()
941 rad_put_int(r->cx.rad, RAD_FRAMED_PROTOCOL, RAD_PPP) != 0) { in radius_Authenticate()
942 log_Printf(LogERROR, "rad_put: %s\n", rad_strerror(r->cx.rad)); in radius_Authenticate()
943 rad_close(r->cx.rad); in radius_Authenticate()
950 if (rad_put_attr(r->cx.rad, RAD_USER_PASSWORD, key, klen) != 0) { in radius_Authenticate()
952 rad_strerror(r->cx.rad)); in radius_Authenticate()
953 rad_close(r->cx.rad); in radius_Authenticate()
962 if (rad_put_attr(r->cx.rad, RAD_CHAP_PASSWORD, key, klen) != 0 || in radius_Authenticate()
963 rad_put_attr(r->cx.rad, RAD_CHAP_CHALLENGE, nchallenge, nclen) != 0) { in radius_Authenticate()
965 rad_strerror(r->cx.rad)); in radius_Authenticate()
966 rad_close(r->cx.rad); in radius_Authenticate()
976 rad_close(r->cx.rad); in radius_Authenticate()
980 rad_put_vendor_attr(r->cx.rad, RAD_VENDOR_MICROSOFT, in radius_Authenticate()
986 rad_put_vendor_attr(r->cx.rad, RAD_VENDOR_MICROSOFT, in radius_Authenticate()
995 rad_close(r->cx.rad); in radius_Authenticate()
1000 rad_put_vendor_attr(r->cx.rad, RAD_VENDOR_MICROSOFT, in radius_Authenticate()
1008 rad_put_vendor_attr(r->cx.rad, RAD_VENDOR_MICROSOFT, in radius_Authenticate()
1017 rad_close(r->cx.rad); in radius_Authenticate()
1028 if (rad_put_addr(r->cx.rad, RAD_NAS_IP_ADDRESS, hostaddr) != 0) { in radius_Authenticate()
1030 rad_strerror(r->cx.rad)); in radius_Authenticate()
1031 rad_close(r->cx.rad); in radius_Authenticate()
1036 rad_put_string(r->cx.rad, RAD_NAS_IDENTIFIER, hostname) != 0) { in radius_Authenticate()
1038 rad_strerror(r->cx.rad)); in radius_Authenticate()
1039 rad_close(r->cx.rad); in radius_Authenticate()
1045 rad_put_string(r->cx.rad, RAD_CALLING_STATION_ID, mac_addr) != 0) { in radius_Authenticate()
1046 log_Printf(LogERROR, "rad_put: %s\n", rad_strerror(r->cx.rad)); in radius_Authenticate()
1047 rad_close(r->cx.rad); in radius_Authenticate()
1051 radius_put_physical_details(r, authp->physical); in radius_Authenticate()
1055 r->cx.auth = authp; in radius_Authenticate()
1056 if ((got = rad_init_send_request(r->cx.rad, &r->cx.fd, &tv))) in radius_Authenticate()
1057 radius_Process(r, got); in radius_Authenticate()
1062 r->cx.timer.load = tv.tv_usec / TICKUNIT + tv.tv_sec * SECTICKS; in radius_Authenticate()
1063 r->cx.timer.func = radius_Timeout; in radius_Authenticate()
1064 r->cx.timer.name = "radius auth"; in radius_Authenticate()
1065 r->cx.timer.arg = r; in radius_Authenticate()
1066 timer_Start(&r->cx.timer); in radius_Authenticate()
1096 radius_Account(struct radius *r, struct radacct *ac, struct datalink *dl, in radius_Account() argument
1106 if (!*r->cfg.file) in radius_Account()
1109 if (r->cx.fd != -1) in radius_Account()
1116 timer_Stop(&r->cx.timer); in radius_Account()
1118 if ((r->cx.rad = rad_acct_open()) == NULL) { in radius_Account()
1123 if (rad_config(r->cx.rad, r->cfg.file) != 0) { in radius_Account()
1124 log_Printf(LogERROR, "rad_config: %s\n", rad_strerror(r->cx.rad)); in radius_Account()
1125 rad_close(r->cx.rad); in radius_Account()
1129 if (rad_create_request(r->cx.rad, RAD_ACCOUNTING_REQUEST) != 0) { in radius_Account()
1130 log_Printf(LogERROR, "rad_create_request: %s\n", rad_strerror(r->cx.rad)); in radius_Account()
1131 rad_close(r->cx.rad); in radius_Account()
1137 ac->rad_parent = r; in radius_Account()
1155 if (rad_put_string(r->cx.rad, RAD_USER_NAME, ac->user_name) != 0 || in radius_Account()
1156 rad_put_int(r->cx.rad, RAD_SERVICE_TYPE, RAD_FRAMED) != 0 || in radius_Account()
1157 rad_put_int(r->cx.rad, RAD_FRAMED_PROTOCOL, RAD_PPP) != 0) { in radius_Account()
1158 log_Printf(LogERROR, "rad_put: %s\n", rad_strerror(r->cx.rad)); in radius_Account()
1159 rad_close(r->cx.rad); in radius_Account()
1164 if (rad_put_addr(r->cx.rad, RAD_FRAMED_IP_ADDRESS, in radius_Account()
1166 rad_put_addr(r->cx.rad, RAD_FRAMED_IP_NETMASK, in radius_Account()
1168 log_Printf(LogERROR, "rad_put: %s\n", rad_strerror(r->cx.rad)); in radius_Account()
1169 rad_close(r->cx.rad); in radius_Account()
1175 if (rad_put_attr(r->cx.rad, RAD_FRAMED_INTERFACE_ID, ac->peer.ipv6.ifid, in radius_Account()
1177 log_Printf(LogERROR, "rad_put_attr: %s\n", rad_strerror(r->cx.rad)); in radius_Account()
1178 rad_close(r->cx.rad); in radius_Account()
1181 if (r->ipv6prefix) { in radius_Account()
1186 if (rad_put_attr(r->cx.rad, RAD_FRAMED_IPV6_PREFIX, r->ipv6prefix, in radius_Account()
1188 log_Printf(LogERROR, "rad_put_attr: %s\n", rad_strerror(r->cx.rad)); in radius_Account()
1189 rad_close(r->cx.rad); in radius_Account()
1201 rad_put_string(r->cx.rad, RAD_CALLING_STATION_ID, mac_addr) != 0) { in radius_Account()
1202 log_Printf(LogERROR, "rad_put: %s\n", rad_strerror(r->cx.rad)); in radius_Account()
1203 rad_close(r->cx.rad); in radius_Account()
1213 if (rad_put_addr(r->cx.rad, RAD_NAS_IP_ADDRESS, hostaddr) != 0) { in radius_Account()
1215 rad_strerror(r->cx.rad)); in radius_Account()
1216 rad_close(r->cx.rad); in radius_Account()
1221 rad_put_string(r->cx.rad, RAD_NAS_IDENTIFIER, hostname) != 0) { in radius_Account()
1223 rad_strerror(r->cx.rad)); in radius_Account()
1224 rad_close(r->cx.rad); in radius_Account()
1229 radius_put_physical_details(r, dl->physical); in radius_Account()
1231 if (rad_put_int(r->cx.rad, RAD_ACCT_STATUS_TYPE, acct_type) != 0 || in radius_Account()
1232 rad_put_string(r->cx.rad, RAD_ACCT_SESSION_ID, ac->session_id) != 0 || in radius_Account()
1233 rad_put_string(r->cx.rad, RAD_ACCT_MULTI_SESSION_ID, in radius_Account()
1235 rad_put_int(r->cx.rad, RAD_ACCT_DELAY_TIME, 0) != 0) { in radius_Account()
1237 log_Printf(LogERROR, "rad_put: %s\n", rad_strerror(r->cx.rad)); in radius_Account()
1238 rad_close(r->cx.rad); in radius_Account()
1244 if (rad_put_int(r->cx.rad, RAD_ACCT_INPUT_OCTETS, stats->OctetsIn % UINT32_MAX) != 0 || in radius_Account()
1245 rad_put_int(r->cx.rad, RAD_ACCT_INPUT_GIGAWORDS, stats->OctetsIn / UINT32_MAX) != 0 || in radius_Account()
1246 rad_put_int(r->cx.rad, RAD_ACCT_INPUT_PACKETS, stats->PacketsIn) != 0 || in radius_Account()
1247 rad_put_int(r->cx.rad, RAD_ACCT_OUTPUT_OCTETS, stats->OctetsOut % UINT32_MAX) != 0 || in radius_Account()
1248 rad_put_int(r->cx.rad, RAD_ACCT_OUTPUT_GIGAWORDS, stats->OctetsOut / UINT32_MAX) != 0 || in radius_Account()
1249 rad_put_int(r->cx.rad, RAD_ACCT_OUTPUT_PACKETS, stats->PacketsOut) in radius_Account()
1251 rad_put_int(r->cx.rad, RAD_ACCT_SESSION_TIME, throughput_uptime(stats)) in radius_Account()
1253 log_Printf(LogERROR, "rad_put: %s\n", rad_strerror(r->cx.rad)); in radius_Account()
1254 rad_close(r->cx.rad); in radius_Account()
1283 r->cx.auth = NULL; /* Not valid for accounting requests */ in radius_Account()
1284 if ((got = rad_init_send_request(r->cx.rad, &r->cx.fd, &tv))) in radius_Account()
1285 radius_Process(r, got); in radius_Account()
1288 r->cx.timer.load = tv.tv_usec / TICKUNIT + tv.tv_sec * SECTICKS; in radius_Account()
1289 r->cx.timer.func = radius_Timeout; in radius_Account()
1290 r->cx.timer.name = "radius acct"; in radius_Account()
1291 r->cx.timer.arg = r; in radius_Account()
1292 timer_Start(&r->cx.timer); in radius_Account()
1300 radius_Show(struct radius *r, struct prompt *p) in radius_Show() argument
1303 *r->cfg.file ? r->cfg.file : "none"); in radius_Show()
1304 if (r->valid) { in radius_Show()
1305 prompt_Printf(p, "\n IP: %s\n", inet_ntoa(r->ip)); in radius_Show()
1306 prompt_Printf(p, " Netmask: %s\n", inet_ntoa(r->mask)); in radius_Show()
1307 prompt_Printf(p, " MTU: %lu\n", r->mtu); in radius_Show()
1308 prompt_Printf(p, " VJ: %sabled\n", r->vj ? "en" : "dis"); in radius_Show()
1309 prompt_Printf(p, " Message: %s\n", r->repstr ? r->repstr : ""); in radius_Show()
1311 radius_policyname(r->mppe.policy)); in radius_Show()
1313 radius_typesname(r->mppe.types)); in radius_Show()
1315 r->mppe.recvkey ? "R" : "Not r"); in radius_Show()
1317 r->mppe.sendkey ? "R" : "Not r"); in radius_Show()
1319 r->msrepstr ? r->msrepstr : ""); in radius_Show()
1320 prompt_Printf(p, " Error Message: %s\n", r->errstr ? r->errstr : ""); in radius_Show()
1321 if (r->routes) in radius_Show()
1322 route_ShowSticky(p, r->routes, " Routes", 16); in radius_Show()
1324 if (r->ipv6routes) in radius_Show()
1325 route_ShowSticky(p, r->ipv6routes, " IPv6 Routes", 16); in radius_Show()
1358 radius_StopTimer(struct radius *r) in radius_StopTimer() argument
1360 timer_Stop(&r->alive.timer); in radius_StopTimer()