Menu
▾
▴
[pgina-cvs] RADIUSplugin/RADIUSplugin Changes.txt,1.8,1.9 RADIUSauth.cpp,1.20,1.21 RADIUSauth.h,1.7,1.8
|
From: Holger W. <hw...@us...> - 2005-03-14 22:05:46
|
Update of /cvsroot/pgina/RADIUSplugin/RADIUSplugin In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv27319/RADIUSplugin Modified Files: Changes.txt RADIUSauth.cpp RADIUSauth.h Log Message: Merge from "release-0-2-patches" into HEAD: Use seperate variables for the "radius" and "radacct" ports in the radius_server_t structure instead of trying to adjust the port for accounting requests on the fly. This fixes a bug introduced in 0.2, where the port for accounting requests wasn't set correctly. Thanks to Ioan Caltun for reporting the bug. Index: RADIUSauth.cpp =================================================================== RCS file: /cvsroot/pgina/RADIUSplugin/RADIUSplugin/RADIUSauth.cpp,v retrieving revision 1.20 retrieving revision 1.21 diff -C2 -d -r1.20 -r1.21 *** RADIUSauth.cpp 11 Mar 2005 14:33:53 -0000 1.20 --- RADIUSauth.cpp 14 Mar 2005 22:05:34 -0000 1.21 *************** *** 45,87 **** /* ! * Convert server->hostname to server->ip and set server->port */ static int host2server(radius_server_t *server) { ! static bool accounting_start = true; ! ! if ((!modulePrivate.server) && ((server->ip.sin_addr.s_addr = get_ipaddr(server->hostname)) == ((UINT4) 0))) { DPRINT(EVENTLOG_ERROR_TYPE, "get_ipaddr(%s) returned 0", server->hostname); return RADIUS_AUTHINFO_UNAVAIL; } ! /* ! * If server->port is set, increment it by 1 for accounting start requests. ! * Yes, this is very ugly. We should simplify things by adding a seperate ! * port for accounting to radius_server_t. ! */ ! if (server->port) { ! if (server->accounting) { ! if (accounting_start) { ! server->port = htons(ntohs(server->port) + 1); ! accounting_start = false; ! } else { ! accounting_start = true; ! } ! } /* if the server port hasn't already been defined, go get it */ ! } else { struct servent *svp; ! if (!server->accounting) ! svp = getservbyname("radius", "udp"); ! else ! svp = getservbyname("radacct", "udp"); ! if (svp == (struct servent *) 0) { ! DPRINT(EVENTLOG_ERROR_TYPE, "getservbyname failed to lookup radius or radacct port"); return RADIUS_AUTHINFO_UNAVAIL; } ! server->port = svp->s_port; } --- 45,75 ---- /* ! * Convert server->hostname to server->ip and set server->port_* */ static int host2server(radius_server_t *server) { ! if ((server->ip.sin_addr.s_addr = get_ipaddr(server->hostname)) == ((UINT4) 0)) { DPRINT(EVENTLOG_ERROR_TYPE, "get_ipaddr(%s) returned 0", server->hostname); return RADIUS_AUTHINFO_UNAVAIL; } ! if (server->radius_port) ! server->radacct_port = server->radius_port + 1; /* if the server port hasn't already been defined, go get it */ ! else { struct servent *svp; ! svp = getservbyname("radius", "udp"); if (svp == (struct servent *) 0) { ! DPRINT(EVENTLOG_ERROR_TYPE, "getservbyname failed to lookup radius port"); return RADIUS_AUTHINFO_UNAVAIL; } ! server->radius_port = ntohs(svp->s_port); ! svp = getservbyname("radacct", "udp"); ! if (svp == (struct servent *) 0) { ! DPRINT(EVENTLOG_ERROR_TYPE, "getservbyname failed to lookup radacct port"); ! return RADIUS_AUTHINFO_UNAVAIL; ! } ! server->radacct_port = ntohs(svp->s_port); } *************** *** 535,539 **** */ static int ! initialize(radius_conf_t *conf, int accounting) { struct sockaddr salocal; --- 523,527 ---- */ static int ! initialize(radius_conf_t *conf) { struct sockaddr salocal; *************** *** 563,568 **** } server->hostname = hostname; ! server->port = htons((u_short)regReadUlong("port1")); /* returns 0 if not specified */ ! server->accounting = accounting; server->timeout = timeout; server->next = NULL; --- 551,555 ---- } server->hostname = hostname; ! server->radius_port = (u_short)regReadUlong("port1"); server->timeout = timeout; server->next = NULL; *************** *** 585,590 **** } server->hostname = hostname; ! server->port = htons((u_short)regReadUlong("port2")); ! server->accounting = accounting; server->timeout = timeout; server->next = NULL; --- 572,576 ---- } server->hostname = hostname; ! server->radius_port = (u_short)regReadUlong("port2"); server->timeout = timeout; server->next = NULL; *************** *** 607,612 **** } server->hostname = hostname; ! server->port = htons((u_short)regReadUlong("port3")); ! server->accounting = accounting; server->timeout = timeout; server->next = NULL; --- 593,597 ---- } server->hostname = hostname; ! server->radius_port = (u_short)regReadUlong("port3"); server->timeout = timeout; server->next = NULL; *************** *** 742,746 **** static int talk_radius(radius_conf_t *conf, AUTH_HDR *request, AUTH_HDR *response, ! char *password, char *old_password) { int salen, total_length; --- 727,731 ---- static int talk_radius(radius_conf_t *conf, AUTH_HDR *request, AUTH_HDR *response, ! char *password, char *old_password, bool accounting) { int salen, total_length; *************** *** 761,765 **** /* only look up IP information as necessary */ ! if ((retval = host2server(server)) != RADIUS_SUCCESS) { DPRINT(EVENTLOG_ERROR_TYPE, --- 746,750 ---- /* only look up IP information as necessary */ ! if ((!modulePrivate.server) && ((retval = host2server(server)) != RADIUS_SUCCESS)) { DPRINT(EVENTLOG_ERROR_TYPE, *************** *** 774,779 **** s_in->sin_family = AF_INET; s_in->sin_addr.s_addr = htonl(server->ip.sin_addr.s_addr); ! s_in->sin_port = server->port; total_length = ntohs(request->length); if (!password) /* make an RFC 2139 p6 request authenticator */ --- 759,765 ---- s_in->sin_family = AF_INET; s_in->sin_addr.s_addr = htonl(server->ip.sin_addr.s_addr); ! s_in->sin_port = accounting ? htons(server->radacct_port) : htons(server->radius_port); total_length = ntohs(request->length); + DPRINT(EVENTLOG_INFORMATION_TYPE, "Trying %s:%hu", inet_ntoa(s_in->sin_addr), ntohs(s_in->sin_port)); if (!password) /* make an RFC 2139 p6 request authenticator */ *************** *** 1077,1081 **** return RADIUS_AUTHINFO_UNAVAIL; ! retval = initialize(&config, FALSE); RADIUS_FAIL_CHECK; --- 1063,1067 ---- return RADIUS_AUTHINFO_UNAVAIL; ! retval = initialize(&config); RADIUS_FAIL_CHECK; *************** *** 1126,1130 **** DPRINT(EVENTLOG_INFORMATION_TYPE, "Sending RADIUS request code %d", request->code); ! retval = talk_radius(&config, request, response, password, NULL); RADIUS_FAIL_CHECK; --- 1112,1116 ---- DPRINT(EVENTLOG_INFORMATION_TYPE, "Sending RADIUS request code %d", request->code); ! retval = talk_radius(&config, request, response, password, NULL, false); RADIUS_FAIL_CHECK; *************** *** 1303,1307 **** return RADIUS_AUTHINFO_UNAVAIL; ! retval = initialize(&config, TRUE); RADIUS_FAIL_CHECK; --- 1289,1293 ---- return RADIUS_AUTHINFO_UNAVAIL; ! retval = initialize(&config); RADIUS_FAIL_CHECK; *************** *** 1353,1357 **** DPRINT(EVENTLOG_INFORMATION_TYPE, "Sending RADIUS request code %d", request->code); ! retval = talk_radius(&config, request, response, NULL, NULL); RADIUS_FAIL_CHECK; --- 1339,1343 ---- DPRINT(EVENTLOG_INFORMATION_TYPE, "Sending RADIUS request code %d", request->code); ! retval = talk_radius(&config, request, response, NULL, NULL, true); RADIUS_FAIL_CHECK; *************** *** 1447,1451 **** return RADIUS_AUTHINFO_UNAVAIL; ! retval = initialize(&config, FALSE); RADIUS_FAIL_CHECK; --- 1433,1437 ---- return RADIUS_AUTHINFO_UNAVAIL; ! retval = initialize(&config); RADIUS_FAIL_CHECK; *************** *** 1473,1477 **** DPRINT(EVENTLOG_INFORMATION_TYPE, "Sending RADIUS request code %d", request->code); ! retval = talk_radius(&config, request, response, password, NULL); RADIUS_FAIL_CHECK; --- 1459,1463 ---- DPRINT(EVENTLOG_INFORMATION_TYPE, "Sending RADIUS request code %d", request->code); ! retval = talk_radius(&config, request, response, password, NULL, false); RADIUS_FAIL_CHECK; *************** *** 1508,1512 **** add_password(request, PW_OLD_PASSWORD, password, password); ! retval = talk_radius(&config, request, response, new_password, password); RADIUS_FAIL_CHECK; --- 1494,1498 ---- add_password(request, PW_OLD_PASSWORD, password, password); ! retval = talk_radius(&config, request, response, new_password, password, false); RADIUS_FAIL_CHECK; Index: Changes.txt =================================================================== RCS file: /cvsroot/pgina/RADIUSplugin/RADIUSplugin/Changes.txt,v retrieving revision 1.8 retrieving revision 1.9 diff -C2 -d -r1.8 -r1.9 *** Changes.txt 11 Mar 2005 14:33:53 -0000 1.8 --- Changes.txt 14 Mar 2005 22:05:34 -0000 1.9 *************** *** 6,9 **** --- 6,18 ---- - Add support for the Message-Authenticator attribute. + 0.2.1 Sun Mar 13 18:01:33 MET 2005 + + Contributed by Holger Weiss: + - Use seperate variables for the "radius" and "radacct" ports in the + radius_server_t structure instead of trying to adjust the port for + accounting requests on the fly. This fixes a bug introduced in 0.2, + where the port for accounting requests wasn't set correctly. Thanks + to Ioan Caltun for reporting the bug. + 0.2 Fri Mar 4 03:40:00 MET 2005 Index: RADIUSauth.h =================================================================== RCS file: /cvsroot/pgina/RADIUSplugin/RADIUSplugin/RADIUSauth.h,v retrieving revision 1.7 retrieving revision 1.8 diff -C2 -d -r1.7 -r1.8 *** RADIUSauth.h 11 Mar 2005 14:33:53 -0000 1.7 --- RADIUSauth.h 14 Mar 2005 22:05:34 -0000 1.8 *************** *** 93,106 **** vendor_attr_t; - typedef struct radius_server_t { struct radius_server_t *next; struct sockaddr_in ip; ! u_short port; char *hostname; char *secret; int timeout; - int accounting; } radius_server_t; --- 93,105 ---- vendor_attr_t; typedef struct radius_server_t { struct radius_server_t *next; struct sockaddr_in ip; ! u_short radius_port; ! u_short radacct_port; char *hostname; char *secret; int timeout; } radius_server_t; |
