1 /* Copyright 2010, 2011 NORDUnet A/S. All rights reserved.
2 See the file COPYING for licensing information. */
4 #if defined HAVE_CONFIG_H
9 #include <event2/bufferevent.h>
10 #include <radsec/radsec.h>
11 #include <radsec/radsec-impl.h>
18 #include <sys/socket.h>
19 #include <event2/buffer.h>
23 packet_verify_response (struct rs_connection *conn,
24 struct rs_packet *response,
25 struct rs_packet *request)
28 assert (conn->active_peer);
29 assert (conn->active_peer->secret);
31 assert (response->rpkt);
33 assert (request->rpkt);
35 /* Verify header and message authenticator. */
36 if (rad_verify (response->rpkt, request->rpkt, conn->active_peer->secret))
39 return rs_err_conn_push_fl (conn, RSE_FR, __FILE__, __LINE__,
40 "rad_verify: %s", fr_strerror ());
43 /* Decode and decrypt. */
44 if (rad_decode (response->rpkt, request->rpkt, conn->active_peer->secret))
47 return rs_err_conn_push_fl (conn, RSE_FR, __FILE__, __LINE__,
48 "rad_decode: %s", fr_strerror ());
55 /* Badly named function for preparing a RADIUS message and queue it.
58 packet_do_send (struct rs_packet *pkt)
60 VALUE_PAIR *vp = NULL;
64 /* Add Message-Authenticator, RFC 2869. */
65 /* FIXME: Make Message-Authenticator optional? */
66 vp = paircreate (PW_MESSAGE_AUTHENTICATOR, PW_TYPE_OCTETS);
68 return rs_err_conn_push_fl (pkt->conn, RSE_FR, __FILE__, __LINE__,
69 "paircreate: %s", fr_strerror ());
70 pairadd (&pkt->rpkt->vps, vp);
72 if (rad_encode (pkt->rpkt, NULL, pkt->conn->active_peer->secret))
73 return rs_err_conn_push_fl (pkt->conn, RSE_FR, __FILE__, __LINE__,
74 "rad_encode: %s", fr_strerror ());
75 if (rad_sign (pkt->rpkt, NULL, pkt->conn->active_peer->secret))
76 return rs_err_conn_push_fl (pkt->conn, RSE_FR, __FILE__, __LINE__,
77 "rad_sign: %s", fr_strerror ());
80 char host[80], serv[80];
82 getnameinfo (pkt->conn->active_peer->addr->ai_addr,
83 pkt->conn->active_peer->addr->ai_addrlen,
84 host, sizeof(host), serv, sizeof(serv),
85 0 /* NI_NUMERICHOST|NI_NUMERICSERV*/);
86 rs_debug (("%s: about to send this to %s:%s:\n", __func__, host, serv));
93 int err = bufferevent_write (pkt->conn->bev, pkt->rpkt->data,
96 return rs_err_conn_push_fl (pkt->conn, RSE_EVENT, __FILE__, __LINE__,
97 "bufferevent_write: %s",
98 evutil_gai_strerror (err));
102 struct rs_packet **pp = &pkt->conn->out_queue;
104 while (*pp && (*pp)->next)
112 /* Public functions. */
114 rs_packet_create (struct rs_connection *conn, struct rs_packet **pkt_out)
121 rpkt = rad_alloc (1);
123 return rs_err_conn_push (conn, RSE_NOMEM, __func__);
124 rpkt->id = conn->nextid++;
126 p = (struct rs_packet *) malloc (sizeof (struct rs_packet));
130 return rs_err_conn_push (conn, RSE_NOMEM, __func__);
132 memset (p, 0, sizeof (struct rs_packet));
141 rs_packet_create_authn_request (struct rs_connection *conn,
142 struct rs_packet **pkt_out,
143 const char *user_name, const char *user_pw)
145 struct rs_packet *pkt;
146 struct rs_attr *attr;
148 if (rs_packet_create (conn, pkt_out))
151 pkt->rpkt->code = PW_AUTHENTICATION_REQUEST;
155 if (rs_attr_create (conn, &attr, "User-Name", user_name))
157 rs_packet_add_attr (pkt, attr);
161 if (rs_attr_create (conn, &attr, "User-Password", user_pw))
163 rs_packet_add_attr (pkt, attr);
171 rs_packet_add_attr (struct rs_packet *pkt, struct rs_attr *attr)
173 pairadd (&pkt->rpkt->vps, attr->vp);
177 struct radius_packet *
178 rs_packet_frpkt (struct rs_packet *pkt)
185 rs_packet_destroy (struct rs_packet *pkt)
189 // FIXME: memory leak! TODO: free all attributes
190 rad_free (&pkt->rpkt);
191 rs_free (pkt->conn->ctx, pkt);