4 #include <freeradius-devel/ident.h>
5 #include <freeradius-devel/radiusd.h>
6 #include <freeradius-devel/modules.h>
7 #include <freeradius-devel/rad_assert.h>
11 #define SAFE_STR(s) s==NULL?"EMPTY":s
15 NEXT_CODE_REQUIRED_STATE = 100,
16 NEW_PIN_REQUIRED_STATE = 200,
17 NEW_PIN_USER_CONFIRM_STATE = 201,
18 NEW_PIN_AUTH_VALIDATE_STATE = 202
20 SECURID_SESSION_STATE;
23 * SECURID_SESSION is used to identify existing securID sessions
24 * to continue Next-Token code and New-Pin conversations with a client
26 * next = pointer to next
27 * state = state attribute from the reply we sent
28 * state_len = length of data in the state attribute.
29 * src_ipaddr = client which sent us the RADIUS request containing
30 * this SecurID conversation.
31 * timestamp = timestamp when this handler was last used.
32 * trips = number of trips
33 * identity = Identity of the user
34 * request = RADIUS request data structure
37 #define SECURID_STATE_LEN 32
38 typedef struct _securid_session_t {
39 struct _securid_session_t *prev, *next;
41 SECURID_SESSION_STATE securidSessionState;
43 uint8_t state[SECURID_STATE_LEN];
45 fr_ipaddr_t src_ipaddr;
47 unsigned int session_id;
50 char *pin; /* previous pin if user entered it during NEW-PIN mode process */
51 char *identity; /* save user's identity name for future use */
57 * Define a structure for our module configuration.
59 * These variables do not need to be in a structure, but it's
60 * a lot cleaner to do so, and a pointer to the structure can
61 * be used as the instance handle.
62 * sessions = remembered sessions, in a tree for speed.
63 * mutex = ensure only one thread is updating the sessions list
65 typedef struct rlm_securid_t {
66 pthread_mutex_t session_mutex;
67 rbtree_t* session_tree;
68 SECURID_SESSION *session_head, *session_tail;
70 unsigned int last_session_id;
73 * Configuration items.
77 int max_trips_per_session;
80 /* Memory Management */
81 SECURID_SESSION* securid_session_alloc(void);
82 void securid_session_free(rlm_securid_t *inst, REQUEST *request,SECURID_SESSION *session);
84 void securid_sessionlist_free(rlm_securid_t *inst,REQUEST *request);
86 int securid_sessionlist_add(rlm_securid_t *inst, REQUEST *request, SECURID_SESSION *session);
87 SECURID_SESSION* securid_sessionlist_find(rlm_securid_t *inst, REQUEST *request);