* Copyright 2005,2006 TRI-D Systems, Inc.
*/
-static const char rcsid[] = "$Id$";
+#include <freeradius-devel/ident.h>
+RCSID("$Id$")
-#include <autoconf.h>
-#include <radiusd.h>
-#include <modules.h>
+#include <freeradius-devel/radiusd.h>
+#include <freeradius-devel/modules.h>
#include "extern.h"
#include "otp.h"
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <sys/types.h>
-#include <time.h>
-#include <netinet/in.h> /* htonl(), ntohl() */
-
/* Global data */
static unsigned char hmac_key[16]; /* to protect State attribute */
static int ninstance = 0; /* #instances, for global init */
auth_type_found = 0;
if ((vp = pairfind(request->config_items, PW_AUTHTYPE)) != NULL) {
auth_type_found = 1;
- if (strcmp(vp->strvalue, inst->name))
+ if (strcmp(vp->vp_strvalue, inst->name))
return RLM_MODULE_NOOP;
}
}
if (otp_gen_state(state, NULL, challenge, inst->challenge_len, 0,
now, hmac_key) != 0) {
- (void) radlog(L_ERR, "rlm_otp: %s: failed to generate state", __func__);
+ (void) radlog(L_ERR, "rlm_otp: %s: failed to generate radstate",__func__);
return RLM_MODULE_FAIL;
}
pairadd(&request->reply->vps, pairmake("State", state, T_OP_EQ));
__func__);
return RLM_MODULE_INVALID;
}
- username = request->username->strvalue;
+ username = request->username->vp_strvalue;
if ((pwe = otp_pwe_present(request)) == 0) {
(void) radlog(L_AUTH, "rlm_otp: %s: Attribute \"User-Password\" "
e_length = inst->challenge_len * 2 + 8 + 8 + 32; /* see otp_gen_state() */
if (vp->length != e_length) {
- (void) radlog(L_AUTH, "rlm_otp: %s: bad state for [%s]: length",
+ (void) radlog(L_AUTH, "rlm_otp: %s: bad radstate for [%s]: length",
__func__, username);
return RLM_MODULE_INVALID;
}
*/
/* ASCII decode; this is why OTP_MAX_RADSTATE_LEN has +1 */
- (void) memcpy(rad_state, vp->strvalue, vp->length);
+ (void) memcpy(rad_state, vp->vp_strvalue, vp->length);
rad_state[e_length] = '\0';
if (otp_a2x(rad_state, raw_state) == -1) {
- (void) radlog(L_AUTH, "rlm_otp: %s: bad state for [%s]: not hex",
+ (void) radlog(L_AUTH, "rlm_otp: %s: bad radstate for [%s]: not hex",
__func__, username);
return RLM_MODULE_INVALID;
}
/* generate new state from returned input data */
if (otp_gen_state(NULL, state, challenge, inst->challenge_len, 0,
then, hmac_key) != 0) {
- (void) radlog(L_ERR, "rlm_otp: %s: failed to generate state",
+ (void) radlog(L_ERR, "rlm_otp: %s: failed to generate radstate",
__func__);
return RLM_MODULE_FAIL;
}
/* compare generated state against returned state to verify hmac */
- if (memcmp(state, vp->strvalue, vp->length)) {
- (void) radlog(L_AUTH, "rlm_otp: %s: bad state for [%s]: hmac",
+ if (memcmp(state, vp->vp_strvalue, vp->length)) {
+ (void) radlog(L_AUTH, "rlm_otp: %s: bad radstate for [%s]: hmac",
__func__, username);
return RLM_MODULE_REJECT;
}
/* State is valid, but check expiry. */
then = ntohl(then);
if (time(NULL) - then > inst->challenge_delay) {
- (void) radlog(L_AUTH, "rlm_otp: %s: bad state for [%s]: expired",
+ (void) radlog(L_AUTH, "rlm_otp: %s: bad radstate for [%s]: expired",
__func__, username);
return RLM_MODULE_REJECT;
}
{
otp_option_t *inst = (otp_option_t *) instance;
- free(inst->otpd_rp);
- free(inst->chal_prompt);
free(instance);
/*
* Only the main thread instantiates and detaches instances,
* is single-threaded.
*/
module_t rlm_otp = {
+ RLM_MODULE_INIT,
"otp",
RLM_TYPE_THREAD_SAFE, /* type */
- NULL,
otp_instantiate, /* instantiation */
+ otp_detach, /* detach */
{
otp_authenticate, /* authentication */
otp_authorize, /* authorization */
NULL, /* post-proxy */
NULL /* post-auth */
},
- otp_detach, /* detach */
- NULL,
};
projects / freeradius.git / blobdiff