6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 2 of the License, or
9 * (at your option) any later version.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
20 * Copyright 2010 Phil Mayers <p.mayers@imperial.ac.uk>
23 #include <freeradius-devel/ident.h>
26 #include <freeradius-devel/radiusd.h>
27 #include <freeradius-devel/modules.h>
28 #include <freeradius-devel/dhcp.h>
29 #include <freeradius-devel/soh.h>
32 typedef struct rlm_soh_t {
33 const char *xlat_name;
39 * Not sure how to make this useful yet...
41 static size_t soh_xlat(void *instance, REQUEST *request, char *fmt, char *out, size_t outlen, RADIUS_ESCAPE_STRING func) {
44 char buf[256], *osvendor, *osname;
45 rlm_soh_t *inst = instance;
48 func = func; /* -Wunused */
50 /* there will be no point unless SoH-Supported = yes
52 * FIXME: should have a #define for the attribute...
53 * SoH-Supported == 2119 in dictionary.freeradius.internal
55 vp[0] = pairfind(request->packet->vps, 2119);
60 if (strncasecmp(fmt, "OS", 2) == 0) {
62 vp[0] = pairfind(request->packet->vps, 2100);
63 vp[1] = pairfind(request->packet->vps, 2101);
64 vp[2] = pairfind(request->packet->vps, 2102);
65 vp[3] = pairfind(request->packet->vps, 2103);
66 vp[4] = pairfind(request->packet->vps, 2104);
67 vp[5] = pairfind(request->packet->vps, 2105);
69 if (vp[0] && vp[0]->vp_integer == 311) {
71 snprintf(out, outlen, "Windows unknown");
73 switch (vp[1]->vp_integer) {
87 snprintf(out, outlen, "Windows %s %d.%d.%d sp %d.%d", osname, vp[1]->vp_integer,
88 vp[2] ? vp[2]->vp_integer : 0,
89 vp[3] ? vp[3]->vp_integer : 0,
90 vp[4] ? vp[4]->vp_integer : 0,
91 vp[5] ? vp[5]->vp_integer : 0
102 static const CONF_PARSER module_config[] = {
106 { "dhcp", PW_TYPE_BOOLEAN, offsetof(rlm_soh_t,dhcp), NULL, "no" },
108 { NULL, -1, 0, NULL, NULL } /* end the list */
111 static int soh_detach(void *instance) {
112 rlm_soh_t *inst = instance;
114 if (inst->xlat_name) {
115 xlat_unregister(inst->xlat_name, soh_xlat);
116 free(inst->xlat_name);
122 static int soh_instantiate(CONF_SECTION *conf, void **instance) {
125 inst = *instance = rad_malloc(sizeof(*inst));
129 memset(inst, 0, sizeof(*inst));
131 if (cf_section_parse(conf, inst, module_config) < 0) {
136 inst->xlat_name = cf_section_name2(conf);
137 if (!inst->xlat_name) inst->xlat_name = cf_section_name1(conf);
138 inst->xlat_name = strdup(inst->xlat_name);
139 xlat_register(inst->xlat_name, soh_xlat, inst);
144 static int soh_postauth(void * instance, REQUEST *request) {
145 rlm_soh_t *inst = instance;
146 VALUE_PAIR *vp, *sohvp;
150 vp = pairfind(request->packet->vps, DHCP2ATTR(43));
153 * vendor-specific options contain
155 * vendor opt 220/0xdc - SoH payload, or null byte to probe, or string
156 * "NAP" to indicate server-side support for SoH in OFFERs
158 * vendor opt 222/0xde - SoH correlation ID as utf-16 string, yuck...
160 uint8_t vopt, vlen, *data;
162 data = vp->vp_octets;
163 while (data < vp->vp_octets + vp->length) {
169 RDEBUG("SoH adding NAP marker to DHCP reply");
170 /* client probe; send "NAP" in the reply */
171 vp = paircreate(DHCP2ATTR(43), PW_TYPE_OCTETS);
172 vp->vp_octets[0] = 220;
173 vp->vp_octets[1] = 3;
174 vp->vp_octets[4] = 'N';
175 vp->vp_octets[3] = 'A';
176 vp->vp_octets[2] = 'P';
179 pairadd(&request->reply->vps, vp);
182 RDEBUG("SoH decoding NAP from DHCP request");
184 soh_verify(request, request->packet->vps, data, vlen);
193 return RLM_MODULE_OK;
196 return RLM_MODULE_NOOP;
199 static int soh_authorize(void * instance, REQUEST *request) {
200 rlm_soh_t *inst = instance;
201 VALUE_PAIR *vp, *sohvp;
204 /* try to find the MS-SoH payload */
205 vp = pairfind(request->packet->vps, (311 | 16) | 55);
207 RDEBUG("SoH radius VP not found");
208 return RLM_MODULE_NOOP;
211 RDEBUG("SoH radius VP found");
213 rv = soh_verify(request, request->packet->vps, vp->vp_strvalue, vp->length);
215 return RLM_MODULE_OK;
221 RLM_TYPE_THREAD_SAFE, /* type */
222 soh_instantiate, /* instantiation */
223 soh_detach, /* detach */
225 NULL, /* authenticate */
226 soh_authorize, /* authorize */
227 NULL, /* pre-accounting */
228 NULL, /* accounting */
229 NULL, /* checksimul */
230 NULL, /* pre-proxy */
231 NULL, /* post-proxy */
232 soh_postauth /* post-auth */