* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
*
*
- * Copyright 2006 TRI-D Systems, Inc.
+ * Copyright 2006,2007 TRI-D Systems, Inc.
*/
#include <freeradius-devel/ident.h>
RCSID("$Id$")
-#include "autoconf.h"
-#include "radiusd.h
-#include "modules.h"
+#include <freeradius-devel/radiusd.h>
+#include <freeradius-devel/modules.h>
#include "extern.h"
#include "otp.h"
#include "otp_pw_valid.h"
-#include <errno.h>
+#ifdef HAVE_PTHREAD_H
#include <pthread.h>
-#include <stdlib.h>
-#include <string.h>
-#include <sys/types.h>
-#include <sys/socket.h>
+#endif
#include <sys/un.h>
-#include <unistd.h>
/* transform otpd return codes into rlm return codes */
otprc2rlmrc(int rc)
{
switch (rc) {
- case OTP_RC_OK: return RLM_MODULE_OK;
- case OTP_RC_USER_UNKNOWN: return RLM_MODULE_REJECT;
- case OTP_RC_AUTHINFO_UNAVAIL: return RLM_MODULE_REJECT;
- case OTP_RC_AUTH_ERR: return RLM_MODULE_REJECT;
- case OTP_RC_MAXTRIES: return RLM_MODULE_USERLOCK;
- case OTP_RC_SERVICE_ERR: return RLM_MODULE_FAIL;
- default: return RLM_MODULE_FAIL;
+ case OTP_RC_OK: return RLM_MODULE_OK;
+ case OTP_RC_USER_UNKNOWN: return RLM_MODULE_REJECT;
+ case OTP_RC_AUTHINFO_UNAVAIL: return RLM_MODULE_REJECT;
+ case OTP_RC_AUTH_ERR: return RLM_MODULE_REJECT;
+ case OTP_RC_MAXTRIES: return RLM_MODULE_USERLOCK;
+ case OTP_RC_NEXTPASSCODE: return RLM_MODULE_USERLOCK;
+ case OTP_RC_IPIN: return RLM_MODULE_REJECT;
+ case OTP_RC_SERVICE_ERR: return RLM_MODULE_FAIL;
+ default: return RLM_MODULE_FAIL;
}
}
otp_request_t otp_request;
otp_reply_t otp_reply;
VALUE_PAIR *cvp, *rvp;
- char *username = request->username->strvalue;
+ char *username = request->username->vp_strvalue;
int rc;
if (request->username->length > OTP_MAX_USERNAME_LEN) {
otp_request.pwe.pwe = pwe;
/* otp_pwe_present() (done by caller) guarantees that both of these exist */
- cvp = pairfind(request->packet->vps, pwattr[pwe - 1]);
- rvp = pairfind(request->packet->vps, pwattr[pwe]);
+ cvp = pairfind(request->packet->vps, pwattr[pwe - 1]->attr, pwattr[pwe - 1]->vendor);
+ rvp = pairfind(request->packet->vps, pwattr[pwe]->attr, pwattr[pwe]->vendor);
/* this is just to quiet Coverity */
if (!rvp || !cvp)
return RLM_MODULE_REJECT;
(void) radlog(L_AUTH, "rlm_otp: passcode for [%s] too long", username);
return RLM_MODULE_REJECT;
}
- (void) strcpy(otp_request.pwe.u.pap.passcode, rvp->strvalue);
+ (void) strcpy(otp_request.pwe.u.pap.passcode, rvp->vp_strvalue);
break;
case PWE_CHAP:
username);
return RLM_MODULE_INVALID;
}
- (void) memcpy(otp_request.pwe.u.chap.challenge, cvp->strvalue,
+ (void) memcpy(otp_request.pwe.u.chap.challenge, cvp->vp_strvalue,
cvp->length);
otp_request.pwe.u.chap.clen = cvp->length;
- (void) memcpy(otp_request.pwe.u.chap.response, rvp->strvalue,
+ (void) memcpy(otp_request.pwe.u.chap.response, rvp->vp_strvalue,
rvp->length);
otp_request.pwe.u.chap.rlen = rvp->length;
break;
username);
return RLM_MODULE_INVALID;
}
- (void) memcpy(otp_request.pwe.u.chap.challenge, cvp->strvalue,
+ (void) memcpy(otp_request.pwe.u.chap.challenge, cvp->vp_strvalue,
cvp->length);
otp_request.pwe.u.chap.clen = cvp->length;
- (void) memcpy(otp_request.pwe.u.chap.response, rvp->strvalue,
+ (void) memcpy(otp_request.pwe.u.chap.response, rvp->vp_strvalue,
rvp->length);
otp_request.pwe.u.chap.rlen = rvp->length;
break;
username);
return RLM_MODULE_INVALID;
}
- (void) memcpy(otp_request.pwe.u.chap.challenge, cvp->strvalue,
+ (void) memcpy(otp_request.pwe.u.chap.challenge, cvp->vp_strvalue,
cvp->length);
otp_request.pwe.u.chap.clen = cvp->length;
- (void) memcpy(otp_request.pwe.u.chap.response, rvp->strvalue,
+ (void) memcpy(otp_request.pwe.u.chap.response, rvp->vp_strvalue,
rvp->length);
otp_request.pwe.u.chap.rlen = rvp->length;
break;
if (!fdp || fdp->fd == -1)
return -1;
- if ((rc = otp_write(fdp, (const char *) request, sizeof(*request))) != 0) {
- if (rc == EPIPE)
+ if ((rc = otp_write(fdp, (const char *) request, sizeof(*request))) != sizeof(*request)) {
+ if (rc == 0)
goto retry; /* otpd disconnect */ /*TODO: pause */
else
return -1;
while (nleft) {
if ((nwrote = write(fdp->fd, &buf[len - nleft], nleft)) == -1) {
- if (errno == EINTR || errno == EPIPE) {
+ if (errno == EINTR) {
continue;
} else {
(void) radlog(L_ERR, "rlm_otp: %s: write to otpd: %s",