1 /* Copyright 2010, 2011 NORDUnet A/S. All rights reserved.
2 See the file COPYING for licensing information. */
4 #if defined HAVE_CONFIG_H
9 #include <event2/bufferevent.h>
10 #include <radsec/radsec.h>
11 #include <radsec/radsec-impl.h>
18 #include <sys/socket.h>
19 #include <event2/buffer.h>
23 packet_verify_response (struct rs_connection *conn,
24 struct rs_packet *response,
25 struct rs_packet *request)
28 assert (conn->active_peer);
29 assert (conn->active_peer->secret);
31 assert (response->rpkt);
33 assert (request->rpkt);
35 /* Verify header and message authenticator. */
36 if (rad_verify (response->rpkt, request->rpkt, conn->active_peer->secret))
39 return rs_err_conn_push_fl (conn, RSE_FR, __FILE__, __LINE__,
40 "rad_verify: %s", fr_strerror ());
43 /* Decode and decrypt. */
44 if (rad_decode (response->rpkt, request->rpkt, conn->active_peer->secret))
47 return rs_err_conn_push_fl (conn, RSE_FR, __FILE__, __LINE__,
48 "rad_decode: %s", fr_strerror ());
55 /* Badly named function for preparing a RADIUS message and queue it.
58 packet_do_send (struct rs_packet *pkt)
60 VALUE_PAIR *vp = NULL;
64 /* Add Message-Authenticator, RFC 2869. */
65 /* FIXME: Make Message-Authenticator optional? */
66 vp = paircreate (PW_MESSAGE_AUTHENTICATOR, PW_TYPE_OCTETS);
68 return rs_err_conn_push_fl (pkt->conn, RSE_FR, __FILE__, __LINE__,
69 "paircreate: %s", fr_strerror ());
70 pairadd (&pkt->rpkt->vps, vp);
72 if (rad_encode (pkt->rpkt, NULL, pkt->conn->active_peer->secret))
73 return rs_err_conn_push_fl (pkt->conn, RSE_FR, __FILE__, __LINE__,
74 "rad_encode: %s", fr_strerror ());
75 if (rad_sign (pkt->rpkt, NULL, pkt->conn->active_peer->secret))
76 return rs_err_conn_push_fl (pkt->conn, RSE_FR, __FILE__, __LINE__,
77 "rad_sign: %s", fr_strerror ());
80 char host[80], serv[80];
82 getnameinfo (pkt->conn->active_peer->addr->ai_addr,
83 pkt->conn->active_peer->addr->ai_addrlen,
84 host, sizeof(host), serv, sizeof(serv),
85 0 /* NI_NUMERICHOST|NI_NUMERICSERV*/);
86 rs_debug (("%s: about to send this to %s:%s:\n", __func__, host, serv));
91 /* Put message in output buffer. */
92 if (pkt->conn->bev) /* TCP. */
94 int err = bufferevent_write (pkt->conn->bev, pkt->rpkt->data,
97 return rs_err_conn_push_fl (pkt->conn, RSE_EVENT, __FILE__, __LINE__,
98 "bufferevent_write: %s",
99 evutil_gai_strerror (err));
103 struct rs_packet **pp = &pkt->conn->out_queue;
105 while (*pp && (*pp)->next)
109 conn_activate_timeout (pkt->conn); /* Retransmission timer. */
115 /* Public functions. */
117 rs_packet_create (struct rs_connection *conn, struct rs_packet **pkt_out)
124 rpkt = rad_alloc (1);
126 return rs_err_conn_push (conn, RSE_NOMEM, __func__);
127 rpkt->id = conn->nextid++;
129 p = (struct rs_packet *) malloc (sizeof (struct rs_packet));
133 return rs_err_conn_push (conn, RSE_NOMEM, __func__);
135 memset (p, 0, sizeof (struct rs_packet));
144 rs_packet_create_authn_request (struct rs_connection *conn,
145 struct rs_packet **pkt_out,
146 const char *user_name, const char *user_pw)
148 struct rs_packet *pkt;
149 struct rs_attr *attr;
151 if (rs_packet_create (conn, pkt_out))
154 pkt->rpkt->code = PW_AUTHENTICATION_REQUEST;
158 if (rs_attr_create (conn, &attr, "User-Name", user_name))
160 rs_packet_add_attr (pkt, attr);
164 if (rs_attr_create (conn, &attr, "User-Password", user_pw))
166 rs_packet_add_attr (pkt, attr);
174 rs_packet_add_attr (struct rs_packet *pkt, struct rs_attr *attr)
176 pairadd (&pkt->rpkt->vps, attr->vp);
180 struct radius_packet *
181 rs_packet_frpkt (struct rs_packet *pkt)
188 rs_packet_destroy (struct rs_packet *pkt)
192 // FIXME: memory leak! TODO: free all attributes
193 rad_free (&pkt->rpkt);
194 rs_free (pkt->conn->ctx, pkt);
projects / radsecproxy.git / blob