Maxim,
I like the changes, feel free to commit auth_radius, group_radius, and uri_radius patches.
Regarding acc module, Jiri is the maintainer so he should say yes/no.
I would like to ask you for one more thing, please update the ser-radius howto as well once you commit. Just a short note at the beginning that your version of radius library is required and where peope can get it should be enough.
thanks, Jan.
On 09-12 15:14, Maxim Sobolev wrote:
Attached please find final version of the patch, which converts all radius modules to radiusclient-ng. Please note that just released radiusclient-0.4.0.b2 is required for this version of the patch, it can be downloaded here: https://developer.berlios.de/project/showfiles.php?group_id=1208.
I would like to get a permission to commit this patch.
Thanks!
-Maxim
Maxim Sobolev wrote:
Patch for auth_radius/acc modules is attached. I've changed the way attribute codes are looked up - instead of hardcoding their values into compile-time constants, dictionary lookup is now used. Also, I've added Cisco-like call-id attribute into auth requests, which demonstrates usage of VSA attributes.
Any comments are highly appreciated! Please note that radiusclient 0.4.0.b1 is required to run those patches.
-Maxim
Maxim Sobolev wrote:
New beta release is available, main changes:
All static storage is removed from the library to make it re-entrant;
support for VSA attributes added;
support for $INCLUDE directive in dictionary file added;
style: remove all typecasts for NULL, convert all return statements
to a single style.
You can download it here: http://developer.berlios.de/project/showfiles.php?group_id=1208.
Tomorrow I'll post my patches for SER to make it work with new radiusclient.
Enjoy! Let me know if there any bugs or problems with this version.
-Maxim
Serusers mailing list serusers@lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers
? acc/a ? acc/c ? acc/dict.h,v Index: acc/Makefile =================================================================== RCS file: /cvsroot/ser/sip_router/modules/acc/Makefile,v retrieving revision 1.17 diff -d -u -d -u -r1.17 Makefile --- acc/Makefile 2003/12/05 14:30:23 1.17 +++ acc/Makefile 2003/12/09 12:19:24 @@ -14,7 +14,7 @@ #DEFS+=-DSQL_ACC
# uncomment the next two lines if you wish to enable RADIUS accounting -#DEFS+=-DRAD_ACC +#DEFS+=-DRAD_ACC -I$(LOCALBASE)/include
# uncomment the next two lines if you wish to enable DIAMETER accounting #DEFS+=-DDIAM_ACC Index: acc/acc.c =================================================================== RCS file: /cvsroot/ser/sip_router/modules/acc/acc.c,v retrieving revision 1.20 diff -d -u -d -u -r1.20 acc.c --- acc/acc.c 2003/11/24 19:18:21 1.20 +++ acc/acc.c 2003/12/09 12:19:24 @@ -72,9 +72,9 @@
#ifdef RAD_ACC /* caution: keep these aligned to RAD_ACC_FMT !! */ -static int rad_attr[] = { PW_CALLING_STATION_ID, PW_CALLED_STATION_ID,
- PW_SIP_TRANSLATED_REQ_ID, PW_ACCT_SESSION_ID, PW_SIP_TO_TAG,
- PW_SIP_FROM_TAG, PW_SIP_CSEQ };
+static int rad_attr[] = { A_CALLING_STATION_ID, A_CALLED_STATION_ID,
- A_SIP_TRANSLATED_REQUEST_URI, A_ACCT_SESSION_ID, A_SIP_TO_TAG,
- A_SIP_FROM_TAG, A_SIP_CSEQ };
#endif
#ifdef DIAM_ACC @@ -551,14 +551,14 @@
code=phrase2code(phrase); if (code==0)
return PW_STATUS_FAILED;
return vals[V_STATUS_FAILED].v;
return PW_STATUS_START;
return vals[V_STATUS_START].v;
return PW_STATUS_STOP;- return PW_STATUS_FAILED;
return vals[V_STATUS_STOP].v;- return vals[V_STATUS_FAILED].v;
}
int acc_rad_request( struct sip_msg *rq, struct hdr_field *to, @@ -594,28 +594,28 @@ }
av_type=rad_status(rq, phrase);
- if (!rc_avpair_add(&send, PW_ACCT_STATUS_TYPE, &av_type,0)) {
- if (!rc_avpair_add(rh, &send, attrs[A_ACCT_STATUS_TYPE].v, &av_type,0, 0)) { LOG(L_ERR, "ERROR: acc_rad_request: add STATUS_TYPE\n"); goto error; }
- av_type=service_type;
- if (!rc_avpair_add(&send, PW_SERVICE_TYPE, &av_type,0)) {
- av_type=vals[V_SIP_SESSION].v;
- if (!rc_avpair_add(rh, &send, attrs[A_SERVICE_TYPE].v, &av_type,0, 0)) { LOG(L_ERR, "ERROR: acc_rad_request: add STATUS_TYPE\n"); goto error; } av_type=phrase2code(phrase); /* status=integer */ /* if (phrase.len<3) c=nullcode; else { memcpy(ccode, phrase.s, 3); ccode[3]=0;c=nullcode;} */
- if (!rc_avpair_add(&send, PW_SIP_RESPONSE_CODE, &av_type,0)) {
- if (!rc_avpair_add(rh, &send, attrs[A_SIP_RESPONSE_CODE].v, &av_type,0, 0)) { LOG(L_ERR, "ERROR: acc_rad_request: add RESPONSE_CODE\n"); goto error; } av_type=rq->REQ_METHOD;
- if (!rc_avpair_add(&send, PW_SIP_METHOD, &av_type,0)) {
- if (!rc_avpair_add(rh, &send, attrs[A_SIP_METHOD].v, &av_type,0, 0)) { LOG(L_ERR, "ERROR: acc_rad_request: add SIP_METHOD\n"); goto error; }
/* Handle PW_USER_NAME as a special case */
/* Handle User-Name as a special case */@@ -629,10 +629,10 @@ memcpy(user_name.s, user->s, user->len); user_name.s[user->len] = '@'; memcpy(user_name.s+user->len+1, realm->s, realm->len);
if (!rc_avpair_add(&send, PW_USER_NAME,user_name.s, user_name.len)) {
if (!rc_avpair_add(rh, &send, attrs[A_USER_NAME].v,user_name.s, user_name.len, 0)) { LOG(L_ERR, "ERROR: acc_rad_request: rc_avpaid_add "
"failed for %d\n", PW_USER_NAME );
"failed for %d\n", attrs[A_USER_NAME].v ); pkg_free(user_name.s); goto error; }@@ -640,10 +640,10 @@ } else { user_name.len = user->len; user_name.s = user->s;
if (!rc_avpair_add(&send, PW_USER_NAME,user_name.s, user_name.len)) {
if (!rc_avpair_add(rh, &send, attrs[A_USER_NAME].v,user_name.s, user_name.len, 0)) { LOG(L_ERR, "ERROR: acc_rad_request: rc_avpaid_add "
"failed for %d\n", PW_USER_NAME );
"failed for %d\n", attrs[A_USER_NAME].v ); goto error; }@@ -662,10 +662,10 @@ memcpy(user_name.s, puri.user.s, puri.user.len); user_name.s[puri.user.len] = '@'; memcpy(user_name.s+puri.user.len+1, puri.host.s, puri.host.len);
if (!rc_avpair_add(&send, PW_USER_NAME,user_name.s, user_name.len)) {
if (!rc_avpair_add(rh, &send, attrs[A_USER_NAME].v,user_name.s, user_name.len, 0)) { LOG(L_ERR, "ERROR: acc_rad_request: rc_avpaid_add "
"failed for %d\n", PW_USER_NAME );
"failed for %d\n", attrs[A_USER_NAME].v ); pkg_free(user_name.s); goto error; }@@ -673,25 +673,25 @@ } else { user_name.len = na.len; user_name.s = na.s;
if (!rc_avpair_add(&send, PW_USER_NAME,user_name.s, user_name.len)) {
if (!rc_avpair_add(rh, &send, attrs[A_USER_NAME].v,user_name.s, user_name.len, 0)) { LOG(L_ERR, "ERROR: acc_rad_request: rc_avpaid_add "
"failed for %d\n", PW_USER_NAME );
"failed for %d\n", attrs[A_USER_NAME].v ); goto error; }
if (!rc_avpair_add(&send, rad_attr[i],val_arr[i]->s,val_arr[i]->len)) {
if (!rc_avpair_add(rh, &send, attrs[rad_attr[i]].v,val_arr[i]->s,val_arr[i]->len, 0)) { LOG(L_ERR, "ERROR: acc_rad_request: rc_avpaid_add "
"failed for %d\n", rad_attr[i] );
"failed for %s\n", attrs[rad_attr[i]].n ); goto error;
- if (rc_acct(SIP_PORT, send)!=OK_RC) {
- if (rc_acct(rh, SIP_PORT, send)!=OK_RC) { LOG(L_ERR, "ERROR: acc_rad_request: radius-ing failed\n"); goto error; }
Index: acc/acc.h
RCS file: /cvsroot/ser/sip_router/modules/acc/acc.h,v retrieving revision 1.11 diff -d -u -d -u -r1.11 acc.h --- acc/acc.h 2003/11/24 19:18:21 1.11 +++ acc/acc.h 2003/12/09 12:19:24 @@ -100,7 +100,8 @@
#ifdef RAD_ACC -extern int service_type; +extern struct attr attrs[]; +extern struct val vals[]; #endif
Index: acc/acc_mod.c
RCS file: /cvsroot/ser/sip_router/modules/acc/acc_mod.c,v retrieving revision 1.31 diff -d -u -d -u -r1.31 acc_mod.c --- acc/acc_mod.c 2003/12/05 14:30:23 1.31 +++ acc/acc_mod.c 2003/12/09 12:19:24 @@ -107,10 +107,13 @@ int log_level=L_NOTICE; char *log_fmt=DEFAULT_LOG_FMT; #ifdef RAD_ACC -char *radius_config = "/usr/local/etc/radiusclient/radiusclient.conf"; +static char *radius_config = "/usr/local/etc/radiusclient/radiusclient.conf"; int radius_flag = 0; int radius_missed_flag = 0; -int service_type = PW_SIP_SESSION; +static int service_type = -1; +void *rh; +struct attr attrs[A_MAX]; +struct val vals[V_MAX]; #endif
/* DIAMETER */ @@ -312,19 +315,43 @@ #endif
#ifdef RAD_ACC
- memset(attrs, 0, sizeof(attrs));
- memset(attrs, 0, sizeof(vals));
- attrs[A_CALLING_STATION_ID].n = "Calling-Station-Id";
- attrs[A_CALLED_STATION_ID].n = "Called-Station-Id";
- attrs[A_SIP_TRANSLATED_REQUEST_URI].n = "Sip-Translated-Request-URI";
- attrs[A_ACCT_SESSION_ID].n = "Acct-Session-Id";
- attrs[A_SIP_TO_TAG].n = "Sip-To-Tag";
- attrs[A_SIP_FROM_TAG].n = "Sip-From-Tag";
- attrs[A_SIP_CSEQ].n = "Sip-CSeq";
- attrs[A_ACCT_STATUS_TYPE].n = "Acct-Status-Type";
- attrs[A_SERVICE_TYPE].n = "Service-Type";
- attrs[A_SIP_RESPONSE_CODE].n = "Sip-Response-Code";
- attrs[A_SIP_METHOD].n = "Sip-Method";
- attrs[A_USER_NAME].n = "User-Name";
- vals[V_STATUS_START].n = "Start";
- vals[V_STATUS_STOP].n = "Stop";
- vals[V_STATUS_FAILED].n = "Failed";
- vals[V_SIP_SESSION].n = "Sip-Session";
- /* open log */ rc_openlog("ser"); /* read config */
- if (rc_read_config(radius_config)!=0) {
- if ((rh = rc_read_config(radius_config)) == NULL) { LOG(L_ERR, "ERROR: acc: error opening radius config file: %s\n", radius_config ); return -1; } /* read dictionary */
- if (rc_read_dictionary(rc_conf_str("dictionary"))!=0) {
- if (rc_read_dictionary(rh, rc_conf_str(rh, "dictionary"))!=0) { LOG(L_ERR, "ERROR: acc: error reading radius dictionary\n"); return -1; }
- INIT_AV(rh, attrs, vals, "acc", -1, -1);
- if (service_type != -1)
vals[V_SIP_SESSION].v = service_type;#endif
return 0; Index: acc/acc_mod.h =================================================================== RCS file: /cvsroot/ser/sip_router/modules/acc/acc_mod.h,v retrieving revision 1.11 diff -d -u -d -u -r1.11 acc_mod.h --- acc/acc_mod.h 2003/11/24 19:18:21 1.11 +++ acc/acc_mod.h 2003/12/09 12:19:24 @@ -53,7 +53,7 @@ #ifdef RAD_ACC extern int radius_flag; extern int radius_missed_flag; -extern int service_type; +extern void *rh; #endif
#ifdef DIAM_ACC Index: acc/dict.h =================================================================== RCS file: /cvsroot/ser/sip_router/modules/acc/dict.h,v retrieving revision 1.3 diff -d -u -d -u -r1.3 dict.h --- acc/dict.h 2003/09/11 21:53:36 1.3 +++ acc/dict.h 2003/12/09 12:19:24 @@ -34,17 +34,84 @@ #ifndef _DICT_H #define _DICT_H
-#define PW_SIP_METHOD 101 /* integer */ -#define PW_SIP_RESPONSE_CODE 102 /* integer */ -#define PW_SIP_CSEQ 103 /* string */ -#define PW_SIP_TO_TAG 104 /* string */ -#define PW_SIP_FROM_TAG 105 /* string */ -#define PW_SIP_BRANCH_ID 106 /* string -- Not used */ -#define PW_SIP_TRANSLATED_REQ_ID 107 /* string */ -#define PW_SIP_SOURCE_IP_ADDRESS 108 /* ipaddr -- Not used */ -#define PW_SIP_SOURCE_PORT 109 /* integer -- Not used */ +struct attr {
- const char *n;
- int v;
+};
-#define PW_SIP_SESSION 15 /* SIP service-type */ -#define PW_STATUS_FAILED 15 +struct val {
- const char *n;
- int v;
+};
+#define A_USER_NAME 0 +#define A_SERVICE_TYPE 1 +#define A_CALLED_STATION_ID 2 +#define A_CALLING_STATION_ID 3 +#define A_ACCT_STATUS_TYPE 4 +#define A_ACCT_SESSION_ID 5 +#define A_SIP_METHOD 6 +#define A_SIP_RESPONSE_CODE 7 +#define A_SIP_CSEQ 8 +#define A_SIP_TO_TAG 9 +#define A_SIP_FROM_TAG 10 +#define A_SIP_TRANSLATED_REQUEST_URI 11 +#define A_DIGEST_RESPONSE 12 +#define A_DIGEST_ATTRIBUTES 13 +#define A_SIP_URI_USER 14 +#define A_SIP_RPID 15 +#define A_DIGEST_REALM 16 +#define A_DIGEST_NONCE 17 +#define A_DIGEST_METHOD 18 +#define A_DIGEST_URI 19 +#define A_DIGEST_QOP 20 +#define A_DIGEST_ALGORITHM 21 +#define A_DIGEST_BODY_DIGEST 22 +#define A_DIGEST_CNONCE 23 +#define A_DIGEST_NONCE_COUNT 24 +#define A_DIGEST_USER_NAME 25 +#define A_SIP_GROUP 26 +#define A_CISCO_AVPAIR 27 +#define A_MAX 27
+#define V_STATUS_START 0 +#define V_STATUS_STOP 1 +#define V_STATUS_FAILED 2 +#define V_CALL_CHECK 3 +#define V_EMERGENCY_CALL 4 +#define V_SIP_SESSION 5 +#define V_GROUP_CHECK 6 +#define V_MAX 6
+#define INIT_AV(rh, at, vl, fn, e1, e2) \ +{ \
- int i; \
- DICT_ATTR *da; \
- DICT_VALUE *dv; \
\- for (i = 0; i < A_MAX; i++) { \
if (at[i].n == NULL) \continue; \da = rc_dict_findattr(rh, at[i].n); \if (da == NULL) { \LOG(L_ERR, "ERROR: %s: can't get code for the " \"%s attribute\n", fn, at[i].n); \return e1; \} \at[i].v = da->value; \- } \
- for (i = 0; i < V_MAX; i++) { \
if (vl[i].n == NULL) \continue; \dv = rc_dict_findval(rh, vl[i].n); \if (dv == NULL) { \LOG(L_ERR, "ERROR: %s: can't get code for the " \"%s attribute value\n", fn, vl[i].n);\return e2; \} \vl[i].v = dv->value; \- } \
+}
#endif Index: acc/etc/sip_dictionary =================================================================== RCS file: /cvsroot/ser/sip_router/modules/acc/etc/sip_dictionary,v retrieving revision 1.1 diff -d -u -d -u -r1.1 sip_dictionary --- acc/etc/sip_dictionary 2003/04/05 14:05:19 1.1 +++ acc/etc/sip_dictionary 2003/12/09 12:19:24 @@ -23,6 +23,9 @@ # 7 = 1 (integer encoding) #
+VENDOR Cisco 9 +ATTRIBUTE Cisco-AVPair 1 string Cisco
# # Following are the proper new names. Use these. # @@ -99,39 +102,42 @@ # Experiment SIP-specific attributes: # These attributes are tied between client & server # -ATTRIBUTE Sip-Method 101 integer -ATTRIBUTE Sip-Response-Code 102 integer -ATTRIBUTE Sip-CSeq 103 string -ATTRIBUTE Sip-To-Tag 104 string -ATTRIBUTE Sip-From-Tag 105 string -ATTRIBUTE Sip-Branch-ID 106 string +ATTRIBUTE Sip-Method 101 integer +ATTRIBUTE Sip-Response-Code 102 integer +ATTRIBUTE Sip-CSeq 103 string +ATTRIBUTE Sip-To-Tag 104 string +ATTRIBUTE Sip-From-Tag 105 string +ATTRIBUTE Sip-Branch-ID 106 string ATTRIBUTE Sip-Translated-Request-URI 107 string ATTRIBUTE Sip-Source-IP-Address 108 ipaddr -ATTRIBUTE Sip-Source-Port 109 integer -ATTRIBUTE Sip-User-ID 110 string -ATTRIBUTE Sip-User-realm 111 string -ATTRIBUTE Sip-User-nonce 112 string -ATTRIBUTE Sip-User-method 113 string -ATTRIBUTE Sip-User-digest-uri 114 string -ATTRIBUTE Sip-User-nonce_count 115 string -ATTRIBUTE Sip-User-qop 116 string -ATTRIBUTE Sip-User-opaque 117 string -ATTRIBUTE Sip-User-response 118 string -ATTRIBUTE Sip_User-cnonce 119 string +ATTRIBUTE Sip-Source-Port 109 integer +ATTRIBUTE Sip-User-ID 110 string +ATTRIBUTE Sip-User-Realm 111 string +ATTRIBUTE Sip-User-Nonce 112 string +ATTRIBUTE Sip-User-Method 113 string +ATTRIBUTE Sip-User-Digest-URI 114 string +ATTRIBUTE Sip-User-Nonce-Count 115 string +ATTRIBUTE Sip-User-QOP 116 string +ATTRIBUTE Sip-User-Opaque 117 string +ATTRIBUTE Sip-User-Response 118 string +ATTRIBUTE Sip-User-CNonce 119 string
+ATTRIBUTE Sip-URI-User 208 string +ATTRIBUTE Sip-Group 211 string +ATTRIBUTE Sip-RPId 213 string
-ATTRIBUTE Digest-Response 206 string -ATTRIBUTE Digest-Attributes 207 string -ATTRIBUTE Digest-Realm 1063 string -ATTRIBUTE Digest-Nonce 1064 string -ATTRIBUTE Digest-Method 1065 string -ATTRIBUTE Digest-URI 1066 string -ATTRIBUTE Digest-QOP 1067 string -ATTRIBUTE Digest-Algorithm 1068 string -ATTRIBUTE Digest-Body-Digest 1069 string -ATTRIBUTE Digest-CNonce 1070 string -ATTRIBUTE Digest-Nonce-Count 1071 string -ATTRIBUTE Digest-User-Name 1072 string +ATTRIBUTE Digest-Response 206 string +ATTRIBUTE Digest-Attributes 207 string +ATTRIBUTE Digest-Realm 1063 string +ATTRIBUTE Digest-Nonce 1064 string +ATTRIBUTE Digest-Method 1065 string +ATTRIBUTE Digest-URI 1066 string +ATTRIBUTE Digest-QOP 1067 string +ATTRIBUTE Digest-Algorithm 1068 string +ATTRIBUTE Digest-Body-Digest 1069 string +ATTRIBUTE Digest-CNonce 1070 string +ATTRIBUTE Digest-Nonce-Count 1071 string +ATTRIBUTE Digest-User-Name 1072 string
@@ -165,6 +171,9 @@ VALUE Service-Type Outbound-User 5 VALUE Service-Type Administrative-User 6 VALUE Service-Type NAS-Prompt-User 7 +VALUE Service-Type Call-Check 10 +VALUE Service-Type Group-Check 12 +VALUE Service-Type Sip-Session 15
# Framed Protocols
@@ -196,6 +205,7 @@ VALUE Acct-Status-Type Stop 2 VALUE Acct-Status-Type Accounting-On 7 VALUE Acct-Status-Type Accounting-Off 8 +VALUE Acct-Status-Type Failed 15
# Authentication Types
Index: auth_radius/Makefile
RCS file: /cvsroot/ser/sip_router/modules/auth_radius/Makefile,v retrieving revision 1.4 diff -d -u -d -u -r1.4 Makefile --- auth_radius/Makefile 2003/05/23 15:43:42 1.4 +++ auth_radius/Makefile 2003/12/09 12:19:25 @@ -8,6 +8,7 @@ include ../../Makefile.defs auto_gen= NAME=auth_radius.so +DEFS+=-I$(LOCALBASE)/include LIBS=-L$(LOCALBASE)/lib -L/usr/pkg/lib -lradiusclient
include ../../Makefile.modules Index: auth_radius/authorize.c =================================================================== RCS file: /cvsroot/ser/sip_router/modules/auth_radius/authorize.c,v retrieving revision 1.10 diff -d -u -d -u -r1.10 authorize.c --- auth_radius/authorize.c 2003/11/05 03:49:43 1.10 +++ auth_radius/authorize.c 2003/12/09 12:19:25 @@ -128,7 +128,7 @@ /* Clear the rpid buffer from previous value */ rpid.len = 0;
- res = radius_authorize_sterman(&cred->digest, &_msg->first_line.u.request.method, &user, &rpid);
res = radius_authorize_sterman(_msg, &cred->digest, &_msg->first_line.u.request.method, &user, &rpid); pkg_free(user.s);
if (res == 1) {
Index: auth_radius/authrad_mod.c
RCS file: /cvsroot/ser/sip_router/modules/auth_radius/authrad_mod.c,v retrieving revision 1.12 diff -d -u -d -u -r1.12 authrad_mod.c --- auth_radius/authrad_mod.c 2003/09/11 22:00:27 1.12 +++ auth_radius/authrad_mod.c 2003/12/09 12:19:25 @@ -45,13 +45,18 @@ #include "authrad_mod.h" #include "authorize.h" #include <radiusclient.h> -#include "dict.h" +#include "../../modules/acc/dict.h"
MODULE_VERSION
pre_auth_f pre_auth_func = 0; /* Pre authorization function from auth module */ post_auth_f post_auth_func = 0; /* Post authorization function from auth module */
+struct attr attrs[A_MAX]; +struct val vals[V_MAX]; +void *rh; +int ciscopec;
static int mod_init(void); /* Module initialization function */ static int str_fixup(void** param, int param_no); /* char* -> str* */
@@ -59,8 +64,8 @@ /*
- Module parameter variables
*/ -char* radius_config = "/usr/local/etc/radiusclient/radiusclient.conf"; -int service_type = PW_SIP_SESSION; +static char* radius_config = "/usr/local/etc/radiusclient/radiusclient.conf"; +static int service_type = -1;
/* @@ -103,25 +108,60 @@ */ static int mod_init(void) {
- DICT_VENDOR *vend;
- DBG("auth_radius - Initializing\n");
- if (rc_read_config(radius_config) != 0) {
- memset(attrs, 0, sizeof(attrs));
- memset(attrs, 0, sizeof(vals));
- attrs[A_SERVICE_TYPE].n = "Service-Type";
- attrs[A_SIP_RPID].n = "Sip-RPId";
- attrs[A_SIP_URI_USER].n = "Sip-URI-User";
- attrs[A_DIGEST_RESPONSE].n = "Digest-Response";
- attrs[A_DIGEST_ALGORITHM].n = "Digest-Algorithm";
- attrs[A_DIGEST_BODY_DIGEST].n = "Digest-Body-Digest";
- attrs[A_DIGEST_CNONCE].n = "Digest-CNonce";
- attrs[A_DIGEST_NONCE_COUNT].n = "Digest-Nonce-Count";
- attrs[A_DIGEST_QOP].n = "Digest-QOP";
- attrs[A_DIGEST_METHOD].n = "Digest-Method";
- attrs[A_DIGEST_URI].n = "Digest-URI";
- attrs[A_DIGEST_NONCE].n = "Digest-Nonce";
- attrs[A_DIGEST_REALM].n = "Digest-Realm";
- attrs[A_DIGEST_USER_NAME].n = "Digest-User-Name";
- attrs[A_USER_NAME].n = "User-Name";
- attrs[A_CISCO_AVPAIR].n = "Cisco-AVPair";
- vals[V_SIP_SESSION].n = "Sip-Session";
- if ((rh = rc_read_config(radius_config)) == NULL) { LOG(L_ERR, "auth_radius: Error opening configuration file \n"); return -1; }
- if (rc_read_dictionary(rc_conf_str("dictionary")) != 0) {
if (rc_read_dictionary(rh, rc_conf_str(rh, "dictionary")) != 0) { LOG(L_ERR, "auth_radius: Error opening dictionary file \n"); return -2; }
vend = rc_dict_findvend(rh, "Cisco");
if (vend == NULL) {
LOG(L_ERR, "auth_radius: No `Cisco' vendor in Radius ""dictionary\n");return -3;}
ciscopec = vend->vendorpec;
pre_auth_func = (pre_auth_f)find_export("pre_auth", 0, 0); post_auth_func = (post_auth_f)find_export("post_auth", 0, 0);
if (!(pre_auth_func && post_auth_func)) { LOG(L_ERR, "auth_radius: This module requires auth module\n");
return -3;
return -4;}
INIT_AV(rh, attrs, vals, "auth_radius", -5, -6);
if (service_type != -1)
vals[V_SIP_SESSION].v = service_type;return 0;
} Index: auth_radius/authrad_mod.h =================================================================== RCS file: /cvsroot/ser/sip_router/modules/auth_radius/authrad_mod.h,v retrieving revision 1.3 diff -d -u -d -u -r1.3 authrad_mod.h --- auth_radius/authrad_mod.h 2003/05/02 12:21:54 1.3 +++ auth_radius/authrad_mod.h 2003/12/09 12:19:25 @@ -37,14 +37,12 @@
#include "../auth/api.h"
+extern struct attr attrs[]; +extern struct val vals[]; +extern void *rh; +extern int ciscopec;
extern pre_auth_f pre_auth_func; extern post_auth_f post_auth_func;
-/*
- Module parameter variables
- */
-extern char* radius_config; /* radiusclient configuration file */ -extern int service_type; /* radius service type used for access request */
#endif /* AUTHRAD_MOD_H */ Index: auth_radius/dict.h =================================================================== RCS file: dict.h diff -N dict.h --- /tmp/cvsmA0FVN Tue Dec 9 13:19:25 2003 +++ /dev/null Tue Sep 4 15:27:29 2001 @@ -1,66 +0,0 @@ -/*
- $Id: dict.h,v 1.1 2003/09/11 22:00:27 janakj Exp $
- Digest Authentication - Radius support
- Definitions not found in radiusclient.h
- Copyright (C) 2001-2003 Fhg Fokus
- This file is part of ser, a free SIP server.
- ser is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
- (at your option) any later version
- For a license to use the ser software under conditions
- other than those described here, or to purchase support for this
- software, please contact iptel.org by e-mail at the following addresses:
- info@iptel.org
- ser is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
- History:
- 2003-03-09: Based on ser_radius.h from radius_auth (janakj)
- */
-/*
- WARNING: Don't forget to update the dictionary if you update the file !!!
- */
-#ifndef DICT_H -#define DICT_H
-/* Service types */ -#define PW_CALL_CHECK 10 -#define PW_EMERGENCY_CALL 13 -#define PW_SIP_SESSION 15
-/* Attributes*/ -#define PW_DIGEST_RESPONSE 206 /* string */ -#define PW_DIGEST_ATTRIBUTES 207 /* string */
-#define PW_SIP_URI_USER 208 /* string */ -#define PW_SIP_RPID 213 /* string */
-#define PW_DIGEST_REALM 1063 /* string */ -#define PW_DIGEST_NONCE 1064 /* string */ -#define PW_DIGEST_METHOD 1065 /* string */ -#define PW_DIGEST_URI 1066 /* string */ -#define PW_DIGEST_QOP 1067 /* string */ -#define PW_DIGEST_ALGORITHM 1068 /* string */ -#define PW_DIGEST_BODY_DIGEST 1069 /* string */ -#define PW_DIGEST_CNONCE 1070 /* string */ -#define PW_DIGEST_NONCE_COUNT 1071 /* string */ -#define PW_DIGEST_USER_NAME 1072 /* string */
-#endif /* DICT_H */ Index: auth_radius/sterman.c =================================================================== RCS file: /cvsroot/ser/sip_router/modules/auth_radius/sterman.c,v retrieving revision 1.7 diff -d -u -d -u -r1.7 sterman.c --- auth_radius/sterman.c 2003/09/11 22:00:27 1.7 +++ auth_radius/sterman.c 2003/12/09 12:19:25 @@ -32,11 +32,12 @@ */
+#include <stdlib.h> #include <string.h> #include "../../mem/mem.h" #include "../../dprint.h" #include "../auth/api.h" -#include "dict.h" +#include "../../modules/acc/dict.h" #include "sterman.h" #include "authrad_mod.h" #include <radiusclient.h> @@ -49,12 +50,12 @@
- which can be be used as a check item in the request. Service type of
- the request is Authenticate-Only.
*/ -int radius_authorize_sterman(dig_cred_t* _cred, str* _method, str* _user, str* _rpid) +int radius_authorize_sterman(struct sip_msg* _msg, dig_cred_t* _cred, str* _method, str* _user, str* _rpid) { static char msg[4096]; VALUE_PAIR *send, *received, *vp; UINT4 service;
- str method, user, user_name;
str method, user, user_name, callid; int i;
send = received = 0;
@@ -73,8 +74,8 @@ */
if (_cred->username.domain.len) {
if (!rc_avpair_add(&send, PW_USER_NAME, _cred->username.whole.s, _cred->username.whole.len)) {LOG(L_ERR, "sterman(): Unable to add PW_USER_NAME attribute\n");
if (!rc_avpair_add(rh, &send, attrs[A_USER_NAME].v, _cred->username.whole.s, _cred->username.whole.len, 0)) {LOG(L_ERR, "sterman(): Unable to add User-Name attribute\n"); rc_avpair_free(send); return -2;@@ -88,8 +89,8 @@ memcpy(user_name.s, _cred->username.whole.s, _cred->username.whole.len); user_name.s[_cred->username.whole.len] = '@'; memcpy(user_name.s + _cred->username.whole.len + 1, _cred->realm.s, _cred->realm.len);
if (!rc_avpair_add(&send, PW_USER_NAME, user_name.s, user_name.len)) {LOG(L_ERR, "sterman(): Unable to add PW_USER_NAME attribute\n");
if (!rc_avpair_add(rh, &send, attrs[A_USER_NAME].v, user_name.s, user_name.len, 0)) {LOG(L_ERR, "sterman(): Unable to add User-Name attribute\n"); pkg_free(user_name.s); rc_avpair_free(send); return -4;@@ -97,30 +98,30 @@ pkg_free(user_name.s); }
- if (!rc_avpair_add(&send, PW_DIGEST_USER_NAME, _cred->username.whole.s, _cred->username.whole.len)) {
LOG(L_ERR, "sterman(): Unable to add PW_DIGEST_USER_NAME attribute\n");
- if (!rc_avpair_add(rh, &send, attrs[A_DIGEST_USER_NAME].v, _cred->username.whole.s, _cred->username.whole.len, 0)) {
LOG(L_ERR, "sterman(): Unable to add Digest-User-Name attribute\n");
- if (!rc_avpair_add(&send, PW_DIGEST_REALM, _cred->realm.s, _cred->realm.len)) {
LOG(L_ERR, "sterman(): Unable to add PW_DIGEST_REALM attribute\n");
- if (!rc_avpair_add(rh, &send, attrs[A_DIGEST_REALM].v, _cred->realm.s, _cred->realm.len, 0)) {
LOG(L_ERR, "sterman(): Unable to add Digest-Realm attribute\n");
- if (!rc_avpair_add(&send, PW_DIGEST_NONCE, _cred->nonce.s, _cred->nonce.len)) {
LOG(L_ERR, "sterman(): Unable to add PW_DIGEST_NONCE attribute\n");
- if (!rc_avpair_add(rh, &send, attrs[A_DIGEST_NONCE].v, _cred->nonce.s, _cred->nonce.len, 0)) {
LOG(L_ERR, "sterman(): Unable to add Digest-Nonce attribute\n");
- if (!rc_avpair_add(&send, PW_DIGEST_URI, _cred->uri.s, _cred->uri.len)) {
LOG(L_ERR, "sterman(): Unable to add PW_DIGEST_URI attribute\n");
- if (!rc_avpair_add(rh, &send, attrs[A_DIGEST_URI].v, _cred->uri.s, _cred->uri.len, 0)) {
LOG(L_ERR, "sterman(): Unable to add Digest-URI attribute\n");
- if (!rc_avpair_add(&send, PW_DIGEST_METHOD, method.s, method.len)) {
LOG(L_ERR, "sterman(): Unable to add PW_DIGEST_METHOD attribute\n");
- if (!rc_avpair_add(rh, &send, attrs[A_DIGEST_METHOD].v, method.s, method.len, 0)) {
LOG(L_ERR, "sterman(): Unable to add Digest-Method attribute\n");@@ -129,39 +130,39 @@ * Add the additional authentication fields according to the QOP. */ if (_cred->qop.qop_parsed == QOP_AUTH) {
if (!rc_avpair_add(&send, PW_DIGEST_QOP, "auth", 4)) {LOG(L_ERR, "sterman(): Unable to add PW_DIGEST_QOP attribute\n");
if (!rc_avpair_add(rh, &send, attrs[A_DIGEST_QOP].v, "auth", 4, 0)) {LOG(L_ERR, "sterman(): Unable to add Digest-QOP attribute\n"); rc_avpair_free(send); return -10;
if (!rc_avpair_add(&send, PW_DIGEST_NONCE_COUNT, _cred->nc.s, _cred->nc.len)) {LOG(L_ERR, "sterman(): Unable to add PW_DIGEST_NONCE_COUNT attribute\n");
if (!rc_avpair_add(rh, &send, attrs[A_DIGEST_NONCE_COUNT].v, _cred->nc.s, _cred->nc.len, 0)) {LOG(L_ERR, "sterman(): Unable to add Digest-CNonce-Count attribute\n"); rc_avpair_free(send); return -11;
if (!rc_avpair_add(&send, PW_DIGEST_CNONCE, _cred->cnonce.s, _cred->cnonce.len)) {LOG(L_ERR, "sterman(): Unable to add PW_DIGEST_CNONCE attribute\n");
if (!rc_avpair_add(rh, &send, attrs[A_DIGEST_CNONCE].v, _cred->cnonce.s, _cred->cnonce.len, 0)) {LOG(L_ERR, "sterman(): Unable to add Digest-CNonce attribute\n"); rc_avpair_free(send); return -12;
if (!rc_avpair_add(&send, PW_DIGEST_QOP, "auth-int", 8)) {LOG(L_ERR, "sterman(): Unable to add PW_DIGEST_QOP attribute\n");
if (!rc_avpair_add(rh, &send, attrs[A_DIGEST_QOP].v, "auth-int", 8, 0)) {LOG(L_ERR, "sterman(): Unable to add Digest-QOP attribute\n"); rc_avpair_free(send); return -13;
if (!rc_avpair_add(&send, PW_DIGEST_NONCE_COUNT, _cred->nc.s, _cred->nc.len)) {LOG(L_ERR, "sterman(): Unable to add PW_DIGEST_NONCE_COUNT attribute\n");
if (!rc_avpair_add(rh, &send, attrs[A_DIGEST_NONCE_COUNT].v, _cred->nc.s, _cred->nc.len, 0)) {LOG(L_ERR, "sterman(): Unable to add Digest-Nonce-Count attribute\n"); rc_avpair_free(send); return -14;
if (!rc_avpair_add(&send, PW_DIGEST_CNONCE, _cred->cnonce.s, _cred->cnonce.len)) {LOG(L_ERR, "sterman(): Unable to add PW_DIGEST_CNONCE attribute\n");
if (!rc_avpair_add(rh, &send, attrs[A_DIGEST_CNONCE].v, _cred->cnonce.s, _cred->cnonce.len, 0)) {LOG(L_ERR, "sterman(): Unable to add Digest-CNonce attribute\n"); rc_avpair_free(send); return -15;
if (!rc_avpair_add(&send, PW_DIGEST_BODY_DIGEST, _cred->opaque.s, _cred->opaque.len)) {LOG(L_ERR, "sterman(): Unable to add PW_DIGEST_BODY_DIGEST attribute\n");
if (!rc_avpair_add(rh, &send, attrs[A_DIGEST_BODY_DIGEST].v, _cred->opaque.s, _cred->opaque.len, 0)) {LOG(L_ERR, "sterman(): Unable to add Digest-Body-Digest attribute\n"); rc_avpair_free(send); return -16;@@ -170,73 +171,60 @@ /* send nothing for qop == "" */ }
- /*
* Now put everything place all the previous attributes into the* PW_DIGEST_ATTRIBUTES*/- /*
* Fix up Digest-Attributes issues see draft-sterman-aaa-sip-00*/- for (vp = send; vp; vp = vp->next) {
switch (vp->attribute) {default:break;/* Fall thru the know values */case PW_DIGEST_REALM:case PW_DIGEST_NONCE:case PW_DIGEST_METHOD:case PW_DIGEST_URI:case PW_DIGEST_QOP:case PW_DIGEST_ALGORITHM:case PW_DIGEST_BODY_DIGEST:case PW_DIGEST_CNONCE:case PW_DIGEST_NONCE_COUNT:case PW_DIGEST_USER_NAME:/* overlapping! */memmove(&vp->strvalue[2], &vp->strvalue[0], vp->lvalue);vp->strvalue[0] = vp->attribute - PW_DIGEST_REALM + 1;vp->lvalue += 2;vp->strvalue[1] = vp->lvalue;vp->attribute = PW_DIGEST_ATTRIBUTES;break;}- }
- /* Add the response... What to calculate against... */
- if (!rc_avpair_add(&send, PW_DIGEST_RESPONSE, _cred->response.s, _cred->response.len)) {
LOG(L_ERR, "sterman(): Unable to add PW_DIGEST_RESPONSE attribute\n");
if (!rc_avpair_add(rh, &send, attrs[A_DIGEST_RESPONSE].v, _cred->response.s, _cred->response.len, 0)) {
LOG(L_ERR, "sterman(): Unable to add Digest-Response attribute\n");rc_avpair_free(send); return -17; }
/* Indicate the service type, Authenticate only in our case */
- service = service_type;
- if (!rc_avpair_add(&send, PW_SERVICE_TYPE, &service, 0)) {
LOG(L_ERR, "sterman(): Unable to add PW_SERVICE_TYPE attribute\n");
service = vals[V_SIP_SESSION].v;
if (!rc_avpair_add(rh, &send, attrs[A_SERVICE_TYPE].v, &service, 0, 0)) {
LOG(L_ERR, "sterman(): Unable to add Service-Type attribute\n");rc_avpair_free(send); return -18; }
/* Add SIP URI as a check item */
- if (!rc_avpair_add(&send, PW_SIP_URI_USER, user.s, user.len)) {
LOG(L_ERR, "sterman(): Unable to add PW_SIP_URI_USER attribute\n");
- if (!rc_avpair_add(rh, &send, attrs[A_SIP_URI_USER].v, user.s, user.len, 0)) {
LOG(L_ERR, "sterman(): Unable to add Sip-URI-User attribute\n");
- /* Add SIP Call-ID as a Cisco VSA, like IOS does */
- if (_msg->callid == NULL || _msg->callid->body.s == NULL) {
LOG(L_ERR, "sterman(): Call-ID is missed\n");rc_avpair_free(send);return -20;- }
- callid.len = _msg->callid->body.len + 8;
- callid.s = alloca(callid.len);
- if (callid.s == NULL) {
LOG(L_ERR, "sterman(): No memory left\n");rc_avpair_free(send);return -21;- }
- memcpy(callid.s, "call-id=", 8);
- memcpy(callid.s + 8, _msg->callid->body.s, _msg->callid->body.len);
- if (rc_avpair_add(rh, &send, attrs[A_CISCO_AVPAIR].v, callid.s,
callid.len, ciscopec) == 0) {LOG(L_ERR, "sterman(): Unable to add Cisco-AVPair attribute\n");rc_avpair_free(send);return -22;- }
- /* Send request */
- if ((i = rc_auth(SIP_PORT, send, &received, msg)) == OK_RC) {
if ((i = rc_auth(rh, SIP_PORT, send, &received, msg)) == OK_RC) { DBG("radius_authorize_sterman(): Success\n"); rc_avpair_free(send);
/* Make a copy of rpid if available */
if ((vp = rc_avpair_get(received, PW_SIP_RPID))) {
if ((vp = rc_avpair_get(received, attrs[A_SIP_RPID].v, 0))) { if (MAX_RPID_LEN < vp->lvalue) { LOG(L_ERR, "radius_authorize_sterman(): rpid buffer too small\n");
return -20;
return -23; } memcpy(_rpid->s, vp->strvalue, vp->lvalue); _rpid->len = vp->lvalue;@@ -249,6 +237,6 @@ DBG("radius_authorize_sterman(): Failure\n"); rc_avpair_free(send); rc_avpair_free(received);
return -21;
return -24;} Index: auth_radius/sterman.h =================================================================== RCS file: /cvsroot/ser/sip_router/modules/auth_radius/sterman.h,v retrieving revision 1.3 diff -d -u -d -u -r1.3 sterman.h --- auth_radius/sterman.h 2003/04/28 22:04:33 1.3 +++ auth_radius/sterman.h 2003/12/09 12:19:25 @@ -45,6 +45,6 @@
- which can be be used as a check item in the request. Service type of
- the request is Authenticate-Only.
*/ -int radius_authorize_sterman(dig_cred_t* _cred, str* _method, str* _user, str* _rpid); +int radius_authorize_sterman(struct sip_msg* _msg, dig_cred_t* _cred, str* _method, str* _user, str* _rpid);
#endif /* STERMAN_H */ Index: group_radius/Makefile =================================================================== RCS file: /cvsroot/ser/sip_router/modules/group_radius/Makefile,v retrieving revision 1.3 diff -d -u -d -u -r1.3 Makefile --- group_radius/Makefile 2003/05/23 15:43:43 1.3 +++ group_radius/Makefile 2003/12/09 12:19:25 @@ -8,6 +8,7 @@ include ../../Makefile.defs auto_gen= NAME=group_radius.so +DEFS+=-I$(LOCALBASE)/include LIBS=-L$(LOCALBASE)/lib -L/usr/pkg/lib -lradiusclient
include ../../Makefile.modules Index: group_radius/dict.h =================================================================== RCS file: dict.h diff -N dict.h --- /tmp/cvs6nqAD9 Tue Dec 9 13:19:25 2003 +++ /dev/null Tue Sep 4 15:27:29 2001 @@ -1,47 +0,0 @@ -/*
- $Id: dict.h,v 1.1 2003/09/11 22:02:02 janakj Exp $
- Group Membership - Radius
- Definitions not found in radiusclient.h
- Copyright (C) 2001-2003 Fhg Fokus
- This file is part of ser, a free SIP server.
- ser is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
- (at your option) any later version
- For a license to use the ser software under conditions
- other than those described here, or to purchase support for this
- software, please contact iptel.org by e-mail at the following addresses:
- info@iptel.org
- ser is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
- History:
- 2003-03-09: Based on ser_radius.h from radius_auth (janakj)
- */
-/*
- WARNING: Don't forget to update the dictionary if you update this file !!!
- */
-#ifndef DICT_H -#define DICT_H
-/* Service-Type */ -#define PW_GROUP_CHECK 12
-#define PW_SIP_GROUP 211 /* string */
-#endif /* DICT_H */ Index: group_radius/group.c =================================================================== RCS file: /cvsroot/ser/sip_router/modules/group_radius/group.c,v retrieving revision 1.5 diff -d -u -d -u -r1.5 group.c --- group_radius/group.c 2003/09/11 22:02:02 1.5 +++ group_radius/group.c 2003/12/09 12:19:25 @@ -44,7 +44,7 @@ #include "../../parser/hf.h" #include "../../parser/digest/digest.h" #include "group.h" -#include "dict.h" +#include "../../modules/acc/dict.h" #include "grouprad_mod.h"
@@ -191,8 +191,8 @@ user_name = user; }
- if (!rc_avpair_add(&send, PW_USER_NAME, user_name.s, user_name.len)) {
LOG(L_ERR, "radius_is_user_in(): Error adding PW_USER_NAME\n");
- if (!rc_avpair_add(rh, &send, attrs[A_USER_NAME].v, user_name.s, user_name.len, 0)) {
LOG(L_ERR, "radius_is_user_in(): Error adding User-Name attribute\n");@@ -200,19 +200,19 @@
if (use_domain) pkg_free(user_name.s);
- if (!rc_avpair_add(&send, PW_SIP_GROUP, grp->s, grp->len)) {
LOG(L_ERR, "radius_is_user_in(): Error adding PW_SIP_GROUP\n");
- if (!rc_avpair_add(rh, &send, attrs[A_SIP_GROUP].v, grp->s, grp->len, 0)) {
LOG(L_ERR, "radius_is_user_in(): Error adding Sip-Group attribute\n"); return -8;
- service = PW_GROUP_CHECK;
- if (!rc_avpair_add(&send, PW_SERVICE_TYPE, &service, 0)) {
LOG(L_ERR, "radius_is_user_in(): Error adding PW_SERVICE_TYPE\n");
- service = vals[V_GROUP_CHECK].v;
- if (!rc_avpair_add(rh, &send, attrs[A_SERVICE_TYPE].v, &service, 0, 0)) {
LOG(L_ERR, "radius_is_user_in(): Error adding Service-Type attribute\n");
- if (rc_auth(0, send, &received, msg) == OK_RC) {
- if (rc_auth(rh, 0, send, &received, msg) == OK_RC) { DBG("radius_is_user_in(): Success\n"); rc_avpair_free(send); rc_avpair_free(received);
Index: group_radius/grouprad_mod.c
RCS file: /cvsroot/ser/sip_router/modules/group_radius/grouprad_mod.c,v retrieving revision 1.6 diff -d -u -d -u -r1.6 grouprad_mod.c --- group_radius/grouprad_mod.c 2003/04/27 18:17:24 1.6 +++ group_radius/grouprad_mod.c 2003/12/09 12:19:25 @@ -40,11 +40,16 @@ #include "../../dprint.h" #include "../../sr_module.h" #include "../../mem/mem.h" +#include "../../modules/acc/dict.h" #include "grouprad_mod.h" #include "group.h"
MODULE_VERSION
+void *rh; +struct attr attrs[A_MAX]; +struct val vals[V_MAX];
static int mod_init(void); /* Module initialization function */ static int hf_fixup(void** param, int param_no); /* Header field fixup */
@@ -52,7 +57,7 @@ /*
- Module parameter variables
*/ -char* radius_config = "/usr/local/etc/radiusclient/radiusclient.conf"; +static char* radius_config = "/usr/local/etc/radiusclient/radiusclient.conf"; int use_domain = 1; /* By default we use domain */
@@ -93,16 +98,24 @@ static int mod_init(void) { DBG("group_radius - initializing\n");
- if (rc_read_config(radius_config) != 0) {
- memset(attrs, 0, sizeof(attrs));
- memset(attrs, 0, sizeof(vals));
- attrs[A_SERVICE_TYPE].n = "Service-Type";
- attrs[A_USER_NAME].n = "User-Name";
- vals[V_GROUP_CHECK].n = "Group-Check";
- if ((rh = rc_read_config(radius_config)) == NULL) { LOG(L_ERR, "group_radius: Error opening configuration file \n"); return -1; }
- if (rc_read_dictionary(rc_conf_str("dictionary")) != 0) {
if (rc_read_dictionary(rh, rc_conf_str(rh, "dictionary")) != 0) { LOG(L_ERR, "group_radius: Error opening dictionary file \n"); return -2; }
INIT_AV(rh, attrs, vals, "group_radius", -3, -4);
return 0;
} Index: group_radius/grouprad_mod.h =================================================================== RCS file: /cvsroot/ser/sip_router/modules/group_radius/grouprad_mod.h,v retrieving revision 1.3 diff -d -u -d -u -r1.3 grouprad_mod.h --- group_radius/grouprad_mod.h 2003/03/12 21:47:49 1.3 +++ group_radius/grouprad_mod.h 2003/12/09 12:19:25 @@ -34,10 +34,13 @@ #ifndef GROUPRAD_MOD_H #define GROUPRAD_MOD_H
+extern struct attr attrs[]; +extern struct val vals[]; +extern void *rh;
/*
- Module parameter variables
*/ -extern char* radius_config; /* radiusclient configuration file */ extern int use_domain; /* Should we use also domain ? */
#endif /* GROUPRAD_MOD_H */ Index: uri_radius/Makefile =================================================================== RCS file: /cvsroot/ser/sip_router/modules/uri_radius/Makefile,v retrieving revision 1.3 diff -d -u -d -u -r1.3 Makefile --- uri_radius/Makefile 2003/05/23 15:43:44 1.3 +++ uri_radius/Makefile 2003/12/09 12:19:25 @@ -8,6 +8,7 @@ include ../../Makefile.defs auto_gen= NAME=uri_radius.so +DEFS+=-I$(LOCALBASE)/include LIBS=-L$(LOCALBASE)/lib -L/usr/pkg/lib -lradiusclient
include ../../Makefile.modules Index: uri_radius/checks.c =================================================================== RCS file: /cvsroot/ser/sip_router/modules/uri_radius/checks.c,v retrieving revision 1.3 diff -d -u -d -u -r1.3 checks.c --- uri_radius/checks.c 2003/09/11 22:03:58 1.3 +++ uri_radius/checks.c 2003/12/09 12:19:25 @@ -35,7 +35,7 @@ #include "../../mem/mem.h" #include "../../parser/parse_uri.h" #include "../../dprint.h" -#include "dict.h" +#include "../../modules/acc/dict.h" #include "checks.h" #include "urirad_mod.h" #include <radiusclient.h> @@ -74,22 +74,22 @@ at += _m->parsed_uri.host.len; *at = '\0';
- if (!rc_avpair_add(&send, PW_USER_NAME, uri, 0)) {
- if (!rc_avpair_add(rh, &send, attrs[A_USER_NAME].v, uri, 0, 0)) { LOG(L_ERR, "radius_does_uri_exist(): Error adding User-Name\n"); rc_avpair_free(send); pkg_free(uri); return -3; }
- service = service_type;
- if (!rc_avpair_add(&send, PW_SERVICE_TYPE, &service, 0)) {
- service = vals[V_CALL_CHECK].v;
- if (!rc_avpair_add(rh, &send, attrs[A_SERVICE_TYPE].v, &service, 0, 0)) { LOG(L_ERR, "radius_does_uri_exist(): Error adding service type\n"); rc_avpair_free(send); pkg_free(uri); return -4; }
- if (rc_auth(0, send, &received, msg) == OK_RC) {
- if (rc_auth(rh, 0, send, &received, msg) == OK_RC) { DBG("radius_does_uri_exist(): Success\n"); rc_avpair_free(send); rc_avpair_free(received);
Index: uri_radius/dict.h
RCS file: dict.h diff -N dict.h --- /tmp/cvsMz7uyT Tue Dec 9 13:19:25 2003 +++ /dev/null Tue Sep 4 15:27:29 2001 @@ -1,44 +0,0 @@ -/*
- $Id: dict.h,v 1.1 2003/09/11 22:03:58 janakj Exp $
- Group Membership - RADIUS
- Definitions not found in radiusclient.h
- Copyright (C) 2001-2003 Fhg Fokus
- This file is part of ser, a free SIP server.
- ser is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
- (at your option) any later version
- For a license to use the ser software under conditions
- other than those described here, or to purchase support for this
- software, please contact iptel.org by e-mail at the following addresses:
- info@iptel.org
- ser is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
- History:
- 2003-03-09: Based on ser_radius.h from radius_auth (janakj)
- */
-/*
- WARNING: Don't forget to update the dictionary if you update this file !!!
- */
-#ifndef DICT_H -#define DICT_H
-#define PW_CALL_CHECK 10
-#endif /* DICT_H */ Index: uri_radius/urirad_mod.c =================================================================== RCS file: /cvsroot/ser/sip_router/modules/uri_radius/urirad_mod.c,v retrieving revision 1.5 diff -d -u -d -u -r1.5 urirad_mod.c --- uri_radius/urirad_mod.c 2003/09/11 22:03:58 1.5 +++ uri_radius/urirad_mod.c 2003/12/09 12:19:25 @@ -36,11 +36,14 @@ #include "../../sr_module.h" #include "urirad_mod.h" #include "checks.h" -#include "dict.h" +#include "../../modules/acc/dict.h" #include <radiusclient.h>
MODULE_VERSION
+struct attr attrs[A_MAX]; +struct val vals[V_MAX]; +void *rh;
static int mod_init(void); /* Module initialization function */
@@ -48,8 +51,8 @@ /*
- Module parameter variables
*/ -char* radius_config = "/usr/local/etc/radiusclient/radiusclient.conf"; -int service_type = PW_CALL_CHECK; +static char* radius_config = "/usr/local/etc/radiusclient/radiusclient.conf"; +static int service_type = -1;
/*
- Exported functions
@@ -88,16 +91,27 @@ static int mod_init(void) { DBG("uri_radius - initializing\n");
- if (rc_read_config(radius_config) != 0) {
- memset(attrs, 0, sizeof(attrs));
- memset(attrs, 0, sizeof(vals));
- attrs[A_SERVICE_TYPE].n = "Service-Type";
- attrs[A_USER_NAME].n = "User-Name";
- vals[V_CALL_CHECK].n = "Call-Check";
- if ((rh = rc_read_config(radius_config)) == NULL) { LOG(L_ERR, "uri_radius: Error opening configuration file \n"); return -1; }
- if (rc_read_dictionary(rc_conf_str("dictionary")) != 0) {
if (rc_read_dictionary(rh, rc_conf_str(rh, "dictionary")) != 0) { LOG(L_ERR, "uri_radius: Error opening dictionary file \n"); return -2; }
INIT_AV(rh, attrs, vals, "uri_radius", -3, -4);
if (service_type != -1)
vals[V_CALL_CHECK].v = service_type;return 0;
} Index: uri_radius/urirad_mod.h =================================================================== RCS file: /cvsroot/ser/sip_router/modules/uri_radius/urirad_mod.h,v retrieving revision 1.2 diff -d -u -d -u -r1.2 urirad_mod.h --- uri_radius/urirad_mod.h 2003/05/02 12:20:59 1.2 +++ uri_radius/urirad_mod.h 2003/12/09 12:19:25 @@ -34,10 +34,8 @@ #ifndef URIRAD_MOD_H #define URIRAD_MOD_H
-/*
- Module parameter variables
- */
-extern char* radius_config; /* radiusclient configuration file */ -extern int service_type; /* radius service type for uri check */ +extern struct attr attrs[]; +extern struct val vals[]; +extern void *rh;
#endif /* URIRAD_MOD_H */