users.c

RADIUS协议的认证计费服务

		if (next == NULL)
		{
			break;
		}
	}

	return cli_type;
} /* end of get_client_type () */

#ifdef USR_CCA

/*************************************************************************
 *
 *	Function: get_default_file_entry
 *
 *	Purpose: This function returns the first node from the file_list.
 *
 ************************************************************************/

FILE_LIST *
get_default_file_entry ()

{
	return file_list;	/* the first entry is the default */

} /* end of get_default_file_entry () */

#endif /* USR_CCA */

/*************************************************************************
 *
 *	Function: get_our_addr
 *
 *	Purpose: A global function to return a local variable (?)
 *
 *	Returns: (an) IP address of this machine.
 *
 *************************************************************************/

UINT4
get_our_addr ()

{
	return self_ip[0];
} /* end of get_our_addr () */

/*************************************************************************
 *
 *	Function: host_is_us
 *
 *	Purpose: Determine if we are the given host.
 *
 *	Returns: 1 if the given hostname is the name of this host,
 *		 0 otherwise.
 *
 *************************************************************************/

int
host_is_us (hostname)

char          *hostname;

{
	UINT4            addr;
	UINT4           *adptr;

	if (find_host_by_name (&addr, hostname) == 0)
	{
		for (adptr = self_ip; *adptr > 0; adptr++)
		{
			if (*adptr == addr)
			{
				return 1;
			}
		}
	}
	return 0;
} /* end of host_is_us () */

/*************************************************************************
 *
 *	Function: insert_client
 *
 *	Purpose: Inserts a CLIENT_ENTRY node into client_list for the
 *		 given hostname.
 *
 *	Returns: 0 - inserted ok
 *		-1 - bad news
 *
 *************************************************************************/

int
insert_client (hostname, secret, prefix, reply_hold, client_type, veps, rad_ver)

char           *hostname;
char           *secret;
char           *prefix;
int             reply_hold;
int             client_type;
VENDOR_LIST    *veps;
int             rad_ver;

{
	int             auth_port = 0;
	int             acct_port = 0;
	char           *col;
	char           *port;
	CLIENT_ENTRY   *client_ent = (CLIENT_ENTRY *) NULL;
	CLIENT_ENTRY   *oldent;
	CLIENT_ENTRY  **prev;
	IP_ADDRESS     *ip_address;
	struct in_addr  addr;
	static char    *func = "insert_client";

	dprintf(4, (LOG_AUTH, LOG_DEBUG, "%s: entered", func));

	if (reply_hold < 0)
	{
		reply_hold = CLEANUP_DELAY;
	}

	/* Allow <host>[:<auth_port>[:<acct_port>]] syntax on client names */

	if ((port = strchr (hostname, ':')) != (char *) NULL)
	{
		*port++ = '\0'; /* skip past the colon */
		/* atoi () ignores error conditions, like a ':' in number */
		auth_port = (u_short) atoi (port); /* parse clients file port */

		if((col = strchr (port, ':')) == (char *) NULL)
		{
			acct_port = auth_port + 1;
		}
		else
		{
			acct_port = (u_short) atoi (col + 1); /* clients file */
		}
	}

	/* Convert generic name for us to our real name */
	if (strcmp (hostname, RADIUS_LOCALSERVER) == 0)
	{
		hostname = ourhostname;
	}

	/* Look for entry from previous list (before HUP) */

	if (old_clients != (CLIENT_ENTRY *) NULL)
	{
		for (prev = &old_clients;
			(oldent = *prev) != (CLIENT_ENTRY *) NULL;
			prev = &oldent->next)
		{
			if (strcmp (hostname, oldent->hostname) == 0)
			{
				/* Matched - Remove from old list */
				*prev = oldent->next;
				client_ent = oldent;
				break;
			}
		}
	}

	if (client_ent == (CLIENT_ENTRY *) NULL)
	{
		client_ent = (CLIENT_ENTRY *) get_memory (sizeof (CLIENT_ENTRY),
							  func, "CLIENT_ENTRY");
		dns_client_mf.m++;
		client_ent->hostname = add_string (hostname, ASIS);
		client_ent->names = (DNS_NAME *) NULL;
		client_ent->addrs = (IP_ADDRESS *) NULL;
		client_ent->type = IP_DNS;

		/* Set constant addrs now so we don't have to wait for DNS */
		if (good_ipaddr (hostname) == 0)
		{
			client_ent->type = IP_NUMERIC;
			addr.s_addr = ntohl(inet_addr (hostname));
		}
		else
		{
			if (strcmp (hostname, ourhostname) == 0)
			{
				client_ent->type = IP_OURADDR;
				addr.s_addr = self_ip[0];
			}
		}

		if (client_ent->type != IP_DNS)
		{
			ip_address = (IP_ADDRESS *)
						get_memory (sizeof (IP_ADDRESS),
							    func, "IP_ADDRESS");
			dns_client_mf.m++;

			ip_address->ipaddr = addr;
			ip_address->next = (IP_ADDRESS *) NULL;
			client_ent->addrs = ip_address;
		}
	}
	else
	{
		(void) free_vendor_list (client_ent->veps);
	}

	client_ent->secret = add_string (secret, ASIS);
	client_ent->file_pfx = add_string (prefix, ASIS);
	client_ent->expire_time = (time_t) 0;
	client_ent->reply_holdtime = reply_hold;
	client_ent->client_type = client_type;
	client_ent->veps = veps;
	client_ent->event_q = (EVENT_ENT *) NULL;
	client_ent->version = rad_ver;
	client_ent->auth_port = auth_port;
	client_ent->acct_port = acct_port;
	client_ent->flags = 0;

#ifdef USR_CCA
	client_ent->state = NO_RQ_RESP;
#endif /* USR_CCA */

	/* find end of list */
	for (prev = &client_list; *prev; prev = &(*prev)->next)
	{
		continue;
	}
	client_ent->next = (CLIENT_ENTRY *) NULL;
	*prev = client_ent;

	/*
	 *	If the entry had an optional file prefix, add a new FILE_ENTRY
	 *	to the file_list to handle this prefix.  Add_file_list() will
	 *	not add duplicate entries.
	 */
	if (client_ent->file_pfx[0] != '\0')
	{
		add_file_list (client_ent->file_pfx);
	}
	return 0;
} /* end of insert_client () */

/*************************************************************************
 *
 *	Function: ip_hostname
 *
 *	Purpose: Return a printable host name (or IP address in dotted quad
 *		 notation) for the supplied IP address.
 *
 *************************************************************************/

char *
ip_hostname (h_ipaddr)

UINT4           h_ipaddr;

{
	UINT4          *ourad;
	CLIENT_ENTRY   *client_ent;
	IP_ADDRESS     *an_address;
	DNS_NAME       *a_name;
	struct hostent *hp;
	struct in_addr  inad;
	static char     hstname[MAXHOSTNAMELEN + 1];
	static char    *func = "ip_hostname";

	for (client_ent = client_list;
		client_ent != (CLIENT_ENTRY *) NULL;
		client_ent = client_ent->next)
	{
		for (an_address = client_ent->addrs;
			an_address != (IP_ADDRESS *) NULL;
			an_address = an_address->next)
		{
			if (an_address->ipaddr.s_addr == h_ipaddr)
			{
				break;
			}
		}

		if (an_address != (IP_ADDRESS *) NULL)
		{
			break;
		}
	}

	if (client_ent != (CLIENT_ENTRY *) NULL)
	{
		if ((a_name = client_ent->names) == (DNS_NAME *) NULL ||
			(a_name->type != 0))
		{
			rad_strncpy (hstname, client_ent->hostname,
								MAXHOSTNAMELEN);
		}
		else /* return official name if it's not in the main entry */
		{
			rad_strncpy (hstname, a_name->name, MAXHOSTNAMELEN);
		}
	}
	else
	{
		for (ourad = self_ip;
			(*ourad > (UINT4) 0) && (*ourad != h_ipaddr);
			ourad++)
		{
			continue;
		}

		if (*ourad > (UINT4) 0)
		{
			rad_strncpy (hstname, ourhostname, MAXHOSTNAMELEN);
		}
		else
		{
			inad.s_addr = htonl(h_ipaddr);
			rad_strncpy (hstname, inet_ntoa (inad), MAXHOSTNAMELEN);

			/*
			 *	Special check for non-server use.
			 *	Note: a server always will have at
			 *	least one client.
			 */
			if (client_list == (CLIENT_ENTRY *) NULL)
			{
				if ((hp = gethostbyaddr ((char *) &inad.s_addr,
							sizeof (struct in_addr),
							AF_INET)) 
						!= (struct hostent *) NULL)
				{
					if (strlen (hp->h_name)
							      > MAXHOSTNAMELEN)
					{
						logit (LOG_AUTH, LOG_INFO,
				      "%s: '%s' truncated - hostname too long",
							func, inet_ntoa (inad));
					}

					rad_strncpy (hstname,
						(char *) hp->h_name,
						MAXHOSTNAMELEN);

					return (hstname);
				}
			}
		}
	}
	return (hstname);
} /* end of ip_hostname () */

#define PARSE_MODE_NAME		0
#define PARSE_MODE_EQUAL	1
#define PARSE_MODE_VALUE	2
#define PARSE_MODE_INVALID	3

/*************************************************************************
 *
 *	Function: pair_parse
 *
 *	Purpose: Parses the buffer to extract the attribute-value pairs.
 *
 *	Returns: 0 = successful parse of attribute-value pair,
 *		-1 = syntax (or other) error detected.
 *
 *************************************************************************/

int
pair_parse (buffer, eq_list, ne_list)

char           *buffer;
VALUE_PAIR    **eq_list;
VALUE_PAIR    **ne_list;

{
	u_char          tag = 0;
	int             len;
	int             mode;
	int             rc;
	UINT4		lvalue;
	char           *valptr;
	DICT_ATTR      *attr;
	DICT_VALUE     *dval;
	VALUE_PAIR     *pair;
	VALUE_PAIR    **to_list = (VALUE_PAIR **) NULL; /* eq_list or ne_list */
	struct tm      *tm;
	time_t          timeval;
	char            attrstr[AUTH_ID_LEN];
	char            buf[AUTH_STRING2_LEN];
	char            valstr[AUTH_STRING2_LEN];
	static char    *func = "pair_parse";

	dprintf(4, (LOG_AUTH, LOG_DEBUG, "%s: entered", func));

	mode = PARSE_MODE_NAME;
	while (*buffer != '\n' && *buffer != '\0')
	{
		if (*buffer == ' ' || *buffer == '\t' || *buffer == ',')
		{
			buffer++;
			continue;
		}

		switch (mode)
		{
		    case PARSE_MODE_NAME:		/* Attribute Name */
			fieldcpy (attrstr, &buffer, AUTH_ID_LEN);

			if ((attr = dict_attrfind (attrstr))
							== (DICT_ATTR *) NULL)
			{
				return (-1);
			}
			mode = PARSE_MODE_EQUAL;
			break;

		    case PARSE_MODE_EQUAL:		/* Equal sign */
			if ((buffer[0] == '=') &&
				(eq_list != (VALUE_PAIR **) NULL))
			{
				to_list = eq_list;	/* Assign to eq_list */
			}
			else
			{
				if (((buffer[0] == '!') &&
					(buffer[1] == '=')) &&
					(ne_list != (VALUE_PAIR **) NULL))
				{
					to_list = ne_list; /* Assign ne_list */
					buffer++;
				}
				else
				{
					return (-1);
				}
			}

			if (to_list == (VALUE_PAIR **) NULL)
			{
				logit (LOG_DAEMON, LOG_ERR,
					"%s: no eq_list or ne_list", func);
				return (-2);
			}

			buffer++;			/* point past '=' */
			mode = PARSE_MODE_VALUE;
			break;

		    case PARSE_MODE_VALUE:		/* Value */
			len = fieldcpy (valstr, &buffer, AUTH_STRING2_LEN);
			valptr = valstr;	/* Start buffer correctly. */

			switch (attr->type)
			{
			    case PW_TYPE_TAG_STR:
				pair = avpair_add_vend_tag (to_list,
							attr->value, valstr,
							len, attr->vendor_id,
							-1);
				break;

#ifdef BINARY_FILTERS
			    case PW_TYPE_FILTER_BINARY:
				if ((rc = filter_binary (buf, valstr)) <= 0)
				{
					return (-1);
				}

				pair = avpair_add_vend (to_list, attr->value,
						buf, rc, attr->vendor_id);
				break;
#endif	/* BINARY_FILTERS */

			    case PW_TYPE_STRING:
				pair = avpair_add_vend (to_list, attr->value,
						valstr, len, attr->vendor_id);
				break;

			    case PW_TYPE_TAG_INT:
			        tag = (u_char) valstr[0];
				valptr++;
				len--;
				/***FALLTHROUGH***/

			    case PW_TYPE_OCTET:
			    case PW_TYPE_SHORT:
			    case PW_TYPE_INTEGER:
				if (isdigit(*valptr) || *valptr == '-')
				{
					lvalue = atoi (valptr); /* parse int */
				}
				else
				{
					if ((dval = dict_valfind (valptr,
							attr->name)) == NULLDV)
					{
						logit (LOG_DAEMON, LOG_ERR,
				 "%s: Attribute '%s' does not have value '%s'",
							func, attr->name,
							valptr);
						return (-1);
					}
					else
					{
						lvalue = dval->dv_value;
					}
				}

				pair = avpair_add_vend_tag (to_list,
							attr->value, &lvalue, 0,
							attr->vendor_id, tag);
				break;

			    case PW_TYPE_IPADDR:  /* Look for n.n.n.n or -n */
				if (isdigit(*valstr) || *valstr == '-')
				{
					if (good_ipaddr (valstr) == 0)
					{
						lvalue = 
						     ntohl(inet_addr (valstr));
					}
					else /* was not dotted quad notation */
					{
						lvalue = atol (valstr);
					}

					pair = avpair_add_vend (to_list,
							attr->value, &lvalue, 0,
							attr->vendor_id);
					break;
				}

				/* Now see if defined value (i.e., "ASSIGN") */
				if ((dval = dict_valfind (valstr, 
					    attr->name)) != (DICT_VALUE *) NULL)
				{
					lvalue = dval->dv_value;
					pair = avpair_add_vend (to_list,
							attr->value, &lvalue, 0,
							attr->vendor_id);
					break;
				}

				/* Neither so must be DNS name. */
				rc = find_host_by_name