res_qry.c

来自「RADIUS协议的认证计费服务」· C语言 代码 · 共 1,034 行 · 第 1/2 页

		temp->next = *rem;
		*rem = temp;
		if (!default_pool)
		{
			apool->count++;
		}
	}

	return EV_ACK;
} /* end of add_resources () */

/**************************************************************************
 *
 *	Function: make_ip_node
 *
 *	Purpose: Makes up an ASSIGNED_IP node, fills in the given IP address,
 *		 NAS IP address and the pointer to the user.
 *
 *************************************************************************/

static ASSIGNED_IP *
make_ip_node (ipaddr, nas, user, nas_port)

UINT4           ipaddr;
UINT4           nas;
USER_ENTRY     *user;
int             nas_port;

{
	ASSIGNED_IP    *ip;
	char           *func = "make_ip_node";

	dprintf (2, (LOG_AUTH, LOG_DEBUG, "%s: entered", func));

	if ((ip = (ASSIGNED_IP *) malloc (sizeof (ASSIGNED_IP)))
							== (ASSIGNED_IP *) NULL)
	{
		logit (LOG_DAEMON, LOG_ALERT, "%s: FATAL out of memory", func);
		abort ();
	}

	ip->user_ent = user;
	ip->ip_address = ipaddr;
	ip->nas_ip = nas;
	ip->nas_port = nas_port;
	ip->next = (ASSIGNED_IP *) NULL;

	return ip;
} /* end of make_ip_node */

/*****************************************************************************
 *
 *	Function: nas_proc
 *
 *	Purpose: Process a resource query response from a NAS
 *
 ****************************************************************************/

static char
nas_proc (request, reply)

AUTH_REQ       *request;
AUTH_REQ       *reply;

{
	VALUE_PAIR     *old_index;
	VALUE_PAIR     *nas;
	UINT4           index;
	int             result;
	AATV           *paatv;
/* 	struct in_addr  addr; */
	char           *func = "nas_proc";

	dprintf (2, (LOG_AUTH, LOG_DEBUG, "%s: entered", func));

	old_index = get_vp_vend (reply->request, PW_USR_RQ_INDEX, VC_USR);

	nas = get_vp (reply->request, PW_NAS_IP_ADDRESS);

/*	if (old_index->lvalue < VENDOR_ID_LENGTH + SUB_ID_LENGTH + INT_LEN)
	{
		addr.s_addr = ntohl(nas->lvalue);
		logit (LOG_DAEMON, LOG_ERR,
		       "%s: Invalid Resource Query Index in reply from %s",
		       func, inet_ntoa (addr));
		return EV_NAK;
	}
	memcpy ((char *) &index,
		&old_index->strvalue[VENDOR_ID_LENGTH + SUB_ID_LENGTH],
		INT_LEN);
	index = ntohl(index);
*/
	index = old_index->lvalue;

	if (index == 0)
	{
		if (set_client (reply->ipaddr, GOT_RQ_RESP) == EV_NAK)
		{
			result = EV_NAK;
		}
		else
		{
			result = EV_DONE;
		}
	}
	else
	{
		index++;
		list_free (reply->request);
		list_free (reply->cur_request);
		reply->request = reply->cur_request = (VALUE_PAIR *) NULL;
		reply->cur_count = 2;
		index = htonl(index);	/* to prepare for avpair_add_vend() */
		avpair_add_vend (&reply->request, PW_USR_RQ_INDEX, &index,
				 INT_LEN, VC_USR);
		avpair_add (&reply->request, PW_NAS_IP_ADDRESS,
			    &reply->ipaddr, 0);
		list_copy (&reply->cur_request, reply->request);

		if (!add_local_vpn (reply, reply->client->file_pfx))
		{
			return EV_NAK;
		}
		reply->code = PW_RESOURCE_QUERY_REQ;
		reply->rep_id = new_id (global_auth_q.q);
		reply->ttl = RQUERY_TIMER;
		reply->retry_cnt = 0;
		paatv = find_aatv ("REPLY");
		call_action (paatv, reply, 0, "");
		result = EV_ACK;
	}
	free_authreq (request);
	return result;
} /* end of nas_proc () */

/******************************************************************************
 *
 *	Function: proxy_proc
 *
 *	Purpose: Process the resource query responses got from the proxy server
 *
 *****************************************************************************/

static char
proxy_proc (request, reply)

AUTH_REQ       *request;
AUTH_REQ       *reply;

{
	UINT4           index;
	UINT4           old_index;
	VALUE_PAIR     *index_vp;
	VALUE_PAIR     *nas;
	VALUE_PAIR     *old_index_vp;
	AUTH_REQ       *auth = (AUTH_REQ *) NULL;
	AUTH_REQ_Q     *aaq = queue_find (PW_RESOURCE_QUERY_REQ);


	AATV           *paatv;
/* 	struct in_addr  addr; */
	char           *func = "proxy_proc";

	dprintf (2, (LOG_AUTH, LOG_DEBUG, "%s: entered", func));

	index_vp = get_vp_vend (reply->request, PW_USR_RQ_INDEX, VC_USR);
/*	if (index_vp->lvalue < VENDOR_ID_LENGTH + SUB_ID_LENGTH + INT_LEN)
	{
		addr.s_addr = ntohl(nas->lvalue);
		logit (LOG_DAEMON, LOG_ERR,
		       "%s: Invalid Resource Query Index in reply from %s",
		       func, inet_ntoa (addr));
		return EV_NAK;
	}
	memcpy ((char *) &index,
		&index_vp->strvalue[VENDOR_ID_LENGTH + SUB_ID_LENGTH],
		INT_LEN);
	index = ntohl(index);
*/
	index = index_vp->lvalue;

	nas = get_vp (reply->request, PW_NAS_IP_ADDRESS);
	reply->nas_ip = nas->lvalue;
	old_index_vp = get_vp_vend (request->request, PW_USR_RQ_INDEX, VC_USR);
/*	memcpy ((char *) &old_index,
		&old_index_vp->strvalue[VENDOR_ID_LENGTH + SUB_ID_LENGTH],
		INT_LEN);
	old_index = ntohl(old_index);
*/
	old_index = old_index_vp->lvalue;

	if (old_index != 0)
	{
		for (auth = aaq->q; auth != (AUTH_REQ *) NULL;
			auth = auth->next)
		{
			if (auth->code != PW_RESOURCE_QUERY_REQ)
			{
				continue;
			}

			if (auth->ipaddr == reply->ipaddr && auth->nas_ip == 0)
			{
				break; /* Found first Resource Query Request. */
			}
		}
		if (auth == (AUTH_REQ *) NULL)
		{
			logit (LOG_DAEMON, LOG_ERR,
			      "%s: No matching original Resource Query Request",
			       func);
			return EV_NAK;
		}
	}
	else
	{
		auth = request;
		auth->qry_count++;
	}

	auth->ttl = RQUERY_TIMER;

	if (old_index != 0)
	{
		free_authreq (request);
	}

	if (index == 0)
	{
		if (set_client (reply->ipaddr, GOT_RQ_RESP) == EV_NAK)
		{
			return EV_NAK;
		}
		return EV_DONE;
	}

	index++;
	list_free (reply->request);
	list_free (reply->cur_request);
	reply->request = (VALUE_PAIR *) NULL;
	reply->cur_request = (VALUE_PAIR *) NULL;
	index = htonl(index);	/* to prepare for avpair_add_vend() call */
	avpair_add_vend (&reply->request, PW_USR_RQ_INDEX,
			 &index, INT_LEN, VC_USR);
	avpair_add (&reply->request, PW_NAS_IP_ADDRESS, &reply->nas_ip, 0);
	list_copy (&reply->cur_request, reply->request);
	reply->rep_id = new_id (aaq->q);
	reply->code = PW_RESOURCE_QUERY_REQ;
	reply->ttl = RQUERY_TIMER;
	reply->retry_cnt = 0;
	paatv = find_aatv ("REPLY");
	call_action (paatv, reply, 0, "");
	return EV_ACK;
} /* end of proxy_proc () */

/*****************************************************************************
 *
 *	Function: new_id
 *
 *	Purpose: ??? XXX ???
 *
 ****************************************************************************/

u_char
new_id (queue)

AUTH_REQ       *queue;

{
	u_char          auth_ident = 0;
	AUTH_REQ       *entry;

	do
	{
		entry = queue;
		auth_ident++;
		for (; entry != (AUTH_REQ *) NULL; entry = entry->next)
		{
			if (entry->rep_id == auth_ident)
			{
				break;
			}
		}
	} while (entry != (AUTH_REQ *) NULL);

	return auth_ident;
} /* end of new_id () */

/*****************************************************************************
 *
 *	Function: set_client
 *
 *	Purpose:  ??? XXX ???
 *
 ****************************************************************************/

int
set_client (ipaddr, flag)

UINT4           ipaddr;
int             flag;

{
	CLIENT_ENTRY   *client_ent;
	CLIENT_ENTRY   *client_list;
	IP_ADDRESS     *addr_ent;
	struct in_addr  addr;
	static char    *func = "set_client";

	dprintf (2, (LOG_AUTH, LOG_DEBUG, "%s: entered", func));

	client_list = get_client_list ();
	for (client_ent = client_list;
		client_ent != (CLIENT_ENTRY *) NULL;
		client_ent = client_ent->next)
	{
		if (ipaddr == get_ipaddr (client_ent->hostname))
		{
			break;
		}

		for (addr_ent = client_ent->addrs;
			addr_ent != (IP_ADDRESS *) NULL;
			addr_ent = addr_ent->next)
		{
			if (ipaddr == addr_ent->ipaddr.s_addr)
			{
				break;
			}
		}

		if (addr_ent != (IP_ADDRESS *) NULL)
		{
			break;
		}
	}

	if (client_ent == (CLIENT_ENTRY *) NULL)
	{
		addr.s_addr = ntohl(ipaddr);
		logit (LOG_DAEMON, LOG_ERR, "%s: Unknown Client %s",
			func, inet_ntoa (addr));
		return EV_NAK;
	}
	if (flag == TEST_GOT)
	{
		if (client_ent->state != GOT_RQ_RESP)
		{
			client_ent->state = NO_RQ_RESP;
		}
	}
	else
	{
		client_ent->state = flag;
	}

	return EV_ACK;
} /* end of set_client () */

/*****************************************************************************
 *
 *	Function: send_rq_req
 *
 *	Purpose:  Makes up, and sends out Resource Query Requests
 *
 ****************************************************************************/

void
send_rq_req (client_ent)

CLIENT_ENTRY   *client_ent;

{
	UINT4           index = 0;
	AUTH_REQ       *auth_ent;
	AUTH_REQ_Q     *aaq;
	AATV           *paatv;
	char           *func = "send_rq_req";

	dprintf (2, (LOG_AUTH, LOG_DEBUG, "%s: entered", func));

	client_ent->state = QUERY_IN_PROGRESS;

	if ((auth_ent = (AUTH_REQ *) calloc (1, sizeof (AUTH_REQ)))
							== (AUTH_REQ *) NULL)
	{
		logit (LOG_DAEMON, LOG_ALERT, "%s: FATAL out of memory", func);
		abort ();
	}
	if (client_ent->addrs != (IP_ADDRESS *) NULL)
	{
		auth_ent->ipaddr = client_ent->addrs->ipaddr.s_addr;
	}
	else
	{
		logit (LOG_DAEMON, LOG_ERR,
		       "%s: Could not resolve IP Address for %s",
		       func, client_ent->hostname);
		return;
	}

	auth_ent->udp_port = auth_port;
	auth_ent->code = PW_RESOURCE_QUERY_REQ;
	auth_ent->client = client_ent;
	auth_ent->ttl = RQUERY_TIMER;
	auth_ent->type = USR_PARENT;
	auth_ent->state = ST_INIT;
	auth_ent->fsmstatus = EV_ACK;
	auth_ent->repstatus = -2;	/* Initial, invalid value */
	auth_ent->cur_count = 1;

	/* Add an Index value of Zero */
	if (avpair_add_vend (&auth_ent->cur_request, PW_USR_RQ_INDEX, &index,
			     INT_LEN, VC_USR) == NULL_VP)
	{
		logit (LOG_DAEMON, LOG_ERR,
		   "%s: Problem adding Index AV Pair to Resource Query Request",
			func);
		free_authreq (auth_ent);
		return;
	}

	if ((client_ent->client_type & CE_NAS) == CE_NAS)
	{
		if (!add_local_vpn (auth_ent, client_ent->file_pfx))
		{
			free_authreq (auth_ent);
			return;
		}
	}

	aaq = queue_find (auth_ent->code);
	if (enqueue_authreq (aaq, auth_ent) == (AUTH_REQ *) NULL)
	{
		free_authreq (auth_ent);
		return;
	}

	auth_ent->rep_id = new_id (aaq->q);
	auth_ent->fwd_id = auth_ent->rep_id;
	memset (auth_ent->repvec, '\0', AUTH_VECTOR_LEN);
	memset (auth_ent->fwdvec, '\0', AUTH_VECTOR_LEN);

	paatv = find_aatv ("REPLY");
	auth_ent->fsm_aatv = paatv;
	call_action (paatv, auth_ent, 0, "");
	return;
} /* end of send_rq_req () */

/*****************************************************************************
 *
 *	Function: add_local_vpn
 *
 *	Purpose:  ??? XXX ???
 *
 ****************************************************************************/

static int
add_local_vpn (authreq, file_pfx)

AUTH_REQ       *authreq;
char           *file_pfx;

{
	int             count = 0;
	UINT4           vpn_id = 0;
	FILE_LIST      *file_ent;
	VALUE_PAIR     *vpn_list = (VALUE_PAIR *) NULL;
	AUTH_ENTRY     *pauth;
	char           *func = "add_local_vpn";

	if ((file_ent = find_file_ent (file_pfx)) == (FILE_LIST *) NULL)
	{
		logit (LOG_DAEMON, LOG_ERR,
		       "%s: Couldn't find authfile with prefix %s",
		       func, file_pfx);
		return 0;
	}

	/* Add VPN 0 */
	if (avpair_add_vend (&vpn_list, PW_USR_VPN_ID, &vpn_id, INT_LEN,
			     VC_USR) == NULL_VP)
	{
		logit (LOG_DAEMON, LOG_ERR,
		  "%s: Problem adding VPN ID AV Pair to Resource Query Request",
		       func);
		return 0;
	}
	count++;
	/* Add all locally defined VPNs */
	for (pauth = file_ent->auth_list;
			pauth != (AUTH_ENTRY *) NULL;
			pauth = pauth->next)
	{
		if (pauth->type != AA_LOCAL_VPN)
		{
			continue;
		}
		vpn_id = htonl(pauth->vpn->id); /* to prepare for call below */
		if (avpair_add_vend (&vpn_list, PW_USR_VPN_ID,
				     &vpn_id, INT_LEN, VC_USR) == NULL_VP)
		{
			logit (LOG_DAEMON, LOG_ERR,
		  "%s: Problem adding VPN ID AV Pair to Resource Query Request",
				func);
			return 0;
		}
		count++;
	}

	list_cat (&authreq->request, vpn_list);
	list_cat (&authreq->cur_request, vpn_list);
	return count;
} /* end of add_local_vpn () */

#endif	/* USR_CCA */