radius_rx.c

vxworks下radius协议栈 的源代码

					++p_server->statistics.authentication_bad_authenticators_rx;
				
					break;
				case RADIUS_ACCOUNTING_RESPONSE:
					++p_server->statistics.accounting_bad_authenticators_rx;
				
					break;
				default:
					
					break;
				}

#ifdef __RADIUS_MIB__
			semGive (g_sem_radius_mib);
#endif

			buffer_free (sptr_rx_packet);

			rw_container_free_iterator (request_entry_iterator);

			return;
			}
		}

	response_attribute_list_handle = radius_create_attribute_list ();
	
	if (response_attribute_list_handle == INVALID_HANDLE)
		{
#ifdef __RADIUS_MIB__
		semTake (g_sem_radius_mib, WAIT_FOREVER);
#endif

		switch (sptr_rx_packet->header.code)
			{
			case RADIUS_ACCESS_ACCEPT:
			case RADIUS_ACCESS_REJECT:
			case RADIUS_ACCESS_CHALLENGE:
				++p_server->statistics.authentication_dropped_packets_rx;
			
				break;
			case RADIUS_ACCOUNTING_RESPONSE:
				++p_server->statistics.accounting_dropped_packets_rx;
			
				break;
			default:
				
				break;
			}

#ifdef __RADIUS_MIB__
		semGive (g_sem_radius_mib);
#endif

		buffer_free (sptr_rx_packet);

		rw_container_free_iterator (request_entry_iterator);

		return;
		}
	
	p_radius_attribute_list_controller = (RADIUS_LIST_CONTROLLER*) response_attribute_list_handle;

	if (radius_read_attributes_from_packet (sptr_rx_packet, p_radius_attribute_list_controller) == FAIL)
		{
#ifdef __RADIUS_MIB__
		semTake (g_sem_radius_mib, WAIT_FOREVER);
#endif

		switch (sptr_rx_packet->header.code)
			{
			case RADIUS_ACCESS_ACCEPT:
			case RADIUS_ACCESS_REJECT:
			case RADIUS_ACCESS_CHALLENGE:
				++p_server->statistics.authentication_malformed_access_responses_rx;
			
				break;
			case RADIUS_ACCOUNTING_RESPONSE:
				++p_server->statistics.accounting_malformed_responses_rx;
			
				break;
			default:
				
				break;
			}

#ifdef __RADIUS_MIB__
		semGive (g_sem_radius_mib);
#endif

		radius_delete_attribute_list (response_attribute_list_handle);

		buffer_free (sptr_rx_packet);

		rw_container_free_iterator (request_entry_iterator);

		return;
		}

#ifdef __EAP__
	if ((sptr_rx_packet->header.code == RADIUS_ACCESS_ACCEPT) || (sptr_rx_packet->header.code == RADIUS_ACCESS_REJECT)
		|| (sptr_rx_packet->header.code == RADIUS_ACCESS_CHALLENGE))
		{
		if (radius_verifiy_message_authenticator (sptr_rx_packet, (BYTE *)p_request_entry->packet_header.authenticator,
			p_radius_attribute_list_controller, p_server) == FAIL)
			{
#ifdef __RADIUS_MIB__
			semTake (g_sem_radius_mib, WAIT_FOREVER);
#endif

			switch (sptr_rx_packet->header.code)
				{
				case RADIUS_ACCESS_ACCEPT:
				case RADIUS_ACCESS_REJECT:
				case RADIUS_ACCESS_CHALLENGE:
					++p_server->statistics.authentication_malformed_access_responses_rx;
				
					break;
				case RADIUS_ACCOUNTING_RESPONSE:
					++p_server->statistics.accounting_malformed_responses_rx;
				
					break;
				default:
					
					break;
				}
#ifdef __RADIUS_MIB__
			semGive (g_sem_radius_mib);
#endif

			radius_delete_attribute_list (response_attribute_list_handle);

			buffer_free (sptr_rx_packet);

			rw_container_free_iterator (request_entry_iterator);

			return;
			}
		}
#else
	if (radius_verify_attributes (sptr_rx_packet->header.code, p_radius_attribute_list_controller) == false)
		{
#ifdef __RADIUS_MIB__
		semTake (g_sem_radius_mib, WAIT_FOREVER);
#endif

		switch (sptr_rx_packet->header.code)
			{
			case RADIUS_ACCESS_ACCEPT:
			case RADIUS_ACCESS_REJECT:
			case RADIUS_ACCESS_CHALLENGE:
				++p_server->statistics.authentication_malformed_access_responses_rx;
			
				break;
			case RADIUS_ACCOUNTING_RESPONSE:
				++p_server->statistics.accounting_malformed_responses_rx;
			
				break;
			default:
				
				break;
			}
#ifdef __RADIUS_MIB__
		semGive (g_sem_radius_mib);
#endif

		radius_delete_attribute_list (response_attribute_list_handle);

		buffer_free (sptr_rx_packet);

		rw_container_free_iterator (request_entry_iterator);

		return;
		}
#endif /* __EAP__ */

	if (sptr_rx_packet->header.code == RADIUS_ACCESS_ACCEPT)
		{
		if (radius_decrypt_attributes_with_authenticator (p_radius_attribute_list_controller->p_list, (BYTE *)p_request_entry->packet_header.authenticator, p_server) == FAIL)
			{
			radius_delete_attribute_list (response_attribute_list_handle);

			buffer_free (sptr_rx_packet);

			rw_container_free_iterator (request_entry_iterator);

			return;
			}
		}

	print_radius_attributes (p_radius_attribute_list_controller);

#ifdef __RADIUS_MIB__
	semTake (g_sem_radius_mib, WAIT_FOREVER);
#endif

	switch (sptr_rx_packet->header.code)
		{
		case RADIUS_ACCESS_ACCEPT:
		case RADIUS_ACCESS_REJECT:
		case RADIUS_ACCESS_CHALLENGE:
			--p_server->statistics.authentication_pending_access_requests;
			p_server->statistics.authentication_round_trip_time = (rwos_get_system_elapsed_time () - p_request_entry->request_timestamp) / RADIUS_REQUEST_ROUND_TRIP_TIME_UNIT_IN_MSEC;
		
			break;
		case RADIUS_ACCOUNTING_RESPONSE:
			--p_server->statistics.accounting_pending_access_requests;
			p_server->statistics.accounting_round_trip_time = (rwos_get_system_elapsed_time () - p_request_entry->request_timestamp) / RADIUS_REQUEST_ROUND_TRIP_TIME_UNIT_IN_MSEC;
		
			break;
		default:
			
			break;
		}

#ifdef __RADIUS_MIB__
	semGive (g_sem_radius_mib);
#endif

	rwos_mutex_release (rwos_radius_data_mutex);

	(*p_request_entry->p_callbacks->fptr_radius_normal_callback) (p_request_entry->request_handle, sptr_rx_packet->header.code, response_attribute_list_handle); 

	rwos_mutex_acquire (rwos_radius_data_mutex, WAIT_FOREVER);

	radius_free_packet_identifier_per_server (p_server, p_request_entry->packet_header.identifier);

	rw_container_remove (request_entry_iterator);
	
	if (p_request_entry->sptr_packet != NULL)
		{
		buffer_free (p_request_entry->sptr_packet);
		}

	if (p_request_entry->p_callbacks != NULL)
		{
		buffer_free (p_request_entry->p_callbacks);
		}

	table_free (p_request_entry);
	
	buffer_free (sptr_rx_packet);
	
	rw_container_free_iterator (request_entry_iterator);

	--p_server->pending_request_count;

	/* tk: check if there has been a call to destroy the server.  Delete the server only
		if there is no pending request on the server and there is no pending client who
		still owns (i.e. has not freed) all the copies of the server handle.
	*/ 
	if ((p_server->deleted == true) 
		&& (p_server->pending_request_count == 0)
		&& (p_server->user_count == 0))
		{
		radius_printf (RADIUS_TRACE_PRINTF, "Receive done: Server deleted\n");

		if (p_server->bp_secret != NULL)
			{	
			table_free (p_server->bp_secret);				
			}
		table_free (p_server);

		rw_container_remove (server_iterator);
		}

	rw_container_free_iterator (server_iterator);

	return;
}
/************************************************************************/
void print_radius_packet_header (char *function_name, RADIUS_PACKET_HEADER *sptr_packet_header)
{
	USHORT output_code;
	USHORT output_length;
	USHORT output_identifier;
	char output_buffer[(RADIUS_SIZE_OF_AUTHENTICATOR * sizeof (OUTPUT_BUFFER_ENTRY)) + sizeof (BYTE)];

	if (radius.trace_printing_enabled == TRUE)
		{
		convert_bytes_to_ascii ((BYTE *)&sptr_packet_header->authenticator[0], sizeof (sptr_packet_header->authenticator), &output_buffer[0]);

		output_code = sptr_packet_header->code;

		output_length = swap (sptr_packet_header->length);

		output_identifier = sptr_packet_header->identifier;

		radius_printf (RADIUS_TRACE_PRINTF, "%s: code = %d, id = %d, length = %d, authenticator = %s\n",
			function_name, output_code, output_identifier, output_length, &output_buffer[0]);
		}
}