Re: [Serusers] radiusclient new generation, first beta release

Attached please find final version of the patch, which converts all radius modules to radiusclient-ng. Please note that just released radiusclient-0.4.0.b2 is required for this version of the patch, it can be downloaded here: https://developer.berlios.de/project/showfiles.php?group_id=1208. I would like to get a permission to commit this patch. Thanks! -Maxim Maxim Sobolev wrote: ? acc/a ? acc/c ? acc/dict.h,v Index: acc/Makefile =================================================================== RCS file: /cvsroot/ser/sip_router/modules/acc/Makefile,v retrieving revision 1.17 diff -d -u -d -u -r1.17 Makefile --- acc/Makefile 2003/12/05 14:30:23 1.17 +++ acc/Makefile 2003/12/09 12:19:24 @@ -14,7 +14,7 @@ #DEFS+=-DSQL_ACC # uncomment the next two lines if you wish to enable RADIUS accounting -#DEFS+=-DRAD_ACC +#DEFS+=-DRAD_ACC -I$(LOCALBASE)/include # uncomment the next two lines if you wish to enable DIAMETER accounting #DEFS+=-DDIAM_ACC Index: acc/acc.c =================================================================== RCS file: /cvsroot/ser/sip_router/modules/acc/acc.c,v retrieving revision 1.20 diff -d -u -d -u -r1.20 acc.c --- acc/acc.c 2003/11/24 19:18:21 1.20 +++ acc/acc.c 2003/12/09 12:19:24 @@ -72,9 +72,9 @@ #ifdef RAD_ACC /* caution: keep these aligned to RAD_ACC_FMT !! */ -static int rad_attr[] = { PW_CALLING_STATION_ID, PW_CALLED_STATION_ID, - PW_SIP_TRANSLATED_REQ_ID, PW_ACCT_SESSION_ID, PW_SIP_TO_TAG, - PW_SIP_FROM_TAG, PW_SIP_CSEQ }; +static int rad_attr[] = { A_CALLING_STATION_ID, A_CALLED_STATION_ID, + A_SIP_TRANSLATED_REQUEST_URI, A_ACCT_SESSION_ID, A_SIP_TO_TAG, + A_SIP_FROM_TAG, A_SIP_CSEQ }; #endif #ifdef DIAM_ACC @@ -551,14 +551,14 @@ code=phrase2code(phrase); if (code==0) - return PW_STATUS_FAILED; + return vals[V_STATUS_FAILED].v; if ((rq->REQ_METHOD==METHOD_INVITE || rq->REQ_METHOD==METHOD_ACK) && code>=200 && code<300) - return PW_STATUS_START; + return vals[V_STATUS_START].v; if ((rq->REQ_METHOD==METHOD_BYE || rq->REQ_METHOD==METHOD_CANCEL)) - return PW_STATUS_STOP; - return PW_STATUS_FAILED; + return vals[V_STATUS_STOP].v; + return vals[V_STATUS_FAILED].v; } int acc_rad_request( struct sip_msg *rq, struct hdr_field *to, @@ -594,28 +594,28 @@ } av_type=rad_status(rq, phrase); - if (!rc_avpair_add(&send, PW_ACCT_STATUS_TYPE, &av_type,0)) { + if (!rc_avpair_add(rh, &send, attrs[A_ACCT_STATUS_TYPE].v, &av_type,0, 0)) { LOG(L_ERR, "ERROR: acc_rad_request: add STATUS_TYPE\n"); goto error; } - av_type=service_type; - if (!rc_avpair_add(&send, PW_SERVICE_TYPE, &av_type,0)) { + av_type=vals[V_SIP_SESSION].v; + if (!rc_avpair_add(rh, &send, attrs[A_SERVICE_TYPE].v, &av_type,0, 0)) { LOG(L_ERR, "ERROR: acc_rad_request: add STATUS_TYPE\n"); goto error; } av_type=phrase2code(phrase); /* status=integer */ /* if (phrase.len<3) c=nullcode; else { memcpy(ccode, phrase.s, 3); ccode[3]=0;c=nullcode;} */ - if (!rc_avpair_add(&send, PW_SIP_RESPONSE_CODE, &av_type,0)) { + if (!rc_avpair_add(rh, &send, attrs[A_SIP_RESPONSE_CODE].v, &av_type,0, 0)) { LOG(L_ERR, "ERROR: acc_rad_request: add RESPONSE_CODE\n"); goto error; } av_type=rq->REQ_METHOD; - if (!rc_avpair_add(&send, PW_SIP_METHOD, &av_type,0)) { + if (!rc_avpair_add(rh, &send, attrs[A_SIP_METHOD].v, &av_type,0, 0)) { LOG(L_ERR, "ERROR: acc_rad_request: add SIP_METHOD\n"); goto error; } - /* Handle PW_USER_NAME as a special case */ + /* Handle User-Name as a special case */ user=cred_user(rq); /* try to take it from credentials */ if (user) { realm = cred_realm(rq); @@ -629,10 +629,10 @@ memcpy(user_name.s, user->s, user->len); user_name.s[user->len] = '@'; memcpy(user_name.s+user->len+1, realm->s, realm->len); - if (!rc_avpair_add(&send, PW_USER_NAME, - user_name.s, user_name.len)) { + if (!rc_avpair_add(rh, &send, attrs[A_USER_NAME].v, + user_name.s, user_name.len, 0)) { LOG(L_ERR, "ERROR: acc_rad_request: rc_avpaid_add " - "failed for %d\n", PW_USER_NAME ); + "failed for %d\n", attrs[A_USER_NAME].v ); pkg_free(user_name.s); goto error; } @@ -640,10 +640,10 @@ } else { user_name.len = user->len; user_name.s = user->s; - if (!rc_avpair_add(&send, PW_USER_NAME, - user_name.s, user_name.len)) { + if (!rc_avpair_add(rh, &send, attrs[A_USER_NAME].v, + user_name.s, user_name.len, 0)) { LOG(L_ERR, "ERROR: acc_rad_request: rc_avpaid_add " - "failed for %d\n", PW_USER_NAME ); + "failed for %d\n", attrs[A_USER_NAME].v ); goto error; } } @@ -662,10 +662,10 @@ memcpy(user_name.s, puri.user.s, puri.user.len); user_name.s[puri.user.len] = '@'; memcpy(user_name.s+puri.user.len+1, puri.host.s, puri.host.len); - if (!rc_avpair_add(&send, PW_USER_NAME, - user_name.s, user_name.len)) { + if (!rc_avpair_add(rh, &send, attrs[A_USER_NAME].v, + user_name.s, user_name.len, 0)) { LOG(L_ERR, "ERROR: acc_rad_request: rc_avpaid_add " - "failed for %d\n", PW_USER_NAME ); + "failed for %d\n", attrs[A_USER_NAME].v ); pkg_free(user_name.s); goto error; } @@ -673,25 +673,25 @@ } else { user_name.len = na.len; user_name.s = na.s; - if (!rc_avpair_add(&send, PW_USER_NAME, - user_name.s, user_name.len)) { + if (!rc_avpair_add(rh, &send, attrs[A_USER_NAME].v, + user_name.s, user_name.len, 0)) { LOG(L_ERR, "ERROR: acc_rad_request: rc_avpaid_add " - "failed for %d\n", PW_USER_NAME ); + "failed for %d\n", attrs[A_USER_NAME].v ); goto error; } } } /* Remaining attributes from rad_attr vector */ for(i=0; i<attr_cnt; i++) { - if (!rc_avpair_add(&send, rad_attr[i], - val_arr[i]->s,val_arr[i]->len)) { + if (!rc_avpair_add(rh, &send, attrs[rad_attr[i]].v, + val_arr[i]->s,val_arr[i]->len, 0)) { LOG(L_ERR, "ERROR: acc_rad_request: rc_avpaid_add " - "failed for %d\n", rad_attr[i] ); + "failed for %s\n", attrs[rad_attr[i]].n ); goto error; } } - if (rc_acct(SIP_PORT, send)!=OK_RC) { + if (rc_acct(rh, SIP_PORT, send)!=OK_RC) { LOG(L_ERR, "ERROR: acc_rad_request: radius-ing failed\n"); goto error; } Index: acc/acc.h =================================================================== RCS file: /cvsroot/ser/sip_router/modules/acc/acc.h,v retrieving revision 1.11 diff -d -u -d -u -r1.11 acc.h --- acc/acc.h 2003/11/24 19:18:21 1.11 +++ acc/acc.h 2003/12/09 12:19:24 @@ -100,7 +100,8 @@ #ifdef RAD_ACC -extern int service_type; +extern struct attr attrs[]; +extern struct val vals[]; #endif Index: acc/acc_mod.c =================================================================== RCS file: /cvsroot/ser/sip_router/modules/acc/acc_mod.c,v retrieving revision 1.31 diff -d -u -d -u -r1.31 acc_mod.c --- acc/acc_mod.c 2003/12/05 14:30:23 1.31 +++ acc/acc_mod.c 2003/12/09 12:19:24 @@ -107,10 +107,13 @@ int log_level=L_NOTICE; char *log_fmt=DEFAULT_LOG_FMT; #ifdef RAD_ACC -char *radius_config = "/usr/local/etc/radiusclient/radiusclient.conf"; +static char *radius_config = "/usr/local/etc/radiusclient/radiusclient.conf"; int radius_flag = 0; int radius_missed_flag = 0; -int service_type = PW_SIP_SESSION; +static int service_type = -1; +void *rh; +struct attr attrs[A_MAX]; +struct val vals[V_MAX]; #endif /* DIAMETER */ @@ -312,19 +315,43 @@ #endif #ifdef RAD_ACC + memset(attrs, 0, sizeof(attrs)); + memset(attrs, 0, sizeof(vals)); + attrs[A_CALLING_STATION_ID].n = "Calling-Station-Id"; + attrs[A_CALLED_STATION_ID].n = "Called-Station-Id"; + attrs[A_SIP_TRANSLATED_REQUEST_URI].n = "Sip-Translated-Request-URI"; + attrs[A_ACCT_SESSION_ID].n = "Acct-Session-Id"; + attrs[A_SIP_TO_TAG].n = "Sip-To-Tag"; + attrs[A_SIP_FROM_TAG].n = "Sip-From-Tag"; + attrs[A_SIP_CSEQ].n = "Sip-CSeq"; + attrs[A_ACCT_STATUS_TYPE].n = "Acct-Status-Type"; + attrs[A_SERVICE_TYPE].n = "Service-Type"; + attrs[A_SIP_RESPONSE_CODE].n = "Sip-Response-Code"; + attrs[A_SIP_METHOD].n = "Sip-Method"; + attrs[A_USER_NAME].n = "User-Name"; + vals[V_STATUS_START].n = "Start"; + vals[V_STATUS_STOP].n = "Stop"; + vals[V_STATUS_FAILED].n = "Failed"; + vals[V_SIP_SESSION].n = "Sip-Session"; + /* open log */ rc_openlog("ser"); /* read config */ - if (rc_read_config(radius_config)!=0) { + if ((rh = rc_read_config(radius_config)) == NULL) { LOG(L_ERR, "ERROR: acc: error opening radius config file: %s\n", radius_config ); return -1; } /* read dictionary */ - if (rc_read_dictionary(rc_conf_str("dictionary"))!=0) { + if (rc_read_dictionary(rh, rc_conf_str(rh, "dictionary"))!=0) { LOG(L_ERR, "ERROR: acc: error reading radius dictionary\n"); return -1; } + + INIT_AV(rh, attrs, vals, "acc", -1, -1); + + if (service_type != -1) + vals[V_SIP_SESSION].v = service_type; #endif return 0; Index: acc/acc_mod.h =================================================================== RCS file: /cvsroot/ser/sip_router/modules/acc/acc_mod.h,v retrieving revision 1.11 diff -d -u -d -u -r1.11 acc_mod.h --- acc/acc_mod.h 2003/11/24 19:18:21 1.11 +++ acc/acc_mod.h 2003/12/09 12:19:24 @@ -53,7 +53,7 @@ #ifdef RAD_ACC extern int radius_flag; extern int radius_missed_flag; -extern int service_type; +extern void *rh; #endif #ifdef DIAM_ACC Index: acc/dict.h =================================================================== RCS file: /cvsroot/ser/sip_router/modules/acc/dict.h,v retrieving revision 1.3 diff -d -u -d -u -r1.3 dict.h --- acc/dict.h 2003/09/11 21:53:36 1.3 +++ acc/dict.h 2003/12/09 12:19:24 @@ -34,17 +34,84 @@ #ifndef _DICT_H #define _DICT_H -#define PW_SIP_METHOD 101 /* integer */ -#define PW_SIP_RESPONSE_CODE 102 /* integer */ -#define PW_SIP_CSEQ 103 /* string */ -#define PW_SIP_TO_TAG 104 /* string */ -#define PW_SIP_FROM_TAG 105 /* string */ -#define PW_SIP_BRANCH_ID 106 /* string -- Not used */ -#define PW_SIP_TRANSLATED_REQ_ID 107 /* string */ -#define PW_SIP_SOURCE_IP_ADDRESS 108 /* ipaddr -- Not used */ -#define PW_SIP_SOURCE_PORT 109 /* integer -- Not used */ +struct attr { + const char *n; + int v; +}; -#define PW_SIP_SESSION 15 /* SIP service-type */ -#define PW_STATUS_FAILED 15 +struct val { + const char *n; + int v; +}; + +#define A_USER_NAME 0 +#define A_SERVICE_TYPE 1 +#define A_CALLED_STATION_ID 2 +#define A_CALLING_STATION_ID 3 +#define A_ACCT_STATUS_TYPE 4 +#define A_ACCT_SESSION_ID 5 +#define A_SIP_METHOD 6 +#define A_SIP_RESPONSE_CODE 7 +#define A_SIP_CSEQ 8 +#define A_SIP_TO_TAG 9 +#define A_SIP_FROM_TAG 10 +#define A_SIP_TRANSLATED_REQUEST_URI 11 +#define A_DIGEST_RESPONSE 12 +#define A_DIGEST_ATTRIBUTES 13 +#define A_SIP_URI_USER 14 +#define A_SIP_RPID 15 +#define A_DIGEST_REALM 16 +#define A_DIGEST_NONCE 17 +#define A_DIGEST_METHOD 18 +#define A_DIGEST_URI 19 +#define A_DIGEST_QOP 20 +#define A_DIGEST_ALGORITHM 21 +#define A_DIGEST_BODY_DIGEST 22 +#define A_DIGEST_CNONCE 23 +#define A_DIGEST_NONCE_COUNT 24 +#define A_DIGEST_USER_NAME 25 +#define A_SIP_GROUP 26 +#define A_CISCO_AVPAIR 27 +#define A_MAX 27 + +#define V_STATUS_START 0 +#define V_STATUS_STOP 1 +#define V_STATUS_FAILED 2 +#define V_CALL_CHECK 3 +#define V_EMERGENCY_CALL 4 +#define V_SIP_SESSION 5 +#define V_GROUP_CHECK 6 +#define V_MAX 6 + +#define INIT_AV(rh, at, vl, fn, e1, e2) \ +{ \ + int i; \ + DICT_ATTR *da; \ + DICT_VALUE *dv; \ + \ + for (i = 0; i < A_MAX; i++) { \ + if (at[i].n == NULL) \ + continue; \ + da = rc_dict_findattr(rh, at[i].n); \ + if (da == NULL) { \ + LOG(L_ERR, "ERROR: %s: can't get code for the " \ + "%s attribute\n", fn, at[i].n); \ + return e1; \ + } \ + at[i].v = da->value; \ + } \ + for (i = 0; i < V_MAX; i++) { \ + if (vl[i].n == NULL) \ + continue; \ + dv = rc_dict_findval(rh, vl[i].n); \ + if (dv == NULL) { \ + LOG(L_ERR, "ERROR: %s: can't get code for the " \ + "%s attribute value\n", fn, vl[i].n);\ + return e2; \ + } \ + vl[i].v = dv->value; \ + } \ +} + #endif Index: acc/etc/sip_dictionary =================================================================== RCS file: /cvsroot/ser/sip_router/modules/acc/etc/sip_dictionary,v retrieving revision 1.1 diff -d -u -d -u -r1.1 sip_dictionary --- acc/etc/sip_dictionary 2003/04/05 14:05:19 1.1 +++ acc/etc/sip_dictionary 2003/12/09 12:19:24 @@ -23,6 +23,9 @@ # 7 = 1 (integer encoding) # +VENDOR Cisco 9 +ATTRIBUTE Cisco-AVPair 1 string Cisco + # # Following are the proper new names. Use these. # @@ -99,39 +102,42 @@ # Experiment SIP-specific attributes: # These attributes are tied between client & server # -ATTRIBUTE Sip-Method 101 integer -ATTRIBUTE Sip-Response-Code 102 integer -ATTRIBUTE Sip-CSeq 103 string -ATTRIBUTE Sip-To-Tag 104 string -ATTRIBUTE Sip-From-Tag 105 string -ATTRIBUTE Sip-Branch-ID 106 string +ATTRIBUTE Sip-Method 101 integer +ATTRIBUTE Sip-Response-Code 102 integer +ATTRIBUTE Sip-CSeq 103 string +ATTRIBUTE Sip-To-Tag 104 string +ATTRIBUTE Sip-From-Tag 105 string +ATTRIBUTE Sip-Branch-ID 106 string ATTRIBUTE Sip-Translated-Request-URI 107 string ATTRIBUTE Sip-Source-IP-Address 108 ipaddr -ATTRIBUTE Sip-Source-Port 109 integer -ATTRIBUTE Sip-User-ID 110 string -ATTRIBUTE Sip-User-realm 111 string -ATTRIBUTE Sip-User-nonce 112 string -ATTRIBUTE Sip-User-method 113 string -ATTRIBUTE Sip-User-digest-uri 114 string -ATTRIBUTE Sip-User-nonce_count 115 string -ATTRIBUTE Sip-User-qop 116 string -ATTRIBUTE Sip-User-opaque 117 string -ATTRIBUTE Sip-User-response 118 string -ATTRIBUTE Sip_User-cnonce 119 string +ATTRIBUTE Sip-Source-Port 109 integer +ATTRIBUTE Sip-User-ID 110 string +ATTRIBUTE Sip-User-Realm 111 string +ATTRIBUTE Sip-User-Nonce 112 string +ATTRIBUTE Sip-User-Method 113 string +ATTRIBUTE Sip-User-Digest-URI 114 string +ATTRIBUTE Sip-User-Nonce-Count 115 string +ATTRIBUTE Sip-User-QOP 116 string +ATTRIBUTE Sip-User-Opaque 117 string +ATTRIBUTE Sip-User-Response 118 string +ATTRIBUTE Sip-User-CNonce 119 string +ATTRIBUTE Sip-URI-User 208 string +ATTRIBUTE Sip-Group 211 string +ATTRIBUTE Sip-RPId 213 string -ATTRIBUTE Digest-Response 206 string -ATTRIBUTE Digest-Attributes 207 string -ATTRIBUTE Digest-Realm 1063 string -ATTRIBUTE Digest-Nonce 1064 string -ATTRIBUTE Digest-Method 1065 string -ATTRIBUTE Digest-URI 1066 string -ATTRIBUTE Digest-QOP 1067 string -ATTRIBUTE Digest-Algorithm 1068 string -ATTRIBUTE Digest-Body-Digest 1069 string -ATTRIBUTE Digest-CNonce 1070 string -ATTRIBUTE Digest-Nonce-Count 1071 string -ATTRIBUTE Digest-User-Name 1072 string +ATTRIBUTE Digest-Response 206 string +ATTRIBUTE Digest-Attributes 207 string +ATTRIBUTE Digest-Realm 1063 string +ATTRIBUTE Digest-Nonce 1064 string +ATTRIBUTE Digest-Method 1065 string +ATTRIBUTE Digest-URI 1066 string +ATTRIBUTE Digest-QOP 1067 string +ATTRIBUTE Digest-Algorithm 1068 string +ATTRIBUTE Digest-Body-Digest 1069 string +ATTRIBUTE Digest-CNonce 1070 string +ATTRIBUTE Digest-Nonce-Count 1071 string +ATTRIBUTE Digest-User-Name 1072 string @@ -165,6 +171,9 @@ VALUE Service-Type Outbound-User 5 VALUE Service-Type Administrative-User 6 VALUE Service-Type NAS-Prompt-User 7 +VALUE Service-Type Call-Check 10 +VALUE Service-Type Group-Check 12 +VALUE Service-Type Sip-Session 15 # Framed Protocols @@ -196,6 +205,7 @@ VALUE Acct-Status-Type Stop 2 VALUE Acct-Status-Type Accounting-On 7 VALUE Acct-Status-Type Accounting-Off 8 +VALUE Acct-Status-Type Failed 15 # Authentication Types Index: auth_radius/Makefile =================================================================== RCS file: /cvsroot/ser/sip_router/modules/auth_radius/Makefile,v retrieving revision 1.4 diff -d -u -d -u -r1.4 Makefile --- auth_radius/Makefile 2003/05/23 15:43:42 1.4 +++ auth_radius/Makefile 2003/12/09 12:19:25 @@ -8,6 +8,7 @@ include ../../Makefile.defs auto_gen= NAME=auth_radius.so +DEFS+=-I$(LOCALBASE)/include LIBS=-L$(LOCALBASE)/lib -L/usr/pkg/lib -lradiusclient include ../../Makefile.modules Index: auth_radius/authorize.c =================================================================== RCS file: /cvsroot/ser/sip_router/modules/auth_radius/authorize.c,v retrieving revision 1.10 diff -d -u -d -u -r1.10 authorize.c --- auth_radius/authorize.c 2003/11/05 03:49:43 1.10 +++ auth_radius/authorize.c 2003/12/09 12:19:25 @@ -128,7 +128,7 @@ /* Clear the rpid buffer from previous value */ rpid.len = 0; - res = radius_authorize_sterman(&cred->digest, &_msg->first_line.u.request.method, &user, &rpid); + res = radius_authorize_sterman(_msg, &cred->digest, &_msg->first_line.u.request.method, &user, &rpid); pkg_free(user.s); if (res == 1) { Index: auth_radius/authrad_mod.c =================================================================== RCS file: /cvsroot/ser/sip_router/modules/auth_radius/authrad_mod.c,v retrieving revision 1.12 diff -d -u -d -u -r1.12 authrad_mod.c --- auth_radius/authrad_mod.c 2003/09/11 22:00:27 1.12 +++ auth_radius/authrad_mod.c 2003/12/09 12:19:25 @@ -45,13 +45,18 @@ #include "authrad_mod.h" #include "authorize.h" #include <radiusclient.h> -#include "dict.h" +#include "../../modules/acc/dict.h" MODULE_VERSION pre_auth_f pre_auth_func = 0; /* Pre authorization function from auth module */ post_auth_f post_auth_func = 0; /* Post authorization function from auth module */ +struct attr attrs[A_MAX]; +struct val vals[V_MAX]; +void *rh; +int ciscopec; + static int mod_init(void); /* Module initialization function */ static int str_fixup(void** param, int param_no); /* char* -> str* */ @@ -59,8 +64,8 @@ /* * Module parameter variables */ -char* radius_config = "/usr/local/etc/radiusclient/radiusclient.conf"; -int service_type = PW_SIP_SESSION; +static char* radius_config = "/usr/local/etc/radiusclient/radiusclient.conf"; +static int service_type = -1; /* @@ -103,25 +108,60 @@ */ static int mod_init(void) { + DICT_VENDOR *vend; + DBG("auth_radius - Initializing\n"); - if (rc_read_config(radius_config) != 0) { + memset(attrs, 0, sizeof(attrs)); + memset(attrs, 0, sizeof(vals)); + attrs[A_SERVICE_TYPE].n = "Service-Type"; + attrs[A_SIP_RPID].n = "Sip-RPId"; + attrs[A_SIP_URI_USER].n = "Sip-URI-User"; + attrs[A_DIGEST_RESPONSE].n = "Digest-Response"; + attrs[A_DIGEST_ALGORITHM].n = "Digest-Algorithm"; + attrs[A_DIGEST_BODY_DIGEST].n = "Digest-Body-Digest"; + attrs[A_DIGEST_CNONCE].n = "Digest-CNonce"; + attrs[A_DIGEST_NONCE_COUNT].n = "Digest-Nonce-Count"; + attrs[A_DIGEST_QOP].n = "Digest-QOP"; + attrs[A_DIGEST_METHOD].n = "Digest-Method"; + attrs[A_DIGEST_URI].n = "Digest-URI"; + attrs[A_DIGEST_NONCE].n = "Digest-Nonce"; + attrs[A_DIGEST_REALM].n = "Digest-Realm"; + attrs[A_DIGEST_USER_NAME].n = "Digest-User-Name"; + attrs[A_USER_NAME].n = "User-Name"; + attrs[A_CISCO_AVPAIR].n = "Cisco-AVPair"; + vals[V_SIP_SESSION].n = "Sip-Session"; + + if ((rh = rc_read_config(radius_config)) == NULL) { LOG(L_ERR, "auth_radius: Error opening configuration file \n"); return -1; } - - if (rc_read_dictionary(rc_conf_str("dictionary")) != 0) { + + if (rc_read_dictionary(rh, rc_conf_str(rh, "dictionary")) != 0) { LOG(L_ERR, "auth_radius: Error opening dictionary file \n"); return -2; } + vend = rc_dict_findvend(rh, "Cisco"); + if (vend == NULL) { + LOG(L_ERR, "auth_radius: No `Cisco' vendor in Radius " + "dictionary\n"); + return -3; + } + ciscopec = vend->vendorpec; + pre_auth_func = (pre_auth_f)find_export("pre_auth", 0, 0); post_auth_func = (post_auth_f)find_export("post_auth", 0, 0); if (!(pre_auth_func && post_auth_func)) { LOG(L_ERR, "auth_radius: This module requires auth module\n"); - return -3; + return -4; } + + INIT_AV(rh, attrs, vals, "auth_radius", -5, -6); + + if (service_type != -1) + vals[V_SIP_SESSION].v = service_type; return 0; } Index: auth_radius/authrad_mod.h =================================================================== RCS file: /cvsroot/ser/sip_router/modules/auth_radius/authrad_mod.h,v retrieving revision 1.3 diff -d -u -d -u -r1.3 authrad_mod.h --- auth_radius/authrad_mod.h 2003/05/02 12:21:54 1.3 +++ auth_radius/authrad_mod.h 2003/12/09 12:19:25 @@ -37,14 +37,12 @@ #include "../auth/api.h" +extern struct attr attrs[]; +extern struct val vals[]; +extern void *rh; +extern int ciscopec; extern pre_auth_f pre_auth_func; extern post_auth_f post_auth_func; -/* - * Module parameter variables - */ -extern char* radius_config; /* radiusclient configuration file */ -extern int service_type; /* radius service type used for access request */ - #endif /* AUTHRAD_MOD_H */ Index: auth_radius/dict.h =================================================================== RCS file: dict.h diff -N dict.h --- /tmp/cvsmA0FVN Tue Dec 9 13:19:25 2003 +++ /dev/null Tue Sep 4 15:27:29 2001 @@ -1,66 +0,0 @@ -/* - * $Id: dict.h,v 1.1 2003/09/11 22:00:27 janakj Exp $ - * - * Digest Authentication - Radius support - * Definitions not found in radiusclient.h - * - * Copyright (C) 2001-2003 Fhg Fokus - * - * This file is part of ser, a free SIP server. - * - * ser is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version - * - * For a license to use the ser software under conditions - * other than those described here, or to purchase support for this - * software, please contact iptel.org by e-mail at the following addresses: - * info(a)iptel.org - * - * ser is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - * - * History: - * ------- - * 2003-03-09: Based on ser_radius.h from radius_auth (janakj) - */ - -/* - * WARNING: Don't forget to update the dictionary if you update the file !!! - */ - -#ifndef DICT_H -#define DICT_H - -/* Service types */ -#define PW_CALL_CHECK 10 -#define PW_EMERGENCY_CALL 13 -#define PW_SIP_SESSION 15 - -/* Attributes*/ -#define PW_DIGEST_RESPONSE 206 /* string */ -#define PW_DIGEST_ATTRIBUTES 207 /* string */ - -#define PW_SIP_URI_USER 208 /* string */ -#define PW_SIP_RPID 213 /* string */ - -#define PW_DIGEST_REALM 1063 /* string */ -#define PW_DIGEST_NONCE 1064 /* string */ -#define PW_DIGEST_METHOD 1065 /* string */ -#define PW_DIGEST_URI 1066 /* string */ -#define PW_DIGEST_QOP 1067 /* string */ -#define PW_DIGEST_ALGORITHM 1068 /* string */ -#define PW_DIGEST_BODY_DIGEST 1069 /* string */ -#define PW_DIGEST_CNONCE 1070 /* string */ -#define PW_DIGEST_NONCE_COUNT 1071 /* string */ -#define PW_DIGEST_USER_NAME 1072 /* string */ - - -#endif /* DICT_H */ Index: auth_radius/sterman.c =================================================================== RCS file: /cvsroot/ser/sip_router/modules/auth_radius/sterman.c,v retrieving revision 1.7 diff -d -u -d -u -r1.7 sterman.c --- auth_radius/sterman.c 2003/09/11 22:00:27 1.7 +++ auth_radius/sterman.c 2003/12/09 12:19:25 @@ -32,11 +32,12 @@ */ +#include <stdlib.h> #include <string.h> #include "../../mem/mem.h" #include "../../dprint.h" #include "../auth/api.h" -#include "dict.h" +#include "../../modules/acc/dict.h" #include "sterman.h" #include "authrad_mod.h" #include <radiusclient.h> @@ -49,12 +50,12 @@ * which can be be used as a check item in the request. Service type of * the request is Authenticate-Only. */ -int radius_authorize_sterman(dig_cred_t* _cred, str* _method, str* _user, str* _rpid) +int radius_authorize_sterman(struct sip_msg* _msg, dig_cred_t* _cred, str* _method, str* _user, str* _rpid) { static char msg[4096]; VALUE_PAIR *send, *received, *vp; UINT4 service; - str method, user, user_name; + str method, user, user_name, callid; int i; send = received = 0; @@ -73,8 +74,8 @@ */ if (_cred->username.domain.len) { - if (!rc_avpair_add(&send, PW_USER_NAME, _cred->username.whole.s, _cred->username.whole.len)) { - LOG(L_ERR, "sterman(): Unable to add PW_USER_NAME attribute\n"); + if (!rc_avpair_add(rh, &send, attrs[A_USER_NAME].v, _cred->username.whole.s, _cred->username.whole.len, 0)) { + LOG(L_ERR, "sterman(): Unable to add User-Name attribute\n"); rc_avpair_free(send); return -2; } @@ -88,8 +89,8 @@ memcpy(user_name.s, _cred->username.whole.s, _cred->username.whole.len); user_name.s[_cred->username.whole.len] = '@'; memcpy(user_name.s + _cred->username.whole.len + 1, _cred->realm.s, _cred->realm.len); - if (!rc_avpair_add(&send, PW_USER_NAME, user_name.s, user_name.len)) { - LOG(L_ERR, "sterman(): Unable to add PW_USER_NAME attribute\n"); + if (!rc_avpair_add(rh, &send, attrs[A_USER_NAME].v, user_name.s, user_name.len, 0)) { + LOG(L_ERR, "sterman(): Unable to add User-Name attribute\n"); pkg_free(user_name.s); rc_avpair_free(send); return -4; @@ -97,30 +98,30 @@ pkg_free(user_name.s); } - if (!rc_avpair_add(&send, PW_DIGEST_USER_NAME, _cred->username.whole.s, _cred->username.whole.len)) { - LOG(L_ERR, "sterman(): Unable to add PW_DIGEST_USER_NAME attribute\n"); + if (!rc_avpair_add(rh, &send, attrs[A_DIGEST_USER_NAME].v, _cred->username.whole.s, _cred->username.whole.len, 0)) { + LOG(L_ERR, "sterman(): Unable to add Digest-User-Name attribute\n"); rc_avpair_free(send); return -5; } - if (!rc_avpair_add(&send, PW_DIGEST_REALM, _cred->realm.s, _cred->realm.len)) { - LOG(L_ERR, "sterman(): Unable to add PW_DIGEST_REALM attribute\n"); + if (!rc_avpair_add(rh, &send, attrs[A_DIGEST_REALM].v, _cred->realm.s, _cred->realm.len, 0)) { + LOG(L_ERR, "sterman(): Unable to add Digest-Realm attribute\n"); rc_avpair_free(send); return -6; } - if (!rc_avpair_add(&send, PW_DIGEST_NONCE, _cred->nonce.s, _cred->nonce.len)) { - LOG(L_ERR, "sterman(): Unable to add PW_DIGEST_NONCE attribute\n"); + if (!rc_avpair_add(rh, &send, attrs[A_DIGEST_NONCE].v, _cred->nonce.s, _cred->nonce.len, 0)) { + LOG(L_ERR, "sterman(): Unable to add Digest-Nonce attribute\n"); rc_avpair_free(send); return -7; } - if (!rc_avpair_add(&send, PW_DIGEST_URI, _cred->uri.s, _cred->uri.len)) { - LOG(L_ERR, "sterman(): Unable to add PW_DIGEST_URI attribute\n"); + if (!rc_avpair_add(rh, &send, attrs[A_DIGEST_URI].v, _cred->uri.s, _cred->uri.len, 0)) { + LOG(L_ERR, "sterman(): Unable to add Digest-URI attribute\n"); rc_avpair_free(send); return -8; } - if (!rc_avpair_add(&send, PW_DIGEST_METHOD, method.s, method.len)) { - LOG(L_ERR, "sterman(): Unable to add PW_DIGEST_METHOD attribute\n"); + if (!rc_avpair_add(rh, &send, attrs[A_DIGEST_METHOD].v, method.s, method.len, 0)) { + LOG(L_ERR, "sterman(): Unable to add Digest-Method attribute\n"); rc_avpair_free(send); return -9; } @@ -129,39 +130,39 @@ * Add the additional authentication fields according to the QOP. */ if (_cred->qop.qop_parsed == QOP_AUTH) { - if (!rc_avpair_add(&send, PW_DIGEST_QOP, "auth", 4)) { - LOG(L_ERR, "sterman(): Unable to add PW_DIGEST_QOP attribute\n"); + if (!rc_avpair_add(rh, &send, attrs[A_DIGEST_QOP].v, "auth", 4, 0)) { + LOG(L_ERR, "sterman(): Unable to add Digest-QOP attribute\n"); rc_avpair_free(send); return -10; } - if (!rc_avpair_add(&send, PW_DIGEST_NONCE_COUNT, _cred->nc.s, _cred->nc.len)) { - LOG(L_ERR, "sterman(): Unable to add PW_DIGEST_NONCE_COUNT attribute\n"); + if (!rc_avpair_add(rh, &send, attrs[A_DIGEST_NONCE_COUNT].v, _cred->nc.s, _cred->nc.len, 0)) { + LOG(L_ERR, "sterman(): Unable to add Digest-CNonce-Count attribute\n"); rc_avpair_free(send); return -11; } - if (!rc_avpair_add(&send, PW_DIGEST_CNONCE, _cred->cnonce.s, _cred->cnonce.len)) { - LOG(L_ERR, "sterman(): Unable to add PW_DIGEST_CNONCE attribute\n"); + if (!rc_avpair_add(rh, &send, attrs[A_DIGEST_CNONCE].v, _cred->cnonce.s, _cred->cnonce.len, 0)) { + LOG(L_ERR, "sterman(): Unable to add Digest-CNonce attribute\n"); rc_avpair_free(send); return -12; } } else if (_cred->qop.qop_parsed == QOP_AUTHINT) { - if (!rc_avpair_add(&send, PW_DIGEST_QOP, "auth-int", 8)) { - LOG(L_ERR, "sterman(): Unable to add PW_DIGEST_QOP attribute\n"); + if (!rc_avpair_add(rh, &send, attrs[A_DIGEST_QOP].v, "auth-int", 8, 0)) { + LOG(L_ERR, "sterman(): Unable to add Digest-QOP attribute\n"); rc_avpair_free(send); return -13; } - if (!rc_avpair_add(&send, PW_DIGEST_NONCE_COUNT, _cred->nc.s, _cred->nc.len)) { - LOG(L_ERR, "sterman(): Unable to add PW_DIGEST_NONCE_COUNT attribute\n"); + if (!rc_avpair_add(rh, &send, attrs[A_DIGEST_NONCE_COUNT].v, _cred->nc.s, _cred->nc.len, 0)) { + LOG(L_ERR, "sterman(): Unable to add Digest-Nonce-Count attribute\n"); rc_avpair_free(send); return -14; } - if (!rc_avpair_add(&send, PW_DIGEST_CNONCE, _cred->cnonce.s, _cred->cnonce.len)) { - LOG(L_ERR, "sterman(): Unable to add PW_DIGEST_CNONCE attribute\n"); + if (!rc_avpair_add(rh, &send, attrs[A_DIGEST_CNONCE].v, _cred->cnonce.s, _cred->cnonce.len, 0)) { + LOG(L_ERR, "sterman(): Unable to add Digest-CNonce attribute\n"); rc_avpair_free(send); return -15; } - if (!rc_avpair_add(&send, PW_DIGEST_BODY_DIGEST, _cred->opaque.s, _cred->opaque.len)) { - LOG(L_ERR, "sterman(): Unable to add PW_DIGEST_BODY_DIGEST attribute\n"); + if (!rc_avpair_add(rh, &send, attrs[A_DIGEST_BODY_DIGEST].v, _cred->opaque.s, _cred->opaque.len, 0)) { + LOG(L_ERR, "sterman(): Unable to add Digest-Body-Digest attribute\n"); rc_avpair_free(send); return -16; } @@ -170,73 +171,60 @@ /* send nothing for qop == "" */ } - /* - * Now put everything place all the previous attributes into the - * PW_DIGEST_ATTRIBUTES - */ - - /* - * Fix up Digest-Attributes issues see draft-sterman-aaa-sip-00 - */ - for (vp = send; vp; vp = vp->next) { - switch (vp->attribute) { - default: - break; - - /* Fall thru the know values */ - case PW_DIGEST_REALM: - case PW_DIGEST_NONCE: - case PW_DIGEST_METHOD: - case PW_DIGEST_URI: - case PW_DIGEST_QOP: - case PW_DIGEST_ALGORITHM: - case PW_DIGEST_BODY_DIGEST: - case PW_DIGEST_CNONCE: - case PW_DIGEST_NONCE_COUNT: - case PW_DIGEST_USER_NAME: - - /* overlapping! */ - memmove(&vp->strvalue[2], &vp->strvalue[0], vp->lvalue); - vp->strvalue[0] = vp->attribute - PW_DIGEST_REALM + 1; - vp->lvalue += 2; - vp->strvalue[1] = vp->lvalue; - vp->attribute = PW_DIGEST_ATTRIBUTES; - break; - } - } - /* Add the response... What to calculate against... */ - if (!rc_avpair_add(&send, PW_DIGEST_RESPONSE, _cred->response.s, _cred->response.len)) { - LOG(L_ERR, "sterman(): Unable to add PW_DIGEST_RESPONSE attribute\n"); + if (!rc_avpair_add(rh, &send, attrs[A_DIGEST_RESPONSE].v, _cred->response.s, _cred->response.len, 0)) { + LOG(L_ERR, "sterman(): Unable to add Digest-Response attribute\n"); rc_avpair_free(send); return -17; } /* Indicate the service type, Authenticate only in our case */ - service = service_type; - if (!rc_avpair_add(&send, PW_SERVICE_TYPE, &service, 0)) { - LOG(L_ERR, "sterman(): Unable to add PW_SERVICE_TYPE attribute\n"); + service = vals[V_SIP_SESSION].v; + if (!rc_avpair_add(rh, &send, attrs[A_SERVICE_TYPE].v, &service, 0, 0)) { + LOG(L_ERR, "sterman(): Unable to add Service-Type attribute\n"); rc_avpair_free(send); return -18; } /* Add SIP URI as a check item */ - if (!rc_avpair_add(&send, PW_SIP_URI_USER, user.s, user.len)) { - LOG(L_ERR, "sterman(): Unable to add PW_SIP_URI_USER attribute\n"); + if (!rc_avpair_add(rh, &send, attrs[A_SIP_URI_USER].v, user.s, user.len, 0)) { + LOG(L_ERR, "sterman(): Unable to add Sip-URI-User attribute\n"); rc_avpair_free(send); return -19; } - + + /* Add SIP Call-ID as a Cisco VSA, like IOS does */ + if (_msg->callid == NULL || _msg->callid->body.s == NULL) { + LOG(L_ERR, "sterman(): Call-ID is missed\n"); + rc_avpair_free(send); + return -20; + } + callid.len = _msg->callid->body.len + 8; + callid.s = alloca(callid.len); + if (callid.s == NULL) { + LOG(L_ERR, "sterman(): No memory left\n"); + rc_avpair_free(send); + return -21; + } + memcpy(callid.s, "call-id=", 8); + memcpy(callid.s + 8, _msg->callid->body.s, _msg->callid->body.len); + if (rc_avpair_add(rh, &send, attrs[A_CISCO_AVPAIR].v, callid.s, + callid.len, ciscopec) == 0) { + LOG(L_ERR, "sterman(): Unable to add Cisco-AVPair attribute\n"); + rc_avpair_free(send); + return -22; + } + /* Send request */ - if ((i = rc_auth(SIP_PORT, send, &received, msg)) == OK_RC) { + if ((i = rc_auth(rh, SIP_PORT, send, &received, msg)) == OK_RC) { DBG("radius_authorize_sterman(): Success\n"); rc_avpair_free(send); /* Make a copy of rpid if available */ - if ((vp = rc_avpair_get(received, PW_SIP_RPID))) { + if ((vp = rc_avpair_get(received, attrs[A_SIP_RPID].v, 0))) { if (MAX_RPID_LEN < vp->lvalue) { LOG(L_ERR, "radius_authorize_sterman(): rpid buffer too small\n"); - return -20; + return -23; } memcpy(_rpid->s, vp->strvalue, vp->lvalue); _rpid->len = vp->lvalue; @@ -249,6 +237,6 @@ DBG("radius_authorize_sterman(): Failure\n"); rc_avpair_free(send); rc_avpair_free(received); - return -21; + return -24; } } Index: auth_radius/sterman.h =================================================================== RCS file: /cvsroot/ser/sip_router/modules/auth_radius/sterman.h,v retrieving revision 1.3 diff -d -u -d -u -r1.3 sterman.h --- auth_radius/sterman.h 2003/04/28 22:04:33 1.3 +++ auth_radius/sterman.h 2003/12/09 12:19:25 @@ -45,6 +45,6 @@ * which can be be used as a check item in the request. Service type of * the request is Authenticate-Only. */ -int radius_authorize_sterman(dig_cred_t* _cred, str* _method, str* _user, str* _rpid); +int radius_authorize_sterman(struct sip_msg* _msg, dig_cred_t* _cred, str* _method, str* _user, str* _rpid); #endif /* STERMAN_H */ Index: group_radius/Makefile =================================================================== RCS file: /cvsroot/ser/sip_router/modules/group_radius/Makefile,v retrieving revision 1.3 diff -d -u -d -u -r1.3 Makefile --- group_radius/Makefile 2003/05/23 15:43:43 1.3 +++ group_radius/Makefile 2003/12/09 12:19:25 @@ -8,6 +8,7 @@ include ../../Makefile.defs auto_gen= NAME=group_radius.so +DEFS+=-I$(LOCALBASE)/include LIBS=-L$(LOCALBASE)/lib -L/usr/pkg/lib -lradiusclient include ../../Makefile.modules Index: group_radius/dict.h =================================================================== RCS file: dict.h diff -N dict.h --- /tmp/cvs6nqAD9 Tue Dec 9 13:19:25 2003 +++ /dev/null Tue Sep 4 15:27:29 2001 @@ -1,47 +0,0 @@ -/* - * $Id: dict.h,v 1.1 2003/09/11 22:02:02 janakj Exp $ - * - * Group Membership - Radius - * Definitions not found in radiusclient.h - * - * Copyright (C) 2001-2003 Fhg Fokus - * - * This file is part of ser, a free SIP server. - * - * ser is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version - * - * For a license to use the ser software under conditions - * other than those described here, or to purchase support for this - * software, please contact iptel.org by e-mail at the following addresses: - * info(a)iptel.org - * - * ser is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - * - * History: - * ------- - * 2003-03-09: Based on ser_radius.h from radius_auth (janakj) - */ - -/* - * WARNING: Don't forget to update the dictionary if you update this file !!! - */ - -#ifndef DICT_H -#define DICT_H - -/* Service-Type */ -#define PW_GROUP_CHECK 12 - -#define PW_SIP_GROUP 211 /* string */ - -#endif /* DICT_H */ Index: group_radius/group.c =================================================================== RCS file: /cvsroot/ser/sip_router/modules/group_radius/group.c,v retrieving revision 1.5 diff -d -u -d -u -r1.5 group.c --- group_radius/group.c 2003/09/11 22:02:02 1.5 +++ group_radius/group.c 2003/12/09 12:19:25 @@ -44,7 +44,7 @@ #include "../../parser/hf.h" #include "../../parser/digest/digest.h" #include "group.h" -#include "dict.h" +#include "../../modules/acc/dict.h" #include "grouprad_mod.h" @@ -191,8 +191,8 @@ user_name = user; } - if (!rc_avpair_add(&send, PW_USER_NAME, user_name.s, user_name.len)) { - LOG(L_ERR, "radius_is_user_in(): Error adding PW_USER_NAME\n"); + if (!rc_avpair_add(rh, &send, attrs[A_USER_NAME].v, user_name.s, user_name.len, 0)) { + LOG(L_ERR, "radius_is_user_in(): Error adding User-Name attribute\n"); rc_avpair_free(send); if (use_domain) pkg_free(user_name.s); return -7; @@ -200,19 +200,19 @@ if (use_domain) pkg_free(user_name.s); - if (!rc_avpair_add(&send, PW_SIP_GROUP, grp->s, grp->len)) { - LOG(L_ERR, "radius_is_user_in(): Error adding PW_SIP_GROUP\n"); + if (!rc_avpair_add(rh, &send, attrs[A_SIP_GROUP].v, grp->s, grp->len, 0)) { + LOG(L_ERR, "radius_is_user_in(): Error adding Sip-Group attribute\n"); return -8; } - service = PW_GROUP_CHECK; - if (!rc_avpair_add(&send, PW_SERVICE_TYPE, &service, 0)) { - LOG(L_ERR, "radius_is_user_in(): Error adding PW_SERVICE_TYPE\n"); + service = vals[V_GROUP_CHECK].v; + if (!rc_avpair_add(rh, &send, attrs[A_SERVICE_TYPE].v, &service, 0, 0)) { + LOG(L_ERR, "radius_is_user_in(): Error adding Service-Type attribute\n"); rc_avpair_free(send); return -9; } - if (rc_auth(0, send, &received, msg) == OK_RC) { + if (rc_auth(rh, 0, send, &received, msg) == OK_RC) { DBG("radius_is_user_in(): Success\n"); rc_avpair_free(send); rc_avpair_free(received); Index: group_radius/grouprad_mod.c =================================================================== RCS file: /cvsroot/ser/sip_router/modules/group_radius/grouprad_mod.c,v retrieving revision 1.6 diff -d -u -d -u -r1.6 grouprad_mod.c --- group_radius/grouprad_mod.c 2003/04/27 18:17:24 1.6 +++ group_radius/grouprad_mod.c 2003/12/09 12:19:25 @@ -40,11 +40,16 @@ #include "../../dprint.h" #include "../../sr_module.h" #include "../../mem/mem.h" +#include "../../modules/acc/dict.h" #include "grouprad_mod.h" #include "group.h" MODULE_VERSION +void *rh; +struct attr attrs[A_MAX]; +struct val vals[V_MAX]; + static int mod_init(void); /* Module initialization function */ static int hf_fixup(void** param, int param_no); /* Header field fixup */ @@ -52,7 +57,7 @@ /* * Module parameter variables */ -char* radius_config = "/usr/local/etc/radiusclient/radiusclient.conf"; +static char* radius_config = "/usr/local/etc/radiusclient/radiusclient.conf"; int use_domain = 1; /* By default we use domain */ @@ -93,16 +98,24 @@ static int mod_init(void) { DBG("group_radius - initializing\n"); - - if (rc_read_config(radius_config) != 0) { + + memset(attrs, 0, sizeof(attrs)); + memset(attrs, 0, sizeof(vals)); + attrs[A_SERVICE_TYPE].n = "Service-Type"; + attrs[A_USER_NAME].n = "User-Name"; + vals[V_GROUP_CHECK].n = "Group-Check"; + + if ((rh = rc_read_config(radius_config)) == NULL) { LOG(L_ERR, "group_radius: Error opening configuration file \n"); return -1; } - if (rc_read_dictionary(rc_conf_str("dictionary")) != 0) { + if (rc_read_dictionary(rh, rc_conf_str(rh, "dictionary")) != 0) { LOG(L_ERR, "group_radius: Error opening dictionary file \n"); return -2; } + + INIT_AV(rh, attrs, vals, "group_radius", -3, -4); return 0; } Index: group_radius/grouprad_mod.h =================================================================== RCS file: /cvsroot/ser/sip_router/modules/group_radius/grouprad_mod.h,v retrieving revision 1.3 diff -d -u -d -u -r1.3 grouprad_mod.h --- group_radius/grouprad_mod.h 2003/03/12 21:47:49 1.3 +++ group_radius/grouprad_mod.h 2003/12/09 12:19:25 @@ -34,10 +34,13 @@ #ifndef GROUPRAD_MOD_H #define GROUPRAD_MOD_H +extern struct attr attrs[]; +extern struct val vals[]; +extern void *rh; + /* * Module parameter variables */ -extern char* radius_config; /* radiusclient configuration file */ extern int use_domain; /* Should we use also domain ? */ #endif /* GROUPRAD_MOD_H */ Index: uri_radius/Makefile =================================================================== RCS file: /cvsroot/ser/sip_router/modules/uri_radius/Makefile,v retrieving revision 1.3 diff -d -u -d -u -r1.3 Makefile --- uri_radius/Makefile 2003/05/23 15:43:44 1.3 +++ uri_radius/Makefile 2003/12/09 12:19:25 @@ -8,6 +8,7 @@ include ../../Makefile.defs auto_gen= NAME=uri_radius.so +DEFS+=-I$(LOCALBASE)/include LIBS=-L$(LOCALBASE)/lib -L/usr/pkg/lib -lradiusclient include ../../Makefile.modules Index: uri_radius/checks.c =================================================================== RCS file: /cvsroot/ser/sip_router/modules/uri_radius/checks.c,v retrieving revision 1.3 diff -d -u -d -u -r1.3 checks.c --- uri_radius/checks.c 2003/09/11 22:03:58 1.3 +++ uri_radius/checks.c 2003/12/09 12:19:25 @@ -35,7 +35,7 @@ #include "../../mem/mem.h" #include "../../parser/parse_uri.h" #include "../../dprint.h" -#include "dict.h" +#include "../../modules/acc/dict.h" #include "checks.h" #include "urirad_mod.h" #include <radiusclient.h> @@ -74,22 +74,22 @@ at += _m->parsed_uri.host.len; *at = '\0'; - if (!rc_avpair_add(&send, PW_USER_NAME, uri, 0)) { + if (!rc_avpair_add(rh, &send, attrs[A_USER_NAME].v, uri, 0, 0)) { LOG(L_ERR, "radius_does_uri_exist(): Error adding User-Name\n"); rc_avpair_free(send); pkg_free(uri); return -3; } - service = service_type; - if (!rc_avpair_add(&send, PW_SERVICE_TYPE, &service, 0)) { + service = vals[V_CALL_CHECK].v; + if (!rc_avpair_add(rh, &send, attrs[A_SERVICE_TYPE].v, &service, 0, 0)) { LOG(L_ERR, "radius_does_uri_exist(): Error adding service type\n"); rc_avpair_free(send); pkg_free(uri); return -4; } - if (rc_auth(0, send, &received, msg) == OK_RC) { + if (rc_auth(rh, 0, send, &received, msg) == OK_RC) { DBG("radius_does_uri_exist(): Success\n"); rc_avpair_free(send); rc_avpair_free(received); Index: uri_radius/dict.h =================================================================== RCS file: dict.h diff -N dict.h --- /tmp/cvsMz7uyT Tue Dec 9 13:19:25 2003 +++ /dev/null Tue Sep 4 15:27:29 2001 @@ -1,44 +0,0 @@ -/* - * $Id: dict.h,v 1.1 2003/09/11 22:03:58 janakj Exp $ - * - * Group Membership - RADIUS - * Definitions not found in radiusclient.h - * - * Copyright (C) 2001-2003 Fhg Fokus - * - * This file is part of ser, a free SIP server. - * - * ser is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version - * - * For a license to use the ser software under conditions - * other than those described here, or to purchase support for this - * software, please contact iptel.org by e-mail at the following addresses: - * info(a)iptel.org - * - * ser is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - * - * History: - * ------- - * 2003-03-09: Based on ser_radius.h from radius_auth (janakj) - */ - -/* - * WARNING: Don't forget to update the dictionary if you update this file !!! - */ - -#ifndef DICT_H -#define DICT_H - -#define PW_CALL_CHECK 10 - -#endif /* DICT_H */ Index: uri_radius/urirad_mod.c =================================================================== RCS file: /cvsroot/ser/sip_router/modules/uri_radius/urirad_mod.c,v retrieving revision 1.5 diff -d -u -d -u -r1.5 urirad_mod.c --- uri_radius/urirad_mod.c 2003/09/11 22:03:58 1.5 +++ uri_radius/urirad_mod.c 2003/12/09 12:19:25 @@ -36,11 +36,14 @@ #include "../../sr_module.h" #include "urirad_mod.h" #include "checks.h" -#include "dict.h" +#include "../../modules/acc/dict.h" #include <radiusclient.h> MODULE_VERSION +struct attr attrs[A_MAX]; +struct val vals[V_MAX]; +void *rh; static int mod_init(void); /* Module initialization function */ @@ -48,8 +51,8 @@ /* * Module parameter variables */ -char* radius_config = "/usr/local/etc/radiusclient/radiusclient.conf"; -int service_type = PW_CALL_CHECK; +static char* radius_config = "/usr/local/etc/radiusclient/radiusclient.conf"; +static int service_type = -1; /* * Exported functions @@ -88,16 +91,27 @@ static int mod_init(void) { DBG("uri_radius - initializing\n"); - - if (rc_read_config(radius_config) != 0) { + + memset(attrs, 0, sizeof(attrs)); + memset(attrs, 0, sizeof(vals)); + attrs[A_SERVICE_TYPE].n = "Service-Type"; + attrs[A_USER_NAME].n = "User-Name"; + vals[V_CALL_CHECK].n = "Call-Check"; + + if ((rh = rc_read_config(radius_config)) == NULL) { LOG(L_ERR, "uri_radius: Error opening configuration file \n"); return -1; } - if (rc_read_dictionary(rc_conf_str("dictionary")) != 0) { + if (rc_read_dictionary(rh, rc_conf_str(rh, "dictionary")) != 0) { LOG(L_ERR, "uri_radius: Error opening dictionary file \n"); return -2; } + + INIT_AV(rh, attrs, vals, "uri_radius", -3, -4); + + if (service_type != -1) + vals[V_CALL_CHECK].v = service_type; return 0; } Index: uri_radius/urirad_mod.h =================================================================== RCS file: /cvsroot/ser/sip_router/modules/uri_radius/urirad_mod.h,v retrieving revision 1.2 diff -d -u -d -u -r1.2 urirad_mod.h --- uri_radius/urirad_mod.h 2003/05/02 12:20:59 1.2 +++ uri_radius/urirad_mod.h 2003/12/09 12:19:25 @@ -34,10 +34,8 @@ #ifndef URIRAD_MOD_H #define URIRAD_MOD_H -/* - * Module parameter variables - */ -extern char* radius_config; /* radiusclient configuration file */ -extern int service_type; /* radius service type for uri check */ +extern struct attr attrs[]; +extern struct val vals[]; +extern void *rh; #endif /* URIRAD_MOD_H */