sipwise
/
kamailio
mirror of https://github.com/sipwise/kamailio.git
1
0
Fork 0
Code Issues Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'fa39cc9fbe'
${ noResults }
kamailio/modules_s/auth_radius/authrad_mod.c

205 lines
5.5 KiB
Raw Blame History

/*
* $Id$
*
* Digest Authentication - Radius support
*
* Copyright (C) 2001-2003 FhG Fokus
*
* This file is part of ser, a free SIP server.
*
* ser is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version
*
* For a license to use the ser software under conditions
* other than those described here, or to purchase support for this
* software, please contact iptel.org by e-mail at the following addresses:
* info@iptel.org
*
* ser is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*
* History:
* -------
* 2003-03-09: Based on auth_mod.c from radius_auth (janakj)
* 2003-03-11: New module interface (janakj)
* 2003-03-16: flags export parameter added (janakj)
* 2003-03-19 all mallocs/frees replaced w/ pkg_malloc/pkg_free (andrei)
*/
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include "../../sr_module.h"
#include "../../error.h"
#include "../../dprint.h"
#include "../../mem/mem.h"
#include "../../config.h"
#include "authrad_mod.h"
#include "authorize.h"
#ifdef RADIUSCLIENT_NG_4
# include <radiusclient.h>
# else
# include <radiusclient-ng.h>
#endif
MODULE_VERSION
struct attr attrs[A_MAX];
struct val vals[V_MAX];
void *rh;
auth_api_s_t auth_api;
static int mod_init(void); /* Module initialization function */
int use_did = 1;
int use_ruri_flag = -1;
/*
* Module parameter variables
*/
static char* radius_config = "/usr/local/etc/radiusclient/radiusclient.conf";
static int service_type = -1;
/*
* Exported functions
*/
static cmd_export_t cmds[] = {
{"radius_www_authorize", radius_www_authorize, 1, fixup_var_str_1, REQUEST_ROUTE},
{"radius_proxy_authorize", radius_proxy_authorize, 1, fixup_var_str_1, REQUEST_ROUTE},
{"radius_www_authenticate", radius_www_authorize, 1, fixup_var_str_1, REQUEST_ROUTE},
{"radius_proxy_authenticate", radius_proxy_authorize, 1, fixup_var_str_1, REQUEST_ROUTE},
{0, 0, 0, 0, 0}
};
/*
* Exported parameters
*/
static param_export_t params[] = {
{"radius_config", PARAM_STRING, &radius_config },
{"service_type", PARAM_INT, &service_type },
{"use_did", PARAM_INT, &use_did },
{"use_ruri_flag", PARAM_INT, &use_ruri_flag },
{0, 0, 0}
};
/*
* Module interface
*/
struct module_exports exports = {
"auth_radius",
cmds, /* Exported functions */
0, /* RPC methods */
params, /* Exported parameters */
mod_init, /* module initialization function */
0, /* response function */
0, /* destroy function */
0, /* oncancel function */
0 /* child initialization function */
};
/*
* Module initialization function
*/
static int mod_init(void)
{
DICT_VENDOR *vend;
bind_auth_s_t bind_auth;
DBG("auth_radius - Initializing\n");
memset(attrs, 0, sizeof(attrs));
memset(vals, 0, sizeof(vals));
/* RFC2865, RFC2866 */
attrs[A_USER_NAME].n = "User-Name";
attrs[A_SERVICE_TYPE].n = "Service-Type";
/* draft-sterman-aaa-sip-00 */
attrs[A_DIGEST_RESPONSE].n = "Digest-Response";
attrs[A_DIGEST_REALM].n = "Digest-Realm";
attrs[A_DIGEST_NONCE].n = "Digest-Nonce";
attrs[A_DIGEST_METHOD].n = "Digest-Method";
attrs[A_DIGEST_URI].n = "Digest-URI";
attrs[A_DIGEST_QOP].n = "Digest-QOP";
attrs[A_DIGEST_ALGORITHM].n = "Digest-Algorithm";
attrs[A_DIGEST_BODY_DIGEST].n = "Digest-Body-Digest";
attrs[A_DIGEST_CNONCE].n = "Digest-CNonce";
attrs[A_DIGEST_NONCE_COUNT].n = "Digest-Nonce-Count";
attrs[A_DIGEST_USER_NAME].n = "Digest-User-Name";
/* SER-specific */
attrs[A_SER_URI_USER].n = "SER-Uri-User";
attrs[A_SER_ATTR].n = "SER-Attr";
attrs[A_SER_UID].n = "SER-UID";
attrs[A_SER_SERVICE_TYPE].n = "SER-Service-Type";
/* SER-Service-Type */
vals[V_DIGEST_AUTHENTICATION].n = "Digest-Authentication";
attrs[A_CISCO_AVPAIR].n = "Cisco-AVPair";
/* draft-schulzrinne-sipping-radius-accounting-00 */
vals[V_SIP_SESSION].n = "Sip-Session";
if ((rh = rc_read_config(radius_config)) == NULL) {
LOG(L_ERR, "auth_radius: Error opening configuration file \n");
return -1;
}
if (rc_read_dictionary(rh, rc_conf_str(rh, "dictionary")) != 0) {
LOG(L_ERR, "auth_radius: Error opening dictionary file \n");
return -2;
}
vend = rc_dict_findvend(rh, "Cisco");
if (vend == NULL) {
DBG("auth_radius: No `Cisco' vendor in Radius "
"dictionary\n");
attrs[A_CISCO_AVPAIR].n = NULL;
}
vend = rc_dict_findvend(rh, "iptelorg");
if (vend == NULL) {
ERR("RADIUS dictionary is missing required vendor 'iptelorg'\n");
return -1;
}
bind_auth = (bind_auth_s_t)find_export("bind_auth_s", 0, 0);
if (!bind_auth) {
LOG(L_ERR, "auth_radius: Unable to find bind_auth function\n");
return -1;
}
if (bind_auth(&auth_api) < 0) {
LOG(L_ERR, "auth_radius: Cannot bind to auth module\n");
return -4;
}
INIT_AV(rh, attrs, vals, "auth_radius", -5, -6);
if (service_type != -1) {
vals[V_SIP_SESSION].v = service_type;
}
return 0;
}
Reference in new issue View Git Blame Copy Permalink