summaryrefslogtreecommitdiff
path: root/radsecproxy.c
diff options
context:
space:
mode:
authorvenaas <venaas>2007-01-03 15:24:47 +0000
committervenaas <venaas@e88ac4ed-0b26-0410-9574-a7f39faa03bf>2007-01-03 15:24:47 +0000
commit623465adb658a9aed954a3da9118f3a29aa92806 (patch)
treeb011f34663e5995c9d06cb931084dec8103c4b4d /radsecproxy.c
parenteaee4a19751a8501930c037c5865f88eafb48052 (diff)
radsrv realm routing changes
git-svn-id: https://svn.testnett.uninett.no/radsecproxy/trunk@16 e88ac4ed-0b26-0410-9574-a7f39faa03bf
Diffstat (limited to 'radsecproxy.c')
-rw-r--r--radsecproxy.c46
1 files changed, 28 insertions, 18 deletions
diff --git a/radsecproxy.c b/radsecproxy.c
index 233412a..99dd652 100644
--- a/radsecproxy.c
+++ b/radsecproxy.c
@@ -471,6 +471,23 @@ int pwdcrypt(uint8_t *plain, uint8_t *enc, uint8_t enclen, uint8_t *shared, uint
return 1;
}
+struct peer *id2peer(char *id, uint8_t len) {
+ int i;
+ char **realm;
+
+ for (i = 0; i < peer_count; i++) {
+ for (realm = peers[i].realms; *realm; realm++) {
+ /* assume test@domain */
+ printf("realmlength %d, usernamelenght %d\n", strlen(*realm), len);
+ if (strlen(*realm) == len && !memcmp(id + 5, *realm, len)) {
+ printf("found matching realm: %s, host %s\n", *realm, peers[i].host);
+ return peers + i;
+ }
+ }
+ }
+ return NULL;
+}
+
struct peer *radsrv(struct request *rq, char *buf, struct peer *from) {
uint8_t code, id, *auth, *attr, *usernameattr = NULL, *userpwdattr = NULL, pwd[128], pwdlen;
int i;
@@ -478,7 +495,6 @@ struct peer *radsrv(struct request *rq, char *buf, struct peer *from) {
int left;
struct peer *to;
unsigned char newauth[16];
- char **realm;
code = *(uint8_t *)buf;
id = *(uint8_t *)(buf + 1);
@@ -516,29 +532,23 @@ struct peer *radsrv(struct request *rq, char *buf, struct peer *from) {
if (usernameattr) {
printf("radsrv: Username: ");
- for (i = 0; i < usernameattr[RAD_Attr_Length]; i++)
+ for (i = 0; i < usernameattr[RAD_Attr_Length] - 2; i++)
printf("%c", usernameattr[RAD_Attr_Value + i]);
printf("\n");
}
/* find out where to send the packet, for now we send to first connected
TLS peer if UDP, and first UDP peer if TLS */
-
- i = peer_count;
-
- for (i = 0; i < peer_count; i++) {
- for (realm = peers[i].realms; *realm; realm++) {
- /* assume test@domain */
- printf("realmlength %d, usernamelenght %d, usernameattr+5 %s\n", strlen(*realm), usernameattr[RAD_Attr_Length] - 5, usernameattr + 5);
- if (strlen(*realm) == usernameattr[RAD_Attr_Length] - 5 && !memcmp(usernameattr + 5, *realm, strlen(*realm))) {
- printf("found matching realm: %s, host %s\n", *realm, peers[i].host);
- break;
- }
- }
- if (*realm)
- break;
+
+ to = id2peer(&usernameattr[RAD_Attr_Value], usernameattr[RAD_Attr_Length] - 2);
+ if (!to) {
+ printf("radsrv: ignoring request, don't know where to send it\n");
+ return NULL;
}
+
#if 0
+ i = peer_count;
+
switch (from->type) {
case 'U':
for (i = 0; i < peer_count; i++)
@@ -551,8 +561,6 @@ struct peer *radsrv(struct request *rq, char *buf, struct peer *from) {
break;
break;
}
-#endif
-
if (i == peer_count) {
printf("radsrv: ignoring request, don't know where to send it\n");
return NULL;
@@ -560,6 +568,8 @@ struct peer *radsrv(struct request *rq, char *buf, struct peer *from) {
to = &peers[i];
+#endif
+
if (!RAND_bytes(newauth, 16)) {
printf("radsrv: failed to generate random auth\n");
return NULL;