aboutsummaryrefslogtreecommitdiffstats
path: root/src/radius
diff options
context:
space:
mode:
authorJouni Malinen <j@w1.fi>2009-12-19 17:26:57 +0200
committerJouni Malinen <j@w1.fi>2009-12-19 17:26:57 +0200
commit1489e11a9442929c96a00c0090c8912577fd2315 (patch)
tree338684790c87ef9d8155315525bef6ac0408b27c /src/radius
parentaa235d2ef75d7f20d19b8ec5416cd63222e4d64e (diff)
downloadexternal_wpa_supplicant_8_ti-1489e11a9442929c96a00c0090c8912577fd2315.zip
external_wpa_supplicant_8_ti-1489e11a9442929c96a00c0090c8912577fd2315.tar.gz
external_wpa_supplicant_8_ti-1489e11a9442929c96a00c0090c8912577fd2315.tar.bz2
Make struct radius_msg private to radius.c
This is internal data structure for RADIUS message handling and external code should not touch it directly.
Diffstat (limited to 'src/radius')
-rw-r--r--src/radius/radius.c46
-rw-r--r--src/radius/radius.h36
-rw-r--r--src/radius/radius_client.c24
-rw-r--r--src/radius/radius_server.c53
4 files changed, 95 insertions, 64 deletions
diff --git a/src/radius/radius.c b/src/radius/radius.c
index 656431a..70754ef 100644
--- a/src/radius/radius.c
+++ b/src/radius/radius.c
@@ -21,6 +21,52 @@
#include "radius.h"
+/**
+ * struct radius_msg - RADIUS message structure for new and parsed messages
+ */
+struct radius_msg {
+ /**
+ * buf - Allocated buffer for RADIUS message
+ */
+ struct wpabuf *buf;
+
+ /**
+ * hdr - Pointer to the RADIUS header in buf
+ */
+ struct radius_hdr *hdr;
+
+ /**
+ * attr_pos - Array of indexes to attributes
+ *
+ * The values are number of bytes from buf to the beginning of
+ * struct radius_attr_hdr.
+ */
+ size_t *attr_pos;
+
+ /**
+ * attr_size - Total size of the attribute pointer array
+ */
+ size_t attr_size;
+
+ /**
+ * attr_used - Total number of attributes in the array
+ */
+ size_t attr_used;
+};
+
+
+struct radius_hdr * radius_msg_get_hdr(struct radius_msg *msg)
+{
+ return msg->hdr;
+}
+
+
+struct wpabuf * radius_msg_get_buf(struct radius_msg *msg)
+{
+ return msg->buf;
+}
+
+
static struct radius_attr_hdr *
radius_get_attr_hdr(struct radius_msg *msg, int idx)
{
diff --git a/src/radius/radius.h b/src/radius/radius.h
index c4c80be..a3cdac0 100644
--- a/src/radius/radius.h
+++ b/src/radius/radius.h
@@ -173,39 +173,7 @@ struct radius_ms_mppe_keys {
};
-/**
- * struct radius_msg - RADIUS message structure for new and parsed messages
- */
-struct radius_msg {
- /**
- * buf - Allocated buffer for RADIUS message
- */
- struct wpabuf *buf;
-
- /**
- * hdr - Pointer to the RADIUS header in buf
- */
- struct radius_hdr *hdr;
-
- /**
- * attr_pos - Array of indexes to attributes
- *
- * The values are number of bytes from buf to the beginning of
- * struct radius_attr_hdr.
- */
- size_t *attr_pos;
-
- /**
- * attr_size - Total size of the attribute pointer array
- */
- size_t attr_size;
-
- /**
- * attr_used - Total number of attributes in the array
- */
- size_t attr_used;
-};
-
+struct radius_msg;
/* Default size to be allocated for new RADIUS messages */
#define RADIUS_DEFAULT_MSG_SIZE 1024
@@ -220,6 +188,8 @@ struct radius_msg {
/* MAC address ASCII format for non-802.1X use */
#define RADIUS_ADDR_FORMAT "%02x%02x%02x%02x%02x%02x"
+struct radius_hdr * radius_msg_get_hdr(struct radius_msg *msg);
+struct wpabuf * radius_msg_get_buf(struct radius_msg *msg);
struct radius_msg * radius_msg_new(u8 code, u8 identifier);
void radius_msg_free(struct radius_msg *msg);
void radius_msg_dump(struct radius_msg *msg);
diff --git a/src/radius/radius_client.c b/src/radius/radius_client.c
index f48df52..f55bd5f 100644
--- a/src/radius/radius_client.c
+++ b/src/radius/radius_client.c
@@ -330,6 +330,7 @@ static int radius_client_retransmit(struct radius_client_data *radius,
{
struct hostapd_radius_servers *conf = radius->conf;
int s;
+ struct wpabuf *buf;
if (entry->msg_type == RADIUS_ACCT ||
entry->msg_type == RADIUS_ACCT_INTERIM) {
@@ -354,11 +355,11 @@ static int radius_client_retransmit(struct radius_client_data *radius,
entry->attempts++;
hostapd_logger(radius->ctx, entry->addr, HOSTAPD_MODULE_RADIUS,
HOSTAPD_LEVEL_DEBUG, "Resending RADIUS message (id=%d)",
- entry->msg->hdr->identifier);
+ radius_msg_get_hdr(entry->msg)->identifier);
os_get_time(&entry->last_attempt);
- if (send(s, wpabuf_head(entry->msg->buf), wpabuf_len(entry->msg->buf),
- 0) < 0)
+ buf = radius_msg_get_buf(entry->msg);
+ if (send(s, wpabuf_head(buf), wpabuf_len(buf), 0) < 0)
radius_client_handle_send_error(radius, s, entry->msg_type);
entry->next_try = now + entry->next_wait;
@@ -632,6 +633,7 @@ int radius_client_send(struct radius_client_data *radius,
size_t shared_secret_len;
char *name;
int s, res;
+ struct wpabuf *buf;
if (msg_type == RADIUS_ACCT_INTERIM) {
/* Remove any pending interim acct update for the same STA. */
@@ -674,7 +676,8 @@ int radius_client_send(struct radius_client_data *radius,
if (conf->msg_dumps)
radius_msg_dump(msg);
- res = send(s, wpabuf_head(msg->buf), wpabuf_len(msg->buf), 0);
+ buf = radius_msg_get_buf(msg);
+ res = send(s, wpabuf_head(buf), wpabuf_len(buf), 0);
if (res < 0)
radius_client_handle_send_error(radius, s, msg_type);
@@ -693,6 +696,7 @@ static void radius_client_receive(int sock, void *eloop_ctx, void *sock_ctx)
int len, roundtrip;
unsigned char buf[3000];
struct radius_msg *msg;
+ struct radius_hdr *hdr;
struct radius_rx_handler *handlers;
size_t num_handlers, i;
struct radius_msg_list *req, *prev_req;
@@ -730,13 +734,14 @@ static void radius_client_receive(int sock, void *eloop_ctx, void *sock_ctx)
rconf->malformed_responses++;
return;
}
+ hdr = radius_msg_get_hdr(msg);
hostapd_logger(radius->ctx, NULL, HOSTAPD_MODULE_RADIUS,
HOSTAPD_LEVEL_DEBUG, "Received RADIUS message");
if (conf->msg_dumps)
radius_msg_dump(msg);
- switch (msg->hdr->code) {
+ switch (hdr->code) {
case RADIUS_CODE_ACCESS_ACCEPT:
rconf->access_accepts++;
break;
@@ -759,7 +764,8 @@ static void radius_client_receive(int sock, void *eloop_ctx, void *sock_ctx)
if ((req->msg_type == msg_type ||
(req->msg_type == RADIUS_ACCT_INTERIM &&
msg_type == RADIUS_ACCT)) &&
- req->msg->hdr->identifier == msg->hdr->identifier)
+ radius_msg_get_hdr(req->msg)->identifier ==
+ hdr->identifier)
break;
prev_req = req;
@@ -771,7 +777,7 @@ static void radius_client_receive(int sock, void *eloop_ctx, void *sock_ctx)
HOSTAPD_LEVEL_DEBUG,
"No matching RADIUS request found (type=%d "
"id=%d) - dropping packet",
- msg_type, msg->hdr->identifier);
+ msg_type, hdr->identifier);
goto fail;
}
@@ -820,7 +826,7 @@ static void radius_client_receive(int sock, void *eloop_ctx, void *sock_ctx)
hostapd_logger(radius->ctx, req->addr, HOSTAPD_MODULE_RADIUS,
HOSTAPD_LEVEL_DEBUG, "No RADIUS RX handler found "
"(type=%d code=%d id=%d)%s - dropping packet",
- msg_type, msg->hdr->code, msg->hdr->identifier,
+ msg_type, hdr->code, hdr->identifier,
invalid_authenticator ? " [INVALID AUTHENTICATOR]" :
"");
radius_client_msg_free(req);
@@ -848,7 +854,7 @@ u8 radius_client_get_id(struct radius_client_data *radius)
entry = radius->msgs;
prev = NULL;
while (entry) {
- if (entry->msg->hdr->identifier == id) {
+ if (radius_msg_get_hdr(entry->msg)->identifier == id) {
hostapd_logger(radius->ctx, entry->addr,
HOSTAPD_MODULE_RADIUS,
HOSTAPD_LEVEL_DEBUG,
diff --git a/src/radius/radius_server.c b/src/radius/radius_server.c
index 05b4a29..93710f9 100644
--- a/src/radius/radius_server.c
+++ b/src/radius/radius_server.c
@@ -527,6 +527,7 @@ radius_server_encapsulate_eap(struct radius_server_data *data,
struct radius_msg *msg;
int code;
unsigned int sess_id;
+ struct radius_hdr *hdr = radius_msg_get_hdr(request);
if (sess->eap_if->eapFail) {
sess->eap_if->eapFail = FALSE;
@@ -539,7 +540,7 @@ radius_server_encapsulate_eap(struct radius_server_data *data,
code = RADIUS_CODE_ACCESS_CHALLENGE;
}
- msg = radius_msg_new(code, request->hdr->identifier);
+ msg = radius_msg_new(code, hdr->identifier);
if (msg == NULL) {
RADIUS_DEBUG("Failed to allocate reply message");
return NULL;
@@ -565,7 +566,7 @@ radius_server_encapsulate_eap(struct radius_server_data *data,
} else {
len = sess->eap_if->eapKeyDataLen / 2;
}
- if (!radius_msg_add_mppe_keys(msg, request->hdr->authenticator,
+ if (!radius_msg_add_mppe_keys(msg, hdr->authenticator,
(u8 *) client->shared_secret,
client->shared_secret_len,
sess->eap_if->eapKeyData + len,
@@ -583,7 +584,7 @@ radius_server_encapsulate_eap(struct radius_server_data *data,
if (radius_msg_finish_srv(msg, (u8 *) client->shared_secret,
client->shared_secret_len,
- request->hdr->authenticator) < 0) {
+ hdr->authenticator) < 0) {
RADIUS_DEBUG("Failed to add Message-Authenticator attribute");
}
@@ -600,12 +601,13 @@ static int radius_server_reject(struct radius_server_data *data,
struct radius_msg *msg;
int ret = 0;
struct eap_hdr eapfail;
+ struct wpabuf *buf;
+ struct radius_hdr *hdr = radius_msg_get_hdr(request);
RADIUS_DEBUG("Reject invalid request from %s:%d",
from_addr, from_port);
- msg = radius_msg_new(RADIUS_CODE_ACCESS_REJECT,
- request->hdr->identifier);
+ msg = radius_msg_new(RADIUS_CODE_ACCESS_REJECT, hdr->identifier);
if (msg == NULL) {
return -1;
}
@@ -627,7 +629,8 @@ static int radius_server_reject(struct radius_server_data *data,
if (radius_msg_finish_srv(msg, (u8 *) client->shared_secret,
client->shared_secret_len,
- request->hdr->authenticator) < 0) {
+ hdr->authenticator) <
+ 0) {
RADIUS_DEBUG("Failed to add Message-Authenticator attribute");
}
@@ -637,8 +640,8 @@ static int radius_server_reject(struct radius_server_data *data,
data->counters.access_rejects++;
client->counters.access_rejects++;
- if (sendto(data->auth_sock, wpabuf_head(msg->buf),
- wpabuf_len(msg->buf), 0,
+ buf = radius_msg_get_buf(msg);
+ if (sendto(data->auth_sock, wpabuf_head(buf), wpabuf_len(buf), 0,
(struct sockaddr *) from, sizeof(*from)) < 0) {
perror("sendto[RADIUS SRV]");
ret = -1;
@@ -698,17 +701,18 @@ static int radius_server_request(struct radius_server_data *data,
}
if (sess->last_from_port == from_port &&
- sess->last_identifier == msg->hdr->identifier &&
- os_memcmp(sess->last_authenticator, msg->hdr->authenticator, 16) ==
- 0) {
+ sess->last_identifier == radius_msg_get_hdr(msg)->identifier &&
+ os_memcmp(sess->last_authenticator,
+ radius_msg_get_hdr(msg)->authenticator, 16) == 0) {
RADIUS_DEBUG("Duplicate message from %s", from_addr);
data->counters.dup_access_requests++;
client->counters.dup_access_requests++;
if (sess->last_reply) {
- res = sendto(data->auth_sock,
- wpabuf_head(sess->last_reply->buf),
- wpabuf_len(sess->last_reply->buf), 0,
+ struct wpabuf *buf;
+ buf = radius_msg_get_buf(sess->last_reply);
+ res = sendto(data->auth_sock, wpabuf_head(buf),
+ wpabuf_len(buf), 0,
(struct sockaddr *) from, fromlen);
if (res < 0) {
perror("sendto[RADIUS SRV]");
@@ -779,12 +783,15 @@ static int radius_server_request(struct radius_server_data *data,
reply = radius_server_encapsulate_eap(data, client, sess, msg);
if (reply) {
+ struct wpabuf *buf;
+ struct radius_hdr *hdr;
+
RADIUS_DEBUG("Reply to %s:%d", from_addr, from_port);
if (wpa_debug_level <= MSG_MSGDUMP) {
radius_msg_dump(reply);
}
- switch (reply->hdr->code) {
+ switch (radius_msg_get_hdr(reply)->code) {
case RADIUS_CODE_ACCESS_ACCEPT:
data->counters.access_accepts++;
client->counters.access_accepts++;
@@ -798,8 +805,9 @@ static int radius_server_request(struct radius_server_data *data,
client->counters.access_challenges++;
break;
}
- res = sendto(data->auth_sock, wpabuf_head(reply->buf),
- wpabuf_len(reply->buf), 0,
+ buf = radius_msg_get_buf(reply);
+ res = sendto(data->auth_sock, wpabuf_head(buf),
+ wpabuf_len(buf), 0,
(struct sockaddr *) from, fromlen);
if (res < 0) {
perror("sendto[RADIUS SRV]");
@@ -807,9 +815,9 @@ static int radius_server_request(struct radius_server_data *data,
radius_msg_free(sess->last_reply);
sess->last_reply = reply;
sess->last_from_port = from_port;
- sess->last_identifier = msg->hdr->identifier;
- os_memcpy(sess->last_authenticator, msg->hdr->authenticator,
- 16);
+ hdr = radius_msg_get_hdr(msg);
+ sess->last_identifier = hdr->identifier;
+ os_memcpy(sess->last_authenticator, hdr->authenticator, 16);
} else {
data->counters.packets_dropped++;
client->counters.packets_dropped++;
@@ -908,8 +916,9 @@ static void radius_server_receive_auth(int sock, void *eloop_ctx,
radius_msg_dump(msg);
}
- if (msg->hdr->code != RADIUS_CODE_ACCESS_REQUEST) {
- RADIUS_DEBUG("Unexpected RADIUS code %d", msg->hdr->code);
+ if (radius_msg_get_hdr(msg)->code != RADIUS_CODE_ACCESS_REQUEST) {
+ RADIUS_DEBUG("Unexpected RADIUS code %d",
+ radius_msg_get_hdr(msg)->code);
data->counters.unknown_types++;
client->counters.unknown_types++;
goto fail;