diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-28 09:49:46 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-28 09:49:46 +0000 |
commit | 50b37d4a27d3295a29afca2286f1a5a086142cec (patch) | |
tree | 9212f763934ee090ef72d823f559f52ce387f268 /src/main/session.c | |
parent | Initial commit. (diff) | |
download | freeradius-upstream/3.2.1+dfsg.tar.xz freeradius-upstream/3.2.1+dfsg.zip |
Adding upstream version 3.2.1+dfsg.upstream/3.2.1+dfsgupstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to '')
-rw-r--r-- | src/main/session.c | 254 |
1 files changed, 254 insertions, 0 deletions
diff --git a/src/main/session.c b/src/main/session.c new file mode 100644 index 0000000..8dbf5a6 --- /dev/null +++ b/src/main/session.c @@ -0,0 +1,254 @@ +/* + * session.c session management + * + * Version: $Id$ + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA + * + * Copyright 2000,2006 The FreeRADIUS server project + */ + +RCSID("$Id$") + +#include <freeradius-devel/radiusd.h> +#include <freeradius-devel/modules.h> +#include <freeradius-devel/rad_assert.h> + +#ifdef HAVE_SYS_WAIT_H +#include <sys/wait.h> +#endif + +#ifdef WITH_SESSION_MGMT +/* + * End a session by faking a Stop packet to all accounting modules. + */ +int session_zap(REQUEST *request, fr_ipaddr_t const *nasaddr, uint32_t nas_port, + char const *user, + char const *sessionid, uint32_t cliaddr, char proto, + int session_time) +{ + REQUEST *stopreq; + VALUE_PAIR *vp; + int ret; + + stopreq = request_alloc_fake(request); + rad_assert(stopreq != NULL); + rad_assert(stopreq->packet != NULL); + stopreq->packet->code = PW_CODE_ACCOUNTING_REQUEST; /* just to be safe */ + stopreq->listener = request->listener; + + /* Hold your breath */ +#define PAIR(n,v,e) do { \ + if(!(vp = fr_pair_afrom_num(stopreq->packet,n, 0))) { \ + talloc_free(stopreq); \ + ERROR("no memory"); \ + return 0; \ + } \ + vp->e = v; \ + fr_pair_add(&(stopreq->packet->vps), vp); \ + } while(0) + +#define INTPAIR(n,v) PAIR(n,v,vp_integer) + +#define IPPAIR(n,v) PAIR(n,v,vp_ipaddr) + +#define IPV6PAIR(n,v) PAIR(n,v,vp_ipv6addr) + +#define STRINGPAIR(n,v) do { \ + if(!(vp = fr_pair_afrom_num(stopreq->packet,n, 0))) { \ + talloc_free(stopreq); \ + ERROR("no memory"); \ + return 0; \ + } \ + fr_pair_value_strcpy(vp, v); \ + fr_pair_add(&(stopreq->packet->vps), vp); \ + } while(0) + + INTPAIR(PW_ACCT_STATUS_TYPE, PW_STATUS_STOP); + + if (nasaddr->af == AF_INET) { + IPPAIR(PW_NAS_IP_ADDRESS, nasaddr->ipaddr.ip4addr.s_addr); + } else { + IPV6PAIR(PW_NAS_IPV6_ADDRESS, nasaddr->ipaddr.ip6addr); + } + + INTPAIR(PW_EVENT_TIMESTAMP, 0); + vp->vp_date = time(NULL); + INTPAIR(PW_ACCT_DELAY_TIME, 0); + + STRINGPAIR(PW_USER_NAME, user); + stopreq->username = vp; + + INTPAIR(PW_NAS_PORT, nas_port); + STRINGPAIR(PW_ACCT_SESSION_ID, sessionid); + if(proto == 'P') { + INTPAIR(PW_SERVICE_TYPE, PW_FRAMED_USER); + INTPAIR(PW_FRAMED_PROTOCOL, PW_PPP); + } else if(proto == 'S') { + INTPAIR(PW_SERVICE_TYPE, PW_FRAMED_USER); + INTPAIR(PW_FRAMED_PROTOCOL, PW_SLIP); + } else { + INTPAIR(PW_SERVICE_TYPE, PW_LOGIN_USER); /* A guess, really */ + } + if(cliaddr != 0) + IPPAIR(PW_FRAMED_IP_ADDRESS, cliaddr); + INTPAIR(PW_ACCT_SESSION_TIME, session_time); + INTPAIR(PW_ACCT_INPUT_OCTETS, 0); + INTPAIR(PW_ACCT_OUTPUT_OCTETS, 0); + INTPAIR(PW_ACCT_INPUT_PACKETS, 0); + INTPAIR(PW_ACCT_OUTPUT_PACKETS, 0); + + stopreq->password = NULL; + + RDEBUG("Running Accounting section for automatically created accounting 'stop'"); + rdebug_pair_list(L_DBG_LVL_1, request, request->packet->vps, NULL); + ret = rad_accounting(stopreq); + + /* + * We've got to clean it up by hand, because no one else will. + */ + talloc_free(stopreq); + + return ret; +} + +#ifndef __MINGW32__ + +/* + * Check one terminal server to see if a user is logged in. + * + * Return values: + * 0 The user is off-line. + * 1 The user is logged in. + * 2 Some error occured. + */ +int rad_check_ts(fr_ipaddr_t const *nasaddr, uint32_t nas_port, char const *user, + char const *session_id) +{ + pid_t pid, child_pid; + int status; + char address[64]; + char port[11]; + RADCLIENT *cl; + + /* + * Find NAS type. + */ + cl = client_find_old(nasaddr); + if (!cl) { + /* + * Unknown NAS, so trusting radutmp. + */ + DEBUG2("checkrad: Unknown NAS %s, not checking", + inet_ntop(nasaddr->af, &(nasaddr->ipaddr), address, sizeof(address))); + return 1; + } + + /* + * No nas_type, or nas type 'other', trust radutmp. + */ + if (!cl->nas_type || (cl->nas_type[0] == '\0') || + (strcmp(cl->nas_type, "other") == 0)) { + DEBUG2("checkrad: No NAS type, or type \"other\" not checking"); + return 1; + } + + /* + * Fork. + */ + if ((pid = rad_fork()) < 0) { /* do wait for the fork'd result */ + ERROR("Accounting: Failed in fork(): Cannot run checkrad\n"); + return 2; + } + + if (pid > 0) { + child_pid = rad_waitpid(pid, &status); + + /* + * It's taking too long. Stop waiting for it. + * + * Don't bother to kill it, as we don't care what + * happens to it now. + */ + if (child_pid == 0) { + ERROR("Check-TS: timeout waiting for checkrad"); + return 2; + } + + if (child_pid < 0) { + ERROR("Check-TS: unknown error in waitpid()"); + return 2; + } + + return WEXITSTATUS(status); + } + + /* + * We don't close fd's 0, 1, and 2. If we're in debugging mode, + * then they should go to stdout (etc), along with the other + * server log messages. + * + * If we're not in debugging mode, then the code in radiusd.c + * takes care of connecting fd's 0, 1, and 2 to /dev/null. + */ + closefrom(3); + + inet_ntop(nasaddr->af, &(nasaddr->ipaddr), address, sizeof(address)); + snprintf(port, sizeof(port), "%u", nas_port); + +#ifdef __EMX__ + /* OS/2 can't directly execute scripts then we call the command + processor to execute checkrad + */ + execl(getenv("COMSPEC"), "", "/C","checkrad", cl->nas_type, address, port, + user, session_id, NULL); +#else + execl(main_config.checkrad, "checkrad", cl->nas_type, address, port, + user, session_id, NULL); +#endif + ERROR("Check-TS: exec %s: %s", main_config.checkrad, fr_syserror(errno)); + + /* + * Exit - 2 means "some error occured". + */ + exit(2); +} +#else +int rad_check_ts(fr_ipaddr_t const *nasaddr, UNUSED unsigned int nas_port, + UNUSED char const *user, UNUSED char const *session_id) +{ + ERROR("Simultaneous-Use is not supported"); + return 2; +} +#endif + +#else +/* WITH_SESSION_MGMT */ + +int session_zap(UNUSED REQUEST *request, fr_ipaddr_t const *nasaddr, UNUSED uint32_t nas_port, + UNUSED char const *user, + UNUSED char const *sessionid, UNUSED uint32_t cliaddr, UNUSED char proto, + UNUSED int session_time) +{ + return RLM_MODULE_FAIL; +} + +int rad_check_ts(fr_ipaddr_t const *nasaddr, UNUSED unsigned int nas_port, + UNUSED char const *user, UNUSED char const *session_id) +{ + ERROR("Simultaneous-Use is not supported"); + return 2; +} +#endif |