radius.c revision 75071
1/* 2 * Copyright 1999 Internet Business Solutions Ltd., Switzerland 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 15 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 16 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 17 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 18 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 19 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 20 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 21 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 22 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 23 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 24 * SUCH DAMAGE. 25 * 26 * $FreeBSD: head/usr.sbin/ppp/radius.c 75071 2001-04-01 22:39:17Z brian $ 27 * 28 */ 29 30#include <sys/param.h> 31#include <sys/socket.h> 32#include <netinet/in_systm.h> 33#include <netinet/in.h> 34#include <netinet/ip.h> 35#include <arpa/inet.h> 36#include <sys/un.h> 37#include <net/route.h> 38 39#ifdef LOCALRAD 40#include "radlib.h" 41#else 42#include <radlib.h> 43#endif 44 45#include <errno.h> 46#include <stdio.h> 47#include <stdlib.h> 48#include <string.h> 49#include <sys/time.h> 50#include <termios.h> 51#include <ttyent.h> 52#include <unistd.h> 53#include <netdb.h> 54 55#include "layer.h" 56#include "defs.h" 57#include "log.h" 58#include "descriptor.h" 59#include "prompt.h" 60#include "timer.h" 61#include "fsm.h" 62#include "iplist.h" 63#include "slcompress.h" 64#include "throughput.h" 65#include "lqr.h" 66#include "hdlc.h" 67#include "mbuf.h" 68#include "ipcp.h" 69#include "route.h" 70#include "command.h" 71#include "filter.h" 72#include "lcp.h" 73#include "ccp.h" 74#include "link.h" 75#include "mp.h" 76#include "radius.h" 77#include "auth.h" 78#include "async.h" 79#include "physical.h" 80#include "chat.h" 81#include "cbcp.h" 82#include "chap.h" 83#include "datalink.h" 84#include "bundle.h" 85 86/* 87 * rad_continue_send_request() has given us `got' (non-zero). Deal with it. 88 */ 89static void 90radius_Process(struct radius *r, int got) 91{ 92 char *argv[MAXARGS], *nuke; 93 struct bundle *bundle; 94 int argc, addrs; 95 size_t len; 96 struct in_range dest; 97 struct in_addr gw; 98 const void *data; 99 const char *stype; 100 101 r->cx.fd = -1; /* Stop select()ing */ 102 stype = r->cx.auth ? "auth" : "acct"; 103 104 switch (got) { 105 case RAD_ACCESS_ACCEPT: 106 log_Printf(LogPHASE, "Radius(%s): ACCEPT received\n", stype); 107 if (!r->cx.auth) { 108 rad_close(r->cx.rad); 109 return; 110 } 111 break; 112 113 case RAD_ACCESS_REJECT: 114 log_Printf(LogPHASE, "Radius(%s): REJECT received\n", stype); 115 if (r->cx.auth) 116 auth_Failure(r->cx.auth); 117 rad_close(r->cx.rad); 118 return; 119 120 case RAD_ACCESS_CHALLENGE: 121 /* we can't deal with this (for now) ! */ 122 log_Printf(LogPHASE, "Radius: CHALLENGE received (can't handle yet)\n"); 123 if (r->cx.auth) 124 auth_Failure(r->cx.auth); 125 rad_close(r->cx.rad); 126 return; 127 128 case RAD_ACCOUNTING_RESPONSE: 129 log_Printf(LogPHASE, "Radius(%s): Accounting response received\n", stype); 130 if (r->cx.auth) 131 auth_Failure(r->cx.auth); /* unexpected !!! */ 132 133 /* No further processing for accounting requests, please */ 134 rad_close(r->cx.rad); 135 return; 136 137 case -1: 138 log_Printf(LogPHASE, "radius(%s): %s\n", stype, rad_strerror(r->cx.rad)); 139 if (r->cx.auth) 140 auth_Failure(r->cx.auth); 141 rad_close(r->cx.rad); 142 return; 143 144 default: 145 log_Printf(LogERROR, "rad_send_request(%s): Failed %d: %s\n", stype, 146 got, rad_strerror(r->cx.rad)); 147 if (r->cx.auth) 148 auth_Failure(r->cx.auth); 149 rad_close(r->cx.rad); 150 return; 151 } 152 153 /* So we've been accepted ! Let's see what we've got in our reply :-I */ 154 r->ip.s_addr = r->mask.s_addr = INADDR_NONE; 155 r->mtu = 0; 156 r->vj = 0; 157 while ((got = rad_get_attr(r->cx.rad, &data, &len)) > 0) { 158 switch (got) { 159 case RAD_FRAMED_IP_ADDRESS: 160 r->ip = rad_cvt_addr(data); 161 log_Printf(LogPHASE, " IP %s\n", inet_ntoa(r->ip)); 162 break; 163 164 case RAD_FRAMED_IP_NETMASK: 165 r->mask = rad_cvt_addr(data); 166 log_Printf(LogPHASE, " Netmask %s\n", inet_ntoa(r->mask)); 167 break; 168 169 case RAD_FRAMED_MTU: 170 r->mtu = rad_cvt_int(data); 171 log_Printf(LogPHASE, " MTU %lu\n", r->mtu); 172 break; 173 174 case RAD_FRAMED_ROUTING: 175 /* Disabled for now - should we automatically set up some filters ? */ 176 /* rad_cvt_int(data); */ 177 /* bit 1 = Send routing packets */ 178 /* bit 2 = Receive routing packets */ 179 break; 180 181 case RAD_FRAMED_COMPRESSION: 182 r->vj = rad_cvt_int(data) == 1 ? 1 : 0; 183 log_Printf(LogPHASE, " VJ %sabled\n", r->vj ? "en" : "dis"); 184 break; 185 186 case RAD_FRAMED_ROUTE: 187 /* 188 * We expect a string of the format ``dest[/bits] gw [metrics]'' 189 * Any specified metrics are ignored. MYADDR and HISADDR are 190 * understood for ``dest'' and ``gw'' and ``0.0.0.0'' is the same 191 * as ``HISADDR''. 192 */ 193 194 if ((nuke = rad_cvt_string(data, len)) == NULL) { 195 log_Printf(LogERROR, "rad_cvt_string: %s\n", rad_strerror(r->cx.rad)); 196 rad_close(r->cx.rad); 197 return; 198 } 199 200 log_Printf(LogPHASE, " Route: %s\n", nuke); 201 bundle = r->cx.auth->physical->dl->bundle; 202 dest.ipaddr.s_addr = dest.mask.s_addr = INADDR_ANY; 203 dest.width = 0; 204 argc = command_Interpret(nuke, strlen(nuke), argv); 205 if (argc < 0) 206 log_Printf(LogWARN, "radius: %s: Syntax error\n", 207 argc == 1 ? argv[0] : "\"\""); 208 else if (argc < 2) 209 log_Printf(LogWARN, "radius: %s: Invalid route\n", 210 argc == 1 ? argv[0] : "\"\""); 211 else if ((strcasecmp(argv[0], "default") != 0 && 212 !ParseAddr(&bundle->ncp.ipcp, argv[0], &dest.ipaddr, 213 &dest.mask, &dest.width)) || 214 !ParseAddr(&bundle->ncp.ipcp, argv[1], &gw, NULL, NULL)) 215 log_Printf(LogWARN, "radius: %s %s: Invalid route\n", 216 argv[0], argv[1]); 217 else { 218 if (dest.width == 32 && strchr(argv[0], '/') == NULL) 219 /* No mask specified - use the natural mask */ 220 dest.mask = addr2mask(dest.ipaddr); 221 addrs = 0; 222 223 if (!strncasecmp(argv[0], "HISADDR", 7)) 224 addrs = ROUTE_DSTHISADDR; 225 else if (!strncasecmp(argv[0], "MYADDR", 6)) 226 addrs = ROUTE_DSTMYADDR; 227 228 if (gw.s_addr == INADDR_ANY) { 229 addrs |= ROUTE_GWHISADDR; 230 gw = bundle->ncp.ipcp.peer_ip; 231 } else if (strcasecmp(argv[1], "HISADDR") == 0) 232 addrs |= ROUTE_GWHISADDR; 233 234 route_Add(&r->routes, addrs, dest.ipaddr, dest.mask, gw); 235 } 236 free(nuke); 237 break; 238 } 239 } 240 241 if (got == -1) { 242 log_Printf(LogERROR, "rad_get_attr: %s (failing!)\n", 243 rad_strerror(r->cx.rad)); 244 auth_Failure(r->cx.auth); 245 rad_close(r->cx.rad); 246 } else { 247 r->valid = 1; 248 auth_Success(r->cx.auth); 249 rad_close(r->cx.rad); 250 } 251} 252 253/* 254 * We've either timed out or select()ed on the read descriptor 255 */ 256static void 257radius_Continue(struct radius *r, int sel) 258{ 259 struct timeval tv; 260 int got; 261 262 timer_Stop(&r->cx.timer); 263 if ((got = rad_continue_send_request(r->cx.rad, sel, &r->cx.fd, &tv)) == 0) { 264 log_Printf(LogPHASE, "Radius: Request re-sent\n"); 265 r->cx.timer.load = tv.tv_usec / TICKUNIT + tv.tv_sec * SECTICKS; 266 timer_Start(&r->cx.timer); 267 return; 268 } 269 270 radius_Process(r, got); 271} 272 273/* 274 * Time to call rad_continue_send_request() - timed out. 275 */ 276static void 277radius_Timeout(void *v) 278{ 279 radius_Continue((struct radius *)v, 0); 280} 281 282/* 283 * Time to call rad_continue_send_request() - something to read. 284 */ 285static void 286radius_Read(struct fdescriptor *d, struct bundle *bundle, const fd_set *fdset) 287{ 288 radius_Continue(descriptor2radius(d), 1); 289} 290 291/* 292 * Behave as a struct fdescriptor (descriptor.h) 293 */ 294static int 295radius_UpdateSet(struct fdescriptor *d, fd_set *r, fd_set *w, fd_set *e, int *n) 296{ 297 struct radius *rad = descriptor2radius(d); 298 299 if (r && rad->cx.fd != -1) { 300 FD_SET(rad->cx.fd, r); 301 if (*n < rad->cx.fd + 1) 302 *n = rad->cx.fd + 1; 303 log_Printf(LogTIMER, "Radius: fdset(r) %d\n", rad->cx.fd); 304 return 1; 305 } 306 307 return 0; 308} 309 310/* 311 * Behave as a struct fdescriptor (descriptor.h) 312 */ 313static int 314radius_IsSet(struct fdescriptor *d, const fd_set *fdset) 315{ 316 struct radius *r = descriptor2radius(d); 317 318 return r && r->cx.fd != -1 && FD_ISSET(r->cx.fd, fdset); 319} 320 321/* 322 * Behave as a struct fdescriptor (descriptor.h) 323 */ 324static int 325radius_Write(struct fdescriptor *d, struct bundle *bundle, const fd_set *fdset) 326{ 327 /* We never want to write here ! */ 328 log_Printf(LogALERT, "radius_Write: Internal error: Bad call !\n"); 329 return 0; 330} 331 332/* 333 * Initialise ourselves 334 */ 335void 336radius_Init(struct radius *r) 337{ 338 r->valid = 0; 339 r->cx.fd = -1; 340 *r->cfg.file = '\0';; 341 r->desc.type = RADIUS_DESCRIPTOR; 342 r->desc.UpdateSet = radius_UpdateSet; 343 r->desc.IsSet = radius_IsSet; 344 r->desc.Read = radius_Read; 345 r->desc.Write = radius_Write; 346 memset(&r->cx.timer, '\0', sizeof r->cx.timer); 347 log_Printf(LogDEBUG, "Radius: radius_Init\n"); 348} 349 350/* 351 * Forget everything and go back to initialised state. 352 */ 353void 354radius_Destroy(struct radius *r) 355{ 356 r->valid = 0; 357 log_Printf(LogDEBUG, "Radius: radius_Destroy\n"); 358 timer_Stop(&r->cx.timer); 359 route_DeleteAll(&r->routes); 360 if (r->cx.fd != -1) { 361 r->cx.fd = -1; 362 rad_close(r->cx.rad); 363 } 364} 365 366/* 367 * Start an authentication request to the RADIUS server. 368 */ 369void 370radius_Authenticate(struct radius *r, struct authinfo *authp, const char *name, 371 const char *key, int klen, const char *challenge, int clen) 372{ 373 struct ttyent *ttyp; 374 struct timeval tv; 375 int got, slot; 376 char hostname[MAXHOSTNAMELEN]; 377 struct hostent *hp; 378 struct in_addr hostaddr; 379 380 if (!*r->cfg.file) 381 return; 382 383 if (r->cx.fd != -1) 384 /* 385 * We assume that our name/key/challenge is the same as last time, 386 * and just continue to wait for the RADIUS server(s). 387 */ 388 return; 389 390 radius_Destroy(r); 391 392 if ((r->cx.rad = rad_auth_open()) == NULL) { 393 log_Printf(LogERROR, "rad_auth_open: %s\n", strerror(errno)); 394 return; 395 } 396 397 if (rad_config(r->cx.rad, r->cfg.file) != 0) { 398 log_Printf(LogERROR, "rad_config: %s\n", rad_strerror(r->cx.rad)); 399 rad_close(r->cx.rad); 400 return; 401 } 402 403 if (rad_create_request(r->cx.rad, RAD_ACCESS_REQUEST) != 0) { 404 log_Printf(LogERROR, "rad_create_request: %s\n", rad_strerror(r->cx.rad)); 405 rad_close(r->cx.rad); 406 return; 407 } 408 409 if (rad_put_string(r->cx.rad, RAD_USER_NAME, name) != 0 || 410 rad_put_int(r->cx.rad, RAD_SERVICE_TYPE, RAD_FRAMED) != 0 || 411 rad_put_int(r->cx.rad, RAD_FRAMED_PROTOCOL, RAD_PPP) != 0) { 412 log_Printf(LogERROR, "rad_put: %s\n", rad_strerror(r->cx.rad)); 413 rad_close(r->cx.rad); 414 return; 415 } 416 417 if (challenge != NULL) { 418 /* We're talking CHAP */ 419 if (rad_put_attr(r->cx.rad, RAD_CHAP_PASSWORD, key, klen) != 0 || 420 rad_put_attr(r->cx.rad, RAD_CHAP_CHALLENGE, challenge, clen) != 0) { 421 log_Printf(LogERROR, "CHAP: rad_put_string: %s\n", 422 rad_strerror(r->cx.rad)); 423 rad_close(r->cx.rad); 424 return; 425 } 426 } else if (rad_put_attr(r->cx.rad, RAD_USER_PASSWORD, key, klen) != 0) { 427 /* We're talking PAP */ 428 log_Printf(LogERROR, "PAP: rad_put_string: %s\n", rad_strerror(r->cx.rad)); 429 rad_close(r->cx.rad); 430 return; 431 } 432 433 if (gethostname(hostname, sizeof hostname) != 0) 434 log_Printf(LogERROR, "rad_put: gethostname(): %s\n", strerror(errno)); 435 else { 436 if ((hp = gethostbyname(hostname)) != NULL) { 437 hostaddr.s_addr = *(u_long *)hp->h_addr; 438 if (rad_put_addr(r->cx.rad, RAD_NAS_IP_ADDRESS, hostaddr) != 0) { 439 log_Printf(LogERROR, "rad_put: rad_put_string: %s\n", 440 rad_strerror(r->cx.rad)); 441 rad_close(r->cx.rad); 442 return; 443 } 444 } 445 if (rad_put_string(r->cx.rad, RAD_NAS_IDENTIFIER, hostname) != 0) { 446 log_Printf(LogERROR, "rad_put: rad_put_string: %s\n", 447 rad_strerror(r->cx.rad)); 448 rad_close(r->cx.rad); 449 return; 450 } 451 } 452 453 if (authp->physical->handler && 454 authp->physical->handler->type == TTY_DEVICE) { 455 setttyent(); 456 for (slot = 1; (ttyp = getttyent()); ++slot) 457 if (!strcmp(ttyp->ty_name, authp->physical->name.base)) { 458 if(rad_put_int(r->cx.rad, RAD_NAS_PORT, slot) != 0) { 459 log_Printf(LogERROR, "rad_put: rad_put_string: %s\n", 460 rad_strerror(r->cx.rad)); 461 rad_close(r->cx.rad); 462 endttyent(); 463 return; 464 } 465 break; 466 } 467 endttyent(); 468 } 469 470 471 r->cx.auth = authp; 472 if ((got = rad_init_send_request(r->cx.rad, &r->cx.fd, &tv))) 473 radius_Process(r, got); 474 else { 475 log_Printf(LogPHASE, "Radius: Request sent\n"); 476 log_Printf(LogDEBUG, "Using radius_Timeout [%p]\n", radius_Timeout); 477 r->cx.timer.load = tv.tv_usec / TICKUNIT + tv.tv_sec * SECTICKS; 478 r->cx.timer.func = radius_Timeout; 479 r->cx.timer.name = "radius auth"; 480 r->cx.timer.arg = r; 481 timer_Start(&r->cx.timer); 482 } 483} 484 485/* 486 * Send an accounting request to the RADIUS server 487 */ 488void 489radius_Account(struct radius *r, struct radacct *ac, struct datalink *dl, 490 int acct_type, struct in_addr *peer_ip, struct in_addr *netmask, 491 struct pppThroughput *stats) 492{ 493 struct ttyent *ttyp; 494 struct timeval tv; 495 int got, slot; 496 char hostname[MAXHOSTNAMELEN]; 497 struct hostent *hp; 498 struct in_addr hostaddr; 499 500 if (!*r->cfg.file) 501 return; 502 503 if (r->cx.fd != -1) 504 /* 505 * We assume that our name/key/challenge is the same as last time, 506 * and just continue to wait for the RADIUS server(s). 507 */ 508 return; 509 510 radius_Destroy(r); 511 512 if ((r->cx.rad = rad_acct_open()) == NULL) { 513 log_Printf(LogERROR, "rad_auth_open: %s\n", strerror(errno)); 514 return; 515 } 516 517 if (rad_config(r->cx.rad, r->cfg.file) != 0) { 518 log_Printf(LogERROR, "rad_config: %s\n", rad_strerror(r->cx.rad)); 519 rad_close(r->cx.rad); 520 return; 521 } 522 523 if (rad_create_request(r->cx.rad, RAD_ACCOUNTING_REQUEST) != 0) { 524 log_Printf(LogERROR, "rad_create_request: %s\n", rad_strerror(r->cx.rad)); 525 rad_close(r->cx.rad); 526 return; 527 } 528 529 /* Grab some accounting data and initialize structure */ 530 if (acct_type == RAD_START) { 531 ac->rad_parent = r; 532 /* Fetch username from datalink */ 533 strncpy(ac->user_name, dl->peer.authname, sizeof ac->user_name); 534 ac->user_name[AUTHLEN-1] = '\0'; 535 536 ac->authentic = 2; /* Assume RADIUS verified auth data */ 537 538 /* Generate a session ID */ 539 snprintf(ac->session_id, sizeof ac->session_id, "%s%d-%s%lu", 540 dl->bundle->cfg.auth.name, (int)getpid(), 541 dl->peer.authname, (unsigned long)stats->uptime); 542 543 /* And grab our MP socket name */ 544 snprintf(ac->multi_session_id, sizeof ac->multi_session_id, "%s", 545 dl->bundle->ncp.mp.active ? 546 dl->bundle->ncp.mp.server.socket.sun_path : ""); 547 548 /* Fetch IP, netmask from IPCP */ 549 memcpy(&ac->ip, peer_ip, sizeof(ac->ip)); 550 memcpy(&ac->mask, netmask, sizeof(ac->mask)); 551 }; 552 553 if (rad_put_string(r->cx.rad, RAD_USER_NAME, ac->user_name) != 0 || 554 rad_put_int(r->cx.rad, RAD_SERVICE_TYPE, RAD_FRAMED) != 0 || 555 rad_put_int(r->cx.rad, RAD_FRAMED_PROTOCOL, RAD_PPP) != 0 || 556 rad_put_addr(r->cx.rad, RAD_FRAMED_IP_ADDRESS, ac->ip) != 0 || 557 rad_put_addr(r->cx.rad, RAD_FRAMED_IP_NETMASK, ac->mask) != 0) { 558 log_Printf(LogERROR, "rad_put: %s\n", rad_strerror(r->cx.rad)); 559 rad_close(r->cx.rad); 560 return; 561 } 562 563 if (gethostname(hostname, sizeof hostname) != 0) 564 log_Printf(LogERROR, "rad_put: gethostname(): %s\n", strerror(errno)); 565 else { 566 if ((hp = gethostbyname(hostname)) != NULL) { 567 hostaddr.s_addr = *(u_long *)hp->h_addr; 568 if (rad_put_addr(r->cx.rad, RAD_NAS_IP_ADDRESS, hostaddr) != 0) { 569 log_Printf(LogERROR, "rad_put: rad_put_string: %s\n", 570 rad_strerror(r->cx.rad)); 571 rad_close(r->cx.rad); 572 return; 573 } 574 } 575 if (rad_put_string(r->cx.rad, RAD_NAS_IDENTIFIER, hostname) != 0) { 576 log_Printf(LogERROR, "rad_put: rad_put_string: %s\n", 577 rad_strerror(r->cx.rad)); 578 rad_close(r->cx.rad); 579 return; 580 } 581 } 582 583 if (dl->physical->handler && 584 dl->physical->handler->type == TTY_DEVICE) { 585 setttyent(); 586 for (slot = 1; (ttyp = getttyent()); ++slot) 587 if (!strcmp(ttyp->ty_name, dl->physical->name.base)) { 588 if(rad_put_int(r->cx.rad, RAD_NAS_PORT, slot) != 0) { 589 log_Printf(LogERROR, "rad_put: rad_put_string: %s\n", 590 rad_strerror(r->cx.rad)); 591 rad_close(r->cx.rad); 592 endttyent(); 593 return; 594 } 595 break; 596 } 597 endttyent(); 598 } 599 600 if (rad_put_int(r->cx.rad, RAD_ACCT_STATUS_TYPE, acct_type) != 0 || 601 rad_put_string(r->cx.rad, RAD_ACCT_SESSION_ID, ac->session_id) != 0 || 602 rad_put_string(r->cx.rad, RAD_ACCT_MULTI_SESSION_ID, 603 ac->multi_session_id) != 0 || 604 rad_put_int(r->cx.rad, RAD_ACCT_DELAY_TIME, 0) != 0) { 605/* XXX ACCT_DELAY_TIME should be increased each time a packet is waiting */ 606 log_Printf(LogERROR, "rad_put: %s\n", rad_strerror(r->cx.rad)); 607 rad_close(r->cx.rad); 608 return; 609 } 610 611 if (acct_type == RAD_STOP) 612 /* Show some statistics */ 613 if (rad_put_int(r->cx.rad, RAD_ACCT_INPUT_OCTETS, stats->OctetsIn) != 0 || 614 rad_put_int(r->cx.rad, RAD_ACCT_INPUT_PACKETS, stats->PacketsIn) != 0 || 615 rad_put_int(r->cx.rad, RAD_ACCT_OUTPUT_OCTETS, stats->OctetsOut) != 0 || 616 rad_put_int(r->cx.rad, RAD_ACCT_OUTPUT_PACKETS, stats->PacketsOut) 617 != 0 || 618 rad_put_int(r->cx.rad, RAD_ACCT_SESSION_TIME, throughput_uptime(stats)) 619 != 0) { 620 log_Printf(LogERROR, "rad_put: %s\n", rad_strerror(r->cx.rad)); 621 rad_close(r->cx.rad); 622 return; 623 } 624 625 r->cx.auth = NULL; /* Not valid for accounting requests */ 626 if ((got = rad_init_send_request(r->cx.rad, &r->cx.fd, &tv))) 627 radius_Process(r, got); 628 else { 629 log_Printf(LogDEBUG, "Using radius_Timeout [%p]\n", radius_Timeout); 630 r->cx.timer.load = tv.tv_usec / TICKUNIT + tv.tv_sec * SECTICKS; 631 r->cx.timer.func = radius_Timeout; 632 r->cx.timer.name = "radius acct"; 633 r->cx.timer.arg = r; 634 timer_Start(&r->cx.timer); 635 } 636} 637 638/* 639 * How do things look at the moment ? 640 */ 641void 642radius_Show(struct radius *r, struct prompt *p) 643{ 644 prompt_Printf(p, " Radius config: %s", 645 *r->cfg.file ? r->cfg.file : "none"); 646 if (r->valid) { 647 prompt_Printf(p, "\n IP: %s\n", inet_ntoa(r->ip)); 648 prompt_Printf(p, " Netmask: %s\n", inet_ntoa(r->mask)); 649 prompt_Printf(p, " MTU: %lu\n", r->mtu); 650 prompt_Printf(p, " VJ: %sabled\n", r->vj ? "en" : "dis"); 651 if (r->routes) 652 route_ShowSticky(p, r->routes, " Routes", 16); 653 } else 654 prompt_Printf(p, " (not authenticated)\n"); 655} 656