mirror of
https://github.com/3proxy/3proxy.git
synced 2025-11-04 07:42:39 +08:00
'radius' and 'auth radius' support added (not tested yet)
Example: radius secret 192.168.0.1 192.168.0.2 authcache ip,user auth cache radius
This commit is contained in:
z3APA3A
parent
5cb3947c45
commit
e7433d633c
@ -8,7 +8,7 @@
|
||||
|
||||
BUILDDIR = ../bin/
|
||||
CC = cl
|
||||
CFLAGS = /nologo /Ox /MT /D "NOIPV6" /D "NODEBUG" /D "NOODBC" /D"WATCOM" /D "MSVC" /D "WITH_STD_MALLOC" /D "WIN32" /D "_CONSOLE" /D "_MBCS" /D "_WIN32" /c
|
||||
CFLAGS = /nologo /Ox /MT /D "NOIPV6" /D "NODEBUG" /D "NOODBC" /D "NORADIUS" /D"WATCOM" /D "MSVC" /D "WITH_STD_MALLOC" /D "WIN32" /D "_CONSOLE" /D "_MBCS" /D "_WIN32" /c
|
||||
COUT = /Fo
|
||||
LN = link
|
||||
LDFLAGS = /nologo /subsystem:console /incremental:no
|
||||
|
||||
@ -10,7 +10,7 @@
|
||||
|
||||
BUILDDIR = ../bin/
|
||||
CC = gcc
|
||||
CFLAGS = -O2 -s -c -mthreads -DWITH_STD_MALLOC -DNOIPV6
|
||||
CFLAGS = -O2 -s -c -mthreads -DWITH_STD_MALLOC -DNOIPV6 -DNORADIUS
|
||||
COUT = -o
|
||||
LN = gcc
|
||||
LDFLAGS = -O2 -s -mthreads
|
||||
|
||||
@ -10,7 +10,7 @@
|
||||
|
||||
BUILDDIR = ../bin/
|
||||
CC = /opt/cegcc/arm-wince-cegcc/bin/gcc
|
||||
CFLAGS = -O2 -s -c -mthreads -DWITH_STD_MALLOC -DNOODBC -D_WINCE -D_WIN32 -D__USE_W32_SOCKETS
|
||||
CFLAGS = -O2 -s -c -mthreads -DWITH_STD_MALLOC -DNOODBC -D_WINCE -D_WIN32 -DNORADIUS -D__USE_W32_SOCKETS
|
||||
COUT = -o
|
||||
LN = /opt/cegcc/arm-wince-cegcc/bin/gcc
|
||||
LDFLAGS = -O2 -s -mthreads
|
||||
|
||||
@ -519,7 +519,7 @@ int WinMain(HINSTANCE hInstance, HINSTANCE hPrevInstance, LPWSTR lpCmdLine, int
|
||||
pthread_mutex_init(&tc_mutex, NULL);
|
||||
pthread_mutex_init(&pwl_mutex, NULL);
|
||||
pthread_mutex_init(&log_mutex, NULL);
|
||||
#ifdef WITHRADIUS
|
||||
#ifndef NORADIUS
|
||||
pthread_mutex_init(&rad_mutex, NULL);
|
||||
#endif
|
||||
|
||||
|
||||
@ -118,6 +118,9 @@ srvdnspr$(OBJSUFFICS): dnspr.c proxy.h structures.h
|
||||
auth$(OBJSUFFICS): auth.c proxy.h structures.h
|
||||
$(CC) $(COUT)auth$(OBJSUFFICS) $(CFLAGS) auth.c
|
||||
|
||||
authradius$(OBJSUFFICS): authradius.c proxy.h structures.h
|
||||
$(CC) $(COUT)authradius$(OBJSUFFICS) $(CFLAGS) authradius.c
|
||||
|
||||
conf$(OBJSUFFICS): conf.c proxy.h structures.h
|
||||
$(CC) $(COUT)conf$(OBJSUFFICS) $(CFLAGS) conf.c
|
||||
|
||||
@ -155,8 +158,8 @@ ntlm$(OBJSUFFICS): ntlm.c
|
||||
stringtable$(OBJSUFFICS): stringtable.c
|
||||
$(CC) $(COUT)stringtable$(OBJSUFFICS) $(CFLAGS) stringtable.c
|
||||
|
||||
$(BUILDDIR)3proxy$(EXESUFFICS): 3proxy$(OBJSUFFICS) mainfunc$(OBJSUFFICS) srvproxy$(OBJSUFFICS) srvpop3p$(OBJSUFFICS) srvsmtpp$(OBJSUFFICS) srvftppr$(OBJSUFFICS) srvsocks$(OBJSUFFICS) srvtcppm$(OBJSUFFICS) srvicqpr$(OBJSUFFICS) srvudppm$(OBJSUFFICS) sockmap$(OBJSUFFICS) sockgetchar$(OBJSUFFICS) myalloc$(OBJSUFFICS) common$(OBJSUFFICS) auth$(OBJSUFFICS) conf$(OBJSUFFICS) datatypes$(OBJSUFFICS) md4$(OBJSUFFICS) md5$(OBJSUFFICS) mycrypt$(OBJSUFFICS) base64$(OBJSUFFICS) ftp$(OBJSUFFICS) smbdes$(OBJSUFFICS) ntlm$(OBJSUFFICS) stringtable$(OBJSUFFICS) srvwebadmin$(OBJSUFFICS) srvdnspr$(OBJSUFFICS) plugins$(OBJSUFFICS) $(COMPATLIBS)
|
||||
$(LN) $(LNOUT)$(BUILDDIR)3proxy$(EXESUFFICS) $(LDFLAGS) $(VERFILE) 3proxy$(OBJSUFFICS) mainfunc$(OBJSUFFICS) auth$(OBJSUFFICS) conf$(OBJSUFFICS) datatypes$(OBJSUFFICS) srvproxy$(OBJSUFFICS) srvpop3p$(OBJSUFFICS) srvsmtpp$(OBJSUFFICS) srvftppr$(OBJSUFFICS) srvsocks$(OBJSUFFICS) srvtcppm$(OBJSUFFICS) srvicqpr$(OBJSUFFICS) srvudppm$(OBJSUFFICS) sockmap$(OBJSUFFICS) sockgetchar$(OBJSUFFICS) myalloc$(OBJSUFFICS) common$(OBJSUFFICS) mycrypt$(OBJSUFFICS) md5$(OBJSUFFICS) md4$(OBJSUFFICS) base64$(OBJSUFFICS) ftp$(OBJSUFFICS) smbdes$(OBJSUFFICS) ntlm$(OBJSUFFICS) stringtable$(OBJSUFFICS) srvwebadmin$(OBJSUFFICS) srvdnspr$(OBJSUFFICS) plugins$(OBJSUFFICS) $(COMPATLIBS) $(LIBS)
|
||||
$(BUILDDIR)3proxy$(EXESUFFICS): 3proxy$(OBJSUFFICS) mainfunc$(OBJSUFFICS) srvproxy$(OBJSUFFICS) srvpop3p$(OBJSUFFICS) srvsmtpp$(OBJSUFFICS) srvftppr$(OBJSUFFICS) srvsocks$(OBJSUFFICS) srvtcppm$(OBJSUFFICS) srvicqpr$(OBJSUFFICS) srvudppm$(OBJSUFFICS) sockmap$(OBJSUFFICS) sockgetchar$(OBJSUFFICS) myalloc$(OBJSUFFICS) common$(OBJSUFFICS) auth$(OBJSUFFICS) authradius$(OBJSUFFICS) conf$(OBJSUFFICS) datatypes$(OBJSUFFICS) md4$(OBJSUFFICS) md5$(OBJSUFFICS) mycrypt$(OBJSUFFICS) base64$(OBJSUFFICS) ftp$(OBJSUFFICS) smbdes$(OBJSUFFICS) ntlm$(OBJSUFFICS) stringtable$(OBJSUFFICS) srvwebadmin$(OBJSUFFICS) srvdnspr$(OBJSUFFICS) plugins$(OBJSUFFICS) $(COMPATLIBS)
|
||||
$(LN) $(LNOUT)$(BUILDDIR)3proxy$(EXESUFFICS) $(LDFLAGS) $(VERFILE) 3proxy$(OBJSUFFICS) mainfunc$(OBJSUFFICS) auth$(OBJSUFFICS) authradius$(OBJSUFFICS) conf$(OBJSUFFICS) datatypes$(OBJSUFFICS) srvproxy$(OBJSUFFICS) srvpop3p$(OBJSUFFICS) srvsmtpp$(OBJSUFFICS) srvftppr$(OBJSUFFICS) srvsocks$(OBJSUFFICS) srvtcppm$(OBJSUFFICS) srvicqpr$(OBJSUFFICS) srvudppm$(OBJSUFFICS) sockmap$(OBJSUFFICS) sockgetchar$(OBJSUFFICS) myalloc$(OBJSUFFICS) common$(OBJSUFFICS) mycrypt$(OBJSUFFICS) md5$(OBJSUFFICS) md4$(OBJSUFFICS) base64$(OBJSUFFICS) ftp$(OBJSUFFICS) smbdes$(OBJSUFFICS) ntlm$(OBJSUFFICS) stringtable$(OBJSUFFICS) srvwebadmin$(OBJSUFFICS) srvdnspr$(OBJSUFFICS) plugins$(OBJSUFFICS) $(COMPATLIBS) $(LIBS)
|
||||
|
||||
clean:
|
||||
@$(REMOVECOMMAND) *$(OBJSUFFICS) $(COMPFILES)
|
||||
|
||||
@ -641,7 +641,6 @@ struct authcache {
|
||||
struct authcache *next;
|
||||
} *authc = NULL;
|
||||
|
||||
|
||||
int cacheauth(struct clientparam * param){
|
||||
struct authcache *ac, *last=NULL;
|
||||
|
||||
@ -850,6 +849,7 @@ int strongauth(struct clientparam * param){
|
||||
return 5;
|
||||
}
|
||||
|
||||
int radauth(struct clientparam * param);
|
||||
|
||||
struct auth authfuncs[] = {
|
||||
{authfuncs+1, NULL, NULL, ""},
|
||||
@ -858,8 +858,12 @@ struct auth authfuncs[] = {
|
||||
{authfuncs+4, dnsauth, checkACL, "dnsname"},
|
||||
{authfuncs+5, strongauth, checkACL, "strong"},
|
||||
{authfuncs+6, cacheauth, checkACL, "cache"},
|
||||
#ifndef NORADIUS
|
||||
{authfuncs+7, radauth, checkACL, "radius"},
|
||||
{authfuncs+8, NULL, NULL, "none"},
|
||||
#else
|
||||
{authfuncs+7, NULL, NULL, "none"},
|
||||
|
||||
#endif
|
||||
{NULL, NULL, NULL, ""}
|
||||
};
|
||||
|
||||
|
||||
@ -6,7 +6,7 @@
|
||||
|
||||
*/
|
||||
|
||||
|
||||
#ifndef NORADIUS
|
||||
#include "proxy.h"
|
||||
#include "libs/md5.h"
|
||||
|
||||
@ -166,9 +166,12 @@ struct sockaddr_in radiuslist[MAXRADIUS];
|
||||
struct sockaddr_in6 radiuslist[MAXRADIUS];
|
||||
#endif
|
||||
|
||||
static int ntry;
|
||||
int nradservers = 0;
|
||||
char * radiussecret = NULL;
|
||||
|
||||
pthread_mutex_t rad_mutex;
|
||||
|
||||
void md5_calc(unsigned char *output, unsigned char *input,
|
||||
unsigned int inputlen);
|
||||
|
||||
@ -283,17 +286,17 @@ int rad_pwencode(char *passwd, int *pwlen, const char *secret, const char *vecto
|
||||
/*
|
||||
* Create a random vector of AUTH_VECTOR_LEN bytes.
|
||||
*/
|
||||
void random_vector(uint8_t *vector)
|
||||
void random_vector(uint8_t *vector, struct clientparam *param)
|
||||
{
|
||||
int i;
|
||||
static int did_random = 0;
|
||||
static int counter = 0;
|
||||
|
||||
pthread_mutex_lock(&rad_mutex);
|
||||
if (!did_random) {
|
||||
|
||||
ntry = (int)basetime;
|
||||
for (i = 0; i < (int)sizeof(random_vector_pool); i++) {
|
||||
random_vector_pool[i] += myrand((void *) random_vector_pool+i, 1) & 0xff;
|
||||
random_vector_pool[i] += myrand((void *) ¶m->msec_start, sizeof(param->msec_start)) & 0xff;
|
||||
}
|
||||
did_random = 1;
|
||||
|
||||
@ -319,26 +322,11 @@ void random_vector(uint8_t *vector)
|
||||
md5_calc((u_char *) vector,
|
||||
(u_char *) random_vector_pool,
|
||||
sizeof(random_vector_pool));
|
||||
pthread_mutex_unlock(&rad_mutex);
|
||||
}
|
||||
|
||||
|
||||
static float timeout = 5;
|
||||
|
||||
static int getport(const char *name)
|
||||
{
|
||||
struct servent *svp;
|
||||
|
||||
svp = getservbyname (name, "udp");
|
||||
if (!svp) {
|
||||
return 0;
|
||||
}
|
||||
|
||||
return ntohs(svp->s_port);
|
||||
}
|
||||
|
||||
|
||||
|
||||
typedef struct radius_packet_t {
|
||||
uint8_t code;
|
||||
uint8_t id;
|
||||
@ -350,7 +338,7 @@ typedef struct radius_packet_t {
|
||||
|
||||
|
||||
char buf[256];
|
||||
extern int ntry;
|
||||
int ntry = 0;
|
||||
|
||||
#define RETURN(xxx) { res = xxx; goto CLEANRET; }
|
||||
|
||||
@ -385,9 +373,11 @@ int radauth(struct clientparam * param){
|
||||
|
||||
memset(&packet, 0, sizeof(packet));
|
||||
|
||||
random_vector(packet.vector);
|
||||
pthread_mutex_lock(&rad_mutex);
|
||||
random_vector(packet.vector, param);
|
||||
|
||||
id = (((int)getpid() + ntry) & 0xff);
|
||||
id = ((ntry++) & 0xff);
|
||||
pthread_mutex_unlock(&rad_mutex);
|
||||
|
||||
packet.code = PW_AUTHENTICATION_REQUEST;
|
||||
packet.id=id;
|
||||
@ -493,19 +483,20 @@ int radauth(struct clientparam * param){
|
||||
for (loop = 0; loop < nradservers && loop < MAXRADIUS; loop++) {
|
||||
|
||||
saremote = radiuslist[loop];
|
||||
#idef NOIPV6
|
||||
if(SAFAMILY(&saremote)!= AF_INET)continue;
|
||||
*SAPORT(&saremote) = htons(1812);
|
||||
#ifdef NOIPV6
|
||||
if(*SAFAMILY(&saremote)!= AF_INET)continue;
|
||||
#else
|
||||
if(SAFAMILY(&saremote)!= AF_INET && SAFAMILY(&saremote)!= AF_INET6)continue;
|
||||
if(*SAFAMILY(&saremote)!= AF_INET && *SAFAMILY(&saremote)!= AF_INET6)continue;
|
||||
#endif
|
||||
packet.id++;
|
||||
if(sockfd >= 0) so._closesocket(sockfd);
|
||||
if ((sockfd = so._socket(SASOCK(saremote), SOCK_DGRAM, 0)) < 0) {
|
||||
if ((sockfd = so._socket(SASOCK(&saremote), SOCK_DGRAM, 0)) < 0) {
|
||||
return 4;
|
||||
}
|
||||
|
||||
len = so._sendto(sockfd, &packet, ntohs(packet.length), 0,
|
||||
(struct sockaddr *)&saremote, sizeof(saremote);
|
||||
len = so._sendto(sockfd, (char *)&packet, ntohs(packet.length), 0,
|
||||
(struct sockaddr *)&saremote, sizeof(saremote));
|
||||
if(len != ntohs(packet.length)){
|
||||
continue;
|
||||
}
|
||||
@ -518,7 +509,7 @@ int radauth(struct clientparam * param){
|
||||
|
||||
salen = sizeof(saremote);
|
||||
|
||||
data_len = so._recvfrom(sockfd, &rpacket, sizeof(packet)-16,
|
||||
data_len = so._recvfrom(sockfd, (char *)&rpacket, sizeof(packet)-16,
|
||||
0, (struct sockaddr *)&saremote, &salen);
|
||||
|
||||
if (data_len < 20) {
|
||||
@ -632,3 +623,4 @@ CLEANRET:
|
||||
return res;
|
||||
}
|
||||
|
||||
#endif
|
||||
14
src/conf.c
14
src/conf.c
@ -1261,6 +1261,17 @@ static int h_delimchar(int argc, unsigned char **argv){
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int h_radius(int argc, unsigned char **argv){
|
||||
char * rs = radiussecret;
|
||||
radiussecret = mystrdup(argv[1]);
|
||||
nradservers = 0;
|
||||
memset(radiuslist, 0, sizeof(radiuslist));
|
||||
for( ; nradservers < MAXRADIUS && nradservers < argc -2; nradservers++){
|
||||
if( !getip46(46, argv[nradservers + 2], (struct sockaddr *)&radiuslist[nradservers])) return 1;
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int h_authcache(int argc, unsigned char **argv){
|
||||
conf.authcachetype = 0;
|
||||
if(strstr((char *) *(argv + 1), "ip")) conf.authcachetype |= 1;
|
||||
@ -1422,6 +1433,9 @@ struct commands commandhandlers[]={
|
||||
{commandhandlers+58, "stacksize", h_stacksize, 2, 2},
|
||||
{commandhandlers+59, "force", h_force, 1, 1},
|
||||
{commandhandlers+60, "noforce", h_noforce, 1, 1},
|
||||
#ifndef NORADIUS
|
||||
{commandhandlers+61, "radius", h_radius, 3, 0},
|
||||
#endif
|
||||
{specificcommands, "", h_noop, 1, 0}
|
||||
};
|
||||
|
||||
|
||||
@ -333,8 +333,8 @@ extern struct sockaddr_in radiuslist[MAXRADIUS];
|
||||
extern struct sockaddr_in6 radiuslist[MAXRADIUS];
|
||||
#endif
|
||||
|
||||
extern int nradservers = 0;
|
||||
extern char * radiussecret = NULL;
|
||||
extern int nradservers;
|
||||
extern char * radiussecret;
|
||||
|
||||
#ifdef _WINCE
|
||||
char * CEToUnicode (const char *str);
|
||||
|
||||
Loading…
Reference in New Issue
Block a user