Copyrights cleaned, authradius.c added

2025-02-23 02:25:40 +08:00 · 2016-12-20 15:47:02 +03:00 · 2016-12-20 15:47:02 +03:00 · f709255d62
commit f709255d62
parent d159c57e1f
29 changed files with 715 additions and 42 deletions
--- a/src/3proxy.c
+++ b/src/3proxy.c
@ -1,6 +1,6 @@
 /*
   3APA3A simpliest proxy server
-   (c) 2002-2008 by ZARAZA <3APA3A@security.nnov.ru>
+   (c) 2002-2016 by Vladimir Dubrovin <3proxy@3proxy.ru>

   please read License Agreement

@ -519,6 +519,9 @@ int WinMain(HINSTANCE hInstance, HINSTANCE hPrevInstance, LPWSTR lpCmdLine, int
  pthread_mutex_init(&tc_mutex, NULL);
  pthread_mutex_init(&pwl_mutex, NULL);
  pthread_mutex_init(&log_mutex, NULL);
+#ifdef WITHRADIUS
+  pthread_mutex_init(&rad_mutex, NULL);
+#endif

  freeconf(&conf);
  res = readconfig(fp);
--- a/src/auth.c
+++ b/src/auth.c
@ -1,6 +1,6 @@
 /*
   3APA3A simpliest proxy server
-   (c) 2002-2008 by ZARAZA <3APA3A@security.nnov.ru>
+   (c) 2002-2016 by Vladimir Dubrovin <3proxy@3proxy.ru>

   please read License Agreement

@ -1372,4 +1372,3 @@ void logsql(struct clientparam * param, const unsigned char *s) {
 }

 #endif
- 
--- a/src/authradius.c
+++ b/src/authradius.c
@ -0,0 +1,654 @@
+/*
+   3APA3A simpliest proxy server
+   (c) 2000-2016 by Vladimir Dubrovin <3proxy@3proxy.ru>
+
+   please read License Agreement
+
+*/
+
+
+#include <proxy.h>
+#include "libs/md5.h"
+
+#define AUTH_VECTOR_LEN         16
+#define MAX_STRING_LEN          254
+#define PW_AUTH_UDP_PORT        1645
+
+#define PW_TYPE_STRING			0
+#define PW_TYPE_INTEGER			1
+#define PW_TYPE_IPADDR			2
+#define PW_TYPE_DATE			3
+#define PW_TYPE_ABINARY			4
+#define PW_TYPE_OCTETS			5
+
+#define	PW_AUTHENTICATION_REQUEST	1
+#define	PW_AUTHENTICATION_ACK		2
+#define	PW_AUTHENTICATION_REJECT	3
+#define	PW_ACCOUNTING_REQUEST		4
+#define	PW_ACCOUNTING_RESPONSE		5
+#define	PW_ACCOUNTING_STATUS		6
+#define PW_PASSWORD_REQUEST		7
+
+
+#define	PW_USER_NAME			1
+#define	PW_PASSWORD			2
+#define	PW_CHAP_PASSWORD		3
+#define	PW_NAS_IP_ADDRESS		4
+#define	PW_NAS_PORT_ID			5
+#define	PW_SERVICE_TYPE			6
+#define	PW_FRAMED_PROTOCOL		7
+#define	PW_FRAMED_IP_ADDRESS		8
+#define	PW_FRAMED_IP_NETMASK		9
+#define	PW_FRAMED_ROUTING		10
+#define	PW_FILTER_ID			11
+#define	PW_FRAMED_MTU			12
+#define	PW_FRAMED_COMPRESSION		13
+#define	PW_LOGIN_IP_HOST		14
+#define	PW_LOGIN_SERVICE		15
+#define	PW_LOGIN_TCP_PORT		16
+#define PW_OLD_PASSWORD			17
+#define PW_REPLY_MESSAGE		18
+#define PW_CALLBACK_NUMBER		19
+#define PW_CALLBACK_ID			20
+#define PW_FRAMED_ROUTE			22
+#define PW_FRAMED_IPXNET		23
+#define PW_STATE			24
+#define PW_CLASS			25
+#define PW_VENDOR_SPECIFIC		26
+#define PW_SESSION_TIMEOUT		27
+#define PW_IDLE_TIMEOUT			28
+#define PW_CALLED_STATION_ID		30
+#define PW_CALLING_STATION_ID		31
+#define PW_NAS_IDENTIFIER		32
+#define PW_PROXY_STATE			33
+
+#define PW_ACCT_STATUS_TYPE		40
+#define PW_ACCT_DELAY_TIME		41
+#define PW_ACCT_INPUT_OCTETS		42
+#define PW_ACCT_OUTPUT_OCTETS		43
+#define PW_ACCT_SESSION_ID		44
+#define PW_ACCT_AUTHENTIC		45
+#define PW_ACCT_SESSION_TIME		46
+#define PW_ACCT_INPUT_PACKETS		47
+#define PW_ACCT_OUTPUT_PACKETS		48
+#define PW_ACCT_TERMINATE_CAUSE		49
+
+#define PW_EVENT_TIMESTAMP		55
+
+#define PW_CHAP_CHALLENGE		60
+#define PW_NAS_PORT_TYPE		61
+#define PW_PORT_LIMIT			62
+
+#define PW_ARAP_PASSWORD		70
+#define PW_ARAP_FEATURES		71
+#define PW_ARAP_ZONE_ACCESS		72
+#define PW_ARAP_SECURITY		73
+#define PW_ARAP_SECURITY_DATA		74
+#define PW_PASSWORD_RETRY		75
+#define PW_PROMPT			76
+#define PW_CONNECT_INFO			77
+#define PW_CONFIGURATION_TOKEN		78
+#define PW_EAP_MESSAGE                  79
+#define PW_MESSAGE_AUTHENTICATOR        80
+
+#define PW_ARAP_CHALLENGE_RESPONSE	84
+#define PW_NAS_PORT_ID_STRING  		87
+#define PW_FRAMED_POOL			89
+
+#define PW_FALL_THROUGH			500
+#define PW_ADD_PORT_TO_IP_ADDRESS	501
+#define PW_EXEC_PROGRAM			502
+#define PW_EXEC_PROGRAM_WAIT		503
+
+#define PW_AUTHTYPE			1000
+#define PW_PREFIX			1003
+#define PW_SUFFIX			1004
+#define PW_GROUP			1005
+#define PW_CRYPT_PASSWORD		1006
+#define PW_CONNECT_RATE			1007
+#define PW_ADD_PREFIX			1008
+#define PW_ADD_SUFFIX			1009
+#define PW_EXPIRATION			1010
+#define PW_USER_CATEGORY		1029
+#define PW_GROUP_NAME			1030
+#define PW_HUNTGROUP_NAME		1031
+#define PW_SIMULTANEOUS_USE		1034
+#define PW_STRIP_USER_NAME		1035
+#define PW_HINT				1040
+#define PAM_AUTH_ATTR			1041
+#define PW_LOGIN_TIME			1042
+#define PW_STRIPPED_USER_NAME		1043
+#define PW_CURRENT_TIME			1044
+#define PW_REALM			1045
+#define PW_NO_SUCH_ATTRIBUTE		1046
+#define PW_PACKET_TYPE			1047
+#define PW_PROXY_TO_REALM      		1048
+#define PW_REPLICATE_TO_REALM  		1049
+#define PW_ACCT_SESSION_START_TIME	1050
+#define PW_ACCT_UNIQUE_SESSION_ID	1051
+#define PW_CLIENT_IP_ADDRESS		1052
+#define LDAP_USERDN			1053
+#define PW_NS_MTA_MD5_PASSWORD		1054
+#define PW_SQL_USER_NAME  		1055
+
+#define	PW_LOGIN_USER			1
+#define	PW_FRAMED_USER			2
+#define	PW_CALLBACK_LOGIN_USER		3
+#define	PW_CALLBACK_FRAMED_USER		4
+#define PW_OUTBOUND_USER		5
+#define PW_ADMINISTRATIVE_USER		6
+#define PW_NAS_PROMPT_USER		7
+#define PW_AUTHENTICATE_ONLY		8
+#define PW_CALLBACK_NAS_PROMPT		9
+
+#define PW_NAS_PORT_ASYNC		0
+#define PW_NAS_PORT_SYNC		1
+#define PW_NAS_PORT_ISDN		2
+#define PW_NAS_PORT_ISDN_V120		3
+#define PW_NAS_PORT_ISDN_V110		4
+#define PW_NAS_PORT_VIRTUAL		5
+
+#define PW_STATUS_START			1
+#define PW_STATUS_STOP			2
+#define PW_STATUS_ALIVE			3
+#define PW_STATUS_ACCOUNTING_ON		7
+#define PW_STATUS_ACCOUNTING_OFF	8
+
+void md5_calc(unsigned char *output, unsigned char *input,
+		     unsigned int inputlen);
+
+
+char *strNcpy(char *dest, const char *src, int n)
+{
+	if (n > 0)
+		strncpy(dest, src, n);
+	else
+		n = 1;
+	dest[n - 1] = 0;
+
+	return dest;
+}
+
+void md5_calc(unsigned char *output, unsigned char *input,
+		     unsigned int inlen)
+{
+	MD5_CTX	context;
+
+	MD5Init(&context);
+	MD5Update(&context, input, inlen);
+	MD5Final(output, &context);
+}
+
+
+
+
+static uint8_t random_vector_pool[AUTH_VECTOR_LEN*2];
+
+static int calc_replydigest(char *packet, char *original, const char *secret, int len)
+{
+	int		secretlen;
+	uint8_t		calc_digest[AUTH_VECTOR_LEN];
+	uint8_t         calc_vector[AUTH_VECTOR_LEN];
+
+	memcpy(calc_vector, packet + 4, AUTH_VECTOR_LEN);
+	memcpy(packet + 4, original, AUTH_VECTOR_LEN);
+	secretlen = strlen(secret);
+	memcpy(packet + len, secret, secretlen);
+	md5_calc(calc_digest, (u_char *)packet, len + secretlen);
+
+	/*
+	 *	Return 0 if OK, 2 if not OK.
+	 */
+	return	memcmp(calc_vector, calc_digest, AUTH_VECTOR_LEN) ? 2 : 0;
+}
+
+/*
+ *	Encode password.
+ *
+ *	We assume that the passwd buffer passed is big enough.
+ *	RFC2138 says the password is max 128 chars, so the size
+ *	of the passwd buffer must be at least 129 characters.
+ *	Preferably it's just MAX_STRING_LEN.
+ *
+ *	int *pwlen is updated to the new length of the encrypted
+ *	password - a multiple of 16 bytes.
+ */
+#define AUTH_PASS_LEN (16)
+int rad_pwencode(char *passwd, int *pwlen, const char *secret, const char *vector)
+{
+	uint8_t	buffer[AUTH_VECTOR_LEN + MAX_STRING_LEN + 1];
+	char	digest[AUTH_VECTOR_LEN];
+	int	i, n, secretlen;
+	int	len;
+
+	/*
+	 *	Padd password to multiple of AUTH_PASS_LEN bytes.
+	 */
+	len = strlen(passwd);
+	if (len > 128) len = 128;
+	*pwlen = len;
+	if (len % AUTH_PASS_LEN != 0) {
+		n = AUTH_PASS_LEN - (len % AUTH_PASS_LEN);
+		for (i = len; n > 0; n--, i++)
+			passwd[i] = 0;
+		len = *pwlen = i;
+	}
+
+	/*
+	 *	Use the secret to setup the decryption digest
+	 */
+	secretlen = strlen(secret);
+	memcpy(buffer, secret, secretlen);
+	memcpy(buffer + secretlen, vector, AUTH_VECTOR_LEN);
+	md5_calc((u_char *)digest, buffer, secretlen + AUTH_VECTOR_LEN);
+
+	/*
+	 *	Now we can encode the password *in place*
+	 */
+	for (i = 0; i < AUTH_PASS_LEN; i++)
+		passwd[i] ^= digest[i];
+
+	if (len <= AUTH_PASS_LEN) return 0;
+
+	/*
+	 *	Length > AUTH_PASS_LEN, so we need to use the extended
+	 *	algorithm.
+	 */
+	for (n = 0; n < 128 && n <= (len - AUTH_PASS_LEN); n += AUTH_PASS_LEN) { 
+		memcpy(buffer + secretlen, passwd + n, AUTH_PASS_LEN);
+		md5_calc((u_char *)digest, buffer, secretlen + AUTH_PASS_LEN);
+		for (i = 0; i < AUTH_PASS_LEN; i++)
+			passwd[i + n + AUTH_PASS_LEN] ^= digest[i];
+	}
+
+	return 0;
+}
+
+
+/*
+ *	Create a random vector of AUTH_VECTOR_LEN bytes.
+ */
+void random_vector(uint8_t *vector)
+{
+	int		i;
+	static int	did_random = 0;
+	static int	counter = 0;
+
+	if (!did_random) {
+
+		for (i = 0; i < (int)sizeof(random_vector_pool); i++) {
+			random_vector_pool[i] += myrand((void *) random_vector_pool+i, 1); & 0xff;
+		}
+		did_random = 1;
+
+	}
+
+	/*
+	 *	Modify our random pool, based on the counter,
+	 *	and put the resulting information through MD5,
+	 *	so it's all mashed together.
+	 */
+	pthread_mutex_lock(&rad_mutex);
+	counter++;
+	random_vector_pool[AUTH_VECTOR_LEN] += (counter & 0xff);
+	md5_calc((u_char *) random_vector_pool,
+			(u_char *) random_vector_pool,
+			sizeof(random_vector_pool));
+
+	/*
+	 *	And do another MD5 hash of the result, to give
+	 *	the user a random vector.  This ensures that the
+	 *	user has a random vector, without giving them
+	 *	an exact image of what's in the random pool.
+	 */
+	md5_calc((u_char *) vector,
+			(u_char *) random_vector_pool,
+			sizeof(random_vector_pool));
+	pthread_mutex_unlock(&rad_mutex);
+}
+
+
+static float timeout = 5;
+
+static int getport(const char *name)
+{
+	struct	servent		*svp;
+
+	svp = getservbyname (name, "udp");
+	if (!svp) {
+		return 0;
+	}
+
+	return ntohs(svp->s_port);
+}
+
+
+
+typedef struct radius_packet_t {
+  uint8_t       code;
+  uint8_t       id;
+  uint16_t      length;
+  uint8_t       vector[AUTH_VECTOR_LEN];
+  uint8_t       data[4096];
+} radius_packet_t;
+          
+
+
+char buf[256];
+extern int ntry;
+
+int radauth(struct clientparam * param){
+{
+	int port = 0;
+	int loop;
+	int id;
+	int res=0;
+	SOCKET sockfd;
+	unsigned char *ptr;
+	int total_length;
+	int len;
+	unsigned dst_ipaddr;
+#ifdef NOIPV6
+	struct  sockaddr_in     saremote;
+#else
+	struct  sockaddr_in6     saremote;
+#endif
+	struct  sockaddr     *sa;	
+	struct timeval  tv;
+	fd_set          rdfdesc;
+	char vector[AUTH_VECTOR_LEN];
+	radius_packet_t packet, rpacket;
+	int salen;
+	int data_len;
+	uint8_t	*vendor_len;
+	int count=0;
+	uint8_t *attr;
+	int haveerror;
+	int loginservice;
+	long vendor=0;
+	int vendorlen=0;
+	int mailservice=0;
+
+	memset(&packet, 0, sizeof(packet));
+
+	random_vector(packet.vector);
+
+	id = (((int)getpid() + ntry) & 0xff);
+	*errorstring = NULL;
+	port = getport("radius");
+	if (port == 0) port = PW_AUTH_UDP_PORT;
+	if ((sockfd = socket(AF_INET, SOCK_DGRAM, 0)) < 0) {
+		perror("radclient: socket: ");
+		return 4;
+	}
+
+	packet.code = PW_AUTHENTICATION_REQUEST;
+	packet.id=id;
+	ptr = packet.data;
+	total_length = 0;
+
+	md5_calc(packet.vector, packet.vector,
+			sizeof(packet.vector));
+
+
+	/* Service Type */
+
+	*ptr++ =  PW_SERVICE_TYPE;
+	*ptr++ = 6;
+	(*(uint32_t *)ptr)=htonl(PW_AUTHENTICATE_ONLY);
+	ptr+=4;
+	total_length+=6;
+
+	/* NAS-Port */
+
+	*ptr++ =  PW_NAS_PORT_ID;
+	*ptr++ = 6;
+	(*(uint32_t *)ptr)=htonl((unsigned int)p->server_port);
+	ptr+=4;
+	total_length+=6;
+
+	/* NAS-Port-Type */
+
+	*ptr++ =  PW_NAS_PORT_TYPE;
+	*ptr++ = 6;
+	(*(uint32_t *)ptr)=htonl(PW_NAS_PORT_VIRTUAL);
+	ptr+=4;
+	total_length+=6;
+
+	/* NAS-IP-Address */
+
+	*ptr++ =  PW_NAS_IP_ADDRESS;
+	*ptr++ = 6;
+	(*(uint32_t *)ptr)=p->server_ip;
+
+	ptr+=4;
+	total_length+=6;
+
+	/* Username */
+	len = strlen(p->user);
+	if(len>128)len=128;
+	*ptr++ = PW_USER_NAME;
+	*ptr++ = len + 2;
+	memcpy(ptr, p->user, len);
+	ptr+=len;
+	total_length += (len+2);
+	
+	len = strlen(password);
+	if(len > 128) len = 128;
+	*ptr++ = PW_PASSWORD;
+	ptr++;
+	memcpy(ptr, password, len);
+	rad_pwencode(ptr,
+		     &len,
+		     p->radiussecret, 
+		     (char *)packet.vector);
+	*(ptr-1) = len + 2;
+	ptr+=len;
+	total_length+= (len+2);
+	
+	total_length+=(4+AUTH_VECTOR_LEN);
+	packet.length = htons(total_length);
+	memcpy(vector, packet.vector, AUTH_VECTOR_LEN);
+	
+	for (loop = 0; p->radiuslist[loop] && loop < MAXRADIUS; loop++) {
+		*errorstring = 0;
+		haveerror = 0;
+		loginservice = 0;
+		packet.id++;
+		dst_ipaddr = ip_getaddr(p->radiuslist[loop]);
+
+		sa = (struct sockaddr_in *) &saremote;
+		memset ((char *) sa, '\0', sizeof (saremote));
+		sa->sin_family = AF_INET;
+		sa->sin_addr.s_addr = dst_ipaddr;
+/*
+		sa->sin_port = htons(port);
+*/
+		sa->sin_port = htons(1812);
+		res = sendto(sockfd, &packet, ntohs(packet.length), 0,
+		      (struct sockaddr *)&saremote, sizeof(struct sockaddr_in));
+		if(res != ntohs(packet.length)){
+			res = 1;
+			continue;
+		}
+		/* And wait for reply, timing out as necessary */
+		FD_ZERO(&rdfdesc);
+		FD_SET(sockfd, &rdfdesc);
+
+		tv.tv_sec = (int)timeout;
+		tv.tv_usec = 1000000 * (timeout - (int)timeout);
+
+		/* Something's wrong if we don't get exactly one fd. */
+		if (select(sockfd + 1, &rdfdesc, NULL, NULL, &tv) != 1) {
+			res = 2;
+			continue;
+		}
+
+		memset(&saremote, 0, sizeof(saremote));
+		salen = sizeof(struct sockaddr_in);
+				
+		data_len = recvfrom(sockfd, &rpacket, sizeof(packet)-strlen(p->radiussecret),
+			0, (struct sockaddr *)&saremote, &salen);
+
+		if (data_len < 0) {
+			res = 3;
+			continue;
+		}
+
+		if (data_len < 20) {
+			res = 4;
+			continue;
+		}
+
+		if( rpacket.code != PW_AUTHENTICATION_ACK &&
+		    rpacket.code != PW_AUTHENTICATION_REJECT ){
+		    	res = 5;
+			continue;
+		}
+
+		if (calc_replydigest((char *)&rpacket, packet.vector, p->radiussecret,
+			data_len) ){
+			res = 5;
+			continue;
+		}
+
+		/*
+		 *	Check for packets with mismatched size.
+		 *	i.e. We've received 128 bytes, and the packet header
+		 *	says it's 256 bytes long.
+		 */
+		total_length = ntohs(rpacket.length);
+		if (data_len != total_length) {
+			res = 6;
+			continue;
+		}
+
+		/*
+		 *	Walk through the packet's attributes, ensuring that
+		 *	they add up EXACTLY to the size of the packet.
+		 *
+		 *	If they don't, then the attributes either under-fill
+		 *	or over-fill the packet.  Any parsing of the packet
+		 *	is impossible, and will result in unknown side effects.
+		 *
+		 *	This would ONLY happen with buggy RADIUS implementations,
+		 *	or with an intentional attack.  Either way, we do NOT want
+		 *	to be vulnerable to this problem.
+		 */
+		attr = rpacket.data;
+		count = total_length - 20;
+		vendor_len = 0;
+
+		while (count >= 2) {
+			/*
+			 *	Attribute number zero is NOT defined.
+			 */
+			if (!vendor && attr[0] == 0) {
+				break;
+			}
+		
+			/*
+			 *	Attributes are at LEAST as long as the ID & length
+			 *	fields.  Anything shorter is an invalid attribute.
+			 */
+	       		if (attr[1] < 2) {
+				break;
+			}
+
+			/*
+			 *	Sanity check the attributes for length.
+			 */
+			if(!vendor && attr[0] == PW_VENDOR_SPECIFIC) {
+				if (attr[1] < 6 || count < 6) return 9;
+				vendorlen = attr[1]-6;
+				vendor = htonl(*((int*)(attr +2)));
+				count -= 6;
+				attr += 6;
+				continue;
+			}
+	
+			if (!vendor && attr[0] == PW_REPLY_MESSAGE) {
+				memcpy(buf, attr+2, attr[1]-2);
+				buf[attr[1]-2]=0;
+				haveerror = 1;
+			}
+
+			else if (vendor == SANDY && attr[0] == SANDY_MAIL_MAILBOX) {
+				memcpy (p->drop_name, attr + 2, attr[1] - 2);
+			}
+			else if (vendor == SANDY && attr[0] == SANDY_MAIL_MBOXCONTROL) {
+				if (ntohl(*(int *)(attr+2)) & 1) p->dodeletes = 1;
+			}
+			else if (vendor == SANDY && attr[0] == SANDY_MAIL_SERVICE) {
+				mailservice = ntohl(*(int *)(attr+2)) ;
+			}
+
+			count -= attr[1];	/* grab the attribute length */
+			if(vendorlen) {
+				vendorlen -= attr[1];
+				if (!vendorlen) vendor = 0;
+				else if (vendorlen < 0) return 10;
+			}
+			attr += attr[1];
+		}
+
+		if (count !=0 || vendorlen!=0) {
+			res = 20;
+			continue;
+		}
+		/*
+		 *	If the attributes add up to a packet, it's allowed.
+		 *
+		 *	If not, we complain, and throw the packet away.
+		 */
+
+		if(haveerror){
+			*errorstring=buf;
+		}
+		if(rpacket.code != PW_AUTHENTICATION_ACK){
+			res = 0;
+			continue;
+		}
+		if(mailservice != 3){
+			*errorstring = "This account is not valid for mailbox access, check your settings";
+			return 130;
+		}
+		p->auth = at;
+		return 0;
+	}
+	return 100+res;
+}
+
+
+
+
+#ifdef WITH_MAIN
+
+extern int librad_debug;
+
+
+int main(int argc, char*argv[]){
+
+  char *radiuslist[] = {"195.122.226.5", NULL};
+  int dodeletes;
+  char * errorstring;
+  int result;
+/*  
+librad_debug = 1;
+*/
+
+  if(argc!=3)return 1;
+  
+  result =    radius_pass(PLAIN, argv[1], argv[2], NULL, radiuslist, "test", &dodeletes, &errorstring);
+
+  printf("Login: %s/%d, Dodeletes: %s, Errorstring: %s\n",
+  	(result)?"FAILED":"SUCCEED",
+  	result,
+  	(dodeletes)?"YES":"NO",
+  	(errorstring)?errorstring:"NONE"
+  );
+  fflush(stdout);
+  return 0;
+}
+
+#endif
--- a/src/base64.c
+++ b/src/base64.c
@ -1,9 +1,9 @@
 /*
- * Copyright (c) 2000-2008 3APA3A
- *
- * please read License Agreement
- *
- */
+   (c) 2002-2016 by Vladimir Dubrovin <3proxy@3proxy.ru>
+
+   please read License Agreement
+
+*/

 #include <string.h>

--- a/src/common.c
+++ b/src/common.c
@ -1,6 +1,6 @@
 /*
   3APA3A simpliest proxy server
-   (c) 2002-2008 by ZARAZA <3APA3A@security.nnov.ru>
+   (c) 2002-2016 by Vladimir Dubrovin <3proxy@3proxy.ru>

   please read License Agreement

--- a/src/conf.c
+++ b/src/conf.c
@ -1,3 +1,11 @@
+/*
+   3APA3A simpliest proxy server
+   (c) 2002-2016 by Vladimir Dubrovin <3proxy@3proxy.ru>
+
+   please read License Agreement
+
+*/
+
 #include "proxy.h"
 #ifndef _WIN32
 #include <sys/resource.h>
--- a/src/datatypes.c
+++ b/src/datatypes.c
@ -1,9 +1,9 @@
 /*
- * Copyright (c) 2000-2008 3APA3A
- *
- * please read License Agreement
- *
- */
+   (c) 2002-2016 by Vladimir Dubrovin <3proxy@3proxy.ru>
+
+   please read License Agreement
+
+*/

 #include "proxy.h"

--- a/src/dighosts.c
+++ b/src/dighosts.c
@ -1,9 +1,9 @@
 /*
- * Copyright (c) 2000-2008 3APA3A
- *
- * please read License Agreement
- *
- */
+   (c) 2002-2016 by Vladimir Dubrovin <3proxy@3proxy.ru>
+
+   please read License Agreement
+
+*/

 #include "proxy.h"
 pthread_mutex_t log_mutex;
--- a/src/dnspr.c
+++ b/src/dnspr.c
@ -1,6 +1,6 @@
 /*
   3APA3A simpliest proxy server
-   (c) 2002-2008 by ZARAZA <3APA3A@security.nnov.ru>
+   (c) 2002-2016 by Vladimir Dubrovin <3proxy@3proxy.ru>

   please read License Agreement

--- a/src/ftp.c
+++ b/src/ftp.c
@ -1,8 +1,8 @@
 /*
- * Copyright (c) 2002-2008 3APA3A
- *
- * please read License Agreement
- *
+   (c) 2002-2016 by Vladimir Dubrovin <3proxy@3proxy.ru>
+
+   please read License Agreement
+
 */

 #include "proxy.h"
--- a/src/ftppr.c
+++ b/src/ftppr.c
@ -1,6 +1,6 @@
 /*
   3APA3A simpliest proxy server
-   (c) 2002-2008 by ZARAZA <3APA3A@security.nnov.ru>
+   (c) 2002-2016 by Vladimir Dubrovin <3proxy@3proxy.ru>

   please read License Agreement

--- a/src/icqpr.c
+++ b/src/icqpr.c
@ -1,6 +1,6 @@
 /*
   3APA3A simpliest proxy server
-   (c) 2002-2008 by ZARAZA <3APA3A@security.nnov.ru>
+   (c) 2002-2016 by Vladimir Dubrovin <3proxy@3proxy.ru>

   please read License Agreement

--- a/src/myalloc.c
+++ b/src/myalloc.c
@ -1,6 +1,6 @@
 /*
   3APA3A simpliest proxy server
-   (c) 2002-2008 by ZARAZA <3APA3A@security.nnov.ru>
+   (c) 2002-2016 by Vladimir Dubrovin <3proxy@3proxy.ru>

   please read License Agreement

--- a/src/mycrypt.c
+++ b/src/mycrypt.c
@ -1,6 +1,6 @@
 /*
   3APA3A simpliest proxy server
-   (c) 2002-2008 by ZARAZA <3APA3A@security.nnov.ru>
+   (c) 2002-2016 by Vladimir Dubrovin <3proxy@3proxy.ru>

   please read License Agreement

--- a/src/ntlm.c
+++ b/src/ntlm.c
@ -1,6 +1,6 @@
 /*
   3APA3A simpliest proxy server
-   (c) 2002-2008 by ZARAZA <3APA3A@security.nnov.ru>
+   (c) 2002-2016 by Vladimir Dubrovin <3proxy@3proxy.ru>

   please read License Agreement

--- a/src/plugins.c
+++ b/src/plugins.c
@ -1,6 +1,6 @@
 /*
   3APA3A simpliest proxy server
-   (c) 2002-2008 by ZARAZA <3APA3A@security.nnov.ru>
+   (c) 2002-2016 by Vladimir Dubrovin <3proxy@3proxy.ru>

   please read License Agreement

--- a/src/pop3p.c
+++ b/src/pop3p.c
@ -1,6 +1,6 @@
 /*
   3APA3A simpliest proxy server
-   (c) 2002-2008 by ZARAZA <3APA3A@security.nnov.ru>
+   (c) 2002-2016 by Vladimir Dubrovin <3proxy@3proxy.ru>

   please read License Agreement

--- a/src/proxy.c
+++ b/src/proxy.c
@ -1,6 +1,6 @@
 /*
   3APA3A simpliest proxy server
-   (c) 2002-2008 by ZARAZA <3APA3A@security.nnov.ru>
+   (c) 2002-2016 by Vladimir Dubrovin <3proxy@3proxy.ru>

   please read License Agreement

--- a/src/proxy.h
+++ b/src/proxy.h
@ -1,6 +1,6 @@
 /*
   3APA3A simpliest proxy server
-   (c) 2002-2009 by ZARAZA <3APA3A@security.nnov.ru>
+   (c) 2002-2016 by Vladimir Dubrovin <3proxy@3proxy.ru>

   please read License Agreement

@ -315,6 +315,7 @@ extern pthread_mutex_t hash_mutex;
 extern pthread_mutex_t tc_mutex;
 extern pthread_mutex_t pwl_mutex;
 extern pthread_mutex_t log_mutex;
+extern pthread_mutex_t rad_mutex;
 extern struct datatype datatypes[64];

 extern struct commands commandhandlers[];
--- a/src/proxymain.c
+++ b/src/proxymain.c
@ -1,6 +1,6 @@
 /*
   3APA3A simpliest proxy server
-   (c) 2002-2008 by ZARAZA <3APA3A@security.nnov.ru>
+   (c) 2002-2016 by Vladimir Dubrovin <3proxy@3proxy.ru>

   please read License Agreement

--- a/src/smtpp.c
+++ b/src/smtpp.c
@ -1,6 +1,6 @@
 /*
   3APA3A simpliest proxy server
-   (c) 2002-2008 by ZARAZA <3APA3A@security.nnov.ru>
+   (c) 2002-2016 by Vladimir Dubrovin <3proxy@3proxy.ru>

   please read License Agreement

--- a/src/sockgetchar.c
+++ b/src/sockgetchar.c
@ -1,6 +1,6 @@
 /*
   3APA3A simpliest proxy server
-   (c) 2002-2008 by ZARAZA <3APA3A@security.nnov.ru>
+   (c) 2002-2016 by Vladimir Dubrovin <3proxy@3proxy.ru>

   please read License Agreement
 */
--- a/src/sockmap.c
+++ b/src/sockmap.c
@ -1,6 +1,6 @@
 /*
   3APA3A simpliest proxy server
-   (c) 2002-2008 by ZARAZA <3APA3A@security.nnov.ru>
+   (c) 2002-2016 by Vladimir Dubrovin <3proxy@3proxy.ru>

   please read License Agreement

--- a/src/socks.c
+++ b/src/socks.c
@ -1,6 +1,6 @@
 /*
   3APA3A simpliest proxy server
-   (c) 2002-2008 by ZARAZA <3APA3A@security.nnov.ru>
+   (c) 2002-2016 by Vladimir Dubrovin <3proxy@3proxy.ru>

   please read License Agreement

--- a/src/stringtable.c
+++ b/src/stringtable.c
@ -1,6 +1,6 @@
 /*
   3APA3A simpliest proxy server
-   (c) 2002-2008 by ZARAZA <3APA3A@security.nnov.ru>
+   (c) 2002-2016 by Vladimir Dubrovin <3proxy@3proxy.ru>

   please read License Agreement

--- a/src/structures.h
+++ b/src/structures.h
@ -1,3 +1,11 @@
+/*
+   3APA3A simpliest proxy server
+   (c) 2002-2016 by Vladimir Dubrovin <3proxy@3proxy.ru>
+
+   please read License Agreement
+
+*/
+
 #ifndef _STRUCTURES_H_
 #define _STRUCTURES_H_

--- a/src/tcppm.c
+++ b/src/tcppm.c
@ -1,6 +1,6 @@
 /*
   3APA3A simpliest proxy server
-   (c) 2002-2008 by ZARAZA <3APA3A@security.nnov.ru>
+   (c) 2002-2016 by Vladimir Dubrovin <3proxy@3proxy.ru>

   please read License Agreement

--- a/src/udppm.c
+++ b/src/udppm.c
@ -1,6 +1,6 @@
 /*
   3APA3A simpliest proxy server
-   (c) 2002-2008 by ZARAZA <3APA3A@security.nnov.ru>
+   (c) 2002-2016 by Vladimir Dubrovin <3proxy@3proxy.ru>

   please read License Agreement

--- a/src/webadmin.c
+++ b/src/webadmin.c
@ -1,6 +1,6 @@
 /*
   3APA3A simpliest proxy server
-   (c) 2002-2008 by ZARAZA <3APA3A@security.nnov.ru>
+   (c) 2002-2016 by Vladimir Dubrovin <3proxy@3proxy.ru>

   please read License Agreement