25 #ifdef ENABLE_RADIUS_AUTH 27 #include <arpa/inet.h> 29 #if defined(RADIUS_AUTH_FREERADIUS) 30 #include <freeradius-client.h> 31 #ifndef RC_CONFIG_FILE 32 #define RC_DICTIONARY_FILE "/etc/radiusclient/dictionary" 34 #elif defined(RADIUS_AUTH_RADCLI) 36 #include <radcli/radcli.h> 40 #ifndef RC_CONFIG_FILE 41 #define RC_DICTIONARY_FILE "/etc/radcli/dictionary" 45 #include "../base/networking.h" 49 #ifndef PW_MAX_MSG_SIZE 50 #define PW_MAX_MSG_SIZE 4096 62 radius_init (
const char *hostname,
const char *secret)
65 char authserver[4096];
66 struct sockaddr_in6 ip6;
70 if (inet_pton (AF_INET6, hostname, &(ip6.sin6_addr)) == 1)
71 snprintf (authserver,
sizeof (authserver),
"[%s]::%s", hostname, secret);
73 snprintf (authserver,
sizeof (authserver),
"%s::%s", hostname, secret);
75 #if defined(RADIUS_AUTH_RADCLI) 77 FILE *config_file = NULL;
78 char config_filename[35] =
"/tmp/gvm_radius_conf_XXXXXX";
79 int config_fd = mkstemp (config_filename);
83 g_warning (
"%s: Couldn't create temp radius config file: %s\n",
84 __FUNCTION__, strerror (errno));
85 goto radius_init_fail;
88 config_file = fdopen (config_fd,
"w");
89 if (config_file == NULL)
92 g_warning (
"%s: Couldn't open temp radius config file %s: %s\n",
93 __FUNCTION__, config_filename, strerror (errno));
94 goto radius_init_fail;
97 if (fprintf (config_file,
101 "seqfile /var/run/radius.seq\n" 104 "radius_deadtime 0\n" 107 RC_DICTIONARY_FILE, authserver, authserver)
110 fclose (config_file);
111 g_warning (
"%s: Couldn't write to temp radius config file %s:%s\n",
112 __FUNCTION__, config_filename, strerror (errno));
113 unlink (config_filename);
114 goto radius_init_fail;
116 fclose (config_file);
118 rh = rc_read_config (config_filename);
121 g_warning (
"%s: Couldn't read temp radius config file %s\n", __FUNCTION__,
123 unlink (config_filename);
124 goto radius_init_fail;
126 unlink (config_filename);
127 #else // defined(RADIUS_AUTH_RADCLI) 128 if ((rh = rc_new ()) == NULL)
130 g_warning (
"radius_init: Couldn't allocate memory");
133 if (!rc_config_init (rh))
135 g_warning (
"radius_init: Couldn't initialize the config");
140 if (rc_add_config (rh,
"auth_order",
"radius",
"config", 0))
142 g_warning (
"radius_init: Couldn't set auth_order");
143 goto radius_init_fail;
145 if (rc_add_config (rh,
"login_tries",
"4",
"config", 0))
147 g_warning (
"radius_init: Couldn't set login_tries");
148 goto radius_init_fail;
150 if (rc_add_config (rh,
"dictionary", RC_DICTIONARY_FILE,
"config", 0))
152 g_warning (
"radius_init: Couldn't set dictionary");
153 goto radius_init_fail;
155 if (rc_add_config (rh,
"seqfile",
"/var/run/radius.seq",
"config", 0))
157 g_warning (
"radius_init: Couldn't set seqfile");
158 goto radius_init_fail;
160 if (rc_add_config (rh,
"radius_retries",
"3",
"config", 0))
162 g_warning (
"radius_init: Couldn't set radius_retries");
163 goto radius_init_fail;
165 if (rc_add_config (rh,
"radius_timeout",
"5",
"config", 0))
167 g_warning (
"radius_init: Couldn't set radius_timeout");
168 goto radius_init_fail;
170 if (rc_add_config (rh,
"radius_deadtime",
"0",
"config", 0))
172 g_warning (
"radius_init: Couldn't set radius_deadtime");
173 goto radius_init_fail;
175 if (rc_add_config (rh,
"authserver", authserver,
"config", 0) != 0)
177 g_warning (
"radius_init: Couldn't set authserver %s", authserver);
178 goto radius_init_fail;
180 if (rc_read_dictionary (rh, RC_DICTIONARY_FILE) != 0)
182 g_warning (
"radius_init: Couldn't read the dictionary file %s",
184 goto radius_init_fail;
186 #endif // defined(RADIUS_AUTH_RADCLI) 207 const char *username,
const char *password)
209 uint32_t service = PW_AUTHENTICATE_ONLY;
210 char msg[PW_MAX_MSG_SIZE];
211 VALUE_PAIR *send = NULL, *received = NULL;
214 struct sockaddr_in ip4;
215 struct sockaddr_in6 ip6;
217 rh = radius_init (hostname, secret);
220 if (rc_avpair_add (rh, &send, PW_USER_NAME, (
char *) username, -1, 0) == NULL)
222 g_warning (
"radius_authenticate: Couldn't set the username");
223 goto authenticate_leave;
225 if (rc_avpair_add (rh, &send, PW_USER_PASSWORD, (
char *) password, -1, 0)
228 g_warning (
"radius_authenticate: Couldn't set the password");
229 goto authenticate_leave;
231 if (rc_avpair_add (rh, &send, PW_SERVICE_TYPE, &service, -1, 0) == NULL)
233 g_warning (
"radius_authenticate: Couldn't set the service type");
234 goto authenticate_leave;
239 g_warning (
"radius_authenticate: Couldn't resolve %s", hostname);
240 goto authenticate_leave;
244 if (rc_auth (rh, 0, send, &received, msg) == OK_RC)
250 rc_avpair_free (send);
252 rc_avpair_free (received);
270 const char *username,
const char *password)
int radius_authenticate(const char *hostname, const char *secret, const char *username, const char *password)
Dummy function for manager.
int gvm_resolve(const char *name, void *dst, int family)
Resolves a hostname to an IPv4 or IPv6 address.