summaryrefslogtreecommitdiffstats
path: root/usr.sbin/ppp/radius.c
Commit message (Collapse)AuthorAgeFilesLines
* Use rad_acct_open() instead of rad_auth_open().brian2000-10-151-1/+1
| | | | Suggested by: Victor Ivanov <v0rbiz@icon.bg>
* Support radius accounting, and add a packet count to throughputbrian2000-08-281-2/+163
| | | | | | | | | statistics as a side effect. Submitted by: Marcin Cieslak <saper@system.pl> with some tweaks to RAD_ACCT_SESSION_ID and RAD_ACCT_MULTI_SESSION_ID generation by me.
* Correct some typos introduced in the descriptor -> fdescriptor change.brian2000-03-141-4/+4
|
* Introduce LOCALNAT and LOCALRAD defines so that the sources can staybrian2000-03-141-1/+6
| | | | | exactly the same in FreeBSD & OpenBSD despite libalias and libradius being local to the ppp sources under OpenBSD.
* The interface list that comes back from the PF_ROUTE/NET_RT_IFLIST mibbrian2000-03-141-0/+2
| | | | | | is aligned. Teach this to ``show route''. Clean up some of the sockaddr parsing routines.
* To avoid namespace polution in NetBSD:brian2000-03-141-8/+8
| | | | ``struct descriptor'' -> ``struct fdescriptor''
* Notice and warn about unterminated quoted strings in commands.brian1999-12-201-1/+4
| | | | The entire command is ignored if the syntax is invalid...
* Back out the bogus #ifdef __NetBSD__ #include <signal.h> lines.brian1999-09-211-3/+0
| | | | | | | The original report was due to a mis-installation of the NetBS header files :-/ Submitted by: Kazuyoshi Kato <kazk@yyy.or.jp>
* NetBSD has moved ``extern int errno;'' to signal.h :-/brian1999-09-201-0/+3
| | | | Submitted by: Kazuyoshi Kato <kazk@yyy.or.jp>
* When sending radius authentication requests:brian1999-09-031-1/+46
| | | | | | | | | | | Supply RAD_NAS_IDENTIFIER if we have a `hostname` and RAD_IP_ADDRESS if that hostname resolves. Supply RAD_NAS_PORT using the ttyslot() of the tty that we're authenticating on if it's a tty device. Partially submitted by: Andriy I Pilipenko <bamby@marka.net.ua> PR: 12225
* $Id$ -> $FreeBSD$peter1999-08-281-1/+1
|
* o Redesign the layering mechanism and make the aliasing code part ofbrian1999-05-081-1/+2
| | | | | | | | | | | | | | | | | | | | | the layering. We now ``stack'' layers as soon as we open the device (when we figure out what we're dealing with). A static set of `dispatch' routines are also declared for dealing with incoming packets after they've been `pulled' up through the stacked layers. Physical devices are now assigned handlers based on the device type when they're opened. For the moment there are three device types; ttys, execs and tcps. o Increment version number to 2.2 o Make an entry in [uw]tmp for non-tty -direct invocations (after pap/chap authentication). o Make throughput counters quad_t's o Account for the absolute number of mbuf malloc()s and free()s in ``show mem''. o ``show modem'' becomes ``show physical''.
* int -> size_tbrian1999-04-211-2/+3
|
* Correct some ntohl/htonl bogons in the netmask handling.brian1999-03-031-2/+2
| | | | | | | | | This was pretty harmless as netmasks on a POINTOPOINT interface are pretty much ignored, but it looked funny. Mention the configured netmask in ``show ipcp''. Describe in more detail what a proxy arp entry is.
* Decouple pap & chap output routines from the correspondingbrian1999-02-061-109/+244
| | | | | | | | | | | | | | | | | | | | | | | input routines and take advantage of the new init/continue interface in libradius. This allows a timely response on other links in an MP setup while RADIUS requests are in progress as well as the ability to handle other data from the peer in parallel. It should also make the future addition of PAM support trivial. While I'm in there, validate pap & chap header IDs if ``idcheck'' is enabled (the default) for other FSM packet types. NOTE: This involved integrating the generation of chap challenges and the validation of chap responses (and commenting what's going on in those routines). I currently have no way of testing ppps ability to respond to M$Chap CHALLENGEs correctly, so if someone could do the honours, it'd be much appreciated (it *looks* ok!). Sponsored by: Internet Business Solutions Ltd., Switzerland
* o Send a CHAP challenge of 16 random digits when RADIUS isbrian1999-01-291-3/+4
| | | | | | | | | | | | | | configured. This isn't strictly necessary according to the rfc, but it's suggested there.... o Don't forget to include our authname when sending a CHAP challenge when RADIUS is configured. o Don't supply the ``16'' representing the chap answer length to radius_Authenticate() - libradius does this for us. o When we successfully authenticate via radius_Authenticate(), continue with datalink_AuthOk() as expected. Sponsored by: Internet Business Solutions Ltd., Switzerland
* Initial RADIUS support (using libradius). See the man page forbrian1999-01-281-0/+287
details. Compiling with -DNORADIUS (the default for `release') removes support. TODO: The functionality in libradius::rad_send_request() needs to be supplied as a set of routines so that ppp doesn't have to wait indefinitely for the radius server(s). Instead, we need to get a descriptor back, select() on the descriptor, and ask libradius to service it when necessary. For now, ppp blocks SIGALRM while in rad_send_request(), so it misses PAP/CHAP retries & timeouts if they occur. Only PAP is functional. When CHAP is attempted, libradius complains that no User-Password has been specified... rfc2138 says that it *mustn't* be used for CHAP :-( Sponsored by: Internet Business Solutions Ltd., Switzerland
OpenPOWER on IntegriCloud