diff options
| author | Martin Willi <martin@revosec.ch> | 2013-04-04 16:05:05 +0200 |
|---|---|---|
| committer | Martin Willi <martin@revosec.ch> | 2013-04-10 13:48:03 +0200 |
| commit | b2b99e61c842b54903a59a2e91a1fa193c952344 (patch) | |
| tree | 0bcb65f29228415a483f958619c79ae311431af9 /src/libcharon | |
| parent | 022df06e1a9a4a12c9a7122801348891543db3b7 (diff) | |
| download | strongswan-b2b99e61c842b54903a59a2e91a1fa193c952344.tar.bz2 strongswan-b2b99e61c842b54903a59a2e91a1fa193c952344.tar.xz | |
eap-radius: Add an option to exclude ports from Called/Calling-Station-Id
Diffstat (limited to 'src/libcharon')
| -rw-r--r-- | src/libcharon/plugins/eap_radius/eap_radius.c | 18 | ||||
| -rw-r--r-- | src/libcharon/plugins/eap_radius/eap_radius_accounting.c | 28 |
2 files changed, 37 insertions, 9 deletions
diff --git a/src/libcharon/plugins/eap_radius/eap_radius.c b/src/libcharon/plugins/eap_radius/eap_radius.c index 59340df01..c9e1cdaad 100644 --- a/src/libcharon/plugins/eap_radius/eap_radius.c +++ b/src/libcharon/plugins/eap_radius/eap_radius.c @@ -85,6 +85,11 @@ struct private_eap_radius_t { * Handle the Filter-Id attribute as IPsec CHILD_SA name? */ bool filter_id; + + /** + * Format string we use for Called/Calling-Station-Id for a host + */ + char *station_id_fmt; }; /** @@ -200,10 +205,10 @@ static void add_radius_request_attrs(private_eap_radius_t *this, default: break; } - snprintf(buf, sizeof(buf), "%#H", host); + snprintf(buf, sizeof(buf), this->station_id_fmt, host); request->add(request, RAT_CALLED_STATION_ID, chunk_from_str(buf)); host = ike_sa->get_other_host(ike_sa); - snprintf(buf, sizeof(buf), "%#H", host); + snprintf(buf, sizeof(buf), this->station_id_fmt, host); request->add(request, RAT_CALLING_STATION_ID, chunk_from_str(buf)); } @@ -591,6 +596,15 @@ eap_radius_t *eap_radius_create(identification_t *server, identification_t *peer "%s.plugins.eap-radius.filter_id", FALSE, charon->name), ); + if (lib->settings->get_bool(lib->settings, + "%s.plugins.eap-radius.station_id_with_port", TRUE, charon->name)) + { + this->station_id_fmt = "%#H"; + } + else + { + this->station_id_fmt = "%H"; + } this->client = eap_radius_create_client(); if (!this->client) { diff --git a/src/libcharon/plugins/eap_radius/eap_radius_accounting.c b/src/libcharon/plugins/eap_radius/eap_radius_accounting.c index ec78c8ef2..e9843470a 100644 --- a/src/libcharon/plugins/eap_radius/eap_radius_accounting.c +++ b/src/libcharon/plugins/eap_radius/eap_radius_accounting.c @@ -51,6 +51,11 @@ struct private_eap_radius_accounting_t { * Session ID prefix */ u_int32_t prefix; + + /** + * Format string we use for Called/Calling-Station-Id for a host + */ + char *station_id_fmt; }; /** @@ -195,7 +200,8 @@ static bool send_message(private_eap_radius_accounting_t *this, /** * Add common IKE_SA parameters to RADIUS account message */ -static void add_ike_sa_parameters(radius_message_t *message, ike_sa_t *ike_sa) +static void add_ike_sa_parameters(private_eap_radius_accounting_t *this, + radius_message_t *message, ike_sa_t *ike_sa) { enumerator_t *enumerator; host_t *vip, *host; @@ -227,10 +233,10 @@ static void add_ike_sa_parameters(radius_message_t *message, ike_sa_t *ike_sa) default: break; } - snprintf(buf, sizeof(buf), "%#H", host); + snprintf(buf, sizeof(buf), this->station_id_fmt, host); message->add(message, RAT_CALLED_STATION_ID, chunk_from_str(buf)); host = ike_sa->get_other_host(ike_sa); - snprintf(buf, sizeof(buf), "%#H", host); + snprintf(buf, sizeof(buf), this->station_id_fmt, host); message->add(message, RAT_CALLING_STATION_ID, chunk_from_str(buf)); snprintf(buf, sizeof(buf), "%Y", ike_sa->get_other_eap_id(ike_sa)); @@ -364,7 +370,7 @@ static job_requeue_t send_interim(interim_data_t *data) message->add(message, RAT_ACCT_STATUS_TYPE, chunk_from_thing(value)); message->add(message, RAT_ACCT_SESSION_ID, chunk_create(entry->sid, strlen(entry->sid))); - add_ike_sa_parameters(message, ike_sa); + add_ike_sa_parameters(this, message, ike_sa); value = htonl(bytes_out); message->add(message, RAT_ACCT_OUTPUT_OCTETS, chunk_from_thing(value)); @@ -454,7 +460,7 @@ static void send_start(private_eap_radius_accounting_t *this, ike_sa_t *ike_sa) schedule_interim(this, entry); this->mutex->unlock(this->mutex); - add_ike_sa_parameters(message, ike_sa); + add_ike_sa_parameters(this, message, ike_sa); if (!send_message(this, message)) { eap_radius_handle_timeout(ike_sa->get_id(ike_sa)); @@ -486,7 +492,7 @@ static void send_stop(private_eap_radius_accounting_t *this, ike_sa_t *ike_sa) message->add(message, RAT_ACCT_STATUS_TYPE, chunk_from_thing(value)); message->add(message, RAT_ACCT_SESSION_ID, chunk_create(entry->sid, strlen(entry->sid))); - add_ike_sa_parameters(message, ike_sa); + add_ike_sa_parameters(this, message, ike_sa); value = htonl(entry->bytes.sent); message->add(message, RAT_ACCT_OUTPUT_OCTETS, chunk_from_thing(value)); @@ -679,7 +685,15 @@ eap_radius_accounting_t *eap_radius_accounting_create() (hashtable_equals_t)equals, 32), .mutex = mutex_create(MUTEX_TYPE_DEFAULT), ); - + if (lib->settings->get_bool(lib->settings, + "%s.plugins.eap-radius.station_id_with_port", TRUE, charon->name)) + { + this->station_id_fmt = "%#H"; + } + else + { + this->station_id_fmt = "%H"; + } if (lib->settings->get_bool(lib->settings, "%s.plugins.eap-radius.accounting", FALSE, charon->name)) { |