- log(3, 0, 0, 0, "Creating %d sockets for RADIUS queries\n", config->num_radfds);
+ LOG(3, 0, 0, 0, "Creating %d sockets for RADIUS queries\n", config->num_radfds);
radfds = calloc(sizeof(int), config->num_radfds);
for (i = 0; i < config->num_radfds; i++)
{
radfds = calloc(sizeof(int), config->num_radfds);
for (i = 0; i < config->num_radfds; i++)
{
- log(0, 0, 0, 0, "Can't find a free radius session! This is very bad!\n");
+ LOG(0, 0, 0, 0, "Can't find a free radius session! This is very bad!\n");
- log(3, 0, s, session[s].tunnel, "Re-used radius %d\n", r);
+ LOG(3, 0, s, session[s].tunnel, "Re-used radius %d\n", r);
- log(1, 0, s, session[s].tunnel, "No free RADIUS sessions\n");
+ LOG(1, 0, s, session[s].tunnel, "No free RADIUS sessions\n");
radius[r].state = RADIUSWAIT;
radius[r].retry = TIME + 1200; // Wait at least 120 seconds to re-claim this.
radius[r].state = RADIUSWAIT;
radius[r].retry = TIME + 1200; // Wait at least 120 seconds to re-claim this.
- log(3,0,s, session[s].tunnel, "Allocated radius %d\n", r);
+ LOG(3,0,s, session[s].tunnel, "Allocated radius %d\n", r);
- log(0, 0, s, session[s].tunnel, "No RADIUS servers\n");
+ LOG(0, 0, s, session[s].tunnel, "No RADIUS servers\n");
- log(0, 0, s, session[s].tunnel, "No RADIUS secret\n");
+ LOG(0, 0, s, session[s].tunnel, "No RADIUS secret\n");
- log(4, 0, s, session[s].tunnel, "Send RADIUS id %d sock %d state %s try %d\n",
+ LOG(4, 0, s, session[s].tunnel, "Send RADIUS id %d sock %d state %s try %d\n",
r >> RADIUS_SHIFT, r & RADIUS_MASK,
radius_state(radius[r].state), radius[r].try);
if (radius[r].try > config->numradiusservers * 2)
r >> RADIUS_SHIFT, r & RADIUS_MASK,
radius_state(radius[r].state), radius[r].try);
if (radius[r].try > config->numradiusservers * 2)
- log(1, 0, s, session[s].tunnel, "RADIUS timeout, but in state %s so don't timeout session\n",
+ LOG(1, 0, s, session[s].tunnel, "RADIUS timeout, but in state %s so don't timeout session\n",
- log(0, 0, 0, 0, "Unknown radius state %d\n", state);
+ LOG(0, 0, 0, 0, "Unknown radius state %d\n", state);
}
b[1] = r >> RADIUS_SHIFT; // identifier
memcpy(b + 4, radius[r].auth, 16);
}
b[1] = r >> RADIUS_SHIFT; // identifier
memcpy(b + 4, radius[r].auth, 16);
memset(&addr, 0, sizeof(addr));
addr.sin_family = AF_INET;
*(u32 *) & addr.sin_addr = config->radiusserver[(radius[r].try - 1) % config->numradiusservers];
memset(&addr, 0, sizeof(addr));
addr.sin_family = AF_INET;
*(u32 *) & addr.sin_addr = config->radiusserver[(radius[r].try - 1) % config->numradiusservers];
- addr.sin_port = htons((state == RADIUSAUTH) ? RADPORT : RADAPORT);
+ {
+ // get radius port
+ u16 port = config->radiusport[(radius[r].try - 1) % config->numradiusservers];
+ // no need to define the accounting port for itself:
+ // the accounting port is as far as I know always one more
+ // than the auth port JK 20040713
+ addr.sin_port = htons((state == RADIUSAUTH) ? port : port+1);
+ }
- log_hex(5, "RADIUS Send", b, (p - b));
+ LOG_HEX(5, "RADIUS Send", b, (p - b));
sendto(radfds[r & RADIUS_MASK], b, p - b, 0, (void *) &addr, sizeof(addr));
}
sendto(radfds[r & RADIUS_MASK], b, p - b, 0, (void *) &addr, sizeof(addr));
}
- log_hex(5, "RADIUS Response", buf, len);
+ LOG_HEX(5, "RADIUS Response", buf, len);
- log(1, 0, 0, 0, "Duff RADIUS response length %d\n", len);
+ LOG(1, 0, 0, 0, "Duff RADIUS response length %d\n", len);
- log(3, 0, s, session[s].tunnel, "Received %s, radius %d response for session %u (code %d, id %d)\n",
+ LOG(3, 0, s, session[s].tunnel, "Received %s, radius %d response for session %u (code %d, id %d)\n",
radius_states[radius[r].state], r, s, r_code, r_id);
if (!s && radius[r].state != RADIUSSTOP)
{
radius_states[radius[r].state], r, s, r_code, r_id);
if (!s && radius[r].state != RADIUSSTOP)
{
- log(1, 0, s, session[s].tunnel, " Unexpected RADIUS response\n");
+ LOG(1, 0, s, session[s].tunnel, " Unexpected RADIUS response\n");
- log(1, 0, s, session[s].tunnel, " Unexpected RADIUS response\n");
+ LOG(1, 0, s, session[s].tunnel, " Unexpected RADIUS response\n");
- log(0, 0, s, session[s].tunnel, " Incorrect auth on RADIUS response!! (wrong secret in radius config?)\n");
+ LOG(0, 0, s, session[s].tunnel, " Incorrect auth on RADIUS response!! (wrong secret in radius config?)\n");
return; // Do nothing. On timeout, it will try the next radius server.
}
if ((radius[r].state == RADIUSAUTH && *buf != 2 && *buf != 3) ||
((radius[r].state == RADIUSSTART || radius[r].state == RADIUSSTOP) && *buf != 5))
{
return; // Do nothing. On timeout, it will try the next radius server.
}
if ((radius[r].state == RADIUSAUTH && *buf != 2 && *buf != 3) ||
((radius[r].state == RADIUSSTART || radius[r].state == RADIUSSTOP) && *buf != 5))
{
- log(1, 0, s, session[s].tunnel, " Unexpected RADIUS response %d\n", *buf);
+ LOG(1, 0, s, session[s].tunnel, " Unexpected RADIUS response %d\n", *buf);
return; // We got something we didn't expect. Let the timeouts take
// care off finishing the radius session if that's really correct.
}
if (radius[r].state == RADIUSAUTH)
{
return; // We got something we didn't expect. Let the timeouts take
// care off finishing the radius session if that's really correct.
}
if (radius[r].state == RADIUSAUTH)
{
- log(4, 0, s, session[s].tunnel, " Original response is \"%s\"\n", (*buf == 2) ? "accept" : "reject");
+ LOG(4, 0, s, session[s].tunnel, " Original response is \"%s\"\n", (*buf == 2) ? "accept" : "reject");
- log(3, 0, s, session[s].tunnel, " CHAP User %s authentication %s.\n", session[s].user,
+ LOG(3, 0, s, session[s].tunnel, " CHAP User %s authentication %s.\n", session[s].user,
- log(3, 0, s, session[s].tunnel, " PAP User %s authentication %s.\n", session[s].user,
+ LOG(3, 0, s, session[s].tunnel, " PAP User %s authentication %s.\n", session[s].user,
- log(3, 0, s, session[s].tunnel, " Radius reply contains IP address %s\n", inet_toa(*(u32 *) (p + 2)));
+ LOG(3, 0, s, session[s].tunnel, " Radius reply contains IP address %s\n", inet_toa(*(u32 *) (p + 2)));
- log(3, 0, s, session[s].tunnel, " Radius reply contains primary DNS address %s\n", inet_toa(*(u32 *) (p + 2)));
+ LOG(3, 0, s, session[s].tunnel, " Radius reply contains primary DNS address %s\n", inet_toa(*(u32 *) (p + 2)));
- log(3, 0, s, session[s].tunnel, " Radius reply contains secondary DNS address %s\n", inet_toa(*(u32 *) (p + 2)));
+ LOG(3, 0, s, session[s].tunnel, " Radius reply contains secondary DNS address %s\n", inet_toa(*(u32 *) (p + 2)));
- log(1, 0, s, session[s].tunnel, " Too many routes\n");
+ LOG(1, 0, s, session[s].tunnel, " Too many routes\n");
- log(3, 0, s, session[s].tunnel, " Radius reply contains route for %s/%s\n", ips, masks);
+ LOG(3, 0, s, session[s].tunnel, " Radius reply contains route for %s/%s\n", ips, masks);
- log(3, 0, s, session[s].tunnel, " Radius reply contains Vendor-Specific. Vendor=%d Attrib=%d Length=%d\n", vendor, attrib, attrib_length);
+ LOG(3, 0, s, session[s].tunnel, " Radius reply contains Vendor-Specific. Vendor=%d Attrib=%d Length=%d\n", vendor, attrib, attrib_length);
- log(3, 0, s, session[s].tunnel, " Unknown vendor-specific\n");
+ LOG(3, 0, s, session[s].tunnel, " Unknown vendor-specific\n");
else
{
char *avpair, *value, *key, *newp;
avpair = key = calloc(attrib_length + 1, 1);
memcpy(avpair, p + 8, attrib_length);
else
{
char *avpair, *value, *key, *newp;
avpair = key = calloc(attrib_length + 1, 1);
memcpy(avpair, p + 8, attrib_length);
- log(3, 0, s, session[s].tunnel, " Cisco-Avpair value: %s\n", avpair);
+ LOG(3, 0, s, session[s].tunnel, " Cisco-Avpair value: %s\n", avpair);
- log(2, 0, s, session[s].tunnel, " Authentication denied for %s\n", session[s].user);
+ LOG(2, 0, s, session[s].tunnel, " Authentication denied for %s\n", session[s].user);
- log(3, 0, s, t, " Sending dns1 = %s\n", inet_toa(config->default_dns1));
+ LOG(3, 0, s, t, " Sending dns1 = %s\n", inet_toa(config->default_dns1));
- log(3, 0, s, t, " Sending dns2 = %s\n", inet_toa(config->default_dns2));
+ LOG(3, 0, s, t, " Sending dns2 = %s\n", inet_toa(config->default_dns2));
- log(3, 0, s, t, " RADIUS accounting ack recv in state %s\n", radius_states[radius[r].state]);
+ LOG(3, 0, s, t, " RADIUS accounting ack recv in state %s\n", radius_states[radius[r].state]);
- log(3, 0, s, session[s].tunnel, "Freeing up radius session %d\n", r);
+ LOG(3, 0, s, session[s].tunnel, "Freeing up radius session %d\n", r);
- log(1, 0, 0, 0, "Cleaning radius session array\n");
+ LOG(1, 0, 0, 0, "Cleaning radius session array\n");
projects / l2tpns.git / blobdiff