Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
O
OpnSense
Project
Project
Details
Activity
Releases
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Kulya
OpnSense
Commits
b50eee57
Commit
b50eee57
authored
Oct 23, 2015
by
Ad Schellevis
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
(Auth) add radius accounting methods
parent
dcd475dc
Changes
1
Show whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
190 additions
and
0 deletions
+190
-0
Radius.php
src/opnsense/mvc/app/library/OPNsense/Auth/Radius.php
+190
-0
No files found.
src/opnsense/mvc/app/library/OPNsense/Auth/Radius.php
View file @
b50eee57
...
@@ -115,6 +115,194 @@ class Radius implements IAuthConnector
...
@@ -115,6 +115,194 @@ class Radius implements IAuthConnector
return
$this
->
lastAuthProperties
;
return
$this
->
lastAuthProperties
;
}
}
/**
* send start accounting message to radius
* @param $username username
* @param $sessionid session id to pass through
*/
public
function
startAccounting
(
$username
,
$sessionid
)
{
$radius
=
radius_auth_open
();
$error
=
null
;
if
(
!
radius_add_server
(
$radius
,
$this
->
radiusHost
,
$this
->
acctPort
,
$this
->
sharedSecret
,
$this
->
timeout
,
$this
->
maxRetries
))
{
$error
=
radius_strerror
(
$radius
);
}
elseif
(
!
radius_create_request
(
$radius
,
RADIUS_ACCOUNTING_REQUEST
))
{
$error
=
radius_strerror
(
$radius
);
}
elseif
(
!
radius_put_string
(
$radius
,
RADIUS_NAS_IDENTIFIER
,
$this
->
nasIdentifier
))
{
$error
=
radius_strerror
(
$radius
);
}
elseif
(
!
radius_put_int
(
$radius
,
RADIUS_SERVICE_TYPE
,
RADIUS_FRAMED
))
{
$error
=
radius_strerror
(
$radius
);
}
elseif
(
!
radius_put_int
(
$radius
,
RADIUS_FRAMED_PROTOCOL
,
RADIUS_ETHERNET
))
{
$error
=
radius_strerror
(
$radius
);
}
elseif
(
!
radius_put_int
(
$radius
,
RADIUS_NAS_PORT
,
0
))
{
$error
=
radius_strerror
(
$radius
);
}
elseif
(
!
radius_put_int
(
$radius
,
RADIUS_NAS_PORT_TYPE
,
RADIUS_ETHERNET
))
{
$error
=
radius_strerror
(
$radius
);
}
elseif
(
!
radius_put_string
(
$radius
,
RADIUS_USER_NAME
,
$username
))
{
$error
=
radius_strerror
(
$radius
);
}
elseif
(
!
radius_put_int
(
$radius
,
RADIUS_ACCT_STATUS_TYPE
,
RADIUS_START
))
{
$error
=
radius_strerror
(
$radius
);
}
elseif
(
!
radius_put_string
(
$radius
,
RADIUS_ACCT_SESSION_ID
,
$sessionid
))
{
$error
=
radius_strerror
(
$radius
);
}
elseif
(
!
radius_put_int
(
$radius
,
RADIUS_ACCT_AUTHENTIC
,
RADIUS_AUTH_LOCAL
))
{
$error
=
radius_strerror
(
$radius
);
}
if
(
$error
!=
null
)
{
syslog
(
LOG_ERR
,
'RadiusError:'
.
radius_strerror
(
$error
));
}
else
{
$req
=
radius_send_request
(
$radius
);
if
(
!
$req
)
{
syslog
(
LOG_ERR
,
'RadiusError:'
.
radius_strerror
(
$error
));
exit
;
}
switch
(
$req
)
{
case
RADIUS_ACCOUNTING_RESPONSE
:
break
;
default
:
syslog
(
LOG_ERR
,
"Unexpected return value:
$radius
\n
"
);
}
radius_close
(
$radius
);
}
}
/**
* stop radius accounting
* @param $username user name
* @param $sessionid session id
* @param $session_time total time spend on this session
*/
public
function
stopAccounting
(
$username
,
$sessionid
,
$session_time
)
{
$radius
=
radius_auth_open
();
$error
=
null
;
if
(
!
radius_add_server
(
$radius
,
$this
->
radiusHost
,
$this
->
acctPort
,
$this
->
sharedSecret
,
$this
->
timeout
,
$this
->
maxRetries
))
{
$error
=
radius_strerror
(
$radius
);
}
elseif
(
!
radius_create_request
(
$radius
,
RADIUS_ACCOUNTING_REQUEST
))
{
$error
=
radius_strerror
(
$radius
);
}
elseif
(
!
radius_put_string
(
$radius
,
RADIUS_NAS_IDENTIFIER
,
$this
->
nasIdentifier
))
{
$error
=
radius_strerror
(
$radius
);
}
elseif
(
!
radius_put_int
(
$radius
,
RADIUS_SERVICE_TYPE
,
RADIUS_FRAMED
))
{
$error
=
radius_strerror
(
$radius
);
}
elseif
(
!
radius_put_int
(
$radius
,
RADIUS_FRAMED_PROTOCOL
,
RADIUS_ETHERNET
))
{
$error
=
radius_strerror
(
$radius
);
}
elseif
(
!
radius_put_int
(
$radius
,
RADIUS_NAS_PORT
,
0
))
{
$error
=
radius_strerror
(
$radius
);
}
elseif
(
!
radius_put_int
(
$radius
,
RADIUS_NAS_PORT_TYPE
,
RADIUS_ETHERNET
))
{
$error
=
radius_strerror
(
$radius
);
}
elseif
(
!
radius_put_string
(
$radius
,
RADIUS_USER_NAME
,
$username
))
{
$error
=
radius_strerror
(
$radius
);
}
elseif
(
!
radius_put_int
(
$radius
,
RADIUS_ACCT_STATUS_TYPE
,
RADIUS_STOP
))
{
$error
=
radius_strerror
(
$radius
);
}
elseif
(
!
radius_put_string
(
$radius
,
RADIUS_ACCT_SESSION_ID
,
$sessionid
))
{
$error
=
radius_strerror
(
$radius
);
}
elseif
(
!
radius_put_int
(
$radius
,
RADIUS_ACCT_AUTHENTIC
,
RADIUS_AUTH_LOCAL
))
{
$error
=
radius_strerror
(
$radius
);
}
elseif
(
!
radius_put_int
(
$radius
,
RADIUS_ACCT_SESSION_TIME
,
$session_time
))
{
$error
=
radius_strerror
(
$radius
);
}
elseif
(
!
radius_put_int
(
$radius
,
RADIUS_ACCT_TERMINATE_CAUSE
,
RADIUS_TERM_USER_REQUEST
))
{
$error
=
radius_strerror
(
$radius
);
}
if
(
$error
!=
null
)
{
syslog
(
LOG_ERR
,
'RadiusError:'
.
radius_strerror
(
$error
));
}
else
{
$req
=
radius_send_request
(
$radius
);
if
(
!
$req
)
{
syslog
(
LOG_ERR
,
'RadiusError:'
.
radius_strerror
(
$error
));
exit
;
}
switch
(
$req
)
{
case
RADIUS_ACCOUNTING_RESPONSE
:
break
;
default
:
syslog
(
LOG_ERR
,
"Unexpected return value:
$radius
\n
"
);
}
radius_close
(
$radius
);
}
}
/**
* update radius accounting (interim update)
* @param $username user name
* @param $sessionid session id
* @param $session_time total time spend on this session
*/
public
function
updateAccounting
(
$username
,
$sessionid
,
$session_time
)
{
$radius
=
radius_auth_open
();
$error
=
null
;
if
(
!
radius_add_server
(
$radius
,
$this
->
radiusHost
,
$this
->
acctPort
,
$this
->
sharedSecret
,
$this
->
timeout
,
$this
->
maxRetries
))
{
$error
=
radius_strerror
(
$radius
);
}
elseif
(
!
radius_create_request
(
$radius
,
RADIUS_ACCOUNTING_REQUEST
))
{
$error
=
radius_strerror
(
$radius
);
}
elseif
(
!
radius_put_string
(
$radius
,
RADIUS_NAS_IDENTIFIER
,
$this
->
nasIdentifier
))
{
$error
=
radius_strerror
(
$radius
);
}
elseif
(
!
radius_put_int
(
$radius
,
RADIUS_SERVICE_TYPE
,
RADIUS_FRAMED
))
{
$error
=
radius_strerror
(
$radius
);
}
elseif
(
!
radius_put_int
(
$radius
,
RADIUS_FRAMED_PROTOCOL
,
RADIUS_ETHERNET
))
{
$error
=
radius_strerror
(
$radius
);
}
elseif
(
!
radius_put_int
(
$radius
,
RADIUS_NAS_PORT
,
0
))
{
$error
=
radius_strerror
(
$radius
);
}
elseif
(
!
radius_put_int
(
$radius
,
RADIUS_NAS_PORT_TYPE
,
RADIUS_ETHERNET
))
{
$error
=
radius_strerror
(
$radius
);
}
elseif
(
!
radius_put_string
(
$radius
,
RADIUS_USER_NAME
,
$username
))
{
$error
=
radius_strerror
(
$radius
);
}
elseif
(
!
radius_put_int
(
$radius
,
RADIUS_ACCT_STATUS_TYPE
,
RADIUS_UPDATE
))
{
$error
=
radius_strerror
(
$radius
);
}
elseif
(
!
radius_put_string
(
$radius
,
RADIUS_ACCT_SESSION_ID
,
$sessionid
))
{
$error
=
radius_strerror
(
$radius
);
}
elseif
(
!
radius_put_int
(
$radius
,
RADIUS_ACCT_AUTHENTIC
,
RADIUS_AUTH_LOCAL
))
{
$error
=
radius_strerror
(
$radius
);
}
elseif
(
!
radius_put_int
(
$radius
,
RADIUS_ACCT_SESSION_TIME
,
$session_time
))
{
$error
=
radius_strerror
(
$radius
);
}
if
(
$error
!=
null
)
{
syslog
(
LOG_ERR
,
'RadiusError:'
.
radius_strerror
(
$error
));
}
else
{
$req
=
radius_send_request
(
$radius
);
if
(
!
$req
)
{
syslog
(
LOG_ERR
,
'RadiusError:'
.
radius_strerror
(
$error
));
exit
;
}
switch
(
$req
)
{
case
RADIUS_ACCOUNTING_RESPONSE
:
break
;
default
:
syslog
(
LOG_ERR
,
"Unexpected return value:
$radius
\n
"
);
}
radius_close
(
$radius
);
}
}
/**
/**
* authenticate user against radius
* authenticate user against radius
* @param $username username to authenticate
* @param $username username to authenticate
...
@@ -146,6 +334,8 @@ class Radius implements IAuthConnector
...
@@ -146,6 +334,8 @@ class Radius implements IAuthConnector
$error
=
radius_strerror
(
$radius
);
$error
=
radius_strerror
(
$radius
);
}
elseif
(
!
radius_put_string
(
$radius
,
RADIUS_NAS_IDENTIFIER
,
$this
->
nasIdentifier
))
{
}
elseif
(
!
radius_put_string
(
$radius
,
RADIUS_NAS_IDENTIFIER
,
$this
->
nasIdentifier
))
{
$error
=
radius_strerror
(
$radius
);
$error
=
radius_strerror
(
$radius
);
}
elseif
(
!
radius_put_int
(
$radius
,
RADIUS_NAS_PORT
,
0
))
{
$error
=
radius_strerror
(
$radius
);
}
elseif
(
!
radius_put_int
(
$radius
,
RADIUS_NAS_PORT_TYPE
,
RADIUS_ETHERNET
))
{
}
elseif
(
!
radius_put_int
(
$radius
,
RADIUS_NAS_PORT_TYPE
,
RADIUS_ETHERNET
))
{
$error
=
radius_strerror
(
$radius
);
$error
=
radius_strerror
(
$radius
);
}
else
{
}
else
{
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment