#include <string.h>
#include <fcntl.h>
#include <errno.h>
#include "gwlib/gwlib.h"
#include "radius/radius_acct.h"
#include "radius/radius_pdu.h"

Macros
#define	RADIUS_NAS_PORTS 30

Functions
static int	update_tables (RADIUS_PDU *pdu)

static void	proxy_thread (void *arg)

Octstr *	radius_acct_get_msisdn (Octstr *client_ip)

void	radius_acct_init (CfgGroup *grp)

void	radius_acct_shutdown (void)

Variables
static Dict *	radius_table = NULL

static Dict *	session_table = NULL

static Dict *	client_table = NULL

static Mutex *	radius_mutex = NULL

static int	run_thread = 0

static Octstr *	our_host = NULL

static long	our_port = 1813

static Octstr *	remote_host = NULL

static long	remote_port = 1813

static Octstr *	secret_nas = NULL

static Octstr *	secret_radius = NULL

static Octstr *	unified_prefix = NULL

static long	remote_timeout = 40000

Macro Definition Documentation

◆ RADIUS_NAS_PORTS

#define RADIUS_NAS_PORTS 30

Definition at line 76 of file radius_acct.c.

Referenced by radius_acct_init().

Function Documentation

◆ proxy_thread()

static void proxy_thread ( void * arg )

static

Definition at line 215 of file radius_acct.c.

References client_table, debug(), dict_key_count(), error(), info(), mutex_lock, mutex_unlock, octstr_destroy(), octstr_dump, octstr_duplicate, octstr_get_cstr, our_host, our_port, panic, radius_authenticate_pdu(), radius_mutex, radius_pdu_create(), radius_pdu_destroy(), radius_pdu_pack(), radius_pdu_unpack(), radius_table, read_available(), remote_host, remote_port, remote_timeout, run_thread, secret_nas, session_table, RADIUS_PDU::type_name, RADIUS_PDU::u, udp_bind(), udp_client_socket(), udp_create_address(), udp_get_ip(), udp_get_port(), udp_recvfrom(), udp_sendto(), update_tables(), and warning().

Referenced by radius_acct_init(), and radius_acct_shutdown().

 {
     int ss, cs; /* server and client sockets */
     int fl; /* socket flags */
     Octstr *addr = NULL;
     int forward;
     Octstr *tmp;
 
     run_thread = 1;
     ss = cs = -1;
 
     /* create client binding, only if we have a remote server
      * and make the client socet non-blocking */
     if (remote_host != NULL) {
         cs = udp_client_socket();
         fl = fcntl(cs, F_GETFL);
         fcntl(cs, F_SETFL, fl | O_NONBLOCK);
         addr = udp_create_address(remote_host, remote_port);
     }
 
     /* create server binding */
     ss = udp_bind(our_port, octstr_get_cstr(our_host));
 
     /* make the server socket non-blocking */
     fl = fcntl(ss, F_GETFL);
     fcntl(ss, F_SETFL, fl | O_NONBLOCK);
 
     if (ss == -1)
         panic(0, "RADIUS: Couldn't set up server socket for port %ld.", our_port);
 
     while (run_thread) {
         RADIUS_PDU *pdu, *r;
         Octstr *data, *rdata;
         Octstr *from_nas, *from_radius;
 
         pdu = r = NULL;
         data = rdata = from_nas = from_radius = NULL;
         
         if (read_available(ss, 100000) < 1)
             continue;
 
         /* get request from NAS */
         if (udp_recvfrom(ss, &data, &from_nas) == -1) {
             if (errno == EAGAIN)
                 /* No datagram available, don't block. */
                 continue;
 
             error(0, "RADIUS: Couldn't receive request data from NAS");
             continue;
         }
 
         tmp = udp_get_ip(from_nas);
         info(0, "RADIUS: Got data from NAS <%s:%d>",
              octstr_get_cstr(tmp), udp_get_port(from_nas));
         octstr_destroy(tmp);
         octstr_dump(data, 0);
 
         /* unpacking the RADIUS PDU */
         if ((pdu = radius_pdu_unpack(data)) == NULL) {
             warning(0, "RADIUS: Couldn't unpack PDU from NAS, ignoring.");
             goto error;
         }
         info(0, "RADIUS: from NAS: PDU type: %s", pdu->type_name);
 
         /* authenticate the Accounting-Request packet */
         if (radius_authenticate_pdu(pdu, &data, secret_nas) == 0) {
             warning(0, "RADIUS: Authentication failed for PDU from NAS, ignoring.");
             goto error;
         }
 
         /* store to hash table if not present yet */
         mutex_lock(radius_mutex);
         forward = update_tables(pdu);
         mutex_unlock(radius_mutex);
 
         /* create response PDU for NAS */
         r = radius_pdu_create(0x05, pdu);
 
         /*
          * create response authenticator 
          * code+identifier(req)+length+authenticator(req)+(attributes)+secret 
          */
         r->u.Accounting_Response.identifier = pdu->u.Accounting_Request.identifier;
         r->u.Accounting_Response.authenticator =
             octstr_duplicate(pdu->u.Accounting_Request.authenticator);
 
         /* pack response for NAS */
         rdata = radius_pdu_pack(r);
 
         /* creates response autenticator in encoded PDU */
         radius_authenticate_pdu(r, &rdata, secret_nas);
 
         /* 
          * forward request to remote RADIUS server only if updated
          * and if we have a configured remote RADIUS server 
          */
         if ((remote_host != NULL) && forward) {
             if (udp_sendto(cs, data, addr) == -1) {
                 error(0, "RADIUS: Couldn't send to remote RADIUS <%s:%ld>.",
                       octstr_get_cstr(remote_host), remote_port);
             } else 
             if (read_available(cs, remote_timeout) < 1) {
                 error(0, "RADIUS: Timeout for response from remote RADIUS <%s:%ld>.",
                       octstr_get_cstr(remote_host), remote_port);
             } else 
             if (udp_recvfrom(cs, &data, &from_radius) == -1) {
                 error(0, "RADIUS: Couldn't receive from remote RADIUS <%s:%ld>.",
                       octstr_get_cstr(remote_host), remote_port);
             } else {
                 info(0, "RADIUS: Got data from remote RADIUS <%s:%d>.",
                      octstr_get_cstr(udp_get_ip(from_radius)), udp_get_port(from_radius));
                 octstr_dump(data, 0);
 
                 /* XXX unpack the response PDU and check if the response
                  * authenticator is valid */
             }
         }
 
         /* send response to NAS */
         if (udp_sendto(ss, rdata, from_nas) == -1)
             error(0, "RADIUS: Couldn't send response data to NAS <%s:%d>.",
                   octstr_get_cstr(udp_get_ip(from_nas)), udp_get_port(from_nas));
 
 error:
         radius_pdu_destroy(pdu);
         radius_pdu_destroy(r);
 
         octstr_destroy(rdata);
         octstr_destroy(data);
         octstr_destroy(from_nas);
 
         debug("radius.proxy", 0, "RADIUS: Mapping table contains %ld elements",
               dict_key_count(radius_table));
         debug("radius.proxy", 0, "RADIUS: Session table contains %ld elements",
               dict_key_count(session_table));
         debug("radius.proxy", 0, "RADIUS: Client table contains %ld elements",
               dict_key_count(client_table));
 
     }
 
     octstr_destroy(addr);
 }

◆ radius_acct_get_msisdn()

Octstr* radius_acct_get_msisdn ( Octstr * client_ip )

Definition at line 363 of file radius_acct.c.

References dict_get(), mutex_lock, mutex_unlock, normalize_number(), octstr_duplicate, octstr_get_cstr, radius_mutex, radius_table, and unified_prefix.

Referenced by add_msisdn(), and start_fetch().

 {
     Octstr *m, *r;
     char *uf;
 
     /* if no proxy thread is running, then pass NULL as result */
     if (radius_table == NULL || client_ip == NULL)
         return NULL;
 
     mutex_lock(radius_mutex);
     m = dict_get(radius_table, client_ip);
     mutex_unlock(radius_mutex);
     r = m ? octstr_duplicate(m) : NULL;
 
     /* apply number normalization */
     uf = unified_prefix ? octstr_get_cstr(unified_prefix) : NULL;
     normalize_number(uf, &r);
 
     return r;
 }

◆ radius_acct_init()

void radius_acct_init ( CfgGroup * grp )

Definition at line 384 of file radius_acct.c.

References cfg_get, cfg_get_integer(), client_table, dict_create(), gwthread_create, info(), mutex_create, octstr_create, octstr_destroy(), octstr_get_cstr, octstr_imm(), our_host, our_port, panic, proxy_thread(), radius_mutex, RADIUS_NAS_PORTS, radius_table, remote_host, remote_port, remote_timeout, secret_nas, secret_radius, session_table, and unified_prefix.

Referenced by init_wapbox().

 {
     long nas_ports = 0;
 
     /* get configured parameters */
     if ((our_host = cfg_get(grp, octstr_imm("our-host"))) == NULL) {
         our_host = octstr_create("0.0.0.0");
     }
     if ((remote_host = cfg_get(grp, octstr_imm("remote-host"))) != NULL) {
         cfg_get_integer(&remote_port, grp, octstr_imm("remote-port"));
         if ((secret_radius = cfg_get(grp, octstr_imm("secret-radius"))) == NULL) {
             panic(0, "RADIUS: No shared secret `secret-radius' for remote RADIUS in `radius-acct' provided.");
         }
     }
     cfg_get_integer(&our_port, grp, octstr_imm("our-port"));
     cfg_get_integer(&remote_timeout, grp, octstr_imm("remote-timeout"));
 
     if ((cfg_get_integer(&nas_ports, grp, octstr_imm("nas-ports"))) == -1) {
         nas_ports = RADIUS_NAS_PORTS;
     }
 
     if ((secret_nas = cfg_get(grp, octstr_imm("secret-nas"))) == NULL) {
         panic(0, "RADIUS: No shared secret `secret-nas' for NAS in `radius-acct' provided.");
     }
 
     unified_prefix = cfg_get(grp, octstr_imm("unified-prefix"));
 
     info(0, "RADIUS: local RADIUS accounting proxy at <%s:%ld>",
          octstr_get_cstr(our_host), our_port);
     if (remote_host == NULL) {
         info(0, "RADIUS: remote RADIUS accounting server is absent");
     } else {
         info(0, "RADIUS: remote RADIUS accounting server at <%s:%ld>",
              octstr_get_cstr(remote_host), remote_port);
     }
 
     info(0, "RADIUS: initializing internal hash tables with %ld buckets.", nas_ports);
 
     radius_mutex = mutex_create();
 
     /* init hash tables */
     radius_table = dict_create(nas_ports, (void (*)(void *))octstr_destroy);
     session_table = dict_create(nas_ports, (void (*)(void *))octstr_destroy);
     client_table = dict_create(nas_ports, (void (*)(void *))octstr_destroy);
 
     gwthread_create(proxy_thread, NULL);
 }

◆ radius_acct_shutdown()

void radius_acct_shutdown ( void )

Definition at line 432 of file radius_acct.c.

References client_table, dict_destroy(), gwthread_join_every(), info(), mutex_destroy(), mutex_lock, mutex_unlock, octstr_destroy(), our_host, proxy_thread(), radius_mutex, radius_table, remote_host, run_thread, secret_nas, secret_radius, session_table, and unified_prefix.

Referenced by main().

 {
     if (radius_mutex == NULL) /* haven't init'ed at all */
         return ;
 
     mutex_lock(radius_mutex);
     run_thread = 0;
     mutex_unlock(radius_mutex);
 
     gwthread_join_every(proxy_thread);
 
     dict_destroy(radius_table);
     dict_destroy(session_table);
     dict_destroy(client_table);
 
     mutex_destroy(radius_mutex);
 
     octstr_destroy(our_host);
     octstr_destroy(remote_host);
     octstr_destroy(secret_nas);
     octstr_destroy(secret_radius);
     octstr_destroy(unified_prefix);
 
     info(0, "RADIUS: accounting proxy stopped.");
 }

◆ update_tables()

static int update_tables ( RADIUS_PDU * pdu )

static

Definition at line 110 of file radius_acct.c.

References RADIUS_PDU::attr, client_table, dict_get(), dict_put(), dict_remove(), error(), info(), octstr_compare(), octstr_destroy(), octstr_duplicate, octstr_get_cstr, octstr_imm(), radius_table, session_table, RADIUS_PDU::type, type, and warning().

Referenced by proxy_thread().

 {
     Octstr *client_ip, *msisdn;
     Octstr *type, *session_id;
     int ret = 0;
     Octstr *rm_item;
 
     client_ip = msisdn = type = session_id = NULL;
 
     /* only add if we have a Accounting-Request PDU */
     if (pdu->type == 0x04) {
 
         /* check if we have a START or STOP event */
         type = dict_get(pdu->attr, octstr_imm("Acct-Status-Type"));
 
         /* get the sesion id */
         session_id = dict_get(pdu->attr, octstr_imm("Acct-Session-Id"));
 
         /* grep the needed data */
         client_ip = dict_get(pdu->attr, octstr_imm("Framed-IP-Address"));
         msisdn = dict_get(pdu->attr, octstr_imm("Calling-Station-Id"));
 
         /* we can't add mapping without both components */
         if (client_ip == NULL || msisdn == NULL) {
             warning(0, "RADIUS: NAS did either not send 'Framed-IP-Address' or/and "
                     "'Calling-Station-Id', dropping mapping but will forward.");
             /* anyway forward the packet to remote RADIUS server */
             return 1;
         }
 
         if (octstr_compare(type, octstr_imm("1")) == 0 && session_id && msisdn) {
             /* session START */
             if (dict_get(radius_table, client_ip) == NULL &&
                 dict_get(session_table, session_id) == NULL) {
                 Octstr *put_msisdn = octstr_duplicate(msisdn);
                 Octstr *put_client_ip = octstr_duplicate(client_ip);
                 Octstr *put_session_id = octstr_duplicate(session_id);
                 Octstr *old_session_id, *old_client_ip;
 
                 /* ok, this is a new session. If it contains an IP that is still
                  * in the session/client tables then remove the old session from the
                  * two tables session/client */
                 if ((old_session_id = dict_get(client_table, client_ip)) != NULL &&
                     (old_client_ip = dict_get(session_table, old_session_id)) != NULL &&
                     octstr_compare(old_session_id, session_id) != 0) {
                     rm_item = dict_remove(client_table, client_ip);
                     octstr_destroy(rm_item);
                     rm_item = dict_remove(session_table, old_session_id);
                     octstr_destroy(rm_item);
                     octstr_destroy(old_session_id);
                     octstr_destroy(old_client_ip);
                 }
 
                 /* insert both, new client IP and session to mapping tables */
                 dict_put(radius_table, client_ip, put_msisdn);
                 dict_put(session_table, session_id, put_client_ip);
                 dict_put(client_table, client_ip, put_session_id);
 
                 info(0, "RADIUS: Mapping `%s <-> %s' for session id <%s> added.",
                      octstr_get_cstr(client_ip), octstr_get_cstr(msisdn),
                      octstr_get_cstr(session_id));
                 ret = 1;
             } else {
                 warning(0, "RADIUS: Duplicate mapping `%s <-> %s' for session "
                         "id <%s> received, ignoring.",
                         octstr_get_cstr(client_ip), octstr_get_cstr(msisdn),
                         octstr_get_cstr(session_id));
             }
         } else if (octstr_compare(type, octstr_imm("2")) == 0) {
             /* session STOP */
             Octstr *comp_client_ip;
             if ((msisdn = dict_get(radius_table, client_ip)) != NULL &&
                 (comp_client_ip = dict_get(session_table, session_id)) != NULL &&
                 octstr_compare(client_ip, comp_client_ip) == 0) {
                 dict_remove(radius_table, client_ip);
                 rm_item = dict_remove(client_table, client_ip);
                 octstr_destroy(rm_item);
                 dict_remove(session_table, session_id);
                 info(0, "RADIUS: Mapping `%s <-> %s' for session id <%s> removed.",
                      octstr_get_cstr(client_ip), octstr_get_cstr(msisdn),
                      octstr_get_cstr(session_id));
                 octstr_destroy(msisdn);
                 octstr_destroy(comp_client_ip);
 
                 ret = 1;
             } else {
                 warning(0, "RADIUS: Could not find mapping for `%s' session "
                         "id <%s>, ignoring.",
                         octstr_get_cstr(client_ip), octstr_get_cstr(session_id));
             }
 
         } else {
             error(0, "RADIUS: unknown Acct-Status-Type `%s' received, ignoring.",
                   octstr_get_cstr(type));
         }
     }
 
     return ret;
 }

Variable Documentation

◆ client_table

Dict* client_table = NULL

static

Definition at line 73 of file radius_acct.c.

Referenced by proxy_thread(), radius_acct_init(), radius_acct_shutdown(), and update_tables().

◆ our_host

Octstr* our_host = NULL

static

Definition at line 86 of file radius_acct.c.

Referenced by conn_open_tcp(), conn_open_tcp_nb(), conn_open_tcp_nb_with_port(), conn_open_tcp_with_port(), conn_pool_get(), conn_pool_key(), connect_to_bearerbox(), connect_to_bearerbox_real(), http_set_interface(), proxy_thread(), radius_acct_init(), and radius_acct_shutdown().

◆ our_port

long our_port = 1813

static

Definition at line 87 of file radius_acct.c.

Referenced by conn_open_tcp_nb_with_port(), conn_open_tcp_with_port(), proxy_thread(), radius_acct_init(), smpp_create(), smsc_cgw_create(), smsc_emi2_create(), smsc_open(), smsc_smpp_create(), tcpip_connect_nb_to_server_with_port(), and tcpip_connect_to_server_with_port().

◆ radius_mutex

Mutex* radius_mutex = NULL

static

Definition at line 78 of file radius_acct.c.

Referenced by proxy_thread(), radius_acct_get_msisdn(), radius_acct_init(), and radius_acct_shutdown().

◆ radius_table

Dict* radius_table = NULL

static

Definition at line 71 of file radius_acct.c.

Referenced by proxy_thread(), radius_acct_get_msisdn(), radius_acct_init(), radius_acct_shutdown(), server(), and update_tables().

◆ remote_host

Octstr* remote_host = NULL

static

Definition at line 88 of file radius_acct.c.

Referenced by proxy_thread(), radius_acct_init(), and radius_acct_shutdown().

◆ remote_port

long remote_port = 1813

static

Definition at line 89 of file radius_acct.c.

Referenced by proxy_thread(), and radius_acct_init().

◆ remote_timeout

long remote_timeout = 40000

static

Definition at line 99 of file radius_acct.c.

Referenced by proxy_thread(), and radius_acct_init().

◆ run_thread

int run_thread = 0

static

Definition at line 79 of file radius_acct.c.

Referenced by proxy_thread(), and radius_acct_shutdown().

◆ secret_nas

Octstr* secret_nas = NULL

static

Definition at line 92 of file radius_acct.c.

Referenced by proxy_thread(), radius_acct_init(), and radius_acct_shutdown().

◆ secret_radius

Octstr* secret_radius = NULL

static

Definition at line 93 of file radius_acct.c.

Referenced by radius_acct_init(), and radius_acct_shutdown().

◆ session_table

Dict* session_table = NULL

static

Definition at line 72 of file radius_acct.c.

Referenced by proxy_thread(), radius_acct_init(), radius_acct_shutdown(), and update_tables().

◆ unified_prefix

Octstr* unified_prefix = NULL

static

Definition at line 96 of file radius_acct.c.

Referenced by radius_acct_get_msisdn(), radius_acct_init(), and radius_acct_shutdown().

Macros

Functions

Variables

Macro Definition Documentation

◆ RADIUS_NAS_PORTS

Function Documentation

◆ proxy_thread()

◆ radius_acct_get_msisdn()

◆ radius_acct_init()

◆ radius_acct_shutdown()

◆ update_tables()

Variable Documentation

◆ client_table

◆ our_host

◆ our_port

◆ radius_mutex

◆ radius_table

◆ remote_host

◆ remote_port

◆ remote_timeout

◆ run_thread

◆ secret_nas

◆ secret_radius

◆ session_table

◆ unified_prefix