/* * Compare two handlers. */ static int eap_handler_cmp(const void *a, const void *b) { int rcode; const eap_handler_t *one = a; const eap_handler_t *two = b; if (one->eap_id < two->eap_id) return -1; if (one->eap_id > two->eap_id) return +1; rcode = memcmp(one->state, two->state, sizeof(one->state)); if (rcode != 0) return rcode; /* * As of 2.1.8, we don't key off of source IP. This * a NAS to send packets load-balanced (or fail-over) * across multiple intermediate proxies, and still have * EAP work. */ if (fr_ipaddr_cmp(&one->src_ipaddr, &two->src_ipaddr) != 0) { DEBUGW("EAP packets are arriving from two different upstream " "servers. Has there been a proxy fail-over?"); } return 0; }
/*查看共享内存信息*/ void webauth_show_user_shm(void) { s32 i; online_usrinfo_s * head_ptr = NULL; /*初始化共享内存*/ (void)webauth_shm_sem_init(SEC_WEBAUTH_SHM_INIT_N); /*获取共享内存所用用户信息*/ head_ptr = webauth_shm_get_usrinfo_all (); for (i = 0; head_ptr!= NULL && i < head_ptr[0].next; i++) { DEBUGW("user_name = %-15s user_ip = %s hot_flag = %d online_time= %ld expire_time = %ld\n", head_ptr[i].user_name, netaddr_ntoa(head_ptr[i].usr_ip), head_ptr[i].hotb_flag, head_ptr[i].online_t, head_ptr[i].expire_t); } }
static int sql_socket_destructor(void *c) { rlm_sql_firebird_conn_t *conn = c; int i; DEBUG2("rlm_sql_firebird: socket destructor called, closing socket"); fb_commit(conn); if (conn->dbh) { fb_free_statement(conn); mod_detach_database(conn->status, &(conn->dbh)); if (fb_lasterror(conn)) { DEBUGW("rlm_sql_firebird: Got error " "when closing socket: %s", conn->lasterror); } } #ifdef _PTHREAD_H pthread_mutex_destroy (&conn->mut); #endif for (i=0; i < conn->row_fcount; i++) { free(conn->row[i]); } free(conn->row); free(conn->row_sizes); fb_free_sqlda(conn->sqlda_out); free(conn->sqlda_out); free(conn->tpb); free(conn->dpb); if (conn->lasterror) { free(conn->lasterror); } return 0; }
static void check_handler(void *data) { int do_warning = FALSE; uint8_t state[8]; check_handler_t *check = data; if (!check) return; if (!check->inst || !check->handler) { free(check); return; } if (!check->inst->handler_tree) goto done; PTHREAD_MUTEX_LOCK(&(check->inst->handler_mutex)); if (!rbtree_finddata(check->inst->handler_tree, check->handler)) { goto done; } /* * The session has continued *after* this packet. * Don't do a warning. */ if (check->handler->trips > check->trips) { goto done; } /* * No TLS means no warnings. */ if (!check->handler->tls) goto done; /* * If we're being deleted early, it's likely because we * received a transmit from the client that re-uses the * same RADIUS Id, which forces the current packet to be * deleted. In that case, ignore the error. */ if (time(NULL) < (check->handler->timestamp + 3)) goto done; if (!check->handler->finished) { do_warning = TRUE; memcpy(state, check->handler->state, sizeof(state)); } done: PTHREAD_MUTEX_UNLOCK(&(check->inst->handler_mutex)); free(check); if (do_warning) { DEBUGW("!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"); DEBUGW("!! EAP session with state 0x%02x%02x%02x%02x%02x%02x%02x%02x did not finish! !!", state[0], state[1], state[2], state[3], state[4], state[5], state[6], state[7]); DEBUGW("!! Please read http://wiki.freeradius.org/guide/Certificate_Compatibility !!"); DEBUGW("!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"); } }
/* * Per-instance initialization */ static int mod_instantiate(CONF_SECTION *conf, void *instance) { rlm_otp_t *inst = instance; /* Onetime initialization. */ if (!ninstance) { /* Generate a random key, used to protect the State attribute. */ otp_get_random(inst->hmac_key, sizeof(inst->hmac_key)); /* Initialize the passcode encoding/checking functions. */ otp_pwe_init(); /* * Don't do this again. * Only the main thread instantiates and detaches instances, * so this does not need mutex protection. */ ninstance++; } /* Verify ranges for those vars that are limited. */ if ((inst->challenge_len < 5) || (inst->challenge_len > OTP_MAX_CHALLENGE_LEN)) { inst->challenge_len = 6; DEBUGW("invalid challenge_length %d, " "range 5-%d, using default of 6", inst->challenge_len, OTP_MAX_CHALLENGE_LEN); } if (!inst->allow_sync && !inst->allow_async) { cf_log_err_cs(conf, "at least one of {allow_async, " "allow_sync} must be set"); return -1; } if ((inst->mschapv2_mppe_policy > 2) || (inst->mschapv2_mppe_policy < 0)) { inst->mschapv2_mppe_policy = 2; DEBUGW("Invalid value for mschapv2_mppe, " "using default of 2"); } if ((inst->mschapv2_mppe_types > 2) || (inst->mschapv2_mppe_types < 0)) { inst->mschapv2_mppe_types = 2; DEBUGW("Invalid value for " "mschapv2_mppe_bits, using default of 2"); } if ((inst->mschap_mppe_policy > 2) || (inst->mschap_mppe_policy < 0)) { inst->mschap_mppe_policy = 2; DEBUGW("Invalid value for mschap_mppe, " "using default of 2"); } if (inst->mschap_mppe_types != 2) { inst->mschap_mppe_types = 2; DEBUGW("Invalid value for " "mschap_mppe_bits, using default of 2"); } /* set the instance name (for use with authorize()) */ inst->name = cf_section_name2(conf); if (!inst->name) inst->name = cf_section_name1(conf); return 0; }