lucaspalomodevelop/core
1
0
Fork 0
mirror of https://github.com/lucaspalomodevelop/core.git synced 2026-03-15 09:04:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

(Auth) add radius accounting methods

Browse Source
This commit is contained in:
Ad Schellevis 2015-10-23 18:56:46 +02:00
parent dcd475dc10
commit b50eee576e
1 changed files with 190 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

190
src/opnsense/mvc/app/library/OPNsense/Auth/Radius.php
View File

@ -115,6 +115,194 @@ class Radius implements IAuthConnector
return $this->lastAuthProperties;
}
/**
* send start accounting message to radius
* @param $username username
* @param $sessionid session id to pass through
*/
public function startAccounting($username, $sessionid)
{
$radius = radius_auth_open();
$error = null;
if (!radius_add_server(
$radius,
$this->radiusHost,
$this->acctPort,
$this->sharedSecret,
$this->timeout,
$this->maxRetries
)) {
$error = radius_strerror($radius);
} elseif (!radius_create_request($radius, RADIUS_ACCOUNTING_REQUEST)) {
$error = radius_strerror($radius);
} elseif (!radius_put_string($radius, RADIUS_NAS_IDENTIFIER, $this->nasIdentifier)) {
$error = radius_strerror($radius);
} elseif (!radius_put_int($radius, RADIUS_SERVICE_TYPE, RADIUS_FRAMED)) {
$error = radius_strerror($radius);
} elseif (!radius_put_int($radius, RADIUS_FRAMED_PROTOCOL, RADIUS_ETHERNET)) {
$error = radius_strerror($radius);
} elseif (!radius_put_int($radius, RADIUS_NAS_PORT, 0)) {
$error = radius_strerror($radius);
} elseif (!radius_put_int($radius, RADIUS_NAS_PORT_TYPE, RADIUS_ETHERNET)) {
$error = radius_strerror($radius);
} elseif (!radius_put_string($radius, RADIUS_USER_NAME, $username)) {
$error = radius_strerror($radius);
} elseif (!radius_put_int($radius, RADIUS_ACCT_STATUS_TYPE, RADIUS_START)) {
$error = radius_strerror($radius);
} elseif (!radius_put_string($radius, RADIUS_ACCT_SESSION_ID, $sessionid)) {
$error = radius_strerror($radius);
} elseif (!radius_put_int($radius, RADIUS_ACCT_AUTHENTIC, RADIUS_AUTH_LOCAL)) {
$error = radius_strerror($radius);
}
if ($error != null) {
syslog(LOG_ERR, 'RadiusError:' . radius_strerror($error));
} else {
$req = radius_send_request($radius);
if (!$req) {
syslog(LOG_ERR, 'RadiusError:' . radius_strerror($error));
exit;
}
switch($req) {
case RADIUS_ACCOUNTING_RESPONSE:
break;
default:
syslog(LOG_ERR, "Unexpected return value:$radius\n");
}
radius_close($radius);
}
}
/**
* stop radius accounting
* @param $username user name
* @param $sessionid session id
* @param $session_time total time spend on this session
*/
public function stopAccounting($username, $sessionid, $session_time)
{
$radius = radius_auth_open();
$error = null;
if (!radius_add_server(
$radius,
$this->radiusHost,
$this->acctPort,
$this->sharedSecret,
$this->timeout,
$this->maxRetries
)) {
$error = radius_strerror($radius);
} elseif (!radius_create_request($radius, RADIUS_ACCOUNTING_REQUEST)) {
$error = radius_strerror($radius);
} elseif (!radius_put_string($radius, RADIUS_NAS_IDENTIFIER, $this->nasIdentifier)) {
$error = radius_strerror($radius);
} elseif (!radius_put_int($radius, RADIUS_SERVICE_TYPE, RADIUS_FRAMED)) {
$error = radius_strerror($radius);
} elseif (!radius_put_int($radius, RADIUS_FRAMED_PROTOCOL, RADIUS_ETHERNET)) {
$error = radius_strerror($radius);
} elseif (!radius_put_int($radius, RADIUS_NAS_PORT, 0)) {
$error = radius_strerror($radius);
} elseif (!radius_put_int($radius, RADIUS_NAS_PORT_TYPE, RADIUS_ETHERNET)) {
$error = radius_strerror($radius);
} elseif (!radius_put_string($radius, RADIUS_USER_NAME, $username)) {
$error = radius_strerror($radius);
} elseif (!radius_put_int($radius, RADIUS_ACCT_STATUS_TYPE, RADIUS_STOP)) {
$error = radius_strerror($radius);
} elseif (!radius_put_string($radius, RADIUS_ACCT_SESSION_ID, $sessionid)) {
$error = radius_strerror($radius);
} elseif (!radius_put_int($radius, RADIUS_ACCT_AUTHENTIC, RADIUS_AUTH_LOCAL)) {
$error = radius_strerror($radius);
} elseif (!radius_put_int($radius, RADIUS_ACCT_SESSION_TIME, $session_time)) {
$error = radius_strerror($radius);
} elseif (!radius_put_int($radius, RADIUS_ACCT_TERMINATE_CAUSE, RADIUS_TERM_USER_REQUEST)) {
$error = radius_strerror($radius);
}
if ($error != null) {
syslog(LOG_ERR, 'RadiusError:' . radius_strerror($error));
} else {
$req = radius_send_request($radius);
if (!$req) {
syslog(LOG_ERR, 'RadiusError:' . radius_strerror($error));
exit;
}
switch($req) {
case RADIUS_ACCOUNTING_RESPONSE:
break;
default:
syslog(LOG_ERR, "Unexpected return value:$radius\n");
}
radius_close($radius);
}
}
/**
* update radius accounting (interim update)
* @param $username user name
* @param $sessionid session id
* @param $session_time total time spend on this session
*/
public function updateAccounting($username, $sessionid, $session_time)
{
$radius = radius_auth_open();
$error = null;
if (!radius_add_server(
$radius,
$this->radiusHost,
$this->acctPort,
$this->sharedSecret,
$this->timeout,
$this->maxRetries
)) {
$error = radius_strerror($radius);
} elseif (!radius_create_request($radius, RADIUS_ACCOUNTING_REQUEST)) {
$error = radius_strerror($radius);
} elseif (!radius_put_string($radius, RADIUS_NAS_IDENTIFIER, $this->nasIdentifier)) {
$error = radius_strerror($radius);
} elseif (!radius_put_int($radius, RADIUS_SERVICE_TYPE, RADIUS_FRAMED)) {
$error = radius_strerror($radius);
} elseif (!radius_put_int($radius, RADIUS_FRAMED_PROTOCOL, RADIUS_ETHERNET)) {
$error = radius_strerror($radius);
} elseif (!radius_put_int($radius, RADIUS_NAS_PORT, 0)) {
$error = radius_strerror($radius);
} elseif (!radius_put_int($radius, RADIUS_NAS_PORT_TYPE, RADIUS_ETHERNET)) {
$error = radius_strerror($radius);
} elseif (!radius_put_string($radius, RADIUS_USER_NAME, $username)) {
$error = radius_strerror($radius);
} elseif (!radius_put_int($radius, RADIUS_ACCT_STATUS_TYPE, RADIUS_UPDATE)) {
$error = radius_strerror($radius);
} elseif (!radius_put_string($radius, RADIUS_ACCT_SESSION_ID, $sessionid)) {
$error = radius_strerror($radius);
} elseif (!radius_put_int($radius, RADIUS_ACCT_AUTHENTIC, RADIUS_AUTH_LOCAL)) {
$error = radius_strerror($radius);
} elseif (!radius_put_int($radius, RADIUS_ACCT_SESSION_TIME, $session_time)) {
$error = radius_strerror($radius);
}
if ($error != null) {
syslog(LOG_ERR, 'RadiusError:' . radius_strerror($error));
} else {
$req = radius_send_request($radius);
if (!$req) {
syslog(LOG_ERR, 'RadiusError:' . radius_strerror($error));
exit;
}
switch($req) {
case RADIUS_ACCOUNTING_RESPONSE:
break;
default:
syslog(LOG_ERR, "Unexpected return value:$radius\n");
}
radius_close($radius);
}
}
/**
* authenticate user against radius
* @param $username username to authenticate
@ -146,6 +334,8 @@ class Radius implements IAuthConnector
$error = radius_strerror($radius);
} elseif (!radius_put_string($radius, RADIUS_NAS_IDENTIFIER, $this->nasIdentifier)) {
$error = radius_strerror($radius);
} elseif (!radius_put_int($radius, RADIUS_NAS_PORT, 0)) {
$error = radius_strerror($radius);
} elseif (!radius_put_int($radius, RADIUS_NAS_PORT_TYPE, RADIUS_ETHERNET)) {
$error = radius_strerror($radius);
} else {