1
0
mirror of https://github.com/SoftEtherVPN/SoftEtherVPN.git synced 2024-11-22 17:39:53 +03:00

Merge pull request #204 from LegDog/master

Adding Radius AVP Called-Station-Id
This commit is contained in:
Daiyuu Nobori 2016-11-27 17:53:45 +09:00 committed by GitHub
commit 034a213c2c
6 changed files with 84 additions and 6 deletions

View File

@ -6069,8 +6069,9 @@ bool ServerDownloadSignature(CONNECTION *c, char **error_detail_str)
SOCK *s; SOCK *s;
UINT num = 0, max = 19; UINT num = 0, max = 19;
SERVER *server; SERVER *server;
char hostname[64];
char *vpn_http_target = HTTP_VPN_TARGET2; char *vpn_http_target = HTTP_VPN_TARGET2;
bool check_hostname = false; bool check_hostname = true;
// Validate arguments // Validate arguments
if (c == NULL) if (c == NULL)
{ {
@ -6078,7 +6079,7 @@ bool ServerDownloadSignature(CONNECTION *c, char **error_detail_str)
} }
strcpy(hostname, "");
server = c->Cedar->Server; server = c->Cedar->Server;
s = c->FirstSock; s = c->FirstSock;
@ -6108,7 +6109,6 @@ bool ServerDownloadSignature(CONNECTION *c, char **error_detail_str)
if (check_hostname && (StrCmpi(h->Version, "HTTP/1.1") == 0 || StrCmpi(h->Version, "HTTP/1.2") == 0)) if (check_hostname && (StrCmpi(h->Version, "HTTP/1.1") == 0 || StrCmpi(h->Version, "HTTP/1.2") == 0))
{ {
HTTP_VALUE *v; HTTP_VALUE *v;
char hostname[64];
Zero(hostname, sizeof(hostname)); Zero(hostname, sizeof(hostname));
@ -6343,6 +6343,12 @@ bool ServerDownloadSignature(CONNECTION *c, char **error_detail_str)
} }
} }
if ((b == false) && (StartWith(h->Target, "/wiki")))
{
HttpSendRedirect(s, h->Target, hostname);
b = true;
}
if (b == false) if (b == false)
{ {
// Not Found // Not Found

View File

@ -1702,7 +1702,7 @@ LABEL_ERROR:
////////// Classical implementation ////////// Classical implementation
// Attempts Radius authentication (with specifying retry interval and multiple server) // Attempts Radius authentication (with specifying retry interval and multiple server)
bool RadiusLogin(CONNECTION *c, char *server, UINT port, UCHAR *secret, UINT secret_size, wchar_t *username, char *password, UINT interval, UCHAR *mschap_v2_server_response_20, bool RadiusLogin(CONNECTION *c, char *hubname, char *server, UINT port, UCHAR *secret, UINT secret_size, wchar_t *username, char *password, UINT interval, UCHAR *mschap_v2_server_response_20,
RADIUS_LOGIN_OPTION *opt) RADIUS_LOGIN_OPTION *opt)
{ {
UCHAR random[MD5_SIZE]; UCHAR random[MD5_SIZE];
@ -1881,6 +1881,9 @@ bool RadiusLogin(CONNECTION *c, char *server, UINT port, UCHAR *secret, UINT sec
ui = Endian32(1); ui = Endian32(1);
RadiusAddValue(p, 65, 0, 0, &ui, sizeof(ui)); RadiusAddValue(p, 65, 0, 0, &ui, sizeof(ui));
// Called-Station-Id
RadiusAddValue(p, 30, 0, 0, hubname, StrLen(hubname));
// Calling-Station-Id // Calling-Station-Id
RadiusAddValue(p, 31, 0, 0, client_ip_str, StrLen(client_ip_str)); RadiusAddValue(p, 31, 0, 0, client_ip_str, StrLen(client_ip_str));
@ -1931,6 +1934,9 @@ bool RadiusLogin(CONNECTION *c, char *server, UINT port, UCHAR *secret, UINT sec
ui = Endian32(1); ui = Endian32(1);
RadiusAddValue(p, 65, 0, 0, &ui, sizeof(ui)); RadiusAddValue(p, 65, 0, 0, &ui, sizeof(ui));
// Called-Station-Id
RadiusAddValue(p, 30, 0, 0, hubname, StrLen(hubname));
// Calling-Station-Id // Calling-Station-Id
RadiusAddValue(p, 31, 0, 0, client_ip_str, StrLen(client_ip_str)); RadiusAddValue(p, 31, 0, 0, client_ip_str, StrLen(client_ip_str));

View File

@ -374,7 +374,7 @@ struct RADIUS_LOGIN_OPTION
}; };
// Function prototype // Function prototype
bool RadiusLogin(CONNECTION *c, char *server, UINT port, UCHAR *secret, UINT secret_size, wchar_t *username, char *password, UINT interval, UCHAR *mschap_v2_server_response_20, bool RadiusLogin(CONNECTION *c, char *hubname, char *server, UINT port, UCHAR *secret, UINT secret_size, wchar_t *username, char *password, UINT interval, UCHAR *mschap_v2_server_response_20,
RADIUS_LOGIN_OPTION *opt); RADIUS_LOGIN_OPTION *opt);
BUF *RadiusEncryptPassword(char *password, UCHAR *random, UCHAR *secret, UINT secret_size); BUF *RadiusEncryptPassword(char *password, UCHAR *random, UCHAR *secret, UINT secret_size);
BUF *RadiusCreateUserName(wchar_t *username); BUF *RadiusCreateUserName(wchar_t *username);

View File

@ -265,7 +265,7 @@ bool SamAuthUserByPlainPassword(CONNECTION *c, HUB *hub, char *username, char *p
if (UniIsEmptyStr(suffix_filter_w) || UniEndWith(name, suffix_filter_w)) if (UniIsEmptyStr(suffix_filter_w) || UniEndWith(name, suffix_filter_w))
{ {
// Attempt to login // Attempt to login
b = RadiusLogin(c, radius_server_addr, radius_server_port, b = RadiusLogin(c, hub->Name, radius_server_addr, radius_server_port,
radius_secret, StrLen(radius_secret), radius_secret, StrLen(radius_secret),
name, password, interval, mschap_v2_server_response_20, opt); name, password, interval, mschap_v2_server_response_20, opt);

View File

@ -188,6 +188,8 @@ struct ROUTE_CHANGE_DATA
// HTTP constant // HTTP constant
//static char http_301_str[] = "<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\">\r\n<HTML><HEAD>\r\n<TITLE>301 Moved Permanently</TITLE>\r\n</HEAD><BODY>\r\n<H1>Moved</H1>\r\nThis páge has moved to <A HREF=\"https://$HOST$:4443$TARGET$\">new address</A>.<P>\r\n<HR>\r\n</BODY></HTML>\r\n";
static char http_301_str[] = "<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\">\r\n<HTML><HEAD>\r\n<TITLE>301 Moved Permanently</TITLE>\r\n</HEAD><BODY>\r\n<H1>Moved</H1>\r\nThis páge has moved to <A HREF=\"https://$HOSTNAME$:4443$TARGET$\">new address</A>.<P>\r\n<HR>\r\n</BODY></HTML>\r\n";
static char http_404_str[] = "<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\">\r\n<HTML><HEAD>\r\n<TITLE>404 Not Found</TITLE>\r\n</HEAD><BODY>\r\n<H1>Not Found</H1>\r\nThe requested URL $TARGET$ was not found on this server.<P>\r\n<HR>\r\n<ADDRESS>HTTP Server at $HOST$ Port $PORT$</ADDRESS>\r\n</BODY></HTML>\r\n"; static char http_404_str[] = "<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\">\r\n<HTML><HEAD>\r\n<TITLE>404 Not Found</TITLE>\r\n</HEAD><BODY>\r\n<H1>Not Found</H1>\r\nThe requested URL $TARGET$ was not found on this server.<P>\r\n<HR>\r\n<ADDRESS>HTTP Server at $HOST$ Port $PORT$</ADDRESS>\r\n</BODY></HTML>\r\n";
static char http_403_str[] = "<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\">\r\n<HTML><HEAD>\r\n<TITLE>403 Forbidden</TITLE>\r\n</HEAD><BODY>\r\n<H1>Forbidden</H1>\r\nYou don't have permission to access $TARGET$\r\non this server.<P>\r\n<HR>\r\n<ADDRESS>HTTP Server at $HOST$ Port $PORT$</ADDRESS>\r\n</BODY></HTML>\r\n"; static char http_403_str[] = "<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\">\r\n<HTML><HEAD>\r\n<TITLE>403 Forbidden</TITLE>\r\n</HEAD><BODY>\r\n<H1>Forbidden</H1>\r\nYou don't have permission to access $TARGET$\r\non this server.<P>\r\n<HR>\r\n<ADDRESS>HTTP Server at $HOST$ Port $PORT$</ADDRESS>\r\n</BODY></HTML>\r\n";
static char http_500_str[] = "<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\">\r\n<HTML><HEAD>\r\n<TITLE>500 Server Error</TITLE>\r\n</HEAD><BODY>\r\n<H1>Server Error</H1>\r\nServer Error<P>\r\n<HR>\r\n<ADDRESS>HTTP Server at $HOST$ Port $PORT$</ADDRESS>\r\n</BODY></HTML>\r\n"; static char http_500_str[] = "<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\">\r\n<HTML><HEAD>\r\n<TITLE>500 Server Error</TITLE>\r\n</HEAD><BODY>\r\n<H1>Server Error</H1>\r\nServer Error<P>\r\n<HR>\r\n<ADDRESS>HTTP Server at $HOST$ Port $PORT$</ADDRESS>\r\n</BODY></HTML>\r\n";
@ -21867,6 +21869,69 @@ bool HttpSendNotImplemented(SOCK *s, char *method, char *target, char *version)
return ret; return ret;
} }
// Sending the 301 Moved Permanently: Redirect
bool HttpSendRedirect(SOCK *s, char *target, char *hostname)
{
HTTP_HEADER *h;
char *str;
//char *redirect_to_static="https://$HOSTNAME$:4443$TARGET$";
char *redirect_to_static="https://%s:4443%s";
char *redirect_to;
UINT redir_size;
UINT str_size;
bool ret;
char host[MAX_SIZE];
UINT port;
// Validate arguments
if (s == NULL || target == NULL || hostname == NULL)
{
return false;
}
// Get the host name
//GetMachineName(host, MAX_SIZE);
Zero(host, sizeof(host));
IPToStr(host, sizeof(host), &s->LocalIP);
// Creating a header
h = NewHttpHeader("HTTP/1.1", "301", "Moved Permanently");
redir_size = strlen(redirect_to_static) * 2 + StrLen(target) + StrLen(hostname);
redirect_to = Malloc(redir_size);
snprintf(redirect_to, redir_size, redirect_to_static, hostname, target);
//StrCpy(redirect_to, redir_size, redirect_to_static);
//ReplaceStri(redirect_to, redir_size, redirect_to, "$TARGET$", target);
//ReplaceStri(redirect_to, redir_size, redirect_to, "$HOSTNAME$", hostname);
AddHttpValue(h, NewHttpValue("Location", redirect_to));
AddHttpValue(h, NewHttpValue("Content-Type", HTTP_CONTENT_TYPE));
// Creating a Data
str_size = sizeof(http_301_str) * 2 + StrLen(target) + StrLen(hostname);
str = Malloc(str_size);
StrCpy(str, str_size, http_301_str);
// TARGET
ReplaceUnsafeCharInTarget(target);
ReplaceStri(str, str_size, str, "$TARGET$", target);
// HOST
//ReplaceStri(str, str_size, str, "$HOST$", host);
// HOSTNAME
ReplaceStri(str, str_size, str, "$HOSTNAME$", hostname);
// Transmission
ret = PostHttp(s, h, str, StrLen(str));
FreeHttpHeader(h);
Free(redirect_to);
Free(str);
return ret;
}
// Sending a 404 Not Found error // Sending a 404 Not Found error
bool HttpSendNotFound(SOCK *s, char *target) bool HttpSendNotFound(SOCK *s, char *target)
{ {

View File

@ -1044,6 +1044,7 @@ char *HttpHeaderToStr(HTTP_HEADER *header);
bool PostHttp(SOCK *s, HTTP_HEADER *header, void *post_data, UINT post_size); bool PostHttp(SOCK *s, HTTP_HEADER *header, void *post_data, UINT post_size);
UINT GetContentLength(HTTP_HEADER *header); UINT GetContentLength(HTTP_HEADER *header);
void GetHttpDateStr(char *str, UINT size, UINT64 t); void GetHttpDateStr(char *str, UINT size, UINT64 t);
bool HttpSendRedirect(SOCK *s, char *target, char* hostname);
bool HttpSendForbidden(SOCK *s, char *target, char *server_id); bool HttpSendForbidden(SOCK *s, char *target, char *server_id);
bool HttpSendNotFound(SOCK *s, char *target); bool HttpSendNotFound(SOCK *s, char *target);
bool HttpSendNotImplemented(SOCK *s, char *method, char *target, char *version); bool HttpSendNotImplemented(SOCK *s, char *method, char *target, char *version);