From 684d7cc6c2ce6ba3f1ca5c48dda5c4efa9448455 Mon Sep 17 00:00:00 2001 From: paulr Date: Wed, 8 Dec 2010 10:55:06 +1100 Subject: [PATCH] added radclient stuff --- authserver/authd/authd.php | 32 ++++++++++++++++++++++++++++++++ authserver/lib/lib.php | 28 +++++++++++++++++++++++++++- authserver/www/admin.php | 5 +++-- 3 files changed, 62 insertions(+), 3 deletions(-) diff --git a/authserver/authd/authd.php b/authserver/authd/authd.php index 576a507..67b9627 100644 --- a/authserver/authd/authd.php +++ b/authserver/authd/authd.php @@ -31,6 +31,38 @@ if($pid == -1) { while(true) { msg_receive($sr_queue, 0, $msg_type, 16384, $msg); switch($msg_type) { + case MSG_GET_RADIUS_CLIENTS: + $sql = "select * from radclients"; + $dbo = getDatabase(); + $res = $dbo->query($sql); + $clients = ""; + $i=0; + foreach($res as $row) { + // $sql = 'CREATE TABLE "radclients" ("rad_id" INTEGER PRIMARY KEY AUTOINCREMENT,"rad_name" TEXT, "rad_ip" TEXT, "rad_secret" TEXT, "rad_desc" TEXT);'; + $clients[$i]["name"] = $row["rad_name"]; + $clients[$i]["ip"] = $row["rad_ip"]; + $clients[$i]["secret"] = $row["rad_secret"]; + $clients[$i]["desc"] = $row["rad_desc"]; + } + msg_send($cl_queue, MSG_GET_RADIUS_CLIENTS, $clients); + break; + case MSG_REMOVE_RADIUS_CLIENT: + // it should send us a client by rad_name - doesnt work yet + $client = $msg["clientname"]; + $sql = "delete from radclients where rad_name='$client'"; + $res = $dbo->query($sql); + updateRadius(); + msg_send($cl_queue, MSG_REMOVE_RADIUS_CLIENT, true); + break; + case MSG_ADD_RADIUS_CLIENT: + $client = $msg["clientname"]; + $clientsecret = $msg["clientsecret"]; + $clientip = $msg["clientip"]; + $clientdesc = $msg["clientdescription"]; + $sql = "insert into radclients values (NULL, '$client', '$clientip', '$clientsecret', '$clientdesc')"; + updateRadius(); + msg_send($cl_queue, MSG_ADD_RADIUS_CLIENT, true); + break; case MSG_DELETE_USER_TOKEN: $username = $msg["username"]; diff --git a/authserver/lib/lib.php b/authserver/lib/lib.php index 83d7ced..90b0ddf 100644 --- a/authserver/lib/lib.php +++ b/authserver/lib/lib.php @@ -18,6 +18,9 @@ define("MSG_GET_OTK_ID", 11); define("MSG_DELETE_USER_TOKEN", 12); define("MSG_SYNC_TOKEN", 13); define("MSG_GET_TOKEN_TYPE", 14); +define("MSG_GET_RADIUS_CLIENTS", 15); +define("MSG_REMOVE_RADIUS_CLIENT", 16); +define("MSG_ADD_RADIUS_CLIENT", 17); // BASE_DIR = $BASE_DIR = realpath(dirname(__FILE__)."/../../"); @@ -38,8 +41,29 @@ function generateRandomString() return $str; } +function updateRadius() +{ + // this is hardcoded for now. + $clientfile = "/opt/freeradius/clients.conf"; + + $db = getDatabase(); + + $hand = fopen($clientfile, "w"); + $sql = "select * from radclients"; + $res = $db->query($sql); + foreach($res as $row) { + $cname = $row["rad_name"]; + $cip = $row["rad_ip"]; + $csec = $row["rad_secret"]; + $lines = "client $cname {\nipaddr = $cip\nsecret = $csec\nrequire_message_authenticator = no\n}"; + fwrite($hand, $lines); + } + fclose($hand); +} + -function getDatabase() { +function getDatabase() +{ $dbobject = false; global $BASE_DIR; if(file_exists("$BASE_DIR/authserver/authd/gaasdata.sqlite")) { @@ -56,6 +80,8 @@ function getDatabase() { } $sql = 'CREATE TABLE "users" ("users_id" INTEGER PRIMARY KEY AUTOINCREMENT,"users_username" TEXT, "users_realname" TEXT, "users_password" TEXT, "users_tokendata" TEXT, "users_otk" TEXT);'; $dbobject->query($sql); + $sql = 'CREATE TABLE "radclients" ("rad_id" INTEGER PRIMARY KEY AUTOINCREMENT,"rad_name" TEXT, "rad_ip" TEXT, "rad_secret" TEXT, "rad_desc" TEXT);'; + $dbobject->query($sql); } return $dbobject; diff --git a/authserver/www/admin.php b/authserver/www/admin.php index 24d02b4..7f2c8a3 100644 --- a/authserver/www/admin.php +++ b/authserver/www/admin.php @@ -72,8 +72,9 @@ if($myAC->getUserTokenType($username)=="HOTP") { ?>
-

Custom Tokens - doesnt work yet


-For assiging in a user-created or hardware tokens
+

Custom Tokens


+For assiging in a user-created or hardware tokens.
+If you assign a token this way, any previous token is removed and forever gone.
Token Key (hex)
Token Type