X-Git-Url: https://git.stg.codes/stg.git/blobdiff_plain/114e097d3658e41e7946b5d5ba1ad2ffdc7fe2d9..4a1a62fae847eab4e83fdd61a5c801e9ec99529e:/projects/stargazer/plugins/other/radius/radius.cpp diff --git a/projects/stargazer/plugins/other/radius/radius.cpp b/projects/stargazer/plugins/other/radius/radius.cpp index 68a96d29..45a9d0e1 100644 --- a/projects/stargazer/plugins/other/radius/radius.cpp +++ b/projects/stargazer/plugins/other/radius/radius.cpp @@ -91,6 +91,11 @@ int RADIUS::Start() int RADIUS::Stop() { + std::set::const_iterator it = m_logins.begin(); + for (; it != m_logins.end(); ++it) + m_users->Unauthorize(*it, this, "Stopping RADIUS plugin."); + m_logins.clear(); + if (m_stopped) return 0; @@ -176,6 +181,9 @@ int RADIUS::createUNIX() const m_logger(m_error); return 0; } + chown(m_config.bindAddress.c_str(), m_config.sockUID, m_config.sockGID); + if (m_config.sockMode != static_cast(-1)) + chmod(m_config.bindAddress.c_str(), m_config.sockMode); return fd; } @@ -339,7 +347,7 @@ void RADIUS::acceptUNIX() return; } printfd(__FILE__, "New UNIX connection: '%s'\n", addr.sun_path); - m_conns.push_back(new Conn(*m_users, m_logger, m_config, res, addr.sun_path)); + m_conns.push_back(new Conn(*m_users, m_logger, *this, m_config, res, addr.sun_path)); } void RADIUS::acceptTCP() @@ -356,5 +364,27 @@ void RADIUS::acceptTCP() } std::string remote = inet_ntostring(addr.sin_addr.s_addr) + ":" + x2str(ntohs(addr.sin_port)); printfd(__FILE__, "New TCP connection: '%s'\n", remote.c_str()); - m_conns.push_back(new Conn(*m_users, m_logger, m_config, res, remote)); + m_conns.push_back(new Conn(*m_users, m_logger, *this, m_config, res, remote)); +} + +void RADIUS::authorize(const USER& user) +{ + uint32_t ip = 0; + const std::string& login(user.GetLogin()); + if (!m_users->Authorize(login, ip, 0xffFFffFF, this)) + { + m_error = "Unable to authorize user '" + login + "' with ip " + inet_ntostring(ip) + "."; + m_logger(m_error); + } + else + m_logins.insert(login); +} + +void RADIUS::unauthorize(const std::string& login, const std::string& reason) +{ + const std::set::const_iterator it = m_logins.find(login); + if (it == m_logins.end()) + return; + m_logins.erase(it); + m_users->Unauthorize(login, this, reason); }