1 /**************************************************
2 opengate server header file
4 Copyright (C) 1999 Opengate Project Team
5 Written by Yoshiaki Watanabe
6 Modfied Katsuhiko Eguchi, 2005
8 This program is free software; you can redistribute it and/or
9 modify it under the terms of the GNU General Public License
10 as published by the Free Software Foundation; either version 2
11 of the License, or (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program; if not, write to the Free Software
20 Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
22 Email: watanaby@is.saga-u.ac.jp
23 **************************************************/
25 #include <sys/types.h> /* basic system data types */
26 #include <sys/socket.h> /* basic socket definitions */
27 #include <sys/time.h> /* timeval{} for select() */
28 #include <time.h> /* timespec{} for pselect() */
29 #include <netinet/in.h> /* sockaddr_in{} and other Internet defns */
30 #include <arpa/inet.h> /* inet(3) functions */
32 #include <fcntl.h> /* for nonblocking */
38 #include <sys/stat.h> /* for S_xxx file mode constants */
39 #include <sys/uio.h> /* for iovec{} and readv/writev */
42 #include <sys/un.h> /* for Unix domain sockets */
43 # include <sys/select.h> /* for convenience */
44 # include <poll.h> /* for convenience */
45 # include <strings.h> /* for convenience */
46 # include <sys/ioctl.h>
47 # include <sys/filio.h>
48 # include <sys/sockio.h>
50 #define SA struct sockaddr
51 #define LISTENQ 1024 /* 2nd argument to listen() */
52 typedef void Sigfunc(int); /* for signal handlers */
57 #include <sys/signal.h>
59 /***** some parameters are overrided by the value in makefile. ****/
61 #define USEIPV6 1 /* if 1, enable IPv6 */
62 #define DEBUG 1 /* if 1, dump many message to syslog */
63 #define ERRORTOSYSLOG 1 /* if 1, error message to syslog */
66 #define APPLETMARK "**OpengateAppletHere**" /* applet insert point mark */
67 #define TERMINATEMARK "**TerminateUrlHere**" /* terminate URL insert mark */
68 #define INFOMATIONMARK "**InfomationUrlHere**" /* infomation URL insert mark */
70 #define DURATIONDEFAULT 1200 /* default timeout of java connect (second) */
71 #define DURATIONMAX 10800 /* requested usage time without java */
72 /* is limitted by this value(second) */
74 #define ACTIVECHECKINTERVAL 600
75 #define COMMWAITTIMEOUT 60 /* communication reply timeout(second) */
76 #define NOREPLYMAX 1 /* permitted count of no reply to hello */
77 #define PACKETLOGDELAY 10 /* wait log writing time(second) */
78 #define NOPACKETINTERVAL 5400 /* no packet interval (second) */
79 /* to judge the user has gone */
81 #define LOCKTIMEOUT 10 /* ipfw exclusive exec lock timeout (second)*/
83 #define IPFWMIN 10000 /* ipfw rule number minimum */
84 #define IPFWMAX 40000 /* ipfw rule number maximum */
85 #define IPFWINTERVAL 2 /* ipfw rule number interval */
87 /* listen a port between follows */
88 #define PORTMIN 30000 /* minimum port number */
89 #define PORTMAX 60000 /* maximum port number */
91 #define FACILITY LOG_LOCAL1 /* syslog ID */
93 #define DEFAULTPROTO "ftp" /* default authentication protocol */
95 #define ADDRMAXLN 128 /* maximum address string length */
96 #define PASSMAXLN 128 /* maximum password string length */
97 #define USERMAXLN 32 /* maximum userid string length */
98 #define BUFFMAXLN 256 /* maximum buffer string length */
99 #define WORDMAXLN 16 /* maximum word length */
111 #define ENABLEMACADDR 1 /* if 0, ignore MAC addr routine */
112 #define PAMSERVICENAME "opengate" /* service name used in PAM */
113 #define RADIUSCONF "/etc/radius.conf" /* default path to radius.conf */
117 int type; /* IP type 4 or 6 */
118 char IpAddr[ADDRMAXLN]; /* client IP address */
119 char ruleNumber[WORDMAXLN]; /* rule number of ipfw or ip6fw */
120 time_t timeIn; /* start time */
121 int status; /* active check */
122 struct clientAddr * next; /* next struct */
125 /**********prototypes***************************************/
127 int authenticateUser(char *userid, char *password);
128 int AuthenticateUser(char *userid, char *password);
130 int openClientGate4(char *clientAddr4, char *userid, char *macAddr4, char *userProperty);
131 int OpenClientGate4(char *clientAddr4, char *userid, char *macAddr4, char *userProperty);
133 int openClientGate6(char *clientAddr6, char *userid, char *macAddr6, char *userProperty);
134 int OpenClientGate6(char *clientAddr6, char *userid, char *macAddr6, char *userProperty);
136 void closeClientGate4(struct clientAddr *pClientAddr, char *userid, char *macAddr4);
137 void CloseClientGate4(struct clientAddr *pClientAddr, char *userid, char *macAddr4);
139 void closeClientGate6(struct clientAddr *pClientAddr, char *userid, char *macAddr6);
140 void CloseClientGate6(struct clientAddr *pClientAddr, char *userid, char *macAddr6);
142 void deleteNdpEntry(char *clientAddr6);
143 void DeleteNdpEntry(char *clientAddr6);
145 void scanNdpEntry(struct clientAddr *pClientAddr, char *userid, char *macAddr6, char *userProperty);
146 void ScanNdpEntry(struct clientAddr *pClientAddr, char *userid, char *macAddr6, char *userProperty);
148 int getPacketCount(struct clientAddr *pClientAddr);
149 int GetPacketCount(struct clientAddr *pClientAddr);
151 int getPacketCount4(char *ruleNumber);
152 int GetPacketCount4(char *ruleNumber);
154 int getPacketCount6(char *ruleNumber);
155 int GetPacketCount6(char *ruleNumber);
157 int countRuleNumber(char *ruleNumber);
158 int ConntRuleNumber(char *ruleNumber);
160 void getClientAddr(char *clientAddr);
161 void GetClientAddr(char *clientAddr);
163 void getPostData(char *userid, char *password, char *clientAddr4, int *durationPtr);
164 void GetPostData(char *userid, char *password, char *clientAddr4, int *durationPtr);
166 int getUserProperty(char *userid, char *userProperty);
167 int GetUserProperty(char *userid, char *userProperty);
169 void splitId(char* userid, char* useridshort, char* serverid);
170 void SplitId(char* userid, char* useridshort, char* serverid);
172 void waitClientClose(struct clientAddr *pClientAddr, char *userid, char *userProperty, char *macAddr6, int status);
173 void WaitClientClose(struct clientAddr *pClientAddr, char *userid, char *userProperty, char *macAddr6, int status);
175 void putClientDeny(void);
176 void PutClientDeny(void);
178 void putClientMsg(char *message);
179 void PutClientMsg(char *message);
181 int getListenPort(void);
182 int GetListenPort(void);
184 void putJavaApplet(char *userid, int port, int pid, char *clientAddr4, char *clientAddr6, int status);
185 void PutJavaApplet(char *userid, int port, int pid, char *clientAddr4, char *clientAddr6, int status);
187 int waitAppletConnect(char *userid, char *clientAddr4, char *clientAddr6, int duration, char *macAddr4, int status, struct clientAddr *pClientAddr);
188 int WaitAppletConnect(char *userid, char *clientAddr4, char *clientAddr6, int duration, char *macAddr4, int status, struct clientAddr *pClientAddr);
190 int checkReferer(void);
191 int CheckReferer(void);
193 ssize_t readln(int fd, void *vptr, size_t maxlen);
194 ssize_t Readln(int fd, void *ptr, size_t maxlen);
196 void Writefmt(int fd, const char *fmt, ...);
204 int getMacAddrFromArp(char *clientAddr4, char* macAddr4);
205 int GetMacAddrFromArp(char *clientAddr4, char* macAddr4);
207 int getMacAddrFromNdp(char *clientAddr6, char* macAddr6);
208 int GetMacAddrFromNdp(char *clientAddr6, char* macAddr6);
210 void quitClient(void);
211 void QuitClient(void);
213 struct clientAddr *createAddrList(char* IpAddr, char *ruleNumber, int type);
214 struct clientAddr *CreateAddrList(char* IpAddr, char *ruleNumber, int type);
216 int tcp_connect(const char *host, const char *serv);
217 int Tcp_connect(const char *host, const char *serv);
219 void err_ret(const char *fmt, ...);
220 void err_sys(const char *fmt, ...);
221 void err_dump(const char *fmt, ...);
222 void err_msg(const char *fmt, ...);
223 void err_quit(const char *fmt, ...);
224 void errToSyslog(int i);
226 char * sock_ntop_host(const struct sockaddr *sa, socklen_t salen);
227 char * Sock_ntop_host(const struct sockaddr *sa, socklen_t salen);
229 int Open(const char *pathname, int oflag, mode_t mode);
233 void Getpeername(int fd, struct sockaddr *sa, socklen_t *salenptr);
234 int Socket(int family, int type, int protocol);
235 void Listen(int fd, int backlog);
236 Sigfunc * Signal(int signo, Sigfunc *func);
237 void * Malloc(size_t size);
239 int createDbBuffer(char* serverid);
240 int CreateDbBuffer(char* serverid);
241 int releaseDbBuffer(void);
242 int ReleaseDbBuffer(void);
243 char* getAuthAddress(void);
244 char* GetAuthAddress(void);
245 char* getAuthPort(void);
246 char* GetAuthPort(void);
247 char* getAuthProtocol(void);
248 char* GetAuthProtocol(void);
249 char* getPamServiceName(void);
250 char* GetPamServiceName(void);
251 char* getRadiusConfFile(void);
252 char* GetRadiusConfFile(void);
253 int getDurationDefault(void);
254 int GetDurationDefault(void);
255 int getDurationMax(void);
256 int GetDurationMax(void);
257 int getActiveCheckInterval(void);
258 int GetActiveCheckInterval(void);
259 int getNoReplyMax(void);
260 int GetNoReplyMax(void);
261 int getNoPacketInterval(void);
262 int GetNoPacketInterval(void);
263 int getIpfwMin(void);
264 int GetIpfwMin(void);
265 int getIpfwMax(void);
266 int GetIpfwMax(void);
267 int getIpfwInterval(void);
268 int GetIpfwInterval(void);
269 int getPortMin(void);
270 int GetPortMin(void);
271 int getPortMax(void);
272 int GetPortMax(void);
273 int getEnableMacAddr(void);
274 int GetEnableMacAddr(void);
275 char* getFwScriptPath(void);
276 char* GetFwScriptPath(void);
277 char* getFwScript(void);
278 char* GetFwScript(void);
279 int getUseFwScript(void);
280 int GetUseFwScript(void);