#include <freeradius-devel/ident.h>
RCSID("$Id$")
#include <freeradius-devel/radiusd.h>
#include <freeradius-devel/modules.h>
#include <ctype.h>
typedef struct rlm_expiration_t {
char *msg;
} rlm_expiration_t;
static const CONF_PARSER module_config[] = {
{ "reply-message", PW_TYPE_STRING_PTR, offsetof(rlm_expiration_t,msg),
NULL, "Password Has Expired\r\n"},
{ NULL, -1, 0, NULL, NULL }
};
static int expiration_authorize(void *instance, REQUEST *request)
{
rlm_expiration_t *data = (rlm_expiration_t *)instance;
VALUE_PAIR *vp, *check_item = NULL;
char msg[MAX_STRING_LEN];
if ((check_item = pairfind(request->config_items, PW_EXPIRATION)) != NULL){
RDEBUG("Checking Expiration time: '%s'",check_item->vp_strvalue);
if (((time_t) check_item->vp_date) <= request->timestamp) {
char logstr[MAX_STRING_LEN];
VALUE_PAIR *module_fmsg_vp;
RDEBUG("Account has expired");
if (data->msg && data->msg[0]){
if (!radius_xlat(msg, sizeof(msg), data->msg, request, NULL)) {
radlog(L_ERR, "rlm_expiration: xlat failed.");
return RLM_MODULE_FAIL;
}
vp = pairmake("Reply-Message", msg, T_OP_ADD);
pairfree(&request->reply->vps);
request->reply->vps = vp;
}
snprintf(logstr, sizeof(logstr), "Account has expired [Expiration %s]",check_item->vp_strvalue);
module_fmsg_vp = pairmake("Module-Failure-Message", logstr, T_OP_EQ);
pairadd(&request->packet->vps, module_fmsg_vp);
return RLM_MODULE_USERLOCK;
}
vp = pairfind(request->reply->vps, PW_SESSION_TIMEOUT);
if (!vp) {
vp = radius_paircreate(request, &request->reply->vps,
PW_SESSION_TIMEOUT,
PW_TYPE_INTEGER);
vp->vp_date = (uint32_t) (((time_t) check_item->vp_date) - request->timestamp);
} else if (vp->vp_date > ((uint32_t) (((time_t) check_item->vp_date) - request->timestamp))) {
vp->vp_date = (uint32_t) (((time_t) check_item->vp_date) - request->timestamp);
}
}
else
return RLM_MODULE_NOOP;
return RLM_MODULE_OK;
}
static int expirecmp(void *instance, REQUEST *req,
VALUE_PAIR *request, VALUE_PAIR *check,
VALUE_PAIR *check_pairs, VALUE_PAIR **reply_pairs)
{
time_t now = 0;
instance = instance;
request = request;
check_pairs = check_pairs;
reply_pairs = reply_pairs;
now = (req) ? req->timestamp : time(NULL);
if (now <= ((time_t) check->vp_date))
return 0;
return +1;
}
static int expiration_detach(void *instance)
{
paircompare_unregister(PW_EXPIRATION, expirecmp);
free(instance);
return 0;
}
static int expiration_instantiate(CONF_SECTION *conf, void **instance)
{
rlm_expiration_t *data;
data = rad_malloc(sizeof(*data));
if (!data) {
radlog(L_ERR, "rlm_expiration: rad_malloc() failed.");
return -1;
}
memset(data, 0, sizeof(*data));
if (cf_section_parse(conf, data, module_config) < 0) {
free(data);
radlog(L_ERR, "rlm_expiration: Configuration parsing failed.");
return -1;
}
paircompare_register(PW_EXPIRATION, 0, expirecmp, data);
*instance = data;
return 0;
}
module_t rlm_expiration = {
RLM_MODULE_INIT,
"expiration",
RLM_TYPE_THREAD_SAFE,
expiration_instantiate,
expiration_detach,
{
NULL,
expiration_authorize,
NULL,
NULL,
NULL,
NULL,
NULL,
NULL
},
};