diff --git a/agents/agentreq.go b/agents/agentreq.go index da469f6b2..3ab5ba36d 100644 --- a/agents/agentreq.go +++ b/agents/agentreq.go @@ -178,17 +178,17 @@ func (ar *AgentRequest) SetFields(tplFlds []*config.FCTemplate) (err error) { default: return fmt.Errorf("unsupported field prefix: <%s> when set fields", fldPath[0]) case utils.MetaVars: - ar.Vars = config.NewNavigableMap(nil) + ar.Vars.RemoveAll() case utils.MetaCgreq: - ar.CGRRequest = config.NewNavigableMap(nil) + ar.CGRRequest.RemoveAll() case utils.MetaCgrep: - ar.CGRReply = config.NewNavigableMap(nil) + ar.CGRReply.RemoveAll() case utils.MetaRep: - ar.Reply = config.NewNavigableMap(nil) + ar.Reply.RemoveAll() case utils.MetaDiamreq: - ar.diamreq = config.NewNavigableMap(nil) + ar.diamreq.RemoveAll() case utils.MetaTmp: - ar.tmp = config.NewNavigableMap(nil) + ar.tmp.RemoveAll() } default: out, err := ar.ParseField(tplFld) diff --git a/agents/agentreq_test.go b/agents/agentreq_test.go index 022b14dd1..c8b2aeb8c 100644 --- a/agents/agentreq_test.go +++ b/agents/agentreq_test.go @@ -1734,7 +1734,7 @@ func TestAgReqSetFieldsWithRemove(t *testing.T) { eMpRemove = config.NewNavigableMap(nil) if err := agReq.SetFields(tplFldsRemove); err != nil { t.Error(err) - } else if !reflect.DeepEqual(agReq.Reply, eMpRemove) { + } else if !reflect.DeepEqual(agReq.Reply.Values(), eMpRemove.Values()) { t.Errorf("expecting: %+v,\n received: %+v", eMpRemove, agReq.Reply) } } diff --git a/agents/dnsagent.go b/agents/dnsagent.go index d0020efa8..dfd48c8a4 100644 --- a/agents/dnsagent.go +++ b/agents/dnsagent.go @@ -158,7 +158,6 @@ func (da *DNSAgent) handleMessage(w dns.ResponseWriter, req *dns.Msg) { dnsWriteMsg(w, rply) return } - fmt.Println(utils.ToJSON(rply)) if err = dnsWriteMsg(w, rply); err != nil { // failed sending, most probably content issue rply = new(dns.Msg) rply.SetReply(req) diff --git a/agents/radagent.go b/agents/radagent.go index 39705ad4e..0c94b829c 100644 --- a/agents/radagent.go +++ b/agents/radagent.go @@ -87,13 +87,14 @@ func (ra *RadiusAgent) handleAuth(req *radigo.Packet) (rpl *radigo.Packet, err e ra.filterS, nil, nil) agReq.Vars.Set([]string{MetaRadReqType}, utils.StringToInterface(MetaRadAuth), false, true) var lclProcessed bool - if lclProcessed, err = ra.processRequest(reqProcessor, agReq, rpl); lclProcessed { + if lclProcessed, err = ra.processRequest(req, reqProcessor, agReq); lclProcessed { processed = lclProcessed } if err != nil || (lclProcessed && !reqProcessor.Flags.GetBool(utils.MetaContinue)) { break } } + if err != nil { utils.Logger.Err(fmt.Sprintf("<%s> error: <%s> ignoring request: %s", utils.RadiusAgent, err.Error(), utils.ToJSON(req))) @@ -130,7 +131,7 @@ func (ra *RadiusAgent) handleAcct(req *radigo.Packet) (rpl *radigo.Packet, err e config.CgrConfig().GeneralCfg().DefaultTimezone), ra.filterS, nil, nil) var lclProcessed bool - if lclProcessed, err = ra.processRequest(reqProcessor, agReq, rpl); lclProcessed { + if lclProcessed, err = ra.processRequest(req, reqProcessor, agReq); lclProcessed { processed = lclProcessed } if err != nil || (lclProcessed && !reqProcessor.Flags.GetBool(utils.MetaContinue)) { @@ -155,8 +156,8 @@ func (ra *RadiusAgent) handleAcct(req *radigo.Packet) (rpl *radigo.Packet, err e } // processRequest represents one processor processing the request -func (ra *RadiusAgent) processRequest(reqProcessor *config.RequestProcessor, - agReq *AgentRequest, rply *radigo.Packet) (processed bool, err error) { +func (ra *RadiusAgent) processRequest(req *radigo.Packet, reqProcessor *config.RequestProcessor, + agReq *AgentRequest) (processed bool, err error) { if pass, err := ra.filterS.Pass(agReq.Tenant, reqProcessor.Filters, agReq); err != nil || !pass { return pass, err @@ -303,16 +304,18 @@ func (ra *RadiusAgent) processRequest(reqProcessor *config.RequestProcessor, } case utils.MetaCDRs: // allow this method case utils.MetaRadauth: - // To be implemented - //// radius pass will be taken from request directly - //radiusPass := "CGRateS.org" - //userPass, err := agReq.Vars.FieldAsString([]string{utils.UserPassword}) - //if err != nil { - // return false, err - //} - //if radiusPass != userPass { - // agReq.CGRReply.Set([]string{utils.Error}, "Failed to authenticate request", false, false) - //} + // try to get UserPassword from Vars as slice of NMItems + nmItems, err := agReq.Vars.FieldAsInterface([]string{utils.UserPassword}) + if err != nil { + return false, err + } + avps := req.AttributesWithName("User-Password", utils.EmptyString) + if len(avps) == 0 { + return false, fmt.Errorf("cannot find User-Password AVP in request") + } + if string(avps[0].RawValue) != nmItems.([]*config.NMItem)[0].Data { + agReq.CGRReply.Set([]string{utils.Error}, "Failed to authenticate request", false, false) + } } // separate request so we can capture the Terminate/Event also here if reqProcessor.Flags.HasKey(utils.MetaCDRs) { @@ -324,6 +327,7 @@ func (ra *RadiusAgent) processRequest(reqProcessor *config.RequestProcessor, agReq.CGRReply.Set([]string{utils.Error}, err.Error(), false, false) } } + if err := agReq.SetFields(reqProcessor.ReplyFields); err != nil { return false, err } @@ -331,12 +335,12 @@ func (ra *RadiusAgent) processRequest(reqProcessor *config.RequestProcessor, if reqProcessor.Flags.HasKey(utils.MetaLog) { utils.Logger.Info( fmt.Sprintf("<%s> LOG, Radius reply: %s", - utils.RadiusAgent, utils.ToIJSON(rply))) + utils.RadiusAgent, utils.ToIJSON(agReq.Reply))) } if reqType == utils.MetaDryRun { utils.Logger.Info( fmt.Sprintf("<%s> DRY_RUN, Radius reply: %s", - utils.RadiusAgent, utils.ToJSON(rply))) + utils.RadiusAgent, utils.ToJSON(agReq.Reply))) } return true, nil } diff --git a/agents/radagent_it_test.go b/agents/radagent_it_test.go index 2cfbb6320..558a08b2c 100644 --- a/agents/radagent_it_test.go +++ b/agents/radagent_it_test.go @@ -50,7 +50,8 @@ var ( testRAitStartEngine, testRAitApierRpcConn, testRAitTPFromFolder, - testRAitAuth, + testRAitAuthSuccess, + testRAitAuthFail, testRAitAcctStart, testRAitAcctStop, testRAitStopCgrEngine, @@ -80,7 +81,6 @@ func TestRAit(t *testing.T) { } } -/* func TestRAitDispatcher(t *testing.T) { if *encoding == utils.MetaGOB { t.SkipNow() @@ -97,7 +97,7 @@ func TestRAitDispatcher(t *testing.T) { engine.KillEngine(100) isDispatcherActive = false } -*/ + func testRAitInitCfg(t *testing.T) { raCfgPath = path.Join(*dataDir, "conf", "samples", raonfigDIR) // Init config first @@ -192,7 +192,7 @@ func testRadiusitTPLoadData(t *testing.T) { } } -func testRAitAuth(t *testing.T) { +func testRAitAuthSuccess(t *testing.T) { if raAuthClnt, err = radigo.NewClient("udp", "127.0.0.1:1812", "CGRateS.org", dictRad, 1, nil); err != nil { t.Fatal(err) } @@ -200,9 +200,9 @@ func testRAitAuth(t *testing.T) { if err := authReq.AddAVPWithName("User-Name", "1001", ""); err != nil { t.Error(err) } - //if err := authReq.AddAVPWithName("User-Password", "CGRateS.org", ""); err != nil { - // t.Error(err) - //} + if err := authReq.AddAVPWithName("User-Password", "CGRateSPassword1", ""); err != nil { + t.Error(err) + } if err := authReq.AddAVPWithName("Service-Type", "SIP-Caller-AVPs", ""); err != nil { t.Error(err) } @@ -235,6 +235,49 @@ func testRAitAuth(t *testing.T) { } } +func testRAitAuthFail(t *testing.T) { + if raAuthClnt, err = radigo.NewClient("udp", "127.0.0.1:1812", "CGRateS.org", dictRad, 1, nil); err != nil { + t.Fatal(err) + } + authReq := raAuthClnt.NewRequest(radigo.AccessRequest, 1) // emulates Kamailio packet out of radius_load_caller_avps() + if err := authReq.AddAVPWithName("User-Name", "1001", ""); err != nil { + t.Error(err) + } + if err := authReq.AddAVPWithName("User-Password", "CGRateSPassword2", ""); err != nil { + t.Error(err) + } + if err := authReq.AddAVPWithName("Service-Type", "SIP-Caller-AVPs", ""); err != nil { + t.Error(err) + } + if err := authReq.AddAVPWithName("Called-Station-Id", "1002", ""); err != nil { + t.Error(err) + } + if err := authReq.AddAVPWithName("Acct-Session-Id", "e4921177ab0e3586c37f6a185864b71a@0:0:0:0:0:0:0:0", ""); err != nil { + t.Error(err) + } + if err := authReq.AddAVPWithName("Sip-From-Tag", "51585361", ""); err != nil { + t.Error(err) + } + if err := authReq.AddAVPWithName("NAS-IP-Address", "127.0.0.1", ""); err != nil { + t.Error(err) + } + if err := authReq.AddAVPWithName("Event-Timestamp", "1497106115", ""); err != nil { + t.Error(err) + } + reply, err := raAuthClnt.SendRequest(authReq) + if err != nil { + t.Fatal(err) + } + if reply.Code != radigo.AccessReject { + t.Errorf("Received reply: %+v", reply) + } + if len(reply.AVPs) != 1 { // make sure max duration is received + t.Errorf("Received AVPs: %+v", reply.AVPs) + } else if !reflect.DeepEqual([]byte("Failed to authenticate request"), reply.AVPs[0].RawValue) { + t.Errorf("Received: %s", string(reply.AVPs[0].RawValue)) + } +} + func testRAitAcctStart(t *testing.T) { if raAcctClnt, err = radigo.NewClient("udp", "127.0.0.1:1813", "CGRateS.org", dictRad, 1, nil); err != nil { t.Fatal(err) @@ -273,7 +316,7 @@ func testRAitAcctStart(t *testing.T) { if err := req.AddAVPWithName("Ascend-User-Acct-Time", "1497106115", ""); err != nil { t.Error(err) } - if err := req.AddAVPWithName("NAS-Port-Id", "5060", ""); err != nil { + if err := req.AddAVPWithName("NAS-Port", "5060", ""); err != nil { t.Error(err) } if err := req.AddAVPWithName("Acct-Delay-Time", "0", ""); err != nil { @@ -349,7 +392,7 @@ func testRAitAcctStop(t *testing.T) { if err := req.AddAVPWithName("Ascend-User-Acct-Time", "1497106115", ""); err != nil { t.Error(err) } - if err := req.AddAVPWithName("NAS-Port-Id", "5060", ""); err != nil { + if err := req.AddAVPWithName("NAS-Port", "5060", ""); err != nil { t.Error(err) } if err := req.AddAVPWithName("Acct-Delay-Time", "0", ""); err != nil { diff --git a/config/navigablemap.go b/config/navigablemap.go index 26568b78d..79b533dec 100644 --- a/config/navigablemap.go +++ b/config/navigablemap.go @@ -665,3 +665,9 @@ func (nM *NavigableMap) Remove(path []string) { mp = oData.(map[string]interface{}) // so we can check further down } } + +// RemoveAll will clean the data and the odrder from NavigableMap +func (nM *NavigableMap) RemoveAll() { + nM.data = make(map[string]interface{}) + nM.order = make([][]string, 0) +} diff --git a/data/conf/samples/dispatchers/radagent/cgrates.json b/data/conf/samples/dispatchers/radagent/cgrates.json index d482d33c7..3978d4eff 100644 --- a/data/conf/samples/dispatchers/radagent/cgrates.json +++ b/data/conf/samples/dispatchers/radagent/cgrates.json @@ -58,13 +58,12 @@ { "id": "KamailioAuth", "filters": ["*string:~*vars.*radReqType:*radAuth"], - "flags": ["*auth", "*accounts","*dispatchers"], + "flags": ["*auth", "*attributes", "*accounts", "*continue"], "request_fields":[ {"tag": "Category", "path": "*cgreq.Category", "type": "*constant", "value": "call"}, - // {"tag": "*api_key", "path": "*api_key", "type": "*constant", "value": "ses12345"}, {"tag": "RequestType", "path": "*cgreq.RequestType", "type": "*constant", - "value": "*prepaid", "mandatory": true}, - {"tag": "OriginID", "path": "*cgreq.OriginID", "type": "*variable", + "value": "*prepaid", "mandatory": true}, + {"tag": "OriginID", "path": "*cgreq.OriginID", "type": "*composed", "value": "~*req.Acct-Session-Id;-;~*req.Sip-From-Tag", "mandatory": true}, {"tag": "Account", "path": "*cgreq.Account", "type": "*variable", "value": "~*req.User-Name", "mandatory": true}, @@ -76,28 +75,44 @@ "value": "~*req.Event-Timestamp", "mandatory": true}, {"tag": "AnswerTime", "path": "*cgreq.AnswerTime", "type": "*variable", "value": "~*req.Event-Timestamp", "mandatory": true}, + {"tag": "PasswordFromAttributes", "path": "*cgreq.PasswordFromAttributes", "type": "*constant", + "value": "*attributes"} ], "reply_fields":[ {"tag": "MaxUsage", "path": "*rep.SIP-AVP", "type": "*variable", "value": "session_max_time#;~*cgrep.MaxUsage{*duration_seconds}", "mandatory": true}, ], }, + { + "id": "RadiusPAPAuth", + "filters": ["*string:~*vars.*radReqType:*radAuth","*exists:~*req.User-Password:"], + "flags": ["*radauth", "*log"], + "request_fields":[ + {"tag": "UserPassword", "path": "*vars.UserPassword", "type": "*variable", + "value": "~*cgrep.Attributes.PasswordFromAttributes"}, + ], + "reply_fields":[ + {"filters": ["*empty:~*cgrep.Error:"], "type": "*none", "blocker": true}, + {"filters": ["*notempty:~*cgrep.Error:"], "type": "*removeall", "path": "*rep"}, + {"tag": "Code", "path": "*rep.*radReplyCode", "type": "*constant", "value": "AccessReject"}, + {"tag": "ReplyMessage", "path": "*rep.Reply-Message", "type": "*variable", "value": "~*cgrep.Error"} + ] + }, { "id": "KamailioAccountingStart", "filters": ["*string:~*req.Acct-Status-Type:Start"], - "flags": ["*initiate", "*attributes", "*resources", "*accounts","*dispatchers"], - "request_fields":[ + "flags": ["*initiate", "*attributes", "*resources", "*accounts"], + "request_fields":[ {"tag": "Category", "path": "*cgreq.Category", "type": "*constant", "value": "call"}, - // {"tag": "*api_key", "path": "*api_key", "type": "*constant", "value": "ses12345"}, {"tag": "RequestType", "path": "*cgreq.RequestType", "type": "*constant", - "value": "*prepaid", "mandatory": true}, - {"tag": "OriginID", "path": "*cgreq.OriginID", "type": "*variable", + "value": "*prepaid", "mandatory": true}, + {"tag": "OriginID", "path": "*cgreq.OriginID", "type": "*composed", "value": "~*req.Acct-Session-Id;-;~*req.Sip-From-Tag;-;~*req.Sip-To-Tag", "mandatory": true}, {"tag": "OriginHost", "path": "*cgreq.OriginHost", "type": "*variable", "value": "~*req.NAS-IP-Address", "mandatory": true}, {"tag": "Account", "path": "*cgreq.Account", "type": "*variable", "value": "~*req.User-Name", "mandatory": true}, - {"tag": "Subject", "path": "*cgreq.Subject", "type": "*variable", + {"tag": "Subject", "path": "*cgreq.Subject", "type": "*composed", "value": "~*req.User-Name", "mandatory": true}, {"tag": "Destination", "path": "*cgreq.Destination", "type": "*variable", "value": "~*req.Called-Station-Id", "mandatory": true}, @@ -112,19 +127,18 @@ { "id": "KamailioAccountingStop", "filters": ["*string:~*req.Acct-Status-Type:Stop"], - "flags": ["*terminate", "*resources", "*accounts", "*cdrs","*dispatchers"], - "request_fields":[ + "flags": ["*terminate", "*resources", "*accounts", "*cdrs"], + "request_fields":[ {"tag": "Category", "path": "*cgreq.Category", "type": "*constant", "value": "call"}, - // {"tag": "*api_key", "path": "*api_key", "type": "*constant", "value": "ses12345"}, {"tag": "RequestType", "path": "*cgreq.RequestType", "type": "*constant", - "value": "*prepaid", "mandatory": true}, - {"tag": "OriginID", "path": "*cgreq.OriginID", "type": "*variable", + "value": "*prepaid", "mandatory": true}, + {"tag": "OriginID", "path": "*cgreq.OriginID", "type": "*composed", "value": "~*req.Acct-Session-Id;-;~*req.Sip-From-Tag;-;~*req.Sip-To-Tag", "mandatory": true}, {"tag": "OriginHost", "path": "*cgreq.OriginHost", "type": "*variable", "value": "~*req.NAS-IP-Address", "mandatory": true}, {"tag": "Account", "path": "*cgreq.Account", "type": "*variable", "value": "~*req.User-Name", "mandatory": true}, - {"tag": "Subject", "path": "*cgreq.Subject", "type": "*variable", + {"tag": "Subject", "path": "*cgreq.Subject", "type": "*composed", "value": "~*req.User-Name", "mandatory": true}, {"tag": "Destination", "path": "*cgreq.Destination", "type": "*variable", "value": "~*req.Called-Station-Id", "mandatory": true}, @@ -138,7 +152,6 @@ ], "reply_fields":[], }, - ], }, diff --git a/data/conf/samples/radagent_internal/cgrates.json b/data/conf/samples/radagent_internal/cgrates.json index c6054e852..bbb61f80a 100644 --- a/data/conf/samples/radagent_internal/cgrates.json +++ b/data/conf/samples/radagent_internal/cgrates.json @@ -70,7 +70,7 @@ { "id": "KamailioAuth", "filters": ["*string:~*vars.*radReqType:*radAuth"], - "flags": ["*auth", "*attributes", "*accounts", "*continue", "*log"], + "flags": ["*auth", "*attributes", "*accounts", "*continue"], "request_fields":[ {"tag": "Category", "path": "*cgreq.Category", "type": "*constant", "value": "call"}, {"tag": "RequestType", "path": "*cgreq.RequestType", "type": "*constant", diff --git a/data/conf/samples/radagent_internal_gob/cgrates.json b/data/conf/samples/radagent_internal_gob/cgrates.json index 3f45a7dea..e9866eda0 100644 --- a/data/conf/samples/radagent_internal_gob/cgrates.json +++ b/data/conf/samples/radagent_internal_gob/cgrates.json @@ -78,7 +78,7 @@ { "id": "KamailioAuth", "filters": ["*string:~*vars.*radReqType:*radAuth"], - "flags": ["*auth", "*accounts"], + "flags": ["*auth", "*attributes", "*accounts", "*continue"], "request_fields":[ {"tag": "Category", "path": "*cgreq.Category", "type": "*constant", "value": "call"}, {"tag": "RequestType", "path": "*cgreq.RequestType", "type": "*constant", @@ -95,12 +95,29 @@ "value": "~*req.Event-Timestamp", "mandatory": true}, {"tag": "AnswerTime", "path": "*cgreq.AnswerTime", "type": "*variable", "value": "~*req.Event-Timestamp", "mandatory": true}, + {"tag": "PasswordFromAttributes", "path": "*cgreq.PasswordFromAttributes", "type": "*constant", + "value": "*attributes"} ], "reply_fields":[ {"tag": "MaxUsage", "path": "*rep.SIP-AVP", "type": "*variable", "value": "session_max_time#;~*cgrep.MaxUsage{*duration_seconds}", "mandatory": true}, ], }, + { + "id": "RadiusPAPAuth", + "filters": ["*string:~*vars.*radReqType:*radAuth","*exists:~*req.User-Password:"], + "flags": ["*radauth", "*log"], + "request_fields":[ + {"tag": "UserPassword", "path": "*vars.UserPassword", "type": "*variable", + "value": "~*cgrep.Attributes.PasswordFromAttributes"}, + ], + "reply_fields":[ + {"filters": ["*empty:~*cgrep.Error:"], "type": "*none", "blocker": true}, + {"filters": ["*notempty:~*cgrep.Error:"], "type": "*removeall", "path": "*rep"}, + {"tag": "Code", "path": "*rep.*radReplyCode", "type": "*constant", "value": "AccessReject"}, + {"tag": "ReplyMessage", "path": "*rep.Reply-Message", "type": "*variable", "value": "~*cgrep.Error"} + ] + }, { "id": "KamailioAccountingStart", "filters": ["*string:~*req.Acct-Status-Type:Start"], @@ -154,7 +171,7 @@ {"tag": "RemoteAddr" , "path": "*cgreq.RemoteAddr", "type": "*remote_host"}, ], "reply_fields":[], - }, + } ] }, diff --git a/data/conf/samples/radagent_mongo/cgrates.json b/data/conf/samples/radagent_mongo/cgrates.json index c785c72bc..48d27c728 100644 --- a/data/conf/samples/radagent_mongo/cgrates.json +++ b/data/conf/samples/radagent_mongo/cgrates.json @@ -73,7 +73,7 @@ { "id": "KamailioAuth", "filters": ["*string:~*vars.*radReqType:*radAuth"], - "flags": ["*auth", "*accounts"], + "flags": ["*auth", "*attributes", "*accounts", "*continue"], "request_fields":[ {"tag": "Category", "path": "*cgreq.Category", "type": "*constant", "value": "call"}, {"tag": "RequestType", "path": "*cgreq.RequestType", "type": "*constant", @@ -90,12 +90,29 @@ "value": "~*req.Event-Timestamp", "mandatory": true}, {"tag": "AnswerTime", "path": "*cgreq.AnswerTime", "type": "*variable", "value": "~*req.Event-Timestamp", "mandatory": true}, + {"tag": "PasswordFromAttributes", "path": "*cgreq.PasswordFromAttributes", "type": "*constant", + "value": "*attributes"} ], "reply_fields":[ {"tag": "MaxUsage", "path": "*rep.SIP-AVP", "type": "*variable", "value": "session_max_time#;~*cgrep.MaxUsage{*duration_seconds}", "mandatory": true}, ], }, + { + "id": "RadiusPAPAuth", + "filters": ["*string:~*vars.*radReqType:*radAuth","*exists:~*req.User-Password:"], + "flags": ["*radauth", "*log"], + "request_fields":[ + {"tag": "UserPassword", "path": "*vars.UserPassword", "type": "*variable", + "value": "~*cgrep.Attributes.PasswordFromAttributes"}, + ], + "reply_fields":[ + {"filters": ["*empty:~*cgrep.Error:"], "type": "*none", "blocker": true}, + {"filters": ["*notempty:~*cgrep.Error:"], "type": "*removeall", "path": "*rep"}, + {"tag": "Code", "path": "*rep.*radReplyCode", "type": "*constant", "value": "AccessReject"}, + {"tag": "ReplyMessage", "path": "*rep.Reply-Message", "type": "*variable", "value": "~*cgrep.Error"} + ] + }, { "id": "KamailioAccountingStart", "filters": ["*string:~*req.Acct-Status-Type:Start"], @@ -149,7 +166,7 @@ {"tag": "RemoteAddr" , "path": "*cgreq.RemoteAddr", "type": "*remote_host"}, ], "reply_fields":[], - }, + } ] }, diff --git a/data/conf/samples/radagent_mongo_gob/cgrates.json b/data/conf/samples/radagent_mongo_gob/cgrates.json index 39fc975f4..c1a103a66 100644 --- a/data/conf/samples/radagent_mongo_gob/cgrates.json +++ b/data/conf/samples/radagent_mongo_gob/cgrates.json @@ -81,7 +81,7 @@ { "id": "KamailioAuth", "filters": ["*string:~*vars.*radReqType:*radAuth"], - "flags": ["*auth", "*accounts"], + "flags": ["*auth", "*attributes", "*accounts", "*continue"], "request_fields":[ {"tag": "Category", "path": "*cgreq.Category", "type": "*constant", "value": "call"}, {"tag": "RequestType", "path": "*cgreq.RequestType", "type": "*constant", @@ -98,12 +98,29 @@ "value": "~*req.Event-Timestamp", "mandatory": true}, {"tag": "AnswerTime", "path": "*cgreq.AnswerTime", "type": "*variable", "value": "~*req.Event-Timestamp", "mandatory": true}, + {"tag": "PasswordFromAttributes", "path": "*cgreq.PasswordFromAttributes", "type": "*constant", + "value": "*attributes"} ], "reply_fields":[ {"tag": "MaxUsage", "path": "*rep.SIP-AVP", "type": "*variable", "value": "session_max_time#;~*cgrep.MaxUsage{*duration_seconds}", "mandatory": true}, ], }, + { + "id": "RadiusPAPAuth", + "filters": ["*string:~*vars.*radReqType:*radAuth","*exists:~*req.User-Password:"], + "flags": ["*radauth", "*log"], + "request_fields":[ + {"tag": "UserPassword", "path": "*vars.UserPassword", "type": "*variable", + "value": "~*cgrep.Attributes.PasswordFromAttributes"}, + ], + "reply_fields":[ + {"filters": ["*empty:~*cgrep.Error:"], "type": "*none", "blocker": true}, + {"filters": ["*notempty:~*cgrep.Error:"], "type": "*removeall", "path": "*rep"}, + {"tag": "Code", "path": "*rep.*radReplyCode", "type": "*constant", "value": "AccessReject"}, + {"tag": "ReplyMessage", "path": "*rep.Reply-Message", "type": "*variable", "value": "~*cgrep.Error"} + ] + }, { "id": "KamailioAccountingStart", "filters": ["*string:~*req.Acct-Status-Type:Start"], @@ -157,7 +174,7 @@ {"tag": "RemoteAddr" , "path": "*cgreq.RemoteAddr", "type": "*remote_host"}, ], "reply_fields":[], - }, + } ] }, diff --git a/data/conf/samples/radagent_mysql/cgrates.json b/data/conf/samples/radagent_mysql/cgrates.json index 96146374c..513354430 100644 --- a/data/conf/samples/radagent_mysql/cgrates.json +++ b/data/conf/samples/radagent_mysql/cgrates.json @@ -69,7 +69,7 @@ { "id": "KamailioAuth", "filters": ["*string:~*vars.*radReqType:*radAuth"], - "flags": ["*auth", "*accounts"], + "flags": ["*auth", "*attributes", "*accounts", "*continue"], "request_fields":[ {"tag": "Category", "path": "*cgreq.Category", "type": "*constant", "value": "call"}, {"tag": "RequestType", "path": "*cgreq.RequestType", "type": "*constant", @@ -86,12 +86,29 @@ "value": "~*req.Event-Timestamp", "mandatory": true}, {"tag": "AnswerTime", "path": "*cgreq.AnswerTime", "type": "*variable", "value": "~*req.Event-Timestamp", "mandatory": true}, + {"tag": "PasswordFromAttributes", "path": "*cgreq.PasswordFromAttributes", "type": "*constant", + "value": "*attributes"} ], "reply_fields":[ {"tag": "MaxUsage", "path": "*rep.SIP-AVP", "type": "*variable", "value": "session_max_time#;~*cgrep.MaxUsage{*duration_seconds}", "mandatory": true}, ], }, + { + "id": "RadiusPAPAuth", + "filters": ["*string:~*vars.*radReqType:*radAuth","*exists:~*req.User-Password:"], + "flags": ["*radauth", "*log"], + "request_fields":[ + {"tag": "UserPassword", "path": "*vars.UserPassword", "type": "*variable", + "value": "~*cgrep.Attributes.PasswordFromAttributes"}, + ], + "reply_fields":[ + {"filters": ["*empty:~*cgrep.Error:"], "type": "*none", "blocker": true}, + {"filters": ["*notempty:~*cgrep.Error:"], "type": "*removeall", "path": "*rep"}, + {"tag": "Code", "path": "*rep.*radReplyCode", "type": "*constant", "value": "AccessReject"}, + {"tag": "ReplyMessage", "path": "*rep.Reply-Message", "type": "*variable", "value": "~*cgrep.Error"} + ] + }, { "id": "KamailioAccountingStart", "filters": ["*string:~*req.Acct-Status-Type:Start"], @@ -145,7 +162,7 @@ {"tag": "RemoteAddr" , "path": "*cgreq.RemoteAddr", "type": "*remote_host"}, ], "reply_fields":[], - }, + } ] }, diff --git a/data/conf/samples/radagent_mysql_gob/cgrates.json b/data/conf/samples/radagent_mysql_gob/cgrates.json index 706449776..8cef9f440 100644 --- a/data/conf/samples/radagent_mysql_gob/cgrates.json +++ b/data/conf/samples/radagent_mysql_gob/cgrates.json @@ -76,7 +76,7 @@ { "id": "KamailioAuth", "filters": ["*string:~*vars.*radReqType:*radAuth"], - "flags": ["*auth", "*accounts"], + "flags": ["*auth", "*attributes", "*accounts", "*continue"], "request_fields":[ {"tag": "Category", "path": "*cgreq.Category", "type": "*constant", "value": "call"}, {"tag": "RequestType", "path": "*cgreq.RequestType", "type": "*constant", @@ -93,12 +93,29 @@ "value": "~*req.Event-Timestamp", "mandatory": true}, {"tag": "AnswerTime", "path": "*cgreq.AnswerTime", "type": "*variable", "value": "~*req.Event-Timestamp", "mandatory": true}, + {"tag": "PasswordFromAttributes", "path": "*cgreq.PasswordFromAttributes", "type": "*constant", + "value": "*attributes"} ], "reply_fields":[ {"tag": "MaxUsage", "path": "*rep.SIP-AVP", "type": "*variable", "value": "session_max_time#;~*cgrep.MaxUsage{*duration_seconds}", "mandatory": true}, ], }, + { + "id": "RadiusPAPAuth", + "filters": ["*string:~*vars.*radReqType:*radAuth","*exists:~*req.User-Password:"], + "flags": ["*radauth", "*log"], + "request_fields":[ + {"tag": "UserPassword", "path": "*vars.UserPassword", "type": "*variable", + "value": "~*cgrep.Attributes.PasswordFromAttributes"}, + ], + "reply_fields":[ + {"filters": ["*empty:~*cgrep.Error:"], "type": "*none", "blocker": true}, + {"filters": ["*notempty:~*cgrep.Error:"], "type": "*removeall", "path": "*rep"}, + {"tag": "Code", "path": "*rep.*radReplyCode", "type": "*constant", "value": "AccessReject"}, + {"tag": "ReplyMessage", "path": "*rep.Reply-Message", "type": "*variable", "value": "~*cgrep.Error"} + ] + }, { "id": "KamailioAccountingStart", "filters": ["*string:~*req.Acct-Status-Type:Start"], @@ -152,7 +169,7 @@ {"tag": "RemoteAddr" , "path": "*cgreq.RemoteAddr", "type": "*remote_host"}, ], "reply_fields":[], - }, + } ] }, diff --git a/data/tariffplans/oldtutorial/Attributes.csv b/data/tariffplans/oldtutorial/Attributes.csv index 434e3df8e..8563610bc 100644 --- a/data/tariffplans/oldtutorial/Attributes.csv +++ b/data/tariffplans/oldtutorial/Attributes.csv @@ -1,4 +1,4 @@ #Tenant,ID,Contexts,FilterIDs,ActivationInterval,AttributeFilterIDs,Path,Type,Value,Blocker,Weight cgrates.org,ATTR_1,*sessions;*cdrs,*string:~*req.Account:1007,2014-01-14T00:00:00Z,,*req.Account,*constant,1001,false,10 cgrates.org,ATTR_1,,,,,*req.Subject,*constant,1001,, -cgrates.org,ATTR_PASS,*sessions,*string:~*req.Account:1001,,,*req.PasswordFromAttributes,*constant,CGRateS.org,false,10 \ No newline at end of file +cgrates.org,ATTR_PASS,*sessions,*string:~*req.Account:1001,,,*req.PasswordFromAttributes,*constant,CGRateSPassword1,false,10 \ No newline at end of file diff --git a/go.mod b/go.mod index dd9caa776..cc348dcb7 100644 --- a/go.mod +++ b/go.mod @@ -22,7 +22,7 @@ require ( github.com/cgrates/fsock v0.0.0-20190623100231-317895b42f1a github.com/cgrates/kamevapi v0.0.0-20191001125829-7dbc3ad58817 github.com/cgrates/ltcache v0.0.0-20181016092649-92fb7fa77cca - github.com/cgrates/radigo v0.0.0-20200309151443-bb470a5a5c8d + github.com/cgrates/radigo v0.0.0-20200318092814-07da25249ae6 github.com/cgrates/rpcclient v0.0.0-20200107134035-188454eb71b3 github.com/creack/pty v1.1.7 github.com/fiorix/go-diameter v3.0.3-0.20190716165154-f4823472d0e0+incompatible diff --git a/go.sum b/go.sum index 1e37b0dcc..048c2727b 100644 --- a/go.sum +++ b/go.sum @@ -73,6 +73,8 @@ github.com/cgrates/radigo v0.0.0-20200306160903-17b28bb0e1bb h1:LnoYQFohxLduxNFZ github.com/cgrates/radigo v0.0.0-20200306160903-17b28bb0e1bb/go.mod h1:mTCzHAYfgZlRe0HorDz+jy2JTrNvNuKkHBAUjDZBWq8= github.com/cgrates/radigo v0.0.0-20200309151443-bb470a5a5c8d h1:4dDI8QG+rkQTNWwsRmeAQWLaofRvVRd3JgG/h4o9VG0= github.com/cgrates/radigo v0.0.0-20200309151443-bb470a5a5c8d/go.mod h1:mTCzHAYfgZlRe0HorDz+jy2JTrNvNuKkHBAUjDZBWq8= +github.com/cgrates/radigo v0.0.0-20200318092814-07da25249ae6 h1:NLRfnSh1TGtCrgxVnpaSOEiwprmf/sQ+aOTM1kiEvaE= +github.com/cgrates/radigo v0.0.0-20200318092814-07da25249ae6/go.mod h1:mTCzHAYfgZlRe0HorDz+jy2JTrNvNuKkHBAUjDZBWq8= github.com/cgrates/rpcclient v0.0.0-20190505150825-8fcc68b2c38b h1:GC+/hEDN/2Frh8Tjkf7u1XFxj0Z2XtwjBxj0OH6Mzhw= github.com/cgrates/rpcclient v0.0.0-20190505150825-8fcc68b2c38b/go.mod h1:Jy5Lv0y57OlxlNATKrkyAxgftYLHqXuxONgd4qsAC1U= github.com/cgrates/rpcclient v0.0.0-20191115092211-732f09b356e3 h1:Hr038ZfPZz87OKLV4pRSzf3U06lZ8zjl/cXpwrv7hCM= diff --git a/utils/consts.go b/utils/consts.go index 7e8a6f717..fcfff939a 100755 --- a/utils/consts.go +++ b/utils/consts.go @@ -709,8 +709,6 @@ const ( FileName = "FileName" MetaRadauth = "*radauth" UserPassword = "UserPassword" - RadiusPassword = "RadiusPassword" - CHAPPassword = "CHAP-Password" ) // Migrator Action