2 * modules.c Radius module support.
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 2 of the License, or
9 * (at your option) any later version.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
20 * Copyright 2003,2006 The FreeRADIUS server project
21 * Copyright 2000 Alan DeKok <aland@ox.org>
22 * Copyright 2000 Alan Curry <pacman@world.std.com>
25 #include <freeradius-devel/ident.h>
28 #include <freeradius-devel/radiusd.h>
29 #include <freeradius-devel/modpriv.h>
30 #include <freeradius-devel/modcall.h>
31 #include <freeradius-devel/rad_assert.h>
33 extern int check_config;
35 typedef struct indexed_modcallable {
38 modcallable *modulelist;
39 } indexed_modcallable;
41 typedef struct virtual_server_t {
47 struct virtual_server_t *next;
51 * Keep a hash of virtual servers, so that we can reload them.
53 #define VIRTUAL_SERVER_HASH_SIZE (256)
54 static virtual_server_t *virtual_servers[VIRTUAL_SERVER_HASH_SIZE];
56 static rbtree_t *module_tree = NULL;
58 static rbtree_t *instance_tree = NULL;
60 typedef struct section_type_value_t {
64 } section_type_value_t;
66 struct fr_module_hup_t {
67 module_instance_t *mi;
70 fr_module_hup_t *next;
75 * Ordered by component
77 static const section_type_value_t section_type_value[RLM_COMPONENT_COUNT] = {
78 { "authenticate", "Auth-Type", PW_AUTH_TYPE },
79 { "authorize", "Autz-Type", PW_AUTZ_TYPE },
80 { "preacct", "Pre-Acct-Type", PW_PRE_ACCT_TYPE },
81 { "accounting", "Acct-Type", PW_ACCT_TYPE },
82 { "session", "Session-Type", PW_SESSION_TYPE },
83 { "pre-proxy", "Pre-Proxy-Type", PW_PRE_PROXY_TYPE },
84 { "post-proxy", "Post-Proxy-Type", PW_POST_PROXY_TYPE },
85 { "post-auth", "Post-Auth-Type", PW_POST_AUTH_TYPE },
89 #ifdef WITHOUT_LIBLTDL
90 typedef struct lt_dlmodule_t {
96 * Define modules here.
98 extern module_t rlm_pap;
99 extern module_t rlm_chap;
100 extern module_t rlm_eap;
103 * EAP structures are defined elsewhere.
105 typedef struct eap_type_t EAP_TYPE;
108 * And so on for other EAP types.
110 extern EAP_TYPE rlm_eap_md5;
112 static const lt_dlmodule_t lt_dlmodules[] = {
113 { "rlm_pap", &rlm_pap },
114 { "rlm_chap", &rlm_chap },
115 { "rlm_eap", &rlm_eap },
116 { "rlm_eap_md5", &rlm_eap_md5 },
119 * Add other modules here.
126 lt_dlhandle lt_dlopenext(const char *name)
130 for (i = 0; lt_dlmodules[i].name != NULL; i++) {
131 if (strcmp(name, lt_dlmodules[i].name) == 0) {
132 return lt_dlmodules[i].ref;
139 void *lt_dlsym(lt_dlhandle handle, UNUSED const char *symbol)
143 #endif /* WITHOUT_LIBLTDL */
145 static int virtual_server_idx(const char *name)
151 hash = fr_hash_string(name);
153 return hash & (VIRTUAL_SERVER_HASH_SIZE - 1);
156 static void virtual_server_free(virtual_server_t *server)
160 if (server->components) rbtree_free(server->components);
161 server->components = NULL;
166 void virtual_servers_free(time_t when)
169 virtual_server_t **last;
171 for (i = 0; i < VIRTUAL_SERVER_HASH_SIZE; i++) {
172 virtual_server_t *server, *next;
174 last = &virtual_servers[i];
175 for (server = virtual_servers[i];
181 * If we delete it, fix the links so that
182 * we don't orphan anything. Also,
183 * delete it if it's old, AND a newer one
186 * Otherwise, the last pointer gets set to
187 * the one we didn't delete.
190 ((server->created < when) && server->can_free)) {
191 *last = server->next;
192 virtual_server_free(server);
194 last = &(server->next);
200 static void indexed_modcallable_free(void *data)
202 indexed_modcallable *c = data;
204 modcallable_free(&c->modulelist);
208 static int indexed_modcallable_cmp(const void *one, const void *two)
210 const indexed_modcallable *a = one;
211 const indexed_modcallable *b = two;
213 if (a->comp < b->comp) return -1;
214 if (a->comp > b->comp) return +1;
216 return a->idx - b->idx;
221 * Compare two module entries
223 static int module_instance_cmp(const void *one, const void *two)
225 const module_instance_t *a = one;
226 const module_instance_t *b = two;
228 return strcmp(a->name, b->name);
232 static void module_instance_free_old(CONF_SECTION *cs, module_instance_t *node,
235 fr_module_hup_t *mh, **last;
238 * Walk the list, freeing up old instances.
245 * Free only every 60 seconds.
247 if ((when - mh->when) < 60) {
252 cf_section_parse_free(cs, mh->insthandle);
254 if (node->entry->module->detach) {
255 (node->entry->module->detach)(mh->insthandle);
257 free(mh->insthandle);
267 * Free a module instance.
269 static void module_instance_free(void *data)
271 module_instance_t *this = data;
273 module_instance_free_old(this->cs, this, time(NULL) + 100);
275 if (this->entry->module->detach) {
276 (this->entry->module->detach)(this->insthandle);
279 #ifdef HAVE_PTHREAD_H
283 * The mutex MIGHT be locked...
284 * we'll check for that later, I guess.
286 pthread_mutex_destroy(this->mutex);
290 memset(this, 0, sizeof(*this));
296 * Compare two module entries
298 static int module_entry_cmp(const void *one, const void *two)
300 const module_entry_t *a = one;
301 const module_entry_t *b = two;
303 return strcmp(a->name, b->name);
307 * Free a module entry.
309 static void module_entry_free(void *data)
311 module_entry_t *this = data;
313 lt_dlclose(this->handle); /* ignore any errors */
314 memset(this, 0, sizeof(*this));
320 * Remove the module lists.
322 int detach_modules(void)
324 rbtree_free(instance_tree);
325 rbtree_free(module_tree);
334 * Find a module on disk or in memory, and link to it.
336 static module_entry_t *linkto_module(const char *module_name,
339 module_entry_t myentry;
340 module_entry_t *node;
342 char module_struct[256];
344 const module_t *module;
346 strlcpy(myentry.name, module_name, sizeof(myentry.name));
347 node = rbtree_finddata(module_tree, &myentry);
348 if (node) return node;
351 * Keep the handle around so we can dlclose() it.
353 handle = lt_dlopenext(module_name);
354 if (handle == NULL) {
355 cf_log_err(cf_sectiontoitem(cs),
356 "Failed to link to module '%s': %s\n",
357 module_name, lt_dlerror());
362 * Link to the module's rlm_FOO{} module structure.
364 * The module_name variable has the version number
365 * embedded in it, and we don't want that here.
367 strcpy(module_struct, module_name);
368 p = strrchr(module_struct, '-');
371 DEBUG3(" (Loaded %s, checking if it's valid)", module_name);
374 * libltld MAY core here, if the handle it gives us contains
377 module = lt_dlsym(handle, module_struct);
379 cf_log_err(cf_sectiontoitem(cs),
380 "Failed linking to %s structure: %s\n",
381 module_name, lt_dlerror());
386 * Before doing anything else, check if it's sane.
388 if (module->magic != RLM_MODULE_MAGIC_NUMBER) {
390 cf_log_err(cf_sectiontoitem(cs),
391 "Invalid version in module '%s'",
397 /* make room for the module type */
398 node = rad_malloc(sizeof(*node));
399 memset(node, 0, sizeof(*node));
400 strlcpy(node->name, module_name, sizeof(node->name));
401 node->module = module;
402 node->handle = handle;
404 cf_log_module(cs, "Linked to module %s", module_name);
407 * Add the module as "rlm_foo-version" to the configuration
410 if (!rbtree_insert(module_tree, node)) {
411 radlog(L_ERR, "Failed to cache module %s", module_name);
421 * Find a module instance.
423 module_instance_t *find_module_instance(CONF_SECTION *modules,
424 const char *instname, int do_link)
426 int check_config_safe = FALSE;
428 const char *name1, *name2;
429 module_instance_t *node, myNode;
430 char module_name[256];
432 if (!modules) return NULL;
435 * Module instances are declared in the modules{} block
436 * and referenced later by their name, which is the
437 * name2 from the config section, or name1 if there was
440 cs = cf_section_sub_find_name2(modules, NULL, instname);
442 radlog(L_ERR, "ERROR: Cannot find a configuration entry for module \"%s\".\n", instname);
447 * If there's already a module instance, return it.
449 strlcpy(myNode.name, instname, sizeof(myNode.name));
450 node = rbtree_finddata(instance_tree, &myNode);
451 if (node) return node;
453 if (!do_link) return NULL;
455 name1 = cf_section_name1(cs);
456 name2 = cf_section_name2(cs);
459 * Found the configuration entry.
461 node = rad_malloc(sizeof(*node));
462 memset(node, 0, sizeof(*node));
464 node->insthandle = NULL;
468 * Names in the "modules" section aren't prefixed
469 * with "rlm_", so we add it here.
471 snprintf(module_name, sizeof(module_name), "rlm_%s", name1);
473 node->entry = linkto_module(module_name, cs);
476 /* linkto_module logs any errors */
480 if (check_config && (node->entry->module->instantiate) &&
481 (node->entry->module->type & RLM_TYPE_CHECK_CONFIG_SAFE) == 0) {
482 const char *value = NULL;
485 cp = cf_pair_find(cs, "force_check_config");
486 if (cp) value = cf_pair_value(cp);
488 if (value && (strcmp(value, "yes") == 0)) goto print_inst;
490 cf_log_module(cs, "Skipping instantiation of %s", instname);
493 check_config_safe = TRUE;
494 cf_log_module(cs, "Instantiating %s", instname);
498 * Call the module's instantiation routine.
500 if ((node->entry->module->instantiate) &&
501 (!check_config || check_config_safe) &&
502 ((node->entry->module->instantiate)(cs, &node->insthandle) < 0)) {
503 cf_log_err(cf_sectiontoitem(cs),
504 "Instantiation failed for module \"%s\"",
511 * We're done. Fill in the rest of the data structure,
512 * and link it to the module instance list.
514 strlcpy(node->name, instname, sizeof(node->name));
516 #ifdef HAVE_PTHREAD_H
518 * If we're threaded, check if the module is thread-safe.
520 * If it isn't, we create a mutex.
522 if ((node->entry->module->type & RLM_TYPE_THREAD_UNSAFE) != 0) {
523 node->mutex = (pthread_mutex_t *) rad_malloc(sizeof(pthread_mutex_t));
525 * Initialize the mutex.
527 pthread_mutex_init(node->mutex, NULL);
530 * The module is thread-safe. Don't give it a mutex.
536 rbtree_insert(instance_tree, node);
541 static indexed_modcallable *lookup_by_index(rbtree_t *components,
544 indexed_modcallable myc;
549 return rbtree_finddata(components, &myc);
553 * Create a new sublist.
555 static indexed_modcallable *new_sublist(rbtree_t *components, int comp, int idx)
557 indexed_modcallable *c;
559 c = lookup_by_index(components, comp, idx);
561 /* It is an error to try to create a sublist that already
562 * exists. It would almost certainly be caused by accidental
563 * duplication in the config file.
565 * index 0 is the exception, because it is used when we want
566 * to collect _all_ listed modules under a single index by
567 * default, which is currently the case in all components
568 * except authenticate. */
576 c = rad_malloc(sizeof(*c));
577 c->modulelist = NULL;
581 if (!rbtree_insert(components, c)) {
589 int indexed_modcall(int comp, int idx, REQUEST *request)
592 indexed_modcallable *this;
593 modcallable *list = NULL;
594 virtual_server_t *server;
596 rcode = virtual_server_idx(request->server);
597 for (server = virtual_servers[rcode];
599 server = server->next) {
600 if (!request->server && !server->name) break;
602 if ((request->server && server->name) &&
603 (strcmp(request->server, server->name) == 0)) break;
607 RDEBUG("No such virtual server %s", request->server);
608 return RLM_MODULE_FAIL;
611 this = lookup_by_index(server->components, comp, idx);
613 if (idx != 0) DEBUG2(" WARNING: Unknown value specified for %s. Cannot perform requested action.",
614 section_type_value[comp].typename);
616 list = this->modulelist;
619 request->component = section_type_value[comp].section;
621 rcode = modcall(comp, list, request);
623 request->module = "";
624 request->component = "";
629 * Load a sub-module list, as found inside an Auth-Type foo {}
632 static int load_subcomponent_section(modcallable *parent, CONF_SECTION *cs,
633 rbtree_t *components, int attr, int comp)
635 indexed_modcallable *subcomp;
638 const char *name2 = cf_section_name2(cs);
640 rad_assert(comp >= RLM_COMPONENT_AUTH);
641 rad_assert(comp < RLM_COMPONENT_COUNT);
647 cf_log_err(cf_sectiontoitem(cs),
648 "No name specified for %s block",
649 section_type_value[comp].typename);
656 ml = compile_modgroup(parent, comp, cs);
662 * We must assign a numeric index to this subcomponent.
663 * It is generated and placed in the dictionary
664 * automatically. If it isn't found, it's a serious
667 dval = dict_valbyname(attr, name2);
669 cf_log_err(cf_sectiontoitem(cs),
670 "%s %s Not previously configured",
671 section_type_value[comp].typename, name2);
672 modcallable_free(&ml);
676 subcomp = new_sublist(components, comp, dval->value);
678 modcallable_free(&ml);
682 subcomp->modulelist = ml;
686 static int define_type(const DICT_ATTR *dattr, const char *name)
692 * If the value already exists, don't
695 dval = dict_valbyname(dattr->attr, name);
699 * Create a new unique value with a
700 * meaningless number. You can't look at
701 * it from outside of this code, so it
702 * doesn't matter. The only requirement
703 * is that it's unique.
706 value = fr_rand() & 0x00ffffff;
707 } while (dict_valbyattr(dattr->attr, value));
709 if (dict_addvalue(name, dattr->name, value) < 0) {
710 radlog(L_ERR, "%s", fr_strerror());
717 static int load_component_section(CONF_SECTION *cs,
718 rbtree_t *components, int comp)
723 indexed_modcallable *subcomp;
725 const char *visiblename;
726 const DICT_ATTR *dattr;
729 * Find the attribute used to store VALUEs for this section.
731 dattr = dict_attrbyvalue(section_type_value[comp].attr);
733 cf_log_err(cf_sectiontoitem(cs),
734 "No such attribute %s",
735 section_type_value[comp].typename);
740 * Loop over the entries in the named section, loading
741 * the sections this time.
743 for (modref = cf_item_find_next(cs, NULL);
745 modref = cf_item_find_next(cs, modref)) {
747 CONF_PAIR *cp = NULL;
748 CONF_SECTION *scs = NULL;
750 if (cf_item_is_section(modref)) {
751 scs = cf_itemtosection(modref);
753 name1 = cf_section_name1(scs);
756 section_type_value[comp].typename) == 0) {
757 if (!load_subcomponent_section(NULL, scs,
761 return -1; /* FIXME: memleak? */
768 } else if (cf_item_is_pair(modref)) {
769 cp = cf_itemtopair(modref);
772 continue; /* ignore it */
776 * Try to compile one entry.
778 this = compile_modsingle(NULL, comp, modref, &modname);
780 cf_log_err(cf_sectiontoitem(cs),
781 "Errors parsing %s section.\n",
782 cf_section_name1(cs));
787 * Look for Auth-Type foo {}, which are special
788 * cases of named sections, and allowable ONLY
791 * i.e. They're not allowed in a "group" or "redundant"
794 if (comp == RLM_COMPONENT_AUTH) {
796 const char *modrefname = NULL;
798 modrefname = cf_pair_attr(cp);
800 modrefname = cf_section_name2(scs);
802 modcallable_free(&this);
803 cf_log_err(cf_sectiontoitem(cs),
804 "Errors parsing %s sub-section.\n",
805 cf_section_name1(scs));
810 dval = dict_valbyname(PW_AUTH_TYPE, modrefname);
813 * It's a section, but nothing we
816 modcallable_free(&this);
817 cf_log_err(cf_sectiontoitem(cs),
818 "Unknown Auth-Type \"%s\" in %s sub-section.",
819 modrefname, section_type_value[comp].section);
824 /* See the comment in new_sublist() for explanation
825 * of the special index 0 */
829 subcomp = new_sublist(components, comp, idx);
830 if (subcomp == NULL) {
831 modcallable_free(&this);
835 /* If subcomp->modulelist is NULL, add_to_modcallable will
837 visiblename = cf_section_name2(cs);
838 if (visiblename == NULL)
839 visiblename = cf_section_name1(cs);
840 add_to_modcallable(&subcomp->modulelist, this,
847 static int load_byserver(CONF_SECTION *cs)
850 const char *name = cf_section_name2(cs);
851 rbtree_t *components;
852 virtual_server_t *server = NULL;
855 cf_log_info(cs, "server %s {", name);
857 cf_log_info(cs, "server {");
860 cf_log_info(cs, " modules {");
862 components = rbtree_create(indexed_modcallable_cmp,
863 indexed_modcallable_free, 0);
865 radlog(L_ERR, "Failed to initialize components\n");
869 server = rad_malloc(sizeof(*server));
870 memset(server, 0, sizeof(*server));
873 server->created = time(NULL);
875 server->components = components;
878 * Define types first.
880 for (comp = 0; comp < RLM_COMPONENT_COUNT; ++comp) {
885 subcs = cf_section_sub_find(cs,
886 section_type_value[comp].section);
887 if (!subcs) continue;
889 if (cf_item_find_next(subcs, NULL) == NULL) continue;
892 * Find the attribute used to store VALUEs for this section.
894 dattr = dict_attrbyvalue(section_type_value[comp].attr);
896 cf_log_err(cf_sectiontoitem(subcs),
897 "No such attribute %s",
898 section_type_value[comp].typename);
900 cf_log_info(cs, " } # modules");
901 cf_log_info(cs, "} # server");
902 if (debug_flag == 0) {
903 radlog(L_ERR, "Failed to load virtual server %s",
904 (name != NULL) ? name : "<default>");
906 virtual_server_free(server);
911 * Define dynamic types, so that others can reference
914 for (modref = cf_item_find_next(subcs, NULL);
916 modref = cf_item_find_next(subcs, modref)) {
918 CONF_SECTION *subsubcs;
921 * Create types for simple references
922 * only when parsing the authenticate
925 if ((section_type_value[comp].attr == PW_AUTH_TYPE) &&
926 cf_item_is_pair(modref)) {
927 CONF_PAIR *cp = cf_itemtopair(modref);
928 if (!define_type(dattr, cf_pair_attr(cp))) {
935 if (!cf_item_is_section(modref)) continue;
937 subsubcs = cf_itemtosection(modref);
938 name1 = cf_section_name1(subsubcs);
940 if (strcmp(name1, section_type_value[comp].typename) == 0) {
941 if (!define_type(dattr,
942 cf_section_name2(subsubcs))) {
943 cf_log_info(cs, " }");
948 } /* loop over components */
951 * Loop over all of the known components, finding their
952 * configuration section, and loading it.
955 for (comp = 0; comp < RLM_COMPONENT_COUNT; ++comp) {
958 subcs = cf_section_sub_find(cs,
959 section_type_value[comp].section);
960 if (!subcs) continue;
962 if (cf_item_find_next(subcs, NULL) == NULL) continue;
964 cf_log_module(cs, "Checking %s {...} for more modules to load",
965 section_type_value[comp].section);
969 * Skip pre/post-proxy sections if we're not
972 if (!mainconfig.proxy_requests &&
973 ((comp == PW_PRE_PROXY_TYPE) ||
974 (comp == PW_PRE_PROXY_TYPE))) {
979 if (load_component_section(subcs, components, comp) < 0) {
980 cf_log_info(cs, " }");
984 } /* loop over components */
987 * We haven't loaded any of the normal sections. Maybe we're
988 * supposed to load the vmps section.
990 * This is a bit of a hack...
995 subcs = cf_section_sub_find(cs, "vmps");
997 cf_log_module(cs, "Checking vmps {...} for more modules to load");
998 if (load_component_section(subcs, components,
999 RLM_COMPONENT_POST_AUTH) < 0) {
1007 const DICT_ATTR *dattr;
1009 dattr = dict_attrbyname("DHCP-Message-Type");
1011 radlog(L_ERR, "No DHCP-Message-Type attribute");
1016 * Handle each DHCP Message type separately.
1018 for (subcs = cf_subsection_find_next(cs, NULL,
1021 subcs = cf_subsection_find_next(cs, subcs,
1023 const char *name2 = cf_section_name2(subcs);
1025 DEBUG2(" Module: Checking dhcp %s {...} for more modules to load", name2);
1026 if (!load_subcomponent_section(NULL, subcs,
1029 RLM_COMPONENT_POST_AUTH)) {
1030 goto error; /* FIXME: memleak? */
1038 cf_log_info(cs, " } # modules");
1039 cf_log_info(cs, "} # server");
1041 if (!flag && name) {
1042 DEBUG("WARNING: Server %s is empty, and will do nothing!",
1046 if (debug_flag == 0) {
1047 radlog(L_INFO, "Loaded virtual server %s",
1048 (name != NULL) ? name : "<default>");
1052 * Now that it is OK, insert it into the list.
1054 * This is thread-safe...
1056 comp = virtual_server_idx(name);
1057 server->next = virtual_servers[comp];
1058 virtual_servers[comp] = server;
1061 * Mark OLDER ones of the same name as being unused.
1063 server = server->next;
1065 if ((!name && !server->name) ||
1066 (name && server->name &&
1067 (strcmp(server->name, name) == 0))) {
1068 server->can_free = TRUE;
1071 server = server->next;
1079 * Load all of the virtual servers.
1081 int virtual_servers_load(CONF_SECTION *config)
1083 int null_server = FALSE;
1085 static int first_time = TRUE;
1087 DEBUG2("%s: #### Loading Virtual Servers ####", mainconfig.name);
1090 * Load all of the virtual servers.
1092 for (cs = cf_subsection_find_next(config, NULL, "server");
1094 cs = cf_subsection_find_next(config, cs, "server")) {
1095 if (!cf_section_name2(cs)) null_server = TRUE;
1097 if (load_byserver(cs) < 0) {
1099 * Once we successfully staryed once,
1100 * continue loading the OTHER servers,
1101 * even if one fails.
1103 if (!first_time) continue;
1109 * No empty server defined. Try to load an old-style
1110 * one for backwards compatibility.
1113 if (load_byserver(config) < 0) {
1119 * If we succeed the first time around, remember that.
1126 int module_hup_module(CONF_SECTION *cs, module_instance_t *node, time_t when)
1128 void *insthandle = NULL;
1129 fr_module_hup_t *mh;
1132 !node->entry->module->instantiate ||
1133 ((node->entry->module->type & RLM_TYPE_HUP_SAFE) == 0)) {
1137 cf_log_module(cs, "Trying to reload module \"%s\"", node->name);
1139 if ((node->entry->module->instantiate)(cs, &insthandle) < 0) {
1140 cf_log_err(cf_sectiontoitem(cs),
1141 "HUP failed for module \"%s\". Using old configuration.",
1146 radlog(L_INFO, " Module: Reloaded module \"%s\"", node->name);
1148 module_instance_free_old(cs, node, when);
1151 * Save the old instance handle for later deletion.
1153 mh = rad_malloc(sizeof(*mh));
1156 mh->insthandle = node->insthandle;
1157 mh->next = node->mh;
1160 node->insthandle = insthandle;
1163 * FIXME: Set a timeout to come back in 60s, so that
1164 * we can pro-actively clean up the old instances.
1171 int module_hup(CONF_SECTION *modules)
1176 module_instance_t *node;
1178 if (!modules) return 0;
1183 * Loop over the modules
1185 for (ci=cf_item_find_next(modules, NULL);
1187 ci=cf_item_find_next(modules, ci)) {
1188 const char *instname;
1189 module_instance_t myNode;
1192 * If it's not a section, ignore it.
1194 if (!cf_item_is_section(ci)) continue;
1196 cs = cf_itemtosection(ci);
1197 instname = cf_section_name2(cs);
1198 if (!instname) instname = cf_section_name1(cs);
1200 strlcpy(myNode.name, instname, sizeof(myNode.name));
1201 node = rbtree_finddata(instance_tree, &myNode);
1203 module_hup_module(cs, node, when);
1211 * Parse the module config sections, and load
1212 * and call each module's init() function.
1214 * Libtool makes your life a LOT easier, especially with libltdl.
1215 * see: http://www.gnu.org/software/libtool/
1217 int setup_modules(int reload, CONF_SECTION *config)
1219 CONF_SECTION *cs, *modules;
1220 rad_listen_t *listener;
1222 if (reload) return 0;
1225 * If necessary, initialize libltdl.
1229 * Set the default list of preloaded symbols.
1230 * This is used to initialize libltdl's list of
1231 * preloaded modules.
1233 * i.e. Static modules.
1235 LTDL_SET_PRELOADED_SYMBOLS();
1237 if (lt_dlinit() != 0) {
1238 radlog(L_ERR, "Failed to initialize libraries: %s\n",
1244 * Set the search path to ONLY our library directory.
1245 * This prevents the modules from being found from
1246 * any location on the disk.
1248 lt_dlsetsearchpath(radlib_dir);
1251 * Set up the internal module struct.
1253 module_tree = rbtree_create(module_entry_cmp,
1254 module_entry_free, 0);
1256 radlog(L_ERR, "Failed to initialize modules\n");
1260 instance_tree = rbtree_create(module_instance_cmp,
1261 module_instance_free, 0);
1262 if (!instance_tree) {
1263 radlog(L_ERR, "Failed to initialize modules\n");
1268 memset(virtual_servers, 0, sizeof(virtual_servers));
1271 * Remember where the modules were stored.
1273 modules = cf_section_sub_find(config, "modules");
1275 radlog(L_ERR, "Cannot find a \"modules\" section in the configuration file!");
1279 DEBUG2("%s: #### Instantiating modules ####", mainconfig.name);
1282 * Look for the 'instantiate' section, which tells us
1283 * the instantiation order of the modules, and also allows
1284 * us to load modules with no authorize/authenticate/etc.
1287 cs = cf_section_sub_find(config, "instantiate");
1291 module_instance_t *module;
1294 cf_log_info(cs, " instantiate {");
1297 * Loop over the items in the 'instantiate' section.
1299 for (ci=cf_item_find_next(cs, NULL);
1301 ci=cf_item_find_next(cs, ci)) {
1304 * Skip sections and "other" stuff.
1305 * Sections will be handled later, if
1306 * they're referenced at all...
1308 if (!cf_item_is_pair(ci)) {
1312 cp = cf_itemtopair(ci);
1313 name = cf_pair_attr(cp);
1314 module = find_module_instance(modules, name, 1);
1318 } /* loop over items in the subsection */
1320 cf_log_info(cs, " }");
1321 } /* if there's an 'instantiate' section. */
1324 * Loop over the listeners, figuring out which sections
1327 for (listener = mainconfig.listen;
1329 listener = listener->next) {
1332 if (listener->type == RAD_LISTEN_PROXY) continue;
1334 cs = cf_section_sub_find_name2(config,
1335 "server", listener->server);
1336 if (!cs && (listener->server != NULL)) {
1337 listener->print(listener, buffer, sizeof(buffer));
1339 radlog(L_ERR, "No server has been defined for %s", buffer);
1344 if (virtual_servers_load(config) < 0) return -1;
1350 * Call all authorization modules until one returns
1351 * somethings else than RLM_MODULE_OK
1353 int module_authorize(int autz_type, REQUEST *request)
1355 return indexed_modcall(RLM_COMPONENT_AUTZ, autz_type, request);
1359 * Authenticate a user/password with various methods.
1361 int module_authenticate(int auth_type, REQUEST *request)
1363 return indexed_modcall(RLM_COMPONENT_AUTH, auth_type, request);
1366 #ifdef WITH_ACCOUNTING
1368 * Do pre-accounting for ALL configured sessions
1370 int module_preacct(REQUEST *request)
1372 return indexed_modcall(RLM_COMPONENT_PREACCT, 0, request);
1376 * Do accounting for ALL configured sessions
1378 int module_accounting(int acct_type, REQUEST *request)
1380 return indexed_modcall(RLM_COMPONENT_ACCT, acct_type, request);
1384 #ifdef WITH_SESSION_MGMT
1386 * See if a user is already logged in.
1388 * Returns: 0 == OK, 1 == double logins, 2 == multilink attempt
1390 int module_checksimul(int sess_type, REQUEST *request, int maxsimul)
1394 if(!request->username)
1397 request->simul_count = 0;
1398 request->simul_max = maxsimul;
1399 request->simul_mpp = 1;
1401 rcode = indexed_modcall(RLM_COMPONENT_SESS, sess_type, request);
1403 if (rcode != RLM_MODULE_OK) {
1404 /* FIXME: Good spot for a *rate-limited* warning to the log */
1408 return (request->simul_count < maxsimul) ? 0 : request->simul_mpp;
1414 * Do pre-proxying for ALL configured sessions
1416 int module_pre_proxy(int type, REQUEST *request)
1418 return indexed_modcall(RLM_COMPONENT_PRE_PROXY, type, request);
1422 * Do post-proxying for ALL configured sessions
1424 int module_post_proxy(int type, REQUEST *request)
1426 return indexed_modcall(RLM_COMPONENT_POST_PROXY, type, request);
1431 * Do post-authentication for ALL configured sessions
1433 int module_post_auth(int postauth_type, REQUEST *request)
1435 return indexed_modcall(RLM_COMPONENT_POST_AUTH, postauth_type, request);