2 * modules.c Radius module support.
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 2 of the License, or
9 * (at your option) any later version.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
20 * Copyright 2003,2006 The FreeRADIUS server project
21 * Copyright 2000 Alan DeKok <aland@ox.org>
22 * Copyright 2000 Alan Curry <pacman@world.std.com>
25 #include <freeradius-devel/ident.h>
28 #include <freeradius-devel/radiusd.h>
29 #include <freeradius-devel/modpriv.h>
30 #include <freeradius-devel/modcall.h>
31 #include <freeradius-devel/rad_assert.h>
33 extern int check_config;
35 typedef struct indexed_modcallable {
38 modcallable *modulelist;
39 } indexed_modcallable;
41 typedef struct virtual_server_t {
45 struct virtual_server_t *next;
49 * Keep a hash of virtual servers, so that we can reload them.
51 #define VIRTUAL_SERVER_HASH_SIZE (256)
52 static virtual_server_t *virtual_servers[VIRTUAL_SERVER_HASH_SIZE];
54 static rbtree_t *module_tree = NULL;
56 static rbtree_t *instance_tree = NULL;
58 typedef struct section_type_value_t {
62 } section_type_value_t;
64 struct fr_module_hup_t {
65 module_instance_t *mi;
68 fr_module_hup_t *next;
73 * Ordered by component
75 static const section_type_value_t section_type_value[RLM_COMPONENT_COUNT] = {
76 { "authenticate", "Auth-Type", PW_AUTH_TYPE },
77 { "authorize", "Autz-Type", PW_AUTZ_TYPE },
78 { "preacct", "Pre-Acct-Type", PW_PRE_ACCT_TYPE },
79 { "accounting", "Acct-Type", PW_ACCT_TYPE },
80 { "session", "Session-Type", PW_SESSION_TYPE },
81 { "pre-proxy", "Pre-Proxy-Type", PW_PRE_PROXY_TYPE },
82 { "post-proxy", "Post-Proxy-Type", PW_POST_PROXY_TYPE },
83 { "post-auth", "Post-Auth-Type", PW_POST_AUTH_TYPE },
87 #ifdef WITHOUT_LIBLTDL
88 typedef struct lt_dlmodule_t {
94 * Define modules here.
96 extern module_t rlm_pap;
97 extern module_t rlm_chap;
98 extern module_t rlm_eap;
101 * EAP structures are defined elsewhere.
103 typedef struct eap_type_t EAP_TYPE;
106 * And so on for other EAP types.
108 extern EAP_TYPE rlm_eap_md5;
110 static const lt_dlmodule_t lt_dlmodules[] = {
111 { "rlm_pap", &rlm_pap },
112 { "rlm_chap", &rlm_chap },
113 { "rlm_eap", &rlm_eap },
114 { "rlm_eap_md5", &rlm_eap_md5 },
117 * Add other modules here.
124 lt_dlhandle lt_dlopenext(const char *name)
128 for (i = 0; lt_dlmodules[i].name != NULL; i++) {
129 if (strcmp(name, lt_dlmodules[i].name) == 0) {
130 return lt_dlmodules[i].ref;
137 void *lt_dlsym(lt_dlhandle handle, UNUSED const char *symbol)
141 #endif /* WITHOUT_LIBLTDL */
143 static int virtual_server_idx(const char *name)
149 hash = fr_hash_string(name);
151 return hash & (VIRTUAL_SERVER_HASH_SIZE - 1);
154 static void virtual_server_free(virtual_server_t *server)
156 if (server->components) rbtree_free(server->components);
157 server->components = NULL;
162 static void indexed_modcallable_free(void *data)
164 indexed_modcallable *c = data;
166 modcallable_free(&c->modulelist);
170 static int indexed_modcallable_cmp(const void *one, const void *two)
172 const indexed_modcallable *a = one;
173 const indexed_modcallable *b = two;
175 if (a->comp < b->comp) return -1;
176 if (a->comp > b->comp) return +1;
178 return a->idx - b->idx;
183 * Compare two module entries
185 static int module_instance_cmp(const void *one, const void *two)
187 const module_instance_t *a = one;
188 const module_instance_t *b = two;
190 return strcmp(a->name, b->name);
194 static void module_instance_free_old(CONF_SECTION *cs, module_instance_t *node,
197 fr_module_hup_t *mh, **last;
200 * Walk the list, freeing up old instances.
207 * Free only every 60 seconds.
209 if ((when - mh->when) < 60) {
214 cf_section_parse_free(cs, mh->insthandle);
216 if (node->entry->module->detach) {
217 (node->entry->module->detach)(mh->insthandle);
219 free(mh->insthandle);
229 * Free a module instance.
231 static void module_instance_free(void *data)
233 module_instance_t *this = data;
235 module_instance_free_old(this->cs, this, time(NULL) + 100);
237 if (this->entry->module->detach) {
238 (this->entry->module->detach)(this->insthandle);
241 #ifdef HAVE_PTHREAD_H
245 * The mutex MIGHT be locked...
246 * we'll check for that later, I guess.
248 pthread_mutex_destroy(this->mutex);
252 memset(this, 0, sizeof(*this));
258 * Compare two module entries
260 static int module_entry_cmp(const void *one, const void *two)
262 const module_entry_t *a = one;
263 const module_entry_t *b = two;
265 return strcmp(a->name, b->name);
269 * Free a module entry.
271 static void module_entry_free(void *data)
273 module_entry_t *this = data;
275 lt_dlclose(this->handle); /* ignore any errors */
276 memset(this, 0, sizeof(*this));
282 * Remove the module lists.
284 int detach_modules(void)
288 for (i = 0; i < VIRTUAL_SERVER_HASH_SIZE; i++) {
289 virtual_server_t *server, *next;
291 for (server = virtual_servers[i];
295 virtual_server_free(server);
299 rbtree_free(instance_tree);
300 rbtree_free(module_tree);
309 * Find a module on disk or in memory, and link to it.
311 static module_entry_t *linkto_module(const char *module_name,
314 module_entry_t myentry;
315 module_entry_t *node;
317 char module_struct[256];
319 const module_t *module;
321 strlcpy(myentry.name, module_name, sizeof(myentry.name));
322 node = rbtree_finddata(module_tree, &myentry);
323 if (node) return node;
326 * Keep the handle around so we can dlclose() it.
328 handle = lt_dlopenext(module_name);
329 if (handle == NULL) {
330 cf_log_err(cf_sectiontoitem(cs),
331 "Failed to link to module '%s': %s\n",
332 module_name, lt_dlerror());
337 * Link to the module's rlm_FOO{} module structure.
339 * The module_name variable has the version number
340 * embedded in it, and we don't want that here.
342 strcpy(module_struct, module_name);
343 p = strrchr(module_struct, '-');
346 DEBUG3(" (Loaded %s, checking if it's valid)", module_name);
349 * libltld MAY core here, if the handle it gives us contains
352 module = lt_dlsym(handle, module_struct);
354 cf_log_err(cf_sectiontoitem(cs),
355 "Failed linking to %s structure: %s\n",
356 module_name, lt_dlerror());
361 * Before doing anything else, check if it's sane.
363 if (module->magic != RLM_MODULE_MAGIC_NUMBER) {
365 cf_log_err(cf_sectiontoitem(cs),
366 "Invalid version in module '%s'",
372 /* make room for the module type */
373 node = rad_malloc(sizeof(*node));
374 memset(node, 0, sizeof(*node));
375 strlcpy(node->name, module_name, sizeof(node->name));
376 node->module = module;
377 node->handle = handle;
379 cf_log_module(cs, "Linked to module %s", module_name);
382 * Add the module as "rlm_foo-version" to the configuration
385 if (!rbtree_insert(module_tree, node)) {
386 radlog(L_ERR, "Failed to cache module %s", module_name);
396 * Find a module instance.
398 module_instance_t *find_module_instance(CONF_SECTION *modules,
399 const char *instname, int do_link)
401 int check_config_safe = FALSE;
403 const char *name1, *name2;
404 module_instance_t *node, myNode;
405 char module_name[256];
407 if (!modules) return NULL;
410 * Module instances are declared in the modules{} block
411 * and referenced later by their name, which is the
412 * name2 from the config section, or name1 if there was
415 cs = cf_section_sub_find_name2(modules, NULL, instname);
417 radlog(L_ERR, "ERROR: Cannot find a configuration entry for module \"%s\".\n", instname);
422 * If there's already a module instance, return it.
424 strlcpy(myNode.name, instname, sizeof(myNode.name));
425 node = rbtree_finddata(instance_tree, &myNode);
426 if (node) return node;
428 if (!do_link) return NULL;
430 name1 = cf_section_name1(cs);
431 name2 = cf_section_name2(cs);
434 * Found the configuration entry.
436 node = rad_malloc(sizeof(*node));
437 memset(node, 0, sizeof(*node));
439 node->insthandle = NULL;
443 * Names in the "modules" section aren't prefixed
444 * with "rlm_", so we add it here.
446 snprintf(module_name, sizeof(module_name), "rlm_%s", name1);
448 node->entry = linkto_module(module_name, cs);
451 /* linkto_module logs any errors */
455 if (check_config && (node->entry->module->instantiate) &&
456 (node->entry->module->type & RLM_TYPE_CHECK_CONFIG_SAFE) == 0) {
457 const char *value = NULL;
460 cp = cf_pair_find(cs, "force_check_config");
461 if (cp) value = cf_pair_value(cp);
463 if (value && (strcmp(value, "yes") == 0)) goto print_inst;
465 cf_log_module(cs, "Skipping instantiation of %s", instname);
468 check_config_safe = TRUE;
469 cf_log_module(cs, "Instantiating %s", instname);
473 * Call the module's instantiation routine.
475 if ((node->entry->module->instantiate) &&
476 (!check_config || check_config_safe) &&
477 ((node->entry->module->instantiate)(cs, &node->insthandle) < 0)) {
478 cf_log_err(cf_sectiontoitem(cs),
479 "Instantiation failed for module \"%s\"",
486 * We're done. Fill in the rest of the data structure,
487 * and link it to the module instance list.
489 strlcpy(node->name, instname, sizeof(node->name));
491 #ifdef HAVE_PTHREAD_H
493 * If we're threaded, check if the module is thread-safe.
495 * If it isn't, we create a mutex.
497 if ((node->entry->module->type & RLM_TYPE_THREAD_UNSAFE) != 0) {
498 node->mutex = (pthread_mutex_t *) rad_malloc(sizeof(pthread_mutex_t));
500 * Initialize the mutex.
502 pthread_mutex_init(node->mutex, NULL);
505 * The module is thread-safe. Don't give it a mutex.
511 rbtree_insert(instance_tree, node);
516 static indexed_modcallable *lookup_by_index(rbtree_t *components,
519 indexed_modcallable myc;
524 return rbtree_finddata(components, &myc);
528 * Create a new sublist.
530 static indexed_modcallable *new_sublist(rbtree_t *components, int comp, int idx)
532 indexed_modcallable *c;
534 c = lookup_by_index(components, comp, idx);
536 /* It is an error to try to create a sublist that already
537 * exists. It would almost certainly be caused by accidental
538 * duplication in the config file.
540 * index 0 is the exception, because it is used when we want
541 * to collect _all_ listed modules under a single index by
542 * default, which is currently the case in all components
543 * except authenticate. */
551 c = rad_malloc(sizeof(*c));
552 c->modulelist = NULL;
556 if (!rbtree_insert(components, c)) {
564 int indexed_modcall(int comp, int idx, REQUEST *request)
567 indexed_modcallable *this;
568 modcallable *list = NULL;
569 virtual_server_t *server;
571 rcode = virtual_server_idx(request->server);
572 for (server = virtual_servers[rcode];
574 server = server->next) {
575 if (!request->server && !server->name) break;
577 if ((request->server && server->name) &&
578 (strcmp(request->server, server->name) == 0)) break;
582 RDEBUG("No such virtual server %s", request->server);
583 return RLM_MODULE_FAIL;
586 this = lookup_by_index(server->components, comp, idx);
588 if (idx != 0) DEBUG2(" WARNING: Unknown value specified for %s. Cannot perform requested action.",
589 section_type_value[comp].typename);
591 list = this->modulelist;
594 request->component = section_type_value[comp].section;
596 rcode = modcall(comp, list, request);
598 request->module = "";
599 request->component = "";
604 * Load a sub-module list, as found inside an Auth-Type foo {}
607 static int load_subcomponent_section(modcallable *parent, CONF_SECTION *cs,
608 rbtree_t *components, int attr, int comp)
610 indexed_modcallable *subcomp;
613 const char *name2 = cf_section_name2(cs);
615 rad_assert(comp >= RLM_COMPONENT_AUTH);
616 rad_assert(comp < RLM_COMPONENT_COUNT);
622 cf_log_err(cf_sectiontoitem(cs),
623 "No name specified for %s block",
624 section_type_value[comp].typename);
631 ml = compile_modgroup(parent, comp, cs);
637 * We must assign a numeric index to this subcomponent.
638 * It is generated and placed in the dictionary
639 * automatically. If it isn't found, it's a serious
642 dval = dict_valbyname(attr, name2);
644 cf_log_err(cf_sectiontoitem(cs),
645 "%s %s Not previously configured",
646 section_type_value[comp].typename, name2);
647 modcallable_free(&ml);
651 subcomp = new_sublist(components, comp, dval->value);
653 modcallable_free(&ml);
657 subcomp->modulelist = ml;
661 static int define_type(const DICT_ATTR *dattr, const char *name)
667 * If the value already exists, don't
670 dval = dict_valbyname(dattr->attr, name);
674 * Create a new unique value with a
675 * meaningless number. You can't look at
676 * it from outside of this code, so it
677 * doesn't matter. The only requirement
678 * is that it's unique.
681 value = fr_rand() & 0x00ffffff;
682 } while (dict_valbyattr(dattr->attr, value));
684 if (dict_addvalue(name, dattr->name, value) < 0) {
685 radlog(L_ERR, "%s", fr_strerror());
692 static int load_component_section(CONF_SECTION *cs,
693 rbtree_t *components, int comp)
698 indexed_modcallable *subcomp;
700 const char *visiblename;
701 const DICT_ATTR *dattr;
704 * Find the attribute used to store VALUEs for this section.
706 dattr = dict_attrbyvalue(section_type_value[comp].attr);
708 cf_log_err(cf_sectiontoitem(cs),
709 "No such attribute %s",
710 section_type_value[comp].typename);
715 * Loop over the entries in the named section, loading
716 * the sections this time.
718 for (modref = cf_item_find_next(cs, NULL);
720 modref = cf_item_find_next(cs, modref)) {
722 CONF_PAIR *cp = NULL;
723 CONF_SECTION *scs = NULL;
725 if (cf_item_is_section(modref)) {
726 scs = cf_itemtosection(modref);
728 name1 = cf_section_name1(scs);
731 section_type_value[comp].typename) == 0) {
732 if (!load_subcomponent_section(NULL, scs,
736 return -1; /* FIXME: memleak? */
743 } else if (cf_item_is_pair(modref)) {
744 cp = cf_itemtopair(modref);
747 continue; /* ignore it */
751 * Try to compile one entry.
753 this = compile_modsingle(NULL, comp, modref, &modname);
755 cf_log_err(cf_sectiontoitem(cs),
756 "Errors parsing %s section.\n",
757 cf_section_name1(cs));
762 * Look for Auth-Type foo {}, which are special
763 * cases of named sections, and allowable ONLY
766 * i.e. They're not allowed in a "group" or "redundant"
769 if (comp == RLM_COMPONENT_AUTH) {
771 const char *modrefname = NULL;
773 modrefname = cf_pair_attr(cp);
775 modrefname = cf_section_name2(scs);
777 modcallable_free(&this);
778 cf_log_err(cf_sectiontoitem(cs),
779 "Errors parsing %s sub-section.\n",
780 cf_section_name1(scs));
785 dval = dict_valbyname(PW_AUTH_TYPE, modrefname);
788 * It's a section, but nothing we
791 modcallable_free(&this);
792 cf_log_err(cf_sectiontoitem(cs),
793 "Unknown Auth-Type \"%s\" in %s sub-section.",
794 modrefname, section_type_value[comp].section);
799 /* See the comment in new_sublist() for explanation
800 * of the special index 0 */
804 subcomp = new_sublist(components, comp, idx);
805 if (subcomp == NULL) {
806 modcallable_free(&this);
810 /* If subcomp->modulelist is NULL, add_to_modcallable will
812 visiblename = cf_section_name2(cs);
813 if (visiblename == NULL)
814 visiblename = cf_section_name1(cs);
815 add_to_modcallable(&subcomp->modulelist, this,
822 static int load_byserver(CONF_SECTION *cs)
825 const char *name = cf_section_name2(cs);
826 rbtree_t *components;
827 virtual_server_t *server;
829 cf_log_info(cs, " modules {");
831 components = rbtree_create(indexed_modcallable_cmp,
832 indexed_modcallable_free, 0);
834 radlog(L_ERR, "Failed to initialize components\n");
838 server = rad_malloc(sizeof(*server));
839 memset(server, 0, sizeof(*server));
843 server->components = components;
846 * Define types first.
848 for (comp = 0; comp < RLM_COMPONENT_COUNT; ++comp) {
853 subcs = cf_section_sub_find(cs,
854 section_type_value[comp].section);
855 if (!subcs) continue;
857 if (cf_item_find_next(subcs, NULL) == NULL) continue;
860 * Find the attribute used to store VALUEs for this section.
862 dattr = dict_attrbyvalue(section_type_value[comp].attr);
864 cf_log_err(cf_sectiontoitem(subcs),
865 "No such attribute %s",
866 section_type_value[comp].typename);
867 cf_log_info(cs, " }");
869 virtual_server_free(server);
874 * Define dynamic types, so that others can reference
877 for (modref = cf_item_find_next(subcs, NULL);
879 modref = cf_item_find_next(subcs, modref)) {
881 CONF_SECTION *subsubcs;
884 * Create types for simple references
885 * only when parsing the authenticate
888 if ((section_type_value[comp].attr == PW_AUTH_TYPE) &&
889 cf_item_is_pair(modref)) {
890 CONF_PAIR *cp = cf_itemtopair(modref);
891 if (!define_type(dattr, cf_pair_attr(cp))) {
898 if (!cf_item_is_section(modref)) continue;
900 subsubcs = cf_itemtosection(modref);
901 name1 = cf_section_name1(subsubcs);
903 if (strcmp(name1, section_type_value[comp].typename) == 0) {
904 if (!define_type(dattr,
905 cf_section_name2(subsubcs))) {
906 cf_log_info(cs, " }");
911 } /* loop over components */
914 * Loop over all of the known components, finding their
915 * configuration section, and loading it.
918 for (comp = 0; comp < RLM_COMPONENT_COUNT; ++comp) {
921 subcs = cf_section_sub_find(cs,
922 section_type_value[comp].section);
923 if (!subcs) continue;
925 if (cf_item_find_next(subcs, NULL) == NULL) continue;
927 cf_log_module(cs, "Checking %s {...} for more modules to load",
928 section_type_value[comp].section);
932 * Skip pre/post-proxy sections if we're not
935 if (!mainconfig.proxy_requests &&
936 ((comp == PW_PRE_PROXY_TYPE) ||
937 (comp == PW_PRE_PROXY_TYPE))) {
942 if (load_component_section(subcs, components, comp) < 0) {
943 cf_log_info(cs, " }");
947 } /* loop over components */
950 * We haven't loaded any of the normal sections. Maybe we're
951 * supposed to load the vmps section.
953 * This is a bit of a hack...
958 subcs = cf_section_sub_find(cs, "vmps");
960 cf_log_module(cs, "Checking vmps {...} for more modules to load");
961 if (load_component_section(subcs, components,
962 RLM_COMPONENT_POST_AUTH) < 0) {
970 const DICT_ATTR *dattr;
972 dattr = dict_attrbyname("DHCP-Message-Type");
974 radlog(L_ERR, "No DHCP-Message-Type attribute");
979 * Handle each DHCP Message type separately.
981 for (subcs = cf_subsection_find_next(cs, NULL,
984 subcs = cf_subsection_find_next(cs, subcs,
986 const char *name2 = cf_section_name2(subcs);
988 DEBUG2(" Module: Checking dhcp %s {...} for more modules to load", name2);
989 if (!load_subcomponent_section(NULL, subcs,
992 RLM_COMPONENT_POST_AUTH)) {
993 goto error; /* FIXME: memleak? */
1001 cf_log_info(cs, " }");
1003 if (!flag && name) {
1004 DEBUG("WARNING: Server %s is empty, and will do nothing!",
1009 * Now that it is OK, insert it into the list.
1011 * This is thread-safe...
1013 comp = virtual_server_idx(name);
1014 server->next = virtual_servers[comp];
1015 virtual_servers[comp] = server;
1022 * Load all of the virtual servers.
1024 int virtual_server_load(CONF_SECTION *config)
1026 int null_server = FALSE;
1029 DEBUG2("%s: #### Loading Virtual Servers ####", mainconfig.name);
1032 * Load all of the virtual servers.
1034 for (cs = cf_subsection_find_next(config, NULL, "server");
1036 cs = cf_subsection_find_next(config, cs, "server")) {
1037 const char *name2 = cf_section_name2(cs);
1040 cf_log_info(cs, "server %s {", name2);
1042 cf_log_info(cs, "server {");
1045 if (load_byserver(cs) < 0) {
1046 cf_log_info(cs, "}");
1049 cf_log_info(cs, "}");
1050 if (debug_flag == 0) {
1051 radlog(L_INFO, "Loaded virtual server %s", name2);
1056 * No empty server defined. Try to load an old-style
1057 * one for backwards compatibility.
1060 cf_log_info(cs, "server {");
1061 if (load_byserver(config) < 0) {
1062 cf_log_info(cs, "}");
1065 cf_log_info(cs, "}");
1072 int module_hup_module(CONF_SECTION *cs, module_instance_t *node, time_t when)
1074 void *insthandle = NULL;
1075 fr_module_hup_t *mh;
1078 !node->entry->module->instantiate ||
1079 ((node->entry->module->type & RLM_TYPE_HUP_SAFE) == 0)) {
1083 cf_log_module(cs, "Trying to reload module \"%s\"", node->name);
1085 if ((node->entry->module->instantiate)(cs, &insthandle) < 0) {
1086 cf_log_err(cf_sectiontoitem(cs),
1087 "HUP failed for module \"%s\". Using old configuration.",
1092 radlog(L_INFO, " Module: Reloaded module \"%s\"", node->name);
1094 module_instance_free_old(cs, node, when);
1097 * Save the old instance handle for later deletion.
1099 mh = rad_malloc(sizeof(*mh));
1102 mh->insthandle = node->insthandle;
1103 mh->next = node->mh;
1106 node->insthandle = insthandle;
1109 * FIXME: Set a timeout to come back in 60s, so that
1110 * we can pro-actively clean up the old instances.
1117 int module_hup(CONF_SECTION *modules)
1122 module_instance_t *node;
1124 if (!modules) return 0;
1129 * Loop over the modules
1131 for (ci=cf_item_find_next(modules, NULL);
1133 ci=cf_item_find_next(modules, ci)) {
1134 const char *instname;
1135 module_instance_t myNode;
1138 * If it's not a section, ignore it.
1140 if (!cf_item_is_section(ci)) continue;
1142 cs = cf_itemtosection(ci);
1143 instname = cf_section_name2(cs);
1144 if (!instname) instname = cf_section_name1(cs);
1146 strlcpy(myNode.name, instname, sizeof(myNode.name));
1147 node = rbtree_finddata(instance_tree, &myNode);
1149 module_hup_module(cs, node, when);
1157 * Parse the module config sections, and load
1158 * and call each module's init() function.
1160 * Libtool makes your life a LOT easier, especially with libltdl.
1161 * see: http://www.gnu.org/software/libtool/
1163 int setup_modules(int reload, CONF_SECTION *config)
1165 CONF_SECTION *cs, *modules;
1166 rad_listen_t *listener;
1168 if (reload) return 0;
1171 * If necessary, initialize libltdl.
1175 * Set the default list of preloaded symbols.
1176 * This is used to initialize libltdl's list of
1177 * preloaded modules.
1179 * i.e. Static modules.
1181 LTDL_SET_PRELOADED_SYMBOLS();
1183 if (lt_dlinit() != 0) {
1184 radlog(L_ERR, "Failed to initialize libraries: %s\n",
1190 * Set the search path to ONLY our library directory.
1191 * This prevents the modules from being found from
1192 * any location on the disk.
1194 lt_dlsetsearchpath(radlib_dir);
1197 * Set up the internal module struct.
1199 module_tree = rbtree_create(module_entry_cmp,
1200 module_entry_free, 0);
1202 radlog(L_ERR, "Failed to initialize modules\n");
1206 instance_tree = rbtree_create(module_instance_cmp,
1207 module_instance_free, 0);
1208 if (!instance_tree) {
1209 radlog(L_ERR, "Failed to initialize modules\n");
1214 memset(virtual_servers, 0, sizeof(virtual_servers));
1217 * Remember where the modules were stored.
1219 modules = cf_section_sub_find(config, "modules");
1221 radlog(L_ERR, "Cannot find a \"modules\" section in the configuration file!");
1225 DEBUG2("%s: #### Instantiating modules ####", mainconfig.name);
1228 * Look for the 'instantiate' section, which tells us
1229 * the instantiation order of the modules, and also allows
1230 * us to load modules with no authorize/authenticate/etc.
1233 cs = cf_section_sub_find(config, "instantiate");
1237 module_instance_t *module;
1240 cf_log_info(cs, " instantiate {");
1243 * Loop over the items in the 'instantiate' section.
1245 for (ci=cf_item_find_next(cs, NULL);
1247 ci=cf_item_find_next(cs, ci)) {
1250 * Skip sections and "other" stuff.
1251 * Sections will be handled later, if
1252 * they're referenced at all...
1254 if (!cf_item_is_pair(ci)) {
1258 cp = cf_itemtopair(ci);
1259 name = cf_pair_attr(cp);
1260 module = find_module_instance(modules, name, 1);
1264 } /* loop over items in the subsection */
1266 cf_log_info(cs, " }");
1267 } /* if there's an 'instantiate' section. */
1270 * Loop over the listeners, figuring out which sections
1273 for (listener = mainconfig.listen;
1275 listener = listener->next) {
1278 if (listener->type == RAD_LISTEN_PROXY) continue;
1280 cs = cf_section_sub_find_name2(config,
1281 "server", listener->server);
1282 if (!cs && (listener->server != NULL)) {
1283 listener->print(listener, buffer, sizeof(buffer));
1285 radlog(L_ERR, "No server has been defined for %s", buffer);
1290 if (virtual_server_load(config) < 0) return -1;
1296 * Call all authorization modules until one returns
1297 * somethings else than RLM_MODULE_OK
1299 int module_authorize(int autz_type, REQUEST *request)
1301 return indexed_modcall(RLM_COMPONENT_AUTZ, autz_type, request);
1305 * Authenticate a user/password with various methods.
1307 int module_authenticate(int auth_type, REQUEST *request)
1309 return indexed_modcall(RLM_COMPONENT_AUTH, auth_type, request);
1312 #ifdef WITH_ACCOUNTING
1314 * Do pre-accounting for ALL configured sessions
1316 int module_preacct(REQUEST *request)
1318 return indexed_modcall(RLM_COMPONENT_PREACCT, 0, request);
1322 * Do accounting for ALL configured sessions
1324 int module_accounting(int acct_type, REQUEST *request)
1326 return indexed_modcall(RLM_COMPONENT_ACCT, acct_type, request);
1330 #ifdef WITH_SESSION_MGMT
1332 * See if a user is already logged in.
1334 * Returns: 0 == OK, 1 == double logins, 2 == multilink attempt
1336 int module_checksimul(int sess_type, REQUEST *request, int maxsimul)
1340 if(!request->username)
1343 request->simul_count = 0;
1344 request->simul_max = maxsimul;
1345 request->simul_mpp = 1;
1347 rcode = indexed_modcall(RLM_COMPONENT_SESS, sess_type, request);
1349 if (rcode != RLM_MODULE_OK) {
1350 /* FIXME: Good spot for a *rate-limited* warning to the log */
1354 return (request->simul_count < maxsimul) ? 0 : request->simul_mpp;
1360 * Do pre-proxying for ALL configured sessions
1362 int module_pre_proxy(int type, REQUEST *request)
1364 return indexed_modcall(RLM_COMPONENT_PRE_PROXY, type, request);
1368 * Do post-proxying for ALL configured sessions
1370 int module_post_proxy(int type, REQUEST *request)
1372 return indexed_modcall(RLM_COMPONENT_POST_PROXY, type, request);
1377 * Do post-authentication for ALL configured sessions
1379 int module_post_auth(int postauth_type, REQUEST *request)
1381 return indexed_modcall(RLM_COMPONENT_POST_AUTH, postauth_type, request);