/*
- * Copyright (C) 2006, 2007 Stig Venaas <venaas@uninett.no>
+ * Copyright (C) 2006-2008 Stig Venaas <venaas@uninett.no>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
#define DEFAULT_TLS_SECRET "mysecret"
#define DEFAULT_UDP_PORT "1812"
#define DEFAULT_TLS_PORT "2083"
-#define REQUEST_EXPIRY 20
-#define REQUEST_RETRIES 3
+#define REQUEST_RETRY_INTERVAL 5
+#define REQUEST_RETRY_COUNT 2
#define MAX_CERT_DEPTH 5
#define STATUS_SERVER_PERIOD 25
#define RAD_Access_Request 1
#define RAD_Attr_User_Password 2
#define RAD_Attr_Reply_Message 18
#define RAD_Attr_Vendor_Specific 26
+#define RAD_Attr_Calling_Station_Id 31
#define RAD_Attr_Tunnel_Password 69
#define RAD_Attr_Message_Authenticator 80
#define RAD_VS_ATTR_MS_MPPE_Send_Key 16
#define RAD_VS_ATTR_MS_MPPE_Recv_Key 17
-#define CONF_STR 1
-#define CONF_CBK 2
-#define CONF_MSTR 3
-
struct options {
char *listenudp;
- char *listentcp;
+ char *listentls;
char *listenaccudp;
+ char *sourceudp;
+ char *sourcetls;
char *logdestination;
uint8_t loglevel;
+ uint8_t loopprevention;
};
/* requests that our client will send */
uint8_t received;
struct timeval expiry;
struct client *from;
+ char *origusername;
uint8_t origid; /* used by servwr */
char origauth[16]; /* used by servwr */
struct sockaddr_storage fromsa; /* used by udpservwr */
char *host;
char *port;
char *secret;
+ regex_t *certcnregex;
regex_t *certuriregex;
- regex_t *rewriteattrregex;
- char *rewriteattrreplacement;
+ struct modattr *rewriteusername;
uint8_t statusserver;
- SSL_CTX *ssl_ctx;
+ uint8_t retryinterval;
+ uint8_t retrycount;
+ uint8_t certnamecheck;
+ struct rewrite *rewritein;
+ struct rewrite *rewriteout;
struct addrinfo *addrinfo;
uint8_t prefixlen;
+ struct tls *tlsconf;
struct list *clients;
struct server *servers;
};
struct clsrvconf *conf;
SSL *ssl;
struct replyq *replyq;
- struct client *next;
+ struct sockaddr *addr;
};
struct server {
pthread_t clientth;
struct timeval lastconnecttry;
uint8_t connectionok;
- uint8_t loststatsrv;
+ uint8_t lostrqs;
int nextid;
struct request *requests;
uint8_t newrq;
struct realm {
char *name;
char *message;
+ uint8_t accresp;
regex_t regex;
struct list *srvconfs;
+ struct list *accsrvconfs;
};
struct tls {
char *name;
+ char *cacertfile;
+ char *cacertpath;
+ char *certfile;
+ char *certkeyfile;
+ char *certkeypwd;
+ uint8_t crlcheck;
+ uint32_t cacheexpiry;
+ uint32_t expiry;
SSL_CTX *ctx;
+};
+
+struct attribute {
+ uint8_t t;
+ uint8_t l;
+ uint8_t *v;
+};
+
+struct modattr {
+ uint8_t t;
+ char *replacement;
+ regex_t *regex;
+};
+
+struct rewrite {
+ uint8_t *removeattrs;
+ uint32_t *removevendorattrs;
+ struct list *addattrs;
+ struct list *modattrs;
+};
+
+struct rewriteconf {
+ char *name;
+ struct rewrite *rewrite;
int count;
};
#define ATTRLEN(x) ((x)[1])
#define ATTRVAL(x) ((x) + 2)
#define ATTRVALLEN(x) ((x)[1] - 2)
-
-#define SOCKADDR_SIZE(addr) ((addr).ss_family == AF_INET ? \
- sizeof(struct sockaddr_in) : \
- sizeof(struct sockaddr_in6))
-
-char *stringcopy(char *s, int len);
-char *addr2string(struct sockaddr *addr, socklen_t len);
-void printfchars(char *prefixfmt, char *prefix, char *charfmt, char *chars, int len);
-int bindport(int type, char *port);
-int connectport(int type, char *host, char *port);
projects / libradsec.git / blobdiff