#include "conf.h"
#include "missing.h"
-#if 0
#if HAVE_PTHREAD_H
#include <pthread.h>
-typedef pthread_t child_pid_t ;
+typedef pthread_t child_pid_t;
+#define child_kill pthread_kill
#else
typedef pid_t child_pid_t;
+#define child_kill kill
#endif
-#else
-/* FIX when threading is done! */
-typedef pid_t child_pid_t;
-#endif
+#define NO_SUCH_CHILD_PID (child_pid_t) (0)
-#define NO_SUCH_CHILD_PID (0)
+#ifndef NDEBUG
+#define REQUEST_MAGIC (0xdeadbeef)
+#endif
typedef struct auth_req {
+#ifndef NDEBUG
+ uint32_t magic; /* for debugging only */
+#endif
RADIUS_PACKET *packet;
RADIUS_PACKET *proxy;
RADIUS_PACKET *reply;
+ RADIUS_PACKET *proxy_reply;
VALUE_PAIR *config_items;
- char username[MAX_STRING_LEN];
+ VALUE_PAIR *username;
VALUE_PAIR *password;
char secret[32];
child_pid_t child_pid;
time_t timestamp;
+
+ /* Could almost keep a const char * here instead of a _copy_ of the
+ * secret... but what if the RADCLIENT structure is freed because it was
+ * taken out of the config file and SIGHUPed? */
+ char proxysecret[32];
+ int proxy_is_replicate;
+ int proxy_try_count;
+ time_t proxy_next_try;
+
int finished;
+ struct auth_req *prev;
struct auth_req *next;
} REQUEST;
-typedef struct client {
- UINT4 ipaddr;
+/*
+ * Function handler for requests.
+ */
+typedef int (*RAD_REQUEST_FUNP)(REQUEST *);
+
+typedef struct radclient {
+ uint32_t ipaddr;
char longname[256];
u_char secret[32];
char shortname[32];
- struct client *next;
-} CLIENT;
+ struct radclient *next;
+} RADCLIENT;
typedef struct nas {
- UINT4 ipaddr;
+ uint32_t ipaddr;
char longname[256];
char shortname[32];
char nastype[32];
typedef struct realm {
char realm[64];
char server[64];
- UINT4 ipaddr;
+ uint32_t ipaddr;
+ u_char secret[32];
int auth_port;
int acct_port;
int striprealm;
int trusted;
+ int notsuffix;
struct realm *next;
} REALM;
#define SECONDS_PER_DAY 86400
#define MAX_REQUEST_TIME 30
#define CLEANUP_DELAY 5
-#define MAX_REQUESTS 255
+#define MAX_REQUESTS 256
+/* FIXME: these two should be command-line options */
+#define RETRY_DELAY 5
+#define RETRY_COUNT 3
#define L_DBG 1
#define L_AUTH 2
#define L_CONS 128
#ifndef FALSE
-# define FALSE 0
+#define FALSE 0
#endif
#ifndef TRUE
-# define TRUE 1
+/*
+ * This definition of true as NOT false is definitive. :) Making
+ * it '1' can cause problems on stupid platforms. See articles
+ * on C portability for more information.
+ */
+#define TRUE (!FALSE)
#endif
/* for paircompare_register */
*/
extern const char *progname;
extern int debug_flag;
-extern const char *radacct_dir;
-extern const char *radlog_dir;
-extern const char *radius_dir;
+extern char *radacct_dir;
+extern char *radlog_dir;
+extern const char *radlib_dir;
+extern char *radius_dir;
extern const char *radius_libdir;
-extern UINT4 expiration_seconds;
-extern int radius_pid;
+extern uint32_t expiration_seconds;
extern int use_dbm;
extern int log_stripped_names;
-extern int cache_passwd;
-extern UINT4 myip;
+extern uint32_t myip;
extern int log_auth_detail;
extern int log_auth;
extern int log_auth_pass;
extern int acct_port;
extern int proxy_port;
extern int proxyfd;
+extern int proxy_retry_count;
+extern int proxy_retry_delay;
/*
* Function prototypes.
/* radutmp.c */
int radutmp_add(REQUEST *);
-int radutmp_zap(UINT4 nas, int port, char *user, time_t t);
+int radutmp_zap(uint32_t nas, int port, char *user, time_t t);
int radutmp_checksimul(char *name, VALUE_PAIR *, int maxsimul);
/* radiusd.c */
void debug_pair(FILE *, VALUE_PAIR *);
int log_err (char *);
void sig_cleanup(int);
+int rad_respond(REQUEST *, RAD_REQUEST_FUNP fun);
/* util.c */
-struct passwd *rad_getpwnam(const char *);
-#if defined (sun) && defined(__svr4__)
-void (*sun_signal(int signo, void (*func)(int)))(int);
-#define signal sun_signal
-#endif
+void (*reset_signal(int signo, void (*func)(int)))(int);
void request_free(REQUEST *request);
RADIUS_PACKET * build_reply(int code, REQUEST *request,
- VALUE_PAIR *vps, const char *user_msg);
-VALUE_PAIR *rad_get_username(REQUEST *request);
-int rad_put_username(REQUEST *request, const char *username, int length);
+ VALUE_PAIR *vps, const char *user_msg);
/* files.c */
-CLIENT *client_find(UINT4 ipno);
-char *client_name(UINT4 ipno);
-int read_clients_file(const char *);
+RADCLIENT *client_find(uint32_t ipno);
+char *client_name(uint32_t ipno);
REALM *realm_find(const char *);
PAIR_LIST *pairlist_read(const char *file, int complain);
void pairlist_free(PAIR_LIST **);
/* nas.c */
int read_naslist_file(char *);
-NAS *nas_find(UINT4 ipno);
-char *nas_name(UINT4 ipno);
+NAS *nas_find(uint32_t ipno);
+char *nas_name(uint32_t ipno);
char *nas_name2(RADIUS_PACKET *r);
NAS *nas_findbyname(char *nasname);
#endif
/* proxy.c */
-int proxy_send(REQUEST *request);
int proxy_receive(REQUEST *request);
+int proxy_send(REQUEST *request);
/* auth.c */
-char *auth_name(REQUEST *request, int do_cli);
-int rad_mangle(REQUEST *request);
+char *auth_name(char *buf, size_t buflen, REQUEST *request, int do_cli);
int rad_authenticate (REQUEST *);
/* exec.c */
-char *radius_xlate(const char *, VALUE_PAIR *req, VALUE_PAIR *reply);
+char *radius_xlate(char *output, size_t outputlen,
+ const char *fmt,
+ VALUE_PAIR *req, VALUE_PAIR *reply);
int radius_exec_program(const char *, VALUE_PAIR *, VALUE_PAIR **,
int, const char **user_msg);
/* xlat.c */
int radius_xlat2(char * out, int outlen, char *str,
REQUEST * request, VALUE_PAIR *reply);
+
+#ifdef WITH_THREAD_POOL
+/* threads.c */
+extern int thread_pool_init(void);
+extern int thread_pool_clean(void);
+#endif