git-svn-id: https://svn.testnett.uninett.no/radsecproxy/trunk@64
e88ac4ed-0b26-0410-9574-
a7f39faa03bf
lastconnecttry = server->lastconnecttry;
while ((cnt = SSL_write(server->peer.ssl, rad, len)) <= 0) {
while ((error = ERR_get_error()))
lastconnecttry = server->lastconnecttry;
while ((cnt = SSL_write(server->peer.ssl, rad, len)) <= 0) {
while ((error = ERR_get_error()))
- err("clientwr: TLS: %s", ERR_error_string(error, NULL));
+ err("clientradput: TLS: %s", ERR_error_string(error, NULL));
tlsconnect(server, &lastconnecttry, "clientradput");
lastconnecttry = server->lastconnecttry;
}
tlsconnect(server, &lastconnecttry, "clientradput");
lastconnecttry = server->lastconnecttry;
}
struct request *rq;
pthread_t clientrdth;
int i;
struct request *rq;
pthread_t clientrdth;
int i;
+ uint8_t rnd;
+ struct timeval now, lastsend;
+ memset(&lastsend, 0, sizeof(struct timeval));
memset(&timeout, 0, sizeof(struct timespec));
memset(&timeout, 0, sizeof(struct timespec));
if (server->peer.type == 'U') {
if ((server->sock = connecttoserver(server->peer.addrinfo)) < 0) {
printf("clientwr: connecttoserver failed\n");
if (server->peer.type == 'U') {
if ((server->sock = connecttoserver(server->peer.addrinfo)) < 0) {
printf("clientwr: connecttoserver failed\n");
for (;;) {
pthread_mutex_lock(&server->newrq_mutex);
if (!server->newrq) {
for (;;) {
pthread_mutex_lock(&server->newrq_mutex);
if (!server->newrq) {
- if (timeout.tv_nsec) {
- printf("clientwr: waiting up to %ld secs for new request\n", timeout.tv_nsec);
+ gettimeofday(&now, NULL);
+ if (timeout.tv_sec) {
+ printf("clientwr: waiting up to %ld secs for new request\n", timeout.tv_sec - now.tv_sec);
+ pthread_cond_timedwait(&server->newrq_cond, &server->newrq_mutex, &timeout);
+ timeout.tv_sec = 0;
+ } else if (options.statusserver) {
+ timeout.tv_sec = now.tv_sec + STATUS_SERVER_PERIOD;
+ /* add random 0-7 seconds to timeout */
+ RAND_bytes(&rnd, 1);
+ timeout.tv_sec += rnd / 32;
pthread_cond_timedwait(&server->newrq_cond, &server->newrq_mutex, &timeout);
pthread_cond_timedwait(&server->newrq_cond, &server->newrq_mutex, &timeout);
} else {
printf("clientwr: waiting for new request\n");
pthread_cond_wait(&server->newrq_cond, &server->newrq_mutex);
} else {
printf("clientwr: waiting for new request\n");
pthread_cond_wait(&server->newrq_cond, &server->newrq_mutex);
timeout.tv_sec = rq->expiry.tv_sec;
rq->tries++;
clientradput(server, server->requests[i].buf);
timeout.tv_sec = rq->expiry.tv_sec;
rq->tries++;
clientradput(server, server->requests[i].buf);
+ gettimeofday(&lastsend, NULL);
+ if (options.statusserver) {
+ gettimeofday(&now, NULL);
+ if (now.tv_sec - lastsend.tv_sec >= STATUS_SERVER_PERIOD) {
+ lastsend.tv_sec = now.tv_sec;
+ printf("clientwr: should send status to %s here\n", server->peer.host);
+ }
+ }
- /* should do more work to maintain TLS connections, keepalives etc */
}
void *udpserverwr(void *arg) {
}
void *udpserverwr(void *arg) {
options.listentcp = stringcopy(val, 0);
continue;
}
options.listentcp = stringcopy(val, 0);
continue;
}
+ if (!strcasecmp(opt, "StatusServer")) {
+ if (!strcasecmp(val, "on"))
+ options.statusserver = 1;
+ else if (strcasecmp(val, "off")) {
+ printf("error in %s, value of option %s is %s, must be on or off\n", configfile, opt, val);
+ exit(1);
+ }
+ continue;
+ }
printf("error in %s, unknown option %s\n", configfile, opt);
exit(1);
}
printf("error in %s, unknown option %s\n", configfile, opt);
exit(1);
}
#define REQUEST_EXPIRY 20
#define REQUEST_RETRIES 3
#define MAX_CERT_DEPTH 5
#define REQUEST_EXPIRY 20
#define REQUEST_RETRIES 3
#define MAX_CERT_DEPTH 5
+#define STATUS_SERVER_PERIOD 25
#define RAD_Access_Request 1
#define RAD_Access_Accept 2
#define RAD_Access_Reject 3
#define RAD_Access_Request 1
#define RAD_Access_Accept 2
#define RAD_Access_Reject 3
char *tlscertificatekeypassword;
char *listenudp;
char *listentcp;
char *tlscertificatekeypassword;
char *listenudp;
char *listentcp;
};
/* requests that our client will send */
};
/* requests that our client will send */