Check sockets against home servers for proxy loops

This only works when using -C.  It only prints messages with -XC

diff --git a/src/main/command.c b/src/main/command.c
index 65cb1e4..80cdeec 100644 (file)
--- a/src/main/command.c
+++ b/src/main/command.c
@@ -1802,6 +1802,8 @@ static int command_socket_parse(CONF_SECTION *cs, rad_listen_t *this)
 {
        fr_command_socket_t *sock;
 
+       if (check_config) return 0;
+
        sock = this->data;
 
        if (cf_section_parse(cs, sock, command_config) < 0) {

diff --git a/src/main/detail.c b/src/main/detail.c
index 61fcc70..08d85da 100644 (file)
--- a/src/main/detail.c
+++ b/src/main/detail.c
@@ -813,6 +813,7 @@ static const CONF_PARSER detail_config[] = {
        { NULL, -1, 0, NULL, NULL }             /* end the list */
 };
 
+extern int check_config;
 
 /*
  *     Parse a detail section.
@@ -824,6 +825,8 @@ int detail_parse(CONF_SECTION *cs, rad_listen_t *this)
        RADCLIENT       *client;
        char buffer[2048];
 
+       if (check_config) return 0;
+
        if (!this->data) {
                this->data = rad_malloc(sizeof(*data));
                memset(this->data, 0, sizeof(*data));

diff --git a/src/main/dhcpd.c b/src/main/dhcpd.c
index 935654d..12be2b6 100644 (file)
--- a/src/main/dhcpd.c
+++ b/src/main/dhcpd.c
@@ -178,6 +178,8 @@ static int dhcp_socket_parse(CONF_SECTION *cs, rad_listen_t *this)
        rcode = common_socket_parse(cs, this);
        if (rcode != 0) return rcode;
 
+       if (check_config) return 0;
+
        sock = this->data;
 
        /*

diff --git a/src/main/event.c b/src/main/event.c
index 0e25232..239caf7 100644 (file)
--- a/src/main/event.c
+++ b/src/main/event.c
@@ -3546,6 +3546,10 @@ int radius_event_init(CONF_SECTION *cs, int spawn_flag)
        if (check_config) {
                DEBUG("%s: #### Skipping IP addresses and Ports ####",
                       mainconfig.name);
+               if (listen_init(cs, &head) < 0) {
+                       fflush(NULL);
+                       exit(1);
+               }
                return 1;
        }
 

diff --git a/src/main/listen.c b/src/main/listen.c
index 6061353..4e11033 100644 (file)
--- a/src/main/listen.c
+++ b/src/main/listen.c
@@ -461,6 +461,8 @@ static int socket_print(rad_listen_t *this, char *buffer, size_t bufsize)
        return 1;
 }
 
+extern int check_config;       /* radiusd.c */
+
 
 /*
  *     Parse an authentication or accounting socket.
@@ -511,6 +513,19 @@ static int common_socket_parse(CONF_SECTION *cs, rad_listen_t *this)
        sock->ipaddr = ipaddr;
        sock->port = listen_port;
 
+       if (check_config) {
+               if (home_server_find(&sock->ipaddr, sock->port)) {
+                               char buffer[128];
+                               
+                               DEBUG("ERROR: We have been asked to listen on %s port %d, which is also listed as a home server.  This can create a proxy loop.",
+                                     ip_ntoh(&sock->ipaddr, buffer, sizeof(buffer)),
+                                     sock->port);
+                               return -1;
+               }
+
+               return 0;       /* don't do anything */
+       }
+
        /*
         *      If we can bind to interfaces, do so,
         *      else don't.