#define RADIUS_MODULES_H
#include "conffile.h"
-/*
- * The types of the functions which are supported by each module.
- * The functional parameters are defined here, so we don't have to
- * edit each and every module when we decide to add another type
- * of request handler.
- */
-typedef int (*RLM_AUTHORIZE_FUNCP)(REQUEST *request);
-typedef int (*RLM_AUTHENTICATE_FUNCP)(REQUEST *request);
-typedef int (*RLM_POST_AUTHENTICATE_FUNCP)(REQUEST *request);
-typedef int (*RLM_PRE_ACCOUNTING_FUNCP)(REQUEST *request);
-typedef int (*RLM_ACCOUNTING_FUNCP)(REQUEST *request);
+typedef int (*packetmethod)(void *instance, REQUEST *request);
#define RLM_COMPONENT_AUTH 0
#define RLM_COMPONENT_AUTZ 1
int type; /* reserved */
int (*init)(void);
int (*instantiate)(CONF_SECTION *mod_cs, void **instance);
- int (*authorize)(void *instance, REQUEST *request);
- int (*authenticate)(void *instance, REQUEST *request);
- int (*preaccounting)(void *instance, REQUEST *request);
- int (*accounting)(void *instance, REQUEST *request);
- int (*checksimul)(void *instance, REQUEST *request);
+ packetmethod methods[RLM_COMPONENT_COUNT];
int (*detach)(void *instance);
int (*destroy)(void);
} module_t;
+extern const char *component_names[RLM_COMPONENT_COUNT];
+
enum {
RLM_MODULE_REJECT, /* immediately reject the request */
RLM_MODULE_FAIL, /* module failed, don't reply */
int myresult = default_result;
safe_lock(sp->modinst);
- switch(component) {
- case RLM_COMPONENT_AUTZ:
- myresult = sp->modinst->entry->module->authorize(
- sp->modinst->insthandle, request);
- break;
- case RLM_COMPONENT_AUTH:
- myresult = sp->modinst->entry->module->authenticate(
- sp->modinst->insthandle, request);
- break;
- case RLM_COMPONENT_PREACCT:
- myresult = sp->modinst->entry->module->preaccounting(
- sp->modinst->insthandle, request);
- break;
- case RLM_COMPONENT_ACCT:
- myresult = sp->modinst->entry->module->accounting(
- sp->modinst->insthandle, request);
- break;
- case RLM_COMPONENT_SESS:
- myresult = sp->modinst->entry->module->checksimul(
- sp->modinst->insthandle, request);
- break;
- }
+ myresult = sp->modinst->entry->module->methods[component](
+ sp->modinst->insthandle, request);
safe_unlock(sp->modinst);
return myresult;
static void sanity_check(int component, module_instance_t *inst, int lineno,
const char *filename)
{
- switch (component) {
- case RLM_COMPONENT_AUTH:
- if (!inst->entry->module->authenticate) {
- radlog(L_ERR|L_CONS,
- "%s[%d] Module %s does not contain "
- "an 'authenticate' entry\n",
- filename, lineno,
- inst->entry->module->name);
- exit(1);
- }
- break;
- case RLM_COMPONENT_AUTZ:
- if (!inst->entry->module->authorize) {
- radlog(L_ERR|L_CONS,
- "%s[%d] Module %s does not contain "
- "an 'authorize' entry\n",
- filename, lineno,
- inst->entry->module->name);
- exit(1);
- }
- break;
- case RLM_COMPONENT_PREACCT:
- if (!inst->entry->module->preaccounting) {
- radlog(L_ERR|L_CONS,
- "%s[%d] Module %s does not contain "
- "a 'preacct' entry\n",
- filename, lineno,
- inst->entry->module->name);
- exit(1);
- }
- break;
- case RLM_COMPONENT_ACCT:
- if (!inst->entry->module->accounting) {
- radlog(L_ERR|L_CONS,
- "%s[%d] Module %s does not contain "
- "an 'accounting' entry\n",
- filename, lineno,
- inst->entry->module->name);
- exit(1);
- }
- break;
- case RLM_COMPONENT_SESS:
- if (!inst->entry->module->checksimul) {
- radlog(L_ERR|L_CONS,
- "%s[%d] Module %s does not contain "
- "a 'checksimul' entry\n",
- filename, lineno,
- inst->entry->module->name);
- exit(1);
- }
- break;
- default:
- radlog(L_ERR|L_CONS, "%s[%d] Unknown component %d.\n",
- filename, lineno, component);
- exit(1);
+ if (!inst->entry->module->methods[component]) {
+ radlog(L_ERR|L_CONS,
+ "%s[%d] Module %s does not contain a method for '%s'",
+ filename, lineno, inst->entry->module->name,
+ component_names[component]);
+ exit(1);
}
}
* Hmm... we probably should be getting these from the configuration
* file, too.
*/
-static const char *component_names[RLM_COMPONENT_COUNT] =
+const char *component_names[RLM_COMPONENT_COUNT] =
{
"authenticate",
"authorize",
0, /* type: reserved */
NULL, /* initialization */
unique_instantiate, /* instantiation */
- NULL, /* authorization */
- NULL, /* authentication */
- NULL, /* preaccounting */
- unique_accounting, /* accounting */
- NULL, /* checksimul */
+ {
+ NULL, /* authentication */
+ NULL, /* authorization */
+ NULL, /* preaccounting */
+ unique_accounting, /* accounting */
+ NULL /* checksimul */
+ },
unique_detach, /* detach */
NULL, /* destroy */
};
RLM_TYPE_THREAD_SAFE, /* type */
NULL, /* initialization */
always_instantiate, /* instantiation */
- always_return, /* authorization */
- always_return, /* authentication */
- always_return, /* preaccounting */
- always_return, /* accounting */
- always_checksimul, /* checksimul */
+ {
+ always_return, /* authentication */
+ always_return, /* authorization */
+ always_return, /* preaccounting */
+ always_return, /* accounting */
+ always_checksimul /* checksimul */
+ },
always_detach, /* detach */
NULL, /* destroy */
};
0, /* type: reserved */
NULL, /* initialization */
attr_filter_instantiate, /* instantiation */
- attr_filter_authorize, /* authorization */
- NULL, /* authentication */
- NULL, /* preaccounting */
- NULL, /* accounting */
- NULL, /* checksimul */
+ {
+ NULL, /* authentication */
+ attr_filter_authorize, /* authorization */
+ NULL, /* preaccounting */
+ NULL, /* accounting */
+ NULL /* checksimul */
+ },
attr_filter_detach, /* detach */
NULL /* destroy */
};
0, /* type: reserved */
NULL, /* initialization */
detail_instantiate, /* instantiation */
- NULL, /* authorization */
- NULL, /* authentication */
- NULL, /* preaccounting */
- detail_accounting, /* accounting */
- NULL, /* checksimul */
+ {
+ NULL, /* authentication */
+ NULL, /* authorization */
+ NULL, /* preaccounting */
+ detail_accounting, /* accounting */
+ NULL /* checksimul */
+ },
detail_detach, /* detach */
NULL /* destroy */
};
0, /* type: reserved */
radius_init, /* initialization */
NULL, /* instantiation */
- NULL, /* authorization */
- NULL, /* authentication */
- NULL, /* preaccounting */
- NULL, /* accounting */
- NULL, /* checksimul */
+ {
+ NULL, /* authentication */
+ NULL, /* authorization */
+ NULL, /* preaccounting */
+ NULL, /* accounting */
+ NULL /* checksimul */
+ },
NULL, /* detach */
NULL /* destroy */
};
RLM_TYPE_THREAD_SAFE, /* type */
example_init, /* initialization */
example_instantiate, /* instantiation */
- example_authorize, /* authorization */
- example_authenticate, /* authentication */
- example_preacct, /* preaccounting */
- example_accounting, /* accounting */
- example_checksimul, /* checksimul */
+ {
+ example_authenticate, /* authentication */
+ example_authorize, /* authorization */
+ example_preacct, /* preaccounting */
+ example_accounting, /* accounting */
+ example_checksimul /* checksimul */
+ },
example_detach, /* detach */
NULL, /* destroy */
};
module_t rlm_fastusers = {
"fastusers",
0, /* type: reserved */
- NULL, /* initialization */
+ NULL, /* initialization */
fastuser_instantiate, /* instantiation */
- fastuser_authorize, /* authorization */
- fastuser_authenticate, /* authentication */
- fastuser_preacct, /* preaccounting */
- fastuser_accounting, /* accounting */
- NULL, /* checksimul */
- fastuser_detach, /* detach */
+ {
+ fastuser_authenticate, /* authentication */
+ fastuser_authorize, /* authorization */
+ fastuser_preacct, /* preaccounting */
+ fastuser_accounting, /* accounting */
+ NULL /* checksimul */
+ },
+ fastuser_detach, /* detach */
NULL /* destroy */
};
0, /* type: reserved */
NULL, /* initialization */
file_instantiate, /* instantiation */
- file_authorize, /* authorization */
- NULL, /* authentication */
- file_preacct, /* preaccounting */
- NULL, /* accounting */
- NULL, /* checksimul */
+ {
+ NULL, /* authentication */
+ file_authorize, /* authorization */
+ file_preacct, /* preaccounting */
+ NULL, /* accounting */
+ NULL /* checksimul */
+ },
file_detach, /* detach */
NULL /* destroy */
};
RLM_TYPE_THREAD_UNSAFE, /* type: not thread safe */
NULL, /* initialize */
krb5_instantiate, /* instantiation */
- NULL, /* authorize */
- krb5_auth, /* authenticate */
- NULL, /* pre-accounting */
- NULL, /* accounting */
- NULL, /* checksimul */
+ {
+ krb5_auth, /* authenticate */
+ NULL, /* authorize */
+ NULL, /* pre-accounting */
+ NULL, /* accounting */
+ NULL /* checksimul */
+ },
krb5_detach, /* detach */
NULL, /* destroy */
};
RLM_TYPE_THREAD_UNSAFE, /* type: reserved */
NULL, /* initialization */
ldap_instantiate, /* instantiation */
- ldap_authorize, /* authorization */
- ldap_authenticate, /* authentication */
- NULL, /* preaccounting */
- NULL, /* accounting */
- NULL, /* checksimul */
+ {
+ ldap_authenticate, /* authentication */
+ ldap_authorize, /* authorization */
+ NULL, /* preaccounting */
+ NULL, /* accounting */
+ NULL /* checksimul */
+ },
ldap_detach, /* detach */
NULL, /* destroy */
};
0, /* type */
NULL, /* initialize */
NULL, /* instantiation */
- NULL, /* authorize */
- mschap_auth, /* authenticate */
- NULL, /* pre-accounting */
- NULL, /* accounting */
- NULL, /* checksimul */
+ {
+ mschap_auth, /* authenticate */
+ NULL, /* authorize */
+ NULL, /* pre-accounting */
+ NULL, /* accounting */
+ NULL /* checksimul */
+ },
NULL, /* detach */
NULL, /* destroy */
};
0, /* type: reserved */
NULL, /* initialize */
NULL, /* instantiation */
- NULL, /* authorize */
- module_auth, /* authenticate */
- NULL, /* pre-accounting */
- NULL, /* accounting */
- NULL, /* checksimul */
+ {
+ module_auth, /* authenticate */
+ NULL, /* authorize */
+ NULL, /* pre-accounting */
+ NULL, /* accounting */
+ NULL /* checksimul */
+ },
NULL, /* detach */
NULL, /* destroy */
};
0, /* type: reserved */
NULL, /* initialize */
pam_instantiate, /* instantiation */
- NULL, /* authorize */
- pam_auth, /* authenticate */
- NULL, /* pre-accounting */
- NULL, /* accounting */
- NULL, /* checksimul */
+ {
+ pam_auth, /* authenticate */
+ NULL, /* authorize */
+ NULL, /* pre-accounting */
+ NULL, /* accounting */
+ NULL /* checksimul */
+ },
pam_detach, /* detach */
NULL, /* destroy */
};
0, /* type: reserved */
NULL, /* initialization */
preprocess_instantiate, /* instantiation */
- preprocess_authorize, /* authorization */
- NULL, /* authentication */
- preprocess_preaccounting, /* pre-accounting */
- NULL, /* accounting */
- NULL, /* checksimul */
+ {
+ NULL, /* authentication */
+ preprocess_authorize, /* authorization */
+ preprocess_preaccounting, /* pre-accounting */
+ NULL, /* accounting */
+ NULL /* checksimul */
+ },
preprocess_detach, /* detach */
NULL, /* destroy */
};
0, /* type: reserved */
NULL, /* initialization */
radutmp_instantiate, /* instantiation */
- NULL, /* authorization */
- NULL, /* authentication */
- NULL, /* preaccounting */
- radutmp_accounting, /* accounting */
- radutmp_checksimul, /* checksimul */
+ {
+ NULL, /* authentication */
+ NULL, /* authorization */
+ NULL, /* preaccounting */
+ radutmp_accounting, /* accounting */
+ radutmp_checksimul /* checksimul */
+ },
radutmp_detach, /* detach */
NULL, /* destroy */
};
0, /* type: reserved */
NULL, /* initialization */
realm_instantiate, /* instantiation */
- realm_authorize, /* authorization */
- NULL, /* authentication */
- realm_preacct, /* preaccounting */
- NULL, /* accounting */
- NULL, /* checksimul */
+ {
+ NULL, /* authentication */
+ realm_authorize, /* authorization */
+ realm_preacct, /* preaccounting */
+ NULL, /* accounting */
+ NULL /* checksimul */
+ },
realm_detach, /* detach */
NULL, /* destroy */
};
RLM_TYPE_THREAD_SAFE, /* type: reserved */
rlm_sql_init, /* initialization */
rlm_sql_instantiate, /* instantiation */
- rlm_sql_authorize, /* authorization */
- rlm_sql_authenticate, /* authentication */
- NULL, /* preaccounting */
- rlm_sql_accounting, /* accounting */
- NULL, /* checksimul */
+ {
+ rlm_sql_authenticate, /* authentication */
+ rlm_sql_authorize, /* authorization */
+ NULL, /* preaccounting */
+ rlm_sql_accounting, /* accounting */
+ NULL /* checksimul */
+ },
rlm_sql_detach, /* detach */
rlm_sql_destroy, /* destroy */
};
0, /* type: reserved */
unix_init, /* initialization */
unix_instantiate, /* instantiation */
- NULL, /* authorization */
- unix_authenticate, /* authentication */
- NULL, /* preaccounting */
- unix_accounting, /* accounting */
- NULL, /* checksimul */
+ {
+ unix_authenticate, /* authentication */
+ NULL, /* authorization */
+ NULL, /* preaccounting */
+ unix_accounting, /* accounting */
+ NULL /* checksimul */
+ },
unix_detach, /* detach */
unix_destroy, /* destroy */
};