2 * modules.c Radius module support.
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 2 of the License, or
9 * (at your option) any later version.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
20 * Copyright 2003,2006 The FreeRADIUS server project
21 * Copyright 2000 Alan DeKok <aland@ox.org>
22 * Copyright 2000 Alan Curry <pacman@world.std.com>
25 #include <freeradius-devel/ident.h>
28 #include <freeradius-devel/radiusd.h>
29 #include <freeradius-devel/modpriv.h>
30 #include <freeradius-devel/modcall.h>
31 #include <freeradius-devel/rad_assert.h>
33 extern int check_config;
35 typedef struct indexed_modcallable {
39 modcallable *modulelist;
40 } indexed_modcallable;
43 * For each component, keep an ordered list of ones to call.
45 static rbtree_t *components = NULL;
47 static rbtree_t *module_tree = NULL;
49 static rbtree_t *instance_tree = NULL;
51 typedef struct section_type_value_t {
55 } section_type_value_t;
58 * Ordered by component
60 static const section_type_value_t section_type_value[RLM_COMPONENT_COUNT] = {
61 { "authenticate", "Auth-Type", PW_AUTH_TYPE },
62 { "authorize", "Autz-Type", PW_AUTZ_TYPE },
63 { "preacct", "Pre-Acct-Type", PW_PRE_ACCT_TYPE },
64 { "accounting", "Acct-Type", PW_ACCT_TYPE },
65 { "session", "Session-Type", PW_SESSION_TYPE },
66 { "pre-proxy", "Pre-Proxy-Type", PW_PRE_PROXY_TYPE },
67 { "post-proxy", "Post-Proxy-Type", PW_POST_PROXY_TYPE },
68 { "post-auth", "Post-Auth-Type", PW_POST_AUTH_TYPE },
72 #ifdef WITHOUT_LIBLTDL
73 typedef struct lt_dlmodule_t {
79 * Define modules here.
81 extern module_t rlm_pap;
82 extern module_t rlm_chap;
83 extern module_t rlm_eap;
86 * EAP structures are defined elsewhere.
88 typedef struct eap_type_t EAP_TYPE;
91 * And so on for other EAP types.
93 extern EAP_TYPE rlm_eap_md5;
95 static const lt_dlmodule_t lt_dlmodules[] = {
96 { "rlm_pap", &rlm_pap },
97 { "rlm_chap", &rlm_chap },
98 { "rlm_eap", &rlm_eap },
99 { "rlm_eap_md5", &rlm_eap_md5 },
102 * Add other modules here.
109 lt_dlhandle lt_dlopenext(const char *name)
113 for (i = 0; lt_dlmodules[i].name != NULL; i++) {
114 if (strcmp(name, lt_dlmodules[i].name) == 0) {
115 return lt_dlmodules[i].ref;
122 void *lt_dlsym(lt_dlhandle handle, UNUSED const char *symbol)
126 #endif /* WITHOUT_LIBLTDL */
129 static void indexed_modcallable_free(void *data)
131 indexed_modcallable *c = data;
133 modcallable_free(&c->modulelist);
137 static int indexed_modcallable_cmp(const void *one, const void *two)
140 const indexed_modcallable *a = one;
141 const indexed_modcallable *b = two;
143 if (a->server && !b->server) return -1;
144 if (!a->server && b->server) return +1;
145 if (a->server && b->server) {
146 rcode = strcmp(a->server, b->server);
147 if (rcode != 0) return rcode;
150 if (a->comp < b->comp) return -1;
151 if (a->comp > b->comp) return +1;
153 return a->idx - b->idx;
158 * Compare two module entries
160 static int module_instance_cmp(const void *one, const void *two)
162 const module_instance_t *a = one;
163 const module_instance_t *b = two;
165 return strcmp(a->name, b->name);
170 * Free a module instance.
172 static void module_instance_free(void *data)
174 module_instance_t *this = data;
176 if (this->entry->module->detach) {
179 (this->entry->module->detach)(this->insthandle);
180 for (i = 0; i < 16; i++) {
181 if (this->old_insthandle[i]) {
182 (this->entry->module->detach)(this->old_insthandle[i]);
187 #ifdef HAVE_PTHREAD_H
191 * The mutex MIGHT be locked...
192 * we'll check for that later, I guess.
194 pthread_mutex_destroy(this->mutex);
198 memset(this, 0, sizeof(*this));
204 * Compare two module entries
206 static int module_entry_cmp(const void *one, const void *two)
208 const module_entry_t *a = one;
209 const module_entry_t *b = two;
211 return strcmp(a->name, b->name);
215 * Free a module entry.
217 static void module_entry_free(void *data)
219 module_entry_t *this = data;
221 lt_dlclose(this->handle); /* ignore any errors */
222 memset(this, 0, sizeof(*this));
228 * Remove the module lists.
230 int detach_modules(void)
232 rbtree_free(instance_tree);
233 rbtree_free(components);
234 rbtree_free(module_tree);
243 * Find a module on disk or in memory, and link to it.
245 static module_entry_t *linkto_module(const char *module_name,
248 module_entry_t myentry;
249 module_entry_t *node;
251 char module_struct[256];
253 const module_t *module;
255 strlcpy(myentry.name, module_name, sizeof(myentry.name));
256 node = rbtree_finddata(module_tree, &myentry);
257 if (node) return node;
260 * Keep the handle around so we can dlclose() it.
262 handle = lt_dlopenext(module_name);
263 if (handle == NULL) {
264 cf_log_err(cf_sectiontoitem(cs),
265 "Failed to link to module '%s': %s\n",
266 module_name, lt_dlerror());
271 * Link to the module's rlm_FOO{} module structure.
273 * The module_name variable has the version number
274 * embedded in it, and we don't want that here.
276 strcpy(module_struct, module_name);
277 p = strrchr(module_struct, '-');
280 DEBUG3(" (Loaded %s, checking if it's valid)", module_name);
283 * libltld MAY core here, if the handle it gives us contains
286 module = lt_dlsym(handle, module_struct);
288 cf_log_err(cf_sectiontoitem(cs),
289 "Failed linking to %s structure: %s\n",
290 module_name, lt_dlerror());
295 * Before doing anything else, check if it's sane.
297 if (module->magic != RLM_MODULE_MAGIC_NUMBER) {
299 cf_log_err(cf_sectiontoitem(cs),
300 "Invalid version in module '%s'",
306 /* make room for the module type */
307 node = rad_malloc(sizeof(*node));
308 memset(node, 0, sizeof(*node));
309 strlcpy(node->name, module_name, sizeof(node->name));
310 node->module = module;
311 node->handle = handle;
313 cf_log_module(cs, "Linked to module %s", module_name);
316 * Add the module as "rlm_foo-version" to the configuration
319 if (!rbtree_insert(module_tree, node)) {
320 radlog(L_ERR, "Failed to cache module %s", module_name);
330 * Find a module instance.
332 module_instance_t *find_module_instance(CONF_SECTION *modules,
333 const char *instname)
336 const char *name1, *name2;
337 module_instance_t *node, myNode;
338 char module_name[256];
340 if (!modules) return NULL;
343 * Module instances are declared in the modules{} block
344 * and referenced later by their name, which is the
345 * name2 from the config section, or name1 if there was
348 cs = cf_section_sub_find_name2(modules, NULL, instname);
350 radlog(L_ERR, "ERROR: Cannot find a configuration entry for module \"%s\".\n", instname);
355 * If there's already a module instance, return it.
357 strlcpy(myNode.name, instname, sizeof(myNode.name));
358 node = rbtree_finddata(instance_tree, &myNode);
359 if (node) return node;
361 name1 = cf_section_name1(cs);
362 name2 = cf_section_name2(cs);
365 * Found the configuration entry.
367 node = rad_malloc(sizeof(*node));
368 memset(node, 0, sizeof(*node));
370 node->insthandle = NULL;
373 * Names in the "modules" section aren't prefixed
374 * with "rlm_", so we add it here.
376 snprintf(module_name, sizeof(module_name), "rlm_%s", name1);
378 node->entry = linkto_module(module_name, cs);
381 /* linkto_module logs any errors */
385 if (check_config && (node->entry->module->instantiate) &&
386 (node->entry->module->type & RLM_TYPE_CHECK_CONFIG_SAFE) == 0) {
387 cf_log_module(cs, "Skipping instantiation of %s", instname);
389 cf_log_module(cs, "Instantiating %s", instname);
393 * Call the module's instantiation routine.
395 if ((node->entry->module->instantiate) &&
397 ((node->entry->module->type & RLM_TYPE_CHECK_CONFIG_SAFE) != 0)) &&
398 ((node->entry->module->instantiate)(cs, &node->insthandle) < 0)) {
399 cf_log_err(cf_sectiontoitem(cs),
400 "Instantiation failed for module \"%s\"",
407 * We're done. Fill in the rest of the data structure,
408 * and link it to the module instance list.
410 strlcpy(node->name, instname, sizeof(node->name));
412 #ifdef HAVE_PTHREAD_H
414 * If we're threaded, check if the module is thread-safe.
416 * If it isn't, we create a mutex.
418 if ((node->entry->module->type & RLM_TYPE_THREAD_UNSAFE) != 0) {
419 node->mutex = (pthread_mutex_t *) rad_malloc(sizeof(pthread_mutex_t));
421 * Initialize the mutex.
423 pthread_mutex_init(node->mutex, NULL);
426 * The module is thread-safe. Don't give it a mutex.
432 rbtree_insert(instance_tree, node);
437 static indexed_modcallable *lookup_by_index(const char *server, int comp,
440 indexed_modcallable myc;
446 return rbtree_finddata(components, &myc);
450 * Create a new sublist.
452 static indexed_modcallable *new_sublist(const char *server, int comp, int idx)
454 indexed_modcallable *c;
456 c = lookup_by_index(server, comp, idx);
458 /* It is an error to try to create a sublist that already
459 * exists. It would almost certainly be caused by accidental
460 * duplication in the config file.
462 * index 0 is the exception, because it is used when we want
463 * to collect _all_ listed modules under a single index by
464 * default, which is currently the case in all components
465 * except authenticate. */
473 c = rad_malloc(sizeof(*c));
474 c->modulelist = NULL;
479 if (!rbtree_insert(components, c)) {
487 int indexed_modcall(int comp, int idx, REQUEST *request)
490 indexed_modcallable *this;
491 modcallable *list = NULL;
493 this = lookup_by_index(request->server, comp, idx);
495 if (idx != 0) DEBUG2(" WARNING: Unknown value specified for %s. Cannot perform requested action.",
496 section_type_value[comp].typename);
498 list = this->modulelist;
501 request->component = section_type_value[comp].section;
503 rcode = modcall(comp, list, request);
505 request->module = "";
506 request->component = "";
511 * Load a sub-module list, as found inside an Auth-Type foo {}
514 static int load_subcomponent_section(modcallable *parent, CONF_SECTION *cs,
515 const char *server, int attr, int comp)
517 indexed_modcallable *subcomp;
520 const char *name2 = cf_section_name2(cs);
522 rad_assert(comp >= RLM_COMPONENT_AUTH);
523 rad_assert(comp <= RLM_COMPONENT_COUNT);
529 cf_log_err(cf_sectiontoitem(cs),
530 "No name specified for %s block",
531 section_type_value[comp].typename);
538 ml = compile_modgroup(parent, comp, cs);
544 * We must assign a numeric index to this subcomponent.
545 * It is generated and placed in the dictionary
546 * automatically. If it isn't found, it's a serious
549 dval = dict_valbyname(attr, name2);
551 cf_log_err(cf_sectiontoitem(cs),
552 "%s %s Not previously configured",
553 section_type_value[comp].typename, name2);
554 modcallable_free(&ml);
558 subcomp = new_sublist(server, comp, dval->value);
560 modcallable_free(&ml);
564 subcomp->modulelist = ml;
568 static int define_type(const DICT_ATTR *dattr, const char *name)
574 * If the value already exists, don't
577 dval = dict_valbyname(dattr->attr, name);
581 * Create a new unique value with a
582 * meaningless number. You can't look at
583 * it from outside of this code, so it
584 * doesn't matter. The only requirement
585 * is that it's unique.
588 value = fr_rand() & 0x00ffffff;
589 } while (dict_valbyattr(dattr->attr, value));
591 if (dict_addvalue(name, dattr->name, value) < 0) {
592 radlog(L_ERR, "%s", fr_strerror());
599 static int load_component_section(CONF_SECTION *cs,
600 const char *server, int comp)
605 indexed_modcallable *subcomp;
607 const char *visiblename;
608 const DICT_ATTR *dattr;
611 * Find the attribute used to store VALUEs for this section.
613 dattr = dict_attrbyvalue(section_type_value[comp].attr);
615 cf_log_err(cf_sectiontoitem(cs),
616 "No such attribute %s",
617 section_type_value[comp].typename);
622 * Loop over the entries in the named section, loading
623 * the sections this time.
625 for (modref = cf_item_find_next(cs, NULL);
627 modref = cf_item_find_next(cs, modref)) {
629 CONF_PAIR *cp = NULL;
630 CONF_SECTION *scs = NULL;
632 if (cf_item_is_section(modref)) {
633 scs = cf_itemtosection(modref);
635 name1 = cf_section_name1(scs);
638 section_type_value[comp].typename) == 0) {
639 if (!load_subcomponent_section(NULL, scs,
643 return -1; /* FIXME: memleak? */
650 } else if (cf_item_is_pair(modref)) {
651 cp = cf_itemtopair(modref);
654 continue; /* ignore it */
658 * Try to compile one entry.
660 this = compile_modsingle(NULL, comp, modref, &modname);
662 cf_log_err(cf_sectiontoitem(cs),
663 "Errors parsing %s section.\n",
664 cf_section_name1(cs));
669 * Look for Auth-Type foo {}, which are special
670 * cases of named sections, and allowable ONLY
673 * i.e. They're not allowed in a "group" or "redundant"
676 if (comp == RLM_COMPONENT_AUTH) {
678 const char *modrefname = NULL;
680 modrefname = cf_pair_attr(cp);
682 modrefname = cf_section_name2(scs);
684 modcallable_free(&this);
685 cf_log_err(cf_sectiontoitem(cs),
686 "Errors parsing %s sub-section.\n",
687 cf_section_name1(scs));
692 dval = dict_valbyname(PW_AUTH_TYPE, modrefname);
695 * It's a section, but nothing we
698 modcallable_free(&this);
699 cf_log_err(cf_sectiontoitem(cs),
700 "Unknown Auth-Type \"%s\" in %s sub-section.",
701 modrefname, section_type_value[comp].section);
706 /* See the comment in new_sublist() for explanation
707 * of the special index 0 */
711 subcomp = new_sublist(server, comp, idx);
712 if (subcomp == NULL) {
713 modcallable_free(&this);
717 /* If subcomp->modulelist is NULL, add_to_modcallable will
719 visiblename = cf_section_name2(cs);
720 if (visiblename == NULL)
721 visiblename = cf_section_name1(cs);
722 add_to_modcallable(&subcomp->modulelist, this,
729 static int load_byserver(CONF_SECTION *cs)
732 const char *server = cf_section_name2(cs);
734 cf_log_info(cs, " modules {");
737 * Define types first.
739 for (comp = 0; comp < RLM_COMPONENT_COUNT; ++comp) {
744 subcs = cf_section_sub_find(cs,
745 section_type_value[comp].section);
746 if (!subcs) continue;
748 if (cf_item_find_next(subcs, NULL) == NULL) continue;
751 * Find the attribute used to store VALUEs for this section.
753 dattr = dict_attrbyvalue(section_type_value[comp].attr);
755 cf_log_err(cf_sectiontoitem(subcs),
756 "No such attribute %s",
757 section_type_value[comp].typename);
758 cf_log_info(cs, " }");
763 * Define dynamic types, so that others can reference
766 for (modref = cf_item_find_next(subcs, NULL);
768 modref = cf_item_find_next(subcs, modref)) {
770 CONF_SECTION *subsubcs;
773 * Create types for simple references
774 * only when parsing the authenticate
777 if ((section_type_value[comp].attr == PW_AUTH_TYPE) &&
778 cf_item_is_pair(modref)) {
779 CONF_PAIR *cp = cf_itemtopair(modref);
780 if (!define_type(dattr, cf_pair_attr(cp))) {
787 if (!cf_item_is_section(modref)) continue;
789 subsubcs = cf_itemtosection(modref);
790 name1 = cf_section_name1(subsubcs);
792 if (strcmp(name1, section_type_value[comp].typename) == 0) {
793 if (!define_type(dattr,
794 cf_section_name2(subsubcs))) {
795 cf_log_info(cs, " }");
800 } /* loop over components */
803 * Loop over all of the known components, finding their
804 * configuration section, and loading it.
807 for (comp = 0; comp < RLM_COMPONENT_COUNT; ++comp) {
810 subcs = cf_section_sub_find(cs,
811 section_type_value[comp].section);
812 if (!subcs) continue;
814 if (cf_item_find_next(subcs, NULL) == NULL) continue;
816 cf_log_module(cs, "Checking %s {...} for more modules to load",
817 section_type_value[comp].section);
819 if (load_component_section(subcs, server, comp) < 0) {
820 cf_log_info(cs, " }");
824 } /* loop over components */
827 * We haven't loaded any of the normal sections. Maybe we're
828 * supposed to load the vmps section.
830 * This is a bit of a hack...
835 subcs = cf_section_sub_find(cs, "vmps");
837 cf_log_module(cs, "Checking vmps {...} for more modules to load");
838 if (load_component_section(subcs, server,
839 RLM_COMPONENT_POST_AUTH) < 0) {
847 const DICT_ATTR *dattr;
849 dattr = dict_attrbyname("DHCP-Message-Type");
851 radlog(L_ERR, "No DHCP-Message-Type attribute");
856 * Handle each DHCP Message type separately.
858 for (subcs = cf_subsection_find_next(cs, NULL,
861 subcs = cf_subsection_find_next(cs, subcs,
863 const char *name2 = cf_section_name2(subcs);
865 DEBUG2(" Module: Checking dhcp %s {...} for more modules to load", name2);
866 if (!load_subcomponent_section(NULL, subcs,
869 RLM_COMPONENT_POST_AUTH)) {
870 return -1; /* FIXME: memleak? */
878 cf_log_info(cs, " }");
880 if (!flag && server) {
881 DEBUG("WARNING: Server %s is empty, and will do nothing!",
889 int module_hup(CONF_SECTION *modules)
894 module_instance_t *node;
896 static int insthandle_counter = -1;
897 static time_t hup_times[16];
899 if (!modules) return 0;
901 if (insthandle_counter < 0) {
902 memset(hup_times, 0, sizeof(hup_times));
903 insthandle_counter = 0;
909 * Loop over the modules
911 for (ci=cf_item_find_next(modules, NULL);
913 ci=cf_item_find_next(modules, ci)) {
915 void *insthandle = NULL;
916 const char *instname;
917 module_instance_t myNode;
920 * If it's not a section, ignore it.
922 if (!cf_item_is_section(ci)) continue;
924 cs = cf_itemtosection(ci);
925 instname = cf_section_name2(cs);
926 if (!instname) instname = cf_section_name1(cs);
928 strlcpy(myNode.name, instname, sizeof(myNode.name));
929 node = rbtree_finddata(instance_tree, &myNode);
931 !node->entry->module->instantiate ||
932 ((node->entry->module->type & RLM_TYPE_HUP_SAFE) == 0)) {
936 cf_log_module(cs, "Trying to reload module \"%s\"", node->name);
938 if ((node->entry->module->instantiate)(cs, &insthandle) < 0) {
939 cf_log_err(cf_sectiontoitem(cs),
940 "HUP failed for module \"%s\". Using old configuration.",
945 radlog(L_INFO, " Module: Reloaded module \"%s\"", node->name);
948 * Free all configurations old enough to be
949 * deleted. This is slightly wasteful, but easy
952 * We permit HUPs every 5s, and we cache the last
953 * 16 configurations. So the current entry at
954 * insthandle_counter will either be empty, OR will
955 * be at least (5*16) = 80s old. The following check
956 * ensures that it will be deleted.
958 for (i = 0; i < 16; i++) {
959 if ((int) (when - hup_times[insthandle_counter]) < 60)
962 if (!node->old_insthandle[i]) continue;
964 cf_section_parse_free(cs, node->old_insthandle[i]);
966 if (node->entry->module->detach) {
967 (node->entry->module->detach)(node->old_insthandle[i]);
969 node->old_insthandle[i] = NULL;
973 * Save the old instance handle for later deletion.
975 node->old_insthandle[insthandle_counter] = node->insthandle;
976 node->insthandle = insthandle;
979 * FIXME: Set a timeout to come back in 60s, so that
980 * we can pro-actively clean up the old instances.
985 * Remember when we were last HUP'd.
987 hup_times[insthandle_counter] = when;
988 insthandle_counter++;
989 insthandle_counter &= 0x0f;
996 * Parse the module config sections, and load
997 * and call each module's init() function.
999 * Libtool makes your life a LOT easier, especially with libltdl.
1000 * see: http://www.gnu.org/software/libtool/
1002 int setup_modules(int reload, CONF_SECTION *config)
1004 CONF_SECTION *cs, *modules;
1005 rad_listen_t *listener;
1006 int null_server = FALSE;
1008 if (reload) return 0;
1011 * If necessary, initialize libltdl.
1015 * Set the default list of preloaded symbols.
1016 * This is used to initialize libltdl's list of
1017 * preloaded modules.
1019 * i.e. Static modules.
1021 LTDL_SET_PRELOADED_SYMBOLS();
1023 if (lt_dlinit() != 0) {
1024 radlog(L_ERR, "Failed to initialize libraries: %s\n",
1030 * Set the search path to ONLY our library directory.
1031 * This prevents the modules from being found from
1032 * any location on the disk.
1034 lt_dlsetsearchpath(radlib_dir);
1037 * Set up the internal module struct.
1039 module_tree = rbtree_create(module_entry_cmp,
1040 module_entry_free, 0);
1042 radlog(L_ERR, "Failed to initialize modules\n");
1046 instance_tree = rbtree_create(module_instance_cmp,
1047 module_instance_free, 0);
1048 if (!instance_tree) {
1049 radlog(L_ERR, "Failed to initialize modules\n");
1054 components = rbtree_create(indexed_modcallable_cmp,
1055 indexed_modcallable_free, 0);
1057 radlog(L_ERR, "Failed to initialize components\n");
1062 * Remember where the modules were stored.
1064 modules = cf_section_sub_find(config, "modules");
1066 radlog(L_ERR, "Cannot find a \"modules\" section in the configuration file!");
1070 DEBUG2("%s: #### Instantiating modules ####", mainconfig.name);
1073 * Look for the 'instantiate' section, which tells us
1074 * the instantiation order of the modules, and also allows
1075 * us to load modules with no authorize/authenticate/etc.
1078 cs = cf_section_sub_find(config, "instantiate");
1082 module_instance_t *module;
1085 cf_log_info(cs, " instantiate {");
1088 * Loop over the items in the 'instantiate' section.
1090 for (ci=cf_item_find_next(cs, NULL);
1092 ci=cf_item_find_next(cs, ci)) {
1095 * Skip sections and "other" stuff.
1096 * Sections will be handled later, if
1097 * they're referenced at all...
1099 if (!cf_item_is_pair(ci)) {
1103 cp = cf_itemtopair(ci);
1104 name = cf_pair_attr(cp);
1105 module = find_module_instance(modules, name);
1109 } /* loop over items in the subsection */
1111 cf_log_info(cs, " }");
1112 } /* if there's an 'instantiate' section. */
1115 * Loop over the listeners, figuring out which sections
1118 for (listener = mainconfig.listen;
1120 listener = listener->next) {
1123 if (listener->type == RAD_LISTEN_PROXY) continue;
1125 cs = cf_section_sub_find_name2(config,
1126 "server", listener->server);
1127 if (!cs && (listener->server != NULL)) {
1128 listener->print(listener, buffer, sizeof(buffer));
1130 radlog(L_ERR, "No server has been defined for %s", buffer);
1135 DEBUG2("%s: #### Loading Virtual Servers ####", mainconfig.name);
1138 * Load all of the virtual servers.
1140 for (cs = cf_subsection_find_next(config, NULL, "server");
1142 cs = cf_subsection_find_next(config, cs, "server")) {
1143 const char *name2 = cf_section_name2(cs);
1146 cf_log_info(cs, "server %s {", name2);
1148 cf_log_info(cs, "server {");
1151 if (load_byserver(cs) < 0) {
1152 cf_log_info(cs, "}");
1155 cf_log_info(cs, "}");
1159 * No empty server defined. Try to load an old-style
1160 * one for backwards compatibility.
1163 cf_log_info(cs, "server {");
1164 if (load_byserver(config) < 0) {
1165 cf_log_info(cs, "}");
1168 cf_log_info(cs, "}");
1175 * Call all authorization modules until one returns
1176 * somethings else than RLM_MODULE_OK
1178 int module_authorize(int autz_type, REQUEST *request)
1180 return indexed_modcall(RLM_COMPONENT_AUTZ, autz_type, request);
1184 * Authenticate a user/password with various methods.
1186 int module_authenticate(int auth_type, REQUEST *request)
1188 return indexed_modcall(RLM_COMPONENT_AUTH, auth_type, request);
1191 #ifdef WITH_ACCOUNTING
1193 * Do pre-accounting for ALL configured sessions
1195 int module_preacct(REQUEST *request)
1197 return indexed_modcall(RLM_COMPONENT_PREACCT, 0, request);
1201 * Do accounting for ALL configured sessions
1203 int module_accounting(int acct_type, REQUEST *request)
1205 return indexed_modcall(RLM_COMPONENT_ACCT, acct_type, request);
1209 #ifdef WITH_SESSION_MGMT
1211 * See if a user is already logged in.
1213 * Returns: 0 == OK, 1 == double logins, 2 == multilink attempt
1215 int module_checksimul(int sess_type, REQUEST *request, int maxsimul)
1219 if(!request->username)
1222 request->simul_count = 0;
1223 request->simul_max = maxsimul;
1224 request->simul_mpp = 1;
1226 rcode = indexed_modcall(RLM_COMPONENT_SESS, sess_type, request);
1228 if (rcode != RLM_MODULE_OK) {
1229 /* FIXME: Good spot for a *rate-limited* warning to the log */
1233 return (request->simul_count < maxsimul) ? 0 : request->simul_mpp;
1239 * Do pre-proxying for ALL configured sessions
1241 int module_pre_proxy(int type, REQUEST *request)
1243 return indexed_modcall(RLM_COMPONENT_PRE_PROXY, type, request);
1247 * Do post-proxying for ALL configured sessions
1249 int module_post_proxy(int type, REQUEST *request)
1251 return indexed_modcall(RLM_COMPONENT_POST_PROXY, type, request);
1256 * Do post-authentication for ALL configured sessions
1258 int module_post_auth(int postauth_type, REQUEST *request)
1260 return indexed_modcall(RLM_COMPONENT_POST_AUTH, postauth_type, request);