2 * modules.c Radius module support.
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 2 of the License, or
9 * (at your option) any later version.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
20 * Copyright 2003,2006 The FreeRADIUS server project
21 * Copyright 2000 Alan DeKok <aland@ox.org>
22 * Copyright 2000 Alan Curry <pacman@world.std.com>
25 #include <freeradius-devel/ident.h>
28 #include <freeradius-devel/radiusd.h>
29 #include <freeradius-devel/modpriv.h>
30 #include <freeradius-devel/modcall.h>
31 #include <freeradius-devel/rad_assert.h>
33 extern int check_config;
35 typedef struct indexed_modcallable {
38 modcallable *modulelist;
39 } indexed_modcallable;
41 typedef struct virtual_server_t {
47 modcallable *mc[RLM_COMPONENT_COUNT];
48 CONF_SECTION *subcs[RLM_COMPONENT_COUNT];
49 struct virtual_server_t *next;
53 * Keep a hash of virtual servers, so that we can reload them.
55 #define VIRTUAL_SERVER_HASH_SIZE (256)
56 static virtual_server_t *virtual_servers[VIRTUAL_SERVER_HASH_SIZE];
58 static rbtree_t *module_tree = NULL;
60 static rbtree_t *instance_tree = NULL;
62 struct fr_module_hup_t {
63 module_instance_t *mi;
66 fr_module_hup_t *next;
70 typedef struct section_type_value_t {
74 } section_type_value_t;
77 * Ordered by component
79 static const section_type_value_t section_type_value[RLM_COMPONENT_COUNT] = {
80 { "authenticate", "Auth-Type", PW_AUTH_TYPE },
81 { "authorize", "Autz-Type", PW_AUTZ_TYPE },
82 { "preacct", "Pre-Acct-Type", PW_PRE_ACCT_TYPE },
83 { "accounting", "Acct-Type", PW_ACCT_TYPE },
84 { "session", "Session-Type", PW_SESSION_TYPE },
85 { "pre-proxy", "Pre-Proxy-Type", PW_PRE_PROXY_TYPE },
86 { "post-proxy", "Post-Proxy-Type", PW_POST_PROXY_TYPE },
87 { "post-auth", "Post-Auth-Type", PW_POST_AUTH_TYPE },
91 #ifdef WITHOUT_LIBLTDL
92 typedef struct lt_dlmodule_t {
98 * Define modules here.
100 extern module_t rlm_pap;
101 extern module_t rlm_chap;
102 extern module_t rlm_eap;
105 * EAP structures are defined elsewhere.
107 typedef struct eap_type_t EAP_TYPE;
110 * And so on for other EAP types.
112 extern EAP_TYPE rlm_eap_md5;
114 static const lt_dlmodule_t lt_dlmodules[] = {
115 { "rlm_pap", &rlm_pap },
116 { "rlm_chap", &rlm_chap },
117 { "rlm_eap", &rlm_eap },
118 { "rlm_eap_md5", &rlm_eap_md5 },
121 * Add other modules here.
128 lt_dlhandle lt_dlopenext(const char *name)
132 for (i = 0; lt_dlmodules[i].name != NULL; i++) {
133 if (strcmp(name, lt_dlmodules[i].name) == 0) {
134 return lt_dlmodules[i].ref;
141 void *lt_dlsym(lt_dlhandle handle, UNUSED const char *symbol)
145 #endif /* WITHOUT_LIBLTDL */
147 static int virtual_server_idx(const char *name)
153 hash = fr_hash_string(name);
155 return hash & (VIRTUAL_SERVER_HASH_SIZE - 1);
158 static void virtual_server_free(virtual_server_t *server)
162 if (server->components) rbtree_free(server->components);
163 server->components = NULL;
168 void virtual_servers_free(time_t when)
171 virtual_server_t **last;
173 for (i = 0; i < VIRTUAL_SERVER_HASH_SIZE; i++) {
174 virtual_server_t *server, *next;
176 last = &virtual_servers[i];
177 for (server = virtual_servers[i];
183 * If we delete it, fix the links so that
184 * we don't orphan anything. Also,
185 * delete it if it's old, AND a newer one
188 * Otherwise, the last pointer gets set to
189 * the one we didn't delete.
192 ((server->created < when) && server->can_free)) {
193 *last = server->next;
194 virtual_server_free(server);
196 last = &(server->next);
202 static void indexed_modcallable_free(void *data)
204 indexed_modcallable *c = data;
206 modcallable_free(&c->modulelist);
210 static int indexed_modcallable_cmp(const void *one, const void *two)
212 const indexed_modcallable *a = one;
213 const indexed_modcallable *b = two;
215 if (a->comp < b->comp) return -1;
216 if (a->comp > b->comp) return +1;
218 return a->idx - b->idx;
223 * Compare two module entries
225 static int module_instance_cmp(const void *one, const void *two)
227 const module_instance_t *a = one;
228 const module_instance_t *b = two;
230 return strcmp(a->name, b->name);
234 static void module_instance_free_old(CONF_SECTION *cs, module_instance_t *node,
237 fr_module_hup_t *mh, **last;
240 * Walk the list, freeing up old instances.
247 * Free only every 60 seconds.
249 if ((when - mh->when) < 60) {
254 cf_section_parse_free(cs, mh->insthandle);
256 if (node->entry->module->detach) {
257 (node->entry->module->detach)(mh->insthandle);
259 free(mh->insthandle);
269 * Free a module instance.
271 static void module_instance_free(void *data)
273 module_instance_t *this = data;
275 module_instance_free_old(this->cs, this, time(NULL) + 100);
277 if (this->entry->module->detach) {
278 (this->entry->module->detach)(this->insthandle);
281 #ifdef HAVE_PTHREAD_H
285 * The mutex MIGHT be locked...
286 * we'll check for that later, I guess.
288 pthread_mutex_destroy(this->mutex);
292 memset(this, 0, sizeof(*this));
298 * Compare two module entries
300 static int module_entry_cmp(const void *one, const void *two)
302 const module_entry_t *a = one;
303 const module_entry_t *b = two;
305 return strcmp(a->name, b->name);
309 * Free a module entry.
311 static void module_entry_free(void *data)
313 module_entry_t *this = data;
315 lt_dlclose(this->handle); /* ignore any errors */
316 memset(this, 0, sizeof(*this));
322 * Remove the module lists.
324 int detach_modules(void)
326 rbtree_free(instance_tree);
327 rbtree_free(module_tree);
336 * Find a module on disk or in memory, and link to it.
338 static module_entry_t *linkto_module(const char *module_name,
341 module_entry_t myentry;
342 module_entry_t *node;
344 char module_struct[256];
346 const module_t *module;
348 strlcpy(myentry.name, module_name, sizeof(myentry.name));
349 node = rbtree_finddata(module_tree, &myentry);
350 if (node) return node;
353 * Keep the handle around so we can dlclose() it.
355 handle = lt_dlopenext(module_name);
356 if (handle == NULL) {
357 cf_log_err(cf_sectiontoitem(cs),
358 "Failed to link to module '%s': %s\n",
359 module_name, lt_dlerror());
364 * Link to the module's rlm_FOO{} module structure.
366 * The module_name variable has the version number
367 * embedded in it, and we don't want that here.
369 strcpy(module_struct, module_name);
370 p = strrchr(module_struct, '-');
373 DEBUG3(" (Loaded %s, checking if it's valid)", module_name);
376 * libltld MAY core here, if the handle it gives us contains
379 module = lt_dlsym(handle, module_struct);
381 cf_log_err(cf_sectiontoitem(cs),
382 "Failed linking to %s structure: %s\n",
383 module_name, lt_dlerror());
388 * Before doing anything else, check if it's sane.
390 if (module->magic != RLM_MODULE_MAGIC_NUMBER) {
392 cf_log_err(cf_sectiontoitem(cs),
393 "Invalid version in module '%s'",
399 /* make room for the module type */
400 node = rad_malloc(sizeof(*node));
401 memset(node, 0, sizeof(*node));
402 strlcpy(node->name, module_name, sizeof(node->name));
403 node->module = module;
404 node->handle = handle;
406 cf_log_module(cs, "Linked to module %s", module_name);
409 * Add the module as "rlm_foo-version" to the configuration
412 if (!rbtree_insert(module_tree, node)) {
413 radlog(L_ERR, "Failed to cache module %s", module_name);
423 * Find a module instance.
425 module_instance_t *find_module_instance(CONF_SECTION *modules,
426 const char *instname, int do_link)
428 int check_config_safe = FALSE;
430 const char *name1, *name2;
431 module_instance_t *node, myNode;
432 char module_name[256];
434 if (!modules) return NULL;
437 * Module instances are declared in the modules{} block
438 * and referenced later by their name, which is the
439 * name2 from the config section, or name1 if there was
442 cs = cf_section_sub_find_name2(modules, NULL, instname);
444 radlog(L_ERR, "ERROR: Cannot find a configuration entry for module \"%s\".\n", instname);
449 * If there's already a module instance, return it.
451 strlcpy(myNode.name, instname, sizeof(myNode.name));
452 node = rbtree_finddata(instance_tree, &myNode);
453 if (node) return node;
455 if (!do_link) return NULL;
457 name1 = cf_section_name1(cs);
460 * Found the configuration entry.
462 node = rad_malloc(sizeof(*node));
463 memset(node, 0, sizeof(*node));
465 node->insthandle = NULL;
469 * Names in the "modules" section aren't prefixed
470 * with "rlm_", so we add it here.
472 snprintf(module_name, sizeof(module_name), "rlm_%s", name1);
474 node->entry = linkto_module(module_name, cs);
477 /* linkto_module logs any errors */
481 if (check_config && (node->entry->module->instantiate) &&
482 (node->entry->module->type & RLM_TYPE_CHECK_CONFIG_SAFE) == 0) {
483 const char *value = NULL;
486 cp = cf_pair_find(cs, "force_check_config");
487 if (cp) value = cf_pair_value(cp);
489 if (value && (strcmp(value, "yes") == 0)) goto print_inst;
491 cf_log_module(cs, "Skipping instantiation of %s", instname);
494 check_config_safe = TRUE;
495 cf_log_module(cs, "Instantiating %s", instname);
499 * Call the module's instantiation routine.
501 if ((node->entry->module->instantiate) &&
502 (!check_config || check_config_safe) &&
503 ((node->entry->module->instantiate)(cs, &node->insthandle) < 0)) {
504 cf_log_err(cf_sectiontoitem(cs),
505 "Instantiation failed for module \"%s\"",
512 * We're done. Fill in the rest of the data structure,
513 * and link it to the module instance list.
515 strlcpy(node->name, instname, sizeof(node->name));
517 #ifdef HAVE_PTHREAD_H
519 * If we're threaded, check if the module is thread-safe.
521 * If it isn't, we create a mutex.
523 if ((node->entry->module->type & RLM_TYPE_THREAD_UNSAFE) != 0) {
524 node->mutex = (pthread_mutex_t *) rad_malloc(sizeof(pthread_mutex_t));
526 * Initialize the mutex.
528 pthread_mutex_init(node->mutex, NULL);
531 * The module is thread-safe. Don't give it a mutex.
537 rbtree_insert(instance_tree, node);
542 static indexed_modcallable *lookup_by_index(rbtree_t *components,
545 indexed_modcallable myc;
550 return rbtree_finddata(components, &myc);
554 * Create a new sublist.
556 static indexed_modcallable *new_sublist(rbtree_t *components, int comp, int idx)
558 indexed_modcallable *c;
560 c = lookup_by_index(components, comp, idx);
562 /* It is an error to try to create a sublist that already
563 * exists. It would almost certainly be caused by accidental
564 * duplication in the config file.
566 * index 0 is the exception, because it is used when we want
567 * to collect _all_ listed modules under a single index by
568 * default, which is currently the case in all components
569 * except authenticate. */
577 c = rad_malloc(sizeof(*c));
578 c->modulelist = NULL;
582 if (!rbtree_insert(components, c)) {
590 int indexed_modcall(int comp, int idx, REQUEST *request)
593 modcallable *list = NULL;
594 virtual_server_t *server;
597 * Hack to find the correct virtual server.
599 rcode = virtual_server_idx(request->server);
600 for (server = virtual_servers[rcode];
602 server = server->next) {
603 if (!request->server && !server->name) break;
605 if ((request->server && server->name) &&
606 (strcmp(request->server, server->name) == 0)) break;
610 RDEBUG("No such virtual server %s", request->server);
611 return RLM_MODULE_FAIL;
615 list = server->mc[comp];
618 indexed_modcallable *this;
620 this = lookup_by_index(server->components, comp, idx);
622 list = this->modulelist;
624 RDEBUG2(" WARNING: Unknown value specified for %s. Cannot perform requested action.",
625 section_type_value[comp].typename);
629 request->component = section_type_value[comp].section;
631 rcode = modcall(comp, list, request);
633 request->module = "";
634 request->component = "";
639 * Load a sub-module list, as found inside an Auth-Type foo {}
642 static int load_subcomponent_section(modcallable *parent, CONF_SECTION *cs,
643 rbtree_t *components, int attr, int comp)
645 indexed_modcallable *subcomp;
648 const char *name2 = cf_section_name2(cs);
650 rad_assert(comp >= RLM_COMPONENT_AUTH);
651 rad_assert(comp < RLM_COMPONENT_COUNT);
657 cf_log_err(cf_sectiontoitem(cs),
658 "No name specified for %s block",
659 section_type_value[comp].typename);
666 ml = compile_modgroup(parent, comp, cs);
672 * We must assign a numeric index to this subcomponent.
673 * It is generated and placed in the dictionary
674 * automatically. If it isn't found, it's a serious
677 dval = dict_valbyname(attr, name2);
679 cf_log_err(cf_sectiontoitem(cs),
680 "%s %s Not previously configured",
681 section_type_value[comp].typename, name2);
682 modcallable_free(&ml);
686 subcomp = new_sublist(components, comp, dval->value);
688 modcallable_free(&ml);
692 subcomp->modulelist = ml;
696 static int define_type(const DICT_ATTR *dattr, const char *name)
702 * If the value already exists, don't
705 dval = dict_valbyname(dattr->attr, name);
709 * Create a new unique value with a
710 * meaningless number. You can't look at
711 * it from outside of this code, so it
712 * doesn't matter. The only requirement
713 * is that it's unique.
716 value = fr_rand() & 0x00ffffff;
717 } while (dict_valbyattr(dattr->attr, value));
719 if (dict_addvalue(name, dattr->name, value) < 0) {
720 radlog(L_ERR, "%s", fr_strerror());
727 static int load_component_section(CONF_SECTION *cs,
728 rbtree_t *components, int comp)
733 indexed_modcallable *subcomp;
735 const char *visiblename;
736 const DICT_ATTR *dattr;
739 * Find the attribute used to store VALUEs for this section.
741 dattr = dict_attrbyvalue(section_type_value[comp].attr);
743 cf_log_err(cf_sectiontoitem(cs),
744 "No such attribute %s",
745 section_type_value[comp].typename);
750 * Loop over the entries in the named section, loading
751 * the sections this time.
753 for (modref = cf_item_find_next(cs, NULL);
755 modref = cf_item_find_next(cs, modref)) {
757 CONF_PAIR *cp = NULL;
758 CONF_SECTION *scs = NULL;
760 if (cf_item_is_section(modref)) {
761 scs = cf_itemtosection(modref);
763 name1 = cf_section_name1(scs);
766 section_type_value[comp].typename) == 0) {
767 if (!load_subcomponent_section(NULL, scs,
771 return -1; /* FIXME: memleak? */
778 } else if (cf_item_is_pair(modref)) {
779 cp = cf_itemtopair(modref);
782 continue; /* ignore it */
786 * Try to compile one entry.
788 this = compile_modsingle(NULL, comp, modref, &modname);
790 cf_log_err(cf_sectiontoitem(cs),
791 "Errors parsing %s section.\n",
792 cf_section_name1(cs));
797 * Look for Auth-Type foo {}, which are special
798 * cases of named sections, and allowable ONLY
801 * i.e. They're not allowed in a "group" or "redundant"
804 if (comp == RLM_COMPONENT_AUTH) {
806 const char *modrefname = NULL;
808 modrefname = cf_pair_attr(cp);
810 modrefname = cf_section_name2(scs);
812 modcallable_free(&this);
813 cf_log_err(cf_sectiontoitem(cs),
814 "Errors parsing %s sub-section.\n",
815 cf_section_name1(scs));
820 dval = dict_valbyname(PW_AUTH_TYPE, modrefname);
823 * It's a section, but nothing we
826 modcallable_free(&this);
827 cf_log_err(cf_sectiontoitem(cs),
828 "Unknown Auth-Type \"%s\" in %s sub-section.",
829 modrefname, section_type_value[comp].section);
834 /* See the comment in new_sublist() for explanation
835 * of the special index 0 */
839 subcomp = new_sublist(components, comp, idx);
840 if (subcomp == NULL) {
841 modcallable_free(&this);
845 /* If subcomp->modulelist is NULL, add_to_modcallable will
847 visiblename = cf_section_name2(cs);
848 if (visiblename == NULL)
849 visiblename = cf_section_name1(cs);
850 add_to_modcallable(&subcomp->modulelist, this,
857 static int load_byserver(CONF_SECTION *cs)
860 const char *name = cf_section_name2(cs);
861 rbtree_t *components;
862 virtual_server_t *server = NULL;
865 cf_log_info(cs, "server %s {", name);
867 cf_log_info(cs, "server {");
870 cf_log_info(cs, " modules {");
872 components = rbtree_create(indexed_modcallable_cmp,
873 indexed_modcallable_free, 0);
875 radlog(L_ERR, "Failed to initialize components\n");
879 server = rad_malloc(sizeof(*server));
880 memset(server, 0, sizeof(*server));
883 server->created = time(NULL);
885 server->components = components;
888 * Define types first.
890 for (comp = 0; comp < RLM_COMPONENT_COUNT; ++comp) {
895 subcs = cf_section_sub_find(cs,
896 section_type_value[comp].section);
897 if (!subcs) continue;
899 if (cf_item_find_next(subcs, NULL) == NULL) continue;
902 * Find the attribute used to store VALUEs for this section.
904 dattr = dict_attrbyvalue(section_type_value[comp].attr);
906 cf_log_err(cf_sectiontoitem(subcs),
907 "No such attribute %s",
908 section_type_value[comp].typename);
910 if (debug_flag == 0) {
911 radlog(L_ERR, "Failed to load virtual server %s",
912 (name != NULL) ? name : "<default>");
914 virtual_server_free(server);
919 * Define dynamic types, so that others can reference
922 for (modref = cf_item_find_next(subcs, NULL);
924 modref = cf_item_find_next(subcs, modref)) {
926 CONF_SECTION *subsubcs;
929 * Create types for simple references
930 * only when parsing the authenticate
933 if ((section_type_value[comp].attr == PW_AUTH_TYPE) &&
934 cf_item_is_pair(modref)) {
935 CONF_PAIR *cp = cf_itemtopair(modref);
936 if (!define_type(dattr, cf_pair_attr(cp))) {
943 if (!cf_item_is_section(modref)) continue;
945 subsubcs = cf_itemtosection(modref);
946 name1 = cf_section_name1(subsubcs);
948 if (strcmp(name1, section_type_value[comp].typename) == 0) {
949 if (!define_type(dattr,
950 cf_section_name2(subsubcs))) {
955 } /* loop over components */
958 * Loop over all of the known components, finding their
959 * configuration section, and loading it.
962 for (comp = 0; comp < RLM_COMPONENT_COUNT; ++comp) {
964 indexed_modcallable *c;
966 subcs = cf_section_sub_find(cs,
967 section_type_value[comp].section);
968 if (!subcs) continue;
970 if (cf_item_find_next(subcs, NULL) == NULL) continue;
972 cf_log_module(cs, "Checking %s {...} for more modules to load",
973 section_type_value[comp].section);
977 * Skip pre/post-proxy sections if we're not
980 if (!mainconfig.proxy_requests &&
981 ((comp == PW_PRE_PROXY_TYPE) ||
982 (comp == PW_PRE_PROXY_TYPE))) {
987 if (load_component_section(subcs, components, comp) < 0) {
992 * Cache a default, if it exists. Some people
993 * put empty sections for some reason...
995 c = lookup_by_index(components, comp, 0);
996 if (c) server->mc[comp] = c->modulelist;
998 server->subcs[comp] = subcs;
1001 } /* loop over components */
1004 * We haven't loaded any of the normal sections. Maybe we're
1005 * supposed to load the vmps section.
1007 * This is a bit of a hack...
1010 CONF_SECTION *subcs;
1012 subcs = cf_section_sub_find(cs, "vmps");
1014 cf_log_module(cs, "Checking vmps {...} for more modules to load");
1015 if (load_component_section(subcs, components,
1016 RLM_COMPONENT_POST_AUTH) < 0) {
1024 const DICT_ATTR *dattr;
1026 dattr = dict_attrbyname("DHCP-Message-Type");
1028 radlog(L_ERR, "No DHCP-Message-Type attribute");
1033 * Handle each DHCP Message type separately.
1035 for (subcs = cf_subsection_find_next(cs, NULL,
1038 subcs = cf_subsection_find_next(cs, subcs,
1040 const char *name2 = cf_section_name2(subcs);
1042 DEBUG2(" Module: Checking dhcp %s {...} for more modules to load", name2);
1043 if (!load_subcomponent_section(NULL, subcs,
1046 RLM_COMPONENT_POST_AUTH)) {
1047 goto error; /* FIXME: memleak? */
1055 cf_log_info(cs, " } # modules");
1056 cf_log_info(cs, "} # server");
1058 if (!flag && name) {
1059 DEBUG("WARNING: Server %s is empty, and will do nothing!",
1063 if (debug_flag == 0) {
1064 radlog(L_INFO, "Loaded virtual server %s",
1065 (name != NULL) ? name : "<default>");
1069 * Now that it is OK, insert it into the list.
1071 * This is thread-safe...
1073 comp = virtual_server_idx(name);
1074 server->next = virtual_servers[comp];
1075 virtual_servers[comp] = server;
1078 * Mark OLDER ones of the same name as being unused.
1080 server = server->next;
1082 if ((!name && !server->name) ||
1083 (name && server->name &&
1084 (strcmp(server->name, name) == 0))) {
1085 server->can_free = TRUE;
1088 server = server->next;
1096 * Load all of the virtual servers.
1098 int virtual_servers_load(CONF_SECTION *config)
1100 int null_server = FALSE;
1102 static int first_time = TRUE;
1104 DEBUG2("%s: #### Loading Virtual Servers ####", mainconfig.name);
1107 * Load all of the virtual servers.
1109 for (cs = cf_subsection_find_next(config, NULL, "server");
1111 cs = cf_subsection_find_next(config, cs, "server")) {
1112 if (!cf_section_name2(cs)) null_server = TRUE;
1114 if (load_byserver(cs) < 0) {
1116 * Once we successfully staryed once,
1117 * continue loading the OTHER servers,
1118 * even if one fails.
1120 if (!first_time) continue;
1126 * No empty server defined. Try to load an old-style
1127 * one for backwards compatibility.
1130 if (load_byserver(config) < 0) {
1136 * If we succeed the first time around, remember that.
1143 int module_hup_module(CONF_SECTION *cs, module_instance_t *node, time_t when)
1145 void *insthandle = NULL;
1146 fr_module_hup_t *mh;
1149 !node->entry->module->instantiate ||
1150 ((node->entry->module->type & RLM_TYPE_HUP_SAFE) == 0)) {
1154 cf_log_module(cs, "Trying to reload module \"%s\"", node->name);
1156 if ((node->entry->module->instantiate)(cs, &insthandle) < 0) {
1157 cf_log_err(cf_sectiontoitem(cs),
1158 "HUP failed for module \"%s\". Using old configuration.",
1163 radlog(L_INFO, " Module: Reloaded module \"%s\"", node->name);
1165 module_instance_free_old(cs, node, when);
1168 * Save the old instance handle for later deletion.
1170 mh = rad_malloc(sizeof(*mh));
1173 mh->insthandle = node->insthandle;
1174 mh->next = node->mh;
1177 node->insthandle = insthandle;
1180 * FIXME: Set a timeout to come back in 60s, so that
1181 * we can pro-actively clean up the old instances.
1188 int module_hup(CONF_SECTION *modules)
1193 module_instance_t *node;
1195 if (!modules) return 0;
1200 * Loop over the modules
1202 for (ci=cf_item_find_next(modules, NULL);
1204 ci=cf_item_find_next(modules, ci)) {
1205 const char *instname;
1206 module_instance_t myNode;
1209 * If it's not a section, ignore it.
1211 if (!cf_item_is_section(ci)) continue;
1213 cs = cf_itemtosection(ci);
1214 instname = cf_section_name2(cs);
1215 if (!instname) instname = cf_section_name1(cs);
1217 strlcpy(myNode.name, instname, sizeof(myNode.name));
1218 node = rbtree_finddata(instance_tree, &myNode);
1220 module_hup_module(cs, node, when);
1228 * Parse the module config sections, and load
1229 * and call each module's init() function.
1231 * Libtool makes your life a LOT easier, especially with libltdl.
1232 * see: http://www.gnu.org/software/libtool/
1234 int setup_modules(int reload, CONF_SECTION *config)
1236 CONF_SECTION *cs, *modules;
1237 rad_listen_t *listener;
1239 if (reload) return 0;
1242 * If necessary, initialize libltdl.
1246 * Set the default list of preloaded symbols.
1247 * This is used to initialize libltdl's list of
1248 * preloaded modules.
1250 * i.e. Static modules.
1252 LTDL_SET_PRELOADED_SYMBOLS();
1254 if (lt_dlinit() != 0) {
1255 radlog(L_ERR, "Failed to initialize libraries: %s\n",
1261 * Set the search path to ONLY our library directory.
1262 * This prevents the modules from being found from
1263 * any location on the disk.
1265 lt_dlsetsearchpath(radlib_dir);
1268 * Set up the internal module struct.
1270 module_tree = rbtree_create(module_entry_cmp,
1271 module_entry_free, 0);
1273 radlog(L_ERR, "Failed to initialize modules\n");
1277 instance_tree = rbtree_create(module_instance_cmp,
1278 module_instance_free, 0);
1279 if (!instance_tree) {
1280 radlog(L_ERR, "Failed to initialize modules\n");
1285 memset(virtual_servers, 0, sizeof(virtual_servers));
1288 * Remember where the modules were stored.
1290 modules = cf_section_sub_find(config, "modules");
1292 radlog(L_ERR, "Cannot find a \"modules\" section in the configuration file!");
1296 DEBUG2("%s: #### Instantiating modules ####", mainconfig.name);
1299 * Look for the 'instantiate' section, which tells us
1300 * the instantiation order of the modules, and also allows
1301 * us to load modules with no authorize/authenticate/etc.
1304 cs = cf_section_sub_find(config, "instantiate");
1308 module_instance_t *module;
1311 cf_log_info(cs, " instantiate {");
1314 * Loop over the items in the 'instantiate' section.
1316 for (ci=cf_item_find_next(cs, NULL);
1318 ci=cf_item_find_next(cs, ci)) {
1321 * Skip sections and "other" stuff.
1322 * Sections will be handled later, if
1323 * they're referenced at all...
1325 if (!cf_item_is_pair(ci)) {
1329 cp = cf_itemtopair(ci);
1330 name = cf_pair_attr(cp);
1331 module = find_module_instance(modules, name, 1);
1335 } /* loop over items in the subsection */
1337 cf_log_info(cs, " }");
1338 } /* if there's an 'instantiate' section. */
1341 * Loop over the listeners, figuring out which sections
1344 for (listener = mainconfig.listen;
1346 listener = listener->next) {
1349 if (listener->type == RAD_LISTEN_PROXY) continue;
1351 cs = cf_section_sub_find_name2(config,
1352 "server", listener->server);
1353 if (!cs && (listener->server != NULL)) {
1354 listener->print(listener, buffer, sizeof(buffer));
1356 radlog(L_ERR, "No server has been defined for %s", buffer);
1361 if (virtual_servers_load(config) < 0) return -1;
1367 * Call all authorization modules until one returns
1368 * somethings else than RLM_MODULE_OK
1370 int module_authorize(int autz_type, REQUEST *request)
1372 return indexed_modcall(RLM_COMPONENT_AUTZ, autz_type, request);
1376 * Authenticate a user/password with various methods.
1378 int module_authenticate(int auth_type, REQUEST *request)
1380 return indexed_modcall(RLM_COMPONENT_AUTH, auth_type, request);
1383 #ifdef WITH_ACCOUNTING
1385 * Do pre-accounting for ALL configured sessions
1387 int module_preacct(REQUEST *request)
1389 return indexed_modcall(RLM_COMPONENT_PREACCT, 0, request);
1393 * Do accounting for ALL configured sessions
1395 int module_accounting(int acct_type, REQUEST *request)
1397 return indexed_modcall(RLM_COMPONENT_ACCT, acct_type, request);
1401 #ifdef WITH_SESSION_MGMT
1403 * See if a user is already logged in.
1405 * Returns: 0 == OK, 1 == double logins, 2 == multilink attempt
1407 int module_checksimul(int sess_type, REQUEST *request, int maxsimul)
1411 if(!request->username)
1414 request->simul_count = 0;
1415 request->simul_max = maxsimul;
1416 request->simul_mpp = 1;
1418 rcode = indexed_modcall(RLM_COMPONENT_SESS, sess_type, request);
1420 if (rcode != RLM_MODULE_OK) {
1421 /* FIXME: Good spot for a *rate-limited* warning to the log */
1425 return (request->simul_count < maxsimul) ? 0 : request->simul_mpp;
1431 * Do pre-proxying for ALL configured sessions
1433 int module_pre_proxy(int type, REQUEST *request)
1435 return indexed_modcall(RLM_COMPONENT_PRE_PROXY, type, request);
1439 * Do post-proxying for ALL configured sessions
1441 int module_post_proxy(int type, REQUEST *request)
1443 return indexed_modcall(RLM_COMPONENT_POST_PROXY, type, request);
1448 * Do post-authentication for ALL configured sessions
1450 int module_post_auth(int postauth_type, REQUEST *request)
1452 return indexed_modcall(RLM_COMPONENT_POST_AUTH, postauth_type, request);
projects / freeradius.git / blob