2 * Copyright (C) 2006-2009 Stig Venaas <venaas@uninett.no>
3 * Copyright (C) 2010 NORDUnet A/S
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
16 #define CONFIG_MAIN "/etc/radsecproxy.conf"
18 /* MAX_REQUESTS must be 256 due to Radius' 8 bit ID field */
19 #define MAX_REQUESTS 256
20 #define REQUEST_RETRY_INTERVAL 5
21 #define REQUEST_RETRY_COUNT 2
22 #define DUPLICATE_INTERVAL REQUEST_RETRY_INTERVAL * REQUEST_RETRY_COUNT
23 #define MAX_CERT_DEPTH 5
24 #define STATUS_SERVER_PERIOD 25
25 #define IDLE_TIMEOUT 300
27 /* 27262 is vendor DANTE Ltd. */
28 #define DEFAULT_TTL_ATTR "27262:1"
34 #define RAD_PROTOCOUNT 4
39 uint32_t ttlattrtype[2];
42 uint8_t loopprevention;
45 struct commonprotoopts {
51 struct timeval created;
53 uint8_t *buf, *replybuf;
61 int udpsock; /* only for UDP */
62 uint16_t udpport; /* only for UDP */
65 /* requests that our client will send */
67 pthread_mutex_t *lock;
70 struct timeval expiry;
75 pthread_mutex_t mutex;
81 uint8_t type; /* RAD_UDP/RAD_TLS/RAD_TCP */
82 const struct protodefs *pdef;
85 struct list *hostports;
90 regex_t *certuriregex;
93 char *confrewriteusername;
94 struct modattr *rewriteusername;
95 char *dynamiclookupcommand;
97 uint8_t retryinterval;
100 uint8_t certnamecheck;
102 uint8_t loopprevention;
103 struct rewrite *rewritein;
104 struct rewrite *rewriteout;
105 pthread_mutex_t *lock; /* only used for updating clients so far */
107 struct list *clients;
108 struct server *servers;
111 #include "tlscommon.h"
114 struct clsrvconf *conf;
117 struct request *rqs[MAX_REQUESTS];
118 struct gqueue *replyq;
119 struct gqueue *rbios; /* for dtls */
120 struct sockaddr *addr;
121 time_t expiry; /* for udp */
125 struct clsrvconf *conf;
128 pthread_mutex_t lock;
130 uint8_t clientrdgone;
131 struct timeval lastconnecttry;
132 struct timeval lastreply;
133 uint8_t connectionok;
136 char *dynamiclookuparg;
138 struct timeval lastrcv;
139 struct rqout *requests;
141 pthread_mutex_t newrq_mutex;
142 pthread_cond_t newrq_cond;
143 struct gqueue *rbios; /* for dtls */
152 pthread_mutex_t mutex;
153 struct realm *parent;
154 struct list *subrealms;
155 struct list *srvconfs;
156 struct list *accsrvconfs;
166 uint8_t *removeattrs;
167 uint32_t *removevendorattrs;
168 struct list *addattrs;
169 struct list *modattrs;
177 uint8_t retrycountdefault;
178 uint8_t retrycountmax;
179 uint8_t retryintervaldefault;
180 uint8_t retryintervalmax;
181 uint8_t duplicateintervaldefault;
182 void (*setprotoopts)(struct commonprotoopts *);
183 char **(*getlistenerargs)();
184 void *(*listener)(void*);
185 int (*connecter)(struct server *, struct timeval *, int, char *);
186 void *(*clientconnreader)(void*);
187 int (*clientradput)(struct server *, unsigned char *);
188 void (*addclient)(struct client *);
189 void (*addserverextra)(struct clsrvconf *);
194 #define RADLEN(x) ntohs(((uint16_t *)(x))[1])
196 #define ATTRTYPE(x) ((x)[0])
197 #define ATTRLEN(x) ((x)[1])
198 #define ATTRVAL(x) ((x) + 2)
199 #define ATTRVALLEN(x) ((x)[1] - 2)
201 struct clsrvconf *find_clconf(uint8_t type, struct sockaddr *addr, struct list_node **cur);
202 struct clsrvconf *find_srvconf(uint8_t type, struct sockaddr *addr, struct list_node **cur);
203 struct clsrvconf *find_clconf_type(uint8_t type, struct list_node **cur);
204 struct client *addclient(struct clsrvconf *conf, uint8_t lock);
205 void removelockedclient(struct client *client);
206 void removeclient(struct client *client);
207 struct gqueue *newqueue();
208 void freebios(struct gqueue *q);
209 struct request *newrequest();
210 void freerq(struct request *rq);
211 int radsrv(struct request *rq);
212 void replyh(struct server *server, unsigned char *buf);
213 struct addrinfo *resolve_hostport_addrinfo(uint8_t type, char *hostport);
215 /* Local Variables: */
216 /* c-file-style: "stroustrup" */