2 * Copyright (C) 2006-2008 Stig Venaas <venaas@uninett.no>
4 * Permission to use, copy, modify, and distribute this software for any
5 * purpose with or without fee is hereby granted, provided that the above
6 * copyright notice and this permission notice appear in all copies.
11 #define CONFIG_MAIN "/etc/radsecproxy.conf"
13 /* MAX_REQUESTS must be 256 due to Radius' 8 bit ID field */
14 #define MAX_REQUESTS 256
15 #define REQUEST_RETRY_INTERVAL 5
16 #define REQUEST_RETRY_COUNT 2
17 #define MAX_CERT_DEPTH 5
18 #define STATUS_SERVER_PERIOD 25
19 #define IDLE_TIMEOUT 300
38 uint8_t loopprevention;
41 /* requests that our client will send */
46 struct timeval expiry;
49 uint8_t origid; /* used by servwr */
50 char origauth[16]; /* used by servwr */
51 struct sockaddr_storage fromsa; /* used by udpservwr */
52 int fromudpsock; /* used by udpservwr */
55 /* replies that a server will send */
58 struct sockaddr_storage tosa; /* used by udpservwr */
59 int toudpsock; /* used by udpservwr */
64 pthread_mutex_t mutex;
70 uint8_t type; /* RAD_UDP/RAD_TLS/RAD_TCP */
71 const struct protodefs *pdef;
78 regex_t *certuriregex;
81 char *confrewriteusername;
82 struct modattr *rewriteusername;
83 char *dynamiclookupcommand;
85 uint8_t retryinterval;
87 uint8_t certnamecheck;
89 struct rewrite *rewritein;
90 struct rewrite *rewriteout;
91 struct addrinfo *addrinfo;
94 struct server *servers;
98 struct clsrvconf *conf;
99 int sock; /* for tcp/dtls */
101 struct queue *replyq;
102 struct queue *rbios; /* for dtls */
103 struct sockaddr_storage addr; /* for dtls */
107 struct clsrvconf *conf;
110 pthread_mutex_t lock;
112 uint8_t clientrdgone;
113 struct timeval lastconnecttry;
114 struct timeval lastreply;
115 uint8_t connectionok;
117 char *dynamiclookuparg;
119 struct timeval lastrcv;
120 struct request *requests;
122 pthread_mutex_t newrq_mutex;
123 pthread_cond_t newrq_cond;
124 struct queue *rbios; /* for dtls */
132 pthread_mutex_t subrealms_mutex;
133 struct list *subrealms;
134 struct list *srvconfs;
135 struct list *accsrvconfs;
157 uint8_t *removeattrs;
158 uint32_t *removevendorattrs;
159 struct list *addattrs;
160 struct list *modattrs;
168 uint8_t retrycountdefault;
169 uint8_t retrycountmax;
170 uint8_t retryintervaldefault;
171 uint8_t retryintervalmax;
172 void *(*listener)(void*);
174 int (*connecter)(struct server *, struct timeval *, int, char *);
175 void *(*clientconnreader)(void*);
176 int (*clientradput)(struct server *, unsigned char *);
177 void (*addclient)(struct client *);
178 void (*addserverextra)(struct clsrvconf *);
182 #define RADLEN(x) ntohs(((uint16_t *)(x))[1])
184 #define ATTRTYPE(x) ((x)[0])
185 #define ATTRLEN(x) ((x)[1])
186 #define ATTRVAL(x) ((x) + 2)
187 #define ATTRVALLEN(x) ((x)[1] - 2)
189 #define SOCKADDR_SIZE(addr) ((addr).ss_family == AF_INET ? \
190 sizeof(struct sockaddr_in) : \
191 sizeof(struct sockaddr_in6))
193 struct addrinfo *getsrcprotores(uint8_t type);
194 struct clsrvconf *find_clconf(uint8_t type, struct sockaddr *addr, struct list_node **cur);
195 struct clsrvconf *find_srvconf(uint8_t type, struct sockaddr *addr, struct list_node **cur);
196 struct clsrvconf *find_clconf_type(uint8_t type, struct list_node **cur);
197 struct client *addclient(struct clsrvconf *conf);
198 void removeclient(struct client *client);
199 void removeclientrqs(struct client *client);
200 struct queue *newqueue();
201 void removequeue(struct queue *q);
202 void freebios(struct queue *q);
203 int radsrv(struct request *rq);
204 X509 *verifytlscert(SSL *ssl);
205 int verifyconfcert(X509 *cert, struct clsrvconf *conf);
206 int replyh(struct server *server, unsigned char *buf);
207 int connecttcp(struct addrinfo *addrinfo, struct addrinfo *src);
208 int bindtoaddr(struct addrinfo *addrinfo, int family, int reuse, int v6only);