Implement disable_hostname_check config option.

[libradsec.git] / lib / conf.c

diff --git a/lib/conf.c b/lib/conf.c
index ad1a5f8..4e0df31 100644 (file)
--- a/lib/conf.c
+++ b/lib/conf.c
@@ -1,24 +1,25 @@
-/* Copyright 2010, 2011 NORDUnet A/S. All rights reserved.
-   See the file COPYING for licensing information.  */
+/* Copyright 2010-2013 NORDUnet A/S. All rights reserved.
+   See LICENSE for licensing information. */
 
 #if defined HAVE_CONFIG_H
 #include <config.h>
 #endif
 
 #include <confuse.h>
+#include <stdlib.h>
 #include <string.h>
 #include <assert.h>
 #include <radsec/radsec.h>
 #include <radsec/radsec-impl.h>
 #include "peer.h"
+#include "util.h"
 #include "debug.h"
 
 #if 0
   # common config options
-  dictionary = STRING
 
   # common realm config options
-  realm NAME {
+  realm STRING {
       type = "UDP"|"TCP"|"TLS"|"DTLS"
       timeout = INT
       retries = INT
@@ -30,10 +31,11 @@
       pskhexstr = STRING # Transport pre-shared key, ASCII hex form.
       pskid = STRING
       pskex = "PSK"|"DHE_PSK"|"RSA_PSK"
+      disable_hostname_check = "yes"|"no"
   }
 
   # client specific realm config options
-  realm NAME {
+  realm STRING {
       server {
           hostname = STRING
          service = STRING
@@ -72,12 +74,12 @@ rs_context_read_config(struct rs_context *ctx, const char *config_file)
       CFG_STR ("pskhexstr", NULL, CFGF_NONE),
       CFG_STR ("pskid", NULL, CFGF_NONE),
       CFG_STR ("pskex", "PSK", CFGF_NONE),
+      CFG_BOOL ("disable_hostname_check", cfg_false, CFGF_NONE),
       CFG_SEC ("server", server_opts, CFGF_MULTI),
       CFG_END ()
     };
   cfg_opt_t opts[] =
     {
-      CFG_STR ("dictionary", NULL, CFGF_NONE),
       CFG_SEC ("realm", realm_opts, CFGF_TITLE | CFGF_MULTI),
       CFG_END ()
     };
@@ -106,7 +108,6 @@ rs_context_read_config(struct rs_context *ctx, const char *config_file)
   if (config == NULL)
     return rs_err_ctx_push_fl (ctx, RSE_NOMEM, __FILE__, __LINE__, NULL);
   ctx->config = config;
-  config->dictionary = cfg_getstr (cfg, "dictionary");
 
   for (i = 0; i < cfg_size (cfg, "realm"); i++)
     {
@@ -132,9 +133,9 @@ rs_context_read_config(struct rs_context *ctx, const char *config_file)
        return rs_err_ctx_push_fl (ctx, RSE_CONFIG, __FILE__, __LINE__,
                                   "missing realm name");
       /* We use a copy of the return value of cfg_title() since it's const.  */
-      r->name = strdup (s);
+      r->name = rs_strdup (ctx, s);
       if (r->name == NULL)
-       return rs_err_ctx_push_fl (ctx, RSE_NOMEM, __FILE__, __LINE__, NULL);
+       return RSE_NOMEM;
 
       typestr = cfg_getstr (cfg_realm, "type");
       if (strcmp (typestr, "UDP") == 0)
@@ -151,6 +152,7 @@ rs_context_read_config(struct rs_context *ctx, const char *config_file)
                                 r->name, typestr);
       r->timeout = cfg_getint (cfg_realm, "timeout");
       r->retries = cfg_getint (cfg_realm, "retries");
+      r->disable_hostname_check = cfg_getbool (cfg_realm, "disable_hostname_check");
 
       r->cacertfile = cfg_getstr (cfg_realm, "cacertfile");
       /*r->cacertpath = cfg_getstr (cfg_realm, "cacertpath");*/
@@ -242,9 +244,11 @@ struct rs_realm *
 rs_conf_find_realm(struct rs_context *ctx, const char *name)
 {
   struct rs_realm *r;
+  assert (ctx);
 
-  for (r = ctx->config->realms; r; r = r->next)
-    if (strcmp (r->name, name) == 0)
+  if (ctx->config)
+    for (r = ctx->config->realms; r; r = r->next)
+      if (strcmp (r->name, name) == 0)
        return r;
 
   return NULL;