char line[1024];
/* initialise lots of stuff to avoid stupid compiler warnings */
char *tokens[3], *s, *opt = NULL, *val = NULL, *word, *optval, **str = NULL, ***mstr = NULL;
+ uint8_t *bln;
int type = 0, tcount, conftype = 0, n;
void (*cbk)(struct gconffile **, char *, char *, char *) = NULL;
if (!mstr)
debugx(1, DBG_ERR, "getgenericconfig: internal parameter error");
break;
+ case CONF_BLN:
+ bln = va_arg(ap, uint8_t *);
+ if (!bln)
+ debugx(1, DBG_ERR, "getgenericconfig: internal parameter error");
+ break;
case CONF_CBK:
cbk = va_arg(ap, void (*)(struct gconffile **, char *, char *, char *));
break;
debugx(1, DBG_ERR, "configuration error, unknown option %s", opt);
}
- if (((type == CONF_STR || type == CONF_MSTR) && conftype != CONF_STR) ||
+ if (((type == CONF_STR || type == CONF_MSTR || type == CONF_BLN) && conftype != CONF_STR) ||
(type == CONF_CBK && conftype != CONF_CBK)) {
if (block)
debugx(1, DBG_ERR, "configuration error in block %s, wrong syntax for option %s", block, opt);
switch (type) {
case CONF_STR:
- if (block)
- debug(DBG_DBG, "getgenericconfig: block %s: %s = %s", block, opt, val);
- else
- debug(DBG_DBG, "getgenericconfig: %s = %s", opt, val);
if (*str)
debugx(1, DBG_ERR, "configuration error, option %s already set to %s", opt, *str);
*str = stringcopy(val, 0);
debugx(1, DBG_ERR, "malloc failed");
break;
case CONF_MSTR:
- if (block)
- debug(DBG_DBG, "getgenericconfig: block %s: %s = %s", block, opt, val);
- else
- debug(DBG_DBG, "getgenericconfig: %s = %s", opt, val);
if (*mstr)
for (n = 0; (*mstr)[n]; n++);
else
(*mstr)[n] = stringcopy(val, 0);
(*mstr)[n + 1] = NULL;
break;
+ case CONF_BLN:
+ if (!strcasecmp(val, "on"))
+ *bln = 1;
+ else if (!strcasecmp(val, "off"))
+ *bln = 0;
+ else if (block)
+ debugx(1, DBG_ERR, "configuration error in block %s, value for option %s must be on or off, not %s", block, opt, val);
+ else
+ debugx(1, DBG_ERR, "configuration error, value for option %s must be on or off, not %s", opt, val);
+ break;
case CONF_CBK:
optval = malloc(strlen(opt) + strlen(val) + 2);
if (!optval)
sprintf(optval, "%s %s", opt, val);
cbk(cf, optval, opt, val);
free(optval);
- break;
+ continue;
default:
debugx(1, DBG_ERR, "getgenericconfig: internal parameter error");
}
+ if (block)
+ debug(DBG_DBG, "getgenericconfig: block %s: %s = %s", block, opt, val);
+ else
+ debug(DBG_DBG, "getgenericconfig: %s = %s", opt, val);
}
}
uint8_t type = 0; /* 0 for DNS, AF_INET for IPv4, AF_INET6 for IPv6 */
struct in6_addr addr;
- if (conf->prefixlen == 255) {
+ if (conf->certnamecheck && conf->prefixlen == 255) {
if (inet_pton(AF_INET, conf->host, &addr))
type = AF_INET;
else if (inet_pton(AF_INET6, conf->host, &addr))
if (!conf || !list_push(clconfs, conf))
debugx(1, DBG_ERR, "malloc failed");
memset(conf, 0, sizeof(struct clsrvconf));
+ conf->certnamecheck = 1;
getgenericconfig(cf, block,
"type", CONF_STR, &type,
"secret", CONF_STR, &conf->secret,
"tls", CONF_STR, &tls,
"matchcertificateattribute", CONF_STR, &matchcertattr,
+ "CertificateNameCheck", CONF_BLN, &conf->certnamecheck,
"rewrite", CONF_STR, &rewrite,
"rewriteattribute", CONF_STR, &rewriteattr,
NULL
}
void confserver_cb(struct gconffile **cf, char *block, char *opt, char *val) {
- char *type = NULL, *tls = NULL, *matchcertattr = NULL, *statusserver = NULL, *rewrite = NULL;
+ char *type = NULL, *tls = NULL, *matchcertattr = NULL, *rewrite = NULL;
struct clsrvconf *conf;
debug(DBG_DBG, "confserver_cb called for %s", block);
if (!conf || !list_push(srvconfs, conf))
debugx(1, DBG_ERR, "malloc failed");
memset(conf, 0, sizeof(struct clsrvconf));
+ conf->certnamecheck = 1;
getgenericconfig(cf, block,
"type", CONF_STR, &type,
"port", CONF_STR, &conf->port,
"secret", CONF_STR, &conf->secret,
"tls", CONF_STR, &tls,
- "matchcertificateattribute", CONF_STR, &matchcertattr,
+ "MatchCertificateAttribute", CONF_STR, &matchcertattr,
"rewrite", CONF_STR, &rewrite,
- "StatusServer", CONF_STR, &statusserver,
+ "StatusServer", CONF_BLN, &conf->statusserver,
+ "CertificateNameCheck", CONF_BLN, &conf->certnamecheck,
NULL
);
debugx(1, DBG_ERR, "error in block %s, secret must be specified for UDP", block);
conf->secret = stringcopy(DEFAULT_TLS_SECRET, 0);
}
-
- if (statusserver) {
- if (!strcasecmp(statusserver, "on"))
- conf->statusserver = 1;
- else if (strcasecmp(statusserver, "off"))
- debugx(1, DBG_ERR, "error in block %s, StatusServer is %s, must be on or off", block, statusserver);
- free(statusserver);
- }
}
void confrealm_cb(struct gconffile **cf, char *block, char *opt, char *val) {
projects / libradsec.git / commitdiff