projects / libradsec.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 196cad2)
Add LoopPrevention per server (RADSECPROXY-1).
authorlinus <linus>
Wed, 31 Mar 2010 12:48:10 +0000 (12:48 +0000)
committerlinus <linus@e88ac4ed-0b26-0410-9574-a7f39faa03bf>
Wed, 31 Mar 2010 12:48:10 +0000 (12:48 +0000)
TODO: Documentation and configuration example still missing.

git-svn-id: https://svn.testnett.uninett.no/radsecproxy/trunk@544 e88ac4ed-0b26-0410-9574-a7f39faa03bf

radsecproxy.c patch | blob | history
radsecproxy.h patch | blob | history

diff --git a/radsecproxy.c b/radsecproxy.c
index 7a8b5e2..c058ac7 100644 (file)
--- a/radsecproxy.c
+++ b/radsecproxy.c
@@ -1492,7 +1492,9 @@ int radsrv(struct request *rq) {
        goto exit;
     }
 
-    if (options.loopprevention && !strcmp(from->conf->name, to->conf->name)) {
+    if ((to->conf->loopprevention == 1
+        || (to->conf->loopprevention == UCHAR_MAX && options.loopprevention == 1))
+       && !strcmp(from->conf->name, to->conf->name)) {
        debug(DBG_INFO, "radsrv: Loop prevented, not forwarding request from client %s (%s) to server %s, discarding",
              from->conf->name, addr2string(from->addr), to->conf->name);
        goto exit;
@@ -2759,6 +2761,7 @@ int confserver_cb(struct gconffile **cf, void *arg, char *block, char *opt, char
        return 0;
     }
     memset(conf, 0, sizeof(struct clsrvconf));
+    conf->loopprevention = UCHAR_MAX; /* Uninitialized.  */
     resconf = (struct clsrvconf *)arg;
     if (resconf) {
        conf->statusserver = resconf->statusserver;
@@ -2784,6 +2787,7 @@ int confserver_cb(struct gconffile **cf, void *arg, char *block, char *opt, char
                          "RetryInterval", CONF_LINT, &retryinterval,
                          "RetryCount", CONF_LINT, &retrycount,
                          "DynamicLookupCommand", CONF_STR, &conf->dynamiclookupcommand,
+                         "LoopPrevention", CONF_BLN, &conf->loopprevention,
                          NULL
            )) {
        debug(DBG_ERR, "configuration error");
diff --git a/radsecproxy.h b/radsecproxy.h
index 4601259..7528f7f 100644 (file)
--- a/radsecproxy.h
+++ b/radsecproxy.h
@@ -98,6 +98,7 @@ struct clsrvconf {
     uint8_t dupinterval;
     uint8_t certnamecheck;
     uint8_t addttl;
+    uint8_t loopprevention;
     struct rewrite *rewritein;
     struct rewrite *rewriteout;
     pthread_mutex_t *lock; /* only used for updating clients so far */
Unnamed repository; edit this file 'description' to name the repository.