1 /* Copyright 2010, 2011 NORDUnet A/S. All rights reserved.
2 See the file COPYING for licensing information. */
4 #if defined HAVE_CONFIG_H
10 #include <radsec/radsec.h>
11 #include <radsec/radsec-impl.h>
16 # common config options
19 # common realm config options
21 type = "UDP"|"TCP"|"TLS"|"DTLS"
30 # client specific realm config options
40 /* FIXME: Leaking memory in error cases? */
42 rs_context_read_config(struct rs_context *ctx, const char *config_file)
44 cfg_t *cfg, *cfg_realm, *cfg_server;
48 struct rs_config *config = NULL;
50 cfg_opt_t server_opts[] =
52 CFG_STR ("hostname", NULL, CFGF_NONE),
53 CFG_STR ("service", "2083", CFGF_NONE),
54 CFG_STR ("secret", "radsec", CFGF_NONE),
57 cfg_opt_t realm_opts[] =
59 CFG_STR ("type", "UDP", CFGF_NONE),
60 CFG_INT ("timeout", 2, CFGF_NONE), /* FIXME: Remove? */
61 CFG_INT ("retries", 2, CFGF_NONE), /* FIXME: Remove? */
62 CFG_STR ("cacertfile", NULL, CFGF_NONE),
63 /*CFG_STR ("cacertpath", NULL, CFGF_NONE),*/
64 CFG_STR ("certfile", NULL, CFGF_NONE),
65 CFG_STR ("certkeyfile", NULL, CFGF_NONE),
66 CFG_SEC ("server", server_opts, CFGF_MULTI),
71 CFG_STR ("dictionary", NULL, CFGF_NONE),
72 CFG_SEC ("realm", realm_opts, CFGF_TITLE | CFGF_MULTI),
76 cfg = cfg_init (opts, CFGF_NONE);
78 return rs_err_ctx_push (ctx, RSE_CONFIG, "unable to initialize libconfuse");
79 err = cfg_parse (cfg, config_file);
85 return rs_err_ctx_push (ctx, RSE_CONFIG,
86 "%s: unable to open configuration file",
89 return rs_err_ctx_push (ctx, RSE_CONFIG, "%s: invalid configuration file",
92 return rs_err_ctx_push (ctx, RSE_CONFIG, "%s: unknown parse error",
96 config = rs_calloc (ctx, 1, sizeof (*config));
98 return rs_err_ctx_push_fl (ctx, RSE_NOMEM, __FILE__, __LINE__, NULL);
100 config->dictionary = cfg_getstr (cfg, "dictionary");
102 for (i = 0; i < cfg_size (cfg, "realm"); i++)
104 struct rs_realm *r = rs_calloc (ctx, 1, sizeof(*r));
108 return rs_err_ctx_push_fl (ctx, RSE_NOMEM, __FILE__, __LINE__, NULL);
111 r->next = config->realms->next;
112 config->realms->next = r;
116 cfg_realm = cfg_getnsec (cfg, "realm", i);
117 /* We use a copy of return value of cfg_title since it's a
119 s = cfg_title (cfg_realm);
121 return rs_err_ctx_push_fl (ctx, RSE_CONFIG, __FILE__, __LINE__,
122 "missing realm name");
123 r->name = strdup (s); /* FIXME: Don't strdup. */
125 return rs_err_ctx_push_fl (ctx, RSE_NOMEM, __FILE__, __LINE__, NULL);
127 typestr = cfg_getstr (cfg_realm, "type");
128 if (!strcmp (typestr, "UDP"))
129 r->type = RS_CONN_TYPE_UDP;
130 else if (!strcmp (typestr, "TCP"))
131 r->type = RS_CONN_TYPE_TCP;
132 else if (!strcmp (typestr, "TLS"))
133 r->type = RS_CONN_TYPE_TLS;
134 else if (!strcmp (typestr, "DTLS"))
135 r->type = RS_CONN_TYPE_DTLS;
137 return rs_err_ctx_push_fl (ctx, RSE_CONFIG, __FILE__, __LINE__,
138 "invalid connection type: %s", typestr);
139 r->timeout = cfg_getint (cfg_realm, "timeout");
140 r->retries = cfg_getint (cfg_realm, "retries");
142 r->cacertfile = cfg_getstr (cfg_realm, "cacertfile");
143 /*r->cacertpath = cfg_getstr (cfg_realm, "cacertpath");*/
144 r->certfile = cfg_getstr (cfg_realm, "certfile");
145 r->certkeyfile = cfg_getstr (cfg_realm, "certkeyfile");
147 /* Add peers, one per server stanza. */
148 for (j = 0; j < cfg_size (cfg_realm, "server"); j++)
150 struct rs_peer *p = peer_create (ctx, &r->peers);
152 return rs_err_ctx_push_fl (ctx, RSE_NOMEM, __FILE__, __LINE__,
156 cfg_server = cfg_getnsec (cfg_realm, "server", j);
157 /* FIXME: Handle resolve errors, possibly by postponing name
159 rs_resolv (&p->addr, r->type, cfg_getstr (cfg_server, "hostname"),
160 cfg_getstr (cfg_server, "service"));
161 p->secret = cfg_getstr (cfg_server, "secret");
165 /* Save config object in context, for freeing in
166 rs_context_destroy(). */
167 ctx->config->cfg = cfg;
172 rs_conf_find_realm(struct rs_context *ctx, const char *name)
176 for (r = ctx->config->realms; r; r = r->next)
177 if (!strcmp (r->name, name))