1 /* Copyright (c) 2006-2009, Stig Venaas, UNINETT AS.
2 * Copyright (c) 2010, UNINETT AS, NORDUnet A/S.
3 * Copyright (c) 2010-2012, NORDUnet A/S. */
4 /* See LICENSE for licensing information. */
7 #include <sys/socket.h>
8 #include <netinet/in.h>
17 #include <sys/types.h>
18 #include <sys/select.h>
21 #include <arpa/inet.h>
25 #include "radsecproxy.h"
32 static void setprotoopts(struct commonprotoopts *opts);
33 static char **getlistenerargs();
34 void *udpserverrd(void *arg);
35 int clientradputudp(struct server *server, unsigned char *rad);
36 void addclientudp(struct client *client);
37 void addserverextraudp(struct clsrvconf *conf);
41 static const struct protodefs protodefs = {
43 NULL, /* secretdefault */
44 SOCK_DGRAM, /* socktype */
45 "1812", /* portdefault */
46 REQUEST_RETRY_COUNT, /* retrycountdefault */
47 10, /* retrycountmax */
48 REQUEST_RETRY_INTERVAL, /* retryintervaldefault */
49 60, /* retryintervalmax */
50 DUPLICATE_INTERVAL, /* duplicateintervaldefault */
51 setprotoopts, /* setprotoopts */
52 getlistenerargs, /* getlistenerargs */
53 udpserverrd, /* listener */
55 NULL, /* clientconnreader */
56 clientradputudp, /* clientradput */
57 addclientudp, /* addclient */
58 addserverextraudp, /* addserverextra */
59 udpsetsrcres, /* setsrcres */
60 initextraudp /* initextra */
63 static int client4_sock = -1;
64 static int client6_sock = -1;
65 static struct gqueue *server_replyq = NULL;
67 static struct addrinfo *srcres = NULL;
68 static uint8_t handle;
69 static struct commonprotoopts *protoopts = NULL;
71 const struct protodefs *udpinit(uint8_t h) {
76 static void setprotoopts(struct commonprotoopts *opts) {
80 static char **getlistenerargs() {
81 return protoopts ? protoopts->listenargs : NULL;
87 resolvepassiveaddrinfo(protoopts ? protoopts->sourcearg : NULL,
88 AF_UNSPEC, NULL, protodefs.socktype);
91 void removeudpclientfromreplyq(struct client *c) {
95 /* lock the common queue and remove replies for this client */
96 pthread_mutex_lock(&c->replyq->mutex);
97 for (n = list_first(c->replyq->entries); n; n = list_next(n)) {
98 r = (struct request *)n->data;
102 pthread_mutex_unlock(&c->replyq->mutex);
105 static int addr_equal(struct sockaddr *a, struct sockaddr *b) {
106 switch (a->sa_family) {
108 return !memcmp(&((struct sockaddr_in*)a)->sin_addr,
109 &((struct sockaddr_in*)b)->sin_addr,
110 sizeof(struct in_addr));
112 return IN6_ARE_ADDR_EQUAL(&((struct sockaddr_in6*)a)->sin6_addr,
113 &((struct sockaddr_in6*)b)->sin6_addr);
120 uint16_t port_get(struct sockaddr *sa) {
121 switch (sa->sa_family) {
123 return ntohs(((struct sockaddr_in *)sa)->sin_port);
125 return ntohs(((struct sockaddr_in6 *)sa)->sin6_port);
130 /* exactly one of client and server must be non-NULL */
131 /* return who we received from in *client or *server */
132 /* return from in sa if not NULL */
133 unsigned char *radudpget(int s, struct client **client, struct server **server, uint16_t *port) {
135 unsigned char buf[4], *rad = NULL;
136 struct sockaddr_storage from;
137 struct sockaddr *fromcopy;
138 socklen_t fromlen = sizeof(from);
140 struct list_node *node;
142 struct client *c = NULL;
152 if (select(s + 1, &readfds, NULL, NULL, NULL) < 1)
154 cnt = recvfrom(s, buf, 4, MSG_PEEK | MSG_TRUNC, (struct sockaddr *)&from, &fromlen);
156 debug(DBG_WARN, "radudpget: recv failed");
161 ? find_clconf(handle, (struct sockaddr *)&from, NULL)
162 : find_srvconf(handle, (struct sockaddr *)&from, NULL);
164 debug(DBG_WARN, "radudpget: got packet from wrong or unknown UDP peer %s, ignoring", addr2string((struct sockaddr *)&from));
171 debug(DBG_WARN, "radudpget: length too small");
178 debug(DBG_ERR, "radudpget: malloc failed");
183 cnt = recv(s, rad, len, MSG_TRUNC);
184 debug(DBG_DBG, "radudpget: got %d bytes from %s", cnt, addr2string((struct sockaddr *)&from));
187 debug(DBG_WARN, "radudpget: packet smaller than length field in radius header");
191 debug(DBG_DBG, "radudpget: packet was padded with %d bytes", cnt - len);
195 pthread_mutex_lock(p->lock);
196 for (node = list_first(p->clients); node;) {
197 c = (struct client *)node->data;
198 node = list_next(node);
201 gettimeofday(&now, NULL);
202 if (!*client && addr_equal((struct sockaddr *)&from, c->addr)) {
203 c->expiry = now.tv_sec + 60;
206 if (c->expiry >= now.tv_sec)
209 debug(DBG_DBG, "radudpget: removing expired client (%s)", addr2string(c->addr));
210 removeudpclientfromreplyq(c);
211 c->replyq = NULL; /* stop removeclient() from removing common udp replyq */
212 removelockedclient(c);
216 fromcopy = addr_copy((struct sockaddr *)&from);
218 pthread_mutex_unlock(p->lock);
224 pthread_mutex_unlock(p->lock);
229 gettimeofday(&now, NULL);
230 c->expiry = now.tv_sec + 60;
233 pthread_mutex_unlock(p->lock);
235 *server = p->servers;
239 *port = port_get((struct sockaddr *)&from);
243 int clientradputudp(struct server *server, unsigned char *rad) {
245 struct clsrvconf *conf = server->conf;
249 ai = ((struct hostportres *)list_first(conf->hostports)->data)->addrinfo;
250 if (sendto(server->sock, rad, len, 0, ai->ai_addr, ai->ai_addrlen) >= 0) {
251 debug(DBG_DBG, "clienradputudp: sent UDP of length %d to %s port %d", len, addr2string(ai->ai_addr), port_get(ai->ai_addr));
255 debug(DBG_WARN, "clientradputudp: send failed");
259 void *udpclientrd(void *arg) {
260 struct server *server;
266 buf = radudpget(*s, NULL, &server, NULL);
271 void *udpserverrd(void *arg) {
273 int *sp = (int *)arg;
278 sleep(5); /* malloc failed */
281 rq->buf = radudpget(*sp, &rq->from, NULL, &rq->udpport);
289 void *udpserverwr(void *arg) {
290 struct gqueue *replyq = (struct gqueue *)arg;
291 struct request *reply;
292 struct sockaddr_storage to;
295 pthread_mutex_lock(&replyq->mutex);
296 while (!(reply = (struct request *)list_shift(replyq->entries))) {
297 debug(DBG_DBG, "udp server writer, waiting for signal");
298 pthread_cond_wait(&replyq->cond, &replyq->mutex);
299 debug(DBG_DBG, "udp server writer, got signal");
301 /* do this with lock, udpserverrd may set from = NULL if from expires */
303 memcpy(&to, reply->from->addr, SOCKADDRP_SIZE(reply->from->addr));
304 pthread_mutex_unlock(&replyq->mutex);
306 port_set((struct sockaddr *)&to, reply->udpport);
307 if (sendto(reply->udpsock, reply->replybuf, RADLEN(reply->replybuf), 0, (struct sockaddr *)&to, SOCKADDR_SIZE(to)) < 0)
308 debug(DBG_WARN, "udpserverwr: send failed");
310 debug(DBG_DBG, "udpserverwr: refcount %d", reply->refcount);
315 void addclientudp(struct client *client) {
316 client->replyq = server_replyq;
319 void addserverextraudp(struct clsrvconf *conf) {
320 assert(list_first(conf->hostports) != NULL);
321 switch (((struct hostportres *)list_first(conf->hostports)->data)->addrinfo->ai_family) {
323 if (client4_sock < 0) {
324 client4_sock = bindtoaddr(srcres, AF_INET, 0, 1);
325 if (client4_sock < 0)
326 debugx(1, DBG_ERR, "addserver: failed to create client socket for server %s", conf->name);
328 conf->servers->sock = client4_sock;
331 if (client6_sock < 0) {
332 client6_sock = bindtoaddr(srcres, AF_INET6, 0, 1);
333 if (client6_sock < 0)
334 debugx(1, DBG_ERR, "addserver: failed to create client socket for server %s", conf->name);
336 conf->servers->sock = client6_sock;
339 debugx(1, DBG_ERR, "addserver: unsupported address family");
343 void initextraudp() {
344 pthread_t cl4th, cl6th, srvth;
347 freeaddrinfo(srcres);
351 if (client4_sock >= 0)
352 if (pthread_create(&cl4th, NULL, udpclientrd, (void *)&client4_sock))
353 debugx(1, DBG_ERR, "pthread_create failed");
354 if (client6_sock >= 0)
355 if (pthread_create(&cl6th, NULL, udpclientrd, (void *)&client6_sock))
356 debugx(1, DBG_ERR, "pthread_create failed");
358 if (find_clconf_type(handle, NULL)) {
359 server_replyq = newqueue();
360 if (pthread_create(&srvth, NULL, udpserverwr, (void *)server_replyq))
361 debugx(1, DBG_ERR, "pthread_create failed");
365 const struct protodefs *udpinit(uint8_t h) {
370 /* Local Variables: */
371 /* c-file-style: "stroustrup" */
projects / radsecproxy.git / blob