static int client4_sock = -1;
static int client6_sock = -1;
+static struct addrinfo *srcres = NULL;
struct sessioncacheentry {
pthread_mutex_t mutex;
struct sockaddr_storage addr;
};
+void dtlssetsrcres(char *source) {
+ if (!srcres)
+ srcres = resolve_hostport_addrinfo(RAD_DTLS, source);
+}
+
int udp2bio(int s, struct queue *q, int cnt) {
unsigned char *buf;
BIO *rbio;
switch (conf->addrinfo->ai_family) {
case AF_INET:
if (client4_sock < 0) {
- client4_sock = bindtoaddr(getsrcprotores(RAD_DTLS), AF_INET, 0, 1);
+ client4_sock = bindtoaddr(srcres, AF_INET, 0, 1);
if (client4_sock < 0)
debugx(1, DBG_ERR, "addserver: failed to create client socket for server %s", conf->host);
}
break;
case AF_INET6:
if (client6_sock < 0) {
- client6_sock = bindtoaddr(getsrcprotores(RAD_DTLS), AF_INET6, 0, 1);
+ client6_sock = bindtoaddr(srcres, AF_INET6, 0, 1);
if (client6_sock < 0)
debugx(1, DBG_ERR, "addserver: failed to create client socket for server %s", conf->host);
}
void initextradtls() {
pthread_t cl4th, cl6th;
+
+ if (srcres) {
+ freeaddrinfo(srcres);
+ srcres = NULL;
+ }
if (client4_sock >= 0)
if (pthread_create(&cl4th, NULL, udpdtlsclientrd, (void *)&client4_sock))
* copyright notice and this permission notice appear in all copies.
*/
+void dtlssetsrcres(char *source);
void *udpdtlsserverrd(void *arg);
int dtlsconnect(struct server *server, struct timeval *when, int timeout, char *text);
void *dtlsclientrd(void *arg);
struct list *realms;
struct hash *tlsconfs, *rewriteconfs;
-static struct addrinfo *srcprotores[RAD_PROTOCOUNT];
-
static pthread_mutex_t *ssl_locks = NULL;
static long *ssl_lock_count;
extern int optind;
clientradputudp, /* clientradput */
addclientudp, /* addclient */
addserverextraudp, /* addserverextra */
- 1, /* freesrcprotores */
+ udpsetsrcres, /* setsrcres */
initextraudp /* initextra */
},
{ "tls", /* TLS, assuming RAD_TLS defined as 1 */
clientradputtls, /* clientradput */
NULL, /* addclient */
NULL, /* addserverextra */
- 0, /* freesrcprotores */
+ tlssetsrcres, /* setsrcres */
NULL /* initextra */
},
{ "tcp", /* TCP, assuming RAD_TCP defined as 2 */
clientradputtcp, /* clientradput */
NULL, /* addclient */
NULL, /* addserverextra */
- 0, /* freesrcprotores */
+ tcpsetsrcres, /* setsrcres */
NULL /* initextra */
},
{ "dtls", /* DTLS, assuming RAD_DTLS defined as 3 */
clientradputdtls, /* clientradput */
NULL, /* addclient */
addserverextradtls, /* addserverextra */
- 1, /* freesrcprotores */
+ dtlssetsrcres, /* setsrcres */
initextradtls /* initextra */
},
- { NULL, NULL, 0, NULL, 0, 0, 0, 0, 0, NULL, NULL, NULL, NULL, NULL, NULL, 0, NULL
+ { NULL, NULL, 0, NULL, 0, 0, 0, 0, 0, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL
}
};
return ok;
}
-struct addrinfo *getsrcprotores(uint8_t type) {
- return srcprotores[type];
-}
-
int resolvepeer(struct clsrvconf *conf, int ai_flags) {
struct addrinfo hints, *addrinfo, *res;
char *slash, *s;
free(res);
}
+struct addrinfo *resolve_hostport_addrinfo(uint8_t type, char *hostport) {
+ struct addrinfo *ai;
+ struct clsrvconf *res;
+
+ res = resolve_hostport(type, hostport, NULL);
+ ai = res->addrinfo;
+ res->addrinfo = NULL;
+ freeclsrvres(res);
+ return ai;
+}
+
/* returns 1 if the len first bits are equal, else 0 */
int prefixmatch(void *a1, void *a2, uint8_t len) {
static uint8_t mask[] = { 0, 0x80, 0xc0, 0xe0, 0xf0, 0xf8, 0xfc, 0xfe };
}
int addserver(struct clsrvconf *conf) {
- struct clsrvconf *res;
uint8_t type;
int i;
type = conf->type;
if (type == RAD_DTLS)
conf->servers->rbios = newqueue();
-
- if (!srcprotores[type]) {
- res = resolve_hostport(type, options.sourcearg[type], NULL);
- srcprotores[type] = res->addrinfo;
- res->addrinfo = NULL;
- freeclsrvres(res);
- }
+
+ conf->pdef->setsrcres(options.sourcearg[type]);
conf->servers->sock = -1;
if (conf->pdef->addserverextra)
pthread_sigmask(SIG_BLOCK, &sigset, NULL);
pthread_create(&sigth, NULL, sighandler, NULL);
- memset(srcprotores, 0, sizeof(srcprotores));
for (entry = list_first(srvconfs); entry; entry = list_next(entry)) {
srvconf = (struct clsrvconf *)entry->data;
if (srvconf->dynamiclookupcommand)
}
for (i = 0; protodefs[i].name; i++) {
- if (protodefs[i].freesrcprotores && srcprotores[i]) {
- freeaddrinfo(srcprotores[i]);
- srcprotores[i] = NULL;
- }
if (protodefs[i].initextra)
protodefs[i].initextra();
if (find_clconf_type(i, NULL))
int (*clientradput)(struct server *, unsigned char *);
void (*addclient)(struct client *);
void (*addserverextra)(struct clsrvconf *);
- uint8_t freesrcprotores;
+ void (*setsrcres)(char *source);
void (*initextra)();
};
#define ATTRVAL(x) ((x) + 2)
#define ATTRVALLEN(x) ((x)[1] - 2)
-struct addrinfo *getsrcprotores(uint8_t type);
struct clsrvconf *find_clconf(uint8_t type, struct sockaddr *addr, struct list_node **cur);
struct clsrvconf *find_srvconf(uint8_t type, struct sockaddr *addr, struct list_node **cur);
struct clsrvconf *find_clconf_type(uint8_t type, struct list_node **cur);
int verifyconfcert(X509 *cert, struct clsrvconf *conf);
void replyh(struct server *server, unsigned char *buf);
SSL_CTX *tlsgetctx(uint8_t type, struct tls *t);
+struct addrinfo *resolve_hostport_addrinfo(uint8_t type, char *hostport);
#include "radsecproxy.h"
#include "tcp.h"
+static struct addrinfo *srcres = NULL;
+
+void tcpsetsrcres(char *source) {
+ if (!srcres)
+ srcres = resolve_hostport_addrinfo(RAD_TCP, source);
+}
+
int tcpconnect(struct server *server, struct timeval *when, int timeout, char *text) {
struct timeval now;
time_t elapsed;
debug(DBG_WARN, "tcpconnect: trying to open TCP connection to %s port %s", server->conf->host, server->conf->port);
if (server->sock >= 0)
close(server->sock);
- if ((server->sock = connecttcp(server->conf->addrinfo, getsrcprotores(RAD_TCP))) >= 0)
+ if ((server->sock = connecttcp(server->conf->addrinfo, srcres)) >= 0)
break;
debug(DBG_ERR, "tcpconnect: connecttcp failed");
}
* copyright notice and this permission notice appear in all copies.
*/
+void tcpsetsrcres(char *source);
int tcpconnect(struct server *server, struct timeval *when, int timeout, char *text);
int clientradputtcp(struct server *server, unsigned char *rad);
void *tcpclientrd(void *arg);
#include "radsecproxy.h"
#include "tls.h"
+static struct addrinfo *srcres = NULL;
+
+void tlssetsrcres(char *source) {
+ if (!srcres)
+ srcres = resolve_hostport_addrinfo(RAD_TLS, source);
+}
+
int tlsconnect(struct server *server, struct timeval *when, int timeout, char *text) {
struct timeval now;
time_t elapsed;
debug(DBG_WARN, "tlsconnect: trying to open TLS connection to %s port %s", server->conf->host, server->conf->port);
if (server->sock >= 0)
close(server->sock);
- if ((server->sock = connecttcp(server->conf->addrinfo, getsrcprotores(RAD_TLS))) < 0) {
+ if ((server->sock = connecttcp(server->conf->addrinfo, srcres)) < 0) {
debug(DBG_ERR, "tlsconnect: connecttcp failed");
continue;
}
* copyright notice and this permission notice appear in all copies.
*/
+void tlssetsrcres(char *source);
int tlsconnect(struct server *server, struct timeval *when, int timeout, char *text);
int clientradputtls(struct server *server, unsigned char *rad);
void *tlsclientrd(void *arg);
static int client6_sock = -1;
static struct queue *server_replyq = NULL;
+static struct addrinfo *srcres = NULL;
+
+void udpsetsrcres(char *source) {
+ if (!srcres)
+ srcres = resolve_hostport_addrinfo(RAD_UDP, source);
+}
+
void removeudpclientfromreplyq(struct client *c) {
struct list_node *n;
struct request *r;
switch (conf->addrinfo->ai_family) {
case AF_INET:
if (client4_sock < 0) {
- client4_sock = bindtoaddr(getsrcprotores(RAD_UDP), AF_INET, 0, 1);
+ client4_sock = bindtoaddr(srcres, AF_INET, 0, 1);
if (client4_sock < 0)
debugx(1, DBG_ERR, "addserver: failed to create client socket for server %s", conf->host);
}
break;
case AF_INET6:
if (client6_sock < 0) {
- client6_sock = bindtoaddr(getsrcprotores(RAD_UDP), AF_INET6, 0, 1);
+ client6_sock = bindtoaddr(srcres, AF_INET6, 0, 1);
if (client6_sock < 0)
debugx(1, DBG_ERR, "addserver: failed to create client socket for server %s", conf->host);
}
void initextraudp() {
pthread_t cl4th, cl6th, srvth;
+
+ if (srcres) {
+ freeaddrinfo(srcres);
+ srcres = NULL;
+ }
if (client4_sock >= 0)
if (pthread_create(&cl4th, NULL, udpclientrd, (void *)&client4_sock))
* copyright notice and this permission notice appear in all copies.
*/
+void udpsetsrcres(char *source);
int clientradputudp(struct server *server, unsigned char *rad);
void *udpclientrd(void *arg);
void *udpserverrd(void *arg);
projects / radsecproxy.git / commitdiff