struct queue *replyq;
struct request *reply;
- debug(DBG_DBG, "dtlsserverwr: starting for %s", client->conf->host);
+ debug(DBG_DBG, "dtlsserverwr: starting for %s", addr2string(client->addr));
replyq = client->replyq;
for (;;) {
pthread_mutex_lock(&replyq->mutex);
pthread_mutex_unlock(&replyq->mutex);
cnt = SSL_write(client->ssl, reply->replybuf, RADLEN(reply->replybuf));
if (cnt > 0)
- debug(DBG_DBG, "dtlsserverwr: sent %d bytes, Radius packet of length %d",
- cnt, RADLEN(reply->replybuf));
+ debug(DBG_DBG, "dtlsserverwr: sent %d bytes, Radius packet of length %d to %s",
+ cnt, RADLEN(reply->replybuf), addr2string(client->addr));
else
while ((error = ERR_get_error()))
debug(DBG_ERR, "dtlsserverwr: SSL: %s", ERR_error_string(error, NULL));
uint8_t *buf;
pthread_t dtlsserverwrth;
- debug(DBG_DBG, "dtlsserverrd: starting for %s", client->conf->host);
+ debug(DBG_DBG, "dtlsserverrd: starting for %s", addr2string(client->addr));
if (pthread_create(&dtlsserverwrth, NULL, dtlsserverwr, (void *)client)) {
debug(DBG_ERR, "dtlsserverrd: pthread_create failed");
for (;;) {
buf = raddtlsget(client->ssl, client->rbios, IDLE_TIMEOUT);
if (!buf) {
- debug(DBG_ERR, "dtlsserverrd: connection from %s lost", client->conf->host);
+ debug(DBG_ERR, "dtlsserverrd: connection from %s lost", addr2string(client->addr));
break;
}
- debug(DBG_DBG, "dtlsserverrd: got Radius message from %s", client->conf->host);
+ debug(DBG_DBG, "dtlsserverrd: got Radius message from %s", addr2string(client->addr));
rq = newrequest();
if (!rq) {
free(buf);
rq->buf = buf;
rq->from = client;
if (!radsrv(rq)) {
- debug(DBG_ERR, "dtlsserverrd: message authentication/validation failed, closing connection from %s", client->conf->host);
+ debug(DBG_ERR, "dtlsserverrd: message authentication/validation failed, closing connection from %s", addr2string(client->addr));
break;
}
}
debug(DBG_DBG, "dtlsserverrd: waiting for writer to end");
pthread_join(dtlsserverwrth, NULL);
removeclientrqs(client);
- debug(DBG_DBG, "dtlsserverrd: reader for %s exiting", client->conf->host);
+ debug(DBG_DBG, "dtlsserverrd: reader for %s exiting", addr2string(client->addr));
}
void *dtlsservernew(void *arg) {
client = addclient(conf, 1);
if (client) {
client->sock = params->sock;
+ client->addr = addr_copy((struct sockaddr *)¶ms->addr);
client->rbios = params->sesscache->rbios;
client->ssl = ssl;
dtlsserverrd(client);
pthread_mutex_lock(&cacheentry->mutex);
if (cacheentry->rbios) {
if (udp2bio(s, cacheentry->rbios, cnt))
- debug(DBG_DBG, "udpdtlsserverrd: got DTLS in UDP from %s", addr2string((struct sockaddr *)&from, fromlen));
+ debug(DBG_DBG, "udpdtlsserverrd: got DTLS in UDP from %s", addr2string((struct sockaddr *)&from));
} else
recv(s, buf, 1, 0);
pthread_mutex_unlock(&cacheentry->mutex);
memcpy(¶ms->addr, &from, fromlen);
if (udp2bio(s, params->sesscache->rbios, cnt)) {
- debug(DBG_DBG, "udpdtlsserverrd: got DTLS in UDP from %s", addr2string((struct sockaddr *)&from, fromlen));
+ debug(DBG_DBG, "udpdtlsserverrd: got DTLS in UDP from %s", addr2string((struct sockaddr *)&from));
if (!pthread_create(&dtlsserverth, NULL, dtlsservernew, (void *)params)) {
pthread_detach(dtlsserverth);
cacheexpire(sessioncache, &lastexpiry);
conf = find_srvconf(RAD_DTLS, (struct sockaddr *)&from, NULL);
if (!conf) {
- debug(DBG_WARN, "udpdtlsclientrd: got packet from wrong or unknown DTLS peer %s, ignoring", addr2string((struct sockaddr *)&from, fromlen));
+ debug(DBG_WARN, "udpdtlsclientrd: got packet from wrong or unknown DTLS peer %s, ignoring", addr2string((struct sockaddr *)&from));
recv(s, buf, 4, 0);
continue;
}
if (udp2bio(s, conf->servers->rbios, cnt))
- debug(DBG_DBG, "radudpget: got DTLS in UDP from %s", addr2string((struct sockaddr *)&from, fromlen));
+ debug(DBG_DBG, "radudpget: got DTLS in UDP from %s", addr2string((struct sockaddr *)&from));
}
}
}
void removeclient(struct client *client) {
+ struct clsrvconf *conf;
+
if (!client)
return;
-
- pthread_mutex_lock(client->conf->lock);
- if (client->conf->clients) {
+ conf = client->conf;
+ pthread_mutex_lock(conf->lock);
+ if (conf->clients) {
pthread_mutex_lock(&client->lock);
removequeue(client->replyq);
- list_removedata(client->conf->clients, client);
+ list_removedata(conf->clients, client);
pthread_mutex_unlock(&client->lock);
pthread_mutex_destroy(&client->lock);
free(client->addr);
free(client);
}
- pthread_mutex_unlock(client->conf->lock);
+ pthread_mutex_unlock(conf->lock);
}
void removeclientrqs(struct client *client) {
struct request *rqs[MAX_REQUESTS];
struct queue *replyq;
struct queue *rbios; /* for dtls */
- struct sockaddr *addr; /* for udp */
+ struct sockaddr *addr;
};
struct server {
#define ATTRVAL(x) ((x) + 2)
#define ATTRVALLEN(x) ((x)[1] - 2)
-#define SOCKADDR_SIZE(addr) ((addr).ss_family == AF_INET ? \
- sizeof(struct sockaddr_in) : \
- sizeof(struct sockaddr_in6))
-
-#define SOCKADDRP_SIZE(addr) ((addr)->sa_family == AF_INET ? \
- sizeof(struct sockaddr_in) : \
- sizeof(struct sockaddr_in6))
-
struct addrinfo *getsrcprotores(uint8_t type);
struct clsrvconf *find_clconf(uint8_t type, struct sockaddr *addr, struct list_node **cur);
struct clsrvconf *find_srvconf(uint8_t type, struct sockaddr *addr, struct list_node **cur);
struct queue *replyq;
struct request *reply;
- debug(DBG_DBG, "tcpserverwr: starting for %s", client->conf->host);
+ debug(DBG_DBG, "tcpserverwr: starting for %s", addr2string(client->addr));
replyq = client->replyq;
for (;;) {
pthread_mutex_lock(&replyq->mutex);
pthread_mutex_unlock(&replyq->mutex);
cnt = write(client->sock, reply->replybuf, RADLEN(reply->replybuf));
if (cnt > 0)
- debug(DBG_DBG, "tcpserverwr: sent %d bytes, Radius packet of length %d",
- cnt, RADLEN(reply->replybuf));
+ debug(DBG_DBG, "tcpserverwr: sent %d bytes, Radius packet of length %d to %s",
+ cnt, RADLEN(reply->replybuf), addr2string(client->addr));
else
- debug(DBG_ERR, "tcpserverwr: write error for %s", client->conf->host);
+ debug(DBG_ERR, "tcpserverwr: write error for %s", addr2string(client->addr));
freerq(reply);
}
}
uint8_t *buf;
pthread_t tcpserverwrth;
- debug(DBG_DBG, "tcpserverrd: starting for %s", client->conf->host);
+ debug(DBG_DBG, "tcpserverrd: starting for %s", addr2string(client->addr));
if (pthread_create(&tcpserverwrth, NULL, tcpserverwr, (void *)client)) {
debug(DBG_ERR, "tcpserverrd: pthread_create failed");
for (;;) {
buf = radtcpget(client->sock, 0);
if (!buf) {
- debug(DBG_ERR, "tcpserverrd: connection from %s lost", client->conf->host);
+ debug(DBG_ERR, "tcpserverrd: connection from %s lost", addr2string(client->addr));
break;
}
- debug(DBG_DBG, "tcpserverrd: got Radius message from %s", client->conf->host);
+ debug(DBG_DBG, "tcpserverrd: got Radius message from %s", addr2string(client->addr));
rq = newrequest();
if (!rq) {
free(buf);
rq->buf = buf;
rq->from = client;
if (!radsrv(rq)) {
- debug(DBG_ERR, "tcpserverrd: message authentication/validation failed, closing connection from %s", client->conf->host);
+ debug(DBG_ERR, "tcpserverrd: message authentication/validation failed, closing connection from %s", addr2string(client->addr));
break;
}
}
debug(DBG_DBG, "tcpserverrd: waiting for writer to end");
pthread_join(tcpserverwrth, NULL);
removeclientrqs(client);
- debug(DBG_DBG, "tcpserverrd: reader for %s exiting", client->conf->host);
+ debug(DBG_DBG, "tcpserverrd: reader for %s exiting", addr2string(client->addr));
}
-
void *tcpservernew(void *arg) {
int s;
struct sockaddr_storage from;
debug(DBG_DBG, "tcpservernew: getpeername failed, exiting");
goto exit;
}
- debug(DBG_WARN, "tcpservernew: incoming TCP connection from %s", addr2string((struct sockaddr *)&from, fromlen));
+ debug(DBG_WARN, "tcpservernew: incoming TCP connection from %s", addr2string((struct sockaddr *)&from));
conf = find_clconf(RAD_TCP, (struct sockaddr *)&from, NULL);
if (conf) {
client = addclient(conf, 1);
if (client) {
client->sock = s;
+ client->addr = addr_copy((struct sockaddr *)&from);
tcpserverrd(client);
removeclient(client);
} else
struct queue *replyq;
struct request *reply;
- debug(DBG_DBG, "tlsserverwr: starting for %s", client->conf->host);
+ debug(DBG_DBG, "tlsserverwr: starting for %s", addr2string(client->addr));
replyq = client->replyq;
for (;;) {
pthread_mutex_lock(&replyq->mutex);
pthread_mutex_unlock(&replyq->mutex);
cnt = SSL_write(client->ssl, reply->replybuf, RADLEN(reply->replybuf));
if (cnt > 0)
- debug(DBG_DBG, "tlsserverwr: sent %d bytes, Radius packet of length %d",
- cnt, RADLEN(reply->replybuf));
+ debug(DBG_DBG, "tlsserverwr: sent %d bytes, Radius packet of length %d to %s",
+ cnt, RADLEN(reply->replybuf), addr2string(client->addr));
else
while ((error = ERR_get_error()))
debug(DBG_ERR, "tlsserverwr: SSL: %s", ERR_error_string(error, NULL));
uint8_t *buf;
pthread_t tlsserverwrth;
- debug(DBG_DBG, "tlsserverrd: starting for %s", client->conf->host);
+ debug(DBG_DBG, "tlsserverrd: starting for %s", addr2string(client->addr));
if (pthread_create(&tlsserverwrth, NULL, tlsserverwr, (void *)client)) {
debug(DBG_ERR, "tlsserverrd: pthread_create failed");
for (;;) {
buf = radtlsget(client->ssl, 0);
if (!buf) {
- debug(DBG_ERR, "tlsserverrd: connection from %s lost", client->conf->host);
+ debug(DBG_ERR, "tlsserverrd: connection from %s lost", addr2string(client->addr));
break;
}
- debug(DBG_DBG, "tlsserverrd: got Radius message from %s", client->conf->host);
+ debug(DBG_DBG, "tlsserverrd: got Radius message from %s", addr2string(client->addr));
rq = newrequest();
if (!rq) {
free(buf);
rq->buf = buf;
rq->from = client;
if (!radsrv(rq)) {
- debug(DBG_ERR, "tlsserverrd: message authentication/validation failed, closing connection from %s", client->conf->host);
+ debug(DBG_ERR, "tlsserverrd: message authentication/validation failed, closing connection from %s", addr2string(client->addr));
break;
}
}
debug(DBG_DBG, "tlsserverrd: waiting for writer to end");
pthread_join(tlsserverwrth, NULL);
removeclientrqs(client);
- debug(DBG_DBG, "tlsserverrd: reader for %s exiting", client->conf->host);
+ debug(DBG_DBG, "tlsserverrd: reader for %s exiting", addr2string(client->addr));
}
void *tlsservernew(void *arg) {
debug(DBG_DBG, "tlsservernew: getpeername failed, exiting");
goto exit;
}
- debug(DBG_WARN, "tlsservernew: incoming TLS connection from %s", addr2string((struct sockaddr *)&from, fromlen));
+ debug(DBG_WARN, "tlsservernew: incoming TLS connection from %s", addr2string((struct sockaddr *)&from));
conf = find_clconf(RAD_TLS, (struct sockaddr *)&from, &cur);
if (conf) {
client = addclient(conf, 1);
if (client) {
client->ssl = ssl;
+ client->addr = addr_copy((struct sockaddr *)&from);
tlsserverrd(client);
removeclient(client);
} else
? find_clconf(RAD_UDP, (struct sockaddr *)&from, NULL)
: find_srvconf(RAD_UDP, (struct sockaddr *)&from, NULL);
if (!p) {
- debug(DBG_WARN, "radudpget: got packet from wrong or unknown UDP peer %s, ignoring", addr2string((struct sockaddr *)&from, fromlen));
+ debug(DBG_WARN, "radudpget: got packet from wrong or unknown UDP peer %s, ignoring", addr2string((struct sockaddr *)&from));
recv(s, buf, 4, 0);
continue;
}
}
cnt = recv(s, rad, len, MSG_TRUNC);
- debug(DBG_DBG, "radudpget: got %d bytes from %s", cnt, addr2string((struct sockaddr *)&from, fromlen));
+ debug(DBG_DBG, "radudpget: got %d bytes from %s", cnt, addr2string((struct sockaddr *)&from));
if (cnt < len) {
debug(DBG_WARN, "radudpget: packet smaller than length field in radius header");
#include <unistd.h>
#include <stdarg.h>
#include "debug.h"
-
-#if 0
-#include <errno.h>
-void errx(char *format, ...) {
- extern int errno;
-
- va_list ap;
- va_start(ap, format);
- vfprintf(stderr, format, ap);
- va_end(ap);
- if (errno) {
- fprintf(stderr, ": ");
- perror(NULL);
- fprintf(stderr, "errno=%d\n", errno);
- } else
- fprintf(stderr, "\n");
- exit(1);
-}
-
-void err(char *format, ...) {
- extern int errno;
-
- va_list ap;
- va_start(ap, format);
- vfprintf(stderr, format, ap);
- va_end(ap);
- if (errno) {
- fprintf(stderr, ": ");
- perror(NULL);
- fprintf(stderr, "errno=%d\n", errno);
- } else
- fprintf(stderr, "\n");
-}
-#endif
+#include "util.h"
char *stringcopy(const char *s, int len) {
char *r;
return out;
}
-char *addr2string(struct sockaddr *addr, socklen_t len) {
+char *addr2string(struct sockaddr *addr) {
struct sockaddr_in6 *sa6;
struct sockaddr_in sa4;
static char addr_buf[2][INET6_ADDRSTRLEN];
addr = (struct sockaddr *)&sa4;
}
}
- len = addr->sa_family == AF_INET ? sizeof(struct sockaddr_in) : sizeof(struct sockaddr_in6);
-
- if (getnameinfo(addr, len, addr_buf[i], sizeof(addr_buf[i]),
+ if (getnameinfo(addr, SOCKADDRP_SIZE(addr), addr_buf[i], sizeof(addr_buf[i]),
NULL, 0, NI_NUMERICHOST)) {
debug(DBG_WARN, "getnameinfo failed");
return "getnameinfo_failed";
#include <sys/socket.h>
#include <netdb.h>
+#define SOCKADDR_SIZE(addr) ((addr).ss_family == AF_INET ? \
+ sizeof(struct sockaddr_in) : \
+ sizeof(struct sockaddr_in6))
+
+#define SOCKADDRP_SIZE(addr) ((addr)->sa_family == AF_INET ? \
+ sizeof(struct sockaddr_in) : \
+ sizeof(struct sockaddr_in6))
+
char *stringcopy(const char *s, int len);
-char *addr2string(struct sockaddr *addr, socklen_t len);
+char *addr2string(struct sockaddr *addr);
int addr_equal(struct sockaddr *a, struct sockaddr *b);
struct sockaddr *addr_copy(struct sockaddr *in);
uint16_t port_get(struct sockaddr *sa);