- Application runs its own event loop, using fd's for select and
performs I/O using the libradsec send/receive calls
(a.k.a. on-your-own mode)
+- Fully reentrant
- User chooses allocation regime
Note that as of 0.0.2.dev libradsec suffers from way too much focus on
Not only does it lack most of the functions needed for writing a
server but it also contains at least one architectural mishap which
kills the server idea -- a connection timeout (TCP) or a retransmit
-timeout (UDP) will result in the event loop being broken. The same
+timeout (UDP) will result in the event loop being broken. The same
thing will happen if there's an error on a TCP connection, f.ex. a
failing certificate validation (TLS).
+
* Dependencies
-Details apply to Ubuntu 10.10.
+Details (within parentheses) apply to Debian Wheezy.
-- libconfuse (2.7-1)
+- libconfuse (2.7-4)
sudo apt-get install libconfuse-dev libconfuse0
-- libevent from source (release-2.0.10-stable)
- git clone --branch release-2.0.10-stable git://levent.git.sourceforge.net/gitroot/levent/levent
- cd levent; sh autogen.sh && ./configure --enable-openssl
- make && sudo make install
-- OpenSSL (optional, for TLS and DTLS support)
- sudo apt-get install libssl-dev
+- libevent2 (2.0.19-stable-3)
+ sudo apt-get install libevent-dev libevent-2.0-5
+- OpenSSL (1.0.1c-4) -- optional, for TLS and DTLS support
+ sudo apt-get install libssl-dev libssl1.0.0
* Functionality and quality
** Not well tested
- [TLS] basic tls support
- [TLS] preshared key support
- [TLS] verification of CN
+
** Known issues
- error stack is only one entry deep
- custom allocation scheme is not used in all places
+
** Not implemented
-- server failover
+- [client] server failover
- [DTLS] support
+- [server] support
* Found a bug?
-Please report it. This is how we improve the quality of the code.
+Please report it. That is how we improve the quality of the code.
If possible, please build the library with DEBUG defined (CFLAGS="-g
--DDEBUG") and reproduce the problem. With DEBUG defined, lots of
+-DDEBUG") and reproduce the problem. With DEBUG defined, lots of
asserts are enabled which might give a hint about what's gone wrong.
-Running the library under gdb is another good idea. If you experience
-a crash, catching it in gdb and providing a backtrace is highly
+Running the library under gdb is another good idea. If you experience
+a crash, catching the crash in gdb and providing a backtrace is highly
valuable for debugging.
Contact: mailto:linus+libradsec@nordu.net
libradsec is a RADIUS library for clients doing RADIUS over UDP or
-TLS. The goal is to add support for writing servers (and thus
+TLS. The goal is to add support for writing servers (and thus
proxies) and to add transports TCP and DTLS.
http://git.nordu.net/?p=radsecproxy.git;a=shortlog;h=refs/heads/libradsec
-The source code is licensed under two different licenses, a 3-clause
-BSD license and the GNU General Public License (version 2 or later).
-Users of this library may choose which of these suits them best.
+The source code is licensed under a 3-clause BSD license. See LICENSE.
libradsec depends on
-- libevent2
- libconfuse
+- libevent2
- openssl (if configured with --enable-tls)
If any of the libraries are not found, try setting environment
variable LDFLAGS at configure time like so:
- LDFLAGS="-L/usr/local/lib" ./configure --enable-tls
+ LDFLAGS="-L/usr/local/lib" ./configure --enable-tls
The parts of the library which has been tested has been so on Linux
-(Ubuntu 10.10) with libfreeradius2 (2.1.9+dfsg-1ubuntu1), libconfuse0
-(2.7-1) and libevent-2.0.10-stable (http://libevent.org/).
+(Debian) with libconfuse (2.7), libevent (2.0.19) and OpenSSL
+(1.0.1c).
The file HACKING contains more detailed info on the state of the
various parts of the library.
projects / radsecproxy.git / commitdiff