From: Linus Nordberg Date: Fri, 17 May 2013 08:50:11 +0000 (+0200) Subject: Merge branch 'libradsec-add-avp-2' into libradsec X-Git-Tag: libradsec-0.0.4~11 X-Git-Url: http://www.project-moonshot.org/gitweb/?p=radsecproxy.git;a=commitdiff_plain;h=bc7b85e8e4fa2e0e8d31bca161b2ad1a01ccafc5;hp=9ac979d07ab5ddbc283daf3e469f7ae756c2a351 Merge branch 'libradsec-add-avp-2' into libradsec Conflicts: lib/Makefile.am --- diff --git a/lib/LICENSE b/lib/LICENSE index 43a0ec8..be32a9a 100644 --- a/lib/LICENSE +++ b/lib/LICENSE @@ -1,6 +1,6 @@ * Copyright (c) 2007-2010, UNINETT AS * Copyright (c) 2011, JANET(UK) -* Copyright (c) 2010-2011, NORDUnet A/S +* Copyright (c) 2010-2013, NORDUnet A/S * All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/lib/Makefile.am b/lib/Makefile.am index ab1a47e..769e7ab 100644 --- a/lib/Makefile.am +++ b/lib/Makefile.am @@ -3,21 +3,22 @@ ACLOCAL_AMFLAGS = -I m4 # Shared library interface version, i.e. -version-info to Libtool, # expressed as three integers CURRENT:REVISION:AGE. - -# CURRENT is the version number of the current interface. Increment -# CURRENT when the library interface changes. - +# +# CURRENT is the version number of the current interface. Increment +# CURRENT when the library interface has changed or has been extended. +# # REVISION is the version number of the _implementation_ of the -# CURRENT interface. Set REVISION to 0 when CURRENT changes, -# else increment. - +# CURRENT interface. Set REVISION to 0 when CURRENT changes, else +# increment. +# # AGE is the number of interfaces this library implements, i.e. how -# many versions before CURRENT that are supported. Increment AGE -# when the library interface is _extended_. Set AGE to 0 when the -# library interface is _changed_. +# many versions before CURRENT that are supported. Increment AGE when +# the library interface is _extended_. Set AGE to 0 when the library +# interface is _changed_. SUBDIRS = radius radsecproxy include . examples +DIST_SUBDIRS = $(SUBDIRS) tests INCLUDES = -I$(srcdir)/include AM_CFLAGS = -Wall -Werror -g @@ -47,8 +48,24 @@ else libradsec_la_SOURCES += md5.c endif -EXTRA_DIST = HACKING LICENSE +libradsec_la_SOURCES += \ + compat.h \ + conn.h \ + debug.h \ + err.h \ + event.h \ + md5.h \ + packet.h \ + peer.h \ + radsec.h \ + tcp.h \ + tls.h \ + udp.h \ + util.h + +EXTRA_DIST = HACKING LICENSE libradsec.spec radsec.sym +AM_DISTCHECK_CONFIGURE_FLAGS = --enable-tls --enable-tls-psk libradsec_la_LIBADD = radsecproxy/libradsec-radsecproxy.la radius/libradsec-radius.la -libradsec_la_LDFLAGS = -version-info 1:0:1 -export-symbols radsec.sym +libradsec_la_LDFLAGS = -version-info 1:0:1 -export-symbols $(srcdir)/radsec.sym libradsec_la_CFLAGS = $(AM_CFLAGS) -DHAVE_CONFIG_H -Werror # -DDEBUG -DDEBUG_LEVENT diff --git a/lib/README b/lib/README index 37a5d16..111c570 100644 --- a/lib/README +++ b/lib/README @@ -1,16 +1,17 @@ -libradsec is a RADIUS library for clients doing RADIUS over UDP or -TLS. The goal is to add support for writing servers (and thus -proxies) and to add transports TCP and DTLS. +Libradsec is a RADIUS library for clients doing RADIUS over UDP or +TLS. The goal is to add support for writing servers (and thus proxies) +and to add transports TCP and DTLS. The canonical pickup point is http://git.nordu.net/?p=radsecproxy.git;a=shortlog;h=refs/heads/libradsec -The source code is licensed under a 3-clause BSD license. See LICENSE. +The source code is licensed under a 3-clause BSD license. See the +LICENSE file. -libradsec depends on +Libradsec depends on - libconfuse - libevent2 - openssl (if configured with --enable-tls) @@ -18,10 +19,24 @@ libradsec depends on To compile the library and the examples, do something like - sh autogen.sh && ./configure && make + sh autogen.sh && ./configure && make -If any of the libraries are not found, try setting environment -variable LDFLAGS at configure time like so: + +There are a couple of options that can be used when configuring. See + + ./configure --help + +for the full list. Worth mentioning here is --enable-tls and +--enable-tls-psk. + +If the preprocessor has a hard time finding some of the header files +are, try setting environment variable CPPFLAGS at configure +time. Example: + + CPPFLAGS="-I/usr/local/include" ./configure --enable-tls + +If the link editor has trouble finding any of the libraries needed, +try setting environment variable LDFLAGS at configure time. Example: LDFLAGS="-L/usr/local/lib" ./configure --enable-tls diff --git a/lib/avp.c b/lib/avp.c index c60d9ef..11c56db 100644 --- a/lib/avp.c +++ b/lib/avp.c @@ -1,5 +1,5 @@ /* Copyright 2011 JANET(UK). All rights reserved. - See LICENSE for licensing information. */ + See LICENSE for licensing information. */ #if defined HAVE_CONFIG_H #include diff --git a/lib/compat.c b/lib/compat.c index c09e795..7c4e346 100644 --- a/lib/compat.c +++ b/lib/compat.c @@ -1,5 +1,5 @@ /* Copyright 2011 NORDUnet A/S. All rights reserved. - See LICENSE for licensing information. */ + See LICENSE for licensing information. */ #if defined HAVE_CONFIG_H #include diff --git a/lib/compat.h b/lib/compat.h index f132779..d3083e9 100644 --- a/lib/compat.h +++ b/lib/compat.h @@ -1,5 +1,5 @@ /* Copyright 2011 NORDUnet A/S. All rights reserved. - See LICENSE for licensing information. */ + See LICENSE for licensing information. */ ssize_t compat_send (int sockfd, const void *buf, size_t len, int flags); ssize_t compat_recv (int sockfd, void *buf, size_t len, int flags); diff --git a/lib/conf.c b/lib/conf.c index 8ad0a45..68da0a5 100644 --- a/lib/conf.c +++ b/lib/conf.c @@ -1,5 +1,5 @@ -/* Copyright 2010, 2011 NORDUnet A/S. All rights reserved. - See LICENSE for licensing information. */ +/* Copyright 2010-2013 NORDUnet A/S. All rights reserved. + See LICENSE for licensing information. */ #if defined HAVE_CONFIG_H #include diff --git a/lib/configure.ac b/lib/configure.ac index 4abd170..ab775e4 100644 --- a/lib/configure.ac +++ b/lib/configure.ac @@ -1,6 +1,6 @@ # -*- Autoconf -*- script for libradsec. -AC_PREREQ([2.65]) +AC_PREREQ([2.63]) AC_INIT([libradsec], [0.0.4.dev], [linus+libradsec@nordu.net]) AC_CONFIG_MACRO_DIR([m4]) AC_CONFIG_SRCDIR([radsec.c]) @@ -53,10 +53,10 @@ AC_TYPE_UINT8_T # Checks for library functions. AC_CHECK_FUNCS([memset socket strdup strerror strrchr]) -AC_CONFIG_FILES([Makefile +AC_CONFIG_FILES([Makefile libradsec.spec radsecproxy/Makefile - radius/Makefile - include/Makefile + radius/Makefile + include/Makefile examples/Makefile tests/Makefile]) AC_OUTPUT diff --git a/lib/conn.c b/lib/conn.c index 7522782..499c330 100644 --- a/lib/conn.c +++ b/lib/conn.c @@ -1,5 +1,5 @@ -/* Copyright 2010, 2011 NORDUnet A/S. All rights reserved. - See LICENSE for licensing information. */ +/* Copyright 2010-2013 NORDUnet A/S. All rights reserved. + See LICENSE for licensing information. */ #if defined HAVE_CONFIG_H #include @@ -20,19 +20,6 @@ #include "tcp.h" int -conn_close (struct rs_connection **connp) -{ - int r = 0; - assert (connp); - assert (*connp); - if ((*connp)->is_connected) - r = rs_conn_disconnect (*connp); - if (r == RSE_OK) - *connp = NULL; - return r; -} - -int conn_user_dispatch_p (const struct rs_connection *conn) { assert (conn); @@ -145,6 +132,25 @@ rs_conn_disconnect (struct rs_connection *conn) assert (conn); + if (conn->is_connected) + event_on_disconnect (conn); + + if (conn->bev) + { + bufferevent_free (conn->bev); + conn->bev = NULL; + } + if (conn->rev) + { + event_free (conn->rev); + conn->rev = NULL; + } + if (conn->wev) + { + event_free (conn->wev); + conn->wev = NULL; + } + err = evutil_closesocket (conn->fd); conn->fd = -1; return err; diff --git a/lib/conn.h b/lib/conn.h index c538a8c..66e15e2 100644 --- a/lib/conn.h +++ b/lib/conn.h @@ -1,7 +1,6 @@ -/* Copyright 2011 NORDUnet A/S. All rights reserved. - See LICENSE for licensing information. */ +/* Copyright 2011,2013 NORDUnet A/S. All rights reserved. + See LICENSE for licensing information. */ -int conn_close (struct rs_connection **connp); int conn_user_dispatch_p (const struct rs_connection *conn); int conn_activate_timeout (struct rs_connection *conn); int conn_type_tls (const struct rs_connection *conn); diff --git a/lib/debug.c b/lib/debug.c index 25c7fd6..903c793 100644 --- a/lib/debug.c +++ b/lib/debug.c @@ -1,5 +1,5 @@ /* Copyright 2011 NORDUnet A/S. All rights reserved. - See LICENSE for licensing information. */ + See LICENSE for licensing information. */ #if defined HAVE_CONFIG_H #include diff --git a/lib/debug.h b/lib/debug.h index c319085..ed62da1 100644 --- a/lib/debug.h +++ b/lib/debug.h @@ -1,5 +1,5 @@ /* Copyright 2011 NORDUnet A/S. All rights reserved. - See LICENSE for licensing information. */ + See LICENSE for licensing information. */ #define hd(p, l) { int i; \ for (i = 1; i <= l; i++) { \ diff --git a/lib/err.c b/lib/err.c index 854a4a9..0c7d5a8 100644 --- a/lib/err.c +++ b/lib/err.c @@ -1,5 +1,5 @@ -/* Copyright 2010, 2011 NORDUnet A/S. All rights reserved. - See LICENSE for licensing information. */ +/* Copyright 2010-2013 NORDUnet A/S. All rights reserved. + See LICENSE for licensing information. */ #if defined HAVE_CONFIG_H #include diff --git a/lib/err.h b/lib/err.h index 6615ac8..ba83a53 100644 --- a/lib/err.h +++ b/lib/err.h @@ -1,5 +1,5 @@ /* Copyright 2011 NORDUnet A/S. All rights reserved. - See LICENSE for licensing information. */ + See LICENSE for licensing information. */ struct rs_error *err_create (unsigned int code, const char *file, diff --git a/lib/event.c b/lib/event.c index e51616a..c625850 100644 --- a/lib/event.c +++ b/lib/event.c @@ -1,5 +1,5 @@ -/* Copyright 2011 NORDUnet A/S. All rights reserved. - See LICENSE for licensing information. */ +/* Copyright 2011-2013 NORDUnet A/S. All rights reserved. + See LICENSE for licensing information. */ #if defined HAVE_CONFIG_H #include @@ -222,9 +222,7 @@ event_loopbreak (struct rs_connection *conn) { int err = event_base_loopbreak (conn->evb); if (err < 0) - rs_err_conn_push_fl (conn, RSE_EVENT, __FILE__, __LINE__, - "event_base_loopbreak: %s", - evutil_gai_strerror (err)); + rs_err_conn_push (conn, RSE_EVENT, "event_base_loopbreak"); return err; } diff --git a/lib/event.h b/lib/event.h index 9c239df..bd9ec77 100644 --- a/lib/event.h +++ b/lib/event.h @@ -1,5 +1,5 @@ -/* Copyright 2011 NORDUnet A/S. All rights reserved. - See LICENSE for licensing information. */ +/* Copyright 2011-2012 NORDUnet A/S. All rights reserved. + See LICENSE for licensing information. */ void event_on_disconnect (struct rs_connection *conn); int event_on_connect (struct rs_connection *conn, struct rs_packet *pkt); diff --git a/lib/examples/Makefile.am b/lib/examples/Makefile.am index bfd31e8..f300627 100644 --- a/lib/examples/Makefile.am +++ b/lib/examples/Makefile.am @@ -1,5 +1,5 @@ AUTOMAKE_OPTIONS = foreign -INCLUDES = -I$(top_srcdir)/include +INCLUDES = -I$(top_srcdir)/include -I$(top_srcdir) AM_CFLAGS = -Wall -Werror -g noinst_PROGRAMS = client diff --git a/lib/examples/client-psk.conf b/lib/examples/client-psk.conf new file mode 100644 index 0000000..7b35e23 --- /dev/null +++ b/lib/examples/client-psk.conf @@ -0,0 +1,18 @@ +# We keep PSK configurations in a separate config file until +# --enable-tls-psk is on by default. This configuration is not valid +# without PSK support. + +realm blocking-tls-psk { + type = "TLS" + timeout = 1 + retries = 3 + #pskstr = "sikrit psk" + pskhexstr = "deadbeef4711" + pskid = "Client_identity" + pskex = "PSK" + server { + hostname = "srv1" + service = "4433" + secret = "sikrit" + } +} diff --git a/lib/examples/client.conf b/lib/examples/client.conf index a19b699..b0b4536 100644 --- a/lib/examples/client.conf +++ b/lib/examples/client.conf @@ -22,18 +22,3 @@ realm blocking-tls { secret = "sikrit" } } - -realm blocking-tls-psk { - type = "TLS" - timeout = 1 - retries = 3 - #pskstr = "sikrit psk" - pskhexstr = "deadbeef4711" - pskid = "Client_identity" - pskex = "PSK" - server { - hostname = "srv1" - service = "4433" - secret = "sikrit" - } -} diff --git a/lib/include/radsec/radsec-impl.h b/lib/include/radsec/radsec-impl.h index 6c02dcf..e472703 100644 --- a/lib/include/radsec/radsec-impl.h +++ b/lib/include/radsec/radsec-impl.h @@ -1,7 +1,8 @@ /** @file libradsec-impl.h @brief Libraray internal header file for libradsec. */ -/* See LICENSE for licensing information. */ +/* Copyright 2010-2013 NORDUnet A/S. All rights reserved. + See LICENSE for licensing information. */ #ifndef _RADSEC_RADSEC_IMPL_H_ #define _RADSEC_RADSEC_IMPL_H_ 1 diff --git a/lib/include/radsec/radsec.h b/lib/include/radsec/radsec.h index fe6690a..bc061e0 100644 --- a/lib/include/radsec/radsec.h +++ b/lib/include/radsec/radsec.h @@ -1,7 +1,8 @@ /** \file radsec.h \brief Public interface for libradsec. */ -/* See LICENSE for licensing information. */ +/* Copyright 2010-2013 NORDUnet A/S. All rights reserved. + See LICENSE for licensing information. */ #ifndef _RADSEC_RADSEC_H_ #define _RADSEC_RADSEC_H_ 1 diff --git a/lib/include/radsec/request-impl.h b/lib/include/radsec/request-impl.h index bb61dd6..97335e5 100644 --- a/lib/include/radsec/request-impl.h +++ b/lib/include/radsec/request-impl.h @@ -1,4 +1,5 @@ -/* See LICENSE for licensing information. */ +/* Copyright 2010-2011 NORDUnet A/S. All rights reserved. + See LICENSE for licensing information. */ #ifndef _RADSEC_REQUEST_IMPL_H_ #define _RADSEC_REQUEST_IMPL_H_ 1 diff --git a/lib/include/radsec/request.h b/lib/include/radsec/request.h index 7e58008..d4c72b3 100644 --- a/lib/include/radsec/request.h +++ b/lib/include/radsec/request.h @@ -1,7 +1,8 @@ /** \file request.h \brief Public interface for libradsec request's. */ -/* See LICENSE for licensing information. */ +/* Copyright 2010-2013 NORDUnet A/S. All rights reserved. + See LICENSE for licensing information. */ #ifndef _RADSEC_REQUEST_H_ #define _RADSEC_REQUEST_H_ 1 diff --git a/lib/libradsec.spec.in b/lib/libradsec.spec.in new file mode 100644 index 0000000..97d6178 --- /dev/null +++ b/lib/libradsec.spec.in @@ -0,0 +1,77 @@ +Name: @PACKAGE@ +Version: @PACKAGE_VERSION@ +Release: 1%{?dist} +Summary: RADIUS over TLS library + +Group: System Environment/Libraries +License: BSD +URL: http://software.uninett.no/radsecproxy/?page=documentation +Source0: %{name}-%{version}.tar.gz +BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root + + + +BuildRequires: openssl-devel +BuildRequires: libconfuse-devel +BuildRequires: autoconf +BuildRequires: automake +BuildRequires: libtool +BuildRequires: libevent-devel >= 2.0 + + + +%description + Libradsec is a RADIUS over TLS library. + + +%package devel +Summary: Development files for %{name} +Group: Development/Libraries +Requires: %{name} = %{version}-%{release} + +%description devel +The %{name}-devel package contains libraries and header files for +developing applications that use %{name}. + + +%prep +%setup -q + + +%build + export CPPFLAGS='-I%{_includedir}' + export LDFLAGS='-L%{_libdir}' +%configure --disable-static +make %{?_smp_mflags} + + +%install +rm -rf $RPM_BUILD_ROOT +make install DESTDIR=$RPM_BUILD_ROOT +find $RPM_BUILD_ROOT -name '*.la' -exec rm -f {} ';' + + +%clean +rm -rf $RPM_BUILD_ROOT + + +%post -p /sbin/ldconfig + +%postun -p /sbin/ldconfig + + +%files +%defattr(-,root,root,-) +%doc README +%{_libdir}/*.so.* + +%files devel +%defattr(-,root,root,-) +%{_includedir}/* +%{_libdir}/*.so + + +%changelog +* Tue Sep 27 2011 - %{version}-1 +- initial version + diff --git a/lib/md5.c b/lib/md5.c index 7d43a60..f4ac436 100644 --- a/lib/md5.c +++ b/lib/md5.c @@ -89,9 +89,9 @@ * This processes one or more 64-byte data blocks, but does NOT update * the bit counters. There are no alignment requirements. */ -static void *body(MD5_CTX *ctx, void *data, unsigned long size) +static const void *body(MD5_CTX *ctx, const void *data, unsigned long size) { - unsigned char *ptr; + const unsigned char *ptr; MD5_u32plus a, b, c, d; MD5_u32plus saved_a, saved_b, saved_c, saved_d; @@ -207,7 +207,7 @@ void MD5_Init(MD5_CTX *ctx) ctx->hi = 0; } -void MD5_Update(MD5_CTX *ctx, void *data, unsigned long size) +void MD5_Update(MD5_CTX *ctx, const void *data, unsigned long size) { MD5_u32plus saved_lo; unsigned long used, free; diff --git a/lib/md5.h b/lib/md5.h index f1a6857..2da44bf 100644 --- a/lib/md5.h +++ b/lib/md5.h @@ -39,7 +39,7 @@ typedef struct { } MD5_CTX; extern void MD5_Init(MD5_CTX *ctx); -extern void MD5_Update(MD5_CTX *ctx, void *data, unsigned long size); +extern void MD5_Update(MD5_CTX *ctx, const void *data, unsigned long size); extern void MD5_Final(unsigned char *result, MD5_CTX *ctx); #endif diff --git a/lib/packet.c b/lib/packet.c index 63bf370..5daad25 100644 --- a/lib/packet.c +++ b/lib/packet.c @@ -1,10 +1,11 @@ -/* Copyright 2010, 2011 NORDUnet A/S. All rights reserved. - See LICENSE for licensing information. */ +/* Copyright 2010-2013 NORDUnet A/S. All rights reserved. + See LICENSE for licensing information. */ #if defined HAVE_CONFIG_H #include #endif +#include #include #include #include @@ -252,7 +253,7 @@ rs_packet_append_avp (struct rs_packet *pkt, da = nr_dict_attr_byvalue (attr, vendor); if (da == NULL) - return RSE_ATTR_TYPE_UNKNOWN; + return rs_err_conn_push (pkt->conn, RSE_ATTR_TYPE_UNKNOWN, __func__); err = nr_packet_attr_append (pkt->rpkt, NULL, da, data, data_len); if (err < 0) diff --git a/lib/packet.h b/lib/packet.h index c020d69..7cdbb35 100644 --- a/lib/packet.h +++ b/lib/packet.h @@ -1,5 +1,5 @@ /* Copyright 2010, 2011 NORDUnet A/S. All rights reserved. - See LICENSE for licensing information. */ + See LICENSE for licensing information. */ int packet_do_send (struct rs_packet *pkt); int packet_verify_response (struct rs_connection *conn, diff --git a/lib/peer.c b/lib/peer.c index 0ac4114..decc64b 100644 --- a/lib/peer.c +++ b/lib/peer.c @@ -1,5 +1,5 @@ -/* Copyright 2010, 2011 NORDUnet A/S. All rights reserved. - See LICENSE for licensing information. */ +/* Copyright 2010-2012 NORDUnet A/S. All rights reserved. + See LICENSE for licensing information. */ #if defined HAVE_CONFIG_H #include diff --git a/lib/peer.h b/lib/peer.h index 4e976c5..b15395f 100644 --- a/lib/peer.h +++ b/lib/peer.h @@ -1,5 +1,5 @@ /* Copyright 2011 NORDUnet A/S. All rights reserved. - See LICENSE for licensing information. */ + See LICENSE for licensing information. */ struct rs_peer *peer_create (struct rs_context *ctx, struct rs_peer **rootp); struct rs_peer *peer_pick_peer (struct rs_connection *conn); diff --git a/lib/radius/Makefile.am b/lib/radius/Makefile.am index 96bafae..c827465 100644 --- a/lib/radius/Makefile.am +++ b/lib/radius/Makefile.am @@ -18,6 +18,8 @@ libradsec_radius_la_SOURCES = \ static.c \ valuepair.c +libradsec_radius_la_SOURCES += client.h + libradsec_radius_la_CFLAGS = $(AM_CFLAGS) -DHAVE_CONFIG_H DICTIONARIES = \ @@ -27,7 +29,7 @@ DICTIONARIES = \ share/dictionary.ukerna \ share/dictionary.abfab.ietf -EXTRA_DIST = $(DICTIONARIES) +EXTRA_DIST = dictionaries.c $(DICTIONARIES) common.pl convert.pl $(top_srcdir)/include/radsec/radius.h dictionaries.c: ${DICTIONARIES} convert.pl common.pl $(srcdir)/convert.pl ${DICTIONARIES} @@ -38,4 +40,3 @@ clean-local: rm -f dictionaries.c $(libradsec_radius_la_SOURCES): $(top_srcdir)/include/radsec/radius.h - diff --git a/lib/radsec.c b/lib/radsec.c index db406ae..efd2dc3 100644 --- a/lib/radsec.c +++ b/lib/radsec.c @@ -1,5 +1,5 @@ -/* Copyright 2010, 2011 NORDUnet A/S. All rights reserved. - See LICENSE for licensing information. */ +/* Copyright 2010-2013 NORDUnet A/S. All rights reserved. + See LICENSE for licensing information. */ #if defined HAVE_CONFIG_H #include diff --git a/lib/radsec.h b/lib/radsec.h index c8fa2fb..703e44b 100644 --- a/lib/radsec.h +++ b/lib/radsec.h @@ -1,5 +1,5 @@ /* Copyright 2012 NORDUnet A/S. All rights reserved. - See LICENSE for licensing information. */ + See LICENSE for licensing information. */ struct rs_error *rs_resolve (struct evutil_addrinfo **addr, rs_conn_type_t type, diff --git a/lib/radsecproxy/Makefile.am b/lib/radsecproxy/Makefile.am index 0d4a882..962f367 100644 --- a/lib/radsecproxy/Makefile.am +++ b/lib/radsecproxy/Makefile.am @@ -7,12 +7,17 @@ AM_CFLAGS = -Wall -Werror -g noinst_LTLIBRARIES = libradsec-radsecproxy.la libradsec_radsecproxy_la_SOURCES = \ - debug.c \ - hash.c \ - list.c \ - util.c + debug.c debug.h \ + gconfig.h \ + hash.c hash.h \ + hostport_types.h \ + list.c list.h \ + radmsg.h \ + radsecproxy.h \ + tlv11.h \ + util.c util.h if RS_ENABLE_TLS libradsec_radsecproxy_la_SOURCES += \ - tlscommon.c + tlscommon.c tlscommon.h endif diff --git a/lib/request.c b/lib/request.c index 5649ee1..3a8b6dd 100644 --- a/lib/request.c +++ b/lib/request.c @@ -1,5 +1,5 @@ -/* Copyright 2010, 2011 NORDUnet A/S. All rights reserved. - See LICENSE for licensing information. */ +/* Copyright 2010-2011 NORDUnet A/S. All rights reserved. + See LICENSE for licensing information. */ #if defined HAVE_CONFIG_H #include diff --git a/lib/send.c b/lib/send.c index e58b42c..3161bbe 100644 --- a/lib/send.c +++ b/lib/send.c @@ -1,5 +1,5 @@ -/* Copyright 2011 NORDUnet A/S. All rights reserved. - See LICENSE for licensing information. */ +/* Copyright 2011,2013 NORDUnet A/S. All rights reserved. + See LICENSE for licensing information. */ #if defined HAVE_CONFIG_H #include diff --git a/lib/tcp.c b/lib/tcp.c index e2e9feb..07bc109 100644 --- a/lib/tcp.c +++ b/lib/tcp.c @@ -1,5 +1,5 @@ -/* Copyright 2011 NORDUnet A/S. All rights reserved. - See LICENSE for licensing information. */ +/* Copyright 2011-2013 NORDUnet A/S. All rights reserved. + See LICENSE for licensing information. */ #if defined HAVE_CONFIG_H #include @@ -38,7 +38,9 @@ _read_header (struct rs_packet *pkt) pkt->rpkt->length = (pkt->hdr[2] << 8) + pkt->hdr[3]; if (pkt->rpkt->length < 20 || pkt->rpkt->length > RS_MAX_PACKET_LEN) { - conn_close (&pkt->conn); + rs_debug (("%s: invalid packet length: %d\n", + __func__, pkt->rpkt->length)); + rs_conn_disconnect (pkt->conn); return rs_err_conn_push (pkt->conn, RSE_INVALID_PKT, "invalid packet length: %d", pkt->rpkt->length); @@ -55,7 +57,8 @@ _read_header (struct rs_packet *pkt) } else /* Error: libevent gave us less than the low watermark. */ { - conn_close (&pkt->conn); + rs_debug (("%s: got: %d octets reading header\n", __func__, n)); + rs_conn_disconnect (pkt->conn); return rs_err_conn_push_fl (pkt->conn, RSE_INTERNAL, __FILE__, __LINE__, "got %d octets reading header", n); } @@ -100,8 +103,9 @@ _read_packet (struct rs_packet *pkt) err = nr_packet_ok (pkt->rpkt); if (err != RSE_OK) { - conn_close (&pkt->conn); - return rs_err_conn_push_fl (pkt->conn, err, __FILE__, __LINE__, + rs_debug (("%s: %d: invalid packet\n", __func__, -err)); + rs_conn_disconnect (pkt->conn); + return rs_err_conn_push_fl (pkt->conn, -err, __FILE__, __LINE__, "invalid packet"); } diff --git a/lib/tcp.h b/lib/tcp.h index d945fda..eddc4c8 100644 --- a/lib/tcp.h +++ b/lib/tcp.h @@ -1,5 +1,5 @@ /* Copyright 2011 NORDUnet A/S. All rights reserved. - See LICENSE for licensing information. */ + See LICENSE for licensing information. */ void tcp_event_cb (struct bufferevent *bev, short events, void *user_data); void tcp_read_cb (struct bufferevent *bev, void *user_data); diff --git a/lib/tests/Makefile.am b/lib/tests/Makefile.am index 045991a..dc15264 100644 --- a/lib/tests/Makefile.am +++ b/lib/tests/Makefile.am @@ -1,12 +1,12 @@ AUTOMAKE_OPTIONS = foreign -INCLUDES = -I$(top_srcdir)/include +INCLUDES = -I$(top_srcdir)/include -I$(top_srcdir) AM_CFLAGS = -Wall -Werror -g TESTS = test-udp check_PROGRAMS = test-udp udp-server -test_udp_SOURCES = test-udp.c udp.c +test_udp_SOURCES = test-udp.c udp.c udp.h test_udp_LDADD = ../libradsec.la -lcunit -lm -udp_server_SOURCES = udp-server.c udp.c +udp_server_SOURCES = udp-server.c udp.c udp.h diff --git a/lib/tests/test-udp.c b/lib/tests/test-udp.c index 7ad340a..ed176c0 100644 --- a/lib/tests/test-udp.c +++ b/lib/tests/test-udp.c @@ -137,6 +137,7 @@ main (int argc, char *argv[]) { CU_pSuite s = NULL; CU_pTest t = NULL; + unsigned int nfail; assert (CU_initialize_registry () == CUE_SUCCESS); s = CU_add_suite ("auth", NULL, NULL); assert (s); @@ -144,8 +145,9 @@ main (int argc, char *argv[]) s = CU_add_suite ("buffering", NULL, NULL); assert (s); t = CU_ADD_TEST (s, test_buffering); assert (t); - return !(CU_basic_run_tests () == CUE_SUCCESS); + assert (CU_basic_run_tests () == CUE_SUCCESS); + nfail = CU_get_number_of_failures(); CU_cleanup_registry (); - return 0; + return nfail; } diff --git a/lib/tls.c b/lib/tls.c index a5040f4..62e219e 100644 --- a/lib/tls.c +++ b/lib/tls.c @@ -1,10 +1,11 @@ -/* Copyright 2010, 2011 NORDUnet A/S. All rights reserved. - See LICENSE for licensing information. */ +/* Copyright 2010-2013 NORDUnet A/S. All rights reserved. + See LICENSE for licensing information. */ #if defined HAVE_CONFIG_H #include #endif +#include #include #include #include diff --git a/lib/tls.h b/lib/tls.h index 74a63b3..4707b93 100644 --- a/lib/tls.h +++ b/lib/tls.h @@ -1,5 +1,5 @@ -/* Copyright 2010 NORDUnet A/S. All rights reserved. - See LICENSE for licensing information. */ +/* Copyright 2010-2012 NORDUnet A/S. All rights reserved. + See LICENSE for licensing information. */ #if defined (__cplusplus) extern "C" { diff --git a/lib/udp.c b/lib/udp.c index 90a5fbf..36af084 100644 --- a/lib/udp.c +++ b/lib/udp.c @@ -1,5 +1,5 @@ /* Copyright 2011 NORDUnet A/S. All rights reserved. - See LICENSE for licensing information. */ + See LICENSE for licensing information. */ #if defined HAVE_CONFIG_H #include @@ -65,22 +65,22 @@ static void _evcb (evutil_socket_t fd, short what, void *user_data) { int err; + struct rs_packet *pkt = (struct rs_packet *) user_data; rs_debug (("%s: fd=%d what =", __func__, fd)); - if (what & EV_TIMEOUT) rs_debug ((" TIMEOUT")); + if (what & EV_TIMEOUT) rs_debug ((" TIMEOUT -- shouldn't happen!")); if (what & EV_READ) rs_debug ((" READ")); if (what & EV_WRITE) rs_debug ((" WRITE")); rs_debug (("\n")); + assert (pkt); + assert (pkt->conn); if (what & EV_READ) { /* Read a single UDP packet and stick it in USER_DATA. */ /* TODO: Verify that unsolicited packets are dropped. */ - struct rs_packet *pkt = (struct rs_packet *) user_data; ssize_t r = 0; - assert (pkt); - assert (pkt->conn); assert (pkt->rpkt->data); r = compat_recv (fd, pkt->rpkt->data, RS_MAX_PACKET_LEN, MSG_TRUNC); @@ -92,7 +92,7 @@ _evcb (evutil_socket_t fd, short what, void *user_data) /* FIXME: Really shouldn't happen since we've been told that fd is readable! */ rs_debug (("%s: EAGAIN reading UDP packet -- wot?")); - return; + goto err_out; } /* Hard error. */ @@ -100,23 +100,22 @@ _evcb (evutil_socket_t fd, short what, void *user_data) "%d: recv: %d (%s)", fd, sockerr, evutil_socket_error_to_string (sockerr)); event_del (pkt->conn->tev); - return; + goto err_out; } event_del (pkt->conn->tev); if (r < 20 || r > RS_MAX_PACKET_LEN) /* Short or long packet. */ { rs_err_conn_push (pkt->conn, RSE_INVALID_PKT, - "invalid packet length: %d", - pkt->rpkt->length); - return; + "invalid packet length: %d", r); + goto err_out; } pkt->rpkt->length = (pkt->rpkt->data[2] << 8) + pkt->rpkt->data[3]; err = nr_packet_ok (pkt->rpkt); if (err) { - rs_err_conn_push_fl (pkt->conn, err, __FILE__, __LINE__, + rs_err_conn_push_fl (pkt->conn, -err, __FILE__, __LINE__, "invalid packet"); - return; + goto err_out; } /* Hand over message to user. This changes ownership of pkt. Don't touch it afterwards -- it might have been freed. */ @@ -125,10 +124,6 @@ _evcb (evutil_socket_t fd, short what, void *user_data) } else if (what & EV_WRITE) { - struct rs_packet *pkt = (struct rs_packet *) user_data; - assert (pkt); - assert (pkt->conn); - if (!pkt->conn->is_connected) event_on_connect (pkt->conn, pkt); @@ -137,11 +132,10 @@ _evcb (evutil_socket_t fd, short what, void *user_data) if (pkt->conn->callbacks.sent_cb) pkt->conn->callbacks.sent_cb (pkt->conn->user_data); } + return; -#if defined (DEBUG) - if (what & EV_TIMEOUT) - rs_debug (("%s: timeout on UDP event, shouldn't happen\n", __func__)); -#endif + err_out: + rs_conn_disconnect (pkt->conn); } int diff --git a/lib/udp.h b/lib/udp.h index e0d39f0..39d1aeb 100644 --- a/lib/udp.h +++ b/lib/udp.h @@ -1,5 +1,5 @@ /* Copyright 2011 NORDUnet A/S. All rights reserved. - See LICENSE for licensing information. */ + See LICENSE for licensing information. */ int udp_init (struct rs_connection *conn, struct rs_packet *pkt); int udp_init_retransmit_timer (struct rs_connection *conn); diff --git a/lib/util.c b/lib/util.c index eceaec9..70d815c 100644 --- a/lib/util.c +++ b/lib/util.c @@ -1,6 +1,7 @@ -/* Copyright 2012 NORDUnet A/S. All rights reserved. - See LICENSE for licensing information. */ +/* Copyright 2012-2013 NORDUnet A/S. All rights reserved. + See LICENSE for licensing information. */ +#include #include #include #include @@ -9,11 +10,16 @@ char * rs_strdup (struct rs_context *ctx, const char *s) { - char *buf = rs_calloc (ctx, 1, strlen (s) + 1); + size_t len; + char *buf; + + len = strlen (s); + buf = rs_malloc (ctx, len + 1); if (buf != NULL) - return strcpy (buf, s); + memcpy (buf, s, len + 1); + else + rs_err_ctx_push (ctx, RSE_NOMEM, __func__); - rs_err_ctx_push (ctx, RSE_NOMEM, NULL); - return NULL; + return buf; } diff --git a/lib/util.h b/lib/util.h index 9edac7b..f988d86 100644 --- a/lib/util.h +++ b/lib/util.h @@ -1,4 +1,4 @@ /* Copyright 2012 NORDUnet A/S. All rights reserved. - See LICENSE for licensing information. */ + See LICENSE for licensing information. */ char *rs_strdup (struct rs_context *ctx, const char *s);