Commit 4f7738e4 authored by venaas's avatar venaas Committed by venaas
Browse files

trying to remove dynamic server state when tlsconnection goes down

git-svn-id: https://svn.testnett.uninett.no/radsecproxy/trunk@286 e88ac4ed-0b26-0410-9574-a7f39faa03bf
parent 17df196b
...@@ -903,6 +903,7 @@ int tlsconnect(struct server *server, struct timeval *when, int timeout, char *t ...@@ -903,6 +903,7 @@ int tlsconnect(struct server *server, struct timeval *when, int timeout, char *t
if (server->sock >= 0) if (server->sock >= 0)
close(server->sock); close(server->sock);
SSL_free(server->ssl); SSL_free(server->ssl);
server->ssl = NULL;
pthread_mutex_unlock(&server->lock); pthread_mutex_unlock(&server->lock);
return 0; return 0;
} }
...@@ -1046,6 +1047,8 @@ int clientradputtls(struct server *server, unsigned char *rad) { ...@@ -1046,6 +1047,8 @@ int clientradputtls(struct server *server, unsigned char *rad) {
while ((cnt = SSL_write(server->ssl, rad, len)) <= 0) { while ((cnt = SSL_write(server->ssl, rad, len)) <= 0) {
while ((error = ERR_get_error())) while ((error = ERR_get_error()))
debug(DBG_ERR, "clientradputtls: TLS: %s", ERR_error_string(error, NULL)); debug(DBG_ERR, "clientradputtls: TLS: %s", ERR_error_string(error, NULL));
if (server->dynamiclookuparg)
return 0;
tlsconnect(server, &lastconnecttry, 0, "clientradputtls"); tlsconnect(server, &lastconnecttry, 0, "clientradputtls");
lastconnecttry = server->lastconnecttry; lastconnecttry = server->lastconnecttry;
} }
...@@ -2271,6 +2274,10 @@ void *tlsclientrd(void *arg) { ...@@ -2271,6 +2274,10 @@ void *tlsclientrd(void *arg) {
lastconnecttry = server->lastconnecttry; lastconnecttry = server->lastconnecttry;
buf = radtlsget(server->ssl); buf = radtlsget(server->ssl);
if (!buf) { if (!buf) {
if (server->dynamiclookuparg) {
server->clientrdgone = 1;
return NULL;
}
tlsconnect(server, &lastconnecttry, 0, "clientrd"); tlsconnect(server, &lastconnecttry, 0, "clientrd");
continue; continue;
} }
...@@ -2333,7 +2340,7 @@ void *clientwr(void *arg) { ...@@ -2333,7 +2340,7 @@ void *clientwr(void *arg) {
pthread_mutex_lock(&server->newrq_mutex); pthread_mutex_lock(&server->newrq_mutex);
if (!server->newrq) { if (!server->newrq) {
gettimeofday(&now, NULL); gettimeofday(&now, NULL);
if (conf->statusserver) { if (conf->statusserver || server->dynamiclookuparg) {
/* random 0-7 seconds */ /* random 0-7 seconds */
RAND_bytes(&rnd, 1); RAND_bytes(&rnd, 1);
rnd /= 32; rnd /= 32;
...@@ -2357,6 +2364,10 @@ void *clientwr(void *arg) { ...@@ -2357,6 +2364,10 @@ void *clientwr(void *arg) {
pthread_mutex_unlock(&server->newrq_mutex); pthread_mutex_unlock(&server->newrq_mutex);
for (i = 0; i < MAX_REQUESTS; i++) { for (i = 0; i < MAX_REQUESTS; i++) {
if (server->clientrdgone) {
pthread_join(tlsclientrdth, NULL);
goto errexit;
}
pthread_mutex_lock(&server->newrq_mutex); pthread_mutex_lock(&server->newrq_mutex);
while (i < MAX_REQUESTS && !server->requests[i].buf) while (i < MAX_REQUESTS && !server->requests[i].buf)
i++; i++;
......
...@@ -113,6 +113,7 @@ struct server { ...@@ -113,6 +113,7 @@ struct server {
SSL *ssl; SSL *ssl;
pthread_mutex_t lock; pthread_mutex_t lock;
pthread_t clientth; pthread_t clientth;
uint8_t clientrdgone;
struct timeval lastconnecttry; struct timeval lastconnecttry;
uint8_t connectionok; uint8_t connectionok;
uint8_t loststatsrv; uint8_t loststatsrv;
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment