Commit b828d54f authored by venaas's avatar venaas Committed by venaas
Browse files

git-svn-id: https://svn.testnett.uninett.no/radsecproxy/trunk@2 e88ac4ed-0b26-0410-9574-a7f39faa03bf
parent e08943b4
CFLAGS = -g -Wall -pthread
LDFLAGS = -lssl
all: radsecproxy
radsecproxy: util.o
clean:
rm -f util.o radsecproxy
This diff is collapsed.
/*
* Copyright (C) 2006 Stig Venaas <venaas@uninett.no>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*/
#define RADLEN(x) ntohs(((uint16_t *)(x))[1])
#define SOCKADDR_SIZE(addr) ((addr).ss_family == AF_INET ? \
sizeof(struct sockaddr_in) : \
sizeof(struct sockaddr_in6))
#define MAX_PEERS 256
/* MAX_REQUESTS is 256 due to Radius' 8 bit ID field */
#define MAX_REQUESTS 256
#define DEFAULT_TLS_SECRET "mysecret"
#define DEFAULT_UDP_PORT "1812"
#define DEFAULT_TLS_PORT "2083"
#define RAD_Access_Request 1
#define RAD_Access_Accept 2
#define RAD_Access_Reject 3
#define RAD_Accounting_Request 4
#define RAD_Accounting_Response 5
#define RAD_Access_Challenge 11
#define RAD_Status_Server 12
#define RAD_Status_Client 13
#define RAD_Attr_User_Name 1
#define RAD_Attr_User_Password 2
#define RAD_Attr_Type 0
#define RAD_Attr_Length 1
#define RAD_Attr_Value 2
/* requests that a client will send */
struct request {
unsigned char *buf;
uint8_t tries;
uint8_t received;
struct timeval timeout;
struct peer *from;
uint8_t origid; /* used by servwr */
char origauth[16]; /* used by servwr */
struct sockaddr_storage fromsa; /* used by udpservwr */
};
/* replies that a server will send */
struct reply {
unsigned char *buf;
struct sockaddr_storage tosa; /* used by udpservwr */
};
struct replyq {
struct reply *replies;
int count;
int size;
pthread_mutex_t count_mutex;
pthread_cond_t count_cond;
};
struct peer {
char type; /* U for UDP, T for TLS */
char *host;
char *port;
char *secret;
SSL *sslcl, *sslsrv;
pthread_mutex_t lock;
pthread_t clientth;
int sockcl;
struct addrinfo *addrinfo;
/* requests and newrq* are requests passed from servers to clients */
struct request *requests;
uint8_t newrq;
pthread_mutex_t newrq_mutex;
pthread_cond_t newrq_cond;
/* repl* are replies passed from clients to tls servers */
struct replyq *replyq;
int replycount;
pthread_mutex_t replycount_mutex;
pthread_cond_t replycount_cond;
};
void errx(char *format, ...);
void err(char *format, ...);
char *addr2string(struct sockaddr *addr, socklen_t len);
int bindport(int type, char *port);
int connectport(int type, char *host, char *port);
/*
* Copyright (C) 2006 Stig Venaas <venaas@uninett.no>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*/
#include <netdb.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include <errno.h>
#include <stdarg.h>
void errx(char *format, ...) {
extern int errno;
va_list ap;
va_start(ap, format);
vfprintf(stderr, format, ap);
va_end(ap);
if (errno) {
fprintf(stderr, ": ");
perror(NULL);
fprintf(stderr, "errno=%d\n", errno);
} else
fprintf(stderr, "\n");
exit(1);
}
void err(char *format, ...) {
extern int errno;
va_list ap;
va_start(ap, format);
vfprintf(stderr, format, ap);
va_end(ap);
if (errno) {
fprintf(stderr, ": ");
perror(NULL);
fprintf(stderr, "errno=%d\n", errno);
} else
fprintf(stderr, "\n");
}
char *addr2string(struct sockaddr *addr, socklen_t len) {
struct sockaddr_in6 *sa6;
struct sockaddr_in sa4;
static char addr_buf[2][INET6_ADDRSTRLEN];
static int i = 0;
i = !i;
if (addr->sa_family == AF_INET6) {
sa6 = (struct sockaddr_in6 *)addr;
if (IN6_IS_ADDR_V4MAPPED(&sa6->sin6_addr)) {
memset(&sa4, 0, sizeof(sa4));
sa4.sin_family = AF_INET;
sa4.sin_port = sa6->sin6_port;
memcpy(&sa4.sin_addr, &sa6->sin6_addr.s6_addr[12], 4);
addr = (struct sockaddr *)&sa4;
}
}
if (getnameinfo(addr, len, addr_buf[i], sizeof(addr_buf[i]),
NULL, 0, NI_NUMERICHOST)) {
err("getnameinfo");
return NULL;
}
return addr_buf[i];
}
int bindport(int type, char *port) {
struct addrinfo hints, *res0, *res;
int s;
memset(&hints, 0, sizeof(hints));
hints.ai_socktype = type;
hints.ai_family = AF_UNSPEC;
hints.ai_flags = AI_PASSIVE;
if (getaddrinfo(NULL, port, &hints, &res0) != 0) {
err("bindport: can't resolve port %s", port);
return -1;
}
for (res = res0; res; res = res->ai_next) {
s = socket(res->ai_family, res->ai_socktype, res->ai_protocol);
if (s >= 0) {
if (bind(s, res->ai_addr, res->ai_addrlen) == 0)
break;
close(s);
s = -1;
}
}
freeaddrinfo(res0);
return s;
}
int connectport(int type, char *host, char *port) {
struct addrinfo hints, *res0, *res;
int s;
memset(&hints, 0, sizeof(hints));
hints.ai_socktype = type;
hints.ai_family = AF_UNSPEC;
if (getaddrinfo(host, port, &hints, &res0) != 0) {
err("connectport: can't resolve host %s port %s", host, port);
return -1;
}
for (res = res0; res; res = res->ai_next) {
s = socket(res->ai_family, res->ai_socktype, res->ai_protocol);
if (s < 0) {
err("connectport: socket failed");
continue;
}
if (connect(s, res->ai_addr, res->ai_addrlen) == 0)
break;
err("connectport: connect failed");
close(s);
s = -1;
}
freeaddrinfo(res0);
return s;
}
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment