Commit 5ffb1376 authored by venaas's avatar venaas Committed by venaas

fixed bug with multiple status server sent, some dtls fixes

git-svn-id: https://svn.testnett.uninett.no/radsecproxy/trunk@358 e88ac4ed-0b26-0410-9574-a7f39faa03bf
parent a2a0f702
This diff is collapsed.
......@@ -8,9 +8,7 @@
void *udpdtlsserverrd(void *arg);
int dtlsconnect(struct server *server, struct timeval *when, int timeout, char *text);
void *dtlsservernew(void *arg);
void *dtlsclientrd(void *arg);
void *udpdtlsclientrd(void *arg);
int clientradputdtls(struct server *server, unsigned char *rad);
void addserverextradtls(struct clsrvconf *conf);
void initextradtls();
......@@ -12,12 +12,6 @@
#include "list.h"
#include "hash.h"
struct entry {
void *key;
uint32_t keylen;
void *data;
};
/* allocates and initialises hash structure; returns NULL if malloc fails */
struct hash *hash_create() {
struct hash *h = malloc(sizeof(struct hash));
......@@ -39,8 +33,8 @@ void hash_destroy(struct hash *h) {
if (!h)
return;
for (ln = list_first(h->hashlist); ln; ln = list_next(ln)) {
free(((struct entry *)ln->data)->key);
free(((struct entry *)ln->data)->data);
free(((struct hash_entry *)ln->data)->key);
free(((struct hash_entry *)ln->data)->data);
}
list_destroy(h->hashlist);
pthread_mutex_destroy(&h->mutex);
......@@ -48,13 +42,14 @@ void hash_destroy(struct hash *h) {
/* insert entry in hash; returns 1 if ok, 0 if malloc fails */
int hash_insert(struct hash *h, void *key, uint32_t keylen, void *data) {
struct entry *e;
struct hash_entry *e;
if (!h)
return 0;
e = malloc(sizeof(struct entry));
e = malloc(sizeof(struct hash_entry));
if (!e)
return 0;
memset(e, 0, sizeof(struct hash_entry));
e->key = malloc(keylen);
if (!e->key) {
free(e);
......@@ -77,13 +72,13 @@ int hash_insert(struct hash *h, void *key, uint32_t keylen, void *data) {
/* reads entry from hash */
void *hash_read(struct hash *h, void *key, uint32_t keylen) {
struct list_node *ln;
struct entry *e;
struct hash_entry *e;
if (!h)
return 0;
pthread_mutex_lock(&h->mutex);
for (ln = list_first(h->hashlist); ln; ln = list_next(ln)) {
e = (struct entry *)ln->data;
e = (struct hash_entry *)ln->data;
if (e->keylen == keylen && !memcmp(e->key, key, keylen)) {
pthread_mutex_unlock(&h->mutex);
return e->data;
......@@ -96,13 +91,13 @@ void *hash_read(struct hash *h, void *key, uint32_t keylen) {
/* extracts entry from hash */
void *hash_extract(struct hash *h, void *key, uint32_t keylen) {
struct list_node *ln;
struct entry *e;
struct hash_entry *e;
if (!h)
return 0;
pthread_mutex_lock(&h->mutex);
for (ln = list_first(h->hashlist); ln; ln = list_next(ln)) {
e = (struct entry *)ln->data;
e = (struct hash_entry *)ln->data;
if (e->keylen == keylen && !memcmp(e->key, key, keylen)) {
free(e->key);
list_removedata(h->hashlist, e);
......@@ -114,3 +109,24 @@ void *hash_extract(struct hash *h, void *key, uint32_t keylen) {
pthread_mutex_unlock(&h->mutex);
return NULL;
}
/* returns first entry */
struct hash_entry *hash_first(struct hash *hash) {
struct list_node *ln;
struct hash_entry *e;
if (!hash || !((ln = list_first(hash->hashlist))))
return NULL;
e = (struct hash_entry *)ln->data;
e->next = ln->next;
return e;
}
/* returns the next node after the argument */
struct hash_entry *hash_next(struct hash_entry *entry) {
struct hash_entry *e;
if (!entry || !entry->next)
return NULL;
e = (struct hash_entry *)entry->next->data;
e->next = (struct list_node *)entry->next->next;
return e;
}
......@@ -13,6 +13,13 @@ struct hash {
pthread_mutex_t mutex;
};
struct hash_entry {
void *key;
uint32_t keylen;
void *data;
struct list_node *next; /* used when walking through hash */
};
/* allocates and initialises hash structure; returns NULL if malloc fails */
struct hash *hash_create();
......@@ -27,3 +34,9 @@ void *hash_read(struct hash *hash, void *key, uint32_t keylen);
/* extracts (read and remove) entry from hash */
void *hash_extract(struct hash *hash, void *key, uint32_t keylen);
/* returns first entry */
struct hash_entry *hash_first(struct hash *hash);
/* returns the next entry after the argument */
struct hash_entry *hash_next(struct hash_entry *entry);
......@@ -619,6 +619,8 @@ void freeserver(struct server *server, uint8_t destroymutex) {
if (server->rbios)
freebios(server->rbios);
free(server->dynamiclookuparg);
if (server->ssl)
SSL_free(server->ssl);
if (destroymutex) {
pthread_mutex_destroy(&server->lock);
pthread_cond_destroy(&server->newrq_cond);
......@@ -2094,9 +2096,9 @@ void *clientwr(void *arg) {
struct server *server = (struct server *)arg;
struct request *rq;
pthread_t clientrdth;
int i, dynconffail = 0;
int i, secs, dynconffail = 0;
uint8_t rnd;
struct timeval now;
struct timeval now, laststatsrv;
struct timespec timeout;
struct request statsrvrq;
unsigned char statsrvbuf[38];
......@@ -2124,6 +2126,7 @@ void *clientwr(void *arg) {
statsrvbuf[20] = RAD_Attr_Message_Authenticator;
statsrvbuf[21] = 18;
gettimeofday(&server->lastrcv, NULL);
gettimeofday(&laststatsrv, NULL);
}
if (conf->pdef->connecter) {
......@@ -2145,13 +2148,14 @@ void *clientwr(void *arg) {
RAND_bytes(&rnd, 1);
rnd /= 32;
if (conf->statusserver) {
if (!timeout.tv_sec || timeout.tv_sec > server->lastrcv.tv_sec + STATUS_SERVER_PERIOD + rnd)
timeout.tv_sec = server->lastrcv.tv_sec + STATUS_SERVER_PERIOD + rnd;
secs = server->lastrcv.tv_sec > laststatsrv.tv_sec ? server->lastrcv.tv_sec : laststatsrv.tv_sec;
if (!timeout.tv_sec || timeout.tv_sec > secs + STATUS_SERVER_PERIOD + rnd)
timeout.tv_sec = secs + STATUS_SERVER_PERIOD + rnd;
} else {
if (!timeout.tv_sec || timeout.tv_sec > now.tv_sec + STATUS_SERVER_PERIOD + rnd)
timeout.tv_sec = now.tv_sec + STATUS_SERVER_PERIOD + rnd;
}
#if 0
#if 0
if (timeout.tv_sec > now.tv_sec)
debug(DBG_DBG, "clientwr: waiting up to %ld secs for new request", timeout.tv_sec - now.tv_sec);
#endif
......@@ -2230,8 +2234,10 @@ void *clientwr(void *arg) {
conf->pdef->clientradput(server, server->requests[i].buf);
}
if (conf->statusserver) {
secs = server->lastrcv.tv_sec > laststatsrv.tv_sec ? server->lastrcv.tv_sec : laststatsrv.tv_sec;
gettimeofday(&now, NULL);
if (now.tv_sec - server->lastrcv.tv_sec >= STATUS_SERVER_PERIOD) {
if (now.tv_sec - secs > STATUS_SERVER_PERIOD) {
laststatsrv = now;
if (!RAND_bytes(statsrvbuf + 4, 16)) {
debug(DBG_WARN, "clientwr: failed to generate random auth");
continue;
......
......@@ -365,6 +365,7 @@ void *tlsservernew(void *arg) {
X509_free(cert);
exit:
SSL_shutdown(ssl);
SSL_free(ssl);
ERR_remove_state(0);
shutdown(s, SHUT_RDWR);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment