Skip to content

R
radsecproxy
Commit edb4444b authored by venaas's avatar venaas Committed by venaas
Browse files
Options

removed some old backwards compatible config stuff (clients.conf/servers.conf) 

git-svn-id: https://svn.testnett.uninett.no/radsecproxy/trunk@110 e88ac4ed-0b26-0410-9574-a7f39faa03bf
parent 4e2d3f1c
Hide whitespace changes
Inline Side-by-side
Showing with 40 additions and 15 deletions
radsecproxy.c
View file @ edb4444b
......@@ -995,14 +995,15 @@ int msmppdecrypt(uint8_t *text, uint8_t len, uint8_t *shared, uint8_t sharedlen,
return 1;
}
struct server *id2server(char *id, uint8_t len) {
int id2server(struct server **server, char *id, uint8_t len) {
int i;
for (i = 0; i < realm_count; i++)
if (!regexec(&realms[i].regex, id, 0, NULL, 0)) {
debug(DBG_DBG, "found matching realm: %s, host %s", realms[i].name, realms[i].server->peer.host);
return realms[i].server;
*server = realms[i].server;
return 1;
}
return NULL;
return 0;
}
int rqinqueue(struct server *to, struct client *from, uint8_t id) {
......@@ -1103,6 +1104,21 @@ void respondstatusserver(struct request *rq) {
sendreply(rq->from, resp, rq->from->peer.type == 'U' ? &rq->fromsa : NULL);
}
void respondreject(struct request *rq) {
unsigned char *resp;
resp = malloc(20);
if (!resp) {
debug(DBG_ERR, "respondreject: malloc failed");
return;
}
memcpy(resp, rq->buf, 20);
resp[0] = RAD_Access_Reject;
resp[2] = 0;
resp[3] = 20;
sendreply(rq->from, resp, rq->from->peer.type == 'U' ? &rq->fromsa : NULL);
}
void radsrv(struct request *rq) {
uint8_t code, id, *auth, *attrs, *attr;
uint16_t len;
......@@ -1144,14 +1160,13 @@ void radsrv(struct request *rq) {
username[ATTRVALLEN(attr)] = '\0';
debug(DBG_DBG, "Access Request with username: %s", username);
to = id2server(username, strlen(username));
if (!to) {
if (!id2server(&to, username, strlen(username))) {
debug(DBG_INFO, "radsrv: ignoring request, don't know where to send it");
free(buf);
return;
}
if (rqinqueue(to, rq->from, id)) {
if (to && rqinqueue(to, rq->from, id)) {
debug(DBG_INFO, "radsrv: already got request from host %s with id %d, ignoring", rq->from->peer.host, id);
free(buf);
return;
......@@ -1169,6 +1184,12 @@ void radsrv(struct request *rq) {
respondstatusserver(rq);
return;
}
if (!to) {
debug(DBG_INFO, "radsrv: sending reject to %s for %s", rq->from->peer.host, username);
respondreject(rq);
return;
}
if (!RAND_bytes(newauth, 16)) {
debug(DBG_WARN, "radsrv: failed to generate random auth");
......@@ -1690,13 +1711,15 @@ void addrealm(char *value, char *server) {
int i, n;
struct realm *realm;
char *s, *regex = NULL;
for (i = 0; i < server_count; i++)
if (!strcasecmp(server, servers[i].peer.host))
break;
if (i == server_count)
debugx(1, DBG_ERR, "addrealm failed, no server %s", server);
if (server) {
for (i = 0; i < server_count; i++)
if (!strcasecmp(server, servers[i].peer.host))
break;
if (i == server_count)
debugx(1, DBG_ERR, "addrealm failed, no server %s", server);
}
if (*value != '/') {
/* not a regexp, let us make it one */
if (*value == '*' && !value[1])
......@@ -1731,7 +1754,8 @@ void addrealm(char *value, char *server) {
realm->name = stringcopy(value, 0);
if (!realm->name)
debugx(1, DBG_ERR, "malloc failed");
realm->server = servers + i;
if (server)
realm->server = servers + i;
if (regcomp(&realm->regex, regex ? regex : value + 1, REG_ICASE | REG_NOSUB))
debugx(1, DBG_ERR, "addrealm: failed to compile regular expression %s", regex ? regex : value + 1);
if (regex)
......@@ -2098,9 +2122,10 @@ void confrealm_cb(FILE *f, char *opt, char *val) {
"server", CONF_STR, &server,
NULL
);
#if 0
if (!server)
debugx(1, DBG_ERR, "error in block %s, server must be specified", block);
#endif
addrealm(val, server);
free(server);
free(block);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment