/*************************************************************************
*
* Function: sql_fetch_row
*
* Purpose: database specific fetch_row. Returns a SQL_ROW struct
* with all the data for the query in 'sqlsocket->row'. Returns
* 0 on success, -1 on failure, SQL_DOWN if 'database is down'
*
*************************************************************************/
static int sql_fetch_row(SQLSOCK * sqlsocket, SQL_CONFIG *config)
{
int c, i;
SQLINTEGER len, slen;
SQL_ROW retval;
rlm_sql_db2_sock *sock;
sock = sqlsocket->conn;
c = sql_num_fields(sqlsocket, config);
retval = (SQL_ROW)rad_malloc(c*sizeof(char*)+1);
/* advance cursor */
if(SQLFetch(sock->stmt) == SQL_NO_DATA_FOUND) {
sqlsocket->row = NULL;
return 0;
}
for(i = 0; i < c; i++) {
/* get column length */
SQLColAttribute(sock->stmt,
i+1, SQL_DESC_DISPLAY_SIZE,
NULL, 0, NULL, &len);
retval[i] = (char*)rad_malloc(len+1);
/* get the actual column */
SQLGetData(sock->stmt,
i+1, SQL_C_CHAR, retval[i], len+1, &slen);
if(slen == SQL_NULL_DATA)
retval[i][0] = '\0';
}
sqlsocket->row = retval;
return 0;
}
/*************************************************************************
*
* Function: sql_select_query
*
* Purpose: Issue a select query to the database
*
*************************************************************************/
static int sql_select_query(rlm_sql_handle_t *handle, rlm_sql_config_t *config, char *querystr) {
rlm_sql_unixodbc_conn_t *conn = handle->conn;
SQLINTEGER column;
SQLLEN len;
int numfields;
int state;
/* Only state = 0 means success */
if ((state = sql_query(handle, config, querystr))) {
return state;
}
numfields=sql_num_fields(handle, config);
if (numfields < 0) {
return -1;
}
/* Reserving memory for result */
conn->row = (char **) rad_malloc((numfields+1)*sizeof(char *));
conn->row[numfields] = NULL;
for(column = 1; column <= numfields; column++) {
SQLColAttributes(conn->statement,((SQLUSMALLINT) column),SQL_COLUMN_LENGTH,NULL,0,NULL,&len);
conn->row[column-1] = (char*)rad_malloc((int)++len);
SQLBindCol(conn->statement, column, SQL_C_CHAR, (SQLCHAR *)conn->row[column-1], len, NULL);
}
return 0;
}
/*************************************************************************
*
* Function: sql_fetch_row
*
* Purpose: database specific fetch_row. Returns a rlm_sql_row_t struct
* with all the data for the query in 'handle->row'. Returns
* 0 on success, -1 on failure, RLM_SQL_RECONNECT if 'database is down'.
*
*************************************************************************/
static sql_rcode_t sql_fetch_row(rlm_sql_handle_t * handle, UNUSED rlm_sql_config_t *config) {
int records, i, len;
rlm_sql_postgres_conn_t *conn = handle->conn;
handle->row = NULL;
if (conn->cur_row >= PQntuples(conn->result))
return 0;
free_result_row(conn);
records = PQnfields(conn->result);
conn->num_fields = records;
if ((PQntuples(conn->result) > 0) && (records > 0)) {
conn->row = (char **)rad_malloc((records+1)*sizeof(char *));
memset(conn->row, '\0', (records+1)*sizeof(char *));
for (i = 0; i < records; i++) {
len = PQgetlength(conn->result, conn->cur_row, i);
conn->row[i] = (char *)rad_malloc(len+1);
memset(conn->row[i], '\0', len+1);
strlcpy(conn->row[i], PQgetvalue(conn->result, conn->cur_row,i),len + 1);
}
conn->cur_row++;
handle->row = conn->row;
}
return 0;
}
static int krb5_instantiate(CONF_SECTION *conf, void **instance)
{
int ret;
rlm_krb5_t *data;
krb5_context *context;
data = rad_malloc(sizeof(*data));
memset(data, 0, sizeof(*data));
if (cf_section_parse(conf, data, module_config) < 0) {
free(data);
return -1;
}
context = data->context = rad_malloc(sizeof(*context));
ret = krb5_init_context(context);
if (ret) {
radlog(L_AUTH, "rlm_krb5: krb5_init failed: %s",
error_message(ret));
free(data);
return -1;
} else {
radlog(L_AUTH, "rlm_krb5: krb5_init ok");
}
*instance = data;
return 0;
}
/*************************************************************************
*
* Function: sql_fetch_row
*
* Purpose: database specific fetch_row. Returns a SQL_ROW struct
* with all the data for the query in 'sqlsocket->row'. Returns
* 0 on success, -1 on failure, SQL_DOWN if 'database is down'.
*
*************************************************************************/
static int sql_fetch_row(SQLSOCK * sqlsocket, SQL_CONFIG *config) {
int records, i, len;
rlm_sql_postgres_sock *pg_sock = sqlsocket->conn;
sqlsocket->row = NULL;
if (pg_sock->cur_row >= PQntuples(pg_sock->result))
return 0;
free_result_row(pg_sock);
records = PQnfields(pg_sock->result);
pg_sock->num_fields = records;
if ((PQntuples(pg_sock->result) > 0) && (records > 0)) {
pg_sock->row = (char **)rad_malloc((records+1)*sizeof(char *));
memset(pg_sock->row, '\0', (records+1)*sizeof(char *));
for (i = 0; i < records; i++) {
len = PQgetlength(pg_sock->result, pg_sock->cur_row, i);
pg_sock->row[i] = (char *)rad_malloc(len+1);
memset(pg_sock->row[i], '\0', len+1);
strncpy(pg_sock->row[i], PQgetvalue(pg_sock->result, pg_sock->cur_row,i),len);
}
pg_sock->cur_row++;
sqlsocket->row = pg_sock->row;
return 0;
} else {
return 0;
}
}
static int redisn_get_grouplist (REDIS_INST *inst, REDISSOCK *redis_socket, REQUEST *request, REDISN_GROUPLIST **group_list)
{
char querystr[MAX_QUERY_LEN];
int num_groups = 0;
REDIS_ROW row;
REDISN_GROUPLIST *group_list_tmp;
/* NOTE: redisn_set_user should have been run before calling this function */
group_list_tmp = *group_list = NULL;
if (!inst->groupmemb_query ||
(inst->groupmemb_query[0] == 0))
return 0;
if (!radius_xlat(querystr, sizeof(querystr), inst->groupmemb_query, request, redisn_escape_func, inst)) {
radlog_request(L_ERR, 0, request, "xlat \"%s\" failed.",
inst->groupmemb_query);
return -1;
}
if (rlm_redisn_query(inst, redis_socket, querystr) < 0) {
radlog_request(L_ERR, 0, request,
"database query error, %s",
querystr);
return -1;
}
while (rlm_redisn_fetch_row(inst, redis_socket) == 0) {
row = redis_socket->row;
if (row == NULL)
break;
if (row[0] == NULL){
RDEBUG("row[0] returned NULL");
(inst->redisn_finish_query)(inst, redis_socket);
redisn_grouplist_free(group_list);
return -1;
}
if (*group_list == NULL) {
*group_list = rad_malloc(sizeof(REDISN_GROUPLIST));
group_list_tmp = *group_list;
} else {
rad_assert(group_list_tmp != NULL);
group_list_tmp->next = rad_malloc(sizeof(REDISN_GROUPLIST));
group_list_tmp = group_list_tmp->next;
}
group_list_tmp->next = NULL;
DEBUG("redisn: redisn_get_grouplist: got groupname: %s\n",row[0]);
strlcpy(group_list_tmp->groupname, row[0], MAX_STRING_LEN);
}
(inst->redisn_finish_query)(inst, redis_socket);
return num_groups;
}
static int sql_get_grouplist (SQL_INST *inst, SQLSOCK *sqlsocket, REQUEST *request, SQL_GROUPLIST **group_list)
{
char querystr[MAX_QUERY_LEN];
int num_groups = 0;
SQL_ROW row;
SQL_GROUPLIST *group_list_tmp;
/* NOTE: sql_set_user should have been run before calling this function */
group_list_tmp = *group_list = NULL;
if (!inst->config->groupmemb_query ||
(inst->config->groupmemb_query[0] == 0))
return 0;
if (!radius_xlat(querystr, sizeof(querystr), inst->config->groupmemb_query, request, sql_escape_func)) {
radlog_request(L_ERR, 0, request, "xlat \"%s\" failed.",
inst->config->groupmemb_query);
return -1;
}
if (rlm_sql_select_query(sqlsocket, inst, querystr) < 0) {
radlog_request(L_ERR, 0, request,
"database query error, %s: %s",
querystr,
(inst->module->sql_error)(sqlsocket,inst->config));
return -1;
}
while (rlm_sql_fetch_row(sqlsocket, inst) == 0) {
row = sqlsocket->row;
if (row == NULL)
break;
if (row[0] == NULL){
RDEBUG("row[0] returned NULL");
(inst->module->sql_finish_select_query)(sqlsocket, inst->config);
sql_grouplist_free(group_list);
return -1;
}
if (*group_list == NULL) {
*group_list = rad_malloc(sizeof(SQL_GROUPLIST));
group_list_tmp = *group_list;
} else {
rad_assert(group_list_tmp != NULL);
group_list_tmp->next = rad_malloc(sizeof(SQL_GROUPLIST));
group_list_tmp = group_list_tmp->next;
}
group_list_tmp->next = NULL;
strlcpy(group_list_tmp->groupname, row[0], MAX_STRING_LEN);
}
(inst->module->sql_finish_select_query)(sqlsocket, inst->config);
return num_groups;
}
static int sql_get_grouplist (rlm_sql_t *inst, rlm_sql_handle_t *handle, REQUEST *request, rlm_sql_grouplist_t **group_list)
{
char querystr[MAX_QUERY_LEN];
int num_groups = 0;
rlm_sql_row_t row;
rlm_sql_grouplist_t *group_list_tmp;
/* NOTE: sql_set_user should have been run before calling this function */
group_list_tmp = *group_list = NULL;
if (!inst->config->groupmemb_query ||
(inst->config->groupmemb_query[0] == 0))
return 0;
if (!radius_xlat(querystr, sizeof(querystr), inst->config->groupmemb_query, request, sql_escape_func, inst)) {
radlog_request(L_ERR, 0, request, "xlat \"%s\" failed.",
inst->config->groupmemb_query);
return -1;
}
if (rlm_sql_select_query(&handle, inst, querystr) < 0) {
return -1;
}
while (rlm_sql_fetch_row(&handle, inst) == 0) {
row = handle->row;
if (row == NULL)
break;
if (row[0] == NULL){
RDEBUG("row[0] returned NULL");
(inst->module->sql_finish_select_query)(handle, inst->config);
sql_grouplist_free(group_list);
return -1;
}
if (*group_list == NULL) {
*group_list = rad_malloc(sizeof(rlm_sql_grouplist_t));
group_list_tmp = *group_list;
} else {
rad_assert(group_list_tmp != NULL);
group_list_tmp->next = rad_malloc(sizeof(rlm_sql_grouplist_t));
group_list_tmp = group_list_tmp->next;
}
group_list_tmp->next = NULL;
strlcpy(group_list_tmp->groupname, row[0], MAX_STRING_LEN);
}
(inst->module->sql_finish_select_query)(handle, inst->config);
return num_groups;
}
/*
* Create a new sublist.
*/
static indexed_modcallable *new_sublist(rbtree_t *components, int comp, int idx)
{
indexed_modcallable *c;
c = lookup_by_index(components, comp, idx);
/* It is an error to try to create a sublist that already
* exists. It would almost certainly be caused by accidental
* duplication in the config file.
*
* index 0 is the exception, because it is used when we want
* to collect _all_ listed modules under a single index by
* default, which is currently the case in all components
* except authenticate. */
if (c) {
if (idx == 0) {
return c;
}
return NULL;
}
c = rad_malloc(sizeof(*c));
c->modulelist = NULL;
c->comp = comp;
c->idx = idx;
if (!rbtree_insert(components, c)) {
free(c);
return NULL;
}
return c;
}
static int realm_instantiate(CONF_SECTION *conf, void **instance)
{
struct realm_config_t *inst;
/* setup a storage area for instance data */
inst = rad_malloc(sizeof(*inst));
if (!inst) {
return -1;
}
memset(inst, 0, sizeof(*inst));
if(cf_section_parse(conf, inst, module_config) < 0) {
free(inst);
return -1;
}
if(strcasecmp(inst->formatstring, "suffix") == 0) {
inst->format = REALM_FORMAT_SUFFIX;
} else if(strcasecmp(inst->formatstring, "prefix") == 0) {
inst->format = REALM_FORMAT_PREFIX;
} else {
radlog(L_ERR, "Bad value \"%s\" for realm format value", inst->formatstring);
free(inst);
return -1;
}
if(strlen(inst->delim) != 1) {
radlog(L_ERR, "Bad value \"%s\" for realm delimiter value", inst->delim);
free(inst);
return -1;
}
*instance = inst;
return 0;
}
/*
* Create a new REQUEST data structure.
*/
REQUEST *request_alloc(void)
{
REQUEST *request;
request = rad_malloc(sizeof(REQUEST));
memset(request, 0, sizeof(REQUEST));
#ifndef NDEBUG
request->magic = REQUEST_MAGIC;
#endif
#ifdef WITH_PROXY
request->proxy = NULL;
#endif
request->reply = NULL;
#ifdef WITH_PROXY
request->proxy_reply = NULL;
#endif
request->config_items = NULL;
request->username = NULL;
request->password = NULL;
request->timestamp = time(NULL);
request->options = RAD_REQUEST_OPTION_NONE;
request->module = "";
request->component = "<core>";
if (debug_flag) request->radlog = radlog_request;
return request;
}
/*
* Do any per-module initialization that is separate to each
* configured instance of the module. e.g. set up connections
* to external databases, read configuration files, set up
* dictionary entries, etc.
*
* If configuration information is given in the config section
* that must be referenced in later calls, store a handle to it
* in *instance otherwise put a null pointer there.
*/
static int expr_instantiate(CONF_SECTION *conf, void **instance)
{
rlm_expr_t *inst;
char *xlat_name;
/*
* Set up a storage area for instance data
*/
inst = rad_malloc(sizeof(rlm_expr_t));
if (!inst)
return -1;
memset(inst, 0, sizeof(rlm_expr_t));
xlat_name = cf_section_name2(conf);
if (xlat_name == NULL)
xlat_name = cf_section_name1(conf);
if (xlat_name){
inst->xlat_name = strdup(xlat_name);
xlat_register(xlat_name, expr_xlat, inst);
}
*instance = inst;
return 0;
}
/*
* Do any per-module initialization that is separate to each
* configured instance of the module. e.g. set up connections
* to external databases, read configuration files, set up
* dictionary entries, etc.
*
* If configuration information is given in the config section
* that must be referenced in later calls, store a handle to it
* in *instance otherwise put a null pointer there.
*/
static int smsotp_instantiate(CONF_SECTION *conf, void **instance)
{
rlm_smsotp_t *data;
/*
* Set up a storage area for instance data
*/
data = rad_malloc(sizeof(*data));
if (!data) {
return -1;
}
memset(data, 0, sizeof(*data));
/*
* If the configuration parameters can't be parsed, then
* fail.
*/
if (cf_section_parse(conf, data, module_config) < 0) {
free(data);
return -1;
}
*instance = data;
return 0;
}
/*************************************************************************
*
* Function: sql_create_socket
*
* Purpose: Establish connection to the db
*
*************************************************************************/
static int sql_init_socket(SQLSOCK *sqlsocket, SQL_CONFIG *config)
{
LOGINREC *login;
rlm_sql_freetds_sock *freetds_sock;
if (!sqlsocket->conn) {
sqlsocket->conn = (rlm_sql_freetds_sock *)rad_malloc(sizeof(struct rlm_sql_freetds_sock));
if (!sqlsocket->conn) {
return -1;
}
}
if (dbinit() == FAIL) {
radlog(L_ERR, "rlm_sql_freetds: Unable to init FreeTDS");
return -1;
}
dbsetversion(DBVERSION_80);
dberrhandle(err_handler);
// Timeout so that FreeTDS doesn't wait for ever.
dbsetlogintime((unsigned long)config->query_timeout);
dbsettime((unsigned long)config->query_timeout);
freetds_sock = sqlsocket->conn;
memset(freetds_sock, 0, sizeof(*freetds_sock));
DEBUG("rlm_sql_freetds (%s): Starting connect to FreeTDS/MSSQL server", config->xlat_name);
if (!(login = dblogin())) {
radlog(L_ERR, "rlm_sql_freetds (%s): Unable to allocate login record", config->xlat_name);
return -1;
}
DBSETLUSER(login, config->sql_login);
DBSETLPWD(login, config->sql_password);
if ((freetds_sock->dbproc = dbopen(login, config->sql_server)) == FAIL) {
radlog(L_ERR, "rlm_sql_freetds (%s): Unable to connect to FreeTDS/MSSQL server %s@%s",
config->xlat_name, config->sql_login, config->sql_server);
dbloginfree(login);
return -1;
}
dbloginfree(login);
if ((dbuse(freetds_sock->dbproc, config->sql_db)) == FAIL) {
radlog(L_ERR, "rlm_sql_freetds (%s): Unable to select database on FreeTDS/MSSQL server %s@%s:%s",
config->xlat_name, config->sql_login, config->sql_server, config->sql_db);
return -1;
}
/* I know this may look strange, but it sets a pointer to
the freetds_sock struct so that it can be used within the
query_timeout_handler function to be able to timeout properly */
dbsetinterrupt(freetds_sock->dbproc, query_timeout_handler, query_timeout_handler);
dbsetuserdata(freetds_sock->dbproc, (BYTE *)freetds_sock);
return 0;
}
/*
* Instantiate the module.
*/
static int dhcp_instantiate(CONF_SECTION *conf, void **instance)
{
rlm_dhcp_t *inst;
inst = rad_malloc(sizeof(*inst));
if (!inst) {
return -1;
}
memset(inst, 0, sizeof(*inst));
xlat_register("dhcp_options", dhcp_options_xlat, inst);
/*
* If the configuration parameters can't be parsed, then
* fail.
*/
if (cf_section_parse(conf, inst, module_config) < 0) {
free(inst);
return -1;
}
*instance = inst;
return 0;
}
static int init_pool (CONF_SECTION *conf, PERL_INST *inst) {
POOL_HANDLE *handle;
int t;
PERL_POOL *pool;
pool = rad_malloc(sizeof(PERL_POOL));
memset(pool,0,sizeof(PERL_POOL));
inst->perl_pool = pool;
MUTEX_INIT(&pool->mutex);
/*
* Read The Config
*
*/
cf_section_parse(conf,pool,pool_conf);
inst->perl_pool = pool;
inst->perl_pool->detach = no;
for(t = 0;t < inst->perl_pool->start_clones ;t++){
if ((handle = pool_grow(inst)) == NULL) {
return -1;
}
}
return 1;
}
static POOL_HANDLE *pool_grow (PERL_INST *inst) {
POOL_HANDLE *handle;
time_t now;
if (inst->perl_pool->max_clones == inst->perl_pool->current_clones) {
return NULL;
}
if (inst->perl_pool->detach == yes ) {
return NULL;
}
handle = (POOL_HANDLE *)rad_malloc(sizeof(POOL_HANDLE));
if (!handle) {
radlog(L_ERR,"Could not find free memory for pool. Aborting");
return NULL;
}
handle->prev = NULL;
handle->next = NULL;
handle->status = idle;
handle->clone = rlm_perl_clone(inst->perl);
handle->request_count = 0;
MUTEX_INIT(&handle->lock);
inst->perl_pool->current_clones++;
move2tail(handle, inst);
now = time(NULL);
inst->perl_pool->time_when_last_added = now;
return handle;
}
static int attr_req_out_to_string(ATTR_REQ_OUT *input, char **output)
{
char buffer[STR_MAXLEN];
int i;
memset(buffer, 0, STR_MAXLEN);
sprintf(buffer, "%ld:%s:%i:", input->timestamp, input->servicedn, input->provided_attr_len);
for (i = 0; i < input->provided_attr_len; i++)
{
sprintf(buffer + strlen(buffer), "%s=%s:", input->provided_attr[i].attribute, input->provided_attr[i].value);
}
sprintf(buffer + strlen(buffer), "%i:", input->requested_attr_len);
for (i = 0; i < input->requested_attr_len; i++)
{
if (i == input->requested_attr_len - 1)
sprintf(buffer + strlen(buffer), "%s", input->requested_attr[i]);
else
sprintf(buffer + strlen(buffer), "%s:", input->requested_attr[i]);
}
*output = rad_malloc(strlen(buffer));
strcpy(*output, buffer);
return strlen(*output);
}
static AVP *get_avps_by_attributes(char **attributes, int length)
{
//This function is to be implemented for the IDPs auathentication backend
AVP *avp_list;
int i;
char *dummy_attribute = "DummyAttr";
char *dummy_value = "DummyVal";
avp_list = rad_malloc(sizeof(AVP) * length);
if (!avp_list)
{
return NULL;
}
for (i = 0; i < length; i++)
{
avp_list[i].attribute = strdup(dummy_attribute);
if (!avp_list[i].attribute)
return NULL;
avp_list[i].value = strdup(dummy_value);
if (!avp_list[i].value)
return NULL;
}
return avp_list;
}
/*
* print foo
* print "foo"
*/
static int parse_print(policy_lex_file_t *lexer, policy_item_t **tail)
{
policy_lex_t token;
char mystring[1024];
policy_print_t *this;
debug_tokens("[PRINT] ");
this = rad_malloc(sizeof(*this));
memset(this, 0, sizeof(*this));
this->item.type = POLICY_TYPE_PRINT;
this->item.lineno = lexer->lineno;
token = policy_lex_file(lexer, 0, mystring, sizeof(mystring));
if ((token != POLICY_LEX_BARE_WORD) &&
(token != POLICY_LEX_DOUBLE_QUOTED_STRING)) {
fprintf(stderr, "%s[%d]: Bad print command\n",
lexer->filename, lexer->lineno);
rlm_policy_free_item((policy_item_t *) this);
return 0;
}
this->rhs_type = token;
this->rhs = strdup(mystring);
*tail = (policy_item_t *) this;
return 1;
}
/*************************************************************************
*
* Function: sql_create_socket
*
* Purpose: Establish connection to the db
*
*************************************************************************/
static int sql_init_socket(SQLSOCK *sqlsocket, SQL_CONFIG *config)
{
SQLRETURN retval;
rlm_sql_db2_sock *sock;
/* allocate socket */
if (!sqlsocket->conn) {
sqlsocket->conn = (rlm_sql_db2_sock*)rad_malloc(sizeof(rlm_sql_db2_sock));
if (!sqlsocket->conn) {
return -1;
}
}
sock = sqlsocket->conn;
memset(sock, 0, sizeof(*sock));
/* allocate handles */
SQLAllocHandle(SQL_HANDLE_ENV, SQL_NULL_HANDLE, &(sock->henv));
SQLAllocHandle(SQL_HANDLE_DBC, sock->henv, &(sock->hdbc));
/* connect to database */
retval = SQLConnect(sock->hdbc,
config->sql_server, SQL_NTS,
config->sql_login, SQL_NTS,
config->sql_password, SQL_NTS);
if(retval != SQL_SUCCESS) {
radlog(L_ERR, "could not connect to DB2 server %s\n", config->sql_server);
SQLDisconnect(sock->hdbc);
SQLFreeHandle(SQL_HANDLE_DBC, sock->hdbc);
SQLFreeHandle(SQL_HANDLE_ENV, sock->henv);
return -1;
}
return 0;
}
/*
* Do any per-module initialization that is separate to each
* configured instance of the module. e.g. set up connections
* to external databases, read configuration files, set up
* dictionary entries, etc.
*
* If configuration information is given in the config section
* that must be referenced in later calls, store a handle to it
* in *instance otherwise put a null pointer there.
*/
static int wimax_instantiate(CONF_SECTION *conf, void **instance)
{
rlm_wimax_t *inst;
/*
* Set up a storage area for instance data
*/
inst = rad_malloc(sizeof(*inst));
if (!inst) {
return -1;
}
memset(inst, 0, sizeof(*inst));
/*
* If the configuration parameters can't be parsed, then
* fail.
*/
if (cf_section_parse(conf, inst, module_config) < 0) {
wimax_detach(inst);
return -1;
}
*instance = inst;
return 0;
}
static indexed_modcallable *new_sublist(int comp, int idx)
{
indexed_modcallable **head = &components[comp];
indexed_modcallable *node = *head;
indexed_modcallable **last = head;
while (node) {
/* It is an error to try to create a sublist that already
* exists. It would almost certainly be caused by accidental
* duplication in the config file.
*
* index 0 is the exception, because it is used when we want
* to collect _all_ listed modules under a single index by
* default, which is currently the case in all components
* except authenticate. */
if (node->idx == idx) {
if (idx == 0)
return node;
else
return NULL;
}
last = &node->next;
node = node->next;
}
node = rad_malloc(sizeof *node);
node->next = NULL;
node->modulelist = NULL;
node->idx = idx;
*last = node;
return node;
}
/*************************************************************************
*
* Function: sql_create_socket
*
* Purpose: Establish connection to the db
*
*************************************************************************/
static int sql_init_socket(SQLSOCK *sqlsocket, SQL_CONFIG *config)
{
int status;
rlm_sql_sqlite_sock *sqlite_sock;
char *filename;
char buffer[2048];
if (!sqlsocket->conn) {
sqlsocket->conn = (rlm_sql_sqlite_sock *)rad_malloc(sizeof(rlm_sql_sqlite_sock));
if (!sqlsocket->conn) {
return -1;
}
}
sqlite_sock = sqlsocket->conn;
memset(sqlite_sock, 0, sizeof(rlm_sql_sqlite_sock));
filename = config->sql_file;
if (!filename) {
snprintf(buffer, sizeof(buffer), "%s/sqlite_radius_client_database",
radius_dir);
filename = buffer;
}
radlog(L_INFO, "rlm_sql_sqlite: Opening sqlite database %s",
filename);
status = sqlite3_open(filename, &sqlite_sock->pDb);
radlog(L_INFO, "rlm_sql_sqlite: sqlite3_open() = %d\n", status);
return (status != SQLITE_OK) * -1;
}
/*
* Retrieve an fd (from pool) to use for socket connection.
* It'd be simpler to use TLS but FR can have lots of threads
* and we don't want to waste fd's that way.
* We can't have a global fd because we'd then be pipelining
* requests to otpd and we have no way to demultiplex
* the responses.
*/
static smsotp_fd_t * smsotp_getfd(const rlm_smsotp_t *opt)
{
int rc;
smsotp_fd_t *fdp;
/* walk the connection pool looking for an available fd */
for (fdp = smsotp_fd_head; fdp; fdp = fdp->next) {
rc = smsotp_pthread_mutex_trylock(&fdp->mutex);
if (!rc)
if (!strcmp(fdp->path, opt->smsotp_socket)) /* could just use == */
break;
}
if (!fdp) {
/* no fd was available, add a new one */
fdp = rad_malloc(sizeof(*fdp));
smsotp_pthread_mutex_init(&fdp->mutex, NULL);
smsotp_pthread_mutex_lock(&fdp->mutex);
/* insert new fd at head */
smsotp_pthread_mutex_lock(&smsotp_fd_head_mutex);
fdp->next = smsotp_fd_head;
smsotp_fd_head = fdp;
smsotp_pthread_mutex_unlock(&smsotp_fd_head_mutex);
/* initialize */
fdp->path = opt->smsotp_socket;
fdp->fd = -1;
}
/* establish connection */
if (fdp->fd == -1)
fdp->fd = smsotp_connect(fdp->path);
return fdp;
}
static int always_instantiate(CONF_SECTION *conf, void **instance)
{
rlm_always_t *data;
/*
* Set up a storage area for instance data
*/
data = rad_malloc(sizeof(*data));
if (!data) {
return -1;
}
memset(data, 0, sizeof(*data));
/*
* If the configuration parameters can't be parsed, then
* fail.
*/
if (cf_section_parse(conf, data, module_config) < 0) {
free(data);
return -1;
}
/*
* Convert the rcode string to an int, and get rid of it
*/
data->rcode = str2rcode(data->rcode_str);
if (data->rcode == -1) {
free(data);
return -1;
}
*instance = data;
return 0;
}
static int securid_instantiate(CONF_SECTION *conf, void **instance)
{
rlm_securid_t *inst;
/* Set up a storage area for instance data */
inst = rad_malloc(sizeof(*inst));
if (!inst) return -1;
memset(inst, 0, sizeof(*inst));
/* If the configuration parameters can't be parsed, then fail. */
if (cf_section_parse(conf, inst, module_config) < 0) {
radlog(L_ERR|L_CONS, "rlm_securid: Unable to parse configuration section.");
securid_detach(inst);
return -1;
}
/*
* Lookup sessions in the tree. We don't free them in
* the tree, as that's taken care of elsewhere...
*/
inst->session_tree = rbtree_create(securid_session_cmp, NULL, 0);
if (!inst->session_tree) {
radlog(L_ERR|L_CONS, "rlm_securid: Cannot initialize session tree.");
securid_detach(inst);
return -1;
}
pthread_mutex_init(&(inst->session_mutex), NULL);
*instance = inst;
return 0;
}
/** Establish connection to the db
*
*/
static int sql_init_socket(rlm_sql_handle_t *handle, rlm_sql_config_t *config) {
rlm_sql_firebird_sock *firebird_sock;
long res;
if (!handle->conn) {
handle->conn = rad_malloc(sizeof(rlm_sql_firebird_sock));
if (!handle->conn) {
return -1;
}
}
firebird_sock = handle->conn;
res = fb_init_socket(firebird_sock);
if (res) {
return -1;
}
if (fb_connect(firebird_sock,config)) {
radlog(L_ERR, "rlm_sql_firebird: Connection failed %s\n",
firebird_sock->lasterror);
return SQL_DOWN;
}
return 0;
}
static int setup_ssl_mutexes(void)
{
int i;
#ifdef HAVE_OPENSSL_EVP_H
/*
* Enable all ciphers and digests.
*/
OpenSSL_add_all_algorithms();
#endif
ssl_mutexes = rad_malloc(CRYPTO_num_locks() * sizeof(pthread_mutex_t));
if (!ssl_mutexes) {
radlog(L_ERR, "Error allocating memory for SSL mutexes!");
return 0;
}
for (i = 0; i < CRYPTO_num_locks(); i++) {
pthread_mutex_init(&(ssl_mutexes[i]), NULL);
}
CRYPTO_set_id_callback(ssl_id_function);
CRYPTO_set_locking_callback(ssl_locking_function);
return 1;
}
/*
* (Re-)read the "attrs" file into memory.
*/
static int attr_filter_instantiate(CONF_SECTION *conf, void **instance)
{
struct attr_filter_instance *inst;
int rcode;
inst = rad_malloc(sizeof *inst);
if (!inst) {
return -1;
}
memset(inst, 0, sizeof(*inst));
if (cf_section_parse(conf, inst, module_config) < 0) {
free(inst);
return -1;
}
rcode = getattrsfile(inst->attrsfile, &inst->attrs);
if (rcode != 0) {
radlog(L_ERR|L_CONS, "Errors reading %s", inst->attrsfile);
free(inst->attrsfile);
free(inst);
return -1;
}
*instance = inst;
return 0;
}