1 /* This file is part of GNU Radius. 2 Copyright (C) 2000,2001,2002,2003,2004,2005, 3 2007,2008 Free Software Foundation, Inc. 4 5 Written by Sergey Poznyakoff 6 7 GNU Radius is free software; you can redistribute it and/or modify 8 it under the terms of the GNU General Public License as published by 9 the Free Software Foundation; either version 3 of the License, or 10 (at your option) any later version. 11 12 GNU Radius is distributed in the hope that it will be useful, 13 but WITHOUT ANY WARRANTY; without even the implied warranty of 14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 15 GNU General Public License for more details. 16 17 You should have received a copy of the GNU General Public License 18 along with GNU Radius; if not, write to the Free Software Foundation, 19 Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ 20 21 #include <sys/types.h> 22 #include <sys/socket.h> 23 #include <netinet/in.h> 24 #include <stdio.h> 25 #include <signal.h> 26 27 #include <common.h> 28 #include <cfg.h> 29 #include <radsql.h> 30 31 /* Server data structures */ 32 struct radutmp; /* declared in radutmp.h */ 33 34 /* Struct radiusd_request expands grad_request_t by adding server-specific 35 fields to it. */ 36 typedef struct radiusd_request { 37 grad_request_t *request; 38 39 /* Saved reply values */ 40 int reply_code; /* Reply code */ 41 grad_avp_t *reply_pairs; /* Reply pairs */ 42 char *reply_msg; /* Reply message */ 43 /* FIXME: should probably be 44 incorporated to reply_pairs 45 at once */ 46 /* List of cfg file locations that lead to the decision on this 47 request */ 48 grad_list_t *locus_list; 49 50 /* Proxy support fields */ 51 grad_realm_t *realm; 52 int validated; /* Already md5 checked */ 53 int server_no; 54 int attempt_no; 55 grad_uint32_t server_id; /* Proxy ID of the packet */ 56 char *remote_user; /* Remote username */ 57 u_char remote_auth[GRAD_AUTHENTICATOR_LENGTH]; 58 /* Remote request authenticator */ 59 int server_code; /* Reply code from other srv */ 60 grad_avp_t *server_reply; /* Reply from other server */ 61 } radiusd_request_t; 62 63 enum reload_what { 64 reload_config, 65 reload_all, 66 reload_dict, 67 reload_users, 68 reload_huntgroups, 69 reload_hints, 70 reload_clients, 71 reload_naslist, 72 reload_realms, 73 reload_deny, 74 reload_sql, 75 reload_rewrite 76 }; 77 78 /* ********************** Request list handling **************************** */ 79 80 /* Request types 81 */ 82 #define R_NONE -1 83 #define R_AUTH 0 /* Radius authentication request */ 84 #define R_ACCT 1 /* Radius accounting request */ 85 #define R_SNMP 2 /* SNMP request */ 86 #define R_MAX 3 87 88 #define RS_WAITING 0 /* Request waiting for processing */ 89 #define RS_COMPLETED 1 /* Request is completed */ 90 #define RS_PROXY 2 /* Proxy request waiting for its handler 91 to become free */ 92 #define RS_XMIT 3 /* The request is to be retransmitted to its 93 handler and is waiting for it to 94 become free */ 95 #define RS_TERMINATED 4 /* TERM has been sent to the handler */ 96 97 /* Request comparison results */ 98 #define RCMP_NE 0 /* Requests not equal */ 99 #define RCMP_EQ 1 /* Requests equal */ 100 #define RCMP_PROXY 2 /* Requests are proxy request and corresponding 101 reply */ 102 typedef struct request REQUEST; 103 104 struct request { 105 int type; /* request type */ 106 int status; /* request status */ 107 time_t timestamp; /* when was the request accepted */ 108 pid_t child_id; /* ID of the handling process */ 109 int code; /* Child return code if completed */ 110 void *data; /* Request-specific data */ 111 void *rawdata; /* Raw data as received from the 112 socket */ 113 size_t rawsize; /* Size of the data */ 114 int fd; /* socket the request came from */ 115 struct sockaddr_in srv_addr; /* Server address */ 116 struct sockaddr_in addr; /* Remote party address */ 117 REQUEST *orig; /* Original request. For proxy */ 118 }; 119 120 /* Request class structure 121 */ 122 typedef struct request_class { 123 char *name; /* Class name */ 124 int max_requests; /* Max.number of pending requests of this type */ 125 int ttl; /* Request time-to-live */ 126 int cleanup_delay; /* Delay before cleaning the completed request */ 127 int (*decode)(const struct sockaddr_in *srv_sa, 128 const struct sockaddr_in *clt_sa, 129 void *input, size_t inputsize, void **output); 130 int (*respond)(REQUEST *r); /* Handler function */ 131 void (*xmit)(REQUEST *r); /* Retransmit function */ 132 int (*comp)(void *a, void *b); /* Compare function */ 133 void (*free)(void *data); /* Free the associated data */ 134 void (*drop)(int type, void *data, void *old_data, int fd, 135 const char *msg); /* Drop the request */ 136 void (*cleanup)(int type, void *data);/* Cleanup function */ 137 int (*failure)(int type, struct sockaddr_in *addr); 138 void (*update)(void *req, void *ptr); 139 } REQUEST_CLASS; 140 141 struct queue_stat { 142 size_t waiting; 143 size_t pending; 144 size_t completed; 145 }; 146 typedef struct queue_stat QUEUE_STAT[R_MAX]; 147 148 typedef struct client { 149 grad_netdef_t netdef; 150 char longname[GRAD_MAX_LONGNAME+1]; 151 u_char *secret; 152 char shortname[GRAD_MAX_SHORTNAME+1]; 153 } CLIENT; 154 155 typedef struct proxy_state { 156 grad_uint32_t ref_ip; /* Radius server IP */ 157 grad_uint32_t proxy_id; /* Proxy ID assigned by the server */ 158 grad_uint32_t remote_ip; /* Remote radius server IP */ 159 grad_uint32_t client_ip; /* IP of the requesting client */ 160 grad_uint32_t id; /* Radius request ID */ 161 } PROXY_STATE; 162 163 typedef struct { 164 int id; 165 int proxy_id; 166 int server_no; 167 char realmname[1]; 168 } RADIUS_UPDATE; 169 170 /* 171 * Internal representation of a user's profile 172 */ 173 typedef struct user_symbol { 174 struct user_symbol *next; /* Link to the next entry */ 175 char *name; /* Label */ 176 grad_avp_t *check; /* LHS */ 177 grad_avp_t *reply; /* RHS */ 178 grad_locus_t loc; /* Location of the definition of 179 this entry */ 180 int ordnum; /* Entry ordinal number (used for semantic 181 checks */ 182 } User_symbol; 183 184 #define SNMP_RO 1 185 #define SNMP_RW 2 186 187 #ifdef USE_SNMP 188 189 #include <radsnmp.h> 190 191 typedef struct netname NETNAME; 192 struct netname { 193 char *name; 194 grad_list_t /* of grad_netdef_t */ *netlist; 195 }; 196 197 typedef struct community Community; 198 struct community { 199 char *name; 200 int access; 201 } ; 202 203 typedef struct access_control_list ACL; 204 struct access_control_list { 205 Community *community; /* community or NULL to deny access */ 206 grad_list_t /* of grad_netdef_t */ *netlist; 207 }; 208 209 struct radstat { 210 struct timeval start_time; 211 grad_counter_t port_active_count; 212 grad_counter_t port_idle_count; 213 }; 214 215 typedef enum { 216 port_idle = 1, 217 port_active 218 } port_status; 219 220 typedef struct { 221 struct timeval start_time; 222 unsigned port_count; /* Number of ports in the port_stat array */ 223 unsigned nas_count; /* Number of NASes in the nas_stat array */ 224 int nas_index; /* Next available NAS index */ 225 Auth_server_stat auth; 226 Acct_server_stat acct; 227 /* struct nas_stat naslist[nas_count]; 228 struct port_stat portlist[port_count]; */ 229 } Server_stat; 230 231 #define stat_inc(m,a,c) \ 232 do if (server_stat) {\ 233 grad_nas_t *nas;\ 234 server_stat -> m . c ++;\ 235 if ((nas = grad_nas_lookup_ip(a)) != NULL && nas->app_data)\ 236 ((struct nas_stat*)nas->app_data)-> m . c ++;\ 237 } while (0) 238 239 extern struct radstat radstat; 240 241 typedef struct snmp_req { 242 struct snmp_pdu *pdu; 243 char *community; 244 int access; 245 struct sockaddr_in addr; 246 } SNMP_REQ; 247 248 #else 249 #define stat_inc(m,a,c) 250 #endif 251 252 typedef void (*config_hook_fp)(void *func_data, void *app_data); 253 254 #define SECONDS_PER_DAY 86400 255 #define MAX_REQUEST_TIME 60 256 #define CLEANUP_DELAY 10 257 #define MAX_REQUESTS 255 258 #define MAX_CHILDREN 16 259 #define PROCESS_TIMEOUT 3600 260 #define RADIUSD_READ_TIMEOUT 5 261 #define RADIUSD_WRITE_TIMEOUT 5 262 263 /* 264 * Authentication results 265 */ 266 enum auth_status { 267 auth_ok, /* Authentication passed */ 268 auth_valid, /* Authentication passed, expiration timeout 269 is returned */ 270 auth_account_expired, /* Account has expired */ 271 auth_password_expired,/* Password has expired */ 272 auth_fail, 273 auth_nouser, 274 auth_reject, 275 auth_ignore, 276 }; 277 278 /* Logging modes */ 279 #define RLOG_AUTH 0x0001 280 #define RLOG_AUTH_PASS 0x0002 281 #define RLOG_FAILED_PASS 0x0004 282 #define RLOG_DEFAULT (RLOG_AUTH | RLOG_FAILED_PASS) 283 284 /* Running modes */ 285 #define MODE_DAEMON 0 286 #define MODE_CHECKCONF 1 287 #define MODE_TEST 2 288 #define MODE_BUILDDBM 3 289 290 /* Message IDs */ 291 #define MSG_ACCOUNT_CLOSED 0 292 #define MSG_PASSWORD_EXPIRED 1 293 #define MSG_PASSWORD_EXPIRE_WARNING 2 294 #define MSG_ACCESS_DENIED 3 295 #define MSG_REALM_QUOTA 4 296 #define MSG_MULTIPLE_LOGIN 5 297 #define MSG_SECOND_LOGIN 6 298 #define MSG_TIMESPAN_VIOLATION 7 299 #define MSG_COUNT 8 300 301 typedef struct radiusd_user { 302 char *username; 303 uid_t uid; 304 gid_t gid; 305 } RADIUS_USER; 306 307 /* 308 * Global variables. 309 */ 310 extern int radius_mode; 311 extern int debug_flag; 312 extern int auth_detail; 313 extern int acct_detail; 314 extern char *auth_detail_template; 315 extern char *acct_detail_template; 316 extern int acct_system; 317 extern int auth_trace_rules; 318 extern int acct_trace_rules; 319 extern int strip_names; 320 extern int checkrad_assume_logged; 321 extern int auth_reject_malformed_names; 322 extern size_t max_requests; 323 extern size_t max_children; 324 extern unsigned process_timeout; 325 extern unsigned radiusd_write_timeout; 326 extern unsigned radiusd_read_timeout; 327 extern grad_uint32_t expiration_seconds; 328 extern grad_uint32_t warning_seconds; 329 extern int use_dbm; 330 extern grad_uint32_t myip; 331 extern grad_uint32_t ref_ip; 332 extern int auth_port; 333 extern int acct_port; 334 extern int suspend_flag; 335 extern int log_mode; 336 extern char *auth_log_hook; 337 extern int use_guile; 338 extern char *message_text[MSG_COUNT]; 339 extern char *username_valid_chars; 340 extern unsigned long stat_start_time; 341 extern REQUEST_CLASS request_class[]; 342 extern int max_threads; 343 extern int num_threads; 344 #ifdef USE_SNMP 345 extern int snmp_port; 346 extern char *server_id; 347 extern Server_stat *server_stat; 348 extern struct cfg_stmt snmp_stmt[]; 349 #endif 350 extern int auth_comp_flag; 351 extern int acct_comp_flag; 352 extern RADIUS_USER exec_user; 353 extern RADIUS_USER radiusd_user; 354 extern grad_symtab_t *user_tab; 355 356 /* Input subsystem (input.c) */ 357 358 typedef struct input_system INPUT; 359 360 INPUT *input_create(); 361 void input_register_method(INPUT *input, 362 const char *name, 363 int prio, 364 int (*handler)(int, void *), 365 int (*close)(int, void *), 366 int (*cmp)(const void *, const void *)); 367 int input_register_channel(INPUT *input, char *name, int fd, void *data); 368 void input_close_channels(INPUT *input); 369 void input_close_channel_fd(INPUT *input, int fd); 370 void input_close_channel_data(INPUT *input, char *name, void *data); 371 int input_select(INPUT *input, struct timeval *tv); 372 int input_select_channel(INPUT *input, char *name, struct timeval *tv); 373 void *input_find_channel(INPUT *input, char *name, void *data); 374 void input_iterate_channels(INPUT *input, char *name, list_iterator_t fun, 375 void *data); 376 377 /* rpp.c */ 378 int rpp_ready(); 379 int rpp_forward_request(REQUEST *req); 380 void rpp_remove_pid(pid_t pid); 381 void rpp_status_changed(pid_t pid, int exit_status); 382 void rpp_flush(int (*fun)(void*), void *closure); 383 void rpp_collect_exited(); 384 int rpp_input_handler(int fd, void *data); 385 int rpp_input_close(int fd, void *data); 386 int rpp_kill(pid_t pid, int signo); 387 size_t rpp_count(); 388 int rpp_update(void *data, size_t size); 389 pid_t rpp_check_pid(pid_t pid); 390 391 /* request.c */ 392 REQUEST *request_create(int type, int fd, 393 const struct sockaddr_in *srv_sa, 394 const struct sockaddr_in *clt_sa, 395 u_char *buf, size_t bufsize); 396 void request_free(REQUEST *req); 397 int request_respond(REQUEST *req); 398 int request_handle(REQUEST *req, int (*handler)(REQUEST *)); 399 void request_fail(int type, struct sockaddr_in *addr); 400 void request_init_queue(); 401 void *request_scan_list(int type, list_iterator_t itr, void *closure); 402 void request_set_status(pid_t pid, int status); 403 int request_stat_list(QUEUE_STAT stat); 404 void request_update(pid_t pid, int status, void *ptr); 405 406 /* radiusd.c */ 407 int udp_input_handler(int fd, void *data); 408 int udp_input_close(int fd, void *data); 409 int udp_input_cmp(const void *a, const void *b); 410 411 int udp_open(int type, grad_uint32_t ipaddr, int port, int nonblock); 412 413 void radiusd_pidfile_write(char *name); 414 pid_t radiusd_pidfile_read(char *name); 415 void radiusd_pidfile_remove(char *name); 416 417 void radiusd_main(); 418 void radiusd_signal_init(RETSIGTYPE (*)(int)); 419 void radiusd_cleanup(); 420 void radiusd_restart(); 421 void radiusd_flush_queue(); 422 void radiusd_exit(); 423 void radiusd_exit0(); 424 void radiusd_reconfigure(); 425 int radiusd_master(); 426 void radiusd_set_preconfig_hook(void (*f)(void *, void *), void *p, int once); 427 void radiusd_set_postconfig_hook(void (*f)(void *, void *), void *p, int once); 428 void radiusd_register_input_fd(char *name, int fd, void *data); 429 void radiusd_close_channel(int fd); 430 431 /* exec.c */ 432 int radius_get_user_ids(RADIUS_USER *usr, const char *name); 433 int radius_switch_to_user(RADIUS_USER *usr); 434 int radius_exec_command(char *cmd); 435 int radius_exec_program(char *, radiusd_request_t *, grad_avp_t **, int); 436 void filter_cleanup(pid_t pid, int status); 437 int filter_auth(char *name, radiusd_request_t *req, grad_avp_t **reply_pairs); 438 int filter_acct(char *name, radiusd_request_t *req); 439 int filters_stmt_term(int finish, void *block_data, void *handler_data); 440 extern struct cfg_stmt filters_stmt[]; 441 442 /* scheme.c */ 443 void scheme_main(); 444 void scheme_load_path(char *pathname); 445 int scheme_auth(char *procname, radiusd_request_t *req, 446 grad_avp_t *user_check, grad_avp_t **user_reply_ptr); 447 int scheme_acct(char *procname, radiusd_request_t *req); 448 int scheme_eval_boolean_expr(char *expr); 449 int scheme_eval_avl (radiusd_request_t *request, 450 grad_avp_t *lhs, grad_avp_t *rhs, 451 grad_avp_t **reply, 452 grad_avp_t **pfailed); 453 void scheme_eval_unspecified_expr(char *expr); 454 void scheme_read_eval_loop(); 455 void scheme_redirect_output(); 456 void start_guile(); 457 458 int guile_cfg_handler(int argc, cfg_value_t *argv, 459 void *block_data, void *handler_data); 460 extern struct cfg_stmt guile_stmt[]; 461 462 /* log.c */ 463 void radiusd_logger(int level, 464 const grad_request_t *req, 465 const grad_locus_t *loc, 466 const char *func_name, 467 int en, 468 const char *fmt, va_list ap); 469 void sqllog(int status, char *query); 470 int logging_stmt_handler(int argc, cfg_value_t *argv, void *block_data, 471 void *handler_data); 472 int logging_stmt_end(void *block_data, void *handler_data); 473 int logging_stmt_begin(int finish, void *block_data, void *handler_data); 474 void format_exit_status(char *buffer, int buflen, int status); 475 int log_change_owner(RADIUS_USER *usr); 476 extern struct cfg_stmt logging_stmt[]; 477 478 /* radius.c */ 479 480 #define REQ_AUTH_OK 0 481 #define REQ_AUTH_ZERO 1 482 #define REQ_AUTH_BAD 2 483 484 void radius_send_reply(int, radiusd_request_t *, grad_avp_t *, char *, int); 485 void radius_send_challenge(radiusd_request_t *radreq, char *msg, char *state, int fd); 486 int radius_verify_digest(REQUEST *req); 487 488 int radius_auth_req_decode(const struct sockaddr_in *srv_sa, 489 const struct sockaddr_in *clt_sa, 490 void *input, size_t inputsize, void **output); 491 int radius_acct_req_decode(const struct sockaddr_in *srv_sa, 492 const struct sockaddr_in *clt_sa, 493 void *input, size_t inputsize, void **output); 494 int radius_req_cmp(void *a, void *b); 495 void radius_req_free(void *req); 496 void radius_req_drop(int type, void *radreq, void *origreq, 497 int fd, const char *status_str); 498 void radius_req_xmit(REQUEST *request); 499 int radius_req_failure(int type, struct sockaddr_in *addr); 500 void radius_req_update(void *req_ptr, void *data_ptr); 501 int radius_respond(REQUEST *req); 502 void radius_req_register_locus(radiusd_request_t *req, grad_locus_t *loc); 503 void radius_trace_path(radiusd_request_t *req); 504 grad_avp_t *radius_decrypt_request_pairs(radiusd_request_t *req, grad_avp_t *pair); 505 void radius_destroy_pairs(grad_avp_t **p); 506 507 /* shmem.c */ 508 int shmem_alloc(size_t size); 509 void shmem_free(); 510 void *shmem_get(size_t size, int zero); 511 512 /* pam.c */ 513 int pam_pass(char *name, char *passwd, const char *pamauth, char **reply_msg); 514 #define PAM_DEFAULT_TYPE "radius" 515 516 /* proxy.c */ 517 int proxy_send(REQUEST *req); 518 int proxy_receive(radiusd_request_t *radreq, radiusd_request_t *oldreq, int activefd); 519 void proxy_retry(radiusd_request_t *radreq, int fd); 520 int proxy_cmp(radiusd_request_t *qr, radiusd_request_t *r); 521 grad_avp_t *proxy_request_recode(radiusd_request_t *radreq, grad_avp_t *plist, 522 u_char *secret, u_char *authenticator); 523 524 /* menu.c */ 525 #define MAX_PATH_LENGTH 256 526 #define MAX_MENU_SIZE 4096 527 #define MAX_MENU_NAME 128 528 #define MAX_MENU_INPUT 32 529 #define MAX_STATE_VALUE 128 530 #define RAD_BUFFER_SIZE 4096 531 532 void menu_reply(radiusd_request_t *radreq, int fd); 533 char *menu_read_text(char *menu_name); 534 535 /* acct.c */ 536 void system_acct_init(); 537 void acct_init(); 538 int rad_accounting(radiusd_request_t *, int, int); 539 int radzap(grad_uint32_t nas, int port, char *user, time_t t); 540 int write_detail(radiusd_request_t *radreq, int authtype, int rtype); 541 542 int radutmp_mlc_collect_user(char *name, radiusd_request_t *request, 543 grad_list_t **sess_list); 544 int radutmp_mlc_collect_realm(radiusd_request_t *request, 545 grad_list_t **sess_list); 546 void radutmp_mlc_close(struct radutmp *up); 547 int radutmp_mlc_enabled_p(void); 548 549 /* mlc.c */ 550 typedef int (*mlc_collect_user_t) (char *name, radiusd_request_t *request, 551 grad_list_t **sess_list); 552 typedef int (*mlc_collect_realm_t) (radiusd_request_t *request, 553 grad_list_t **sess_list); 554 typedef void (*mlc_close_t) (struct radutmp *up); 555 typedef int (*mlc_enabled_t) (void); 556 void mlc_register_method(char *name, 557 mlc_collect_user_t collect_user, 558 mlc_collect_realm_t collect_realm, 559 mlc_close_t close, 560 mlc_enabled_t enabled_p); 561 562 extern struct cfg_stmt mlc_stmt[]; 563 int radius_mlc_user(char *name, radiusd_request_t *request, 564 size_t maxsimul, size_t *pcount); 565 int radius_mlc_realm(radiusd_request_t *request); 566 567 /* files.c */ 568 int user_find(char *name, radiusd_request_t *, grad_avp_t **, grad_avp_t **); 569 int userparse(char *buf, grad_avp_t **first_pair, char **errmsg); 570 void presuf_setup(grad_avp_t *request_pairs); 571 int hints_setup(radiusd_request_t *request); 572 int huntgroup_access(radiusd_request_t *radreq, grad_locus_t *loc); 573 CLIENT *client_lookup_ip(grad_uint32_t ipno); 574 char *client_lookup_name(grad_uint32_t ipno, char *buf, size_t size); 575 int read_clients_file(char *); 576 grad_nas_t *grad_nas_find(grad_uint32_t ipno); 577 grad_nas_t *grad_nas_by_name(char *name); 578 char *grad_nas_name(grad_uint32_t ipno); 579 char *nas_name2(radiusd_request_t *r); 580 int read_nas_list_file(char *); 581 int reload_config_file(enum reload_what); 582 int presufcmp(grad_avp_t *check, char *name, char *rest); 583 int get_config(); 584 int get_deny(char *user); 585 grad_nas_t *findnasbyindex(int); 586 char *make_server_ident(); 587 void dump_users_db(); 588 void strip_username(int do_strip, char *name, 589 grad_avp_t *check_item, char *stripped_name); 590 int exec_program_wait (radiusd_request_t *request, grad_avp_t *rhs, 591 grad_avp_t **reply, grad_avp_t **pfailed); 592 593 /* version.c */ 594 void version(); 595 596 /* auth.c */ 597 int rad_auth_init(radiusd_request_t *radreq, int activefd); 598 int rad_auth_check_username(radiusd_request_t *radreq, int activefd); 599 int rad_authenticate (radiusd_request_t *, int); 600 void req_decrypt_password(char *password, grad_request_t *req, 601 grad_avp_t *pair); 602 603 /* timestr.c */ 604 int timestr_match(char *, time_t); 605 606 #ifdef USE_SNMP 607 /* snmpserv.c */ 608 void snmpserv_init(void *arg); 609 void snmp_auth_server_reset(); 610 void snmp_acct_server_reset(); 611 void snmp_attach_nas_stat(grad_nas_t *nas); 612 void snmp_init_nas_stat(); 613 void snmp_sort_nas_stat(); 614 int snmp_stmt_begin(int finish, void *data, void *up_data); 615 extern struct cfg_stmt storage_stmt[]; 616 #endif 617 618 /* stat.c */ 619 #ifdef USE_SNMP 620 void stat_init(); 621 void stat_done(); 622 void stat_update(struct radutmp *ut, int status); 623 void stat_count_ports(); 624 struct nas_stat * find_nas_stat(grad_uint32_t ip_addr); 625 int stat_get_port_index(grad_nas_t *nas, int port_no); 626 int stat_get_next_port_no(grad_nas_t *nas, int port_no); 627 #else 628 # define stat_init() 629 # define stat_done() 630 # define stat_update(ut,status) 631 #endif 632 633 /* snmpserver.c */ 634 int snmp_req_decode(const struct sockaddr_in *srv_sa, 635 const struct sockaddr_in *clt_sa, 636 void *input, size_t inputsize, void **output); 637 int snmp_req_cmp(void *ap, void *bp); 638 void snmp_req_free(void *ptr); 639 void snmp_req_drop(int type, void *data, void *orig_data, 640 int fd, const char *status_str); 641 int snmp_req_respond(REQUEST *request); 642 643 /* radutil.c */ 644 radiusd_request_t *radiusd_request_alloc(grad_request_t *req); 645 void radiusd_request_free(radiusd_request_t *radreq); 646 647 char *radius_xlate(struct obstack *obp, char *str, 648 grad_request_t *req, grad_avp_t *reply_pairs); 649 int radius_eval_avp(radiusd_request_t *req, grad_avp_t *p, grad_avp_t *reply, 650 int allow_xlat); 651 int radius_eval_avl(radiusd_request_t *req, grad_avp_t *p); 652 char *util_xlate(struct obstack *sp, char *fmt, grad_request_t *radreq); 653 654 /* rewrite.y */ 655 extern struct cfg_stmt rewrite_stmt[]; 656 int parse_rewrite(char *name); 657 658 /* radck.c */ 659 int fix_check_pairs(int sf_file, grad_locus_t *loc, char *name, grad_avp_t **pairs); 660 int fix_reply_pairs(int cf_file, grad_locus_t *loc, char *name, grad_avp_t **pairs); 661 void radck(); 662 663 /* checkrad.c */ 664 int checkrad(grad_nas_t *nas, struct radutmp *up); 665 666 /* forward.c */ 667 int rad_cfg_forward_auth(int argc, cfg_value_t *argv, 668 void *block_data, void *handler_data); 669 int rad_cfg_forward_acct(int argc, cfg_value_t *argv, 670 void *block_data, void *handler_data); 671 void forward_init(); 672 void forward_request(int type, radiusd_request_t *req); 673 674 /* dynload.c */ 675 extern struct cfg_stmt dynload_stmt[]; 676 int dynload_stmt_term(int finish, void *block_data, void *handler_data); 677 void *radiusd_load_ext(const char *name, const char *ident, void **symbol); 678 void dynload_init(); 679 680 /* Logging */ 681 682 /* log output modes */ 683 #define LM_UNKNOWN -1 684 #define LM_OFF 0 685 #define LM_FILE 1 686 #define LM_SYSLOG 2 687 688 /* log options */ 689 #define LO_CONS 0x0001 690 #define LO_PID 0x0002 691 #define LO_CAT 0x0004 692 #define LO_PRI 0x0008 693 #define LO_MSEC 0x0010 694 #define LO_PERSIST 0x8000 695 696 #define RADIUS_DEBUG_BUFFER_SIZE 1024 697 698 typedef struct channel Channel; 699 700 struct channel { 701 char *name; 702 int pmask[GRAD_LOG_NCAT]; 703 int mode; /* LM_ constant */ 704 union { 705 struct { 706 int prio; /* syslog priority */ 707 int fac; /* syslog facility */ 708 char *tag; /* syslog tag */ 709 } sl; 710 char *file; /* file: output file name */ 711 } id; 712 int options; 713 char *prefix_hook; /* prefix hook function */ 714 char *suffix_hook; /* suffix hook function */ 715 }; 716 717 Channel *channel_lookup(char *name); 718 void channel_free(Channel *chan); 719 void channel_free_list(Channel *chan); 720 Channel * log_mark(); 721 void log_release(); 722 723 void register_channel(Channel *chan); 724 void register_category(int cat, int pri, grad_list_t *chanlist); 725 726 void log_set_to_console(int cat, int pri); 727 void log_set_default(char *name, int cat, int pri); 728 729 void log_open(int cat); 730 void log_close(); 731 732 /* sql.c */ 733 #ifdef USE_SQL 734 void sql_init(); 735 int radiusd_sql_config(); 736 void radiusd_sql_shutdown(); 737 void radiusd_sql_clear_cache(); 738 void radiusd_sql_acct(radiusd_request_t *req); 739 int radiusd_sql_checkgroup(radiusd_request_t *req, char *groupname); 740 int radiusd_sql_check_attr_query(radiusd_request_t *req, grad_avp_t **check_pairs); 741 int radiusd_sql_reply_attr_query(radiusd_request_t *req, grad_avp_t **reply_pairs); 742 void radiusd_sql_auth_result_query(radiusd_request_t *req, int fail); 743 void radiusd_sql_cleanup(int type, void *req); 744 745 char *radiusd_sql_pass(radiusd_request_t *req, char *data); 746 747 # ifdef RADIUS_SERVER_GUILE 748 SCM sql_exec_query(int type, const char *query); 749 SCM sql_run_query(int type, const char *query); 750 # endif 751 752 #else 753 # define sql_init() 754 # define radiusd_sql_config() 0 755 # define radiusd_sql_shutdown() 756 # define radiusd_sql_clear_cache() 757 # define radiusd_sql_acct(req) 758 # define radiusd_sql_checkgroup(req, groupname) 1 759 # define radiusd_sql_check_attr_query(req, check_pairs) 0 760 # define radiusd_sql_reply_attr_query(req, reply_pairs) 761 # define radiusd_sql_auth_result_query(req, fail) 762 # define radiusd_sql_cleanup (void (*)(int, void *)) NULL 763 #endif 764