summaryrefslogtreecommitdiff
path: root/lib/listener.c
blob: 877c162345d0495501e44bae1ec4be0d9df1ef39 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236

/* Copyright 2013 NORDUnet A/S. All rights reserved.
   See LICENSE for licensing information. */

#if defined HAVE_CONFIG_H
#include <config.h>
#endif

#include <stdlib.h>
#include <assert.h>
#include <event2/listener.h>
#include <radsec/radsec.h>
#include <radsec/radsec-impl.h>
#include "listener.h"
#include "conn.h"
#include "peer.h"
#include "event.h"
#include "debug.h"

struct rs_listener *
listener_create (struct rs_context *ctx, struct rs_listener **rootp)
{
  struct rs_listener *listener;

  listener = rs_calloc (ctx, 1, sizeof (*listener));
  if (listener)
    {
      if (*rootp == NULL)
        *rootp = listener;
      else
        {
          listener->next = (*rootp)->next;
          (*rootp)->next = listener;
        }
    }
  return listener;
}

void
listener_accept_cb_ (struct evconnlistener *evconnlistener,
                     evutil_socket_t newfd,
                     struct sockaddr *srcaddr_sa,
                     int srcaddr_len,
                     void *user_data)
{
  int err = RSE_OK;
  struct rs_listener *l = NULL;
  struct rs_connection *newconn = NULL;
  struct rs_context *ctx = NULL;
  struct rs_peer *clients = NULL;

  l = (struct rs_listener *) user_data;
  assert (l);
  assert (l->base_.magic == RS_CONN_MAGIC_LISTENER);
  assert (l->evlistener == evconnlistener);
  ctx = l->base_.ctx;
  assert (ctx);

#if defined (DEBUG)
  {
    char host[80], port[80];
    getnameinfo (srcaddr_sa, srcaddr_len, host, sizeof(host),
                 port, sizeof(port), 0);
    rs_debug (("%s: incoming connection from %s:%s\n", __func__, host, port));
  }
#endif

/*
Application needs to specify acceptable clients -- we need to verify
src addr in the UDP case and x509 client cert in the TLS case. A list
of peers with proper pointers to realms should be a good way of doing
this.

Ask the application for a list of acceptable clients. Default to
accepting any potential configured client block in the realm of the
listener.  Note that this for this to be an opption, the application
must have read a config file. If there is no configuration, reject the
client.
*/
  if (l->callbacks.client_filter_cb)
    clients = l->callbacks.client_filter_cb (l, TO_BASE_CONN(l)->user_data);
  if (clients == NULL)
    clients = connbase_get_peers (TO_BASE_CONN(l));
  if (clients == NULL)
    {
      rs_debug (("%s: didn't get a client list for listener %p\n",
                 __func__, l));
      return;
    }
  rs_debug (("%s: using client list %p\n", __func__, clients));

  err = rs_conn_create (ctx, &newconn, NULL);
  if (err)
    {
      rs_debug (("%s: failed creating a new struct rs_connection: %d\n",
                __func__, err));
      return;                /* FIXME: Verify that this is handled. */
    }

  assert(clients);
  /* TODO: Picking the very first peer is not really what we want to
     do. For UDP, we can look at src ip and try to find a matching
     peer. For TLS, it's worse because we don't have the certificate
     until we've accepted the TCP connection. */
  TO_BASE_CONN(newconn)->realm = clients->realm;
  newconn->active_peer = clients;

  TO_BASE_CONN(newconn)->fd = newfd;
  TO_BASE_CONN(newconn)->transport = TO_BASE_CONN(l)->realm->type;
  err = event_init_bufferevent (newconn);
  if (err)
    {
      rs_debug (("%s: failed init bev: %d\n", __func__, err));
      goto errout;
    }

  /* Create a message and set up a read event. This installs the
     callback performing the TLS verification. */
  {                             /* FIXME */
    struct rs_message *msg = NULL;
    err = rs_message_create (newconn, &msg);
    if (err)
      abort ();                 /* FIXME */
    conn_add_read_event (newconn, msg);
  }

  if (l->callbacks.new_conn_cb)
    l->callbacks.new_conn_cb (newconn, TO_BASE_CONN(l)->user_data);
  return;                       /* Success. */

 errout:
  rs_conn_destroy (newconn);
  if (l->callbacks.error_cb)
    l->callbacks.error_cb (newconn, TO_BASE_CONN(l)->user_data);
}

void
listener_err_cb_ (struct evconnlistener *listener, void *user_data)
{
  rs_debug (("%s: FIXME: handle error\n", __func__));
}

/* Public functions. */
int
rs_listener_create (struct rs_context *ctx,
                    struct rs_listener **listener_out,
                    const char *config)
{
  int err = RSE_OK;
  struct rs_listener *listener = NULL;

  assert (ctx);

  listener = rs_calloc (ctx, 1, sizeof (*listener));
  if (listener == NULL)
    return rs_err_ctx_push_fl (ctx, RSE_NOMEM, __FILE__, __LINE__, NULL);
  conn_init (ctx, TO_BASE_CONN (listener), RS_CONN_OBJTYPE_LISTENER);
  err = conn_configure (ctx, TO_BASE_CONN (listener), config);
  if (err)
    goto errout;

  if (listener_out)
    *listener_out = listener;
  return RSE_OK;

 errout:
  if (listener)
    rs_free (ctx, listener);
  return err;
}

void
rs_listener_set_callbacks (struct rs_listener *listener,
                           const struct rs_listener_callbacks *cb,
                           void *user_data)
{
  assert (listener);
  TO_BASE_CONN(listener)->user_data = user_data;
  memcpy (&listener->callbacks, cb, sizeof (listener->callbacks));
}

int
rs_listener_listen (struct rs_listener *listener)
{
  int err = RSE_OK;
  struct rs_conn_base *connbase = NULL;
  assert (listener);
  connbase = TO_BASE_CONN (listener);

  err = event_init_eventbase (connbase);
  if (err)
    return err;
  err = event_init_socket (connbase, connbase->realm->local_addr);
  if (err)
    return err;
#if 0
  {
    struct linger l;
    l.l_onoff = 1;
    l.l_linger = 0;
    rs_debug (("%s: setting SO_LINGER 0s on fd %d\n", __func__, connbase->fd));
    assert (0 == setsockopt (connbase->fd, SOL_SOCKET, SO_LINGER,
                             (void*)&l, sizeof(l)));
  }
#endif
  return err;
}

int
rs_listener_dispatch (const struct rs_listener *listener)
{
  assert (listener);
  assert (TO_BASE_CONN(listener)->ctx);
  return event_base_dispatch (TO_BASE_CONN(listener)->ctx->evb);
}

int
rs_listener_close (struct rs_listener *l)
{
  int err = baseconn_close (TO_BASE_CONN (l));
  return err;
}

struct event_base *
rs_listener_get_eventbase (const struct rs_listener *l)
{
  assert (TO_BASE_CONN (l));
  assert (TO_BASE_CONN (l)->ctx);
  return TO_BASE_CONN (l)->ctx->evb;
}

int
rs_listener_get_fd (const struct rs_listener *l)
{
  assert (TO_BASE_CONN (l));
  return TO_BASE_CONN (l)->fd;
}
generated by cgit v1.1 at 2024-10-06 22:38:05 +0000