summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLinus Nordberg <linus@nordberg.se>2013-05-15 15:39:20 +0200
committerLinus Nordberg <linus@nordberg.se>2013-05-15 15:39:20 +0200
commitf8207d6d51b665d6af54262c593372dd73eae0d0 (patch)
tree2cb6ac122f8566566ca9bfb4efd5b0e4c1eddbfb
parentfba1c7d1a6418221a94965d0431bf7df0a9a74a0 (diff)
parent65b62d83ee72012d1171f1813b8f989f8805497c (diff)
Merge branch 'libradsec' into libradsec-server-support
Conflicts: lib/HACKING lib/Makefile.am lib/README lib/compat.h lib/conf.c lib/configure.ac lib/conn.c lib/conn.h lib/err.c lib/err.h lib/event.c lib/event.h lib/examples/Makefile.am lib/examples/client-blocking.c lib/examples/client.conf lib/include/radsec/radsec-impl.h lib/include/radsec/radsec.h lib/include/radsec/request-impl.h lib/include/radsec/request.h lib/packet.c lib/packet.h lib/peer.c lib/peer.h lib/request.c lib/send.c lib/tcp.c lib/tests/Makefile.am lib/tls.c lib/udp.c lib/util.c
-rw-r--r--lib/HACKING4
-rw-r--r--lib/LICENSE2
-rw-r--r--lib/Makefile.am37
-rw-r--r--lib/README23
-rw-r--r--lib/attr.c48
-rw-r--r--lib/avp.c2
-rw-r--r--lib/compat.c2
-rw-r--r--lib/compat.h4
-rw-r--r--lib/conf.c2
-rw-r--r--lib/configure.ac8
-rw-r--r--lib/conn.c49
-rw-r--r--lib/debug.c2
-rw-r--r--lib/debug.h2
-rw-r--r--lib/event.c2
-rw-r--r--lib/event.h2
-rw-r--r--lib/examples/Makefile.am4
-rw-r--r--lib/examples/client-blocking.c2
-rw-r--r--lib/include/radsec/radsec-impl.h3
-rw-r--r--lib/include/radsec/radsec.h16
-rw-r--r--lib/include/radsec/request-impl.h2
-rw-r--r--lib/include/radsec/request.h13
-rw-r--r--lib/libradsec.spec.in77
-rw-r--r--lib/md5.c6
-rw-r--r--lib/md5.h2
-rw-r--r--lib/peer.c2
-rw-r--r--lib/radius/Makefile.am8
-rw-r--r--lib/radius/share/dictionary.abfab.ietf4
-rw-r--r--lib/radius/share/dictionary.ukerna8
-rw-r--r--lib/radsec.c4
-rw-r--r--lib/radsec.h2
-rw-r--r--lib/radsecproxy/Makefile.am15
-rw-r--r--lib/request.c7
-rw-r--r--lib/send.c2
-rw-r--r--lib/tcp.c34
-rw-r--r--lib/tcp.h2
-rw-r--r--lib/tests/Makefile.am9
-rw-r--r--lib/tests/README27
-rw-r--r--lib/tests/demoCA/index.txt6
-rw-r--r--lib/tests/demoCA/newcerts/01.pem64
-rw-r--r--lib/tests/demoCA/newcerts/02.pem61
-rw-r--r--lib/tests/demoCA/newcerts/03.pem61
-rw-r--r--lib/tests/demoCA/private/c2key.pem9
-rw-r--r--lib/tests/demoCA/private/c3key.pem9
-rw-r--r--lib/tests/demoCA/private/cakey.pem14
-rw-r--r--lib/tests/demoCA/private/cli1.key9
-rw-r--r--lib/tests/demoCA/private/srv1.key9
-rw-r--r--lib/tests/test-udp.c106
-rw-r--r--lib/tests/test.conf2
-rw-r--r--lib/tests/udp-server.c3
-rw-r--r--lib/tests/udp.c6
-rw-r--r--lib/tests/udp.h3
-rw-r--r--lib/tls.c5
-rw-r--r--lib/tls.h4
-rw-r--r--lib/udp.c29
-rw-r--r--lib/udp.h2
-rw-r--r--lib/util.c5
-rw-r--r--lib/util.h2
57 files changed, 471 insertions, 376 deletions
diff --git a/lib/HACKING b/lib/HACKING
index 62da414..c896324 100644
--- a/lib/HACKING
+++ b/lib/HACKING
@@ -1,6 +1,6 @@
HACKING file for libradsec (in Emacs -*- org -*- mode).
-Status as of libradsec-0.2.0.dev (2013-05-02).
+Status as of libradsec-0.2.0.dev (2013-05-06).
* Build instructions
sh autogen.sh
@@ -19,7 +19,7 @@ Details (within parentheses) apply to Debian Wheezy.
- OpenSSL (1.0.1c-4) -- optional, for TLS and DTLS support
sudo apt-get install libssl-dev libssl1.0.0
-* Functionality and quality in 0.0.x
+* Functionality and quality in 0.2.x
** Not well tested
- reading config file
- [TCP] short read
diff --git a/lib/LICENSE b/lib/LICENSE
index 43a0ec8..be32a9a 100644
--- a/lib/LICENSE
+++ b/lib/LICENSE
@@ -1,6 +1,6 @@
* Copyright (c) 2007-2010, UNINETT AS
* Copyright (c) 2011, JANET(UK)
-* Copyright (c) 2010-2011, NORDUnet A/S
+* Copyright (c) 2010-2013, NORDUnet A/S
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
diff --git a/lib/Makefile.am b/lib/Makefile.am
index 6a96d32..e202218 100644
--- a/lib/Makefile.am
+++ b/lib/Makefile.am
@@ -4,23 +4,24 @@ ACLOCAL_AMFLAGS = -I m4
# Shared library interface version, i.e. -version-info to Libtool,
# expressed as three integers CURRENT:REVISION:AGE.
#
-# CURRENT is the version number of the current interface.
-# Increment CURRENT when the library interface changes.
+# CURRENT is the version number of the current interface. Increment
+# CURRENT when the library interface has changed or has been extended.
#
# REVISION is the version number of the _implementation_ of the
-# CURRENT interface.
-# Set REVISION to 0 when CURRENT changes, else increment.
+# CURRENT interface. Set REVISION to 0 when CURRENT changes, else
+# increment.
#
# AGE is the number of interfaces this library implements, i.e. how
-# many versions before CURRENT that are supported.
-# Increment AGE when the library interface is _extended_.
-# Set AGE to 0 when the library interface is _changed_.
+# many versions before CURRENT that are supported. Increment AGE when
+# the library interface is _extended_. Set AGE to 0 when the library
+# interface is _changed_.
VER_CUR = 1
VER_REV = 0
VER_AGE = 0
-SUBDIRS = radius radsecproxy . include examples
+SUBDIRS = radius radsecproxy include . examples
+DIST_SUBDIRS = $(SUBDIRS) tests
INCLUDES = -I$(srcdir)/include
AM_CFLAGS = -Wall -Werror -g
@@ -52,14 +53,28 @@ else
libradsec_la_SOURCES += md5.c
endif
-EXTRA_DIST = HACKING LICENSE
+libradsec_la_SOURCES += \
+ compat.h \
+ conn.h \
+ debug.h \
+ err.h \
+ event.h \
+ md5.h \
+ peer.h \
+ radsec.h \
+ tcp.h \
+ tls.h \
+ udp.h \
+ util.h
+
+EXTRA_DIST = HACKING LICENSE radsec.sym
EXTRA_libradsec_la_DEPENDENCIES = radsec.sym
libradsec_la_CFLAGS = \
- $(AM_CFLAGS) -DHAVE_CONFIG_H -DDEBUG -DDEBUG_LEVENT
+ $(AM_CFLAGS) -DHAVE_CONFIG_H #-DDEBUG -DDEBUG_LEVENT
libradsec_la_LDFLAGS = \
-version-info $(VER_CUR):$(VER_REV):$(VER_AGE) \
- -export-symbols radsec.sym
+ -export-symbols $(srcdir)/radsec.sym
libradsec_la_LIBADD = \
radsecproxy/libradsec-radsecproxy.la \
radius/libradsec-radius.la
diff --git a/lib/README b/lib/README
index 6401333..acfaf0b 100644
--- a/lib/README
+++ b/lib/README
@@ -16,7 +16,8 @@ The canonical pickup point is
http://git.nordu.net/?p=radsecproxy.git;a=shortlog;h=refs/heads/libradsec
-The source code is licensed under a 3-clause BSD license. See LICENSE.
+The source code is licensed under a 3-clause BSD license. See the
+LICENSE file.
Libradsec depends on
@@ -30,10 +31,24 @@ For changes between releases, see the CHANGES file.
To compile the library and the examples, do something like
- sh autogen.sh && ./configure && make
+ sh autogen.sh && ./configure && make
-If any of the libraries are not found, try setting environment
-variable LDFLAGS at configure time like so:
+
+There are a couple of options that can be used when configuring. See
+
+ ./configure --help
+
+for the full list. Worth mentioning here is --enable-tls and
+--enable-tls-psk.
+
+If the preprocessor has a hard time finding some of the header files
+are, try setting environment variable CPPFLAGS at configure
+time. Example:
+
+ CPPFLAGS="-I/usr/local/include" ./configure --enable-tls
+
+If the link editor has trouble finding any of the libraries needed,
+try setting environment variable LDFLAGS at configure time. Example:
LDFLAGS="-L/usr/local/lib" ./configure --enable-tls
diff --git a/lib/attr.c b/lib/attr.c
deleted file mode 100644
index 74d352c..0000000
--- a/lib/attr.c
+++ /dev/null
@@ -1,48 +0,0 @@
-/* Copyright 2010, 2011 NORDUnet A/S. All rights reserved.
- See LICENSE for licensing information. */
-
-/* NOTE: This file is not in use at the moment (libradsec-0.0.1). */
-
-#if defined HAVE_CONFIG_H
-#include <config.h>
-#endif
-
-#include <radius/client.h>
-#include <radsec/radsec.h>
-#include <radsec/radsec-impl.h>
-
-int
-rs_attr_create(struct rs_connection *conn,
- struct rs_attr **attr,
- const char *type,
- const char *val)
-{
- VALUE_PAIR *vp;
- struct rs_attr *a;
-
- *attr = NULL;
- a = (struct rs_attr *) malloc (sizeof(struct rs_attr));
- if (!a)
- return rs_err_conn_push_fl (conn, RSE_NOMEM, __FILE__, __LINE__, NULL);
- memset (a, 0, sizeof(struct rs_attr));
-
- vp = pairmake (type, val, T_OP_EQ);
- if (!vp)
- {
- rs_attr_destroy (a);
- return rs_err_conn_push_fl (conn, RSE_FR, __FILE__, __LINE__,
- "pairmake: %s", fr_strerror ());
- }
-
- a->vp = vp;
- *attr = a;
- return RSE_OK;
-}
-
-void
-rs_attr_destroy (struct rs_attr *attr)
-{
- if (attr->vp)
- pairfree (&attr->vp);
- free (attr);
-}
diff --git a/lib/avp.c b/lib/avp.c
index c60d9ef..11c56db 100644
--- a/lib/avp.c
+++ b/lib/avp.c
@@ -1,5 +1,5 @@
/* Copyright 2011 JANET(UK). All rights reserved.
- See LICENSE for licensing information. */
+ See LICENSE for licensing information. */
#if defined HAVE_CONFIG_H
#include <config.h>
diff --git a/lib/compat.c b/lib/compat.c
index c09e795..7c4e346 100644
--- a/lib/compat.c
+++ b/lib/compat.c
@@ -1,5 +1,5 @@
/* Copyright 2011 NORDUnet A/S. All rights reserved.
- See LICENSE for licensing information. */
+ See LICENSE for licensing information. */
#if defined HAVE_CONFIG_H
#include <config.h>
diff --git a/lib/compat.h b/lib/compat.h
index 63de65f..bb43e9b 100644
--- a/lib/compat.h
+++ b/lib/compat.h
@@ -1,5 +1,5 @@
-/* Copyright 2011,2013 NORDUnet A/S. All rights reserved.
- See LICENSE for licensing information. */
+/* Copyright 2011 NORDUnet A/S. All rights reserved.
+ See LICENSE for licensing information. */
#ifdef _WIN32
#define INLINE __inline
diff --git a/lib/conf.c b/lib/conf.c
index d5a9d0d..564d793 100644
--- a/lib/conf.c
+++ b/lib/conf.c
@@ -1,4 +1,4 @@
-/* Copyright 2010, 2011, 2013 NORDUnet A/S. All rights reserved.
+/* Copyright 2010-2013 NORDUnet A/S. All rights reserved.
See LICENSE for licensing information. */
#if defined HAVE_CONFIG_H
diff --git a/lib/configure.ac b/lib/configure.ac
index 4aacfed..b8b3231 100644
--- a/lib/configure.ac
+++ b/lib/configure.ac
@@ -1,6 +1,6 @@
# -*- Autoconf -*- script for libradsec.
-AC_PREREQ([2.65])
+AC_PREREQ([2.63])
AC_INIT([libradsec], [0.2.0.dev], [linus+libradsec@nordu.net])
AC_CONFIG_MACRO_DIR([m4])
AC_CONFIG_SRCDIR([radsec.c])
@@ -53,10 +53,10 @@ AC_TYPE_UINT8_T
# Checks for library functions.
AC_CHECK_FUNCS([memset socket strdup strerror strrchr])
-AC_CONFIG_FILES([Makefile
+AC_CONFIG_FILES([Makefile libradsec.spec
radsecproxy/Makefile
- radius/Makefile
- include/Makefile
+ radius/Makefile
+ include/Makefile
examples/Makefile
tests/Makefile])
AC_OUTPUT
diff --git a/lib/conn.c b/lib/conn.c
index 4c9158c..a65b361 100644
--- a/lib/conn.c
+++ b/lib/conn.c
@@ -1,4 +1,4 @@
-/* Copyright 2010,2011,2013 NORDUnet A/S. All rights reserved.
+/* Copyright 2010-2013 NORDUnet A/S. All rights reserved.
See LICENSE for licensing information. */
#if defined HAVE_CONFIG_H
@@ -34,16 +34,18 @@ conn_user_dispatch_p (const struct rs_connection *conn)
int
conn_activate_timeout (struct rs_connection *conn)
{
+ const struct rs_conn_base *connbase;
assert (conn);
+ connbase = TO_BASE_CONN (conn);
+ assert (connbase->ctx);
+ assert (connbase->ctx->evb);
assert (conn->tev);
- assert (conn->base_.ctx->evb);
- if (conn->base_.timeout.tv_sec || conn->base_.timeout.tv_usec)
+ if (connbase->timeout.tv_sec || connbase->timeout.tv_usec)
{
rs_debug (("%s: activating timer: %d.%d\n", __func__,
- conn->base_.timeout.tv_sec, conn->base_.timeout.tv_usec));
- if (evtimer_add (conn->tev, &conn->base_.timeout))
- return rs_err_conn_push_fl (conn, RSE_EVENT, __FILE__, __LINE__,
- "evtimer_add: %d", errno);
+ connbase->timeout.tv_sec, connbase->timeout.tv_usec));
+ if (evtimer_add (conn->tev, &connbase->timeout))
+ return rs_err_conn_push (conn, RSE_EVENT, "evtimer_add: %d", errno);
}
return RSE_OK;
}
@@ -73,9 +75,9 @@ int
conn_cred_psk (const struct rs_connection *conn)
{
assert (conn);
- assert (conn->active_peer);
- return conn->active_peer->transport_cred &&
- conn->active_peer->transport_cred->type == RS_CRED_TLS_PSK;
+ return conn->active_peer != NULL
+ && conn->active_peer->transport_cred
+ && conn->active_peer->transport_cred->type == RS_CRED_TLS_PSK;
}
void
@@ -249,8 +251,31 @@ rs_conn_add_listener (struct rs_connection *conn,
int
rs_conn_disconnect (struct rs_connection *conn)
{
- int err = baseconn_close (TO_BASE_CONN (conn));
- conn->state = RS_CONN_STATE_UNDEFINED;
+ int err = 0;
+
+ assert (conn);
+
+ if (conn->state == RS_CONN_STATE_CONNECTED)
+ event_on_disconnect (conn);
+
+ if (TO_BASE_CONN (conn)->bev)
+ {
+ bufferevent_free (TO_BASE_CONN (conn)->bev);
+ TO_BASE_CONN (conn)->bev = NULL;
+ }
+ if (TO_BASE_CONN (conn)->rev)
+ {
+ event_free (TO_BASE_CONN (conn)->rev);
+ TO_BASE_CONN (conn)->rev = NULL;
+ }
+ if (TO_BASE_CONN (conn)->wev)
+ {
+ event_free (TO_BASE_CONN (conn)->wev);
+ TO_BASE_CONN (conn)->wev = NULL;
+ }
+
+ err = evutil_closesocket (TO_BASE_CONN (conn)->fd);
+ TO_BASE_CONN (conn)->fd = -1;
return err;
}
diff --git a/lib/debug.c b/lib/debug.c
index 4d30846..66264e5 100644
--- a/lib/debug.c
+++ b/lib/debug.c
@@ -1,5 +1,5 @@
/* Copyright 2011 NORDUnet A/S. All rights reserved.
- See LICENSE for licensing information. */
+ See LICENSE for licensing information. */
#if defined HAVE_CONFIG_H
#include <config.h>
diff --git a/lib/debug.h b/lib/debug.h
index 7befa7e..f979528 100644
--- a/lib/debug.h
+++ b/lib/debug.h
@@ -1,5 +1,5 @@
/* Copyright 2011 NORDUnet A/S. All rights reserved.
- See LICENSE for licensing information. */
+ See LICENSE for licensing information. */
#define hd(p, l) { int i; \
for (i = 1; i <= l; i++) { \
diff --git a/lib/event.c b/lib/event.c
index fadcc14..dcf7e1c 100644
--- a/lib/event.c
+++ b/lib/event.c
@@ -1,4 +1,4 @@
-/* Copyright 2011,2013 NORDUnet A/S. All rights reserved.
+/* Copyright 2011-2013 NORDUnet A/S. All rights reserved.
See LICENSE for licensing information. */
#if defined HAVE_CONFIG_H
diff --git a/lib/event.h b/lib/event.h
index 63fccc5..83f24f2 100644
--- a/lib/event.h
+++ b/lib/event.h
@@ -1,4 +1,4 @@
-/* Copyright 2011,2013 NORDUnet A/S. All rights reserved.
+/* Copyright 2011-2013 NORDUnet A/S. All rights reserved.
See LICENSE for licensing information. */
void event_on_disconnect (struct rs_connection *conn);
diff --git a/lib/examples/Makefile.am b/lib/examples/Makefile.am
index d86f4f8..63b6abe 100644
--- a/lib/examples/Makefile.am
+++ b/lib/examples/Makefile.am
@@ -1,6 +1,6 @@
AUTOMAKE_OPTIONS = foreign
-INCLUDES = -I$(top_srcdir)/include
-AM_CFLAGS = -Wall -Werror -g -DDEBUG -DDEBUG_LEVENT
+INCLUDES = -I$(top_srcdir)/include -I$(top_srcdir)
+AM_CFLAGS = -Wall -Werror -g #-DDEBUG -DDEBUG_LEVENT
LDADD = ../libradsec.la #-lefence
CFLAGS = $(AM_CFLAGS) -DUSE_CONFIG_FILE
diff --git a/lib/examples/client-blocking.c b/lib/examples/client-blocking.c
index 82a4453..bebde65 100644
--- a/lib/examples/client-blocking.c
+++ b/lib/examples/client-blocking.c
@@ -78,7 +78,7 @@ blocking_client (const char *av1, const char *av2, const char *av3,
if (use_request_object_flag)
{
- if (rs_request_create_authn (conn, &request, USER_NAME, USER_PW, SECRET))
+ if (rs_request_create_authn (conn, &request, USER_NAME, USER_PW))
goto cleanup;
if (rs_request_send (request, &resp))
goto cleanup;
diff --git a/lib/include/radsec/radsec-impl.h b/lib/include/radsec/radsec-impl.h
index 28e9e4c..7da00dd 100644
--- a/lib/include/radsec/radsec-impl.h
+++ b/lib/include/radsec/radsec-impl.h
@@ -1,7 +1,7 @@
/** @file libradsec-impl.h
@brief Libraray internal header file for libradsec. */
-/* Copyright 2010,2011,2013 NORDUnet A/S. All rights reserved.
+/* Copyright 2010-2013 NORDUnet A/S. All rights reserved.
See LICENSE for licensing information. */
#ifndef _RADSEC_RADSEC_IMPL_H_
@@ -132,7 +132,6 @@ struct rs_conn_base {
struct event *rev; /* Read event (for UDP). */
};
-
enum rs_conn_state {
RS_CONN_STATE_UNDEFINED = 0,
RS_CONN_STATE_CONNECTING,
diff --git a/lib/include/radsec/radsec.h b/lib/include/radsec/radsec.h
index 2858f9e..6b319d3 100644
--- a/lib/include/radsec/radsec.h
+++ b/lib/include/radsec/radsec.h
@@ -1,7 +1,7 @@
/** \file radsec.h
\brief Public interface for libradsec. */
-/* Copyright 2010,2011,2013 NORDUnet A/S. All rights reserved.
+/* Copyright 2010-2013 NORDUnet A/S. All rights reserved.
See LICENSE for licensing information. */
#ifndef _RADSEC_RADSEC_H_
@@ -31,7 +31,6 @@ enum rs_error_code {
RSE_INVALID_CTX = 3,
RSE_INVALID_CONN = 4,
RSE_CONN_TYPE_MISMATCH = 5,
- RSE_FR = 6,
RSE_BADADDR = 7,
RSE_NOPEER = 8,
RSE_EVENT = 9, /* libevent error. */
@@ -373,10 +372,19 @@ void rs_message_destroy(struct rs_message *msg);
\a rs_message_send and it blocks until the message has been
succesfully sent.
+ Note that sending can fail in several ways, f.ex. if the
+ transmission protocol in use is connection oriented
+ (\a RS_CONN_TYPE_TCP and \a RS_CONN_TYPE_TLS) and the connection
+ can not be established.
+
+ Also note that no retransmission is being done. This is required
+ for connectionless transport protocols (\a RS_CONN_TYPE_UDP and
+ \a RS_CONN_TYPE_DTLS). The "request" API with \a rs_request_send can
+ help with this.
+
\return On success, RSE_OK (0) is returned. On error, !0 is
returned and a struct \a rs_error is pushed on the error stack for
- the connection. The error can be accessed using \a
- rs_err_conn_pop. */
+ the connection. The error can be accessed using \a rs_err_conn_pop. */
int rs_message_send(struct rs_message *msg);
/** Create a RADIUS authentication request message associated with
diff --git a/lib/include/radsec/request-impl.h b/lib/include/radsec/request-impl.h
index dbb4244..685a666 100644
--- a/lib/include/radsec/request-impl.h
+++ b/lib/include/radsec/request-impl.h
@@ -1,4 +1,4 @@
-/* Copyright 2010, 2011 NORDUnet A/S. All rights reserved.
+/* Copyright 2010-2011 NORDUnet A/S. All rights reserved.
See LICENSE for licensing information. */
#ifndef _RADSEC_REQUEST_IMPL_H_
diff --git a/lib/include/radsec/request.h b/lib/include/radsec/request.h
index b78411a..c686de3 100644
--- a/lib/include/radsec/request.h
+++ b/lib/include/radsec/request.h
@@ -1,7 +1,7 @@
/** \file request.h
\brief Public interface for libradsec request's. */
-/* Copyright 2010, 2011 NORDUnet A/S. All rights reserved.
+/* Copyright 2010-2013 NORDUnet A/S. All rights reserved.
See LICENSE for licensing information. */
#ifndef _RADSEC_REQUEST_H_
@@ -24,16 +24,13 @@ int rs_request_create(struct rs_connection *conn, struct rs_request **req_out);
void rs_request_add_reqmsg(struct rs_request *req, struct rs_message *req_msg);
/** Create a request associated with connection \a conn containing a
- newly created RADIUS authentication message, possibly with
- \a user_name and \a user_pw attributes. \a user_name and \a user_pw
- are optional and can be NULL. If \a user_name and \a user_pw are provided,
- \a secret must also be provided. \a secret is used for "hiding" the
- password. */
+ newly created RADIUS authentication message, possibly with \a
+ user_name and \a user_pw attributes. \a user_name and _user_pw
+ are optional and can be NULL. */
int rs_request_create_authn(struct rs_connection *conn,
struct rs_request **req_out,
const char *user_name,
- const char *user_pw,
- const char *secret);
+ const char *user_pw);
/** Send request \a req and wait for a matching response. The
response is put in \a resp_msg (if not NULL). NOTE: At present,
diff --git a/lib/libradsec.spec.in b/lib/libradsec.spec.in
new file mode 100644
index 0000000..97d6178
--- /dev/null
+++ b/lib/libradsec.spec.in
@@ -0,0 +1,77 @@
+Name: @PACKAGE@
+Version: @PACKAGE_VERSION@
+Release: 1%{?dist}
+Summary: RADIUS over TLS library
+
+Group: System Environment/Libraries
+License: BSD
+URL: http://software.uninett.no/radsecproxy/?page=documentation
+Source0: %{name}-%{version}.tar.gz
+BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
+
+
+
+BuildRequires: openssl-devel
+BuildRequires: libconfuse-devel
+BuildRequires: autoconf
+BuildRequires: automake
+BuildRequires: libtool
+BuildRequires: libevent-devel >= 2.0
+
+
+
+%description
+ Libradsec is a RADIUS over TLS library.
+
+
+%package devel
+Summary: Development files for %{name}
+Group: Development/Libraries
+Requires: %{name} = %{version}-%{release}
+
+%description devel
+The %{name}-devel package contains libraries and header files for
+developing applications that use %{name}.
+
+
+%prep
+%setup -q
+
+
+%build
+ export CPPFLAGS='-I%{_includedir}'
+ export LDFLAGS='-L%{_libdir}'
+%configure --disable-static
+make %{?_smp_mflags}
+
+
+%install
+rm -rf $RPM_BUILD_ROOT
+make install DESTDIR=$RPM_BUILD_ROOT
+find $RPM_BUILD_ROOT -name '*.la' -exec rm -f {} ';'
+
+
+%clean
+rm -rf $RPM_BUILD_ROOT
+
+
+%post -p /sbin/ldconfig
+
+%postun -p /sbin/ldconfig
+
+
+%files
+%defattr(-,root,root,-)
+%doc README
+%{_libdir}/*.so.*
+
+%files devel
+%defattr(-,root,root,-)
+%{_includedir}/*
+%{_libdir}/*.so
+
+
+%changelog
+* Tue Sep 27 2011 <hartmans@moonbuildcentos.dev.ja.net> - %{version}-1
+- initial version
+
diff --git a/lib/md5.c b/lib/md5.c
index 7d43a60..f4ac436 100644
--- a/lib/md5.c
+++ b/lib/md5.c
@@ -89,9 +89,9 @@
* This processes one or more 64-byte data blocks, but does NOT update
* the bit counters. There are no alignment requirements.
*/
-static void *body(MD5_CTX *ctx, void *data, unsigned long size)
+static const void *body(MD5_CTX *ctx, const void *data, unsigned long size)
{
- unsigned char *ptr;
+ const unsigned char *ptr;
MD5_u32plus a, b, c, d;
MD5_u32plus saved_a, saved_b, saved_c, saved_d;
@@ -207,7 +207,7 @@ void MD5_Init(MD5_CTX *ctx)
ctx->hi = 0;
}
-void MD5_Update(MD5_CTX *ctx, void *data, unsigned long size)
+void MD5_Update(MD5_CTX *ctx, const void *data, unsigned long size)
{
MD5_u32plus saved_lo;
unsigned long used, free;
diff --git a/lib/md5.h b/lib/md5.h
index f1a6857..2da44bf 100644
--- a/lib/md5.h
+++ b/lib/md5.h
@@ -39,7 +39,7 @@ typedef struct {
} MD5_CTX;
extern void MD5_Init(MD5_CTX *ctx);
-extern void MD5_Update(MD5_CTX *ctx, void *data, unsigned long size);
+extern void MD5_Update(MD5_CTX *ctx, const void *data, unsigned long size);
extern void MD5_Final(unsigned char *result, MD5_CTX *ctx);
#endif
diff --git a/lib/peer.c b/lib/peer.c
index bbc3bf5..0504bad 100644
--- a/lib/peer.c
+++ b/lib/peer.c
@@ -1,4 +1,4 @@
-/* Copyright 2010,2011,2013 NORDUnet A/S. All rights reserved.
+/* Copyright 2010-2013 NORDUnet A/S. All rights reserved.
See LICENSE for licensing information. */
#if defined HAVE_CONFIG_H
diff --git a/lib/radius/Makefile.am b/lib/radius/Makefile.am
index 92a12cf..c827465 100644
--- a/lib/radius/Makefile.am
+++ b/lib/radius/Makefile.am
@@ -18,13 +18,18 @@ libradsec_radius_la_SOURCES = \
static.c \
valuepair.c
+libradsec_radius_la_SOURCES += client.h
+
libradsec_radius_la_CFLAGS = $(AM_CFLAGS) -DHAVE_CONFIG_H
DICTIONARIES = \
share/dictionary.txt \
share/dictionary.juniper \
share/dictionary.microsoft \
- share/dictionary.ukerna
+ share/dictionary.ukerna \
+ share/dictionary.abfab.ietf
+
+EXTRA_DIST = dictionaries.c $(DICTIONARIES) common.pl convert.pl
$(top_srcdir)/include/radsec/radius.h dictionaries.c: ${DICTIONARIES} convert.pl common.pl
$(srcdir)/convert.pl ${DICTIONARIES}
@@ -35,4 +40,3 @@ clean-local:
rm -f dictionaries.c
$(libradsec_radius_la_SOURCES): $(top_srcdir)/include/radsec/radius.h
-
diff --git a/lib/radius/share/dictionary.abfab.ietf b/lib/radius/share/dictionary.abfab.ietf
new file mode 100644
index 0000000..b60702c
--- /dev/null
+++ b/lib/radius/share/dictionary.abfab.ietf
@@ -0,0 +1,4 @@
+ATTRIBUTE GSS-Acceptor-Service-Name 164 string
+ATTRIBUTE GSS-Acceptor-Host-Name 165 string
+ATTRIBUTE GSS-Acceptor-Service-Specifics 166 string
+ATTRIBUTE GSS-Acceptor-Realm-Name 167 string
diff --git a/lib/radius/share/dictionary.ukerna b/lib/radius/share/dictionary.ukerna
index 0e35d43..7d9d22d 100644
--- a/lib/radius/share/dictionary.ukerna
+++ b/lib/radius/share/dictionary.ukerna
@@ -9,10 +9,10 @@ VENDOR UKERNA 25622
BEGIN-VENDOR UKERNA
-ATTRIBUTE GSS-Acceptor-Service-Name 128 string
-ATTRIBUTE GSS-Acceptor-Host-Name 129 string
-ATTRIBUTE GSS-Acceptor-Service-Specific 130 string
-ATTRIBUTE GSS-Acceptor-Realm-Name 131 string
+ATTRIBUTE GSS-Acceptor-Service-Name-VS 128 string
+ATTRIBUTE GSS-Acceptor-Host-Name-VS 129 string
+ATTRIBUTE GSS-Acceptor-Service-Specific-VS 130 string
+ATTRIBUTE GSS-Acceptor-Realm-Name-VS 131 string
ATTRIBUTE SAML-AAA-Assertion 132 string
ATTRIBUTE MS-Windows-Auth-Data 133 octets
ATTRIBUTE MS-Windows-Group-Sid 134 string
diff --git a/lib/radsec.c b/lib/radsec.c
index 48fe221..fed02c3 100644
--- a/lib/radsec.c
+++ b/lib/radsec.c
@@ -1,5 +1,5 @@
-/* Copyright 2010, 2011 NORDUnet A/S. All rights reserved.
- See LICENSE for licensing information. */
+/* Copyright 2010-2013 NORDUnet A/S. All rights reserved.
+ See LICENSE for licensing information. */
#if defined HAVE_CONFIG_H
#include <config.h>
diff --git a/lib/radsec.h b/lib/radsec.h
index c8fa2fb..703e44b 100644
--- a/lib/radsec.h
+++ b/lib/radsec.h
@@ -1,5 +1,5 @@
/* Copyright 2012 NORDUnet A/S. All rights reserved.
- See LICENSE for licensing information. */
+ See LICENSE for licensing information. */
struct rs_error *rs_resolve (struct evutil_addrinfo **addr,
rs_conn_type_t type,
diff --git a/lib/radsecproxy/Makefile.am b/lib/radsecproxy/Makefile.am
index 0d4a882..962f367 100644
--- a/lib/radsecproxy/Makefile.am
+++ b/lib/radsecproxy/Makefile.am
@@ -7,12 +7,17 @@ AM_CFLAGS = -Wall -Werror -g
noinst_LTLIBRARIES = libradsec-radsecproxy.la
libradsec_radsecproxy_la_SOURCES = \
- debug.c \
- hash.c \
- list.c \
- util.c
+ debug.c debug.h \
+ gconfig.h \
+ hash.c hash.h \
+ hostport_types.h \
+ list.c list.h \
+ radmsg.h \
+ radsecproxy.h \
+ tlv11.h \
+ util.c util.h
if RS_ENABLE_TLS
libradsec_radsecproxy_la_SOURCES += \
- tlscommon.c
+ tlscommon.c tlscommon.h
endif
diff --git a/lib/request.c b/lib/request.c
index 611cbdf..b75dd92 100644
--- a/lib/request.c
+++ b/lib/request.c
@@ -1,5 +1,5 @@
-/* Copyright 2010,2011,2013 NORDUnet A/S. All rights reserved.
- See LICENSE for licensing information. */
+/* Copyright 2010-2013 NORDUnet A/S. All rights reserved.
+ See LICENSE for licensing information. */
#if defined HAVE_CONFIG_H
#include <config.h>
@@ -51,8 +51,7 @@ int
rs_request_create_authn (struct rs_connection *conn,
struct rs_request **req_out,
const char *user_name,
- const char *user_pw,
- const char *secret)
+ const char *user_pw)
{
struct rs_request *req = NULL;
assert (req_out);
diff --git a/lib/send.c b/lib/send.c
index 3ed6c93..34d1c70 100644
--- a/lib/send.c
+++ b/lib/send.c
@@ -1,5 +1,5 @@
/* Copyright 2011,2013 NORDUnet A/S. All rights reserved.
- See LICENSE for licensing information. */
+ See LICENSE for licensing information. */
#if defined HAVE_CONFIG_H
#include <config.h>
diff --git a/lib/tcp.c b/lib/tcp.c
index 7264244..8c7263f 100644
--- a/lib/tcp.c
+++ b/lib/tcp.c
@@ -1,5 +1,5 @@
-/* Copyright 2011,2013 NORDUnet A/S. All rights reserved.
- See LICENSE for licensing information. */
+/* Copyright 2011-2013 NORDUnet A/S. All rights reserved.
+ See LICENSE for licensing information. */
#if defined HAVE_CONFIG_H
#include <config.h>
@@ -37,9 +37,14 @@ _read_header (struct rs_message *msg)
msg->flags |= RS_MESSAGE_HEADER_READ;
msg->rpkt->length = (msg->hdr[2] << 8) + msg->hdr[3];
if (msg->rpkt->length < 20 || msg->rpkt->length > RS_MAX_PACKET_LEN)
- return rs_err_conn_push (msg->conn, RSE_INVALID_MSG,
- "invalid message length: %d",
- msg->rpkt->length);
+ {
+ rs_debug (("%s: invalid packet length: %d\n", __func__,
+ msg->rpkt->length));
+ rs_conn_disconnect (msg->conn);
+ return rs_err_conn_push (msg->conn, RSE_INVALID_MSG,
+ "invalid message length: %d",
+ msg->rpkt->length);
+ }
memcpy (msg->rpkt->data, msg->hdr, RS_HEADER_LEN);
bufferevent_setwatermark (TO_BASE_CONN(msg->conn)->bev, EV_READ,
msg->rpkt->length - RS_HEADER_LEN, 0);
@@ -49,8 +54,13 @@ _read_header (struct rs_message *msg)
else if (n < 0)
rs_debug (("%s: buffer frozen while reading header\n", __func__));
else /* Error: libevent gave us less than the low watermark. */
- return rs_err_conn_push_fl (msg->conn, RSE_INTERNAL, __FILE__, __LINE__,
- "got %d octets reading header", n);
+ {
+ rs_debug (("%s: got: %d octets reading header\n", __func__, n));
+ rs_conn_disconnect (msg->conn);
+ return rs_err_conn_push (msg->conn, RSE_INTERNAL,
+ "got %d octets reading header", n);
+ }
+
return RSE_OK;
}
@@ -90,8 +100,11 @@ _read_message (struct rs_message *msg)
- attribute sizes adding up correctly */
err = nr_packet_ok (msg->rpkt);
if (err)
- return rs_err_conn_push_fl (msg->conn, err, __FILE__, __LINE__,
- "invalid message");
+ {
+ rs_debug (("%s: %d: invalid packet\n", __func__, -err));
+ rs_conn_disconnect (msg->conn);
+ return rs_err_conn_push (msg->conn, -err, "invalid message");
+ }
#if defined (DEBUG)
/* Find out what happens if there's data left in the buffer. */
@@ -147,8 +160,7 @@ tcp_read_cb (struct bufferevent *bev, void *user_data)
if ((msg->flags & RS_MESSAGE_HEADER_READ) == 0)
if (_read_header (msg))
return; /* Invalid header. */
- if (_read_message (msg))
- return; /* Invalid message. */
+ _read_message (msg);
}
void
diff --git a/lib/tcp.h b/lib/tcp.h
index d945fda..eddc4c8 100644
--- a/lib/tcp.h
+++ b/lib/tcp.h
@@ -1,5 +1,5 @@
/* Copyright 2011 NORDUnet A/S. All rights reserved.
- See LICENSE for licensing information. */
+ See LICENSE for licensing information. */
void tcp_event_cb (struct bufferevent *bev, short events, void *user_data);
void tcp_read_cb (struct bufferevent *bev, void *user_data);
diff --git a/lib/tests/Makefile.am b/lib/tests/Makefile.am
index 30f5e0f..fcd016b 100644
--- a/lib/tests/Makefile.am
+++ b/lib/tests/Makefile.am
@@ -1,16 +1,15 @@
AUTOMAKE_OPTIONS = foreign
-INCLUDES = -I$(top_srcdir)/include
+INCLUDES = -I$(top_srcdir)/include -I$(top_srcdir)
AM_CFLAGS = -Wall -Werror -g
TESTS = test-udp
check_PROGRAMS = test-udp udp-server tls-server
-test_udp_SOURCES = test-udp.c udp.c
-test_udp_LDADD = ../libradsec.la -lcgreen -lm
+test_udp_SOURCES = test-udp.c udp.c udp.h
+test_udp_LDADD = ../libradsec.la -lcunit -lm
-udp_server_SOURCES = udp-server.c udp.c
+udp_server_SOURCES = udp-server.c udp.c udp.h
tls_server_SOURCES = server.c
tls_server_LDADD = ../libradsec.la
-
diff --git a/lib/tests/README b/lib/tests/README
index 4d68bde..33bddc1 100644
--- a/lib/tests/README
+++ b/lib/tests/README
@@ -1,8 +1,14 @@
+This is the README file for the test directory of libradsec.
+
Build
-----
-In order to build and run the tests, you'll need to have libcgreen
-installed (http://www.lastcraft.com/cgreen.php).
+In order to build and run the tests, you'll need to have CUnit
+installed.
+
+Source code: http://cunit.sourceforge.net/
+Debian package: libcunit1-dev
+FreeBSD port: devel/cunit
Run
@@ -23,12 +29,11 @@ Run the tests by typing
The output should read something like
- Completed "main": 32 passes, 0 failures, 0 exceptions.
-
-
-When trying to debug the test programs under GDB you might run into
-trouble with multiple threads being executed by the test framework.
-If so, make sure to run a single test rather than the full test suite.
-For example:
-
- libtool --mode execute gdb --args test-udp test_auth
+ --Run Summary: Type Total Ran Passed Failed
+ suites 2 2 n/a 0
+ tests 2 2 2 0
+ asserts 23 23 23 0
+ PASS: test-udp
+ =============
+ 1 test passed
+ =============
diff --git a/lib/tests/demoCA/index.txt b/lib/tests/demoCA/index.txt
index d28b575..51f934f 100644
--- a/lib/tests/demoCA/index.txt
+++ b/lib/tests/demoCA/index.txt
@@ -1,3 +1,3 @@
-V 240216122242Z 01 unknown /C=SE/ST=Bogus State/O=Bogus Ltd/OU=Bogus/CN=My Bogus CA for testing libradsec
-V 240216123520Z 02 unknown /C=SE/ST=Bogus State/O=Bogus Ltd/OU=Bogus/CN=My Bogus Certificate for testing libradsec
-V 240216150052Z 03 unknown /C=SE/ST=Bogus State/O=Bogus Ltd/OU=Bogus/CN=My Bogus Client Certificate for testing libradsec
+V 250806115449Z 01 unknown /C=AU/ST=Some-State/O=Internet Widgits Pty Ltd/CN=ca
+V 250806115457Z 02 unknown /C=AU/ST=Some-State/O=Internet Widgits Pty Ltd/CN=srv1
+V 250806115504Z 03 unknown /C=AU/ST=Some-State/O=Internet Widgits Pty Ltd/CN=cli1
diff --git a/lib/tests/demoCA/newcerts/01.pem b/lib/tests/demoCA/newcerts/01.pem
index 79fa539..29cb5ee 100644
--- a/lib/tests/demoCA/newcerts/01.pem
+++ b/lib/tests/demoCA/newcerts/01.pem
@@ -2,51 +2,45 @@ Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1 (0x1)
- Signature Algorithm: sha1WithRSAEncryption
- Issuer: C=SE, ST=Bogus State, O=Bogus Ltd, OU=Bogus, CN=My Bogus CA for testing libradsec
+ Signature Algorithm: sha1WithRSAEncryption
+ Issuer: C=AU, ST=Some-State, O=Internet Widgits Pty Ltd, CN=ca
Validity
- Not Before: Mar 25 12:22:42 2011 GMT
- Not After : Feb 16 12:22:42 2024 GMT
- Subject: C=SE, ST=Bogus State, O=Bogus Ltd, OU=Bogus, CN=My Bogus CA for testing libradsec
+ Not Before: Sep 12 11:54:49 2012 GMT
+ Not After : Aug 6 11:54:49 2025 GMT
+ Subject: C=AU, ST=Some-State, O=Internet Widgits Pty Ltd, CN=ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
- RSA Public Key: (512 bit)
- Modulus (512 bit):
- 00:aa:27:7d:3b:29:12:1e:39:8d:9f:43:ad:ae:83:
- 6f:22:88:08:07:92:b9:1d:d4:88:5f:58:b9:76:ec:
- 4a:e9:c9:6a:73:ed:70:66:5e:6f:dc:02:15:9f:dd:
- 7a:5f:cc:3b:98:8a:27:b1:f5:98:fb:6b:c7:ab:5e:
- 5e:ea:3c:c4:5f
+ Public-Key: (512 bit)
+ Modulus:
+ 00:eb:9e:52:bf:1a:7c:32:63:9f:96:80:71:f1:98:
+ 87:90:97:f1:7a:4a:81:6d:66:7e:8e:7c:50:5f:f9:
+ 6e:94:1a:b0:7b:46:87:b5:9e:23:48:04:ad:f3:55:
+ a1:f9:31:50:a1:10:ab:ca:ba:70:ac:58:95:4e:9d:
+ 3a:2b:52:36:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
- 5A:9B:BA:E8:A6:9B:E9:78:73:1E:0B:83:00:49:94:46:13:9C:1C:89
+ 11:57:40:0B:F0:33:2F:AE:C2:DA:A4:3A:00:BA:E9:34:B3:75:20:05
X509v3 Authority Key Identifier:
- keyid:5A:9B:BA:E8:A6:9B:E9:78:73:1E:0B:83:00:49:94:46:13:9C:1C:89
- DirName:/C=SE/ST=Bogus State/O=Bogus Ltd/OU=Bogus/CN=My Bogus CA for testing libradsec
- serial:01
+ keyid:11:57:40:0B:F0:33:2F:AE:C2:DA:A4:3A:00:BA:E9:34:B3:75:20:05
X509v3 Basic Constraints:
CA:TRUE
Signature Algorithm: sha1WithRSAEncryption
- 18:a2:21:92:a6:2a:e0:a4:4d:57:c0:89:94:5c:b0:26:64:f8:
- b1:0c:97:f8:cd:d5:af:c8:38:3e:a3:68:47:82:e1:a6:2e:63:
- 97:4d:c0:79:f5:9a:ff:38:67:10:d6:22:61:44:89:84:50:85:
- ee:38:87:6d:4f:06:10:36:33:39
+ 15:12:3b:79:3d:61:d2:c7:d2:a8:0c:df:82:ea:66:76:26:cb:
+ ab:b5:83:a3:52:a0:23:1a:a9:92:8e:93:41:f7:6c:3f:8a:2c:
+ bd:32:3d:70:3f:b6:fd:f2:37:50:0a:66:8c:1c:44:bf:ef:50:
+ 24:33:bd:48:47:04:ee:8c:61:88
-----BEGIN CERTIFICATE-----
-MIICqDCCAlKgAwIBAgIBATANBgkqhkiG9w0BAQUFADBzMQswCQYDVQQGEwJTRTEU
-MBIGA1UECBMLQm9ndXMgU3RhdGUxEjAQBgNVBAoTCUJvZ3VzIEx0ZDEOMAwGA1UE
-CxMFQm9ndXMxKjAoBgNVBAMTIU15IEJvZ3VzIENBIGZvciB0ZXN0aW5nIGxpYnJh
-ZHNlYzAeFw0xMTAzMjUxMjIyNDJaFw0yNDAyMTYxMjIyNDJaMHMxCzAJBgNVBAYT
-AlNFMRQwEgYDVQQIEwtCb2d1cyBTdGF0ZTESMBAGA1UEChMJQm9ndXMgTHRkMQ4w
-DAYDVQQLEwVCb2d1czEqMCgGA1UEAxMhTXkgQm9ndXMgQ0EgZm9yIHRlc3Rpbmcg
-bGlicmFkc2VjMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKonfTspEh45jZ9Dra6D
-byKICAeSuR3UiF9YuXbsSunJanPtcGZeb9wCFZ/del/MO5iKJ7H1mPtrx6teXuo8
-xF8CAwEAAaOB0DCBzTAdBgNVHQ4EFgQUWpu66Kab6XhzHguDAEmURhOcHIkwgZ0G
-A1UdIwSBlTCBkoAUWpu66Kab6XhzHguDAEmURhOcHImhd6R1MHMxCzAJBgNVBAYT
-AlNFMRQwEgYDVQQIEwtCb2d1cyBTdGF0ZTESMBAGA1UEChMJQm9ndXMgTHRkMQ4w
-DAYDVQQLEwVCb2d1czEqMCgGA1UEAxMhTXkgQm9ndXMgQ0EgZm9yIHRlc3Rpbmcg
-bGlicmFkc2VjggEBMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADQQAYoiGS
-pirgpE1XwImUXLAmZPixDJf4zdWvyDg+o2hHguGmLmOXTcB59Zr/OGcQ1iJhRImE
-UIXuOIdtTwYQNjM5
+MIIB5TCCAY+gAwIBAgIBATANBgkqhkiG9w0BAQUFADBSMQswCQYDVQQGEwJBVTET
+MBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50ZXJuZXQgV2lkZ2l0cyBQ
+dHkgTHRkMQswCQYDVQQDDAJjYTAeFw0xMjA5MTIxMTU0NDlaFw0yNTA4MDYxMTU0
+NDlaMFIxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQK
+DBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxCzAJBgNVBAMMAmNhMFwwDQYJKoZI
+hvcNAQEBBQADSwAwSAJBAOueUr8afDJjn5aAcfGYh5CX8XpKgW1mfo58UF/5bpQa
+sHtGh7WeI0gErfNVofkxUKEQq8q6cKxYlU6dOitSNt8CAwEAAaNQME4wHQYDVR0O
+BBYEFBFXQAvwMy+uwtqkOgC66TSzdSAFMB8GA1UdIwQYMBaAFBFXQAvwMy+uwtqk
+OgC66TSzdSAFMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADQQAVEjt5PWHS
+x9KoDN+C6mZ2JsurtYOjUqAjGqmSjpNB92w/iiy9Mj1wP7b98jdQCmaMHES/71Ak
+M71IRwTujGGI
-----END CERTIFICATE-----
diff --git a/lib/tests/demoCA/newcerts/02.pem b/lib/tests/demoCA/newcerts/02.pem
index 4345003..2e1cccb 100644
--- a/lib/tests/demoCA/newcerts/02.pem
+++ b/lib/tests/demoCA/newcerts/02.pem
@@ -2,21 +2,21 @@ Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
- Signature Algorithm: sha1WithRSAEncryption
- Issuer: C=SE, ST=Bogus State, O=Bogus Ltd, OU=Bogus, CN=My Bogus CA for testing libradsec
+ Signature Algorithm: sha1WithRSAEncryption
+ Issuer: C=AU, ST=Some-State, O=Internet Widgits Pty Ltd, CN=ca
Validity
- Not Before: Mar 25 12:35:20 2011 GMT
- Not After : Feb 16 12:35:20 2024 GMT
- Subject: C=SE, ST=Bogus State, O=Bogus Ltd, OU=Bogus, CN=My Bogus Certificate for testing libradsec
+ Not Before: Sep 12 11:54:57 2012 GMT
+ Not After : Aug 6 11:54:57 2025 GMT
+ Subject: C=AU, ST=Some-State, O=Internet Widgits Pty Ltd, CN=srv1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
- RSA Public Key: (512 bit)
- Modulus (512 bit):
- 00:c3:e5:16:74:47:84:bb:26:bc:50:fe:dc:b5:70:
- 21:ad:21:b6:ff:cb:ac:b2:24:9e:08:75:39:5d:ba:
- f4:b1:59:f6:a8:14:02:62:c3:68:6d:f2:08:9b:fe:
- 66:5c:72:92:16:04:60:b5:08:83:66:28:3b:46:f0:
- cf:95:37:b7:d7
+ Public-Key: (512 bit)
+ Modulus:
+ 00:ac:21:78:6f:cb:1c:10:c2:71:7b:72:03:e3:4b:
+ b2:c7:f6:63:3f:69:d3:d3:48:e0:90:16:0f:5a:44:
+ f5:9c:ed:b9:6b:72:be:11:6e:26:09:32:0c:51:25:
+ 10:35:fe:a0:33:fe:cf:90:9f:2c:8b:3a:c5:98:86:
+ c2:a9:5c:ba:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
@@ -24,27 +24,26 @@ Certificate:
Netscape Comment:
OpenSSL Generated Certificate
X509v3 Subject Key Identifier:
- 89:23:42:95:2B:52:A4:77:FC:5E:59:CA:8D:E0:30:AF:D3:B5:C3:C2
+ 08:13:6F:A0:93:47:21:31:9F:02:79:A5:CF:24:4A:D1:0B:A7:10:09
X509v3 Authority Key Identifier:
- keyid:5A:9B:BA:E8:A6:9B:E9:78:73:1E:0B:83:00:49:94:46:13:9C:1C:89
+ keyid:11:57:40:0B:F0:33:2F:AE:C2:DA:A4:3A:00:BA:E9:34:B3:75:20:05
Signature Algorithm: sha1WithRSAEncryption
- 60:71:c8:00:ba:88:67:97:75:97:0a:f7:77:70:7d:dc:91:24:
- 35:5b:ce:5b:cf:24:00:9b:d1:8f:f0:63:58:76:24:f3:67:06:
- a3:ad:e3:43:13:30:d0:d4:62:64:d5:78:4a:aa:9c:13:bc:ea:
- 7c:99:8e:5f:b6:c6:5f:11:0d:c9
+ 2c:7e:61:65:48:cc:46:50:58:cc:9d:1b:b2:e7:2d:2b:72:e2:
+ a1:2f:2c:14:35:4d:b8:42:87:66:57:77:c4:02:17:fa:3c:db:
+ 83:3f:89:37:ae:f8:e9:00:fe:96:d8:4b:80:63:db:08:7a:c6:
+ e1:c7:59:ec:d9:76:4a:be:1a:19
-----BEGIN CERTIFICATE-----
-MIICWzCCAgWgAwIBAgIBAjANBgkqhkiG9w0BAQUFADBzMQswCQYDVQQGEwJTRTEU
-MBIGA1UECBMLQm9ndXMgU3RhdGUxEjAQBgNVBAoTCUJvZ3VzIEx0ZDEOMAwGA1UE
-CxMFQm9ndXMxKjAoBgNVBAMTIU15IEJvZ3VzIENBIGZvciB0ZXN0aW5nIGxpYnJh
-ZHNlYzAeFw0xMTAzMjUxMjM1MjBaFw0yNDAyMTYxMjM1MjBaMHwxCzAJBgNVBAYT
-AlNFMRQwEgYDVQQIEwtCb2d1cyBTdGF0ZTESMBAGA1UEChMJQm9ndXMgTHRkMQ4w
-DAYDVQQLEwVCb2d1czEzMDEGA1UEAxMqTXkgQm9ndXMgQ2VydGlmaWNhdGUgZm9y
-IHRlc3RpbmcgbGlicmFkc2VjMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAMPlFnRH
-hLsmvFD+3LVwIa0htv/LrLIkngh1OV269LFZ9qgUAmLDaG3yCJv+ZlxykhYEYLUI
-g2YoO0bwz5U3t9cCAwEAAaN7MHkwCQYDVR0TBAIwADAsBglghkgBhvhCAQ0EHxYd
-T3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFIkjQpUrUqR3
-/F5Zyo3gMK/TtcPCMB8GA1UdIwQYMBaAFFqbuuimm+l4cx4LgwBJlEYTnByJMA0G
-CSqGSIb3DQEBBQUAA0EAYHHIALqIZ5d1lwr3d3B93JEkNVvOW88kAJvRj/BjWHYk
-82cGo63jQxMw0NRiZNV4SqqcE7zqfJmOX7bGXxENyQ==
+MIICEjCCAbygAwIBAgIBAjANBgkqhkiG9w0BAQUFADBSMQswCQYDVQQGEwJBVTET
+MBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50ZXJuZXQgV2lkZ2l0cyBQ
+dHkgTHRkMQswCQYDVQQDDAJjYTAeFw0xMjA5MTIxMTU0NTdaFw0yNTA4MDYxMTU0
+NTdaMFQxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQK
+DBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxDTALBgNVBAMMBHNydjEwXDANBgkq
+hkiG9w0BAQEFAANLADBIAkEArCF4b8scEMJxe3ID40uyx/ZjP2nT00jgkBYPWkT1
+nO25a3K+EW4mCTIMUSUQNf6gM/7PkJ8sizrFmIbCqVy6pwIDAQABo3sweTAJBgNV
+HRMEAjAAMCwGCWCGSAGG+EIBDQQfFh1PcGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZp
+Y2F0ZTAdBgNVHQ4EFgQUCBNvoJNHITGfAnmlzyRK0QunEAkwHwYDVR0jBBgwFoAU
+EVdAC/AzL67C2qQ6ALrpNLN1IAUwDQYJKoZIhvcNAQEFBQADQQAsfmFlSMxGUFjM
+nRuy5y0rcuKhLywUNU24QodmV3fEAhf6PNuDP4k3rvjpAP6W2EuAY9sIesbhx1ns
+2XZKvhoZ
-----END CERTIFICATE-----
diff --git a/lib/tests/demoCA/newcerts/03.pem b/lib/tests/demoCA/newcerts/03.pem
index ab42785..d07be19 100644
--- a/lib/tests/demoCA/newcerts/03.pem
+++ b/lib/tests/demoCA/newcerts/03.pem
@@ -2,21 +2,21 @@ Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
- Signature Algorithm: sha1WithRSAEncryption
- Issuer: C=SE, ST=Bogus State, O=Bogus Ltd, OU=Bogus, CN=My Bogus CA for testing libradsec
+ Signature Algorithm: sha1WithRSAEncryption
+ Issuer: C=AU, ST=Some-State, O=Internet Widgits Pty Ltd, CN=ca
Validity
- Not Before: Mar 25 15:00:52 2011 GMT
- Not After : Feb 16 15:00:52 2024 GMT
- Subject: C=SE, ST=Bogus State, O=Bogus Ltd, OU=Bogus, CN=My Bogus Client Certificate for testing libradsec
+ Not Before: Sep 12 11:55:04 2012 GMT
+ Not After : Aug 6 11:55:04 2025 GMT
+ Subject: C=AU, ST=Some-State, O=Internet Widgits Pty Ltd, CN=cli1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
- RSA Public Key: (512 bit)
- Modulus (512 bit):
- 00:ae:ba:06:81:e2:7c:a8:ee:4e:fa:46:a3:dd:c7:
- d4:f8:33:80:c0:43:09:bd:a7:7d:59:4a:c8:af:3f:
- 07:54:72:4c:b1:ac:2e:53:5a:c0:b6:6c:06:55:97:
- 55:36:cb:fc:7d:5d:c1:c1:97:95:52:a7:a8:da:b0:
- b3:3a:0d:b7:87
+ Public-Key: (512 bit)
+ Modulus:
+ 00:99:7b:86:e0:46:de:f1:69:10:97:f8:4e:78:c8:
+ ee:c2:c8:65:64:90:72:dd:51:4f:c6:58:78:49:07:
+ 61:b9:ed:0a:77:7b:d2:6a:c3:49:e5:91:6c:bf:78:
+ d0:fc:8a:5c:80:1a:b0:03:28:b2:ea:e8:c8:a0:b6:
+ be:a1:42:30:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
@@ -24,27 +24,26 @@ Certificate:
Netscape Comment:
OpenSSL Generated Certificate
X509v3 Subject Key Identifier:
- 70:83:4E:39:98:5A:B6:8E:C7:18:95:57:E9:44:BC:26:0F:78:95:45
+ 10:17:90:80:D8:B0:7E:91:91:13:32:27:8C:EF:A6:DE:9F:C1:C4:A7
X509v3 Authority Key Identifier:
- keyid:5A:9B:BA:E8:A6:9B:E9:78:73:1E:0B:83:00:49:94:46:13:9C:1C:89
+ keyid:11:57:40:0B:F0:33:2F:AE:C2:DA:A4:3A:00:BA:E9:34:B3:75:20:05
Signature Algorithm: sha1WithRSAEncryption
- 72:ea:52:71:bf:6e:9c:de:0d:3a:e7:18:ed:21:46:37:3a:d4:
- 7f:21:ff:21:6a:09:fd:4e:fa:85:0a:fb:46:b5:2d:53:3a:25:
- 2d:40:44:ee:48:81:9d:6d:5e:cf:20:aa:a1:e8:a7:22:d5:ae:
- 58:35:92:ea:bb:b5:a6:f7:29:5c
+ b1:08:87:88:7d:90:78:01:da:4a:e7:be:82:22:3f:58:07:f7:
+ 46:a9:9a:42:a4:88:d9:b8:6a:69:bf:cb:d0:39:2d:c9:49:06:
+ fa:31:80:66:17:32:cc:e8:ae:36:9c:c1:d5:ae:6d:3c:eb:72:
+ 77:55:92:fa:ab:f5:a3:bc:19:2d
-----BEGIN CERTIFICATE-----
-MIICYzCCAg2gAwIBAgIBAzANBgkqhkiG9w0BAQUFADBzMQswCQYDVQQGEwJTRTEU
-MBIGA1UECBMLQm9ndXMgU3RhdGUxEjAQBgNVBAoTCUJvZ3VzIEx0ZDEOMAwGA1UE
-CxMFQm9ndXMxKjAoBgNVBAMTIU15IEJvZ3VzIENBIGZvciB0ZXN0aW5nIGxpYnJh
-ZHNlYzAeFw0xMTAzMjUxNTAwNTJaFw0yNDAyMTYxNTAwNTJaMIGDMQswCQYDVQQG
-EwJTRTEUMBIGA1UECBMLQm9ndXMgU3RhdGUxEjAQBgNVBAoTCUJvZ3VzIEx0ZDEO
-MAwGA1UECxMFQm9ndXMxOjA4BgNVBAMTMU15IEJvZ3VzIENsaWVudCBDZXJ0aWZp
-Y2F0ZSBmb3IgdGVzdGluZyBsaWJyYWRzZWMwXDANBgkqhkiG9w0BAQEFAANLADBI
-AkEArroGgeJ8qO5O+kaj3cfU+DOAwEMJvad9WUrIrz8HVHJMsawuU1rAtmwGVZdV
-Nsv8fV3BwZeVUqeo2rCzOg23hwIDAQABo3sweTAJBgNVHRMEAjAAMCwGCWCGSAGG
-+EIBDQQfFh1PcGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQU
-cINOOZhato7HGJVX6US8Jg94lUUwHwYDVR0jBBgwFoAUWpu66Kab6XhzHguDAEmU
-RhOcHIkwDQYJKoZIhvcNAQEFBQADQQBy6lJxv26c3g065xjtIUY3OtR/If8hagn9
-TvqFCvtGtS1TOiUtQETuSIGdbV7PIKqh6Kci1a5YNZLqu7Wm9ylc
+MIICEjCCAbygAwIBAgIBAzANBgkqhkiG9w0BAQUFADBSMQswCQYDVQQGEwJBVTET
+MBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50ZXJuZXQgV2lkZ2l0cyBQ
+dHkgTHRkMQswCQYDVQQDDAJjYTAeFw0xMjA5MTIxMTU1MDRaFw0yNTA4MDYxMTU1
+MDRaMFQxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQK
+DBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxDTALBgNVBAMMBGNsaTEwXDANBgkq
+hkiG9w0BAQEFAANLADBIAkEAmXuG4Ebe8WkQl/hOeMjuwshlZJBy3VFPxlh4SQdh
+ue0Kd3vSasNJ5ZFsv3jQ/IpcgBqwAyiy6ujIoLa+oUIwXQIDAQABo3sweTAJBgNV
+HRMEAjAAMCwGCWCGSAGG+EIBDQQfFh1PcGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZp
+Y2F0ZTAdBgNVHQ4EFgQUEBeQgNiwfpGREzInjO+m3p/BxKcwHwYDVR0jBBgwFoAU
+EVdAC/AzL67C2qQ6ALrpNLN1IAUwDQYJKoZIhvcNAQEFBQADQQCxCIeIfZB4AdpK
+576CIj9YB/dGqZpCpIjZuGppv8vQOS3JSQb6MYBmFzLM6K42nMHVrm0863J3VZL6
+q/WjvBkt
-----END CERTIFICATE-----
diff --git a/lib/tests/demoCA/private/c2key.pem b/lib/tests/demoCA/private/c2key.pem
deleted file mode 100644
index 6b0c1ee..0000000
--- a/lib/tests/demoCA/private/c2key.pem
+++ /dev/null
@@ -1,9 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIIBOQIBAAJBAMPlFnRHhLsmvFD+3LVwIa0htv/LrLIkngh1OV269LFZ9qgUAmLD
-aG3yCJv+ZlxykhYEYLUIg2YoO0bwz5U3t9cCAwEAAQJAZtVEg0fj2mbMJmyTqb8y
-PnNbYE4n2uA0AVagBZ8Vwl7+rV84tSxXqfZt+G+I9iIwdGZzw9PKEgITX802MTjx
-cQIhAPJmBKucvt8d/a9BjvWaOT51anzWBiG+2FJ3dsM9t1+vAiEAzuMPCITPXNlL
-1frMDuqqcY8XuEN4Drru/Bs/ChlIzFkCIQDuge1Ugt3YoiTsniAxj7eFuni2Ls1H
-xQYLVtr3zzEwpwIfTMX1zjN6v/njKoTnNKHgnkN7ieV/p/e2t9dkjVrUqQIgYzK1
-atYmygSrgsaPkwpYXNVrNBJmBDJpd68pb59wM2Y=
------END RSA PRIVATE KEY-----
diff --git a/lib/tests/demoCA/private/c3key.pem b/lib/tests/demoCA/private/c3key.pem
deleted file mode 100644
index 21b8b3b..0000000
--- a/lib/tests/demoCA/private/c3key.pem
+++ /dev/null
@@ -1,9 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIIBOgIBAAJBAK66BoHifKjuTvpGo93H1PgzgMBDCb2nfVlKyK8/B1RyTLGsLlNa
-wLZsBlWXVTbL/H1dwcGXlVKnqNqwszoNt4cCAwEAAQJAWnD6G1Mj2cF46f2UpqDg
-cRUfqOVKbnv62zRliqiiX6fqpGV85mIcBKzh2GhqtL9xxdFSa7MXxllsKQ5M+EkF
-kQIhAOY0HjDtlknbkXCUJyBeOdJsw8F7RaeEdjBOlUMCuQwpAiEAwk5u7RsIy3m3
-TRiAFVpqOWuFZ6WB+0Hsx13tOS7AHC8CIF6iwl6e7Y/DYhED9unJkr+80uTxhnsN
-a4EEbTw1HFmxAiA1rOUHqsgrLVxtd68qNufRJNqdXyMg/X0jNdcqTLfVEQIhAKYP
-+3yM6TAtaTu+lSdhqQokBp77Reco0hYkLkRm3aPO
------END RSA PRIVATE KEY-----
diff --git a/lib/tests/demoCA/private/cakey.pem b/lib/tests/demoCA/private/cakey.pem
index 6c60bc7..e7df9d0 100644
--- a/lib/tests/demoCA/private/cakey.pem
+++ b/lib/tests/demoCA/private/cakey.pem
@@ -1,9 +1,9 @@
-----BEGIN RSA PRIVATE KEY-----
-MIIBOwIBAAJBAKonfTspEh45jZ9Dra6DbyKICAeSuR3UiF9YuXbsSunJanPtcGZe
-b9wCFZ/del/MO5iKJ7H1mPtrx6teXuo8xF8CAwEAAQJASypsqPDIvy9ff6avF/OZ
-6aA8I9ROEH5ty+ju7TkPEt0dgtcA20m20FtbkKuv1ymEAQk2DbfibWgVfu8NtXia
-gQIhAN04azjSAO94wlahTblo9NOe3Sl9VoSju/P2vPZhMbufAiEAxOfIdv7eUYxW
-tfdF58H6R5SKt/PJ3f5ofIAcIMqQP0ECIGTacdeHtjF2xnKkO0EKHoPT61Qc9jKm
-SuvgUymoCfpVAiEAigtdlV9ViaJz4Bq9nZ920dwn7JMzwTjtE+vUzIB25IECIQC4
-Hp8D00gBVlUgW0OlpmA3PWa3TfkEL3pghZqgeYZzXA==
+MIIBOgIBAAJBAOueUr8afDJjn5aAcfGYh5CX8XpKgW1mfo58UF/5bpQasHtGh7We
+I0gErfNVofkxUKEQq8q6cKxYlU6dOitSNt8CAwEAAQJAR+SmQPN24/Ur88M7gUlW
+TBNgtjzXoyb8BMP/zlkQmZW5Tcv1xCa1UwK33u2wSmhSNP6zA1QrC2d2pv/7XZEp
+wQIhAPpf2QuEooR5BPrvDiAVPlKp31EROrZOiOV5hbV1Kzx/AiEA8OmZZrvgrdQu
+3PKRLfxD11NKf0yhC+7WdVWguYZ1VaECIF99XMcyz9TcXxThRa7gy0M1vJErlAvh
+yf5TKba6OEI7AiBpNctdl11G7OxOZ8zJZWsHRYO6Vm/as0KLWYromvTxIQIhAK0c
+r+G23R+dHDUdNEBSi6G74dbaJqaA8LsVr9w9m5gY
-----END RSA PRIVATE KEY-----
diff --git a/lib/tests/demoCA/private/cli1.key b/lib/tests/demoCA/private/cli1.key
new file mode 100644
index 0000000..09381f1
--- /dev/null
+++ b/lib/tests/demoCA/private/cli1.key
@@ -0,0 +1,9 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIBOQIBAAJBAJl7huBG3vFpEJf4TnjI7sLIZWSQct1RT8ZYeEkHYbntCnd70mrD
+SeWRbL940PyKXIAasAMosuroyKC2vqFCMF0CAwEAAQJAEozki1zle0YYlFWVnnGi
+sfYokxQGXguC2dU9jI4Q2LjGut6mVx/zLIU59BS4nUq2aYHg0hxwwzOba92c0lT/
+HQIhAMp0+k7FtDdRQzIaDzeEY6MYyLhhhukhI3xpyXYVuyx7AiEAwhLQl6hYlsgh
+78CzTAhAdbheAwIQWyvY7XjKzxdpGwcCIG/hr0YC2bHMNZ8laY1bmxhRpPLH6p9A
+0fR6HXwlTDerAiA1y21SfHGB6huuD2Yjry3e86nrf4j1HKRWvuLIoJ6bxQIgWmyj
+YOSFsaBwj9ptkY0d4H84SDHnt7GRypm0/98OSg8=
+-----END RSA PRIVATE KEY-----
diff --git a/lib/tests/demoCA/private/srv1.key b/lib/tests/demoCA/private/srv1.key
new file mode 100644
index 0000000..284f1e1
--- /dev/null
+++ b/lib/tests/demoCA/private/srv1.key
@@ -0,0 +1,9 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIBOgIBAAJBAKwheG/LHBDCcXtyA+NLssf2Yz9p09NI4JAWD1pE9ZztuWtyvhFu
+JgkyDFElEDX+oDP+z5CfLIs6xZiGwqlcuqcCAwEAAQJAbviJF7GfH2LsHISt4vyr
+fuTmqTxF1wI13E6MiUrJ+eftT7Hq1Wq6B7gmlI1iJiJLlAH6o93PYhp8559Dfp+q
+wQIhAOMbFp0NJPrVpycx5dQAYpM/edqXoOENQf1lMLOmOHlhAiEAwgfTbAaGNfQS
+uXfzj0sx+IvoKE/MXfLKZ/uE9futCQcCIQC/mMjZMo+yNrHQdV5KHxEK3RB2hFmr
+xD2aA9a0mVUnwQIgbYjHdNNWDr1DmMo7h+g2RI6Ot7scruiyFPNrgwXaEB8CICMa
+8wjF27wlJ2nmhM9ZXUBtvBKgU+jspsA8n+wU+o+f
+-----END RSA PRIVATE KEY-----
diff --git a/lib/tests/test-udp.c b/lib/tests/test-udp.c
index ccad607..ed176c0 100644
--- a/lib/tests/test-udp.c
+++ b/lib/tests/test-udp.c
@@ -1,24 +1,26 @@
+/* Copyright 2011,2013, NORDUnet A/S. All rights reserved. */
+/* See LICENSE for licensing information. */
+
#include <stdlib.h>
-#include <cgreen/cgreen.h>
+#include <assert.h>
+#include <CUnit/Basic.h>
+#include "radius/client.h"
#include "radsec/radsec.h"
#include "radsec/request.h"
#include "udp.h"
-#define true 1 /* FIXME: Bug report cgreen. */
-#define false 0
-
static void
authenticate (struct rs_connection *conn, const char *user, const char *pw)
{
struct rs_request *req;
struct rs_packet *msg, *resp;
- assert_true (rs_request_create (conn, &req) == 0);
- assert_true (rs_packet_create_authn_request (conn, &msg, user, pw) == 0);
+ CU_ASSERT (rs_request_create (conn, &req) == 0);
+ CU_ASSERT (!rs_packet_create_authn_request (conn, &msg, user, pw));
rs_request_add_reqpkt (req, msg);
- assert_true (rs_request_send (req, &resp) == 0);
+ CU_ASSERT (rs_request_send (req, &resp) == 0);
//printf ("%s\n", rs_err_msg (rs_err_conn_pop (conn), 1));
- assert_true (rs_packet_code(resp) == PW_ACCESS_ACCEPT);
+ CU_ASSERT (rs_packet_code(resp) == PW_ACCESS_ACCEPT);
rs_request_destroy (req);
}
@@ -28,10 +30,10 @@ send_more_than_one_msg_in_one_packet (struct rs_connection *conn)
{
struct rs_packet *msg0, *msg1;
- assert_true (rs_packet_create_authn_request (conn, &msg0, NULL, NULL) == 0);
- assert_true (rs_packet_create_authn_request (conn, &msg1, NULL, NULL) == 0);
- assert_true (rs_packet_send (msg0, NULL) == 0);
- assert_true (rs_packet_send (msg1, NULL) == 0);
+ CU_ASSERT (rs_packet_create_authn_request (conn, &msg0, NULL, NULL) == 0);
+ CU_ASSERT (rs_packet_create_authn_request (conn, &msg1, NULL, NULL) == 0);
+ CU_ASSERT (rs_packet_send (msg0, NULL) == 0);
+ CU_ASSERT (rs_packet_send (msg1, NULL) == 0);
}
#if 0
@@ -44,18 +46,18 @@ send_large_packet (struct rs_connection *conn)
int f;
buf = malloc (RS_MAX_PACKET_LEN);
- assert_true (buf != NULL);
+ CU_ASSERT (buf != NULL);
memset (buf, 0, RS_MAX_PACKET_LEN);
- assert_true (rs_packet_create (conn, &msg0) == 0);
+ CU_ASSERT (rs_packet_create (conn, &msg0) == 0);
/* 16 chunks --> heap corruption in evbuffer_drain detected by free() */
for (f = 0; f < 15; f++)
{
memset (buf, 'a' + f, 252);
//vp = pairmake ("EAP-Message", buf, T_OP_EQ);
- assert_true (rs_packet_append_avp (msg0, fixme...) == RSE_OK);
+ CU_ASSERT (rs_packet_append_avp (msg0, fixme...) == RSE_OK);
}
- assert_true (rs_packet_send (msg0, NULL) == 0);
+ CU_ASSERT (rs_packet_send (msg0, NULL) == 0);
}
#endif /* 0 */
@@ -78,10 +80,9 @@ test_auth ()
setup.username = "molgan@PROJECT-MOONSHOT.ORG";
setup.pw = "password";
- assert_true (rs_context_create (&ctx) == 0);
- assert_true (rs_context_read_config (ctx, setup.config_file) == 0);
- assert_true (rs_context_init_freeradius_dict (ctx, NULL) == 0);
- assert_true (rs_conn_create (ctx, &conn, setup.config_name) == 0);
+ CU_ASSERT (rs_context_create (&ctx) == 0);
+ CU_ASSERT (rs_context_read_config (ctx, setup.config_file) == 0);
+ CU_ASSERT (rs_conn_create (ctx, &conn, setup.config_name) == 0);
authenticate (conn, setup.username, setup.pw);
@@ -97,9 +98,9 @@ test_buffering_cb (const uint8_t *buf, ssize_t len)
#if 0
hd (buf, len);
#endif
- assert_true (len >= 20);
- assert_true (len <= RS_MAX_PACKET_LEN);
- assert_true ((buf[2] << 8) + buf[3] == len);
+ CU_ASSERT (len >= 20);
+ CU_ASSERT (len <= RS_MAX_PACKET_LEN);
+ CU_ASSERT ((buf[2] << 8) + buf[3] == len);
return len;
}
@@ -111,34 +112,19 @@ test_buffering ()
struct timeval timeout;
struct polldata *polldata;
- assert_true (rs_context_create (&ctx) == 0);
- assert_true (rs_context_read_config (ctx, "test.conf") == 0);
- assert_true (rs_conn_create (ctx, &conn, "test-udp-buffering") == 0);
+ CU_ASSERT (rs_context_create (&ctx) == 0);
+ CU_ASSERT (rs_context_read_config (ctx, "test.conf") == 0);
+ CU_ASSERT (rs_conn_create (ctx, &conn, "test-udp-buffering") == 0);
timeout.tv_sec = 0;
timeout.tv_usec = 150000;
polldata = udp_server ("11820", &timeout, test_buffering_cb);
- assert_true (polldata != NULL);
+ CU_ASSERT (polldata != NULL);
send_more_than_one_msg_in_one_packet (conn);
- assert_true (udp_poll (polldata) > 0);
- assert_true (udp_poll (polldata) > 0);
+ CU_ASSERT (udp_poll (polldata) > 0);
+ CU_ASSERT (udp_poll (polldata) > 0);
-#if 0
-"
-send_large_packet() disabled, it's hanging after
-
-Sending Access-Request of id 1 to (null) port 0
- Message-Authenticator = 0x00000000000000000000000000000000
-packet_do_send: about to send this to localhost:11820:
- Code: 1, Identifier: 1, Lenght: 38
-rs_packet_send: entering event loop
-_evcb: fd=5 what = WRITE
-rs_packet_send: event loop done
-"
- send_large_packet (conn);
- assert_true (udp_poll (polldata) > 0);
-#endif /* 0 */
udp_free_polldata (polldata);
rs_conn_destroy (conn);
@@ -146,28 +132,22 @@ rs_packet_send: event loop done
}
/* ************************************************************ */
-static void
-setup_auth (TestSuite *ts)
-{
- add_test (ts, test_auth);
-}
-
-static void
-setup_buffering (TestSuite *ts)
-{
- add_test (ts, test_buffering);
-}
-
int
main (int argc, char *argv[])
{
- TestSuite *ts = create_test_suite ();
+ CU_pSuite s = NULL;
+ CU_pTest t = NULL;
+ unsigned int nfail;
+
+ assert (CU_initialize_registry () == CUE_SUCCESS);
+ s = CU_add_suite ("auth", NULL, NULL); assert (s);
+ t = CU_ADD_TEST (s, test_auth); assert (t);
+ s = CU_add_suite ("buffering", NULL, NULL); assert (s);
+ t = CU_ADD_TEST (s, test_buffering); assert (t);
- setup_auth (ts);
- setup_buffering (ts);
+ assert (CU_basic_run_tests () == CUE_SUCCESS);
+ nfail = CU_get_number_of_failures();
- if (argc > 1)
- return run_single_test (ts, argv[1], create_text_reporter ());
- else
- return run_test_suite (ts, create_text_reporter ());
+ CU_cleanup_registry ();
+ return nfail;
}
diff --git a/lib/tests/test.conf b/lib/tests/test.conf
index 839fd75..98d0330 100644
--- a/lib/tests/test.conf
+++ b/lib/tests/test.conf
@@ -1,5 +1,3 @@
-dictionary = "/home/linus/usr/moonshot/share/freeradius/dictionary"
-
realm test-udp-auth {
type = "UDP"
server {
diff --git a/lib/tests/udp-server.c b/lib/tests/udp-server.c
index ce0136a..77a35df 100644
--- a/lib/tests/udp-server.c
+++ b/lib/tests/udp-server.c
@@ -1,3 +1,6 @@
+/* Copyright 2011, NORDUnet A/S. All rights reserved. */
+/* See LICENSE for licensing information. */
+
#include <stdlib.h>
#include <stdio.h>
#include "udp.h"
diff --git a/lib/tests/udp.c b/lib/tests/udp.c
index 47ea595..2c580da 100644
--- a/lib/tests/udp.c
+++ b/lib/tests/udp.c
@@ -1,3 +1,6 @@
+/* Copyright 2011,2013, NORDUnet A/S. All rights reserved. */
+/* See LICENSE for licensing information. */
+
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
@@ -10,6 +13,7 @@
#include <netdb.h>
#include <sys/select.h>
#include <sys/time.h>
+#include "radius/client.h"
#include "udp.h"
static struct addrinfo *
@@ -57,7 +61,7 @@ ssize_t
udp_poll (struct polldata *data)
{
int r;
- long timeout;
+ long timeout = 0;
fd_set rfds;
ssize_t len;
uint8_t buf[RS_MAX_PACKET_LEN];
diff --git a/lib/tests/udp.h b/lib/tests/udp.h
index 004b7ca..a8d5f23 100644
--- a/lib/tests/udp.h
+++ b/lib/tests/udp.h
@@ -1,3 +1,6 @@
+/* Copyright 2011, NORDUnet A/S. All rights reserved. */
+/* See LICENSE for licensing information. */
+
#include <stdint.h>
#include <unistd.h>
#include <sys/time.h>
diff --git a/lib/tls.c b/lib/tls.c
index 788bf5c..592c460 100644
--- a/lib/tls.c
+++ b/lib/tls.c
@@ -1,10 +1,11 @@
-/* Copyright 2010,2011,2013 NORDUnet A/S. All rights reserved.
- See LICENSE for licensing information. */
+/* Copyright 2010-2013 NORDUnet A/S. All rights reserved.
+ See LICENSE for licensing information. */
#if defined HAVE_CONFIG_H
#include <config.h>
#endif
+#include <stdlib.h>
#include <assert.h>
#include <openssl/ssl.h>
#include <openssl/err.h>
diff --git a/lib/tls.h b/lib/tls.h
index 74a63b3..4707b93 100644
--- a/lib/tls.h
+++ b/lib/tls.h
@@ -1,5 +1,5 @@
-/* Copyright 2010 NORDUnet A/S. All rights reserved.
- See LICENSE for licensing information. */
+/* Copyright 2010-2012 NORDUnet A/S. All rights reserved.
+ See LICENSE for licensing information. */
#if defined (__cplusplus)
extern "C" {
diff --git a/lib/udp.c b/lib/udp.c
index de78fed..0512d7b 100644
--- a/lib/udp.c
+++ b/lib/udp.c
@@ -1,5 +1,5 @@
/* Copyright 2011,2013 NORDUnet A/S. All rights reserved.
- See LICENSE for licensing information. */
+ See LICENSE for licensing information. */
#if defined HAVE_CONFIG_H
#include <config.h>
@@ -64,15 +64,15 @@ _evcb (evutil_socket_t fd, short what, void *user_data)
{
int err;
struct rs_message *msg = (struct rs_message *) user_data;
- assert (msg);
- assert (msg->conn);
rs_debug (("%s: fd=%d what =", __func__, fd));
- if (what & EV_TIMEOUT) rs_debug ((" TIMEOUT"));
+ if (what & EV_TIMEOUT) rs_debug ((" TIMEOUT -- shouldn't happen!"));
if (what & EV_READ) rs_debug ((" READ"));
if (what & EV_WRITE) rs_debug ((" WRITE"));
rs_debug (("\n"));
+ assert (msg);
+ assert (msg->conn);
if (what & EV_READ)
{
/* Read a single UDP packet and stick it in the struct
@@ -91,7 +91,7 @@ _evcb (evutil_socket_t fd, short what, void *user_data)
/* FIXME: Really shouldn't happen since we've been told
that fd is readable! */
rs_debug (("%s: EAGAIN reading UDP packet -- wot?"));
- return;
+ goto err_out;
}
/* Hard error. */
@@ -99,23 +99,21 @@ _evcb (evutil_socket_t fd, short what, void *user_data)
"%d: recv: %d (%s)", fd, sockerr,
evutil_socket_error_to_string (sockerr));
event_del (msg->conn->tev);
- return;
+ goto err_out;
}
event_del (msg->conn->tev);
if (r < 20 || r > RS_MAX_PACKET_LEN) /* Short or long packet. */
{
rs_err_conn_push (msg->conn, RSE_INVALID_MSG,
- "invalid message length: %d",
- msg->rpkt->length);
- return;
+ "invalid message length: %d", r);
+ goto err_out;
}
msg->rpkt->length = (msg->rpkt->data[2] << 8) + msg->rpkt->data[3];
err = nr_packet_ok (msg->rpkt);
if (err)
{
- rs_err_conn_push_fl (msg->conn, err, __FILE__, __LINE__,
- "invalid message");
- return;
+ rs_err_conn_push (msg->conn, -err, "invalid message");
+ goto err_out;
}
/* Hand over message to user. This changes ownership of msg.
Don't touch it afterwards -- it might have been freed. */
@@ -142,11 +140,10 @@ _evcb (evutil_socket_t fd, short what, void *user_data)
if (msg->conn->callbacks.sent_cb)
msg->conn->callbacks.sent_cb (msg->conn->base_.user_data);
}
+ return;
-#if defined (DEBUG)
- if (what & EV_TIMEOUT)
- rs_debug (("%s: timeout on UDP event, shouldn't happen\n", __func__));
-#endif
+ err_out:
+ rs_conn_disconnect (msg->conn);
}
int
diff --git a/lib/udp.h b/lib/udp.h
index 2c20a90..00d7251 100644
--- a/lib/udp.h
+++ b/lib/udp.h
@@ -1,5 +1,5 @@
/* Copyright 2011 NORDUnet A/S. All rights reserved.
- See LICENSE for licensing information. */
+ See LICENSE for licensing information. */
int udp_init (struct rs_connection *conn, struct rs_message *msg);
int udp_init_retransmit_timer (struct rs_connection *conn);
diff --git a/lib/util.c b/lib/util.c
index 1142afa..70d815c 100644
--- a/lib/util.c
+++ b/lib/util.c
@@ -1,6 +1,7 @@
-/* Copyright 2012,2013 NORDUnet A/S. All rights reserved.
- See LICENSE for licensing information. */
+/* Copyright 2012-2013 NORDUnet A/S. All rights reserved.
+ See LICENSE for licensing information. */
+#include <stdlib.h>
#include <string.h>
#include <radsec/radsec.h>
#include <radsec/radsec-impl.h>
diff --git a/lib/util.h b/lib/util.h
index 9edac7b..f988d86 100644
--- a/lib/util.h
+++ b/lib/util.h
@@ -1,4 +1,4 @@
/* Copyright 2012 NORDUnet A/S. All rights reserved.
- See LICENSE for licensing information. */
+ See LICENSE for licensing information. */
char *rs_strdup (struct rs_context *ctx, const char *s);