diff options
| -rw-r--r-- | Makefile | 2 | ||||
| -rw-r--r-- | Makefile.am | 2 | ||||
| -rw-r--r-- | hash.c | 94 | ||||
| -rw-r--r-- | hash.h | 26 | ||||
| -rw-r--r-- | list.c | 8 | ||||
| -rw-r--r-- | list.h | 8 | ||||
| -rw-r--r-- | radsecproxy.c | 49 |
7 files changed, 154 insertions, 35 deletions
@@ -1,6 +1,6 @@ CFLAGS = -g -Wall -pedantic -pthread LDFLAGS = -lssl -OBJ = util.o debug.o list.o gconfig.o udp.o tcp.o tls.o dtls.o radsecproxy.o +OBJ = util.o debug.o list.o hash.o gconfig.o udp.o tcp.o tls.o dtls.o radsecproxy.o all: radsecproxy diff --git a/Makefile.am b/Makefile.am index 505791b..11bf5c9 100644 --- a/Makefile.am +++ b/Makefile.am @@ -5,6 +5,7 @@ radsecproxy_SOURCES = radsecproxy.c \ util.c \ debug.c \ list.c \ + hash.c \ udp.c \ tcp.c \ tls.c \ @@ -14,6 +15,7 @@ radsecproxy_SOURCES = radsecproxy.c \ debug.h \ util.h \ list.h \ + hash.h \ udp.h \ tcp.h \ tls.h \ @@ -0,0 +1,94 @@ +/* + * Copyright (C) 2008 Stig Venaas <venaas@uninett.no> + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + */ + +#include <stdlib.h> +#include <string.h> +#include <pthread.h> +#include "list.h" +#include "hash.h" + +struct entry { + void *key; + uint32_t keylen; + void *data; +}; + +/* allocates and initialises hash structure; returns NULL if malloc fails */ +struct hash *hash_create() { + struct hash *h = malloc(sizeof(struct hash)); + if (!h) + return NULL; + h->hashlist = list_create(); + if (!h->hashlist) { + free(h); + return NULL; + } + pthread_mutex_init(&h->mutex, NULL); + return h; +} + +/* frees all memory associated with the hash */ +void hash_destroy(struct hash *h) { + struct list_node *ln; + + if (!h) + return; + for (ln = list_first(h->hashlist); ln; ln = list_next(ln)) { + free(((struct entry *)ln->data)->key); + free(((struct entry *)ln->data)->data); + } + list_destroy(h->hashlist); + pthread_mutex_destroy(&h->mutex); +} + +/* insert entry in hash; returns 1 if ok, 0 if malloc fails */ +int hash_insert(struct hash *h, void *key, uint32_t keylen, void *data) { + struct entry *e; + + if (!h) + return 0; + e = malloc(sizeof(struct entry)); + if (!e) + return 0; + e->key = malloc(keylen); + if (!e->key) { + free(e); + return 0; + } + memcpy(e->key, key, keylen); + e->keylen = keylen; + e->data = data; + pthread_mutex_lock(&h->mutex); + if (!list_push(h->hashlist, e)) { + pthread_mutex_unlock(&h->mutex); + free(e->key); + free(e); + return 0; + } + pthread_mutex_unlock(&h->mutex); + return 1; +} + +/* reads entry from hash */ +void *hash_read(struct hash *h, void *key, uint32_t keylen) { + struct list_node *ln; + struct entry *e; + + if (!h) + return 0; + pthread_mutex_lock(&h->mutex); + for (ln = list_first(h->hashlist); ln; ln = list_next(ln)) { + e = (struct entry *)ln->data; + if (e->keylen == keylen && !memcmp(e->key, key, keylen)) { + pthread_mutex_unlock(&h->mutex); + return e->data; + } + } + pthread_mutex_unlock(&h->mutex); + return NULL; +} @@ -0,0 +1,26 @@ +/* + * Copyright (C) 2008 Stig Venaas <venaas@uninett.no> + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + */ + +#include <stdint.h> + +struct hash { + struct list *hashlist; + pthread_mutex_t mutex; +}; + +/* allocates and initialises hash structure; returns NULL if malloc fails */ +struct hash *hash_create(); + +/* frees all memory associated with the hash */ +void hash_destroy(struct hash *hash); + +/* insert entry in hash; returns 1 if ok, 0 if malloc fails */ +int hash_insert(struct hash *hash, void *key, uint32_t keylen, void *data); + +/* reads entry from hash */ +void *hash_read(struct hash *hash, void *key, uint32_t keylen); @@ -1,3 +1,11 @@ +/* + * Copyright (C) 2006-2008 Stig Venaas <venaas@uninett.no> + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + */ + #include <stdlib.h> #include <string.h> #include "list.h" @@ -1,3 +1,11 @@ +/* + * Copyright (C) 2006-2008 Stig Venaas <venaas@uninett.no> + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + */ + struct list_node { struct list_node *next; void *data; diff --git a/radsecproxy.c b/radsecproxy.c index 8f76aaa..c1154ea 100644 --- a/radsecproxy.c +++ b/radsecproxy.c @@ -61,6 +61,7 @@ #include <openssl/x509v3.h> #include "debug.h" #include "list.h" +#include "hash.h" #include "util.h" #include "gconfig.h" #include "radsecproxy.h" @@ -71,11 +72,11 @@ static struct options options; static struct list *clconfs, *srvconfs; -struct list *realms, *tlsconfs, *rewriteconfs; +struct list *realms, *rewriteconfs; +struct hash *tlsconfs; static struct addrinfo *srcprotores[4] = { NULL, NULL, NULL, NULL }; -static pthread_mutex_t tlsconfs_lock; static pthread_mutex_t *ssl_locks = NULL; static long *ssl_lock_count; extern int optind; @@ -2413,42 +2414,26 @@ SSL_CTX *tlscreatectx(uint8_t type, struct tls *conf) { } SSL_CTX *tlsgetctx(uint8_t type, char *alt1, char *alt2) { - struct list_node *entry; - struct tls *t, *t1 = NULL, *t2 = NULL; - SSL_CTX *ctx = NULL; - - pthread_mutex_lock(&tlsconfs_lock); - - for (entry = list_first(tlsconfs); entry; entry = list_next(entry)) { - t = (struct tls *)entry->data; - if (!strcasecmp(t->name, alt1)) { - t1 = t; - break; - } - if (!t2 && alt2 && !strcasecmp(t->name, alt2)) - t2 = t; - } + struct tls *t; - t = (t1 ? t1 : t2); - if (!t) - goto exit; + t = hash_read(tlsconfs, alt1, strlen(alt1)); + if (!t) { + t = hash_read(tlsconfs, alt2, strlen(alt2)); + if (!t) + return NULL; + } switch (type) { case RAD_TLS: if (!t->tlsctx) t->tlsctx = tlscreatectx(RAD_TLS, t); - ctx = t->tlsctx; - break; + return t->tlsctx; case RAD_DTLS: if (!t->dtlsctx) t->dtlsctx = tlscreatectx(RAD_DTLS, t); - ctx = t->dtlsctx; - break; + return t->dtlsctx; } - - exit: - pthread_mutex_unlock(&tlsconfs_lock); - return ctx; + return NULL; } struct list *addsrvconfs(char *value, char **names) { @@ -3278,13 +3263,10 @@ int conftls_cb(struct gconffile **cf, void *arg, char *block, char *opt, char *v goto errexit; } - pthread_mutex_lock(&tlsconfs_lock); - if (!list_push(tlsconfs, conf)) { + if (!hash_insert(tlsconfs, conf->name, strlen(conf->name), conf)) { debug(DBG_ERR, "conftls_cb: malloc failed"); - pthread_mutex_unlock(&tlsconfs_lock); goto errexit; } - pthread_mutex_unlock(&tlsconfs_lock); debug(DBG_DBG, "conftls_cb: added TLS block %s", val); return 1; @@ -3333,7 +3315,7 @@ void getmainconfig(const char *configfile) { if (!realms) debugx(1, DBG_ERR, "malloc failed"); - tlsconfs = list_create(); + tlsconfs = hash_create(); if (!tlsconfs) debugx(1, DBG_ERR, "malloc failed"); @@ -3452,7 +3434,6 @@ int main(int argc, char **argv) { debug_init("radsecproxy"); debug_set_level(DEBUG_LEVEL); - pthread_mutex_init(&tlsconfs_lock, NULL); getargs(argc, argv, &foreground, &pretend, &loglevel, &configfile); if (loglevel) |