summaryrefslogtreecommitdiff
path: root/lib/include/radsec
diff options
context:
space:
mode:
Diffstat (limited to 'lib/include/radsec')
-rw-r--r--lib/include/radsec/radsec-impl.h100
-rw-r--r--lib/include/radsec/radsec.h24
2 files changed, 80 insertions, 44 deletions
diff --git a/lib/include/radsec/radsec-impl.h b/lib/include/radsec/radsec-impl.h
index fecf8f2..45ce7f6 100644
--- a/lib/include/radsec/radsec-impl.h
+++ b/lib/include/radsec/radsec-impl.h
@@ -1,5 +1,5 @@
/** @file libradsec-impl.h
- @brief Libraray internal header file for libradsec. */
+ @brief Libraray internal header file for libradsec. */
/* Copyright 2010,2011,2013 NORDUnet A/S. All rights reserved.
See LICENSE for licensing information. */
@@ -15,13 +15,18 @@
#endif
#include "compat.h"
-/* Constants. */
+/**************/
+/* Constants. */
#define RS_HEADER_LEN 4
+#define RS_CONN_MAGIC_BASE 0xAE004711u
+#define RS_CONN_MAGIC_GENERIC 0x843AEF47u
+#define RS_CONN_MAGIC_LISTENER 0xDCB04783u
-/* Data types. */
+/***************/
+/* Data types. */
enum rs_cred_type {
RS_CRED_NONE = 0,
- /* TLS pre-shared keys, RFC 4279. */
+ /* TLS pre-shared keys, RFC 4279. */
RS_CRED_TLS_PSK,
/* RS_CRED_TLS_DH_PSK, */
/* RS_CRED_TLS_RSA_PSK, */
@@ -34,6 +39,17 @@ enum rs_key_encoding {
};
typedef unsigned int rs_key_encoding_t;
+enum rs_peer_type {
+ RS_PEER_TYPE_CLIENT = 1,
+ RS_PEER_TYPE_SERVER = 2
+};
+
+enum rs_conn_subtype {
+ RS_CONN_OBJTYPE_BASE = 1,
+ RS_CONN_OBJTYPE_GENERIC,
+ RS_CONN_OBJTYPE_LISTENER,
+};
+
#if defined (__cplusplus)
extern "C" {
#endif
@@ -50,19 +66,14 @@ struct rs_error {
char buf[1024];
};
-enum rs_peer_type {
- RS_PEER_TYPE_CLIENT = 1,
- RS_PEER_TYPE_SERVER = 2
-};
-
-/** Configuration object for a connection. */
+/** Configuration object for a connection. */
struct rs_peer {
enum rs_peer_type type;
- struct rs_connection *conn;
+ struct rs_conn_base *connbase; /**< For error handling. */
struct rs_realm *realm;
char *hostname;
char *service;
- char *secret; /* RADIUS secret. */
+ char *secret; /* RADIUS secret. */
struct evutil_addrinfo *addr_cache;
char *cacertfile;
char *cacertpath;
@@ -72,17 +83,18 @@ struct rs_peer {
struct rs_peer *next;
};
-/** Configuration object for a RADIUS realm. */
+/** Configuration object for a RADIUS realm. */
struct rs_realm {
char *name;
enum rs_conn_type type;
int timeout;
int retries;
+ struct rs_listener *listeners;
struct rs_peer *peers;
struct rs_realm *next;
};
-/** Top configuration object. */
+/** Top configuration object. */
struct rs_config {
struct rs_realm *realms;
cfg_t *cfg;
@@ -93,47 +105,51 @@ struct rs_context {
struct rs_config *config;
struct rs_alloc_scheme alloc_scheme;
struct rs_error *err;
- struct event_base *evb; /* Event base. */
-};
-
-enum rs_conn_subtype {
- RS_CONN_OBJTYPE_BASE = 1,
- RS_CONN_OBJTYPE_GENERIC,
- RS_CONN_OBJTYPE_LISTENER,
+ struct event_base *evb; /* Event base. */
};
-#define RS_CONN_MAGIC_BASE 0xAE004711u
-#define RS_CONN_MAGIC_GENERIC 0x843AEF47u
-#define RS_CONN_MAGIC_LISTENER 0xDCB04783u
/** Base class for a connection. */
struct rs_conn_base {
uint32_t magic; /* Must be one of RS_CONN_MAGIC_*. */
struct rs_context *ctx;
- struct rs_realm *realm; /* Owned by ctx. */
- struct rs_peer *peers; /*< Configured peers. */
+ struct rs_realm *realm; /* Owned by ctx. */
+ /** For a listener, allowed client addr/port pairs.
+ For an outgoing connection, set of servers.
+ For an incoming connection, the peer (as the only entry). */
+ struct rs_peer *peers; /**< Configured peers. */
+ struct rs_peer *active_peer; /**< The other end of the connection. */
struct timeval timeout;
- int tryagain; /* For server failover. */
+ int tryagain; /* For server failover. */
void *user_data;
struct rs_error *err;
- int fd; /* Socket. */
- /* TCP transport specifics. */
- struct bufferevent *bev; /* Buffer event. */
- /* UDP transport specifics. */
- struct event *wev; /* Write event (for UDP). */
- struct event *rev; /* Read event (for UDP). */
+ int fd; /* Socket. */
+ /* TCP transport specifics. */
+ struct bufferevent *bev; /* Buffer event. */
+ /* UDP transport specifics. */
+ struct event *wev; /* Write event (for UDP). */
+ struct event *rev; /* Read event (for UDP). */
+};
+
+
+enum rs_conn_state {
+ RS_CONN_STATE_UNDEFINED = 0,
+ RS_CONN_STATE_CONNECTING,
+ RS_CONN_STATE_CONNECTED,
};
/** A "generic" connection. */
struct rs_connection {
struct rs_conn_base base_;
- struct event *tev; /* Timeout event. */
+ struct event *tev; /* Timeout event. */
struct rs_conn_callbacks callbacks;
- struct rs_peer *active_peer;
+ enum rs_conn_state state;
+#if 0
char is_connecting; /* FIXME: replace with a single state member */
char is_connected; /* FIXME: replace with a single state member */
- struct rs_message *out_queue; /* Queue for outgoing UDP packets. */
+#endif /* 0 */
+ struct rs_message *out_queue; /* Queue for outgoing UDP packets. */
#if defined(RS_ENABLE_TLS)
- /* TLS specifics. */
+ /* TLS specifics. */
SSL_CTX *tls_ctx;
SSL *tls_ssl;
#endif
@@ -145,6 +161,7 @@ struct rs_listener {
struct rs_conn_base base_;
struct evconnlistener *evlistener;
struct rs_listener_callbacks callbacks;
+ struct rs_listener *next;
};
enum rs_message_flags {
@@ -159,16 +176,16 @@ struct rs_message {
struct rs_connection *conn;
unsigned int flags;
uint8_t hdr[RS_HEADER_LEN];
- struct radius_packet *rpkt; /* FreeRADIUS object. */
- struct rs_message *next; /* Used for UDP output queue. */
+ struct radius_packet *rpkt; /* FreeRADIUS object. */
+ struct rs_message *next; /* Used for UDP output queue. */
};
#if defined (__cplusplus)
}
#endif
-/************************/
-/* Convenience macros. */
+/***********************/
+/* Convenience macros. */
/* Memory allocation. */
#define rs_calloc(h, nmemb, size) ((h)->alloc_scheme.calloc != NULL \
@@ -192,6 +209,7 @@ struct rs_message {
#define SUBTYPE_P(p, subtype, basemember) \
((void*) (((char*)(p)) - STRUCT_OFFSET(subtype, basemember)))
#define DOWNCAST(to, ptr) ((to*)SUBTYPE_P(ptr, to, base_))
+#define TO_BASE_CONN(c) (&((c)->base_))
static struct rs_connection *TO_GENERIC_CONN (struct rs_conn_base *);
static struct rs_listener *TO_LISTENER_CONN (struct rs_conn_base *);
static INLINE struct rs_connection *TO_GENERIC_CONN (struct rs_conn_base *b)
diff --git a/lib/include/radsec/radsec.h b/lib/include/radsec/radsec.h
index 021f677..cb98db7 100644
--- a/lib/include/radsec/radsec.h
+++ b/lib/include/radsec/radsec.h
@@ -1,5 +1,5 @@
/** \file radsec.h
- \brief Public interface for libradsec. */
+ \brief Public interface for libradsec. */
/* Copyright 2010,2011,2013 NORDUnet A/S. All rights reserved.
See LICENSE for licensing information. */
@@ -136,6 +136,7 @@ extern "C" {
/* Data types. */
struct rs_context; /* radsec-impl.h */
+struct rs_conn_base; /* radsec-impl.h */
struct rs_connection; /* radsec-impl.h */
struct rs_listener; /* radsec-impl.h */
struct rs_message; /* radsec-impl.h */
@@ -175,8 +176,10 @@ struct rs_conn_callbacks {
typedef void (*rs_listener_new_conn_cb) (struct rs_connection *conn,
void *user_data);
+typedef void (*rs_listener_error_cb) (void *user_data);
struct rs_listener_callbacks {
rs_listener_new_conn_cb new_conn_cb;
+ rs_listener_error_cb error_cb;
};
typedef struct value_pair rs_avp;
@@ -327,11 +330,20 @@ int rs_conn_get_fd(struct rs_connection *conn);
void rs_conn_set_timeout(struct rs_connection *conn, struct timeval *tv);
/* Peer -- client and server. */
-int rs_peer_create(struct rs_connection *conn, struct rs_peer **peer_out);
+/** Create a peer and add it to list of peers held by \a conn. */
+int rs_peer_create_for_conn (struct rs_connection *conn,
+ struct rs_peer **peer_out);
+/** Create a peer and add it to list of peers held by \a listener. */
+int rs_peer_create_for_listener (struct rs_listener *listener,
+ struct rs_peer **peer_out);
+/** Set RADIUS secret for \a peer. Free resurces with \a rs_peer_free_secret. */
+int rs_peer_set_secret(struct rs_peer *peer, const char *secret);
+/** Free resources allocated by \a rs_peer_set_secret. */
+void rs_peer_free_secret (struct rs_peer *peer);
int rs_peer_set_address(struct rs_peer *peer,
const char *hostname,
const char *service);
-int rs_peer_set_secret(struct rs_peer *peer, const char *secret);
+void rs_peer_free_address (struct rs_peer *peer);
void rs_peer_set_timeout(struct rs_peer *peer, int timeout);
void rs_peer_set_retries(struct rs_peer *peer, int retries);
@@ -427,6 +439,12 @@ int rs_err_conn_push_fl(struct rs_connection *conn,
int line,
const char *fmt,
...);
+int rs_err_connbase_push_fl (struct rs_conn_base *connbase,
+ int code,
+ const char *file,
+ int line,
+ const char *fmt,
+ ...);
/** Pop the first error from the error FIFO associated with connection
\a conn or NULL if there are no errors in the FIFO. */
struct rs_error *rs_err_conn_pop(struct rs_connection *conn);