diff options
Diffstat (limited to 'lib/include/radsec')
-rw-r--r-- | lib/include/radsec/radsec-impl.h | 100 | ||||
-rw-r--r-- | lib/include/radsec/radsec.h | 24 |
2 files changed, 80 insertions, 44 deletions
diff --git a/lib/include/radsec/radsec-impl.h b/lib/include/radsec/radsec-impl.h index fecf8f2..45ce7f6 100644 --- a/lib/include/radsec/radsec-impl.h +++ b/lib/include/radsec/radsec-impl.h @@ -1,5 +1,5 @@ /** @file libradsec-impl.h - @brief Libraray internal header file for libradsec. */ + @brief Libraray internal header file for libradsec. */ /* Copyright 2010,2011,2013 NORDUnet A/S. All rights reserved. See LICENSE for licensing information. */ @@ -15,13 +15,18 @@ #endif #include "compat.h" -/* Constants. */ +/**************/ +/* Constants. */ #define RS_HEADER_LEN 4 +#define RS_CONN_MAGIC_BASE 0xAE004711u +#define RS_CONN_MAGIC_GENERIC 0x843AEF47u +#define RS_CONN_MAGIC_LISTENER 0xDCB04783u -/* Data types. */ +/***************/ +/* Data types. */ enum rs_cred_type { RS_CRED_NONE = 0, - /* TLS pre-shared keys, RFC 4279. */ + /* TLS pre-shared keys, RFC 4279. */ RS_CRED_TLS_PSK, /* RS_CRED_TLS_DH_PSK, */ /* RS_CRED_TLS_RSA_PSK, */ @@ -34,6 +39,17 @@ enum rs_key_encoding { }; typedef unsigned int rs_key_encoding_t; +enum rs_peer_type { + RS_PEER_TYPE_CLIENT = 1, + RS_PEER_TYPE_SERVER = 2 +}; + +enum rs_conn_subtype { + RS_CONN_OBJTYPE_BASE = 1, + RS_CONN_OBJTYPE_GENERIC, + RS_CONN_OBJTYPE_LISTENER, +}; + #if defined (__cplusplus) extern "C" { #endif @@ -50,19 +66,14 @@ struct rs_error { char buf[1024]; }; -enum rs_peer_type { - RS_PEER_TYPE_CLIENT = 1, - RS_PEER_TYPE_SERVER = 2 -}; - -/** Configuration object for a connection. */ +/** Configuration object for a connection. */ struct rs_peer { enum rs_peer_type type; - struct rs_connection *conn; + struct rs_conn_base *connbase; /**< For error handling. */ struct rs_realm *realm; char *hostname; char *service; - char *secret; /* RADIUS secret. */ + char *secret; /* RADIUS secret. */ struct evutil_addrinfo *addr_cache; char *cacertfile; char *cacertpath; @@ -72,17 +83,18 @@ struct rs_peer { struct rs_peer *next; }; -/** Configuration object for a RADIUS realm. */ +/** Configuration object for a RADIUS realm. */ struct rs_realm { char *name; enum rs_conn_type type; int timeout; int retries; + struct rs_listener *listeners; struct rs_peer *peers; struct rs_realm *next; }; -/** Top configuration object. */ +/** Top configuration object. */ struct rs_config { struct rs_realm *realms; cfg_t *cfg; @@ -93,47 +105,51 @@ struct rs_context { struct rs_config *config; struct rs_alloc_scheme alloc_scheme; struct rs_error *err; - struct event_base *evb; /* Event base. */ -}; - -enum rs_conn_subtype { - RS_CONN_OBJTYPE_BASE = 1, - RS_CONN_OBJTYPE_GENERIC, - RS_CONN_OBJTYPE_LISTENER, + struct event_base *evb; /* Event base. */ }; -#define RS_CONN_MAGIC_BASE 0xAE004711u -#define RS_CONN_MAGIC_GENERIC 0x843AEF47u -#define RS_CONN_MAGIC_LISTENER 0xDCB04783u /** Base class for a connection. */ struct rs_conn_base { uint32_t magic; /* Must be one of RS_CONN_MAGIC_*. */ struct rs_context *ctx; - struct rs_realm *realm; /* Owned by ctx. */ - struct rs_peer *peers; /*< Configured peers. */ + struct rs_realm *realm; /* Owned by ctx. */ + /** For a listener, allowed client addr/port pairs. + For an outgoing connection, set of servers. + For an incoming connection, the peer (as the only entry). */ + struct rs_peer *peers; /**< Configured peers. */ + struct rs_peer *active_peer; /**< The other end of the connection. */ struct timeval timeout; - int tryagain; /* For server failover. */ + int tryagain; /* For server failover. */ void *user_data; struct rs_error *err; - int fd; /* Socket. */ - /* TCP transport specifics. */ - struct bufferevent *bev; /* Buffer event. */ - /* UDP transport specifics. */ - struct event *wev; /* Write event (for UDP). */ - struct event *rev; /* Read event (for UDP). */ + int fd; /* Socket. */ + /* TCP transport specifics. */ + struct bufferevent *bev; /* Buffer event. */ + /* UDP transport specifics. */ + struct event *wev; /* Write event (for UDP). */ + struct event *rev; /* Read event (for UDP). */ +}; + + +enum rs_conn_state { + RS_CONN_STATE_UNDEFINED = 0, + RS_CONN_STATE_CONNECTING, + RS_CONN_STATE_CONNECTED, }; /** A "generic" connection. */ struct rs_connection { struct rs_conn_base base_; - struct event *tev; /* Timeout event. */ + struct event *tev; /* Timeout event. */ struct rs_conn_callbacks callbacks; - struct rs_peer *active_peer; + enum rs_conn_state state; +#if 0 char is_connecting; /* FIXME: replace with a single state member */ char is_connected; /* FIXME: replace with a single state member */ - struct rs_message *out_queue; /* Queue for outgoing UDP packets. */ +#endif /* 0 */ + struct rs_message *out_queue; /* Queue for outgoing UDP packets. */ #if defined(RS_ENABLE_TLS) - /* TLS specifics. */ + /* TLS specifics. */ SSL_CTX *tls_ctx; SSL *tls_ssl; #endif @@ -145,6 +161,7 @@ struct rs_listener { struct rs_conn_base base_; struct evconnlistener *evlistener; struct rs_listener_callbacks callbacks; + struct rs_listener *next; }; enum rs_message_flags { @@ -159,16 +176,16 @@ struct rs_message { struct rs_connection *conn; unsigned int flags; uint8_t hdr[RS_HEADER_LEN]; - struct radius_packet *rpkt; /* FreeRADIUS object. */ - struct rs_message *next; /* Used for UDP output queue. */ + struct radius_packet *rpkt; /* FreeRADIUS object. */ + struct rs_message *next; /* Used for UDP output queue. */ }; #if defined (__cplusplus) } #endif -/************************/ -/* Convenience macros. */ +/***********************/ +/* Convenience macros. */ /* Memory allocation. */ #define rs_calloc(h, nmemb, size) ((h)->alloc_scheme.calloc != NULL \ @@ -192,6 +209,7 @@ struct rs_message { #define SUBTYPE_P(p, subtype, basemember) \ ((void*) (((char*)(p)) - STRUCT_OFFSET(subtype, basemember))) #define DOWNCAST(to, ptr) ((to*)SUBTYPE_P(ptr, to, base_)) +#define TO_BASE_CONN(c) (&((c)->base_)) static struct rs_connection *TO_GENERIC_CONN (struct rs_conn_base *); static struct rs_listener *TO_LISTENER_CONN (struct rs_conn_base *); static INLINE struct rs_connection *TO_GENERIC_CONN (struct rs_conn_base *b) diff --git a/lib/include/radsec/radsec.h b/lib/include/radsec/radsec.h index 021f677..cb98db7 100644 --- a/lib/include/radsec/radsec.h +++ b/lib/include/radsec/radsec.h @@ -1,5 +1,5 @@ /** \file radsec.h - \brief Public interface for libradsec. */ + \brief Public interface for libradsec. */ /* Copyright 2010,2011,2013 NORDUnet A/S. All rights reserved. See LICENSE for licensing information. */ @@ -136,6 +136,7 @@ extern "C" { /* Data types. */ struct rs_context; /* radsec-impl.h */ +struct rs_conn_base; /* radsec-impl.h */ struct rs_connection; /* radsec-impl.h */ struct rs_listener; /* radsec-impl.h */ struct rs_message; /* radsec-impl.h */ @@ -175,8 +176,10 @@ struct rs_conn_callbacks { typedef void (*rs_listener_new_conn_cb) (struct rs_connection *conn, void *user_data); +typedef void (*rs_listener_error_cb) (void *user_data); struct rs_listener_callbacks { rs_listener_new_conn_cb new_conn_cb; + rs_listener_error_cb error_cb; }; typedef struct value_pair rs_avp; @@ -327,11 +330,20 @@ int rs_conn_get_fd(struct rs_connection *conn); void rs_conn_set_timeout(struct rs_connection *conn, struct timeval *tv); /* Peer -- client and server. */ -int rs_peer_create(struct rs_connection *conn, struct rs_peer **peer_out); +/** Create a peer and add it to list of peers held by \a conn. */ +int rs_peer_create_for_conn (struct rs_connection *conn, + struct rs_peer **peer_out); +/** Create a peer and add it to list of peers held by \a listener. */ +int rs_peer_create_for_listener (struct rs_listener *listener, + struct rs_peer **peer_out); +/** Set RADIUS secret for \a peer. Free resurces with \a rs_peer_free_secret. */ +int rs_peer_set_secret(struct rs_peer *peer, const char *secret); +/** Free resources allocated by \a rs_peer_set_secret. */ +void rs_peer_free_secret (struct rs_peer *peer); int rs_peer_set_address(struct rs_peer *peer, const char *hostname, const char *service); -int rs_peer_set_secret(struct rs_peer *peer, const char *secret); +void rs_peer_free_address (struct rs_peer *peer); void rs_peer_set_timeout(struct rs_peer *peer, int timeout); void rs_peer_set_retries(struct rs_peer *peer, int retries); @@ -427,6 +439,12 @@ int rs_err_conn_push_fl(struct rs_connection *conn, int line, const char *fmt, ...); +int rs_err_connbase_push_fl (struct rs_conn_base *connbase, + int code, + const char *file, + int line, + const char *fmt, + ...); /** Pop the first error from the error FIFO associated with connection \a conn or NULL if there are no errors in the FIFO. */ struct rs_error *rs_err_conn_pop(struct rs_connection *conn); |