summaryrefslogtreecommitdiff
path: root/radsecproxy.c
diff options
context:
space:
mode:
Diffstat (limited to 'radsecproxy.c')
-rw-r--r--radsecproxy.c105
1 files changed, 75 insertions, 30 deletions
diff --git a/radsecproxy.c b/radsecproxy.c
index 734165a..29f1af6 100644
--- a/radsecproxy.c
+++ b/radsecproxy.c
@@ -81,8 +81,10 @@ extern char *optarg;
/* minimum required declarations to avoid reordering code */
void adddynamicrealmserver(struct realm *realm, struct clsrvconf *conf, char *id);
-void dynamicconfig(struct server *server);
+int dynamicconfig(struct server *server);
int confserver_cb(struct gconffile **cf, void *arg, char *block, char *opt, char *val);
+void freerealm(struct realm *realm);
+void freeclsrvconf(struct clsrvconf *conf);
/* callbacks for making OpenSSL thread safe */
unsigned long ssl_thread_id() {
@@ -1483,6 +1485,55 @@ struct realm *id2realm(struct list *realmlist, char *id) {
return NULL;
}
+/* helper function, only used by removeserversubrealms() */
+void _internal_removeserversubrealms(struct list *realmlist, struct clsrvconf *srv) {
+ struct list_node *entry;
+ struct realm *realm;
+
+ for (entry = list_first(realmlist); entry;) {
+ realm = (struct realm *)entry->data;
+ entry = list_next(entry);
+ if (realm->srvconfs) {
+ list_removedata(realm->srvconfs, srv);
+ if (!list_first(realm->srvconfs)) {
+ list_destroy(realm->srvconfs);
+ realm->srvconfs = NULL;
+ }
+ }
+ if (realm->accsrvconfs) {
+ list_removedata(realm->accsrvconfs, srv);
+ if (!list_first(realm->accsrvconfs)) {
+ list_destroy(realm->accsrvconfs);
+ realm->accsrvconfs = NULL;
+ }
+ }
+
+ /* remove subrealm if no servers */
+ if (!realm->srvconfs && !realm->accsrvconfs) {
+ list_removedata(realmlist, realm);
+ freerealm(realm);
+ }
+ }
+}
+
+void removeserversubrealms(struct list *realmlist, struct clsrvconf *srv) {
+ struct list_node *entry;
+ struct realm *realm;
+
+ for (entry = list_first(realmlist); entry; entry = list_next(entry)) {
+ realm = (struct realm *)entry->data;
+ pthread_mutex_lock(&realm->subrealms_mutex);
+ if (realm->subrealms) {
+ _internal_removeserversubrealms(realm->subrealms, srv);
+ if (!list_first(realm->subrealms)) {
+ list_destroy(realm->subrealms);
+ realm->subrealms = NULL;
+ }
+ }
+ pthread_mutex_unlock(&realm->subrealms_mutex);
+ }
+}
+
int rqinqueue(struct server *to, struct client *from, uint8_t id, uint8_t code) {
struct request *rq = to->requests, *end;
@@ -2227,12 +2278,8 @@ void *clientwr(void *arg) {
conf = server->conf;
- if (server->dynamiclookuparg) {
- dynamicconfig(server);
- conf = server->conf;
- if (!conf)
- goto errexit;
- }
+ if (server->dynamiclookuparg && !dynamicconfig(server))
+ goto errexit;
if (!conf->addrinfo && !resolvepeer(conf, 0)) {
debug(DBG_WARN, "failed to resolve host %s port %s", conf->host ? conf->host : "(null)", conf->port ? conf->port : "(null)");
@@ -2364,22 +2411,9 @@ void *clientwr(void *arg) {
}
}
errexit:
- /* this code needs more work */
if (server->dynamiclookuparg) {
- /* remove subrealms using this server */
- /* need to free server->conf etc */
- if (conf) {
- free(conf->host);
- free(conf->name);
- if (conf->addrinfo) {
- freeaddrinfo(conf->addrinfo);
- conf->addrinfo = NULL;
- }
- /* add this once realm removal in place
- freeclsrvconf(conf);
- server->conf = NULL;
- */
- }
+ removeserversubrealms(realms, conf);
+ freeclsrvconf(conf);
}
freeserver(server, 1);
return NULL;
@@ -2755,6 +2789,11 @@ void freerealm(struct realm *realm) {
if (!realm)
return;
free(realm->name);
+ free(realm->message);
+ regfree(&realm->regex);
+ pthread_mutex_destroy(&realm->subrealms_mutex);
+ if (realm->subrealms)
+ list_destroy(realm->subrealms);
if (realm->srvconfs) {
/* emptying list without freeing data */
while (list_shift(realm->srvconfs));
@@ -2799,6 +2838,7 @@ struct realm *addrealm(struct list *realmlist, char *value, char **servers, char
}
if (!regex) {
debug(DBG_ERR, "malloc failed");
+ realm = NULL;
goto exit;
}
debug(DBG_DBG, "addrealm: constructed regexp %s from %s", regex, value);
@@ -2810,6 +2850,14 @@ struct realm *addrealm(struct list *realmlist, char *value, char **servers, char
goto exit;
}
memset(realm, 0, sizeof(struct realm));
+
+ if (pthread_mutex_init(&realm->subrealms_mutex, NULL)) {
+ debug(DBG_ERR, "mutex init failed");
+ free(realm);
+ realm = NULL;
+ goto exit;
+ }
+
realm->name = stringcopy(value, 0);
if (!realm->name) {
debug(DBG_ERR, "malloc failed");
@@ -2838,11 +2886,6 @@ struct realm *addrealm(struct list *realmlist, char *value, char **servers, char
goto errexit;
}
- if (pthread_mutex_init(&realm->subrealms_mutex, NULL)) {
- debug(DBG_ERR, "mutex init failed");
- goto errexit;
- }
-
if (!list_push(realmlist, realm)) {
debug(DBG_ERR, "malloc failed");
pthread_mutex_destroy(&realm->subrealms_mutex);
@@ -2946,7 +2989,7 @@ void adddynamicrealmserver(struct realm *realm, struct clsrvconf *conf, char *id
pthread_mutex_unlock(&realm->subrealms_mutex);
}
-void dynamicconfig(struct server *server) {
+int dynamicconfig(struct server *server) {
int ok, fd[2], status;
pid_t pid;
struct clsrvconf *conf = server->conf;
@@ -2962,6 +3005,8 @@ void dynamicconfig(struct server *server) {
pid = fork();
if (pid < 0) {
debug(DBG_ERR, "dynamicconfig: fork error");
+ close(fd[0]);
+ close(fd[1]);
goto errexit;
} else if (pid == 0) {
/* child */
@@ -2994,11 +3039,11 @@ void dynamicconfig(struct server *server) {
}
if (ok)
- return;
+ return 1;
errexit:
- server->conf = NULL;
debug(DBG_WARN, "dynamicconfig: failed to obtain dynamic server config");
+ return 0;
}
int addmatchcertattr(struct clsrvconf *conf) {