| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
|
|
|
|
|
|
|
| |
We're moving x509 and psk config from rs_realm to rs_peer while
allowing these to be configured on the realm level and overriden at
peer level.
Also, add support for printing the read configuration, for debugging.
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
RADIUS (RFC2865) is defined to be transported over UDP so the term
"radius packet" makes a lot of sense. RADIUS/TCP (RFC6613) and
RADIUS/TLS (RFC6614), a.k.a. RadSec, use stream transport protocols
though. The term "message" doesn't imply any kind of transport -- a
message can be sent using datagrams as well as in a stream.
This (large) commit changes 'package' to 'message' where it makes
sense. It does not touch the 'radius' subdirectory. It includes
preprocessor directives (#define) to make the public interface
compatible with previous releases of the library.
|
|
|
|
|
|
|
|
|
| |
Uppercase to make them appear as the constants they are, as opposed to
variables.
Remove 'flag' suffix, typically used for variables.
Spell out HEADER.
|
|
|
|
| |
And distribute LICENSE and HACKING.
|
|\ |
|
| | |
|
| | |
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
We used to resolve DNS names when reading configuration. We now do it
in event_init_socket() and cache the result in the connection object.
The imminent need for changing this is to keep host names around for
X509 certificate verification (CNAME and subjectAltName). This will
also help later when we implement server failover (and later, when
people want to do more dynamic configuration, f.ex. NAPTR).
|
| | |
|
|/ |
|
|
|
|
|
|
|
| |
Use rs_context_create() to read FreeRADIUS dictionary, possibly by
taking dict file from configuration file.
CONFIG CHANGE: s/config/realm/g.
|
|
|
|
|
|
|
| |
A new API for attributes will be added once we've decided how to deal
with RADIUS packets internally. For now, removing the half baked
wrapping seems more sensible than trying to free rs_attr objects and
their VALUE_PAIR's.
|
| |
|
|
|
|
| |
TODO: UDP.
|
|
|
|
| |
More to be done here!
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Replace the user_dispatch_flag on connections with
conn_user_dispatch_p().
Remove the 'original' member from packet and instead have an upper
layer verify.
Rename packet valid_flag --> received_flag to reflect that we don't
verify.
Move _close_conn() --> conn_close().
Move packet flags into a single unsigned int, for portability.
(_read_packet): Don't verify packet.
(rs_conn_receive_packet): Don't touch PKT_OUT if there isn't a packet.
(rs_conn_receive_packet): Verify packet using packet_verify_response().
|
|
|
|
| |
Sending, no retransmitting and no receiving.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In blocking mode, breaking the event loop with loopbreak will probably
be needed for exceptions like timeout so we shouldn't use it for
breaking the loop and signalling success.
In the user callbaks used in blocking mode (_rcb and _wcb), disable
read and write events on the event buffer. This will stop the loop.
Also, set a flag in the packet struct to signal success.
In the "low level callbacks" (_read_cb and _write_cb), enable read or
write, accordingly.
|
|
|
|
|
|
|
|
| |
'timeout' and 'tries' move from 'server' stanza to top. 'tries' is
now 'retries'.
Moving around in internal data structs, making struct peer strictly config.
Bug fixes in configuration code.
Adding some more cleanup code, freeing allocated memory (still not done!).
|
| |
|
|
|
|
|
|
|
| |
NOTE: Clean up of resources not yet sane. Expect resource leakages.
NOTE: Most failure cases are not handled properly. With the wind at
your back and the sun shining, it might work.
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* lib/packet.c (_packet_create): Set packet identity properly.
(_do_send): Return an int.
(_do_send): Don't ignore rad_encode() errors.
(_do_send): Do invoke rad_sign().
(_event_cb): Invoke callbacks.
(_event_cb): Honour _do_send() return code.
(_read_cb): Check packet (by invoking rad_packet_ok()).
(_read_cb): Don't ignore rad_decode() errors.
(_read_cb): Invoke callbacks.
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|