All Data Structures Files Functions Variables Typedefs Enumerations Enumerator Macros Groups Pages
radiusd.h
Go to the documentation of this file.
1 /*
2  * This program is free software; you can redistribute it and/or modify
3  * it under the terms of the GNU General Public License as published by
4  * the Free Software Foundation; either version 2 of the License, or
5  * (at your option) any later version.
6  *
7  * This program is distributed in the hope that it will be useful,
8  * but WITHOUT ANY WARRANTY; without even the implied warranty of
9  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
10  * GNU General Public License for more details.
11  *
12  * You should have received a copy of the GNU General Public License
13  * along with this program; if not, write to the Free Software
14  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
15  */
16 #ifndef _FR_RADIUSD_H
17 #define _FR_RADIUSD_H
18 /**
19  * $Id: e838db640ebbe5ac06eace2004b9bba8d9004a65 $
20  *
21  * @file include/radiusd.h
22  * @brief Structures, prototypes and global variables for the FreeRADIUS server.
23  *
24  * @copyright 1999-2000,2002-2008 The FreeRADIUS server project
25  */
26 RCSIDH(radiusd_h, "$Id: e838db640ebbe5ac06eace2004b9bba8d9004a65 $")
27 
28 #include <freeradius-devel/libradius.h>
29 #include <freeradius-devel/conf.h>
30 #include <freeradius-devel/conffile.h>
31 #include <freeradius-devel/event.h>
32 #include <freeradius-devel/connection.h>
33 
34 typedef struct rad_request REQUEST;
35 
36 #include <freeradius-devel/log.h>
37 
38 #ifdef HAVE_PTHREAD_H
39 # include <pthread.h>
40 #else
41 # include <sys/wait.h>
42 #endif
43 
44 #ifndef NDEBUG
45 # define REQUEST_MAGIC (0xdeadbeef)
46 #endif
47 
48 /*
49  * WITH_VMPS is handled by src/include/features.h
50  */
51 #ifdef WITHOUT_VMPS
52 # undef WITH_VMPS
53 #endif
54 
55 #ifdef WITH_TLS
56 # include <freeradius-devel/tls.h>
57 #endif
58 
59 #include <freeradius-devel/stats.h>
60 #include <freeradius-devel/realms.h>
61 #include <freeradius-devel/xlat.h>
62 #include <freeradius-devel/tmpl.h>
63 #include <freeradius-devel/map.h>
64 #include <freeradius-devel/clients.h>
65 #include <freeradius-devel/process.h>
66 /*
67  * All POSIX systems should have these headers
68  */
69 #include <pwd.h>
70 #include <grp.h>
71 
72 #ifdef __cplusplus
73 extern "C" {
74 #endif
75 
76 /*
77  * See util.c
78  */
80 
81 
82 
83 /** Return codes indicating the result of the module call
84  *
85  * All module functions must return one of the codes listed below (apart from
86  * RLM_MODULE_NUMCODES, which is used to check for validity).
87  */
88 typedef enum rlm_rcodes {
89  RLM_MODULE_REJECT = 0, //!< Immediately reject the request.
90  RLM_MODULE_FAIL, //!< Module failed, don't reply.
91  RLM_MODULE_OK, //!< The module is OK, continue.
92  RLM_MODULE_HANDLED, //!< The module handled the request, so stop.
93  RLM_MODULE_INVALID, //!< The module considers the request invalid.
94  RLM_MODULE_USERLOCK, //!< Reject the request (user is locked out).
95  RLM_MODULE_NOTFOUND, //!< User not found.
96  RLM_MODULE_NOOP, //!< Module succeeded without doing anything.
97  RLM_MODULE_UPDATED, //!< OK (pairs modified).
98  RLM_MODULE_NUMCODES, //!< How many valid return codes there are.
99  RLM_MODULE_UNKNOWN //!< Error resolving rcode (should not be
100  //!< returned by modules).
101 } rlm_rcode_t;
102 extern const FR_NAME_NUMBER modreturn_table[];
103 
104 /** Main server configuration
105  *
106  * The parsed version of the main server config.
107  */
108 typedef struct main_config {
109  char const *name; //!< Name of the daemon, usually 'radiusd'.
110  CONF_SECTION *config; //!< Root of the server config.
111 
112  bool log_auth; //!< Log authentication attempts.
113  bool log_auth_badpass; //!< Log successful authentications.
114  bool log_auth_goodpass; //!< Log failed authentications.
115  char const *auth_badpass_msg; //!< Additional text to append to successful auth messages.
116  char const *auth_goodpass_msg; //!< Additional text to append to failed auth messages.
117 
118  char const *denied_msg; //!< Additional text to append if the user is already logged
119  //!< in (simultaneous use check failed).
120 
121  bool daemonize; //!< Should the server daemonize on startup.
122  bool spawn_workers; //!< Should the server spawn threads.
123  char const *pid_file; //!< Path to write out PID file.
124 
125 #ifdef WITH_PROXY
126  bool proxy_requests; //!< Toggle to enable/disable proxying globally.
127 #endif
128  struct timeval reject_delay; //!< How long to wait before sending an Access-Reject.
129  bool status_server; //!< Whether to respond to status-server messages.
130 
131 
132  uint32_t max_request_time; //!< How long a request can be processed for before
133  //!< timing out.
134  uint32_t cleanup_delay; //!< How long before cleaning up cached responses.
135  uint32_t continuation_timeout; //!< How long to wait before cleaning up state entries.
136  uint32_t max_requests;
137 
138  uint32_t debug_level;
139  char const *log_file;
141 
142  char const *dictionary_dir; //!< Where to load dictionaries from.
143 
144  char const *checkrad; //!< Script to use to determine if a user is already
145  //!< connected.
146 
147  rad_listen_t *listen; //!< Head of a linked list of listeners.
148 
149 
150  char const *panic_action; //!< Command to execute if the server receives a fatal
151  //!< signal.
152 
153  struct timeval init_delay; //!< Initial request processing delay.
154 
155  uint32_t talloc_pool_size; //!< Size of pool to allocate to hold each #REQUEST.
156  bool debug_memory; //!< Cleanup the server properly on exit, freeing
157  //!< up any memory we allocated.
158  bool memory_report; //!< Print a memory report on what's left unfreed.
159  //!< Can only be used when the server is running in single
160  //!< threaded mode.
161 
162  bool allow_core_dumps; //!< Whether the server is allowed to drop a core when
163  //!< receiving a fatal signal.
164 
165  uint32_t state_seed; //!< magic for proxying
166 
167  bool write_pid; //!< write the PID file
168 
169 #ifdef ENABLE_OPENSSL_VERSION_CHECK
170  char const *allow_vulnerable_openssl; //!< The CVE number of the last security issue acknowledged.
171 #endif
172 
173 #ifdef WITH_CONF_WRITE
174  char const *write_dir; //!< where the normalized config is written
175 #endif
176 
177  fr_dict_t *dict; //!< Main dictionary.
178 } main_config_t;
179 
180 #if defined(WITH_VERIFY_PTR)
181 # define VERIFY_REQUEST(_x) verify_request(__FILE__, __LINE__, _x)
182 #else
183 /*
184  * Even if were building without WITH_VERIFY_PTR
185  * the pointer must not be NULL when these various macros are used
186  * so we can add some sneaky asserts.
187  */
188 # define VERIFY_REQUEST(_x) rad_assert(_x)
189 #endif
190 
191 typedef enum {
196 #define REQUEST_MASTER_NUM_STATES (REQUEST_COUNTED + 1)
197 
198 typedef enum {
206 #define REQUEST_CHILD_NUM_STATES (REQUEST_DONE + 1)
207 
208 struct rad_request {
209 #ifndef NDEBUG
210  uint32_t magic; //!< Magic number used to detect memory corruption,
211  //!< or request structs that have not been properly initialised.
212 #endif
213  unsigned int number; //!< Monotonically increasing request number. Reset on server restart.
214  struct timeval timestamp; //!< When we started processing the request.
215 
216  request_data_t *data; //!< Request metadata.
217 
218  rad_listen_t *listener; //!< The listener that received the request.
219  RADCLIENT *client; //!< The client that originally sent us the request.
220 
221  RADIUS_PACKET *packet; //!< Incoming request.
222  VALUE_PAIR *username; //!< Cached username #VALUE_PAIR from request #RADIUS_PACKET.
223  VALUE_PAIR *password; //!< Cached password #VALUE_PAIR from request #RADIUS_PACKET.
224 
225  RADIUS_PACKET *reply; //!< Outgoing response.
226 
227  VALUE_PAIR *config; //!< #VALUE_PAIR (s) used to set per request parameters
228  //!< for modules and the server core at runtime.
229 
230  TALLOC_CTX *state_ctx; //!< for request->state
231  VALUE_PAIR *state; //!< #VALUE_PAIR (s) available over the lifetime of the authentication
232  //!< attempt. Useful where the attempt involves a sequence of
233  //!< many request/challenge packets, like OTP, and EAP.
234 
235 #ifdef WITH_PROXY
236  rad_listen_t *proxy_listener;//!< Listener for outgoing requests.
237  RADIUS_PACKET *proxy; //!< Outgoing request to proxy server.
238  RADIUS_PACKET *proxy_reply; //!< Incoming response from proxy server.
239 
241  home_pool_t *home_pool; //!< For dynamic failover
242 #endif
243 
244  fr_request_process_t process; //!< The function to call to move the request through the state machine.
245 
246  struct timeval response_delay; //!< How long to wait before sending Access-Rejects.
247  fr_state_action_t timer_action; //!< What action to perform when the timer event fires.
248  fr_event_t *ev; //!< Event in event loop tied to this request.
249 
250  RAD_REQUEST_FUNP handle; //!< The function to call to move the request through the
251  //!< various server configuration sections.
252  rlm_rcode_t rcode; //!< Last rcode returned by a module
253  char const *module; //!< Module the request is currently being processed by.
254  char const *component; //!< Section the request is in.
255 
256  int delay; //!< incrementing delay for various timers
257  int heap_id; //!< entry in the queue / heap of incoming packets
258 
259  rad_master_state_t master_state; //!< Set by the master thread to signal the child that's currently
260  //!< working with the request, to do something.
262 
263 #ifdef HAVE_PTHREAD_H
264  pthread_t child_pid; //!< Current thread handling the request.
265 #endif
266 
267  main_config_t *root; //!< Pointer to the main config hack to try and deal with hup.
268 
269 
270  int simul_max; //!< Maximum number of concurrent sessions for this user.
271 #ifdef WITH_SESSION_MGMT
272  int simul_count; //!< The current number of sessions for this user.
273  int simul_mpp; //!< WEIRD: 1 is false, 2 is true.
274 #endif
275 
277 
279 #ifdef WITH_PROXY
281 
282  struct timeval proxy_retransmit;
283 
284  uint32_t num_proxied_requests; //!< How many times this request was proxied.
285  //!< Retransmissions are driven by requests from the NAS.
287 #endif
288 
289  char const *server;
291 
292  struct {
293  radlog_func_t func; //!< Function to call to output log messages about this
294  //!< request.
295 
296  log_lvl_t lvl; //!< Controls the verbosity of debug statements regarding
297  //!< the request.
298 
299  uint8_t indent; //!< By how much to indent log messages. uin8_t so it's obvious
300  //!< when a request has been exdented too much.
301  fr_log_t *output; //!< Output log destination. Over-rides the global one.
302  } log;
303 
304  uint32_t options; //!< mainly for proxying EAP-MSCHAPv2.
305 
306 #ifdef WITH_COA
307  REQUEST *coa; //!< CoA request originated by this request.
308  uint32_t num_coa_requests;//!< Counter for number of requests sent including
309  //!< retransmits.
310 #endif
311 }; /* REQUEST typedef */
312 
313 #define RAD_REQUEST_LVL_NONE (0) //!< No debug messages should be printed.
314 #define RAD_REQUEST_LVL_DEBUG (1)
315 #define RAD_REQUEST_LVL_DEBUG2 (2)
316 #define RAD_REQUEST_LVL_DEBUG3 (3)
317 #define RAD_REQUEST_LVL_DEBUG4 (4)
318 
319 #define RAD_REQUEST_OPTION_COA (1 << 0)
320 #define RAD_REQUEST_OPTION_CTX (1 << 1)
321 
322 #define SECONDS_PER_DAY 86400
323 #define MAX_REQUEST_TIME 30
324 #define CLEANUP_DELAY 5
325 #define MAX_REQUESTS 256
326 #define RETRY_DELAY 5
327 #define RETRY_COUNT 3
328 #define DEAD_TIME 120
329 #define EXEC_TIMEOUT 10
330 
331 /* for paircompare_register */
332 typedef int (*RAD_COMPARE_FUNC)(void *instance, REQUEST *,VALUE_PAIR *, VALUE_PAIR *, VALUE_PAIR *, VALUE_PAIR **);
333 
334 typedef enum request_fail {
336  REQUEST_FAIL_NO_THREADS, //!< No threads to handle it.
337  REQUEST_FAIL_DECODE, //!< Rad_decode didn't like it.
338  REQUEST_FAIL_PROXY, //!< Call to proxy modules failed.
339  REQUEST_FAIL_PROXY_SEND, //!< Proxy_send didn't like it.
340  REQUEST_FAIL_NO_RESPONSE, //!< We weren't told to respond, so we reject.
341  REQUEST_FAIL_HOME_SERVER, //!< The home server didn't respond.
342  REQUEST_FAIL_HOME_SERVER2, //!< Another case of the above.
343  REQUEST_FAIL_HOME_SERVER3, //!< Another case of the above.
344  REQUEST_FAIL_NORMAL_REJECT, //!< Authentication failure.
345  REQUEST_FAIL_SERVER_TIMEOUT //!< The server took too long to process the request.
347 
348 /*
349  * Global variables.
350  *
351  * We really shouldn't have this many.
352  */
353 extern log_lvl_t rad_debug_lvl;
354 extern char const *radacct_dir;
355 extern char const *radlog_dir;
356 extern char const *radlib_dir;
357 extern bool log_stripped_names;
358 extern char const *radiusd_version;
359 extern char const *radiusd_version_short;
360 void radius_signal_self(int flag);
361 
362 typedef enum {
371 /*
372  * Function prototypes.
373  */
374 
375 /* acct.c */
376 int rad_accounting(REQUEST *);
377 
378 int rad_coa_recv(REQUEST *request);
379 
380 /* session.c */
381 int rad_check_ts(uint32_t nasaddr, uint32_t nas_port, char const *user, char const *sessionid);
382 int session_zap(REQUEST *request, uint32_t nasaddr,
383  uint32_t nas_port, char const *user,
384  char const *sessionid, uint32_t cliaddr,
385  char proto, int session_time);
386 
387 /* radiusd.c */
388 #undef debug_pair
389 void debug_pair(VALUE_PAIR *);
390 void rdebug_pair(log_lvl_t level, REQUEST *, VALUE_PAIR *, char const *);
391 void rdebug_pair_list(log_lvl_t level, REQUEST *, VALUE_PAIR *, char const *);
392 void rdebug_proto_pair_list(log_lvl_t level, REQUEST *, VALUE_PAIR *, char const *);
393 int log_err (char *);
394 
395 /* util.c */
396 #define MEM(x) if (!(x)) { ERROR("%s[%u] OUT OF MEMORY", __FILE__, __LINE__); _fr_exit_now(__FILE__, __LINE__, 1); }
397 void (*reset_signal(int signo, void (*func)(int)))(int);
398 int rad_mkdir(char *directory, mode_t mode, uid_t uid, gid_t gid);
399 size_t rad_filename_make_safe(UNUSED REQUEST *request, char *out, size_t outlen,
400  char const *in, UNUSED void *arg);
401 size_t rad_filename_escape(UNUSED REQUEST *request, char *out, size_t outlen,
402  char const *in, UNUSED void *arg);
403 ssize_t rad_filename_unescape(char *out, size_t outlen, char const *in, size_t inlen);
404 void *rad_malloc(size_t size); /* calls exit(1) on error! */
405 void rad_const_free(void const *ptr);
406 char *rad_ajoin(TALLOC_CTX *ctx, char const **argv, int argc, char c);
407 REQUEST *request_alloc(TALLOC_CTX *ctx);
408 REQUEST *request_alloc_fake(REQUEST *oldreq);
409 REQUEST *request_alloc_coa(REQUEST *request);
410 int request_data_add(REQUEST *request, void *unique_ptr, int unique_int, void *opaque,
411  bool free_on_replace, bool free_on_parent, bool persist);
412 void *request_data_get(REQUEST *request, void *unique_ptr, int unique_int);
413 void *request_data_reference(REQUEST *request, void *unique_ptr, int unique_int);
414 
415 int request_data_by_persistance(request_data_t **out, REQUEST *request, bool persist);
416 void request_data_restore(REQUEST *request, request_data_t *entry);
417 
418 #ifdef WITH_VERIFY_PTR
419 bool request_data_verify_parent(TALLOC_CTX *parent, request_data_t *entry);
420 #endif
421 
422 int rad_copy_string(char *dst, char const *src);
423 int rad_copy_string_bare(char *dst, char const *src);
424 int rad_copy_variable(char *dst, char const *from);
425 uint32_t rad_pps(uint32_t *past, uint32_t *present, time_t *then, struct timeval *now);
426 int rad_expand_xlat(REQUEST *request, char const *cmd,
427  int max_argc, char const *argv[], bool can_fail,
428  size_t argv_buflen, char *argv_buf);
429 
430 char const *rad_default_log_dir(void);
431 char const *rad_default_lib_dir(void);
432 char const *rad_default_raddb_dir(void);
433 char const *rad_default_run_dir(void);
434 char const *rad_default_sbin_dir(void);
435 char const *rad_radacct_dir(void);
436 
437 void verify_request(char const *file, int line, REQUEST *request); /* only for special debug builds */
438 void rad_mode_to_str(char out[10], mode_t mode);
439 void rad_mode_to_oct(char out[5], mode_t mode);
440 int rad_getpwuid(TALLOC_CTX *ctx, struct passwd **out, uid_t uid);
441 int rad_getpwnam(TALLOC_CTX *ctx, struct passwd **out, char const *name);
442 int rad_getgrgid(TALLOC_CTX *ctx, struct group **out, gid_t gid);
443 int rad_getgrnam(TALLOC_CTX *ctx, struct group **out, char const *name);
444 int rad_getgid(TALLOC_CTX *ctx, gid_t *out, char const *name);
445 char *rad_asprint_uid(TALLOC_CTX *ctx, uid_t uid);
446 char *rad_asprint_gid(TALLOC_CTX *ctx, gid_t gid);
447 void rad_file_error(int num);
448 int rad_seuid(uid_t uid);
449 int rad_segid(gid_t gid);
450 
451 void rad_suid_set_down_uid(uid_t uid);
452 void rad_suid_down(void);
453 void rad_suid_up(void);
454 void rad_suid_down_permanent(void);
455 /* regex.c */
456 
457 #ifdef HAVE_REGEX
458 /*
459  * Increasing this is essentially free
460  * It just increases memory usage. 12-16 bytes for each additional subcapture.
461  */
462 # define REQUEST_MAX_REGEX 32
463 
464 void regex_sub_to_request(REQUEST *request, regex_t **preg, char const *value,
465  size_t len, regmatch_t rxmatch[], size_t nmatch);
466 
467 int regex_request_to_sub(TALLOC_CTX *ctx, char **out, REQUEST *request, uint32_t num);
468 
469 /*
470  * Named capture groups only supported by PCRE.
471  */
472 # ifdef HAVE_PCRE
473 int regex_request_to_sub_named(TALLOC_CTX *ctx, char **out, REQUEST *request, char const *name);
474 # endif
475 #endif
476 
477 /* files.c */
478 int pairlist_read(TALLOC_CTX *ctx, char const *file, PAIR_LIST **list, int complain);
479 void pairlist_free(PAIR_LIST **);
480 
481 /* version.c */
482 int rad_check_lib_magic(uint64_t magic);
483 int ssl_check_consistency(void);
484 char const *ssl_version_by_num(uint32_t version);
485 char const *ssl_version_num(void);
486 char const *ssl_version_range(uint32_t low, uint32_t high);
487 char const *ssl_version(void);
488 int version_add_feature(CONF_SECTION *cs, char const *name, bool enabled);
489 int version_add_number(CONF_SECTION *cs, char const *name, char const *version);
492 void version_print(void);
493 
494 /* auth.c */
495 char *auth_name(char *buf, size_t buflen, REQUEST *request, bool do_cli);
496 int rad_authenticate (REQUEST *);
497 int rad_postauth(REQUEST *);
498 int rad_virtual_server(REQUEST *);
499 
500 /* exec.c */
501 pid_t radius_start_program(char const *cmd, REQUEST *request, bool exec_wait,
502  int *input_fd, int *output_fd,
503  VALUE_PAIR *input_pairs, bool shell_escape);
504 int radius_readfrom_program(int fd, pid_t pid, int timeout,
505  char *answer, int left);
506 int radius_exec_program(TALLOC_CTX *ctx, char *out, size_t outlen, VALUE_PAIR **output_pairs,
507  REQUEST *request, char const *cmd, VALUE_PAIR *input_pairs,
508  bool exec_wait, bool shell_escape, int timeout) CC_HINT(nonnull (5, 6));
510 void exec_trigger(REQUEST *request, CONF_SECTION *cs, char const *name, bool quench) CC_HINT(nonnull (3));
511 
512 /* valuepair.c */
513 int paircompare_register_byname(char const *name, fr_dict_attr_t const *from,
514  bool first_only, RAD_COMPARE_FUNC func, void *instance);
515 int paircompare_register(fr_dict_attr_t const *attribute, fr_dict_attr_t const *from,
516  bool first_only, RAD_COMPARE_FUNC func, void *instance);
518 void paircompare_unregister_instance(void *instance);
519 int paircompare(REQUEST *request, VALUE_PAIR *req_list,
520  VALUE_PAIR *check, VALUE_PAIR **rep_list);
521 vp_tmpl_t *xlat_to_tmpl_attr(TALLOC_CTX *ctx, xlat_exp_t *xlat);
522 xlat_exp_t *xlat_from_tmpl_attr(TALLOC_CTX *ctx, vp_tmpl_t *vpt);
523 int radius_xlat_do(REQUEST *request, VALUE_PAIR *vp);
524 int radius_compare_vps(REQUEST *request, VALUE_PAIR *check, VALUE_PAIR *vp);
525 int radius_callback_compare(REQUEST *request, VALUE_PAIR *req,
526  VALUE_PAIR *check, VALUE_PAIR *check_pairs,
527  VALUE_PAIR **reply_pairs);
528 int radius_find_compare(fr_dict_attr_t const *attribute);
529 VALUE_PAIR *radius_pair_create(TALLOC_CTX *ctx, VALUE_PAIR **vps, unsigned int attribute, unsigned int vendor);
530 
531 void module_failure_msg(REQUEST *request, char const *fmt, ...) CC_HINT(format (printf, 2, 3));
532 void vmodule_failure_msg(REQUEST *request, char const *fmt, va_list ap) CC_HINT(format (printf, 2, 0));
533 
534 int radius_get_vp(VALUE_PAIR **out, REQUEST *request, char const *name);
535 int radius_copy_vp(TALLOC_CTX *ctx, VALUE_PAIR **out, REQUEST *request, char const *name);
536 
537 
538 /*
539  * Less code == fewer bugs
540  *
541  * @param _a attribute
542  * @param _b value
543  * @param _c op
544  */
545 #define pair_make_request(_a, _b, _c) fr_pair_make(request->packet, &request->packet->vps, _a, _b, _c)
546 #define pair_make_reply(_a, _b, _c) fr_pair_make(request->reply, &request->reply->vps, _a, _b, _c)
547 #define pair_make_config(_a, _b, _c) fr_pair_make(request, &request->config, _a, _b, _c)
548 
549 /* threads.c */
551 int thread_pool_init(void);
552 void thread_pool_stop(void);
554 pid_t rad_fork(void);
555 pid_t rad_waitpid(pid_t pid, int *status);
556 int total_active_threads(void);
557 void thread_pool_lock(void);
558 void thread_pool_unlock(void);
559 void thread_pool_queue_stats(int array[RAD_LISTEN_MAX], int pps[2]);
560 uint32_t thread_pool_max_threads(void);
561 
562 #ifndef HAVE_PTHREAD_H
563 # define rad_fork(n) fork()
564 # define rad_waitpid(a,b) waitpid(a,b, 0)
565 #endif
566 
567 /* main_config.c */
568 /* Define a global config structure */
569 extern bool log_dates_utc;
571 extern bool event_loop_started;
572 
573 void set_radius_dir(TALLOC_CTX *ctx, char const *path);
574 char const *get_radius_dir(void);
575 int main_config_init(void);
576 int main_config_free(void);
577 void main_config_hup(void);
578 void hup_logfile(void);
579 
580 #ifdef WITH_STATS
581 RADCLIENT_LIST *listener_find_client_list(fr_ipaddr_t const *ipaddr, uint16_t port, int proto);
582 #endif
583 rad_listen_t *listener_find_byipaddr(fr_ipaddr_t const *ipaddr, uint16_t port, int proto);
584 int rad_status_server(REQUEST *request);
585 
586 /* event.c */
587 typedef enum event_corral_t {
588  EVENT_CORRAL_MAIN = 0, //!< Always main thread event list
589  EVENT_CORRAL_AUX //!< Maybe main thread or one shared by modules
591 
593 int radius_event_init(TALLOC_CTX *ctx);
594 int radius_event_start(bool spawn_flag);
595 void radius_event_free(void);
596 int radius_event_process(void);
597 void radius_update_listener(rad_listen_t *listener);
598 void revive_home_server(void *ctx, struct timeval *now);
599 void mark_home_server_dead(home_server_t *home, struct timeval *when);
600 
601 /* evaluate.c */
602 typedef struct fr_cond_t fr_cond_t;
603 int radius_evaluate_tmpl(REQUEST *request, int modreturn, int depth,
604  vp_tmpl_t const *vpt);
605 int radius_evaluate_map(REQUEST *request, int modreturn, int depth,
606  fr_cond_t const *c);
607 int radius_evaluate_cond(REQUEST *request, int modreturn, int depth,
608  fr_cond_t const *c);
609 void radius_pairmove(REQUEST *request, VALUE_PAIR **to, VALUE_PAIR *from, bool do_xlat) CC_HINT(nonnull);
610 
611 #ifdef WITH_TLS
612 /*
613  * For run-time patching of which function handles which socket.
614  */
615 int dual_tls_recv(rad_listen_t *listener);
616 int dual_tls_send(rad_listen_t *listener, REQUEST *request);
617 int proxy_tls_recv(rad_listen_t *listener);
618 int proxy_tls_send(rad_listen_t *listener, REQUEST *request);
619 #endif
620 
621 /*
622  * For radmin over TCP.
623  */
624 #define PW_RADMIN_PORT 18120
625 
626 #ifdef __cplusplus
627 }
628 #endif
629 
630 #endif /* _FR_RADIUSD_H */
void rad_suid_down(void)
Definition: util.c:1474
struct timeval reject_delay
How long to wait before sending an Access-Reject.
Definition: radiusd.h:128
fr_state_action_t timer_action
What action to perform when the timer event fires.
Definition: radiusd.h:247
fr_state_action_t
Definition: process.h:37
int rad_seuid(uid_t uid)
Alter the effective user id.
Definition: util.c:1491
bool in_request_hash
Definition: radiusd.h:278
RAD_LISTEN_TYPE priority
Definition: radiusd.h:276
void radius_pairmove(REQUEST *request, VALUE_PAIR **to, VALUE_PAIR *from, bool do_xlat) CC_HINT(nonnull)
Definition: evaluate.c:774
#define RCSIDH(h, id)
Definition: build.h:136
struct timeval response_delay
How long to wait before sending Access-Rejects.
Definition: radiusd.h:246
int radius_exec_program(TALLOC_CTX *ctx, char *out, size_t outlen, VALUE_PAIR **output_pairs, REQUEST *request, char const *cmd, VALUE_PAIR *input_pairs, bool exec_wait, bool shell_escape, int timeout) CC_HINT(nonnull(5
We weren't told to respond, so we reject.
Definition: radiusd.h:340
int paircompare_register(fr_dict_attr_t const *attribute, fr_dict_attr_t const *from, bool first_only, RAD_COMPARE_FUNC func, void *instance)
Register a function as compare function.
Definition: pair.c:395
rad_master_state_t master_state
Set by the master thread to signal the child that's currently working with the request, to do something.
Definition: radiusd.h:259
VALUE_PAIR * config
VALUE_PAIR (s) used to set per request parameters for modules and the server core at runtime...
Definition: radiusd.h:227
Rad_decode didn't like it.
Definition: radiusd.h:337
int ssl_check_consistency(void)
Definition: version.c:184
bool proxy_requests
Toggle to enable/disable proxying globally.
Definition: radiusd.h:126
int session_zap(REQUEST *request, uint32_t nasaddr, uint32_t nas_port, char const *user, char const *sessionid, uint32_t cliaddr, char proto, int session_time)
Definition: session.c:37
void(* radlog_func_t)(log_type_t lvl, log_lvl_t priority, REQUEST *, char const *, va_list ap)
Definition: log.h:83
Main server configuration.
Definition: radiusd.h:108
RADIUS_PACKET * proxy_reply
Incoming response from proxy server.
Definition: radiusd.h:238
struct rad_request::@7 log
void rdebug_pair(log_lvl_t level, REQUEST *, VALUE_PAIR *, char const *)
Print a single valuepair to stderr or error log.
Definition: pair.c:739
request_fail
Definition: radiusd.h:334
The module is OK, continue.
Definition: radiusd.h:91
void rad_suid_down_permanent(void)
Definition: util.c:1478
void exec_trigger(REQUEST *request, CONF_SECTION *cs, char const *name, bool quench) CC_HINT(nonnull(3))
Execute a trigger - call an executable to process an event.
Definition: exec.c:686
void mark_home_server_dead(home_server_t *home, struct timeval *when)
Definition: process.c:3652
Dictionary attribute.
Definition: dict.h:77
RAD_LISTEN_TYPE
Definition: listen.h:38
uint32_t debug_level
Definition: radiusd.h:138
char const * ssl_version_num(void)
Definition: version.c:188
int rad_accounting(REQUEST *)
Definition: acct.c:38
int main_config_init(void)
Definition: mainconfig.c:731
void version_print(void)
Definition: version.c:512
void * rad_malloc(size_t size)
Definition: util.c:411
int rad_postauth(REQUEST *)
Definition: auth.c:287
int request_data_by_persistance(request_data_t **out, REQUEST *request, bool persist)
Loop over all the request data, pulling out ones matching persist state.
Definition: request.c:413
int void exec_trigger_set_conf(CONF_SECTION *cs)
Set the global trigger section exec_trigger will search in.
Definition: exec.c:670
bool write_pid
write the PID file
Definition: radiusd.h:167
uint32_t thread_pool_max_threads(void)
rlm_rcode_t rcode
Last rcode returned by a module.
Definition: radiusd.h:252
The server took too long to process the request.
Definition: radiusd.h:345
int rad_segid(gid_t gid)
Alter the effective user id.
Definition: util.c:1512
static char const * name
uint32_t talloc_pool_size
Size of pool to allocate to hold each REQUEST.
Definition: radiusd.h:155
char const * auth_badpass_msg
Additional text to append to successful auth messages.
Definition: radiusd.h:115
fr_event_t * ev
Event in event loop tied to this request.
Definition: radiusd.h:248
int paircompare(REQUEST *request, VALUE_PAIR *req_list, VALUE_PAIR *check, VALUE_PAIR **rep_list)
Compare two pair lists except for the password information.
Definition: pair.c:479
VALUE_PAIR * radius_pair_create(TALLOC_CTX *ctx, VALUE_PAIR **vps, unsigned int attribute, unsigned int vendor)
Create a VALUE_PAIR and add it to a list of VALUE_PAIR s.
Definition: pair.c:704
int radius_copy_vp(TALLOC_CTX *ctx, VALUE_PAIR **out, REQUEST *request, char const *name)
Copy VP(s) from the specified request.
Definition: pair.c:842
int total_active_threads(void)
#define CC_HINT(_x)
Definition: build.h:71
bool daemonize
Should the server daemonize on startup.
Definition: radiusd.h:121
VALUE_PAIR * username
Cached username VALUE_PAIR from request RADIUS_PACKET.
Definition: radiusd.h:222
int radius_event_start(bool spawn_flag)
Definition: process.c:5317
char * auth_name(char *buf, size_t buflen, REQUEST *request, bool do_cli)
Definition: auth.c:37
size_t rad_filename_escape(UNUSED REQUEST *request, char *out, size_t outlen, char const *in, UNUSED void *arg)
Escapes the raw string such that it should be safe to use as part of a file path. ...
Definition: util.c:269
#define UNUSED
Definition: libradius.h:134
char const * radlog_dir
Definition: radiusd.c:59
fr_event_list_t * radius_event_list_corral(event_corral_t hint)
Error resolving rcode (should not be returned by modules).
Definition: radiusd.h:99
void * request_data_reference(REQUEST *request, void *unique_ptr, int unique_int)
Get opaque data from a request without removing it.
Definition: request.c:484
void pairlist_free(PAIR_LIST **)
Definition: files.c:65
fr_dict_t * dict
Main dictionary.
Definition: radiusd.h:177
int rad_getgrgid(TALLOC_CTX *ctx, struct group **out, gid_t gid)
Resolve a gid to a group database entry.
Definition: util.c:1118
Call to proxy modules failed.
Definition: radiusd.h:338
int main_config_free(void)
Definition: mainconfig.c:1055
void rad_file_error(int num)
Write a file access error to the fr_strerror buffer, including euid/egid.
Definition: util.c:1306
char const * ssl_version_by_num(uint32_t version)
int simul_max
Maximum number of concurrent sessions for this user.
Definition: radiusd.h:270
VALUE_PAIR * password
Cached password VALUE_PAIR from request RADIUS_PACKET.
Definition: radiusd.h:223
rad_listen_t * listener
The listener that received the request.
Definition: radiusd.h:218
REQUEST * request_alloc_coa(REQUEST *request)
Definition: request.c:208
char const * pid_file
Path to write out PID file.
Definition: radiusd.h:123
#define rad_waitpid(a, b)
Definition: radiusd.h:564
static float timeout
Definition: radclient.c:43
uint32_t num_proxied_responses
Definition: radiusd.h:286
xlat_exp_t * xlat_from_tmpl_attr(TALLOC_CTX *ctx, vp_tmpl_t *vpt)
Try to convert attr tmpl to an xlat for &attr[*] and artificially constructing expansions.
Definition: xlat.c:2626
void rad_mode_to_str(char out[10], mode_t mode)
Convert mode_t into humanly readable permissions flags.
Definition: util.c:949
The module considers the request invalid.
Definition: radiusd.h:93
char const * name
Name of the daemon, usually 'radiusd'.
Definition: radiusd.h:109
unsigned int number
Monotonically increasing request number. Reset on server restart.
Definition: radiusd.h:213
ssize_t rad_filename_unescape(char *out, size_t outlen, char const *in, size_t inlen)
Converts data stored in a file name back to its original form.
Definition: util.c:354
int rad_mkdir(char *directory, mode_t mode, uid_t uid, gid_t gid)
Create possibly many directories.
Definition: util.c:90
void version_init_features(CONF_SECTION *cs)
Initialise core feature flags.
Definition: version.c:313
char const * log_file
Definition: radiusd.h:139
fr_request_process_t process
The function to call to move the request through the state machine.
Definition: radiusd.h:244
rad_listen_t * listener_find_byipaddr(fr_ipaddr_t const *ipaddr, uint16_t port, int proto)
Find a listener associated with an IP address/port/transport proto.
Definition: listen.c:3302
int radius_find_compare(fr_dict_attr_t const *attribute)
Find a comparison function for two attributes.
Definition: pair.c:303
void set_radius_dir(TALLOC_CTX *ctx, char const *path)
Set the global radius config directory.
Definition: mainconfig.c:705
REQUEST * request_alloc_fake(REQUEST *oldreq)
Definition: request.c:124
bool log_stripped_names
Definition: radiusd.c:61
char const * radiusd_version
Definition: radiusd.c:63
uint32_t num_coa_requests
Counter for number of requests sent including.
Definition: radiusd.h:308
#define rad_fork(n)
Definition: radiusd.h:563
const FR_NAME_NUMBER modreturn_table[]
Definition: evaluate.c:40
int rad_getpwuid(TALLOC_CTX *ctx, struct passwd **out, uid_t uid)
Resolve a uid to a passwd entry.
Definition: util.c:984
static char const * proto
Definition: radclient.c:63
uint32_t magic
Magic number used to detect memory corruption, or request structs that have not been properly initial...
Definition: radiusd.h:210
unsigned int version
Definition: proto_bfd.c:192
struct timeval proxy_retransmit
Definition: radiusd.h:282
RADIUS_PACKET * proxy
Outgoing request to proxy server.
Definition: radiusd.h:237
main_config_t * root
Pointer to the main config hack to try and deal with hup.
Definition: radiusd.h:267
int rad_getgid(TALLOC_CTX *ctx, gid_t *out, char const *name)
Resolve a group name to a GID.
Definition: util.c:1248
uint32_t continuation_timeout
How long to wait before cleaning up state entries.
Definition: radiusd.h:135
Vendors and attribute names.
Definition: dict.c:61
Reject the request (user is locked out).
Definition: radiusd.h:94
vp_tmpl_t * xlat_to_tmpl_attr(TALLOC_CTX *ctx, xlat_exp_t *xlat)
Try to convert an xlat to a tmpl for efficiency.
Definition: xlat.c:2597
Definition: xlat.c:60
char * rad_ajoin(TALLOC_CTX *ctx, char const **argv, int argc, char c)
talloc a buffer to hold the concatenated value of all elements of argv
Definition: util.c:441
rad_child_state_t
Definition: radiusd.h:198
home_pool_t * home_pool
For dynamic failover.
Definition: radiusd.h:241
int rad_coa_recv(REQUEST *request)
Definition: listen.c:2045
char const * ssl_version_range(uint32_t low, uint32_t high)
int simul_count
The current number of sessions for this user.
Definition: radiusd.h:272
void(*)(int) reset_signal(int signo, void(*func)(int))
Definition: radiusd.h:397
int(* RAD_REQUEST_FUNP)(REQUEST *)
Definition: process.h:51
No threads to handle it.
Definition: radiusd.h:336
rlm_rcodes
Return codes indicating the result of the module call.
Definition: radiusd.h:88
bool debug_memory
Cleanup the server properly on exit, freeing up any memory we allocated.
Definition: radiusd.h:156
uint32_t max_request_time
How long a request can be processed for before timing out.
Definition: radiusd.h:132
char const * radacct_dir
Definition: radiusd.c:58
char const * component
Section the request is in.
Definition: radiusd.h:254
int radius_evaluate_tmpl(REQUEST *request, int modreturn, int depth, vp_tmpl_t const *vpt)
int rad_authenticate(REQUEST *)
Definition: auth.c:348
void main_config_hup(void)
Definition: mainconfig.c:1134
uint32_t max_requests
Definition: radiusd.h:136
uint32_t num_proxied_requests
How many times this request was proxied.
Definition: radiusd.h:284
uint32_t cleanup_delay
How long before cleaning up cached responses.
Definition: radiusd.h:134
Proxy_send didn't like it.
Definition: radiusd.h:339
int version_add_number(CONF_SECTION *cs, char const *name, char const *version)
Add a library/server version pair to the main configuration.
Definition: version.c:284
REQUEST * coa
CoA request originated by this request.
Definition: radiusd.h:307
enum request_fail request_fail_t
Immediately reject the request.
Definition: radiusd.h:89
int syslog_facility
Definition: radiusd.h:140
int radius_callback_compare(REQUEST *request, VALUE_PAIR *req, VALUE_PAIR *check, VALUE_PAIR *check_pairs, VALUE_PAIR **reply_pairs)
Compare check and vp.
Definition: pair.c:265
TALLOC_CTX * state_ctx
for request->state
Definition: radiusd.h:230
void thread_pool_stop(void)
Per-request opaque data, added by modules.
Definition: request.c:33
char * rad_asprint_uid(TALLOC_CTX *ctx, uid_t uid)
Print uid to a string.
Definition: util.c:1269
void * request_data_get(REQUEST *request, void *unique_ptr, int unique_int)
Get opaque data from a request.
Definition: request.c:374
Authentication failure.
Definition: radiusd.h:344
void void int radius_get_vp(VALUE_PAIR **out, REQUEST *request, char const *name)
Return a VP from the specified request.
Definition: pair.c:815
char const * rad_default_raddb_dir(void)
Return the default raddb dir.
Definition: util.c:833
Definition: log.h:68
REQUEST * parent
Definition: radiusd.h:290
radius_signal_t
Definition: radiusd.h:362
int radius_evaluate_map(REQUEST *request, int modreturn, int depth, fr_cond_t const *c)
Stores an attribute, a value and various bits of other data.
Definition: pair.h:112
void rad_const_free(void const *ptr)
Definition: util.c:424
char const * rad_default_lib_dir(void)
Return the default lib dir.
Definition: util.c:823
int rad_getpwnam(TALLOC_CTX *ctx, struct passwd **out, char const *name)
Resolve a username to a passwd entry.
Definition: util.c:1051
request_data_t * data
Request metadata.
Definition: radiusd.h:216
bool log_auth_goodpass
Log failed authentications.
Definition: radiusd.h:114
RADIUS_PACKET * reply
Outgoing response.
Definition: radiusd.h:225
void thread_pool_unlock(void)
int rad_check_ts(uint32_t nasaddr, uint32_t nas_port, char const *user, char const *sessionid)
Definition: session.c:126
size_t rad_filename_make_safe(UNUSED REQUEST *request, char *out, size_t outlen, char const *in, UNUSED void *arg)
Ensures that a filename cannot walk up the directory structure.
Definition: util.c:175
Another case of the above.
Definition: radiusd.h:343
void rad_suid_up(void)
Definition: util.c:1471
bool log_auth
Log authentication attempts.
Definition: radiusd.h:112
bool memory_report
Print a memory report on what's left unfreed.
Definition: radiusd.h:158
void void vmodule_failure_msg(REQUEST *request, char const *fmt, va_list ap) CC_HINT(format(printf
int radius_event_init(TALLOC_CTX *ctx)
Definition: process.c:5197
enum rlm_rcodes rlm_rcode_t
Return codes indicating the result of the module call.
int radius_xlat_do(REQUEST *request, VALUE_PAIR *vp)
Expands an attribute marked with fr_pair_mark_xlat.
Definition: pair.c:655
uint32_t state_seed
magic for proxying
Definition: radiusd.h:165
void version_init_numbers(CONF_SECTION *cs)
Initialise core version flags.
Definition: version.c:491
char const * radlib_dir
Path to search for modules in.
Definition: modules.c:36
void rdebug_pair_list(log_lvl_t level, REQUEST *, VALUE_PAIR *, char const *)
Print a list of VALUE_PAIRs.
Definition: pair.c:757
void paircompare_unregister(fr_dict_attr_t const *attr, RAD_COMPARE_FUNC func)
Unregister comparison function for an attribute.
Definition: pair.c:422
char const * rad_default_run_dir(void)
Return the default run dir.
Definition: util.c:843
Always main thread event list.
Definition: radiusd.h:588
Module succeeded without doing anything.
Definition: radiusd.h:96
void(* fr_request_process_t)(REQUEST *, int)
Definition: process.h:52
Describes a host allowed to send packets to the server.
Definition: clients.h:35
char const * checkrad
Script to use to determine if a user is already connected.
Definition: radiusd.h:144
int thread_pool_addrequest(REQUEST *, RAD_REQUEST_FUNP)
void rdebug_proto_pair_list(log_lvl_t level, REQUEST *, VALUE_PAIR *, char const *)
Print a list of protocol VALUE_PAIRs.
Definition: pair.c:784
int radius_readfrom_program(int fd, pid_t pid, int timeout, char *answer, int left)
Read from the child process.
Definition: exec.c:386
static bool spawn_workers
Definition: process.c:50
char const * ssl_version(void)
Definition: version.c:193
rad_listen_t * proxy_listener
Listener for outgoing requests.
Definition: radiusd.h:236
bool allow_core_dumps
Whether the server is allowed to drop a core when receiving a fatal signal.
Definition: radiusd.h:162
Module failed, don't reply.
Definition: radiusd.h:90
void paircompare_unregister_instance(void *instance)
Unregister comparison function for a module.
Definition: pair.c:451
bool event_loop_started
Whether the main event loop has been started yet.
Definition: mainconfig.c:50
CONF_SECTION * config
Root of the server config.
Definition: radiusd.h:110
enum log_lvl log_lvl_t
struct timeval timestamp
When we started processing the request.
Definition: radiusd.h:214
int rad_getgrnam(TALLOC_CTX *ctx, struct group **out, char const *name)
Resolve a group name to a group database entry.
Definition: util.c:1185
void thread_pool_queue_stats(int array[RAD_LISTEN_MAX], int pps[2])
void request_data_restore(REQUEST *request, request_data_t *entry)
Add request data back to a request.
Definition: request.c:453
log_lvl_t rad_debug_lvl
Global debugging level.
Definition: log.c:49
int paircompare_register_byname(char const *name, fr_dict_attr_t const *from, bool first_only, RAD_COMPARE_FUNC func, void *instance)
Register a function as compare function.
Definition: pair.c:351
VALUE_PAIR * state
VALUE_PAIR (s) available over the lifetime of the authentication attempt.
Definition: radiusd.h:231
pid_t radius_start_program(char const *cmd, REQUEST *request, bool exec_wait, int *input_fd, int *output_fd, VALUE_PAIR *input_pairs, bool shell_escape)
Start a process.
Definition: exec.c:87
void radius_signal_self(int flag)
Definition: process.c:5132
void module_failure_msg(REQUEST *request, char const *fmt,...) CC_HINT(format(printf
int log_err(char *)
int thread_pool_bootstrap(CONF_SECTION *cs, bool *spawn_workers)
bool log_dates_utc
Definition: log.c:214
RADIUS_PACKET * packet
Incoming request.
Definition: radiusd.h:221
int request_data_add(REQUEST *request, void *unique_ptr, int unique_int, void *opaque, bool free_on_replace, bool free_on_parent, bool persist)
Add opaque data to a REQUEST.
Definition: request.c:279
int heap_id
entry in the queue / heap of incoming packets
Definition: radiusd.h:257
char const * dictionary_dir
Where to load dictionaries from.
Definition: radiusd.h:142
char * rad_asprint_gid(TALLOC_CTX *ctx, gid_t gid)
struct timeval init_delay
Initial request processing delay.
Definition: radiusd.h:153
main_config_t main_config
Main server configuration.
Definition: mainconfig.c:43
int delay
incrementing delay for various timers
Definition: radiusd.h:256
rad_listen_t * listen
Head of a linked list of listeners.
Definition: radiusd.h:147
rad_master_state_t
Definition: radiusd.h:191
home_server_t * home_server
Definition: radiusd.h:240
int(* RAD_COMPARE_FUNC)(void *instance, REQUEST *, VALUE_PAIR *, VALUE_PAIR *, VALUE_PAIR *, VALUE_PAIR **)
Definition: radiusd.h:332
char const * panic_action
Command to execute if the server receives a fatal signal.
Definition: radiusd.h:150
int rad_expand_xlat(REQUEST *request, char const *cmd, int max_argc, char const *argv[], bool can_fail, size_t argv_buflen, char *argv_buf)
Split string into words and expand each one.
Definition: util.c:658
void rad_suid_set_down_uid(uid_t uid)
Definition: util.c:1468
RAD_REQUEST_FUNP handle
The function to call to move the request through the various server configuration sections...
Definition: radiusd.h:250
bool status_server
Whether to respond to status-server messages.
Definition: radiusd.h:129
bool log_auth_badpass
Log successful authentications.
Definition: radiusd.h:113
IPv4/6 prefix.
Definition: inet.h:41
The home server didn't respond.
Definition: radiusd.h:341
int rad_copy_string_bare(char *dst, char const *src)
Definition: util.c:519
void rad_mode_to_oct(char out[5], mode_t mode)
Definition: util.c:962
int radius_evaluate_cond(REQUEST *request, int modreturn, int depth, fr_cond_t const *c)
Evaluate a fr_cond_t;.
Definition: evaluate.c:701
Maybe main thread or one shared by modules.
Definition: radiusd.h:589
void radius_event_free(void)
Definition: process.c:5524
How many valid return codes there are.
Definition: radiusd.h:98
bool spawn_workers
Should the server spawn threads.
Definition: radiusd.h:122
void verify_request(char const *file, int line, REQUEST *request)
Definition: util.c:905
int rad_status_server(REQUEST *request)
Definition: listen.c:596
RADCLIENT * client
The client that originally sent us the request.
Definition: radiusd.h:219
User not found.
Definition: radiusd.h:95
char const * get_radius_dir(void)
Get the global radius config directory.
Definition: mainconfig.c:721
char const * radiusd_version_short
Definition: version.c:31
char const * rad_default_log_dir(void)
Return the default log dir.
Definition: util.c:813
int rad_virtual_server(REQUEST *)
Definition: auth.c:659
void radius_update_listener(rad_listen_t *listener)
Definition: process.c:336
void thread_pool_lock(void)
OK (pairs modified).
Definition: radiusd.h:97
void debug_pair(VALUE_PAIR *)
Print a single valuepair to stderr or error log.
Definition: pair.c:725
int version_add_feature(CONF_SECTION *cs, char const *name, bool enabled)
Add a feature flag to the main configuration.
Definition: version.c:249
char const * rad_radacct_dir(void)
Return the default radacct dir.
Definition: util.c:863
The module handled the request, so stop.
Definition: radiusd.h:92
int radius_compare_vps(REQUEST *request, VALUE_PAIR *check, VALUE_PAIR *vp)
RADCLIENT_LIST * listener_find_client_list(fr_ipaddr_t const *ipaddr, uint16_t port, int proto)
Find client list associated with a listener.
Definition: listen.c:3264
char const * module
Module the request is currently being processed by.
Definition: radiusd.h:253
void revive_home_server(void *ctx, struct timeval *now)
int pairlist_read(TALLOC_CTX *ctx, char const *file, PAIR_LIST **list, int complain)
Definition: files.c:80
char const * auth_goodpass_msg
Additional text to append to failed auth messages.
Definition: radiusd.h:116
rad_child_state_t child_state
Definition: radiusd.h:261
uint32_t rad_pps(uint32_t *past, uint32_t *present, time_t *then, struct timeval *now)
Definition: util.c:608
A source or sink of value data.
Definition: tmpl.h:187
Another case of the above.
Definition: radiusd.h:342
uint32_t options
mainly for proxying EAP-MSCHAPv2.
Definition: radiusd.h:304
int thread_pool_init(void)
int radius_event_process(void)
Definition: process.c:5581
struct main_config main_config_t
Main server configuration.
bool in_proxy_hash
Definition: radiusd.h:280
int rad_copy_variable(char *dst, char const *from)
Definition: util.c:545
int simul_mpp
WEIRD: 1 is false, 2 is true.
Definition: radiusd.h:273
REQUEST * request_alloc(TALLOC_CTX *ctx)
Create a new REQUEST data structure.
Definition: request.c:85
char const * server
Definition: radiusd.h:289
char const * rad_default_sbin_dir(void)
Return the default sbin dir.
Definition: util.c:853
int rad_copy_string(char *dst, char const *src)
Definition: util.c:491
int rad_check_lib_magic(uint64_t magic)
Check if the application linking to the library has the correct magic number.
Definition: version.c:208
char const * denied_msg
Additional text to append if the user is already logged in (simultaneous use check failed)...
Definition: radiusd.h:118
void hup_logfile(void)
Definition: mainconfig.c:1074
event_corral_t
Definition: radiusd.h:587