API to add client definitions to the server, both on startup and at runtime.
More...
#include <freeradius-devel/server/cf_util.h>
#include <freeradius-devel/util/time.h>
#include <freeradius-devel/server/request.h>
#include <freeradius-devel/server/socket.h>
#include <freeradius-devel/server/stats.h>
#include <freeradius-devel/util/inet.h>
#include <freeradius-devel/radius/radius.h>
Go to the source code of this file.
|
| bool | client_add (fr_client_list_t *clients, fr_client_t *client) |
| | Add a client to a fr_client_list_t. More...
|
| |
| fr_client_t * | client_afrom_cs (TALLOC_CTX *ctx, CONF_SECTION *cs, CONF_SECTION *server_cs, size_t extra) |
| | Allocate a new client from a config section. More...
|
| |
| fr_client_t * | client_afrom_request (TALLOC_CTX *ctx, request_t *request) |
| | Create a new client, consuming all attributes in the control list of the request. More...
|
| |
| void | client_delete (fr_client_list_t *clients, fr_client_t *client) |
| |
| fr_client_t * | client_find (fr_client_list_t const *clients, fr_ipaddr_t const *ipaddr, int proto) |
| |
| fr_client_t * | client_findbynumber (fr_client_list_t const *clients, int number) |
| |
| void | client_free (fr_client_t *client) |
| | Free a client. More...
|
| |
| fr_client_t * | client_from_request (request_t *request) |
| | Search up a list of requests trying to locate one which has a client. More...
|
| |
| void | client_list_free (void) |
| |
| fr_client_list_t * | client_list_init (CONF_SECTION *cs) |
| | Return a new client list. More...
|
| |
| fr_client_list_t * | client_list_parse_section (CONF_SECTION *section, int proto, bool tls_required) |
| |
| int | client_map_section (CONF_SECTION *out, CONF_SECTION const *map, client_value_cb_t func, void *data) |
| | Create a client CONF_SECTION using a mapping section to map values from a result set to client attributes. More...
|
| |
| fr_client_t * | client_read (char const *filename, CONF_SECTION *server_cs, bool check_dns) |
| | Read a single client from a file. More...
|
| |
API to add client definitions to the server, both on startup and at runtime.
- Id
- 19753d8f945f4694b29f94a74be9f919e5bd0333
- Author
- Arran Cudbard-Bell (a.cud.nosp@m.bard.nosp@m.b@fre.nosp@m.erad.nosp@m.ius.o.nosp@m.rg)
- Copyright
- 2015 The FreeRADIUS server project
Definition in file client.h.
◆ fr_client_s
Describes a host allowed to send packets to the server.
Definition at line 80 of file client.h.
| Data Fields |
|---|
|
fr_stats_t |
acct |
Accounting stats. |
|
bool |
active |
for dynamic clients |
|
fr_stats_t |
auth |
Authentication stats. |
|
CONF_SECTION * |
cs |
CONF_SECTION that was parsed to generate the client. |
|
bool |
dedup_authenticator |
more RADIUS stuff |
|
bool |
dynamic |
Whether the client was dynamically defined. |
|
bool |
first_packet_no_proxy_state |
Whether that first packet contained a Proxy-State attribute. |
|
fr_ipaddr_t |
ipaddr |
IPv4/IPv6 address of the host. |
|
fr_socket_limit_t |
limit |
Connections per client (TCP clients only). |
|
fr_radius_limit_proxy_state_t |
limit_proxy_state |
Whether to allow Proxy-State in incoming packets that don't contain a message authenticator. If Proxy-State is included, but Message-Authenticator is not, then an attacker can potentially forge responses.
|
|
bool |
limit_proxy_state_is_set |
Whether limit_proxy_state is set in the configuration. |
|
char const * |
longname |
Client identifier. |
|
char const * |
nas_type |
Type of client (arbitrary). |
|
fr_rb_node_t |
node |
Entry in the client tree. |
|
int |
number |
Unique client number. |
|
int |
proto |
Protocol number. |
|
bool |
received_message_authenticator |
Whether we've seen a message authenticator from this client in any previous packets. |
|
fr_radius_require_ma_t |
require_message_authenticator |
Require RADIUS message authenticator for incoming packets. |
|
bool |
require_message_authenticator_is_set |
Whether require_message_authenticator is set in the configuration. |
|
fr_time_delta_t |
response_window |
How long the client has to respond. |
|
char const * |
secret |
Secret PSK. |
|
bool |
seen_first_packet |
Whether we've seen a packet from this client. |
|
char const * |
server |
Name of the virtual server client is associated with. |
|
CONF_SECTION * |
server_cs |
Virtual server that the client is associated with. |
|
char const * |
shortname |
Client nickname. |
|
fr_ipaddr_t |
src_ipaddr |
IPv4/IPv6 address to send responses from (family must match ipaddr). |
|
bool |
use_connected |
do we use connected sockets for this client |
◆ client_value_cb_t
Callback for retrieving values when building client sections.
Example:
{
my_result *result =
data;
return 0;
}
return 0;
}
Configuration AVP similar to a fr_pair_t.
char const * cf_pair_value(CONF_PAIR const *pair)
Return the value of a CONF_PAIR.
static size_t char ** out
- Parameters
-
| [out] | out | Where to write a pointer to the talloced value buffer. |
| [in] | cp | The value of the CONF_PAIR specifies the attribute name to retrieve from the result. |
| [in] | data | Pointer to the result struct to copy values from. |
- Returns
- 0 on success.
- -1 on failure.
Definition at line 68 of file client.h.
◆ fr_client_list_t
◆ fr_client_t
◆ client_add()
Add a client to a fr_client_list_t.
- Parameters
-
| clients | list to add client to, may be NULL if global client list is being used. |
| client | to add. |
- Returns
- true on success.
- false on failure.
Definition at line 187 of file client.c.
◆ client_afrom_cs()
Allocate a new client from a config section.
- Parameters
-
| ctx | to allocate new clients in. |
| cs | to process as a client. |
| server_cs | The virtual server that this client belongs to. |
| extra | 0 allocate sizeof(fr_client_t) bytes >sizeof(client_t) number of bytes to allocate |
- Returns
- new fr_client_t struct.
Definition at line 708 of file client.c.
◆ client_afrom_request()
Create a new client, consuming all attributes in the control list of the request.
- Parameters
-
| ctx | the talloc context |
| request | containing the client attributes. |
- Returns
- New client on success.
- NULL on error.
Definition at line 930 of file client.c.
◆ client_delete()
◆ client_find()
◆ client_findbynumber()
◆ client_free()
Free a client.
It's up to the caller to ensure that it's deleted from any fr_client_list_t.
Definition at line 98 of file client.c.
◆ client_from_request()
Search up a list of requests trying to locate one which has a client.
Definition at line 1112 of file client.c.
◆ client_list_free()
| void client_list_free |
( |
void |
| ) |
|
◆ client_list_init()
Return a new client list.
- Note
- The container won't contain any clients.
- Returns
- New client list on success.
- NULL on error (OOM).
Definition at line 113 of file client.c.
◆ client_list_parse_section()
◆ client_map_section()
Create a client CONF_SECTION using a mapping section to map values from a result set to client attributes.
If we hit a CONF_SECTION we recurse and process its CONF_PAIRS too.
- Note
- Caller should free CONF_SECTION passed in as out, on error. Contents of that section will be in an undefined state.
- Parameters
-
| [in,out] | out | Section to perform mapping on. Either the root of the client config, or a parent section (when this function is called recursively). Should be alloced with cf_section_alloc, or if there's a separate template section, the result of calling cf_section_dup on that section. |
| [in] | map | section. |
| [in] | func | to call to retrieve CONF_PAIR values. Must return a talloced buffer containing the value. |
| [in] | data | to pass to func, usually a result pointer. |
- Returns
- 0 on success.
- -1 on failure.
Definition at line 626 of file client.c.
◆ client_read()
Read a single client from a file.
This function supports asynchronous runtime loading of clients.
- Parameters
-
| [in] | filename | To read clients from. |
| [in] | server_cs | of virtual server clients should be added to. |
| [in] | check_dns | Check reverse lookup of IP address matches filename. |
- Returns
- The new client on success.
- NULL on failure.
Definition at line 1060 of file client.c.
Include dependency graph for client.h:
1.9.1