Logo Search packages:      
Sourcecode: radiusclient version File versions  Download package

config.c

/*
 * $Id: config.c,v 1.4 1998/02/10 13:29:57 lf Exp $
 *
 * Copyright (C) 1995,1996,1997 Lars Fenneberg
 *
 * Copyright 1992 Livingston Enterprises, Inc.
 *
 * Copyright 1992,1993, 1994,1995 The Regents of the University of Michigan 
 * and Merit Network, Inc. All Rights Reserved
 *
 * See the file COPYRIGHT for the respective terms and conditions. 
 * If the file is missing contact me at lf@elemental.net 
 * and I'll send you a copy.
 *
 */

#include <config.h>
#include <includes.h>
#include <radiusclient.h>
#include <options.h>

static int test_config(char *);

/*
 * Function: find_option
 *
 * Purpose: find an option in the option list
 *
 * Returns: pointer to option on success, NULL otherwise
 */
 
static OPTION *find_option(char *optname, unsigned int type)
{
      int i;

      /* there're so few options that a binary search seems not necessary */
      for (i = 0; i < num_options; i++) {
            if (!strcmp(config_options[i].name, optname) &&
                (config_options[i].type & type))
                  return &config_options[i];
      }

      return NULL;
}

/*
 * Function: set_option_...
 *
 * Purpose: set a specific option doing type conversions
 *
 * Returns: 0 on success, -1 on failure
 */

static int set_option_str(char *filename, int line, OPTION *option, char *p)
{ 
      if (p)
            option->val = (void *) strdup(p);
      else
            option->val = NULL;

      return 0;
}

static int set_option_int(char *filename, int line, OPTION *option, char *p)
{
      int *iptr;

      if (p == NULL) {
            rc_log(LOG_ERR, "%s: line %d: bogus option value", filename, line);
            return (-1);
      }

      if ((iptr = (int *) malloc(sizeof(iptr))) == NULL) {
            rc_log(LOG_CRIT, "read_config: out of memory");
            return (-1);
      }
      
      *iptr = atoi(p);                    
      option->val = (void *) iptr;

      return 0;
}

static int set_option_srv(char *filename, int line, OPTION *option, char *p)
{
      SERVER *serv;
      char *q;
      struct servent *svp;
      int i;

      if (p == NULL) {
            rc_log(LOG_ERR, "%s: line %d: bogus option value", filename, line);
            return (-1);
      }

      serv = (SERVER *) option->val;

      while ((p = strtok(p, ", \t")) != NULL) {

            if ((q = strchr(p,':')) != NULL) {
                  *q = '\0';
                  q++;
                  serv->port[serv->max] = atoi(q);
            } else {
                  if (!strcmp(option->name,"authserver"))
                        if ((svp = getservbyname ("radius", "udp")) == NULL)
                              serv->port[serv->max] = PW_AUTH_UDP_PORT;
                        else
                              serv->port[serv->max] = ntohs ((unsigned int) svp->s_port);
                  else if (!strcmp(option->name, "acctserver"))
                        if ((svp = getservbyname ("radacct", "udp")) == NULL)
                              serv->port[serv->max] = PW_ACCT_UDP_PORT;
                        else
                              serv->port[serv->max] = ntohs ((unsigned int) svp->s_port);
                  else {
                        rc_log(LOG_ERR, "%s: line %d: no default port for %s", filename, line, option->name);
                        return (-1);
                  }
            }

            serv->name[serv->max++] = strdup(p);

            p = NULL;
      }

      return 0;
}

static int set_option_auo(char *filename, int line, OPTION *option, char *p)
{
      int *iptr;

      if (p == NULL) {
            rc_log(LOG_WARNING, "%s: line %d: bogus option value", filename, line);
            return (-1);
      }

      if ((iptr = (int *) malloc(sizeof(iptr))) == NULL) {
                  rc_log(LOG_CRIT, "read_config: out of memory");
                  return (-1);
      }
                  
      *iptr = 0;
      p = strtok(p, ", \t");

      if (!strncmp(p, "local", 5))
                  *iptr = AUTH_LOCAL_FST;
      else if (!strncmp(p, "radius", 6))
                  *iptr = AUTH_RADIUS_FST;
      else {
            rc_log(LOG_ERR,"%s: auth_order: unknown keyword: %s", filename, p);
            return (-1); 
      }
                  
      p = strtok(NULL, ", \t");
                  
      if (p && (*p != '\0')) {
            if ((*iptr & AUTH_RADIUS_FST) && !strcmp(p, "local"))
                  *iptr = (*iptr) | AUTH_LOCAL_SND;
            else if ((*iptr & AUTH_LOCAL_FST) && !strcmp(p, "radius"))
                  *iptr = (*iptr) | AUTH_RADIUS_SND;   
            else {
                  rc_log(LOG_ERR,"%s: auth_order: unknown or unexpected keyword: %s", filename, p);
                  return (-1); 
            }
      }

      option->val = (void *) iptr;

      return 0;
}


/*
 * Function: rc_read_config
 *
 * Purpose: read the global config file
 * 
 * Returns: 0 on success, -1 when failure
 */

int rc_read_config(char *filename)
{
      FILE *configfd;
      char buffer[512], *p;
      OPTION *option;
      int line, pos;

      if ((configfd = fopen(filename,"r")) == NULL)
      {
            rc_log(LOG_ERR,"rc_read_config: can't open %s: %s", filename, strerror(errno));
            return (-1);
      }

      line = 0;
      while ((fgets(buffer, sizeof(buffer), configfd) != NULL))
      {
            line++;
            p = buffer;
            
            if ((*p == '\n') || (*p == '#') || (*p == '\0'))
                  continue;

            p[strlen(p)-1] = '\0';
            
            
            if ((pos = strcspn(p, "\t ")) == 0) {
                  rc_log(LOG_ERR, "%s: line %d: bogus format: %s", filename, line, p);
                  return (-1);
            } 
            
            p[pos] = '\0';
            
            if ((option = find_option(p, OT_ANY)) == NULL) {
                  rc_log(LOG_ERR, "%s: line %d: unrecognized keyword: %s", filename, line, p);
                  return (-1);
            }

            if (option->status != ST_UNDEF) {
                  rc_log(LOG_ERR, "%s: line %d: duplicate option line: %s", filename, line, p);
                  return (-1);
            }

            p += pos+1;
            while (isspace(*p)) 
                  p++;

            switch (option->type) {
                  case OT_STR:
                         if (set_option_str(filename, line, option, p) < 0)
                              return (-1);
                        break;                              
                  case OT_INT:
                         if (set_option_int(filename, line, option, p) < 0)
                              return (-1);
                        break;
                  case OT_SRV:
                         if (set_option_srv(filename, line, option, p) < 0)
                              return (-1);
                        break;
                  case OT_AUO:
                         if (set_option_auo(filename, line, option, p) < 0)
                              return (-1);
                        break;
                  default:
                        rc_log(LOG_CRIT, "rc_read_config: impossible case branch!");
                        abort();
            }
      }
      fclose(configfd);

      return test_config(filename);
}

/*
 * Function: rc_conf_str, rc_conf_int, rc_conf_src
 *
 * Purpose: get the value of a config option
 * 
 * Returns: config option value
 */

char *rc_conf_str(const char *optname)
{
      OPTION *option;

      option = find_option(optname, OT_STR);
      
      if (option != NULL) {
            return (char *)option->val;   
      } else {
            rc_log(LOG_CRIT, "rc_conf_str: unkown config option requested: %s", optname);
            abort();
      }
}

int rc_conf_int(char *optname)
{
      OPTION *option;

      option = find_option(optname, OT_INT|OT_AUO);
      
      if (option != NULL && option->val != NULL) {
            return *((int *)option->val); 
      } else {
            rc_log(LOG_CRIT, "rc_conf_int: unkown config option requested: %s", optname);
            abort();
      }
}

SERVER *rc_conf_srv(char *optname)
{
      OPTION *option;

      option = find_option(optname, OT_SRV);
      
      if (option != NULL) {
            return (SERVER *)option->val; 
      } else {
            rc_log(LOG_CRIT, "rc_conf_srv: unkown config option requested: %s", optname);
            abort();
      }
}

/*
 * Function: test_config
 *
 * Purpose: test the configuration the user supplied
 *
 * Returns: 0 on success, -1 when failure
 */

static int test_config(char *filename)
{
#if 0
      struct stat st;
      char      *file;
#endif

      if (!(rc_conf_srv("authserver")->max))
      {
            rc_log(LOG_ERR,"%s: no authserver specified", filename);
            return (-1);
      }
      if (!(rc_conf_srv("acctserver")->max))
      {
            rc_log(LOG_ERR,"%s: no acctserver specified", filename);
            return (-1);
      }
      if (!rc_conf_str("servers"))
      {
            rc_log(LOG_ERR,"%s: no servers file specified", filename);
            return (-1);
      }                                                                         
      if (!rc_conf_str("dictionary"))
      {
            rc_log(LOG_ERR,"%s: no dictionary specified", filename);
            return (-1);
      }

      if (rc_conf_int("radius_timeout") <= 0)
      {
            rc_log(LOG_ERR,"%s: radius_timeout <= 0 is illegal", filename);
            return (-1);
      }
      if (rc_conf_int("radius_retries") <= 0) 
      {
            rc_log(LOG_ERR,"%s: radius_retries <= 0 is illegal", filename);
            return (-1);
      }     

#if 0
      file = rc_conf_str("login_local");
      if (stat(file, &st) == 0)
      {
            if (!S_ISREG(st.st_mode)) {
                  rc_log(LOG_ERR,"%s: not a regular file: %s", filename, file);
                  return (-1);
            }
      } else {
            rc_log(LOG_ERR,"%s: file not found: %s", filename, file);
            return (-1);
      }
      file = rc_conf_str("login_radius");
      if (stat(file, &st) == 0)
      {
            if (!S_ISREG(st.st_mode)) {
                  rc_log(LOG_ERR,"%s: not a regular file: %s", filename, file);
                  return (-1);
            }
      } else {
            rc_log(LOG_ERR,"%s: file not found: %s", filename, file);
            return (-1);
      }
#endif
      
      if (rc_conf_int("login_tries") <= 0)
      {
            rc_log(LOG_ERR,"%s: login_tries <= 0 is illegal", filename);
            return (-1);
      }     
      if (rc_conf_str("seqfile") == NULL)
      {
            rc_log(LOG_ERR,"%s: seqfile not specified", filename);
            return (-1);
      }     
      if (rc_conf_int("login_timeout") <= 0)
      {
            rc_log(LOG_ERR,"%s: login_timeout <= 0 is illegal", filename);
            return (-1);
      }     
      if (rc_conf_str("mapfile") == NULL)
      {
            rc_log(LOG_ERR,"%s: mapfile not specified", filename);
            return (-1);
      }     
      if (rc_conf_str("nologin") == NULL)
      {
            rc_log(LOG_ERR,"%s: nologin not specified", filename);
            return (-1);
      }     

      return 0;
}

/*
 * Function: rc_find_match
 *
 * Purpose: see if ip_addr is one of the ip addresses of hostname
 *
 * Returns: 0 on success, -1 when failure
 *
 */

static int find_match (UINT4 *ip_addr, char *hostname)
{
      UINT4           addr;
      char          **paddr;
      struct hostent *hp;

      if (rc_good_ipaddr (hostname) == 0)
      {
            if (*ip_addr == ntohl(inet_addr (hostname)))
            {
                  return (0);
            }
      }
      else
      {
            if ((hp = gethostbyname (hostname)) == (struct hostent *) NULL)
            {
                  return (-1);
            }
            for (paddr = hp->h_addr_list; *paddr; paddr++)
            {
                  addr = ** (UINT4 **) paddr;
                  if (ntohl(addr) == *ip_addr)
                  {
                        return (0);
                  }
            }
      }
      return (-1);
} 

/*
 * Function: rc_find_server
 *
 * Purpose: search a server in the servers file
 *
 * Returns: 0 on success, -1 on failure
 *
 */
 
int rc_find_server (char *server_name, UINT4 *ip_addr, char *secret)
{
      UINT4       myipaddr = 0;
      int             len;
      int             result;
      FILE           *clientfd;
      char           *h;
      char           *s;
      char           *host2;
      char            buffer[128];
      char            hostnm[AUTH_ID_LEN + 1];

      /* Get the IP address of the authentication server */
      if ((*ip_addr = rc_get_ipaddr (server_name)) == (UINT4) 0)
            return (-1);

      if ((clientfd = fopen (rc_conf_str("servers"), "r")) == (FILE *) NULL)
      {
            rc_log(LOG_ERR, "rc_find_server: couldn't open file: %s: %s", strerror(errno), rc_conf_str("servers"));
            return (-1);
      }
      
      if ((myipaddr = rc_own_ipaddress()) == 0)
            return (-1);

      result = 0;
      while (fgets (buffer, sizeof (buffer), clientfd) != (char *) NULL)
      {
            if (*buffer == '#')
                  continue;

            if ((h = strtok (buffer, " \t\n")) == NULL) /* first hostname */
                  continue;

            memset (hostnm, '\0', AUTH_ID_LEN);
            len = strlen (h);
            if (len > AUTH_ID_LEN)
            {
                  len = AUTH_ID_LEN;
            }
            strncpy (hostnm, h, (size_t) len);
            hostnm[AUTH_ID_LEN] = '\0';

            if ((s = strtok (NULL, " \t\n")) == NULL) /* and secret field */
                  continue;

            memset (secret, '\0', MAX_SECRET_LENGTH);
            len = strlen (s);
            if (len > MAX_SECRET_LENGTH)
            {
                  len = MAX_SECRET_LENGTH;
            }
            strncpy (secret, s, (size_t) len);
            secret[MAX_SECRET_LENGTH] = '\0';

            if (!strchr (hostnm, '/')) /* If single name form */
            {
                  if (find_match (ip_addr, hostnm) == 0)
                  {
                        result++;
                        break;
                  }
            }
            else /* <name1>/<name2> "paired" form */
            {
                  strtok (hostnm, "/");
                  if (find_match (&myipaddr, hostnm) == 0)
                  {          /* If we're the 1st name, target is 2nd */
                        host2 = strtok (NULL, " ");
                        if (find_match (ip_addr, host2) == 0)
                        {
                              result++;
                              break;
                        }
                  }
                  else  /* If we were 2nd name, target is 1st name */
                  {
                        if (find_match (ip_addr, hostnm) == 0)
                        {
                              result++;
                              break;
                        }
                  }
            }
      }
      fclose (clientfd);
      if (result == 0)
      {
            memset (buffer, '\0', sizeof (buffer));
            memset (secret, '\0', sizeof (secret));
            rc_log(LOG_ERR, "rc_find_server: couldn't find RADIUS server %s in %s",
                   server_name, rc_conf_str("servers"));
            return (-1);
      }
      return 0;
}

Generated by  Doxygen 1.6.0   Back to index