Commit 51fc9426 authored by Robert Dubner's avatar Robert Dubner
Browse files

Debugging URI parameters in slapd.conf

parent 66dfb768
......@@ -633,7 +633,7 @@ radiusov_acceptconn(void *ctx, void *arg)
return NULL;
}
static void
static int
radiusov_create_udp_port( BackendDB *be,
ConfigReply *cr,
int port_number,
......@@ -673,7 +673,7 @@ radiusov_create_udp_port( BackendDB *be,
"%s(): cannot create socket: %s\n",
__func__,
AC_STRERROR_R(saved_errno, ebuf, sizeof(ebuf)) );
exit(1);
return 1;
}
// assign IP, PORT
......@@ -687,7 +687,7 @@ radiusov_create_udp_port( BackendDB *be,
"%s(): inet_aton() failed: %s\n",
__func__,
AC_STRERROR_R(saved_errno, ebuf, sizeof(ebuf)) );
exit(1);
return 1;
}
server_addr.sin_port = htons(port_number);
......@@ -707,28 +707,23 @@ radiusov_create_udp_port( BackendDB *be,
Debug( LDAP_DEBUG_ANY,"radiusov: problem closing socket: %s",
AC_STRERROR_R(saved_errno, ebuf, sizeof(ebuf)) );
}
return;
return 1;
}
radius_info->radius_udp_socket = udp_socket;
radius_info->radius_connection = connection_client_setup( udp_socket,
radiusov_acceptconn,
radius_info );
return 0;
}
// ldap://<host>/<base>?<attrs>?<scope>?<filter>
// ldap_url_parse()
// ldap:///cn=radius,dc=renbud,dc=com?ipa,port?one?(configuration=<desired_config>)
static ConfigDriver radius_config_driver;
enum
{
RADIUS_PORT = 1,
RADIUS_HOST,
RADIUS_CLIENT_URI,
RADIUS_TEST,
};
......@@ -763,13 +758,26 @@ static ConfigTable radiuscfg[] =
NULL, NULL
},
{
"radiusclienturi",
"Search URI for RADIUS clients",
2, 2, 0,
ARG_MAGIC|RADIUS_CLIENT_URI,
radius_config_driver,
"( OLcfgOvAt:" OVERLAY_OID ".3 NAME 'olcRadiusClientUri' "
"DESC 'URL for searching for RADIUS client shared secret by IP address:port' "
"EQUALITY caseIgnoreMatch "
"SYNTAX OMsDirectoryString )",
NULL, NULL
},
{
"radiustest",
"Search URI for simple testing",
2, 2, 0,
ARG_MAGIC|RADIUS_TEST,
radius_config_driver,
"( OLcfgOvAt:" OVERLAY_OID ".3 NAME 'olcRadiusTest' "
"( OLcfgOvAt:" OVERLAY_OID ".4 NAME 'olcRadiusTest' "
"DESC 'URL for simple searches in the test environment' "
"EQUALITY caseIgnoreMatch "
"SYNTAX OMsDirectoryString )",
......@@ -813,6 +821,8 @@ radius_config_driver(ConfigArgs *config_args)
(int)config_args->op,
(int)config_args->type);
int rc = 0;
slap_overinst *radiusov = (slap_overinst *)config_args->bi;
RADIUS_INFO *radius_info = radiusov->on_bi.bi_private;
......@@ -837,12 +847,49 @@ radius_config_driver(ConfigArgs *config_args)
sizeof(radius_info->radius_port_host) );
radius_info->radius_port_host[sizeof(radius_info->radius_port_host)-1] = '\0';
break;
case RADIUS_CLIENT_URI:
{
if( config_args->values.v_string && ldap_url_parse( config_args->values.v_string,
&radius_info->lud_radius_client) )
{
Debug( LDAP_DEBUG_ANY,
"ldap_url_parse FAILED on %s\n",
config_args->values.v_string);
rc = 1;
}
else
{
Debug( LDAP_DEBUG_ANY,
"ldap_url_parse SUCCEEDED on %s\n",
config_args->values.v_string);
}
}
break;
case RADIUS_TEST:
{
if( config_args->values.v_string && ldap_url_parse( config_args->values.v_string,
&radius_info->lud_simple_test) )
{
Debug( LDAP_DEBUG_ANY,
"ldap_url_parse FAILED on %s\n",
config_args->values.v_string);
rc = 1;
}
else
{
Debug( LDAP_DEBUG_ANY,
"ldap_url_parse SUCCEEDED on %s\n",
config_args->values.v_string);
}
}
break;
}
break;
}
int rc = 0;
return rc;
}
......@@ -903,6 +950,9 @@ radiusov_db_destroy(BackendDB *be, ConfigReply *cr )
SSL_CTX_free( radius_info->openssl_context );
ch_free(radius_info->openssl_configuration);
ldap_free_urldesc( radius_info->lud_simple_test );
ldap_free_urldesc( radius_info->lud_radius_client );
ch_free(radius_info);
ldap_pvt_thread_mutex_destroy( &libradius_mutex );
......@@ -913,6 +963,8 @@ radiusov_db_destroy(BackendDB *be, ConfigReply *cr )
static int
radiusov_db_open(BackendDB *be, ConfigReply *cr)
{
int rc = 0;
Debug( LDAP_DEBUG_TRACE, "=> %s()\n", __func__);
slap_overinst *radiusov = (slap_overinst *)be->bd_info;
......@@ -931,64 +983,13 @@ radiusov_db_open(BackendDB *be, ConfigReply *cr)
if ( slapMode & SLAP_SERVER_MODE )
{
//char achUri[] = "ldap:///dc=renbud,dc=com?userPassword?one?uid=%s";
//char achUri[] = "ldap:///dc=renbud,dc=com?userPassword?one?uid=%s";
//char achUri[] = "ldap:///configuration=server1,cn=radservercfg,dc=renbud,dc=com?ipa,port?one?";
char achUri[] = "ldap:///dc=renbud,dc=com?userPassword?one?(uid=$1)";
char achUsername[] = "proxy";
char achFilterString[256];
sprintf(achFilterString, "(uid=%s)", achUsername);
LDAPURLDesc *lud;
if( ldap_url_parse( achUri, &lud) )
{
Debug( LDAP_DEBUG_ANY,
"ldap_url_parse FAILED\n");
}
else
{
Debug( LDAP_DEBUG_ANY,
"ldap_url_parse succeeded\n");
}
search_descriptor *sd = &search_descriptors[0];
char achPassword[256];
radiusov_verify_username_password( radius_info,
sd,
"proxy",
"xyzzy" );
int rc = radiusov_generalized_database_fetch(radius_info->radius_db,
sd->search_base,
sd->search_scope,
achFilterString,
"userPassword",
achPassword,
MAXIMUM_PASSWORD_CHARACTERS );
if( rc )
{
Debug( LDAP_DEBUG_ANY,
"****************** radiusov_generalized_database_fetch() FAILED!\n");
}
else
{
Debug( LDAP_DEBUG_ANY,
"****************** radiusov_generalized_database_fetch() returned %s\n",
achPassword );
}
radiusov_create_udp_port( be,
cr,
radius_info->radius_port_number,
radius_info->radius_port_host);
ldap_free_urldesc( lud );
rc = radiusov_create_udp_port( be,
cr,
radius_info->radius_port_number,
radius_info->radius_port_host);
}
return 0;
return rc;
}
static int
......
......@@ -113,7 +113,9 @@ typedef struct _RADIUS_INFO
// Parameters from slapd.conf:
int radius_port_number; // From slapd.conf
char radius_port_host[256]; // From slapd.conf. Usually 127.0.0.1, but
// we leave room for a fully qualified domain name
// // we leave room for a fully qualified domain name
LDAPURLDesc *lud_radius_client; // From slapd.conf. The parsed search URI for RADIUS client shared secrete
LDAPURLDesc *lud_simple_test; // From slapd.conf. The parsed search URI for simple testing
int radius_udp_socket;
Connection *radius_connection;
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment