Commit 739f6062 authored by Robert Dubner's avatar Robert Dubner
Browse files

Use radiusport number from slapd.conf

parent b0b70c01
/* radiusov.c - radius-ldap overlay for slapd */
/* radiusov.c - radius-ldap overlay for slapd */
/* radiusov.c - radius-ldap overlay for slapd */
/* $OpenLDAP$ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
......@@ -51,18 +52,11 @@ ldap_pvt_thread_mutex_t libradius_mutex;
static int packet_eat_count = -5;
typedef enum radius_ports
{
RADIUS_PORT_RADIUS = 1812, // FreeRADIUS accepts information from 1812 by default.
RADIUS_PORT_TEST_AND_DEVELOPMENT = 18129,
} radius_ports;
// For initial development, this is a static list. Eventually it will
// be established from a configuration file or database
static search_descriptor search_descriptors[] =
{
{
RADIUS_PORT_TEST_AND_DEVELOPMENT,
"127.0.0.1",
TEST_AND_DEVELOPMENT,
LDAP_SCOPE_SUBTREE,
......@@ -71,7 +65,6 @@ static search_descriptor search_descriptors[] =
"",
},
{
RADIUS_PORT_TEST_AND_DEVELOPMENT,
"10.0.1.250",
RADIUS_PROTOCOL,
LDAP_SCOPE_SUBTREE,
......@@ -80,8 +73,7 @@ static search_descriptor search_descriptors[] =
"testing123",
},
{
0, // This entry ends the list
NULL,
NULL, // This entry ends the list
INVALID_SEARCH_METHOD,
0,
NULL,
......@@ -551,16 +543,16 @@ radiusov_acceptconn(void *ctx, void *arg)
// TODO: Ultimately this should be a map, not a linear search.
search_descriptor *sd = search_descriptors;
while( sd->our_port )
while( sd->client_ipa )
{
if( sd->our_port == our_port && strcmp(sd->client_ipa, client_ipa) == 0 )
if( radius_info->radius_port_number == our_port && strcmp(sd->client_ipa, client_ipa) == 0 )
{
// We have a match on our port number and the client's IP address
break;
}
sd += 1;
}
if( sd->our_port == 0 )
if( !sd->client_ipa )
{
Debug( LDAP_DEBUG_ANY,
"radiusov: There is no search descriptor for %s and port %d\n",
......@@ -777,12 +769,37 @@ radius_config_driver(ConfigArgs *config_args)
__func__,
(int)config_args->op,
(int)config_args->type);
// slap_overinst *on = (slap_overinst *)config_args->bi;
// struct log_info *li = on->on_bi.bi_private;
slap_overinst *radiusov = (slap_overinst *)config_args->bi;
RADIUS_INFO *radius_info = radiusov->on_bi.bi_private;
switch(config_args->op)
{
case SLAP_CONFIG_ADD:
switch(config_args->type)
{
case RADIUS_PORT:
Debug( LDAP_DEBUG_ARGS,
" radiusport is %d\n",
config_args->values.v_int);
radius_info->radius_port_number = config_args->values.v_int;
break;
case RADIUS_HOST:
Debug( LDAP_DEBUG_ARGS,
" radiushost is %s\n",
config_args->values.v_string);
strncpy(radius_info->radius_port_host,
config_args->values.v_string,
sizeof(radius_info->radius_port_host) );
radius_info->radius_port_host[sizeof(radius_info->radius_port_host)-1] = '\0';
break;
}
break;
}
int rc = 0;
// slap_mask_t tmask = 0;
// char agebuf[2*STRLENOF("ddddd+hh:mm:ss ")];
// struct berval agebv, cyclebv;
return rc;
}
......@@ -856,12 +873,7 @@ radiusov_db_open(BackendDB *be, ConfigReply *cr)
slap_overinst *radiusov = (slap_overinst *)be->bd_info;
RADIUS_INFO *radius_info = radiusov->on_bi.bi_private;
int port_number = -1;
// Assume all of the search_descriptors reference the same
// UDP port for listening for RADIUS packets:
port_number = search_descriptors[0].our_port;
int port_number = radius_info->radius_port_number;
if( port_number <= 0 || port_number > 65535 )
{
......
......@@ -75,7 +75,7 @@ typedef struct _STATE
uint8_t peer_nt_response[24];
uint8_t nthashhash[MD4_DIGEST_LENGTH];
uint8_t md5_challenge[16]; // Magic number: Yes, an MD5 challenge random sequence is sixteen bytes.
time_t birthday; // Birthdate, in Unix epoch seconds, of this state.
time_t birthday; // Birthdate, in Unix epoch seconds, of this state.
SSL *ssl;
TLS_INFO info;
......@@ -104,6 +104,11 @@ typedef struct _STATE
typedef struct _RADIUS_INFO
{
// Parameters from slapd.conf:
int radius_port_number; // From slapd.conf
char radius_port_host[256]; // From slapd.conf. Usually 127.0.0.1, but
// we leave room for a fully qualified domain name
int radius_udp_socket;
Connection *radius_connection;
BackendDB *radius_db;
......@@ -121,7 +126,6 @@ typedef enum _search_methods
typedef struct _search_descriptor
{
int our_port;
char *client_ipa;
search_methods search_method;
int search_scope;
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment