2 * $Id: config.c,v 1.3 2002/10/01 09:51:01 fcusack Exp $
4 * Copyright (C) 1995,1996,1997 Lars Fenneberg
6 * Copyright 1992 Livingston Enterprises, Inc.
8 * Copyright 1992,1993, 1994,1995 The Regents of the University of Michigan
9 * and Merit Network, Inc. All Rights Reserved
11 * See the file COPYRIGHT for the respective terms and conditions.
12 * If the file is missing contact me at lf@elemental.net
13 * and I'll send you a copy.
19 #include <radiusclient.h>
22 static int test_config(char *);
25 * Function: find_option
27 * Purpose: find an option in the option list
29 * Returns: pointer to option on success, NULL otherwise
32 static OPTION *find_option(char *optname, unsigned int type)
36 /* there're so few options that a binary search seems not necessary */
37 for (i = 0; i < num_options; i++) {
38 if (!strcmp(config_options[i].name, optname) &&
39 (config_options[i].type & type))
40 return &config_options[i];
47 * Function: set_option_...
49 * Purpose: set a specific option doing type conversions
51 * Returns: 0 on success, -1 on failure
54 static int set_option_str(char *filename, int line, OPTION *option, char *p)
57 option->val = (void *) strdup(p);
64 static int set_option_int(char *filename, int line, OPTION *option, char *p)
69 rc_log(LOG_ERR, "%s: line %d: bogus option value", filename, line);
73 if ((iptr = (int *) malloc(sizeof(iptr))) == NULL) {
74 rc_log(LOG_CRIT, "read_config: out of memory");
79 option->val = (void *) iptr;
84 static int set_option_srv(char *filename, int line, OPTION *option, char *p)
92 rc_log(LOG_ERR, "%s: line %d: bogus option value", filename, line);
96 serv = (SERVER *) option->val;
98 for (i = 0; i < serv->max; i++) {
103 while ((p = strtok(p, ", \t")) != NULL) {
105 if ((q = strchr(p,':')) != NULL) {
108 serv->port[serv->max] = atoi(q);
110 if (!strcmp(option->name,"authserver"))
111 if ((svp = getservbyname ("radius", "udp")) == NULL)
112 serv->port[serv->max] = PW_AUTH_UDP_PORT;
114 serv->port[serv->max] = ntohs ((unsigned int) svp->s_port);
115 else if (!strcmp(option->name, "acctserver"))
116 if ((svp = getservbyname ("radacct", "udp")) == NULL)
117 serv->port[serv->max] = PW_ACCT_UDP_PORT;
119 serv->port[serv->max] = ntohs ((unsigned int) svp->s_port);
121 rc_log(LOG_ERR, "%s: line %d: no default port for %s", filename, line, option->name);
126 serv->name[serv->max++] = strdup(p);
134 static int set_option_auo(char *filename, int line, OPTION *option, char *p)
139 rc_log(LOG_WARNING, "%s: line %d: bogus option value", filename, line);
143 if ((iptr = (int *) malloc(sizeof(iptr))) == NULL) {
144 rc_log(LOG_CRIT, "read_config: out of memory");
149 p = strtok(p, ", \t");
151 if (!strncmp(p, "local", 5))
152 *iptr = AUTH_LOCAL_FST;
153 else if (!strncmp(p, "radius", 6))
154 *iptr = AUTH_RADIUS_FST;
156 rc_log(LOG_ERR,"%s: auth_order: unknown keyword: %s", filename, p);
160 p = strtok(NULL, ", \t");
162 if (p && (*p != '\0')) {
163 if ((*iptr & AUTH_RADIUS_FST) && !strcmp(p, "local"))
164 *iptr = (*iptr) | AUTH_LOCAL_SND;
165 else if ((*iptr & AUTH_LOCAL_FST) && !strcmp(p, "radius"))
166 *iptr = (*iptr) | AUTH_RADIUS_SND;
168 rc_log(LOG_ERR,"%s: auth_order: unknown or unexpected keyword: %s", filename, p);
173 option->val = (void *) iptr;
180 * Function: rc_read_config
182 * Purpose: read the global config file
184 * Returns: 0 on success, -1 when failure
187 int rc_read_config(char *filename)
190 char buffer[512], *p;
194 if ((configfd = fopen(filename,"r")) == NULL)
196 rc_log(LOG_ERR,"rc_read_config: can't open %s: %s", filename, strerror(errno));
201 while ((fgets(buffer, sizeof(buffer), configfd) != NULL))
206 if ((*p == '\n') || (*p == '#') || (*p == '\0'))
209 p[strlen(p)-1] = '\0';
212 if ((pos = strcspn(p, "\t ")) == 0) {
213 rc_log(LOG_ERR, "%s: line %d: bogus format: %s", filename, line, p);
219 if ((option = find_option(p, OT_ANY)) == NULL) {
220 rc_log(LOG_ERR, "%s: line %d: unrecognized keyword: %s", filename, line, p);
224 if (option->status != ST_UNDEF) {
225 rc_log(LOG_ERR, "%s: line %d: duplicate option line: %s", filename, line, p);
233 switch (option->type) {
235 if (set_option_str(filename, line, option, p) < 0)
239 if (set_option_int(filename, line, option, p) < 0)
243 if (set_option_srv(filename, line, option, p) < 0)
247 if (set_option_auo(filename, line, option, p) < 0)
251 rc_log(LOG_CRIT, "rc_read_config: impossible case branch!");
257 return test_config(filename);
261 * Function: rc_conf_str, rc_conf_int, rc_conf_src
263 * Purpose: get the value of a config option
265 * Returns: config option value
268 char *rc_conf_str(char *optname)
272 option = find_option(optname, OT_STR);
274 if (option != NULL) {
275 return (char *)option->val;
277 rc_log(LOG_CRIT, "rc_conf_str: unkown config option requested: %s", optname);
282 int rc_conf_int(char *optname)
286 option = find_option(optname, OT_INT|OT_AUO);
288 if (option != NULL) {
289 return *((int *)option->val);
291 rc_log(LOG_CRIT, "rc_conf_int: unkown config option requested: %s", optname);
296 SERVER *rc_conf_srv(char *optname)
300 option = find_option(optname, OT_SRV);
302 if (option != NULL) {
303 return (SERVER *)option->val;
305 rc_log(LOG_CRIT, "rc_conf_srv: unkown config option requested: %s", optname);
311 * Function: test_config
313 * Purpose: test the configuration the user supplied
315 * Returns: 0 on success, -1 when failure
318 static int test_config(char *filename)
325 if (!(rc_conf_srv("authserver")->max))
327 rc_log(LOG_ERR,"%s: no authserver specified", filename);
330 if (!(rc_conf_srv("acctserver")->max))
332 rc_log(LOG_ERR,"%s: no acctserver specified", filename);
335 if (!rc_conf_str("servers"))
337 rc_log(LOG_ERR,"%s: no servers file specified", filename);
340 if (!rc_conf_str("dictionary"))
342 rc_log(LOG_ERR,"%s: no dictionary specified", filename);
346 if (rc_conf_int("radius_timeout") <= 0)
348 rc_log(LOG_ERR,"%s: radius_timeout <= 0 is illegal", filename);
351 if (rc_conf_int("radius_retries") <= 0)
353 rc_log(LOG_ERR,"%s: radius_retries <= 0 is illegal", filename);
358 file = rc_conf_str("login_local");
359 if (stat(file, &st) == 0)
361 if (!S_ISREG(st.st_mode)) {
362 rc_log(LOG_ERR,"%s: not a regular file: %s", filename, file);
366 rc_log(LOG_ERR,"%s: file not found: %s", filename, file);
369 file = rc_conf_str("login_radius");
370 if (stat(file, &st) == 0)
372 if (!S_ISREG(st.st_mode)) {
373 rc_log(LOG_ERR,"%s: not a regular file: %s", filename, file);
377 rc_log(LOG_ERR,"%s: file not found: %s", filename, file);
382 if (rc_conf_int("login_tries") <= 0)
384 rc_log(LOG_ERR,"%s: login_tries <= 0 is illegal", filename);
387 if (rc_conf_str("seqfile") == NULL)
389 rc_log(LOG_ERR,"%s: seqfile not specified", filename);
392 if (rc_conf_int("login_timeout") <= 0)
394 rc_log(LOG_ERR,"%s: login_timeout <= 0 is illegal", filename);
397 if (rc_conf_str("mapfile") == NULL)
399 rc_log(LOG_ERR,"%s: mapfile not specified", filename);
402 if (rc_conf_str("nologin") == NULL)
404 rc_log(LOG_ERR,"%s: nologin not specified", filename);
412 * Function: rc_find_match
414 * Purpose: see if ip_addr is one of the ip addresses of hostname
416 * Returns: 0 on success, -1 when failure
420 static int find_match (UINT4 *ip_addr, char *hostname)
426 if (rc_good_ipaddr (hostname) == 0)
428 if (*ip_addr == ntohl(inet_addr (hostname)))
435 if ((hp = gethostbyname (hostname)) == (struct hostent *) NULL)
439 for (paddr = hp->h_addr_list; *paddr; paddr++)
441 addr = ** (UINT4 **) paddr;
442 if (ntohl(addr) == *ip_addr)
452 * Function: rc_find_server
454 * Purpose: search a server in the servers file
456 * Returns: 0 on success, -1 on failure
460 int rc_find_server (char *server_name, UINT4 *ip_addr, char *secret)
470 char hostnm[AUTH_ID_LEN + 1];
472 /* Get the IP address of the authentication server */
473 if ((*ip_addr = rc_get_ipaddr (server_name)) == (UINT4) 0)
476 if ((clientfd = fopen (rc_conf_str("servers"), "r")) == (FILE *) NULL)
478 rc_log(LOG_ERR, "rc_find_server: couldn't open file: %s: %s", strerror(errno), rc_conf_str("servers"));
482 myipaddr = rc_own_ipaddress();
485 while (fgets (buffer, sizeof (buffer), clientfd) != (char *) NULL)
490 if ((h = strtok (buffer, " \t\n")) == NULL) /* first hostname */
493 memset (hostnm, '\0', AUTH_ID_LEN);
495 if (len > AUTH_ID_LEN)
499 strncpy (hostnm, h, (size_t) len);
500 hostnm[AUTH_ID_LEN] = '\0';
502 if ((s = strtok (NULL, " \t\n")) == NULL) /* and secret field */
505 memset (secret, '\0', MAX_SECRET_LENGTH);
507 if (len > MAX_SECRET_LENGTH)
509 len = MAX_SECRET_LENGTH;
511 strncpy (secret, s, (size_t) len);
512 secret[MAX_SECRET_LENGTH] = '\0';
514 if (!strchr (hostnm, '/')) /* If single name form */
516 if (find_match (ip_addr, hostnm) == 0)
522 else /* <name1>/<name2> "paired" form */
524 strtok (hostnm, "/");
525 if (find_match (&myipaddr, hostnm) == 0)
526 { /* If we're the 1st name, target is 2nd */
527 host2 = strtok (NULL, " ");
528 if (find_match (ip_addr, host2) == 0)
534 else /* If we were 2nd name, target is 1st name */
536 if (find_match (ip_addr, hostnm) == 0)
547 memset (buffer, '\0', sizeof (buffer));
548 memset (secret, '\0', sizeof (secret));
549 rc_log(LOG_ERR, "rc_find_server: couldn't find RADIUS server %s in %s",
550 server_name, rc_conf_str("servers"));