"Fossies" - the Fresh Open Source Software Archive

Member "freeradius-server-3.0.23/src/include/radiusd.h" (10 Jun 2021, 22669 Bytes) of package /linux/misc/freeradius-server-3.0.23.tar.bz2:


As a special service "Fossies" has tried to format the requested source page into HTML format using (guessed) C and C++ source code syntax highlighting (style: standard) with prefixed line numbers and code folding option. Alternatively you can here view or download the uninterpreted source code file. For more information about "radiusd.h" see the Fossies "Dox" file reference documentation and the latest Fossies "Diffs" side-by-side code changes report: 3.0.22_vs_3.0.23.

    1 /*
    2  *   This program is free software; you can redistribute it and/or modify
    3  *   it under the terms of the GNU General Public License as published by
    4  *   the Free Software Foundation; either version 2 of the License, or
    5  *   (at your option) any later version.
    6  *
    7  *   This program is distributed in the hope that it will be useful,
    8  *   but WITHOUT ANY WARRANTY; without even the implied warranty of
    9  *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   10  *   GNU General Public License for more details.
   11  *
   12  *   You should have received a copy of the GNU General Public License
   13  *   along with this program; if not, write to the Free Software
   14  *   Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
   15  */
   16 #ifndef RADIUSD_H
   17 #define RADIUSD_H
   18 /**
   19  * $Id: fbb743419b78a901ebee17b911d7d8d388842d5f $
   20  *
   21  * @file radiusd.h
   22  * @brief Structures, prototypes and global variables for the FreeRADIUS server.
   23  *
   24  * @copyright 1999-2000,2002-2008  The FreeRADIUS server project
   25  */
   26 
   27 RCSIDH(radiusd_h, "$Id: fbb743419b78a901ebee17b911d7d8d388842d5f $")
   28 
   29 #include <freeradius-devel/libradius.h>
   30 #include <freeradius-devel/radpaths.h>
   31 #include <freeradius-devel/conf.h>
   32 #include <freeradius-devel/conffile.h>
   33 #include <freeradius-devel/event.h>
   34 #include <freeradius-devel/connection.h>
   35 
   36 typedef struct rad_request REQUEST;
   37 
   38 #include <freeradius-devel/log.h>
   39 
   40 #ifdef HAVE_PTHREAD_H
   41 #  include <pthread.h>
   42 #else
   43 #  include <sys/wait.h>
   44 #endif
   45 
   46 #ifndef NDEBUG
   47 #  define REQUEST_MAGIC (0xdeadbeef)
   48 #endif
   49 
   50 /*
   51  *  WITH_VMPS is handled by src/include/features.h
   52  */
   53 #ifdef WITHOUT_VMPS
   54 #  undef WITH_VMPS
   55 #endif
   56 
   57 #ifdef WITH_TLS
   58 #  include <freeradius-devel/tls.h>
   59 #endif
   60 
   61 #include <freeradius-devel/stats.h>
   62 #include <freeradius-devel/realms.h>
   63 #include <freeradius-devel/xlat.h>
   64 #include <freeradius-devel/tmpl.h>
   65 #include <freeradius-devel/map.h>
   66 #include <freeradius-devel/clients.h>
   67 #include <freeradius-devel/process.h>
   68 /*
   69  *  All POSIX systems should have these headers
   70  */
   71 #include <pwd.h>
   72 #include <grp.h>
   73 
   74 #ifdef __cplusplus
   75 extern "C" {
   76 #endif
   77 
   78 /*
   79  *  See util.c
   80  */
   81 typedef struct request_data_t request_data_t;
   82 
   83 /** Return codes indicating the result of the module call
   84  *
   85  * All module functions must return one of the codes listed below (apart from
   86  * RLM_MODULE_NUMCODES, which is used to check for validity).
   87  */
   88 typedef enum rlm_rcodes {
   89     RLM_MODULE_REJECT = 0,  //!< Immediately reject the request.
   90     RLM_MODULE_FAIL,    //!< Module failed, don't reply.
   91     RLM_MODULE_OK,      //!< The module is OK, continue.
   92     RLM_MODULE_HANDLED, //!< The module handled the request, so stop.
   93     RLM_MODULE_INVALID, //!< The module considers the request invalid.
   94     RLM_MODULE_USERLOCK,    //!< Reject the request (user is locked out).
   95     RLM_MODULE_NOTFOUND,    //!< User not found.
   96     RLM_MODULE_NOOP,    //!< Module succeeded without doing anything.
   97     RLM_MODULE_UPDATED, //!< OK (pairs modified).
   98     RLM_MODULE_NUMCODES,    //!< How many valid return codes there are.
   99     RLM_MODULE_UNKNOWN  //!< Error resolving rcode (should not be
  100                 //!< returned by modules).
  101 } rlm_rcode_t;
  102 extern const FR_NAME_NUMBER modreturn_table[];
  103 
  104 /** Main server configuration
  105  *
  106  * The parsed version of the main server config.
  107  */
  108 typedef struct main_config {
  109     struct main_config *next;           //!< Next version of the main_config.
  110 
  111     char const  *name;              //!< Name of the daemon, usually 'radiusd'.
  112     CONF_SECTION    *config;            //!< Root of the server config.
  113 
  114     fr_ipaddr_t myip;               //!< IP to bind to. Set on command line.
  115     uint16_t    port;               //!< Port to bind to. Set on command line.
  116 
  117     bool        suppress_secrets;       //!< for debug levels < 3
  118     bool        log_auth;           //!< Log all authentication attempts.
  119     bool        log_accept;         //!< Log Access-Accept
  120     bool        log_reject;         //!< Log Access-Reject
  121     bool        log_auth_badpass;       //!< Log successful authentications.
  122     bool        log_auth_goodpass;      //!< Log failed authentications.
  123     char const  *auth_badpass_msg;      //!< Additional text to append to successful auth messages.
  124     char const  *auth_goodpass_msg;     //!< Additional text to append to failed auth messages.
  125 
  126     char const  *denied_msg;            //!< Additional text to append if the user is already logged
  127                             //!< in (simultaneous use check failed).
  128 
  129     bool        daemonize;          //!< Should the server daemonize on startup.
  130     char const      *pid_file;          //!< Path to write out PID file.
  131 
  132 #ifdef WITH_PROXY
  133     bool        proxy_requests;         //!< Toggle to enable/disable proxying globally.
  134 #endif
  135     struct timeval  reject_delay;           //!< How long to wait before sending an Access-Reject.
  136     bool        status_server;          //!< Whether to respond to status-server messages.
  137 
  138 
  139     uint32_t    max_request_time;       //!< How long a request can be processed for before
  140                             //!< timing out.
  141     uint32_t    cleanup_delay;          //!< How long before cleaning up cached responses.
  142     uint32_t    max_requests;
  143 
  144     bool        postauth_client_lost;       //!< Whether to run Post-Auth-Type Client-Lost section
  145 
  146     uint32_t    debug_level;
  147     char const  *log_file;
  148     int     syslog_facility;
  149 
  150     char const  *dictionary_dir;        //!< Where to load dictionaries from.
  151 
  152     char const  *checkrad;          //!< Script to use to determine if a user is already
  153                             //!< connected.
  154 
  155     rad_listen_t    *listen;            //!< Head of a linked list of listeners.
  156 
  157 
  158     char const  *panic_action;          //!< Command to execute if the server receives a fatal
  159                             //!< signal.
  160 
  161     struct timeval  init_delay;         //!< Initial request processing delay.
  162 
  163     uint32_t        talloc_pool_size;       //!< Size of pool to allocate to hold each #REQUEST.
  164     bool        debug_memory;           //!< Cleanup the server properly on exit, freeing
  165                             //!< up any memory we allocated.
  166     bool        memory_report;          //!< Print a memory report on what's left unfreed.
  167                             //!< Can only be used when the server is running in single
  168                             //!< threaded mode.
  169 
  170     bool        allow_core_dumps;       //!< Whether the server is allowed to drop a core when
  171                             //!< receiving a fatal signal.
  172 
  173     bool        write_pid;          //!< write the PID file
  174 
  175     bool        exiting;            //!< are we exiting?
  176 
  177 
  178 #ifdef ENABLE_OPENSSL_VERSION_CHECK
  179     char const  *allow_vulnerable_openssl;  //!< The CVE number of the last security issue acknowledged.
  180 #endif
  181 } main_config_t;
  182 
  183 #if defined(WITH_VERIFY_PTR)
  184 #  define VERIFY_REQUEST(_x) verify_request(__FILE__, __LINE__, _x)
  185 #else
  186 /*
  187  *  Even if were building without WITH_VERIFY_PTR
  188  *  the pointer must not be NULL when these various macros are used
  189  *  so we can add some sneaky asserts.
  190  */
  191 #  define VERIFY_REQUEST(_x) rad_assert(_x)
  192 #endif
  193 
  194 typedef enum {
  195     REQUEST_ACTIVE = 1,
  196     REQUEST_STOP_PROCESSING,
  197     REQUEST_COUNTED
  198 } rad_master_state_t;
  199 #define REQUEST_MASTER_NUM_STATES (REQUEST_COUNTED + 1)
  200 
  201 typedef enum {
  202     REQUEST_QUEUED = 1,
  203     REQUEST_RUNNING,
  204     REQUEST_PROXIED,
  205     REQUEST_RESPONSE_DELAY,
  206     REQUEST_CLEANUP_DELAY,
  207     REQUEST_DONE
  208 } rad_child_state_t;
  209 #define REQUEST_CHILD_NUM_STATES (REQUEST_DONE + 1)
  210 
  211 struct rad_request {
  212 #ifndef NDEBUG
  213     uint32_t        magic;      //!< Magic number used to detect memory corruption,
  214                         //!< or request structs that have not been properly initialised.
  215 #endif
  216     unsigned int            number;     //!< Monotonically increasing request number. Reset on server restart.
  217     time_t          timestamp;  //!< When the request was received.
  218 
  219     request_data_t      *data;      //!< Request metadata.
  220 
  221     rad_listen_t        *listener;  //!< The listener that received the request.
  222     RADCLIENT       *client;    //!< The client that originally sent us the request.
  223 
  224     RADIUS_PACKET       *packet;    //!< Incoming request.
  225     VALUE_PAIR      *username;  //!< Cached username #VALUE_PAIR from request #RADIUS_PACKET.
  226     VALUE_PAIR      *password;  //!< Cached password #VALUE_PAIR from request #RADIUS_PACKET.
  227 
  228     RADIUS_PACKET       *reply;     //!< Outgoing response.
  229 
  230     VALUE_PAIR      *config;    //!< #VALUE_PAIR (s) used to set per request parameters
  231                         //!< for modules and the server core at runtime.
  232 
  233     TALLOC_CTX      *state_ctx; //!< for request->state
  234     VALUE_PAIR      *state;     //!< #VALUE_PAIR (s) available over the lifetime of the authentication
  235                         //!< attempt. Useful where the attempt involves a sequence of
  236                         //!< many request/challenge packets, like OTP, and EAP.
  237 
  238 #ifdef WITH_PROXY
  239     rad_listen_t        *proxy_listener;//!< Listener for outgoing requests.
  240     RADIUS_PACKET       *proxy;     //!< Outgoing request to proxy server.
  241     RADIUS_PACKET       *proxy_reply;   //!< Incoming response from proxy server.
  242 
  243     home_server_t           *home_server;
  244     home_pool_t     *home_pool; //!< For dynamic failover
  245 #endif
  246 
  247     fr_request_process_t    process;    //!< The function to call to move the request through the state machine.
  248 
  249     struct timeval      response_delay; //!< How long to wait before sending Access-Rejects.
  250     fr_state_action_t   timer_action;   //!< What action to perform when the timer event fires.
  251     fr_event_t      *ev;        //!< Event in event loop tied to this request.
  252 
  253     RAD_REQUEST_FUNP    handle;     //!< The function to call to move the request through the
  254                         //!< various server configuration sections.
  255     rlm_rcode_t     rcode;      //!< Last rcode returned by a module
  256     char const      *module;    //!< Module the request is currently being processed by.
  257     char const      *component;     //!< Section the request is in.
  258 
  259     int         delay;
  260 
  261     rad_master_state_t  master_state;   //!< Set by the master thread to signal the child that's currently
  262                         //!< working with the request, to do something.
  263     rad_child_state_t   child_state;
  264 
  265 #ifdef HAVE_PTHREAD_H
  266     pthread_t           child_pid;  //!< Current thread handling the request.
  267 #endif
  268 
  269     main_config_t       *root;      //!< Pointer to the main config hack to try and deal with hup.
  270 
  271 
  272     int         simul_max;  //!< Maximum number of concurrent sessions for this user.
  273 #ifdef WITH_SESSION_MGMT
  274     int         simul_count;    //!< The current number of sessions for this user.
  275     int         simul_mpp;  //!< WEIRD: 1 is false, 2 is true.
  276 #endif
  277 
  278     RAD_LISTEN_TYPE     priority;
  279 
  280     bool            in_request_hash;
  281 #ifdef WITH_PROXY
  282     bool            in_proxy_hash;
  283 
  284     uint32_t        num_proxied_requests;   //!< How many times this request was proxied.
  285                             //!< Retransmissions are driven by requests from the NAS.
  286     uint32_t        num_proxied_responses;
  287 #endif
  288 
  289     char const      *server;
  290     REQUEST         *parent;
  291 
  292     struct {
  293         radlog_func_t   func;       //!< Function to call to output log messages about this
  294                         //!< request.
  295 
  296         log_lvl_t   lvl;        //!< Controls the verbosity of debug statements regarding
  297                         //!< the request.
  298 
  299         uint8_t     indent;     //!< By how much to indent log messages. uin8_t so it's obvious
  300                         //!< when a request has been exdented too much.
  301     } log;
  302 
  303     uint32_t        options;    //!< mainly for proxying EAP-MSCHAPv2.
  304 
  305 #ifdef WITH_COA
  306     REQUEST         *coa;       //!< CoA request originated by this request.
  307     uint32_t        num_coa_requests;//!< Counter for number of requests sent including
  308                         //!< retransmits.
  309 #endif
  310 };              /* REQUEST typedef */
  311 
  312 #define RAD_REQUEST_LVL_NONE    (0)     //!< No debug messages should be printed.
  313 #define RAD_REQUEST_LVL_DEBUG   (1)
  314 #define RAD_REQUEST_LVL_DEBUG2  (2)
  315 #define RAD_REQUEST_LVL_DEBUG3  (3)
  316 #define RAD_REQUEST_LVL_DEBUG4  (4)
  317 
  318 #define RAD_REQUEST_OPTION_COA      (1 << 0)
  319 #define RAD_REQUEST_OPTION_CTX      (1 << 1)
  320 #define RAD_REQUEST_OPTION_CANCELLED    (1 << 2)
  321 
  322 #define SECONDS_PER_DAY     86400
  323 #define MAX_REQUEST_TIME    30
  324 #define CLEANUP_DELAY       5
  325 #define MAX_REQUESTS        256
  326 #define RETRY_DELAY     5
  327 #define RETRY_COUNT     3
  328 #define DEAD_TIME       120
  329 #define EXEC_TIMEOUT        10
  330 
  331 /* for paircompare_register */
  332 typedef int (*RAD_COMPARE_FUNC)(void *instance, REQUEST *,VALUE_PAIR *, VALUE_PAIR *, VALUE_PAIR *, VALUE_PAIR **);
  333 
  334 typedef enum request_fail {
  335     REQUEST_FAIL_UNKNOWN = 0,
  336     REQUEST_FAIL_NO_THREADS,    //!< No threads to handle it.
  337     REQUEST_FAIL_DECODE,        //!< Rad_decode didn't like it.
  338     REQUEST_FAIL_PROXY,     //!< Call to proxy modules failed.
  339     REQUEST_FAIL_PROXY_SEND,    //!< Proxy_send didn't like it.
  340     REQUEST_FAIL_NO_RESPONSE,   //!< We weren't told to respond, so we reject.
  341     REQUEST_FAIL_HOME_SERVER,   //!< The home server didn't respond.
  342     REQUEST_FAIL_HOME_SERVER2,  //!< Another case of the above.
  343     REQUEST_FAIL_HOME_SERVER3,  //!< Another case of the above.
  344     REQUEST_FAIL_NORMAL_REJECT, //!< Authentication failure.
  345     REQUEST_FAIL_SERVER_TIMEOUT //!< The server took too long to process the request.
  346 } request_fail_t;
  347 
  348 /*
  349  *  Global variables.
  350  *
  351  *  We really shouldn't have this many.
  352  */
  353 extern log_lvl_t    rad_debug_lvl;
  354 extern char const   *radacct_dir;
  355 extern char const   *radlog_dir;
  356 extern char const   *radlib_dir;
  357 extern bool     log_stripped_names;
  358 extern char const   *radiusd_version;
  359 extern char const   *radiusd_version_short;
  360 void            radius_signal_self(int flag);
  361 
  362 typedef enum {
  363     RADIUS_SIGNAL_SELF_NONE     = (0),
  364     RADIUS_SIGNAL_SELF_HUP      = (1 << 0),
  365     RADIUS_SIGNAL_SELF_TERM     = (1 << 1),
  366     RADIUS_SIGNAL_SELF_EXIT     = (1 << 2),
  367     RADIUS_SIGNAL_SELF_DETAIL   = (1 << 3),
  368     RADIUS_SIGNAL_SELF_NEW_FD   = (1 << 4),
  369     RADIUS_SIGNAL_SELF_MAX      = (1 << 5)
  370 } radius_signal_t;
  371 /*
  372  *  Function prototypes.
  373  */
  374 
  375 /* acct.c */
  376 int     rad_accounting(REQUEST *);
  377 
  378 int     rad_coa_recv(REQUEST *request);
  379 
  380 /* session.c */
  381 int     rad_check_ts(uint32_t nasaddr, uint32_t nas_port, char const *user, char const *sessionid);
  382 int     session_zap(REQUEST *request, uint32_t nasaddr,
  383                 uint32_t nas_port, char const *user,
  384                 char const *sessionid, uint32_t cliaddr,
  385                 char proto, int session_time);
  386 
  387 /* radiusd.c */
  388 #undef debug_pair
  389 void        debug_pair(VALUE_PAIR *);
  390 void        rdebug_pair(log_lvl_t level, REQUEST *, VALUE_PAIR *, char const *);
  391 void        rdebug_pair_list(log_lvl_t level, REQUEST *, VALUE_PAIR *, char const *);
  392 void        rdebug_proto_pair_list(log_lvl_t level, REQUEST *, VALUE_PAIR *);
  393 int     log_err (char *);
  394 
  395 /* util.c */
  396 #define MEM(x) if (!(x)) { ERROR("%s[%u] OUT OF MEMORY", __FILE__, __LINE__); _fr_exit_now(__FILE__, __LINE__, 1); }
  397 void (*reset_signal(int signo, void (*func)(int)))(int);
  398 int     rad_mkdir(char *directory, mode_t mode, uid_t uid, gid_t gid);
  399 size_t      rad_filename_make_safe(UNUSED REQUEST *request, char *out, size_t outlen,
  400                        char const *in, UNUSED void *arg);
  401 size_t      rad_filename_escape(UNUSED REQUEST *request, char *out, size_t outlen,
  402                     char const *in, UNUSED void *arg);
  403 ssize_t     rad_filename_unescape(char *out, size_t outlen, char const *in, size_t inlen);
  404 void        *rad_malloc(size_t size); /* calls exit(1) on error! */
  405 void        rad_const_free(void const *ptr);
  406 REQUEST     *request_alloc(TALLOC_CTX *ctx);
  407 REQUEST     *request_alloc_fake(REQUEST *oldreq);
  408 REQUEST     *request_alloc_coa(REQUEST *request);
  409 int     request_data_add(REQUEST *request,
  410                  void *unique_ptr, int unique_int,
  411                  void *opaque, bool free_opaque);
  412 void        *request_data_get(REQUEST *request,
  413                   void *unique_ptr, int unique_int);
  414 void        *request_data_reference(REQUEST *request,
  415                   void *unique_ptr, int unique_int);
  416 int     rad_copy_string(char *dst, char const *src);
  417 int     rad_copy_string_bare(char *dst, char const *src);
  418 int     rad_copy_variable(char *dst, char const *from);
  419 uint32_t    rad_pps(uint32_t *past, uint32_t *present, time_t *then, struct timeval *now);
  420 int     rad_expand_xlat(REQUEST *request, char const *cmd,
  421                 int max_argc, char const *argv[], bool can_fail,
  422                 size_t argv_buflen, char *argv_buf);
  423 void        rad_tv_sub(struct timeval const *end, struct timeval const *start, struct timeval *elapsed);
  424 
  425 void        verify_request(char const *file, int line, REQUEST *request);   /* only for special debug builds */
  426 void        rad_mode_to_str(char out[10], mode_t mode);
  427 void        rad_mode_to_oct(char out[5], mode_t mode);
  428 int     rad_getpwuid(TALLOC_CTX *ctx, struct passwd **out, uid_t uid);
  429 int     rad_getpwnam(TALLOC_CTX *ctx, struct passwd **out, char const *name);
  430 int     rad_getgrgid(TALLOC_CTX *ctx, struct group **out, gid_t gid);
  431 int     rad_getgrnam(TALLOC_CTX *ctx, struct group **out, char const *name);
  432 int     rad_getgid(TALLOC_CTX *ctx, gid_t *out, char const *name);
  433 int     rad_prints_uid(TALLOC_CTX *ctx, char *out, size_t outlen, uid_t uid);
  434 int     rad_prints_gid(TALLOC_CTX *ctx, char *out, size_t outlen, gid_t gid);
  435 int     rad_seuid(uid_t uid);
  436 int     rad_segid(gid_t gid);
  437 
  438 void        rad_suid_set_down_uid(uid_t uid);
  439 void        rad_suid_down(void);
  440 void        rad_suid_up(void);
  441 void        rad_suid_down_permanent(void);
  442 /* regex.c */
  443 
  444 #ifdef HAVE_REGEX
  445 /*
  446  *  Increasing this is essentially free
  447  *  It just increases memory usage. 12-16 bytes for each additional subcapture.
  448  */
  449 #  define REQUEST_MAX_REGEX 32
  450 
  451 void    regex_sub_to_request(REQUEST *request, regex_t **preg, char const *value,
  452                  size_t len, regmatch_t rxmatch[], size_t nmatch);
  453 
  454 int regex_request_to_sub(TALLOC_CTX *ctx, char **out, REQUEST *request, uint32_t num);
  455 
  456 /*
  457  *  Named capture groups only supported by PCRE.
  458  */
  459 #  ifdef HAVE_PCRE
  460 int regex_request_to_sub_named(TALLOC_CTX *ctx, char **out, REQUEST *request, char const *name);
  461 #  endif
  462 #endif
  463 
  464 /* files.c */
  465 int     pairlist_read(TALLOC_CTX *ctx, char const *file, PAIR_LIST **list, int complain);
  466 void        pairlist_free(PAIR_LIST **);
  467 
  468 /* version.c */
  469 int     rad_check_lib_magic(uint64_t magic);
  470 int         ssl_check_consistency(void);
  471 char const  *ssl_version_by_num(uint32_t version);
  472 char const  *ssl_version_num(void);
  473 char const  *ssl_version_range(uint32_t low, uint32_t high);
  474 char const  *ssl_version(void);
  475 int     version_add_feature(CONF_SECTION *cs, char const *name, bool enabled);
  476 int     version_add_number(CONF_SECTION *cs, char const *name, char const *version);
  477 void        version_init_features(CONF_SECTION *cs);
  478 void        version_init_numbers(CONF_SECTION *cs);
  479 void        version_print(void);
  480 
  481 /* auth.c */
  482 char    *auth_name(char *buf, size_t buflen, REQUEST *request, bool do_cli);
  483 int     rad_authenticate (REQUEST *);
  484 int     rad_postauth(REQUEST *);
  485 int     rad_virtual_server(REQUEST *);
  486 
  487 /* exec.c */
  488 pid_t radius_start_program(char const *cmd, REQUEST *request, bool exec_wait,
  489                int *input_fd, int *output_fd,
  490                VALUE_PAIR *input_pairs, bool shell_escape);
  491 int radius_readfrom_program(int fd, pid_t pid, int timeout,
  492                 char *answer, int left);
  493 int radius_exec_program(TALLOC_CTX *ctx, char *out, size_t outlen, VALUE_PAIR **output_pairs,
  494             REQUEST *request, char const *cmd, VALUE_PAIR *input_pairs,
  495             bool exec_wait, bool shell_escape, int timeout) CC_HINT(nonnull (5, 6));
  496 void exec_trigger(REQUEST *request, CONF_SECTION *cs, char const *name, int quench)
  497      CC_HINT(nonnull (3));
  498 
  499 /* valuepair.c */
  500 int paircompare_register_byname(char const *name, DICT_ATTR const *from,
  501                 bool first_only, RAD_COMPARE_FUNC func, void *instance);
  502 int paircompare_register(DICT_ATTR const *attribute, DICT_ATTR const *from,
  503              bool first_only, RAD_COMPARE_FUNC func, void *instance);
  504 void        paircompare_unregister(DICT_ATTR const *attr, RAD_COMPARE_FUNC func);
  505 void        paircompare_unregister_instance(void *instance);
  506 int     paircompare(REQUEST *request, VALUE_PAIR *req_list,
  507                 VALUE_PAIR *check, VALUE_PAIR **rep_list);
  508 vp_tmpl_t   *xlat_to_tmpl_attr(TALLOC_CTX *ctx, xlat_exp_t *xlat);
  509 xlat_exp_t      *xlat_from_tmpl_attr(TALLOC_CTX *ctx, vp_tmpl_t *vpt);
  510 int     radius_xlat_do(REQUEST *request, VALUE_PAIR *vp);
  511 int radius_compare_vps(REQUEST *request, VALUE_PAIR *check, VALUE_PAIR *vp);
  512 int radius_callback_compare(REQUEST *request, VALUE_PAIR *req,
  513                 VALUE_PAIR *check, VALUE_PAIR *check_pairs,
  514                 VALUE_PAIR **reply_pairs);
  515 int radius_find_compare(DICT_ATTR const *attribute);
  516 VALUE_PAIR  *radius_pair_create(TALLOC_CTX *ctx, VALUE_PAIR **vps, unsigned int attribute, unsigned int vendor);
  517 
  518 void module_failure_msg(REQUEST *request, char const *fmt, ...) CC_HINT(format (printf, 2, 3));
  519 void vmodule_failure_msg(REQUEST *request, char const *fmt, va_list ap) CC_HINT(format (printf, 2, 0));
  520 
  521 int radius_get_vp(VALUE_PAIR **out, REQUEST *request, char const *name);
  522 int radius_copy_vp(TALLOC_CTX *ctx, VALUE_PAIR **out, REQUEST *request, char const *name);
  523 
  524 
  525 /*
  526  *  Less code == fewer bugs
  527  *
  528  * @param _a attribute
  529  * @param _b value
  530  * @param _c op
  531  */
  532 #define pair_make_request(_a, _b, _c) fr_pair_make(request->packet, &request->packet->vps, _a, _b, _c)
  533 #define pair_make_reply(_a, _b, _c) fr_pair_make(request->reply, &request->reply->vps, _a, _b, _c)
  534 #define pair_make_config(_a, _b, _c) fr_pair_make(request, &request->config, _a, _b, _c)
  535 
  536 /* threads.c */
  537 int thread_pool_init(CONF_SECTION *cs, bool *spawn_flag);
  538 void    thread_pool_stop(void);
  539 int thread_pool_addrequest(REQUEST *, RAD_REQUEST_FUNP);
  540 pid_t   rad_fork(void);
  541 pid_t   rad_waitpid(pid_t pid, int *status);
  542 int total_active_threads(void);
  543 void    thread_pool_lock(void);
  544 void    thread_pool_unlock(void);
  545 void    thread_pool_queue_stats(int array[RAD_LISTEN_MAX], int pps[2]);
  546 
  547 #ifndef HAVE_PTHREAD_H
  548 #  define rad_fork(n) fork()
  549 #  define rad_waitpid(a,b) waitpid(a,b, 0)
  550 #endif
  551 
  552 /* main_config.c */
  553 /* Define a global config structure */
  554 extern bool         log_dates_utc;
  555 extern main_config_t        main_config;
  556 extern bool         event_loop_started;
  557 
  558 void set_radius_dir(TALLOC_CTX *ctx, char const *path);
  559 char const *get_radius_dir(void);
  560 int main_config_init(void);
  561 int main_config_free(void);
  562 void main_config_hup(void);
  563 void hup_logfile(void);
  564 
  565 /* listen.c */
  566 void listen_free(rad_listen_t **head);
  567 int listen_init(CONF_SECTION *cs, rad_listen_t **head, bool spawn_flag);
  568 rad_listen_t *proxy_new_listener(TALLOC_CTX *ctx, home_server_t *home, uint16_t src_port);
  569 RADCLIENT *client_listener_find(rad_listen_t *listener, fr_ipaddr_t const *ipaddr, uint16_t src_port);
  570 
  571 #ifdef WITH_STATS
  572 RADCLIENT_LIST *listener_find_client_list(fr_ipaddr_t const *ipaddr, uint16_t port, int proto);
  573 #endif
  574 rad_listen_t *listener_find_byipaddr(fr_ipaddr_t const *ipaddr, uint16_t port, int proto);
  575 int rad_status_server(REQUEST *request);
  576 
  577 /* event.c */
  578 typedef enum event_corral_t {
  579     EVENT_CORRAL_MAIN = 0,  //!< Always main thread event list
  580     EVENT_CORRAL_AUX    //!< Maybe main thread or one shared by modules
  581 } event_corral_t;
  582 
  583 fr_event_list_t *radius_event_list_corral(event_corral_t hint);
  584 int radius_event_init(TALLOC_CTX *ctx);
  585 int radius_event_start(CONF_SECTION *cs, bool spawn_flag);
  586 void radius_event_free(void);
  587 int radius_event_process(void);
  588 void radius_update_listener(rad_listen_t *listener);
  589 void revive_home_server(void *ctx);
  590 void mark_home_server_dead(home_server_t *home, struct timeval *when, bool down);
  591 
  592 /* evaluate.c */
  593 typedef struct fr_cond_t fr_cond_t;
  594 int radius_evaluate_tmpl(REQUEST *request, int modreturn, int depth,
  595              vp_tmpl_t const *vpt);
  596 int radius_evaluate_map(REQUEST *request, int modreturn, int depth,
  597             fr_cond_t const *c);
  598 int radius_evaluate_cond(REQUEST *request, int modreturn, int depth,
  599              fr_cond_t const *c);
  600 void radius_pairmove(REQUEST *request, VALUE_PAIR **to, VALUE_PAIR *from, bool do_xlat) CC_HINT(nonnull);
  601 
  602 #ifdef WITH_TLS
  603 /*
  604  *  For run-time patching of which function handles which socket.
  605  */
  606 int dual_tls_recv(rad_listen_t *listener);
  607 int dual_tls_send(rad_listen_t *listener, REQUEST *request);
  608 int proxy_tls_recv(rad_listen_t *listener);
  609 int proxy_tls_send(rad_listen_t *listener, REQUEST *request);
  610 #endif
  611 
  612 /*
  613  *  For radmin over TCP.
  614  */
  615 #define PW_RADMIN_PORT 18120
  616 
  617 #ifdef __cplusplus
  618 }
  619 #endif
  620 
  621 #endif /*RADIUSD_H*/