diff --git a/src/authradius.c b/src/authradius.c index 19f84f2..f8ab686 100644 --- a/src/authradius.c +++ b/src/authradius.c @@ -160,15 +160,11 @@ -#ifdef NOIPV6 -struct sockaddr_in radiuslist[MAXRADIUS]; -#else -struct sockaddr_in6 radiuslist[MAXRADIUS]; -#endif +struct radserver radiuslist[MAXRADIUS]; static int ntry = 0; int nradservers = 0; -char * radiussecret = NULL; +char radiussecret[64]=""; pthread_mutex_t rad_mutex; @@ -299,7 +295,7 @@ typedef struct radius_packet_t { #define RETURN(xxx) { res = xxx; goto CLEANRET; } -int radauth(struct clientparam * param){ +int radsend(struct clientparam * param, int auth){ int loop; int id; @@ -483,8 +479,10 @@ int radauth(struct clientparam * param){ memcpy(vector, packet.vector, AUTH_VECTOR_LEN); for (loop = 0; loop < nradservers && loop < MAXRADIUS; loop++) { + SOCKET remsock; - saremote = radiuslist[loop]; + + saremote = auth?radiuslist[loop].authaddr : radiuslist[loop].logaddr; #ifdef NOIPV6 if(*SAFAMILY(&saremote)!= AF_INET) { continue; @@ -494,20 +492,23 @@ int radauth(struct clientparam * param){ continue; } #endif - if(!*SAPORT(&saremote))*SAPORT(&saremote) = htons(1812); packet.id++; - if(sockfd >= 0) so._closesocket(sockfd); - if ((sockfd = so._socket(SASOCK(&saremote), SOCK_DGRAM, 0)) < 0) { - return 4; + if(auth) { + if(sockfd >= 0) so._closesocket(sockfd); + if ((sockfd = so._socket(SASOCK(&saremote), SOCK_DGRAM, 0)) < 0) { + return 4; + } + remsock = sockfd; } - len = so._sendto(sockfd, (char *)&packet, total_length, 0, + else remsock = radiuslist[loop].logsock; + len = so._sendto(remsock, (char *)&packet, total_length, 0, (struct sockaddr *)&saremote, sizeof(saremote)); if(len != ntohs(packet.length)){ continue; } memset(fds, 0, sizeof(fds)); - fds[0].fd = sockfd; + fds[0].fd = remsock; fds[0].events = POLLIN; if(so._poll(fds, 1, conf.timeouts[SINGLEBYTE_L]*1000) <= 0) { continue; @@ -515,7 +516,7 @@ int radauth(struct clientparam * param){ salen = sizeof(saremote); - data_len = so._recvfrom(sockfd, (char *)&rpacket, sizeof(packet)-16, + data_len = so._recvfrom(remsock, (char *)&rpacket, sizeof(packet)-16, 0, (struct sockaddr *)&saremote, &salen); @@ -608,4 +609,9 @@ CLEANRET: return res; } +int radauth(struct clientparam * param){ + return radsend(param, 1); +} + + #endif diff --git a/src/common.c b/src/common.c index bd5e064..dfc3dd8 100644 --- a/src/common.c +++ b/src/common.c @@ -15,6 +15,9 @@ char * copyright = COPYRIGHT; int randomizer = 1; +int havelog = 0; + + #ifndef _WIN32 pthread_attr_t pa; diff --git a/src/conf.c b/src/conf.c index 4893b39..5bc804f 100644 --- a/src/conf.c +++ b/src/conf.c @@ -292,14 +292,25 @@ static int h_external(int argc, unsigned char ** argv){ return 0; } + static int h_log(int argc, unsigned char ** argv){ unsigned char tmpbuf[8192]; + + + havelog = 1; conf.logfunc = logstdout; + if(argc > 1 && conf.logtarget && *argv[1]!= '&' && *argv[1]!= '@' && !strcmp((char *)conf.logtarget, (char *)argv[1])) { + return 0; + } if(conf.logtarget){ myfree(conf.logtarget); conf.logtarget = NULL; } if(argc > 1) { + if(!strcmp((char *) argv[1], "/dev/null")) { + conf.logfunc = lognone; + return 0; + } conf.logtarget = (unsigned char *)mystrdup((char *)argv[1]); if(*argv[1]=='@'){ #ifndef _WIN32 @@ -1259,13 +1270,34 @@ static int h_delimchar(int argc, unsigned char **argv){ return 0; } + static int h_radius(int argc, unsigned char **argv){ - char * rs = radiussecret; - radiussecret = mystrdup(argv[1]); + int oldrad; +#ifdef NOIPV6 + struct sockaddr_in bindaddr; +#else + struct sockaddr_in6 bindaddr; +#endif + unsigned short port; + + oldrad = nradservers; nradservers = 0; + for(; oldrad; oldrad--){ + if(radiuslist[oldrad].logsock >= 0)closesocket(radiuslist[oldrad].logsock); + radiuslist[oldrad].logsock = -1; + } memset(radiuslist, 0, sizeof(radiuslist)); + if(strlen(argv[1]) > 63) argv[1][63] = 0; + strcpy(radiussecret, argv[1]); for( ; nradservers < MAXRADIUS && nradservers < argc -2; nradservers++){ - if( !getip46(46, argv[nradservers + 2], (struct sockaddr *)&radiuslist[nradservers])) return 1; + if( !getip46(46, argv[nradservers + 2], (struct sockaddr *)&radiuslist[nradservers].authaddr)) return 1; + if(!*SAPORT(&radiuslist[nradservers].authaddr))*SAPORT(&radiuslist[nradservers].authaddr) = htons(1812); + port = ntohs(*SAPORT(&radiuslist[nradservers].authaddr)); + radiuslist[nradservers].logaddr = radiuslist[nradservers].authaddr; + *SAPORT(&radiuslist[nradservers].logaddr) = htons(port); + bindaddr = conf.intsa; + if ((radiuslist[nradservers].logsock = so._socket(SASOCK(&radiuslist[nradservers].logaddr), SOCK_DGRAM, 0)) < 0) return 2; + if (so._bind(radiuslist[nradservers].logsock, (struct sockaddr *)&bindaddr, SASIZE(&bindaddr))) return 3; } return 0; } @@ -1638,12 +1670,14 @@ void freeconf(struct extparam *confp){ pthread_mutex_unlock(&pwl_mutex); +/* logtarget = confp->logtarget; confp->logtarget = NULL; - logformat = confp->logformat; - confp->logformat = NULL; logname = confp->logname; confp->logname = NULL; +*/ + logformat = confp->logformat; + confp->logformat = NULL; confp->rotate = 0; confp->logtype = NONE; @@ -1693,12 +1727,14 @@ void freeconf(struct extparam *confp){ for(; fm; fm = (struct filemon *)itfree(fm, fm->next)){ if(fm->path) myfree(fm->path); } +/* if(logtarget) { myfree(logtarget); } if(logname) { myfree(logname); } +*/ if(logformat) { myfree(logformat); } @@ -1706,7 +1742,7 @@ void freeconf(struct extparam *confp){ for(i = 0; i < archiverc; i++) myfree(archiver[i]); myfree(archiver); } - + havelog = 0; } int reload (void){ diff --git a/src/proxy.h b/src/proxy.h index a99f9b1..3836080 100644 --- a/src/proxy.h +++ b/src/proxy.h @@ -245,7 +245,7 @@ int parseusername(char *username, struct clientparam *param, int extpasswd); int parseconnusername(char *username, struct clientparam *param, int extpasswd, unsigned short port); int ACLmatches(struct ace* acentry, struct clientparam * param); int checkACL(struct clientparam * param); - +extern int havelog; unsigned long udpresolve(int af, unsigned char * name, unsigned char * value, unsigned *retttl, struct clientparam* param, int makeauth); struct ace * copyacl (struct ace *ac); @@ -332,14 +332,18 @@ extern struct commands commandhandlers[]; #define mapsocket(a,b) sockmap(a,b) #endif -#ifdef NOIPV6 -extern struct sockaddr_in radiuslist[MAXRADIUS]; -#else -extern struct sockaddr_in6 radiuslist[MAXRADIUS]; -#endif +extern struct radserver { +#ifdef NOIPV6 + struct sockaddr_in authaddr, logaddr; +#else + struct sockaddr_in6 authaddr, logaddr; +#endif + SOCKET logsock; +} radiuslist[MAXRADIUS]; + +extern char radiussecret[64]; extern int nradservers; -extern char * radiussecret; extern struct socketoptions { int opt; char * optname; diff --git a/src/proxymain.c b/src/proxymain.c index 3c41179..6e8f9f4 100644 --- a/src/proxymain.c +++ b/src/proxymain.c @@ -830,7 +830,7 @@ void srvinit(struct srvparam * srv, struct clientparam *param){ memset(srv, 0, sizeof(struct srvparam)); srv->version = conf.version + 1; srv->paused = conf.paused; - srv->logfunc = conf.logfunc; + srv->logfunc = havelog?conf.logfunc:lognone; srv->noforce = conf.noforce; if(srv->logformat)myfree(srv->logformat); srv->logformat = conf.logformat? (unsigned char *)mystrdup((char *)conf.logformat) : NULL; @@ -839,7 +839,7 @@ void srvinit(struct srvparam * srv, struct clientparam *param){ srv->maxchild = conf.maxchild; srv->stacksize = conf.stacksize; srv->time_start = time(NULL); - if(conf.logtarget){ + if(havelog && conf.logtarget){ if(srv->logtarget) myfree(srv->logtarget); srv->logtarget = (unsigned char *)mystrdup((char *)conf.logtarget); }