00001
00002
00003
00004
00005
00006
00007
00008
00009
00010
00011
00012
00013
00014
00015
00016
00017
00018
00019
00020
00021
00028 #define _GNU_SOURCE
00029
00030 #include <stdio.h>
00031 #include <stdlib.h>
00032 #include <syslog.h>
00033
00034 #include <pthread.h>
00035
00036 #include <string.h>
00037 #include <ctype.h>
00038
00039 #include "common.h"
00040 #include "safe.h"
00041 #include "debug.h"
00042 #include "conf.h"
00043 #include "http.h"
00044 #include "auth.h"
00045 #include "firewall.h"
00046
00047 #include "util.h"
00048
00051 static s_config config;
00052
00056 pthread_mutex_t config_mutex = PTHREAD_MUTEX_INITIALIZER;
00057
00061 static int missing_parms;
00062
00065 typedef enum {
00066 oBadOption,
00067 oDaemon,
00068 oDebugLevel,
00069 oExternalInterface,
00070 oGatewayID,
00071 oGatewayInterface,
00072 oGatewayAddress,
00073 oGatewayPort,
00074 oAuthServer,
00075 oAuthServHostname,
00076 oAuthServSSLAvailable,
00077 oAuthServSSLPort,
00078 oAuthServHTTPPort,
00079 oAuthServPath,
00080 oAuthServLoginScriptPathFragment,
00081 oAuthServPortalScriptPathFragment,
00082 oAuthServMsgScriptPathFragment,
00083 oAuthServPingScriptPathFragment,
00084 oAuthServAuthScriptPathFragment,
00085 oHTTPDMaxConn,
00086 oHTTPDName,
00087 oHTTPDRealm,
00088 oHTTPDUsername,
00089 oHTTPDPassword,
00090 oClientTimeout,
00091 oCheckInterval,
00092 oWdctlSocket,
00093 oSyslogFacility,
00094 oFirewallRule,
00095 oFirewallRuleSet,
00096 oTrustedMACList,
00097 oHtmlMessageFile,
00098 } OpCodes;
00099
00102 static const struct {
00103 const char *name;
00104 OpCodes opcode;
00105 } keywords[] = {
00106 { "daemon", oDaemon },
00107 { "debuglevel", oDebugLevel },
00108 { "externalinterface", oExternalInterface },
00109 { "gatewayid", oGatewayID },
00110 { "gatewayinterface", oGatewayInterface },
00111 { "gatewayaddress", oGatewayAddress },
00112 { "gatewayport", oGatewayPort },
00113 { "authserver", oAuthServer },
00114 { "httpdmaxconn", oHTTPDMaxConn },
00115 { "httpdname", oHTTPDName },
00116 { "httpdrealm", oHTTPDRealm },
00117 { "httpdusername", oHTTPDUsername },
00118 { "httpdpassword", oHTTPDPassword },
00119 { "clienttimeout", oClientTimeout },
00120 { "checkinterval", oCheckInterval },
00121 { "syslogfacility", oSyslogFacility },
00122 { "wdctlsocket", oWdctlSocket },
00123 { "hostname", oAuthServHostname },
00124 { "sslavailable", oAuthServSSLAvailable },
00125 { "sslport", oAuthServSSLPort },
00126 { "httpport", oAuthServHTTPPort },
00127 { "path", oAuthServPath },
00128 { "loginscriptpathfragment", oAuthServLoginScriptPathFragment },
00129 { "portalscriptpathfragment", oAuthServPortalScriptPathFragment },
00130 { "msgscriptpathfragment", oAuthServMsgScriptPathFragment },
00131 { "pingscriptpathfragment", oAuthServPingScriptPathFragment },
00132 { "authscriptpathfragment", oAuthServAuthScriptPathFragment },
00133 { "firewallruleset", oFirewallRuleSet },
00134 { "firewallrule", oFirewallRule },
00135 { "trustedmaclist", oTrustedMACList },
00136 { "htmlmessagefile", oHtmlMessageFile },
00137 { NULL, oBadOption },
00138 };
00139
00140 static void config_notnull(const void *parm, const char *parmname);
00141 static int parse_boolean_value(char *);
00142 static void parse_auth_server(FILE *, const char *, int *);
00143 static int _parse_firewall_rule(const char *ruleset, char *leftover);
00144 static void parse_firewall_ruleset(const char *, FILE *, const char *, int *);
00145
00146 static OpCodes config_parse_token(const char *cp, const char *filename, int linenum);
00147
00151 s_config *
00152 config_get_config(void)
00153 {
00154 return &config;
00155 }
00156
00158 void
00159 config_init(void)
00160 {
00161 debug(LOG_DEBUG, "Setting default config parameters");
00162 strncpy(config.configfile, DEFAULT_CONFIGFILE, sizeof(config.configfile));
00163 config.htmlmsgfile = safe_strdup(DEFAULT_HTMLMSGFILE);
00164 config.debuglevel = DEFAULT_DEBUGLEVEL;
00165 config.httpdmaxconn = DEFAULT_HTTPDMAXCONN;
00166 config.external_interface = NULL;
00167 config.gw_id = DEFAULT_GATEWAYID;
00168 config.gw_interface = NULL;
00169 config.gw_address = NULL;
00170 config.gw_port = DEFAULT_GATEWAYPORT;
00171 config.auth_servers = NULL;
00172 config.httpdname = NULL;
00173 config.httpdrealm = DEFAULT_HTTPDNAME;
00174 config.httpdusername = NULL;
00175 config.httpdpassword = NULL;
00176 config.clienttimeout = DEFAULT_CLIENTTIMEOUT;
00177 config.checkinterval = DEFAULT_CHECKINTERVAL;
00178 config.syslog_facility = DEFAULT_SYSLOG_FACILITY;
00179 config.daemon = -1;
00180 config.log_syslog = DEFAULT_LOG_SYSLOG;
00181 config.wdctl_sock = safe_strdup(DEFAULT_WDCTL_SOCK);
00182 config.internal_sock = safe_strdup(DEFAULT_INTERNAL_SOCK);
00183 config.rulesets = NULL;
00184 config.trustedmaclist = NULL;
00185 }
00186
00190 void
00191 config_init_override(void)
00192 {
00193 if (config.daemon == -1) config.daemon = DEFAULT_DAEMON;
00194 }
00195
00199 static OpCodes
00200 config_parse_token(const char *cp, const char *filename, int linenum)
00201 {
00202 int i;
00203
00204 for (i = 0; keywords[i].name; i++)
00205 if (strcasecmp(cp, keywords[i].name) == 0)
00206 return keywords[i].opcode;
00207
00208 debug(LOG_ERR, "%s: line %d: Bad configuration option: %s",
00209 filename, linenum, cp);
00210 return oBadOption;
00211 }
00212
00216 static void
00217 parse_auth_server(FILE *file, const char *filename, int *linenum)
00218 {
00219 char *host = NULL,
00220 *path = NULL,
00221 *loginscriptpathfragment = NULL,
00222 *portalscriptpathfragment = NULL,
00223 *msgscriptpathfragment = NULL,
00224 *pingscriptpathfragment = NULL,
00225 *authscriptpathfragment = NULL,
00226 line[MAX_BUF],
00227 *p1,
00228 *p2;
00229 int http_port,
00230 ssl_port,
00231 ssl_available,
00232 opcode;
00233 t_auth_serv *new,
00234 *tmp;
00235
00236
00237 path = safe_strdup(DEFAULT_AUTHSERVPATH);
00238 loginscriptpathfragment = safe_strdup(DEFAULT_AUTHSERVLOGINPATHFRAGMENT);
00239 portalscriptpathfragment = safe_strdup(DEFAULT_AUTHSERVPORTALPATHFRAGMENT);
00240 msgscriptpathfragment = safe_strdup(DEFAULT_AUTHSERVMSGPATHFRAGMENT);
00241 pingscriptpathfragment = safe_strdup(DEFAULT_AUTHSERVPINGPATHFRAGMENT);
00242 authscriptpathfragment = safe_strdup(DEFAULT_AUTHSERVAUTHPATHFRAGMENT);
00243 http_port = DEFAULT_AUTHSERVPORT;
00244 ssl_port = DEFAULT_AUTHSERVSSLPORT;
00245 ssl_available = DEFAULT_AUTHSERVSSLAVAILABLE;
00246
00247
00248 memset(line, 0, MAX_BUF);
00249 fgets(line, MAX_BUF - 1, file);
00250 (*linenum)++;
00251
00252
00253 while ((line[0] != '\0') && (strchr(line, '}') == NULL)) {
00254
00255 for (p1 = line; isblank(*p1); p1++);
00256
00257
00258 if ((p2 = strchr(p1, '#')) != NULL) {
00259 *p2 = '\0';
00260 } else if ((p2 = strchr(p1, '\r')) != NULL) {
00261 *p2 = '\0';
00262 } else if ((p2 = strchr(p1, '\n')) != NULL) {
00263 *p2 = '\0';
00264 }
00265
00266
00267 if (strlen(p1) > 0) {
00268 p2 = p1;
00269
00270 while ((*p2 != '\0') && (!isblank(*p2)))
00271 p2++;
00272
00273
00274 *p2 = '\0';
00275 p2++;
00276
00277
00278 while (isblank(*p2))
00279 p2++;
00280
00281
00282 opcode = config_parse_token(p1, filename, *linenum);
00283
00284 switch (opcode) {
00285 case oAuthServHostname:
00286 host = safe_strdup(p2);
00287 break;
00288 case oAuthServPath:
00289 free(path);
00290 path = safe_strdup(p2);
00291 break;
00292 case oAuthServLoginScriptPathFragment:
00293 free(loginscriptpathfragment);
00294 loginscriptpathfragment = safe_strdup(p2);
00295 break;
00296 case oAuthServPortalScriptPathFragment:
00297 free(portalscriptpathfragment);
00298 portalscriptpathfragment = safe_strdup(p2);
00299 break;
00300 case oAuthServMsgScriptPathFragment:
00301 free(msgscriptpathfragment);
00302 msgscriptpathfragment = safe_strdup(p2);
00303 break;
00304 case oAuthServPingScriptPathFragment:
00305 free(pingscriptpathfragment);
00306 pingscriptpathfragment = safe_strdup(p2);
00307 break;
00308 case oAuthServAuthScriptPathFragment:
00309 free(authscriptpathfragment);
00310 authscriptpathfragment = safe_strdup(p2);
00311 break;
00312 case oAuthServSSLPort:
00313 ssl_port = atoi(p2);
00314 break;
00315 case oAuthServHTTPPort:
00316 http_port = atoi(p2);
00317 break;
00318 case oAuthServSSLAvailable:
00319 ssl_available = parse_boolean_value(p2);
00320 if (ssl_available < 0)
00321 ssl_available = 0;
00322 break;
00323 case oBadOption:
00324 default:
00325 debug(LOG_ERR, "Bad option on line %d "
00326 "in %s.", *linenum,
00327 filename);
00328 debug(LOG_ERR, "Exiting...");
00329 exit(-1);
00330 break;
00331 }
00332 }
00333
00334
00335 memset(line, 0, MAX_BUF);
00336 fgets(line, MAX_BUF - 1, file);
00337 (*linenum)++;
00338 }
00339
00340
00341 if (host == NULL)
00342 return;
00343
00344 debug(LOG_DEBUG, "Adding %s:%d (SSL: %d) %s to the auth server list",
00345 host, http_port, ssl_port, path);
00346
00347
00348 new = safe_malloc(sizeof(t_auth_serv));
00349
00350
00351 memset(new, 0, sizeof(t_auth_serv));
00352 new->authserv_hostname = host;
00353 new->authserv_use_ssl = ssl_available;
00354 new->authserv_path = path;
00355 new->authserv_login_script_path_fragment = loginscriptpathfragment;
00356 new->authserv_portal_script_path_fragment = portalscriptpathfragment;
00357 new->authserv_msg_script_path_fragment = msgscriptpathfragment;
00358 new->authserv_ping_script_path_fragment = pingscriptpathfragment;
00359 new->authserv_auth_script_path_fragment = authscriptpathfragment;
00360 new->authserv_http_port = http_port;
00361 new->authserv_ssl_port = ssl_port;
00362
00363
00364 if (config.auth_servers == NULL) {
00365 config.auth_servers = new;
00366 } else {
00367 for (tmp = config.auth_servers; tmp->next != NULL;
00368 tmp = tmp->next);
00369 tmp->next = new;
00370 }
00371
00372 debug(LOG_DEBUG, "Auth server added");
00373 }
00374
00384 #define TO_NEXT_WORD(s, e) do { \
00385 while (*s != '\0' && !isblank(*s)) { \
00386 s++; \
00387 } \
00388 if (*s != '\0') { \
00389 *s = '\0'; \
00390 s++; \
00391 while (isblank(*s)) \
00392 s++; \
00393 } else { \
00394 e = 1; \
00395 } \
00396 } while (0)
00397
00401 static void
00402 parse_firewall_ruleset(const char *ruleset, FILE *file, const char *filename, int *linenum)
00403 {
00404 char line[MAX_BUF],
00405 *p1,
00406 *p2;
00407 int opcode;
00408
00409 debug(LOG_DEBUG, "Adding Firewall Rule Set %s", ruleset);
00410
00411
00412 memset(line, 0, MAX_BUF);
00413 fgets(line, MAX_BUF - 1, file);
00414 (*linenum)++;
00415
00416
00417 while ((line[0] != '\0') && (strchr(line, '}') == NULL)) {
00418
00419 for (p1 = line; isblank(*p1); p1++);
00420
00421
00422 if ((p2 = strchr(p1, '#')) != NULL) {
00423 *p2 = '\0';
00424 } else if ((p2 = strchr(p1, '\r')) != NULL) {
00425 *p2 = '\0';
00426 } else if ((p2 = strchr(p1, '\n')) != NULL) {
00427 *p2 = '\0';
00428 }
00429
00430
00431 if (strlen(p1) > 0) {
00432 p2 = p1;
00433
00434 while ((*p2 != '\0') && (!isblank(*p2)))
00435 p2++;
00436
00437
00438 *p2 = '\0';
00439 p2++;
00440
00441
00442 while (isblank(*p2))
00443 p2++;
00444
00445
00446 opcode = config_parse_token(p1, filename, *linenum);
00447
00448 debug(LOG_DEBUG, "p1 = [%s]; p2 = [%s]", p1, p2);
00449
00450 switch (opcode) {
00451 case oFirewallRule:
00452 _parse_firewall_rule(ruleset, p2);
00453 break;
00454
00455 case oBadOption:
00456 default:
00457 debug(LOG_ERR, "Bad option on line %d "
00458 "in %s.", *linenum,
00459 filename);
00460 debug(LOG_ERR, "Exiting...");
00461 exit(-1);
00462 break;
00463 }
00464 }
00465
00466
00467 memset(line, 0, MAX_BUF);
00468 fgets(line, MAX_BUF - 1, file);
00469 (*linenum)++;
00470 }
00471
00472 debug(LOG_DEBUG, "Firewall Rule Set %s added.", ruleset);
00473 }
00474
00478 static int
00479 _parse_firewall_rule(const char *ruleset, char *leftover)
00480 {
00481 int i;
00482 int block_allow = 0;
00483 int all_nums = 1;
00484 int finished = 0;
00485 char *token = NULL;
00486 char *port = NULL;
00487 char *protocol = NULL;
00488 char *mask = NULL;
00489 char *other_kw = NULL;
00490 t_firewall_ruleset *tmpr;
00491 t_firewall_ruleset *tmpr2;
00492 t_firewall_rule *tmp;
00493 t_firewall_rule *tmp2;
00494
00495 debug(LOG_DEBUG, "leftover: %s", leftover);
00496
00497
00498 for (i = 0; *(leftover + i) != '\0'
00499 && (*(leftover + i) = tolower((unsigned char)*(leftover + i))); i++);
00500
00501 token = leftover;
00502 TO_NEXT_WORD(leftover, finished);
00503
00504
00505 if (!strcasecmp(token, "block") || finished) {
00506 block_allow = 0;
00507 } else if (!strcasecmp(token, "allow")) {
00508 block_allow = 1;
00509 } else {
00510 debug(LOG_ERR, "Invalid rule type %s, expecting "
00511 "\"block\" or \"allow\"", token);
00512 return -1;
00513 }
00514
00515
00516
00517 if (strncmp(leftover, "tcp", 3) == 0
00518 || strncmp(leftover, "udp", 3) == 0
00519 || strncmp(leftover, "icmp", 4) == 0) {
00520 protocol = leftover;
00521 TO_NEXT_WORD(leftover, finished);
00522 }
00523
00524
00525 if (strncmp(leftover, "port", 4) == 0) {
00526 TO_NEXT_WORD(leftover, finished);
00527
00528 port = leftover;
00529 TO_NEXT_WORD(leftover, finished);
00530 for (i = 0; *(port + i) != '\0'; i++)
00531 if (!isdigit((unsigned char)*(port + i)))
00532 all_nums = 0;
00533 if (!all_nums) {
00534 debug(LOG_ERR, "Invalid port %s", port);
00535 return -3;
00536 }
00537 }
00538
00539
00540 if (!finished) {
00541
00542 other_kw = leftover;
00543 TO_NEXT_WORD(leftover, finished);
00544 if (strcmp(other_kw, "to") || finished) {
00545 debug(LOG_ERR, "Invalid or unexpected keyword %s, "
00546 "expecting \"to\"", other_kw);
00547 return -4;
00548 }
00549
00550
00551 mask = leftover;
00552 TO_NEXT_WORD(leftover, finished);
00553 all_nums = 1;
00554 for (i = 0; *(mask + i) != '\0'; i++)
00555 if (!isdigit((unsigned char)*(mask + i)) && (*(mask + i) != '.')
00556 && (*(mask + i) != '/'))
00557 all_nums = 0;
00558 if (!all_nums) {
00559 debug(LOG_ERR, "Invalid mask %s", mask);
00560 return -3;
00561 }
00562 }
00563
00564
00565 tmp = safe_malloc(sizeof(t_firewall_rule));
00566 memset((void *)tmp, 0, sizeof(t_firewall_rule));
00567 tmp->block_allow = block_allow;
00568 if (protocol != NULL)
00569 tmp->protocol = safe_strdup(protocol);
00570 if (port != NULL)
00571 tmp->port = safe_strdup(port);
00572 if (mask == NULL)
00573 tmp->mask = safe_strdup("0.0.0.0/0");
00574 else
00575 tmp->mask = safe_strdup(mask);
00576
00577 debug(LOG_DEBUG, "Adding Firewall Rule %s %s port %s to %s", token, tmp->protocol, tmp->port, tmp->mask);
00578
00579
00580 if (config.rulesets == NULL) {
00581 config.rulesets = safe_malloc(sizeof(t_firewall_ruleset));
00582 memset(config.rulesets, 0, sizeof(t_firewall_ruleset));
00583 config.rulesets->name = safe_strdup(ruleset);
00584 tmpr = config.rulesets;
00585 } else {
00586 tmpr2 = tmpr = config.rulesets;
00587 while (tmpr != NULL && (strcmp(tmpr->name, ruleset) != 0)) {
00588 tmpr2 = tmpr;
00589 tmpr = tmpr->next;
00590 }
00591 if (tmpr == NULL) {
00592
00593 tmpr = safe_malloc(sizeof(t_firewall_ruleset));
00594 memset(tmpr, 0, sizeof(t_firewall_ruleset));
00595 tmpr->name = safe_strdup(ruleset);
00596 tmpr2->next = tmpr;
00597 }
00598 }
00599
00600
00601 if (tmpr->rules == NULL) {
00602
00603 tmpr->rules = tmp;
00604 } else {
00605 tmp2 = tmpr->rules;
00606 while (tmp2->next != NULL)
00607 tmp2 = tmp2->next;
00608 tmp2->next = tmp;
00609 }
00610
00611 return 1;
00612 }
00613
00614 t_firewall_rule *
00615 get_ruleset(const char *ruleset)
00616 {
00617 t_firewall_ruleset *tmp;
00618
00619 for (tmp = config.rulesets; tmp != NULL
00620 && strcmp(tmp->name, ruleset) != 0; tmp = tmp->next);
00621
00622 if (tmp == NULL)
00623 return NULL;
00624
00625 return(tmp->rules);
00626 }
00627
00631 void
00632 config_read(const char *filename)
00633 {
00634 FILE *fd;
00635 char line[MAX_BUF], *s, *p1, *p2;
00636 int linenum = 0, opcode, value;
00637
00638 debug(LOG_INFO, "Reading configuration file '%s'", filename);
00639
00640 if (!(fd = fopen(filename, "r"))) {
00641 debug(LOG_ERR, "Could not open configuration file '%s', "
00642 "exiting...", filename);
00643 exit(1);
00644 }
00645
00646 while (!feof(fd) && fgets(line, MAX_BUF, fd)) {
00647 linenum++;
00648 s = line;
00649
00650 if (s[strlen(s) - 1] == '\n')
00651 s[strlen(s) - 1] = '\0';
00652
00653 if ((p1 = strchr(s, ' '))) {
00654 p1[0] = '\0';
00655 } else if ((p1 = strchr(s, '\t'))) {
00656 p1[0] = '\0';
00657 }
00658
00659 if (p1) {
00660 p1++;
00661
00662 if ((p2 = strchr(p1, ' '))) {
00663 p2[0] = '\0';
00664 } else if ((p2 = strstr(p1, "\r\n"))) {
00665 p2[0] = '\0';
00666 } else if ((p2 = strchr(p1, '\n'))) {
00667 p2[0] = '\0';
00668 }
00669 }
00670
00671 if (p1 && p1[0] != '\0') {
00672
00673
00674 if ((strncmp(s, "#", 1)) != 0) {
00675 debug(LOG_DEBUG, "Parsing token: %s, "
00676 "value: %s", s, p1);
00677 opcode = config_parse_token(s, filename, linenum);
00678
00679 switch(opcode) {
00680 case oDaemon:
00681 if (config.daemon == -1 && ((value = parse_boolean_value(p1)) != -1)) {
00682 config.daemon = value;
00683 }
00684 break;
00685 case oExternalInterface:
00686 config.external_interface = safe_strdup(p1);
00687 break;
00688 case oGatewayID:
00689 config.gw_id = safe_strdup(p1);
00690 break;
00691 case oGatewayInterface:
00692 config.gw_interface = safe_strdup(p1);
00693 break;
00694 case oGatewayAddress:
00695 config.gw_address = safe_strdup(p1);
00696 break;
00697 case oGatewayPort:
00698 sscanf(p1, "%d", &config.gw_port);
00699 break;
00700 case oAuthServer:
00701 parse_auth_server(fd, filename,
00702 &linenum);
00703 break;
00704 case oFirewallRuleSet:
00705 parse_firewall_ruleset(p1, fd, filename, &linenum);
00706 break;
00707 case oTrustedMACList:
00708 parse_trusted_mac_list(p1);
00709 break;
00710 case oHTTPDName:
00711 config.httpdname = safe_strdup(p1);
00712 break;
00713 case oHTTPDMaxConn:
00714 sscanf(p1, "%d", &config.httpdmaxconn);
00715 break;
00716 case oHTTPDRealm:
00717 config.httpdrealm = safe_strdup(p1);
00718 break;
00719 case oHTTPDUsername:
00720 config.httpdusername = safe_strdup(p1);
00721 break;
00722 case oHTTPDPassword:
00723 config.httpdpassword = safe_strdup(p1);
00724 break;
00725 case oBadOption:
00726 debug(LOG_ERR, "Bad option on line %d "
00727 "in %s.", linenum,
00728 filename);
00729 debug(LOG_ERR, "Exiting...");
00730 exit(-1);
00731 break;
00732 case oCheckInterval:
00733 sscanf(p1, "%d", &config.checkinterval);
00734 break;
00735 case oWdctlSocket:
00736 free(config.wdctl_sock);
00737 config.wdctl_sock = safe_strdup(p1);
00738 break;
00739 case oClientTimeout:
00740 sscanf(p1, "%d", &config.clienttimeout);
00741 break;
00742 case oSyslogFacility:
00743 sscanf(p1, "%d", &config.syslog_facility);
00744 break;
00745 case oHtmlMessageFile:
00746 config.htmlmsgfile = safe_strdup(p1);
00747 break;
00748
00749 }
00750 }
00751 }
00752 }
00753
00754 if (config.httpdusername && !config.httpdpassword) {
00755 debug(LOG_ERR, "HTTPDUserName requires a HTTPDPassword to be set.");
00756 exit(-1);
00757 }
00758
00759 fclose(fd);
00760 }
00761
00765 static int
00766 parse_boolean_value(char *line)
00767 {
00768 if (strcasecmp(line, "yes") == 0) {
00769 return 1;
00770 }
00771 if (strcasecmp(line, "no") == 0) {
00772 return 0;
00773 }
00774 if (strcmp(line, "1") == 0) {
00775 return 1;
00776 }
00777 if (strcmp(line, "0") == 0) {
00778 return 0;
00779 }
00780
00781 return -1;
00782 }
00783
00784 void parse_trusted_mac_list(char *ptr) {
00785 char *ptrcopy = NULL;
00786 char *possiblemac = NULL;
00787 char *mac = NULL;
00788 t_trusted_mac *p = NULL;
00789
00790 debug(LOG_DEBUG, "Parsing string [%s] for trusted MAC addresses", ptr);
00791
00792 mac = safe_malloc(18);
00793
00794
00795 ptrcopy = safe_strdup(ptr);
00796
00797 while ((possiblemac = strsep(&ptrcopy, ", "))) {
00798 if (sscanf(possiblemac, " %17[A-Fa-f0-9:]", mac) == 1) {
00799
00800
00801 debug(LOG_DEBUG, "Adding MAC address [%s] to trusted list", mac);
00802
00803 if (config.trustedmaclist == NULL) {
00804 config.trustedmaclist = safe_malloc(sizeof(t_trusted_mac));
00805 config.trustedmaclist->mac = safe_strdup(mac);
00806 config.trustedmaclist->next = NULL;
00807 }
00808 else {
00809
00810 for (p = config.trustedmaclist; p->next != NULL; p = p->next);
00811 p->next = safe_malloc(sizeof(t_trusted_mac));
00812 p = p->next;
00813 p->mac = safe_strdup(mac);
00814 p->next = NULL;
00815 }
00816
00817 }
00818 }
00819
00820 free(ptrcopy);
00821
00822 free(mac);
00823
00824 }
00825
00827 void
00828 config_validate(void)
00829 {
00830 config_notnull(config.gw_interface, "GatewayInterface");
00831 config_notnull(config.auth_servers, "AuthServer");
00832
00833 if (missing_parms) {
00834 debug(LOG_ERR, "Configuration is not complete, exiting...");
00835 exit(-1);
00836 }
00837 }
00838
00842 static void
00843 config_notnull(const void *parm, const char *parmname)
00844 {
00845 if (parm == NULL) {
00846 debug(LOG_ERR, "%s is not set", parmname);
00847 missing_parms = 1;
00848 }
00849 }
00850
00854 t_auth_serv *
00855 get_auth_server(void)
00856 {
00857
00858
00859 return config.auth_servers;
00860 }
00861
00866 void
00867 mark_auth_server_bad(t_auth_serv *bad_server)
00868 {
00869 t_auth_serv *tmp;
00870
00871 if (config.auth_servers == bad_server && bad_server->next != NULL) {
00872
00873 for (tmp = config.auth_servers; tmp->next != NULL; tmp = tmp->next);
00874
00875 tmp->next = bad_server;
00876
00877 config.auth_servers = bad_server->next;
00878
00879 bad_server->next = NULL;
00880 }
00881
00882 }