Moved generic RADIUS protocol support to a dedicated libradius

author: Martin Willi <martin@revosec.ch> 2012-02-27 15:18:58 +0100
committer: Martin Willi <martin@revosec.ch> 2012-03-05 18:08:04 +0100
commit: f0f94e2ce6eac9893498c50e5155a0085229fe8c (patch)
tree: b73b09693a5de5d87f1b07e2be051a523a6abbb6 /src
parent: 990fda9d881e502e2974fc9f6feb07cefce1aa6b (diff)
download: strongswan-f0f94e2ce6eac9893498c50e5155a0085229fe8c.tar.bz2
strongswan-f0f94e2ce6eac9893498c50e5155a0085229fe8c.tar.xz
19 files changed, 94 insertions, 67 deletions
diff --git a/src/Makefile.am b/src/Makefile.am
index 041bd480f..1440de20f 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -16,6 +16,10 @@ if USE_TLS
   SUBDIRS += libtls
 endif
 
+if USE_RADIUS
+  SUBDIRS += libradius
+endif
+
 if USE_LIBTNCIF
   SUBDIRS += libtncif
 endif
diff --git a/src/checksum/Makefile.am b/src/checksum/Makefile.am
index a55891a29..58292a45a 100644
--- a/src/checksum/Makefile.am
+++ b/src/checksum/Makefile.am
@@ -45,6 +45,11 @@ if USE_TLS
   libs += $(DESTDIR)$(ipseclibdir)/libtls.so
 endif
 
+if USE_RADIUS
+  deps += $(top_builddir)/src/libradius/libradius.la
+  libs += $(DESTDIR)$(ipseclibdir)/libradius.so
+endif
+
 if USE_LIBTNCCS
   deps += $(top_builddir)/src/libtnccs/libtnccs.la
   libs += $(DESTDIR)$(ipseclibdir)/libtnccs.so
diff --git a/src/libcharon/Makefile.am b/src/libcharon/Makefile.am
index b50ea2507..fba51c662 100644
--- a/src/libcharon/Makefile.am
+++ b/src/libcharon/Makefile.am
@@ -326,6 +326,13 @@ if MONOLITHIC
 endif
 endif
 
+if USE_RADIUS
+if MONOLITHIC
+  # otherwise this library is linked to eap_radius
+  libcharon_la_LIBADD += $(top_builddir)/src/libradius/libradius.la
+endif
+endif
+
 if USE_TNC_IFMAP
   SUBDIRS += plugins/tnc_ifmap
 if MONOLITHIC
diff --git a/src/libcharon/plugins/eap_radius/Makefile.am b/src/libcharon/plugins/eap_radius/Makefile.am
index 96bfa6fcb..181497ab5 100644
--- a/src/libcharon/plugins/eap_radius/Makefile.am
+++ b/src/libcharon/plugins/eap_radius/Makefile.am
@@ -1,12 +1,13 @@
 
 INCLUDES = -I$(top_srcdir)/src/libstrongswan -I$(top_srcdir)/src/libhydra \
-	-I$(top_srcdir)/src/libcharon
+	-I$(top_srcdir)/src/libcharon -I$(top_srcdir)/src/libradius
 
 AM_CFLAGS = -rdynamic
 
 if MONOLITHIC
 noinst_LTLIBRARIES = libstrongswan-eap-radius.la
 else
+libstrongswan_eap_radius_la_LIBADD = $(top_builddir)/src/libradius/libradius.la
 plugin_LTLIBRARIES = libstrongswan-eap-radius.la
 endif
 
@@ -15,10 +16,6 @@ libstrongswan_eap_radius_la_SOURCES = \
 	eap_radius.h eap_radius.c \
 	eap_radius_accounting.h eap_radius_accounting.c \
 	eap_radius_dae.h eap_radius_dae.c \
-	eap_radius_forward.h eap_radius_forward.c \
-	radius_server.h radius_server.c \
-	radius_socket.h radius_socket.c \
-	radius_client.h radius_client.c \
-	radius_message.h radius_message.c
+	eap_radius_forward.h eap_radius_forward.c
 
 libstrongswan_eap_radius_la_LDFLAGS = -module -avoid-version
diff --git a/src/libcharon/plugins/eap_radius/eap_radius.c b/src/libcharon/plugins/eap_radius/eap_radius.c
index f2b47e3f0..051d46ecf 100644
--- a/src/libcharon/plugins/eap_radius/eap_radius.c
+++ b/src/libcharon/plugins/eap_radius/eap_radius.c
@@ -14,10 +14,11 @@
  */
 
 #include "eap_radius.h"
+#include "eap_radius_plugin.h"
 #include "eap_radius_forward.h"
 
-#include "radius_message.h"
-#include "radius_client.h"
+#include <radius_message.h>
+#include <radius_client.h>
 
 #include <daemon.h>
 
@@ -462,7 +463,7 @@ eap_radius_t *eap_radius_create(identification_t *server, identification_t *peer
 								"charon.plugins.eap-radius.filter_id", FALSE),
 
 	);
-	this->client = radius_client_create();
+	this->client = eap_radius_create_client();
 	if (!this->client)
 	{
 		free(this);
diff --git a/src/libcharon/plugins/eap_radius/eap_radius_accounting.c b/src/libcharon/plugins/eap_radius/eap_radius_accounting.c
index 25013f62d..45be22704 100644
--- a/src/libcharon/plugins/eap_radius/eap_radius_accounting.c
+++ b/src/libcharon/plugins/eap_radius/eap_radius_accounting.c
@@ -14,11 +14,12 @@
  */
 
 #include "eap_radius_accounting.h"
+#include "eap_radius_plugin.h"
 
 #include <time.h>
 
-#include "radius_message.h"
-#include "radius_client.h"
+#include <radius_message.h>
+#include <radius_client.h>
 #include <daemon.h>
 #include <utils/hashtable.h>
 #include <threading/mutex.h>
@@ -125,7 +126,7 @@ static bool send_message(private_eap_radius_accounting_t *this,
 	radius_client_t *client;
 	bool ack = FALSE;
 
-	client = radius_client_create();
+	client = eap_radius_create_client();
 	if (client)
 	{
 		response = client->request(client, request);
diff --git a/src/libcharon/plugins/eap_radius/eap_radius_dae.c b/src/libcharon/plugins/eap_radius/eap_radius_dae.c
index 3ea587309..1cc19afaa 100644
--- a/src/libcharon/plugins/eap_radius/eap_radius_dae.c
+++ b/src/libcharon/plugins/eap_radius/eap_radius_dae.c
@@ -15,7 +15,7 @@
 
 #include "eap_radius_dae.h"
 
-#include "radius_message.h"
+#include <radius_message.h>
 
 #include <sys/types.h>
 #include <sys/stat.h>
diff --git a/src/libcharon/plugins/eap_radius/eap_radius_forward.h b/src/libcharon/plugins/eap_radius/eap_radius_forward.h
index e1a8c4170..2c1dbf7a8 100644
--- a/src/libcharon/plugins/eap_radius/eap_radius_forward.h
+++ b/src/libcharon/plugins/eap_radius/eap_radius_forward.h
@@ -15,13 +15,13 @@
 
 /**
  * @defgroup eap_radius_forward eap_radius_forward
- * @{ @ingroup
+ * @{ @ingroup eap_radius
  */
 
 #ifndef EAP_RADIUS_FORWARD_H_
 #define EAP_RADIUS_FORWARD_H_
 
-#include "radius_message.h"
+#include <radius_message.h>
 
 #include <bus/listeners/listener.h>
 
diff --git a/src/libcharon/plugins/eap_radius/eap_radius_plugin.c b/src/libcharon/plugins/eap_radius/eap_radius_plugin.c
index e544aaf3e..0caecc1ad 100644
--- a/src/libcharon/plugins/eap_radius/eap_radius_plugin.c
+++ b/src/libcharon/plugins/eap_radius/eap_radius_plugin.c
@@ -19,8 +19,9 @@
 #include "eap_radius_accounting.h"
 #include "eap_radius_dae.h"
 #include "eap_radius_forward.h"
-#include "radius_client.h"
-#include "radius_server.h"
+
+#include <radius_client.h>
+#include <radius_server.h>
 
 #include <daemon.h>
 #include <threading/rwlock.h>
@@ -261,15 +262,43 @@ plugin_t *eap_radius_plugin_create()
 /**
  * See header
  */
-enumerator_t *eap_radius_create_server_enumerator()
+radius_client_t *eap_radius_create_client()
 {
 	if (instance)
 	{
+		enumerator_t *enumerator;
+		radius_server_t *server, *selected = NULL;
+		int current, best = -1;
+
 		instance->lock->read_lock(instance->lock);
-		return enumerator_create_cleaner(
-					instance->servers->create_enumerator(instance->servers),
-					(void*)instance->lock->unlock, instance->lock);
+		enumerator = instance->servers->create_enumerator(instance->servers);
+		while (enumerator->enumerate(enumerator, &server))
+		{
+			current = server->get_preference(server);
+			if (current > best ||
+				/* for two with equal preference, 50-50 chance */
+				(current == best && random() % 2 == 0))
+			{
+				DBG2(DBG_CFG, "RADIUS server '%s' is candidate: %d",
+					 server->get_name(server), current);
+				best = current;
+				DESTROY_IF(selected);
+				selected = server->get_ref(server);
+			}
+			else
+			{
+				DBG2(DBG_CFG, "RADIUS server '%s' skipped: %d",
+					 server->get_name(server), current);
+			}
+		}
+		enumerator->destroy(enumerator);
+		instance->lock->unlock(instance->lock);
+
+		if (selected)
+		{
+			return radius_client_create(selected);
+		}
 	}
-	return enumerator_create_empty();
+	return NULL;
 }
 
diff --git a/src/libcharon/plugins/eap_radius/eap_radius_plugin.h b/src/libcharon/plugins/eap_radius/eap_radius_plugin.h
index cb724364a..1570bd566 100644
--- a/src/libcharon/plugins/eap_radius/eap_radius_plugin.h
+++ b/src/libcharon/plugins/eap_radius/eap_radius_plugin.h
@@ -25,7 +25,8 @@
 #define EAP_RADIUS_PLUGIN_H_
 
 #include <plugins/plugin.h>
-#include <utils/enumerator.h>
+
+#include <radius_client.h>
 
 typedef struct eap_radius_plugin_t eap_radius_plugin_t;
 
@@ -44,10 +45,10 @@ struct eap_radius_plugin_t {
 };
 
 /**
- * Create an enumerator over all loaded RADIUS servers.
+ * Get a RADIUS client instance to connect to servers.
  *
- * @return			enumerator over radius_server_t
+ * @return			RADIUS client
  */
-enumerator_t *eap_radius_create_server_enumerator();
+radius_client_t *eap_radius_create_client();
 
 #endif /** EAP_RADIUS_PLUGIN_H_ @}*/
diff --git a/src/libradius/Makefile.am b/src/libradius/Makefile.am
new file mode 100644
index 000000000..8723a78e9
--- /dev/null
+++ b/src/libradius/Makefile.am
@@ -0,0 +1,9 @@
+
+INCLUDES = -I$(top_srcdir)/src/libstrongswan
+
+ipseclib_LTLIBRARIES = libradius.la
+libradius_la_SOURCES = \
+	radius_message.h radius_message.c \
+	radius_socket.h radius_socket.c \
+	radius_client.h radius_client.c \
+	radius_server.h radius_server.c
diff --git a/src/libcharon/plugins/eap_radius/radius_client.c b/src/libradius/radius_client.c
index 1a67096cb..9c12be4eb 100644
--- a/src/libcharon/plugins/eap_radius/radius_client.c
+++ b/src/libradius/radius_client.c
@@ -14,8 +14,6 @@
  */
 
 #include "radius_client.h"
-
-#include "eap_radius_plugin.h"
 #include "radius_server.h"
 
 #include <unistd.h>
@@ -137,12 +135,9 @@ METHOD(radius_client_t, destroy, void,
 /**
  * See header
  */
-radius_client_t *radius_client_create()
+radius_client_t *radius_client_create(radius_server_t *server)
 {
 	private_radius_client_t *this;
-	enumerator_t *enumerator;
-	radius_server_t *server;
-	int current, best = -1;
 
 	INIT(this,
 		.public = {
@@ -150,36 +145,8 @@ radius_client_t *radius_client_create()
 			.get_msk = _get_msk,
 			.destroy = _destroy,
 		},
+		.server = server,
 	);
 
-	enumerator = eap_radius_create_server_enumerator();
-	while (enumerator->enumerate(enumerator, &server))
-	{
-		current = server->get_preference(server);
-		if (current > best ||
-			/* for two with equal preference, 50-50 chance */
-			(current == best && random() % 2 == 0))
-		{
-			DBG2(DBG_CFG, "RADIUS server '%s' is candidate: %d",
-				 server->get_name(server), current);
-			best = current;
-			DESTROY_IF(this->server);
-			this->server = server->get_ref(server);
-		}
-		else
-		{
-			DBG2(DBG_CFG, "RADIUS server '%s' skipped: %d",
-				 server->get_name(server), current);
-		}
-	}
-	enumerator->destroy(enumerator);
-
-	if (!this->server)
-	{
-		free(this);
-		return NULL;
-	}
-
 	return &this->public;
 }
-
diff --git a/src/libcharon/plugins/eap_radius/radius_client.h b/src/libradius/radius_client.h
index e4f3a7222..4ec344be0 100644
--- a/src/libcharon/plugins/eap_radius/radius_client.h
+++ b/src/libradius/radius_client.h
@@ -15,13 +15,14 @@
 
 /**
  * @defgroup radius_client radius_client
- * @{ @ingroup eap_radius
+ * @{ @ingroup libradius
  */
 
 #ifndef RADIUS_CLIENT_H_
 #define RADIUS_CLIENT_H_
 
 #include "radius_message.h"
+#include "radius_server.h"
 
 typedef struct radius_client_t radius_client_t;
 
@@ -59,8 +60,9 @@ struct radius_client_t {
 /**
  * Create a RADIUS client.
  *
+ * @param server	reference to a server configuration, gets owned
  * @return			radius_client_t object
  */
-radius_client_t *radius_client_create();
+radius_client_t *radius_client_create(radius_server_t *server);
 
 #endif /** RADIUS_CLIENT_H_ @}*/
diff --git a/src/libcharon/plugins/eap_radius/radius_message.c b/src/libradius/radius_message.c
index ad8875423..bd3a32f07 100644
--- a/src/libcharon/plugins/eap_radius/radius_message.c
+++ b/src/libradius/radius_message.c
@@ -488,4 +488,3 @@ radius_message_t *radius_message_parse(chunk_t data)
 	}
 	return &this->public;
 }
-
diff --git a/src/libcharon/plugins/eap_radius/radius_message.h b/src/libradius/radius_message.h
index 355714505..41cfb51a3 100644
--- a/src/libcharon/plugins/eap_radius/radius_message.h
+++ b/src/libradius/radius_message.h
@@ -14,8 +14,13 @@
  */
 
 /**
+ * @defgroup libradius libradius
+ *
+ * @addtogroup libradius
+ * RADIUS protocol support library.
+ *
  * @defgroup radius_message radius_message
- * @{ @ingroup eap_radius
+ * @{ @ingroup libradius
  */
 
 #ifndef RADIUS_MESSAGE_H_
diff --git a/src/libcharon/plugins/eap_radius/radius_server.c b/src/libradius/radius_server.c
index 282f50892..282f50892 100644
--- a/src/libcharon/plugins/eap_radius/radius_server.c
+++ b/src/libradius/radius_server.c
diff --git a/src/libcharon/plugins/eap_radius/radius_server.h b/src/libradius/radius_server.h
index 93b0e5d8d..2cc281cc1 100644
--- a/src/libcharon/plugins/eap_radius/radius_server.h
+++ b/src/libradius/radius_server.h
@@ -15,7 +15,7 @@
 
 /**
  * @defgroup radius_server radius_server
- * @{ @ingroup eap_radius
+ * @{ @ingroup libradius
  */
 
 #ifndef RADIUS_SERVER_H_
diff --git a/src/libcharon/plugins/eap_radius/radius_socket.c b/src/libradius/radius_socket.c
index 875bd61e9..875bd61e9 100644
--- a/src/libcharon/plugins/eap_radius/radius_socket.c
+++ b/src/libradius/radius_socket.c
diff --git a/src/libcharon/plugins/eap_radius/radius_socket.h b/src/libradius/radius_socket.h
index 0301ec6d0..07d642c08 100644
--- a/src/libcharon/plugins/eap_radius/radius_socket.h
+++ b/src/libradius/radius_socket.h
@@ -15,7 +15,7 @@
 
 /**
  * @defgroup radius_socket radius_socket
- * @{ @ingroup eap_radius
+ * @{ @ingroup libradius
  */
 
 #ifndef RADIUS_SOCKET_H_
author	Martin Willi <martin@revosec.ch>	2012-02-27 15:18:58 +0100
committer	Martin Willi <martin@revosec.ch>	2012-03-05 18:08:04 +0100
commit	f0f94e2ce6eac9893498c50e5155a0085229fe8c (patch)
tree	b73b09693a5de5d87f1b07e2be051a523a6abbb6 /src
parent	990fda9d881e502e2974fc9f6feb07cefce1aa6b (diff)
download	strongswan-f0f94e2ce6eac9893498c50e5155a0085229fe8c.tar.bz2 strongswan-f0f94e2ce6eac9893498c50e5155a0085229fe8c.tar.xz