conf.c

Go to the documentation of this file.
00001 /********************************************************************\
00002  * This program is free software; you can redistribute it and/or    *
00003  * modify it under the terms of the GNU General Public License as   *
00004  * published by the Free Software Foundation; either version 2 of   *
00005  * the License, or (at your option) any later version.              *
00006  *                                                                  *
00007  * This program is distributed in the hope that it will be useful,  *
00008  * but WITHOUT ANY WARRANTY; without even the implied warranty of   *
00009  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the    *
00010  * GNU General Public License for more details.                     *
00011  *                                                                  *
00012  * You should have received a copy of the GNU General Public License*
00013  * along with this program; if not, contact:                        *
00014  *                                                                  *
00015  * Free Software Foundation           Voice:  +1-617-542-5942       *
00016  * 59 Temple Place - Suite 330        Fax:    +1-617-542-2652       *
00017  * Boston, MA  02111-1307,  USA       gnu@gnu.org                   *
00018  *                                                                  *
00019  \********************************************************************/
00020 
00021 /* $Id: conf.c 1243 2007-06-28 01:48:01Z benoitg $ */
00028 #define _GNU_SOURCE
00029 
00030 #include <stdio.h>
00031 #include <stdlib.h>
00032 #include <syslog.h>
00033 
00034 #include <pthread.h>
00035 
00036 #include <string.h>
00037 #include <ctype.h>
00038 
00039 #include "common.h"
00040 #include "safe.h"
00041 #include "debug.h"
00042 #include "conf.h"
00043 #include "http.h"
00044 #include "auth.h"
00045 #include "firewall.h"
00046 
00047 #include "util.h"
00048 
00051 static s_config config;
00052 
00056 pthread_mutex_t config_mutex = PTHREAD_MUTEX_INITIALIZER;
00057 
00061 static int missing_parms;
00062 
00065 typedef enum {
00066         oBadOption,
00067         oDaemon,
00068         oDebugLevel,
00069         oExternalInterface,
00070         oGatewayID,
00071         oGatewayInterface,
00072         oGatewayAddress,
00073         oGatewayPort,
00074         oAuthServer,
00075         oAuthServHostname,
00076         oAuthServSSLAvailable,
00077         oAuthServSSLPort,
00078         oAuthServHTTPPort,
00079         oAuthServPath,
00080         oAuthServLoginScriptPathFragment,
00081         oAuthServPortalScriptPathFragment,
00082         oAuthServMsgScriptPathFragment,
00083         oAuthServPingScriptPathFragment,
00084         oAuthServAuthScriptPathFragment,
00085         oHTTPDMaxConn,
00086         oHTTPDName,
00087         oClientTimeout,
00088         oCheckInterval,
00089         oWdctlSocket,
00090         oSyslogFacility,
00091         oFirewallRule,
00092         oFirewallRuleSet,
00093         oTrustedMACList
00094 } OpCodes;
00095 
00098 static const struct {
00099         const char *name;
00100         OpCodes opcode;
00101         int required;
00102 } keywords[] = {
00103         { "daemon",             oDaemon },
00104         { "debuglevel",         oDebugLevel },
00105         { "externalinterface",  oExternalInterface },
00106         { "gatewayid",          oGatewayID },
00107         { "gatewayinterface",   oGatewayInterface },
00108         { "gatewayaddress",     oGatewayAddress },
00109         { "gatewayport",        oGatewayPort },
00110         { "authserver",         oAuthServer },
00111         { "httpdmaxconn",       oHTTPDMaxConn },
00112         { "httpdname",          oHTTPDName },
00113         { "clienttimeout",      oClientTimeout },
00114         { "checkinterval",      oCheckInterval },
00115         { "syslogfacility",     oSyslogFacility },
00116         { "wdctlsocket",            oWdctlSocket },
00117         { "hostname",               oAuthServHostname },
00118         { "sslavailable",           oAuthServSSLAvailable },
00119         { "sslport",                oAuthServSSLPort },
00120         { "httpport",               oAuthServHTTPPort },
00121         { "path",                       oAuthServPath },
00122         { "loginscriptpathfragment",    oAuthServLoginScriptPathFragment },
00123         { "portalscriptpathfragment",   oAuthServPortalScriptPathFragment },
00124         { "msgscriptpathfragment",              oAuthServMsgScriptPathFragment },
00125         { "pingscriptpathfragment",             oAuthServPingScriptPathFragment },
00126         { "authscriptpathfragment",             oAuthServAuthScriptPathFragment },
00127         { "firewallruleset",    oFirewallRuleSet },
00128         { "firewallrule",           oFirewallRule },
00129         { "trustedmaclist",         oTrustedMACList },
00130         { NULL,                 oBadOption },
00131 };
00132 
00133 static OpCodes config_parse_token(const char *cp, const char *filename, int linenum);
00134 
00138 s_config *
00139 config_get_config(void)
00140 {
00141     return &config;
00142 }
00143 
00145 void
00146 config_init(void)
00147 {
00148         debug(LOG_DEBUG, "Setting default config parameters");
00149         strncpy(config.configfile, DEFAULT_CONFIGFILE, sizeof(config.configfile));
00150         config.debuglevel = DEFAULT_DEBUGLEVEL;
00151         config.httpdmaxconn = DEFAULT_HTTPDMAXCONN;
00152         config.external_interface = NULL;
00153         config.gw_id = DEFAULT_GATEWAYID;
00154         config.gw_interface = NULL;
00155         config.gw_address = NULL;
00156         config.gw_port = DEFAULT_GATEWAYPORT;
00157         config.auth_servers = NULL;
00158         config.httpdname = NULL;
00159         config.clienttimeout = DEFAULT_CLIENTTIMEOUT;
00160         config.checkinterval = DEFAULT_CHECKINTERVAL;
00161         config.syslog_facility = DEFAULT_SYSLOG_FACILITY;
00162         config.daemon = -1;
00163         config.log_syslog = DEFAULT_LOG_SYSLOG;
00164         config.wdctl_sock = safe_strdup(DEFAULT_WDCTL_SOCK);
00165         config.internal_sock = safe_strdup(DEFAULT_INTERNAL_SOCK);
00166         config.rulesets = NULL;
00167         config.trustedmaclist = NULL;
00168 }
00169 
00173 void
00174 config_init_override(void)
00175 {
00176     if (config.daemon == -1) config.daemon = DEFAULT_DAEMON;
00177 }
00178 
00182 static OpCodes
00183 config_parse_token(const char *cp, const char *filename, int linenum)
00184 {
00185         int i;
00186 
00187         for (i = 0; keywords[i].name; i++)
00188                 if (strcasecmp(cp, keywords[i].name) == 0)
00189                         return keywords[i].opcode;
00190 
00191         debug(LOG_ERR, "%s: line %d: Bad configuration option: %s", 
00192                         filename, linenum, cp);
00193         return oBadOption;
00194 }
00195 
00199 static void
00200 parse_auth_server(FILE *file, char *filename, int *linenum)
00201 {
00202         char            *host = NULL,
00203                         *path = NULL,
00204                         *loginscriptpathfragment = NULL,
00205                         *portalscriptpathfragment = NULL,
00206                         *msgscriptpathfragment = NULL,
00207                         *pingscriptpathfragment = NULL,
00208                         *authscriptpathfragment = NULL,
00209                         line[MAX_BUF],
00210                         *p1,
00211                         *p2;
00212         int             http_port,
00213                         ssl_port,
00214                         ssl_available,
00215                         opcode;
00216         t_auth_serv     *new,
00217                         *tmp;
00218 
00219         /* Defaults */
00220         path = safe_strdup(DEFAULT_AUTHSERVPATH);
00221         loginscriptpathfragment = safe_strdup(DEFAULT_AUTHSERVLOGINPATHFRAGMENT);
00222         portalscriptpathfragment = safe_strdup(DEFAULT_AUTHSERVPORTALPATHFRAGMENT);
00223         msgscriptpathfragment = safe_strdup(DEFAULT_AUTHSERVMSGPATHFRAGMENT);
00224         pingscriptpathfragment = safe_strdup(DEFAULT_AUTHSERVPINGPATHFRAGMENT);
00225         authscriptpathfragment = safe_strdup(DEFAULT_AUTHSERVAUTHPATHFRAGMENT);
00226         http_port = DEFAULT_AUTHSERVPORT;
00227         ssl_port = DEFAULT_AUTHSERVSSLPORT;
00228         ssl_available = DEFAULT_AUTHSERVSSLAVAILABLE;
00229         
00230         /* Read first line */   
00231         memset(line, 0, MAX_BUF);
00232         fgets(line, MAX_BUF - 1, file);
00233         (*linenum)++; /* increment line counter. */
00234 
00235         /* Parsing loop */
00236         while ((line[0] != '\0') && (strchr(line, '}') == NULL)) {
00237                 /* skip leading blank spaces */
00238                 for (p1 = line; isblank(*p1); p1++);
00239 
00240                 /* End at end of line */
00241                 if ((p2 = strchr(p1, '#')) != NULL) {
00242                         *p2 = '\0';
00243                 } else if ((p2 = strchr(p1, '\r')) != NULL) {
00244                         *p2 = '\0';
00245                 } else if ((p2 = strchr(p1, '\n')) != NULL) {
00246                         *p2 = '\0';
00247                 }
00248 
00249                 /* next, we coopt the parsing of the regular config */
00250                 if (strlen(p1) > 0) {
00251                         p2 = p1;
00252                         /* keep going until word boundary is found. */
00253                         while ((*p2 != '\0') && (!isblank(*p2)))
00254                                 p2++;
00255 
00256                         /* Terminate first word. */
00257                         *p2 = '\0';
00258                         p2++;
00259 
00260                         /* skip all further blanks. */
00261                         while (isblank(*p2))
00262                                 p2++;
00263                         
00264                         /* Get opcode */
00265                         opcode = config_parse_token(p1, filename, *linenum);
00266                         
00267                         switch (opcode) {
00268                                 case oAuthServHostname:
00269                                         host = safe_strdup(p2);
00270                                         break;
00271                                 case oAuthServPath:
00272                                         free(path);
00273                                         path = safe_strdup(p2);
00274                                         break;
00275                                 case oAuthServLoginScriptPathFragment:
00276                                         free(loginscriptpathfragment);
00277                                         loginscriptpathfragment = safe_strdup(p2);
00278                                         break;                                  
00279                                 case oAuthServPortalScriptPathFragment:
00280                                         free(portalscriptpathfragment);
00281                                         portalscriptpathfragment = safe_strdup(p2);
00282                                         break;
00283                                 case oAuthServMsgScriptPathFragment:
00284                                         free(msgscriptpathfragment);
00285                                         msgscriptpathfragment = safe_strdup(p2);
00286                                         break;
00287                                 case oAuthServPingScriptPathFragment:
00288                                         free(pingscriptpathfragment);
00289                                         pingscriptpathfragment = safe_strdup(p2);
00290                                         break;                                  
00291                                 case oAuthServAuthScriptPathFragment:
00292                                         free(authscriptpathfragment);
00293                                         authscriptpathfragment = safe_strdup(p2);
00294                                         break;
00295                                 case oAuthServSSLPort:
00296                                         ssl_port = atoi(p2);
00297                                         break;
00298                                 case oAuthServHTTPPort:
00299                                         http_port = atoi(p2);
00300                                         break;
00301                                 case oAuthServSSLAvailable:
00302                                         ssl_available = parse_boolean_value(p2);
00303                                         if (ssl_available < 0)
00304                                                 ssl_available = 0;
00305                                         break;
00306                                 case oBadOption:
00307                                 default:
00308                                         debug(LOG_ERR, "Bad option on line %d "
00309                                                         "in %s.", *linenum,
00310                                                         filename);
00311                                         debug(LOG_ERR, "Exiting...");
00312                                         exit(-1);
00313                                         break;
00314                         }
00315                 }
00316 
00317                 /* Read next line */
00318                 memset(line, 0, MAX_BUF);
00319                 fgets(line, MAX_BUF - 1, file);
00320                 (*linenum)++; /* increment line counter. */
00321         }
00322 
00323         /* only proceed if we have an host and a path */
00324         if (host == NULL)
00325                 return;
00326         
00327         debug(LOG_DEBUG, "Adding %s:%d (SSL: %d) %s to the auth server list",
00328                         host, http_port, ssl_port, path);
00329 
00330         /* Allocate memory */
00331         new = safe_malloc(sizeof(t_auth_serv));
00332         
00333         /* Fill in struct */
00334         memset(new, 0, sizeof(t_auth_serv)); /*< Fill all with NULL */
00335         new->authserv_hostname = host;
00336         new->authserv_use_ssl = ssl_available;
00337         new->authserv_path = path;
00338         new->authserv_login_script_path_fragment = loginscriptpathfragment;
00339     new->authserv_portal_script_path_fragment = portalscriptpathfragment;
00340     new->authserv_msg_script_path_fragment = msgscriptpathfragment;    
00341     new->authserv_ping_script_path_fragment = pingscriptpathfragment;  
00342     new->authserv_auth_script_path_fragment = authscriptpathfragment;  
00343         new->authserv_http_port = http_port;
00344         new->authserv_ssl_port = ssl_port;
00345         
00346         /* If it's the first, add to config, else append to last server */
00347         if (config.auth_servers == NULL) {
00348                 config.auth_servers = new;
00349         } else {
00350                 for (tmp = config.auth_servers; tmp->next != NULL;
00351                                 tmp = tmp->next);
00352                 tmp->next = new;
00353         }
00354         
00355         debug(LOG_DEBUG, "Auth server added");
00356 }
00357 
00367 #define TO_NEXT_WORD(s, e) do { \
00368         while (*s != '\0' && !isblank(*s)) { \
00369                 s++; \
00370         } \
00371         if (*s != '\0') { \
00372                 *s = '\0'; \
00373                 s++; \
00374                 while (isblank(*s)) \
00375                         s++; \
00376         } else { \
00377                 e = 1; \
00378         } \
00379 } while (0)
00380 
00384 static void
00385 parse_firewall_ruleset(char *ruleset, FILE *file, char *filename, int *linenum)
00386 {
00387         char            line[MAX_BUF],
00388                         *p1,
00389                         *p2;
00390         int             opcode;
00391 
00392         debug(LOG_DEBUG, "Adding Firewall Rule Set %s", ruleset);
00393         
00394         /* Read first line */   
00395         memset(line, 0, MAX_BUF);
00396         fgets(line, MAX_BUF - 1, file);
00397         (*linenum)++; /* increment line counter. */
00398 
00399         /* Parsing loop */
00400         while ((line[0] != '\0') && (strchr(line, '}') == NULL)) {
00401                 /* skip leading blank spaces */
00402                 for (p1 = line; isblank(*p1); p1++);
00403 
00404                 /* End at end of line */
00405                 if ((p2 = strchr(p1, '#')) != NULL) {
00406                         *p2 = '\0';
00407                 } else if ((p2 = strchr(p1, '\r')) != NULL) {
00408                         *p2 = '\0';
00409                 } else if ((p2 = strchr(p1, '\n')) != NULL) {
00410                         *p2 = '\0';
00411                 }
00412 
00413                 /* next, we coopt the parsing of the regular config */
00414                 if (strlen(p1) > 0) {
00415                         p2 = p1;
00416                         /* keep going until word boundary is found. */
00417                         while ((*p2 != '\0') && (!isblank(*p2)))
00418                                 p2++;
00419 
00420                         /* Terminate first word. */
00421                         *p2 = '\0';
00422                         p2++;
00423 
00424                         /* skip all further blanks. */
00425                         while (isblank(*p2))
00426                                 p2++;
00427                         
00428                         /* Get opcode */
00429                         opcode = config_parse_token(p1, filename, *linenum);
00430 
00431                         debug(LOG_DEBUG, "p1 = [%s]; p2 = [%s]", p1, p2);
00432                         
00433                         switch (opcode) {
00434                                 case oFirewallRule:
00435                                         _parse_firewall_rule(ruleset, p2);
00436                                         break;
00437 
00438                                 case oBadOption:
00439                                 default:
00440                                         debug(LOG_ERR, "Bad option on line %d "
00441                                                         "in %s.", *linenum,
00442                                                         filename);
00443                                         debug(LOG_ERR, "Exiting...");
00444                                         exit(-1);
00445                                         break;
00446                         }
00447                 }
00448 
00449                 /* Read next line */
00450                 memset(line, 0, MAX_BUF);
00451                 fgets(line, MAX_BUF - 1, file);
00452                 (*linenum)++; /* increment line counter. */
00453         }
00454 
00455         debug(LOG_DEBUG, "Firewall Rule Set %s added.", ruleset);
00456 }
00457 
00461 static int
00462 _parse_firewall_rule(char *ruleset, char *leftover)
00463 {
00464         int i;
00465         int block_allow = 0; 
00466         int all_nums = 1; 
00467         int finished = 0; 
00468         char *token = NULL; 
00469         char *port = NULL; 
00470         char *protocol = NULL; 
00471         char *mask = NULL; 
00472         char *other_kw = NULL; 
00473         t_firewall_ruleset *tmpr;
00474         t_firewall_ruleset *tmpr2;
00475         t_firewall_rule *tmp;
00476         t_firewall_rule *tmp2;
00477 
00478         debug(LOG_DEBUG, "leftover: %s", leftover);
00479 
00480         /* lower case */
00481         for (i = 0; *(leftover + i) != '\0'
00482                         && (*(leftover + i) = tolower(*(leftover + i))); i++);
00483         
00484         token = leftover;
00485         TO_NEXT_WORD(leftover, finished);
00486         
00487         /* Parse token */
00488         if (!strcasecmp(token, "block") || finished) {
00489                 block_allow = 0;
00490         } else if (!strcasecmp(token, "allow")) {
00491                 block_allow = 1;
00492         } else {
00493                 debug(LOG_ERR, "Invalid rule type %s, expecting "
00494                                 "\"block\" or \"allow\"", token);
00495                 return -1;
00496         }
00497 
00498         /* Parse the remainder */
00499         /* Get the protocol */
00500         if (strncmp(leftover, "tcp", 3) == 0
00501                         || strncmp(leftover, "udp", 3) == 0
00502                         || strncmp(leftover, "icmp", 4) == 0) {
00503                 protocol = leftover;
00504                 TO_NEXT_WORD(leftover, finished);
00505         }
00506 
00507         /* should be exactly "port" */
00508         if (strncmp(leftover, "port", 4) == 0) {
00509                 TO_NEXT_WORD(leftover, finished);
00510                 /* Get port now */
00511                 port = leftover;
00512                 TO_NEXT_WORD(leftover, finished);
00513                 for (i = 0; *(port + i) != '\0'; i++)
00514                         if (!isdigit(*(port + i)))
00515                                 all_nums = 0; /*< No longer only digits */
00516                 if (!all_nums) {
00517                         debug(LOG_ERR, "Invalid port %s", port);
00518                         return -3; /*< Fail */
00519                 }
00520         }
00521 
00522         /* Now, further stuff is optional */
00523         if (!finished) {
00524                 /* should be exactly "to" */
00525                 other_kw = leftover;
00526                 TO_NEXT_WORD(leftover, finished);
00527                 if (strcmp(other_kw, "to") || finished) {
00528                         debug(LOG_ERR, "Invalid or unexpected keyword %s, "
00529                                         "expecting \"to\"", other_kw);
00530                         return -4; /*< Fail */
00531                 }
00532 
00533                 /* Get port now */
00534                 mask = leftover;
00535                 TO_NEXT_WORD(leftover, finished);
00536                 all_nums = 1;
00537                 for (i = 0; *(mask + i) != '\0'; i++)
00538                         if (!isdigit(*(mask + i)) && (*(mask + i) != '.')
00539                                         && (*(mask + i) != '/'))
00540                                 all_nums = 0; /*< No longer only digits */
00541                 if (!all_nums) {
00542                         debug(LOG_ERR, "Invalid mask %s", mask);
00543                         return -3; /*< Fail */
00544                 }
00545         }
00546 
00547         /* Generate rule record */
00548         tmp = safe_malloc(sizeof(t_firewall_rule));
00549         memset((void *)tmp, 0, sizeof(t_firewall_rule));
00550         tmp->block_allow = block_allow;
00551         if (protocol != NULL)
00552                 tmp->protocol = safe_strdup(protocol);
00553         if (port != NULL)
00554                 tmp->port = safe_strdup(port);
00555         if (mask == NULL)
00556                 tmp->mask = safe_strdup("0.0.0.0/0");
00557         else
00558                 tmp->mask = safe_strdup(mask);
00559 
00560         debug(LOG_DEBUG, "Adding Firewall Rule %s %s port %s to %s", token, tmp->protocol, tmp->port, tmp->mask);
00561         
00562         /* Append the rule record */
00563         if (config.rulesets == NULL) {
00564                 config.rulesets = safe_malloc(sizeof(t_firewall_ruleset));
00565                 memset(config.rulesets, 0, sizeof(t_firewall_ruleset));
00566                 config.rulesets->name = safe_strdup(ruleset);
00567                 tmpr = config.rulesets;
00568         } else {
00569                 tmpr2 = tmpr = config.rulesets;
00570                 while (tmpr != NULL && (strcmp(tmpr->name, ruleset) != 0)) {
00571                         tmpr2 = tmpr;
00572                         tmpr = tmpr->next;
00573                 }
00574                 if (tmpr == NULL) {
00575                         /* Rule did not exist */
00576                         tmpr = safe_malloc(sizeof(t_firewall_ruleset));
00577                         memset(tmpr, 0, sizeof(t_firewall_ruleset));
00578                         tmpr->name = safe_strdup(ruleset);
00579                         tmpr2->next = tmpr;
00580                 }
00581         }
00582 
00583         /* At this point, tmpr == current ruleset */
00584         if (tmpr->rules == NULL) {
00585                 /* No rules... */
00586                 tmpr->rules = tmp;
00587         } else {
00588                 tmp2 = tmpr->rules;
00589                 while (tmp2->next != NULL)
00590                         tmp2 = tmp2->next;
00591                 tmp2->next = tmp;
00592         }
00593         
00594         return 1;
00595 }
00596 
00597 t_firewall_rule *
00598 get_ruleset(char *ruleset)
00599 {
00600         t_firewall_ruleset      *tmp;
00601 
00602         for (tmp = config.rulesets; tmp != NULL
00603                         && strcmp(tmp->name, ruleset) != 0; tmp = tmp->next);
00604 
00605         if (tmp == NULL)
00606                 return NULL;
00607 
00608         return(tmp->rules);
00609 }
00610 
00614 void
00615 config_read(char *filename)
00616 {
00617         FILE *fd;
00618         char line[MAX_BUF], *s, *p1, *p2;
00619         int linenum = 0, opcode, value;
00620 
00621         debug(LOG_INFO, "Reading configuration file '%s'", filename);
00622 
00623         if (!(fd = fopen(filename, "r"))) {
00624                 debug(LOG_ERR, "Could not open configuration file '%s', "
00625                                 "exiting...", filename);
00626                 exit(1);
00627         }
00628 
00629         while (!feof(fd) && fgets(line, MAX_BUF, fd)) {
00630                 linenum++;
00631                 s = line;
00632 
00633                 if (s[strlen(s) - 1] == '\n')
00634                         s[strlen(s) - 1] = '\0';
00635 
00636                 if ((p1 = strchr(s, ' '))) {
00637                         p1[0] = '\0';
00638                 } else if ((p1 = strchr(s, '\t'))) {
00639                         p1[0] = '\0';
00640                 }
00641 
00642                 if (p1) {
00643                         p1++;
00644 
00645                         if ((p2 = strchr(p1, ' '))) {
00646                                 p2[0] = '\0';
00647                         } else if ((p2 = strstr(p1, "\r\n"))) {
00648                                 p2[0] = '\0';
00649                         } else if ((p2 = strchr(p1, '\n'))) {
00650                                 p2[0] = '\0';
00651                         }
00652                 }
00653 
00654                 if (p1 && p1[0] != '\0') {
00655                         /* Strip trailing spaces */
00656 
00657                         if ((strncmp(s, "#", 1)) != 0) {
00658                                 debug(LOG_DEBUG, "Parsing token: %s, "
00659                                                 "value: %s", s, p1);
00660                                 opcode = config_parse_token(s, filename, linenum);
00661 
00662                                 switch(opcode) {
00663                                 case oDaemon:
00664                                         if (config.daemon == -1 && ((value = parse_boolean_value(p1)) != -1)) {
00665                                                 config.daemon = value;
00666                                         }
00667                                         break;
00668                                 case oExternalInterface:
00669                                         config.external_interface = safe_strdup(p1);
00670                                         break;
00671                                 case oGatewayID:
00672                                         config.gw_id = safe_strdup(p1);
00673                                         break;
00674                                 case oGatewayInterface:
00675                                         config.gw_interface = safe_strdup(p1);
00676                                         break;
00677                                 case oGatewayAddress:
00678                                         config.gw_address = safe_strdup(p1);
00679                                         break;
00680                                 case oGatewayPort:
00681                                         sscanf(p1, "%d", &config.gw_port);
00682                                         break;
00683                                 case oAuthServer:
00684                                         parse_auth_server(fd, filename,
00685                                                         &linenum);
00686                                         break;
00687                                 case oFirewallRuleSet:
00688                                         parse_firewall_ruleset(p1, fd, filename, &linenum);
00689                                         break;
00690                                 case oTrustedMACList:
00691                                         parse_trusted_mac_list(p1);
00692                                         break;
00693                                 case oHTTPDName:
00694                                         config.httpdname = safe_strdup(p1);
00695                                         break;
00696                                 case oHTTPDMaxConn:
00697                                         sscanf(p1, "%d", &config.httpdmaxconn);
00698                                         break;
00699                                 case oBadOption:
00700                                         debug(LOG_ERR, "Bad option on line %d "
00701                                                         "in %s.", linenum,
00702                                                         filename);
00703                                         debug(LOG_ERR, "Exiting...");
00704                                         exit(-1);
00705                                         break;
00706                                 case oCheckInterval:
00707                                         sscanf(p1, "%d", &config.checkinterval);
00708                                         break;
00709                                 case oWdctlSocket:
00710                                         free(config.wdctl_sock);
00711                                         config.wdctl_sock = safe_strdup(p1);
00712                                         break;
00713                                 case oClientTimeout:
00714                                         sscanf(p1, "%d", &config.clienttimeout);
00715                                         break;
00716                                 case oSyslogFacility:
00717                                         sscanf(p1, "%d", &config.syslog_facility);
00718                                         break;
00719                                 }
00720                         }
00721                 }
00722         }
00723 
00724         fclose(fd);
00725 }
00726 
00730 static int
00731 parse_boolean_value(char *line)
00732 {
00733         if (strcasecmp(line, "yes") == 0) {
00734                 return 1;
00735         }
00736         if (strcasecmp(line, "no") == 0) {
00737                 return 0;
00738         }
00739         if (strcmp(line, "1") == 0) {
00740                 return 1;
00741         }
00742         if (strcmp(line, "0") == 0) {
00743                 return 0;
00744         }
00745 
00746         return -1;
00747 }
00748 
00749 void parse_trusted_mac_list(char *ptr) {
00750         char *ptrcopy = NULL;
00751         char *possiblemac = NULL;
00752         char *mac = NULL;
00753         t_trusted_mac *p = NULL;
00754 
00755         debug(LOG_DEBUG, "Parsing string [%s] for trusted MAC addresses", ptr);
00756 
00757         mac = safe_malloc(18);
00758 
00759         /* strsep modifies original, so let's make a copy */
00760         ptrcopy = safe_strdup(ptr);
00761 
00762         while ((possiblemac = strsep(&ptrcopy, ", "))) {
00763                 if (sscanf(possiblemac, " %17[A-Fa-f0-9:]", mac) == 1) {
00764                         /* Copy mac to the list */
00765 
00766                         debug(LOG_DEBUG, "Adding MAC address [%s] to trusted list", mac);
00767 
00768                         if (config.trustedmaclist == NULL) {
00769                                 config.trustedmaclist = safe_malloc(sizeof(t_trusted_mac));
00770                                 config.trustedmaclist->mac = safe_strdup(mac);
00771                                 config.trustedmaclist->next = NULL;
00772                         }
00773                         else {
00774                                 /* Advance to the last entry */
00775                                 for (p = config.trustedmaclist; p->next != NULL; p = p->next);
00776                                 p->next = safe_malloc(sizeof(t_trusted_mac));
00777                                 p = p->next;
00778                                 p->mac = safe_strdup(mac);
00779                                 p->next = NULL;
00780                         }
00781 
00782                 }
00783         }
00784 
00785         free(ptrcopy);
00786 
00787         free(mac);
00788 
00789 }
00790 
00792 void
00793 config_validate(void)
00794 {
00795         config_notnull(config.gw_interface, "GatewayInterface");
00796     config_notnull(config.auth_servers, "AuthServer");
00797 
00798         if (missing_parms) {
00799                 debug(LOG_ERR, "Configuration is not complete, exiting...");
00800                 exit(-1);
00801         }
00802 }
00803 
00807 static void
00808 config_notnull(void *parm, char *parmname)
00809 {
00810         if (parm == NULL) {
00811                 debug(LOG_ERR, "%s is not set", parmname);
00812                 missing_parms = 1;
00813         }
00814 }
00815 
00819 t_auth_serv *
00820 get_auth_server(void)
00821 {
00822 
00823         /* This is as good as atomic */
00824         return config.auth_servers;
00825 }
00826 
00831 void
00832 mark_auth_server_bad(t_auth_serv *bad_server)
00833 {
00834         t_auth_serv     *tmp;
00835 
00836         if (config.auth_servers == bad_server && bad_server->next != NULL) {
00837                 /* Go to the last */
00838                 for (tmp = config.auth_servers; tmp->next != NULL; tmp = tmp->next);
00839                 /* Set bad server as last */
00840                 tmp->next = bad_server;
00841                 /* Remove bad server from start of list */
00842                 config.auth_servers = bad_server->next;
00843                 /* Set the next pointe to NULL in the last element */
00844                 bad_server->next = NULL;
00845         }
00846 
00847 }

Generated on Thu Oct 18 17:15:19 2007 for WifiDog by  doxygen 1.5.3