conf.c

Go to the documentation of this file.
00001 /********************************************************************\
00002  * This program is free software; you can redistribute it and/or    *
00003  * modify it under the terms of the GNU General Public License as   *
00004  * published by the Free Software Foundation; either version 2 of   *
00005  * the License, or (at your option) any later version.              *
00006  *                                                                  *
00007  * This program is distributed in the hope that it will be useful,  *
00008  * but WITHOUT ANY WARRANTY; without even the implied warranty of   *
00009  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the    *
00010  * GNU General Public License for more details.                     *
00011  *                                                                  *
00012  * You should have received a copy of the GNU General Public License*
00013  * along with this program; if not, contact:                        *
00014  *                                                                  *
00015  * Free Software Foundation           Voice:  +1-617-542-5942       *
00016  * 59 Temple Place - Suite 330        Fax:    +1-617-542-2652       *
00017  * Boston, MA  02111-1307,  USA       gnu@gnu.org                   *
00018  *                                                                  *
00019  \********************************************************************/
00020 
00021 /* $Id: conf.c 1305 2007-11-01 20:04:20Z benoitg $ */
00028 #define _GNU_SOURCE
00029 
00030 #include <stdio.h>
00031 #include <stdlib.h>
00032 #include <syslog.h>
00033 
00034 #include <pthread.h>
00035 
00036 #include <string.h>
00037 #include <ctype.h>
00038 
00039 #include "common.h"
00040 #include "safe.h"
00041 #include "debug.h"
00042 #include "conf.h"
00043 #include "http.h"
00044 #include "auth.h"
00045 #include "firewall.h"
00046 
00047 #include "util.h"
00048 
00051 static s_config config;
00052 
00056 pthread_mutex_t config_mutex = PTHREAD_MUTEX_INITIALIZER;
00057 
00061 static int missing_parms;
00062 
00065 typedef enum {
00066         oBadOption,
00067         oDaemon,
00068         oDebugLevel,
00069         oExternalInterface,
00070         oGatewayID,
00071         oGatewayInterface,
00072         oGatewayAddress,
00073         oGatewayPort,
00074         oAuthServer,
00075         oAuthServHostname,
00076         oAuthServSSLAvailable,
00077         oAuthServSSLPort,
00078         oAuthServHTTPPort,
00079         oAuthServPath,
00080         oAuthServLoginScriptPathFragment,
00081         oAuthServPortalScriptPathFragment,
00082         oAuthServMsgScriptPathFragment,
00083         oAuthServPingScriptPathFragment,
00084         oAuthServAuthScriptPathFragment,
00085         oHTTPDMaxConn,
00086         oHTTPDName,
00087         oClientTimeout,
00088         oCheckInterval,
00089         oWdctlSocket,
00090         oSyslogFacility,
00091         oFirewallRule,
00092         oFirewallRuleSet,
00093         oTrustedMACList
00094 } OpCodes;
00095 
00098 static const struct {
00099         const char *name;
00100         OpCodes opcode;
00101         int required;
00102 } keywords[] = {
00103         { "daemon",             oDaemon },
00104         { "debuglevel",         oDebugLevel },
00105         { "externalinterface",  oExternalInterface },
00106         { "gatewayid",          oGatewayID },
00107         { "gatewayinterface",   oGatewayInterface },
00108         { "gatewayaddress",     oGatewayAddress },
00109         { "gatewayport",        oGatewayPort },
00110         { "authserver",         oAuthServer },
00111         { "httpdmaxconn",       oHTTPDMaxConn },
00112         { "httpdname",          oHTTPDName },
00113         { "clienttimeout",      oClientTimeout },
00114         { "checkinterval",      oCheckInterval },
00115         { "syslogfacility",     oSyslogFacility },
00116         { "wdctlsocket",            oWdctlSocket },
00117         { "hostname",               oAuthServHostname },
00118         { "sslavailable",           oAuthServSSLAvailable },
00119         { "sslport",                oAuthServSSLPort },
00120         { "httpport",               oAuthServHTTPPort },
00121         { "path",                       oAuthServPath },
00122         { "loginscriptpathfragment",    oAuthServLoginScriptPathFragment },
00123         { "portalscriptpathfragment",   oAuthServPortalScriptPathFragment },
00124         { "msgscriptpathfragment",              oAuthServMsgScriptPathFragment },
00125         { "pingscriptpathfragment",             oAuthServPingScriptPathFragment },
00126         { "authscriptpathfragment",             oAuthServAuthScriptPathFragment },
00127         { "firewallruleset",    oFirewallRuleSet },
00128         { "firewallrule",           oFirewallRule },
00129         { "trustedmaclist",         oTrustedMACList },
00130         { NULL,                 oBadOption },
00131 };
00132 
00133 static void config_notnull(void *parm, char *parmname);
00134 static int parse_boolean_value(char *);
00135 static void parse_auth_server(FILE *, char *, int *);
00136 static int _parse_firewall_rule(char *ruleset, char *leftover);
00137 static void parse_firewall_ruleset(char *, FILE *, char *, int *);
00138 
00139 static OpCodes config_parse_token(const char *cp, const char *filename, int linenum);
00140 
00144 s_config *
00145 config_get_config(void)
00146 {
00147     return &config;
00148 }
00149 
00151 void
00152 config_init(void)
00153 {
00154         debug(LOG_DEBUG, "Setting default config parameters");
00155         strncpy(config.configfile, DEFAULT_CONFIGFILE, sizeof(config.configfile));
00156         config.debuglevel = DEFAULT_DEBUGLEVEL;
00157         config.httpdmaxconn = DEFAULT_HTTPDMAXCONN;
00158         config.external_interface = NULL;
00159         config.gw_id = DEFAULT_GATEWAYID;
00160         config.gw_interface = NULL;
00161         config.gw_address = NULL;
00162         config.gw_port = DEFAULT_GATEWAYPORT;
00163         config.auth_servers = NULL;
00164         config.httpdname = NULL;
00165         config.clienttimeout = DEFAULT_CLIENTTIMEOUT;
00166         config.checkinterval = DEFAULT_CHECKINTERVAL;
00167         config.syslog_facility = DEFAULT_SYSLOG_FACILITY;
00168         config.daemon = -1;
00169         config.log_syslog = DEFAULT_LOG_SYSLOG;
00170         config.wdctl_sock = safe_strdup(DEFAULT_WDCTL_SOCK);
00171         config.internal_sock = safe_strdup(DEFAULT_INTERNAL_SOCK);
00172         config.rulesets = NULL;
00173         config.trustedmaclist = NULL;
00174 }
00175 
00179 void
00180 config_init_override(void)
00181 {
00182     if (config.daemon == -1) config.daemon = DEFAULT_DAEMON;
00183 }
00184 
00188 static OpCodes
00189 config_parse_token(const char *cp, const char *filename, int linenum)
00190 {
00191         int i;
00192 
00193         for (i = 0; keywords[i].name; i++)
00194                 if (strcasecmp(cp, keywords[i].name) == 0)
00195                         return keywords[i].opcode;
00196 
00197         debug(LOG_ERR, "%s: line %d: Bad configuration option: %s", 
00198                         filename, linenum, cp);
00199         return oBadOption;
00200 }
00201 
00205 static void
00206 parse_auth_server(FILE *file, char *filename, int *linenum)
00207 {
00208         char            *host = NULL,
00209                         *path = NULL,
00210                         *loginscriptpathfragment = NULL,
00211                         *portalscriptpathfragment = NULL,
00212                         *msgscriptpathfragment = NULL,
00213                         *pingscriptpathfragment = NULL,
00214                         *authscriptpathfragment = NULL,
00215                         line[MAX_BUF],
00216                         *p1,
00217                         *p2;
00218         int             http_port,
00219                         ssl_port,
00220                         ssl_available,
00221                         opcode;
00222         t_auth_serv     *new,
00223                         *tmp;
00224 
00225         /* Defaults */
00226         path = safe_strdup(DEFAULT_AUTHSERVPATH);
00227         loginscriptpathfragment = safe_strdup(DEFAULT_AUTHSERVLOGINPATHFRAGMENT);
00228         portalscriptpathfragment = safe_strdup(DEFAULT_AUTHSERVPORTALPATHFRAGMENT);
00229         msgscriptpathfragment = safe_strdup(DEFAULT_AUTHSERVMSGPATHFRAGMENT);
00230         pingscriptpathfragment = safe_strdup(DEFAULT_AUTHSERVPINGPATHFRAGMENT);
00231         authscriptpathfragment = safe_strdup(DEFAULT_AUTHSERVAUTHPATHFRAGMENT);
00232         http_port = DEFAULT_AUTHSERVPORT;
00233         ssl_port = DEFAULT_AUTHSERVSSLPORT;
00234         ssl_available = DEFAULT_AUTHSERVSSLAVAILABLE;
00235         
00236         /* Read first line */   
00237         memset(line, 0, MAX_BUF);
00238         fgets(line, MAX_BUF - 1, file);
00239         (*linenum)++; /* increment line counter. */
00240 
00241         /* Parsing loop */
00242         while ((line[0] != '\0') && (strchr(line, '}') == NULL)) {
00243                 /* skip leading blank spaces */
00244                 for (p1 = line; isblank(*p1); p1++);
00245 
00246                 /* End at end of line */
00247                 if ((p2 = strchr(p1, '#')) != NULL) {
00248                         *p2 = '\0';
00249                 } else if ((p2 = strchr(p1, '\r')) != NULL) {
00250                         *p2 = '\0';
00251                 } else if ((p2 = strchr(p1, '\n')) != NULL) {
00252                         *p2 = '\0';
00253                 }
00254 
00255                 /* next, we coopt the parsing of the regular config */
00256                 if (strlen(p1) > 0) {
00257                         p2 = p1;
00258                         /* keep going until word boundary is found. */
00259                         while ((*p2 != '\0') && (!isblank(*p2)))
00260                                 p2++;
00261 
00262                         /* Terminate first word. */
00263                         *p2 = '\0';
00264                         p2++;
00265 
00266                         /* skip all further blanks. */
00267                         while (isblank(*p2))
00268                                 p2++;
00269                         
00270                         /* Get opcode */
00271                         opcode = config_parse_token(p1, filename, *linenum);
00272                         
00273                         switch (opcode) {
00274                                 case oAuthServHostname:
00275                                         host = safe_strdup(p2);
00276                                         break;
00277                                 case oAuthServPath:
00278                                         free(path);
00279                                         path = safe_strdup(p2);
00280                                         break;
00281                                 case oAuthServLoginScriptPathFragment:
00282                                         free(loginscriptpathfragment);
00283                                         loginscriptpathfragment = safe_strdup(p2);
00284                                         break;                                  
00285                                 case oAuthServPortalScriptPathFragment:
00286                                         free(portalscriptpathfragment);
00287                                         portalscriptpathfragment = safe_strdup(p2);
00288                                         break;
00289                                 case oAuthServMsgScriptPathFragment:
00290                                         free(msgscriptpathfragment);
00291                                         msgscriptpathfragment = safe_strdup(p2);
00292                                         break;
00293                                 case oAuthServPingScriptPathFragment:
00294                                         free(pingscriptpathfragment);
00295                                         pingscriptpathfragment = safe_strdup(p2);
00296                                         break;                                  
00297                                 case oAuthServAuthScriptPathFragment:
00298                                         free(authscriptpathfragment);
00299                                         authscriptpathfragment = safe_strdup(p2);
00300                                         break;
00301                                 case oAuthServSSLPort:
00302                                         ssl_port = atoi(p2);
00303                                         break;
00304                                 case oAuthServHTTPPort:
00305                                         http_port = atoi(p2);
00306                                         break;
00307                                 case oAuthServSSLAvailable:
00308                                         ssl_available = parse_boolean_value(p2);
00309                                         if (ssl_available < 0)
00310                                                 ssl_available = 0;
00311                                         break;
00312                                 case oBadOption:
00313                                 default:
00314                                         debug(LOG_ERR, "Bad option on line %d "
00315                                                         "in %s.", *linenum,
00316                                                         filename);
00317                                         debug(LOG_ERR, "Exiting...");
00318                                         exit(-1);
00319                                         break;
00320                         }
00321                 }
00322 
00323                 /* Read next line */
00324                 memset(line, 0, MAX_BUF);
00325                 fgets(line, MAX_BUF - 1, file);
00326                 (*linenum)++; /* increment line counter. */
00327         }
00328 
00329         /* only proceed if we have an host and a path */
00330         if (host == NULL)
00331                 return;
00332         
00333         debug(LOG_DEBUG, "Adding %s:%d (SSL: %d) %s to the auth server list",
00334                         host, http_port, ssl_port, path);
00335 
00336         /* Allocate memory */
00337         new = safe_malloc(sizeof(t_auth_serv));
00338         
00339         /* Fill in struct */
00340         memset(new, 0, sizeof(t_auth_serv)); /*< Fill all with NULL */
00341         new->authserv_hostname = host;
00342         new->authserv_use_ssl = ssl_available;
00343         new->authserv_path = path;
00344         new->authserv_login_script_path_fragment = loginscriptpathfragment;
00345     new->authserv_portal_script_path_fragment = portalscriptpathfragment;
00346     new->authserv_msg_script_path_fragment = msgscriptpathfragment;    
00347     new->authserv_ping_script_path_fragment = pingscriptpathfragment;  
00348     new->authserv_auth_script_path_fragment = authscriptpathfragment;  
00349         new->authserv_http_port = http_port;
00350         new->authserv_ssl_port = ssl_port;
00351         
00352         /* If it's the first, add to config, else append to last server */
00353         if (config.auth_servers == NULL) {
00354                 config.auth_servers = new;
00355         } else {
00356                 for (tmp = config.auth_servers; tmp->next != NULL;
00357                                 tmp = tmp->next);
00358                 tmp->next = new;
00359         }
00360         
00361         debug(LOG_DEBUG, "Auth server added");
00362 }
00363 
00373 #define TO_NEXT_WORD(s, e) do { \
00374         while (*s != '\0' && !isblank(*s)) { \
00375                 s++; \
00376         } \
00377         if (*s != '\0') { \
00378                 *s = '\0'; \
00379                 s++; \
00380                 while (isblank(*s)) \
00381                         s++; \
00382         } else { \
00383                 e = 1; \
00384         } \
00385 } while (0)
00386 
00390 static void
00391 parse_firewall_ruleset(char *ruleset, FILE *file, char *filename, int *linenum)
00392 {
00393         char            line[MAX_BUF],
00394                         *p1,
00395                         *p2;
00396         int             opcode;
00397 
00398         debug(LOG_DEBUG, "Adding Firewall Rule Set %s", ruleset);
00399         
00400         /* Read first line */   
00401         memset(line, 0, MAX_BUF);
00402         fgets(line, MAX_BUF - 1, file);
00403         (*linenum)++; /* increment line counter. */
00404 
00405         /* Parsing loop */
00406         while ((line[0] != '\0') && (strchr(line, '}') == NULL)) {
00407                 /* skip leading blank spaces */
00408                 for (p1 = line; isblank(*p1); p1++);
00409 
00410                 /* End at end of line */
00411                 if ((p2 = strchr(p1, '#')) != NULL) {
00412                         *p2 = '\0';
00413                 } else if ((p2 = strchr(p1, '\r')) != NULL) {
00414                         *p2 = '\0';
00415                 } else if ((p2 = strchr(p1, '\n')) != NULL) {
00416                         *p2 = '\0';
00417                 }
00418 
00419                 /* next, we coopt the parsing of the regular config */
00420                 if (strlen(p1) > 0) {
00421                         p2 = p1;
00422                         /* keep going until word boundary is found. */
00423                         while ((*p2 != '\0') && (!isblank(*p2)))
00424                                 p2++;
00425 
00426                         /* Terminate first word. */
00427                         *p2 = '\0';
00428                         p2++;
00429 
00430                         /* skip all further blanks. */
00431                         while (isblank(*p2))
00432                                 p2++;
00433                         
00434                         /* Get opcode */
00435                         opcode = config_parse_token(p1, filename, *linenum);
00436 
00437                         debug(LOG_DEBUG, "p1 = [%s]; p2 = [%s]", p1, p2);
00438                         
00439                         switch (opcode) {
00440                                 case oFirewallRule:
00441                                         _parse_firewall_rule(ruleset, p2);
00442                                         break;
00443 
00444                                 case oBadOption:
00445                                 default:
00446                                         debug(LOG_ERR, "Bad option on line %d "
00447                                                         "in %s.", *linenum,
00448                                                         filename);
00449                                         debug(LOG_ERR, "Exiting...");
00450                                         exit(-1);
00451                                         break;
00452                         }
00453                 }
00454 
00455                 /* Read next line */
00456                 memset(line, 0, MAX_BUF);
00457                 fgets(line, MAX_BUF - 1, file);
00458                 (*linenum)++; /* increment line counter. */
00459         }
00460 
00461         debug(LOG_DEBUG, "Firewall Rule Set %s added.", ruleset);
00462 }
00463 
00467 static int
00468 _parse_firewall_rule(char *ruleset, char *leftover)
00469 {
00470         int i;
00471         int block_allow = 0; 
00472         int all_nums = 1; 
00473         int finished = 0; 
00474         char *token = NULL; 
00475         char *port = NULL; 
00476         char *protocol = NULL; 
00477         char *mask = NULL; 
00478         char *other_kw = NULL; 
00479         t_firewall_ruleset *tmpr;
00480         t_firewall_ruleset *tmpr2;
00481         t_firewall_rule *tmp;
00482         t_firewall_rule *tmp2;
00483 
00484         debug(LOG_DEBUG, "leftover: %s", leftover);
00485 
00486         /* lower case */
00487         for (i = 0; *(leftover + i) != '\0'
00488                         && (*(leftover + i) = tolower((unsigned char)*(leftover + i))); i++);
00489         
00490         token = leftover;
00491         TO_NEXT_WORD(leftover, finished);
00492         
00493         /* Parse token */
00494         if (!strcasecmp(token, "block") || finished) {
00495                 block_allow = 0;
00496         } else if (!strcasecmp(token, "allow")) {
00497                 block_allow = 1;
00498         } else {
00499                 debug(LOG_ERR, "Invalid rule type %s, expecting "
00500                                 "\"block\" or \"allow\"", token);
00501                 return -1;
00502         }
00503 
00504         /* Parse the remainder */
00505         /* Get the protocol */
00506         if (strncmp(leftover, "tcp", 3) == 0
00507                         || strncmp(leftover, "udp", 3) == 0
00508                         || strncmp(leftover, "icmp", 4) == 0) {
00509                 protocol = leftover;
00510                 TO_NEXT_WORD(leftover, finished);
00511         }
00512 
00513         /* should be exactly "port" */
00514         if (strncmp(leftover, "port", 4) == 0) {
00515                 TO_NEXT_WORD(leftover, finished);
00516                 /* Get port now */
00517                 port = leftover;
00518                 TO_NEXT_WORD(leftover, finished);
00519                 for (i = 0; *(port + i) != '\0'; i++)
00520                         if (!isdigit((unsigned char)*(port + i)))
00521                                 all_nums = 0; /*< No longer only digits */
00522                 if (!all_nums) {
00523                         debug(LOG_ERR, "Invalid port %s", port);
00524                         return -3; /*< Fail */
00525                 }
00526         }
00527 
00528         /* Now, further stuff is optional */
00529         if (!finished) {
00530                 /* should be exactly "to" */
00531                 other_kw = leftover;
00532                 TO_NEXT_WORD(leftover, finished);
00533                 if (strcmp(other_kw, "to") || finished) {
00534                         debug(LOG_ERR, "Invalid or unexpected keyword %s, "
00535                                         "expecting \"to\"", other_kw);
00536                         return -4; /*< Fail */
00537                 }
00538 
00539                 /* Get port now */
00540                 mask = leftover;
00541                 TO_NEXT_WORD(leftover, finished);
00542                 all_nums = 1;
00543                 for (i = 0; *(mask + i) != '\0'; i++)
00544                         if (!isdigit((unsigned char)*(mask + i)) && (*(mask + i) != '.')
00545                                         && (*(mask + i) != '/'))
00546                                 all_nums = 0; /*< No longer only digits */
00547                 if (!all_nums) {
00548                         debug(LOG_ERR, "Invalid mask %s", mask);
00549                         return -3; /*< Fail */
00550                 }
00551         }
00552 
00553         /* Generate rule record */
00554         tmp = safe_malloc(sizeof(t_firewall_rule));
00555         memset((void *)tmp, 0, sizeof(t_firewall_rule));
00556         tmp->block_allow = block_allow;
00557         if (protocol != NULL)
00558                 tmp->protocol = safe_strdup(protocol);
00559         if (port != NULL)
00560                 tmp->port = safe_strdup(port);
00561         if (mask == NULL)
00562                 tmp->mask = safe_strdup("0.0.0.0/0");
00563         else
00564                 tmp->mask = safe_strdup(mask);
00565 
00566         debug(LOG_DEBUG, "Adding Firewall Rule %s %s port %s to %s", token, tmp->protocol, tmp->port, tmp->mask);
00567         
00568         /* Append the rule record */
00569         if (config.rulesets == NULL) {
00570                 config.rulesets = safe_malloc(sizeof(t_firewall_ruleset));
00571                 memset(config.rulesets, 0, sizeof(t_firewall_ruleset));
00572                 config.rulesets->name = safe_strdup(ruleset);
00573                 tmpr = config.rulesets;
00574         } else {
00575                 tmpr2 = tmpr = config.rulesets;
00576                 while (tmpr != NULL && (strcmp(tmpr->name, ruleset) != 0)) {
00577                         tmpr2 = tmpr;
00578                         tmpr = tmpr->next;
00579                 }
00580                 if (tmpr == NULL) {
00581                         /* Rule did not exist */
00582                         tmpr = safe_malloc(sizeof(t_firewall_ruleset));
00583                         memset(tmpr, 0, sizeof(t_firewall_ruleset));
00584                         tmpr->name = safe_strdup(ruleset);
00585                         tmpr2->next = tmpr;
00586                 }
00587         }
00588 
00589         /* At this point, tmpr == current ruleset */
00590         if (tmpr->rules == NULL) {
00591                 /* No rules... */
00592                 tmpr->rules = tmp;
00593         } else {
00594                 tmp2 = tmpr->rules;
00595                 while (tmp2->next != NULL)
00596                         tmp2 = tmp2->next;
00597                 tmp2->next = tmp;
00598         }
00599         
00600         return 1;
00601 }
00602 
00603 t_firewall_rule *
00604 get_ruleset(char *ruleset)
00605 {
00606         t_firewall_ruleset      *tmp;
00607 
00608         for (tmp = config.rulesets; tmp != NULL
00609                         && strcmp(tmp->name, ruleset) != 0; tmp = tmp->next);
00610 
00611         if (tmp == NULL)
00612                 return NULL;
00613 
00614         return(tmp->rules);
00615 }
00616 
00620 void
00621 config_read(char *filename)
00622 {
00623         FILE *fd;
00624         char line[MAX_BUF], *s, *p1, *p2;
00625         int linenum = 0, opcode, value;
00626 
00627         debug(LOG_INFO, "Reading configuration file '%s'", filename);
00628 
00629         if (!(fd = fopen(filename, "r"))) {
00630                 debug(LOG_ERR, "Could not open configuration file '%s', "
00631                                 "exiting...", filename);
00632                 exit(1);
00633         }
00634 
00635         while (!feof(fd) && fgets(line, MAX_BUF, fd)) {
00636                 linenum++;
00637                 s = line;
00638 
00639                 if (s[strlen(s) - 1] == '\n')
00640                         s[strlen(s) - 1] = '\0';
00641 
00642                 if ((p1 = strchr(s, ' '))) {
00643                         p1[0] = '\0';
00644                 } else if ((p1 = strchr(s, '\t'))) {
00645                         p1[0] = '\0';
00646                 }
00647 
00648                 if (p1) {
00649                         p1++;
00650 
00651                         if ((p2 = strchr(p1, ' '))) {
00652                                 p2[0] = '\0';
00653                         } else if ((p2 = strstr(p1, "\r\n"))) {
00654                                 p2[0] = '\0';
00655                         } else if ((p2 = strchr(p1, '\n'))) {
00656                                 p2[0] = '\0';
00657                         }
00658                 }
00659 
00660                 if (p1 && p1[0] != '\0') {
00661                         /* Strip trailing spaces */
00662 
00663                         if ((strncmp(s, "#", 1)) != 0) {
00664                                 debug(LOG_DEBUG, "Parsing token: %s, "
00665                                                 "value: %s", s, p1);
00666                                 opcode = config_parse_token(s, filename, linenum);
00667 
00668                                 switch(opcode) {
00669                                 case oDaemon:
00670                                         if (config.daemon == -1 && ((value = parse_boolean_value(p1)) != -1)) {
00671                                                 config.daemon = value;
00672                                         }
00673                                         break;
00674                                 case oExternalInterface:
00675                                         config.external_interface = safe_strdup(p1);
00676                                         break;
00677                                 case oGatewayID:
00678                                         config.gw_id = safe_strdup(p1);
00679                                         break;
00680                                 case oGatewayInterface:
00681                                         config.gw_interface = safe_strdup(p1);
00682                                         break;
00683                                 case oGatewayAddress:
00684                                         config.gw_address = safe_strdup(p1);
00685                                         break;
00686                                 case oGatewayPort:
00687                                         sscanf(p1, "%d", &config.gw_port);
00688                                         break;
00689                                 case oAuthServer:
00690                                         parse_auth_server(fd, filename,
00691                                                         &linenum);
00692                                         break;
00693                                 case oFirewallRuleSet:
00694                                         parse_firewall_ruleset(p1, fd, filename, &linenum);
00695                                         break;
00696                                 case oTrustedMACList:
00697                                         parse_trusted_mac_list(p1);
00698                                         break;
00699                                 case oHTTPDName:
00700                                         config.httpdname = safe_strdup(p1);
00701                                         break;
00702                                 case oHTTPDMaxConn:
00703                                         sscanf(p1, "%d", &config.httpdmaxconn);
00704                                         break;
00705                                 case oBadOption:
00706                                         debug(LOG_ERR, "Bad option on line %d "
00707                                                         "in %s.", linenum,
00708                                                         filename);
00709                                         debug(LOG_ERR, "Exiting...");
00710                                         exit(-1);
00711                                         break;
00712                                 case oCheckInterval:
00713                                         sscanf(p1, "%d", &config.checkinterval);
00714                                         break;
00715                                 case oWdctlSocket:
00716                                         free(config.wdctl_sock);
00717                                         config.wdctl_sock = safe_strdup(p1);
00718                                         break;
00719                                 case oClientTimeout:
00720                                         sscanf(p1, "%d", &config.clienttimeout);
00721                                         break;
00722                                 case oSyslogFacility:
00723                                         sscanf(p1, "%d", &config.syslog_facility);
00724                                         break;
00725                                 }
00726                         }
00727                 }
00728         }
00729 
00730         fclose(fd);
00731 }
00732 
00736 static int
00737 parse_boolean_value(char *line)
00738 {
00739         if (strcasecmp(line, "yes") == 0) {
00740                 return 1;
00741         }
00742         if (strcasecmp(line, "no") == 0) {
00743                 return 0;
00744         }
00745         if (strcmp(line, "1") == 0) {
00746                 return 1;
00747         }
00748         if (strcmp(line, "0") == 0) {
00749                 return 0;
00750         }
00751 
00752         return -1;
00753 }
00754 
00755 void parse_trusted_mac_list(char *ptr) {
00756         char *ptrcopy = NULL;
00757         char *possiblemac = NULL;
00758         char *mac = NULL;
00759         t_trusted_mac *p = NULL;
00760 
00761         debug(LOG_DEBUG, "Parsing string [%s] for trusted MAC addresses", ptr);
00762 
00763         mac = safe_malloc(18);
00764 
00765         /* strsep modifies original, so let's make a copy */
00766         ptrcopy = safe_strdup(ptr);
00767 
00768         while ((possiblemac = strsep(&ptrcopy, ", "))) {
00769                 if (sscanf(possiblemac, " %17[A-Fa-f0-9:]", mac) == 1) {
00770                         /* Copy mac to the list */
00771 
00772                         debug(LOG_DEBUG, "Adding MAC address [%s] to trusted list", mac);
00773 
00774                         if (config.trustedmaclist == NULL) {
00775                                 config.trustedmaclist = safe_malloc(sizeof(t_trusted_mac));
00776                                 config.trustedmaclist->mac = safe_strdup(mac);
00777                                 config.trustedmaclist->next = NULL;
00778                         }
00779                         else {
00780                                 /* Advance to the last entry */
00781                                 for (p = config.trustedmaclist; p->next != NULL; p = p->next);
00782                                 p->next = safe_malloc(sizeof(t_trusted_mac));
00783                                 p = p->next;
00784                                 p->mac = safe_strdup(mac);
00785                                 p->next = NULL;
00786                         }
00787 
00788                 }
00789         }
00790 
00791         free(ptrcopy);
00792 
00793         free(mac);
00794 
00795 }
00796 
00798 void
00799 config_validate(void)
00800 {
00801         config_notnull(config.gw_interface, "GatewayInterface");
00802     config_notnull(config.auth_servers, "AuthServer");
00803 
00804         if (missing_parms) {
00805                 debug(LOG_ERR, "Configuration is not complete, exiting...");
00806                 exit(-1);
00807         }
00808 }
00809 
00813 static void
00814 config_notnull(void *parm, char *parmname)
00815 {
00816         if (parm == NULL) {
00817                 debug(LOG_ERR, "%s is not set", parmname);
00818                 missing_parms = 1;
00819         }
00820 }
00821 
00825 t_auth_serv *
00826 get_auth_server(void)
00827 {
00828 
00829         /* This is as good as atomic */
00830         return config.auth_servers;
00831 }
00832 
00837 void
00838 mark_auth_server_bad(t_auth_serv *bad_server)
00839 {
00840         t_auth_serv     *tmp;
00841 
00842         if (config.auth_servers == bad_server && bad_server->next != NULL) {
00843                 /* Go to the last */
00844                 for (tmp = config.auth_servers; tmp->next != NULL; tmp = tmp->next);
00845                 /* Set bad server as last */
00846                 tmp->next = bad_server;
00847                 /* Remove bad server from start of list */
00848                 config.auth_servers = bad_server->next;
00849                 /* Set the next pointe to NULL in the last element */
00850                 bad_server->next = NULL;
00851         }
00852 
00853 }

Generated on Sun Apr 13 21:55:00 2008 for WifiDog by  doxygen 1.5.3