Kea 3.1.8
radius.cc
Go to the documentation of this file.
1// Copyright (C) 2020-2026 Internet Systems Consortium, Inc. ("ISC")
2//
3// This Source Code Form is subject to the terms of the Mozilla Public
4// License, v. 2.0. If a copy of the MPL was not distributed with this
5// file, You can obtain one at http://mozilla.org/MPL/2.0/.
6
7#include <config.h>
8
9#include <dhcpsrv/cfg_globals.h>
10#include <dhcpsrv/cfgmgr.h>
11#include <dhcpsrv/host_mgr.h>
12#include <dhcpsrv/cfg_multi_threading.h>
13#include <dhcpsrv/host_data_source_factory.h>
14#include <util/multi_threading_mgr.h>
15#include <radius.h>
16#include <radius_access.h>
17#include <radius_accounting.h>
18#include <radius_log.h>
19#include <radius_parsers.h>
20#include <radius_tls.h>
21
22#include <exception>
23
24using namespace std;
25using namespace isc;
26using namespace isc::asiolink;
27using namespace isc::data;
28using namespace isc::db;
29using namespace isc::dhcp;
30using namespace isc::tcp;
31using namespace isc::util;
32
33namespace isc {
34namespace radius {
35
36UdpClient::UdpClient(const IOServicePtr& io_service, unsigned thread_pool_size)
37 : io_service_(io_service), thread_pool_size_(thread_pool_size) {
38 // Do nothing in ST mode.
39 if (thread_pool_size == 0) {
40 return;
41 }
42
43 // Create our own private IOService.
44 thread_io_service_.reset(new IOService());
45 thread_pool_ =
46 boost::make_shared<IoServiceThreadPool>(thread_io_service_,
47 thread_pool_size_);
48
49 // Add critical section callbacks.
50 MultiThreadingMgr::instance().addCriticalSectionCallbacks("RADIUS",
51 [this]() { checkPermissions(); },
52 [this]() { pause(); },
53 [this]() { resume(); });
54}
55
59
60unsigned
61UdpClient::getThreadPoolSize() const {
62 return (thread_pool_size_);
63}
64
65const asiolink::IOServicePtr
66UdpClient::getThreadIOService() const {
67 return (thread_io_service_);
68}
69
70void
71UdpClient::start() {
72 if (thread_pool_) {
73 thread_pool_->run();
74
75 LOG_INFO(radius_logger, RADIUS_THREAD_POOL_STARTED)
76 .arg(thread_pool_size_);
77 }
78}
79
80void
81UdpClient::stop() {
82 if (thread_pool_) {
83 MultiThreadingMgr::instance().removeCriticalSectionCallbacks("RADIUS");
84 thread_pool_->stop();
85 for (auto const& exchange : exchange_list_) {
86 exchange->shutdown();
87 }
88 thread_pool_->getIOService()->stopAndPoll();
89 thread_pool_.reset();
90 } else {
91 for (auto const& exchange : exchange_list_) {
92 exchange->shutdown();
93 }
94 io_service_->stopAndPoll();
95 }
96 exchange_list_.clear();
97}
98
99void
100UdpClient::checkPermissions() {
101 // Since this function is used as CS callback all exceptions must be
102 // suppressed, unlikely though they may be.
103 try {
104 if (thread_pool_) {
105 thread_pool_->checkPausePermissions();
106 }
107 } catch (const isc::MultiThreadingInvalidOperation& ex) {
108 LOG_ERROR(radius_logger, RADIUS_PAUSE_ILLEGAL)
109 .arg(ex.what());
110 // The exception needs to be propagated to the caller of the
111 // MultiThreadingCriticalSection constructor.
112 throw;
113 } catch (const exception& ex) {
114 LOG_ERROR(radius_logger, RADIUS_PAUSE_PERMISSIONS_FAILED)
115 .arg(ex.what());
116 }
117}
118
119void
120UdpClient::pause() {
121 // Since this function is used as CS callback all exceptions must be
122 // suppressed, unlikely though they may be.
123 try {
124 // Pause the thread pool.
125 if (thread_pool_) {
126 thread_pool_->pause();
127 }
128 } catch (const exception& ex) {
129 LOG_ERROR(radius_logger, RADIUS_PAUSE_FAILED)
130 .arg(ex.what());
131 }
132}
133
134void
135UdpClient::resume() {
136 // Since this function is used as CS callback all exceptions must be
137 // suppressed, unlikely though they may be.
138 try {
139 if (thread_pool_) {
140 thread_pool_->run();
141 }
142 } catch (const exception& ex) {
143 LOG_ERROR(radius_logger, RADIUS_RESUME_FAILED)
144 .arg(ex.what());
145 }
146}
147
148void
149UdpClient::registerExchange(ExchangePtr exchange) {
150 MultiThreadingLock lock(mutex_);
151 exchange_list_.push_back(exchange);
152}
153
154void
155UdpClient::unregisterExchange(ExchangePtr exchange) {
156 MultiThreadingLock lock(mutex_);
157 exchange_list_.remove(exchange);
158}
159
160std::atomic<bool> RadiusImpl::shutdown_(false);
161
162RadiusImpl&
163RadiusImpl::instance() {
164 return (*instancePtr());
165}
166
167const RadiusImplPtr&
168RadiusImpl::instancePtr() {
169 static RadiusImplPtr impl(new RadiusImpl());
170 return (impl);
171}
172
173RadiusImpl::RadiusImpl()
174 : proto_(PW_PROTO_UDP), udp_client_(), tcp_client_(),
175 tls_(new RadiusTls()),
176 auth_(new RadiusAccess()), acct_(new RadiusAccounting()),
177 bindaddr_("*"), canonical_mac_address_(false),
178 clientid_pop0_(false), clientid_printable_(false),
179 deadtime_(0), extract_duid_(true),
180 reselect_subnet_pool_(false), reselect_subnet_address_(false),
181 retries_(3), thread_pool_size_(0), timeout_(0),
182 id_type4_(Host::IDENT_CLIENT_ID), id_type6_(Host::IDENT_DUID),
183 use_message_authenticator_(false),
184 io_context_(new IOService()), io_service_(io_context_) {
185}
186
187RadiusImpl::~RadiusImpl() {
188 try {
189 cleanup();
190 } catch(exception const& exception) {
191 LOG_WARN(radius_logger, RADIUS_CLEANUP_EXCEPTION)
192 .arg(exception.what());
193 }
194}
195
196void RadiusImpl::registerExchange(ExchangePtr exchange) {
197 if (udp_client_) {
198 udp_client_->registerExchange(exchange);
199 }
200}
201
202void RadiusImpl::unregisterExchange(ExchangePtr exchange) {
203 if (udp_client_) {
204 udp_client_->unregisterExchange(exchange);
205 }
206}
207
208void RadiusImpl::cleanup() {
209 session_history_filename_.clear();
210 id_type6_ = Host::IDENT_DUID;
211 id_type4_ = Host::IDENT_CLIENT_ID;
212 timeout_ = 10;
213 retries_ = 3;
214 reselect_subnet_address_ = false;
215 reselect_subnet_pool_ = false;
216 extract_duid_ = true;
217 clientid_printable_ = false;
218 clientid_pop0_ = false;
219 canonical_mac_address_ = false;
220 cache_.reset();
221 bindaddr_ = "*";
222 remap_.clear();
223
224 if (backend_) {
225 HostDataSourceFactory::deregisterFactory("radius");
226 HostMgr::delBackend("radius");
227 backend_.reset();
228 }
229
230 if (udp_client_) {
231 udp_client_->stop();
232 }
233
234 if (tcp_client_) {
235 tcp_client_->stop();
236 }
237
238 tls_.reset(new RadiusTls());
239 auth_.reset(new RadiusAccess());
240 acct_.reset(new RadiusAccounting());
241
242 if (udp_client_) {
243 udp_client_.reset();
244 }
245
246 if (tcp_client_) {
247 tcp_client_.reset();
248 }
249
250 if (getIOContext()) {
251 getIOContext()->stopAndPoll();
252 }
253
254 io_context_.reset(new IOService());
255
256 if (getIOService()) {
257 getIOService()->stopAndPoll();
258 }
259
260 io_service_ = io_context_;
261}
262
263void RadiusImpl::reset() {
264 RadiusImpl::shutdown_ = true;
265 std::unique_ptr<void, void(*)(void*)> p(static_cast<void*>(this), [](void*) { RadiusImpl::shutdown_ = false; });
266 cleanup();
267}
268
269void RadiusImpl::init(ElementPtr&config) {
270 tls_.reset(new RadiusTls());
271 auth_.reset(new RadiusAccess());
272 acct_.reset(new RadiusAccounting());
273 RadiusConfigParser parser;
274 parser.parse(config);
275 checkEarlyGlobalResvLookup();
276 checkSharedNetworks();
277 if (auth_->enabled_) {
278 if (!HostDataSourceFactory::registeredFactory("cache")) {
279 LOG_ERROR(radius_logger, RADIUS_ACCESS_NO_HOST_CACHE);
280 isc_throw(Unexpected, "Configuring access failed: host cache library not loaded.");
281 return;
282 }
283 backend_.reset(new RadiusBackend());
284 auto radius_factory = [this](const DatabaseConnection::ParameterMap&) {
285 return (backend_);
286 };
287 HostDataSourceFactory::registerFactory("radius", radius_factory);
288 }
289 if (acct_->enabled_) {
290 acct_->init(session_history_filename_);
291 }
292}
293
294void
295RadiusImpl::startServices() {
296 // Check if Kea core is multi-threaded.
297 ConstElementPtr const& dhcp_config(
298 CfgMgr::instance().getStagingCfg()->getDHCPMultiThreading());
299 bool multi_threaded(false);
300 unsigned thread_pool_size(0);
301 uint32_t dhcp_threads(0);
302 uint32_t dummy_queue_size(0);
303 CfgMultiThreading::extract(dhcp_config, multi_threaded, dhcp_threads,
304 dummy_queue_size);
305
306 if (multi_threaded) {
307 // When threads are configured as zero, use the same number as DHCP
308 // threads. If that is also zero, auto-detect.
309 if (thread_pool_size_ == 0) {
310 if (dhcp_threads == 0) {
311 uint32_t const hardware_threads(
312 MultiThreadingMgr::detectThreadCount());
313 if (hardware_threads == 0) {
314 // Keep it single-threaded.
315 multi_threaded = false;
316 thread_pool_size = 0;
317 } else {
318 thread_pool_size = hardware_threads;
319 }
320 } else {
321 thread_pool_size = dhcp_threads;
322 }
323 } else {
324 thread_pool_size = thread_pool_size_;
325 }
326 }
327
328 if (multi_threaded) {
329 // Schedule a start of the services. This ensures we begin after
330 // the dust has settled and Kea MT mode has been firmly established.
331 if (proto_ == PW_PROTO_UDP) {
332 io_service_->post([this, thread_pool_size]() {
333 udp_client_.reset(new UdpClient(io_service_,
334 thread_pool_size));
335
336 io_context_ = udp_client_->getThreadIOService();
337
338 udp_client_->start();
339 });
340 } else {
341 io_service_->post([this, multi_threaded, thread_pool_size]() {
342 tcp_client_.reset(new TcpClient(io_service_,
343 multi_threaded,
344 thread_pool_size,
345 true));
346
347 io_context_ = tcp_client_->getThreadIOService();
348
349 tcp_client_->start();
350 });
351 }
352 } else {
353 if (proto_ == PW_PROTO_UDP) {
354 udp_client_.reset(new UdpClient(io_service_, 0));
355 } else {
356 tcp_client_.reset(new TcpClient(io_service_, false, 0));
357 }
358 }
359}
360
361bool
362RadiusImpl::serveAccess() const {
363 if (shutdown_) {
364 return (false);
365 }
366 if (!auth_ || !auth_->enabled_) {
367 return (false);
368 }
369 if (proto_ != PW_PROTO_TLS) {
370 return (true);
371 }
372 return (tls_ && tls_->enabled_);
373}
374
375bool
376RadiusImpl::serveAccounting() const {
377 if (shutdown_) {
378 return (false);
379 }
380 if (!acct_ || !acct_->enabled_) {
381 return (false);
382 }
383 if (proto_ != PW_PROTO_TLS) {
384 return (true);
385 }
386 return (tls_ && tls_->enabled_);
387}
388
389const Servers&
390RadiusImpl::getAccessServers() const {
391 if (proto_ != PW_PROTO_TLS) {
392 return (auth_->servers_);
393 } else {
394 return (tls_->servers_);
395 }
396}
397
398const Servers&
399RadiusImpl::getAccountingServers() const {
400 if (proto_ != PW_PROTO_TLS) {
401 return (acct_->servers_);
402 } else {
403 return (tls_->servers_);
404 }
405}
406
407void
408RadiusImpl::setAccessIdleTimer() {
409 if (shutdown_) {
410 return;
411 }
412 if (proto_ != PW_PROTO_TLS) {
413 auth_->setIdleTimer();
414 } else {
415 tls_->setIdleTimer();
416 }
417}
418
419void
420RadiusImpl::setAccountingIdleTimer() {
421 if (shutdown_) {
422 return;
423 }
424 if (proto_ != PW_PROTO_TLS) {
425 acct_->setIdleTimer();
426 } else {
427 tls_->setIdleTimer();
428 }
429}
430
431namespace {
432
441bool isHostReservationModeGlobal(SubnetPtr subnet, NetworkPtr network) {
442 auto subnet_hr_global = subnet->getReservationsGlobal(Network::Inheritance::NONE);
443 auto subnet_hr_subnet = subnet->getReservationsInSubnet(Network::Inheritance::NONE);
444 if (!subnet_hr_global.unspecified() && !subnet_hr_subnet.unspecified()) {
445 return (subnet_hr_global && !subnet_hr_subnet);
446 }
447 if (!subnet_hr_global.unspecified() || !subnet_hr_subnet.unspecified()) {
448 return (false);
449 }
450 auto network_hr_global = network->getReservationsGlobal(Network::Inheritance::NONE);
451 auto network_hr_subnet = network->getReservationsInSubnet(Network::Inheritance::NONE);
452 if (!network_hr_global.unspecified() && !network_hr_subnet.unspecified()) {
453 return (network_hr_global && !network_hr_subnet);
454 }
455 if (!network_hr_global.unspecified() || !network_hr_subnet.unspecified()) {
456 return (false);
457 }
458 // Inherit from staging (vs current) config for globals.
459 auto global_hr_mode_elem = CfgMgr::instance().getStagingCfg()->
460 getConfiguredGlobal("reservations-global");
461 // Default reservations-global is false.
462 if (!global_hr_mode_elem) {
463 return (false);
464 }
465 auto subnet_hr_mode_elem = CfgMgr::instance().getStagingCfg()->
466 getConfiguredGlobal("reservations-in-subnet");
467 // Default reservations-in-subnet is true.
468 if (!subnet_hr_mode_elem) {
469 return (false);
470 }
471 if (global_hr_mode_elem->getType() != Element::boolean) {
472 isc_throw(Unexpected, "'reservations-global' global value must be a boolean");
473 }
474 if (!global_hr_mode_elem->boolValue()) {
475 return (false);
476 }
477 if (subnet_hr_mode_elem->getType() != Element::boolean) {
478 isc_throw(Unexpected, "'reservations-in-subnet' global value must be a boolean");
479 }
480 if (subnet_hr_mode_elem->boolValue()) {
481 return (false);
482 }
483 return (true);
484}
485
486} // end of anonymous namespace
487
488void RadiusImpl::checkEarlyGlobalResvLookup() {
489 auto flag = CfgMgr::instance().getStagingCfg()->
490 getConfiguredGlobal(CfgGlobals::EARLY_GLOBAL_RESERVATIONS_LOOKUP);
491 if (flag && (flag->boolValue())) {
492 isc_throw(ConfigError, "early-global-reservations-lookup is not "
493 "compatible with RADIUS");
494 }
495}
496
497void RadiusImpl::checkSharedNetworks() {
498 bool need_disable_single_query = false;
499 if (CfgMgr::instance().getFamily() == AF_INET) {
500 auto networks = CfgMgr::instance().getStagingCfg()->
501 getCfgSharedNetworks4()->getAll();
502 if (networks->empty()) {
503 return;
504 }
505 need_disable_single_query = true;
506 for (auto const& network : *networks) {
507 auto subnets = network->getAllSubnets();
508 if (subnets->size() <= 1) {
509 continue;
510 }
511 for (auto const& subnet : *subnets) {
512 if (!isHostReservationModeGlobal(subnet, network)) {
513 isc_throw(ConfigError, "subnet " << subnet->getID()
514 << " '" << subnet->toText() << "' of shared "
515 << "network " << network->getName()
516 << " does not use only global host reservations "
517 << "which are required for subnets in "
518 << "shared networks by RADIUS");
519 }
520 }
521 }
522 } else {
523 auto networks = CfgMgr::instance().getStagingCfg()->
524 getCfgSharedNetworks6()->getAll();
525 if (networks->empty()) {
526 return;
527 }
528 need_disable_single_query = true;
529 for (auto const& network : *networks) {
530 auto subnets = network->getAllSubnets();
531 if (subnets->size() <= 1) {
532 continue;
533 }
534 for (auto const& subnet : *subnets) {
535 if (!isHostReservationModeGlobal(subnet, network)) {
536 isc_throw(ConfigError, "subnet " << subnet->getID()
537 << " '" << subnet->toText() << "' of shared "
538 << "network " << network->getName()
539 << " does not use only global host reservations "
540 << "which are required for subnets in "
541 << "shared networks by RADIUS");
542 }
543 }
544 }
545 }
546 if (need_disable_single_query) {
547 HostMgr::instance().setDisableSingleQuery(true);
548 }
549}
550
551bool RadiusImpl::checkHostBackends() {
552 if (cache_) {
553 return (true);
554 }
555 // Try only once.
556 static bool already_tried = false;
557 if (already_tried) {
558 return (false);
559 }
560 already_tried = true;
561 // Add backends
562 try {
563 // createManagers can reset the host manager so re-add host cache.
564 // Note that init already checked the factory was registered.
565 if (!HostMgr::instance().getHostDataSource()) {
566 HostMgr::instance().addBackend("type=cache");
567 }
568 HostMgr::instance().addBackend("type=radius");
569 } catch (const std::exception& ex) {
570 LOG_ERROR(radius_logger, RADIUS_ACCESS_HOST_BACKEND_ERROR)
571 .arg("radius")
572 .arg(ex.what());
573 return (false);
574 }
575 // Get a pointer to host cache backend
576 HostDataSourcePtr cache = HostMgr::instance().getHostDataSource();
577 cache_ = boost::dynamic_pointer_cast<CacheHostDataSource>(cache);
578 if (!cache_) {
579 LOG_ERROR(radius_logger, RADIUS_ACCESS_NO_HOST_CACHE);
580 return (false);
581 }
582 return (true);
583}
584
585ElementPtr RadiusImpl::toElement() const {
586 ElementPtr result = Element::createMap();
587
588 // dictionary.
589 result->set("dictionary", Element::create(dictionary_));
590
591 // protocol.
592 result->set("protocol", Element::create(protocolToText(proto_)));
593
594 // bindaddr.
595 result->set("bindaddr", Element::create(bindaddr_));
596
597 // canonical-mac-address.
598 result->set("canonical-mac-address",
599 Element::create(canonical_mac_address_));
600
601 // client-id-pop0.
602 result->set("client-id-pop0", Element::create(clientid_pop0_));
603
604 // client-id-printable.
605 result->set("client-id-printable", Element::create(clientid_printable_));
606
607 // deadtime.
608 result->set("deadtime", Element::create(deadtime_));
609
610 // extract-duid.
611 result->set("extract-duid", Element::create(extract_duid_));
612
613 // identifier-type4.
614 result->set("identifier-type4",
615 Element::create(Host::getIdentifierName(id_type4_)));
616
617 // identifier-type6.
618 result->set("identifier-type6",
619 Element::create(Host::getIdentifierName(id_type6_)));
620
621 // reselect-subnet-address.
622 result->set("reselect-subnet-address",
623 Element::create(reselect_subnet_address_));
624
625 // reselect-subnet-pool.
626 result->set("reselect-subnet-pool",
627 Element::create(reselect_subnet_pool_));
628
629 // retries.
630 result->set("retries", Element::create(retries_));
631
632 // session-history.
633 result->set("session-history", Element::create(session_history_filename_));
634
635 // thread-pool-size.
636 result->set("thread-pool-size", Element::create(thread_pool_size_));
637
638 // timeout.
639 result->set("timeout", Element::create(timeout_));
640
641 // use-message-authenticator.
642 result->set("use-message-authenticator",
643 Element::create(use_message_authenticator_));
644
645 // services.
646 if (proto_ == PW_PROTO_TLS) {
647 result->set("tls", tls_->toElement());
648 }
649 result->set("access", auth_->toElement());
650 result->set("accounting", acct_->toElement());
651
652 // NAS ports.
653 if (!remap_.empty()) {
654 ElementPtr ports = Element::createList();
655 for (auto const& item : remap_) {
656 ElementPtr entry = Element::createMap();
657 if (item.first != 0) {
658 entry->set("subnet-id",
659 Element::create(static_cast<int64_t>(item.first)));
660 }
661 entry->set("port",
662 Element::create(static_cast<int64_t>(item.second)));
663 ports->add(entry);
664 }
665 result->set("nas-ports", ports);
666 }
667
668 return (result);
669}
670
671unordered_set<thread::id> InHook::set_;
672
673mutex InHook::mutex_;
674
675InHook::InHook() {
676 const auto& id = this_thread::get_id();
677 MultiThreadingLock lock(mutex_);
678 auto ret = set_.insert(id);
679 if (!ret.second) {
680 std::cerr << "InHook insert error on " << id << "\n";
681 }
682}
683
684InHook::~InHook() {
685 const auto& id = this_thread::get_id();
686 MultiThreadingLock lock(mutex_);
687 size_t ret = set_.erase(id);
688 if (ret != 1) {
689 std::cerr << "InHook erase error on " << id << "\n";
690 }
691}
692
693bool InHook::check() {
694 const auto& id = this_thread::get_id();
695 MultiThreadingLock lock(mutex_);
696 size_t ret = set_.count(id);
697 return (ret == 1);
698}
699
700} // end of namespace isc::radius
701} // end of namespace isc
cfg_globals.h
cfg_multi_threading.h
Element::create
static ElementPtr create(const Position &pos=ZERO_POSITION())
Create a NullElement.
Definition data.cc:299
Element::boolean
@ boolean
Definition data.h:155
Element::createMap
static ElementPtr createMap(const Position &pos=ZERO_POSITION())
Creates an empty MapElement type ElementPtr.
Definition data.cc:354
Element::createList
static ElementPtr createList(const Position &pos=ZERO_POSITION())
Creates an empty ListElement type ElementPtr.
Definition data.cc:349
isc::ConfigError
An exception that is thrown if an error occurs while configuring any server.
Definition dhcp_config_error.h:43
isc::Exception::what
virtual const char * what() const
Returns a C-style character string of the cause of the exception.
Definition exceptions/exceptions.cc:32
isc::MultiThreadingInvalidOperation
Exception thrown when a worker thread is trying to stop or pause the respective thread pool (which wo...
Definition exceptions/exceptions.h:183
isc::Unexpected
A generic exception that is thrown when an unexpected error condition occurs.
Definition exceptions/exceptions.h:153
isc::db::DatabaseConnection::ParameterMap
std::map< std::string, std::string > ParameterMap
Database configuration parameter map.
Definition database_connection.h:137
isc::dhcp::CfgMgr::instance
static CfgMgr & instance()
returns a single instance of Configuration Manager
Definition cfgmgr.cc:29
isc::dhcp::CfgMgr::getStagingCfg
SrvConfigPtr getStagingCfg()
Returns a pointer to the staging configuration.
Definition cfgmgr.cc:121
isc::dhcp::CfgMultiThreading::extract
static void extract(data::ConstElementPtr value, bool &enabled, uint32_t &thread_count, uint32_t &queue_size)
Extract multi-threading parameters from a given configuration.
Definition cfg_multi_threading.cc:31
isc::dhcp::HostDataSourceFactory::deregisterFactory
static bool deregisterFactory(const std::string &db_type, bool no_log=false)
Deregister a host data source factory.
Definition host_data_source_factory.cc:147
isc::dhcp::HostDataSourceFactory::registerFactory
static bool registerFactory(const std::string &db_type, const Factory &factory, bool no_log=false, DBVersion db_version=DBVersion())
Register a host data source factory.
Definition host_data_source_factory.cc:117
isc::dhcp::HostDataSourceFactory::registeredFactory
static bool registeredFactory(const std::string &db_type)
Check if a host data source factory was registered.
Definition host_data_source_factory.cc:162
isc::dhcp::HostMgr::setDisableSingleQuery
void setDisableSingleQuery(bool disable_single_query)
Sets the disable single query flag.
Definition host_mgr.h:802
isc::dhcp::HostMgr::delBackend
static bool delBackend(const std::string &db_type)
Delete an alternate host backend (aka host data source).
Definition host_mgr.cc:62
isc::dhcp::HostMgr::addBackend
static void addBackend(const std::string &access)
Add an alternate host backend (aka host data source).
Definition host_mgr.cc:57
isc::dhcp::HostMgr::getHostDataSource
HostDataSourcePtr getHostDataSource() const
Returns the first host data source.
Definition host_mgr.cc:84
isc::dhcp::HostMgr::instance
static HostMgr & instance()
Returns a sole instance of the HostMgr.
Definition host_mgr.cc:114
isc::dhcp::Host
Represents a device with IPv4 and/or IPv6 reservations.
Definition host.h:327
isc::dhcp::Host::getIdentifierName
static std::string getIdentifierName(const IdentifierType &type)
Returns name of the identifier of a specified type.
Definition host.cc:349
isc::dhcp::Host::IDENT_CLIENT_ID
@ IDENT_CLIENT_ID
Definition host.h:341
isc::radius::InHook::~InHook
~InHook()
Destructor.
Definition radius.cc:684
isc::radius::InHook::check
static bool check()
Check if the current thread is in hook code or not.
Definition radius.cc:693
isc::radius::InHook::InHook
InHook()
Constructor.
Definition radius.cc:675
isc::radius::RadiusAccess
Radius access class.
Definition radius_access.h:164
isc::radius::RadiusAccounting
Radius accounting class.
Definition radius_accounting.h:180
isc::radius::RadiusBackend
Host backend for Radius.
Definition radius_backend.h:23
isc::radius::RadiusConfigParser
Configuration parser for Radius.
Definition radius_parsers.h:22
isc::radius::RadiusConfigParser::parse
void parse(data::ElementPtr &config)
Parses Radius configuration.
Definition radius_parsers.cc:98
isc::radius::RadiusImpl
Radius hooks library implementation.
Definition radius.h:142
isc::radius::RadiusImpl::shutdown_
static std::atomic< bool > shutdown_
Flag which indicates that the instance is shutting down.
Definition radius.h:341
isc::radius::RadiusImpl::thread_pool_size_
unsigned thread_pool_size_
Thread pool size.
Definition radius.h:326
isc::radius::RadiusImpl::~RadiusImpl
~RadiusImpl()
Destructor.
Definition radius.cc:187
isc::radius::RadiusImpl::checkSharedNetworks
void checkSharedNetworks()
Check shared network server configuration.
Definition radius.cc:497
isc::radius::RadiusImpl::dictionary_
std::string dictionary_
Dictionary path.
Definition radius.h:266
isc::radius::RadiusImpl::checkHostBackends
bool checkHostBackends()
Check host backends (cache and radius).
Definition radius.cc:551
isc::radius::RadiusImpl::RadiusImpl
RadiusImpl()
Protected constructor.
Definition radius.cc:173
isc::radius::RadiusImpl::tls_
boost::shared_ptr< RadiusTls > tls_
Pointer to tls (never null).
Definition radius.h:281
isc::radius::RadiusImpl::cache_
dhcp::CacheHostDataSourcePtr cache_
Host cache.
Definition radius.h:290
isc::radius::RadiusImpl::bindaddr_
std::string bindaddr_
bindaddr.
Definition radius.h:296
isc::radius::RadiusImpl::clientid_pop0_
bool clientid_pop0_
Client Id pop leading zero(s).
Definition radius.h:302
isc::radius::RadiusImpl::getIOContext
isc::asiolink::IOServicePtr getIOContext()
Get the hook I/O service.
Definition radius.h:225
isc::radius::RadiusImpl::setAccountingIdleTimer
void setAccountingIdleTimer()
Set the accounting idle timer.
Definition radius.cc:420
isc::radius::RadiusImpl::getAccessServers
const Servers & getAccessServers() const
Get servers for access.
Definition radius.cc:390
isc::radius::RadiusImpl::id_type4_
dhcp::Host::IdentifierType id_type4_
Identifier type for IPv4.
Definition radius.h:332
isc::radius::RadiusImpl::reset
void reset()
Reset the state as it was just created.
Definition radius.cc:263
isc::radius::RadiusImpl::unregisterExchange
void unregisterExchange(ExchangePtr exchange)
Unregister Exchange.
Definition radius.cc:202
isc::radius::RadiusImpl::reselect_subnet_address_
bool reselect_subnet_address_
Reselect subnet using address.
Definition radius.h:317
isc::radius::RadiusImpl::init
void init(data::ElementPtr &config)
Initialize.
Definition radius.cc:269
isc::radius::RadiusImpl::registerExchange
void registerExchange(ExchangePtr exchange)
Register Exchange.
Definition radius.cc:196
isc::radius::RadiusImpl::auth_
boost::shared_ptr< RadiusAccess > auth_
Pointer to access (never null).
Definition radius.h:284
isc::radius::RadiusImpl::extract_duid_
bool extract_duid_
Extract Duid from Client Id.
Definition radius.h:311
isc::radius::RadiusImpl::startServices
void startServices()
Start the I/O mechanisms.
Definition radius.cc:295
isc::radius::RadiusImpl::timeout_
unsigned timeout_
Timeout.
Definition radius.h:329
isc::radius::RadiusImpl::id_type6_
dhcp::Host::IdentifierType id_type6_
Identifier type for IPv6.
Definition radius.h:335
isc::radius::RadiusImpl::canonical_mac_address_
bool canonical_mac_address_
Canonical MAC address.
Definition radius.h:299
isc::radius::RadiusImpl::deadtime_
unsigned deadtime_
Deadtime.
Definition radius.h:308
isc::radius::RadiusImpl::serveAccounting
bool serveAccounting() const
Check if accounting is served.
Definition radius.cc:376
isc::radius::RadiusImpl::backend_
RadiusBackendPtr backend_
Radius backend.
Definition radius.h:293
isc::radius::RadiusImpl::acct_
boost::shared_ptr< RadiusAccounting > acct_
Pointer to accounting (never null).
Definition radius.h:287
isc::radius::RadiusImpl::cleanup
void cleanup()
Clean up members.
Definition radius.cc:208
isc::radius::RadiusImpl::toElement
data::ElementPtr toElement() const override
Unparse implementation configuration.
Definition radius.cc:585
isc::radius::RadiusImpl::retries_
unsigned retries_
Retries.
Definition radius.h:320
isc::radius::RadiusImpl::remap_
std::map< uint32_t, uint32_t > remap_
Subnet ID to NAS port map.
Definition radius.h:278
isc::radius::RadiusImpl::udp_client_
UdpClientPtr udp_client_
UDP client.
Definition radius.h:272
isc::radius::RadiusImpl::instancePtr
static const RadiusImplPtr & instancePtr()
Returns pointer to the sole instance of radius implementation.
Definition radius.cc:168
isc::radius::RadiusImpl::getAccountingServers
const Servers & getAccountingServers() const
Get servers for accounting.
Definition radius.cc:399
isc::radius::RadiusImpl::session_history_filename_
std::string session_history_filename_
Session history filename.
Definition radius.h:323
isc::radius::RadiusImpl::setAccessIdleTimer
void setAccessIdleTimer()
Set the access idle timer.
Definition radius.cc:408
isc::radius::RadiusImpl::reselect_subnet_pool_
bool reselect_subnet_pool_
Reselect subnet using pool.
Definition radius.h:314
isc::radius::RadiusImpl::tcp_client_
isc::tcp::TcpClientPtr tcp_client_
TCP client.
Definition radius.h:275
isc::radius::RadiusImpl::checkEarlyGlobalResvLookup
void checkEarlyGlobalResvLookup()
Check the early global host reservations lookup flag.
Definition radius.cc:488
isc::radius::RadiusImpl::clientid_printable_
bool clientid_printable_
Client Id try printable.
Definition radius.h:305
isc::radius::RadiusImpl::proto_
RadiusProtocol proto_
Transport protocol.
Definition radius.h:269
isc::radius::RadiusImpl::getIOService
isc::asiolink::IOServicePtr getIOService()
Get the hook I/O service.
Definition radius.h:239
isc::radius::RadiusImpl::instance
static RadiusImpl & instance()
RadiusImpl is a singleton class.
Definition radius.cc:163
isc::radius::RadiusImpl::serveAccess
bool serveAccess() const
Check if access is served.
Definition radius.cc:362
isc::radius::RadiusImpl::use_message_authenticator_
bool use_message_authenticator_
Use Message-Authenticator attribute.
Definition radius.h:338
isc::radius::RadiusTls
Radius service for TLS transport.
Definition radius_tls.h:16
isc::radius::UdpClient
UDP client class.
Definition radius.h:39
isc::radius::UdpClient::registerExchange
void registerExchange(ExchangePtr exchange)
Register Exchange.
Definition radius.cc:149
isc::radius::UdpClient::unregisterExchange
void unregisterExchange(ExchangePtr exchange)
Unregister Exchange.
Definition radius.cc:155
isc::radius::UdpClient::~UdpClient
~UdpClient()
Destructor.
Definition radius.cc:56
isc::radius::UdpClient::getThreadIOService
const asiolink::IOServicePtr getThreadIOService() const
Fetches a pointer to the internal IOService used to drive the thread-pool in multi-threaded mode.
Definition radius.cc:66
isc::radius::UdpClient::checkPermissions
void checkPermissions()
Check if the current thread can perform thread pool state transition.
Definition radius.cc:100
isc::radius::UdpClient::resume
void resume()
Resumes running the client's thread pool.
Definition radius.cc:135
isc::radius::UdpClient::stop
void stop()
Halts client-side IO activity.
Definition radius.cc:81
isc::radius::UdpClient::UdpClient
UdpClient(const asiolink::IOServicePtr &io_service, unsigned thread_pool_size=0)
Constructor.
Definition radius.cc:36
isc::radius::UdpClient::pause
void pause()
Pauses the client's thread pool.
Definition radius.cc:120
isc::radius::UdpClient::start
void start()
Starts running the client's thread pool, if multi-threaded.
Definition radius.cc:71
isc::radius::UdpClient::getThreadPoolSize
unsigned getThreadPoolSize() const
Fetches the maximum size of the thread pool.
Definition radius.cc:61
isc::tcp::TcpClient
TCP/TLS client class.
Definition tcp_client.h:80
isc::util::MultiThreadingMgr::instance
static MultiThreadingMgr & instance()
Returns a single instance of Multi Threading Manager.
Definition multi_threading_mgr.cc:25
isc::util::MultiThreadingMgr::removeCriticalSectionCallbacks
void removeCriticalSectionCallbacks(const std::string &name)
Removes the set of callbacks associated with a given name from the list of CriticalSection callbacks.
Definition multi_threading_mgr.cc:224
isc::util::MultiThreadingMgr::detectThreadCount
static uint32_t detectThreadCount()
The system current detected hardware concurrency thread count.
Definition multi_threading_mgr.cc:119
isc::util::MultiThreadingMgr::addCriticalSectionCallbacks
void addCriticalSectionCallbacks(const std::string &name, const CSCallbackSet::Callback &check_cb, const CSCallbackSet::Callback &entry_cb, const CSCallbackSet::Callback &exit_cb)
Adds a set of callbacks to the list of CriticalSection callbacks.
Definition multi_threading_mgr.cc:216
isc_throw
#define isc_throw(type, stream)
A shortcut macro to insert known values into exception arguments.
Definition exceptions/exceptions.h:210
host_data_source_factory.h
host_mgr.h
LOG_ERROR
#define LOG_ERROR(LOGGER, MESSAGE)
Macro to conveniently test error output and log it.
Definition macros.h:32
LOG_INFO
#define LOG_INFO(LOGGER, MESSAGE)
Macro to conveniently test info output and log it.
Definition macros.h:20
LOG_WARN
#define LOG_WARN(LOGGER, MESSAGE)
Macro to conveniently test warn output and log it.
Definition macros.h:26
multi_threading_mgr.h
isc::data::ConstElementPtr
boost::shared_ptr< const Element > ConstElementPtr
Definition data.h:30
isc::data::ElementPtr
boost::shared_ptr< Element > ElementPtr
Definition data.h:29
isc::dhcp::HostDataSourcePtr
boost::shared_ptr< BaseHostDataSource > HostDataSourcePtr
HostDataSource pointer.
Definition base_host_data_source.h:572
isc::dhcp::SubnetPtr
boost::shared_ptr< Subnet > SubnetPtr
A generic pointer to either Subnet4 or Subnet6 object.
Definition subnet.h:449
isc::dhcp::NetworkPtr
boost::shared_ptr< Network > NetworkPtr
Pointer to the Network object.
Definition network.h:73
isc::radius::RADIUS_ACCESS_HOST_BACKEND_ERROR
const isc::log::MessageID RADIUS_ACCESS_HOST_BACKEND_ERROR
Definition radius_messages.h:19
isc::radius::RADIUS_RESUME_FAILED
const isc::log::MessageID RADIUS_RESUME_FAILED
Definition radius_messages.h:79
isc::radius::RadiusImplPtr
boost::shared_ptr< RadiusImpl > RadiusImplPtr
Definition radius.h:139
isc::radius::Servers
std::vector< ServerPtr > Servers
Type of RADIUS server collection.
Definition client_server.h:228
isc::radius::ExchangePtr
boost::shared_ptr< Exchange > ExchangePtr
Type of shared pointers to RADIUS exchange object.
Definition client_exchange.h:55
isc::radius::RADIUS_CLEANUP_EXCEPTION
const isc::log::MessageID RADIUS_CLEANUP_EXCEPTION
Definition radius_messages.h:53
isc::radius::protocolToText
string protocolToText(const int proto)
Transport protocol to text.
Definition client_server.cc:56
isc::radius::RADIUS_PAUSE_FAILED
const isc::log::MessageID RADIUS_PAUSE_FAILED
Definition radius_messages.h:75
isc::radius::RADIUS_ACCESS_NO_HOST_CACHE
const isc::log::MessageID RADIUS_ACCESS_NO_HOST_CACHE
Definition radius_messages.h:21
isc::radius::radius_logger
isc::log::Logger radius_logger("radius-hooks")
Radius Logger.
Definition radius_log.h:35
isc::radius::RADIUS_THREAD_POOL_STARTED
const isc::log::MessageID RADIUS_THREAD_POOL_STARTED
Definition radius_messages.h:95
isc::radius::RADIUS_PAUSE_ILLEGAL
const isc::log::MessageID RADIUS_PAUSE_ILLEGAL
Definition radius_messages.h:76
isc::radius::RADIUS_PAUSE_PERMISSIONS_FAILED
const isc::log::MessageID RADIUS_PAUSE_PERMISSIONS_FAILED
Definition radius_messages.h:77
isc
Defines the logger used by the top-level component of kea-lfc.
Definition check_exists_add.cc:18
radius_access.h
radius_accounting.h
radius_log.h
radius_parsers.h
radius_tls.h
isc::util::MultiThreadingLock
RAII lock object to protect the code in the same scope with a mutex.
Definition multi_threading_mgr.h:349