Enable new source port limiting for %radius.sendto.ipaddr()

author Nick Porter <nick@portercomputing.co.uk>

Thu, 7 Aug 2025 16:39:15 +0000 (17:39 +0100)

committer Nick Porter <nick@portercomputing.co.uk>

Thu, 7 Aug 2025 16:41:22 +0000 (17:41 +0100)
author Nick Porter <nick@portercomputing.co.uk>
Thu, 7 Aug 2025 16:39:15 +0000 (17:39 +0100)
committer Nick Porter <nick@portercomputing.co.uk>
Thu, 7 Aug 2025 16:41:22 +0000 (17:41 +0100)
diff --git a/src/modules/rlm_radius/bio.c b/src/modules/rlm_radius/bio.c

index 3ae7d61b1db0cfda6b31f2e33d9127e62d6bff4a..bab5b87748e71d26d913bce9efe2da39b82655fd 100644 (file)
--- a/src/modules/rlm_radius/bio.c
+++ b/src/modules/rlm_radius/bio.c
@@ -45,9 +45,7 @@ typedef struct {
         fr_bio_fd_config_t      fd_config;      //!< for threads or sockets
         fr_bio_fd_info_t const  *fd_info;       //!< status of the FD.
         fr_radius_ctx_t         radius_ctx;     //!< for signing packets
-#ifdef REUSE_CONN
         bool                    limit_source_ports;
-#endif
  } bio_handle_ctx_t;
  
  typedef struct {
@@ -136,10 +134,8 @@ typedef struct {
  
         fr_rb_expire_node_t     expire;
  
-#ifdef REUSE_CONN
         int                     num_ports;
         connection_t            *connections[]; //!< for tracking outbound connections
-#endif
  } home_server_t;
  
  
@@ -721,9 +717,7 @@ static connection_state_t conn_init(void **h_out, connection_t *conn, void *uctx
         int                     fd;
         bio_handle_t            *h;
         bio_handle_ctx_t        *ctx = uctx; /* thread or home server */
-#ifdef REUSE_CONN
         connection_t            **to_save = NULL;
-#endif
  
         MEM(h = talloc_zero(conn, bio_handle_t));
         h->ctx = *ctx;
@@ -736,7 +730,6 @@ static connection_state_t conn_init(void **h_out, connection_t *conn, void *uctx
  
         MEM(h->tt = radius_track_alloc(h));
  
-#ifdef REUSE_CONN
         /*
          *      We are proxying to multiple home servers, but using a limited port range.  We must track the
          *      source port for each home server, so that we only can select the right unused source port for
@@ -765,7 +758,6 @@ static connection_state_t conn_init(void **h_out, connection_t *conn, void *uctx
                         goto fail;
                 }
         }
-#endif
  
         h->bio.fd = fr_bio_fd_alloc(h, &h->ctx.fd_config, 0);
         if (!h->bio.fd) {
@@ -865,9 +857,7 @@ static connection_state_t conn_init(void **h_out, connection_t *conn, void *uctx
  
         *h_out = h;
  
-#ifdef REUSE_CONN
         if (to_save) *to_save = conn;
-#endif
  
         return CONNECTION_STATE_CONNECTING;
  }
@@ -875,11 +865,7 @@ static connection_state_t conn_init(void **h_out, connection_t *conn, void *uctx
  /** Shutdown/close a file descriptor
   *
   */
-static void conn_close(UNUSED fr_event_list_t *el, void *handle,
-#ifndef REUSE_CONN
-  UNUSED
-#endif
-  void *uctx)
+static void conn_close(UNUSED fr_event_list_t *el, void *handle, void *uctx)
  {
         bio_handle_t *h = talloc_get_type_abort(handle, bio_handle_t);
  
@@ -899,7 +885,6 @@ static void conn_close(UNUSED fr_event_list_t *el, void *handle,
          *      We have opened a limited number of outbound source ports.  This means that when we close a
          *      port, we have to mark it unused.
          */
-#ifdef REUSE_CONN
         if (h->ctx.limit_source_ports) {
                 int offset;
                 home_server_t *home = talloc_get_type_abort(uctx, home_server_t);
@@ -914,7 +899,6 @@ static void conn_close(UNUSED fr_event_list_t *el, void *handle,
  
                 home->connections[offset] = NULL;
         }
-#endif
  
         DEBUG4("Freeing handle %p", handle);
  
@@ -2885,7 +2869,6 @@ static xlat_action_t xlat_radius_client(UNUSED TALLOC_CTX *ctx, UNUSED fr_dcurso
                         },
                 });
         if (!home) {
-#ifdef REUSE_CONN
                 size_t num_ports = 0;
  
                 /*
@@ -2897,23 +2880,15 @@ static xlat_action_t xlat_radius_client(UNUSED TALLOC_CTX *ctx, UNUSED fr_dcurso
  
                 MEM(home = (home_server_t *) talloc_zero_array(thread, uint8_t, sizeof(home_server_t) + sizeof(connection_t *) * num_ports));
                 talloc_set_type(home, home_server_t);
-#else
-               MEM(home = talloc(thread, home_server_t));
-#endif
  
                 *home = (home_server_t) {
                         .ctx = (bio_handle_ctx_t) {
                                 .el = unlang_interpret_event_list(request),
                                 .module_name = inst->name,
                                 .inst = inst,
-#ifdef REUSE_CONN
                                 .limit_source_ports = (num_ports > 0),
-#endif
                         },
-
-#ifdef REUSE_CONN
                         .num_ports = num_ports,
-#endif
                 };
  
                 /*
diff --git a/src/modules/rlm_radius/rlm_radius.c b/src/modules/rlm_radius/rlm_radius.c

index d687ad0671d389011bedf5469a206df2443bb2d9..ecc53b9a918effbeda53ba4fd8db79e4e749c9fe 100644 (file)
--- a/src/modules/rlm_radius/rlm_radius.c
+++ b/src/modules/rlm_radius/rlm_radius.c
@@ -729,9 +729,7 @@ check_others:
                                 return -1;
                         }
  
-#ifdef REUSE_CONN
                         inst->fd_config.reuse_port = 1;
-#endif
                 }
         }
author	Nick Porter <nick@portercomputing.co.uk>
	Thu, 7 Aug 2025 16:39:15 +0000 (17:39 +0100)
committer	Nick Porter <nick@portercomputing.co.uk>
	Thu, 7 Aug 2025 16:41:22 +0000 (17:41 +0100)
src/modules/rlm_radius/bio.c		patch \| blob \| blame \| history
src/modules/rlm_radius/rlm_radius.c		patch \| blob \| blame \| history