The FreeRADIUS server  $Id: 15bac2a4c627c01d1aa2047687b3418955ac7f00 $
base.c
Go to the documentation of this file.
1 /*
2  * This program is free software; you can redistribute it and/or modify
3  * it under the terms of the GNU General Public License as published by
4  * the Free Software Foundation; either version 2 of the License, or
5  * (at your option) any later version.
6  *
7  * This program is distributed in the hope that it will be useful,
8  * but WITHOUT ANY WARRANTY; without even the implied warranty of
9  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
10  * GNU General Public License for more details.
11  *
12  * You should have received a copy of the GNU General Public License
13  * along with this program; if not, write to the Free Software
14  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
15  */
16 
17 /**
18  * $Id: 7bcde3c7a528dbd4104c222904ee6dd1f89fd1a4 $
19  * @file src/process/bfd/base.c
20  * @brief BFD processing.
21  *
22  * @copyright 2023 Network RADIUS SAS (legal@networkradius.com)
23  */
24 #include <freeradius-devel/server/protocol.h>
25 #include <freeradius-devel/util/debug.h>
26 #include <freeradius-devel/bfd/bfd.h>
27 #include "bfd/session.h"
28 
29 static fr_dict_t const *dict_bfd;
30 
31 extern fr_dict_autoload_t process_bfd_dict[];
32 fr_dict_autoload_t process_bfd_dict[] = {
33  { .out = &dict_bfd, .proto = "bfd" },
34  { NULL }
35 };
36 
37 static fr_dict_attr_t const *attr_packet_type;
38 static fr_dict_attr_t const *attr_bfd_packet;
39 static fr_dict_attr_t const *attr_bfd_state;
40 
41 extern fr_dict_attr_autoload_t process_bfd_dict_attr[];
42 fr_dict_attr_autoload_t process_bfd_dict_attr[] = {
43  { .out = &attr_packet_type, .name = "Packet-Type", .type = FR_TYPE_UINT32, .dict = &dict_bfd},
44 
45  { .out = &attr_bfd_packet, .name = "Packet", .type = FR_TYPE_STRUCT, .dict = &dict_bfd},
46  { .out = &attr_bfd_state, .name = "Packet.state", .type = FR_TYPE_UINT8, .dict = &dict_bfd},
47 
48  { NULL }
49 };
50 
51 #define SECTION(_x) \
52  CONF_SECTION *recv_ ## _x; \
53  CONF_SECTION *send_ ## _x
54 
55 typedef struct {
56  uint64_t nothing; // so that the next field isn't at offset 0
57 
58  SECTION(admin_down);
59  SECTION(down);
60  SECTION(init);
61  SECTION(up);
62 } process_bfd_sections_t;
63 
64 typedef struct {
65  bool unused;
66 
67  process_bfd_sections_t sections;
68 } process_bfd_t;
69 
70 #define PROCESS_PACKET_TYPE fr_bfd_packet_code_t
71 #define PROCESS_CODE_MAX FR_BFD_CODE_MAX
72 #define PROCESS_PACKET_CODE_VALID FR_BFD_PACKET_CODE_VALID
73 #define PROCESS_INST process_bfd_t
74 
75 #define PROCESS_SEND_RECV (1)
76 
77 #include <freeradius-devel/server/process.h>
78 
79 /*
80  * Debug the packet if requested.
81  */
82 static void bfd_packet_debug(request_t *request, fr_packet_t *packet, fr_pair_list_t *list, bool received)
83 {
84 #ifdef WITH_IFINDEX_NAME_RESOLUTION
85  char if_name[IFNAMSIZ];
86 #endif
87 
88  if (!packet) return;
89  if (!RDEBUG_ENABLED) return;
90 
91  log_request(L_DBG, L_DBG_LVL_1, request, __FILE__, __LINE__, "%s %s ID %d from %s%pV%s:%i to %s%pV%s:%i "
92 #ifdef WITH_IFINDEX_NAME_RESOLUTION
93  "%s%s%s"
94 #endif
95  "",
96  received ? "Received" : "Sending",
97  fr_bfd_packet_names[packet->code],
98  packet->id,
99  packet->socket.inet.src_ipaddr.af == AF_INET6 ? "[" : "",
100  fr_box_ipaddr(packet->socket.inet.src_ipaddr),
101  packet->socket.inet.src_ipaddr.af == AF_INET6 ? "]" : "",
102  packet->socket.inet.src_port,
103  packet->socket.inet.dst_ipaddr.af == AF_INET6 ? "[" : "",
104  fr_box_ipaddr(packet->socket.inet.dst_ipaddr),
105  packet->socket.inet.dst_ipaddr.af == AF_INET6 ? "]" : "",
106  packet->socket.inet.dst_port
107 #ifdef WITH_IFINDEX_NAME_RESOLUTION
108  , packet->socket.inet.ifindex ? "via " : "",
109  packet->socket.inet.ifindex ? fr_ifname_from_ifindex(if_name, packet->socket.inet.ifindex) : "",
110  packet->socket.inet.ifindex ? " " : ""
111 #endif
112  );
113 
114  if (received || request->parent) {
115  log_request_pair_list(L_DBG_LVL_1, request, NULL, list, NULL);
116  } else {
117  log_request_proto_pair_list(L_DBG_LVL_1, request, NULL, list, NULL);
118  }
119 }
120 
121 RESUME_NO_MCTX(recv_bfd)
122 {
123  rlm_rcode_t rcode = *p_result;
124  fr_pair_t *vp;
125  uint32_t state = 0;
126 
127  PROCESS_TRACE;
128 
129  fr_assert(rcode < RLM_MODULE_NUMCODES);
130 
131  if (rcode == RLM_MODULE_FAIL) {
132  state = FR_BFD_ADMIN_DOWN;
133  } else {
134  /*
135  * Check for a state / reply code.
136  */
137  vp = fr_pair_find_by_da(&request->reply_pairs, NULL, attr_packet_type);
138  if (vp) {
139  state = vp->vp_uint32;
140  } else {
141  vp = fr_pair_find_by_da(&request->reply_pairs, NULL, attr_bfd_packet);
142  if (vp) vp = fr_pair_find_by_da_nested(&vp->vp_group, NULL, attr_bfd_state);
143  if (vp) state = vp->vp_uint8;
144  }
145  }
146 
147  fr_assert(PROCESS_PACKET_CODE_VALID(state));
148 
149  request->reply->code = state;
150 
151  request->reply->timestamp = fr_time();
152 
153  return UNLANG_ACTION_CALCULATE_RESULT;
154 }
155 
156 
157 /*
158  * recv FOO
159  */
160 static fr_process_state_t const process_state_packet[] = {
161  [ FR_BFD_ADMIN_DOWN ] = {
162  .default_reply = FR_BFD_DOWN,
163  .rcode = RLM_MODULE_NOOP,
164  .recv = recv_generic,
165  .resume = resume_recv_bfd,
166  .section_offset = offsetof(process_bfd_sections_t, recv_admin_down),
167  },
168 
169  [ FR_BFD_DOWN ] = {
170  .default_reply = FR_BFD_DOWN,
171  .rcode = RLM_MODULE_NOOP,
172  .recv = recv_generic,
173  .resume = resume_recv_bfd,
174  .section_offset = offsetof(process_bfd_sections_t, recv_down),
175  },
176 
177  [ FR_BFD_INIT ] = {
178  .default_reply = FR_BFD_UP,
179  .rcode = RLM_MODULE_NOOP,
180  .recv = recv_generic,
181  .resume = resume_recv_bfd,
182  .section_offset = offsetof(process_bfd_sections_t, recv_init),
183  },
184 
185  [ FR_BFD_UP ] = {
186  .default_reply = FR_BFD_UP,
187  .rcode = RLM_MODULE_NOOP,
188  .recv = recv_generic,
189  .resume = resume_recv_bfd,
190  .section_offset = offsetof(process_bfd_sections_t, recv_up),
191  },
192 };
193 
194 /*
195  * send FOO
196  */
197 static fr_process_state_t const process_state_reply[] = {
198  [ FR_BFD_ADMIN_DOWN ] = {
199  .rcode = RLM_MODULE_NOOP,
200  .send = send_generic,
201  .resume = resume_send_generic,
202  .section_offset = offsetof(process_bfd_sections_t, send_admin_down),
203  },
204 
205  [ FR_BFD_DOWN ] = {
206  .rcode = RLM_MODULE_NOOP,
207  .send = send_generic,
208  .resume = resume_send_generic,
209  .section_offset = offsetof(process_bfd_sections_t, send_down),
210  },
211 
212  [ FR_BFD_INIT ] = {
213  .rcode = RLM_MODULE_NOOP,
214  .send = send_generic,
215  .resume = resume_send_generic,
216  .section_offset = offsetof(process_bfd_sections_t, send_init),
217  },
218 
219  [ FR_BFD_UP ] = {
220  .rcode = RLM_MODULE_NOOP,
221  .send = send_generic,
222  .resume = resume_send_generic,
223  .section_offset = offsetof(process_bfd_sections_t, send_up),
224  },
225 };
226 
227 static unlang_action_t mod_process(rlm_rcode_t *p_result, module_ctx_t const *mctx, request_t *request)
228 {
229  fr_process_state_t const *state;
230  bfd_wrapper_t const *wrapper;
231 
232  PROCESS_TRACE;
233 
234  (void)talloc_get_type_abort_const(mctx->inst->data, process_bfd_t);
235  fr_assert(PROCESS_PACKET_CODE_VALID(request->packet->code));
236 
237  request->component = "bfd";
238  request->module = NULL;
239 
240  fr_assert(request->dict == dict_bfd);
241 
242  wrapper = (bfd_wrapper_t const *) request->packet->data;
243 
244  /*
245  * If there's no packet, we must be calling the "send" routine
246  */
247  if (wrapper->type == BFD_WRAPPER_SEND_PACKET) {
248  fr_assert(wrapper->type == BFD_WRAPPER_SEND_PACKET);
249 
250  UPDATE_STATE(reply);
251 
252  bfd_packet_debug(request, request->reply, &request->reply_pairs, false);
253  return state->send(p_result, mctx, request);
254  }
255 
256  fr_assert(wrapper->type == BFD_WRAPPER_RECV_PACKET);
257 
258  UPDATE_STATE(packet);
259 
260  if (!state->recv) {
261  REDEBUG("Invalid packet type (%u)", request->packet->code);
262  RETURN_MODULE_FAIL;
263  }
264 
265  bfd_packet_debug(request, request->packet, &request->request_pairs, true);
266 
267  return state->recv(p_result, mctx, request);
268 }
269 
270 /*
271  * We send and receive the same packet types.
272  */
273 #define SEND_RECV(_x, _y) \
274  { \
275  .name = "recv", \
276  .name2 = _x, \
277  .component = MOD_POST_AUTH, \
278  .offset = PROCESS_CONF_OFFSET(recv_ ## _y), \
279  }, \
280  { \
281  .name = "send", \
282  .name2 = _x, \
283  .component = MOD_POST_AUTH, \
284  .offset = PROCESS_CONF_OFFSET(send_ ## _y), \
285  }
286 
287 static const virtual_server_compile_t compile_list[] = {
288  SEND_RECV("Admin-Down", admin_down),
289  SEND_RECV("Down", down),
290  SEND_RECV("Init", init),
291  SEND_RECV("Up", up),
292 
293  COMPILE_TERMINATOR
294 };
295 
296 
297 extern fr_process_module_t process_bfd;
298 fr_process_module_t process_bfd = {
299  .common = {
300  .magic = MODULE_MAGIC_INIT,
301  .name = "bfd",
302  .inst_size = sizeof(process_bfd_t),
303  },
304  .process = mod_process,
305  .compile_list = compile_list,
306  .dict = &dict_bfd,
307 };
unlang_action_t
unlang_action_t
Returned by unlang_op_t calls, determine the next action of the interpreter.
Definition: action.h:35
UNLANG_ACTION_CALCULATE_RESULT
@ UNLANG_ACTION_CALCULATE_RESULT
Calculate a new section rlm_rcode_t value.
Definition: action.h:37
FR_BFD_INIT
@ FR_BFD_INIT
Definition: bfd.h:146
FR_BFD_ADMIN_DOWN
@ FR_BFD_ADMIN_DOWN
Definition: bfd.h:144
FR_BFD_UP
@ FR_BFD_UP
Definition: bfd.h:147
FR_BFD_DOWN
@ FR_BFD_DOWN
Definition: bfd.h:145
fr_dict_attr_autoload_t::out
fr_dict_attr_t const ** out
Where to write a pointer to the resolved fr_dict_attr_t.
Definition: dict.h:250
fr_dict_autoload_t::out
fr_dict_t const ** out
Where to write a pointer to the loaded/resolved fr_dict_t.
Definition: dict.h:263
fr_dict_attr_autoload_t
Specifies an attribute which must be present for the module to function.
Definition: dict.h:249
fr_dict_autoload_t
Specifies a dictionary which must be loaded/loadable for the module to function.
Definition: dict.h:262
dl_module_instance_s::data
void *_CONST data
Module instance's parsed configuration.
Definition: dl_module.h:165
MODULE_MAGIC_INIT
#define MODULE_MAGIC_INIT
Stop people using different module/library/server versions together.
Definition: dl_module.h:65
log_request_proto_pair_list
void log_request_proto_pair_list(fr_log_lvl_t lvl, request_t *request, fr_pair_t const *parent, fr_pair_list_t const *vps, char const *prefix)
Print a list of protocol fr_pair_ts.
Definition: log.c:845
log_request
void log_request(fr_log_type_t type, fr_log_lvl_t lvl, request_t *request, char const *file, int line, char const *fmt,...)
Marshal variadic log arguments into a va_list and pass to normal logging functions.
Definition: log.c:603
log_request_pair_list
void log_request_pair_list(fr_log_lvl_t lvl, request_t *request, fr_pair_t const *parent, fr_pair_list_t const *vps, char const *prefix)
Print a fr_pair_list_t.
Definition: log.c:821
L_DBG_LVL_1
@ L_DBG_LVL_1
Highest priority debug messages (-x).
Definition: log.h:70
L_DBG
@ L_DBG
Only displayed when debugging is enabled.
Definition: log.h:59
BFD_WRAPPER_SEND_PACKET
@ BFD_WRAPPER_SEND_PACKET
Definition: session.h:127
BFD_WRAPPER_RECV_PACKET
@ BFD_WRAPPER_RECV_PACKET
Definition: session.h:126
bfd_wrapper_t::type
uint32_t type
Definition: session.h:142
bfd_wrapper_t
Definition: session.h:141
FR_TYPE_UINT8
@ FR_TYPE_UINT8
8 Bit unsigned integer.
Definition: merged_model.c:97
FR_TYPE_UINT32
@ FR_TYPE_UINT32
32 Bit unsigned integer.
Definition: merged_model.c:99
FR_TYPE_STRUCT
@ FR_TYPE_STRUCT
like TLV, but without T or L, and fixed-width children
Definition: merged_model.c:119
uint32_t
unsigned int uint32_t
Definition: merged_model.c:33
fr_dict_attr_t
Definition: merged_model.c:133
fr_dict_t
Definition: merged_model.c:198
request_t
Definition: merged_model.c:210
module_ctx_t::inst
dl_module_inst_t const * inst
Dynamic loader API handle for the module.
Definition: module_ctx.h:42
module_ctx_t
Temporary structure to hold arguments for module calls.
Definition: module_ctx.h:41
fr_pair_find_by_da
fr_pair_t * fr_pair_find_by_da(fr_pair_list_t const *list, fr_pair_t const *prev, fr_dict_attr_t const *da)
Find the first pair with a matching da.
Definition: pair.c:688
fr_pair_find_by_da_nested
fr_pair_t * fr_pair_find_by_da_nested(fr_pair_list_t const *list, fr_pair_t const *prev, fr_dict_attr_t const *da)
Find a pair with a matching fr_dict_attr_t, by walking the nested fr_dict_attr_t tree.
Definition: pair.c:765
process_bfd_dict
fr_dict_autoload_t process_bfd_dict[]
Definition: base.c:32
attr_packet_type
static fr_dict_attr_t const * attr_packet_type
Definition: base.c:37
attr_bfd_packet
static fr_dict_attr_t const * attr_bfd_packet
Definition: base.c:38
mod_process
static unlang_action_t mod_process(rlm_rcode_t *p_result, module_ctx_t const *mctx, request_t *request)
Definition: base.c:227
process_bfd_t::sections
process_bfd_sections_t sections
Definition: base.c:67
process_bfd
fr_process_module_t process_bfd
Definition: base.c:298
process_bfd_t::unused
bool unused
Definition: base.c:65
compile_list
static const virtual_server_compile_t compile_list[]
Definition: base.c:287
bfd_packet_debug
static void bfd_packet_debug(request_t *request, fr_packet_t *packet, fr_pair_list_t *list, bool received)
Definition: base.c:82
attr_bfd_state
static fr_dict_attr_t const * attr_bfd_state
Definition: base.c:39
process_state_reply
static fr_process_state_t const process_state_reply[]
Definition: base.c:197
process_bfd_dict_attr
fr_dict_attr_autoload_t process_bfd_dict_attr[]
Definition: base.c:42
dict_bfd
static fr_dict_t const * dict_bfd
Definition: base.c:29
SEND_RECV
#define SEND_RECV(_x, _y)
Definition: base.c:273
PROCESS_PACKET_CODE_VALID
#define PROCESS_PACKET_CODE_VALID
Definition: base.c:72
process_state_packet
static fr_process_state_t const process_state_packet[]
Definition: base.c:160
RESUME_NO_MCTX
RESUME_NO_MCTX(recv_bfd)
Definition: base.c:121
process_bfd_t
Definition: base.c:64
PROCESS_TRACE
#define PROCESS_TRACE
Trace each state function as it's entered.
Definition: process.h:65
fr_process_module_s::common
module_t common
Common fields for all loadable modules.
Definition: process.h:55
fr_process_module_s
Common public symbol definition for all process modules.
Definition: process.h:54
fr_bfd_packet_names
char const * fr_bfd_packet_names[FR_BFD_CODE_MAX]
Definition: base.c:63
REDEBUG
#define REDEBUG(fmt,...)
Definition: radclient.h:52
RDEBUG_ENABLED
#define RDEBUG_ENABLED()
Definition: radclient.h:49
rlm_rcode_t
rlm_rcode_t
Return codes indicating the result of the module call.
Definition: rcode.h:40
RLM_MODULE_FAIL
@ RLM_MODULE_FAIL
Module failed, don't reply.
Definition: rcode.h:42
RLM_MODULE_NOOP
@ RLM_MODULE_NOOP
Module succeeded without doing anything.
Definition: rcode.h:48
RLM_MODULE_NUMCODES
@ RLM_MODULE_NUMCODES
How many valid return codes there are.
Definition: rcode.h:50
RETURN_MODULE_FAIL
RETURN_MODULE_FAIL
Definition: state_machine.c:1220
if
if(!subtype_vp) goto fail
Definition: state_machine.c:1734
fr_assert
fr_assert(0)
init
init
Enter the EAP-IDENTITY state.
Definition: state_machine.c:90
vp
fr_pair_t * vp
Definition: state_machine.c:2271
fr_time
#define fr_time()
Allow us to arbitrarily manipulate time.
Definition: state_test.c:8
pair_list_s
Definition: pair.h:52
process_bfd_sections_t
Definition: base.c:55
process_bfd_sections_t::SECTION
SECTION(up)
process_bfd_sections_t::SECTION
SECTION(down)
process_bfd_sections_t::SECTION
SECTION(init)
process_bfd_sections_t::SECTION
SECTION(admin_down)
process_bfd_sections_t::nothing
uint64_t nothing
Definition: base.c:56
value_pair_s
Stores an attribute, a value and various bits of other data.
Definition: pair.h:68
talloc_get_type_abort_const
#define talloc_get_type_abort_const
Definition: talloc.h:270
fr_packet_t::code
unsigned int code
Packet code (type).
Definition: packet.h:61
fr_packet_t::socket
fr_socket_t socket
This packet was received on.
Definition: packet.h:57
fr_packet_t::id
int id
Packet ID (used to link requests/responses).
Definition: packet.h:60
fr_packet_t
Definition: packet.h:56
fr_socket_t::af
int af
AF_INET, AF_INET6, or AF_UNIX.
Definition: socket.h:78
fr_box_ipaddr
#define fr_box_ipaddr(_val)
Definition: value.h:287
COMPILE_TERMINATOR
#define COMPILE_TERMINATOR
Definition: virtual_servers.h:92
virtual_server_compile_t
Processing sections which are allowed in this virtual server.
Definition: virtual_servers.h:81
Generated by   doxygen 1.9.1