The FreeRADIUS server  $Id: 15bac2a4c627c01d1aa2047687b3418955ac7f00 $
proto_arp.c
Go to the documentation of this file.
1 /*
2  * This program is free software; you can redistribute it and/or modify
3  * it under the terms of the GNU General Public License as published by
4  * the Free Software Foundation; either version 2 of the License, or
5  * (at your option) any later version.
6  *
7  * This program is distributed in the hope that it will be useful,
8  * but WITHOUT ANY WARRANTY; without even the implied warranty of
9  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
10  * GNU General Public License for more details.
11  *
12  * You should have received a copy of the GNU General Public License
13  * along with this program; if not, write to the Free Software
14  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
15  */
16 
17 /**
18  * $Id: 12a7b9fad664d01f9e79ae7db9c49bf650f44241 $
19  * @file proto_arp.c
20  * @brief RADIUS master protocol handler.
21  *
22  * @copyright 2017 Arran Cudbard-Bell (a.cudbardb@freeradius.org)
23  * @copyright 2016 Alan DeKok (aland@freeradius.org)
24  */
25 #include <freeradius-devel/server/module_rlm.h>
26 #include <freeradius-devel/server/virtual_servers.h>
27 #include <freeradius-devel/server/packet.h>
28 #include <freeradius-devel/util/debug.h>
29 #include "proto_arp.h"
30 
31 extern fr_app_t proto_arp;
32 
33 /** How to parse an ARP listen section
34  *
35  */
36 static conf_parser_t const proto_arp_config[] = {
37  { FR_CONF_OFFSET("num_messages", proto_arp_t, num_messages) } ,
38 
39  { FR_CONF_OFFSET("active", proto_arp_t, active), .dflt = "false" } ,
40 
41  CONF_PARSER_TERMINATOR
42 };
43 
44 static fr_dict_t const *dict_arp;
45 
46 extern fr_dict_autoload_t proto_arp_dict[];
47 fr_dict_autoload_t proto_arp_dict[] = {
48  { .out = &dict_arp, .proto = "arp" },
49  { NULL }
50 };
51 
52 #if 0
53 static fr_dict_attr_t const *attr_packet_type;
54 
55 extern fr_dict_attr_autoload_t proto_arp_dict_attr[];
56 fr_dict_attr_autoload_t proto_arp_dict_attr[] = {
57  { .out = &attr_packet_type, .name = "Packet-Type", .type = FR_TYPE_UINT32, .dict = &dict_arp},
58  { NULL }
59 };
60 #endif
61 
62 /** Decode the packet
63  *
64  */
65 static int mod_decode(UNUSED void const *instance, request_t *request, uint8_t *const data, size_t data_len)
66 {
67 // proto_arp_t const *inst = talloc_get_type_abort_const(instance, proto_arp_t);
68  fr_arp_packet_t const *arp;
69 
70  /*
71  * Set the request dictionary so that we can do
72  * generic->protocol attribute conversions as
73  * the request runs through the server.
74  */
75  request->dict = dict_arp;
76 
77  if (fr_arp_decode(request->request_ctx, &request->request_pairs, data, data_len) < 0) {
78  RPEDEBUG("Failed decoding packet");
79  return -1;
80  }
81 
82  arp = (fr_arp_packet_t const *) data;
83  request->packet->code = fr_nbo_to_uint16(arp->op);
84  fr_assert(request->packet->code < FR_ARP_CODE_MAX);
85 
86  request->packet->data = talloc_memdup(request->packet, data, data_len);
87  request->packet->data_len = data_len;
88 
89  if (fr_packet_pairs_from_packet(request->request_ctx, &request->request_pairs, request->packet) < 0) {
90  RPEDEBUG("Failed decoding 'Net.*' packet");
91  return -1;
92  }
93 
94  REQUEST_VERIFY(request);
95 
96  if (RDEBUG_ENABLED) {
97  RDEBUG("Received ARP %s via socket %s",
98  fr_arp_packet_codes[request->packet->code],
99  request->async->listen->name);
100 
101  log_request_pair_list(L_DBG_LVL_1, request, NULL, &request->request_pairs, NULL);
102  }
103 
104  return 0;
105 }
106 
107 static uint8_t const zeros[6] = { 0 };
108 
109 static ssize_t mod_encode(void const *instance, request_t *request, uint8_t *buffer, size_t buffer_len)
110 {
111  ssize_t slen;
112  proto_arp_t const *inst = talloc_get_type_abort_const(instance, proto_arp_t);
113  fr_arp_packet_t *arp;
114 
115  /*
116  * Process layer NAK, never respond, or "Do not respond".
117  */
118  if ((buffer_len == 1) || !inst->active ||
119  (request->reply->code == FR_ARP_DO_NOT_RESPOND) ||
120  (request->reply->code == 0) || (request->reply->code >= FR_ARP_CODE_MAX)) {
121  *buffer = false;
122  return 1;
123  }
124 
125  slen = fr_arp_encode(&FR_DBUFF_TMP(buffer, buffer_len), request->packet->data, &request->reply_pairs);
126  if (slen <= 0) {
127  RPEDEBUG("Failed encoding reply");
128  return -1;
129  }
130  fr_assert(slen == FR_ARP_PACKET_SIZE);
131 
132  arp = (fr_arp_packet_t *) buffer;
133  fr_assert(request->packet->data_len == FR_ARP_PACKET_SIZE);
134 
135  if (memcmp(arp->sha, zeros, sizeof(arp->sha)) == 0) {
136  RDEBUG("WARNING: Sender-Hardware-Address of zeros will likely cause problems");
137  }
138 
139  fr_packet_pairs_to_packet(request->reply, &request->reply_pairs);
140 
141  if (RDEBUG_ENABLED) {
142  RDEBUG("Sending %d via socket %s",
143  request->reply->code,
144  request->async->listen->name);
145 
146  log_request_pair_list(L_DBG_LVL_1, request, NULL, &request->reply_pairs, NULL);
147  }
148 
149  return slen;
150 }
151 
152 /** Open listen sockets/connect to external event source
153  *
154  * @param[in] instance Ctx data for this application.
155  * @param[in] sc to add our file descriptor to.
156  * @param[in] conf Listen section parsed to give us instance.
157  * @return
158  * - 0 on success.
159  * - -1 on failure.
160  */
161 static int mod_open(void *instance, fr_schedule_t *sc, UNUSED CONF_SECTION *conf)
162 {
163  fr_listen_t *li;
164  proto_arp_t *inst = talloc_get_type_abort(instance, proto_arp_t);
165 
166  /*
167  * Build the #fr_listen_t. This describes the complete
168  * path, data takes from the socket to the decoder and
169  * back again.
170  */
171  li = talloc_zero(inst, fr_listen_t);
172  talloc_set_destructor(li, fr_io_listen_free);
173 
174  li->app = &proto_arp;
175  li->app_instance = instance;
176  li->server_cs = inst->server_cs;
177 
178  /*
179  * Set configurable parameters for message ring buffer.
180  */
181  li->default_message_size = FR_ARP_PACKET_SIZE;
182  li->num_messages = inst->num_messages;
183 
184  li->app_io = inst->app_io;
185  li->app_io_instance = inst->app_io_instance;
186  if (li->app_io->common.thread_inst_size) {
187  li->thread_instance = talloc_zero_array(NULL, uint8_t, li->app_io->common.thread_inst_size);
188  talloc_set_name(li->thread_instance, "proto_%s_thread_t", inst->app_io->common.name);
189  }
190 
191  /*
192  * Open the raw socket.
193  */
194  if (inst->app_io->open(li) < 0) {
195  talloc_free(li);
196  return -1;
197  }
198  fr_assert(li->fd >= 0);
199 
200  li->name = inst->app_io->get_name(li);
201 
202  /*
203  * Watch the directory for changes.
204  */
205  if (!fr_schedule_listen_add(sc, li)) {
206  talloc_free(li);
207  return -1;
208  }
209 
210  inst->listen = li; /* Probably won't need it, but doesn't hurt */
211  inst->sc = sc;
212 
213  return 0;
214 }
215 
216 /** Instantiate the application
217  *
218  * Instantiate I/O and type submodules.
219  *
220  * @return
221  * - 0 on success.
222  * - -1 on failure.
223  */
224 static int mod_instantiate(module_inst_ctx_t const *mctx)
225 {
226  proto_arp_t *inst = talloc_get_type_abort(mctx->inst->data, proto_arp_t);
227  CONF_SECTION *conf = mctx->inst->conf;
228  /*
229  * Instantiate the I/O module. But DON'T instantiate the
230  * work submodule. We leave that until later.
231  */
232  if (inst->app_io->common.instantiate &&
233  (inst->app_io->common.instantiate(MODULE_INST_CTX(inst->io_submodule)) < 0)) {
234  cf_log_err(conf, "Instantiation failed for \"%s\"", inst->app_io->common.name);
235  return -1;
236  }
237 
238  if (!inst->num_messages) inst->num_messages = 256;
239 
240  FR_INTEGER_BOUND_CHECK("num_messages", inst->num_messages, >=, 32);
241  FR_INTEGER_BOUND_CHECK("num_messages", inst->num_messages, <=, 65535);
242 
243  return 0;
244 }
245 
246 
247 /** Bootstrap the application
248  *
249  * Bootstrap I/O and type submodules.
250  *
251  * @return
252  * - 0 on success.
253  * - -1 on failure.
254  */
255 static int mod_bootstrap(module_inst_ctx_t const *mctx)
256 {
257  proto_arp_t *inst = talloc_get_type_abort(mctx->inst->data, proto_arp_t);
258  CONF_SECTION *conf = mctx->inst->conf;
259  dl_module_inst_t *parent_inst;
260 
261  /*
262  * Ensure that the server CONF_SECTION is always set.
263  */
264  inst->server_cs = cf_item_to_section(cf_parent(conf));
265  inst->cs = conf;
266 
267  parent_inst = cf_data_value(cf_data_find(inst->cs, dl_module_inst_t, "proto_arp"));
268  fr_assert(parent_inst);
269 
270  if (dl_module_instance(inst->cs, &inst->io_submodule,
271  parent_inst,
272  DL_MODULE_TYPE_SUBMODULE, "ethernet", dl_module_inst_name_from_conf(inst->cs)) < 0) {
273  cf_log_perr(inst->cs, "Failed to load proto_arp_ethernet");
274  return -1;
275  }
276 
277  if (dl_module_conf_parse(inst->io_submodule, inst->cs) < 0) {
278  TALLOC_FREE(inst->io_submodule);
279  return -1;
280  }
281 
282  /*
283  * Bootstrap the I/O module
284  */
285  inst->app_io = (fr_app_io_t const *) inst->io_submodule->module->common;
286  inst->app_io_instance = inst->io_submodule->data;
287  inst->app_io_conf = conf;
288 
289  if (inst->app_io->common.bootstrap && (inst->app_io->common.bootstrap(MODULE_INST_CTX(inst->io_submodule)) < 0)) {
290  cf_log_err(inst->app_io_conf, "Bootstrap failed for \"%s\"", inst->app_io->common.name);
291  return -1;
292  }
293 
294  return 0;
295 }
296 
297 static int mod_load(void)
298 {
299  if (fr_arp_global_init() < 0) {
300  PERROR("Failed initialising protocol library");
301  return -1;
302  }
303  return 0;
304 }
305 
306 static void mod_unload(void)
307 {
308  fr_arp_global_free();
309 }
310 
311 fr_app_t proto_arp = {
312  .common = {
313  .magic = MODULE_MAGIC_INIT,
314  .name = "arp",
315  .config = proto_arp_config,
316  .inst_size = sizeof(proto_arp_t),
317  .onload = mod_load,
318  .unload = mod_unload,
319  .bootstrap = mod_bootstrap,
320  .instantiate = mod_instantiate
321  },
322  .dict = &dict_arp,
323  .open = mod_open,
324  .decode = mod_decode,
325  .encode = mod_encode,
326 };
buffer
static int const char char buffer[256]
Definition: acutest.h:574
fr_app_io_t::common
module_t common
Common fields to all loadable modules.
Definition: app_io.h:34
fr_app_io_t
Public structure describing an I/O path for a protocol.
Definition: app_io.h:33
fr_app_t::common
module_t common
Common fields provided by all modules.
Definition: application.h:72
fr_app_t
Describes a new application (protocol)
Definition: application.h:71
fr_arp_packet_t::op
uint8_t op[2]
1 - Request, 2 - Reply.
Definition: arp.h:56
fr_arp_global_free
void fr_arp_global_free(void)
Definition: base.c:284
fr_arp_global_init
int fr_arp_global_init(void)
Definition: base.c:261
FR_ARP_CODE_MAX
@ FR_ARP_CODE_MAX
Definition: arp.h:69
FR_ARP_DO_NOT_RESPOND
@ FR_ARP_DO_NOT_RESPOND
Definition: arp.h:70
fr_arp_decode
ssize_t fr_arp_decode(TALLOC_CTX *ctx, fr_pair_list_t *out, uint8_t const *packet, size_t packet_len)
Decode a raw ARP packet into VPs.
Definition: base.c:221
FR_ARP_PACKET_SIZE
#define FR_ARP_PACKET_SIZE
Definition: arp.h:37
fr_arp_packet_codes
char const * fr_arp_packet_codes[FR_ARP_CODE_MAX]
Definition: base.c:63
fr_arp_encode
ssize_t fr_arp_encode(fr_dbuff_t *dbuff, uint8_t const *original, fr_pair_list_t *vps)
Encode VPS into a raw ARP packet.
Definition: base.c:146
fr_arp_packet_t::sha
uint8_t sha[ETHER_ADDR_LEN]
sender hardware address.
Definition: arp.h:57
fr_arp_packet_t
Definition: arp.h:51
UNUSED
#define UNUSED
Definition: build.h:313
CONF_PARSER_TERMINATOR
#define CONF_PARSER_TERMINATOR
Definition: cf_parse.h:626
FR_INTEGER_BOUND_CHECK
#define FR_INTEGER_BOUND_CHECK(_name, _var, _op, _bound)
Definition: cf_parse.h:486
FR_CONF_OFFSET
#define FR_CONF_OFFSET(_name, _struct, _field)
conf_parser_t which parses a single CONF_PAIR, writing the result to a field in a struct
Definition: cf_parse.h:268
conf_parser_s
Defines a CONF_PAIR to C data type mapping.
Definition: cf_parse.h:563
cf_section
A section grouping multiple CONF_PAIR.
Definition: cf_priv.h:89
cf_data_value
void * cf_data_value(CONF_DATA const *cd)
Return the user assigned value of CONF_DATA.
Definition: cf_util.c:1680
cf_item_to_section
CONF_SECTION * cf_item_to_section(CONF_ITEM const *ci)
Cast a CONF_ITEM to a CONF_SECTION.
Definition: cf_util.c:649
cf_log_err
#define cf_log_err(_cf, _fmt,...)
Definition: cf_util.h:265
cf_data_find
#define cf_data_find(_cf, _type, _name)
Definition: cf_util.h:220
cf_parent
#define cf_parent(_cf)
Definition: cf_util.h:98
cf_log_perr
#define cf_log_perr(_cf, _fmt,...)
Definition: cf_util.h:272
FR_DBUFF_TMP
#define FR_DBUFF_TMP(_start, _len_or_end)
Creates a compound literal to pass into functions which accept a dbuff.
Definition: dbuff.h:509
attr_packet_type
static fr_dict_attr_t const * attr_packet_type
Definition: dhcpclient.c:89
fr_dict_attr_autoload_t::out
fr_dict_attr_t const ** out
Where to write a pointer to the resolved fr_dict_attr_t.
Definition: dict.h:250
fr_dict_autoload_t::out
fr_dict_t const ** out
Where to write a pointer to the loaded/resolved fr_dict_t.
Definition: dict.h:263
fr_dict_attr_autoload_t
Specifies an attribute which must be present for the module to function.
Definition: dict.h:249
fr_dict_autoload_t
Specifies a dictionary which must be loaded/loadable for the module to function.
Definition: dict.h:262
dl_module_instance
int dl_module_instance(TALLOC_CTX *ctx, dl_module_inst_t **out, dl_module_inst_t const *parent, dl_module_type_t type, char const *mod_name, char const *inst_name)
Load a module and parse its CONF_SECTION in one operation.
Definition: dl_module.c:552
dl_module_inst_name_from_conf
char const * dl_module_inst_name_from_conf(CONF_SECTION *conf)
Avoid boilerplate when setting the module instance name.
Definition: dl_module.c:584
dl_module_conf_parse
int dl_module_conf_parse(dl_module_inst_t *dl_inst, CONF_SECTION *conf)
Definition: dl_module.c:594
DL_MODULE_TYPE_SUBMODULE
@ DL_MODULE_TYPE_SUBMODULE
Driver (or method in the case of EAP)
Definition: dl_module.h:71
dl_module_instance_s::data
void *_CONST data
Module instance's parsed configuration.
Definition: dl_module.h:165
MODULE_MAGIC_INIT
#define MODULE_MAGIC_INIT
Stop people using different module/library/server versions together.
Definition: dl_module.h:65
dl_module_instance_s::conf
CONF_SECTION *_CONST conf
Module's instance configuration.
Definition: dl_module.h:166
dl_module_instance_s
A module/inst tuple.
Definition: dl_module.h:162
fr_listen::num_messages
size_t num_messages
for the message ring buffer
Definition: listen.h:52
fr_listen::name
char const * name
printable name for this socket - set by open
Definition: listen.h:29
fr_listen::app_instance
void const * app_instance
Definition: listen.h:38
fr_listen::default_message_size
size_t default_message_size
copied from app_io, but may be changed
Definition: listen.h:51
fr_listen::app
fr_app_t const * app
Definition: listen.h:37
fr_listen::app_io_instance
void const * app_io_instance
I/O path configuration context.
Definition: listen.h:32
fr_io_listen_free
int fr_io_listen_free(fr_listen_t *li)
Definition: master.c:2915
fr_listen::server_cs
CONF_SECTION * server_cs
CONF_SECTION of the server.
Definition: listen.h:40
fr_listen::thread_instance
void * thread_instance
thread / socket context
Definition: listen.h:33
fr_listen::fd
int fd
file descriptor for this socket - set by open
Definition: listen.h:28
fr_listen::app_io
fr_app_io_t const * app_io
I/O path functions.
Definition: listen.h:31
fr_listen
Definition: listen.h:25
log_request_pair_list
void log_request_pair_list(fr_log_lvl_t lvl, request_t *request, fr_pair_t const *parent, fr_pair_list_t const *vps, char const *prefix)
Print a fr_pair_list_t.
Definition: log.c:821
PERROR
#define PERROR(_fmt,...)
Definition: log.h:228
RPEDEBUG
#define RPEDEBUG(fmt,...)
Definition: log.h:376
fr_packet_pairs_to_packet
void fr_packet_pairs_to_packet(fr_packet_t *packet, fr_pair_list_t const *list)
Convert pairs to information in a packet.
Definition: packet.c:136
fr_packet_pairs_from_packet
int fr_packet_pairs_from_packet(TALLOC_CTX *ctx, fr_pair_list_t *list, fr_packet_t const *packet)
Allocate a "Net." struct with src/dst host and port.
Definition: packet.c:86
talloc_free
talloc_free(reap)
L_DBG_LVL_1
@ L_DBG_LVL_1
Highest priority debug messages (-x).
Definition: log.h:70
FR_TYPE_UINT32
@ FR_TYPE_UINT32
32 Bit unsigned integer.
Definition: merged_model.c:99
ssize_t
long int ssize_t
Definition: merged_model.c:24
uint8_t
unsigned char uint8_t
Definition: merged_model.c:30
fr_dict_attr_t
Definition: merged_model.c:133
fr_dict_t
Definition: merged_model.c:198
request_t
Definition: merged_model.c:210
MODULE_INST_CTX
#define MODULE_INST_CTX(_dl_inst)
Wrapper to create a module_inst_ctx_t as a compound literal.
Definition: module_ctx.h:153
module_inst_ctx_t::inst
dl_module_inst_t const * inst
Dynamic loader API handle for the module.
Definition: module_ctx.h:52
module_inst_ctx_t
Temporary structure to hold arguments for instantiation calls.
Definition: module_ctx.h:51
fr_nbo_to_uint16
static uint16_t fr_nbo_to_uint16(uint8_t const data[static sizeof(uint16_t)])
Read an unsigned 16bit integer from wire format (big endian)
Definition: nbo.h:137
mod_load
static int mod_load(void)
Definition: proto_arp.c:297
proto_arp
fr_app_t proto_arp
Definition: proto_arp.c:311
mod_bootstrap
static int mod_bootstrap(module_inst_ctx_t const *mctx)
Bootstrap the application.
Definition: proto_arp.c:255
mod_encode
static ssize_t mod_encode(void const *instance, request_t *request, uint8_t *buffer, size_t buffer_len)
Definition: proto_arp.c:109
mod_unload
static void mod_unload(void)
Definition: proto_arp.c:306
proto_arp_config
static conf_parser_t const proto_arp_config[]
How to parse an ARP listen section.
Definition: proto_arp.c:36
dict_arp
static fr_dict_t const * dict_arp
Definition: proto_arp.c:44
zeros
static uint8_t const zeros[6]
Definition: proto_arp.c:107
mod_decode
static int mod_decode(UNUSED void const *instance, request_t *request, uint8_t *const data, size_t data_len)
Decode the packet.
Definition: proto_arp.c:65
mod_instantiate
static int mod_instantiate(module_inst_ctx_t const *mctx)
Instantiate the application.
Definition: proto_arp.c:224
mod_open
static int mod_open(void *instance, fr_schedule_t *sc, UNUSED CONF_SECTION *conf)
Open listen sockets/connect to external event source.
Definition: proto_arp.c:161
proto_arp_dict
fr_dict_autoload_t proto_arp_dict[]
Definition: proto_arp.c:47
proto_arp.h
proto_arp_t
Definition: proto_arp.h:29
RDEBUG
#define RDEBUG(fmt,...)
Definition: radclient.h:53
RDEBUG_ENABLED
#define RDEBUG_ENABLED()
Definition: radclient.h:49
conf
static rs_t * conf
Definition: radsniff.c:53
REQUEST_VERIFY
#define REQUEST_VERIFY(_x)
Definition: request.h:275
instantiate
static int instantiate(module_inst_ctx_t const *mctx)
Definition: rlm_rest.c:1312
fr_schedule_listen_add
fr_network_t * fr_schedule_listen_add(fr_schedule_t *sc, fr_listen_t *li)
Add a fr_listen_t to a scheduler.
Definition: schedule.c:823
fr_schedule_s
The scheduler.
Definition: schedule.c:125
module_s::thread_inst_size
size_t thread_inst_size
Definition: module.h:151
sc
static const uchar sc[16]
Definition: smbdes.c:115
if
if(!subtype_vp) goto fail
Definition: state_machine.c:1734
fr_assert
fr_assert(0)
inst
eap_aka_sim_process_conf_t * inst
Definition: state_machine.c:3633
talloc_get_type_abort_const
#define talloc_get_type_abort_const
Definition: talloc.h:270
data
static fr_slen_t data
Definition: value.h:1259
Generated by   doxygen 1.9.1