TACACS+ handler for TCP. More...

#include <netdb.h>
#include <freeradius-devel/server/protocol.h>
#include <freeradius-devel/util/trie.h>
#include <freeradius-devel/io/application.h>
#include <freeradius-devel/io/listen.h>
#include <freeradius-devel/io/schedule.h>
#include "proto_tacacs.h"

Include dependency graph for proto_tacacs_tcp.c:

Go to the source code of this file.

Data Structures
struct	proto_tacacs_tcp_t

struct	proto_tacacs_tcp_thread_t

Macros
#define	TACACS_MAX_ATTRIBUTES 256

Functions
static int	mod_bootstrap (module_inst_ctx_t const *mctx)

static fr_client_t *	mod_client_find (fr_listen_t li, fr_ipaddr_t const ipaddr, int ipproto)

static int	mod_connection_set (fr_listen_t li, fr_io_address_t connection)

static int	mod_fd_set (fr_listen_t *li, int fd)
	Set the file descriptor for this socket. More...

static char const *	mod_name (fr_listen_t *li)

static void	mod_network_get (void instance, int ipproto, bool dynamic_clients, fr_trie_t const *trie)

static int	mod_open (fr_listen_t *li)
	Open a TCP listener for TACACS+. More...

static ssize_t	mod_read (fr_listen_t li, UNUSED void packet_ctx, fr_time_t recv_time_p, uint8_t buffer, size_t buffer_len, size_t leftover)
	Read TACACS data from a TCP connection. More...

static ssize_t	mod_write (fr_listen_t li, UNUSED void packet_ctx, UNUSED fr_time_t request_time, uint8_t *buffer, size_t buffer_len, size_t written)

Variables
static const conf_parser_t	networks_config []

static const char *	packet_name []

fr_app_io_t	proto_tacacs_tcp

static const conf_parser_t	tcp_listen_config []

Detailed Description

TACACS+ handler for TCP.

Id: 63d41e38a0506af8bfd75f1bb9707e108402156d

Author: Jorge Pereira jpere.nosp@m.ira@.nosp@m.freer.nosp@m.adiu.nosp@m.s.org

Copyright: 2020 The FreeRADIUS server project.; 2020 Network RADIUS SAS (legal.nosp@m.@net.nosp@m.workr.nosp@m.adiu.nosp@m.s.com)

Definition in file proto_tacacs_tcp.c.

Data Structure Documentation

◆ proto_tacacs_tcp_t

struct proto_tacacs_tcp_t

Definition at line 48 of file proto_tacacs_tcp.c.

Collaboration diagram for proto_tacacs_tcp_t:

Data Fields
fr_ipaddr_t *	allow	allowed networks for dynamic clients
fr_client_list_t *	clients	local clients
CONF_SECTION *	cs	our configuration
fr_ipaddr_t *	deny	denied networks for dynamic clients
bool	dynamic_clients	whether we have dynamic clients
char const *	interface	Interface to bind to.
fr_ipaddr_t	ipaddr	IP address to listen on.
uint32_t	max_attributes	Limit maximum decodable attributes.
uint32_t	max_packet_size	for message ring buffer.
uint16_t	port	Port to listen on.
char const *	port_name	Name of the port for getservent().
uint32_t	recv_buff	How big the kernel's receive buffer should be.
bool	recv_buff_is_set	Whether we were provided with a recv_buff.
fr_trie_t *	trie	for parsed networks

◆ proto_tacacs_tcp_thread_t

struct proto_tacacs_tcp_thread_t

Definition at line 39 of file proto_tacacs_tcp.c.

Collaboration diagram for proto_tacacs_tcp_thread_t:

Data Fields
fr_io_address_t *	connection	for connected sockets.
char const *	name	socket name
int	sockfd
fr_stats_t	stats	statistics for this socket

Macro Definition Documentation

◆ TACACS_MAX_ATTRIBUTES

#define TACACS_MAX_ATTRIBUTES 256

Definition at line 37 of file proto_tacacs_tcp.c.

Function Documentation

◆ mod_bootstrap()

static int mod_bootstrap ( module_inst_ctx_t const * mctx )

static

Definition at line 401 of file proto_tacacs_tcp.c.

Here is the call graph for this function:

◆ mod_client_find()

static fr_client_t* mod_client_find	(	fr_listen_t *	li,
		fr_ipaddr_t const *	ipaddr,
		int	ipproto
	)

static

Definition at line 486 of file proto_tacacs_tcp.c.

Here is the call graph for this function:

◆ mod_connection_set()

static int mod_connection_set	(	fr_listen_t *	li,
		fr_io_address_t *	connection
	)

static

Definition at line 311 of file proto_tacacs_tcp.c.

◆ mod_fd_set()

static int mod_fd_set	(	fr_listen_t *	li,
		int	fd
	)

static

Set the file descriptor for this socket.

Definition at line 379 of file proto_tacacs_tcp.c.

Here is the call graph for this function:

◆ mod_name()

static char const* mod_name ( fr_listen_t * li )

static

Definition at line 394 of file proto_tacacs_tcp.c.

◆ mod_network_get()

static void mod_network_get	(	void *	instance,
		int *	ipproto,
		bool *	dynamic_clients,
		fr_trie_t const **	trie
	)

static

Definition at line 320 of file proto_tacacs_tcp.c.

◆ mod_open()

static int mod_open ( fr_listen_t * li )

static

Open a TCP listener for TACACS+.

Definition at line 332 of file proto_tacacs_tcp.c.

Here is the call graph for this function:

◆ mod_read()

static ssize_t mod_read	(	fr_listen_t *	li,
		UNUSED void **	packet_ctx,
		fr_time_t *	recv_time_p,
		uint8_t *	buffer,
		size_t	buffer_len,
		size_t *	leftover
	)

static

Read TACACS data from a TCP connection.

Parameters

[in]	li	representing a client connection.
[in]	packet_ctx	UNUSED.
[out]	recv_time_p	When we read the packet. For some protocols we get this for free (but not here).
[out]	buffer	to read into.
[in]	buffer_len	Maximum length of the buffer.
[in,out]	leftover	If the previous read didn't yield a complete packet we will have written how many bytes we read in leftover and returned 0. On the next call, we use the value of leftover to offset the position we start writing into the buffer. *leftover must be subtracted from buffer_len when calculating free space in the buffer.

Returns

>0 when a packet was read successfully.
0 when we read a partial packet.
- <0 on error (socket should be closed).

Definition at line 126 of file proto_tacacs_tcp.c.

Here is the call graph for this function:

◆ mod_write()

static ssize_t mod_write	(	fr_listen_t *	li,
		UNUSED void *	packet_ctx,
		UNUSED fr_time_t	request_time,
		uint8_t *	buffer,
		size_t	buffer_len,
		size_t	written
	)

static

Definition at line 248 of file proto_tacacs_tcp.c.

Here is the call graph for this function:

Variable Documentation

◆ networks_config

const conf_parser_t networks_config[]

static

Initial value:

= {
        { FR_CONF_OFFSET_TYPE_FLAGS("allow", FR_TYPE_COMBO_IP_PREFIX , CONF_FLAG_MULTI, proto_tacacs_tcp_t, allow) },
        { FR_CONF_OFFSET_TYPE_FLAGS("deny", FR_TYPE_COMBO_IP_PREFIX , CONF_FLAG_MULTI, proto_tacacs_tcp_t, deny) },
 
        CONF_PARSER_TERMINATOR
}

Definition at line 73 of file proto_tacacs_tcp.c.

◆ packet_name

const char* packet_name[]

static

Initial value:

= {
        [FR_TAC_PLUS_AUTHEN] = "Authentication",
        [FR_TAC_PLUS_AUTHOR] = "Authorization",
        [FR_TAC_PLUS_ACCT] = "Accounting",
}

Definition at line 100 of file proto_tacacs_tcp.c.

◆ proto_tacacs_tcp

fr_app_io_t proto_tacacs_tcp

Initial value:

= {
        .common = {
                .magic                  = MODULE_MAGIC_INIT,
                .name                   = "tacacs_tcp",
                .config                 = tcp_listen_config,
                .inst_size              = sizeof(proto_tacacs_tcp_t),
                .thread_inst_size       = sizeof(proto_tacacs_tcp_thread_t),
                .bootstrap              = mod_bootstrap,
        },
        .default_message_size   = 4096,
        .track_duplicates       = false,
 
        .open                   = mod_open,
        .read                   = mod_read,
        .write                  = mod_write,
        .fd_set                 = mod_fd_set,
        .connection_set         = mod_connection_set,
        .network_get            = mod_network_get,
        .client_find            = mod_client_find,
        .get_name               = mod_name,
}

Definition at line 503 of file proto_tacacs_tcp.c.

◆ tcp_listen_config

const conf_parser_t tcp_listen_config[]

static

Initial value:

= {
        { FR_CONF_OFFSET_TYPE_FLAGS("ipaddr", FR_TYPE_COMBO_IP_ADDR, 0, proto_tacacs_tcp_t, ipaddr) },
        { FR_CONF_OFFSET_TYPE_FLAGS("ipv4addr", FR_TYPE_IPV4_ADDR, 0, proto_tacacs_tcp_t, ipaddr) },
        { FR_CONF_OFFSET_TYPE_FLAGS("ipv6addr", FR_TYPE_IPV6_ADDR, 0, proto_tacacs_tcp_t, ipaddr) },
 
        { FR_CONF_OFFSET("interface", proto_tacacs_tcp_t, interface) },
        { FR_CONF_OFFSET("port_name", proto_tacacs_tcp_t, port_name) },
 
        { FR_CONF_OFFSET("port", proto_tacacs_tcp_t, port), .dflt = "49" },
        { FR_CONF_OFFSET_IS_SET("recv_buff", FR_TYPE_UINT32, 0, proto_tacacs_tcp_t, recv_buff) },
 
        { FR_CONF_OFFSET("dynamic_clients", proto_tacacs_tcp_t, dynamic_clients) } ,
        { FR_CONF_POINTER("networks", 0, CONF_FLAG_SUBSECTION, NULL), .subcs = (void const *) networks_config },
 
        { FR_CONF_OFFSET("max_packet_size", proto_tacacs_tcp_t, max_packet_size), .dflt = "4096" } ,
        { FR_CONF_OFFSET("max_attributes", proto_tacacs_tcp_t, max_attributes), .dflt = STRINGIFY(TACACS_MAX_ATTRIBUTES) } ,
 
        CONF_PARSER_TERMINATOR
}

Definition at line 80 of file proto_tacacs_tcp.c.

Data Structures

Macros

Functions

Variables

Detailed Description

Data Structure Documentation

◆ proto_tacacs_tcp_t

◆ proto_tacacs_tcp_thread_t

Macro Definition Documentation

◆ TACACS_MAX_ATTRIBUTES

Function Documentation

◆ mod_bootstrap()

◆ mod_client_find()

◆ mod_connection_set()

◆ mod_fd_set()

◆ mod_name()

◆ mod_network_get()

◆ mod_open()

◆ mod_read()

◆ mod_write()

Variable Documentation

◆ networks_config

◆ packet_name

◆ proto_tacacs_tcp

◆ tcp_listen_config