#include <freeradius-devel/build.h>
#include <freeradius-devel/features.h>
#include <talloc.h>
#include <freeradius-devel/missing.h>
#include <stdio.h>
#include <stdlib.h>
#include <stdarg.h>
#include <stdbool.h>
#include <signal.h>
#include <freeradius-devel/threads.h>
#include <freeradius-devel/radius.h>
#include <freeradius-devel/token.h>
#include <freeradius-devel/hash.h>
#include <freeradius-devel/inet.h>
#include <freeradius-devel/regex.h>
#include <freeradius-devel/dict.h>
#include <freeradius-devel/pair.h>
#include <freeradius-devel/proto.h>
#include <freeradius-devel/conf.h>
#include <freeradius-devel/radpaths.h>
#include <freeradius-devel/sha1.h>
#include <freeradius-devel/md4.h>
#include <freeradius-devel/packet.h>
#include <freeradius-devel/tcp.h>
Go to the source code of this file.
Data Structures | |
struct | fr_radius_ctx |
struct | fr_randctx |
struct | radius_packet |
Macros | |
#define | AUTH_PASS_LEN (AUTH_VECTOR_LEN) |
#define | AUTH_VECTOR_LEN 16 |
#define | BLANK_FORMAT " " /* GCC_LINT whines about empty formats */ |
#define | CHAP_VALUE_LENGTH 16 |
#define | fr_assert(_x) fr_assert_cond(__FILE__, __LINE__, #_x, (_x)) |
#define | fr_exit(_x) _fr_exit(__FILE__, __LINE__, (_x)) |
#define | fr_exit_now(_x) _fr_exit_now(__FILE__, __LINE__, (_x)) |
#define | FR_FAULT_LOG(fmt,...) fr_fault_log(fmt "\n", ## __VA_ARGS__) |
#define | FR_MAX_PACKET_CODE (52) |
#define | FR_TUNNEL_PW_ENC_LENGTH(_x) (2 + 1 + _x + PAD(_x + 1, 16)) |
#define | FREE_MAGIC (0xF4EEF4EE) |
#define | is_radius_code(_x) ((_x > 0) && (_x < FR_MAX_PACKET_CODE)) |
#define | is_truncated(_ret, _max) ((_ret) >= (size_t)(_max)) |
#define | MAGIC_COMMIT(_x) ((uint32_t) (_x & 0xffffffff)) |
#define | MAGIC_PREFIX(_x) ((uint8_t) (_x >> 56)) |
#define | MAGIC_VERSION(_x) ((uint32_t) ((_x >> 32) & 0x00ffffff)) |
#define | MAX_PASS_LEN (128) |
#define | MAX_STRING_LEN 254 /* RFC2138: string 0-253 octets */ |
#define | NEVER_RETURNS CC_HINT(noreturn) |
#define | PAD(_x, _y) (_y - ((_x) % _y)) |
#define | PRINTF_LIKE(n) CC_HINT(format(printf, n, n+1)) |
#define | RADIUSD_MAGIC_NUMBER ((uint64_t) HEXIFY3(f4, RADIUSD_VERSION, 00000000)) |
#define | RBTREE_FLAG_LOCK (1 << 1) |
#define | RBTREE_FLAG_NONE (0) |
#define | RBTREE_FLAG_REPLACE (1 << 0) |
#define | RETURN_IF_TRUNCATED(_p, _ret, _max) |
Boilerplate for checking truncation. More... | |
#define | truncate_len(_ret, _max) (((_ret) >= (size_t)(_max)) ? (((size_t)(_max)) - 1) : _ret) |
#define | UNUSED CC_HINT(unused) |
#define | VERIFY_ALL_TALLOC |
Typedefs | |
typedef struct fr_bt_marker | fr_bt_marker_t |
typedef struct fr_cbuff | fr_cbuff_t |
typedef void(*) fr_debug_state_ | fr_debug_state ) |
typedef int(* | fr_fault_cb_t )(int signum) |
Optional callback passed to fr_fault_setup. More... | |
typedef void(* | fr_fault_log_t )(char const *msg,...) CC_HINT(format(printf |
typedef void(* | fr_fifo_free_t )(void *) |
typedef struct fr_fifo_t | fr_fifo_t |
typedef struct fr_radius_ctx | fr_radius_ctx_t |
typedef struct fr_randctx | fr_randctx |
typedef struct radius_packet | RADIUS_PACKET |
typedef int(* | rb_comparator_t )(void const *ctx, void const *data) |
typedef void(* | rb_free_t )(void *data) |
typedef int(* | rb_walker_t )(void *ctx, void *data) |
typedef struct rbnode_t | rbnode_t |
typedef struct rbtree_t | rbtree_t |
typedef void(* | sig_t )(int) |
Functions | |
void NEVER_RETURNS | _fr_exit (char const *file, int line, int status) |
Exit possibly printing a message about why we're exiting. More... | |
void NEVER_RETURNS | _fr_exit_now (char const *file, int line, int status) |
Exit possibly printing a message about why we're exiting. More... | |
void | backtrace_print (fr_cbuff_t *cbuff, void *obj) |
char * | fr_abin2hex (TALLOC_CTX *ctx, uint8_t const *bin, size_t inlen) |
Convert binary data to a hex string. More... | |
char * | fr_asprint (TALLOC_CTX *ctx, char const *in, ssize_t inlen, char quote) |
Escape string that may contain binary data, and write it to a new buffer. More... | |
void bool | fr_assert_cond (char const *file, int line, char const *expr, bool cond) |
A soft assertion which triggers the fault handler in debug builds. More... | |
fr_bt_marker_t * | fr_backtrace_attach (fr_cbuff_t **cbuff, TALLOC_CTX *obj) |
int | fr_backtrace_do (fr_bt_marker_t *marker) |
size_t | fr_bin2hex (char *hex, uint8_t const *bin, size_t inlen) |
Convert binary data to a hex string. More... | |
int | fr_blocking (int fd) |
void void void | fr_canonicalize_error (TALLOC_CTX *ctx, char **spaces, char **text, ssize_t slen, char const *msg) |
Canonicalize error strings, removing tabs, and generate spaces for error marker. More... | |
fr_cbuff_t * | fr_cbuff_alloc (TALLOC_CTX *ctx, uint32_t size, bool lock) |
void | fr_cbuff_rp_insert (fr_cbuff_t *cbuff, void *obj) |
Insert a new element into the buffer, and steal it from it's original context. More... | |
void * | fr_cbuff_rp_next (fr_cbuff_t *cbuff, TALLOC_CTX *ctx) |
Remove an item from the buffer, and reparent to ctx. More... | |
int | fr_check_lib_magic (uint64_t magic) |
Check if the application linking to the library has the correct magic number. More... | |
int | fr_crypt_check (char const *key, char const *salt) |
void | fr_cursor_copy (vp_cursor_t *out, vp_cursor_t *in) |
Copy a cursor. More... | |
VALUE_PAIR * | fr_cursor_current (vp_cursor_t *cursor) |
Return the VALUE_PAIR the cursor current points to. More... | |
void | fr_cursor_end (vp_cursor_t *cursor) |
Moves cursor past the last attribute to the end. More... | |
VALUE_PAIR * | fr_cursor_first (vp_cursor_t *cursor) |
Rewind cursor to the start of the list. More... | |
void | fr_cursor_free (vp_cursor_t *cursor) |
Free the current pair and all pairs after it. More... | |
VALUE_PAIR * | fr_cursor_init (vp_cursor_t *cursor, VALUE_PAIR *const *node) |
Setup a cursor to iterate over attribute pairs. More... | |
void | fr_cursor_insert (vp_cursor_t *cursor, VALUE_PAIR *vp) |
Insert a single VALUE_PAIR at the end of the list. More... | |
VALUE_PAIR * | fr_cursor_last (vp_cursor_t *cursor) |
Wind cursor to the last pair in the list. More... | |
void | fr_cursor_merge (vp_cursor_t *cursor, VALUE_PAIR *vp) |
Merges multiple VALUE_PAIR into the cursor. More... | |
VALUE_PAIR * | fr_cursor_next (vp_cursor_t *cursor) |
Advanced the cursor to the next VALUE_PAIR. More... | |
VALUE_PAIR * | fr_cursor_next_by_da (vp_cursor_t *cursor, fr_dict_attr_t const *da, int8_t tag) CC_HINT(nonnull) |
Iterate over attributes of a given DA in the pairlist. More... | |
VALUE_PAIR * | fr_cursor_next_by_num (vp_cursor_t *cursor, unsigned int vendor, unsigned int attr, int8_t tag) |
Iterate over a collection of VALUE_PAIRs of a given type in the pairlist. More... | |
VALUE_PAIR * | fr_cursor_next_peek (vp_cursor_t *cursor) |
Return the next VALUE_PAIR without advancing the cursor. More... | |
VALUE_PAIR * | fr_cursor_remove (vp_cursor_t *cursor) |
Remove the current pair. More... | |
VALUE_PAIR * | fr_cursor_replace (vp_cursor_t *cursor, VALUE_PAIR *new) |
Replace the current pair. More... | |
void | fr_debug_break (bool always) |
Break in debugger (if were running under a debugger) More... | |
char const * | fr_debug_state_to_msg (fr_debug_state_t state) |
Return current value of debug_state. More... | |
void | fr_fault (int sig) |
Prints a simple backtrace (if execinfo is available) and calls panic_action if set. More... | |
void | fr_fault_log (char const *msg,...) CC_HINT(format(printf |
void | fr_fault_set_cb (fr_fault_cb_t func) |
Set a callback to be called before fr_fault() More... | |
void | fr_fault_set_log_fd (int fd) |
Set a file descriptor to log memory reports to. More... | |
int | fr_fault_setup (char const *cmd, char const *program) |
Registers signal handlers to execute panic_action on fatal signal. More... | |
fr_fifo_t * | fr_fifo_create (TALLOC_CTX *ctx, int max_entries, fr_fifo_free_t freeNode) |
void | fr_fifo_free (fr_fifo_t *fi) |
unsigned int | fr_fifo_num_elements (fr_fifo_t *fi) |
void * | fr_fifo_peek (fr_fifo_t *fi) |
void * | fr_fifo_pop (fr_fifo_t *fi) |
int | fr_fifo_push (fr_fifo_t *fi, void *data) |
int | fr_get_time (char const *date_str, time_t *date) |
Convert string in various formats to a time_t. More... | |
size_t | fr_hex2bin (uint8_t *bin, size_t outlen, char const *hex, size_t inlen) |
Convert hex strings to binary data. More... | |
void | fr_isaac (fr_randctx *ctx) |
int | fr_log_talloc_report (TALLOC_CTX *ctx) |
Generate a talloc memory report for a context and print to stderr/stdout. More... | |
int | fr_nonblock (int fd) |
void | fr_panic_on_free (TALLOC_CTX *ctx) |
Insert memory into the context of another talloc memory chunk which causes a panic when freed. More... | |
void void | fr_perror (char const *,...) CC_HINT(format(printf |
int8_t | fr_pointer_cmp (void const *a, void const *b) |
Compares two pointers. More... | |
void | fr_printf_log (char const *,...) CC_HINT(format(printf |
void | fr_quick_sort (void const *to_sort[], int min_idx, int max_idx, fr_cmp_t cmp) |
Quick sort an array of pointers using a comparator. More... | |
RADIUS_PACKET * | fr_radius_alloc (TALLOC_CTX *ctx, bool new_vector) |
Allocate a new RADIUS_PACKET. More... | |
RADIUS_PACKET * | fr_radius_alloc_reply (TALLOC_CTX *ctx, RADIUS_PACKET *) |
Allocate a new RADIUS_PACKET response. More... | |
RADIUS_PACKET * | fr_radius_copy (TALLOC_CTX *ctx, RADIUS_PACKET const *in) |
Duplicate a RADIUS_PACKET. More... | |
int | fr_radius_decode (RADIUS_PACKET *packet, RADIUS_PACKET *original, char const *secret) |
Calculate/check digest, and decode radius attributes. More... | |
ssize_t | fr_radius_decode_pair (TALLOC_CTX *ctx, vp_cursor_t *cursor, fr_dict_attr_t const *parent, uint8_t const *data, size_t data_len, void *decoder_ctx) |
Create a "normal" VALUE_PAIR from the given data. More... | |
ssize_t | fr_radius_decode_pair_value (TALLOC_CTX *ctx, vp_cursor_t *cursor, fr_dict_attr_t const *parent, uint8_t const *data, size_t const attr_len, size_t const packet_len, void *decoder_ctx) |
Create any kind of VP from the attribute contents. More... | |
ssize_t | fr_radius_decode_password (char *encpw, size_t len, char const *secret, uint8_t const *vector) |
Decode password. More... | |
ssize_t | fr_radius_decode_tlv (TALLOC_CTX *ctx, vp_cursor_t *cursor, fr_dict_attr_t const *parent, uint8_t const *data, size_t data_len, void *decoder_ctx) |
Convert TLVs to one or more VPs. More... | |
int | fr_radius_decode_tlv_ok (uint8_t const *data, size_t length, size_t dv_type, size_t dv_length) |
Check if a set of RADIUS formatted TLVs are OK. More... | |
ssize_t | fr_radius_decode_tunnel_password (uint8_t *encpw, size_t *len, char const *secret, uint8_t const *vector) |
Decode Tunnel-Password encrypted attributes. More... | |
int | fr_radius_digest_cmp (uint8_t const *a, uint8_t const *b, size_t length) |
Do a comparison of two authentication digests by comparing the FULL digest. More... | |
int | fr_radius_encode (RADIUS_PACKET *packet, RADIUS_PACKET const *original, char const *secret) |
Encode a packet. More... | |
int | fr_radius_encode_chap_password (uint8_t *output, RADIUS_PACKET *packet, int id, VALUE_PAIR *password) |
int | fr_radius_encode_pair (uint8_t *out, size_t outlen, vp_cursor_t *cursor, void *encoder_ctx) |
Encode a data structure into a RADIUS attribute. More... | |
int | fr_radius_encode_password (char *encpw, size_t *len, char const *secret, uint8_t const *vector) |
Encode password. More... | |
int | fr_radius_encode_tunnel_password (char *encpw, size_t *len, char const *secret, uint8_t const *vector) |
Encode Tunnel-Password attributes when sending them out on the wire. More... | |
ssize_t | fr_radius_encode_value_hton (uint8_t const **out, VALUE_PAIR const *vp) |
Converts vp_data to network byte order. More... | |
void | fr_radius_free (RADIUS_PACKET **) |
Free a RADIUS_PACKET. More... | |
ssize_t | fr_radius_len (uint8_t const *data, size_t data_len) |
See how big of a packet is in the buffer. More... | |
void | fr_radius_make_secret (uint8_t *digest, uint8_t const *vector, char const *secret, uint8_t const *value) |
Build an encrypted secret value to return in a reply packet. More... | |
bool | fr_radius_ok (RADIUS_PACKET *packet, int flags, decode_fail_t *reason) |
See if the data pointed to by PTR is a valid RADIUS packet. More... | |
void | fr_radius_print_hex (RADIUS_PACKET *packet) |
RADIUS_PACKET * | fr_radius_recv (TALLOC_CTX *ctx, int fd, int flags) |
Receive UDP client requests, and fill in the basics of a RADIUS_PACKET structure. More... | |
void | fr_radius_recv_discard (int sockfd) |
ssize_t | fr_radius_recv_header (int sockfd, fr_ipaddr_t *src_ipaddr, uint16_t *src_port, unsigned int *code) |
Basic validation of RADIUS packet header. More... | |
int | fr_radius_send (RADIUS_PACKET *, RADIUS_PACKET const *, char const *secret) |
Reply to the request. More... | |
int | fr_radius_sign (RADIUS_PACKET *packet, RADIUS_PACKET const *original, char const *secret) |
Sign a previously encoded packet. More... | |
int | fr_radius_verify (RADIUS_PACKET *packet, RADIUS_PACKET *original, char const *secret) |
Verify the Request/Response Authenticator (and Message-Authenticator if present) of a packet. More... | |
uint32_t | fr_rand (void) |
Return a 32-bit random number. More... | |
void | fr_rand_seed (void const *, size_t) |
Seed the random number generator. More... | |
void | fr_randinit (fr_randctx *ctx, int flag) |
int | fr_reset_dumpable (void) |
Reset dumpable state to previously configured value. More... | |
int | fr_set_dumpable (bool allow_core_dumps) |
Enable or disable core dumps. More... | |
int | fr_set_dumpable_init (void) |
Get the current maximum for core files. More... | |
void int | fr_set_signal (int sig, sig_t func) |
Sets a signal handler using sigaction if available, else signal. More... | |
size_t | fr_snprint (char *out, size_t outlen, char const *in, ssize_t inlen, char quote) |
Escape any non printable or non-UTF8 characters in the input string. More... | |
size_t | fr_snprint_len (char const *in, ssize_t inlen, char quote) |
Find the length of the buffer required to fully escape a string with fr_prints. More... | |
size_t | fr_snprint_uint128 (char *out, size_t outlen, uint128_t const num) |
Write 128bit unsigned integer to buffer. More... | |
int | fr_socket_client_tcp (fr_ipaddr_t *src_ipaddr, fr_ipaddr_t *dst_ipaddr, uint16_t dst_port, bool async) |
Establish a connected TCP socket. More... | |
int | fr_socket_client_udp (fr_ipaddr_t *src_ipaddr, fr_ipaddr_t *dst_ipaddr, uint16_t dst_port, bool async) |
Establish a connected UDP socket. More... | |
int | fr_socket_client_unix (char const *path, bool async) |
int | fr_socket_server_base (int proto, fr_ipaddr_t *ipaddr, int *port, char const *port_name, bool async) |
Open an IPv4 / IPv6, and UDP / TCP socket, server side. More... | |
int | fr_socket_server_bind (int sockfd, fr_ipaddr_t *ipaddr, int *port, char const *interface) |
Bind to an IPv4 / IPv6, and UDP / TCP socket, server side. More... | |
int | fr_socket_wait_for_connect (int sockfd, struct timeval const *timeout) |
Wait for a socket to be connected, with an optional timeout. More... | |
void | fr_store_debug_state (void) |
Should be run before using setuid or setgid to get useful results. More... | |
char const * | fr_strerror (void) |
Get the last library error. More... | |
void | fr_strerror_printf (char const *,...) CC_HINT(format(printf |
uint32_t | fr_strtoul (char const *value, char **end) |
Consume the integer (or hex) portion of a value string. More... | |
char const * | fr_syserror (int num) |
Guaranteed to be thread-safe version of strerror. More... | |
void | fr_talloc_fault_setup (void) |
Register talloc fault handlers. More... | |
int | fr_talloc_link_ctx (TALLOC_CTX *parent, TALLOC_CTX *child) |
Link a parent and a child context, so the child is freed before the parent. More... | |
void | fr_timespec_subtract (struct timespec *out, struct timespec const *end, struct timespec const *start) |
Subtract one timespec from another. More... | |
int | fr_timeval_from_str (struct timeval *out, char const *in) |
Create timeval from a string. More... | |
void | fr_timeval_subtract (struct timeval *out, struct timeval const *end, struct timeval const *start) |
Subtract one timeval from another. More... | |
int | fr_utf8_char (uint8_t const *str, ssize_t inlen) |
Checks for utf-8, taken from http://www.w3.org/International/questions/qa-forms-utf-8. More... | |
char const * | fr_utf8_strchr (int *chr_len, char const *str, char const *chr) |
Return a pointer to the first UTF8 char in a string. More... | |
ssize_t | fr_utf8_to_ucs2 (uint8_t *out, size_t outlen, char const *in, size_t inlen) |
Convert UTF8 string to UCS2 encoding. More... | |
ssize_t | fr_writev (int fd, struct iovec[], int iovcnt, struct timeval *timeout) |
Write out a vector to a file descriptor. More... | |
bool | is_integer (char const *value) |
Check whether the string is all numbers. More... | |
bool | is_printable (void const *value, size_t len) |
Check whether the string is made up of printable UTF8 chars. More... | |
bool | is_whitespace (char const *value) |
Check whether the string is all whitespace. More... | |
bool | is_zero (char const *value) |
Check whether the string is all zeros. More... | |
int | rad_lockfd (int fd, int lock_len) |
int | rad_lockfd_nonblock (int fd, int lock_len) |
int | rad_unlockfd (int fd, int lock_len) |
rbtree_t * | rbtree_create (TALLOC_CTX *ctx, rb_comparator_t compare, rb_free_t node_free, int flags) |
Create a new RED-BLACK tree. More... | |
void | rbtree_delete (rbtree_t *tree, rbnode_t *z) |
bool | rbtree_deletebydata (rbtree_t *tree, void const *data) |
Delete a node from the tree, based on given data, which MUST have come from rbtree_finddata(). More... | |
rbnode_t * | rbtree_find (rbtree_t *tree, void const *data) |
Find an element in the tree, returning the data, not the node. More... | |
void * | rbtree_finddata (rbtree_t *tree, void const *data) |
Find the user data. More... | |
void | rbtree_free (rbtree_t *tree) |
bool | rbtree_insert (rbtree_t *tree, void *data) |
rbnode_t * | rbtree_insert_node (rbtree_t *tree, void *data) |
Insert an element into the tree. More... | |
void * | rbtree_node2data (rbtree_t *tree, rbnode_t *node) |
uint32_t | rbtree_num_elements (rbtree_t *tree) |
int | rbtree_walk (rbtree_t *tree, rb_order_t order, rb_walker_t compare, void *context) |
char * | value_data_asprint (TALLOC_CTX *ctx, PW_TYPE type, fr_dict_attr_t const *enumv, value_data_t const *data, char quote) |
Print one attribute value to a string. More... | |
int | value_data_cast (TALLOC_CTX *ctx, value_data_t *dst, PW_TYPE dst_type, fr_dict_attr_t const *dst_enumv, PW_TYPE src_type, fr_dict_attr_t const *src_enumv, value_data_t const *src) |
Convert one type of value_data_t to another. More... | |
int | value_data_cmp (PW_TYPE a_type, value_data_t const *a, PW_TYPE b_type, value_data_t const *b) |
Compare two values. More... | |
int | value_data_cmp_op (FR_TOKEN op, PW_TYPE a_type, value_data_t const *a, PW_TYPE b_type, value_data_t const *b) |
Compare two attributes using an operator. More... | |
int | value_data_copy (TALLOC_CTX *ctx, value_data_t *dst, PW_TYPE type, const value_data_t *src) |
Copy value data verbatim duplicating any buffers. More... | |
int | value_data_from_str (TALLOC_CTX *ctx, value_data_t *dst, PW_TYPE *src_type, fr_dict_attr_t const *src_enumv, char const *src, ssize_t src_len, char quote) |
Convert string value to a value_data_t type. More... | |
size_t | value_data_snprint (char *out, size_t outlen, PW_TYPE type, fr_dict_attr_t const *enumv, value_data_t const *data, char quote) |
Print the value of an attribute to a string. More... | |
int | value_data_steal (TALLOC_CTX *ctx, value_data_t *dst, PW_TYPE type, value_data_t const *src) |
Copy value data verbatim moving any buffers to the specified context. More... | |
Variables | |
int | fr_debug_lvl |
bool | fr_dns_lookups |
IP -> hostname lookups? More... | |
bool | fr_hostname_lookups |
hostname -> IP lookups? More... | |
FILE * | fr_log_fp |
uint32_t | fr_max_attributes |
char const * | fr_packet_codes [FR_MAX_PACKET_CODE] |
FR_NAME_NUMBER const | fr_request_types [] |
struct fr_radius_ctx |
Definition at line 266 of file libradius.h.
Data Fields | ||
---|---|---|
RADIUS_PACKET const * | original | |
RADIUS_PACKET const * | packet | |
char const * | secret |
struct fr_randctx |
Definition at line 427 of file libradius.h.
Data Fields | ||
---|---|---|
uint32_t | randa | |
uint32_t | randb | |
uint32_t | randc | |
uint32_t | randcnt | |
uint32_t | randmem[256] | |
uint32_t | randrsl[256] |
struct radius_packet |
Definition at line 146 of file libradius.h.
Data Fields | ||
---|---|---|
unsigned int | code | Packet code (type). |
uint8_t * | data | Packet data (body). |
size_t | data_len | Length of packet data. |
fr_ipaddr_t | dst_ipaddr | Dst IP address of packet. |
uint16_t | dst_port | DST Port of packet. |
int | id | Packet ID (used to link requests/responses). |
int | if_index | Index of receiving interface. |
ssize_t | offset | |
size_t | partial | |
int | proto | |
uint32_t | rounds | for State[0] |
int | sockfd | Socket this packet was read from. |
fr_ipaddr_t | src_ipaddr | Src IP address of packet. |
uint16_t | src_port | Src port of packet. |
struct timeval | timestamp | When we received the packet. |
uint8_t | vector[AUTH_VECTOR_LEN] | RADIUS authentication vector. |
VALUE_PAIR * | vps | Result of decoding the packet into VALUE_PAIRs. |
#define AUTH_PASS_LEN (AUTH_VECTOR_LEN) |
Definition at line 230 of file libradius.h.
#define AUTH_VECTOR_LEN 16 |
Definition at line 118 of file libradius.h.
#define BLANK_FORMAT " " /* GCC_LINT whines about empty formats */ |
Definition at line 135 of file libradius.h.
#define CHAP_VALUE_LENGTH 16 |
Definition at line 119 of file libradius.h.
#define fr_assert | ( | _x | ) | fr_assert_cond(__FILE__, __LINE__, #_x, (_x)) |
Definition at line 505 of file libradius.h.
#define fr_exit | ( | _x | ) | _fr_exit(__FILE__, __LINE__, (_x)) |
Definition at line 508 of file libradius.h.
#define fr_exit_now | ( | _x | ) | _fr_exit_now(__FILE__, __LINE__, (_x)) |
Definition at line 511 of file libradius.h.
#define FR_FAULT_LOG | ( | fmt, | |
... | |||
) | fr_fault_log(fmt "\n", ## __VA_ARGS__) |
Definition at line 462 of file libradius.h.
#define FR_MAX_PACKET_CODE (52) |
Definition at line 370 of file libradius.h.
#define FR_TUNNEL_PW_ENC_LENGTH | ( | _x | ) | (2 + 1 + _x + PAD(_x + 1, 16)) |
Definition at line 232 of file libradius.h.
#define FREE_MAGIC (0xF4EEF4EE) |
Definition at line 115 of file libradius.h.
#define is_radius_code | ( | _x | ) | ((_x > 0) && (_x < FR_MAX_PACKET_CODE)) |
Definition at line 372 of file libradius.h.
#define is_truncated | ( | _ret, | |
_max | |||
) | ((_ret) >= (size_t)(_max)) |
Definition at line 204 of file libradius.h.
#define MAGIC_COMMIT | ( | _x | ) | ((uint32_t) (_x & 0xffffffff)) |
Definition at line 55 of file libradius.h.
#define MAGIC_PREFIX | ( | _x | ) | ((uint8_t) (_x >> 56)) |
Definition at line 53 of file libradius.h.
#define MAGIC_VERSION | ( | _x | ) | ((uint32_t) ((_x >> 32) & 0x00ffffff)) |
Definition at line 54 of file libradius.h.
#define MAX_PASS_LEN (128) |
Definition at line 231 of file libradius.h.
#define MAX_STRING_LEN 254 /* RFC2138: string 0-253 octets */ |
Definition at line 120 of file libradius.h.
#define NEVER_RETURNS CC_HINT(noreturn) |
Definition at line 133 of file libradius.h.
#define PAD | ( | _x, | |
_y | |||
) | (_y - ((_x) % _y)) |
Definition at line 130 of file libradius.h.
#define PRINTF_LIKE | ( | n | ) | CC_HINT(format(printf, n, n+1)) |
Definition at line 132 of file libradius.h.
#define RADIUSD_MAGIC_NUMBER ((uint64_t) HEXIFY3(f4, RADIUSD_VERSION, 00000000)) |
Definition at line 51 of file libradius.h.
#define RBTREE_FLAG_LOCK (1 << 1) |
Definition at line 527 of file libradius.h.
#define RBTREE_FLAG_NONE (0) |
Definition at line 525 of file libradius.h.
#define RBTREE_FLAG_REPLACE (1 << 0) |
Definition at line 526 of file libradius.h.
#define RETURN_IF_TRUNCATED | ( | _p, | |
_ret, | |||
_max | |||
) |
Boilerplate for checking truncation.
If truncation has occurred, advance _p as far as possible without overrunning the output buffer, and \0 terminate. Then return the length of the buffer we would have needed to write the full value.
If truncation has not occurred, advance _p by whatever the copy or print function returned.
Definition at line 216 of file libradius.h.
#define truncate_len | ( | _ret, | |
_max | |||
) | (((_ret) >= (size_t)(_max)) ? (((size_t)(_max)) - 1) : _ret) |
Definition at line 205 of file libradius.h.
#define UNUSED CC_HINT(unused) |
Definition at line 134 of file libradius.h.
#define VERIFY_ALL_TALLOC |
Definition at line 416 of file libradius.h.
typedef struct fr_bt_marker fr_bt_marker_t |
Definition at line 478 of file libradius.h.
typedef struct fr_cbuff fr_cbuff_t |
Definition at line 447 of file libradius.h.
typedef void(*) fr_debug_state_ fr_debug_state) |
typedef int(* fr_fault_cb_t)(int signum) |
Optional callback passed to fr_fault_setup.
Allows optional logic to be run before calling the main fault handler.
If the callback returns < 0, the main fault handler will not be called.
signum | signal raised. |
Definition at line 477 of file libradius.h.
typedef void(* fr_fault_log_t)(char const *msg,...) CC_HINT(format(printf |
Definition at line 463 of file libradius.h.
typedef void(* fr_fifo_free_t)(void *) |
Definition at line 566 of file libradius.h.
Definition at line 565 of file libradius.h.
typedef struct fr_radius_ctx fr_radius_ctx_t |
typedef struct fr_randctx fr_randctx |
typedef struct radius_packet RADIUS_PACKET |
typedef int(* rb_comparator_t)(void const *ctx, void const *data) |
Definition at line 529 of file libradius.h.
typedef void(* rb_free_t)(void *data) |
Definition at line 531 of file libradius.h.
typedef int(* rb_walker_t)(void *ctx, void *data) |
Definition at line 530 of file libradius.h.
Definition at line 515 of file libradius.h.
Definition at line 514 of file libradius.h.
typedef void(* sig_t)(int) |
Definition at line 111 of file libradius.h.
enum decode_fail_t |
Definition at line 173 of file libradius.h.
enum fr_debug_state_t |
Enumerator | |
---|---|
DEBUG_STATE_UNKNOWN_NO_PTRACE |
We don't have ptrace so can't check. |
DEBUG_STATE_UNKNOWN_NO_PTRACE_CAP |
CAP_SYS_PTRACE not set for the process. |
DEBUG_STATE_UNKNOWN |
Unknown, likely fr_get_debug_state() not called yet. |
DEBUG_STATE_NOT_ATTACHED |
We can attach, so a debugger must not be. |
DEBUG_STATE_ATTACHED |
We can't attach, it's likely a debugger is already tracing. |
Definition at line 454 of file libradius.h.
enum rb_order_t |
Enumerator | |
---|---|
RBTREE_PRE_ORDER | |
RBTREE_IN_ORDER | |
RBTREE_POST_ORDER | |
RBTREE_DELETE_ORDER |
Definition at line 518 of file libradius.h.
void NEVER_RETURNS _fr_exit | ( | char const * | file, |
int | line, | ||
int | status | ||
) |
Exit possibly printing a message about why we're exiting.
file | where fr_exit() was called. |
line | where fr_exit() was called. |
status | we're exiting with. |
Definition at line 1106 of file debug.c.
void NEVER_RETURNS _fr_exit_now | ( | char const * | file, |
int | line, | ||
int | status | ||
) |
Exit possibly printing a message about why we're exiting.
file | where fr_exit_now() was called. |
line | where fr_exit_now() was called. |
status | we're exiting with. |
Definition at line 1130 of file debug.c.
void backtrace_print | ( | fr_cbuff_t * | cbuff, |
void * | obj | ||
) |
char* fr_abin2hex | ( | TALLOC_CTX * | ctx, |
uint8_t const * | bin, | ||
size_t | inlen | ||
) |
Convert binary data to a hex string.
Ascii encoded hex string will not be prefixed with '0x'
[in] | ctx | to alloc buffer in. |
[in] | bin | input. |
[in] | inlen | of bin input. |
Definition at line 278 of file misc.c.
char* fr_asprint | ( | TALLOC_CTX * | ctx, |
char const * | in, | ||
ssize_t | inlen, | ||
char | quote | ||
) |
Escape string that may contain binary data, and write it to a new buffer.
This is useful in situations where we expect printable strings as input, but under some conditions may get binary data. A good example is libldap and the arrays of struct berval ldap_get_values_len returns.
[in] | ctx | To allocate new buffer in. |
[in] | in | String to escape. |
[in] | inlen | Length of string. Should be >= 0 if the data may contain embedded \0s. Must be >= 0 if data may not be \0 terminated. If < 0 inlen will be calculated using strlen. |
[in] | quote | the quotation character. |
Definition at line 390 of file print.c.
void bool fr_assert_cond | ( | char const * | file, |
int | line, | ||
char const * | expr, | ||
bool | cond | ||
) |
A soft assertion which triggers the fault handler in debug builds.
file | the assertion failed in. |
line | of the assertion in the file. |
expr | that was evaluated. |
cond | Result of evaluating the expression. |
Definition at line 1085 of file debug.c.
fr_bt_marker_t* fr_backtrace_attach | ( | fr_cbuff_t ** | cbuff, |
TALLOC_CTX * | obj | ||
) |
int fr_backtrace_do | ( | fr_bt_marker_t * | marker | ) |
size_t fr_bin2hex | ( | char * | hex, |
uint8_t const * | bin, | ||
size_t | inlen | ||
) |
Convert binary data to a hex string.
Ascii encoded hex string will not be prefixed with '0x'
[out] | hex | Buffer to write hex output. |
[in] | bin | input. |
[in] | inlen | of bin input. |
Definition at line 254 of file misc.c.
int fr_blocking | ( | int | fd | ) |
void void void fr_canonicalize_error | ( | TALLOC_CTX * | ctx, |
char ** | sp, | ||
char ** | text, | ||
ssize_t | slen, | ||
char const * | msg | ||
) |
Canonicalize error strings, removing tabs, and generate spaces for error marker.
Used to produce error messages such as this:
I'm a string with a parser # error ^ Unexpected character in string
With code resembling this:
sp | Where to write a dynamically allocated buffer of spaces used to indent the error text. |
text | Where to write the canonicalized version of msg (the error text). |
ctx | to allocate the spaces and text buffers in. |
slen | of error marker. Expects negative integer value, as returned by parse functions. |
msg | to canonicalize. |
Definition at line 359 of file log.c.
fr_cbuff_t* fr_cbuff_alloc | ( | TALLOC_CTX * | ctx, |
uint32_t | size, | ||
bool | lock | ||
) |
void fr_cbuff_rp_insert | ( | fr_cbuff_t * | cbuff, |
void * | obj | ||
) |
void* fr_cbuff_rp_next | ( | fr_cbuff_t * | cbuff, |
TALLOC_CTX * | ctx | ||
) |
int fr_check_lib_magic | ( | uint64_t | magic | ) |
Check if the application linking to the library has the correct magic number.
magic | number as defined by RADIUSD_MAGIC_NUMBER |
Definition at line 38 of file version.c.
int fr_crypt_check | ( | char const * | key, |
char const * | salt | ||
) |
void fr_cursor_copy | ( | vp_cursor_t * | out, |
vp_cursor_t * | in | ||
) |
VALUE_PAIR* fr_cursor_current | ( | vp_cursor_t * | cursor | ) |
Return the VALUE_PAIR the cursor current points to.
cursor | to operate on. |
Definition at line 304 of file cursor.c.
void fr_cursor_end | ( | vp_cursor_t * | cursor | ) |
Moves cursor past the last attribute to the end.
Primarily useful for setting up the cursor for freeing attributes added during the execution of a function, which later errors out, requiring only the attribute(s) that it added to be freed, and the attributes already present in the list to remain untouched.
cursor | to operate on. |
Definition at line 164 of file cursor.c.
VALUE_PAIR* fr_cursor_first | ( | vp_cursor_t * | cursor | ) |
Rewind cursor to the start of the list.
cursor | to operate on. |
Definition at line 105 of file cursor.c.
void fr_cursor_free | ( | vp_cursor_t * | cursor | ) |
Free the current pair and all pairs after it.
Will move the cursor back one, then free the current pair and all VALUE_PAIRs after it.
Usually used in conjunction with fr_cursor_end and fr_cursor_insert.
cursor | to free pairs in. |
Definition at line 528 of file cursor.c.
VALUE_PAIR* fr_cursor_init | ( | vp_cursor_t * | cursor, |
VALUE_PAIR *const * | const_vp | ||
) |
void fr_cursor_insert | ( | vp_cursor_t * | cursor, |
VALUE_PAIR * | vp | ||
) |
Insert a single VALUE_PAIR at the end of the list.
Insert a VALUE_PAIR at the end of the list.
cursor | to operate on. |
vp | to insert. |
Definition at line 321 of file cursor.c.
VALUE_PAIR* fr_cursor_last | ( | vp_cursor_t * | cursor | ) |
Wind cursor to the last pair in the list.
cursor | to operate on. |
Definition at line 126 of file cursor.c.
void fr_cursor_merge | ( | vp_cursor_t * | cursor, |
VALUE_PAIR * | add | ||
) |
Merges multiple VALUE_PAIR into the cursor.
Add multiple VALUE_PAIR from add to cursor.
cursor | to insert VALUE_PAIRs with |
add | one or more VALUE_PAIRs (may be NULL, which results in noop). |
Definition at line 394 of file cursor.c.
VALUE_PAIR* fr_cursor_next | ( | vp_cursor_t * | cursor | ) |
Advanced the cursor to the next VALUE_PAIR.
cursor | to operate on. |
Definition at line 263 of file cursor.c.
VALUE_PAIR* fr_cursor_next_by_da | ( | vp_cursor_t * | cursor, |
fr_dict_attr_t const * | da, | ||
int8_t | tag | ||
) |
Iterate over attributes of a given DA in the pairlist.
Find the next attribute of a given type. If no fr_cursor_next_by_* function has been called on a cursor before, or the previous call returned NULL, the search will start with the current attribute. Subsequent calls to fr_cursor_next_by_* functions will start the search from the previously matched attribute.
cursor | to operate on. |
da | to match. |
tag | to match. Either a tag number or TAG_ANY to match any tagged or untagged attribute, TAG_NONE to match attributes without tags. |
Definition at line 237 of file cursor.c.
VALUE_PAIR* fr_cursor_next_by_num | ( | vp_cursor_t * | cursor, |
unsigned int | vendor, | ||
unsigned int | attr, | ||
int8_t | tag | ||
) |
Iterate over a collection of VALUE_PAIRs of a given type in the pairlist.
Find the next attribute of a given type. If no fr_cursor_next_by_* function has been called on a cursor before, or the previous call returned NULL, the search will start with the current attribute. Subsequent calls to fr_cursor_next_by_* functions will start the search from the previously matched attribute.
cursor | to operate on. |
attr | number to match. |
vendor | number to match (0 for none vendor attribute). |
tag | to match. Either a tag number or TAG_ANY to match any tagged or untagged attribute, TAG_NONE to match attributes without tags. |
Definition at line 200 of file cursor.c.
VALUE_PAIR* fr_cursor_next_peek | ( | vp_cursor_t * | cursor | ) |
Return the next VALUE_PAIR without advancing the cursor.
cursor | to operate on. |
Definition at line 294 of file cursor.c.
VALUE_PAIR* fr_cursor_remove | ( | vp_cursor_t * | cursor | ) |
Remove the current pair.
The current VP will be set to the one before the VP being removed, this is so the commonly used check and remove loop (below) works as expected.
cursor | to remove the current pair from. |
Definition at line 433 of file cursor.c.
VALUE_PAIR* fr_cursor_replace | ( | vp_cursor_t * | cursor, |
VALUE_PAIR * | new | ||
) |
Replace the current pair.
cursor | to replace the current pair in. |
new | VALUE_PAIR to insert. |
Definition at line 491 of file cursor.c.
void fr_debug_break | ( | bool | always | ) |
Break in debugger (if were running under a debugger)
If the server is running under a debugger this will raise a SIGTRAP which will pause the running process.
If the server is not running under debugger then this will do nothing.
Definition at line 307 of file debug.c.
char const* fr_debug_state_to_msg | ( | fr_debug_state_t | state | ) |
void fr_fault | ( | int | sig | ) |
void fr_fault_log | ( | char const * | msg, |
... | |||
) |
void fr_fault_set_cb | ( | fr_fault_cb_t | func | ) |
Set a callback to be called before fr_fault()
func | to execute. If callback returns < 0 fr_fault will exit before running panic_action code. |
Definition at line 1043 of file debug.c.
void fr_fault_set_log_fd | ( | int | fd | ) |
int fr_fault_setup | ( | char const * | cmd, |
char const * | program | ||
) |
Registers signal handlers to execute panic_action on fatal signal.
May be called multiple time to change the panic_action/program.
cmd | to execute on fault. If present p will be substituted for the parent PID before the command is executed, and e will be substituted for the currently running program. |
program | Name of program currently executing (argv[0]). |
Definition at line 890 of file debug.c.
fr_fifo_t* fr_fifo_create | ( | TALLOC_CTX * | ctx, |
int | max_entries, | ||
fr_fifo_free_t | freeNode | ||
) |
unsigned int fr_fifo_num_elements | ( | fr_fifo_t * | fi | ) |
void* fr_fifo_peek | ( | fr_fifo_t * | fi | ) |
void* fr_fifo_pop | ( | fr_fifo_t * | fi | ) |
int fr_fifo_push | ( | fr_fifo_t * | fi, |
void * | data | ||
) |
int fr_get_time | ( | char const * | date_str, |
time_t * | date | ||
) |
size_t fr_hex2bin | ( | uint8_t * | bin, |
size_t | outlen, | ||
char const * | hex, | ||
size_t | inlen | ||
) |
Convert hex strings to binary data.
bin | Buffer to write output to. |
outlen | length of output buffer (or length of input string / 2). |
hex | input string. |
inlen | length of the input string |
Definition at line 220 of file misc.c.
void fr_isaac | ( | fr_randctx * | ctx | ) |
int fr_log_talloc_report | ( | TALLOC_CTX * | ctx | ) |
int fr_nonblock | ( | int | fd | ) |
void fr_panic_on_free | ( | TALLOC_CTX * | ctx | ) |
void void fr_perror | ( | char const * | , |
... | |||
) |
int8_t fr_pointer_cmp | ( | void const * | a, |
void const * | b | ||
) |
void fr_printf_log | ( | char const * | , |
... | |||
) |
void fr_quick_sort | ( | void const * | to_sort[], |
int | min_idx, | ||
int | max_idx, | ||
fr_cmp_t | cmp | ||
) |
Quick sort an array of pointers using a comparator.
to_sort | array of pointers to sort. |
min_idx | the lowest index (usually 0). |
max_idx | the highest index (usually length of array - 1). |
cmp | the comparison function to use to sort the array elements. |
Definition at line 997 of file misc.c.
RADIUS_PACKET* fr_radius_alloc | ( | TALLOC_CTX * | ctx, |
bool | new_vector | ||
) |
Allocate a new RADIUS_PACKET.
ctx | the context in which the packet is allocated. May be NULL if the packet is not associated with a REQUEST. |
new_vector | if true a new request authenticator will be generated. |
Definition at line 1651 of file radius.c.
RADIUS_PACKET* fr_radius_alloc_reply | ( | TALLOC_CTX * | ctx, |
RADIUS_PACKET * | packet | ||
) |
Allocate a new RADIUS_PACKET response.
ctx | the context in which the packet is allocated. May be NULL if the packet is not associated with a REQUEST. |
packet | The request packet. |
Definition at line 1691 of file radius.c.
RADIUS_PACKET* fr_radius_copy | ( | TALLOC_CTX * | ctx, |
RADIUS_PACKET const * | in | ||
) |
Duplicate a RADIUS_PACKET.
ctx | the context in which the packet is allocated. May be NULL if the packet is not associated with a REQUEST. |
in | The packet to copy |
Definition at line 1751 of file radius.c.
int fr_radius_decode | ( | RADIUS_PACKET * | packet, |
RADIUS_PACKET * | original, | ||
char const * | secret | ||
) |
ssize_t fr_radius_decode_pair | ( | TALLOC_CTX * | ctx, |
vp_cursor_t * | cursor, | ||
fr_dict_attr_t const * | parent, | ||
uint8_t const * | data, | ||
size_t | data_len, | ||
void * | decoder_ctx | ||
) |
Create a "normal" VALUE_PAIR from the given data.
Definition at line 1337 of file radius_decode.c.
ssize_t fr_radius_decode_pair_value | ( | TALLOC_CTX * | ctx, |
vp_cursor_t * | cursor, | ||
fr_dict_attr_t const * | parent, | ||
uint8_t const * | data, | ||
size_t const | attr_len, | ||
size_t const | packet_len, | ||
void * | decoder_ctx | ||
) |
Create any kind of VP from the attribute contents.
"length" is AT LEAST the length of this attribute, as we expect the caller to have verified the data with fr_radius_ok(). "length" may be up to the length of the packet.
Definition at line 809 of file radius_decode.c.
ssize_t fr_radius_decode_password | ( | char * | passwd, |
size_t | pwlen, | ||
char const * | secret, | ||
uint8_t const * | vector | ||
) |
Decode password.
Definition at line 142 of file radius_decode.c.
ssize_t fr_radius_decode_tlv | ( | TALLOC_CTX * | ctx, |
vp_cursor_t * | cursor, | ||
fr_dict_attr_t const * | parent, | ||
uint8_t const * | data, | ||
size_t | data_len, | ||
void * | decoder_ctx | ||
) |
Convert TLVs to one or more VPs.
Definition at line 349 of file radius_decode.c.
int fr_radius_decode_tlv_ok | ( | uint8_t const * | data, |
size_t | length, | ||
size_t | dv_type, | ||
size_t | dv_length | ||
) |
Check if a set of RADIUS formatted TLVs are OK.
Definition at line 202 of file radius_decode.c.
ssize_t fr_radius_decode_tunnel_password | ( | uint8_t * | passwd, |
size_t * | pwlen, | ||
char const * | secret, | ||
uint8_t const * | vector | ||
) |
Decode Tunnel-Password encrypted attributes.
Defined in RFC-2868, this uses a two char SALT along with the initial intermediate value, to differentiate it from the above.
Definition at line 36 of file radius_decode.c.
int fr_radius_digest_cmp | ( | uint8_t const * | a, |
uint8_t const * | b, | ||
size_t | length | ||
) |
Do a comparison of two authentication digests by comparing the FULL digest.
Otherwise, the server can be subject to timing attacks that allow attackers find a valid message authenticator.
http://www.cs.rice.edu/~dwallach/pub/crosby-timing2009.pdf
Definition at line 578 of file radius.c.
int fr_radius_encode | ( | RADIUS_PACKET * | packet, |
RADIUS_PACKET const * | original, | ||
char const * | secret | ||
) |
int fr_radius_encode_chap_password | ( | uint8_t * | output, |
RADIUS_PACKET * | packet, | ||
int | id, | ||
VALUE_PAIR * | password | ||
) |
int fr_radius_encode_pair | ( | uint8_t * | out, |
size_t | outlen, | ||
vp_cursor_t * | cursor, | ||
void * | encoder_ctx | ||
) |
Encode a data structure into a RADIUS attribute.
This is the main entry point into the encoder. It sets up the encoder array we use for tracking our TLV/VSA/EVS nesting and then calls the appropriate dispatch function.
Definition at line 1488 of file radius_encode.c.
int fr_radius_encode_password | ( | char * | passwd, |
size_t * | pwlen, | ||
char const * | secret, | ||
uint8_t const * | vector | ||
) |
Encode password.
We assume that the passwd buffer passed is big enough. RFC2138 says the password is max 128 chars, so the size of the passwd buffer must be at least 129 characters. Preferably it's just MAX_STRING_LEN.
int *pwlen is updated to the new length of the encrypted password - a multiple of 16 bytes.
Definition at line 187 of file radius_encode.c.
int fr_radius_encode_tunnel_password | ( | char * | passwd, |
size_t * | pwlen, | ||
char const * | secret, | ||
uint8_t const * | vector | ||
) |
Encode Tunnel-Password attributes when sending them out on the wire.
int *pwlen is updated to the new length of the encrypted password - a multiple of 16 bytes.
This is per RFC-2868 which adds a two char SALT to the initial intermediate value MD5 hash.
Definition at line 106 of file radius_encode.c.
ssize_t fr_radius_encode_value_hton | ( | uint8_t const ** | out, |
VALUE_PAIR const * | vp | ||
) |
Converts vp_data to network byte order.
Provide a pointer to a buffer which contains the value of the VALUE_PAIR in an architecture independent format.
The pointer is only guaranteed to be valid between calls to fr_radius_encode_value_hton, and so long as the source VALUE_PAIR is not freed.
out | where to write the pointer to the value. |
vp | to get the value from. |
Definition at line 396 of file radius_encode.c.
void fr_radius_free | ( | RADIUS_PACKET ** | radius_packet_ptr | ) |
ssize_t fr_radius_len | ( | uint8_t const * | data, |
size_t | data_len | ||
) |
See how big of a packet is in the buffer.
Packet is not 'const * const' because we may update data_len, if there's more data in the UDP packet than in the RADIUS packet.
data | pointer to the packet buffer |
data_len | length of the packet buffer |
void fr_radius_make_secret | ( | uint8_t * | digest, |
uint8_t const * | vector, | ||
char const * | secret, | ||
uint8_t const * | value | ||
) |
Build an encrypted secret value to return in a reply packet.
The secret is hidden by xoring with a MD5 digest created from the shared secret and the authentication vector. We put them into MD5 in the reverse order from that used when encrypting passwords to RADIUS.
Definition at line 272 of file radius.c.
bool fr_radius_ok | ( | RADIUS_PACKET * | packet, |
int | flags, | ||
decode_fail_t * | reason | ||
) |
See if the data pointed to by PTR is a valid RADIUS packet.
Packet is not 'const * const' because we may update data_len, if there's more data in the UDP packet than in the RADIUS packet.
packet | to check |
flags | to control decoding |
reason | if not NULL, will have the failure reason written to where it points. |
Definition at line 731 of file radius.c.
void fr_radius_print_hex | ( | RADIUS_PACKET * | packet | ) |
RADIUS_PACKET* fr_radius_recv | ( | TALLOC_CTX * | ctx, |
int | fd, | ||
int | flags | ||
) |
void fr_radius_recv_discard | ( | int | sockfd | ) |
ssize_t fr_radius_recv_header | ( | int | sockfd, |
fr_ipaddr_t * | src_ipaddr, | ||
uint16_t * | src_port, | ||
unsigned int * | code | ||
) |
Basic validation of RADIUS packet header.
[in] | sockfd | we're reading from. |
[out] | src_ipaddr | of the packet. |
[out] | src_port | of the packet. |
[out] | code | Pointer to where to write the packet code. |
Definition at line 299 of file radius.c.
int fr_radius_send | ( | RADIUS_PACKET * | packet, |
RADIUS_PACKET const * | original, | ||
char const * | secret | ||
) |
int fr_radius_sign | ( | RADIUS_PACKET * | packet, |
RADIUS_PACKET const * | original, | ||
char const * | secret | ||
) |
int fr_radius_verify | ( | RADIUS_PACKET * | packet, |
RADIUS_PACKET * | original, | ||
char const * | secret | ||
) |
uint32_t fr_rand | ( | void | ) |
void fr_rand_seed | ( | void const * | data, |
size_t | size | ||
) |
void fr_randinit | ( | fr_randctx * | ctx, |
int | flag | ||
) |
int fr_reset_dumpable | ( | void | ) |
int fr_set_dumpable | ( | bool | allow_core_dumps | ) |
int fr_set_dumpable_init | ( | void | ) |
void int fr_set_signal | ( | int | sig, |
sig_t | func | ||
) |
size_t fr_snprint | ( | char * | out, |
size_t | outlen, | ||
char const * | in, | ||
ssize_t | inlen, | ||
char | quote | ||
) |
Escape any non printable or non-UTF8 characters in the input string.
[in] | in | string to escape. |
[in] | inlen | length of string to escape (lets us deal with embedded NULs) |
[out] | out | where to write the escaped string. |
[out] | outlen | the length of the buffer pointed to by out. |
[in] | quote | the quotation character |
Definition at line 179 of file print.c.
size_t fr_snprint_len | ( | char const * | in, |
ssize_t | inlen, | ||
char | quote | ||
) |
Find the length of the buffer required to fully escape a string with fr_prints.
Were assuming here that's it's cheaper to figure out the length and do one alloc than repeatedly expand the buffer when we find extra chars which need to be added.
in | string to calculate the escaped length for. | |
inlen | length of the input string, if < 0 strlen will be used to check the length. | |
[in] | quote | the quotation character. |
Definition at line 371 of file print.c.
size_t fr_snprint_uint128 | ( | char * | out, |
size_t | outlen, | ||
uint128_t const | num | ||
) |
int fr_socket_client_tcp | ( | fr_ipaddr_t * | src_ipaddr, |
fr_ipaddr_t * | dst_ipaddr, | ||
uint16_t | dst_port, | ||
bool | async | ||
) |
Establish a connected TCP socket.
The following code demonstrates using this function with a connection timeout:
src_ipaddr | to bind socket to, may be NULL if socket is not bound to any specific address. |
dst_ipaddr | Where to connect to. |
dst_port | Where to connect to. |
async | Whether to set the socket to nonblocking, allowing use of fr_socket_wait_for_connect. |
Definition at line 167 of file socket.c.
int fr_socket_client_udp | ( | fr_ipaddr_t * | src_ipaddr, |
fr_ipaddr_t * | dst_ipaddr, | ||
uint16_t | dst_port, | ||
bool | async | ||
) |
Establish a connected UDP socket.
Connected UDP sockets can be used with write(), unlike unconnected sockets which must be used with sendto and recvfrom.
The following code demonstrates using this function with a connection timeout:
src_ipaddr | to bind socket to, may be NULL if socket is not bound to any specific address. |
dst_ipaddr | Where to send datagrams. |
dst_port | Where to send datagrams. |
async | Whether to set the socket to nonblocking, allowing use of fr_socket_wait_for_connect. |
Definition at line 273 of file socket.c.
int fr_socket_client_unix | ( | char const * | path, |
bool | async | ||
) |
int fr_socket_server_base | ( | int | proto, |
fr_ipaddr_t * | ipaddr, | ||
int * | port, | ||
char const * | port_name, | ||
bool | async | ||
) |
Open an IPv4 / IPv6, and UDP / TCP socket, server side.
[in] | proto | IPPROTO_UDP or IPPROTO_TCP |
[in] | ipaddr | The IP address to listen on |
[in,out] | port | the port to listen on |
[in] | port_name | if port==0, the name of the port |
[in] | async | whether we block or not on reads and writes |
Definition at line 422 of file socket.c.
int fr_socket_server_bind | ( | int | sockfd, |
fr_ipaddr_t * | ipaddr, | ||
int * | port, | ||
char const * | interface | ||
) |
Bind to an IPv4 / IPv6, and UDP / TCP socket, server side.
[in] | sockfd | the socket which was opened via fr_socket_server_base() |
[in,out] | ipaddr | The IP address to bind to |
[in] | port | the port to bind to |
[in] | interface | the interface name to bind to |
Definition at line 615 of file socket.c.
int fr_socket_wait_for_connect | ( | int | sockfd, |
struct timeval const * | timeout | ||
) |
Wait for a socket to be connected, with an optional timeout.
close(sockfd)
.sockfd | the socket to wait on. |
timeout | How long to wait for socket to open. |
Definition at line 359 of file socket.c.
void fr_store_debug_state | ( | void | ) |
char const* fr_strerror | ( | void | ) |
void fr_strerror_printf | ( | char const * | , |
... | |||
) |
uint32_t fr_strtoul | ( | char const * | value, |
char ** | end | ||
) |
char const* fr_syserror | ( | int | num | ) |
void fr_talloc_fault_setup | ( | void | ) |
int fr_talloc_link_ctx | ( | TALLOC_CTX * | parent, |
TALLOC_CTX * | child | ||
) |
Link a parent and a child context, so the child is freed before the parent.
parent | who's fate the child should share. |
child | bound to parent's lifecycle. |
Definition at line 105 of file misc.c.
void fr_timespec_subtract | ( | struct timespec * | out, |
struct timespec const * | end, | ||
struct timespec const * | start | ||
) |
int fr_timeval_from_str | ( | struct timeval * | out, |
char const * | in | ||
) |
void fr_timeval_subtract | ( | struct timeval * | out, |
struct timeval const * | end, | ||
struct timeval const * | start | ||
) |
int fr_utf8_char | ( | uint8_t const * | str, |
ssize_t | inlen | ||
) |
Checks for utf-8, taken from http://www.w3.org/International/questions/qa-forms-utf-8.
str | input string. |
inlen | length of input string. May be -1 if str is \0 terminated. |
Definition at line 34 of file print.c.
char const* fr_utf8_strchr | ( | int * | chr_len, |
char const * | str, | ||
char const * | chr | ||
) |
Return a pointer to the first UTF8 char in a string.
[out] | chr_len | Where to write the length of the multibyte char passed in chr (may be NULL). |
[in] | str | Haystack. |
[in] | chr | Multibyte needle. |
Definition at line 140 of file print.c.
ssize_t fr_utf8_to_ucs2 | ( | uint8_t * | out, |
size_t | outlen, | ||
char const * | in, | ||
size_t | inlen | ||
) |
Convert UTF8 string to UCS2 encoding.
[out] | out | Where to write the ucs2 string. |
[in] | outlen | Size of output buffer. |
[in] | in | UTF8 string to convert. |
[in] | inlen | length of UTF8 string. |
Definition at line 580 of file misc.c.
ssize_t fr_writev | ( | int | fd, |
struct iovec | vector[], | ||
int | iovcnt, | ||
struct timeval * | timeout | ||
) |
Write out a vector to a file descriptor.
Wraps writev, calling it as necessary. If timeout is not NULL, timeout is applied to each call that returns EAGAIN or EWOULDBLOCK
fd | to write to. |
vector | to write. |
iovcnt | number of elements in iovec. |
timeout | how long to wait for fd to become writeable before timing out. |
Definition at line 492 of file misc.c.
bool is_integer | ( | char const * | value | ) |
bool is_printable | ( | void const * | value, |
size_t | len | ||
) |
Check whether the string is made up of printable UTF8 chars.
value | to check. |
len | of value. |
Definition at line 329 of file misc.c.
bool is_whitespace | ( | char const * | value | ) |
bool is_zero | ( | char const * | value | ) |
int rad_lockfd | ( | int | fd, |
int | lock_len | ||
) |
int rad_lockfd_nonblock | ( | int | fd, |
int | lock_len | ||
) |
int rad_unlockfd | ( | int | fd, |
int | lock_len | ||
) |
rbtree_t* rbtree_create | ( | TALLOC_CTX * | ctx, |
rb_comparator_t | compare, | ||
rb_free_t | node_free, | ||
int | flags | ||
) |
bool rbtree_deletebydata | ( | rbtree_t * | tree, |
void const * | data | ||
) |
Delete a node from the tree, based on given data, which MUST have come from rbtree_finddata().
Definition at line 496 of file rbtree.c.
void* rbtree_finddata | ( | rbtree_t * | tree, |
void const * | data | ||
) |
void rbtree_free | ( | rbtree_t * | tree | ) |
bool rbtree_insert | ( | rbtree_t * | tree, |
void * | data | ||
) |
uint32_t rbtree_num_elements | ( | rbtree_t * | tree | ) |
int rbtree_walk | ( | rbtree_t * | tree, |
rb_order_t | order, | ||
rb_walker_t | compare, | ||
void * | context | ||
) |
char* value_data_asprint | ( | TALLOC_CTX * | ctx, |
PW_TYPE | type, | ||
fr_dict_attr_t const * | enumv, | ||
value_data_t const * | data, | ||
char | quote | ||
) |
int value_data_cast | ( | TALLOC_CTX * | ctx, |
value_data_t * | dst, | ||
PW_TYPE | dst_type, | ||
fr_dict_attr_t const * | dst_enumv, | ||
PW_TYPE | src_type, | ||
fr_dict_attr_t const * | src_enumv, | ||
value_data_t const * | src | ||
) |
Convert one type of value_data_t to another.
ctx | to allocate buffers in (usually the same as dst) |
dst | Where to write result of casting. |
dst_type | to cast to. |
dst_enumv | Enumerated values used to converts strings to integers. |
src_type | to cast from. |
src_enumv | Enumerated values used to convert integers to strings. |
src | Input data. |
Definition at line 1073 of file value.c.
int value_data_cmp | ( | PW_TYPE | a_type, |
value_data_t const * | a, | ||
PW_TYPE | b_type, | ||
value_data_t const * | b | ||
) |
Compare two values.
[in] | a_type | of data to compare. |
[in] | a | Value to compare. |
[in] | b_type | of data to compare. |
[in] | b | Value to compare. |
Definition at line 40 of file value.c.
int value_data_cmp_op | ( | FR_TOKEN | op, |
PW_TYPE | a_type, | ||
value_data_t const * | a, | ||
PW_TYPE | b_type, | ||
value_data_t const * | b | ||
) |
Compare two attributes using an operator.
[in] | op | to use in comparison. |
[in] | a_type | of data to compare. |
[in] | a | Value to compare. |
[in] | b_type | of data to compare. |
[in] | b | Value to compare. |
Definition at line 299 of file value.c.
int value_data_copy | ( | TALLOC_CTX * | ctx, |
value_data_t * | dst, | ||
PW_TYPE | src_type, | ||
const value_data_t * | src | ||
) |
Copy value data verbatim duplicating any buffers.
ctx | To allocate buffers in. |
dst | Where to copy value_data to. |
src_type | Type of src. |
src | Where to copy value_data from. |
Definition at line 1479 of file value.c.
int value_data_from_str | ( | TALLOC_CTX * | ctx, |
value_data_t * | dst, | ||
PW_TYPE * | src_type, | ||
fr_dict_attr_t const * | src_enumv, | ||
char const * | src, | ||
ssize_t | src_len, | ||
char | quote | ||
) |
Convert string value to a value_data_t type.
[in] | ctx | to alloc strings in. |
[out] | dst | where to write parsed value. |
[in,out] | src_type | of value data to create/type of value created. |
[in] | src_enumv | fr_dict_attr_t with string aliases for integer values. |
[in] | src | String to convert. Binary safe for variable length values if len is provided. |
[in] | src_len | may be < 0 in which case strlen(len) is used to determine length, else src_len should be the length of the string or sub string to parse. |
[in] | quote | quotation character used to drive de-escaping |
Definition at line 455 of file value.c.
size_t value_data_snprint | ( | char * | out, |
size_t | outlen, | ||
PW_TYPE | type, | ||
fr_dict_attr_t const * | enumv, | ||
value_data_t const * | data, | ||
char | quote | ||
) |
Print the value of an attribute to a string.
out | Where to write the printed version of the attribute value. |
outlen | Length of the output buffer. |
type | of data being printed. |
enumv | Enumerated string values for integer types. |
data | to print. |
quote | char to escape in string output. |
Definition at line 1727 of file value.c.
int value_data_steal | ( | TALLOC_CTX * | ctx, |
value_data_t * | dst, | ||
PW_TYPE | src_type, | ||
const value_data_t * | src | ||
) |
Copy value data verbatim moving any buffers to the specified context.
ctx | To allocate buffers in. |
dst | Where to copy value_data to. |
src_type | Type of src. |
src | Where to copy value_data from. |
Definition at line 1512 of file value.c.
char const* fr_packet_codes[FR_MAX_PACKET_CODE] |
FR_NAME_NUMBER const fr_request_types[] |