The FreeRADIUS server $Id: 15bac2a4c627c01d1aa2047687b3418955ac7f00 $
Loading...
Searching...
No Matches
base.c
Go to the documentation of this file.
1/*
2 * This program is free software; you can redistribute it and/or modify
3 * it under the terms of the GNU General Public License as published by
4 * the Free Software Foundation; either version 2 of the License, or
5 * (at your option) any later version.
6 *
7 * This program is distributed in the hope that it will be useful,
8 * but WITHOUT ANY WARRANTY; without even the implied warranty of
9 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
10 * GNU General Public License for more details.
11 *
12 * You should have received a copy of the GNU General Public License
13 * along with this program; if not, write to the Free Software
14 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
15 */
16
17/**
18 * $Id: 6d025d186d076b1e67d35ec0190dfbc46f749f37 $
19 * @file src/process/dhcpv4/base.c
20 * @brief Base DORA, etc. DHCPV4 processing.
21 *
22 * @copyright 2018 The Freeradius server project.
23 * @copyright 2018 Alan DeKok (aland@deployingradius.com)
24 */
25#define LOG_PREFIX "process_dhcpv4"
26
27#include <freeradius-devel/io/application.h>
28#include <freeradius-devel/server/protocol.h>
29#include <freeradius-devel/server/module_method.h>
30#include <freeradius-devel/util/dict.h>
31#include <freeradius-devel/util/debug.h>
32#include <freeradius-devel/dhcpv4/dhcpv4.h>
33
34static fr_dict_t const *dict_dhcpv4;
35
38 { .out = &dict_dhcpv4, .proto = "dhcpv4" },
39 { NULL }
40};
41
46
49 { .out = &attr_message_type, .name = "Message-Type", .type = FR_TYPE_UINT8, .dict = &dict_dhcpv4},
50 { .out = &attr_yiaddr, .name = "Your-IP-Address", .type = FR_TYPE_IPV4_ADDR, .dict = &dict_dhcpv4},
51 { .out = &attr_packet_type, .name = "Packet-Type", .type = FR_TYPE_UINT32, .dict = &dict_dhcpv4},
52 { .out = &attr_dhcp_option_82, .name = "Relay-Agent-Information", .type = FR_TYPE_TLV, .dict = &dict_dhcpv4 },
53 { NULL }
54};
55
56/*
57 * Debug the packet if requested.
58 */
59static void dhcpv4_packet_debug(request_t *request, fr_packet_t *packet, fr_pair_list_t *list, bool received)
60{
61#ifdef WITH_IFINDEX_NAME_RESOLUTION
62 char if_name[IFNAMSIZ];
63#endif
64
65 if (!packet) return;
66 if (!RDEBUG_ENABLED) return;
67
68 log_request(L_DBG, L_DBG_LVL_1, request, __FILE__, __LINE__, "%s %s XID %08x from %s%pV%s:%i to %s%pV%s:%i "
69#ifdef WITH_IFINDEX_NAME_RESOLUTION
70 "%s%s%s"
71#endif
72 "",
73 received ? "Received" : "Sending",
74 dhcp_message_types[packet->code],
75 packet->id,
76 packet->socket.inet.src_ipaddr.af == AF_INET6 ? "[" : "",
77 fr_box_ipaddr(packet->socket.inet.src_ipaddr),
78 packet->socket.inet.src_ipaddr.af == AF_INET6 ? "]" : "",
79 packet->socket.inet.src_port,
80 packet->socket.inet.dst_ipaddr.af == AF_INET6 ? "[" : "",
81 fr_box_ipaddr(packet->socket.inet.dst_ipaddr),
82 packet->socket.inet.dst_ipaddr.af == AF_INET6 ? "]" : "",
83 packet->socket.inet.dst_port
84#ifdef WITH_IFINDEX_NAME_RESOLUTION
85 , packet->socket.inet.ifindex ? "via " : "",
86 packet->socket.inet.ifindex ? fr_ifname_from_ifindex(if_name, packet->socket.inet.ifindex) : "",
87 packet->socket.inet.ifindex ? " " : ""
88#endif
89 );
90
91 if (received || request->parent) {
92 log_request_pair_list(L_DBG_LVL_1, request, NULL, list, NULL);
93 } else {
94 log_request_proto_pair_list(L_DBG_LVL_1, request, NULL, list, NULL);
95 }
96}
97
120
124
125#define FR_DHCP_PROCESS_CODE_VALID(_x) (FR_DHCP_PACKET_CODE_VALID(_x) || (_x == FR_DHCP_DO_NOT_RESPOND))
126
127#define PROCESS_PACKET_TYPE fr_dhcpv4_packet_code_t
128#define PROCESS_CODE_MAX FR_DHCP_CODE_MAX
129#define PROCESS_CODE_DO_NOT_RESPOND FR_DHCP_DO_NOT_RESPOND
130#define PROCESS_PACKET_CODE_VALID FR_DHCP_PROCESS_CODE_VALID
131#define PROCESS_INST process_dhcpv4_t
132#define PROCESS_CODE_DYNAMIC_CLIENT FR_DHCP_ACK
133#include <freeradius-devel/server/process.h>
134
135RESUME(check_offer_ack_options)
136{
137 fr_pair_t *vp;
138
139 vp = fr_pair_find_by_da(&request->reply_pairs, NULL, attr_yiaddr);
140 if (!vp) {
141 REDEBUG("%s packet does not have YIADDR. The client will not receive an IP address.",
142 dhcp_message_types[request->reply->code]);
143 }
144
145 /*
146 * RFC3046 says:
147 * DHCP servers claiming to support the Relay Agent Information option
148 * SHALL echo the entire contents of the Relay Agent Information option
149 * in all replies.
150 */
151 vp = fr_pair_find_by_da(&request->request_pairs, NULL, attr_dhcp_option_82);
152 if (vp) {
153 fr_pair_t *reply_vp;
154 int ret;
155 MEM((ret = pair_update_reply(&reply_vp, attr_dhcp_option_82)) >= 0);
156 if (ret == 0) MEM(fr_pair_list_copy(reply_vp, &reply_vp->vp_group, &vp->vp_group));
157 }
158
159 return CALL_RESUME(send_generic);
160}
161
162static fr_process_state_t const process_state[] = {
163 [FR_DHCP_DISCOVER] = {
164 .packet_type = {
168
175 },
176 .rcode = RLM_MODULE_NOOP,
177 .default_reply = FR_DHCP_DO_NOT_RESPOND,
178 .recv = recv_generic,
179 .resume = resume_recv_generic,
180 .section_offset = PROCESS_CONF_OFFSET(discover),
181 },
182 [FR_DHCP_OFFER] = {
183 .packet_type = {
187
194 },
195 .rcode = RLM_MODULE_NOOP,
196 .default_reply = FR_DHCP_DO_NOT_RESPOND,
197 .send = send_generic,
198 .resume = resume_check_offer_ack_options,
199 .section_offset = PROCESS_CONF_OFFSET(offer),
200 },
201
202 [FR_DHCP_REQUEST] = {
203 .packet_type = {
207
214 },
215 .rcode = RLM_MODULE_NOOP,
216 .default_reply = FR_DHCP_DO_NOT_RESPOND,
217 .recv = recv_generic,
218 .resume = resume_recv_generic,
219 .section_offset = PROCESS_CONF_OFFSET(request),
220 },
221 [FR_DHCP_DECLINE] = {
222 .packet_type = {
226
233 },
234 .rcode = RLM_MODULE_NOOP,
235 .default_reply = FR_DHCP_DO_NOT_RESPOND,
236 .recv = recv_generic,
237 .resume = resume_recv_generic,
238 .section_offset = PROCESS_CONF_OFFSET(request),
239 },
240
241 [FR_DHCP_ACK] = {
242 .packet_type = {
246
253 },
254 .rcode = RLM_MODULE_NOOP,
255 .default_reply = FR_DHCP_DO_NOT_RESPOND,
256 .send = send_generic,
257 .resume = resume_check_offer_ack_options,
258 .section_offset = PROCESS_CONF_OFFSET(ack),
259 },
260 [FR_DHCP_NAK] = {
261 .packet_type = {
265
272 },
273 .rcode = RLM_MODULE_NOOP,
274 .default_reply = FR_DHCP_DO_NOT_RESPOND,
275 .send = send_generic,
276 .resume = resume_send_generic,
277 .section_offset = PROCESS_CONF_OFFSET(nak),
278 },
279
280 [FR_DHCP_INFORM] = {
281 .packet_type = {
285
292 },
293 .rcode = RLM_MODULE_NOOP,
294 .default_reply = FR_DHCP_DO_NOT_RESPOND,
295 .recv = recv_generic,
296 .resume = resume_recv_generic,
297 .section_offset = PROCESS_CONF_OFFSET(inform),
298 },
299
300 [FR_DHCP_RELEASE] = { /* releases are not responded to */
301 .packet_type = {
305
312 },
313 .rcode = RLM_MODULE_NOOP,
314 .default_reply = FR_DHCP_DO_NOT_RESPOND,
315 .recv = recv_generic,
316 .resume = resume_recv_generic,
317 .section_offset = PROCESS_CONF_OFFSET(release),
318 },
319
321 .packet_type = {
325
332 },
333 .rcode = RLM_MODULE_NOOP,
334 .default_reply = FR_DHCP_DO_NOT_RESPOND,
335 .recv = recv_generic,
336 .resume = resume_recv_generic,
337 .section_offset = PROCESS_CONF_OFFSET(lease_query),
338 },
339
341 .packet_type = {
345
352 },
353 .rcode = RLM_MODULE_NOOP,
354 .default_reply = FR_DHCP_DO_NOT_RESPOND,
355 .send = send_generic,
356 .resume = resume_send_generic,
357 .section_offset = PROCESS_CONF_OFFSET(lease_unassigned),
358 },
359
361 .packet_type = {
365
372 },
373 .rcode = RLM_MODULE_NOOP,
374 .default_reply = FR_DHCP_DO_NOT_RESPOND,
375 .send = send_generic,
376 .resume = resume_send_generic,
377 .section_offset = PROCESS_CONF_OFFSET(lease_unknown),
378 },
379
381 .packet_type = {
385
392 },
393 .rcode = RLM_MODULE_NOOP,
394 .default_reply = FR_DHCP_DO_NOT_RESPOND,
395 .send = send_generic,
396 .resume = resume_send_generic,
397 .section_offset = PROCESS_CONF_OFFSET(lease_active),
398 },
399
401 .packet_type = {
405
412 },
413 .rcode = RLM_MODULE_NOOP,
414 .default_reply = FR_DHCP_DO_NOT_RESPOND,
415 .send = send_generic,
416 .resume = resume_send_generic,
417 .section_offset = PROCESS_CONF_OFFSET(do_not_respond),
418 },
419};
420
421static unlang_action_t mod_process(rlm_rcode_t *p_result, module_ctx_t const *mctx, request_t *request)
422{
423 fr_process_state_t const *state;
424
426
428 fr_assert(PROCESS_PACKET_CODE_VALID(request->packet->code));
429
430 request->component = "dhcpv4";
431 request->module = NULL;
432 fr_assert(request->proto_dict == dict_dhcpv4);
433
434 UPDATE_STATE(packet);
435
436 if (!state->recv) {
437 REDEBUG("Invalid packet type (%u)", request->packet->code);
439 }
440
441 dhcpv4_packet_debug(request, request->packet, &request->request_pairs, true);
442
443 if (unlikely(request_is_dynamic_client(request))) {
444 return new_client(p_result, mctx, request);
445 }
446
447 return state->recv(p_result, mctx, request);
448}
449
451 {
452 .section = SECTION_NAME("recv", "Discover"),
453 .actions = &mod_actions_postauth,
454
455 .methods = (const section_name_t *[]) {
457 NULL
458 },
459 .offset = PROCESS_CONF_OFFSET(discover),
460 },
461 {
462 .section = SECTION_NAME("send", "Offer"),
463 .actions = &mod_actions_postauth,
464 .offset = PROCESS_CONF_OFFSET(offer),
465 },
466 {
467 .section = SECTION_NAME("recv", "Request"),
469
470 .methods = (const section_name_t *[]) {
472 NULL
473 },
474 .offset = PROCESS_CONF_OFFSET(request),
475 },
476
477 {
478 .section = SECTION_NAME("send", "Ack"),
479 .actions = &mod_actions_postauth,
480 .offset = PROCESS_CONF_OFFSET(ack),
481 },
482 {
483 .section = SECTION_NAME("send", "NAK"),
485 .offset = PROCESS_CONF_OFFSET(nak),
486 },
487 {
488 .section = SECTION_NAME("recv", "Decline"),
490
491 .methods = (const section_name_t *[]) {
493 NULL
494 },
495 .offset = PROCESS_CONF_OFFSET(decline),
496 },
497
498 {
499 .section = SECTION_NAME("recv", "Release"),
500 .actions = &mod_actions_postauth,
501
502 .methods = (const section_name_t *[]) {
504 NULL
505 },
506 .offset = PROCESS_CONF_OFFSET(release),
507 },
508 {
509 .section = SECTION_NAME("recv", "Inform"),
510 .actions = &mod_actions_postauth,
511 .offset = PROCESS_CONF_OFFSET(inform),
512 },
513
514 {
515 .section = SECTION_NAME("recv", "Lease-Query"),
517 .offset = PROCESS_CONF_OFFSET(lease_query),
518 },
519 {
520 .section = SECTION_NAME("send", "Lease-Unassigned"),
522 .offset = PROCESS_CONF_OFFSET(lease_unassigned),
523 },
524 {
525 .section = SECTION_NAME("send", "Lease-Unknown"),
527 .offset = PROCESS_CONF_OFFSET(lease_unknown),
528 },
529 {
530 .section = SECTION_NAME("send", "Lease-Active"),
532 .offset = PROCESS_CONF_OFFSET(lease_active),
533 },
534
535 {
536 .section = SECTION_NAME("send", "Do-Not-Respond"),
538 .offset = PROCESS_CONF_OFFSET(do_not_respond),
539 },
540
541 DYNAMIC_CLIENT_SECTIONS,
542
544};
545
546
549 .common = {
550 .magic = MODULE_MAGIC_INIT,
551 .name = "dhcpv4",
552 .inst_size = sizeof(process_dhcpv4_t)
553 },
554 .process = mod_process,
555 .compile_list = compile_list,
556 .dict = &dict_dhcpv4,
557 .packet_type = &attr_packet_type
558};
unlang_action_t
Returned by unlang_op_t calls, determine the next action of the interpreter.
Definition action.h:35
#define unlikely(_x)
Definition build.h:383
A section grouping multiple CONF_PAIR.
Definition cf_priv.h:101
#define MEM(x)
Definition debug.h:36
@ FR_DHCP_REQUEST
Definition dhcpv4.h:47
@ FR_DHCP_LEASE_UNASSIGNED
Definition dhcpv4.h:55
@ FR_DHCP_DECLINE
Definition dhcpv4.h:48
@ FR_DHCP_OFFER
Definition dhcpv4.h:46
@ FR_DHCP_DISCOVER
Definition dhcpv4.h:45
@ FR_DHCP_LEASE_ACTIVE
Definition dhcpv4.h:57
@ FR_DHCP_LEASE_UNKNOWN
Definition dhcpv4.h:56
@ FR_DHCP_LEASE_QUERY
Definition dhcpv4.h:54
@ FR_DHCP_NAK
Definition dhcpv4.h:50
@ FR_DHCP_RELEASE
Definition dhcpv4.h:51
@ FR_DHCP_DO_NOT_RESPOND
Definition dhcpv4.h:61
@ FR_DHCP_INFORM
Definition dhcpv4.h:52
@ FR_DHCP_ACK
Definition dhcpv4.h:49
fr_dict_attr_t const ** out
Where to write a pointer to the resolved fr_dict_attr_t.
Definition dict.h:273
fr_dict_t const ** out
Where to write a pointer to the loaded/resolved fr_dict_t.
Definition dict.h:286
Specifies an attribute which must be present for the module to function.
Definition dict.h:272
Specifies a dictionary which must be loaded/loadable for the module to function.
Definition dict.h:285
#define MODULE_MAGIC_INIT
Stop people using different module/library/server versions together.
Definition dl_module.h:63
fr_dict_attr_t const * attr_packet_type
Definition base.c:93
void log_request_proto_pair_list(fr_log_lvl_t lvl, request_t *request, fr_pair_t const *parent, fr_pair_list_t const *vps, char const *prefix)
Print a list of protocol fr_pair_ts.
Definition log.c:852
void log_request(fr_log_type_t type, fr_log_lvl_t lvl, request_t *request, char const *file, int line, char const *fmt,...)
Marshal variadic log arguments into a va_list and pass to normal logging functions.
Definition log.c:610
void log_request_pair_list(fr_log_lvl_t lvl, request_t *request, fr_pair_t const *parent, fr_pair_list_t const *vps, char const *prefix)
Print a fr_pair_list_t.
Definition log.c:828
@ L_DBG_LVL_1
Highest priority debug messages (-x).
Definition log.h:70
@ L_DBG
Only displayed when debugging is enabled.
Definition log.h:59
@ FR_TYPE_IPV4_ADDR
32 Bit IPv4 Address.
@ FR_TYPE_TLV
Contains nested attributes.
@ FR_TYPE_UINT8
8 Bit unsigned integer.
@ FR_TYPE_UINT32
32 Bit unsigned integer.
unlang_mod_actions_t const mod_actions_postauth
Definition mod_action.c:92
unlang_mod_action_t actions[RLM_MODULE_NUMCODES]
Definition mod_action.h:62
module_instance_t const * mi
Instance of the module being instantiated.
Definition module_ctx.h:42
Temporary structure to hold arguments for module calls.
Definition module_ctx.h:41
section_name_t module_method_ippool_mark
section_name_t module_method_ippool_extend
section_name_t module_method_ippool_release
section_name_t module_method_ippool_allocate
int fr_pair_list_copy(TALLOC_CTX *ctx, fr_pair_list_t *to, fr_pair_list_t const *from)
Duplicate a list of pairs.
Definition pair.c:2320
fr_pair_t * fr_pair_find_by_da(fr_pair_list_t const *list, fr_pair_t const *prev, fr_dict_attr_t const *da)
Find the first pair with a matching da.
Definition pair.c:697
static unlang_action_t mod_process(rlm_rcode_t *p_result, module_ctx_t const *mctx, request_t *request)
Definition base.c:184
static const virtual_server_compile_t compile_list[]
Definition base.c:210
static fr_process_state_t const process_state[]
Definition base.c:68
#define PROCESS_PACKET_CODE_VALID
Definition base.c:64
CONF_SECTION * request
Definition base.c:103
CONF_SECTION * lease_query
Definition base.c:110
CONF_SECTION * ack
Definition base.c:105
CONF_SECTION * offer
Definition base.c:102
CONF_SECTION * lease_unassigned
Definition base.c:111
static void dhcpv4_packet_debug(request_t *request, fr_packet_t *packet, fr_pair_list_t *list, bool received)
Definition base.c:59
CONF_SECTION * do_not_respond
Definition base.c:114
CONF_SECTION * nak
Definition base.c:106
fr_process_module_t process_dhcpv4
Definition base.c:548
static fr_dict_attr_t const * attr_yiaddr
Definition base.c:43
CONF_SECTION * force_renew
Definition base.c:109
CONF_SECTION * decline
Definition base.c:104
CONF_SECTION * new_client
Definition base.c:116
fr_dict_attr_autoload_t process_dhcpv4_dict_attr[]
Definition base.c:48
static fr_dict_t const * dict_dhcpv4
Definition base.c:34
static fr_dict_attr_t const * attr_dhcp_option_82
Definition base.c:45
fr_dict_autoload_t process_dhcpv4_dict[]
Definition base.c:37
CONF_SECTION * add_client
Definition base.c:117
CONF_SECTION * inform
Definition base.c:108
CONF_SECTION * lease_active
Definition base.c:113
process_dhcpv4_sections_t sections
Definition base.c:122
CONF_SECTION * release
Definition base.c:107
CONF_SECTION * discover
Definition base.c:101
CONF_SECTION * deny_client
Definition base.c:118
CONF_SECTION * lease_unknown
Definition base.c:112
static fr_dict_attr_t const * attr_message_type
Definition base.c:42
#define PROCESS_TRACE
Trace each state function as it's entered.
Definition process.h:66
module_t common
Common fields for all loadable modules.
Definition process.h:55
Common public symbol definition for all process modules.
Definition process.h:54
char const * dhcp_message_types[]
Definition base.c:126
#define fr_assert(_expr)
Definition rad_assert.h:38
#define REDEBUG(fmt,...)
Definition radclient.h:52
#define RDEBUG_ENABLED()
Definition radclient.h:49
#define RETURN_MODULE_FAIL
Definition rcode.h:57
rlm_rcode_t
Return codes indicating the result of the module call.
Definition rcode.h:40
@ RLM_MODULE_INVALID
The module considers the request invalid.
Definition rcode.h:45
@ RLM_MODULE_OK
The module is OK, continue.
Definition rcode.h:43
@ RLM_MODULE_FAIL
Module failed, don't reply.
Definition rcode.h:42
@ RLM_MODULE_DISALLOW
Reject the request (user is locked out).
Definition rcode.h:46
@ RLM_MODULE_REJECT
Immediately reject the request.
Definition rcode.h:41
@ RLM_MODULE_TIMEOUT
Module (or section) timed out.
Definition rcode.h:50
@ RLM_MODULE_NOTFOUND
User not found.
Definition rcode.h:47
@ RLM_MODULE_UPDATED
OK (pairs modified).
Definition rcode.h:49
@ RLM_MODULE_NOOP
Module succeeded without doing anything.
Definition rcode.h:48
#define request_is_dynamic_client(_x)
Definition request.h:188
#define SECTION_NAME(_name1, _name2)
Define a section name consisting of a verb and a noun.
Definition section.h:40
Section name identifier.
Definition section.h:44
size_t inst_size
Size of the module's instance data.
Definition module.h:204
void * data
Module's instance data.
Definition module.h:272
#define pair_update_reply(_attr, _da)
Return or allocate a fr_pair_t in the reply list.
Definition pair.h:129
#define RESUME(_x)
fr_pair_t * vp
Stores an attribute, a value and various bits of other data.
Definition pair.h:68
#define talloc_get_type_abort_const
Definition talloc.h:287
unsigned int code
Packet code (type).
Definition packet.h:61
fr_socket_t socket
This packet was received on.
Definition packet.h:57
int id
Packet ID (used to link requests/responses).
Definition packet.h:60
int af
AF_INET, AF_INET6, or AF_UNIX.
Definition socket.h:78
#define fr_box_ipaddr(_val)
Definition value.h:313
section_name_t const * section
Identifier for the section.
#define COMPILE_TERMINATOR
Processing sections which are allowed in this virtual server.