Base DHCPV6 processing. More...

#include <freeradius-devel/io/application.h>
#include <freeradius-devel/server/protocol.h>
#include <freeradius-devel/server/pair.h>
#include <freeradius-devel/unlang/interpret.h>
#include <freeradius-devel/util/dict.h>
#include <freeradius-devel/util/debug.h>
#include <freeradius-devel/dhcpv6/dhcpv6.h>
#include <freeradius-devel/protocol/dhcpv6/freeradius.internal.h>
#include <freeradius-devel/server/process.h>

Include dependency graph for base.c:

Go to the source code of this file.

Data Structures
struct	process_dhcpv6_client_fields_t
	Records fields from the original request so we have a known good copy. More...

struct	process_dhcpv6_relay_fields_t
	Records fields from the original relay-request so we have a known good copy. More...

struct	process_dhcpv6_sections_t

struct	process_dhcpv6_t

Macros
#define	FR_DHCPV6_PROCESS_CODE_VALID(_x) (FR_DHCPV6_PACKET_CODE_VALID(_x) \|\| (_x == FR_DHCPV6_DO_NOT_RESPOND))

#define	LOG_PREFIX "process_dhcpv6 - "

#define	PROCESS_CODE_DO_NOT_RESPOND FR_DHCPV6_DO_NOT_RESPOND

#define	PROCESS_CODE_DYNAMIC_CLIENT FR_DHCPV6_REPLY

#define	PROCESS_CODE_MAX FR_DHCPV6_CODE_MAX

#define	PROCESS_INST process_dhcpv6_t

#define	PROCESS_PACKET_CODE_VALID FR_DHCPV6_PROCESS_CODE_VALID

#define	PROCESS_PACKET_TYPE fr_dhcpv6_packet_code_t

#define	PROCESS_STATE_EXTRA_FIELDS fr_value_box_t const **status_codes[RLM_MODULE_NUMCODES];

Functions
static process_dhcpv6_client_fields_t *	dhcpv6_client_fields_store (request_t *request, bool expect_server_id)
	Keep a copy of header fields to prevent them being tampered with. More...

static void	dhcpv6_packet_debug (request_t request, fr_packet_t const packet, fr_pair_list_t const *list, bool received)

static process_dhcpv6_relay_fields_t *	dhcpv6_relay_fields_store (request_t *request)
	Record the original hop-count, link-address, peer-address etc... More...

static int	mod_bootstrap (module_inst_ctx_t const *mctx)

static unlang_action_t	mod_process (rlm_rcode_t p_result, module_ctx_t const mctx, request_t *request)
	Main dispatch function. More...

	RECV (for_any_server)
	Validate a solicit/rebind/confirm message. More...

	RECV (for_this_server)
	Validate a request/renew/decline/release. More...

	RECV (from_relay)
	Ensure we have the necessary pairs from the relay. More...

static int	restore_field (request_t request, fr_pair_t *to_restore)
	Copy a reply pair back into the response. More...

static int	restore_field_list (request_t request, fr_pair_list_t to_restore)

	RESUME (send_to_client)
	Restore our copy of the header fields into the reply list. More...

	RESUME (send_to_relay)
	Restore our copy of the header fields into the reply list. More...

static void	status_code_add (process_dhcpv6_t const inst, request_t request, fr_value_box_t const **code)
	Add a status code if one doesn't already exist. More...

Variables
static fr_dict_attr_t const *	attr_client_id

static fr_dict_attr_t const *	attr_hop_count

static fr_dict_attr_t const *	attr_interface_id

static fr_dict_attr_t const *	attr_module_failure_message

static fr_dict_attr_t const *	attr_packet_type

static fr_dict_attr_t const *	attr_relay_link_address

static fr_dict_attr_t const *	attr_relay_peer_address

static fr_dict_attr_t const *	attr_server_id

static fr_dict_attr_t const *	attr_status_code_message

static fr_dict_attr_t const *	attr_status_code_value

static fr_dict_attr_t const *	attr_transaction_id

static const virtual_server_compile_t	compile_list []

static conf_parser_t	dhcpv6_process_config []

static fr_dict_t const *	dict_dhcpv6

static fr_dict_t const *	dict_freeradius

static fr_value_box_t const *	enum_status_code_no_binding

static fr_value_box_t const *	enum_status_code_not_on_link

static fr_value_box_t const *	enum_status_code_success

static fr_value_box_t const *	enum_status_code_unspec_fail

fr_process_module_t	process_dhcpv6

fr_dict_autoload_t	process_dhcpv6_dict []

fr_dict_attr_autoload_t	process_dhcpv6_dict_attr []

fr_dict_enum_autoload_t	process_dhcpv6_dict_enum []

static fr_process_state_t const	process_state []

Detailed Description

Base DHCPV6 processing.

Id: 1a8ea82268b28ea89f76085c75859994f7ff3af5

This code was originally written under contract for Network RADIUS but has been substantially modified from its original form outside of the project that required its creation.

Copyright: 2021 Arran Cudbard-Bell a.cud.nosp@m.bard.nosp@m.b@fre.nosp@m.erad.nosp@m.ius.o.nosp@m.rg; 2020 Network RADIUS SAS (legal.nosp@m.@net.nosp@m.workr.nosp@m.adiu.nosp@m.s.com)

Definition in file base.c.

Data Structure Documentation

◆ process_dhcpv6_client_fields_t

struct process_dhcpv6_client_fields_t

Records fields from the original request so we have a known good copy.

Definition at line 102 of file base.c.

Collaboration diagram for process_dhcpv6_client_fields_t:

Data Fields
fr_pair_list_t	client_id
fr_pair_list_t	server_id
fr_pair_t *	transaction_id

◆ process_dhcpv6_relay_fields_t

struct process_dhcpv6_relay_fields_t

Records fields from the original relay-request so we have a known good copy.

Definition at line 110 of file base.c.

Collaboration diagram for process_dhcpv6_relay_fields_t:

Data Fields
fr_pair_t *	hop_count
fr_pair_t *	interface_id
fr_pair_t *	link_address
fr_pair_t *	peer_address

◆ process_dhcpv6_sections_t

struct process_dhcpv6_sections_t

Definition at line 43 of file base.c.

Collaboration diagram for process_dhcpv6_sections_t:

Data Fields
CONF_SECTION *	add_client
CONF_SECTION *	deny_client
CONF_SECTION *	do_not_respond
CONF_SECTION *	new_client
uint64_t	nothing
CONF_SECTION *	recv_confirm
CONF_SECTION *	recv_decline
CONF_SECTION *	recv_information_request
CONF_SECTION *	recv_rebind
CONF_SECTION *	recv_reconfigure
CONF_SECTION *	recv_relay_forward
CONF_SECTION *	recv_release
CONF_SECTION *	recv_renew
CONF_SECTION *	recv_request
CONF_SECTION *	recv_solicit
CONF_SECTION *	send_advertise
CONF_SECTION *	send_relay_reply
CONF_SECTION *	send_reply

◆ process_dhcpv6_t

struct process_dhcpv6_t

Definition at line 69 of file base.c.

Collaboration diagram for process_dhcpv6_t:

Data Fields
bool	move_failure_message_to_parent	If true, and a parent exists, and the parent is a DHCPv6 request, all module failure messages will get copied to the parent and then freed. When combined with send_failure_message this ensures only the outer relay message contains failure data. The outer relay typically being controlled by the admin and not the end user.
process_dhcpv6_sections_t	sections	Pointers to various config sections we need to execute.
bool	send_failure_message	If true, all instances of Module-Failure-Message in the request are concatenated and returned in the status-message field of the status-code option if the status-code is anything other than success. This may leak information about the internal state of the server, so is disabled by default.
CONF_SECTION *	server_cs	Our virtual server.
bool	status_code_on_success	Controls whether we add a status-code option to outbound packets if the status code would be 0. This is allowed by RFC 3315, but seems to cause issues with some clients.

Macro Definition Documentation

◆ FR_DHCPV6_PROCESS_CODE_VALID

#define FR_DHCPV6_PROCESS_CODE_VALID ( _x ) (FR_DHCPV6_PACKET_CODE_VALID(_x) || (_x == FR_DHCPV6_DO_NOT_RESPOND))

Definition at line 171 of file base.c.

◆ LOG_PREFIX

#define LOG_PREFIX "process_dhcpv6 - "

Definition at line 29 of file base.c.

◆ PROCESS_CODE_DO_NOT_RESPOND

#define PROCESS_CODE_DO_NOT_RESPOND FR_DHCPV6_DO_NOT_RESPOND

Definition at line 175 of file base.c.

◆ PROCESS_CODE_DYNAMIC_CLIENT

#define PROCESS_CODE_DYNAMIC_CLIENT FR_DHCPV6_REPLY

Definition at line 178 of file base.c.

◆ PROCESS_CODE_MAX

#define PROCESS_CODE_MAX FR_DHCPV6_CODE_MAX

Definition at line 174 of file base.c.

◆ PROCESS_INST

#define PROCESS_INST process_dhcpv6_t

Definition at line 177 of file base.c.

◆ PROCESS_PACKET_CODE_VALID

#define PROCESS_PACKET_CODE_VALID FR_DHCPV6_PROCESS_CODE_VALID

Definition at line 176 of file base.c.

◆ PROCESS_PACKET_TYPE

#define PROCESS_PACKET_TYPE fr_dhcpv6_packet_code_t

Definition at line 173 of file base.c.

◆ PROCESS_STATE_EXTRA_FIELDS

#define PROCESS_STATE_EXTRA_FIELDS fr_value_box_t const **status_codes[RLM_MODULE_NUMCODES];

Definition at line 185 of file base.c.

Function Documentation

◆ dhcpv6_client_fields_store()

static process_dhcpv6_client_fields_t* dhcpv6_client_fields_store	(	request_t *	request,
		bool	expect_server_id
	)

inlinestatic

Keep a copy of header fields to prevent them being tampered with.

Definition at line 342 of file base.c.

Here is the call graph for this function:

Here is the caller graph for this function:

◆ dhcpv6_packet_debug()

static void dhcpv6_packet_debug	(	request_t *	request,
		fr_packet_t const *	packet,
		fr_pair_list_t const *	list,
		bool	received
	)

static

Definition at line 290 of file base.c.

Here is the call graph for this function:

Here is the caller graph for this function:

◆ dhcpv6_relay_fields_store()

static process_dhcpv6_relay_fields_t* dhcpv6_relay_fields_store ( request_t * request )

inlinestatic

Record the original hop-count, link-address, peer-address etc...

Definition at line 637 of file base.c.

Here is the call graph for this function:

Here is the caller graph for this function:

◆ mod_bootstrap()

static int mod_bootstrap ( module_inst_ctx_t const * mctx )

static

Definition at line 759 of file base.c.

Here is the call graph for this function:

◆ mod_process()

static unlang_action_t mod_process	(	rlm_rcode_t *	p_result,
		module_ctx_t const *	mctx,
		request_t *	request
	)

static

Main dispatch function.

Definition at line 730 of file base.c.

Here is the call graph for this function:

◆ RECV() [1/3]

RECV ( for_any_server )

Validate a solicit/rebind/confirm message.

Servers MUST discard any solicit/rebind/confirm messages that do not include a Client Identifier option or that do include a Server Identifier option.

Definition at line 415 of file base.c.

Here is the call graph for this function:

◆ RECV() [2/3]

RECV ( for_this_server )

Validate a request/renew/decline/release.

Servers MUST discard any received Request message that meet any of the following conditions:

the message does not include a Server Identifier option.
the contents of the Server Identifier option do not match the server's DUID.
the message does not include a Client Identifier option.

Servers MUST discard any received Confirm messages that do not include a Client Identifier option or that do include a Server Identifier option.

Definition at line 450 of file base.c.

Here is the call graph for this function:

◆ RECV() [3/3]

RECV ( from_relay )

Ensure we have the necessary pairs from the relay.

Definition at line 677 of file base.c.

Here is the call graph for this function:

◆ restore_field()

static int restore_field	(	request_t *	request,
		fr_pair_t **	to_restore
	)

inlinestatic

Copy a reply pair back into the response.

Definition at line 473 of file base.c.

Here is the call graph for this function:

Here is the caller graph for this function:

◆ restore_field_list()

static int restore_field_list	(	request_t *	request,
		fr_pair_list_t *	to_restore
	)

inlinestatic

Definition at line 500 of file base.c.

Here is the call graph for this function:

Here is the caller graph for this function:

◆ RESUME() [1/2]

RESUME ( send_to_client )

Restore our copy of the header fields into the reply list.

Definition at line 595 of file base.c.

Here is the call graph for this function:

◆ RESUME() [2/2]

RESUME ( send_to_relay )

Restore our copy of the header fields into the reply list.

Definition at line 697 of file base.c.

Here is the call graph for this function:

◆ status_code_add()

static void status_code_add	(	process_dhcpv6_t const *	inst,
		request_t *	request,
		fr_value_box_t const **	code
	)

inlinestatic

Add a status code if one doesn't already exist.

Definition at line 516 of file base.c.

Here is the call graph for this function:

Here is the caller graph for this function:

Variable Documentation

◆ attr_client_id

fr_dict_attr_t const* attr_client_id

static

Definition at line 127 of file base.c.

◆ attr_hop_count

fr_dict_attr_t const* attr_hop_count

static

Definition at line 129 of file base.c.

◆ attr_interface_id

fr_dict_attr_t const* attr_interface_id

static

Definition at line 130 of file base.c.

◆ attr_module_failure_message

fr_dict_attr_t const* attr_module_failure_message

static

Definition at line 138 of file base.c.

◆ attr_packet_type

fr_dict_attr_t const* attr_packet_type

static

Definition at line 131 of file base.c.

◆ attr_relay_link_address

fr_dict_attr_t const* attr_relay_link_address

static

Definition at line 132 of file base.c.

◆ attr_relay_peer_address

fr_dict_attr_t const* attr_relay_peer_address

static

Definition at line 133 of file base.c.

◆ attr_server_id

fr_dict_attr_t const* attr_server_id

static

Definition at line 128 of file base.c.

◆ attr_status_code_message

fr_dict_attr_t const* attr_status_code_message

static

Definition at line 136 of file base.c.

◆ attr_status_code_value

fr_dict_attr_t const* attr_status_code_value

static

Definition at line 135 of file base.c.

◆ attr_transaction_id

fr_dict_attr_t const* attr_transaction_id

static

Definition at line 134 of file base.c.

◆ compile_list

const virtual_server_compile_t compile_list[]

static

Definition at line 195 of file base.c.

◆ dhcpv6_process_config

conf_parser_t dhcpv6_process_config[]

static

Initial value:

= {
        { FR_CONF_OFFSET("status_code_on_success", process_dhcpv6_t, status_code_on_success), .dflt = "no" },
        { FR_CONF_OFFSET("send_failure_message", process_dhcpv6_t, send_failure_message), .dflt = "no" },
        { FR_CONF_OFFSET("move_failure_message_to_parent", process_dhcpv6_t, move_failure_message_to_parent), .dflt = "yes" },
        CONF_PARSER_TERMINATOR
}

Definition at line 188 of file base.c.

◆ dict_dhcpv6

fr_dict_t const* dict_dhcpv6

static

Definition at line 117 of file base.c.

◆ dict_freeradius

fr_dict_t const* dict_freeradius

static

Definition at line 118 of file base.c.

◆ enum_status_code_no_binding

fr_value_box_t const* enum_status_code_no_binding

static

Definition at line 160 of file base.c.

◆ enum_status_code_not_on_link

fr_value_box_t const* enum_status_code_not_on_link

static

Definition at line 159 of file base.c.

◆ enum_status_code_success

fr_value_box_t const* enum_status_code_success

static

Definition at line 157 of file base.c.

◆ enum_status_code_unspec_fail

fr_value_box_t const* enum_status_code_unspec_fail

static

Definition at line 158 of file base.c.

◆ process_dhcpv6

fr_process_module_t process_dhcpv6

Initial value:

= {
        .common = {
                .magic          = MODULE_MAGIC_INIT,
                .name           = "dhcpv6",
                .config         = dhcpv6_process_config,
                .inst_size      = sizeof(process_dhcpv6_t),
 
                .bootstrap      = mod_bootstrap
        },
        .process        = mod_process,
        .compile_list   = compile_list,
        .dict           = &dict_dhcpv6
}

Definition at line 1252 of file base.c.

◆ process_dhcpv6_dict

fr_dict_autoload_t process_dhcpv6_dict

Initial value:

= {
        { .out = &dict_dhcpv6, .proto = "dhcpv6" },
        { .out = &dict_freeradius, .proto = "freeradius" },
        { NULL }
}

Definition at line 121 of file base.c.

◆ process_dhcpv6_dict_attr

fr_dict_attr_autoload_t process_dhcpv6_dict_attr

Initial value:

= {
        { .out = &attr_client_id, .name = "Client-ID", .type = FR_TYPE_STRUCT, .dict = &dict_dhcpv6 },
        { .out = &attr_hop_count, .name = "Hop-Count", .type = FR_TYPE_UINT8, .dict = &dict_dhcpv6 },
        { .out = &attr_interface_id, .name = "Interface-ID", .type = FR_TYPE_OCTETS, .dict = &dict_dhcpv6 },
        { .out = &attr_packet_type, .name = "Packet-Type", .type = FR_TYPE_UINT32, .dict = &dict_dhcpv6 },
        { .out = &attr_relay_link_address, .name = "Relay-Link-Address", .type = FR_TYPE_IPV6_ADDR, .dict = &dict_dhcpv6 },
        { .out = &attr_relay_peer_address, .name = "Relay-Peer-Address", .type = FR_TYPE_IPV6_ADDR, .dict = &dict_dhcpv6 },
        { .out = &attr_server_id, .name = "Server-ID", .type = FR_TYPE_STRUCT, .dict = &dict_dhcpv6 },
        { .out = &attr_status_code_value, .name = "Status-Code.Value", .type = FR_TYPE_UINT16, .dict = &dict_dhcpv6 },
        { .out = &attr_status_code_message, .name = "Status-Code.Message", .type = FR_TYPE_STRING, .dict = &dict_dhcpv6 },
        { .out = &attr_transaction_id, .name = "Transaction-Id", .type = FR_TYPE_OCTETS, .dict = &dict_dhcpv6 },
 
        { .out = &attr_module_failure_message, .name = "Module-Failure-Message", .type = FR_TYPE_STRING, .dict = &dict_freeradius },
        { NULL }
}

Definition at line 141 of file base.c.

◆ process_dhcpv6_dict_enum

fr_dict_enum_autoload_t process_dhcpv6_dict_enum

Initial value:

= {
        { .out = &enum_status_code_success, .name = "success", .attr = &attr_status_code_value },
        { .out = &enum_status_code_unspec_fail, .name = "UnspecFail", .attr = &attr_status_code_value },
        { .out = &enum_status_code_not_on_link, .name = "NotOnLink", .attr = &attr_status_code_value },
        { .out = &enum_status_code_no_binding, .name = "NoBinding", .attr = &attr_status_code_value },
        { NULL }
}

Definition at line 163 of file base.c.

◆ process_state

fr_process_state_t const process_state[]

static

Definition at line 768 of file base.c.

Data Structures

Macros

Functions

Variables

Detailed Description

Data Structure Documentation

◆ process_dhcpv6_client_fields_t

◆ process_dhcpv6_relay_fields_t

◆ process_dhcpv6_sections_t

◆ process_dhcpv6_t

Macro Definition Documentation

◆ FR_DHCPV6_PROCESS_CODE_VALID

◆ LOG_PREFIX

◆ PROCESS_CODE_DO_NOT_RESPOND

◆ PROCESS_CODE_DYNAMIC_CLIENT

◆ PROCESS_CODE_MAX

◆ PROCESS_INST

◆ PROCESS_PACKET_CODE_VALID

◆ PROCESS_PACKET_TYPE

◆ PROCESS_STATE_EXTRA_FIELDS

Function Documentation

◆ dhcpv6_client_fields_store()

◆ dhcpv6_packet_debug()

◆ dhcpv6_relay_fields_store()

◆ mod_bootstrap()

◆ mod_process()

◆ RECV() [1/3]

◆ RECV() [2/3]

◆ RECV() [3/3]

◆ restore_field()

◆ restore_field_list()

◆ RESUME() [1/2]

◆ RESUME() [2/2]

◆ status_code_add()

Variable Documentation

◆ attr_client_id

◆ attr_hop_count

◆ attr_interface_id

◆ attr_module_failure_message

◆ attr_packet_type

◆ attr_relay_link_address

◆ attr_relay_peer_address

◆ attr_server_id

◆ attr_status_code_message

◆ attr_status_code_value

◆ attr_transaction_id

◆ compile_list

◆ dhcpv6_process_config

◆ dict_dhcpv6

◆ dict_freeradius

◆ enum_status_code_no_binding

◆ enum_status_code_not_on_link

◆ enum_status_code_success

◆ enum_status_code_unspec_fail

◆ process_dhcpv6

◆ process_dhcpv6_dict

◆ process_dhcpv6_dict_attr

◆ process_dhcpv6_dict_enum

◆ process_state