The FreeRADIUS server $Id: 15bac2a4c627c01d1aa2047687b3418955ac7f00 $
Loading...
Searching...
No Matches
base.c
Go to the documentation of this file.
1/*
2 * This program is free software; you can redistribute it and/or modify
3 * it under the terms of the GNU General Public License as published by
4 * the Free Software Foundation; either version 2 of the License, or
5 * (at your option) any later version.
6 *
7 * This program is distributed in the hope that it will be useful,
8 * but WITHOUT ANY WARRANTY; without even the implied warranty of
9 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
10 * GNU General Public License for more details.
11 *
12 * You should have received a copy of the GNU General Public License
13 * along with this program; if not, write to the Free Software
14 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
15 */
16
17/**
18 * $Id: edf289c8244210454a99b655fe206554e24e3728 $
19 * @file src/process/ldap_sync/base.c
20 * @brief LDAP sync process module
21 *
22 * @copyright 2022 NetworkRADIUS SARL (legal@networkradius.com)
23 */
24#define LOG_PREFIX "process_ldap_sync"
25
26#include <freeradius-devel/unlang/interpret.h>
27#include <freeradius-devel/server/protocol.h>
28#include <freeradius-devel/util/debug.h>
29#include <freeradius-devel/ldap/sync.h>
30
31static fr_dict_t const *dict_ldap_sync;
32
33extern fr_dict_autoload_t process_ldap_sync_dict[];
34fr_dict_autoload_t process_ldap_sync_dict[] = {
35 { .out = &dict_ldap_sync, .proto = "ldap" },
36 { NULL }
37};
38
39static fr_dict_attr_t const *attr_packet_type;
40
41extern fr_dict_attr_autoload_t process_ldap_sync_dict_attr[];
42fr_dict_attr_autoload_t process_ldap_sync_dict_attr[] = {
43 { .out = &attr_packet_type, .name = "Packet-Type", .type= FR_TYPE_UINT32, .dict = &dict_ldap_sync },
44
45 { NULL }
46};
47
48static char const *ldap_sync_message_types[FR_LDAP_SYNC_CODE_MAX] = {
49 "", //!< 0
50 "Present",
51 "Add",
52 "Modify",
53 "Delete",
54 "Entry-Response",
55 "Cookie-Load",
56 "Cookie-Load-Response",
57 "Cookie-Store",
58 "Cookie-Store-Response",
59};
60
61static void ldap_sync_packet_debug(request_t *request, fr_packet_t *packet, fr_pair_list_t *list, bool received)
62{
63
64 if (!packet) return;
65 if (!RDEBUG_ENABLED) return;
66
67 log_request(L_DBG, L_DBG_LVL_1, request, __FILE__, __LINE__, "%s %s",
68 received ? "Received" : "Sending",
69 ldap_sync_message_types[packet->code]
70 );
71
72 if (received) {
73 log_request_pair_list(L_DBG_LVL_1, request, NULL, list, NULL);
74 } else {
75 /*
76 * At higher debug levels, log returned data as well.
77 */
78 log_request_pair_list(L_DBG_LVL_2, request, NULL, list, NULL);
79 }
80
81}
82
93
97
98#define PROCESS_PACKET_TYPE fr_ldap_sync_packet_code_t
99#define PROCESS_CODE_MAX FR_LDAP_SYNC_CODE_MAX
100#define PROCESS_PACKET_CODE_VALID FR_LDAP_SYNC_PACKET_CODE_VALID
101#define PROCESS_INST process_ldap_sync_t
102#include <freeradius-devel/server/process.h>
103
104
105static unlang_action_t mod_process(unlang_result_t *p_result, module_ctx_t const *mctx, request_t *request)
106{
107 fr_process_state_t const *state;
108
109 (void) talloc_get_type_abort_const(mctx->mi->data, process_ldap_sync_t);
110
111 PROCESS_TRACE;
112
113 fr_assert(FR_LDAP_SYNC_PACKET_CODE_VALID(request->packet->code));
114
115 request->component = "ldap_sync";
116 request->module = NULL;
117 fr_assert(request->proto_dict == dict_ldap_sync);
118
119 UPDATE_STATE(packet);
120
121 ldap_sync_packet_debug(request, request->packet, &request->request_pairs, true);
122
123 return state->recv(p_result, mctx, request);
124}
125
126static fr_process_state_t const process_state[] = {
127 [ FR_LDAP_SYNC_CODE_PRESENT ] = {
128 .default_reply = FR_LDAP_SYNC_CODE_ENTRY_RESPONSE,
129 .default_rcode = RLM_MODULE_NOOP,
130 .recv = recv_generic,
131 .resume = resume_recv_generic,
132 .section_offset = offsetof(process_ldap_sync_sections_t, recv_present),
133 },
134 [ FR_LDAP_SYNC_CODE_ADD ] = {
135 .default_reply = FR_LDAP_SYNC_CODE_ENTRY_RESPONSE,
136 .default_rcode = RLM_MODULE_NOOP,
137 .recv = recv_generic,
138 .resume = resume_recv_generic,
139 .section_offset = offsetof(process_ldap_sync_sections_t, recv_add)
140 },
141 [ FR_LDAP_SYNC_CODE_DELETE ] = {
142 .default_reply = FR_LDAP_SYNC_CODE_ENTRY_RESPONSE,
143 .default_rcode = RLM_MODULE_NOOP,
144 .recv = recv_generic,
145 .resume = resume_recv_generic,
146 .section_offset = offsetof(process_ldap_sync_sections_t, recv_delete),
147 },
148 [ FR_LDAP_SYNC_CODE_MODIFY ] = {
149 .default_reply = FR_LDAP_SYNC_CODE_ENTRY_RESPONSE,
150 .default_rcode = RLM_MODULE_NOOP,
151 .recv = recv_generic,
152 .resume = resume_recv_generic,
153 .section_offset = offsetof(process_ldap_sync_sections_t, recv_modify),
154 },
155 [ FR_LDAP_SYNC_CODE_ENTRY_RESPONSE ] = {
156 .default_rcode = RLM_MODULE_NOOP,
157 .send = send_generic,
158 .resume = resume_send_generic,
159 },
160 [ FR_LDAP_SYNC_CODE_COOKIE_LOAD ] = {
161 .packet_type = {
162 [RLM_MODULE_FAIL] = FR_LDAP_SYNC_CODE_COOKIE_LOAD_FAIL,
163 [RLM_MODULE_INVALID] = FR_LDAP_SYNC_CODE_COOKIE_LOAD_FAIL,
164 [RLM_MODULE_REJECT] = FR_LDAP_SYNC_CODE_COOKIE_LOAD_FAIL,
165 [RLM_MODULE_DISALLOW] = FR_LDAP_SYNC_CODE_COOKIE_LOAD_FAIL,
166 [RLM_MODULE_TIMEOUT] = FR_LDAP_SYNC_CODE_COOKIE_LOAD_FAIL
167 },
168 .default_reply = FR_LDAP_SYNC_CODE_COOKIE_LOAD_RESPONSE,
169 .default_rcode = RLM_MODULE_NOOP,
170 .recv = recv_generic,
171 .resume = resume_recv_generic,
172 .section_offset = offsetof(process_ldap_sync_sections_t, load_cookie),
173 },
174 [ FR_LDAP_SYNC_CODE_COOKIE_LOAD_RESPONSE ] = {
175 .default_rcode = RLM_MODULE_NOOP,
176 .send = send_generic,
177 .resume = resume_send_generic,
178 },
179 [ FR_LDAP_SYNC_CODE_COOKIE_LOAD_FAIL ] = {
180 .default_rcode = RLM_MODULE_NOOP,
181 .send = send_generic,
182 .resume = resume_send_generic
183 },
184 [ FR_LDAP_SYNC_CODE_COOKIE_STORE ] = {
185 .default_reply = FR_LDAP_SYNC_CODE_COOKIE_STORE_RESPONSE,
186 .default_rcode = RLM_MODULE_NOOP,
187 .recv = recv_generic,
188 .resume = resume_recv_generic,
189 .section_offset = offsetof(process_ldap_sync_sections_t, store_cookie),
190 },
191 [ FR_LDAP_SYNC_CODE_COOKIE_STORE_RESPONSE ] = {
192 .default_rcode = RLM_MODULE_NOOP,
193 .send = send_generic,
194 .resume = resume_send_generic,
195 }
196};
197
198static virtual_server_compile_t const compile_list[] = {
199 {
200 .section = SECTION_NAME("load", "Cookie"),
201 .actions = &mod_actions_authorize,
202 .offset = PROCESS_CONF_OFFSET(load_cookie)
203 },
204 {
205 .section = SECTION_NAME("store", "Cookie"),
206 .actions = &mod_actions_authorize,
207 .offset = PROCESS_CONF_OFFSET(store_cookie)
208 },
209 {
210 .section = SECTION_NAME("recv", "Add"),
211 .actions = &mod_actions_authorize,
212 .offset = PROCESS_CONF_OFFSET(recv_add)
213 },
214 {
215 .section = SECTION_NAME("recv", "Present"),
216 .actions = &mod_actions_authorize,
217 .offset = PROCESS_CONF_OFFSET(recv_present)
218 },
219 {
220 .section = SECTION_NAME("recv", "Delete"),
221 .actions = &mod_actions_authorize,
222 .offset = PROCESS_CONF_OFFSET(recv_delete)
223 },
224 {
225 .section = SECTION_NAME("recv", "Modify"),
226 .actions = &mod_actions_authorize,
227 .offset = PROCESS_CONF_OFFSET(recv_modify)
228 },
229
230 COMPILE_TERMINATOR
231};
232
233extern fr_process_module_t process_ldap_sync;
234fr_process_module_t process_ldap_sync = {
235 .common = {
236 .magic = MODULE_MAGIC_INIT,
237 .name = "process_ldap_sync",
238 MODULE_INST(process_ldap_sync_t),
239 MODULE_RCTX(process_rctx_t)
240 },
241
242 .process = mod_process,
243 .compile_list = compile_list,
244 .dict = &dict_ldap_sync,
245 .packet_type = &attr_packet_type
246};
unlang_action_t
unlang_action_t
Returned by unlang_op_t calls, determine the next action of the interpreter.
Definition action.h:35
cf_section
A section grouping multiple CONF_PAIR.
Definition cf_priv.h:101
fr_dict_attr_autoload_t::out
fr_dict_attr_t const ** out
Where to write a pointer to the resolved fr_dict_attr_t.
Definition dict.h:274
fr_dict_autoload_t::out
fr_dict_t const ** out
Where to write a pointer to the loaded/resolved fr_dict_t.
Definition dict.h:287
fr_dict_attr_autoload_t
Specifies an attribute which must be present for the module to function.
Definition dict.h:273
fr_dict_autoload_t
Specifies a dictionary which must be loaded/loadable for the module to function.
Definition dict.h:286
MODULE_MAGIC_INIT
#define MODULE_MAGIC_INIT
Stop people using different module/library/server versions together.
Definition dl_module.h:63
unlang_result_t
Definition interpret.h:133
attr_packet_type
fr_dict_attr_t const * attr_packet_type
Definition base.c:93
log_request
void log_request(fr_log_type_t type, fr_log_lvl_t lvl, request_t *request, char const *file, int line, char const *fmt,...)
Marshal variadic log arguments into a va_list and pass to normal logging functions.
Definition log.c:610
log_request_pair_list
void log_request_pair_list(fr_log_lvl_t lvl, request_t *request, fr_pair_t const *parent, fr_pair_list_t const *vps, char const *prefix)
Print a fr_pair_list_t.
Definition log.c:828
L_DBG_LVL_1
@ L_DBG_LVL_1
Highest priority debug messages (-x).
Definition log.h:70
L_DBG_LVL_2
@ L_DBG_LVL_2
2nd highest priority debug messages (-xx | -X).
Definition log.h:71
L_DBG
@ L_DBG
Only displayed when debugging is enabled.
Definition log.h:59
FR_TYPE_UINT32
@ FR_TYPE_UINT32
32 Bit unsigned integer.
Definition merged_model.c:99
fr_dict_attr_t
Definition merged_model.c:133
fr_dict_t
Definition merged_model.c:198
request_t
Definition merged_model.c:210
mod_actions_authorize
unlang_mod_actions_t const mod_actions_authorize
Definition mod_action.c:46
unlang_mod_actions_t::actions
unlang_mod_action_t actions[RLM_MODULE_NUMCODES]
Definition mod_action.h:64
module_ctx_t::mi
module_instance_t const * mi
Instance of the module being instantiated.
Definition module_ctx.h:42
module_ctx_t
Temporary structure to hold arguments for module calls.
Definition module_ctx.h:41
mod_process
static unlang_action_t mod_process(unlang_result_t *p_result, module_ctx_t const *mctx, request_t *request)
Definition base.c:188
compile_list
static const virtual_server_compile_t compile_list[]
Definition base.c:214
process_state
static fr_process_state_t const process_state[]
Definition base.c:69
process_ldap_sync_sections_t::recv_delete
CONF_SECTION * recv_delete
Definition base.c:90
process_ldap_sync_dict
fr_dict_autoload_t process_ldap_sync_dict[]
Definition base.c:34
dict_ldap_sync
static fr_dict_t const * dict_ldap_sync
Definition base.c:31
process_ldap_sync_sections_t::recv_modify
CONF_SECTION * recv_modify
Definition base.c:91
process_ldap_sync_t::sections
process_ldap_sync_sections_t sections
Definition base.c:95
process_ldap_sync_dict_attr
fr_dict_attr_autoload_t process_ldap_sync_dict_attr[]
Definition base.c:42
ldap_sync_message_types
static char const * ldap_sync_message_types[FR_LDAP_SYNC_CODE_MAX]
Definition base.c:48
process_ldap_sync_sections_t::recv_add
CONF_SECTION * recv_add
Definition base.c:88
ldap_sync_packet_debug
static void ldap_sync_packet_debug(request_t *request, fr_packet_t *packet, fr_pair_list_t *list, bool received)
Definition base.c:61
process_ldap_sync_sections_t::store_cookie
CONF_SECTION * store_cookie
Definition base.c:87
process_ldap_sync
fr_process_module_t process_ldap_sync
Definition base.c:234
process_ldap_sync_sections_t::recv_present
CONF_SECTION * recv_present
Definition base.c:89
process_ldap_sync_sections_t::load_cookie
CONF_SECTION * load_cookie
Definition base.c:86
process_ldap_sync_sections_t::nothing
uint64_t nothing
Definition base.c:84
process_ldap_sync_sections_t
Definition base.c:83
process_ldap_sync_t
Definition base.c:94
PROCESS_TRACE
#define PROCESS_TRACE
Trace each state function as it's entered.
Definition process.h:55
PROCESS_CONF_OFFSET
#define PROCESS_CONF_OFFSET(_x)
Definition process.h:79
fr_process_module_t::common
module_t common
Common fields for all loadable modules.
Definition process_types.h:39
fr_process_module_t
Common public symbol definition for all process modules.
Definition process_types.h:38
fr_assert
#define fr_assert(_expr)
Definition rad_assert.h:38
RDEBUG_ENABLED
#define RDEBUG_ENABLED()
Definition radclient.h:49
RLM_MODULE_INVALID
@ RLM_MODULE_INVALID
The module considers the request invalid.
Definition rcode.h:45
RLM_MODULE_FAIL
@ RLM_MODULE_FAIL
Module failed, don't reply.
Definition rcode.h:42
RLM_MODULE_DISALLOW
@ RLM_MODULE_DISALLOW
Reject the request (user is locked out).
Definition rcode.h:46
RLM_MODULE_REJECT
@ RLM_MODULE_REJECT
Immediately reject the request.
Definition rcode.h:41
RLM_MODULE_TIMEOUT
@ RLM_MODULE_TIMEOUT
Module (or section) timed out.
Definition rcode.h:50
RLM_MODULE_NOOP
@ RLM_MODULE_NOOP
Module succeeded without doing anything.
Definition rcode.h:48
SECTION_NAME
#define SECTION_NAME(_name1, _name2)
Define a section name consisting of a verb and a noun.
Definition section.h:40
module_instance_s::data
void * data
Module's instance data.
Definition module.h:291
MODULE_RCTX
#define MODULE_RCTX(_ctype)
Definition module.h:257
MODULE_INST
#define MODULE_INST(_ctype)
Definition module.h:255
pair_list_s
Definition pair.h:52
FR_LDAP_SYNC_PACKET_CODE_VALID
#define FR_LDAP_SYNC_PACKET_CODE_VALID(_code)
Definition sync.h:58
FR_LDAP_SYNC_CODE_PRESENT
@ FR_LDAP_SYNC_CODE_PRESENT
LDAP server indicates a particular object is present and unchanged.
Definition sync.h:33
FR_LDAP_SYNC_CODE_COOKIE_STORE_RESPONSE
@ FR_LDAP_SYNC_CODE_COOKIE_STORE_RESPONSE
Response to storing the new cookie.
Definition sync.h:52
FR_LDAP_SYNC_CODE_ENTRY_RESPONSE
@ FR_LDAP_SYNC_CODE_ENTRY_RESPONSE
Response packet to present / add / modify / delete.
Definition sync.h:42
FR_LDAP_SYNC_CODE_COOKIE_LOAD_FAIL
@ FR_LDAP_SYNC_CODE_COOKIE_LOAD_FAIL
Response when coolie load fails.
Definition sync.h:48
FR_LDAP_SYNC_CODE_ADD
@ FR_LDAP_SYNC_CODE_ADD
Object has been added to the LDAP directory.
Definition sync.h:36
FR_LDAP_SYNC_CODE_COOKIE_STORE
@ FR_LDAP_SYNC_CODE_COOKIE_STORE
The server has sent a new cookie.
Definition sync.h:50
FR_LDAP_SYNC_CODE_COOKIE_LOAD_RESPONSE
@ FR_LDAP_SYNC_CODE_COOKIE_LOAD_RESPONSE
Response with the returned cookie.
Definition sync.h:46
FR_LDAP_SYNC_CODE_DELETE
@ FR_LDAP_SYNC_CODE_DELETE
Object has been deleted.
Definition sync.h:40
FR_LDAP_SYNC_CODE_COOKIE_LOAD
@ FR_LDAP_SYNC_CODE_COOKIE_LOAD
Before the sync starts, request any previously stored cookie.
Definition sync.h:44
FR_LDAP_SYNC_CODE_MAX
@ FR_LDAP_SYNC_CODE_MAX
Definition sync.h:54
FR_LDAP_SYNC_CODE_MODIFY
@ FR_LDAP_SYNC_CODE_MODIFY
Object has been modified.
Definition sync.h:38
talloc_get_type_abort_const
#define talloc_get_type_abort_const
Definition talloc.h:287
fr_packet_t::code
unsigned int code
Packet code (type).
Definition packet.h:61
fr_packet_t
Definition packet.h:56
virtual_server_compile_s::section
section_name_t const * section
Identifier for the section.
Definition virtual_servers.h:103
COMPILE_TERMINATOR
#define COMPILE_TERMINATOR
Definition virtual_servers.h:113
virtual_server_compile_s
Processing sections which are allowed in this virtual server.
Definition virtual_servers.h:102
Generated by   doxygen 1.9.8