26#include <freeradius-devel/io/listen.h>
27#include <freeradius-devel/io/master.h>
28#include <freeradius-devel/server/main_config.h>
29#include <freeradius-devel/server/protocol.h>
30#include <freeradius-devel/server/state.h>
31#include <freeradius-devel/server/rcode.h>
32#include <freeradius-devel/tacacs/tacacs.h>
33#include <freeradius-devel/unlang/call.h>
34#include <freeradius-devel/util/debug.h>
36#include <freeradius-devel/protocol/tacacs/tacacs.h>
197#define PROCESS_PACKET_TYPE fr_tacacs_packet_code_t
198#define PROCESS_CODE_MAX FR_TACACS_CODE_MAX
199#define PROCESS_CODE_DO_NOT_RESPOND FR_TACACS_CODE_DO_NOT_RESPOND
200#define PROCESS_PACKET_CODE_VALID FR_TACACS_PACKET_CODE_VALID
201#define PROCESS_INST process_tacacs_t
202#define PROCESS_CODE_DYNAMIC_CLIENT FR_TACACS_CODE_AUTH_PASS
204#include <freeradius-devel/server/process.h>
251 hash =
vp->vp_uint8 + ((int) reply << 1);
259 fr_assert(request->async->listen != NULL);
260 hash =
fr_hash(&request->async->listen,
sizeof(request->async->listen));
310 code = status2code[
vp->vp_uint8];
312 RDEBUG(
"Setting reply Packet-Type from %pP",
vp);
315 REDEBUG(
"Ignoring invalid status %pP",
vp);
319 code = state->packet_type[rcode];
333 RDEBUG(
"Setting reply Packet-Type from %pV", &
vp->data);
334 return vp->vp_uint32;
342 fr_process_state_t
const *state;
356 return CALL_SEND_STATE(state);
359 if (
vp->vp_uint8 != FR_ACTION_VALUE_LOGIN) {
360 RDEBUG(
"Invalid authentication action %u",
vp->vp_uint8);
368 return CALL_RECV(generic);
389 fr_process_state_t
const *state;
399 UPDATE_STATE(packet);
407 if (!request->reply->code) {
424 if (!request->reply->code) {
445 RDEBUG(
"No User-Name, replying with Authentication-GetUser");
448 RDEBUG(
"User-Name = %pV, replying with Authentication-GetPass", &
vp->data);
460 RDEBUG(
"No User-Password, replying with Authentication-GetPass");
472 RPEDEBUG(
"Failed creating Authentication-Flags attribute with No-Echo flag");
491 if (request->reply->code) {
492 switch (request->reply->code) {
494 RDEBUG(
"The 'recv Authentication-Start' section returned %s - rejecting the request",
507 return CALL_SEND_STATE(state);
522 RDEBUG(
"No 'Auth-Type' or 'Authentication-Type' attribute found, "
523 "cannot authenticate the user - rejecting the request");
532 RDEBUG(
"Invalid value for '%s' attribute, cannot authenticate the user - rejecting the request",
556 RDEBUG2(
"No 'authenticate %s { ... }' section found - rejecting the request", dv->
name);
568 NULL, 0, mctx->rctx);
573 static const fr_process_rcode_t auth_type_rcode = {
585 fr_process_state_t
const *state;
599 if (!request->reply->code) {
607 switch (request->reply->code) {
609 RDEBUG(
"No reply code was set. Forcing to Authentication-Fail");
618 RDEBUG2(
"Failed to authenticate the user");
625 if (
vp && (
vp->vp_uint32 != FR_AUTHENTICATION_TYPE_VALUE_ASCII)) {
626 RDEBUG2(
"Cannot send challenges for %pP",
vp);
638 return state->send(p_result, mctx, request);
708#define COPY(_attr) do { \
709 vp = fr_pair_find_by_da(&request->request_pairs, NULL, _attr); \
711 MEM(copy = fr_pair_copy(session, vp)); \
712 fr_pair_append(&session->list, copy); \
713 RDEBUG2("%pP", copy); \
716 RDEBUG2(
"Caching session attributes:");
728 if (session->
rounds >
inst->auth.max_rounds) {
729 REDEBUG(
"Too many rounds of authentication - failing the session");
738#define COPY_MISSING(_attr) do { \
739 vp = fr_pair_find_by_da(&session->list, NULL, _attr); \
744 RDEBUG2(
"Caching additional session attributes:");
750 session->
reply = request->reply->code;
751 session->
seq_no = request->packet->data[2];
757 if ((
state_create(request->reply_ctx, &request->reply_pairs, request,
true) < 0) ||
770 if ((
state_create(request->request_ctx, &request->request_pairs, request,
false) < 0) ||
782 if (request->packet->data[2] <= session->
seq_no) {
783 REDEBUG(
"Client sent invalid sequence number %02x, expected >%02x", request->packet->data[2], session->
seq_no);
789 RDEBUG2(
"Restoring session attributes:");
796 if (
fr_pair_list_copy(request->request_ctx, &request->request_pairs, &session->
list) < 0)
goto error;
801#define EXTRACT(_attr) \
802 vp = fr_pair_find_by_da(&request->request_pairs, NULL, attr_tacacs_user_message); \
804 fr_value_box_set_secret(&vp->data, _attr->flags.secret); \
805 if (pair_append_request(©, _attr) < 0) break; \
806 if (fr_pair_value_copy(copy, vp) < 0) { \
807 fr_pair_remove(&request->request_pairs, copy); \
811 RDEBUG2("Populated %pP from user_message", copy)
813 switch (session->
reply) {
827 return CALL_RECV(generic);
837 if ((
state_create(request->request_ctx, &request->request_pairs, request,
false) < 0) ||
842 return CALL_RECV(generic);
847 fr_process_state_t
const *state;
854 return CALL_SEND_STATE(state);
869 fr_process_state_t
const *state;
878 UPDATE_STATE(packet);
886 if (!request->reply->code) {
900 return CALL_SEND_STATE(state);
910 static const fr_process_rcode_t acct_type_rcode = {
922 fr_process_state_t
const *state;
929 if (!request->reply->code) {
931 NULL, acct_type_rcode, rcode);
940 return state->send(p_result, mctx, request);
944 false,
true,
true,
false,
945 true,
true,
false,
false,
958 RWDEBUG(
"Invalid accounting request flag field %02x",
vp->vp_uint8);
962 return CALL_RECV(generic);
971 fr_process_state_t
const *state;
978 UPDATE_STATE(packet);
986 if (!request->reply->code) {
996 if (request->reply->code) {
1001 UPDATE_STATE(reply);
1004 return CALL_SEND_STATE(state);
1014 UPDATE_STATE(reply);
1016 return CALL_SEND_STATE(state);
1024 RDEBUG2(
"No 'accounting %s { ... }' section found - skipping...", dv->
name);
1035 NULL, 0, mctx->rctx);
1040 fr_process_state_t
const *state;
1047 request->component =
"tacacs";
1048 request->module = NULL;
1051 UPDATE_STATE(packet);
1054 REDEBUG(
"Invalid packet type (%u)", request->packet->code);
1062 return new_client(p_result, mctx, request);
1065 return state->recv(p_result, mctx, request);
1081 inst->auth.session_timeout,
inst->auth.state_server_id,
1114 .recv = recv_auth_start,
1115 .resume = resume_auth_start,
1128 .send = send_generic,
1129 .resume = resume_auth_pass,
1142 .send = send_generic,
1143 .resume = resume_auth_fail,
1156 .send = send_generic,
1157 .resume = resume_auth_get,
1170 .send = send_generic,
1171 .resume = resume_auth_get,
1184 .send = send_generic,
1185 .resume = resume_auth_get,
1193 .send = send_generic,
1194 .resume = resume_auth_restart,
1202 .send = send_generic,
1203 .resume = resume_auth_restart,
1218 .recv = recv_auth_cont,
1219 .resume = resume_auth_start,
1233 .recv = recv_auth_cont_abort,
1234 .resume = resume_auth_cont_abort,
1256 .recv = recv_generic,
1257 .resume = resume_autz_request,
1271 .send = send_generic,
1272 .resume = resume_send_generic,
1286 .send = send_generic,
1287 .resume = resume_send_generic,
1295 .send = send_generic,
1296 .resume = resume_send_generic,
1304 .send = send_generic,
1305 .resume = resume_send_generic,
1322 .recv = recv_accounting_request,
1323 .resume = resume_accounting_request,
1337 .send = send_generic,
1338 .resume = resume_send_generic,
1346 .send = send_generic,
1347 .resume = resume_send_generic,
1366 .send = send_generic,
1367 .resume = resume_send_generic,
1393 .section =
SECTION_NAME(
"send",
"Authentication-Pass"),
1398 .section =
SECTION_NAME(
"send",
"Authentication-Fail"),
1403 .section =
SECTION_NAME(
"send",
"Authentication-GetData"),
1408 .section =
SECTION_NAME(
"send",
"Authentication-GetUser"),
1413 .section =
SECTION_NAME(
"send",
"Authentication-GetPass"),
1418 .section =
SECTION_NAME(
"send",
"Authentication-Restart"),
1423 .section =
SECTION_NAME(
"send",
"Authentication-Error"),
1428 .section =
SECTION_NAME(
"recv",
"Authentication-Continue"),
1433 .section =
SECTION_NAME(
"recv",
"Authentication-Continue-Abort"),
1446 .section =
SECTION_NAME(
"recv",
"Authorization-Request"),
1451 .section =
SECTION_NAME(
"send",
"Authorization-Pass-Add"),
1456 .section =
SECTION_NAME(
"send",
"Authorization-Pass-Replace"),
1466 .section =
SECTION_NAME(
"send",
"Authorization-Error"),
1500 DYNAMIC_CLIENT_SECTIONS,
unlang_action_t
Returned by unlang_op_t calls, determine the next action of the interpreter.
@ UNLANG_ACTION_CALCULATE_RESULT
Calculate a new section rlm_rcode_t value.
static int const char char buffer[256]
#define FALL_THROUGH
clang 10 doesn't recognised the FALL-THROUGH comment anymore
#define CONF_PARSER_TERMINATOR
#define FR_INTEGER_BOUND_CHECK(_name, _var, _op, _bound)
#define FR_CONF_OFFSET(_name, _struct, _field)
conf_parser_t which parses a single CONF_PAIR, writing the result to a field in a struct
#define FR_CONF_POINTER(_name, _type, _flags, _res_p)
conf_parser_t which parses a single CONF_PAIR producing a single global result
@ CONF_FLAG_SUBSECTION
Instead of putting the information into a configuration structure, the configuration file routines MA...
Defines a CONF_PAIR to C data type mapping.
A section grouping multiple CONF_PAIR.
char const * cf_section_name2(CONF_SECTION const *cs)
Return the second identifier of a CONF_SECTION.
CONF_SECTION * cf_section_find(CONF_SECTION const *cs, char const *name1, char const *name2)
Find a CONF_SECTION with name1 and optionally name2.
CONF_SECTION * cf_item_to_section(CONF_ITEM const *ci)
Cast a CONF_ITEM to a CONF_SECTION.
fr_value_box_t const ** out
Enumeration value.
fr_dict_attr_t const ** out
Where to write a pointer to the resolved fr_dict_attr_t.
fr_dict_t const ** out
Where to write a pointer to the loaded/resolved fr_dict_t.
fr_value_box_t const * value
Enum value (what name maps to).
fr_dict_enum_value_t const * fr_dict_enum_by_value(fr_dict_attr_t const *da, fr_value_box_t const *value)
Lookup the structure representing an enum value in a fr_dict_attr_t.
char const * name
Enum name.
Specifies an attribute which must be present for the module to function.
Specifies a dictionary which must be loaded/loadable for the module to function.
Specifies a value which must be present for the module to function.
Value of an enumerated attribute.
#define MODULE_MAGIC_INIT
Stop people using different module/library/server versions together.
uint32_t fr_hash(void const *data, size_t size)
uint32_t fr_hash_string(char const *p)
static fr_dict_t const * dict_freeradius
fr_dict_attr_t const * attr_packet_type
fr_dict_attr_t const * attr_user_name
static fr_dict_attr_t const * attr_module_failure_message
#define REXDENT()
Exdent (unindent) R* messages by one level.
#define RPEDEBUG(fmt,...)
#define RINDENT()
Indent R* messages by one level.
@ L_DBG_LVL_2
2nd highest priority debug messages (-xx | -X).
main_config_t const * main_config
Main server configuration.
bool spawn_workers
Should the server spawn threads.
@ FR_TYPE_STRING
String of printable characters.
@ FR_TYPE_UINT8
8 Bit unsigned integer.
@ FR_TYPE_UINT32
32 Bit unsigned integer.
@ FR_TYPE_OCTETS
Raw octets.
unlang_mod_actions_t const mod_actions_authenticate
unlang_mod_actions_t const mod_actions_accounting
unlang_mod_actions_t const mod_actions_authorize
unlang_mod_actions_t const mod_actions_postauth
unlang_mod_action_t actions[RLM_MODULE_NUMCODES]
module_instance_t const * mi
Instance of the module being instantiated.
module_instance_t * mi
Instance of the module being instantiated.
Temporary structure to hold arguments for module calls.
Temporary structure to hold arguments for instantiation calls.
static void fr_nbo_from_uint32(uint8_t out[static sizeof(uint32_t)], uint32_t num)
Write out an unsigned 32bit integer in wire format (big endian)
int fr_pair_list_copy(TALLOC_CTX *ctx, fr_pair_list_t *to, fr_pair_list_t const *from)
Duplicate a list of pairs.
int fr_pair_value_memdup(fr_pair_t *vp, uint8_t const *src, size_t len, bool tainted)
Copy data into an "octets" data type.
fr_pair_t * fr_pair_find_by_da_nested(fr_pair_list_t const *list, fr_pair_t const *prev, fr_dict_attr_t const *da)
Find a pair with a matching fr_dict_attr_t, by walking the nested fr_dict_attr_t tree.
fr_pair_t * fr_pair_find_by_da(fr_pair_list_t const *list, fr_pair_t const *prev, fr_dict_attr_t const *da)
Find the first pair with a matching da.
int fr_pair_append(fr_pair_list_t *list, fr_pair_t *to_add)
Add a VP to the end of the list.
fr_pair_t * fr_pair_afrom_da(TALLOC_CTX *ctx, fr_dict_attr_t const *da)
Dynamically allocate a new attribute and assign a fr_dict_attr_t.
void fr_pair_list_init(fr_pair_list_t *list)
Initialise a pair list header.
static unlang_action_t mod_process(unlang_result_t *p_result, module_ctx_t const *mctx, request_t *request)
static const virtual_server_compile_t compile_list[]
static fr_process_state_t const process_state[]
RESUME_FLAG(recv_bfd, UNUSED,)
static fr_dict_attr_t const * attr_module_success_message
static int mod_instantiate(module_inst_ctx_t const *mctx)
RECV(for_any_server)
Validate a solicit/rebind/confirm message.
static fr_dict_attr_t const * attr_user_password
static fr_dict_attr_t const * attr_stripped_user_name
static const conf_parser_t session_config[]
static int mod_bootstrap(module_inst_ctx_t const *mctx)
static fr_dict_attr_t const * attr_auth_type
static fr_value_box_t const * enum_auth_type_reject
static const conf_parser_t auth_config[]
static fr_value_box_t const * enum_auth_type_accept
static const conf_parser_t config[]
fr_process_module_t process_tacacs
static fr_dict_attr_t const * attr_tacacs_authentication_flags
CONF_SECTION * autz_pass_add
fr_pair_list_t list
copied from the request
CONF_SECTION * new_client
static fr_value_box_t const * enum_tacacs_auth_type_ascii
CONF_SECTION * add_client
CONF_SECTION * auth_start
CONF_SECTION * acct_success
CONF_SECTION * auth_error
CONF_SECTION * acct_request
CONF_SECTION * auth_cont_abort
fr_dict_attr_autoload_t process_tacacs_dict_attr[]
static fr_dict_attr_t const * attr_tacacs_user_message
CONF_SECTION * server_cs
Our virtual server.
static fr_dict_attr_t const * attr_chap_password
static const uint32_t acct_status_to_packet_code[UINT8_MAX+1]
CONF_SECTION * auth_restart
static const uint32_t authen_status_to_packet_code[UINT8_MAX+1]
process_tacacs_sections_t sections
Pointers to various config sections we need to execute.
static uint32_t reply_code(request_t *request, fr_dict_attr_t const *status_da, uint32_t const status2code[static UINT8_MAX+1], fr_process_state_t const *state, fr_process_rcode_t const process_rcode, rlm_rcode_t rcode)
Try and determine what the response packet type should be.
static fr_dict_t const * dict_tacacs
fr_time_delta_t session_timeout
Maximum time between the last response and next request.
uint32_t rounds
how many rounds were taken
fr_dict_enum_autoload_t process_tacacs_dict_enum[]
#define COPY_MISSING(_attr)
static fr_dict_attr_t const * attr_tacacs_session_id
static fr_dict_attr_t const * attr_tacacs_server_message
CONF_SECTION * autz_error
CONF_SECTION * do_not_respond
static const uint32_t author_status_to_packet_code[UINT8_MAX+1]
static fr_value_box_t const * enum_auth_flags_noecho
uint8_t state_server_id
Sets a specific byte in the state to allow the authenticating server to be identified in packet captu...
CONF_SECTION * autz_pass_replace
uint32_t reply
for multiround state machine
CONF_SECTION * auth_getuser
static fr_dict_attr_t const * attr_tacacs_privilege_level
CONF_SECTION * auth_getdata
static fr_dict_attr_t const * attr_tacacs_authentication_type
CONF_SECTION * acct_error
static fr_dict_attr_t const * attr_tacacs_accounting_status
CONF_SECTION * autz_request
uint32_t max_session
Maximum ongoing session allowed.
static const bool acct_flag_valid[8]
static fr_dict_attr_t const * attr_tacacs_authentication_service
static fr_dict_attr_t const * attr_tacacs_authentication_status
CONF_SECTION * deny_client
static fr_dict_attr_t const * attr_tacacs_authentication_action
static fr_dict_attr_t const * attr_tacacs_client_port
process_tacacs_auth_t auth
Authentication configuration.
static fr_dict_attr_t const * attr_tacacs_remote_address
uint8_t seq_no
sequence number of last request.
fr_state_tree_t * state_tree
State tree to link multiple requests/responses.
static fr_dict_attr_t const * attr_tacacs_action
static fr_dict_attr_t const * attr_tacacs_sequence_number
static fr_dict_attr_t const * attr_tacacs_authorization_status
static fr_dict_attr_t const * attr_tacacs_accounting_flags
static fr_dict_attr_t const * attr_tacacs_data
static fr_dict_attr_t const * attr_tacacs_state
uint32_t max_rounds
maximum number of authentication rounds allowed
uint32_t session_id
current session ID
CONF_SECTION * auth_getpass
fr_dict_autoload_t process_tacacs_dict[]
static int state_create(TALLOC_CTX *ctx, fr_pair_list_t *out, request_t *request, bool reply)
#define PROCESS_TRACE
Trace each state function as it's entered.
#define PROCESS_CONF_OFFSET(_x)
module_t common
Common fields for all loadable modules.
Common public symbol definition for all process modules.
char const * fr_tacacs_packet_names[FR_TACACS_CODE_MAX]
static void send_reply(int sockfd, fr_channel_data_t *reply)
fr_table_num_sorted_t const rcode_table[]
#define RETURN_UNLANG_FAIL
rlm_rcode_t
Return codes indicating the result of the module call.
@ RLM_MODULE_INVALID
The module considers the request invalid.
@ RLM_MODULE_OK
The module is OK, continue.
@ RLM_MODULE_FAIL
Module failed, don't reply.
@ RLM_MODULE_DISALLOW
Reject the request (user is locked out).
@ RLM_MODULE_REJECT
Immediately reject the request.
@ RLM_MODULE_TIMEOUT
Module (or section) timed out.
@ RLM_MODULE_NOTFOUND
User not found.
@ RLM_MODULE_UPDATED
OK (pairs modified).
@ RLM_MODULE_NOOP
Module succeeded without doing anything.
@ RLM_MODULE_NUMCODES
How many valid return codes there are.
@ RLM_MODULE_HANDLED
The module handled the request, so stop.
#define request_is_dynamic_client(_x)
void * request_data_reference(request_t *request, void const *unique_ptr, int unique_int)
Get opaque data from a request without removing it.
#define request_data_talloc_add(_request, _unique_ptr, _unique_int, _type, _opaque, _free_on_replace, _free_on_parent, _persist)
Add opaque data to a request_t.
static unlang_action_t process_rcode(unlang_result_t *p_result, module_ctx_t const *mctx, request_t *request)
static unsigned int hash(char const *username, unsigned int tablesize)
#define SECTION_NAME(_name1, _name2)
Define a section name consisting of a verb and a noun.
CONF_SECTION * conf
Module's instance configuration.
void * data
Module's instance data.
#define MODULE_RCTX(_ctype)
#define MODULE_INST(_ctype)
conf_parser_t const * config
How to convert a CONF_SECTION to a module instance.
#define pair_delete_reply(_pair_or_da)
Delete a fr_pair_t in the reply list.
#define pair_append_reply(_attr, _da)
Allocate and append a fr_pair_t to reply list.
fr_state_tree_t * fr_state_tree_init(TALLOC_CTX *ctx, fr_dict_attr_t const *da, bool thread_safe, uint32_t max_sessions, fr_time_delta_t timeout, uint8_t server_id, uint32_t context_id)
Initialise a new state tree.
void fr_state_discard(fr_state_tree_t *state, request_t *request)
Called when sending an Access-Accept/Access-Reject to discard state information.
int fr_request_to_state(fr_state_tree_t *state, request_t *request)
Transfer ownership of the state fr_pair_ts and ctx, back to a state entry.
int fr_state_to_request(fr_state_tree_t *state, request_t *request)
Copy a pointer to the head of the list of state fr_pair_ts (and their ctx) into the request.
unlang_action_t unlang_module_yield_to_section(unlang_result_t *p_result, request_t *request, CONF_SECTION *subcs, rlm_rcode_t default_rcode, module_method_t resume, unlang_module_signal_t signal, fr_signal_t sigmask, void *rctx)
eap_aka_sim_process_conf_t * inst
Stores an attribute, a value and various bits of other data.
fr_dict_attr_t const *_CONST da
Dictionary attribute defines the attribute number, vendor and type of the pair.
#define fr_table_str_by_value(_table, _number, _def)
Convert an integer to a string.
@ FR_TAC_PLUS_AUTHOR_STATUS_PASS_ADD
@ FR_TAC_PLUS_AUTHOR_STATUS_ERROR
@ FR_TAC_PLUS_AUTHOR_STATUS_FAIL
@ FR_TAC_PLUS_AUTHOR_STATUS_PASS_REPL
#define FR_TACACS_PACKET_CODE_VALID(_code)
#define packet_is_authen_start_request(p)
3.4.
@ FR_TACACS_CODE_ACCT_ERROR
@ FR_TACACS_CODE_DO_NOT_RESPOND
@ FR_TACACS_CODE_ACCT_REQUEST
@ FR_TACACS_CODE_AUTZ_REQUEST
@ FR_TACACS_CODE_AUTH_GETDATA
@ FR_TACACS_CODE_AUTH_RESTART
@ FR_TACACS_CODE_AUTZ_PASS_REPLACE
@ FR_TACACS_CODE_AUTH_GETUSER
@ FR_TACACS_CODE_AUTH_GETPASS
@ FR_TACACS_CODE_AUTZ_FAIL
@ FR_TACACS_CODE_AUTH_CONT_ABORT
@ FR_TACACS_CODE_AUTH_PASS
@ FR_TACACS_CODE_AUTH_CONT
@ FR_TACACS_CODE_AUTZ_PASS_ADD
@ FR_TACACS_CODE_AUTH_START
@ FR_TACACS_CODE_AUTH_FAIL
@ FR_TACACS_CODE_AUTH_ERROR
@ FR_TACACS_CODE_AUTZ_ERROR
@ FR_TACACS_CODE_ACCT_SUCCESS
@ FR_TAC_PLUS_ACCT_STATUS_SUCCESS
@ FR_TAC_PLUS_ACCT_STATUS_ERROR
@ FR_TAC_PLUS_AUTHEN_STATUS_PASS
@ FR_TAC_PLUS_AUTHEN_STATUS_GETDATA
@ FR_TAC_PLUS_AUTHEN_STATUS_ERROR
@ FR_TAC_PLUS_AUTHEN_STATUS_GETUSER
@ FR_TAC_PLUS_AUTHEN_STATUS_FAIL
@ FR_TAC_PLUS_AUTHEN_STATUS_RESTART
@ FR_TAC_PLUS_AUTHEN_STATUS_GETPASS
#define talloc_get_type_abort_const
A time delta, a difference in time measured in nanoseconds.
fr_pair_t * fr_pair_list_next(fr_pair_list_t const *list, fr_pair_t const *item))
Get the next item in a valuepair list after a specific entry.
int8_t fr_value_box_cmp(fr_value_box_t const *a, fr_value_box_t const *b)
Compare two values.
int fr_value_box_copy(TALLOC_CTX *ctx, fr_value_box_t *dst, const fr_value_box_t *src)
Copy value data verbatim duplicating any buffers.
static size_t char ** out
int virtual_server_section_attribute_define(CONF_SECTION *server_cs, char const *subcs_name, fr_dict_attr_t const *da)
Define a values for Auth-Type attributes by the sections present in a virtual-server.
section_name_t const * section
Identifier for the section.
#define COMPILE_TERMINATOR
Processing sections which are allowed in this virtual server.
1.9.8