The FreeRADIUS server $Id: 15bac2a4c627c01d1aa2047687b3418955ac7f00 $
Loading...
Searching...
No Matches
base.c
Go to the documentation of this file.
1/*
2 * This program is free software; you can redistribute it and/or modify
3 * it under the terms of the GNU General Public License as published by
4 * the Free Software Foundation; either version 2 of the License, or
5 * (at your option) any later version.
6 *
7 * This program is distributed in the hope that it will be useful,
8 * but WITHOUT ANY WARRANTY; without even the implied warranty of
9 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
10 * GNU General Public License for more details.
11 *
12 * You should have received a copy of the GNU General Public License
13 * along with this program; if not, write to the Free Software
14 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
15 */
16
17/**
18 * $Id: 937d71ecf8edb5e68926f445f1897a47a3886f82 $
19 * @file src/process/vmps/base.c
20 * @brief VMPS processing.
21 *
22 * @copyright 2018 The Freeradius server project.
23 * @copyright 2018 Alan DeKok (aland@deployingradius.com)
24 */
25#include <freeradius-devel/io/application.h>
26#include <freeradius-devel/server/protocol.h>
27#include <freeradius-devel/util/dict.h>
28#include <freeradius-devel/util/debug.h>
29#include <freeradius-devel/vmps/vmps.h>
30
31#include <freeradius-devel/protocol/vmps/vmps.h>
32
33static fr_dict_t const *dict_vmps;
34
35extern fr_dict_autoload_t process_vmps_dict[];
36fr_dict_autoload_t process_vmps_dict[] = {
37 { .out = &dict_vmps, .proto = "vmps" },
38 { NULL }
39};
40
41static fr_dict_attr_t const *attr_packet_type;
42
43extern fr_dict_attr_autoload_t process_vmps_dict_attr[];
44fr_dict_attr_autoload_t process_vmps_dict_attr[] = {
45 { .out = &attr_packet_type, .name = "Packet-Type", .type = FR_TYPE_UINT32, .dict = &dict_vmps },
46 { NULL }
47};
48
58
62
63#define PROCESS_PACKET_TYPE fr_vmps_packet_code_t
64#define PROCESS_CODE_MAX FR_VMPS_CODE_MAX
65#define PROCESS_CODE_DO_NOT_RESPOND FR_VMPS_DO_NOT_RESPOND
66#define PROCESS_PACKET_CODE_VALID FR_VMPS_PACKET_CODE_VALID
67#define PROCESS_INST process_vmps_t
68#include <freeradius-devel/server/process.h>
69
70static fr_process_state_t const process_state[] = {
71 [FR_PACKET_TYPE_VALUE_JOIN_REQUEST] = {
72 .packet_type = {
73 [RLM_MODULE_OK] = FR_PACKET_TYPE_VALUE_JOIN_RESPONSE,
74 [RLM_MODULE_NOOP] = FR_PACKET_TYPE_VALUE_JOIN_RESPONSE,
75 [RLM_MODULE_UPDATED] = FR_PACKET_TYPE_VALUE_JOIN_RESPONSE,
76
77 [RLM_MODULE_REJECT] = FR_PACKET_TYPE_VALUE_DO_NOT_RESPOND,
78 [RLM_MODULE_FAIL] = FR_PACKET_TYPE_VALUE_DO_NOT_RESPOND,
79 [RLM_MODULE_INVALID] = FR_PACKET_TYPE_VALUE_DO_NOT_RESPOND,
80 [RLM_MODULE_DISALLOW] = FR_PACKET_TYPE_VALUE_DO_NOT_RESPOND,
81 [RLM_MODULE_NOTFOUND] = FR_PACKET_TYPE_VALUE_DO_NOT_RESPOND,
82 [RLM_MODULE_TIMEOUT] = FR_PACKET_TYPE_VALUE_DO_NOT_RESPOND
83 },
84 .default_rcode = RLM_MODULE_NOOP,
85 .recv = recv_generic,
86 .resume = resume_recv_generic,
87 .section_offset = PROCESS_CONF_OFFSET(join_request),
88 },
89 [FR_PACKET_TYPE_VALUE_JOIN_RESPONSE] = {
90 .packet_type = {
91 [RLM_MODULE_OK] = FR_PACKET_TYPE_VALUE_JOIN_RESPONSE,
92 [RLM_MODULE_NOOP] = FR_PACKET_TYPE_VALUE_JOIN_RESPONSE,
93 [RLM_MODULE_UPDATED] = FR_PACKET_TYPE_VALUE_JOIN_RESPONSE,
94
95 [RLM_MODULE_REJECT] = FR_PACKET_TYPE_VALUE_DO_NOT_RESPOND,
96 [RLM_MODULE_FAIL] = FR_PACKET_TYPE_VALUE_DO_NOT_RESPOND,
97 [RLM_MODULE_INVALID] = FR_PACKET_TYPE_VALUE_DO_NOT_RESPOND,
98 [RLM_MODULE_DISALLOW] = FR_PACKET_TYPE_VALUE_DO_NOT_RESPOND,
99 [RLM_MODULE_NOTFOUND] = FR_PACKET_TYPE_VALUE_DO_NOT_RESPOND,
100 [RLM_MODULE_TIMEOUT] = FR_PACKET_TYPE_VALUE_DO_NOT_RESPOND
101 },
102 .default_rcode = RLM_MODULE_NOOP,
103 .result_rcode = RLM_MODULE_OK,
104 .send = send_generic,
105 .resume = resume_send_generic,
106 .section_offset = PROCESS_CONF_OFFSET(join_response),
107 },
108
109 [FR_PACKET_TYPE_VALUE_RECONFIRM_REQUEST] = {
110 .packet_type = {
111 [RLM_MODULE_OK] = FR_PACKET_TYPE_VALUE_RECONFIRM_RESPONSE,
112 [RLM_MODULE_NOOP] = FR_PACKET_TYPE_VALUE_RECONFIRM_RESPONSE,
113 [RLM_MODULE_UPDATED] = FR_PACKET_TYPE_VALUE_RECONFIRM_RESPONSE,
114
115 [RLM_MODULE_REJECT] = FR_PACKET_TYPE_VALUE_DO_NOT_RESPOND,
116 [RLM_MODULE_FAIL] = FR_PACKET_TYPE_VALUE_DO_NOT_RESPOND,
117 [RLM_MODULE_INVALID] = FR_PACKET_TYPE_VALUE_DO_NOT_RESPOND,
118 [RLM_MODULE_DISALLOW] = FR_PACKET_TYPE_VALUE_DO_NOT_RESPOND,
119 [RLM_MODULE_NOTFOUND] = FR_PACKET_TYPE_VALUE_DO_NOT_RESPOND,
120 [RLM_MODULE_TIMEOUT] = FR_PACKET_TYPE_VALUE_DO_NOT_RESPOND
121 },
122 .default_rcode = RLM_MODULE_NOOP,
123 .recv = recv_generic,
124 .resume = resume_recv_generic,
125 .section_offset = PROCESS_CONF_OFFSET(reconfirm_request),
126 },
127 [FR_PACKET_TYPE_VALUE_RECONFIRM_RESPONSE] = {
128 .packet_type = {
129 [RLM_MODULE_OK] = FR_PACKET_TYPE_VALUE_RECONFIRM_RESPONSE,
130 [RLM_MODULE_NOOP] = FR_PACKET_TYPE_VALUE_RECONFIRM_RESPONSE,
131 [RLM_MODULE_UPDATED] = FR_PACKET_TYPE_VALUE_RECONFIRM_RESPONSE,
132
133 [RLM_MODULE_REJECT] = FR_PACKET_TYPE_VALUE_DO_NOT_RESPOND,
134 [RLM_MODULE_FAIL] = FR_PACKET_TYPE_VALUE_DO_NOT_RESPOND,
135 [RLM_MODULE_INVALID] = FR_PACKET_TYPE_VALUE_DO_NOT_RESPOND,
136 [RLM_MODULE_DISALLOW] = FR_PACKET_TYPE_VALUE_DO_NOT_RESPOND,
137 [RLM_MODULE_NOTFOUND] = FR_PACKET_TYPE_VALUE_DO_NOT_RESPOND,
138 [RLM_MODULE_TIMEOUT] = FR_PACKET_TYPE_VALUE_DO_NOT_RESPOND
139 },
140 .default_rcode = RLM_MODULE_NOOP,
141 .result_rcode = RLM_MODULE_OK,
142 .send = send_generic,
143 .resume = resume_send_generic,
144 .section_offset = PROCESS_CONF_OFFSET(reconfirm_response),
145 },
146
147 [ FR_VMPS_DO_NOT_RESPOND ] = {
148 .packet_type = {
149 [RLM_MODULE_NOOP] = FR_VMPS_DO_NOT_RESPOND,
150 [RLM_MODULE_OK] = FR_VMPS_DO_NOT_RESPOND,
151 [RLM_MODULE_UPDATED] = FR_VMPS_DO_NOT_RESPOND,
152 [RLM_MODULE_HANDLED] = FR_VMPS_DO_NOT_RESPOND,
153
154 [RLM_MODULE_NOTFOUND] = FR_VMPS_DO_NOT_RESPOND,
155 [RLM_MODULE_FAIL] = FR_VMPS_DO_NOT_RESPOND,
156 [RLM_MODULE_INVALID] = FR_VMPS_DO_NOT_RESPOND,
157 [RLM_MODULE_REJECT] = FR_VMPS_DO_NOT_RESPOND,
158 [RLM_MODULE_DISALLOW] = FR_VMPS_DO_NOT_RESPOND,
159 [RLM_MODULE_TIMEOUT] = FR_VMPS_DO_NOT_RESPOND
160 },
161 .default_rcode = RLM_MODULE_NOOP,
162 .send = send_generic,
163 .resume = resume_send_generic,
164 .section_offset = PROCESS_CONF_OFFSET(do_not_respond),
165 },
166};
167
168
169/*
170 * Debug the packet if requested.
171 */
172static void vmps_packet_debug(request_t *request, fr_packet_t const *packet, fr_pair_list_t const *list, bool received)
173{
174#ifdef WITH_IFINDEX_NAME_RESOLUTION
175 char if_name[IFNAMSIZ];
176#endif
177
178 if (!packet) return;
179 if (!RDEBUG_ENABLED) return;
180
181 log_request(L_DBG, L_DBG_LVL_1, request, __FILE__, __LINE__, "%s %s XID %08x from %s%pV%s:%i to %s%pV%s:%i "
182#ifdef WITH_IFINDEX_NAME_RESOLUTION
183 "%s%s%s"
184#endif
185 "",
186 received ? "Received" : "Sending",
187 fr_vmps_packet_names[packet->code],
188 packet->id,
189 packet->socket.inet.src_ipaddr.af == AF_INET6 ? "[" : "",
190 fr_box_ipaddr(packet->socket.inet.src_ipaddr),
191 packet->socket.inet.src_ipaddr.af == AF_INET6 ? "]" : "",
192 packet->socket.inet.src_port,
193 packet->socket.inet.dst_ipaddr.af == AF_INET6 ? "[" : "",
194 fr_box_ipaddr(packet->socket.inet.dst_ipaddr),
195 packet->socket.inet.dst_ipaddr.af == AF_INET6 ? "]" : "",
196 packet->socket.inet.dst_port
197#ifdef WITH_IFINDEX_NAME_RESOLUTION
198 , packet->socket.inet.ifindex ? "via " : "",
199 packet->socket.inet.ifindex ? fr_ifname_from_ifindex(if_name, packet->socket.inet.ifindex) : "",
200 packet->socket.inet.ifindex ? " " : ""
201#endif
202 );
203
204 if (received || request->parent) {
205 log_request_pair_list(L_DBG_LVL_1, request, NULL, list, NULL);
206 } else {
207 log_request_proto_pair_list(L_DBG_LVL_1, request, NULL, list, NULL);
208 }
209}
210
211static unlang_action_t mod_process(unlang_result_t *p_result, module_ctx_t const *mctx, request_t *request)
212{
213 fr_process_state_t const *state;
214
215 PROCESS_TRACE;
216
217 (void)talloc_get_type_abort_const(mctx->mi->data, process_vmps_t);
218 fr_assert(PROCESS_PACKET_CODE_VALID(request->packet->code));
219
220 request->component = "vmps";
221 request->module = NULL;
222 fr_assert(request->proto_dict == dict_vmps);
223
224 UPDATE_STATE(packet);
225
226 if (!state->recv) {
227 REDEBUG("Invalid packet type (%u)", request->packet->code);
228 RETURN_UNLANG_FAIL;
229 }
230
231 vmps_packet_debug(request, request->packet, &request->request_pairs, true);
232
233 return state->recv(p_result, mctx, request);
234}
235
236static const virtual_server_compile_t compile_list[] = {
237 {
238 .section = SECTION_NAME("recv", "Join-Request"),
239 .actions = &mod_actions_authorize,
240 .offset = PROCESS_CONF_OFFSET(join_request),
241 },
242 {
243 .section = SECTION_NAME("send", "Join-Response"),
244 .actions = &mod_actions_postauth,
245 .offset = PROCESS_CONF_OFFSET(join_response),
246 },
247 {
248 .section = SECTION_NAME("recv", "Reconfirm-Request"),
249 .actions = &mod_actions_authorize,
250 .offset = PROCESS_CONF_OFFSET(reconfirm_request),
251 },
252 {
253 .section = SECTION_NAME("send", "Reconfirm-Response"),
254 .actions = &mod_actions_postauth,
255 .offset = PROCESS_CONF_OFFSET(reconfirm_response),
256 },
257 {
258 .section = SECTION_NAME("send", "Do-Not-Respond"),
259 .actions = &mod_actions_postauth,
260 .offset = PROCESS_CONF_OFFSET(do_not_respond),
261 },
262
263 COMPILE_TERMINATOR
264};
265
266
267extern fr_process_module_t process_vmps;
268fr_process_module_t process_vmps = {
269 .common = {
270 .magic = MODULE_MAGIC_INIT,
271 .name = "vmps",
272 MODULE_INST(process_vmps_t),
273 MODULE_RCTX(process_rctx_t)
274 },
275 .process = mod_process,
276 .compile_list = compile_list,
277 .dict = &dict_vmps,
278 .packet_type = &attr_packet_type
279};
unlang_action_t
unlang_action_t
Returned by unlang_op_t calls, determine the next action of the interpreter.
Definition action.h:35
cf_section
A section grouping multiple CONF_PAIR.
Definition cf_priv.h:101
fr_dict_attr_autoload_t::out
fr_dict_attr_t const ** out
Where to write a pointer to the resolved fr_dict_attr_t.
Definition dict.h:274
fr_dict_autoload_t::out
fr_dict_t const ** out
Where to write a pointer to the loaded/resolved fr_dict_t.
Definition dict.h:287
fr_dict_attr_autoload_t
Specifies an attribute which must be present for the module to function.
Definition dict.h:273
fr_dict_autoload_t
Specifies a dictionary which must be loaded/loadable for the module to function.
Definition dict.h:286
MODULE_MAGIC_INIT
#define MODULE_MAGIC_INIT
Stop people using different module/library/server versions together.
Definition dl_module.h:63
unlang_result_t
Definition interpret.h:133
attr_packet_type
fr_dict_attr_t const * attr_packet_type
Definition base.c:93
log_request_proto_pair_list
void log_request_proto_pair_list(fr_log_lvl_t lvl, request_t *request, fr_pair_t const *parent, fr_pair_list_t const *vps, char const *prefix)
Print a list of protocol fr_pair_ts.
Definition log.c:852
log_request
void log_request(fr_log_type_t type, fr_log_lvl_t lvl, request_t *request, char const *file, int line, char const *fmt,...)
Marshal variadic log arguments into a va_list and pass to normal logging functions.
Definition log.c:610
log_request_pair_list
void log_request_pair_list(fr_log_lvl_t lvl, request_t *request, fr_pair_t const *parent, fr_pair_list_t const *vps, char const *prefix)
Print a fr_pair_list_t.
Definition log.c:828
L_DBG_LVL_1
@ L_DBG_LVL_1
Highest priority debug messages (-x).
Definition log.h:70
L_DBG
@ L_DBG
Only displayed when debugging is enabled.
Definition log.h:59
FR_TYPE_UINT32
@ FR_TYPE_UINT32
32 Bit unsigned integer.
Definition merged_model.c:99
fr_dict_attr_t
Definition merged_model.c:133
fr_dict_t
Definition merged_model.c:198
request_t
Definition merged_model.c:210
mod_actions_authorize
unlang_mod_actions_t const mod_actions_authorize
Definition mod_action.c:46
mod_actions_postauth
unlang_mod_actions_t const mod_actions_postauth
Definition mod_action.c:93
unlang_mod_actions_t::actions
unlang_mod_action_t actions[RLM_MODULE_NUMCODES]
Definition mod_action.h:64
module_ctx_t::mi
module_instance_t const * mi
Instance of the module being instantiated.
Definition module_ctx.h:42
module_ctx_t
Temporary structure to hold arguments for module calls.
Definition module_ctx.h:41
mod_process
static unlang_action_t mod_process(unlang_result_t *p_result, module_ctx_t const *mctx, request_t *request)
Definition base.c:188
compile_list
static const virtual_server_compile_t compile_list[]
Definition base.c:214
process_state
static fr_process_state_t const process_state[]
Definition base.c:69
PROCESS_PACKET_CODE_VALID
#define PROCESS_PACKET_CODE_VALID
Definition base.c:65
process_vmps_sections_t::do_not_respond
CONF_SECTION * do_not_respond
Definition base.c:56
process_vmps_sections_t::reconfirm_response
CONF_SECTION * reconfirm_response
Definition base.c:55
process_vmps_dict
fr_dict_autoload_t process_vmps_dict[]
Definition base.c:36
vmps_packet_debug
static void vmps_packet_debug(request_t *request, fr_packet_t const *packet, fr_pair_list_t const *list, bool received)
Definition base.c:172
process_vmps_t::sections
process_vmps_sections_t sections
Definition base.c:60
process_vmps
fr_process_module_t process_vmps
Definition base.c:268
process_vmps_dict_attr
fr_dict_attr_autoload_t process_vmps_dict_attr[]
Definition base.c:44
process_vmps_sections_t::reconfirm_request
CONF_SECTION * reconfirm_request
Definition base.c:54
process_vmps_sections_t::join_request
CONF_SECTION * join_request
Definition base.c:52
process_vmps_sections_t::join_response
CONF_SECTION * join_response
Definition base.c:53
dict_vmps
static fr_dict_t const * dict_vmps
Definition base.c:33
process_vmps_sections_t
Definition base.c:49
process_vmps_t
Definition base.c:59
PROCESS_TRACE
#define PROCESS_TRACE
Trace each state function as it's entered.
Definition process.h:55
PROCESS_CONF_OFFSET
#define PROCESS_CONF_OFFSET(_x)
Definition process.h:79
fr_process_module_t::common
module_t common
Common fields for all loadable modules.
Definition process_types.h:39
fr_process_module_t
Common public symbol definition for all process modules.
Definition process_types.h:38
fr_assert
#define fr_assert(_expr)
Definition rad_assert.h:38
REDEBUG
#define REDEBUG(fmt,...)
Definition radclient.h:52
RDEBUG_ENABLED
#define RDEBUG_ENABLED()
Definition radclient.h:49
RETURN_UNLANG_FAIL
#define RETURN_UNLANG_FAIL
Definition rcode.h:57
RLM_MODULE_INVALID
@ RLM_MODULE_INVALID
The module considers the request invalid.
Definition rcode.h:45
RLM_MODULE_OK
@ RLM_MODULE_OK
The module is OK, continue.
Definition rcode.h:43
RLM_MODULE_FAIL
@ RLM_MODULE_FAIL
Module failed, don't reply.
Definition rcode.h:42
RLM_MODULE_DISALLOW
@ RLM_MODULE_DISALLOW
Reject the request (user is locked out).
Definition rcode.h:46
RLM_MODULE_REJECT
@ RLM_MODULE_REJECT
Immediately reject the request.
Definition rcode.h:41
RLM_MODULE_TIMEOUT
@ RLM_MODULE_TIMEOUT
Module (or section) timed out.
Definition rcode.h:50
RLM_MODULE_NOTFOUND
@ RLM_MODULE_NOTFOUND
User not found.
Definition rcode.h:47
RLM_MODULE_UPDATED
@ RLM_MODULE_UPDATED
OK (pairs modified).
Definition rcode.h:49
RLM_MODULE_NOOP
@ RLM_MODULE_NOOP
Module succeeded without doing anything.
Definition rcode.h:48
RLM_MODULE_HANDLED
@ RLM_MODULE_HANDLED
The module handled the request, so stop.
Definition rcode.h:44
SECTION_NAME
#define SECTION_NAME(_name1, _name2)
Define a section name consisting of a verb and a noun.
Definition section.h:40
module_instance_s::data
void * data
Module's instance data.
Definition module.h:291
MODULE_RCTX
#define MODULE_RCTX(_ctype)
Definition module.h:257
MODULE_INST
#define MODULE_INST(_ctype)
Definition module.h:255
pair_list_s
Definition pair.h:52
talloc_get_type_abort_const
#define talloc_get_type_abort_const
Definition talloc.h:287
fr_packet_t::code
unsigned int code
Packet code (type).
Definition packet.h:61
fr_packet_t::socket
fr_socket_t socket
This packet was received on.
Definition packet.h:57
fr_packet_t::id
int id
Packet ID (used to link requests/responses).
Definition packet.h:60
fr_packet_t
Definition packet.h:56
fr_socket_t::af
int af
AF_INET, AF_INET6, or AF_UNIX.
Definition socket.h:78
fr_box_ipaddr
#define fr_box_ipaddr(_val)
Definition value.h:313
virtual_server_compile_s::section
section_name_t const * section
Identifier for the section.
Definition virtual_servers.h:103
COMPILE_TERMINATOR
#define COMPILE_TERMINATOR
Definition virtual_servers.h:113
virtual_server_compile_s
Processing sections which are allowed in this virtual server.
Definition virtual_servers.h:102
fr_vmps_packet_names
char const * fr_vmps_packet_names[FR_VMPS_CODE_MAX]
Definition vmps.c:75
FR_VMPS_DO_NOT_RESPOND
@ FR_VMPS_DO_NOT_RESPOND
Definition vmps.h:55
Generated by   doxygen 1.9.8