The FreeRADIUS server $Id: 15bac2a4c627c01d1aa2047687b3418955ac7f00 $
Loading...
Searching...
No Matches
base.c
Go to the documentation of this file.
1/*
2 * This library is free software; you can redistribute it and/or
3 * modify it under the terms of the GNU Lesser General Public
4 * License as published by the Free Software Foundation; either
5 * version 2.1 of the License, or (at your option) any later version.
6 *
7 * This library is distributed in the hope that it will be useful,
8 * but WITHOUT ANY WARRANTY; without even the implied warranty of
9 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
10 * Lesser General Public License for more details.
11 *
12 * You should have received a copy of the GNU Lesser General Public
13 * License along with this library; if not, write to the Free Software
14 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
15 */
16
17/**
18 * $Id: 1147d41d3af04d286891788b82baca5f2106cd0c $
19 *
20 * @file protocols/bfd/base.c
21 * @brief Functions to send/receive BFD packets.
22 *
23 * @copyright 2023 Network RADIUS SAS (legal@networkradius.com)
24 */
25
26RCSID("$Id: 1147d41d3af04d286891788b82baca5f2106cd0c $")
27
28#include <fcntl.h>
29#include <ctype.h>
30
31#include "attrs.h"
32
33#include <freeradius-devel/io/pair.h>
34#include <freeradius-devel/util/net.h>
35#include <freeradius-devel/util/proto.h>
36#include <freeradius-devel/util/udp.h>
37
38static uint32_t instance_count = 0;
39static bool instantiated = false;
40
41fr_dict_t const *dict_freeradius;
42fr_dict_t const *dict_bfd;
43
44extern fr_dict_autoload_t libfreeradius_bfd_dict[];
45fr_dict_autoload_t libfreeradius_bfd_dict[] = {
46 { .out = &dict_freeradius, .proto = "freeradius" },
47 { .out = &dict_bfd, .proto = "bfd" },
48 DICT_AUTOLOAD_TERMINATOR
49};
50
51fr_dict_attr_t const *attr_packet_type;
52fr_dict_attr_t const *attr_bfd_packet;
53fr_dict_attr_t const *attr_bfd_additional_data;
54
55extern fr_dict_attr_autoload_t libfreeradius_bfd_dict_attr[];
56fr_dict_attr_autoload_t libfreeradius_bfd_dict_attr[] = {
57 { .out = &attr_packet_type, .name = "Packet-Type", .type = FR_TYPE_UINT32, .dict = &dict_bfd },
58 { .out = &attr_bfd_packet, .name = "Packet", .type = FR_TYPE_STRUCT, .dict = &dict_bfd },
59 { .out = &attr_bfd_additional_data, .name = "Additional-Data", .type = FR_TYPE_GROUP, .dict = &dict_bfd },
60
61 DICT_AUTOLOAD_TERMINATOR
62};
63
64char const *fr_bfd_packet_names[FR_BFD_CODE_MAX] = {
65 "Admin-Down",
66 "Down",
67 "Init",
68 "Up",
69};
70
71fr_table_num_ordered_t const bfd_auth_type_table[] = {
72 { L("none"), BFD_AUTH_RESERVED },
73 { L("simple"), BFD_AUTH_SIMPLE },
74 { L("keyed-md5"), BFD_AUTH_KEYED_MD5 },
75 { L("met-keyed-md5"), BFD_AUTH_MET_KEYED_MD5 },
76 { L("keyed-sha1"), BFD_AUTH_KEYED_SHA1 },
77 { L("met-keyed-sha1"), BFD_AUTH_MET_KEYED_SHA1 },
78};
79size_t const bfd_auth_type_table_len = NUM_ELEMENTS(bfd_auth_type_table);
80
81/*
82 * Perform basic packet checks as per the first part of RFC 5880 Section 6.8.6.
83 */
84bool fr_bfd_packet_ok(char const **err, uint8_t const *packet, size_t packet_len)
85{
86 bfd_packet_t const *bfd;
87 char const *msg = NULL;
88
89 if (packet_len < FR_BFD_HEADER_LENGTH) {
90 msg = "Packet is too short to be BFD";
91 fail:
92 if (err) *err = msg;
93 return false;
94 }
95
96 bfd = (bfd_packet_t const *) packet;
97
98 /*
99 * If the version number is not correct (1), the packet MUST be
100 * discarded.
101 */
102 if (bfd->version != 1) {
103 msg = "Packet has wrong version - should be 1";
104 goto fail;
105 }
106
107 /*
108 * If the Length field is less than the minimum correct value (24 if
109 * the A bit is clear, or 26 if the A bit is set), the packet MUST be
110 * discarded.
111 */
112 if (bfd->length < FR_BFD_HEADER_LENGTH) {
113 msg = "Header length is too small";
114 goto fail;
115 }
116
117 /*
118 * If the Length field is greater than the payload of the
119 * encapsulating protocol, the packet MUST be discarded.
120 *
121 * Addendum: if the Length field is smaller than the
122 * received data, that's bad, too.
123 */
124 if (bfd->length > packet_len) {
125 msg = "Header length is not the same as the amount of data we read";
126 goto fail;
127 }
128
129 /*
130 * If the Length field is less than the minimum correct value (24 if
131 * the A bit is clear, or 26 if the A bit is set), the packet MUST be
132 * discarded.
133 *
134 * Addendum: if the Length field is not equal to 24 plus Auth-Len field,
135 * then the packet is discarded.
136 */
137 if (bfd->auth_present) {
138 if (bfd->length < (FR_BFD_HEADER_LENGTH + 2)) { /* auth-type and auth-len */
139 msg = "Header length is not enough for auth-type and auth-len";
140 goto fail;
141 }
142
143 if (bfd->length != FR_BFD_HEADER_LENGTH + bfd->auth.basic.auth_len) {
144 msg = "Header length mismatch with auth-len and amount of received data";
145 goto fail;
146
147 }
148
149 switch (bfd->auth.basic.auth_type) {
150 case BFD_AUTH_SIMPLE:
151 if ((bfd->auth.basic.auth_len < (3 + 1)) || (bfd->auth.basic.auth_len > (3 + 16))) {
152 msg = "Auth-Type Simple has invalid value for password length";
153 goto fail;
154 }
155 break;
156
157 case BFD_AUTH_KEYED_MD5:
158 case BFD_AUTH_MET_KEYED_MD5:
159 if (bfd->auth.basic.auth_len != 24) {
160 msg = "Auth-Type MD5 has invalid value for digest length";
161 goto fail;
162 }
163 break;
164
165 case BFD_AUTH_KEYED_SHA1:
166 case BFD_AUTH_MET_KEYED_SHA1:
167 if (bfd->auth.basic.auth_len != 28) {
168 msg = "Auth-Type SHA1 has invalid value for digest length";
169 goto fail;
170 }
171 break;
172
173 default:
174 msg = "Invalid Auth-Type";
175 goto fail;
176 }
177 }
178
179 /*
180 * If the Detect Mult field is zero, the packet MUST be discarded.
181 */
182 if (bfd->detect_multi == 0) {
183 msg = "Packet has invalid detect-multi == 0";
184 goto fail;
185 }
186
187 /*
188 * If the Multipoint (M) bit is nonzero, the packet MUST be
189 * discarded.
190 */
191 if (bfd->multipoint != 0) {
192 msg = "Packet has invalid multipoint != 0";
193 goto fail;
194 }
195
196 /*
197 * If the My Discriminator field is zero, the packet MUST be
198 * discarded.
199 */
200 if (bfd->my_disc == 0) {
201 msg = "Packet has invalid my-discriminator == 0";
202 goto fail;
203 }
204
205 /*
206 * If the Your Discriminator field is zero and the State field is not
207 * Down or AdminDown, the packet MUST be discarded.
208 */
209 if ((bfd->your_disc == 0) &&
210 !((bfd->state == BFD_STATE_DOWN) ||
211 (bfd->state == BFD_STATE_ADMIN_DOWN))) {
212 msg = "Packet has your-discrimator==0, but state is not down or admin-down";
213 goto fail;
214 }
215
216 if (err) *err = NULL;
217 return true;
218}
219
220
221
222int fr_bfd_global_init(void)
223{
224 if (instance_count > 0) {
225 instance_count++;
226 return 0;
227 }
228
229 instance_count++;
230
231 if (fr_dict_autoload(libfreeradius_bfd_dict) < 0) {
232 fail:
233 instance_count--;
234 return -1;
235 }
236
237 if (fr_dict_attr_autoload(libfreeradius_bfd_dict_attr) < 0) {
238 fr_dict_autofree(libfreeradius_bfd_dict);
239 goto fail;
240 }
241
242 instantiated = true;
243
244 return 0;
245}
246
247void fr_bfd_global_free(void)
248{
249 if (!instantiated) return;
250
251 if (--instance_count > 0) return;
252
253 fr_dict_autofree(libfreeradius_bfd_dict);
254
255 instantiated = false;
256}
257
258extern fr_dict_protocol_t libfreeradius_bfd_dict_protocol;
259fr_dict_protocol_t libfreeradius_bfd_dict_protocol = {
260 .name = "bfd",
261 .default_type_size = 1,
262 .default_type_length = 1,
263
264 .init = fr_bfd_global_init,
265 .free = fr_bfd_global_free,
266};
msg
log_entry msg
Definition acutest.h:796
BFD_AUTH_MET_KEYED_MD5
@ BFD_AUTH_MET_KEYED_MD5
Definition bfd.h:56
BFD_AUTH_MET_KEYED_SHA1
@ BFD_AUTH_MET_KEYED_SHA1
Definition bfd.h:58
BFD_AUTH_SIMPLE
@ BFD_AUTH_SIMPLE
Definition bfd.h:54
BFD_AUTH_KEYED_SHA1
@ BFD_AUTH_KEYED_SHA1
Definition bfd.h:57
BFD_AUTH_KEYED_MD5
@ BFD_AUTH_KEYED_MD5
Definition bfd.h:55
BFD_AUTH_RESERVED
@ BFD_AUTH_RESERVED
Definition bfd.h:53
FR_BFD_HEADER_LENGTH
#define FR_BFD_HEADER_LENGTH
Definition bfd.h:141
FR_BFD_CODE_MAX
#define FR_BFD_CODE_MAX
Definition bfd.h:149
BFD_STATE_DOWN
@ BFD_STATE_DOWN
Definition bfd.h:35
BFD_STATE_ADMIN_DOWN
@ BFD_STATE_ADMIN_DOWN
Definition bfd.h:34
RCSID
#define RCSID(id)
Definition build.h:485
L
#define L(_str)
Helper for initialising arrays of string literals.
Definition build.h:209
NUM_ELEMENTS
#define NUM_ELEMENTS(_t)
Definition build.h:339
fr_dict_autofree
#define fr_dict_autofree(_to_free)
Definition dict.h:902
err
static fr_slen_t err
Definition dict.h:871
fr_dict_attr_autoload_t::out
fr_dict_attr_t const ** out
Where to write a pointer to the resolved fr_dict_attr_t.
Definition dict.h:294
fr_dict_autoload_t::out
fr_dict_t const ** out
Where to write a pointer to the loaded/resolved fr_dict_t.
Definition dict.h:307
fr_dict_attr_autoload
int fr_dict_attr_autoload(fr_dict_attr_autoload_t const *to_load)
Process a dict_attr_autoload element to load/verify a dictionary attribute.
Definition dict_util.c:4340
fr_dict_autoload
#define fr_dict_autoload(_to_load)
Definition dict.h:899
DICT_AUTOLOAD_TERMINATOR
#define DICT_AUTOLOAD_TERMINATOR
Definition dict.h:313
fr_dict_protocol_t::name
char const * name
name of this protocol
Definition dict.h:458
fr_dict_attr_autoload_t
Specifies an attribute which must be present for the module to function.
Definition dict.h:293
fr_dict_autoload_t
Specifies a dictionary which must be loaded/loadable for the module to function.
Definition dict.h:306
fr_dict_protocol_t
Protocol-specific callbacks in libfreeradius-PROTOCOL.
Definition dict.h:457
dict_freeradius
static fr_dict_t const * dict_freeradius
Definition base.c:37
attr_packet_type
fr_dict_attr_t const * attr_packet_type
Definition base.c:93
instance_count
static uint32_t instance_count
Definition base.c:44
FR_TYPE_UINT32
@ FR_TYPE_UINT32
32 Bit unsigned integer.
Definition merged_model.c:99
FR_TYPE_STRUCT
@ FR_TYPE_STRUCT
like TLV, but without T or L, and fixed-width children
Definition merged_model.c:119
FR_TYPE_GROUP
@ FR_TYPE_GROUP
A grouping of other attributes.
Definition merged_model.c:124
uint32_t
unsigned int uint32_t
Definition merged_model.c:33
uint8_t
unsigned char uint8_t
Definition merged_model.c:30
fr_dict_attr_t
Definition merged_model.c:133
fr_dict_t
Definition merged_model.c:198
attr_bfd_packet
static fr_dict_attr_t const * attr_bfd_packet
Definition base.c:38
dict_bfd
static fr_dict_t const * dict_bfd
Definition base.c:29
libfreeradius_bfd_dict_attr
fr_dict_attr_autoload_t libfreeradius_bfd_dict_attr[]
Definition base.c:56
fr_bfd_packet_names
char const * fr_bfd_packet_names[FR_BFD_CODE_MAX]
Definition base.c:64
fr_bfd_global_init
int fr_bfd_global_init(void)
Definition base.c:222
fr_bfd_global_free
void fr_bfd_global_free(void)
Definition base.c:247
instantiated
static bool instantiated
Definition base.c:39
bfd_auth_type_table_len
size_t const bfd_auth_type_table_len
Definition base.c:79
attr_bfd_additional_data
fr_dict_attr_t const * attr_bfd_additional_data
Definition base.c:53
libfreeradius_bfd_dict_protocol
fr_dict_protocol_t libfreeradius_bfd_dict_protocol
Definition base.c:259
bfd_auth_type_table
fr_table_num_ordered_t const bfd_auth_type_table[]
Definition base.c:71
fr_bfd_packet_ok
bool fr_bfd_packet_ok(char const **err, uint8_t const *packet, size_t packet_len)
Definition base.c:84
libfreeradius_bfd_dict
fr_dict_autoload_t libfreeradius_bfd_dict[]
Definition base.c:45
attrs.h
VQP attributes.
fr_table_num_ordered_t
An element in an arbitrarily ordered array of name to num mappings.
Definition table.h:57
Generated by   doxygen 1.9.8