The FreeRADIUS server $Id: 15bac2a4c627c01d1aa2047687b3418955ac7f00 $
Loading...
Searching...
No Matches
decode.c
Go to the documentation of this file.
1/*
2 * This library is free software; you can redistribute it and/or
3 * modify it under the terms of the GNU Lesser General Public
4 * License as published by the Free Software Foundation; either
5 * version 2.1 of the License, or (at your option) any later version.
6 *
7 * This library is distributed in the hope that it will be useful,
8 * but WITHOUT ANY WARRANTY; without even the implied warranty of
9 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
10 * Lesser General Public License for more details.
11 *
12 * You should have received a copy of the GNU Lesser General Public
13 * License along with this library; if not, write to the Free Software
14 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
15 */
16
17/**
18 * $Id: 9f798a0484cadc63100c17a927924ab1c02db083 $
19 *
20 * @file protocols/dhcpv4/decode.c
21 * @brief Functions to decode DHCP options.
22 *
23 * @copyright 2008,2017 The FreeRADIUS server project
24 * @copyright 2008 Alan DeKok (aland@deployingradius.com)
25 * @copyright 2015,2017 Arran Cudbard-Bell (a.cudbardb@freeradius.org)
26 */
27#include <freeradius-devel/io/test_point.h>
28#include <freeradius-devel/util/proto.h>
29#include <freeradius-devel/util/struct.h>
30#include <freeradius-devel/util/dns.h>
31
32#include "dhcpv4.h"
33#include "attrs.h"
34
35static _Thread_local uint8_t concat_buffer[1500]; /* ethernet max */
36
37static ssize_t decode_option(TALLOC_CTX *ctx, fr_pair_list_t *out,
38 fr_dict_attr_t const *parent,
39 uint8_t const *data, size_t const data_len, void *decode_ctx);
40
41static bool verify_tlvs(uint8_t const *data, size_t data_len)
42{
43 uint8_t const *p = data;
44 uint8_t const *end = data + data_len;
45
46 while (p < end) {
47 if ((end - p) < 2) return false;
48
49 if ((p + p[1]) > end) return false;
50
51 p += 2 + p[1];
52 }
53
54 return true;
55}
56
57static ssize_t decode_tlv_trampoline(TALLOC_CTX *ctx, fr_pair_list_t *out,
58 fr_dict_attr_t const *parent,
59 uint8_t const *data, size_t const data_len, void *decode_ctx)
60{
61 return fr_pair_tlvs_from_network(ctx, out, parent, data, data_len, decode_ctx, decode_option, verify_tlvs, true);
62}
63
64static ssize_t decode_value(TALLOC_CTX *ctx, fr_pair_list_t *out, fr_dict_attr_t const *parent,
65 uint8_t const *data, size_t data_len, void *decode_ctx);
66
67/** Handle arrays of DNS labels for fr_struct_from_network()
68 *
69 */
70static ssize_t decode_value_trampoline(TALLOC_CTX *ctx, fr_pair_list_t *out,
71 fr_dict_attr_t const *parent,
72 uint8_t const *data, size_t const data_len, void *decode_ctx)
73{
74 FR_PROTO_TRACE("decode_value_trampoline of %s with %zu bytes", parent->name, data_len);
75
76 /*
77 * @todo - we might need to limit this to only one DNS label.
78 */
79 if ((parent->type == FR_TYPE_STRING) && fr_dhcpv4_flag_dns_label(parent)) {
80 return fr_pair_dns_labels_from_network(ctx, out, parent, data, data, data_len, NULL, false);
81 }
82
83 return decode_value(ctx, out, parent, data, data_len, decode_ctx);
84}
85
86/*
87 * Decode ONE value into a VP
88 */
89static ssize_t decode_value(TALLOC_CTX *ctx, fr_pair_list_t *out, fr_dict_attr_t const *da,
90 uint8_t const *data, size_t data_len, void *decode_ctx)
91{
92 ssize_t slen;
93 fr_pair_t *vp;
94 uint8_t const *p = data;
95 uint8_t const *end = data + data_len;
96 bool exact = !da->flags.array;
97
98 FR_PROTO_TRACE("%s called to parse %zu bytes from %s", __FUNCTION__, data_len, da->name);
99 FR_PROTO_HEX_DUMP(data, data_len, NULL);
100
101 /*
102 * Structs create their own VP wrapper.
103 */
104 if (da->type == FR_TYPE_STRUCT) {
105 slen = fr_struct_from_network(ctx, out, da, data, data_len,
106 decode_ctx, decode_value_trampoline, decode_tlv_trampoline);
107 if (slen < 0) return slen;
108
109 if (!exact) return slen;
110
111 return data_len;
112 }
113
114 /*
115 * These are always raw.
116 */
117 if (da->flags.is_unknown) {
118 return fr_pair_raw_from_network(ctx, out, da, data, data_len);
119 }
120
121 vp = fr_pair_afrom_da(ctx, da);
122 if (!vp) return PAIR_DECODE_OOM;
123
124 /*
125 * string / octets / bool can be empty. Other data types are
126 * raw if they're empty.
127 */
128 if (data_len == 0) {
129 if (da->type == FR_TYPE_BOOL) {
130 vp->vp_bool = true;
131 goto finish;
132 }
133
134 if ((da->type == FR_TYPE_OCTETS) || (da->type == FR_TYPE_STRING)) {
135 goto finish;
136 }
137
138 talloc_free(vp);
139 return fr_pair_raw_from_network(ctx, out, da, data, 0);
140 }
141
142 switch (vp->vp_type) {
143 case FR_TYPE_ATTR:
144 /*
145 * Force the length of the data to be one,
146 * otherwise the "from network" call complains.
147 * Because we pass in the enumv as the _parent_
148 * and not the da. The da is marked as "array",
149 * but the parent is not.
150 */
151 end = p + 1;
152
153 fr_assert(da->parent->flags.is_root);
154
155 slen = fr_value_box_from_network(vp, &vp->data, vp->vp_type, da->parent,
156 &FR_DBUFF_TMP(p, end - p), end - p, true);
157 if (slen <= 0) goto raw;
158
159 p++;
160 break;
161
162 /*
163 * Doesn't include scope, whereas the generic format can
164 */
165 case FR_TYPE_IPV6_ADDR:
166 if ((size_t) (end - p) < sizeof(vp->vp_ipv6addr)) goto raw;
167
168 if (exact && ((size_t) (end - p) > sizeof(vp->vp_ipv6addr))) goto raw;
169
170 memcpy(&vp->vp_ipv6addr, p, sizeof(vp->vp_ipv6addr));
171 vp->vp_ip.af = AF_INET6;
172 vp->vp_ip.scope_id = 0;
173 vp->vp_ip.prefix = 128;
174 vp->vp_tainted = true;
175 p += sizeof(vp->vp_ipv6addr);
176 break;
177
178 case FR_TYPE_IPV6_PREFIX:
179 if ((size_t) (end - (p + 1)) < sizeof(vp->vp_ipv6addr)) goto raw;
180
181 if (exact && ((size_t) (end - p) > sizeof(vp->vp_ipv6addr))) goto raw;
182
183 memcpy(&vp->vp_ipv6addr, p + 1, sizeof(vp->vp_ipv6addr));
184 vp->vp_ip.af = AF_INET6;
185 vp->vp_ip.scope_id = 0;
186 vp->vp_ip.prefix = p[0];
187 vp->vp_tainted = true;
188 p += sizeof(vp->vp_ipv6addr) + 1;
189 break;
190
191 case FR_TYPE_STRUCTURAL:
192 fr_strerror_printf("Cannot decode type '%s' as value", fr_type_to_str(vp->vp_type));
193 talloc_free(vp);
194 return 0;
195
196 case FR_TYPE_IPV4_PREFIX:
197 fr_value_box_init(&vp->data, FR_TYPE_IPV4_PREFIX, vp->da, true);
198 vp->vp_ip.af = AF_INET;
199
200 /*
201 * 4 octets of address
202 * 4 octets of mask
203 */
204 if (fr_dhcpv4_flag_prefix_split(da)) {
205 uint32_t ipaddr, mask;
206
207 if (data_len < 8) goto raw;
208
209 ipaddr = fr_nbo_to_uint32(p);
210 mask = fr_nbo_to_uint32(p + 4);
211 p += 8;
212
213 /*
214 * 0/0 means a prefix of 0, too.
215 */
216 if (!mask) {
217 break;
218 }
219
220 /*
221 * Try to figure out the prefix value from the mask.
222 */
223 while (mask) {
224 vp->vp_ip.prefix++;
225 mask <<= 1;
226 }
227
228 /*
229 * Mash the IP based on the calculated mask. We don't really care if the mask
230 * has holes, or if the IP address overlaps with the mask. We just fix it all up
231 * so it's sane.
232 */
233 mask = ~(uint32_t) 0;
234 mask <<= (32 - vp->vp_ip.prefix);
235
236 vp->vp_ipv4addr = htonl(ipaddr & mask);
237 break;
238 }
239
240 if (fr_dhcpv4_flag_prefix_bits(vp->da)) {
241 size_t needs;
242
243 if ((data_len == 0) || (*p > 32)) goto raw;
244
245 needs = 1 + ((*p + 0x07) >> 3);
246 if (data_len < needs) goto raw;
247
248 /*
249 * Don't do exact checks here, as the content is variable-sized.
250 */
251
252 vp->vp_ip.prefix = *p;
253
254 /*
255 * If the IP address is longer than necessary, then only grab the pieces we need.
256 */
257 if (vp->vp_ip.prefix) {
258 uint32_t ipaddr, mask;
259
260 mask = ~(uint32_t) 0;
261 mask <<= (32 - vp->vp_ip.prefix);
262
263 if (*p > 24) {
264 ipaddr = fr_nbo_to_uint32(p + 1);
265
266 } else if (*p > 16) {
267 ipaddr = fr_nbo_to_uint24(p + 1);
268 ipaddr <<= 8;
269
270 } else if (*p > 8) {
271 ipaddr = fr_nbo_to_uint16(p + 1);
272 ipaddr <<= 16;
273
274 } else { /* 1..8 */
275 ipaddr = p[1];
276 ipaddr <<= 24;
277 }
278
279 vp->vp_ipv4addr = htonl(ipaddr & mask);
280 } /* else *p==0, and we leave ipaddr set to zero */
281
282 p += needs;
283 break;
284 }
285
286 FALL_THROUGH;
287
288 default:
289 slen = fr_value_box_from_network(vp, &vp->data, vp->vp_type, da,
290 &FR_DBUFF_TMP(p, end - p), end - p, true);
291 if (slen < 0) {
292 raw:
293 FR_PROTO_TRACE("decoding as unknown type");
294 if (fr_pair_raw_afrom_pair(vp, p, (end - p)) < 0) {
295 return -1;
296 }
297 p = end;
298 break;
299 }
300
301 if (exact && (slen != (end - p))) {
302 goto raw;
303 }
304
305 p += (size_t) slen;
306 break;
307 }
308
309finish:
310 FR_PROTO_TRACE("decoding value complete, adding new pair and returning %zu byte(s)", (size_t) (p - data));
311 fr_pair_append(out, vp);
312
313 return p - data;
314}
315
316/** RFC 4243 Vendor Specific Suboptions
317 *
318 * Vendor specific suboptions are in the format.
319 @verbatim
320 0 1 2 3
321 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
322 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
323 | Enterprise Number 0 |
324 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
325 | Len 0 | /
326 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
327 / Suboption Data 0 /
328 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
329 | Enterprise Number n |
330 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
331 | Len n | /
332 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
333 / Suboption Data n /
334 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
335 @endverbatim
336 *
337 * So although the vendor is identified, the format of the data isn't
338 * specified so we can't actually resolve the suboption to an
339 * attribute. For now, we just convert it to an attribute of
340 * Vendor-Specific-Information with raw octets contents.
341 */
342
343
344/*
345 * One VSA option may contain multiple vendors, each vendor
346 * may contain one or more sub-options.
347 *
348 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
349 * | option-code | option-len |
350 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
351 * | enterprise-number1 |
352 * | |
353 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
354 * | data-len1 | |
355 * +-+-+-+-+-+-+-+-+ option-data1 |
356 * / /
357 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ ----
358 * | enterprise-number2 | ^
359 * | | |
360 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
361 * | data-len2 | | optional
362 * +-+-+-+-+-+-+-+-+ option-data2 | |
363 * / / |
364 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
365 * ~ ... ~ V
366 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ ----
367 */
368static ssize_t decode_vsa(TALLOC_CTX *ctx, fr_pair_list_t *out, fr_dict_attr_t const *parent,
369 uint8_t const *data, size_t const data_len, void *decode_ctx)
370{
371 ssize_t len;
372 uint8_t option_len;
373 uint32_t pen;
374 fr_pair_t *vp;
375 fr_dict_attr_t const *vendor;
376 uint8_t const *end = data + data_len;
377 uint8_t const *p = data;
378
379 FR_PROTO_HEX_DUMP(data, data_len, "decode_vsa");
380
381 if (!fr_cond_assert_msg(parent->type == FR_TYPE_VSA,
382 "%s: Internal sanity check failed, attribute \"%s\" is not of type 'vsa'",
383 __FUNCTION__, parent->name)) return PAIR_DECODE_FATAL_ERROR;
384
385next:
386 /*
387 * We need at least 4 (PEN) + 1 (data-len) + 1 (vendor option num) to be able to decode vendor
388 * specific attributes. If we don't have that, then we return an error. The caller will free
389 * the VSA, and create a "raw.VSA" attribute.
390 */
391 if ((size_t)(end - p) < (sizeof(uint32_t) + 1 + 1)) {
392 return -1;
393 }
394
395 pen = fr_nbo_to_uint32(p);
396
397 /*
398 * Verify that the parent (which should be a VSA)
399 * contains a fake attribute representing the vendor.
400 *
401 * If it doesn't then this vendor is unknown, but we know
402 * vendor attributes have a standard format, so we can
403 * decode the data anyway.
404 */
405 vendor = fr_dict_attr_child_by_num(parent, pen);
406 if (!vendor) {
407 fr_dict_attr_t *n;
408
409 n = fr_dict_attr_unknown_vendor_afrom_num(ctx, parent, pen);
410 if (!n) return PAIR_DECODE_OOM;
411 vendor = n;
412 }
413 p += sizeof(uint32_t);
414
415 FR_PROTO_TRACE("decode context %s -> %s", parent->name, vendor->name);
416
417 option_len = p[0];
418 if ((p + 1 + option_len) > end) {
419 len = fr_pair_raw_from_network(ctx, out, vendor, p, end - p);
420 if (len < 0) return len;
421
422 return data_len + 2; /* decoded the whole thing */
423 }
424 p++;
425
426 /*
427 * Pathological case of no data.
428 */
429 if (option_len == 0) goto next;
430
431 vp = fr_pair_find_by_da(out, NULL, vendor);
432 if (!vp) {
433 vp = fr_pair_afrom_da(ctx, vendor);
434 if (!vp) return PAIR_DECODE_FATAL_ERROR;
435
436 fr_pair_append(out, vp);
437 }
438
439 len = fr_pair_tlvs_from_network(vp, &vp->vp_group, vendor, p, option_len, decode_ctx, decode_option, verify_tlvs, false);
440 if (len < 0) return len;
441
442 p += option_len;
443 if (p < end) goto next;
444
445 /*
446 * Tell the caller we read all of it, even if we didn't.
447 */
448 return data_len + 2;
449}
450
451
452static ssize_t decode_option(TALLOC_CTX *ctx, fr_pair_list_t *out,
453 fr_dict_attr_t const *parent,
454 uint8_t const *data, size_t const data_len, void *decode_ctx)
455{
456 unsigned int option;
457 size_t len;
458 ssize_t slen;
459 fr_dict_attr_t const *da;
460 fr_dhcpv4_ctx_t *packet_ctx = decode_ctx;
461
462#ifdef STATIC_ANALYZER
463 if (!packet_ctx || !packet_ctx->tmp_ctx) return PAIR_DECODE_FATAL_ERROR;
464#endif
465
466 fr_assert(parent != NULL);
467
468 /*
469 * RFC 3046 is very specific about not allowing termination
470 * with a 255 sub-option. But it's required for decoding
471 * option 43, and vendors will probably screw it up
472 * anyway.
473 *
474 * Similarly, option 0 is sometimes treated as
475 * "end of options".
476 *
477 * @todo - this check is likely correct only when at the
478 * dhcpv4 root, OR inside of option 43. It could be
479 * argued that it's wrong for all other TLVs.
480 */
481 if ((data_len == 1) && ((data[0] == 0) || (data[1] == 255))) return data_len;
482
483 /*
484 * Must have at least an option header.
485 */
486 if (data_len < 2) {
487 fr_strerror_printf("%s: Insufficient data", __FUNCTION__);
488 return -(data_len);
489 }
490
491 option = data[0];
492 len = data[1];
493 if (len > (data_len - 2)) {
494 fr_strerror_printf("%s: Option overflows input. "
495 "Optional length must be less than %zu bytes, got %zu bytes",
496 __FUNCTION__, data_len - 2, len);
497 return PAIR_DECODE_FATAL_ERROR;
498 }
499
500 da = fr_dict_attr_child_by_num(parent, option);
501 if (!da) {
502 da = fr_dict_attr_unknown_raw_afrom_num(packet_ctx->tmp_ctx, parent, option);
503 if (!da) return PAIR_DECODE_OOM;
504
505 slen = fr_pair_raw_from_network(ctx, out, da, data + 2, len);
506
507 } else if ((da->type == FR_TYPE_STRING) && fr_dhcpv4_flag_dns_label(da)) {
508 slen = fr_pair_dns_labels_from_network(ctx, out, da, data + 2, data + 2, len, NULL, true);
509
510 } else if (da->flags.array) {
511 slen = fr_pair_array_from_network(ctx, out, da, data + 2, len, decode_ctx, decode_value);
512
513 } else if (da->type == FR_TYPE_VSA) {
514 bool append = false;
515 fr_pair_t *vp;
516
517 vp = fr_pair_find_by_da(out, NULL, da);
518 if (!vp) {
519 vp = fr_pair_afrom_da(ctx, da);
520 if (!vp) return PAIR_DECODE_FATAL_ERROR;
521
522 append = true;
523 }
524
525 slen = decode_vsa(vp, &vp->vp_group, da, data + 2, len, decode_ctx);
526 if (append) {
527 if (slen < 0) {
528 TALLOC_FREE(vp);
529 } else {
530 fr_pair_append(out, vp);
531 }
532 }
533
534 } else if (da->type == FR_TYPE_TLV) {
535 slen = fr_pair_tlvs_from_network(ctx, out, da, data + 2, len, decode_ctx, decode_option, verify_tlvs, true);
536
537 } else {
538 slen = decode_value(ctx, out, da, data + 2, len, decode_ctx);
539 }
540
541 if (slen < 0) {
542 slen = fr_pair_raw_from_network(ctx, out, da, data + 2, len);
543 if (slen < 0) return slen;
544 }
545
546 return len + 2;
547}
548
549/** Decode DHCP option
550 *
551 * @param[in] ctx context to alloc new attributes in.
552 * @param[out] out Where to write the decoded options.
553 * @param[in] data to parse.
554 * @param[in] data_len of data to parse.
555 * @param[in] decode_ctx Unused.
556 */
557ssize_t fr_dhcpv4_decode_option(TALLOC_CTX *ctx, fr_pair_list_t *out,
558 uint8_t const *data, size_t data_len, void *decode_ctx)
559{
560 ssize_t slen;
561 uint8_t const *p = data, *end = data + data_len;
562 uint8_t const *next;
563 fr_dhcpv4_ctx_t *packet_ctx = decode_ctx;
564
565 FR_PROTO_TRACE("%s called to parse %zu byte(s)", __FUNCTION__, data_len);
566
567 if (data_len == 0) return 0;
568
569 FR_PROTO_HEX_DUMP(data, data_len, NULL);
570
571 /*
572 * Padding / End of options
573 */
574 if (p[0] == 0) { /* 0x00 - Padding option */
575 data_len = 1; /* Walk over any consecutive 0x00 */
576 p++; /* for efficiency */
577 while ((p < end) && (p[0] == 0)) {
578 p++;
579 data_len ++;
580 }
581 return data_len;
582 }
583 if (p[0] == 255) return data_len; /* 0xff - End of options signifier */
584
585 /*
586 * Everything else should be real options
587 */
588 if ((data_len < 2) || ((size_t) (data[1] + 2) > data_len)) {
589 fr_strerror_printf("%s: Insufficient data", __FUNCTION__);
590 return -1;
591 }
592
593 /*
594 * Check for multiple options of the same type, and concatenate their values together.
595 *
596 * RFC 2131 Section 4.1 says:
597 *
598 * The client concatenates the values of multiple
599 * instances of the same option into a single parameter
600 * list for configuration.
601 *
602 * which presumably also means the same for the server on reception.
603 *
604 * We therefore peek ahead, and concatenate the values into a temporary buffer. The buffer is
605 * allocated only if necessary, and is re-used for the entire packet.
606 *
607 * If the options are *not* consecutive, then we don't concatenate them. Too bad for you!
608 *
609 * Note that we don't (yet) do this for TLVs.
610 */
611 next = data + 2 + data[1];
612 if ((data[1] > 0) && (next < end) && (next[0] == data[0])) {
613 uint8_t *q;
614 fr_dict_attr_t const *da;
615
616 q = concat_buffer;
617
618 for (next = data; next < end; next += 2 + next[1]) {
619 if ((end - next) < 2) return -1;
620 if (next[0] != data[0]) break;
621 if ((next + 2 + next[1]) > end) return -1;
622
623 if ((size_t) (q + next[1] - concat_buffer) > sizeof(concat_buffer)) return -1;
624
625 memcpy(q, next + 2, next[1]);
626 q += next[1];
627 }
628
629 if (q == concat_buffer) return 0;
630
631 da = fr_dict_attr_child_by_num(fr_dict_root(dict_dhcpv4), p[0]);
632 if (!da) {
633 da = fr_dict_attr_unknown_raw_afrom_num(packet_ctx->tmp_ctx, fr_dict_root(dict_dhcpv4), p[0]);
634 if (!da) return -1;
635
636 slen = fr_pair_raw_from_network(ctx, out, da, concat_buffer, q - concat_buffer);
637
638 } else if (da->type == FR_TYPE_VSA) {
639 slen = decode_vsa(ctx, out, da, concat_buffer, q - concat_buffer, packet_ctx);
640
641 } else if (da->type == FR_TYPE_TLV) {
642 slen = fr_pair_tlvs_from_network(ctx, out, da, concat_buffer, q - concat_buffer,
643 packet_ctx, decode_option, verify_tlvs, true);
644
645 } else if (da->flags.array) {
646 slen = fr_pair_array_from_network(ctx, out, da, concat_buffer, q - concat_buffer, packet_ctx, decode_value);
647
648 } else {
649 slen = decode_value(ctx, out, da, concat_buffer, q - concat_buffer, packet_ctx);
650 }
651 if (slen < 0) return slen;
652
653 /*
654 * The actual amount of data we decoded, including the various headers.
655 */
656 FR_PROTO_TRACE("decoding option complete, %zd decoded, returning %zu byte(s)", slen, (size_t) (next - data));
657 return next - data;
658 }
659
660 slen = decode_option(ctx, out, fr_dict_root(dict_dhcpv4), data, data[1] + 2, decode_ctx);
661 if (slen < 0) return slen;
662
663 FR_PROTO_TRACE("decoding option complete, %zd decoded, returning %u byte(s)", slen, (unsigned int) data[1] + 2);
664 return data[1] + 2;
665}
666
667ssize_t fr_dhcpv4_decode_foreign(TALLOC_CTX *ctx, fr_pair_list_t *out,
668 uint8_t const *data, size_t data_len)
669{
670 ssize_t slen;
671 uint8_t const *attr, *end;
672
673 fr_dhcpv4_ctx_t decode_ctx = {};
674
675 fr_assert(dict_dhcpv4 != NULL);
676
677 decode_ctx.tmp_ctx = talloc(ctx, uint8_t);
678
679 attr = data;
680 end = data + data_len;
681
682 while (attr < end) {
683 slen = fr_dhcpv4_decode_option(ctx, out, attr, (end - attr), &decode_ctx);
684 if (slen < 0) {
685 talloc_free(decode_ctx.tmp_ctx);
686 return slen;
687 }
688
689 /*
690 * If slen is larger than the room in the packet,
691 * all kinds of bad things happen.
692 */
693 if (!fr_cond_assert(slen <= (end - attr))) {
694 talloc_free(decode_ctx.tmp_ctx);
695 return -slen - (attr - data);
696 }
697
698 attr += slen;
699 talloc_free_children(decode_ctx.tmp_ctx);
700 }
701
702 talloc_free(decode_ctx.tmp_ctx);
703 return data_len;
704}
705
706
707static int decode_test_ctx(void **out, TALLOC_CTX *ctx, UNUSED fr_dict_t const *dict)
708{
709 fr_dhcpv4_ctx_t *test_ctx;
710
711 test_ctx = talloc_zero(ctx, fr_dhcpv4_ctx_t);
712 test_ctx->tmp_ctx = talloc(test_ctx, uint8_t);
713
714 *out = test_ctx;
715
716 return 0;
717}
718
719
720static ssize_t fr_dhcpv4_decode_proto(TALLOC_CTX *ctx, fr_pair_list_t *out,
721 uint8_t const *data, size_t data_len, UNUSED void *proto_ctx)
722{
723 unsigned int code;
724
725 if (!fr_dhcpv4_ok(data, data_len, NULL, NULL)) return -1;
726
727 if (fr_dhcpv4_decode(ctx, out, data, data_len, &code) < 0) return -1;
728
729 return data_len;
730}
731
732static ssize_t decode_option_wrapper(TALLOC_CTX *ctx, fr_pair_list_t *out, NDEBUG_UNUSED fr_dict_attr_t const *parent,
733 uint8_t const *data, size_t data_len, void *decode_ctx)
734{
735 fr_assert(parent == fr_dict_root(dict_dhcpv4));
736
737 return fr_dhcpv4_decode_option(ctx, out, data, data_len, decode_ctx);
738}
739
740/*
741 * Test points
742 */
743extern fr_test_point_pair_decode_t dhcpv4_tp_decode_pair;
748
749extern fr_test_point_proto_decode_t dhcpv4_tp_decode_proto;
n
int n
Definition acutest.h:577
NDEBUG_UNUSED
#define NDEBUG_UNUSED
Definition build.h:328
FALL_THROUGH
#define FALL_THROUGH
clang 10 doesn't recognised the FALL-THROUGH comment anymore
Definition build.h:324
UNUSED
#define UNUSED
Definition build.h:317
FR_DBUFF_TMP
#define FR_DBUFF_TMP(_start, _len_or_end)
Creates a compound literal to pass into functions which accept a dbuff.
Definition dbuff.h:514
fr_cond_assert
#define fr_cond_assert(_x)
Calls panic_action ifndef NDEBUG, else logs error and evaluates to value of _x.
Definition debug.h:131
fr_cond_assert_msg
#define fr_cond_assert_msg(_x, _fmt,...)
Calls panic_action ifndef NDEBUG, else logs error and evaluates to value of _x.
Definition debug.h:148
dict_dhcpv4
static fr_dict_t const * dict_dhcpv4
Definition dhcpclient.c:80
dhcpv4.h
Implementation of the DHCPv4 protocol.
fr_dhcpv4_ctx_t::tmp_ctx
TALLOC_CTX * tmp_ctx
for temporary things cleaned up during decoding
Definition dhcpv4.h:136
fr_dhcpv4_flag_prefix_bits
#define fr_dhcpv4_flag_prefix_bits(_da)
Definition dhcpv4.h:161
fr_dhcpv4_flag_dns_label
#define fr_dhcpv4_flag_dns_label(_da)
Definition dhcpv4.h:157
fr_dhcpv4_flag_prefix_split
#define fr_dhcpv4_flag_prefix_split(_da)
Definition dhcpv4.h:162
fr_dhcpv4_decode
int fr_dhcpv4_decode(TALLOC_CTX *ctx, fr_pair_list_t *out, uint8_t const *data, size_t data_len, unsigned int *code)
Definition packet.c:119
fr_dhcpv4_ctx_t
Used as the decoder ctx.
Definition dhcpv4.h:134
fr_dict_attr_unknown_vendor_afrom_num
static fr_dict_attr_t * fr_dict_attr_unknown_vendor_afrom_num(TALLOC_CTX *ctx, fr_dict_attr_t const *parent, unsigned int vendor)
Definition dict.h:585
fr_dict_attr_unknown_raw_afrom_num
static fr_dict_attr_t * fr_dict_attr_unknown_raw_afrom_num(TALLOC_CTX *ctx, fr_dict_attr_t const *parent, unsigned int attr)
Definition dict.h:592
fr_dict_root
fr_dict_attr_t const * fr_dict_root(fr_dict_t const *dict)
Return the root attribute of a dictionary.
Definition dict_util.c:2475
fr_dict_attr_child_by_num
fr_dict_attr_t const * fr_dict_attr_child_by_num(fr_dict_attr_t const *parent, unsigned int attr)
Check if a child attribute exists in a parent using an attribute number.
Definition dict_util.c:3403
PAIR_DECODE_OOM
#define PAIR_DECODE_OOM
Fatal error - Out of memory.
Definition pair.h:45
PAIR_DECODE_FATAL_ERROR
#define PAIR_DECODE_FATAL_ERROR
Fatal error - Failed decoding the packet.
Definition pair.h:49
fr_pair_tlvs_from_network
ssize_t fr_pair_tlvs_from_network(TALLOC_CTX *ctx, fr_pair_list_t *out, fr_dict_attr_t const *parent, uint8_t const *data, size_t const data_len, void *decode_ctx, fr_pair_decode_value_t decode_tlv, fr_pair_tlvs_verify_t verify_tlvs, bool nested)
Decode a list of pairs from the network.
Definition decode.c:148
fr_pair_dns_labels_from_network
ssize_t fr_pair_dns_labels_from_network(TALLOC_CTX *ctx, fr_pair_list_t *out, fr_dict_attr_t const *parent, uint8_t const *start, uint8_t const *data, size_t const data_len, fr_dns_labels_t *lb, bool exact)
Decode a DNS label or a list of DNS labels from the network.
Definition decode.c:237
fr_pair_raw_from_network
ssize_t fr_pair_raw_from_network(TALLOC_CTX *ctx, fr_pair_list_t *out, fr_dict_attr_t const *da, uint8_t const *data, size_t data_len)
Create a "raw" pair from malformed network data.
Definition decode.c:79
fr_pair_array_from_network
ssize_t fr_pair_array_from_network(TALLOC_CTX *ctx, fr_pair_list_t *out, fr_dict_attr_t const *parent, uint8_t const *data, size_t data_len, void *decode_ctx, fr_pair_decode_value_t decode_value)
Decode an array of values from the network.
Definition decode.c:41
talloc_free
talloc_free(reap)
FR_TYPE_TLV
@ FR_TYPE_TLV
Contains nested attributes.
Definition merged_model.c:118
FR_TYPE_IPV6_PREFIX
@ FR_TYPE_IPV6_PREFIX
IPv6 Prefix.
Definition merged_model.c:89
FR_TYPE_STRING
@ FR_TYPE_STRING
String of printable characters.
Definition merged_model.c:83
FR_TYPE_STRUCT
@ FR_TYPE_STRUCT
like TLV, but without T or L, and fixed-width children
Definition merged_model.c:119
FR_TYPE_IPV6_ADDR
@ FR_TYPE_IPV6_ADDR
128 Bit IPv6 Address.
Definition merged_model.c:88
FR_TYPE_IPV4_PREFIX
@ FR_TYPE_IPV4_PREFIX
IPv4 Prefix.
Definition merged_model.c:87
FR_TYPE_BOOL
@ FR_TYPE_BOOL
A truth value.
Definition merged_model.c:95
FR_TYPE_VSA
@ FR_TYPE_VSA
Vendor-Specific, for RADIUS attribute 26.
Definition merged_model.c:121
FR_TYPE_OCTETS
@ FR_TYPE_OCTETS
Raw octets.
Definition merged_model.c:84
uint32_t
unsigned int uint32_t
Definition merged_model.c:33
ssize_t
long int ssize_t
Definition merged_model.c:24
uint8_t
unsigned char uint8_t
Definition merged_model.c:30
size_t
unsigned long int size_t
Definition merged_model.c:25
fr_dict_attr_t
Definition merged_model.c:133
fr_dict_t
Definition merged_model.c:198
fr_nbo_to_uint16
static uint16_t fr_nbo_to_uint16(uint8_t const data[static sizeof(uint16_t)])
Read an unsigned 16bit integer from wire format (big endian)
Definition nbo.h:146
fr_nbo_to_uint24
static uint32_t fr_nbo_to_uint24(uint8_t const data[static 3])
Read an unsigned 24bit integer from wire format (big endian)
Definition nbo.h:157
fr_nbo_to_uint32
static uint32_t fr_nbo_to_uint32(uint8_t const data[static sizeof(uint32_t)])
Read an unsigned 32bit integer from wire format (big endian)
Definition nbo.h:167
fr_pair_find_by_da
fr_pair_t * fr_pair_find_by_da(fr_pair_list_t const *list, fr_pair_t const *prev, fr_dict_attr_t const *da)
Find the first pair with a matching da.
Definition pair.c:698
fr_pair_append
int fr_pair_append(fr_pair_list_t *list, fr_pair_t *to_add)
Add a VP to the end of the list.
Definition pair.c:1343
fr_pair_afrom_da
fr_pair_t * fr_pair_afrom_da(TALLOC_CTX *ctx, fr_dict_attr_t const *da)
Dynamically allocate a new attribute and assign a fr_dict_attr_t.
Definition pair.c:287
fr_pair_raw_afrom_pair
int fr_pair_raw_afrom_pair(fr_pair_t *vp, uint8_t const *data, size_t data_len)
Mark malformed attribute as raw.
Definition pair.c:598
decode_test_ctx
static int decode_test_ctx(void **out, TALLOC_CTX *ctx, UNUSED fr_dict_t const *dict)
Definition decode.c:102
fr_dhcpv4_ok
bool fr_dhcpv4_ok(uint8_t const *data, ssize_t data_len, uint8_t *message_type, uint32_t *xid)
Check received DHCP request is valid and build fr_packet_t structure if it is.
Definition base.c:246
decode_option
static ssize_t decode_option(TALLOC_CTX *ctx, fr_pair_list_t *out, fr_dict_attr_t const *parent, uint8_t const *data, size_t const data_len, void *decode_ctx)
Definition decode.c:452
dhcpv4_tp_decode_pair
fr_test_point_pair_decode_t dhcpv4_tp_decode_pair
Definition decode.c:744
dhcpv4_tp_decode_proto
fr_test_point_proto_decode_t dhcpv4_tp_decode_proto
Definition decode.c:750
concat_buffer
static _Thread_local uint8_t concat_buffer[1500]
Definition decode.c:35
fr_dhcpv4_decode_proto
static ssize_t fr_dhcpv4_decode_proto(TALLOC_CTX *ctx, fr_pair_list_t *out, uint8_t const *data, size_t data_len, UNUSED void *proto_ctx)
Definition decode.c:720
verify_tlvs
static bool verify_tlvs(uint8_t const *data, size_t data_len)
Definition decode.c:41
fr_dhcpv4_decode_option
ssize_t fr_dhcpv4_decode_option(TALLOC_CTX *ctx, fr_pair_list_t *out, uint8_t const *data, size_t data_len, void *decode_ctx)
Decode DHCP option.
Definition decode.c:557
decode_value_trampoline
static ssize_t decode_value_trampoline(TALLOC_CTX *ctx, fr_pair_list_t *out, fr_dict_attr_t const *parent, uint8_t const *data, size_t const data_len, void *decode_ctx)
Handle arrays of DNS labels for fr_struct_from_network()
Definition decode.c:70
decode_option_wrapper
static ssize_t decode_option_wrapper(TALLOC_CTX *ctx, fr_pair_list_t *out, NDEBUG_UNUSED fr_dict_attr_t const *parent, uint8_t const *data, size_t data_len, void *decode_ctx)
Definition decode.c:732
decode_vsa
static ssize_t decode_vsa(TALLOC_CTX *ctx, fr_pair_list_t *out, fr_dict_attr_t const *parent, uint8_t const *data, size_t const data_len, void *decode_ctx)
RFC 4243 Vendor Specific Suboptions.
Definition decode.c:368
decode_tlv_trampoline
static ssize_t decode_tlv_trampoline(TALLOC_CTX *ctx, fr_pair_list_t *out, fr_dict_attr_t const *parent, uint8_t const *data, size_t const data_len, void *decode_ctx)
Definition decode.c:57
fr_dhcpv4_decode_foreign
ssize_t fr_dhcpv4_decode_foreign(TALLOC_CTX *ctx, fr_pair_list_t *out, uint8_t const *data, size_t data_len)
Definition decode.c:667
decode_value
#define decode_value
Definition decode.c:410
attrs.h
VQP attributes.
fr_assert
#define fr_assert(_expr)
Definition rad_assert.h:38
mask
static uint32_t mask
Definition rbmonkey.c:39
vp
fr_pair_t * vp
Definition state_machine.c:2293
fr_struct_from_network
ssize_t fr_struct_from_network(TALLOC_CTX *ctx, fr_pair_list_t *out, fr_dict_attr_t const *parent, uint8_t const *data, size_t data_len, void *decode_ctx, fr_pair_decode_value_t decode_value, fr_pair_decode_value_t decode_tlv)
Convert a STRUCT to one or more VPs.
Definition struct.c:32
pair_list_s
Definition pair.h:52
value_pair_s
Stores an attribute, a value and various bits of other data.
Definition pair.h:68
value_pair_s::da
fr_dict_attr_t const *_CONST da
Dictionary attribute defines the attribute number, vendor and type of the pair.
Definition pair.h:69
fr_test_point_pair_decode_t::test_ctx
fr_test_point_ctx_alloc_t test_ctx
Allocate a test ctx for the encoder.
Definition test_point.h:85
fr_test_point_proto_decode_t::test_ctx
fr_test_point_ctx_alloc_t test_ctx
Allocate a test ctx for the encoder.
Definition test_point.h:67
fr_test_point_pair_decode_t
Entry point for pair decoders.
Definition test_point.h:84
fr_test_point_proto_decode_t
Entry point for protocol decoders.
Definition test_point.h:66
parent
static fr_slen_t parent
Definition pair.h:841
FR_PROTO_HEX_DUMP
#define FR_PROTO_HEX_DUMP(_data, _data_len, _fmt,...)
Definition proto.h:42
FR_PROTO_TRACE
#define FR_PROTO_TRACE(_fmt,...)
Definition proto.h:41
fr_strerror_printf
#define fr_strerror_printf(_fmt,...)
Log to thread local error buffer.
Definition strerror.h:64
FR_TYPE_ATTR
@ FR_TYPE_ATTR
A contains an attribute reference.
Definition types.h:83
FR_TYPE_STRUCTURAL
#define FR_TYPE_STRUCTURAL
Definition types.h:314
fr_type_to_str
static char const * fr_type_to_str(fr_type_t type)
Return a static string containing the type name.
Definition types.h:452
fr_value_box_from_network
ssize_t fr_value_box_from_network(TALLOC_CTX *ctx, fr_value_box_t *dst, fr_type_t type, fr_dict_attr_t const *enumv, fr_dbuff_t *dbuff, size_t len, bool tainted)
Decode a fr_value_box_t from serialized binary data.
Definition value.c:1917
data
static fr_slen_t data
Definition value.h:1291
fr_value_box_init
#define fr_value_box_init(_vb, _type, _enumv, _tainted)
Initialise a fr_value_box_t.
Definition value.h:609
out
static size_t char ** out
Definition value.h:1023
Generated by   doxygen 1.9.8