25 RCSID(
"$Id: 5cd515f826031b848c452c59416d2d4d60b0d468 $")
29 #include <freeradius-devel/util/udp.h>
30 #include <freeradius-devel/util/syserror.h>
46 #define FR_DEBUG_STRERROR_PRINTF if (fr_debug_lvl) fr_strerror_printf_push
68 original_data = original->
data;
79 packet->
code, packet->
id, list);
80 if (slen < 0)
return slen;
117 char host_ipaddr[INET6_ADDRSTRLEN];
122 host_ipaddr,
sizeof(host_ipaddr)));
130 packet->
id = packet->
data[1];
141 char buffer[INET6_ADDRSTRLEN];
143 if (!packet->
data)
return -1;
177 if (ret < 0)
return ret;
193 if ((errno == EAGAIN) || (errno == EINTR))
return 0;
197 if (data_len == 0)
return -1;
199 packet->
data = talloc_array(packet,
uint8_t, data_len);
200 if (!packet->
data)
return -1;
232 #ifdef WITH_VERIFY_PTR
236 if ((packet->
socket.inet.src_ipaddr.
af == AF_UNSPEC) ||
237 (packet->
socket.inet.src_port == 0) ||
238 (packet->
socket.inet.dst_ipaddr.
af == AF_UNSPEC) ||
239 (packet->
socket.inet.dst_port == 0)) {
274 if (!
fr_packet_ok(packet, max_attributes, require_ma, NULL)) {
340 if (ret >= 0)
return ret;
360 if (!packet->
data)
return;
365 if ((packet->
socket.inet.src_ipaddr.
af == AF_INET) || (packet->
socket.inet.src_ipaddr.
af == AF_INET6)) {
387 int i, len, offset = 2;
388 unsigned int vendor = 0;
390 char const *truncated =
"";
393 if (attr[1] < 2)
break;
398 if ((attr[0] == FR_VENDOR_SPECIFIC) &&
403 attr[2], attr[3], attr[4], attr[5], vendor);
408 len = attr[1] - offset;
414 for (i = 0; i < len; i++) {
430 #ifdef WITH_IFINDEX_NAME_RESOLUTION
431 char if_name[IFNAMSIZ];
445 "%s %s Id %i from %s%s%s:%i to %s%s%s:%i "
446 #ifdef WITH_IFINDEX_NAME_RESOLUTION
450 received ?
"Received" :
"Sent",
453 packet->
socket.inet.src_ipaddr.
af == AF_INET6 ?
"[" :
"",
455 packet->
socket.inet.src_ipaddr.
af == AF_INET6 ?
"]" :
"",
456 packet->
socket.inet.src_port,
457 packet->
socket.inet.dst_ipaddr.
af == AF_INET6 ?
"[" :
"",
459 packet->
socket.inet.dst_ipaddr.
af == AF_INET6 ?
"]" :
"",
460 packet->
socket.inet.dst_port,
461 #ifdef WITH_IFINDEX_NAME_RESOLUTION
462 received ?
"via " :
"",
463 received ? fr_ifname_from_ifindex(if_name, packet->
socket.inet.ifindex) :
"",
469 "%s code %u Id %i from %s%s%s:%i to %s%s%s:%i "
470 #ifdef WITH_IFINDEX_NAME_RESOLUTION
474 received ?
"Received" :
"Sent",
477 packet->
socket.inet.src_ipaddr.
af == AF_INET6 ?
"[" :
"",
479 packet->
socket.inet.src_ipaddr.
af == AF_INET6 ?
"]" :
"",
480 packet->
socket.inet.src_port,
481 packet->
socket.inet.dst_ipaddr.
af == AF_INET6 ?
"[" :
"",
483 packet->
socket.inet.dst_ipaddr.
af == AF_INET6 ?
"]" :
"",
484 packet->
socket.inet.dst_port,
485 #ifdef WITH_IFINDEX_NAME_RESOLUTION
486 received ?
"via " :
"",
487 received ? fr_ifname_from_ifindex(if_name, packet->
socket.inet.ifindex) :
"",
static int const char char buffer[256]
@ FR_RADIUS_CODE_ACCESS_REQUEST
RFC2865 - Access-Request.
@ FR_RADIUS_CODE_MAX
Maximum possible protocol code.
@ FR_RADIUS_CODE_STATUS_SERVER
RFC2865/RFC5997 - Status Server (request)
char * fr_inet_ntop(char out[static FR_IPADDR_STRLEN], size_t outlen, fr_ipaddr_t const *addr)
Print the address portion of a fr_ipaddr_t.
#define FR_IPADDR_STRLEN
Like INET6_ADDRSTRLEN but includes space for the textual Zone ID.
void fr_log(fr_log_t const *log, fr_log_type_t type, char const *file, int line, char const *fmt,...)
Send a server log message to its destination.
@ L_DBG_LVL_1
Highest priority debug messages (-x).
@ L_DBG_LVL_4
4th highest priority debug messages (-xxxx | -Xxx).
@ L_DBG
Only displayed when debugging is enabled.
fr_packet_t * fr_packet_alloc(TALLOC_CTX *ctx, bool new_vector)
Allocate a new fr_packet_t.
void fr_packet_free(fr_packet_t **packet_p)
Free a fr_packet_t.
ssize_t udp_recv(int sockfd, int flags, fr_socket_t *socket_out, void *data, size_t data_len, fr_time_t *when)
Read a UDP packet.
int udp_send(fr_socket_t const *sock, int flags, void *data, size_t data_len)
Send a packet via a UDP socket.
bool fr_radius_ok(uint8_t const *packet, size_t *packet_len_p, uint32_t max_attributes, bool require_ma, decode_fail_t *reason)
char const * inet_ntop(int af, void const *src, char *dst, size_t cnt)
static uint16_t fr_nbo_to_uint16(uint8_t const data[static sizeof(uint16_t)])
Read an unsigned 16bit integer from wire format (big endian)
static uint32_t fr_nbo_to_uint32(uint8_t const data[static sizeof(uint32_t)])
Read an unsigned 32bit integer from wire format (big endian)
#define RADIUS_AUTH_VECTOR_LENGTH
int fr_radius_verify(uint8_t *packet, uint8_t const *vector, uint8_t const *secret, size_t secret_len, bool require_ma)
Verify a request / response packet.
int fr_radius_sign(uint8_t *packet, uint8_t const *vector, uint8_t const *secret, size_t secret_len)
Sign a previously encoded packet.
ssize_t fr_radius_encode(uint8_t *packet, size_t packet_len, uint8_t const *original, char const *secret, size_t secret_len, int code, int id, fr_pair_list_t *vps)
Encode VPS into a raw RADIUS packet.
char const * fr_radius_packet_name[FR_RADIUS_CODE_MAX]
ssize_t fr_radius_recv_header(int sockfd, fr_ipaddr_t *src_ipaddr, uint16_t *src_port, unsigned int *code)
Basic validation of RADIUS packet header.
bool fr_packet_ok(fr_packet_t *packet, uint32_t max_attributes, bool require_ma, decode_fail_t *reason)
See if the data pointed to by PTR is a valid RADIUS packet.
int fr_packet_verify(fr_packet_t *packet, fr_packet_t *original, char const *secret)
Verify the Request/Response Authenticator (and Message-Authenticator if present) of a packet.
static ssize_t rad_recvfrom(int sockfd, fr_packet_t *packet, int flags)
Wrapper for recvfrom, which handles recvfromto, IPv6, and all possible combinations.
int fr_packet_sign(fr_packet_t *packet, fr_packet_t const *original, char const *secret)
Sign a previously encoded packet.
void fr_radius_packet_header_log(fr_log_t const *log, fr_packet_t *packet, bool received)
void _fr_packet_log_hex(fr_log_t const *log, fr_packet_t const *packet, char const *file, int line)
ssize_t fr_packet_encode(fr_packet_t *packet, fr_pair_list_t *list, fr_packet_t const *original, char const *secret)
Encode a packet.
#define FR_DEBUG_STRERROR_PRINTF
int fr_packet_send(fr_packet_t *packet, fr_pair_list_t *list, fr_packet_t const *original, char const *secret)
Reply to the request.
void fr_radius_packet_log(fr_log_t const *log, fr_packet_t *packet, fr_pair_list_t *list, bool received)
fr_packet_t * fr_packet_recv(TALLOC_CTX *ctx, int fd, int flags, uint32_t max_attributes, bool require_ma)
Receive UDP client requests, and fill in the basics of a fr_packet_t structure.
#define fr_packet_log_hex(_log, _packet)
#define FR_RADIUS_PACKET_CODE_VALID(_x)
PUBLIC int snprintf(char *string, size_t length, char *format, va_alist)
char const * fr_syserror(int num)
Guaranteed to be thread-safe version of strerror.
unsigned int code
Packet code (type).
fr_socket_t socket
This packet was received on.
int id
Packet ID (used to link requests/responses).
uint8_t * data
Packet data (body).
size_t data_len
Length of packet data.
uint8_t vector[RADIUS_AUTH_VECTOR_LENGTH]
RADIUS authentication vector.
fr_time_t timestamp
When we received the packet.
#define fr_pair_list_log(_log, _lvl, _list)
int af
AF_INET, AF_INET6, or AF_UNIX.
int fd
File descriptor if this is a live socket.
int type
SOCK_STREAM, SOCK_DGRAM, etc.
#define fr_strerror_printf(_fmt,...)
Log to thread local error buffer.
#define fr_strerror_printf_push(_fmt,...)
Add a message to an existing stack of messages at the tail.
#define fr_strerror_const(_msg)
#define fr_box_ipaddr(_val)
#define fr_box_octets(_val, _len)