The FreeRADIUS server  $Id: 15bac2a4c627c01d1aa2047687b3418955ac7f00 $
Macros | Functions | Variables
base.c File Reference
#include <freeradius-devel/util/net.h>
#include <freeradius-devel/util/md5.h>
#include <freeradius-devel/util/struct.h>
#include "tacacs.h"
#include "attrs.h"
+ Include dependency graph for base.c:

Go to the source code of this file.

Macros

#define ASCII(_prefix, _field)
 
#define CHECK(_length)
 
#define HEXIT(_prefix, _field)
 
#define PRINT(_fmt, ...)   fr_log(log, L_DBG, file, line, _fmt, ## __VA_ARGS__)
 
#define REQUIRE(_length)
 

Functions

void _fr_tacacs_packet_log_hex (fr_log_t const *log, fr_tacacs_packet_t const *packet, size_t packet_len, char const *file, int line)
 
int fr_tacacs_body_xor (fr_tacacs_packet_t const *pkt, uint8_t *body, size_t body_len, char const *secret, size_t secret_len)
 XOR the body based on the secret key. More...
 
void fr_tacacs_global_free (void)
 
int fr_tacacs_global_init (void)
 
ssize_t fr_tacacs_length (uint8_t const *buffer, size_t buffer_len)
 
static void print_args (fr_log_t const *log, char const *file, int line, size_t arg_cnt, uint8_t const *argv, uint8_t const *start, uint8_t const *end)
 
static void print_ascii (fr_log_t const *log, char const *file, int line, char const *prefix, uint8_t const *data, size_t datalen)
 
static void print_hex (fr_log_t const *log, char const *file, int line, char const *prefix, uint8_t const *data, size_t datalen)
 

Variables

fr_dict_attr_t const * attr_tacacs_accounting_flags
 
fr_dict_attr_t const * attr_tacacs_accounting_status
 
fr_dict_attr_t const * attr_tacacs_action
 
fr_dict_attr_t const * attr_tacacs_argument_list
 
fr_dict_attr_t const * attr_tacacs_authentication_continue_flags
 
fr_dict_attr_t const * attr_tacacs_authentication_flags
 
fr_dict_attr_t const * attr_tacacs_authentication_method
 
fr_dict_attr_t const * attr_tacacs_authentication_service
 
fr_dict_attr_t const * attr_tacacs_authentication_status
 
fr_dict_attr_t const * attr_tacacs_authentication_type
 
fr_dict_attr_t const * attr_tacacs_authorization_status
 
fr_dict_attr_t const * attr_tacacs_chap_challenge
 
fr_dict_attr_t const * attr_tacacs_chap_password
 
fr_dict_attr_t const * attr_tacacs_client_port
 
fr_dict_attr_t const * attr_tacacs_data
 
fr_dict_attr_t const * attr_tacacs_flags
 
fr_dict_attr_t const * attr_tacacs_length
 
fr_dict_attr_t const * attr_tacacs_mschap2_response
 
fr_dict_attr_t const * attr_tacacs_mschap_challenge
 
fr_dict_attr_t const * attr_tacacs_mschap_response
 
fr_dict_attr_t const * attr_tacacs_packet
 
fr_dict_attr_t const * attr_tacacs_packet_body_type
 
fr_dict_attr_t const * attr_tacacs_packet_type
 
fr_dict_attr_t const * attr_tacacs_privilege_level
 
fr_dict_attr_t const * attr_tacacs_remote_address
 
fr_dict_attr_t const * attr_tacacs_sequence_number
 
fr_dict_attr_t const * attr_tacacs_server_message
 
fr_dict_attr_t const * attr_tacacs_session_id
 
fr_dict_attr_t const * attr_tacacs_user_message
 
fr_dict_attr_t const * attr_tacacs_user_name
 
fr_dict_attr_t const * attr_tacacs_user_password
 
fr_dict_attr_t const * attr_tacacs_version_major
 
fr_dict_attr_t const * attr_tacacs_version_minor
 
fr_dict_t const * dict_tacacs
 
char const * fr_tacacs_packet_names [FR_TACACS_CODE_MAX]
 
static uint32_t instance_count = 0
 
fr_dict_autoload_t libfreeradius_tacacs_dict []
 
fr_dict_attr_autoload_t libfreeradius_tacacs_dict_attr []
 

Macro Definition Documentation

◆ ASCII

#define ASCII (   _prefix,
  _field 
)
Value:
do { \
CHECK(_field); \
print_ascii(log, file, line, _prefix, data, data_len); \
} while (0)
file
int const char * file
Definition: acutest.h:702
line
int const char int line
Definition: acutest.h:702
data
static fr_slen_t data
Definition: value.h:1259

Definition at line 375 of file base.c.

◆ CHECK

#define CHECK (   _length)
Value:
do { \
size_t plen = _length; \
if ((size_t) (end - p) < plen) { \
fr_log_hex(log, L_DBG, file, line, p, end - p, "%s", " TRUNCATED "); \
return; \
} \
data = p; \
data_len = plen; \
p += plen; \
} while (0)
L_DBG
@ L_DBG
Only displayed when debugging is enabled.
Definition: log.h:59

Definition at line 363 of file base.c.

◆ HEXIT

#define HEXIT (   _prefix,
  _field 
)
Value:
do { \
CHECK(_field); \
print_hex(log, file, line, _prefix, data, data_len); \
} while (0)

Definition at line 381 of file base.c.

◆ PRINT

#define PRINT (   _fmt,
  ... 
)    fr_log(log, L_DBG, file, line, _fmt, ## __VA_ARGS__)

Definition at line 386 of file base.c.

◆ REQUIRE

#define REQUIRE (   _length)
Value:
do { \
size_t plen = _length; \
if ((size_t) (end - hdr) < plen) { \
print_hex(log, file, line, " TRUNCATED ", hdr, end - hdr); \
return; \
} \
p = hdr + plen; \
} while (0)

Function Documentation

◆ _fr_tacacs_packet_log_hex()

void _fr_tacacs_packet_log_hex ( fr_log_t const *  log,
fr_tacacs_packet_t const *  packet,
size_t  packet_len,
char const *  file,
int  line 
)

Definition at line 420 of file base.c.

+ Here is the call graph for this function:

◆ fr_tacacs_body_xor()

int fr_tacacs_body_xor ( fr_tacacs_packet_t const *  pkt,
uint8_t body,
size_t  body_len,
char const *  secret,
size_t  secret_len 
)

XOR the body based on the secret key.

This function encrypts (or decrypts) TACACS+ packets, and sets the "encrypted" flag.

Definition at line 180 of file base.c.

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ fr_tacacs_global_free()

void fr_tacacs_global_free ( void  )

Definition at line 167 of file base.c.

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ fr_tacacs_global_init()

int fr_tacacs_global_init ( void  )

Definition at line 144 of file base.c.

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ fr_tacacs_length()

ssize_t fr_tacacs_length ( uint8_t const *  buffer,
size_t  buffer_len 
) 
 Return how long a TACACS+ packet is

 Note that we only look at the 12 byte packet header.  We don't
 (yet) do validation on authentication / authorization /
 accounting headers.  The packet may still be determined later
 to be invalid.
Parameters
bufferto check
buffer_lenlength of the buffer
Returns
>0 size of the TACACS+ packet. We want. MAY be larger than "buffer_len" <=0 error, packet should be discarded.

Definition at line 242 of file base.c.

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ print_args()

static void print_args ( fr_log_t const *  log,
char const *  file,
int  line,
size_t  arg_cnt,
uint8_t const *  argv,
uint8_t const *  start,
uint8_t const *  end 
)
static

Definition at line 388 of file base.c.

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ print_ascii()

static void print_ascii ( fr_log_t const *  log,
char const *  file,
int  line,
char const *  prefix,
uint8_t const *  data,
size_t  datalen 
)
static

Definition at line 344 of file base.c.

+ Here is the call graph for this function:

◆ print_hex()

static void print_hex ( fr_log_t const *  log,
char const *  file,
int  line,
char const *  prefix,
uint8_t const *  data,
size_t  datalen 
)
static

Definition at line 337 of file base.c.

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

Variable Documentation

◆ attr_tacacs_accounting_flags

fr_dict_attr_t const* attr_tacacs_accounting_flags

Definition at line 44 of file base.c.

◆ attr_tacacs_accounting_status

fr_dict_attr_t const* attr_tacacs_accounting_status

Definition at line 45 of file base.c.

◆ attr_tacacs_action

fr_dict_attr_t const* attr_tacacs_action

Definition at line 46 of file base.c.

◆ attr_tacacs_argument_list

fr_dict_attr_t const* attr_tacacs_argument_list

Definition at line 54 of file base.c.

◆ attr_tacacs_authentication_continue_flags

fr_dict_attr_t const* attr_tacacs_authentication_continue_flags

Definition at line 48 of file base.c.

◆ attr_tacacs_authentication_flags

fr_dict_attr_t const* attr_tacacs_authentication_flags

Definition at line 47 of file base.c.

◆ attr_tacacs_authentication_method

fr_dict_attr_t const* attr_tacacs_authentication_method

Definition at line 49 of file base.c.

◆ attr_tacacs_authentication_service

fr_dict_attr_t const* attr_tacacs_authentication_service

Definition at line 50 of file base.c.

◆ attr_tacacs_authentication_status

fr_dict_attr_t const* attr_tacacs_authentication_status

Definition at line 51 of file base.c.

◆ attr_tacacs_authentication_type

fr_dict_attr_t const* attr_tacacs_authentication_type

Definition at line 52 of file base.c.

◆ attr_tacacs_authorization_status

fr_dict_attr_t const* attr_tacacs_authorization_status

Definition at line 53 of file base.c.

◆ attr_tacacs_chap_challenge

fr_dict_attr_t const* attr_tacacs_chap_challenge

Definition at line 74 of file base.c.

◆ attr_tacacs_chap_password

fr_dict_attr_t const* attr_tacacs_chap_password

Definition at line 73 of file base.c.

◆ attr_tacacs_client_port

fr_dict_attr_t const* attr_tacacs_client_port

Definition at line 55 of file base.c.

◆ attr_tacacs_data

fr_dict_attr_t const* attr_tacacs_data

Definition at line 56 of file base.c.

◆ attr_tacacs_flags

fr_dict_attr_t const* attr_tacacs_flags

Definition at line 57 of file base.c.

◆ attr_tacacs_length

fr_dict_attr_t const* attr_tacacs_length

Definition at line 58 of file base.c.

◆ attr_tacacs_mschap2_response

fr_dict_attr_t const* attr_tacacs_mschap2_response

Definition at line 76 of file base.c.

◆ attr_tacacs_mschap_challenge

fr_dict_attr_t const* attr_tacacs_mschap_challenge

Definition at line 77 of file base.c.

◆ attr_tacacs_mschap_response

fr_dict_attr_t const* attr_tacacs_mschap_response

Definition at line 75 of file base.c.

◆ attr_tacacs_packet

fr_dict_attr_t const* attr_tacacs_packet

Definition at line 59 of file base.c.

◆ attr_tacacs_packet_body_type

fr_dict_attr_t const* attr_tacacs_packet_body_type

Definition at line 60 of file base.c.

◆ attr_tacacs_packet_type

fr_dict_attr_t const* attr_tacacs_packet_type

Definition at line 61 of file base.c.

◆ attr_tacacs_privilege_level

fr_dict_attr_t const* attr_tacacs_privilege_level

Definition at line 62 of file base.c.

◆ attr_tacacs_remote_address

fr_dict_attr_t const* attr_tacacs_remote_address

Definition at line 63 of file base.c.

◆ attr_tacacs_sequence_number

fr_dict_attr_t const* attr_tacacs_sequence_number

Definition at line 64 of file base.c.

◆ attr_tacacs_server_message

fr_dict_attr_t const* attr_tacacs_server_message

Definition at line 65 of file base.c.

◆ attr_tacacs_session_id

fr_dict_attr_t const* attr_tacacs_session_id

Definition at line 66 of file base.c.

◆ attr_tacacs_user_message

fr_dict_attr_t const* attr_tacacs_user_message

Definition at line 67 of file base.c.

◆ attr_tacacs_user_name

fr_dict_attr_t const* attr_tacacs_user_name

Definition at line 71 of file base.c.

◆ attr_tacacs_user_password

fr_dict_attr_t const* attr_tacacs_user_password

Definition at line 72 of file base.c.

◆ attr_tacacs_version_major

fr_dict_attr_t const* attr_tacacs_version_major

Definition at line 68 of file base.c.

◆ attr_tacacs_version_minor

fr_dict_attr_t const* attr_tacacs_version_minor

Definition at line 69 of file base.c.

◆ dict_tacacs

fr_dict_t const* dict_tacacs

Definition at line 35 of file base.c.

◆ fr_tacacs_packet_names

char const* fr_tacacs_packet_names[FR_TACACS_CODE_MAX]
Initial value:
= {
[FR_PACKET_TYPE_VALUE_AUTHENTICATION_START] = "Authentication-Start",
[FR_PACKET_TYPE_VALUE_AUTHENTICATION_PASS] = "Authentication-Pass",
[FR_PACKET_TYPE_VALUE_AUTHENTICATION_FAIL] = "Authentication-Fail",
[FR_PACKET_TYPE_VALUE_AUTHENTICATION_GETDATA] = "Authentication-GetData",
[FR_PACKET_TYPE_VALUE_AUTHENTICATION_GETUSER] = "Authentication-GetUser",
[FR_PACKET_TYPE_VALUE_AUTHENTICATION_GETPASS] = "Authentication-GetPass",
[FR_PACKET_TYPE_VALUE_AUTHENTICATION_RESTART] = "Authentication-Restart",
[FR_PACKET_TYPE_VALUE_AUTHENTICATION_ERROR] = "Authentication-Error",
[FR_PACKET_TYPE_VALUE_AUTHENTICATION_CONTINUE] = "Authentication-Continue",
[FR_PACKET_TYPE_VALUE_AUTHENTICATION_CONTINUE_ABORT] = "Authentication-Continue-Abort",
[FR_PACKET_TYPE_VALUE_AUTHORIZATION_REQUEST] = "Authorization-Request",
[FR_PACKET_TYPE_VALUE_AUTHORIZATION_PASS_ADD] = "Authorization-Pass-Add",
[FR_PACKET_TYPE_VALUE_AUTHORIZATION_PASS_REPLACE] = "Authorization-Pass-Replace",
[FR_PACKET_TYPE_VALUE_AUTHORIZATION_FAIL] = "Authorization-Fail",
[FR_PACKET_TYPE_VALUE_AUTHORIZATION_ERROR] = "Authorization-Error",
[FR_PACKET_TYPE_VALUE_ACCOUNTING_REQUEST] = "Accounting-Request",
[FR_PACKET_TYPE_VALUE_ACCOUNTING_SUCCESS] = "Accounting-Success",
[FR_PACKET_TYPE_VALUE_ACCOUNTING_ERROR] = "Accounting-Error",
}

Definition at line 119 of file base.c.

◆ instance_count

uint32_t instance_count = 0
static

Definition at line 33 of file base.c.

◆ libfreeradius_tacacs_dict

fr_dict_autoload_t libfreeradius_tacacs_dict
Initial value:
= {
{ .out = &dict_tacacs, .proto = "tacacs" },
{ NULL }
}
dict_tacacs
fr_dict_t const * dict_tacacs
Definition: base.c:35

Definition at line 38 of file base.c.

◆ libfreeradius_tacacs_dict_attr

fr_dict_attr_autoload_t libfreeradius_tacacs_dict_attr

Definition at line 80 of file base.c.

Generated by   doxygen 1.9.1