本文整理汇总了C++中RDEBUG3函数的典型用法代码示例。如果您正苦于以下问题:C++ RDEBUG3函数的具体用法?C++ RDEBUG3怎么用?C++ RDEBUG3使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了RDEBUG3函数的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的C++代码示例。
示例1: fr_redis_reply_to_map
/** Convert a pair of redis reply objects to a map
*
* The maps can then be applied using #map_to_request.
*
* @param[in,out] ctx to allocate maps in.
* @param[out] out Where to write the head of the new maps list.
* @param[in] request The current request.
* @param[in] key to process.
* @param[in] op to process.
* @param[in] value to process.
* @return
* - 0 on success.
* - -1 on failure.
*/
int fr_redis_reply_to_map(TALLOC_CTX *ctx, vp_map_t **out, REQUEST *request,
redisReply *key, redisReply *op, redisReply *value)
{
vp_map_t *map = NULL;
ssize_t slen;
*out = NULL;
if (key->type != REDIS_REPLY_STRING) {
REDEBUG("Bad key type, expected string, got %s",
fr_int2str(redis_reply_types, key->type, "<UNKNOWN>"));
error:
TALLOC_FREE(map);
return -1;
}
if (op->type != REDIS_REPLY_STRING) {
REDEBUG("Bad key type, expected string, got %s",
fr_int2str(redis_reply_types, op->type, "<UNKNOWN>"));
goto error;
}
RDEBUG3("Got key : %s", key->str);
RDEBUG3("Got op : %s", op->str);
RDEBUG3("Got value : %pV", fr_box_strvalue_len(value->str, value->len));
map = talloc_zero(ctx, vp_map_t);
slen = tmpl_afrom_attr_str(map, NULL, &map->lhs, key->str, &(vp_tmpl_rules_t){ .dict_def = request->dict });
开发者ID:FreeRADIUS,项目名称:freeradius-server,代码行数:42,代码来源:redis.c
示例2: eap_crypto_mppe_keys
USES_APPLE_DEPRECATED_API /* OpenSSL API has been deprecated by Apple */
#define __STDC_WANT_LIB_EXT1__ 1
#include <string.h>
#include <openssl/hmac.h>
#include <freeradius-devel/util/sha1.h>
#include <freeradius-devel/tls/base.h>
#include <freeradius-devel/tls/missing.h>
#include "tls.h"
#include "base.h"
#include "attrs.h"
#define EAP_TLS_MPPE_KEY_LEN 32
/** Generate keys according to RFC 2716 and add to the reply
*
*/
int eap_crypto_mppe_keys(REQUEST *request, SSL *ssl, char const *prf_label, size_t prf_label_len)
{
uint8_t out[4 * EAP_TLS_MPPE_KEY_LEN];
uint8_t *p;
if (SSL_export_keying_material(ssl, out, sizeof(out), prf_label, prf_label_len, NULL, 0, 0) != 1) {
tls_log_error(request, "Failed generating MPPE keys");
return -1;
}
if (RDEBUG_ENABLED3) {
uint8_t random[SSL3_RANDOM_SIZE];
size_t random_len;
uint8_t master_key[SSL_MAX_MASTER_KEY_LENGTH];
size_t master_key_len;
RDEBUG3("Key Derivation Function input");
RINDENT();
RDEBUG3("prf label : %pV", fr_box_strvalue_len(prf_label, prf_label_len));
master_key_len = SSL_SESSION_get_master_key(SSL_get_session(ssl), master_key, sizeof(master_key));
RDEBUG3("master session key : %pH", fr_box_octets(master_key, master_key_len));
random_len = SSL_get_client_random(ssl, random, SSL3_RANDOM_SIZE);
RDEBUG3("client random : %pH", fr_box_octets(random, random_len));
random_len = SSL_get_server_random(ssl, random, SSL3_RANDOM_SIZE);
RDEBUG3("server random : %pH", fr_box_octets(random, random_len));
REXDENT();
}
RDEBUG2("Adding session keys");
p = out;
eap_add_reply(request, attr_ms_mppe_recv_key, p, EAP_TLS_MPPE_KEY_LEN);
p += EAP_TLS_MPPE_KEY_LEN;
eap_add_reply(request, attr_ms_mppe_send_key, p, EAP_TLS_MPPE_KEY_LEN);
eap_add_reply(request, attr_eap_msk, out, 64);
eap_add_reply(request, attr_eap_emsk, out + 64, 64);
return 0;
}
开发者ID:FreeRADIUS,项目名称:freeradius-server,代码行数:59,代码来源:crypto.c
示例3: vector_gsm_from_triplets
static int vector_gsm_from_triplets(eap_session_t *eap_session, VALUE_PAIR *vps,
int idx, fr_sim_keys_t *keys)
{
REQUEST *request = eap_session->request;
VALUE_PAIR *rand = NULL, *sres = NULL, *kc = NULL;
fr_cursor_t cursor;
int i;
for (i = 0, (kc = fr_cursor_iter_by_da_init(&cursor, &vps, attr_eap_sim_kc));
(i < idx) && (kc = fr_cursor_next(&cursor));
i++);
if (!kc) {
RDEBUG3("No &control:%s[%i] attribute found, not using GSM triplets",
attr_eap_sim_kc->name, idx);
return 1;
}
if (kc->vp_length != SIM_VECTOR_GSM_KC_SIZE) {
REDEBUG("&control:%s[%i] is not " STRINGIFY(SIM_VECTOR_GSM_KC_SIZE) " bytes, got %zu bytes",
attr_eap_sim_kc->name, idx, kc->vp_length);
return -1;
}
for (i = 0, (rand = fr_cursor_iter_by_da_init(&cursor, &vps, attr_eap_sim_rand));
(i < idx) && (rand = fr_cursor_next(&cursor));
i++);
if (!rand) {
RDEBUG3("No &control:%s[%i] attribute found, not using GSM triplets",
attr_eap_sim_rand->name, idx);
return 1;
}
if (rand->vp_length != SIM_VECTOR_GSM_RAND_SIZE) {
REDEBUG("&control:EAP-SIM-Rand[%i] is not " STRINGIFY(SIM_RAND_SIZE) " bytes, got %zu bytes",
idx, rand->vp_length);
return -1;
}
for (i = 0, (sres = fr_cursor_iter_by_da_init(&cursor, &vps, attr_eap_sim_sres));
(i < idx) && (sres = fr_cursor_next(&cursor));
i++);
if (!sres) {
RDEBUG3("No &control:%s[%i] attribute found, not using GSM triplets",
attr_eap_sim_sres->name, idx);
return 1;
}
if (sres->vp_length != SIM_VECTOR_GSM_SRES_SIZE) {
REDEBUG("&control:%s[%i] is not " STRINGIFY(SIM_VECTOR_GSM_SRES_SIZE) " bytes, got %zu bytes",
attr_eap_sim_sres->name, idx, sres->vp_length);
return -1;
}
memcpy(keys->gsm.vector[idx].kc, kc->vp_strvalue, SIM_VECTOR_GSM_KC_SIZE);
memcpy(keys->gsm.vector[idx].rand, rand->vp_octets, SIM_VECTOR_GSM_RAND_SIZE);
memcpy(keys->gsm.vector[idx].sres, sres->vp_octets, SIM_VECTOR_GSM_SRES_SIZE);
return 0;
}
开发者ID:geaaru,项目名称:freeradius-server,代码行数:56,代码来源:vector.c
示例4: prefix_suffix_cmp
/*
* Compare prefix/suffix.
*
* If they compare:
* - if FR_STRIP_USER_NAME is present in check_list,
* strip the username of prefix/suffix.
* - if FR_STRIP_USER_NAME is not present in check_list,
* add a FR_STRIPPED_USER_NAME to the request.
*/
static int prefix_suffix_cmp(UNUSED void *instance,
REQUEST *request,
VALUE_PAIR *req,
VALUE_PAIR *check,
VALUE_PAIR *check_list,
UNUSED VALUE_PAIR **reply_list)
{
VALUE_PAIR *vp;
char const *name;
char rest[FR_MAX_STRING_LEN];
int len, namelen;
int ret = -1;
if (!request || !request->username) return -1;
VP_VERIFY(check);
name = request->username->vp_strvalue;
RDEBUG3("Comparing name \"%s\" and check value \"%s\"", name, check->vp_strvalue);
len = strlen(check->vp_strvalue);
if (check->da == attr_prefix) {
ret = strncmp(name, check->vp_strvalue, len);
if (ret == 0)
strlcpy(rest, name + len, sizeof(rest));
} else if (check->da == attr_suffix) {
namelen = strlen(name);
if (namelen >= len) {
ret = strcmp(name + namelen - len, check->vp_strvalue);
if (ret == 0) strlcpy(rest, name, namelen - len + 1);
}
}
if (ret != 0) return ret;
/*
* If Strip-User-Name == No, then don't do any more.
*/
vp = fr_pair_find_by_da(check_list, attr_strip_user_name, TAG_ANY);
if (vp && !vp->vp_uint32) return ret;
/*
* See where to put the stripped user name.
*/
vp = fr_pair_find_by_da(check_list, attr_stripped_user_name, TAG_ANY);
if (!vp) {
/*
* If "request" is NULL, then the memory will be
* lost!
*/
MEM(vp = fr_pair_afrom_da(request->packet, attr_stripped_user_name));
fr_pair_add(&req, vp);
request->username = vp;
}
fr_pair_value_strcpy(vp, rest);
return ret;
}
开发者ID:zi0r,项目名称:freeradius-server,代码行数:69,代码来源:paircmp.c
示例5: tls_socket_write
static int tls_socket_write(rad_listen_t *listener, REQUEST *request)
{
uint8_t *p;
ssize_t rcode;
listen_socket_t *sock = listener->data;
p = sock->ssn->dirty_out.data;
while (p < (sock->ssn->dirty_out.data + sock->ssn->dirty_out.used)) {
RDEBUG3("Writing to socket %d", request->packet->sockfd);
rcode = write(request->packet->sockfd, p,
(sock->ssn->dirty_out.data + sock->ssn->dirty_out.used) - p);
if (rcode <= 0) {
RDEBUG("Error writing to TLS socket: %s", strerror(errno));
tls_socket_close(listener);
return 0;
}
p += rcode;
}
sock->ssn->dirty_out.used = 0;
return 1;
}
开发者ID:SudoSource,项目名称:freeradius-server,代码行数:25,代码来源:tls_listen.c
示例6: check_pair
static void check_pair(REQUEST *request, VALUE_PAIR *check_item, VALUE_PAIR *reply_item, int *pass, int *fail)
{
int compare;
if (check_item->op == T_OP_SET) return;
compare = paircmp(check_item, reply_item);
if (compare < 0) {
REDEBUG("Comparison failed: %s", fr_strerror());
}
if (compare == 1) {
++*(pass);
} else {
++*(fail);
}
if (RDEBUG_ENABLED3) {
char rule[1024], pair[1024];
vp_prints(rule, sizeof(rule), check_item);
vp_prints(pair, sizeof(pair), reply_item);
RDEBUG3("%s %s %s", pair, compare == 1 ? "allowed by" : "disallowed by", rule);
}
return;
}
开发者ID:amirdaly,项目名称:freeradius-server,代码行数:27,代码来源:rlm_attr_filter.c
示例7: mod_delay_return
/** Called resume_at the delay is complete, and we're running from the interpreter
*
*/
static rlm_rcode_t mod_delay_return(REQUEST *request,
UNUSED void *instance, UNUSED void *thread, void *ctx)
{
struct timeval *yielded = talloc_get_type_abort(ctx, struct timeval);
/*
* Print how long the delay *really* was.
*/
if (RDEBUG_ENABLED3) {
struct timeval delayed, now;
gettimeofday(&now, NULL);
fr_timeval_subtract(&delayed, &now, yielded);
RDEBUG3("Request delayed by %pV", fr_box_timeval(delayed));
}
talloc_free(yielded);
return RLM_MODULE_OK;
}
开发者ID:mcnewton,项目名称:freeradius-server,代码行数:23,代码来源:rlm_delay.c
示例8: MEM
static inline VALUE_PAIR *tls_session_cert_attr_add(TALLOC_CTX *ctx, REQUEST *request, fr_cursor_t *cursor,
int attr, int attr_index, char const *value)
{
VALUE_PAIR *vp;
fr_dict_attr_t const *da = *(cert_attr_names[attr][attr_index]);
MEM(vp = fr_pair_afrom_da(ctx, da));
if (value) {
if (fr_pair_value_from_str(vp, value, -1, '\0', true) < 0) {
RPWDEBUG("Failed creating attribute %s", da->name);
talloc_free(vp);
return NULL;
}
}
RINDENT();
RDEBUG3("%pP", vp);
REXDENT();
fr_cursor_append(cursor, vp);
return vp;
}
开发者ID:alagoutte,项目名称:freeradius-server,代码行数:21,代码来源:session.c
示例9: xlat_delay_resume
static xlat_action_t xlat_delay_resume(TALLOC_CTX *ctx, fr_cursor_t *out,
REQUEST *request,
UNUSED void const *xlat_inst, UNUSED void *xlat_thread_inst,
UNUSED fr_value_box_t **in, void *rctx)
{
struct timeval *yielded_at = talloc_get_type_abort(rctx, struct timeval);
struct timeval delayed, now;
fr_value_box_t *vb;
gettimeofday(&now, NULL);
fr_timeval_subtract(&delayed, &now, yielded_at);
talloc_free(yielded_at);
RDEBUG3("Request delayed by %pVs", fr_box_timeval(delayed));
MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_TIMEVAL, NULL, false));
vb->vb_timeval = delayed;
fr_cursor_insert(out, vb);
return XLAT_ACTION_DONE;
}
开发者ID:mcnewton,项目名称:freeradius-server,代码行数:22,代码来源:rlm_delay.c
示例10: CC_HINT
static rlm_rcode_t CC_HINT(nonnull) mod_delay(void *instance, UNUSED void *thread, REQUEST *request)
{
rlm_delay_t const *inst = instance;
struct timeval delay, resume_at, *yielded_at;
if (inst->delay) {
if (tmpl_aexpand(request, &delay, request, inst->delay, NULL, NULL) < 0) return RLM_MODULE_FAIL;
} else {
memset(&delay, 0, sizeof(delay));
}
/*
* Record the time that we yielded the request
*/
MEM(yielded_at = talloc(request, struct timeval));
if (gettimeofday(yielded_at, NULL) < 0) {
REDEBUG("Failed getting current time: %s", fr_syserror(errno));
return RLM_MODULE_FAIL;
}
/*
* Setup the delay for this request
*/
if (delay_add(request, &resume_at, yielded_at, &delay, inst->force_reschedule, inst->delay) != 0) {
return RLM_MODULE_NOOP;
}
RDEBUG3("Current time %pV, resume time %pV", fr_box_timeval(*yielded_at), fr_box_timeval(resume_at));
if (unlang_event_module_timeout_add(request, _delay_done, yielded_at, &resume_at) < 0) {
RPEDEBUG("Adding event failed");
return RLM_MODULE_FAIL;
}
return unlang_module_yield(request, mod_delay_return, mod_delay_cancel, yielded_at);
}
开发者ID:mcnewton,项目名称:freeradius-server,代码行数:36,代码来源:rlm_delay.c
示例11: eaptls_verify
/*
* The S flag is set only within the EAP-TLS start message sent
* from the EAP server to the peer.
*
* Similarly, when the EAP server receives an EAP-Response with
* the M bit set, it MUST respond with an EAP-Request with
* EAP-Type=EAP-TLS and no data. This serves as a fragment
* ACK. The EAP peer MUST wait.
*/
static fr_tls_status_t eaptls_verify(eap_handler_t *handler)
{
EAP_DS *eap_ds = handler->eap_ds;
tls_session_t *tls_session = handler->opaque;
EAP_DS *prev_eap_ds = handler->prev_eap_ds;
eaptls_packet_t *eaptls_packet;
REQUEST *request = handler->request;
size_t frag_len;
/*
* We don't check ANY of the input parameters. It's all
* code which works together, so if something is wrong,
* we SHOULD core dump.
*
* e.g. if eap_ds is NULL, of if eap_ds->response is
* NULL, of if it's NOT an EAP-Response, or if the packet
* is too short. See eap_validation()., in ../../eap.c
*/
eaptls_packet = (eaptls_packet_t *)eap_ds->response->type.data;
/*
* First output the flags (for debugging)
*/
RDEBUG3("Peer sent flags %c%c%c",
TLS_START(eaptls_packet->flags) ? 'S' : '-',
TLS_MORE_FRAGMENTS(eaptls_packet->flags) ? 'M' : '-',
TLS_LENGTH_INCLUDED(eaptls_packet->flags) ? 'L' : '-');
/*
* check for ACK
*
* If there's no TLS data, or there's 1 byte of TLS data,
* with the flags set to zero, then it's an ACK.
*
* Find if this is a reply to the previous request sent
*/
if ((!eaptls_packet) ||
((eap_ds->response->length == EAP_HEADER_LEN + 2) &&
((eaptls_packet->flags & 0xc0) == 0x00))) {
if (prev_eap_ds && (prev_eap_ds->request->id == eap_ds->response->id)) {
return tls_ack_handler(handler->opaque, request);
} else {
REDEBUG("Received Invalid TLS ACK");
return FR_TLS_INVALID;
}
}
/*
* We send TLS_START, but do not receive it.
*/
if (TLS_START(eaptls_packet->flags)) {
REDEBUG("Peer sent EAP-TLS Start message (only the server is allowed to do this)");
return FR_TLS_INVALID;
}
/*
* Calculate this fragment's length
*/
frag_len = eap_ds->response->length -
(EAP_HEADER_LEN + (TLS_LENGTH_INCLUDED(eaptls_packet->flags) ? 6 : 2));
/*
* The L bit (length included) is set to indicate the
* presence of the four octet TLS Message Length field,
* and MUST be set for the first fragment of a fragmented
* TLS message or set of messages.
*
* The M bit (more fragments) is set on all but the last
* fragment.
*
* The S bit (EAP-TLS start) is set in an EAP-TLS Start
* message. This differentiates the EAP-TLS Start message
* from a fragment acknowledgement.
*/
if (TLS_LENGTH_INCLUDED(eaptls_packet->flags)) {
size_t total_len = eaptls_packet->data[2] * 256 | eaptls_packet->data[3];
if (frag_len > total_len) {
REDEBUG("TLS fragment length (%zu bytes) greater than TLS record length (%zu bytes)", frag_len,
total_len);
return FR_TLS_INVALID;
}
if (tls_session->tls_record_transfer_started) {
REDEBUG("TLS Length Included (L) flag set, which indicates a new fragment transfer, "
"but previous transfer was not complete");
return FR_TLS_INVALID;
}
/*
* This is the first fragment of a fragmented TLS record transfer.
//.........这里部分代码省略.........
开发者ID:roocell,项目名称:freeradius-server,代码行数:101,代码来源:eap_tls.c
示例12: radius_do_cmp
/*
* *presult is "did comparison match or not"
*/
static int radius_do_cmp(REQUEST *request, int *presult,
FR_TOKEN lt, const char *pleft, FR_TOKEN token,
FR_TOKEN rt, const char *pright,
int cflags, int modreturn)
{
int result;
uint32_t lint, rint;
VALUE_PAIR *vp = NULL;
#ifdef HAVE_REGEX_H
char buffer[8192];
#else
cflags = cflags; /* -Wunused */
#endif
rt = rt; /* -Wunused */
if (lt == T_BARE_WORD) {
/*
* Maybe check the last return code.
*/
if (token == T_OP_CMP_TRUE) {
int isreturn;
/*
* Looks like a return code, treat is as such.
*/
isreturn = fr_str2int(modreturn_table, pleft, -1);
if (isreturn != -1) {
*presult = (modreturn == isreturn);
return TRUE;
}
}
/*
* Bare words on the left can be attribute names.
*/
if (radius_get_vp(request, pleft, &vp)) {
VALUE_PAIR myvp;
/*
* VP exists, and that's all we're looking for.
*/
if (token == T_OP_CMP_TRUE) {
*presult = (vp != NULL);
return TRUE;
}
if (!vp) {
DICT_ATTR *da;
/*
* The attribute on the LHS may
* have been a dynamically
* registered callback. i.e. it
* doesn't exist as a VALUE_PAIR.
* If so, try looking for it.
*/
da = dict_attrbyname(pleft);
if (da && (da->vendor == 0) && radius_find_compare(da->attr)) {
VALUE_PAIR *check = pairmake(pleft, pright, token);
*presult = (radius_callback_compare(request, NULL, check, NULL, NULL) == 0);
RDEBUG3(" Callback returns %d",
*presult);
pairfree(&check);
return TRUE;
}
RDEBUG2(" (Attribute %s was not found)",
pleft);
*presult = 0;
return TRUE;
}
#ifdef HAVE_REGEX_H
/*
* Regex comparisons treat everything as
* strings.
*/
if ((token == T_OP_REG_EQ) ||
(token == T_OP_REG_NE)) {
vp_prints_value(buffer, sizeof(buffer), vp, 0);
pleft = buffer;
goto do_checks;
}
#endif
memcpy(&myvp, vp, sizeof(myvp));
if (!pairparsevalue(&myvp, pright)) {
RDEBUG2("Failed parsing \"%s\": %s",
pright, fr_strerror());
return FALSE;
}
myvp.operator = token;
*presult = paircmp(&myvp, vp);
RDEBUG3(" paircmp -> %d", *presult);
return TRUE;
//.........这里部分代码省略.........
开发者ID:joyphone,项目名称:freeradius-server,代码行数:101,代码来源:evaluate.c
示例13: mod_authorize
//.........这里部分代码省略.........
}
if (rows == 0) {
goto skipreply;
}
if (!inst->config->read_groups) {
dofallthrough = fallthrough(reply_tmp);
}
RDEBUG2("User found in radreply table");
user_found = true;
radius_pairmove(request, &request->reply->vps, reply_tmp, true);
rcode = RLM_MODULE_OK;
}
skipreply:
/*
* Clear out the pairlists
*/
pairfree(&check_tmp);
pairfree(&reply_tmp);
/*
* dofallthrough is set to 1 by default so that if the user information
* is not found, we will still process groups. If the user information,
* however, *is* found, Fall-Through must be set in order to process
* the groups as well.
*/
if (dofallthrough) {
rlm_rcode_t ret;
RDEBUG3("... falling-through to group processing");
ret = rlm_sql_process_groups(inst, request, handle, &dofallthrough);
switch (ret) {
/*
* Nothing bad happened, continue...
*/
case RLM_MODULE_UPDATED:
rcode = RLM_MODULE_UPDATED;
/* FALL-THROUGH */
case RLM_MODULE_OK:
if (rcode != RLM_MODULE_UPDATED) {
rcode = RLM_MODULE_OK;
}
/* FALL-THROUGH */
case RLM_MODULE_NOOP:
user_found = true;
break;
case RLM_MODULE_NOTFOUND:
break;
default:
rcode = ret;
goto release;
}
}
/*
* Repeat the above process with the default profile or User-Profile
*/
if (dofallthrough) {
rlm_rcode_t ret;
开发者ID:nvdnkpr,项目名称:freeradius-server,代码行数:66,代码来源:rlm_sql.c
示例14: redis_xlat
static ssize_t redis_xlat(UNUSED TALLOC_CTX *ctx, char **out, size_t outlen,
void const *mod_inst, UNUSED void const *xlat_inst,
REQUEST *request, char const *fmt)
{
rlm_redis_t const *inst = mod_inst;
fr_redis_conn_t *conn;
bool read_only = false;
uint8_t const *key = NULL;
size_t key_len = 0;
fr_redis_cluster_state_t state;
fr_redis_rcode_t status;
redisReply *reply = NULL;
int s_ret;
size_t len;
int ret;
char const *p = fmt, *q;
int argc;
char const *argv[MAX_REDIS_ARGS];
char argv_buf[MAX_REDIS_COMMAND_LEN];
if (p[0] == '-') {
p++;
read_only = true;
}
/*
* Hack to allow querying against a specific node for testing
*/
if (p[0] == '@') {
fr_socket_addr_t node_addr;
fr_pool_t *pool;
RDEBUG3("Overriding node selection");
p++;
q = strchr(p, ' ');
if (!q) {
REDEBUG("Found node specifier but no command, format is [-][@<host>[:port]] <redis command>");
return -1;
}
if (fr_inet_pton_port(&node_addr.ipaddr, &node_addr.port, p, q - p, AF_UNSPEC, true, true) < 0) {
RPEDEBUG("Failed parsing node address");
return -1;
}
p = q + 1;
if (fr_redis_cluster_pool_by_node_addr(&pool, inst->cluster, &node_addr, true) < 0) {
RPEDEBUG("Failed locating cluster node");
return -1;
}
conn = fr_pool_connection_get(pool, request);
if (!conn) {
REDEBUG("No connections available for cluster node");
return -1;
}
argc = rad_expand_xlat(request, p, MAX_REDIS_ARGS, argv, false, sizeof(argv_buf), argv_buf);
if (argc <= 0) {
RPEDEBUG("Invalid command: %s", p);
arg_error:
fr_pool_connection_release(pool, request, conn);
return -1;
}
if (argc >= (MAX_REDIS_ARGS - 1)) {
RPEDEBUG("Too many parameters; increase MAX_REDIS_ARGS and recompile: %s", p);
goto arg_error;
}
RDEBUG2("Executing command: %s", argv[0]);
if (argc > 1) {
RDEBUG2("With argments");
RINDENT();
for (int i = 1; i < argc; i++) RDEBUG2("[%i] %s", i, argv[i]);
REXDENT();
}
if (!read_only) {
reply = redisCommandArgv(conn->handle, argc, argv, NULL);
status = fr_redis_command_status(conn, reply);
} else if (redis_command_read_only(&status, &reply, request, conn, argc, argv) == -2) {
goto close_conn;
}
if (!reply) goto fail;
switch (status) {
case REDIS_RCODE_SUCCESS:
goto reply_parse;
case REDIS_RCODE_RECONNECT:
close_conn:
fr_pool_connection_close(pool, request, conn);
//.........这里部分代码省略.........
开发者ID:mcnewton,项目名称:freeradius-server,代码行数:101,代码来源:rlm_redis.c
示例15: mod_authorize
/** Handle authorization requests using Couchbase document data
*
* Attempt to fetch the document assocaited with the requested user by
* using the deterministic key defined in the configuration. When a valid
* document is found it will be parsed and the containing value pairs will be
* injected into the request.
*
* @param instance The module instance.
* @param thread specific data.
* @param request The authorization request.
* @return Operation status (#rlm_rcode_t).
*/
static rlm_rcode_t mod_authorize(void *instance, UNUSED void *thread, REQUEST *request)
{
rlm_couchbase_t const *inst = instance; /* our module instance */
rlm_couchbase_handle_t *handle = NULL; /* connection pool handle */
char buffer[MAX_KEY_SIZE];
char const *dockey; /* our document key */
lcb_error_t cb_error = LCB_SUCCESS; /* couchbase error holder */
rlm_rcode_t rcode = RLM_MODULE_OK; /* return code */
ssize_t slen;
/* assert packet as not null */
rad_assert(request->packet != NULL);
/* attempt to build document key */
slen = tmpl_expand(&dockey, buffer, sizeof(buffer), request, inst->user_key, NULL, NULL);
if (slen < 0) return RLM_MODULE_FAIL;
if ((dockey == buffer) && is_truncated((size_t)slen, sizeof(buffer))) {
REDEBUG("Key too long, expected < " STRINGIFY(sizeof(buffer)) " bytes, got %zi bytes", slen);
return RLM_MODULE_FAIL;
}
/* get handle */
handle = fr_pool_connection_get(inst->pool, request);
/* check handle */
if (!handle) return RLM_MODULE_FAIL;
/* set couchbase instance */
lcb_t cb_inst = handle->handle;
/* set cookie */
cookie_t *cookie = handle->cookie;
/* fetch document */
cb_error = couchbase_get_key(cb_inst, cookie, dockey);
/* check error */
if (cb_error != LCB_SUCCESS || !cookie->jobj) {
/* log error */
RERROR("failed to fetch document or parse return");
/* set return */
rcode = RLM_MODULE_FAIL;
/* return */
goto finish;
}
/* debugging */
RDEBUG3("parsed user document == %s", json_object_to_json_string(cookie->jobj));
{
TALLOC_CTX *pool = talloc_pool(request, 1024); /* We need to do lots of allocs */
fr_cursor_t maps, vlms;
vp_map_t *map_head = NULL, *map;
vp_list_mod_t *vlm_head = NULL, *vlm;
fr_cursor_init(&maps, &map_head);
/*
* Convert JSON data into maps
*/
if ((mod_json_object_to_map(pool, &maps, request, cookie->jobj, PAIR_LIST_CONTROL) < 0) ||
(mod_json_object_to_map(pool, &maps, request, cookie->jobj, PAIR_LIST_REPLY) < 0) ||
(mod_json_object_to_map(pool, &maps, request, cookie->jobj, PAIR_LIST_REQUEST) < 0) ||
(mod_json_object_to_map(pool, &maps, request, cookie->jobj, PAIR_LIST_STATE) < 0)) {
invalid:
talloc_free(pool);
rcode = RLM_MODULE_INVALID;
goto finish;
}
fr_cursor_init(&vlms, &vlm_head);
/*
* Convert all the maps into list modifications,
* which are guaranteed to succeed.
*/
for (map = fr_cursor_head(&maps);
map;
map = fr_cursor_next(&maps)) {
if (map_to_list_mod(pool, &vlm, request, map, NULL, NULL) < 0) goto invalid;
fr_cursor_insert(&vlms, vlm);
}
if (!vlm_head) {
RDEBUG2("Nothing to update");
talloc_free(pool);
rcode = RLM_MODULE_NOOP;
goto finish;
//.........这里部分代码省略.........
开发者ID:geaaru,项目名称:freeradius-server,代码行数:101,代码来源:rlm_couchbase.c
示例16: xlat_debug_attr
/** Print out attribute info
*
* Prints out all instances of a current attribute, or all attributes in a list.
*
* At higher debugging levels, also prints out alternative decodings of the same
* value. This is helpful to determine types for unknown attributes of long
* passed vendors, or just crazy/broken NAS.
*
* It's also useful for exposing issues in the packet decoding functions, as in
* some cases they get fed random garbage data.
*
* This expands to a zero length string.
*/
static ssize_t xlat_debug_attr(UNUSED void *instance, REQUEST *request, char const *fmt,
char *out, UNUSED size_t outlen)
{
VALUE_PAIR *vp, **vps;
REQUEST *current;
value_pair_tmpl_t vpt;
vp_cursor_t cursor;
char buffer[1024];
if (!RDEBUG_ENABLED2) {
*out = '\0';
return -1;
}
while (isspace((int) *fmt)) fmt++;
if (*fmt == '&') fmt++;
if (radius_parse_attr(fmt, &vpt, REQUEST_CURRENT, PAIR_LIST_REQUEST) < 0) {
return -1;
}
current = request;
if (radius_request(¤t, vpt.request) < 0) return -2;
vps = radius_list(current, vpt.list);
if (!vps) {
return -2;
}
RIDEBUG("Attributes matching \"%s\"", fmt);
vp = fr_cursor_init(&cursor, vps);
if (vpt.da) {
vp = fr_cursor_next_by_num(&cursor, vpt.da->attr, vpt.da->vendor, TAG_ANY);
}
while (vp) {
DICT_ATTR *dac = NULL;
DICT_VENDOR *dv;
VALUE_PAIR *vpc = NULL;
FR_NAME_NUMBER const *type;
vp_prints_value(buffer, sizeof(buffer), vp, '\'');
if (vp->da->flags.has_tag) {
RIDEBUG2("\t%s:%s:%i %s %s",
fr_int2str(pair_lists, vpt.list, "<INVALID>"),
vp->da->name,
vp->tag,
fr_int2str(fr_tokens, vp->op, "<INVALID>"),
buffer);
} else {
RIDEBUG2("\t%s:%s %s %s",
fr_int2str(pair_lists, vpt.list, "<INVALID>"),
vp->da->name,
fr_int2str(fr_tokens, vp->op, "<INVALID>"),
buffer);
}
if (!RDEBUG_ENABLED3) {
goto next_vp;
}
if (vp->da->vendor) {
dv = dict_vendorbyvalue(vp->da->vendor);
RDEBUG3("\t\tvendor : %i (%s)", vp->da->vendor, dv ? dv->name : "unknown");
}
RDEBUG3("\t\ttype : %s", fr_int2str(dict_attr_types, vp->da->type, "<INVALID>"));
RDEBUG3("\t\tlength : %zu", vp->length);
dac = talloc_memdup(request, vp->da, sizeof(DICT_ATTR));
if (!dac) {
return -1;
}
dac->flags.vp_free = 0;
if (!RDEBUG_ENABLED4) {
goto next_vp;
}
type = dict_attr_types;
while (type->name) {
int pad;
ssize_t len;
uint8_t const *data = NULL;
vpc = NULL;
if ((PW_TYPE) type->number == vp->da->type) {
//.........这里部分代码省略.........
开发者ID:dleo,项目名称:freeradius-server,代码行数:101,代码来源:xlat.c
示例17: cache_entry_find
/** Locate a cache entry in redis
*
* @copydetails cache_entry_find_t
*/
static cache_status_t cache_entry_find(rlm_cache_entry_t **out,
UNUSED rlm_cache_config_t const *config, void *driver_inst,
REQUEST *request, UNUSED void *handle, uint8_t const *key, size_t key_len)
{
rlm_cache_redis_t *driver = driver_inst;
size_t i;
fr_redis_cluster_state_t state;
fr_redis_conn_t *conn;
fr_redis_rcode_t status;
redisReply *reply = NULL;
int s_ret;
vp_map_t *head = NULL, **last = &head;
#ifdef HAVE_TALLOC_POOLED_OBJECT
size_t pool_size = 0;
#endif
rlm_cache_entry_t *c;
for (s_ret = fr_redis_cluster_state_init(&state, &conn, driver->cluster, request, key, key_len, false);
s_ret == REDIS_RCODE_TRY_AGAIN; /* Continue */
s_ret = fr_redis_cluster_state_next(&state, &conn, driver->cluster, request, status, &reply)) {
/*
* Grab all the data for this hash, should return an array
* of alternating keys/values which we then convert into maps.
*/
if (RDEBUG_ENABLED3) {
char *p;
p = fr_asprint(NULL, (char const *)key, key_len, '"');
RDEBUG3("LRANGE %s 0 -1", key);
talloc_free(p);
}
reply = redisCommand(conn->handle, "LRANGE %b 0 -1", key, key_len);
status = fr_redis_command_status(conn, reply);
}
if (s_ret != REDIS_RCODE_SUCCESS) {
RERROR("Failed retrieving entry");
fr_redis_reply_free(reply);
return CACHE_ERROR;
}
rad_assert(reply); /* clang scan */
if (reply->type != REDIS_REPLY_ARRAY) {
REDEBUG("Bad result type, expected array, got %s",
fr_int2str(redis_reply_types, reply->type, "<UNKNOWN>"));
fr_redis_reply_free(reply);
return CACHE_ERROR;
}
RDEBUG3("Entry contains %zu elements", reply->elements);
if (reply->elements == 0) {
fr_redis_reply_free(reply);
return CACHE_MISS;
}
if (reply->elements % 3) {
REDEBUG("Invalid number of reply elements (%zu). "
"Reply must contain triplets of keys operators and values",
reply->elements);
fr_redis_reply_free(reply);
return CACHE_ERROR;
}
#ifdef HAVE_TALLOC_POOLED_OBJECT
/*
* We can get a pretty good idea of the required size of the pool
*/
for (i = 0; i < reply->elements; i += 3) {
pool_size += sizeof(vp_map_t) + (sizeof(vp_tmpl_t) * 2);
if (reply->element[i]->type == REDIS_REPLY_STRING) pool_size += reply->element[i]->len + 1;
}
/*
* reply->elements gives us the number of chunks, as the maps are triplets, and there
* are three chunks per map
*/
c = talloc_pooled_object(NULL, rlm_cache_entry_t, reply->elements, pool_size);
memset(&pool, 0, sizeof(rlm_cache_entry_t));
#else
c = talloc_zero(NULL, rlm_cache_entry_t);
#endif
/*
* Convert the key/value pairs back into maps
*/
for (i = 0; i < reply->elements; i += 3) {
if (fr_redis_reply_to_map(c, last, request,
reply->element[i], reply->element[i + 1], reply->element[i + 2]) < 0) {
talloc_free(c);
fr_redis_reply_free(reply);
return CACHE_ERROR;
}
last = &(*last)->next;
}
//.........这里部分代码省略.........
开发者ID:0xbad0c0d3,项目名称:freeradius-server,代码行数:101,代码来源:rlm_cache_redis.c
示例18: vector_umts_from_quintuplets
/** Get one set of quintuplets from the request
*
*/
static int vector_umts_from_quintuplets(eap_session_t *eap_session, VALUE_PAIR *vps, fr_sim_keys_t *keys)
{
REQUEST *request = eap_session->request;
VALUE_PAIR *rand_vp = NULL, *xres_vp = NULL, *ck_vp = NULL, *ik_vp = NULL;
VALUE_PAIR *autn_vp = NULL, *sqn_vp = NULL, *ak_vp = NULL;
/*
* Fetch AUTN
*/
autn_vp = fr_pair_find_by_da(vps, attr_eap_aka_autn, TAG_ANY);
if (!autn_vp) {
RDEBUG3("No &control:%s attribute found, not using UMTS quintuplets", attr_eap_aka_autn->name);
return 1;
}
if (autn_vp->vp_length > SIM_VECTOR_UMTS_AUTN_SIZE) {
REDEBUG("&control:%s incorrect length. Expected "
STRINGIFY(SIM_VECTOR_UMTS_AUTN_SIZE) " bytes, got %zu bytes",
attr_eap_aka_autn->name, autn_vp->vp_length);
return -1;
}
/*
* Fetch CK
*/
ck_vp = fr_pair_find_by_da(vps, attr_eap_aka_ck, TAG_ANY);
if (!ck_vp) {
RDEBUG3("No &control:%s attribute found, not using UMTS quintuplets", attr_eap_aka_ck->name);
return 1;
}
if (ck_vp->vp_length > SIM_VECTOR_UMTS_CK_SIZE) {
REDEBUG("&control:%s incorrect length. Expected "
STRINGIFY(EAP_AKA_XRES_MAX_SIZE) " bytes, got %zu bytes",
attr_eap_aka_ck->name, ck_vp->vp_length);
return -1;
}
/*
* Fetch IK
*/
ik_vp = fr_pair_find_by_da(vps, attr_eap_aka_ik, TAG_ANY);
if (!ik_vp) {
RDEBUG3("No &control:%s attribute found, not using UMTS quintuplets", attr_eap_aka_ik->name);
return 1;
}
if (ik_vp->vp_length > SIM_VECTOR_UMTS_IK_SIZE) {
REDEBUG("&control:%s incorrect length. Expected "
STRINGIFY(SIM_VECTOR_UMTS_IK_SIZE) " bytes, got %zu bytes",
attr_eap_aka_ik->name, ik_vp->vp_length);
return -1;
}
/*
* Fetch RAND
*/
rand_vp = fr_pair_find_by_da(vps, attr_eap_aka_rand, TAG_ANY);
if (!rand_vp) {
RDEBUG3("No &control:%s attribute found, not using quintuplet derivation", attr_eap_aka_rand->name);
return 1;
}
if (rand_vp->vp_length != SIM_VECTOR_UMTS_RAND_SIZE) {
REDEBUG("&control:%s incorrect length. Expected " STRINGIFY(SIM_VECTOR_UMTS_RAND_SIZE) " bytes, "
"got %zu bytes", attr_eap_aka_rand->name, rand_vp->vp_length);
return -1;
}
/*
* Fetch XRES
*/
xres_vp = fr_pair_find_by_da(vps, attr_eap_aka_xres, TAG_ANY);
if (!xres_vp) {
RDEBUG3("No &control:%s attribute found, not using UMTS quintuplets", attr_eap_aka_xres->name);
return 1;
}
if (xres_vp->vp_length > SIM_VECTOR_UMTS_XRES_MAX_SIZE) {
REDEBUG("&control:%s incorrect length. Expected < "
STRINGIFY(EAP_AKA_XRES_MAX_SIZE) " bytes, got %zu bytes",
attr_eap_aka_xres->name, xres_vp->vp_length);
return -1;
}
/*
* Fetch (optional) AK
*/
ak_vp = fr_pair_find_by_da(vps, attr_eap_aka_ak, TAG_ANY);
if (ak_vp && (ak_vp->vp_length != MILENAGE_AK_SIZE)) {
REDEBUG("&control:%s incorrect length. Expected "
STRINGIFY(MILENAGE_AK_SIZE) " bytes, got %zu bytes",
attr_eap_aka_ak->name, ak_vp->vp_length);
return -1;
}
//.........这里部分代码省略.........
开发者ID:geaaru,项目名称:freeradius-server,代码行数:101,代码来源:vector.c
示例19: CC_HINT
//.........这里部分代码省略.........
* We already have a Cleartext-Password. Skip edir.
*/
if (pairfind(request->config_items, PW_CLEARTEXT_PASSWORD, 0, TAG_ANY)) {
goto skip_edir;
}
/*
* Retrieve Universal Password if we use eDirectory
*/
if (inst->edir) {
int res = 0;
char password[256];
size_t pass_size = sizeof(password);
/*
* Retrive universal password
*/
res = nmasldap_get_password(conn->handle, dn, password, &pass_size);
if (res != 0) {
REDEBUG("Failed to retrieve eDirectory password: (%i) %s", res, edir_errstr(res));
rcode = RLM_MODULE_FAIL;
goto finish;
}
/*
* Add Cleartext-Password attribute to the request
*/
vp = radius_paircreate(request, &request->config_items, PW_CLEARTEXT_PASSWORD, 0);
pairstrcpy(vp, password);
vp->vp_length = pass_size;
if (RDEBUG_ENABLED3) {
RDEBUG3("Added eDirectory password. control:%s += '%s'", vp->da->name, vp->vp_strvalue);
} else {
RDEBUG2("Added eDirectory password");
}
if (inst->edir_autz) {
RDEBUG2("Binding as user for eDirectory authorization checks");
/*
* Bind as the user
*/
conn->rebound = true;
status = rlm_ldap_bind(inst, request, &conn, dn, vp->vp_strvalue, true);
switch (status) {
case LDAP_PROC_SUCCESS:
rcode = RLM_MODULE_OK;
RDEBUG("Bind as user '%s' was successful", dn);
break;
case LDAP_PROC_NOT_PERMITTED:
rcode = RLM_MODULE_USERLOCK;
goto finish;
case LDAP_PROC_REJECT:
rcode = RLM_MODULE_REJECT;
goto finish;
case LDAP_PROC_BAD_DN:
rcode = RLM_MODULE_INVALID;
goto finish;
case LDAP_PROC_NO_RESULT:
rcode = RLM_MODULE_NOTFOUND;
goto finish;
开发者ID:masuz,项目名称:freeradius-server,代码行数:67,代码来源:rlm_ldap.c
示例20: mod_accounting
/** Write accounting data to Couchbase documents
*
* Handle accounting requests and store the associated data into JSON documents
* in couchbase mapping attribute names to JSON element names per the module configuration.
*
* When an existing document already exists for the same accounting section the new attributes
* will be merged with the currently existing data. When conflicts arrise the new attribute
* value will replace or be added to the existing value.
*
* @param ins
|
客服电话
APP下载
官方微信
请发表评论