diff options
| -rw-r--r-- | usr.sbin/npppd/npppd/Makefile | 2 | ||||
| -rw-r--r-- | usr.sbin/npppd/npppd/nint.h | 189 | ||||
| -rw-r--r-- | usr.sbin/npppd/npppd/radius+.c (renamed from usr.sbin/npppd/npppd/radius+.cc) | 62 | ||||
| -rw-r--r-- | usr.sbin/npppd/npppd/radius+.h | 8 | ||||
| -rw-r--r-- | usr.sbin/npppd/npppd/radius+_local.h | 37 |
5 files changed, 43 insertions, 255 deletions
diff --git a/usr.sbin/npppd/npppd/Makefile b/usr.sbin/npppd/npppd/Makefile index 6083dfd8a70..e74ad9af30e 100644 --- a/usr.sbin/npppd/npppd/Makefile +++ b/usr.sbin/npppd/npppd/Makefile @@ -12,7 +12,7 @@ SRCS+= npppd.c npppd_config.c npppd_subr.c npppd_auth.c npppd_iface.c SRCS+= config_helper.c slist.c hash.c properties.c rtev_common.c SRCS+= rtev_libevent.c bytebuf.c debugutil.c csvreader.c net_utils.c SRCS+= radish.c time_utils.c npppd_pool.c addr_range.c -SRCS+= radius+.cc +SRCS+= radius+.c SRCS+= recvfromto.c SRCS+= privsep.c #SRCS+= ipsec_util.c diff --git a/usr.sbin/npppd/npppd/nint.h b/usr.sbin/npppd/npppd/nint.h deleted file mode 100644 index bc329c98d43..00000000000 --- a/usr.sbin/npppd/npppd/nint.h +++ /dev/null @@ -1,189 +0,0 @@ -/*- - * Copyright (c) 2009 Internet Initiative Japan Inc. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ -#ifndef NINT_H -#define NINT_H - -#pragma pack(1) - -class nint16 -{ -private: - int16_t value; - -public: - nint16() - { - } - - nint16(int16_t x) - { - value = htons(x); - }; - - nint16(const nint16& x) - { - value = x.value; - }; - - operator int16_t() const - { - return ntohs(value); - } - - nint16& operator +=(int16_t x) - { - value = htons(ntohs(value) + x); - return *this; - } - - void setraw(int16_t x) - { - value = x; - } - - int16_t getraw() const - { - return value; - } -}; - -class nuint16 -{ -private: - u_int16_t value; - -public: - nuint16() - { - } - - nuint16(u_int16_t x) - { - value = htons(x); - }; - - nuint16(const nuint16& x) - { - value = x.value; - }; - - nuint16& operator +=(u_int16_t x) - { - value = htons(ntohs(value) + x); - return *this; - } - - operator u_int16_t() const - { - return ntohs(value); - } - - void setraw(u_int16_t x) - { - value = x; - } - - u_int16_t getraw() const - { - return value; - } -}; - -class nint32 -{ -private: - int32_t value; - -public: - nint32() - { - } - - nint32(int32_t x) - { - value = htonl(x); - }; - - nint32(const nint32& x) - { - value = x.value; - }; - - operator int32_t() const - { - return ntohl(value); - } - - void setraw(int32_t x) - { - value = x; - } - - int32_t getraw() const - { - return value; - } -}; - -class nuint32 -{ -private: - u_int32_t value; - -public: - nuint32() - { - } - - nuint32(u_int32_t x) - { - value = htonl(x); - }; - - nuint32(const nuint32& x) - { - value = x.value; - }; - - operator u_int32_t() const - { - return ntohl(value); - } - - void setraw(u_int32_t x) - { - value = x; - } - - u_int32_t getraw() const - { - return value; - } -}; - -#pragma pack() - -#endif // NINT_H diff --git a/usr.sbin/npppd/npppd/radius+.cc b/usr.sbin/npppd/npppd/radius+.c index 8c188102b0d..35de1c72bb4 100644 --- a/usr.sbin/npppd/npppd/radius+.cc +++ b/usr.sbin/npppd/npppd/radius+.c @@ -53,7 +53,7 @@ static int radius_check_packet_data(const RADIUS_PACKET_DATA* pdata, return 1; if(length > 0xffff) return 1; - if(length != (size_t)(pdata->length)) + if(length != (size_t)ntohs(pdata->length)) return 1; attr = ATTRS_BEGIN(pdata); @@ -66,7 +66,7 @@ static int radius_check_packet_data(const RADIUS_PACKET_DATA* pdata, { if(attr->length < 8) return 1; - if((attr->vendor & 0xff000000U) != 0) + if((attr->vendor & htonl(0xff000000U)) != 0) return 1; if(attr->length != attr->vlength + 6) return 1; @@ -86,12 +86,12 @@ static int radius_ensure_add_capacity(RADIUS_PACKET* packet, size_t capacity) // 最大サイズは 64KB // 安全のため(?)、少し小さい値をリミットにしている。 - if(packet->pdata->length + capacity > 0xfe00) + if(ntohs(packet->pdata->length) + capacity > 0xfe00) return 1; - if(packet->pdata->length + capacity > packet->capacity) + if(ntohs(packet->pdata->length) + capacity > packet->capacity) { - newsize = packet->pdata->length + capacity + + newsize = ntohs(packet->pdata->length) + capacity + RADIUS_PACKET_CAPACITY_INCREMENT; newptr = realloc(packet->pdata, newsize); if(newptr == NULL) @@ -121,7 +121,7 @@ RADIUS_PACKET* radius_new_request_packet(u_int8_t code) packet->request = NULL; packet->pdata->code = code; packet->pdata->id = radius_id_counter++; - packet->pdata->length = sizeof(RADIUS_PACKET_DATA); + packet->pdata->length = htons(sizeof(RADIUS_PACKET_DATA)); for(i=0; i<countof(packet->pdata->authenticator); i++) packet->pdata->authenticator[i] = rand()&0xff; @@ -213,7 +213,7 @@ int radius_check_response_authenticator(const RADIUS_PACKET* packet, 16); MD5Update(&ctx, (unsigned char*)packet->pdata->attributes, - packet->pdata->length-20); + radius_get_length(packet) - 20); MD5Update(&ctx, (unsigned char*)secret, strlen(secret)); MD5Final((unsigned char *)authenticator0, &ctx); @@ -231,14 +231,14 @@ void radius_set_response_authenticator(RADIUS_PACKET* packet, (unsigned char*)packet->request->pdata->authenticator, 16); MD5Update(&ctx, (unsigned char*)packet->pdata->attributes, - packet->pdata->length-20); + radius_get_length(packet) - 20); MD5Update(&ctx, (unsigned char*)secret, strlen(secret)); MD5Final((unsigned char*)packet->pdata->authenticator ,&ctx); } u_int16_t radius_get_length(const RADIUS_PACKET* packet) { - return packet->pdata->length; + return ntohs(packet->pdata->length); } @@ -313,7 +313,7 @@ int radius_put_raw_attr(RADIUS_PACKET* packet, u_int8_t type, newattr->type = type; newattr->length = length + 2; memcpy(newattr->data, buf, length); - packet->pdata->length += length + 2; + packet->pdata->length = htons(radius_get_length(packet) + length + 2); return 0; } @@ -335,7 +335,8 @@ int radius_put_raw_attr_all(RADIUS_PACKET* packet, u_int8_t type, newattr->type = type; newattr->length = len0 + 2; memcpy(newattr->data, buf, len0); - packet->pdata->length += len0 + 2; + packet->pdata->length = htons(radius_get_length(packet) + + len0 + 2); off += len0; } @@ -356,7 +357,7 @@ int radius_get_vs_raw_attr(const RADIUS_PACKET* packet, u_int32_t vendor, { if(attr->type != RADIUS_TYPE_VENDOR_SPECIFIC) continue; - if(attr->vendor != vendor) + if(attr->vendor != htonl(vendor)) continue; if(attr->vtype != vtype) continue; @@ -387,7 +388,7 @@ int radius_get_vs_raw_attr_all(const RADIUS_PACKET* packet, u_int32_t vendor, { if(attr->type != RADIUS_TYPE_VENDOR_SPECIFIC) continue; - if(attr->vendor != vendor) + if(attr->vendor != htonl(vendor)) continue; if(attr->vtype != vtype) continue; @@ -419,7 +420,7 @@ int radius_get_vs_raw_attr_ptr(const RADIUS_PACKET* packet, u_int32_t vendor, { if(attr->type != RADIUS_TYPE_VENDOR_SPECIFIC) continue; - if(attr->vendor != vendor) + if(attr->vendor != htonl(vendor)) continue; if(attr->vtype != vtype) continue; @@ -446,11 +447,11 @@ int radius_put_vs_raw_attr(RADIUS_PACKET* packet, u_int32_t vendor, newattr = ATTRS_END(packet->pdata); newattr->type = RADIUS_TYPE_VENDOR_SPECIFIC; newattr->length = length + 8; - newattr->vendor = vendor; + newattr->vendor = htonl(vendor); newattr->vtype = vtype; newattr->vlength = length + 2; memcpy(newattr->vdata, buf, length); - packet->pdata->length += length + 8; + packet->pdata->length = htons(radius_get_length(packet) + length + 8); return 0; } @@ -471,11 +472,12 @@ int radius_put_vs_raw_attr_all(RADIUS_PACKET* packet, u_int32_t vendor, newattr = ATTRS_END(packet->pdata); newattr->type = RADIUS_TYPE_VENDOR_SPECIFIC; newattr->length = len0 + 8; - newattr->vendor = vendor; + newattr->vendor = htonl(vendor); newattr->vtype = vtype; newattr->vlength = len0 + 2; memcpy(newattr->vdata, buf, len0); - packet->pdata->length += len0 + 8; + packet->pdata->length = htons(radius_get_length(packet) + + len0 + 8); off += len0; } @@ -553,38 +555,38 @@ int radius_put_vs_string_attr(RADIUS_PACKET* packet, u_int32_t vendor, } int radius_get_ipv4_attr(const RADIUS_PACKET* packet, u_int8_t type, - in_addr* addr) + struct in_addr* addr) { - in_addr tmp; + struct in_addr tmp; u_int8_t len; if(radius_get_raw_attr(packet, type, &tmp, &len) != 0) return 1; - if(len != sizeof(in_addr)) + if(len != sizeof(struct in_addr)) return 1; *addr = tmp; return 0; } -in_addr radius_get_ipv4_attr_retval(const RADIUS_PACKET* packet, +struct in_addr radius_get_ipv4_attr_retval(const RADIUS_PACKET* packet, u_int8_t type) { - in_addr addr; + struct in_addr addr; u_int8_t len; if(radius_get_raw_attr(packet, type, &addr, &len) != 0) addr.s_addr = htonl(INADDR_ANY); - if(len != sizeof(in_addr)) + if(len != sizeof(struct in_addr)) addr.s_addr = htonl(INADDR_ANY); return addr; } -int radius_put_ipv4_attr(RADIUS_PACKET* packet, u_int8_t type, in_addr addr) +int radius_put_ipv4_attr(RADIUS_PACKET* packet, u_int8_t type, struct in_addr addr) { - return radius_put_raw_attr(packet, type, &addr, sizeof(in_addr)); + return radius_put_raw_attr(packet, type, &addr, sizeof(struct in_addr)); } -RADIUS_PACKET* radius_recvfrom(int s, int flags, sockaddr* addr, socklen_t* len) +RADIUS_PACKET* radius_recvfrom(int s, int flags, struct sockaddr* addr, socklen_t* len) { char buf[0x10000]; ssize_t n; @@ -597,12 +599,12 @@ RADIUS_PACKET* radius_recvfrom(int s, int flags, sockaddr* addr, socklen_t* len) } int radius_sendto(int s, const RADIUS_PACKET* packet, - int flags, const sockaddr* addr, socklen_t len) + int flags, const struct sockaddr* addr, socklen_t len) { ssize_t n; - n = sendto(s, packet->pdata, packet->pdata->length, flags, addr, len); - if(n != packet->pdata->length) + n = sendto(s, packet->pdata, radius_get_length(packet), flags, addr, len); + if(n != radius_get_length(packet)) return 1; return 0; } diff --git a/usr.sbin/npppd/npppd/radius+.h b/usr.sbin/npppd/npppd/radius+.h index ecc5c3a5472..4699e040ec5 100644 --- a/usr.sbin/npppd/npppd/radius+.h +++ b/usr.sbin/npppd/npppd/radius+.h @@ -79,10 +79,10 @@ int radius_get_vs_raw_attr_ptr(const RADIUS_PACKET* packet, u_int32_t vendor, u_int8_t vtype, void** ptr, u_int8_t* length); int radius_put_vs_raw_attr(RADIUS_PACKET* packet, u_int32_t vendor, u_int8_t vtype, const void* buf, u_int8_t length); -int radius_get_vs_raw_attr_all(const RADIUS_PACKET* packet, u_int8_t type, - caddr_t buf, int* length); -int radius_put_vs_raw_attr_all(RADIUS_PACKET* packet, u_int8_t type, - const caddr_t buf, int length); +int radius_get_vs_raw_attr_all(const RADIUS_PACKET*, u_int32_t, u_int8_t, + caddr_t, int*); +int radius_put_vs_raw_attr_all(RADIUS_PACKET*, u_int32_t, u_int8_t, + const void *, int); /* accessors - typed attributes */ int radius_get_uint32_attr(const RADIUS_PACKET* packet, u_int8_t type, diff --git a/usr.sbin/npppd/npppd/radius+_local.h b/usr.sbin/npppd/npppd/radius+_local.h index eb977e87dd9..f79ad7c73c6 100644 --- a/usr.sbin/npppd/npppd/radius+_local.h +++ b/usr.sbin/npppd/npppd/radius+_local.h @@ -30,8 +30,6 @@ #ifndef RADIUSPLUS_LOCAL_H #define RADIUSPLUS_LOCAL_H -#include "nint.h" - #ifndef countof #define countof(x) (sizeof(x)/sizeof((x)[0])) #endif @@ -41,7 +39,7 @@ typedef struct _RADIUS_PACKET_DATA { u_int8_t code; u_int8_t id; - nuint16 length; + u_int16_t length; char authenticator[16]; char attributes[0]; } RADIUS_PACKET_DATA; @@ -51,7 +49,7 @@ typedef struct _RADIUS_ATTRIBUTE u_int8_t type; u_int8_t length; char data[0]; - nuint32 vendor; + u_int32_t vendor; u_int8_t vtype; u_int8_t vlength; char vdata[0]; @@ -70,35 +68,12 @@ struct _RADIUS_PACKET extern u_int8_t radius_id_counter; -inline void ADVANCE(RADIUS_ATTRIBUTE*& rp) -{ - rp = (RADIUS_ATTRIBUTE*)(((char*)rp) + rp->length); -} - -inline void ADVANCE(const RADIUS_ATTRIBUTE*& rp) -{ - rp = (const RADIUS_ATTRIBUTE*)(((const char*)rp) + rp->length); -} - -inline RADIUS_ATTRIBUTE* ATTRS_BEGIN(RADIUS_PACKET_DATA* pdata) -{ - return (RADIUS_ATTRIBUTE*)pdata->attributes; -} +#define ADVANCE(rp) (rp = (RADIUS_ATTRIBUTE*)(((char*)rp) + rp->length)) -inline const RADIUS_ATTRIBUTE* ATTRS_BEGIN(const RADIUS_PACKET_DATA* pdata) -{ - return (const RADIUS_ATTRIBUTE*)pdata->attributes; -} +#define ATTRS_BEGIN(pdata) ((RADIUS_ATTRIBUTE*)pdata->attributes) -inline RADIUS_ATTRIBUTE* ATTRS_END(RADIUS_PACKET_DATA* pdata) -{ - return (RADIUS_ATTRIBUTE*)(((char*)pdata) + pdata->length); -} - -inline const RADIUS_ATTRIBUTE* ATTRS_END(const RADIUS_PACKET_DATA* pdata) -{ - return (const RADIUS_ATTRIBUTE*)(((const char*)pdata) + pdata->length); -} +#define ATTRS_END(pdata) \ + ((RADIUS_ATTRIBUTE*)(((char*)pdata) + ntohs(pdata->length))) #ifndef MIN #define MIN(m,n) (((m) < (n))? (m) : (n)) |