2 * This program is free software; you can redistribute it and/or modify
3 * it under the terms of the GNU General Public License as published by
4 * the Free Software Foundation; either version 2 of the License, or
5 * (at your option) any later version.
7 * This program is distributed in the hope that it will be useful,
8 * but WITHOUT ANY WARRANTY; without even the implied warranty of
9 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
10 * GNU General Public License for more details.
12 * You should have received a copy of the GNU General Public License
13 * along with this program; if not, write to the Free Software
14 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
20 * @brief Valuepair functions that are radiusd-specific and as such do not
21 * belong in the library.
22 * @file main/valuepair.c
26 * @copyright 2000,2006 The FreeRADIUS server project
27 * @copyright 2000 Alan DeKok <aland@ox.org>
34 #include <freeradius-devel/radiusd.h>
35 #include <freeradius-devel/rad_assert.h>
37 #ifdef HAVE_PCREPOSIX_H
38 #include <pcreposix.h>
44 * For POSIX Regular expressions.
45 * (0) Means no extended regular expressions.
46 * REG_EXTENDED means use extended regular expressions.
49 #define REG_EXTENDED (0)
58 const FR_NAME_NUMBER vpt_types[] = {
59 {"unknown", VPT_TYPE_UNKNOWN },
60 {"literal", VPT_TYPE_LITERAL },
61 {"expanded", VPT_TYPE_XLAT },
62 {"attribute ref", VPT_TYPE_ATTR },
63 {"list", VPT_TYPE_LIST },
64 {"exec", VPT_TYPE_EXEC }
68 unsigned int attribute;
69 unsigned int otherattr;
70 void *instance; /* module instance */
71 RAD_COMPARE_FUNC compare;
74 static struct cmp *cmp;
76 /** Compares check and vp by value.
78 * Does not call any per-attribute comparison function, but does honour
79 * check.operator. Basically does "vp.value check.op check.value".
81 * @param request Current request
82 * @param check rvalue, and operator
85 int radius_compare_vps(REQUEST *request, VALUE_PAIR *check, VALUE_PAIR *vp)
90 * Check for =* and !* and return appropriately
92 if (check->op == T_OP_CMP_TRUE) return 0;
93 if (check->op == T_OP_CMP_FALSE) return 1;
96 if (check->op == T_OP_REG_EQ) {
100 regmatch_t rxmatch[REQUEST_MAX_REGEX + 1];
102 vp_prints_value(value, sizeof(value), vp, -1);
105 * Include substring matches.
107 compare = regcomp(®, check->vp_strvalue, REG_EXTENDED);
110 regerror(compare, ®, buffer, sizeof(buffer));
112 RDEBUG("Invalid regular expression %s: %s",
113 check->vp_strvalue, buffer);
116 compare = regexec(®, value, REQUEST_MAX_REGEX + 1,
121 * Add %{0}, %{1}, etc.
123 for (i = 0; i <= REQUEST_MAX_REGEX; i++) {
125 char buffer[sizeof(check->vp_strvalue)];
128 * Didn't match: delete old
129 * match, if it existed.
131 if ((compare != 0) ||
132 (rxmatch[i].rm_so == -1)) {
133 p = request_data_get(request, request,
134 REQUEST_DATA_REGEX | i);
148 * Copy substring into buffer.
150 memcpy(buffer, value + rxmatch[i].rm_so,
151 rxmatch[i].rm_eo - rxmatch[i].rm_so);
152 buffer[rxmatch[i].rm_eo - rxmatch[i].rm_so] = '\0';
155 * Copy substring, and add it to
158 * Note that we don't check
159 * for out of memory, which is
160 * the only error we can get...
163 request_data_add(request, request,
164 REQUEST_DATA_REGEX | i,
167 if (compare == 0) return 0;
171 if (check->op == T_OP_REG_NE) {
175 regmatch_t rxmatch[REQUEST_MAX_REGEX + 1];
177 vp_prints_value(value, sizeof(value), vp, -1);
180 * Include substring matches.
182 compare = regcomp(®, (char *)check->vp_strvalue,
186 regerror(compare, ®, buffer, sizeof(buffer));
188 RDEBUG("Invalid regular expression %s: %s",
189 check->vp_strvalue, buffer);
192 compare = regexec(®, value, REQUEST_MAX_REGEX + 1,
196 if (compare != 0) return 0;
203 * Tagged attributes are equal if and only if both the
204 * tag AND value match.
206 if (check->da->flags.has_tag) {
207 ret = ((int) vp->tag) - ((int) check->tag);
208 if (ret != 0) return ret;
212 * Not a regular expression, compare the types.
214 switch(check->da->type) {
215 #ifdef WITH_ASCEND_BINARY
217 * Ascend binary attributes can be treated
218 * as opaque objects, I guess...
220 case PW_TYPE_ABINARY:
223 if (vp->length != check->length) {
224 ret = 1; /* NOT equal */
227 ret = memcmp(vp->vp_strvalue, check->vp_strvalue,
232 ret = strcmp((char *)vp->vp_strvalue,
233 (char *)check->vp_strvalue);
238 case PW_TYPE_INTEGER:
239 ret = vp->vp_integer - check->vp_integer;
242 case PW_TYPE_INTEGER64:
244 * Don't want integer overflow!
246 if (vp->vp_integer64 < check->vp_integer64) {
248 } else if (vp->vp_integer64 > check->vp_integer64) {
256 if (vp->vp_signed < check->vp_signed) {
258 } else if (vp->vp_signed > check->vp_signed) {
266 ret = vp->vp_date - check->vp_date;
270 ret = ntohl(vp->vp_ipaddr) - ntohl(check->vp_ipaddr);
273 case PW_TYPE_IPV6ADDR:
274 ret = memcmp(&vp->vp_ipv6addr, &check->vp_ipv6addr,
275 sizeof(vp->vp_ipv6addr));
278 case PW_TYPE_IPV6PREFIX:
279 ret = memcmp(&vp->vp_ipv6prefix, &check->vp_ipv6prefix,
280 sizeof(vp->vp_ipv6prefix));
284 ret = memcmp(&vp->vp_ifid, &check->vp_ifid,
285 sizeof(vp->vp_ifid));
296 /** Compare check and vp. May call the attribute compare function.
298 * Unlike radius_compare_vps() this function will call any attribute-specific
299 * comparison function.
301 * @param req Current request
302 * @param request value pairs in the reqiest
305 * @param reply_pairs value pairs in the reply
308 int radius_callback_compare(REQUEST *req, VALUE_PAIR *request,
309 VALUE_PAIR *check, VALUE_PAIR *check_pairs,
310 VALUE_PAIR **reply_pairs)
315 * Check for =* and !* and return appropriately
317 if (check->op == T_OP_CMP_TRUE) return 0;
318 if (check->op == T_OP_CMP_FALSE) return 1;
321 * See if there is a special compare function.
323 * FIXME: use new RB-Tree code.
325 for (c = cmp; c; c = c->next) {
326 if (!check->da->vendor && (c->attribute == check->da->attr)) {
327 return (c->compare)(c->instance, req, request, check,
328 check_pairs, reply_pairs);
332 if (!request) return -1; /* doesn't exist, don't compare it */
334 return radius_compare_vps(req, check, request);
338 /** Find a comparison function for two attributes.
342 int radius_find_compare(unsigned int attribute)
346 for (c = cmp; c; c = c->next) {
347 if (c->attribute == attribute) {
356 /** See what attribute we want to compare with.
360 static int otherattr(unsigned int attribute)
364 for (c = cmp; c; c = c->next) {
365 if (c->attribute == attribute) {
373 /** Register a function as compare function.
376 * @param other_attr we want to compare with. Normally this is the
378 * You can set this to:
379 * - -1 The same as attribute.
380 * - 0 Always call compare function, not tied to request attribute.
381 * - >0 Attribute to compare with. For example, PW_GROUP in a check
382 * item needs to be compared with PW_USER_NAME in the incoming request.
383 * @param func comparison function
384 * @param instance argument to comparison function
387 int paircompare_register(unsigned int attribute, int other_attr,
388 RAD_COMPARE_FUNC func, void *instance)
392 paircompare_unregister(attribute, func);
394 c = rad_malloc(sizeof(struct cmp));
397 c->attribute = attribute;
398 c->otherattr = other_attr;
399 c->instance = instance;
406 /** Unregister comparison function for an attribute
408 * @param attribute attribute to unregister for.
409 * @param func comparison function to remove.
412 void paircompare_unregister(unsigned int attribute, RAD_COMPARE_FUNC func)
414 struct cmp *c, *last;
417 for (c = cmp; c; c = c->next) {
418 if (c->attribute == attribute && c->compare == func) {
424 if (c == NULL) return;
427 last->next = c->next;
435 /** Unregister comparison function for a module
437 * All paircompare() functions for this module will be unregistered.
439 * @param instance the module instance
442 void paircompare_unregister_instance(void *instance)
444 struct cmp *c, **tail;
447 while ((c = *tail) != NULL) {
448 if (c->instance == instance) {
458 /** Compare two pair lists except for the password information.
460 * For every element in "check" at least one matching copy must be present
463 * @param[in] request Current request.
464 * @param[in] req_list request valuepairs.
465 * @param[in] check Check/control valuepairs.
466 * @param[in,out] rep_list Reply value pairs.
468 * @return 0 on match.
470 int paircompare(REQUEST *request, VALUE_PAIR *req_list, VALUE_PAIR *check,
471 VALUE_PAIR **rep_list)
473 VALUE_PAIR *check_item;
474 VALUE_PAIR *auth_item;
480 for (check_item = check;
482 check_item = check_item->next) {
484 * If the user is setting a configuration value,
485 * then don't bother comparing it to any attributes
486 * sent to us by the user. It ALWAYS matches.
488 if ((check_item->op == T_OP_SET) ||
489 (check_item->op == T_OP_ADD)) {
493 if (!check_item->da->vendor) switch (check_item->da->attr) {
495 * Attributes we skip during comparison.
496 * These are "server" check items.
498 case PW_CRYPT_PASSWORD:
502 case PW_SESSION_TYPE:
503 case PW_STRIP_USER_NAME:
508 * IF the password attribute exists, THEN
509 * we can do comparisons against it. If not,
510 * then the request did NOT contain a
511 * User-Password attribute, so we CANNOT do
512 * comparisons against it.
514 * This hack makes CHAP-Password work..
516 case PW_USER_PASSWORD:
517 if (check_item->op == T_OP_CMP_EQ) {
518 WDEBUG("Found User-Password == \"...\".");
519 WDEBUG("Are you sure you don't mean Cleartext-Password?");
520 WDEBUG("See \"man rlm_pap\" for more information.");
522 if (pairfind(req_list, PW_USER_PASSWORD, 0, TAG_ANY) == NULL) {
529 * See if this item is present in the request.
531 other = otherattr(check_item->da->attr);
533 auth_item = req_list;
536 while (auth_item != NULL) {
537 if ((auth_item->da->attr ==
538 (unsigned int) other) ||
542 auth_item = auth_item->next;
547 * Not found, it's not a match.
549 if (auth_item == NULL) {
551 * Didn't find it. If we were *trying*
552 * to not find it, then we succeeded.
554 if (check_item->op == T_OP_CMP_FALSE) {
562 * Else we found it, but we were trying to not
563 * find it, so we failed.
565 if (check_item->op == T_OP_CMP_FALSE) {
571 * We've got to xlat the string before doing
574 radius_xlat_do(request, check_item);
577 * OK it is present now compare them.
579 compare = radius_callback_compare(request, auth_item,
580 check_item, check, rep_list);
582 switch (check_item->op) {
585 INFO("Invalid operator for item %s: "
586 "reverting to '=='", check_item->da->name);
591 if (compare != 0) result = -1;
595 if (compare == 0) result = -1;
599 if (compare >= 0) result = -1;
603 if (compare <= 0) result = -1;
607 if (compare > 0) result = -1;
611 if (compare < 0) result = -1;
617 if (compare != 0) result = -1;
620 } /* switch over the operator of the check item */
623 * This attribute didn't match, but maybe there's
624 * another of the same attribute, which DOES match.
626 if ((result != 0) && (other >= 0)) {
627 auth_item = auth_item->next;
632 } /* for every entry in the check item list */
637 /** Expands an attribute marked with pairmark_xlat
639 * Writes the new value to the vp.
641 * @param request Current request.
642 * @param vp to expand.
643 * @return 0 if successful else -1 (on xlat failure) or -2 (on parse failure).
644 * On failure pair will still no longer be marked for xlat expansion.
646 int radius_xlat_do(REQUEST *request, VALUE_PAIR *vp)
652 if (vp->type != VT_XLAT) return 0;
656 len = radius_xlat(buffer, sizeof(buffer), request, vp->value.xlat, NULL, NULL);
659 rad_const_free(vp->value.xlat);
660 vp->value.xlat = NULL;
666 * Parse the string into a new value.
668 if (!pairparsevalue(vp, buffer)){
675 /** Move pairs, replacing/over-writing them, and doing xlat.
677 * Move attributes from one list to the other if not already present.
679 void radius_xlat_move(REQUEST *request, VALUE_PAIR **to, VALUE_PAIR **from)
681 VALUE_PAIR **tailto, *i, *j, *next;
682 VALUE_PAIR *tailfrom = NULL;
686 * Point "tailto" to the end of the "to" list.
689 for (i = *to; i; i = i->next) {
694 * Loop over the "from" list.
696 for (i = *from; i; i = next) {
700 * Don't move 'fallthrough' over.
702 if (!i->da->vendor && i->da->attr == PW_FALL_THROUGH) {
708 * We've got to xlat the string before moving
711 radius_xlat_do(request, i);
713 found = pairfind(*to, i->da->attr, i->da->vendor, TAG_ANY);
717 * If a similar attribute is found,
720 case T_OP_SUB: /* -= */
722 if (!i->vp_strvalue[0] ||
723 (strcmp((char *)found->vp_strvalue,
724 (char *)i->vp_strvalue) == 0)) {
725 pairdelete(to, found->da->attr,
730 * 'tailto' may have been
734 for (j = *to; j; j = j->next) {
744 * Add it, if it's not already there.
746 case T_OP_EQ: /* = */
749 continue; /* with the loop */
754 * If a similar attribute is found,
755 * replace it with the new one. Otherwise,
756 * add the new one to the list.
758 case T_OP_SET: /* := */
763 memcpy(found, i, sizeof(*found));
771 * FIXME: Add support for <=, >=, <, >
773 * which will mean (for integers)
774 * 'make the attribute the smaller, etc'
778 * Add the new element to the list, even
779 * if similar ones already exist.
782 case T_OP_ADD: /* += */
787 tailfrom->next = next;
793 * If ALL of the 'to' attributes have been deleted,
794 * then ensure that the 'tail' is updated to point
805 } /* loop over the 'from' list */
808 /** Create a VALUE_PAIR and add it to a list of VALUE_PAIR s
810 * @note This function ALWAYS returns. If we're OOM, then it causes the
811 * @note server to exit, so you don't need to check the return value.
813 * @param[in] request Current request.
814 * @param[out] vps List to add new VALUE_PAIR to, if NULL will just
816 * @param[in] attribute number.
817 * @param[in] vendor number.
818 * @return a new VLAUE_PAIR or causes server to exit on error.
820 VALUE_PAIR *radius_paircreate(REQUEST *request, VALUE_PAIR **vps,
821 unsigned int attribute, unsigned int vendor)
826 * FIXME: the context should ideally be the packet...
828 vp = paircreate(request, attribute, vendor);
831 rad_assert("No memory" == NULL);
835 if (vps) pairadd(vps, vp);
840 /** Print a single valuepair to stderr or error log.
842 * @param[in] vp list to print.
844 void debug_pair(VALUE_PAIR *vp)
846 if (!vp || !debug_flag || !fr_log_fp) return;
848 vp_print(fr_log_fp, vp);
851 /** Print a list of valuepairs to stderr or error log.
853 * @param[in] vp to print.
855 void debug_pair_list(VALUE_PAIR *vp)
857 if (!vp || !debug_flag || !fr_log_fp) return;
861 * Take this opportunity to verify all the VALUE_PAIRs are still valid.
863 if (!talloc_get_type(vp, VALUE_PAIR)) {
864 ERROR("Expected VALUE_PAIR pointer got \"%s\"", talloc_get_name(vp));
866 log_talloc_report(vp);
870 vp_print(fr_log_fp, vp);
876 /** Print a list of valuepairs to the request list.
878 * @param[in] level Debug level (1-4).
879 * @param[in] request to read logging params from.
880 * @param[in] vp to print.
882 void rdebug_pair_list(int level, REQUEST *request, VALUE_PAIR *vp)
885 if (!vp || !request || !request->radlog) return;
889 * Take this opportunity to verify all the VALUE_PAIRs are still valid.
891 if (!talloc_get_type(vp, VALUE_PAIR)) {
892 REDEBUG("Expected VALUE_PAIR pointer got \"%s\"", talloc_get_name(vp));
894 log_talloc_report(vp);
898 vp_prints(buffer, sizeof(buffer), vp);
900 request->radlog(L_DBG, level, request, "\t%s", buffer);
905 /** Resolve attribute pair_lists_t value to an attribute list.
907 * The value returned is a pointer to the pointer of the HEAD of the list
908 * in the REQUEST. If the head of the list changes, the pointer will still
911 * @param[in] request containing the target lists.
912 * @param[in] list pair_list_t value to resolve to VALUE_PAIR list.
913 * Will be NULL if list name couldn't be resolved.
915 VALUE_PAIR **radius_list(REQUEST *request, pair_lists_t list)
917 if (!request) return NULL;
920 case PAIR_LIST_UNKNOWN:
924 case PAIR_LIST_REQUEST:
925 return &request->packet->vps;
927 case PAIR_LIST_REPLY:
928 return &request->reply->vps;
930 case PAIR_LIST_CONTROL:
931 return &request->config_items;
934 case PAIR_LIST_PROXY_REQUEST:
935 if (!request->proxy) break;
936 return &request->proxy->vps;
938 case PAIR_LIST_PROXY_REPLY:
939 if (!request->proxy) break;
940 return &request->proxy_reply->vps;
945 (request->coa->proxy->code == PW_COA_REQUEST)) {
946 return &request->coa->proxy->vps;
950 case PAIR_LIST_COA_REPLY:
951 if (request->coa && /* match reply with request */
952 (request->coa->proxy->code == PW_COA_REQUEST) &&
953 request->coa->proxy_reply) {
954 return &request->coa->proxy_reply->vps;
960 (request->coa->proxy->code == PW_DISCONNECT_REQUEST)) {
961 return &request->coa->proxy->vps;
965 case PAIR_LIST_DM_REPLY:
966 if (request->coa && /* match reply with request */
967 (request->coa->proxy->code == PW_DISCONNECT_REQUEST) &&
968 request->coa->proxy_reply) {
969 return &request->coa->proxy->vps;
975 RWDEBUG2("List \"%s\" is not available",
976 fr_int2str(pair_lists, list, "<INVALID>"));
981 /** Convert value_pair_map_t to VALUE_PAIR(s) and add them to a REQUEST.
983 * Takes a single value_pair_map_t, resolves request and list identifiers
984 * to pointers in the current request, then attempts to retrieve module
985 * specific value(s) using callback, and adds the resulting values to the
986 * correct request/list.
988 * @param request The current request.
989 * @param map specifying destination attribute and location and src identifier.
990 * @param func to retrieve module specific values and convert them to
992 * @param ctx to be passed to func.
993 * @param src name to be used in debugging if different from map value.
994 * @return -1 if either attribute or qualifier weren't valid in this context
995 * or callback returned NULL pointer, else 0.
997 int radius_map2request(REQUEST *request, value_pair_map_t const *map,
998 UNUSED char const *src, radius_tmpl_getvalue_t func, void *ctx)
1000 VALUE_PAIR **list, *vp, *head;
1001 char buffer[MAX_STRING_LEN];
1003 if (radius_request(&request, map->dst->request) < 0) {
1004 RWDEBUG("Mapping \"%s\" -> \"%s\" "
1005 "invalid in this context, skipping!",
1006 map->src->name, map->dst->name);
1011 list = radius_list(request, map->dst->list);
1013 RWDEBUG("Mapping \"%s\" -> \"%s\" "
1014 "invalid in this context, skipping!",
1015 map->src->name, map->dst->name);
1020 head = func(request, map, ctx);
1025 if (debug_flag) for (vp = head; vp != NULL; vp = vp->next) {
1026 rad_assert(vp->op == map->op);
1028 vp_prints_value(buffer, sizeof(buffer), vp, 1);
1030 RDEBUG("\t\t%s %s %s", map->dst->name,
1031 fr_int2str(fr_tokens, vp->op, "?unknown?"),
1036 * Use pairmove so the operator is respected
1038 radius_pairmove(request, list, head);
1042 /** Convert a map to a VALUE_PAIR.
1044 * @param[in] request structure (used only for talloc)
1045 * @param[in] map the map. The LHS has to be VPT_TYPE_ATTR.
1046 * @param[in] ctx unused
1047 * @return the newly allocated VALUE_PAIR
1049 VALUE_PAIR *radius_map2vp(REQUEST *request, value_pair_map_t const *map,
1052 VALUE_PAIR *vp, *found, **from = NULL;
1055 rad_assert(request != NULL);
1056 rad_assert(map != NULL);
1057 rad_assert(map->dst->type == VPT_TYPE_ATTR);
1058 rad_assert(map->dst->da != NULL);
1060 vp = pairalloc(request, map->dst->da);
1061 if (!vp) return NULL;
1068 switch (map->src->type) {
1071 * Don't call unnecessary expansions
1073 if (strchr(map->src->name, '%') != NULL) {
1077 slen = radius_axlat(&str, request, map->src->name, NULL, NULL);
1078 if (slen < 0) goto error;
1080 if (!pairparsevalue(vp, str)) {
1088 case VPT_TYPE_LITERAL:
1089 if (!pairparsevalue(vp, map->src->name)) goto error;
1093 rad_assert(map->src->da->type == map->dst->da->type);
1096 if (radius_request(&context, map->src->request) == 0) {
1097 from = radius_list(context, map->src->list);
1101 * Can't add the attribute if the list isn't
1104 if (!from) goto error;
1107 * FIXME: allow tag references?
1109 found = pairfind(*from, map->src->da->attr, map->src->da->vendor, TAG_ANY);
1111 RWDEBUG("\"%s\" not found, skipping",
1117 * Copy the data over verbatim, assuming it's
1120 rad_assert(found->type == VT_DATA);
1121 memcpy(&vp->data, &found->data, found->length);
1122 vp->length = found->length;
1136 /** Convert a valuepair string to VALUE_PAIR and insert it into a list
1138 * Takes a valuepair string with list and request qualifiers, converts it into a VALUE_PAIR
1139 * and inserts it into the appropriate list.
1141 * @param request Current request.
1142 * @param raw string to parse.
1143 * @param request_def to use if attribute isn't qualified.
1144 * @param list_def to use if attribute isn't qualified.
1145 * @return 0 on success, -1 on error.
1147 int radius_str2vp(REQUEST *request, char const *raw, request_refs_t request_def, pair_lists_t list_def)
1154 VALUE_PAIR *vp = NULL;
1159 req = radius_request_name(&p, request_def);
1161 if (req == REQUEST_UNKNOWN) {
1162 REDEBUG("Invalid request qualifier \"%.*s\"", (int) len, raw);
1168 list = radius_list_name(&p, list_def);
1169 if (list == PAIR_LIST_UNKNOWN) {
1172 REDEBUG("Invalid list qualifier \"%.*s\"", (int) len, raw);
1178 if (radius_request(&request, req) < 0) {
1182 vps = radius_list(request, list);
1187 if (userparse(request, raw, &vp) == T_OP_INVALID) {
1191 pairmove(request, vps, &vp);
1197 /** Return a VP from a value_pair_tmpl_t
1199 * @param request current request.
1200 * @param vpt the value pair template
1201 * @return NULL if not found, or the VPs.
1203 VALUE_PAIR *radius_vpt_get_vp(REQUEST *request, value_pair_tmpl_t const *vpt)
1207 if (radius_request(&request, vpt->request) < 0) {
1211 vps = radius_list(request, vpt->list);
1219 * May not may not be found, but it *is* a known name.
1222 return pairfind(*vps, vpt->da->attr, vpt->da->vendor, TAG_ANY);
1236 /** Return a VP from the specified request.
1238 * @param request current request.
1239 * @param name attribute name including qualifiers.
1240 * @param vp_p where to write the pointer to the resolved VP.
1241 * Will be NULL if the attribute couldn't be resolved.
1242 * @return -1 if either the attribute or qualifier were invalid, else 0
1244 int radius_get_vp(REQUEST *request, char const *name, VALUE_PAIR **vp_p)
1246 value_pair_tmpl_t vpt;
1250 if (radius_parse_attr(name, &vpt, REQUEST_CURRENT,
1251 PAIR_LIST_REQUEST) < 0) {
1255 *vp_p = radius_vpt_get_vp(request, &vpt);
1259 /** Add a module failure message VALUE_PAIR to the request
1261 DIAG_OFF(format-nonliteral)
1262 void module_failure_msg(REQUEST *request, char const *fmt, ...)
1269 vp = paircreate(request->packet, PW_MODULE_FAILURE_MESSAGE, 0);
1275 pairsprintf(vp, "%s: ", request->module);
1278 vsnprintf(vp->vp_strvalue + len, sizeof(vp->vp_strvalue) - len, fmt, ap);
1279 pairadd(&request->packet->vps, vp);
1281 DIAG_ON(format-nonliteral)
projects / freeradius.git / blob