int rad_lockfd(int fd, int lock_len);
int rad_lockfd_nonblock(int fd, int lock_len);
int rad_unlockfd(int fd, int lock_len);
-size_t fr_bin2hex(uint8_t const *bin, char *hex, size_t len);
-size_t fr_hex2bin(char const *hex, uint8_t *bin, size_t len);
+size_t fr_bin2hex(char *hex, uint8_t const *bin, size_t inlen);
+size_t fr_hex2bin(uint8_t *bin, char const *hex, size_t outlen);
int fr_ipaddr_cmp(fr_ipaddr_t const *a, fr_ipaddr_t const *b);
int ip_hton(char const *src, int af, fr_ipaddr_t *dst);
/*
* Node must be 6 octets long.
*/
- token = fr_hex2bin(p, net->node, IPX_NODE_ADDR_LEN);
+ token = fr_hex2bin(net->node, p, IPX_NODE_ADDR_LEN);
if (token != IPX_NODE_ADDR_LEN) return -1;
/*
filter->offset = rcode;
filter->offset = htons(filter->offset);
- rcode = fr_hex2bin(argv[1], filter->mask, sizeof(filter->mask));
+ rcode = fr_hex2bin(filter->mask, argv[1], sizeof(filter->mask));
if (rcode != sizeof(filter->mask)) return -1;
- token = fr_hex2bin(argv[2], filter->value, sizeof(filter->value));
+ token = fr_hex2bin(filter->value, argv[2], sizeof(filter->value));
if (token != sizeof(filter->value)) return -1;
/*
/** Convert hex strings to binary data
*
- * @param hex input string.
* @param bin Buffer to write output to.
- * @param len length of input string.
+ * @param hex input string.
+ * @param outlen length of output buffer (or length of input string / 2).
* @return length of data written to buffer.
*/
-size_t fr_hex2bin(char const *hex, uint8_t *bin, size_t len)
+size_t fr_hex2bin(uint8_t *bin, char const *hex, size_t outlen)
{
size_t i;
char *c1, *c2;
- for (i = 0; i < len; i++) {
+ for (i = 0; i < outlen; i++) {
if(!(c1 = memchr(hextab, tolower((int) hex[i << 1]), 16)) ||
!(c2 = memchr(hextab, tolower((int) hex[(i << 1) + 1]), 16)))
break;
*
* @warning If the output buffer isn't long enough, we have a buffer overflow.
*
- * @param[in] bin input.
* @param[out] hex Buffer to write hex output.
- * @param[in] len of bin input.
+ * @param[in] bin input.
+ * @param[in] inlen of bin input.
* @return length of data written to buffer.
*/
-size_t fr_bin2hex(uint8_t const *bin, char *hex, size_t len)
+size_t fr_bin2hex(char *hex, uint8_t const *bin, size_t inlen)
{
size_t i;
- for (i = 0; i < len; i++) {
+ for (i = 0; i < inlen; i++) {
hex[0] = hextab[((*bin) >> 4) & 0x0f];
hex[1] = hextab[*bin & 0x0f];
hex += 2;
}
*hex = '\0';
- return len * 2;
+ return inlen * 2;
}
strcpy(buf, "0x");
- fr_bin2hex(vp->vp_octets, buf + 2, vp->length);
+ fr_bin2hex(buf + 2, vp->vp_octets, vp->length);
a = buf;
break;
strcpy(buf, "0x");
- fr_bin2hex(vp->vp_tlv, buf + 2, vp->length);
+ fr_bin2hex(buf + 2, vp->vp_tlv, vp->length);
a = buf;
break;
p = talloc_array(ctx, char, 3 + vp->length * 2);
if (!p) return NULL;
memcpy(p, "0x", 2);
- fr_bin2hex(vp->vp_octets, p + 2, vp->length);
+ fr_bin2hex(p + 2, vp->vp_octets, vp->length);
break;
case PW_TYPE_DATE:
return false;
}
- if (fr_hex2bin(cp, us,
- vp->length) != vp->length) {
+ if (fr_hex2bin(us, cp, vp->length) != vp->length) {
fr_strerror_printf("Invalid hex data");
return false;
}
fr_strerror_printf("No memory");
return false;
}
- if (fr_hex2bin(value + 2, vp->vp_tlv,
- length) != length) {
+ if (fr_hex2bin(vp->vp_tlv, value + 2, length) != length) {
fr_strerror_printf("Invalid hex data in TLV");
return false;
}
vp->length = size >> 1;
data = talloc_array(vp, uint8_t, vp->length);
- if (fr_hex2bin(value + 2, data, size) != vp->length) {
+ if (fr_hex2bin(data, value + 2, size) != vp->length) {
fr_strerror_printf("Invalid hex string");
talloc_free(vp);
return NULL;
psk_len = strlen(conf->psk_password);
if (psk_len > (2 * max_psk_len)) return 0;
- return fr_hex2bin(conf->psk_password, psk, psk_len);
+ return fr_hex2bin(psk, conf->psk_password, psk_len);
}
static unsigned int psk_client_callback(SSL *ssl, UNUSED char const *hint,
strlcpy(identity, conf->psk_identity, max_identity_len);
- return fr_hex2bin(conf->psk_password, psk, psk_len);
+ return fr_hex2bin(psk, conf->psk_password, psk_len);
}
#endif
size = sess->session_id_length;
if (size > MAX_SESSION_SIZE) size = MAX_SESSION_SIZE;
- fr_bin2hex(sess->session_id, buffer, size);
+ fr_bin2hex(buffer, sess->session_id, size);
DEBUG2(" SSL: Removing session %s from the cache", buffer);
conf = (fr_tls_server_conf_t *)SSL_CTX_get_app_data(ctx);
size = sess->session_id_length;
if (size > MAX_SESSION_SIZE) size = MAX_SESSION_SIZE;
- fr_bin2hex(sess->session_id, buffer, size);
+ fr_bin2hex(buffer, sess->session_id, size);
DEBUG2(" SSL: adding session %s to cache", buffer);
size = len;
if (size > MAX_SESSION_SIZE) size = MAX_SESSION_SIZE;
- fr_bin2hex(data, buffer, size);
+ fr_bin2hex(buffer, data, size);
DEBUG2(" SSL: Client requested cached session %s", buffer);
return NULL;
}
- hex_len = fr_hex2bin(conf->psk_password,
- (uint8_t *) buffer, psk_len);
+ hex_len = fr_hex2bin((uint8_t *) buffer, conf->psk_password, psk_len);
if (psk_len != (2 * hex_len)) {
ERROR("psk_hexphrase is not all hex");
return NULL;
size = ssn->ssl->session->session_id_length;
if (size > MAX_SESSION_SIZE) size = MAX_SESSION_SIZE;
- fr_bin2hex(ssn->ssl->session->session_id, buffer, size);
+ fr_bin2hex(buffer, ssn->ssl->session->session_id, size);
vp = paircopy2(NULL, request->reply->vps, PW_USER_NAME, 0, TAG_ANY);
if (vp) pairadd(&vps, vp);
size = ssn->ssl->session->session_id_length;
if (size > MAX_SESSION_SIZE) size = MAX_SESSION_SIZE;
- fr_bin2hex(ssn->ssl->session->session_id, buffer, size);
+ fr_bin2hex(buffer, ssn->ssl->session->session_id, size);
vps = SSL_SESSION_get_ex_data(ssn->ssl->session,
FR_TLS_EX_INDEX_VPS);
return -(p - fmt);
}
- if (!fr_hex2bin(p, (uint8_t *) q, 2)) {
+ if (!fr_hex2bin((uint8_t *) q, p, 2)) {
talloc_free(node);
*error = "Invalid hex characters";
return -(p - fmt);
* Set A1 to Digest-HA1 if no User-Password found
*/
if (passwd->da->attr == PW_DIGEST_HA1) {
- if (fr_hex2bin(passwd->vp_strvalue, &a1[0], 16) != 16) {
+ if (fr_hex2bin(&a1[0], passwd->vp_strvalue, 16) != 16) {
RDEBUG2("Invalid text in Digest-HA1");
return RLM_MODULE_INVALID;
}
*/
if (passwd->da->attr == PW_CLEARTEXT_PASSWORD) {
fr_md5_calc(hash, &a1[0], a1_len);
- fr_bin2hex(hash, (char *) &a1[0], 16);
+ fr_bin2hex((char *) &a1[0], hash, 16);
} else { /* MUST be Digest-HA1 */
memcpy(&a1[0], passwd->vp_strvalue, 32);
}
} else {
memcpy(&hash[0], &a1[0], a1_len);
}
- fr_bin2hex(hash, (char *) kd, sizeof(hash));
+ fr_bin2hex((char *) kd, hash, sizeof(hash));
#ifndef NRDEBUG
if (debug_flag > 1) {
fr_md5_calc(&hash[0], &a2[0], a2_len);
- fr_bin2hex(hash, (char *) kd + kd_len, sizeof(hash));
+ fr_bin2hex((char *) kd + kd_len, hash, sizeof(hash));
#ifndef NRDEBUG
if (debug_flag > 1) {
return RLM_MODULE_INVALID;
}
- if (fr_hex2bin(vp->vp_strvalue, &hash[0], vp->length >> 1) != (vp->length >> 1)) {
+ if (fr_hex2bin(&hash[0], vp->vp_strvalue, vp->length >> 1) != (vp->length >> 1)) {
RDEBUG2("Invalid text in Digest-Response");
return RLM_MODULE_INVALID;
}
if (password->length == 32) {
p = talloc_array(password, uint8_t, 16);
- password->length = fr_hex2bin(password->vp_strvalue,
- p,
- 16);
+ password->length = fr_hex2bin(p, password->vp_strvalue, 16);
}
if (password->length != 16) {
ERROR("rlm_eap_leap: Bad NT-Password");
n = sscanf(response->vp_strvalue, "%*cE=%d R=%d C=%32s", &err, &retry, &buf[0]);
if (n == 3) {
DEBUG2("Found new challenge from MS-CHAP-Error: err=%d retry=%d challenge=%s", err, retry, buf);
- fr_hex2bin(buf, data->challenge, 16);
+ fr_hex2bin(data->challenge, buf, 16);
} else {
DEBUG2("Could not parse new challenge from MS-CHAP-Error: %d", n);
}
strlen(xlat_str));
fr_MD5Final(key_str, &md5_context);
key_str[16] = '\0';
- fr_bin2hex(key_str,hex_str,16);
+ fr_bin2hex(hex_str, key_str, 16);
hex_str[32] = '\0';
RDEBUG("MD5 on 'key' directive maps to: %s",hex_str);
memcpy(key.key,key_str,16);
fr_MD5Update(&md5_context, (uint8_t *)xlat_str, strlen(xlat_str));
fr_MD5Final(key_str, &md5_context);
key_str[16] = '\0';
- fr_bin2hex(key_str,hex_str,16);
+ fr_bin2hex(hex_str, key_str, 16);
hex_str[32] = '\0';
RDEBUG("MD5 on 'key' directive maps to: %s",hex_str);
memcpy(key.key,key_str,16);
fr_MD5Final(key_str, &md5_context);
memcpy(key.key, key_str, 16);
- fr_bin2hex(key_str, hex_str, 16);
+ fr_bin2hex(hex_str, key_str, 16);
hex_str[32] = '\0';
key_datum.dptr = (char *) &key;
key_datum.dsize = sizeof(ippool_key);
fr_MD5Final(key_str, &md5_context);
memcpy(key.key, key_str, 16);
- fr_bin2hex(key_str, hex_str, 16);
+ fr_bin2hex(hex_str, key_str, 16);
hex_str[32] = '\0';
printf("rlm_ippool_tool: Transforming pair nas/port (%s/%d) to md5 '%s'\n",
printf("NAS:%s port:0x%x - ", old_key.nas, old_key.port);
} else {
memcpy(key_str, key.key, 16);
- fr_bin2hex(key_str, hex_str, 16);
+ fr_bin2hex(hex_str, key_str, 16);
hex_str[32] = '\0';
printf("KEY: '%s' - ", hex_str);
}
printf("NAS:%s port:0x%x\n", old_key.nas, old_key.port);
} else {
memcpy(key_str, key.key, 16);
- fr_bin2hex(key_str, hex_str, 16);
+ fr_bin2hex(hex_str, key_str, 16);
hex_str[32] = '\0';
printf("KEY: '%s' - ", hex_str);
}
mschap_ntpwdhash(buffer,buf2);
- fr_bin2hex(buffer, out, 16);
+ fr_bin2hex(out, buffer, 16);
out[32] = '\0';
RDEBUG("NT-Hash of %s = %s", buf2, out);
return 32;
}
smbdes_lmpwdhash(buf2, buffer);
- fr_bin2hex(buffer, out, 16);
+ fr_bin2hex(out, buffer, 16);
out[32] = '\0';
RDEBUG("LM-Hash of %s = %s", buf2, out);
return 32;
/* now the password blobs */
len = sprintf(buf, "new-nt-password-blob: ");
- fr_bin2hex(new_nt_password, buf+len, 516);
+ fr_bin2hex(buf+len, new_nt_password, 516);
buf[len+1032] = '\n';
buf[len+1033] = '\0';
len = strlen(buf);
}
len = sprintf(buf, "old-nt-hash-blob: ");
- fr_bin2hex(old_nt_hash, buf+len, 16);
+ fr_bin2hex(buf+len, old_nt_hash, 16);
buf[len+32] = '\n';
buf[len+33] = '\0';
len = strlen(buf);
/*
* Update the NT hash hash, from the NT key.
*/
- if (fr_hex2bin(buffer + 8, nthashhash, 16) != 16) {
+ if (fr_hex2bin(nthashhash, buffer + 8, 16) != 16) {
RDEBUG2("Invalid output from ntlm_auth: NT_KEY has non-hex values");
return -1;
}
*/
if ((lm_password->length == 16) ||
((lm_password->length == 32) &&
- (fr_hex2bin(lm_password->vp_strvalue,
- p, 16) == 16))) {
+ (fr_hex2bin(p, lm_password->vp_strvalue, 16) == 16))) {
RDEBUG2("Found LM-Password");
lm_password->length = 16;
lm_password->vp_octets = p;
if ((nt_password->length == 16) ||
((nt_password->length == 32) &&
- (fr_hex2bin(nt_password->vp_strvalue,
- p, 16) == 16))) {
+ (fr_hex2bin(p, nt_password->vp_strvalue, 16) == 16))) {
RDEBUG2("Found NT-Password");
nt_password->length = 16;
nt_password->vp_octets = p;
/*
* Add the challenge (which is already ASCII encoded)
*/
- p += fr_bin2hex((uint8_t const *) challenge, p, clen);
+ p += fr_bin2hex(p, (uint8_t const *) challenge, clen);
/* Add the flags and time. */
- p += fr_bin2hex((uint8_t *) &flags, p, 4);
- p += fr_bin2hex((uint8_t *) &when, p, 4);
+ p += fr_bin2hex(p, (uint8_t *) &flags, 4);
+ p += fr_bin2hex(p, (uint8_t *) &when, 4);
/* Add the hmac. */
- p += fr_bin2hex(hmac, p, 16);
+ p += fr_bin2hex(p, hmac, 16);
return p - state;
}
* There are notes in otp_radstate as to why the state
* value is encoded as hexits.
*/
- len = fr_hex2bin(vp->vp_strvalue, bin_state, vp->length);
+ len = fr_hex2bin(bin_state, vp->vp_strvalue, vp->length);
if (len != (vp->length / 2)) {
REDEBUG("bad radstate for [%s]: not hex", username);
*/
if (vp->length >= (2 * min_length)) {
size_t decoded;
- decoded = fr_hex2bin(vp->vp_strvalue, buffer,
- vp->length >> 1);
+ decoded = fr_hex2bin(buffer, vp->vp_strvalue, vp->length >> 1);
if (decoded == (vp->length >> 1)) {
RDEBUG2("Normalizing %s from hex encoding", vp->da->name);
pairmemcpy(vp, buffer, decoded);
return RLM_MODULE_REJECT;
}
- if ((fr_hex2bin(charbuf, binbuf, sizeof(binbuf)) != vp->length) ||
+ if ((fr_hex2bin(binbuf, charbuf, sizeof(binbuf)) != vp->length) ||
(rad_digest_cmp(binbuf, vp->vp_octets, vp->length) != 0)) {
REDEBUG("NT password check failed");
return RLM_MODULE_REJECT;
return RLM_MODULE_REJECT;
}
- if ((fr_hex2bin(charbuf, binbuf, sizeof(binbuf)) != vp->length) ||
+ if ((fr_hex2bin(binbuf, charbuf, sizeof(binbuf)) != vp->length) ||
(rad_digest_cmp(binbuf, vp->vp_octets, vp->length) != 0)) {
REDEBUG("LM password check failed");
return RLM_MODULE_REJECT;
/*
* Sanity check the value of NS-MTA-MD5-Password
*/
- if (fr_hex2bin(vp->vp_strvalue, binbuf, 32) != 16) {
+ if (fr_hex2bin(binbuf, vp->vp_strvalue, 32) != 16) {
REDEBUG("Configured NS-MTA-MD5-Password has invalid value");
return RLM_MODULE_REJECT;
}
* so we fix it here.
*/
for (i = 0; i < 6; i++) {
- fr_bin2hex(&buffer[i], &p[i * 3], 1);
+ fr_bin2hex(&p[i * 3], &buffer[i], 1);
p[(i * 3) + 2] = '-';
}
if (len > 128) len = 128; /* buffer size */
- fr_bin2hex(mip_rk, buffer, len);
+ fr_bin2hex(buffer, mip_rk, len);
RDEBUG("MIP-RK = 0x%s", buffer);
RDEBUG("MIP-SPI = %08x", ntohl(mip_spi));
}
RDEBUG("Token data decrypted successfully");
if (request->options && request->radlog) {
- (void) fr_bin2hex((uint8_t*) &token.uid,
- (char *) &private_id, YUBIKEY_UID_SIZE);
+ (void) fr_bin2hex((char *) &private_id, (uint8_t*) &token.uid, YUBIKEY_UID_SIZE);
RDEBUG2("Private ID : 0x%s", private_id);
RDEBUG2("Session counter : %u", yubikey_counter(token.ctr));
RDEBUG2("# used in session : %u", token.use);