From b7e06a25513446860375406cd8b1dac1399cc2af Mon Sep 17 00:00:00 2001 From: "Alan T. DeKok" Date: Mon, 5 Oct 2009 12:04:35 +0200 Subject: [PATCH] All of the modules now build. No idea if they work or not... --- src/include/radiusd.h | 2 +- src/modules/rlm_digest/rlm_digest.c | 2 +- src/modules/rlm_expiration/rlm_expiration.c | 2 +- src/modules/rlm_expr/paircmp.c | 4 +-- src/modules/rlm_ldap/rlm_ldap.c | 2 +- src/modules/rlm_logintime/rlm_logintime.c | 2 +- src/modules/rlm_mschap/rlm_mschap.c | 21 +++++++------ src/modules/rlm_otp/extern.h | 2 +- src/modules/rlm_otp/otp_mppe.c | 4 +-- src/modules/rlm_otp/otp_mppe.h | 5 --- src/modules/rlm_otp/otp_pw_valid.c | 4 +-- src/modules/rlm_otp/otp_pwe.c | 32 +++++++++---------- src/modules/rlm_pam/rlm_pam.c | 2 +- src/modules/rlm_pap/rlm_pap.c | 8 ++--- src/modules/rlm_passwd/rlm_passwd.c | 10 +++--- src/modules/rlm_perl/rlm_perl.c | 15 ++++----- src/modules/rlm_policy/evaluate.c | 2 +- src/modules/rlm_preprocess/rlm_preprocess.c | 24 +++++++-------- src/modules/rlm_realm/rlm_realm.c | 2 +- src/modules/rlm_sql/rlm_sql.c | 42 ++++++++++++------------- src/modules/rlm_sql_log/rlm_sql_log.c | 4 +-- src/modules/rlm_sqlcounter/rlm_sqlcounter.c | 34 +++++++++++--------- src/modules/rlm_sqlippool/rlm_sqlippool.c | 2 +- src/modules/rlm_wimax/rlm_wimax.c | 48 ++++++++++++++--------------- 24 files changed, 136 insertions(+), 139 deletions(-) diff --git a/src/include/radiusd.h b/src/include/radiusd.h index 24cf81e..82ea614 100644 --- a/src/include/radiusd.h +++ b/src/include/radiusd.h @@ -626,7 +626,7 @@ int radius_callback_compare(REQUEST *req, VALUE_PAIR *request, VALUE_PAIR **reply_pairs); int radius_find_compare(int attribute); VALUE_PAIR *radius_paircreate(REQUEST *request, VALUE_PAIR **vps, - int attribute, int type); + int attribute, int vendor, int type); VALUE_PAIR *radius_pairmake(REQUEST *request, VALUE_PAIR **vps, const char *attribute, const char *value, int operator); diff --git a/src/modules/rlm_digest/rlm_digest.c b/src/modules/rlm_digest/rlm_digest.c index 861e72b..9013c0a 100644 --- a/src/modules/rlm_digest/rlm_digest.c +++ b/src/modules/rlm_digest/rlm_digest.c @@ -161,7 +161,7 @@ static int digest_authenticate(void *instance, REQUEST *request) */ sub = radius_paircreate(request, &request->packet->vps, PW_DIGEST_REALM - 1 + p[0], - PW_TYPE_STRING); + 0, PW_TYPE_STRING); memcpy(&sub->vp_octets[0], &p[2], attrlen - 2); sub->vp_octets[attrlen - 2] = '\0'; sub->length = attrlen - 2; diff --git a/src/modules/rlm_expiration/rlm_expiration.c b/src/modules/rlm_expiration/rlm_expiration.c index 946e87f..247e480 100644 --- a/src/modules/rlm_expiration/rlm_expiration.c +++ b/src/modules/rlm_expiration/rlm_expiration.c @@ -102,7 +102,7 @@ static int expiration_authorize(void *instance, REQUEST *request) vp = pairfind(request->reply->vps, PW_SESSION_TIMEOUT, 0); if (!vp) { vp = radius_paircreate(request, &request->reply->vps, - PW_SESSION_TIMEOUT, + PW_SESSION_TIMEOUT, 0, PW_TYPE_INTEGER); vp->vp_date = (uint32_t) (((time_t) check_item->vp_date) - request->timestamp); diff --git a/src/modules/rlm_expr/paircmp.c b/src/modules/rlm_expr/paircmp.c index e76ea11..52aec03 100644 --- a/src/modules/rlm_expr/paircmp.c +++ b/src/modules/rlm_expr/paircmp.c @@ -163,8 +163,8 @@ static int presufcmp(UNUSED void *instance, * If "request" is NULL, then the memory will be * lost! */ - vp = radius_paircreate(req, &request, - PW_STRIPPED_USER_NAME, PW_TYPE_STRING); + vp = radius_paircreate(req, &request, PW_STRIPPED_USER_NAME, + 0, PW_TYPE_STRING); if (!vp) return ret; req->username = vp; } diff --git a/src/modules/rlm_ldap/rlm_ldap.c b/src/modules/rlm_ldap/rlm_ldap.c index fe622a2..4933a0e 100644 --- a/src/modules/rlm_ldap/rlm_ldap.c +++ b/src/modules/rlm_ldap/rlm_ldap.c @@ -1536,7 +1536,7 @@ static int ldap_authorize(void *instance, REQUEST * request) create_attr: passwd_item = radius_paircreate(request, &request->config_items, - attr, + attr, 0, PW_TYPE_STRING); strlcpy(passwd_item->vp_strvalue, value, sizeof(passwd_item->vp_strvalue)); diff --git a/src/modules/rlm_logintime/rlm_logintime.c b/src/modules/rlm_logintime/rlm_logintime.c index 733cccb..fd69109 100644 --- a/src/modules/rlm_logintime/rlm_logintime.c +++ b/src/modules/rlm_logintime/rlm_logintime.c @@ -226,7 +226,7 @@ static int logintime_authorize(void *instance, REQUEST *request) } else { reply_item = radius_paircreate(request, &request->reply->vps, - PW_SESSION_TIMEOUT, + PW_SESSION_TIMEOUT, 0, PW_TYPE_INTEGER); reply_item->vp_integer = r; } diff --git a/src/modules/rlm_mschap/rlm_mschap.c b/src/modules/rlm_mschap/rlm_mschap.c index 368743a..61853f7 100644 --- a/src/modules/rlm_mschap/rlm_mschap.c +++ b/src/modules/rlm_mschap/rlm_mschap.c @@ -298,7 +298,8 @@ static size_t mschap_xlat(void *instance, REQUEST *request, */ if (strncasecmp(fmt, "Challenge", 9) == 0) { chap_challenge = pairfind(request->packet->vps, - PW_MSCHAP_CHALLENGE); + PW_MSCHAP_CHALLENGE, + VENDORPEC_MICROSOFT); if (!chap_challenge) { RDEBUG2("No MS-CHAP-Challenge in the request."); return 0; @@ -323,7 +324,8 @@ static size_t mschap_xlat(void *instance, REQUEST *request, RDEBUG2(" mschap2: %02x", chap_challenge->vp_octets[0]); response = pairfind(request->packet->vps, - PW_MSCHAP2_RESPONSE); + PW_MSCHAP2_RESPONSE, + VENDORPEC_MICROSOFT); if (!response) { RDEBUG2("MS-CHAP2-Response is required to calculate MS-CHAPv1 challenge."); return 0; @@ -338,7 +340,7 @@ static size_t mschap_xlat(void *instance, REQUEST *request, } user_name = pairfind(request->packet->vps, - PW_USER_NAME); + PW_USER_NAME, 0); if (!user_name) { RDEBUG2("User-Name is required to calculateMS-CHAPv1 Challenge."); return 0; @@ -379,9 +381,10 @@ static size_t mschap_xlat(void *instance, REQUEST *request, */ } else if (strncasecmp(fmt, "NT-Response", 11) == 0) { response = pairfind(request->packet->vps, - PW_MSCHAP_RESPONSE); + PW_MSCHAP_RESPONSE, VENDORPEC_MICROSOFT); if (!response) response = pairfind(request->packet->vps, - PW_MSCHAP2_RESPONSE); + PW_MSCHAP2_RESPONSE, + VENDORPEC_MICROSOFT); if (!response) { RDEBUG2("No MS-CHAP-Response or MS-CHAP2-Response was found in the request."); return 0; @@ -411,7 +414,7 @@ static size_t mschap_xlat(void *instance, REQUEST *request, */ } else if (strncasecmp(fmt, "LM-Response", 11) == 0) { response = pairfind(request->packet->vps, - PW_MSCHAP_RESPONSE); + PW_MSCHAP_RESPONSE, VENDORPEC_MICROSOFT); if (!response) { RDEBUG2("No MS-CHAP-Response was found in the request."); return 0; @@ -696,7 +699,7 @@ static int mschap_instantiate(CONF_SECTION *conf, void **instance) /* * For backwards compatibility */ - if (!dict_valbyname(PW_AUTH_TYPE, inst->xlat_name)) { + if (!dict_valbyname(PW_AUTH_TYPE, 0, inst->xlat_name)) { inst->auth_type = "MS-CHAP"; } else { inst->auth_type = inst->xlat_name; @@ -1044,7 +1047,7 @@ static int mschap_authenticate(void * instance, REQUEST *request) */ if (do_ntlm_auth) { VALUE_PAIR *vp = pairfind(request->config_items, - PW_MS_CHAP_USE_NTLM_AUTH); + PW_MS_CHAP_USE_NTLM_AUTH, 0); if (vp) do_ntlm_auth = vp->vp_integer; } @@ -1055,7 +1058,7 @@ static int mschap_authenticate(void * instance, REQUEST *request) smb_ctrl = pairfind(request->config_items, PW_SMB_ACCOUNT_CTRL, 0); if (!smb_ctrl) { password = pairfind(request->config_items, - PW_SMB_ACCOUNT_CTRL_TEXT); + PW_SMB_ACCOUNT_CTRL_TEXT, 0); if (password) { smb_ctrl = radius_pairmake(request, &request->config_items, diff --git a/src/modules/rlm_otp/extern.h b/src/modules/rlm_otp/extern.h index 5fad0cb..db733c2 100644 --- a/src/modules/rlm_otp/extern.h +++ b/src/modules/rlm_otp/extern.h @@ -77,7 +77,7 @@ extern int otp_gen_state(char [OTP_MAX_RADSTATE_LEN], int32_t, int32_t, const unsigned char [16]); /* otp_pwe.c */ -extern int pwattr[8]; +extern DICT_ATTR *pwattr[8]; extern void otp_pwe_init(void); extern otp_pwe_t otp_pwe_present(const REQUEST *); diff --git a/src/modules/rlm_otp/otp_mppe.c b/src/modules/rlm_otp/otp_mppe.c index f31ef9f..07ff7fb 100644 --- a/src/modules/rlm_otp/otp_mppe.c +++ b/src/modules/rlm_otp/otp_mppe.c @@ -49,8 +49,8 @@ otp_mppe(REQUEST *request, otp_pwe_t pwe, const otp_option_t *opt, VALUE_PAIR **avp = &request->reply->vps; VALUE_PAIR *cvp, *rvp, *vp; - cvp = pairfind(request->packet->vps, pwattr[pwe - 1]); - rvp = pairfind(request->packet->vps, pwattr[pwe]); + cvp = pairfind(request->packet->vps, pwattr[pwe - 1]->attr, pwattr[pwe - 1]->vendor); + rvp = pairfind(request->packet->vps, pwattr[pwe]->attr, pwattr[pwe]->vendor); switch (pwe) { case PWE_PAP: diff --git a/src/modules/rlm_otp/otp_mppe.h b/src/modules/rlm_otp/otp_mppe.h index e1f8452..a43f959 100644 --- a/src/modules/rlm_otp/otp_mppe.h +++ b/src/modules/rlm_otp/otp_mppe.h @@ -25,11 +25,6 @@ #include RCSIDH(otp_mppe_h, "$Id$") -/* Some hardcoding here ... because not all types have #defines */ -#define PW_MS_CHAP_CHALLENGE ((311 << 16) | 11) -#define PW_MS_CHAP_RESPONSE ((311 << 16) | 1) -#define PW_MS_CHAP2_RESPONSE ((311 << 16) | 25) - /* MPPE encryption policy */ #define MPPE_ENC_POL_ENCRYPTION_FORBIDDEN "0x00000000" #define MPPE_ENC_POL_ENCRYPTION_ALLOWED "0x00000001" diff --git a/src/modules/rlm_otp/otp_pw_valid.c b/src/modules/rlm_otp/otp_pw_valid.c index d05516f..ae0f015 100644 --- a/src/modules/rlm_otp/otp_pw_valid.c +++ b/src/modules/rlm_otp/otp_pw_valid.c @@ -92,8 +92,8 @@ otp_pw_valid(REQUEST *request, int pwe, const char *challenge, otp_request.pwe.pwe = pwe; /* otp_pwe_present() (done by caller) guarantees that both of these exist */ - cvp = pairfind(request->packet->vps, pwattr[pwe - 1]); - rvp = pairfind(request->packet->vps, pwattr[pwe]); + cvp = pairfind(request->packet->vps, pwattr[pwe - 1]->attr, pwattr[pwe - 1]->vendor); + rvp = pairfind(request->packet->vps, pwattr[pwe]->attr, pwattr[pwe]->vendor); /* this is just to quiet Coverity */ if (!rvp || !cvp) return RLM_MODULE_REJECT; diff --git a/src/modules/rlm_otp/otp_pwe.c b/src/modules/rlm_otp/otp_pwe.c index 4083180..e3e37c6 100644 --- a/src/modules/rlm_otp/otp_pwe.c +++ b/src/modules/rlm_otp/otp_pwe.c @@ -45,7 +45,7 @@ RCSID("$Id$") /* Attribute IDs for supported password encodings. */ #define SIZEOF_PWATTR (4 * 2) -int pwattr[SIZEOF_PWATTR]; +DICT_ATTR *pwattr[SIZEOF_PWATTR]; /* Initialize the pwattr array for supported password encodings. */ @@ -64,37 +64,37 @@ otp_pwe_init(void) /* PAP */ if ((da = dict_attrbyname("User-Password")) != NULL) { - pwattr[0] = da->attr; - pwattr[1] = da->attr; + pwattr[0] = da; + pwattr[1] = da; } /* CHAP */ if ((da = dict_attrbyname("CHAP-Challenge")) != NULL) { - pwattr[2] = da->attr; + pwattr[2] = da; if ((da = dict_attrbyname("CHAP-Password")) != NULL) - pwattr[3] = da->attr; + pwattr[3] = da; else - pwattr[2] = 0; + pwattr[2] = NULL; } #if 0 /* MS-CHAP (recommended not to use) */ if ((da = dict_attrbyname("MS-CHAP-Challenge")) != NULL) { - pwattr[4] = da->attr; + pwattr[4] = da; if ((da = dict_attrbyname("MS-CHAP-Response")) != NULL) - pwattr[5] = da->attr; + pwattr[5] = da; else - pwattr[4] = 0; + pwattr[4] = NULL; } #endif /* 0 */ /* MS-CHAPv2 */ if ((da = dict_attrbyname("MS-CHAP-Challenge")) != NULL) { - pwattr[6] = da->attr; + pwattr[6] = da; if ((da = dict_attrbyname("MS-CHAP2-Response")) != NULL) - pwattr[7] = da->attr; + pwattr[7] = da; else - pwattr[6] = 0; + pwattr[6] = NULL; } } @@ -110,10 +110,10 @@ otp_pwe_present(const REQUEST *request) unsigned i; for (i = 0; i < SIZEOF_PWATTR; i += 2) { - if (pairfind(request->packet->vps, pwattr[i]) && - pairfind(request->packet->vps, pwattr[i + 1])) { - DEBUG("rlm_otp: %s: password attributes %d, %d", __func__, - pwattr[i], pwattr[i + 1]); + if (pairfind(request->packet->vps, pwattr[i]->attr, pwattr[i]->vendor) && + pairfind(request->packet->vps, pwattr[i + 1]->attr, pwattr[i + 1]->vendor)) { + DEBUG("rlm_otp: %s: password attributes %s, %s", __func__, + pwattr[i]->name, pwattr[i + 1]->name); return i + 1; /* Can't return 0 (indicates failure) */ } } diff --git a/src/modules/rlm_pam/rlm_pam.c b/src/modules/rlm_pam/rlm_pam.c index d83d90b..24ebfe8 100644 --- a/src/modules/rlm_pam/rlm_pam.c +++ b/src/modules/rlm_pam/rlm_pam.c @@ -266,7 +266,7 @@ static int pam_auth(void *instance, REQUEST *request) * Let the 'users' file over-ride the PAM auth name string, * for backwards compatibility. */ - pair = pairfind(request->config_items, PAM_AUTH_ATTR); + pair = pairfind(request->config_items, PAM_AUTH_ATTR, 0); if (pair) pam_auth_string = (char *)pair->vp_strvalue; r = pam_pass((char *)request->username->vp_strvalue, diff --git a/src/modules/rlm_pap/rlm_pap.c b/src/modules/rlm_pap/rlm_pap.c index 93d7904..83f5bb1 100644 --- a/src/modules/rlm_pap/rlm_pap.c +++ b/src/modules/rlm_pap/rlm_pap.c @@ -161,7 +161,7 @@ static int pap_instantiate(CONF_SECTION *conf, void **instance) inst->name = cf_section_name1(conf); } - dval = dict_valbyname(PW_AUTH_TYPE, inst->name); + dval = dict_valbyname(PW_AUTH_TYPE, 0, inst->name); if (dval) { inst->auth_type = dval->value; } else { @@ -342,7 +342,7 @@ static int pap_authorize(void *instance, REQUEST *request) new_vp = radius_paircreate(request, &request->config_items, - attr, PW_TYPE_STRING); + attr, 0, PW_TYPE_STRING); strcpy(new_vp->vp_strvalue, p + 1);/* bounds OK */ new_vp->length = strlen(new_vp->vp_strvalue); @@ -352,7 +352,7 @@ static int pap_authorize(void *instance, REQUEST *request) * attribute, so we should delete the old * User-Password here. */ - pairdelete(&request->config_items, PW_USER_PASSWORD); + pairdelete(&request->config_items, PW_USER_PASSWORD, 0); } break; @@ -463,7 +463,7 @@ static int pap_authorize(void *instance, REQUEST *request) if (inst->auth_type) { vp = radius_paircreate(request, &request->config_items, - PW_AUTH_TYPE, PW_TYPE_INTEGER); + PW_AUTH_TYPE, 0, PW_TYPE_INTEGER); vp->vp_integer = inst->auth_type; } diff --git a/src/modules/rlm_passwd/rlm_passwd.c b/src/modules/rlm_passwd/rlm_passwd.c index ad179fb..fa5f616 100644 --- a/src/modules/rlm_passwd/rlm_passwd.c +++ b/src/modules/rlm_passwd/rlm_passwd.c @@ -358,8 +358,7 @@ struct passwd_instance { int nfields; int keyfield; int listable; - int keyattr; - int keyattrtype; + DICT_ATTR *keyattr; int ignoreempty; }; @@ -477,8 +476,7 @@ static int passwd_instantiate(CONF_SECTION *conf, void **instance) release_ht(inst->ht); return -1; } - inst->keyattr = da->attr; - inst->keyattrtype = da->type; + inst->keyattr = da; inst->nfields = nfields; inst->keyfield = keyfield; inst->listable = listable; @@ -526,9 +524,9 @@ static int passwd_map(void *instance, REQUEST *request) int found = 0; for (key = request->packet->vps; - key && (key = pairfind (key, inst->keyattr)); + key && (key = pairfind (key, inst->keyattr->attr, inst->keyattr->vendor)); key = key->next ){ - switch (inst->keyattrtype) { + switch (inst->keyattr->type) { case PW_TYPE_INTEGER: snprintf(buffer, 1024, "%u", key->vp_integer); name = buffer; diff --git a/src/modules/rlm_perl/rlm_perl.c b/src/modules/rlm_perl/rlm_perl.c index 54cd94b..ce91a4e 100644 --- a/src/modules/rlm_perl/rlm_perl.c +++ b/src/modules/rlm_perl/rlm_perl.c @@ -534,7 +534,7 @@ static void perl_store_vps(VALUE_PAIR *vp, HV *rad_hv) AV *av; char namebuf[256], *name; char buffer[1024]; - int attr, len; + int attr, vendor, len; hv_undef(rad_hv); nvp = paircopy(vp); @@ -542,7 +542,8 @@ static void perl_store_vps(VALUE_PAIR *vp, HV *rad_hv) while (nvp != NULL) { name = nvp->name; attr = nvp->attribute; - vpa = paircopy2(nvp,attr); + vendor = nvp->vendor; + vpa = paircopy2(nvp, attr, vendor); if (vpa->next) { av = newAV(); @@ -570,9 +571,9 @@ static void perl_store_vps(VALUE_PAIR *vp, HV *rad_hv) } pairfree(&vpa); - vpa = nvp; while ((vpa != NULL) && (vpa->attribute == attr)) + vpa = nvp; while ((vpa != NULL) && (vpa->attribute == attr) && (vpa->vendor == vendor)) vpa = vpa->next; - pairdelete(&nvp, attr); + pairdelete(&nvp, attr, vendor); nvp = vpa; } } @@ -745,12 +746,12 @@ static int rlmperl_call(void *instance, REQUEST *request, char *function_name) * Update cached copies */ request->username = pairfind(request->packet->vps, - PW_USER_NAME); + PW_USER_NAME, 0); request->password = pairfind(request->packet->vps, - PW_USER_PASSWORD); + PW_USER_PASSWORD, 0); if (!request->password) request->password = pairfind(request->packet->vps, - PW_CHAP_PASSWORD); + PW_CHAP_PASSWORD, 0); } if ((get_hv_content(rad_reply_hv, &vp)) > 0 ) { diff --git a/src/modules/rlm_policy/evaluate.c b/src/modules/rlm_policy/evaluate.c index cfaa3f7..4ddcfa8 100644 --- a/src/modules/rlm_policy/evaluate.c +++ b/src/modules/rlm_policy/evaluate.c @@ -463,7 +463,7 @@ static VALUE_PAIR *find_vp(REQUEST *request, const char *name) return NULL; /* no such attribute */ } - return pairfind(vps, dattr->attr); + return pairfind(vps, dattr->attr, dattr->vendor); } diff --git a/src/modules/rlm_preprocess/rlm_preprocess.c b/src/modules/rlm_preprocess/rlm_preprocess.c index fe47815..2e8e611 100644 --- a/src/modules/rlm_preprocess/rlm_preprocess.c +++ b/src/modules/rlm_preprocess/rlm_preprocess.c @@ -122,7 +122,7 @@ static void cisco_vsa_hack(VALUE_PAIR *vp) char newattr[MAX_STRING_LEN]; for ( ; vp != NULL; vp = vp->next) { - vendorcode = VENDOR(vp->attribute); + vendorcode = vp->vendor; if (!((vendorcode == 9) || (vendorcode == 6618))) continue; /* not a Cisco or Quintum VSA, continue */ if (vp->type != PW_TYPE_STRING) continue; @@ -182,17 +182,15 @@ static void cisco_vsa_hack(VALUE_PAIR *vp) */ static void alvarion_vsa_hack(VALUE_PAIR *vp) { - int vendorcode; int number = 1; for ( ; vp != NULL; vp = vp->next) { DICT_ATTR *da; - vendorcode = VENDOR(vp->attribute); - if (vendorcode != 12394) continue; + if (vp->vendor != 12394) continue; if (vp->type != PW_TYPE_STRING) continue; - da = dict_attrbyvalue(number | (12394 << 16)); + da = dict_attrbyvalue(number, 12394); if (!da) continue; vp->attribute = da->attr; @@ -267,7 +265,7 @@ static void rad_mangle(rlm_preprocess_t *data, REQUEST *request) if (pairfind(request_pairs, PW_FRAMED_PROTOCOL, 0) != NULL && pairfind(request_pairs, PW_SERVICE_TYPE, 0) == NULL) { tmp = radius_paircreate(request, &request->packet->vps, - PW_SERVICE_TYPE, PW_TYPE_INTEGER); + PW_SERVICE_TYPE, 0, PW_TYPE_INTEGER); tmp->vp_integer = PW_FRAMED_USER; } } @@ -349,8 +347,8 @@ static int hints_setup(PAIR_LIST *hints, REQUEST *request) */ add = paircopy(i->reply); ft = fallthrough(add); - pairdelete(&add, PW_STRIP_USER_NAME); - pairdelete(&add, PW_FALL_THROUGH); + pairdelete(&add, PW_STRIP_USER_NAME, 0); + pairdelete(&add, PW_FALL_THROUGH, 0); pairxlatmove(request, &request->packet->vps, &add); pairfree(&add); updated = 1; @@ -401,7 +399,7 @@ static int huntgroup_access(REQUEST *request, PAIR_LIST *huntgroups) if (!vp) { vp = radius_paircreate(request, &request->packet->vps, - PW_HUNTGROUP_NAME, + PW_HUNTGROUP_NAME, 9, PW_TYPE_STRING); strlcpy(vp->vp_strvalue, i->name, sizeof(vp->vp_strvalue)); @@ -428,7 +426,7 @@ static int add_nas_attr(REQUEST *request) nas = pairfind(request->packet->vps, PW_NAS_IP_ADDRESS, 0); if (!nas) { nas = radius_paircreate(request, &request->packet->vps, - PW_NAS_IP_ADDRESS, + PW_NAS_IP_ADDRESS, 0, PW_TYPE_IPADDR); nas->vp_ipaddr = request->packet->src_ipaddr.ipaddr.ip4addr.s_addr; } @@ -438,7 +436,7 @@ static int add_nas_attr(REQUEST *request) nas = pairfind(request->packet->vps, PW_NAS_IPV6_ADDRESS, 0); if (!nas) { nas = radius_paircreate(request, &request->packet->vps, - PW_NAS_IPV6_ADDRESS, + PW_NAS_IPV6_ADDRESS, 0, PW_TYPE_IPV6ADDR); memcpy(nas->vp_strvalue, &request->packet->src_ipaddr.ipaddr, @@ -529,7 +527,7 @@ static int preprocess_authorize(void *instance, REQUEST *request) * approaching rationality. */ ascend_nasport_hack(pairfind(request->packet->vps, - PW_NAS_PORT), + PW_NAS_PORT, 0), data->ascend_channels_per_line); } @@ -571,7 +569,7 @@ static int preprocess_authorize(void *instance, REQUEST *request) VALUE_PAIR *vp; vp = radius_paircreate(request, &request->packet->vps, - PW_CHAP_CHALLENGE, PW_TYPE_OCTETS); + PW_CHAP_CHALLENGE, 0, PW_TYPE_OCTETS); vp->length = AUTH_VECTOR_LEN; memcpy(vp->vp_strvalue, request->packet->vector, AUTH_VECTOR_LEN); } diff --git a/src/modules/rlm_realm/rlm_realm.c b/src/modules/rlm_realm/rlm_realm.c index 4592c1b..c9d163b 100644 --- a/src/modules/rlm_realm/rlm_realm.c +++ b/src/modules/rlm_realm/rlm_realm.c @@ -180,7 +180,7 @@ static int check_for_realm(void *instance, REQUEST *request, REALM **returnrealm */ if (request->username->attribute != PW_STRIPPED_USER_NAME) { vp = radius_paircreate(request, &request->packet->vps, - PW_STRIPPED_USER_NAME, + PW_STRIPPED_USER_NAME, 0, PW_TYPE_STRING); RDEBUG2("Adding Stripped-User-Name = \"%s\"", username); } else { diff --git a/src/modules/rlm_sql/rlm_sql.c b/src/modules/rlm_sql/rlm_sql.c index 2b3639b..25a98ba 100644 --- a/src/modules/rlm_sql/rlm_sql.c +++ b/src/modules/rlm_sql/rlm_sql.c @@ -484,7 +484,7 @@ int sql_set_user(SQL_INST *inst, REQUEST *request, char *sqlusername, const char sqlusername[0]= '\0'; /* Remove any user attr we added previously */ - pairdelete(&request->packet->vps, PW_SQL_USER_NAME); + pairdelete(&request->packet->vps, PW_SQL_USER_NAME, 0); if (username != NULL) { strlcpy(tmpuser, username, sizeof(tmpuser)); @@ -619,7 +619,7 @@ static int sql_groupcmp(void *instance, REQUEST *request, VALUE_PAIR *request_vp sqlsocket = sql_get_socket(inst); if (sqlsocket == NULL) { /* Remove the username we (maybe) added above */ - pairdelete(&request->packet->vps, PW_SQL_USER_NAME); + pairdelete(&request->packet->vps, PW_SQL_USER_NAME, 0); return 1; } @@ -630,7 +630,7 @@ static int sql_groupcmp(void *instance, REQUEST *request, VALUE_PAIR *request_vp radlog_request(L_ERR, 0, request, "Error getting group membership"); /* Remove the username we (maybe) added above */ - pairdelete(&request->packet->vps, PW_SQL_USER_NAME); + pairdelete(&request->packet->vps, PW_SQL_USER_NAME, 0); sql_release_socket(inst, sqlsocket); return 1; } @@ -642,7 +642,7 @@ static int sql_groupcmp(void *instance, REQUEST *request, VALUE_PAIR *request_vp /* Free the grouplist */ sql_grouplist_free(&group_list); /* Remove the username we (maybe) added above */ - pairdelete(&request->packet->vps, PW_SQL_USER_NAME); + pairdelete(&request->packet->vps, PW_SQL_USER_NAME, 0); sql_release_socket(inst, sqlsocket); return 0; } @@ -651,7 +651,7 @@ static int sql_groupcmp(void *instance, REQUEST *request, VALUE_PAIR *request_vp /* Free the grouplist */ sql_grouplist_free(&group_list); /* Remove the username we (maybe) added above */ - pairdelete(&request->packet->vps, PW_SQL_USER_NAME); + pairdelete(&request->packet->vps, PW_SQL_USER_NAME, 0); sql_release_socket(inst,sqlsocket); RDEBUG("sql_groupcmp finished: User is NOT a member of group %s", @@ -696,7 +696,7 @@ static int rlm_sql_process_groups(SQL_INST *inst, REQUEST *request, SQLSOCK *sql radlog_request(L_ERR, 0, request, "Error generating query; rejecting user"); /* Remove the grouup we added above */ - pairdelete(&request->packet->vps, PW_SQL_GROUP); + pairdelete(&request->packet->vps, PW_SQL_GROUP, 0); return -1; } rows = sql_getvpdata(inst, sqlsocket, &check_tmp, querystr); @@ -704,7 +704,7 @@ static int rlm_sql_process_groups(SQL_INST *inst, REQUEST *request, SQLSOCK *sql radlog_request(L_ERR, 0, request, "Error retrieving check pairs for group %s", group_list_tmp->groupname); /* Remove the grouup we added above */ - pairdelete(&request->packet->vps, PW_SQL_GROUP); + pairdelete(&request->packet->vps, PW_SQL_GROUP, 0); pairfree(&check_tmp); return -1; } else if (rows > 0) { @@ -721,7 +721,7 @@ static int rlm_sql_process_groups(SQL_INST *inst, REQUEST *request, SQLSOCK *sql if (!radius_xlat(querystr, sizeof(querystr), inst->config->authorize_group_reply_query, request, sql_escape_func)) { radlog_request(L_ERR, 0, request, "Error generating query; rejecting user"); /* Remove the grouup we added above */ - pairdelete(&request->packet->vps, PW_SQL_GROUP); + pairdelete(&request->packet->vps, PW_SQL_GROUP, 0); pairfree(&check_tmp); return -1; } @@ -729,7 +729,7 @@ static int rlm_sql_process_groups(SQL_INST *inst, REQUEST *request, SQLSOCK *sql radlog_request(L_ERR, 0, request, "Error retrieving reply pairs for group %s", group_list_tmp->groupname); /* Remove the grouup we added above */ - pairdelete(&request->packet->vps, PW_SQL_GROUP); + pairdelete(&request->packet->vps, PW_SQL_GROUP, 0); pairfree(&check_tmp); pairfree(&reply_tmp); return -1; @@ -754,7 +754,7 @@ static int rlm_sql_process_groups(SQL_INST *inst, REQUEST *request, SQLSOCK *sql if (!radius_xlat(querystr, sizeof(querystr), inst->config->authorize_group_reply_query, request, sql_escape_func)) { radlog_request(L_ERR, 0, request, "Error generating query; rejecting user"); /* Remove the grouup we added above */ - pairdelete(&request->packet->vps, PW_SQL_GROUP); + pairdelete(&request->packet->vps, PW_SQL_GROUP, 0); pairfree(&check_tmp); return -1; } @@ -762,7 +762,7 @@ static int rlm_sql_process_groups(SQL_INST *inst, REQUEST *request, SQLSOCK *sql radlog_request(L_ERR, 0, request, "Error retrieving reply pairs for group %s", group_list_tmp->groupname); /* Remove the grouup we added above */ - pairdelete(&request->packet->vps, PW_SQL_GROUP); + pairdelete(&request->packet->vps, PW_SQL_GROUP, 0); pairfree(&check_tmp); pairfree(&reply_tmp); return -1; @@ -776,7 +776,7 @@ static int rlm_sql_process_groups(SQL_INST *inst, REQUEST *request, SQLSOCK *sql * Delete the Sql-Group we added above * And clear out the pairlists */ - pairdelete(&request->packet->vps, PW_SQL_GROUP); + pairdelete(&request->packet->vps, PW_SQL_GROUP, 0); pairfree(&check_tmp); pairfree(&reply_tmp); } @@ -985,7 +985,7 @@ static int rlm_sql_authorize(void *instance, REQUEST * request) sqlsocket = sql_get_socket(inst); if (sqlsocket == NULL) { /* Remove the username we (maybe) added above */ - pairdelete(&request->packet->vps, PW_SQL_USER_NAME); + pairdelete(&request->packet->vps, PW_SQL_USER_NAME, 0); return RLM_MODULE_FAIL; } @@ -1001,7 +1001,7 @@ static int rlm_sql_authorize(void *instance, REQUEST * request) radlog_request(L_ERR, 0, request, "Error generating query; rejecting user"); sql_release_socket(inst, sqlsocket); /* Remove the username we (maybe) added above */ - pairdelete(&request->packet->vps, PW_SQL_USER_NAME); + pairdelete(&request->packet->vps, PW_SQL_USER_NAME, 0); return RLM_MODULE_FAIL; } rows = sql_getvpdata(inst, sqlsocket, &check_tmp, querystr); @@ -1009,7 +1009,7 @@ static int rlm_sql_authorize(void *instance, REQUEST * request) radlog_request(L_ERR, 0, request, "SQL query error; rejecting user"); sql_release_socket(inst, sqlsocket); /* Remove the username we (maybe) added above */ - pairdelete(&request->packet->vps, PW_SQL_USER_NAME); + pairdelete(&request->packet->vps, PW_SQL_USER_NAME, 0); pairfree(&check_tmp); return RLM_MODULE_FAIL; } else if (rows > 0) { @@ -1030,7 +1030,7 @@ static int rlm_sql_authorize(void *instance, REQUEST * request) radlog_request(L_ERR, 0, request, "Error generating query; rejecting user"); sql_release_socket(inst, sqlsocket); /* Remove the username we (maybe) added above */ - pairdelete(&request->packet->vps, PW_SQL_USER_NAME); + pairdelete(&request->packet->vps, PW_SQL_USER_NAME, 0); pairfree(&check_tmp); return RLM_MODULE_FAIL; } @@ -1038,7 +1038,7 @@ static int rlm_sql_authorize(void *instance, REQUEST * request) radlog_request(L_ERR, 0, request, "SQL query error; rejecting user"); sql_release_socket(inst, sqlsocket); /* Remove the username we (maybe) added above */ - pairdelete(&request->packet->vps, PW_SQL_USER_NAME); + pairdelete(&request->packet->vps, PW_SQL_USER_NAME, 0); pairfree(&check_tmp); pairfree(&reply_tmp); return RLM_MODULE_FAIL; @@ -1070,7 +1070,7 @@ static int rlm_sql_authorize(void *instance, REQUEST * request) radlog_request(L_ERR, 0, request, "Error processing groups; rejecting user"); sql_release_socket(inst, sqlsocket); /* Remove the username we (maybe) added above */ - pairdelete(&request->packet->vps, PW_SQL_USER_NAME); + pairdelete(&request->packet->vps, PW_SQL_USER_NAME, 0); return RLM_MODULE_FAIL; } else if (rows > 0) { found = 1; @@ -1097,7 +1097,7 @@ static int rlm_sql_authorize(void *instance, REQUEST * request) radlog_request(L_ERR, 0, request, "Error setting profile; rejecting user"); sql_release_socket(inst, sqlsocket); /* Remove the username we (maybe) added above */ - pairdelete(&request->packet->vps, PW_SQL_USER_NAME); + pairdelete(&request->packet->vps, PW_SQL_USER_NAME, 0); return RLM_MODULE_FAIL; } else { profile_found = 1; @@ -1111,7 +1111,7 @@ static int rlm_sql_authorize(void *instance, REQUEST * request) radlog_request(L_ERR, 0, request, "Error processing profile groups; rejecting user"); sql_release_socket(inst, sqlsocket); /* Remove the username we (maybe) added above */ - pairdelete(&request->packet->vps, PW_SQL_USER_NAME); + pairdelete(&request->packet->vps, PW_SQL_USER_NAME, 0); return RLM_MODULE_FAIL; } else if (rows > 0) { found = 1; @@ -1120,7 +1120,7 @@ static int rlm_sql_authorize(void *instance, REQUEST * request) } /* Remove the username we (maybe) added above */ - pairdelete(&request->packet->vps, PW_SQL_USER_NAME); + pairdelete(&request->packet->vps, PW_SQL_USER_NAME, 0); sql_release_socket(inst, sqlsocket); if (!found) { diff --git a/src/modules/rlm_sql_log/rlm_sql_log.c b/src/modules/rlm_sql_log/rlm_sql_log.c index 423f63c..e27070a 100644 --- a/src/modules/rlm_sql_log/rlm_sql_log.c +++ b/src/modules/rlm_sql_log/rlm_sql_log.c @@ -277,7 +277,7 @@ static int sql_set_user(rlm_sql_log_t *inst, REQUEST *request, char *sqlusername rad_assert(request->packet != NULL); /* Remove any user attr we added previously */ - pairdelete(&request->packet->vps, PW_SQL_USER_NAME); + pairdelete(&request->packet->vps, PW_SQL_USER_NAME, 0); if (username != NULL) { strlcpy(tmpuser, username, MAX_STRING_LEN); @@ -429,7 +429,7 @@ static int sql_log_accounting(void *instance, REQUEST *request) } /* Search the query in conf section of the module */ - if ((dval = dict_valbyattr(PW_ACCT_STATUS_TYPE, pair->vp_integer)) == NULL) { + if ((dval = dict_valbyattr(PW_ACCT_STATUS_TYPE, 0, pair->vp_integer)) == NULL) { radlog_request(L_ERR, 0, request, "Unsupported Acct-Status-Type = %d", pair->vp_integer); return RLM_MODULE_NOOP; diff --git a/src/modules/rlm_sqlcounter/rlm_sqlcounter.c b/src/modules/rlm_sqlcounter/rlm_sqlcounter.c index 960dde8..1396d8c 100644 --- a/src/modules/rlm_sqlcounter/rlm_sqlcounter.c +++ b/src/modules/rlm_sqlcounter/rlm_sqlcounter.c @@ -72,9 +72,9 @@ typedef struct rlm_sqlcounter_t { char *allowed_chars; /* safe characters list for SQL queries */ time_t reset_time; time_t last_reset; - int key_attr; /* attribute number for key field */ - int dict_attr; /* attribute number for the counter. */ - int reply_attr; /* attribute number for the reply */ + DICT_ATTR *key_attr; /* attribute number for key field */ + DICT_ATTR *dict_attr; /* attribute number for the counter. */ + DICT_ATTR *reply_attr; /* attribute number for the reply */ } rlm_sqlcounter_t; /* @@ -478,7 +478,7 @@ static int sqlcounter_instantiate(CONF_SECTION *conf, void **instance) sqlcounter_detach(data); return -1; } - data->key_attr = dattr->attr; + data->key_attr = dattr; /* * Discover the attribute number of the reply. @@ -487,7 +487,7 @@ static int sqlcounter_instantiate(CONF_SECTION *conf, void **instance) */ if (data->reply_name == NULL) { DEBUG2("rlm_sqlcounter: Reply attribute set to Session-Timeout."); - data->reply_attr = PW_SESSION_TIMEOUT; + data->reply_attr = dict_attrbyvalue(PW_SESSION_TIMEOUT, 0); data->reply_name = strdup("Session-Timeout"); } else { @@ -498,7 +498,7 @@ static int sqlcounter_instantiate(CONF_SECTION *conf, void **instance) sqlcounter_detach(data); return -1; } - data->reply_attr = dattr->attr; + data->reply_attr = dattr; DEBUG2("rlm_sqlcounter: Reply attribute %s is number %d", data->reply_name, dattr->attr); } @@ -536,9 +536,12 @@ static int sqlcounter_instantiate(CONF_SECTION *conf, void **instance) sqlcounter_detach(data); return -1; } - data->dict_attr = dattr->attr; - DEBUG2("rlm_sqlcounter: Counter attribute %s is number %d", - data->counter_name, data->dict_attr); + if (dattr->vendor != 0) { + radlog(L_ERR, "Counter attribute must not be a VSA"); + sqlcounter_detach(data); + return -1; + } + data->dict_attr = dattr; /* * Create a new attribute for the check item. @@ -590,7 +593,7 @@ static int sqlcounter_instantiate(CONF_SECTION *conf, void **instance) /* * Register the counter comparison operation. */ - paircompare_register(data->dict_attr, 0, sqlcounter_cmp, data); + paircompare_register(data->dict_attr->attr, 0, sqlcounter_cmp, data); *instance = data; @@ -638,7 +641,7 @@ static int sqlcounter_authorize(void *instance, REQUEST *request) * The REAL username, after stripping. */ DEBUG2("rlm_sqlcounter: Entering module authorize code"); - key_vp = (data->key_attr == PW_USER_NAME) ? request->username : pairfind(request->packet->vps, data->key_attr); + key_vp = ((data->key_attr->vendor == 0) && (data->key_attr->attr == PW_USER_NAME)) ? request->username : pairfind(request->packet->vps, data->key_attr->attr, data->key_attr->vendor); if (key_vp == NULL) { DEBUG2("rlm_sqlcounter: Could not find Key value pair"); return ret; @@ -651,7 +654,7 @@ static int sqlcounter_authorize(void *instance, REQUEST *request) return ret; } /* DEBUG2("rlm_sqlcounter: Found Check item attribute %d", dattr->attr); */ - if ((check_vp= pairfind(request->config_items, dattr->attr)) == NULL) { + if ((check_vp= pairfind(request->config_items, dattr->attr, dattr->vendor)) == NULL) { DEBUG2("rlm_sqlcounter: Could not find Check item value pair"); return ret; } @@ -705,13 +708,14 @@ static int sqlcounter_authorize(void *instance, REQUEST *request) res += check_vp->vp_integer; } - if ((reply_item = pairfind(request->reply->vps, data->reply_attr)) != NULL) { + if ((reply_item = pairfind(request->reply->vps, data->reply_attr->attr, data->reply_attr->vendor)) != NULL) { if (reply_item->vp_integer > res) reply_item->vp_integer = res; } else { reply_item = radius_paircreate(request, &request->reply->vps, - data->reply_attr, + data->reply_attr->attr, + data->reply_attr->vendor, PW_TYPE_INTEGER); reply_item->vp_integer = res; } @@ -756,7 +760,7 @@ static int sqlcounter_detach(void *instance) rlm_sqlcounter_t *inst = (rlm_sqlcounter_t *)instance; allowed_chars = NULL; - paircompare_unregister(inst->dict_attr, sqlcounter_cmp); + paircompare_unregister(inst->dict_attr->attr, sqlcounter_cmp); /* * Free up dynamically allocated string pointers. diff --git a/src/modules/rlm_sqlippool/rlm_sqlippool.c b/src/modules/rlm_sqlippool/rlm_sqlippool.c index a1e611c..341cc2d 100644 --- a/src/modules/rlm_sqlippool/rlm_sqlippool.c +++ b/src/modules/rlm_sqlippool/rlm_sqlippool.c @@ -687,7 +687,7 @@ static int sqlippool_postauth(void *instance, REQUEST * request) RDEBUG("Allocated IP %s [%08x]", allocation, ip_allocation); vp = radius_paircreate(request, &request->reply->vps, - PW_FRAMED_IP_ADDRESS, PW_TYPE_IPADDR); + PW_FRAMED_IP_ADDRESS, 0, PW_TYPE_IPADDR); vp->vp_ipaddr = ip_allocation; /* diff --git a/src/modules/rlm_wimax/rlm_wimax.c b/src/modules/rlm_wimax/rlm_wimax.c index 2a58833..bb1b458 100644 --- a/src/modules/rlm_wimax/rlm_wimax.c +++ b/src/modules/rlm_wimax/rlm_wimax.c @@ -29,8 +29,6 @@ RCSID("$Id$") /* * FIXME: Fix the build system to create definitions from names. */ -#define WIMAX2ATTR(x) ((24757 << 16) | (x)) - typedef struct rlm_wimax_t { int delete_mppe_keys; } rlm_wimax_t; @@ -192,8 +190,8 @@ static int wimax_postauth(void *instance, REQUEST *request) * the WiMAX-MSK so that the client has a key available. */ if (inst->delete_mppe_keys) { - pairdelete(&request->reply->vps, ((311 << 16) | 16)); - pairdelete(&request->reply->vps, ((311 << 16) | 17)); + pairdelete(&request->reply->vps, 16, VENDORPEC_MICROSOFT); + pairdelete(&request->reply->vps, 17, VENDORPEC_MICROSOFT); vp = radius_pairmake(request, &request->reply->vps, "WiMAX-MSK", "0x00", T_OP_EQ); if (vp) { @@ -294,7 +292,7 @@ static int wimax_postauth(void *instance, REQUEST *request) /* * Look for WiMAX-hHA-IP-MIP4 */ - ip = pairfind(request->reply->vps, WIMAX2ATTR(6)); + ip = pairfind(request->reply->vps, 6, VENDORPEC_WIMAX); if (!ip) { RDEBUG("WARNING: WiMAX-hHA-IP-MIP4 not found. Cannot calculate MN-HA-PMIP4 key"); break; @@ -315,10 +313,10 @@ static int wimax_postauth(void *instance, REQUEST *request) /* * Put MN-HA-PMIP4 into WiMAX-MN-hHA-MIP4-Key */ - vp = pairfind(request->reply->vps, WIMAX2ATTR(10)); + vp = pairfind(request->reply->vps, 10, VENDORPEC_WIMAX); if (!vp) { vp = radius_paircreate(request, &request->reply->vps, - WIMAX2ATTR(10), PW_TYPE_OCTETS); + 10, VENDORPEC_WIMAX, PW_TYPE_OCTETS); } if (!vp) { RDEBUG("WARNING: Failed creating WiMAX-MN-hHA-MIP4-Key"); @@ -330,10 +328,10 @@ static int wimax_postauth(void *instance, REQUEST *request) /* * Put MN-HA-PMIP4-SPI into WiMAX-MN-hHA-MIP4-SPI */ - vp = pairfind(request->reply->vps, WIMAX2ATTR(11)); + vp = pairfind(request->reply->vps, 11, VENDORPEC_WIMAX); if (!vp) { vp = radius_paircreate(request, &request->reply->vps, - WIMAX2ATTR(11), PW_TYPE_INTEGER); + 11, VENDORPEC_WIMAX, PW_TYPE_INTEGER); } if (!vp) { RDEBUG("WARNING: Failed creating WiMAX-MN-hHA-MIP4-SPI"); @@ -346,7 +344,7 @@ static int wimax_postauth(void *instance, REQUEST *request) /* * Look for WiMAX-hHA-IP-MIP4 */ - ip = pairfind(request->reply->vps, WIMAX2ATTR(6)); + ip = pairfind(request->reply->vps, 6, VENDORPEC_WIMAX); if (!ip) { RDEBUG("WARNING: WiMAX-hHA-IP-MIP4 not found. Cannot calculate MN-HA-CMIP4 key"); break; @@ -367,10 +365,10 @@ static int wimax_postauth(void *instance, REQUEST *request) /* * Put MN-HA-CMIP4 into WiMAX-MN-hHA-MIP4-Key */ - vp = pairfind(request->reply->vps, WIMAX2ATTR(10)); + vp = pairfind(request->reply->vps, 10, VENDORPEC_WIMAX); if (!vp) { vp = radius_paircreate(request, &request->reply->vps, - WIMAX2ATTR(10), PW_TYPE_OCTETS); + 10, VENDORPEC_WIMAX, PW_TYPE_OCTETS); } if (!vp) { RDEBUG("WARNING: Failed creating WiMAX-MN-hHA-MIP4-Key"); @@ -382,10 +380,10 @@ static int wimax_postauth(void *instance, REQUEST *request) /* * Put MN-HA-CMIP4-SPI into WiMAX-MN-hHA-MIP4-SPI */ - vp = pairfind(request->reply->vps, WIMAX2ATTR(11)); + vp = pairfind(request->reply->vps, 11, VENDORPEC_WIMAX); if (!vp) { vp = radius_paircreate(request, &request->reply->vps, - WIMAX2ATTR(11), PW_TYPE_INTEGER); + 11, VENDORPEC_WIMAX, PW_TYPE_INTEGER); } if (!vp) { RDEBUG("WARNING: Failed creating WiMAX-MN-hHA-MIP4-SPI"); @@ -398,7 +396,7 @@ static int wimax_postauth(void *instance, REQUEST *request) /* * Look for WiMAX-hHA-IP-MIP6 */ - ip = pairfind(request->reply->vps, WIMAX2ATTR(7)); + ip = pairfind(request->reply->vps, 7, VENDORPEC_WIMAX); if (!ip) { RDEBUG("WARNING: WiMAX-hHA-IP-MIP6 not found. Cannot calculate MN-HA-CMIP6 key"); break; @@ -419,10 +417,10 @@ static int wimax_postauth(void *instance, REQUEST *request) /* * Put MN-HA-CMIP6 into WiMAX-MN-hHA-MIP6-Key */ - vp = pairfind(request->reply->vps, WIMAX2ATTR(12)); + vp = pairfind(request->reply->vps, 12, VENDORPEC_WIMAX); if (!vp) { vp = radius_paircreate(request, &request->reply->vps, - WIMAX2ATTR(12), PW_TYPE_OCTETS); + 12, VENDORPEC_WIMAX, PW_TYPE_OCTETS); } if (!vp) { RDEBUG("WARNING: Failed creating WiMAX-MN-hHA-MIP6-Key"); @@ -434,10 +432,10 @@ static int wimax_postauth(void *instance, REQUEST *request) /* * Put MN-HA-CMIP6-SPI into WiMAX-MN-hHA-MIP6-SPI */ - vp = pairfind(request->reply->vps, WIMAX2ATTR(13)); + vp = pairfind(request->reply->vps, 13, VENDORPEC_WIMAX); if (!vp) { vp = radius_paircreate(request, &request->reply->vps, - WIMAX2ATTR(13), PW_TYPE_INTEGER); + 13, VENDORPEC_WIMAX, PW_TYPE_INTEGER); } if (!vp) { RDEBUG("WARNING: Failed creating WiMAX-MN-hHA-MIP6-SPI"); @@ -455,7 +453,7 @@ static int wimax_postauth(void *instance, REQUEST *request) * * FA-RK= H(MIP-RK, "FA-RK") */ - fa_rk = pairfind(request->reply->vps, WIMAX2ATTR(14)); + fa_rk = pairfind(request->reply->vps, 14, VENDORPEC_WIMAX); if (fa_rk && (fa_rk->length <= 1)) { HMAC_CTX_init(&hmac); HMAC_Init_ex(&hmac, mip_rk, rk_len, EVP_sha1(), NULL); @@ -473,10 +471,10 @@ static int wimax_postauth(void *instance, REQUEST *request) * really MIP-SPI. Clear? Of course. This is WiMAX. */ if (fa_rk) { - vp = pairfind(request->reply->vps, WIMAX2ATTR(61)); + vp = pairfind(request->reply->vps, 61, VENDORPEC_WIMAX); if (!vp) { vp = radius_paircreate(request, &request->reply->vps, - WIMAX2ATTR(61), PW_TYPE_INTEGER); + 61, VENDORPEC_WIMAX, PW_TYPE_INTEGER); } if (!vp) { RDEBUG("WARNING: Failed creating WiMAX-FA-RK-SPI"); @@ -515,7 +513,7 @@ static int wimax_postauth(void *instance, REQUEST *request) * * WiMAX-RRQ-MN-HA-SPI */ - vp = pairfind(request->packet->vps, WIMAX2ATTR(20)); + vp = pairfind(request->packet->vps, 20, VENDORPEC_WIMAX); if (vp) { RDEBUG("Client requested MN-HA key: Should use SPI to look up key from storage."); if (!mn_nai) { @@ -525,7 +523,7 @@ static int wimax_postauth(void *instance, REQUEST *request) /* * WiMAX-RRQ-HA-IP */ - if (!pairfind(request->packet->vps, WIMAX2ATTR(18))) { + if (!pairfind(request->packet->vps, 18, VENDORPEC_WIMAX)) { RDEBUG("WARNING: HA-IP was not found!"); } @@ -533,7 +531,7 @@ static int wimax_postauth(void *instance, REQUEST *request) /* * WiMAX-HA-RK-Key-Requested */ - vp = pairfind(request->packet->vps, WIMAX2ATTR(58)); + vp = pairfind(request->packet->vps, 58, VENDORPEC_WIMAX); if (vp && (vp->vp_integer == 1)) { RDEBUG("Client requested HA-RK: Should use IP to look it up from storage."); } -- 2.1.4