move to using explicit include list when checking for valid types

author Alan T. DeKok <aland@freeradius.org>

Tue, 18 Nov 2025 20:37:03 +0000 (15:37 -0500)

committer Alan T. DeKok <aland@freeradius.org>

Wed, 19 Nov 2025 01:29:54 +0000 (20:29 -0500)
author Alan T. DeKok <aland@freeradius.org>
Tue, 18 Nov 2025 20:37:03 +0000 (15:37 -0500)
committer Alan T. DeKok <aland@freeradius.org>
Wed, 19 Nov 2025 01:29:54 +0000 (20:29 -0500)
diff --git a/src/protocols/der/base.c b/src/protocols/der/base.c

index 04b067b7413c7309880109fe634b7925e045b6cc..562bebad6b3046979757ebddb5757dbb0c3288bc 100644 (file)
--- a/src/protocols/der/base.c
+++ b/src/protocols/der/base.c
@@ -691,25 +691,27 @@ static bool type_parse(fr_type_t *type_p,fr_dict_attr_t **da_p, char const *name
                 fr_strerror_const("Cannot use 'tlv' in DER.  Please use 'sequence'");
                 return false;
  
-       case FR_TYPE_IFID:
-       case FR_TYPE_COMBO_IP_PREFIX:
-       case FR_TYPE_ETHERNET:
-       case FR_TYPE_FLOAT32:
-       case FR_TYPE_FLOAT64:
-       case FR_TYPE_VSA:
-       case FR_TYPE_VENDOR:
-       case FR_TYPE_VALUE_BOX:
-       case FR_TYPE_VOID:
-       case FR_TYPE_MAX:
+       default:
+       invalid_type:
                 fr_strerror_printf("Cannot use type '%s' in the DER dictionaries",
                                    fr_type_to_str(*type_p));
                 return false;
  
                 /*
-                *      We allow integers for now.  They may be
+                *      We allow all integer types.  They may be
                  *      internal, or they may be inside of a struct.
                  */
-       default:
+       case FR_TYPE_NULL:
+       case FR_TYPE_INTEGER:
+       case FR_TYPE_VARIABLE_SIZE:
+       case FR_TYPE_IPV4_ADDR:
+       case FR_TYPE_IPV4_PREFIX:
+       case FR_TYPE_IPV6_ADDR:
+       case FR_TYPE_IPV6_PREFIX:
+       case FR_TYPE_COMBO_IP_ADDR:
+       case FR_TYPE_STRUCT:
+       case FR_TYPE_GROUP:
+       case FR_TYPE_ATTR:
                 break;
         }
  
@@ -728,6 +730,7 @@ static bool type_parse(fr_type_t *type_p,fr_dict_attr_t **da_p, char const *name
         fr_type = fr_table_value_by_str(type_table, name, FR_TYPE_MAX);
         if (fr_type == FR_TYPE_MAX) {
                 flags->der_type = fr_type_to_der_tag_default(*type_p);
+               if (!flags->der_type) goto invalid_type;
                 return true;
         }
  
diff --git a/src/tests/unit/protocols/der/dictionary.test b/src/tests/unit/protocols/der/dictionary.test

index 7b64ebe963269a2693020f18fc7e14dfd3099793..bcff5e1a3baf92284273df9806213ab7ff757a7b 100644 (file)
--- a/src/tests/unit/protocols/der/dictionary.test
+++ b/src/tests/unit/protocols/der/dictionary.test
@@ -183,5 +183,5 @@ ATTRIBUTE option0                                   0 integer class=private
  ATTRIBUTE option1                                      1 integer class=private
  END Test-Choice
  
-DEFINE Test-Attr                                       attribute
-VALUE  Test-Attr       Test-TLV                        @.Test-TLV
+#DEFINE        Test-Attr                                       attribute
+#VALUE Test-Attr       Test-TLV                        @.Test-TLV
author	Alan T. DeKok <aland@freeradius.org>
	Tue, 18 Nov 2025 20:37:03 +0000 (15:37 -0500)
committer	Alan T. DeKok <aland@freeradius.org>
	Wed, 19 Nov 2025 01:29:54 +0000 (20:29 -0500)
src/protocols/der/base.c		patch \| blob \| blame \| history
src/tests/unit/protocols/der/dictionary.test		patch \| blob \| blame \| history