]> git.ipfire.org Git - thirdparty/freeradius-server.git/commitdiff
projects / thirdparty / freeradius-server.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 5a2614d)
use more descriptive error messages
authorAlan T. DeKok <aland@freeradius.org>
Mon, 17 Feb 2025 12:52:46 +0000 (07:52 -0500)
committerAlan T. DeKok <aland@freeradius.org>
Mon, 17 Feb 2025 12:52:46 +0000 (07:52 -0500)
src/protocols/der/base.c patch | blob | blame | history
src/protocols/der/decode.c patch | blob | blame | history
src/protocols/der/der.h patch | blob | blame | history
src/tests/unit/protocols/der/pkcs10.txt patch | blob | blame | history

diff --git a/src/protocols/der/base.c b/src/protocols/der/base.c
index 4b9ac20959563cccd4013b503b3a8206d7060713..e30e4c147215fe619560b7b6680dab9ba3168858 100644 (file)
--- a/src/protocols/der/base.c
+++ b/src/protocols/der/base.c
@@ -68,6 +68,12 @@ static fr_table_num_sorted_t const tag_name_to_number[] = {
 };
 static size_t tag_name_to_number_len = NUM_ELEMENTS(tag_name_to_number);
 
+
+char const *fr_der_tag_to_str(fr_der_tag_t tag)
+{
+       return fr_table_str_by_value(tag_name_to_number, tag, "???");
+}
+
 /*
  *     Create a mapping between FR_TYPE_* and valid FR_DER_TAG_*'s
  */
diff --git a/src/protocols/der/decode.c b/src/protocols/der/decode.c
index 1188d4727f4026cea8843d8a6398c05f502992aa..acd57c6b7bd5cdc1a587f482cd2bea866f19b011 100644 (file)
--- a/src/protocols/der/decode.c
+++ b/src/protocols/der/decode.c
@@ -1114,8 +1114,8 @@ static ssize_t fr_der_decode_set(TALLOC_CTX *ctx, fr_pair_list_t *out, fr_dict_a
                        }
 
                        if (unlikely(current_tag != restriction_type)) {
-                               fr_strerror_printf("Attribute %s is a set-of type %" PRIu32 ", but found type %u",
-                                                  parent->name, restriction_type, current_tag);
+                               fr_strerror_printf("Attribute %s is a set-of DER type '%s', but found DER type '%s'",
+                                                  parent->name, fr_der_tag_to_str(restriction_type), fr_der_tag_to_str(current_tag));
                                ret = -1;
                                goto error;
                        }
@@ -1579,13 +1579,16 @@ static ssize_t fr_der_decode_hdr(fr_dict_attr_t const *parent, fr_dbuff_t *in, u
                }
 
                if (tag_class != fr_der_flag_class(parent)) {
-               bad_tag:
-                       fr_strerror_printf("Invalid tag %u for attribute %s. Expected %" PRIu32, *tag, parent->name,
-                                          fr_der_flag_option(parent));
+                       fr_strerror_printf("Invalid DER class %02x for attribute %s. Expected DER class %02x", *tag, parent->name,
+                                          tag_class, fr_der_flag_class(parent));
                        return -1;
                }
 
-               if (*tag != fr_der_flag_option(parent)) goto bad_tag;
+               if (*tag != fr_der_flag_option(parent)) {
+                       fr_strerror_printf("Invalid tag %u for attribute %s. Expected %u", *tag, parent->name,
+                                          fr_der_flag_option(parent));
+                       return -1;
+               }
 
                *tag = fr_der_flag_der_type(parent);
        }
@@ -2304,8 +2307,9 @@ static ssize_t fr_der_decode_pair_dbuff(TALLOC_CTX *ctx, fr_pair_list_t *out, fr
                         *      If this is not a sequence/set/structure like thing, then it does not have children that
                         *      could have defaults.
                         */
-                       fr_strerror_printf("Attribute %s of type %s cannot store type %u", parent->name,
-                                          fr_type_to_str(parent->type), tag);
+                       fr_strerror_printf("Attribute %s of DER type '%s' cannot store DER type '%s'", parent->name,
+                                          fr_der_tag_to_str(fr_der_flag_der_type(parent)),
+                                          fr_der_tag_to_str(tag));
                        return -1;
                }
        }
diff --git a/src/protocols/der/der.h b/src/protocols/der/der.h
index 8bc5be677cb3356b204aa13bb05a2e7f2ac5355a..69ad80db53c788d5f2ce558aaef2bd27e69d6210 100644 (file)
--- a/src/protocols/der/der.h
+++ b/src/protocols/der/der.h
@@ -107,6 +107,7 @@ static inline fr_der_attr_flags_t const *fr_der_attr_flags(fr_dict_attr_t const
  */
 fr_der_tag_t fr_type_to_der_tag_default(fr_type_t type);
 bool   fr_type_to_der_tag_valid(fr_type_t type, fr_der_tag_t tag);
+char   const *fr_der_tag_to_str(fr_der_tag_t tag);
 
 int    fr_der_global_init(void);
 void   fr_der_global_free(void);
diff --git a/src/tests/unit/protocols/der/pkcs10.txt b/src/tests/unit/protocols/der/pkcs10.txt
index 2a37f76d1d40f5de1ae5064131f9e2c716729f11..ed9dcd0a0cb0b84c99ef54b03ea446e5b812c4d9 100644 (file)
--- a/src/tests/unit/protocols/der/pkcs10.txt
+++ b/src/tests/unit/protocols/der/pkcs10.txt
@@ -73,7 +73,7 @@ match Set tags are not in ascending order. Previous item has more data
 proto-dictionary-root Test-Set-Of
 
 decode-pair 31 06 02 01 01 01 01 FF
-match Attribute Test-Set-Of is a set-of type 2, but found type 1
+match Attribute Test-Set-Of is a set-of DER type 'integer', but found DER type 'boolean'
 
 proto-dictionary-root Test-String-Max
 
Mirror of https://github.com/FreeRADIUS/freeradius-server.git