From: Arran Cudbard-Bell Date: Fri, 5 Nov 2021 17:20:56 +0000 (-0400) Subject: Add idx versions of pair_find functions X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=3a9e17c8a6d2a5cbf952105e9ee50dbd64e045cc;p=thirdparty%2Ffreeradius-server.git Add idx versions of pair_find functions --- diff --git a/src/bin/dhcpclient.c b/src/bin/dhcpclient.c index b793133a87..1086ba33f8 100644 --- a/src/bin/dhcpclient.c +++ b/src/bin/dhcpclient.c @@ -319,8 +319,8 @@ static fr_radius_packet_t *fr_dhcpv4_recv_raw_loop(int lsockfd, if (!found) found = reply; if (reply->code == FR_DHCP_OFFER) { - fr_pair_t *vp1 = fr_pair_find_by_da(&reply_vps, attr_dhcp_dhcp_server_identifier, 0); - fr_pair_t *vp2 = fr_pair_find_by_da(&reply_vps, attr_dhcp_your_ip_address, 0); + fr_pair_t *vp1 = fr_pair_find_by_da_idx(&reply_vps, attr_dhcp_dhcp_server_identifier, 0); + fr_pair_t *vp2 = fr_pair_find_by_da_idx(&reply_vps, attr_dhcp_your_ip_address, 0); if (vp1 && vp2) { nb_offer++; diff --git a/src/bin/radclient.c b/src/bin/radclient.c index 4fb7d49b1e..24f3313595 100644 --- a/src/bin/radclient.c +++ b/src/bin/radclient.c @@ -844,10 +844,10 @@ static int send_one_packet(rc_request_t *request) if (request->password) { fr_pair_t *vp; - if ((vp = fr_pair_find_by_da(&request->request_pairs, attr_user_password, 0)) != NULL) { + if ((vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_password, 0)) != NULL) { fr_pair_value_strdup(vp, request->password->vp_strvalue, false); - } else if ((vp = fr_pair_find_by_da(&request->request_pairs, attr_chap_password, 0)) != NULL) { + } else if ((vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_chap_password, 0)) != NULL) { uint8_t buffer[17]; fr_pair_t *challenge; uint8_t const *vector; @@ -856,7 +856,7 @@ static int send_one_packet(rc_request_t *request) * Use Chap-Challenge pair if present, * Request Authenticator otherwise. */ - challenge = fr_pair_find_by_da(&request->request_pairs, attr_chap_challenge, 0); + challenge = fr_pair_find_by_da_idx(&request->request_pairs, attr_chap_challenge, 0); if (challenge && (challenge->vp_length == RADIUS_AUTH_VECTOR_LENGTH)) { vector = challenge->vp_octets; } else { @@ -869,7 +869,7 @@ static int send_one_packet(rc_request_t *request) request->password->vp_length); fr_pair_value_memdup(vp, buffer, sizeof(buffer), false); - } else if (fr_pair_find_by_da(&request->request_pairs, attr_ms_chap_password, 0) != NULL) { + } else if (fr_pair_find_by_da_idx(&request->request_pairs, attr_ms_chap_password, 0) != NULL) { mschapv1_encode(request->packet, &request->request_pairs, request->password->vp_strvalue); } else { diff --git a/src/bin/radsniff.c b/src/bin/radsniff.c index fa67aba7c1..531a5447d9 100644 --- a/src/bin/radsniff.c +++ b/src/bin/radsniff.c @@ -347,7 +347,7 @@ static void rs_packet_print_csv(uint64_t count, rs_status_t status, fr_pcap_t *h fr_pair_t *vp; for (i = 0; i < conf->list_da_num; i++) { - vp = fr_pair_find_by_da(list, conf->list_da[i], 0); + vp = fr_pair_find_by_da_idx(list, conf->list_da[i], 0); if (vp && (vp->vp_length > 0)) { if (conf->list_da[i]->type == FR_TYPE_STRING) { ssize_t slen; diff --git a/src/bin/radsnmp.c b/src/bin/radsnmp.c index 53b5038a30..7791a30db3 100644 --- a/src/bin/radsnmp.c +++ b/src/bin/radsnmp.c @@ -591,7 +591,7 @@ static int radsnmp_set_response(int fd, fr_dict_attr_t const *error, fr_pair_lis struct iovec io_vector[2]; char newline[] = "\n"; - vp = fr_pair_find_by_da(head, error, 0); + vp = fr_pair_find_by_da_idx(head, error, 0); if (!vp) { if (write(fd, "DONE\n", 5) < 0) { fr_strerror_printf("Failed writing set response: %s", fr_syserror(errno)); diff --git a/src/bin/unit_test_module.c b/src/bin/unit_test_module.c index 7945e4d904..365ee58c0b 100644 --- a/src/bin/unit_test_module.c +++ b/src/bin/unit_test_module.c @@ -180,7 +180,7 @@ static request_t *request_from_file(TALLOC_CTX *ctx, FILE *fp, RADCLIENT *client */ fr_pair_list_tainted(&request->request_pairs); - vp = fr_pair_find_by_da(&request->request_pairs, attr_packet_type, 0); + vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_packet_type, 0); if (!vp) { fr_strerror_printf("Input packet does not specify a Packet-Type"); goto error; diff --git a/src/lib/eap/base.c b/src/lib/eap/base.c index 1bbe22ef57..0337791e19 100644 --- a/src/lib/eap/base.c +++ b/src/lib/eap/base.c @@ -406,7 +406,7 @@ rlm_rcode_t eap_virtual_server(request_t *request, eap_session_t *eap_session, c fr_pair_t *vp; CONF_SECTION *server_cs; - vp = fr_pair_find_by_da(&request->control_pairs, attr_virtual_server, 0); + vp = fr_pair_find_by_da_idx(&request->control_pairs, attr_virtual_server, 0); server_cs = vp ? virtual_server_find(vp->vp_strvalue) : virtual_server_find(virtual_server); if (server_cs) { diff --git a/src/lib/eap/chbind.c b/src/lib/eap/chbind.c index 7fcb3f5023..b50a37eec5 100644 --- a/src/lib/eap/chbind.c +++ b/src/lib/eap/chbind.c @@ -68,7 +68,7 @@ static bool chbind_build_response(request_t *request, CHBIND_REQ *chbind) * Set the response code. Default to "fail" if none was * specified. */ - vp = fr_pair_find_by_da(&request->control_pairs, attr_chbind_response_code, 0); + vp = fr_pair_find_by_da_idx(&request->control_pairs, attr_chbind_response_code, 0); if (vp) { ptr[0] = vp->vp_uint32; } else { diff --git a/src/lib/eap/compose.c b/src/lib/eap/compose.c index b00c1a0c90..f97db78431 100644 --- a/src/lib/eap/compose.c +++ b/src/lib/eap/compose.c @@ -239,7 +239,7 @@ rlm_rcode_t eap_compose(eap_session_t *eap_session) * Don't add a Message-Authenticator if * it's already there. */ - vp = fr_pair_find_by_da(&request->reply_pairs, attr_message_authenticator, 0); + vp = fr_pair_find_by_da_idx(&request->reply_pairs, attr_message_authenticator, 0); if (!vp) { static uint8_t auth_vector[RADIUS_AUTH_VECTOR_LENGTH] = { 0x00 }; @@ -300,7 +300,7 @@ rlm_rcode_t eap_start(request_t *request, rlm_eap_method_t const methods[], bool fr_pair_t *vp; fr_pair_t *eap_msg; - eap_msg = fr_pair_find_by_da(&request->request_pairs, attr_eap_message, 0); + eap_msg = fr_pair_find_by_da_idx(&request->request_pairs, attr_eap_message, 0); if (!eap_msg) { RDEBUG2("No EAP-Message, not doing EAP"); return RLM_MODULE_NOOP; @@ -310,7 +310,7 @@ rlm_rcode_t eap_start(request_t *request, rlm_eap_method_t const methods[], bool * Look for EAP-Type = None (FreeRADIUS specific attribute) * this allows you to NOT do EAP for some users. */ - vp = fr_pair_find_by_da(&request->request_pairs, attr_eap_type, 0); + vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_eap_type, 0); if (vp && vp->vp_uint32 == 0) { RDEBUG2("Found EAP-Message, but EAP-Type = None, so we're not doing EAP"); return RLM_MODULE_NOOP; diff --git a/src/lib/eap/session.c b/src/lib/eap/session.c index b78f14bbb3..4da0918f15 100644 --- a/src/lib/eap/session.c +++ b/src/lib/eap/session.c @@ -425,7 +425,7 @@ eap_session_t *eap_session_continue(void const *instance, eap_packet_raw_t **eap * Type-Data field of the EAP-Response/Identity in the User-Name * attribute in every subsequent Access-Request. */ - user = fr_pair_find_by_da(&request->request_pairs, attr_user_name, 0); + user = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_name, 0); if (!user) { /* * NAS did not set the User-Name diff --git a/src/lib/eap_aka_sim/encode.c b/src/lib/eap_aka_sim/encode.c index 056657f66c..bd612c26b8 100644 --- a/src/lib/eap_aka_sim/encode.c +++ b/src/lib/eap_aka_sim/encode.c @@ -882,7 +882,7 @@ ssize_t fr_aka_sim_encode(request_t *request, fr_pair_list_t *to_encode, void *e * It might be too big for putting into an * EAP packet. */ - vp = fr_pair_find_by_child_num(to_encode, fr_dict_root(dict_eap_aka_sim), FR_SUBTYPE, 0); + vp = fr_pair_find_by_child_num_idx(to_encode, fr_dict_root(dict_eap_aka_sim), FR_SUBTYPE, 0); if (!vp) { REDEBUG("Missing subtype attribute"); return PAIR_ENCODE_FATAL_ERROR; @@ -900,7 +900,7 @@ ssize_t fr_aka_sim_encode(request_t *request, fr_pair_list_t *to_encode, void *e /* * Will we need to generate a HMAC? */ - if (fr_pair_find_by_child_num(to_encode, fr_dict_root(dict_eap_aka_sim), FR_MAC, 0)) do_hmac = true; + if (fr_pair_find_by_child_num_idx(to_encode, fr_dict_root(dict_eap_aka_sim), FR_MAC, 0)) do_hmac = true; /* * Fast path, we just need to encode a subtype diff --git a/src/lib/eap_aka_sim/module.c b/src/lib/eap_aka_sim/module.c index ad070172dc..d1b7c373ca 100644 --- a/src/lib/eap_aka_sim/module.c +++ b/src/lib/eap_aka_sim/module.c @@ -71,7 +71,7 @@ static unlang_action_t mod_encode(rlm_rcode_t *p_result, module_ctx_t const *mct * from the virtual server to determine what kind * of EAP response to send. */ - subtype_vp = fr_pair_find_by_da(&request->reply_pairs, attr_eap_aka_sim_subtype, 0); + subtype_vp = fr_pair_find_by_da_idx(&request->reply_pairs, attr_eap_aka_sim_subtype, 0); if (!subtype_vp) { eap_session->this_round->request->code = (rcode == RLM_MODULE_OK) ? FR_EAP_CODE_SUCCESS : FR_EAP_CODE_FAILURE; @@ -137,9 +137,9 @@ static unlang_action_t mod_encode(rlm_rcode_t *p_result, module_ctx_t const *mct * Figure out if the state machine is * requesting an ID. */ - if ((vp = fr_pair_find_by_da(&request->reply_pairs, attr_eap_aka_sim_any_id_req, 0)) || - (vp = fr_pair_find_by_da(&request->reply_pairs, attr_eap_aka_sim_fullauth_id_req, 0)) || - (vp = fr_pair_find_by_da(&request->reply_pairs, attr_eap_aka_sim_permanent_id_req, 0))) { + if ((vp = fr_pair_find_by_da_idx(&request->reply_pairs, attr_eap_aka_sim_any_id_req, 0)) || + (vp = fr_pair_find_by_da_idx(&request->reply_pairs, attr_eap_aka_sim_fullauth_id_req, 0)) || + (vp = fr_pair_find_by_da_idx(&request->reply_pairs, attr_eap_aka_sim_permanent_id_req, 0))) { RDEBUG2("Sending EAP-Request/%pV (%s)", &subtype_vp->data, vp->da->name); } else { RDEBUG2("Sending EAP-Request/%pV", &subtype_vp->data); @@ -157,7 +157,7 @@ static unlang_action_t mod_encode(rlm_rcode_t *p_result, module_ctx_t const *mct * it should have used that. */ case FR_SUBTYPE_VALUE_AKA_CHALLENGE: - vp = fr_pair_find_by_da(&request->reply_pairs, attr_eap_aka_sim_bidding, 0); + vp = fr_pair_find_by_da_idx(&request->reply_pairs, attr_eap_aka_sim_bidding, 0); /* * Explicit NO @@ -194,7 +194,7 @@ static unlang_action_t mod_encode(rlm_rcode_t *p_result, module_ctx_t const *mct /* * Extra data to append to the packet when signing. */ - vp = fr_pair_find_by_da(&request->control_pairs, attr_eap_aka_sim_hmac_extra_request, 0); + vp = fr_pair_find_by_da_idx(&request->control_pairs, attr_eap_aka_sim_hmac_extra_request, 0); if (vp) { request_hmac_extra = vp->vp_octets; request_hmac_extra_len = vp->vp_length; @@ -204,7 +204,7 @@ static unlang_action_t mod_encode(rlm_rcode_t *p_result, module_ctx_t const *mct * Extra data to append to the response packet when * validating the signature. */ - vp = fr_pair_find_by_da(&request->control_pairs, attr_eap_aka_sim_hmac_extra_response, 0); + vp = fr_pair_find_by_da_idx(&request->control_pairs, attr_eap_aka_sim_hmac_extra_response, 0); if (vp) { fr_assert(!mod_session->response_hmac_extra); MEM(mod_session->response_hmac_extra = talloc_memdup(mod_session, @@ -214,7 +214,7 @@ static unlang_action_t mod_encode(rlm_rcode_t *p_result, module_ctx_t const *mct /* * Key we use for encrypting and decrypting attributes. */ - vp = fr_pair_find_by_da(&request->control_pairs, attr_eap_aka_sim_k_encr, 0); + vp = fr_pair_find_by_da_idx(&request->control_pairs, attr_eap_aka_sim_k_encr, 0); if (vp) { fr_assert(!mod_session->ctx.k_encr); MEM(mod_session->ctx.k_encr = talloc_memdup(mod_session, vp->vp_octets, vp->vp_length)); @@ -223,7 +223,7 @@ static unlang_action_t mod_encode(rlm_rcode_t *p_result, module_ctx_t const *mct /* * Key we use for signing and validating mac values. */ - vp = fr_pair_find_by_da(&request->control_pairs, attr_eap_aka_sim_k_aut, 0); + vp = fr_pair_find_by_da_idx(&request->control_pairs, attr_eap_aka_sim_k_aut, 0); if (vp) { fr_assert(!mod_session->ctx.k_aut); MEM(mod_session->ctx.k_aut = talloc_memdup(mod_session, vp->vp_octets, vp->vp_length)); @@ -344,7 +344,7 @@ unlang_action_t eap_aka_sim_process(rlm_rcode_t *p_result, module_ctx_t const *m log_request_pair_list(L_DBG_LVL_2, request, NULL, &request->request_pairs, NULL); } - subtype_vp = fr_pair_find_by_da(&request->request_pairs, attr_eap_aka_sim_subtype, 0); + subtype_vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_eap_aka_sim_subtype, 0); if (!subtype_vp) { REDEBUG2("Missing Sub-Type"); /* Let the state machine enter the right state */ break; diff --git a/src/lib/eap_aka_sim/state_machine.c b/src/lib/eap_aka_sim/state_machine.c index 229c44d63c..4b4cd532f4 100644 --- a/src/lib/eap_aka_sim/state_machine.c +++ b/src/lib/eap_aka_sim/state_machine.c @@ -214,7 +214,7 @@ static inline CC_HINT(always_inline) void client_error_debug(request_t *request) { fr_pair_t *vp; - vp = fr_pair_find_by_da(&request->request_pairs, attr_eap_aka_sim_client_error_code, 0); + vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_eap_aka_sim_client_error_code, 0); if (!vp) { REDEBUG("Peer has not supplied a AT_ERROR_CODE"); } else { @@ -513,14 +513,14 @@ static int checkcode_validate(request_t *request) * done by the calling module, we just check * the result. */ - our_checkcode = fr_pair_find_by_da(&request->control_pairs, attr_eap_aka_sim_checkcode, 0); + our_checkcode = fr_pair_find_by_da_idx(&request->control_pairs, attr_eap_aka_sim_checkcode, 0); if (our_checkcode) { /* * If the peer doesn't include a checkcode then that * means they don't support it, and we can't validate * their view of the identity packets. */ - peer_checkcode = fr_pair_find_by_da(&request->request_pairs, attr_eap_aka_sim_checkcode, 0); + peer_checkcode = fr_pair_find_by_da_idx(&request->request_pairs, attr_eap_aka_sim_checkcode, 0); if (peer_checkcode) { if (fr_pair_cmp(peer_checkcode, our_checkcode) == 0) { RDEBUG2("Received AT_CHECKCODE matches calculated AT_CHECKCODE"); @@ -558,7 +558,7 @@ static int mac_validate(request_t *request) * done by the calling module, we just check * the result. */ - our_mac = fr_pair_find_by_da(&request->control_pairs, attr_eap_aka_sim_mac, 0); + our_mac = fr_pair_find_by_da_idx(&request->control_pairs, attr_eap_aka_sim_mac, 0); if (!our_mac) { REDEBUG("Missing &control.%s", attr_eap_aka_sim_mac->name); return -1; @@ -570,7 +570,7 @@ static int mac_validate(request_t *request) * means they don't support it, and we can't validate * their view of the identity packets. */ - peer_mac = fr_pair_find_by_da(&request->request_pairs, attr_eap_aka_sim_mac, 0); + peer_mac = fr_pair_find_by_da_idx(&request->request_pairs, attr_eap_aka_sim_mac, 0); if (!peer_mac) { REDEBUG("Peer didn't include AT_MAC"); return -1; @@ -657,7 +657,7 @@ RESUME(store_pseudonym) * find a next_reauth_id pair in the * reply list. */ - vp = fr_pair_find_by_da(&request->reply_pairs, attr_eap_aka_sim_next_reauth_id, 0); + vp = fr_pair_find_by_da_idx(&request->reply_pairs, attr_eap_aka_sim_next_reauth_id, 0); if (vp) { /* * Generate a random fastauth string @@ -737,7 +737,7 @@ RESUME(store_pseudonym) * state increment by 1, otherwise, add the * attribute and set to zero. */ - vp = fr_pair_find_by_da(&request->session_state_pairs, attr_eap_aka_sim_counter, 0); + vp = fr_pair_find_by_da_idx(&request->session_state_pairs, attr_eap_aka_sim_counter, 0); if (vp) { vp->vp_uint16++; /* @@ -788,7 +788,7 @@ static unlang_action_t session_and_pseudonym_store(rlm_rcode_t *p_result, module unlang_interpret_stack_result_set(request, RLM_MODULE_NOOP); /* Needed because we may call resume functions directly */ - vp = fr_pair_find_by_da(&request->reply_pairs, attr_eap_aka_sim_next_pseudonym, 0); + vp = fr_pair_find_by_da_idx(&request->reply_pairs, attr_eap_aka_sim_next_pseudonym, 0); if (vp) { /* * Generate a random pseudonym string @@ -1108,7 +1108,7 @@ static int sim_start_selected_version_check(request_t *request, eap_aka_sim_sess /* * Check that we got an AT_SELECTED_VERSION */ - selected_version_vp = fr_pair_find_by_da(&request->request_pairs, attr_eap_aka_sim_selected_version, 0); + selected_version_vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_eap_aka_sim_selected_version, 0); if (!selected_version_vp) { REDEBUG("EAP-Response/SIM/Start does not contain AT_SELECTED_VERSION"); return -1; @@ -1161,7 +1161,7 @@ static int sim_start_nonce_mt_check(request_t *request, eap_aka_sim_session_t *e /* * Copy nonce_mt to the keying material */ - nonce_mt_vp = fr_pair_find_by_da(&request->request_pairs, attr_eap_aka_sim_nonce_mt, 0); + nonce_mt_vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_eap_aka_sim_nonce_mt, 0); if (!nonce_mt_vp) { REDEBUG("EAP-Response/SIM/Start does not contain AT_NONCE_MT"); return -1; @@ -1260,7 +1260,7 @@ STATE(common_failure_notification) eap_aka_sim_process_conf_t *inst = talloc_get_type_abort(mctx->instance, eap_aka_sim_process_conf_t); fr_pair_t *subtype_vp = NULL; - subtype_vp = fr_pair_find_by_da(&request->request_pairs, attr_eap_aka_sim_subtype, 0); + subtype_vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_eap_aka_sim_subtype, 0); if (!subtype_vp) goto fail; switch (subtype_vp->vp_uint16) { @@ -1306,7 +1306,7 @@ RESUME(send_common_failure_notification) * - FR_NOTIFICATION_VALUE_NOT_SUBSCRIBED * User has not subscribed to the requested service. */ - notification_vp = fr_pair_find_by_da(&request->reply_pairs, attr_eap_aka_sim_notification, 0); + notification_vp = fr_pair_find_by_da_idx(&request->reply_pairs, attr_eap_aka_sim_notification, 0); /* * Keep Notification, but remove everything else... @@ -1656,7 +1656,7 @@ RESUME(recv_common_reauthentication_response) * clear out reauth information and enter the * challenge state. */ - if (fr_pair_find_by_da(&request->request_pairs, attr_eap_aka_sim_counter_too_small, 0)) { + if (fr_pair_find_by_da_idx(&request->request_pairs, attr_eap_aka_sim_counter_too_small, 0)) { RWDEBUG("Peer sent AT_COUNTER_TOO_SMALL (indicating our AT_COUNTER value (%u) wasn't fresh)", eap_aka_sim_session->keys.reauth.counter); @@ -1674,13 +1674,13 @@ RESUME(recv_common_reauthentication_response) * RFC 4187 Section #6.2. Result Indications */ if (eap_aka_sim_session->send_result_ind) { - if (!fr_pair_find_by_da(&request->request_pairs, attr_eap_aka_sim_result_ind, 0)) { + if (!fr_pair_find_by_da_idx(&request->request_pairs, attr_eap_aka_sim_result_ind, 0)) { RDEBUG("We wanted to use protected result indications, but peer does not"); eap_aka_sim_session->send_result_ind = false; } else { return STATE_TRANSITION(common_success_notification); } - } else if (fr_pair_find_by_da(&request->request_pairs, attr_eap_aka_sim_result_ind, 0)) { + } else if (fr_pair_find_by_da_idx(&request->request_pairs, attr_eap_aka_sim_result_ind, 0)) { RDEBUG("Peer wanted to use protected result indications, but we do not"); } @@ -1703,7 +1703,7 @@ STATE(common_reauthentication) eap_aka_sim_session_t *eap_aka_sim_session = talloc_get_type_abort(mctx->rctx, eap_aka_sim_session_t); fr_pair_t *subtype_vp = NULL; - subtype_vp = fr_pair_find_by_da(&request->request_pairs, attr_eap_aka_sim_subtype, 0); + subtype_vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_eap_aka_sim_subtype, 0); if (!subtype_vp) { REDEBUG("Missing AT_SUBTYPE"); goto fail; @@ -1767,7 +1767,7 @@ static unlang_action_t common_reauthentication_request_compose(rlm_rcode_t *p_re * Not seen any doing this for re-authentication * but you never know... */ - kdf_id = fr_pair_find_by_da(&request->control_pairs, attr_eap_aka_sim_kdf_identity, 0); + kdf_id = fr_pair_find_by_da_idx(&request->control_pairs, attr_eap_aka_sim_kdf_identity, 0); if (kdf_id) { crypto_identity_set(request, eap_aka_sim_session, (uint8_t const *)kdf_id->vp_strvalue, kdf_id->vp_length); @@ -1840,7 +1840,7 @@ static unlang_action_t common_reauthentication_request_compose(rlm_rcode_t *p_re * * Use our default, but allow user override too. */ - vp = fr_pair_find_by_da(&request->reply_pairs, attr_eap_aka_sim_result_ind, 0); + vp = fr_pair_find_by_da_idx(&request->reply_pairs, attr_eap_aka_sim_result_ind, 0); if (vp) eap_aka_sim_session->send_result_ind = vp->vp_bool; /* @@ -2118,7 +2118,7 @@ RESUME(recv_aka_syncronization_failure) * We couldn't generate an SQN and the user didn't provide one, * so we need to fail. */ - vp = fr_pair_find_by_da(&request->control_pairs, attr_sim_sqn, 0); + vp = fr_pair_find_by_da_idx(&request->control_pairs, attr_sim_sqn, 0); if (!vp) { REDEBUG("No &control.SQN value provided after resynchronisation, cannot continue"); goto failure; @@ -2176,7 +2176,7 @@ RESUME(recv_aka_challenge_response) */ if (checkcode_validate(request) < 0) goto failure; - vp = fr_pair_find_by_da(&request->request_pairs, attr_eap_aka_sim_res, 0); + vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_eap_aka_sim_res, 0); if (!vp) { REDEBUG("AT_RES missing from challenge response"); goto failure; @@ -2208,13 +2208,13 @@ RESUME(recv_aka_challenge_response) * RFC 4187 Section #6.2. Result Indications */ if (eap_aka_sim_session->send_result_ind) { - if (!fr_pair_find_by_da(&request->request_pairs, attr_eap_aka_sim_result_ind, 0)) { + if (!fr_pair_find_by_da_idx(&request->request_pairs, attr_eap_aka_sim_result_ind, 0)) { RDEBUG("We wanted to use protected result indications, but peer does not"); eap_aka_sim_session->send_result_ind = false; } else { return STATE_TRANSITION(common_success_notification); } - } else if (fr_pair_find_by_da(&request->request_pairs, attr_eap_aka_sim_result_ind, 0)) { + } else if (fr_pair_find_by_da_idx(&request->request_pairs, attr_eap_aka_sim_result_ind, 0)) { RDEBUG("Peer wanted to use protected result indications, but we do not"); } @@ -2239,7 +2239,7 @@ STATE(aka_challenge) fr_pair_t *subtype_vp = NULL; fr_pair_t *vp; - subtype_vp = fr_pair_find_by_da(&request->request_pairs, attr_eap_aka_sim_subtype, 0); + subtype_vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_eap_aka_sim_subtype, 0); if (!subtype_vp) { REDEBUG("Missing AT_SUBTYPE"); goto fail; @@ -2262,7 +2262,7 @@ STATE(aka_challenge) eap_aka_sim_session->allow_encrypted = false; - vp = fr_pair_find_by_da(&request->request_pairs, attr_eap_aka_sim_auts, 0); + vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_eap_aka_sim_auts, 0); if (!vp) { REDEBUG("EAP-Response/AKA-Synchronisation-Failure missing AT_AUTS"); failure: @@ -2341,7 +2341,7 @@ RESUME(send_aka_challenge_request) * implement RFC 4187 correctly and use the * wrong identity as input the the PRF/KDF. */ - kdf_id = fr_pair_find_by_da(&request->control_pairs, attr_eap_aka_sim_kdf_identity, 0); + kdf_id = fr_pair_find_by_da_idx(&request->control_pairs, attr_eap_aka_sim_kdf_identity, 0); if (kdf_id) { crypto_identity_set(request, eap_aka_sim_session, (uint8_t const *)kdf_id->vp_strvalue, kdf_id->vp_length); @@ -2355,7 +2355,7 @@ RESUME(send_aka_challenge_request) * Copy the network name the user specified for * key derivation purposes. */ - vp = fr_pair_find_by_da(&request->reply_pairs, attr_eap_aka_sim_kdf_input, 0); + vp = fr_pair_find_by_da_idx(&request->reply_pairs, attr_eap_aka_sim_kdf_input, 0); if (vp) { talloc_free(eap_aka_sim_session->keys.network); eap_aka_sim_session->keys.network = talloc_memdup(eap_aka_sim_session, @@ -2423,7 +2423,7 @@ RESUME(send_aka_challenge_request) * * Use our default, but allow user override too. */ - vp = fr_pair_find_by_da(&request->reply_pairs, attr_eap_aka_sim_result_ind, 0); + vp = fr_pair_find_by_da_idx(&request->reply_pairs, attr_eap_aka_sim_result_ind, 0); if (vp) eap_aka_sim_session->send_result_ind = vp->vp_bool; /* @@ -2506,7 +2506,7 @@ STATE_GUARD(aka_challenge) * and send it to the peer. */ if (inst->network_name && - !fr_pair_find_by_da(&request->reply_pairs, attr_eap_aka_sim_kdf_input, 0)) { + !fr_pair_find_by_da_idx(&request->reply_pairs, attr_eap_aka_sim_kdf_input, 0)) { MEM(pair_append_reply(&vp, attr_eap_aka_sim_kdf_input) >= 0); fr_pair_value_bstrdup_buffer(vp, inst->network_name, false); } @@ -2522,7 +2522,7 @@ STATE_GUARD(aka_challenge) * Set the defaults for protected result indicator */ if (eap_aka_sim_session->send_result_ind && - !fr_pair_find_by_da(&request->reply_pairs, attr_eap_aka_sim_result_ind, 0)) { + !fr_pair_find_by_da_idx(&request->reply_pairs, attr_eap_aka_sim_result_ind, 0)) { MEM(pair_append_reply(&vp, attr_eap_aka_sim_result_ind) >= 0); vp->vp_bool = true; } @@ -2564,13 +2564,13 @@ RESUME(recv_sim_challenge_response) * notification, otherwise send a normal EAP-Success. */ if (eap_aka_sim_session->send_result_ind) { - if (!fr_pair_find_by_da(&request->request_pairs, attr_eap_aka_sim_result_ind, 0)) { + if (!fr_pair_find_by_da_idx(&request->request_pairs, attr_eap_aka_sim_result_ind, 0)) { RDEBUG("We wanted to use protected result indications, but peer does not"); eap_aka_sim_session->send_result_ind = false; } else { return STATE_TRANSITION(common_success_notification); } - } else if (fr_pair_find_by_da(&request->request_pairs, attr_eap_aka_sim_result_ind, 0)) { + } else if (fr_pair_find_by_da_idx(&request->request_pairs, attr_eap_aka_sim_result_ind, 0)) { RDEBUG("Peer wanted to use protected result indications, but we do not"); } @@ -2591,7 +2591,7 @@ STATE(sim_challenge) eap_aka_sim_session_t *eap_aka_sim_session = talloc_get_type_abort(mctx->rctx, eap_aka_sim_session_t); fr_pair_t *subtype_vp = NULL; - subtype_vp = fr_pair_find_by_da(&request->request_pairs, attr_eap_aka_sim_subtype, 0); + subtype_vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_eap_aka_sim_subtype, 0); if (!subtype_vp) { REDEBUG("Missing AT_SUBTYPE"); goto fail; @@ -2645,7 +2645,7 @@ RESUME(send_sim_challenge_request) * implement RFC 4187 correctly and use the * wrong identity as input the the PRF/KDF. */ - kdf_id = fr_pair_find_by_da(&request->control_pairs, attr_eap_aka_sim_kdf_identity, 0); + kdf_id = fr_pair_find_by_da_idx(&request->control_pairs, attr_eap_aka_sim_kdf_identity, 0); if (kdf_id) { crypto_identity_set(request, eap_aka_sim_session, (uint8_t const *)kdf_id->vp_strvalue, kdf_id->vp_length); @@ -2673,7 +2673,7 @@ RESUME(send_sim_challenge_request) * * Use our default, but allow user override too. */ - vp = fr_pair_find_by_da(&request->reply_pairs, attr_eap_aka_sim_result_ind, 0); + vp = fr_pair_find_by_da_idx(&request->reply_pairs, attr_eap_aka_sim_result_ind, 0); if (vp) eap_aka_sim_session->send_result_ind = vp->vp_bool; /* @@ -2730,7 +2730,7 @@ STATE_GUARD(sim_challenge) * Set the defaults for protected result indicator */ if (eap_aka_sim_session->send_result_ind && - !fr_pair_find_by_da(&request->reply_pairs, attr_eap_aka_sim_result_ind, 0)) { + !fr_pair_find_by_da_idx(&request->reply_pairs, attr_eap_aka_sim_result_ind, 0)) { MEM(pair_append_reply(&vp, attr_eap_aka_sim_result_ind) >= 0); vp->vp_bool = true; } @@ -2825,7 +2825,7 @@ RESUME(recv_aka_identity_response) * If the identity looks like a fast re-auth id * run fast re-auth, otherwise do fullauth. */ - identity_type = fr_pair_find_by_da(&request->request_pairs, attr_eap_aka_sim_identity_type, 0); + identity_type = fr_pair_find_by_da_idx(&request->request_pairs, attr_eap_aka_sim_identity_type, 0); if (identity_type) switch (identity_type->vp_uint32) { case FR_IDENTITY_TYPE_VALUE_FASTAUTH: return STATE_TRANSITION(common_reauthentication); @@ -2865,7 +2865,7 @@ STATE(aka_identity) eap_aka_sim_session_t *eap_aka_sim_session = talloc_get_type_abort(mctx->rctx, eap_aka_sim_session_t); fr_pair_t *subtype_vp = NULL; - subtype_vp = fr_pair_find_by_da(&request->request_pairs, attr_eap_aka_sim_subtype, 0); + subtype_vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_eap_aka_sim_subtype, 0); if (!subtype_vp) { REDEBUG("Missing AT_SUBTYPE"); goto fail; @@ -2880,7 +2880,7 @@ STATE(aka_identity) fr_pair_t *id; fr_aka_sim_id_type_t type; - id = fr_pair_find_by_da(&request->request_pairs, attr_eap_aka_sim_identity, 0); + id = fr_pair_find_by_da_idx(&request->request_pairs, attr_eap_aka_sim_identity, 0); if (!id) { /* * 9.2. EAP-Response/Identity @@ -3090,7 +3090,7 @@ RESUME(recv_sim_start_response) * If the identity looks like a fast re-auth id * run fast re-auth, otherwise do fullauth. */ - identity_type = fr_pair_find_by_da(&request->request_pairs, attr_eap_aka_sim_identity_type, 0); + identity_type = fr_pair_find_by_da_idx(&request->request_pairs, attr_eap_aka_sim_identity_type, 0); if (identity_type) switch (identity_type->vp_uint32) { case FR_IDENTITY_TYPE_VALUE_FASTAUTH: /* @@ -3100,7 +3100,7 @@ RESUME(recv_sim_start_response) * with a fast re-authentication identity is present for fast * re-authentication */ - if (fr_pair_find_by_da(&request->request_pairs, attr_eap_aka_sim_nonce_mt, 0)) { + if (fr_pair_find_by_da_idx(&request->request_pairs, attr_eap_aka_sim_nonce_mt, 0)) { REDEBUG("AT_NONCE_MT is not allowed in EAP-Response/SIM-Reauthentication messages"); return STATE_TRANSITION(common_failure_notification); } @@ -3112,7 +3112,7 @@ RESUME(recv_sim_start_response) * AT_IDENTITY attribute with a fast re-authentication identity is * present for fast re-authentication. */ - if (fr_pair_find_by_da(&request->request_pairs, attr_eap_aka_sim_selected_version, 0)) { + if (fr_pair_find_by_da_idx(&request->request_pairs, attr_eap_aka_sim_selected_version, 0)) { REDEBUG("AT_SELECTED_VERSION is not allowed in EAP-Response/SIM-Reauthentication messages"); return STATE_TRANSITION(common_failure_notification); } @@ -3168,7 +3168,7 @@ STATE(sim_start) eap_aka_sim_session_t *eap_aka_sim_session = talloc_get_type_abort(mctx->rctx, eap_aka_sim_session_t); fr_pair_t *subtype_vp = NULL; - subtype_vp = fr_pair_find_by_da(&request->request_pairs, attr_eap_aka_sim_subtype, 0); + subtype_vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_eap_aka_sim_subtype, 0); if (!subtype_vp) { REDEBUG("Missing AT_SUBTYPE"); goto fail; @@ -3179,7 +3179,7 @@ STATE(sim_start) fr_pair_t *id; fr_aka_sim_id_type_t type; - id = fr_pair_find_by_da(&request->request_pairs, attr_eap_aka_sim_identity, 0); + id = fr_pair_find_by_da_idx(&request->request_pairs, attr_eap_aka_sim_identity, 0); if (!id) { /* * RFC 4186 Section #9.2 @@ -3281,7 +3281,7 @@ RESUME(send_sim_start) * If the user provided no versions, then * just add the default (1). */ - if (!(fr_pair_find_by_da(&request->reply_pairs, attr_eap_aka_sim_version_list, 0))) { + if (!(fr_pair_find_by_da_idx(&request->reply_pairs, attr_eap_aka_sim_version_list, 0))) { MEM(pair_append_reply(&vp, attr_eap_aka_sim_version_list) >= 0); vp->vp_uint16 = EAP_SIM_VERSION; } @@ -3401,10 +3401,10 @@ RESUME(recv_common_identity_response) * This must be done before we enter * the submodule. */ - eap_type = fr_pair_find_by_da(&request->control_pairs, attr_eap_type, 0); + eap_type = fr_pair_find_by_da_idx(&request->control_pairs, attr_eap_type, 0); if (eap_type) RWDEBUG("Ignoring &control.EAP-Type, this must be set *before* the EAP module is called"); - method = fr_pair_find_by_da(&request->request_pairs, attr_eap_aka_sim_method_hint, 0); + method = fr_pair_find_by_da_idx(&request->request_pairs, attr_eap_aka_sim_method_hint, 0); /* * Set default configuration, we may allow these @@ -3514,7 +3514,7 @@ RESUME(recv_common_identity_response) * If the identity looks like a fast re-auth id * run fast re-auth, otherwise do a fullauth. */ - identity_type = fr_pair_find_by_da(&request->request_pairs, attr_eap_aka_sim_identity_type, 0); + identity_type = fr_pair_find_by_da_idx(&request->request_pairs, attr_eap_aka_sim_identity_type, 0); if (identity_type) switch (identity_type->vp_uint32) { case FR_IDENTITY_TYPE_VALUE_FASTAUTH: return STATE_TRANSITION(common_reauthentication); diff --git a/src/lib/eap_aka_sim/vector.c b/src/lib/eap_aka_sim/vector.c index 8bf459bdbe..3d899fd9d1 100644 --- a/src/lib/eap_aka_sim/vector.c +++ b/src/lib/eap_aka_sim/vector.c @@ -46,7 +46,7 @@ static int vector_opc_from_op(request_t *request, uint8_t const **out, uint8_t o fr_pair_t *opc_vp; fr_pair_t *op_vp; - opc_vp = fr_pair_find_by_da(list, attr_sim_opc, 0); + opc_vp = fr_pair_find_by_da_idx(list, attr_sim_opc, 0); if (opc_vp) { if (opc_vp->vp_length != MILENAGE_OPC_SIZE) { REDEBUG("&control.%s has incorrect length, expected %u bytes got %zu bytes", @@ -57,7 +57,7 @@ static int vector_opc_from_op(request_t *request, uint8_t const **out, uint8_t o return 0; } - op_vp = fr_pair_find_by_da(list, attr_sim_op, 0); + op_vp = fr_pair_find_by_da_idx(list, attr_sim_op, 0); if (op_vp) { if (op_vp->vp_length != MILENAGE_OP_SIZE) { REDEBUG("&control.%s has incorrect length, expected %u bytes got %zu bytes", @@ -87,7 +87,7 @@ static int vector_gsm_from_ki(request_t *request, fr_pair_list_t *vps, int idx, /* * Generate a new RAND value, and derive Kc and SRES from Ki */ - ki_vp = fr_pair_find_by_da(vps, attr_sim_ki, 0); + ki_vp = fr_pair_find_by_da_idx(vps, attr_sim_ki, 0); if (!ki_vp) { RDEBUG3("No &control.%sfound, not generating triplets locally", attr_sim_ki->name); return 1; @@ -101,7 +101,7 @@ static int vector_gsm_from_ki(request_t *request, fr_pair_list_t *vps, int idx, * Check to see if we have a Ki for the IMSI, this allows us to generate the rest * of the triplets. */ - version_vp = fr_pair_find_by_da(vps, attr_sim_algo_version, 0); + version_vp = fr_pair_find_by_da_idx(vps, attr_sim_algo_version, 0); if (!version_vp) { if (vector_opc_from_op(request, &opc_p, opc_buff, vps, ki_vp->vp_octets) < 0) return -1; version = opc_p ? FR_SIM_ALGO_VERSION_VALUE_COMP128_4 : FR_SIM_ALGO_VERSION_VALUE_COMP128_3; @@ -404,7 +404,7 @@ static int vector_umts_from_ki(request_t *request, fr_pair_list_t *vps, fr_aka_s /* * Select the algorithm (default to Milenage) */ - version_vp = fr_pair_find_by_da(vps, attr_sim_algo_version, 0); + version_vp = fr_pair_find_by_da_idx(vps, attr_sim_algo_version, 0); if (version_vp) version = version_vp->vp_uint32; /* @@ -439,7 +439,7 @@ static int vector_umts_from_ki(request_t *request, fr_pair_list_t *vps, fr_aka_s /* * Find the Ki VP and check its length */ - ki_vp = fr_pair_find_by_da(vps, attr_sim_ki, 0); + ki_vp = fr_pair_find_by_da_idx(vps, attr_sim_ki, 0); if (!ki_vp) { RDEBUG3("No &control.%s found, not generating quintuplets locally", attr_sim_ki->name); return 1; @@ -452,13 +452,13 @@ static int vector_umts_from_ki(request_t *request, fr_pair_list_t *vps, fr_aka_s /* * Find the Sequence Number VP or default to SQN = 2 */ - sqn_vp = fr_pair_find_by_da(vps, attr_sim_sqn, 0); + sqn_vp = fr_pair_find_by_da_idx(vps, attr_sim_sqn, 0); keys->sqn = sqn_vp ? sqn_vp->vp_uint64 : 2; /* 2 is the lowest valid SQN on our side */ /* * Check if we have an AMF value */ - amf_vp = fr_pair_find_by_da(vps, attr_sim_amf, 0); + amf_vp = fr_pair_find_by_da_idx(vps, attr_sim_amf, 0); if (amf_vp) { if (amf_vp->vp_length != amf_size) { REDEBUG("&control.%s has incorrect length, expected %zu bytes got %zu bytes", @@ -598,7 +598,7 @@ static int vector_umts_from_quintuplets(request_t *request, fr_pair_list_t *vps, /* * Fetch AUTN */ - autn_vp = fr_pair_find_by_da(vps, attr_eap_aka_sim_autn, 0); + autn_vp = fr_pair_find_by_da_idx(vps, attr_eap_aka_sim_autn, 0); if (!autn_vp) { RDEBUG3("No &control.%s attribute found, not using UMTS quintuplets", attr_eap_aka_sim_autn->name); return 1; @@ -614,7 +614,7 @@ static int vector_umts_from_quintuplets(request_t *request, fr_pair_list_t *vps, /* * Fetch CK */ - ck_vp = fr_pair_find_by_da(vps, attr_eap_aka_sim_ck, 0); + ck_vp = fr_pair_find_by_da_idx(vps, attr_eap_aka_sim_ck, 0); if (!ck_vp) { RDEBUG3("No &control.%s attribute found, not using UMTS quintuplets", attr_eap_aka_sim_ck->name); return 1; @@ -630,7 +630,7 @@ static int vector_umts_from_quintuplets(request_t *request, fr_pair_list_t *vps, /* * Fetch IK */ - ik_vp = fr_pair_find_by_da(vps, attr_eap_aka_sim_ik, 0); + ik_vp = fr_pair_find_by_da_idx(vps, attr_eap_aka_sim_ik, 0); if (!ik_vp) { RDEBUG3("No &control.%s attribute found, not using UMTS quintuplets", attr_eap_aka_sim_ik->name); return 1; @@ -646,7 +646,7 @@ static int vector_umts_from_quintuplets(request_t *request, fr_pair_list_t *vps, /* * Fetch RAND */ - rand_vp = fr_pair_find_by_da(vps, attr_eap_aka_sim_rand, 0); + rand_vp = fr_pair_find_by_da_idx(vps, attr_eap_aka_sim_rand, 0); if (!rand_vp) { RDEBUG3("No &control.%s attribute found, not using quintuplet derivation", attr_eap_aka_sim_rand->name); return 1; @@ -661,7 +661,7 @@ static int vector_umts_from_quintuplets(request_t *request, fr_pair_list_t *vps, /* * Fetch XRES */ - xres_vp = fr_pair_find_by_da(vps, attr_eap_aka_sim_xres, 0); + xres_vp = fr_pair_find_by_da_idx(vps, attr_eap_aka_sim_xres, 0); if (!xres_vp) { RDEBUG3("No &control.%s attribute found, not using UMTS quintuplets", attr_eap_aka_sim_xres->name); return 1; @@ -677,7 +677,7 @@ static int vector_umts_from_quintuplets(request_t *request, fr_pair_list_t *vps, /* * Fetch (optional) AK */ - ak_vp = fr_pair_find_by_da(vps, attr_eap_aka_sim_ak, 0); + ak_vp = fr_pair_find_by_da_idx(vps, attr_eap_aka_sim_ak, 0); if (ak_vp && (ak_vp->vp_length != MILENAGE_AK_SIZE)) { REDEBUG("&control.%s incorrect length. Expected " STRINGIFY(MILENAGE_AK_SIZE) " bytes, got %zu bytes", @@ -688,7 +688,7 @@ static int vector_umts_from_quintuplets(request_t *request, fr_pair_list_t *vps, /* * Fetch (optional) SQN */ - sqn_vp = fr_pair_find_by_da(vps, attr_sim_sqn, 0); + sqn_vp = fr_pair_find_by_da_idx(vps, attr_sim_sqn, 0); if (sqn_vp && (sqn_vp->vp_length != MILENAGE_SQN_SIZE)) { REDEBUG("&control.%s incorrect length. Expected " STRINGIFY(MILENAGE_AK_SIZE) " bytes, got %zu bytes", @@ -830,7 +830,7 @@ int fr_aka_sim_vector_gsm_umts_kdf_0_reauth_from_attrs(request_t *request, fr_pa * This is the *old* counter value increment * by 1 to get the *new* counter value */ - counter_vp = fr_pair_find_by_da(vps, attr_eap_aka_sim_counter, 0); + counter_vp = fr_pair_find_by_da_idx(vps, attr_eap_aka_sim_counter, 0); if (!counter_vp) { RDEBUG2("No &session-state.%s attribute found, can't calculate re-auth keys", attr_eap_aka_sim_counter->name); @@ -838,8 +838,8 @@ int fr_aka_sim_vector_gsm_umts_kdf_0_reauth_from_attrs(request_t *request, fr_pa } counter_vp->vp_uint16++; - mk_vp = fr_pair_find_by_da(vps, attr_session_data, 0); - if (!mk_vp) mk_vp = fr_pair_find_by_da(vps, attr_eap_aka_sim_mk, 0); + mk_vp = fr_pair_find_by_da_idx(vps, attr_session_data, 0); + if (!mk_vp) mk_vp = fr_pair_find_by_da_idx(vps, attr_eap_aka_sim_mk, 0); if (!mk_vp) { RDEBUG2("Neither &session-state.%s or &session-state.%s attributes found, " "can't calculate re-auth keys", attr_session_data->name, attr_eap_aka_sim_mk->name); @@ -879,7 +879,7 @@ int fr_aka_sim_vector_umts_kdf_1_reauth_from_attrs(request_t *request, fr_pair_l * This is the *old* counter value increment * by 1 to get the *new* counter value */ - counter_vp = fr_pair_find_by_da(vps, attr_eap_aka_sim_counter, 0); + counter_vp = fr_pair_find_by_da_idx(vps, attr_eap_aka_sim_counter, 0); if (!counter_vp) { RDEBUG2("No &session-state.%s attribute found, can't calculate re-auth keys", attr_eap_aka_sim_counter->name); @@ -887,8 +887,8 @@ int fr_aka_sim_vector_umts_kdf_1_reauth_from_attrs(request_t *request, fr_pair_l } counter_vp->vp_uint16++; - mk_vp = fr_pair_find_by_da(vps, attr_session_data, 0); - if (!mk_vp) mk_vp = fr_pair_find_by_da(vps, attr_eap_aka_sim_mk, 0); + mk_vp = fr_pair_find_by_da_idx(vps, attr_session_data, 0); + if (!mk_vp) mk_vp = fr_pair_find_by_da_idx(vps, attr_eap_aka_sim_mk, 0); if (!mk_vp) { RDEBUG2("Neither &session-state.%s or &session-sate:%s attributes found, " "can't calculate re-auth keys", attr_session_data->name, attr_eap_aka_sim_mk->name); diff --git a/src/lib/eap_aka_sim/xlat.c b/src/lib/eap_aka_sim/xlat.c index e5c6630b55..247f3a0071 100644 --- a/src/lib/eap_aka_sim/xlat.c +++ b/src/lib/eap_aka_sim/xlat.c @@ -262,7 +262,7 @@ static xlat_action_t aka_sim_3gpp_temporary_id_decrypt_xlat(TALLOC_CTX *ctx, fr_ /* * Figure out what tag we should add to the permanent id */ - eap_type = fr_pair_find_by_da(&request->request_pairs, attr_eap_type, 0); + eap_type = fr_pair_find_by_da_idx(&request->request_pairs, attr_eap_type, 0); if (eap_type) { if (eap_type->vp_uint32 == enum_eap_type_sim->vb_uint32) { out_tag = ID_TAG_SIM_PERMANENT; @@ -448,7 +448,7 @@ static xlat_action_t aka_sim_3gpp_temporary_id_encrypt_xlat(TALLOC_CTX *ctx, fr_ } else if ((id_len >= AKA_SIM_IMSI_MIN_LEN) && (id_len <= AKA_SIM_IMSI_MAX_LEN)) { fr_pair_t *eap_type; - eap_type = fr_pair_find_by_da(&request->request_pairs, attr_eap_type, 0); + eap_type = fr_pair_find_by_da_idx(&request->request_pairs, attr_eap_type, 0); if (!eap_type) { REDEBUG("ID does not contain method hint, and no &request.EAP-Type found. " "Don't know what tag to prepend to encrypted identity"); diff --git a/src/lib/server/pair_server_tests.c b/src/lib/server/pair_server_tests.c index c6bd552fb1..6e512909f9 100644 --- a/src/lib/server/pair_server_tests.c +++ b/src/lib/server/pair_server_tests.c @@ -210,7 +210,7 @@ static void test_pair_update_request(void) vp->vp_uint32 = 112233; TEST_CASE("Expected fr_dict_attr_test_uint32 (vp->vp_uint32 == 112233)"); - TEST_CHECK((vp = fr_pair_find_by_da(&request->request_pairs, fr_dict_attr_test_uint32, 0)) != NULL); + TEST_CHECK((vp = fr_pair_find_by_da_idx(&request->request_pairs, fr_dict_attr_test_uint32, 0)) != NULL); TEST_CASE("Validating PAIR_VERIFY()"); PAIR_VERIFY(vp); @@ -239,7 +239,7 @@ static void test_pair_update_reply(void) vp->vp_uint32 = 3333; TEST_CASE("Expected fr_dict_attr_test_uint32 (vp->vp_uint32 == 3333)"); - TEST_CHECK((vp = fr_pair_find_by_da(&request->reply_pairs, fr_dict_attr_test_uint32, 0)) != NULL); + TEST_CHECK((vp = fr_pair_find_by_da_idx(&request->reply_pairs, fr_dict_attr_test_uint32, 0)) != NULL); TEST_CASE("Validating PAIR_VERIFY()"); PAIR_VERIFY(vp); @@ -264,7 +264,7 @@ static void test_pair_update_control(void) vp->vp_uint32 = 44444; TEST_CASE("Expected fr_dict_attr_test_uint32 (vp->vp_uint32 == 44444)"); - TEST_CHECK((vp = fr_pair_find_by_da(&request->control_pairs, fr_dict_attr_test_uint32, 0)) != NULL); + TEST_CHECK((vp = fr_pair_find_by_da_idx(&request->control_pairs, fr_dict_attr_test_uint32, 0)) != NULL); TEST_CASE("Validating PAIR_VERIFY()"); PAIR_VERIFY(vp); @@ -289,7 +289,7 @@ static void test_pair_update_session_state(void) vp->vp_uint32 = 7890; TEST_CASE("Expected fr_dict_attr_test_uint32 (vp->vp_uint32 == 7890)"); - TEST_CHECK((vp = fr_pair_find_by_da(&request->session_state_pairs, fr_dict_attr_test_uint32, 0)) != NULL); + TEST_CHECK((vp = fr_pair_find_by_da_idx(&request->session_state_pairs, fr_dict_attr_test_uint32, 0)) != NULL); TEST_CASE("Validating PAIR_VERIFY()"); PAIR_VERIFY(vp); @@ -310,7 +310,7 @@ static void test_pair_delete_request(void) TEST_CHECK(pair_delete_request(fr_dict_attr_test_uint32) > 0); TEST_CASE("The 'Test-Integer' shouldn't exist in 'request->request_pairs'"); - TEST_CHECK(fr_pair_find_by_da(&request->request_pairs, fr_dict_attr_test_uint32, 0) == NULL); + TEST_CHECK(fr_pair_find_by_da_idx(&request->request_pairs, fr_dict_attr_test_uint32, 0) == NULL); TEST_CHECK_RET(talloc_free(request), 0); } @@ -326,7 +326,7 @@ static void test_pair_delete_reply(void) TEST_CHECK(pair_delete_reply(fr_dict_attr_test_uint32) > 0); TEST_CASE("The 'Test-Integer' shouldn't exist in 'request->reply_pairs'"); - TEST_CHECK(fr_pair_find_by_da(&request->reply_pairs, fr_dict_attr_test_uint32, 0) == NULL); + TEST_CHECK(fr_pair_find_by_da_idx(&request->reply_pairs, fr_dict_attr_test_uint32, 0) == NULL); TEST_CHECK_RET(talloc_free(request), 0); } @@ -342,7 +342,7 @@ static void test_pair_delete_control(void) TEST_CHECK(pair_delete_control(fr_dict_attr_test_uint32) > 0); TEST_CASE("The 'Test-Integer' shouldn't exist in 'request->control_pairs'"); - TEST_CHECK(fr_pair_find_by_da(&request->control_pairs, fr_dict_attr_test_uint32, 0) == NULL); + TEST_CHECK(fr_pair_find_by_da_idx(&request->control_pairs, fr_dict_attr_test_uint32, 0) == NULL); TEST_CHECK_RET(talloc_free(request), 0); } @@ -358,7 +358,7 @@ static void test_pair_delete_session_state(void) TEST_CHECK(pair_delete_session_state(fr_dict_attr_test_uint32) > 0); TEST_CASE("The 'Test-Integer' shouldn't exist in 'request->state'"); - TEST_CHECK(fr_pair_find_by_da(&request->session_state_pairs, fr_dict_attr_test_uint32, 0) == NULL); + TEST_CHECK(fr_pair_find_by_da_idx(&request->session_state_pairs, fr_dict_attr_test_uint32, 0) == NULL); TEST_CHECK_RET(talloc_free(request), 0); } diff --git a/src/lib/server/paircmp.c b/src/lib/server/paircmp.c index 39114849b9..aeb24b87e1 100644 --- a/src/lib/server/paircmp.c +++ b/src/lib/server/paircmp.c @@ -542,7 +542,7 @@ int paircmp(request_t *request, WARN("Are you sure you don't mean Password.Cleartext?"); WARN("See \"man rlm_pap\" for more information"); } - if (fr_pair_find_by_da(request_list, attr_user_password, 0) == NULL) continue; + if (fr_pair_find_by_da_idx(request_list, attr_user_password, 0) == NULL) continue; } /* diff --git a/src/lib/server/state.c b/src/lib/server/state.c index 007a9bb071..bbccb77c8c 100644 --- a/src/lib/server/state.c +++ b/src/lib/server/state.c @@ -457,7 +457,7 @@ static fr_state_entry_t *state_entry_create(fr_state_tree_t *state, request_t *r * int the reply, we use that in preference to the * old state. */ - vp = fr_pair_find_by_da(reply_list, state->da, 0); + vp = fr_pair_find_by_da_idx(reply_list, state->da, 0); if (vp) { if (DEBUG_ENABLED && (vp->vp_length > sizeof(entry->state))) { WARN("State too long, will be truncated. Expected <= %zd bytes, got %zu bytes", @@ -606,7 +606,7 @@ void fr_state_discard(fr_state_tree_t *state, request_t *request) fr_state_entry_t *entry; fr_pair_t *vp; - vp = fr_pair_find_by_da(&request->request_pairs, state->da, 0); + vp = fr_pair_find_by_da_idx(&request->request_pairs, state->da, 0); if (!vp) return; PTHREAD_MUTEX_LOCK(&state->mutex); @@ -666,7 +666,7 @@ int fr_state_to_request(fr_state_tree_t *state, request_t *request) /* * No State, don't do anything. */ - vp = fr_pair_find_by_da(&request->request_pairs, state->da, 0); + vp = fr_pair_find_by_da_idx(&request->request_pairs, state->da, 0); if (!vp) { RDEBUG3("No &request.%s attribute, can't restore &session-state", state->da->name); if (request->seq_start == 0) request->seq_start = request->number; /* Need check for fake requests */ diff --git a/src/lib/server/trigger.c b/src/lib/server/trigger.c index a13b0295d1..2152a7d635 100644 --- a/src/lib/server/trigger.c +++ b/src/lib/server/trigger.c @@ -89,7 +89,7 @@ xlat_action_t trigger_xlat(TALLOC_CTX *ctx, fr_dcursor_t *out, request_t *reques return XLAT_ACTION_FAIL; } - vp = fr_pair_find_by_da(head, da, 0); + vp = fr_pair_find_by_da_idx(head, da, 0); if (!vp) { ERROR("Attribute \"%pV\" is not valid for this trigger", in_head); return XLAT_ACTION_FAIL; diff --git a/src/lib/server/virtual_servers.c b/src/lib/server/virtual_servers.c index 017a48a9d2..49ad0d7990 100644 --- a/src/lib/server/virtual_servers.c +++ b/src/lib/server/virtual_servers.c @@ -1295,7 +1295,7 @@ rlm_rcode_t virtual_server_process_auth(request_t *request, CONF_SECTION *virtua char const *auth_name; rlm_rcode_t rcode = RLM_MODULE_NOOP; - vp = fr_pair_find_by_da(&request->control_pairs, attr_auth_type, 0); + vp = fr_pair_find_by_da_idx(&request->control_pairs, attr_auth_type, 0); if (!vp) { RDEBUG2("No &control.Auth-Type found"); fail: diff --git a/src/lib/tls/cache.c b/src/lib/tls/cache.c index 90b1ae8034..ae63cf91c8 100644 --- a/src/lib/tls/cache.c +++ b/src/lib/tls/cache.c @@ -263,7 +263,7 @@ static unlang_action_t tls_cache_load_result(UNUSED rlm_rcode_t *p_result, UNUSE uint8_t const *q, **p; SSL_SESSION *sess; - vp = fr_pair_find_by_da(&request->reply_pairs, attr_tls_packet_type, 0); + vp = fr_pair_find_by_da_idx(&request->reply_pairs, attr_tls_packet_type, 0); if (!vp || (vp->vp_uint32 != enum_tls_packet_type_success->vb_uint32)) { RWDEBUG("Failed acquiring session data"); error: @@ -271,7 +271,7 @@ static unlang_action_t tls_cache_load_result(UNUSED rlm_rcode_t *p_result, UNUSE return UNLANG_ACTION_CALCULATE_RESULT; } - vp = fr_pair_find_by_da(&request->reply_pairs, attr_tls_session_data, 0); + vp = fr_pair_find_by_da_idx(&request->reply_pairs, attr_tls_session_data, 0); if (!vp) { RWDEBUG("No cached session found"); goto error; @@ -367,7 +367,7 @@ static unlang_action_t tls_cache_store_result(UNUSED rlm_rcode_t *p_result, UNUS tls_cache_store_state_reset(tls_cache); - vp = fr_pair_find_by_da(&request->reply_pairs, attr_tls_packet_type, 0); + vp = fr_pair_find_by_da_idx(&request->reply_pairs, attr_tls_packet_type, 0); if (vp && (vp->vp_uint32 == enum_tls_packet_type_success->vb_uint32)) { tls_cache->store.state = FR_TLS_CACHE_STORE_PERSISTED; /* Avoid spurious clear calls */ } else { @@ -489,7 +489,7 @@ static unlang_action_t tls_cache_clear_result(UNUSED rlm_rcode_t *p_result, UNUS tls_cache_clear_state_reset(tls_cache); - vp = fr_pair_find_by_da(&request->reply_pairs, attr_tls_packet_type, 0); + vp = fr_pair_find_by_da_idx(&request->reply_pairs, attr_tls_packet_type, 0); if (vp && ((vp->vp_uint32 == enum_tls_packet_type_success->vb_uint32) || (vp->vp_uint32 == enum_tls_packet_type_notfound->vb_uint32))) { @@ -880,7 +880,7 @@ int fr_tls_cache_disable_cb(SSL *ssl, int is_forward_secure) goto disable; } - vp = fr_pair_find_by_da(&request->control_pairs, attr_allow_session_resumption, 0); + vp = fr_pair_find_by_da_idx(&request->control_pairs, attr_allow_session_resumption, 0); if (vp && (vp->vp_uint32 == 0)) { RDEBUG2("&control.Allow-Session-Resumption == no, denying session resumption"); disable: diff --git a/src/lib/tls/session.c b/src/lib/tls/session.c index 57eb6b21df..e4d9b32b79 100644 --- a/src/lib/tls/session.c +++ b/src/lib/tls/session.c @@ -1713,7 +1713,7 @@ fr_tls_session_t *fr_tls_session_alloc_server(TALLOC_CTX *ctx, SSL_CTX *ssl_ctx, /* * Add the session certificate to the session. */ - vp = fr_pair_find_by_da(&request->control_pairs, attr_tls_session_cert_file, 0); + vp = fr_pair_find_by_da_idx(&request->control_pairs, attr_tls_session_cert_file, 0); if (vp) { RDEBUG2("Loading TLS session certificate \"%pV\"", &vp->data); @@ -1755,7 +1755,7 @@ fr_tls_session_t *fr_tls_session_alloc_server(TALLOC_CTX *ctx, SSL_CTX *ssl_ctx, * This is mainly used for testing in environments where we can't * get test credentials for the host. */ - vp = fr_pair_find_by_da(&request->control_pairs, attr_tls_session_require_client_cert, 0); + vp = fr_pair_find_by_da_idx(&request->control_pairs, attr_tls_session_require_client_cert, 0); if (vp) client_cert = vp->vp_bool; /* @@ -1794,7 +1794,7 @@ fr_tls_session_t *fr_tls_session_alloc_server(TALLOC_CTX *ctx, SSL_CTX *ssl_ctx, * just too much. */ tls_session->mtu = conf->fragment_size; - vp = fr_pair_find_by_da(&request->request_pairs, attr_framed_mtu, 0); + vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_framed_mtu, 0); if (vp && (vp->vp_uint32 > 100) && (vp->vp_uint32 < tls_session->mtu)) { RDEBUG2("Setting fragment_len to %u from &Framed-MTU", vp->vp_uint32); tls_session->mtu = vp->vp_uint32; diff --git a/src/lib/tls/verify.c b/src/lib/tls/verify.c index e37f3d379e..65d44017ea 100644 --- a/src/lib/tls/verify.c +++ b/src/lib/tls/verify.c @@ -211,7 +211,7 @@ int fr_tls_verify_cert_cb(int ok, X509_STORE_CTX *x509_ctx) } if (verify_applies(conf->verify.attribute_mode, depth, untrusted) && - (!(container = fr_pair_find_by_da(&request->session_state_pairs, attr_tls_certificate, depth)) || + (!(container = fr_pair_find_by_da_idx(&request->session_state_pairs, attr_tls_certificate, depth)) || fr_pair_list_empty(&container->vp_group))) { if (!container) { unsigned int i; @@ -401,7 +401,7 @@ static unlang_action_t tls_verify_client_cert_result(UNUSED rlm_rcode_t *p_resul fr_assert(tls_session->validate.state == FR_TLS_VALIDATION_REQUESTED); - vp = fr_pair_find_by_da(&request->reply_pairs, attr_tls_packet_type, 0); + vp = fr_pair_find_by_da_idx(&request->reply_pairs, attr_tls_packet_type, 0); if (!vp || (vp->vp_uint32 != enum_tls_packet_type_success->vb_uint32)) { REDEBUG("Failed (re-)validating certificates"); tls_session->validate.state = FR_TLS_VALIDATION_FAILED; diff --git a/src/lib/unlang/call.c b/src/lib/unlang/call.c index bea19f208e..57c0311320 100644 --- a/src/lib/unlang/call.c +++ b/src/lib/unlang/call.c @@ -72,7 +72,7 @@ static unlang_action_t unlang_call_frame_init(rlm_rcode_t *p_result, request_t * */ type_enum = fr_dict_enum_by_value(gext->attr_packet_type, fr_box_uint32(request->packet->code)); if (!type_enum) { - packet_type_vp = fr_pair_find_by_da(&request->request_pairs, gext->attr_packet_type, 0); + packet_type_vp = fr_pair_find_by_da_idx(&request->request_pairs, gext->attr_packet_type, 0); if (!packet_type_vp) { bad_packet_type: REDEBUG("No such value '%d' of attribute 'Packet-Type' for server %s", diff --git a/src/lib/unlang/subrequest_child.c b/src/lib/unlang/subrequest_child.c index 3b0b63bccf..f1f26c85b0 100644 --- a/src/lib/unlang/subrequest_child.c +++ b/src/lib/unlang/subrequest_child.c @@ -85,7 +85,7 @@ int unlang_subrequest_lifetime_set(request_t *request) /* * Set Request Lifetime */ - vp = fr_pair_find_by_da(&request->control_pairs, request_attr_request_lifetime, 0); + vp = fr_pair_find_by_da_idx(&request->control_pairs, request_attr_request_lifetime, 0); if (!vp || (vp->vp_uint32 > 0)) { fr_time_delta_t when = fr_time_delta_wrap(0); const fr_event_timer_t **ev_p; diff --git a/src/lib/util/dpair_legacy.c b/src/lib/util/dpair_legacy.c index 712de64c12..3afee983e0 100644 --- a/src/lib/util/dpair_legacy.c +++ b/src/lib/util/dpair_legacy.c @@ -701,7 +701,7 @@ void fr_pair_list_move(fr_pair_list_t *to, fr_pair_list_t *from, fr_token_t op) * it doesn't already exist. */ case T_OP_EQ: - found = fr_pair_find_by_da(to, i->da); + found = fr_pair_find_by_da_idx(to, i->da); if (!found) goto do_add; i = fr_pair_list_next(from, i); @@ -712,7 +712,7 @@ void fr_pair_list_move(fr_pair_list_t *to, fr_pair_list_t *from, fr_token_t op) * of the same vendor/attr which already exists. */ case T_OP_SET: - found = fr_pair_find_by_da(to, i->da); + found = fr_pair_find_by_da_idx(to, i->da); if (!found) goto do_add; /* diff --git a/src/lib/util/pair.c b/src/lib/util/pair.c index 15fbec3089..b67e0d33e7 100644 --- a/src/lib/util/pair.c +++ b/src/lib/util/pair.c @@ -627,30 +627,55 @@ unsigned int fr_pair_count_by_da(fr_pair_list_t const *list, fr_dict_attr_t cons return count; } -/** Find a pair with a matching da +/** Find a pair with a matching da at a given index + * + * @param[in] list to search in. + * @param[in] prev the previous attribute in the list. + * @param[in] da the next da to find. + * @return + * - first matching fr_pair_t. + * - NULL if no fr_pair_ts match. + * + * @hidecallergraph + */ +fr_pair_t *fr_pair_find_by_da(fr_pair_list_t const *list, fr_pair_t const *prev, fr_dict_attr_t const *da) +{ + fr_pair_t *vp = UNCONST(fr_pair_t *, prev); + + if (fr_dlist_empty(&list->order)) return NULL; + + PAIR_LIST_VERIFY(list); + + while ((vp = fr_pair_list_next(list, vp))) if (da == vp->da) return vp; + + return NULL; +} + +/** Find a pair with a matching da at a given index * * @param[in] list to search in. * @param[in] da to look for in the list. - * @param[in] n Instance of the attribute to return. + * @param[in] idx Instance of the attribute to return. * @return * - first matching fr_pair_t. * - NULL if no fr_pair_ts match. * * @hidecallergraph */ -fr_pair_t *fr_pair_find_by_da(fr_pair_list_t const *list, fr_dict_attr_t const *da, unsigned int n) +fr_pair_t *fr_pair_find_by_da_idx(fr_pair_list_t const *list, fr_dict_attr_t const *da, unsigned int idx) { - fr_pair_t *vp = NULL; + fr_pair_t *vp = NULL; if (fr_dlist_empty(&list->order)) return NULL; PAIR_LIST_VERIFY(list); while ((vp = fr_pair_list_next(list, vp))) { - if (da == vp->da) { - if (n == 0) return vp; - n--; - } + if (da != vp->da) continue; + + if (idx == 0) return vp; + + idx--; } return NULL; } @@ -658,7 +683,7 @@ fr_pair_t *fr_pair_find_by_da(fr_pair_list_t const *list, fr_dict_attr_t const * /** Find a pair which has the specified ancestor * * @param[in] list to search in. - * @param[in] prev where to start the search from. + * @param[in] prev attribute to start search from. * @param[in] ancestor to look for in the list. * @return * - first matching fr_pair_t. @@ -666,10 +691,10 @@ fr_pair_t *fr_pair_find_by_da(fr_pair_list_t const *list, fr_dict_attr_t const * * * @hidecallergraph */ -fr_pair_t *fr_pair_find_by_ancestor(fr_pair_list_t const *list, - fr_pair_t const *prev, fr_dict_attr_t const *ancestor) +fr_pair_t *fr_pair_find_by_ancestor(fr_pair_list_t const *list, fr_pair_t const *prev, + fr_dict_attr_t const *ancestor) { - fr_pair_t *vp = UNCONST(fr_pair_t *, prev); + fr_pair_t *vp = UNCONST(fr_pair_t *, prev); while ((vp = fr_pair_list_next(list, vp))) { if (!fr_dict_attr_common_parent(ancestor, vp->da, true)) continue; @@ -680,18 +705,70 @@ fr_pair_t *fr_pair_find_by_ancestor(fr_pair_list_t const *list, return NULL; } +/** Find a pair which has the specified ancestor at a given index + * + * @param[in] list to search in. + * @param[in] ancestor to look for in the list. + * @param[in] idx Instance of the attribute to return. + * @return + * - first matching fr_pair_t. + * - NULL if no fr_pair_ts match. + * + * @hidecallergraph + */ +fr_pair_t *fr_pair_find_by_ancestor_idx(fr_pair_list_t const *list, + fr_dict_attr_t const *ancestor, unsigned int idx) +{ + fr_pair_t *vp = NULL; + + while ((vp = fr_pair_list_next(list, vp))) { + if (!fr_dict_attr_common_parent(ancestor, vp->da, true)) continue; + + if (idx == 0) return vp; + idx--; + } + + return NULL; +} + /** Find the pair with the matching child attribute + * + * @param[in] list in which to search. + * @param[in] prev attribute to start search from. + * @param[in] parent attribute in which to lookup child. + * @param[in] attr id of child. + * @return + * - first matching value pair. + * - NULL if no pair found. + */ +fr_pair_t *fr_pair_find_by_child_num(fr_pair_list_t const *list, fr_pair_t const *prev, + fr_dict_attr_t const *parent, unsigned int attr) +{ + fr_dict_attr_t const *da; + + /* List head may be NULL if it contains no VPs */ + if (fr_dlist_empty(&list->order)) return NULL; + + PAIR_LIST_VERIFY(list); + + da = fr_dict_attr_child_by_num(parent, attr); + if (!da) return NULL; + + return fr_pair_find_by_da(list, prev, da); +} + +/** Find the pair with the matching child attribute at a given index * * @param[in] list in which to search. * @param[in] parent attribute in which to lookup child. * @param[in] attr id of child. - * @param[in] n Instance of the attribute to return. + * @param[in] idx Instance of the attribute to return. * @return * - first matching value pair. * - NULL if no pair found. */ -fr_pair_t *fr_pair_find_by_child_num(fr_pair_list_t *list, - fr_dict_attr_t const *parent, unsigned int attr, unsigned int n) +fr_pair_t *fr_pair_find_by_child_num_idx(fr_pair_list_t const *list, + fr_dict_attr_t const *parent, unsigned int attr, unsigned int idx) { fr_dict_attr_t const *da; @@ -703,7 +780,7 @@ fr_pair_t *fr_pair_find_by_child_num(fr_pair_list_t *list, da = fr_dict_attr_child_by_num(parent, attr); if (!da) return NULL; - return fr_pair_find_by_da(list, da, n); + return fr_pair_find_by_da_idx(list, da, idx); } /** Return a pointer to the pair list @@ -1093,7 +1170,7 @@ int fr_pair_update_by_da(TALLOC_CTX *ctx, fr_pair_t **out, fr_pair_list_t *list, { fr_pair_t *vp; - vp = fr_pair_find_by_da(list, da, n); + vp = fr_pair_find_by_da_idx(list, da, n); if (vp) { PAIR_VERIFY(vp); if (out) *out = vp; diff --git a/src/lib/util/pair.h b/src/lib/util/pair.h index c3f86554e8..c12b1a8157 100644 --- a/src/lib/util/pair.h +++ b/src/lib/util/pair.h @@ -263,14 +263,23 @@ unsigned int fr_pair_count_by_da(fr_pair_list_t const *list, fr_dict_attr_t cons CC_HINT(nonnull); fr_pair_t *fr_pair_find_by_da(fr_pair_list_t const *list, - fr_dict_attr_t const *da, unsigned int n) CC_HINT(nonnull); + fr_pair_t const *prev, fr_dict_attr_t const *da) CC_HINT(nonnull(1,3)); + +fr_pair_t *fr_pair_find_by_da_idx(fr_pair_list_t const *list, + fr_dict_attr_t const *da, unsigned int idx) CC_HINT(nonnull); fr_pair_t *fr_pair_find_by_ancestor(fr_pair_list_t const *list, fr_pair_t const *prev, fr_dict_attr_t const *ancestor) CC_HINT(nonnull(1,3)); -fr_pair_t *fr_pair_find_by_child_num(fr_pair_list_t *list, - fr_dict_attr_t const *parent, unsigned int attr, - unsigned int n) CC_HINT(nonnull); +fr_pair_t *fr_pair_find_by_ancestor_idx(fr_pair_list_t const *list, + fr_dict_attr_t const *ancestor, unsigned int idx) CC_HINT(nonnull); + +fr_pair_t *fr_pair_find_by_child_num(fr_pair_list_t const *list, fr_pair_t const *prev, + fr_dict_attr_t const *parent, unsigned int attr) CC_HINT(nonnull(1,3)); + +fr_pair_t *fr_pair_find_by_child_num_idx(fr_pair_list_t const *list, + fr_dict_attr_t const *parent, unsigned int attr, + unsigned int idx) CC_HINT(nonnull); int fr_pair_append(fr_pair_list_t *list, fr_pair_t *vp) CC_HINT(nonnull); diff --git a/src/lib/util/pair_legacy.c b/src/lib/util/pair_legacy.c index a91ae20dde..b942862c28 100644 --- a/src/lib/util/pair_legacy.c +++ b/src/lib/util/pair_legacy.c @@ -762,7 +762,7 @@ void fr_pair_list_move(fr_pair_list_t *to, fr_pair_list_t *from, fr_token_t op) * it doesn't already exist. */ case T_OP_EQ: - found = fr_pair_find_by_da(to, i->da, 0); + found = fr_pair_find_by_da_idx(to, i->da, 0); if (!found) goto do_add; i = fr_pair_list_next(from, i); @@ -773,7 +773,7 @@ void fr_pair_list_move(fr_pair_list_t *to, fr_pair_list_t *from, fr_token_t op) * of the same vendor/attr which already exists. */ case T_OP_SET: - found = fr_pair_find_by_da(to, i->da, 0); + found = fr_pair_find_by_da_idx(to, i->da, 0); if (!found) goto do_add; /* diff --git a/src/lib/util/pair_legacy_tests.c b/src/lib/util/pair_legacy_tests.c index abca9cc7f0..7ff9c8c09c 100644 --- a/src/lib/util/pair_legacy_tests.c +++ b/src/lib/util/pair_legacy_tests.c @@ -108,7 +108,7 @@ static void test_fr_pair_mark_xlat(void) fr_pair_t *vp; TEST_CASE("Find 'Test-String-0'"); - TEST_CHECK((vp = fr_pair_find_by_da(&test_pairs, fr_dict_attr_test_string, 0)) != NULL); + TEST_CHECK((vp = fr_pair_find_by_da_idx(&test_pairs, fr_dict_attr_test_string, 0)) != NULL); TEST_CASE("Validating PAIR_VERIFY()"); PAIR_VERIFY(vp); @@ -138,7 +138,7 @@ static void test_fr_pair_list_afrom_str(void) TEST_CHECK(fr_pair_list_afrom_str(autofree, test_dict, buffer, strlen(buffer), &list) == T_EOL); TEST_CASE("Looking for Test-Uint32-0"); - TEST_CHECK((vp = fr_pair_find_by_da(&list, fr_dict_attr_test_uint32, 0)) != NULL); + TEST_CHECK((vp = fr_pair_find_by_da_idx(&list, fr_dict_attr_test_uint32, 0)) != NULL); TEST_CASE("Validating PAIR_VERIFY()"); PAIR_VERIFY(vp); @@ -147,7 +147,7 @@ static void test_fr_pair_list_afrom_str(void) TEST_CHECK(vp && vp->vp_uint32 == 123); TEST_CASE("Looking for Test-String-0"); - TEST_CHECK((vp = fr_pair_find_by_da(&list, fr_dict_attr_test_string, 0)) != NULL); + TEST_CHECK((vp = fr_pair_find_by_da_idx(&list, fr_dict_attr_test_string, 0)) != NULL); TEST_CASE("Validating PAIR_VERIFY()"); PAIR_VERIFY(vp); @@ -187,7 +187,7 @@ static void test_fr_pair_list_afrom_file(void) TEST_CHECK(fr_pair_list_afrom_file(autofree, test_dict, &list, fp, &pfiledone) == 0); TEST_CASE("Looking for Test-Uint32-0"); - TEST_CHECK((vp = fr_pair_find_by_da(&list, fr_dict_attr_test_uint32, 0)) != NULL); + TEST_CHECK((vp = fr_pair_find_by_da_idx(&list, fr_dict_attr_test_uint32, 0)) != NULL); TEST_CASE("Validating PAIR_VERIFY()"); PAIR_VERIFY(vp); @@ -196,7 +196,7 @@ static void test_fr_pair_list_afrom_file(void) TEST_CHECK(vp && vp->vp_uint32 == 123); TEST_CASE("Looking for Test-String-0"); - TEST_CHECK((vp = fr_pair_find_by_da(&list, fr_dict_attr_test_string, 0)) != NULL); + TEST_CHECK((vp = fr_pair_find_by_da_idx(&list, fr_dict_attr_test_string, 0)) != NULL); TEST_CASE("Validating PAIR_VERIFY()"); PAIR_VERIFY(vp); @@ -228,7 +228,7 @@ static void test_fr_pair_list_move(void) fr_pair_list_move(&new_list, &old_list, T_OP_ADD); TEST_CASE("Looking for Test-Uint32-0"); - TEST_CHECK((vp = fr_pair_find_by_da(&new_list, fr_dict_attr_test_uint32, 0)) != NULL); + TEST_CHECK((vp = fr_pair_find_by_da_idx(&new_list, fr_dict_attr_test_uint32, 0)) != NULL); TEST_CASE("Validating PAIR_VERIFY()"); PAIR_VERIFY(vp); @@ -239,7 +239,7 @@ static void test_fr_pair_list_move(void) TEST_CHECK(vp && vp->vp_uint32 == 123); TEST_CASE("Looking for Test-String-0"); - TEST_CHECK((vp = fr_pair_find_by_da(&new_list, fr_dict_attr_test_string, 0)) != NULL); + TEST_CHECK((vp = fr_pair_find_by_da_idx(&new_list, fr_dict_attr_test_string, 0)) != NULL); TEST_CASE("Validating PAIR_VERIFY()"); PAIR_VERIFY(vp); diff --git a/src/lib/util/pair_list_perf_test.c b/src/lib/util/pair_list_perf_test.c index ee7a857f9a..179974ec03 100644 --- a/src/lib/util/pair_list_perf_test.c +++ b/src/lib/util/pair_list_perf_test.c @@ -337,7 +337,7 @@ static void do_test_fr_pair_append(unsigned int len, unsigned int perc, unsigned TEST_MSG_ALWAYS("per_sec=%0.0lf", (reps * len)/(fr_time_delta_unwrap(used) / (double)NSEC)); } -static void do_test_fr_pair_find_by_da(unsigned int len, unsigned int perc, unsigned int reps, fr_pair_t *source_vps[]) +static void do_test_fr_pair_find_by_da_idx(unsigned int len, unsigned int perc, unsigned int reps, fr_pair_t *source_vps[]) { fr_pair_list_t test_vps; unsigned int i, j; @@ -367,7 +367,7 @@ static void do_test_fr_pair_find_by_da(unsigned int len, unsigned int perc, unsi int idx = rand() % input_count; da = source_vps[idx]->da; start = fr_time(); - (void) fr_pair_find_by_da(&test_vps, da, 0); + (void) fr_pair_find_by_da_idx(&test_vps, da, 0); end = fr_time(); used = fr_time_delta_add(used, fr_time_sub(end, start)); } @@ -413,7 +413,7 @@ static void do_test_find_nth(unsigned int len, unsigned int perc, unsigned int r da = source_vps[idx]->da; start = fr_time(); - (void) fr_pair_find_by_da(&test_vps, da, nth_item); + (void) fr_pair_find_by_da_idx(&test_vps, da, nth_item); end = fr_time(); used = fr_time_delta_add(used, fr_time_sub(end, start)); } @@ -478,7 +478,7 @@ static void test_ ## _func ## _ ## _count ## _ ## _perc(void)\ test_funcs(_func, 100) all_test_funcs(fr_pair_append) -all_test_funcs(fr_pair_find_by_da) +all_test_funcs(fr_pair_find_by_da_idx) all_test_funcs(find_nth) all_test_funcs(fr_pair_list_free) @@ -498,7 +498,7 @@ all_test_funcs(fr_pair_list_free) TEST_LIST = { all_repetition_tests(fr_pair_append) - all_repetition_tests(fr_pair_find_by_da) + all_repetition_tests(fr_pair_find_by_da_idx) all_repetition_tests(find_nth) all_repetition_tests(fr_pair_list_free) diff --git a/src/lib/util/pair_tests.c b/src/lib/util/pair_tests.c index 60953ef8c9..8470b1ea74 100644 --- a/src/lib/util/pair_tests.c +++ b/src/lib/util/pair_tests.c @@ -230,12 +230,12 @@ static void test_fr_pair_dcursor_by_ancestor_init(void) TEST_CHECK(needle && needle->da == fr_dict_attr_test_tlv_string); } -static void test_fr_pair_find_by_da(void) +static void test_fr_pair_find_by_da_idx(void) { fr_pair_t *vp; - TEST_CASE("Search for fr_dict_attr_test_tlv_string using fr_pair_find_by_da()"); - TEST_CHECK((vp = fr_pair_find_by_da(&test_pairs, fr_dict_attr_test_tlv_string, 0)) != NULL); + TEST_CASE("Search for fr_dict_attr_test_tlv_string using fr_pair_find_by_da_idx()"); + TEST_CHECK((vp = fr_pair_find_by_da_idx(&test_pairs, fr_dict_attr_test_tlv_string, 0)) != NULL); TEST_CASE("Validating PAIR_VERIFY()"); PAIR_VERIFY(vp); @@ -244,12 +244,12 @@ static void test_fr_pair_find_by_da(void) TEST_CHECK(vp && vp->da == fr_dict_attr_test_tlv_string); } -static void test_fr_pair_find_by_child_num(void) +static void test_fr_pair_find_by_child_num_idx(void) { fr_pair_t *vp; - TEST_CASE("Search for FR_TEST_ATTR_STRING using fr_pair_find_by_child_num()"); - TEST_CHECK((vp = fr_pair_find_by_child_num(&test_pairs, fr_dict_root(test_dict), FR_TEST_ATTR_STRING, 0)) != NULL); + TEST_CASE("Search for FR_TEST_ATTR_STRING using fr_pair_find_by_child_num_idx()"); + TEST_CHECK((vp = fr_pair_find_by_child_num_idx(&test_pairs, fr_dict_root(test_dict), FR_TEST_ATTR_STRING, 0)) != NULL); TEST_CASE("Validating PAIR_VERIFY()"); PAIR_VERIFY(vp); @@ -290,7 +290,7 @@ static void test_fr_pair_delete_by_child_num(void) fr_pair_delete_by_child_num(&test_pairs, fr_dict_root(test_dict), FR_TEST_ATTR_STRING); TEST_CASE("The fr_dict_attr_test_string shouldn't exist in 'test_pairs'"); - TEST_CHECK(fr_pair_find_by_child_num(&test_pairs, fr_dict_root(test_dict), FR_TEST_ATTR_STRING, 0) == NULL); + TEST_CHECK(fr_pair_find_by_child_num_idx(&test_pairs, fr_dict_root(test_dict), FR_TEST_ATTR_STRING, 0) == NULL); TEST_CASE("Add fr_dict_attr_test_string back into 'test_pairs'"); TEST_CHECK(fr_pair_prepend_by_da(autofree, NULL, &test_pairs, fr_dict_attr_test_string) == 0); @@ -328,7 +328,7 @@ static void test_fr_pair_update_by_da(void) vp->vp_uint32 = 54321; TEST_CASE("Expected fr_dict_attr_test_uint32 (vp->vp_uint32 == 54321)"); - TEST_CHECK((vp = fr_pair_find_by_da(&test_pairs, fr_dict_attr_test_uint32, 0)) != NULL); + TEST_CHECK((vp = fr_pair_find_by_da_idx(&test_pairs, fr_dict_attr_test_uint32, 0)) != NULL); TEST_CASE("Validating PAIR_VERIFY()"); PAIR_VERIFY(vp); @@ -343,7 +343,7 @@ static void test_fr_pair_delete_by_da(void) TEST_CHECK(fr_pair_delete_by_da(&test_pairs, fr_dict_attr_test_string) == 1); TEST_CASE("The fr_dict_attr_test_string shouldn't exist in 'test_pairs'"); - TEST_CHECK(fr_pair_find_by_da(&test_pairs, fr_dict_attr_test_string, 0) == NULL); + TEST_CHECK(fr_pair_find_by_da_idx(&test_pairs, fr_dict_attr_test_string, 0) == NULL); TEST_CASE("Add fr_dict_attr_test_string back into 'test_pairs'"); TEST_CHECK(fr_pair_prepend_by_da(autofree, NULL, &test_pairs, fr_dict_attr_test_string) == 0); @@ -354,11 +354,11 @@ static void test_fr_pair_delete(void) fr_pair_t *vp; TEST_CASE("Delete fr_dict_attr_test_string using fr_pair_delete()"); - TEST_CHECK((vp = fr_pair_find_by_child_num(&test_pairs, fr_dict_root(test_dict), FR_TEST_ATTR_STRING, 0)) != NULL); + TEST_CHECK((vp = fr_pair_find_by_child_num_idx(&test_pairs, fr_dict_root(test_dict), FR_TEST_ATTR_STRING, 0)) != NULL); fr_pair_delete(&test_pairs, vp); TEST_CASE("The fr_dict_attr_test_string shouldn't exist in 'test_pairs'"); - TEST_CHECK((vp = fr_pair_find_by_child_num(&test_pairs, fr_dict_root(test_dict), FR_TEST_ATTR_STRING, 0)) == NULL); + TEST_CHECK((vp = fr_pair_find_by_child_num_idx(&test_pairs, fr_dict_root(test_dict), FR_TEST_ATTR_STRING, 0)) == NULL); TEST_CASE("Add fr_dict_attr_test_string back into 'test_pairs'"); TEST_CHECK(fr_pair_prepend_by_da(autofree, NULL, &test_pairs, fr_dict_attr_test_string) == 0); @@ -541,7 +541,7 @@ static void test_fr_pair_value_copy(void) fr_pair_t *vp1, vp2; TEST_CASE("Create 'vp1' with Test-Integer = 123"); - TEST_CHECK((vp1 = fr_pair_find_by_da(&test_pairs, fr_dict_attr_test_uint32, 0)) != NULL); + TEST_CHECK((vp1 = fr_pair_find_by_da_idx(&test_pairs, fr_dict_attr_test_uint32, 0)) != NULL); TEST_CASE("Validating PAIR_VERIFY()"); PAIR_VERIFY(vp1); @@ -560,7 +560,7 @@ static void test_fr_pair_value_from_str(void) fr_pair_t *vp; TEST_CASE("Find 'Test-String'"); - TEST_CHECK((vp = fr_pair_find_by_da(&test_pairs, fr_dict_attr_test_string, 0)) != NULL); + TEST_CHECK((vp = fr_pair_find_by_da_idx(&test_pairs, fr_dict_attr_test_string, 0)) != NULL); TEST_CASE("Validating PAIR_VERIFY()"); PAIR_VERIFY(vp); @@ -580,7 +580,7 @@ static void test_fr_pair_value_strdup(void) fr_pair_t *vp; TEST_CASE("Find 'Test-String'"); - TEST_CHECK((vp = fr_pair_find_by_da(&test_pairs, fr_dict_attr_test_string, 0)) != NULL); + TEST_CHECK((vp = fr_pair_find_by_da_idx(&test_pairs, fr_dict_attr_test_string, 0)) != NULL); TEST_CASE("Validating PAIR_VERIFY()"); PAIR_VERIFY(vp); @@ -601,7 +601,7 @@ static void test_fr_pair_value_strdup_shallow(void) char *copy_test_string; TEST_CASE("Find 'Test-String'"); - TEST_CHECK((vp = fr_pair_find_by_da(&test_pairs, fr_dict_attr_test_string, 0)) != NULL); + TEST_CHECK((vp = fr_pair_find_by_da_idx(&test_pairs, fr_dict_attr_test_string, 0)) != NULL); TEST_CASE("Validating PAIR_VERIFY()"); PAIR_VERIFY(vp); @@ -626,7 +626,7 @@ static void test_fr_pair_value_strtrim(void) fr_pair_t *vp; TEST_CASE("Find 'Test-String'"); - TEST_CHECK((vp = fr_pair_find_by_da(&test_pairs, fr_dict_attr_test_string, 0)) != NULL); + TEST_CHECK((vp = fr_pair_find_by_da_idx(&test_pairs, fr_dict_attr_test_string, 0)) != NULL); TEST_CASE("Validating PAIR_VERIFY()"); PAIR_VERIFY(vp); @@ -653,7 +653,7 @@ static void test_fr_pair_value_aprintf(void) snprintf(fmt_test, sizeof(fmt_test), "Now is %"PRId64, fr_time_unwrap(now)); TEST_CASE("Find 'Test-String'"); - TEST_CHECK((vp = fr_pair_find_by_da(&test_pairs, fr_dict_attr_test_string, 0)) != NULL); + TEST_CHECK((vp = fr_pair_find_by_da_idx(&test_pairs, fr_dict_attr_test_string, 0)) != NULL); TEST_CASE("Validating PAIR_VERIFY()"); PAIR_VERIFY(vp); @@ -674,7 +674,7 @@ static void test_fr_pair_value_bstr_alloc(void) char *out = NULL; TEST_CASE("Find 'Test-String'"); - TEST_CHECK((vp = fr_pair_find_by_da(&test_pairs, fr_dict_attr_test_string, 0)) != NULL); + TEST_CHECK((vp = fr_pair_find_by_da_idx(&test_pairs, fr_dict_attr_test_string, 0)) != NULL); TEST_CASE("Validating PAIR_VERIFY()"); PAIR_VERIFY(vp); @@ -701,7 +701,7 @@ static void test_fr_pair_value_bstr_realloc(void) char *out = NULL; TEST_CASE("Find 'Test-String'"); - TEST_CHECK((vp = fr_pair_find_by_da(&test_pairs, fr_dict_attr_test_string, 0)) != NULL); + TEST_CHECK((vp = fr_pair_find_by_da_idx(&test_pairs, fr_dict_attr_test_string, 0)) != NULL); TEST_CASE("Validating PAIR_VERIFY()"); PAIR_VERIFY(vp); @@ -730,7 +730,7 @@ static void test_fr_pair_value_bstrndup(void) fr_pair_t *vp; TEST_CASE("Find 'Test-String'"); - TEST_CHECK((vp = fr_pair_find_by_da(&test_pairs, fr_dict_attr_test_string, 0)) != NULL); + TEST_CHECK((vp = fr_pair_find_by_da_idx(&test_pairs, fr_dict_attr_test_string, 0)) != NULL); TEST_CASE("Validating PAIR_VERIFY()"); PAIR_VERIFY(vp); @@ -748,7 +748,7 @@ static void test_fr_pair_value_bstrdup_buffer(void) char *copy_test_string; TEST_CASE("Find 'Test-String'"); - TEST_CHECK((vp = fr_pair_find_by_da(&test_pairs, fr_dict_attr_test_string, 0)) != NULL); + TEST_CHECK((vp = fr_pair_find_by_da_idx(&test_pairs, fr_dict_attr_test_string, 0)) != NULL); TEST_CASE("Validating PAIR_VERIFY()"); PAIR_VERIFY(vp); @@ -771,7 +771,7 @@ static void test_fr_pair_value_bstrndup_shallow(void) char *copy_test_string; TEST_CASE("Find 'Test-String'"); - TEST_CHECK((vp = fr_pair_find_by_da(&test_pairs, fr_dict_attr_test_string, 0)) != NULL); + TEST_CHECK((vp = fr_pair_find_by_da_idx(&test_pairs, fr_dict_attr_test_string, 0)) != NULL); TEST_CASE("Validating PAIR_VERIFY()"); PAIR_VERIFY(vp); @@ -794,7 +794,7 @@ static void test_fr_pair_value_bstrdup_buffer_shallow(void) char *copy_test_string; TEST_CASE("Find 'Test-String'"); - TEST_CHECK((vp = fr_pair_find_by_da(&test_pairs, fr_dict_attr_test_string, 0)) != NULL); + TEST_CHECK((vp = fr_pair_find_by_da_idx(&test_pairs, fr_dict_attr_test_string, 0)) != NULL); TEST_CASE("Validating PAIR_VERIFY()"); PAIR_VERIFY(vp); @@ -817,7 +817,7 @@ static void test_fr_pair_value_bstrn_append(void) char *copy_test_string; TEST_CASE("Find 'Test-String'"); - TEST_CHECK((vp = fr_pair_find_by_da(&test_pairs, fr_dict_attr_test_string, 0)) != NULL); + TEST_CHECK((vp = fr_pair_find_by_da_idx(&test_pairs, fr_dict_attr_test_string, 0)) != NULL); TEST_CASE("Validating PAIR_VERIFY()"); PAIR_VERIFY(vp); @@ -847,7 +847,7 @@ static void test_fr_pair_value_bstr_append_buffer(void) char *copy_test_string; TEST_CASE("Find 'Test-String'"); - TEST_CHECK((vp = fr_pair_find_by_da(&test_pairs, fr_dict_attr_test_string, 0)) != NULL); + TEST_CHECK((vp = fr_pair_find_by_da_idx(&test_pairs, fr_dict_attr_test_string, 0)) != NULL); TEST_CASE("Validating PAIR_VERIFY()"); PAIR_VERIFY(vp); @@ -880,7 +880,7 @@ static void test_fr_pair_value_mem_alloc(void) uint8_t *out; TEST_CASE("Find 'Test-Octets'"); - TEST_CHECK((vp = fr_pair_find_by_da(&test_pairs, fr_dict_attr_test_octets, 0)) != NULL); + TEST_CHECK((vp = fr_pair_find_by_da_idx(&test_pairs, fr_dict_attr_test_octets, 0)) != NULL); TEST_CASE("Validating PAIR_VERIFY()"); PAIR_VERIFY(vp); @@ -904,7 +904,7 @@ static void test_fr_pair_value_mem_realloc(void) uint8_t *out; TEST_CASE("Find 'Test-Octets'"); - TEST_CHECK((vp = fr_pair_find_by_da(&test_pairs, fr_dict_attr_test_octets, 0)) != NULL); + TEST_CHECK((vp = fr_pair_find_by_da_idx(&test_pairs, fr_dict_attr_test_octets, 0)) != NULL); TEST_CASE("Validating PAIR_VERIFY()"); PAIR_VERIFY(vp); @@ -941,7 +941,7 @@ static void test_fr_pair_value_memdup(void) fr_pair_t *vp; TEST_CASE("Find 'Test-Octets'"); - TEST_CHECK((vp = fr_pair_find_by_da(&test_pairs, fr_dict_attr_test_octets, 0)) != NULL); + TEST_CHECK((vp = fr_pair_find_by_da_idx(&test_pairs, fr_dict_attr_test_octets, 0)) != NULL); TEST_CASE("Validating PAIR_VERIFY()"); PAIR_VERIFY(vp); @@ -959,7 +959,7 @@ static void test_fr_pair_value_memdup_buffer(void) uint8_t *copy_test_octets; TEST_CASE("Find 'Test-Octets'"); - TEST_CHECK((vp = fr_pair_find_by_da(&test_pairs, fr_dict_attr_test_octets, 0)) != NULL); + TEST_CHECK((vp = fr_pair_find_by_da_idx(&test_pairs, fr_dict_attr_test_octets, 0)) != NULL); TEST_CASE("Validating PAIR_VERIFY()"); PAIR_VERIFY(vp); @@ -982,7 +982,7 @@ static void test_fr_pair_value_memdup_shallow(void) uint8_t *copy_test_octets; TEST_CASE("Find 'Test-Octets'"); - TEST_CHECK((vp = fr_pair_find_by_da(&test_pairs, fr_dict_attr_test_octets, 0)) != NULL); + TEST_CHECK((vp = fr_pair_find_by_da_idx(&test_pairs, fr_dict_attr_test_octets, 0)) != NULL); TEST_CASE("Validating PAIR_VERIFY()"); PAIR_VERIFY(vp); @@ -1005,7 +1005,7 @@ static void test_fr_pair_value_memdup_buffer_shallow(void) uint8_t *copy_test_octets; TEST_CASE("Find 'Test-Octets'"); - TEST_CHECK((vp = fr_pair_find_by_da(&test_pairs, fr_dict_attr_test_octets, 0)) != NULL); + TEST_CHECK((vp = fr_pair_find_by_da_idx(&test_pairs, fr_dict_attr_test_octets, 0)) != NULL); TEST_CASE("Validating PAIR_VERIFY()"); PAIR_VERIFY(vp); @@ -1027,7 +1027,7 @@ static void test_fr_pair_value_mem_append(void) fr_pair_t *vp; TEST_CASE("Find 'Test-Octets'"); - TEST_CHECK((vp = fr_pair_find_by_da(&test_pairs, fr_dict_attr_test_octets, 0)) != NULL); + TEST_CHECK((vp = fr_pair_find_by_da_idx(&test_pairs, fr_dict_attr_test_octets, 0)) != NULL); TEST_CASE("Validating PAIR_VERIFY()"); PAIR_VERIFY(vp); @@ -1052,7 +1052,7 @@ static void test_fr_pair_value_mem_append_buffer(void) uint8_t *copy_test_octets; TEST_CASE("Find 'Test-Octets'"); - TEST_CHECK((vp = fr_pair_find_by_da(&test_pairs, fr_dict_attr_test_octets, 0)) != NULL); + TEST_CHECK((vp = fr_pair_find_by_da_idx(&test_pairs, fr_dict_attr_test_octets, 0)) != NULL); TEST_CASE("Validating PAIR_VERIFY()"); PAIR_VERIFY(vp); @@ -1083,7 +1083,7 @@ static void test_fr_pair_value_enum(void) char buf[20]; TEST_CASE("Find 'Test-Values'"); - TEST_CHECK((vp = fr_pair_find_by_da(&test_pairs, fr_dict_attr_test_enum, 0)) != NULL); + TEST_CHECK((vp = fr_pair_find_by_da_idx(&test_pairs, fr_dict_attr_test_enum, 0)) != NULL); TEST_CASE("Validating PAIR_VERIFY()"); PAIR_VERIFY(vp); @@ -1105,7 +1105,7 @@ static void test_fr_pair_value_enum_box(void) fr_value_box_t const *vb; TEST_CASE("Find 'Test-Values'"); - TEST_CHECK((vp = fr_pair_find_by_da(&test_pairs, fr_dict_attr_test_enum, 0)) != NULL); + TEST_CHECK((vp = fr_pair_find_by_da_idx(&test_pairs, fr_dict_attr_test_enum, 0)) != NULL); TEST_CASE("Validating PAIR_VERIFY()"); PAIR_VERIFY(vp); @@ -1134,8 +1134,8 @@ TEST_LIST = { { "fr_dcursor_iter_by_da_init", test_fr_pair_dcursor_by_da_init }, { "fr_pair_dcursor_by_ancestor_init", test_fr_pair_dcursor_by_ancestor_init }, { "fr_pair_to_unknown", test_fr_pair_to_unknown }, - { "fr_pair_find_by_da", test_fr_pair_find_by_da }, - { "fr_pair_find_by_child_num", test_fr_pair_find_by_child_num }, + { "fr_pair_find_by_da_idx", test_fr_pair_find_by_da_idx }, + { "fr_pair_find_by_child_num_idx", test_fr_pair_find_by_child_num_idx }, { "fr_pair_append", test_fr_pair_append }, { "fr_pair_prepend_by_da", test_fr_pair_prepend_by_da }, { "fr_pair_delete_by_child_num", test_fr_pair_delete_by_child_num }, diff --git a/src/listen/cron/proto_cron_crontab.c b/src/listen/cron/proto_cron_crontab.c index e652309c2e..5fc6e70f8a 100644 --- a/src/listen/cron/proto_cron_crontab.c +++ b/src/listen/cron/proto_cron_crontab.c @@ -745,7 +745,7 @@ static int mod_instantiate(void *instance, CONF_SECTION *cs) fclose(fp); - vp = fr_pair_find_by_da(&inst->pair_list, inst->parent->attr_packet_type, 0); + vp = fr_pair_find_by_da_idx(&inst->pair_list, inst->parent->attr_packet_type, 0); if (vp) inst->code = vp->vp_uint32; return 0; diff --git a/src/listen/load/proto_load_step.c b/src/listen/load/proto_load_step.c index f95284e222..588b5da38f 100644 --- a/src/listen/load/proto_load_step.c +++ b/src/listen/load/proto_load_step.c @@ -428,7 +428,7 @@ static int mod_instantiate(void *instance, CONF_SECTION *cs) fclose(fp); } - vp = fr_pair_find_by_da(&inst->pair_list, inst->parent->attr_packet_type, 0); + vp = fr_pair_find_by_da_idx(&inst->pair_list, inst->parent->attr_packet_type, 0); if (vp) inst->code = vp->vp_uint32; return 0; diff --git a/src/listen/radius/proto_radius.c b/src/listen/radius/proto_radius.c index 5ce7b453fa..8ebd4a96ef 100644 --- a/src/listen/radius/proto_radius.c +++ b/src/listen/radius/proto_radius.c @@ -293,7 +293,7 @@ static int mod_decode(void const *instance, request_t *request, uint8_t *const d * number. */ if ((request->packet->code == FR_RADIUS_CODE_ACCESS_REQUEST) && - fr_pair_find_by_da(&request->request_pairs, attr_state, 0)) { + fr_pair_find_by_da_idx(&request->request_pairs, attr_state, 0)) { request->async->sequence = 1; } diff --git a/src/listen/tacacs/proto_tacacs.c b/src/listen/tacacs/proto_tacacs.c index 9ac29a50af..63ea2cd6bb 100644 --- a/src/listen/tacacs/proto_tacacs.c +++ b/src/listen/tacacs/proto_tacacs.c @@ -296,7 +296,7 @@ static int mod_decode(void const *instance, request_t *request, uint8_t *const d if (client->active && ((pkt->hdr.flags & FR_FLAGS_VALUE_UNENCRYPTED) == 0) && RDEBUG_ENABLED2 && - ((vp = fr_pair_find_by_da(&request->request_pairs, attr_tacacs_user_name, 0)) != NULL) && + ((vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_tacacs_user_name, 0)) != NULL) && (fr_utf8_str((uint8_t const *) vp->vp_strvalue, vp->vp_length) < 0)) { RWDEBUG("Unprintable characters in the %s. " "Double-check the shared secret on the server " diff --git a/src/modules/proto_ldap_sync/proto_ldap_sync.c b/src/modules/proto_ldap_sync/proto_ldap_sync.c index 8d7f246428..74690d04ee 100644 --- a/src/modules/proto_ldap_sync/proto_ldap_sync.c +++ b/src/modules/proto_ldap_sync/proto_ldap_sync.c @@ -843,7 +843,7 @@ static int proto_ldap_cookie_load(TALLOC_CTX *ctx, uint8_t **cookie, rad_listen_ { fr_pair_t *vp; - vp = fr_pair_find_by_da(&request->reply_pairs, attr_ldap_sync_cookie, 0); + vp = fr_pair_find_by_da_idx(&request->reply_pairs, attr_ldap_sync_cookie, 0); if (!vp) { if (config->allow_refresh) RDEBUG2("No &reply.Cookie attribute found. All entries matching " "sync configuration will be returned"); diff --git a/src/modules/rlm_cache/rlm_cache.c b/src/modules/rlm_cache/rlm_cache.c index 2f3cb5fe66..94b0bcbfc8 100644 --- a/src/modules/rlm_cache/rlm_cache.c +++ b/src/modules/rlm_cache/rlm_cache.c @@ -428,7 +428,7 @@ static unlang_action_t cache_insert(rlm_rcode_t *p_result, /* * Check to see if we need to merge the entry into the request */ - vp = fr_pair_find_by_da(&request->control_pairs, attr_cache_merge_new, 0); + vp = fr_pair_find_by_da_idx(&request->control_pairs, attr_cache_merge_new, 0); if (vp && vp->vp_bool) merge = true; if (merge) cache_merge(inst, request, c); @@ -567,7 +567,7 @@ static unlang_action_t CC_HINT(nonnull) mod_cache_it(rlm_rcode_t *p_result, modu * If Cache-Status-Only == yes, only return whether we found a * valid cache entry */ - vp = fr_pair_find_by_da(&request->control_pairs, attr_cache_status_only, 0); + vp = fr_pair_find_by_da_idx(&request->control_pairs, attr_cache_status_only, 0); if (vp && vp->vp_bool) { RINDENT(); RDEBUG3("status-only: yes"); @@ -589,13 +589,13 @@ static unlang_action_t CC_HINT(nonnull) mod_cache_it(rlm_rcode_t *p_result, modu /* * Figure out what operation we're doing */ - vp = fr_pair_find_by_da(&request->control_pairs, attr_cache_allow_merge, 0); + vp = fr_pair_find_by_da_idx(&request->control_pairs, attr_cache_allow_merge, 0); if (vp) merge = vp->vp_bool; - vp = fr_pair_find_by_da(&request->control_pairs, attr_cache_allow_insert, 0); + vp = fr_pair_find_by_da_idx(&request->control_pairs, attr_cache_allow_insert, 0); if (vp) insert = vp->vp_bool; - vp = fr_pair_find_by_da(&request->control_pairs, attr_cache_ttl, 0); + vp = fr_pair_find_by_da_idx(&request->control_pairs, attr_cache_ttl, 0); if (vp) { if (vp->vp_int32 == 0) { expire = true; @@ -1212,7 +1212,7 @@ static unlang_action_t CC_HINT(nonnull) mod_method_store(rlm_rcode_t *p_result, /* Process the TTL */ ttl = inst->config.ttl; /* Set the default value from cache { ttl=... } */ - vp = fr_pair_find_by_da(&request->control_pairs, attr_cache_ttl, 0); + vp = fr_pair_find_by_da_idx(&request->control_pairs, attr_cache_ttl, 0); if (vp) { if (vp->vp_int32 == 0) { expire = true; @@ -1363,7 +1363,7 @@ static unlang_action_t CC_HINT(nonnull) mod_method_ttl(rlm_rcode_t *p_result, mo /* Process the TTL */ ttl = inst->config.ttl; /* Set the default value from cache { ttl=... } */ - vp = fr_pair_find_by_da(&request->control_pairs, attr_cache_ttl, 0); + vp = fr_pair_find_by_da_idx(&request->control_pairs, attr_cache_ttl, 0); if (vp) { if (vp->vp_int32 < 0) { ttl = fr_time_delta_from_sec(-(vp->vp_int32)); diff --git a/src/modules/rlm_chap/rlm_chap.c b/src/modules/rlm_chap/rlm_chap.c index 3519ca272d..dab48d325e 100644 --- a/src/modules/rlm_chap/rlm_chap.c +++ b/src/modules/rlm_chap/rlm_chap.c @@ -93,7 +93,7 @@ static xlat_action_t xlat_func_chap_password(TALLOC_CTX *ctx, fr_dcursor_t *out, * Use Chap-Challenge pair if present, * Request Authenticator otherwise. */ - challenge = fr_pair_find_by_da(&request->request_pairs, attr_chap_challenge, 0); + challenge = fr_pair_find_by_da_idx(&request->request_pairs, attr_chap_challenge, 0); if (challenge && (challenge->vp_length == RADIUS_AUTH_VECTOR_LENGTH)) { vector = challenge->vp_octets; } else { @@ -114,7 +114,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authorize(rlm_rcode_t *p_result, mod fr_pair_t *vp; rlm_chap_t const *inst = talloc_get_type_abort_const(mctx->instance, rlm_chap_t); - if (fr_pair_find_by_da(&request->control_pairs, attr_auth_type, 0) != NULL) { + if (fr_pair_find_by_da_idx(&request->control_pairs, attr_auth_type, 0) != NULL) { RDEBUG3("Auth-Type is already set. Not setting 'Auth-Type := %s'", inst->name); RETURN_MODULE_NOOP; } @@ -123,7 +123,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authorize(rlm_rcode_t *p_result, mod * This case means the warnings below won't be printed * unless there's a CHAP-Password in the request. */ - if (!fr_pair_find_by_da(&request->request_pairs, attr_chap_password, 0)) { + if (!fr_pair_find_by_da_idx(&request->request_pairs, attr_chap_password, 0)) { RETURN_MODULE_NOOP; } @@ -133,7 +133,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authorize(rlm_rcode_t *p_result, mod * This is so that the rest of the code does not need to * understand CHAP. */ - vp = fr_pair_find_by_da(&request->request_pairs, attr_chap_challenge, 0); + vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_chap_challenge, 0); if (!vp) { RDEBUG2("Creating &%s from request authenticator", attr_chap_challenge->name); @@ -175,13 +175,13 @@ static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result, fr_pair_t *challenge; uint8_t const *vector; - username = fr_pair_find_by_da(&request->request_pairs, attr_user_name, 0); + username = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_name, 0); if (!username) { REDEBUG("&User-Name attribute is required for authentication"); RETURN_MODULE_INVALID; } - chap = fr_pair_find_by_da(&request->request_pairs, attr_chap_password, 0); + chap = fr_pair_find_by_da_idx(&request->request_pairs, attr_chap_password, 0); if (!chap) { REDEBUG("You set '&control.Auth-Type = CHAP' for a request that " "does not contain a CHAP-Password attribute!"); @@ -220,7 +220,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result, * Use Chap-Challenge pair if present, * Request Authenticator otherwise. */ - challenge = fr_pair_find_by_da(&request->request_pairs, attr_chap_challenge, 0); + challenge = fr_pair_find_by_da_idx(&request->request_pairs, attr_chap_challenge, 0); if (challenge && (challenge->vp_length == RADIUS_AUTH_VECTOR_LENGTH)) { vector = challenge->vp_octets; } else { @@ -239,7 +239,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result, size_t length; fr_pair_t *vp; - vp = fr_pair_find_by_da(&request->request_pairs, attr_chap_challenge, 0); + vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_chap_challenge, 0); if (vp) { RDEBUG2("Using challenge from &request.CHAP-Challenge"); p = vp->vp_octets; diff --git a/src/modules/rlm_couchbase/mod.c b/src/modules/rlm_couchbase/mod.c index 2cefd30972..8e20208d2a 100644 --- a/src/modules/rlm_couchbase/mod.c +++ b/src/modules/rlm_couchbase/mod.c @@ -627,7 +627,7 @@ int mod_ensure_start_timestamp(json_object *json, fr_pair_list_t *vps) } /* get current event timestamp */ - if ((vp = fr_pair_find_by_da(vps, attr_event_timestamp, 0)) != NULL) { + if ((vp = fr_pair_find_by_da_idx(vps, attr_event_timestamp, 0)) != NULL) { /* get seconds value from attribute */ ts = fr_time_to_sec(vp->vp_date); } else { @@ -641,7 +641,7 @@ int mod_ensure_start_timestamp(json_object *json, fr_pair_list_t *vps) memset(value, 0, sizeof(value)); /* get elapsed session time */ - if ((vp = fr_pair_find_by_da(vps, attr_acct_session_time, 0)) != NULL) { + if ((vp = fr_pair_find_by_da_idx(vps, attr_acct_session_time, 0)) != NULL) { /* calculate diff */ ts = (ts - vp->vp_uint32); /* calculate start time */ diff --git a/src/modules/rlm_couchbase/rlm_couchbase.c b/src/modules/rlm_couchbase/rlm_couchbase.c index cf37aabcf9..41588093a8 100644 --- a/src/modules/rlm_couchbase/rlm_couchbase.c +++ b/src/modules/rlm_couchbase/rlm_couchbase.c @@ -251,7 +251,7 @@ static unlang_action_t mod_accounting(rlm_rcode_t *p_result, module_ctx_t const fr_assert(request->packet != NULL); /* sanity check */ - if ((vp = fr_pair_find_by_da(&request->request_pairs, attr_acct_status_type, 0)) == NULL) { + if ((vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_acct_status_type, 0)) == NULL) { /* log debug */ RDEBUG2("could not find status type in packet"); /* return */ @@ -332,7 +332,7 @@ static unlang_action_t mod_accounting(rlm_rcode_t *p_result, module_ctx_t const switch (status) { case FR_STATUS_START: /* add start time */ - if ((vp = fr_pair_find_by_da(&request->request_pairs, attr_acct_status_type, 0)) != NULL) { + if ((vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_acct_status_type, 0)) != NULL) { /* add to json object */ json_object_object_add_ex(cookie->jobj, "startTimestamp", mod_value_pair_to_json_object(request, vp), @@ -342,7 +342,7 @@ static unlang_action_t mod_accounting(rlm_rcode_t *p_result, module_ctx_t const case FR_STATUS_STOP: /* add stop time */ - if ((vp = fr_pair_find_by_da(&request->request_pairs, attr_event_timestamp, 0)) != NULL) { + if ((vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_event_timestamp, 0)) != NULL) { /* add to json object */ json_object_object_add_ex(cookie->jobj, "stopTimestamp", mod_value_pair_to_json_object(request, vp), diff --git a/src/modules/rlm_dhcpv4/rlm_dhcpv4.c b/src/modules/rlm_dhcpv4/rlm_dhcpv4.c index ce1197d175..9100702d26 100644 --- a/src/modules/rlm_dhcpv4/rlm_dhcpv4.c +++ b/src/modules/rlm_dhcpv4/rlm_dhcpv4.c @@ -220,7 +220,7 @@ static unlang_action_t CC_HINT(nonnull) mod_process(rlm_rcode_t *p_result, modul /* * We can only send relayed packets, which have a gateway IP */ - vp = fr_pair_find_by_da(&request->request_pairs, attr_gateway_ip_address, 0); + vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_gateway_ip_address, 0); if (!vp) { REDEBUG("Relayed packets MUST have a Gateway-IP-Address attribute"); RETURN_MODULE_FAIL; @@ -229,7 +229,7 @@ static unlang_action_t CC_HINT(nonnull) mod_process(rlm_rcode_t *p_result, modul /* * Get the transaction ID. */ - vp = fr_pair_find_by_da(&request->request_pairs, attr_transaction_id, 0); + vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_transaction_id, 0); if (vp) { xid = vp->vp_uint32; @@ -245,11 +245,11 @@ static unlang_action_t CC_HINT(nonnull) mod_process(rlm_rcode_t *p_result, modul * * @todo - make sure it's a client type. */ - vp = fr_pair_find_by_da(&request->request_pairs, attr_packet_type, 0); + vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_packet_type, 0); if (vp) { code = vp->vp_uint32; - } else if ((vp = fr_pair_find_by_da(&request->request_pairs, attr_message_type, 0)) != NULL) { + } else if ((vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_message_type, 0)) != NULL) { code = vp->vp_uint8; } else { @@ -259,7 +259,7 @@ static unlang_action_t CC_HINT(nonnull) mod_process(rlm_rcode_t *p_result, modul /* * Set the destination port, defaulting to 67 */ - vp = fr_pair_find_by_da(&request->request_pairs, attr_packet_dst_port, 0); + vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_packet_dst_port, 0); if (vp) { port = vp->vp_uint16; } else { @@ -269,7 +269,7 @@ static unlang_action_t CC_HINT(nonnull) mod_process(rlm_rcode_t *p_result, modul /* * Get the destination address / port, and unicast it there. */ - vp = fr_pair_find_by_da(&request->request_pairs, attr_packet_dst_ip_address, 0); + vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_packet_dst_ip_address, 0); if (!vp) { RDEBUG("No Packet-Dst-IP-Address, cannot relay packet"); RETURN_MODULE_NOOP; diff --git a/src/modules/rlm_digest/rlm_digest.c b/src/modules/rlm_digest/rlm_digest.c index b11bb091cb..24db01f231 100644 --- a/src/modules/rlm_digest/rlm_digest.c +++ b/src/modules/rlm_digest/rlm_digest.c @@ -92,7 +92,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authorize(rlm_rcode_t *p_result, mod /* * Find the first attribute which is parented by Digest-Attributes. */ - vp = fr_pair_find_by_da(&request->request_pairs, attr_digest_attributes, 0); + vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_digest_attributes, 0); if (!vp) RETURN_MODULE_NOOP; if (!inst->auth_type) { @@ -127,21 +127,21 @@ static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result, * We require access to the plain-text password, or to the * Digest-Attributes.HA1 parameter. */ - passwd = fr_pair_find_by_da(&request->control_pairs, attr_digest_ha1, 0); + passwd = fr_pair_find_by_da_idx(&request->control_pairs, attr_digest_ha1, 0); if (passwd) { if (passwd->vp_length != 32) { REDEBUG("Digest-Attributes.HA1 has invalid length, authentication failed"); RETURN_MODULE_INVALID; } } else { - passwd = fr_pair_find_by_da(&request->control_pairs, attr_cleartext_password, 0); + passwd = fr_pair_find_by_da_idx(&request->control_pairs, attr_cleartext_password, 0); } if (!passwd) { REDEBUG("Password.Cleartext or Digest-Attributes.HA1 is required for authentication"); RETURN_MODULE_INVALID; } - vp = fr_pair_find_by_da(&request->request_pairs, attr_digest_attributes, 0); + vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_digest_attributes, 0); if (!vp) { REDEBUG("Digest-Attributes is required for authentication"); RETURN_MODULE_INVALID; @@ -151,7 +151,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result, /* * We require access to the Digest-Attributes.Nonce */ - nonce = fr_pair_find_by_da(list, attr_digest_nonce, 0); + nonce = fr_pair_find_by_da_idx(list, attr_digest_nonce, 0); if (!nonce) { REDEBUG("No Digest-Attributes.Nonce: Cannot perform Digest authentication"); RETURN_MODULE_INVALID; @@ -160,7 +160,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result, /* * A1 = Digest-Attributes.User-Name ":" Realm ":" Password */ - vp = fr_pair_find_by_da(list, attr_digest_user_name, 0); + vp = fr_pair_find_by_da_idx(list, attr_digest_user_name, 0); if (!vp) { REDEBUG("No Digest-Attributes.User-Name: Cannot perform Digest authentication"); RETURN_MODULE_INVALID; @@ -171,7 +171,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result, a1[a1_len] = ':'; a1_len++; - vp = fr_pair_find_by_da(list, attr_digest_realm, 0); + vp = fr_pair_find_by_da_idx(list, attr_digest_realm, 0); if (!vp) { REDEBUG("No Digest-Attributes.Attributes.Realm: Cannot perform Digest authentication"); RETURN_MODULE_INVALID; @@ -197,7 +197,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result, * See which variant we calculate. * Assume MD5 if no Digest-Algorithm attribute received */ - algo = fr_pair_find_by_da(list, attr_digest_algorithm, 0); + algo = fr_pair_find_by_da_idx(list, attr_digest_algorithm, 0); if ((!algo) || (strcasecmp(algo->vp_strvalue, "MD5") == 0)) { /* @@ -242,7 +242,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result, a1[a1_len] = ':'; a1_len++; - vp = fr_pair_find_by_da(list, attr_digest_cnonce, 0); + vp = fr_pair_find_by_da_idx(list, attr_digest_cnonce, 0); if (!vp) { REDEBUG("No Digest-Attributes.CNonce: Cannot perform Digest authentication"); RETURN_MODULE_INVALID; @@ -270,7 +270,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result, /* * A2 = Digest-Attributes.Method ":" Digest-Attributes.URI */ - vp = fr_pair_find_by_da(list, attr_digest_method, 0); + vp = fr_pair_find_by_da_idx(list, attr_digest_method, 0); if (!vp) { REDEBUG("No Digest-Attributes.Method: Cannot perform Digest authentication"); RETURN_MODULE_INVALID; @@ -281,7 +281,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result, a2[a2_len] = ':'; a2_len++; - vp = fr_pair_find_by_da(list, attr_digest_uri, 0); + vp = fr_pair_find_by_da_idx(list, attr_digest_uri, 0); if (!vp) { REDEBUG("No Digest-Attributes.URI: Cannot perform Digest authentication"); RETURN_MODULE_INVALID; @@ -292,7 +292,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result, /* * QOP is "auth-int", tack on ": Digest-Attributes.Body-Digest" */ - qop = fr_pair_find_by_da(list, attr_digest_qop, 0); + qop = fr_pair_find_by_da_idx(list, attr_digest_qop, 0); if (qop) { if (strcasecmp(qop->vp_strvalue, "auth-int") == 0) { fr_pair_t *body; @@ -306,7 +306,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result, /* * Must be a hex representation of an MD5 digest. */ - body = fr_pair_find_by_da(list, attr_digest_body_digest, 0); + body = fr_pair_find_by_da_idx(list, attr_digest_body_digest, 0); if (!body) { REDEBUG("No Digest-Attributes.Body-Digest: Cannot perform Digest authentication"); RETURN_MODULE_INVALID; @@ -369,7 +369,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result, kd[kd_len] = ':'; kd_len++; - vp = fr_pair_find_by_da(list, attr_digest_nonce_count, 0); + vp = fr_pair_find_by_da_idx(list, attr_digest_nonce_count, 0); if (!vp) { REDEBUG("No Digest-Attributes.Nonce-Count: Cannot perform Digest authentication"); RETURN_MODULE_INVALID; @@ -380,7 +380,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result, kd[kd_len] = ':'; kd_len++; - vp = fr_pair_find_by_da(list, attr_digest_cnonce, 0); + vp = fr_pair_find_by_da_idx(list, attr_digest_cnonce, 0); if (!vp) { REDEBUG("No Digest-Attributes.CNonce: Cannot perform Digest authentication"); RETURN_MODULE_INVALID; @@ -423,7 +423,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result, * Get the binary value of Digest-Response. This isn't * inside of the Digest-Attributes group. */ - vp = fr_pair_find_by_da(&request->request_pairs, attr_digest_response, 0); + vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_digest_response, 0); if (!vp) { REDEBUG("No Digest-Response attribute in the request. Cannot perform digest authentication"); RETURN_MODULE_INVALID; diff --git a/src/modules/rlm_eap/rlm_eap.c b/src/modules/rlm_eap/rlm_eap.c index 0268ff16a2..626a979970 100644 --- a/src/modules/rlm_eap/rlm_eap.c +++ b/src/modules/rlm_eap/rlm_eap.c @@ -272,7 +272,7 @@ static eap_type_t eap_process_nak(module_ctx_t const *mctx, request_t *request, * Pick one type out of the one they asked for, * as they may have asked for many. */ - vp = fr_pair_find_by_da(&request->control_pairs, attr_eap_type, 0); + vp = fr_pair_find_by_da_idx(&request->control_pairs, attr_eap_type, 0); for (i = 0; i < nak->length; i++) { /* * Type 0 is valid, and means there are no @@ -626,7 +626,7 @@ static unlang_action_t eap_method_select(rlm_rcode_t *p_result, module_ctx_t con * If it's not an NAI with a realm, check * to see if the user has set Stripped-User-domain. */ - stripped_user_domain = fr_pair_find_by_da(&eap_session->request->request_pairs, + stripped_user_domain = fr_pair_find_by_da_idx(&eap_session->request->request_pairs, attr_stripped_user_domain, 0); if (!stripped_user_domain) goto bad_id; } @@ -639,7 +639,7 @@ static unlang_action_t eap_method_select(rlm_rcode_t *p_result, module_ctx_t con /* * Allow per-user configuration of EAP types. */ - vp = fr_pair_find_by_da(&eap_session->request->control_pairs, attr_eap_type, 0); + vp = fr_pair_find_by_da_idx(&eap_session->request->control_pairs, attr_eap_type, 0); if (vp) { RDEBUG2("Using method from &control.EAP-Type"); next = vp->vp_uint32; @@ -813,7 +813,7 @@ static unlang_action_t mod_authenticate(rlm_rcode_t *p_result, module_ctx_t cons eap_packet_raw_t *eap_packet; unlang_action_t ua; - if (!fr_pair_find_by_da(&request->request_pairs, attr_eap_message, 0)) { + if (!fr_pair_find_by_da_idx(&request->request_pairs, attr_eap_message, 0)) { REDEBUG("You set 'Auth-Type = EAP' for a request that does not contain an EAP-Message attribute!"); RETURN_MODULE_INVALID; } @@ -931,12 +931,12 @@ static unlang_action_t mod_post_auth(rlm_rcode_t *p_result, module_ctx_t const * * says that we MUST include a User-Name attribute in the * Access-Accept. */ - username = fr_pair_find_by_da(&request->request_pairs, attr_user_name, 0); + username = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_name, 0); if ((request->reply->code == FR_RADIUS_CODE_ACCESS_ACCEPT) && username) { /* * Doesn't exist, add it in. */ - vp = fr_pair_find_by_da(&request->reply_pairs, attr_user_name, 0); + vp = fr_pair_find_by_da_idx(&request->reply_pairs, attr_user_name, 0); if (!vp) { vp = fr_pair_copy(request->reply_ctx, username); fr_pair_append(&request->reply_pairs, vp); @@ -949,12 +949,12 @@ static unlang_action_t mod_post_auth(rlm_rcode_t *p_result, module_ctx_t const * */ if (request->reply->code != FR_RADIUS_CODE_ACCESS_REJECT) RETURN_MODULE_NOOP; - if (!fr_pair_find_by_da(&request->request_pairs, attr_eap_message, 0)) { + if (!fr_pair_find_by_da_idx(&request->request_pairs, attr_eap_message, 0)) { RDEBUG3("Request didn't contain an EAP-Message, not inserting EAP-Failure"); RETURN_MODULE_NOOP; } - if (fr_pair_find_by_da(&request->reply_pairs, attr_eap_message, 0)) { + if (fr_pair_find_by_da_idx(&request->reply_pairs, attr_eap_message, 0)) { RDEBUG3("Reply already contained an EAP-Message, not inserting EAP-Failure"); RETURN_MODULE_NOOP; } diff --git a/src/modules/rlm_eap/types/rlm_eap_fast/eap_fast.c b/src/modules/rlm_eap/types/rlm_eap_fast/eap_fast.c index 195a966a3d..4a10b289c1 100644 --- a/src/modules/rlm_eap/types/rlm_eap_fast/eap_fast.c +++ b/src/modules/rlm_eap/types/rlm_eap_fast/eap_fast.c @@ -672,7 +672,7 @@ static fr_radius_packet_code_t eap_fast_eap_payload(request_t *request, eap_sess switch (fake->reply->code) { case 0: /* No reply code, must be proxied... */ #ifdef WITH_PROXY - vp = fr_pair_find_by_da(&fake->control, attr_proxy_to_realm, 0); + vp = fr_pair_find_by_da_idx(&fake->control, attr_proxy_to_realm, 0); if (vp) { int ret; eap_tunnel_data_t *tunnel; diff --git a/src/modules/rlm_eap/types/rlm_eap_fast/rlm_eap_fast.c b/src/modules/rlm_eap/types/rlm_eap_fast/rlm_eap_fast.c index 007568a72d..3e512866ad 100644 --- a/src/modules/rlm_eap/types/rlm_eap_fast/rlm_eap_fast.c +++ b/src/modules/rlm_eap/types/rlm_eap_fast/rlm_eap_fast.c @@ -539,7 +539,7 @@ static unlang_action_t mod_session_init(rlm_rcode_t *p_result, module_ctx_t cons * EAP-TLS-Require-Client-Cert attribute will override * the require_client_cert configuration option. */ - vp = fr_pair_find_by_da(&request->control_pairs, attr_eap_tls_require_client_cert, 0); + vp = fr_pair_find_by_da_idx(&request->control_pairs, attr_eap_tls_require_client_cert, 0); if (vp) { client_cert = vp->vp_uint32 ? true : false; } else { diff --git a/src/modules/rlm_eap/types/rlm_eap_mschapv2/rlm_eap_mschapv2.c b/src/modules/rlm_eap/types/rlm_eap_mschapv2/rlm_eap_mschapv2.c index 885ba1327f..76615c566e 100644 --- a/src/modules/rlm_eap/types/rlm_eap_mschapv2/rlm_eap_mschapv2.c +++ b/src/modules/rlm_eap/types/rlm_eap_mschapv2/rlm_eap_mschapv2.c @@ -726,7 +726,7 @@ packet_ready: * in the user name, THEN discard the user name. */ if (inst->with_ntdomain_hack && - ((auth_challenge = fr_pair_find_by_da(&request->request_pairs, attr_user_name, 0)) != NULL) && + ((auth_challenge = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_name, 0)) != NULL) && ((username = memchr(auth_challenge->vp_octets, '\\', auth_challenge->vp_length)) != NULL)) { /* * Wipe out the NT domain. @@ -786,13 +786,13 @@ static unlang_action_t mod_session_init(rlm_rcode_t *p_result, module_ctx_t cons */ if (!fr_cond_assert(parent)) RETURN_MODULE_FAIL; - auth_challenge = fr_pair_find_by_da(&parent->control_pairs, attr_ms_chap_challenge, 0); + auth_challenge = fr_pair_find_by_da_idx(&parent->control_pairs, attr_ms_chap_challenge, 0); if (auth_challenge && (auth_challenge->vp_length != MSCHAPV2_CHALLENGE_LEN)) { RWDEBUG("&parent.control.MS-CHAP-Challenge is incorrect length. Ignoring it"); auth_challenge = NULL; } - peer_challenge = fr_pair_find_by_da(&parent->control_pairs, attr_ms_chap_peer_challenge, 0); + peer_challenge = fr_pair_find_by_da_idx(&parent->control_pairs, attr_ms_chap_peer_challenge, 0); if (peer_challenge && (peer_challenge->vp_length != MSCHAPV2_CHALLENGE_LEN)) { RWDEBUG("&parent.control.MS-CHAP-Peer-Challenge is incorrect length. Ignoring it"); peer_challenge = NULL; @@ -801,7 +801,7 @@ static unlang_action_t mod_session_init(rlm_rcode_t *p_result, module_ctx_t cons if (auth_challenge) { created_auth_challenge = false; - peer_challenge = fr_pair_find_by_da(&parent->control_pairs, attr_ms_chap_peer_challenge, 0); + peer_challenge = fr_pair_find_by_da_idx(&parent->control_pairs, attr_ms_chap_peer_challenge, 0); if (peer_challenge && (peer_challenge->vp_length != MSCHAPV2_CHALLENGE_LEN)) { RWDEBUG("&parent.control.MS-CHAP-Peer-Challenge is incorrect length. Ignoring it"); peer_challenge = NULL; diff --git a/src/modules/rlm_eap/types/rlm_eap_peap/rlm_eap_peap.c b/src/modules/rlm_eap/types/rlm_eap_peap/rlm_eap_peap.c index f42c0ba0ed..e7274d3dda 100644 --- a/src/modules/rlm_eap/types/rlm_eap_peap/rlm_eap_peap.c +++ b/src/modules/rlm_eap/types/rlm_eap_peap/rlm_eap_peap.c @@ -299,7 +299,7 @@ static unlang_action_t mod_session_init(rlm_rcode_t *p_result, module_ctx_t cons * EAP-TLS-Require-Client-Cert attribute will override * the require_client_cert configuration option. */ - vp = fr_pair_find_by_da(&request->control_pairs, attr_eap_tls_require_client_cert, 0); + vp = fr_pair_find_by_da_idx(&request->control_pairs, attr_eap_tls_require_client_cert, 0); if (vp) { client_cert = vp->vp_uint32 ? true : false; } else { diff --git a/src/modules/rlm_eap/types/rlm_eap_pwd/rlm_eap_pwd.c b/src/modules/rlm_eap/types/rlm_eap_pwd/rlm_eap_pwd.c index 5cb4cce5b6..f4b7a04494 100644 --- a/src/modules/rlm_eap/types/rlm_eap_pwd/rlm_eap_pwd.c +++ b/src/modules/rlm_eap/types/rlm_eap_pwd/rlm_eap_pwd.c @@ -505,7 +505,7 @@ static unlang_action_t mod_session_init(rlm_rcode_t *p_result, module_ctx_t cons * The admin can dynamically change the MTU. */ session->mtu = inst->fragment_size; - vp = fr_pair_find_by_da(&request->request_pairs, attr_framed_mtu, 0); + vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_framed_mtu, 0); /* * session->mtu is *our* MTU. We need to subtract off the EAP diff --git a/src/modules/rlm_eap/types/rlm_eap_tls/rlm_eap_tls.c b/src/modules/rlm_eap/types/rlm_eap_tls/rlm_eap_tls.c index baae5d0380..8bc653e322 100644 --- a/src/modules/rlm_eap/types/rlm_eap_tls/rlm_eap_tls.c +++ b/src/modules/rlm_eap/types/rlm_eap_tls/rlm_eap_tls.c @@ -195,7 +195,7 @@ static unlang_action_t mod_session_init(rlm_rcode_t *p_result, module_ctx_t cons * EAP-TLS-Require-Client-Cert attribute will override * the require_client_cert configuration option. */ - vp = fr_pair_find_by_da(&request->control_pairs, attr_eap_tls_require_client_cert, 0); + vp = fr_pair_find_by_da_idx(&request->control_pairs, attr_eap_tls_require_client_cert, 0); if (vp) { client_cert = vp->vp_uint32 ? true : false; } else { diff --git a/src/modules/rlm_eap/types/rlm_eap_ttls/rlm_eap_ttls.c b/src/modules/rlm_eap/types/rlm_eap_ttls/rlm_eap_ttls.c index 2ed0908e73..5e9b1be7ef 100644 --- a/src/modules/rlm_eap/types/rlm_eap_ttls/rlm_eap_ttls.c +++ b/src/modules/rlm_eap/types/rlm_eap_ttls/rlm_eap_ttls.c @@ -302,7 +302,7 @@ static unlang_action_t mod_session_init(rlm_rcode_t *p_result, module_ctx_t cons * EAP-TLS-Require-Client-Cert attribute will override * the require_client_cert configuration option. */ - vp = fr_pair_find_by_da(&request->control_pairs, attr_eap_tls_require_client_cert, 0); + vp = fr_pair_find_by_da_idx(&request->control_pairs, attr_eap_tls_require_client_cert, 0); if (vp) { client_cert = vp->vp_uint32 ? true : false; } else { diff --git a/src/modules/rlm_eap/types/rlm_eap_ttls/ttls.c b/src/modules/rlm_eap/types/rlm_eap_ttls/ttls.c index 478f979555..31260b514e 100644 --- a/src/modules/rlm_eap/types/rlm_eap_ttls/ttls.c +++ b/src/modules/rlm_eap/types/rlm_eap_ttls/ttls.c @@ -674,14 +674,14 @@ fr_radius_packet_code_t eap_ttls_process(request_t *request, eap_session_t *eap_ /* * No User-Name, try to create one from stored data. */ - username = fr_pair_find_by_da(&request->request_pairs, attr_user_name, 0); + username = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_name, 0); if (!username) { /* * No User-Name in the stored data, look for * an EAP-Identity, and pull it out of there. */ if (!t->username) { - vp = fr_pair_find_by_da(&request->request_pairs, attr_eap_message, 0); + vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_eap_message, 0); if (vp && (vp->vp_length >= EAP_HEADER_LEN + 2) && (vp->vp_strvalue[0] == FR_EAP_CODE_RESPONSE) && diff --git a/src/modules/rlm_imap/rlm_imap.c b/src/modules/rlm_imap/rlm_imap.c index a1ba17a1f3..6443e8d8c5 100644 --- a/src/modules/rlm_imap/rlm_imap.c +++ b/src/modules/rlm_imap/rlm_imap.c @@ -127,8 +127,8 @@ static unlang_action_t CC_HINT(nonnull(1,2)) mod_authenticate(rlm_rcode_t *p_res RETURN_MODULE_FAIL; } - username = fr_pair_find_by_da(&request->request_pairs, attr_user_name, 0); - password = fr_pair_find_by_da(&request->request_pairs, attr_user_password, 0); + username = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_name, 0); + password = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_password, 0); if (!username) { REDEBUG("Attribute \"User-Name\" is required for authentication"); diff --git a/src/modules/rlm_isc_dhcp/rlm_isc_dhcp.c b/src/modules/rlm_isc_dhcp/rlm_isc_dhcp.c index 57b4b39816..fec97f255a 100644 --- a/src/modules/rlm_isc_dhcp/rlm_isc_dhcp.c +++ b/src/modules/rlm_isc_dhcp/rlm_isc_dhcp.c @@ -1427,7 +1427,7 @@ static int parse_host(rlm_isc_dhcp_tokenizer_t *state, rlm_isc_dhcp_info_t *info /* * The 'host' entry might not have a client identifier option. */ - vp = fr_pair_find_by_da(&info->options, attr_client_identifier, 0); + vp = fr_pair_find_by_da_idx(&info->options, attr_client_identifier, 0); if (vp) { my_uid = talloc_zero(info, isc_host_uid_t); my_uid->client = &vp->data; @@ -1618,7 +1618,7 @@ static rlm_isc_dhcp_info_t *get_host(request_t *request, fr_hash_table_t *hosts_ * If that doesn't match, use client hardware * address. */ - vp = fr_pair_find_by_da(&request->request_pairs, attr_client_identifier, 0); + vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_client_identifier, 0); if (vp) { isc_host_uid_t *client, my_client; @@ -1632,7 +1632,7 @@ static rlm_isc_dhcp_info_t *get_host(request_t *request, fr_hash_table_t *hosts_ } - vp = fr_pair_find_by_da(&request->request_pairs, attr_client_hardware_address, 0); + vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_client_hardware_address, 0); if (!vp) return NULL; memcpy(&my_ether.ether, vp->vp_ether, sizeof(my_ether.ether)); @@ -1753,7 +1753,7 @@ static int apply_fixed_ip(rlm_isc_dhcp_t const *inst, request_t *request) /* * If there's already a fixed IP, don't do anything */ - yiaddr = fr_pair_find_by_da(&request->reply_pairs, attr_your_ip_address, 0); + yiaddr = fr_pair_find_by_da_idx(&request->reply_pairs, attr_your_ip_address, 0); if (yiaddr) return 0; host = get_host(request, inst->hosts_by_ether, inst->hosts_by_uid); @@ -1800,7 +1800,7 @@ static int apply(rlm_isc_dhcp_t const *inst, request_t *request, rlm_isc_dhcp_in fr_pair_t *yiaddr; ret = 0; - yiaddr = fr_pair_find_by_da(&request->reply_pairs, attr_your_ip_address, 0); + yiaddr = fr_pair_find_by_da_idx(&request->reply_pairs, attr_your_ip_address, 0); /* * First, apply any "host" options @@ -1877,7 +1877,7 @@ recurse: vp = fr_pair_list_next(&head->options, vp)) { fr_pair_t *reply; - reply = fr_pair_find_by_da(&request->reply_pairs, vp->da, 0); + reply = fr_pair_find_by_da_idx(&request->reply_pairs, vp->da, 0); if (reply) continue; /* diff --git a/src/modules/rlm_krb5/rlm_krb5.c b/src/modules/rlm_krb5/rlm_krb5.c index 5c824ea17f..3d225b3029 100644 --- a/src/modules/rlm_krb5/rlm_krb5.c +++ b/src/modules/rlm_krb5/rlm_krb5.c @@ -249,7 +249,7 @@ static rlm_rcode_t krb5_parse_user(krb5_principal *client, KRB5_UNUSED rlm_krb5_ char *princ_name; fr_pair_t *username; - username = fr_pair_find_by_da(&request->request_pairs, attr_user_name, 0); + username = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_name, 0); /* * We can only authenticate user requests which HAVE @@ -328,7 +328,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result, krb5_principal client = NULL; fr_pair_t *password; - password = fr_pair_find_by_da(&request->request_pairs, attr_user_password, 0); + password = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_password, 0); if (!password) { REDEBUG("Attribute \"User-Password\" is required for authentication"); @@ -422,7 +422,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result, krb5_creds init_creds; fr_pair_t *password; - password = fr_pair_find_by_da(&request->request_pairs, attr_user_password, 0); + password = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_password, 0); if (!password) { REDEBUG("Attribute \"User-Password\" is required for authentication"); diff --git a/src/modules/rlm_ldap/rlm_ldap.c b/src/modules/rlm_ldap/rlm_ldap.c index 8e838f4dfb..52b814f819 100644 --- a/src/modules/rlm_ldap/rlm_ldap.c +++ b/src/modules/rlm_ldap/rlm_ldap.c @@ -1055,8 +1055,8 @@ static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result, fr_ldap_sasl_t sasl; fr_pair_t *username, *password; - username = fr_pair_find_by_da(&request->request_pairs, attr_user_name, 0); - password = fr_pair_find_by_da(&request->request_pairs, attr_user_password, 0); + username = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_name, 0); + password = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_password, 0); /* * We can only authenticate user requests which HAVE @@ -1314,7 +1314,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authorize(rlm_rcode_t *p_result, mod /* * We already have a Password.Cleartext. Skip edir. */ - if (fr_pair_find_by_da(&request->control_pairs, attr_cleartext_password, 0)) goto skip_edir; + if (fr_pair_find_by_da_idx(&request->control_pairs, attr_cleartext_password, 0)) goto skip_edir; /* * Retrieve Universal Password if we use eDirectory diff --git a/src/modules/rlm_ldap/user.c b/src/modules/rlm_ldap/user.c index 0a1c22714c..d8e2a0be72 100644 --- a/src/modules/rlm_ldap/user.c +++ b/src/modules/rlm_ldap/user.c @@ -90,7 +90,7 @@ char const *rlm_ldap_find_user(rlm_ldap_t const *inst, request_t *request, fr_ld * If the caller isn't looking for the result we can just return the current userdn value. */ if (!force) { - vp = fr_pair_find_by_da(&request->control_pairs, attr_ldap_userdn, 0); + vp = fr_pair_find_by_da_idx(&request->control_pairs, attr_ldap_userdn, 0); if (vp) { RDEBUG2("Using user DN from request \"%pV\"", &vp->data); *rcode = RLM_MODULE_OK; @@ -242,11 +242,11 @@ void rlm_ldap_check_reply(rlm_ldap_t const *inst, request_t *request, fr_ldap_th */ if (!inst->expect_password || !RDEBUG_ENABLED2) return; - if (!fr_pair_find_by_da(&request->control_pairs, attr_cleartext_password, 0) && - !fr_pair_find_by_da(&request->control_pairs, attr_nt_password, 0) && - !fr_pair_find_by_da(&request->control_pairs, attr_user_password, 0) && - !fr_pair_find_by_da(&request->control_pairs, attr_password_with_header, 0) && - !fr_pair_find_by_da(&request->control_pairs, attr_crypt_password, 0)) { + if (!fr_pair_find_by_da_idx(&request->control_pairs, attr_cleartext_password, 0) && + !fr_pair_find_by_da_idx(&request->control_pairs, attr_nt_password, 0) && + !fr_pair_find_by_da_idx(&request->control_pairs, attr_user_password, 0) && + !fr_pair_find_by_da_idx(&request->control_pairs, attr_password_with_header, 0) && + !fr_pair_find_by_da_idx(&request->control_pairs, attr_crypt_password, 0)) { switch (ttrunk->directory->type) { case FR_LDAP_DIRECTORY_ACTIVE_DIRECTORY: RWDEBUG2("!!! Found map between LDAP attribute and a FreeRADIUS password attribute"); diff --git a/src/modules/rlm_logintime/rlm_logintime.c b/src/modules/rlm_logintime/rlm_logintime.c index 2095436412..63744b1a20 100644 --- a/src/modules/rlm_logintime/rlm_logintime.c +++ b/src/modules/rlm_logintime/rlm_logintime.c @@ -159,7 +159,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authorize(rlm_rcode_t *p_result, mod fr_pair_t *ends, *vp; fr_time_delta_t left; - ends = fr_pair_find_by_da(&request->control_pairs, attr_login_time, 0); + ends = fr_pair_find_by_da_idx(&request->control_pairs, attr_login_time, 0); if (!ends) RETURN_MODULE_NOOP; /* diff --git a/src/modules/rlm_mschap/auth_wbclient.c b/src/modules/rlm_mschap/auth_wbclient.c index c2d8a1dcc8..e4129ab3b9 100644 --- a/src/modules/rlm_mschap/auth_wbclient.c +++ b/src/modules/rlm_mschap/auth_wbclient.c @@ -182,13 +182,13 @@ int do_auth_wbclient(rlm_mschap_t const *inst, request_t *request, fr_box_strvalue_buffer(normalised_username)); /* Recalculate hash */ - vp_challenge = fr_pair_find_by_da(&request->request_pairs, attr_ms_chap_challenge, 0); + vp_challenge = fr_pair_find_by_da_idx(&request->request_pairs, attr_ms_chap_challenge, 0); if (!vp_challenge) { RERROR("Unable to get MS-CHAP-Challenge"); goto release; } - vp_response = fr_pair_find_by_da(&request->request_pairs, attr_ms_chap2_response, 0); + vp_response = fr_pair_find_by_da_idx(&request->request_pairs, attr_ms_chap2_response, 0); if (!vp_response) { RERROR("Unable to get MS-CHAP2-Response"); goto release; diff --git a/src/modules/rlm_mschap/opendir.c b/src/modules/rlm_mschap/opendir.c index f0564edf4c..3f5149e929 100644 --- a/src/modules/rlm_mschap/opendir.c +++ b/src/modules/rlm_mschap/opendir.c @@ -239,7 +239,7 @@ unlang_action_t od_mschap_auth(rlm_rcode_t *p_result, request_t *request, fr_pai unsigned int t; #endif - response = fr_pair_find_by_da(&request->request_pairs, attr_ms_chap2_response, 0); + response = fr_pair_find_by_da_idx(&request->request_pairs, attr_ms_chap2_response, 0); username_string = talloc_array(request, char, usernamepair->vp_length + 1); if (!username_string) RETURN_MODULE_FAIL; diff --git a/src/modules/rlm_mschap/rlm_mschap.c b/src/modules/rlm_mschap/rlm_mschap.c index c189ff8ac4..7c053a48b4 100644 --- a/src/modules/rlm_mschap/rlm_mschap.c +++ b/src/modules/rlm_mschap/rlm_mschap.c @@ -198,10 +198,10 @@ static fr_pair_t *mschap_identity_find(request_t *request) { fr_pair_t *vp; - vp = fr_pair_find_by_da(&request->request_pairs, attr_user_name, 0); + vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_name, 0); if (vp) return vp; - vp = fr_pair_find_by_da(&request->request_pairs, attr_eap_identity, 0); + vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_eap_identity, 0); if (vp) return vp; REDEBUG("No user identity found in current request"); @@ -331,7 +331,7 @@ static xlat_action_t mschap_xlat(TALLOC_CTX *ctx, fr_dcursor_t *out, request_t * * hash of MS-CHAPv2 challenge, and peer challenge. */ if (strncasecmp(arg->vb_strvalue, "Challenge", 9) == 0) { - chap_challenge = fr_pair_find_by_da(&request->request_pairs, attr_ms_chap_challenge, 0); + chap_challenge = fr_pair_find_by_da_idx(&request->request_pairs, attr_ms_chap_challenge, 0); if (!chap_challenge) { REDEBUG("No MS-CHAP-Challenge in the request"); return XLAT_ACTION_FAIL; @@ -357,7 +357,7 @@ static xlat_action_t mschap_xlat(TALLOC_CTX *ctx, fr_dcursor_t *out, request_t * char const *username_str; size_t username_len; - response = fr_pair_find_by_da(&request->request_pairs, attr_ms_chap2_response, 0); + response = fr_pair_find_by_da_idx(&request->request_pairs, attr_ms_chap2_response, 0); if (!response) { REDEBUG("Vendor-Specific.Microsoft.CHAP2-Response is required to calculate MS-CHAPv1 challenge"); return XLAT_ACTION_FAIL; @@ -389,7 +389,7 @@ static xlat_action_t mschap_xlat(TALLOC_CTX *ctx, fr_dcursor_t *out, request_t * * We prefer this to the User-Name in the * packet. */ - response_name = fr_pair_find_by_da(&request->request_pairs, attr_ms_chap_user_name, 0); + response_name = fr_pair_find_by_da_idx(&request->request_pairs, attr_ms_chap_user_name, 0); name_vp = response_name ? response_name : user_name; /* @@ -435,8 +435,8 @@ static xlat_action_t mschap_xlat(TALLOC_CTX *ctx, fr_dcursor_t *out, request_t * * response. */ } else if (strncasecmp(arg->vb_strvalue, "NT-Response", 11) == 0) { - response = fr_pair_find_by_da(&request->request_pairs, attr_ms_chap_response, 0); - if (!response) response = fr_pair_find_by_da(&request->request_pairs, attr_ms_chap2_response, 0); + response = fr_pair_find_by_da_idx(&request->request_pairs, attr_ms_chap_response, 0); + if (!response) response = fr_pair_find_by_da_idx(&request->request_pairs, attr_ms_chap2_response, 0); if (!response) { REDEBUG("No MS-CHAP-Response or MS-CHAP2-Response was found in the request"); return XLAT_ACTION_FAIL; @@ -470,7 +470,7 @@ static xlat_action_t mschap_xlat(TALLOC_CTX *ctx, fr_dcursor_t *out, request_t * * in MS-CHAPv1, and not often there. */ } else if (strncasecmp(arg->vb_strvalue, "LM-Response", 11) == 0) { - response = fr_pair_find_by_da(&request->request_pairs, attr_ms_chap_response, 0); + response = fr_pair_find_by_da_idx(&request->request_pairs, attr_ms_chap_response, 0); if (!response) { REDEBUG("No MS-CHAP-Response was found in the request"); return XLAT_ACTION_FAIL; @@ -1446,12 +1446,12 @@ static unlang_action_t CC_HINT(nonnull) mod_authorize(rlm_rcode_t *p_result, mod rlm_mschap_t const *inst = talloc_get_type_abort_const(mctx->instance, rlm_mschap_t); fr_pair_t *challenge = NULL; - challenge = fr_pair_find_by_da(&request->request_pairs, attr_ms_chap_challenge, 0); + challenge = fr_pair_find_by_da_idx(&request->request_pairs, attr_ms_chap_challenge, 0); if (!challenge) RETURN_MODULE_NOOP; - if (!fr_pair_find_by_da(&request->request_pairs, attr_ms_chap_response, 0) && - !fr_pair_find_by_da(&request->request_pairs, attr_ms_chap2_response, 0) && - !fr_pair_find_by_da(&request->request_pairs, attr_ms_chap2_cpw, 0)) { + if (!fr_pair_find_by_da_idx(&request->request_pairs, attr_ms_chap_response, 0) && + !fr_pair_find_by_da_idx(&request->request_pairs, attr_ms_chap2_response, 0) && + !fr_pair_find_by_da_idx(&request->request_pairs, attr_ms_chap2_cpw, 0)) { RDEBUG2("Found MS-CHAP-Challenge, but no MS-CHAP response or Change-Password"); RETURN_MODULE_NOOP; } @@ -1887,7 +1887,7 @@ static unlang_action_t CC_HINT(nonnull(1,2,3,4,5,8,9)) mschap_process_v2_respons * We prefer this to the User-Name in the * packet. */ - response_name = fr_pair_find_by_da(&request->request_pairs, attr_ms_chap_user_name, 0); + response_name = fr_pair_find_by_da_idx(&request->request_pairs, attr_ms_chap_user_name, 0); name_vp = response_name ? response_name : user_name; /* @@ -1927,7 +1927,7 @@ static unlang_action_t CC_HINT(nonnull(1,2,3,4,5,8,9)) mschap_process_v2_respons #endif peer_challenge = response->vp_octets + 2; - peer_challenge_attr = fr_pair_find_by_da(&request->control_pairs, attr_ms_chap_peer_challenge, 0); + peer_challenge_attr = fr_pair_find_by_da_idx(&request->control_pairs, attr_ms_chap_peer_challenge, 0); if (peer_challenge_attr) { RDEBUG2("Overriding peer challenge"); peer_challenge = peer_challenge_attr->vp_octets; @@ -1959,7 +1959,7 @@ static unlang_action_t CC_HINT(nonnull(1,2,3,4,5,8,9)) mschap_process_v2_respons #ifdef WITH_AUTH_WINBIND if (inst->wb_retry_with_normalised_username) { - response_name = fr_pair_find_by_da(&request->request_pairs, attr_ms_chap_user_name, 0); + response_name = fr_pair_find_by_da_idx(&request->request_pairs, attr_ms_chap_user_name, 0); if (response_name) { if (strcmp(username_str, response_name->vp_strvalue)) { RDEBUG2("Normalising username %pV -> %pV", @@ -2024,7 +2024,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result, * want to suppress it. */ if (method != AUTH_INTERNAL) { - fr_pair_t *vp = fr_pair_find_by_da(&request->control_pairs, attr_ms_chap_use_ntlm_auth, 0); + fr_pair_t *vp = fr_pair_find_by_da_idx(&request->control_pairs, attr_ms_chap_use_ntlm_auth, 0); if (vp && vp->vp_bool == false) method = AUTH_INTERNAL; } @@ -2032,11 +2032,11 @@ static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result, * Find the SMB-Account-Ctrl attribute, or the * SMB-Account-Ctrl-Text attribute. */ - smb_ctrl = fr_pair_find_by_da(&request->control_pairs, attr_smb_account_ctrl, 0); + smb_ctrl = fr_pair_find_by_da_idx(&request->control_pairs, attr_smb_account_ctrl, 0); if (!smb_ctrl) { fr_pair_t *smb_account_ctrl_text; - smb_account_ctrl_text = fr_pair_find_by_da(&request->control_pairs, attr_smb_account_ctrl_text, 0); + smb_account_ctrl_text = fr_pair_find_by_da_idx(&request->control_pairs, attr_smb_account_ctrl_text, 0); if (smb_account_ctrl_text) { MEM(pair_append_control(&smb_ctrl, attr_smb_account_ctrl) >= 0); smb_ctrl->vp_uint32 = pdb_decode_acct_ctrl(smb_account_ctrl_text->vp_strvalue); @@ -2070,7 +2070,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result, * Check to see if this is a change password request, and process * it accordingly if so. */ - cpw = fr_pair_find_by_da(&request->request_pairs, attr_ms_chap2_cpw, 0); + cpw = fr_pair_find_by_da_idx(&request->request_pairs, attr_ms_chap2_cpw, 0); if (cpw) { uint8_t *p; @@ -2102,7 +2102,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result, memcpy(p + 2, cpw->vp_octets + 18, 48); } - challenge = fr_pair_find_by_da(&request->request_pairs, attr_ms_chap_challenge, 0); + challenge = fr_pair_find_by_da_idx(&request->request_pairs, attr_ms_chap_challenge, 0); if (!challenge) { REDEBUG("&control.Auth-Type = %s set for a request that does not contain &%s", inst->name, attr_ms_chap_challenge->name); @@ -2113,7 +2113,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result, /* * We also require an MS-CHAP-Response. */ - if ((response = fr_pair_find_by_da(&request->request_pairs, attr_ms_chap_response, 0))) { + if ((response = fr_pair_find_by_da_idx(&request->request_pairs, attr_ms_chap_response, 0))) { mschap_process_response(&rcode, &mschap_version, nthashhash, inst, request, @@ -2121,7 +2121,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result, challenge, response, method); if (rcode != RLM_MODULE_OK) goto finish; - } else if ((response = fr_pair_find_by_da(&request->request_pairs, attr_ms_chap2_response, 0))) { + } else if ((response = fr_pair_find_by_da_idx(&request->request_pairs, attr_ms_chap2_response, 0))) { mschap_process_v2_response(&rcode, &mschap_version, nthashhash, inst, request, diff --git a/src/modules/rlm_ocsp/ocsp.c b/src/modules/rlm_ocsp/ocsp.c index 633b1dce97..afde518863 100644 --- a/src/modules/rlm_ocsp/ocsp.c +++ b/src/modules/rlm_ocsp/ocsp.c @@ -390,7 +390,7 @@ int fr_tls_ocsp_check(request_t *request, SSL *ssl, /* * Allow us to cache the OCSP verified state externally */ - vp = fr_pair_find_by_da(&request->control_pairs, attr_tls_ocsp_cert_valid, 0); + vp = fr_pair_find_by_da_idx(&request->control_pairs, attr_tls_ocsp_cert_valid, 0); if (vp) switch (vp->vp_uint32) { case 0: /* no */ RDEBUG2("Found &control.TLS-OCSP-Cert-Valid = no, forcing OCSP failure"); @@ -404,7 +404,7 @@ int fr_tls_ocsp_check(request_t *request, SSL *ssl, * we need to run the full OCSP check. */ if (staple_response) { - vp = fr_pair_find_by_da(&request->control_pairs, attr_tls_ocsp_response, 0); + vp = fr_pair_find_by_da_idx(&request->control_pairs, attr_tls_ocsp_response, 0); if (!vp) { RDEBUG2("No &control.TLS-OCSP-Response attribute found, performing full OCSP check"); break; diff --git a/src/modules/rlm_opendirectory/rlm_opendirectory.c b/src/modules/rlm_opendirectory/rlm_opendirectory.c index 3c8e98fc56..54fe6b7c10 100644 --- a/src/modules/rlm_opendirectory/rlm_opendirectory.c +++ b/src/modules/rlm_opendirectory/rlm_opendirectory.c @@ -313,8 +313,8 @@ static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result, long odResult = eDSAuthFailed; fr_pair_t *username, *password; - username = fr_pair_find_by_da(&request->request_pairs, attr_user_name, 0); - password = fr_pair_find_by_da(&request->request_pairs, attr_user_password, 0); + username = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_name, 0); + password = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_password, 0); /* * We can only authenticate user requests which HAVE @@ -401,7 +401,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authorize(rlm_rcode_t *p_result, mod * We can only authenticate user requests which HAVE * a User-Name attribute. */ - username = fr_pair_find_by_da(&request->request_pairs, attr_user_name, 0); + username = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_name, 0); if (!username) { RDEBUG2("OpenDirectory requires a User-Name attribute"); RETURN_MODULE_NOOP; diff --git a/src/modules/rlm_pam/rlm_pam.c b/src/modules/rlm_pam/rlm_pam.c index cfa06de8e9..3b937bf7a8 100644 --- a/src/modules/rlm_pam/rlm_pam.c +++ b/src/modules/rlm_pam/rlm_pam.c @@ -220,8 +220,8 @@ static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result, char const *pam_auth_string = data->pam_auth_name; fr_pair_t *username, *password; - username = fr_pair_find_by_da(&request->request_pairs, attr_user_name, 0); - password = fr_pair_find_by_da(&request->request_pairs, attr_user_password, 0); + username = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_name, 0); + password = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_password, 0); /* * We can only authenticate user requests which HAVE @@ -258,7 +258,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result, * Let control list over-ride the PAM auth name string, * for backwards compatibility. */ - pair = fr_pair_find_by_da(&request->control_pairs, attr_pam_auth, 0); + pair = fr_pair_find_by_da_idx(&request->control_pairs, attr_pam_auth, 0); if (pair) pam_auth_string = pair->vp_strvalue; ret = do_pam(request, username->vp_strvalue, password->vp_strvalue, pam_auth_string); diff --git a/src/modules/rlm_pap/rlm_pap.c b/src/modules/rlm_pap/rlm_pap.c index 7cea7d727a..5b0fd8a42a 100644 --- a/src/modules/rlm_pap/rlm_pap.c +++ b/src/modules/rlm_pap/rlm_pap.c @@ -140,12 +140,12 @@ static unlang_action_t CC_HINT(nonnull) mod_authorize(rlm_rcode_t *p_result, mod rlm_pap_t const *inst = talloc_get_type_abort_const(mctx->instance, rlm_pap_t); fr_pair_t *password; - if (fr_pair_find_by_da(&request->control_pairs, attr_auth_type, 0) != NULL) { + if (fr_pair_find_by_da_idx(&request->control_pairs, attr_auth_type, 0) != NULL) { RDEBUG3("Auth-Type is already set. Not setting 'Auth-Type := %s'", inst->name); RETURN_MODULE_NOOP; } - password = fr_pair_find_by_da(&request->request_pairs, attr_user, 0); + password = fr_pair_find_by_da_idx(&request->request_pairs, attr_user, 0); if (!password) { RDEBUG2("No %s attribute in the request. Cannot do PAP", attr_user->name); RETURN_MODULE_NOOP; @@ -927,7 +927,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result, pap_auth_func_t auth_func; bool ephemeral; - password = fr_pair_find_by_da(&request->request_pairs, attr_user, 0); + password = fr_pair_find_by_da_idx(&request->request_pairs, attr_user, 0); if (!password) { REDEBUG("You set 'Auth-Type = PAP' for a request that does not contain a User-Password attribute!"); RETURN_MODULE_INVALID; diff --git a/src/modules/rlm_passwd/rlm_passwd.c b/src/modules/rlm_passwd/rlm_passwd.c index 555d4ceaf7..6d415ac288 100644 --- a/src/modules/rlm_passwd/rlm_passwd.c +++ b/src/modules/rlm_passwd/rlm_passwd.c @@ -543,7 +543,7 @@ static unlang_action_t CC_HINT(nonnull) mod_passwd_map(rlm_rcode_t *p_result, mo fr_dcursor_t cursor; int found = 0; - key = fr_pair_find_by_da(&request->request_pairs, inst->keyattr, 0); + key = fr_pair_find_by_da_idx(&request->request_pairs, inst->keyattr, 0); if (!key) RETURN_MODULE_NOTFOUND; for (i = fr_pair_dcursor_by_da_init(&cursor, &request->request_pairs, inst->keyattr); diff --git a/src/modules/rlm_perl/rlm_perl.c b/src/modules/rlm_perl/rlm_perl.c index 63a9fbc0d3..8a3a05ddfe 100644 --- a/src/modules/rlm_perl/rlm_perl.c +++ b/src/modules/rlm_perl/rlm_perl.c @@ -978,7 +978,7 @@ static unlang_action_t CC_HINT(nonnull) mod_accounting(rlm_rcode_t *p_result, mo int acct_status_type = 0; char const *func; - pair = fr_pair_find_by_da(&request->request_pairs, attr_acct_status_type, 0); + pair = fr_pair_find_by_da_idx(&request->request_pairs, attr_acct_status_type, 0); if (pair != NULL) { acct_status_type = pair->vp_uint32; } else { diff --git a/src/modules/rlm_radius/rlm_radius.c b/src/modules/rlm_radius/rlm_radius.c index 493ea6d068..5c19532be1 100644 --- a/src/modules/rlm_radius/rlm_radius.c +++ b/src/modules/rlm_radius/rlm_radius.c @@ -428,8 +428,8 @@ static void radius_fixups(rlm_radius_t const *inst, request_t *request) if (request->packet->code != FR_RADIUS_CODE_ACCESS_REQUEST) return; - if (fr_pair_find_by_da(&request->request_pairs, attr_chap_password, 0) && - !fr_pair_find_by_da(&request->request_pairs, attr_chap_challenge, 0)) { + if (fr_pair_find_by_da_idx(&request->request_pairs, attr_chap_password, 0) && + !fr_pair_find_by_da_idx(&request->request_pairs, attr_chap_challenge, 0)) { MEM(pair_append_request(&vp, attr_chap_challenge) >= 0); fr_pair_value_memdup(vp, request->packet->vector, sizeof(request->packet->vector), true); } diff --git a/src/modules/rlm_radius/rlm_radius_udp.c b/src/modules/rlm_radius/rlm_radius_udp.c index b5d51e372d..458d9a113b 100644 --- a/src/modules/rlm_radius/rlm_radius_udp.c +++ b/src/modules/rlm_radius/rlm_radius_udp.c @@ -400,7 +400,7 @@ static void CC_HINT(nonnull) status_check_alloc(udp_handle_t *h) * Ensure that there's a NAS-Identifier, if one wasn't * already added. */ - if (!fr_pair_find_by_da(&request->request_pairs, attr_nas_identifier, 0)) { + if (!fr_pair_find_by_da_idx(&request->request_pairs, attr_nas_identifier, 0)) { fr_pair_t *vp; MEM(pair_append_request(&vp, attr_nas_identifier) >= 0); @@ -412,7 +412,7 @@ static void CC_HINT(nonnull) status_check_alloc(udp_handle_t *h) * at which the first packet is sent. Or for * Status-Server, the time of the current packet. */ - if (!fr_pair_find_by_da(&request->request_pairs, attr_event_timestamp, 0)) { + if (!fr_pair_find_by_da_idx(&request->request_pairs, attr_event_timestamp, 0)) { MEM(pair_append_request(NULL, attr_event_timestamp) >= 0); } @@ -1327,7 +1327,7 @@ static int encode(rlm_radius_udp_t const *inst, request_t *request, udp_request_ fr_pair_t *vp; proxy_state = 0; - vp = fr_pair_find_by_da(&request->request_pairs, attr_event_timestamp, 0); + vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_event_timestamp, 0); if (vp) vp->vp_date = fr_time_to_unix_time(u->retry.updated); if (u->code == FR_RADIUS_CODE_STATUS_SERVER) u->can_retransmit = false; @@ -1460,7 +1460,7 @@ static int encode(rlm_radius_udp_t const *inst, request_t *request, udp_request_ * received the request. */ if ((u->code == FR_RADIUS_CODE_ACCOUNTING_REQUEST) && - (fr_pair_find_by_da(&request->request_pairs, attr_acct_delay_time, 0) != NULL)) { + (fr_pair_find_by_da_idx(&request->request_pairs, attr_acct_delay_time, 0) != NULL)) { uint8_t *attr, *end; uint32_t delay; fr_time_t now; @@ -2483,7 +2483,7 @@ static void request_demux(fr_trunk_connection_t *tconn, fr_connection_t *conn, U if ((u->code == FR_RADIUS_CODE_ACCESS_REQUEST) && (code == FR_RADIUS_CODE_ACCESS_CHALLENGE)) { fr_pair_t *vp; - vp = fr_pair_find_by_da(&request->reply_pairs, attr_packet_type, 0); + vp = fr_pair_find_by_da_idx(&request->reply_pairs, attr_packet_type, 0); if (!vp) { MEM(vp = fr_pair_afrom_da(request->reply_ctx, attr_packet_type)); vp->vp_uint32 = FR_RADIUS_CODE_ACCESS_CHALLENGE; @@ -2503,7 +2503,7 @@ static void request_demux(fr_trunk_connection_t *tconn, fr_connection_t *conn, U * reply.Message-Authenticator attribute, so that * it ends up in our reply. */ - if (fr_pair_find_by_da(&reply, attr_message_authenticator, 0)) { + if (fr_pair_find_by_da_idx(&reply, attr_message_authenticator, 0)) { fr_pair_t *vp; fr_pair_delete_by_da(&reply, attr_message_authenticator); @@ -2791,7 +2791,7 @@ static unlang_action_t mod_enqueue(rlm_rcode_t *p_result, void **rctx_out, void * * @todo - don't edit the input packet! */ - if (fr_pair_find_by_da(&request->request_pairs, attr_message_authenticator, 0)) { + if (fr_pair_find_by_da_idx(&request->request_pairs, attr_message_authenticator, 0)) { u->require_ma = true; pair_delete_request(attr_message_authenticator); } diff --git a/src/modules/rlm_radutmp/rlm_radutmp.c b/src/modules/rlm_radutmp/rlm_radutmp.c index 5dc70d45a4..4d9ded1000 100644 --- a/src/modules/rlm_radutmp/rlm_radutmp.c +++ b/src/modules/rlm_radutmp/rlm_radutmp.c @@ -207,7 +207,7 @@ static unlang_action_t CC_HINT(nonnull) mod_accounting(rlm_rcode_t *p_result, mo /* * Which type is this. */ - if ((vp = fr_pair_find_by_da(&request->request_pairs, attr_acct_status_type, 0)) == NULL) { + if ((vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_acct_status_type, 0)) == NULL) { RDEBUG2("No Accounting-Status-Type record"); RETURN_MODULE_NOOP; } @@ -230,10 +230,10 @@ static unlang_action_t CC_HINT(nonnull) mod_accounting(rlm_rcode_t *p_result, mo int check1 = 0; int check2 = 0; - if ((vp = fr_pair_find_by_da(&request->request_pairs, attr_acct_session_time, 0)) + if ((vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_acct_session_time, 0)) == NULL || vp->vp_uint32 == 0) check1 = 1; - if ((vp = fr_pair_find_by_da(&request->request_pairs, attr_acct_session_id, 0)) + if ((vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_acct_session_id, 0)) != NULL && vp->vp_length == 8 && memcmp(vp->vp_strvalue, "00000000", 8) == 0) check2 = 1; diff --git a/src/modules/rlm_redis_ippool/rlm_redis_ippool.c b/src/modules/rlm_redis_ippool/rlm_redis_ippool.c index 744a2b038d..10d4f5b4d4 100644 --- a/src/modules/rlm_redis_ippool/rlm_redis_ippool.c +++ b/src/modules/rlm_redis_ippool/rlm_redis_ippool.c @@ -1270,13 +1270,13 @@ static unlang_action_t CC_HINT(nonnull) mod_accounting(rlm_rcode_t *p_result, mo /* * IP-Pool.Action override */ - vp = fr_pair_find_by_da(&request->control_pairs, attr_pool_action, 0); + vp = fr_pair_find_by_da_idx(&request->control_pairs, attr_pool_action, 0); if (vp) return mod_action(p_result, inst, request, vp->vp_uint32); /* * Otherwise, guess the action by Acct-Status-Type */ - vp = fr_pair_find_by_da(&request->request_pairs, attr_acct_status_type, 0); + vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_acct_status_type, 0); if (!vp) { RDEBUG2("Couldn't find &request.Acct-Status-Type or &control.IP-Pool.Action, doing nothing..."); RETURN_MODULE_NOOP; @@ -1307,7 +1307,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authorize(rlm_rcode_t *p_result, mod * Unless it's overridden the default action is to allocate * when called in Post-Auth. */ - vp = fr_pair_find_by_da(&request->control_pairs, attr_pool_action, 0); + vp = fr_pair_find_by_da_idx(&request->control_pairs, attr_pool_action, 0); return mod_action(p_result, inst, request, vp ? vp->vp_uint32 : POOL_ACTION_ALLOCATE); } @@ -1321,7 +1321,7 @@ static unlang_action_t CC_HINT(nonnull) mod_post_auth(rlm_rcode_t *p_result, mod * Unless it's overridden the default action is to allocate * when called in Post-Auth. */ - vp = fr_pair_find_by_da(&request->control_pairs, attr_pool_action, 0); + vp = fr_pair_find_by_da_idx(&request->control_pairs, attr_pool_action, 0); if (vp) { if ((vp->vp_uint32 > 0) && (vp->vp_uint32 <= POOL_ACTION_BULK_RELEASE)) { action = vp->vp_uint32; @@ -1332,7 +1332,7 @@ static unlang_action_t CC_HINT(nonnull) mod_post_auth(rlm_rcode_t *p_result, mod } } else if (request->dict == dict_dhcpv4) { - vp = fr_pair_find_by_da(&request->control_pairs, attr_message_type, 0); + vp = fr_pair_find_by_da_idx(&request->control_pairs, attr_message_type, 0); if (!vp) goto run; if (vp->vp_uint8 == FR_DHCP_REQUEST) action = POOL_ACTION_UPDATE; @@ -1352,7 +1352,7 @@ static unlang_action_t CC_HINT(nonnull) mod_request(rlm_rcode_t *p_result, modul * when called by DHCP request */ - vp = fr_pair_find_by_da(&request->control_pairs, attr_pool_action, 0); + vp = fr_pair_find_by_da_idx(&request->control_pairs, attr_pool_action, 0); return mod_action(p_result, inst, request, vp ? vp->vp_uint32 : POOL_ACTION_UPDATE); } @@ -1366,7 +1366,7 @@ static unlang_action_t CC_HINT(nonnull) mod_release(rlm_rcode_t *p_result, modul * when called by DHCP release */ - vp = fr_pair_find_by_da(&request->control_pairs, attr_pool_action, 0); + vp = fr_pair_find_by_da_idx(&request->control_pairs, attr_pool_action, 0); return mod_action(p_result, inst, request, vp ? vp->vp_uint32 : POOL_ACTION_RELEASE); } diff --git a/src/modules/rlm_rediswho/rlm_rediswho.c b/src/modules/rlm_rediswho/rlm_rediswho.c index a1ea02036c..a21cee9bcd 100644 --- a/src/modules/rlm_rediswho/rlm_rediswho.c +++ b/src/modules/rlm_rediswho/rlm_rediswho.c @@ -205,7 +205,7 @@ static unlang_action_t CC_HINT(nonnull) mod_accounting(rlm_rcode_t *p_result, mo CONF_SECTION *cs; char const *insert, *trim, *expire; - vp = fr_pair_find_by_da(&request->request_pairs, attr_acct_status_type, 0); + vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_acct_status_type, 0); if (!vp) { RDEBUG2("Could not find account status type in packet"); RETURN_MODULE_NOOP; diff --git a/src/modules/rlm_rest/rlm_rest.c b/src/modules/rlm_rest/rlm_rest.c index bbe844dc87..7239ca95af 100644 --- a/src/modules/rlm_rest/rlm_rest.c +++ b/src/modules/rlm_rest/rlm_rest.c @@ -733,8 +733,8 @@ static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result, if (!section->name) RETURN_MODULE_NOOP; - username = fr_pair_find_by_da(&request->request_pairs, attr_user_name, 0); - password = fr_pair_find_by_da(&request->request_pairs, attr_user_password, 0); + username = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_name, 0); + password = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_password, 0); /* * We can only authenticate user requests which HAVE diff --git a/src/modules/rlm_securid/mem.c b/src/modules/rlm_securid/mem.c index 3e647ebfea..c325887a29 100644 --- a/src/modules/rlm_securid/mem.c +++ b/src/modules/rlm_securid/mem.c @@ -183,7 +183,7 @@ SECURID_SESSION *securid_sessionlist_find(rlm_securid_t *inst, request_t *reques /* * We key the sessions off of the 'state' attribute */ - state = fr_pair_find_by_da(&request->request_pairs, attr_state, 0); + state = fr_pair_find_by_da_idx(&request->request_pairs, attr_state, 0); if (!state) { return NULL; } diff --git a/src/modules/rlm_securid/rlm_securid.c b/src/modules/rlm_securid/rlm_securid.c index de50fa5081..3b9de07d14 100644 --- a/src/modules/rlm_securid/rlm_securid.c +++ b/src/modules/rlm_securid/rlm_securid.c @@ -473,8 +473,8 @@ static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result, fr_pair_t *username, *password; fr_pair_t *vp; - username = fr_pair_find_by_da(&request->request_pairs, attr_user_name, 0); - password = fr_pair_find_by_da(&request->request_pairs, attr_user_password, 0); + username = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_name, 0); + password = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_password, 0); /* * We can only authenticate user requests which HAVE diff --git a/src/modules/rlm_smtp/rlm_smtp.c b/src/modules/rlm_smtp/rlm_smtp.c index f3130c32b5..17b57f8c91 100644 --- a/src/modules/rlm_smtp/rlm_smtp.c +++ b/src/modules/rlm_smtp/rlm_smtp.c @@ -742,15 +742,15 @@ static unlang_action_t CC_HINT(nonnull) mod_authorize(rlm_rcode_t *p_result, mod fr_pair_t const *smtp_body, *username, *password; - if (fr_pair_find_by_da(&request->control_pairs, attr_auth_type, 0) != NULL) { + if (fr_pair_find_by_da_idx(&request->control_pairs, attr_auth_type, 0) != NULL) { RDEBUG3("Auth-Type is already set. Not setting 'Auth-Type := %s'", inst->name); RETURN_MODULE_NOOP; } /* Elements provided by the request */ - username = fr_pair_find_by_da(&request->request_pairs, attr_user_name, 0); - password = fr_pair_find_by_da(&request->request_pairs, attr_user_password, 0); - smtp_body = fr_pair_find_by_da(&request->request_pairs, attr_smtp_body, 0); + username = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_name, 0); + password = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_password, 0); + smtp_body = fr_pair_find_by_da_idx(&request->request_pairs, attr_smtp_body, 0); /* Make sure all of the essential email components are present and possible*/ if(!smtp_body) { @@ -910,8 +910,8 @@ static unlang_action_t CC_HINT(nonnull(1,2)) mod_authenticate(rlm_rcode_t *p_res RETURN_MODULE_FAIL; } - username = fr_pair_find_by_da(&request->request_pairs, attr_user_name, 0); - password = fr_pair_find_by_da(&request->request_pairs, attr_user_password, 0); + username = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_name, 0); + password = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_password, 0); /* Make sure we have a user-name and user-password, and that they are possible */ if (!username) { diff --git a/src/modules/rlm_soh/rlm_soh.c b/src/modules/rlm_soh/rlm_soh.c index 5b6096d314..5c93300ff0 100644 --- a/src/modules/rlm_soh/rlm_soh.c +++ b/src/modules/rlm_soh/rlm_soh.c @@ -94,19 +94,19 @@ static xlat_action_t soh_xlat(TALLOC_CTX *ctx, fr_dcursor_t *out, request_t *req /* * There will be no point unless SoH-Supported = yes */ - vp[0] = fr_pair_find_by_da(&request->request_pairs, attr_soh_supported, 0); + vp[0] = fr_pair_find_by_da_idx(&request->request_pairs, attr_soh_supported, 0); if (!vp[0]) return XLAT_ACTION_FAIL; if (strncasecmp(in_head->vb_strvalue, "OS", 2) == 0) { /* OS vendor */ - vp[0] = fr_pair_find_by_da(&request->request_pairs, attr_soh_ms_machine_os_vendor, 0); - vp[1] = fr_pair_find_by_da(&request->request_pairs, attr_soh_ms_machine_os_version, 0); - vp[2] = fr_pair_find_by_da(&request->request_pairs, attr_soh_ms_machine_os_release, 0); - vp[3] = fr_pair_find_by_da(&request->request_pairs, attr_soh_ms_machine_os_build, 0); - vp[4] = fr_pair_find_by_da(&request->request_pairs, attr_soh_ms_machine_sp_version, 0); - vp[5] = fr_pair_find_by_da(&request->request_pairs, attr_soh_ms_machine_sp_release, 0); + vp[0] = fr_pair_find_by_da_idx(&request->request_pairs, attr_soh_ms_machine_os_vendor, 0); + vp[1] = fr_pair_find_by_da_idx(&request->request_pairs, attr_soh_ms_machine_os_version, 0); + vp[2] = fr_pair_find_by_da_idx(&request->request_pairs, attr_soh_ms_machine_os_release, 0); + vp[3] = fr_pair_find_by_da_idx(&request->request_pairs, attr_soh_ms_machine_os_build, 0); + vp[4] = fr_pair_find_by_da_idx(&request->request_pairs, attr_soh_ms_machine_sp_version, 0); + vp[5] = fr_pair_find_by_da_idx(&request->request_pairs, attr_soh_ms_machine_sp_release, 0); if (vp[0] && vp[0]->vp_uint32 == attr_ms_vendor->attr) { MEM(vb=fr_value_box_alloc_null(ctx)); @@ -192,7 +192,7 @@ static unlang_action_t CC_HINT(nonnull) mod_post_auth(rlm_rcode_t *p_result, mod if (!inst->dhcp) RETURN_MODULE_NOOP; - vp = fr_pair_find_by_da(&request->request_pairs, attr_dhcp_vendor, 0); + vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_dhcp_vendor, 0); if (vp) { /* * vendor-specific options contain @@ -253,7 +253,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authorize(rlm_rcode_t *p_result, UNU int rv; /* try to find the MS-SoH payload */ - vp = fr_pair_find_by_da(&request->request_pairs, attr_ms_quarantine_soh, 0); + vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_ms_quarantine_soh, 0); if (!vp) { RDEBUG2("SoH radius VP not found"); RETURN_MODULE_NOOP; diff --git a/src/modules/rlm_sql/rlm_sql.c b/src/modules/rlm_sql/rlm_sql.c index 3921b429af..726549d80e 100644 --- a/src/modules/rlm_sql/rlm_sql.c +++ b/src/modules/rlm_sql/rlm_sql.c @@ -146,7 +146,7 @@ fr_dict_attr_autoload_t rlm_sql_dict_attr[] = { static sql_fall_through_t fall_through(fr_pair_list_t *vps) { fr_pair_t *tmp; - tmp = fr_pair_find_by_da(vps, attr_fall_through, 0); + tmp = fr_pair_find_by_da_idx(vps, attr_fall_through, 0); return tmp ? tmp->vp_uint32 : FALL_THROUGH_DEFAULT; } @@ -1427,7 +1427,7 @@ skip_reply: * Check for a default_profile or for a User-Profile. */ RDEBUG3("... falling-through to profile processing"); - user_profile = fr_pair_find_by_da(&request->control_pairs, attr_user_profile, 0); + user_profile = fr_pair_find_by_da_idx(&request->control_pairs, attr_user_profile, 0); profile = user_profile ? user_profile->vp_strvalue : diff --git a/src/modules/rlm_sqlippool/rlm_sqlippool.c b/src/modules/rlm_sqlippool/rlm_sqlippool.c index a0e6450cc2..2d99e032a1 100644 --- a/src/modules/rlm_sqlippool/rlm_sqlippool.c +++ b/src/modules/rlm_sqlippool/rlm_sqlippool.c @@ -501,13 +501,13 @@ static unlang_action_t CC_HINT(nonnull) mod_alloc(rlm_rcode_t *p_result, module_ /* * If there is a Framed-IP-Address attribute in the reply do nothing */ - if (fr_pair_find_by_da(&request->reply_pairs, inst->allocated_address_da, 0) != NULL) { + if (fr_pair_find_by_da_idx(&request->reply_pairs, inst->allocated_address_da, 0) != NULL) { RDEBUG2("%s already exists", inst->allocated_address_da->name); return do_logging(p_result, inst, request, inst->log_exists, RLM_MODULE_NOOP); } - if (fr_pair_find_by_da(&request->control_pairs, attr_pool_name, 0) == NULL) { + if (fr_pair_find_by_da_idx(&request->control_pairs, attr_pool_name, 0) == NULL) { RDEBUG2("No %s defined", attr_pool_name->name); return do_logging(p_result, inst, request, inst->log_nopool, RLM_MODULE_NOOP); @@ -809,7 +809,7 @@ static unlang_action_t CC_HINT(nonnull) mod_accounting(rlm_rcode_t *p_result, mo int acct_status_type; - vp = fr_pair_find_by_da(&request->request_pairs, attr_acct_status_type, 0); + vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_acct_status_type, 0); if (!vp) { RDEBUG2("Could not find account status type in packet"); RETURN_MODULE_NOOP; diff --git a/src/modules/rlm_stats/rlm_stats.c b/src/modules/rlm_stats/rlm_stats.c index 1502e28336..a7c406060f 100644 --- a/src/modules/rlm_stats/rlm_stats.c +++ b/src/modules/rlm_stats/rlm_stats.c @@ -258,7 +258,7 @@ static unlang_action_t CC_HINT(nonnull) mod_stats(rlm_rcode_t *p_result, module_ RETURN_MODULE_NOOP; } - vp = fr_pair_find_by_da(&request->request_pairs, attr_freeradius_stats4_type, 0); + vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_freeradius_stats4_type, 0); if (!vp) { stats_type = FR_STATS4_TYPE_VALUE_GLOBAL; } else { @@ -290,8 +290,8 @@ static unlang_action_t CC_HINT(nonnull) mod_stats(rlm_rcode_t *p_result, module_ break; case FR_STATS4_TYPE_VALUE_CLIENT: /* src */ - vp = fr_pair_find_by_da(&request->request_pairs, attr_freeradius_stats4_ipv4_address, 0); - if (!vp) vp = fr_pair_find_by_da(&request->request_pairs, attr_freeradius_stats4_ipv6_address, 0); + vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_freeradius_stats4_ipv4_address, 0); + if (!vp) vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_freeradius_stats4_ipv6_address, 0); if (!vp) RETURN_MODULE_NOOP; mydata.ipaddr = vp->vp_ip; @@ -299,8 +299,8 @@ static unlang_action_t CC_HINT(nonnull) mod_stats(rlm_rcode_t *p_result, module_ break; case FR_STATS4_TYPE_VALUE_LISTENER: /* dst */ - vp = fr_pair_find_by_da(&request->request_pairs, attr_freeradius_stats4_ipv4_address, 0); - if (!vp) vp = fr_pair_find_by_da(&request->request_pairs, attr_freeradius_stats4_ipv6_address, 0); + vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_freeradius_stats4_ipv4_address, 0); + if (!vp) vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_freeradius_stats4_ipv6_address, 0); if (!vp) RETURN_MODULE_NOOP; mydata.ipaddr = vp->vp_ip; diff --git a/src/modules/rlm_totp/rlm_totp.c b/src/modules/rlm_totp/rlm_totp.c index acad3a8768..500353ab17 100644 --- a/src/modules/rlm_totp/rlm_totp.c +++ b/src/modules/rlm_totp/rlm_totp.c @@ -239,7 +239,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result, uint8_t buffer[80]; /* multiple of 5*8 characters */ - password = fr_pair_find_by_da(&request->request_pairs, attr_totp_user_password, 0); + password = fr_pair_find_by_da_idx(&request->request_pairs, attr_totp_user_password, 0); if (!password) RETURN_MODULE_NOOP; if (password->vp_length != 6) { @@ -250,7 +250,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result, /* * Look for the raw key first. */ - vp = fr_pair_find_by_da(&request->control_pairs, attr_totp_key, 0); + vp = fr_pair_find_by_da_idx(&request->control_pairs, attr_totp_key, 0); if (vp) { key = vp->vp_octets; keylen = vp->vp_length; @@ -258,7 +258,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result, } else { ssize_t len; - vp = fr_pair_find_by_da(&request->control_pairs, attr_totp_secret, 0); + vp = fr_pair_find_by_da_idx(&request->control_pairs, attr_totp_secret, 0); if (!vp) RETURN_MODULE_NOOP; len = base32_decode(buffer, sizeof(buffer), vp->vp_strvalue); diff --git a/src/modules/rlm_unix/rlm_unix.c b/src/modules/rlm_unix/rlm_unix.c index 28c691619d..4cd9bb3eac 100644 --- a/src/modules/rlm_unix/rlm_unix.c +++ b/src/modules/rlm_unix/rlm_unix.c @@ -113,7 +113,7 @@ static int groupcmp(UNUSED void *instance, request_t *request, UNUSED fr_pair_li /* * No user name, can't compare. */ - username = fr_pair_find_by_da(&request->request_pairs, attr_user_name, 0); + username = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_name, 0); if (!username) return -1; if (fr_perm_getpwnam(request, &pwd, username->vp_strvalue) < 0) { @@ -203,7 +203,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authorize(rlm_rcode_t *p_result, UNU * We can only authenticate user requests which HAVE * a User-Name attribute. */ - username = fr_pair_find_by_da(&request->request_pairs, attr_user_name, 0); + username = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_name, 0); if (!username) RETURN_MODULE_NOOP; name = username->vp_strvalue; @@ -373,7 +373,7 @@ static unlang_action_t CC_HINT(nonnull) mod_accounting(rlm_rcode_t *p_result, mo /* * Which type is this. */ - if ((vp = fr_pair_find_by_da(&request->request_pairs, attr_acct_status_type, 0)) == NULL) { + if ((vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_acct_status_type, 0)) == NULL) { RDEBUG2("no Accounting-Status-Type attribute in request"); RETURN_MODULE_NOOP; } @@ -390,7 +390,7 @@ static unlang_action_t CC_HINT(nonnull) mod_accounting(rlm_rcode_t *p_result, mo * We're only interested in accounting messages * with a username in it. */ - if (fr_pair_find_by_da(&request->request_pairs, attr_user_name, 0) == NULL) + if (fr_pair_find_by_da_idx(&request->request_pairs, attr_user_name, 0) == NULL) RETURN_MODULE_NOOP; t = fr_time_to_sec(request->packet->timestamp); diff --git a/src/modules/rlm_wimax/rlm_wimax.c b/src/modules/rlm_wimax/rlm_wimax.c index 9dc875b470..c4d27a2fd3 100644 --- a/src/modules/rlm_wimax/rlm_wimax.c +++ b/src/modules/rlm_wimax/rlm_wimax.c @@ -122,7 +122,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authorize(rlm_rcode_t *p_result, UNU /* * Fix Calling-Station-Id. Damn you, WiMAX! */ - vp = fr_pair_find_by_da(&request->request_pairs, attr_calling_station_id, 0); + vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_calling_station_id, 0); if (vp && (vp->vp_length == 6)) { int i; char *p; @@ -173,8 +173,8 @@ static unlang_action_t CC_HINT(nonnull) mod_post_auth(rlm_rcode_t *p_result, mod uint8_t mip_rk_1[EVP_MAX_MD_SIZE], mip_rk_2[EVP_MAX_MD_SIZE]; uint8_t mip_rk[2 * EVP_MAX_MD_SIZE]; - msk = fr_pair_find_by_da(&request->reply_pairs, attr_eap_msk, 0); - emsk = fr_pair_find_by_da(&request->reply_pairs, attr_eap_emsk, 0); + msk = fr_pair_find_by_da_idx(&request->reply_pairs, attr_eap_msk, 0); + emsk = fr_pair_find_by_da_idx(&request->reply_pairs, attr_eap_emsk, 0); if (!msk || !emsk) { REDEBUG2("No EAP-MSK or EAP-EMSK. Cannot create WiMAX keys"); RETURN_MODULE_NOOP; @@ -253,8 +253,8 @@ static unlang_action_t CC_HINT(nonnull) mod_post_auth(rlm_rcode_t *p_result, mod /* * Calculate mobility keys */ - mn_nai = fr_pair_find_by_da(&request->request_pairs, attr_wimax_mn_nai, 0); - if (!mn_nai) mn_nai = fr_pair_find_by_da(&request->reply_pairs, attr_wimax_mn_nai, 0); + mn_nai = fr_pair_find_by_da_idx(&request->request_pairs, attr_wimax_mn_nai, 0); + if (!mn_nai) mn_nai = fr_pair_find_by_da_idx(&request->reply_pairs, attr_wimax_mn_nai, 0); if (!mn_nai) { RWDEBUG("%s was not found in the request or in the reply", attr_wimax_mn_nai->name); RWDEBUG("We cannot calculate MN-HA keys"); @@ -264,7 +264,7 @@ static unlang_action_t CC_HINT(nonnull) mod_post_auth(rlm_rcode_t *p_result, mod * WiMAX-IP-Technology */ vp = NULL; - if (mn_nai) vp = fr_pair_find_by_da(&request->reply_pairs, attr_wimax_ip_technology, 0); + if (mn_nai) vp = fr_pair_find_by_da_idx(&request->reply_pairs, attr_wimax_ip_technology, 0); if (!vp) { RWDEBUG("%s not found in reply", attr_wimax_ip_technology->name); RWDEBUG("Not calculating MN-HA keys"); @@ -275,7 +275,7 @@ static unlang_action_t CC_HINT(nonnull) mod_post_auth(rlm_rcode_t *p_result, mod /* * Look for WiMAX-hHA-IP-MIP4 */ - ip = fr_pair_find_by_da(&request->reply_pairs, attr_wimax_hha_ip_mip4, 0); + ip = fr_pair_find_by_da_idx(&request->reply_pairs, attr_wimax_hha_ip_mip4, 0); if (!ip) { RWDEBUG("%s not found. Cannot calculate MN-HA-PMIP4 key", attr_wimax_hha_ip_mip4->name); break; @@ -310,7 +310,7 @@ static unlang_action_t CC_HINT(nonnull) mod_post_auth(rlm_rcode_t *p_result, mod /* * Look for WiMAX-hHA-IP-MIP4 */ - ip = fr_pair_find_by_da(&request->reply_pairs, attr_wimax_hha_ip_mip4, 0); + ip = fr_pair_find_by_da_idx(&request->reply_pairs, attr_wimax_hha_ip_mip4, 0); if (!ip) { RWDEBUG("%s not found. Cannot calculate MN-HA-CMIP4 key", attr_wimax_hha_ip_mip4->name); break; @@ -345,7 +345,7 @@ static unlang_action_t CC_HINT(nonnull) mod_post_auth(rlm_rcode_t *p_result, mod /* * Look for WiMAX-hHA-IP-MIP6 */ - ip = fr_pair_find_by_da(&request->reply_pairs, attr_wimax_hha_ip_mip6, 0); + ip = fr_pair_find_by_da_idx(&request->reply_pairs, attr_wimax_hha_ip_mip6, 0); if (!ip) { RWDEBUG("%s not found. Cannot calculate MN-HA-CMIP6 key", attr_wimax_hha_ip_mip6->name); break; @@ -385,7 +385,7 @@ static unlang_action_t CC_HINT(nonnull) mod_post_auth(rlm_rcode_t *p_result, mod * * FA-RK= H(MIP-RK, "FA-RK") */ - fa_rk = fr_pair_find_by_da(&request->reply_pairs, attr_wimax_fa_rk_key, 0); + fa_rk = fr_pair_find_by_da_idx(&request->reply_pairs, attr_wimax_fa_rk_key, 0); if (fa_rk && (fa_rk->vp_length <= 1)) { EVP_MD_CTX_reset(hmac_ctx); EVP_DigestSignInit(hmac_ctx, NULL, EVP_sha1(), NULL, hmac_pkey); @@ -411,7 +411,7 @@ static unlang_action_t CC_HINT(nonnull) mod_post_auth(rlm_rcode_t *p_result, mod * * WiMAX-RRQ-MN-HA-SPI */ - vp = fr_pair_find_by_da(&request->request_pairs, attr_wimax_rrq_mn_ha_spi, 0); + vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_wimax_rrq_mn_ha_spi, 0); if (vp) { REDEBUG2("Client requested MN-HA key: Should use SPI to look up key from storage"); if (!mn_nai) { @@ -421,14 +421,14 @@ static unlang_action_t CC_HINT(nonnull) mod_post_auth(rlm_rcode_t *p_result, mod /* * WiMAX-RRQ-HA-IP */ - if (!fr_pair_find_by_da(&request->request_pairs, attr_wimax_rrq_ha_ip, 0)) { + if (!fr_pair_find_by_da_idx(&request->request_pairs, attr_wimax_rrq_ha_ip, 0)) { RWDEBUG("HA-IP was not found!"); } /* * WiMAX-HA-RK-Key-Requested */ - vp = fr_pair_find_by_da(&request->request_pairs, attr_wimax_ha_rk_key_requested, 0); + vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_wimax_ha_rk_key_requested, 0); if (vp && (vp->vp_uint32 == 1)) { REDEBUG2("Client requested HA-RK: Should use IP to look it up from storage"); } diff --git a/src/modules/rlm_winbind/rlm_winbind.c b/src/modules/rlm_winbind/rlm_winbind.c index 350cf95869..f95b42fe9c 100644 --- a/src/modules/rlm_winbind/rlm_winbind.c +++ b/src/modules/rlm_winbind/rlm_winbind.c @@ -103,7 +103,7 @@ static int winbind_group_cmp(void *instance, request_t *request, UNUSED fr_pair_ ssize_t slen; size_t backslash = 0; - vp_username = fr_pair_find_by_da(&request->request_pairs, attr_user_name, 0); + vp_username = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_name, 0); if (!vp_username) return -1; RINDENT(); @@ -471,7 +471,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authorize(rlm_rcode_t *p_result, mod rlm_winbind_t const *inst = talloc_get_type_abort_const(mctx->instance, rlm_winbind_t); fr_pair_t *vp; - vp = fr_pair_find_by_da(&request->request_pairs, attr_user_password, 0); + vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_password, 0); if (!vp) { REDEBUG2("No User-Password found in the request; not doing winbind authentication."); RETURN_MODULE_NOOP; @@ -500,8 +500,8 @@ static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result, rlm_winbind_t const *inst = talloc_get_type_abort_const(mctx->instance, rlm_winbind_t); fr_pair_t *username, *password; - username = fr_pair_find_by_da(&request->request_pairs, attr_user_name, 0); - password = fr_pair_find_by_da(&request->request_pairs, attr_user_password, 0); + username = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_name, 0); + password = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_password, 0); /* * We can only authenticate user requests which HAVE diff --git a/src/modules/rlm_yubikey/decrypt.c b/src/modules/rlm_yubikey/decrypt.c index 1f7143142e..0cc99305ac 100644 --- a/src/modules/rlm_yubikey/decrypt.c +++ b/src/modules/rlm_yubikey/decrypt.c @@ -25,7 +25,7 @@ unlang_action_t rlm_yubikey_decrypt(rlm_rcode_t *p_result, rlm_yubikey_t const * fr_pair_t *key, *vp; - key = fr_pair_find_by_da(&request->control_pairs, attr_yubikey_key, 0); + key = fr_pair_find_by_da_idx(&request->control_pairs, attr_yubikey_key, 0); if (!key) { REDEBUG("Yubikey-Key attribute not found in control list, can't decrypt OTP data"); RETURN_MODULE_INVALID; @@ -87,7 +87,7 @@ unlang_action_t rlm_yubikey_decrypt(rlm_rcode_t *p_result, rlm_yubikey_t const * /* * Now we check for replay attacks */ - vp = fr_pair_find_by_da(&request->control_pairs, attr_yubikey_counter, 0); + vp = fr_pair_find_by_da_idx(&request->control_pairs, attr_yubikey_counter, 0); if (!vp) { RWDEBUG("Yubikey-Counter not found in control list, skipping replay attack checks"); RETURN_MODULE_OK; diff --git a/src/modules/rlm_yubikey/rlm_yubikey.c b/src/modules/rlm_yubikey/rlm_yubikey.c index b810e3c8c0..1fd12eb443 100644 --- a/src/modules/rlm_yubikey/rlm_yubikey.c +++ b/src/modules/rlm_yubikey/rlm_yubikey.c @@ -287,7 +287,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authorize(rlm_rcode_t *p_result, mod /* * Can't do yubikey auth if there's no password. */ - password = fr_pair_find_by_da(&request->request_pairs, attr_user_password, 0); + password = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_password, 0); if (!password) { /* * Don't print out debugging messages if we know @@ -394,13 +394,13 @@ static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result, size_t len; int ret; - vp = fr_pair_find_by_da(&request->request_pairs, attr_yubikey_otp, 0); + vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_yubikey_otp, 0); if (!vp) { RDEBUG2("No Yubikey-OTP attribute found, falling back to User-Password"); /* * Can't do yubikey auth if there's no password. */ - vp = fr_pair_find_by_da(&request->request_pairs, attr_user_password, 0); + vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_password, 0); if (!vp) { REDEBUG("No User-Password in the request. Can't do Yubikey authentication"); RETURN_MODULE_INVALID; diff --git a/src/process/dhcpv4/base.c b/src/process/dhcpv4/base.c index 7a02e4b287..6a549a0f13 100644 --- a/src/process/dhcpv4/base.c +++ b/src/process/dhcpv4/base.c @@ -95,7 +95,7 @@ static void dhcpv4_packet_debug(request_t *request, fr_radius_packet_t *packet, if (!*dhcp_header_attrs[i]) continue; - vp = fr_pair_find_by_da(list, *dhcp_header_attrs[i], 0); + vp = fr_pair_find_by_da_idx(list, *dhcp_header_attrs[i], 0); if (!vp) continue; RDEBUGX(L_DBG_LVL_1, "%pP", vp); } @@ -144,7 +144,7 @@ RESUME(check_yiaddr) { fr_pair_t *vp; - vp = fr_pair_find_by_da(&request->reply_pairs, attr_yiaddr, 0); + vp = fr_pair_find_by_da_idx(&request->reply_pairs, attr_yiaddr, 0); if (!vp) { REDEBUG("%s packet does not have YIADDR. The client will not receive an IP address.", dhcp_message_types[request->reply->code]); diff --git a/src/process/dhcpv6/base.c b/src/process/dhcpv6/base.c index fac8d3f422..8e0b305847 100644 --- a/src/process/dhcpv6/base.c +++ b/src/process/dhcpv6/base.c @@ -205,7 +205,7 @@ process_dhcpv6_client_fields_t *dhcpv6_client_fields_store(request_t *request, b fr_pair_t *transaction_id, *client_id, *server_id; process_dhcpv6_client_fields_t *rctx; - transaction_id = fr_pair_find_by_da(&request->request_pairs, attr_transaction_id, 0); + transaction_id = fr_pair_find_by_da_idx(&request->request_pairs, attr_transaction_id, 0); if (!transaction_id) { REDEBUG("Missing Transaction-ID"); return NULL; @@ -332,7 +332,7 @@ int restore_field(request_t *request, fr_pair_t **to_restore) PAIR_VERIFY(*to_restore); - vp = fr_pair_find_by_da(&request->reply_pairs, (*to_restore)->da, 0); + vp = fr_pair_find_by_da_idx(&request->reply_pairs, (*to_restore)->da, 0); if (vp) { if (fr_pair_cmp(vp, *to_restore) != 0) { RWDEBUG("&reply.%pP does not match &request.%pP", vp, *to_restore); @@ -441,25 +441,25 @@ process_dhcpv6_relay_fields_t *dhcpv6_relay_fields_store(request_t *request) fr_pair_t *hop_count, *link_address, *peer_address, *interface_id; process_dhcpv6_relay_fields_t *rctx; - hop_count = fr_pair_find_by_da(&request->request_pairs, attr_hop_count, 0); + hop_count = fr_pair_find_by_da_idx(&request->request_pairs, attr_hop_count, 0); if (!hop_count) { REDEBUG("Missing Hop-Count"); return NULL; } - link_address = fr_pair_find_by_da(&request->request_pairs, attr_relay_link_address, 0); + link_address = fr_pair_find_by_da_idx(&request->request_pairs, attr_relay_link_address, 0); if (!link_address) { REDEBUG("Missing Link-Address"); return NULL; } - peer_address = fr_pair_find_by_da(&request->request_pairs, attr_relay_peer_address, 0); + peer_address = fr_pair_find_by_da_idx(&request->request_pairs, attr_relay_peer_address, 0); if (!peer_address) { REDEBUG("Missing Peer-Address"); return NULL; } - interface_id = fr_pair_find_by_da(&request->request_pairs, attr_interface_id, 0); + interface_id = fr_pair_find_by_da_idx(&request->request_pairs, attr_interface_id, 0); /* * Remember the relay fields diff --git a/src/process/radius/base.c b/src/process/radius/base.c index bdcf292d2c..6e8bc3d85e 100644 --- a/src/process/radius/base.c +++ b/src/process/radius/base.c @@ -247,9 +247,9 @@ static char *auth_name(char *buf, size_t buflen, request_t *request) char const *tls = ""; RADCLIENT *client = client_from_request(request); - cli = fr_pair_find_by_da(&request->request_pairs, attr_calling_station_id, 0); + cli = fr_pair_find_by_da_idx(&request->request_pairs, attr_calling_station_id, 0); - pair = fr_pair_find_by_da(&request->request_pairs, attr_nas_port, 0); + pair = fr_pair_find_by_da_idx(&request->request_pairs, attr_nas_port, 0); if (pair != NULL) port = pair->vp_uint32; if (request->packet->socket.inet.dst_port == 0) tls = " via proxy to virtual server"; @@ -293,21 +293,21 @@ static void CC_HINT(format (printf, 4, 5)) auth_message(process_radius_auth_t co * Get the correct username based on the configured value */ if (!inst->log_stripped_names) { - username = fr_pair_find_by_da(&request->request_pairs, attr_user_name, 0); + username = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_name, 0); } else { - username = fr_pair_find_by_da(&request->request_pairs, attr_stripped_user_name, 0); - if (!username) username = fr_pair_find_by_da(&request->request_pairs, attr_user_name, 0); + username = fr_pair_find_by_da_idx(&request->request_pairs, attr_stripped_user_name, 0); + if (!username) username = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_name, 0); } /* * Clean up the password */ if (inst->log_auth_badpass || inst->log_auth_goodpass) { - password = fr_pair_find_by_da(&request->request_pairs, attr_user_password, 0); + password = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_password, 0); if (!password) { fr_pair_t *auth_type; - auth_type = fr_pair_find_by_da(&request->control_pairs, attr_auth_type, 0); + auth_type = fr_pair_find_by_da_idx(&request->control_pairs, attr_auth_type, 0); if (auth_type) { snprintf(password_buff, sizeof(password_buff), "", fr_dict_enum_name_by_value(auth_type->da, &auth_type->data)); @@ -315,7 +315,7 @@ static void CC_HINT(format (printf, 4, 5)) auth_message(process_radius_auth_t co } else { password_str = ""; } - } else if (fr_pair_find_by_da(&request->request_pairs, attr_chap_password, 0)) { + } else if (fr_pair_find_by_da_idx(&request->request_pairs, attr_chap_password, 0)) { password_str = ""; } } @@ -404,7 +404,7 @@ RESUME(access_request) /* * Run authenticate foo { ... } */ - vp = fr_pair_find_by_da(&request->control_pairs, attr_auth_type, 0); + vp = fr_pair_find_by_da_idx(&request->control_pairs, attr_auth_type, 0); if (!vp) goto send_reply; dv = fr_dict_enum_by_value(vp->da, &vp->data); @@ -493,7 +493,7 @@ RESUME(auth_type) /* * Maybe the shared secret is wrong? */ - vp = fr_pair_find_by_da(&request->request_pairs, attr_user_password, 0); + vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_password, 0); if (vp) { if (RDEBUG_ENABLED2) { uint8_t const *p; @@ -522,7 +522,7 @@ RESUME(auth_type) * section. */ case FR_RADIUS_CODE_ACCESS_CHALLENGE: - if ((vp = fr_pair_find_by_da(&request->reply_pairs, attr_state, 0)) != NULL) { + if ((vp = fr_pair_find_by_da_idx(&request->reply_pairs, attr_state, 0)) != NULL) { uint8_t buffer[16]; fr_rand_buffer(buffer, sizeof(buffer)); @@ -549,7 +549,7 @@ RESUME_NO_RCTX(access_accept) PROCESS_TRACE; - vp = fr_pair_find_by_da(&request->request_pairs, attr_module_success_message, 0); + vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_module_success_message, 0); if (vp) { auth_message(&inst->auth, request, true, "Login OK (%pV)", &vp->data); } else { @@ -563,9 +563,9 @@ RESUME_NO_RCTX(access_accept) * (mostly) unique to that user. */ if (!request->parent && - ((vp = fr_pair_find_by_da(&request->request_pairs, attr_user_name, 0)) != NULL) && + ((vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_name, 0)) != NULL) && (vp->vp_strvalue[0] == '@') && - !fr_pair_find_by_da(&request->request_pairs, attr_stripped_user_name, 0)) { + !fr_pair_find_by_da_idx(&request->request_pairs, attr_stripped_user_name, 0)) { RWDEBUG("User-Name is anonymized, and no Stripped-User-Name exists."); RWDEBUG("It may be difficult or impossible to identify the user."); RWDEBUG("Please update Stripped-User-Name with information which identifies the user."); @@ -582,7 +582,7 @@ RESUME_NO_RCTX(access_reject) PROCESS_TRACE; - vp = fr_pair_find_by_da(&request->request_pairs, attr_module_failure_message, 0); + vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_module_failure_message, 0); if (vp) { auth_message(&inst->auth, request, false, "Login incorrect (%pV)", &vp->data); } else { @@ -681,7 +681,7 @@ RESUME(accounting_request) /* * Run accounting foo { ... } */ - vp = fr_pair_find_by_da(&request->request_pairs, attr_acct_status_type, 0); + vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_acct_status_type, 0); if (!vp) goto send_reply; dv = fr_dict_enum_by_value(vp->da, &vp->data); @@ -727,7 +727,7 @@ RESUME(protocol_error) /* * https://tools.ietf.org/html/rfc7930#section-4 */ - vp = fr_pair_find_by_da(&request->reply_pairs, attr_original_packet_code, 0); + vp = fr_pair_find_by_da_idx(&request->reply_pairs, attr_original_packet_code, 0); if (!vp) { vp = fr_pair_afrom_da(request->reply_ctx, attr_original_packet_code); if (vp) { @@ -739,7 +739,7 @@ RESUME(protocol_error) /* * If there's no Error-Cause, then include a generic 404. */ - vp = fr_pair_find_by_da(&request->reply_pairs, attr_error_cause, 0); + vp = fr_pair_find_by_da_idx(&request->reply_pairs, attr_error_cause, 0); if (!vp) { vp = fr_pair_afrom_da(request->reply_ctx, attr_error_cause); if (vp) { diff --git a/src/process/tacacs/base.c b/src/process/tacacs/base.c index f598947d3c..8ef6d1dba4 100644 --- a/src/process/tacacs/base.c +++ b/src/process/tacacs/base.c @@ -164,7 +164,7 @@ static void message_failed(request_t *request, PROCESS_INST *inst, fr_process_st /* * Set the server reply message. Note that we do not tell the user *why* they failed authentication. */ - if (!fr_pair_find_by_da(&request->reply_pairs, attr_tacacs_server_message, 0)) { + if (!fr_pair_find_by_da_idx(&request->reply_pairs, attr_tacacs_server_message, 0)) { MEM(pair_update_reply(&vp, attr_tacacs_server_message) >= 0); fr_pair_value_strdup(vp, msg, false); } @@ -276,8 +276,8 @@ RESUME(recv_tacacs) fr_dict_enum_value_t const *dv; CONF_SECTION *subcs; - vp = fr_pair_find_by_da(&request->request_pairs, *state->attr_process, 0); - if (!vp) vp = fr_pair_find_by_da(&request->control_pairs, *state->attr_process, 0); + vp = fr_pair_find_by_da_idx(&request->request_pairs, *state->attr_process, 0); + if (!vp) vp = fr_pair_find_by_da_idx(&request->control_pairs, *state->attr_process, 0); if (!vp) { RDEBUG2("No attribute found for &request.%s - proceeding to 'send'", (*state->attr_process)->name); break; @@ -332,7 +332,7 @@ RESUME(send_tacacs) * Save the state */ if (!request->parent && - (fr_pair_find_by_da(&request->request_pairs, attr_tacacs_state, 0) != NULL)) { + (fr_pair_find_by_da_idx(&request->request_pairs, attr_tacacs_state, 0) != NULL)) { fr_tacacs_packet_hdr_t const *pkt = (fr_tacacs_packet_hdr_t const *) request->packet->data; /* diff --git a/src/process/ttls/base.c b/src/process/ttls/base.c index cedcc2d6e1..bf75b9aee5 100644 --- a/src/process/ttls/base.c +++ b/src/process/ttls/base.c @@ -245,9 +245,9 @@ static char *auth_name(char *buf, size_t buflen, request_t *request) char const *tls = ""; RADCLIENT *client = client_from_request(request); - cli = fr_pair_find_by_da(&request->request_pairs, attr_calling_station_id, 0); + cli = fr_pair_find_by_da_idx(&request->request_pairs, attr_calling_station_id, 0); - pair = fr_pair_find_by_da(&request->request_pairs, attr_nas_port, 0); + pair = fr_pair_find_by_da_idx(&request->request_pairs, attr_nas_port, 0); if (pair != NULL) port = pair->vp_uint32; if (request->packet->socket.inet.dst_port == 0) tls = " via proxy to virtual server"; @@ -291,21 +291,21 @@ static void CC_HINT(format (printf, 4, 5)) auth_message(process_ttls_auth_t cons * Get the correct username based on the configured value */ if (!inst->log_stripped_names) { - username = fr_pair_find_by_da(&request->request_pairs, attr_user_name, 0); + username = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_name, 0); } else { - username = fr_pair_find_by_da(&request->request_pairs, attr_stripped_user_name, 0); - if (!username) username = fr_pair_find_by_da(&request->request_pairs, attr_user_name, 0); + username = fr_pair_find_by_da_idx(&request->request_pairs, attr_stripped_user_name, 0); + if (!username) username = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_name, 0); } /* * Clean up the password */ if (inst->log_auth_badpass || inst->log_auth_goodpass) { - password = fr_pair_find_by_da(&request->request_pairs, attr_user_password, 0); + password = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_password, 0); if (!password) { fr_pair_t *auth_type; - auth_type = fr_pair_find_by_da(&request->control_pairs, attr_auth_type, 0); + auth_type = fr_pair_find_by_da_idx(&request->control_pairs, attr_auth_type, 0); if (auth_type) { snprintf(password_buff, sizeof(password_buff), "", fr_dict_enum_name_by_value(auth_type->da, &auth_type->data)); @@ -313,7 +313,7 @@ static void CC_HINT(format (printf, 4, 5)) auth_message(process_ttls_auth_t cons } else { password_str = ""; } - } else if (fr_pair_find_by_da(&request->request_pairs, attr_chap_password, 0)) { + } else if (fr_pair_find_by_da_idx(&request->request_pairs, attr_chap_password, 0)) { password_str = ""; } } @@ -386,7 +386,7 @@ RESUME(access_request) /* * Run authenticate foo { ... } */ - vp = fr_pair_find_by_da(&request->control_pairs, attr_auth_type, 0); + vp = fr_pair_find_by_da_idx(&request->control_pairs, attr_auth_type, 0); if (!vp) goto send_reply; dv = fr_dict_enum_by_value(vp->da, &vp->data); @@ -475,7 +475,7 @@ RESUME(auth_type) /* * Maybe the shared secret is wrong? */ - vp = fr_pair_find_by_da(&request->request_pairs, attr_user_password, 0); + vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_password, 0); if (vp) { if (RDEBUG_ENABLED2) { uint8_t const *p; @@ -504,7 +504,7 @@ RESUME(auth_type) * section. */ case FR_RADIUS_CODE_ACCESS_CHALLENGE: - if ((vp = fr_pair_find_by_da(&request->reply_pairs, attr_state, 0)) != NULL) { + if ((vp = fr_pair_find_by_da_idx(&request->reply_pairs, attr_state, 0)) != NULL) { uint8_t buffer[16]; fr_rand_buffer(buffer, sizeof(buffer)); @@ -531,7 +531,7 @@ RESUME_NO_RCTX(access_accept) PROCESS_TRACE; - vp = fr_pair_find_by_da(&request->request_pairs, attr_module_success_message, 0); + vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_module_success_message, 0); if (vp) { auth_message(&inst->auth, request, true, "Login OK (%pV)", &vp->data); } else { @@ -545,9 +545,9 @@ RESUME_NO_RCTX(access_accept) * (mostly) unique to that user. */ if (!request->parent && - ((vp = fr_pair_find_by_da(&request->request_pairs, attr_user_name, 0)) != NULL) && + ((vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_name, 0)) != NULL) && (vp->vp_strvalue[0] == '@') && - !fr_pair_find_by_da(&request->request_pairs, attr_stripped_user_name, 0)) { + !fr_pair_find_by_da_idx(&request->request_pairs, attr_stripped_user_name, 0)) { RWDEBUG("User-Name is anonymized, and no Stripped-User-Name exists."); RWDEBUG("It may be difficult or impossible to identify the user."); RWDEBUG("Please update Stripped-User-Name with information which identifies the user."); @@ -564,7 +564,7 @@ RESUME_NO_RCTX(access_reject) PROCESS_TRACE; - vp = fr_pair_find_by_da(&request->request_pairs, attr_module_failure_message, 0); + vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_module_failure_message, 0); if (vp) { auth_message(&inst->auth, request, false, "Login incorrect (%pV)", &vp->data); } else { @@ -609,7 +609,7 @@ RESUME(protocol_error) /* * https://tools.ietf.org/html/rfc7930#section-4 */ - vp = fr_pair_find_by_da(&request->reply_pairs, attr_original_packet_code, 0); + vp = fr_pair_find_by_da_idx(&request->reply_pairs, attr_original_packet_code, 0); if (!vp) { vp = fr_pair_afrom_da(request->reply_ctx, attr_original_packet_code); if (vp) { @@ -621,7 +621,7 @@ RESUME(protocol_error) /* * If there's no Error-Cause, then include a generic 404. */ - vp = fr_pair_find_by_da(&request->reply_pairs, attr_error_cause, 0); + vp = fr_pair_find_by_da_idx(&request->reply_pairs, attr_error_cause, 0); if (!vp) { vp = fr_pair_afrom_da(request->reply_ctx, attr_error_cause); if (vp) { diff --git a/src/protocols/dhcpv4/base.c b/src/protocols/dhcpv4/base.c index 4c235743b0..71dfc3b237 100644 --- a/src/protocols/dhcpv4/base.c +++ b/src/protocols/dhcpv4/base.c @@ -313,7 +313,7 @@ ssize_t fr_dhcpv4_encode_dbuff(fr_dbuff_t *dbuff, dhcp_packet_t *original, int c */ /* Maximum-Msg-Size */ - vp = fr_pair_find_by_da(vps, attr_dhcp_dhcp_maximum_msg_size, 0); + vp = fr_pair_find_by_da_idx(vps, attr_dhcp_dhcp_maximum_msg_size, 0); if (vp && (vp->vp_uint32 > mms)) { mms = vp->vp_uint32; @@ -321,7 +321,7 @@ ssize_t fr_dhcpv4_encode_dbuff(fr_dbuff_t *dbuff, dhcp_packet_t *original, int c } #endif - vp = fr_pair_find_by_da(vps, attr_dhcp_opcode, 0); + vp = fr_pair_find_by_da_idx(vps, attr_dhcp_opcode, 0); if (vp) { FR_DBUFF_IN_RETURN(&work_dbuff, vp->vp_uint8); } else { @@ -329,7 +329,7 @@ ssize_t fr_dhcpv4_encode_dbuff(fr_dbuff_t *dbuff, dhcp_packet_t *original, int c } /* Hardware-Type */ - vp = fr_pair_find_by_da(vps, attr_dhcp_hardware_type, 0); + vp = fr_pair_find_by_da_idx(vps, attr_dhcp_hardware_type, 0); if (vp) { FR_DBUFF_IN_RETURN(&work_dbuff, vp->vp_uint8); @@ -341,7 +341,7 @@ ssize_t fr_dhcpv4_encode_dbuff(fr_dbuff_t *dbuff, dhcp_packet_t *original, int c } /* Hardware-Address-len */ - vp = fr_pair_find_by_da(vps, attr_dhcp_hardware_address_length, 0); + vp = fr_pair_find_by_da_idx(vps, attr_dhcp_hardware_address_length, 0); if (vp) { FR_DBUFF_IN_RETURN(&work_dbuff, vp->vp_uint8); @@ -353,7 +353,7 @@ ssize_t fr_dhcpv4_encode_dbuff(fr_dbuff_t *dbuff, dhcp_packet_t *original, int c } /* Hop-Count */ - vp = fr_pair_find_by_da(vps, attr_dhcp_hop_count, 0); + vp = fr_pair_find_by_da_idx(vps, attr_dhcp_hop_count, 0); if (vp) { FR_DBUFF_IN_RETURN(&work_dbuff, vp->vp_uint8); @@ -368,7 +368,7 @@ ssize_t fr_dhcpv4_encode_dbuff(fr_dbuff_t *dbuff, dhcp_packet_t *original, int c FR_DBUFF_IN_RETURN(&work_dbuff, xid); /* Number-of-Seconds */ - vp = fr_pair_find_by_da(vps, attr_dhcp_number_of_seconds, 0); + vp = fr_pair_find_by_da_idx(vps, attr_dhcp_number_of_seconds, 0); if (vp) { FR_DBUFF_IN_RETURN(&work_dbuff, vp->vp_uint16); } else { @@ -376,7 +376,7 @@ ssize_t fr_dhcpv4_encode_dbuff(fr_dbuff_t *dbuff, dhcp_packet_t *original, int c } /* Flags */ - vp = fr_pair_find_by_da(vps, attr_dhcp_flags, 0); + vp = fr_pair_find_by_da_idx(vps, attr_dhcp_flags, 0); if (vp) { FR_DBUFF_IN_RETURN(&work_dbuff, vp->vp_uint16); } else { @@ -384,7 +384,7 @@ ssize_t fr_dhcpv4_encode_dbuff(fr_dbuff_t *dbuff, dhcp_packet_t *original, int c } /* Client-IP-Address */ - vp = fr_pair_find_by_da(vps, attr_dhcp_client_ip_address, 0); + vp = fr_pair_find_by_da_idx(vps, attr_dhcp_client_ip_address, 0); if (vp) { FR_DBUFF_IN_MEMCPY_RETURN(&work_dbuff, (uint8_t const *)&vp->vp_ipv4addr, sizeof(vp->vp_ipv4addr)); } else { @@ -392,7 +392,7 @@ ssize_t fr_dhcpv4_encode_dbuff(fr_dbuff_t *dbuff, dhcp_packet_t *original, int c } /* Your-IP-address */ - vp = fr_pair_find_by_da(vps, attr_dhcp_your_ip_address, 0); + vp = fr_pair_find_by_da_idx(vps, attr_dhcp_your_ip_address, 0); if (vp) { FR_DBUFF_IN_MEMCPY_RETURN(&work_dbuff, (uint8_t const *)&vp->vp_ipv4addr, sizeof(vp->vp_ipv4addr)); } else { @@ -400,7 +400,7 @@ ssize_t fr_dhcpv4_encode_dbuff(fr_dbuff_t *dbuff, dhcp_packet_t *original, int c } /* Server-IP-Address */ - vp = fr_pair_find_by_da(vps, attr_dhcp_server_ip_address, 0); + vp = fr_pair_find_by_da_idx(vps, attr_dhcp_server_ip_address, 0); if (vp) { FR_DBUFF_IN_MEMCPY_RETURN(&work_dbuff, (uint8_t const *)&vp->vp_ipv4addr, sizeof(vp->vp_ipv4addr)); } else { @@ -410,7 +410,7 @@ ssize_t fr_dhcpv4_encode_dbuff(fr_dbuff_t *dbuff, dhcp_packet_t *original, int c /* * Gateway-IP-Address */ - vp = fr_pair_find_by_da(vps, attr_dhcp_gateway_ip_address, 0); + vp = fr_pair_find_by_da_idx(vps, attr_dhcp_gateway_ip_address, 0); if (vp) { FR_DBUFF_IN_MEMCPY_RETURN(&work_dbuff, (uint8_t const *)&vp->vp_ipv4addr, sizeof(vp->vp_ipv4addr)); @@ -422,7 +422,7 @@ ssize_t fr_dhcpv4_encode_dbuff(fr_dbuff_t *dbuff, dhcp_packet_t *original, int c } /* Client-Hardware-Address */ - if ((vp = fr_pair_find_by_da(vps, attr_dhcp_client_hardware_address, 0))) { + if ((vp = fr_pair_find_by_da_idx(vps, attr_dhcp_client_hardware_address, 0))) { FR_DBUFF_IN_MEMCPY_RETURN(&work_dbuff, (uint8_t const *)vp->vp_ether, sizeof(vp->vp_ether)); FR_DBUFF_MEMSET_RETURN(&work_dbuff, 0, DHCP_CHADDR_LEN - sizeof(vp->vp_ether)); @@ -434,7 +434,7 @@ ssize_t fr_dhcpv4_encode_dbuff(fr_dbuff_t *dbuff, dhcp_packet_t *original, int c } /* Server-Host-Name */ - if ((vp = fr_pair_find_by_da(vps, attr_dhcp_server_host_name, 0))) { + if ((vp = fr_pair_find_by_da_idx(vps, attr_dhcp_server_host_name, 0))) { if (vp->vp_length > DHCP_SNAME_LEN) { FR_DBUFF_IN_MEMCPY_RETURN(&work_dbuff, vp->vp_strvalue, DHCP_SNAME_LEN); } else { @@ -456,7 +456,7 @@ ssize_t fr_dhcpv4_encode_dbuff(fr_dbuff_t *dbuff, dhcp_packet_t *original, int c */ /* Boot-Filename */ - if ((vp = fr_pair_find_by_da(vps, attr_dhcp_boot_filename, 0))) { + if ((vp = fr_pair_find_by_da_idx(vps, attr_dhcp_boot_filename, 0))) { if (vp->vp_length > DHCP_FILE_LEN) { FR_DBUFF_IN_MEMCPY_RETURN(&work_dbuff, vp->vp_strvalue, DHCP_FILE_LEN); } else { @@ -470,7 +470,7 @@ ssize_t fr_dhcpv4_encode_dbuff(fr_dbuff_t *dbuff, dhcp_packet_t *original, int c /* DHCP magic number */ FR_DBUFF_IN_RETURN(&work_dbuff, (uint32_t) DHCP_OPTION_MAGIC_NUMBER); - if ((vp = fr_pair_find_by_da(vps, attr_dhcp_message_type, 0))) { + if ((vp = fr_pair_find_by_da_idx(vps, attr_dhcp_message_type, 0))) { FR_DBUFF_IN_BYTES_RETURN(&work_dbuff, FR_MESSAGE_TYPE, 0x01, vp->vp_uint8); } else { FR_DBUFF_IN_BYTES_RETURN(&work_dbuff, FR_MESSAGE_TYPE, 0x01, (uint8_t)code); diff --git a/src/protocols/dhcpv4/packet.c b/src/protocols/dhcpv4/packet.c index 5661d51aaa..55b740d49c 100644 --- a/src/protocols/dhcpv4/packet.c +++ b/src/protocols/dhcpv4/packet.c @@ -214,7 +214,7 @@ int fr_dhcpv4_decode(TALLOC_CTX *ctx, fr_pair_list_t *out, uint8_t const *data, } if (code) { - vp = fr_pair_find_by_da(&tmp, attr_dhcp_message_type, 0); + vp = fr_pair_find_by_da_idx(&tmp, attr_dhcp_message_type, 0); if (vp) { *code = vp->vp_uint8; } @@ -224,7 +224,7 @@ int fr_dhcpv4_decode(TALLOC_CTX *ctx, fr_pair_list_t *out, uint8_t const *data, * If option Overload is present in the 'options' field, then fields 'file' and/or 'sname' * are used to hold more options. They are partitioned and must be interpreted in sequence. */ - vp = fr_pair_find_by_da(&tmp, attr_dhcp_overload, 0); + vp = fr_pair_find_by_da_idx(&tmp, attr_dhcp_overload, 0); if (vp) { if ((vp->vp_uint8 & 1) == 1) { /* @@ -281,14 +281,14 @@ int fr_dhcpv4_decode(TALLOC_CTX *ctx, fr_pair_list_t *out, uint8_t const *data, /* * DHCP Opcode is request */ - vp = fr_pair_find_by_da(&tmp, attr_dhcp_opcode, 0); + vp = fr_pair_find_by_da_idx(&tmp, attr_dhcp_opcode, 0); if (vp && vp->vp_uint8 == 1) { /* * Vendor is "MSFT 98" */ - vp = fr_pair_find_by_da(&tmp, attr_dhcp_vendor_class_identifier, 0); + vp = fr_pair_find_by_da_idx(&tmp, attr_dhcp_vendor_class_identifier, 0); if (vp && (vp->vp_length == 7) && (memcmp(vp->vp_strvalue, "MSFT 98", 7) == 0)) { - vp = fr_pair_find_by_da(&tmp, attr_dhcp_flags, 0); + vp = fr_pair_find_by_da_idx(&tmp, attr_dhcp_flags, 0); /* * Reply should be broadcast. @@ -315,12 +315,12 @@ int fr_dhcpv4_decode(TALLOC_CTX *ctx, fr_pair_list_t *out, uint8_t const *data, /* * First look for Relay-Link-Selection */ - netaddr = fr_pair_find_by_da(&tmp, attr_dhcp_relay_link_selection, 0); + netaddr = fr_pair_find_by_da_idx(&tmp, attr_dhcp_relay_link_selection, 0); if (!netaddr) { /* * Next try Subnet-Selection-Option */ - netaddr = fr_pair_find_by_da(&tmp, attr_dhcp_subnet_selection_option, 0); + netaddr = fr_pair_find_by_da_idx(&tmp, attr_dhcp_subnet_selection_option, 0); } if (netaddr) { @@ -354,8 +354,8 @@ int fr_dhcpv4_decode(TALLOC_CTX *ctx, fr_pair_list_t *out, uint8_t const *data, * Client can request a LARGER size, but not a smaller * one. They also cannot request a size larger than MTU. */ - maxms = fr_pair_find_by_da(&tmp, attr_dhcp_dhcp_maximum_msg_size, 0); - mtu = fr_pair_find_by_da(&tmp, attr_dhcp_interface_mtu_size, 0); + maxms = fr_pair_find_by_da_idx(&tmp, attr_dhcp_dhcp_maximum_msg_size, 0); + mtu = fr_pair_find_by_da_idx(&tmp, attr_dhcp_interface_mtu_size, 0); if (mtu && (mtu->vp_uint16 < DEFAULT_PACKET_SIZE)) { fr_strerror_const("Client says MTU is smaller than minimum permitted by the specification"); @@ -396,7 +396,7 @@ int fr_dhcpv4_packet_encode(fr_radius_packet_t *packet, fr_pair_list_t *list) if (packet->code == 0) packet->code = FR_DHCP_NAK; /* store xid */ - if ((vp = fr_pair_find_by_da(list, attr_dhcp_transaction_id, 0))) { + if ((vp = fr_pair_find_by_da_idx(list, attr_dhcp_transaction_id, 0))) { packet->id = vp->vp_uint32; } else { packet->id = fr_rand(); diff --git a/src/protocols/dhcpv4/raw.c b/src/protocols/dhcpv4/raw.c index 2341c9e7e0..979ed0fbfc 100644 --- a/src/protocols/dhcpv4/raw.c +++ b/src/protocols/dhcpv4/raw.c @@ -112,7 +112,7 @@ int fr_dhcpv4_raw_packet_send(int sockfd, struct sockaddr_ll *link_layer, /* set ethernet source address to our MAC address (Client-Hardware-Address). */ uint8_t dhmac[ETH_ADDR_LEN] = { 0 }; - if ((vp = fr_pair_find_by_da(list, attr_dhcp_client_hardware_address, 0))) { + if ((vp = fr_pair_find_by_da_idx(list, attr_dhcp_client_hardware_address, 0))) { if (vp->vp_type == FR_TYPE_ETHERNET) memcpy(dhmac, vp->vp_ether, sizeof(vp->vp_ether)); } @@ -222,7 +222,7 @@ fr_radius_packet_t *fr_dhcv4_raw_packet_recv(int sockfd, struct sockaddr_ll *lin * Check if it matches the source HW address used (Client-Hardware-Address = 267) */ if ((memcmp(ð_bcast, ð_hdr->dst_addr, ETH_ADDR_LEN) != 0) && - (vp = fr_pair_find_by_da(list, attr_dhcp_client_hardware_address, 0)) && + (vp = fr_pair_find_by_da_idx(list, attr_dhcp_client_hardware_address, 0)) && ((vp->vp_type == FR_TYPE_ETHERNET) && (memcmp(vp->vp_ether, ð_hdr->dst_addr, ETH_ADDR_LEN) != 0))) { /* No match. */ diff --git a/src/protocols/dhcpv6/base.c b/src/protocols/dhcpv6/base.c index 6a7c13f73b..1f00ef2e83 100644 --- a/src/protocols/dhcpv6/base.c +++ b/src/protocols/dhcpv6/base.c @@ -799,7 +799,7 @@ ssize_t fr_dhcpv6_encode(fr_dbuff_t *dbuff, uint8_t const *original, size_t leng root = fr_dict_root(dict_dhcpv6); if (!msg_type) { - vp = fr_pair_find_by_da(vps, attr_packet_type, 0); + vp = fr_pair_find_by_da_idx(vps, attr_packet_type, 0); if (vp) msg_type = vp->vp_uint32; } @@ -813,21 +813,21 @@ ssize_t fr_dhcpv6_encode(fr_dbuff_t *dbuff, uint8_t const *original, size_t leng switch (msg_type) { case FR_DHCPV6_RELAY_REPLY: case FR_DHCPV6_RELAY_FORWARD: - vp = fr_pair_find_by_da(vps, attr_hop_count, 0); + vp = fr_pair_find_by_da_idx(vps, attr_hop_count, 0); if (likely(vp != NULL)) { FR_VALUE_BOX_TO_NETWORK_RETURN(&frame_dbuff, &vp->data); } else { FR_DBUFF_MEMSET_RETURN(&frame_dbuff, 0, DHCPV6_HOP_COUNT_LEN); } - vp = fr_pair_find_by_da(vps, attr_relay_link_address, 0); + vp = fr_pair_find_by_da_idx(vps, attr_relay_link_address, 0); if (likely(vp != NULL)) { FR_VALUE_BOX_TO_NETWORK_RETURN(&frame_dbuff, &vp->data); } else { FR_DBUFF_MEMSET_RETURN(&frame_dbuff, 0, DHCPV6_LINK_ADDRESS_LEN); } - vp = fr_pair_find_by_da(vps, attr_relay_peer_address, 0); + vp = fr_pair_find_by_da_idx(vps, attr_relay_peer_address, 0); if (likely(vp != NULL)) { FR_VALUE_BOX_TO_NETWORK_RETURN(&frame_dbuff, &vp->data); } else { @@ -839,7 +839,7 @@ ssize_t fr_dhcpv6_encode(fr_dbuff_t *dbuff, uint8_t const *original, size_t leng /* * We can set an XID, or we can pick a random one. */ - vp = fr_pair_find_by_da(vps, attr_transaction_id, 0); + vp = fr_pair_find_by_da_idx(vps, attr_transaction_id, 0); if (vp && (vp->vp_length >= DHCPV6_TRANSACTION_ID_LEN)) { FR_DBUFF_IN_MEMCPY_RETURN(&frame_dbuff, vp->vp_octets, DHCPV6_TRANSACTION_ID_LEN); } else { diff --git a/src/protocols/radius/decode.c b/src/protocols/radius/decode.c index ca39b23a10..f0ce23dd63 100644 --- a/src/protocols/radius/decode.c +++ b/src/protocols/radius/decode.c @@ -557,7 +557,7 @@ ssize_t fr_radius_decode_tlv(TALLOC_CTX *ctx, fr_pair_list_t *out, fr_dict_t con * We don't have a "pair find in out" */ if (flag_concat(&parent->flags)) { - vp = fr_pair_find_by_da(out, parent, 0); + vp = fr_pair_find_by_da_idx(out, parent, 0); concat = (vp != NULL); } else { vp = NULL; diff --git a/src/protocols/radius/encode.c b/src/protocols/radius/encode.c index 8e59f0edd7..cab55e6b17 100644 --- a/src/protocols/radius/encode.c +++ b/src/protocols/radius/encode.c @@ -1636,11 +1636,11 @@ static ssize_t fr_radius_encode_proto(UNUSED TALLOC_CTX *ctx, fr_pair_list_t *vp fr_pair_t *vp; ssize_t slen; - vp = fr_pair_find_by_da(vps, attr_packet_type, 0); + vp = fr_pair_find_by_da_idx(vps, attr_packet_type, 0); if (vp) packet_type = vp->vp_uint32; if ((packet_type == FR_RADIUS_CODE_ACCESS_REQUEST) || (packet_type == FR_RADIUS_CODE_STATUS_SERVER)) { - vp = fr_pair_find_by_da(vps, attr_packet_authentication_vector, 0); + vp = fr_pair_find_by_da_idx(vps, attr_packet_authentication_vector, 0); if (vp && (vp->vp_length == RADIUS_AUTH_VECTOR_LENGTH)) { memcpy(data + 4, vp->vp_octets, RADIUS_AUTH_VECTOR_LENGTH); } else { diff --git a/src/protocols/tacacs/encode.c b/src/protocols/tacacs/encode.c index 937996a60c..942e91b456 100644 --- a/src/protocols/tacacs/encode.c +++ b/src/protocols/tacacs/encode.c @@ -145,7 +145,7 @@ static ssize_t tacacs_encode_field(fr_dbuff_t *dbuff, fr_pair_list_t *vps, fr_di fr_pair_t *vp; fr_dbuff_t work_dbuff = FR_DBUFF(dbuff); - vp = fr_pair_find_by_da(vps, da, 0); + vp = fr_pair_find_by_da_idx(vps, da, 0); if (!vp || !vp->vp_length || (vp->vp_length > max_len)) return 0; if (da->type == FR_TYPE_STRING) { @@ -166,7 +166,7 @@ static ssize_t tacacs_encode_field(fr_dbuff_t *dbuff, fr_pair_list_t *vps, fr_di * doesn't specify them, then they don't get encoded. */ #define ENCODE_FIELD_UINT8(_field, _da) do { \ - vp = fr_pair_find_by_da(vps, _da, 0); \ + vp = fr_pair_find_by_da_idx(vps, _da, 0); \ _field = (vp) ? vp->vp_uint8 : 0; \ } while (0) @@ -629,7 +629,7 @@ ssize_t fr_tacacs_encode(fr_dbuff_t *dbuff, uint8_t const *original_packet, char /* * If the caller didn't set a session ID, use a random one. */ - if (!fr_pair_find_by_da(vps, attr_tacacs_session_id, 0)) { + if (!fr_pair_find_by_da_idx(vps, attr_tacacs_session_id, 0)) { packet->hdr.session_id = fr_rand(); } diff --git a/src/protocols/tftp/tftp.c b/src/protocols/tftp/tftp.c index da4313ec30..f514439f33 100644 --- a/src/protocols/tftp/tftp.c +++ b/src/protocols/tftp/tftp.c @@ -277,7 +277,7 @@ ssize_t fr_tftp_encode(fr_dbuff_t *dbuff, fr_pair_list_t *vps) uint16_t opcode; char const *buf; - vp = fr_pair_find_by_da(vps, attr_tftp_opcode, 0); + vp = fr_pair_find_by_da_idx(vps, attr_tftp_opcode, 0); if (!vp) { fr_strerror_printf("Cannot send TFTP packet without %s", attr_tftp_opcode->name); return -1; @@ -298,7 +298,7 @@ ssize_t fr_tftp_encode(fr_dbuff_t *dbuff, fr_pair_list_t *vps) */ /* */ - vp = fr_pair_find_by_da(vps, attr_tftp_filename, 0); + vp = fr_pair_find_by_da_idx(vps, attr_tftp_filename, 0); if (!vp) { fr_strerror_printf("Invalid TFTP packet without %s", attr_tftp_filename->name); return -1; @@ -308,7 +308,7 @@ ssize_t fr_tftp_encode(fr_dbuff_t *dbuff, fr_pair_list_t *vps) fr_dbuff_in_bytes(&work_dbuff, '\0'); /* */ - vp = fr_pair_find_by_da(vps, attr_tftp_mode, 0); + vp = fr_pair_find_by_da_idx(vps, attr_tftp_mode, 0); if (!vp) { fr_strerror_printf("Invalid TFTP packet without %s", attr_tftp_mode->name); return -1; @@ -326,7 +326,7 @@ ssize_t fr_tftp_encode(fr_dbuff_t *dbuff, fr_pair_list_t *vps) fr_dbuff_in_bytes(&work_dbuff, '\0'); /* is optional */ - vp = fr_pair_find_by_da(vps, attr_tftp_block_size, 0); + vp = fr_pair_find_by_da_idx(vps, attr_tftp_block_size, 0); if (vp) { char tmp[5+1]; /* max: 65535 */ @@ -351,7 +351,7 @@ ssize_t fr_tftp_encode(fr_dbuff_t *dbuff, fr_pair_list_t *vps) */ /* */ - vp = fr_pair_find_by_da(vps, attr_tftp_block, 0); + vp = fr_pair_find_by_da_idx(vps, attr_tftp_block, 0); if (!vp) { fr_strerror_printf("Invalid TFTP packet without %s", attr_tftp_block->name); return -1; @@ -371,7 +371,7 @@ ssize_t fr_tftp_encode(fr_dbuff_t *dbuff, fr_pair_list_t *vps) if (opcode != FR_OPCODE_VALUE_DATA) goto done; /* */ - vp = fr_pair_find_by_da(vps, attr_tftp_data, 0); + vp = fr_pair_find_by_da_idx(vps, attr_tftp_data, 0); if (!vp) { fr_strerror_printf("Invalid TFTP packet without %s", attr_tftp_data->name); return -1; @@ -396,7 +396,7 @@ ssize_t fr_tftp_encode(fr_dbuff_t *dbuff, fr_pair_list_t *vps) size_t error_msg_len; /* */ - vp = fr_pair_find_by_da(vps, attr_tftp_error_code, 0); + vp = fr_pair_find_by_da_idx(vps, attr_tftp_error_code, 0); if (!vp) { fr_strerror_printf("Invalid TFTP packet without %s", attr_tftp_error_code->name); return -1; @@ -406,7 +406,7 @@ ssize_t fr_tftp_encode(fr_dbuff_t *dbuff, fr_pair_list_t *vps) fr_dbuff_in(&work_dbuff, error_code); /* */ - vp = fr_pair_find_by_da(vps, attr_tftp_error_message, 0); + vp = fr_pair_find_by_da_idx(vps, attr_tftp_error_message, 0); if (vp) { error_msg = vp->vp_strvalue; error_msg_len = vp->vp_length;