From: Alan T. DeKok Date: Wed, 17 Aug 2022 12:41:55 +0000 (-0400) Subject: remove nested unions X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b865571b5ae4de20b9b158804a1fc020f3dc1235;p=thirdparty%2Ffreeradius-server.git remove nested unions compilers are too dumb to notice that flexible array members are fine when there is no field which follows them. --- diff --git a/src/protocols/tacacs/base.c b/src/protocols/tacacs/base.c index a434a1bf180..59827d4674d 100644 --- a/src/protocols/tacacs/base.c +++ b/src/protocols/tacacs/base.c @@ -248,32 +248,32 @@ ssize_t fr_tacacs_length(uint8_t const *buffer, size_t buffer_len) case FR_TAC_PLUS_AUTHEN: if (packet_is_authen_start_request(pkt)) { - want = sizeof(pkt->hdr) + sizeof(pkt->authen.start); + want = sizeof(pkt->hdr) + sizeof(pkt->authen_start); } else if (packet_is_authen_continue(pkt)) { - want = sizeof(pkt->hdr) + sizeof(pkt->authen.cont); + want = sizeof(pkt->hdr) + sizeof(pkt->authen_cont); } else { fr_assert(packet_is_authen_reply(pkt)); - want = sizeof(pkt->hdr) + sizeof(pkt->authen.reply); + want = sizeof(pkt->hdr) + sizeof(pkt->authen_reply); } break; case FR_TAC_PLUS_AUTHOR: if (packet_is_author_request(pkt)) { - want = sizeof(pkt->hdr) + sizeof(pkt->author.req); + want = sizeof(pkt->hdr) + sizeof(pkt->author_req); } else { fr_assert(packet_is_author_response(pkt)); - want = sizeof(pkt->hdr) + sizeof(pkt->author.res); + want = sizeof(pkt->hdr) + sizeof(pkt->author_res); } break; case FR_TAC_PLUS_ACCT: if (packet_is_acct_request(pkt)) { - want = sizeof(pkt->hdr) + sizeof(pkt->acct.req); + want = sizeof(pkt->hdr) + sizeof(pkt->acct_req); } else { fr_assert(packet_is_acct_reply(pkt)); - want = sizeof(pkt->hdr) + sizeof(pkt->acct.reply); + want = sizeof(pkt->hdr) + sizeof(pkt->acct_reply); } break; } diff --git a/src/protocols/tacacs/decode.c b/src/protocols/tacacs/decode.c index 1704c14e739..2b12e2d3373 100644 --- a/src/protocols/tacacs/decode.c +++ b/src/protocols/tacacs/decode.c @@ -388,11 +388,11 @@ ssize_t fr_tacacs_decode(TALLOC_CTX *ctx, fr_pair_list_t *out, uint8_t const *bu * | data... * +----------------+----------------+----------------+----------------+ */ - p = BODY(authen.start); + p = BODY(authen_start); PACKET_HEADER_CHECK("Authentication Start"); if ((pkt->hdr.ver.minor == 0) && - (pkt->authen.start.authen_type != FR_AUTHENTICATION_TYPE_VALUE_ASCII)) { + (pkt->authen_start.authen_type != FR_AUTHENTICATION_TYPE_VALUE_ASCII)) { fr_strerror_const("TACACS+ minor version 1 MUST be used for non-ASCII authentication methods"); goto fail; } @@ -402,23 +402,23 @@ ssize_t fr_tacacs_decode(TALLOC_CTX *ctx, fr_pair_list_t *out, uint8_t const *bu /* * Decode 4 octets of various flags. */ - DECODE_FIELD_UINT8(attr_tacacs_action, pkt->authen.start.action); - DECODE_FIELD_UINT8(attr_tacacs_privilege_level, pkt->authen.start.priv_lvl); - DECODE_FIELD_UINT8(attr_tacacs_authentication_type, pkt->authen.start.authen_type); - DECODE_FIELD_UINT8(attr_tacacs_authentication_service, pkt->authen.start.authen_service); + DECODE_FIELD_UINT8(attr_tacacs_action, pkt->authen_start.action); + DECODE_FIELD_UINT8(attr_tacacs_privilege_level, pkt->authen_start.priv_lvl); + DECODE_FIELD_UINT8(attr_tacacs_authentication_type, pkt->authen_start.authen_type); + DECODE_FIELD_UINT8(attr_tacacs_authentication_service, pkt->authen_start.authen_service); /* * Decode 4 fields, based on their "length" */ - DECODE_FIELD_STRING8(attr_tacacs_user_name, pkt->authen.start.user_len); - DECODE_FIELD_STRING8(attr_tacacs_client_port, pkt->authen.start.port_len); - DECODE_FIELD_STRING8(attr_tacacs_remote_address, pkt->authen.start.rem_addr_len); + DECODE_FIELD_STRING8(attr_tacacs_user_name, pkt->authen_start.user_len); + DECODE_FIELD_STRING8(attr_tacacs_client_port, pkt->authen_start.port_len); + DECODE_FIELD_STRING8(attr_tacacs_remote_address, pkt->authen_start.rem_addr_len); /* * Check the length on the various * authentication types. */ - switch (pkt->authen.start.authen_type) { + switch (pkt->authen_start.authen_type) { default: want = 255; break; @@ -442,15 +442,15 @@ ssize_t fr_tacacs_decode(TALLOC_CTX *ctx, fr_pair_list_t *out, uint8_t const *bu * Otherwise, decode it as an unknown * attribute. */ - if (pkt->authen.start.data_len <= want) { - DECODE_FIELD_STRING8(attr_tacacs_data, pkt->authen.start.data_len); + if (pkt->authen_start.data_len <= want) { + DECODE_FIELD_STRING8(attr_tacacs_data, pkt->authen_start.data_len); } else { fr_dict_attr_t *da; da = fr_dict_unknown_attr_afrom_da(ctx, attr_tacacs_data); if (da) { da->flags.is_raw = 1; - DECODE_FIELD_STRING8(da, pkt->authen.start.data_len); + DECODE_FIELD_STRING8(da, pkt->authen_start.data_len); talloc_free(da); /* the VP makes it's own copy */ } @@ -483,10 +483,10 @@ ssize_t fr_tacacs_decode(TALLOC_CTX *ctx, fr_pair_list_t *out, uint8_t const *bu goto fail; } - p = BODY(authen.cont); + p = BODY(authen_cont); PACKET_HEADER_CHECK("Authentication Continue"); - if (pkt->authen.start.authen_type != FR_AUTHENTICATION_TYPE_VALUE_ASCII) { + if (pkt->authen_start.authen_type != FR_AUTHENTICATION_TYPE_VALUE_ASCII) { fr_strerror_const("Authentication-Continue packets MUST NOT be used for PAP, CHAP, MS-CHAP"); goto fail; } @@ -496,13 +496,13 @@ ssize_t fr_tacacs_decode(TALLOC_CTX *ctx, fr_pair_list_t *out, uint8_t const *bu /* * Decode 2 fields, based on their "length" */ - DECODE_FIELD_STRING16(attr_tacacs_user_message, pkt->authen.cont.user_msg_len); - DECODE_FIELD_STRING16(attr_tacacs_data, pkt->authen.cont.data_len); + DECODE_FIELD_STRING16(attr_tacacs_user_message, pkt->authen_cont.user_msg_len); + DECODE_FIELD_STRING16(attr_tacacs_data, pkt->authen_cont.data_len); /* * And finally the flags. */ - DECODE_FIELD_UINT8(attr_tacacs_authentication_continue_flags, pkt->authen.cont.flags); + DECODE_FIELD_UINT8(attr_tacacs_authentication_continue_flags, pkt->authen_cont.flags); } else if (packet_is_authen_reply(pkt)) { /* @@ -523,18 +523,18 @@ ssize_t fr_tacacs_decode(TALLOC_CTX *ctx, fr_pair_list_t *out, uint8_t const *bu * We just echo whatever was sent in the request. */ - p = BODY(authen.reply); + p = BODY(authen_reply); PACKET_HEADER_CHECK("Authentication Reply"); DECODE_FIELD_UINT8(attr_tacacs_packet_body_type, FR_PACKET_BODY_TYPE_REPLY); - DECODE_FIELD_UINT8(attr_tacacs_authentication_status, pkt->authen.reply.status); - DECODE_FIELD_UINT8(attr_tacacs_authentication_flags, pkt->authen.reply.flags); + DECODE_FIELD_UINT8(attr_tacacs_authentication_status, pkt->authen_reply.status); + DECODE_FIELD_UINT8(attr_tacacs_authentication_flags, pkt->authen_reply.flags); /* * Decode 2 fields, based on their "length" */ - DECODE_FIELD_STRING16(attr_tacacs_server_message, pkt->authen.reply.server_msg_len); - DECODE_FIELD_STRING16(attr_tacacs_data, pkt->authen.reply.data_len); + DECODE_FIELD_STRING16(attr_tacacs_server_message, pkt->authen_reply.server_msg_len); + DECODE_FIELD_STRING16(attr_tacacs_data, pkt->authen_reply.data_len); } else { unknown_packet: @@ -574,31 +574,31 @@ ssize_t fr_tacacs_decode(TALLOC_CTX *ctx, fr_pair_list_t *out, uint8_t const *bu if (pkt->hdr.ver.minor != 0) goto invalid_version; - p = BODY(author.req); + p = BODY(author_req); PACKET_HEADER_CHECK("Authorization REQUEST"); - ARG_COUNT_CHECK("Authorization REQUEST", pkt->author.req.arg_cnt); + ARG_COUNT_CHECK("Authorization REQUEST", pkt->author_req.arg_cnt); DECODE_FIELD_UINT8(attr_tacacs_packet_body_type, FR_PACKET_BODY_TYPE_REQUEST); /* * Decode 4 octets of various flags. */ - DECODE_FIELD_UINT8(attr_tacacs_authentication_method, pkt->author.req.authen_method); - DECODE_FIELD_UINT8(attr_tacacs_privilege_level, pkt->author.req.priv_lvl); - DECODE_FIELD_UINT8(attr_tacacs_authentication_type, pkt->author.req.authen_type); - DECODE_FIELD_UINT8(attr_tacacs_authentication_service, pkt->author.req.authen_service); + DECODE_FIELD_UINT8(attr_tacacs_authentication_method, pkt->author_req.authen_method); + DECODE_FIELD_UINT8(attr_tacacs_privilege_level, pkt->author_req.priv_lvl); + DECODE_FIELD_UINT8(attr_tacacs_authentication_type, pkt->author_req.authen_type); + DECODE_FIELD_UINT8(attr_tacacs_authentication_service, pkt->author_req.authen_service); /* * Decode 3 fields, based on their "length" */ - DECODE_FIELD_STRING8(attr_tacacs_user_name, pkt->author.req.user_len); - DECODE_FIELD_STRING8(attr_tacacs_client_port, pkt->author.req.port_len); - DECODE_FIELD_STRING8(attr_tacacs_remote_address, pkt->author.req.rem_addr_len); + DECODE_FIELD_STRING8(attr_tacacs_user_name, pkt->author_req.user_len); + DECODE_FIELD_STRING8(attr_tacacs_client_port, pkt->author_req.port_len); + DECODE_FIELD_STRING8(attr_tacacs_remote_address, pkt->author_req.rem_addr_len); /* * Decode 'arg_N' arguments (horrible format) */ if (tacacs_decode_args(ctx, out, attr_tacacs_argument_list, - pkt->author.req.arg_cnt, BODY(author.req), &p, end) < 0) goto fail; + pkt->author_req.arg_cnt, BODY(author_req), &p, end) < 0) goto fail; } else if (packet_is_author_response(pkt)) { /* @@ -629,27 +629,27 @@ ssize_t fr_tacacs_decode(TALLOC_CTX *ctx, fr_pair_list_t *out, uint8_t const *bu * We just echo whatever was sent in the request. */ - p = BODY(author.res); + p = BODY(author_res); PACKET_HEADER_CHECK("Authorization RESPONSE"); - ARG_COUNT_CHECK("Authorization REQUEST", pkt->author.res.arg_cnt); + ARG_COUNT_CHECK("Authorization REQUEST", pkt->author_res.arg_cnt); DECODE_FIELD_UINT8(attr_tacacs_packet_body_type, FR_PACKET_BODY_TYPE_RESPONSE); /* * Decode 1 octets */ - DECODE_FIELD_UINT8(attr_tacacs_authorization_status, pkt->author.res.status); + DECODE_FIELD_UINT8(attr_tacacs_authorization_status, pkt->author_res.status); /* * Decode 2 fields, based on their "length" */ - DECODE_FIELD_STRING16(attr_tacacs_server_message, pkt->author.res.server_msg_len); - DECODE_FIELD_STRING16(attr_tacacs_data, pkt->author.res.data_len); + DECODE_FIELD_STRING16(attr_tacacs_server_message, pkt->author_res.server_msg_len); + DECODE_FIELD_STRING16(attr_tacacs_data, pkt->author_res.data_len); /* * Decode 'arg_N' arguments (horrible format) */ if (tacacs_decode_args(ctx, out, attr_tacacs_argument_list, - pkt->author.res.arg_cnt, BODY(author.res), &p, end) < 0) goto fail; + pkt->author_res.arg_cnt, BODY(author_res), &p, end) < 0) goto fail; } else { goto unknown_packet; @@ -687,32 +687,32 @@ ssize_t fr_tacacs_decode(TALLOC_CTX *ctx, fr_pair_list_t *out, uint8_t const *bu if (pkt->hdr.ver.minor != 0) goto invalid_version; - p = BODY(acct.req); + p = BODY(acct_req); PACKET_HEADER_CHECK("Accounting REQUEST"); - ARG_COUNT_CHECK("Accounting REQUEST", pkt->acct.req.arg_cnt); + ARG_COUNT_CHECK("Accounting REQUEST", pkt->acct_req.arg_cnt); DECODE_FIELD_UINT8(attr_tacacs_packet_body_type, FR_PACKET_BODY_TYPE_REQUEST); /* * Decode 5 octets of various flags. */ - DECODE_FIELD_UINT8(attr_tacacs_accounting_flags, pkt->acct.req.flags); - DECODE_FIELD_UINT8(attr_tacacs_authentication_method, pkt->acct.req.authen_method); - DECODE_FIELD_UINT8(attr_tacacs_privilege_level, pkt->acct.req.priv_lvl); - DECODE_FIELD_UINT8(attr_tacacs_authentication_type, pkt->acct.req.authen_type); - DECODE_FIELD_UINT8(attr_tacacs_authentication_service, pkt->acct.req.authen_service); + DECODE_FIELD_UINT8(attr_tacacs_accounting_flags, pkt->acct_req.flags); + DECODE_FIELD_UINT8(attr_tacacs_authentication_method, pkt->acct_req.authen_method); + DECODE_FIELD_UINT8(attr_tacacs_privilege_level, pkt->acct_req.priv_lvl); + DECODE_FIELD_UINT8(attr_tacacs_authentication_type, pkt->acct_req.authen_type); + DECODE_FIELD_UINT8(attr_tacacs_authentication_service, pkt->acct_req.authen_service); /* * Decode 3 fields, based on their "length" */ - DECODE_FIELD_STRING8(attr_tacacs_user_name, pkt->acct.req.user_len); - DECODE_FIELD_STRING8(attr_tacacs_client_port, pkt->acct.req.port_len); - DECODE_FIELD_STRING8(attr_tacacs_remote_address, pkt->acct.req.rem_addr_len); + DECODE_FIELD_STRING8(attr_tacacs_user_name, pkt->acct_req.user_len); + DECODE_FIELD_STRING8(attr_tacacs_client_port, pkt->acct_req.port_len); + DECODE_FIELD_STRING8(attr_tacacs_remote_address, pkt->acct_req.rem_addr_len); /* * Decode 'arg_N' arguments (horrible format) */ if (tacacs_decode_args(ctx, out, attr_tacacs_argument_list, - pkt->acct.req.arg_cnt, BODY(acct.req), &p, end) < 0) goto fail; + pkt->acct_req.arg_cnt, BODY(acct_req), &p, end) < 0) goto fail; } else if (packet_is_acct_reply(pkt)) { /** @@ -733,18 +733,18 @@ ssize_t fr_tacacs_decode(TALLOC_CTX *ctx, fr_pair_list_t *out, uint8_t const *bu * We just echo whatever was sent in the request. */ - p = BODY(acct.reply); + p = BODY(acct_reply); PACKET_HEADER_CHECK("Accounting REPLY"); DECODE_FIELD_UINT8(attr_tacacs_packet_body_type, FR_PACKET_BODY_TYPE_REPLY); /* * Decode 2 fields, based on their "length" */ - DECODE_FIELD_STRING16(attr_tacacs_server_message, pkt->acct.reply.server_msg_len); - DECODE_FIELD_STRING16(attr_tacacs_data, pkt->acct.reply.data_len); + DECODE_FIELD_STRING16(attr_tacacs_server_message, pkt->acct_reply.server_msg_len); + DECODE_FIELD_STRING16(attr_tacacs_data, pkt->acct_reply.data_len); /* Decode 1 octet */ - DECODE_FIELD_UINT8(attr_tacacs_accounting_status, pkt->acct.reply.status); + DECODE_FIELD_UINT8(attr_tacacs_accounting_status, pkt->acct_reply.status); } else { goto unknown_packet; } diff --git a/src/protocols/tacacs/encode.c b/src/protocols/tacacs/encode.c index 15f610f92a7..13406eaf8e7 100644 --- a/src/protocols/tacacs/encode.c +++ b/src/protocols/tacacs/encode.c @@ -322,23 +322,23 @@ ssize_t fr_tacacs_encode(fr_dbuff_t *dbuff, uint8_t const *original_packet, char /* * Make room for such body request. */ - FR_DBUFF_ADVANCE_RETURN(&work_dbuff, sizeof(packet->authen.start)); + FR_DBUFF_ADVANCE_RETURN(&work_dbuff, sizeof(packet->authen_start)); /* * Encode 4 octets of various flags. */ - ENCODE_FIELD_UINT8(packet->authen.start.action, attr_tacacs_action); - ENCODE_FIELD_UINT8(packet->authen.start.priv_lvl, attr_tacacs_privilege_level); - ENCODE_FIELD_UINT8(packet->authen.start.authen_type, attr_tacacs_authentication_type); - ENCODE_FIELD_UINT8(packet->authen.start.authen_service, attr_tacacs_authentication_service); + ENCODE_FIELD_UINT8(packet->authen_start.action, attr_tacacs_action); + ENCODE_FIELD_UINT8(packet->authen_start.priv_lvl, attr_tacacs_privilege_level); + ENCODE_FIELD_UINT8(packet->authen_start.authen_type, attr_tacacs_authentication_type); + ENCODE_FIELD_UINT8(packet->authen_start.authen_service, attr_tacacs_authentication_service); /* * Encode 4 mandatory fields. */ - ENCODE_FIELD_STRING8(packet->authen.start.user_len, attr_tacacs_user_name); - ENCODE_FIELD_STRING8(packet->authen.start.port_len, attr_tacacs_client_port); - ENCODE_FIELD_STRING8(packet->authen.start.rem_addr_len, attr_tacacs_remote_address); - ENCODE_FIELD_STRING8(packet->authen.start.data_len, attr_tacacs_data); + ENCODE_FIELD_STRING8(packet->authen_start.user_len, attr_tacacs_user_name); + ENCODE_FIELD_STRING8(packet->authen_start.port_len, attr_tacacs_client_port); + ENCODE_FIELD_STRING8(packet->authen_start.rem_addr_len, attr_tacacs_remote_address); + ENCODE_FIELD_STRING8(packet->authen_start.data_len, attr_tacacs_data); goto check_request; @@ -362,18 +362,18 @@ ssize_t fr_tacacs_encode(fr_dbuff_t *dbuff, uint8_t const *original_packet, char /* * Make room for such body request. */ - FR_DBUFF_ADVANCE_RETURN(&work_dbuff, sizeof(packet->authen.cont)); + FR_DBUFF_ADVANCE_RETURN(&work_dbuff, sizeof(packet->authen_cont)); /* * Encode 2 mandatory fields. */ - ENCODE_FIELD_STRING16(packet->authen.cont.user_msg_len, attr_tacacs_user_message); - ENCODE_FIELD_STRING16(packet->authen.cont.data_len, attr_tacacs_data); + ENCODE_FIELD_STRING16(packet->authen_cont.user_msg_len, attr_tacacs_user_message); + ENCODE_FIELD_STRING16(packet->authen_cont.data_len, attr_tacacs_data); /* * Look at the abort flag after encoding the fields. */ - ENCODE_FIELD_UINT8(packet->authen.cont.flags, attr_tacacs_authentication_continue_flags); + ENCODE_FIELD_UINT8(packet->authen_cont.flags, attr_tacacs_authentication_continue_flags); goto check_request; @@ -394,16 +394,16 @@ ssize_t fr_tacacs_encode(fr_dbuff_t *dbuff, uint8_t const *original_packet, char /* * Make room for such body request. */ - FR_DBUFF_ADVANCE_RETURN(&work_dbuff, sizeof(packet->authen.reply)); + FR_DBUFF_ADVANCE_RETURN(&work_dbuff, sizeof(packet->authen_reply)); - ENCODE_FIELD_UINT8(packet->authen.reply.status, attr_tacacs_authentication_status); - ENCODE_FIELD_UINT8(packet->authen.reply.flags, attr_tacacs_authentication_flags); + ENCODE_FIELD_UINT8(packet->authen_reply.status, attr_tacacs_authentication_status); + ENCODE_FIELD_UINT8(packet->authen_reply.flags, attr_tacacs_authentication_flags); /* * Encode 2 mandatory fields. */ - ENCODE_FIELD_STRING16(packet->authen.reply.server_msg_len, attr_tacacs_server_message); - ENCODE_FIELD_STRING16(packet->authen.reply.data_len, attr_tacacs_data); + ENCODE_FIELD_STRING16(packet->authen_reply.server_msg_len, attr_tacacs_server_message); + ENCODE_FIELD_STRING16(packet->authen_reply.data_len, attr_tacacs_data); goto check_reply; } @@ -443,34 +443,34 @@ ssize_t fr_tacacs_encode(fr_dbuff_t *dbuff, uint8_t const *original_packet, char /* * Make room for such body request. */ - FR_DBUFF_ADVANCE_RETURN(&work_dbuff, sizeof(packet->author.req)); + FR_DBUFF_ADVANCE_RETURN(&work_dbuff, sizeof(packet->author_req)); /* * Encode 4 octets of various flags. */ - ENCODE_FIELD_UINT8(packet->author.req.authen_method, attr_tacacs_authentication_method); - ENCODE_FIELD_UINT8(packet->author.req.priv_lvl, attr_tacacs_privilege_level); - ENCODE_FIELD_UINT8(packet->author.req.authen_type, attr_tacacs_authentication_type); - ENCODE_FIELD_UINT8(packet->author.req.authen_service, attr_tacacs_authentication_service); + ENCODE_FIELD_UINT8(packet->author_req.authen_method, attr_tacacs_authentication_method); + ENCODE_FIELD_UINT8(packet->author_req.priv_lvl, attr_tacacs_privilege_level); + ENCODE_FIELD_UINT8(packet->author_req.authen_type, attr_tacacs_authentication_type); + ENCODE_FIELD_UINT8(packet->author_req.authen_service, attr_tacacs_authentication_service); /* * Encode 'arg_N' arguments (horrible format) */ - packet->author.req.arg_cnt = tacacs_encode_body_arg_cnt(vps, attr_tacacs_argument_list); - if (packet->author.req.arg_cnt) FR_DBUFF_MEMSET_RETURN(&work_dbuff, 0, packet->author.req.arg_cnt); + packet->author_req.arg_cnt = tacacs_encode_body_arg_cnt(vps, attr_tacacs_argument_list); + if (packet->author_req.arg_cnt) FR_DBUFF_MEMSET_RETURN(&work_dbuff, 0, packet->author_req.arg_cnt); /* * Encode 3 mandatory fields. */ - ENCODE_FIELD_STRING8(packet->author.req.user_len, attr_tacacs_user_name); - ENCODE_FIELD_STRING8(packet->author.req.port_len, attr_tacacs_client_port); - ENCODE_FIELD_STRING8(packet->author.req.rem_addr_len, attr_tacacs_remote_address); + ENCODE_FIELD_STRING8(packet->author_req.user_len, attr_tacacs_user_name); + ENCODE_FIELD_STRING8(packet->author_req.port_len, attr_tacacs_client_port); + ENCODE_FIELD_STRING8(packet->author_req.rem_addr_len, attr_tacacs_remote_address); /* * Append 'args_body' to the end of buffer */ - if (packet->author.req.arg_cnt > 0) { - if (tacacs_encode_body_arg_n(&work_dbuff, packet->author.req.arg_cnt, &packet->author.req.arg_len[0], vps, attr_tacacs_argument_list) < 0) goto error; + if (packet->author_req.arg_cnt > 0) { + if (tacacs_encode_body_arg_n(&work_dbuff, packet->author_req.arg_cnt, &packet->author_req.arg_len[0], vps, attr_tacacs_argument_list) < 0) goto error; } goto check_request; @@ -501,12 +501,12 @@ ssize_t fr_tacacs_encode(fr_dbuff_t *dbuff, uint8_t const *original_packet, char /* * Make room for such body request. */ - FR_DBUFF_ADVANCE_RETURN(&work_dbuff, sizeof(packet->author.res)); + FR_DBUFF_ADVANCE_RETURN(&work_dbuff, sizeof(packet->author_res)); /* * Encode 1 mandatory field. */ - ENCODE_FIELD_UINT8(packet->author.res.status, attr_tacacs_authorization_status); + ENCODE_FIELD_UINT8(packet->author_res.status, attr_tacacs_authorization_status); /* * Encode 'arg_N' arguments (horrible format) @@ -523,25 +523,25 @@ ssize_t fr_tacacs_encode(fr_dbuff_t *dbuff, uint8_t const *original_packet, char * When the status equals TAC_PLUS_AUTHOR_STATUS_FOLLOW, then the * arg_cnt MUST be 0. */ - if (!((packet->author.res.status == FR_AUTHORIZATION_STATUS_VALUE_ERROR) || - (packet->author.res.status == FR_AUTHORIZATION_STATUS_VALUE_FOLLOW))) { - packet->author.res.arg_cnt = tacacs_encode_body_arg_cnt(vps, attr_tacacs_argument_list); - if (packet->author.res.arg_cnt) FR_DBUFF_MEMSET_RETURN(&work_dbuff, 0, packet->author.res.arg_cnt); + if (!((packet->author_res.status == FR_AUTHORIZATION_STATUS_VALUE_ERROR) || + (packet->author_res.status == FR_AUTHORIZATION_STATUS_VALUE_FOLLOW))) { + packet->author_res.arg_cnt = tacacs_encode_body_arg_cnt(vps, attr_tacacs_argument_list); + if (packet->author_res.arg_cnt) FR_DBUFF_MEMSET_RETURN(&work_dbuff, 0, packet->author_res.arg_cnt); } else { - packet->author.res.arg_cnt = 0; + packet->author_res.arg_cnt = 0; } /* * Encode 2 mandatory fields. */ - ENCODE_FIELD_STRING16(packet->author.res.server_msg_len, attr_tacacs_server_message); - ENCODE_FIELD_STRING16(packet->author.res.data_len, attr_tacacs_data); + ENCODE_FIELD_STRING16(packet->author_res.server_msg_len, attr_tacacs_server_message); + ENCODE_FIELD_STRING16(packet->author_res.data_len, attr_tacacs_data); /* * Append 'args_body' to the end of buffer */ - if (packet->author.res.arg_cnt > 0) { - if (tacacs_encode_body_arg_n(&work_dbuff, packet->author.res.arg_cnt, &packet->author.res.arg_len[0], vps, attr_tacacs_argument_list) < 0) goto error; + if (packet->author_res.arg_cnt > 0) { + if (tacacs_encode_body_arg_n(&work_dbuff, packet->author_res.arg_cnt, &packet->author_res.arg_len[0], vps, attr_tacacs_argument_list) < 0) goto error; } goto check_reply; @@ -583,35 +583,35 @@ ssize_t fr_tacacs_encode(fr_dbuff_t *dbuff, uint8_t const *original_packet, char /* * Make room for such body request. */ - FR_DBUFF_ADVANCE_RETURN(&work_dbuff, sizeof(packet->acct.req)); + FR_DBUFF_ADVANCE_RETURN(&work_dbuff, sizeof(packet->acct_req)); /* * Encode 5 octets of various flags. */ - ENCODE_FIELD_UINT8(packet->acct.req.flags, attr_tacacs_accounting_flags); - ENCODE_FIELD_UINT8(packet->acct.req.authen_method, attr_tacacs_authentication_method); - ENCODE_FIELD_UINT8(packet->acct.req.priv_lvl, attr_tacacs_privilege_level); - ENCODE_FIELD_UINT8(packet->acct.req.authen_type, attr_tacacs_authentication_type); - ENCODE_FIELD_UINT8(packet->acct.req.authen_service, attr_tacacs_authentication_service); + ENCODE_FIELD_UINT8(packet->acct_req.flags, attr_tacacs_accounting_flags); + ENCODE_FIELD_UINT8(packet->acct_req.authen_method, attr_tacacs_authentication_method); + ENCODE_FIELD_UINT8(packet->acct_req.priv_lvl, attr_tacacs_privilege_level); + ENCODE_FIELD_UINT8(packet->acct_req.authen_type, attr_tacacs_authentication_type); + ENCODE_FIELD_UINT8(packet->acct_req.authen_service, attr_tacacs_authentication_service); /* * Encode 'arg_N' arguments (horrible format) */ - packet->acct.req.arg_cnt = tacacs_encode_body_arg_cnt(vps, attr_tacacs_argument_list); - if (packet->acct.req.arg_cnt) FR_DBUFF_MEMSET_RETURN(&work_dbuff, 0, packet->acct.req.arg_cnt); + packet->acct_req.arg_cnt = tacacs_encode_body_arg_cnt(vps, attr_tacacs_argument_list); + if (packet->acct_req.arg_cnt) FR_DBUFF_MEMSET_RETURN(&work_dbuff, 0, packet->acct_req.arg_cnt); /* * Encode 3 mandatory fields. */ - ENCODE_FIELD_STRING8(packet->acct.req.user_len, attr_tacacs_user_name); - ENCODE_FIELD_STRING8(packet->acct.req.port_len, attr_tacacs_client_port); - ENCODE_FIELD_STRING8(packet->acct.req.rem_addr_len, attr_tacacs_remote_address); + ENCODE_FIELD_STRING8(packet->acct_req.user_len, attr_tacacs_user_name); + ENCODE_FIELD_STRING8(packet->acct_req.port_len, attr_tacacs_client_port); + ENCODE_FIELD_STRING8(packet->acct_req.rem_addr_len, attr_tacacs_remote_address); /* * Append 'args_body' to the end of buffer */ - if (packet->acct.req.arg_cnt > 0) { - if (tacacs_encode_body_arg_n(&work_dbuff, packet->acct.req.arg_cnt, &packet->acct.req.arg_len[0], vps, attr_tacacs_argument_list) < 0) goto error; + if (packet->acct_req.arg_cnt > 0) { + if (tacacs_encode_body_arg_n(&work_dbuff, packet->acct_req.arg_cnt, &packet->acct_req.arg_len[0], vps, attr_tacacs_argument_list) < 0) goto error; } check_request: @@ -655,18 +655,18 @@ ssize_t fr_tacacs_encode(fr_dbuff_t *dbuff, uint8_t const *original_packet, char /* * Make room for such body request. */ - FR_DBUFF_ADVANCE_RETURN(&work_dbuff, sizeof(packet->acct.reply)); + FR_DBUFF_ADVANCE_RETURN(&work_dbuff, sizeof(packet->acct_reply)); /* * Encode 2 mandatory fields. */ - ENCODE_FIELD_STRING16(packet->acct.reply.server_msg_len, attr_tacacs_server_message); - ENCODE_FIELD_STRING16(packet->acct.reply.data_len, attr_tacacs_data); + ENCODE_FIELD_STRING16(packet->acct_reply.server_msg_len, attr_tacacs_server_message); + ENCODE_FIELD_STRING16(packet->acct_reply.data_len, attr_tacacs_data); /* * And also, the status field. */ - ENCODE_FIELD_UINT8(packet->acct.reply.status, attr_tacacs_accounting_status); + ENCODE_FIELD_UINT8(packet->acct_reply.status, attr_tacacs_accounting_status); check_reply: /* diff --git a/src/protocols/tacacs/tacacs.h b/src/protocols/tacacs/tacacs.h index e7740c2f539..7c881ef5e04 100644 --- a/src/protocols/tacacs/tacacs.h +++ b/src/protocols/tacacs/tacacs.h @@ -257,19 +257,13 @@ typedef struct CC_HINT(__packed__) { typedef struct CC_HINT(__packed__) { fr_tacacs_packet_hdr_t hdr; union { - union { - fr_tacacs_packet_authen_start_hdr_t start; - fr_tacacs_packet_authen_reply_hdr_t reply; - fr_tacacs_packet_authen_cont_hdr_t cont; - } authen; - union { - fr_tacacs_packet_author_req_hdr_t req; - fr_tacacs_packet_author_res_hdr_t res; - } author; - union { - fr_tacacs_packet_acct_req_hdr_t req; - fr_tacacs_packet_acct_reply_hdr_t reply; - } acct; + fr_tacacs_packet_authen_start_hdr_t authen_start; + fr_tacacs_packet_authen_reply_hdr_t authen_reply; + fr_tacacs_packet_authen_cont_hdr_t authen_cont; + fr_tacacs_packet_author_req_hdr_t author_req; + fr_tacacs_packet_author_res_hdr_t author_res; + fr_tacacs_packet_acct_req_hdr_t acct_req; + fr_tacacs_packet_acct_reply_hdr_t acct_reply; }; } fr_tacacs_packet_t;