From: Alan T. DeKok Date: Fri, 12 Aug 2022 22:56:54 +0000 (-0400) Subject: don't call "find by index" with 0, when another API call would do X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f7b3f3ee409399e0d89077deed334986ff655ad6;p=thirdparty%2Ffreeradius-server.git don't call "find by index" with 0, when another API call would do All of these calls just find the first da, so fr_pair_find_by_da() is the better choice. The "find by index" calls shoud be used when the index is either created at run-time, or is non-zero --- diff --git a/src/bin/dhcpclient.c b/src/bin/dhcpclient.c index f269f019949..3c461736a75 100644 --- a/src/bin/dhcpclient.c +++ b/src/bin/dhcpclient.c @@ -302,8 +302,8 @@ static fr_radius_packet_t *fr_dhcpv4_recv_raw_loop(int lsockfd, if (!found) found = reply; if (reply->code == FR_DHCP_OFFER) { - fr_pair_t *vp1 = fr_pair_find_by_da_idx(&reply_vps, attr_dhcp_dhcp_server_identifier, 0); - fr_pair_t *vp2 = fr_pair_find_by_da_idx(&reply_vps, attr_dhcp_your_ip_address, 0); + fr_pair_t *vp1 = fr_pair_find_by_da(&reply_vps, NULL, attr_dhcp_dhcp_server_identifier); + fr_pair_t *vp2 = fr_pair_find_by_da(&reply_vps, NULL, attr_dhcp_your_ip_address); if (vp1 && vp2) { nb_offer++; diff --git a/src/bin/radclient.c b/src/bin/radclient.c index 72e795365af..7395abb084c 100644 --- a/src/bin/radclient.c +++ b/src/bin/radclient.c @@ -816,10 +816,10 @@ static int send_one_packet(rc_request_t *request) if (request->password) { fr_pair_t *vp; - if ((vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_password, 0)) != NULL) { + if ((vp = fr_pair_find_by_da(&request->request_pairs, NULL, attr_user_password)) != NULL) { fr_pair_value_strdup(vp, request->password->vp_strvalue, false); - } else if ((vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_chap_password, 0)) != NULL) { + } else if ((vp = fr_pair_find_by_da(&request->request_pairs, NULL, attr_chap_password)) != NULL) { uint8_t buffer[17]; fr_pair_t *challenge; uint8_t const *vector; @@ -828,7 +828,7 @@ static int send_one_packet(rc_request_t *request) * Use Chap-Challenge pair if present, * Request Authenticator otherwise. */ - challenge = fr_pair_find_by_da_idx(&request->request_pairs, attr_chap_challenge, 0); + challenge = fr_pair_find_by_da(&request->request_pairs, NULL, attr_chap_challenge); if (challenge && (challenge->vp_length == RADIUS_AUTH_VECTOR_LENGTH)) { vector = challenge->vp_octets; } else { @@ -841,7 +841,7 @@ static int send_one_packet(rc_request_t *request) request->password->vp_length); fr_pair_value_memdup(vp, buffer, sizeof(buffer), false); - } else if (fr_pair_find_by_da_idx(&request->request_pairs, attr_ms_chap_password, 0) != NULL) { + } else if (fr_pair_find_by_da(&request->request_pairs, NULL, attr_ms_chap_password) != NULL) { mschapv1_encode(request->packet, &request->request_pairs, request->password->vp_strvalue); } else { diff --git a/src/bin/radsniff.c b/src/bin/radsniff.c index 05090f11897..5d8760d7409 100644 --- a/src/bin/radsniff.c +++ b/src/bin/radsniff.c @@ -350,7 +350,7 @@ static void rs_packet_print_csv(uint64_t count, rs_status_t status, fr_pcap_t *h fr_pair_t *vp; for (i = 0; i < conf->list_da_num; i++) { - vp = fr_pair_find_by_da_idx(list, conf->list_da[i], 0); + vp = fr_pair_find_by_da(list, NULL, conf->list_da[i]); if (vp && (vp->vp_length > 0)) { if (conf->list_da[i]->type == FR_TYPE_STRING) { ssize_t slen; diff --git a/src/bin/radsnmp.c b/src/bin/radsnmp.c index 60118b6bd12..586d529864f 100644 --- a/src/bin/radsnmp.c +++ b/src/bin/radsnmp.c @@ -591,7 +591,7 @@ static int radsnmp_set_response(int fd, fr_dict_attr_t const *error, fr_pair_lis struct iovec io_vector[2]; char newline[] = "\n"; - vp = fr_pair_find_by_da_idx(head, error, 0); + vp = fr_pair_find_by_da(head, NULL, error); if (!vp) { if (write(fd, "DONE\n", 5) < 0) { fr_strerror_printf("Failed writing set response: %s", fr_syserror(errno)); diff --git a/src/bin/unit_test_module.c b/src/bin/unit_test_module.c index 7ed41424d6a..6d1dddcd2d5 100644 --- a/src/bin/unit_test_module.c +++ b/src/bin/unit_test_module.c @@ -182,7 +182,7 @@ static request_t *request_from_file(TALLOC_CTX *ctx, FILE *fp, RADCLIENT *client */ fr_pair_list_tainted(&request->request_pairs); - vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_packet_type, 0); + vp = fr_pair_find_by_da(&request->request_pairs, NULL, attr_packet_type); if (!vp) { fr_strerror_printf("Input packet does not specify a Packet-Type"); goto error; diff --git a/src/lib/eap/base.c b/src/lib/eap/base.c index 1341145a8f7..646c0510fd6 100644 --- a/src/lib/eap/base.c +++ b/src/lib/eap/base.c @@ -406,7 +406,7 @@ rlm_rcode_t eap_virtual_server(request_t *request, eap_session_t *eap_session, c fr_pair_t *vp; CONF_SECTION *server_cs; - vp = fr_pair_find_by_da_idx(&request->control_pairs, attr_virtual_server, 0); + vp = fr_pair_find_by_da(&request->control_pairs, NULL, attr_virtual_server); server_cs = vp ? virtual_server_find(vp->vp_strvalue) : virtual_server_find(virtual_server); if (server_cs) { diff --git a/src/lib/eap/chbind.c b/src/lib/eap/chbind.c index cc80ce34377..5d4798017f2 100644 --- a/src/lib/eap/chbind.c +++ b/src/lib/eap/chbind.c @@ -68,7 +68,7 @@ static bool chbind_build_response(request_t *request, CHBIND_REQ *chbind) * Set the response code. Default to "fail" if none was * specified. */ - vp = fr_pair_find_by_da_idx(&request->control_pairs, attr_chbind_response_code, 0); + vp = fr_pair_find_by_da(&request->control_pairs, NULL, attr_chbind_response_code); if (vp) { ptr[0] = vp->vp_uint32; } else { diff --git a/src/lib/eap/compose.c b/src/lib/eap/compose.c index f2ce2a1c252..c6dda9ba0b1 100644 --- a/src/lib/eap/compose.c +++ b/src/lib/eap/compose.c @@ -239,7 +239,7 @@ rlm_rcode_t eap_compose(eap_session_t *eap_session) * Don't add a Message-Authenticator if * it's already there. */ - vp = fr_pair_find_by_da_idx(&request->reply_pairs, attr_message_authenticator, 0); + vp = fr_pair_find_by_da(&request->reply_pairs, NULL, attr_message_authenticator); if (!vp) { static uint8_t auth_vector[RADIUS_AUTH_VECTOR_LENGTH] = { 0x00 }; @@ -300,7 +300,7 @@ rlm_rcode_t eap_start(request_t *request, rlm_eap_method_t const methods[], bool fr_pair_t *vp; fr_pair_t *eap_msg; - eap_msg = fr_pair_find_by_da_idx(&request->request_pairs, attr_eap_message, 0); + eap_msg = fr_pair_find_by_da(&request->request_pairs, NULL, attr_eap_message); if (!eap_msg) { RDEBUG2("No EAP-Message, not doing EAP"); return RLM_MODULE_NOOP; @@ -310,7 +310,7 @@ rlm_rcode_t eap_start(request_t *request, rlm_eap_method_t const methods[], bool * Look for EAP-Type = None (FreeRADIUS specific attribute) * this allows you to NOT do EAP for some users. */ - vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_eap_type, 0); + vp = fr_pair_find_by_da(&request->request_pairs, NULL, attr_eap_type); if (vp && vp->vp_uint32 == 0) { RDEBUG2("Found EAP-Message, but EAP-Type = None, so we're not doing EAP"); return RLM_MODULE_NOOP; diff --git a/src/lib/eap/session.c b/src/lib/eap/session.c index 4da0918f15f..68751f88276 100644 --- a/src/lib/eap/session.c +++ b/src/lib/eap/session.c @@ -425,7 +425,7 @@ eap_session_t *eap_session_continue(void const *instance, eap_packet_raw_t **eap * Type-Data field of the EAP-Response/Identity in the User-Name * attribute in every subsequent Access-Request. */ - user = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_name, 0); + user = fr_pair_find_by_da(&request->request_pairs, NULL, attr_user_name); if (!user) { /* * NAS did not set the User-Name diff --git a/src/lib/eap_aka_sim/module.c b/src/lib/eap_aka_sim/module.c index a69dfd09c93..f7bb8e3f98e 100644 --- a/src/lib/eap_aka_sim/module.c +++ b/src/lib/eap_aka_sim/module.c @@ -71,7 +71,7 @@ static unlang_action_t mod_encode(rlm_rcode_t *p_result, module_ctx_t const *mct * from the virtual server to determine what kind * of EAP response to send. */ - subtype_vp = fr_pair_find_by_da_idx(&request->reply_pairs, attr_eap_aka_sim_subtype, 0); + subtype_vp = fr_pair_find_by_da(&request->reply_pairs, NULL, attr_eap_aka_sim_subtype); if (!subtype_vp) { eap_session->this_round->request->code = (rcode == RLM_MODULE_OK) ? FR_EAP_CODE_SUCCESS : FR_EAP_CODE_FAILURE; @@ -139,9 +139,9 @@ static unlang_action_t mod_encode(rlm_rcode_t *p_result, module_ctx_t const *mct * Figure out if the state machine is * requesting an ID. */ - if ((vp = fr_pair_find_by_da_idx(&request->reply_pairs, attr_eap_aka_sim_any_id_req, 0)) || - (vp = fr_pair_find_by_da_idx(&request->reply_pairs, attr_eap_aka_sim_fullauth_id_req, 0)) || - (vp = fr_pair_find_by_da_idx(&request->reply_pairs, attr_eap_aka_sim_permanent_id_req, 0))) { + if ((vp = fr_pair_find_by_da(&request->reply_pairs, NULL, attr_eap_aka_sim_any_id_req)) || + (vp = fr_pair_find_by_da(&request->reply_pairs, NULL, attr_eap_aka_sim_fullauth_id_req)) || + (vp = fr_pair_find_by_da(&request->reply_pairs, NULL, attr_eap_aka_sim_permanent_id_req))) { RDEBUG2("Sending EAP-Request/%pV (%s)", &subtype_vp->data, vp->da->name); } else { RDEBUG2("Sending EAP-Request/%pV", &subtype_vp->data); @@ -159,7 +159,7 @@ static unlang_action_t mod_encode(rlm_rcode_t *p_result, module_ctx_t const *mct * it should have used that. */ case FR_SUBTYPE_VALUE_AKA_CHALLENGE: - vp = fr_pair_find_by_da_idx(&request->reply_pairs, attr_eap_aka_sim_bidding, 0); + vp = fr_pair_find_by_da(&request->reply_pairs, NULL, attr_eap_aka_sim_bidding); /* * Explicit NO @@ -196,7 +196,7 @@ static unlang_action_t mod_encode(rlm_rcode_t *p_result, module_ctx_t const *mct /* * Extra data to append to the packet when signing. */ - vp = fr_pair_find_by_da_idx(&request->control_pairs, attr_eap_aka_sim_hmac_extra_request, 0); + vp = fr_pair_find_by_da(&request->control_pairs, NULL, attr_eap_aka_sim_hmac_extra_request); if (vp) { request_hmac_extra = vp->vp_octets; request_hmac_extra_len = vp->vp_length; @@ -206,7 +206,7 @@ static unlang_action_t mod_encode(rlm_rcode_t *p_result, module_ctx_t const *mct * Extra data to append to the response packet when * validating the signature. */ - vp = fr_pair_find_by_da_idx(&request->control_pairs, attr_eap_aka_sim_hmac_extra_response, 0); + vp = fr_pair_find_by_da(&request->control_pairs, NULL, attr_eap_aka_sim_hmac_extra_response); if (vp) { /* * We may attempt to challenge the supplicant @@ -229,7 +229,7 @@ static unlang_action_t mod_encode(rlm_rcode_t *p_result, module_ctx_t const *mct /* * Key we use for encrypting and decrypting attributes. */ - vp = fr_pair_find_by_da_idx(&request->control_pairs, attr_eap_aka_sim_k_encr, 0); + vp = fr_pair_find_by_da(&request->control_pairs, NULL, attr_eap_aka_sim_k_encr); if (vp) { talloc_const_free(mod_session->ctx.k_encr); MEM(mod_session->ctx.k_encr = talloc_memdup(mod_session, vp->vp_octets, vp->vp_length)); @@ -238,7 +238,7 @@ static unlang_action_t mod_encode(rlm_rcode_t *p_result, module_ctx_t const *mct /* * Key we use for signing and validating mac values. */ - vp = fr_pair_find_by_da_idx(&request->control_pairs, attr_eap_aka_sim_k_aut, 0); + vp = fr_pair_find_by_da(&request->control_pairs, NULL, attr_eap_aka_sim_k_aut); if (vp) { talloc_const_free(mod_session->ctx.k_aut); MEM(mod_session->ctx.k_aut = talloc_memdup(mod_session, vp->vp_octets, vp->vp_length)); @@ -359,7 +359,7 @@ unlang_action_t eap_aka_sim_process(rlm_rcode_t *p_result, module_ctx_t const *m log_request_pair_list(L_DBG_LVL_2, request, NULL, &request->request_pairs, NULL); } - subtype_vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_eap_aka_sim_subtype, 0); + subtype_vp = fr_pair_find_by_da(&request->request_pairs, NULL, attr_eap_aka_sim_subtype); if (!subtype_vp) { REDEBUG2("Missing Sub-Type"); /* Let the state machine enter the right state */ break; diff --git a/src/lib/eap_aka_sim/state_machine.c b/src/lib/eap_aka_sim/state_machine.c index 9bbcea4f3e9..55fb0cabc07 100644 --- a/src/lib/eap_aka_sim/state_machine.c +++ b/src/lib/eap_aka_sim/state_machine.c @@ -214,7 +214,7 @@ static inline CC_HINT(always_inline) void client_error_debug(request_t *request) { fr_pair_t *vp; - vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_eap_aka_sim_client_error_code, 0); + vp = fr_pair_find_by_da(&request->request_pairs, NULL, attr_eap_aka_sim_client_error_code); if (!vp) { REDEBUG("Peer has not supplied a AT_ERROR_CODE"); } else { @@ -541,14 +541,14 @@ static int checkcode_validate(request_t *request) * done by the calling module, we just check * the result. */ - our_checkcode = fr_pair_find_by_da_idx(&request->control_pairs, attr_eap_aka_sim_checkcode, 0); + our_checkcode = fr_pair_find_by_da(&request->control_pairs, NULL, attr_eap_aka_sim_checkcode); if (our_checkcode) { /* * If the peer doesn't include a checkcode then that * means they don't support it, and we can't validate * their view of the identity packets. */ - peer_checkcode = fr_pair_find_by_da_idx(&request->request_pairs, attr_eap_aka_sim_checkcode, 0); + peer_checkcode = fr_pair_find_by_da(&request->request_pairs, NULL, attr_eap_aka_sim_checkcode); if (peer_checkcode) { if (fr_pair_cmp(peer_checkcode, our_checkcode) == 0) { RDEBUG2("Received AT_CHECKCODE matches calculated AT_CHECKCODE"); @@ -586,7 +586,7 @@ static int mac_validate(request_t *request) * done by the calling module, we just check * the result. */ - our_mac = fr_pair_find_by_da_idx(&request->control_pairs, attr_eap_aka_sim_mac, 0); + our_mac = fr_pair_find_by_da(&request->control_pairs, NULL, attr_eap_aka_sim_mac); if (!our_mac) { REDEBUG("Missing &control.%s", attr_eap_aka_sim_mac->name); return -1; @@ -598,7 +598,7 @@ static int mac_validate(request_t *request) * means they don't support it, and we can't validate * their view of the identity packets. */ - peer_mac = fr_pair_find_by_da_idx(&request->request_pairs, attr_eap_aka_sim_mac, 0); + peer_mac = fr_pair_find_by_da(&request->request_pairs, NULL, attr_eap_aka_sim_mac); if (!peer_mac) { REDEBUG("Peer didn't include AT_MAC"); return -1; @@ -685,7 +685,7 @@ RESUME(store_pseudonym) * find a next_reauth_id pair in the * reply list. */ - vp = fr_pair_find_by_da_idx(&request->reply_pairs, attr_eap_aka_sim_next_reauth_id, 0); + vp = fr_pair_find_by_da(&request->reply_pairs, NULL, attr_eap_aka_sim_next_reauth_id); if (vp) { /* * Generate a random fastauth string @@ -765,7 +765,7 @@ RESUME(store_pseudonym) * state increment by 1, otherwise, add the * attribute and set to zero. */ - vp = fr_pair_find_by_da_idx(&request->session_state_pairs, attr_eap_aka_sim_counter, 0); + vp = fr_pair_find_by_da(&request->session_state_pairs, NULL, attr_eap_aka_sim_counter); if (vp) { vp->vp_uint16++; /* @@ -816,7 +816,7 @@ static unlang_action_t session_and_pseudonym_store(rlm_rcode_t *p_result, module unlang_interpret_stack_result_set(request, RLM_MODULE_NOOP); /* Needed because we may call resume functions directly */ - vp = fr_pair_find_by_da_idx(&request->reply_pairs, attr_eap_aka_sim_next_pseudonym, 0); + vp = fr_pair_find_by_da(&request->reply_pairs, NULL, attr_eap_aka_sim_next_pseudonym); if (vp) { /* * Generate a random pseudonym string @@ -1136,7 +1136,7 @@ static int sim_start_selected_version_check(request_t *request, eap_aka_sim_sess /* * Check that we got an AT_SELECTED_VERSION */ - selected_version_vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_eap_aka_sim_selected_version, 0); + selected_version_vp = fr_pair_find_by_da(&request->request_pairs, NULL, attr_eap_aka_sim_selected_version); if (!selected_version_vp) { REDEBUG("EAP-Response/SIM/Start does not contain AT_SELECTED_VERSION"); return -1; @@ -1189,7 +1189,7 @@ static int sim_start_nonce_mt_check(request_t *request, eap_aka_sim_session_t *e /* * Copy nonce_mt to the keying material */ - nonce_mt_vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_eap_aka_sim_nonce_mt, 0); + nonce_mt_vp = fr_pair_find_by_da(&request->request_pairs, NULL, attr_eap_aka_sim_nonce_mt); if (!nonce_mt_vp) { REDEBUG("EAP-Response/SIM/Start does not contain AT_NONCE_MT"); return -1; @@ -1288,7 +1288,7 @@ STATE(common_failure_notification) eap_aka_sim_process_conf_t *inst = talloc_get_type_abort(mctx->inst->data, eap_aka_sim_process_conf_t); fr_pair_t *subtype_vp = NULL; - subtype_vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_eap_aka_sim_subtype, 0); + subtype_vp = fr_pair_find_by_da(&request->request_pairs, NULL, attr_eap_aka_sim_subtype); if (!subtype_vp) goto fail; switch (subtype_vp->vp_uint16) { @@ -1334,7 +1334,7 @@ RESUME(send_common_failure_notification) * - FR_NOTIFICATION_VALUE_NOT_SUBSCRIBED * User has not subscribed to the requested service. */ - notification_vp = fr_pair_find_by_da_idx(&request->reply_pairs, attr_eap_aka_sim_notification, 0); + notification_vp = fr_pair_find_by_da(&request->reply_pairs, NULL, attr_eap_aka_sim_notification); /* * Keep Notification, but remove everything else... @@ -1684,7 +1684,7 @@ RESUME(recv_common_reauthentication_response) * clear out reauth information and enter the * challenge state. */ - if (fr_pair_find_by_da_idx(&request->request_pairs, attr_eap_aka_sim_counter_too_small, 0)) { + if (fr_pair_find_by_da(&request->request_pairs, NULL, attr_eap_aka_sim_counter_too_small)) { RWDEBUG("Peer sent AT_COUNTER_TOO_SMALL (indicating our AT_COUNTER value (%u) wasn't fresh)", eap_aka_sim_session->keys.reauth.counter); @@ -1702,13 +1702,13 @@ RESUME(recv_common_reauthentication_response) * RFC 4187 Section #6.2. Result Indications */ if (eap_aka_sim_session->send_result_ind) { - if (!fr_pair_find_by_da_idx(&request->request_pairs, attr_eap_aka_sim_result_ind, 0)) { + if (!fr_pair_find_by_da(&request->request_pairs, NULL, attr_eap_aka_sim_result_ind)) { RDEBUG("We wanted to use protected result indications, but peer does not"); eap_aka_sim_session->send_result_ind = false; } else { return STATE_TRANSITION(common_success_notification); } - } else if (fr_pair_find_by_da_idx(&request->request_pairs, attr_eap_aka_sim_result_ind, 0)) { + } else if (fr_pair_find_by_da(&request->request_pairs, NULL, attr_eap_aka_sim_result_ind)) { RDEBUG("Peer wanted to use protected result indications, but we do not"); } @@ -1731,7 +1731,7 @@ STATE(common_reauthentication) eap_aka_sim_session_t *eap_aka_sim_session = talloc_get_type_abort(mctx->rctx, eap_aka_sim_session_t); fr_pair_t *subtype_vp = NULL; - subtype_vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_eap_aka_sim_subtype, 0); + subtype_vp = fr_pair_find_by_da(&request->request_pairs, NULL, attr_eap_aka_sim_subtype); if (!subtype_vp) { REDEBUG("Missing AT_SUBTYPE"); goto fail; @@ -1795,7 +1795,7 @@ static unlang_action_t common_reauthentication_request_compose(rlm_rcode_t *p_re * Not seen any doing this for re-authentication * but you never know... */ - kdf_id = fr_pair_find_by_da_idx(&request->control_pairs, attr_eap_aka_sim_kdf_identity, 0); + kdf_id = fr_pair_find_by_da(&request->control_pairs, NULL, attr_eap_aka_sim_kdf_identity); if (kdf_id) { crypto_identity_set(request, eap_aka_sim_session, (uint8_t const *)kdf_id->vp_strvalue, kdf_id->vp_length); @@ -1869,7 +1869,7 @@ static unlang_action_t common_reauthentication_request_compose(rlm_rcode_t *p_re * * Use our default, but allow user override too. */ - vp = fr_pair_find_by_da_idx(&request->reply_pairs, attr_eap_aka_sim_result_ind, 0); + vp = fr_pair_find_by_da(&request->reply_pairs, NULL, attr_eap_aka_sim_result_ind); if (vp) eap_aka_sim_session->send_result_ind = vp->vp_bool; /* @@ -2150,7 +2150,7 @@ RESUME(recv_aka_synchronization_failure) * We couldn't generate an SQN and the user didn't provide one, * so we need to fail. */ - vp = fr_pair_find_by_da_idx(&request->control_pairs, attr_sim_sqn, 0); + vp = fr_pair_find_by_da(&request->control_pairs, NULL, attr_sim_sqn); if (!vp) { REDEBUG("No &control.SQN value provided after resynchronisation, cannot continue"); goto failure; @@ -2208,7 +2208,7 @@ RESUME(recv_aka_challenge_response) */ if (checkcode_validate(request) < 0) goto failure; - vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_eap_aka_sim_res, 0); + vp = fr_pair_find_by_da(&request->request_pairs, NULL, attr_eap_aka_sim_res); if (!vp) { REDEBUG("AT_RES missing from challenge response"); goto failure; @@ -2240,13 +2240,13 @@ RESUME(recv_aka_challenge_response) * RFC 4187 Section #6.2. Result Indications */ if (eap_aka_sim_session->send_result_ind) { - if (!fr_pair_find_by_da_idx(&request->request_pairs, attr_eap_aka_sim_result_ind, 0)) { + if (!fr_pair_find_by_da(&request->request_pairs, NULL, attr_eap_aka_sim_result_ind)) { RDEBUG("We wanted to use protected result indications, but peer does not"); eap_aka_sim_session->send_result_ind = false; } else { return STATE_TRANSITION(common_success_notification); } - } else if (fr_pair_find_by_da_idx(&request->request_pairs, attr_eap_aka_sim_result_ind, 0)) { + } else if (fr_pair_find_by_da(&request->request_pairs, NULL, attr_eap_aka_sim_result_ind)) { RDEBUG("Peer wanted to use protected result indications, but we do not"); } @@ -2271,7 +2271,7 @@ STATE(aka_challenge) fr_pair_t *subtype_vp = NULL; fr_pair_t *vp; - subtype_vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_eap_aka_sim_subtype, 0); + subtype_vp = fr_pair_find_by_da(&request->request_pairs, NULL, attr_eap_aka_sim_subtype); if (!subtype_vp) { REDEBUG("Missing AT_SUBTYPE"); goto fail; @@ -2294,7 +2294,7 @@ STATE(aka_challenge) eap_aka_sim_session->allow_encrypted = false; - vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_eap_aka_sim_auts, 0); + vp = fr_pair_find_by_da(&request->request_pairs, NULL, attr_eap_aka_sim_auts); if (!vp) { REDEBUG("EAP-Response/AKA-Synchronisation-Failure missing AT_AUTS"); failure: @@ -2373,7 +2373,7 @@ RESUME(send_aka_challenge_request) * implement RFC 4187 correctly and use the * wrong identity as input the the PRF/KDF. */ - kdf_id = fr_pair_find_by_da_idx(&request->control_pairs, attr_eap_aka_sim_kdf_identity, 0); + kdf_id = fr_pair_find_by_da(&request->control_pairs, NULL, attr_eap_aka_sim_kdf_identity); if (kdf_id) { crypto_identity_set(request, eap_aka_sim_session, (uint8_t const *)kdf_id->vp_strvalue, kdf_id->vp_length); @@ -2387,7 +2387,7 @@ RESUME(send_aka_challenge_request) * Copy the network name the user specified for * key derivation purposes. */ - vp = fr_pair_find_by_da_idx(&request->reply_pairs, attr_eap_aka_sim_kdf_input, 0); + vp = fr_pair_find_by_da(&request->reply_pairs, NULL, attr_eap_aka_sim_kdf_input); if (vp) { talloc_free(eap_aka_sim_session->keys.network); eap_aka_sim_session->keys.network = talloc_memdup(eap_aka_sim_session, @@ -2455,7 +2455,7 @@ RESUME(send_aka_challenge_request) * * Use our default, but allow user override too. */ - vp = fr_pair_find_by_da_idx(&request->reply_pairs, attr_eap_aka_sim_result_ind, 0); + vp = fr_pair_find_by_da(&request->reply_pairs, NULL, attr_eap_aka_sim_result_ind); if (vp) eap_aka_sim_session->send_result_ind = vp->vp_bool; /* @@ -2538,7 +2538,7 @@ STATE_GUARD(aka_challenge) * and send it to the peer. */ if (inst->network_name && - !fr_pair_find_by_da_idx(&request->reply_pairs, attr_eap_aka_sim_kdf_input, 0)) { + !fr_pair_find_by_da(&request->reply_pairs, NULL, attr_eap_aka_sim_kdf_input)) { MEM(pair_append_reply(&vp, attr_eap_aka_sim_kdf_input) >= 0); fr_pair_value_bstrdup_buffer(vp, inst->network_name, false); } @@ -2554,7 +2554,7 @@ STATE_GUARD(aka_challenge) * Set the defaults for protected result indicator */ if (eap_aka_sim_session->send_result_ind && - !fr_pair_find_by_da_idx(&request->reply_pairs, attr_eap_aka_sim_result_ind, 0)) { + !fr_pair_find_by_da(&request->reply_pairs, NULL, attr_eap_aka_sim_result_ind)) { MEM(pair_append_reply(&vp, attr_eap_aka_sim_result_ind) >= 0); vp->vp_bool = true; } @@ -2596,13 +2596,13 @@ RESUME(recv_sim_challenge_response) * notification, otherwise send a normal EAP-Success. */ if (eap_aka_sim_session->send_result_ind) { - if (!fr_pair_find_by_da_idx(&request->request_pairs, attr_eap_aka_sim_result_ind, 0)) { + if (!fr_pair_find_by_da(&request->request_pairs, NULL, attr_eap_aka_sim_result_ind)) { RDEBUG("We wanted to use protected result indications, but peer does not"); eap_aka_sim_session->send_result_ind = false; } else { return STATE_TRANSITION(common_success_notification); } - } else if (fr_pair_find_by_da_idx(&request->request_pairs, attr_eap_aka_sim_result_ind, 0)) { + } else if (fr_pair_find_by_da(&request->request_pairs, NULL, attr_eap_aka_sim_result_ind)) { RDEBUG("Peer wanted to use protected result indications, but we do not"); } @@ -2623,7 +2623,7 @@ STATE(sim_challenge) eap_aka_sim_session_t *eap_aka_sim_session = talloc_get_type_abort(mctx->rctx, eap_aka_sim_session_t); fr_pair_t *subtype_vp = NULL; - subtype_vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_eap_aka_sim_subtype, 0); + subtype_vp = fr_pair_find_by_da(&request->request_pairs, NULL, attr_eap_aka_sim_subtype); if (!subtype_vp) { REDEBUG("Missing AT_SUBTYPE"); goto fail; @@ -2677,7 +2677,7 @@ RESUME(send_sim_challenge_request) * implement RFC 4187 correctly and use the * wrong identity as input the the PRF/KDF. */ - kdf_id = fr_pair_find_by_da_idx(&request->control_pairs, attr_eap_aka_sim_kdf_identity, 0); + kdf_id = fr_pair_find_by_da(&request->control_pairs, NULL, attr_eap_aka_sim_kdf_identity); if (kdf_id) { crypto_identity_set(request, eap_aka_sim_session, (uint8_t const *)kdf_id->vp_strvalue, kdf_id->vp_length); @@ -2705,7 +2705,7 @@ RESUME(send_sim_challenge_request) * * Use our default, but allow user override too. */ - vp = fr_pair_find_by_da_idx(&request->reply_pairs, attr_eap_aka_sim_result_ind, 0); + vp = fr_pair_find_by_da(&request->reply_pairs, NULL, attr_eap_aka_sim_result_ind); if (vp) eap_aka_sim_session->send_result_ind = vp->vp_bool; /* @@ -2762,7 +2762,7 @@ STATE_GUARD(sim_challenge) * Set the defaults for protected result indicator */ if (eap_aka_sim_session->send_result_ind && - !fr_pair_find_by_da_idx(&request->reply_pairs, attr_eap_aka_sim_result_ind, 0)) { + !fr_pair_find_by_da(&request->reply_pairs, NULL, attr_eap_aka_sim_result_ind)) { MEM(pair_append_reply(&vp, attr_eap_aka_sim_result_ind) >= 0); vp->vp_bool = true; } @@ -2858,7 +2858,7 @@ RESUME(recv_aka_identity_response) * If the identity looks like a fast re-auth id * run fast re-auth, otherwise do fullauth. */ - identity_type = fr_pair_find_by_da_idx(&request->request_pairs, attr_eap_aka_sim_identity_type, 0); + identity_type = fr_pair_find_by_da(&request->request_pairs, NULL, attr_eap_aka_sim_identity_type); if (identity_type) switch (identity_type->vp_uint32) { case FR_IDENTITY_TYPE_VALUE_FASTAUTH: return STATE_TRANSITION(common_reauthentication); @@ -2898,7 +2898,7 @@ STATE(aka_identity) eap_aka_sim_session_t *eap_aka_sim_session = talloc_get_type_abort(mctx->rctx, eap_aka_sim_session_t); fr_pair_t *subtype_vp = NULL; - subtype_vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_eap_aka_sim_subtype, 0); + subtype_vp = fr_pair_find_by_da(&request->request_pairs, NULL, attr_eap_aka_sim_subtype); if (!subtype_vp) { REDEBUG("Missing AT_SUBTYPE"); goto fail; @@ -2913,7 +2913,7 @@ STATE(aka_identity) fr_pair_t *id; fr_aka_sim_id_type_t type; - id = fr_pair_find_by_da_idx(&request->request_pairs, attr_eap_aka_sim_identity, 0); + id = fr_pair_find_by_da(&request->request_pairs, NULL, attr_eap_aka_sim_identity); if (!id) { /* * 9.2. EAP-Response/Identity @@ -3127,7 +3127,7 @@ RESUME(recv_sim_start_response) * If the identity looks like a fast re-auth id * run fast re-auth, otherwise do fullauth. */ - identity_type = fr_pair_find_by_da_idx(&request->request_pairs, attr_eap_aka_sim_identity_type, 0); + identity_type = fr_pair_find_by_da(&request->request_pairs, NULL, attr_eap_aka_sim_identity_type); if (identity_type) switch (identity_type->vp_uint32) { case FR_IDENTITY_TYPE_VALUE_FASTAUTH: /* @@ -3137,7 +3137,7 @@ RESUME(recv_sim_start_response) * with a fast re-authentication identity is present for fast * re-authentication */ - if (fr_pair_find_by_da_idx(&request->request_pairs, attr_eap_aka_sim_nonce_mt, 0)) { + if (fr_pair_find_by_da(&request->request_pairs, NULL, attr_eap_aka_sim_nonce_mt)) { REDEBUG("AT_NONCE_MT is not allowed in EAP-Response/SIM-Reauthentication messages"); return STATE_TRANSITION(common_failure_notification); } @@ -3149,7 +3149,7 @@ RESUME(recv_sim_start_response) * AT_IDENTITY attribute with a fast re-authentication identity is * present for fast re-authentication. */ - if (fr_pair_find_by_da_idx(&request->request_pairs, attr_eap_aka_sim_selected_version, 0)) { + if (fr_pair_find_by_da(&request->request_pairs, NULL, attr_eap_aka_sim_selected_version)) { REDEBUG("AT_SELECTED_VERSION is not allowed in EAP-Response/SIM-Reauthentication messages"); return STATE_TRANSITION(common_failure_notification); } @@ -3205,7 +3205,7 @@ STATE(sim_start) eap_aka_sim_session_t *eap_aka_sim_session = talloc_get_type_abort(mctx->rctx, eap_aka_sim_session_t); fr_pair_t *subtype_vp = NULL; - subtype_vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_eap_aka_sim_subtype, 0); + subtype_vp = fr_pair_find_by_da(&request->request_pairs, NULL, attr_eap_aka_sim_subtype); if (!subtype_vp) { REDEBUG("Missing AT_SUBTYPE"); goto fail; @@ -3217,7 +3217,7 @@ STATE(sim_start) fr_pair_t *id; fr_aka_sim_id_type_t type; - id = fr_pair_find_by_da_idx(&request->request_pairs, attr_eap_aka_sim_identity, 0); + id = fr_pair_find_by_da(&request->request_pairs, NULL, attr_eap_aka_sim_identity); if (!id && (eap_aka_sim_session->id_req != AKA_SIM_NO_ID_REQ)) { /* * RFC 4186 Section #9.2 @@ -3351,7 +3351,7 @@ RESUME(send_sim_start) * If the user provided no versions, then * just add the default (1). */ - if (!(fr_pair_find_by_da_idx(&request->reply_pairs, attr_eap_aka_sim_version_list, 0))) { + if (!(fr_pair_find_by_da(&request->reply_pairs, NULL, attr_eap_aka_sim_version_list))) { MEM(pair_append_reply(&vp, attr_eap_aka_sim_version_list) >= 0); vp->vp_uint16 = EAP_SIM_VERSION; } @@ -3471,10 +3471,10 @@ RESUME(recv_common_identity_response) * This must be done before we enter * the submodule. */ - eap_type = fr_pair_find_by_da_idx(&request->control_pairs, attr_eap_type, 0); + eap_type = fr_pair_find_by_da(&request->control_pairs, NULL, attr_eap_type); if (eap_type) RWDEBUG("Ignoring &control.EAP-Type, this must be set *before* the EAP module is called"); - method = fr_pair_find_by_da_idx(&request->request_pairs, attr_eap_aka_sim_method_hint, 0); + method = fr_pair_find_by_da(&request->request_pairs, NULL, attr_eap_aka_sim_method_hint); /* * Set default configuration, we may allow these @@ -3597,7 +3597,7 @@ RESUME(recv_common_identity_response) * If the identity looks like a fast re-auth id * run fast re-auth, otherwise do a fullauth. */ - identity_type = fr_pair_find_by_da_idx(&request->request_pairs, attr_eap_aka_sim_identity_type, 0); + identity_type = fr_pair_find_by_da(&request->request_pairs, NULL, attr_eap_aka_sim_identity_type); if (identity_type) switch (identity_type->vp_uint32) { case FR_IDENTITY_TYPE_VALUE_FASTAUTH: return STATE_TRANSITION(common_reauthentication); diff --git a/src/lib/eap_aka_sim/vector.c b/src/lib/eap_aka_sim/vector.c index a5f51d2a612..307a72a5754 100644 --- a/src/lib/eap_aka_sim/vector.c +++ b/src/lib/eap_aka_sim/vector.c @@ -46,7 +46,7 @@ static int vector_opc_from_op(request_t *request, uint8_t const **out, uint8_t o fr_pair_t *opc_vp; fr_pair_t *op_vp; - opc_vp = fr_pair_find_by_da_idx(list, attr_sim_opc, 0); + opc_vp = fr_pair_find_by_da(list, NULL, attr_sim_opc); if (opc_vp) { if (opc_vp->vp_length != MILENAGE_OPC_SIZE) { REDEBUG("&control.%s has incorrect length, expected %u bytes got %zu bytes", @@ -57,7 +57,7 @@ static int vector_opc_from_op(request_t *request, uint8_t const **out, uint8_t o return 0; } - op_vp = fr_pair_find_by_da_idx(list, attr_sim_op, 0); + op_vp = fr_pair_find_by_da(list, NULL, attr_sim_op); if (op_vp) { if (op_vp->vp_length != MILENAGE_OP_SIZE) { REDEBUG("&control.%s has incorrect length, expected %u bytes got %zu bytes", @@ -87,7 +87,7 @@ static int vector_gsm_from_ki(request_t *request, fr_pair_list_t *vps, int idx, /* * Generate a new RAND value, and derive Kc and SRES from Ki */ - ki_vp = fr_pair_find_by_da_idx(vps, attr_sim_ki, 0); + ki_vp = fr_pair_find_by_da(vps, NULL, attr_sim_ki); if (!ki_vp) { RDEBUG3("No &control.%sfound, not generating triplets locally", attr_sim_ki->name); return 1; @@ -101,7 +101,7 @@ static int vector_gsm_from_ki(request_t *request, fr_pair_list_t *vps, int idx, * Check to see if we have a Ki for the IMSI, this allows us to generate the rest * of the triplets. */ - version_vp = fr_pair_find_by_da_idx(vps, attr_sim_algo_version, 0); + version_vp = fr_pair_find_by_da(vps, NULL, attr_sim_algo_version); if (!version_vp) { if (vector_opc_from_op(request, &opc_p, opc_buff, vps, ki_vp->vp_octets) < 0) return -1; version = opc_p ? FR_SIM_ALGO_VERSION_VALUE_COMP128_4 : FR_SIM_ALGO_VERSION_VALUE_COMP128_3; @@ -404,7 +404,7 @@ static int vector_umts_from_ki(request_t *request, fr_pair_list_t *vps, fr_aka_s /* * Select the algorithm (default to Milenage) */ - version_vp = fr_pair_find_by_da_idx(vps, attr_sim_algo_version, 0); + version_vp = fr_pair_find_by_da(vps, NULL, attr_sim_algo_version); if (version_vp) version = version_vp->vp_uint32; /* @@ -439,7 +439,7 @@ static int vector_umts_from_ki(request_t *request, fr_pair_list_t *vps, fr_aka_s /* * Find the Ki VP and check its length */ - ki_vp = fr_pair_find_by_da_idx(vps, attr_sim_ki, 0); + ki_vp = fr_pair_find_by_da(vps, NULL, attr_sim_ki); if (!ki_vp) { RDEBUG3("No &control.%s found, not generating quintuplets locally", attr_sim_ki->name); return 1; @@ -452,13 +452,13 @@ static int vector_umts_from_ki(request_t *request, fr_pair_list_t *vps, fr_aka_s /* * Find the Sequence Number VP or default to SQN = 2 */ - sqn_vp = fr_pair_find_by_da_idx(vps, attr_sim_sqn, 0); + sqn_vp = fr_pair_find_by_da(vps, NULL, attr_sim_sqn); keys->sqn = sqn_vp ? sqn_vp->vp_uint64 : 2; /* 2 is the lowest valid SQN on our side */ /* * Check if we have an AMF value */ - amf_vp = fr_pair_find_by_da_idx(vps, attr_sim_amf, 0); + amf_vp = fr_pair_find_by_da(vps, NULL, attr_sim_amf); if (amf_vp) { if (amf_vp->vp_length != amf_size) { REDEBUG("&control.%s has incorrect length, expected %zu bytes got %zu bytes", @@ -598,7 +598,7 @@ static int vector_umts_from_quintuplets(request_t *request, fr_pair_list_t *vps, /* * Fetch AUTN */ - autn_vp = fr_pair_find_by_da_idx(vps, attr_eap_aka_sim_autn, 0); + autn_vp = fr_pair_find_by_da(vps, NULL, attr_eap_aka_sim_autn); if (!autn_vp) { RDEBUG3("No &control.%s attribute found, not using UMTS quintuplets", attr_eap_aka_sim_autn->name); return 1; @@ -614,7 +614,7 @@ static int vector_umts_from_quintuplets(request_t *request, fr_pair_list_t *vps, /* * Fetch CK */ - ck_vp = fr_pair_find_by_da_idx(vps, attr_eap_aka_sim_ck, 0); + ck_vp = fr_pair_find_by_da(vps, NULL, attr_eap_aka_sim_ck); if (!ck_vp) { RDEBUG3("No &control.%s attribute found, not using UMTS quintuplets", attr_eap_aka_sim_ck->name); return 1; @@ -630,7 +630,7 @@ static int vector_umts_from_quintuplets(request_t *request, fr_pair_list_t *vps, /* * Fetch IK */ - ik_vp = fr_pair_find_by_da_idx(vps, attr_eap_aka_sim_ik, 0); + ik_vp = fr_pair_find_by_da(vps, NULL, attr_eap_aka_sim_ik); if (!ik_vp) { RDEBUG3("No &control.%s attribute found, not using UMTS quintuplets", attr_eap_aka_sim_ik->name); return 1; @@ -646,7 +646,7 @@ static int vector_umts_from_quintuplets(request_t *request, fr_pair_list_t *vps, /* * Fetch RAND */ - rand_vp = fr_pair_find_by_da_idx(vps, attr_eap_aka_sim_rand, 0); + rand_vp = fr_pair_find_by_da(vps, NULL, attr_eap_aka_sim_rand); if (!rand_vp) { RDEBUG3("No &control.%s attribute found, not using quintuplet derivation", attr_eap_aka_sim_rand->name); return 1; @@ -661,7 +661,7 @@ static int vector_umts_from_quintuplets(request_t *request, fr_pair_list_t *vps, /* * Fetch XRES */ - xres_vp = fr_pair_find_by_da_idx(vps, attr_eap_aka_sim_xres, 0); + xres_vp = fr_pair_find_by_da(vps, NULL, attr_eap_aka_sim_xres); if (!xres_vp) { RDEBUG3("No &control.%s attribute found, not using UMTS quintuplets", attr_eap_aka_sim_xres->name); return 1; @@ -677,7 +677,7 @@ static int vector_umts_from_quintuplets(request_t *request, fr_pair_list_t *vps, /* * Fetch (optional) AK */ - ak_vp = fr_pair_find_by_da_idx(vps, attr_eap_aka_sim_ak, 0); + ak_vp = fr_pair_find_by_da(vps, NULL, attr_eap_aka_sim_ak); if (ak_vp && (ak_vp->vp_length != MILENAGE_AK_SIZE)) { REDEBUG("&control.%s incorrect length. Expected " STRINGIFY(MILENAGE_AK_SIZE) " bytes, got %zu bytes", @@ -688,7 +688,7 @@ static int vector_umts_from_quintuplets(request_t *request, fr_pair_list_t *vps, /* * Fetch (optional) SQN */ - sqn_vp = fr_pair_find_by_da_idx(vps, attr_sim_sqn, 0); + sqn_vp = fr_pair_find_by_da(vps, NULL, attr_sim_sqn); if (sqn_vp && (sqn_vp->vp_length != MILENAGE_SQN_SIZE)) { REDEBUG("&control.%s incorrect length. Expected " STRINGIFY(MILENAGE_AK_SIZE) " bytes, got %zu bytes", @@ -830,7 +830,7 @@ int fr_aka_sim_vector_gsm_umts_kdf_0_reauth_from_attrs(request_t *request, fr_pa * This is the *old* counter value increment * by 1 to get the *new* counter value */ - counter_vp = fr_pair_find_by_da_idx(vps, attr_eap_aka_sim_counter, 0); + counter_vp = fr_pair_find_by_da(vps, NULL, attr_eap_aka_sim_counter); if (!counter_vp) { RDEBUG2("No &session-state.%s attribute found, can't calculate re-auth keys", attr_eap_aka_sim_counter->name); @@ -838,8 +838,8 @@ int fr_aka_sim_vector_gsm_umts_kdf_0_reauth_from_attrs(request_t *request, fr_pa } counter_vp->vp_uint16++; - mk_vp = fr_pair_find_by_da_idx(vps, attr_session_data, 0); - if (!mk_vp) mk_vp = fr_pair_find_by_da_idx(vps, attr_eap_aka_sim_mk, 0); + mk_vp = fr_pair_find_by_da(vps, NULL, attr_session_data); + if (!mk_vp) mk_vp = fr_pair_find_by_da(vps, NULL, attr_eap_aka_sim_mk); if (!mk_vp) { RDEBUG2("Neither &session-state.%s or &session-state.%s attributes found, " "can't calculate re-auth keys", attr_session_data->name, attr_eap_aka_sim_mk->name); @@ -879,7 +879,7 @@ int fr_aka_sim_vector_umts_kdf_1_reauth_from_attrs(request_t *request, fr_pair_l * This is the *old* counter value increment * by 1 to get the *new* counter value */ - counter_vp = fr_pair_find_by_da_idx(vps, attr_eap_aka_sim_counter, 0); + counter_vp = fr_pair_find_by_da(vps, NULL, attr_eap_aka_sim_counter); if (!counter_vp) { RDEBUG2("No &session-state.%s attribute found, can't calculate re-auth keys", attr_eap_aka_sim_counter->name); @@ -887,8 +887,8 @@ int fr_aka_sim_vector_umts_kdf_1_reauth_from_attrs(request_t *request, fr_pair_l } counter_vp->vp_uint16++; - mk_vp = fr_pair_find_by_da_idx(vps, attr_session_data, 0); - if (!mk_vp) mk_vp = fr_pair_find_by_da_idx(vps, attr_eap_aka_sim_mk, 0); + mk_vp = fr_pair_find_by_da(vps, NULL, attr_session_data); + if (!mk_vp) mk_vp = fr_pair_find_by_da(vps, NULL, attr_eap_aka_sim_mk); if (!mk_vp) { RDEBUG2("Neither &session-state.%s or &session-sate:%s attributes found, " "can't calculate re-auth keys", attr_session_data->name, attr_eap_aka_sim_mk->name); diff --git a/src/lib/eap_aka_sim/xlat.c b/src/lib/eap_aka_sim/xlat.c index b7920403b9b..5f92c43dbc9 100644 --- a/src/lib/eap_aka_sim/xlat.c +++ b/src/lib/eap_aka_sim/xlat.c @@ -263,7 +263,7 @@ static xlat_action_t aka_sim_3gpp_temporary_id_decrypt_xlat(TALLOC_CTX *ctx, fr_ /* * Figure out what tag we should add to the permanent id */ - eap_type = fr_pair_find_by_da_idx(&request->request_pairs, attr_eap_type, 0); + eap_type = fr_pair_find_by_da(&request->request_pairs, NULL, attr_eap_type); if (eap_type) { if (eap_type->vp_uint32 == enum_eap_type_sim->vb_uint32) { out_tag = ID_TAG_SIM_PERMANENT; @@ -449,7 +449,7 @@ static xlat_action_t aka_sim_3gpp_temporary_id_encrypt_xlat(TALLOC_CTX *ctx, fr_ } else if ((id_len >= AKA_SIM_IMSI_MIN_LEN) && (id_len <= AKA_SIM_IMSI_MAX_LEN)) { fr_pair_t *eap_type; - eap_type = fr_pair_find_by_da_idx(&request->request_pairs, attr_eap_type, 0); + eap_type = fr_pair_find_by_da(&request->request_pairs, NULL, attr_eap_type); if (!eap_type) { REDEBUG("ID does not contain method hint, and no &request.EAP-Type found. " "Don't know what tag to prepend to encrypted identity"); diff --git a/src/lib/server/pair_server_tests.c b/src/lib/server/pair_server_tests.c index 6e512909f9a..29652394b2c 100644 --- a/src/lib/server/pair_server_tests.c +++ b/src/lib/server/pair_server_tests.c @@ -210,7 +210,7 @@ static void test_pair_update_request(void) vp->vp_uint32 = 112233; TEST_CASE("Expected fr_dict_attr_test_uint32 (vp->vp_uint32 == 112233)"); - TEST_CHECK((vp = fr_pair_find_by_da_idx(&request->request_pairs, fr_dict_attr_test_uint32, 0)) != NULL); + TEST_CHECK((vp = fr_pair_find_by_da(&request->request_pairs, NULL, fr_dict_attr_test_uint32)) != NULL); TEST_CASE("Validating PAIR_VERIFY()"); PAIR_VERIFY(vp); @@ -239,7 +239,7 @@ static void test_pair_update_reply(void) vp->vp_uint32 = 3333; TEST_CASE("Expected fr_dict_attr_test_uint32 (vp->vp_uint32 == 3333)"); - TEST_CHECK((vp = fr_pair_find_by_da_idx(&request->reply_pairs, fr_dict_attr_test_uint32, 0)) != NULL); + TEST_CHECK((vp = fr_pair_find_by_da(&request->reply_pairs, NULL, fr_dict_attr_test_uint32)) != NULL); TEST_CASE("Validating PAIR_VERIFY()"); PAIR_VERIFY(vp); @@ -264,7 +264,7 @@ static void test_pair_update_control(void) vp->vp_uint32 = 44444; TEST_CASE("Expected fr_dict_attr_test_uint32 (vp->vp_uint32 == 44444)"); - TEST_CHECK((vp = fr_pair_find_by_da_idx(&request->control_pairs, fr_dict_attr_test_uint32, 0)) != NULL); + TEST_CHECK((vp = fr_pair_find_by_da(&request->control_pairs, NULL, fr_dict_attr_test_uint32)) != NULL); TEST_CASE("Validating PAIR_VERIFY()"); PAIR_VERIFY(vp); @@ -289,7 +289,7 @@ static void test_pair_update_session_state(void) vp->vp_uint32 = 7890; TEST_CASE("Expected fr_dict_attr_test_uint32 (vp->vp_uint32 == 7890)"); - TEST_CHECK((vp = fr_pair_find_by_da_idx(&request->session_state_pairs, fr_dict_attr_test_uint32, 0)) != NULL); + TEST_CHECK((vp = fr_pair_find_by_da(&request->session_state_pairs, NULL, fr_dict_attr_test_uint32)) != NULL); TEST_CASE("Validating PAIR_VERIFY()"); PAIR_VERIFY(vp); @@ -310,7 +310,7 @@ static void test_pair_delete_request(void) TEST_CHECK(pair_delete_request(fr_dict_attr_test_uint32) > 0); TEST_CASE("The 'Test-Integer' shouldn't exist in 'request->request_pairs'"); - TEST_CHECK(fr_pair_find_by_da_idx(&request->request_pairs, fr_dict_attr_test_uint32, 0) == NULL); + TEST_CHECK(fr_pair_find_by_da(&request->request_pairs, NULL, fr_dict_attr_test_uint32) == NULL); TEST_CHECK_RET(talloc_free(request), 0); } @@ -326,7 +326,7 @@ static void test_pair_delete_reply(void) TEST_CHECK(pair_delete_reply(fr_dict_attr_test_uint32) > 0); TEST_CASE("The 'Test-Integer' shouldn't exist in 'request->reply_pairs'"); - TEST_CHECK(fr_pair_find_by_da_idx(&request->reply_pairs, fr_dict_attr_test_uint32, 0) == NULL); + TEST_CHECK(fr_pair_find_by_da(&request->reply_pairs, NULL, fr_dict_attr_test_uint32) == NULL); TEST_CHECK_RET(talloc_free(request), 0); } @@ -342,7 +342,7 @@ static void test_pair_delete_control(void) TEST_CHECK(pair_delete_control(fr_dict_attr_test_uint32) > 0); TEST_CASE("The 'Test-Integer' shouldn't exist in 'request->control_pairs'"); - TEST_CHECK(fr_pair_find_by_da_idx(&request->control_pairs, fr_dict_attr_test_uint32, 0) == NULL); + TEST_CHECK(fr_pair_find_by_da(&request->control_pairs, NULL, fr_dict_attr_test_uint32) == NULL); TEST_CHECK_RET(talloc_free(request), 0); } @@ -358,7 +358,7 @@ static void test_pair_delete_session_state(void) TEST_CHECK(pair_delete_session_state(fr_dict_attr_test_uint32) > 0); TEST_CASE("The 'Test-Integer' shouldn't exist in 'request->state'"); - TEST_CHECK(fr_pair_find_by_da_idx(&request->session_state_pairs, fr_dict_attr_test_uint32, 0) == NULL); + TEST_CHECK(fr_pair_find_by_da(&request->session_state_pairs, NULL, fr_dict_attr_test_uint32) == NULL); TEST_CHECK_RET(talloc_free(request), 0); } diff --git a/src/lib/server/paircmp.c b/src/lib/server/paircmp.c index d0654af5d6c..35905499bd1 100644 --- a/src/lib/server/paircmp.c +++ b/src/lib/server/paircmp.c @@ -548,7 +548,7 @@ int paircmp(request_t *request, WARN("Are you sure you don't mean Password.Cleartext?"); WARN("See \"man rlm_pap\" for more information"); } - if (fr_pair_find_by_da_idx(request_list, attr_user_password, 0) == NULL) continue; + if (fr_pair_find_by_da(request_list, NULL, attr_user_password) == NULL) continue; } /* diff --git a/src/lib/server/state.c b/src/lib/server/state.c index e05fbcd0cd0..82a497bc54b 100644 --- a/src/lib/server/state.c +++ b/src/lib/server/state.c @@ -457,7 +457,7 @@ static fr_state_entry_t *state_entry_create(fr_state_tree_t *state, request_t *r * int the reply, we use that in preference to the * old state. */ - vp = fr_pair_find_by_da_idx(reply_list, state->da, 0); + vp = fr_pair_find_by_da(reply_list, NULL, state->da); if (vp) { if (DEBUG_ENABLED && (vp->vp_length > sizeof(entry->state))) { WARN("State too long, will be truncated. Expected <= %zd bytes, got %zu bytes", @@ -606,7 +606,7 @@ void fr_state_discard(fr_state_tree_t *state, request_t *request) fr_state_entry_t *entry; fr_pair_t *vp; - vp = fr_pair_find_by_da_idx(&request->request_pairs, state->da, 0); + vp = fr_pair_find_by_da(&request->request_pairs, NULL, state->da); if (!vp) return; PTHREAD_MUTEX_LOCK(&state->mutex); @@ -666,7 +666,7 @@ int fr_state_to_request(fr_state_tree_t *state, request_t *request) /* * No State, don't do anything. */ - vp = fr_pair_find_by_da_idx(&request->request_pairs, state->da, 0); + vp = fr_pair_find_by_da(&request->request_pairs, NULL, state->da); if (!vp) { RDEBUG3("No &request.%s attribute, can't restore &session-state", state->da->name); if (request->seq_start == 0) request->seq_start = request->number; /* Need check for fake requests */ diff --git a/src/lib/server/trigger.c b/src/lib/server/trigger.c index c8f5fcee1b1..50a70970eea 100644 --- a/src/lib/server/trigger.c +++ b/src/lib/server/trigger.c @@ -89,7 +89,7 @@ xlat_action_t trigger_xlat(TALLOC_CTX *ctx, fr_dcursor_t *out, return XLAT_ACTION_FAIL; } - vp = fr_pair_find_by_da_idx(head, da, 0); + vp = fr_pair_find_by_da(head, NULL, da); if (!vp) { ERROR("Attribute \"%pV\" is not valid for this trigger", in_head); return XLAT_ACTION_FAIL; diff --git a/src/lib/tls/cache.c b/src/lib/tls/cache.c index c98a29b96e4..50f7aac9b5b 100644 --- a/src/lib/tls/cache.c +++ b/src/lib/tls/cache.c @@ -348,7 +348,7 @@ static unlang_action_t tls_cache_load_result(UNUSED rlm_rcode_t *p_result, UNUSE uint8_t const *q, **p; SSL_SESSION *sess; - vp = fr_pair_find_by_da_idx(&request->reply_pairs, attr_tls_packet_type, 0); + vp = fr_pair_find_by_da(&request->reply_pairs, NULL, attr_tls_packet_type); if (!vp || (vp->vp_uint32 != enum_tls_packet_type_success->vb_uint32)) { RWDEBUG("Failed acquiring session data"); error: @@ -356,7 +356,7 @@ static unlang_action_t tls_cache_load_result(UNUSED rlm_rcode_t *p_result, UNUSE return UNLANG_ACTION_CALCULATE_RESULT; } - vp = fr_pair_find_by_da_idx(&request->reply_pairs, attr_tls_session_data, 0); + vp = fr_pair_find_by_da(&request->reply_pairs, NULL, attr_tls_session_data); if (!vp) { RWDEBUG("No cached session found"); goto error; @@ -458,7 +458,7 @@ static unlang_action_t tls_cache_store_result(UNUSED rlm_rcode_t *p_result, UNUS tls_cache_store_state_reset(request, tls_cache); - vp = fr_pair_find_by_da_idx(&request->reply_pairs, attr_tls_packet_type, 0); + vp = fr_pair_find_by_da(&request->reply_pairs, NULL, attr_tls_packet_type); if (vp && (vp->vp_uint32 == enum_tls_packet_type_success->vb_uint32)) { tls_cache->store.state = FR_TLS_CACHE_STORE_PERSISTED; /* Avoid spurious clear calls */ } else { @@ -590,7 +590,7 @@ static unlang_action_t tls_cache_clear_result(UNUSED rlm_rcode_t *p_result, UNUS tls_cache_clear_state_reset(request, tls_cache); - vp = fr_pair_find_by_da_idx(&request->reply_pairs, attr_tls_packet_type, 0); + vp = fr_pair_find_by_da(&request->reply_pairs, NULL, attr_tls_packet_type); if (vp && ((vp->vp_uint32 == enum_tls_packet_type_success->vb_uint32) || (vp->vp_uint32 == enum_tls_packet_type_notfound->vb_uint32))) { @@ -1025,7 +1025,7 @@ int fr_tls_cache_disable_cb(SSL *ssl, int is_forward_secure) goto disable; } - vp = fr_pair_find_by_da_idx(&request->control_pairs, attr_allow_session_resumption, 0); + vp = fr_pair_find_by_da(&request->control_pairs, NULL, attr_allow_session_resumption); if (vp && (vp->vp_uint32 == 0)) { RDEBUG2("&control.Allow-Session-Resumption == no, denying session resumption"); disable: diff --git a/src/lib/tls/session.c b/src/lib/tls/session.c index 3725fbf3db6..29b1e2a2273 100644 --- a/src/lib/tls/session.c +++ b/src/lib/tls/session.c @@ -1797,7 +1797,7 @@ fr_tls_session_t *fr_tls_session_alloc_server(TALLOC_CTX *ctx, SSL_CTX *ssl_ctx, /* * Add the session certificate to the session. */ - vp = fr_pair_find_by_da_idx(&request->control_pairs, attr_tls_session_cert_file, 0); + vp = fr_pair_find_by_da(&request->control_pairs, NULL, attr_tls_session_cert_file); if (vp) { RDEBUG2("Loading TLS session certificate \"%pV\"", &vp->data); @@ -1839,7 +1839,7 @@ fr_tls_session_t *fr_tls_session_alloc_server(TALLOC_CTX *ctx, SSL_CTX *ssl_ctx, * This is mainly used for testing in environments where we can't * get test credentials for the host. */ - vp = fr_pair_find_by_da_idx(&request->control_pairs, attr_tls_session_require_client_cert, 0); + vp = fr_pair_find_by_da(&request->control_pairs, NULL, attr_tls_session_require_client_cert); if (vp) client_cert = vp->vp_bool; /* @@ -1878,7 +1878,7 @@ fr_tls_session_t *fr_tls_session_alloc_server(TALLOC_CTX *ctx, SSL_CTX *ssl_ctx, * just too much. */ tls_session->mtu = conf->fragment_size; - vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_framed_mtu, 0); + vp = fr_pair_find_by_da(&request->request_pairs, NULL, attr_framed_mtu); if (vp && (vp->vp_uint32 > 100) && (vp->vp_uint32 < tls_session->mtu)) { RDEBUG2("Setting fragment_len to %u from &Framed-MTU", vp->vp_uint32); tls_session->mtu = vp->vp_uint32; diff --git a/src/lib/tls/verify.c b/src/lib/tls/verify.c index 2cff603c924..fa48954e104 100644 --- a/src/lib/tls/verify.c +++ b/src/lib/tls/verify.c @@ -419,7 +419,7 @@ static unlang_action_t tls_verify_client_cert_result(UNUSED rlm_rcode_t *p_resul fr_assert(tls_session->validate.state == FR_TLS_VALIDATION_REQUESTED); - vp = fr_pair_find_by_da_idx(&request->reply_pairs, attr_tls_packet_type, 0); + vp = fr_pair_find_by_da(&request->reply_pairs, NULL, attr_tls_packet_type); if (!vp || (vp->vp_uint32 != enum_tls_packet_type_success->vb_uint32)) { REDEBUG("Failed (re-)validating certificates"); tls_session->validate.state = FR_TLS_VALIDATION_FAILED; diff --git a/src/lib/unlang/call.c b/src/lib/unlang/call.c index 6bd86da28d6..e685b4ec51c 100644 --- a/src/lib/unlang/call.c +++ b/src/lib/unlang/call.c @@ -94,7 +94,7 @@ static unlang_action_t unlang_call_frame_init(rlm_rcode_t *p_result, request_t * */ type_enum = fr_dict_enum_by_value(gext->attr_packet_type, fr_box_uint32(request->packet->code)); if (!type_enum) { - packet_type_vp = fr_pair_find_by_da_idx(&request->request_pairs, gext->attr_packet_type, 0); + packet_type_vp = fr_pair_find_by_da(&request->request_pairs, NULL, gext->attr_packet_type); if (!packet_type_vp) { bad_packet_type: REDEBUG("No such value '%d' of attribute 'Packet-Type' for server %s", diff --git a/src/lib/unlang/subrequest_child.c b/src/lib/unlang/subrequest_child.c index f1f26c85b03..2b0ca4524c7 100644 --- a/src/lib/unlang/subrequest_child.c +++ b/src/lib/unlang/subrequest_child.c @@ -85,7 +85,7 @@ int unlang_subrequest_lifetime_set(request_t *request) /* * Set Request Lifetime */ - vp = fr_pair_find_by_da_idx(&request->control_pairs, request_attr_request_lifetime, 0); + vp = fr_pair_find_by_da(&request->control_pairs, NULL, request_attr_request_lifetime); if (!vp || (vp->vp_uint32 > 0)) { fr_time_delta_t when = fr_time_delta_wrap(0); const fr_event_timer_t **ev_p; diff --git a/src/lib/util/pair_legacy.c b/src/lib/util/pair_legacy.c index 5ed93212ff4..e6417b73034 100644 --- a/src/lib/util/pair_legacy.c +++ b/src/lib/util/pair_legacy.c @@ -541,7 +541,7 @@ void fr_pair_list_move_op(fr_pair_list_t *to, fr_pair_list_t *from, fr_token_t o * it doesn't already exist. */ case T_OP_EQ: - found = fr_pair_find_by_da_idx(to, i->da, 0); + found = fr_pair_find_by_da(to, NULL, i->da); if (!found) goto do_add; i = fr_pair_list_next(from, i); @@ -552,7 +552,7 @@ void fr_pair_list_move_op(fr_pair_list_t *to, fr_pair_list_t *from, fr_token_t o * of the same vendor/attr which already exists. */ case T_OP_SET: - found = fr_pair_find_by_da_idx(to, i->da, 0); + found = fr_pair_find_by_da(to, NULL, i->da); if (!found) goto do_add; /* diff --git a/src/lib/util/pair_legacy_tests.c b/src/lib/util/pair_legacy_tests.c index d26060d5c16..8b15a2afa7a 100644 --- a/src/lib/util/pair_legacy_tests.c +++ b/src/lib/util/pair_legacy_tests.c @@ -92,7 +92,7 @@ static void test_fr_pair_list_afrom_str(void) TEST_CHECK(fr_pair_list_afrom_str(autofree, fr_dict_root(test_dict), buffer, strlen(buffer), &list) == T_EOL); TEST_CASE("Looking for Test-Uint32-0"); - TEST_CHECK((vp = fr_pair_find_by_da_idx(&list, fr_dict_attr_test_uint32, 0)) != NULL); + TEST_CHECK((vp = fr_pair_find_by_da(&list, NULL, fr_dict_attr_test_uint32)) != NULL); TEST_CASE("Validating PAIR_VERIFY()"); PAIR_VERIFY(vp); @@ -101,7 +101,7 @@ static void test_fr_pair_list_afrom_str(void) TEST_CHECK(vp && vp->vp_uint32 == 123); TEST_CASE("Looking for Test-String-0"); - TEST_CHECK((vp = fr_pair_find_by_da_idx(&list, fr_dict_attr_test_string, 0)) != NULL); + TEST_CHECK((vp = fr_pair_find_by_da(&list, NULL, fr_dict_attr_test_string)) != NULL); TEST_CASE("Validating PAIR_VERIFY()"); PAIR_VERIFY(vp); @@ -142,7 +142,7 @@ static void test_fr_pair_list_afrom_file(void) TEST_CHECK(fr_pair_list_afrom_file(autofree, test_dict, &list, fp, &pfiledone) == 0); TEST_CASE("Looking for Test-Uint32-0"); - TEST_CHECK((vp = fr_pair_find_by_da_idx(&list, fr_dict_attr_test_uint32, 0)) != NULL); + TEST_CHECK((vp = fr_pair_find_by_da(&list, NULL, fr_dict_attr_test_uint32)) != NULL); TEST_CASE("Validating PAIR_VERIFY()"); PAIR_VERIFY(vp); @@ -151,7 +151,7 @@ static void test_fr_pair_list_afrom_file(void) TEST_CHECK(vp && vp->vp_uint32 == 123); TEST_CASE("Looking for Test-String-0"); - TEST_CHECK((vp = fr_pair_find_by_da_idx(&list, fr_dict_attr_test_string, 0)) != NULL); + TEST_CHECK((vp = fr_pair_find_by_da(&list, NULL, fr_dict_attr_test_string)) != NULL); TEST_CASE("Validating PAIR_VERIFY()"); PAIR_VERIFY(vp); @@ -184,7 +184,7 @@ static void test_fr_pair_list_move_op(void) fr_pair_list_move_op(&new_list, &old_list, T_OP_ADD_EQ); TEST_CASE("Looking for Test-Uint32-0"); - TEST_CHECK((vp = fr_pair_find_by_da_idx(&new_list, fr_dict_attr_test_uint32, 0)) != NULL); + TEST_CHECK((vp = fr_pair_find_by_da(&new_list, NULL, fr_dict_attr_test_uint32)) != NULL); TEST_CASE("Validating PAIR_VERIFY()"); PAIR_VERIFY(vp); @@ -195,7 +195,7 @@ static void test_fr_pair_list_move_op(void) TEST_CHECK(vp && vp->vp_uint32 == 123); TEST_CASE("Looking for Test-String-0"); - TEST_CHECK((vp = fr_pair_find_by_da_idx(&new_list, fr_dict_attr_test_string, 0)) != NULL); + TEST_CHECK((vp = fr_pair_find_by_da(&new_list, NULL, fr_dict_attr_test_string)) != NULL); TEST_CASE("Validating PAIR_VERIFY()"); PAIR_VERIFY(vp); diff --git a/src/lib/util/pair_list_perf_test.c b/src/lib/util/pair_list_perf_test.c index 5ad4ef351b1..35045d730b6 100644 --- a/src/lib/util/pair_list_perf_test.c +++ b/src/lib/util/pair_list_perf_test.c @@ -377,7 +377,7 @@ static void do_test_fr_pair_find_by_da_idx(unsigned int len, unsigned int perc, int idx = fr_fast_rand(&rand_ctx) % input_count; da = source_vps[idx]->da; start = fr_time(); - (void) fr_pair_find_by_da_idx(&test_vps, da, 0); + (void) fr_pair_find_by_da(&test_vps, NULL, da); end = fr_time(); used = fr_time_delta_add(used, fr_time_sub(end, start)); } diff --git a/src/lib/util/pair_tests.c b/src/lib/util/pair_tests.c index a2f25939ed9..c2ae1fa50c9 100644 --- a/src/lib/util/pair_tests.c +++ b/src/lib/util/pair_tests.c @@ -235,7 +235,7 @@ static void test_fr_pair_find_by_da_idx(void) fr_pair_t *vp; TEST_CASE("Search for fr_dict_attr_test_tlv_string using fr_pair_find_by_da_idx()"); - TEST_CHECK((vp = fr_pair_find_by_da_idx(&test_pairs, fr_dict_attr_test_tlv_string, 0)) != NULL); + TEST_CHECK((vp = fr_pair_find_by_da(&test_pairs, NULL, fr_dict_attr_test_tlv_string)) != NULL); TEST_CASE("Validating PAIR_VERIFY()"); PAIR_VERIFY(vp); @@ -331,7 +331,7 @@ static void test_fr_pair_update_by_da(void) vp->vp_uint32 = 54321; TEST_CASE("Expected fr_dict_attr_test_uint32 (vp->vp_uint32 == 54321)"); - TEST_CHECK((vp = fr_pair_find_by_da_idx(&test_pairs, fr_dict_attr_test_uint32, 0)) != NULL); + TEST_CHECK((vp = fr_pair_find_by_da(&test_pairs, NULL, fr_dict_attr_test_uint32)) != NULL); TEST_CASE("Validating PAIR_VERIFY()"); PAIR_VERIFY(vp); @@ -346,7 +346,7 @@ static void test_fr_pair_delete_by_da(void) TEST_CHECK(fr_pair_delete_by_da(&test_pairs, fr_dict_attr_test_string) == 1); TEST_CASE("The fr_dict_attr_test_string shouldn't exist in 'test_pairs'"); - TEST_CHECK(fr_pair_find_by_da_idx(&test_pairs, fr_dict_attr_test_string, 0) == NULL); + TEST_CHECK(fr_pair_find_by_da(&test_pairs, NULL, fr_dict_attr_test_string) == NULL); TEST_CASE("Add fr_dict_attr_test_string back into 'test_pairs'"); TEST_CHECK(fr_pair_prepend_by_da(autofree, NULL, &test_pairs, fr_dict_attr_test_string) == 0); @@ -544,7 +544,7 @@ static void test_fr_pair_value_copy(void) fr_pair_t *vp1, *vp2; TEST_CASE("Create 'vp1' with Test-Integer = 123"); - TEST_CHECK((vp1 = fr_pair_find_by_da_idx(&test_pairs, fr_dict_attr_test_uint32, 0)) != NULL); + TEST_CHECK((vp1 = fr_pair_find_by_da(&test_pairs, NULL, fr_dict_attr_test_uint32)) != NULL); vp1->vp_uint32 = 123; TEST_CASE("Validating PAIR_VERIFY()"); @@ -571,7 +571,7 @@ static void test_fr_pair_value_from_str(void) fr_pair_t *vp; TEST_CASE("Find 'Test-String'"); - TEST_CHECK((vp = fr_pair_find_by_da_idx(&test_pairs, fr_dict_attr_test_string, 0)) != NULL); + TEST_CHECK((vp = fr_pair_find_by_da(&test_pairs, NULL, fr_dict_attr_test_string)) != NULL); TEST_CASE("Validating PAIR_VERIFY()"); PAIR_VERIFY(vp); @@ -591,7 +591,7 @@ static void test_fr_pair_value_strdup(void) fr_pair_t *vp; TEST_CASE("Find 'Test-String'"); - TEST_CHECK((vp = fr_pair_find_by_da_idx(&test_pairs, fr_dict_attr_test_string, 0)) != NULL); + TEST_CHECK((vp = fr_pair_find_by_da(&test_pairs, NULL, fr_dict_attr_test_string)) != NULL); TEST_CASE("Validating PAIR_VERIFY()"); PAIR_VERIFY(vp); @@ -612,7 +612,7 @@ static void test_fr_pair_value_strdup_shallow(void) char *copy_test_string; TEST_CASE("Find 'Test-String'"); - TEST_CHECK((vp = fr_pair_find_by_da_idx(&test_pairs, fr_dict_attr_test_string, 0)) != NULL); + TEST_CHECK((vp = fr_pair_find_by_da(&test_pairs, NULL, fr_dict_attr_test_string)) != NULL); TEST_CASE("Validating PAIR_VERIFY()"); PAIR_VERIFY(vp); @@ -639,7 +639,7 @@ static void test_fr_pair_value_strtrim(void) fr_pair_t *vp; TEST_CASE("Find 'Test-String'"); - TEST_CHECK((vp = fr_pair_find_by_da_idx(&test_pairs, fr_dict_attr_test_string, 0)) != NULL); + TEST_CHECK((vp = fr_pair_find_by_da(&test_pairs, NULL, fr_dict_attr_test_string)) != NULL); TEST_CASE("Validating PAIR_VERIFY()"); PAIR_VERIFY(vp); @@ -666,7 +666,7 @@ static void test_fr_pair_value_aprintf(void) snprintf(fmt_test, sizeof(fmt_test), "Now is %"PRId64, fr_time_unwrap(now)); TEST_CASE("Find 'Test-String'"); - TEST_CHECK((vp = fr_pair_find_by_da_idx(&test_pairs, fr_dict_attr_test_string, 0)) != NULL); + TEST_CHECK((vp = fr_pair_find_by_da(&test_pairs, NULL, fr_dict_attr_test_string)) != NULL); TEST_CASE("Validating PAIR_VERIFY()"); PAIR_VERIFY(vp); @@ -687,7 +687,7 @@ static void test_fr_pair_value_bstr_alloc(void) char *out = NULL; TEST_CASE("Find 'Test-String'"); - TEST_CHECK((vp = fr_pair_find_by_da_idx(&test_pairs, fr_dict_attr_test_string, 0)) != NULL); + TEST_CHECK((vp = fr_pair_find_by_da(&test_pairs, NULL, fr_dict_attr_test_string)) != NULL); TEST_CASE("Validating PAIR_VERIFY()"); PAIR_VERIFY(vp); @@ -714,7 +714,7 @@ static void test_fr_pair_value_bstr_realloc(void) char *out = NULL; TEST_CASE("Find 'Test-String'"); - TEST_CHECK((vp = fr_pair_find_by_da_idx(&test_pairs, fr_dict_attr_test_string, 0)) != NULL); + TEST_CHECK((vp = fr_pair_find_by_da(&test_pairs, NULL, fr_dict_attr_test_string)) != NULL); TEST_CASE("Validating PAIR_VERIFY()"); PAIR_VERIFY(vp); @@ -743,7 +743,7 @@ static void test_fr_pair_value_bstrndup(void) fr_pair_t *vp; TEST_CASE("Find 'Test-String'"); - TEST_CHECK((vp = fr_pair_find_by_da_idx(&test_pairs, fr_dict_attr_test_string, 0)) != NULL); + TEST_CHECK((vp = fr_pair_find_by_da(&test_pairs, NULL, fr_dict_attr_test_string)) != NULL); TEST_CASE("Validating PAIR_VERIFY()"); PAIR_VERIFY(vp); @@ -761,7 +761,7 @@ static void test_fr_pair_value_bstrdup_buffer(void) char *copy_test_string; TEST_CASE("Find 'Test-String'"); - TEST_CHECK((vp = fr_pair_find_by_da_idx(&test_pairs, fr_dict_attr_test_string, 0)) != NULL); + TEST_CHECK((vp = fr_pair_find_by_da(&test_pairs, NULL, fr_dict_attr_test_string)) != NULL); TEST_CASE("Validating PAIR_VERIFY()"); PAIR_VERIFY(vp); @@ -784,7 +784,7 @@ static void test_fr_pair_value_bstrndup_shallow(void) char *copy_test_string; TEST_CASE("Find 'Test-String'"); - TEST_CHECK((vp = fr_pair_find_by_da_idx(&test_pairs, fr_dict_attr_test_string, 0)) != NULL); + TEST_CHECK((vp = fr_pair_find_by_da(&test_pairs, NULL, fr_dict_attr_test_string)) != NULL); TEST_CASE("Validating PAIR_VERIFY()"); PAIR_VERIFY(vp); @@ -807,7 +807,7 @@ static void test_fr_pair_value_bstrdup_buffer_shallow(void) char *copy_test_string; TEST_CASE("Find 'Test-String'"); - TEST_CHECK((vp = fr_pair_find_by_da_idx(&test_pairs, fr_dict_attr_test_string, 0)) != NULL); + TEST_CHECK((vp = fr_pair_find_by_da(&test_pairs, NULL, fr_dict_attr_test_string)) != NULL); TEST_CASE("Validating PAIR_VERIFY()"); PAIR_VERIFY(vp); @@ -830,7 +830,7 @@ static void test_fr_pair_value_bstrn_append(void) char *copy_test_string; TEST_CASE("Find 'Test-String'"); - TEST_CHECK((vp = fr_pair_find_by_da_idx(&test_pairs, fr_dict_attr_test_string, 0)) != NULL); + TEST_CHECK((vp = fr_pair_find_by_da(&test_pairs, NULL, fr_dict_attr_test_string)) != NULL); TEST_CASE("Validating PAIR_VERIFY()"); PAIR_VERIFY(vp); @@ -860,7 +860,7 @@ static void test_fr_pair_value_bstr_append_buffer(void) char *copy_test_string; TEST_CASE("Find 'Test-String'"); - TEST_CHECK((vp = fr_pair_find_by_da_idx(&test_pairs, fr_dict_attr_test_string, 0)) != NULL); + TEST_CHECK((vp = fr_pair_find_by_da(&test_pairs, NULL, fr_dict_attr_test_string)) != NULL); TEST_CASE("Validating PAIR_VERIFY()"); PAIR_VERIFY(vp); @@ -893,7 +893,7 @@ static void test_fr_pair_value_mem_alloc(void) uint8_t *out; TEST_CASE("Find 'Test-Octets'"); - TEST_CHECK((vp = fr_pair_find_by_da_idx(&test_pairs, fr_dict_attr_test_octets, 0)) != NULL); + TEST_CHECK((vp = fr_pair_find_by_da(&test_pairs, NULL, fr_dict_attr_test_octets)) != NULL); TEST_CASE("Validating PAIR_VERIFY()"); PAIR_VERIFY(vp); @@ -917,7 +917,7 @@ static void test_fr_pair_value_mem_realloc(void) uint8_t *out; TEST_CASE("Find 'Test-Octets'"); - TEST_CHECK((vp = fr_pair_find_by_da_idx(&test_pairs, fr_dict_attr_test_octets, 0)) != NULL); + TEST_CHECK((vp = fr_pair_find_by_da(&test_pairs, NULL, fr_dict_attr_test_octets)) != NULL); TEST_CASE("Validating PAIR_VERIFY()"); PAIR_VERIFY(vp); @@ -954,7 +954,7 @@ static void test_fr_pair_value_memdup(void) fr_pair_t *vp; TEST_CASE("Find 'Test-Octets'"); - TEST_CHECK((vp = fr_pair_find_by_da_idx(&test_pairs, fr_dict_attr_test_octets, 0)) != NULL); + TEST_CHECK((vp = fr_pair_find_by_da(&test_pairs, NULL, fr_dict_attr_test_octets)) != NULL); TEST_CASE("Validating PAIR_VERIFY()"); PAIR_VERIFY(vp); @@ -972,7 +972,7 @@ static void test_fr_pair_value_memdup_buffer(void) uint8_t *copy_test_octets; TEST_CASE("Find 'Test-Octets'"); - TEST_CHECK((vp = fr_pair_find_by_da_idx(&test_pairs, fr_dict_attr_test_octets, 0)) != NULL); + TEST_CHECK((vp = fr_pair_find_by_da(&test_pairs, NULL, fr_dict_attr_test_octets)) != NULL); TEST_CASE("Validating PAIR_VERIFY()"); PAIR_VERIFY(vp); @@ -995,7 +995,7 @@ static void test_fr_pair_value_memdup_shallow(void) uint8_t *copy_test_octets; TEST_CASE("Find 'Test-Octets'"); - TEST_CHECK((vp = fr_pair_find_by_da_idx(&test_pairs, fr_dict_attr_test_octets, 0)) != NULL); + TEST_CHECK((vp = fr_pair_find_by_da(&test_pairs, NULL, fr_dict_attr_test_octets)) != NULL); TEST_CASE("Validating PAIR_VERIFY()"); PAIR_VERIFY(vp); @@ -1018,7 +1018,7 @@ static void test_fr_pair_value_memdup_buffer_shallow(void) uint8_t *copy_test_octets; TEST_CASE("Find 'Test-Octets'"); - TEST_CHECK((vp = fr_pair_find_by_da_idx(&test_pairs, fr_dict_attr_test_octets, 0)) != NULL); + TEST_CHECK((vp = fr_pair_find_by_da(&test_pairs, NULL, fr_dict_attr_test_octets)) != NULL); TEST_CASE("Validating PAIR_VERIFY()"); PAIR_VERIFY(vp); @@ -1040,7 +1040,7 @@ static void test_fr_pair_value_mem_append(void) fr_pair_t *vp; TEST_CASE("Find 'Test-Octets'"); - TEST_CHECK((vp = fr_pair_find_by_da_idx(&test_pairs, fr_dict_attr_test_octets, 0)) != NULL); + TEST_CHECK((vp = fr_pair_find_by_da(&test_pairs, NULL, fr_dict_attr_test_octets)) != NULL); TEST_CASE("Validating PAIR_VERIFY()"); PAIR_VERIFY(vp); @@ -1065,7 +1065,7 @@ static void test_fr_pair_value_mem_append_buffer(void) uint8_t *copy_test_octets; TEST_CASE("Find 'Test-Octets'"); - TEST_CHECK((vp = fr_pair_find_by_da_idx(&test_pairs, fr_dict_attr_test_octets, 0)) != NULL); + TEST_CHECK((vp = fr_pair_find_by_da(&test_pairs, NULL, fr_dict_attr_test_octets)) != NULL); TEST_CASE("Validating PAIR_VERIFY()"); PAIR_VERIFY(vp); @@ -1096,7 +1096,7 @@ static void test_fr_pair_value_enum(void) char buf[20]; TEST_CASE("Find 'Test-Values'"); - TEST_CHECK((vp = fr_pair_find_by_da_idx(&test_pairs, fr_dict_attr_test_enum, 0)) != NULL); + TEST_CHECK((vp = fr_pair_find_by_da(&test_pairs, NULL, fr_dict_attr_test_enum)) != NULL); TEST_CASE("Validating PAIR_VERIFY()"); PAIR_VERIFY(vp); @@ -1118,7 +1118,7 @@ static void test_fr_pair_value_enum_box(void) fr_value_box_t const *vb; TEST_CASE("Find 'Test-Values'"); - TEST_CHECK((vp = fr_pair_find_by_da_idx(&test_pairs, fr_dict_attr_test_enum, 0)) != NULL); + TEST_CHECK((vp = fr_pair_find_by_da(&test_pairs, NULL, fr_dict_attr_test_enum)) != NULL); TEST_CASE("Validating PAIR_VERIFY()"); PAIR_VERIFY(vp); diff --git a/src/listen/cron/proto_cron_crontab.c b/src/listen/cron/proto_cron_crontab.c index 5acdee47404..58e711c5bb6 100644 --- a/src/listen/cron/proto_cron_crontab.c +++ b/src/listen/cron/proto_cron_crontab.c @@ -747,7 +747,7 @@ static int mod_instantiate(module_inst_ctx_t const *mctx) fclose(fp); - vp = fr_pair_find_by_da_idx(&inst->pair_list, inst->parent->attr_packet_type, 0); + vp = fr_pair_find_by_da(&inst->pair_list, NULL, inst->parent->attr_packet_type); if (vp) inst->code = vp->vp_uint32; return 0; diff --git a/src/listen/load/proto_load_step.c b/src/listen/load/proto_load_step.c index 6e792018618..c73d0200f7f 100644 --- a/src/listen/load/proto_load_step.c +++ b/src/listen/load/proto_load_step.c @@ -429,7 +429,7 @@ static int mod_instantiate(module_inst_ctx_t const *mctx) fclose(fp); } - vp = fr_pair_find_by_da_idx(&inst->pair_list, inst->parent->attr_packet_type, 0); + vp = fr_pair_find_by_da(&inst->pair_list, NULL, inst->parent->attr_packet_type); if (vp) inst->code = vp->vp_uint32; return 0; diff --git a/src/listen/radius/proto_radius.c b/src/listen/radius/proto_radius.c index 7c2e4576f86..60e0441a390 100644 --- a/src/listen/radius/proto_radius.c +++ b/src/listen/radius/proto_radius.c @@ -302,7 +302,7 @@ static int mod_decode(void const *instance, request_t *request, uint8_t *const d * number. */ if ((request->packet->code == FR_RADIUS_CODE_ACCESS_REQUEST) && - fr_pair_find_by_da_idx(&request->request_pairs, attr_state, 0)) { + fr_pair_find_by_da(&request->request_pairs, NULL, attr_state)) { request->async->sequence = 1; } diff --git a/src/listen/tacacs/proto_tacacs.c b/src/listen/tacacs/proto_tacacs.c index af1569d22bf..a28a2409a11 100644 --- a/src/listen/tacacs/proto_tacacs.c +++ b/src/listen/tacacs/proto_tacacs.c @@ -305,7 +305,7 @@ static int mod_decode(void const *instance, request_t *request, uint8_t *const d if (client->active && ((pkt->hdr.flags & FR_FLAGS_VALUE_UNENCRYPTED) == 0) && RDEBUG_ENABLED2 && - ((vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_tacacs_user_name, 0)) != NULL) && + ((vp = fr_pair_find_by_da(&request->request_pairs, NULL, attr_tacacs_user_name)) != NULL) && (fr_utf8_str((uint8_t const *) vp->vp_strvalue, vp->vp_length) < 0)) { RWDEBUG("Unprintable characters in the %s. " "Double-check the shared secret on the server " diff --git a/src/modules/proto_ldap_sync/proto_ldap_sync.c b/src/modules/proto_ldap_sync/proto_ldap_sync.c index 291e2b05e0f..7d4e4d9e6ab 100644 --- a/src/modules/proto_ldap_sync/proto_ldap_sync.c +++ b/src/modules/proto_ldap_sync/proto_ldap_sync.c @@ -843,7 +843,7 @@ static int proto_ldap_cookie_load(TALLOC_CTX *ctx, uint8_t **cookie, rad_listen_ { fr_pair_t *vp; - vp = fr_pair_find_by_da_idx(&request->reply_pairs, attr_ldap_sync_cookie, 0); + vp = fr_pair_find_by_da(&request->reply_pairs, NULL, attr_ldap_sync_cookie); if (!vp) { if (config->allow_refresh) RDEBUG2("No &reply.Cookie attribute found. All entries matching " "sync configuration will be returned"); diff --git a/src/modules/rlm_cache/rlm_cache.c b/src/modules/rlm_cache/rlm_cache.c index fc8fa68478d..61ecd5229a0 100644 --- a/src/modules/rlm_cache/rlm_cache.c +++ b/src/modules/rlm_cache/rlm_cache.c @@ -435,7 +435,7 @@ static unlang_action_t cache_insert(rlm_rcode_t *p_result, /* * Check to see if we need to merge the entry into the request */ - vp = fr_pair_find_by_da_idx(&request->control_pairs, attr_cache_merge_new, 0); + vp = fr_pair_find_by_da(&request->control_pairs, NULL, attr_cache_merge_new); if (vp && vp->vp_bool) merge = true; if (merge) cache_merge(inst, request, c); @@ -574,7 +574,7 @@ static unlang_action_t CC_HINT(nonnull) mod_cache_it(rlm_rcode_t *p_result, modu * If Cache-Status-Only == yes, only return whether we found a * valid cache entry */ - vp = fr_pair_find_by_da_idx(&request->control_pairs, attr_cache_status_only, 0); + vp = fr_pair_find_by_da(&request->control_pairs, NULL, attr_cache_status_only); if (vp && vp->vp_bool) { RINDENT(); RDEBUG3("status-only: yes"); @@ -596,13 +596,13 @@ static unlang_action_t CC_HINT(nonnull) mod_cache_it(rlm_rcode_t *p_result, modu /* * Figure out what operation we're doing */ - vp = fr_pair_find_by_da_idx(&request->control_pairs, attr_cache_allow_merge, 0); + vp = fr_pair_find_by_da(&request->control_pairs, NULL, attr_cache_allow_merge); if (vp) merge = vp->vp_bool; - vp = fr_pair_find_by_da_idx(&request->control_pairs, attr_cache_allow_insert, 0); + vp = fr_pair_find_by_da(&request->control_pairs, NULL, attr_cache_allow_insert); if (vp) insert = vp->vp_bool; - vp = fr_pair_find_by_da_idx(&request->control_pairs, attr_cache_ttl, 0); + vp = fr_pair_find_by_da(&request->control_pairs, NULL, attr_cache_ttl); if (vp) { if (vp->vp_int32 == 0) { expire = true; @@ -1173,7 +1173,7 @@ static unlang_action_t CC_HINT(nonnull) mod_method_store(rlm_rcode_t *p_result, /* Process the TTL */ ttl = inst->config.ttl; /* Set the default value from cache { ttl=... } */ - vp = fr_pair_find_by_da_idx(&request->control_pairs, attr_cache_ttl, 0); + vp = fr_pair_find_by_da(&request->control_pairs, NULL, attr_cache_ttl); if (vp) { if (vp->vp_int32 == 0) { expire = true; @@ -1324,7 +1324,7 @@ static unlang_action_t CC_HINT(nonnull) mod_method_ttl(rlm_rcode_t *p_result, mo /* Process the TTL */ ttl = inst->config.ttl; /* Set the default value from cache { ttl=... } */ - vp = fr_pair_find_by_da_idx(&request->control_pairs, attr_cache_ttl, 0); + vp = fr_pair_find_by_da(&request->control_pairs, NULL, attr_cache_ttl); if (vp) { if (vp->vp_int32 < 0) { ttl = fr_time_delta_from_sec(-(vp->vp_int32)); diff --git a/src/modules/rlm_chap/rlm_chap.c b/src/modules/rlm_chap/rlm_chap.c index efbed76db4e..d4dc20dd499 100644 --- a/src/modules/rlm_chap/rlm_chap.c +++ b/src/modules/rlm_chap/rlm_chap.c @@ -90,7 +90,7 @@ static xlat_action_t xlat_func_chap_password(TALLOC_CTX *ctx, fr_dcursor_t *out, * Use Chap-Challenge pair if present, * Request Authenticator otherwise. */ - challenge = fr_pair_find_by_da_idx(&request->request_pairs, attr_chap_challenge, 0); + challenge = fr_pair_find_by_da(&request->request_pairs, NULL, attr_chap_challenge); if (challenge && (challenge->vp_length == RADIUS_AUTH_VECTOR_LENGTH)) { vector = challenge->vp_octets; } else { @@ -111,7 +111,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authorize(rlm_rcode_t *p_result, mod fr_pair_t *vp; rlm_chap_t const *inst = talloc_get_type_abort_const(mctx->inst->data, rlm_chap_t); - if (fr_pair_find_by_da_idx(&request->control_pairs, attr_auth_type, 0) != NULL) { + if (fr_pair_find_by_da(&request->control_pairs, NULL, attr_auth_type) != NULL) { RDEBUG3("Auth-Type is already set. Not setting 'Auth-Type := %s'", mctx->inst->name); RETURN_MODULE_NOOP; } @@ -120,7 +120,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authorize(rlm_rcode_t *p_result, mod * This case means the warnings below won't be printed * unless there's a CHAP-Password in the request. */ - if (!fr_pair_find_by_da_idx(&request->request_pairs, attr_chap_password, 0)) { + if (!fr_pair_find_by_da(&request->request_pairs, NULL, attr_chap_password)) { RETURN_MODULE_NOOP; } @@ -130,7 +130,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authorize(rlm_rcode_t *p_result, mod * This is so that the rest of the code does not need to * understand CHAP. */ - vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_chap_challenge, 0); + vp = fr_pair_find_by_da(&request->request_pairs, NULL, attr_chap_challenge); if (!vp) { RDEBUG2("Creating &%s from request authenticator", attr_chap_challenge->name); @@ -172,13 +172,13 @@ static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result, fr_pair_t *challenge; uint8_t const *vector; - username = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_name, 0); + username = fr_pair_find_by_da(&request->request_pairs, NULL, attr_user_name); if (!username) { REDEBUG("&User-Name attribute is required for authentication"); RETURN_MODULE_INVALID; } - chap = fr_pair_find_by_da_idx(&request->request_pairs, attr_chap_password, 0); + chap = fr_pair_find_by_da(&request->request_pairs, NULL, attr_chap_password); if (!chap) { REDEBUG("You set '&control.Auth-Type = CHAP' for a request that " "does not contain a CHAP-Password attribute!"); @@ -217,7 +217,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result, * Use Chap-Challenge pair if present, * Request Authenticator otherwise. */ - challenge = fr_pair_find_by_da_idx(&request->request_pairs, attr_chap_challenge, 0); + challenge = fr_pair_find_by_da(&request->request_pairs, NULL, attr_chap_challenge); if (challenge && (challenge->vp_length == RADIUS_AUTH_VECTOR_LENGTH)) { vector = challenge->vp_octets; } else { @@ -236,7 +236,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result, size_t length; fr_pair_t *vp; - vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_chap_challenge, 0); + vp = fr_pair_find_by_da(&request->request_pairs, NULL, attr_chap_challenge); if (vp) { RDEBUG2("Using challenge from &request.CHAP-Challenge"); p = vp->vp_octets; diff --git a/src/modules/rlm_couchbase/mod.c b/src/modules/rlm_couchbase/mod.c index 75a49512d54..f6afa08f56e 100644 --- a/src/modules/rlm_couchbase/mod.c +++ b/src/modules/rlm_couchbase/mod.c @@ -626,7 +626,7 @@ int mod_ensure_start_timestamp(json_object *json, fr_pair_list_t *vps) } /* get current event timestamp */ - if ((vp = fr_pair_find_by_da_idx(vps, attr_event_timestamp, 0)) != NULL) { + if ((vp = fr_pair_find_by_da(vps, NULL, attr_event_timestamp)) != NULL) { /* get seconds value from attribute */ ts = fr_unix_time_to_sec(vp->vp_date); } else { @@ -640,7 +640,7 @@ int mod_ensure_start_timestamp(json_object *json, fr_pair_list_t *vps) memset(value, 0, sizeof(value)); /* get elapsed session time */ - if ((vp = fr_pair_find_by_da_idx(vps, attr_acct_session_time, 0)) != NULL) { + if ((vp = fr_pair_find_by_da(vps, NULL, attr_acct_session_time)) != NULL) { /* calculate diff */ ts = (ts - vp->vp_uint32); /* calculate start time */ diff --git a/src/modules/rlm_couchbase/rlm_couchbase.c b/src/modules/rlm_couchbase/rlm_couchbase.c index 15012925d42..b5e3ec51246 100644 --- a/src/modules/rlm_couchbase/rlm_couchbase.c +++ b/src/modules/rlm_couchbase/rlm_couchbase.c @@ -250,7 +250,7 @@ static unlang_action_t mod_accounting(rlm_rcode_t *p_result, module_ctx_t const fr_assert(request->packet != NULL); /* sanity check */ - if ((vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_acct_status_type, 0)) == NULL) { + if ((vp = fr_pair_find_by_da(&request->request_pairs, NULL, attr_acct_status_type)) == NULL) { /* log debug */ RDEBUG2("could not find status type in packet"); /* return */ @@ -331,7 +331,7 @@ static unlang_action_t mod_accounting(rlm_rcode_t *p_result, module_ctx_t const switch (status) { case FR_STATUS_START: /* add start time */ - if ((vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_acct_status_type, 0)) != NULL) { + if ((vp = fr_pair_find_by_da(&request->request_pairs, NULL, attr_acct_status_type)) != NULL) { /* add to json object */ json_object_object_add_ex(cookie->jobj, "startTimestamp", mod_value_pair_to_json_object(request, vp), @@ -341,7 +341,7 @@ static unlang_action_t mod_accounting(rlm_rcode_t *p_result, module_ctx_t const case FR_STATUS_STOP: /* add stop time */ - if ((vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_event_timestamp, 0)) != NULL) { + if ((vp = fr_pair_find_by_da(&request->request_pairs, NULL, attr_event_timestamp)) != NULL) { /* add to json object */ json_object_object_add_ex(cookie->jobj, "stopTimestamp", mod_value_pair_to_json_object(request, vp), diff --git a/src/modules/rlm_dhcpv4/rlm_dhcpv4.c b/src/modules/rlm_dhcpv4/rlm_dhcpv4.c index ca6eb4f147b..bf8cd7712f1 100644 --- a/src/modules/rlm_dhcpv4/rlm_dhcpv4.c +++ b/src/modules/rlm_dhcpv4/rlm_dhcpv4.c @@ -214,7 +214,7 @@ static unlang_action_t CC_HINT(nonnull) mod_process(rlm_rcode_t *p_result, modul /* * We can only send relayed packets, which have a gateway IP */ - vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_gateway_ip_address, 0); + vp = fr_pair_find_by_da(&request->request_pairs, NULL, attr_gateway_ip_address); if (!vp) { REDEBUG("Relayed packets MUST have a Gateway-IP-Address attribute"); RETURN_MODULE_FAIL; @@ -223,7 +223,7 @@ static unlang_action_t CC_HINT(nonnull) mod_process(rlm_rcode_t *p_result, modul /* * Get the transaction ID. */ - vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_transaction_id, 0); + vp = fr_pair_find_by_da(&request->request_pairs, NULL, attr_transaction_id); if (vp) { xid = vp->vp_uint32; @@ -239,11 +239,11 @@ static unlang_action_t CC_HINT(nonnull) mod_process(rlm_rcode_t *p_result, modul * * @todo - make sure it's a client type. */ - vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_packet_type, 0); + vp = fr_pair_find_by_da(&request->request_pairs, NULL, attr_packet_type); if (vp) { code = vp->vp_uint32; - } else if ((vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_message_type, 0)) != NULL) { + } else if ((vp = fr_pair_find_by_da(&request->request_pairs, NULL, attr_message_type)) != NULL) { code = vp->vp_uint8; } else { @@ -253,7 +253,7 @@ static unlang_action_t CC_HINT(nonnull) mod_process(rlm_rcode_t *p_result, modul /* * Set the destination port, defaulting to 67 */ - vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_packet_dst_port, 0); + vp = fr_pair_find_by_da(&request->request_pairs, NULL, attr_packet_dst_port); if (vp) { port = vp->vp_uint16; } else { @@ -263,7 +263,7 @@ static unlang_action_t CC_HINT(nonnull) mod_process(rlm_rcode_t *p_result, modul /* * Get the destination address / port, and unicast it there. */ - vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_packet_dst_ip_address, 0); + vp = fr_pair_find_by_da(&request->request_pairs, NULL, attr_packet_dst_ip_address); if (!vp) { RDEBUG("No Packet-Dst-IP-Address, cannot relay packet"); RETURN_MODULE_NOOP; diff --git a/src/modules/rlm_digest/rlm_digest.c b/src/modules/rlm_digest/rlm_digest.c index 2438f10b304..c1914f8d898 100644 --- a/src/modules/rlm_digest/rlm_digest.c +++ b/src/modules/rlm_digest/rlm_digest.c @@ -91,7 +91,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authorize(rlm_rcode_t *p_result, mod /* * Find the first attribute which is parented by Digest-Attributes. */ - vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_digest_attributes, 0); + vp = fr_pair_find_by_da(&request->request_pairs, NULL, attr_digest_attributes); if (!vp) RETURN_MODULE_NOOP; if (!inst->auth_type) { @@ -126,21 +126,21 @@ static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result, * We require access to the plain-text password, or to the * Digest-Attributes.HA1 parameter. */ - passwd = fr_pair_find_by_da_idx(&request->control_pairs, attr_digest_ha1, 0); + passwd = fr_pair_find_by_da(&request->control_pairs, NULL, attr_digest_ha1); if (passwd) { if (passwd->vp_length != 32) { REDEBUG("Digest-Attributes.HA1 has invalid length, authentication failed"); RETURN_MODULE_INVALID; } } else { - passwd = fr_pair_find_by_da_idx(&request->control_pairs, attr_cleartext_password, 0); + passwd = fr_pair_find_by_da(&request->control_pairs, NULL, attr_cleartext_password); } if (!passwd) { REDEBUG("Password.Cleartext or Digest-Attributes.HA1 is required for authentication"); RETURN_MODULE_INVALID; } - vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_digest_attributes, 0); + vp = fr_pair_find_by_da(&request->request_pairs, NULL, attr_digest_attributes); if (!vp) { REDEBUG("Digest-Attributes is required for authentication"); RETURN_MODULE_INVALID; @@ -150,7 +150,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result, /* * We require access to the Digest-Attributes.Nonce */ - nonce = fr_pair_find_by_da_idx(list, attr_digest_nonce, 0); + nonce = fr_pair_find_by_da(list, NULL, attr_digest_nonce); if (!nonce) { REDEBUG("No Digest-Attributes.Nonce: Cannot perform Digest authentication"); RETURN_MODULE_INVALID; @@ -159,7 +159,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result, /* * A1 = Digest-Attributes.User-Name ":" Realm ":" Password */ - vp = fr_pair_find_by_da_idx(list, attr_digest_user_name, 0); + vp = fr_pair_find_by_da(list, NULL, attr_digest_user_name); if (!vp) { REDEBUG("No Digest-Attributes.User-Name: Cannot perform Digest authentication"); RETURN_MODULE_INVALID; @@ -170,7 +170,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result, a1[a1_len] = ':'; a1_len++; - vp = fr_pair_find_by_da_idx(list, attr_digest_realm, 0); + vp = fr_pair_find_by_da(list, NULL, attr_digest_realm); if (!vp) { REDEBUG("No Digest-Attributes.Attributes.Realm: Cannot perform Digest authentication"); RETURN_MODULE_INVALID; @@ -196,7 +196,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result, * See which variant we calculate. * Assume MD5 if no Digest-Algorithm attribute received */ - algo = fr_pair_find_by_da_idx(list, attr_digest_algorithm, 0); + algo = fr_pair_find_by_da(list, NULL, attr_digest_algorithm); if ((!algo) || (strcasecmp(algo->vp_strvalue, "MD5") == 0)) { /* @@ -241,7 +241,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result, a1[a1_len] = ':'; a1_len++; - vp = fr_pair_find_by_da_idx(list, attr_digest_cnonce, 0); + vp = fr_pair_find_by_da(list, NULL, attr_digest_cnonce); if (!vp) { REDEBUG("No Digest-Attributes.CNonce: Cannot perform Digest authentication"); RETURN_MODULE_INVALID; @@ -269,7 +269,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result, /* * A2 = Digest-Attributes.Method ":" Digest-Attributes.URI */ - vp = fr_pair_find_by_da_idx(list, attr_digest_method, 0); + vp = fr_pair_find_by_da(list, NULL, attr_digest_method); if (!vp) { REDEBUG("No Digest-Attributes.Method: Cannot perform Digest authentication"); RETURN_MODULE_INVALID; @@ -280,7 +280,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result, a2[a2_len] = ':'; a2_len++; - vp = fr_pair_find_by_da_idx(list, attr_digest_uri, 0); + vp = fr_pair_find_by_da(list, NULL, attr_digest_uri); if (!vp) { REDEBUG("No Digest-Attributes.URI: Cannot perform Digest authentication"); RETURN_MODULE_INVALID; @@ -291,7 +291,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result, /* * QOP is "auth-int", tack on ": Digest-Attributes.Body-Digest" */ - qop = fr_pair_find_by_da_idx(list, attr_digest_qop, 0); + qop = fr_pair_find_by_da(list, NULL, attr_digest_qop); if (qop) { if (strcasecmp(qop->vp_strvalue, "auth-int") == 0) { fr_pair_t *body; @@ -305,7 +305,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result, /* * Must be a hex representation of an MD5 digest. */ - body = fr_pair_find_by_da_idx(list, attr_digest_body_digest, 0); + body = fr_pair_find_by_da(list, NULL, attr_digest_body_digest); if (!body) { REDEBUG("No Digest-Attributes.Body-Digest: Cannot perform Digest authentication"); RETURN_MODULE_INVALID; @@ -368,7 +368,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result, kd[kd_len] = ':'; kd_len++; - vp = fr_pair_find_by_da_idx(list, attr_digest_nonce_count, 0); + vp = fr_pair_find_by_da(list, NULL, attr_digest_nonce_count); if (!vp) { REDEBUG("No Digest-Attributes.Nonce-Count: Cannot perform Digest authentication"); RETURN_MODULE_INVALID; @@ -379,7 +379,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result, kd[kd_len] = ':'; kd_len++; - vp = fr_pair_find_by_da_idx(list, attr_digest_cnonce, 0); + vp = fr_pair_find_by_da(list, NULL, attr_digest_cnonce); if (!vp) { REDEBUG("No Digest-Attributes.CNonce: Cannot perform Digest authentication"); RETURN_MODULE_INVALID; @@ -422,7 +422,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result, * Get the binary value of Digest-Response. This isn't * inside of the Digest-Attributes group. */ - vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_digest_response, 0); + vp = fr_pair_find_by_da(&request->request_pairs, NULL, attr_digest_response); if (!vp) { REDEBUG("No Digest-Response attribute in the request. Cannot perform digest authentication"); RETURN_MODULE_INVALID; diff --git a/src/modules/rlm_eap/rlm_eap.c b/src/modules/rlm_eap/rlm_eap.c index d7abc663c3a..963bf5c01e8 100644 --- a/src/modules/rlm_eap/rlm_eap.c +++ b/src/modules/rlm_eap/rlm_eap.c @@ -674,7 +674,7 @@ static unlang_action_t eap_method_select(rlm_rcode_t *p_result, module_ctx_t con /* * Allow per-user configuration of EAP types. */ - vp = fr_pair_find_by_da_idx(&eap_session->request->control_pairs, attr_eap_type, 0); + vp = fr_pair_find_by_da(&eap_session->request->control_pairs, NULL, attr_eap_type); if (vp) { RDEBUG2("Using method from &control.EAP-Type"); next = vp->vp_uint32; @@ -848,7 +848,7 @@ static unlang_action_t mod_authenticate(rlm_rcode_t *p_result, module_ctx_t cons eap_packet_raw_t *eap_packet; unlang_action_t ua; - if (!fr_pair_find_by_da_idx(&request->request_pairs, attr_eap_message, 0)) { + if (!fr_pair_find_by_da(&request->request_pairs, NULL, attr_eap_message)) { REDEBUG("You set 'Auth-Type = EAP' for a request that does not contain an EAP-Message attribute!"); RETURN_MODULE_INVALID; } @@ -965,12 +965,12 @@ static unlang_action_t mod_post_auth(rlm_rcode_t *p_result, module_ctx_t const * * says that we MUST include a User-Name attribute in the * Access-Accept. */ - username = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_name, 0); + username = fr_pair_find_by_da(&request->request_pairs, NULL, attr_user_name); if ((request->reply->code == FR_RADIUS_CODE_ACCESS_ACCEPT) && username) { /* * Doesn't exist, add it in. */ - vp = fr_pair_find_by_da_idx(&request->reply_pairs, attr_user_name, 0); + vp = fr_pair_find_by_da(&request->reply_pairs, NULL, attr_user_name); if (!vp) { vp = fr_pair_copy(request->reply_ctx, username); fr_pair_append(&request->reply_pairs, vp); @@ -983,12 +983,12 @@ static unlang_action_t mod_post_auth(rlm_rcode_t *p_result, module_ctx_t const * */ if (request->reply->code != FR_RADIUS_CODE_ACCESS_REJECT) RETURN_MODULE_NOOP; - if (!fr_pair_find_by_da_idx(&request->request_pairs, attr_eap_message, 0)) { + if (!fr_pair_find_by_da(&request->request_pairs, NULL, attr_eap_message)) { RDEBUG3("Request didn't contain an EAP-Message, not inserting EAP-Failure"); RETURN_MODULE_NOOP; } - if (fr_pair_find_by_da_idx(&request->reply_pairs, attr_eap_message, 0)) { + if (fr_pair_find_by_da(&request->reply_pairs, NULL, attr_eap_message)) { RDEBUG3("Reply already contained an EAP-Message, not inserting EAP-Failure"); RETURN_MODULE_NOOP; } diff --git a/src/modules/rlm_eap/types/rlm_eap_fast/eap_fast.c b/src/modules/rlm_eap/types/rlm_eap_fast/eap_fast.c index 3c33cb4b198..7e8b81ed4a9 100644 --- a/src/modules/rlm_eap/types/rlm_eap_fast/eap_fast.c +++ b/src/modules/rlm_eap/types/rlm_eap_fast/eap_fast.c @@ -673,7 +673,7 @@ static fr_radius_packet_code_t eap_fast_eap_payload(request_t *request, eap_sess switch (fake->reply->code) { case 0: /* No reply code, must be proxied... */ #ifdef WITH_PROXY - vp = fr_pair_find_by_da_idx(&fake->control, attr_proxy_to_realm, 0); + vp = fr_pair_find_by_da(&fake->control, NULL, attr_proxy_to_realm); if (vp) { int ret; eap_tunnel_data_t *tunnel; diff --git a/src/modules/rlm_eap/types/rlm_eap_fast/rlm_eap_fast.c b/src/modules/rlm_eap/types/rlm_eap_fast/rlm_eap_fast.c index fe36844a252..6b3af638cbb 100644 --- a/src/modules/rlm_eap/types/rlm_eap_fast/rlm_eap_fast.c +++ b/src/modules/rlm_eap/types/rlm_eap_fast/rlm_eap_fast.c @@ -539,7 +539,7 @@ static unlang_action_t mod_session_init(rlm_rcode_t *p_result, module_ctx_t cons * EAP-TLS-Require-Client-Cert attribute will override * the require_client_cert configuration option. */ - vp = fr_pair_find_by_da_idx(&request->control_pairs, attr_eap_tls_require_client_cert, 0); + vp = fr_pair_find_by_da(&request->control_pairs, NULL, attr_eap_tls_require_client_cert); if (vp) { client_cert = vp->vp_uint32 ? true : false; } else { diff --git a/src/modules/rlm_eap/types/rlm_eap_mschapv2/rlm_eap_mschapv2.c b/src/modules/rlm_eap/types/rlm_eap_mschapv2/rlm_eap_mschapv2.c index 1073bfa63e2..621794653bd 100644 --- a/src/modules/rlm_eap/types/rlm_eap_mschapv2/rlm_eap_mschapv2.c +++ b/src/modules/rlm_eap/types/rlm_eap_mschapv2/rlm_eap_mschapv2.c @@ -712,7 +712,7 @@ packet_ready: * in the user name, THEN discard the user name. */ if (inst->with_ntdomain_hack && - ((auth_challenge = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_name, 0)) != NULL) && + ((auth_challenge = fr_pair_find_by_da(&request->request_pairs, NULL, attr_user_name)) != NULL) && ((username = memchr(auth_challenge->vp_octets, '\\', auth_challenge->vp_length)) != NULL)) { /* * Wipe out the NT domain. @@ -771,13 +771,13 @@ static unlang_action_t mod_session_init(rlm_rcode_t *p_result, module_ctx_t cons */ if (!fr_cond_assert(parent)) RETURN_MODULE_FAIL; - auth_challenge = fr_pair_find_by_da_idx(&parent->control_pairs, attr_ms_chap_challenge, 0); + auth_challenge = fr_pair_find_by_da(&parent->control_pairs, NULL, attr_ms_chap_challenge); if (auth_challenge && (auth_challenge->vp_length != MSCHAPV2_CHALLENGE_LEN)) { RWDEBUG("&parent.control.MS-CHAP-Challenge is incorrect length. Ignoring it"); auth_challenge = NULL; } - peer_challenge = fr_pair_find_by_da_idx(&parent->control_pairs, attr_ms_chap_peer_challenge, 0); + peer_challenge = fr_pair_find_by_da(&parent->control_pairs, NULL, attr_ms_chap_peer_challenge); if (peer_challenge && (peer_challenge->vp_length != MSCHAPV2_CHALLENGE_LEN)) { RWDEBUG("&parent.control.MS-CHAP-Peer-Challenge is incorrect length. Ignoring it"); peer_challenge = NULL; @@ -786,7 +786,7 @@ static unlang_action_t mod_session_init(rlm_rcode_t *p_result, module_ctx_t cons if (auth_challenge) { created_auth_challenge = false; - peer_challenge = fr_pair_find_by_da_idx(&parent->control_pairs, attr_ms_chap_peer_challenge, 0); + peer_challenge = fr_pair_find_by_da(&parent->control_pairs, NULL, attr_ms_chap_peer_challenge); if (peer_challenge && (peer_challenge->vp_length != MSCHAPV2_CHALLENGE_LEN)) { RWDEBUG("&parent.control.MS-CHAP-Peer-Challenge is incorrect length. Ignoring it"); peer_challenge = NULL; diff --git a/src/modules/rlm_eap/types/rlm_eap_peap/rlm_eap_peap.c b/src/modules/rlm_eap/types/rlm_eap_peap/rlm_eap_peap.c index 3ca0a6633b7..649d0bb716b 100644 --- a/src/modules/rlm_eap/types/rlm_eap_peap/rlm_eap_peap.c +++ b/src/modules/rlm_eap/types/rlm_eap_peap/rlm_eap_peap.c @@ -297,7 +297,7 @@ static unlang_action_t mod_session_init(rlm_rcode_t *p_result, module_ctx_t cons * EAP-TLS-Require-Client-Cert attribute will override * the require_client_cert configuration option. */ - vp = fr_pair_find_by_da_idx(&request->control_pairs, attr_eap_tls_require_client_cert, 0); + vp = fr_pair_find_by_da(&request->control_pairs, NULL, attr_eap_tls_require_client_cert); if (vp) { client_cert = vp->vp_uint32 ? true : false; } else { diff --git a/src/modules/rlm_eap/types/rlm_eap_pwd/rlm_eap_pwd.c b/src/modules/rlm_eap/types/rlm_eap_pwd/rlm_eap_pwd.c index 87a8c584e91..7db81b3a972 100644 --- a/src/modules/rlm_eap/types/rlm_eap_pwd/rlm_eap_pwd.c +++ b/src/modules/rlm_eap/types/rlm_eap_pwd/rlm_eap_pwd.c @@ -503,7 +503,7 @@ static unlang_action_t mod_session_init(rlm_rcode_t *p_result, module_ctx_t cons * The admin can dynamically change the MTU. */ session->mtu = inst->fragment_size; - vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_framed_mtu, 0); + vp = fr_pair_find_by_da(&request->request_pairs, NULL, attr_framed_mtu); /* * session->mtu is *our* MTU. We need to subtract off the EAP diff --git a/src/modules/rlm_eap/types/rlm_eap_tls/rlm_eap_tls.c b/src/modules/rlm_eap/types/rlm_eap_tls/rlm_eap_tls.c index 729340e5cfe..124297c5047 100644 --- a/src/modules/rlm_eap/types/rlm_eap_tls/rlm_eap_tls.c +++ b/src/modules/rlm_eap/types/rlm_eap_tls/rlm_eap_tls.c @@ -200,7 +200,7 @@ static unlang_action_t mod_session_init(rlm_rcode_t *p_result, module_ctx_t cons * EAP-TLS-Require-Client-Cert attribute will override * the require_client_cert configuration option. */ - vp = fr_pair_find_by_da_idx(&request->control_pairs, attr_eap_tls_require_client_cert, 0); + vp = fr_pair_find_by_da(&request->control_pairs, NULL, attr_eap_tls_require_client_cert); if (vp) { client_cert = vp->vp_uint32 ? true : false; } else { diff --git a/src/modules/rlm_eap/types/rlm_eap_ttls/rlm_eap_ttls.c b/src/modules/rlm_eap/types/rlm_eap_ttls/rlm_eap_ttls.c index ebee17a273d..39f00deb5b2 100644 --- a/src/modules/rlm_eap/types/rlm_eap_ttls/rlm_eap_ttls.c +++ b/src/modules/rlm_eap/types/rlm_eap_ttls/rlm_eap_ttls.c @@ -300,7 +300,7 @@ static unlang_action_t mod_session_init(rlm_rcode_t *p_result, module_ctx_t cons * EAP-TLS-Require-Client-Cert attribute will override * the require_client_cert configuration option. */ - vp = fr_pair_find_by_da_idx(&request->control_pairs, attr_eap_tls_require_client_cert, 0); + vp = fr_pair_find_by_da(&request->control_pairs, NULL, attr_eap_tls_require_client_cert); if (vp) { client_cert = vp->vp_uint32 ? true : false; } else { diff --git a/src/modules/rlm_eap/types/rlm_eap_ttls/ttls.c b/src/modules/rlm_eap/types/rlm_eap_ttls/ttls.c index cf5e9ed1742..07df0f68478 100644 --- a/src/modules/rlm_eap/types/rlm_eap_ttls/ttls.c +++ b/src/modules/rlm_eap/types/rlm_eap_ttls/ttls.c @@ -670,14 +670,14 @@ fr_radius_packet_code_t eap_ttls_process(request_t *request, eap_session_t *eap_ /* * No User-Name, try to create one from stored data. */ - username = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_name, 0); + username = fr_pair_find_by_da(&request->request_pairs, NULL, attr_user_name); if (!username) { /* * No User-Name in the stored data, look for * an EAP-Identity, and pull it out of there. */ if (!t->username) { - vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_eap_message, 0); + vp = fr_pair_find_by_da(&request->request_pairs, NULL, attr_eap_message); if (vp && (vp->vp_length >= EAP_HEADER_LEN + 2) && (vp->vp_strvalue[0] == FR_EAP_CODE_RESPONSE) && diff --git a/src/modules/rlm_imap/rlm_imap.c b/src/modules/rlm_imap/rlm_imap.c index df1a8ee4da5..b520875e0d8 100644 --- a/src/modules/rlm_imap/rlm_imap.c +++ b/src/modules/rlm_imap/rlm_imap.c @@ -133,8 +133,8 @@ static unlang_action_t CC_HINT(nonnull(1,2)) mod_authenticate(rlm_rcode_t *p_res RETURN_MODULE_FAIL; } - username = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_name, 0); - password = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_password, 0); + username = fr_pair_find_by_da(&request->request_pairs, NULL, attr_user_name); + password = fr_pair_find_by_da(&request->request_pairs, NULL, attr_user_password); if (!username) { REDEBUG("Attribute \"User-Name\" is required for authentication"); diff --git a/src/modules/rlm_isc_dhcp/rlm_isc_dhcp.c b/src/modules/rlm_isc_dhcp/rlm_isc_dhcp.c index 2340b7069ba..b66ab172922 100644 --- a/src/modules/rlm_isc_dhcp/rlm_isc_dhcp.c +++ b/src/modules/rlm_isc_dhcp/rlm_isc_dhcp.c @@ -1422,7 +1422,7 @@ static int parse_host(rlm_isc_dhcp_tokenizer_t *state, rlm_isc_dhcp_info_t *info /* * The 'host' entry might not have a client identifier option. */ - vp = fr_pair_find_by_da_idx(&info->options, attr_client_identifier, 0); + vp = fr_pair_find_by_da(&info->options, NULL, attr_client_identifier); if (vp) { my_uid = talloc_zero(info, isc_host_uid_t); my_uid->client = &vp->data; @@ -1613,7 +1613,7 @@ static rlm_isc_dhcp_info_t *get_host(request_t *request, fr_hash_table_t *hosts_ * If that doesn't match, use client hardware * address. */ - vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_client_identifier, 0); + vp = fr_pair_find_by_da(&request->request_pairs, NULL, attr_client_identifier); if (vp) { isc_host_uid_t *client, my_client; @@ -1627,7 +1627,7 @@ static rlm_isc_dhcp_info_t *get_host(request_t *request, fr_hash_table_t *hosts_ } - vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_client_hardware_address, 0); + vp = fr_pair_find_by_da(&request->request_pairs, NULL, attr_client_hardware_address); if (!vp) return NULL; memcpy(&my_ether.ether, vp->vp_ether, sizeof(my_ether.ether)); @@ -1748,7 +1748,7 @@ static int apply_fixed_ip(rlm_isc_dhcp_t const *inst, request_t *request) /* * If there's already a fixed IP, don't do anything */ - yiaddr = fr_pair_find_by_da_idx(&request->reply_pairs, attr_your_ip_address, 0); + yiaddr = fr_pair_find_by_da(&request->reply_pairs, NULL, attr_your_ip_address); if (yiaddr) return 0; host = get_host(request, inst->hosts_by_ether, inst->hosts_by_uid); @@ -1795,7 +1795,7 @@ static int apply(rlm_isc_dhcp_t const *inst, request_t *request, rlm_isc_dhcp_in fr_pair_t *yiaddr; ret = 0; - yiaddr = fr_pair_find_by_da_idx(&request->reply_pairs, attr_your_ip_address, 0); + yiaddr = fr_pair_find_by_da(&request->reply_pairs, NULL, attr_your_ip_address); /* * First, apply any "host" options @@ -1872,7 +1872,7 @@ recurse: vp = fr_pair_list_next(&head->options, vp)) { fr_pair_t *reply; - reply = fr_pair_find_by_da_idx(&request->reply_pairs, vp->da, 0); + reply = fr_pair_find_by_da(&request->reply_pairs, NULL, vp->da); if (reply) continue; /* diff --git a/src/modules/rlm_krb5/rlm_krb5.c b/src/modules/rlm_krb5/rlm_krb5.c index 32e1fe5bcfd..e8f2ebebc1b 100644 --- a/src/modules/rlm_krb5/rlm_krb5.c +++ b/src/modules/rlm_krb5/rlm_krb5.c @@ -245,7 +245,7 @@ static rlm_rcode_t krb5_parse_user(krb5_principal *client, KRB5_UNUSED rlm_krb5_ char *princ_name; fr_pair_t *username; - username = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_name, 0); + username = fr_pair_find_by_da(&request->request_pairs, NULL, attr_user_name); /* * We can only authenticate user requests which HAVE @@ -324,7 +324,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result, krb5_principal client = NULL; fr_pair_t *password; - password = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_password, 0); + password = fr_pair_find_by_da(&request->request_pairs, NULL, attr_user_password); if (!password) { REDEBUG("Attribute \"User-Password\" is required for authentication"); @@ -418,7 +418,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result, krb5_creds init_creds; fr_pair_t *password; - password = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_password, 0); + password = fr_pair_find_by_da(&request->request_pairs, NULL, attr_user_password); if (!password) { REDEBUG("Attribute \"User-Password\" is required for authentication"); diff --git a/src/modules/rlm_ldap/rlm_ldap.c b/src/modules/rlm_ldap/rlm_ldap.c index bbfaf3130e7..4b64c7a6db4 100644 --- a/src/modules/rlm_ldap/rlm_ldap.c +++ b/src/modules/rlm_ldap/rlm_ldap.c @@ -948,8 +948,8 @@ static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result, fr_ldap_sasl_t sasl; fr_pair_t *username, *password; - username = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_name, 0); - password = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_password, 0); + username = fr_pair_find_by_da(&request->request_pairs, NULL, attr_user_name); + password = fr_pair_find_by_da(&request->request_pairs, NULL, attr_user_password); /* * We can only authenticate user requests which HAVE @@ -1207,7 +1207,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authorize(rlm_rcode_t *p_result, mod /* * We already have a Password.Cleartext. Skip edir. */ - if (fr_pair_find_by_da_idx(&request->control_pairs, attr_cleartext_password, 0)) goto skip_edir; + if (fr_pair_find_by_da(&request->control_pairs, NULL, attr_cleartext_password)) goto skip_edir; /* * Retrieve Universal Password if we use eDirectory diff --git a/src/modules/rlm_ldap/user.c b/src/modules/rlm_ldap/user.c index 460af07fccc..4e76c1451fd 100644 --- a/src/modules/rlm_ldap/user.c +++ b/src/modules/rlm_ldap/user.c @@ -89,7 +89,7 @@ char const *rlm_ldap_find_user(rlm_ldap_t const *inst, request_t *request, fr_ld * If the caller isn't looking for the result we can just return the current userdn value. */ if (!force) { - vp = fr_pair_find_by_da_idx(&request->control_pairs, attr_ldap_userdn, 0); + vp = fr_pair_find_by_da(&request->control_pairs, NULL, attr_ldap_userdn); if (vp) { RDEBUG2("Using user DN from request \"%pV\"", &vp->data); *rcode = RLM_MODULE_OK; @@ -243,11 +243,11 @@ void rlm_ldap_check_reply(module_ctx_t const *mctx, request_t *request, fr_ldap_ */ if (!inst->expect_password || !RDEBUG_ENABLED2) return; - if (!fr_pair_find_by_da_idx(&request->control_pairs, attr_cleartext_password, 0) && - !fr_pair_find_by_da_idx(&request->control_pairs, attr_nt_password, 0) && - !fr_pair_find_by_da_idx(&request->control_pairs, attr_user_password, 0) && - !fr_pair_find_by_da_idx(&request->control_pairs, attr_password_with_header, 0) && - !fr_pair_find_by_da_idx(&request->control_pairs, attr_crypt_password, 0)) { + if (!fr_pair_find_by_da(&request->control_pairs, NULL, attr_cleartext_password) && + !fr_pair_find_by_da(&request->control_pairs, NULL, attr_nt_password) && + !fr_pair_find_by_da(&request->control_pairs, NULL, attr_user_password) && + !fr_pair_find_by_da(&request->control_pairs, NULL, attr_password_with_header) && + !fr_pair_find_by_da(&request->control_pairs, NULL, attr_crypt_password)) { switch (ttrunk->directory->type) { case FR_LDAP_DIRECTORY_ACTIVE_DIRECTORY: RWDEBUG2("!!! Found map between LDAP attribute and a FreeRADIUS password attribute"); diff --git a/src/modules/rlm_logintime/rlm_logintime.c b/src/modules/rlm_logintime/rlm_logintime.c index a323ebc4047..fd8c0a62814 100644 --- a/src/modules/rlm_logintime/rlm_logintime.c +++ b/src/modules/rlm_logintime/rlm_logintime.c @@ -155,7 +155,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authorize(rlm_rcode_t *p_result, mod fr_pair_t *ends, *vp; fr_time_delta_t left; - ends = fr_pair_find_by_da_idx(&request->control_pairs, attr_login_time, 0); + ends = fr_pair_find_by_da(&request->control_pairs, NULL, attr_login_time); if (!ends) RETURN_MODULE_NOOP; /* diff --git a/src/modules/rlm_mschap/auth_wbclient.c b/src/modules/rlm_mschap/auth_wbclient.c index e4129ab3b99..bc4b00bce26 100644 --- a/src/modules/rlm_mschap/auth_wbclient.c +++ b/src/modules/rlm_mschap/auth_wbclient.c @@ -182,13 +182,13 @@ int do_auth_wbclient(rlm_mschap_t const *inst, request_t *request, fr_box_strvalue_buffer(normalised_username)); /* Recalculate hash */ - vp_challenge = fr_pair_find_by_da_idx(&request->request_pairs, attr_ms_chap_challenge, 0); + vp_challenge = fr_pair_find_by_da(&request->request_pairs, NULL, attr_ms_chap_challenge); if (!vp_challenge) { RERROR("Unable to get MS-CHAP-Challenge"); goto release; } - vp_response = fr_pair_find_by_da_idx(&request->request_pairs, attr_ms_chap2_response, 0); + vp_response = fr_pair_find_by_da(&request->request_pairs, NULL, attr_ms_chap2_response); if (!vp_response) { RERROR("Unable to get MS-CHAP2-Response"); goto release; diff --git a/src/modules/rlm_mschap/opendir.c b/src/modules/rlm_mschap/opendir.c index 02c05961612..d254cb22c85 100644 --- a/src/modules/rlm_mschap/opendir.c +++ b/src/modules/rlm_mschap/opendir.c @@ -239,7 +239,7 @@ unlang_action_t od_mschap_auth(rlm_rcode_t *p_result, request_t *request, fr_pai unsigned int t; #endif - response = fr_pair_find_by_da_idx(&request->request_pairs, attr_ms_chap2_response, 0); + response = fr_pair_find_by_da(&request->request_pairs, NULL, attr_ms_chap2_response); username_string = talloc_array(request, char, usernamepair->vp_length + 1); if (!username_string) RETURN_MODULE_FAIL; diff --git a/src/modules/rlm_mschap/rlm_mschap.c b/src/modules/rlm_mschap/rlm_mschap.c index 2ca0f487475..ebbe99b1913 100644 --- a/src/modules/rlm_mschap/rlm_mschap.c +++ b/src/modules/rlm_mschap/rlm_mschap.c @@ -199,10 +199,10 @@ static fr_pair_t *mschap_identity_find(request_t *request) { fr_pair_t *vp; - vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_name, 0); + vp = fr_pair_find_by_da(&request->request_pairs, NULL, attr_user_name); if (vp) return vp; - vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_eap_identity, 0); + vp = fr_pair_find_by_da(&request->request_pairs, NULL, attr_eap_identity); if (vp) return vp; REDEBUG("No user identity found in current request"); @@ -322,7 +322,7 @@ static xlat_action_t mschap_xlat(TALLOC_CTX *ctx, fr_dcursor_t *out, * hash of MS-CHAPv2 challenge, and peer challenge. */ if (strncasecmp(arg->vb_strvalue, "Challenge", 9) == 0) { - chap_challenge = fr_pair_find_by_da_idx(&request->request_pairs, attr_ms_chap_challenge, 0); + chap_challenge = fr_pair_find_by_da(&request->request_pairs, NULL, attr_ms_chap_challenge); if (!chap_challenge) { REDEBUG("No MS-CHAP-Challenge in the request"); return XLAT_ACTION_FAIL; @@ -348,7 +348,7 @@ static xlat_action_t mschap_xlat(TALLOC_CTX *ctx, fr_dcursor_t *out, char const *username_str; size_t username_len; - response = fr_pair_find_by_da_idx(&request->request_pairs, attr_ms_chap2_response, 0); + response = fr_pair_find_by_da(&request->request_pairs, NULL, attr_ms_chap2_response); if (!response) { REDEBUG("Vendor-Specific.Microsoft.CHAP2-Response is required to calculate MS-CHAPv1 challenge"); return XLAT_ACTION_FAIL; @@ -380,7 +380,7 @@ static xlat_action_t mschap_xlat(TALLOC_CTX *ctx, fr_dcursor_t *out, * We prefer this to the User-Name in the * packet. */ - response_name = fr_pair_find_by_da_idx(&request->request_pairs, attr_ms_chap_user_name, 0); + response_name = fr_pair_find_by_da(&request->request_pairs, NULL, attr_ms_chap_user_name); name_vp = response_name ? response_name : user_name; /* @@ -426,8 +426,8 @@ static xlat_action_t mschap_xlat(TALLOC_CTX *ctx, fr_dcursor_t *out, * response. */ } else if (strncasecmp(arg->vb_strvalue, "NT-Response", 11) == 0) { - response = fr_pair_find_by_da_idx(&request->request_pairs, attr_ms_chap_response, 0); - if (!response) response = fr_pair_find_by_da_idx(&request->request_pairs, attr_ms_chap2_response, 0); + response = fr_pair_find_by_da(&request->request_pairs, NULL, attr_ms_chap_response); + if (!response) response = fr_pair_find_by_da(&request->request_pairs, NULL, attr_ms_chap2_response); if (!response) { REDEBUG("No MS-CHAP-Response or MS-CHAP2-Response was found in the request"); return XLAT_ACTION_FAIL; @@ -461,7 +461,7 @@ static xlat_action_t mschap_xlat(TALLOC_CTX *ctx, fr_dcursor_t *out, * in MS-CHAPv1, and not often there. */ } else if (strncasecmp(arg->vb_strvalue, "LM-Response", 11) == 0) { - response = fr_pair_find_by_da_idx(&request->request_pairs, attr_ms_chap_response, 0); + response = fr_pair_find_by_da(&request->request_pairs, NULL, attr_ms_chap_response); if (!response) { REDEBUG("No MS-CHAP-Response was found in the request"); return XLAT_ACTION_FAIL; @@ -1455,12 +1455,12 @@ static unlang_action_t CC_HINT(nonnull) mod_authorize(rlm_rcode_t *p_result, mod rlm_mschap_t const *inst = talloc_get_type_abort_const(mctx->inst->data, rlm_mschap_t); fr_pair_t *challenge = NULL; - challenge = fr_pair_find_by_da_idx(&request->request_pairs, attr_ms_chap_challenge, 0); + challenge = fr_pair_find_by_da(&request->request_pairs, NULL, attr_ms_chap_challenge); if (!challenge) RETURN_MODULE_NOOP; - if (!fr_pair_find_by_da_idx(&request->request_pairs, attr_ms_chap_response, 0) && - !fr_pair_find_by_da_idx(&request->request_pairs, attr_ms_chap2_response, 0) && - !fr_pair_find_by_da_idx(&request->request_pairs, attr_ms_chap2_cpw, 0)) { + if (!fr_pair_find_by_da(&request->request_pairs, NULL, attr_ms_chap_response) && + !fr_pair_find_by_da(&request->request_pairs, NULL, attr_ms_chap2_response) && + !fr_pair_find_by_da(&request->request_pairs, NULL, attr_ms_chap2_cpw)) { RDEBUG2("Found MS-CHAP-Challenge, but no MS-CHAP response or Change-Password"); RETURN_MODULE_NOOP; } @@ -1896,7 +1896,7 @@ static unlang_action_t CC_HINT(nonnull(1,2,3,4,5,8,9)) mschap_process_v2_respons * We prefer this to the User-Name in the * packet. */ - response_name = fr_pair_find_by_da_idx(&request->request_pairs, attr_ms_chap_user_name, 0); + response_name = fr_pair_find_by_da(&request->request_pairs, NULL, attr_ms_chap_user_name); name_vp = response_name ? response_name : user_name; /* @@ -1936,7 +1936,7 @@ static unlang_action_t CC_HINT(nonnull(1,2,3,4,5,8,9)) mschap_process_v2_respons #endif peer_challenge = response->vp_octets + 2; - peer_challenge_attr = fr_pair_find_by_da_idx(&request->control_pairs, attr_ms_chap_peer_challenge, 0); + peer_challenge_attr = fr_pair_find_by_da(&request->control_pairs, NULL, attr_ms_chap_peer_challenge); if (peer_challenge_attr) { RDEBUG2("Overriding peer challenge"); peer_challenge = peer_challenge_attr->vp_octets; @@ -1968,7 +1968,7 @@ static unlang_action_t CC_HINT(nonnull(1,2,3,4,5,8,9)) mschap_process_v2_respons #ifdef WITH_AUTH_WINBIND if (inst->wb_retry_with_normalised_username) { - response_name = fr_pair_find_by_da_idx(&request->request_pairs, attr_ms_chap_user_name, 0); + response_name = fr_pair_find_by_da(&request->request_pairs, NULL, attr_ms_chap_user_name); if (response_name) { if (strcmp(username_str, response_name->vp_strvalue)) { RDEBUG2("Normalising username %pV -> %pV", @@ -2033,7 +2033,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result, * want to suppress it. */ if (method != AUTH_INTERNAL) { - fr_pair_t *vp = fr_pair_find_by_da_idx(&request->control_pairs, attr_ms_chap_use_ntlm_auth, 0); + fr_pair_t *vp = fr_pair_find_by_da(&request->control_pairs, NULL, attr_ms_chap_use_ntlm_auth); if (vp && vp->vp_bool == false) method = AUTH_INTERNAL; } @@ -2041,11 +2041,11 @@ static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result, * Find the SMB-Account-Ctrl attribute, or the * SMB-Account-Ctrl-Text attribute. */ - smb_ctrl = fr_pair_find_by_da_idx(&request->control_pairs, attr_smb_account_ctrl, 0); + smb_ctrl = fr_pair_find_by_da(&request->control_pairs, NULL, attr_smb_account_ctrl); if (!smb_ctrl) { fr_pair_t *smb_account_ctrl_text; - smb_account_ctrl_text = fr_pair_find_by_da_idx(&request->control_pairs, attr_smb_account_ctrl_text, 0); + smb_account_ctrl_text = fr_pair_find_by_da(&request->control_pairs, NULL, attr_smb_account_ctrl_text); if (smb_account_ctrl_text) { MEM(pair_append_control(&smb_ctrl, attr_smb_account_ctrl) >= 0); smb_ctrl->vp_uint32 = pdb_decode_acct_ctrl(smb_account_ctrl_text->vp_strvalue); @@ -2079,7 +2079,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result, * Check to see if this is a change password request, and process * it accordingly if so. */ - cpw = fr_pair_find_by_da_idx(&request->request_pairs, attr_ms_chap2_cpw, 0); + cpw = fr_pair_find_by_da(&request->request_pairs, NULL, attr_ms_chap2_cpw); if (cpw) { uint8_t *p; @@ -2111,7 +2111,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result, memcpy(p + 2, cpw->vp_octets + 18, 48); } - challenge = fr_pair_find_by_da_idx(&request->request_pairs, attr_ms_chap_challenge, 0); + challenge = fr_pair_find_by_da(&request->request_pairs, NULL, attr_ms_chap_challenge); if (!challenge) { REDEBUG("&control.Auth-Type = %s set for a request that does not contain &%s", mctx->inst->name, attr_ms_chap_challenge->name); @@ -2122,7 +2122,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result, /* * We also require an MS-CHAP-Response. */ - if ((response = fr_pair_find_by_da_idx(&request->request_pairs, attr_ms_chap_response, 0))) { + if ((response = fr_pair_find_by_da(&request->request_pairs, NULL, attr_ms_chap_response))) { mschap_process_response(&rcode, &mschap_version, nthashhash, inst, request, @@ -2130,7 +2130,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result, challenge, response, method); if (rcode != RLM_MODULE_OK) goto finish; - } else if ((response = fr_pair_find_by_da_idx(&request->request_pairs, attr_ms_chap2_response, 0))) { + } else if ((response = fr_pair_find_by_da(&request->request_pairs, NULL, attr_ms_chap2_response))) { mschap_process_v2_response(&rcode, &mschap_version, nthashhash, inst, request, diff --git a/src/modules/rlm_ocsp/ocsp.c b/src/modules/rlm_ocsp/ocsp.c index ba06a064758..88eefbf076b 100644 --- a/src/modules/rlm_ocsp/ocsp.c +++ b/src/modules/rlm_ocsp/ocsp.c @@ -391,7 +391,7 @@ int fr_tls_ocsp_check(request_t *request, SSL *ssl, /* * Allow us to cache the OCSP verified state externally */ - vp = fr_pair_find_by_da_idx(&request->control_pairs, attr_tls_ocsp_cert_valid, 0); + vp = fr_pair_find_by_da(&request->control_pairs, NULL, attr_tls_ocsp_cert_valid); if (vp) switch (vp->vp_uint32) { case 0: /* no */ RDEBUG2("Found &control.TLS-OCSP-Cert-Valid = no, forcing OCSP failure"); @@ -405,7 +405,7 @@ int fr_tls_ocsp_check(request_t *request, SSL *ssl, * we need to run the full OCSP check. */ if (staple_response) { - vp = fr_pair_find_by_da_idx(&request->control_pairs, attr_tls_ocsp_response, 0); + vp = fr_pair_find_by_da(&request->control_pairs, NULL, attr_tls_ocsp_response); if (!vp) { RDEBUG2("No &control.TLS-OCSP-Response attribute found, performing full OCSP check"); break; diff --git a/src/modules/rlm_opendirectory/rlm_opendirectory.c b/src/modules/rlm_opendirectory/rlm_opendirectory.c index 27a70afc226..008a4a95be6 100644 --- a/src/modules/rlm_opendirectory/rlm_opendirectory.c +++ b/src/modules/rlm_opendirectory/rlm_opendirectory.c @@ -312,8 +312,8 @@ static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result, long odResult = eDSAuthFailed; fr_pair_t *username, *password; - username = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_name, 0); - password = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_password, 0); + username = fr_pair_find_by_da(&request->request_pairs, NULL, attr_user_name); + password = fr_pair_find_by_da(&request->request_pairs, NULL, attr_user_password); /* * We can only authenticate user requests which HAVE @@ -400,7 +400,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authorize(rlm_rcode_t *p_result, mod * We can only authenticate user requests which HAVE * a User-Name attribute. */ - username = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_name, 0); + username = fr_pair_find_by_da(&request->request_pairs, NULL, attr_user_name); if (!username) { RDEBUG2("OpenDirectory requires a User-Name attribute"); RETURN_MODULE_NOOP; diff --git a/src/modules/rlm_pam/rlm_pam.c b/src/modules/rlm_pam/rlm_pam.c index 2bb8622a656..4bb445b1205 100644 --- a/src/modules/rlm_pam/rlm_pam.c +++ b/src/modules/rlm_pam/rlm_pam.c @@ -220,8 +220,8 @@ static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result, char const *pam_auth_string = data->pam_auth_name; fr_pair_t *username, *password; - username = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_name, 0); - password = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_password, 0); + username = fr_pair_find_by_da(&request->request_pairs, NULL, attr_user_name); + password = fr_pair_find_by_da(&request->request_pairs, NULL, attr_user_password); /* * We can only authenticate user requests which HAVE @@ -258,7 +258,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result, * Let control list over-ride the PAM auth name string, * for backwards compatibility. */ - pair = fr_pair_find_by_da_idx(&request->control_pairs, attr_pam_auth, 0); + pair = fr_pair_find_by_da(&request->control_pairs, NULL, attr_pam_auth); if (pair) pam_auth_string = pair->vp_strvalue; ret = do_pam(request, username->vp_strvalue, password->vp_strvalue, pam_auth_string); diff --git a/src/modules/rlm_pap/rlm_pap.c b/src/modules/rlm_pap/rlm_pap.c index f8de57c1cf6..e63d60cfb45 100644 --- a/src/modules/rlm_pap/rlm_pap.c +++ b/src/modules/rlm_pap/rlm_pap.c @@ -140,12 +140,12 @@ static unlang_action_t CC_HINT(nonnull) mod_authorize(rlm_rcode_t *p_result, mod rlm_pap_t const *inst = talloc_get_type_abort_const(mctx->inst->data, rlm_pap_t); fr_pair_t *password; - if (fr_pair_find_by_da_idx(&request->control_pairs, attr_auth_type, 0) != NULL) { + if (fr_pair_find_by_da(&request->control_pairs, NULL, attr_auth_type) != NULL) { RDEBUG3("Auth-Type is already set. Not setting 'Auth-Type := %s'", mctx->inst->name); RETURN_MODULE_NOOP; } - password = fr_pair_find_by_da_idx(&request->request_pairs, attr_user, 0); + password = fr_pair_find_by_da(&request->request_pairs, NULL, attr_user); if (!password) { RDEBUG2("No %s attribute in the request. Cannot do PAP", attr_user->name); RETURN_MODULE_NOOP; @@ -929,7 +929,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result, pap_auth_func_t auth_func; bool ephemeral; - password = fr_pair_find_by_da_idx(&request->request_pairs, attr_user, 0); + password = fr_pair_find_by_da(&request->request_pairs, NULL, attr_user); if (!password) { REDEBUG("You set 'Auth-Type = PAP' for a request that does not contain a User-Password attribute!"); RETURN_MODULE_INVALID; diff --git a/src/modules/rlm_passwd/rlm_passwd.c b/src/modules/rlm_passwd/rlm_passwd.c index 6acad084b8d..df4d9839a20 100644 --- a/src/modules/rlm_passwd/rlm_passwd.c +++ b/src/modules/rlm_passwd/rlm_passwd.c @@ -572,7 +572,7 @@ static unlang_action_t CC_HINT(nonnull) mod_passwd_map(rlm_rcode_t *p_result, mo fr_dcursor_t cursor; int found = 0; - key = fr_pair_find_by_da_idx(&request->request_pairs, inst->keyattr, 0); + key = fr_pair_find_by_da(&request->request_pairs, NULL, inst->keyattr); if (!key) RETURN_MODULE_NOTFOUND; for (i = fr_pair_dcursor_by_da_init(&cursor, &request->request_pairs, inst->keyattr); diff --git a/src/modules/rlm_perl/rlm_perl.c b/src/modules/rlm_perl/rlm_perl.c index 66b83c78cdf..b66317d0f82 100644 --- a/src/modules/rlm_perl/rlm_perl.c +++ b/src/modules/rlm_perl/rlm_perl.c @@ -949,7 +949,7 @@ static unlang_action_t CC_HINT(nonnull) mod_accounting(rlm_rcode_t *p_result, mo int acct_status_type = 0; char const *func; - pair = fr_pair_find_by_da_idx(&request->request_pairs, attr_acct_status_type, 0); + pair = fr_pair_find_by_da(&request->request_pairs, NULL, attr_acct_status_type); if (pair != NULL) { acct_status_type = pair->vp_uint32; } else { diff --git a/src/modules/rlm_radius/rlm_radius.c b/src/modules/rlm_radius/rlm_radius.c index 203a618faf5..188cdd60d4b 100644 --- a/src/modules/rlm_radius/rlm_radius.c +++ b/src/modules/rlm_radius/rlm_radius.c @@ -376,8 +376,8 @@ static void radius_fixups(rlm_radius_t const *inst, request_t *request) if (request->packet->code != FR_RADIUS_CODE_ACCESS_REQUEST) return; - if (fr_pair_find_by_da_idx(&request->request_pairs, attr_chap_password, 0) && - !fr_pair_find_by_da_idx(&request->request_pairs, attr_chap_challenge, 0)) { + if (fr_pair_find_by_da(&request->request_pairs, NULL, attr_chap_password) && + !fr_pair_find_by_da(&request->request_pairs, NULL, attr_chap_challenge)) { MEM(pair_append_request(&vp, attr_chap_challenge) >= 0); fr_pair_value_memdup(vp, request->packet->vector, sizeof(request->packet->vector), true); } diff --git a/src/modules/rlm_radius/rlm_radius_udp.c b/src/modules/rlm_radius/rlm_radius_udp.c index 921563baf67..eb664d2ac5a 100644 --- a/src/modules/rlm_radius/rlm_radius_udp.c +++ b/src/modules/rlm_radius/rlm_radius_udp.c @@ -400,7 +400,7 @@ static void CC_HINT(nonnull) status_check_alloc(udp_handle_t *h) * Ensure that there's a NAS-Identifier, if one wasn't * already added. */ - if (!fr_pair_find_by_da_idx(&request->request_pairs, attr_nas_identifier, 0)) { + if (!fr_pair_find_by_da(&request->request_pairs, NULL, attr_nas_identifier)) { fr_pair_t *vp; MEM(pair_append_request(&vp, attr_nas_identifier) >= 0); @@ -412,7 +412,7 @@ static void CC_HINT(nonnull) status_check_alloc(udp_handle_t *h) * at which the first packet is sent. Or for * Status-Server, the time of the current packet. */ - if (!fr_pair_find_by_da_idx(&request->request_pairs, attr_event_timestamp, 0)) { + if (!fr_pair_find_by_da(&request->request_pairs, NULL, attr_event_timestamp)) { MEM(pair_append_request(NULL, attr_event_timestamp) >= 0); } @@ -1327,7 +1327,7 @@ static int encode(rlm_radius_udp_t const *inst, request_t *request, udp_request_ fr_pair_t *vp; proxy_state = 0; - vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_event_timestamp, 0); + vp = fr_pair_find_by_da(&request->request_pairs, NULL, attr_event_timestamp); if (vp) vp->vp_date = fr_time_to_unix_time(u->retry.updated); if (u->code == FR_RADIUS_CODE_STATUS_SERVER) u->can_retransmit = false; @@ -1460,7 +1460,7 @@ static int encode(rlm_radius_udp_t const *inst, request_t *request, udp_request_ * received the request. */ if ((u->code == FR_RADIUS_CODE_ACCOUNTING_REQUEST) && - (fr_pair_find_by_da_idx(&request->request_pairs, attr_acct_delay_time, 0) != NULL)) { + (fr_pair_find_by_da(&request->request_pairs, NULL, attr_acct_delay_time) != NULL)) { uint8_t *attr, *end; uint32_t delay; fr_time_t now; @@ -2483,7 +2483,7 @@ static void request_demux(UNUSED fr_event_list_t *el, fr_trunk_connection_t *tco if ((u->code == FR_RADIUS_CODE_ACCESS_REQUEST) && (code == FR_RADIUS_CODE_ACCESS_CHALLENGE)) { fr_pair_t *vp; - vp = fr_pair_find_by_da_idx(&request->reply_pairs, attr_packet_type, 0); + vp = fr_pair_find_by_da(&request->reply_pairs, NULL, attr_packet_type); if (!vp) { MEM(vp = fr_pair_afrom_da(request->reply_ctx, attr_packet_type)); vp->vp_uint32 = FR_RADIUS_CODE_ACCESS_CHALLENGE; @@ -2503,7 +2503,7 @@ static void request_demux(UNUSED fr_event_list_t *el, fr_trunk_connection_t *tco * reply.Message-Authenticator attribute, so that * it ends up in our reply. */ - if (fr_pair_find_by_da_idx(&reply, attr_message_authenticator, 0)) { + if (fr_pair_find_by_da(&reply, NULL, attr_message_authenticator)) { fr_pair_t *vp; fr_pair_delete_by_da(&reply, attr_message_authenticator); @@ -2791,7 +2791,7 @@ static unlang_action_t mod_enqueue(rlm_rcode_t *p_result, void **rctx_out, void * * @todo - don't edit the input packet! */ - if (fr_pair_find_by_da_idx(&request->request_pairs, attr_message_authenticator, 0)) { + if (fr_pair_find_by_da(&request->request_pairs, NULL, attr_message_authenticator)) { u->require_ma = true; pair_delete_request(attr_message_authenticator); } diff --git a/src/modules/rlm_radutmp/rlm_radutmp.c b/src/modules/rlm_radutmp/rlm_radutmp.c index bf5ab0034d8..f2676c380b7 100644 --- a/src/modules/rlm_radutmp/rlm_radutmp.c +++ b/src/modules/rlm_radutmp/rlm_radutmp.c @@ -207,7 +207,7 @@ static unlang_action_t CC_HINT(nonnull) mod_accounting(rlm_rcode_t *p_result, mo /* * Which type is this. */ - if ((vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_acct_status_type, 0)) == NULL) { + if ((vp = fr_pair_find_by_da(&request->request_pairs, NULL, attr_acct_status_type)) == NULL) { RDEBUG2("No Accounting-Status-Type record"); RETURN_MODULE_NOOP; } @@ -230,10 +230,10 @@ static unlang_action_t CC_HINT(nonnull) mod_accounting(rlm_rcode_t *p_result, mo int check1 = 0; int check2 = 0; - if ((vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_acct_session_time, 0)) + if ((vp = fr_pair_find_by_da(&request->request_pairs, NULL, attr_acct_session_time)) == NULL || vp->vp_uint32 == 0) check1 = 1; - if ((vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_acct_session_id, 0)) + if ((vp = fr_pair_find_by_da(&request->request_pairs, NULL, attr_acct_session_id)) != NULL && vp->vp_length == 8 && memcmp(vp->vp_strvalue, "00000000", 8) == 0) check2 = 1; diff --git a/src/modules/rlm_redis_ippool/rlm_redis_ippool.c b/src/modules/rlm_redis_ippool/rlm_redis_ippool.c index eecb0ee4cf2..25e6e873d2d 100644 --- a/src/modules/rlm_redis_ippool/rlm_redis_ippool.c +++ b/src/modules/rlm_redis_ippool/rlm_redis_ippool.c @@ -1269,13 +1269,13 @@ static unlang_action_t CC_HINT(nonnull) mod_accounting(rlm_rcode_t *p_result, mo /* * IP-Pool.Action override */ - vp = fr_pair_find_by_da_idx(&request->control_pairs, attr_pool_action, 0); + vp = fr_pair_find_by_da(&request->control_pairs, NULL, attr_pool_action); if (vp) return mod_action(p_result, inst, request, vp->vp_uint32); /* * Otherwise, guess the action by Acct-Status-Type */ - vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_acct_status_type, 0); + vp = fr_pair_find_by_da(&request->request_pairs, NULL, attr_acct_status_type); if (!vp) { RDEBUG2("Couldn't find &request.Acct-Status-Type or &control.IP-Pool.Action, doing nothing..."); RETURN_MODULE_NOOP; @@ -1306,7 +1306,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authorize(rlm_rcode_t *p_result, mod * Unless it's overridden the default action is to allocate * when called in Post-Auth. */ - vp = fr_pair_find_by_da_idx(&request->control_pairs, attr_pool_action, 0); + vp = fr_pair_find_by_da(&request->control_pairs, NULL, attr_pool_action); return mod_action(p_result, inst, request, vp ? vp->vp_uint32 : POOL_ACTION_ALLOCATE); } @@ -1320,7 +1320,7 @@ static unlang_action_t CC_HINT(nonnull) mod_post_auth(rlm_rcode_t *p_result, mod * Unless it's overridden the default action is to allocate * when called in Post-Auth. */ - vp = fr_pair_find_by_da_idx(&request->control_pairs, attr_pool_action, 0); + vp = fr_pair_find_by_da(&request->control_pairs, NULL, attr_pool_action); if (vp) { if ((vp->vp_uint32 > 0) && (vp->vp_uint32 <= POOL_ACTION_BULK_RELEASE)) { action = vp->vp_uint32; @@ -1331,7 +1331,7 @@ static unlang_action_t CC_HINT(nonnull) mod_post_auth(rlm_rcode_t *p_result, mod } } else if (request->dict == dict_dhcpv4) { - vp = fr_pair_find_by_da_idx(&request->control_pairs, attr_message_type, 0); + vp = fr_pair_find_by_da(&request->control_pairs, NULL, attr_message_type); if (!vp) goto run; if (vp->vp_uint8 == FR_DHCP_REQUEST) action = POOL_ACTION_UPDATE; @@ -1351,7 +1351,7 @@ static unlang_action_t CC_HINT(nonnull) mod_request(rlm_rcode_t *p_result, modul * when called by DHCP request */ - vp = fr_pair_find_by_da_idx(&request->control_pairs, attr_pool_action, 0); + vp = fr_pair_find_by_da(&request->control_pairs, NULL, attr_pool_action); return mod_action(p_result, inst, request, vp ? vp->vp_uint32 : POOL_ACTION_UPDATE); } @@ -1365,7 +1365,7 @@ static unlang_action_t CC_HINT(nonnull) mod_release(rlm_rcode_t *p_result, modul * when called by DHCP release */ - vp = fr_pair_find_by_da_idx(&request->control_pairs, attr_pool_action, 0); + vp = fr_pair_find_by_da(&request->control_pairs, NULL, attr_pool_action); return mod_action(p_result, inst, request, vp ? vp->vp_uint32 : POOL_ACTION_RELEASE); } diff --git a/src/modules/rlm_rediswho/rlm_rediswho.c b/src/modules/rlm_rediswho/rlm_rediswho.c index 642f5150b79..3a4c1356214 100644 --- a/src/modules/rlm_rediswho/rlm_rediswho.c +++ b/src/modules/rlm_rediswho/rlm_rediswho.c @@ -204,7 +204,7 @@ static unlang_action_t CC_HINT(nonnull) mod_accounting(rlm_rcode_t *p_result, mo CONF_SECTION *cs; char const *insert, *trim, *expire; - vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_acct_status_type, 0); + vp = fr_pair_find_by_da(&request->request_pairs, NULL, attr_acct_status_type); if (!vp) { RDEBUG2("Could not find account status type in packet"); RETURN_MODULE_NOOP; diff --git a/src/modules/rlm_rest/rlm_rest.c b/src/modules/rlm_rest/rlm_rest.c index 965f015847f..9d45cfbae83 100644 --- a/src/modules/rlm_rest/rlm_rest.c +++ b/src/modules/rlm_rest/rlm_rest.c @@ -740,8 +740,8 @@ static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result, if (!section->name) RETURN_MODULE_NOOP; - username = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_name, 0); - password = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_password, 0); + username = fr_pair_find_by_da(&request->request_pairs, NULL, attr_user_name); + password = fr_pair_find_by_da(&request->request_pairs, NULL, attr_user_password); /* * We can only authenticate user requests which HAVE diff --git a/src/modules/rlm_securid/mem.c b/src/modules/rlm_securid/mem.c index 7c38b5e1d40..52848fe7c79 100644 --- a/src/modules/rlm_securid/mem.c +++ b/src/modules/rlm_securid/mem.c @@ -183,7 +183,7 @@ SECURID_SESSION *securid_sessionlist_find(rlm_securid_t *inst, request_t *reques /* * We key the sessions off of the 'state' attribute */ - state = fr_pair_find_by_da_idx(&request->request_pairs, attr_state, 0); + state = fr_pair_find_by_da(&request->request_pairs, NULL, attr_state); if (!state) { return NULL; } diff --git a/src/modules/rlm_securid/rlm_securid.c b/src/modules/rlm_securid/rlm_securid.c index cf14cfcb502..f18ec0455db 100644 --- a/src/modules/rlm_securid/rlm_securid.c +++ b/src/modules/rlm_securid/rlm_securid.c @@ -473,8 +473,8 @@ static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result, fr_pair_t *username, *password; fr_pair_t *vp; - username = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_name, 0); - password = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_password, 0); + username = fr_pair_find_by_da(&request->request_pairs, NULL, attr_user_name); + password = fr_pair_find_by_da(&request->request_pairs, NULL, attr_user_password); /* * We can only authenticate user requests which HAVE diff --git a/src/modules/rlm_smtp/rlm_smtp.c b/src/modules/rlm_smtp/rlm_smtp.c index 5be4ec89fe5..5ec9ecaa7e9 100644 --- a/src/modules/rlm_smtp/rlm_smtp.c +++ b/src/modules/rlm_smtp/rlm_smtp.c @@ -810,15 +810,15 @@ static unlang_action_t CC_HINT(nonnull) mod_authorize(rlm_rcode_t *p_result, mod fr_pair_t const *smtp_body, *username, *password; - if (fr_pair_find_by_da_idx(&request->control_pairs, attr_auth_type, 0) != NULL) { + if (fr_pair_find_by_da(&request->control_pairs, NULL, attr_auth_type) != NULL) { RDEBUG3("Auth-Type is already set. Not setting 'Auth-Type := %s'", inst->name); RETURN_MODULE_NOOP; } /* Elements provided by the request */ - username = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_name, 0); - password = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_password, 0); - smtp_body = fr_pair_find_by_da_idx(&request->request_pairs, attr_smtp_body, 0); + username = fr_pair_find_by_da(&request->request_pairs, NULL, attr_user_name); + password = fr_pair_find_by_da(&request->request_pairs, NULL, attr_user_password); + smtp_body = fr_pair_find_by_da(&request->request_pairs, NULL, attr_smtp_body); /* Make sure all of the essential email components are present and possible*/ if (!smtp_body) { @@ -981,8 +981,8 @@ static unlang_action_t CC_HINT(nonnull(1,2)) mod_authenticate(rlm_rcode_t *p_res RETURN_MODULE_FAIL; } - username = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_name, 0); - password = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_password, 0); + username = fr_pair_find_by_da(&request->request_pairs, NULL, attr_user_name); + password = fr_pair_find_by_da(&request->request_pairs, NULL, attr_user_password); /* Make sure we have a user-name and user-password, and that they are possible */ if (!username) { diff --git a/src/modules/rlm_soh/rlm_soh.c b/src/modules/rlm_soh/rlm_soh.c index 80e97a5b12a..a9adf013b7a 100644 --- a/src/modules/rlm_soh/rlm_soh.c +++ b/src/modules/rlm_soh/rlm_soh.c @@ -93,19 +93,19 @@ static xlat_action_t soh_xlat(TALLOC_CTX *ctx, fr_dcursor_t *out, /* * There will be no point unless SoH-Supported = yes */ - vp[0] = fr_pair_find_by_da_idx(&request->request_pairs, attr_soh_supported, 0); + vp[0] = fr_pair_find_by_da(&request->request_pairs, NULL, attr_soh_supported); if (!vp[0]) return XLAT_ACTION_FAIL; if (strncasecmp(in_head->vb_strvalue, "OS", 2) == 0) { /* OS vendor */ - vp[0] = fr_pair_find_by_da_idx(&request->request_pairs, attr_soh_ms_machine_os_vendor, 0); - vp[1] = fr_pair_find_by_da_idx(&request->request_pairs, attr_soh_ms_machine_os_version, 0); - vp[2] = fr_pair_find_by_da_idx(&request->request_pairs, attr_soh_ms_machine_os_release, 0); - vp[3] = fr_pair_find_by_da_idx(&request->request_pairs, attr_soh_ms_machine_os_build, 0); - vp[4] = fr_pair_find_by_da_idx(&request->request_pairs, attr_soh_ms_machine_sp_version, 0); - vp[5] = fr_pair_find_by_da_idx(&request->request_pairs, attr_soh_ms_machine_sp_release, 0); + vp[0] = fr_pair_find_by_da(&request->request_pairs, NULL, attr_soh_ms_machine_os_vendor); + vp[1] = fr_pair_find_by_da(&request->request_pairs, NULL, attr_soh_ms_machine_os_version); + vp[2] = fr_pair_find_by_da(&request->request_pairs, NULL, attr_soh_ms_machine_os_release); + vp[3] = fr_pair_find_by_da(&request->request_pairs, NULL, attr_soh_ms_machine_os_build); + vp[4] = fr_pair_find_by_da(&request->request_pairs, NULL, attr_soh_ms_machine_sp_version); + vp[5] = fr_pair_find_by_da(&request->request_pairs, NULL, attr_soh_ms_machine_sp_release); if (vp[0] && vp[0]->vp_uint32 == attr_ms_vendor->attr) { MEM(vb=fr_value_box_alloc_null(ctx)); @@ -191,7 +191,7 @@ static unlang_action_t CC_HINT(nonnull) mod_post_auth(rlm_rcode_t *p_result, mod if (!inst->dhcp) RETURN_MODULE_NOOP; - vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_dhcp_vendor, 0); + vp = fr_pair_find_by_da(&request->request_pairs, NULL, attr_dhcp_vendor); if (vp) { /* * vendor-specific options contain @@ -252,7 +252,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authorize(rlm_rcode_t *p_result, UNU int rv; /* try to find the MS-SoH payload */ - vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_ms_quarantine_soh, 0); + vp = fr_pair_find_by_da(&request->request_pairs, NULL, attr_ms_quarantine_soh); if (!vp) { RDEBUG2("SoH radius VP not found"); RETURN_MODULE_NOOP; diff --git a/src/modules/rlm_sql/rlm_sql.c b/src/modules/rlm_sql/rlm_sql.c index 5408df0f9d6..6ce8e036af5 100644 --- a/src/modules/rlm_sql/rlm_sql.c +++ b/src/modules/rlm_sql/rlm_sql.c @@ -146,7 +146,7 @@ fr_dict_attr_autoload_t rlm_sql_dict_attr[] = { static sql_fall_through_t fall_through(fr_pair_list_t *vps) { fr_pair_t *tmp; - tmp = fr_pair_find_by_da_idx(vps, attr_fall_through, 0); + tmp = fr_pair_find_by_da(vps, NULL, attr_fall_through); return tmp ? tmp->vp_uint32 : FALL_THROUGH_DEFAULT; } @@ -1350,7 +1350,7 @@ skip_reply: * Check for a default_profile or for a User-Profile. */ RDEBUG3("... falling-through to profile processing"); - user_profile = fr_pair_find_by_da_idx(&request->control_pairs, attr_user_profile, 0); + user_profile = fr_pair_find_by_da(&request->control_pairs, NULL, attr_user_profile); profile = user_profile ? user_profile->vp_strvalue : diff --git a/src/modules/rlm_sqlippool/rlm_sqlippool.c b/src/modules/rlm_sqlippool/rlm_sqlippool.c index 453c954e58f..1faf12cd3a4 100644 --- a/src/modules/rlm_sqlippool/rlm_sqlippool.c +++ b/src/modules/rlm_sqlippool/rlm_sqlippool.c @@ -510,13 +510,13 @@ static unlang_action_t CC_HINT(nonnull) mod_alloc(rlm_rcode_t *p_result, module_ /* * If there is a Framed-IP-Address attribute in the reply do nothing */ - if (fr_pair_find_by_da_idx(&request->reply_pairs, inst->allocated_address_da, 0) != NULL) { + if (fr_pair_find_by_da(&request->reply_pairs, NULL, inst->allocated_address_da) != NULL) { RDEBUG2("%s already exists", inst->allocated_address_da->name); return do_logging(p_result, inst, request, inst->log_exists, RLM_MODULE_NOOP); } - if (fr_pair_find_by_da_idx(&request->control_pairs, attr_pool_name, 0) == NULL) { + if (fr_pair_find_by_da(&request->control_pairs, NULL, attr_pool_name) == NULL) { RDEBUG2("No %s defined", attr_pool_name->name); return do_logging(p_result, inst, request, inst->log_nopool, RLM_MODULE_NOOP); @@ -820,7 +820,7 @@ static unlang_action_t CC_HINT(nonnull) mod_accounting(rlm_rcode_t *p_result, mo int acct_status_type; - vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_acct_status_type, 0); + vp = fr_pair_find_by_da(&request->request_pairs, NULL, attr_acct_status_type); if (!vp) { RDEBUG2("Could not find account status type in packet"); RETURN_MODULE_NOOP; diff --git a/src/modules/rlm_stats/rlm_stats.c b/src/modules/rlm_stats/rlm_stats.c index 9104cf2d854..d84a4cb4f8e 100644 --- a/src/modules/rlm_stats/rlm_stats.c +++ b/src/modules/rlm_stats/rlm_stats.c @@ -259,7 +259,7 @@ static unlang_action_t CC_HINT(nonnull) mod_stats(rlm_rcode_t *p_result, module_ RETURN_MODULE_NOOP; } - vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_freeradius_stats4_type, 0); + vp = fr_pair_find_by_da(&request->request_pairs, NULL, attr_freeradius_stats4_type); if (!vp) { stats_type = FR_STATS4_TYPE_VALUE_GLOBAL; } else { @@ -291,8 +291,8 @@ static unlang_action_t CC_HINT(nonnull) mod_stats(rlm_rcode_t *p_result, module_ break; case FR_STATS4_TYPE_VALUE_CLIENT: /* src */ - vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_freeradius_stats4_ipv4_address, 0); - if (!vp) vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_freeradius_stats4_ipv6_address, 0); + vp = fr_pair_find_by_da(&request->request_pairs, NULL, attr_freeradius_stats4_ipv4_address); + if (!vp) vp = fr_pair_find_by_da(&request->request_pairs, NULL, attr_freeradius_stats4_ipv6_address); if (!vp) RETURN_MODULE_NOOP; mydata.ipaddr = vp->vp_ip; @@ -300,8 +300,8 @@ static unlang_action_t CC_HINT(nonnull) mod_stats(rlm_rcode_t *p_result, module_ break; case FR_STATS4_TYPE_VALUE_LISTENER: /* dst */ - vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_freeradius_stats4_ipv4_address, 0); - if (!vp) vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_freeradius_stats4_ipv6_address, 0); + vp = fr_pair_find_by_da(&request->request_pairs, NULL, attr_freeradius_stats4_ipv4_address); + if (!vp) vp = fr_pair_find_by_da(&request->request_pairs, NULL, attr_freeradius_stats4_ipv6_address); if (!vp) RETURN_MODULE_NOOP; mydata.ipaddr = vp->vp_ip; diff --git a/src/modules/rlm_totp/rlm_totp.c b/src/modules/rlm_totp/rlm_totp.c index 36d32c7286d..46756429d83 100644 --- a/src/modules/rlm_totp/rlm_totp.c +++ b/src/modules/rlm_totp/rlm_totp.c @@ -239,7 +239,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result, uint8_t buffer[80]; /* multiple of 5*8 characters */ - password = fr_pair_find_by_da_idx(&request->request_pairs, attr_totp_user_password, 0); + password = fr_pair_find_by_da(&request->request_pairs, NULL, attr_totp_user_password); if (!password) RETURN_MODULE_NOOP; if (password->vp_length != 6) { @@ -250,7 +250,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result, /* * Look for the raw key first. */ - vp = fr_pair_find_by_da_idx(&request->control_pairs, attr_totp_key, 0); + vp = fr_pair_find_by_da(&request->control_pairs, NULL, attr_totp_key); if (vp) { key = vp->vp_octets; keylen = vp->vp_length; @@ -258,7 +258,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result, } else { ssize_t len; - vp = fr_pair_find_by_da_idx(&request->control_pairs, attr_totp_secret, 0); + vp = fr_pair_find_by_da(&request->control_pairs, NULL, attr_totp_secret); if (!vp) RETURN_MODULE_NOOP; len = base32_decode(buffer, sizeof(buffer), vp->vp_strvalue); diff --git a/src/modules/rlm_unix/rlm_unix.c b/src/modules/rlm_unix/rlm_unix.c index 9507ceb43d0..8ec555d3827 100644 --- a/src/modules/rlm_unix/rlm_unix.c +++ b/src/modules/rlm_unix/rlm_unix.c @@ -110,7 +110,7 @@ static int groupcmp(UNUSED void *instance, request_t *request, fr_pair_t const * /* * No user name, can't compare. */ - username = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_name, 0); + username = fr_pair_find_by_da(&request->request_pairs, NULL, attr_user_name); if (!username) return -1; if (fr_perm_getpwnam(request, &pwd, username->vp_strvalue) < 0) { @@ -197,7 +197,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authorize(rlm_rcode_t *p_result, UNU * We can only authenticate user requests which HAVE * a User-Name attribute. */ - username = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_name, 0); + username = fr_pair_find_by_da(&request->request_pairs, NULL, attr_user_name); if (!username) RETURN_MODULE_NOOP; name = username->vp_strvalue; @@ -367,7 +367,7 @@ static unlang_action_t CC_HINT(nonnull) mod_accounting(rlm_rcode_t *p_result, mo /* * Which type is this. */ - if ((vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_acct_status_type, 0)) == NULL) { + if ((vp = fr_pair_find_by_da(&request->request_pairs, NULL, attr_acct_status_type)) == NULL) { RDEBUG2("no Accounting-Status-Type attribute in request"); RETURN_MODULE_NOOP; } @@ -384,7 +384,7 @@ static unlang_action_t CC_HINT(nonnull) mod_accounting(rlm_rcode_t *p_result, mo * We're only interested in accounting messages * with a username in it. */ - if (fr_pair_find_by_da_idx(&request->request_pairs, attr_user_name, 0) == NULL) + if (fr_pair_find_by_da(&request->request_pairs, NULL, attr_user_name) == NULL) RETURN_MODULE_NOOP; t = fr_time_to_sec(request->packet->timestamp); diff --git a/src/modules/rlm_wimax/rlm_wimax.c b/src/modules/rlm_wimax/rlm_wimax.c index 289053d722b..a729020928c 100644 --- a/src/modules/rlm_wimax/rlm_wimax.c +++ b/src/modules/rlm_wimax/rlm_wimax.c @@ -123,7 +123,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authorize(rlm_rcode_t *p_result, UNU /* * Fix Calling-Station-Id. Damn you, WiMAX! */ - vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_calling_station_id, 0); + vp = fr_pair_find_by_da(&request->request_pairs, NULL, attr_calling_station_id); if (vp && (vp->vp_length == 6)) { int i; char *p; @@ -174,8 +174,8 @@ static unlang_action_t CC_HINT(nonnull) mod_post_auth(rlm_rcode_t *p_result, mod uint8_t mip_rk[2 * EVP_MAX_MD_SIZE]; size_t rk1_len = sizeof(mip_rk_1), rk2_len = sizeof(mip_rk_2), rk_len = sizeof(mip_rk); - msk = fr_pair_find_by_da_idx(&request->reply_pairs, attr_eap_msk, 0); - emsk = fr_pair_find_by_da_idx(&request->reply_pairs, attr_eap_emsk, 0); + msk = fr_pair_find_by_da(&request->reply_pairs, NULL, attr_eap_msk); + emsk = fr_pair_find_by_da(&request->reply_pairs, NULL, attr_eap_emsk); if (!msk || !emsk) { REDEBUG2("No EAP-MSK or EAP-EMSK. Cannot create WiMAX keys"); RETURN_MODULE_NOOP; @@ -254,8 +254,8 @@ static unlang_action_t CC_HINT(nonnull) mod_post_auth(rlm_rcode_t *p_result, mod /* * Calculate mobility keys */ - mn_nai = fr_pair_find_by_da_idx(&request->request_pairs, attr_wimax_mn_nai, 0); - if (!mn_nai) mn_nai = fr_pair_find_by_da_idx(&request->reply_pairs, attr_wimax_mn_nai, 0); + mn_nai = fr_pair_find_by_da(&request->request_pairs, NULL, attr_wimax_mn_nai); + if (!mn_nai) mn_nai = fr_pair_find_by_da(&request->reply_pairs, NULL, attr_wimax_mn_nai); if (!mn_nai) { RWDEBUG("%s was not found in the request or in the reply", attr_wimax_mn_nai->name); RWDEBUG("We cannot calculate MN-HA keys"); @@ -265,7 +265,7 @@ static unlang_action_t CC_HINT(nonnull) mod_post_auth(rlm_rcode_t *p_result, mod * WiMAX-IP-Technology */ vp = NULL; - if (mn_nai) vp = fr_pair_find_by_da_idx(&request->reply_pairs, attr_wimax_ip_technology, 0); + if (mn_nai) vp = fr_pair_find_by_da(&request->reply_pairs, NULL, attr_wimax_ip_technology); if (!vp) { RWDEBUG("%s not found in reply", attr_wimax_ip_technology->name); RWDEBUG("Not calculating MN-HA keys"); @@ -276,7 +276,7 @@ static unlang_action_t CC_HINT(nonnull) mod_post_auth(rlm_rcode_t *p_result, mod /* * Look for WiMAX-hHA-IP-MIP4 */ - ip = fr_pair_find_by_da_idx(&request->reply_pairs, attr_wimax_hha_ip_mip4, 0); + ip = fr_pair_find_by_da(&request->reply_pairs, NULL, attr_wimax_hha_ip_mip4); if (!ip) { RWDEBUG("%s not found. Cannot calculate MN-HA-PMIP4 key", attr_wimax_hha_ip_mip4->name); break; @@ -311,7 +311,7 @@ static unlang_action_t CC_HINT(nonnull) mod_post_auth(rlm_rcode_t *p_result, mod /* * Look for WiMAX-hHA-IP-MIP4 */ - ip = fr_pair_find_by_da_idx(&request->reply_pairs, attr_wimax_hha_ip_mip4, 0); + ip = fr_pair_find_by_da(&request->reply_pairs, NULL, attr_wimax_hha_ip_mip4); if (!ip) { RWDEBUG("%s not found. Cannot calculate MN-HA-CMIP4 key", attr_wimax_hha_ip_mip4->name); break; @@ -346,7 +346,7 @@ static unlang_action_t CC_HINT(nonnull) mod_post_auth(rlm_rcode_t *p_result, mod /* * Look for WiMAX-hHA-IP-MIP6 */ - ip = fr_pair_find_by_da_idx(&request->reply_pairs, attr_wimax_hha_ip_mip6, 0); + ip = fr_pair_find_by_da(&request->reply_pairs, NULL, attr_wimax_hha_ip_mip6); if (!ip) { RWDEBUG("%s not found. Cannot calculate MN-HA-CMIP6 key", attr_wimax_hha_ip_mip6->name); break; @@ -386,7 +386,7 @@ static unlang_action_t CC_HINT(nonnull) mod_post_auth(rlm_rcode_t *p_result, mod * * FA-RK= H(MIP-RK, "FA-RK") */ - fa_rk = fr_pair_find_by_da_idx(&request->reply_pairs, attr_wimax_fa_rk_key, 0); + fa_rk = fr_pair_find_by_da(&request->reply_pairs, NULL, attr_wimax_fa_rk_key); if (fa_rk && (fa_rk->vp_length <= 1)) { EVP_MD_CTX_reset(hmac_ctx); EVP_DigestSignInit(hmac_ctx, NULL, EVP_sha1(), NULL, hmac_pkey); @@ -412,7 +412,7 @@ static unlang_action_t CC_HINT(nonnull) mod_post_auth(rlm_rcode_t *p_result, mod * * WiMAX-RRQ-MN-HA-SPI */ - vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_wimax_rrq_mn_ha_spi, 0); + vp = fr_pair_find_by_da(&request->request_pairs, NULL, attr_wimax_rrq_mn_ha_spi); if (vp) { REDEBUG2("Client requested MN-HA key: Should use SPI to look up key from storage"); if (!mn_nai) { @@ -422,14 +422,14 @@ static unlang_action_t CC_HINT(nonnull) mod_post_auth(rlm_rcode_t *p_result, mod /* * WiMAX-RRQ-HA-IP */ - if (!fr_pair_find_by_da_idx(&request->request_pairs, attr_wimax_rrq_ha_ip, 0)) { + if (!fr_pair_find_by_da(&request->request_pairs, NULL, attr_wimax_rrq_ha_ip)) { RWDEBUG("HA-IP was not found!"); } /* * WiMAX-HA-RK-Key-Requested */ - vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_wimax_ha_rk_key_requested, 0); + vp = fr_pair_find_by_da(&request->request_pairs, NULL, attr_wimax_ha_rk_key_requested); if (vp && (vp->vp_uint32 == 1)) { REDEBUG2("Client requested HA-RK: Should use IP to look it up from storage"); } diff --git a/src/modules/rlm_winbind/rlm_winbind.c b/src/modules/rlm_winbind/rlm_winbind.c index 855fed2d09e..76c269fbc66 100644 --- a/src/modules/rlm_winbind/rlm_winbind.c +++ b/src/modules/rlm_winbind/rlm_winbind.c @@ -102,7 +102,7 @@ static int winbind_group_cmp(void *instance, request_t *request, fr_pair_t const ssize_t slen; size_t backslash = 0; - vp_username = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_name, 0); + vp_username = fr_pair_find_by_da(&request->request_pairs, NULL, attr_user_name); if (!vp_username) return -1; RINDENT(); @@ -467,7 +467,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authorize(rlm_rcode_t *p_result, mod rlm_winbind_t const *inst = talloc_get_type_abort_const(mctx->inst->data, rlm_winbind_t); fr_pair_t *vp; - vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_password, 0); + vp = fr_pair_find_by_da(&request->request_pairs, NULL, attr_user_password); if (!vp) { REDEBUG2("No User-Password found in the request; not doing winbind authentication."); RETURN_MODULE_NOOP; @@ -496,8 +496,8 @@ static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result, rlm_winbind_t const *inst = talloc_get_type_abort_const(mctx->inst->data, rlm_winbind_t); fr_pair_t *username, *password; - username = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_name, 0); - password = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_password, 0); + username = fr_pair_find_by_da(&request->request_pairs, NULL, attr_user_name); + password = fr_pair_find_by_da(&request->request_pairs, NULL, attr_user_password); /* * We can only authenticate user requests which HAVE diff --git a/src/modules/rlm_yubikey/decrypt.c b/src/modules/rlm_yubikey/decrypt.c index a37276944a5..e1eb2b3f901 100644 --- a/src/modules/rlm_yubikey/decrypt.c +++ b/src/modules/rlm_yubikey/decrypt.c @@ -26,7 +26,7 @@ unlang_action_t rlm_yubikey_decrypt(rlm_rcode_t *p_result, module_ctx_t const *m fr_pair_t *key, *vp; - key = fr_pair_find_by_da_idx(&request->control_pairs, attr_yubikey_key, 0); + key = fr_pair_find_by_da(&request->control_pairs, NULL, attr_yubikey_key); if (!key) { REDEBUG("Yubikey-Key attribute not found in control list, can't decrypt OTP data"); RETURN_MODULE_INVALID; @@ -88,7 +88,7 @@ unlang_action_t rlm_yubikey_decrypt(rlm_rcode_t *p_result, module_ctx_t const *m /* * Now we check for replay attacks */ - vp = fr_pair_find_by_da_idx(&request->control_pairs, attr_yubikey_counter, 0); + vp = fr_pair_find_by_da(&request->control_pairs, NULL, attr_yubikey_counter); if (!vp) { RWDEBUG("Yubikey-Counter not found in control list, skipping replay attack checks"); RETURN_MODULE_OK; diff --git a/src/modules/rlm_yubikey/rlm_yubikey.c b/src/modules/rlm_yubikey/rlm_yubikey.c index 985cffd4f07..e8c1e83ddf6 100644 --- a/src/modules/rlm_yubikey/rlm_yubikey.c +++ b/src/modules/rlm_yubikey/rlm_yubikey.c @@ -285,7 +285,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authorize(rlm_rcode_t *p_result, mod /* * Can't do yubikey auth if there's no password. */ - password = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_password, 0); + password = fr_pair_find_by_da(&request->request_pairs, NULL, attr_user_password); if (!password) { /* * Don't print out debugging messages if we know @@ -392,13 +392,13 @@ static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result, size_t len; int ret; - vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_yubikey_otp, 0); + vp = fr_pair_find_by_da(&request->request_pairs, NULL, attr_yubikey_otp); if (!vp) { RDEBUG2("No Yubikey-OTP attribute found, falling back to User-Password"); /* * Can't do yubikey auth if there's no password. */ - vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_password, 0); + vp = fr_pair_find_by_da(&request->request_pairs, NULL, attr_user_password); if (!vp) { REDEBUG("No User-Password in the request. Can't do Yubikey authentication"); RETURN_MODULE_INVALID; diff --git a/src/process/dhcpv4/base.c b/src/process/dhcpv4/base.c index b17f90da698..f0418f34259 100644 --- a/src/process/dhcpv4/base.c +++ b/src/process/dhcpv4/base.c @@ -95,7 +95,7 @@ static void dhcpv4_packet_debug(request_t *request, fr_radius_packet_t *packet, if (!*dhcp_header_attrs[i]) continue; - vp = fr_pair_find_by_da_idx(list, *dhcp_header_attrs[i], 0); + vp = fr_pair_find_by_da(list, NULL, *dhcp_header_attrs[i]); if (!vp) continue; RDEBUGX(L_DBG_LVL_1, "%pP", vp); } @@ -142,7 +142,7 @@ RESUME(check_yiaddr) { fr_pair_t *vp; - vp = fr_pair_find_by_da_idx(&request->reply_pairs, attr_yiaddr, 0); + vp = fr_pair_find_by_da(&request->reply_pairs, NULL, attr_yiaddr); if (!vp) { REDEBUG("%s packet does not have YIADDR. The client will not receive an IP address.", dhcp_message_types[request->reply->code]); diff --git a/src/process/dhcpv6/base.c b/src/process/dhcpv6/base.c index bff44364664..96730737c72 100644 --- a/src/process/dhcpv6/base.c +++ b/src/process/dhcpv6/base.c @@ -334,7 +334,7 @@ process_dhcpv6_client_fields_t *dhcpv6_client_fields_store(request_t *request, b fr_pair_t *transaction_id, *client_id, *server_id; process_dhcpv6_client_fields_t *rctx; - transaction_id = fr_pair_find_by_da_idx(&request->request_pairs, attr_transaction_id, 0); + transaction_id = fr_pair_find_by_da(&request->request_pairs, NULL, attr_transaction_id); if (!transaction_id) { REDEBUG("Missing Transaction-ID"); return NULL; @@ -461,7 +461,7 @@ int restore_field(request_t *request, fr_pair_t **to_restore) PAIR_VERIFY(*to_restore); - vp = fr_pair_find_by_da_idx(&request->reply_pairs, (*to_restore)->da, 0); + vp = fr_pair_find_by_da(&request->reply_pairs, NULL, (*to_restore)->da); if (vp) { if (fr_pair_cmp(vp, *to_restore) != 0) { RWDEBUG("&reply.%pP does not match &request.%pP", vp, *to_restore); @@ -624,25 +624,25 @@ process_dhcpv6_relay_fields_t *dhcpv6_relay_fields_store(request_t *request) fr_pair_t *hop_count, *link_address, *peer_address, *interface_id; process_dhcpv6_relay_fields_t *rctx; - hop_count = fr_pair_find_by_da_idx(&request->request_pairs, attr_hop_count, 0); + hop_count = fr_pair_find_by_da(&request->request_pairs, NULL, attr_hop_count); if (!hop_count) { REDEBUG("Missing Hop-Count"); return NULL; } - link_address = fr_pair_find_by_da_idx(&request->request_pairs, attr_relay_link_address, 0); + link_address = fr_pair_find_by_da(&request->request_pairs, NULL, attr_relay_link_address); if (!link_address) { REDEBUG("Missing Link-Address"); return NULL; } - peer_address = fr_pair_find_by_da_idx(&request->request_pairs, attr_relay_peer_address, 0); + peer_address = fr_pair_find_by_da(&request->request_pairs, NULL, attr_relay_peer_address); if (!peer_address) { REDEBUG("Missing Peer-Address"); return NULL; } - interface_id = fr_pair_find_by_da_idx(&request->request_pairs, attr_interface_id, 0); + interface_id = fr_pair_find_by_da(&request->request_pairs, NULL, attr_interface_id); /* * Remember the relay fields diff --git a/src/process/radius/base.c b/src/process/radius/base.c index db91d208451..e63cece6ccd 100644 --- a/src/process/radius/base.c +++ b/src/process/radius/base.c @@ -247,9 +247,9 @@ static char *auth_name(char *buf, size_t buflen, request_t *request) char const *tls = ""; RADCLIENT *client = client_from_request(request); - cli = fr_pair_find_by_da_idx(&request->request_pairs, attr_calling_station_id, 0); + cli = fr_pair_find_by_da(&request->request_pairs, NULL, attr_calling_station_id); - pair = fr_pair_find_by_da_idx(&request->request_pairs, attr_nas_port, 0); + pair = fr_pair_find_by_da(&request->request_pairs, NULL, attr_nas_port); if (pair != NULL) port = pair->vp_uint32; if (request->packet->socket.inet.dst_port == 0) tls = " via proxy to virtual server"; @@ -293,21 +293,21 @@ static void CC_HINT(format (printf, 4, 5)) auth_message(process_radius_auth_t co * Get the correct username based on the configured value */ if (!inst->log_stripped_names) { - username = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_name, 0); + username = fr_pair_find_by_da(&request->request_pairs, NULL, attr_user_name); } else { - username = fr_pair_find_by_da_idx(&request->request_pairs, attr_stripped_user_name, 0); - if (!username) username = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_name, 0); + username = fr_pair_find_by_da(&request->request_pairs, NULL, attr_stripped_user_name); + if (!username) username = fr_pair_find_by_da(&request->request_pairs, NULL, attr_user_name); } /* * Clean up the password */ if (inst->log_auth_badpass || inst->log_auth_goodpass) { - password = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_password, 0); + password = fr_pair_find_by_da(&request->request_pairs, NULL, attr_user_password); if (!password) { fr_pair_t *auth_type; - auth_type = fr_pair_find_by_da_idx(&request->control_pairs, attr_auth_type, 0); + auth_type = fr_pair_find_by_da(&request->control_pairs, NULL, attr_auth_type); if (auth_type) { snprintf(password_buff, sizeof(password_buff), "", fr_dict_enum_name_by_value(auth_type->da, &auth_type->data)); @@ -315,7 +315,7 @@ static void CC_HINT(format (printf, 4, 5)) auth_message(process_radius_auth_t co } else { password_str = ""; } - } else if (fr_pair_find_by_da_idx(&request->request_pairs, attr_chap_password, 0)) { + } else if (fr_pair_find_by_da(&request->request_pairs, NULL, attr_chap_password)) { password_str = ""; } } @@ -404,7 +404,7 @@ RESUME(access_request) /* * Run authenticate foo { ... } */ - vp = fr_pair_find_by_da_idx(&request->control_pairs, attr_auth_type, 0); + vp = fr_pair_find_by_da(&request->control_pairs, NULL, attr_auth_type); if (!vp) goto send_reply; dv = fr_dict_enum_by_value(vp->da, &vp->data); @@ -493,7 +493,7 @@ RESUME(auth_type) /* * Maybe the shared secret is wrong? */ - vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_password, 0); + vp = fr_pair_find_by_da(&request->request_pairs, NULL, attr_user_password); if (vp) { if (RDEBUG_ENABLED2) { uint8_t const *p; @@ -522,7 +522,7 @@ RESUME(auth_type) * section. */ case FR_RADIUS_CODE_ACCESS_CHALLENGE: - if ((vp = fr_pair_find_by_da_idx(&request->reply_pairs, attr_state, 0)) != NULL) { + if ((vp = fr_pair_find_by_da(&request->reply_pairs, NULL, attr_state)) != NULL) { uint8_t buffer[16]; fr_rand_buffer(buffer, sizeof(buffer)); @@ -549,7 +549,7 @@ RESUME_NO_RCTX(access_accept) PROCESS_TRACE; - vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_module_success_message, 0); + vp = fr_pair_find_by_da(&request->request_pairs, NULL, attr_module_success_message); if (vp) { auth_message(&inst->auth, request, true, "Login OK (%pV)", &vp->data); } else { @@ -563,9 +563,9 @@ RESUME_NO_RCTX(access_accept) * (mostly) unique to that user. */ if (!request->parent && - ((vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_name, 0)) != NULL) && + ((vp = fr_pair_find_by_da(&request->request_pairs, NULL, attr_user_name)) != NULL) && (vp->vp_strvalue[0] == '@') && - !fr_pair_find_by_da_idx(&request->request_pairs, attr_stripped_user_name, 0)) { + !fr_pair_find_by_da(&request->request_pairs, NULL, attr_stripped_user_name)) { RWDEBUG("User-Name is anonymized, and no Stripped-User-Name exists."); RWDEBUG("It may be difficult or impossible to identify the user."); RWDEBUG("Please update Stripped-User-Name with information which identifies the user."); @@ -582,7 +582,7 @@ RESUME_NO_RCTX(access_reject) PROCESS_TRACE; - vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_module_failure_message, 0); + vp = fr_pair_find_by_da(&request->request_pairs, NULL, attr_module_failure_message); if (vp) { auth_message(&inst->auth, request, false, "Login incorrect (%pV)", &vp->data); } else { @@ -681,7 +681,7 @@ RESUME(accounting_request) /* * Run accounting foo { ... } */ - vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_acct_status_type, 0); + vp = fr_pair_find_by_da(&request->request_pairs, NULL, attr_acct_status_type); if (!vp) goto send_reply; dv = fr_dict_enum_by_value(vp->da, &vp->data); @@ -727,7 +727,7 @@ RESUME(protocol_error) /* * https://tools.ietf.org/html/rfc7930#section-4 */ - vp = fr_pair_find_by_da_idx(&request->reply_pairs, attr_original_packet_code, 0); + vp = fr_pair_find_by_da(&request->reply_pairs, NULL, attr_original_packet_code); if (!vp) { vp = fr_pair_afrom_da(request->reply_ctx, attr_original_packet_code); if (vp) { @@ -739,7 +739,7 @@ RESUME(protocol_error) /* * If there's no Error-Cause, then include a generic 404. */ - vp = fr_pair_find_by_da_idx(&request->reply_pairs, attr_error_cause, 0); + vp = fr_pair_find_by_da(&request->reply_pairs, NULL, attr_error_cause); if (!vp) { vp = fr_pair_afrom_da(request->reply_ctx, attr_error_cause); if (vp) { diff --git a/src/process/tacacs/base.c b/src/process/tacacs/base.c index 5d1e7e7fbb7..20fdf2e2e2d 100644 --- a/src/process/tacacs/base.c +++ b/src/process/tacacs/base.c @@ -164,7 +164,7 @@ static void message_failed(request_t *request, PROCESS_INST *inst, fr_process_st /* * Set the server reply message. Note that we do not tell the user *why* they failed authentication. */ - if (!fr_pair_find_by_da_idx(&request->reply_pairs, attr_tacacs_server_message, 0)) { + if (!fr_pair_find_by_da(&request->reply_pairs, NULL, attr_tacacs_server_message)) { MEM(pair_update_reply(&vp, attr_tacacs_server_message) >= 0); fr_pair_value_strdup(vp, msg, false); } @@ -276,8 +276,8 @@ RESUME(recv_tacacs) fr_dict_enum_value_t const *dv; CONF_SECTION *subcs; - vp = fr_pair_find_by_da_idx(&request->request_pairs, *state->attr_process, 0); - if (!vp) vp = fr_pair_find_by_da_idx(&request->control_pairs, *state->attr_process, 0); + vp = fr_pair_find_by_da(&request->request_pairs, NULL, *state->attr_process); + if (!vp) vp = fr_pair_find_by_da(&request->control_pairs, NULL, *state->attr_process); if (!vp) { RDEBUG2("No attribute found for &request.%s - proceeding to 'send'", (*state->attr_process)->name); break; @@ -332,7 +332,7 @@ RESUME(send_tacacs) * Save the state */ if (!request->parent && - (fr_pair_find_by_da_idx(&request->request_pairs, attr_tacacs_state, 0) != NULL)) { + (fr_pair_find_by_da(&request->request_pairs, NULL, attr_tacacs_state) != NULL)) { fr_tacacs_packet_hdr_t const *pkt = (fr_tacacs_packet_hdr_t const *) request->packet->data; /* diff --git a/src/process/ttls/base.c b/src/process/ttls/base.c index 305de933ce1..69dfedf7356 100644 --- a/src/process/ttls/base.c +++ b/src/process/ttls/base.c @@ -245,9 +245,9 @@ static char *auth_name(char *buf, size_t buflen, request_t *request) char const *tls = ""; RADCLIENT *client = client_from_request(request); - cli = fr_pair_find_by_da_idx(&request->request_pairs, attr_calling_station_id, 0); + cli = fr_pair_find_by_da(&request->request_pairs, NULL, attr_calling_station_id); - pair = fr_pair_find_by_da_idx(&request->request_pairs, attr_nas_port, 0); + pair = fr_pair_find_by_da(&request->request_pairs, NULL, attr_nas_port); if (pair != NULL) port = pair->vp_uint32; if (request->packet->socket.inet.dst_port == 0) tls = " via proxy to virtual server"; @@ -291,21 +291,21 @@ static void CC_HINT(format (printf, 4, 5)) auth_message(process_ttls_auth_t cons * Get the correct username based on the configured value */ if (!inst->log_stripped_names) { - username = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_name, 0); + username = fr_pair_find_by_da(&request->request_pairs, NULL, attr_user_name); } else { - username = fr_pair_find_by_da_idx(&request->request_pairs, attr_stripped_user_name, 0); - if (!username) username = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_name, 0); + username = fr_pair_find_by_da(&request->request_pairs, NULL, attr_stripped_user_name); + if (!username) username = fr_pair_find_by_da(&request->request_pairs, NULL, attr_user_name); } /* * Clean up the password */ if (inst->log_auth_badpass || inst->log_auth_goodpass) { - password = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_password, 0); + password = fr_pair_find_by_da(&request->request_pairs, NULL, attr_user_password); if (!password) { fr_pair_t *auth_type; - auth_type = fr_pair_find_by_da_idx(&request->control_pairs, attr_auth_type, 0); + auth_type = fr_pair_find_by_da(&request->control_pairs, NULL, attr_auth_type); if (auth_type) { snprintf(password_buff, sizeof(password_buff), "", fr_dict_enum_name_by_value(auth_type->da, &auth_type->data)); @@ -313,7 +313,7 @@ static void CC_HINT(format (printf, 4, 5)) auth_message(process_ttls_auth_t cons } else { password_str = ""; } - } else if (fr_pair_find_by_da_idx(&request->request_pairs, attr_chap_password, 0)) { + } else if (fr_pair_find_by_da(&request->request_pairs, NULL, attr_chap_password)) { password_str = ""; } } @@ -386,7 +386,7 @@ RESUME(access_request) /* * Run authenticate foo { ... } */ - vp = fr_pair_find_by_da_idx(&request->control_pairs, attr_auth_type, 0); + vp = fr_pair_find_by_da(&request->control_pairs, NULL, attr_auth_type); if (!vp) goto send_reply; dv = fr_dict_enum_by_value(vp->da, &vp->data); @@ -475,7 +475,7 @@ RESUME(auth_type) /* * Maybe the shared secret is wrong? */ - vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_password, 0); + vp = fr_pair_find_by_da(&request->request_pairs, NULL, attr_user_password); if (vp) { if (RDEBUG_ENABLED2) { uint8_t const *p; @@ -504,7 +504,7 @@ RESUME(auth_type) * section. */ case FR_RADIUS_CODE_ACCESS_CHALLENGE: - if ((vp = fr_pair_find_by_da_idx(&request->reply_pairs, attr_state, 0)) != NULL) { + if ((vp = fr_pair_find_by_da(&request->reply_pairs, NULL, attr_state)) != NULL) { uint8_t buffer[16]; fr_rand_buffer(buffer, sizeof(buffer)); @@ -531,7 +531,7 @@ RESUME_NO_RCTX(access_accept) PROCESS_TRACE; - vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_module_success_message, 0); + vp = fr_pair_find_by_da(&request->request_pairs, NULL, attr_module_success_message); if (vp) { auth_message(&inst->auth, request, true, "Login OK (%pV)", &vp->data); } else { @@ -545,9 +545,9 @@ RESUME_NO_RCTX(access_accept) * (mostly) unique to that user. */ if (!request->parent && - ((vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_user_name, 0)) != NULL) && + ((vp = fr_pair_find_by_da(&request->request_pairs, NULL, attr_user_name)) != NULL) && (vp->vp_strvalue[0] == '@') && - !fr_pair_find_by_da_idx(&request->request_pairs, attr_stripped_user_name, 0)) { + !fr_pair_find_by_da(&request->request_pairs, NULL, attr_stripped_user_name)) { RWDEBUG("User-Name is anonymized, and no Stripped-User-Name exists."); RWDEBUG("It may be difficult or impossible to identify the user."); RWDEBUG("Please update Stripped-User-Name with information which identifies the user."); @@ -564,7 +564,7 @@ RESUME_NO_RCTX(access_reject) PROCESS_TRACE; - vp = fr_pair_find_by_da_idx(&request->request_pairs, attr_module_failure_message, 0); + vp = fr_pair_find_by_da(&request->request_pairs, NULL, attr_module_failure_message); if (vp) { auth_message(&inst->auth, request, false, "Login incorrect (%pV)", &vp->data); } else { @@ -609,7 +609,7 @@ RESUME(protocol_error) /* * https://tools.ietf.org/html/rfc7930#section-4 */ - vp = fr_pair_find_by_da_idx(&request->reply_pairs, attr_original_packet_code, 0); + vp = fr_pair_find_by_da(&request->reply_pairs, NULL, attr_original_packet_code); if (!vp) { vp = fr_pair_afrom_da(request->reply_ctx, attr_original_packet_code); if (vp) { @@ -621,7 +621,7 @@ RESUME(protocol_error) /* * If there's no Error-Cause, then include a generic 404. */ - vp = fr_pair_find_by_da_idx(&request->reply_pairs, attr_error_cause, 0); + vp = fr_pair_find_by_da(&request->reply_pairs, NULL, attr_error_cause); if (!vp) { vp = fr_pair_afrom_da(request->reply_ctx, attr_error_cause); if (vp) { diff --git a/src/protocols/dhcpv4/base.c b/src/protocols/dhcpv4/base.c index e0f49074208..fd0844ba82b 100644 --- a/src/protocols/dhcpv4/base.c +++ b/src/protocols/dhcpv4/base.c @@ -333,7 +333,7 @@ ssize_t fr_dhcpv4_encode_dbuff(fr_dbuff_t *dbuff, dhcp_packet_t *original, int c */ /* Maximum-Msg-Size */ - vp = fr_pair_find_by_da_idx(vps, attr_dhcp_dhcp_maximum_msg_size, 0); + vp = fr_pair_find_by_da(vps, NULL, attr_dhcp_dhcp_maximum_msg_size); if (vp && (vp->vp_uint32 > mms)) { mms = vp->vp_uint32; @@ -341,7 +341,7 @@ ssize_t fr_dhcpv4_encode_dbuff(fr_dbuff_t *dbuff, dhcp_packet_t *original, int c } #endif - vp = fr_pair_find_by_da_idx(vps, attr_dhcp_opcode, 0); + vp = fr_pair_find_by_da(vps, NULL, attr_dhcp_opcode); if (vp) { FR_DBUFF_IN_RETURN(&work_dbuff, vp->vp_uint8); } else { @@ -349,7 +349,7 @@ ssize_t fr_dhcpv4_encode_dbuff(fr_dbuff_t *dbuff, dhcp_packet_t *original, int c } /* Hardware-Type */ - vp = fr_pair_find_by_da_idx(vps, attr_dhcp_hardware_type, 0); + vp = fr_pair_find_by_da(vps, NULL, attr_dhcp_hardware_type); if (vp) { FR_DBUFF_IN_RETURN(&work_dbuff, vp->vp_uint8); @@ -361,7 +361,7 @@ ssize_t fr_dhcpv4_encode_dbuff(fr_dbuff_t *dbuff, dhcp_packet_t *original, int c } /* Hardware-Address-len */ - vp = fr_pair_find_by_da_idx(vps, attr_dhcp_hardware_address_length, 0); + vp = fr_pair_find_by_da(vps, NULL, attr_dhcp_hardware_address_length); if (vp) { FR_DBUFF_IN_RETURN(&work_dbuff, vp->vp_uint8); @@ -373,7 +373,7 @@ ssize_t fr_dhcpv4_encode_dbuff(fr_dbuff_t *dbuff, dhcp_packet_t *original, int c } /* Hop-Count */ - vp = fr_pair_find_by_da_idx(vps, attr_dhcp_hop_count, 0); + vp = fr_pair_find_by_da(vps, NULL, attr_dhcp_hop_count); if (vp) { FR_DBUFF_IN_RETURN(&work_dbuff, vp->vp_uint8); @@ -388,7 +388,7 @@ ssize_t fr_dhcpv4_encode_dbuff(fr_dbuff_t *dbuff, dhcp_packet_t *original, int c FR_DBUFF_IN_RETURN(&work_dbuff, xid); /* Number-of-Seconds */ - vp = fr_pair_find_by_da_idx(vps, attr_dhcp_number_of_seconds, 0); + vp = fr_pair_find_by_da(vps, NULL, attr_dhcp_number_of_seconds); if (vp) { FR_DBUFF_IN_RETURN(&work_dbuff, vp->vp_uint16); } else { @@ -396,7 +396,7 @@ ssize_t fr_dhcpv4_encode_dbuff(fr_dbuff_t *dbuff, dhcp_packet_t *original, int c } /* Flags */ - vp = fr_pair_find_by_da_idx(vps, attr_dhcp_flags, 0); + vp = fr_pair_find_by_da(vps, NULL, attr_dhcp_flags); if (vp) { FR_DBUFF_IN_RETURN(&work_dbuff, vp->vp_uint16); } else { @@ -404,7 +404,7 @@ ssize_t fr_dhcpv4_encode_dbuff(fr_dbuff_t *dbuff, dhcp_packet_t *original, int c } /* Client-IP-Address */ - vp = fr_pair_find_by_da_idx(vps, attr_dhcp_client_ip_address, 0); + vp = fr_pair_find_by_da(vps, NULL, attr_dhcp_client_ip_address); if (vp) { FR_DBUFF_IN_MEMCPY_RETURN(&work_dbuff, (uint8_t const *)&vp->vp_ipv4addr, sizeof(vp->vp_ipv4addr)); } else { @@ -412,7 +412,7 @@ ssize_t fr_dhcpv4_encode_dbuff(fr_dbuff_t *dbuff, dhcp_packet_t *original, int c } /* Your-IP-address */ - vp = fr_pair_find_by_da_idx(vps, attr_dhcp_your_ip_address, 0); + vp = fr_pair_find_by_da(vps, NULL, attr_dhcp_your_ip_address); if (vp) { FR_DBUFF_IN_MEMCPY_RETURN(&work_dbuff, (uint8_t const *)&vp->vp_ipv4addr, sizeof(vp->vp_ipv4addr)); } else { @@ -420,7 +420,7 @@ ssize_t fr_dhcpv4_encode_dbuff(fr_dbuff_t *dbuff, dhcp_packet_t *original, int c } /* Server-IP-Address */ - vp = fr_pair_find_by_da_idx(vps, attr_dhcp_server_ip_address, 0); + vp = fr_pair_find_by_da(vps, NULL, attr_dhcp_server_ip_address); if (vp) { FR_DBUFF_IN_MEMCPY_RETURN(&work_dbuff, (uint8_t const *)&vp->vp_ipv4addr, sizeof(vp->vp_ipv4addr)); } else { @@ -430,7 +430,7 @@ ssize_t fr_dhcpv4_encode_dbuff(fr_dbuff_t *dbuff, dhcp_packet_t *original, int c /* * Gateway-IP-Address */ - vp = fr_pair_find_by_da_idx(vps, attr_dhcp_gateway_ip_address, 0); + vp = fr_pair_find_by_da(vps, NULL, attr_dhcp_gateway_ip_address); if (vp) { FR_DBUFF_IN_MEMCPY_RETURN(&work_dbuff, (uint8_t const *)&vp->vp_ipv4addr, sizeof(vp->vp_ipv4addr)); @@ -442,7 +442,7 @@ ssize_t fr_dhcpv4_encode_dbuff(fr_dbuff_t *dbuff, dhcp_packet_t *original, int c } /* Client-Hardware-Address */ - if ((vp = fr_pair_find_by_da_idx(vps, attr_dhcp_client_hardware_address, 0))) { + if ((vp = fr_pair_find_by_da(vps, NULL, attr_dhcp_client_hardware_address))) { FR_DBUFF_IN_MEMCPY_RETURN(&work_dbuff, (uint8_t const *)vp->vp_ether, sizeof(vp->vp_ether)); FR_DBUFF_MEMSET_RETURN(&work_dbuff, 0, DHCP_CHADDR_LEN - sizeof(vp->vp_ether)); @@ -454,7 +454,7 @@ ssize_t fr_dhcpv4_encode_dbuff(fr_dbuff_t *dbuff, dhcp_packet_t *original, int c } /* Server-Host-Name */ - if ((vp = fr_pair_find_by_da_idx(vps, attr_dhcp_server_host_name, 0))) { + if ((vp = fr_pair_find_by_da(vps, NULL, attr_dhcp_server_host_name))) { if (vp->vp_length > DHCP_SNAME_LEN) { FR_DBUFF_IN_MEMCPY_RETURN(&work_dbuff, vp->vp_strvalue, DHCP_SNAME_LEN); } else { @@ -476,7 +476,7 @@ ssize_t fr_dhcpv4_encode_dbuff(fr_dbuff_t *dbuff, dhcp_packet_t *original, int c */ /* Boot-Filename */ - if ((vp = fr_pair_find_by_da_idx(vps, attr_dhcp_boot_filename, 0))) { + if ((vp = fr_pair_find_by_da(vps, NULL, attr_dhcp_boot_filename))) { if (vp->vp_length > DHCP_FILE_LEN) { FR_DBUFF_IN_MEMCPY_RETURN(&work_dbuff, vp->vp_strvalue, DHCP_FILE_LEN); } else { @@ -490,7 +490,7 @@ ssize_t fr_dhcpv4_encode_dbuff(fr_dbuff_t *dbuff, dhcp_packet_t *original, int c /* DHCP magic number */ FR_DBUFF_IN_RETURN(&work_dbuff, (uint32_t) DHCP_OPTION_MAGIC_NUMBER); - if ((vp = fr_pair_find_by_da_idx(vps, attr_dhcp_message_type, 0))) { + if ((vp = fr_pair_find_by_da(vps, NULL, attr_dhcp_message_type))) { FR_DBUFF_IN_BYTES_RETURN(&work_dbuff, FR_MESSAGE_TYPE, 0x01, vp->vp_uint8); } else { FR_DBUFF_IN_BYTES_RETURN(&work_dbuff, FR_MESSAGE_TYPE, 0x01, (uint8_t)code); diff --git a/src/protocols/dhcpv4/packet.c b/src/protocols/dhcpv4/packet.c index 678849b9c84..801503117ae 100644 --- a/src/protocols/dhcpv4/packet.c +++ b/src/protocols/dhcpv4/packet.c @@ -222,7 +222,7 @@ int fr_dhcpv4_decode(TALLOC_CTX *ctx, fr_pair_list_t *out, uint8_t const *data, } if (code) { - vp = fr_pair_find_by_da_idx(&tmp, attr_dhcp_message_type, 0); + vp = fr_pair_find_by_da(&tmp, NULL, attr_dhcp_message_type); if (vp) { *code = vp->vp_uint8; } @@ -232,7 +232,7 @@ int fr_dhcpv4_decode(TALLOC_CTX *ctx, fr_pair_list_t *out, uint8_t const *data, * If option Overload is present in the 'options' field, then fields 'file' and/or 'sname' * are used to hold more options. They are partitioned and must be interpreted in sequence. */ - vp = fr_pair_find_by_da_idx(&tmp, attr_dhcp_overload, 0); + vp = fr_pair_find_by_da(&tmp, NULL, attr_dhcp_overload); if (vp) { if ((vp->vp_uint8 & 1) == 1) { /* @@ -283,14 +283,14 @@ int fr_dhcpv4_decode(TALLOC_CTX *ctx, fr_pair_list_t *out, uint8_t const *data, /* * DHCP Opcode is request */ - vp = fr_pair_find_by_da_idx(&tmp, attr_dhcp_opcode, 0); + vp = fr_pair_find_by_da(&tmp, NULL, attr_dhcp_opcode); if (vp && vp->vp_uint8 == 1) { /* * Vendor is "MSFT 98" */ - vp = fr_pair_find_by_da_idx(&tmp, attr_dhcp_vendor_class_identifier, 0); + vp = fr_pair_find_by_da(&tmp, NULL, attr_dhcp_vendor_class_identifier); if (vp && (vp->vp_length == 7) && (memcmp(vp->vp_strvalue, "MSFT 98", 7) == 0)) { - vp = fr_pair_find_by_da_idx(&tmp, attr_dhcp_flags, 0); + vp = fr_pair_find_by_da(&tmp, NULL, attr_dhcp_flags); /* * Reply should be broadcast. @@ -318,12 +318,12 @@ int fr_dhcpv4_decode(TALLOC_CTX *ctx, fr_pair_list_t *out, uint8_t const *data, /* * First look for Relay-Link-Selection */ - netaddr = fr_pair_find_by_da_idx(&tmp, attr_dhcp_relay_link_selection, 0); + netaddr = fr_pair_find_by_da(&tmp, NULL, attr_dhcp_relay_link_selection); if (!netaddr) { /* * Next try Subnet-Selection-Option */ - netaddr = fr_pair_find_by_da_idx(&tmp, attr_dhcp_subnet_selection_option, 0); + netaddr = fr_pair_find_by_da(&tmp, NULL, attr_dhcp_subnet_selection_option); } if (netaddr) { @@ -357,8 +357,8 @@ int fr_dhcpv4_decode(TALLOC_CTX *ctx, fr_pair_list_t *out, uint8_t const *data, * Client can request a LARGER size, but not a smaller * one. They also cannot request a size larger than MTU. */ - maxms = fr_pair_find_by_da_idx(&tmp, attr_dhcp_dhcp_maximum_msg_size, 0); - mtu = fr_pair_find_by_da_idx(&tmp, attr_dhcp_interface_mtu_size, 0); + maxms = fr_pair_find_by_da(&tmp, NULL, attr_dhcp_dhcp_maximum_msg_size); + mtu = fr_pair_find_by_da(&tmp, NULL, attr_dhcp_interface_mtu_size); if (mtu && (mtu->vp_uint16 < DEFAULT_PACKET_SIZE)) { fr_strerror_const("Client says MTU is smaller than minimum permitted by the specification"); @@ -399,7 +399,7 @@ int fr_dhcpv4_packet_encode(fr_radius_packet_t *packet, fr_pair_list_t *list) if (packet->code == 0) packet->code = FR_DHCP_NAK; /* store xid */ - if ((vp = fr_pair_find_by_da_idx(list, attr_dhcp_transaction_id, 0))) { + if ((vp = fr_pair_find_by_da(list, NULL, attr_dhcp_transaction_id))) { packet->id = vp->vp_uint32; } else { packet->id = fr_rand(); diff --git a/src/protocols/dhcpv4/raw.c b/src/protocols/dhcpv4/raw.c index 979ed0fbfce..02e29da9dab 100644 --- a/src/protocols/dhcpv4/raw.c +++ b/src/protocols/dhcpv4/raw.c @@ -112,7 +112,7 @@ int fr_dhcpv4_raw_packet_send(int sockfd, struct sockaddr_ll *link_layer, /* set ethernet source address to our MAC address (Client-Hardware-Address). */ uint8_t dhmac[ETH_ADDR_LEN] = { 0 }; - if ((vp = fr_pair_find_by_da_idx(list, attr_dhcp_client_hardware_address, 0))) { + if ((vp = fr_pair_find_by_da(list, NULL, attr_dhcp_client_hardware_address))) { if (vp->vp_type == FR_TYPE_ETHERNET) memcpy(dhmac, vp->vp_ether, sizeof(vp->vp_ether)); } @@ -222,7 +222,7 @@ fr_radius_packet_t *fr_dhcv4_raw_packet_recv(int sockfd, struct sockaddr_ll *lin * Check if it matches the source HW address used (Client-Hardware-Address = 267) */ if ((memcmp(ð_bcast, ð_hdr->dst_addr, ETH_ADDR_LEN) != 0) && - (vp = fr_pair_find_by_da_idx(list, attr_dhcp_client_hardware_address, 0)) && + (vp = fr_pair_find_by_da(list, NULL, attr_dhcp_client_hardware_address)) && ((vp->vp_type == FR_TYPE_ETHERNET) && (memcmp(vp->vp_ether, ð_hdr->dst_addr, ETH_ADDR_LEN) != 0))) { /* No match. */ diff --git a/src/protocols/dhcpv6/base.c b/src/protocols/dhcpv6/base.c index fab357b534e..8432cad389a 100644 --- a/src/protocols/dhcpv6/base.c +++ b/src/protocols/dhcpv6/base.c @@ -727,7 +727,7 @@ ssize_t fr_dhcpv6_encode(fr_dbuff_t *dbuff, uint8_t const *original, size_t leng root = fr_dict_root(dict_dhcpv6); if (!msg_type) { - vp = fr_pair_find_by_da_idx(vps, attr_packet_type, 0); + vp = fr_pair_find_by_da(vps, NULL, attr_packet_type); if (vp) msg_type = vp->vp_uint32; } @@ -741,21 +741,21 @@ ssize_t fr_dhcpv6_encode(fr_dbuff_t *dbuff, uint8_t const *original, size_t leng switch (msg_type) { case FR_DHCPV6_RELAY_REPLY: case FR_DHCPV6_RELAY_FORWARD: - vp = fr_pair_find_by_da_idx(vps, attr_hop_count, 0); + vp = fr_pair_find_by_da(vps, NULL, attr_hop_count); if (likely(vp != NULL)) { FR_VALUE_BOX_TO_NETWORK_RETURN(&frame_dbuff, &vp->data); } else { FR_DBUFF_MEMSET_RETURN(&frame_dbuff, 0, DHCPV6_HOP_COUNT_LEN); } - vp = fr_pair_find_by_da_idx(vps, attr_relay_link_address, 0); + vp = fr_pair_find_by_da(vps, NULL, attr_relay_link_address); if (likely(vp != NULL)) { FR_VALUE_BOX_TO_NETWORK_RETURN(&frame_dbuff, &vp->data); } else { FR_DBUFF_MEMSET_RETURN(&frame_dbuff, 0, DHCPV6_LINK_ADDRESS_LEN); } - vp = fr_pair_find_by_da_idx(vps, attr_relay_peer_address, 0); + vp = fr_pair_find_by_da(vps, NULL, attr_relay_peer_address); if (likely(vp != NULL)) { FR_VALUE_BOX_TO_NETWORK_RETURN(&frame_dbuff, &vp->data); } else { @@ -767,7 +767,7 @@ ssize_t fr_dhcpv6_encode(fr_dbuff_t *dbuff, uint8_t const *original, size_t leng /* * We can set an XID, or we can pick a random one. */ - vp = fr_pair_find_by_da_idx(vps, attr_transaction_id, 0); + vp = fr_pair_find_by_da(vps, NULL, attr_transaction_id); if (vp && (vp->vp_length >= DHCPV6_TRANSACTION_ID_LEN)) { FR_DBUFF_IN_MEMCPY_RETURN(&frame_dbuff, vp->vp_octets, DHCPV6_TRANSACTION_ID_LEN); } else { diff --git a/src/protocols/radius/encode.c b/src/protocols/radius/encode.c index 656c662e228..652cfd0821b 100644 --- a/src/protocols/radius/encode.c +++ b/src/protocols/radius/encode.c @@ -1642,11 +1642,11 @@ static ssize_t fr_radius_encode_proto(UNUSED TALLOC_CTX *ctx, fr_pair_list_t *vp fr_pair_t *vp; ssize_t slen; - vp = fr_pair_find_by_da_idx(vps, attr_packet_type, 0); + vp = fr_pair_find_by_da(vps, NULL, attr_packet_type); if (vp) packet_type = vp->vp_uint32; if ((packet_type == FR_RADIUS_CODE_ACCESS_REQUEST) || (packet_type == FR_RADIUS_CODE_STATUS_SERVER)) { - vp = fr_pair_find_by_da_idx(vps, attr_packet_authentication_vector, 0); + vp = fr_pair_find_by_da(vps, NULL, attr_packet_authentication_vector); if (vp && (vp->vp_length == RADIUS_AUTH_VECTOR_LENGTH)) { memcpy(data + 4, vp->vp_octets, RADIUS_AUTH_VECTOR_LENGTH); } else { diff --git a/src/protocols/tacacs/encode.c b/src/protocols/tacacs/encode.c index 942e91b4560..24737e38d8d 100644 --- a/src/protocols/tacacs/encode.c +++ b/src/protocols/tacacs/encode.c @@ -145,7 +145,7 @@ static ssize_t tacacs_encode_field(fr_dbuff_t *dbuff, fr_pair_list_t *vps, fr_di fr_pair_t *vp; fr_dbuff_t work_dbuff = FR_DBUFF(dbuff); - vp = fr_pair_find_by_da_idx(vps, da, 0); + vp = fr_pair_find_by_da(vps, NULL, da); if (!vp || !vp->vp_length || (vp->vp_length > max_len)) return 0; if (da->type == FR_TYPE_STRING) { @@ -166,7 +166,7 @@ static ssize_t tacacs_encode_field(fr_dbuff_t *dbuff, fr_pair_list_t *vps, fr_di * doesn't specify them, then they don't get encoded. */ #define ENCODE_FIELD_UINT8(_field, _da) do { \ - vp = fr_pair_find_by_da_idx(vps, _da, 0); \ + vp = fr_pair_find_by_da(vps, NULL, _da); \ _field = (vp) ? vp->vp_uint8 : 0; \ } while (0) @@ -629,7 +629,7 @@ ssize_t fr_tacacs_encode(fr_dbuff_t *dbuff, uint8_t const *original_packet, char /* * If the caller didn't set a session ID, use a random one. */ - if (!fr_pair_find_by_da_idx(vps, attr_tacacs_session_id, 0)) { + if (!fr_pair_find_by_da(vps, NULL, attr_tacacs_session_id)) { packet->hdr.session_id = fr_rand(); } diff --git a/src/protocols/tftp/encode.c b/src/protocols/tftp/encode.c index ee9b7a9a529..f3dd6bee70c 100644 --- a/src/protocols/tftp/encode.c +++ b/src/protocols/tftp/encode.c @@ -79,7 +79,7 @@ ssize_t fr_tftp_encode(fr_dbuff_t *dbuff, fr_pair_list_t *vps) uint16_t opcode; char const *buf; - vp = fr_pair_find_by_da_idx(vps, attr_tftp_opcode, 0); + vp = fr_pair_find_by_da(vps, NULL, attr_tftp_opcode); if (!vp) { fr_strerror_printf("Cannot send TFTP packet without %s", attr_tftp_opcode->name); return -1; @@ -100,7 +100,7 @@ ssize_t fr_tftp_encode(fr_dbuff_t *dbuff, fr_pair_list_t *vps) */ /* */ - vp = fr_pair_find_by_da_idx(vps, attr_tftp_filename, 0); + vp = fr_pair_find_by_da(vps, NULL, attr_tftp_filename); if (!vp) { fr_strerror_printf("Invalid TFTP packet without %s", attr_tftp_filename->name); return -1; @@ -110,7 +110,7 @@ ssize_t fr_tftp_encode(fr_dbuff_t *dbuff, fr_pair_list_t *vps) fr_dbuff_in_bytes(&work_dbuff, '\0'); /* */ - vp = fr_pair_find_by_da_idx(vps, attr_tftp_mode, 0); + vp = fr_pair_find_by_da(vps, NULL, attr_tftp_mode); if (!vp) { fr_strerror_printf("Invalid TFTP packet without %s", attr_tftp_mode->name); return -1; @@ -128,7 +128,7 @@ ssize_t fr_tftp_encode(fr_dbuff_t *dbuff, fr_pair_list_t *vps) fr_dbuff_in_bytes(&work_dbuff, '\0'); /* is optional */ - vp = fr_pair_find_by_da_idx(vps, attr_tftp_block_size, 0); + vp = fr_pair_find_by_da(vps, NULL, attr_tftp_block_size); if (vp) { char tmp[5+1]; /* max: 65535 */ @@ -153,7 +153,7 @@ ssize_t fr_tftp_encode(fr_dbuff_t *dbuff, fr_pair_list_t *vps) */ /* */ - vp = fr_pair_find_by_da_idx(vps, attr_tftp_block, 0); + vp = fr_pair_find_by_da(vps, NULL, attr_tftp_block); if (!vp) { fr_strerror_printf("Invalid TFTP packet without %s", attr_tftp_block->name); return -1; @@ -173,7 +173,7 @@ ssize_t fr_tftp_encode(fr_dbuff_t *dbuff, fr_pair_list_t *vps) if (opcode != FR_OPCODE_VALUE_DATA) goto done; /* */ - vp = fr_pair_find_by_da_idx(vps, attr_tftp_data, 0); + vp = fr_pair_find_by_da(vps, NULL, attr_tftp_data); if (!vp) { fr_strerror_printf("Invalid TFTP packet without %s", attr_tftp_data->name); return -1; @@ -198,7 +198,7 @@ ssize_t fr_tftp_encode(fr_dbuff_t *dbuff, fr_pair_list_t *vps) size_t error_msg_len; /* */ - vp = fr_pair_find_by_da_idx(vps, attr_tftp_error_code, 0); + vp = fr_pair_find_by_da(vps, NULL, attr_tftp_error_code); if (!vp) { fr_strerror_printf("Invalid TFTP packet without %s", attr_tftp_error_code->name); return -1; @@ -208,7 +208,7 @@ ssize_t fr_tftp_encode(fr_dbuff_t *dbuff, fr_pair_list_t *vps) fr_dbuff_in(&work_dbuff, error_code); /* */ - vp = fr_pair_find_by_da_idx(vps, attr_tftp_error_message, 0); + vp = fr_pair_find_by_da(vps, NULL, attr_tftp_error_message); if (vp) { error_msg = vp->vp_strvalue; error_msg_len = vp->vp_length;