From: Alan T. DeKok Date: Tue, 17 May 2022 21:43:11 +0000 (-0400) Subject: remove old code and just use unlang_module_yield_to_section() X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=fd3772a9857eca95cfb77110a22113725d64ed0d;p=thirdparty%2Ffreeradius-server.git remove old code and just use unlang_module_yield_to_section() there are a few other places which use unlang_interpret_synchronous() which could likely also be converted. --- diff --git a/src/lib/server/virtual_servers.c b/src/lib/server/virtual_servers.c index c63c92b75a8..bf3e7bf6cdb 100644 --- a/src/lib/server/virtual_servers.c +++ b/src/lib/server/virtual_servers.c @@ -806,100 +806,6 @@ int virtual_server_cf_parse(UNUSED TALLOC_CTX *ctx, void *out, UNUSED void *pare return 0; } -/** - */ -unlang_action_t process_authenticate(rlm_rcode_t *p_result, int auth_type, request_t *request, CONF_SECTION *server_cs) -{ - rlm_rcode_t rcode; - char const *module; - char const *component; - fr_dict_attr_t const *da; - fr_dict_enum_value_t const *dv; - CONF_SECTION *subcs; - fr_dict_t const *dict_internal; - - /* - * Figure out which section to run. - */ - if (!auth_type) { - RERROR("An 'Auth-Type' MUST be specified"); - RETURN_MODULE_REJECT; - } - - dict_internal = fr_dict_internal(); - da = fr_dict_attr_child_by_num(fr_dict_root(dict_internal), FR_AUTH_TYPE); - if (!da) RETURN_MODULE_FAIL; - - dv = fr_dict_enum_by_value(da, fr_box_uint32((uint32_t) auth_type)); - if (!dv) RETURN_MODULE_FAIL; - - subcs = cf_section_find(server_cs, "authenticate", dv->name); - if (!subcs) { - RDEBUG2("%s %s sub-section not found. Using default return values.", - da->name, dv->name); - RETURN_MODULE_REJECT; - } - - RDEBUG("Running %s %s from file %s", - da->name, dv->name, cf_filename(subcs)); - - /* - * Cache and restore these, as they're re-set when - * looping back from inside a module like eap-gtc. - */ - module = request->module; - component = request->component; - - request->module = NULL; - request->component = "authenticate"; - - if (unlang_interpret_push_section(request, subcs, RLM_MODULE_REJECT, UNLANG_TOP_FRAME) < 0) { - RETURN_MODULE_FAIL; - } - rcode = unlang_interpret_synchronous(unlang_interpret_event_list(request), request); - - request->component = component; - request->module = module; - - RETURN_MODULE_RCODE(rcode); -} - -rlm_rcode_t virtual_server_process_auth(request_t *request, CONF_SECTION *virtual_server, - rlm_rcode_t default_rcode, - unlang_module_resume_t resume, - unlang_module_signal_t signal, void *rctx) -{ - fr_pair_t *vp; - CONF_SECTION *auth_cs = NULL; - char const *auth_name; - rlm_rcode_t rcode = RLM_MODULE_NOOP; - - vp = fr_pair_find_by_da_idx(&request->control_pairs, attr_auth_type, 0); - if (!vp) { - RDEBUG2("No &control.Auth-Type found"); - fail: - request->rcode = RLM_MODULE_FAIL; - unlang_module_yield_to_section(&rcode, request, NULL, RLM_MODULE_FAIL, resume, signal, rctx); - return rcode; - } - - auth_name = fr_dict_enum_name_by_value(attr_auth_type, &vp->data); - if (!auth_name) { - REDEBUG2("Invalid %pP value", vp); - goto fail; - } - - auth_cs = cf_section_find(virtual_server, "authenticate", auth_name); - if (!auth_cs) { - REDEBUG2("No authenticate %s { ... } section found in virtual server \"%s\"", - auth_name, cf_section_name2(virtual_server)); - goto fail; - } - - unlang_module_yield_to_section(&rcode, request, auth_cs, default_rcode, resume, signal, rctx); - return rcode; -} - /** Compile sections for a virtual server. * * When the "proto_foo" module calls fr_app_process_instantiate(), it diff --git a/src/lib/server/virtual_servers.h b/src/lib/server/virtual_servers.h index 72482f89ecb..a7a12830626 100644 --- a/src/lib/server/virtual_servers.h +++ b/src/lib/server/virtual_servers.h @@ -62,13 +62,6 @@ CONF_SECTION *virtual_server_by_child(CONF_SECTION *section) CC_HINT(nonnull); int virtual_server_cf_parse(TALLOC_CTX *ctx, void *out, void *parent, CONF_ITEM *ci, CONF_PARSER const *rule) CC_HINT(nonnull(2,4)); /** @} */ -unlang_action_t process_authenticate(rlm_rcode_t *p_result, int auth_type, - request_t *request, CONF_SECTION *server_cs) CC_HINT(nonnull); - -rlm_rcode_t virtual_server_process_auth(request_t *request, CONF_SECTION *virtual_server, - rlm_rcode_t default_rcode, - unlang_module_resume_t resume, - unlang_module_signal_t signal, void *rctx) CC_HINT(nonnull); fr_listen_t * listen_find_any(fr_listen_t *li) CC_HINT(nonnull); bool listen_record(fr_listen_t *li) CC_HINT(nonnull); diff --git a/src/modules/rlm_eap/types/rlm_eap_gtc/rlm_eap_gtc.c b/src/modules/rlm_eap/types/rlm_eap_gtc/rlm_eap_gtc.c index bc95429f7f7..3fece27f7c7 100644 --- a/src/modules/rlm_eap/types/rlm_eap_gtc/rlm_eap_gtc.c +++ b/src/modules/rlm_eap/types/rlm_eap_gtc/rlm_eap_gtc.c @@ -99,16 +99,14 @@ static int auth_type_parse(UNUSED TALLOC_CTX *ctx, void *out, UNUSED void *paren /* * Keep processing the Auth-Type until it doesn't return YIELD. */ -static unlang_action_t mod_process_auth_type(rlm_rcode_t *p_result, UNUSED module_ctx_t const *mctx, request_t *request) +static unlang_action_t gtc_resume(rlm_rcode_t *p_result, UNUSED module_ctx_t const *mctx, request_t *request) { rlm_rcode_t rcode; - eap_session_t *eap_session = eap_session_get(request->parent); + eap_session_t *eap_session = mctx->rctx; eap_round_t *eap_round = eap_session->this_round; - rcode = unlang_interpret_synchronous(unlang_interpret_event_list(request), request); - - if (request->master_state == REQUEST_STOP_PROCESSING) return UNLANG_ACTION_STOP_PROCESSING; + rcode = unlang_interpret_stack_result(request); if (rcode != RLM_MODULE_OK) { eap_round->request->code = FR_EAP_CODE_FAILURE; @@ -125,7 +123,6 @@ static unlang_action_t mod_process_auth_type(rlm_rcode_t *p_result, UNUSED modul static unlang_action_t mod_process(rlm_rcode_t *p_result, module_ctx_t const *mctx, request_t *request) { rlm_eap_gtc_t const *inst = talloc_get_type_abort(mctx->inst->data, rlm_eap_gtc_t); - rlm_rcode_t rcode; eap_session_t *eap_session = eap_session_get(request->parent); eap_round_t *eap_round = eap_session->this_round; @@ -166,28 +163,15 @@ static unlang_action_t mod_process(rlm_rcode_t *p_result, module_ctx_t const *mc vp->vp_tainted = true; unlang = cf_section_find(unlang_call_current(request), "authenticate", inst->auth_type->name); + if (!unlang) unlang = cf_section_find(unlang_call_current(request->parent), "authenticate", inst->auth_type->name); if (!unlang) { - /* - * Call the authenticate section of the *current* virtual server. - */ - process_authenticate(&rcode, inst->auth_type->value->vb_uint32, - request, unlang_call_current(request->parent)); - if (rcode != RLM_MODULE_OK) { - eap_round->request->code = FR_EAP_CODE_FAILURE; - RETURN_MODULE_RCODE(rcode); - } - - eap_round->request->code = FR_EAP_CODE_SUCCESS; - RETURN_MODULE_OK; - } - - if (unlang_interpret_push_section(request, unlang, RLM_MODULE_FAIL, UNLANG_TOP_FRAME) < 0) { + RDEBUG2("authenticate %s { ... } sub-section not found.", + inst->auth_type->name); + eap_round->request->code = FR_EAP_CODE_FAILURE; RETURN_MODULE_FAIL; } - eap_session->process = mod_process_auth_type; - - return eap_session->process(p_result, mctx, request); + return unlang_module_yield_to_section(p_result, request, unlang, RLM_MODULE_FAIL, gtc_resume, NULL, eap_session); } diff --git a/src/modules/rlm_eap/types/rlm_eap_mschapv2/rlm_eap_mschapv2.c b/src/modules/rlm_eap/types/rlm_eap_mschapv2/rlm_eap_mschapv2.c index 2dba7271035..1073bfa63e2 100644 --- a/src/modules/rlm_eap/types/rlm_eap_mschapv2/rlm_eap_mschapv2.c +++ b/src/modules/rlm_eap/types/rlm_eap_mschapv2/rlm_eap_mschapv2.c @@ -348,15 +348,19 @@ static int CC_HINT(nonnull) mschap_postproxy(eap_session_t *eap_session, UNUSED #endif -static unlang_action_t mschap_finalize(rlm_rcode_t *p_result, module_ctx_t const *mctx, request_t *request, - eap_session_t *eap_session, rlm_rcode_t rcode) +static unlang_action_t mschap_resume(rlm_rcode_t *p_result, module_ctx_t const *mctx, request_t *request) { + eap_session_t *eap_session = mctx->rctx; mschapv2_opaque_t *data = talloc_get_type_abort(eap_session->opaque, mschapv2_opaque_t); eap_round_t *eap_round = eap_session->this_round; fr_pair_list_t response; rlm_eap_mschapv2_t const *inst = mctx->inst->data; + rlm_rcode_t rcode; fr_pair_list_init(&response); + + rcode = unlang_interpret_stack_result(request); + /* * Delete MPPE keys & encryption policy. We don't * want these here. @@ -428,23 +432,6 @@ static unlang_action_t mschap_finalize(rlm_rcode_t *p_result, module_ctx_t const RETURN_MODULE_OK; } -#if 0 -/* - * Keep processing the Auth-Type until it doesn't return YIELD. - */ -static unlang_action_t mod_process_auth_type(rlm_rcode_t *p_result, module_ctx_t const *mctx, request_t *request) -{ - rlm_rcode_t rcode; - eap_session_t *eap_session = eap_session_get(request->parent); - - rcode = unlang_interpret_synchronous(unlang_interpret_event_list(request), request); - - if (request->master_state == REQUEST_STOP_PROCESSING) return UNLANG_ACTION_STOP_PROCESSING; - - return mschap_finalize(p_result, mctx, request, eap_session, rcode); -} -#endif - /* * Authenticate a previously sent challenge. */ @@ -458,7 +445,6 @@ static unlang_action_t CC_HINT(nonnull) mod_process(rlm_rcode_t *p_result, modul fr_pair_t *auth_challenge, *response, *name; CONF_SECTION *unlang; - rlm_rcode_t rcode; int ccode; uint8_t *p; size_t length; @@ -747,20 +733,19 @@ packet_ready: #endif /* - * This is a wild & crazy hack. + * Look for "authenticate foo" in the current virtual + * server. If not there, then in the parent one. */ - unlang = cf_section_find(unlang_call_current(request), "authenticate", inst->auth_type->name); + RDEBUG("Looking for authenticate %s { ... }", inst->auth_type->name); + unlang = cf_section_find(unlang_call_current(parent), "authenticate", inst->auth_type->name); + if (!unlang) unlang = cf_section_find(unlang_call_current(request->parent), "authenticate", inst->auth_type->name); if (!unlang) { - process_authenticate(&rcode, inst->auth_type->value->vb_uint32, - request, unlang_call_current(request->parent)); - } else { - if (unlang_interpret_push_section(request, unlang, RLM_MODULE_FAIL, UNLANG_TOP_FRAME) < 0) { - RETURN_MODULE_FAIL; - } - rcode = unlang_interpret_synchronous(unlang_interpret_event_list(request), request); + RDEBUG2("authenticate %s { ... } sub-section not found.", + inst->auth_type->name); + RETURN_MODULE_FAIL; } - return mschap_finalize(p_result, mctx, request, eap_session, rcode); + return unlang_module_yield_to_section(p_result, request, unlang, RLM_MODULE_FAIL, mschap_resume, NULL, eap_session); } /*