Accessing %{client:...} in C custom module

Boris Lytochkin lytboris at
Wed Mar 2 07:54:30 CET 2016


See inline.

On 02.03.2016 4:28, Alan DeKok wrote:
> On Mar 1, 2016, at 12:58 PM, Boris Lytochkin <lytboris at> wrote:
>> OKay, trying naive
>    Thinking about it helps, too.
Alan, you would never have to mention Code of Conduct some days before 
in freeradius-users@ maillist if you follow it yourself. All these 
lunges (there are 3 "hey, stupid"s in your e-mail I am replying to) do 
not help to solve any of the problems. Maillists are for helping each 
other, not to tell other people that they are idiots from your point of 
view. Please ignore this message completely if you do not want to help. 

Now to the issue.
>> mycp = cf_pair_find(request->client->cs, "group");
>    Is request a valid pointer?  Is request->client a valid pointer?  Is request->client->cs a valid pointer?
Yes they are all valid.
>> results in
>> (gdb) p *mycp
>> $2 = {item = {next = 0xa00000038, parent = 0x8034c2330, lineno = 805314604,
>>     filename = 0x800300034 <Error reading address 0x800300034: Bad address>, type = 1919181921}, attr = 0x0,
>>   value = 0xb0000003b <Error reading address 0xb0000003b: Bad address>, op = 172, lhs_type = T_INVALID, rhs_type = 73, pass2 = 19, parsed = false}
>    Which is garbage data.  You've walked off of the end of a pointer somewhere.
Well, that code is couple lines below after head of postauth function head:
static rlm_rcode_t CC_HINT(nonnull)
XXX_postauth(void *instance, REQUEST * request)
         XXX_t *data = (XXX_t *)instance;
         VALUE_PAIR *vp;
         char mac[MAC_BUF_SIZE], nas[MAX_NAME_SIZE], 
         char huntgroup[MAX_NAME_SIZE], ext[MAX_NAME_SIZE], *p, serial[50];
         u_int nasport;
         enum media_type media_type;
         pthread_t tid;
         process_thread_param_t *pr;


         if (request == NULL || request->packet == NULL || 
request->packet->vps == NULL) {
                 radlog(L_ERR, "XXX: request without a packet?! Return 
                 return RLM_MODULE_NOOP;

         if ((vp = pairfind(request->packet->vps, PW_NAS_PORT)) == NULL) {
                 radlog(L_INFO, "XXX: Could not find port number in 
packet. Return NOOP.");
                 return RLM_MODULE_NOOP;
         nasport = vp->vp_integer;

         if ((vp = pairfind(request->packet->vps, PW_NAS_IP_ADDRESS)) == 
                 radlog(L_INFO, "XXX: Could not find nas information in 
packet. Return NOOP.");
                 return RLM_MODULE_NOOP;
         inet_ntoa_r(*((struct in_addr *)&vp->vp_ipaddr), nas, sizeof(nas));
         RDEBUG("NAS: %s, NAS port: %u", nas, nasport);

         if ((vp = pairfind(request->packet->vps, PW_USER_NAME)) == NULL) {
                 radlog(L_INFO, "XXX[%u]: Could not find User-Name 
attribute. (NAS: %s)", nasport, nas);
                 return RLM_MODULE_NOOP;
         vp_prints_value(username, sizeof(username), vp, FALSE);
         if ((p = strchr(username, '@')) != NULL) {
                 *p = '\0';
         } else {
                 /* radlog(L_INFO, "XXX (post-auth)[%u]: User-Name 
without '@': %s. Ignored.", nasport, username); */
                 RDEBUG("XXX (post-auth)[%u]: User-Name without '@'. 
Ignored.", nasport);
                 return RLM_MODULE_NOOP;

         CONF_PAIR *mycp;
         mycp = cf_pair_find(request->client->cs, "group");

> This isn't documented because (a) we don't have time to document 
> everything, and (b) if you're programming your own module, we expect 
> some ability to root through the header files and figure things out.
As we agreed in some other thread, I would send a pull-request on that 
so someone would not have to spend much time for digging whole 
FreeRADIUS sources for this purpose in future.

Boris Lytochkin
Yandex NOC
+7 (495) 739 70 00 ext. 7671

More information about the Freeradius-Devel mailing list