cubixle/radius-rs
1
0
Fork 0
mirror of https://github.com/cubixle/radius-rs.git synced 2026-04-24 22:34:42 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix invalid logics

Browse Source
This commit is contained in:
moznion
2020-11-27 23:29:19 +09:00
parent df257747ae
commit e0a56492e8
4 changed files with 69 additions and 41 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
src/attributes.rs
View File

@@ -18,7 +18,7 @@ impl Attributes {
let mut i = 0;
let mut attrs = Vec::new();
while bs.len() < i {
while bs.len() > i {
if bs[i..].len() < 2 {
return Err("short buffer".to_owned());
}
@@ -29,15 +29,16 @@ impl Attributes {
}
attrs.push(AVP {
typ: bs[i + 0],
typ: bs[i],
attribute: if length > 2 {
Attribute(bs[i + 2..].to_vec())
debug!("ATTR {:?}", &bs[i + 2..length]);
Attribute(bs[i + 2..length + 2].to_vec())
} else {
Attribute(vec![])
},
});
i += length;
i += 2 + length;
}
Ok(Attributes(attrs))
@@ -91,23 +92,19 @@ impl Attributes {
Ok(n)
}
pub fn encode(&self, data: Vec<u8>) -> Vec<u8> {
pub fn encode(&self) -> Result<Vec<u8>, String> {
let mut encoded: Vec<u8> = Vec::new();
for attr in &self.0 {
let attr_len = attr.attribute.0.len();
for avp in &self.0 {
let attr_len = avp.attribute.0.len();
if attr_len > 253 {
continue;
return Err("attribute is too large".to_owned());
}
let size = 1 + 1 + attr_len;
encoded = Vec::new();
encoded.push(attr.typ);
encoded.push(size as u8);
encoded.extend(&attr.attribute.0);
encoded = encoded[size..].to_owned();
encoded.push(avp.typ);
encoded.push(attr_len as u8);
encoded.extend(&avp.attribute.0);
}
encoded
Ok(encoded)
}
}

4
src/bin/code_gen.rs
View File

@@ -68,9 +68,9 @@ where
fn main() {
let args: Vec<String> = env::args().collect();
let program = args[0].clone();
let _program = args[0].clone();
let mut opts = Options::new();
let opts = Options::new();
let matches = opts
.parse(&args[1..])
.unwrap_or_else(|f| panic!(f.to_string()));

1
src/client.rs
View File

@@ -74,6 +74,7 @@ impl Client {
}
};
debug!("Client resp: {:?}", &buf[..len].to_vec());
match Packet::parse(&buf[..len].to_vec(), request_packet.get_secret()) {
Ok(response_packet) => Ok(response_packet),
Err(e) => Err(FailedParsingUDPResponse(e)),

76
src/packet.rs
View File

@@ -7,6 +7,7 @@ use crate::attributes::{AVPType, Attributes};
use crate::code::Code;
const MAX_PACKET_LENGTH: usize = 4096;
const RADIUS_PACKET_HEADER_LENGTH: usize = 20; // i.e. minimum packet lengt
#[derive(Debug, Clone, PartialEq)]
pub struct Packet {
@@ -43,27 +44,28 @@ impl Packet {
}
pub fn parse(bs: &[u8], secret: &[u8]) -> Result<Self, String> {
if bs.len() < 20 {
return Err("radius packet doesn't have enough length of bytes; that has to be at least 20 bytes".to_owned());
if bs.len() < RADIUS_PACKET_HEADER_LENGTH {
return Err(format!("radius packet doesn't have enough length of bytes; that has to be at least {} bytes", RADIUS_PACKET_HEADER_LENGTH));
}
let len = match bs[2..4].try_into() {
Ok(v) => u16::from_be_bytes(v),
Err(e) => return Err(e.to_string()),
} as usize;
if len < 20 || len > MAX_PACKET_LENGTH || bs.len() < len {
if len < RADIUS_PACKET_HEADER_LENGTH || len > MAX_PACKET_LENGTH || bs.len() < len {
return Err("invalid radius packat lengt".to_owned());
}
let attributes = match Attributes::parse_attributes(&bs[20..len].to_vec()) {
Ok(attributes) => attributes,
Err(e) => return Err(e),
};
let attributes =
match Attributes::parse_attributes(&bs[RADIUS_PACKET_HEADER_LENGTH..len].to_vec()) {
Ok(attributes) => attributes,
Err(e) => return Err(e),
};
Ok(Packet {
code: Code::from(bs[0]),
identifier: bs[1],
authenticator: bs[4..20].to_owned(),
authenticator: bs[4..RADIUS_PACKET_HEADER_LENGTH].to_owned(),
secret: secret.to_owned(),
attributes,
})
@@ -80,11 +82,12 @@ impl Packet {
}
pub fn encode(&self) -> Result<Vec<u8>, String> {
let bs = match self.marshal_binary() {
let mut bs = match self.marshal_binary() {
Ok(bs) => bs,
Err(e) => return Err(e),
};
debug!("encoded resp bs: {:?}", bs);
match self.code {
Code::AccessRequest | Code::StatusServer => Ok(bs),
Code::AccessAccept
@@ -107,24 +110,43 @@ impl Packet {
]);
}
_ => {
buf.extend(self.authenticator.clone());
buf.extend(self.authenticator.clone()); // TODO take from `bs`?
}
}
buf.extend(bs[20..].to_vec());
buf.extend(bs[RADIUS_PACKET_HEADER_LENGTH..].to_vec());
buf.extend(&self.secret);
Ok(md5::compute(buf).to_vec())
bs.splice(4..20, md5::compute(&buf).to_vec());
debug!("md5: {:?}", md5::compute(&buf).to_vec());
debug!("encoded resp bs: {:?}", bs);
Ok(bs)
}
_ => Err("unknown packet code".to_owned()),
}
}
/*
* Binary structure:
* 0 1 2 3
* 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
* | Code | Identifier | Length |
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
* | |
* | Authenticator |
* | |
* | |
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
* | Attributes ...
* +-+-+-+-+-+-+-+-+-+-+-+-+-
*/
pub fn marshal_binary(&self) -> Result<Vec<u8>, String> {
let attributes_len = match self.attributes.attributes_encoded_len() {
Ok(attributes_len) => attributes_len,
let encoded_avp = match self.attributes.encode() {
Ok(encoded) => encoded,
Err(e) => return Err(e),
};
let size = 20 + attributes_len;
let size = RADIUS_PACKET_HEADER_LENGTH as u16 + encoded_avp.len() as u16;
if size as usize > MAX_PACKET_LENGTH {
return Err("packet is too large".to_owned());
}
@@ -134,29 +156,37 @@ impl Packet {
bs.push(self.identifier);
bs.extend(u16::to_be_bytes(size).to_vec());
bs.extend(self.authenticator.to_vec());
Ok(self.attributes.encode(bs))
bs.extend(match self.attributes.encode() {
Ok(encoded) => encoded,
Err(e) => return Err(e),
});
debug!("{:?}", bs);
Ok(bs)
}
pub fn is_authentic_response(response: Vec<u8>, request: Vec<u8>, secret: Vec<u8>) -> bool {
if response.len() < 20 || request.len() < 20 || secret.is_empty() {
if response.len() < RADIUS_PACKET_HEADER_LENGTH
|| request.len() < RADIUS_PACKET_HEADER_LENGTH
|| secret.is_empty()
{
return false;
}
md5::compute(
[
&response[..4],
&request[4..20],
&response[20..], // TODO length
&request[4..RADIUS_PACKET_HEADER_LENGTH],
&response[RADIUS_PACKET_HEADER_LENGTH..], // TODO length
&secret,
]
.concat(),
)
.to_vec()
.eq(&response[4..20].to_vec())
.eq(&response[4..RADIUS_PACKET_HEADER_LENGTH].to_vec())
}
pub fn is_authentic_request(request: &[u8], secret: &[u8]) -> bool {
if request.len() < 20 || secret.is_empty() {
if request.len() < RADIUS_PACKET_HEADER_LENGTH || secret.is_empty() {
return false;
}
@@ -170,13 +200,13 @@ impl Packet {
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00,
],
&request[20..], // TODO length
&request[RADIUS_PACKET_HEADER_LENGTH..], // TODO length
&secret,
]
.concat(),
)
.to_vec()
.eq(&request[4..20].to_vec())
.eq(&request[4..RADIUS_PACKET_HEADER_LENGTH].to_vec())
}
_ => false,
}