diff options
Diffstat (limited to 'src/modules/rlm_utf8')
-rw-r--r-- | src/modules/rlm_utf8/README.md | 10 | ||||
-rw-r--r-- | src/modules/rlm_utf8/all.mk | 2 | ||||
-rw-r--r-- | src/modules/rlm_utf8/rlm_utf8.c | 73 |
3 files changed, 85 insertions, 0 deletions
diff --git a/src/modules/rlm_utf8/README.md b/src/modules/rlm_utf8/README.md new file mode 100644 index 0000000..a7f63be --- /dev/null +++ b/src/modules/rlm_utf8/README.md @@ -0,0 +1,10 @@ +# rlm_utf8 +## Metadata +<dl> + <dt>category</dt><dd>policy</dd> +</dl> + +## Summary + +Checks all attributes of type string in the current request, to +ensure that they only contain valid UTF8 sequences. diff --git a/src/modules/rlm_utf8/all.mk b/src/modules/rlm_utf8/all.mk new file mode 100644 index 0000000..1f6f103 --- /dev/null +++ b/src/modules/rlm_utf8/all.mk @@ -0,0 +1,2 @@ +TARGET := rlm_utf8.a +SOURCES := rlm_utf8.c diff --git a/src/modules/rlm_utf8/rlm_utf8.c b/src/modules/rlm_utf8/rlm_utf8.c new file mode 100644 index 0000000..d2031c6 --- /dev/null +++ b/src/modules/rlm_utf8/rlm_utf8.c @@ -0,0 +1,73 @@ +/* + * This program is is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or (at + * your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA + */ + +/** + * $Id$ + * @file rlm_utf8.c + * @brief Enforce UTF8 encoding in strings. + * + * @copyright 2000,2006 The FreeRADIUS server project + */ +RCSID("$Id$") + +#include <freeradius-devel/radiusd.h> +#include <freeradius-devel/modules.h> + +/* + * Reject any non-UTF8 data. + */ +static rlm_rcode_t CC_HINT(nonnull) mod_utf8_clean(UNUSED void *instance, REQUEST *request) +{ + size_t i, len; + VALUE_PAIR *vp; + vp_cursor_t cursor; + + for (vp = fr_cursor_init(&cursor, &request->packet->vps); + vp; + vp = fr_cursor_next(&cursor)) { + if (vp->da->type != PW_TYPE_STRING) continue; + + for (i = 0; i < vp->vp_length; i += len) { + len = fr_utf8_char(&vp->vp_octets[i], -1); + if (len == 0) return RLM_MODULE_FAIL; + } + } + + return RLM_MODULE_NOOP; +} + +/* + * The module name should be the only globally exported symbol. + * That is, everything else should be 'static'. + * + * If the module needs to temporarily modify it's instantiation + * data, the type should be changed to RLM_TYPE_THREAD_UNSAFE. + * The server will then take care of ensuring that the module + * is single-threaded. + */ +extern module_t rlm_utf8; +module_t rlm_utf8 = { + .magic = RLM_MODULE_INIT, + .name = "utf8", + .type = RLM_TYPE_THREAD_SAFE, + .methods = { + [MOD_AUTHORIZE] = mod_utf8_clean, + [MOD_PREACCT] = mod_utf8_clean, +#ifdef WITH_COA + [MOD_RECV_COA] = mod_utf8_clean +#endif + }, +}; |