libradius: Fix attribute length validation in rad_get_attr(3)

The length of the attribute header needs to be excluded when comparing
the attribute length against the length of the packet. Otherwise,
validation may incorrectly fail when fetching the final attribute in a
message.

Fixes: 8d5c78130 ("libradius: Fix input validation bugs")
Reported by: Peter Eriksson
Tested by: Peter Eriksson
Sponsored by: The FreeBSD Foundation

(cherry picked from commit 6bb5699d2b59491097bc21ffa3c097cdd4853f89)

Git Hash: dbb3df26a8a3e1343b42844a6a6e3e9adf49ca8c
Git Author: markj@FreeBSD.org

libradius: Fix input validation bugs

Approved by: so
Security: FreeBSD-SA-21:12.libradius
Security: CVE-2021-29629
Sponsored by: The FreeBSD Foundation

(cherry picked from commit 8d5c7813061dfa0b187500dfe3aeea7a28181c13)

Git Hash: 5e90dfc54f864651fd98087c6e1f1cbce203b20c
Git Author: markj@FreeBSD.org

Revert r330897:

This was intended to be a non-functional change. It wasn't. The commit
message was thus wrong. In addition it broke arm, and merged crypto
related code.

Revert with prejudice.

This revert skips files touched in r316370 since that commit was since
MFCed. This revert also skips files that require $FreeBSD$ property
changes.

Thank you to those who helped me get out of this mess including but not
limited to gonzo, kevans, rgrimes.

Requested by: gjb (re)

Partial merge of the SPDX changes

These changes are incomplete but are making it difficult
to determine what other changes can/should be merged.

No objections from: pfg

Copy head@r302406 to stable/11 as part of the 11.0-RELEASE cycle.
Prune svn:mergeinfo from the new branch, as nothing has been merged
here.

Additional commits post-branch will follow.

Approved by: re (implicit)
Sponsored by: The FreeBSD Foundation

Fix build: reflect the increased field number.

- Rewrite radius servers traversal algorithm.
- Add functions for working with IPv6 attributes.

Approved by: ae

Add binding support to libradius(3).

Submitted by: Sergey Matveychuk <sem33@yandex-team.ru>
Approved by: ae (mentor)
MFC after: 2 weeks

Fix bug, when RADIUS client gave up after single sendto() error, do not
trying backup servers.

PR: kern/103764, misc/139214

Add simple embedded RADIUS server support to libradius, by extending existing
API, keeping backward compatibility.

First consumer for this functionality is going to become forthcoming MPD-5.4,
supporting CoA and DR of RFC 3576: Dynamic Authorization Extensions to RADIUS.

MFC after: 1 month

Use correct u_int and socklen_t types for parameters if function is
expecting them, not int.

Use %zu to print values with type size_t.

- Added rad_demangle() for demangling user-passwords (needed for
MS-CHAPv1 MPPE-keys).
- Added rad_demangle_mppe_key() for demangling mppe-keys (needed
for MPPE-keys).
- Added some typecasts for avoiding compiler warnings.
- Fix: better handle wrong usage of the lib (if the programmer
has not called rad_create_request() but rad_put_*(), then a
weird error message was returned).
- Added a new function for putting the Message-Authenticator.
- Verify the Message-Authenticator, if it was found inside a
response packet and silently drop the packet, if the validation
failed.
- Implicitly put the Message-Authenticator, if the EAP-Message
attribute was added.
- Added some missing defines.

Submitted by: Michael Bretterklieber
PR: 46555

Add the following functions:

rad_request_authenticator()
Returns the Request-Authenticator relevant to the most recently received
RADIUS response.

rad_server_secret()
Returns the Shared Secret relevant to the most recently received
RADIUS response.

Neither of these functions should be necessary, however, the
MS-MPPE-Recv-Key and MS-MPPE-Send-Key Microsoft Vendor Specific
attributes are supplied in a mangled (encrypted) format, requiring
this information to demangle.

It's not clear whether these functions should be replaced with a
rad_demangle() function or whether these attributes are one-offs.

Sponsored by: Monzoon

Add rad_get_vendor_attr() for deciphering vendor attributes received
from the RADIUS server.

Add support for vendor specific RADIUS extensions.

Only the extensions from rfc2548 are specified for now.

Add __FBSDID()s to libradius

Fix password clearing bug which prevented challenge/response from working.

Reviewed by: jdp

strtok -> strsep (no strtok allowed in libraries)

Add support for RADIUS accounting. Note, this changes the format
of the /etc/radius.conf file. But the code contains hacks for
backward compatibility, so old files will continue to work.

I updated the man pages and made a couple of minor changes, but
everything else was submitted by Oleg.

PR: misc/14284
Submitted by: Oleg Semyonov <os@altavista.net>

Allow an alternate to rad_send_request() for programs that
don't wish to wait for the RADIUS server to respond.
Reviewed by: jdp

Install -C radlib.h

Don't insist that RAD_USER_PASSWORD is supplied before
calling rad_send_request(). Instead, insist on only one
of RAD_USER_PASSWORD and RAD_CHAP_PASSWORD.

Sponsored by: Internet Business Solutions Ltd., Switzerland

This commit was generated by cvs2svn to compensate for changes in r41118,
which included commits to RCS files with non-trunk default branches.

Initial import of RADIUS client library donated by Juniper Networks, Inc.