 |
The FreeRADIUS server $Id: 15bac2a4c627c01d1aa2047687b3418955ac7f00 $
|
Loading...
Searching...
No Matches
|
The FreeRADIUS server $Id: 15bac2a4c627c01d1aa2047687b3418955ac7f00 $
|
Read the radiusd.conf file. More...
#include <sys/errno.h>#include <freeradius-devel/server/cf_file.h>#include <freeradius-devel/server/cf_priv.h>#include <freeradius-devel/server/log.h>#include <freeradius-devel/server/tmpl.h>#include <freeradius-devel/server/util.h>#include <freeradius-devel/server/virtual_servers.h>#include <freeradius-devel/util/debug.h>#include <freeradius-devel/util/file.h>#include <freeradius-devel/util/misc.h>#include <freeradius-devel/util/perm.h>#include <freeradius-devel/util/skip.h>#include <freeradius-devel/util/md5.h>#include <fcntl.h>#include <freeradius-devel/server/main_config.h>
Include dependency graph for cf_file.c:Go to the source code of this file.
Data Structures | |
| struct | cf_file_heap_t |
| struct | cf_stack_frame_t |
| union | cf_stack_frame_t.__unnamed62__ |
| struct | cf_stack_frame_t.__unnamed62__.__unnamed64__ |
| struct | cf_stack_t |
Macros | |
| #define | MAX_STACK (32) |
Typedefs | |
| typedef struct cf_file_heap_t | cf_file_heap_t |
| typedef CONF_ITEM *(* | cf_process_func_t) (cf_stack_t *) |
| typedef enum conf_property | CONF_PROPERTY |
Enumerations | |
| enum | cf_stack_file_t { CF_STACK_FILE = 0 } |
| enum | conf_property { CONF_PROPERTY_INVALID = 0 , CONF_PROPERTY_NAME , CONF_PROPERTY_INSTANCE } |
Functions | |
| static int8_t | _inode_cmp (void const *one, void const *two) |
| static int | add_pair (CONF_SECTION *parent, char const *attr, char const *value, fr_token_t name1_token, fr_token_t op_token, fr_token_t value_token, char *buff, char const *filename, int lineno) |
| char const * | cf_expand_variables (char const *cf, int lineno, CONF_SECTION *outer_cs, char *output, size_t outsize, char const *input, ssize_t inlen, bool *soft_fail, bool soft_fail_env) |
| cf_file_check_err_t | cf_file_check (CONF_PAIR *cp, bool check_perms) |
| Do some checks on the file as an "input" file. | |
| cf_file_check_err_t | cf_file_check_effective (char const *filename, cf_file_check_err_t(*cb)(char const *filename, void *uctx), void *uctx) |
| Perform an operation with the effect/group set to conf_check_gid and conf_check_uid. | |
| cf_file_check_err_t | cf_file_check_open_read (char const *filename, void *uctx) |
| Callback for cf_file_check to open a file and check permissions. | |
| void | cf_file_check_set_uid_gid (uid_t uid, gid_t gid) |
| Set the euid/egid used when performing file checks. | |
| cf_file_check_err_t | cf_file_check_unix_connect (char const *filename, UNUSED void *uctx) |
| Check if we can connect to a unix socket. | |
| cf_file_check_err_t | cf_file_check_unix_perm (char const *filename, UNUSED void *uctx) |
| Check if file exists, and is a socket. | |
| static int | cf_file_fill (cf_stack_t *stack) |
| void | cf_file_free (CONF_SECTION *cs) |
| static int | cf_file_include (cf_stack_t *stack) |
| static int | cf_file_open (CONF_SECTION *cs, char const *filename, bool from_dir, FILE **fp_p) |
| int | cf_file_read (CONF_SECTION *cs, char const *filename, bool root) |
| int | cf_file_read_buffer (CONF_SECTION *cs, char const *buffer, size_t buflen, char const *filename) |
| Bootstrap a configuration section from an in-memory buffer. | |
| static int | cf_get_token (CONF_SECTION *parent, char const **ptr_p, fr_token_t *token, char *buffer, size_t buflen, char const *filename, int lineno) |
| static char const * | cf_local_file (char const *base, char const *filename, char *buffer, size_t bufsize) |
| void | cf_md5_final (uint8_t *digest) |
| void | cf_md5_init (void) |
| static void | cf_md5_update (char const *p) |
| int | cf_pair_write (FILE *fp, CONF_PAIR *cp) |
| CONF_ITEM * | cf_reference_item (CONF_SECTION const *parent_cs, CONF_SECTION const *outer_cs, char const *ptr) |
| int | cf_section_pass2 (CONF_SECTION *cs) |
| void | cf_section_set_unlang (CONF_SECTION *cs) |
| int | cf_section_write (FILE *fp, CONF_SECTION *cs, int depth) |
| int | cf_section_write_children (FILE *fp, CONF_SECTION *cs, int depth) |
Emit the children of a section at depth without an enclosing { ... }. | |
| static void | cf_stack_cleanup (cf_stack_t *stack) |
| static ssize_t | cf_string_write (FILE *fp, char const *string, size_t len, fr_token_t t) |
| static bool | cf_template_merge (CONF_SECTION *cs, CONF_SECTION const *template) |
| static int8_t | filename_cmp (void const *one, void const *two) |
| static int | frame_readdir (cf_stack_t *stack) |
| static int | parse_error (cf_stack_t *stack, char const *ptr, char const *message) |
| static int | parse_input (cf_stack_t *stack) |
| static int | parse_type_name (cf_stack_t *stack, char const **ptr_p, char const *type_ptr, fr_type_t *type_p) |
| static CONF_ITEM * | process_catch (cf_stack_t *stack) |
| static CONF_ITEM * | process_foreach (cf_stack_t *stack) |
| static CONF_ITEM * | process_if (cf_stack_t *stack) |
| static int | process_include (cf_stack_t *stack, CONF_SECTION *parent, char const *ptr, bool required, bool relative) |
| static CONF_ITEM * | process_map (cf_stack_t *stack) |
| static CONF_ITEM * | process_subrequest (cf_stack_t *stack) |
| static CONF_ITEM * | process_switch (cf_stack_t *stack) |
| static int | process_template (cf_stack_t *stack) |
Variables | |
| static fr_md5_ctx_t * | cf_md5_ctx = NULL |
| static const bool | cf_name_char1 [SBUFF_CHAR_CLASS] |
| Convert tokens back to a quoting character. | |
| bool | check_config = false |
| static gid_t | conf_check_gid = (gid_t)-1 |
| static uid_t | conf_check_uid = (uid_t)-1 |
| static fr_table_num_sorted_t const | conf_property_name [] |
| static size_t | conf_property_name_len = NUM_ELEMENTS(conf_property_name) |
| static char const | parse_tabs [] = " " |
| static fr_table_num_sorted_t const | server_unlang_section [] |
| static size_t | server_unlang_section_len = NUM_ELEMENTS(server_unlang_section) |
| static const bool | terminal_end_line [SBUFF_CHAR_CLASS] |
| static const bool | terminal_end_section [SBUFF_CHAR_CLASS] |
| static fr_table_ptr_sorted_t | unlang_keywords [] |
| static int | unlang_keywords_len = NUM_ELEMENTS(unlang_keywords) |
Read the radiusd.conf file.
Definition in file cf_file.c.
| struct cf_file_heap_t |
| Data Fields | ||
|---|---|---|
| char const * | filename | |
| fr_heap_index_t | heap_id | |
| struct cf_stack_frame_t |
Collaboration diagram for cf_stack_frame_t:| Data Fields | ||
|---|---|---|
| union cf_stack_frame_t.__unnamed62__ | __unnamed__ | |
| CONF_SECTION * | at_reference | was this thing an @foo ? |
| int | at_reference_braces | braces when we found this thing |
| int | braces | |
| CONF_SECTION * | current | sub-section we're reading |
| char const * | filename | filename we're reading |
| bool | from_dir | this file was read from $include foo/ |
| int | lineno | line in that filename |
| CONF_SECTION * | parent | which started this file |
| cf_stack_file_t | type | |
| union cf_stack_frame_t.__unnamed62__ |
| Data Fields | ||
|---|---|---|
| struct cf_stack_frame_t.__unnamed62__.__unnamed64__ | __unnamed__ | |
| struct cf_stack_frame_t.__unnamed62__.__unnamed64__ |
| struct cf_stack_t |
Collaboration diagram for cf_stack_t:| Data Fields | ||
|---|---|---|
| char ** | buff | buffers for reading / parsing |
| size_t | bufsize | size of the buffers |
| int | depth | stack depth |
| char * | fill | where we start filling the buffer from |
| cf_stack_frame_t | frame[MAX_STACK] | stack frames |
| char const * | ptr | current parse pointer |
| typedef struct cf_file_heap_t cf_file_heap_t |
| typedef CONF_ITEM *(* cf_process_func_t) (cf_stack_t *) |
| typedef enum conf_property CONF_PROPERTY |
| enum cf_stack_file_t |
| enum conf_property |
|
static |
|
static |
| char const * cf_expand_variables | ( | char const * | cf, |
| int | lineno, | ||
| CONF_SECTION * | outer_cs, | ||
| char * | output, | ||
| size_t | outsize, | ||
| char const * | input, | ||
| ssize_t | inlen, | ||
| bool * | soft_fail, | ||
| bool | soft_fail_env | ||
| ) |
| cf_file_check_err_t cf_file_check | ( | CONF_PAIR * | cp, |
| bool | check_perms | ||
| ) |
Do some checks on the file as an "input" file.
i.e. one read by a module.
| cp | currently being processed. |
| check_perms | If true - will return error if file is world readable, or not readable by the unprivileged user/group. |
Definition at line 924 of file cf_file.c.
Here is the call graph for this function: Here is the caller graph for this function:| cf_file_check_err_t cf_file_check_effective | ( | char const * | filename, |
| cf_file_check_err_t(*)(char const *filename, void *uctx) | cb, | ||
| void * | uctx | ||
| ) |
Perform an operation with the effect/group set to conf_check_gid and conf_check_uid.
| filename | CONF_PAIR for the file being checked |
| cb | callback function to perform the check |
| uctx | user context for the callback |
Definition at line 695 of file cf_file.c.
Here is the call graph for this function: Here is the caller graph for this function:| cf_file_check_err_t cf_file_check_open_read | ( | char const * | filename, |
| void * | uctx | ||
| ) |
Callback for cf_file_check to open a file and check permissions.
This is used to check if a file exists, and is readable by the unprivileged user/group.
| filename | currently being processed. |
| uctx | user context, which is a pointer to cf_file_t |
Definition at line 874 of file cf_file.c.
Here is the call graph for this function: Here is the caller graph for this function:| void cf_file_check_set_uid_gid | ( | uid_t | uid, |
| gid_t | gid | ||
| ) |
Set the euid/egid used when performing file checks.
Sets the euid, and egid used when cf_file_check is called to check permissions on conf items of type CONF_FLAG_FILE_READABLE
| uid | to set, (uid_t)-1 to use current euid. |
| gid | to set, (gid_t)-1 to use current egid. |
| cf_file_check_err_t cf_file_check_unix_connect | ( | char const * | filename, |
| UNUSED void * | uctx | ||
| ) |
Check if we can connect to a unix socket.
| [in] | filename | CONF_PAIR for the unix socket path |
| [in] | uctx | user context, not used |
Definition at line 755 of file cf_file.c.
Here is the call graph for this function: Here is the caller graph for this function:| cf_file_check_err_t cf_file_check_unix_perm | ( | char const * | filename, |
| UNUSED void * | uctx | ||
| ) |
Check if file exists, and is a socket.
| [in] | filename | CONF_PAIR for the unix socket path |
| [in] | uctx | user context, not used |
Definition at line 828 of file cf_file.c.
Here is the call graph for this function: Here is the caller graph for this function:
|
static |
| void cf_file_free | ( | CONF_SECTION * | cs | ) |
|
static |
|
static |
| int cf_file_read | ( | CONF_SECTION * | cs, |
| char const * | filename, | ||
| bool | root | ||
| ) |
| int cf_file_read_buffer | ( | CONF_SECTION * | cs, |
| char const * | buffer, | ||
| size_t | buflen, | ||
| char const * | filename | ||
| ) |
Bootstrap a configuration section from an in-memory buffer.
Mirrors cf_file_read(), but reads the configuration text from a buffer via fmemopen() instead of from a file on disk. The buffer is treated as if it were the contents of "filename", which is used in error messages and stored as the section's source filename.
$INCLUDE / $-INCLUDEs are taken relative to the directory portion of "filename", as with cf_file_read().
Unlike cf_file_read(), this function never sets the "raddbdir" / "confdir" CONF_PAIRs (the buffer has no canonical install path) and never inserts "filename" into the dedup tree.
| [in] | cs | Top-level configuration section to populate. |
| [in] | buffer | The configuration text. The caller retains ownership and may free the buffer after this call returns. |
| [in] | buflen | Length of buffer in bytes (excluding any trailing NUL). |
| [in] | filename | Virtual filename for error reporting. May be a placeholder like "<inline>" if there is no real file. |
Definition at line 3823 of file cf_file.c.
Here is the call graph for this function: Here is the caller graph for this function:
|
static |
|
static |
| void cf_md5_final | ( | uint8_t * | digest | ) |
| void cf_md5_init | ( | void | ) |
|
static |
| int cf_pair_write | ( | FILE * | fp, |
| CONF_PAIR * | cp | ||
| ) |
| CONF_ITEM * cf_reference_item | ( | CONF_SECTION const * | parent_cs, |
| CONF_SECTION const * | outer_cs, | ||
| char const * | ptr | ||
| ) |
| int cf_section_pass2 | ( | CONF_SECTION * | cs | ) |
| void cf_section_set_unlang | ( | CONF_SECTION * | cs | ) |
| int cf_section_write | ( | FILE * | fp, |
| CONF_SECTION * | cs, | ||
| int | depth | ||
| ) |
| int cf_section_write_children | ( | FILE * | fp, |
| CONF_SECTION * | cs, | ||
| int | depth | ||
| ) |
Emit the children of a section at depth without an enclosing { ... }.
cf_section_write wraps a section in name { ... }; this helper writes only the children at the requested indent, which is what tools like radjson2conf -r need: rendering a synthetic-root section as a file-scope fragment ready to be $INCLUDEd at any depth.
Blank lines in the source come back through as NULL-text CONF_ITEM_COMMENT markers, so the writer doesn't have to synthesise its own separators - just emit what's there. Consecutive blank markers collapse to a single blank line on output so artifacts from upstream tooling (deletes that left their preceding blank behind, splits that introduced extra spacers) don't accumulate as visible whitespace.
Definition at line 4006 of file cf_file.c.
Here is the call graph for this function: Here is the caller graph for this function:
|
static |
|
static |
|
static |
|
static |
|
static |
|
static |
|
static |
|
static |
|
static |
|
static |
|
static |
|
static |
|
static |
|
static |
|
static |
|
static |
|
static |
|
static |
Convert tokens back to a quoting character.
Non-string types convert to '?' to screw ups can be identified easily
|
static |
|
static |
|
static |
|
static |
|
static |
|
static |
|
static |
|
static |
1.9.8