The FreeRADIUS server $Id: 15bac2a4c627c01d1aa2047687b3418955ac7f00 $
Loading...
Searching...
No Matches
Enumerations | Functions
cf_file.h File Reference

Parse on-disk text based config files into the FreeRADIUS internal format. More...

#include <stddef.h>
#include <stdint.h>
#include <freeradius-devel/server/cf_util.h>
#include <freeradius-devel/util/rb.h>
#include <freeradius-devel/util/syserror.h>
#include <freeradius-devel/util/table.h>
#include <freeradius-devel/util/print.h>
+ Include dependency graph for cf_file.h:

Go to the source code of this file.

Enumerations

enum  cf_file_check_err_t {
  CF_FILE_OK = 0 ,
  CF_FILE_NO_PERMISSION = -1 ,
  CF_FILE_NO_EXIST = -2 ,
  CF_FILE_NO_UNIX_SOCKET = -3 ,
  CF_FILE_OTHER_ERROR = -4
}
 Results of file checks. More...
 

Functions

char const * cf_expand_variables (char const *filename, int lineno, CONF_SECTION *outer_cs, char *output, size_t outsize, char const *input, ssize_t inlen, bool *soft_fail)
 
cf_file_check_err_t cf_file_check (CONF_PAIR *cp, bool check_perms)
 Do some checks on the file as an "input" file.
 
cf_file_check_err_t cf_file_check_effective (char const *filename, cf_file_check_err_t(*cb)(char const *filename, void *uctx), void *uctx)
 Perform an operation with the effect/group set to conf_check_gid and conf_check_uid.
 
cf_file_check_err_t cf_file_check_open_read (char const *filename, void *uctx)
 Callback for cf_file_check to open a file and check permissions.
 
void cf_file_check_set_uid_gid (uid_t uid, gid_t gid)
 Set the euid/egid used when performing file checks.
 
cf_file_check_err_t cf_file_check_unix_connect (char const *filename, UNUSED void *uctx)
 Check if we can connect to a unix socket.
 
cf_file_check_err_t cf_file_check_unix_perm (char const *filename, UNUSED void *uctx)
 Check if file exists, and is a socket.
 
void cf_file_free (CONF_SECTION *cs)
 
int cf_file_read (CONF_SECTION *cs, char const *file)
 
void cf_md5_final (uint8_t *digest)
 
void cf_md5_init (void)
 
CONF_ITEMcf_reference_item (CONF_SECTION const *parentcs, CONF_SECTION const *outercs, char const *ptr)
 
int cf_section_pass2 (CONF_SECTION *cs)
 
void cf_section_set_unlang (CONF_SECTION *cs)
 
int cf_section_write (FILE *fp, CONF_SECTION *cs, int depth)
 

Detailed Description

Parse on-disk text based config files into the FreeRADIUS internal format.

Id
6253120b2d3966a1c3efa25fe3819986867d44e5

Definition in file cf_file.h.

Enumeration Type Documentation

◆ cf_file_check_err_t

Results of file checks.

Enumerator
CF_FILE_OK 

File checks passed.

CF_FILE_NO_PERMISSION 

Requested permissions not set.

CF_FILE_NO_EXIST 

File does not exist.

CF_FILE_NO_UNIX_SOCKET 

File is not a unix socket.

CF_FILE_OTHER_ERROR 

Other error occurred checking permissions.

Definition at line 45 of file cf_file.h.

Function Documentation

◆ cf_expand_variables()

char const * cf_expand_variables ( char const *  filename,
int  lineno,
CONF_SECTION outer_cs,
char *  output,
size_t  outsize,
char const *  input,
ssize_t  inlen,
bool soft_fail 
)

Definition at line 188 of file cf_file.c.

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ cf_file_check()

cf_file_check_err_t cf_file_check ( CONF_PAIR cp,
bool  check_perms 
)

Do some checks on the file as an "input" file.

i.e. one read by a module.

Note
Must be called with super user privileges.
Parameters
cpcurrently being processed.
check_permsIf true - will return error if file is world readable, or not readable by the unprivileged user/group.
Returns
  • CF_FILE_OK if the socket exists and is a socket.
  • CF_FILE_NO_EXIST if the file doesn't exist.
  • CF_FILE_NO_PERMISSION if the file exists but is not accessible.
  • CF_FILE_OTHER_ERROR any other error.

Definition at line 907 of file cf_file.c.

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ cf_file_check_effective()

cf_file_check_err_t cf_file_check_effective ( char const *  filename,
cf_file_check_err_t(*)(char const *filename, void *uctx)  cb,
void *  uctx 
)

Perform an operation with the effect/group set to conf_check_gid and conf_check_uid.

Parameters
filenameCONF_PAIR for the file being checked
cbcallback function to perform the check
uctxuser context for the callback
Returns
  • CF_FILE_OTHER_ERROR if there was a problem modifying permissions
  • The return value from the callback

Definition at line 686 of file cf_file.c.

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ cf_file_check_open_read()

cf_file_check_err_t cf_file_check_open_read ( char const *  filename,
void *  uctx 
)

Callback for cf_file_check to open a file and check permissions.

This is used to check if a file exists, and is readable by the unprivileged user/group.

Parameters
filenamecurrently being processed.
uctxuser context, which is a pointer to cf_file_t
Returns
  • CF_FILE_OK if the file exists and is readable.
  • CF_FILE_NO_EXIST if the file does not exist.
  • CF_FILE_NO_PERMISSION if the file exists but is not accessible.
  • CF_FILE_OTHER_ERROR if there was any other error.

Definition at line 857 of file cf_file.c.

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ cf_file_check_set_uid_gid()

void cf_file_check_set_uid_gid ( uid_t  uid,
gid_t  gid 
)

Set the euid/egid used when performing file checks.

Sets the euid, and egid used when cf_file_check is called to check permissions on conf items of type CONF_FLAG_FILE_READABLE

Note
This is probably only useful for the freeradius daemon itself.
Parameters
uidto set, (uid_t)-1 to use current euid.
gidto set, (gid_t)-1 to use current egid.

Definition at line 671 of file cf_file.c.

◆ cf_file_check_unix_connect()

cf_file_check_err_t cf_file_check_unix_connect ( char const *  filename,
UNUSED void *  uctx 
)

Check if we can connect to a unix socket.

Parameters
[in]filenameCONF_PAIR for the unix socket path
[in]uctxuser context, not used
Returns
  • CF_FILE_OK if the socket exists and is a socket.
  • CF_FILE_NO_EXIST if the file doesn't exist.
  • CF_FILE_NO_PERMISSION if the file exists but is not accessible.
  • CF_FILE_NO_UNIX_SOCKET if the file exists but is not a socket.
  • CF_FILE_OTHER_ERROR any other error.

Definition at line 738 of file cf_file.c.

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ cf_file_check_unix_perm()

cf_file_check_err_t cf_file_check_unix_perm ( char const *  filename,
UNUSED void *  uctx 
)

Check if file exists, and is a socket.

Parameters
[in]filenameCONF_PAIR for the unix socket path
[in]uctxuser context, not used
Returns
  • CF_FILE_OK if the socket exists and is a socket.
  • CF_FILE_NO_EXIST if the file doesn't exist.
  • CF_FILE_NO_PERMISSION if the file exists but is not accessible.
  • CF_FILE_NO_UNIX_SOCKET if the file exists but is not a socket.
  • CF_FILE_OTHER_ERROR any other error.

Definition at line 811 of file cf_file.c.

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ cf_file_free()

void cf_file_free ( CONF_SECTION cs)

Definition at line 3624 of file cf_file.c.

+ Here is the call graph for this function:

◆ cf_file_read()

int cf_file_read ( CONF_SECTION cs,
char const *  file 
)

Definition at line 3565 of file cf_file.c.

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ cf_md5_final()

void cf_md5_final ( uint8_t digest)

Definition at line 3235 of file cf_file.c.

+ Here is the caller graph for this function:

◆ cf_md5_init()

void cf_md5_init ( void  )

Definition at line 3222 of file cf_file.c.

+ Here is the caller graph for this function:

◆ cf_reference_item()

CONF_ITEM * cf_reference_item ( CONF_SECTION const *  parentcs,
CONF_SECTION const *  outercs,
char const *  ptr 
)

Definition at line 3745 of file cf_file.c.

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ cf_section_pass2()

int cf_section_pass2 ( CONF_SECTION cs)

Definition at line 969 of file cf_file.c.

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ cf_section_set_unlang()

void cf_section_set_unlang ( CONF_SECTION cs)

Definition at line 3978 of file cf_file.c.

+ Here is the caller graph for this function:

◆ cf_section_write()

int cf_section_write ( FILE *  fp,
CONF_SECTION cs,
int  depth 
)

Definition at line 3680 of file cf_file.c.

+ Here is the call graph for this function:
+ Here is the caller graph for this function: