Functions to handle basic LDAP filter parsing and filtering.
More...
#include <freeradius-devel/ldap/base.h>
Go to the source code of this file.
|
| bool | fr_ldap_filter_eval (fr_dlist_head_t *root, fr_ldap_connection_t *conn, LDAPMessage *msg) |
| | Evaluate an LDAP filter. More...
|
| |
| fr_slen_t | fr_ldap_filter_parse (TALLOC_CTX *ctx, fr_dlist_head_t **root, fr_sbuff_t *filter, filter_attr_check_t attr_check, void *uctx) |
| | Parse an LDAP filter into its component nodes. More...
|
| |
| static bool | ldap_filter_group_eval (ldap_filter_t *group, fr_ldap_connection_t *conn, LDAPMessage *msg, int depth) |
| | Evaluate a group of LDAP filters. More...
|
| |
| static bool | ldap_filter_node_eval (ldap_filter_t *node, fr_ldap_connection_t *conn, LDAPMessage *msg, int depth) |
| | Evaluate a single LDAP filter node. More...
|
| |
| static fr_slen_t | ldap_filter_parse_filter (ldap_filter_t *node, fr_sbuff_t *sbuff, int depth, filter_attr_check_t attr_check, void *uctx) |
| | Parse individual LDAP filter. More...
|
| |
| static fr_slen_t | ldap_filter_parse_logic (ldap_filter_t *node, fr_sbuff_t *sbuff, int depth, filter_attr_check_t attr_check, void *uctx) |
| | Parse LDAP filter logic group. More...
|
| |
| static fr_slen_t | ldap_filter_parse_node (ldap_filter_t *node, fr_sbuff_t *sbuff, int depth, filter_attr_check_t attr_check, void *uctx) |
| | Parse individual LDAP filter nodes. More...
|
| |
Functions to handle basic LDAP filter parsing and filtering.
- Id
- f62246f98c32488ea3287c3b5732984cd1033607
- Copyright
- 2022 Network RADIUS SAS (legal.nosp@m.@net.nosp@m.workr.nosp@m.adiu.nosp@m.s.com)
Definition in file filter.c.
◆ DEBUG_LDAP_ATTR_VAL
Value:
fr_value_box_t value_box; \
fr_ldap_berval_to_value_str_shallow(&value_box, values[i]); \
DEBUG3(
"%*s Evaluating attribute \"%s\", value \"%pV\"",
depth,
"", node->attr, &value_box); \
}
#define DEBUG_ENABLED3
True if global debug level 1-3 messages are enabled.
static uint8_t depth(fr_minmax_heap_index_t i)
Definition at line 411 of file filter.c.
◆ FILTER_ATTR_MAX_LEN
| #define FILTER_ATTR_MAX_LEN 256 |
◆ FILTER_VALUE_MAX_LEN
| #define FILTER_VALUE_MAX_LEN 256 |
◆ fr_ldap_filter_eval()
Evaluate an LDAP filter.
- Parameters
-
| [in] | root | of the LDAP filter to evaluate. |
| [in] | conn | LDAP connection the message being filtered was returned on. |
| [in] | msg | to filter. |
- Returns
- true or false result of the node evaluation.
Definition at line 583 of file filter.c.
◆ fr_ldap_filter_parse()
Parse an LDAP filter into its component nodes.
- Parameters
-
| [in] | ctx | to allocate nodes in. |
| [in,out] | root | where to allocate the root of the parsed filter. |
| [in] | filter | to parse. |
| [in] | attr_check | callback to check if required attributes are in the query. |
| [in] | uctx | passed to attribute check callback. |
- Returns
- number of bytes parsed on success < 0 on failure
Definition at line 343 of file filter.c.
◆ ldap_filter_group_eval()
Evaluate a group of LDAP filters.
Groups have a logical operator of &, | or !
- Parameters
-
| [in] | group | to evaluate. |
| [in] | conn | LDAP connection the message being filtered was returned on |
| [in] | msg | to filter |
| [in] | depth | to indent debug messages, reflecting group nesting |
- Returns
- true or false result of the group evaluation
Definition at line 377 of file filter.c.
◆ ldap_filter_node_eval()
Evaluate a single LDAP filter node.
- Parameters
-
| [in] | node | to evaluate. |
| [in] | conn | LDAP connection the message being filtered was returned on. |
| [in] | msg | to filter. |
| [in] | depth | to indent debug messages, reflecting group nesting. |
- Returns
- true or false result of the node evaluation.
Definition at line 425 of file filter.c.
◆ ldap_filter_parse_filter()
Parse individual LDAP filter.
- Parameters
-
| [in,out] | node | to populate with parsed filter. |
| [in] | sbuff | pointing to filter to parse. |
| [in] | depth | to indent debug output, indicating nesting of groups. |
| [in] | attr_check | callback to check if required attributes are in the query. |
| [in] | uctx | passed to attribute check callback. |
- Returns
- number of bytes parsed on success
- < 0 on error
Definition at line 121 of file filter.c.
◆ ldap_filter_parse_logic()
Parse LDAP filter logic group.
- Parameters
-
| [in,out] | node | to populate with parsed filter. |
| [in] | sbuff | pointing to filter to parse. |
| [in] | depth | to indent debug output, indicating nesting of groups. |
| [in] | attr_check | callback to check if required attributes are in the query. |
| [in] | uctx | passed to attribute check callback. |
- Returns
- number of bytes parsed on success
- < 0 on error
Definition at line 56 of file filter.c.
◆ ldap_filter_parse_node()
Parse individual LDAP filter nodes.
A node can either be a group of nodes joined with a logical operator or an individual filter.
- Parameters
-
| [in,out] | node | to populate with parsed filter. |
| [in] | sbuff | pointing to filter to parse. |
| [in] | depth | to indent debug output, indicating nesting of groups. |
| [in] | attr_check | callback to check if required attributes are in the query. |
| [in] | uctx | passed to attribute check callback. |
- Returns
- number of bytes parsed on success
- < 0 on error
Definition at line 283 of file filter.c.
◆ fr_ldap_attr_allowed_chars
Initial value:= {
['-'] = true,
}
#define SBUFF_CHAR_CLASS_ALPHA_NUM
Definition at line 34 of file filter.c.
◆ ldap_filter_op_table
Initial value:= {
}
#define L(_str)
Helper for initialising arrays of string literals.
@ LDAP_FILTER_OP_EQ
Attribute equals value.
@ LDAP_FILTER_OP_LE
Attribute less than or equal to value.
@ LDAP_FILTER_OP_GE
Attribute greater than or equal to value.
Definition at line 27 of file filter.c.
◆ ldap_filter_op_table_len
Include dependency graph for filter.c:
1.9.1