The FreeRADIUS server $Id: 15bac2a4c627c01d1aa2047687b3418955ac7f00 $
Loading...
Searching...
No Matches
rest.c
Go to the documentation of this file.
1/*
2 * This program is free software; you can redistribute it and/or modify
3 * it under the terms of the GNU General Public License as published by
4 * the Free Software Foundation; either version 2 of the License, or
5 * (at your option) any later version.
6 *
7 * This program is distributed in the hope that it will be useful,
8 * but WITHOUT ANY WARRANTY; without even the implied warranty of
9 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
10 * GNU General Public License for more details.
11 *
12 * You should have received a copy of the GNU General Public License
13 * along with this program; if not, write to the Free Software
14 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
15 */
16
17/**
18 * $Id: 55024c8503d4e06dcbe9209da6ae6e018ebc068f $
19 *
20 * @brief Functions and datatypes for the REST (HTTP) transport.
21 * @file rest.c
22 *
23 * @copyright 2012-2021 Arran Cudbard-Bell (a.cudbardb@freeradius.org)
24 */
25RCSID("$Id: 55024c8503d4e06dcbe9209da6ae6e018ebc068f $")
26
27#define LOG_PREFIX mctx->mi->name
28
29#include <ctype.h>
30#include <string.h>
31#include <time.h>
32
33#include <freeradius-devel/server/base.h>
34#include <freeradius-devel/unlang/call.h>
35#include <freeradius-devel/util/skip.h>
36
37
38#include "rest.h"
39
40/** Table of encoder/decoder support.
41 *
42 * Indexes in this table match the http_body_type_t enum, and should be
43 * updated if additional enum values are added.
44 *
45 * @see http_body_type_t
46 */
47const http_body_type_t http_body_type_supported[REST_HTTP_BODY_NUM_ENTRIES] = {
48 REST_HTTP_BODY_UNKNOWN, // REST_HTTP_BODY_UNKNOWN
49 REST_HTTP_BODY_UNSUPPORTED, // REST_HTTP_BODY_UNSUPPORTED
50 REST_HTTP_BODY_UNSUPPORTED, // REST_HTTP_BODY_UNAVAILABLE
51 REST_HTTP_BODY_UNSUPPORTED, // REST_HTTP_BODY_INVALID
52 REST_HTTP_BODY_NONE, // REST_HTTP_BODY_NONE
53 REST_HTTP_BODY_CUSTOM, // REST_HTTP_BODY_CUSTOM
54 REST_HTTP_BODY_POST, // REST_HTTP_BODY_POST
55#ifdef HAVE_JSON
56 REST_HTTP_BODY_JSON, // REST_HTTP_BODY_JSON
57#else
58 REST_HTTP_BODY_UNAVAILABLE,
59#endif
60 REST_HTTP_BODY_UNSUPPORTED, // REST_HTTP_BODY_XML
61 REST_HTTP_BODY_UNSUPPORTED, // REST_HTTP_BODY_YAML
62 REST_HTTP_BODY_INVALID, // REST_HTTP_BODY_HTML
63 REST_HTTP_BODY_PLAIN, // REST_HTTP_BODY_PLAIN
64 REST_HTTP_BODY_PLAIN // REST_HTTP_BODY_CRL
65};
66
67/** Table of which known body types are expected to give binary data
68 */
73
74/*
75 * Lib CURL doesn't define symbols for unsupported auth methods
76 */
77#ifndef CURLOPT_TLSAUTH_SRP
78# define CURLOPT_TLSAUTH_SRP 0
79#endif
80#ifndef CURLAUTH_BASIC
81# define CURLAUTH_BASIC 0
82#endif
83#ifndef CURLAUTH_DIGEST
84# define CURLAUTH_DIGEST 0
85#endif
86#ifndef CURLAUTH_DIGEST_IE
87# define CURLAUTH_DIGEST_IE 0
88#endif
89#ifndef CURLAUTH_GSSNEGOTIATE
90# define CURLAUTH_GSSNEGOTIATE 0
91#endif
92#ifndef CURLAUTH_NTLM
93# define CURLAUTH_NTLM 0
94#endif
95#ifndef CURLAUTH_NTLM_WB
96# define CURLAUTH_NTLM_WB 0
97#endif
98
99/*
100 * CURL headers do:
101 *
102 * #define curl_easy_setopt(handle,opt,param) curl_easy_setopt(handle,opt,param)
103 */
117
118/** Conversion table for method config values.
119 *
120 * HTTP verb strings for http_method_t enum values. Used by libcurl in the
121 * status line of the outgoing HTTP header, by rest_response_header for decoding
122 * incoming HTTP responses, and by the configuration parser.
123 *
124 * @note must be kept in sync with http_method_t enum.
125 *
126 * @see http_method_t
127 * @see fr_table_value_by_str
128 * @see fr_table_str_by_value
129 */
130fr_table_num_sorted_t const http_method_table[] = {
131 { L("DELETE"), REST_HTTP_METHOD_DELETE },
132 { L("GET"), REST_HTTP_METHOD_GET },
133 { L("PATCH"), REST_HTTP_METHOD_PATCH },
134 { L("POST"), REST_HTTP_METHOD_POST },
135 { L("PUT"), REST_HTTP_METHOD_PUT },
136 { L("UNKNOWN"), REST_HTTP_METHOD_UNKNOWN }
137};
138size_t http_method_table_len = NUM_ELEMENTS(http_method_table);
139
140/** Conversion table for type config values.
141 *
142 * Textual names for http_body_type_t enum values, used by the
143 * configuration parser.
144 *
145 * @see http_body_Type_t
146 * @see fr_table_value_by_str
147 * @see fr_table_str_by_value
148 */
149fr_table_num_sorted_t const http_body_type_table[] = {
150 { L("crl"), REST_HTTP_BODY_CRL },
151 { L("html"), REST_HTTP_BODY_HTML },
152 { L("invalid"), REST_HTTP_BODY_INVALID },
153 { L("json"), REST_HTTP_BODY_JSON },
154 { L("none"), REST_HTTP_BODY_NONE },
155 { L("plain"), REST_HTTP_BODY_PLAIN },
156 { L("post"), REST_HTTP_BODY_POST },
157 { L("unavailable"), REST_HTTP_BODY_UNAVAILABLE },
158 { L("unknown"), REST_HTTP_BODY_UNKNOWN },
159 { L("unsupported"), REST_HTTP_BODY_UNSUPPORTED },
160 { L("xml"), REST_HTTP_BODY_XML },
161 { L("yaml"), REST_HTTP_BODY_YAML }
162};
163size_t http_body_type_table_len = NUM_ELEMENTS(http_body_type_table);
164
165fr_table_num_sorted_t const http_auth_table[] = {
166 { L("any"), REST_HTTP_AUTH_ANY },
167 { L("basic"), REST_HTTP_AUTH_BASIC },
168 { L("digest"), REST_HTTP_AUTH_DIGEST },
169 { L("digest-ie"), REST_HTTP_AUTH_DIGEST_IE },
170 { L("gss-negotiate"), REST_HTTP_AUTH_GSSNEGOTIATE },
171 { L("none"), REST_HTTP_AUTH_NONE },
172 { L("ntlm"), REST_HTTP_AUTH_NTLM },
173 { L("ntlm-winbind"), REST_HTTP_AUTH_NTLM_WB },
174 { L("safe"), REST_HTTP_AUTH_ANY_SAFE },
175 { L("srp"), REST_HTTP_AUTH_TLS_SRP }
176};
177size_t http_auth_table_len = NUM_ELEMENTS(http_auth_table);
178
179/** Conversion table for "Content-Type" header values.
180 *
181 * Used by rest_response_header for parsing incoming headers.
182 *
183 * Values we expect to see in the 'Content-Type:' header of the incoming
184 * response.
185 *
186 * Some data types (like YAML) do no have standard MIME types defined,
187 * so multiple types, are listed here.
188 *
189 * @see http_body_Type_t
190 * @see fr_table_value_by_str
191 * @see fr_table_str_by_value
192 */
193fr_table_num_sorted_t const http_content_type_table[] = {
194 { L("application/json"), REST_HTTP_BODY_JSON },
195 { L("application/pkix-crl"), REST_HTTP_BODY_CRL },
196 { L("application/x-pkcs7-crl"), REST_HTTP_BODY_CRL },
197 { L("application/x-www-form-urlencoded"), REST_HTTP_BODY_POST },
198 { L("application/x-yaml"), REST_HTTP_BODY_YAML },
199 { L("application/yaml"), REST_HTTP_BODY_YAML },
200 { L("text/html"), REST_HTTP_BODY_HTML },
201 { L("text/plain"), REST_HTTP_BODY_PLAIN },
202 { L("text/x-yaml"), REST_HTTP_BODY_YAML },
203 { L("text/xml"), REST_HTTP_BODY_XML },
204 { L("text/yaml"), REST_HTTP_BODY_YAML }
205};
206size_t http_content_type_table_len = NUM_ELEMENTS(http_content_type_table);
207
208/*
209 * Encoder specific structures.
210 * @todo split encoders/decoders into submodules.
211 */
212typedef struct {
213 char const *start; //!< Start of the buffer.
214 char const *p; //!< how much text we've sent so far.
215 size_t len; //!< Length of data
216} rest_custom_data_t;
217
218#ifdef HAVE_JSON
219/** Flags to control the conversion of JSON values to fr_pair_ts.
220 *
221 * These fields are set when parsing the expanded format for value pairs in
222 * JSON, and control how json_pair_alloc_leaf and json_pair_alloc convert the JSON
223 * value, and move the new fr_pair_t into an attribute list.
224 *
225 * @see json_pair_alloc
226 * @see json_pair_alloc_leaf
227 */
228typedef struct {
229 int do_xlat; //!< If true value will be expanded with xlat.
230 int is_json; //!< If true value will be inserted as raw JSON
231 // (multiple values not supported).
232 fr_token_t op; //!< The operator that determines how the new VP
233 // is processed. @see fr_tokens_table
234} json_flags_t;
235#endif
236
237/** Frees a libcurl handle, and any additional memory used by context data.
238 *
239 * @param[in] randle fr_curl_io_request_t to close and free.
240 * @return returns true.
241 */
242static int _mod_conn_free(fr_curl_io_request_t *randle)
243{
244 curl_easy_cleanup(randle->candle);
245
246 return 0;
247}
248
249/** Creates a new connection handle for use by the FR connection API.
250 *
251 * Matches the fr_pool_connection_create_t function prototype, is passed to
252 * fr_pool_init, and called when a new connection is required by the
253 * connection pool API.
254 *
255 * Creates an instances of fr_curl_io_request_t, and rlm_rest_curl_context_t
256 * which hold the context data required for generating requests and parsing
257 * responses.
258 *
259 * @see fr_pool_init
260 * @see fr_pool_connection_create_t
261 * @see connection.c
262 */
263void *rest_mod_conn_create(TALLOC_CTX *ctx, void *instance, UNUSED fr_time_delta_t timeout)
264{
265 rlm_rest_t const *inst = talloc_get_type_abort_const(instance, rlm_rest_t);
266
267 fr_curl_io_request_t *randle = NULL;
268 rlm_rest_curl_context_t *curl_ctx = NULL;
269
270 /*
271 * Allocate memory for the connection handle abstraction.
272 */
273 randle = fr_curl_io_request_alloc(ctx);
274 if (!randle) return NULL;
275
276 MEM(curl_ctx = talloc_zero(randle, rlm_rest_curl_context_t));
277
278 curl_ctx->headers = NULL; /* CURL needs this to be NULL */
279 curl_ctx->request.instance = inst;
280 curl_ctx->response.instance = inst;
281
282 randle->uctx = curl_ctx;
283 talloc_set_destructor(randle, _mod_conn_free);
284
285 return randle;
286}
287
288/** Copies a pre-expanded xlat string to the output buffer
289 *
290 * @param[out] out Char buffer to write encoded data to.
291 * @param[in] size Multiply by nmemb to get the length of ptr.
292 * @param[in] nmemb Multiply by size to get the length of ptr.
293 * @param[in] userdata rlm_rest_request_t to keep encoding state between calls.
294 * @return
295 * - Length of data (including NULL) written to ptr.
296 * - 0 if no more data to write.
297 */
298static size_t rest_encode_custom(void *out, size_t size, size_t nmemb, void *userdata)
299{
300 rlm_rest_request_t *ctx = userdata;
301 rest_custom_data_t *data = ctx->encoder;
302
303 size_t freespace = (size * nmemb) - 1;
304 size_t len;
305 size_t to_copy;
306
307 /*
308 * Special case for empty body
309 */
310 if (data->len == 0) return 0;
311
312 /*
313 * If len > 0 then we must have these set.
314 */
315 fr_assert(data->start);
316 fr_assert(data->p);
317
318 to_copy = data->len - (data->p - data->start);
319 len = to_copy > freespace ? freespace : to_copy;
320 if (len == 0) return 0;
321
322 memcpy(out, data->p, len);
323 data->p += len;
324
325 return len;
326}
327
328/** Encodes fr_pair_t linked list in POST format
329 *
330 * This is a stream function matching the rest_read_t prototype. Multiple
331 * successive calls will return additional encoded fr_pair_ts.
332 * Only complete attribute headers @verbatim '<name>=' @endverbatim and values
333 * will be written to the ptr buffer.
334 *
335 * POST request format is:
336 * @verbatim <attribute0>=<value0>&<attribute1>=<value1>&<attributeN>=<valueN>@endverbatim
337 *
338 * All attributes and values are url encoded. There is currently no support for
339 * nested attributes, or attribute qualifiers.
340 *
341 * Nested attributes may be added in the future using
342 * @verbatim <attribute-outer>:<attribute-inner>@endverbatim
343 * to denotate nesting.
344 *
345 * Requires libcurl for url encoding.
346 *
347 * @see rest_decode_post
348 *
349 * @param[out] out Char buffer to write encoded data to.
350 * @param[in] size Multiply by nmemb to get the length of ptr.
351 * @param[in] nmemb Multiply by size to get the length of ptr.
352 * @param[in] userdata rlm_rest_request_t to keep encoding state between calls.
353 * @return
354 * - Length of data (including NULL) written to ptr.
355 * - 0 if no more data to write.
356 */
357static size_t rest_encode_post(void *out, size_t size, size_t nmemb, void *userdata)
358{
359 rlm_rest_request_t *ctx = userdata;
360 request_t *request = ctx->request; /* Used by RDEBUG */
361 fr_pair_t *vp;
362
363 size_t len = 0;
364 ssize_t slen;
365 size_t freespace = (size * nmemb) - 1;
366
367 char *p = out; /* Position in buffer */
368 char *encoded = p; /* Position in buffer of last fully encoded attribute or value */
369 char *escaped; /* Pointer to current URL escaped data */
370
371 /* Allow manual chunking */
372 if ((ctx->chunk) && (ctx->chunk <= freespace)) freespace = (ctx->chunk - 1);
373
374 if (ctx->state == READ_STATE_END) return 0;
375
376 /* Post data requires no headers */
377 if (ctx->state == READ_STATE_INIT) ctx->state = READ_STATE_ATTR_BEGIN;
378
379 while (freespace > 0) {
380 vp = fr_dcursor_current(&ctx->cursor);
381 if (!vp) {
382 ctx->state = READ_STATE_END;
383
384 break;
385 }
386
387 RDEBUG2("Encoding attribute \"%s\"", vp->da->name);
388
389 if (ctx->state == READ_STATE_ATTR_BEGIN) {
390 escaped = curl_escape(vp->da->name, 0);
391 if (!escaped) {
392 REDEBUG("Failed escaping string \"%s\"", vp->da->name);
393 return 0;
394 }
395
396 len = strlen(escaped);
397 if (freespace < (1 + len)) {
398 curl_free(escaped);
399 /*
400 * Cleanup for error conditions
401 */
402 no_space:
403 *encoded = '\0';
404
405 len = encoded - (char *)out;
406
407 RDEBUG3("POST Data: %pV", fr_box_strvalue_len(out, len));
408
409 /*
410 * The buffer wasn't big enough to encode a single attribute chunk.
411 */
412 if (len == 0) {
413 REDEBUG("Failed encoding attribute");
414 } else {
415 RDEBUG3("Returning %zd bytes of POST data "
416 "(buffer full or chunk exceeded)", len);
417 }
418
419 return len;
420 }
421
422 len = snprintf(p, freespace, "%s=", escaped);
423 curl_free(escaped);
424 p += len;
425 freespace -= len;
426
427 /*
428 * We wrote the attribute header, record progress.
429 */
430 encoded = p;
431 ctx->state = READ_STATE_ATTR_CONT;
432 }
433
434 /*
435 * Write out single attribute string.
436 */
437 slen = fr_pair_print_value_quoted(&FR_SBUFF_OUT(p, freespace), vp, T_BARE_WORD);
438 if (slen < 0) return 0;
439
440 RINDENT();
441 RDEBUG3("Length : %zd", (size_t)slen);
442 REXDENT();
443 if (slen > 0) {
444 escaped = curl_escape(p, (size_t)slen);
445 if (!escaped) {
446 REDEBUG("Failed escaping string \"%s\"", vp->da->name);
447 return 0;
448 }
449 len = strlen(escaped);
450
451 if (freespace < len) {
452 curl_free(escaped);
453 goto no_space;
454 }
455
456 len = strlcpy(p, escaped, len + 1);
457
458 curl_free(escaped);
459
460 RINDENT();
461 RDEBUG3("Value : %s", p);
462 REXDENT();
463
464 p += len;
465 freespace -= len;
466 }
467
468 /*
469 * there are more attributes, insert a separator
470 */
471 if (fr_dcursor_next(&ctx->cursor)) {
472 if (freespace < 1) goto no_space;
473 *p++ = '&';
474 freespace--;
475 }
476
477 /*
478 * We wrote one full attribute value pair, record progress.
479 */
480 encoded = p;
481
482 ctx->state = READ_STATE_ATTR_BEGIN;
483 }
484
485 *p = '\0';
486
487 len = p - (char *)out;
488
489 RDEBUG3("POST Data: %s", (char *)out);
490 RDEBUG3("Returning %zd bytes of POST data", len);
491
492 return len;
493}
494
495#ifdef HAVE_JSON
496/** Encodes fr_pair_t linked list in JSON format
497 *
498 * This is a stream function matching the rest_read_t prototype. Multiple
499 * successive calls will return additional encoded fr_pair_ts.
500 *
501 * Only complete attribute headers
502 * @verbatim "<name>":{"type":"<type>","value":[' @endverbatim
503 * and complete attribute values will be written to ptr.
504 *
505 * If an attribute occurs multiple times in the request the attribute values
506 * will be concatenated into a single value array.
507 *
508 * JSON request format is:
509@verbatim
510{
511 "<attribute0>":{
512 "type":"<type0>",
513 "value":[<value0>,<value1>,<valueN>]
514 },
515 "<attribute1>":{
516 "type":"<type1>",
517 "value":[...]
518 },
519 "<attributeN>":{
520 "type":"<typeN>",
521 "value":[...]
522 },
523}
524@endverbatim
525 *
526 * @param[out] out Char buffer to write encoded data to.
527 * @param[in] size Multiply by nmemb to get the length of ptr.
528 * @param[in] nmemb Multiply by size to get the length of ptr.
529 * @param[in] userdata rlm_rest_request_t to keep encoding state between calls.
530 * @return
531 * - Length of data (including NULL) written to ptr.
532 * - 0 if no more data to write.
533 */
534static size_t rest_encode_json(void *out, size_t size, size_t nmemb, void *userdata)
535{
536 rlm_rest_request_t *ctx = userdata;
537 request_t *request = ctx->request;
538 rest_custom_data_t *data = ctx->encoder;
539
540 size_t freespace = (size * nmemb) - 1; /* account for the \0 byte here */
541 size_t len;
542 size_t to_copy;
543 const char *encoded;
544
545 fr_assert(freespace > 0);
546
547 if (ctx->state == READ_STATE_INIT) {
548 encoded = fr_json_afrom_pair_list(data, &request->request_pairs, NULL);
549 if (!encoded) return -1;
550
551 data->start = data->p = encoded;
552 data->len = strlen(encoded);
553
554 RDEBUG3("JSON Data: %s", encoded);
555 RDEBUG3("Returning %zd bytes of JSON data", data->len);
556
557 ctx->state = READ_STATE_ATTR_BEGIN;
558 }
559
560 to_copy = data->len - (data->p - data->start);
561 len = to_copy > freespace ? freespace : to_copy;
562
563 if (len == 0) return 0;
564
565 memcpy(out, data->p, len);
566 data->p += len;
567 return len;
568}
569#endif
570
571/** Emulates successive libcurl calls to an encoding function
572 *
573 * This function is used when the request will be sent to the HTTP server as one
574 * contiguous entity. A buffer of REST_BODY_ALLOC_CHUNK bytes is allocated and passed
575 * to the stream encoding function.
576 *
577 * If the stream function does not return 0, a new buffer is allocated which is
578 * the size of the previous buffer + REST_BODY_ALLOC_CHUNK bytes, the data from the
579 * previous buffer is copied, and freed, and another call is made to the stream
580 * function, passing a pointer into the new buffer at the end of the previously
581 * written data.
582 *
583 * This process continues until the stream function signals (by returning 0)
584 * that it has no more data to write.
585 *
586 * @param[out] out where the pointer to the alloced buffer should
587 * be written.
588 * @param[in] inst of rlm_rest.
589 * @param[in] func Stream function.
590 * @param[in] limit Maximum buffer size to alloc.
591 * @param[in] userdata rlm_rest_request_t to keep encoding state between calls to
592 * stream function.
593 * @return
594 * - Length of the data written to the buffer (excluding NULL).
595 * - -1 if alloc >= limit.
596 */
597static ssize_t rest_request_encode_wrapper(char **out, UNUSED rlm_rest_t const *inst,
598 rest_read_t func, size_t limit, void *userdata)
599{
600 char *buff = NULL;
601 size_t needed = REST_BODY_ALLOC_CHUNK; /* Size of buffer to alloc */
602 size_t used = 0; /* Size of data written */
603 size_t len = 0;
604
605 buff = talloc_array(NULL, char, needed);
606 for (;;) {
607 len = func(buff + used, needed - used, 1, userdata);
608 used += len;
609 if (!len) {
610 *out = buff;
611 return used;
612 }
613
614 needed *= 2;
615 if (needed > limit) break;
616
617 MEM(buff = talloc_realloc(NULL, buff, char, needed));
618 }
619
620 talloc_free(buff);
621
622 return -1;
623}
624
625/** (Re-)Initialises the data in a rlm_rest_request_t.
626 *
627 * Resets the values of a rlm_rest_request_t to their defaults.
628 *
629 * @param[in] section configuration data.
630 * @param[in] request Current request.
631 * @param[in] ctx to initialise.
632 */
633static void rest_request_init(rlm_rest_section_t const *section,
634 request_t *request, rlm_rest_request_t *ctx)
635{
636 /*
637 * Setup stream read data
638 */
639 ctx->section = section;
640 ctx->request = request;
641 ctx->state = READ_STATE_INIT;
642}
643
644/** Converts plain response into a single fr_pair_t
645 *
646 * @param[in] inst configuration data.
647 * @param[in] section configuration data.
648 * @param[in] randle fr_curl_io_request_t to use.
649 * @param[in] request Current request.
650 * @param[in] raw buffer containing POST data.
651 * @param[in] rawlen Length of data in raw buffer.
652 * @return
653 * - Number of fr_pair_t processed.
654 * - -1 on unrecoverable error.
655 */
656static int rest_decode_plain(UNUSED rlm_rest_t const *inst, UNUSED rlm_rest_section_t const *section,
657 request_t *request, UNUSED fr_curl_io_request_t *randle, char *raw, size_t rawlen)
658{
659 fr_pair_t *vp;
660
661 /*
662 * Empty response?
663 */
664 if (*raw == '\0') return 0;
665
666 /*
667 * Use rawlen to protect against overrun, and to cope with any binary data
668 */
669 MEM(pair_update_request(&vp, attr_rest_http_body) >= 0);
670 fr_pair_value_bstrndup(vp, raw, rawlen, true);
671
672 RDEBUG2("%pP", vp);
673
674 return 1;
675}
676
677/** Converts POST response into fr_pair_ts and adds them to the request
678 *
679 * Accepts fr_pair_tS in the same format as rest_encode_post, but with the
680 * addition of optional attribute list qualifiers as part of the attribute name
681 * string.
682 *
683 * If no qualifiers are specified, will default to the request list.
684 *
685 * POST response format is:
686 * @verbatim [outer.][<list>.]<attribute0>=<value0>&[outer.][<list>.]<attribute1>=<value1>&[outer.][<list>.]<attributeN>=<valueN> @endverbatim
687 *
688 * @see rest_encode_post
689 *
690 * @param[in] instance configuration data.
691 * @param[in] section configuration data.
692 * @param[in] randle fr_curl_io_request_t to use.
693 * @param[in] request Current request.
694 * @param[in] raw buffer containing POST data.
695 * @param[in] rawlen Length of data in raw buffer.
696 * @return
697 * - Number of fr_pair_ts processed.
698 * - -1 on unrecoverable error.
699 */
700static int rest_decode_post(UNUSED rlm_rest_t const *instance, UNUSED rlm_rest_section_t const *section,
701 request_t *request, fr_curl_io_request_t *randle, char *raw, size_t rawlen)
702{
703 CURL *candle = randle->candle;
704
705 char const *p = raw, *q;
706
707 int count = 0;
708 int ret;
709
710 /*
711 * Empty response?
712 */
713 fr_skip_whitespace(p);
714 if (*p == '\0') return 0;
715
716 while (((q = strchr(p, '=')) != NULL) && (count < REST_BODY_MAX_ATTRS)) {
717 tmpl_t *dst;
718 request_t *current;
719 fr_pair_list_t *vps;
720 TALLOC_CTX *ctx;
721 fr_dict_attr_t const *da;
722 fr_pair_t *vp;
723
724 char *name = NULL;
725 char *value = NULL;
726
727 char *expanded = NULL;
728
729 size_t len;
730 int curl_len; /* Length from last curl_easy_unescape call */
731
732 current = request;
733
734 name = curl_easy_unescape(candle, p, (q - p), &curl_len);
735 p = (q + 1);
736
737 /*
738 * Resolve attribute name to a dictionary entry and pairlist.
739 */
740 RDEBUG2("Parsing attribute \"%pV\"", fr_box_strvalue_len(name, curl_len));
741
742 if (tmpl_afrom_attr_str(request, NULL, &dst, name,
743 &(tmpl_rules_t){
744 .attr = {
745 .dict_def = request->local_dict,
746 .list_def = request_attr_reply
747 }
748 }) <= 0) {
749 RPWDEBUG("Failed parsing attribute (skipping)");
750 talloc_free(dst);
751 goto skip;
752 }
753
754 if (tmpl_request_ptr(&current, tmpl_request(dst)) < 0) {
755 RWDEBUG("Attribute name refers to outer request but not in a tunnel (skipping)");
756 talloc_free(dst);
757 goto skip;
758 }
759
760 vps = tmpl_list_head(current, tmpl_list(dst));
761 if (!vps) {
762 RWDEBUG("List not valid in this context (skipping)");
763 talloc_free(dst);
764 goto skip;
765 }
766 ctx = tmpl_list_ctx(current, tmpl_list(dst));
767 da = tmpl_attr_tail_da(dst);
768
769 fr_assert(vps);
770
771 RINDENT();
772 RDEBUG3("Type : %s", fr_type_to_str(da->type));
773
774 q = strchr(p, '&');
775 len = (!q) ? (rawlen - (p - raw)) : (unsigned)(q - p);
776
777 value = curl_easy_unescape(candle, p, len, &curl_len);
778
779 /*
780 * If we found a delimiter we want to skip over it,
781 * if we didn't we do *NOT* want to skip over the end
782 * of the buffer...
783 */
784 p += (!q) ? len : (len + 1);
785
786 RDEBUG3("Length : %i", curl_len);
787 RDEBUG3("Value : \"%s\"", value);
788 REXDENT();
789
790 talloc_free(dst); /* Free our temporary tmpl */
791
792 RDEBUG2("Performing xlat expansion of response value");
793
794 if (xlat_aeval(request, &expanded, request, value, NULL, NULL) < 0) goto skip;
795
796 fr_assert(expanded);
797
798 MEM(vp = fr_pair_afrom_da(ctx, da));
799 if (!vp) {
800 REDEBUG("Failed creating valuepair");
801 talloc_free(expanded);
802
803 curl_free(name);
804 curl_free(value);
805
806 return count;
807 }
808
809 ret = fr_pair_value_from_str(vp, expanded, strlen(value), NULL, true);
810 TALLOC_FREE(expanded);
811 if (ret < 0) {
812 RWDEBUG("Incompatible value assignment, skipping");
813 talloc_free(vp);
814 goto skip;
815 }
816
817 fr_pair_append(vps, vp);
818
819 count++;
820
821 skip:
822 curl_free(name);
823 curl_free(value);
824
825 continue;
826 }
827
828 if (!count) REDEBUG("Malformed POST data \"%s\"", raw);
829
830 return count;
831
832}
833
834#ifdef HAVE_JSON
835/** Converts JSON "value" key into fr_pair_t.
836 *
837 * If leaf is not in fact a leaf node, but contains JSON data, the data will
838 * written to the attribute in JSON string format.
839 *
840 * @param[in] instance configuration data.
841 * @param[in] section configuration data.
842 * @param[in] ctx to allocate new fr_pair_ts in.
843 * @param[in] request Current request.
844 * @param[in] da Attribute to create.
845 * @param[in] flags containing the operator other flags controlling value
846 * expansion.
847 * @param[in] leaf object containing the fr_pair_t value.
848 * @return
849 * - #fr_pair_t just created.
850 * - NULL on error.
851 */
852static fr_pair_t *json_pair_alloc_leaf(UNUSED rlm_rest_t const *instance, UNUSED rlm_rest_section_t const *section,
853 TALLOC_CTX *ctx, request_t *request,
854 fr_dict_attr_t const *da, json_flags_t *flags, json_object *leaf)
855{
856 char const *value;
857 char *expanded = NULL;
858 int ret;
859
860 fr_pair_t *vp;
861
862 fr_value_box_t src = FR_VALUE_BOX_INITIALISER_NULL(src);
863
864 if (json_object_is_type(leaf, json_type_null)) {
865 RDEBUG3("Got null value for attribute \"%s\" (skipping)", da->name);
866 return NULL;
867 }
868
869 MEM(vp = fr_pair_afrom_da(ctx, da));
870 if (!vp) {
871 RWDEBUG("Failed creating valuepair for attribute \"%s\" (skipping)", da->name);
872 return NULL;
873 }
874
875 fr_value_box_init_null(&src);
876
877 switch (json_object_get_type(leaf)) {
878 case json_type_int:
879 if (flags->do_xlat) RWDEBUG("Ignoring do_xlat on 'int', attribute \"%s\"", da->name);
880 fr_value_box(&src, (int32_t)json_object_get_int(leaf), true);
881 break;
882
883 case json_type_double:
884 if (flags->do_xlat) RWDEBUG("Ignoring do_xlat on 'double', attribute \"%s\"", da->name);
885 fr_value_box(&src, (double)json_object_get_double(leaf), true);
886 break;
887
888 case json_type_string:
889 value = json_object_get_string(leaf);
890 if (flags->do_xlat && memchr(value, '%', json_object_get_string_len(leaf))) {
891 if (xlat_aeval(request, &expanded, request, value, NULL, NULL) < 0) {
892 talloc_free(vp);
893 return NULL;
894 }
895 fr_value_box_bstrndup_shallow(&src, NULL, expanded,
896 talloc_strlen(expanded), true);
897 } else {
898 fr_value_box_bstrndup_shallow(&src, NULL, value,
899 json_object_get_string_len(leaf), true);
900 }
901 break;
902
903 default:
904 {
905 char const *str;
906 if (flags->do_xlat) RWDEBUG("Ignoring do_xlat on 'object', attribute \"%s\"", da->name);
907
908 /*
909 * Should encode any nested JSON structures into JSON strings.
910 *
911 * "I knew you liked JSON so I put JSON in your JSON!"
912 */
913 str = json_object_get_string(leaf);
914 if (!str) {
915 RWDEBUG("Failed getting string value for attribute \"%s\" (skipping)", da->name);
916 talloc_free(vp);
917 return NULL;
918 }
919 fr_value_box_strdup_shallow(&src, NULL, str, true);
920 }
921 }
922
923 ret = fr_value_box_cast(vp, &vp->data, da->type, da, &src);
924 talloc_free(expanded);
925 if (ret < 0) {
926 RWDEBUG("Failed parsing value for attribute \"%s\" (skipping)", da->name);
927 talloc_free(vp);
928 return NULL;
929 }
930
931 vp->op = flags->op;
932
933 return vp;
934}
935
936/** Processes JSON response and converts it into multiple fr_pair_ts
937 *
938 * Processes JSON attribute declarations in the format below. Will recurse when
939 * processing nested attributes. When processing nested attributes flags and
940 * operators from previous attributes are not inherited.
941 *
942 * JSON response format is:
943@verbatim
944{
945 "<attribute0>":{
946 "do_xlat":<bool>,
947 "is_json":<bool>,
948 "op":"<operator>",
949 "value":[<value0>,<value1>,<valueN>]
950 },
951 "<attribute1>":{
952 "value":{
953 "<nested-attribute0>":{
954 "op":"<operator>",
955 "value":<value0>
956 }
957 }
958 },
959 "<attribute2>":"<value0>",
960 "<attributeN>":[<value0>,<value1>,<valueN>]
961}
962@endverbatim
963 *
964 * JSON valuepair flags:
965 * - do_xlat (optional) Controls xlat expansion of values. Defaults to true.
966 * - is_json (optional) If true, any nested JSON data will be copied to the
967 * fr_pair_t in string form. Defaults to true.
968 * - op (optional) Controls how the attribute is inserted into
969 * the target list. Defaults to ':=' (T_OP_SET).
970 *
971 * If "op" is ':=' or '=', it will be automagically changed to '+=' for the
972 * second and subsequent values in multivalued attributes. This does not work
973 * between multiple attribute declarations.
974 *
975 * @see fr_tokens_table
976 *
977 * @param[in] instance configuration data.
978 * @param[in] section configuration data.
979 * @param[in] request Current request.
980 * @param[in] object containing root node, or parent node.
981 * @param[in] level Current nesting level.
982 * @param[in] max counter, decremented after each fr_pair_t is created,
983 * when 0 no more attributes will be processed.
984 * @return
985 * - Number of attributes created.
986 * - < 0 on error.
987 */
988static int json_pair_alloc(rlm_rest_t const *instance, rlm_rest_section_t const *section,
989 request_t *request, json_object *object, UNUSED int level, int max)
990{
991 int max_attrs = max;
992 tmpl_t *dst = NULL;
993
994 if (!json_object_is_type(object, json_type_object)) {
995#ifdef HAVE_JSON_TYPE_TO_NAME
996 REDEBUG("Can't process VP container, expected JSON object"
997 "got \"%s\" (skipping)",
998 json_type_to_name(json_object_get_type(object)));
999#else
1000 REDEBUG("Can't process VP container, expected JSON object"
1001 " (skipping)");
1002#endif
1003 return -1;
1004 }
1005
1006 /*
1007 * Process VP container
1008 */
1009 {
1010 json_object_object_foreach(object, name, value) {
1011 int i = 0, elements;
1012 struct json_object *element, *tmp;
1013 TALLOC_CTX *ctx;
1014
1015 json_flags_t flags = {
1016 .op = T_OP_SET,
1017 .do_xlat = 1,
1018 .is_json = 0
1019 };
1020
1021 request_t *current = request;
1022 fr_pair_list_t *vps;
1023 fr_pair_t *vp = NULL;
1024
1025 TALLOC_FREE(dst);
1026
1027 /*
1028 * Resolve attribute name to a dictionary entry and pairlist.
1029 */
1030 RDEBUG2("Parsing attribute \"%s\"", name);
1031
1032 if (tmpl_afrom_attr_str(request, NULL, &dst, name,
1033 &(tmpl_rules_t){
1034 .attr = {
1035 .dict_def = request->local_dict,
1036 .list_def = request_attr_reply
1037 }
1038 }) <= 0) {
1039 RPWDEBUG("Failed parsing attribute (skipping)");
1040 continue;
1041 }
1042
1043 if (tmpl_request_ptr(&current, tmpl_request(dst)) < 0) {
1044 RWDEBUG("Attribute name refers to outer request but not in a tunnel (skipping)");
1045 continue;
1046 }
1047
1048 vps = tmpl_list_head(current, tmpl_list(dst));
1049 if (!vps) {
1050 RWDEBUG("List not valid in this context (skipping)");
1051 continue;
1052 }
1053 ctx = tmpl_list_ctx(current, tmpl_list(dst));
1054
1055 /*
1056 * Alternative JSON structure which allows operator,
1057 * and other flags to be specified.
1058 *
1059 * "<name>":{
1060 * "do_xlat":<bool>,
1061 * "is_json":<bool>,
1062 * "op":"<op>",
1063 * "value":<value>
1064 * }
1065 *
1066 * Where value is a:
1067 * - [] Multivalued array
1068 * - {} Nested Valuepair
1069 * - * Integer or string value
1070 */
1071 if (json_object_is_type(value, json_type_object)) {
1072 /*
1073 * Process operator if present.
1074 */
1075 if (json_object_object_get_ex(value, "op", &tmp)) {
1076 flags.op = fr_table_value_by_str(fr_tokens_table, json_object_get_string(tmp), 0);
1077 if (!flags.op) {
1078 RWDEBUG("Invalid operator value \"%s\" (skipping)",
1079 json_object_get_string(tmp));
1080 continue;
1081 }
1082 }
1083
1084 /*
1085 * Process optional do_xlat bool.
1086 */
1087 if (json_object_object_get_ex(value, "do_xlat", &tmp)) {
1088 flags.do_xlat = json_object_get_boolean(tmp);
1089 }
1090
1091 /*
1092 * Process optional is_json bool.
1093 */
1094 if (json_object_object_get_ex(value, "is_json", &tmp)) {
1095 flags.is_json = json_object_get_boolean(tmp);
1096 }
1097
1098 /*
1099 * Value key must be present if were using the expanded syntax.
1100 */
1101 if (!json_object_object_get_ex(value, "value", &tmp)) {
1102 RWDEBUG("Value key missing (skipping)");
1103 continue;
1104 }
1105
1106 /*
1107 * The value field now becomes the key we're operating on
1108 */
1109 value = tmp;
1110 }
1111
1112 /*
1113 * Setup fr_pair_afrom_da / recursion loop.
1114 */
1115 if (!flags.is_json && json_object_is_type(value, json_type_array)) {
1116 elements = json_object_array_length(value);
1117 if (!elements) {
1118 RWDEBUG("Zero length value array (skipping)");
1119 continue;
1120 }
1121 element = json_object_array_get_idx(value, 0);
1122 } else {
1123 elements = 1;
1124 element = value;
1125 }
1126
1127 /*
1128 * A JSON 'value' key, may have multiple elements, iterate
1129 * over each of them, creating a new fr_pair_t.
1130 */
1131 do {
1132 fr_pair_list_t tmp_list;
1133
1134 if (max_attrs-- <= 0) {
1135 RWDEBUG("At maximum attribute limit");
1136 talloc_free(dst);
1137 return max;
1138 }
1139
1140 /*
1141 * Automagically switch the op for multivalued attributes.
1142 */
1143 if (((flags.op == T_OP_SET) || (flags.op == T_OP_EQ)) && (i >= 1)) {
1144 flags.op = T_OP_ADD_EQ;
1145 }
1146
1147 if (json_object_is_type(element, json_type_object) && !flags.is_json) {
1148 /* TODO: Insert nested VP into VP structure...*/
1149 RWDEBUG("Found nested VP, these are not yet supported (skipping)");
1150
1151 continue;
1152
1153 /*
1154 vp = json_pair_alloc(instance, section,
1155 request, value,
1156 level + 1, max_attrs);*/
1157 } else {
1158 vp = json_pair_alloc_leaf(instance, section, ctx, request,
1159 tmpl_attr_tail_da(dst), &flags, element);
1160 if (!vp) continue;
1161 }
1162 RINDENT();
1163 RDEBUG2("%s:%pP", tmpl_list_name(tmpl_list(dst), ""), vp);
1164 REXDENT();
1165
1166 fr_pair_list_init(&tmp_list);
1167 fr_pair_append(&tmp_list, vp);
1168 radius_pairmove(current, vps, &tmp_list);
1169 /*
1170 * If we call json_object_array_get_idx on something that's not an array
1171 * the behaviour appears to be to occasionally segfault.
1172 */
1173 } while ((++i < elements) && (element = json_object_array_get_idx(value, i)));
1174 }
1175 }
1176
1177 talloc_free(dst);
1178
1179 return max - max_attrs;
1180}
1181
1182/** Converts JSON response into fr_pair_ts and adds them to the request.
1183 *
1184 * Converts the raw JSON string into a json-c object tree and passes it to
1185 * json_pair_alloc. After the tree has been parsed json_object_put is called
1186 * which decrements the reference count of the root node by one, and frees
1187 * the entire tree.
1188 *
1189 * @see rest_encode_json
1190 * @see json_pair_alloc
1191 *
1192 * @param[in] instance configuration data.
1193 * @param[in] section configuration data.
1194 * @param[in,out] request Current request.
1195 * @param[in] randle REST handle.
1196 * @param[in] raw buffer containing JSON data.
1197 * @param[in] rawlen Length of data in raw buffer.
1198 * @return
1199 * - The number of #fr_pair_t processed.
1200 * - -1 on unrecoverable error.
1201 */
1202static int rest_decode_json(rlm_rest_t const *instance, rlm_rest_section_t const *section,
1203 request_t *request, UNUSED fr_curl_io_request_t *randle, char *raw, UNUSED size_t rawlen)
1204{
1205 char const *p = raw;
1206
1207 struct json_object *json;
1208
1209 int ret;
1210
1211 /*
1212 * Empty response?
1213 */
1214 fr_skip_whitespace(p);
1215 if (*p == '\0') return 0;
1216
1217 json = json_tokener_parse(p);
1218 if (!json) {
1219 REDEBUG("Malformed JSON data \"%s\"", raw);
1220 return -1;
1221 }
1222
1223 ret = json_pair_alloc(instance, section, request, json, 0, REST_BODY_MAX_ATTRS);
1224
1225 /*
1226 * Decrement reference count for root object, should free entire JSON tree.
1227 */
1228 json_object_put(json);
1229
1230 return ret;
1231}
1232#endif
1233
1234/** Processes incoming HTTP header data from libcurl.
1235 *
1236 * Processes the status line, and Content-Type headers from the incoming HTTP
1237 * response.
1238 *
1239 * Matches prototype for CURLOPT_HEADERFUNCTION, and will be called directly
1240 * by libcurl.
1241 *
1242 * @param[in] in Char buffer where inbound header data is written.
1243 * @param[in] size Multiply by nmemb to get the length of ptr.
1244 * @param[in] nmemb Multiply by size to get the length of ptr.
1245 * @param[in] userdata rlm_rest_response_t to keep parsing state between calls.
1246 * @return
1247 * - Length of data processed.
1248 * - 0 on error.
1249 */
1250static size_t rest_response_header(void *in, size_t size, size_t nmemb, void *userdata)
1251{
1252 rlm_rest_response_t *ctx = userdata;
1253 request_t *request = ctx->request; /* Used by RDEBUG */
1254
1255 char const *start = (char *)in, *p = start, *end = p + (size * nmemb);
1256 char *q;
1257 size_t len;
1258
1259 http_body_type_t type;
1260
1261#ifndef NDEBUG
1262 if (ctx->instance->fail_header_decode) {
1263 REDEBUG("Forcing header decode failure");
1264 return 0;
1265 }
1266#endif
1267
1268 /*
1269 * This seems to be curl's indication there are no more header lines.
1270 */
1271 if (((end - p) == 2) && ((p[0] == '\r') && (p[1] == '\n'))) {
1272 /*
1273 * If we got a 100 Continue, we need to send additional payload data.
1274 * reset the state to WRITE_STATE_INIT, so that when were called again
1275 * we overwrite previous header data with that from the proper header.
1276 */
1277 if (ctx->code == 100) {
1278 RDEBUG2("Continuing...");
1279 ctx->state = WRITE_STATE_INIT;
1280 }
1281
1282 return (end - start);
1283 }
1284
1285 switch (ctx->state) {
1286 case WRITE_STATE_INIT:
1287 RDEBUG2("Processing response header");
1288
1289 /*
1290 * HTTP/<version> <reason_code>[ <reason_phrase>]\r\n
1291 *
1292 * "HTTP/1.1 " (9) + "100" (3) + "\r\n" (2) = 14
1293 * "HTTP/2 " (7) + "100" (3) + "\r\n" (2) = 12
1294 */
1295 if ((end - p) < 12) {
1296 REDEBUG("Malformed HTTP header: Status line too short");
1297 malformed:
1298 REDEBUG("Received %zu bytes of invalid header data: %pV",
1299 (end - start), fr_box_strvalue_len(in, (end - start)));
1300 ctx->code = 0;
1301
1302 /*
1303 * Indicate we parsed the entire line, otherwise
1304 * bad things seem to happen internally with
1305 * libcurl when we try and use it with asynchronous
1306 * I/O handlers.
1307 */
1308 return (end - start);
1309 }
1310 /*
1311 * Check start of header matches...
1312 */
1313 if (strncasecmp("HTTP/", p, 5) != 0) {
1314 REDEBUG("Malformed HTTP header: Missing HTTP version");
1315 goto malformed;
1316 }
1317 p += 5;
1318
1319 /*
1320 * Skip the version field, next space should mark start of reason_code.
1321 */
1322 q = memchr(p, ' ', (end - p));
1323 if (!q) {
1324 REDEBUG("Malformed HTTP header: Missing reason code");
1325 goto malformed;
1326 }
1327
1328 p = q;
1329
1330 /*
1331 * Process reason_code.
1332 *
1333 * " 100" (4) + "\r\n" (2) = 6
1334 */
1335 if ((end - p) < 6) {
1336 REDEBUG("Malformed HTTP header: Reason code too short");
1337 goto malformed;
1338 }
1339 p++;
1340
1341 /*
1342 * "xxx( |\r)" status code and terminator.
1343 */
1344 if (!isdigit(p[0]) || !isdigit(p[1]) || !isdigit(p[2]) || !((p[3] == ' ') || (p[3] == '\r'))) {
1345 REDEBUG("Malformed HTTP header: Reason code malformed. "
1346 "Expected three digits then space or end of header, got \"%pV\"",
1347 fr_box_strvalue_len(p, 4));
1348 goto malformed;
1349 }
1350
1351 /*
1352 * Convert status code into an integer value
1353 */
1354 q = NULL;
1355 ctx->code = (int)strtoul(p, &q, 10);
1356 fr_assert(q == (p + 3)); /* We check this above */
1357 p = q;
1358
1359 /*
1360 * Process reason_phrase (if present).
1361 */
1362 RINDENT();
1363 if (*p == ' ') {
1364 p++;
1365 q = memchr(p, '\r', (end - p));
1366 if (!q) goto malformed;
1367 RDEBUG2("Status : %i (%pV)", ctx->code, fr_box_strvalue_len(p, q - p));
1368 } else {
1369 RDEBUG2("Status : %i", ctx->code);
1370 }
1371 REXDENT();
1372
1373 ctx->state = WRITE_STATE_PARSE_HEADERS;
1374
1375 break;
1376
1377 case WRITE_STATE_PARSE_HEADERS:
1378 if (((end - p) >= 14) &&
1379 (strncasecmp("Content-Type: ", p, 14) == 0)) {
1380 p += 14;
1381
1382 /*
1383 * Check to see if there's a parameter separator.
1384 */
1385 q = memchr(p, ';', (end - p));
1386
1387 /*
1388 * If there's not, find the end of this header.
1389 */
1390 if (!q) q = memchr(p, '\r', (end - p));
1391
1392 len = (size_t)(!q ? (end - p) : (q - p));
1393 type = fr_table_value_by_substr(http_content_type_table, p, len, REST_HTTP_BODY_UNKNOWN);
1394
1395 RINDENT();
1396 RDEBUG2("Type : %s (%pV)", fr_table_str_by_value(http_body_type_table, type, "<INVALID>"),
1397 fr_box_strvalue_len(p, len));
1398 REXDENT();
1399
1400 /*
1401 * Assume the force_to value has already been validated.
1402 */
1403 if (ctx->force_to != REST_HTTP_BODY_UNKNOWN) {
1404 if (ctx->force_to != ctx->type) {
1405 RDEBUG3("Forcing body type to \"%s\"",
1406 fr_table_str_by_value(http_body_type_table, ctx->force_to, "<INVALID>"));
1407 ctx->type = ctx->force_to;
1408 }
1409 /*
1410 * Figure out if the type is supported by one of the decoders.
1411 */
1412 } else {
1413 /*
1414 * No need to check supported types if we accept everything.
1415 */
1416 if (ctx->section->response.accept_all) {
1417 ctx->type = type;
1418 break;
1419 }
1420
1421 ctx->type = http_body_type_supported[type];
1422
1423 switch (ctx->type) {
1424 case REST_HTTP_BODY_UNKNOWN:
1425 RWDEBUG("Couldn't determine type, using the request's type \"%s\".",
1426 fr_table_str_by_value(http_body_type_table, type, "<INVALID>"));
1427 break;
1428
1429 case REST_HTTP_BODY_UNSUPPORTED:
1430 REDEBUG("Type \"%s\" is currently unsupported",
1431 fr_table_str_by_value(http_body_type_table, type, "<INVALID>"));
1432 break;
1433
1434 case REST_HTTP_BODY_UNAVAILABLE:
1435 REDEBUG("Type \"%s\" is unavailable, please rebuild this module with the required "
1436 "library", fr_table_str_by_value(http_body_type_table, type, "<INVALID>"));
1437 break;
1438
1439 case REST_HTTP_BODY_INVALID:
1440 REDEBUG("Type \"%s\" is not a valid web API data markup format",
1441 fr_table_str_by_value(http_body_type_table, type, "<INVALID>"));
1442 break;
1443
1444 /* supported type */
1445 default:
1446 break;
1447 }
1448 }
1449 }
1450 break;
1451
1452 default:
1453 break;
1454 }
1455
1456 return (end - start);
1457}
1458
1459/** Processes incoming HTTP body data from libcurl.
1460 *
1461 * Writes incoming body data to an intermediary buffer for later parsing by
1462 * one of the decode functions.
1463 *
1464 * @param[in] in Char buffer where inbound header data is written
1465 * @param[in] size Multiply by nmemb to get the length of ptr.
1466 * @param[in] nmemb Multiply by size to get the length of ptr.
1467 * @param[in] userdata rlm_rest_response_t to keep parsing state between calls.
1468 * @return
1469 * - Length of data processed.
1470 * - 0 on error.
1471 */
1472static size_t rest_response_body(void *in, size_t size, size_t nmemb, void *userdata)
1473{
1474 rlm_rest_response_t *ctx = userdata;
1475 request_t *request = ctx->request; /* Used by RDEBUG */
1476
1477 char const *start = in, *p = start, *end = p + (size * nmemb);
1478 char *q;
1479
1480 size_t needed;
1481
1482 if (start == end) return 0; /* Nothing to process */
1483
1484#ifndef NDEBUG
1485 if (ctx->instance->fail_body_decode) {
1486 REDEBUG("Forcing body read failure");
1487 return 0;
1488 }
1489#endif
1490
1491 /*
1492 * Any post processing of headers should go here...
1493 */
1494 if (ctx->state == WRITE_STATE_PARSE_HEADERS) ctx->state = WRITE_STATE_PARSE_CONTENT;
1495
1496 switch (ctx->type) {
1497 case REST_HTTP_BODY_UNSUPPORTED:
1498 case REST_HTTP_BODY_UNAVAILABLE:
1499 case REST_HTTP_BODY_INVALID:
1500 if (ctx->section->response.accept_all) goto accept_body;
1501
1502 while ((q = memchr(p, '\n', (end - p)))) {
1503 REDEBUG("%pV", fr_box_strvalue_len(p, q - p));
1504 p = q + 1;
1505 }
1506
1507 if (p != end) REDEBUG("%pV", fr_box_strvalue_len(p, end - p));
1508 break;
1509
1510 case REST_HTTP_BODY_NONE:
1511 while ((q = memchr(p, '\n', (end - p)))) {
1512 RDEBUG3("%pV", fr_box_strvalue_len(p, q - p));
1513 p = q + 1;
1514 }
1515
1516 if (p != end) RDEBUG3("%pV", fr_box_strvalue_len(p, end - p));
1517 break;
1518
1519 default:
1520 {
1521 char *out_p;
1522 accept_body:
1523 if ((ctx->section->response.max_body_in > 0) && ((ctx->used + (end - p)) > ctx->section->response.max_body_in)) {
1524 REDEBUG("Incoming data (%zu bytes) exceeds max_body_in (%zu bytes). "
1525 "Forcing body to type 'invalid'", ctx->used + (end - p), ctx->section->response.max_body_in);
1526 ctx->type = REST_HTTP_BODY_INVALID;
1527 TALLOC_FREE(ctx->buffer);
1528 break;
1529 }
1530
1531 needed = ROUND_UP(ctx->used + (end - p), REST_BODY_ALLOC_CHUNK);
1532 if (needed > ctx->alloc) {
1533 MEM(ctx->buffer = talloc_bstr_realloc(NULL, ctx->buffer, needed));
1534 ctx->alloc = needed;
1535 }
1536
1537 out_p = ctx->buffer + ctx->used;
1538 memcpy(out_p, p, (end - p));
1539 out_p += (end - p);
1540 *out_p = '\0';
1541 ctx->used += (end - p);
1542 }
1543 break;
1544 }
1545
1546 return (end - start);
1547}
1548
1549/** Print out the response text as error lines
1550 *
1551 * @param request The Current request.
1552 * @param handle fr_curl_io_request_t used to execute the previous request.
1553 */
1554void rest_response_error(request_t *request, fr_curl_io_request_t *handle)
1555{
1556 char const *p, *end;
1557 char *q;
1558 size_t len;
1559
1560 len = rest_get_handle_data(&p, handle);
1561 if (len == 0) return;
1562
1563 end = p + len;
1564
1565 RERROR("Server returned:");
1566 while ((q = memchr(p, '\n', (end - p)))) {
1567 RERROR("%pV", fr_box_strvalue_len(p, q - p));
1568 p = q + 1;
1569 }
1570
1571 if (p != end) RERROR("%pV", fr_box_strvalue_len(p, end - p));
1572}
1573
1574/** Print out the response text
1575 *
1576 * @param request The Current request.
1577 * @param handle fr_curl_io_request_t used to execute the previous request.
1578 */
1579void rest_response_debug(request_t *request, fr_curl_io_request_t *handle)
1580{
1581 char const *p, *end;
1582 char *q;
1583 size_t len;
1584
1585 len = rest_get_handle_data(&p, handle);
1586 if (len == 0) return;
1587
1588 end = p + len;
1589
1590 RDEBUG3("Server returned:");
1591 while ((q = memchr(p, '\n', (end - p)))) {
1592 RDEBUG3("%pV", fr_box_strvalue_len(p, q - p));
1593 p = q + 1;
1594 }
1595
1596 if (p != end) RDEBUG3("%pV", fr_box_strvalue_len(p, end - p));
1597}
1598
1599/** (Re-)Initialises the data in a rlm_rest_response_t.
1600 *
1601 * This resets the values of the a rlm_rest_response_t to their defaults.
1602 * Must be called between encoding sessions.
1603 *
1604 * @see rest_response_body
1605 * @see rest_response_header
1606 *
1607 * @param[in] section that created the request.
1608 * @param[in] request Current request.
1609 * @param[in] ctx data to initialise.
1610 * @param[in] type Default http_body_type to use when decoding raw data, may be
1611 * overwritten by rest_response_header.
1612 * @param[in] header Where to write out headers, may be NULL.
1613 */
1614static void rest_response_init(rlm_rest_section_t const *section,
1615 request_t *request, rlm_rest_response_t *ctx, http_body_type_t type, tmpl_t *header)
1616{
1617 ctx->section = section;
1618 ctx->request = request;
1619 ctx->type = type;
1620 ctx->state = WRITE_STATE_INIT;
1621 ctx->alloc = 0;
1622 ctx->used = 0;
1623 ctx->code = 0;
1624 ctx->header = header;
1625 TALLOC_FREE(ctx->buffer);
1626}
1627
1628/** Extracts pointer to buffer containing response data
1629 *
1630 * @param[out] out Where to write the pointer to the buffer.
1631 * @param[in] randle used for the last request.
1632 * @return
1633 * - 0 if no data i available.
1634 * - > 0 if data is available.
1635 */
1636size_t rest_get_handle_data(char const **out, fr_curl_io_request_t *randle)
1637{
1638 rlm_rest_curl_context_t *ctx = talloc_get_type_abort(randle->uctx, rlm_rest_curl_context_t);
1639
1640 if (!ctx->response.buffer) return 0;
1641
1642 *out = ctx->response.buffer;
1643 return ctx->response.used;
1644}
1645
1646/** Return the body type of a HTTP response
1647 *
1648 * @param[in] randle used for the last request.
1649 * @return
1650 * - http_body_type_t
1651 */
1652http_body_type_t rest_response_body_type_get(fr_curl_io_request_t *randle)
1653{
1654 rlm_rest_curl_context_t *ctx = talloc_get_type_abort(randle->uctx, rlm_rest_curl_context_t);
1655
1656 return ctx->response.type;
1657}
1658
1659/** Configures body specific curlopts.
1660 *
1661 * Configures libcurl handle to use either chunked mode, where the request
1662 * data will be sent using multiple HTTP requests, or contiguous mode where
1663 * the request data will be sent in a single HTTP request.
1664 *
1665 * @param[in] mctx Call data.
1666 * @param[in] section configuration data.
1667 * @param[in] request Current request.
1668 * @param[in] randle fr_curl_io_request_t to configure.
1669 * @param[in] func to pass to libcurl for chunked.
1670 * transfers (NULL if not using chunked mode).
1671 * @return
1672 * - 0 on success.
1673 * - -1 on failure.
1674 */
1675static int rest_request_config_body(module_ctx_t const *mctx, rlm_rest_section_t const *section,
1676 request_t *request, fr_curl_io_request_t *randle, rest_read_t func)
1677{
1678 rlm_rest_t const *inst = talloc_get_type_abort(mctx->mi->data, rlm_rest_t);
1679 rlm_rest_curl_context_t *uctx = talloc_get_type_abort(randle->uctx, rlm_rest_curl_context_t);
1680 ssize_t len;
1681
1682 /*
1683 * We were provided with no read function, assume this means
1684 * no body should be sent.
1685 */
1686 if (!func) {
1687 FR_CURL_REQUEST_SET_OPTION(CURLOPT_POSTFIELDSIZE, 0);
1688 return 0;
1689 }
1690
1691 /*
1692 * Chunked transfer encoding means the body will be sent in
1693 * multiple parts.
1694 */
1695 if (section->request.chunk > 0) {
1696 FR_CURL_REQUEST_SET_OPTION(CURLOPT_READDATA, &uctx->request);
1697 FR_CURL_REQUEST_SET_OPTION(CURLOPT_READFUNCTION, func);
1698
1699 return 0;
1700 }
1701
1702 /*
1703 * If were not doing chunked encoding then we read the entire
1704 * body into a buffer, and send it in one go.
1705 */
1706 len = rest_request_encode_wrapper(&uctx->body, inst, func, REST_BODY_MAX_LEN, &uctx->request);
1707 if (len <= 0) {
1708 REDEBUG("Failed creating HTTP body content");
1709 return -1;
1710 }
1711 RDEBUG2("Content-Length will be %zu bytes", len);
1712
1713 fr_assert((len == 0) || (talloc_array_length(uctx->body) >= (size_t)len));
1714 FR_CURL_REQUEST_SET_OPTION(CURLOPT_POSTFIELDS, uctx->body);
1715 FR_CURL_REQUEST_SET_OPTION(CURLOPT_POSTFIELDSIZE, len);
1716
1717 return 0;
1718
1719error:
1720 return -1;
1721}
1722
1723/** Adds an additional header to a handle to use in the next reques
1724 *
1725 * @param[in] request Current request.
1726 * @param[in] randle used for the next request.
1727 * @param[in] header to add.
1728 * @param[in] validate whether to perform basic checks on the header
1729 * @return
1730 * - 0 on success.
1731 * - -1 on failure.
1732 */
1733int rest_request_config_add_header(request_t *request, fr_curl_io_request_t *randle, char const *header, bool validate)
1734{
1735 rlm_rest_curl_context_t *ctx = talloc_get_type_abort(randle->uctx, rlm_rest_curl_context_t);
1736 struct curl_slist *headers;
1737
1738 if (validate && !strchr(header, ':')) {
1739 RWDEBUG("Invalid HTTP header \"%s\" must be in format '<attribute>: <value>'. Skipping...",
1740 header);
1741 return -1;
1742 }
1743
1744 RINDENT();
1745 RDEBUG3("%s", header);
1746 REXDENT();
1747
1748 headers = curl_slist_append(ctx->headers, header);
1749 if (unlikely(!headers)) {
1750 REDEBUG("Failed to add header \"%s\"", header);
1751 return -1;
1752 }
1753 ctx->headers = headers;
1754
1755 return 0;
1756}
1757
1758/** See if the list of headers already contains a header
1759 *
1760 * @note Only compares the header name, not the value.
1761 *
1762 * @param[in] randle to check headers for.
1763 * @param[in] header to find.
1764 * @return
1765 * - true if yes
1766 * - false if no
1767 */
1768static bool rest_request_contains_header(fr_curl_io_request_t *randle, char const *header)
1769{
1770 rlm_rest_curl_context_t *ctx = talloc_get_type_abort(randle->uctx, rlm_rest_curl_context_t);
1771 struct curl_slist *headers = ctx->headers;
1772 char const *sep;
1773 size_t cmp_len;
1774
1775 sep = strchr(header, ':');
1776 cmp_len = sep ? (size_t)(sep - header) : strlen(header);
1777
1778 while (headers) {
1779 if (strncasecmp(headers->data, header, cmp_len) == 0) return true;
1780 headers = headers->next;
1781 }
1782
1783 return false;
1784}
1785
1786/** Configures request curlopts.
1787 *
1788 * Configures libcurl handle setting various curlopts for things like local
1789 * client time, Content-Type, and other FreeRADIUS custom headers.
1790 *
1791 * Current FreeRADIUS custom headers are:
1792 * - X-FreeRADIUS-Section The module section being processed.
1793 * - X-FreeRADIUS-Server The current virtual server the request_t is
1794 * passing through.
1795 *
1796 * Sets up callbacks for all response processing (buffers and body data).
1797 *
1798 * @param[in] mctx call data.
1799 * @param[in] section configuration data.
1800 * @param[in] randle to configure.
1801 * @param[in] request Current request.
1802 * @param[in] method to use (HTTP verbs PUT, POST, DELETE etc...).
1803 * @param[in] type Content-Type for request encoding, also sets
1804 * the default for decoding.
1805 * @param[in] uri buffer containing the expanded URI to send the request to.
1806 * @param[in] body_data (optional) custom body data. Must persist whilst we're
1807 * writing data out to the socket. Must be a talloced buffer
1808 * which is \0 terminated.
1809 * @return
1810 * - 0 on success (all opts configured).
1811 * - -1 on failure.
1812 */
1813int rest_request_config(module_ctx_t const *mctx, rlm_rest_section_t const *section,
1814 request_t *request, fr_curl_io_request_t *randle, http_method_t method,
1815 http_body_type_t type,
1816 char const *uri, char const *body_data)
1817{
1818 rlm_rest_t const *inst = talloc_get_type_abort(mctx->mi->data, rlm_rest_t);
1819 rlm_rest_call_env_t *call_env = talloc_get_type_abort(mctx->env_data, rlm_rest_call_env_t);
1820 rlm_rest_curl_context_t *ctx = talloc_get_type_abort(randle->uctx, rlm_rest_curl_context_t);
1821 CURL *candle = randle->candle;
1822 fr_time_delta_t timeout;
1823
1824 http_auth_type_t auth = section->request.auth;
1825
1826 CURLcode ret = CURLE_OK;
1827 char const *option;
1828
1829 char buffer[512];
1830
1831 fr_assert(candle);
1832
1833 buffer[(sizeof(buffer) - 1)] = '\0';
1834
1835 /*
1836 * Control which HTTP version we're going to use
1837 */
1838 if (inst->http_negotiation != CURL_HTTP_VERSION_NONE) FR_CURL_REQUEST_SET_OPTION(CURLOPT_HTTP_VERSION, inst->http_negotiation);
1839
1840 /*
1841 * Setup any header options and generic headers.
1842 */
1843 FR_CURL_REQUEST_SET_OPTION(CURLOPT_URL, uri);
1844#if CURL_AT_LEAST_VERSION(7,85,0)
1845 FR_CURL_REQUEST_SET_OPTION(CURLOPT_PROTOCOLS_STR, "http,https");
1846#else
1847 FR_CURL_REQUEST_SET_OPTION(CURLOPT_PROTOCOLS, CURLPROTO_HTTP | CURLPROTO_HTTPS);
1848#endif
1849 if (section->request.proxy) {
1850 if (section->request.proxy == rest_no_proxy) {
1851 FR_CURL_REQUEST_SET_OPTION(CURLOPT_NOPROXY, "*");
1852 } else {
1853 FR_CURL_REQUEST_SET_OPTION(CURLOPT_PROXY, section->request.proxy);
1854 }
1855 }
1856 FR_CURL_REQUEST_SET_OPTION(CURLOPT_NOSIGNAL, 1L);
1857 FR_CURL_REQUEST_SET_OPTION(CURLOPT_USERAGENT, "FreeRADIUS " RADIUSD_VERSION_STRING);
1858
1859 timeout = inst->conn_config.connect_timeout;
1860 RDEBUG3("Connect timeout is %pVs, request timeout is %pVs",
1861 fr_box_time_delta(timeout), fr_box_time_delta(section->timeout));
1862 FR_CURL_REQUEST_SET_OPTION(CURLOPT_CONNECTTIMEOUT_MS, fr_time_delta_to_msec(timeout));
1863 FR_CURL_REQUEST_SET_OPTION(CURLOPT_TIMEOUT_MS, fr_time_delta_to_msec(section->timeout));
1864
1865 /*
1866 * FreeRADIUS custom headers
1867 */
1868 RDEBUG3("Adding custom headers:");
1869 snprintf(buffer, sizeof(buffer), "X-FreeRADIUS-Section: %s", section->name);
1870 if (unlikely(rest_request_config_add_header(request, randle, buffer, false) < 0)) return -1;
1871
1872 snprintf(buffer, sizeof(buffer), "X-FreeRADIUS-Server: %s", cf_section_name2(unlang_call_current(request)));
1873 if (unlikely(rest_request_config_add_header(request, randle, buffer, false) < 0)) return -1;
1874
1875 /*
1876 * Add in the section headers
1877 */
1878 if (call_env->request.header) {
1879 size_t len = talloc_array_length(call_env->request.header), i;
1880 for (i = 0; i < len; i++) {
1881 fr_value_box_list_foreach(&call_env->request.header[i], header) {
1882 if (unlikely(rest_request_config_add_header(request, randle, header->vb_strvalue, true) < 0)) return -1;
1883 }
1884 }
1885 }
1886
1887 /*
1888 * Add in dynamic headers from the request
1889 */
1890 {
1891 fr_pair_t *header;
1892 fr_dcursor_t header_cursor;
1893
1894 for (header = fr_pair_dcursor_by_da_init(&header_cursor, &request->control_pairs, attr_rest_http_header);
1895 header;
1896 header = fr_dcursor_current(&header_cursor)) {
1897 header = fr_dcursor_remove(&header_cursor);
1898 if (unlikely(rest_request_config_add_header(request, randle, header->vp_strvalue, true) < 0)) return -1;
1899
1900 talloc_free(header);
1901 }
1902 }
1903
1904 if (!rest_request_contains_header(randle, "Content-Type:")) {
1905 /*
1906 * HTTP/1.1 doesn't require a content type so only set it
1907 * if where body type requires it, and we haven't set one
1908 * already from attributes.
1909 */
1910 if (type != REST_HTTP_BODY_NONE) {
1911 char const *content_type = fr_table_str_by_value(http_content_type_table, type, section->request.body_str);
1912 snprintf(buffer, sizeof(buffer), "Content-Type: %s", content_type);
1913 if (unlikely(rest_request_config_add_header(request, randle, buffer, false) < 0)) return -1;
1914
1915 RDEBUG3("Request body content-type will be \"%s\"", content_type);
1916 }
1917 }
1918
1919 /*
1920 * Configure HTTP verb (GET, POST, PUT, PATCH, DELETE, other...)
1921 */
1922 switch (method) {
1923 case REST_HTTP_METHOD_GET:
1924 FR_CURL_REQUEST_SET_OPTION(CURLOPT_HTTPGET, 1L);
1925 break;
1926
1927 case REST_HTTP_METHOD_POST:
1928 FR_CURL_REQUEST_SET_OPTION(CURLOPT_POST, 1L);
1929 break;
1930
1931 case REST_HTTP_METHOD_PUT:
1932 /*
1933 * Do not set CURLOPT_PUT, this will cause libcurl
1934 * to ignore CURLOPT_POSTFIELDs and attempt to read
1935 * whatever was set with CURLOPT_READDATA, which by
1936 * default is stdin.
1937 *
1938 * This is many cases will cause the server to block,
1939 * indefinitely.
1940 */
1941 FR_CURL_REQUEST_SET_OPTION(CURLOPT_CUSTOMREQUEST, "PUT");
1942 break;
1943
1944 case REST_HTTP_METHOD_PATCH:
1945 FR_CURL_REQUEST_SET_OPTION(CURLOPT_CUSTOMREQUEST, "PATCH");
1946 break;
1947
1948 case REST_HTTP_METHOD_DELETE:
1949 FR_CURL_REQUEST_SET_OPTION(CURLOPT_CUSTOMREQUEST, "DELETE");
1950 break;
1951
1952 case REST_HTTP_METHOD_CUSTOM:
1953 FR_CURL_REQUEST_SET_OPTION(CURLOPT_CUSTOMREQUEST, section->request.method_str);
1954 break;
1955
1956 default:
1957 fr_assert(0);
1958 break;
1959 }
1960
1961 /*
1962 * Set user based authentication parameters
1963 */
1964 if (auth > REST_HTTP_AUTH_NONE) {
1965
1966#define SET_AUTH_OPTION(_x, _y)\
1967do {\
1968 if ((ret = curl_easy_setopt(candle, _x, _y)) != CURLE_OK) {\
1969 option = STRINGIFY(_x);\
1970 REDEBUG("Failed setting curl option %s: %s (%i)", option, curl_easy_strerror(ret), ret); \
1971 goto error;\
1972 }\
1973} while (0)
1974 RDEBUG3("Configuring HTTP auth type %s, user \"%pV\", password \"%pV\"",
1975 fr_table_str_by_value(http_auth_table, auth, "<INVALID>"),
1976 call_env->request.username ? call_env->request.username : fr_box_strvalue("(none)"),
1977 call_env->request.password ? call_env->request.password : fr_box_strvalue("(none)"));
1978
1979 /*
1980 * FIXME - We probably want to escape \0s here...
1981 */
1982 if ((auth >= REST_HTTP_AUTH_BASIC) && (auth <= REST_HTTP_AUTH_ANY_SAFE)) {
1983 SET_AUTH_OPTION(CURLOPT_HTTPAUTH, http_curl_auth[auth]);
1984 if (call_env->request.username) SET_AUTH_OPTION(CURLOPT_USERNAME, call_env->request.username->vb_strvalue);
1985 if (call_env->request.password) SET_AUTH_OPTION(CURLOPT_PASSWORD, call_env->request.password->vb_strvalue);
1986 } else if (auth == REST_HTTP_AUTH_TLS_SRP) {
1987 SET_AUTH_OPTION(CURLOPT_TLSAUTH_TYPE, "SRP");
1988 if (call_env->request.username) SET_AUTH_OPTION(CURLOPT_TLSAUTH_USERNAME, call_env->request.username->vb_strvalue);
1989 if (call_env->request.password) SET_AUTH_OPTION(CURLOPT_TLSAUTH_PASSWORD, call_env->request.password->vb_strvalue);
1990 }
1991 }
1992
1993 /*
1994 * Set SSL/TLS authentication parameters
1995 */
1996 fr_curl_easy_tls_init(randle, &section->tls);
1997
1998 /*
1999 * Tell CURL how to get HTTP body content, and how to process incoming data.
2000 */
2001 rest_response_init(section, request, &ctx->response, type, call_env->response.header);
2002
2003 FR_CURL_REQUEST_SET_OPTION(CURLOPT_HEADERFUNCTION, rest_response_header);
2004 FR_CURL_REQUEST_SET_OPTION(CURLOPT_HEADERDATA, &ctx->response);
2005 FR_CURL_REQUEST_SET_OPTION(CURLOPT_WRITEFUNCTION, rest_response_body);
2006 FR_CURL_REQUEST_SET_OPTION(CURLOPT_WRITEDATA, &ctx->response);
2007
2008 /*
2009 * Force parsing the body text as a particular encoding.
2010 */
2011 ctx->response.force_to = section->response.force_to;
2012
2013 switch (method) {
2014 case REST_HTTP_METHOD_GET:
2015 case REST_HTTP_METHOD_DELETE:
2016 RDEBUG3("Using a HTTP method which does not require a body. Forcing request body type to \"none\"");
2017 goto finish;
2018
2019 case REST_HTTP_METHOD_POST:
2020 case REST_HTTP_METHOD_PUT:
2021 case REST_HTTP_METHOD_PATCH:
2022 case REST_HTTP_METHOD_CUSTOM:
2023 if (section->request.chunk > 0) {
2024 ctx->request.chunk = section->request.chunk;
2025
2026 if (unlikely(rest_request_config_add_header(request, randle, "Transfer-Encoding: chunked", false) < 0)) return -1;
2027 }
2028
2029 break;
2030
2031 default:
2032 fr_assert(0);
2033 }
2034
2035 /*
2036 * Setup encoder specific options
2037 */
2038 switch (type) {
2039 case REST_HTTP_BODY_NONE:
2040 if (rest_request_config_body(mctx, section, request, randle, NULL) < 0) return -1;
2041
2042 break;
2043
2044 case REST_HTTP_BODY_CUSTOM:
2045 {
2046 rest_custom_data_t *data;
2047
2048 data = talloc_zero(request, rest_custom_data_t);
2049 data->p = data->start = body_data;
2050 data->len = talloc_strlen(body_data);
2051
2052 /* Use the encoder specific pointer to store the data we need to encode */
2053 ctx->request.encoder = data;
2054 if (rest_request_config_body(mctx, section, request, randle, rest_encode_custom) < 0) {
2055 TALLOC_FREE(ctx->request.encoder);
2056 return -1;
2057 }
2058 }
2059 break;
2060
2061#ifdef HAVE_JSON
2062 case REST_HTTP_BODY_JSON:
2063 {
2064 rest_custom_data_t *data;
2065
2066 data = talloc_zero(request, rest_custom_data_t);
2067 ctx->request.encoder = data;
2068
2069 rest_request_init(section, request, &ctx->request);
2070
2071 if (rest_request_config_body(mctx, section, request, randle, rest_encode_json) < 0) return -1;
2072 }
2073
2074 break;
2075#endif
2076
2077 case REST_HTTP_BODY_POST:
2078 rest_request_init(section, request, &ctx->request);
2079 fr_pair_dcursor_init(&(ctx->request.cursor), &request->request_pairs);
2080
2081 if (rest_request_config_body(mctx, section, request, randle, rest_encode_post) < 0) return -1;
2082
2083 break;
2084
2085 default:
2086 fr_assert(0);
2087 }
2088
2089
2090finish:
2091 FR_CURL_REQUEST_SET_OPTION(CURLOPT_HTTPHEADER, ctx->headers);
2092
2093 return 0;
2094
2095error:
2096 return -1;
2097}
2098
2099/** Sends the response to the correct decode function.
2100 *
2101 * Uses the Content-Type information written in rest_response_header to
2102 * determine the correct decode function to use. The decode function will
2103 * then convert the raw received data into fr_pair_ts.
2104 *
2105 * @param[in] instance configuration data.
2106 * @param[in] section configuration data.
2107 * @param[in] request Current request.
2108 * @param[in] randle to use.
2109 * @return
2110 * - 0 on success.
2111 * - -1 on failure.
2112 */
2113int rest_response_decode(rlm_rest_t const *instance, rlm_rest_section_t const *section,
2114 request_t *request, fr_curl_io_request_t *randle)
2115{
2116 rlm_rest_curl_context_t *ctx = talloc_get_type_abort(randle->uctx, rlm_rest_curl_context_t);
2117
2118 int ret = -1; /* -Wsometimes-uninitialized */
2119
2120 if (!ctx->response.buffer) {
2121 RDEBUG2("Skipping attribute processing, no valid body data received");
2122 return 0;
2123 }
2124
2125 switch (ctx->response.type) {
2126 case REST_HTTP_BODY_NONE:
2127 return 0;
2128
2129 case REST_HTTP_BODY_PLAIN:
2130 ret = rest_decode_plain(instance, section, request, randle, ctx->response.buffer, ctx->response.used);
2131 break;
2132
2133 case REST_HTTP_BODY_POST:
2134 ret = rest_decode_post(instance, section, request, randle, ctx->response.buffer, ctx->response.used);
2135 break;
2136
2137#ifdef HAVE_JSON
2138 case REST_HTTP_BODY_JSON:
2139 ret = rest_decode_json(instance, section, request, randle, ctx->response.buffer, ctx->response.used);
2140 break;
2141#endif
2142
2143 case REST_HTTP_BODY_UNSUPPORTED:
2144 case REST_HTTP_BODY_UNAVAILABLE:
2145 case REST_HTTP_BODY_INVALID:
2146 return -1;
2147
2148 default:
2149 fr_assert(0);
2150 }
2151
2152 return ret;
2153}
2154
2155/** URL encodes a string.
2156 *
2157 * Encode special chars as per RFC 3986 section 4.
2158 *
2159 * @param[in] request Current request.
2160 * @param[out] out Where to write escaped string.
2161 * @param[in] outlen Size of out buffer.
2162 * @param[in] raw string to be urlencoded.
2163 * @param[in] arg pointer, gives context for escaping.
2164 * @return length of data written to out (excluding NULL).
2165 */
2166size_t rest_uri_escape(UNUSED request_t *request, char *out, size_t outlen, char const *raw, UNUSED void *arg)
2167{
2168 char *escaped;
2169
2170 escaped = curl_escape(raw, 0);
2171 strlcpy(out, escaped, outlen);
2172 curl_free(escaped);
2173
2174 return strlen(out);
2175}
2176
2177/** Unescapes the host portion of a URI string
2178 *
2179 * This is required because the xlat functions which operate on the input string
2180 * cannot distinguish between host and path components.
2181 *
2182 * @param[out] out Where to write the pointer to the new
2183 * buffer containing the escaped URI.
2184 * @param[in] inst of rlm_rest.
2185 * @param[in] request Current request
2186 * @param[in] randle to use.
2187 * @param[in] uri configuration data.
2188 * @return
2189 * - Length of data written to buffer (excluding NULL).
2190 * - < 0 if an error occurred.
2191 */
2192ssize_t rest_uri_host_unescape(char **out, UNUSED rlm_rest_t const *inst, request_t *request,
2193 fr_curl_io_request_t *randle, char const *uri)
2194{
2195 CURL *candle = randle->candle;
2196
2197 char const *p, *q;
2198
2199 char *scheme;
2200
2201 ssize_t len;
2202
2203 p = uri;
2204
2205 /*
2206 * All URLs must contain at least <scheme>://<server>/
2207 */
2208 p = strchr(p, ':');
2209 if (!p || (*++p != '/') || (*++p != '/')) {
2210 malformed:
2211 REDEBUG("URI \"%s\" is malformed, can't find start of path", uri);
2212 return -1;
2213 }
2214 p = strchr(p + 1, '/');
2215 if (!p) {
2216 goto malformed;
2217 }
2218
2219 len = (p - uri);
2220
2221 /*
2222 * Unescape any special sequences in the first part of the URI
2223 */
2224 scheme = curl_easy_unescape(candle, uri, len, NULL);
2225 if (!scheme) {
2226 REDEBUG("Error unescaping host");
2227 return -1;
2228 }
2229
2230 /*
2231 * URIs can't contain spaces, so anything after the space must
2232 * be something else.
2233 */
2234 q = strchr(p, ' ');
2235 *out = q ? talloc_typed_asprintf(request, "%s%.*s", scheme, (int)(q - p), p) :
2236 talloc_typed_asprintf(request, "%s%s", scheme, p);
2237
2238 MEM(*out);
2239 curl_free(scheme);
2240
2241 return talloc_strlen(*out); /* array_length includes \0 */
2242}
buffer
static int const char char buffer[256]
Definition acutest.h:576
RCSID
#define RCSID(id)
Definition build.h:512
L
#define L(_str)
Helper for initialising arrays of string literals.
Definition build.h:228
unlikely
#define unlikely(_x)
Definition build.h:407
UNUSED
#define UNUSED
Definition build.h:336
NUM_ELEMENTS
#define NUM_ELEMENTS(_t)
Definition build.h:358
unlang_call_current
CONF_SECTION * unlang_call_current(request_t *request)
Return the last virtual server that was called.
Definition call.c:214
cf_section_name2
char const * cf_section_name2(CONF_SECTION const *cs)
Return the second identifier of a CONF_SECTION.
Definition cf_util.c:1187
FR_CURL_REQUEST_SET_OPTION
#define FR_CURL_REQUEST_SET_OPTION(_x, _y)
Definition base.h:67
fr_curl_io_request_alloc
fr_curl_io_request_t * fr_curl_io_request_alloc(TALLOC_CTX *ctx)
Allocate a new curl easy request and wrapper struct.
Definition io.c:542
fr_curl_io_request_t::uctx
void * uctx
Private data for the module using the API.
Definition base.h:105
fr_curl_io_request_t::candle
CURL * candle
Request specific handle.
Definition base.h:102
fr_curl_io_request_t
Structure representing an individual request being passed to curl for processing.
Definition base.h:101
fr_dcursor_next
static void * fr_dcursor_next(fr_dcursor_t *cursor)
Advanced the cursor to the next item.
Definition dcursor.h:288
fr_dcursor_remove
static void * fr_dcursor_remove(fr_dcursor_t *cursor)
Remove the current item.
Definition dcursor.h:480
fr_dcursor_current
static void * fr_dcursor_current(fr_dcursor_t *cursor)
Return the item the cursor current points to.
Definition dcursor.h:337
fr_dcursor_s
Definition dcursor.h:91
MEM
#define MEM(x)
Definition debug.h:46
RADIUSD_VERSION_STRING
#define RADIUSD_VERSION_STRING
Definition dependency.h:39
in
static fr_slen_t in
Definition dict.h:882
value
Test enumeration values.
Definition dict_test.h:92
talloc_free
talloc_free(hp)
fr_json_afrom_pair_list
char * fr_json_afrom_pair_list(TALLOC_CTX *ctx, fr_pair_list_t *vps, fr_json_format_t const *format)
Returns a JSON string of a list of value pairs.
Definition json.c:1321
fr_curl_easy_tls_init
int fr_curl_easy_tls_init(fr_curl_io_request_t *randle, fr_curl_tls_t const *conf)
Definition base.c:139
REXDENT
#define REXDENT()
Exdent (unindent) R* messages by one level.
Definition log.h:455
RWDEBUG
#define RWDEBUG(fmt,...)
Definition log.h:373
RDEBUG3
#define RDEBUG3(fmt,...)
Definition log.h:355
RERROR
#define RERROR(fmt,...)
Definition log.h:310
RPWDEBUG
#define RPWDEBUG(fmt,...)
Definition log.h:378
RINDENT
#define RINDENT()
Indent R* messages by one level.
Definition log.h:442
ROUND_UP
#define ROUND_UP(_num, _mul)
Round up - Works in all cases, but is slower.
Definition math.h:206
ssize_t
long int ssize_t
Definition merged_model.c:24
size_t
unsigned long int size_t
Definition merged_model.c:25
fr_dict_attr_t
Definition merged_model.c:133
fr_value_box_t
Definition merged_model.c:136
request_t
Definition merged_model.c:210
tmpl_t
Definition merged_model.c:225
used
static size_t used
Definition message_set_test.c:49
strncasecmp
int strncasecmp(char *s1, char *s2, int n)
Definition missing.c:35
module_ctx_t::env_data
void * env_data
Per call environment data.
Definition module_ctx.h:44
module_ctx_t::mi
module_instance_t const * mi
Instance of the module being instantiated.
Definition module_ctx.h:42
module_ctx_t
Temporary structure to hold arguments for module calls.
Definition module_ctx.h:41
fr_pair_value_from_str
int fr_pair_value_from_str(fr_pair_t *vp, char const *value, size_t inlen, fr_sbuff_unescape_rules_t const *uerules, UNUSED bool tainted)
Convert string value to native attribute value.
Definition pair.c:2617
fr_pair_append
int fr_pair_append(fr_pair_list_t *list, fr_pair_t *to_add)
Add a VP to the end of the list.
Definition pair.c:1352
fr_pair_afrom_da
fr_pair_t * fr_pair_afrom_da(TALLOC_CTX *ctx, fr_dict_attr_t const *da)
Dynamically allocate a new attribute and assign a fr_dict_attr_t.
Definition pair.c:290
fr_pair_list_init
void fr_pair_list_init(fr_pair_list_t *list)
Initialise a pair list header.
Definition pair.c:46
fr_pair_value_bstrndup
int fr_pair_value_bstrndup(fr_pair_t *vp, char const *src, size_t len, bool tainted)
Copy data into a "string" type value pair.
Definition pair.c:2812
radius_pairmove
void radius_pairmove(request_t *request, fr_pair_list_t *to, fr_pair_list_t *from)
Definition pairmove.c:44
fr_assert
#define fr_assert(_expr)
Definition rad_assert.h:37
pair_update_request
#define pair_update_request(_attr, _da)
Definition radclient-ng.c:59
REDEBUG
#define REDEBUG(fmt,...)
Definition radclient-ng.h:52
RDEBUG2
#define RDEBUG2(fmt,...)
Definition radclient-ng.h:54
request_attr_reply
fr_dict_attr_t const * request_attr_reply
Definition request.c:44
rest_decode_post
static int rest_decode_post(UNUSED rlm_rest_t const *instance, UNUSED rlm_rest_section_t const *section, request_t *request, fr_curl_io_request_t *randle, char *raw, size_t rawlen)
Converts POST response into fr_pair_ts and adds them to the request.
Definition rest.c:700
rest_decode_plain
static int rest_decode_plain(UNUSED rlm_rest_t const *inst, UNUSED rlm_rest_section_t const *section, request_t *request, UNUSED fr_curl_io_request_t *randle, char *raw, size_t rawlen)
Converts plain response into a single fr_pair_t.
Definition rest.c:656
http_auth_table
fr_table_num_sorted_t const http_auth_table[]
Definition rest.c:165
rest_custom_data_t::len
size_t len
Length of data.
Definition rest.c:215
rest_custom_data_t::start
char const * start
Start of the buffer.
Definition rest.c:213
CURLAUTH_DIGEST_IE
#define CURLAUTH_DIGEST_IE
Definition rest.c:87
rest_request_config
int rest_request_config(module_ctx_t const *mctx, rlm_rest_section_t const *section, request_t *request, fr_curl_io_request_t *randle, http_method_t method, http_body_type_t type, char const *uri, char const *body_data)
Configures request curlopts.
Definition rest.c:1813
rest_uri_host_unescape
ssize_t rest_uri_host_unescape(char **out, UNUSED rlm_rest_t const *inst, request_t *request, fr_curl_io_request_t *randle, char const *uri)
Unescapes the host portion of a URI string.
Definition rest.c:2192
rest_response_body_type_get
http_body_type_t rest_response_body_type_get(fr_curl_io_request_t *randle)
Return the body type of a HTTP response.
Definition rest.c:1652
json_flags_t::do_xlat
int do_xlat
If true value will be expanded with xlat.
Definition rest.c:229
rest_encode_custom
static size_t rest_encode_custom(void *out, size_t size, size_t nmemb, void *userdata)
Copies a pre-expanded xlat string to the output buffer.
Definition rest.c:298
http_body_type_table
fr_table_num_sorted_t const http_body_type_table[]
Conversion table for type config values.
Definition rest.c:149
rest_encode_json
static size_t rest_encode_json(void *out, size_t size, size_t nmemb, void *userdata)
Encodes fr_pair_t linked list in JSON format.
Definition rest.c:534
CURLOPT_TLSAUTH_SRP
#define CURLOPT_TLSAUTH_SRP
Definition rest.c:78
json_flags_t::op
fr_token_t op
The operator that determines how the new VP.
Definition rest.c:232
CURLAUTH_BASIC
#define CURLAUTH_BASIC
Definition rest.c:81
http_method_table
fr_table_num_sorted_t const http_method_table[]
Conversion table for method config values.
Definition rest.c:130
rest_mod_conn_create
void * rest_mod_conn_create(TALLOC_CTX *ctx, void *instance, UNUSED fr_time_delta_t timeout)
Creates a new connection handle for use by the FR connection API.
Definition rest.c:263
rest_get_handle_data
size_t rest_get_handle_data(char const **out, fr_curl_io_request_t *randle)
Extracts pointer to buffer containing response data.
Definition rest.c:1636
rest_request_contains_header
static bool rest_request_contains_header(fr_curl_io_request_t *randle, char const *header)
See if the list of headers already contains a header.
Definition rest.c:1768
json_pair_alloc
static int json_pair_alloc(rlm_rest_t const *instance, rlm_rest_section_t const *section, request_t *request, json_object *object, UNUSED int level, int max)
Processes JSON response and converts it into multiple fr_pair_ts.
Definition rest.c:988
rest_request_init
static void rest_request_init(rlm_rest_section_t const *section, request_t *request, rlm_rest_request_t *ctx)
(Re-)Initialises the data in a rlm_rest_request_t.
Definition rest.c:633
rest_request_encode_wrapper
static ssize_t rest_request_encode_wrapper(char **out, UNUSED rlm_rest_t const *inst, rest_read_t func, size_t limit, void *userdata)
Emulates successive libcurl calls to an encoding function.
Definition rest.c:597
rest_decode_json
static int rest_decode_json(rlm_rest_t const *instance, rlm_rest_section_t const *section, request_t *request, UNUSED fr_curl_io_request_t *randle, char *raw, UNUSED size_t rawlen)
Converts JSON response into fr_pair_ts and adds them to the request.
Definition rest.c:1202
rest_response_debug
void rest_response_debug(request_t *request, fr_curl_io_request_t *handle)
Print out the response text.
Definition rest.c:1579
CURLAUTH_NTLM
#define CURLAUTH_NTLM
Definition rest.c:93
json_pair_alloc_leaf
static fr_pair_t * json_pair_alloc_leaf(UNUSED rlm_rest_t const *instance, UNUSED rlm_rest_section_t const *section, TALLOC_CTX *ctx, request_t *request, fr_dict_attr_t const *da, json_flags_t *flags, json_object *leaf)
Converts JSON "value" key into fr_pair_t.
Definition rest.c:852
http_content_type_table
fr_table_num_sorted_t const http_content_type_table[]
Conversion table for "Content-Type" header values.
Definition rest.c:193
SET_AUTH_OPTION
#define SET_AUTH_OPTION(_x, _y)
json_flags_t::is_json
int is_json
If true value will be inserted as raw JSON.
Definition rest.c:230
http_curl_auth
const unsigned long http_curl_auth[REST_HTTP_AUTH_NUM_ENTRIES]
Definition rest.c:104
CURLAUTH_NTLM_WB
#define CURLAUTH_NTLM_WB
Definition rest.c:96
http_body_type_supported
const http_body_type_t http_body_type_supported[REST_HTTP_BODY_NUM_ENTRIES]
Table of encoder/decoder support.
Definition rest.c:47
CURLAUTH_GSSNEGOTIATE
#define CURLAUTH_GSSNEGOTIATE
Definition rest.c:90
rest_uri_escape
size_t rest_uri_escape(UNUSED request_t *request, char *out, size_t outlen, char const *raw, UNUSED void *arg)
URL encodes a string.
Definition rest.c:2166
rest_request_config_add_header
int rest_request_config_add_header(request_t *request, fr_curl_io_request_t *randle, char const *header, bool validate)
Adds an additional header to a handle to use in the next reques.
Definition rest.c:1733
rest_response_error
void rest_response_error(request_t *request, fr_curl_io_request_t *handle)
Print out the response text as error lines.
Definition rest.c:1554
http_body_type_table_len
size_t http_body_type_table_len
Definition rest.c:163
rest_request_config_body
static int rest_request_config_body(module_ctx_t const *mctx, rlm_rest_section_t const *section, request_t *request, fr_curl_io_request_t *randle, rest_read_t func)
Configures body specific curlopts.
Definition rest.c:1675
_mod_conn_free
static int _mod_conn_free(fr_curl_io_request_t *randle)
Frees a libcurl handle, and any additional memory used by context data.
Definition rest.c:242
rest_response_init
static void rest_response_init(rlm_rest_section_t const *section, request_t *request, rlm_rest_response_t *ctx, http_body_type_t type, tmpl_t *header)
(Re-)Initialises the data in a rlm_rest_response_t.
Definition rest.c:1614
rest_response_body
static size_t rest_response_body(void *in, size_t size, size_t nmemb, void *userdata)
Processes incoming HTTP body data from libcurl.
Definition rest.c:1472
rest_encode_post
static size_t rest_encode_post(void *out, size_t size, size_t nmemb, void *userdata)
Encodes fr_pair_t linked list in POST format.
Definition rest.c:357
rest_custom_data_t::p
char const * p
how much text we've sent so far.
Definition rest.c:214
http_auth_table_len
size_t http_auth_table_len
Definition rest.c:177
rest_response_header
static size_t rest_response_header(void *in, size_t size, size_t nmemb, void *userdata)
Processes incoming HTTP header data from libcurl.
Definition rest.c:1250
http_content_type_table_len
size_t http_content_type_table_len
Definition rest.c:206
CURLAUTH_DIGEST
#define CURLAUTH_DIGEST
Definition rest.c:84
http_body_type_binary
const bool http_body_type_binary[REST_HTTP_BODY_NUM_ENTRIES]
Table of which known body types are expected to give binary data.
Definition rest.c:69
http_method_table_len
size_t http_method_table_len
Definition rest.c:138
rest_response_decode
int rest_response_decode(rlm_rest_t const *instance, rlm_rest_section_t const *section, request_t *request, fr_curl_io_request_t *randle)
Sends the response to the correct decode function.
Definition rest.c:2113
json_flags_t
Flags to control the conversion of JSON values to fr_pair_ts.
Definition rest.c:228
rest_custom_data_t
Definition rest.c:212
rest.h
Function prototypes and datatypes for the REST (HTTP) transport.
rlm_rest_response_t::instance
rlm_rest_t const * instance
This instance of rlm_rest.
Definition rest.h:242
rlm_rest_request_t::state
read_state_t state
Encoder state.
Definition rest.h:228
attr_rest_http_header
HIDDEN fr_dict_attr_t const * attr_rest_http_header
Definition rlm_rest.c:253
rlm_rest_section_request_t::auth
http_auth_type_t auth
HTTP auth type.
Definition rest.h:122
rlm_rest_curl_context_t::headers
struct curl_slist * headers
Any HTTP headers which will be sent with the request.
Definition rest.h:266
rlm_rest_response_t::header
tmpl_t * header
Where to create pairs representing HTTP response headers.
Definition rest.h:256
rlm_rest_response_t::request
request_t * request
Current request.
Definition rest.h:245
rlm_rest_response_t::buffer
char * buffer
Raw incoming HTTP data.
Definition rest.h:248
rlm_rest_response_t::code
int code
HTTP Status Code.
Definition rest.h:252
rlm_rest_response_t::state
write_state_t state
Decoder state.
Definition rest.h:246
rlm_rest_t::fail_header_decode
bool fail_header_decode
Force header decoding to fail for debugging purposes.
Definition rest.h:182
rlm_rest_section_request_t::proxy
char const * proxy
Send request via this proxy.
Definition rest.h:112
rlm_rest_response_t::used
size_t used
Space used in buffer.
Definition rest.h:250
rlm_rest_response_t::type
http_body_type_t type
HTTP Content Type.
Definition rest.h:253
rlm_rest_curl_context_t::body
char * body
Pointer to the buffer which contains body data/ Only used when not performing chunked encoding.
Definition rest.h:269
rlm_rest_section_t::tls
fr_curl_tls_t tls
Definition rest.h:150
REST_BODY_MAX_ATTRS
#define REST_BODY_MAX_ATTRS
Definition rest.h:41
rlm_rest_t::fail_body_decode
bool fail_body_decode
Force body decoding to fail for debugging purposes.
Definition rest.h:183
rlm_rest_section_response_t::force_to
http_body_type_t force_to
Override the Content-Type header in the response to force decoding as a particular type.
Definition rest.h:131
http_method_t
http_method_t
Definition rest.h:43
REST_HTTP_METHOD_PATCH
@ REST_HTTP_METHOD_PATCH
Definition rest.h:48
REST_HTTP_METHOD_DELETE
@ REST_HTTP_METHOD_DELETE
Definition rest.h:49
REST_HTTP_METHOD_PUT
@ REST_HTTP_METHOD_PUT
Definition rest.h:47
REST_HTTP_METHOD_POST
@ REST_HTTP_METHOD_POST
Definition rest.h:46
REST_HTTP_METHOD_UNKNOWN
@ REST_HTTP_METHOD_UNKNOWN
Definition rest.h:44
REST_HTTP_METHOD_CUSTOM
@ REST_HTTP_METHOD_CUSTOM
Must always come last, should not be in method table.
Definition rest.h:50
REST_HTTP_METHOD_GET
@ REST_HTTP_METHOD_GET
Definition rest.h:45
rlm_rest_section_response_t::max_body_in
size_t max_body_in
Maximum size of incoming data.
Definition rest.h:135
rlm_rest_request_t::cursor
fr_dcursor_t cursor
Cursor pointing to the start of the list to encode.
Definition rest.h:230
rlm_rest_response_t::force_to
http_body_type_t force_to
Force decoding the body type as a particular encoding.
Definition rest.h:254
http_body_type_t
http_body_type_t
Definition rest.h:53
REST_HTTP_BODY_HTML
@ REST_HTTP_BODY_HTML
Definition rest.h:64
REST_HTTP_BODY_PLAIN
@ REST_HTTP_BODY_PLAIN
Definition rest.h:65
REST_HTTP_BODY_JSON
@ REST_HTTP_BODY_JSON
Definition rest.h:61
REST_HTTP_BODY_INVALID
@ REST_HTTP_BODY_INVALID
Definition rest.h:57
REST_HTTP_BODY_XML
@ REST_HTTP_BODY_XML
Definition rest.h:62
REST_HTTP_BODY_UNSUPPORTED
@ REST_HTTP_BODY_UNSUPPORTED
Definition rest.h:55
REST_HTTP_BODY_YAML
@ REST_HTTP_BODY_YAML
Definition rest.h:63
REST_HTTP_BODY_POST
@ REST_HTTP_BODY_POST
Definition rest.h:60
REST_HTTP_BODY_CUSTOM
@ REST_HTTP_BODY_CUSTOM
Definition rest.h:59
REST_HTTP_BODY_NUM_ENTRIES
@ REST_HTTP_BODY_NUM_ENTRIES
Definition rest.h:67
REST_HTTP_BODY_CRL
@ REST_HTTP_BODY_CRL
Definition rest.h:66
REST_HTTP_BODY_UNKNOWN
@ REST_HTTP_BODY_UNKNOWN
Definition rest.h:54
REST_HTTP_BODY_NONE
@ REST_HTTP_BODY_NONE
Definition rest.h:58
REST_HTTP_BODY_UNAVAILABLE
@ REST_HTTP_BODY_UNAVAILABLE
Definition rest.h:56
rlm_rest_section_request_t::method_str
char const * method_str
The string version of the HTTP method.
Definition rest.h:114
READ_STATE_ATTR_CONT
@ READ_STATE_ATTR_CONT
Definition rest.h:206
READ_STATE_ATTR_BEGIN
@ READ_STATE_ATTR_BEGIN
Definition rest.h:205
READ_STATE_END
@ READ_STATE_END
Definition rest.h:207
READ_STATE_INIT
@ READ_STATE_INIT
Definition rest.h:204
rlm_rest_response_t::section
rlm_rest_section_t const * section
Section configuration.
Definition rest.h:243
rlm_rest_section_request_t::body_str
char const * body_str
The string version of the encoding/content type.
Definition rest.h:117
REST_BODY_ALLOC_CHUNK
#define REST_BODY_ALLOC_CHUNK
Definition rest.h:40
attr_rest_http_body
HIDDEN fr_dict_attr_t const * attr_rest_http_body
Definition rlm_rest.c:252
rlm_rest_section_t::request
rlm_rest_section_request_t request
Request configuration.
Definition rest.h:147
rlm_rest_call_env_t::response
struct rlm_rest_call_env_t::@190 response
rlm_rest_curl_context_t::response
rlm_rest_response_t response
Response context data.
Definition rest.h:273
rest_read_t
size_t(* rest_read_t)(void *ptr, size_t size, size_t nmemb, void *userdata)
Definition rest.h:309
REST_BODY_MAX_LEN
#define REST_BODY_MAX_LEN
Definition rest.h:39
rlm_rest_request_t::section
rlm_rest_section_t const * section
Section configuration.
Definition rest.h:225
rlm_rest_call_env_t::request
struct rlm_rest_call_env_t::@189 request
rlm_rest_request_t::encoder
void * encoder
Encoder specific data.
Definition rest.h:234
rlm_rest_section_response_t::accept_all
bool accept_all
Accept all content types.
Definition rest.h:133
rlm_rest_curl_context_t::request
rlm_rest_request_t request
Request context data.
Definition rest.h:272
rlm_rest_section_t::response
rlm_rest_section_response_t response
Response configuration.
Definition rest.h:148
rlm_rest_section_t::timeout
fr_time_delta_t timeout
Timeout timeval.
Definition rest.h:144
WRITE_STATE_PARSE_HEADERS
@ WRITE_STATE_PARSE_HEADERS
Definition rest.h:215
WRITE_STATE_PARSE_CONTENT
@ WRITE_STATE_PARSE_CONTENT
Definition rest.h:216
rlm_rest_section_t::name
char const * name
Section name.
Definition rest.h:142
http_auth_type_t
http_auth_type_t
Definition rest.h:70
REST_HTTP_AUTH_NTLM_WB
@ REST_HTTP_AUTH_NTLM_WB
Definition rest.h:79
REST_HTTP_AUTH_NUM_ENTRIES
@ REST_HTTP_AUTH_NUM_ENTRIES
Definition rest.h:82
REST_HTTP_AUTH_BASIC
@ REST_HTTP_AUTH_BASIC
Definition rest.h:74
REST_HTTP_AUTH_NTLM
@ REST_HTTP_AUTH_NTLM
Definition rest.h:78
REST_HTTP_AUTH_DIGEST
@ REST_HTTP_AUTH_DIGEST
Definition rest.h:75
REST_HTTP_AUTH_TLS_SRP
@ REST_HTTP_AUTH_TLS_SRP
Definition rest.h:73
REST_HTTP_AUTH_UNKNOWN
@ REST_HTTP_AUTH_UNKNOWN
Definition rest.h:71
REST_HTTP_AUTH_GSSNEGOTIATE
@ REST_HTTP_AUTH_GSSNEGOTIATE
Definition rest.h:77
REST_HTTP_AUTH_ANY
@ REST_HTTP_AUTH_ANY
Definition rest.h:80
REST_HTTP_AUTH_NONE
@ REST_HTTP_AUTH_NONE
Definition rest.h:72
REST_HTTP_AUTH_DIGEST_IE
@ REST_HTTP_AUTH_DIGEST_IE
Definition rest.h:76
REST_HTTP_AUTH_ANY_SAFE
@ REST_HTTP_AUTH_ANY_SAFE
Definition rest.h:81
rlm_rest_response_t::alloc
size_t alloc
Space allocated for buffer.
Definition rest.h:249
rlm_rest_request_t::request
request_t * request
Current request.
Definition rest.h:227
rlm_rest_request_t::instance
rlm_rest_t const * instance
This instance of rlm_rest.
Definition rest.h:224
rest_no_proxy
char const * rest_no_proxy
Magic pointer value for determining if we should disable proxying.
Definition rlm_rest.c:78
rlm_rest_section_request_t::chunk
uint32_t chunk
Max chunk-size (mainly for testing the encoders)
Definition rest.h:126
rlm_rest_request_t::chunk
size_t chunk
Chunk size.
Definition rest.h:232
rlm_rest_call_env_t
Definition rest.h:284
rlm_rest_curl_context_t
Definition rest.h:265
rlm_rest_request_t
Definition rest.h:223
rlm_rest_response_t
Definition rest.h:241
rlm_rest_section_t
Definition rest.h:141
rlm_rest_t
Definition rest.h:165
WRITE_STATE_INIT
@ WRITE_STATE_INIT
Definition rlm_ftp.c:61
name
static char const * name
Definition rlm_redis_ippool_tool.c:156
FR_SBUFF_OUT
#define FR_SBUFF_OUT(_start, _len_or_end)
module_instance_s::data
void * data
Module's instance data.
Definition module.h:293
tmpl_list
static fr_dict_attr_t const * tmpl_list(tmpl_t const *vpt)
Definition tmpl.h:904
tmpl_afrom_attr_str
ssize_t tmpl_afrom_attr_str(TALLOC_CTX *ctx, tmpl_attr_error_t *err, tmpl_t **out, char const *name, tmpl_rules_t const *rules))
Parse a string into a TMPL_TYPE_ATTR_* type tmpl_t.
Definition tmpl_tokenize.c:2540
tmpl_list_head
fr_pair_list_t * tmpl_list_head(request_t *request, fr_dict_attr_t const *list)
Resolve attribute fr_pair_list_t value to an attribute list.
Definition tmpl_eval.c:70
tmpl_list_ctx
TALLOC_CTX * tmpl_list_ctx(request_t *request, fr_dict_attr_t const *list)
Return the correct TALLOC_CTX to alloc fr_pair_t in, for a list.
Definition tmpl_eval.c:110
tmpl_request_ptr
int tmpl_request_ptr(request_t **request, FR_DLIST_HEAD(tmpl_request_list) const *rql)
Resolve a tmpl_request_ref_t to a request_t.
Definition tmpl_eval.c:163
tmpl_attr_tail_da
static fr_dict_attr_t const * tmpl_attr_tail_da(tmpl_t const *vpt)
Return the last attribute reference da.
Definition tmpl.h:801
tmpl_list_name
static char const * tmpl_list_name(fr_dict_attr_t const *list, char const *def)
Return the name of a tmpl list or def if list not provided.
Definition tmpl.h:915
tmpl_rules_s
Optional arguments passed to vp_tmpl functions.
Definition tmpl.h:336
buff
static char buff[sizeof("18446744073709551615")+3]
Definition size_tests.c:41
fr_skip_whitespace
#define fr_skip_whitespace(_p)
Skip whitespace ('\t', '\n', '\v', '\f', '\r', ' ')
Definition skip.h:36
snprintf
PUBLIC int snprintf(char *string, size_t length, char *format, va_alist)
Definition snprintf.c:689
count
return count
Definition module.c:155
inst
eap_aka_sim_process_conf_t * inst
Definition state_machine.c:3645
type
fr_aka_sim_id_type_t type
Definition state_machine.c:3648
vp
fr_pair_t * vp
Definition state_machine.c:2287
strlcpy
size_t strlcpy(char *dst, char const *src, size_t siz)
Definition strlcpy.c:34
pair_list_s
Definition pair.h:52
value_pair_s
Stores an attribute, a value and various bits of other data.
Definition pair.h:68
value_pair_s::da
fr_dict_attr_t const *_CONST da
Dictionary attribute defines the attribute number, vendor and type of the pair.
Definition pair.h:69
fr_table_value_by_str
#define fr_table_value_by_str(_table, _name, _def)
Convert a string to a value using a sorted or ordered table.
Definition table.h:653
fr_table_str_by_value
#define fr_table_str_by_value(_table, _number, _def)
Convert an integer to a string.
Definition table.h:772
fr_table_value_by_substr
#define fr_table_value_by_substr(_table, _name, _name_len, _def)
Convert a partial string to a value using an ordered or sorted table.
Definition table.h:693
fr_table_num_sorted_t
An element in a lexicographically sorted array of name to num mappings.
Definition table.h:49
talloc_bstr_realloc
char * talloc_bstr_realloc(TALLOC_CTX *ctx, char *in, size_t inlen)
Trim a bstr (char) buffer.
Definition talloc.c:681
talloc_typed_asprintf
char * talloc_typed_asprintf(TALLOC_CTX *ctx, char const *fmt,...)
Call talloc vasprintf, setting the type on the new chunk correctly.
Definition talloc.c:545
talloc_get_type_abort_const
#define talloc_get_type_abort_const
Definition talloc.h:110
talloc_strlen
static size_t talloc_strlen(char const *s)
Returns the length of a talloc array containing a string.
Definition talloc.h:136
time.h
Simple time functions.
fr_time_delta_to_msec
static int64_t fr_time_delta_to_msec(fr_time_delta_t delta)
Definition time.h:637
fr_time_delta_s
A time delta, a difference in time measured in nanoseconds.
Definition time.h:80
fr_tokens_table
fr_table_num_ordered_t const fr_tokens_table[]
Definition token.c:33
fr_token_t
enum fr_token fr_token_t
T_BARE_WORD
@ T_BARE_WORD
Definition token.h:118
T_OP_EQ
@ T_OP_EQ
Definition token.h:81
T_OP_SET
@ T_OP_SET
Definition token.h:82
T_OP_ADD_EQ
@ T_OP_ADD_EQ
Definition token.h:67
xlat_aeval
ssize_t xlat_aeval(TALLOC_CTX *ctx, char **out, request_t *request, char const *fmt, xlat_escape_legacy_t escape, void const *escape_ctx))
Definition xlat_eval.c:1877
fr_pair_dcursor_by_da_init
#define fr_pair_dcursor_by_da_init(_cursor, _list, _da)
Initialise a cursor that will return only attributes matching the specified fr_dict_attr_t.
Definition pair.h:639
fr_pair_print_value_quoted
ssize_t fr_pair_print_value_quoted(fr_sbuff_t *out, fr_pair_t const *vp, fr_token_t quote)
Print the value of an attribute to a string.
Definition pair_print.c:59
fr_pair_dcursor_init
#define fr_pair_dcursor_init(_cursor, _list)
Initialises a special dcursor with callbacks that will maintain the attr sublists correctly.
Definition pair.h:604
fr_type_to_str
static char const * fr_type_to_str(fr_type_t type)
Return a static string containing the type name.
Definition types.h:454
fr_value_box_cast
int fr_value_box_cast(TALLOC_CTX *ctx, fr_value_box_t *dst, fr_type_t dst_type, fr_dict_attr_t const *dst_enumv, fr_value_box_t const *src)
Convert one type of fr_value_box_t to another.
Definition value.c:3931
fr_value_box_strdup_shallow
void fr_value_box_strdup_shallow(fr_value_box_t *dst, fr_dict_attr_t const *enumv, char const *src, bool tainted)
Assign a buffer containing a nul terminated string to a box, but don't copy it.
Definition value.c:4714
fr_value_box_bstrndup_shallow
void fr_value_box_bstrndup_shallow(fr_value_box_t *dst, fr_dict_attr_t const *enumv, char const *src, size_t len, bool tainted)
Assign a string to to a fr_value_box_t.
Definition value.c:4910
data
static fr_slen_t data
Definition value.h:1340
FR_VALUE_BOX_INITIALISER_NULL
#define FR_VALUE_BOX_INITIALISER_NULL(_vb)
A static initialiser for stack/globally allocated boxes.
Definition value.h:511
fr_box_strvalue_len
#define fr_box_strvalue_len(_val, _len)
Definition value.h:309
fr_value_box_init_null
#define fr_value_box_init_null(_vb)
Initialise an empty/null box that will be filled later.
Definition value.h:616
fr_box_strvalue
#define fr_box_strvalue(_val)
Definition value.h:308
fr_box_time_delta
#define fr_box_time_delta(_val)
Definition value.h:366
fr_value_box
#define fr_value_box(_box, _var, _tainted)
Automagically fill in a box, determining the value type from the type of the C variable.
Definition value.h:904
fr_value_box_list_foreach
#define fr_value_box_list_foreach(_list_head, _iter)
Definition value.h:224
out
static size_t char ** out
Definition value.h:1030
Generated by   doxygen 1.9.8