rlm__attr__filter_8c_source.html

/*

 *   This program is is free software; you can redistribute it and/or modify

 *   it under the terms of the GNU General Public License as published by

 *   the Free Software Foundation; either version 2 of the License, or (at

 *   your option) any later version.

 *

 *   This program is distributed in the hope that it will be useful,

 *   but WITHOUT ANY WARRANTY; without even the implied warranty of

 *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

 *   GNU General Public License for more details.

 *

 *   You should have received a copy of the GNU General Public License

 *   along with this program; if not, write to the Free Software

 *   Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA

 */


/**

 * $Id: 72413589333cbc5bcdf8576bd87256d798aee1cd $

 * @file rlm_attr_filter.c

 * @brief Filter the contents of a list, allowing only certain attributes.

 *

 * @copyright (C) 2001,2006 The FreeRADIUS server project

 * @copyright (C) 2001 Chris Parker (cparker@starnetusa.net)

 */

RCSID("$Id: 72413589333cbc5bcdf8576bd87256d798aee1cd $")


#define LOG_PREFIX mctx->mi->name


#include <freeradius-devel/server/base.h>

#include <freeradius-devel/server/module_rlm.h>

#include <freeradius-devel/util/debug.h>

#include <freeradius-devel/server/users_file.h>


#include <sys/stat.h>


#include <ctype.h>

#include <fcntl.h>


/*

 *      Define a structure with the module configuration, so it can

 *      be used as the instance handle.

 */


typedef struct {

        char const      *filename;

        tmpl_t          *key;

        bool            relaxed;

        PAIR_LIST_LIST  attrs;

} rlm_attr_filter_t;


static const conf_parser_t module_config[] = {

        { FR_CONF_OFFSET_FLAGS("filename", CONF_FLAG_FILE_INPUT | CONF_FLAG_REQUIRED, rlm_attr_filter_t, filename) },

        { FR_CONF_OFFSET("key", rlm_attr_filter_t, key), .dflt = "&Realm", .quote = T_BARE_WORD },

        { FR_CONF_OFFSET("relaxed", rlm_attr_filter_t, relaxed), .dflt = "no" },

        CONF_PARSER_TERMINATOR

};


static fr_dict_t const *dict_freeradius;

static fr_dict_t const *dict_radius;


extern fr_dict_autoload_t rlm_attr_filter_dict[];


fr_dict_autoload_t rlm_attr_filter_dict[] = {

        { .out = &dict_freeradius, .proto = "freeradius" },

        { .out = &dict_radius, .proto = "radius" },

        { NULL }

};


static fr_dict_attr_t const *attr_stripped_user_name;

static fr_dict_attr_t const *attr_fall_through;

static fr_dict_attr_t const *attr_relax_filter;


static fr_dict_attr_t const *attr_vendor_specific;


extern fr_dict_attr_autoload_t rlm_attr_filter_dict_attr[];


fr_dict_attr_autoload_t rlm_attr_filter_dict_attr[] = {

        { .out = &attr_stripped_user_name, .name = "Stripped-User-Name", .type = FR_TYPE_STRING, .dict = &dict_freeradius },

        { .out = &attr_fall_through, .name = "Fall-Through", .type = FR_TYPE_BOOL, .dict = &dict_freeradius },

        { .out = &attr_relax_filter, .name = "Relax-Filter", .type = FR_TYPE_BOOL, .dict = &dict_freeradius },


        { .out = &attr_vendor_specific, .name = "Vendor-Specific", .type = FR_TYPE_VSA, .dict = &dict_radius },

        { NULL }

};


static void check_pair(request_t *request, fr_pair_t *check_item, fr_pair_t *reply_item, int *pass, int *fail)

{

        int compare;


        if (check_item->op == T_OP_SET) return;


        compare = fr_pair_cmp(check_item, reply_item);

        if (compare < 0) RPEDEBUG("Comparison failed");


        if (compare == 1) {

                ++*(pass);

        } else {

                ++*(fail);

        }


        RDEBUG3("%pP %s %pP", reply_item, compare == 1 ? "allowed by" : "disallowed by", check_item);


        return;

}


static int attr_filter_getfile(TALLOC_CTX *ctx, module_inst_ctx_t const *mctx, char const *filename, PAIR_LIST_LIST *pair_list)

{

        int rcode;

        PAIR_LIST *entry = NULL;

        map_t *map;


        rcode = pairlist_read(ctx, dict_radius, filename, pair_list);

        if (rcode < 0) {

                return -1;

        }


        /*

         *      Walk through the 'attrs' file list.

         */

        while ((entry = fr_dlist_next(&pair_list->head, entry))) {

                /*

                 *      We apply the rules in the reply items.

                 */

                if (!map_list_empty(&entry->check)) {

                        WARN("%s[%d] Check list is not empty for entry \"%s\".\n",

                             filename, entry->lineno, entry->name);

                }


                map = NULL;

                while ((map = map_list_next(&entry->reply, map))) {

                        if (!tmpl_is_attr(map->lhs)) {

                                ERROR("%s[%d] Left side of filter %s is not an attribute",

                                      filename, entry->lineno, map->lhs->name);

                                return -1;

                        }


                        if (tmpl_list(map->lhs) != request_attr_reply) {

                                ERROR("%s[%d] Left side of filter %s is not in the reply list",

                                      filename, entry->lineno, map->lhs->name);

                                return -1;

                        }


                        if (fr_assignment_op[map->op]) {

                                ERROR("%s[%d] Filter %s contains invalid operator '%s'",

                                      filename, entry->lineno, map->lhs->name, fr_tokens[map->op]);

                                return -1;

                        }


                        /*

                         *      Make sure that bad things don't happen.

                         */

                        if (!map->rhs) {

                                ERROR("%s[%d] Right side of filter %s is a nested attribute - this is not (yet) supported",

                                      filename, entry->lineno, map->lhs->name);

                                return -1;

                        }


                        if (!tmpl_is_data(map->rhs)) {

                                ERROR("%s[%d] Right side of filter %s is not a static value",

                                      filename, entry->lineno, map->lhs->name);

                                return -1;

                        }

                }

        }


        return 0;

}


/*

 *      (Re-)read the "attrs" file into memory.

 */


static int mod_instantiate(module_inst_ctx_t const *mctx)

{

        rlm_attr_filter_t *inst = talloc_get_type_abort(mctx->mi->data, rlm_attr_filter_t);

        int rcode;

        pairlist_list_init(&inst->attrs);


        rcode = attr_filter_getfile(inst, mctx, inst->filename, &inst->attrs);

        if (rcode != 0) {

                ERROR("Errors reading %s", inst->filename);


                return -1;

        }


        return 0;

}


/*

 *      Common attr_filter checks

 */


static unlang_action_t CC_HINT(nonnull) attr_filter_common(TALLOC_CTX *ctx, rlm_rcode_t *p_result,

                                                           module_ctx_t const *mctx, request_t *request,

                                                           fr_pair_list_t *list)

{

        rlm_attr_filter_t const *inst = talloc_get_type_abort_const(mctx->mi->data, rlm_attr_filter_t);

        fr_pair_list_t  output;

        PAIR_LIST       *pl = NULL;

        int             found = 0;

        int             pass, fail = 0;

        char const      *keyname = NULL;

        char            buffer[256];

        ssize_t         slen;


        slen = tmpl_expand(&keyname, buffer, sizeof(buffer), request, inst->key, NULL, NULL);

        if (slen < 0) {

                RETURN_MODULE_FAIL;

        }

        if ((keyname == buffer) && is_truncated((size_t)slen, sizeof(buffer))) {

                REDEBUG("Key too long, expected < " STRINGIFY(sizeof(buffer)) " bytes, got %zi bytes", slen);

                RETURN_MODULE_FAIL;

        }


        /*

         *      Head of the output list

         */

        fr_pair_list_init(&output);


        /*

         *      Find the attr_filter profile entry for the entry.

         */

        while ((pl = fr_dlist_next(&inst->attrs.head, pl))) {

                int fall_through = 0;

                int relax_filter = inst->relaxed;

                map_t *map = NULL;

                fr_pair_list_t tmp_list;

                fr_pair_t *check_item, *input_item;

                fr_pair_list_t check_list;


                fr_pair_list_init(&tmp_list);

                /*

                 *  If the current entry is NOT a default,

                 *  AND the realm does NOT match the current entry,

                 *  then skip to the next entry.

                 */

                if ((strcmp(pl->name, "DEFAULT") != 0) &&

                    (strcmp(keyname, pl->name) != 0))  {

                        continue;

                }


                RDEBUG2("Matched entry %s at line %d", pl->name, pl->lineno);

                found = 1;


                fr_pair_list_init(&check_list);


                while ((map = map_list_next(&pl->reply, map))) {

                        if (map_to_vp(ctx, &tmp_list, request, map, NULL) < 0) {

                                RPWARN("Failed parsing map %s for check item, skipping it", map->lhs->name);

                                continue;

                        }


                        check_item = fr_pair_list_head(&tmp_list);

                        if (check_item->da == attr_fall_through) {

                                if (check_item->vp_uint32 == 1) {

                                        fall_through = 1;

                                        fr_pair_list_free(&tmp_list);

                                        continue;

                                }

                        } else if (check_item->da == attr_relax_filter) {

                                relax_filter = check_item->vp_bool;

                        }


                        /*

                         *      Remove pair from temporary list ready to

                         *      add to the correct destination

                         */

                        fr_pair_remove(&tmp_list, check_item);


                        /*

                         *    If it is a SET operator, add the attribute to

                         *    the output list without checking it.

                         */

                        if (check_item->op == T_OP_SET ) {

                                fr_pair_append(&output, check_item);

                                continue;

                        }


                        /*

                         *      Append the realized VP to the check list.

                         */

                        fr_pair_append(&check_list, check_item);

                }


                /*

                 *      Iterate through the input items, comparing

                 *      each item to every rule, then moving it to the

                 *      output list only if it matches all rules

                 *      for that attribute.  IE, Idle-Timeout is moved

                 *      only if it matches all rules that describe an

                 *      Idle-Timeout.

                 */

                for (input_item = fr_pair_list_head(list);

                     input_item;

                     input_item = fr_pair_list_next(list, input_item)) {

                        pass = fail = 0; /* reset the pass,fail vars for each reply item */


                        /*

                         *  Reset the check_item pointer to beginning of the list

                         */

                        for (check_item = fr_pair_list_head(&check_list);

                             check_item;

                             check_item = fr_pair_list_next(&check_list, check_item)) {

                                /*

                                 *  Vendor-Specific is special, and matches any VSA if the

                                 *  comparison is always true.

                                 */

                                if ((check_item->da == attr_vendor_specific) &&

                                    (fr_dict_vendor_num_by_da(input_item->da) != 0) &&

                                    (check_item->op == T_OP_CMP_TRUE)) {

                                        pass++;

                                        continue;

                                }


                                if (input_item->da == check_item->da) {

                                        check_pair(request, check_item, input_item, &pass, &fail);

                                }

                        }


                        RDEBUG3("Attribute \"%s\" allowed by %i rules, disallowed by %i rules",

                                input_item->da->name, pass, fail);

                        /*

                         *  Only move attribute if it passed all rules, or if the config says we

                         *  should copy unmatched attributes ('relaxed' mode).

                         */

                        if (fail == 0 && (pass > 0 || relax_filter)) {

                                fr_pair_t *prev = fr_pair_list_prev(list, input_item);


                                if (!pass) {

                                        RDEBUG3("Attribute \"%s\" allowed by relaxed mode", input_item->da->name);

                                }

                                fr_pair_remove(list, input_item);

                                fr_assert(input_item != NULL);

                                fr_pair_append(&output, input_item);

                                input_item = prev; /* Set input_item to previous in the list for outer loop */

                        }

                }


                /* If we shouldn't fall through, break */

                if (!fall_through) {

                        break;

                }

        }


        /*

         *      No entry matched.  We didn't do anything.

         */

        if (!found) {

                fr_assert(fr_pair_list_empty(&output));

                RETURN_MODULE_NOOP;

        }


        /*

         *      Replace the existing request list with our filtered one

         */

        fr_pair_list_free(list);

        fr_pair_list_append(list, &output);


        RETURN_MODULE_UPDATED;

}


#define RLM_AF_FUNC(_x, _y) static unlang_action_t CC_HINT(nonnull) mod_##_x(rlm_rcode_t *p_result, module_ctx_t const *mctx, request_t *request) \

        { \

                return attr_filter_common(request->_y##_ctx, p_result, mctx, request, &request->_y##_pairs); \

        }


RLM_AF_FUNC(request, request)

RLM_AF_FUNC(reply, reply)

RLM_AF_FUNC(control, control)

RLM_AF_FUNC(session, session_state)


/* globally exported name */

extern module_rlm_t rlm_attr_filter;


module_rlm_t rlm_attr_filter = {

        .common = {

                .magic          = MODULE_MAGIC_INIT,

                .name           = "attr_filter",

                .inst_size      = sizeof(rlm_attr_filter_t),

                .config         = module_config,

                .instantiate    = mod_instantiate,

        },

        .method_group = {

                .bindings = (module_method_binding_t[]){

                        /*

                         *      Hack to support old configurations

                         */

                        { .section = SECTION_NAME("accounting", CF_IDENT_ANY),          .method = mod_reply     },

                        { .section = SECTION_NAME("authorize", CF_IDENT_ANY),           .method = mod_request   },


                        { .section = SECTION_NAME("recv", "accounting-request"),        .method = mod_request   },

                        { .section = SECTION_NAME("recv", CF_IDENT_ANY),                .method = mod_request   },


                        { .section = SECTION_NAME("send", CF_IDENT_ANY),                .method = mod_reply     },


                        /*

                         *      List name based methods

                         */

                        { .section = SECTION_NAME("request", CF_IDENT_ANY),             .method = mod_request   },

                        { .section = SECTION_NAME("reply", CF_IDENT_ANY),               .method = mod_reply     },

                        { .section = SECTION_NAME("control", CF_IDENT_ANY),             .method = mod_control   },

                        { .section = SECTION_NAME("session-state", CF_IDENT_ANY),       .method = mod_session   },

                        MODULE_BINDING_TERMINATOR

                }

        }

};


unlang_action_t
unlang_action_t
Returned by unlang_op_t calls, determine the next action of the interpreter.
Definition action.h:35

buffer
static int const char char buffer[256]
Definition acutest.h:576

RCSID
#define RCSID(id)
Definition build.h:483

STRINGIFY
#define STRINGIFY(x)
Definition build.h:197

CONF_PARSER_TERMINATOR
#define CONF_PARSER_TERMINATOR
Definition cf_parse.h:642

FR_CONF_OFFSET
#define FR_CONF_OFFSET(_name, _struct, _field)
conf_parser_t which parses a single CONF_PAIR, writing the result to a field in a struct
Definition cf_parse.h:268

conf_parser_s::quote
fr_token_t quote
Quoting around the default value. Only used for templates.
Definition cf_parse.h:634

FR_CONF_OFFSET_FLAGS
#define FR_CONF_OFFSET_FLAGS(_name, _flags, _struct, _field)
conf_parser_t which parses a single CONF_PAIR, writing the result to a field in a struct
Definition cf_parse.h:256

CONF_FLAG_REQUIRED
@ CONF_FLAG_REQUIRED
Error out if no matching CONF_PAIR is found, and no dflt value is set.
Definition cf_parse.h:418

CONF_FLAG_FILE_INPUT
@ CONF_FLAG_FILE_INPUT
File matching value must exist, and must be readable.
Definition cf_parse.h:424

conf_parser_s
Defines a CONF_PAIR to C data type mapping.
Definition cf_parse.h:579

CF_IDENT_ANY
#define CF_IDENT_ANY
Definition cf_util.h:78

ERROR
#define ERROR(fmt,...)
Definition dhcpclient.c:41

fr_dict_attr_autoload_t::out
fr_dict_attr_t const  ** out
Where to write a pointer to the resolved fr_dict_attr_t.
Definition dict.h:268

fr_dict_autoload_t::out
fr_dict_t const  ** out
Where to write a pointer to the loaded/resolved fr_dict_t.
Definition dict.h:281

fr_dict_attr_autoload_t
Specifies an attribute which must be present for the module to function.
Definition dict.h:267

fr_dict_autoload_t
Specifies a dictionary which must be loaded/loadable for the module to function.
Definition dict.h:280

fr_dict_vendor_num_by_da
static uint32_t fr_dict_vendor_num_by_da(fr_dict_attr_t const *da)
Return the vendor number for an attribute.
Definition dict_ext.h:212

MODULE_MAGIC_INIT
#define MODULE_MAGIC_INIT
Stop people using different module/library/server versions together.
Definition dl_module.h:63

fr_dlist_next
static void * fr_dlist_next(fr_dlist_head_t const *list_head, void const *ptr)
Get the next item in a list.
Definition dlist.h:555

RDEBUG3
#define RDEBUG3(fmt,...)
Definition log.h:343

RPWARN
#define RPWARN(fmt,...)
Definition log.h:301

RPEDEBUG
#define RPEDEBUG(fmt,...)
Definition log.h:376

map_to_vp
int map_to_vp(TALLOC_CTX *ctx, fr_pair_list_t *out, request_t *request, map_t const *map, UNUSED void *uctx)
Convert a map to a fr_pair_t.
Definition map.c:1487

FR_TYPE_STRING
@ FR_TYPE_STRING
String of printable characters.
Definition merged_model.c:83

FR_TYPE_BOOL
@ FR_TYPE_BOOL
A truth value.
Definition merged_model.c:95

FR_TYPE_VSA
@ FR_TYPE_VSA
Vendor-Specific, for RADIUS attribute 26.
Definition merged_model.c:121

ssize_t
long int ssize_t
Definition merged_model.c:24

fr_dict_attr_t
Definition merged_model.c:133

fr_dict_t
Definition merged_model.c:198

request_t
Definition merged_model.c:210

tmpl_t
Definition merged_model.c:225

module_ctx_t::mi
module_instance_t const  * mi
Instance of the module being instantiated.
Definition module_ctx.h:42

module_inst_ctx_t::mi
module_instance_t * mi
Instance of the module being instantiated.
Definition module_ctx.h:51

module_ctx_t
Temporary structure to hold arguments for module calls.
Definition module_ctx.h:41

module_inst_ctx_t
Temporary structure to hold arguments for instantiation calls.
Definition module_ctx.h:50

module_rlm_s::common
module_t common
Common fields presented by all modules.
Definition module_rlm.h:39

module_rlm_s
Definition module_rlm.h:38

fr_pair_cmp
int fr_pair_cmp(fr_pair_t const *a, fr_pair_t const *b)
Compare two pairs, using the operator from "a".
Definition pair.c:1969

fr_pair_append
int fr_pair_append(fr_pair_list_t *list, fr_pair_t *to_add)
Add a VP to the end of the list.
Definition pair.c:1345

fr_pair_list_init
void fr_pair_list_init(fr_pair_list_t *list)
Initialise a pair list header.
Definition pair.c:46

is_truncated
#define is_truncated(_ret, _max)
Definition print.h:48

config
static const conf_parser_t config[]
Definition base.c:183

fr_assert
#define fr_assert(_expr)
Definition rad_assert.h:38

REDEBUG
#define REDEBUG(fmt,...)
Definition radclient.h:52

RDEBUG2
#define RDEBUG2(fmt,...)
Definition radclient.h:54

WARN
#define WARN(fmt,...)
Definition radclient.h:47

RETURN_MODULE_NOOP
#define RETURN_MODULE_NOOP
Definition rcode.h:62

RETURN_MODULE_FAIL
#define RETURN_MODULE_FAIL
Definition rcode.h:56

RETURN_MODULE_UPDATED
#define RETURN_MODULE_UPDATED
Definition rcode.h:63

rlm_rcode_t
rlm_rcode_t
Return codes indicating the result of the module call.
Definition rcode.h:40

request_attr_reply
fr_dict_attr_t const  * request_attr_reply
Definition request.c:46

attr_relax_filter
static fr_dict_attr_t const  * attr_relax_filter
Definition rlm_attr_filter.c:69

attr_filter_getfile
static int attr_filter_getfile(TALLOC_CTX *ctx, module_inst_ctx_t const *mctx, char const *filename, PAIR_LIST_LIST *pair_list)
Definition rlm_attr_filter.c:103

check_pair
static void check_pair(request_t *request, fr_pair_t *check_item, fr_pair_t *reply_item, int *pass, int *fail)
Definition rlm_attr_filter.c:83

attr_stripped_user_name
static fr_dict_attr_t const  * attr_stripped_user_name
Definition rlm_attr_filter.c:67

attr_fall_through
static fr_dict_attr_t const  * attr_fall_through
Definition rlm_attr_filter.c:68

dict_freeradius
static fr_dict_t const  * dict_freeradius
Definition rlm_attr_filter.c:57

rlm_attr_filter
module_rlm_t rlm_attr_filter
Definition rlm_attr_filter.c:370

dict_radius
static fr_dict_t const  * dict_radius
Definition rlm_attr_filter.c:58

RLM_AF_FUNC
#define RLM_AF_FUNC(_x, _y)
Definition rlm_attr_filter.c:358

rlm_attr_filter_t::attrs
PAIR_LIST_LIST attrs
Definition rlm_attr_filter.c:47

rlm_attr_filter_dict_attr
fr_dict_attr_autoload_t rlm_attr_filter_dict_attr[]
Definition rlm_attr_filter.c:74

attr_vendor_specific
static fr_dict_attr_t const  * attr_vendor_specific
Definition rlm_attr_filter.c:71

attr_filter_common
static unlang_action_t attr_filter_common(TALLOC_CTX *ctx, rlm_rcode_t *p_result, module_ctx_t const *mctx, request_t *request, fr_pair_list_t *list)
Definition rlm_attr_filter.c:189

rlm_attr_filter_t::key
tmpl_t * key
Definition rlm_attr_filter.c:45

rlm_attr_filter_t::relaxed
bool relaxed
Definition rlm_attr_filter.c:46

module_config
static const conf_parser_t module_config[]
Definition rlm_attr_filter.c:50

mod_instantiate
static int mod_instantiate(module_inst_ctx_t const *mctx)
Definition rlm_attr_filter.c:169

rlm_attr_filter_dict
fr_dict_autoload_t rlm_attr_filter_dict[]
Definition rlm_attr_filter.c:61

rlm_attr_filter_t::filename
char const  * filename
Definition rlm_attr_filter.c:44

rlm_attr_filter_t
Definition rlm_attr_filter.c:43

instantiate
static int instantiate(module_inst_ctx_t const *mctx)
Definition rlm_rest.c:1310

fall_through
static sql_fall_through_t fall_through(map_list_t *maps)
Definition rlm_sql.c:300

SECTION_NAME
#define SECTION_NAME(_name1, _name2)
Define a section name consisting of a verb and a noun.
Definition section.h:40

module_s::inst_size
size_t inst_size
Size of the module's instance data.
Definition module.h:203

module_instance_s::data
void * data
Module's instance data.
Definition module.h:271

MODULE_BINDING_TERMINATOR
#define MODULE_BINDING_TERMINATOR
Terminate a module binding list.
Definition module.h:151

module_method_binding_s
Named methods exported by a module.
Definition module.h:173

tmpl_is_attr
#define tmpl_is_attr(vpt)
Definition tmpl.h:213

tmpl_list
static fr_dict_attr_t const * tmpl_list(tmpl_t const *vpt)
Definition tmpl.h:915

tmpl_is_data
#define tmpl_is_data(vpt)
Definition tmpl.h:211

tmpl_expand
#define tmpl_expand(_out, _buff, _buff_len, _request, _vpt, _escape, _escape_ctx)
Expand a tmpl to a C type, using existing storage to hold variably sized types.
Definition tmpl.h:1060

inst
eap_aka_sim_process_conf_t * inst
Definition state_machine.c:3620

map_s
Value pair map.
Definition map.h:77

map_s::op
fr_token_t op
The operator that controls insertion of the dst attribute.
Definition map.h:82

map_s::lhs
tmpl_t * lhs
Typically describes the attribute to add, modify or compare.
Definition map.h:78

map_s::rhs
tmpl_t * rhs
Typically describes a literal value or a src attribute to copy or compare.
Definition map.h:79

pair_list_s
Definition pair.h:52

value_pair_s
Stores an attribute, a value and various bits of other data.
Definition pair.h:68

value_pair_s::da
fr_dict_attr_t const  *_CONST da
Dictionary attribute defines the attribute number, vendor and type of the pair.
Definition pair.h:69

talloc_get_type_abort_const
#define talloc_get_type_abort_const
Definition talloc.h:282

fr_assignment_op
const bool fr_assignment_op[T_TOKEN_LAST]
Definition token.c:168

fr_tokens
char const  * fr_tokens[T_TOKEN_LAST]
Definition token.c:78

T_OP_CMP_TRUE
@ T_OP_CMP_TRUE
Definition token.h:104

T_BARE_WORD
@ T_BARE_WORD
Definition token.h:120

T_OP_SET
@ T_OP_SET
Definition token.h:84

pairlist_read
int pairlist_read(TALLOC_CTX *ctx, fr_dict_t const *dict, char const *file, PAIR_LIST_LIST *list)
Definition users_file.c:235

pair_list::name
char const  * name
Key for matching entry.
Definition users_file.h:39

pair_list::lineno
int lineno
Line number entry read from.
Definition users_file.h:46

pairlist_list_init
static void pairlist_list_init(PAIR_LIST_LIST *list)
Definition users_file.h:59

pair_list::check
map_list_t check
List of maps for comparison / modifying control list.
Definition users_file.h:40

pair_list::reply
map_list_t reply
List of maps for modifying reply list.
Definition users_file.h:41

pair_list
Definition users_file.h:38

pair_list_list
Definition users_file.h:50

fr_pair_list_empty
bool fr_pair_list_empty(fr_pair_list_t const *list)
Is a valuepair list empty.
Definition pair_inline.c:125

fr_pair_list_next
fr_pair_t * fr_pair_list_next(fr_pair_list_t const *list, fr_pair_t const *item))
Get the next item in a valuepair list after a specific entry.
Definition pair_inline.c:70

fr_pair_remove
fr_pair_t * fr_pair_remove(fr_pair_list_t *list, fr_pair_t *vp)
Remove fr_pair_t from a list without freeing.
Definition pair_inline.c:94

fr_pair_list_free
void fr_pair_list_free(fr_pair_list_t *list)
Free memory used by a valuepair list.
Definition pair_inline.c:113

fr_pair_list_append
void fr_pair_list_append(fr_pair_list_t *dst, fr_pair_list_t *src)
Appends a list of fr_pair_t from a temporary list to a destination list.
Definition pair_inline.c:182

fr_pair_list_prev
fr_pair_t * fr_pair_list_prev(fr_pair_list_t const *list, fr_pair_t const *item))
Get the previous item in a valuepair list before a specific entry.
Definition pair_inline.c:83

fr_pair_list_head
fr_pair_t * fr_pair_list_head(fr_pair_list_t const *list)
Get the head of a valuepair list.
Definition pair_inline.c:43

nonnull
int nonnull(2, 5))