The FreeRADIUS server $Id: 15bac2a4c627c01d1aa2047687b3418955ac7f00 $
Loading...
Searching...
No Matches
xlat_builtin.c
Go to the documentation of this file.
1/*
2 * This program is free software; you can redistribute it and/or modify
3 * it under the terms of the GNU General Public License as published by
4 * the Free Software Foundation; either version 2 of the License, or
5 * (at your option) any later version.
6 *
7 * This program is distributed in the hope that it will be useful,
8 * but WITHOUT ANY WARRANTY; without even the implied warranty of
9 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
10 * GNU General Public License for more details.
11 *
12 * You should have received a copy of the GNU General Public License
13 * along with this program; if not, write to the Free Software
14 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
15 */
16
17/**
18 * $Id: 82eccf1db5c5f5a5ef95ff2df409dda97aede395 $
19 *
20 * @file xlat_builtin.c
21 * @brief String expansion ("translation"). Baked in expansions.
22 *
23 * @copyright 2000,2006 The FreeRADIUS server project
24 * @copyright 2000 Alan DeKok (aland@freeradius.org)
25 */
26RCSID("$Id: 82eccf1db5c5f5a5ef95ff2df409dda97aede395 $")
27
28/**
29 * @defgroup xlat_functions xlat expansion functions
30 */
31#include <freeradius-devel/server/base.h>
32#include <freeradius-devel/server/tmpl_dcursor.h>
33#include <freeradius-devel/unlang/interpret.h>
34#include <freeradius-devel/unlang/xlat_priv.h>
35
36#include <freeradius-devel/unlang/xlat.h>
37#include <freeradius-devel/io/test_point.h>
38
39#include <freeradius-devel/util/base16.h>
40#include <freeradius-devel/util/dbuff.h>
41#include <freeradius-devel/util/dcursor.h>
42#include <freeradius-devel/util/pair.h>
43#include <freeradius-devel/util/table.h>
44
45#ifdef HAVE_OPENSSL_EVP_H
46# include <freeradius-devel/tls/openssl_user_macros.h>
47# include <openssl/evp.h>
48#endif
49
50#include <sys/stat.h>
51#include <fcntl.h>
52
53static char const hextab[] = "0123456789abcdef";
54static TALLOC_CTX *xlat_ctx;
55
56typedef struct {
58 fr_dict_t const *dict; //!< Restrict xlat to this namespace
60
61/*
62 * Regular xlat functions
63 */
65 { .single = true, .type = FR_TYPE_INT8 },
67};
68
69/** Dynamically change the debugging level for the current request
70 *
71 * Example:
72@verbatim
73%debug(3)
74@endverbatim
75 *
76 * @ingroup xlat_functions
77 */
79 UNUSED xlat_ctx_t const *xctx,
80 request_t *request, fr_value_box_list_t *args)
81{
82 int level = 0;
83 fr_value_box_t *vb, *lvl_vb;
84
85 XLAT_ARGS(args, &lvl_vb);
86
87 /*
88 * Expand to previous (or current) level
89 */
90 MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_INT8, NULL));
91 vb->vb_int8 = request->log.lvl;
93
94 /*
95 * Assume we just want to get the current value and NOT set it to 0
96 */
97 if (!lvl_vb) goto done;
98
99 level = lvl_vb->vb_int8;
100 if (level == 0) {
101 request->log.lvl = RAD_REQUEST_LVL_NONE;
102 } else {
103 if (level > L_DBG_LVL_MAX) level = L_DBG_LVL_MAX;
104 request->log.lvl = level;
105 }
106
107done:
108 return XLAT_ACTION_DONE;
109}
110
111
116
118{
119 fr_dict_vendor_t const *vendor;
121 size_t i;
122
123 switch (vp->vp_type) {
125 if (vpt) {
126 RIDEBUG2("%s.%s = {",
127 tmpl_list_name(tmpl_list(vpt), "<INVALID>"),
128 vp->da->name);
129 } else {
130 RIDEBUG2("%s = {", vp->da->name);
131 }
132 RINDENT();
133 xlat_debug_attr_list(request, &vp->vp_group);
134 REXDENT();
135 RIDEBUG2("}");
136 break;
137
138 default:
139 if (vpt) {
140 RIDEBUG2("%s.%s = %pV",
141 tmpl_list_name(tmpl_list(vpt), "<INVALID>"),
142 vp->da->name,
143 &vp->data);
144 } else {
145 RIDEBUG2("%s = %pV", vp->da->name, &vp->data);
146 }
147 }
148
149 if (!RDEBUG_ENABLED3) return;
150
151 RINDENT();
152 RIDEBUG3("da : %p", vp->da);
153 RIDEBUG3("is_raw : %pV", fr_box_bool(vp->vp_raw));
154 RIDEBUG3("is_unknown : %pV", fr_box_bool(vp->da->flags.is_unknown));
155
156 if (RDEBUG_ENABLED3) {
157 RIDEBUG3("parent : %s (%p)", vp->da->parent->name, vp->da->parent);
158 } else {
159 RIDEBUG2("parent : %s", vp->da->parent->name);
160 }
161 RIDEBUG3("attr : %u", vp->da->attr);
162 vendor = fr_dict_vendor_by_da(vp->da);
163 if (vendor) RIDEBUG2("vendor : %u (%s)", vendor->pen, vendor->name);
164 RIDEBUG3("type : %s", fr_type_to_str(vp->vp_type));
165
166 switch (vp->vp_type) {
167 case FR_TYPE_LEAF:
168 if (fr_box_is_variable_size(&vp->data)) {
169 RIDEBUG3("length : %zu", vp->vp_length);
170 }
171 RIDEBUG3("tainted : %pV", fr_box_bool(vp->data.tainted));
172 break;
173 default:
174 break;
175 }
176
177 if (!RDEBUG_ENABLED4) {
178 REXDENT();
179 return;
180 }
181
182 for (i = 0; i < fr_type_table_len; i++) {
183 int pad;
184
185 fr_value_box_t *dst = NULL;
186
187 type = &fr_type_table[i];
188
189 if ((fr_type_t) type->value == vp->vp_type) goto next_type;
190
191 /*
192 * Don't cast TO structural, or FROM structural types.
193 */
194 if (!fr_type_is_leaf(type->value) || !fr_type_is_leaf(vp->vp_type)) goto next_type;
195
197 /* We expect some to fail */
198 if (fr_value_box_cast(dst, dst, type->value, NULL, &vp->data) < 0) {
199 goto next_type;
200 }
201
202 if ((pad = (11 - type->name.len)) < 0) pad = 0;
203
204 RINDENT();
205 RDEBUG4("as %s%*s: %pV", type->name.str, pad, " ", dst);
206 REXDENT();
207
208 next_type:
209 talloc_free(dst);
210 }
211
212 REXDENT();
213}
214
216{
217 fr_pair_t *vp;
218
219 for (vp = fr_pair_list_next(list, NULL);
220 vp != NULL;
221 vp = fr_pair_list_next(list, vp)) {
222 xlat_debug_attr_vp(request, vp, NULL);
223 }
224}
225
226/** Common function to move boxes from input list to output list
227 *
228 * This can be used to implement safe_for functions, as the xlat framework
229 * can be used for concatenation, casting, and marking up output boxes as
230 * safe_for.
231 */
233 UNUSED xlat_ctx_t const *xctx,
234 UNUSED request_t *request, fr_value_box_list_t *args)
235{
237 fr_value_box_list_remove(args, vb);
239 }}
240
242}
243
244/** Print out attribute info
245 *
246 * Prints out all instances of a current attribute, or all attributes in a list.
247 *
248 * At higher debugging levels, also prints out alternative decodings of the same
249 * value. This is helpful to determine types for unknown attributes of long
250 * passed vendors, or just crazy/broken NAS.
251 *
252 * This expands to a zero length string.
253 *
254 * Example:
255@verbatim
256%debug.attr(&request)
257@endverbatim
258 *
259 * @ingroup xlat_functions
260 */
262 UNUSED xlat_ctx_t const *xctx,
263 request_t *request, fr_value_box_list_t *args)
264{
265 fr_pair_t *vp;
266 fr_dcursor_t *cursor;
267 fr_value_box_t *in_head;
268
269 XLAT_ARGS(args, &in_head);
270
271 if (!RDEBUG_ENABLED2) return XLAT_ACTION_DONE; /* NOOP if debugging isn't enabled */
272
273 cursor = fr_value_box_get_cursor(in_head);
274
275 RDEBUG("Attributes matching \"%s\"", in_head->vb_cursor_name);
276
277 RINDENT();
278 for (vp = fr_dcursor_current(cursor);
279 vp;
280 vp = fr_dcursor_next(cursor)) {
281 xlat_debug_attr_vp(request, vp, NULL); /* @todo - pass in vpt, too, via the vb_cursor stuff */
282 }
283 REXDENT();
284
285 return XLAT_ACTION_DONE;
286}
287
288#ifdef __clang__
289#pragma clang diagnostic ignored "-Wgnu-designator"
290#endif
291
293 .name = "filename",
294 .chr = '_',
295 .do_utf8 = true,
296 .do_hex = true,
297
298 .esc = {
299 [ 0x00 ... 0x2d ] = true, // special characters, but not '.'
300 [ 0x2f ] = true, // /
301 [ 0x3A ... 0x3f ] = true, // :;<=>?, but not "@"
302 [ 0x5b ... 0x5e ] = true, // [\]^
303 [ 0x60 ] = true, // back-tick
304 [ 0x7b ... 0xff ] = true, // {|}, and all chars which have high bit set, but aren't UTF-8
305 },
306};
307
309 .name = "filename",
310 .chr = '_',
311 .do_utf8 = true,
312 .do_hex = true,
313
314 .esc = {
315 [ 0x00 ... 0x2f ] = true, // special characters, '.', '/', etc.
316 [ 0x3A ... 0x3f ] = true, // :;<=>?, but not "@"
317 [ 0x5b ... 0x5e ] = true, // [\]^
318 [ 0x60 ] = true, // back-tick
319 [ 0x7b ... 0xff ] = true, // {|}, and all chars which have high bit set, but aren't UTF-8
320 },
321};
322
323#define FR_FILENAME_SAFE_FOR ((uintptr_t) filename_xlat_escape)
324
325static int CC_HINT(nonnull(2,3)) filename_xlat_escape(UNUSED request_t *request, fr_value_box_t *vb, UNUSED void *uctx)
326{
327 fr_sbuff_t *out = NULL;
328 fr_value_box_entry_t entry;
329
331
332 /*
333 * Integers are just numbers, so they don't need to be escaped.
334 *
335 * Except that FR_TYPE_INTEGER includes 'date' and 'time_delta', which is annoying.
336 *
337 * 'octets' get printed as hex, so they don't need to be escaped.
338 */
339 switch (vb->type) {
340 case FR_TYPE_BOOL:
341 case FR_TYPE_UINT8:
342 case FR_TYPE_UINT16:
343 case FR_TYPE_UINT32:
344 case FR_TYPE_UINT64:
345 case FR_TYPE_INT8:
346 case FR_TYPE_INT16:
347 case FR_TYPE_INT32:
348 case FR_TYPE_INT64:
349 case FR_TYPE_SIZE:
350 case FR_TYPE_OCTETS:
351 return 0;
352
353 case FR_TYPE_NON_LEAF:
354 fr_assert(0);
355 return -1;
356
357 case FR_TYPE_DATE:
359 case FR_TYPE_IFID:
360 case FR_TYPE_ETHERNET:
361 case FR_TYPE_FLOAT32:
362 case FR_TYPE_FLOAT64:
369 case FR_TYPE_ATTR:
370 /*
371 * Printing prefixes etc. does NOT result in the escape function being called! So
372 * instead, we cast the results to a string, and then escape the string.
373 */
374 if (fr_value_box_cast_in_place(vb, vb, FR_TYPE_STRING, NULL) < 0) return -1;
375
377 break;
378
379 case FR_TYPE_STRING:
380 /*
381 * Note that we set ".always_escape" in the function arguments, so that we get called for
382 * IP addresses. Otherwise, the xlat evaluator and/or the list_concat_as_string
383 * functions won't call us. And the expansion will return IP addresses with '/' in them.
384 * Which is not what we want.
385 */
387
388 /*
389 * If the tainted string has a leading '.', then escape _all_ periods in it. This is so that we
390 * don't accidentally allow a "safe" value to end with '/', and then an "unsafe" value contains
391 * "..", and we now have a directory traversal attack.
392 *
393 * The escape rules will escape '/' in unsafe strings, so there's no possibility for an unsafe
394 * string to either end with a '/', or to contain "/.." itself.
395 *
396 * Allowing '.' in the middle of the string means we can have filenames based on realms, such as
397 * "log/aland@freeradius.org".
398 */
399 if (vb->vb_strvalue[0] == '.') {
401 } else {
403 }
404
405 break;
406 }
407
408 entry = vb->entry;
410 (void) fr_value_box_bstrndup(vb, vb, NULL, fr_sbuff_start(out), fr_sbuff_used(out), false);
411 vb->entry = entry;
412
413 return 0;
414}
415
417 { .required = true, .concat = true, .type = FR_TYPE_STRING,
418 .func = filename_xlat_escape, .safe_for = FR_FILENAME_SAFE_FOR, .always_escape = true },
420};
421
423 { .required = true, .concat = true, .type = FR_TYPE_STRING,
424 .func = filename_xlat_escape, .safe_for = FR_FILENAME_SAFE_FOR, .always_escape = true },
425 { .required = false, .type = FR_TYPE_UINT32 },
427};
428
429
431 UNUSED xlat_ctx_t const *xctx,
432 UNUSED request_t *request, fr_value_box_list_t *args)
433{
434 fr_value_box_t *dst, *vb;
435 char const *filename;
436 struct stat buf;
437
438 XLAT_ARGS(args, &vb);
439 fr_assert(vb->type == FR_TYPE_STRING);
440 filename = vb->vb_strvalue;
441
442 MEM(dst = fr_value_box_alloc(ctx, FR_TYPE_BOOL, NULL));
444
445 dst->vb_bool = (stat(filename, &buf) == 0);
446
447 return XLAT_ACTION_DONE;
448}
449
450
452 UNUSED xlat_ctx_t const *xctx,
453 request_t *request, fr_value_box_list_t *args)
454{
455 fr_value_box_t *dst, *vb;
456 char const *filename;
457 ssize_t len;
458 int fd;
459 char *p, buffer[256];
460
461 XLAT_ARGS(args, &vb);
462 fr_assert(vb->type == FR_TYPE_STRING);
463 filename = vb->vb_strvalue;
464
465 fd = open(filename, O_RDONLY);
466 if (fd < 0) {
467 REDEBUG3("Failed opening file %s - %s", filename, fr_syserror(errno));
468 return XLAT_ACTION_FAIL;
469 }
470
471 len = read(fd, buffer, sizeof(buffer));
472 if (len < 0) {
473 REDEBUG3("Failed reading file %s - %s", filename, fr_syserror(errno));
474 close(fd);
475 return XLAT_ACTION_FAIL;
476 }
477
478 /*
479 * Find the first CR/LF, but bail if we get any weird characters.
480 */
481 for (p = buffer; p < (buffer + len); p++) {
482 if ((*p == '\r') || (*p == '\n')) {
483 break;
484 }
485
486 if ((*p < ' ') && (*p != '\t')) {
487 invalid:
488 REDEBUG("Invalid text in file %s", filename);
489 close(fd);
490 return XLAT_ACTION_FAIL;
491 }
492 }
493
494 if ((p - buffer) > len) goto invalid;
495 close(fd);
496
497 MEM(dst = fr_value_box_alloc(ctx, FR_TYPE_STRING, NULL));
498 if (fr_value_box_bstrndup(dst, dst, NULL, buffer, p - buffer, false) < 0) {
499 talloc_free(dst);
500 return XLAT_ACTION_FAIL;
501 }
502
504
505 return XLAT_ACTION_DONE;
506}
507
508
510 UNUSED xlat_ctx_t const *xctx,
511 request_t *request, fr_value_box_list_t *args)
512{
513 fr_value_box_t *dst, *vb;
514 char const *filename;
515 struct stat buf;
516
517 XLAT_ARGS(args, &vb);
518 fr_assert(vb->type == FR_TYPE_STRING);
519 filename = vb->vb_strvalue;
520
521 if (stat(filename, &buf) < 0) {
522 REDEBUG3("Failed checking file %s - %s", filename, fr_syserror(errno));
523 return XLAT_ACTION_FAIL;
524 }
525
526 MEM(dst = fr_value_box_alloc(ctx, FR_TYPE_UINT64, NULL)); /* off_t is signed, but file sizes shouldn't be negative */
528
529 dst->vb_uint64 = buf.st_size;
530
531 return XLAT_ACTION_DONE;
532}
533
534
536 UNUSED xlat_ctx_t const *xctx,
537 request_t *request, fr_value_box_list_t *args)
538{
539 fr_value_box_t *dst, *vb, *num = NULL;
540 char const *filename;
541 ssize_t len;
542 off_t offset;
543 int fd;
544 int crlf, stop = 1;
545 char *p, *end, *found, buffer[256];
546
547 XLAT_ARGS(args, &vb, &num);
548 fr_assert(vb->type == FR_TYPE_STRING);
549 filename = vb->vb_strvalue;
550
551 fd = open(filename, O_RDONLY);
552 if (fd < 0) {
553 REDEBUG3("Failed opening file %s - %s", filename, fr_syserror(errno));
554 return XLAT_ACTION_FAIL;
555 }
556
557 offset = lseek(fd, 0, SEEK_END);
558 if (offset < 0) {
559 REDEBUG3("Failed seeking to end of file %s - %s", filename, fr_syserror(errno));
560 goto fail;
561 }
562
563 if (offset > (off_t) sizeof(buffer)) {
564 offset -= sizeof(buffer);
565 } else {
566 offset = 0;
567 }
568
569 if (lseek(fd, offset, SEEK_SET) < 0) {
570 REDEBUG3("Failed seeking backwards from end of file %s - %s", filename, fr_syserror(errno));
571 goto fail;
572 }
573
574 len = read(fd, buffer, sizeof(buffer));
575 if (len < 0) {
576 fail:
577 REDEBUG3("Failed reading file %s - %s", filename, fr_syserror(errno));
578 close(fd);
579 return XLAT_ACTION_FAIL;
580 }
581 close(fd);
582
583 found = buffer;
584 end = buffer + len;
585
586 /*
587 * No data, OR just one CR / LF, we print it all out.
588 */
589 if (len <= 1) goto done;
590
591 /*
592 * Clamp number of lines to a reasonable value. They
593 * still all have to fit into 256 characters, though.
594 *
595 * @todo - have a large thread-local temporary buffer for this stuff.
596 */
597 if (num) {
598 fr_assert(num->type == FR_TYPE_GROUP);
599 fr_assert(fr_value_box_list_num_elements(&num->vb_group) == 1);
600
601 num = fr_value_box_list_head(&num->vb_group);
602 fr_assert(num->type == FR_TYPE_UINT32);
603
604 if (!num->vb_uint32) {
605 stop = 1;
606
607 } else if (num->vb_uint32 <= 16) {
608 stop = num->vb_uint64;
609
610 } else {
611 stop = 16;
612 }
613 } else {
614 stop = 1;
615 }
616
617 p = end - 1;
618 crlf = 0;
619
620 /*
621 * Skip any trailing CRLF first.
622 */
623 while (p > buffer) {
624 /*
625 * Could be CRLF, or just LF.
626 */
627 if (*p == '\n') {
628 end = p;
629 p--;
630 if (p == buffer) {
631 goto done;
632 }
633 if (*p >= ' ') {
634 break;
635 }
636 }
637
638 if (*p == '\r') {
639 end = p;
640 p--;
641 break;
642 }
643
644 /*
645 * We've found CR, LF, or CRLF. The previous
646 * thing is either raw text, or is another CR/LF.
647 */
648 break;
649 }
650
651 found = p;
652
653 while (p > buffer) {
654 crlf++;
655
656 /*
657 * If the current line is empty, we can stop.
658 */
659 if ((crlf == stop) && (*found < ' ')) {
660 found++;
661 goto done;
662 }
663
664 while (*p >= ' ') {
665 found = p;
666 p--;
667 if (p == buffer) {
668 found = buffer;
669 goto done;
670 }
671 }
672 if (crlf == stop) {
673 break;
674 }
675
676 /*
677 * Check again for CRLF.
678 */
679 if (*p == '\n') {
680 p--;
681 if (p == buffer) {
682 break;
683 }
684 if (*p >= ' ') {
685 continue;
686 }
687 }
688
689 if (*p == '\r') {
690 p--;
691 if (p == buffer) {
692 break;
693 }
694 continue;
695 }
696 }
697
698done:
699
700 /*
701 * @todo - return a _list_ of value-boxes, one for each line in the file.
702 * Which means chopping off each CRLF in the file
703 */
704
705 MEM(dst = fr_value_box_alloc(ctx, FR_TYPE_STRING, NULL));
706 if (fr_value_box_bstrndup(dst, dst, NULL, found, (size_t) (end - found), false) < 0) {
707 talloc_free(dst);
708 return XLAT_ACTION_FAIL;
709 }
710
712
713 return XLAT_ACTION_DONE;
714}
715
717 { .required = true, .concat = true, .type = FR_TYPE_STRING,
718 .func = filename_xlat_escape, .safe_for = FR_FILENAME_SAFE_FOR, .always_escape = true },
719 { .required = true, .type = FR_TYPE_SIZE, .single = true },
721};
722
724 UNUSED xlat_ctx_t const *xctx,
725 request_t *request, fr_value_box_list_t *args)
726{
727 fr_value_box_t *dst, *vb, *max_size;
728 char const *filename;
729 ssize_t len;
730 int fd;
731 struct stat buf;
733
734 XLAT_ARGS(args, &vb, &max_size);
735 fr_assert(vb->type == FR_TYPE_STRING);
736 filename = vb->vb_strvalue;
737
738 fd = open(filename, O_RDONLY);
739 if (fd < 0) {
740 RPERROR("Failed opening file %s - %s", filename, fr_syserror(errno));
741 return XLAT_ACTION_FAIL;
742 }
743
744 if (fstat(fd, &buf) < 0) {
745 RPERROR("Failed checking file %s - %s", filename, fr_syserror(errno));
746 fail:
747 close(fd);
748 return XLAT_ACTION_FAIL;
749 }
750
751 if ((size_t)buf.st_size > max_size->vb_size) {
752 RPERROR("File larger than specified maximum (%"PRIu64" vs %zu)", buf.st_size, max_size->vb_size);
753 goto fail;
754 }
755
756 MEM(dst = fr_value_box_alloc(ctx, FR_TYPE_OCTETS, false));
757 fr_value_box_mem_alloc(dst, &buffer, dst, NULL, buf.st_size, true);
758
759 len = read(fd, buffer, buf.st_size);
760 if (len < 0) {
761 RPERROR("Failed reading file %s - %s", filename, fr_syserror(errno));
762 talloc_free(dst);
763 goto fail;
764 }
765 close(fd);
766
768
769 return XLAT_ACTION_DONE;
770}
771
773 UNUSED xlat_ctx_t const *xctx,
774 request_t *request, fr_value_box_list_t *args)
775{
776 fr_value_box_t *dst, *vb;
777 char const *filename;
778
779 XLAT_ARGS(args, &vb);
780 fr_assert(vb->type == FR_TYPE_STRING);
781 filename = vb->vb_strvalue;
782
783 MEM(dst = fr_value_box_alloc(ctx, FR_TYPE_BOOL, NULL));
785
786 dst->vb_bool = (unlink(filename) == 0);
787 if (!dst->vb_bool) {
788 REDEBUG3("Failed unlinking file %s - %s", filename, fr_syserror(errno));
789 }
790
791 return XLAT_ACTION_DONE;
792}
793
795 request_t *request, fr_value_box_list_t *args)
796{
797 fr_value_box_t *dst, *vb;
798 char const *filename;
799 int fd;
800
801 XLAT_ARGS(args, &vb);
802 fr_assert(vb->type == FR_TYPE_STRING);
803 filename = vb->vb_strvalue;
804
805 MEM(dst = fr_value_box_alloc(ctx, FR_TYPE_BOOL, NULL));
807
808 fd = open(filename, O_CREAT | S_IRUSR | S_IWUSR, 0600);
809 if (fd == -1) {
810 dst->vb_bool = false;
811 REDEBUG3("Failed touching file %s - %s", filename, fr_syserror(errno));
812 }
813 dst->vb_bool = true;
814
815 close(fd);
816
817 return XLAT_ACTION_DONE;
818}
819
821 { .required = true, .type = FR_TYPE_VOID },
822 { .variadic = XLAT_ARG_VARIADIC_EMPTY_KEEP, .type = FR_TYPE_VOID },
824};
825
827 UNUSED xlat_ctx_t const *xctx,
828 UNUSED request_t *request, fr_value_box_list_t *in)
829{
830 fr_value_box_t *vb;
831
833 while ((vb = fr_value_box_list_pop_head(in)) != NULL) {
835 }
836
837 return XLAT_ACTION_DONE;
838}
839
841 UNUSED xlat_ctx_t const *xctx,
842 UNUSED request_t *request, fr_value_box_list_t *in)
843{
844 fr_value_box_t *vb;
845
846 while ((vb = fr_value_box_list_pop_head(in)) != NULL) {
847 fr_value_box_t *child;
848
849 fr_assert(vb->type == FR_TYPE_GROUP);
850
851 while ((child = fr_value_box_list_pop_head(&vb->vb_group)) != NULL) {
852 child->tainted = true;
854
855 fr_dcursor_append(out, child);
856 }
857 }
858
859 return XLAT_ACTION_DONE;
860}
861
863 { .required = true, .type = FR_TYPE_STRING },
864 { .required = true, .concat = true, .type = FR_TYPE_STRING },
866};
867
868/** Split a string into multiple new strings based on a delimiter
869 *
870@verbatim
871%explode(<string>, <delim>)
872@endverbatim
873 *
874 * Example:
875@verbatim
876update request {
877 &Tmp-String-1 := "a,b,c"
878}
879"%concat(%explode(%{Tmp-String-1}, ','), '|')" == "a|b|c"g
880@endverbatim
881 *
882 * @ingroup xlat_functions
883 */
885 UNUSED xlat_ctx_t const *xctx,
886 request_t *request, fr_value_box_list_t *args)
887{
889 fr_value_box_list_t *list;
890 fr_value_box_t *delim_vb;
891 ssize_t delim_len;
892 char const *delim;
893 fr_value_box_t *string, *vb;
894
895 XLAT_ARGS(args, &strings, &delim_vb);
896
897 list = &strings->vb_group;
898
899 /* coverity[dereference] */
900 if (delim_vb->vb_length == 0) {
901 REDEBUG("Delimiter must be greater than zero characters");
902 return XLAT_ACTION_FAIL;
903 }
904
905 delim = delim_vb->vb_strvalue;
906 delim_len = delim_vb->vb_length;
907
908 while ((string = fr_value_box_list_pop_head(list))) {
909 fr_sbuff_t sbuff = FR_SBUFF_IN(string->vb_strvalue, string->vb_length);
910 fr_sbuff_marker_t m_start;
911
912 /*
913 * If the delimiter is not in the string, just move to the output
914 */
915 if (!fr_sbuff_adv_to_str(&sbuff, SIZE_MAX, delim, delim_len)) {
916 fr_dcursor_append(out, string);
917 continue;
918 }
919
920 fr_sbuff_set_to_start(&sbuff);
921 fr_sbuff_marker(&m_start, &sbuff);
922
923 while (fr_sbuff_remaining(&sbuff)) {
924 if (fr_sbuff_adv_to_str(&sbuff, SIZE_MAX, delim, delim_len)) {
925 /*
926 * If there's nothing before the delimiter skip
927 */
928 if (fr_sbuff_behind(&m_start) == 0) goto advance;
929
930 MEM(vb = fr_value_box_alloc_null(ctx));
931 fr_value_box_bstrndup(vb, vb, NULL, fr_sbuff_current(&m_start),
932 fr_sbuff_behind(&m_start), false);
933 fr_value_box_safety_copy(vb, string);
935
936 advance:
937 fr_sbuff_advance(&sbuff, delim_len);
938 fr_sbuff_set(&m_start, &sbuff);
939 continue;
940 }
941
942 fr_sbuff_set_to_end(&sbuff);
943 MEM(vb = fr_value_box_alloc_null(ctx));
944 fr_value_box_bstrndup(vb, vb, NULL, fr_sbuff_current(&m_start),
945 fr_sbuff_behind(&m_start), false);
946
947 fr_value_box_safety_copy(vb, string);
949 break;
950 }
951 talloc_free(string);
952 }
953
954 return XLAT_ACTION_DONE;
955}
956
957/** Mark one or more attributes as immutable
958 *
959 * Example:
960@verbatim
961%pairs.immutable(request.State[*])
962@endverbatim
963 *
964 * @ingroup xlat_functions
965 */
967 UNUSED xlat_ctx_t const *xctx,
968 request_t *request, fr_value_box_list_t *args)
969{
970 fr_pair_t *vp;
971 fr_dcursor_t *cursor;
972 fr_value_box_t *in_head;
973
974 XLAT_ARGS(args, &in_head);
975
976 cursor = fr_value_box_get_cursor(in_head);
977
978 RDEBUG("Attributes matching \"%s\"", in_head->vb_cursor_name);
979
980 RINDENT();
981 for (vp = fr_dcursor_current(cursor);
982 vp;
983 vp = fr_dcursor_next(cursor)) {
985 }
986 REXDENT();
987
988 return XLAT_ACTION_DONE;
989}
990
992 { .required = true, .single = true, .type = FR_TYPE_VOID },
994};
995
996/** Print data as integer, not as VALUE.
997 *
998 * Example:
999@verbatim
1000update request {
1001 &Tmp-IP-Address-0 := "127.0.0.5"
1002}
1003%integer(%{Tmp-IP-Address-0}) == 2130706437
1004@endverbatim
1005 * @ingroup xlat_functions
1006 */
1008 UNUSED xlat_ctx_t const *xctx,
1009 request_t *request, fr_value_box_list_t *args)
1010{
1011 fr_value_box_t *in_vb;
1012 char const *p;
1013
1014 XLAT_ARGS(args, &in_vb);
1015
1016 fr_strerror_clear(); /* Make sure we don't print old errors */
1017
1018 fr_value_box_list_remove(args, in_vb);
1019
1020 switch (in_vb->type) {
1021 default:
1022 error:
1023 RPEDEBUG("Failed converting %pV (%s) to an integer", in_vb,
1024 fr_type_to_str(in_vb->type));
1025 talloc_free(in_vb);
1026 return XLAT_ACTION_FAIL;
1027
1028 case FR_TYPE_NUMERIC:
1029 /*
1030 * Ensure enumeration is NULL so that the integer
1031 * version of a box is returned
1032 */
1033 in_vb->enumv = NULL;
1034
1035 /*
1036 * FR_TYPE_DATE and FR_TYPE_TIME_DELTA need to be cast
1037 * to int64_t so that they're printed in a
1038 * numeric format.
1039 */
1040 if ((in_vb->type == FR_TYPE_DATE) || (in_vb->type == FR_TYPE_TIME_DELTA)) {
1041 if (fr_value_box_cast_in_place(ctx, in_vb, FR_TYPE_INT64, NULL) < 0) goto error;
1042 }
1043 break;
1044
1045 case FR_TYPE_STRING:
1046 /*
1047 * Strings are always zero terminated. They may
1048 * also have zeros in the middle, but if that
1049 * happens, the caller will only get the part up
1050 * to the first zero.
1051 *
1052 * We check for negative numbers, just to be
1053 * nice.
1054 */
1055 for (p = in_vb->vb_strvalue; *p != '\0'; p++) {
1056 if (*p == '-') break;
1057 }
1058
1059 if (*p == '-') {
1060 if (fr_value_box_cast_in_place(ctx, in_vb, FR_TYPE_INT64, NULL) < 0) goto error;
1061 } else {
1062 if (fr_value_box_cast_in_place(ctx, in_vb, FR_TYPE_UINT64, NULL) < 0) goto error;
1063 }
1064 break;
1065
1066 case FR_TYPE_OCTETS:
1067 if (in_vb->vb_length > sizeof(uint64_t)) {
1068 fr_strerror_printf("Expected octets length <= %zu, got %zu", sizeof(uint64_t), in_vb->vb_length);
1069 goto error;
1070 }
1071
1072 if (in_vb->vb_length > sizeof(uint32_t)) {
1073 if (unlikely(fr_value_box_cast_in_place(ctx, in_vb, FR_TYPE_UINT64, NULL) < 0)) goto error;
1074 } else if (in_vb->vb_length > sizeof(uint16_t)) {
1075 if (unlikely(fr_value_box_cast_in_place(ctx, in_vb, FR_TYPE_UINT32, NULL) < 0)) goto error;
1076 } else if (in_vb->vb_length > sizeof(uint8_t)) {
1077 if (unlikely(fr_value_box_cast_in_place(ctx, in_vb, FR_TYPE_UINT16, NULL) < 0)) goto error;
1078 } else {
1079 if (unlikely(fr_value_box_cast_in_place(ctx, in_vb, FR_TYPE_UINT8, NULL) < 0)) goto error;
1080 }
1081
1082 break;
1083
1084 case FR_TYPE_IPV4_ADDR:
1086 if (fr_value_box_cast_in_place(ctx, in_vb, FR_TYPE_UINT32, NULL) < 0) goto error;
1087 break;
1088
1089 case FR_TYPE_ETHERNET:
1090 if (fr_value_box_cast_in_place(ctx, in_vb, FR_TYPE_UINT64, NULL) < 0) goto error;
1091 break;
1092
1093 case FR_TYPE_IPV6_ADDR:
1095 {
1096 uint128_t ipv6int;
1097 char buff[40];
1098 fr_value_box_t *vb;
1099
1100 /*
1101 * Needed for correct alignment (as flagged by ubsan)
1102 */
1103 memcpy(&ipv6int, &in_vb->vb_ip.addr.v6.s6_addr, sizeof(ipv6int));
1104
1105 fr_snprint_uint128(buff, sizeof(buff), ntohlll(ipv6int));
1106
1107 MEM(vb = fr_value_box_alloc_null(ctx));
1108 fr_value_box_bstrndup(vb, vb, NULL, buff, strlen(buff), false);
1110 talloc_free(in_vb);
1111 return XLAT_ACTION_DONE;
1112 }
1113 }
1114
1115 fr_dcursor_append(out, in_vb);
1116
1117 return XLAT_ACTION_DONE;
1118}
1119
1121 { .concat = true, .type = FR_TYPE_STRING },
1123};
1124
1125/** Log something at INFO level.
1126 *
1127 * Example:
1128@verbatim
1129%log("This is an informational message")
1130@endverbatim
1131 *
1132 * @ingroup xlat_functions
1133 */
1135 UNUSED xlat_ctx_t const *xctx,
1136 request_t *request, fr_value_box_list_t *args)
1137{
1138 fr_value_box_t *vb;
1139
1140 XLAT_ARGS(args, &vb);
1141
1142 if (!vb) return XLAT_ACTION_DONE;
1143
1144 RINFO("%s", vb->vb_strvalue);
1145
1146 return XLAT_ACTION_DONE;
1147}
1148
1149
1150/** Log something at DEBUG level.
1151 *
1152 * Example:
1153@verbatim
1154%log.debug("This is a message")
1155@endverbatim
1156 *
1157 * @ingroup xlat_functions
1158 */
1160 UNUSED xlat_ctx_t const *xctx,
1161 request_t *request, fr_value_box_list_t *args)
1162{
1163 fr_value_box_t *vb;
1164
1165 XLAT_ARGS(args, &vb);
1166
1167 if (!vb) return XLAT_ACTION_DONE;
1168
1169 RDEBUG("%s", vb->vb_strvalue);
1170
1171 return XLAT_ACTION_DONE;
1172}
1173
1174
1175/** Log something at DEBUG level.
1176 *
1177 * Example:
1178@verbatim
1179%log.err("Big error here")
1180@endverbatim
1181 *
1182 * @ingroup xlat_functions
1183 */
1185 UNUSED xlat_ctx_t const *xctx,
1186 request_t *request, fr_value_box_list_t *args)
1187{
1188 fr_value_box_t *vb;
1189
1190 XLAT_ARGS(args, &vb);
1191
1192 if (!vb) return XLAT_ACTION_DONE;
1193
1194 REDEBUG("%s", vb->vb_strvalue);
1195
1196 return XLAT_ACTION_DONE;
1197}
1198
1199
1200/** Log something at WARN level.
1201 *
1202 * Example:
1203@verbatim
1204%log.warn("Maybe something bad happened")
1205@endverbatim
1206 *
1207 * @ingroup xlat_functions
1208 */
1210 UNUSED xlat_ctx_t const *xctx,
1211 request_t *request, fr_value_box_list_t *args)
1212{
1213 fr_value_box_t *vb;
1214
1215 XLAT_ARGS(args, &vb);
1216
1217 if (!vb) return XLAT_ACTION_DONE;
1218
1219 RWDEBUG("%s", vb->vb_strvalue);
1220
1221 return XLAT_ACTION_DONE;
1222}
1223
1224static int _log_dst_free(fr_log_t *log)
1225{
1226 close(log->fd);
1227 return 0;
1228}
1229
1231 { .required = false, .type = FR_TYPE_STRING, .concat = true },
1232 { .required = false, .type = FR_TYPE_UINT32, .single = true },
1233 { .required = false, .type = FR_TYPE_STRING, .concat = true },
1235};
1236
1237/** Change the log destination to the named one
1238 *
1239 * Example:
1240@verbatim
1241%log.destination('foo')
1242@endverbatim
1243 *
1244 * @ingroup xlat_functions
1245 */
1247 UNUSED xlat_ctx_t const *xctx,
1248 request_t *request, fr_value_box_list_t *args)
1249{
1250 fr_value_box_t *dst, *lvl, *file;
1251 fr_log_t *log, *dbg;
1252 uint32_t level = 2;
1253
1254 XLAT_ARGS(args, &dst, &lvl, &file);
1255
1256 if (!dst || !*dst->vb_strvalue) {
1257 request_log_prepend(request, NULL, L_DBG_LVL_DISABLE);
1258 return XLAT_ACTION_DONE;
1259 }
1260
1261 log = log_dst_by_name(dst->vb_strvalue);
1262 if (!log) return XLAT_ACTION_FAIL;
1263
1264 if (lvl) level = lvl->vb_uint32;
1265
1266 if (!file || ((log->dst != L_DST_NULL) && (log->dst != L_DST_FILES))) {
1267 request_log_prepend(request, log, level);
1268 return XLAT_ACTION_DONE;
1269 }
1270
1271 /*
1272 * Clone it.
1273 */
1274 MEM(dbg = talloc_memdup(request, log, sizeof(*log)));
1275 dbg->parent = log;
1276
1277 /*
1278 * Open the new filename.
1279 */
1280 dbg->dst = L_DST_FILES;
1281 dbg->file = talloc_strdup(dbg, file->vb_strvalue);
1282 dbg->fd = open(dbg->file, O_WRONLY | O_CREAT | O_CLOEXEC, 0600);
1283 if (dbg->fd < 0) {
1284 REDEBUG("Failed opening %s - %s", dbg->file, fr_syserror(errno));
1285 talloc_free(dbg);
1286 return XLAT_ACTION_DONE;
1287 }
1288
1289 /*
1290 * Ensure that we close the file handle when done.
1291 */
1292 talloc_set_destructor(dbg, _log_dst_free);
1293
1294 request_log_prepend(request, dbg, level);
1295 return XLAT_ACTION_DONE;
1296}
1297
1298
1300 { .required = true, .concat = true, .type = FR_TYPE_STRING },
1302};
1303
1304/** Processes fmt as a map string and applies it to the current request
1305 *
1306 * e.g.
1307@verbatim
1308%map("User-Name := 'foo'")
1309@endverbatim
1310 *
1311 * Allows sets of modifications to be cached and then applied.
1312 * Useful for processing generic attributes from LDAP.
1313 *
1314 * @ingroup xlat_functions
1315 */
1317 UNUSED xlat_ctx_t const *xctx,
1318 request_t *request, fr_value_box_list_t *args)
1319{
1320 map_t *map = NULL;
1321 int ret;
1322 fr_value_box_t *fmt_vb;
1323 fr_value_box_t *vb;
1324
1325 tmpl_rules_t attr_rules = {
1326 .attr = {
1327 .dict_def = request->local_dict,
1328 .list_def = request_attr_request,
1329 },
1330 .xlat = {
1331 .runtime_el = unlang_interpret_event_list(request)
1332 }
1333 };
1334
1335 XLAT_ARGS(args, &fmt_vb);
1336
1337 if (map_afrom_attr_str(request, &map, fmt_vb->vb_strvalue, &attr_rules, &attr_rules) < 0) {
1338 RPEDEBUG("Failed parsing \"%s\" as map", fmt_vb->vb_strvalue);
1339 return XLAT_ACTION_FAIL;
1340 }
1341
1342 MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_BOOL, NULL));
1343 vb->vb_bool = false; /* Default fail value - changed to true on success */
1345
1346 switch (map->lhs->type) {
1347 case TMPL_TYPE_ATTR:
1348 case TMPL_TYPE_XLAT:
1349 break;
1350
1351 default:
1352 REDEBUG("Unexpected type %s in left hand side of expression",
1353 tmpl_type_to_str(map->lhs->type));
1354 return XLAT_ACTION_FAIL;
1355 }
1356
1357 switch (map->rhs->type) {
1358 case TMPL_TYPE_ATTR:
1359 case TMPL_TYPE_EXEC:
1360 case TMPL_TYPE_DATA:
1363 case TMPL_TYPE_XLAT:
1364 break;
1365
1366 default:
1367 REDEBUG("Unexpected type %s in right hand side of expression",
1368 tmpl_type_to_str(map->rhs->type));
1369 return XLAT_ACTION_FAIL;
1370 }
1371
1372 RINDENT();
1373 ret = map_to_request(request, map, map_to_vp, NULL);
1374 REXDENT();
1375 talloc_free(map);
1376 if (ret < 0) return XLAT_ACTION_FAIL;
1377
1378 vb->vb_bool = true;
1379 return XLAT_ACTION_DONE;
1380}
1381
1382
1384 { .required = true, .concat = true, .type = FR_TYPE_STRING },
1386};
1387
1388/** Calculate number of seconds until the next n hour(s), day(s), week(s), year(s).
1389 *
1390 * For example, if it were 16:18 %time.next(1h) would expand to 2520.
1391 *
1392 * The envisaged usage for this function is to limit sessions so that they don't
1393 * cross billing periods. The output of the xlat should be combined with %rand() to create
1394 * some jitter, unless the desired effect is every subscriber on the network
1395 * re-authenticating at the same time.
1396 *
1397 * @ingroup xlat_functions
1398 */
1400 UNUSED xlat_ctx_t const *xctx,
1401 request_t *request, fr_value_box_list_t *args)
1402{
1403 long num;
1404
1405 char const *p;
1406 char *q;
1407 time_t now;
1408 struct tm *local, local_buff;
1409 fr_value_box_t *in_head;
1410 fr_value_box_t *vb;
1411
1412 XLAT_ARGS(args, &in_head);
1413
1414 /*
1415 * We want to limit based on _now_, not on when they logged in.
1416 */
1417 now = time(NULL);
1418 local = localtime_r(&now, &local_buff);
1419
1420 p = in_head->vb_strvalue;
1421
1422 num = strtoul(p, &q, 10);
1423 if (!q || *q == '\0') {
1424 REDEBUG("<int> must be followed by time period (h|d|w|m|y)");
1425 return XLAT_ACTION_FAIL;
1426 }
1427
1428 if (p == q) {
1429 num = 1;
1430 } else {
1431 p += q - p;
1432 }
1433
1434 local->tm_sec = 0;
1435 local->tm_min = 0;
1436
1437 switch (*p) {
1438 case 'h':
1439 local->tm_hour += num;
1440 break;
1441
1442 case 'd':
1443 local->tm_hour = 0;
1444 local->tm_mday += num;
1445 break;
1446
1447 case 'w':
1448 local->tm_hour = 0;
1449 local->tm_mday += (7 - local->tm_wday) + (7 * (num-1));
1450 break;
1451
1452 case 'm':
1453 local->tm_hour = 0;
1454 local->tm_mday = 1;
1455 local->tm_mon += num;
1456 break;
1457
1458 case 'y':
1459 local->tm_hour = 0;
1460 local->tm_mday = 1;
1461 local->tm_mon = 0;
1462 local->tm_year += num;
1463 break;
1464
1465 default:
1466 REDEBUG("Invalid time period '%c', must be h|d|w|m|y", *p);
1467 return XLAT_ACTION_FAIL;
1468 }
1469
1470 MEM(vb = fr_value_box_alloc_null(ctx));
1471 fr_value_box_uint64(vb, NULL, (uint64_t)(mktime(local) - now), false);
1473 return XLAT_ACTION_DONE;
1474}
1475
1480
1481/** Just serves to push the result up the stack
1482 *
1483 */
1485 xlat_ctx_t const *xctx,
1486 UNUSED request_t *request, UNUSED fr_value_box_list_t *in)
1487{
1488 xlat_eval_rctx_t *rctx = talloc_get_type_abort(xctx->rctx, xlat_eval_rctx_t);
1490
1491 talloc_free(rctx);
1492
1493 return xa;
1494}
1495
1497 { .required = true, .concat = true, .type = FR_TYPE_STRING },
1499};
1500
1501/** Dynamically evaluate an expansion string
1502 *
1503 * @ingroup xlat_functions
1504 */
1506 UNUSED xlat_ctx_t const *xctx,
1507 request_t *request, fr_value_box_list_t *args)
1508{
1509 /*
1510 * These are escaping rules applied to the
1511 * input string. They're mostly here to
1512 * allow \% and \\ to work.
1513 *
1514 * Everything else should be passed in as
1515 * unescaped data.
1516 */
1517 static fr_sbuff_unescape_rules_t const escape_rules = {
1518 .name = "xlat",
1519 .chr = '\\',
1520 .subs = {
1521 ['%'] = '%',
1522 ['\\'] = '\\',
1523 },
1524 .do_hex = false,
1525 .do_oct = false
1526 };
1527
1528 xlat_eval_rctx_t *rctx;
1529 fr_value_box_t *arg = fr_value_box_list_head(args);
1530
1531 XLAT_ARGS(args, &arg);
1532
1533 MEM(rctx = talloc_zero(unlang_interpret_frame_talloc_ctx(request), xlat_eval_rctx_t));
1534
1535 /*
1536 * Parse the input as a literal expansion
1537 */
1538 if (xlat_tokenize_expression(rctx,
1539 &rctx->ex,
1540 &FR_SBUFF_IN(arg->vb_strvalue, arg->vb_length),
1541 &(fr_sbuff_parse_rules_t){
1542 .escapes = &escape_rules
1543 },
1544 &(tmpl_rules_t){
1545 .attr = {
1546 .dict_def = request->local_dict,
1547 .list_def = request_attr_request,
1548 .allow_unknown = false,
1549 .allow_unresolved = false,
1550 .allow_foreign = false,
1551 },
1552 .xlat = {
1553 .runtime_el = unlang_interpret_event_list(request),
1554 },
1555 .at_runtime = true
1556 }) < 0) {
1557 RPEDEBUG("Failed parsing expansion");
1558 error:
1559 talloc_free(rctx);
1560 return XLAT_ACTION_FAIL;
1561 }
1562
1563 /*
1564 * Call the resolution function so we produce
1565 * good errors about what function was
1566 * unresolved.
1567 */
1568 if (rctx->ex->flags.needs_resolving &&
1569 (xlat_resolve(rctx->ex, &(xlat_res_rules_t){ .allow_unresolved = false }) < 0)) {
1570 RPEDEBUG("Unresolved expansion functions in expansion");
1571 goto error;
1572
1573 }
1574
1575 if (unlang_xlat_yield(request, xlat_eval_resume, NULL, 0, rctx) != XLAT_ACTION_YIELD) goto error;
1576
1577 if (unlang_xlat_push(ctx, &rctx->last_result, (fr_value_box_list_t *)out->dlist,
1578 request, rctx->ex, UNLANG_SUB_FRAME) < 0) goto error;
1579
1581}
1582
1584 { .required = true, .type = FR_TYPE_STRING },
1585 { .required = true, .single = true, .type = FR_TYPE_UINT64 },
1586 { .concat = true, .type = FR_TYPE_STRING },
1588};
1589
1590/** lpad a string
1591 *
1592@verbatim
1593%lpad(%{Attribute-Name}, <length> [, <fill>])
1594@endverbatim
1595 *
1596 * Example: (User-Name = "foo")
1597@verbatim
1598%lpad(%{User-Name}, 5 'x') == "xxfoo"
1599@endverbatim
1600 *
1601 * @ingroup xlat_functions
1602 */
1604 UNUSED xlat_ctx_t const *xctx,
1605 request_t *request, fr_value_box_list_t *args)
1606{
1607 fr_value_box_t *values;
1608 fr_value_box_t *pad;
1610
1611 fr_value_box_list_t *list;
1612
1613 size_t pad_len;
1614
1615 char const *fill_str = NULL;
1616 size_t fill_len = 0;
1617
1618 fr_value_box_t *in = NULL;
1619
1620 XLAT_ARGS(args, &values, &pad, &fill);
1621
1622 /* coverity[dereference] */
1623 list = &values->vb_group;
1624 /* coverity[dereference] */
1625 pad_len = (size_t)pad->vb_uint64;
1626
1627 /*
1628 * Fill is optional
1629 */
1630 if (fill) {
1631 fill_str = fill->vb_strvalue;
1632 fill_len = talloc_array_length(fill_str) - 1;
1633 }
1634
1635 if (fill_len == 0) {
1636 fill_str = " ";
1637 fill_len = 1;
1638 }
1639
1640 while ((in = fr_value_box_list_pop_head(list))) {
1641 size_t len = talloc_array_length(in->vb_strvalue) - 1;
1642 size_t remaining;
1643 char *buff;
1644 fr_sbuff_t sbuff;
1645 fr_sbuff_marker_t m_data;
1646
1648
1649 if (len >= pad_len) continue;
1650
1651 if (fr_value_box_bstr_realloc(in, &buff, in, pad_len) < 0) {
1652 RPEDEBUG("Failed reallocing input data");
1653 return XLAT_ACTION_FAIL;
1654 }
1655
1656 fr_sbuff_init_in(&sbuff, buff, pad_len);
1657 fr_sbuff_marker(&m_data, &sbuff);
1658
1659 /*
1660 * ...nothing to move if the input
1661 * string is empty.
1662 */
1663 if (len > 0) {
1664 fr_sbuff_advance(&m_data, pad_len - len); /* Mark where we want the data to go */
1665 fr_sbuff_move(&FR_SBUFF(&m_data), &FR_SBUFF(&sbuff), len); /* Shift the data */
1666 }
1667
1668 if (fill_len == 1) {
1669 memset(fr_sbuff_current(&sbuff), *fill_str, fr_sbuff_ahead(&m_data));
1670 continue;
1671 }
1672
1673 /*
1674 * Copy fill as a repeating pattern
1675 */
1676 while ((remaining = fr_sbuff_ahead(&m_data))) {
1677 size_t to_copy = remaining >= fill_len ? fill_len : remaining;
1678 memcpy(fr_sbuff_current(&sbuff), fill_str, to_copy); /* avoid \0 termination */
1679 fr_sbuff_advance(&sbuff, to_copy);
1680 }
1681 fr_sbuff_set_to_end(&sbuff);
1682 fr_sbuff_terminate(&sbuff); /* Move doesn't re-terminate */
1683 }
1684
1685 return XLAT_ACTION_DONE;
1686}
1687
1688/** Right pad a string
1689 *
1690@verbatim
1691%rpad(%{Attribute-Name}, <length> [, <fill>])
1692@endverbatim
1693 *
1694 * Example: (User-Name = "foo")
1695@verbatim
1696%rpad(%{User-Name}, 5 'x') == "fooxx"
1697@endverbatim
1698 *
1699 * @ingroup xlat_functions
1700 */
1702 UNUSED xlat_ctx_t const *xctx,
1703 request_t *request, fr_value_box_list_t *args)
1704{
1705 fr_value_box_t *values;
1706 fr_value_box_list_t *list;
1707 fr_value_box_t *pad;
1708 /* coverity[dereference] */
1709 size_t pad_len;
1711 char const *fill_str = NULL;
1712 size_t fill_len = 0;
1713
1714 fr_value_box_t *in = NULL;
1715
1716 XLAT_ARGS(args, &values, &pad, &fill);
1717
1718 list = &values->vb_group;
1719 pad_len = (size_t)pad->vb_uint64;
1720
1721 /*
1722 * Fill is optional
1723 */
1724 if (fill) {
1725 fill_str = fill->vb_strvalue;
1726 fill_len = talloc_array_length(fill_str) - 1;
1727 }
1728
1729 if (fill_len == 0) {
1730 fill_str = " ";
1731 fill_len = 1;
1732 }
1733
1734 while ((in = fr_value_box_list_pop_head(list))) {
1735 size_t len = talloc_array_length(in->vb_strvalue) - 1;
1736 size_t remaining;
1737 char *buff;
1738 fr_sbuff_t sbuff;
1739
1741
1742 if (len >= pad_len) continue;
1743
1744 if (fr_value_box_bstr_realloc(in, &buff, in, pad_len) < 0) {
1745 fail:
1746 RPEDEBUG("Failed reallocing input data");
1747 return XLAT_ACTION_FAIL;
1748 }
1749
1750 fr_sbuff_init_in(&sbuff, buff, pad_len);
1751 fr_sbuff_advance(&sbuff, len);
1752
1753 if (fill_len == 1) {
1754 memset(fr_sbuff_current(&sbuff), *fill_str, fr_sbuff_remaining(&sbuff));
1755 continue;
1756 }
1757
1758 /*
1759 * Copy fill as a repeating pattern
1760 */
1761 while ((remaining = fr_sbuff_remaining(&sbuff))) {
1762 if (fr_sbuff_in_bstrncpy(&sbuff, fill_str, remaining >= fill_len ? fill_len : remaining) < 0) {
1763 goto fail;
1764 }
1765 }
1766 }
1767
1768 return XLAT_ACTION_DONE;
1769}
1770
1772 { .required = true, .concat = true, .type = FR_TYPE_OCTETS },
1774};
1775
1776/** Encode string or attribute as base64
1777 *
1778 * Example:
1779@verbatim
1780%base64.encode("foo") == "Zm9v"
1781@endverbatim
1782 *
1783 * @ingroup xlat_functions
1784 */
1786 UNUSED xlat_ctx_t const *xctx,
1787 request_t *request, fr_value_box_list_t *args)
1788{
1789 size_t alen;
1790 ssize_t elen;
1791 char *buff;
1792 fr_value_box_t *vb;
1794
1795 XLAT_ARGS(args, &in);
1796
1797 alen = FR_BASE64_ENC_LENGTH(in->vb_length);
1798
1799 MEM(vb = fr_value_box_alloc_null(ctx));
1800 if (fr_value_box_bstr_alloc(vb, &buff, vb, NULL, alen, false) < 0) {
1801 talloc_free(vb);
1802 return XLAT_ACTION_FAIL;
1803 }
1804
1805 elen = fr_base64_encode(&FR_SBUFF_OUT(buff, talloc_array_length(buff)),
1806 &FR_DBUFF_TMP(in->vb_octets, in->vb_length), true);
1807 if (elen < 0) {
1808 RPEDEBUG("Base64 encoding failed");
1809 talloc_free(vb);
1810 return XLAT_ACTION_FAIL;
1811 }
1812 fr_assert((size_t)elen <= alen);
1815
1816 return XLAT_ACTION_DONE;
1817}
1818
1820 { .required = true, .concat = true, .type = FR_TYPE_OCTETS },
1822};
1823
1824/** Decode base64 string
1825 *
1826 * Example:
1827@verbatim
1828%base64.decode("Zm9v") == "foo"
1829@endverbatim
1830 *
1831 * @ingroup xlat_functions
1832 */
1834 UNUSED xlat_ctx_t const *xctx,
1835 request_t *request, fr_value_box_list_t *args)
1836{
1837 size_t alen;
1838 ssize_t declen = 0;
1839 uint8_t *decbuf;
1840 fr_value_box_t *vb;
1842
1843 XLAT_ARGS(args, &in);
1844
1845 /*
1846 * Pass empty arguments through
1847 *
1848 * FR_BASE64_DEC_LENGTH produces 2 for empty strings...
1849 */
1850 if (in->vb_length == 0) {
1851 fr_value_box_list_remove(args, in);
1853 return XLAT_ACTION_DONE;
1854 }
1855
1856 alen = FR_BASE64_DEC_LENGTH(in->vb_length);
1857 MEM(vb = fr_value_box_alloc_null(ctx));
1858 if (alen > 0) {
1859 MEM(fr_value_box_mem_alloc(vb, &decbuf, vb, NULL, alen, false) == 0);
1860 declen = fr_base64_decode(&FR_DBUFF_TMP(decbuf, alen),
1861 &FR_SBUFF_IN(in->vb_strvalue, in->vb_length), true, true);
1862 if (declen < 0) {
1863 RPEDEBUG("Base64 string invalid");
1864 talloc_free(vb);
1865 return XLAT_ACTION_FAIL;
1866 }
1867
1868 MEM(fr_value_box_mem_realloc(vb, NULL, vb, declen) == 0);
1869 }
1870
1873
1874 return XLAT_ACTION_DONE;
1875}
1876
1878 { .required = true, .type = FR_TYPE_STRING },
1880};
1881
1882/** Convert hex string to binary
1883 *
1884 * Example:
1885@verbatim
1886%bin("666f6f626172") == "foobar"
1887@endverbatim
1888 *
1889 * @see #xlat_func_hex
1890 *
1891 * @ingroup xlat_functions
1892 */
1894 UNUSED xlat_ctx_t const *xctx,
1895 request_t *request, fr_value_box_list_t *args)
1896{
1897 fr_value_box_t *result;
1898 char const *p, *end;
1899 uint8_t *bin;
1900 size_t len, outlen;
1902 fr_value_box_t *list, *hex;
1903
1904 XLAT_ARGS(args, &list);
1905
1906 while ((hex = fr_value_box_list_pop_head(&list->vb_group))) {
1907 len = hex->vb_length;
1908 if ((len > 1) && (len & 0x01)) {
1909 REDEBUG("Input data length must be >1 and even, got %zu", len);
1910 return XLAT_ACTION_FAIL;
1911 }
1912
1913 p = hex->vb_strvalue;
1914 end = p + len;
1915
1916 /*
1917 * Look for 0x at the start of the string, and ignore if we see it.
1918 */
1919 if ((p[0] == '0') && (p[1] == 'x')) {
1920 p += 2;
1921 len -=2;
1922 }
1923
1924 /*
1925 * Zero length octets string
1926 */
1927 if (p == end) continue;
1928
1929 outlen = len / 2;
1930
1931 MEM(result = fr_value_box_alloc_null(ctx));
1932 MEM(fr_value_box_mem_alloc(result, &bin, result, NULL, outlen, false) == 0);
1933 fr_base16_decode(&err, &FR_DBUFF_TMP(bin, outlen), &FR_SBUFF_IN(p, end - p), true);
1934 if (err) {
1935 REDEBUG2("Invalid hex string");
1936 talloc_free(result);
1937 return XLAT_ACTION_FAIL;
1938 }
1939
1941 fr_dcursor_append(out, result);
1942 }
1943
1944 return XLAT_ACTION_DONE;
1945}
1946
1948 { .required = true, .single = true, .type = FR_TYPE_VOID },
1949 { .type = FR_TYPE_VOID },
1950 { .variadic = XLAT_ARG_VARIADIC_EMPTY_KEEP, .type = FR_TYPE_VOID },
1952};
1953
1954/** Cast one or more output value-boxes to the given type
1955 *
1956 * First argument of is type to cast to.
1957 *
1958 * Example:
1959@verbatim
1960%cast('string', %{request[*]}) results in all of the input boxes being cast to string/
1961@endverbatim
1962 *
1963 * @ingroup xlat_functions
1964 */
1966 UNUSED xlat_ctx_t const *xctx,
1967 request_t *request, fr_value_box_list_t *args)
1968{
1970 fr_value_box_t *arg;
1972 fr_dict_attr_t const *time_res = NULL;
1973
1974 XLAT_ARGS(args, &name);
1975
1976 /*
1977 * Get the type, which can be in one of a few formats.
1978 */
1979 if (fr_type_is_numeric(name->type)) {
1981 RPEDEBUG("Failed parsing '%pV' as a numerical data type", name);
1982 return XLAT_ACTION_FAIL;
1983 }
1984 type = name->vb_uint8;
1985
1986 } else {
1987 if (name->type != FR_TYPE_STRING) {
1989 RPEDEBUG("Failed parsing '%pV' as a string data type", name);
1990 return XLAT_ACTION_FAIL;
1991 }
1992 }
1993
1995 if (type == FR_TYPE_NULL) {
1996 if ((time_res = xlat_time_res_attr(name->vb_strvalue)) == NULL) {
1997 RDEBUG("Unknown data type '%s'", name->vb_strvalue);
1998 return XLAT_ACTION_FAIL;
1999 }
2000
2002 }
2003 }
2004
2005 (void) fr_value_box_list_pop_head(args);
2006
2007 /*
2008 * When we cast nothing to a string / octets, the result is an empty string/octets.
2009 */
2010 if (unlikely(!fr_value_box_list_head(args))) {
2011 if ((type == FR_TYPE_STRING) || (type == FR_TYPE_OCTETS)) {
2012 fr_value_box_t *dst;
2013
2014 MEM(dst = fr_value_box_alloc(ctx, type, NULL));
2015 fr_dcursor_append(out, dst);
2016 VALUE_BOX_LIST_VERIFY((fr_value_box_list_t *)out->dlist);
2017
2018 return XLAT_ACTION_DONE;
2019 }
2020
2021 RDEBUG("No data for cast to '%s'", fr_type_to_str(type));
2022 return XLAT_ACTION_FAIL;
2023 }
2024
2025 /*
2026 * Cast to string means *print* to string.
2027 */
2028 if (type == FR_TYPE_STRING) {
2029 fr_sbuff_t *agg;
2030 fr_value_box_t *dst;
2031
2033
2034 FR_SBUFF_TALLOC_THREAD_LOCAL(&agg, 256, SIZE_MAX);
2035
2036 MEM(dst = fr_value_box_alloc_null(ctx));
2038
2039 if (fr_value_box_list_concat_as_string(dst, agg, args, NULL, 0, NULL,
2041 RPEDEBUG("Failed concatenating string");
2042 return XLAT_ACTION_FAIL;
2043 }
2044
2045 fr_value_box_bstrndup(dst, dst, NULL, fr_sbuff_start(agg), fr_sbuff_used(agg), false);
2046 fr_dcursor_append(out, dst);
2047 VALUE_BOX_LIST_VERIFY((fr_value_box_list_t *)out->dlist);
2048
2049 return XLAT_ACTION_DONE;
2050 }
2051
2052 /*
2053 * Copy inputs to outputs, casting them along the way.
2054 */
2055 arg = NULL;
2056 while ((arg = fr_value_box_list_next(args, arg)) != NULL) {
2057 fr_value_box_t *vb, *p;
2058
2059 fr_assert(arg->type == FR_TYPE_GROUP);
2060
2061 vb = fr_value_box_list_head(&arg->vb_group);
2062 while (vb) {
2063 p = fr_value_box_list_remove(&arg->vb_group, vb);
2064
2065 if (fr_value_box_cast_in_place(vb, vb, type, time_res) < 0) {
2066 RPEDEBUG("Failed casting %pV to data type '%s'", vb, fr_type_to_str(type));
2067 return XLAT_ACTION_FAIL;
2068 }
2070 vb = fr_value_box_list_next(&arg->vb_group, p);
2071 }
2072 }
2073 VALUE_BOX_LIST_VERIFY((fr_value_box_list_t *)out->dlist);
2074
2075 return XLAT_ACTION_DONE;
2076}
2077
2079 { .required = true, .type = FR_TYPE_VOID },
2080 { .concat = true, .type = FR_TYPE_STRING },
2082};
2083
2084/** Concatenate string representation of values of given attributes using separator
2085 *
2086 * First argument of is the list of attributes to concatenate, followed
2087 * by an optional separator
2088 *
2089 * Example:
2090@verbatim
2091%concat(%{request.[*]}, ',') == "<attr1value>,<attr2value>,<attr3value>,..."
2092%concat(%{Tmp-String-0[*]}, '. ') == "<str1value>. <str2value>. <str3value>. ..."
2093%concat(%join(%{User-Name}, %{Calling-Station-Id}), ', ') == "bob, aa:bb:cc:dd:ee:ff"
2094@endverbatim
2095 *
2096 * @ingroup xlat_functions
2097 */
2099 UNUSED xlat_ctx_t const *xctx,
2100 request_t *request, fr_value_box_list_t *args)
2101{
2102 fr_value_box_t *result;
2103 fr_value_box_t *list;
2104 fr_value_box_t *separator;
2105 fr_value_box_list_t *to_concat;
2106 char *buff;
2107 char const *sep;
2108
2109 XLAT_ARGS(args, &list, &separator);
2110
2111 sep = (separator) ? separator->vb_strvalue : "";
2112 to_concat = &list->vb_group;
2113
2114 result = fr_value_box_alloc(ctx, FR_TYPE_STRING, NULL);
2115 if (!result) {
2116 error:
2117 RPEDEBUG("Failed concatenating input");
2118 return XLAT_ACTION_FAIL;
2119 }
2120
2121 buff = fr_value_box_list_aprint(result, to_concat, sep, NULL);
2122 if (!buff) goto error;
2123
2125
2126 fr_dcursor_append(out, result);
2127
2128 return XLAT_ACTION_DONE;
2129}
2130
2132 { .required = true, .type = FR_TYPE_OCTETS },
2134};
2135
2136/** Print data as hex, not as VALUE.
2137 *
2138 * Example:
2139@verbatim
2140%hex("foobar") == "666f6f626172"
2141@endverbatim
2142 *
2143 * @see #xlat_func_bin
2144 *
2145 * @ingroup xlat_functions
2146 */
2148 UNUSED xlat_ctx_t const *xctx,
2149 UNUSED request_t *request, fr_value_box_list_t *args)
2150{
2151 char *new_buff;
2152 fr_value_box_t *list, *bin;
2153 fr_value_box_t safety;
2154
2155 XLAT_ARGS(args, &list);
2156
2157 while ((bin = fr_value_box_list_pop_head(&list->vb_group))) {
2158 fr_value_box_safety_copy(&safety, bin);
2159
2160 /*
2161 * Use existing box, but with new buffer
2162 */
2163 MEM(new_buff = talloc_zero_array(bin, char, (bin->vb_length * 2) + 1));
2164 if (bin->vb_length) {
2165 fr_base16_encode(&FR_SBUFF_OUT(new_buff, (bin->vb_length * 2) + 1),
2166 &FR_DBUFF_TMP(bin->vb_octets, bin->vb_length));
2168 fr_value_box_strdup_shallow(bin, NULL, new_buff, false);
2169 /*
2170 * Zero length binary > zero length hex string
2171 */
2172 } else {
2174 fr_value_box_strdup(bin, bin, NULL, "", false);
2175 }
2176
2177 fr_value_box_safety_copy(bin, &safety);
2178 fr_dcursor_append(out, bin);
2179 }
2180
2181 return XLAT_ACTION_DONE;
2182}
2183
2188
2189static xlat_action_t xlat_hmac(TALLOC_CTX *ctx, fr_dcursor_t *out,
2190 fr_value_box_list_t *args, uint8_t *digest, int digest_len, hmac_type type)
2191{
2192 fr_value_box_t *vb, *data, *key;
2193
2194 XLAT_ARGS(args, &data, &key);
2195
2196 if (type == HMAC_MD5) {
2197 /* coverity[dereference] */
2198 fr_hmac_md5(digest, data->vb_octets, data->vb_length, key->vb_octets, key->vb_length);
2199 } else if (type == HMAC_SHA1) {
2200 /* coverity[dereference] */
2201 fr_hmac_sha1(digest, data->vb_octets, data->vb_length, key->vb_octets, key->vb_length);
2202 }
2203
2204 MEM(vb = fr_value_box_alloc_null(ctx));
2205 fr_value_box_memdup(vb, vb, NULL, digest, digest_len, false);
2206
2208
2209 return XLAT_ACTION_DONE;
2210}
2211
2213 { .required = true, .concat = true, .type = FR_TYPE_STRING },
2214 { .required = true, .concat = true, .type = FR_TYPE_STRING },
2216};
2217
2218/** Generate the HMAC-MD5 of a string or attribute
2219 *
2220 * Example:
2221@verbatim
2222%hmacmd5('foo', 'bar') == "0x31b6db9e5eb4addb42f1a6ca07367adc"
2223@endverbatim
2224 *
2225 * @ingroup xlat_functions
2226 */
2228 UNUSED xlat_ctx_t const *xctx,
2229 UNUSED request_t *request, fr_value_box_list_t *in)
2230{
2231 uint8_t digest[MD5_DIGEST_LENGTH];
2232 return xlat_hmac(ctx, out, in, digest, MD5_DIGEST_LENGTH, HMAC_MD5);
2233}
2234
2235
2236/** Generate the HMAC-SHA1 of a string or attribute
2237 *
2238 * Example:
2239@verbatim
2240%hmacsha1('foo', 'bar') == "0x85d155c55ed286a300bd1cf124de08d87e914f3a"
2241@endverbatim
2242 *
2243 * @ingroup xlat_functions
2244 */
2246 UNUSED xlat_ctx_t const *xctx,
2247 UNUSED request_t *request, fr_value_box_list_t *in)
2248{
2250 return xlat_hmac(ctx, out, in, digest, SHA1_DIGEST_LENGTH, HMAC_SHA1);
2251}
2252
2254 { .required = true, .type = FR_TYPE_VOID },
2255 { .variadic = XLAT_ARG_VARIADIC_EMPTY_SQUASH, .type = FR_TYPE_VOID },
2257};
2258
2259/** Join a series of arguments to form a single list
2260 *
2261 * null boxes are not preserved.
2262 */
2264 UNUSED xlat_ctx_t const *xctx,
2265 UNUSED request_t *request, fr_value_box_list_t *in)
2266{
2268 fr_assert(arg->type == FR_TYPE_GROUP);
2269
2270 fr_value_box_list_foreach_safe(&arg->vb_group, vb) {
2271 fr_value_box_list_remove(&arg->vb_group, vb);
2273 }}
2274 }
2275 return XLAT_ACTION_DONE;
2276}
2277
2278static void ungroup(fr_dcursor_t *out, fr_value_box_list_t *in)
2279{
2280 fr_value_box_t *vb;
2281
2282 while ((vb = fr_value_box_list_pop_head(in)) != NULL) {
2283 if (vb->type != FR_TYPE_GROUP) {
2285 continue;
2286 }
2287 talloc_free(vb);
2288 }
2289}
2290
2291/** Ungroups all of its arguments into one flat list.
2292 *
2293 */
2295 UNUSED xlat_ctx_t const *xctx,
2296 UNUSED request_t *request, fr_value_box_list_t *in)
2297{
2298 fr_value_box_t *arg = NULL;
2299
2300 while ((arg = fr_value_box_list_next(in, arg)) != NULL) {
2301 fr_assert(arg->type == FR_TYPE_GROUP);
2302
2303 ungroup(out, &arg->vb_group);
2304 }
2305 return XLAT_ACTION_DONE;
2306}
2307
2309 { .single = true, .variadic = XLAT_ARG_VARIADIC_EMPTY_KEEP, .type = FR_TYPE_VOID },
2311};
2312
2313/** Return the on-the-wire size of the boxes in bytes
2314 *
2315 * skips null values
2316 *
2317 * Example:
2318@verbatim
2319%length(foobar) == 6
2320%length(%bin("0102030005060708")) == 8
2321@endverbatim
2322 *
2323 * @see #xlat_func_strlen
2324 *
2325 * @ingroup xlat_functions
2326 */
2328 UNUSED xlat_ctx_t const *xctx,
2329 UNUSED request_t *request, fr_value_box_list_t *in)
2330
2331{
2334
2335 MEM(my = fr_value_box_alloc(ctx, FR_TYPE_SIZE, NULL));
2336 if (!fr_type_is_null(vb->type)) my->vb_size = fr_value_box_network_length(vb);
2338 }
2339
2340 return XLAT_ACTION_DONE;
2341}
2342
2343
2345 { .concat = true, .type = FR_TYPE_OCTETS },
2347};
2348
2349/** Calculate the MD4 hash of a string or attribute.
2350 *
2351 * Example:
2352@verbatim
2353%md4("foo") == "0ac6700c491d70fb8650940b1ca1e4b2"
2354@endverbatim
2355 *
2356 * @ingroup xlat_functions
2357 */
2359 UNUSED xlat_ctx_t const *xctx,
2360 UNUSED request_t *request, fr_value_box_list_t *args)
2361{
2362 uint8_t digest[MD4_DIGEST_LENGTH];
2363 fr_value_box_t *vb;
2364 fr_value_box_t *in_head;
2365
2366 XLAT_ARGS(args, &in_head);
2367
2368 if (in_head) {
2369 fr_md4_calc(digest, in_head->vb_octets, in_head->vb_length);
2370 } else {
2371 /* Digest of empty string */
2372 fr_md4_calc(digest, NULL, 0);
2373 }
2374
2375 MEM(vb = fr_value_box_alloc_null(ctx));
2376 fr_value_box_memdup(vb, vb, NULL, digest, sizeof(digest), false);
2377
2379 VALUE_BOX_LIST_VERIFY((fr_value_box_list_t *)out->dlist);
2380
2381 return XLAT_ACTION_DONE;
2382}
2383
2385 { .concat = true, .type = FR_TYPE_OCTETS },
2387};
2388
2389/** Calculate the MD5 hash of a string or attribute.
2390 *
2391 * Example:
2392@verbatim
2393%md5("foo") == "acbd18db4cc2f85cedef654fccc4a4d8"
2394@endverbatim
2395 *
2396 * @ingroup xlat_functions
2397 */
2399 UNUSED xlat_ctx_t const *xctx,
2400 UNUSED request_t *request, fr_value_box_list_t *args)
2401{
2402 uint8_t digest[MD5_DIGEST_LENGTH];
2403 fr_value_box_t *vb;
2404 fr_value_box_t *in_head;
2405
2406 XLAT_ARGS(args, &in_head);
2407
2408 if (in_head) {
2409 fr_md5_calc(digest, in_head->vb_octets, in_head->vb_length);
2410 } else {
2411 /* Digest of empty string */
2412 fr_md5_calc(digest, NULL, 0);
2413 }
2414
2415 MEM(vb = fr_value_box_alloc_null(ctx));
2416 fr_value_box_memdup(vb, vb, NULL, digest, sizeof(digest), false);
2417
2419
2420 return XLAT_ACTION_DONE;
2421}
2422
2423
2424/** Encode attributes as a series of string attribute/value pairs
2425 *
2426 * This is intended to serialize one or more attributes as a comma
2427 * delimited string.
2428 *
2429 * Example:
2430@verbatim
2431%pairs.print(request.[*]) == 'User-Name = "foo"User-Password = "bar"'
2432%concat(%pairs.print.print(request.[*]), ', ') == 'User-Name = "foo", User-Password = "bar"'
2433@endverbatim
2434 *
2435 * @see #xlat_func_concat
2436 *
2437 * @ingroup xlat_functions
2438 */
2440 UNUSED xlat_ctx_t const *xctx,
2441 request_t *request, fr_value_box_list_t *args)
2442{
2443 fr_pair_t *vp;
2444 fr_dcursor_t *cursor;
2445 fr_value_box_t *vb;
2446 fr_value_box_t *in_head;
2447
2448 XLAT_ARGS(args, &in_head);
2449
2450 cursor = fr_value_box_get_cursor(in_head);
2451
2452 for (vp = fr_dcursor_current(cursor);
2453 vp;
2454 vp = fr_dcursor_next(cursor)) {
2455 char *buff;
2456
2457 MEM(vb = fr_value_box_alloc_null(ctx));
2458 if (unlikely(fr_pair_aprint(vb, &buff, NULL, vp) < 0)) {
2459 RPEDEBUG("Failed printing pair");
2460 talloc_free(vb);
2461 return XLAT_ACTION_FAIL;
2462 }
2463
2464 fr_value_box_bstrdup_buffer_shallow(NULL, vb, NULL, buff, false);
2466
2467 VALUE_BOX_VERIFY(vb);
2468 }
2469
2470 return XLAT_ACTION_DONE;
2471}
2472
2474 { .required = true, .single = true, .type = FR_TYPE_UINT32 },
2476};
2477
2478/** Generate a random integer value
2479 *
2480 * For "N = %rand(MAX)", 0 <= N < MAX
2481 *
2482 * Example:
2483@verbatim
2484%rand(100) == 42
2485@endverbatim
2486 *
2487 * @ingroup xlat_functions
2488 */
2490 UNUSED xlat_ctx_t const *xctx,
2491 UNUSED request_t *request, fr_value_box_list_t *in)
2492{
2493 int64_t result;
2494 fr_value_box_t *vb;
2495 fr_value_box_t *in_head = fr_value_box_list_head(in);
2496
2497 result = in_head->vb_uint32;
2498
2499 /* Make sure it isn't too big */
2500 if (result > (1 << 30)) result = (1 << 30);
2501
2502 result *= fr_rand(); /* 0..2^32-1 */
2503 result >>= 32;
2504
2505 MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_UINT64, NULL));
2506 vb->vb_uint64 = result;
2507
2509
2510 return XLAT_ACTION_DONE;
2511}
2512
2514 { .required = true, .concat = true, .type = FR_TYPE_STRING },
2516};
2517
2518/** Generate a string of random chars
2519 *
2520 * Build strings of random chars, useful for generating tokens and passcodes
2521 * Format similar to String::Random.
2522 *
2523 * Format characters may include the following, and may be
2524 * preceded by a repetition count:
2525 * - "c" lowercase letters
2526 * - "C" uppercase letters
2527 * - "n" numbers
2528 * - "a" alphanumeric
2529 * - "!" punctuation
2530 * - "." alphanumeric + punctuation
2531 * - "s" alphanumeric + "./"
2532 * - "o" characters suitable for OTP (easily confused removed)
2533 * - "b" binary data
2534 *
2535 * Example:
2536@verbatim
2537%randstr("CCCC!!cccnnn") == "IPFL>{saf874"
2538%randstr("42o") == "yHdupUwVbdHprKCJRYfGbaWzVwJwUXG9zPabdGAhM9"
2539%hex(%randstr("bbbb")) == "a9ce04f3"
2540%hex(%randstr("8b")) == "fe165529f9f66839"
2541@endverbatim
2542 * @ingroup xlat_functions
2543 */
2545 UNUSED xlat_ctx_t const *xctx,
2546 request_t *request, fr_value_box_list_t *args)
2547{
2548 /*
2549 * Lookup tables for randstr char classes
2550 */
2551 static char randstr_punc[] = "!\"#$%&'()*+,-./:;<=>?@[\\]^_`{|}~";
2552 static char randstr_salt[] = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmopqrstuvwxyz/.";
2553
2554 /*
2555 * Characters humans rarely confuse. Reduces char set considerably
2556 * should only be used for things such as one time passwords.
2557 */
2558 static char randstr_otp[] = "469ACGHJKLMNPQRUVWXYabdfhijkprstuvwxyz";
2559
2560 char const *p, *start, *end;
2561 char *endptr;
2562 char *buff_p;
2563 unsigned int result;
2564 unsigned int reps;
2565 size_t outlen = 0;
2566 fr_value_box_t* vb;
2567 fr_value_box_t *in_head;
2568
2569 XLAT_ARGS(args, &in_head);
2570
2571 /** Max repetitions of a single character class
2572 *
2573 */
2574#define REPETITION_MAX 1024
2575
2576 start = p = in_head->vb_strvalue;
2577 end = p + in_head->vb_length;
2578
2579 /*
2580 * Calculate size of output
2581 */
2582 while (p < end) {
2583 /*
2584 * Repetition modifiers.
2585 *
2586 * We limit it to REPETITION_MAX, because we don't want
2587 * utter stupidity.
2588 */
2589 if (isdigit((uint8_t) *p)) {
2590 reps = strtol(p, &endptr, 10);
2591 if (reps > REPETITION_MAX) reps = REPETITION_MAX;
2592 outlen += reps;
2593 p = endptr;
2594 } else {
2595 outlen++;
2596 }
2597 p++;
2598 }
2599
2600 MEM(vb = fr_value_box_alloc_null(ctx));
2601 MEM(fr_value_box_bstr_alloc(vb, &buff_p, vb, NULL, outlen, false) == 0);
2602
2603 /* Reset p to start position */
2604 p = start;
2605
2606 while (p < end) {
2607 size_t i;
2608
2609 if (isdigit((uint8_t) *p)) {
2610 reps = strtol(p, &endptr, 10);
2611 if (reps > REPETITION_MAX) {
2612 reps = REPETITION_MAX;
2613 RMARKER(L_WARN, L_DBG_LVL_2, start, start - p,
2614 "Forcing repetition to %u", (unsigned int)REPETITION_MAX);
2615 }
2616 p = endptr;
2617 } else {
2618 reps = 1;
2619 }
2620
2621 for (i = 0; i < reps; i++) {
2622 result = fr_rand();
2623 switch (*p) {
2624 /*
2625 * Lowercase letters
2626 */
2627 case 'c':
2628 *buff_p++ = 'a' + (result % 26);
2629 break;
2630
2631 /*
2632 * Uppercase letters
2633 */
2634 case 'C':
2635 *buff_p++ = 'A' + (result % 26);
2636 break;
2637
2638 /*
2639 * Numbers
2640 */
2641 case 'n':
2642 *buff_p++ = '0' + (result % 10);
2643 break;
2644
2645 /*
2646 * Alpha numeric
2647 */
2648 case 'a':
2649 *buff_p++ = randstr_salt[result % (sizeof(randstr_salt) - 3)];
2650 break;
2651
2652 /*
2653 * Punctuation
2654 */
2655 case '!':
2656 *buff_p++ = randstr_punc[result % (sizeof(randstr_punc) - 1)];
2657 break;
2658
2659 /*
2660 * Alpha numeric + punctuation
2661 */
2662 case '.':
2663 *buff_p++ = '!' + (result % 95);
2664 break;
2665
2666 /*
2667 * Alpha numeric + salt chars './'
2668 */
2669 case 's':
2670 *buff_p++ = randstr_salt[result % (sizeof(randstr_salt) - 1)];
2671 break;
2672
2673 /*
2674 * Chars suitable for One Time Password tokens.
2675 * Alpha numeric with easily confused char pairs removed.
2676 */
2677 case 'o':
2678 *buff_p++ = randstr_otp[result % (sizeof(randstr_otp) - 1)];
2679 break;
2680
2681 /*
2682 * Binary data - Copy between 1-4 bytes at a time
2683 */
2684 case 'b':
2685 {
2686 size_t copy = (reps - i) > sizeof(result) ? sizeof(result) : reps - i;
2687
2688 memcpy(buff_p, (uint8_t *)&result, copy);
2689 buff_p += copy;
2690 i += (copy - 1); /* Loop +1 */
2691 }
2692 break;
2693
2694 default:
2695 REDEBUG("Invalid character class '%c'", *p);
2696 talloc_free(vb);
2697
2698 return XLAT_ACTION_FAIL;
2699 }
2700 }
2701
2702 p++;
2703 }
2704
2705 *buff_p++ = '\0';
2706
2708
2709 return XLAT_ACTION_DONE;
2710}
2711
2712
2714 { .required = true, .type = FR_TYPE_UINT64 },
2715 { .required = false, .type = FR_TYPE_UINT64 },
2716 { .required = false, .type = FR_TYPE_UINT64 },
2718};
2719
2720/** Generate a range of uint64 numbers
2721 *
2722 * Example:
2723@verbatim
2724%range(end) - 0..end
2725%rang(start, end)
2726%range(start,end, step)
2727@endverbatim
2728 * @ingroup xlat_functions
2729 */
2731 UNUSED xlat_ctx_t const *xctx,
2732 request_t *request, fr_value_box_list_t *args)
2733{
2734 fr_value_box_t *start_vb, *end_vb, *step_vb;
2735 fr_value_box_t *dst;
2736 uint64_t i, start, end, step;
2737
2738 XLAT_ARGS(args, &start_vb, &end_vb, &step_vb);
2739
2740 if (step_vb) {
2741 start = fr_value_box_list_head(&start_vb->vb_group)->vb_uint64;
2742 end = fr_value_box_list_head(&end_vb->vb_group)->vb_uint64;
2743 step = fr_value_box_list_head(&step_vb->vb_group)->vb_uint64;
2744
2745 } else if (end_vb) {
2746 start = fr_value_box_list_head(&start_vb->vb_group)->vb_uint64;
2747 end = fr_value_box_list_head(&end_vb->vb_group)->vb_uint64;
2748 step = 1;
2749
2750 } else {
2751 start = 0;
2752 end = fr_value_box_list_head(&start_vb->vb_group)->vb_uint64;
2753 step = 1;
2754 }
2755
2756 if (end <= start) {
2757 REDEBUG("Invalid range - 'start' must be less than 'end'");
2758 return XLAT_ACTION_FAIL;
2759 }
2760
2761 if (!step) {
2762 REDEBUG("Invalid range - 'step' must be greater than zero");
2763 return XLAT_ACTION_FAIL;
2764 }
2765
2766 if (step > (end - start)) {
2767 REDEBUG("Invalid range - 'step' must allow for at least one result");
2768 return XLAT_ACTION_FAIL;
2769 }
2770
2771 if (((end - start) / step) > 1000) {
2772 REDEBUG("Invalid range - Too many results");
2773 return XLAT_ACTION_FAIL;
2774 }
2775
2776 for (i = start; i < end; i += step) {
2777 MEM(dst = fr_value_box_alloc(ctx, FR_TYPE_UINT64, NULL));
2778 dst->vb_uint64 = i;
2779 fr_dcursor_append(out, dst);
2780 }
2781
2782 return XLAT_ACTION_DONE;
2783}
2784
2785static int CC_HINT(nonnull(2,3)) regex_xlat_escape(UNUSED request_t *request, fr_value_box_t *vb, UNUSED void *uctx)
2786{
2787 ssize_t slen;
2788 fr_sbuff_t *out = NULL;
2789 fr_value_box_entry_t entry;
2790
2791 FR_SBUFF_TALLOC_THREAD_LOCAL(&out, 256, 4096);
2792
2793 slen = fr_value_box_print(out, vb, &regex_escape_rules);
2794 if (slen < 0) return -1;
2795
2796 entry = vb->entry;
2798 (void) fr_value_box_bstrndup(vb, vb, NULL, fr_sbuff_start(out), fr_sbuff_used(out), false);
2799 vb->entry = entry;
2800
2801 return 0;
2802}
2803
2808
2809
2810/** Get named subcapture value from previous regex
2811 *
2812 * Example:
2813@verbatim
2814if ("foo" =~ /^(?<name>.*)/) {
2815 noop
2816}
2817%regex.match(name) == "foo"
2818@endverbatim
2819 *
2820 * @ingroup xlat_functions
2821 */
2823 UNUSED xlat_ctx_t const *xctx,
2824 request_t *request, fr_value_box_list_t *in)
2825{
2826 fr_value_box_t *in_head = fr_value_box_list_head(in);
2827
2828 /*
2829 * Find the first child of the first argument group
2830 */
2831 fr_value_box_t *arg = fr_value_box_list_head(&in_head->vb_group);
2832
2833 /*
2834 * Return the complete capture if no other capture is specified
2835 */
2836 if (!arg) {
2837 fr_value_box_t *vb;
2838
2839 MEM(vb = fr_value_box_alloc_null(ctx));
2840 if (regex_request_to_sub(vb, vb, request, 0) < 0) {
2841 REDEBUG2("No previous regex capture");
2842 talloc_free(vb);
2843 return XLAT_ACTION_FAIL;
2844 }
2845
2847
2848 return XLAT_ACTION_DONE;
2849 }
2850
2851 switch (arg->type) {
2852 /*
2853 * If the input is an integer value then get an
2854 * arbitrary subcapture index.
2855 */
2856 case FR_TYPE_NUMERIC:
2857 {
2858 fr_value_box_t idx;
2859 fr_value_box_t *vb;
2860
2861 if (fr_value_box_list_next(in, in_head)) {
2862 REDEBUG("Only one subcapture argument allowed");
2863 return XLAT_ACTION_FAIL;
2864 }
2865
2866 if (fr_value_box_cast(NULL, &idx, FR_TYPE_UINT32, NULL, arg) < 0) {
2867 RPEDEBUG("Bad subcapture index");
2868 return XLAT_ACTION_FAIL;
2869 }
2870
2871 MEM(vb = fr_value_box_alloc_null(ctx));
2872 if (regex_request_to_sub(vb, vb, request, idx.vb_uint32) < 0) {
2873 REDEBUG2("No previous numbered regex capture group '%u'", idx.vb_uint32);
2874 talloc_free(vb);
2875 return XLAT_ACTION_DONE;
2876 }
2878
2879 return XLAT_ACTION_DONE;
2880 }
2881
2882 default:
2883#if defined(HAVE_REGEX_PCRE) || defined(HAVE_REGEX_PCRE2)
2884 {
2885 fr_value_box_t *vb;
2886
2887 /*
2888 * Concatenate all input
2889 */
2891 arg, &in_head->vb_group, FR_TYPE_STRING,
2893 SIZE_MAX) < 0) {
2894 RPEDEBUG("Failed concatenating input");
2895 return XLAT_ACTION_FAIL;
2896 }
2897
2898 MEM(vb = fr_value_box_alloc_null(ctx));
2899 if (regex_request_to_sub_named(vb, vb, request, arg->vb_strvalue) < 0) {
2900 REDEBUG2("No previous named regex capture group '%s'", arg->vb_strvalue);
2901 talloc_free(vb);
2902 return XLAT_ACTION_DONE; /* NOT an error, just an empty result */
2903 }
2905
2906 return XLAT_ACTION_DONE;
2907 }
2908#else
2909 RDEBUG("Named regex captures are not supported (they require libpcre2)");
2910 return XLAT_ACTION_FAIL;
2911#endif
2912 }
2913}
2914
2916 { .concat = true, .type = FR_TYPE_OCTETS },
2918};
2919
2920/** Calculate the SHA1 hash of a string or attribute.
2921 *
2922 * Example:
2923@verbatim
2924%sha1(foo) == "0beec7b5ea3f0fdbc95d0dd47f3c5bc275da8a33"
2925@endverbatim
2926 *
2927 * @ingroup xlat_functions
2928 */
2930 UNUSED xlat_ctx_t const *xctx,
2931 UNUSED request_t *request, fr_value_box_list_t *args)
2932{
2934 fr_sha1_ctx sha1_ctx;
2935 fr_value_box_t *vb;
2936 fr_value_box_t *in_head;
2937
2938 XLAT_ARGS(args, &in_head);
2939
2940 fr_sha1_init(&sha1_ctx);
2941 if (in_head) {
2942 fr_sha1_update(&sha1_ctx, in_head->vb_octets, in_head->vb_length);
2943 } else {
2944 /* sha1 of empty string */
2945 fr_sha1_update(&sha1_ctx, NULL, 0);
2946 }
2947 fr_sha1_final(digest, &sha1_ctx);
2948
2949 MEM(vb = fr_value_box_alloc_null(ctx));
2950 fr_value_box_memdup(vb, vb, NULL, digest, sizeof(digest), false);
2951
2953
2954 return XLAT_ACTION_DONE;
2955}
2956
2957/** Calculate any digest supported by OpenSSL EVP_MD
2958 *
2959 * Example:
2960@verbatim
2961%sha2_256(foo) == "0beec7b5ea3f0fdbc95d0dd47f3c5bc275da8a33"
2962@endverbatim
2963 *
2964 * @ingroup xlat_functions
2965 */
2966#ifdef HAVE_OPENSSL_EVP_H
2967static xlat_action_t xlat_evp_md(TALLOC_CTX *ctx, fr_dcursor_t *out,
2968 UNUSED xlat_ctx_t const *xctx,
2969 UNUSED request_t *request, fr_value_box_list_t *args, EVP_MD const *md)
2970{
2971 uint8_t digest[EVP_MAX_MD_SIZE];
2972 unsigned int digestlen;
2973 EVP_MD_CTX *md_ctx;
2974 fr_value_box_t *vb;
2975 fr_value_box_t *in_head;
2976
2977 XLAT_ARGS(args, &in_head);
2978
2979 md_ctx = EVP_MD_CTX_create();
2980 EVP_DigestInit_ex(md_ctx, md, NULL);
2981 if (in_head) {
2982 EVP_DigestUpdate(md_ctx, in_head->vb_octets, in_head->vb_length);
2983 } else {
2984 EVP_DigestUpdate(md_ctx, NULL, 0);
2985 }
2986 EVP_DigestFinal_ex(md_ctx, digest, &digestlen);
2987 EVP_MD_CTX_destroy(md_ctx);
2988
2989 MEM(vb = fr_value_box_alloc_null(ctx));
2990 fr_value_box_memdup(vb, vb, NULL, digest, digestlen, false);
2991
2993
2994 return XLAT_ACTION_DONE;
2995}
2996
2997# define EVP_MD_XLAT(_md, _md_func) \
2998static xlat_action_t xlat_func_##_md(TALLOC_CTX *ctx, fr_dcursor_t *out,\
2999 xlat_ctx_t const *xctx, \
3000 request_t *request,\
3001 fr_value_box_list_t *in)\
3002{\
3003 return xlat_evp_md(ctx, out, xctx, request, in, EVP_##_md_func());\
3004}
3005
3006EVP_MD_XLAT(sha2_224, sha224)
3007EVP_MD_XLAT(sha2_256, sha256)
3008EVP_MD_XLAT(sha2_384, sha384)
3009EVP_MD_XLAT(sha2_512, sha512)
3010
3011/*
3012 * OpenWRT's OpenSSL library doesn't contain these by default
3013 */
3014#ifdef HAVE_EVP_BLAKE2S256
3015EVP_MD_XLAT(blake2s_256, blake2s256)
3016#endif
3017
3018#ifdef HAVE_EVP_BLAKE2B512
3019EVP_MD_XLAT(blake2b_512, blake2b512)
3020#endif
3021
3022EVP_MD_XLAT(sha3_224, sha3_224)
3023EVP_MD_XLAT(sha3_256, sha3_256)
3024EVP_MD_XLAT(sha3_384, sha3_384)
3025EVP_MD_XLAT(sha3_512, sha3_512)
3026#endif
3027
3028
3030 { .required = true, .concat = true, .type = FR_TYPE_STRING },
3032};
3033
3035 { .concat = true, .type = FR_TYPE_STRING },
3037};
3038
3039/** Print length of given string
3040 *
3041 * Example:
3042@verbatim
3043%strlen(foo) == 3
3044@endverbatim
3045 *
3046 * @see #xlat_func_length
3047 *
3048 * @ingroup xlat_functions
3049 */
3051 UNUSED xlat_ctx_t const *xctx,
3052 UNUSED request_t *request, fr_value_box_list_t *args)
3053{
3054 fr_value_box_t *vb;
3055 fr_value_box_t *in_head;
3056
3057 XLAT_ARGS(args, &in_head);
3058
3059 MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_SIZE, NULL));
3060
3061 if (!in_head) {
3062 vb->vb_size = 0;
3063 } else {
3064 vb->vb_size = strlen(in_head->vb_strvalue);
3065 }
3066
3068
3069 return XLAT_ACTION_DONE;
3070}
3071
3073 { .concat = true, .type = FR_TYPE_STRING },
3074 { .single = true, .type = FR_TYPE_BOOL },
3076};
3077
3078/** Return whether a string has only printable chars
3079 *
3080 * This function returns true if the input string contains UTF8 sequences and printable chars.
3081 *
3082 * @note "\t" and " " are considered unprintable chars, unless the second argument(relaxed) is true.
3083 *
3084 * Example:
3085@verbatim
3086%str.printable("🍉abcdef🍓") == true
3087%str.printable("\000\n\r\t") == false
3088%str.printable("\t abcd", yes) == true
3089@endverbatim
3090 *
3091 * @ingroup xlat_functions
3092 */
3094 UNUSED xlat_ctx_t const *xctx,
3095 UNUSED request_t *request, fr_value_box_list_t *args)
3096{
3097 fr_value_box_t *vb;
3098 fr_value_box_t *str;
3099 fr_value_box_t *relaxed_vb;
3100 uint8_t const *p, *end;
3101 bool relaxed = false;
3102
3103 XLAT_ARGS(args, &str, &relaxed_vb);
3104
3105 if (relaxed_vb) relaxed = relaxed_vb->vb_bool;
3106
3107 p = (uint8_t const *)str->vb_strvalue;
3108 end = p + str->vb_length;
3109
3110 MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_BOOL, NULL));
3112 vb->vb_bool = false;
3113
3114 do {
3115 size_t clen;
3116
3117 if ((*p < '!') &&
3118 (!relaxed || ((*p != '\t') && (*p != ' ')))) return XLAT_ACTION_DONE;
3119
3120 if (*p == 0x7f) return XLAT_ACTION_DONE;
3121
3122 clen = fr_utf8_char(p, end - p);
3123 if (clen == 0) return XLAT_ACTION_DONE;
3124 p += clen;
3125 } while (p < end);
3126
3127 vb->vb_bool = true;
3128
3129 return XLAT_ACTION_DONE;
3130}
3131
3133 { .concat = true, .type = FR_TYPE_STRING },
3135};
3136
3137/** Return whether a string is valid UTF-8
3138 *
3139 * This function returns true if the input string is valid UTF-8, false otherwise.
3140 *
3141 * Example:
3142@verbatim
3143%str.utf8(🍉🥝🍓) == true
3144%str.utf8(🍉\xff🍓) == false
3145@endverbatim
3146 *
3147 * @ingroup xlat_functions
3148 */
3150 UNUSED xlat_ctx_t const *xctx,
3151 UNUSED request_t *request, fr_value_box_list_t *args)
3152{
3153 fr_value_box_t *vb;
3154 fr_value_box_t *in_head;
3155
3156 XLAT_ARGS(args, &in_head);
3157
3158 MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_BOOL, NULL));
3159 vb->vb_bool = (fr_utf8_str((uint8_t const *)in_head->vb_strvalue,
3160 in_head->vb_length) >= 0);
3161
3163
3164 return XLAT_ACTION_DONE;
3165}
3166
3168 { .single = true, .required = true, .type = FR_TYPE_VOID },
3169 { .single = true, .required = true, .type = FR_TYPE_INT32 },
3170 { .single = true, .type = FR_TYPE_INT32 },
3172};
3173
3174/** Extract a substring from string / octets data
3175 *
3176 * Non string / octets data is cast to a string.
3177 *
3178 * Second parameter is start position, optional third parameter is length
3179 * Negative start / length count from RHS of data.
3180 *
3181 * Example: (User-Name = "hello")
3182@verbatim
3183%substr(&User-Name, 1, 3) == 'ell'
3184@endverbatim
3185 *
3186 * @ingroup xlat_functions
3187 */
3188static xlat_action_t xlat_func_substr(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx,
3189 request_t *request, fr_value_box_list_t *args)
3190{
3191 fr_value_box_t *in = NULL, *start_vb, *len_vb, *vb;
3192 int32_t start, end, len;
3193
3194 XLAT_ARGS(args, &in, &start_vb, &len_vb);
3195
3196 switch (in->type) {
3197 case FR_TYPE_OCTETS:
3198 case FR_TYPE_STRING:
3199 break;
3200
3201 default:
3203 RPEDEBUG("Failed casting value to string");
3204 return XLAT_ACTION_FAIL;
3205 }
3206 break;
3207 }
3208
3209 if (start_vb->vb_int32 > (int32_t)in->vb_length) return XLAT_ACTION_DONE;
3210
3211 if (start_vb->vb_int32 < 0) {
3212 start = in->vb_length + start_vb->vb_int32;
3213 if (start < 0) start = 0;
3214 } else {
3215 start = start_vb->vb_int32;
3216 }
3217
3218 if (len_vb) {
3219 if (len_vb->vb_int32 < 0) {
3220 end = in->vb_length + len_vb->vb_int32;
3221 if (end < 0) return XLAT_ACTION_DONE;
3222 } else {
3223 end = start + len_vb->vb_int32;
3224 if (end > (int32_t)in->vb_length) end = in->vb_length;
3225 }
3226 } else {
3227 end = in->vb_length;
3228 }
3229
3230 if (start >= end) return XLAT_ACTION_DONE;
3231
3232 MEM(vb = fr_value_box_alloc(ctx, in->type, NULL));
3233
3234 len = end - start;
3235 switch (in->type) {
3236 case FR_TYPE_STRING:
3237 fr_value_box_bstrndup(vb, vb, NULL, &in->vb_strvalue[start], len, false);
3238 break;
3239 case FR_TYPE_OCTETS:
3240 {
3241 uint8_t *buf;
3242 fr_value_box_mem_alloc(vb, &buf, vb, NULL, len, false);
3243 memcpy(buf, &in->vb_octets[start], len);
3244 }
3245 break;
3246 default:
3247 fr_assert(0);
3248 }
3249
3252
3253 return XLAT_ACTION_DONE;
3254}
3255
3256#ifdef HAVE_REGEX_PCRE2
3257/** Cache statically compiled expressions
3258 */
3259typedef struct {
3260 regex_t *pattern;
3261 fr_regex_flags_t flags;
3262} xlat_subst_regex_inst_t;
3263
3264/** Pre-compile regexes where possible
3265 */
3266static int xlat_instantiate_subst_regex(xlat_inst_ctx_t const *xctx)
3267{
3268 xlat_subst_regex_inst_t *inst = talloc_get_type_abort(xctx->inst, xlat_subst_regex_inst_t);
3269 xlat_exp_t *patt_exp;
3270 fr_sbuff_t sbuff;
3271 fr_sbuff_marker_t start_m, end_m;
3272
3273 /* args #2 (pattern) */
3274 patt_exp = fr_dlist_next(&xctx->ex->call.args->dlist, fr_dlist_head(&xctx->ex->call.args->dlist));
3275 fr_assert(patt_exp && patt_exp->type == XLAT_GROUP); /* args must be groups */
3276
3277 /* If there are dynamic expansions, we can't pre-compile */
3278 if (!xlat_is_literal(patt_exp->group)) return 0;
3279 fr_assert(fr_dlist_num_elements(&patt_exp->group->dlist) == 1);
3280
3281 patt_exp = fr_dlist_head(&patt_exp->group->dlist);
3282
3283 /* We can only pre-compile strings */
3284 if (!fr_type_is_string(patt_exp->data.type)) return 0;
3285
3286 sbuff = FR_SBUFF_IN(patt_exp->data.vb_strvalue, patt_exp->data.vb_length);
3287
3288 /* skip any whitesapce */
3289 fr_sbuff_adv_past_whitespace(&sbuff, SIZE_MAX, 0);
3290
3291 /* Is the next char a forward slash? */
3292 if (fr_sbuff_next_if_char(&sbuff, '/')) {
3293 fr_slen_t slen;
3294
3295 fr_sbuff_marker(&start_m, &sbuff);
3296
3297 if (!fr_sbuff_adv_to_chr(&sbuff, SIZE_MAX, '/')) return 0; /* Not a regex */
3298
3299 fr_sbuff_marker(&end_m, &sbuff);
3300 fr_sbuff_next(&sbuff); /* skip trailing slash */
3301
3302 if (fr_sbuff_remaining(&sbuff)) {
3303 slen = regex_flags_parse(NULL, &inst->flags,
3304 &sbuff,
3305 NULL, true);
3306 if (slen < 0) {
3307 PERROR("Failed parsing regex flags in \"%s\"", patt_exp->data.vb_strvalue);
3308 return -1;
3309 }
3310 }
3311
3312 if (regex_compile(inst, &inst->pattern,
3313 fr_sbuff_current(&start_m), fr_sbuff_current(&end_m) - fr_sbuff_current(&start_m),
3314 &inst->flags, true, false) <= 0) {
3315 PERROR("Failed compiling regex \"%s\"", patt_exp->data.vb_strvalue);
3316 return -1;
3317 }
3318 }
3319 /* No... then it's not a regex */
3320
3321 return 0;
3322}
3323
3324/** Perform regex substitution TODO CHECK
3325 *
3326 * Called when %subst() pattern begins with "/"
3327 *
3328@verbatim
3329%subst(<subject>, /<regex>/[flags], <replace>)
3330@endverbatim
3331 *
3332 * Example: (User-Name = "foo")
3333@verbatim
3334%subst(%{User-Name}, /oo.*$/, 'un') == "fun"
3335@endverbatim
3336 *
3337 * @note References can be specified in the replacement string with $<ref>
3338 *
3339 * @see #xlat_func_subst
3340 *
3341 * @ingroup xlat_functions
3342 */
3343static int xlat_func_subst_regex(TALLOC_CTX *ctx, fr_dcursor_t *out,
3344 xlat_ctx_t const *xctx, request_t *request,
3345 fr_value_box_list_t *args)
3346{
3347 xlat_subst_regex_inst_t const *inst = talloc_get_type_abort_const(xctx->inst, xlat_subst_regex_inst_t);
3348 fr_sbuff_t sbuff;
3349 fr_sbuff_marker_t start_m, end_m;
3350 char *buff;
3351 ssize_t slen;
3352 regex_t *pattern, *our_pattern = NULL;
3353 fr_regex_flags_t const *flags;
3354 fr_regex_flags_t our_flags = {};
3355 fr_value_box_t *vb;
3356 fr_value_box_t *subject_vb;
3357 fr_value_box_t *regex_vb;
3358 fr_value_box_t *rep_vb;
3359
3360 XLAT_ARGS(args, &subject_vb, &regex_vb, &rep_vb);
3361
3362 /*
3363 * Was not pre-compiled, so we need to compile it now
3364 */
3365 if (!inst->pattern) {
3366 sbuff = FR_SBUFF_IN(regex_vb->vb_strvalue, regex_vb->vb_length);
3367 if (fr_sbuff_len(&sbuff) == 0) {
3368 REDEBUG("Regex must not be empty");
3369 return XLAT_ACTION_FAIL;
3370 }
3371
3372 fr_sbuff_next(&sbuff); /* skip leading slash */
3373 fr_sbuff_marker(&start_m, &sbuff);
3374
3375 if (!fr_sbuff_adv_to_chr(&sbuff, SIZE_MAX, '/')) return 1; /* Not a regex */
3376
3377 fr_sbuff_marker(&end_m, &sbuff);
3378 fr_sbuff_next(&sbuff); /* skip trailing slash */
3379
3380 slen = regex_flags_parse(NULL, &our_flags, &sbuff, NULL, true);
3381 if (slen < 0) {
3382 RPEDEBUG("Failed parsing regex flags");
3383 return -1;
3384 }
3385
3386 /*
3387 * Process the substitution
3388 */
3389 if (regex_compile(NULL, &our_pattern,
3390 fr_sbuff_current(&start_m), fr_sbuff_current(&end_m) - fr_sbuff_current(&start_m),
3391 &our_flags, true, true) <= 0) {
3392 RPEDEBUG("Failed compiling regex");
3393 return -1;
3394 }
3395 pattern = our_pattern;
3396 flags = &our_flags;
3397 } else {
3398 pattern = inst->pattern;
3399 flags = &inst->flags;
3400 }
3401
3402 MEM(vb = fr_value_box_alloc_null(ctx));
3403 if (regex_substitute(vb, &buff, 0, pattern, flags,
3404 subject_vb->vb_strvalue, subject_vb->vb_length,
3405 rep_vb->vb_strvalue, rep_vb->vb_length, NULL) < 0) {
3406 RPEDEBUG("Failed performing substitution");
3407 talloc_free(vb);
3408 talloc_free(pattern);
3409 return -1;
3410 }
3411 fr_value_box_bstrdup_buffer_shallow(NULL, vb, NULL, buff, false);
3412
3413 fr_value_box_safety_copy(vb, subject_vb);
3414 fr_value_box_safety_merge(vb, rep_vb);
3415
3417
3418 talloc_free(our_pattern);
3419
3420 return 0;
3421}
3422#endif
3423
3425 { .required = true, .concat = true, .type = FR_TYPE_STRING },
3426 { .required = true, .concat = true, .type = FR_TYPE_STRING },
3427 { .required = true, .concat = true, .type = FR_TYPE_STRING },
3429};
3430
3431/** Perform regex substitution
3432 *
3433@verbatim
3434%subst(<subject>, <pattern>, <replace>)
3435@endverbatim
3436 *
3437 * Example: (User-Name = "foobar")
3438@verbatim
3439%subst(%{User-Name}, 'oo', 'un') == "funbar"
3440@endverbatim
3441 *
3442 * @see xlat_func_subst_regex
3443 *
3444 * @ingroup xlat_functions
3445 */
3447#ifdef HAVE_REGEX_PCRE2
3448 xlat_ctx_t const *xctx,
3449#else
3450 UNUSED xlat_ctx_t const *xctx,
3451#endif
3452 request_t *request, fr_value_box_list_t *args)
3453{
3454 char const *p, *q, *end;
3455 char *vb_str;
3456
3457 char const *pattern, *rep;
3458 size_t pattern_len, rep_len;
3459
3460 fr_value_box_t *rep_vb, *vb;
3461 fr_value_box_t *subject_vb;
3462 fr_value_box_t *pattern_vb;
3463
3464 XLAT_ARGS(args, &subject_vb, &pattern_vb, &rep_vb);
3465
3466 /* coverity[dereference] */
3467 pattern = pattern_vb->vb_strvalue;
3468 if (*pattern == '/') {
3469#ifdef HAVE_REGEX_PCRE2
3470 switch (xlat_func_subst_regex(ctx, out, xctx, request, args)) {
3471 case 0:
3472 return XLAT_ACTION_DONE;
3473
3474 case 1:
3475 /* Not a regex, fall through */
3476 break;
3477
3478 case -1:
3479 return XLAT_ACTION_FAIL;
3480 }
3481#else
3482 if (memchr(pattern, '/', pattern_vb->vb_length - 1)) {
3483 REDEBUG("regex based substitutions require libpcre2. "
3484 "Check ${features.regex-pcre2} to determine support");
3485 }
3486 return XLAT_ACTION_FAIL;
3487#endif
3488 }
3489
3490 /*
3491 * Check for empty pattern
3492 */
3493 pattern_len = pattern_vb->vb_length;
3494 if (pattern_len == 0) {
3495 REDEBUG("Empty pattern");
3496 return XLAT_ACTION_FAIL;
3497 }
3498
3499 rep = rep_vb->vb_strvalue;
3500 rep_len = rep_vb->vb_length;
3501
3502 p = subject_vb->vb_strvalue;
3503 end = p + subject_vb->vb_length;
3504
3505 MEM(vb = fr_value_box_alloc_null(ctx));
3506 vb_str = talloc_bstrndup(vb, "", 0);
3507
3508 while (p < end) {
3509 q = memmem(p, end - p, pattern, pattern_len);
3510 if (!q) {
3511 MEM(vb_str = talloc_bstr_append(vb, vb_str, p, end - p));
3512 break;
3513 }
3514
3515 if (q > p) MEM(vb_str = talloc_bstr_append(vb, vb_str, p, q - p));
3516 if (rep_len) MEM(vb_str = talloc_bstr_append(vb, vb_str, rep, rep_len));
3517 p = q + pattern_len;
3518 }
3519
3520 if (fr_value_box_bstrdup_buffer_shallow(NULL, vb, NULL, vb_str, false) < 0) {
3521 RPEDEBUG("Failed creating output box");
3522 talloc_free(vb);
3523 return XLAT_ACTION_FAIL;
3524 }
3525
3526 fr_value_box_safety_copy(vb, subject_vb);
3527 fr_value_box_safety_merge(vb, rep_vb);
3528
3530
3531 return XLAT_ACTION_DONE;
3532}
3533
3534/*
3535 * Debug builds only, we don't want to allow unsanitised inputs to crash the server
3536 */
3537#ifndef NDEBUG
3539 { .single = true, .required = true, .type = FR_TYPE_STRING },
3541};
3542
3544 UNUSED xlat_ctx_t const *xctx, request_t *request,
3545 fr_value_box_list_t *args)
3546{
3547 static fr_table_num_sorted_t const signal_table[] = {
3548 { L("break"), SIGTRAP }, /* Save flailing at the keyboard */
3549 { L("BREAK"), SIGTRAP },
3550 { L("SIGABRT"), SIGABRT },
3551 { L("SIGALRM"), SIGALRM },
3552#ifdef SIGBUS
3553 { L("SIGBUS"), SIGBUS },
3554#endif
3555 { L("SIGCHLD"), SIGCHLD },
3556 { L("SIGCONT"), SIGCONT },
3557 { L("SIGFPE"), SIGFPE },
3558 { L("SIGHUP"), SIGHUP },
3559 { L("SIGILL"), SIGILL },
3560 { L("SIGINT"), SIGINT },
3561 { L("SIGKILL"), SIGKILL },
3562 { L("SIGPIPE"), SIGPIPE },
3563#ifdef SIGPOLL
3564 { L("SIGPOLL"), SIGPOLL },
3565#endif
3566 { L("SIGPROF"), SIGPROF },
3567 { L("SIGQUIT"), SIGQUIT },
3568 { L("SIGSEGV"), SIGSEGV },
3569 { L("SIGSTOP"), SIGSTOP },
3570#ifdef SIGSYS
3571 { L("SIGSYS"), SIGSYS },
3572#endif
3573 { L("SIGTERM"), SIGTERM },
3574#ifdef SIGTRAP
3575 { L("SIGTRAP"), SIGTRAP },
3576#endif
3577 { L("SIGTSTP"), SIGTSTP },
3578 { L("SIGTTIN"), SIGTTIN },
3579 { L("SIGTTOU"), SIGTTOU },
3580 { L("SIGURG"), SIGURG },
3581 { L("SIGUSR1"), SIGUSR1 },
3582 { L("SIGUSR2"), SIGUSR2 },
3583 { L("SIGVTALRM"), SIGVTALRM },
3584 { L("SIGXCPU"), SIGXCPU },
3585 { L("SIGXFSZ"), SIGXFSZ }
3586 };
3587 static size_t signal_table_len = NUM_ELEMENTS(signal_table);
3588
3589 fr_value_box_t *signal_vb;
3590 int signal;
3591
3592 XLAT_ARGS(args, &signal_vb);
3593
3594 signal = fr_table_value_by_substr(signal_table, signal_vb->vb_strvalue, signal_vb->vb_length, -1);
3595 if (signal < 0) {
3596 RERROR("Invalid signal \"%pV\"", signal_vb);
3597 return XLAT_ACTION_FAIL;
3598 }
3599 if (raise(signal) < 0) {
3600 RERROR("Failed raising signal %d: %s", signal, strerror(errno));
3601 return XLAT_ACTION_FAIL;
3602 }
3603 return XLAT_ACTION_DONE;
3604}
3605#endif
3606
3608 { .required = false, .single = true, .type = FR_TYPE_STRING },
3610};
3611
3612/** Return the time as a #FR_TYPE_DATE
3613 *
3614 * Note that all operations are UTC.
3615 *
3616@verbatim
3617%time()
3618@endverbatim
3619 *
3620 * Example:
3621@verbatim
3622update reply {
3623 &Reply-Message := "%{%time(now) - %time(request)}"
3624}
3625@endverbatim
3626 *
3627 * @ingroup xlat_functions
3628 */
3630 UNUSED xlat_ctx_t const *xctx,
3631 request_t *request, fr_value_box_list_t *args)
3632{
3633 fr_value_box_t *arg;
3634 fr_value_box_t *vb;
3636
3637 XLAT_ARGS(args, &arg);
3638
3639 if (!arg || (strcmp(arg->vb_strvalue, "now") == 0)) {
3641
3642 } else if (strcmp(arg->vb_strvalue, "request") == 0) {
3643 value = fr_time_to_unix_time(request->packet->timestamp);
3644
3645 } else if (strcmp(arg->vb_strvalue, "offset") == 0) {
3646 MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_TIME_DELTA, NULL));
3647 vb->vb_time_delta = fr_time_gmtoff();
3648 goto append;
3649
3650 } else if (strcmp(arg->vb_strvalue, "dst") == 0) {
3651 MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_BOOL, NULL));
3652 vb->vb_bool = fr_time_is_dst();
3653 goto append;
3654
3655 } else if (strcmp(arg->vb_strvalue, "mday_offset") == 0) {
3656 struct tm tm;
3657 fr_unix_time_t unix_time = fr_time_to_unix_time(request->packet->timestamp);
3658 time_t when = fr_unix_time_to_sec(unix_time);
3659 int64_t nsec;
3660
3661 gmtime_r(&when, &tm);
3662
3663 nsec = (int64_t) 86400 * (tm.tm_mday - 1);
3664 nsec += when % 86400;
3665 nsec *= NSEC;
3666 nsec += fr_unix_time_unwrap(unix_time) % NSEC;
3667
3668 MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_TIME_DELTA, NULL));
3669 vb->vb_time_delta = fr_time_delta_wrap(nsec);
3670 goto append;
3671
3672 } else if (strcmp(arg->vb_strvalue, "wday_offset") == 0) {
3673 struct tm tm;
3674 fr_unix_time_t unix_time = fr_time_to_unix_time(request->packet->timestamp);
3675 time_t when = fr_unix_time_to_sec(unix_time);
3676 int64_t nsec;
3677
3678 gmtime_r(&when, &tm);
3679
3680 nsec = (int64_t) 86400 * tm.tm_wday;
3681 nsec += when % 86400;
3682 nsec *= NSEC;
3683 nsec += fr_unix_time_unwrap(unix_time) % NSEC;
3684
3685 MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_TIME_DELTA, NULL));
3686 vb->vb_time_delta = fr_time_delta_wrap(nsec);
3687
3688 MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_TIME_DELTA, NULL));
3689 vb->vb_time_delta = fr_time_delta_wrap(nsec);
3690 goto append;
3691
3692 } else if (fr_unix_time_from_str(&value, arg->vb_strvalue, FR_TIME_RES_SEC) < 0) {
3693 REDEBUG("Invalid time specification '%s'", arg->vb_strvalue);
3694 return XLAT_ACTION_FAIL;
3695 }
3696
3697 MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_DATE, NULL));
3698 vb->vb_date = value;
3699
3700append:
3702
3703 return XLAT_ACTION_DONE;
3704}
3705
3706/** Return the current time as a #FR_TYPE_DATE
3707 *
3708 * Note that all operations are UTC.
3709 *
3710@verbatim
3711%time.now()
3712@endverbatim
3713 *
3714 * Example:
3715@verbatim
3716update reply {
3717 &Reply-Message := "%{%time.now() - %time.request()}"
3718}
3719@endverbatim
3720 *
3721 * @ingroup xlat_functions
3722 */
3724 UNUSED xlat_ctx_t const *xctx,
3725 UNUSED request_t *request, UNUSED fr_value_box_list_t *args)
3726{
3727 fr_value_box_t *vb;
3728
3729 MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_DATE, NULL));
3730 vb->vb_date = fr_time_to_unix_time(fr_time());
3731
3733
3734 return XLAT_ACTION_DONE;
3735}
3736
3737/** Return the request receive time as a #FR_TYPE_DATE
3738 *
3739 * Note that all operations are UTC.
3740 *
3741@verbatim
3742%time.request()
3743@endverbatim
3744 *
3745 * Example:
3746@verbatim
3747update reply {
3748 &Reply-Message := "%{%time.now() - %time.request()}"
3749}
3750@endverbatim
3751 *
3752 * @ingroup xlat_functions
3753 */
3755 UNUSED xlat_ctx_t const *xctx,
3756 request_t *request, UNUSED fr_value_box_list_t *args)
3757{
3758 fr_value_box_t *vb;
3759
3760 MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_DATE, NULL));
3761 vb->vb_date = fr_time_to_unix_time(request->packet->timestamp);
3762
3764
3765 return XLAT_ACTION_DONE;
3766}
3767
3768
3769/** Return the current time offset from gmt
3770 *
3771 * @ingroup xlat_functions
3772 */
3774 UNUSED xlat_ctx_t const *xctx,
3775 UNUSED request_t *request, UNUSED fr_value_box_list_t *args)
3776{
3777 fr_value_box_t *vb;
3778
3779 MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_TIME_DELTA, NULL));
3780 vb->vb_time_delta = fr_time_gmtoff();
3781
3783
3784 return XLAT_ACTION_DONE;
3785}
3786
3787
3788/** Return whether we are in daylight savings or not
3789 *
3790 * @ingroup xlat_functions
3791 */
3793 UNUSED xlat_ctx_t const *xctx,
3794 UNUSED request_t *request, UNUSED fr_value_box_list_t *args)
3795{
3796 fr_value_box_t *vb;
3797
3798 MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_BOOL, NULL));
3799 vb->vb_bool = fr_time_is_dst();
3800
3802
3803 return XLAT_ACTION_DONE;
3804}
3805
3806
3807/** Change case of a string
3808 *
3809 * If upper is true, change to uppercase, otherwise, change to lowercase
3810 */
3812 UNUSED request_t *request, fr_value_box_list_t *args, bool upper)
3813{
3814 char *p;
3815 char const *end;
3816 fr_value_box_t *vb;
3817
3818 XLAT_ARGS(args, &vb);
3819
3820 p = UNCONST(char *, vb->vb_strvalue);
3821 end = p + vb->vb_length;
3822
3823 while (p < end) {
3824 *(p) = upper ? toupper ((int) *(p)) : tolower((uint8_t) *(p));
3825 p++;
3826 }
3827
3828 fr_value_box_list_remove(args, vb); /* Can't leave it in both lists */
3830
3831 return XLAT_ACTION_DONE;
3832}
3833
3835 { .required = true, .concat = true, .type = FR_TYPE_STRING },
3837};
3838
3839
3840/** Convert a string to lowercase
3841 *
3842 * Example:
3843@verbatim
3844%tolower("Bar") == "bar"
3845@endverbatim
3846 *
3847 * Probably only works for ASCII
3848 *
3849 * @ingroup xlat_functions
3850 */
3852 UNUSED xlat_ctx_t const *xctx,
3853 request_t *request, fr_value_box_list_t *in)
3854{
3855 return xlat_change_case(ctx, out, request, in, false);
3856}
3857
3858
3859/** Convert a string to uppercase
3860 *
3861 * Example:
3862@verbatim
3863%toupper("Foo") == "FOO"
3864@endverbatim
3865 *
3866 * Probably only works for ASCII
3867 *
3868 * @ingroup xlat_functions
3869 */
3871 UNUSED xlat_ctx_t const *xctx,
3872 request_t *request, fr_value_box_list_t *in)
3873{
3874 return xlat_change_case(ctx, out, request, in, true);
3875}
3876
3877
3879 { .required = true, .concat = true, .type = FR_TYPE_STRING },
3881};
3882
3883/** URLencode special characters
3884 *
3885 * Example:
3886@verbatim
3887%urlquote("http://example.org/") == "http%3A%47%47example.org%47"
3888@endverbatim
3889 *
3890 * @ingroup xlat_functions
3891 */
3893 UNUSED xlat_ctx_t const *xctx,
3894 UNUSED request_t *request, fr_value_box_list_t *args)
3895{
3896 char const *p, *end;
3897 char *buff_p;
3898 size_t outlen = 0;
3899 fr_value_box_t *vb;
3900 fr_value_box_t *in_head;
3901
3902 XLAT_ARGS(args, &in_head);
3903
3904 p = in_head->vb_strvalue;
3905 end = p + in_head->vb_length;
3906
3907 /*
3908 * Calculate size of output
3909 */
3910 while (p < end) {
3911 if (isalnum(*p) ||
3912 *p == '-' ||
3913 *p == '_' ||
3914 *p == '.' ||
3915 *p == '~') {
3916 outlen++;
3917 } else {
3918 outlen += 3;
3919 }
3920 p++;
3921 }
3922
3923 MEM(vb = fr_value_box_alloc_null(ctx));
3924 MEM(fr_value_box_bstr_alloc(vb, &buff_p, vb, NULL, outlen, false) == 0);
3925 fr_value_box_safety_copy(vb, in_head);
3926
3927 /* Reset p to start position */
3928 p = in_head->vb_strvalue;
3929
3930 while (p < end) {
3931 if (isalnum(*p)) {
3932 *buff_p++ = *p++;
3933 continue;
3934 }
3935
3936 switch (*p) {
3937 case '-':
3938 case '_':
3939 case '.':
3940 case '~':
3941 *buff_p++ = *p++;
3942 break;
3943
3944 default:
3945 /* MUST be upper case hex to be compliant */
3946 snprintf(buff_p, 4, "%%%02X", (uint8_t) *p++); /* %XX */
3947
3948 buff_p += 3;
3949 }
3950 }
3951
3952 *buff_p = '\0';
3953
3954 // @todo - mark as safe for URL?
3956
3957 return XLAT_ACTION_DONE;
3958}
3959
3960
3962 { .required = true, .concat = true, .type = FR_TYPE_STRING },
3964};
3965
3966/** URLdecode special characters
3967 *
3968 * @note Remember to escape % with %% in strings, else xlat will try to parse it.
3969 *
3970 * Example:
3971@verbatim
3972%urlunquote("http%%3A%%47%%47example.org%%47") == "http://example.org/"
3973@endverbatim
3974 *
3975 * @ingroup xlat_functions
3976 */
3978 UNUSED xlat_ctx_t const *xctx,
3979 request_t *request, fr_value_box_list_t *args)
3980{
3981 char const *p, *end;
3982 char *buff_p;
3983 char *c1, *c2;
3984 size_t outlen = 0;
3985 fr_value_box_t *vb;
3986 fr_value_box_t *in_head;
3987
3988 XLAT_ARGS(args, &in_head);
3989
3990 p = in_head->vb_strvalue;
3991 end = p + in_head->vb_length;
3992
3993 /*
3994 * Calculate size of output
3995 */
3996 while (p < end) {
3997 if (*p == '%') {
3998 p += 3;
3999 } else {
4000 p++;
4001 }
4002 outlen++;
4003 }
4004
4005 MEM(vb = fr_value_box_alloc_null(ctx));
4006 MEM(fr_value_box_bstr_alloc(vb, &buff_p, vb, NULL, outlen, false) == 0);
4007 fr_value_box_safety_copy(vb, in_head);
4008
4009 /* Reset p to start position */
4010 p = in_head->vb_strvalue;
4011
4012 while (p < end) {
4013 if (*p != '%') {
4014 *buff_p++ = *p++;
4015 continue;
4016 }
4017 /* Is a % char */
4018
4019 /* Don't need \0 check, as it won't be in the hextab */
4020 if (!(c1 = memchr(hextab, tolower((uint8_t) *++p), 16)) ||
4021 !(c2 = memchr(hextab, tolower((uint8_t) *++p), 16))) {
4022 REMARKER(in_head->vb_strvalue, p - in_head->vb_strvalue, "Non-hex char in %% sequence");
4023 talloc_free(vb);
4024
4025 return XLAT_ACTION_FAIL;
4026 }
4027 p++;
4028 *buff_p++ = ((c1 - hextab) << 4) + (c2 - hextab);
4029 }
4030
4031 *buff_p = '\0';
4033
4034 return XLAT_ACTION_DONE;
4035}
4036
4041
4042/** Decode any protocol attribute / options
4043 *
4044 * Creates protocol-specific attributes based on the given binary option data
4045 *
4046 * Example:
4047@verbatim
4048%dhcpv4.decode(%{Tmp-Octets-0})
4049@endverbatim
4050 *
4051 * @ingroup xlat_functions
4052 */
4054 xlat_ctx_t const *xctx,
4055 request_t *request, fr_value_box_list_t *in)
4056{
4057 int decoded;
4058 fr_value_box_t *vb;
4059 void *decode_ctx = NULL;
4060 protocol_decode_xlat_uctx_t const *decode_uctx = talloc_get_type_abort(*(void * const *)xctx->inst, protocol_decode_xlat_uctx_t);
4061 fr_test_point_pair_decode_t const *tp_decode = decode_uctx->tp_decode;
4062
4063 if (decode_uctx->dict && decode_uctx->dict != request->proto_dict) {
4064 REDEBUG2("Can't call %%%s() when in %s namespace", xctx->ex->call.func->name,
4065 fr_dict_root(request->proto_dict)->name);
4066 return XLAT_ACTION_FAIL;
4067 }
4068
4069 if (tp_decode->test_ctx) {
4070 if (tp_decode->test_ctx(&decode_ctx, ctx, request->proto_dict) < 0) {
4071 return XLAT_ACTION_FAIL;
4072 }
4073 }
4074
4075 decoded = xlat_decode_value_box_list(request->request_ctx, &request->request_pairs,
4076 request, decode_ctx, tp_decode->func, in);
4077 if (decoded <= 0) {
4078 talloc_free(decode_ctx);
4079 RPERROR("Protocol decoding failed");
4080 return XLAT_ACTION_FAIL;
4081 }
4082
4083 /*
4084 * Create a value box to hold the decoded count, and add
4085 * it to the output list.
4086 */
4087 MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_UINT32, NULL));
4088 vb->vb_uint32 = decoded;
4090
4091 talloc_free(decode_ctx);
4092 return XLAT_ACTION_DONE;
4093}
4094
4096 { .required = true, .single = true, .type = FR_TYPE_IPV4_PREFIX },
4098};
4099
4100/** Calculate the subnet mask from a IPv4 prefix
4101 *
4102 * Example:
4103@verbatim
4104%ip.v4.netmask(%{Network-Prefix})
4105@endverbatim
4106 *
4107 * @ingroup xlat_functions
4108 */
4110 UNUSED request_t *request, fr_value_box_list_t *args)
4111{
4112 fr_value_box_t *subnet, *vb;
4113 XLAT_ARGS(args, &subnet);
4114
4115 MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_IPV4_ADDR, NULL));
4116 vb->vb_ip.addr.v4.s_addr = htonl((uint32_t)0xffffffff << (32 - subnet->vb_ip.prefix));
4118
4119 return XLAT_ACTION_DONE;
4120}
4121
4122/** Calculate the broadcast address from a IPv4 prefix
4123 *
4124 * Example:
4125@verbatim
4126%ip.v4.broadcast(%{Network-Prefix})
4127@endverbatim
4128 *
4129 * @ingroup xlat_functions
4130 */
4132 UNUSED request_t *request, fr_value_box_list_t *args)
4133{
4134 fr_value_box_t *subnet, *vb;
4135 XLAT_ARGS(args, &subnet);
4136
4137 MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_IPV4_ADDR, NULL));
4138 vb->vb_ip.addr.v4.s_addr = htonl( ntohl(subnet->vb_ip.addr.v4.s_addr) | (uint32_t)0xffffffff >> subnet->vb_ip.prefix);
4140
4141 return XLAT_ACTION_DONE;
4142}
4143
4145{
4146 *(void **) mctx->inst = mctx->uctx;
4147 return 0;
4148}
4149
4150/** Encode protocol attributes / options
4151 *
4152 * Returns octet string created from the provided pairs
4153 *
4154 * Example:
4155@verbatim
4156%dhcpv4.encode(&request[*])
4157@endverbatim
4158 *
4159 * @ingroup xlat_functions
4160 */
4162 xlat_ctx_t const *xctx,
4163 request_t *request, fr_value_box_list_t *args)
4164{
4165 fr_pair_t *vp;
4166 fr_dcursor_t *cursor;
4167 bool tainted = false;
4168 fr_value_box_t *encoded;
4169
4170 fr_dbuff_t *dbuff;
4171 ssize_t len = 0;
4172 fr_value_box_t *in_head;
4173 void *encode_ctx = NULL;
4174 fr_test_point_pair_encode_t const *tp_encode;
4175
4176 FR_DBUFF_TALLOC_THREAD_LOCAL(&dbuff, 2048, SIZE_MAX);
4177
4178 XLAT_ARGS(args, &in_head);
4179
4180 memcpy(&tp_encode, xctx->inst, sizeof(tp_encode)); /* const issues */
4181
4182 cursor = fr_value_box_get_cursor(in_head);
4183
4184 /*
4185 * Create the encoding context.
4186 */
4187 if (tp_encode->test_ctx) {
4188 if (tp_encode->test_ctx(&encode_ctx, cursor, request->proto_dict) < 0) {
4189 return XLAT_ACTION_FAIL;
4190 }
4191 }
4192
4193 /*
4194 * Loop over the attributes, encoding them.
4195 */
4196 RDEBUG2("Encoding attributes");
4197
4198 if (RDEBUG_ENABLED2) {
4199 RINDENT();
4200 for (vp = fr_dcursor_current(cursor);
4201 vp != NULL;
4202 vp = fr_dcursor_next(cursor)) {
4203 RDEBUG2("%pP", vp);
4204 }
4205 REXDENT();
4206 }
4207
4208 /*
4209 * Encoders advance the cursor, so we just need to feed
4210 * in the next pair. This was originally so we could
4211 * extend the output buffer, but with dbuffs that's
4212 * no longer necessary... we might want to refactor this
4213 * in future.
4214 */
4215 for (vp = fr_dcursor_head(cursor);
4216 vp != NULL;
4217 vp = fr_dcursor_current(cursor)) {
4218 /*
4219 *
4220 * Don't check for internal attributes, the
4221 * encoders can skip them if they need to, and the
4222 * internal encoder can encode anything, as can
4223 * things like CBOR.
4224 *
4225 * Don't check the dictionaries. By definition,
4226 * vp->da->dict==request->proto_dict, OR else we're
4227 * using the internal encoder and encoding a real
4228 * protocol.
4229 *
4230 * However, we likely still want a
4231 * dictionary-specific "is encodable" function,
4232 * as AKA/SIM and DHCPv6 encode "bool"s only if
4233 * their value is true.
4234 */
4235 len = tp_encode->func(dbuff, cursor, encode_ctx);
4236 if (len < 0) {
4237 RPEDEBUG("Protocol encoding failed");
4238 return XLAT_ACTION_FAIL;
4239 }
4240
4241 tainted |= vp->vp_tainted;
4242 }
4243
4244 /*
4245 * Pass the options string back to the caller.
4246 */
4247 MEM(encoded = fr_value_box_alloc_null(ctx));
4248 fr_value_box_memdup(encoded, encoded, NULL, fr_dbuff_start(dbuff), fr_dbuff_used(dbuff), tainted);
4249 fr_dcursor_append(out, encoded);
4250
4251 return XLAT_ACTION_DONE;
4252}
4253
4254static int xlat_protocol_register_by_name(dl_t *dl, char const *name, fr_dict_t const *dict)
4255{
4256 fr_test_point_pair_decode_t *tp_decode;
4257 fr_test_point_pair_encode_t *tp_encode;
4258 protocol_decode_xlat_uctx_t *decode_uctx;
4259 xlat_t *xlat;
4260 char buffer[256+32];
4261
4262 /*
4263 * See if there's a decode function for it.
4264 */
4265 snprintf(buffer, sizeof(buffer), "%s_tp_decode_pair", name);
4266 tp_decode = dlsym(dl->handle, buffer);
4267 if (tp_decode) {
4268 snprintf(buffer, sizeof(buffer), "%s.decode", name);
4269
4270 /* May be called multiple times, so just skip protocols we've already registered */
4271 if (xlat_func_find(buffer, -1)) return 1;
4272
4273 if (unlikely((xlat = xlat_func_register(NULL, buffer, protocol_decode_xlat, FR_TYPE_UINT32)) == NULL)) return -1;
4275 decode_uctx = talloc(xlat, protocol_decode_xlat_uctx_t);
4276 decode_uctx->tp_decode = tp_decode;
4277 decode_uctx->dict = dict;
4278 /* coverity[suspicious_sizeof] */
4281 }
4282
4283 /*
4284 * See if there's an encode function for it.
4285 */
4286 snprintf(buffer, sizeof(buffer), "%s_tp_encode_pair", name);
4287 tp_encode = dlsym(dl->handle, buffer);
4288 if (tp_encode) {
4289 snprintf(buffer, sizeof(buffer), "%s.encode", name);
4290
4291 if (xlat_func_find(buffer, -1)) return 1;
4292
4293 if (unlikely((xlat = xlat_func_register(NULL, buffer, protocol_encode_xlat, FR_TYPE_OCTETS)) == NULL)) return -1;
4295 /* coverity[suspicious_sizeof] */
4298 }
4299
4300 return 0;
4301}
4302
4303static int xlat_protocol_register(fr_dict_t const *dict)
4304{
4305 dl_t *dl = fr_dict_dl(dict);
4306 char *p, name[256];
4307
4308 /*
4309 * No library for this protocol, skip it.
4310 *
4311 * Protocol TEST has no libfreeradius-test, so that's OK.
4312 */
4313 if (!dl) return 0;
4314
4315 strlcpy(name, fr_dict_root(dict)->name, sizeof(name));
4316 for (p = name; *p != '\0'; p++) {
4317 *p = tolower((uint8_t) *p);
4318 }
4319
4320 return xlat_protocol_register_by_name(dl, name, dict != fr_dict_internal() ? dict : NULL);
4321}
4322
4324
4326{
4327 dl_t *dl;
4328
4329 cbor_loader = dl_loader_init(NULL, NULL, false, false);
4330 if (!cbor_loader) return 0;
4331
4332 dl = dl_by_name(cbor_loader, "libfreeradius-cbor", NULL, false);
4333 if (!dl) return 0;
4334
4335 if (xlat_protocol_register_by_name(dl, "cbor", NULL) < 0) return -1;
4336
4337 return 0;
4338}
4339
4340
4341/** Register xlats for any loaded dictionaries
4342 */
4344{
4345 fr_dict_t *dict;
4347
4348 for (dict = fr_dict_global_ctx_iter_init(&iter);
4349 dict != NULL;
4350 dict = fr_dict_global_ctx_iter_next(&iter)) {
4351 if (xlat_protocol_register(dict) < 0) return -1;
4352 }
4353
4354 /*
4355 * And the internal protocol, too.
4356 */
4357 if (xlat_protocol_register(fr_dict_internal()) < 0) return -1;
4358
4359 /*
4360 * And cbor stuff
4361 */
4362 if (xlat_protocol_register_cbor() < 0) return -1;
4363
4364 return 0;
4365}
4366
4367/** De-register all xlat functions we created
4368 *
4369 */
4370static int _xlat_global_free(UNUSED void *uctx)
4371{
4372 TALLOC_FREE(xlat_ctx);
4376
4377 return 0;
4378}
4379
4380/** Global initialisation for xlat
4381 *
4382 * @note Free memory with #xlat_free
4383 *
4384 * @return
4385 * - 0 on success.
4386 * - -1 on failure.
4387 *
4388 * @hidecallgraph
4389 */
4390static int _xlat_global_init(UNUSED void *uctx)
4391{
4392 xlat_t *xlat;
4393
4394 xlat_ctx = talloc_init("xlat");
4395 if (!xlat_ctx) return -1;
4396
4397 if (xlat_func_init() < 0) return -1;
4398
4399 /*
4400 * Lookup attributes used by virtual xlat expansions.
4401 */
4402 if (xlat_eval_init() < 0) return -1;
4403
4404 /*
4405 * Registers async xlat operations in the `unlang` interpreter.
4406 */
4408
4409 /*
4410 * These are all "pure" functions.
4411 */
4412#define XLAT_REGISTER_ARGS(_xlat, _func, _return_type, _args) \
4413do { \
4414 if (unlikely((xlat = xlat_func_register(xlat_ctx, _xlat, _func, _return_type)) == NULL)) return -1; \
4415 xlat_func_args_set(xlat, _args); \
4416 xlat_func_flags_set(xlat, XLAT_FUNC_FLAG_PURE | XLAT_FUNC_FLAG_INTERNAL); \
4417} while (0)
4418
4419#define XLAT_NEW(_x) xlat->replaced_with = _x
4420
4422
4425 XLAT_NEW("str.concat");
4426
4429 XLAT_NEW("str.split");
4430
4432
4435 XLAT_NEW("hmac.md5");
4436
4439 XLAT_NEW("hmac.sha1");
4440
4442 xlat->deprecated = true;
4443
4446 xlat->deprecated = true;
4447
4449
4452 XLAT_NEW("str.lpad");
4453
4456 XLAT_NEW("str.rpad");
4457
4460 XLAT_NEW("str.substr");
4461
4464
4465 /*
4466 * The inputs to these functions are variable.
4467 */
4468#undef XLAT_REGISTER_ARGS
4469#define XLAT_REGISTER_ARGS(_xlat, _func, _return_type, _args) \
4470do { \
4471 if (unlikely((xlat = xlat_func_register(xlat_ctx, _xlat, _func, _return_type)) == NULL)) return -1; \
4472 xlat_func_args_set(xlat, _args); \
4473 xlat_func_flags_set(xlat, XLAT_FUNC_FLAG_INTERNAL); \
4474} while (0)
4475
4476#undef XLAT_REGISTER_VOID
4477#define XLAT_REGISTER_VOID(_xlat, _func, _return_type) \
4478do { \
4479 if (unlikely((xlat = xlat_func_register(xlat_ctx, _xlat, _func, _return_type)) == NULL)) return -1; \
4480 xlat_func_flags_set(xlat, XLAT_FUNC_FLAG_INTERNAL); \
4481} while (0)
4482
4485 XLAT_NEW("pairs.debug");
4486
4494
4496 XLAT_NEW("pairs.immutable");
4498
4504
4506 XLAT_NEW("time.next");
4508
4510 XLAT_NEW("pairs.print");
4512
4514
4516#ifdef HAVE_REGEX_PCRE2
4517 xlat_func_instantiate_set(xlat, xlat_instantiate_subst_regex, xlat_subst_regex_inst_t, NULL, NULL);
4518#endif
4520 XLAT_NEW("str.subst");
4521#ifdef HAVE_REGEX_PCRE2
4522 xlat_func_instantiate_set(xlat, xlat_instantiate_subst_regex, xlat_subst_regex_inst_t, NULL, NULL);
4523#endif
4524
4525#ifndef NDEBUG
4527#endif
4528
4534
4538
4541 XLAT_NEW("str.rand");
4542
4544
4545 if (unlikely((xlat = xlat_func_register(xlat_ctx, "untaint", xlat_func_untaint, FR_TYPE_VOID)) == NULL)) return -1;
4548
4549 if (unlikely((xlat = xlat_func_register(xlat_ctx, "taint", xlat_func_taint, FR_TYPE_VOID)) == NULL)) return -1;
4552
4553 /*
4554 * All of these functions are pure.
4555 */
4556#define XLAT_REGISTER_PURE(_xlat, _func, _return_type, _arg) \
4557do { \
4558 if (unlikely((xlat = xlat_func_register(xlat_ctx, _xlat, _func, _return_type)) == NULL)) return -1; \
4559 xlat_func_args_set(xlat, _arg); \
4560 xlat_func_flags_set(xlat, XLAT_FUNC_FLAG_PURE | XLAT_FUNC_FLAG_INTERNAL); \
4561} while (0)
4562
4568 XLAT_NEW("hash.md4");
4569
4572 XLAT_NEW("hash.md4");
4573
4574 if (unlikely((xlat = xlat_func_register(xlat_ctx, "regex.match", xlat_func_regex, FR_TYPE_STRING)) == NULL)) return -1;
4577 if (unlikely((xlat = xlat_func_register(xlat_ctx, "regex", xlat_func_regex, FR_TYPE_STRING)) == NULL)) return -1;
4580 XLAT_NEW("regex.match");
4581
4582 {
4583 static xlat_arg_parser_t const xlat_regex_safe_args[] = {
4584 { .type = FR_TYPE_STRING, .variadic = true, .concat = true },
4586 };
4587
4588 static xlat_arg_parser_t const xlat_regex_escape_args[] = {
4589 { .type = FR_TYPE_STRING,
4590 .func = regex_xlat_escape, .safe_for = FR_REGEX_SAFE_FOR, .always_escape = true,
4591 .variadic = true, .concat = true },
4593 };
4594
4595 if (unlikely((xlat = xlat_func_register(xlat_ctx, "regex.safe",
4596 xlat_transparent, FR_TYPE_STRING)) == NULL)) return -1;
4598 xlat_func_args_set(xlat, xlat_regex_safe_args);
4599 xlat_func_safe_for_set(xlat, FR_REGEX_SAFE_FOR);
4600
4601 if (unlikely((xlat = xlat_func_register(xlat_ctx, "regex.escape",
4602 xlat_transparent, FR_TYPE_STRING)) == NULL)) return -1;
4604 xlat_func_args_set(xlat, xlat_regex_escape_args);
4605 xlat_func_safe_for_set(xlat, FR_REGEX_SAFE_FOR);
4606 }
4607
4608#define XLAT_REGISTER_HASH(_name, _func) do { \
4609 XLAT_REGISTER_PURE("hash." _name, _func, FR_TYPE_OCTETS, xlat_func_sha_arg); \
4610 XLAT_REGISTER_PURE(_name, _func, FR_TYPE_OCTETS, xlat_func_sha_arg); \
4611 XLAT_NEW("hash." _name); \
4612 } while (0)
4613
4615
4616#ifdef HAVE_OPENSSL_EVP_H
4617 XLAT_REGISTER_HASH("sha2_224", xlat_func_sha2_224);
4618 XLAT_REGISTER_HASH("sha2_256", xlat_func_sha2_256);
4619 XLAT_REGISTER_HASH("sha2_384", xlat_func_sha2_384);
4620 XLAT_REGISTER_HASH("sha2_512", xlat_func_sha2_512);
4621 XLAT_REGISTER_HASH("sha2", xlat_func_sha2_256);
4622
4623# ifdef HAVE_EVP_BLAKE2S256
4624 XLAT_REGISTER_HASH("blake2s_256", xlat_func_blake2s_256);
4625# endif
4626# ifdef HAVE_EVP_BLAKE2B512
4627 XLAT_REGISTER_HASH("blake2b_512", xlat_func_blake2b_512);
4628# endif
4629
4630 XLAT_REGISTER_HASH("sha3_224", xlat_func_sha3_224);
4631 XLAT_REGISTER_HASH("sha3_256", xlat_func_sha3_256);
4632 XLAT_REGISTER_HASH("sha3_384", xlat_func_sha3_384);
4633 XLAT_REGISTER_HASH("sha3_512", xlat_func_sha3_512);
4634 XLAT_REGISTER_HASH("sha3", xlat_func_sha3_256);
4635#endif
4636
4638 xlat->deprecated = true;
4640 XLAT_NEW("length");
4641
4644
4647 XLAT_NEW("str.lower");
4648
4651 XLAT_NEW("str.upper");
4652
4655 XLAT_NEW("url.quote");
4656
4659 XLAT_NEW("url.unquote");
4660
4662
4664}
4665
4667{
4668 int ret;
4669 fr_atexit_global_once_ret(&ret, _xlat_global_init, _xlat_global_free, NULL);
4670 return ret;
4671}
static int const char char buffer[256]
Definition acutest.h:576
int const char * file
Definition acutest.h:702
va_list args
Definition acutest.h:770
#define fr_base16_encode(_out, _in)
Definition base16.h:57
#define fr_base16_decode(_err, _out, _in, _no_trailing)
Definition base16.h:95
#define fr_base64_encode(_out, _in, _add_padding)
Definition base64.h:74
#define fr_base64_decode(_out, _in, _expect_padding, _no_trailing)
Definition base64.h:81
#define FR_BASE64_DEC_LENGTH(_inlen)
Definition base64.h:44
#define FR_BASE64_ENC_LENGTH(_inlen)
Encode/decode binary data using printable characters (base64 format)
Definition base64.h:43
static dl_t * dl
Definition fuzzer.c:42
static bool stop
Definition radmin.c:70
#define UNCONST(_type, _ptr)
Remove const qualification from a pointer.
Definition build.h:167
#define RCSID(id)
Definition build.h:485
#define L(_str)
Helper for initialising arrays of string literals.
Definition build.h:209
#define unlikely(_x)
Definition build.h:383
#define UNUSED
Definition build.h:317
#define NUM_ELEMENTS(_t)
Definition build.h:339
#define fr_dbuff_used(_dbuff_or_marker)
Return the number of bytes remaining between the start of the dbuff or marker and the current positio...
Definition dbuff.h:767
#define fr_dbuff_start(_dbuff_or_marker)
Return the 'start' position of a dbuff or marker.
Definition dbuff.h:898
#define FR_DBUFF_TALLOC_THREAD_LOCAL(_out, _init, _max)
Create a function local and thread local extensible dbuff.
Definition dbuff.h:556
#define FR_DBUFF_TMP(_start, _len_or_end)
Creates a compound literal to pass into functions which accept a dbuff.
Definition dbuff.h:514
static void * fr_dcursor_next(fr_dcursor_t *cursor)
Advanced the cursor to the next item.
Definition dcursor.h:290
static int fr_dcursor_append(fr_dcursor_t *cursor, void *v)
Insert a single item at the end of the list.
Definition dcursor.h:408
static void * fr_dcursor_current(fr_dcursor_t *cursor)
Return the item the cursor current points to.
Definition dcursor.h:339
static void * fr_dcursor_head(fr_dcursor_t *cursor)
Rewind cursor to the start of the list.
Definition dcursor.h:234
#define MEM(x)
Definition debug.h:36
fr_dict_t * fr_dict_global_ctx_iter_next(fr_dict_global_ctx_iter_t *iter)
Definition dict_util.c:4713
char const * name
Vendor name.
Definition dict.h:269
static fr_slen_t err
Definition dict.h:861
fr_dict_t * fr_dict_global_ctx_iter_init(fr_dict_global_ctx_iter_t *iter)
Iterate protocols by name.
Definition dict_util.c:4706
fr_dict_attr_t const * fr_dict_root(fr_dict_t const *dict)
Return the root attribute of a dictionary.
Definition dict_util.c:2496
dl_t * fr_dict_dl(fr_dict_t const *dict)
Definition dict_util.c:2506
uint32_t pen
Private enterprise number.
Definition dict.h:265
fr_dict_t const * fr_dict_internal(void)
Definition dict_util.c:4749
static fr_slen_t in
Definition dict.h:861
fr_dict_vendor_t const * fr_dict_vendor_by_da(fr_dict_attr_t const *da)
Look up a vendor by one of its child attributes.
Definition dict_util.c:2731
Private enterprise.
Definition dict.h:264
Test enumeration values.
Definition dict_test.h:92
dl_loader_t * dl_loader_init(TALLOC_CTX *ctx, void *uctx, bool uctx_free, bool defer_symbol_init)
Initialise structures needed by the dynamic linker.
Definition dl.c:885
dl_t * dl_by_name(dl_loader_t *dl_loader, char const *name, void *uctx, bool uctx_free)
Search for a dl's shared object in various locations.
Definition dl.c:470
A dynamic loader.
Definition dl.c:81
void * handle
Handle returned by dlopen.
Definition dl.h:62
Module handle.
Definition dl.h:58
static void * fr_dlist_head(fr_dlist_head_t const *list_head)
Return the HEAD item of a list or NULL if the list is empty.
Definition dlist.h:486
static unsigned int fr_dlist_num_elements(fr_dlist_head_t const *head)
Return the number of elements in the dlist.
Definition dlist.h:939
static void * fr_dlist_next(fr_dlist_head_t const *list_head, void const *ptr)
Get the next item in a list.
Definition dlist.h:555
void fr_bio_shutdown & my
Definition fd_errno.h:70
static xlat_action_t xlat_func_time_now(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, UNUSED request_t *request, UNUSED fr_value_box_list_t *args)
Return the current time as a FR_TYPE_DATE.
static xlat_action_t xlat_func_next_time(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *args)
Calculate number of seconds until the next n hour(s), day(s), week(s), year(s).
static xlat_action_t xlat_func_lpad(UNUSED TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *args)
lpad a string
static xlat_action_t xlat_func_bin(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *args)
Convert hex string to binary.
static xlat_action_t xlat_func_pairs_debug(UNUSED TALLOC_CTX *ctx, UNUSED fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *args)
Print out attribute info.
static xlat_action_t xlat_func_subst(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *args)
Perform regex substitution.
static xlat_action_t xlat_func_urlunquote(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *args)
URLdecode special characters.
static xlat_action_t xlat_func_base64_decode(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *args)
Decode base64 string.
static xlat_action_t xlat_func_hmac_md5(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, UNUSED request_t *request, fr_value_box_list_t *in)
Generate the HMAC-MD5 of a string or attribute.
static xlat_action_t xlat_func_base64_encode(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *args)
Encode string or attribute as base64.
static xlat_action_t xlat_func_log_info(UNUSED TALLOC_CTX *ctx, UNUSED fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *args)
Log something at INFO level.
static xlat_action_t xlat_func_log_warn(UNUSED TALLOC_CTX *ctx, UNUSED fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *args)
Log something at WARN level.
static xlat_action_t xlat_func_map(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *args)
Processes fmt as a map string and applies it to the current request.
static xlat_action_t protocol_decode_xlat(TALLOC_CTX *ctx, fr_dcursor_t *out, xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *in)
Decode any protocol attribute / options.
static xlat_action_t xlat_func_debug(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *args)
Dynamically change the debugging level for the current request.
static xlat_action_t xlat_func_log_debug(UNUSED TALLOC_CTX *ctx, UNUSED fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *args)
Log something at DEBUG level.
static xlat_action_t xlat_func_log_dst(UNUSED TALLOC_CTX *ctx, UNUSED fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *args)
Change the log destination to the named one.
static xlat_arg_parser_t const xlat_func_string_arg[]
Calculate any digest supported by OpenSSL EVP_MD.
static xlat_action_t xlat_func_concat(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *args)
Concatenate string representation of values of given attributes using separator.
static xlat_action_t xlat_func_urlquote(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, UNUSED request_t *request, fr_value_box_list_t *args)
URLencode special characters.
static xlat_action_t xlat_func_rpad(UNUSED TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *args)
Right pad a string.
static xlat_action_t xlat_func_md4(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, UNUSED request_t *request, fr_value_box_list_t *args)
Calculate the MD4 hash of a string or attribute.
static xlat_action_t xlat_func_explode(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *args)
Split a string into multiple new strings based on a delimiter.
static xlat_action_t xlat_func_pairs_print(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *args)
Encode attributes as a series of string attribute/value pairs.
static xlat_action_t xlat_func_time_request(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, UNUSED fr_value_box_list_t *args)
Return the request receive time as a FR_TYPE_DATE.
static xlat_action_t xlat_func_regex(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *in)
Get named subcapture value from previous regex.
static xlat_action_t xlat_func_substr(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *args)
Extract a substring from string / octets data.
static xlat_action_t xlat_func_length(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, UNUSED request_t *request, fr_value_box_list_t *in)
Return the on-the-wire size of the boxes in bytes.
static xlat_action_t xlat_func_immutable_attr(UNUSED TALLOC_CTX *ctx, UNUSED fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *args)
Mark one or more attributes as immutable.
static xlat_action_t xlat_func_rand(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, UNUSED request_t *request, fr_value_box_list_t *in)
Generate a random integer value.
static xlat_action_t xlat_func_log_err(UNUSED TALLOC_CTX *ctx, UNUSED fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *args)
Log something at DEBUG level.
static xlat_action_t xlat_func_hmac_sha1(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, UNUSED request_t *request, fr_value_box_list_t *in)
Generate the HMAC-SHA1 of a string or attribute.
static xlat_action_t xlat_func_eval(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *args)
Dynamically evaluate an expansion string.
static xlat_action_t xlat_func_time_is_dst(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, UNUSED request_t *request, UNUSED fr_value_box_list_t *args)
Return whether we are in daylight savings or not.
static xlat_action_t xlat_func_integer(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *args)
Print data as integer, not as VALUE.
static xlat_action_t xlat_func_time(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *args)
Return the time as a FR_TYPE_DATE.
static xlat_action_t xlat_func_toupper(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *in)
Convert a string to uppercase.
static xlat_action_t xlat_func_cast(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *args)
Cast one or more output value-boxes to the given type.
static xlat_action_t xlat_func_hex(UNUSED TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, UNUSED request_t *request, fr_value_box_list_t *args)
Print data as hex, not as VALUE.
static xlat_action_t xlat_func_md5(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, UNUSED request_t *request, fr_value_box_list_t *args)
Calculate the MD5 hash of a string or attribute.
static xlat_action_t xlat_func_subnet_netmask(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, UNUSED request_t *request, fr_value_box_list_t *args)
Calculate the subnet mask from a IPv4 prefix.
static xlat_action_t xlat_func_sha1(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, UNUSED request_t *request, fr_value_box_list_t *args)
Calculate the SHA1 hash of a string or attribute.
static xlat_action_t xlat_func_str_printable(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, UNUSED request_t *request, fr_value_box_list_t *args)
Return whether a string has only printable chars.
static xlat_action_t xlat_func_range(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *args)
Generate a range of uint64 numbers.
static xlat_action_t xlat_func_randstr(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *args)
Generate a string of random chars.
static xlat_action_t xlat_func_tolower(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *in)
Convert a string to lowercase.
static xlat_action_t xlat_func_subnet_broadcast(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, UNUSED request_t *request, fr_value_box_list_t *args)
Calculate the broadcast address from a IPv4 prefix.
static xlat_action_t xlat_func_str_utf8(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, UNUSED request_t *request, fr_value_box_list_t *args)
Return whether a string is valid UTF-8.
static xlat_action_t xlat_func_time_offset(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, UNUSED request_t *request, UNUSED fr_value_box_list_t *args)
Return the current time offset from gmt.
static xlat_action_t xlat_func_strlen(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, UNUSED request_t *request, fr_value_box_list_t *args)
Print length of given string.
static xlat_action_t protocol_encode_xlat(TALLOC_CTX *ctx, fr_dcursor_t *out, xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *args)
Encode protocol attributes / options.
Stores the state of the current iteration operation.
Definition hash.h:41
int fr_hmac_md5(uint8_t digest[MD5_DIGEST_LENGTH], uint8_t const *in, size_t inlen, uint8_t const *key, size_t key_len)
Calculate HMAC using internal MD5 implementation.
Definition hmac_md5.c:119
int fr_hmac_sha1(uint8_t digest[static SHA1_DIGEST_LENGTH], uint8_t const *in, size_t inlen, uint8_t const *key, size_t key_len)
Calculate HMAC using internal SHA1 implementation.
Definition hmac_sha1.c:124
TALLOC_CTX * unlang_interpret_frame_talloc_ctx(request_t *request)
Get a talloc_ctx which is valid only for this frame.
Definition interpret.c:1667
fr_event_list_t * unlang_interpret_event_list(request_t *request)
Get the event list for the current interpreter.
Definition interpret.c:2019
#define UNLANG_SUB_FRAME
Definition interpret.h:37
fr_log_t * log_dst_by_name(char const *name)
Get a logging destination by name.
Definition log.c:1072
#define PERROR(_fmt,...)
Definition log.h:228
#define REXDENT()
Exdent (unindent) R* messages by one level.
Definition log.h:443
#define RWDEBUG(fmt,...)
Definition log.h:361
#define RDEBUG_ENABLED3
True if request debug level 1-3 messages are enabled.
Definition log.h:335
#define REDEBUG3(fmt,...)
Definition log.h:373
#define RERROR(fmt,...)
Definition log.h:298
#define RPERROR(fmt,...)
Definition log.h:302
#define REMARKER(_str, _marker_idx, _marker,...)
Output string with error marker, showing where format error occurred.
Definition log.h:498
#define RINFO(fmt,...)
Definition log.h:296
#define RMARKER(_type, _lvl, _str, _marker_idx, _marker,...)
Output string with error marker, showing where format error occurred.
Definition log.h:469
#define RPEDEBUG(fmt,...)
Definition log.h:376
#define RDEBUG4(fmt,...)
Definition log.h:344
#define RDEBUG_ENABLED4
True if request debug level 1-4 messages are enabled.
Definition log.h:336
#define RIDEBUG2(fmt,...)
Definition log.h:352
#define REDEBUG2(fmt,...)
Definition log.h:372
#define RIDEBUG3(fmt,...)
Definition log.h:353
#define RINDENT()
Indent R* messages by one level.
Definition log.h:430
int map_to_vp(TALLOC_CTX *ctx, fr_pair_list_t *out, request_t *request, map_t const *map, UNUSED void *uctx)
Convert a map to a fr_pair_t.
Definition map.c:1593
int map_to_request(request_t *request, map_t const *map, radius_map_getvalue_t func, void *ctx)
Convert map_t to fr_pair_t (s) and add them to a request_t.
Definition map.c:1873
int map_afrom_attr_str(TALLOC_CTX *ctx, map_t **out, char const *vp_str, tmpl_rules_t const *lhs_rules, tmpl_rules_t const *rhs_rules)
Convert a value pair string to valuepair map.
Definition map.c:1428
talloc_free(reap)
@ L_DST_NULL
Discard log messages.
Definition log.h:83
@ L_DST_FILES
Log to a file on disk.
Definition log.h:79
@ L_DBG_LVL_DISABLE
Don't print messages.
Definition log.h:68
@ L_DBG_LVL_2
2nd highest priority debug messages (-xx | -X).
Definition log.h:71
@ L_DBG_LVL_MAX
Lowest priority debug messages (-xxxxx | -Xxxx).
Definition log.h:74
@ L_WARN
Warning.
Definition log.h:57
void fr_md4_calc(uint8_t out[static MD4_DIGEST_LENGTH], uint8_t const *in, size_t inlen)
Calculate the MD4 hash of the contents of a buffer.
Definition md4.c:515
#define MD4_DIGEST_LENGTH
Definition md4.h:25
#define MD5_DIGEST_LENGTH
unsigned short uint16_t
fr_type_t
@ FR_TYPE_TIME_DELTA
A period of time measured in nanoseconds.
@ FR_TYPE_FLOAT32
Single precision floating point.
@ FR_TYPE_IPV4_ADDR
32 Bit IPv4 Address.
@ FR_TYPE_INT8
8 Bit signed integer.
@ FR_TYPE_ETHERNET
48 Bit Mac-Address.
@ FR_TYPE_IPV6_PREFIX
IPv6 Prefix.
@ FR_TYPE_STRING
String of printable characters.
@ FR_TYPE_NULL
Invalid (uninitialised) attribute type.
@ FR_TYPE_UINT16
16 Bit unsigned integer.
@ FR_TYPE_INT64
64 Bit signed integer.
@ FR_TYPE_INT16
16 Bit signed integer.
@ FR_TYPE_DATE
Unix time stamp, always has value >2^31.
@ FR_TYPE_COMBO_IP_PREFIX
IPv4 or IPv6 address prefix depending on length.
@ FR_TYPE_UINT8
8 Bit unsigned integer.
@ FR_TYPE_UINT32
32 Bit unsigned integer.
@ FR_TYPE_INT32
32 Bit signed integer.
@ FR_TYPE_UINT64
64 Bit unsigned integer.
@ FR_TYPE_IPV6_ADDR
128 Bit IPv6 Address.
@ FR_TYPE_IPV4_PREFIX
IPv4 Prefix.
@ FR_TYPE_VOID
User data.
@ FR_TYPE_BOOL
A truth value.
@ FR_TYPE_SIZE
Unsigned integer capable of representing any memory address on the local system.
@ FR_TYPE_COMBO_IP_ADDR
IPv4 or IPv6 address depending on length.
@ FR_TYPE_IFID
Interface ID.
@ FR_TYPE_OCTETS
Raw octets.
@ FR_TYPE_GROUP
A grouping of other attributes.
@ FR_TYPE_FLOAT64
Double precision floating point.
unsigned int uint32_t
long int ssize_t
void fr_md5_calc(uint8_t out[static MD5_DIGEST_LENGTH], uint8_t const *in, size_t inlen)
Perform a single digest operation on a single input buffer.
unsigned char uint8_t
ssize_t fr_slen_t
long long int off_t
unsigned long int size_t
fr_sbuff_parse_error_t
size_t fr_snprint_uint128(char *out, size_t outlen, uint128_t const num)
Write 128bit unsigned integer to buffer.
Definition misc.c:370
struct tm * gmtime_r(time_t const *l_clock, struct tm *result)
Definition missing.c:201
struct tm * localtime_r(time_t const *l_clock, struct tm *result)
Definition missing.c:163
fr_slen_t fr_utf8_str(uint8_t const *str, ssize_t inlen)
Validate a complete UTF8 string.
Definition print.c:143
size_t fr_utf8_char(uint8_t const *str, ssize_t inlen)
Checks for utf-8, taken from http://www.w3.org/International/questions/qa-forms-utf-8.
Definition print.c:39
static fr_internal_encode_ctx_t encode_ctx
#define fr_assert(_expr)
Definition rad_assert.h:38
static bool done
Definition radclient.c:81
#define REDEBUG(fmt,...)
Definition radclient.h:52
#define RDEBUG_ENABLED2()
Definition radclient.h:50
#define RDEBUG2(fmt,...)
Definition radclient.h:54
#define RDEBUG(fmt,...)
Definition radclient.h:53
#define fill(_expr)
uint32_t fr_rand(void)
Return a 32-bit random number.
Definition rand.c:105
fr_dict_attr_t const * request_attr_request
Definition request.c:43
void request_log_prepend(request_t *request, fr_log_t *log_dst, fr_log_lvl_t lvl)
Prepend another logging destination to the list.
Definition request.c:92
#define RAD_REQUEST_LVL_NONE
No debug messages should be printed.
Definition request.h:312
static char const * name
char * fr_sbuff_adv_to_str(fr_sbuff_t *sbuff, size_t len, char const *needle, size_t needle_len)
Wind position to the first instance of the specified needle.
Definition sbuff.c:2020
char * fr_sbuff_adv_to_chr(fr_sbuff_t *sbuff, size_t len, char c)
Wind position to first instance of specified char.
Definition sbuff.c:1984
ssize_t fr_sbuff_in_bstrncpy(fr_sbuff_t *sbuff, char const *str, size_t len)
Copy bytes into the sbuff up to the first \0.
Definition sbuff.c:1483
bool fr_sbuff_next_if_char(fr_sbuff_t *sbuff, char c)
Return true if the current char matches, and if it does, advance.
Definition sbuff.c:2116
#define fr_sbuff_start(_sbuff_or_marker)
#define fr_sbuff_set(_dst, _src)
#define FR_SBUFF_IN(_start, _len_or_end)
#define fr_sbuff_adv_past_whitespace(_sbuff, _len, _tt)
#define fr_sbuff_current(_sbuff_or_marker)
char const * name
Name for rule set to aid we debugging.
Definition sbuff.h:202
#define FR_SBUFF(_sbuff_or_marker)
#define fr_sbuff_advance(_sbuff_or_marker, _len)
#define fr_sbuff_init_in(_out, _start, _len_or_end)
#define fr_sbuff_remaining(_sbuff_or_marker)
#define fr_sbuff_len(_sbuff_or_marker)
#define FR_SBUFF_OUT(_start, _len_or_end)
#define fr_sbuff_move(_out, _in, _len)
#define fr_sbuff_used(_sbuff_or_marker)
#define fr_sbuff_behind(_sbuff_or_marker)
#define fr_sbuff_ahead(_sbuff_or_marker)
#define FR_SBUFF_TALLOC_THREAD_LOCAL(_out, _init, _max)
Set of parsing rules for *unescape_until functions.
static char const * tmpl_type_to_str(tmpl_type_t type)
Return a static string containing the type name.
Definition tmpl.h:634
static fr_dict_attr_t const * tmpl_list(tmpl_t const *vpt)
Definition tmpl.h:904
@ TMPL_TYPE_ATTR
Reference to one or more attributes.
Definition tmpl.h:142
@ TMPL_TYPE_XLAT
Pre-parsed xlat expansion.
Definition tmpl.h:146
@ TMPL_TYPE_EXEC
Callout to an external script or program.
Definition tmpl.h:150
@ TMPL_TYPE_REGEX_XLAT_UNRESOLVED
A regular expression with unresolved xlat functions or attribute references.
Definition tmpl.h:197
@ TMPL_TYPE_DATA
Value in native boxed format.
Definition tmpl.h:138
@ TMPL_TYPE_DATA_UNRESOLVED
Unparsed literal string.
Definition tmpl.h:179
static fr_slen_t vpt
Definition tmpl.h:1269
tmpl_attr_rules_t attr
Rules/data for parsing attribute references.
Definition tmpl.h:335
static char const * tmpl_list_name(fr_dict_attr_t const *list, char const *def)
Return the name of a tmpl list or def if list not provided.
Definition tmpl.h:915
Optional arguments passed to vp_tmpl functions.
Definition tmpl.h:332
void fr_sha1_init(fr_sha1_ctx *context)
Definition sha1.c:93
void fr_sha1_final(uint8_t digest[static SHA1_DIGEST_LENGTH], fr_sha1_ctx *context)
Definition sha1.c:141
void fr_sha1_update(fr_sha1_ctx *context, uint8_t const *in, size_t len)
Definition sha1.c:105
#define SHA1_DIGEST_LENGTH
Definition sha1.h:29
static char buff[sizeof("18446744073709551615")+3]
Definition size_tests.c:41
PUBLIC int snprintf(char *string, size_t length, char *format, va_alist)
Definition snprintf.c:689
PRIVATE void strings()
eap_aka_sim_process_conf_t * inst
fr_aka_sim_id_type_t type
fr_pair_t * vp
#define fr_time()
Allow us to arbitrarily manipulate time.
Definition state_test.c:8
size_t strlcpy(char *dst, char const *src, size_t siz)
Definition strlcpy.c:34
Definition log.h:96
fr_log_t * parent
Log destination this was cloned from.
Definition log.h:121
fr_log_dst_t dst
Log destination.
Definition log.h:97
int fd
File descriptor to write messages to.
Definition log.h:112
char const * file
Path to log file.
Definition log.h:113
Value pair map.
Definition map.h:77
tmpl_t * lhs
Typically describes the attribute to add, modify or compare.
Definition map.h:78
tmpl_t * rhs
Typically describes a literal value or a src attribute to copy or compare.
Definition map.h:79
fr_dict_t const * dict_def
Default dictionary to use with unqualified attribute references.
Definition tmpl.h:273
Stores an attribute, a value and various bits of other data.
Definition pair.h:68
fr_dict_attr_t const *_CONST da
Dictionary attribute defines the attribute number, vendor and type of the pair.
Definition pair.h:69
char const * fr_syserror(int num)
Guaranteed to be thread-safe version of strerror.
Definition syserror.c:243
#define fr_table_value_by_str(_table, _name, _def)
Convert a string to a value using a sorted or ordered table.
Definition table.h:653
#define fr_table_value_by_substr(_table, _name, _name_len, _def)
Convert a partial string to a value using an ordered or sorted table.
Definition table.h:693
An element in an arbitrarily ordered array of name to num mappings.
Definition table.h:57
An element in a lexicographically sorted array of name to num mappings.
Definition table.h:49
char * talloc_bstrndup(TALLOC_CTX *ctx, char const *in, size_t inlen)
Binary safe strndup function.
Definition talloc.c:586
char * talloc_bstr_append(TALLOC_CTX *ctx, char *to, char const *from, size_t from_len)
Append a bstr to a bstr.
Definition talloc.c:614
#define talloc_get_type_abort_const
Definition talloc.h:287
fr_test_point_ctx_alloc_t test_ctx
Allocate a test ctx for the encoder.
Definition test_point.h:85
fr_test_point_ctx_alloc_t test_ctx
Allocate a test ctx for the encoder.
Definition test_point.h:93
fr_pair_decode_t func
Decoder for pairs.
Definition test_point.h:86
fr_pair_encode_t func
Encoder for pairs.
Definition test_point.h:94
Entry point for pair decoders.
Definition test_point.h:84
Entry point for pair encoders.
Definition test_point.h:92
bool fr_time_is_dst(void)
Whether or not we're daylight savings.
Definition time.c:1207
int fr_unix_time_from_str(fr_unix_time_t *date, char const *date_str, fr_time_res_t hint)
Convert string in various formats to a fr_unix_time_t.
Definition time.c:794
fr_time_delta_t fr_time_gmtoff(void)
Get the offset to gmt.
Definition time.c:1199
static int64_t fr_unix_time_to_sec(fr_unix_time_t delta)
Definition time.h:506
#define fr_time_delta_wrap(_time)
Definition time.h:152
@ FR_TIME_RES_SEC
Definition time.h:50
#define NSEC
Definition time.h:379
static uint64_t fr_unix_time_unwrap(fr_unix_time_t time)
Definition time.h:161
static fr_unix_time_t fr_time_to_unix_time(fr_time_t when)
Convert an fr_time_t (internal time) to our version of unix time (wallclock time)
Definition time.h:688
"Unix" time.
Definition time.h:95
close(uq->fd)
xlat_action_t unlang_xlat_yield(request_t *request, xlat_func_t resume, xlat_func_signal_t signal, fr_signal_t sigmask, void *rctx)
Yield a request back to the interpreter from within a module.
Definition xlat.c:548
int unlang_xlat_push(TALLOC_CTX *ctx, unlang_result_t *p_result, fr_value_box_list_t *out, request_t *request, xlat_exp_head_t const *xlat, bool top_frame)
Push a pre-compiled xlat onto the stack for evaluation.
Definition xlat.c:270
void unlang_xlat_init(void)
Register xlat operation with the interpreter.
Definition xlat.c:810
fr_type_t type
Type to cast argument to.
Definition xlat.h:155
uint8_t single
Argument must only contain a single box.
Definition xlat.h:148
bool xlat_is_literal(xlat_exp_head_t const *head)
Check to see if the expansion consists entirely of value-box elements.
#define XLAT_ARG_PARSER_CURSOR
Definition xlat.h:162
@ XLAT_ARG_VARIADIC_EMPTY_KEEP
Empty argument groups are left alone, and either passed through as empty groups or null boxes.
Definition xlat.h:137
@ XLAT_ARG_VARIADIC_EMPTY_SQUASH
Empty argument groups are removed.
Definition xlat.h:136
xlat_arg_parser_variadic_t variadic
All additional boxes should be processed using this definition.
Definition xlat.h:153
#define XLAT_RESULT_SUCCESS(_p_result)
Definition xlat.h:503
uint8_t required
Argument must be present, and non-empty.
Definition xlat.h:146
#define XLAT_ARGS(_list,...)
Populate local variables with value boxes from the input list.
Definition xlat.h:383
uint8_t concat
Concat boxes together.
Definition xlat.h:147
int xlat_resolve(xlat_exp_head_t *head, xlat_res_rules_t const *xr_rules)
Walk over an xlat tree recursively, resolving any unresolved functions or references.
#define XLAT_ARG_PARSER_TERMINATOR
Definition xlat.h:170
xlat_action_t
Definition xlat.h:37
@ XLAT_ACTION_FAIL
An xlat function failed.
Definition xlat.h:44
@ XLAT_ACTION_YIELD
An xlat function pushed a resume frame onto the stack.
Definition xlat.h:42
@ XLAT_ACTION_PUSH_UNLANG
An xlat function pushed an unlang frame onto the unlang stack.
Definition xlat.h:39
fr_slen_t xlat_tokenize_expression(TALLOC_CTX *ctx, xlat_exp_head_t **head, fr_sbuff_t *in, fr_sbuff_parse_rules_t const *p_rules, tmpl_rules_t const *t_rules))
Definition xlat_expr.c:3135
Definition for a single argument consumend by an xlat function.
Definition xlat.h:145
static fr_slen_t fr_pair_aprint(TALLOC_CTX *ctx, char **out, fr_dict_attr_t const *parent, fr_pair_t const *vp) 1(fr_pair_print
fr_pair_t * fr_pair_list_next(fr_pair_list_t const *list, fr_pair_t const *item))
Get the next item in a valuepair list after a specific entry.
Definition pair_inline.c:69
static void fr_pair_set_immutable(fr_pair_t *vp)
Definition pair.h:684
void fr_strerror_clear(void)
Clears all pending messages from the talloc pools.
Definition strerror.c:576
#define fr_strerror_printf(_fmt,...)
Log to thread local error buffer.
Definition strerror.h:64
fr_table_num_ordered_t const fr_type_table[]
Map data types to names representing those types.
Definition types.c:31
size_t fr_type_table_len
Definition types.c:87
@ FR_TYPE_ATTR
A contains an attribute reference.
Definition types.h:84
#define FR_TYPE_NON_LEAF
Definition types.h:319
#define fr_type_is_string(_x)
Definition types.h:349
#define fr_type_is_numeric(_x)
Definition types.h:383
#define FR_TYPE_STRUCTURAL
Definition types.h:317
#define fr_type_is_null(_x)
Definition types.h:348
#define fr_type_is_leaf(_x)
Definition types.h:394
static char const * fr_type_to_str(fr_type_t type)
Return a static string containing the type name.
Definition types.h:455
#define FR_TYPE_LEAF
Definition types.h:318
#define FR_TYPE_NUMERIC
Definition types.h:307
size_t fr_value_box_network_length(fr_value_box_t const *value)
Get the size of the value held by the fr_value_box_t.
Definition value.c:1430
void fr_value_box_mark_unsafe(fr_value_box_t *vb)
Mark a value-box as "unsafe".
Definition value.c:6835
ssize_t fr_value_box_list_concat_as_string(fr_value_box_t *safety, fr_sbuff_t *sbuff, fr_value_box_list_t *list, char const *sep, size_t sep_len, fr_sbuff_escape_rules_t const *e_rules, fr_value_box_list_action_t proc_action, fr_value_box_safe_for_t safe_for, bool flatten)
Concatenate a list of value boxes together.
Definition value.c:6051
ssize_t fr_value_box_print(fr_sbuff_t *out, fr_value_box_t const *data, fr_sbuff_escape_rules_t const *e_rules)
Print one boxed value to a string.
Definition value.c:5784
int fr_value_box_mem_alloc(TALLOC_CTX *ctx, uint8_t **out, fr_value_box_t *dst, fr_dict_attr_t const *enumv, size_t len, bool tainted)
Pre-allocate an octets buffer for filling by the caller.
Definition value.c:4733
int fr_value_box_cast(TALLOC_CTX *ctx, fr_value_box_t *dst, fr_type_t dst_type, fr_dict_attr_t const *dst_enumv, fr_value_box_t const *src)
Convert one type of fr_value_box_t to another.
Definition value.c:3730
char * fr_value_box_list_aprint(TALLOC_CTX *ctx, fr_value_box_list_t const *list, char const *delim, fr_sbuff_escape_rules_t const *e_rules)
Concatenate the string representations of a list of value boxes together.
Definition value.c:6536
int fr_value_box_mem_realloc(TALLOC_CTX *ctx, uint8_t **out, fr_value_box_t *dst, size_t len)
Change the length of a buffer already allocated to a value box.
Definition value.c:4766
void fr_value_box_list_untaint(fr_value_box_list_t *head)
Untaint every list member (and their children)
Definition value.c:6733
int fr_value_box_cast_in_place(TALLOC_CTX *ctx, fr_value_box_t *vb, fr_type_t dst_type, fr_dict_attr_t const *dst_enumv)
Convert one type of fr_value_box_t to another in place.
Definition value.c:3976
void fr_value_box_clear_value(fr_value_box_t *data)
Clear/free any existing value.
Definition value.c:4085
int fr_value_box_strdup(TALLOC_CTX *ctx, fr_value_box_t *dst, fr_dict_attr_t const *enumv, char const *src, bool tainted)
Copy a nul terminated string to a fr_value_box_t.
Definition value.c:4368
void fr_value_box_safety_copy_changed(fr_value_box_t *out, fr_value_box_t const *in)
Copy the safety values from one box to another.
Definition value.c:6878
void fr_value_box_safety_merge(fr_value_box_t *out, fr_value_box_t const *in)
Merge safety results.
Definition value.c:6887
void fr_value_box_strdup_shallow(fr_value_box_t *dst, fr_dict_attr_t const *enumv, char const *src, bool tainted)
Assign a buffer containing a nul terminated string to a box, but don't copy it.
Definition value.c:4477
void fr_value_box_safety_copy(fr_value_box_t *out, fr_value_box_t const *in)
Copy the safety values from one box to another.
Definition value.c:6865
int fr_value_box_bstr_alloc(TALLOC_CTX *ctx, char **out, fr_value_box_t *dst, fr_dict_attr_t const *enumv, size_t len, bool tainted)
Alloc and assign an empty \0 terminated string to a fr_value_box_t.
Definition value.c:4512
void fr_value_box_clear(fr_value_box_t *data)
Clear/free any existing value and metadata.
Definition value.c:4131
bool fr_value_box_list_tainted(fr_value_box_list_t const *head)
Check to see if any list members (or their children) are tainted.
Definition value.c:6702
int fr_value_box_bstr_realloc(TALLOC_CTX *ctx, char **out, fr_value_box_t *dst, size_t len)
Change the length of a buffer already allocated to a value box.
Definition value.c:4545
int fr_value_box_bstrndup(TALLOC_CTX *ctx, fr_value_box_t *dst, fr_dict_attr_t const *enumv, char const *src, size_t len, bool tainted)
Copy a string to to a fr_value_box_t.
Definition value.c:4589
int fr_value_box_bstrdup_buffer_shallow(TALLOC_CTX *ctx, fr_value_box_t *dst, fr_dict_attr_t const *enumv, char const *src, bool tainted)
Assign a talloced buffer containing a nul terminated string to a box, but don't copy it.
Definition value.c:4694
int fr_value_box_memdup(TALLOC_CTX *ctx, fr_value_box_t *dst, fr_dict_attr_t const *enumv, uint8_t const *src, size_t len, bool tainted)
Copy a buffer to a fr_value_box_t.
Definition value.c:4830
int fr_value_box_list_concat_in_place(TALLOC_CTX *ctx, fr_value_box_t *out, fr_value_box_list_t *list, fr_type_t type, fr_value_box_list_action_t proc_action, bool flatten, size_t max_size)
Concatenate a list of value boxes.
Definition value.c:6267
@ FR_VALUE_BOX_LIST_FREE
Definition value.h:239
@ FR_VALUE_BOX_LIST_FREE_BOX
Free each processed box.
Definition value.h:236
#define fr_value_box_list_foreach_safe(_list_head, _iter)
Definition value.h:225
#define fr_value_box_alloc(_ctx, _type, _enumv)
Allocate a value box of a specific type.
Definition value.h:643
#define fr_value_box_mark_safe_for(_box, _safe_for)
Definition value.h:1074
static fr_slen_t data
Definition value.h:1291
#define fr_value_box_is_safe_for(_box, _safe_for)
Definition value.h:1081
#define fr_box_is_variable_size(_x)
Definition value.h:463
#define fr_value_box_get_cursor(_dst)
Definition value.h:1216
#define VALUE_BOX_VERIFY(_x)
Definition value.h:1321
#define VALUE_BOX_LIST_VERIFY(_x)
Definition value.h:1322
int nonnull(2, 5))
#define fr_value_box_alloc_null(_ctx)
Allocate a value box for later use with a value assignment function.
Definition value.h:654
#define fr_value_box_list_foreach(_list_head, _iter)
Definition value.h:224
static size_t char ** out
Definition value.h:1023
#define fr_box_bool(_val)
Definition value.h:330
#define FR_VALUE_BOX_SAFE_FOR_ANY
Definition value.h:173
static xlat_arg_parser_t const xlat_func_bin_arg[]
static int xlat_protocol_register_cbor(void)
static xlat_arg_parser_t const xlat_func_map_arg[]
static xlat_action_t xlat_func_file_tail(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *args)
#define XLAT_REGISTER_VOID(_xlat, _func, _return_type)
static xlat_arg_parser_t const xlat_func_log_dst_args[]
static xlat_arg_parser_t const xlat_func_taint_args[]
static xlat_arg_parser_t const protocol_decode_xlat_args[]
static xlat_arg_parser_t const xlat_func_time_args[]
static xlat_arg_parser_t const xlat_func_base64_encode_arg[]
unlang_result_t last_result
static int _log_dst_free(fr_log_t *log)
static xlat_action_t xlat_hmac(TALLOC_CTX *ctx, fr_dcursor_t *out, fr_value_box_list_t *args, uint8_t *digest, int digest_len, hmac_type type)
static xlat_arg_parser_t const xlat_func_signal_raise_args[]
static xlat_arg_parser_t const xlat_func_log_arg[]
static xlat_arg_parser_t const xlat_func_sha_arg[]
static xlat_arg_parser_t const xlat_func_cast_args[]
hmac_type
@ HMAC_MD5
@ HMAC_SHA1
xlat_action_t xlat_transparent(UNUSED TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, UNUSED request_t *request, fr_value_box_list_t *args)
Common function to move boxes from input list to output list.
static xlat_arg_parser_t const xlat_func_hex_arg[]
static xlat_arg_parser_t const xlat_func_substr_args[]
static xlat_action_t xlat_func_file_exists(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, UNUSED request_t *request, fr_value_box_list_t *args)
static xlat_action_t xlat_func_file_head(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *args)
static xlat_action_t xlat_func_join(UNUSED TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, UNUSED request_t *request, fr_value_box_list_t *in)
Join a series of arguments to form a single list.
static xlat_arg_parser_t const xlat_func_subnet_args[]
#define XLAT_REGISTER_PURE(_xlat, _func, _return_type, _arg)
static xlat_arg_parser_t const xlat_func_str_printable_arg[]
static xlat_arg_parser_t const xlat_func_randstr_arg[]
static xlat_arg_parser_t const xlat_func_eval_arg[]
static xlat_arg_parser_t const xlat_func_subst_args[]
static xlat_arg_parser_t const xlat_func_explode_args[]
int xlat_protocols_register(void)
Register xlats for any loaded dictionaries.
static xlat_arg_parser_t const xlat_func_str_utf8_arg[]
#define REPETITION_MAX
void xlat_debug_attr_list(request_t *request, fr_pair_list_t const *list)
static const fr_sbuff_escape_rules_t xlat_filename_escape_dots
static dl_loader_t * cbor_loader
static xlat_arg_parser_t const xlat_change_case_arg[]
static xlat_arg_parser_t const xlat_func_strlen_arg[]
static int xlat_protocol_register(fr_dict_t const *dict)
static xlat_arg_parser_t const xlat_func_md5_arg[]
int xlat_global_init(void)
static xlat_arg_parser_t const xlat_func_urlquote_arg[]
static xlat_arg_parser_t const xlat_pair_cursor_args[]
static xlat_action_t xlat_func_file_size(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *args)
static void ungroup(fr_dcursor_t *out, fr_value_box_list_t *in)
static xlat_arg_parser_t const xlat_func_md4_arg[]
static int regex_xlat_escape(UNUSED request_t *request, fr_value_box_t *vb, UNUSED void *uctx)
static xlat_arg_parser_t const xlat_func_join_args[]
#define XLAT_NEW(_x)
static xlat_action_t xlat_eval_resume(UNUSED TALLOC_CTX *ctx, UNUSED fr_dcursor_t *out, xlat_ctx_t const *xctx, UNUSED request_t *request, UNUSED fr_value_box_list_t *in)
Just serves to push the result up the stack.
static xlat_action_t xlat_func_taint(UNUSED TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, UNUSED request_t *request, fr_value_box_list_t *in)
#define XLAT_REGISTER_HASH(_name, _func)
static xlat_arg_parser_t const xlat_func_debug_args[]
static char const hextab[]
#define FR_FILENAME_SAFE_FOR
static xlat_action_t xlat_func_signal_raise(UNUSED TALLOC_CTX *ctx, UNUSED fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *args)
static xlat_arg_parser_t const xlat_func_pad_args[]
fr_dict_t const * dict
Restrict xlat to this namespace.
static xlat_arg_parser_t const xlat_func_urlunquote_arg[]
static xlat_action_t xlat_func_file_touch(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *args)
fr_test_point_pair_decode_t * tp_decode
void xlat_debug_attr_vp(request_t *request, fr_pair_t *vp, tmpl_t const *vpt)
static xlat_arg_parser_t const xlat_func_rand_arg[]
static int filename_xlat_escape(UNUSED request_t *request, fr_value_box_t *vb, UNUSED void *uctx)
static xlat_arg_parser_t const xlat_func_concat_args[]
static xlat_arg_parser_t const xlat_func_file_name_count_args[]
static xlat_arg_parser_t const xlat_func_range_arg[]
static xlat_arg_parser_t const xlat_func_integer_args[]
static int _xlat_global_init(UNUSED void *uctx)
Global initialisation for xlat.
#define XLAT_REGISTER_ARGS(_xlat, _func, _return_type, _args)
static xlat_action_t xlat_func_untaint(UNUSED TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, UNUSED request_t *request, fr_value_box_list_t *in)
static xlat_action_t xlat_func_file_cat(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *args)
static xlat_action_t xlat_func_file_rm(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *args)
xlat_exp_head_t * ex
static xlat_arg_parser_t const xlat_func_length_args[]
static xlat_action_t xlat_change_case(UNUSED TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED request_t *request, fr_value_box_list_t *args, bool upper)
Change case of a string.
static xlat_action_t xlat_func_ungroup(UNUSED TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, UNUSED request_t *request, fr_value_box_list_t *in)
Ungroups all of its arguments into one flat list.
static int xlat_protocol_register_by_name(dl_t *dl, char const *name, fr_dict_t const *dict)
static xlat_arg_parser_t const xlat_func_file_cat_args[]
static int protocol_xlat_instantiate(xlat_inst_ctx_t const *mctx)
return XLAT_ACTION_DONE
static xlat_arg_parser_t const xlat_func_file_name_args[]
static TALLOC_CTX * xlat_ctx
static xlat_arg_parser_t const xlat_func_next_time_args[]
static int _xlat_global_free(UNUSED void *uctx)
De-register all xlat functions we created.
static const fr_sbuff_escape_rules_t xlat_filename_escape
static xlat_arg_parser_t const xlat_func_base64_decode_arg[]
static xlat_arg_parser_t const xlat_hmac_args[]
static xlat_arg_parser_t const xlat_func_regex_args[]
void * rctx
Resume context.
Definition xlat_ctx.h:54
xlat_exp_t const * ex
Tokenized expression.
Definition xlat_ctx.h:55
xlat_exp_t * ex
Tokenized expression to use in expansion.
Definition xlat_ctx.h:64
void const * inst
xlat instance data.
Definition xlat_ctx.h:50
void * uctx
Passed to the registration function.
Definition xlat_ctx.h:66
void * inst
xlat instance data to populate.
Definition xlat_ctx.h:63
An xlat calling ctx.
Definition xlat_ctx.h:49
An xlat instantiation ctx.
Definition xlat_ctx.h:62
fr_dict_attr_t const * xlat_time_res_attr(char const *res)
Definition xlat_eval.c:129
int xlat_eval_init(void)
Definition xlat_eval.c:1943
void xlat_eval_free(void)
Definition xlat_eval.c:1968
int xlat_register_expressions(void)
Definition xlat_expr.c:1858
void xlat_func_free(void)
Definition xlat_func.c:563
void xlat_func_flags_set(xlat_t *x, xlat_func_flags_t flags)
Specify flags that alter the xlat's behaviour.
Definition xlat_func.c:399
int xlat_func_args_set(xlat_t *x, xlat_arg_parser_t const args[])
Register the arguments of an xlat.
Definition xlat_func.c:363
xlat_t * xlat_func_register(TALLOC_CTX *ctx, char const *name, xlat_func_t func, fr_type_t return_type)
Register an xlat function.
Definition xlat_func.c:216
int xlat_func_init(void)
Definition xlat_func.c:547
xlat_t * xlat_func_find(char const *in, ssize_t inlen)
Definition xlat_func.c:77
#define xlat_func_instantiate_set(_xlat, _instantiate, _inst_struct, _detach, _uctx)
Set a callback for global instantiation of xlat functions.
Definition xlat_func.h:93
#define xlat_func_safe_for_set(_xlat, _escaped)
Set the escaped values for output boxes.
Definition xlat_func.h:82
@ XLAT_FUNC_FLAG_PURE
Definition xlat_func.h:38
@ XLAT_FUNC_FLAG_INTERNAL
Definition xlat_func.h:39
int xlat_decode_value_box_list(TALLOC_CTX *ctx, fr_pair_list_t *out, request_t *request, void *decode_ctx, fr_pair_decode_t decode, fr_value_box_list_t *in)
Decode all of the value boxes into the output cursor.
Definition xlat_pair.c:90
@ XLAT_GROUP
encapsulated string of xlats
Definition xlat_priv.h:116
bool deprecated
this function was deprecated
Definition xlat_priv.h:68
xlat_type_t _CONST type
type of this expansion.
Definition xlat_priv.h:155
An xlat expansion node.
Definition xlat_priv.h:148