The FreeRADIUS server $Id: f3670dba8951ca10eb4948feb3dc3db9423a334f $
Loading...
Searching...
No Matches
xlat_builtin.c
Go to the documentation of this file.
1/*
2 * This program is free software; you can redistribute it and/or modify
3 * it under the terms of the GNU General Public License as published by
4 * the Free Software Foundation; either version 2 of the License, or
5 * (at your option) any later version.
6 *
7 * This program is distributed in the hope that it will be useful,
8 * but WITHOUT ANY WARRANTY; without even the implied warranty of
9 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
10 * GNU General Public License for more details.
11 *
12 * You should have received a copy of the GNU General Public License
13 * along with this program; if not, write to the Free Software
14 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
15 */
16
17/**
18 * $Id: b5942289d4e1d5a041d2e63fe589656fcddce29a $
19 *
20 * @file xlat_builtin.c
21 * @brief String expansion ("translation"). Baked in expansions.
22 *
23 * @copyright 2000,2006 The FreeRADIUS server project
24 * @copyright 2000 Alan DeKok (aland@freeradius.org)
25 */
26RCSID("$Id: b5942289d4e1d5a041d2e63fe589656fcddce29a $")
27
28/**
29 * @defgroup xlat_functions xlat expansion functions
30 */
31#include <freeradius-devel/server/base.h>
32#include <freeradius-devel/server/tmpl_dcursor.h>
33#include <freeradius-devel/server/main_config.h>
34#include <freeradius-devel/unlang/xlat_priv.h>
35
36#include <freeradius-devel/io/test_point.h>
37
38#include <freeradius-devel/util/base16.h>
39
40#ifdef HAVE_OPENSSL_EVP_H
41# include <freeradius-devel/tls/openssl_user_macros.h>
42# include <openssl/evp.h>
43#endif
44
45#include <sys/stat.h>
46#include <fcntl.h>
47
48static char const hextab[] = "0123456789abcdef";
49static TALLOC_CTX *xlat_ctx;
50
51typedef struct {
52 fr_test_point_pair_decode_t *tp_decode;
53 fr_dict_t const *dict; //!< Restrict xlat to this namespace
54} xlat_pair_decode_uctx_t;
55
56/** Copy an argument from the input list to the output cursor.
57 *
58 * For now we just move it. This utility function will let us have
59 * value-box cursors as input arguments.
60 *
61 * @param[in] ctx talloc ctx
62 * @param[out] out where the value-box will be stored
63 * @param[in] in input value-box list
64 * @param[in] vb the argument to copy
65 */
66void xlat_arg_copy_out(TALLOC_CTX *ctx, fr_dcursor_t *out, fr_value_box_list_t *in, fr_value_box_t *vb)
67{
68 fr_value_box_list_remove(in, vb);
69 if (talloc_parent(vb) != ctx) {
70 (void) talloc_steal(ctx, vb);
71 }
72 fr_dcursor_append(out, vb);
73}
74
75/*
76 * Regular xlat functions
77 */
78static xlat_arg_parser_t const xlat_func_debug_args[] = {
79 { .single = true, .type = FR_TYPE_INT8 },
80 XLAT_ARG_PARSER_TERMINATOR
81};
82
83/** Dynamically change the debugging level for the current request
84 *
85 * Example:
86@verbatim
87%debug(3)
88@endverbatim
89 *
90 * @ingroup xlat_functions
91 */
92static xlat_action_t xlat_func_debug(TALLOC_CTX *ctx, fr_dcursor_t *out,
93 UNUSED xlat_ctx_t const *xctx,
94 request_t *request, fr_value_box_list_t *args)
95{
96 int level = 0;
97 fr_value_box_t *vb, *lvl_vb;
98
99 XLAT_ARGS(args, &lvl_vb);
100
101 /*
102 * Expand to previous (or current) level
103 */
104 MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_INT8, NULL));
105 vb->vb_int8 = request->log.lvl;
106 fr_dcursor_append(out, vb);
107
108 /*
109 * Assume we just want to get the current value and NOT set it to 0
110 */
111 if (!lvl_vb) goto done;
112
113 level = lvl_vb->vb_int8;
114 if (level == 0) {
115 request->log.lvl = RAD_REQUEST_LVL_NONE;
116 } else {
117 if (level > L_DBG_LVL_MAX) level = L_DBG_LVL_MAX;
118 request->log.lvl = level;
119 }
120
121done:
122 return XLAT_ACTION_DONE;
123}
124
125
126static void xlat_debug_attr_vp(request_t *request, fr_pair_t const *vp,
127 fr_dict_attr_t const *da);
128
129static void xlat_debug_attr_list(request_t *request, fr_pair_list_t const *list,
130 fr_dict_attr_t const *parent)
131{
132 fr_pair_t *vp;
133
134 for (vp = fr_pair_list_next(list, NULL);
135 vp != NULL;
136 vp = fr_pair_list_next(list, vp)) {
137 xlat_debug_attr_vp(request, vp, parent);
138 }
139}
140
141
146
147static void xlat_debug_attr_vp(request_t *request, fr_pair_t const *vp,
148 fr_dict_attr_t const *parent)
149{
150 fr_dict_vendor_t const *vendor;
151 fr_table_num_ordered_t const *type;
152 size_t i;
153 ssize_t slen;
154 fr_sbuff_t sbuff;
155 char buffer[1024];
156
157 sbuff = FR_SBUFF_OUT(buffer, sizeof(buffer));
158
159 /*
160 * Squash the names down if necessary.
161 */
162 if (!RDEBUG_ENABLED3) {
163 slen = fr_pair_print_name(&sbuff, parent, &vp);
164 } else {
165 slen = fr_sbuff_in_sprintf(&sbuff, "%s %s ", vp->da->name, fr_tokens[vp->op]);
166 }
167 if (slen <= 0) return;
168
169 switch (vp->vp_type) {
170 case FR_TYPE_STRUCTURAL:
171 RIDEBUG2("%s{", buffer);
172 RINDENT();
173 xlat_debug_attr_list(request, &vp->vp_group, vp->da);
174 REXDENT();
175 RIDEBUG2("}");
176 break;
177
178 default:
179 RIDEBUG2("%s%pV", buffer, &vp->data);
180 }
181
182 if (!RDEBUG_ENABLED3) return;
183
184 RINDENT();
185 RIDEBUG3("da : %p", vp->da);
186 RIDEBUG3("is_raw : %pV", fr_box_bool(vp->vp_raw));
187 RIDEBUG3("is_unknown : %pV", fr_box_bool(vp->da->flags.is_unknown));
188
189 if (RDEBUG_ENABLED3) {
190 RIDEBUG3("parent : %s (%p)", vp->da->parent->name, vp->da->parent);
191 } else {
192 RIDEBUG2("parent : %s", vp->da->parent->name);
193 }
194 RIDEBUG3("attr : %u", vp->da->attr);
195 vendor = fr_dict_vendor_by_da(vp->da);
196 if (vendor) RIDEBUG2("vendor : %u (%s)", vendor->pen, vendor->name);
197 RIDEBUG3("type : %s", fr_type_to_str(vp->vp_type));
198
199 switch (vp->vp_type) {
200 case FR_TYPE_LEAF:
201 if (fr_box_is_variable_size(&vp->data)) {
202 RIDEBUG3("length : %zu", vp->vp_length);
203 }
204 RIDEBUG3("tainted : %pV", fr_box_bool(vp->data.tainted));
205 break;
206 default:
207 break;
208 }
209
210 if (!RDEBUG_ENABLED4) {
211 REXDENT();
212 return;
213 }
214
215 for (i = 0; i < fr_type_table_len; i++) {
216 int pad;
217
218 fr_value_box_t *dst = NULL;
219
220 type = &fr_type_table[i];
221
222 if ((fr_type_t) type->value == vp->vp_type) goto next_type;
223
224 /*
225 * Don't cast TO structural, or FROM structural types.
226 */
227 if (!fr_type_is_leaf(type->value) || !fr_type_is_leaf(vp->vp_type)) goto next_type;
228
229 MEM(dst = fr_value_box_acopy(NULL, &vp->data));
230
231 /* We expect some to fail */
232 if (fr_value_box_cast_in_place(dst, dst, type->value, NULL) < 0) {
233 goto next_type;
234 }
235
236 if ((pad = (11 - type->name.len)) < 0) pad = 0;
237
238 RINDENT();
239 RDEBUG4("as %s%*s: %pV", type->name.str, pad, " ", dst);
240 REXDENT();
241
242 next_type:
243 talloc_free(dst);
244 }
245
246 REXDENT();
247}
248
249/** Common function to move boxes from input list to output list
250 *
251 * This can be used to implement safe_for functions, as the xlat framework
252 * can be used for concatenation, casting, and marking up output boxes as
253 * safe_for.
254 */
255xlat_action_t xlat_transparent(TALLOC_CTX *ctx, fr_dcursor_t *out,
256 UNUSED xlat_ctx_t const *xctx,
257 UNUSED request_t *request, fr_value_box_list_t *args)
258{
259 fr_value_box_list_foreach(args, vb) {
260 xlat_arg_copy_out(ctx, out, args, vb);
261 }
262
263 return XLAT_ACTION_DONE;
264}
265
266/** Print out attribute info
267 *
268 * Prints out all instances of a current attribute, or all attributes in a list.
269 *
270 * At higher debugging levels, also prints out alternative decodings of the same
271 * value. This is helpful to determine types for unknown attributes of long
272 * passed vendors, or just crazy/broken NAS.
273 *
274 * This expands to a zero length string.
275 *
276 * Example:
277@verbatim
278%pairs.debug(&request)
279@endverbatim
280 *
281 * @ingroup xlat_functions
282 */
283static xlat_action_t xlat_func_pairs_debug(UNUSED TALLOC_CTX *ctx, UNUSED fr_dcursor_t *out,
284 UNUSED xlat_ctx_t const *xctx,
285 request_t *request, fr_value_box_list_t *args)
286{
287 fr_pair_t *vp;
288 fr_dcursor_t *cursor;
289 fr_value_box_t *in_head;
290
291 XLAT_ARGS(args, &in_head);
292
293 if (!RDEBUG_ENABLED2) return XLAT_ACTION_DONE; /* NOOP if debugging isn't enabled */
294
295 cursor = fr_value_box_get_cursor(in_head);
296
297 RDEBUG("Attributes matching \"%s\"", in_head->vb_cursor_name);
298
299 RINDENT();
300 for (vp = fr_dcursor_current(cursor);
301 vp;
302 vp = fr_dcursor_next(cursor)) {
303 xlat_debug_attr_vp(request, vp, NULL);
304 }
305 REXDENT();
306
307 return XLAT_ACTION_DONE;
308}
309
310#ifdef __clang__
311#pragma clang diagnostic ignored "-Wgnu-designator"
312#endif
313
314#define FR_FILENAME_SAFE_FOR ((uintptr_t) filename_xlat_escape)
315
316static int CC_HINT(nonnull(2,3)) filename_xlat_escape(UNUSED request_t *request, fr_value_box_t *vb, UNUSED void *uctx)
317{
318 fr_sbuff_t *out = NULL;
319 fr_value_box_entry_t entry;
320
321 FR_SBUFF_TALLOC_THREAD_LOCAL(&out, 256, 4096);
322
323 /*
324 * Integers are just numbers, so they don't need to be escaped.
325 *
326 * Except that FR_TYPE_INTEGER includes 'date' and 'time_delta', which is annoying.
327 *
328 * 'octets' get printed as hex, so they don't need to be escaped.
329 */
330 switch (vb->type) {
331 case FR_TYPE_BOOL:
332 case FR_TYPE_UINT8:
333 case FR_TYPE_UINT16:
334 case FR_TYPE_UINT32:
335 case FR_TYPE_UINT64:
336 case FR_TYPE_INT8:
337 case FR_TYPE_INT16:
338 case FR_TYPE_INT32:
339 case FR_TYPE_INT64:
340 case FR_TYPE_SIZE:
341 case FR_TYPE_OCTETS:
342 return 0;
343
344 case FR_TYPE_NON_LEAF:
345 fr_assert(0);
346 return -1;
347
348 case FR_TYPE_DATE:
349 case FR_TYPE_TIME_DELTA:
350 case FR_TYPE_IFID:
351 case FR_TYPE_ETHERNET:
352 case FR_TYPE_FLOAT32:
353 case FR_TYPE_FLOAT64:
354 case FR_TYPE_COMBO_IP_ADDR:
355 case FR_TYPE_COMBO_IP_PREFIX:
356 case FR_TYPE_IPV4_ADDR:
357 case FR_TYPE_IPV4_PREFIX:
358 case FR_TYPE_IPV6_ADDR:
359 case FR_TYPE_IPV6_PREFIX:
360 case FR_TYPE_ATTR:
361 /*
362 * Printing prefixes etc. does NOT result in the escape function being called! So
363 * instead, we cast the results to a string, and then escape the string.
364 */
365 if (fr_value_box_cast_in_place(vb, vb, FR_TYPE_STRING, NULL) < 0) return -1;
366
367 fr_value_box_print(out, vb, &fr_filename_escape);
368 break;
369
370 case FR_TYPE_STRING:
371 /*
372 * Note that we set ".always_escape" in the function arguments, so that we get called for
373 * IP addresses. Otherwise, the xlat evaluator and/or the list_concat_as_string
374 * functions won't call us. And the expansion will return IP addresses with '/' in them.
375 * Which is not what we want.
376 */
377 if (fr_value_box_is_safe_for(vb, FR_FILENAME_SAFE_FOR)) return 1;
378
379 /*
380 * If the tainted string has a leading '.', then escape _all_ periods in it. This is so that we
381 * don't accidentally allow a "safe" value to end with '/', and then an "unsafe" value contains
382 * "..", and we now have a directory traversal attack.
383 *
384 * The escape rules will escape '/' in unsafe strings, so there's no possibility for an unsafe
385 * string to either end with a '/', or to contain "/.." itself.
386 *
387 * Allowing '.' in the middle of the string means we can have filenames based on realms, such as
388 * "log/aland@freeradius.org".
389 */
390 if (vb->vb_strvalue[0] == '.') {
391 fr_value_box_print(out, vb, &fr_filename_escape_dots);
392 } else {
393 fr_value_box_print(out, vb, &fr_filename_escape);
394 }
395
396 break;
397 }
398
399 entry = vb->entry;
400 fr_value_box_clear(vb);
401 (void) fr_value_box_bstrndup(vb, vb, NULL, fr_sbuff_start(out), fr_sbuff_used(out), false);
402 vb->entry = entry;
403
404 return 0;
405}
406
407static xlat_arg_parser_t const xlat_func_file_name_args[] = {
408 { .required = true, .concat = true, .type = FR_TYPE_STRING,
409 .func = filename_xlat_escape, .safe_for = FR_FILENAME_SAFE_FOR, .always_escape = true },
410 XLAT_ARG_PARSER_TERMINATOR
411};
412
413static xlat_arg_parser_t const xlat_func_file_name_count_args[] = {
414 { .required = true, .concat = true, .type = FR_TYPE_STRING,
415 .func = filename_xlat_escape, .safe_for = FR_FILENAME_SAFE_FOR, .always_escape = true },
416 { .required = false, .type = FR_TYPE_UINT32 },
417 XLAT_ARG_PARSER_TERMINATOR
418};
419
420
421/*
422 * Limit the %file...() functions to a particular subset of directories.
423 */
424static bool xlat_file_allowed(request_t *request, char const *filename, size_t len)
425{
426 size_t i, num_files;
427
428 if (!main_config->limit_files) return true;
429
430 num_files = talloc_array_length(main_config->limit_files);
431 if (!num_files) goto fail;
432
433 for (i = 0; i < num_files; i++) {
434 size_t alen = talloc_array_length(main_config->limit_files[i]);
435
436 /*
437 * The allowed directory is longer than the filename, it's not allowed.
438 */
439 if (alen > len) continue;
440
441 /*
442 * No leading match, it's not allowed.
443 */
444 if (memcmp(filename, main_config->limit_files[i], alen) != 0) continue;
445
446 if (alen == len) return true;
447
448 /*
449 * Setting "allow = foo/bar" does NOT mean that
450 * we allow "foo/bard". It MUST be "foo/bar/bad"
451 */
452 if (filename[alen] != '/') break;
453
454 return true;
455 }
456
457fail:
458 REDEBUG("Failed accessing file %s - it is outside of 'limit files { ... }'", filename);
459 return false;
460}
461
462#define XLAT_FILE_ALLOWED(_vb) xlat_file_allowed(request, (_vb)->vb_strvalue, (_vb)->vb_length)
463
464static xlat_action_t xlat_func_file_exists(TALLOC_CTX *ctx, fr_dcursor_t *out,
465 UNUSED xlat_ctx_t const *xctx,
466 UNUSED request_t *request, fr_value_box_list_t *args)
467{
468 fr_value_box_t *dst, *vb;
469 char const *filename;
470 struct stat buf;
471
472 XLAT_ARGS(args, &vb);
473 fr_assert(vb->type == FR_TYPE_STRING);
474 filename = vb->vb_strvalue;
475
476 if (!XLAT_FILE_ALLOWED(vb)) return XLAT_ACTION_FAIL;
477
478 MEM(dst = fr_value_box_alloc(ctx, FR_TYPE_BOOL, NULL));
479 fr_dcursor_append(out, dst);
480
481 dst->vb_bool = (stat(filename, &buf) == 0);
482
483 return XLAT_ACTION_DONE;
484}
485
486
487static xlat_action_t xlat_func_file_head(TALLOC_CTX *ctx, fr_dcursor_t *out,
488 UNUSED xlat_ctx_t const *xctx,
489 request_t *request, fr_value_box_list_t *args)
490{
491 fr_value_box_t *dst, *vb;
492 char const *filename;
493 ssize_t len;
494 int fd;
495 char *p, buffer[256];
496
497 XLAT_ARGS(args, &vb);
498 fr_assert(vb->type == FR_TYPE_STRING);
499 filename = vb->vb_strvalue;
500
501 if (!XLAT_FILE_ALLOWED(vb)) return XLAT_ACTION_FAIL;
502
503 fd = open(filename, O_RDONLY);
504 if (fd < 0) {
505 REDEBUG3("Failed opening file %s - %s", filename, fr_syserror(errno));
506 return XLAT_ACTION_FAIL;
507 }
508
509 len = read(fd, buffer, sizeof(buffer));
510 if (len < 0) {
511 REDEBUG3("Failed reading file %s - %s", filename, fr_syserror(errno));
512 close(fd);
513 return XLAT_ACTION_FAIL;
514 }
515
516 /*
517 * Find the first CR/LF, but bail if we get any weird characters.
518 */
519 for (p = buffer; p < (buffer + len); p++) {
520 if ((*p == '\r') || (*p == '\n')) {
521 break;
522 }
523
524 if ((*p < ' ') && (*p != '\t')) {
525 invalid:
526 REDEBUG("Invalid text in file %s", filename);
527 close(fd);
528 return XLAT_ACTION_FAIL;
529 }
530 }
531
532 if ((p - buffer) > len) goto invalid;
533 close(fd);
534
535 MEM(dst = fr_value_box_alloc(ctx, FR_TYPE_STRING, NULL));
536 if (fr_value_box_bstrndup(dst, dst, NULL, buffer, p - buffer, false) < 0) {
537 talloc_free(dst);
538 return XLAT_ACTION_FAIL;
539 }
540
541 fr_dcursor_append(out, dst);
542
543 return XLAT_ACTION_DONE;
544}
545
546
547static xlat_action_t xlat_func_file_size(TALLOC_CTX *ctx, fr_dcursor_t *out,
548 UNUSED xlat_ctx_t const *xctx,
549 request_t *request, fr_value_box_list_t *args)
550{
551 fr_value_box_t *dst, *vb;
552 char const *filename;
553 struct stat buf;
554
555 XLAT_ARGS(args, &vb);
556 fr_assert(vb->type == FR_TYPE_STRING);
557 filename = vb->vb_strvalue;
558
559 if (!XLAT_FILE_ALLOWED(vb)) return XLAT_ACTION_FAIL;
560
561 if (stat(filename, &buf) < 0) {
562 REDEBUG3("Failed checking file %s - %s", filename, fr_syserror(errno));
563 return XLAT_ACTION_FAIL;
564 }
565
566 MEM(dst = fr_value_box_alloc(ctx, FR_TYPE_UINT64, NULL)); /* off_t is signed, but file sizes shouldn't be negative */
567 fr_dcursor_append(out, dst);
568
569 dst->vb_uint64 = buf.st_size;
570
571 return XLAT_ACTION_DONE;
572}
573
574
575static xlat_action_t xlat_func_file_tail(TALLOC_CTX *ctx, fr_dcursor_t *out,
576 UNUSED xlat_ctx_t const *xctx,
577 request_t *request, fr_value_box_list_t *args)
578{
579 fr_value_box_t *dst, *vb, *num = NULL;
580 char const *filename;
581 ssize_t len;
582 off_t offset;
583 int fd;
584 int crlf, stop = 1;
585 char *p, *end, *found, buffer[256];
586
587 XLAT_ARGS(args, &vb, &num);
588 fr_assert(vb->type == FR_TYPE_STRING);
589 filename = vb->vb_strvalue;
590
591 if (!XLAT_FILE_ALLOWED(vb)) return XLAT_ACTION_FAIL;
592
593 fd = open(filename, O_RDONLY);
594 if (fd < 0) {
595 REDEBUG3("Failed opening file %s - %s", filename, fr_syserror(errno));
596 return XLAT_ACTION_FAIL;
597 }
598
599 offset = lseek(fd, 0, SEEK_END);
600 if (offset < 0) {
601 REDEBUG3("Failed seeking to end of file %s - %s", filename, fr_syserror(errno));
602 goto fail;
603 }
604
605 if (offset > (off_t) sizeof(buffer)) {
606 offset -= sizeof(buffer);
607 } else {
608 offset = 0;
609 }
610
611 if (lseek(fd, offset, SEEK_SET) < 0) {
612 REDEBUG3("Failed seeking backwards from end of file %s - %s", filename, fr_syserror(errno));
613 goto fail;
614 }
615
616 len = read(fd, buffer, sizeof(buffer));
617 if (len < 0) {
618 fail:
619 REDEBUG3("Failed reading file %s - %s", filename, fr_syserror(errno));
620 close(fd);
621 return XLAT_ACTION_FAIL;
622 }
623 close(fd);
624
625 found = buffer;
626 end = buffer + len;
627
628 /*
629 * No data, OR just one CR / LF, we print it all out.
630 */
631 if (len <= 1) goto done;
632
633 /*
634 * Clamp number of lines to a reasonable value. They
635 * still all have to fit into 256 characters, though.
636 *
637 * @todo - have a large thread-local temporary buffer for this stuff.
638 */
639 if (num) {
640 fr_assert(num->type == FR_TYPE_GROUP);
641 fr_assert(fr_value_box_list_num_elements(&num->vb_group) == 1);
642
643 num = fr_value_box_list_head(&num->vb_group);
644 fr_assert(num->type == FR_TYPE_UINT32);
645
646 if (!num->vb_uint32) {
647 stop = 1;
648
649 } else if (num->vb_uint32 <= 16) {
650 stop = num->vb_uint32;
651
652 } else {
653 stop = 16;
654 }
655 } else {
656 stop = 1;
657 }
658
659 p = end - 1;
660 crlf = 0;
661
662 /*
663 * Skip any trailing CRLF first.
664 */
665 while (p > buffer) {
666 /*
667 * Could be CRLF, or just LF.
668 */
669 if (*p == '\n') {
670 end = p;
671 p--;
672 if (p == buffer) {
673 goto done;
674 }
675 if (*p >= ' ') {
676 break;
677 }
678 }
679
680 if (*p == '\r') {
681 end = p;
682 p--;
683 break;
684 }
685
686 /*
687 * We've found CR, LF, or CRLF. The previous
688 * thing is either raw text, or is another CR/LF.
689 */
690 break;
691 }
692
693 found = p;
694
695 while (p > buffer) {
696 crlf++;
697
698 /*
699 * If the current line is empty, we can stop.
700 */
701 if ((crlf == stop) && (*found < ' ')) {
702 found++;
703 goto done;
704 }
705
706 while (*p >= ' ') {
707 found = p;
708 p--;
709 if (p == buffer) {
710 found = buffer;
711 goto done;
712 }
713 }
714 if (crlf == stop) {
715 break;
716 }
717
718 /*
719 * Check again for CRLF.
720 */
721 if (*p == '\n') {
722 p--;
723 if (p == buffer) {
724 break;
725 }
726 if (*p >= ' ') {
727 continue;
728 }
729 }
730
731 if (*p == '\r') {
732 p--;
733 if (p == buffer) {
734 break;
735 }
736 continue;
737 }
738 }
739
740done:
741
742 /*
743 * @todo - return a _list_ of value-boxes, one for each line in the file.
744 * Which means chopping off each CRLF in the file
745 */
746
747 MEM(dst = fr_value_box_alloc(ctx, FR_TYPE_STRING, NULL));
748 if (fr_value_box_bstrndup(dst, dst, NULL, found, (size_t) (end - found), false) < 0) {
749 talloc_free(dst);
750 return XLAT_ACTION_FAIL;
751 }
752
753 fr_dcursor_append(out, dst);
754
755 return XLAT_ACTION_DONE;
756}
757
758static xlat_arg_parser_t const xlat_func_file_cat_args[] = {
759 { .required = true, .concat = true, .type = FR_TYPE_STRING,
760 .func = filename_xlat_escape, .safe_for = FR_FILENAME_SAFE_FOR, .always_escape = true },
761 { .required = true, .type = FR_TYPE_SIZE, .single = true },
762 XLAT_ARG_PARSER_TERMINATOR
763};
764
765static xlat_action_t xlat_func_file_cat(TALLOC_CTX *ctx, fr_dcursor_t *out,
766 UNUSED xlat_ctx_t const *xctx,
767 request_t *request, fr_value_box_list_t *args)
768{
769 fr_value_box_t *dst, *vb, *max_size;
770 char const *filename;
771 ssize_t len;
772 int fd;
773 struct stat buf;
774 uint8_t *buffer;
775
776 XLAT_ARGS(args, &vb, &max_size);
777 fr_assert(vb->type == FR_TYPE_STRING);
778 filename = vb->vb_strvalue;
779
780 if (!XLAT_FILE_ALLOWED(vb)) return XLAT_ACTION_FAIL;
781
782 fd = open(filename, O_RDONLY);
783 if (fd < 0) {
784 RPERROR("Failed opening file %s - %s", filename, fr_syserror(errno));
785 return XLAT_ACTION_FAIL;
786 }
787
788 if (fstat(fd, &buf) < 0) {
789 RPERROR("Failed checking file %s - %s", filename, fr_syserror(errno));
790 fail:
791 close(fd);
792 return XLAT_ACTION_FAIL;
793 }
794
795 if ((size_t)buf.st_size > max_size->vb_size) {
796 RPERROR("File larger than specified maximum (%"PRIu64" vs %zu)", buf.st_size, max_size->vb_size);
797 goto fail;
798 }
799
800 MEM(dst = fr_value_box_alloc(ctx, FR_TYPE_OCTETS, NULL));
801 fr_value_box_mem_alloc(dst, &buffer, dst, NULL, buf.st_size, true);
802
803 len = read(fd, buffer, buf.st_size);
804 if (len < 0) {
805 RPERROR("Failed reading file %s - %s", filename, fr_syserror(errno));
806 talloc_free(dst);
807 goto fail;
808 }
809 close(fd);
810
811 if (len < buf.st_size) {
812 RPERROR("Failed reading all of file %s", filename);
813 talloc_free(dst);
814 return XLAT_ACTION_FAIL;
815 }
816
817 fr_dcursor_append(out, dst);
818
819 return XLAT_ACTION_DONE;
820}
821
822static xlat_action_t xlat_func_file_rm(TALLOC_CTX *ctx, fr_dcursor_t *out,
823 UNUSED xlat_ctx_t const *xctx,
824 request_t *request, fr_value_box_list_t *args)
825{
826 fr_value_box_t *dst, *vb;
827 char const *filename;
828
829 XLAT_ARGS(args, &vb);
830 fr_assert(vb->type == FR_TYPE_STRING);
831 filename = vb->vb_strvalue;
832
833 if (!XLAT_FILE_ALLOWED(vb)) return XLAT_ACTION_FAIL;
834
835 MEM(dst = fr_value_box_alloc(ctx, FR_TYPE_BOOL, NULL));
836 fr_dcursor_append(out, dst);
837
838 dst->vb_bool = (unlink(filename) == 0);
839 if (!dst->vb_bool) {
840 REDEBUG3("Failed unlinking file %s - %s", filename, fr_syserror(errno));
841 }
842
843 return XLAT_ACTION_DONE;
844}
845
846static xlat_action_t xlat_func_file_touch(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx,
847 request_t *request, fr_value_box_list_t *args)
848{
849 fr_value_box_t *dst, *vb;
850 char const *filename;
851 int fd;
852
853 XLAT_ARGS(args, &vb);
854 fr_assert(vb->type == FR_TYPE_STRING);
855 filename = vb->vb_strvalue;
856
857 if (!XLAT_FILE_ALLOWED(vb)) return XLAT_ACTION_FAIL;
858
859 MEM(dst = fr_value_box_alloc(ctx, FR_TYPE_BOOL, NULL));
860 fr_dcursor_append(out, dst);
861
862 fd = open(filename, O_CREAT | O_WRONLY, 0600);
863 if (fd < 0) {
864 dst->vb_bool = false;
865 REDEBUG3("Failed touching file %s - %s", filename, fr_syserror(errno));
866 return XLAT_ACTION_DONE;
867 }
868 dst->vb_bool = true;
869
870 close(fd);
871
872 return XLAT_ACTION_DONE;
873}
874
875static xlat_action_t xlat_func_file_mkdir(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx,
876 request_t *request, fr_value_box_list_t *args)
877{
878 fr_value_box_t *dst, *vb;
879 char const *dirname;
880
881 XLAT_ARGS(args, &vb);
882 fr_assert(vb->type == FR_TYPE_STRING);
883 dirname = vb->vb_strvalue;
884
885 if (!XLAT_FILE_ALLOWED(vb)) return XLAT_ACTION_FAIL;
886
887 MEM(dst = fr_value_box_alloc(ctx, FR_TYPE_BOOL, NULL));
888 fr_dcursor_append(out, dst);
889
890 dst->vb_bool = (fr_mkdir(NULL, dirname, -1, 0700, NULL, NULL) == 0);
891 if (!dst->vb_bool) {
892 REDEBUG3("Failed creating directory %s - %s", dirname, fr_syserror(errno));
893 }
894
895 return XLAT_ACTION_DONE;
896}
897
898static xlat_action_t xlat_func_file_rmdir(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx,
899 request_t *request, fr_value_box_list_t *args)
900{
901 fr_value_box_t *dst, *vb;
902 char const *dirname;
903
904 XLAT_ARGS(args, &vb);
905 fr_assert(vb->type == FR_TYPE_STRING);
906 dirname = vb->vb_strvalue;
907
908 if (!XLAT_FILE_ALLOWED(vb)) return XLAT_ACTION_FAIL;
909
910 MEM(dst = fr_value_box_alloc(ctx, FR_TYPE_BOOL, NULL));
911 fr_dcursor_append(out, dst);
912
913 dst->vb_bool = (rmdir(dirname) == 0);
914 if (!dst->vb_bool) {
915 REDEBUG3("Failed removing directory %s - %s", dirname, fr_syserror(errno));
916 }
917
918 return XLAT_ACTION_DONE;
919}
920
921static xlat_arg_parser_t const xlat_func_taint_args[] = {
922 { .required = true, .type = FR_TYPE_VOID },
923 { .variadic = XLAT_ARG_VARIADIC_EMPTY_KEEP, .type = FR_TYPE_VOID },
924 XLAT_ARG_PARSER_TERMINATOR
925};
926
927static xlat_action_t xlat_func_untaint(UNUSED TALLOC_CTX *ctx, fr_dcursor_t *out,
928 UNUSED xlat_ctx_t const *xctx,
929 UNUSED request_t *request, fr_value_box_list_t *in)
930{
931 fr_value_box_t *vb;
932
933 fr_value_box_list_untaint(in);
934 while ((vb = fr_value_box_list_pop_head(in)) != NULL) {
935 fr_dcursor_append(out, vb);
936 }
937
938 return XLAT_ACTION_DONE;
939}
940
941static xlat_action_t xlat_func_taint(UNUSED TALLOC_CTX *ctx, fr_dcursor_t *out,
942 UNUSED xlat_ctx_t const *xctx,
943 UNUSED request_t *request, fr_value_box_list_t *in)
944{
945 fr_value_box_t *vb;
946
947 while ((vb = fr_value_box_list_pop_head(in)) != NULL) {
948 fr_value_box_t *child;
949
950 fr_assert(vb->type == FR_TYPE_GROUP);
951
952 while ((child = fr_value_box_list_pop_head(&vb->vb_group)) != NULL) {
953 child->tainted = true;
954 fr_value_box_mark_unsafe(child);
955
956 fr_dcursor_append(out, child);
957 }
958 }
959
960 return XLAT_ACTION_DONE;
961}
962
963static xlat_arg_parser_t const xlat_func_explode_args[] = {
964 { .required = true, .type = FR_TYPE_STRING },
965 { .required = true, .concat = true, .type = FR_TYPE_STRING },
966 XLAT_ARG_PARSER_TERMINATOR
967};
968
969/** Split a string into multiple new strings based on a delimiter
970 *
971@verbatim
972%explode(<string>, <delim>)
973@endverbatim
974 *
975 * Example:
976@verbatim
977update request {
978 &Tmp-String-1 := "a,b,c"
979}
980"%concat(%explode(%{Tmp-String-1}, ','), '|')" == "a|b|c"g
981@endverbatim
982 *
983 * @ingroup xlat_functions
984 */
985static xlat_action_t xlat_func_explode(TALLOC_CTX *ctx, fr_dcursor_t *out,
986 UNUSED xlat_ctx_t const *xctx,
987 request_t *request, fr_value_box_list_t *args)
988{
989 fr_value_box_t *strings;
990 fr_value_box_list_t *list;
991 fr_value_box_t *delim_vb;
992 ssize_t delim_len;
993 char const *delim;
994 fr_value_box_t *string, *vb;
995
996 XLAT_ARGS(args, &strings, &delim_vb);
997
998 list = &strings->vb_group;
999
1000 /* coverity[dereference] */
1001 if (delim_vb->vb_length == 0) {
1002 REDEBUG("Delimiter must be greater than zero characters");
1003 return XLAT_ACTION_FAIL;
1004 }
1005
1006 delim = delim_vb->vb_strvalue;
1007 delim_len = delim_vb->vb_length;
1008
1009 while ((string = fr_value_box_list_pop_head(list))) {
1010 fr_sbuff_t sbuff = FR_SBUFF_IN(string->vb_strvalue, string->vb_length);
1011 fr_sbuff_marker_t m_start;
1012
1013 /*
1014 * If the delimiter is not in the string, just move to the output
1015 */
1016 if (!fr_sbuff_adv_to_str(&sbuff, SIZE_MAX, delim, delim_len)) {
1017 fr_dcursor_append(out, string);
1018 continue;
1019 }
1020
1021 fr_sbuff_set_to_start(&sbuff);
1022 fr_sbuff_marker(&m_start, &sbuff);
1023
1024 while (fr_sbuff_remaining(&sbuff)) {
1025 if (fr_sbuff_adv_to_str(&sbuff, SIZE_MAX, delim, delim_len)) {
1026 /*
1027 * If there's nothing before the delimiter skip
1028 */
1029 if (fr_sbuff_behind(&m_start) == 0) goto advance;
1030
1031 MEM(vb = fr_value_box_alloc_null(ctx));
1032 fr_value_box_bstrndup(vb, vb, NULL, fr_sbuff_current(&m_start),
1033 fr_sbuff_behind(&m_start), false);
1034 fr_value_box_safety_copy(vb, string);
1035 fr_dcursor_append(out, vb);
1036
1037 advance:
1038 fr_sbuff_advance(&sbuff, delim_len);
1039 fr_sbuff_set(&m_start, &sbuff);
1040 continue;
1041 }
1042
1043 fr_sbuff_set_to_end(&sbuff);
1044 MEM(vb = fr_value_box_alloc_null(ctx));
1045 fr_value_box_bstrndup(vb, vb, NULL, fr_sbuff_current(&m_start),
1046 fr_sbuff_behind(&m_start), false);
1047
1048 fr_value_box_safety_copy(vb, string);
1049 fr_dcursor_append(out, vb);
1050 break;
1051 }
1052 talloc_free(string);
1053 }
1054
1055 return XLAT_ACTION_DONE;
1056}
1057
1058/** Mark one or more attributes as immutable
1059 *
1060 * Example:
1061@verbatim
1062%pairs.immutable(request.State[*])
1063@endverbatim
1064 *
1065 * @ingroup xlat_functions
1066 */
1067static xlat_action_t xlat_func_immutable_attr(UNUSED TALLOC_CTX *ctx, UNUSED fr_dcursor_t *out,
1068 UNUSED xlat_ctx_t const *xctx,
1069 request_t *request, fr_value_box_list_t *args)
1070{
1071 fr_pair_t *vp;
1072 fr_dcursor_t *cursor;
1073 fr_value_box_t *in_head;
1074
1075 XLAT_ARGS(args, &in_head);
1076
1077 cursor = fr_value_box_get_cursor(in_head);
1078
1079 RDEBUG("Attributes matching \"%s\"", in_head->vb_cursor_name);
1080
1081 RINDENT();
1082 for (vp = fr_dcursor_current(cursor);
1083 vp;
1084 vp = fr_dcursor_next(cursor)) {
1085 fr_pair_set_immutable(vp);
1086 }
1087 REXDENT();
1088
1089 return XLAT_ACTION_DONE;
1090}
1091
1092static xlat_arg_parser_t const xlat_func_integer_args[] = {
1093 { .required = true, .single = true, .type = FR_TYPE_VOID },
1094 XLAT_ARG_PARSER_TERMINATOR
1095};
1096
1097/** Print data as integer, not as VALUE.
1098 *
1099 * Example:
1100@verbatim
1101update request {
1102 &Tmp-IP-Address-0 := "127.0.0.5"
1103}
1104%integer(%{Tmp-IP-Address-0}) == 2130706437
1105@endverbatim
1106 * @ingroup xlat_functions
1107 */
1108static xlat_action_t xlat_func_integer(TALLOC_CTX *ctx, fr_dcursor_t *out,
1109 UNUSED xlat_ctx_t const *xctx,
1110 request_t *request, fr_value_box_list_t *args)
1111{
1112 fr_value_box_t *in_vb;
1113 char const *p;
1114
1115 XLAT_ARGS(args, &in_vb);
1116
1117 fr_strerror_clear(); /* Make sure we don't print old errors */
1118
1119 fr_value_box_list_remove(args, in_vb);
1120
1121 switch (in_vb->type) {
1122 default:
1123 error:
1124 RPEDEBUG("Failed converting %pR (%s) to an integer", in_vb,
1125 fr_type_to_str(in_vb->type));
1126 talloc_free(in_vb);
1127 return XLAT_ACTION_FAIL;
1128
1129 case FR_TYPE_NUMERIC:
1130 /*
1131 * Ensure enumeration is NULL so that the integer
1132 * version of a box is returned
1133 */
1134 in_vb->enumv = NULL;
1135
1136 /*
1137 * FR_TYPE_DATE and FR_TYPE_TIME_DELTA need to be cast
1138 * to int64_t so that they're printed in a
1139 * numeric format.
1140 */
1141 if ((in_vb->type == FR_TYPE_DATE) || (in_vb->type == FR_TYPE_TIME_DELTA)) {
1142 if (fr_value_box_cast_in_place(ctx, in_vb, FR_TYPE_INT64, NULL) < 0) goto error;
1143 }
1144 break;
1145
1146 case FR_TYPE_STRING:
1147 /*
1148 * Strings are always zero terminated. They may
1149 * also have zeros in the middle, but if that
1150 * happens, the caller will only get the part up
1151 * to the first zero.
1152 *
1153 * We check for negative numbers, just to be
1154 * nice.
1155 */
1156 for (p = in_vb->vb_strvalue; *p != '\0'; p++) {
1157 if (*p == '-') break;
1158 }
1159
1160 if (*p == '-') {
1161 if (fr_value_box_cast_in_place(ctx, in_vb, FR_TYPE_INT64, NULL) < 0) goto error;
1162 } else {
1163 if (fr_value_box_cast_in_place(ctx, in_vb, FR_TYPE_UINT64, NULL) < 0) goto error;
1164 }
1165 break;
1166
1167 case FR_TYPE_OCTETS:
1168 if (in_vb->vb_length > sizeof(uint64_t)) {
1169 fr_strerror_printf("Expected octets length <= %zu, got %zu", sizeof(uint64_t), in_vb->vb_length);
1170 goto error;
1171 }
1172
1173 if (in_vb->vb_length > sizeof(uint32_t)) {
1174 if (unlikely(fr_value_box_cast_in_place(ctx, in_vb, FR_TYPE_UINT64, NULL) < 0)) goto error;
1175 } else if (in_vb->vb_length > sizeof(uint16_t)) {
1176 if (unlikely(fr_value_box_cast_in_place(ctx, in_vb, FR_TYPE_UINT32, NULL) < 0)) goto error;
1177 } else if (in_vb->vb_length > sizeof(uint8_t)) {
1178 if (unlikely(fr_value_box_cast_in_place(ctx, in_vb, FR_TYPE_UINT16, NULL) < 0)) goto error;
1179 } else {
1180 if (unlikely(fr_value_box_cast_in_place(ctx, in_vb, FR_TYPE_UINT8, NULL) < 0)) goto error;
1181 }
1182
1183 break;
1184
1185 case FR_TYPE_IPV4_ADDR:
1186 case FR_TYPE_IPV4_PREFIX:
1187 if (fr_value_box_cast_in_place(ctx, in_vb, FR_TYPE_UINT32, NULL) < 0) goto error;
1188 break;
1189
1190 case FR_TYPE_ETHERNET:
1191 if (fr_value_box_cast_in_place(ctx, in_vb, FR_TYPE_UINT64, NULL) < 0) goto error;
1192 break;
1193
1194 case FR_TYPE_IPV6_ADDR:
1195 case FR_TYPE_IPV6_PREFIX:
1196 {
1197 uint128_t ipv6int;
1198 char buff[40];
1199 fr_value_box_t *vb;
1200
1201 /*
1202 * Needed for correct alignment (as flagged by ubsan)
1203 */
1204 memcpy(&ipv6int, &in_vb->vb_ipv6addr, sizeof(ipv6int));
1205
1206 fr_snprint_uint128(buff, sizeof(buff), ntohlll(ipv6int));
1207
1208 MEM(vb = fr_value_box_alloc_null(ctx));
1209 fr_value_box_bstrndup(vb, vb, NULL, buff, strlen(buff), false);
1210 fr_dcursor_append(out, vb);
1211 talloc_free(in_vb);
1212 return XLAT_ACTION_DONE;
1213 }
1214 }
1215
1216 fr_dcursor_append(out, in_vb);
1217
1218 return XLAT_ACTION_DONE;
1219}
1220
1221static xlat_arg_parser_t const xlat_func_log_arg[] = {
1222 { .concat = true, .type = FR_TYPE_STRING },
1223 XLAT_ARG_PARSER_TERMINATOR
1224};
1225
1226/** Log something at INFO level.
1227 *
1228 * Example:
1229@verbatim
1230%log("This is an informational message")
1231@endverbatim
1232 *
1233 * @ingroup xlat_functions
1234 */
1235static xlat_action_t xlat_func_log_info(UNUSED TALLOC_CTX *ctx, UNUSED fr_dcursor_t *out,
1236 UNUSED xlat_ctx_t const *xctx,
1237 request_t *request, fr_value_box_list_t *args)
1238{
1239 fr_value_box_t *vb;
1240
1241 XLAT_ARGS(args, &vb);
1242
1243 if (!vb) return XLAT_ACTION_DONE;
1244
1245 RINFO("%s", vb->vb_strvalue);
1246
1247 return XLAT_ACTION_DONE;
1248}
1249
1250
1251/** Log something at DEBUG level.
1252 *
1253 * Example:
1254@verbatim
1255%log.debug("This is a message")
1256@endverbatim
1257 *
1258 * @ingroup xlat_functions
1259 */
1260static xlat_action_t xlat_func_log_debug(UNUSED TALLOC_CTX *ctx, UNUSED fr_dcursor_t *out,
1261 UNUSED xlat_ctx_t const *xctx,
1262 request_t *request, fr_value_box_list_t *args)
1263{
1264 fr_value_box_t *vb;
1265
1266 XLAT_ARGS(args, &vb);
1267
1268 if (!vb) return XLAT_ACTION_DONE;
1269
1270 RDEBUG("%s", vb->vb_strvalue);
1271
1272 return XLAT_ACTION_DONE;
1273}
1274
1275
1276/** Log something at DEBUG level.
1277 *
1278 * Example:
1279@verbatim
1280%log.err("Big error here")
1281@endverbatim
1282 *
1283 * @ingroup xlat_functions
1284 */
1285static xlat_action_t xlat_func_log_err(UNUSED TALLOC_CTX *ctx, UNUSED fr_dcursor_t *out,
1286 UNUSED xlat_ctx_t const *xctx,
1287 request_t *request, fr_value_box_list_t *args)
1288{
1289 fr_value_box_t *vb;
1290
1291 XLAT_ARGS(args, &vb);
1292
1293 if (!vb) return XLAT_ACTION_DONE;
1294
1295 REDEBUG("%s", vb->vb_strvalue);
1296
1297 return XLAT_ACTION_DONE;
1298}
1299
1300
1301/** Log something at WARN level.
1302 *
1303 * Example:
1304@verbatim
1305%log.warn("Maybe something bad happened")
1306@endverbatim
1307 *
1308 * @ingroup xlat_functions
1309 */
1310static xlat_action_t xlat_func_log_warn(UNUSED TALLOC_CTX *ctx, UNUSED fr_dcursor_t *out,
1311 UNUSED xlat_ctx_t const *xctx,
1312 request_t *request, fr_value_box_list_t *args)
1313{
1314 fr_value_box_t *vb;
1315
1316 XLAT_ARGS(args, &vb);
1317
1318 if (!vb) return XLAT_ACTION_DONE;
1319
1320 RWDEBUG("%s", vb->vb_strvalue);
1321
1322 return XLAT_ACTION_DONE;
1323}
1324
1325static int _log_dst_free(fr_log_t *log)
1326{
1327 close(log->fd);
1328 return 0;
1329}
1330
1331static xlat_arg_parser_t const xlat_func_log_dst_args[] = {
1332 { .required = false, .type = FR_TYPE_STRING, .concat = true },
1333 { .required = false, .type = FR_TYPE_UINT32, .single = true },
1334 { .required = false, .type = FR_TYPE_STRING, .concat = true },
1335 XLAT_ARG_PARSER_TERMINATOR
1336};
1337
1338/** Change the log destination to the named one
1339 *
1340 * Example:
1341@verbatim
1342%log.destination('foo')
1343@endverbatim
1344 *
1345 * @ingroup xlat_functions
1346 */
1347static xlat_action_t xlat_func_log_dst(UNUSED TALLOC_CTX *ctx, UNUSED fr_dcursor_t *out,
1348 UNUSED xlat_ctx_t const *xctx,
1349 request_t *request, fr_value_box_list_t *args)
1350{
1351 fr_value_box_t *dst, *lvl, *file;
1352 fr_log_t *log, *dbg;
1353 uint32_t level = 2;
1354
1355 XLAT_ARGS(args, &dst, &lvl, &file);
1356
1357 /*
1358 * An explicit `null` is treated the same as a missing arg.
1359 * vb_strvalue on an FR_TYPE_NULL box is unset, so reading
1360 * it below would be UB.
1361 */
1362 if (dst && fr_type_is_null(dst->type)) dst = NULL;
1363 if (lvl && fr_type_is_null(lvl->type)) lvl = NULL;
1364 if (file && fr_type_is_null(file->type)) file = NULL;
1365
1366 if (!dst || !*dst->vb_strvalue) {
1367 request_log_prepend(request, NULL, L_DBG_LVL_DISABLE);
1368 return XLAT_ACTION_DONE;
1369 }
1370
1371 log = log_dst_by_name(dst->vb_strvalue);
1372 if (!log) return XLAT_ACTION_FAIL;
1373
1374 if (lvl) level = lvl->vb_uint32;
1375
1376 if (!file || ((log->dst != L_DST_NULL) && (log->dst != L_DST_FILES))) {
1377 request_log_prepend(request, log, level);
1378 return XLAT_ACTION_DONE;
1379 }
1380
1381 /*
1382 * Clone it.
1383 */
1384 MEM(dbg = talloc_memdup(request, log, sizeof(*log)));
1385 dbg->parent = log;
1386
1387 /*
1388 * Open the new filename.
1389 */
1390 dbg->dst = L_DST_FILES;
1391 dbg->file = talloc_strdup(dbg, file->vb_strvalue);
1392 dbg->fd = open(dbg->file, O_WRONLY | O_CREAT | O_CLOEXEC, 0600);
1393 if (dbg->fd < 0) {
1394 REDEBUG("Failed opening %s - %s", dbg->file, fr_syserror(errno));
1395 talloc_free(dbg);
1396 return XLAT_ACTION_DONE;
1397 }
1398
1399 /*
1400 * Ensure that we close the file handle when done.
1401 */
1402 talloc_set_destructor(dbg, _log_dst_free);
1403
1404 request_log_prepend(request, dbg, level);
1405 return XLAT_ACTION_DONE;
1406}
1407
1408
1409static xlat_arg_parser_t const xlat_func_map_arg[] = {
1410 { .required = true, .type = FR_TYPE_STRING },
1411 XLAT_ARG_PARSER_TERMINATOR
1412};
1413
1414/** Processes fmt as a map string and applies it to the current request
1415 *
1416 * e.g.
1417@verbatim
1418%map("User-Name := 'foo'")
1419@endverbatim
1420 *
1421 * Allows sets of modifications to be cached and then applied.
1422 * Useful for processing generic attributes from LDAP.
1423 *
1424 * @ingroup xlat_functions
1425 */
1426static xlat_action_t xlat_func_map(TALLOC_CTX *ctx, fr_dcursor_t *out,
1427 UNUSED xlat_ctx_t const *xctx,
1428 request_t *request, fr_value_box_list_t *args)
1429{
1430 map_t *map = NULL;
1431 int ret;
1432 fr_value_box_t *fmt_vb;
1433 fr_value_box_t *vb;
1434
1435 tmpl_rules_t attr_rules = {
1436 .attr = {
1437 .dict_def = request->local_dict,
1438 .list_def = request_attr_request,
1439 },
1440 .xlat = {
1441 .runtime_el = unlang_interpret_event_list(request)
1442 }
1443 };
1444
1445 XLAT_ARGS(args, &fmt_vb);
1446
1447 MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_BOOL, NULL));
1448 vb->vb_bool = false; /* Default fail value - changed to true on success */
1449 fr_dcursor_append(out, vb);
1450
1451 fr_value_box_list_foreach(&fmt_vb->vb_group, fmt) {
1452 if (map_afrom_attr_str(request, &map, fmt->vb_strvalue, &attr_rules, &attr_rules) < 0) {
1453 RPEDEBUG("Failed parsing \"%s\" as map", fmt_vb->vb_strvalue);
1454 return XLAT_ACTION_FAIL;
1455 }
1456
1457 switch (map->lhs->type) {
1458 case TMPL_TYPE_ATTR:
1459 case TMPL_TYPE_XLAT:
1460 break;
1461
1462 default:
1463 REDEBUG("Unexpected type %s in left hand side of expression",
1464 tmpl_type_to_str(map->lhs->type));
1465 return XLAT_ACTION_FAIL;
1466 }
1467
1468 switch (map->rhs->type) {
1469 case TMPL_TYPE_ATTR:
1470 case TMPL_TYPE_EXEC:
1471 case TMPL_TYPE_DATA:
1472 case TMPL_TYPE_REGEX_XLAT_UNRESOLVED:
1473 case TMPL_TYPE_DATA_UNRESOLVED:
1474 case TMPL_TYPE_XLAT:
1475 break;
1476
1477 default:
1478 REDEBUG("Unexpected type %s in right hand side of expression",
1479 tmpl_type_to_str(map->rhs->type));
1480 return XLAT_ACTION_FAIL;
1481 }
1482
1483 RINDENT();
1484 ret = map_to_request(request, map, map_to_vp, NULL);
1485 REXDENT();
1486 talloc_free(map);
1487 if (ret < 0) return XLAT_ACTION_FAIL;
1488 }
1489
1490 vb->vb_bool = true;
1491 return XLAT_ACTION_DONE;
1492}
1493
1494
1495static xlat_arg_parser_t const xlat_func_next_time_args[] = {
1496 { .required = true, .concat = true, .type = FR_TYPE_STRING },
1497 XLAT_ARG_PARSER_TERMINATOR
1498};
1499
1500/** Calculate number of seconds until the next n hour(s), day(s), week(s), year(s).
1501 *
1502 * For example, if it were 16:18 %time.next(1h) would expand to 2520.
1503 *
1504 * The envisaged usage for this function is to limit sessions so that they don't
1505 * cross billing periods. The output of the xlat should be combined with %rand() to create
1506 * some jitter, unless the desired effect is every subscriber on the network
1507 * re-authenticating at the same time.
1508 *
1509 * @ingroup xlat_functions
1510 */
1511static xlat_action_t xlat_func_next_time(TALLOC_CTX *ctx, fr_dcursor_t *out,
1512 UNUSED xlat_ctx_t const *xctx,
1513 request_t *request, fr_value_box_list_t *args)
1514{
1515 unsigned long num;
1516
1517 char const *p;
1518 char *q;
1519 time_t now;
1520 struct tm *local, local_buff;
1521 fr_value_box_t *in_head;
1522 fr_value_box_t *vb;
1523
1524 XLAT_ARGS(args, &in_head);
1525
1526 /*
1527 * We want to limit based on _now_, not on when they logged in.
1528 */
1529 now = time(NULL);
1530 local = localtime_r(&now, &local_buff);
1531
1532 p = in_head->vb_strvalue;
1533
1534 num = strtoul(p, &q, 10);
1535 if ((num == ULONG_MAX) || !q || *q == '\0') {
1536 REDEBUG("<int> must be followed by time period (h|d|w|m|y)");
1537 return XLAT_ACTION_FAIL;
1538 }
1539 if (num == 0) {
1540 REDEBUG("<int> must be greater than zero");
1541 return XLAT_ACTION_FAIL;
1542 }
1543
1544 if (p == q) {
1545 num = 1;
1546 } else {
1547 p += q - p;
1548 }
1549
1550 local->tm_sec = 0;
1551 local->tm_min = 0;
1552
1553 switch (*p) {
1554 case 'h':
1555 local->tm_hour += num;
1556 break;
1557
1558 case 'd':
1559 local->tm_hour = 0;
1560 local->tm_mday += num;
1561 break;
1562
1563 case 'w':
1564 local->tm_hour = 0;
1565 local->tm_mday += (7 - local->tm_wday) + (7 * (num-1));
1566 break;
1567
1568 case 'm':
1569 local->tm_hour = 0;
1570 local->tm_mday = 1;
1571 local->tm_mon += num;
1572 break;
1573
1574 case 'y':
1575 local->tm_hour = 0;
1576 local->tm_mday = 1;
1577 local->tm_mon = 0;
1578 local->tm_year += num;
1579 break;
1580
1581 default:
1582 REDEBUG("Invalid time period '%c', must be h|d|w|m|y", *p);
1583 return XLAT_ACTION_FAIL;
1584 }
1585
1586 MEM(vb = fr_value_box_alloc_null(ctx));
1587 fr_value_box_uint64(vb, NULL, (uint64_t)(mktime(local) - now), false);
1588 fr_dcursor_append(out, vb);
1589 return XLAT_ACTION_DONE;
1590}
1591
1596
1597/** Just serves to push the result up the stack
1598 *
1599 */
1600static xlat_action_t xlat_eval_resume(UNUSED TALLOC_CTX *ctx, UNUSED fr_dcursor_t *out,
1601 xlat_ctx_t const *xctx,
1602 UNUSED request_t *request, UNUSED fr_value_box_list_t *in)
1603{
1604 xlat_eval_rctx_t *rctx = talloc_get_type_abort(xctx->rctx, xlat_eval_rctx_t);
1605 xlat_action_t xa = XLAT_RESULT_SUCCESS(&rctx->last_result) ? XLAT_ACTION_DONE : XLAT_ACTION_FAIL;
1606
1607 talloc_free(rctx);
1608
1609 return xa;
1610}
1611
1612static xlat_arg_parser_t const xlat_func_eval_arg[] = {
1613 { .required = true, .concat = true, .type = FR_TYPE_STRING },
1614 XLAT_ARG_PARSER_TERMINATOR
1615};
1616
1617/** Dynamically evaluate an expansion string
1618 *
1619 * @ingroup xlat_functions
1620 */
1621static xlat_action_t xlat_func_eval(TALLOC_CTX *ctx, fr_dcursor_t *out,
1622 UNUSED xlat_ctx_t const *xctx,
1623 request_t *request, fr_value_box_list_t *args)
1624{
1625 /*
1626 * These are escaping rules applied to the
1627 * input string. They're mostly here to
1628 * allow \% and \\ to work.
1629 *
1630 * Everything else should be passed in as
1631 * unescaped data.
1632 */
1633 static fr_sbuff_unescape_rules_t const escape_rules = {
1634 .name = "xlat",
1635 .chr = '\\',
1636 .subs = {
1637 ['%'] = '%',
1638 ['\\'] = '\\',
1639 },
1640 .do_hex = false,
1641 .do_oct = false
1642 };
1643
1644 xlat_eval_rctx_t *rctx;
1645 fr_value_box_t *arg = fr_value_box_list_head(args);
1646
1647 XLAT_ARGS(args, &arg);
1648
1649 MEM(rctx = talloc_zero(unlang_interpret_frame_talloc_ctx(request), xlat_eval_rctx_t));
1650
1651 /*
1652 * Parse the input as a literal expansion
1653 */
1654 if (xlat_tokenize_expression(rctx,
1655 &rctx->ex,
1656 &FR_SBUFF_IN(arg->vb_strvalue, arg->vb_length),
1657 &(fr_sbuff_parse_rules_t){
1658 .escapes = &escape_rules
1659 },
1660 &(tmpl_rules_t){
1661 .attr = {
1662 .dict_def = request->local_dict,
1663 .list_def = request_attr_request,
1664 .allow_unknown = false,
1665 .allow_unresolved = false,
1666 .allow_foreign = false,
1667 },
1668 .xlat = {
1669 .runtime_el = unlang_interpret_event_list(request),
1670 },
1671 .at_runtime = true
1672 }) < 0) {
1673 RPEDEBUG("Failed parsing expansion");
1674 error:
1675 talloc_free(rctx);
1676 return XLAT_ACTION_FAIL;
1677 }
1678
1679 /*
1680 * Call the resolution function so we produce
1681 * good errors about what function was
1682 * unresolved.
1683 */
1684 if (rctx->ex->flags.needs_resolving &&
1685 (xlat_resolve(rctx->ex, &(xlat_res_rules_t){ .allow_unresolved = false }) < 0)) {
1686 RPEDEBUG("Unresolved expansion functions in expansion");
1687 goto error;
1688
1689 }
1690
1691 if (unlang_xlat_yield(request, xlat_eval_resume, NULL, 0, rctx) != XLAT_ACTION_YIELD) goto error;
1692
1693 if (unlang_xlat_push(ctx, &rctx->last_result, (fr_value_box_list_t *)out->dlist,
1694 request, rctx->ex, UNLANG_SUB_FRAME) < 0) goto error;
1695
1696 return XLAT_ACTION_PUSH_UNLANG;
1697}
1698
1699static xlat_arg_parser_t const xlat_func_pad_args[] = {
1700 { .required = true, .type = FR_TYPE_STRING },
1701 { .required = true, .single = true, .type = FR_TYPE_UINT64 },
1702 { .concat = true, .type = FR_TYPE_STRING },
1703 XLAT_ARG_PARSER_TERMINATOR
1704};
1705
1706/** lpad a string
1707 *
1708@verbatim
1709%lpad(%{Attribute-Name}, <length> [, <fill>])
1710@endverbatim
1711 *
1712 * Example: (User-Name = "foo")
1713@verbatim
1714%lpad(%{User-Name}, 5 'x') == "xxfoo"
1715@endverbatim
1716 *
1717 * @ingroup xlat_functions
1718 */
1719static xlat_action_t xlat_func_lpad(UNUSED TALLOC_CTX *ctx, fr_dcursor_t *out,
1720 UNUSED xlat_ctx_t const *xctx,
1721 request_t *request, fr_value_box_list_t *args)
1722{
1723 fr_value_box_t *values;
1724 fr_value_box_t *pad;
1725 fr_value_box_t *fill;
1726
1727 fr_value_box_list_t *list;
1728
1729 size_t pad_len;
1730
1731 char const *fill_str = NULL;
1732 size_t fill_len = 0;
1733
1734 fr_value_box_t *in = NULL;
1735
1736 XLAT_ARGS(args, &values, &pad, &fill);
1737
1738 /* coverity[dereference] */
1739 list = &values->vb_group;
1740 /* coverity[dereference] */
1741 pad_len = (size_t)pad->vb_uint64;
1742
1743 /*
1744 * Fill is optional
1745 */
1746 if (fill) {
1747 fill_str = fill->vb_strvalue;
1748 fill_len = talloc_strlen(fill_str);
1749 }
1750
1751 if (fill_len == 0) {
1752 fill_str = " ";
1753 fill_len = 1;
1754 }
1755
1756 while ((in = fr_value_box_list_pop_head(list))) {
1757 size_t len = talloc_strlen(in->vb_strvalue);
1758 size_t remaining;
1759 char *buff;
1760 fr_sbuff_t sbuff;
1761 fr_sbuff_marker_t m_data;
1762
1763 fr_dcursor_append(out, in);
1764
1765 if (len >= pad_len) continue;
1766
1767 if (fr_value_box_bstr_realloc(in, &buff, in, pad_len) < 0) {
1768 RPEDEBUG("Failed reallocing input data");
1769 return XLAT_ACTION_FAIL;
1770 }
1771
1772 fr_sbuff_init_in(&sbuff, buff, pad_len);
1773 fr_sbuff_marker(&m_data, &sbuff);
1774
1775 /*
1776 * ...nothing to move if the input
1777 * string is empty.
1778 */
1779 if (len > 0) {
1780 fr_sbuff_advance(&m_data, pad_len - len); /* Mark where we want the data to go */
1781 fr_sbuff_move(&FR_SBUFF(&m_data), &FR_SBUFF(&sbuff), len); /* Shift the data */
1782 }
1783
1784 if (fill_len == 1) {
1785 memset(fr_sbuff_current(&sbuff), *fill_str, fr_sbuff_ahead(&m_data));
1786 continue;
1787 }
1788
1789 /*
1790 * Copy fill as a repeating pattern
1791 */
1792 while ((remaining = fr_sbuff_ahead(&m_data))) {
1793 size_t to_copy = remaining >= fill_len ? fill_len : remaining;
1794 memcpy(fr_sbuff_current(&sbuff), fill_str, to_copy); /* avoid \0 termination */
1795 fr_sbuff_advance(&sbuff, to_copy);
1796 }
1797 fr_sbuff_set_to_end(&sbuff);
1798 fr_sbuff_terminate(&sbuff); /* Move doesn't re-terminate */
1799 }
1800
1801 return XLAT_ACTION_DONE;
1802}
1803
1804/** Right pad a string
1805 *
1806@verbatim
1807%rpad(%{Attribute-Name}, <length> [, <fill>])
1808@endverbatim
1809 *
1810 * Example: (User-Name = "foo")
1811@verbatim
1812%rpad(%{User-Name}, 5 'x') == "fooxx"
1813@endverbatim
1814 *
1815 * @ingroup xlat_functions
1816 */
1817static xlat_action_t xlat_func_rpad(UNUSED TALLOC_CTX *ctx, fr_dcursor_t *out,
1818 UNUSED xlat_ctx_t const *xctx,
1819 request_t *request, fr_value_box_list_t *args)
1820{
1821 fr_value_box_t *values;
1822 fr_value_box_list_t *list;
1823 fr_value_box_t *pad;
1824 /* coverity[dereference] */
1825 size_t pad_len;
1826 fr_value_box_t *fill;
1827 char const *fill_str = NULL;
1828 size_t fill_len = 0;
1829
1830 fr_value_box_t *in = NULL;
1831
1832 XLAT_ARGS(args, &values, &pad, &fill);
1833
1834 list = &values->vb_group;
1835 pad_len = (size_t)pad->vb_uint64;
1836
1837 /*
1838 * Fill is optional
1839 */
1840 if (fill) {
1841 fill_str = fill->vb_strvalue;
1842 fill_len = talloc_strlen(fill_str);
1843 }
1844
1845 if (fill_len == 0) {
1846 fill_str = " ";
1847 fill_len = 1;
1848 }
1849
1850 while ((in = fr_value_box_list_pop_head(list))) {
1851 size_t len = talloc_strlen(in->vb_strvalue);
1852 size_t remaining;
1853 char *buff;
1854 fr_sbuff_t sbuff;
1855
1856 fr_dcursor_append(out, in);
1857
1858 if (len >= pad_len) continue;
1859
1860 if (fr_value_box_bstr_realloc(in, &buff, in, pad_len) < 0) {
1861 fail:
1862 RPEDEBUG("Failed reallocing input data");
1863 return XLAT_ACTION_FAIL;
1864 }
1865
1866 fr_sbuff_init_in(&sbuff, buff, pad_len);
1867 fr_sbuff_advance(&sbuff, len);
1868
1869 if (fill_len == 1) {
1870 memset(fr_sbuff_current(&sbuff), *fill_str, fr_sbuff_remaining(&sbuff));
1871 continue;
1872 }
1873
1874 /*
1875 * Copy fill as a repeating pattern
1876 */
1877 while ((remaining = fr_sbuff_remaining(&sbuff))) {
1878 if (fr_sbuff_in_bstrncpy(&sbuff, fill_str, remaining >= fill_len ? fill_len : remaining) < 0) {
1879 goto fail;
1880 }
1881 }
1882 }
1883
1884 return XLAT_ACTION_DONE;
1885}
1886
1887static xlat_arg_parser_t const xlat_func_base64_encode_arg[] = {
1888 { .required = true, .concat = true, .type = FR_TYPE_OCTETS },
1889 XLAT_ARG_PARSER_TERMINATOR
1890};
1891
1892/** Encode string or attribute as base64
1893 *
1894 * Example:
1895@verbatim
1896%base64.encode("foo") == "Zm9v"
1897@endverbatim
1898 *
1899 * @ingroup xlat_functions
1900 */
1901static xlat_action_t xlat_func_base64_encode(TALLOC_CTX *ctx, fr_dcursor_t *out,
1902 UNUSED xlat_ctx_t const *xctx,
1903 request_t *request, fr_value_box_list_t *args)
1904{
1905 size_t alen;
1906 ssize_t elen;
1907 char *buff;
1908 fr_value_box_t *vb;
1909 fr_value_box_t *in;
1910
1911 XLAT_ARGS(args, &in);
1912
1913 alen = FR_BASE64_ENC_LENGTH(in->vb_length);
1914
1915 MEM(vb = fr_value_box_alloc_null(ctx));
1916 if (fr_value_box_bstr_alloc(vb, &buff, vb, NULL, alen, false) < 0) {
1917 talloc_free(vb);
1918 return XLAT_ACTION_FAIL;
1919 }
1920
1921 elen = fr_base64_encode(&FR_SBUFF_OUT(buff, talloc_array_length(buff)),
1922 &FR_DBUFF_TMP(in->vb_octets, in->vb_length), true);
1923 if (elen < 0) {
1924 RPEDEBUG("Base64 encoding failed");
1925 talloc_free(vb);
1926 return XLAT_ACTION_FAIL;
1927 }
1928 fr_assert((size_t)elen <= alen);
1929 fr_value_box_safety_copy_changed(vb, in);
1930 fr_dcursor_append(out, vb);
1931
1932 return XLAT_ACTION_DONE;
1933}
1934
1935static xlat_arg_parser_t const xlat_func_base64_decode_arg[] = {
1936 { .required = true, .concat = true, .type = FR_TYPE_OCTETS },
1937 XLAT_ARG_PARSER_TERMINATOR
1938};
1939
1940/** Decode base64 string
1941 *
1942 * Example:
1943@verbatim
1944%base64.decode("Zm9v") == "foo"
1945@endverbatim
1946 *
1947 * @ingroup xlat_functions
1948 */
1949static xlat_action_t xlat_func_base64_decode(TALLOC_CTX *ctx, fr_dcursor_t *out,
1950 UNUSED xlat_ctx_t const *xctx,
1951 request_t *request, fr_value_box_list_t *args)
1952{
1953 size_t alen;
1954 ssize_t declen = 0;
1955 uint8_t *decbuf;
1956 fr_value_box_t *vb;
1957 fr_value_box_t *in;
1958
1959 XLAT_ARGS(args, &in);
1960
1961 /*
1962 * Pass empty arguments through
1963 *
1964 * FR_BASE64_DEC_LENGTH produces 2 for empty strings...
1965 */
1966 if (in->vb_length == 0) {
1967 xlat_arg_copy_out(ctx, out, args, in);
1968 return XLAT_ACTION_DONE;
1969 }
1970
1971 alen = FR_BASE64_DEC_LENGTH(in->vb_length);
1972 MEM(vb = fr_value_box_alloc_null(ctx));
1973 if (alen > 0) {
1974 MEM(fr_value_box_mem_alloc(vb, &decbuf, vb, NULL, alen, false) == 0);
1975 declen = fr_base64_decode(&FR_DBUFF_TMP(decbuf, alen),
1976 &FR_SBUFF_IN(in->vb_strvalue, in->vb_length), true, true);
1977 if (declen < 0) {
1978 RPEDEBUG("Base64 string invalid");
1979 talloc_free(vb);
1980 return XLAT_ACTION_FAIL;
1981 }
1982
1983 MEM(fr_value_box_mem_realloc(vb, NULL, vb, declen) == 0);
1984 }
1985
1986 fr_value_box_safety_copy_changed(vb, in);
1987 fr_dcursor_append(out, vb);
1988
1989 return XLAT_ACTION_DONE;
1990}
1991
1992static xlat_arg_parser_t const xlat_func_bin_arg[] = {
1993 { .required = true, .type = FR_TYPE_STRING },
1994 XLAT_ARG_PARSER_TERMINATOR
1995};
1996
1997/** Convert hex string to binary
1998 *
1999 * Example:
2000@verbatim
2001%bin("666f6f626172") == "foobar"
2002@endverbatim
2003 *
2004 * @see #xlat_func_hex
2005 *
2006 * @ingroup xlat_functions
2007 */
2008static xlat_action_t xlat_func_bin(TALLOC_CTX *ctx, fr_dcursor_t *out,
2009 UNUSED xlat_ctx_t const *xctx,
2010 request_t *request, fr_value_box_list_t *args)
2011{
2012 fr_value_box_t *result;
2013 char const *p, *end;
2014 uint8_t *bin;
2015 size_t len, outlen;
2016 fr_sbuff_parse_error_t err;
2017 fr_value_box_t *list, *hex;
2018
2019 XLAT_ARGS(args, &list);
2020
2021 while ((hex = fr_value_box_list_pop_head(&list->vb_group))) {
2022 len = hex->vb_length;
2023 if ((len > 1) && (len & 0x01)) {
2024 REDEBUG("Input data length must be >1 and even, got %zu", len);
2025 return XLAT_ACTION_FAIL;
2026 }
2027
2028 p = hex->vb_strvalue;
2029 end = p + len;
2030
2031 /*
2032 * Look for 0x at the start of the string, and ignore if we see it.
2033 */
2034 if ((p[0] == '0') && (p[1] == 'x')) {
2035 p += 2;
2036 len -=2;
2037 }
2038
2039 /*
2040 * Zero length octets string
2041 */
2042 if (p == end) continue;
2043
2044 outlen = len / 2;
2045
2046 MEM(result = fr_value_box_alloc_null(ctx));
2047 MEM(fr_value_box_mem_alloc(result, &bin, result, NULL, outlen, false) == 0);
2048 fr_base16_decode(&err, &FR_DBUFF_TMP(bin, outlen), &FR_SBUFF_IN(p, end - p), true);
2049 if (err) {
2050 REDEBUG2("Invalid hex string");
2051 talloc_free(result);
2052 return XLAT_ACTION_FAIL;
2053 }
2054
2055 fr_value_box_safety_copy_changed(result, hex);
2056 fr_dcursor_append(out, result);
2057 }
2058
2059 return XLAT_ACTION_DONE;
2060}
2061
2062static xlat_arg_parser_t const xlat_func_block_args[] = {
2063 { .required = true, .single = true, .type = FR_TYPE_TIME_DELTA },
2064 XLAT_ARG_PARSER_TERMINATOR
2065};
2066
2067/** Block for the specified duration
2068 *
2069 * This is for developer use only to simulate blocking, synchronous I/O.
2070 * For normal use, use the %delay() xlat instead.
2071 *
2072 * Example:
2073@verbatim
2074%block(1s)
2075@endverbatim
2076 *
2077 * @ingroup xlat_functions
2078 */
2079static xlat_action_t xlat_func_block(TALLOC_CTX *ctx, fr_dcursor_t *out,
2080 UNUSED xlat_ctx_t const *xctx,
2081 UNUSED request_t *request, fr_value_box_list_t *args)
2082{
2083 fr_value_box_t *delay;
2084 fr_value_box_t *vb;
2085 struct timespec ts_in, ts_remain = {};
2086
2087 XLAT_ARGS(args, &delay);
2088
2089 ts_in = fr_time_delta_to_timespec(delay->vb_time_delta);
2090
2091 (void)nanosleep(&ts_in, &ts_remain);
2092
2093 MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_TIME_DELTA, NULL));
2094 vb->vb_time_delta = fr_time_delta_sub(delay->vb_time_delta,
2095 fr_time_delta_from_timespec(&ts_remain));
2096 fr_dcursor_append(out, vb);
2097
2098 return XLAT_ACTION_DONE;
2099}
2100
2101static xlat_arg_parser_t const xlat_func_cast_args[] = {
2102 { .required = true, .single = true, .type = FR_TYPE_VOID },
2103 { .type = FR_TYPE_VOID },
2104 { .variadic = XLAT_ARG_VARIADIC_EMPTY_KEEP, .type = FR_TYPE_VOID },
2105 XLAT_ARG_PARSER_TERMINATOR
2106};
2107
2108/** Cast one or more output value-boxes to the given type
2109 *
2110 * First argument of is type to cast to.
2111 *
2112 * Example:
2113@verbatim
2114%cast('string', %{request[*]}) results in all of the input boxes being cast to string/
2115@endverbatim
2116 *
2117 * @ingroup xlat_functions
2118 */
2119static xlat_action_t xlat_func_cast(TALLOC_CTX *ctx, fr_dcursor_t *out,
2120 UNUSED xlat_ctx_t const *xctx,
2121 request_t *request, fr_value_box_list_t *args)
2122{
2123 fr_value_box_t *name;
2124 fr_value_box_t *arg;
2125 fr_type_t type;
2126 fr_dict_attr_t const *time_res = NULL;
2127
2128 XLAT_ARGS(args, &name);
2129
2130 /*
2131 * Get the type, which can be in one of a few formats.
2132 */
2133 if (fr_type_is_numeric(name->type)) {
2134 if (fr_value_box_cast_in_place(name, name, FR_TYPE_UINT8, NULL) < 0) {
2135 RPEDEBUG("Failed parsing '%pV' as a numerical data type", name);
2136 return XLAT_ACTION_FAIL;
2137 }
2138 type = name->vb_uint8;
2139
2140 } else {
2141 if (name->type != FR_TYPE_STRING) {
2142 if (fr_value_box_cast_in_place(name, name, FR_TYPE_STRING, NULL) < 0) {
2143 RPEDEBUG("Failed parsing '%pV' as a string data type", name);
2144 return XLAT_ACTION_FAIL;
2145 }
2146 }
2147
2148 type = fr_table_value_by_str(fr_type_table, name->vb_strvalue, FR_TYPE_NULL);
2149 if (type == FR_TYPE_NULL) {
2150 if ((time_res = xlat_time_res_attr(name->vb_strvalue)) == NULL) {
2151 RDEBUG("Unknown data type '%s'", name->vb_strvalue);
2152 return XLAT_ACTION_FAIL;
2153 }
2154
2155 type = FR_TYPE_TIME_DELTA;
2156 }
2157 }
2158
2159 (void) fr_value_box_list_pop_head(args);
2160
2161 /*
2162 * When we cast nothing to a string / octets, the result is an empty string/octets.
2163 */
2164 if (unlikely(!fr_value_box_list_head(args))) {
2165 if ((type == FR_TYPE_STRING) || (type == FR_TYPE_OCTETS)) {
2166 fr_value_box_t *dst;
2167
2168 MEM(dst = fr_value_box_alloc(ctx, type, NULL));
2169 fr_dcursor_append(out, dst);
2170 VALUE_BOX_LIST_VERIFY((fr_value_box_list_t *)out->dlist);
2171
2172 return XLAT_ACTION_DONE;
2173 }
2174
2175 RDEBUG("No data for cast to '%s'", fr_type_to_str(type));
2176 return XLAT_ACTION_FAIL;
2177 }
2178
2179 /*
2180 * Cast to string means *print* to string.
2181 */
2182 if (type == FR_TYPE_STRING) {
2183 fr_sbuff_t *agg;
2184 fr_value_box_t *dst;
2185
2186 talloc_free(name);
2187
2188 FR_SBUFF_TALLOC_THREAD_LOCAL(&agg, 256, SIZE_MAX);
2189
2190 MEM(dst = fr_value_box_alloc_null(ctx));
2191 fr_value_box_mark_safe_for(dst, FR_VALUE_BOX_SAFE_FOR_ANY);
2192
2193 if (fr_value_box_list_concat_as_string(dst, agg, args, NULL, 0, NULL,
2194 FR_VALUE_BOX_LIST_FREE_BOX, FR_VALUE_BOX_SAFE_FOR_ANY, true) < 0) {
2195 RPEDEBUG("Failed concatenating string");
2196 return XLAT_ACTION_FAIL;
2197 }
2198
2199 fr_value_box_bstrndup(dst, dst, NULL, fr_sbuff_start(agg), fr_sbuff_used(agg), false);
2200 fr_dcursor_append(out, dst);
2201 VALUE_BOX_LIST_VERIFY((fr_value_box_list_t *)out->dlist);
2202
2203 return XLAT_ACTION_DONE;
2204 }
2205
2206 /*
2207 * Copy inputs to outputs, casting them along the way.
2208 */
2209 arg = NULL;
2210 while ((arg = fr_value_box_list_next(args, arg)) != NULL) {
2211 fr_value_box_t *vb, *p;
2212
2213 fr_assert(arg->type == FR_TYPE_GROUP);
2214
2215 vb = fr_value_box_list_head(&arg->vb_group);
2216 while (vb) {
2217 p = fr_value_box_list_remove(&arg->vb_group, vb);
2218
2219 if (fr_value_box_cast_in_place(vb, vb, type, time_res) < 0) {
2220 RPEDEBUG("Failed casting %pV to data type '%s'", vb, fr_type_to_str(type));
2221 return XLAT_ACTION_FAIL;
2222 }
2223 fr_dcursor_append(out, vb);
2224 vb = fr_value_box_list_next(&arg->vb_group, p);
2225 }
2226 }
2227 VALUE_BOX_LIST_VERIFY((fr_value_box_list_t *)out->dlist);
2228
2229 return XLAT_ACTION_DONE;
2230}
2231
2232static xlat_arg_parser_t const xlat_func_concat_args[] = {
2233 { .required = true, .type = FR_TYPE_VOID },
2234 { .concat = true, .type = FR_TYPE_STRING },
2235 XLAT_ARG_PARSER_TERMINATOR
2236};
2237
2238/** Concatenate string representation of values of given attributes using separator
2239 *
2240 * First argument of is the list of attributes to concatenate, followed
2241 * by an optional separator
2242 *
2243 * Example:
2244@verbatim
2245%concat(%{request.[*]}, ',') == "<attr1value>,<attr2value>,<attr3value>,..."
2246%concat(%{Tmp-String-0[*]}, '. ') == "<str1value>. <str2value>. <str3value>. ..."
2247%concat(%join(%{User-Name}, %{Calling-Station-Id}), ', ') == "bob, aa:bb:cc:dd:ee:ff"
2248@endverbatim
2249 *
2250 * @ingroup xlat_functions
2251 */
2252static xlat_action_t xlat_func_concat(TALLOC_CTX *ctx, fr_dcursor_t *out,
2253 UNUSED xlat_ctx_t const *xctx,
2254 request_t *request, fr_value_box_list_t *args)
2255{
2256 fr_value_box_t *result;
2257 fr_value_box_t *list;
2258 fr_value_box_t *separator;
2259 fr_value_box_list_t *to_concat;
2260 char *buff;
2261 char const *sep;
2262
2263 XLAT_ARGS(args, &list, &separator);
2264
2265 sep = (separator) ? separator->vb_strvalue : "";
2266 to_concat = &list->vb_group;
2267
2268 result = fr_value_box_alloc(ctx, FR_TYPE_STRING, NULL);
2269 if (!result) {
2270 error:
2271 RPEDEBUG("Failed concatenating input");
2272 return XLAT_ACTION_FAIL;
2273 }
2274
2275 buff = fr_value_box_list_aprint(result, to_concat, sep, NULL);
2276 if (!buff) goto error;
2277
2278 fr_value_box_bstrdup_buffer_shallow(NULL, result, NULL, buff, fr_value_box_list_tainted(args));
2279
2280 fr_dcursor_append(out, result);
2281
2282 return XLAT_ACTION_DONE;
2283}
2284
2285static xlat_arg_parser_t const xlat_func_hex_arg[] = {
2286 { .required = true, .type = FR_TYPE_OCTETS },
2287 XLAT_ARG_PARSER_TERMINATOR
2288};
2289
2290/** Print data as hex, not as VALUE.
2291 *
2292 * Example:
2293@verbatim
2294%hex("foobar") == "666f6f626172"
2295@endverbatim
2296 *
2297 * @see #xlat_func_bin
2298 *
2299 * @ingroup xlat_functions
2300 */
2301static xlat_action_t xlat_func_hex(UNUSED TALLOC_CTX *ctx, fr_dcursor_t *out,
2302 UNUSED xlat_ctx_t const *xctx,
2303 UNUSED request_t *request, fr_value_box_list_t *args)
2304{
2305 char *new_buff;
2306 fr_value_box_t *list, *bin;
2307 fr_value_box_t safety;
2308
2309 XLAT_ARGS(args, &list);
2310
2311 while ((bin = fr_value_box_list_pop_head(&list->vb_group))) {
2312 fr_value_box_safety_copy(&safety, bin);
2313
2314 /*
2315 * Use existing box, but with new buffer
2316 */
2317 MEM(new_buff = talloc_zero_array(bin, char, (bin->vb_length * 2) + 1));
2318 if (bin->vb_length) {
2319 fr_base16_encode(&FR_SBUFF_OUT(new_buff, (bin->vb_length * 2) + 1),
2320 &FR_DBUFF_TMP(bin->vb_octets, bin->vb_length));
2321 fr_value_box_clear_value(bin);
2322 fr_value_box_strdup_shallow(bin, NULL, new_buff, false);
2323 /*
2324 * Zero length binary > zero length hex string
2325 */
2326 } else {
2327 fr_value_box_clear_value(bin);
2328 fr_value_box_strdup(bin, bin, NULL, "", false);
2329 }
2330
2331 fr_value_box_safety_copy(bin, &safety);
2332 fr_dcursor_append(out, bin);
2333 }
2334
2335 return XLAT_ACTION_DONE;
2336}
2337
2342
2343static xlat_action_t xlat_hmac(TALLOC_CTX *ctx, fr_dcursor_t *out,
2344 fr_value_box_list_t *args, uint8_t *digest, int digest_len, hmac_type type)
2345{
2346 fr_value_box_t *vb, *data, *key;
2347
2348 XLAT_ARGS(args, &data, &key);
2349
2350 if (type == HMAC_MD5) {
2351 /* coverity[dereference] */
2352 fr_hmac_md5(digest, data->vb_octets, data->vb_length, key->vb_octets, key->vb_length);
2353 } else if (type == HMAC_SHA1) {
2354 /* coverity[dereference] */
2355 fr_hmac_sha1(digest, data->vb_octets, data->vb_length, key->vb_octets, key->vb_length);
2356 }
2357
2358 MEM(vb = fr_value_box_alloc_null(ctx));
2359 fr_value_box_memdup(vb, vb, NULL, digest, digest_len, false);
2360
2361 fr_dcursor_append(out, vb);
2362
2363 return XLAT_ACTION_DONE;
2364}
2365
2366static xlat_arg_parser_t const xlat_hmac_args[] = {
2367 { .required = true, .concat = true, .type = FR_TYPE_STRING },
2368 { .required = true, .concat = true, .type = FR_TYPE_STRING },
2369 XLAT_ARG_PARSER_TERMINATOR
2370};
2371
2372/** Generate the HMAC-MD5 of a string or attribute
2373 *
2374 * Example:
2375@verbatim
2376%hmacmd5('foo', 'bar') == "0x31b6db9e5eb4addb42f1a6ca07367adc"
2377@endverbatim
2378 *
2379 * @ingroup xlat_functions
2380 */
2381static xlat_action_t xlat_func_hmac_md5(TALLOC_CTX *ctx, fr_dcursor_t *out,
2382 UNUSED xlat_ctx_t const *xctx,
2383 UNUSED request_t *request, fr_value_box_list_t *in)
2384{
2385 uint8_t digest[MD5_DIGEST_LENGTH];
2386 return xlat_hmac(ctx, out, in, digest, MD5_DIGEST_LENGTH, HMAC_MD5);
2387}
2388
2389
2390/** Generate the HMAC-SHA1 of a string or attribute
2391 *
2392 * Example:
2393@verbatim
2394%hmacsha1('foo', 'bar') == "0x85d155c55ed286a300bd1cf124de08d87e914f3a"
2395@endverbatim
2396 *
2397 * @ingroup xlat_functions
2398 */
2399static xlat_action_t xlat_func_hmac_sha1(TALLOC_CTX *ctx, fr_dcursor_t *out,
2400 UNUSED xlat_ctx_t const *xctx,
2401 UNUSED request_t *request, fr_value_box_list_t *in)
2402{
2403 uint8_t digest[SHA1_DIGEST_LENGTH];
2404 return xlat_hmac(ctx, out, in, digest, SHA1_DIGEST_LENGTH, HMAC_SHA1);
2405}
2406
2407static xlat_arg_parser_t const xlat_func_join_args[] = {
2408 { .required = true, .type = FR_TYPE_VOID },
2409 { .variadic = XLAT_ARG_VARIADIC_EMPTY_SQUASH, .type = FR_TYPE_VOID },
2410 XLAT_ARG_PARSER_TERMINATOR
2411};
2412
2413/** Join a series of arguments to form a single list
2414 *
2415 * null boxes are not preserved.
2416 */
2417static xlat_action_t xlat_func_join(TALLOC_CTX *ctx, fr_dcursor_t *out,
2418 UNUSED xlat_ctx_t const *xctx,
2419 UNUSED request_t *request, fr_value_box_list_t *in)
2420{
2421 fr_value_box_list_foreach(in, arg) {
2422 fr_assert(arg->type == FR_TYPE_GROUP);
2423
2424 fr_value_box_list_foreach(&arg->vb_group, vb) {
2425 xlat_arg_copy_out(ctx, out, &arg->vb_group, vb);
2426 }
2427 }
2428 return XLAT_ACTION_DONE;
2429}
2430
2431static void ungroup(fr_dcursor_t *out, fr_value_box_list_t *in)
2432{
2433 fr_value_box_t *vb;
2434
2435 while ((vb = fr_value_box_list_pop_head(in)) != NULL) {
2436 if (vb->type != FR_TYPE_GROUP) {
2437 fr_dcursor_append(out, vb);
2438 continue;
2439 }
2440 talloc_free(vb);
2441 }
2442}
2443
2444/** Ungroups all of its arguments into one flat list.
2445 *
2446 */
2447static xlat_action_t xlat_func_ungroup(UNUSED TALLOC_CTX *ctx, fr_dcursor_t *out,
2448 UNUSED xlat_ctx_t const *xctx,
2449 UNUSED request_t *request, fr_value_box_list_t *in)
2450{
2451 fr_value_box_t *arg = NULL;
2452
2453 while ((arg = fr_value_box_list_next(in, arg)) != NULL) {
2454 fr_assert(arg->type == FR_TYPE_GROUP);
2455
2456 ungroup(out, &arg->vb_group);
2457 }
2458 return XLAT_ACTION_DONE;
2459}
2460
2461static xlat_arg_parser_t const xlat_func_length_args[] = {
2462 { .single = true, .variadic = XLAT_ARG_VARIADIC_EMPTY_KEEP, .type = FR_TYPE_VOID },
2463 XLAT_ARG_PARSER_TERMINATOR
2464};
2465
2466/** Return the on-the-wire size of the boxes in bytes
2467 *
2468 * skips null values
2469 *
2470 * Example:
2471@verbatim
2472%length(foobar) == 6
2473%length(%bin("0102030005060708")) == 8
2474@endverbatim
2475 *
2476 * @see #xlat_func_strlen
2477 *
2478 * @ingroup xlat_functions
2479 */
2480static xlat_action_t xlat_func_length(TALLOC_CTX *ctx, fr_dcursor_t *out,
2481 UNUSED xlat_ctx_t const *xctx,
2482 UNUSED request_t *request, fr_value_box_list_t *in)
2483
2484{
2485 fr_value_box_list_foreach(in, vb) {
2486 fr_value_box_t *my;
2487
2488 MEM(my = fr_value_box_alloc(ctx, FR_TYPE_SIZE, NULL));
2489 if (!fr_type_is_null(vb->type)) my->vb_size = fr_value_box_network_length(vb);
2490 fr_dcursor_append(out, my);
2491 }
2492
2493 return XLAT_ACTION_DONE;
2494}
2495
2496
2497static xlat_arg_parser_t const xlat_func_md4_arg[] = {
2498 { .concat = true, .type = FR_TYPE_OCTETS },
2499 XLAT_ARG_PARSER_TERMINATOR
2500};
2501
2502/** Calculate the MD4 hash of a string or attribute.
2503 *
2504 * Example:
2505@verbatim
2506%md4("foo") == "0ac6700c491d70fb8650940b1ca1e4b2"
2507@endverbatim
2508 *
2509 * @ingroup xlat_functions
2510 */
2511static xlat_action_t xlat_func_md4(TALLOC_CTX *ctx, fr_dcursor_t *out,
2512 UNUSED xlat_ctx_t const *xctx,
2513 UNUSED request_t *request, fr_value_box_list_t *args)
2514{
2515 uint8_t digest[MD4_DIGEST_LENGTH];
2516 fr_value_box_t *vb;
2517 fr_value_box_t *in_head;
2518
2519 XLAT_ARGS(args, &in_head);
2520
2521 if (in_head) {
2522 fr_md4_calc(digest, in_head->vb_octets, in_head->vb_length);
2523 } else {
2524 /* Digest of empty string */
2525 fr_md4_calc(digest, NULL, 0);
2526 }
2527
2528 MEM(vb = fr_value_box_alloc_null(ctx));
2529 fr_value_box_memdup(vb, vb, NULL, digest, sizeof(digest), false);
2530
2531 fr_dcursor_append(out, vb);
2532 VALUE_BOX_LIST_VERIFY((fr_value_box_list_t *)out->dlist);
2533
2534 return XLAT_ACTION_DONE;
2535}
2536
2537static xlat_arg_parser_t const xlat_func_md5_arg[] = {
2538 { .concat = true, .type = FR_TYPE_OCTETS },
2539 XLAT_ARG_PARSER_TERMINATOR
2540};
2541
2542/** Calculate the MD5 hash of a string or attribute.
2543 *
2544 * Example:
2545@verbatim
2546%md5("foo") == "acbd18db4cc2f85cedef654fccc4a4d8"
2547@endverbatim
2548 *
2549 * @ingroup xlat_functions
2550 */
2551static xlat_action_t xlat_func_md5(TALLOC_CTX *ctx, fr_dcursor_t *out,
2552 UNUSED xlat_ctx_t const *xctx,
2553 UNUSED request_t *request, fr_value_box_list_t *args)
2554{
2555 uint8_t digest[MD5_DIGEST_LENGTH];
2556 fr_value_box_t *vb;
2557 fr_value_box_t *in_head;
2558
2559 XLAT_ARGS(args, &in_head);
2560
2561 if (in_head) {
2562 fr_md5_calc(digest, in_head->vb_octets, in_head->vb_length);
2563 } else {
2564 /* Digest of empty string */
2565 fr_md5_calc(digest, NULL, 0);
2566 }
2567
2568 MEM(vb = fr_value_box_alloc_null(ctx));
2569 fr_value_box_memdup(vb, vb, NULL, digest, sizeof(digest), false);
2570
2571 fr_dcursor_append(out, vb);
2572
2573 return XLAT_ACTION_DONE;
2574}
2575
2576
2577/** Encode attributes as a series of string attribute/value pairs
2578 *
2579 * This is intended to serialize one or more attributes as a comma
2580 * delimited string.
2581 *
2582 * Example:
2583@verbatim
2584%pairs.print(request.[*]) == 'User-Name = "foo"User-Password = "bar"'
2585%concat(%pairs.print.print(request.[*]), ', ') == 'User-Name = "foo", User-Password = "bar"'
2586@endverbatim
2587 *
2588 * @see #xlat_func_concat
2589 *
2590 * @ingroup xlat_functions
2591 */
2592static xlat_action_t xlat_func_pairs_print(TALLOC_CTX *ctx, fr_dcursor_t *out,
2593 UNUSED xlat_ctx_t const *xctx,
2594 request_t *request, fr_value_box_list_t *args)
2595{
2596 fr_pair_t *vp;
2597 fr_dcursor_t *cursor;
2598 fr_value_box_t *vb;
2599 fr_value_box_t *in_head;
2600
2601 XLAT_ARGS(args, &in_head);
2602
2603 cursor = fr_value_box_get_cursor(in_head);
2604
2605 for (vp = fr_dcursor_current(cursor);
2606 vp;
2607 vp = fr_dcursor_next(cursor)) {
2608 char *buff;
2609
2610 MEM(vb = fr_value_box_alloc_null(ctx));
2611 if (unlikely(fr_pair_aprint(vb, &buff, NULL, vp) < 0)) {
2612 RPEDEBUG("Failed printing pair");
2613 talloc_free(vb);
2614 return XLAT_ACTION_FAIL;
2615 }
2616
2617 fr_value_box_bstrdup_buffer_shallow(NULL, vb, NULL, buff, false);
2618 fr_dcursor_append(out, vb);
2619
2620 VALUE_BOX_VERIFY(vb);
2621 }
2622
2623 return XLAT_ACTION_DONE;
2624}
2625
2626static xlat_arg_parser_t const xlat_func_rand_arg[] = {
2627 { .required = true, .single = true, .type = FR_TYPE_UINT32 },
2628 XLAT_ARG_PARSER_TERMINATOR
2629};
2630
2631/** Generate a random integer value
2632 *
2633 * For "N = %rand(MAX)", 0 <= N < MAX
2634 *
2635 * Example:
2636@verbatim
2637%rand(100) == 42
2638@endverbatim
2639 *
2640 * @ingroup xlat_functions
2641 */
2642static xlat_action_t xlat_func_rand(TALLOC_CTX *ctx, fr_dcursor_t *out,
2643 UNUSED xlat_ctx_t const *xctx,
2644 UNUSED request_t *request, fr_value_box_list_t *in)
2645{
2646 int64_t result;
2647 fr_value_box_t *vb;
2648 fr_value_box_t *in_head = fr_value_box_list_head(in);
2649
2650 result = in_head->vb_uint32;
2651
2652 /* Make sure it isn't too big */
2653 if (result > (1 << 30)) result = (1 << 30);
2654
2655 result *= fr_rand(); /* 0..2^32-1 */
2656 result >>= 32;
2657
2658 MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_UINT64, NULL));
2659 vb->vb_uint64 = result;
2660
2661 fr_dcursor_append(out, vb);
2662
2663 return XLAT_ACTION_DONE;
2664}
2665
2666static xlat_arg_parser_t const xlat_func_randstr_arg[] = {
2667 { .required = true, .concat = true, .type = FR_TYPE_STRING },
2668 XLAT_ARG_PARSER_TERMINATOR
2669};
2670
2671/** Generate a string of random chars
2672 *
2673 * Build strings of random chars, useful for generating tokens and passcodes
2674 * Format similar to String::Random.
2675 *
2676 * Format characters may include the following, and may be
2677 * preceded by a repetition count:
2678 * - "c" lowercase letters
2679 * - "C" uppercase letters
2680 * - "n" numbers
2681 * - "a" alphanumeric
2682 * - "!" punctuation
2683 * - "." alphanumeric + punctuation
2684 * - "s" alphanumeric + "./"
2685 * - "o" characters suitable for OTP (easily confused removed)
2686 * - "b" binary data
2687 *
2688 * Example:
2689@verbatim
2690%randstr("CCCC!!cccnnn") == "IPFL>{saf874"
2691%randstr("42o") == "yHdupUwVbdHprKCJRYfGbaWzVwJwUXG9zPabdGAhM9"
2692%hex(%randstr("bbbb")) == "a9ce04f3"
2693%hex(%randstr("8b")) == "fe165529f9f66839"
2694@endverbatim
2695 * @ingroup xlat_functions
2696 */
2697static xlat_action_t xlat_func_randstr(TALLOC_CTX *ctx, fr_dcursor_t *out,
2698 UNUSED xlat_ctx_t const *xctx,
2699 request_t *request, fr_value_box_list_t *args)
2700{
2701 /*
2702 * Lookup tables for randstr char classes
2703 */
2704 static char randstr_punc[] = "!\"#$%&'()*+,-./:;<=>?@[\\]^_`{|}~";
2705 static char randstr_salt[] = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmopqrstuvwxyz/.";
2706
2707 /*
2708 * Characters humans rarely confuse. Reduces char set considerably
2709 * should only be used for things such as one time passwords.
2710 */
2711 static char randstr_otp[] = "469ACGHJKLMNPQRUVWXYabdfhijkprstuvwxyz";
2712
2713 char const *p, *start, *end;
2714 char *endptr;
2715 char *buff_p;
2716 unsigned int result;
2717 unsigned int reps;
2718 size_t outlen = 0;
2719 fr_value_box_t* vb;
2720 fr_value_box_t *in_head;
2721
2722 XLAT_ARGS(args, &in_head);
2723
2724 /** Max repetitions of a single character class
2725 *
2726 */
2727#define REPETITION_MAX 1024
2728
2729 start = p = in_head->vb_strvalue;
2730 end = p + in_head->vb_length;
2731
2732 /*
2733 * Calculate size of output
2734 */
2735 while (p < end) {
2736 /*
2737 * Repetition modifiers.
2738 *
2739 * We limit it to REPETITION_MAX, because we don't want
2740 * utter stupidity.
2741 */
2742 if (isdigit((uint8_t) *p)) {
2743 reps = strtol(p, &endptr, 10);
2744 if (reps > REPETITION_MAX) reps = REPETITION_MAX;
2745 outlen += reps;
2746 p = endptr;
2747 } else {
2748 outlen++;
2749 }
2750 p++;
2751 }
2752
2753 MEM(vb = fr_value_box_alloc_null(ctx));
2754 MEM(fr_value_box_bstr_alloc(vb, &buff_p, vb, NULL, outlen, false) == 0);
2755
2756 /* Reset p to start position */
2757 p = start;
2758
2759 while (p < end) {
2760 size_t i;
2761
2762 if (isdigit((uint8_t) *p)) {
2763 reps = strtol(p, &endptr, 10);
2764 if (reps > REPETITION_MAX) {
2765 reps = REPETITION_MAX;
2766 RMARKER(L_WARN, L_DBG_LVL_2, start, p - start,
2767 "Forcing repetition to %u", (unsigned int)REPETITION_MAX);
2768 }
2769 p = endptr;
2770 } else {
2771 reps = 1;
2772 }
2773
2774 for (i = 0; i < reps; i++) {
2775 result = fr_rand();
2776 switch (*p) {
2777 /*
2778 * Lowercase letters
2779 */
2780 case 'c':
2781 *buff_p++ = 'a' + (result % 26);
2782 break;
2783
2784 /*
2785 * Uppercase letters
2786 */
2787 case 'C':
2788 *buff_p++ = 'A' + (result % 26);
2789 break;
2790
2791 /*
2792 * Numbers
2793 */
2794 case 'n':
2795 *buff_p++ = '0' + (result % 10);
2796 break;
2797
2798 /*
2799 * Alpha numeric
2800 */
2801 case 'a':
2802 *buff_p++ = randstr_salt[result % (sizeof(randstr_salt) - 3)];
2803 break;
2804
2805 /*
2806 * Punctuation
2807 */
2808 case '!':
2809 *buff_p++ = randstr_punc[result % (sizeof(randstr_punc) - 1)];
2810 break;
2811
2812 /*
2813 * Alpha numeric + punctuation
2814 */
2815 case '.':
2816 *buff_p++ = '!' + (result % 95);
2817 break;
2818
2819 /*
2820 * Alpha numeric + salt chars './'
2821 */
2822 case 's':
2823 *buff_p++ = randstr_salt[result % (sizeof(randstr_salt) - 1)];
2824 break;
2825
2826 /*
2827 * Chars suitable for One Time Password tokens.
2828 * Alpha numeric with easily confused char pairs removed.
2829 */
2830 case 'o':
2831 *buff_p++ = randstr_otp[result % (sizeof(randstr_otp) - 1)];
2832 break;
2833
2834 /*
2835 * Binary data - Copy between 1-4 bytes at a time
2836 */
2837 case 'b':
2838 {
2839 size_t copy = (reps - i) > sizeof(result) ? sizeof(result) : reps - i;
2840
2841 memcpy(buff_p, (uint8_t *)&result, copy);
2842 buff_p += copy;
2843 i += (copy - 1); /* Loop +1 */
2844 }
2845 break;
2846
2847 default:
2848 REDEBUG("Invalid character class '%c'", *p);
2849 talloc_free(vb);
2850
2851 return XLAT_ACTION_FAIL;
2852 }
2853 }
2854
2855 p++;
2856 }
2857
2858 *buff_p++ = '\0';
2859
2860 fr_dcursor_append(out, vb);
2861
2862 return XLAT_ACTION_DONE;
2863}
2864
2865/** Convert a UUID in an array of uint32_t to the conventional string representation.
2866 */
2867static int uuid_print_vb(fr_value_box_t *vb, uint32_t vals[4])
2868{
2869 char buffer[36];
2870 int i, j = 0;
2871
2872#define UUID_CHARS(_v, _num) for (i = 0; i < _num; i++) { \
2873 buffer[j++] = fr_base16_alphabet_encode_lc[(uint8_t)((vals[_v] & 0xf0000000) >> 28)]; \
2874 vals[_v] = vals[_v] << 4; \
2875 }
2876
2877 UUID_CHARS(0, 8)
2878 buffer[j++] = '-';
2879 UUID_CHARS(1, 4)
2880 buffer[j++] = '-';
2881 UUID_CHARS(1, 4);
2882 buffer[j++] = '-';
2883 UUID_CHARS(2, 4);
2884 buffer[j++] = '-';
2885 UUID_CHARS(2, 4);
2886 UUID_CHARS(3, 8);
2887
2888 return fr_value_box_bstrndup(vb, vb, NULL, buffer, sizeof(buffer), false);
2889}
2890
2891static inline void uuid_set_version(uint32_t vals[4], uint8_t version)
2892{
2893 /*
2894 * The version is indicated by the upper 4 bits of byte 7 - the 3rd byte of vals[1]
2895 */
2896 vals[1] = (vals[1] & 0xffff0fff) | (((uint32_t)version & 0x0f) << 12);
2897}
2898
2899static inline void uuid_set_variant(uint32_t vals[4], uint8_t variant)
2900{
2901 /*
2902 * The variant is indicated by the first 1, 2 or 3 bits of byte 9
2903 * The number of bits is determined by the variant.
2904 */
2905 switch (variant) {
2906 case 0:
2907 vals[2] = vals[2] & 0x7fffffff;
2908 break;
2909
2910 case 1:
2911 vals[2] = (vals[2] & 0x3fffffff) | 0x80000000;
2912 break;
2913
2914 case 2:
2915 vals[2] = (vals[2] & 0x3fffffff) | 0xc0000000;
2916 break;
2917
2918 case 3:
2919 vals[2] = vals[2] | 0xe0000000;
2920 break;
2921 }
2922}
2923
2924/** Generate a version 4 UUID
2925 *
2926 * Version 4 UUIDs are all random except the version and variant fields
2927 *
2928 * Example:
2929@verbatim
2930%uuid.v4 == "cba48bda-641c-42ae-8173-d97aa04f888a"
2931@endverbatim
2932 * @ingroup xlat_functions
2933 */
2934static xlat_action_t xlat_func_uuid_v4(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx,
2935 UNUSED request_t *request, UNUSED fr_value_box_list_t *args)
2936{
2937 fr_value_box_t *vb;
2938 uint32_t vals[4];
2939 int i;
2940
2941 MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_STRING, NULL));
2942
2943 /*
2944 * A type 4 UUID is all random except a few bits.
2945 * Start with 128 bits of random.
2946 */
2947 for (i = 0; i < 4; i++) vals[i] = fr_rand();
2948
2949 /*
2950 * Set the version and variant fields
2951 */
2952 uuid_set_version(vals, 4);
2953 uuid_set_variant(vals, 1);
2954
2955 if (uuid_print_vb(vb, vals) < 0) {
2956 talloc_free(vb);
2957 return XLAT_ACTION_FAIL;
2958 }
2959
2960 fr_dcursor_append(out, vb);
2961 return XLAT_ACTION_DONE;
2962}
2963
2964/** Generate a version 7 UUID
2965 *
2966 * Version 7 UUIDs use 48 bits of unix millisecond epoch and 74 bits of random
2967 *
2968 * Example:
2969@verbatim
2970%uuid.v7 == "019a58d8-8524-7342-aa07-c0fa2bba6a4e"
2971@endverbatim
2972 * @ingroup xlat_functions
2973 */
2974static xlat_action_t xlat_func_uuid_v7(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx,
2975 UNUSED request_t *request, UNUSED fr_value_box_list_t *args)
2976{
2977 fr_value_box_t *vb;
2978 uint32_t vals[4];
2979 int i;
2980 uint64_t now;
2981
2982 MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_STRING, NULL));
2983
2984 /*
2985 * A type 7 UUID has random data from bit 48
2986 * Start with random from bit 32 - since fr_rand is uint32
2987 */
2988 for (i = 1; i < 4; i++) vals[i] = fr_rand();
2989
2990 /*
2991 * The millisecond epoch fills the first 48 bits
2992 */
2993 now = fr_time_to_msec(fr_time());
2994 now = now << 16;
2995 vals[0] = now >> 32;
2996 vals[1] = (vals[1] & 0x0000ffff) | (now & 0xffff0000);
2997
2998 /*
2999 * Set the version and variant fields
3000 */
3001 uuid_set_version(vals, 7);
3002 uuid_set_variant(vals, 1);
3003
3004 if (uuid_print_vb(vb, vals) < 0) return XLAT_ACTION_FAIL;
3005
3006 fr_dcursor_append(out, vb);
3007 return XLAT_ACTION_DONE;
3008}
3009
3010static xlat_arg_parser_t const xlat_func_range_arg[] = {
3011 { .required = true, .type = FR_TYPE_UINT64 },
3012 { .required = false, .type = FR_TYPE_UINT64 },
3013 { .required = false, .type = FR_TYPE_UINT64 },
3014 XLAT_ARG_PARSER_TERMINATOR
3015};
3016
3017/** Generate a range of uint64 numbers
3018 *
3019 * Example:
3020@verbatim
3021%range(end) - 0..end
3022%rang(start, end)
3023%range(start,end, step)
3024@endverbatim
3025 * @ingroup xlat_functions
3026 */
3027static xlat_action_t xlat_func_range(TALLOC_CTX *ctx, fr_dcursor_t *out,
3028 UNUSED xlat_ctx_t const *xctx,
3029 request_t *request, fr_value_box_list_t *args)
3030{
3031 fr_value_box_t *start_vb, *end_vb, *step_vb;
3032 fr_value_box_t *dst;
3033 uint64_t i, start, end, step;
3034
3035 XLAT_ARGS(args, &start_vb, &end_vb, &step_vb);
3036
3037 /*
3038 * Explicit `null` for an optional arg is equivalent to the
3039 * arg being absent. The vb_group field on an FR_TYPE_NULL
3040 * box is zeroed, so list_head() would return NULL and the
3041 * downstream `->vb_uint64` would dereference NULL.
3042 */
3043 if (end_vb && fr_type_is_null(end_vb->type)) end_vb = NULL;
3044 if (step_vb && fr_type_is_null(step_vb->type)) step_vb = NULL;
3045
3046 if (step_vb) {
3047 if (!end_vb) {
3048 REDEBUG("Invalid range - 'end' cannot be null when 'step' is provided");
3049 return XLAT_ACTION_FAIL;
3050 }
3051
3052 start = fr_value_box_list_head(&start_vb->vb_group)->vb_uint64;
3053 end = fr_value_box_list_head(&end_vb->vb_group)->vb_uint64;
3054 step = fr_value_box_list_head(&step_vb->vb_group)->vb_uint64;
3055
3056 } else if (end_vb) {
3057 start = fr_value_box_list_head(&start_vb->vb_group)->vb_uint64;
3058 end = fr_value_box_list_head(&end_vb->vb_group)->vb_uint64;
3059 step = 1;
3060
3061 } else {
3062 start = 0;
3063 end = fr_value_box_list_head(&start_vb->vb_group)->vb_uint64;
3064 step = 1;
3065 }
3066
3067 if (end <= start) {
3068 REDEBUG("Invalid range - 'start' must be less than 'end'");
3069 return XLAT_ACTION_FAIL;
3070 }
3071
3072 if (!step) {
3073 REDEBUG("Invalid range - 'step' must be greater than zero");
3074 return XLAT_ACTION_FAIL;
3075 }
3076
3077 if (step > (end - start)) {
3078 REDEBUG("Invalid range - 'step' must allow for at least one result");
3079 return XLAT_ACTION_FAIL;
3080 }
3081
3082 if (((end - start) / step) > 1000) {
3083 REDEBUG("Invalid range - Too many results");
3084 return XLAT_ACTION_FAIL;
3085 }
3086
3087 for (i = start; i < end; i += step) {
3088 MEM(dst = fr_value_box_alloc(ctx, FR_TYPE_UINT64, NULL));
3089 dst->vb_uint64 = i;
3090 fr_dcursor_append(out, dst);
3091 }
3092
3093 return XLAT_ACTION_DONE;
3094}
3095
3096static int CC_HINT(nonnull(2,3)) regex_xlat_escape(UNUSED request_t *request, fr_value_box_t *vb, UNUSED void *uctx)
3097{
3098 ssize_t slen;
3099 fr_sbuff_t *out = NULL;
3100 fr_value_box_entry_t entry;
3101
3102 FR_SBUFF_TALLOC_THREAD_LOCAL(&out, 256, 4096);
3103
3104 slen = fr_value_box_print(out, vb, &regex_escape_rules);
3105 if (slen < 0) return -1;
3106
3107 entry = vb->entry;
3108 fr_value_box_clear(vb);
3109 (void) fr_value_box_bstrndup(vb, vb, NULL, fr_sbuff_start(out), fr_sbuff_used(out), false);
3110 vb->entry = entry;
3111
3112 return 0;
3113}
3114
3119
3120
3121/** Get named subcapture value from previous regex
3122 *
3123 * Example:
3124@verbatim
3125if ("foo" =~ /^(?<name>.*)/) {
3126 noop
3127}
3128%regex.match(name) == "foo"
3129@endverbatim
3130 *
3131 * @ingroup xlat_functions
3132 */
3133static xlat_action_t xlat_func_regex(TALLOC_CTX *ctx, fr_dcursor_t *out,
3134 UNUSED xlat_ctx_t const *xctx,
3135 request_t *request, fr_value_box_list_t *in)
3136{
3137 fr_value_box_t *in_head = fr_value_box_list_head(in);
3138
3139 /*
3140 * Find the first child of the first argument group
3141 */
3142 fr_value_box_t *arg = fr_value_box_list_head(&in_head->vb_group);
3143
3144 /*
3145 * Return the complete capture if no other capture is specified
3146 */
3147 if (!arg) {
3148 fr_value_box_t *vb;
3149
3150 MEM(vb = fr_value_box_alloc_null(ctx));
3151 if (regex_request_to_sub(vb, vb, request, 0) < 0) {
3152 REDEBUG2("No previous regex capture");
3153 talloc_free(vb);
3154 return XLAT_ACTION_FAIL;
3155 }
3156
3157 fr_dcursor_append(out, vb);
3158
3159 return XLAT_ACTION_DONE;
3160 }
3161
3162 switch (arg->type) {
3163 /*
3164 * If the input is an integer value then get an
3165 * arbitrary subcapture index.
3166 */
3167 case FR_TYPE_NUMERIC:
3168 {
3169 fr_value_box_t idx;
3170 fr_value_box_t *vb;
3171
3172 if (fr_value_box_list_next(in, in_head)) {
3173 REDEBUG("Only one subcapture argument allowed");
3174 return XLAT_ACTION_FAIL;
3175 }
3176
3177 if (fr_value_box_cast(NULL, &idx, FR_TYPE_UINT32, NULL, arg) < 0) {
3178 RPEDEBUG("Bad subcapture index");
3179 return XLAT_ACTION_FAIL;
3180 }
3181
3182 MEM(vb = fr_value_box_alloc_null(ctx));
3183 if (regex_request_to_sub(vb, vb, request, idx.vb_uint32) < 0) {
3184 REDEBUG2("No previous numbered regex capture group '%u'", idx.vb_uint32);
3185 talloc_free(vb);
3186 return XLAT_ACTION_DONE;
3187 }
3188 fr_dcursor_append(out, vb);
3189
3190 return XLAT_ACTION_DONE;
3191 }
3192
3193 default:
3194#if defined(HAVE_REGEX_PCRE) || defined(HAVE_REGEX_PCRE2)
3195 {
3196 fr_value_box_t *vb;
3197
3198 /*
3199 * Concatenate all input
3200 */
3201 if (fr_value_box_list_concat_in_place(ctx,
3202 arg, &in_head->vb_group, FR_TYPE_STRING,
3203 FR_VALUE_BOX_LIST_FREE, true,
3204 SIZE_MAX) < 0) {
3205 RPEDEBUG("Failed concatenating input");
3206 return XLAT_ACTION_FAIL;
3207 }
3208
3209 MEM(vb = fr_value_box_alloc_null(ctx));
3210 if (regex_request_to_sub_named(vb, vb, request, arg->vb_strvalue) < 0) {
3211 REDEBUG2("No previous named regex capture group '%s'", arg->vb_strvalue);
3212 talloc_free(vb);
3213 return XLAT_ACTION_DONE; /* NOT an error, just an empty result */
3214 }
3215 fr_dcursor_append(out, vb);
3216
3217 return XLAT_ACTION_DONE;
3218 }
3219#else
3220 RDEBUG("Named regex captures are not supported (they require libpcre2)");
3221 return XLAT_ACTION_FAIL;
3222#endif
3223 }
3224}
3225
3226static xlat_arg_parser_t const xlat_func_sha_arg[] = {
3227 { .concat = true, .type = FR_TYPE_OCTETS },
3228 XLAT_ARG_PARSER_TERMINATOR
3229};
3230
3231/** Calculate the SHA1 hash of a string or attribute.
3232 *
3233 * Example:
3234@verbatim
3235%sha1(foo) == "0beec7b5ea3f0fdbc95d0dd47f3c5bc275da8a33"
3236@endverbatim
3237 *
3238 * @ingroup xlat_functions
3239 */
3240static xlat_action_t xlat_func_sha1(TALLOC_CTX *ctx, fr_dcursor_t *out,
3241 UNUSED xlat_ctx_t const *xctx,
3242 UNUSED request_t *request, fr_value_box_list_t *args)
3243{
3244 uint8_t digest[SHA1_DIGEST_LENGTH];
3245 fr_sha1_ctx sha1_ctx;
3246 fr_value_box_t *vb;
3247 fr_value_box_t *in_head;
3248
3249 XLAT_ARGS(args, &in_head);
3250
3251 fr_sha1_init(&sha1_ctx);
3252 if (in_head) {
3253 fr_sha1_update(&sha1_ctx, in_head->vb_octets, in_head->vb_length);
3254 } else {
3255 /* sha1 of empty string */
3256 fr_sha1_update(&sha1_ctx, NULL, 0);
3257 }
3258 fr_sha1_final(digest, &sha1_ctx);
3259
3260 MEM(vb = fr_value_box_alloc_null(ctx));
3261 fr_value_box_memdup(vb, vb, NULL, digest, sizeof(digest), false);
3262
3263 fr_dcursor_append(out, vb);
3264
3265 return XLAT_ACTION_DONE;
3266}
3267
3268/** Calculate any digest supported by OpenSSL EVP_MD
3269 *
3270 * Example:
3271@verbatim
3272%sha2_256(foo) == "0beec7b5ea3f0fdbc95d0dd47f3c5bc275da8a33"
3273@endverbatim
3274 *
3275 * @ingroup xlat_functions
3276 */
3277#ifdef HAVE_OPENSSL_EVP_H
3278static xlat_action_t xlat_evp_md(TALLOC_CTX *ctx, fr_dcursor_t *out,
3279 UNUSED xlat_ctx_t const *xctx,
3280 UNUSED request_t *request, fr_value_box_list_t *args, EVP_MD const *md)
3281{
3282 uint8_t digest[EVP_MAX_MD_SIZE];
3283 unsigned int digestlen;
3284 EVP_MD_CTX *md_ctx;
3285 fr_value_box_t *vb;
3286 fr_value_box_t *in_head;
3287
3288 XLAT_ARGS(args, &in_head);
3289
3290 md_ctx = EVP_MD_CTX_create();
3291 EVP_DigestInit_ex(md_ctx, md, NULL);
3292 if (in_head) {
3293 EVP_DigestUpdate(md_ctx, in_head->vb_octets, in_head->vb_length);
3294 } else {
3295 EVP_DigestUpdate(md_ctx, NULL, 0);
3296 }
3297 EVP_DigestFinal_ex(md_ctx, digest, &digestlen);
3298 EVP_MD_CTX_destroy(md_ctx);
3299
3300 MEM(vb = fr_value_box_alloc_null(ctx));
3301 fr_value_box_memdup(vb, vb, NULL, digest, digestlen, false);
3302
3303 fr_dcursor_append(out, vb);
3304
3305 return XLAT_ACTION_DONE;
3306}
3307
3308# define EVP_MD_XLAT(_md, _md_func) \
3309static xlat_action_t xlat_func_##_md(TALLOC_CTX *ctx, fr_dcursor_t *out,\
3310 xlat_ctx_t const *xctx, \
3311 request_t *request,\
3312 fr_value_box_list_t *in)\
3313{\
3314 return xlat_evp_md(ctx, out, xctx, request, in, EVP_##_md_func());\
3315}
3316
3317EVP_MD_XLAT(sha2_224, sha224)
3318EVP_MD_XLAT(sha2_256, sha256)
3319EVP_MD_XLAT(sha2_384, sha384)
3320EVP_MD_XLAT(sha2_512, sha512)
3321
3322/*
3323 * OpenWRT's OpenSSL library doesn't contain these by default
3324 */
3325#ifdef HAVE_EVP_BLAKE2S256
3326EVP_MD_XLAT(blake2s_256, blake2s256)
3327#endif
3328
3329#ifdef HAVE_EVP_BLAKE2B512
3330EVP_MD_XLAT(blake2b_512, blake2b512)
3331#endif
3332
3333EVP_MD_XLAT(sha3_224, sha3_224)
3334EVP_MD_XLAT(sha3_256, sha3_256)
3335EVP_MD_XLAT(sha3_384, sha3_384)
3336EVP_MD_XLAT(sha3_512, sha3_512)
3337#endif
3338
3339
3340static xlat_arg_parser_t const xlat_func_string_arg[] = {
3341 { .required = true, .concat = true, .type = FR_TYPE_STRING },
3342 XLAT_ARG_PARSER_TERMINATOR
3343};
3344
3345static xlat_arg_parser_t const xlat_func_strlen_arg[] = {
3346 { .concat = true, .type = FR_TYPE_STRING },
3347 XLAT_ARG_PARSER_TERMINATOR
3348};
3349
3350/** Print length of given string
3351 *
3352 * Example:
3353@verbatim
3354%strlen(foo) == 3
3355@endverbatim
3356 *
3357 * @see #xlat_func_length
3358 *
3359 * @ingroup xlat_functions
3360 */
3361static xlat_action_t xlat_func_strlen(TALLOC_CTX *ctx, fr_dcursor_t *out,
3362 UNUSED xlat_ctx_t const *xctx,
3363 UNUSED request_t *request, fr_value_box_list_t *args)
3364{
3365 fr_value_box_t *vb;
3366 fr_value_box_t *in_head;
3367
3368 XLAT_ARGS(args, &in_head);
3369
3370 MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_SIZE, NULL));
3371
3372 if (!in_head) {
3373 vb->vb_size = 0;
3374 } else {
3375 vb->vb_size = strlen(in_head->vb_strvalue);
3376 }
3377
3378 fr_dcursor_append(out, vb);
3379
3380 return XLAT_ACTION_DONE;
3381}
3382
3383static xlat_arg_parser_t const xlat_func_str_printable_arg[] = {
3384 { .concat = true, .type = FR_TYPE_STRING, .required = true, },
3385 { .single = true, .type = FR_TYPE_BOOL },
3386 XLAT_ARG_PARSER_TERMINATOR
3387};
3388
3389/** Return whether a string has only printable chars
3390 *
3391 * This function returns true if the input string contains UTF8 sequences and printable chars.
3392 *
3393 * @note "\t" and " " are considered unprintable chars, unless the second argument(relaxed) is true.
3394 *
3395 * Example:
3396@verbatim
3397%str.printable("🍉abcdef🍓") == true
3398%str.printable("\000\n\r\t") == false
3399%str.printable("\t abcd", yes) == true
3400@endverbatim
3401 *
3402 * @ingroup xlat_functions
3403 */
3404static xlat_action_t xlat_func_str_printable(TALLOC_CTX *ctx, fr_dcursor_t *out,
3405 UNUSED xlat_ctx_t const *xctx,
3406 UNUSED request_t *request, fr_value_box_list_t *args)
3407{
3408 fr_value_box_t *vb;
3409 fr_value_box_t *str;
3410 fr_value_box_t *relaxed_vb;
3411 uint8_t const *p, *end;
3412 bool relaxed = false;
3413
3414 XLAT_ARGS(args, &str, &relaxed_vb);
3415
3416 if (relaxed_vb) relaxed = relaxed_vb->vb_bool;
3417
3418 p = (uint8_t const *)str->vb_strvalue;
3419 end = p + str->vb_length;
3420
3421 MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_BOOL, NULL));
3422 fr_dcursor_append(out, vb);
3423 vb->vb_bool = false;
3424
3425 do {
3426 size_t clen;
3427
3428 if ((*p < '!') &&
3429 (!relaxed || ((*p != '\t') && (*p != ' ')))) return XLAT_ACTION_DONE;
3430
3431 if (*p == 0x7f) return XLAT_ACTION_DONE;
3432
3433 clen = fr_utf8_char(p, end - p);
3434 if (clen == 0) return XLAT_ACTION_DONE;
3435 p += clen;
3436 } while (p < end);
3437
3438 vb->vb_bool = true;
3439
3440 return XLAT_ACTION_DONE;
3441}
3442
3443static xlat_arg_parser_t const xlat_func_str_utf8_arg[] = {
3444 { .concat = true, .type = FR_TYPE_STRING },
3445 XLAT_ARG_PARSER_TERMINATOR
3446};
3447
3448/** Return whether a string is valid UTF-8
3449 *
3450 * This function returns true if the input string is valid UTF-8, false otherwise.
3451 *
3452 * Example:
3453@verbatim
3454%str.utf8(🍉🥝🍓) == true
3455%str.utf8(🍉\xff🍓) == false
3456@endverbatim
3457 *
3458 * @ingroup xlat_functions
3459 */
3460static xlat_action_t xlat_func_str_utf8(TALLOC_CTX *ctx, fr_dcursor_t *out,
3461 UNUSED xlat_ctx_t const *xctx,
3462 UNUSED request_t *request, fr_value_box_list_t *args)
3463{
3464 fr_value_box_t *vb;
3465 fr_value_box_t *in_head;
3466
3467 XLAT_ARGS(args, &in_head);
3468
3469 if (!in_head) return XLAT_ACTION_FAIL;
3470
3471 MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_BOOL, NULL));
3472 vb->vb_bool = (fr_utf8_str((uint8_t const *)in_head->vb_strvalue,
3473 in_head->vb_length) >= 0);
3474
3475 fr_dcursor_append(out, vb);
3476
3477 return XLAT_ACTION_DONE;
3478}
3479
3480static xlat_arg_parser_t const xlat_func_substr_args[] = {
3481 { .single = true, .required = true, .type = FR_TYPE_VOID },
3482 { .single = true, .required = true, .type = FR_TYPE_INT32 },
3483 { .single = true, .type = FR_TYPE_INT32 },
3484 XLAT_ARG_PARSER_TERMINATOR
3485};
3486
3487/** Extract a substring from string / octets data
3488 *
3489 * Non string / octets data is cast to a string.
3490 *
3491 * Second parameter is start position, optional third parameter is length
3492 * Negative start / length count from RHS of data.
3493 *
3494 * Example: (User-Name = "hello")
3495@verbatim
3496%substr(&User-Name, 1, 3) == 'ell'
3497@endverbatim
3498 *
3499 * @ingroup xlat_functions
3500 */
3501static xlat_action_t xlat_func_substr(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx,
3502 request_t *request, fr_value_box_list_t *args)
3503{
3504 fr_value_box_t *in = NULL, *start_vb, *len_vb, *vb;
3505 int32_t start, end, len;
3506
3507 XLAT_ARGS(args, &in, &start_vb, &len_vb);
3508
3509 switch (in->type) {
3510 case FR_TYPE_OCTETS:
3511 case FR_TYPE_STRING:
3512 break;
3513
3514 default:
3515 if (fr_value_box_cast_in_place(in, in, FR_TYPE_STRING, NULL) < 0) {
3516 RPEDEBUG("Failed casting value to string");
3517 return XLAT_ACTION_FAIL;
3518 }
3519 break;
3520 }
3521
3522 if (start_vb->vb_int32 > (int32_t)in->vb_length) return XLAT_ACTION_DONE;
3523
3524 if (start_vb->vb_int32 < 0) {
3525 start = in->vb_length + start_vb->vb_int32;
3526 if (start < 0) start = 0;
3527 } else {
3528 start = start_vb->vb_int32;
3529 }
3530
3531 if (len_vb) {
3532 if (len_vb->vb_int32 < 0) {
3533 end = in->vb_length + len_vb->vb_int32;
3534 if (end < 0) return XLAT_ACTION_DONE;
3535 } else {
3536 end = start + len_vb->vb_int32;
3537 if (end > (int32_t)in->vb_length) end = in->vb_length;
3538 }
3539 } else {
3540 end = in->vb_length;
3541 }
3542
3543 if (start >= end) return XLAT_ACTION_DONE;
3544
3545 MEM(vb = fr_value_box_alloc(ctx, in->type, NULL));
3546
3547 len = end - start;
3548 switch (in->type) {
3549 case FR_TYPE_STRING:
3550 fr_value_box_bstrndup(vb, vb, NULL, &in->vb_strvalue[start], len, false);
3551 break;
3552 case FR_TYPE_OCTETS:
3553 {
3554 uint8_t *buf;
3555 fr_value_box_mem_alloc(vb, &buf, vb, NULL, len, false);
3556 memcpy(buf, &in->vb_octets[start], len);
3557 }
3558 break;
3559
3560 default: /* 'in' was cast to #FR_TYPE_STRING */
3561 fr_assert(0);
3562 }
3563
3564 fr_value_box_safety_copy(vb, in);
3565 fr_dcursor_append(out, vb);
3566
3567 return XLAT_ACTION_DONE;
3568}
3569
3570#ifdef HAVE_REGEX_PCRE2
3571/** Cache statically compiled expressions
3572 */
3573typedef struct {
3574 regex_t *pattern;
3575 fr_regex_flags_t flags;
3576} xlat_subst_regex_inst_t;
3577
3578/** Pre-compile regexes where possible
3579 */
3580static int xlat_instantiate_subst_regex(xlat_inst_ctx_t const *xctx)
3581{
3582 xlat_subst_regex_inst_t *inst = talloc_get_type_abort(xctx->inst, xlat_subst_regex_inst_t);
3583 xlat_exp_t *patt_exp;
3584 fr_sbuff_t sbuff;
3585 fr_sbuff_marker_t start_m, end_m;
3586
3587 /* args #2 (pattern) */
3588 patt_exp = fr_dlist_next(&xctx->ex->call.args->dlist, fr_dlist_head(&xctx->ex->call.args->dlist));
3589 fr_assert(patt_exp && patt_exp->type == XLAT_GROUP); /* args must be groups */
3590
3591 /* If there are dynamic expansions, we can't pre-compile */
3592 if (!xlat_is_literal(patt_exp->group)) return 0;
3593 fr_assert(fr_dlist_num_elements(&patt_exp->group->dlist) == 1);
3594
3595 patt_exp = fr_dlist_head(&patt_exp->group->dlist);
3596
3597 /* We can only pre-compile strings */
3598 if (!fr_type_is_string(patt_exp->data.type)) return 0;
3599
3600 sbuff = FR_SBUFF_IN(patt_exp->data.vb_strvalue, patt_exp->data.vb_length);
3601
3602 /* skip any whitesapce */
3603 fr_sbuff_adv_past_whitespace(&sbuff, SIZE_MAX, 0);
3604
3605 /* Is the next char a forward slash? */
3606 if (fr_sbuff_next_if_char(&sbuff, '/')) {
3607 fr_slen_t slen;
3608
3609 fr_sbuff_marker(&start_m, &sbuff);
3610
3611 if (!fr_sbuff_adv_to_chr(&sbuff, SIZE_MAX, '/')) return 0; /* Not a regex */
3612
3613 fr_sbuff_marker(&end_m, &sbuff);
3614 fr_sbuff_next(&sbuff); /* skip trailing slash */
3615
3616 if (fr_sbuff_remaining(&sbuff)) {
3617 slen = regex_flags_parse(NULL, &inst->flags,
3618 &sbuff,
3619 NULL, true);
3620 if (slen < 0) {
3621 PERROR("Failed parsing regex flags in \"%s\"", patt_exp->data.vb_strvalue);
3622 return -1;
3623 }
3624 }
3625
3626 if (regex_compile(inst, &inst->pattern,
3627 fr_sbuff_current(&start_m), fr_sbuff_current(&end_m) - fr_sbuff_current(&start_m),
3628 &inst->flags, true, false) <= 0) {
3629 PERROR("Failed compiling regex \"%s\"", patt_exp->data.vb_strvalue);
3630 return -1;
3631 }
3632 }
3633 /* No... then it's not a regex */
3634
3635 return 0;
3636}
3637
3638/** Perform regex substitution TODO CHECK
3639 *
3640 * Called when %subst() pattern begins with "/"
3641 *
3642@verbatim
3643%subst(<subject>, /<regex>/[flags], <replace>)
3644@endverbatim
3645 *
3646 * Example: (User-Name = "foo")
3647@verbatim
3648%subst(%{User-Name}, /oo.*$/, 'un') == "fun"
3649@endverbatim
3650 *
3651 * @note References can be specified in the replacement string with $<ref>
3652 *
3653 * @see #xlat_func_subst
3654 *
3655 * @ingroup xlat_functions
3656 */
3657static int xlat_func_subst_regex(TALLOC_CTX *ctx, fr_dcursor_t *out,
3658 xlat_ctx_t const *xctx, request_t *request,
3659 fr_value_box_list_t *args)
3660{
3661 xlat_subst_regex_inst_t const *inst = talloc_get_type_abort_const(xctx->inst, xlat_subst_regex_inst_t);
3662 fr_sbuff_t sbuff;
3663 fr_sbuff_marker_t start_m, end_m;
3664 char *buff;
3665 ssize_t slen;
3666 regex_t *pattern, *our_pattern = NULL;
3667 fr_regex_flags_t const *flags;
3668 fr_regex_flags_t our_flags = {};
3669 fr_value_box_t *vb;
3670 fr_value_box_t *subject_vb;
3671 fr_value_box_t *regex_vb;
3672 fr_value_box_t *rep_vb;
3673
3674 XLAT_ARGS(args, &subject_vb, &regex_vb, &rep_vb);
3675
3676 /*
3677 * Was not pre-compiled, so we need to compile it now
3678 */
3679 if (!inst->pattern) {
3680 sbuff = FR_SBUFF_IN(regex_vb->vb_strvalue, regex_vb->vb_length);
3681 if (fr_sbuff_len(&sbuff) == 0) {
3682 REDEBUG("Regex must not be empty");
3683 return XLAT_ACTION_FAIL;
3684 }
3685
3686 fr_sbuff_next(&sbuff); /* skip leading slash */
3687 fr_sbuff_marker(&start_m, &sbuff);
3688
3689 if (!fr_sbuff_adv_to_chr(&sbuff, SIZE_MAX, '/')) return 1; /* Not a regex */
3690
3691 fr_sbuff_marker(&end_m, &sbuff);
3692 fr_sbuff_next(&sbuff); /* skip trailing slash */
3693
3694 slen = regex_flags_parse(NULL, &our_flags, &sbuff, NULL, true);
3695 if (slen < 0) {
3696 RPEDEBUG("Failed parsing regex flags");
3697 return -1;
3698 }
3699
3700 /*
3701 * Process the substitution
3702 */
3703 if (regex_compile(NULL, &our_pattern,
3704 fr_sbuff_current(&start_m), fr_sbuff_current(&end_m) - fr_sbuff_current(&start_m),
3705 &our_flags, true, true) <= 0) {
3706 RPEDEBUG("Failed compiling regex");
3707 return -1;
3708 }
3709 pattern = our_pattern;
3710 flags = &our_flags;
3711 } else {
3712 pattern = inst->pattern;
3713 flags = &inst->flags;
3714 }
3715
3716 MEM(vb = fr_value_box_alloc_null(ctx));
3717 if (regex_substitute(vb, &buff, 0, pattern, flags,
3718 subject_vb->vb_strvalue, subject_vb->vb_length,
3719 rep_vb->vb_strvalue, rep_vb->vb_length, NULL) < 0) {
3720 RPEDEBUG("Failed performing substitution");
3721 talloc_free(vb);
3722 talloc_free(pattern);
3723 return -1;
3724 }
3725 fr_value_box_bstrdup_buffer_shallow(NULL, vb, NULL, buff, false);
3726
3727 fr_value_box_safety_copy(vb, subject_vb);
3728 fr_value_box_safety_merge(vb, rep_vb);
3729
3730 fr_dcursor_append(out, vb);
3731
3732 talloc_free(our_pattern);
3733
3734 return 0;
3735}
3736#endif
3737
3738static xlat_arg_parser_t const xlat_func_subst_args[] = {
3739 { .required = true, .concat = true, .type = FR_TYPE_STRING },
3740 { .required = true, .concat = true, .type = FR_TYPE_STRING },
3741 { .required = true, .concat = true, .type = FR_TYPE_STRING },
3742 XLAT_ARG_PARSER_TERMINATOR
3743};
3744
3745/** Perform regex substitution
3746 *
3747@verbatim
3748%subst(<subject>, <pattern>, <replace>)
3749@endverbatim
3750 *
3751 * Example: (User-Name = "foobar")
3752@verbatim
3753%subst(%{User-Name}, 'oo', 'un') == "funbar"
3754@endverbatim
3755 *
3756 * @see xlat_func_subst_regex
3757 *
3758 * @ingroup xlat_functions
3759 */
3760static xlat_action_t xlat_func_subst(TALLOC_CTX *ctx, fr_dcursor_t *out,
3761#ifdef HAVE_REGEX_PCRE2
3762 xlat_ctx_t const *xctx,
3763#else
3764 UNUSED xlat_ctx_t const *xctx,
3765#endif
3766 request_t *request, fr_value_box_list_t *args)
3767{
3768 char const *p, *q, *end;
3769 char *vb_str;
3770
3771 char const *pattern, *rep;
3772 size_t pattern_len, rep_len;
3773
3774 fr_value_box_t *rep_vb, *vb;
3775 fr_value_box_t *subject_vb;
3776 fr_value_box_t *pattern_vb;
3777
3778 XLAT_ARGS(args, &subject_vb, &pattern_vb, &rep_vb);
3779
3780 /* coverity[dereference] */
3781 pattern = pattern_vb->vb_strvalue;
3782 if (*pattern == '/') {
3783#ifdef HAVE_REGEX_PCRE2
3784 switch (xlat_func_subst_regex(ctx, out, xctx, request, args)) {
3785 case 0:
3786 return XLAT_ACTION_DONE;
3787
3788 case 1:
3789 /* Not a regex, fall through */
3790 break;
3791
3792 case -1:
3793 return XLAT_ACTION_FAIL;
3794 }
3795#else
3796 if (memchr(pattern, '/', pattern_vb->vb_length - 1)) {
3797 REDEBUG("regex based substitutions require libpcre2. "
3798 "Check ${features.regex-pcre2} to determine support");
3799 }
3800 return XLAT_ACTION_FAIL;
3801#endif
3802 }
3803
3804 /*
3805 * Check for empty pattern
3806 */
3807 pattern_len = pattern_vb->vb_length;
3808 if (pattern_len == 0) {
3809 REDEBUG("Empty pattern");
3810 return XLAT_ACTION_FAIL;
3811 }
3812
3813 rep = rep_vb->vb_strvalue;
3814 rep_len = rep_vb->vb_length;
3815
3816 p = subject_vb->vb_strvalue;
3817 end = p + subject_vb->vb_length;
3818
3819 MEM(vb = fr_value_box_alloc_null(ctx));
3820 vb_str = talloc_bstrndup(vb, "", 0);
3821
3822 while (p < end) {
3823 q = memmem(p, end - p, pattern, pattern_len);
3824 if (!q) {
3825 MEM(vb_str = talloc_bstr_append(vb, vb_str, p, end - p));
3826 break;
3827 }
3828
3829 if (q > p) MEM(vb_str = talloc_bstr_append(vb, vb_str, p, q - p));
3830 if (rep_len) MEM(vb_str = talloc_bstr_append(vb, vb_str, rep, rep_len));
3831 p = q + pattern_len;
3832 }
3833
3834 if (fr_value_box_bstrdup_buffer_shallow(NULL, vb, NULL, vb_str, false) < 0) {
3835 RPEDEBUG("Failed creating output box");
3836 talloc_free(vb);
3837 return XLAT_ACTION_FAIL;
3838 }
3839
3840 fr_value_box_safety_copy(vb, subject_vb);
3841 fr_value_box_safety_merge(vb, rep_vb);
3842
3843 fr_dcursor_append(out, vb);
3844
3845 return XLAT_ACTION_DONE;
3846}
3847
3848/*
3849 * Debug builds only, we don't want to allow unsanitised inputs to crash the server
3850 */
3851#ifndef NDEBUG
3852static xlat_arg_parser_t const xlat_func_signal_raise_args[] = {
3853 { .single = true, .required = true, .type = FR_TYPE_STRING },
3854 XLAT_ARG_PARSER_TERMINATOR
3855};
3856
3857static xlat_action_t xlat_func_signal_raise(UNUSED TALLOC_CTX *ctx, UNUSED fr_dcursor_t *out,
3858 UNUSED xlat_ctx_t const *xctx, request_t *request,
3859 fr_value_box_list_t *args)
3860{
3861 static fr_table_num_sorted_t const signal_table[] = {
3862 { L("break"), SIGTRAP }, /* Save flailing at the keyboard */
3863 { L("BREAK"), SIGTRAP },
3864 { L("SIGABRT"), SIGABRT },
3865 { L("SIGALRM"), SIGALRM },
3866#ifdef SIGBUS
3867 { L("SIGBUS"), SIGBUS },
3868#endif
3869 { L("SIGCHLD"), SIGCHLD },
3870 { L("SIGCONT"), SIGCONT },
3871 { L("SIGFPE"), SIGFPE },
3872 { L("SIGHUP"), SIGHUP },
3873 { L("SIGILL"), SIGILL },
3874 { L("SIGINT"), SIGINT },
3875 { L("SIGKILL"), SIGKILL },
3876 { L("SIGPIPE"), SIGPIPE },
3877#ifdef SIGPOLL
3878 { L("SIGPOLL"), SIGPOLL },
3879#endif
3880 { L("SIGPROF"), SIGPROF },
3881 { L("SIGQUIT"), SIGQUIT },
3882 { L("SIGSEGV"), SIGSEGV },
3883 { L("SIGSTOP"), SIGSTOP },
3884#ifdef SIGSYS
3885 { L("SIGSYS"), SIGSYS },
3886#endif
3887 { L("SIGTERM"), SIGTERM },
3888#ifdef SIGTRAP
3889 { L("SIGTRAP"), SIGTRAP },
3890#endif
3891 { L("SIGTSTP"), SIGTSTP },
3892 { L("SIGTTIN"), SIGTTIN },
3893 { L("SIGTTOU"), SIGTTOU },
3894 { L("SIGURG"), SIGURG },
3895 { L("SIGUSR1"), SIGUSR1 },
3896 { L("SIGUSR2"), SIGUSR2 },
3897 { L("SIGVTALRM"), SIGVTALRM },
3898 { L("SIGXCPU"), SIGXCPU },
3899 { L("SIGXFSZ"), SIGXFSZ }
3900 };
3901 static size_t signal_table_len = NUM_ELEMENTS(signal_table);
3902
3903 fr_value_box_t *signal_vb;
3904 int signal;
3905
3906 XLAT_ARGS(args, &signal_vb);
3907
3908 signal = fr_table_value_by_substr(signal_table, signal_vb->vb_strvalue, signal_vb->vb_length, -1);
3909 if (signal < 0) {
3910 RERROR("Invalid signal \"%pV\"", signal_vb);
3911 return XLAT_ACTION_FAIL;
3912 }
3913 if (raise(signal) < 0) {
3914 RERROR("Failed raising signal %d: %s", signal, strerror(errno));
3915 return XLAT_ACTION_FAIL;
3916 }
3917 return XLAT_ACTION_DONE;
3918}
3919#endif
3920
3921static xlat_arg_parser_t const xlat_func_time_args[] = {
3922 { .required = false, .single = true, .type = FR_TYPE_STRING },
3923 XLAT_ARG_PARSER_TERMINATOR
3924};
3925
3926/** Return the time as a #FR_TYPE_DATE
3927 *
3928 * Note that all operations are UTC.
3929 *
3930@verbatim
3931%time()
3932@endverbatim
3933 *
3934 * Example:
3935@verbatim
3936update reply {
3937 &Reply-Message := "%{%time(now) - %time(request)}"
3938}
3939@endverbatim
3940 *
3941 * @ingroup xlat_functions
3942 */
3943static xlat_action_t xlat_func_time(TALLOC_CTX *ctx, fr_dcursor_t *out,
3944 UNUSED xlat_ctx_t const *xctx,
3945 request_t *request, fr_value_box_list_t *args)
3946{
3947 fr_value_box_t *arg;
3948 fr_value_box_t *vb;
3949 fr_unix_time_t value;
3950
3951 XLAT_ARGS(args, &arg);
3952
3953 /*
3954 * An explicit `null` is treated the same as a missing arg -
3955 * vb_strvalue is unset on an FR_TYPE_NULL box, so reading it
3956 * would be UB.
3957 */
3958 if (arg && fr_type_is_null(arg->type)) arg = NULL;
3959
3960 if (!arg || (strcmp(arg->vb_strvalue, "now") == 0)) {
3961 value = fr_time_to_unix_time(fr_time());
3962
3963 } else if (strcmp(arg->vb_strvalue, "request") == 0) {
3964 value = fr_time_to_unix_time(request->packet->timestamp);
3965
3966 } else if (strcmp(arg->vb_strvalue, "offset") == 0) {
3967 MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_TIME_DELTA, NULL));
3968 vb->vb_time_delta = fr_time_gmtoff();
3969 goto append;
3970
3971 } else if (strcmp(arg->vb_strvalue, "dst") == 0) {
3972 MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_BOOL, NULL));
3973 vb->vb_bool = fr_time_is_dst();
3974 goto append;
3975
3976 } else if (strcmp(arg->vb_strvalue, "mday_offset") == 0) {
3977 struct tm tm;
3978 fr_unix_time_t unix_time = fr_time_to_unix_time(request->packet->timestamp);
3979 time_t when = fr_unix_time_to_sec(unix_time);
3980 int64_t nsec;
3981
3982 gmtime_r(&when, &tm);
3983
3984 nsec = (int64_t) 86400 * (tm.tm_mday - 1);
3985 nsec += when % 86400;
3986 nsec *= NSEC;
3987 nsec += fr_unix_time_unwrap(unix_time) % NSEC;
3988
3989 MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_TIME_DELTA, NULL));
3990 vb->vb_time_delta = fr_time_delta_wrap(nsec);
3991 goto append;
3992
3993 } else if (strcmp(arg->vb_strvalue, "wday_offset") == 0) {
3994 struct tm tm;
3995 fr_unix_time_t unix_time = fr_time_to_unix_time(request->packet->timestamp);
3996 time_t when = fr_unix_time_to_sec(unix_time);
3997 int64_t nsec;
3998
3999 gmtime_r(&when, &tm);
4000
4001 nsec = (int64_t) 86400 * tm.tm_wday;
4002 nsec += when % 86400;
4003 nsec *= NSEC;
4004 nsec += fr_unix_time_unwrap(unix_time) % NSEC;
4005
4006 MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_TIME_DELTA, NULL));
4007 vb->vb_time_delta = fr_time_delta_wrap(nsec);
4008 goto append;
4009
4010 } else if (fr_unix_time_from_str(&value, arg->vb_strvalue, FR_TIME_RES_SEC) < 0) {
4011 REDEBUG("Invalid time specification '%s'", arg->vb_strvalue);
4012 return XLAT_ACTION_FAIL;
4013 }
4014
4015 MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_DATE, NULL));
4016 vb->vb_date = value;
4017
4018append:
4019 fr_dcursor_append(out, vb);
4020
4021 return XLAT_ACTION_DONE;
4022}
4023
4024/** Return the current time as a #FR_TYPE_DATE
4025 *
4026 * Note that all operations are UTC.
4027 *
4028@verbatim
4029%time.now()
4030@endverbatim
4031 *
4032 * Example:
4033@verbatim
4034update reply {
4035 &Reply-Message := "%{%time.now() - %time.request()}"
4036}
4037@endverbatim
4038 *
4039 * @ingroup xlat_functions
4040 */
4041static xlat_action_t xlat_func_time_now(TALLOC_CTX *ctx, fr_dcursor_t *out,
4042 UNUSED xlat_ctx_t const *xctx,
4043 UNUSED request_t *request, UNUSED fr_value_box_list_t *args)
4044{
4045 fr_value_box_t *vb;
4046
4047 MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_DATE, NULL));
4048 vb->vb_date = fr_time_to_unix_time(fr_time());
4049
4050 fr_dcursor_append(out, vb);
4051
4052 return XLAT_ACTION_DONE;
4053}
4054
4055/** Return the request receive time as a #FR_TYPE_DATE
4056 *
4057 * Note that all operations are UTC.
4058 *
4059@verbatim
4060%time.request()
4061@endverbatim
4062 *
4063 * Example:
4064@verbatim
4065update reply {
4066 &Reply-Message := "%{%time.now() - %time.request()}"
4067}
4068@endverbatim
4069 *
4070 * @ingroup xlat_functions
4071 */
4072static xlat_action_t xlat_func_time_request(TALLOC_CTX *ctx, fr_dcursor_t *out,
4073 UNUSED xlat_ctx_t const *xctx,
4074 request_t *request, UNUSED fr_value_box_list_t *args)
4075{
4076 fr_value_box_t *vb;
4077
4078 MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_DATE, NULL));
4079 vb->vb_date = fr_time_to_unix_time(request->packet->timestamp);
4080
4081 fr_dcursor_append(out, vb);
4082
4083 return XLAT_ACTION_DONE;
4084}
4085
4086
4087/** Return the current time offset from gmt
4088 *
4089 * @ingroup xlat_functions
4090 */
4091static xlat_action_t xlat_func_time_offset(TALLOC_CTX *ctx, fr_dcursor_t *out,
4092 UNUSED xlat_ctx_t const *xctx,
4093 UNUSED request_t *request, UNUSED fr_value_box_list_t *args)
4094{
4095 fr_value_box_t *vb;
4096
4097 MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_TIME_DELTA, NULL));
4098 vb->vb_time_delta = fr_time_gmtoff();
4099
4100 fr_dcursor_append(out, vb);
4101
4102 return XLAT_ACTION_DONE;
4103}
4104
4105
4106/** Return whether we are in daylight savings or not
4107 *
4108 * @ingroup xlat_functions
4109 */
4110static xlat_action_t xlat_func_time_is_dst(TALLOC_CTX *ctx, fr_dcursor_t *out,
4111 UNUSED xlat_ctx_t const *xctx,
4112 UNUSED request_t *request, UNUSED fr_value_box_list_t *args)
4113{
4114 fr_value_box_t *vb;
4115
4116 MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_BOOL, NULL));
4117 vb->vb_bool = fr_time_is_dst();
4118
4119 fr_dcursor_append(out, vb);
4120
4121 return XLAT_ACTION_DONE;
4122}
4123
4124
4125/** Change case of a string
4126 *
4127 * If upper is true, change to uppercase, otherwise, change to lowercase
4128 */
4129static xlat_action_t xlat_change_case(TALLOC_CTX *ctx, fr_dcursor_t *out,
4130 UNUSED request_t *request, fr_value_box_list_t *args, bool upper)
4131{
4132 char *p;
4133 char const *end;
4134 fr_value_box_t *vb;
4135
4136 XLAT_ARGS(args, &vb);
4137
4138 p = UNCONST(char *, vb->vb_strvalue);
4139 end = p + vb->vb_length;
4140
4141 while (p < end) {
4142 *(p) = upper ? toupper ((uint8_t) *(p)) : tolower((uint8_t) *(p));
4143 p++;
4144 }
4145
4146 xlat_arg_copy_out(ctx, out, args, vb);
4147
4148 return XLAT_ACTION_DONE;
4149}
4150
4151static xlat_arg_parser_t const xlat_change_case_arg[] = {
4152 { .required = true, .concat = true, .type = FR_TYPE_STRING },
4153 XLAT_ARG_PARSER_TERMINATOR
4154};
4155
4156
4157/** Convert a string to lowercase
4158 *
4159 * Example:
4160@verbatim
4161%tolower("Bar") == "bar"
4162@endverbatim
4163 *
4164 * Probably only works for ASCII
4165 *
4166 * @ingroup xlat_functions
4167 */
4168static xlat_action_t xlat_func_tolower(TALLOC_CTX *ctx, fr_dcursor_t *out,
4169 UNUSED xlat_ctx_t const *xctx,
4170 request_t *request, fr_value_box_list_t *in)
4171{
4172 return xlat_change_case(ctx, out, request, in, false);
4173}
4174
4175
4176/** Convert a string to uppercase
4177 *
4178 * Example:
4179@verbatim
4180%toupper("Foo") == "FOO"
4181@endverbatim
4182 *
4183 * Probably only works for ASCII
4184 *
4185 * @ingroup xlat_functions
4186 */
4187static xlat_action_t xlat_func_toupper(TALLOC_CTX *ctx, fr_dcursor_t *out,
4188 UNUSED xlat_ctx_t const *xctx,
4189 request_t *request, fr_value_box_list_t *in)
4190{
4191 return xlat_change_case(ctx, out, request, in, true);
4192}
4193
4194
4195static xlat_arg_parser_t const xlat_func_urlquote_arg[] = {
4196 { .required = true, .concat = true, .type = FR_TYPE_STRING },
4197 XLAT_ARG_PARSER_TERMINATOR
4198};
4199
4200/** URLencode special characters
4201 *
4202 * Example:
4203@verbatim
4204%urlquote("http://example.org/") == "http%3A%47%47example.org%47"
4205@endverbatim
4206 *
4207 * @ingroup xlat_functions
4208 */
4209static xlat_action_t xlat_func_urlquote(TALLOC_CTX *ctx, fr_dcursor_t *out,
4210 UNUSED xlat_ctx_t const *xctx,
4211 UNUSED request_t *request, fr_value_box_list_t *args)
4212{
4213 char const *p, *end;
4214 char *buff_p;
4215 size_t outlen = 0;
4216 fr_value_box_t *vb;
4217 fr_value_box_t *in_head;
4218
4219 XLAT_ARGS(args, &in_head);
4220
4221 p = in_head->vb_strvalue;
4222 end = p + in_head->vb_length;
4223
4224 /*
4225 * Calculate size of output
4226 */
4227 while (p < end) {
4228 if (isalnum(*p) ||
4229 *p == '-' ||
4230 *p == '_' ||
4231 *p == '.' ||
4232 *p == '~') {
4233 outlen++;
4234 } else {
4235 outlen += 3;
4236 }
4237 p++;
4238 }
4239
4240 MEM(vb = fr_value_box_alloc_null(ctx));
4241 MEM(fr_value_box_bstr_alloc(vb, &buff_p, vb, NULL, outlen, false) == 0);
4242 fr_value_box_safety_copy(vb, in_head);
4243
4244 /* Reset p to start position */
4245 p = in_head->vb_strvalue;
4246
4247 while (p < end) {
4248 if (isalnum(*p)) {
4249 *buff_p++ = *p++;
4250 continue;
4251 }
4252
4253 switch (*p) {
4254 case '-':
4255 case '_':
4256 case '.':
4257 case '~':
4258 *buff_p++ = *p++;
4259 break;
4260
4261 default:
4262 /* MUST be upper case hex to be compliant */
4263 snprintf(buff_p, 4, "%%%02X", (uint8_t) *p++); /* %XX */
4264
4265 buff_p += 3;
4266 }
4267 }
4268
4269 *buff_p = '\0';
4270
4271 // @todo - mark as safe for URL?
4272 fr_dcursor_append(out, vb);
4273
4274 return XLAT_ACTION_DONE;
4275}
4276
4277
4278static xlat_arg_parser_t const xlat_func_urlunquote_arg[] = {
4279 { .required = true, .concat = true, .type = FR_TYPE_STRING },
4280 XLAT_ARG_PARSER_TERMINATOR
4281};
4282
4283/** URLdecode special characters
4284 *
4285 * @note Remember to escape % with %% in strings, else xlat will try to parse it.
4286 *
4287 * Example:
4288@verbatim
4289%urlunquote("http%%3A%%47%%47example.org%%47") == "http://example.org/"
4290@endverbatim
4291 *
4292 * @ingroup xlat_functions
4293 */
4294static xlat_action_t xlat_func_urlunquote(TALLOC_CTX *ctx, fr_dcursor_t *out,
4295 UNUSED xlat_ctx_t const *xctx,
4296 request_t *request, fr_value_box_list_t *args)
4297{
4298 char const *p, *end;
4299 char *buff_p;
4300 char const *c1, *c2;
4301 size_t outlen = 0;
4302 fr_value_box_t *vb;
4303 fr_value_box_t *in_head;
4304
4305 XLAT_ARGS(args, &in_head);
4306
4307 p = in_head->vb_strvalue;
4308 end = p + in_head->vb_length;
4309
4310 /*
4311 * Calculate size of output
4312 */
4313 while (p < end) {
4314 if (*p == '%') {
4315 if (!p[1] || !p[2]) {
4316 REMARKER(in_head->vb_strvalue, p - in_head->vb_strvalue, "Invalid %% sequence");
4317 return XLAT_ACTION_FAIL;
4318 }
4319 p += 3;
4320 } else {
4321 p++;
4322 }
4323 outlen++;
4324 }
4325
4326 MEM(vb = fr_value_box_alloc_null(ctx));
4327 MEM(fr_value_box_bstr_alloc(vb, &buff_p, vb, NULL, outlen, false) == 0);
4328 fr_value_box_safety_copy(vb, in_head);
4329
4330 /* Reset p to start position */
4331 p = in_head->vb_strvalue;
4332
4333 while (p < end) {
4334 if (*p != '%') {
4335 *buff_p++ = *p++;
4336 continue;
4337 }
4338 /* Is a % char */
4339
4340 /* Don't need \0 check, as it won't be in the hextab */
4341 if (!(c1 = memchr(hextab, tolower((uint8_t) *++p), 16)) ||
4342 !(c2 = memchr(hextab, tolower((uint8_t) *++p), 16))) {
4343 REMARKER(in_head->vb_strvalue, p - in_head->vb_strvalue, "Non-hex char in %% sequence");
4344 talloc_free(vb);
4345
4346 return XLAT_ACTION_FAIL;
4347 }
4348 p++;
4349 *buff_p++ = ((c1 - hextab) << 4) + (c2 - hextab);
4350 }
4351
4352 *buff_p = '\0';
4353 fr_dcursor_append(out, vb);
4354
4355 return XLAT_ACTION_DONE;
4356}
4357
4358static xlat_arg_parser_t const xlat_pair_decode_args[] = {
4359 { .required = true, .type = FR_TYPE_VOID },
4360 { .single = true, .type = FR_TYPE_ATTR },
4361 XLAT_ARG_PARSER_TERMINATOR
4362};
4363
4364/** Decode any protocol attribute / options
4365 *
4366 * Creates protocol-specific attributes based on the given binary option data
4367 *
4368 * Example:
4369@verbatim
4370%dhcpv4.decode(%{Tmp-Octets-0})
4371@endverbatim
4372 *
4373 * @ingroup xlat_functions
4374 */
4375static xlat_action_t xlat_pair_decode(TALLOC_CTX *ctx, fr_dcursor_t *out,
4376 xlat_ctx_t const *xctx,
4377 request_t *request, fr_value_box_list_t *in)
4378{
4379 int decoded;
4380 fr_value_box_t *vb, *in_head, *root_da;
4381 void *decode_ctx = NULL;
4382 xlat_pair_decode_uctx_t const *decode_uctx = talloc_get_type_abort(*(void * const *)xctx->inst, xlat_pair_decode_uctx_t);
4383 fr_test_point_pair_decode_t const *tp_decode = decode_uctx->tp_decode;
4384 fr_pair_t *vp = NULL;
4385 bool created = false;
4386
4387 XLAT_ARGS(in, &in_head, &root_da);
4388
4389 fr_assert(in_head->type == FR_TYPE_GROUP);
4390
4391 if (decode_uctx->dict && decode_uctx->dict != request->proto_dict) {
4392 REDEBUG2("Can't call %%%s() when in %s namespace", xctx->ex->call.func->name,
4393 fr_dict_root(request->proto_dict)->name);
4394 return XLAT_ACTION_FAIL;
4395 }
4396
4397 if (root_da) {
4398 int ret;
4399 if (!fr_type_is_structural(root_da->vb_attr->type)) {
4400 REDEBUG2("Decoding context must be a structural attribute reference");
4401 return XLAT_ACTION_FAIL;
4402 }
4403 ret = fr_pair_update_by_da_parent(fr_pair_list_parent(&request->request_pairs), &vp, root_da->vb_attr);
4404 if (ret < 0) {
4405 REDEBUG2("Failed creating decoding root pair");
4406 return XLAT_ACTION_FAIL;
4407 }
4408 if (ret == 0) created = true;
4409 }
4410
4411 if (tp_decode->test_ctx) {
4412 if (tp_decode->test_ctx(&decode_ctx, ctx, request->proto_dict, root_da ? root_da->vb_attr : NULL) < 0) {
4413 goto fail;
4414 }
4415 }
4416
4417 decoded = xlat_decode_value_box_list(root_da ? vp : request->request_ctx,
4418 root_da ? &vp->vp_group : &request->request_pairs,
4419 request, decode_ctx, tp_decode->func, &in_head->vb_group);
4420 if (decoded <= 0) {
4421 talloc_free(decode_ctx);
4422 RPERROR("Protocol decoding failed");
4423 fail:
4424 if (created) fr_pair_delete(&request->request_pairs, vp);
4425 return XLAT_ACTION_FAIL;
4426 }
4427
4428 /*
4429 * Create a value box to hold the decoded count, and add
4430 * it to the output list.
4431 */
4432 MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_UINT32, NULL));
4433 vb->vb_uint32 = decoded;
4434 fr_dcursor_append(out, vb);
4435
4436 talloc_free(decode_ctx);
4437 return XLAT_ACTION_DONE;
4438}
4439
4440static xlat_arg_parser_t const xlat_func_subnet_args[] = {
4441 { .required = true, .single = true, .type = FR_TYPE_IPV4_PREFIX },
4442 XLAT_ARG_PARSER_TERMINATOR
4443};
4444
4445/** Calculate the subnet mask from a IPv4 prefix
4446 *
4447 * Example:
4448@verbatim
4449%ip.v4.netmask(%{Network-Prefix})
4450@endverbatim
4451 *
4452 * @ingroup xlat_functions
4453 */
4454static xlat_action_t xlat_func_subnet_netmask(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx,
4455 UNUSED request_t *request, fr_value_box_list_t *args)
4456{
4457 fr_value_box_t *subnet, *vb;
4458 XLAT_ARGS(args, &subnet);
4459
4460 MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_IPV4_ADDR, NULL));
4461
4462 switch (subnet->vb_ip.prefix) {
4463 case 0:
4464 vb->vb_ipv4addr = 0;
4465 break;
4466
4467 case 32:
4468 vb->vb_ipv4addr = 0xffffffff;
4469 break;
4470
4471 default:
4472 vb->vb_ipv4addr = htonl((uint32_t)0xffffffff << (32 - subnet->vb_ip.prefix));
4473 break;
4474 }
4475
4476 fr_dcursor_append(out, vb);
4477
4478 return XLAT_ACTION_DONE;
4479}
4480
4481/** Calculate the broadcast address from a IPv4 prefix
4482 *
4483 * Example:
4484@verbatim
4485%ip.v4.broadcast(%{Network-Prefix})
4486@endverbatim
4487 *
4488 * @ingroup xlat_functions
4489 */
4490static xlat_action_t xlat_func_subnet_broadcast(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx,
4491 UNUSED request_t *request, fr_value_box_list_t *args)
4492{
4493 fr_value_box_t *subnet, *vb;
4494 XLAT_ARGS(args, &subnet);
4495
4496 MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_IPV4_ADDR, NULL));
4497 vb->vb_ipv4addr = htonl( ntohl(subnet->vb_ipv4addr) | ((uint32_t)0xffffffff >> subnet->vb_ip.prefix));
4498 fr_dcursor_append(out, vb);
4499
4500 return XLAT_ACTION_DONE;
4501}
4502
4503static int xlat_pair_dencode_instantiate(xlat_inst_ctx_t const *mctx)
4504{
4505 *(void **) mctx->inst = mctx->uctx;
4506 return 0;
4507}
4508
4514
4515/** Encode protocol attributes / options
4516 *
4517 * Returns octet string created from the provided pairs
4518 *
4519 * Example:
4520@verbatim
4521%dhcpv4.encode(&request[*])
4522@endverbatim
4523 *
4524 * @ingroup xlat_functions
4525 */
4526static xlat_action_t xlat_pair_encode(TALLOC_CTX *ctx, fr_dcursor_t *out,
4527 xlat_ctx_t const *xctx,
4528 request_t *request, fr_value_box_list_t *args)
4529{
4530 fr_pair_t *vp;
4531 fr_dcursor_t *cursor;
4532 bool tainted = false, encode_children = false;
4533 fr_value_box_t *encoded;
4534
4535 fr_dbuff_t *dbuff;
4536 ssize_t len = 0;
4537 fr_value_box_t *in_head, *root_da;
4538 void *encode_ctx = NULL;
4539 fr_test_point_pair_encode_t const *tp_encode;
4540
4541 FR_DBUFF_TALLOC_THREAD_LOCAL(&dbuff, 2048, SIZE_MAX);
4542
4543 XLAT_ARGS(args, &in_head, &root_da);
4544
4545 memcpy(&tp_encode, xctx->inst, sizeof(tp_encode)); /* const issues */
4546
4547 cursor = fr_value_box_get_cursor(in_head);
4548
4549 /*
4550 * Create the encoding context.
4551 */
4552 if (tp_encode->test_ctx) {
4553 if (tp_encode->test_ctx(&encode_ctx, cursor, request->proto_dict, root_da ? root_da->vb_attr : NULL) < 0) {
4554 return XLAT_ACTION_FAIL;
4555 }
4556 }
4557
4558 if (root_da) {
4559 if (!fr_type_is_structural(root_da->vb_attr->type)) {
4560 REDEBUG2("Encoding context must be a structural attribute reference");
4561 return XLAT_ACTION_FAIL;
4562 }
4563 vp = fr_dcursor_current(cursor);
4564 if (!fr_dict_attr_common_parent(root_da->vb_attr, vp->da, true) && (root_da->vb_attr != vp->da)) {
4565 REDEBUG2("%s is not a child of %s", vp->da->name, root_da->vb_attr->name);
4566 return XLAT_ACTION_FAIL;
4567 }
4568 if (root_da->vb_attr == vp->da) encode_children = true;
4569 }
4570
4571 /*
4572 * Loop over the attributes, encoding them.
4573 */
4574 RDEBUG2("Encoding attributes");
4575
4576 if (RDEBUG_ENABLED2) {
4577 RINDENT();
4578 for (vp = fr_dcursor_current(cursor);
4579 vp != NULL;
4580 vp = fr_dcursor_next(cursor)) {
4581 RDEBUG2("%pP", vp);
4582 }
4583 REXDENT();
4584 }
4585
4586 /*
4587 * Encoders advance the cursor, so we just need to feed
4588 * in the next pair. This was originally so we could
4589 * extend the output buffer, but with dbuffs that's
4590 * no longer necessary... we might want to refactor this
4591 * in future.
4592 */
4593 for (vp = fr_dcursor_head(cursor);
4594 vp != NULL;
4595 vp = fr_dcursor_current(cursor)) {
4596 /*
4597 *
4598 * Don't check for internal attributes, the
4599 * encoders can skip them if they need to, and the
4600 * internal encoder can encode anything, as can
4601 * things like CBOR.
4602 *
4603 * Don't check the dictionaries. By definition,
4604 * vp->da->dict==request->proto_dict, OR else we're
4605 * using the internal encoder and encoding a real
4606 * protocol.
4607 *
4608 * However, we likely still want a
4609 * dictionary-specific "is encodable" function,
4610 * as AKA/SIM and DHCPv6 encode "bool"s only if
4611 * their value is true.
4612 */
4613 if (encode_children) {
4614 fr_dcursor_t child_cursor;
4615
4616 fr_assert(fr_type_is_structural(vp->vp_type));
4617
4618 /*
4619 * If we're given an encoding context which is the
4620 * same as the DA returned by the cursor, that means
4621 * encode the children.
4622 */
4623 fr_pair_dcursor_init(&child_cursor, &vp->vp_group);
4624 while (fr_dcursor_current(&child_cursor)) {
4625 len = tp_encode->func(dbuff, &child_cursor, encode_ctx);
4626 if (len < 0) break;
4627 }
4628 fr_dcursor_next(cursor);
4629 } else {
4630 len = tp_encode->func(dbuff, cursor, encode_ctx);
4631 }
4632 if (len < 0) {
4633 RPEDEBUG("Protocol encoding failed");
4634 return XLAT_ACTION_FAIL;
4635 }
4636
4637 tainted |= vp->vp_tainted;
4638 }
4639
4640 /*
4641 * Pass the options string back to the caller.
4642 */
4643 MEM(encoded = fr_value_box_alloc_null(ctx));
4644 fr_value_box_memdup(encoded, encoded, NULL, fr_dbuff_start(dbuff), fr_dbuff_used(dbuff), tainted);
4645 fr_dcursor_append(out, encoded);
4646
4647 return XLAT_ACTION_DONE;
4648}
4649
4650static int xlat_protocol_register_by_name(dl_t *dl, char const *name, fr_dict_t const *dict)
4651{
4652 fr_test_point_pair_decode_t *tp_decode;
4653 fr_test_point_pair_encode_t *tp_encode;
4654 xlat_pair_decode_uctx_t *decode_uctx;
4655 xlat_t *xlat;
4656 char buffer[256+32];
4657
4658 /*
4659 * See if there's a decode function for it.
4660 */
4661 snprintf(buffer, sizeof(buffer), "%s_tp_decode_pair", name);
4662 tp_decode = dlsym(dl->handle, buffer);
4663 if (tp_decode) {
4664 snprintf(buffer, sizeof(buffer), "%s.decode", name);
4665
4666 /* May be called multiple times, so just skip protocols we've already registered */
4667 if (xlat_func_find(buffer, -1)) return 1;
4668
4669 if (unlikely((xlat = xlat_func_register(NULL, buffer, xlat_pair_decode, FR_TYPE_UINT32)) == NULL)) return -1;
4670 xlat_func_args_set(xlat, xlat_pair_decode_args);
4671 decode_uctx = talloc(xlat, xlat_pair_decode_uctx_t);
4672 decode_uctx->tp_decode = tp_decode;
4673 decode_uctx->dict = dict;
4674 /* coverity[suspicious_sizeof] */
4675 xlat_func_instantiate_set(xlat, xlat_pair_dencode_instantiate, xlat_pair_decode_uctx_t *, NULL, decode_uctx);
4676 xlat_func_flags_set(xlat, XLAT_FUNC_FLAG_INTERNAL);
4677 }
4678
4679 /*
4680 * See if there's an encode function for it.
4681 */
4682 snprintf(buffer, sizeof(buffer), "%s_tp_encode_pair", name);
4683 tp_encode = dlsym(dl->handle, buffer);
4684 if (tp_encode) {
4685 snprintf(buffer, sizeof(buffer), "%s.encode", name);
4686
4687 if (xlat_func_find(buffer, -1)) return 1;
4688
4689 if (unlikely((xlat = xlat_func_register(NULL, buffer, xlat_pair_encode, FR_TYPE_OCTETS)) == NULL)) return -1;
4690 xlat_func_args_set(xlat, xlat_pair_encode_args);
4691 /* coverity[suspicious_sizeof] */
4692 xlat_func_instantiate_set(xlat, xlat_pair_dencode_instantiate, fr_test_point_pair_encode_t *, NULL, tp_encode);
4693 xlat_func_flags_set(xlat, XLAT_FUNC_FLAG_INTERNAL);
4694 }
4695
4696 return 0;
4697}
4698
4699static int xlat_protocol_register(fr_dict_t const *dict)
4700{
4701 dl_t *dl = fr_dict_dl(dict);
4702 char *p, name[256];
4703
4704 /*
4705 * No library for this protocol, skip it.
4706 *
4707 * Protocol TEST has no libfreeradius-test, so that's OK.
4708 */
4709 if (!dl) return 0;
4710
4711 strlcpy(name, fr_dict_root(dict)->name, sizeof(name));
4712 for (p = name; *p != '\0'; p++) {
4713 *p = tolower((uint8_t) *p);
4714 }
4715
4716 return xlat_protocol_register_by_name(dl, name, dict != fr_dict_internal() ? dict : NULL);
4717}
4718
4719static dl_loader_t *cbor_loader = NULL;
4720
4721static int xlat_protocol_register_cbor(void)
4722{
4723 dl_t *dl;
4724
4725 cbor_loader = dl_loader_init(NULL, NULL, false, false);
4726 if (!cbor_loader) return 0;
4727
4728 dl = dl_by_name(cbor_loader, "libfreeradius-cbor", NULL, false);
4729 if (!dl) return 0;
4730
4731 if (xlat_protocol_register_by_name(dl, "cbor", NULL) < 0) return -1;
4732
4733 return 0;
4734}
4735
4736
4737/** Register xlats for any loaded dictionaries
4738 */
4739int xlat_protocols_register(void)
4740{
4741 fr_dict_t *dict;
4742 fr_dict_global_ctx_iter_t iter;
4743
4744 for (dict = fr_dict_global_ctx_iter_init(&iter);
4745 dict != NULL;
4746 dict = fr_dict_global_ctx_iter_next(&iter)) {
4747 if (xlat_protocol_register(dict) < 0) return -1;
4748 }
4749
4750 /*
4751 * And the internal protocol, too.
4752 */
4753 if (xlat_protocol_register(fr_dict_internal()) < 0) return -1;
4754
4755 /*
4756 * And cbor stuff
4757 */
4758 if (xlat_protocol_register_cbor() < 0) return -1;
4759
4760 return 0;
4761}
4762
4763/** De-register all xlat functions we created
4764 *
4765 */
4766static int _xlat_global_free(UNUSED void *uctx)
4767{
4768 TALLOC_FREE(xlat_ctx);
4769 xlat_func_free();
4770 xlat_eval_free();
4771 talloc_free(cbor_loader);
4772
4773 return 0;
4774}
4775
4776/** Global initialisation for xlat
4777 *
4778 * @note Free memory with #xlat_free
4779 *
4780 * @return
4781 * - 0 on success.
4782 * - -1 on failure.
4783 *
4784 * @hidecallgraph
4785 */
4786static int _xlat_global_init(UNUSED void *uctx)
4787{
4788 xlat_t *xlat;
4789
4790 xlat_ctx = talloc_init("xlat");
4791 if (!xlat_ctx) return -1;
4792
4793 if (xlat_func_init() < 0) return -1;
4794
4795 /*
4796 * Lookup attributes used by virtual xlat expansions.
4797 */
4798 if (xlat_eval_init() < 0) return -1;
4799
4800 /*
4801 * Registers async xlat operations in the `unlang` interpreter.
4802 */
4803 unlang_xlat_init();
4804
4805 /*
4806 * These are all "pure" functions.
4807 */
4808#define XLAT_REGISTER_ARGS(_xlat, _func, _return_type, _args) \
4809do { \
4810 if (unlikely((xlat = xlat_func_register(xlat_ctx, _xlat, _func, _return_type)) == NULL)) return -1; \
4811 xlat_func_args_set(xlat, _args); \
4812 xlat_func_flags_set(xlat, XLAT_FUNC_FLAG_PURE | XLAT_FUNC_FLAG_INTERNAL); \
4813} while (0)
4814
4815#define XLAT_NEW(_x) xlat->replaced_with = _x
4816
4817 XLAT_REGISTER_ARGS("cast", xlat_func_cast, FR_TYPE_VOID, xlat_func_cast_args);
4818
4819 XLAT_REGISTER_ARGS("str.concat", xlat_func_concat, FR_TYPE_STRING, xlat_func_concat_args);
4820 XLAT_REGISTER_ARGS("concat", xlat_func_concat, FR_TYPE_STRING, xlat_func_concat_args);
4821 XLAT_NEW("str.concat");
4822
4823 XLAT_REGISTER_ARGS("str.split", xlat_func_explode, FR_TYPE_STRING, xlat_func_explode_args);
4824 XLAT_REGISTER_ARGS("explode", xlat_func_explode, FR_TYPE_STRING, xlat_func_explode_args);
4825 XLAT_NEW("str.split");
4826
4827 XLAT_REGISTER_ARGS("file.escape", xlat_transparent, FR_TYPE_STRING, xlat_func_file_name_args);
4828
4829 XLAT_REGISTER_ARGS("hmac.md5", xlat_func_hmac_md5, FR_TYPE_OCTETS, xlat_hmac_args);
4830 XLAT_REGISTER_ARGS("hmacmd5", xlat_func_hmac_md5, FR_TYPE_OCTETS, xlat_hmac_args);
4831 XLAT_NEW("hmac.md5");
4832
4833 XLAT_REGISTER_ARGS("hmac.sha1", xlat_func_hmac_sha1, FR_TYPE_OCTETS, xlat_hmac_args);
4834 XLAT_REGISTER_ARGS("hmacsha1", xlat_func_hmac_sha1, FR_TYPE_OCTETS, xlat_hmac_args);
4835 XLAT_NEW("hmac.sha1");
4836
4837 XLAT_REGISTER_ARGS("integer", xlat_func_integer, FR_TYPE_VOID, xlat_func_integer_args);
4838 xlat->deprecated = true;
4839
4840 XLAT_REGISTER_ARGS("join", xlat_func_join, FR_TYPE_VOID, xlat_func_join_args);
4841 XLAT_REGISTER_ARGS("ungroup", xlat_func_ungroup, FR_TYPE_VOID, xlat_func_join_args);
4842 xlat->deprecated = true;
4843
4844 XLAT_REGISTER_ARGS("length", xlat_func_length, FR_TYPE_SIZE, xlat_func_length_args);
4845
4846 XLAT_REGISTER_ARGS("str.lpad", xlat_func_lpad, FR_TYPE_STRING, xlat_func_pad_args);
4847 XLAT_REGISTER_ARGS("lpad", xlat_func_lpad, FR_TYPE_STRING, xlat_func_pad_args);
4848 XLAT_NEW("str.lpad");
4849
4850 XLAT_REGISTER_ARGS("str.rpad", xlat_func_rpad, FR_TYPE_STRING, xlat_func_pad_args);
4851 XLAT_REGISTER_ARGS("rpad", xlat_func_rpad, FR_TYPE_STRING, xlat_func_pad_args);
4852 XLAT_NEW("str.rpad");
4853
4854 XLAT_REGISTER_ARGS("str.substr", xlat_func_substr, FR_TYPE_VOID, xlat_func_substr_args);
4855 XLAT_REGISTER_ARGS("substr", xlat_func_substr, FR_TYPE_VOID, xlat_func_substr_args);
4856 XLAT_NEW("str.substr");
4857
4858 XLAT_REGISTER_ARGS("ip.v4.netmask", xlat_func_subnet_netmask, FR_TYPE_IPV4_ADDR, xlat_func_subnet_args);
4859 XLAT_REGISTER_ARGS("ip.v4.broadcast", xlat_func_subnet_broadcast, FR_TYPE_IPV4_ADDR, xlat_func_subnet_args);
4860
4861 /*
4862 * The inputs to these functions are variable.
4863 */
4864#undef XLAT_REGISTER_ARGS
4865#define XLAT_REGISTER_ARGS(_xlat, _func, _return_type, _args) \
4866do { \
4867 if (unlikely((xlat = xlat_func_register(xlat_ctx, _xlat, _func, _return_type)) == NULL)) return -1; \
4868 xlat_func_args_set(xlat, _args); \
4869 xlat_func_flags_set(xlat, XLAT_FUNC_FLAG_INTERNAL); \
4870} while (0)
4871
4872#undef XLAT_REGISTER_VOID
4873#define XLAT_REGISTER_VOID(_xlat, _func, _return_type) \
4874do { \
4875 if (unlikely((xlat = xlat_func_register(xlat_ctx, _xlat, _func, _return_type)) == NULL)) return -1; \
4876 xlat_func_flags_set(xlat, XLAT_FUNC_FLAG_INTERNAL); \
4877} while (0)
4878
4879 XLAT_REGISTER_ARGS("block", xlat_func_block, FR_TYPE_TIME_DELTA, xlat_func_block_args);
4880 XLAT_REGISTER_ARGS("debug", xlat_func_debug, FR_TYPE_INT8, xlat_func_debug_args);
4881 XLAT_REGISTER_ARGS("debug_attr", xlat_func_pairs_debug, FR_TYPE_NULL, xlat_pair_cursor_args);
4882 XLAT_NEW("pairs.debug");
4883
4884 XLAT_REGISTER_ARGS("file.exists", xlat_func_file_exists, FR_TYPE_BOOL, xlat_func_file_name_args);
4885 XLAT_REGISTER_ARGS("file.head", xlat_func_file_head, FR_TYPE_STRING, xlat_func_file_name_args);
4886 XLAT_REGISTER_ARGS("file.rm", xlat_func_file_rm, FR_TYPE_BOOL, xlat_func_file_name_args);
4887 XLAT_REGISTER_ARGS("file.touch", xlat_func_file_touch, FR_TYPE_BOOL, xlat_func_file_name_args);
4888 XLAT_REGISTER_ARGS("file.size", xlat_func_file_size, FR_TYPE_UINT64, xlat_func_file_name_args);
4889 XLAT_REGISTER_ARGS("file.tail", xlat_func_file_tail, FR_TYPE_STRING, xlat_func_file_name_count_args);
4890 XLAT_REGISTER_ARGS("file.cat", xlat_func_file_cat, FR_TYPE_OCTETS, xlat_func_file_cat_args);
4891 XLAT_REGISTER_ARGS("file.mkdir", xlat_func_file_mkdir, FR_TYPE_BOOL, xlat_func_file_name_args);
4892 XLAT_REGISTER_ARGS("file.rmdir", xlat_func_file_rmdir, FR_TYPE_BOOL, xlat_func_file_name_args);
4893
4894 XLAT_REGISTER_ARGS("immutable", xlat_func_immutable_attr, FR_TYPE_NULL, xlat_pair_cursor_args);
4895 XLAT_NEW("pairs.immutable");
4896 XLAT_REGISTER_ARGS("pairs.immutable", xlat_func_immutable_attr, FR_TYPE_NULL, xlat_pair_cursor_args);
4897
4898 XLAT_REGISTER_ARGS("log.debug", xlat_func_log_debug, FR_TYPE_NULL, xlat_func_log_arg);
4899 XLAT_REGISTER_ARGS("log.err", xlat_func_log_err, FR_TYPE_NULL, xlat_func_log_arg);
4900 XLAT_REGISTER_ARGS("log.info", xlat_func_log_info, FR_TYPE_NULL, xlat_func_log_arg);
4901 XLAT_REGISTER_ARGS("log.warn", xlat_func_log_warn, FR_TYPE_NULL, xlat_func_log_arg);
4902 XLAT_REGISTER_ARGS("log.destination", xlat_func_log_dst, FR_TYPE_STRING, xlat_func_log_dst_args);
4903
4904 XLAT_REGISTER_ARGS("nexttime", xlat_func_next_time, FR_TYPE_UINT64, xlat_func_next_time_args);
4905 XLAT_NEW("time.next");
4906 XLAT_REGISTER_ARGS("time.next", xlat_func_next_time, FR_TYPE_UINT64, xlat_func_next_time_args);
4907
4908 XLAT_REGISTER_ARGS("pairs", xlat_func_pairs_print, FR_TYPE_STRING, xlat_pair_cursor_args);
4909 XLAT_NEW("pairs.print");
4910 XLAT_REGISTER_ARGS("pairs.print", xlat_func_pairs_print, FR_TYPE_STRING, xlat_pair_cursor_args);
4911
4912 XLAT_REGISTER_ARGS("pairs.debug", xlat_func_pairs_debug, FR_TYPE_NULL, xlat_pair_cursor_args);
4913
4914 XLAT_REGISTER_ARGS("str.subst", xlat_func_subst, FR_TYPE_STRING, xlat_func_subst_args);
4915#ifdef HAVE_REGEX_PCRE2
4916 xlat_func_instantiate_set(xlat, xlat_instantiate_subst_regex, xlat_subst_regex_inst_t, NULL, NULL);
4917#endif
4918 XLAT_REGISTER_ARGS("subst", xlat_func_subst, FR_TYPE_STRING, xlat_func_subst_args);
4919 XLAT_NEW("str.subst");
4920#ifdef HAVE_REGEX_PCRE2
4921 xlat_func_instantiate_set(xlat, xlat_instantiate_subst_regex, xlat_subst_regex_inst_t, NULL, NULL);
4922#endif
4923
4924#ifndef NDEBUG
4925 XLAT_REGISTER_ARGS("signal.raise", xlat_func_signal_raise, FR_TYPE_STRING, xlat_func_signal_raise_args);
4926#endif
4927
4928 XLAT_REGISTER_ARGS("time", xlat_func_time, FR_TYPE_VOID, xlat_func_time_args);
4929 XLAT_REGISTER_VOID("time.now", xlat_func_time_now, FR_TYPE_DATE);
4930 XLAT_REGISTER_VOID("time.request", xlat_func_time_request, FR_TYPE_DATE);
4931 XLAT_REGISTER_VOID("time.offset", xlat_func_time_offset, FR_TYPE_TIME_DELTA);
4932 XLAT_REGISTER_VOID("time.is_dst", xlat_func_time_is_dst, FR_TYPE_BOOL);
4933
4934 XLAT_REGISTER_ARGS("base64.encode", xlat_func_base64_encode, FR_TYPE_STRING, xlat_func_base64_encode_arg);
4935 XLAT_REGISTER_ARGS("base64.decode", xlat_func_base64_decode, FR_TYPE_OCTETS, xlat_func_base64_decode_arg);
4936 XLAT_REGISTER_ARGS("rand", xlat_func_rand, FR_TYPE_UINT64, xlat_func_rand_arg);
4937 XLAT_REGISTER_ARGS("map", xlat_func_map, FR_TYPE_BOOL, xlat_func_map_arg);
4938
4939 XLAT_REGISTER_ARGS("str.rand", xlat_func_randstr, FR_TYPE_STRING, xlat_func_randstr_arg);
4940 XLAT_REGISTER_ARGS("randstr", xlat_func_randstr, FR_TYPE_STRING, xlat_func_randstr_arg);
4941 XLAT_NEW("str.rand");
4942
4943 XLAT_REGISTER_VOID("uuid.v4", xlat_func_uuid_v4, FR_TYPE_STRING);
4944 XLAT_REGISTER_VOID("uuid.v7", xlat_func_uuid_v7, FR_TYPE_STRING);
4945
4946 XLAT_REGISTER_ARGS("range", xlat_func_range, FR_TYPE_UINT64, xlat_func_range_arg);
4947
4948 if (unlikely((xlat = xlat_func_register(xlat_ctx, "untaint", xlat_func_untaint, FR_TYPE_VOID)) == NULL)) return -1;
4949 xlat_func_flags_set(xlat, XLAT_FUNC_FLAG_PURE | XLAT_FUNC_FLAG_INTERNAL);
4950 xlat_func_args_set(xlat, xlat_func_taint_args);
4951
4952 if (unlikely((xlat = xlat_func_register(xlat_ctx, "taint", xlat_func_taint, FR_TYPE_VOID)) == NULL)) return -1;
4953 xlat_func_flags_set(xlat, XLAT_FUNC_FLAG_PURE | XLAT_FUNC_FLAG_INTERNAL);
4954 xlat_func_args_set(xlat, xlat_func_taint_args);
4955
4956 /*
4957 * All of these functions are pure.
4958 */
4959#define XLAT_REGISTER_PURE(_xlat, _func, _return_type, _arg) \
4960do { \
4961 if (unlikely((xlat = xlat_func_register(xlat_ctx, _xlat, _func, _return_type)) == NULL)) return -1; \
4962 xlat_func_args_set(xlat, _arg); \
4963 xlat_func_flags_set(xlat, XLAT_FUNC_FLAG_PURE | XLAT_FUNC_FLAG_INTERNAL); \
4964} while (0)
4965
4966 XLAT_REGISTER_PURE("bin", xlat_func_bin, FR_TYPE_OCTETS, xlat_func_bin_arg);
4967 XLAT_REGISTER_PURE("hex", xlat_func_hex, FR_TYPE_STRING, xlat_func_hex_arg);
4968 XLAT_REGISTER_PURE("hash.md4", xlat_func_md4, FR_TYPE_OCTETS, xlat_func_md4_arg);
4969 XLAT_REGISTER_PURE("md4", xlat_func_md4, FR_TYPE_OCTETS, xlat_func_md4_arg);
4970 XLAT_NEW("hash.md4");
4971
4972 XLAT_REGISTER_PURE("hash.md5", xlat_func_md5, FR_TYPE_OCTETS, xlat_func_md5_arg);
4973 XLAT_REGISTER_PURE("md5", xlat_func_md5, FR_TYPE_OCTETS, xlat_func_md5_arg);
4974 XLAT_NEW("hash.md4");
4975
4976 if (unlikely((xlat = xlat_func_register(xlat_ctx, "regex.match", xlat_func_regex, FR_TYPE_STRING)) == NULL)) return -1;
4977 xlat_func_args_set(xlat, xlat_func_regex_args);
4978 xlat_func_flags_set(xlat, XLAT_FUNC_FLAG_INTERNAL);
4979 if (unlikely((xlat = xlat_func_register(xlat_ctx, "regex", xlat_func_regex, FR_TYPE_STRING)) == NULL)) return -1;
4980 xlat_func_args_set(xlat, xlat_func_regex_args);
4981 xlat_func_flags_set(xlat, XLAT_FUNC_FLAG_INTERNAL);
4982 XLAT_NEW("regex.match");
4983
4984 {
4985 static xlat_arg_parser_t const xlat_regex_safe_args[] = {
4986 { .type = FR_TYPE_STRING, .variadic = true, .concat = true },
4987 XLAT_ARG_PARSER_TERMINATOR
4988 };
4989
4990 static xlat_arg_parser_t const xlat_regex_escape_args[] = {
4991 { .type = FR_TYPE_STRING,
4992 .func = regex_xlat_escape, .safe_for = FR_REGEX_SAFE_FOR, .always_escape = true,
4993 .variadic = true, .concat = true },
4994 XLAT_ARG_PARSER_TERMINATOR
4995 };
4996
4997 if (unlikely((xlat = xlat_func_register(xlat_ctx, "regex.safe",
4998 xlat_transparent, FR_TYPE_STRING)) == NULL)) return -1;
4999 xlat_func_flags_set(xlat, XLAT_FUNC_FLAG_INTERNAL);
5000 xlat_func_args_set(xlat, xlat_regex_safe_args);
5001 xlat_func_safe_for_set(xlat, FR_REGEX_SAFE_FOR);
5002
5003 if (unlikely((xlat = xlat_func_register(xlat_ctx, "regex.escape",
5004 xlat_transparent, FR_TYPE_STRING)) == NULL)) return -1;
5005 xlat_func_flags_set(xlat, XLAT_FUNC_FLAG_INTERNAL);
5006 xlat_func_args_set(xlat, xlat_regex_escape_args);
5007 xlat_func_safe_for_set(xlat, FR_REGEX_SAFE_FOR);
5008 }
5009
5010#define XLAT_REGISTER_HASH(_name, _func) do { \
5011 XLAT_REGISTER_PURE("hash." _name, _func, FR_TYPE_OCTETS, xlat_func_sha_arg); \
5012 XLAT_REGISTER_PURE(_name, _func, FR_TYPE_OCTETS, xlat_func_sha_arg); \
5013 XLAT_NEW("hash." _name); \
5014 } while (0)
5015
5016 XLAT_REGISTER_HASH("sha1", xlat_func_sha1);
5017
5018#ifdef HAVE_OPENSSL_EVP_H
5019 XLAT_REGISTER_HASH("sha2_224", xlat_func_sha2_224);
5020 XLAT_REGISTER_HASH("sha2_256", xlat_func_sha2_256);
5021 XLAT_REGISTER_HASH("sha2_384", xlat_func_sha2_384);
5022 XLAT_REGISTER_HASH("sha2_512", xlat_func_sha2_512);
5023 XLAT_REGISTER_HASH("sha2", xlat_func_sha2_256);
5024
5025# ifdef HAVE_EVP_BLAKE2S256
5026 XLAT_REGISTER_HASH("blake2s_256", xlat_func_blake2s_256);
5027# endif
5028# ifdef HAVE_EVP_BLAKE2B512
5029 XLAT_REGISTER_HASH("blake2b_512", xlat_func_blake2b_512);
5030# endif
5031
5032 XLAT_REGISTER_HASH("sha3_224", xlat_func_sha3_224);
5033 XLAT_REGISTER_HASH("sha3_256", xlat_func_sha3_256);
5034 XLAT_REGISTER_HASH("sha3_384", xlat_func_sha3_384);
5035 XLAT_REGISTER_HASH("sha3_512", xlat_func_sha3_512);
5036 XLAT_REGISTER_HASH("sha3", xlat_func_sha3_256);
5037#endif
5038
5039 XLAT_REGISTER_PURE("string", xlat_transparent, FR_TYPE_STRING, xlat_func_string_arg);
5040 xlat->deprecated = true;
5041 XLAT_REGISTER_PURE("strlen", xlat_func_strlen, FR_TYPE_SIZE, xlat_func_strlen_arg);
5042 XLAT_NEW("length");
5043
5044 XLAT_REGISTER_PURE("str.utf8", xlat_func_str_utf8, FR_TYPE_BOOL, xlat_func_str_utf8_arg);
5045 XLAT_REGISTER_PURE("str.printable", xlat_func_str_printable, FR_TYPE_BOOL, xlat_func_str_printable_arg);
5046
5047 XLAT_REGISTER_PURE("str.lower", xlat_func_tolower, FR_TYPE_STRING, xlat_change_case_arg);
5048 XLAT_REGISTER_PURE("tolower", xlat_func_tolower, FR_TYPE_STRING, xlat_change_case_arg);
5049 XLAT_NEW("str.lower");
5050
5051 XLAT_REGISTER_PURE("str.upper", xlat_func_toupper, FR_TYPE_STRING, xlat_change_case_arg);
5052 XLAT_REGISTER_PURE("toupper", xlat_func_toupper, FR_TYPE_STRING, xlat_change_case_arg);
5053 XLAT_NEW("str.upper");
5054
5055 XLAT_REGISTER_PURE("url.quote", xlat_func_urlquote, FR_TYPE_STRING, xlat_func_urlquote_arg);
5056 XLAT_REGISTER_PURE("urlquote", xlat_func_urlquote, FR_TYPE_STRING, xlat_func_urlquote_arg);
5057 XLAT_NEW("url.quote");
5058
5059 XLAT_REGISTER_PURE("url.unquote", xlat_func_urlunquote, FR_TYPE_STRING, xlat_func_urlunquote_arg);
5060 XLAT_REGISTER_PURE("urlunquote", xlat_func_urlunquote, FR_TYPE_STRING, xlat_func_urlunquote_arg);
5061 XLAT_NEW("url.unquote");
5062
5063 XLAT_REGISTER_PURE("eval", xlat_func_eval, FR_TYPE_VOID, xlat_func_eval_arg);
5064
5065 return xlat_register_expressions();
5066}
5067
5068int xlat_global_init(void)
5069{
5070 int ret;
5071 fr_atexit_global_once_ret(&ret, _xlat_global_init, _xlat_global_free, NULL);
5072 return ret;
5073}
buffer
static int const char char buffer[256]
Definition acutest.h:576
file
int const char * file
Definition acutest.h:702
args
va_list args
Definition acutest.h:770
fmt
static int const char * fmt
Definition acutest.h:573
fr_base16_encode
#define fr_base16_encode(_out, _in)
Definition base16.h:54
fr_base16_decode
#define fr_base16_decode(_err, _out, _in, _no_trailing)
Definition base16.h:92
fr_base64_encode
#define fr_base64_encode(_out, _in, _add_padding)
Definition base64.h:71
fr_base64_decode
#define fr_base64_decode(_out, _in, _expect_padding, _no_trailing)
Definition base64.h:78
FR_BASE64_DEC_LENGTH
#define FR_BASE64_DEC_LENGTH(_inlen)
Definition base64.h:41
FR_BASE64_ENC_LENGTH
#define FR_BASE64_ENC_LENGTH(_inlen)
Encode/decode binary data using printable characters (base64 format)
Definition base64.h:40
stop
static bool stop
Definition radmin.c:68
UNCONST
#define UNCONST(_type, _ptr)
Remove const qualification from a pointer.
Definition build.h:186
RCSID
#define RCSID(id)
Definition build.h:512
L
#define L(_str)
Helper for initialising arrays of string literals.
Definition build.h:228
unlikely
#define unlikely(_x)
Definition build.h:407
UNUSED
#define UNUSED
Definition build.h:336
NUM_ELEMENTS
#define NUM_ELEMENTS(_t)
Definition build.h:358
dict
fr_dict_t * dict
Definition common.c:31
root_da
fr_dict_attr_t const * root_da
Definition common.c:32
fr_dbuff_used
#define fr_dbuff_used(_dbuff_or_marker)
Return the number of bytes remaining between the start of the dbuff or marker and the current positio...
Definition dbuff.h:775
fr_dbuff_start
#define fr_dbuff_start(_dbuff_or_marker)
Return the 'start' position of a dbuff or marker.
Definition dbuff.h:906
FR_DBUFF_TALLOC_THREAD_LOCAL
#define FR_DBUFF_TALLOC_THREAD_LOCAL(_out, _init, _max)
Create a function local and thread local extensible dbuff.
Definition dbuff.h:564
FR_DBUFF_TMP
#define FR_DBUFF_TMP(_start, _len_or_end)
Creates a compound literal to pass into functions which accept a dbuff.
Definition dbuff.h:522
fr_dcursor_next
static void * fr_dcursor_next(fr_dcursor_t *cursor)
Advanced the cursor to the next item.
Definition dcursor.h:288
fr_dcursor_append
static int fr_dcursor_append(fr_dcursor_t *cursor, void *v)
Insert a single item at the end of the list.
Definition dcursor.h:406
fr_dcursor_current
static void * fr_dcursor_current(fr_dcursor_t *cursor)
Return the item the cursor current points to.
Definition dcursor.h:337
fr_dcursor_head
static void * fr_dcursor_head(fr_dcursor_t *cursor)
Rewind cursor to the start of the list.
Definition dcursor.h:232
fr_dcursor_s
Definition dcursor.h:91
MEM
#define MEM(x)
Definition debug.h:36
fr_dict_global_ctx_iter_next
fr_dict_t * fr_dict_global_ctx_iter_next(fr_dict_global_ctx_iter_t *iter)
Definition dict_util.c:4869
fr_dict_vendor_t::name
char const * name
Vendor name.
Definition dict.h:274
fr_dict_attr_common_parent
fr_dict_attr_t const * fr_dict_attr_common_parent(fr_dict_attr_t const *a, fr_dict_attr_t const *b, bool is_ancestor)
Find a common ancestor that two TLV type attributes share.
Definition dict_util.c:2287
err
static fr_slen_t err
Definition dict.h:882
fr_dict_global_ctx_iter_init
fr_dict_t * fr_dict_global_ctx_iter_init(fr_dict_global_ctx_iter_t *iter)
Iterate protocols by name.
Definition dict_util.c:4862
fr_dict_root
fr_dict_attr_t const * fr_dict_root(fr_dict_t const *dict)
Return the root attribute of a dictionary.
Definition dict_util.c:2639
fr_dict_dl
dl_t * fr_dict_dl(fr_dict_t const *dict)
Definition dict_util.c:2649
fr_dict_vendor_t::pen
uint32_t pen
Private enterprise number.
Definition dict.h:270
fr_dict_internal
fr_dict_t const * fr_dict_internal(void)
Definition dict_util.c:4905
in
static fr_slen_t in
Definition dict.h:882
fr_dict_vendor_by_da
fr_dict_vendor_t const * fr_dict_vendor_by_da(fr_dict_attr_t const *da)
Look up a vendor by one of its child attributes.
Definition dict_util.c:2877
fr_dict_vendor_t
Private enterprise.
Definition dict.h:269
value
Test enumeration values.
Definition dict_test.h:92
dl_loader_init
dl_loader_t * dl_loader_init(TALLOC_CTX *ctx, void *uctx, bool uctx_free, bool defer_symbol_init)
Initialise structures needed by the dynamic linker.
Definition dl.c:900
dl_by_name
dl_t * dl_by_name(dl_loader_t *dl_loader, char const *name, void *uctx, bool uctx_free)
Search for a dl's shared object in various locations.
Definition dl.c:470
dl_loader_s
A dynamic loader.
Definition dl.c:81
dl_s::handle
void * handle
Handle returned by dlopen.
Definition dl.h:61
dl_s
Module handle.
Definition dl.h:57
fr_dlist_head
static void * fr_dlist_head(fr_dlist_head_t const *list_head)
Return the HEAD item of a list or NULL if the list is empty.
Definition dlist.h:468
fr_dlist_num_elements
static unsigned int fr_dlist_num_elements(fr_dlist_head_t const *head)
Return the number of elements in the dlist.
Definition dlist.h:921
fr_dlist_next
static void * fr_dlist_next(fr_dlist_head_t const *list_head, void const *ptr)
Get the next item in a list.
Definition dlist.h:537
my
void fr_bio_shutdown & my
Definition fd_errno.h:73
xlat_func_time_now
static xlat_action_t xlat_func_time_now(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, UNUSED request_t *request, UNUSED fr_value_box_list_t *args)
Return the current time as a FR_TYPE_DATE.
Definition xlat_builtin.c:4041
xlat_func_next_time
static xlat_action_t xlat_func_next_time(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *args)
Calculate number of seconds until the next n hour(s), day(s), week(s), year(s).
Definition xlat_builtin.c:1511
xlat_func_lpad
static xlat_action_t xlat_func_lpad(UNUSED TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *args)
lpad a string
Definition xlat_builtin.c:1719
xlat_func_bin
static xlat_action_t xlat_func_bin(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *args)
Convert hex string to binary.
Definition xlat_builtin.c:2008
xlat_func_pairs_debug
static xlat_action_t xlat_func_pairs_debug(UNUSED TALLOC_CTX *ctx, UNUSED fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *args)
Print out attribute info.
Definition xlat_builtin.c:283
xlat_func_subst
static xlat_action_t xlat_func_subst(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *args)
Perform regex substitution.
Definition xlat_builtin.c:3760
xlat_func_urlunquote
static xlat_action_t xlat_func_urlunquote(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *args)
URLdecode special characters.
Definition xlat_builtin.c:4294
xlat_pair_decode
static xlat_action_t xlat_pair_decode(TALLOC_CTX *ctx, fr_dcursor_t *out, xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *in)
Decode any protocol attribute / options.
Definition xlat_builtin.c:4375
xlat_func_base64_decode
static xlat_action_t xlat_func_base64_decode(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *args)
Decode base64 string.
Definition xlat_builtin.c:1949
xlat_func_hmac_md5
static xlat_action_t xlat_func_hmac_md5(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, UNUSED request_t *request, fr_value_box_list_t *in)
Generate the HMAC-MD5 of a string or attribute.
Definition xlat_builtin.c:2381
xlat_func_base64_encode
static xlat_action_t xlat_func_base64_encode(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *args)
Encode string or attribute as base64.
Definition xlat_builtin.c:1901
xlat_func_log_info
static xlat_action_t xlat_func_log_info(UNUSED TALLOC_CTX *ctx, UNUSED fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *args)
Log something at INFO level.
Definition xlat_builtin.c:1235
xlat_func_log_warn
static xlat_action_t xlat_func_log_warn(UNUSED TALLOC_CTX *ctx, UNUSED fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *args)
Log something at WARN level.
Definition xlat_builtin.c:1310
xlat_func_map
static xlat_action_t xlat_func_map(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *args)
Processes fmt as a map string and applies it to the current request.
Definition xlat_builtin.c:1426
xlat_func_debug
static xlat_action_t xlat_func_debug(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *args)
Dynamically change the debugging level for the current request.
Definition xlat_builtin.c:92
xlat_func_log_debug
static xlat_action_t xlat_func_log_debug(UNUSED TALLOC_CTX *ctx, UNUSED fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *args)
Log something at DEBUG level.
Definition xlat_builtin.c:1260
xlat_func_log_dst
static xlat_action_t xlat_func_log_dst(UNUSED TALLOC_CTX *ctx, UNUSED fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *args)
Change the log destination to the named one.
Definition xlat_builtin.c:1347
xlat_func_string_arg
static xlat_arg_parser_t const xlat_func_string_arg[]
Calculate any digest supported by OpenSSL EVP_MD.
Definition xlat_builtin.c:3340
xlat_func_block
static xlat_action_t xlat_func_block(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, UNUSED request_t *request, fr_value_box_list_t *args)
Block for the specified duration.
Definition xlat_builtin.c:2079
xlat_func_concat
static xlat_action_t xlat_func_concat(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *args)
Concatenate string representation of values of given attributes using separator.
Definition xlat_builtin.c:2252
xlat_func_urlquote
static xlat_action_t xlat_func_urlquote(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, UNUSED request_t *request, fr_value_box_list_t *args)
URLencode special characters.
Definition xlat_builtin.c:4209
xlat_func_rpad
static xlat_action_t xlat_func_rpad(UNUSED TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *args)
Right pad a string.
Definition xlat_builtin.c:1817
xlat_func_md4
static xlat_action_t xlat_func_md4(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, UNUSED request_t *request, fr_value_box_list_t *args)
Calculate the MD4 hash of a string or attribute.
Definition xlat_builtin.c:2511
xlat_func_explode
static xlat_action_t xlat_func_explode(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *args)
Split a string into multiple new strings based on a delimiter.
Definition xlat_builtin.c:985
xlat_func_pairs_print
static xlat_action_t xlat_func_pairs_print(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *args)
Encode attributes as a series of string attribute/value pairs.
Definition xlat_builtin.c:2592
xlat_func_time_request
static xlat_action_t xlat_func_time_request(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, UNUSED fr_value_box_list_t *args)
Return the request receive time as a FR_TYPE_DATE.
Definition xlat_builtin.c:4072
xlat_func_regex
static xlat_action_t xlat_func_regex(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *in)
Get named subcapture value from previous regex.
Definition xlat_builtin.c:3133
xlat_func_substr
static xlat_action_t xlat_func_substr(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *args)
Extract a substring from string / octets data.
Definition xlat_builtin.c:3501
xlat_func_length
static xlat_action_t xlat_func_length(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, UNUSED request_t *request, fr_value_box_list_t *in)
Return the on-the-wire size of the boxes in bytes.
Definition xlat_builtin.c:2480
xlat_func_immutable_attr
static xlat_action_t xlat_func_immutable_attr(UNUSED TALLOC_CTX *ctx, UNUSED fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *args)
Mark one or more attributes as immutable.
Definition xlat_builtin.c:1067
xlat_func_rand
static xlat_action_t xlat_func_rand(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, UNUSED request_t *request, fr_value_box_list_t *in)
Generate a random integer value.
Definition xlat_builtin.c:2642
xlat_pair_encode
static xlat_action_t xlat_pair_encode(TALLOC_CTX *ctx, fr_dcursor_t *out, xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *args)
Encode protocol attributes / options.
Definition xlat_builtin.c:4526
xlat_func_log_err
static xlat_action_t xlat_func_log_err(UNUSED TALLOC_CTX *ctx, UNUSED fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *args)
Log something at DEBUG level.
Definition xlat_builtin.c:1285
xlat_func_hmac_sha1
static xlat_action_t xlat_func_hmac_sha1(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, UNUSED request_t *request, fr_value_box_list_t *in)
Generate the HMAC-SHA1 of a string or attribute.
Definition xlat_builtin.c:2399
xlat_func_eval
static xlat_action_t xlat_func_eval(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *args)
Dynamically evaluate an expansion string.
Definition xlat_builtin.c:1621
xlat_func_time_is_dst
static xlat_action_t xlat_func_time_is_dst(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, UNUSED request_t *request, UNUSED fr_value_box_list_t *args)
Return whether we are in daylight savings or not.
Definition xlat_builtin.c:4110
xlat_func_integer
static xlat_action_t xlat_func_integer(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *args)
Print data as integer, not as VALUE.
Definition xlat_builtin.c:1108
xlat_func_time
static xlat_action_t xlat_func_time(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *args)
Return the time as a FR_TYPE_DATE.
Definition xlat_builtin.c:3943
xlat_func_toupper
static xlat_action_t xlat_func_toupper(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *in)
Convert a string to uppercase.
Definition xlat_builtin.c:4187
xlat_func_uuid_v7
static xlat_action_t xlat_func_uuid_v7(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, UNUSED request_t *request, UNUSED fr_value_box_list_t *args)
Generate a version 7 UUID.
Definition xlat_builtin.c:2974
xlat_func_uuid_v4
static xlat_action_t xlat_func_uuid_v4(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, UNUSED request_t *request, UNUSED fr_value_box_list_t *args)
Generate a version 4 UUID.
Definition xlat_builtin.c:2934
xlat_func_cast
static xlat_action_t xlat_func_cast(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *args)
Cast one or more output value-boxes to the given type.
Definition xlat_builtin.c:2119
xlat_func_hex
static xlat_action_t xlat_func_hex(UNUSED TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, UNUSED request_t *request, fr_value_box_list_t *args)
Print data as hex, not as VALUE.
Definition xlat_builtin.c:2301
xlat_func_md5
static xlat_action_t xlat_func_md5(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, UNUSED request_t *request, fr_value_box_list_t *args)
Calculate the MD5 hash of a string or attribute.
Definition xlat_builtin.c:2551
xlat_func_subnet_netmask
static xlat_action_t xlat_func_subnet_netmask(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, UNUSED request_t *request, fr_value_box_list_t *args)
Calculate the subnet mask from a IPv4 prefix.
Definition xlat_builtin.c:4454
xlat_func_sha1
static xlat_action_t xlat_func_sha1(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, UNUSED request_t *request, fr_value_box_list_t *args)
Calculate the SHA1 hash of a string or attribute.
Definition xlat_builtin.c:3240
xlat_func_str_printable
static xlat_action_t xlat_func_str_printable(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, UNUSED request_t *request, fr_value_box_list_t *args)
Return whether a string has only printable chars.
Definition xlat_builtin.c:3404
xlat_func_range
static xlat_action_t xlat_func_range(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *args)
Generate a range of uint64 numbers.
Definition xlat_builtin.c:3027
xlat_func_randstr
static xlat_action_t xlat_func_randstr(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *args)
Generate a string of random chars.
Definition xlat_builtin.c:2697
xlat_func_tolower
static xlat_action_t xlat_func_tolower(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *in)
Convert a string to lowercase.
Definition xlat_builtin.c:4168
xlat_func_subnet_broadcast
static xlat_action_t xlat_func_subnet_broadcast(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, UNUSED request_t *request, fr_value_box_list_t *args)
Calculate the broadcast address from a IPv4 prefix.
Definition xlat_builtin.c:4490
xlat_func_str_utf8
static xlat_action_t xlat_func_str_utf8(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, UNUSED request_t *request, fr_value_box_list_t *args)
Return whether a string is valid UTF-8.
Definition xlat_builtin.c:3460
xlat_func_time_offset
static xlat_action_t xlat_func_time_offset(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, UNUSED request_t *request, UNUSED fr_value_box_list_t *args)
Return the current time offset from gmt.
Definition xlat_builtin.c:4091
xlat_func_strlen
static xlat_action_t xlat_func_strlen(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, UNUSED request_t *request, fr_value_box_list_t *args)
Print length of given string.
Definition xlat_builtin.c:3361
fr_hash_iter_s
Stores the state of the current iteration operation.
Definition hash.h:41
talloc_free
talloc_free(hp)
fr_hmac_md5
int fr_hmac_md5(uint8_t digest[MD5_DIGEST_LENGTH], uint8_t const *in, size_t inlen, uint8_t const *key, size_t key_len)
Calculate HMAC using internal MD5 implementation.
Definition hmac_md5.c:119
fr_hmac_sha1
int fr_hmac_sha1(uint8_t digest[static SHA1_DIGEST_LENGTH], uint8_t const *in, size_t inlen, uint8_t const *key, size_t key_len)
Calculate HMAC using internal SHA1 implementation.
Definition hmac_sha1.c:123
unlang_interpret_frame_talloc_ctx
TALLOC_CTX * unlang_interpret_frame_talloc_ctx(request_t *request)
Get a talloc_ctx which is valid only for this frame.
Definition interpret.c:2035
unlang_interpret_event_list
fr_event_list_t * unlang_interpret_event_list(request_t *request)
Get the event list for the current interpreter.
Definition interpret.c:2411
UNLANG_SUB_FRAME
#define UNLANG_SUB_FRAME
Definition interpret.h:37
unlang_result_t
Definition interpret.h:138
log_dst_by_name
fr_log_t * log_dst_by_name(char const *name)
Get a logging destination by name.
Definition log.c:1082
PERROR
#define PERROR(_fmt,...)
Definition log.h:228
REXDENT
#define REXDENT()
Exdent (unindent) R* messages by one level.
Definition log.h:455
RWDEBUG
#define RWDEBUG(fmt,...)
Definition log.h:373
RDEBUG_ENABLED3
#define RDEBUG_ENABLED3
True if request debug level 1-3 messages are enabled.
Definition log.h:347
REDEBUG3
#define REDEBUG3(fmt,...)
Definition log.h:385
RERROR
#define RERROR(fmt,...)
Definition log.h:310
RPERROR
#define RPERROR(fmt,...)
Definition log.h:314
REMARKER
#define REMARKER(_str, _marker_idx, _marker,...)
Output string with error marker, showing where format error occurred.
Definition log.h:510
RINFO
#define RINFO(fmt,...)
Definition log.h:308
RMARKER
#define RMARKER(_type, _lvl, _str, _marker_idx, _marker,...)
Output string with error marker, showing where format error occurred.
Definition log.h:481
RPEDEBUG
#define RPEDEBUG(fmt,...)
Definition log.h:388
RDEBUG4
#define RDEBUG4(fmt,...)
Definition log.h:356
RDEBUG_ENABLED4
#define RDEBUG_ENABLED4
True if request debug level 1-4 messages are enabled.
Definition log.h:348
RIDEBUG2
#define RIDEBUG2(fmt,...)
Definition log.h:364
REDEBUG2
#define REDEBUG2(fmt,...)
Definition log.h:384
RIDEBUG3
#define RIDEBUG3(fmt,...)
Definition log.h:365
RINDENT
#define RINDENT()
Indent R* messages by one level.
Definition log.h:442
map_to_vp
int map_to_vp(TALLOC_CTX *ctx, fr_pair_list_t *out, request_t *request, map_t const *map, UNUSED void *uctx)
Convert a map to a fr_pair_t.
Definition map.c:1604
map_to_request
int map_to_request(request_t *request, map_t const *map, radius_map_getvalue_t func, void *ctx)
Convert map_t to fr_pair_t (s) and add them to a request_t.
Definition map.c:1884
map_afrom_attr_str
int map_afrom_attr_str(TALLOC_CTX *ctx, map_t **out, char const *vp_str, tmpl_rules_t const *lhs_rules, tmpl_rules_t const *rhs_rules)
Convert a value pair string to valuepair map.
Definition map.c:1433
fr_time
#define fr_time()
Definition event.c:60
fr_mkdir
ssize_t fr_mkdir(int *fd_out, char const *path, ssize_t len, mode_t mode, fr_mkdir_func_t func, void *uctx)
Create directories that are missing in the specified path.
Definition file.c:218
fr_filename_escape
const fr_sbuff_escape_rules_t fr_filename_escape
Definition file.c:916
fr_filename_escape_dots
const fr_sbuff_escape_rules_t fr_filename_escape_dots
Definition file.c:932
L_DST_NULL
@ L_DST_NULL
Discard log messages.
Definition log.h:80
L_DST_FILES
@ L_DST_FILES
Log to a file on disk.
Definition log.h:76
L_DBG_LVL_DISABLE
@ L_DBG_LVL_DISABLE
Don't print messages.
Definition log.h:65
L_DBG_LVL_2
@ L_DBG_LVL_2
2nd highest priority debug messages (-xx | -X).
Definition log.h:68
L_DBG_LVL_MAX
@ L_DBG_LVL_MAX
Lowest priority debug messages (-xxxxx | -Xxxx).
Definition log.h:71
L_WARN
@ L_WARN
Warning.
Definition log.h:54
main_config
main_config_t const * main_config
Main server configuration.
Definition main_config.c:56
main_config_s::limit_files
char const ** limit_files
where file....() is limited to
Definition main_config.h:105
fr_md4_calc
void fr_md4_calc(uint8_t out[static MD4_DIGEST_LENGTH], uint8_t const *in, size_t inlen)
Calculate the MD4 hash of the contents of a buffer.
Definition md4.c:473
MD4_DIGEST_LENGTH
#define MD4_DIGEST_LENGTH
Definition md4.h:22
MD5_DIGEST_LENGTH
#define MD5_DIGEST_LENGTH
Definition merged_model.c:242
uint16_t
unsigned short uint16_t
Definition merged_model.c:31
fr_type_t
fr_type_t
Definition merged_model.c:80
FR_TYPE_TIME_DELTA
@ FR_TYPE_TIME_DELTA
A period of time measured in nanoseconds.
Definition merged_model.c:113
FR_TYPE_FLOAT32
@ FR_TYPE_FLOAT32
Single precision floating point.
Definition merged_model.c:108
FR_TYPE_IPV4_ADDR
@ FR_TYPE_IPV4_ADDR
32 Bit IPv4 Address.
Definition merged_model.c:86
FR_TYPE_INT8
@ FR_TYPE_INT8
8 Bit signed integer.
Definition merged_model.c:103
FR_TYPE_ETHERNET
@ FR_TYPE_ETHERNET
48 Bit Mac-Address.
Definition merged_model.c:93
FR_TYPE_IPV6_PREFIX
@ FR_TYPE_IPV6_PREFIX
IPv6 Prefix.
Definition merged_model.c:89
FR_TYPE_STRING
@ FR_TYPE_STRING
String of printable characters.
Definition merged_model.c:83
FR_TYPE_NULL
@ FR_TYPE_NULL
Invalid (uninitialised) attribute type.
Definition merged_model.c:81
FR_TYPE_UINT16
@ FR_TYPE_UINT16
16 Bit unsigned integer.
Definition merged_model.c:98
FR_TYPE_INT64
@ FR_TYPE_INT64
64 Bit signed integer.
Definition merged_model.c:106
FR_TYPE_INT16
@ FR_TYPE_INT16
16 Bit signed integer.
Definition merged_model.c:104
FR_TYPE_DATE
@ FR_TYPE_DATE
Unix time stamp, always has value >2^31.
Definition merged_model.c:111
FR_TYPE_COMBO_IP_PREFIX
@ FR_TYPE_COMBO_IP_PREFIX
IPv4 or IPv6 address prefix depending on length.
Definition merged_model.c:92
FR_TYPE_UINT8
@ FR_TYPE_UINT8
8 Bit unsigned integer.
Definition merged_model.c:97
FR_TYPE_UINT32
@ FR_TYPE_UINT32
32 Bit unsigned integer.
Definition merged_model.c:99
FR_TYPE_INT32
@ FR_TYPE_INT32
32 Bit signed integer.
Definition merged_model.c:105
FR_TYPE_UINT64
@ FR_TYPE_UINT64
64 Bit unsigned integer.
Definition merged_model.c:100
FR_TYPE_IPV6_ADDR
@ FR_TYPE_IPV6_ADDR
128 Bit IPv6 Address.
Definition merged_model.c:88
FR_TYPE_IPV4_PREFIX
@ FR_TYPE_IPV4_PREFIX
IPv4 Prefix.
Definition merged_model.c:87
FR_TYPE_VOID
@ FR_TYPE_VOID
User data.
Definition merged_model.c:127
FR_TYPE_BOOL
@ FR_TYPE_BOOL
A truth value.
Definition merged_model.c:95
FR_TYPE_SIZE
@ FR_TYPE_SIZE
Unsigned integer capable of representing any memory address on the local system.
Definition merged_model.c:115
FR_TYPE_COMBO_IP_ADDR
@ FR_TYPE_COMBO_IP_ADDR
IPv4 or IPv6 address depending on length.
Definition merged_model.c:91
FR_TYPE_IFID
@ FR_TYPE_IFID
Interface ID.
Definition merged_model.c:90
FR_TYPE_OCTETS
@ FR_TYPE_OCTETS
Raw octets.
Definition merged_model.c:84
FR_TYPE_GROUP
@ FR_TYPE_GROUP
A grouping of other attributes.
Definition merged_model.c:124
FR_TYPE_FLOAT64
@ FR_TYPE_FLOAT64
Double precision floating point.
Definition merged_model.c:109
uint32_t
unsigned int uint32_t
Definition merged_model.c:33
ssize_t
long int ssize_t
Definition merged_model.c:24
fr_md5_calc
void fr_md5_calc(uint8_t out[static MD5_DIGEST_LENGTH], uint8_t const *in, size_t inlen)
Perform a single digest operation on a single input buffer.
Definition merged_model.c:245
uint8_t
unsigned char uint8_t
Definition merged_model.c:30
fr_slen_t
ssize_t fr_slen_t
Definition merged_model.c:35
off_t
long long int off_t
Definition merged_model.c:22
size_t
unsigned long int size_t
Definition merged_model.c:25
fr_sbuff_parse_error_t
fr_sbuff_parse_error_t
Definition merged_model.c:45
fr_dbuff_t
Definition merged_model.c:41
fr_dict_attr_t
Definition merged_model.c:133
fr_dict_t
Definition merged_model.c:198
fr_sbuff_t
Definition merged_model.c:37
fr_value_box_t
Definition merged_model.c:136
request_t
Definition merged_model.c:210
fr_snprint_uint128
size_t fr_snprint_uint128(char *out, size_t outlen, uint128_t const num)
Write 128bit unsigned integer to buffer.
Definition misc.c:401
gmtime_r
struct tm * gmtime_r(time_t const *l_clock, struct tm *result)
Definition missing.c:205
localtime_r
struct tm * localtime_r(time_t const *l_clock, struct tm *result)
Definition missing.c:162
fr_pair_list_parent
fr_pair_t * fr_pair_list_parent(fr_pair_list_t const *list)
Return a pointer to the parent pair which contains this list.
Definition pair.c:970
fr_pair_update_by_da_parent
int fr_pair_update_by_da_parent(fr_pair_t *parent, fr_pair_t **out, fr_dict_attr_t const *da)
Return the first fr_pair_t matching the fr_dict_attr_t or alloc a new fr_pair_t and its subtree (and ...
Definition pair.c:1602
fr_pair_delete
int fr_pair_delete(fr_pair_list_t *list, fr_pair_t *vp)
Remove fr_pair_t from a list and free.
Definition pair.c:1833
fr_utf8_str
fr_slen_t fr_utf8_str(uint8_t const *str, ssize_t inlen)
Validate a complete UTF8 string.
Definition print.c:153
fr_utf8_char
size_t fr_utf8_char(uint8_t const *str, ssize_t inlen)
Checks for utf-8, taken from http://www.w3.org/International/questions/qa-forms-utf-8.
Definition print.c:39
encode_ctx
static fr_internal_encode_ctx_t encode_ctx
Definition proto_ldap_sync.c:34
fr_assert
#define fr_assert(_expr)
Definition rad_assert.h:37
REDEBUG
#define REDEBUG(fmt,...)
Definition radclient-ng.h:52
RDEBUG_ENABLED2
#define RDEBUG_ENABLED2()
Definition radclient-ng.h:50
RDEBUG2
#define RDEBUG2(fmt,...)
Definition radclient-ng.h:54
RDEBUG
#define RDEBUG(fmt,...)
Definition radclient-ng.h:53
done
static bool done
Definition radclient.c:80
fill
#define fill(_expr)
fr_rand
uint32_t fr_rand(void)
Return a 32-bit random number.
Definition rand.c:104
request_attr_request
fr_dict_attr_t const * request_attr_request
Definition request.c:43
request_log_prepend
void request_log_prepend(request_t *request, fr_log_t *log_dst, fr_log_lvl_t lvl)
Prepend another logging destination to the list.
Definition request.c:92
RAD_REQUEST_LVL_NONE
#define RAD_REQUEST_LVL_NONE
No debug messages should be printed.
Definition request.h:314
name
static char const * name
Definition rlm_redis_ippool_tool.c:156
fr_sbuff_adv_to_str
char * fr_sbuff_adv_to_str(fr_sbuff_t *sbuff, size_t len, char const *needle, size_t needle_len)
Wind position to the first instance of the specified needle.
Definition sbuff.c:2080
fr_sbuff_adv_to_chr
char * fr_sbuff_adv_to_chr(fr_sbuff_t *sbuff, size_t len, char c)
Wind position to first instance of specified char.
Definition sbuff.c:2044
fr_sbuff_in_bstrncpy
ssize_t fr_sbuff_in_bstrncpy(fr_sbuff_t *sbuff, char const *str, size_t len)
Copy bytes into the sbuff up to the first \0.
Definition sbuff.c:1493
fr_sbuff_in_sprintf
ssize_t fr_sbuff_in_sprintf(fr_sbuff_t *sbuff, char const *fmt,...)
Print using a fmt string to an sbuff.
Definition sbuff.c:1609
fr_sbuff_next_if_char
bool fr_sbuff_next_if_char(fr_sbuff_t *sbuff, char c)
Return true if the current char matches, and if it does, advance.
Definition sbuff.c:2176
fr_sbuff_start
#define fr_sbuff_start(_sbuff_or_marker)
fr_sbuff_set
#define fr_sbuff_set(_dst, _src)
FR_SBUFF_IN
#define FR_SBUFF_IN(_start, _len_or_end)
fr_sbuff_adv_past_whitespace
#define fr_sbuff_adv_past_whitespace(_sbuff, _len, _tt)
fr_sbuff_current
#define fr_sbuff_current(_sbuff_or_marker)
fr_sbuff_unescape_rules_t::name
char const * name
Name for rule set to aid we debugging.
Definition sbuff.h:209
FR_SBUFF
#define FR_SBUFF(_sbuff_or_marker)
fr_sbuff_advance
#define fr_sbuff_advance(_sbuff_or_marker, _len)
fr_sbuff_init_in
#define fr_sbuff_init_in(_out, _start, _len_or_end)
fr_sbuff_remaining
#define fr_sbuff_remaining(_sbuff_or_marker)
fr_sbuff_len
#define fr_sbuff_len(_sbuff_or_marker)
FR_SBUFF_OUT
#define FR_SBUFF_OUT(_start, _len_or_end)
fr_sbuff_move
#define fr_sbuff_move(_out, _in, _len)
fr_sbuff_used
#define fr_sbuff_used(_sbuff_or_marker)
fr_sbuff_behind
#define fr_sbuff_behind(_sbuff_or_marker)
fr_sbuff_ahead
#define fr_sbuff_ahead(_sbuff_or_marker)
FR_SBUFF_TALLOC_THREAD_LOCAL
#define FR_SBUFF_TALLOC_THREAD_LOCAL(_out, _init, _max)
fr_sbuff_ptr_s
Definition sbuff.h:82
fr_sbuff_unescape_rules_t
Set of parsing rules for *unescape_until functions.
Definition merged_model.c:163
tmpl_type_to_str
static char const * tmpl_type_to_str(tmpl_type_t type)
Return a static string containing the type name.
Definition tmpl.h:638
TMPL_TYPE_ATTR
@ TMPL_TYPE_ATTR
Reference to one or more attributes.
Definition tmpl.h:142
TMPL_TYPE_XLAT
@ TMPL_TYPE_XLAT
Pre-parsed xlat expansion.
Definition tmpl.h:146
TMPL_TYPE_EXEC
@ TMPL_TYPE_EXEC
Callout to an external script or program.
Definition tmpl.h:150
TMPL_TYPE_REGEX_XLAT_UNRESOLVED
@ TMPL_TYPE_REGEX_XLAT_UNRESOLVED
A regular expression with unresolved xlat functions or attribute references.
Definition tmpl.h:197
TMPL_TYPE_DATA
@ TMPL_TYPE_DATA
Value in native boxed format.
Definition tmpl.h:138
TMPL_TYPE_DATA_UNRESOLVED
@ TMPL_TYPE_DATA_UNRESOLVED
Unparsed literal string.
Definition tmpl.h:179
tmpl_rules_s::attr
tmpl_attr_rules_t attr
Rules/data for parsing attribute references.
Definition tmpl.h:339
tmpl_rules_s
Optional arguments passed to vp_tmpl functions.
Definition tmpl.h:336
fr_sha1_init
void fr_sha1_init(fr_sha1_ctx *context)
Definition sha1.c:93
fr_sha1_final
void fr_sha1_final(uint8_t digest[static SHA1_DIGEST_LENGTH], fr_sha1_ctx *context)
Definition sha1.c:141
fr_sha1_update
void fr_sha1_update(fr_sha1_ctx *context, uint8_t const *in, size_t len)
Definition sha1.c:105
SHA1_DIGEST_LENGTH
#define SHA1_DIGEST_LENGTH
Definition sha1.h:29
fr_sha1_ctx
Definition sha1.h:33
buff
static char buff[sizeof("18446744073709551615")+3]
Definition size_tests.c:37
snprintf
PUBLIC int snprintf(char *string, size_t length, char *format, va_alist)
Definition snprintf.c:689
strings
PRIVATE void strings()
inst
eap_aka_sim_process_conf_t * inst
Definition state_machine.c:3645
type
fr_aka_sim_id_type_t type
Definition state_machine.c:3648
vp
fr_pair_t * vp
Definition state_machine.c:2287
strlcpy
size_t strlcpy(char *dst, char const *src, size_t siz)
Definition strlcpy.c:34
fr_log_s
Definition log.h:93
fr_log_s::parent
fr_log_t * parent
Log destination this was cloned from.
Definition log.h:118
fr_log_s::dst
fr_log_dst_t dst
Log destination.
Definition log.h:94
fr_log_s::fd
int fd
File descriptor to write messages to.
Definition log.h:109
fr_log_s::file
char const * file
Path to log file.
Definition log.h:110
map_s
Value pair map.
Definition map.h:77
map_s::lhs
tmpl_t * lhs
Typically describes the attribute to add, modify or compare.
Definition map.h:78
map_s::rhs
tmpl_t * rhs
Typically describes a literal value or a src attribute to copy or compare.
Definition map.h:79
pair_list_s
Definition pair.h:52
tmpl_attr_rules_s::dict_def
fr_dict_t const * dict_def
Default dictionary to use with unqualified attribute references.
Definition tmpl.h:273
value_pair_s
Stores an attribute, a value and various bits of other data.
Definition pair.h:68
value_pair_s::da
fr_dict_attr_t const *_CONST da
Dictionary attribute defines the attribute number, vendor and type of the pair.
Definition pair.h:69
fr_syserror
char const * fr_syserror(int num)
Guaranteed to be thread-safe version of strerror.
Definition syserror.c:243
fr_table_value_by_str
#define fr_table_value_by_str(_table, _name, _def)
Convert a string to a value using a sorted or ordered table.
Definition table.h:685
fr_table_value_by_substr
#define fr_table_value_by_substr(_table, _name, _name_len, _def)
Convert a partial string to a value using an ordered or sorted table.
Definition table.h:725
fr_table_num_ordered_t
An element in an arbitrarily ordered array of name to num mappings.
Definition table.h:57
fr_table_num_sorted_t
An element in a lexicographically sorted array of name to num mappings.
Definition table.h:49
talloc_bstrndup
char * talloc_bstrndup(TALLOC_CTX *ctx, char const *in, size_t inlen)
Binary safe strndup function.
Definition talloc.c:618
talloc_bstr_append
char * talloc_bstr_append(TALLOC_CTX *ctx, char *to, char const *from, size_t from_len)
Append a bstr to a bstr.
Definition talloc.c:646
talloc_get_type_abort_const
#define talloc_get_type_abort_const
Definition talloc.h:117
talloc_strdup
#define talloc_strdup(_ctx, _str)
Definition talloc.h:149
talloc_strlen
static size_t talloc_strlen(char const *s)
Returns the length of a talloc array containing a string.
Definition talloc.h:143
fr_test_point_pair_decode_t::test_ctx
fr_test_point_ctx_alloc_t test_ctx
Allocate a test ctx for the encoder.
Definition test_point.h:86
fr_test_point_pair_encode_t::test_ctx
fr_test_point_ctx_alloc_t test_ctx
Allocate a test ctx for the encoder.
Definition test_point.h:94
fr_test_point_pair_decode_t::func
fr_pair_decode_t func
Decoder for pairs.
Definition test_point.h:87
fr_test_point_pair_encode_t::func
fr_pair_encode_t func
Encoder for pairs.
Definition test_point.h:95
fr_test_point_pair_decode_t
Entry point for pair decoders.
Definition test_point.h:85
fr_test_point_pair_encode_t
Entry point for pair encoders.
Definition test_point.h:93
fr_time_is_dst
bool fr_time_is_dst(void)
Whether or not we're daylight savings.
Definition time.c:1228
fr_unix_time_from_str
int fr_unix_time_from_str(fr_unix_time_t *date, char const *date_str, fr_time_res_t hint)
Convert string in various formats to a fr_unix_time_t.
Definition time.c:810
fr_time_gmtoff
fr_time_delta_t fr_time_gmtoff(void)
Get the offset to gmt.
Definition time.c:1220
fr_time_delta_to_timespec
#define fr_time_delta_to_timespec(_delta)
Convert a delta to a timespec.
Definition time.h:666
fr_time_to_msec
static int64_t fr_time_to_msec(fr_time_t when)
Convert an fr_time_t (internal time) to number of msec since the unix epoch (wallclock time)
Definition time.h:711
fr_unix_time_to_sec
static int64_t fr_unix_time_to_sec(fr_unix_time_t delta)
Definition time.h:506
fr_time_delta_wrap
#define fr_time_delta_wrap(_time)
Definition time.h:152
FR_TIME_RES_SEC
@ FR_TIME_RES_SEC
Definition time.h:50
NSEC
#define NSEC
Definition time.h:379
fr_unix_time_unwrap
static uint64_t fr_unix_time_unwrap(fr_unix_time_t time)
Definition time.h:161
fr_time_delta_sub
static fr_time_delta_t fr_time_delta_sub(fr_time_delta_t a, fr_time_delta_t b)
Definition time.h:261
fr_time_to_unix_time
static fr_unix_time_t fr_time_to_unix_time(fr_time_t when)
Convert an fr_time_t (internal time) to our version of unix time (wallclock time)
Definition time.h:688
fr_time_delta_from_timespec
static fr_time_delta_t fr_time_delta_from_timespec(struct timespec const *ts)
Definition time.h:614
fr_unix_time_s
"Unix" time.
Definition time.h:95
fr_tokens
char const * fr_tokens[T_TOKEN_LAST]
Definition token.c:146
dl
static dl_t * dl
Definition unit_test_attribute.c:261
unlang_xlat_yield
xlat_action_t unlang_xlat_yield(request_t *request, xlat_func_t resume, xlat_func_signal_t signal, fr_signal_t sigmask, void *rctx)
Yield a request back to the interpreter from within a module.
Definition xlat.c:543
unlang_xlat_push
int unlang_xlat_push(TALLOC_CTX *ctx, unlang_result_t *p_result, fr_value_box_list_t *out, request_t *request, xlat_exp_head_t const *xlat, bool top_frame)
Push a pre-compiled xlat onto the stack for evaluation.
Definition xlat.c:269
unlang_xlat_init
void unlang_xlat_init(void)
Register xlat operation with the interpreter.
Definition xlat.c:805
xlat_arg_parser_t::type
fr_type_t type
Type to cast argument to.
Definition xlat.h:155
xlat_is_literal
bool xlat_is_literal(xlat_exp_head_t const *head)
Check to see if the expansion consists entirely of value-box elements.
Definition xlat_tokenize.c:1972
XLAT_ARG_PARSER_CURSOR
#define XLAT_ARG_PARSER_CURSOR
Definition xlat.h:162
xlat_arg_parser_t::concat
unsigned int concat
Concat boxes together.
Definition xlat.h:147
XLAT_ARG_VARIADIC_EMPTY_KEEP
@ XLAT_ARG_VARIADIC_EMPTY_KEEP
Empty argument groups are left alone, and either passed through as empty groups or null boxes.
Definition xlat.h:137
XLAT_ARG_VARIADIC_EMPTY_SQUASH
@ XLAT_ARG_VARIADIC_EMPTY_SQUASH
Empty argument groups are removed.
Definition xlat.h:136
xlat_arg_parser_t::variadic
xlat_arg_parser_variadic_t variadic
All additional boxes should be processed using this definition.
Definition xlat.h:153
XLAT_RESULT_SUCCESS
#define XLAT_RESULT_SUCCESS(_p_result)
Definition xlat.h:500
XLAT_ARGS
#define XLAT_ARGS(_list,...)
Populate local variables with value boxes from the input list.
Definition xlat.h:383
xlat_arg_parser_t::required
unsigned int required
Argument must be present, and non-empty.
Definition xlat.h:146
xlat_arg_parser_t::single
unsigned int single
Argument must only contain a single box.
Definition xlat.h:148
xlat_resolve
int xlat_resolve(xlat_exp_head_t *head, xlat_res_rules_t const *xr_rules)
Walk over an xlat tree recursively, resolving any unresolved functions or references.
Definition xlat_tokenize.c:2043
XLAT_ARG_PARSER_TERMINATOR
#define XLAT_ARG_PARSER_TERMINATOR
Definition xlat.h:170
xlat_action_t
xlat_action_t
Definition xlat.h:37
XLAT_ACTION_FAIL
@ XLAT_ACTION_FAIL
An xlat function failed.
Definition xlat.h:44
XLAT_ACTION_YIELD
@ XLAT_ACTION_YIELD
An xlat function pushed a resume frame onto the stack.
Definition xlat.h:42
XLAT_ACTION_PUSH_UNLANG
@ XLAT_ACTION_PUSH_UNLANG
An xlat function pushed an unlang frame onto the unlang stack.
Definition xlat.h:39
XLAT_ACTION_DONE
@ XLAT_ACTION_DONE
We're done evaluating this level of nesting.
Definition xlat.h:43
xlat_tokenize_expression
fr_slen_t xlat_tokenize_expression(TALLOC_CTX *ctx, xlat_exp_head_t **head, fr_sbuff_t *in, fr_sbuff_parse_rules_t const *p_rules, tmpl_rules_t const *t_rules))
Definition xlat_expr.c:3163
xlat_arg_parser_t
Definition for a single argument consumed by an xlat function.
Definition xlat.h:145
xlat_res_rules_t
Definition xlat.h:164
fr_pair_aprint
static fr_slen_t fr_pair_aprint(TALLOC_CTX *ctx, char **out, fr_dict_attr_t const *parent, fr_pair_t const *vp) 1(fr_pair_print
fr_pair_list_next
fr_pair_t * fr_pair_list_next(fr_pair_list_t const *list, fr_pair_t const *item))
Get the next item in a valuepair list after a specific entry.
Definition pair_inline.c:69
fr_pair_set_immutable
static void fr_pair_set_immutable(fr_pair_t *vp)
Definition pair.h:699
fr_pair_print_name
static fr_slen_t quote ssize_t fr_pair_print_name(fr_sbuff_t *out, fr_dict_attr_t const *parent, fr_pair_t const **vp_p)
Print an attribute name.
Definition pair_print.c:136
fr_pair_dcursor_init
#define fr_pair_dcursor_init(_cursor, _list)
Initialises a special dcursor with callbacks that will maintain the attr sublists correctly.
Definition pair.h:604
parent
static fr_slen_t parent
Definition pair.h:858
fr_strerror_clear
void fr_strerror_clear(void)
Clears all pending messages from the talloc pools.
Definition strerror.c:581
fr_strerror_printf
#define fr_strerror_printf(_fmt,...)
Log to thread local error buffer.
Definition strerror.h:64
fr_type_table
fr_table_num_ordered_t const fr_type_table[]
Map data types to names representing those types.
Definition types.c:31
fr_type_table_len
size_t fr_type_table_len
Definition types.c:87
fr_type_is_structural
#define fr_type_is_structural(_x)
Definition types.h:392
FR_TYPE_ATTR
@ FR_TYPE_ATTR
A contains an attribute reference.
Definition types.h:83
FR_TYPE_NON_LEAF
#define FR_TYPE_NON_LEAF
Definition types.h:318
fr_type_is_string
#define fr_type_is_string(_x)
Definition types.h:348
fr_type_is_numeric
#define fr_type_is_numeric(_x)
Definition types.h:382
FR_TYPE_STRUCTURAL
#define FR_TYPE_STRUCTURAL
Definition types.h:316
fr_type_is_null
#define fr_type_is_null(_x)
Definition types.h:347
fr_type_is_leaf
#define fr_type_is_leaf(_x)
Definition types.h:393
fr_type_to_str
static char const * fr_type_to_str(fr_type_t type)
Return a static string containing the type name.
Definition types.h:454
FR_TYPE_LEAF
#define FR_TYPE_LEAF
Definition types.h:317
FR_TYPE_NUMERIC
#define FR_TYPE_NUMERIC
Definition types.h:306
fr_value_box_network_length
size_t fr_value_box_network_length(fr_value_box_t const *value)
Get the size of the value held by the fr_value_box_t.
Definition value.c:1409
fr_value_box_mark_unsafe
void fr_value_box_mark_unsafe(fr_value_box_t *vb)
Mark a value-box as "unsafe".
Definition value.c:7300
fr_value_box_list_concat_as_string
ssize_t fr_value_box_list_concat_as_string(fr_value_box_t *safety, fr_sbuff_t *sbuff, fr_value_box_list_t *list, char const *sep, size_t sep_len, fr_sbuff_escape_rules_t const *e_rules, fr_value_box_list_action_t proc_action, fr_value_box_safe_for_t safe_for, bool flatten)
Concatenate a list of value boxes together.
Definition value.c:6388
fr_value_box_print
ssize_t fr_value_box_print(fr_sbuff_t *out, fr_value_box_t const *data, fr_sbuff_escape_rules_t const *e_rules)
Print one boxed value to a string.
Definition value.c:6105
fr_value_box_mem_alloc
int fr_value_box_mem_alloc(TALLOC_CTX *ctx, uint8_t **out, fr_value_box_t *dst, fr_dict_attr_t const *enumv, size_t len, bool tainted)
Pre-allocate an octets buffer for filling by the caller.
Definition value.c:4985
fr_value_box_cast
int fr_value_box_cast(TALLOC_CTX *ctx, fr_value_box_t *dst, fr_type_t dst_type, fr_dict_attr_t const *dst_enumv, fr_value_box_t const *src)
Convert one type of fr_value_box_t to another.
Definition value.c:3946
fr_value_box_list_aprint
char * fr_value_box_list_aprint(TALLOC_CTX *ctx, fr_value_box_list_t const *list, char const *delim, fr_sbuff_escape_rules_t const *e_rules)
Concatenate the string representations of a list of value boxes together.
Definition value.c:6987
fr_value_box_mem_realloc
int fr_value_box_mem_realloc(TALLOC_CTX *ctx, uint8_t **out, fr_value_box_t *dst, size_t len)
Change the length of a buffer already allocated to a value box.
Definition value.c:5018
fr_value_box_list_untaint
void fr_value_box_list_untaint(fr_value_box_list_t *head)
Untaint every list member (and their children)
Definition value.c:7184
fr_value_box_cast_in_place
int fr_value_box_cast_in_place(TALLOC_CTX *ctx, fr_value_box_t *vb, fr_type_t dst_type, fr_dict_attr_t const *dst_enumv)
Convert one type of fr_value_box_t to another in place.
Definition value.c:4196
fr_value_box_clear_value
void fr_value_box_clear_value(fr_value_box_t *data)
Clear/free any existing value.
Definition value.c:4331
fr_value_box_strdup
int fr_value_box_strdup(TALLOC_CTX *ctx, fr_value_box_t *dst, fr_dict_attr_t const *enumv, char const *src, bool tainted)
Copy a nul terminated string to a fr_value_box_t.
Definition value.c:4619
fr_value_box_safety_copy_changed
void fr_value_box_safety_copy_changed(fr_value_box_t *out, fr_value_box_t const *in)
Copy the safety values from one box to another.
Definition value.c:7343
fr_value_box_safety_merge
void fr_value_box_safety_merge(fr_value_box_t *out, fr_value_box_t const *in)
Merge safety results.
Definition value.c:7352
fr_value_box_strdup_shallow
void fr_value_box_strdup_shallow(fr_value_box_t *dst, fr_dict_attr_t const *enumv, char const *src, bool tainted)
Assign a buffer containing a nul terminated string to a box, but don't copy it.
Definition value.c:4729
fr_value_box_safety_copy
void fr_value_box_safety_copy(fr_value_box_t *out, fr_value_box_t const *in)
Copy the safety values from one box to another.
Definition value.c:7330
fr_value_box_bstr_alloc
int fr_value_box_bstr_alloc(TALLOC_CTX *ctx, char **out, fr_value_box_t *dst, fr_dict_attr_t const *enumv, size_t len, bool tainted)
Alloc and assign an empty \0 terminated string to a fr_value_box_t.
Definition value.c:4764
fr_value_box_clear
void fr_value_box_clear(fr_value_box_t *data)
Clear/free any existing value and metadata.
Definition value.c:4377
fr_value_box_list_tainted
bool fr_value_box_list_tainted(fr_value_box_list_t const *head)
Check to see if any list members (or their children) are tainted.
Definition value.c:7153
fr_value_box_bstr_realloc
int fr_value_box_bstr_realloc(TALLOC_CTX *ctx, char **out, fr_value_box_t *dst, size_t len)
Change the length of a buffer already allocated to a value box.
Definition value.c:4797
fr_value_box_bstrndup
int fr_value_box_bstrndup(TALLOC_CTX *ctx, fr_value_box_t *dst, fr_dict_attr_t const *enumv, char const *src, size_t len, bool tainted)
Copy a string to to a fr_value_box_t.
Definition value.c:4838
fr_value_box_bstrdup_buffer_shallow
int fr_value_box_bstrdup_buffer_shallow(TALLOC_CTX *ctx, fr_value_box_t *dst, fr_dict_attr_t const *enumv, char const *src, bool tainted)
Assign a talloced buffer containing a nul terminated string to a box, but don't copy it.
Definition value.c:4946
fr_value_box_memdup
int fr_value_box_memdup(TALLOC_CTX *ctx, fr_value_box_t *dst, fr_dict_attr_t const *enumv, uint8_t const *src, size_t len, bool tainted)
Copy a buffer to a fr_value_box_t.
Definition value.c:5079
fr_value_box_list_concat_in_place
int fr_value_box_list_concat_in_place(TALLOC_CTX *ctx, fr_value_box_t *out, fr_value_box_list_t *list, fr_type_t type, fr_value_box_list_action_t proc_action, bool flatten, size_t max_size)
Concatenate a list of value boxes.
Definition value.c:6604
FR_VALUE_BOX_LIST_FREE
@ FR_VALUE_BOX_LIST_FREE
Definition value.h:238
FR_VALUE_BOX_LIST_FREE_BOX
@ FR_VALUE_BOX_LIST_FREE_BOX
Free each processed box.
Definition value.h:235
fr_value_box_alloc
#define fr_value_box_alloc(_ctx, _type, _enumv)
Allocate a value box of a specific type.
Definition value.h:644
fr_value_box_mark_safe_for
#define fr_value_box_mark_safe_for(_box, _safe_for)
Definition value.h:1093
data
static fr_slen_t data
Definition value.h:1340
fr_value_box_acopy
static fr_value_box_t * fr_value_box_acopy(TALLOC_CTX *ctx, fr_value_box_t const *src)
Copy an existing box, allocating a new box to hold its contents.
Definition value.h:744
fr_value_box_is_safe_for
#define fr_value_box_is_safe_for(_box, _safe_for)
Definition value.h:1100
fr_box_is_variable_size
#define fr_box_is_variable_size(_x)
Definition value.h:464
fr_value_box_get_cursor
#define fr_value_box_get_cursor(_dst)
Definition value.h:1261
VALUE_BOX_VERIFY
#define VALUE_BOX_VERIFY(_x)
Definition value.h:1370
VALUE_BOX_LIST_VERIFY
#define VALUE_BOX_LIST_VERIFY(_x)
Definition value.h:1371
nonnull
int nonnull(2, 5))
fr_value_box_alloc_null
#define fr_value_box_alloc_null(_ctx)
Allocate a value box for later use with a value assignment function.
Definition value.h:655
fr_value_box_list_foreach
#define fr_value_box_list_foreach(_list_head, _iter)
Definition value.h:224
out
static size_t char ** out
Definition value.h:1030
fr_box_bool
#define fr_box_bool(_val)
Definition value.h:331
FR_VALUE_BOX_SAFE_FOR_ANY
#define FR_VALUE_BOX_SAFE_FOR_ANY
Definition value.h:173
xlat_func_bin_arg
static xlat_arg_parser_t const xlat_func_bin_arg[]
Definition xlat_builtin.c:1992
xlat_protocol_register_cbor
static int xlat_protocol_register_cbor(void)
Definition xlat_builtin.c:4721
xlat_func_map_arg
static xlat_arg_parser_t const xlat_func_map_arg[]
Definition xlat_builtin.c:1409
xlat_func_file_tail
static xlat_action_t xlat_func_file_tail(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *args)
Definition xlat_builtin.c:575
XLAT_REGISTER_VOID
#define XLAT_REGISTER_VOID(_xlat, _func, _return_type)
xlat_func_log_dst_args
static xlat_arg_parser_t const xlat_func_log_dst_args[]
Definition xlat_builtin.c:1331
xlat_func_taint_args
static xlat_arg_parser_t const xlat_func_taint_args[]
Definition xlat_builtin.c:921
xlat_func_time_args
static xlat_arg_parser_t const xlat_func_time_args[]
Definition xlat_builtin.c:3921
xlat_func_base64_encode_arg
static xlat_arg_parser_t const xlat_func_base64_encode_arg[]
Definition xlat_builtin.c:1887
xlat_eval_rctx_t::last_result
unlang_result_t last_result
Definition xlat_builtin.c:1593
xlat_change_case
static xlat_action_t xlat_change_case(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED request_t *request, fr_value_box_list_t *args, bool upper)
Change case of a string.
Definition xlat_builtin.c:4129
_log_dst_free
static int _log_dst_free(fr_log_t *log)
Definition xlat_builtin.c:1325
xlat_pair_encode_args
static xlat_arg_parser_t const xlat_pair_encode_args[]
Definition xlat_builtin.c:4509
xlat_hmac
static xlat_action_t xlat_hmac(TALLOC_CTX *ctx, fr_dcursor_t *out, fr_value_box_list_t *args, uint8_t *digest, int digest_len, hmac_type type)
Definition xlat_builtin.c:2343
xlat_func_signal_raise_args
static xlat_arg_parser_t const xlat_func_signal_raise_args[]
Definition xlat_builtin.c:3852
xlat_debug_attr_vp
static void xlat_debug_attr_vp(request_t *request, fr_pair_t const *vp, fr_dict_attr_t const *da)
Definition xlat_builtin.c:147
xlat_func_log_arg
static xlat_arg_parser_t const xlat_func_log_arg[]
Definition xlat_builtin.c:1221
xlat_func_file_mkdir
static xlat_action_t xlat_func_file_mkdir(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *args)
Definition xlat_builtin.c:875
xlat_func_sha_arg
static xlat_arg_parser_t const xlat_func_sha_arg[]
Definition xlat_builtin.c:3226
xlat_func_cast_args
static xlat_arg_parser_t const xlat_func_cast_args[]
Definition xlat_builtin.c:2101
xlat_pair_dencode_instantiate
static int xlat_pair_dencode_instantiate(xlat_inst_ctx_t const *mctx)
Definition xlat_builtin.c:4503
xlat_transparent
xlat_action_t xlat_transparent(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, UNUSED request_t *request, fr_value_box_list_t *args)
Common function to move boxes from input list to output list.
Definition xlat_builtin.c:255
hmac_type
hmac_type
Definition xlat_builtin.c:2338
HMAC_MD5
@ HMAC_MD5
Definition xlat_builtin.c:2339
HMAC_SHA1
@ HMAC_SHA1
Definition xlat_builtin.c:2340
xlat_func_hex_arg
static xlat_arg_parser_t const xlat_func_hex_arg[]
Definition xlat_builtin.c:2285
xlat_func_substr_args
static xlat_arg_parser_t const xlat_func_substr_args[]
Definition xlat_builtin.c:3480
xlat_func_file_exists
static xlat_action_t xlat_func_file_exists(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, UNUSED request_t *request, fr_value_box_list_t *args)
Definition xlat_builtin.c:464
xlat_func_file_head
static xlat_action_t xlat_func_file_head(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *args)
Definition xlat_builtin.c:487
xlat_func_block_args
static xlat_arg_parser_t const xlat_func_block_args[]
Definition xlat_builtin.c:2062
xlat_func_subnet_args
static xlat_arg_parser_t const xlat_func_subnet_args[]
Definition xlat_builtin.c:4440
XLAT_REGISTER_PURE
#define XLAT_REGISTER_PURE(_xlat, _func, _return_type, _arg)
xlat_func_str_printable_arg
static xlat_arg_parser_t const xlat_func_str_printable_arg[]
Definition xlat_builtin.c:3383
xlat_func_randstr_arg
static xlat_arg_parser_t const xlat_func_randstr_arg[]
Definition xlat_builtin.c:2666
xlat_func_eval_arg
static xlat_arg_parser_t const xlat_func_eval_arg[]
Definition xlat_builtin.c:1612
xlat_func_subst_args
static xlat_arg_parser_t const xlat_func_subst_args[]
Definition xlat_builtin.c:3738
xlat_func_explode_args
static xlat_arg_parser_t const xlat_func_explode_args[]
Definition xlat_builtin.c:963
xlat_protocols_register
int xlat_protocols_register(void)
Register xlats for any loaded dictionaries.
Definition xlat_builtin.c:4739
xlat_func_str_utf8_arg
static xlat_arg_parser_t const xlat_func_str_utf8_arg[]
Definition xlat_builtin.c:3443
REPETITION_MAX
#define REPETITION_MAX
cbor_loader
static dl_loader_t * cbor_loader
Definition xlat_builtin.c:4719
xlat_change_case_arg
static xlat_arg_parser_t const xlat_change_case_arg[]
Definition xlat_builtin.c:4151
xlat_func_strlen_arg
static xlat_arg_parser_t const xlat_func_strlen_arg[]
Definition xlat_builtin.c:3345
xlat_protocol_register
static int xlat_protocol_register(fr_dict_t const *dict)
Definition xlat_builtin.c:4699
xlat_func_md5_arg
static xlat_arg_parser_t const xlat_func_md5_arg[]
Definition xlat_builtin.c:2537
xlat_global_init
int xlat_global_init(void)
Definition xlat_builtin.c:5068
xlat_func_urlquote_arg
static xlat_arg_parser_t const xlat_func_urlquote_arg[]
Definition xlat_builtin.c:4195
xlat_pair_cursor_args
static xlat_arg_parser_t const xlat_pair_cursor_args[]
Definition xlat_builtin.c:142
xlat_func_file_size
static xlat_action_t xlat_func_file_size(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *args)
Definition xlat_builtin.c:547
ungroup
static void ungroup(fr_dcursor_t *out, fr_value_box_list_t *in)
Definition xlat_builtin.c:2431
xlat_func_md4_arg
static xlat_arg_parser_t const xlat_func_md4_arg[]
Definition xlat_builtin.c:2497
regex_xlat_escape
static int regex_xlat_escape(UNUSED request_t *request, fr_value_box_t *vb, UNUSED void *uctx)
Definition xlat_builtin.c:3096
xlat_file_allowed
static bool xlat_file_allowed(request_t *request, char const *filename, size_t len)
Definition xlat_builtin.c:424
xlat_func_join_args
static xlat_arg_parser_t const xlat_func_join_args[]
Definition xlat_builtin.c:2407
XLAT_NEW
#define XLAT_NEW(_x)
xlat_eval_resume
static xlat_action_t xlat_eval_resume(UNUSED TALLOC_CTX *ctx, UNUSED fr_dcursor_t *out, xlat_ctx_t const *xctx, UNUSED request_t *request, UNUSED fr_value_box_list_t *in)
Just serves to push the result up the stack.
Definition xlat_builtin.c:1600
xlat_func_taint
static xlat_action_t xlat_func_taint(UNUSED TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, UNUSED request_t *request, fr_value_box_list_t *in)
Definition xlat_builtin.c:941
XLAT_REGISTER_HASH
#define XLAT_REGISTER_HASH(_name, _func)
xlat_func_debug_args
static xlat_arg_parser_t const xlat_func_debug_args[]
Definition xlat_builtin.c:78
hextab
static char const hextab[]
Definition xlat_builtin.c:48
FR_FILENAME_SAFE_FOR
#define FR_FILENAME_SAFE_FOR
Definition xlat_builtin.c:314
xlat_func_signal_raise
static xlat_action_t xlat_func_signal_raise(UNUSED TALLOC_CTX *ctx, UNUSED fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *args)
Definition xlat_builtin.c:3857
xlat_pair_decode_uctx_t::tp_decode
fr_test_point_pair_decode_t * tp_decode
Definition xlat_builtin.c:52
xlat_func_pad_args
static xlat_arg_parser_t const xlat_func_pad_args[]
Definition xlat_builtin.c:1699
uuid_print_vb
static int uuid_print_vb(fr_value_box_t *vb, uint32_t vals[4])
Convert a UUID in an array of uint32_t to the conventional string representation.
Definition xlat_builtin.c:2867
xlat_func_urlunquote_arg
static xlat_arg_parser_t const xlat_func_urlunquote_arg[]
Definition xlat_builtin.c:4278
xlat_func_file_touch
static xlat_action_t xlat_func_file_touch(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *args)
Definition xlat_builtin.c:846
xlat_pair_decode_uctx_t::dict
fr_dict_t const * dict
Restrict xlat to this namespace.
Definition xlat_builtin.c:53
xlat_pair_decode_args
static xlat_arg_parser_t const xlat_pair_decode_args[]
Definition xlat_builtin.c:4358
xlat_func_rand_arg
static xlat_arg_parser_t const xlat_func_rand_arg[]
Definition xlat_builtin.c:2626
uuid_set_variant
static void uuid_set_variant(uint32_t vals[4], uint8_t variant)
Definition xlat_builtin.c:2899
filename_xlat_escape
static int filename_xlat_escape(UNUSED request_t *request, fr_value_box_t *vb, UNUSED void *uctx)
Definition xlat_builtin.c:316
xlat_func_concat_args
static xlat_arg_parser_t const xlat_func_concat_args[]
Definition xlat_builtin.c:2232
XLAT_FILE_ALLOWED
#define XLAT_FILE_ALLOWED(_vb)
Definition xlat_builtin.c:462
xlat_func_join
static xlat_action_t xlat_func_join(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, UNUSED request_t *request, fr_value_box_list_t *in)
Join a series of arguments to form a single list.
Definition xlat_builtin.c:2417
xlat_func_file_name_count_args
static xlat_arg_parser_t const xlat_func_file_name_count_args[]
Definition xlat_builtin.c:413
xlat_arg_copy_out
void xlat_arg_copy_out(TALLOC_CTX *ctx, fr_dcursor_t *out, fr_value_box_list_t *in, fr_value_box_t *vb)
Copy an argument from the input list to the output cursor.
Definition xlat_builtin.c:66
xlat_func_range_arg
static xlat_arg_parser_t const xlat_func_range_arg[]
Definition xlat_builtin.c:3010
xlat_func_integer_args
static xlat_arg_parser_t const xlat_func_integer_args[]
Definition xlat_builtin.c:1092
_xlat_global_init
static int _xlat_global_init(UNUSED void *uctx)
Global initialisation for xlat.
Definition xlat_builtin.c:4786
XLAT_REGISTER_ARGS
#define XLAT_REGISTER_ARGS(_xlat, _func, _return_type, _args)
xlat_func_untaint
static xlat_action_t xlat_func_untaint(UNUSED TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, UNUSED request_t *request, fr_value_box_list_t *in)
Definition xlat_builtin.c:927
xlat_func_file_cat
static xlat_action_t xlat_func_file_cat(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *args)
Definition xlat_builtin.c:765
xlat_func_file_rm
static xlat_action_t xlat_func_file_rm(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *args)
Definition xlat_builtin.c:822
xlat_eval_rctx_t::ex
xlat_exp_head_t * ex
Definition xlat_builtin.c:1594
xlat_func_length_args
static xlat_arg_parser_t const xlat_func_length_args[]
Definition xlat_builtin.c:2461
xlat_func_ungroup
static xlat_action_t xlat_func_ungroup(UNUSED TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, UNUSED request_t *request, fr_value_box_list_t *in)
Ungroups all of its arguments into one flat list.
Definition xlat_builtin.c:2447
xlat_protocol_register_by_name
static int xlat_protocol_register_by_name(dl_t *dl, char const *name, fr_dict_t const *dict)
Definition xlat_builtin.c:4650
xlat_func_file_cat_args
static xlat_arg_parser_t const xlat_func_file_cat_args[]
Definition xlat_builtin.c:758
uuid_set_version
static void uuid_set_version(uint32_t vals[4], uint8_t version)
Definition xlat_builtin.c:2891
xlat_func_file_rmdir
static xlat_action_t xlat_func_file_rmdir(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *args)
Definition xlat_builtin.c:898
UUID_CHARS
#define UUID_CHARS(_v, _num)
xlat_debug_attr_list
static void xlat_debug_attr_list(request_t *request, fr_pair_list_t const *list, fr_dict_attr_t const *parent)
Definition xlat_builtin.c:129
xlat_func_file_name_args
static xlat_arg_parser_t const xlat_func_file_name_args[]
Definition xlat_builtin.c:407
xlat_ctx
static TALLOC_CTX * xlat_ctx
Definition xlat_builtin.c:49
xlat_func_next_time_args
static xlat_arg_parser_t const xlat_func_next_time_args[]
Definition xlat_builtin.c:1495
_xlat_global_free
static int _xlat_global_free(UNUSED void *uctx)
De-register all xlat functions we created.
Definition xlat_builtin.c:4766
xlat_func_base64_decode_arg
static xlat_arg_parser_t const xlat_func_base64_decode_arg[]
Definition xlat_builtin.c:1935
xlat_hmac_args
static xlat_arg_parser_t const xlat_hmac_args[]
Definition xlat_builtin.c:2366
xlat_func_regex_args
static xlat_arg_parser_t const xlat_func_regex_args[]
Definition xlat_builtin.c:3115
xlat_eval_rctx_t
Definition xlat_builtin.c:1592
xlat_pair_decode_uctx_t
Definition xlat_builtin.c:51
xlat_ctx_s::rctx
void * rctx
Resume context.
Definition xlat_ctx.h:54
xlat_ctx_s::ex
xlat_exp_t const * ex
Tokenized expression.
Definition xlat_ctx.h:55
xlat_inst_ctx_s::ex
xlat_exp_t * ex
Tokenized expression to use in expansion.
Definition xlat_ctx.h:64
xlat_ctx_s::inst
void const * inst
xlat instance data.
Definition xlat_ctx.h:50
xlat_inst_ctx_s::uctx
void * uctx
Passed to the registration function.
Definition xlat_ctx.h:66
xlat_inst_ctx_s::inst
void * inst
xlat instance data to populate.
Definition xlat_ctx.h:63
xlat_ctx_s
An xlat calling ctx.
Definition xlat_ctx.h:49
xlat_inst_ctx_s
An xlat instantiation ctx.
Definition xlat_ctx.h:62
xlat_time_res_attr
fr_dict_attr_t const * xlat_time_res_attr(char const *res)
Definition xlat_eval.c:127
xlat_eval_init
int xlat_eval_init(void)
Definition xlat_eval.c:2022
xlat_eval_free
void xlat_eval_free(void)
Definition xlat_eval.c:2044
xlat_register_expressions
int xlat_register_expressions(void)
Definition xlat_expr.c:1859
xlat_func_free
void xlat_func_free(void)
Definition xlat_func.c:556
xlat_func_flags_set
void xlat_func_flags_set(xlat_t *x, xlat_func_flags_t flags)
Specify flags that alter the xlat's behaviour.
Definition xlat_func.c:392
xlat_func_args_set
int xlat_func_args_set(xlat_t *x, xlat_arg_parser_t const args[])
Register the arguments of an xlat.
Definition xlat_func.c:365
xlat_func_register
xlat_t * xlat_func_register(TALLOC_CTX *ctx, char const *name, xlat_func_t func, fr_type_t return_type)
Register an xlat function.
Definition xlat_func.c:216
xlat_func_init
int xlat_func_init(void)
Definition xlat_func.c:540
xlat_func_find
xlat_t * xlat_func_find(char const *in, ssize_t inlen)
Definition xlat_func.c:77
xlat_func_instantiate_set
#define xlat_func_instantiate_set(_xlat, _instantiate, _inst_struct, _detach, _uctx)
Set a callback for global instantiation of xlat functions.
Definition xlat_func.h:93
xlat_func_safe_for_set
#define xlat_func_safe_for_set(_xlat, _escaped)
Set the escaped values for output boxes.
Definition xlat_func.h:82
XLAT_FUNC_FLAG_PURE
@ XLAT_FUNC_FLAG_PURE
Definition xlat_func.h:38
XLAT_FUNC_FLAG_INTERNAL
@ XLAT_FUNC_FLAG_INTERNAL
Definition xlat_func.h:39
xlat_decode_value_box_list
int xlat_decode_value_box_list(TALLOC_CTX *ctx, fr_pair_list_t *out, request_t *request, void *decode_ctx, fr_pair_decode_t decode, fr_value_box_list_t *in)
Decode all of the value boxes into the output cursor.
Definition xlat_pair.c:90
XLAT_GROUP
@ XLAT_GROUP
encapsulated string of xlats
Definition xlat_priv.h:116
xlat_s::deprecated
bool deprecated
this function was deprecated
Definition xlat_priv.h:68
xlat_exp_s::type
xlat_type_t _CONST type
type of this expansion.
Definition xlat_priv.h:155
xlat_exp_head_s
Definition xlat_priv.h:188
xlat_exp_s
An xlat expansion node.
Definition xlat_priv.h:148
xlat_s
Definition xlat_priv.h:59
Generated by   doxygen 1.9.8