The FreeRADIUS server $Id: 15bac2a4c627c01d1aa2047687b3418955ac7f00 $
Loading...
Searching...
No Matches
xlat_expr.c
Go to the documentation of this file.
1/*
2 * This program is free software; you can redistribute it and/or modify
3 * it under the terms of the GNU General Public License as published by
4 * the Free Software Foundation; either version 2 of the License, or
5 * (at your option) any later version.
6 *
7 * This program is distributed in the hope that it will be useful,
8 * but WITHOUT ANY WARRANTY; without even the implied warranty of
9 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
10 * GNU General Public License for more details.
11 *
12 * You should have received a copy of the GNU General Public License
13 * along with this program; if not, write to the Free Software
14 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
15 */
16
17/**
18 * $Id: 09165db77c731055017a75d85c2af658f5dca319 $
19 *
20 * @file xlat_expr.c
21 * @brief Tokenizers and support functions for xlat expressions
22 *
23 * @copyright 2021 The FreeRADIUS server project
24 * @copyright 2021 Network RADIUS SAS (legal@networkradius.com)
25 */
26
27RCSID("$Id: 09165db77c731055017a75d85c2af658f5dca319 $")
28
29#include <freeradius-devel/server/base.h>
30#include <freeradius-devel/unlang/xlat_priv.h>
31#include <freeradius-devel/util/calc.h>
32#include <freeradius-devel/server/tmpl_dcursor.h>
33
34#undef XLAT_DEBUG
35#ifdef DEBUG_XLAT
36# define XLAT_DEBUG(_fmt, ...) DEBUG3("%s[%i] "_fmt, __FILE__, __LINE__, ##__VA_ARGS__)
37#else
38# define XLAT_DEBUG(...)
39#endif
40
41/*
42 * The new tokenizer accepts most things which are accepted by the old one. Many of the errors will be
43 * different, though.
44 *
45 * @todo - add a "output" fr_type_t to xlat_t, which is mainly used by the comparison functions. Right
46 * now it will happily parse things like:
47 *
48 * (1 < 2) < 3
49 *
50 * though the result of (1 < 2) is a boolean, so the result is always true. We probably want to have
51 * that as a compile-time error / check. This can probably just be done with xlat_purify() ? which
52 * doesn't need to interpret the LHS, but just knows its limits. We perhaps want a "range compare"
53 * function, which just checks ranges on one side against values on the right.
54 *
55 * Even worse, when we do "((bool) 1) < 3", the RHS is cast to the type of the LHS by
56 * tmpl_afrom_substr(). This is because we pass the LHS data type recursively down, which works most of
57 * the time, but not all of the time. There are currently hacks in the "upcast" code here to fix this,
58 * but it's a hack.
59 *
60 * @todo - add instantiation routines for assignment operations. This lets us do things
61 * like:
62 * if ((&foo += 4) > 6) ...
63 *
64 * However, this would also require us adding an edit list pointer to the xlat evaluation functions,
65 * which is not trivial. Or, maybe we attach it to the request somehow?
66 */
67
68static xlat_exp_t *xlat_exists_alloc(TALLOC_CTX *ctx, xlat_exp_t *child);
69
70static void xlat_func_append_arg(xlat_exp_t *head, xlat_exp_t *node, bool exists)
71{
72 xlat_exp_t *group;
73
74 fr_assert(head->type == XLAT_FUNC);
75
76 /*
77 * Wrap existence checks for attribute reference.
78 */
79 if (exists && (node->type == XLAT_TMPL) && tmpl_contains_attr(node->vpt)) {
80 node = xlat_exists_alloc(head, node);
81 }
82
83 if (!head->call.args) {
84 MEM(head->call.args = xlat_exp_head_alloc(head));
85 head->call.args->is_argv = true;
86 }
87
88 /*
89 * Wrap it in a group.
90 */
91 group = xlat_exp_alloc(head->call.args, XLAT_GROUP, NULL, 0);
92 group->quote = T_BARE_WORD;
93
94 xlat_exp_set_name_shallow(group, node->fmt); /* not entirely correct, but good enough for now */
95 group->flags = node->flags;
96
97 talloc_steal(group->group, node);
98 xlat_exp_insert_tail(group->group, node);
99
100 xlat_exp_insert_tail(head->call.args, group);
101
102 xlat_flags_merge(&head->flags, &head->call.args->flags);
103}
104
105
106/** Allocate a specific cast node.
107 *
108 * With the first argument being a UINT8 of the data type.
109 * See xlat_func_cast() for the implementation.
110 *
111 */
112static xlat_exp_t *xlat_exists_alloc(TALLOC_CTX *ctx, xlat_exp_t *child)
113{
114 xlat_exp_t *node;
115
116 fr_assert(child->type == XLAT_TMPL);
117 fr_assert(tmpl_contains_attr(child->vpt));
118
119 /*
120 * Create an "exists" node.
121 */
122 MEM(node = xlat_exp_alloc(ctx, XLAT_FUNC, "exists", 6));
123 xlat_exp_set_name_shallow(node, child->vpt->name);
124
125 MEM(node->call.func = xlat_func_find("exists", 6));
126 fr_assert(node->call.func != NULL);
127
128 /*
129 * The attribute may need resolving, in which case we have to set the flag as appropriate.
130 */
131 node->flags = (xlat_flags_t) { .needs_resolving = tmpl_needs_resolving(child->vpt)};
132
133 if (!node->flags.needs_resolving) node->call.dict = tmpl_attr_tail_da(child->vpt)->dict;
134
135 xlat_func_append_arg(node, child, false);
136
137 return node;
138}
139
140
142{
143 size_t at_in = fr_sbuff_used_total(out);
144
145 FR_SBUFF_IN_STRCPY_RETURN(out, fr_tokens[node->call.func->token]);
146 xlat_print_node(out, node->call.args, xlat_exp_head(node->call.args), e_rules, 0);
147
148 return fr_sbuff_used_total(out) - at_in;
149}
150
152{
153 size_t at_in = fr_sbuff_used_total(out);
154 xlat_exp_t *child = xlat_exp_head(node->call.args);
155
156 fr_assert(child != NULL);
157
159 xlat_print_node(out, node->call.args, child, e_rules, 0); /* prints a space after the first argument */
160
161 FR_SBUFF_IN_STRCPY_RETURN(out, fr_tokens[node->call.func->token]);
163
164 child = xlat_exp_next(node->call.args, child);
165 fr_assert(child != NULL);
166
167 xlat_print_node(out, node->call.args, child, e_rules, 0);
168
170
171 return fr_sbuff_used_total(out) - at_in;
172}
173
174static int xlat_expr_resolve_binary(xlat_exp_t *node, UNUSED void *inst, xlat_res_rules_t const *xr_rules)
175{
176 xlat_exp_t *arg1, *arg2;
177 xlat_exp_t *a, *b;
178 tmpl_res_rules_t my_tr_rules;
179
180 XLAT_DEBUG("RESOLVE %s\n", node->fmt);
181
182 arg1 = xlat_exp_head(node->call.args);
183 fr_assert(arg1);
184 fr_assert(arg1->type == XLAT_GROUP);
185
186 arg2 = xlat_exp_next(node->call.args, arg1);
187 fr_assert(arg2);
188 fr_assert(arg2->type == XLAT_GROUP);
189
190 a = xlat_exp_head(arg1->group);
191 b = xlat_exp_head(arg2->group);
192
193 /*
194 * We have many things here, just call resolve recursively.
195 */
196 if (xlat_exp_next(arg1->group, a) || (xlat_exp_next(arg2->group, b))) goto resolve;
197
198 /*
199 * Anything else must get resolved at run time.
200 */
201 if ((a->type != XLAT_TMPL) || (b->type != XLAT_TMPL)) goto resolve;
202
203 /*
204 * The tr_rules should always contain dict_def
205 */
206 fr_assert(xr_rules); /* always set by xlat_resolve() */
207 if (xr_rules->tr_rules) {
208 my_tr_rules = *xr_rules->tr_rules;
209 } else {
210 my_tr_rules = (tmpl_res_rules_t) { };
211 }
212
213 /*
214 * The LHS attribute dictates the enumv for the RHS one.
215 */
216 if (tmpl_contains_attr(a->vpt)) {
217 XLAT_DEBUG("\ta - %s %s\n", a->fmt, b->fmt);
218
219 if (a->flags.needs_resolving) {
220 XLAT_DEBUG("\tresolve attr a\n");
221 if (tmpl_resolve(a->vpt, &my_tr_rules) < 0) return -1;
222 a->flags.needs_resolving = false;
223 }
224
225 my_tr_rules.enumv = tmpl_attr_tail_da(a->vpt);
226
227 XLAT_DEBUG("\tresolve other b\n");
228 if (tmpl_resolve(b->vpt, &my_tr_rules) < 0) return -1;
229
230 b->flags.needs_resolving = false;
231 b->flags.pure = tmpl_is_data(b->vpt);
232 b->flags.constant = b->flags.pure;
233 goto flags;
234 }
235
236 if (tmpl_contains_attr(b->vpt)) {
237 XLAT_DEBUG("\tb - %s %s\n", a->fmt, b->fmt);
238
239 if (b->flags.needs_resolving) {
240 XLAT_DEBUG("\tresolve attr b\n");
241 if (tmpl_resolve(b->vpt, &my_tr_rules) < 0) return -1;
242
243 b->flags.needs_resolving = false;
244 }
245
246 my_tr_rules.enumv = tmpl_attr_tail_da(b->vpt);
247
248 XLAT_DEBUG("\tresolve other a\n");
249 if (tmpl_resolve(a->vpt, &my_tr_rules) < 0) return -1;
250
251 a->flags.needs_resolving = false;
252 a->flags.pure = tmpl_is_data(a->vpt);
253 a->flags.constant = a->flags.pure;
254 goto flags;
255 }
256
257resolve:
258 /*
259 * This call will fix everything recursively.
260 */
261 return xlat_resolve(node->call.args, xr_rules);
262
263flags:
264 arg1->flags = arg1->group->flags = a->flags;
265 arg2->flags = arg2->group->flags = b->flags;
266 xlat_flags_merge(&node->call.args->flags, &arg2->flags);
267
270
273
274 node->call.args->flags.needs_resolving = false;
275
276 return 0;
277}
278
280{
281 switch (type) {
282 case FR_TYPE_STRING:
283 fr_value_box_strdup_shallow(vb, NULL, "", false);
284 break;
285
286 case FR_TYPE_OCTETS:
287 fr_value_box_memdup_shallow(vb, NULL, (void const *) "", 0, false);
288 break;
289
290 default:
291 fr_value_box_init(vb, type, NULL, false);
292 break;
293 }
294}
295
297 { .required = false, .type = FR_TYPE_VOID },
298 { .required = false, .type = FR_TYPE_VOID },
300};
301
303 UNUSED xlat_ctx_t const *xctx,
304 request_t *request, fr_value_box_list_t *in,
305 fr_token_t op,
306 fr_type_t default_type, fr_dict_attr_t const *enumv)
307{
308 int rcode;
309 fr_value_box_t *dst, *a, *b;
310 fr_value_box_t one, two;
311
312 MEM(dst = fr_value_box_alloc_null(ctx));
313
314 /*
315 * Each argument is a FR_TYPE_GROUP, with one or more elements in a list.
316 */
317 a = fr_value_box_list_head(in);
318 if (!a) {
319 REDEBUG("Left argument to %s is missing", fr_tokens[op]);
320 return XLAT_ACTION_FAIL;
321 }
322
323 b = fr_value_box_list_next(in, a);
324 if (!b) {
325 REDEBUG("Right argument to %s is missing", fr_tokens[op]);
326 return XLAT_ACTION_FAIL;
327 }
328
330
331 if (fr_value_box_list_num_elements(&a->vb_group) > 1) {
332 REDEBUG("Expected one value as the first argument, got %u",
333 fr_value_box_list_num_elements(&a->vb_group));
334 return XLAT_ACTION_FAIL;
335 }
336 a = fr_value_box_list_head(&a->vb_group);
337
338 if (fr_value_box_list_num_elements(&b->vb_group) > 1) {
339 REDEBUG("Expected one value as the second argument, got %u",
340 fr_value_box_list_num_elements(&b->vb_group));
341 return XLAT_ACTION_FAIL;
342 }
343 b = fr_value_box_list_head(&b->vb_group);
344
345 if (!a) {
346 a = &one;
347 fr_value_box_init_zero(a, b->type);
348 }
349
350 if (!b) {
351 b = &two;
352 fr_value_box_init_zero(b, a->type);
353 }
354
355 rcode = fr_value_calc_binary_op(dst, dst, default_type, a, op, b);
356 if (rcode < 0) {
357 RPEDEBUG("Failed calculating '%pV %s %pV'", a, fr_tokens[op], b);
358 talloc_free(dst);
359 return XLAT_ACTION_FAIL;
360 }
361
362 /*
363 * Over-write, but only if it's present. Otherwise leave
364 * any existing enum alone.
365 */
366 if (enumv) dst->enumv = enumv;
368
369 VALUE_BOX_LIST_VERIFY((fr_value_box_list_t *)out->dlist);
370 return XLAT_ACTION_DONE;
371}
372
373#define XLAT_BINARY_FUNC(_name, _op) \
374static xlat_action_t xlat_func_ ## _name(TALLOC_CTX *ctx, fr_dcursor_t *out, \
375 xlat_ctx_t const *xctx, \
376 request_t *request, fr_value_box_list_t *in) \
377{ \
378 return xlat_binary_op(ctx, out, xctx, request, in, _op, FR_TYPE_NULL, NULL); \
379}
380
381XLAT_BINARY_FUNC(op_add, T_ADD)
382XLAT_BINARY_FUNC(op_sub, T_SUB)
383XLAT_BINARY_FUNC(op_mul, T_MUL)
384XLAT_BINARY_FUNC(op_div, T_DIV)
385XLAT_BINARY_FUNC(op_mod, T_MOD)
386XLAT_BINARY_FUNC(op_and, T_AND)
388XLAT_BINARY_FUNC(op_xor, T_XOR)
389XLAT_BINARY_FUNC(op_rshift, T_RSHIFT)
390XLAT_BINARY_FUNC(op_lshift, T_LSHIFT)
391
393 { .required = false, .type = FR_TYPE_VOID },
394 { .required = false, .type = FR_TYPE_VOID },
396};
397
398/*
399 * @todo - arguably this function should process its own arguments, like logical_or.
400 *
401 * That way it can return XLAT_ACTION_FAIL if either argument fails to be found,
402 * or if the comparison matches, it returns the RHS value. This behavior will
403 * let us to multiple comparisons, like:
404 *
405 * if (0 < x < 5) ...
406 *
407 * Which is then syntactic sugar for
408 *
409 * if ((0 < x) < 5) ...
410 *
411 * That means the comparisons no longer return "bool", so if we
412 * want to do this, the change has to be made before v4 is
413 * released.
414 *
415 * Other operators like "+=" would return their LHS value. But in order to do that, we would have to
416 * update the expression parser to allow in-place edits, and that may be a fair bit of work.
417 *
418 * It also lets us do more interesting selectors, such as:
419 *
420 * foo || (0 < x)
421 *
422 * which if "foo" doesn't exist, evaluates the RHS, and then returns "x" only if x is greater than zero.
423 * This short-hand can remove a lot of complex / nested "if" conditions.
424 *
425 * It could also allow us to do better attribute filtering:
426 *
427 * foo := (0 < foo < 5)
428 *
429 * Which ensures that "foo" has value only 1..4.
430 *
431 * It would be nice to have a syntax for "self", so we could instead do:
432 *
433 * foo := (0 < $$ < 5)
434 *
435 * Which could then also be used inside of attribute selectors:
436 *
437 * foreach foo (Vendor-Specific.Cisco.AVPair[$$ =~ /^x/]) { ...
438 *
439 * and now that we have pair cursors as value-boxes, this becomes a lot easier.
440 * "$$" then becomes syntactic sugar for "the pair at the current cursor".
441 *
442 * It also means tracking somehow the value of $$ in the interpreter? Maybe as a short-hand, just update
443 * the #request_t to add a #fr_pair_t of the current cursor value. This is a horrible hack, but would be
444 * easy to do. It doesn't allow nested cursors, but whatever. The syntax for that would be hard to get
445 * right.
446 */
447static xlat_action_t xlat_cmp_op(TALLOC_CTX *ctx, fr_dcursor_t *out,
448 UNUSED xlat_ctx_t const *xctx,
449 UNUSED request_t *request, fr_value_box_list_t *in,
450 fr_token_t op)
451{
452 int rcode;
453 fr_value_box_t *dst, *a, *b;
454
455 /*
456 * Each argument is a FR_TYPE_GROUP, with one or more elements in a list.
457 */
458 a = fr_value_box_list_head(in);
459 if (!a) {
460 REDEBUG("Left argument to %s is missing", fr_tokens[op]);
461 return XLAT_ACTION_FAIL;
462 }
463
464 b = fr_value_box_list_next(in, a);
465 if (!b) {
466 REDEBUG("Right argument to %s is missing", fr_tokens[op]);
467 return XLAT_ACTION_FAIL;
468 }
469
470 fr_assert(a->type == FR_TYPE_GROUP);
471 fr_assert(b->type == FR_TYPE_GROUP);
472
474
476
477 rcode = fr_value_calc_list_cmp(dst, dst, &a->vb_group, op, &b->vb_group);
478 if (rcode < 0) {
479 talloc_free(dst);
480 return XLAT_ACTION_FAIL;
481 }
482
483 fr_assert(dst->type == FR_TYPE_BOOL);
484 dst->enumv = attr_expr_bool_enum;
485
487 VALUE_BOX_LIST_VERIFY((fr_value_box_list_t *)out->dlist);
488 return XLAT_ACTION_DONE;
489}
490
491
492#define XLAT_CMP_FUNC(_name, _op) \
493static xlat_action_t xlat_func_ ## _name(TALLOC_CTX *ctx, fr_dcursor_t *out, \
494 xlat_ctx_t const *xctx, \
495 request_t *request, fr_value_box_list_t *in) \
496{ \
497 return xlat_cmp_op(ctx, out, xctx, request, in, _op); \
498}
499
501XLAT_CMP_FUNC(cmp_ne, T_OP_NE)
502XLAT_CMP_FUNC(cmp_lt, T_OP_LT)
503XLAT_CMP_FUNC(cmp_le, T_OP_LE)
504XLAT_CMP_FUNC(cmp_gt, T_OP_GT)
505XLAT_CMP_FUNC(cmp_ge, T_OP_GE)
508
509typedef struct {
511 regex_t *regex; //!< precompiled regex
512 xlat_exp_t *xlat; //!< to expand
513 fr_regex_flags_t *regex_flags;
515
516typedef struct {
518 fr_value_box_list_t list;
520
521static fr_slen_t xlat_expr_print_regex(fr_sbuff_t *out, xlat_exp_t const *node, void *instance, fr_sbuff_escape_rules_t const *e_rules)
522{
523 size_t at_in = fr_sbuff_used_total(out);
524 xlat_exp_t *child = xlat_exp_head(node->call.args);
525 xlat_regex_inst_t *inst = instance;
526
527 fr_assert(child != NULL);
528
530 xlat_print_node(out, node->call.args, child, e_rules, 0);
531
532 /*
533 * A space is printed after the first argument only if
534 * there's a second one. So add one if we "ate" the second argument.
535 */
536 if (inst->xlat) FR_SBUFF_IN_CHAR_RETURN(out, ' ');
537
538 FR_SBUFF_IN_STRCPY_RETURN(out, fr_tokens[node->call.func->token]);
540
541 /*
542 * Regexes which aren't instantiated: only for unit tests.
543 */
544 if (!inst->xlat) {
545 child = xlat_exp_next(node->call.args, child);
546
547 fr_assert(child != NULL);
548 fr_assert(!xlat_exp_next(node->call.args, child));
549 fr_assert(child->type == XLAT_GROUP);
550
554
555 child = xlat_exp_head(child->group);
556 fr_assert(child->type == XLAT_TMPL);
557
558 /*
559 * The RHS may be a group
560 */
561 FR_SBUFF_RETURN(regex_flags_print, out, tmpl_regex_flags(child->vpt));
562 goto done;
563 }
564
566
567 if (inst->xlat->quote == T_SINGLE_QUOTED_STRING) FR_SBUFF_IN_CHAR_RETURN(out, 'm');
569 FR_SBUFF_IN_STRCPY_RETURN(out, inst->xlat->vpt->name);
571
572 FR_SBUFF_RETURN(regex_flags_print, out, inst->regex_flags);
573
574done:
576
577 return fr_sbuff_used_total(out) - at_in;
578}
579
580
581/*
582 * Each argument is it's own head, because we do NOT always want
583 * to go to the next argument.
584 */
586{
587 xlat_regex_inst_t *inst = talloc_get_type_abort(xctx->inst, xlat_regex_inst_t);
588 xlat_exp_t *lhs, *rhs, *regex;
589
590 lhs = xlat_exp_head(xctx->ex->call.args);
591 rhs = xlat_exp_next(xctx->ex->call.args, lhs);
592
593 (void) fr_dlist_remove(&xctx->ex->call.args->dlist, rhs);
594
595 fr_assert(rhs);
596 fr_assert(rhs->type == XLAT_GROUP);
597 regex = xlat_exp_head(rhs->group);
598 fr_assert(tmpl_contains_regex(regex->vpt));
599
600 inst->op = xctx->ex->call.func->token;
601 inst->regex_flags = tmpl_regex_flags(regex->vpt);
602
603 inst->xlat = talloc_steal(inst, regex);
604 talloc_free(rhs); /* group wrapper is no longer needed */
605
606 /*
607 * The RHS is more then just one regex node, it has to be dynamically expanded.
608 */
609 if (tmpl_contains_xlat(regex->vpt)) {
610 return 0;
611 }
612
613 if (tmpl_is_data_unresolved(regex->vpt)) {
614 fr_strerror_const("Regex must be resolved before instantiation");
615 return -1;
616 }
617
618 /*
619 * Must have been caught in the parse phase.
620 */
621 fr_assert(tmpl_is_regex(regex->vpt));
622
623 inst->regex = tmpl_regex(regex->vpt);
624
625 return 0;
626}
627
628
630 { .required = true, .type = FR_TYPE_STRING },
631 { .concat = true, .type = FR_TYPE_STRING },
633};
634
636 { .required = true, .concat = true, .type = FR_TYPE_STRING }, /* regex string */
637 { .required = true, .concat = false, .type = FR_TYPE_STRING }, /* broken out things to match */
638 { .required = false, .concat = true, .type = FR_TYPE_STRING }, /* flags */
640};
641
642
643/** Perform a regular expressions comparison between two operands
644 *
645 * @param[in] ctx to allocate resulting box in.
646 * @param[in] request The current request.
647 * @param[in] in list of item or items
648 * @param[in,out] preg Pointer to pre-compiled or runtime-compiled
649 * regular expression. In the case of runtime-compiled
650 * the pattern may be stolen by the `regex_sub_to_request`
651 * function as the original pattern is needed to resolve
652 * capture groups.
653 * The caller should only free the `regex_t *` if it
654 * compiled it, and the pointer has not been set to NULL
655 * when this function returns.
656 * @param[out] out Where result is written.
657 * @param[in] op the operation to perform.
658 * @return
659 * - -1 on failure.
660 * - 0 for "no match".
661 * - 1 for "match".
662 */
663static xlat_action_t xlat_regex_do_op(TALLOC_CTX *ctx, request_t *request, fr_value_box_list_t *in, regex_t **preg,
665{
666 uint32_t subcaptures;
667 int ret = 0;
668
669 fr_regmatch_t *regmatch;
670 fr_value_box_t *dst;
671 fr_value_box_t *arg, *vb;
672 fr_sbuff_t *agg;
673 char const *subject;
674 size_t len;
675 fr_value_box_t safety = {};
676
677 FR_SBUFF_TALLOC_THREAD_LOCAL(&agg, 256, 8192);
678
679 arg = fr_value_box_list_head(in);
680 fr_assert(arg != NULL);
681 fr_assert(arg->type == FR_TYPE_GROUP);
682
683 subcaptures = regex_subcapture_count(*preg);
684 if (!subcaptures) subcaptures = REQUEST_MAX_REGEX + 1; /* +1 for %{0} (whole match) capture group */
685 MEM(regmatch = regex_match_data_alloc(NULL, subcaptures));
686
687 while ((vb = fr_value_box_list_pop_head(&arg->vb_group)) != NULL) {
688 if (vb->type == FR_TYPE_STRING) {
689 subject = vb->vb_strvalue;
690 len = vb->vb_length;
691 fr_value_box_safety_copy(&safety, vb);
692
693 } else {
694 fr_value_box_list_t list;
695
696 fr_value_box_list_init(&list);
697 fr_value_box_list_insert_head(&list, vb);
699
700 vb = NULL;
701
702 /*
703 * Concatenate everything, and escape untrusted inputs.
704 */
705 if (fr_value_box_list_concat_as_string(&safety, agg, &list, NULL, 0, &regex_escape_rules,
706 FR_VALUE_BOX_LIST_FREE_BOX, FR_REGEX_SAFE_FOR, true) < 0) {
707 RPEDEBUG("Failed concatenating regular expression string");
708 talloc_free(regmatch);
709 return XLAT_ACTION_FAIL;
710 }
711
712 subject = fr_sbuff_start(agg);
713 len = fr_sbuff_used(agg);
714 }
715
716 /*
717 * Evaluate the expression
718 */
719 ret = regex_exec(*preg, subject, len, regmatch);
720 switch (ret) {
721 default:
722 RPEDEBUG("REGEX failed");
723 talloc_free(vb);
724 talloc_free(regmatch);
725 return XLAT_ACTION_FAIL;
726
727 case 0:
728 regex_sub_to_request(request, NULL, NULL, NULL); /* clear out old entries */
729 continue;
730
731 case 1:
732 regex_sub_to_request(request, preg, &regmatch, &safety);
733 talloc_free(vb);
734 goto done;
735
736 }
737
738 talloc_free(vb);
739 }
740
741done:
742 talloc_free(regmatch); /* free if not consumed */
743
745 dst->vb_bool = (ret == (op == T_OP_REG_EQ));
746
748
749 return XLAT_ACTION_DONE;
750}
751
753 xlat_ctx_t const *xctx,
754 request_t *request, fr_value_box_list_t *in)
755{
757 xlat_regex_rctx_t *rctx = talloc_get_type_abort(xctx->rctx, xlat_regex_rctx_t);
758 ssize_t slen;
759 regex_t *preg = NULL;
760 fr_sbuff_t *agg;
761
762 FR_SBUFF_TALLOC_THREAD_LOCAL(&agg, 256, 8192);
763
764 /*
765 * If the expansions fails, then we fail the entire thing.
766 */
767 if (!XLAT_RESULT_SUCCESS(&rctx->last_result)) {
768 talloc_free(rctx);
769 return XLAT_ACTION_FAIL;
770 }
771
772 /*
773 * Because we expanded the RHS ourselves, the "concat"
774 * flag to the RHS argument is ignored. So we just
775 * concatenate it here. We escape the various untrusted inputs.
776 */
777 if (fr_value_box_list_concat_as_string(NULL, agg, &rctx->list, NULL, 0, &regex_escape_rules,
778 FR_VALUE_BOX_LIST_FREE_BOX, FR_REGEX_SAFE_FOR, true) < 0) {
779 RPEDEBUG("Failed concatenating regular expression string");
780 return XLAT_ACTION_FAIL;
781 }
782
783 fr_assert(inst->regex == NULL);
784
785 slen = regex_compile(rctx, &preg, fr_sbuff_start(agg), fr_sbuff_used(agg),
786 tmpl_regex_flags(inst->xlat->vpt), true, true); /* flags, allow subcaptures, at runtime */
787 if (slen <= 0) return XLAT_ACTION_FAIL;
788
789 return xlat_regex_do_op(ctx, request, in, &preg, out, inst->op);
790}
791
793 xlat_ctx_t const *xctx,
794 request_t *request, fr_value_box_list_t *in,
795 fr_token_t op)
796{
798 xlat_regex_rctx_t *rctx;
799 regex_t *preg;
800
801 /*
802 * Just run precompiled regexes.
803 */
804 if (inst->regex) {
805 preg = tmpl_regex(inst->xlat->vpt);
806
807 return xlat_regex_do_op(ctx, request, in, &preg, out, op);
808 }
809
810 MEM(rctx = talloc_zero(unlang_interpret_frame_talloc_ctx(request), xlat_regex_rctx_t));
811 fr_value_box_list_init(&rctx->list);
812
813 if (unlang_xlat_yield(request, xlat_regex_resume, NULL, 0, rctx) != XLAT_ACTION_YIELD) {
814 fail:
815 talloc_free(rctx);
816 return XLAT_ACTION_FAIL;
817 }
818
819 if (unlang_xlat_push(ctx, &rctx->last_result, &rctx->list,
820 request, tmpl_xlat(inst->xlat->vpt), UNLANG_SUB_FRAME) < 0) goto fail;
821
823}
824
825#define XLAT_REGEX_FUNC(_name, _op) \
826static xlat_action_t xlat_func_ ## _name(TALLOC_CTX *ctx, fr_dcursor_t *out, \
827 xlat_ctx_t const *xctx, \
828 request_t *request, fr_value_box_list_t *in) \
829{ \
830 return xlat_regex_op(ctx, out, xctx, request, in, _op); \
831}
832
835
837 UNUSED xlat_ctx_t const *xctx,
838 request_t *request, fr_value_box_list_t *in)
839{
840 ssize_t slen;
841 regex_t *preg;
842 fr_value_box_t *regex;
843 xlat_action_t action;
844
845 RDEBUG("IN IS %pM", in);
846
847 regex = fr_value_box_list_pop_head(in);
848 fr_assert(regex);
849 fr_assert(regex->type == FR_TYPE_STRING);
850
851 slen = regex_compile(ctx, &preg, regex->vb_strvalue, regex->vb_length,
852 NULL, true, true); /* flags, allow subcaptures, at runtime */
853 if (slen <= 0) {
854 RPEDEBUG("Failed parsing regular expression %pV", regex);
855 talloc_free(regex);
856 return XLAT_ACTION_FAIL;
857 }
858
859 action = xlat_regex_do_op(ctx, request, in, &preg, out, T_OP_REG_EQ);
860 talloc_free(regex);
861 talloc_free(preg);
862 return action;
863}
864
871
872typedef struct {
873 TALLOC_CTX *ctx;
875 fr_value_box_t *box; //!< output value-box
877 fr_value_box_list_t list;
879
880static fr_slen_t xlat_expr_print_nary(fr_sbuff_t *out, xlat_exp_t const *node, void *instance, fr_sbuff_escape_rules_t const *e_rules)
881{
882 size_t at_in = fr_sbuff_used_total(out);
883 xlat_logical_inst_t *inst = instance;
885
887
888 /*
889 * We might get called before the node is instantiated.
890 */
891 if (!inst->argv) {
892 head = node->call.args;
893
894 fr_assert(head != NULL);
895
896 xlat_exp_foreach(head, child) {
897 xlat_print_node(out, head, child, e_rules, 0);
898
899 if (!xlat_exp_next(head, child)) break;
900
901 FR_SBUFF_IN_STRCPY_RETURN(out, fr_tokens[node->call.func->token]);
903 }
904 } else {
905 int i;
906
907 for (i = 0; i < inst->argc; i++) {
908 xlat_print(out, inst->argv[i], e_rules);
909 if (i == (inst->argc - 1)) break;
910
912 FR_SBUFF_IN_STRCPY_RETURN(out, fr_tokens[node->call.func->token]);
913 if ((i + 1) < inst->argc) FR_SBUFF_IN_CHAR_RETURN(out, ' ');
914 }
915 }
916
918
919 return fr_sbuff_used_total(out) - at_in;
920}
921
922/*
923 * This returns "false" for "ignore this argument"
924 *
925 * result is "false" for "delete this argument"
926 * result is "true" for "return this argument".
927 */
928static bool xlat_node_matches_bool(bool *result, xlat_exp_t *parent, xlat_exp_head_t *head, bool sense)
929{
930 fr_value_box_t *box;
931 xlat_exp_t *node;
932
933 if (!head->flags.pure) return false;
934
935 node = xlat_exp_head(head);
936 if (!node || xlat_exp_next(head, node)) {
937 return false;
938 }
939
940 if (node->type == XLAT_BOX) {
941 box = &node->data;
942 goto check;
943 }
944
945 if (node->type != XLAT_TMPL) {
946 return false;
947 }
948
949 if (!tmpl_is_data(node->vpt)) {
950 return false;
951 }
952
953 box = tmpl_value(node->vpt);
954
955check:
956 /*
957 * On "true", replace the entire logical operation with the value-box.
958 *
959 * On "false", omit this argument, and go to the next one.
960 */
961 *result = (fr_value_box_is_truthy(box) == sense);
962
963 if (!*result) return true;
964
966
968 fr_value_box_copy(parent, &parent->data, box);
969
970 return true;
971}
972
973/** Undo work which shouldn't have been done. :(
974 *
975 */
977{
978 xlat_exp_t *group, *node;
979
980 group = xlat_exp_head(head);
981 if (!group || xlat_exp_next(head, group)) return;
982
983 if (group->type != XLAT_GROUP) return;
984
985 node = xlat_exp_head(group->group);
986 if (!node || xlat_exp_next(group->group, node)) return;
987
988 (void) fr_dlist_remove(&head->dlist, group);
989 (void) fr_dlist_remove(&group->group->dlist, node);
990 (void) talloc_steal(head, node);
991
992 talloc_free(group);
993
994 fr_dlist_insert_tail(&head->dlist, node);
995 head->flags = node->flags;
996}
997
998/** If any argument resolves to inst->stop_on_match, the entire thing is a bool of inst->stop_on_match.
999 *
1000 * If any argument resolves to !inst->stop_on_match, it is removed.
1001 */
1002static int xlat_expr_logical_purify(xlat_exp_t *node, void *instance, request_t *request)
1003{
1004 int i, j;
1005 int deleted = 0;
1006 bool result;
1007 xlat_logical_inst_t *inst = talloc_get_type_abort(instance, xlat_logical_inst_t);
1008 xlat_exp_head_t *group;
1009
1010 fr_assert(node->type == XLAT_FUNC);
1011
1012 /*
1013 * Don't check the last argument. If everything else gets deleted,
1014 * then we just return the last argument.
1015 */
1016 for (i = 0; i < inst->argc; i++) {
1017 /*
1018 * The argument is pure, so we purify it before
1019 * doing any other checks.
1020 */
1021 if (inst->argv[i]->flags.can_purify) {
1022 if (xlat_purify_list(inst->argv[i], request) < 0) return -1;
1023
1024 /*
1025 * xlat_purify_list expects that its outputs will be arguments to functions, so
1026 * they're grouped. We con't need that, so we ungroup them here.
1027 */
1028 xlat_ungroup(inst->argv[i]);
1029 }
1030
1031 /*
1032 * This returns "false" for "ignore".
1033 *
1034 * result is "false" for "delete this argument"
1035 * result is "true" for "return this argument".
1036 */
1037 if (!xlat_node_matches_bool(&result, node, inst->argv[i], inst->stop_on_match)) continue;
1038
1039 /*
1040 * 0 && EXPR --> 0.
1041 * 1 || EXPR --> 1
1042 *
1043 * Parent is now an XLAT_BOX, so we're done.
1044 */
1045 if (result) return 0;
1046
1047 /*
1048 * We're at the last argument. If we've deleted everything else, then just leave the
1049 * last argument alone. Otherwise some arguments remain, so we can delete the last one.
1050 */
1051 if (((i + 1) == inst->argc) && (deleted == i)) break;
1052
1053 TALLOC_FREE(inst->argv[i]);
1054 deleted++;
1055 }
1056
1057 if (!deleted) return 0;
1058
1059 /*
1060 * Pack the array. We insert at i, and read from j. We don't need to read the deleted entries,
1061 * as they all MUST be NULL.
1062 */
1063 i = 0;
1064 j = -1;
1065 while (i < (inst->argc - deleted)) {
1066 if (inst->argv[i]) {
1067 i++;
1068 continue;
1069 }
1070
1071 /*
1072 * Start searching from the next entry, OR start searching from where we left off before.
1073 */
1074 if (j < 0) j = i + 1;
1075
1076 /*
1077 * Find the first non-NULL entry, and insert it in argv[i]. We search here until the end
1078 * of the array, because we may have deleted entries from the start of the array.
1079 */
1080 while (j < inst->argc) {
1081 if (inst->argv[j]) break;
1082 j++;
1083 }
1084
1085 /*
1086 * Move the entry down, and clear out the tail end of the array.
1087 */
1088 inst->argv[i++] = inst->argv[j];
1089 inst->argv[j++] = NULL;
1090 }
1091
1092 inst->argc -= deleted;
1093
1094 if (inst->argc > 1) return 0;
1095
1096 /*
1097 * Only one argument left. We can hoist the child into ourselves, and omit the logical operation.
1098 */
1099 group = inst->argv[0];
1100 fr_assert(group != NULL);
1101 talloc_steal(node, group);
1102
1105
1106 /* re-print, with purified nodes removed */
1107 {
1108 char *name;
1109
1110 MEM(xlat_aprint(node, &name, group, NULL) >= 0);
1112 }
1113
1114 talloc_free(node->group);
1115 node->group = group;
1116 node->flags = group->flags;
1117
1118 return 0;
1119}
1120
1121/** Process one argument of a logical operation.
1122 *
1123 * If we see a list in a truthy context, then we DON'T expand the list. Instead, we return a bool which
1124 * indicates if the list was empty (or not). This prevents us from returning a whole mess of value-boxes
1125 * when the user just wanted to see if the list existed.
1126 *
1127 * Otherwise, we expand the xlat, and continue.
1128 */
1130 xlat_ctx_t const *xctx,
1131 request_t *request, UNUSED fr_value_box_list_t *in)
1132{
1134 xlat_logical_rctx_t *rctx = talloc_get_type_abort(xctx->rctx, xlat_logical_rctx_t);
1135
1136 /*
1137 * Push the xlat onto the stack for expansion.
1138 */
1139 if (unlang_xlat_yield(request, inst->callback, NULL, 0, rctx) != XLAT_ACTION_YIELD) {
1140 fail:
1141 talloc_free(rctx->box);
1142 talloc_free(rctx);
1143 return XLAT_ACTION_FAIL;
1144 }
1145
1146 if (unlang_xlat_push(rctx, &rctx->last_result, &rctx->list,
1147 request, inst->argv[rctx->current], UNLANG_SUB_FRAME) < 0) goto fail;
1148
1150}
1151
1152/** See if the input is truthy or not.
1153 *
1154 * @param[in] rctx our ctx
1155 * @param[in] in list of value-boxes to check
1156 * @return
1157 * - false if there are no truthy values. The last box is copied to the rctx.
1158 * This is to allow us to return default values which may not be truthy,
1159 * e.g. %{&Counter || 0} or %{&Framed-IP-Address || 0.0.0.0}.
1160 * If we don't copy the last box to the rctx, the expression just returns NULL
1161 * which is never useful...
1162 * - true if we find a truthy value. The first truthy box is copied to the rctx.
1163 *
1164 * Empty lists are not truthy.
1165 */
1166static bool xlat_logical_or(xlat_logical_rctx_t *rctx, fr_value_box_list_t const *in)
1167{
1168 fr_value_box_t *last = NULL;
1169 bool ret = false;
1170
1171 /*
1172 * Empty lists are !truthy.
1173 */
1174 if (!fr_value_box_list_num_elements(in)) return false;
1175
1176 /*
1177 * Loop over the input list. We CANNOT do groups.
1178 */
1180 fr_assert(fr_type_is_leaf(box->type) || fr_type_is_null(box->type));
1181
1182 last = box;
1183
1184 /*
1185 * Remember the last box we found.
1186 *
1187 * If it's truthy, then we stop immediately.
1188 */
1189 if (fr_value_box_is_truthy(box)) {
1190 ret = true;
1191 break;
1192 }
1193 }
1194
1195 if (!rctx->box) {
1196 MEM(rctx->box = fr_value_box_alloc_null(rctx->ctx));
1197 } else {
1198 fr_value_box_clear(rctx->box);
1199 }
1200 if (last) fr_value_box_copy(rctx->box, rctx->box, last);
1201
1202 return ret;
1203}
1204
1205/*
1206 * We've evaluated an expression. Let's see if we need to continue with ||
1207 */
1209 xlat_ctx_t const *xctx,
1210 request_t *request, fr_value_box_list_t *in)
1211{
1213 xlat_logical_rctx_t *rctx = talloc_get_type_abort(xctx->rctx, xlat_logical_rctx_t);
1214 bool match;
1215
1216 /*
1217 * If the expansions fails, then we fail the entire thing.
1218 */
1219 if (!XLAT_RESULT_SUCCESS(&rctx->last_result)) {
1220 talloc_free(rctx->box);
1221 talloc_free(rctx);
1222 return XLAT_ACTION_FAIL;
1223 }
1224
1225 /*
1226 * Recursively check groups. i.e. we effectively flatten each list.
1227 *
1228 * (a, b, c) || (d, e, f) == a || b || c || d || e || f
1229 */
1230 match = xlat_logical_or(rctx, &rctx->list);
1231 if (match) goto done;
1232
1233 fr_value_box_list_talloc_free(&rctx->list);
1234
1235 rctx->current++;
1236
1237 /*
1238 * Nothing to expand, return the final value we saw.
1239 */
1240 if (rctx->current >= inst->argc) {
1241 done:
1242 /*
1243 * Otherwise we stop on failure, with the boolean
1244 * we just updated.
1245 */
1246 if (rctx->box) fr_dcursor_append(out, rctx->box);
1247
1248 talloc_free(rctx);
1249 return XLAT_ACTION_DONE;
1250 }
1251
1252 return xlat_logical_process_arg(ctx, out, xctx, request, in);
1253}
1254
1255/** See if the input is truthy or not.
1256 *
1257 * @param[in] rctx our ctx
1258 * @param[in] in list of value-boxes to check
1259 * @return
1260 * - false on failure
1261 * - true for match, with dst updated to contain the relevant box.
1262 *
1263 * Empty lists are not truthy.
1264 */
1265static bool xlat_logical_and(xlat_logical_rctx_t *rctx, fr_value_box_list_t const *in)
1266{
1267 fr_value_box_t *found = NULL;
1268
1269 /*
1270 * Empty lists are !truthy.
1271 */
1272 if (!fr_value_box_list_num_elements(in)) return false;
1273
1274 /*
1275 * Loop over the input list. We CANNOT do groups.
1276 */
1278 fr_assert(fr_type_is_leaf(box->type));
1279
1280 /*
1281 * Remember the last box we found.
1282 *
1283 * If it's truthy, then we keep going either
1284 * until the end, or until we get a "false".
1285 */
1286 if (fr_value_box_is_truthy(box)) {
1287 found = box;
1288 continue;
1289 }
1290
1291 /*
1292 * Stop on the first "false"
1293 */
1294 return false;
1295 }
1296
1297 if (!found) return false;
1298
1299 if (!rctx->box) {
1300 MEM(rctx->box = fr_value_box_alloc_null(rctx));
1301 } else {
1302 fr_value_box_clear(rctx->box);
1303 }
1304 fr_value_box_copy(rctx->box, rctx->box, found);
1305
1306 return true;
1307}
1308
1309/*
1310 * We've evaluated an expression. Let's see if we need to continue with &&
1311 */
1313 xlat_ctx_t const *xctx,
1314 request_t *request, fr_value_box_list_t *in)
1315{
1317 xlat_logical_rctx_t *rctx = talloc_get_type_abort(xctx->rctx, xlat_logical_rctx_t);
1318 bool match;
1319
1320 /*
1321 * If the expansions fails, then we fail the entire thing.
1322 */
1323 if (!XLAT_RESULT_SUCCESS(&rctx->last_result)) {
1324 talloc_free(rctx->box);
1325 talloc_free(rctx);
1326 return XLAT_ACTION_FAIL;
1327 }
1328
1329 /*
1330 * Recursively check groups. i.e. we effectively flatten each list.
1331 *
1332 * (a, b, c) && (d, e, f) == a && b && c && d && e && f
1333 */
1334 match = xlat_logical_and(rctx, &rctx->list);
1335 if (!match) return XLAT_ACTION_DONE;
1336
1337 fr_value_box_list_talloc_free(&rctx->list);
1338
1339 rctx->current++;
1340
1341 /*
1342 * Nothing to expand, return the final value we saw.
1343 */
1344 if (rctx->current >= inst->argc) {
1345 /*
1346 * Otherwise we stop on failure, with the boolean
1347 * we just updated.
1348 */
1349 fr_assert(rctx->box != NULL);
1350 fr_dcursor_append(out, rctx->box);
1351
1352 talloc_free(rctx);
1353 return XLAT_ACTION_DONE;
1354 }
1355
1356 return xlat_logical_process_arg(ctx, out, xctx, request, in);
1357}
1358
1359/*
1360 * Each argument is it's own head, because we do NOT always want
1361 * to go to the next argument.
1362 */
1364{
1365 xlat_logical_inst_t *inst = talloc_get_type_abort(xctx->inst, xlat_logical_inst_t);
1366
1367 inst->argc = xlat_flatten_to_argv(inst, &inst->argv, xctx->ex->call.args);
1368 if (xctx->ex->call.func->token == T_LOR) {
1369 inst->callback = xlat_logical_or_resume;
1370 inst->stop_on_match = true;
1371 } else {
1372 inst->callback = xlat_logical_and_resume;
1373 inst->stop_on_match = false;
1374 }
1375
1376 return 0;
1377}
1378
1379
1380/** Process logical &&, ||
1381 *
1382 */
1384 xlat_ctx_t const *xctx,
1385 request_t *request, fr_value_box_list_t *in)
1386{
1387 xlat_logical_rctx_t *rctx;
1389
1390 MEM(rctx = talloc_zero(unlang_interpret_frame_talloc_ctx(request), xlat_logical_rctx_t));
1391 rctx->ctx = ctx;
1392 rctx->current = 0;
1393
1394 if (inst->stop_on_match) {
1395 rctx->box = NULL;
1396 } else {
1398 rctx->box->vb_bool = true;
1399 }
1400 fr_value_box_list_init(&rctx->list);
1401
1402 (UNCONST(xlat_ctx_t *, xctx))->rctx = rctx; /* ensure it's there before a resume! */
1403
1404 return xlat_logical_process_arg(ctx, out, xctx, request, in);
1405}
1406
1407
1409 { .required = true, .single = true, .concat = true },
1411};
1412
1414 UNUSED xlat_ctx_t const *xctx,
1415 request_t *request, fr_value_box_list_t *in, fr_token_t op)
1416{
1417 int rcode;
1418 fr_value_box_t *dst, *group, *vb;
1419
1420 /*
1421 * We do some basic type checks here.
1422 */
1423 group = fr_value_box_list_head(in);
1424 vb = fr_value_box_list_head(&group->vb_group);
1425
1426 /*
1427 * -NULL is an error
1428 * ~NULL is an error
1429 * !NULL is handled by xlat_func_unary_not
1430 */
1431 if (!vb) {
1432 fr_strerror_printf("Input is empty");
1433 return XLAT_ACTION_FAIL;
1434 }
1435
1436 if (!fr_type_is_leaf(vb->type) || fr_type_is_variable_size(vb->type)) {
1437 REDEBUG("Cannot perform operation on data type %s", fr_type_to_str(vb->type));
1438 return XLAT_ACTION_FAIL;
1439 }
1440
1441 MEM(dst = fr_value_box_alloc_null(ctx));
1442
1443 /*
1444 * We rely on this function to do the remainder of the type checking.
1445 */
1446 rcode = fr_value_calc_unary_op(dst, dst, op, vb);
1447 if ((rcode < 0) || fr_type_is_null(dst->type)) {
1448 talloc_free(dst);
1449 return XLAT_ACTION_FAIL;
1450 }
1451
1452 fr_dcursor_append(out, dst);
1453 return XLAT_ACTION_DONE;
1454}
1455
1456
1458 UNUSED xlat_ctx_t const *xctx,
1459 UNUSED request_t *request, fr_value_box_list_t *in)
1460{
1461 fr_value_box_t *dst, *group, *vb;
1462
1463 group = fr_value_box_list_head(in);
1464 vb = fr_value_box_list_head(&group->vb_group);
1465
1466 /*
1467 * Don't call calc_unary_op(), because we want the enum names.
1468 */
1470
1471 /*
1472 * !NULL = true
1473 */
1474 if (!vb) {
1475 dst->vb_bool = true;
1476 } else {
1477 dst->vb_bool = !fr_value_box_is_truthy(vb);
1478 }
1479
1480 fr_dcursor_append(out, dst);
1481 return XLAT_ACTION_DONE;
1482}
1483
1485 xlat_ctx_t const *xctx,
1486 request_t *request, fr_value_box_list_t *in)
1487{
1488 return xlat_func_unary_op(ctx, out, xctx, request, in, T_SUB);
1489}
1490
1492 xlat_ctx_t const *xctx,
1493 request_t *request, fr_value_box_list_t *in)
1494{
1495 return xlat_func_unary_op(ctx, out, xctx, request, in, T_COMPLEMENT);
1496}
1497
1499 { .concat = true, .type = FR_TYPE_STRING },
1501};
1502
1503/** Holds the result of pre-parsing the rcode on startup
1504 */
1505typedef struct {
1506 rlm_rcode_t rcode; //!< The preparsed rcode.
1508
1509/** Convert static expr_rcode arguments into rcodes
1510 *
1511 * This saves doing the lookup at runtime, which given how frequently this xlat is used
1512 * could get quite expensive.
1513 */
1515{
1516 xlat_rcode_inst_t *inst = talloc_get_type_abort(xctx->inst, xlat_rcode_inst_t);
1517 xlat_exp_t *arg;
1518 xlat_exp_t *rcode_arg;
1519 fr_value_box_t *rcode;
1520
1521 /*
1522 * If it's literal data, then we can pre-resolve it to
1523 * a rcode now, and skip that at runtime.
1524 */
1525 arg = xlat_exp_head(xctx->ex->call.args);
1526 fr_assert(arg->type == XLAT_GROUP);
1527
1528 /*
1529 * We can only pre-parse if this if the value is
1530 * in a single box...
1531 */
1532 if (fr_dlist_num_elements(&arg->group->dlist) != 1) return 0;
1533 rcode_arg = xlat_exp_head(arg->group);
1534
1535 /*
1536 * We can only pre-parse is this is a static value.
1537 */
1538 if (rcode_arg->type != XLAT_BOX) return 0;
1539
1540 rcode = &rcode_arg->data;
1541
1542 switch (rcode->type) {
1543 case FR_TYPE_STRING:
1544 inst->rcode = fr_table_value_by_str(rcode_table, rcode->vb_strvalue, RLM_MODULE_NOT_SET);
1545 if (inst->rcode == RLM_MODULE_NOT_SET) {
1546 unknown:
1547 ERROR("Unknown rcode '%pV'", rcode);
1548 return -1;
1549 }
1550 break;
1551
1552 case FR_TYPE_INT8:
1553 case FR_TYPE_INT16:
1554 case FR_TYPE_INT32:
1555 case FR_TYPE_INT64:
1556 case FR_TYPE_UINT16:
1557 case FR_TYPE_UINT32:
1558 case FR_TYPE_UINT64:
1559 case FR_TYPE_SIZE:
1560 if (fr_value_box_cast_in_place(rcode_arg, rcode, FR_TYPE_UINT8, NULL) < 0) {
1561 invalid:
1562 ERROR("Invalid value for rcode '%pV'", rcode);
1563 return -1;
1564 }
1566
1567 case FR_TYPE_UINT8:
1568 if (rcode->vb_uint8 >= RLM_MODULE_NUMCODES) goto invalid;
1569 inst->rcode = rcode->vb_uint8;
1570 break;
1571
1572 default:
1573 goto unknown;
1574 }
1575
1576 /*
1577 * No point in creating useless boxes at runtime,
1578 * nuke the argument now.
1579 */
1580 (void) fr_dlist_remove(&xctx->ex->call.args->dlist, arg);
1581 talloc_free(arg);
1582
1583 return 0;
1584}
1585
1586static fr_slen_t xlat_expr_print_rcode(fr_sbuff_t *out, xlat_exp_t const *node, void *instance, UNUSED fr_sbuff_escape_rules_t const *e_rules)
1587{
1588 size_t at_in = fr_sbuff_used_total(out);
1589 xlat_rcode_inst_t *inst = instance;
1590
1591 FR_SBUFF_IN_STRCPY_LITERAL_RETURN(out, "%interpreter.rcode('");
1592 if (xlat_exp_head(node->call.args)) {
1593 ssize_t slen;
1594
1595 xlat_exp_foreach(node->call.args, child) {
1596 slen = xlat_print_node(out, node->call.args, child, NULL, 0);
1597 if (slen < 0) return slen;
1598 }
1599 } else {
1601 }
1603
1604 return fr_sbuff_used_total(out) - at_in;
1605}
1606
1607/** Match the passed rcode against request->rcode
1608 *
1609 * Example:
1610@verbatim
1611%interpreter.rcode('handled') == true
1612
1613# ...or how it's used normally used
1614if (handled) {
1615 ...
1616}
1617@endverbatim
1618 *
1619 * @ingroup xlat_functions
1620 */
1622 xlat_ctx_t const *xctx,
1623 request_t *request, fr_value_box_list_t *args)
1624{
1626 fr_value_box_t *arg_rcode;
1627 rlm_rcode_t rcode;
1628 fr_value_box_t *vb;
1629
1630 /*
1631 * If we have zero args, it's because the instantiation
1632 * function consumed them. Unless the user read the debug
1633 * output, and tried to see what the rcode is, in case we
1634 */
1635 if (fr_value_box_list_num_elements(args) == 0) {
1636 if (inst->rcode == RLM_MODULE_NOT_SET) {
1637 RDEBUG("Request rcode is '%s'",
1638 fr_table_str_by_value(rcode_table, request->rcode, "<INVALID>"));
1639 return XLAT_ACTION_DONE;
1640 }
1641
1642 rcode = inst->rcode;
1643 } else {
1644 XLAT_ARGS(args, &arg_rcode);
1645 rcode = fr_table_value_by_str(rcode_table, arg_rcode->vb_strvalue, RLM_MODULE_NOT_SET);
1646 if (rcode == RLM_MODULE_NOT_SET) {
1647 REDEBUG("Invalid rcode '%pV'", arg_rcode);
1648 return XLAT_ACTION_FAIL;
1649 }
1650 }
1651
1652 RDEBUG3("Request rcode is '%s'",
1653 fr_table_str_by_value(rcode_table, request->rcode, "<INVALID>"));
1654
1657 vb->vb_bool = (request->rcode == rcode);
1658
1659 return XLAT_ACTION_DONE;
1660}
1661
1662/** Takes no arguments
1663 */
1665 XLAT_ARG_PARSER_TERMINATOR, /* Coverity gets tripped up by only having a single entry here */
1667};
1668
1669/** Return the current rcode as a string
1670 *
1671 * Example:
1672@verbatim
1673"%rcode()" == "handled"
1674@endverbatim
1675 *
1676 * @ingroup xlat_functions
1677 */
1679 UNUSED xlat_ctx_t const *xctx,
1680 request_t *request, UNUSED fr_value_box_list_t *args)
1681{
1682 fr_value_box_t *vb;
1683
1684 /*
1685 * FIXME - This should really be an enum
1686 */
1687 MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_STRING, NULL));
1688 if (fr_value_box_strdup(vb, vb, NULL, fr_table_str_by_value(rcode_table, request->rcode, "<INVALID>"), false) < 0) {
1689 talloc_free(vb);
1690 return XLAT_ACTION_FAIL;
1691 }
1693
1694 return XLAT_ACTION_DONE;
1695}
1696
1697typedef struct {
1698 tmpl_t const *vpt; //!< the attribute reference
1700
1705
1706/*
1707 * We just print the node as-is.
1708 */
1709static fr_slen_t xlat_expr_print_exists(fr_sbuff_t *out, xlat_exp_t const *node, void *instance, fr_sbuff_escape_rules_t const *e_rules)
1710{
1711 size_t at_in = fr_sbuff_used_total(out);
1712 xlat_exists_inst_t *inst = instance;
1713
1714 if (inst->vpt) {
1715 FR_SBUFF_IN_STRCPY_RETURN(out, inst->vpt->name);
1716 } else {
1717 xlat_print_node(out, node->call.args, xlat_exp_head(node->call.args), e_rules, 0);
1718 }
1719
1720 return fr_sbuff_used_total(out) - at_in;
1721}
1722
1723/*
1724 * Don't expand the argument if it's already an attribute reference.
1725 */
1727{
1728 xlat_exists_inst_t *inst = talloc_get_type_abort(xctx->inst, xlat_exists_inst_t);
1729 xlat_exp_t *arg, *node;
1730
1731 arg = xlat_exp_head(xctx->ex->call.args);
1732
1733 fr_assert(arg->type == XLAT_GROUP);
1734 node = xlat_exp_head(arg->group);
1735
1736 /*
1737 * @todo - add an escape callback to this xlat
1738 * registration, so that it can take untrusted inputs.
1739 */
1740 if ((node->type != XLAT_TMPL) || !tmpl_contains_attr(node->vpt)) {
1741 fr_strerror_const("The %exists() function can only be used internally");
1742 return -1;
1743 }
1744
1745 inst->vpt = talloc_steal(inst, node->vpt);
1746
1747 /*
1748 * Free the input arguments so that they don't get expanded.
1749 */
1750 while ((arg = fr_dlist_pop_head(&xctx->ex->call.args->dlist)) != NULL) {
1751 talloc_free(arg);
1752 }
1753
1754 return 0;
1755}
1756
1758 request_t *request, tmpl_t const *vpt, bool do_free)
1759{
1760 fr_pair_t *vp;
1761 fr_value_box_t *dst;
1762 fr_dcursor_t cursor;
1764
1766
1767 vp = tmpl_dcursor_init(NULL, NULL, &cc, &cursor, request, vpt);
1768 dst->vb_bool = (vp != NULL);
1769
1770 if (do_free) talloc_const_free(vpt);
1771 tmpl_dcursor_clear(&cc);
1772 fr_dcursor_append(out, dst);
1773 return XLAT_ACTION_DONE;
1774}
1775
1776/** See if a named attribute exists
1777 *
1778 * Example:
1779@verbatim
1780"%{exists:&Foo}" == true
1781@endverbatim
1782 *
1783 * @ingroup xlat_functions
1784 */
1786 xlat_ctx_t const *xctx,
1787 request_t *request, UNUSED fr_value_box_list_t *in)
1788{
1790
1791 /*
1792 * We return "true" if the attribute exists. Otherwise we return "false".
1793 */
1794 fr_assert(inst->vpt);
1795
1796 return xlat_attr_exists(ctx, out, request, inst->vpt, false);
1797}
1798
1799#undef XLAT_REGISTER_BINARY_OP
1800#define XLAT_REGISTER_BINARY_OP(_op, _name) \
1801do { \
1802 if (unlikely((xlat = xlat_func_register(NULL, "op_" STRINGIFY(_name), xlat_func_op_ ## _name, FR_TYPE_VOID)) == NULL)) return -1; \
1803 xlat_func_args_set(xlat, binary_op_xlat_args); \
1804 xlat_func_flags_set(xlat, XLAT_FUNC_FLAG_PURE | XLAT_FUNC_FLAG_INTERNAL); \
1805 xlat_func_print_set(xlat, xlat_expr_print_binary); \
1806 xlat->token = _op; \
1807} while (0)
1808
1809#undef XLAT_REGISTER_BINARY_CMP
1810#define XLAT_REGISTER_BINARY_CMP(_op, _name) \
1811do { \
1812 if (unlikely((xlat = xlat_func_register(NULL, "cmp_" STRINGIFY(_name), xlat_func_cmp_ ## _name, FR_TYPE_BOOL)) == NULL)) return -1; \
1813 xlat_func_args_set(xlat, binary_cmp_xlat_args); \
1814 xlat_func_flags_set(xlat, XLAT_FUNC_FLAG_PURE | XLAT_FUNC_FLAG_INTERNAL); \
1815 xlat_func_print_set(xlat, xlat_expr_print_binary); \
1816 xlat_func_resolve_set(xlat, xlat_expr_resolve_binary); \
1817 xlat->token = _op; \
1818} while (0)
1819
1820#undef XLAT_REGISTER_NARY_OP
1821#define XLAT_REGISTER_NARY_OP(_op, _name, _func_name) \
1822do { \
1823 if (unlikely((xlat = xlat_func_register(NULL, STRINGIFY(_name), xlat_func_ ## _func_name, FR_TYPE_VOID)) == NULL)) return -1; \
1824 xlat_func_instantiate_set(xlat, xlat_instantiate_ ## _func_name, xlat_ ## _func_name ## _inst_t, NULL, NULL); \
1825 xlat_func_flags_set(xlat, XLAT_FUNC_FLAG_PURE | XLAT_FUNC_FLAG_INTERNAL); \
1826 xlat_func_print_set(xlat, xlat_expr_print_nary); \
1827 xlat_purify_func_set(xlat, xlat_expr_logical_purify); \
1828 xlat->token = _op; \
1829} while (0)
1830
1831#undef XLAT_REGISTER_REGEX_OP
1832#define XLAT_REGISTER_REGEX_OP(_op, _name) \
1833do { \
1834 if (unlikely((xlat = xlat_func_register(NULL, STRINGIFY(_name), xlat_func_ ## _name, FR_TYPE_BOOL)) == NULL)) return -1; \
1835 xlat_func_args_set(xlat, regex_op_xlat_args); \
1836 xlat_func_flags_set(xlat, XLAT_FUNC_FLAG_PURE | XLAT_FUNC_FLAG_INTERNAL); \
1837 xlat_func_instantiate_set(xlat, xlat_instantiate_regex, xlat_regex_inst_t, NULL, NULL); \
1838 xlat_func_print_set(xlat, xlat_expr_print_regex); \
1839 xlat->token = _op; \
1840} while (0)
1841
1842#define XLAT_REGISTER_BOOL(_xlat, _func, _arg, _ret_type) \
1843do { \
1844 if (unlikely((xlat = xlat_func_register(NULL, _xlat, _func, _ret_type)) == NULL)) return -1; \
1845 xlat_func_args_set(xlat, _arg); \
1846 xlat_func_flags_set(xlat, XLAT_FUNC_FLAG_INTERNAL); \
1847} while (0)
1848
1849#define XLAT_REGISTER_UNARY(_op, _xlat, _func) \
1850do { \
1851 if (unlikely((xlat = xlat_func_register(NULL, _xlat, _func, FR_TYPE_VOID)) == NULL)) return -1; \
1852 xlat_func_args_set(xlat, unary_op_xlat_args); \
1853 xlat_func_flags_set(xlat, XLAT_FUNC_FLAG_PURE | XLAT_FUNC_FLAG_INTERNAL); \
1854 xlat_func_print_set(xlat, xlat_expr_print_unary); \
1855 xlat->token = _op; \
1856} while (0)
1857
1859{
1860 xlat_t *xlat;
1861
1872
1881
1884
1885 if (unlikely((xlat = xlat_func_register(NULL, "regex.search", xlat_func_regex_search, FR_TYPE_BOOL)) == NULL)) return -1;
1888
1889 /*
1890 * &&, ||
1891 *
1892 * @todo - remove tmpl_resolve() from tokenize_field(), and add xlat_resolve_logical_or() / xlat_resolve_logical_and()
1893 * functions which do partial resolution.
1894 */
1895 XLAT_REGISTER_NARY_OP(T_LAND, logical_and, logical);
1896 XLAT_REGISTER_NARY_OP(T_LOR, logical_or, logical);
1897
1901
1903 xlat->deprecated = true;
1906
1911
1912 if (unlikely((xlat = xlat_func_register(NULL, "rcode", xlat_func_rcode, FR_TYPE_STRING)) == NULL)) return -1;
1915
1916 /*
1917 * -EXPR
1918 * ~EXPR
1919 * !EXPR
1920 */
1924
1925 return 0;
1926}
1927
1928/*
1929 * Must use the same names as above.
1930 */
1932 [ T_ADD ] = L("op_add"),
1933 [ T_SUB ] = L("op_sub"),
1934 [ T_MUL ] = L("op_mul"),
1935 [ T_DIV ] = L("op_div"),
1936 [ T_MOD ] = L("op_mod"),
1937 [ T_AND ] = L("op_and"),
1938 [ T_OR ] = L("op_or"),
1939 [ T_XOR ] = L("op_xor"),
1940 [ T_RSHIFT ] = L("op_rshift"),
1941 [ T_LSHIFT ] = L("op_lshift"),
1942
1943 [ T_LAND ] = L("logical_and"),
1944 [ T_LOR ] = L("logical_or"),
1945
1946 [ T_OP_CMP_EQ ] = L("cmp_eq"),
1947 [ T_OP_NE ] = L("cmp_ne"),
1948 [ T_OP_LT ] = L("cmp_lt"),
1949 [ T_OP_LE ] = L("cmp_le"),
1950 [ T_OP_GT ] = L("cmp_gt"),
1951 [ T_OP_GE ] = L("cmp_ge"),
1952
1953 [ T_OP_CMP_EQ_TYPE ] = L("cmp_eq_type"),
1954 [ T_OP_CMP_NE_TYPE ] = L("cmp_ne_type"),
1955
1956 [ T_OP_REG_EQ ] = L("reg_eq"),
1957 [ T_OP_REG_NE ] = L("reg_ne"),
1958};
1959
1960/*
1961 * Which are logical operations
1962 */
1963static const bool logical_ops[T_TOKEN_LAST] = {
1964 [T_LAND] = true,
1965 [T_LOR] = true,
1966};
1967
1968/*
1969 * These operators can take multiple arguments.
1970 *
1971 * @todo - include T_ADD, T_SUB, T_MUL, T_AND, T_OR, T_XOR, here too.
1972 *
1973 * This array should contain a function pointer to the code which either appends the results, or does
1974 * peephole optimizations to merge the arguments together. This merging will reduce run-time effort.
1975 */
1976static const bool multivalue_ops[T_TOKEN_LAST] = {
1977 [T_LAND] = true,
1978 [T_LOR] = true,
1979};
1980
1981/*
1982 * Allow for BEDMAS ordering. Gross ordering is first number,
1983 * fine ordering is second number. Unused operators are assigned as zero.
1984 *
1985 * Larger numbers are higher precedence.
1986 */
1987#define P(_x, _y) (((_x) << 4) | (_y))
1988
1989static const int precedence[T_TOKEN_LAST] = {
1990 [T_INVALID] = 0,
1991
1992 /*
1993 * Assignment operators go here as P(1,n)
1994 *
1995 * += -= *= /= %= <<= >>= &= ^= |=
1996 *
1997 * We want the output of the assignment operators to be the result of the assignment. This means
1998 * that the assignments can really only be done for simple attributes, and not tmpls with filters
1999 * which select multiple attributes.
2000 *
2001 * Which (for now) means that we likely want to disallow assignments in expressions. That's
2002 * fine, as this isn't C, and we're not sure that it makes sense to do something like:
2003 *
2004 * if ((&foo += 5) > 60) ...
2005 *
2006 * Or maybe it does. Who knows?
2007 */
2008
2009 [T_LOR] = P(2,0),
2010 [T_LAND] = P(2,1),
2011
2012 [T_OR] = P(3,0),
2013 [T_XOR] = P(3,1),
2014 [T_AND] = P(3,2),
2015
2016 [T_OP_REG_EQ] = P(4,0),
2017 [T_OP_REG_NE] = P(4,0),
2018
2019 [T_OP_CMP_EQ] = P(4,1),
2020 [T_OP_NE] = P(4,1),
2021
2022 [T_OP_CMP_EQ_TYPE] = P(4,1),
2023 [T_OP_CMP_NE_TYPE] = P(4,1),
2024
2025 [T_OP_LT] = P(5,0),
2026 [T_OP_LE] = P(5,0),
2027 [T_OP_GT] = P(5,0),
2028 [T_OP_GE] = P(5,0),
2029
2030 [T_RSHIFT] = P(6,0),
2031 [T_LSHIFT] = P(6,0),
2032
2033 [T_SUB] = P(7,0),
2034 [T_ADD] = P(7,1),
2035
2036 [T_MOD] = P(8,0),
2037 [T_MUL] = P(8,1),
2038 [T_DIV] = P(8,2),
2039
2040 [T_LBRACE] = P(10,0),
2041};
2042
2043#define fr_sbuff_skip_whitespace(_x) \
2044 do { \
2045 while (isspace((uint8_t) fr_sbuff_char(_x, '\0'))) fr_sbuff_advance(_x, 1); \
2046 } while (0)
2047
2049 fr_sbuff_parse_rules_t const *p_rules, tmpl_rules_t const *t_rules,
2050 fr_token_t prev, fr_sbuff_parse_rules_t const *bracket_rules,
2051 fr_sbuff_parse_rules_t const *input_rules, bool cond) CC_HINT(nonnull(1,2,3,4,5));
2052
2054 fr_sbuff_parse_rules_t const *p_rules, tmpl_rules_t const *t_rules,
2055 fr_sbuff_parse_rules_t const *bracket_rules, char *out_c, bool cond) CC_HINT(nonnull(1,2,3,4,5));
2056
2058 fr_sbuff_parse_rules_t const *p_rules, tmpl_rules_t const *t_rules,
2059 fr_sbuff_parse_rules_t const *bracket_rules, char *out_c, bool cond) CC_HINT(nonnull(1,2,3,4,5));
2060
2062 { L("\""), T_DOUBLE_QUOTED_STRING }, /* Don't re-order, backslash throws off ordering */
2063 { L("'"), T_SINGLE_QUOTED_STRING },
2064 { L("/"), T_SOLIDUS_QUOTED_STRING },
2065 { L("`"), T_BACK_QUOTED_STRING }
2066};
2068
2069
2070/*
2071 * Look for prefix operators
2072 *
2073 * + = ignore
2074 * - = unary_minus(next)
2075 * ! = unary_not(next)
2076 * ~ = unary_xor(0, next)
2077 * (expr) = recurse, and parse expr
2078 *
2079 * as a special case, <type> is a cast. Which lets us know how
2080 * to parse the next thing we get. Otherwise, parse the thing as
2081 * int64_t.
2082 */
2084 fr_sbuff_parse_rules_t const *p_rules, tmpl_rules_t const *t_rules,
2085 fr_sbuff_parse_rules_t const *bracket_rules, char *out_c, bool cond)
2086{
2087 xlat_exp_t *node = NULL, *unary = NULL;
2088 xlat_t *func = NULL;
2089 fr_sbuff_t our_in = FR_SBUFF(in);
2090 char c = '\0';
2091
2093
2094 /*
2095 * Handle !-~ by adding a unary function to the xlat
2096 * node, with the first argument being the _next_ thing
2097 * we allocate.
2098 */
2099 if (fr_sbuff_next_if_char(&our_in, '!')) { /* unary not */
2100 func = xlat_func_find("unary_not", 9);
2101 fr_assert(func != NULL);
2102 c = '!';
2103 goto check_for_double;
2104
2105 }
2106 else if (fr_sbuff_next_if_char(&our_in, '-')) { /* unary minus */
2107 fr_sbuff_skip_whitespace(&our_in);
2108
2109 /*
2110 * -4 is a number, not minus(4).
2111 */
2112 if (fr_sbuff_is_digit(&our_in)) goto field;
2113
2114 func = xlat_func_find("unary_minus", 11);
2115 fr_assert(func != NULL);
2116 c = '-';
2117 goto check_for_double;
2118
2119 }
2120 else if (fr_sbuff_next_if_char(&our_in, '~')) { /* unary complement */
2121 func = xlat_func_find("unary_complement", 16);
2122 fr_assert(func != NULL);
2123 c = '~';
2124 goto check_for_double;
2125
2126 }
2127 else if (fr_sbuff_next_if_char(&our_in, '+')) { /* ignore unary + */
2128 c = '+';
2129
2130 check_for_double:
2131 fr_sbuff_skip_whitespace(&our_in);
2132 fr_sbuff_skip_whitespace(&our_in);
2133 if (fr_sbuff_is_char(&our_in, c)) {
2134 fr_strerror_const("Double operator is invalid");
2135 FR_SBUFF_ERROR_RETURN(&our_in);
2136 }
2137 }
2138
2139 /*
2140 * Maybe we have a unary not / etc. If so, make sure
2141 * that we return that, and not the child node
2142 */
2143 if (!func) {
2144 field:
2145 return tokenize_field(head, out, in, p_rules, t_rules, bracket_rules, out_c, cond);
2146 }
2147
2148 /*
2149 * Tokenize_field may reset this if the operation is wrapped inside of another expression.
2150 */
2151 *out_c = c;
2152
2153 MEM(unary = xlat_exp_alloc(head, XLAT_FUNC, fr_tokens[func->token], strlen(fr_tokens[func->token])));
2154 xlat_exp_set_func(unary, func, t_rules->attr.dict_def);
2155 MEM(unary->call.args = xlat_exp_head_alloc(unary));
2156 unary->call.args->is_argv = true;
2157
2158 if (tokenize_field(unary->call.args, &node, &our_in, p_rules, t_rules, bracket_rules, out_c, (c == '!')) <= 0) {
2159 talloc_free(unary);
2160 FR_SBUFF_ERROR_RETURN(&our_in);
2161 }
2162
2163 if (!node) {
2164 fr_strerror_const("Empty expressions are invalid");
2165 FR_SBUFF_ERROR_RETURN(&our_in);
2166 }
2167
2168 xlat_func_append_arg(unary, node, (c == '!'));
2169 unary->flags.can_purify = (unary->call.func->flags.pure && unary->call.args->flags.pure) | unary->call.args->flags.can_purify;
2170
2171 /*
2172 * Don't add it to head->flags, that will be done when it's actually inserted.
2173 */
2174
2175 *out = unary;
2176
2177 FR_SBUFF_SET_RETURN(in, &our_in);
2178}
2179
2180/** Allocate a specific cast node.
2181 *
2182 * With the first argument being a UINT8 of the data type.
2183 * See xlat_func_cast() for the implementation.
2184 *
2185 */
2186static xlat_exp_t *expr_cast_alloc(TALLOC_CTX *ctx, fr_type_t type, xlat_exp_t *child)
2187{
2188 xlat_exp_t *cast, *node;
2189 char const *str;
2190
2191 /*
2192 * Create a "cast" node. The first argument is a UINT8 value-box of the cast type. The RHS is
2193 * whatever "node" comes next.
2194 */
2195 MEM(cast = xlat_exp_alloc(ctx, XLAT_FUNC, "cast", 4));
2196 MEM(cast->call.func = xlat_func_find("cast", 4));
2197 // no need to set dict here
2198 fr_assert(cast->call.func != NULL);
2199 cast->flags = cast->call.func->flags;
2200
2201 /*
2202 * Create argv[0] UINT8, with "Cast-Base" as
2203 * the "da". This allows the printing routines
2204 * to print the name of the type, and not the
2205 * number.
2206 */
2207 str = fr_type_to_str(type);
2208 fr_assert(str != NULL);
2209
2210 MEM(node = xlat_exp_alloc(cast, XLAT_BOX, NULL, 0));
2211 xlat_exp_set_name(node, str, strlen(str));
2212
2213 fr_value_box_init(&node->data, FR_TYPE_UINT8, attr_cast_base, false);
2214 node->data.vb_uint8 = type;
2215
2216 xlat_func_append_arg(cast, node, false);
2217 (void) talloc_steal(cast, child);
2218 xlat_func_append_arg(cast, child, false);
2219
2220 return cast;
2221}
2222
2224{
2225 fr_sbuff_t our_in = FR_SBUFF(in);
2227 ssize_t slen;
2228
2229 if (!fr_sbuff_next_if_char(&our_in, '(')) {
2230 no_cast:
2231 *cast = FR_TYPE_NULL;
2232 return 0;
2233 }
2234
2235 fr_sbuff_marker(&m, &our_in);
2237
2238 /*
2239 * We didn't read anything, there's no cast.
2240 */
2241 if (fr_sbuff_diff(&our_in, &m) == 0) goto no_cast;
2242
2243 if (!fr_sbuff_next_if_char(&our_in, ')')) goto no_cast;
2244
2245 if (fr_type_is_null(*cast)) {
2246 fr_strerror_printf("Invalid data type in cast");
2248 }
2249
2250 if (!fr_type_is_leaf(*cast)) {
2251 fr_strerror_printf("Invalid data type '%s' in cast", fr_type_to_str(*cast));
2252 FR_SBUFF_ERROR_RETURN(&our_in);
2253 }
2254
2255 fr_sbuff_adv_past_whitespace(&our_in, SIZE_MAX, NULL);
2256
2257 FR_SBUFF_SET_RETURN(in, &our_in);
2258}
2259
2260/*
2261 * Tokenize the RHS of a regular expression.
2262 */
2264 tmpl_rules_t const *t_rules,
2265 fr_sbuff_parse_rules_t const *bracket_rules)
2266{
2267 ssize_t slen;
2268 xlat_exp_t *node = NULL;
2269 fr_sbuff_t our_in = FR_SBUFF(in);
2270 fr_sbuff_marker_t opand_m, flag;
2271 tmpl_t *vpt;
2273
2275
2276 fr_sbuff_skip_whitespace(&our_in);
2277
2278 /*
2279 * Record where the operand begins for better error offsets later
2280 */
2281 fr_sbuff_marker(&opand_m, &our_in);
2282
2283 /*
2284 * Regexes cannot have casts or sub-expressions.
2285 */
2286 if (!fr_sbuff_next_if_char(&our_in, '/')) {
2287 /*
2288 * Allow for m'...' ala Perl
2289 */
2290 if (!fr_sbuff_is_str(&our_in, "m'", 2)) {
2291 fr_strerror_const("Expected regular expression");
2292 goto error;
2293 }
2294
2295 fr_sbuff_advance(&our_in, 2);
2296 quote = T_SINGLE_QUOTED_STRING;
2297 }
2298
2299 /*
2300 * Allocate the xlat node now so the talloc hierarchy is correct
2301 */
2302 MEM(node = xlat_exp_alloc(head, XLAT_TMPL, NULL, 0));
2303
2304 /*
2305 * tmpl_afrom_substr does pretty much all the work of parsing the operand. Note that we pass '/'
2306 * as the quote, so that the tmpl gets parsed as a regex.
2307 */
2308 (void) tmpl_afrom_substr(node, &vpt, &our_in, T_SOLIDUS_QUOTED_STRING, value_parse_rules_quoted[quote], t_rules);
2309 if (!vpt) {
2310 error:
2311 talloc_free(node);
2312 FR_SBUFF_ERROR_RETURN(&our_in);
2313 }
2314
2315 /*
2316 * @todo - allow for the RHS to be an attribute, too?
2317 */
2318
2319 /*
2320 * It would be nice if tmpl_afrom_substr() did this :(
2321 */
2322 if (!fr_sbuff_next_if_char(&our_in, fr_token_quote[quote])) {
2323 fr_strerror_const("Unterminated regular expression");
2324 goto error;
2325 }
2326
2327 /*
2328 * Remember where the flags start
2329 */
2330 fr_sbuff_marker(&flag, &our_in);
2331 if (tmpl_regex_flags_substr(vpt, &our_in, bracket_rules->terminals) < 0) {
2332 talloc_free(node);
2333 FR_SBUFF_ERROR_RETURN(&our_in);
2334 }
2335
2336 fr_sbuff_skip_whitespace(&our_in);
2337
2338 /*
2339 * Try to compile regular expressions, but only if
2340 * they're not being dynamically expanded.
2341 */
2342 if (!tmpl_contains_xlat(vpt)) {
2343 slen = tmpl_regex_compile(vpt, true);
2344 if (slen <= 0) goto error;
2345 }
2346
2347 node->quote = quote;
2348 xlat_exp_set_vpt(node, vpt);
2349
2350 XLAT_VERIFY(node);
2351 *out = node;
2352
2353 FR_SBUFF_SET_RETURN(in, &our_in);
2354}
2355
2356
2358{
2359 rlm_rcode_t rcode;
2360 ssize_t slen;
2361 xlat_t *func;
2362 xlat_exp_t *node, *arg;
2363 fr_sbuff_t our_in = FR_SBUFF(in);
2364
2365 fr_sbuff_out_by_longest_prefix(&slen, &rcode, rcode_table, &our_in, T_BARE_WORD);
2366 if (slen <= 0) return 0;
2367
2368 if (!fr_sbuff_is_terminal(&our_in, terminals)) {
2369 if (!fr_dict_attr_allowed_chars[fr_sbuff_char(&our_in, '\0')]) {
2370 fr_strerror_const("Unexpected text after return code");
2371 FR_SBUFF_ERROR_RETURN(&our_in);
2372 }
2373 return 0;
2374 }
2375
2376 /*
2377 * @todo - allow for attributes to have the name "ok-foo" ???
2378 */
2379 func = xlat_func_find("interpreter.rcode", -1);
2380 fr_assert(func != NULL);
2381
2382 MEM(node = xlat_exp_alloc(head, XLAT_FUNC, fr_sbuff_start(&our_in), slen));
2383 node->call.func = func;
2384 // no need to set dict here
2385 node->flags = func->flags; /* rcode is impure, but can be calculated statically */
2386
2387 MEM(arg = xlat_exp_alloc(node, XLAT_BOX, fr_sbuff_start(&our_in), slen));
2388
2389 /*
2390 * We need a string for unit tests, but this should really be just a number.
2391 */
2392 fr_value_box_init(&arg->data, FR_TYPE_STRING, NULL, false);
2393 (void) fr_value_box_bstrndup(arg, &arg->data, NULL, fr_sbuff_start(&our_in), slen, false);
2394
2395 xlat_func_append_arg(node, arg, false);
2396
2397 *out = node;
2398
2399 FR_SBUFF_SET_RETURN(in, &our_in);
2400}
2401
2402
2403/*
2404 * Tokenize a field without unary operators.
2405 */
2407 fr_sbuff_parse_rules_t const *p_rules, tmpl_rules_t const *t_rules,
2408 fr_sbuff_parse_rules_t const *bracket_rules, char *out_c, bool cond)
2409{
2410 ssize_t slen;
2411 xlat_exp_t *node = NULL;
2412 fr_sbuff_t our_in = FR_SBUFF(in);
2413 fr_sbuff_marker_t opand_m;
2414 tmpl_rules_t our_t_rules;
2415 tmpl_t *vpt = NULL;
2416 fr_token_t quote;
2417 fr_type_t cast_type;
2418 fr_dict_attr_t const *enumv;
2419
2421
2422 /*
2423 * Allow for explicit casts. Non-leaf types are forbidden.
2424 */
2425 if (expr_cast_from_substr(&cast_type, &our_in) < 0) return -1;
2426
2427 /*
2428 * Do NOT pass the cast down to the next set of parsing routines. Instead, let the next data be
2429 * parsed as whatever, and then add a cast, or cast in place as necessary.
2430 */
2431 our_t_rules = *t_rules;
2432 if (cast_type == FR_TYPE_NULL) {
2433 cast_type = our_t_rules.cast;
2434 enumv = our_t_rules.enumv;
2435 } else {
2436 enumv = NULL;
2437 }
2438
2439 our_t_rules.cast = FR_TYPE_NULL;
2440// our_t_rules.enumv = NULL;
2441
2442 /*
2443 * As a special case, we allow
2444 *
2445 * &reply = "foo = bar"
2446 *
2447 * and then we don't parse the RHS as any enum.
2448 */
2449 if ( our_t_rules.enumv && !fr_type_is_leaf(our_t_rules.enumv->type)) {
2450 our_t_rules.enumv = enumv = NULL;
2451 }
2452
2453 /*
2454 * If we still have '(', then recurse for other expressions
2455 *
2456 * Tokenize the sub-expression, ensuring that we stop at ')'.
2457 *
2458 * Note that if we have a sub-expression, then we don't use the hinting for "type".
2459 * That's because we're parsing a complete expression here (EXPR). So the intermediate
2460 * nodes in the expression can be almost anything. And we only cast it to the final
2461 * value when we get the output of the expression.
2462 */
2463 if (fr_sbuff_next_if_char(&our_in, '(')) {
2464 our_t_rules.cast = FR_TYPE_NULL;
2465 our_t_rules.enumv = NULL;
2466
2467 fr_sbuff_skip_whitespace(&our_in);
2468 if (fr_sbuff_is_char(&our_in, ')')) {
2469 fr_strerror_printf("Empty expressions are invalid");
2470 FR_SBUFF_ERROR_RETURN(&our_in);
2471 }
2472
2473 /*
2474 * No input rules means "ignore external terminal sequences, as we're expecting a ')' as
2475 * our terminal sequence.
2476 */
2477 if (tokenize_expression(head, &node, &our_in, bracket_rules, &our_t_rules, T_INVALID, bracket_rules, NULL, cond) <= 0) {
2478 FR_SBUFF_ERROR_RETURN(&our_in);
2479 }
2480
2481 if (!fr_sbuff_next_if_char(&our_in, ')')) {
2482 fr_strerror_printf("Failed to find trailing ')'");
2483 FR_SBUFF_ERROR_RETURN(&our_in);
2484 }
2485
2486 /*
2487 * We've parsed one "thing", so we stop. The next thing should be an operator, not
2488 * another value.
2489 *
2490 * The nested call to tokenize_expression() can return >=0 if there are spaces followed by a
2491 * terminal character. So "node" may be NULL;
2492 */
2493 if (!node) {
2494 fr_strerror_const("Empty expressions are invalid");
2495 FR_SBUFF_ERROR_RETURN(&our_in);
2496 }
2497
2498 *out_c = '\0';
2499 goto done;
2500 }
2501
2502 /*
2503 * Record where the operand begins for better error offsets later
2504 */
2505 fr_sbuff_skip_whitespace(&our_in);
2506 fr_sbuff_marker(&opand_m, &our_in);
2507
2509
2510 switch (quote) {
2511 case T_BARE_WORD:
2512 p_rules = bracket_rules;
2513
2514 /*
2515 * Peek for rcodes.
2516 */
2517 slen = tokenize_rcode(head, &node, &our_in, p_rules->terminals);
2518 if (slen < 0) FR_SBUFF_ERROR_RETURN(&our_in);
2519
2520 if (slen > 0) {
2521 fr_assert(node != NULL);
2522 goto done;
2523 }
2525
2526 default:
2527 slen = xlat_tokenize_word(head, &node, &our_in, quote, p_rules, &our_t_rules);
2528 if (slen <= 0) FR_SBUFF_ERROR_RETURN(&our_in);
2529
2530 fr_assert(node != NULL);
2531 break;
2532 }
2533
2534 /*
2535 * Cast value-box.
2536 */
2537 if (node->type == XLAT_BOX) {
2538 if (cast_type != FR_TYPE_NULL) {
2539 if (node->data.type != cast_type) {
2540 if (fr_value_box_cast_in_place(node, &node->data, cast_type, NULL) < 0) goto error;
2541 }
2542
2543 cast_type = FR_TYPE_NULL;
2544 }
2545 }
2546
2547 /*
2548 * Something other than a tmpl, we can just return.
2549 */
2550 if (node->type != XLAT_TMPL) {
2551 xlat_exp_set_name(node, fr_sbuff_current(&opand_m), fr_sbuff_behind(&opand_m));
2552 goto done;
2553 }
2554
2555 vpt = node->vpt;
2556
2557 /*
2558 * The tmpl has a cast, and it's the same as the explicit cast we were given, we can sometimes
2559 * discard the explicit cast.
2560 */
2561 if (cast_type != FR_TYPE_NULL) {
2562 if (tmpl_rules_cast(vpt) == cast_type) {
2563 fr_assert(0);
2564 cast_type = FR_TYPE_NULL;
2565
2566 } else if (tmpl_is_attr(vpt)) {
2567 fr_dict_attr_t const *da;
2568
2570
2571 da = tmpl_attr_tail_da(vpt); /* could be a list! */
2572
2573 /*
2574 * Set the cast for attributes. Note that tmpl_cast_set() will take care of
2575 * suppressing redundant casts. But it still allows (uint32)&Service-Type,
2576 * which means "return the raw value", and not "return enum name".
2577 */
2578 if (da) {
2579 if (tmpl_cast_set(vpt, cast_type) < 0) {
2580 error:
2581 fr_sbuff_set(&our_in, &opand_m);
2582 talloc_free(node);
2583 FR_SBUFF_ERROR_RETURN(&our_in);
2584 }
2585
2586 cast_type = FR_TYPE_NULL;
2587
2588 } else { /* it's something like &reply. */
2589 fr_assert(0);
2590 }
2591
2592 } else if (tmpl_is_data(vpt)) {
2594
2595 /*
2596 * Omit our cast type if the data is already of the right type.
2597 *
2598 * Otherwise if we have a cast, then convert the data now, and then reset the
2599 * cast_type to nothing. This work allows for better errors at startup, and
2600 * minimizes run-time work.
2601 */
2602 if (tmpl_value_type(vpt) == cast_type) {
2603 cast_type = FR_TYPE_NULL;
2604
2605 } else if (tmpl_cast_in_place(vpt, cast_type, enumv) < 0) {
2606 fr_sbuff_set(&our_in, &opand_m);
2607 goto error;
2608
2609 } else {
2610 /*
2611 * We've parsed the data as the new data type, so we don't need any more
2612 * casting.
2613 */
2614 cast_type = FR_TYPE_NULL;
2615 }
2616
2617 } else if (tmpl_contains_xlat(vpt)) {
2618 /*
2619 * (string) "foo %{...}" is redundant. Drop the cast.
2620 */
2621 if ((cast_type == FR_TYPE_STRING) && (vpt->quote != T_BARE_WORD)) {
2623 cast_type = FR_TYPE_NULL;
2624
2625 } else {
2626 /*
2627 * Push the cast to the tmpl.
2628 */
2629 tmpl_cast_set(vpt, cast_type);
2630 cast_type = FR_TYPE_NULL;
2631 }
2632
2633 } else if (tmpl_is_attr_unresolved(vpt)) {
2635
2636 } else if (tmpl_is_data_unresolved(vpt)) {
2637 fr_assert(0);
2638
2639 fr_assert(quote == T_BARE_WORD);
2640 fr_strerror_const("Failed parsing input");
2641 fr_sbuff_set(&our_in, &opand_m);
2642 goto error;
2643
2644 } else {
2645 /*
2646 * Regex? Or something else weird?
2647 */
2648 tmpl_debug(vpt);
2649 fr_assert(0);
2650 }
2651 }
2652
2654
2655done:
2656 /*
2657 * If there is a cast, then reparent the node with a cast wrapper.
2658 */
2659 if (cast_type != FR_TYPE_NULL) {
2660 xlat_exp_t *cast;
2661
2662 MEM(cast = expr_cast_alloc(head, cast_type, node));
2663 node = cast;
2664 }
2665
2666 *out = node;
2667
2668 fr_sbuff_skip_whitespace(&our_in);
2669 FR_SBUFF_SET_RETURN(in, &our_in);
2670}
2671
2672/*
2673 * A mapping of operators to tokens.
2674 */
2676 { L("!="), T_OP_NE },
2677 { L("!=="), T_OP_CMP_NE_TYPE },
2678
2679 { L("&"), T_AND },
2680 { L("&&"), T_LAND },
2681 { L("*"), T_MUL },
2682 { L("+"), T_ADD },
2683 { L("-"), T_SUB },
2684 { L("/"), T_DIV },
2685 { L("%"), T_MOD },
2686 { L("^"), T_XOR },
2687
2688 { L("|"), T_OR },
2689 { L("||"), T_LOR },
2690
2691 { L("<"), T_OP_LT },
2692 { L("<<"), T_LSHIFT },
2693 { L("<="), T_OP_LE },
2694
2695 { L("="), T_OP_EQ },
2696 { L("=="), T_OP_CMP_EQ },
2697 { L("==="), T_OP_CMP_EQ_TYPE },
2698
2699 { L("=~"), T_OP_REG_EQ },
2700 { L("!~"), T_OP_REG_NE },
2701
2702 { L(">"), T_OP_GT },
2703 { L(">="), T_OP_GE },
2704 { L(">>"), T_RSHIFT },
2705
2706};
2708
2709static bool valid_type(xlat_exp_t *node)
2710{
2711 fr_dict_attr_t const *da;
2712
2713#ifdef STATIC_ANALYZER
2714 if (!node) return false;
2715#endif
2716
2717 if (node->type != XLAT_TMPL) return true;
2718
2719 if (tmpl_is_list(node->vpt)) {
2720 list:
2721 fr_strerror_const("Cannot use list references in condition");
2722 return false;
2723 }
2724
2725 if (!tmpl_is_attr(node->vpt)) return true;
2726
2727 da = tmpl_attr_tail_da(node->vpt);
2728 if (fr_type_is_structural(da->type)) {
2729 if (da->dict == fr_dict_internal()) goto list;
2730
2731 fr_strerror_const("Cannot use structural types in condition");
2732 return false;
2733 }
2734
2735 return true;
2736}
2737
2738
2739/** Tokenize a mathematical operation.
2740 *
2741 * (EXPR)
2742 * !EXPR
2743 * A OP B
2744 *
2745 * If "out" is NULL then the expression is added to "head".
2746 * Otherwise, it's returned to the caller.
2747 */
2749 fr_sbuff_parse_rules_t const *p_rules, tmpl_rules_t const *t_rules,
2750 fr_token_t prev, fr_sbuff_parse_rules_t const *bracket_rules,
2751 fr_sbuff_parse_rules_t const *input_rules, bool cond)
2752{
2753 xlat_exp_t *lhs = NULL, *rhs, *node;
2754 xlat_t *func = NULL;
2755 fr_token_t op;
2756 ssize_t slen;
2757 fr_sbuff_marker_t m_lhs, m_op, m_rhs;
2758 fr_sbuff_t our_in = FR_SBUFF(in);
2759 char c = '\0';
2760
2762
2763 fr_sbuff_skip_whitespace(&our_in);
2764
2765 fr_sbuff_marker(&m_lhs, &our_in);
2766
2767 /*
2768 * Get the LHS of the operation.
2769 */
2770 slen = tokenize_unary(head, &lhs, &our_in, p_rules, t_rules, bracket_rules, &c, cond);
2771 if (slen <= 0) FR_SBUFF_ERROR_RETURN(&our_in);
2772
2773 if (slen == 0) {
2774 fr_assert(lhs == NULL);
2775 *out = NULL;
2776 FR_SBUFF_SET_RETURN(in, &our_in);
2777 }
2778
2779redo:
2780 rhs = NULL;
2781
2782 fr_sbuff_skip_whitespace(&our_in);
2783
2784 /*
2785 * No more input, we're done.
2786 */
2787 if (fr_sbuff_extend(&our_in) == 0) {
2788 done:
2789 /*
2790 * LHS may be NULL if the expression has spaces followed by a terminal character.
2791 */
2792 *out = lhs;
2793 FR_SBUFF_SET_RETURN(in, &our_in);
2794 }
2795
2796 /*
2797 * ')' is a terminal, even if we didn't expect it.
2798 * Because if we didn't expect it, then it's an error.
2799 *
2800 * If we did expect it, then we return whatever we found,
2801 * and let the caller eat the ')'.
2802 */
2803 if (fr_sbuff_is_char(&our_in, ')')) {
2804 if (!bracket_rules) {
2805 fr_strerror_printf("Unexpected ')'");
2806 FR_SBUFF_ERROR_RETURN(&our_in);
2807 }
2808
2809 goto done;
2810 }
2811 fr_sbuff_skip_whitespace(&our_in);
2812
2813 /*
2814 * We hit a terminal sequence, stop.
2815 */
2816 if (input_rules && fr_sbuff_is_terminal(&our_in, input_rules->terminals)) goto done;
2817
2818 /*
2819 * Remember where we were after parsing the LHS.
2820 */
2821 fr_sbuff_marker(&m_op, &our_in);
2822
2823 /*
2824 * Get the operator.
2825 */
2826 XLAT_DEBUG(" operator <-- %pV", fr_box_strvalue_len(fr_sbuff_current(&our_in), fr_sbuff_remaining(&our_in)));
2828 if ((op == T_INVALID) || !binary_ops[op].str) {
2829 fr_strerror_const("Invalid operator");
2830 fr_sbuff_set(&our_in, &m_op);
2831 talloc_free(lhs);
2832 FR_SBUFF_ERROR_RETURN(&our_in);
2833 }
2834
2835 /*
2836 * We can't (yet) do &list1 = &list2 + &list3
2837 */
2838 if (fr_binary_op[op] && t_rules->enumv && fr_type_is_structural(t_rules->enumv->type)) {
2839 fr_strerror_const("Invalid operator for structural attribute");
2840 fr_sbuff_set(&our_in, &m_op);
2841 talloc_free(lhs);
2842 FR_SBUFF_ERROR_RETURN(&our_in);
2843 }
2844
2845 fr_assert(precedence[op] != 0);
2846
2847 /*
2848 * a * b + c ... = (a * b) + c ...
2849 *
2850 * Feed the current expression to the caller, who will
2851 * take care of continuing.
2852 */
2853 if (precedence[op] <= precedence[prev]) {
2854 fr_sbuff_set(&our_in, &m_op);
2855 goto done;
2856 }
2857
2858 /*
2859 * &Foo and !&Foo are permitted as the LHS of || and &&
2860 */
2861 if (((c == '!') || (c == '~')) && (op != T_LAND) && (op != T_LOR)) {
2862 fr_strerror_printf("Operator '%c' is only applied to the left hand side of the '%s' operation, add (..) to evaluate the operation first", c, fr_tokens[op]);
2863 fail_lhs:
2864 fr_sbuff_set(&our_in, &m_lhs);
2865 FR_SBUFF_ERROR_RETURN(&our_in);
2866 }
2867
2868 fr_sbuff_skip_whitespace(&our_in);
2869 fr_sbuff_marker(&m_rhs, &our_in);
2870
2871 /*
2872 * We now parse the RHS, allowing a (perhaps different) cast on the RHS.
2873 */
2874 XLAT_DEBUG(" recurse RHS <-- %pV", fr_box_strvalue_len(fr_sbuff_current(&our_in), fr_sbuff_remaining(&our_in)));
2875 if ((op == T_OP_REG_EQ) || (op == T_OP_REG_NE)) {
2877
2878 /*
2879 * @todo - LHS shouldn't be anything else.
2880 */
2881 switch (lhs->type) {
2882 case XLAT_TMPL:
2883 type = tmpl_cast_get(lhs->vpt);
2884 if ((type != FR_TYPE_NULL) && (type != FR_TYPE_STRING)) {
2885 fr_strerror_const("Casts cannot be used with regular expressions");
2886 fr_sbuff_set(&our_in, &m_lhs);
2887 FR_SBUFF_ERROR_RETURN(&our_in);
2888 }
2889
2890 /*
2891 * Cast the LHS to a string, if it's not already one!
2892 */
2893 if (lhs->vpt->quote == T_BARE_WORD) tmpl_cast_set(lhs->vpt, FR_TYPE_STRING);
2894 break;
2895
2896 case XLAT_BOX:
2897 /*
2898 * 192.168.0.1 =~ /foo/
2899 *
2900 * Gets the LHS automatically converted to a string.
2901 */
2902 if (lhs->data.type != FR_TYPE_STRING) {
2903 if (fr_value_box_cast_in_place(lhs, &lhs->data, FR_TYPE_STRING, NULL) < 0) {
2904 fr_sbuff_set(&our_in, &m_lhs);
2905 FR_SBUFF_ERROR_RETURN(&our_in);
2906 }
2907 }
2908 break;
2909
2910 default:
2911 /*
2912 * @todo - if we hoist the LHS to a function instead of an xlat->tmpl->xlat, then
2913 * we can't cast the LHS to a string. OR, we have to manually add a lHS cast to
2914 * a string. Maybe we need to delay the LHS hoisting until such time as we know
2915 * it's safe.
2916 *
2917 * Also, hoisting a double-quoted xlat string to a _list_ of xlats is hard,
2918 * because we expect the LHS here to be one node. So perhaps the hoisting has to
2919 * be from an XLAT_TMPL to an XLAT_GROUP, which is still perhaps a bit of an
2920 * improvement.
2921 */
2922 break;
2923
2924 }
2925
2926 slen = tokenize_regex_rhs(head, &rhs, &our_in, t_rules, bracket_rules);
2927 } else {
2928 tmpl_rules_t our_t_rules = *t_rules;
2929
2930 /*
2931 * Pass the enumv down ONLY if the RHS name begins with "::".
2932 *
2933 * Otherwise, the terminal rules for expressions includes "-" and "+", both of which are
2934 * allowed in enum names. If we pass the enumv down to the next function, it will see
2935 * "Access-Accept", and then only parse "Access". Which is wrong.
2936 */
2937 if ((lhs->type == XLAT_TMPL) && tmpl_is_attr(lhs->vpt) &&
2938 fr_sbuff_is_str_literal(&our_in, "::")) {
2939 our_t_rules.enumv = tmpl_attr_tail_da(lhs->vpt);
2940 }
2941
2942 slen = tokenize_expression(head, &rhs, &our_in, p_rules, &our_t_rules, op, bracket_rules, input_rules, cond);
2943 }
2944 if (slen <= 0) {
2945 talloc_free(lhs);
2946 FR_SBUFF_ERROR_RETURN(&our_in);
2947 }
2948
2949 /*
2950 * The nested call to tokenize_expression() can return >=0 if there are spaces followed by a
2951 * terminal character.
2952 */
2953 if (!rhs) goto done;
2954
2955 func = xlat_func_find(binary_ops[op].str, binary_ops[op].len);
2956 fr_assert(func != NULL);
2957
2958 if (multivalue_ops[op]) {
2959 if ((lhs->type == XLAT_FUNC) && (lhs->call.func->token == op)) {
2960 xlat_func_append_arg(lhs, rhs, cond);
2961
2962 lhs->call.args->flags.can_purify |= rhs->flags.can_purify | rhs->flags.pure;
2963 lhs->flags.can_purify = lhs->call.args->flags.can_purify;
2964 goto redo;
2965 }
2966 goto purify;
2967 }
2968
2969 /*
2970 * Complain on comparisons between invalid data types.
2971 *
2972 * @todo - allow
2973 *
2974 * &structural == {}
2975 * &structural != {}
2976 *
2977 * as special cases, so we can check lists for emptiness.
2978 */
2979 if (fr_comparison_op[op]) {
2980 if (!valid_type(lhs)) goto fail_lhs;
2981 if (!valid_type(rhs)) {
2982 fr_sbuff_set(&our_in, &m_rhs);
2983 FR_SBUFF_ERROR_RETURN(&our_in);
2984 }
2985
2986 /*
2987 * Peephole optimization. If both LHS
2988 * and RHS are static values, then just call the
2989 * relevant condition code to get the result.
2990 */
2991 if (cond) {
2992 int rcode;
2993
2994 purify:
2995 rcode = xlat_purify_op(head, &node, lhs, op, rhs);
2996 if (rcode < 0) goto fail_lhs;
2997
2998 if (rcode) {
2999 lhs = node;
3000 goto redo;
3001 }
3002 }
3003 }
3004
3005 /*
3006 * Create the function node, with the LHS / RHS arguments.
3007 */
3008 MEM(node = xlat_exp_alloc(head, XLAT_FUNC, fr_tokens[op], strlen(fr_tokens[op])));
3009 xlat_exp_set_func(node, func, t_rules->attr.dict_def);
3010
3011 xlat_func_append_arg(node, lhs, logical_ops[op] && cond);
3012 xlat_func_append_arg(node, rhs, logical_ops[op] && cond);
3013
3014 fr_assert(xlat_exp_head(node->call.args) != NULL);
3015
3016 /*
3017 * Logical operations can be purified if ANY of their arguments can be purified.
3018 */
3019 if (logical_ops[op]) {
3020 xlat_exp_foreach(node->call.args, arg) {
3021 node->call.args->flags.can_purify |= arg->flags.can_purify | arg->flags.pure;
3022 if (node->call.args->flags.can_purify) break;
3023 }
3024 node->flags.can_purify = node->call.args->flags.can_purify;
3025
3026 } else {
3027 node->flags.can_purify = (node->call.func->flags.pure && node->call.args->flags.pure) | node->call.args->flags.can_purify;
3028 }
3029
3030 lhs = node;
3031 goto redo;
3032}
3033
3035 L(""),
3036 L(")"),
3037);
3038
3040 L("\t"),
3041 L("\n"),
3042 L("\r"),
3043 L(" "),
3044 L("!"),
3045 L("%"),
3046 L("&"),
3047 L("*"),
3048 L("+"),
3049 L("-"),
3050 L("/"),
3051 L("<"),
3052 L("="),
3053 L(">"),
3054 L("^"),
3055 L("|"),
3056 L("~"),
3057);
3058
3060 fr_sbuff_parse_rules_t const *p_rules, tmpl_rules_t const *t_rules, bool cond)
3061{
3062 fr_slen_t slen;
3063 fr_sbuff_parse_rules_t *bracket_rules = NULL;
3064 fr_sbuff_parse_rules_t *terminal_rules = NULL;
3065 tmpl_rules_t my_rules = { };
3067 xlat_exp_t *node = NULL;
3068
3069 /*
3070 * Whatever the caller passes, ensure that we have a
3071 * terminal rule which ends on operators, and a terminal
3072 * rule which ends on ')'.
3073 */
3074 MEM(bracket_rules = talloc_zero(ctx, fr_sbuff_parse_rules_t));
3075 MEM(terminal_rules = talloc_zero(ctx, fr_sbuff_parse_rules_t));
3076 if (p_rules) {
3077 *bracket_rules = *p_rules;
3078 *terminal_rules = *p_rules;
3079
3080 if (p_rules->terminals) {
3081 MEM(terminal_rules->terminals = fr_sbuff_terminals_amerge(terminal_rules,
3082 p_rules->terminals,
3083 &operator_terms));
3084 } else {
3085 terminal_rules->terminals = &operator_terms;
3086 }
3087 } else {
3088 terminal_rules->terminals = &operator_terms;
3089 }
3090 MEM(bracket_rules->terminals = fr_sbuff_terminals_amerge(bracket_rules,
3091 terminal_rules->terminals,
3092 &bracket_terms));
3093
3095 if (!t_rules) t_rules = &my_rules;
3096
3097 slen = tokenize_expression(head, &node, in, terminal_rules, t_rules, T_INVALID, bracket_rules, p_rules, cond);
3098 talloc_free(bracket_rules);
3099 talloc_free(terminal_rules);
3100
3101 if (slen <= 0) {
3103 return slen;
3104 }
3105
3106 if (!node) {
3107 *out = head;
3108 return slen;
3109 }
3110
3111 /*
3112 * If the tmpl is not resolved, then it refers to an attribute which doesn't exist. That's an
3113 * error.
3114 */
3115 if (node->type == XLAT_TMPL) {
3116 if (tmpl_is_data_unresolved(node->vpt)) {
3117 fr_strerror_const("Unknown attribute");
3118 return -1;
3119 }
3120
3121 /*
3122 * Convert raw existence checks to existence functions.
3123 */
3124 if (tmpl_contains_attr(node->vpt)) {
3125 if (cond) MEM(node = xlat_exists_alloc(head, node));
3126 }
3127 }
3128
3130
3131 *out = head;
3132 return slen;
3133}
3134
3136 fr_sbuff_parse_rules_t const *p_rules, tmpl_rules_t const *t_rules)
3137{
3138 fr_slen_t slen;
3139
3140 slen = xlat_tokenize_expression_internal(ctx, out, in, p_rules, t_rules, false);
3141 if (slen < 0) return slen;
3142
3143#ifdef STATIC_ANALYZER
3144 /*
3145 * Coverity doesn't realise that out will be set by this point
3146 * by a successful call to xlat_tokenize_expression_internal.
3147 */
3148 if (!out) return -1;
3149#endif
3150 if (!*out) {
3151 fr_strerror_const("Empty expressions are invalid");
3152 return -1;
3153 }
3154
3155 if (xlat_finalize(*out, t_rules->xlat.runtime_el) < 0) {
3156 TALLOC_FREE(*out);
3157 return -1;
3158 }
3159
3160 return slen;
3161}
3162
3164 fr_sbuff_parse_rules_t const *p_rules, tmpl_rules_t const *t_rules)
3165{
3166 fr_slen_t slen;
3167
3168 slen = xlat_tokenize_expression_internal(ctx, out, in, p_rules, t_rules, true);
3169 if (slen < 0) return slen;
3170
3171#ifdef STATIC_ANALYZER
3172 if (!out) return -1;
3173#endif
3174 if (!*out) {
3175 fr_strerror_const("Empty conditions are invalid");
3176 return -1;
3177 }
3178
3179 if (xlat_finalize(*out, t_rules->xlat.runtime_el) < 0) {
3180 TALLOC_FREE(*out);
3181 return -1;
3182 }
3183
3184 return slen;
3185}
3186
3187/** Allow callers to see if an xlat is truthy
3188 *
3189 * So the caller can cache it, and needs to check fewer things at run
3190 * time.
3191 *
3192 * @param[in] head of the xlat to check
3193 * @param[out] out truthiness of the box
3194 * @return
3195 * - false - xlat is not truthy, *out is unchanged.
3196 * - true - xlat is truthy, *out is the result of fr_value_box_is_truthy()
3197 */
3199{
3200 xlat_exp_t const *node;
3201 fr_value_box_t const *box;
3202
3203 /*
3204 * Only pure / constant things can be truthy.
3205 */
3206 if (!head->flags.pure) goto return_false;
3207
3208 node = xlat_exp_head(head);
3209 if (!node) {
3210 *out = false;
3211 return true;
3212 }
3213
3214 if (xlat_exp_next(head, node)) goto return_false;
3215
3216 if (node->type == XLAT_BOX) {
3217 box = &node->data;
3218
3219 } else if ((node->type == XLAT_TMPL) && tmpl_is_data(node->vpt)) {
3220 box = tmpl_value(node->vpt);
3221
3222 } else {
3223 return_false:
3224 *out = false;
3225 return false;
3226 }
3227
3229 return true;
3230}
va_list args
Definition acutest.h:770
#define UNCONST(_type, _ptr)
Remove const qualification from a pointer.
Definition build.h:167
#define RCSID(id)
Definition build.h:485
#define L(_str)
Helper for initialising arrays of string literals.
Definition build.h:209
#define FALL_THROUGH
clang 10 doesn't recognised the FALL-THROUGH comment anymore
Definition build.h:324
#define unlikely(_x)
Definition build.h:383
#define UNUSED
Definition build.h:317
#define NUM_ELEMENTS(_t)
Definition build.h:339
int fr_value_calc_list_cmp(TALLOC_CTX *ctx, fr_value_box_t *dst, fr_value_box_list_t const *list1, fr_token_t op, fr_value_box_list_t const *list2)
Definition calc.c:2647
int fr_value_calc_binary_op(TALLOC_CTX *ctx, fr_value_box_t *dst, fr_type_t hint, fr_value_box_t const *a, fr_token_t op, fr_value_box_t const *b)
Calculate DST = A OP B.
Definition calc.c:1924
int fr_value_calc_unary_op(TALLOC_CTX *ctx, fr_value_box_t *dst, fr_token_t op, fr_value_box_t const *src)
Calculate unary operations.
Definition calc.c:2481
static int fr_dcursor_append(fr_dcursor_t *cursor, void *v)
Insert a single item at the end of the list.
Definition dcursor.h:408
#define MEM(x)
Definition debug.h:36
#define ERROR(fmt,...)
Definition dhcpclient.c:41
bool const fr_dict_attr_allowed_chars[UINT8_MAX+1]
Characters that are allowed in dictionary attribute names.
Definition dict_util.c:47
fr_dict_t const * fr_dict_internal(void)
Definition dict_util.c:4654
static fr_slen_t in
Definition dict.h:841
static void * fr_dlist_remove(fr_dlist_head_t *list_head, void *ptr)
Remove an item from the list.
Definition dlist.h:638
static unsigned int fr_dlist_num_elements(fr_dlist_head_t const *head)
Return the number of elements in the dlist.
Definition dlist.h:939
static void * fr_dlist_pop_head(fr_dlist_head_t *list_head)
Remove the head item in a list.
Definition dlist.h:672
static int fr_dlist_insert_tail(fr_dlist_head_t *list_head, void *ptr)
Insert an item into the tail of a list.
Definition dlist.h:378
static xlat_action_t xlat_func_rcode(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, UNUSED fr_value_box_list_t *args)
Return the current rcode as a string.
Definition xlat_expr.c:1678
static xlat_action_t xlat_func_exists(TALLOC_CTX *ctx, fr_dcursor_t *out, xlat_ctx_t const *xctx, request_t *request, UNUSED fr_value_box_list_t *in)
See if a named attribute exists.
Definition xlat_expr.c:1785
static xlat_action_t xlat_func_expr_rcode(TALLOC_CTX *ctx, fr_dcursor_t *out, xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *args)
Match the passed rcode against request->rcode.
Definition xlat_expr.c:1621
TALLOC_CTX * unlang_interpret_frame_talloc_ctx(request_t *request)
Get a talloc_ctx which is valid only for this frame.
Definition interpret.c:1655
#define UNLANG_SUB_FRAME
Definition interpret.h:37
#define RDEBUG3(fmt,...)
Definition log.h:343
#define RPEDEBUG(fmt,...)
Definition log.h:376
talloc_free(reap)
fr_type_t
@ FR_TYPE_INT8
8 Bit signed integer.
@ FR_TYPE_STRING
String of printable characters.
@ FR_TYPE_NULL
Invalid (uninitialised) attribute type.
@ FR_TYPE_UINT16
16 Bit unsigned integer.
@ FR_TYPE_INT64
64 Bit signed integer.
@ FR_TYPE_INT16
16 Bit signed integer.
@ FR_TYPE_UINT8
8 Bit unsigned integer.
@ FR_TYPE_UINT32
32 Bit unsigned integer.
@ FR_TYPE_INT32
32 Bit signed integer.
@ FR_TYPE_UINT64
64 Bit unsigned integer.
@ FR_TYPE_VOID
User data.
@ FR_TYPE_BOOL
A truth value.
@ FR_TYPE_SIZE
Unsigned integer capable of representing any memory address on the local system.
@ FR_TYPE_OCTETS
Raw octets.
@ FR_TYPE_GROUP
A grouping of other attributes.
unsigned int uint32_t
long int ssize_t
ssize_t fr_slen_t
#define fr_assert(_expr)
Definition rad_assert.h:38
static bool done
Definition radclient.c:81
#define REDEBUG(fmt,...)
Definition radclient.h:52
#define RDEBUG(fmt,...)
Definition radclient.h:53
fr_table_num_sorted_t const rcode_table[]
Definition rcode.c:35
rlm_rcode_t
Return codes indicating the result of the module call.
Definition rcode.h:40
@ RLM_MODULE_NOT_SET
Error resolving rcode (should not be returned by modules).
Definition rcode.h:41
@ RLM_MODULE_NUMCODES
How many valid return codes there are.
Definition rcode.h:53
static char const * name
bool fr_sbuff_is_terminal(fr_sbuff_t *in, fr_sbuff_term_t const *tt)
Efficient terminal string search.
Definition sbuff.c:2185
fr_sbuff_term_t * fr_sbuff_terminals_amerge(TALLOC_CTX *ctx, fr_sbuff_term_t const *a, fr_sbuff_term_t const *b)
Merge two sets of terminal strings.
Definition sbuff.c:647
bool fr_sbuff_next_if_char(fr_sbuff_t *sbuff, char c)
Return true if the current char matches, and if it does, advance.
Definition sbuff.c:2121
#define fr_sbuff_start(_sbuff_or_marker)
#define fr_sbuff_out_by_longest_prefix(_match_len, _out, _table, _sbuff, _def)
#define fr_sbuff_is_str_literal(_sbuff, _str)
#define FR_SBUFF_IN_CHAR_RETURN(_sbuff,...)
#define fr_sbuff_set(_dst, _src)
#define fr_sbuff_diff(_a, _b)
#define fr_sbuff_adv_past_whitespace(_sbuff, _len, _tt)
#define fr_sbuff_current(_sbuff_or_marker)
#define fr_sbuff_char(_sbuff_or_marker, _eob)
#define FR_SBUFF_TERMS(...)
Initialise a terminal structure with a list of sorted strings.
Definition sbuff.h:192
#define FR_SBUFF_IN_STRCPY_LITERAL_RETURN(_sbuff, _str)
#define fr_sbuff_extend(_sbuff_or_marker)
#define fr_sbuff_used_total(_sbuff_or_marker)
#define FR_SBUFF_RETURN(_func, _sbuff,...)
#define fr_sbuff_is_char(_sbuff_or_marker, _c)
#define FR_SBUFF_ERROR_RETURN(_sbuff_or_marker)
#define FR_SBUFF_SET_RETURN(_dst, _src)
#define fr_sbuff_is_digit(_sbuff_or_marker)
#define FR_SBUFF(_sbuff_or_marker)
#define fr_sbuff_advance(_sbuff_or_marker, _len)
#define fr_sbuff_remaining(_sbuff_or_marker)
#define fr_sbuff_used(_sbuff_or_marker)
#define fr_sbuff_behind(_sbuff_or_marker)
#define FR_SBUFF_IN_STRCPY_RETURN(...)
#define FR_SBUFF_TALLOC_THREAD_LOCAL(_out, _init, _max)
Terminal element with pre-calculated lengths.
Definition sbuff.h:161
Set of terminal elements.
#define tmpl_contains_xlat(vpt)
Definition tmpl.h:227
#define tmpl_is_attr_unresolved(vpt)
Definition tmpl.h:219
int tmpl_resolve(tmpl_t *vpt, tmpl_res_rules_t const *tr_rules))
Attempt to resolve functions and attributes in xlats and attribute references.
#define tmpl_value(_tmpl)
Definition tmpl.h:937
#define tmpl_contains_regex(vpt)
Definition tmpl.h:226
#define tmpl_is_attr(vpt)
Definition tmpl.h:208
fr_dict_attr_t const * enumv
Enumeration attribute used to resolve enum values.
Definition tmpl.h:338
#define tmpl_xlat(_tmpl)
Definition tmpl.h:930
#define tmpl_rules_cast(_tmpl)
Definition tmpl.h:942
#define tmpl_contains_attr(vpt)
Definition tmpl.h:225
ssize_t tmpl_afrom_substr(TALLOC_CTX *ctx, tmpl_t **out, fr_sbuff_t *in, fr_token_t quote, fr_sbuff_parse_rules_t const *p_rules, tmpl_rules_t const *t_rules))
Convert an arbitrary string into a tmpl_t.
tmpl_xlat_rules_t xlat
Rules/data for parsing xlats.
Definition tmpl.h:336
static bool tmpl_is_list(tmpl_t const *vpt)
Definition tmpl.h:920
int tmpl_cast_in_place(tmpl_t *vpt, fr_type_t type, fr_dict_attr_t const *enumv))
Convert tmpl_t of type TMPL_TYPE_DATA_UNRESOLVED or TMPL_TYPE_DATA to TMPL_TYPE_DATA of type specifie...
#define tmpl_is_data(vpt)
Definition tmpl.h:206
void tmpl_debug(tmpl_t const *vpt)
static fr_slen_t vpt
Definition tmpl.h:1269
#define tmpl_value_type(_tmpl)
Definition tmpl.h:939
static fr_type_t tmpl_cast_get(tmpl_t *vpt)
Definition tmpl.h:1218
#define tmpl_is_data_unresolved(vpt)
Definition tmpl.h:217
fr_type_t cast
Whether there was an explicit cast.
Definition tmpl.h:340
tmpl_attr_rules_t attr
Rules/data for parsing attribute references.
Definition tmpl.h:335
static fr_dict_attr_t const * tmpl_attr_tail_da(tmpl_t const *vpt)
Return the last attribute reference da.
Definition tmpl.h:801
struct tmpl_res_rules_s tmpl_res_rules_t
Definition tmpl.h:237
#define tmpl_is_regex(vpt)
Definition tmpl.h:213
fr_dict_attr_t const * enumv
for resolving T_BARE_WORD
Definition tmpl.h:373
fr_event_list_t * runtime_el
The eventlist to use for runtime instantiation of xlats.
Definition tmpl.h:324
#define tmpl_needs_resolving(vpt)
Definition tmpl.h:223
int tmpl_cast_set(tmpl_t *vpt, fr_type_t type)
Set a cast for a tmpl.
Similar to tmpl_rules_t, but used to specify parameters that may change during subsequent resolution ...
Definition tmpl.h:364
Optional arguments passed to vp_tmpl functions.
Definition tmpl.h:332
static void xor(char *out, char *in1, char *in2, int n)
Definition smbdes.c:183
static void lshift(char *d, int count, int n)
Definition smbdes.c:165
eap_aka_sim_process_conf_t * inst
fr_aka_sim_id_type_t type
fr_pair_t * vp
uint8_t allow_unresolved
Allow attributes that look valid but were not found in the dictionaries.
Definition tmpl.h:304
fr_dict_t const * dict_def
Default dictionary to use with unqualified attribute references.
Definition tmpl.h:273
Stores an attribute, a value and various bits of other data.
Definition pair.h:68
#define fr_table_value_by_str(_table, _name, _def)
Convert a string to a value using a sorted or ordered table.
Definition table.h:653
#define fr_table_str_by_value(_table, _number, _def)
Convert an integer to a string.
Definition table.h:772
An element in an arbitrarily ordered array of name to num mappings.
Definition table.h:57
An element in a lexicographically sorted array of name to num mappings.
Definition table.h:49
#define talloc_get_type_abort_const
Definition talloc.h:287
static int talloc_const_free(void const *ptr)
Free const'd memory.
Definition talloc.h:229
void tmpl_dcursor_clear(tmpl_dcursor_ctx_t *cc)
Clear any temporary state allocations.
#define tmpl_dcursor_init(_err, _ctx, _cc, _cursor, _request, _vpt)
Maintains state between cursor calls.
const char fr_token_quote[T_TOKEN_LAST]
Convert tokens back to a quoting character.
Definition token.c:157
char const * fr_tokens[T_TOKEN_LAST]
Definition token.c:79
const bool fr_comparison_op[T_TOKEN_LAST]
Definition token.c:199
const bool fr_binary_op[T_TOKEN_LAST]
Definition token.c:217
enum fr_token fr_token_t
@ T_AND
Definition token.h:55
@ T_INVALID
Definition token.h:39
@ T_SUB
Definition token.h:52
@ T_RSHIFT
Definition token.h:62
@ T_NOT
Definition token.h:57
@ T_XOR
Definition token.h:58
@ T_DIV
Definition token.h:54
@ T_SINGLE_QUOTED_STRING
Definition token.h:122
@ T_MOD
Definition token.h:60
@ T_BARE_WORD
Definition token.h:120
@ T_OP_EQ
Definition token.h:83
@ T_LAND
Definition token.h:91
@ T_COMPLEMENT
Definition token.h:59
@ T_ADD
Definition token.h:51
@ T_BACK_QUOTED_STRING
Definition token.h:123
@ T_OP_NE
Definition token.h:97
@ T_LOR
Definition token.h:92
@ T_LSHIFT
Definition token.h:63
@ T_OP_REG_EQ
Definition token.h:102
@ T_OP_CMP_EQ_TYPE
Definition token.h:107
@ T_DOUBLE_QUOTED_STRING
Definition token.h:121
@ T_OP_CMP_EQ
Definition token.h:106
@ T_LBRACE
Definition token.h:43
@ T_MUL
Definition token.h:53
@ T_OP_LE
Definition token.h:100
@ T_OP_CMP_NE_TYPE
Definition token.h:108
@ T_OP_GE
Definition token.h:98
@ T_OP_GT
Definition token.h:99
@ T_SOLIDUS_QUOTED_STRING
Definition token.h:124
@ T_OP_LT
Definition token.h:101
@ T_OP_REG_NE
Definition token.h:103
@ T_OR
Definition token.h:56
#define T_TOKEN_LAST
Definition token.h:129
xlat_action_t unlang_xlat_yield(request_t *request, xlat_func_t resume, xlat_func_signal_t signal, fr_signal_t sigmask, void *rctx)
Yield a request back to the interpreter from within a module.
Definition xlat.c:548
int unlang_xlat_push(TALLOC_CTX *ctx, unlang_result_t *p_result, fr_value_box_list_t *out, request_t *request, xlat_exp_head_t const *xlat, bool top_frame)
Push a pre-compiled xlat onto the stack for evaluation.
Definition xlat.c:270
tmpl_res_rules_t const * tr_rules
tmpl resolution rules.
Definition xlat.h:165
fr_type_t type
Type to cast argument to.
Definition xlat.h:155
fr_slen_t xlat_print(fr_sbuff_t *in, xlat_exp_head_t const *node, fr_sbuff_escape_rules_t const *e_rules)
Reconstitute an xlat expression from its constituent nodes.
static fr_slen_t head
Definition xlat.h:420
#define XLAT_RESULT_SUCCESS(_p_result)
Definition xlat.h:503
static fr_slen_t xlat_aprint(TALLOC_CTX *ctx, char **out, xlat_exp_head_t const *head, fr_sbuff_escape_rules_t const *e_rules) 1(xlat_print
uint8_t required
Argument must be present, and non-empty.
Definition xlat.h:146
int xlat_purify_op(TALLOC_CTX *ctx, xlat_exp_t **out, xlat_exp_t *lhs, fr_token_t op, xlat_exp_t *rhs)
xlat_action_t(* xlat_func_t)(TALLOC_CTX *ctx, fr_dcursor_t *out, xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *in)
xlat callback function
Definition xlat.h:232
#define XLAT_ARGS(_list,...)
Populate local variables with value boxes from the input list.
Definition xlat.h:383
int xlat_flatten_to_argv(TALLOC_CTX *ctx, xlat_exp_head_t ***argv, xlat_exp_head_t *head)
Turn am xlat list into an argv[] array, and nuke the input list.
Definition xlat_eval.c:1849
uint8_t concat
Concat boxes together.
Definition xlat.h:147
uint8_t needs_resolving
Needs pass2 resolution.
Definition xlat.h:109
#define XLAT_VERIFY(_node)
Definition xlat.h:466
uint8_t can_purify
if the xlat has a pure function with pure arguments.
Definition xlat.h:112
uint8_t pure
has no external side effects, true for BOX, LITERAL, and some functions
Definition xlat.h:110
int xlat_resolve(xlat_exp_head_t *head, xlat_res_rules_t const *xr_rules)
Walk over an xlat tree recursively, resolving any unresolved functions or references.
#define XLAT_ARG_PARSER_TERMINATOR
Definition xlat.h:170
int xlat_finalize(xlat_exp_head_t *head, fr_event_list_t *runtime_el)
Bootstrap static xlats, or instantiate ephemeral ones.
Definition xlat_inst.c:693
xlat_action_t
Definition xlat.h:37
@ XLAT_ACTION_FAIL
An xlat function failed.
Definition xlat.h:44
@ XLAT_ACTION_YIELD
An xlat function pushed a resume frame onto the stack.
Definition xlat.h:42
@ XLAT_ACTION_PUSH_UNLANG
An xlat function pushed an unlang frame onto the unlang stack.
Definition xlat.h:39
@ XLAT_ACTION_DONE
We're done evaluating this level of nesting.
Definition xlat.h:43
uint8_t constant
xlat is just tmpl_attr_tail_data, or XLAT_BOX
Definition xlat.h:114
int xlat_instance_unregister_func(xlat_exp_t *node)
Remove a node from the list of xlat instance data.
Definition xlat_inst.c:548
Definition for a single argument consumend by an xlat function.
Definition xlat.h:145
Flags that control resolution and evaluation.
Definition xlat.h:108
static fr_slen_t parent
Definition pair.h:839
#define fr_strerror_printf(_fmt,...)
Log to thread local error buffer.
Definition strerror.h:64
#define fr_strerror_const(_msg)
Definition strerror.h:223
fr_table_num_ordered_t const fr_type_table[]
Map data types to names representing those types.
Definition types.c:31
#define fr_type_is_variable_size(_x)
Definition types.h:384
#define fr_type_is_structural(_x)
Definition types.h:388
#define fr_type_is_null(_x)
Definition types.h:343
#define fr_type_is_leaf(_x)
Definition types.h:389
static char const * fr_type_to_str(fr_type_t type)
Return a static string containing the type name.
Definition types.h:450
ssize_t fr_value_box_list_concat_as_string(fr_value_box_t *safety, fr_sbuff_t *sbuff, fr_value_box_list_t *list, char const *sep, size_t sep_len, fr_sbuff_escape_rules_t const *e_rules, fr_value_box_list_action_t proc_action, fr_value_box_safe_for_t safe_for, bool flatten)
Concatenate a list of value boxes together.
Definition value.c:5731
fr_sbuff_parse_rules_t const * value_parse_rules_quoted[T_TOKEN_LAST]
Parse rules for quoted strings.
Definition value.c:605
int fr_value_box_copy(TALLOC_CTX *ctx, fr_value_box_t *dst, const fr_value_box_t *src)
Copy value data verbatim duplicating any buffers.
Definition value.c:3962
bool fr_value_box_is_truthy(fr_value_box_t const *in)
Check truthiness of values.
Definition value.c:6585
int fr_value_box_cast_in_place(TALLOC_CTX *ctx, fr_value_box_t *vb, fr_type_t dst_type, fr_dict_attr_t const *dst_enumv)
Convert one type of fr_value_box_t to another in place.
Definition value.c:3790
void fr_value_box_memdup_shallow(fr_value_box_t *dst, fr_dict_attr_t const *enumv, uint8_t const *src, size_t len, bool tainted)
Assign a buffer to a box, but don't copy it.
Definition value.c:4698
int fr_value_box_strdup(TALLOC_CTX *ctx, fr_value_box_t *dst, fr_dict_attr_t const *enumv, char const *src, bool tainted)
Copy a nul terminated string to a fr_value_box_t.
Definition value.c:4156
void fr_value_box_strdup_shallow(fr_value_box_t *dst, fr_dict_attr_t const *enumv, char const *src, bool tainted)
Assign a buffer containing a nul terminated string to a box, but don't copy it.
Definition value.c:4265
void fr_value_box_safety_copy(fr_value_box_t *out, fr_value_box_t const *in)
Copy the safety values from one box to another.
Definition value.c:6525
void fr_value_box_clear(fr_value_box_t *data)
Clear/free any existing value and metadata.
Definition value.c:3945
int fr_value_box_bstrndup(TALLOC_CTX *ctx, fr_value_box_t *dst, fr_dict_attr_t const *enumv, char const *src, size_t len, bool tainted)
Copy a string to to a fr_value_box_t.
Definition value.c:4377
@ FR_VALUE_BOX_LIST_FREE_BOX
Free each processed box.
Definition value.h:234
#define fr_value_box_alloc(_ctx, _type, _enumv)
Allocate a value box of a specific type.
Definition value.h:640
#define fr_value_box_mark_safe_for(_box, _safe_for)
Definition value.h:1071
#define fr_box_strvalue_len(_val, _len)
Definition value.h:305
#define VALUE_BOX_LIST_VERIFY(_x)
Definition value.h:1319
int nonnull(2, 5))
#define fr_value_box_alloc_null(_ctx)
Allocate a value box for later use with a value assignment function.
Definition value.h:651
#define fr_value_box_init(_vb, _type, _enumv, _tainted)
Initialise a fr_value_box_t.
Definition value.h:606
#define fr_value_box_list_foreach(_list_head, _iter)
Definition value.h:222
static size_t char ** out
Definition value.h:1020
#define FR_VALUE_BOX_SAFE_FOR_ANY
Definition value.h:171
void xlat_exp_set_vpt(xlat_exp_t *node, tmpl_t *vpt)
Set the tmpl for a node, along with flags and the name.
Definition xlat_alloc.c:252
void xlat_exp_set_name(xlat_exp_t *node, char const *fmt, size_t len)
Set the format string for an xlat node.
Definition xlat_alloc.c:308
void xlat_exp_set_func(xlat_exp_t *node, xlat_t const *func, fr_dict_t const *dict)
Set the function for a node.
Definition xlat_alloc.c:274
void xlat_exp_set_name_shallow(xlat_exp_t *node, char const *fmt)
Set the format string for an xlat node from a pre-existing buffer.
Definition xlat_alloc.c:338
void * rctx
Resume context.
Definition xlat_ctx.h:54
xlat_exp_t * ex
Tokenized expression to use in expansion.
Definition xlat_ctx.h:64
void const * inst
xlat instance data.
Definition xlat_ctx.h:50
void * inst
xlat instance data to populate.
Definition xlat_ctx.h:63
An xlat calling ctx.
Definition xlat_ctx.h:49
An xlat instantiation ctx.
Definition xlat_ctx.h:62
fr_dict_attr_t const * attr_expr_bool_enum
Definition xlat_eval.c:44
fr_dict_attr_t const * attr_cast_base
Definition xlat_eval.c:45
static xlat_action_t xlat_func_regex_search(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *in)
Definition xlat_expr.c:836
tmpl_t const * vpt
the attribute reference
Definition xlat_expr.c:1698
#define fr_sbuff_skip_whitespace(_x)
Definition xlat_expr.c:2043
static size_t const expr_assignment_op_table_len
Definition xlat_expr.c:2707
static fr_slen_t xlat_expr_print_binary(fr_sbuff_t *out, xlat_exp_t const *node, UNUSED void *inst, fr_sbuff_escape_rules_t const *e_rules)
Definition xlat_expr.c:151
#define XLAT_REGISTER_BOOL(_xlat, _func, _arg, _ret_type)
Definition xlat_expr.c:1842
static fr_slen_t xlat_expr_print_rcode(fr_sbuff_t *out, xlat_exp_t const *node, void *instance, UNUSED fr_sbuff_escape_rules_t const *e_rules)
Definition xlat_expr.c:1586
static void xlat_func_append_arg(xlat_exp_t *head, xlat_exp_t *node, bool exists)
Definition xlat_expr.c:70
bool xlat_is_truthy(xlat_exp_head_t const *head, bool *out)
Allow callers to see if an xlat is truthy.
Definition xlat_expr.c:3198
static xlat_action_t xlat_func_logical(TALLOC_CTX *ctx, fr_dcursor_t *out, xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *in)
Process logical &&, ||.
Definition xlat_expr.c:1383
xlat_exp_t * xlat
to expand
Definition xlat_expr.c:512
#define XLAT_BINARY_FUNC(_name, _op)
Definition xlat_expr.c:373
static const fr_sbuff_term_t bracket_terms
Definition xlat_expr.c:3034
static size_t expr_quote_table_len
Definition xlat_expr.c:2067
static int xlat_instantiate_exists(xlat_inst_ctx_t const *xctx)
Definition xlat_expr.c:1726
static fr_slen_t xlat_expr_print_nary(fr_sbuff_t *out, xlat_exp_t const *node, void *instance, fr_sbuff_escape_rules_t const *e_rules)
Definition xlat_expr.c:880
int xlat_register_expressions(void)
Definition xlat_expr.c:1858
static xlat_arg_parser_t const xlat_func_exists_arg[]
Definition xlat_expr.c:1701
static xlat_action_t xlat_logical_process_arg(UNUSED TALLOC_CTX *ctx, UNUSED fr_dcursor_t *out, xlat_ctx_t const *xctx, request_t *request, UNUSED fr_value_box_list_t *in)
Process one argument of a logical operation.
Definition xlat_expr.c:1129
static fr_slen_t xlat_tokenize_expression_internal(TALLOC_CTX *ctx, xlat_exp_head_t **out, fr_sbuff_t *in, fr_sbuff_parse_rules_t const *p_rules, tmpl_rules_t const *t_rules, bool cond)
Definition xlat_expr.c:3059
static fr_slen_t xlat_expr_print_unary(fr_sbuff_t *out, xlat_exp_t const *node, UNUSED void *inst, fr_sbuff_escape_rules_t const *e_rules)
Definition xlat_expr.c:141
#define P(_x, _y)
Definition xlat_expr.c:1987
static xlat_arg_parser_t const regex_op_xlat_args[]
Definition xlat_expr.c:629
static void xlat_ungroup(xlat_exp_head_t *head)
Undo work which shouldn't have been done.
Definition xlat_expr.c:976
static xlat_action_t xlat_func_unary_complement(TALLOC_CTX *ctx, fr_dcursor_t *out, xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *in)
Definition xlat_expr.c:1491
static xlat_action_t xlat_cmp_op(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, UNUSED request_t *request, fr_value_box_list_t *in, fr_token_t op)
Definition xlat_expr.c:447
static const int precedence[T_TOKEN_LAST]
Definition xlat_expr.c:1989
static xlat_action_t xlat_func_unary_minus(TALLOC_CTX *ctx, fr_dcursor_t *out, xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *in)
Definition xlat_expr.c:1484
static xlat_action_t xlat_logical_or_resume(TALLOC_CTX *ctx, fr_dcursor_t *out, xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *in)
Definition xlat_expr.c:1208
unlang_result_t last_result
Definition xlat_expr.c:874
static fr_table_num_sorted_t const expr_quote_table[]
Definition xlat_expr.c:2061
#define XLAT_REGISTER_BINARY_OP(_op, _name)
Definition xlat_expr.c:1800
#define XLAT_REGEX_FUNC(_name, _op)
Definition xlat_expr.c:825
static xlat_action_t xlat_binary_op(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *in, fr_token_t op, fr_type_t default_type, fr_dict_attr_t const *enumv)
Definition xlat_expr.c:302
static bool valid_type(xlat_exp_t *node)
Definition xlat_expr.c:2709
static bool xlat_logical_and(xlat_logical_rctx_t *rctx, fr_value_box_list_t const *in)
See if the input is truthy or not.
Definition xlat_expr.c:1265
fr_value_box_t * box
output value-box
Definition xlat_expr.c:875
#define XLAT_DEBUG(...)
Definition xlat_expr.c:38
fr_value_box_list_t list
Definition xlat_expr.c:518
static xlat_action_t xlat_regex_op(TALLOC_CTX *ctx, fr_dcursor_t *out, xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *in, fr_token_t op)
Definition xlat_expr.c:792
static xlat_action_t xlat_func_unary_not(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, UNUSED request_t *request, fr_value_box_list_t *in)
Definition xlat_expr.c:1457
fr_regex_flags_t * regex_flags
Definition xlat_expr.c:513
static bool xlat_node_matches_bool(bool *result, xlat_exp_t *parent, xlat_exp_head_t *head, bool sense)
Definition xlat_expr.c:928
static int xlat_instantiate_regex(xlat_inst_ctx_t const *xctx)
Definition xlat_expr.c:585
static xlat_action_t xlat_func_unary_op(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *in, fr_token_t op)
Definition xlat_expr.c:1413
static int xlat_expr_resolve_binary(xlat_exp_t *node, UNUSED void *inst, xlat_res_rules_t const *xr_rules)
Definition xlat_expr.c:174
static const bool logical_ops[T_TOKEN_LAST]
Definition xlat_expr.c:1963
xlat_func_t callback
Definition xlat_expr.c:867
static xlat_arg_parser_t const binary_op_xlat_args[]
Definition xlat_expr.c:296
static xlat_action_t xlat_attr_exists(TALLOC_CTX *ctx, fr_dcursor_t *out, request_t *request, tmpl_t const *vpt, bool do_free)
Definition xlat_expr.c:1757
static xlat_arg_parser_t const binary_cmp_xlat_args[]
Definition xlat_expr.c:392
static const bool multivalue_ops[T_TOKEN_LAST]
Definition xlat_expr.c:1976
static fr_slen_t tokenize_unary(xlat_exp_head_t *head, xlat_exp_t **out, fr_sbuff_t *in, fr_sbuff_parse_rules_t const *p_rules, tmpl_rules_t const *t_rules, fr_sbuff_parse_rules_t const *bracket_rules, char *out_c, bool cond))
Definition xlat_expr.c:2083
static const fr_sbuff_term_elem_t binary_ops[T_TOKEN_LAST]
Definition xlat_expr.c:1931
static bool xlat_logical_or(xlat_logical_rctx_t *rctx, fr_value_box_list_t const *in)
See if the input is truthy or not.
Definition xlat_expr.c:1166
fr_token_t op
Definition xlat_expr.c:510
TALLOC_CTX * ctx
Definition xlat_expr.c:873
regex_t * regex
precompiled regex
Definition xlat_expr.c:511
#define XLAT_REGISTER_NARY_OP(_op, _name, _func_name)
Definition xlat_expr.c:1821
static int xlat_instantiate_expr_rcode(xlat_inst_ctx_t const *xctx)
Convert static expr_rcode arguments into rcodes.
Definition xlat_expr.c:1514
static void fr_value_box_init_zero(fr_value_box_t *vb, fr_type_t type)
Definition xlat_expr.c:279
static xlat_action_t xlat_regex_resume(TALLOC_CTX *ctx, fr_dcursor_t *out, xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *in)
Definition xlat_expr.c:752
static fr_table_num_ordered_t const expr_assignment_op_table[]
Definition xlat_expr.c:2675
static xlat_exp_t * xlat_exists_alloc(TALLOC_CTX *ctx, xlat_exp_t *child)
Allocate a specific cast node.
Definition xlat_expr.c:112
static xlat_exp_t * expr_cast_alloc(TALLOC_CTX *ctx, fr_type_t type, xlat_exp_t *child)
Allocate a specific cast node.
Definition xlat_expr.c:2186
static xlat_arg_parser_t const regex_search_xlat_args[]
Definition xlat_expr.c:635
static fr_slen_t expr_cast_from_substr(fr_type_t *cast, fr_sbuff_t *in)
Definition xlat_expr.c:2223
static ssize_t tokenize_rcode(xlat_exp_head_t *head, xlat_exp_t **out, fr_sbuff_t *in, fr_sbuff_term_t const *terminals)
Definition xlat_expr.c:2357
#define XLAT_REGISTER_BINARY_CMP(_op, _name)
Definition xlat_expr.c:1810
static xlat_arg_parser_t const xlat_func_rcode_arg[]
Takes no arguments.
Definition xlat_expr.c:1664
static int xlat_expr_logical_purify(xlat_exp_t *node, void *instance, request_t *request)
If any argument resolves to inst->stop_on_match, the entire thing is a bool of inst->stop_on_match.
Definition xlat_expr.c:1002
fr_value_box_list_t list
Definition xlat_expr.c:877
rlm_rcode_t rcode
The preparsed rcode.
Definition xlat_expr.c:1506
xlat_exp_head_t ** argv
Definition xlat_expr.c:869
static fr_slen_t xlat_expr_print_exists(fr_sbuff_t *out, xlat_exp_t const *node, void *instance, fr_sbuff_escape_rules_t const *e_rules)
Definition xlat_expr.c:1709
static int xlat_instantiate_logical(xlat_inst_ctx_t const *xctx)
Definition xlat_expr.c:1363
#define XLAT_REGISTER_UNARY(_op, _xlat, _func)
Definition xlat_expr.c:1849
static xlat_arg_parser_t const unary_op_xlat_args[]
Definition xlat_expr.c:1408
fr_slen_t xlat_tokenize_expression(TALLOC_CTX *ctx, xlat_exp_head_t **out, fr_sbuff_t *in, fr_sbuff_parse_rules_t const *p_rules, tmpl_rules_t const *t_rules)
Definition xlat_expr.c:3135
static xlat_arg_parser_t const xlat_func_expr_rcode_arg[]
Definition xlat_expr.c:1498
static fr_slen_t tokenize_regex_rhs(xlat_exp_head_t *head, xlat_exp_t **out, fr_sbuff_t *in, tmpl_rules_t const *t_rules, fr_sbuff_parse_rules_t const *bracket_rules)
Definition xlat_expr.c:2263
static fr_slen_t xlat_expr_print_regex(fr_sbuff_t *out, xlat_exp_t const *node, void *instance, fr_sbuff_escape_rules_t const *e_rules)
Definition xlat_expr.c:521
static const fr_sbuff_term_t operator_terms
Definition xlat_expr.c:3039
#define XLAT_REGISTER_REGEX_OP(_op, _name)
Definition xlat_expr.c:1832
static xlat_action_t xlat_logical_and_resume(TALLOC_CTX *ctx, fr_dcursor_t *out, xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *in)
Definition xlat_expr.c:1312
static ssize_t tokenize_expression(xlat_exp_head_t *head, xlat_exp_t **out, fr_sbuff_t *in, fr_sbuff_parse_rules_t const *p_rules, tmpl_rules_t const *t_rules, fr_token_t prev, fr_sbuff_parse_rules_t const *bracket_rules, fr_sbuff_parse_rules_t const *input_rules, bool cond))
Tokenize a mathematical operation.
Definition xlat_expr.c:2748
#define XLAT_CMP_FUNC(_name, _op)
Definition xlat_expr.c:492
static ssize_t tokenize_field(xlat_exp_head_t *head, xlat_exp_t **out, fr_sbuff_t *in, fr_sbuff_parse_rules_t const *p_rules, tmpl_rules_t const *t_rules, fr_sbuff_parse_rules_t const *bracket_rules, char *out_c, bool cond))
Definition xlat_expr.c:2406
unlang_result_t last_result
Definition xlat_expr.c:517
fr_slen_t xlat_tokenize_condition(TALLOC_CTX *ctx, xlat_exp_head_t **out, fr_sbuff_t *in, fr_sbuff_parse_rules_t const *p_rules, tmpl_rules_t const *t_rules)
Definition xlat_expr.c:3163
static xlat_action_t xlat_regex_do_op(TALLOC_CTX *ctx, request_t *request, fr_value_box_list_t *in, regex_t **preg, fr_dcursor_t *out, fr_token_t op)
Perform a regular expressions comparison between two operands.
Definition xlat_expr.c:663
Holds the result of pre-parsing the rcode on startup.
Definition xlat_expr.c:1505
void xlat_func_flags_set(xlat_t *x, xlat_func_flags_t flags)
Specify flags that alter the xlat's behaviour.
Definition xlat_func.c:399
int xlat_func_args_set(xlat_t *x, xlat_arg_parser_t const args[])
Register the arguments of an xlat.
Definition xlat_func.c:363
xlat_t * xlat_func_register(TALLOC_CTX *ctx, char const *name, xlat_func_t func, fr_type_t return_type)
Register an xlat function.
Definition xlat_func.c:216
void xlat_func_print_set(xlat_t *xlat, xlat_print_t func)
Set a print routine for an xlat function.
Definition xlat_func.c:411
xlat_t * xlat_func_find(char const *in, ssize_t inlen)
Definition xlat_func.c:77
#define xlat_func_instantiate_set(_xlat, _instantiate, _inst_struct, _detach, _uctx)
Set a callback for global instantiation of xlat functions.
Definition xlat_func.h:93
@ XLAT_FUNC_FLAG_PURE
Definition xlat_func.h:38
@ XLAT_FUNC_FLAG_INTERNAL
Definition xlat_func.h:39
#define xlat_exp_head_alloc(_ctx)
Definition xlat_priv.h:273
xlat_flags_t flags
Flags that control resolution and evaluation.
Definition xlat_priv.h:154
static xlat_exp_t * xlat_exp_next(xlat_exp_head_t const *head, xlat_exp_t const *node)
Definition xlat_priv.h:246
xlat_flags_t flags
Flags that control resolution and evaluation.
Definition xlat_priv.h:190
fr_slen_t xlat_tokenize_word(TALLOC_CTX *ctx, xlat_exp_t **out, fr_sbuff_t *in, fr_token_t quote, fr_sbuff_parse_rules_t const *p_rules, tmpl_rules_t const *t_rules)
fr_token_t quote
Type of quoting around XLAT_GROUP types.
Definition xlat_priv.h:152
@ XLAT_BOX
fr_value_box_t
Definition xlat_priv.h:108
@ XLAT_TMPL
xlat attribute
Definition xlat_priv.h:112
@ XLAT_FUNC
xlat module
Definition xlat_priv.h:110
@ XLAT_GROUP
encapsulated string of xlats
Definition xlat_priv.h:116
bool deprecated
this function was deprecated
Definition xlat_priv.h:68
static void xlat_flags_merge(xlat_flags_t *parent, xlat_flags_t const *child)
Merge flags from child to parent.
Definition xlat_priv.h:229
#define xlat_exp_set_type(_node, _type)
Definition xlat_priv.h:276
fr_token_t token
for expressions
Definition xlat_priv.h:70
char const *_CONST fmt
The original format string (a talloced buffer).
Definition xlat_priv.h:151
ssize_t xlat_print_node(fr_sbuff_t *out, xlat_exp_head_t const *head, xlat_exp_t const *node, fr_sbuff_escape_rules_t const *e_rules, char c)
int xlat_purify_list(xlat_exp_head_t *head, request_t *request)
Definition xlat_purify.c:61
xlat_type_t _CONST type
type of this expansion.
Definition xlat_priv.h:155
#define xlat_exp_alloc(_ctx, _type, _in, _inlen)
Definition xlat_priv.h:282
xlat_flags_t flags
various flags
Definition xlat_priv.h:92
#define xlat_exp_foreach(_list_head, _iter)
Iterate over the contents of a list, only one level.
Definition xlat_priv.h:222
static int xlat_exp_insert_tail(xlat_exp_head_t *head, xlat_exp_t *node)
Definition xlat_priv.h:238
static xlat_exp_t * xlat_exp_head(xlat_exp_head_t const *head)
Definition xlat_priv.h:209
An xlat expansion node.
Definition xlat_priv.h:148