The FreeRADIUS server $Id: 15bac2a4c627c01d1aa2047687b3418955ac7f00 $
Loading...
Searching...
No Matches
xlat_expr.c
Go to the documentation of this file.
1/*
2 * This program is free software; you can redistribute it and/or modify
3 * it under the terms of the GNU General Public License as published by
4 * the Free Software Foundation; either version 2 of the License, or
5 * (at your option) any later version.
6 *
7 * This program is distributed in the hope that it will be useful,
8 * but WITHOUT ANY WARRANTY; without even the implied warranty of
9 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
10 * GNU General Public License for more details.
11 *
12 * You should have received a copy of the GNU General Public License
13 * along with this program; if not, write to the Free Software
14 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
15 */
16
17/**
18 * $Id: 481d6488d5315a806fa69c89109a0c97b75425d8 $
19 *
20 * @file xlat_expr.c
21 * @brief Tokenizers and support functions for xlat expressions
22 *
23 * @copyright 2021 The FreeRADIUS server project
24 * @copyright 2021 Network RADIUS SAS (legal@networkradius.com)
25 */
26RCSID("$Id: 481d6488d5315a806fa69c89109a0c97b75425d8 $")
27
28#include <freeradius-devel/server/base.h>
29#include <freeradius-devel/unlang/xlat_priv.h>
30#include <freeradius-devel/util/calc.h>
31#include <freeradius-devel/util/debug.h>
32#include <freeradius-devel/server/tmpl_dcursor.h>
33
34#undef XLAT_DEBUG
35#ifdef DEBUG_XLAT
36# define XLAT_DEBUG(_fmt, ...) DEBUG3("%s[%i] "_fmt, __FILE__, __LINE__, ##__VA_ARGS__)
37#else
38# define XLAT_DEBUG(...)
39#endif
40
41/*
42 * The new tokenizer accepts most things which are accepted by the old one. Many of the errors will be
43 * different, though.
44 *
45 * @todo - add a "output" fr_type_t to xlat_t, which is mainly used by the comparison functions. Right
46 * now it will happily parse things like:
47 *
48 * (1 < 2) < 3
49 *
50 * though the result of (1 < 2) is a boolean, so the result is always true. We probably want to have
51 * that as a compile-time error / check. This can probably just be done with xlat_purify() ? which
52 * doesn't need to interpret the LHS, but just knows its limits. We perhaps want a "range compare"
53 * function, which just checks ranges on one side against values on the right.
54 *
55 * Even worse, when we do "((bool) 1) < 3", the RHS is cast to the type of the LHS by
56 * tmpl_afrom_substr(). This is because we pass the LHS data type recursively down, which works most of
57 * the time, but not all of the time. There are currently hacks in the "upcast" code here to fix this,
58 * but it's a hack.
59 *
60 * @todo - add instantiation routines for assignment operations. This lets us do things
61 * like:
62 * if ((&foo += 4) > 6) ...
63 *
64 * However, this would also require us adding an edit list pointer to the xlat evaluation functions,
65 * which is not trivial. Or, maybe we attach it to the request somehow?
66 */
67
68static xlat_exp_t *xlat_exists_alloc(TALLOC_CTX *ctx, xlat_exp_t *child);
69
70static void xlat_func_append_arg(xlat_exp_t *head, xlat_exp_t *node, bool exists)
71{
72 xlat_exp_t *group;
73
74 fr_assert(head->type == XLAT_FUNC);
75
76 /*
77 * Wrap existence checks for attribute reference.
78 */
79 if (exists && (node->type == XLAT_TMPL) && tmpl_contains_attr(node->vpt)) {
80 node = xlat_exists_alloc(head, node);
81 }
82
83 if (!head->call.args) {
84 MEM(head->call.args = xlat_exp_head_alloc(head));
85 head->call.args->is_argv = true;
86 }
87
88 /*
89 * Wrap it in a group.
90 */
91 group = xlat_exp_alloc(head->call.args, XLAT_GROUP, NULL, 0);
92 group->quote = T_BARE_WORD;
93
94 xlat_exp_set_name_shallow(group, node->fmt); /* not entirely correct, but good enough for now */
95 group->flags = node->flags;
96
97 talloc_steal(group->group, node);
98 xlat_exp_insert_tail(group->group, node);
99
100 xlat_exp_insert_tail(head->call.args, group);
101
102 xlat_flags_merge(&head->flags, &head->call.args->flags);
103}
104
105
106/** Allocate a specific cast node.
107 *
108 * With the first argument being a UINT8 of the data type.
109 * See xlat_func_cast() for the implementation.
110 *
111 */
112static xlat_exp_t *xlat_exists_alloc(TALLOC_CTX *ctx, xlat_exp_t *child)
113{
114 xlat_exp_t *node;
115
116 fr_assert(child->type == XLAT_TMPL);
117 fr_assert(tmpl_contains_attr(child->vpt));
118
119 /*
120 * Create an "exists" node.
121 */
122 MEM(node = xlat_exp_alloc(ctx, XLAT_FUNC, "exists", 6));
123 xlat_exp_set_name_shallow(node, child->vpt->name);
124
125 MEM(node->call.func = xlat_func_find("exists", 6));
126 fr_assert(node->call.func != NULL);
127
128 /*
129 * The attribute may need resolving, in which case we have to set the flag as appropriate.
130 */
131 node->flags = (xlat_flags_t) { .needs_resolving = tmpl_needs_resolving(child->vpt)};
132
133 if (!node->flags.needs_resolving) node->call.dict = tmpl_attr_tail_da(child->vpt)->dict;
134
135 xlat_func_append_arg(node, child, false);
136
137 return node;
138}
139
140
141static fr_slen_t xlat_expr_print_unary(fr_sbuff_t *out, xlat_exp_t const *node, UNUSED void *inst, fr_sbuff_escape_rules_t const *e_rules)
142{
143 size_t at_in = fr_sbuff_used_total(out);
144
145 FR_SBUFF_IN_STRCPY_RETURN(out, fr_tokens[node->call.func->token]);
146 xlat_print_node(out, node->call.args, xlat_exp_head(node->call.args), e_rules, 0);
147
148 return fr_sbuff_used_total(out) - at_in;
149}
150
151static fr_slen_t xlat_expr_print_binary(fr_sbuff_t *out, xlat_exp_t const *node, UNUSED void *inst, fr_sbuff_escape_rules_t const *e_rules)
152{
153 size_t at_in = fr_sbuff_used_total(out);
154 xlat_exp_t *child = xlat_exp_head(node->call.args);
155
156 fr_assert(child != NULL);
157
158 FR_SBUFF_IN_CHAR_RETURN(out, '(');
159 xlat_print_node(out, node->call.args, child, e_rules, 0); /* prints a space after the first argument */
160
161 FR_SBUFF_IN_STRCPY_RETURN(out, fr_tokens[node->call.func->token]);
162 FR_SBUFF_IN_CHAR_RETURN(out, ' ');
163
164 child = xlat_exp_next(node->call.args, child);
165 fr_assert(child != NULL);
166
167 xlat_print_node(out, node->call.args, child, e_rules, 0);
168
169 FR_SBUFF_IN_CHAR_RETURN(out, ')');
170
171 return fr_sbuff_used_total(out) - at_in;
172}
173
174static int xlat_expr_resolve_binary(xlat_exp_t *node, UNUSED void *inst, xlat_res_rules_t const *xr_rules)
175{
176 xlat_exp_t *arg1, *arg2;
177 xlat_exp_t *a, *b;
178 tmpl_res_rules_t my_tr_rules;
179
180 XLAT_DEBUG("RESOLVE %s\n", node->fmt);
181
182 arg1 = xlat_exp_head(node->call.args);
183 fr_assert(arg1);
184 fr_assert(arg1->type == XLAT_GROUP);
185
186 arg2 = xlat_exp_next(node->call.args, arg1);
187 fr_assert(arg2);
188 fr_assert(arg2->type == XLAT_GROUP);
189
190 a = xlat_exp_head(arg1->group);
191 b = xlat_exp_head(arg2->group);
192
193 /*
194 * We have many things here, just call resolve recursively.
195 */
196 if (xlat_exp_next(arg1->group, a) || (xlat_exp_next(arg2->group, b))) goto resolve;
197
198 /*
199 * Anything else must get resolved at run time.
200 */
201 if ((a->type != XLAT_TMPL) || (b->type != XLAT_TMPL)) goto resolve;
202
203 /*
204 * The tr_rules should always contain dict_def
205 */
206 fr_assert(xr_rules); /* always set by xlat_resolve() */
207 if (xr_rules->tr_rules) {
208 my_tr_rules = *xr_rules->tr_rules;
209 } else {
210 my_tr_rules = (tmpl_res_rules_t) { };
211 }
212
213 /*
214 * The LHS attribute dictates the enumv for the RHS one.
215 */
216 if (tmpl_contains_attr(a->vpt)) {
217 XLAT_DEBUG("\ta - %s %s\n", a->fmt, b->fmt);
218
219 if (a->flags.needs_resolving) {
220 XLAT_DEBUG("\tresolve attr a\n");
221 if (tmpl_resolve(a->vpt, &my_tr_rules) < 0) return -1;
222 a->flags.needs_resolving = false;
223 }
224
225 my_tr_rules.enumv = tmpl_attr_tail_da(a->vpt);
226
227 XLAT_DEBUG("\tresolve other b\n");
228 if (tmpl_resolve(b->vpt, &my_tr_rules) < 0) return -1;
229
230 b->flags.needs_resolving = false;
231 b->flags.pure = tmpl_is_data(b->vpt);
232 b->flags.constant = b->flags.pure;
233 goto flags;
234 }
235
236 if (tmpl_contains_attr(b->vpt)) {
237 XLAT_DEBUG("\tb - %s %s\n", a->fmt, b->fmt);
238
239 if (b->flags.needs_resolving) {
240 XLAT_DEBUG("\tresolve attr b\n");
241 if (tmpl_resolve(b->vpt, &my_tr_rules) < 0) return -1;
242
243 b->flags.needs_resolving = false;
244 }
245
246 my_tr_rules.enumv = tmpl_attr_tail_da(b->vpt);
247
248 XLAT_DEBUG("\tresolve other a\n");
249 if (tmpl_resolve(a->vpt, &my_tr_rules) < 0) return -1;
250
251 a->flags.needs_resolving = false;
252 a->flags.pure = tmpl_is_data(a->vpt);
253 a->flags.constant = a->flags.pure;
254 goto flags;
255 }
256
257resolve:
258 /*
259 * This call will fix everything recursively.
260 */
261 return xlat_resolve(node->call.args, xr_rules);
262
263flags:
264 arg1->flags = arg1->group->flags = a->flags;
265 arg2->flags = arg2->group->flags = b->flags;
266 xlat_flags_merge(&node->call.args->flags, &arg2->flags);
267
268 fr_assert(!a->flags.needs_resolving);
269 fr_assert(!b->flags.needs_resolving);
270
271 fr_assert(!arg1->flags.needs_resolving);
272 fr_assert(!arg2->flags.needs_resolving);
273
274 node->call.args->flags.needs_resolving = false;
275 xlat_flags_merge(&node->flags, &node->call.args->flags);
276
277 return 0;
278}
279
280static void fr_value_box_init_zero(fr_value_box_t *vb, fr_type_t type)
281{
282 switch (type) {
283 case FR_TYPE_STRING:
284 fr_value_box_strdup_shallow(vb, NULL, "", false);
285 break;
286
287 case FR_TYPE_OCTETS:
288 fr_value_box_memdup_shallow(vb, NULL, (void const *) "", 0, false);
289 break;
290
291 default:
292 fr_value_box_init(vb, type, NULL, false);
293 break;
294 }
295}
296
297static xlat_arg_parser_t const binary_op_xlat_args[] = {
298 { .required = false, .type = FR_TYPE_VOID },
299 { .required = false, .type = FR_TYPE_VOID },
300 XLAT_ARG_PARSER_TERMINATOR
301};
302
303static xlat_action_t xlat_binary_op(TALLOC_CTX *ctx, fr_dcursor_t *out,
304 UNUSED xlat_ctx_t const *xctx,
305 request_t *request, fr_value_box_list_t *in,
306 fr_token_t op,
307 fr_type_t default_type, fr_dict_attr_t const *enumv)
308{
309 int rcode;
310 fr_value_box_t *dst, *a, *b;
311 fr_value_box_t one, two;
312
313 MEM(dst = fr_value_box_alloc_null(ctx));
314
315 /*
316 * Each argument is a FR_TYPE_GROUP, with one or more elements in a list.
317 */
318 a = fr_value_box_list_head(in);
319 if (!a) {
320 REDEBUG("Left argument to %s is missing", fr_tokens[op]);
321 fail:
322 talloc_free(dst);
323 return XLAT_ACTION_FAIL;
324 }
325
326 b = fr_value_box_list_next(in, a);
327 if (!b) {
328 REDEBUG("Right argument to %s is missing", fr_tokens[op]);
329 goto fail;
330 }
331
332 fr_assert(!fr_comparison_op[op]);
333
334 if (fr_value_box_list_num_elements(&a->vb_group) > 1) {
335 REDEBUG("Expected one value as the first argument, got %u",
336 fr_value_box_list_num_elements(&a->vb_group));
337 goto fail;
338 }
339 a = fr_value_box_list_head(&a->vb_group);
340
341 if (fr_value_box_list_num_elements(&b->vb_group) > 1) {
342 REDEBUG("Expected one value as the second argument, got %u",
343 fr_value_box_list_num_elements(&b->vb_group));
344 goto fail;
345 }
346 b = fr_value_box_list_head(&b->vb_group);
347
348 if (!a) {
349 a = &one;
350 fr_value_box_init_zero(a, b ? b->type : default_type);
351 }
352
353 if (!b) {
354 b = &two;
355 fr_value_box_init_zero(b, a ? a->type : default_type);
356 }
357
358 rcode = fr_value_calc_binary_op(dst, dst, default_type, a, op, b);
359 if (rcode < 0) {
360 RPEDEBUG("Failed calculating '%pR %s %pR'", a, fr_tokens[op], b);
361 goto fail;
362 }
363
364 /*
365 * Over-write, but only if it's present. Otherwise leave
366 * any existing enum alone.
367 */
368 if (enumv) dst->enumv = enumv;
369 fr_dcursor_append(out, dst);
370
371 VALUE_BOX_LIST_VERIFY((fr_value_box_list_t *)out->dlist);
372 return XLAT_ACTION_DONE;
373}
374
375#define XLAT_BINARY_FUNC(_name, _op) \
376static xlat_action_t xlat_func_ ## _name(TALLOC_CTX *ctx, fr_dcursor_t *out, \
377 xlat_ctx_t const *xctx, \
378 request_t *request, fr_value_box_list_t *in) \
379{ \
380 return xlat_binary_op(ctx, out, xctx, request, in, _op, FR_TYPE_NULL, NULL); \
381}
382
383XLAT_BINARY_FUNC(op_add, T_ADD)
384XLAT_BINARY_FUNC(op_sub, T_SUB)
385XLAT_BINARY_FUNC(op_mul, T_MUL)
386XLAT_BINARY_FUNC(op_div, T_DIV)
387XLAT_BINARY_FUNC(op_mod, T_MOD)
388XLAT_BINARY_FUNC(op_and, T_AND)
389XLAT_BINARY_FUNC(op_or, T_OR)
390XLAT_BINARY_FUNC(op_xor, T_XOR)
391XLAT_BINARY_FUNC(op_rshift, T_RSHIFT)
392XLAT_BINARY_FUNC(op_lshift, T_LSHIFT)
393
394static xlat_arg_parser_t const binary_cmp_xlat_args[] = {
395 { .required = false, .type = FR_TYPE_VOID },
396 { .required = false, .type = FR_TYPE_VOID },
397 XLAT_ARG_PARSER_TERMINATOR
398};
399
400/*
401 * @todo - arguably this function should process its own arguments, like logical_or.
402 *
403 * That way it can return XLAT_ACTION_FAIL if either argument fails to be found,
404 * or if the comparison matches, it returns the RHS value. This behavior will
405 * let us to multiple comparisons, like:
406 *
407 * if (0 < x < 5) ...
408 *
409 * Which is then syntactic sugar for
410 *
411 * if ((0 < x) < 5) ...
412 *
413 * That means the comparisons no longer return "bool", so if we
414 * want to do this, the change has to be made before v4 is
415 * released.
416 *
417 * Other operators like "+=" would return their LHS value. But in order to do that, we would have to
418 * update the expression parser to allow in-place edits, and that may be a fair bit of work.
419 *
420 * It also lets us do more interesting selectors, such as:
421 *
422 * foo || (0 < x)
423 *
424 * which if "foo" doesn't exist, evaluates the RHS, and then returns "x" only if x is greater than zero.
425 * This short-hand can remove a lot of complex / nested "if" conditions.
426 *
427 * It could also allow us to do better attribute filtering:
428 *
429 * foo := (0 < foo < 5)
430 *
431 * Which ensures that "foo" has value only 1..4.
432 *
433 * It would be nice to have a syntax for "self", so we could instead do:
434 *
435 * foo := (0 < $$ < 5)
436 *
437 * Which could then also be used inside of attribute selectors:
438 *
439 * foreach foo (Vendor-Specific.Cisco.AVPair[$$ =~ /^x/]) { ...
440 *
441 * and now that we have pair cursors as value-boxes, this becomes a lot easier.
442 * "$$" then becomes syntactic sugar for "the pair at the current cursor".
443 *
444 * It also means tracking somehow the value of $$ in the interpreter? Maybe as a short-hand, just update
445 * the #request_t to add a #fr_pair_t of the current cursor value. This is a horrible hack, but would be
446 * easy to do. It doesn't allow nested cursors, but whatever. The syntax for that would be hard to get
447 * right.
448 */
449static xlat_action_t xlat_cmp_op(TALLOC_CTX *ctx, fr_dcursor_t *out,
450 UNUSED xlat_ctx_t const *xctx,
451 UNUSED request_t *request, fr_value_box_list_t *in,
452 fr_token_t op)
453{
454 int rcode;
455 fr_value_box_t *dst, *a, *b;
456
457 /*
458 * Each argument is a FR_TYPE_GROUP, with one or more elements in a list.
459 */
460 a = fr_value_box_list_head(in);
461 if (!a) {
462 REDEBUG("Left argument to %s is missing", fr_tokens[op]);
463 return XLAT_ACTION_FAIL;
464 }
465
466 b = fr_value_box_list_next(in, a);
467 if (!b) {
468 REDEBUG("Right argument to %s is missing", fr_tokens[op]);
469 return XLAT_ACTION_FAIL;
470 }
471
472 fr_assert(a->type == FR_TYPE_GROUP);
473 fr_assert(b->type == FR_TYPE_GROUP);
474
475 fr_assert(fr_comparison_op[op]);
476
477 MEM(dst = fr_value_box_alloc(ctx, FR_TYPE_BOOL, attr_expr_bool_enum));
478
479 rcode = fr_value_calc_list_cmp(dst, dst, &a->vb_group, op, &b->vb_group);
480 if (rcode < 0) {
481 talloc_free(dst);
482 return XLAT_ACTION_FAIL;
483 }
484
485 fr_assert(dst->type == FR_TYPE_BOOL);
486 dst->enumv = attr_expr_bool_enum;
487
488 fr_dcursor_append(out, dst);
489 VALUE_BOX_LIST_VERIFY((fr_value_box_list_t *)out->dlist);
490 return XLAT_ACTION_DONE;
491}
492
493
494#define XLAT_CMP_FUNC(_name, _op) \
495static xlat_action_t xlat_func_ ## _name(TALLOC_CTX *ctx, fr_dcursor_t *out, \
496 xlat_ctx_t const *xctx, \
497 request_t *request, fr_value_box_list_t *in) \
498{ \
499 return xlat_cmp_op(ctx, out, xctx, request, in, _op); \
500}
501
502XLAT_CMP_FUNC(cmp_eq, T_OP_CMP_EQ)
503XLAT_CMP_FUNC(cmp_ne, T_OP_NE)
504XLAT_CMP_FUNC(cmp_lt, T_OP_LT)
505XLAT_CMP_FUNC(cmp_le, T_OP_LE)
506XLAT_CMP_FUNC(cmp_gt, T_OP_GT)
507XLAT_CMP_FUNC(cmp_ge, T_OP_GE)
508XLAT_CMP_FUNC(cmp_eq_type, T_OP_CMP_EQ_TYPE)
509XLAT_CMP_FUNC(cmp_ne_type, T_OP_CMP_NE_TYPE)
510
511typedef struct {
512 fr_token_t op;
513 regex_t *regex; //!< precompiled regex
514 xlat_exp_t *xlat; //!< to expand
515 fr_regex_flags_t *regex_flags;
516} xlat_regex_inst_t;
517
518typedef struct {
519 unlang_result_t last_result;
520 fr_value_box_list_t list;
521} xlat_regex_rctx_t;
522
523static fr_slen_t xlat_expr_print_regex(fr_sbuff_t *out, xlat_exp_t const *node, void *instance, fr_sbuff_escape_rules_t const *e_rules)
524{
525 size_t at_in = fr_sbuff_used_total(out);
526 xlat_exp_t *child = xlat_exp_head(node->call.args);
527 xlat_regex_inst_t *inst = instance;
528
529 fr_assert(child != NULL);
530
531 FR_SBUFF_IN_CHAR_RETURN(out, '(');
532 xlat_print_node(out, node->call.args, child, e_rules, 0);
533
534 /*
535 * A space is printed after the first argument only if
536 * there's a second one. So add one if we "ate" the second argument.
537 */
538 if (inst->xlat) FR_SBUFF_IN_CHAR_RETURN(out, ' ');
539
540 FR_SBUFF_IN_STRCPY_RETURN(out, fr_tokens[node->call.func->token]);
541 FR_SBUFF_IN_CHAR_RETURN(out, ' ');
542
543 /*
544 * Regexes which aren't instantiated: only for unit tests.
545 */
546 if (!inst->xlat) {
547 child = xlat_exp_next(node->call.args, child);
548
549 fr_assert(child != NULL);
550 fr_assert(!xlat_exp_next(node->call.args, child));
551 fr_assert(child->type == XLAT_GROUP);
552
553 FR_SBUFF_IN_CHAR_RETURN(out, '/');
554 FR_SBUFF_IN_STRCPY_RETURN(out, child->fmt);
555 FR_SBUFF_IN_CHAR_RETURN(out, '/');
556
557 child = xlat_exp_head(child->group);
558 fr_assert(child->type == XLAT_TMPL);
559
560 /*
561 * The RHS may be a group
562 */
563 FR_SBUFF_RETURN(regex_flags_print, out, tmpl_regex_flags(child->vpt));
564 goto done;
565 }
566
567 fr_assert(tmpl_contains_regex(inst->xlat->vpt));
568
569 if (inst->xlat->quote == T_SINGLE_QUOTED_STRING) FR_SBUFF_IN_CHAR_RETURN(out, 'm');
570 FR_SBUFF_IN_CHAR_RETURN(out, fr_token_quote[inst->xlat->quote]);
571 FR_SBUFF_IN_STRCPY_RETURN(out, inst->xlat->vpt->name);
572 FR_SBUFF_IN_CHAR_RETURN(out, fr_token_quote[inst->xlat->quote]);
573
574 FR_SBUFF_RETURN(regex_flags_print, out, inst->regex_flags);
575
576done:
577 FR_SBUFF_IN_CHAR_RETURN(out, ')');
578
579 return fr_sbuff_used_total(out) - at_in;
580}
581
582
583/*
584 * Each argument is it's own head, because we do NOT always want
585 * to go to the next argument.
586 */
587static int xlat_instantiate_regex(xlat_inst_ctx_t const *xctx)
588{
589 xlat_regex_inst_t *inst = talloc_get_type_abort(xctx->inst, xlat_regex_inst_t);
590 xlat_exp_t *lhs, *rhs, *regex;
591
592 lhs = xlat_exp_head(xctx->ex->call.args);
593 rhs = xlat_exp_next(xctx->ex->call.args, lhs);
594
595 fr_assert(rhs);
596 fr_assert(rhs->type == XLAT_GROUP);
597 (void) fr_dlist_remove(&xctx->ex->call.args->dlist, rhs);
598
599 regex = xlat_exp_head(rhs->group);
600 fr_assert(tmpl_contains_regex(regex->vpt));
601
602 inst->op = xctx->ex->call.func->token;
603 inst->regex_flags = tmpl_regex_flags(regex->vpt);
604
605 inst->xlat = talloc_steal(inst, regex);
606 talloc_free(rhs); /* group wrapper is no longer needed */
607
608 /*
609 * The RHS is more then just one regex node, it has to be dynamically expanded.
610 */
611 if (tmpl_contains_xlat(regex->vpt)) {
612 return 0;
613 }
614
615 if (tmpl_is_data_unresolved(regex->vpt)) {
616 fr_strerror_const("Regex must be resolved before instantiation");
617 return -1;
618 }
619
620 /*
621 * Must have been caught in the parse phase.
622 */
623 fr_assert(tmpl_is_regex(regex->vpt));
624
625 inst->regex = tmpl_regex(regex->vpt);
626
627 return 0;
628}
629
630
631static xlat_arg_parser_t const regex_op_xlat_args[] = {
632 { .required = true, .type = FR_TYPE_STRING },
633 { .concat = true, .type = FR_TYPE_STRING },
634 XLAT_ARG_PARSER_TERMINATOR
635};
636
637static xlat_arg_parser_t const regex_search_xlat_args[] = {
638 { .required = true, .concat = true, .type = FR_TYPE_STRING }, /* regex string */
639 { .required = true, .concat = false, .type = FR_TYPE_STRING }, /* broken out things to match */
640 { .required = false, .concat = true, .type = FR_TYPE_STRING }, /* flags */
641 XLAT_ARG_PARSER_TERMINATOR
642};
643
644
645/** Perform a regular expressions comparison between two operands
646 *
647 * @param[in] ctx to allocate resulting box in.
648 * @param[in] request The current request.
649 * @param[in] in list of item or items
650 * @param[in,out] preg Pointer to pre-compiled or runtime-compiled
651 * regular expression. In the case of runtime-compiled
652 * the pattern may be stolen by the `regex_sub_to_request`
653 * function as the original pattern is needed to resolve
654 * capture groups.
655 * The caller should only free the `regex_t *` if it
656 * compiled it, and the pointer has not been set to NULL
657 * when this function returns.
658 * @param[out] out Where result is written.
659 * @param[in] op the operation to perform.
660 * @return
661 * - -1 on failure.
662 * - 0 for "no match".
663 * - 1 for "match".
664 */
665static xlat_action_t xlat_regex_do_op(TALLOC_CTX *ctx, request_t *request, fr_value_box_list_t *in, regex_t **preg,
666 fr_dcursor_t *out, fr_token_t op)
667{
668 uint32_t subcaptures;
669 int ret = 0;
670
671 fr_regmatch_t *regmatch;
672 fr_value_box_t *dst;
673 fr_value_box_t *arg, *vb;
674 fr_sbuff_t *agg;
675 char const *subject;
676 size_t len;
677 fr_value_box_t safety = {};
678
679 FR_SBUFF_TALLOC_THREAD_LOCAL(&agg, 256, 8192);
680
681 arg = fr_value_box_list_head(in);
682 fr_assert(arg != NULL);
683 fr_assert(arg->type == FR_TYPE_GROUP);
684
685 subcaptures = regex_subcapture_count(*preg);
686 if (!subcaptures) subcaptures = REQUEST_MAX_REGEX + 1; /* +1 for %{0} (whole match) capture group */
687 MEM(regmatch = regex_match_data_alloc(NULL, subcaptures));
688
689 while ((vb = fr_value_box_list_pop_head(&arg->vb_group)) != NULL) {
690 if (vb->type == FR_TYPE_STRING) {
691 subject = vb->vb_strvalue;
692 len = vb->vb_length;
693 fr_value_box_safety_copy(&safety, vb);
694
695 } else {
696 fr_value_box_list_t list;
697
698 fr_value_box_list_init(&list);
699 fr_value_box_list_insert_head(&list, vb);
700 fr_value_box_mark_safe_for(&safety, FR_VALUE_BOX_SAFE_FOR_ANY);
701
702 vb = NULL;
703
704 /*
705 * Concatenate everything, and escape untrusted inputs.
706 */
707 if (fr_value_box_list_concat_as_string(&safety, agg, &list, NULL, 0, &regex_escape_rules,
708 FR_VALUE_BOX_LIST_FREE_BOX, FR_REGEX_SAFE_FOR, true) < 0) {
709 RPEDEBUG("Failed concatenating regular expression string");
710 talloc_free(regmatch);
711 return XLAT_ACTION_FAIL;
712 }
713
714 subject = fr_sbuff_start(agg);
715 len = fr_sbuff_used(agg);
716 }
717
718 /*
719 * Evaluate the expression
720 */
721 ret = regex_exec(*preg, subject, len, regmatch);
722 talloc_free(vb);
723
724 switch (ret) {
725 default:
726 RPEDEBUG("REGEX failed");
727 talloc_free(regmatch);
728 return XLAT_ACTION_FAIL;
729
730 case 0:
731 regex_sub_to_request(request, NULL, NULL, NULL); /* clear out old entries */
732 continue;
733
734 case 1:
735 regex_sub_to_request(request, preg, &regmatch, &safety);
736 goto done;
737 }
738 }
739
740done:
741 talloc_free(regmatch); /* free if not consumed */
742
743 MEM(dst = fr_value_box_alloc(ctx, FR_TYPE_BOOL, attr_expr_bool_enum));
744 dst->vb_bool = (ret == (op == T_OP_REG_EQ));
745
746 fr_dcursor_append(out, dst);
747
748 return XLAT_ACTION_DONE;
749}
750
751static xlat_action_t xlat_regex_resume(TALLOC_CTX *ctx, fr_dcursor_t *out,
752 xlat_ctx_t const *xctx,
753 request_t *request, fr_value_box_list_t *in)
754{
755 xlat_regex_inst_t const *inst = talloc_get_type_abort_const(xctx->inst, xlat_regex_inst_t);
756 xlat_regex_rctx_t *rctx = talloc_get_type_abort(xctx->rctx, xlat_regex_rctx_t);
757 ssize_t slen;
758 regex_t *preg = NULL;
759 fr_sbuff_t *agg;
760
761 FR_SBUFF_TALLOC_THREAD_LOCAL(&agg, 256, 8192);
762
763 /*
764 * If the expansions fails, then we fail the entire thing.
765 */
766 if (!XLAT_RESULT_SUCCESS(&rctx->last_result)) {
767 talloc_free(rctx);
768 return XLAT_ACTION_FAIL;
769 }
770
771 /*
772 * Because we expanded the RHS ourselves, the "concat"
773 * flag to the RHS argument is ignored. So we just
774 * concatenate it here. We escape the various untrusted inputs.
775 */
776 if (fr_value_box_list_concat_as_string(NULL, agg, &rctx->list, NULL, 0, &regex_escape_rules,
777 FR_VALUE_BOX_LIST_FREE_BOX, FR_REGEX_SAFE_FOR, true) < 0) {
778 RPEDEBUG("Failed concatenating regular expression string");
779 return XLAT_ACTION_FAIL;
780 }
781
782 fr_assert(inst->regex == NULL);
783
784 slen = regex_compile(rctx, &preg, fr_sbuff_start(agg), fr_sbuff_used(agg),
785 tmpl_regex_flags(inst->xlat->vpt), true, true); /* flags, allow subcaptures, at runtime */
786 if (slen <= 0) return XLAT_ACTION_FAIL;
787
788 return xlat_regex_do_op(ctx, request, in, &preg, out, inst->op);
789}
790
791static xlat_action_t xlat_regex_op(TALLOC_CTX *ctx, fr_dcursor_t *out,
792 xlat_ctx_t const *xctx,
793 request_t *request, fr_value_box_list_t *in,
794 fr_token_t op)
795{
796 xlat_regex_inst_t const *inst = talloc_get_type_abort_const(xctx->inst, xlat_regex_inst_t);
797 xlat_regex_rctx_t *rctx;
798 regex_t *preg;
799
800 /*
801 * Just run precompiled regexes.
802 */
803 if (inst->regex) {
804 preg = tmpl_regex(inst->xlat->vpt);
805
806 return xlat_regex_do_op(ctx, request, in, &preg, out, op);
807 }
808
809 MEM(rctx = talloc_zero(unlang_interpret_frame_talloc_ctx(request), xlat_regex_rctx_t));
810 fr_value_box_list_init(&rctx->list);
811
812 if (unlang_xlat_yield(request, xlat_regex_resume, NULL, 0, rctx) != XLAT_ACTION_YIELD) {
813 fail:
814 talloc_free(rctx);
815 return XLAT_ACTION_FAIL;
816 }
817
818 if (unlang_xlat_push(ctx, &rctx->last_result, &rctx->list,
819 request, tmpl_xlat(inst->xlat->vpt), UNLANG_SUB_FRAME) < 0) goto fail;
820
821 return XLAT_ACTION_PUSH_UNLANG;
822}
823
824#define XLAT_REGEX_FUNC(_name, _op) \
825static xlat_action_t xlat_func_ ## _name(TALLOC_CTX *ctx, fr_dcursor_t *out, \
826 xlat_ctx_t const *xctx, \
827 request_t *request, fr_value_box_list_t *in) \
828{ \
829 return xlat_regex_op(ctx, out, xctx, request, in, _op); \
830}
831
832XLAT_REGEX_FUNC(reg_eq, T_OP_REG_EQ)
833XLAT_REGEX_FUNC(reg_ne, T_OP_REG_NE)
834
835static xlat_action_t xlat_func_regex_search(TALLOC_CTX *ctx, fr_dcursor_t *out,
836 UNUSED xlat_ctx_t const *xctx,
837 request_t *request, fr_value_box_list_t *in)
838{
839 ssize_t slen;
840 regex_t *preg;
841 fr_value_box_t *regex;
842 xlat_action_t action;
843
844 RDEBUG("IN IS %pM", in);
845
846 regex = fr_value_box_list_pop_head(in);
847 fr_assert(regex);
848 fr_assert(regex->type == FR_TYPE_STRING);
849
850 slen = regex_compile(ctx, &preg, regex->vb_strvalue, regex->vb_length,
851 NULL, true, true); /* flags, allow subcaptures, at runtime */
852 if (slen <= 0) {
853 RPEDEBUG("Failed parsing regular expression %pV", regex);
854 talloc_free(regex);
855 return XLAT_ACTION_FAIL;
856 }
857
858 action = xlat_regex_do_op(ctx, request, in, &preg, out, T_OP_REG_EQ);
859 talloc_free(regex);
860 talloc_free(preg);
861 return action;
862}
863
870
871typedef struct {
872 TALLOC_CTX *ctx;
873 unlang_result_t last_result;
874 fr_value_box_t *box; //!< output value-box
875 int current;
876 fr_value_box_list_t list;
877} xlat_logical_rctx_t;
878
879static fr_slen_t xlat_expr_print_nary(fr_sbuff_t *out, xlat_exp_t const *node, void *instance, fr_sbuff_escape_rules_t const *e_rules)
880{
881 size_t at_in = fr_sbuff_used_total(out);
882 xlat_logical_inst_t *inst = instance;
883 xlat_exp_head_t *head;
884
885 FR_SBUFF_IN_CHAR_RETURN(out, '(');
886
887 /*
888 * We might get called before the node is instantiated.
889 */
890 if (!inst->argv) {
891 head = node->call.args;
892
893 fr_assert(head != NULL);
894
895 xlat_exp_foreach(head, child) {
896 xlat_print_node(out, head, child, e_rules, 0);
897
898 if (!xlat_exp_next(head, child)) break;
899
900 FR_SBUFF_IN_STRCPY_RETURN(out, fr_tokens[node->call.func->token]);
901 FR_SBUFF_IN_CHAR_RETURN(out, ' ');
902 }
903 } else {
904 int i;
905
906 for (i = 0; i < inst->argc; i++) {
907 xlat_print(out, inst->argv[i], e_rules);
908 if (i == (inst->argc - 1)) break;
909
910 FR_SBUFF_IN_CHAR_RETURN(out, ' ');
911 FR_SBUFF_IN_STRCPY_RETURN(out, fr_tokens[node->call.func->token]);
912 if ((i + 1) < inst->argc) FR_SBUFF_IN_CHAR_RETURN(out, ' ');
913 }
914 }
915
916 FR_SBUFF_IN_CHAR_RETURN(out, ')');
917
918 return fr_sbuff_used_total(out) - at_in;
919}
920
921/*
922 * This returns "false" for "ignore this argument"
923 *
924 * result is "false" for "delete this argument"
925 * result is "true" for "return this argument".
926 */
927static bool xlat_node_matches_bool(bool *result, xlat_exp_t *parent, xlat_exp_head_t *head, bool sense)
928{
929 fr_value_box_t *box;
930 xlat_exp_t *node;
931
932 if (!head->flags.pure) return false;
933
934 node = xlat_exp_head(head);
935 if (!node || xlat_exp_next(head, node)) {
936 return false;
937 }
938
939 if (node->type == XLAT_BOX) {
940 box = &node->data;
941 goto check;
942 }
943
944 if (node->type != XLAT_TMPL) {
945 return false;
946 }
947
948 if (!tmpl_is_data(node->vpt)) {
949 return false;
950 }
951
952 box = tmpl_value(node->vpt);
953
954check:
955 /*
956 * On "true", replace the entire logical operation with the value-box.
957 *
958 * On "false", omit this argument, and go to the next one.
959 */
960 *result = (fr_value_box_is_truthy(box) == sense);
961
962 if (!*result) return true;
963
964 xlat_instance_unregister_func(parent);
965
966 xlat_exp_set_type(parent, XLAT_BOX);
967 if (!fr_cond_assert(fr_value_box_copy(parent, &parent->data, box) == 0)) return false;
968
969 return true;
970}
971
972/** Undo work which shouldn't have been done. :(
973 *
974 */
975static void xlat_ungroup(xlat_exp_head_t *head)
976{
977 xlat_exp_t *group, *node;
978
979 group = xlat_exp_head(head);
980 if (!group || xlat_exp_next(head, group)) return;
981
982 if (group->type != XLAT_GROUP) return;
983
984 node = xlat_exp_head(group->group);
985 if (!node || xlat_exp_next(group->group, node)) return;
986
987 (void) fr_dlist_remove(&head->dlist, group);
988 (void) fr_dlist_remove(&group->group->dlist, node);
989 (void) talloc_steal(head, node);
990
991 talloc_free(group);
992
993 fr_dlist_insert_tail(&head->dlist, node);
994 head->flags = node->flags;
995}
996
997/** If any argument resolves to inst->stop_on_match, the entire thing is a bool of inst->stop_on_match.
998 *
999 * If any argument resolves to !inst->stop_on_match, it is removed.
1000 */
1001static int xlat_expr_logical_purify(xlat_exp_t *node, void *instance, request_t *request)
1002{
1003 int i, j;
1004 int deleted = 0;
1005 bool result;
1006 xlat_logical_inst_t *inst = talloc_get_type_abort(instance, xlat_logical_inst_t);
1007 xlat_exp_head_t *group;
1008
1009 fr_assert(node->type == XLAT_FUNC);
1010
1011 /*
1012 * Don't check the last argument. If everything else gets deleted,
1013 * then we just return the last argument.
1014 */
1015 for (i = 0; i < inst->argc; i++) {
1016 /*
1017 * The argument is pure, so we purify it before
1018 * doing any other checks.
1019 */
1020 if (inst->argv[i]->flags.can_purify) {
1021 if (xlat_purify_list(inst->argv[i], request) < 0) return -1;
1022
1023 /*
1024 * xlat_purify_list expects that its outputs will be arguments to functions, so
1025 * they're grouped. We con't need that, so we ungroup them here.
1026 */
1027 xlat_ungroup(inst->argv[i]);
1028 }
1029
1030 /*
1031 * This returns "false" for "ignore".
1032 *
1033 * result is "false" for "delete this argument"
1034 * result is "true" for "return this argument".
1035 */
1036 if (!xlat_node_matches_bool(&result, node, inst->argv[i], inst->stop_on_match)) continue;
1037
1038 /*
1039 * 0 && EXPR --> 0.
1040 * 1 || EXPR --> 1
1041 *
1042 * Parent is now an XLAT_BOX, so we're done.
1043 */
1044 if (result) return 0;
1045
1046 /*
1047 * We're at the last argument. If we've deleted everything else, then just leave the
1048 * last argument alone. Otherwise some arguments remain, so we can delete the last one.
1049 */
1050 if (((i + 1) == inst->argc) && (deleted == i)) break;
1051
1052 TALLOC_FREE(inst->argv[i]);
1053 deleted++;
1054 }
1055
1056 if (!deleted) return 0;
1057
1058 /*
1059 * Pack the array. We insert at i, and read from j. We don't need to read the deleted entries,
1060 * as they all MUST be NULL.
1061 */
1062 i = 0;
1063 j = -1;
1064 while (i < (inst->argc - deleted)) {
1065 if (inst->argv[i]) {
1066 i++;
1067 continue;
1068 }
1069
1070 /*
1071 * Start searching from the next entry, OR start searching from where we left off before.
1072 */
1073 if (j < 0) j = i + 1;
1074
1075 /*
1076 * Find the first non-NULL entry, and insert it in argv[i]. We search here until the end
1077 * of the array, because we may have deleted entries from the start of the array.
1078 */
1079 while (j < inst->argc) {
1080 if (inst->argv[j]) break;
1081 j++;
1082 }
1083
1084 /*
1085 * Move the entry down, and clear out the tail end of the array.
1086 */
1087 inst->argv[i++] = inst->argv[j];
1088 inst->argv[j++] = NULL;
1089 }
1090
1091 inst->argc -= deleted;
1092
1093 if (inst->argc > 1) return 0;
1094
1095 /*
1096 * Only one argument left. We can hoist the child into ourselves, and omit the logical operation.
1097 */
1098 group = inst->argv[0];
1099 fr_assert(group != NULL);
1100 talloc_steal(node, group);
1101
1102 xlat_instance_unregister_func(node);
1103 xlat_exp_set_type(node, XLAT_GROUP);
1104
1105 /* re-print, with purified nodes removed */
1106 {
1107 char *name;
1108
1109 MEM(xlat_aprint(node, &name, group, NULL) >= 0);
1110 xlat_exp_set_name_shallow(node, name);
1111 }
1112
1113 talloc_free(node->group);
1114 node->group = group;
1115 node->flags = group->flags;
1116
1117 return 0;
1118}
1119
1120/** Process one argument of a logical operation.
1121 *
1122 * If we see a list in a truthy context, then we DON'T expand the list. Instead, we return a bool which
1123 * indicates if the list was empty (or not). This prevents us from returning a whole mess of value-boxes
1124 * when the user just wanted to see if the list existed.
1125 *
1126 * Otherwise, we expand the xlat, and continue.
1127 */
1128static xlat_action_t xlat_logical_process_arg(UNUSED TALLOC_CTX *ctx, UNUSED fr_dcursor_t *out,
1129 xlat_ctx_t const *xctx,
1130 request_t *request, UNUSED fr_value_box_list_t *in)
1131{
1132 xlat_logical_inst_t const *inst = talloc_get_type_abort_const(xctx->inst, xlat_logical_inst_t);
1133 xlat_logical_rctx_t *rctx = talloc_get_type_abort(xctx->rctx, xlat_logical_rctx_t);
1134
1135 /*
1136 * Push the xlat onto the stack for expansion.
1137 */
1138 if (unlang_xlat_yield(request, inst->callback, NULL, 0, rctx) != XLAT_ACTION_YIELD) {
1139 fail:
1140 talloc_free(rctx->box);
1141 talloc_free(rctx);
1142 return XLAT_ACTION_FAIL;
1143 }
1144
1145 if (unlang_xlat_push(rctx, &rctx->last_result, &rctx->list,
1146 request, inst->argv[rctx->current], UNLANG_SUB_FRAME) < 0) goto fail;
1147
1148 return XLAT_ACTION_PUSH_UNLANG;
1149}
1150
1151/** See if the input is truthy or not.
1152 *
1153 * @param[in] rctx our ctx
1154 * @param[in] in list of value-boxes to check
1155 * @return
1156 * - false if there are no truthy values. The last box is copied to the rctx.
1157 * This is to allow us to return default values which may not be truthy,
1158 * e.g. %{&Counter || 0} or %{&Framed-IP-Address || 0.0.0.0}.
1159 * If we don't copy the last box to the rctx, the expression just returns NULL
1160 * which is never useful...
1161 * - true if we find a truthy value. The first truthy box is copied to the rctx.
1162 *
1163 * Empty lists are not truthy.
1164 */
1165static bool xlat_logical_or(xlat_logical_rctx_t *rctx, fr_value_box_list_t const *in)
1166{
1167 fr_value_box_t *last = NULL;
1168 bool ret = false;
1169
1170 /*
1171 * Empty lists are !truthy.
1172 */
1173 if (!fr_value_box_list_num_elements(in)) return false;
1174
1175 /*
1176 * Loop over the input list. We CANNOT do groups.
1177 */
1178 fr_value_box_list_foreach(in, box) {
1179 fr_assert(fr_type_is_leaf(box->type) || fr_type_is_null(box->type));
1180
1181 last = box;
1182
1183 /*
1184 * Remember the last box we found.
1185 *
1186 * If it's truthy, then we stop immediately.
1187 */
1188 if (fr_value_box_is_truthy(box)) {
1189 ret = true;
1190 break;
1191 }
1192 }
1193
1194 if (!rctx->box) {
1195 MEM(rctx->box = fr_value_box_alloc_null(rctx->ctx));
1196 } else {
1197 fr_value_box_clear(rctx->box);
1198 }
1199 if (last && !fr_cond_assert(fr_value_box_copy(rctx->box, rctx->box, last) == 0)) return false;
1200
1201 return ret;
1202}
1203
1204/*
1205 * We've evaluated an expression. Let's see if we need to continue with ||
1206 */
1207static xlat_action_t xlat_logical_or_resume(TALLOC_CTX *ctx, fr_dcursor_t *out,
1208 xlat_ctx_t const *xctx,
1209 request_t *request, fr_value_box_list_t *in)
1210{
1211 xlat_logical_inst_t const *inst = talloc_get_type_abort_const(xctx->inst, xlat_logical_inst_t);
1212 xlat_logical_rctx_t *rctx = talloc_get_type_abort(xctx->rctx, xlat_logical_rctx_t);
1213 bool match;
1214
1215 /*
1216 * If the expansions fails, then we fail the entire thing.
1217 */
1218 if (!XLAT_RESULT_SUCCESS(&rctx->last_result)) {
1219 talloc_free(rctx->box);
1220 talloc_free(rctx);
1221 return XLAT_ACTION_FAIL;
1222 }
1223
1224 /*
1225 * Recursively check groups. i.e. we effectively flatten each list.
1226 *
1227 * (a, b, c) || (d, e, f) == a || b || c || d || e || f
1228 */
1229 match = xlat_logical_or(rctx, &rctx->list);
1230 if (match) goto done;
1231
1232 fr_value_box_list_talloc_free(&rctx->list);
1233
1234 rctx->current++;
1235
1236 /*
1237 * Nothing to expand, return the final value we saw.
1238 */
1239 if (rctx->current >= inst->argc) {
1240 /*
1241 * Otherwise we stop on failure, with the boolean
1242 * we just updated.
1243 */
1244 done:
1245 if (rctx->box) fr_dcursor_append(out, rctx->box);
1246
1247 talloc_free(rctx);
1248 return XLAT_ACTION_DONE;
1249 }
1250
1251 return xlat_logical_process_arg(ctx, out, xctx, request, in);
1252}
1253
1254/** See if the input is truthy or not.
1255 *
1256 * @param[in] rctx our ctx
1257 * @param[in] in list of value-boxes to check
1258 * @return
1259 * - false on failure
1260 * - true for match, with dst updated to contain the relevant box.
1261 *
1262 * Empty lists are not truthy.
1263 */
1264static bool xlat_logical_and(xlat_logical_rctx_t *rctx, fr_value_box_list_t const *in)
1265{
1266 fr_value_box_t *found = NULL;
1267
1268 /*
1269 * Empty lists are !truthy.
1270 */
1271 if (!fr_value_box_list_num_elements(in)) return false;
1272
1273 /*
1274 * Loop over the input list. We CANNOT do groups.
1275 */
1276 fr_value_box_list_foreach(in, box) {
1277 fr_assert(fr_type_is_leaf(box->type));
1278
1279 /*
1280 * Remember the last box we found.
1281 *
1282 * If it's truthy, then we keep going either
1283 * until the end, or until we get a "false".
1284 */
1285 if (fr_value_box_is_truthy(box)) {
1286 found = box;
1287 continue;
1288 }
1289
1290 /*
1291 * Stop on the first "false"
1292 */
1293 return false;
1294 }
1295
1296 if (!found) return false;
1297
1298 if (!rctx->box) {
1299 MEM(rctx->box = fr_value_box_alloc_null(rctx));
1300 } else {
1301 fr_value_box_clear(rctx->box);
1302 }
1303 if (!fr_cond_assert(fr_value_box_copy(rctx->box, rctx->box, found) == 0)) return false;
1304
1305 return true;
1306}
1307
1308/*
1309 * We've evaluated an expression. Let's see if we need to continue with &&
1310 */
1311static xlat_action_t xlat_logical_and_resume(TALLOC_CTX *ctx, fr_dcursor_t *out,
1312 xlat_ctx_t const *xctx,
1313 request_t *request, fr_value_box_list_t *in)
1314{
1315 xlat_logical_inst_t const *inst = talloc_get_type_abort_const(xctx->inst, xlat_logical_inst_t);
1316 xlat_logical_rctx_t *rctx = talloc_get_type_abort(xctx->rctx, xlat_logical_rctx_t);
1317 bool match;
1318
1319 /*
1320 * If the expansions fails, then we fail the entire thing.
1321 */
1322 if (!XLAT_RESULT_SUCCESS(&rctx->last_result)) {
1323 talloc_free(rctx->box);
1324 talloc_free(rctx);
1325 return XLAT_ACTION_FAIL;
1326 }
1327
1328 /*
1329 * Recursively check groups. i.e. we effectively flatten each list.
1330 *
1331 * (a, b, c) && (d, e, f) == a && b && c && d && e && f
1332 */
1333 match = xlat_logical_and(rctx, &rctx->list);
1334 if (!match) {
1335 TALLOC_FREE(rctx->box); /* parented from ctx */
1336 goto done;
1337 }
1338
1339 fr_value_box_list_talloc_free(&rctx->list);
1340
1341 rctx->current++;
1342
1343 /*
1344 * Nothing to expand, return the final value we saw.
1345 */
1346 if (rctx->current >= inst->argc) {
1347 /*
1348 * Otherwise we stop on failure, with the boolean
1349 * we just updated.
1350 */
1351 fr_assert(rctx->box != NULL);
1352 fr_dcursor_append(out, rctx->box);
1353
1354 done:
1355 talloc_free(rctx);
1356 return XLAT_ACTION_DONE;
1357 }
1358
1359 return xlat_logical_process_arg(ctx, out, xctx, request, in);
1360}
1361
1362/*
1363 * Each argument is it's own head, because we do NOT always want
1364 * to go to the next argument.
1365 */
1366static int xlat_instantiate_logical(xlat_inst_ctx_t const *xctx)
1367{
1368 xlat_logical_inst_t *inst = talloc_get_type_abort(xctx->inst, xlat_logical_inst_t);
1369
1370 inst->argc = xlat_flatten_to_argv(inst, &inst->argv, xctx->ex->call.args);
1371 if (xctx->ex->call.func->token == T_LOR) {
1372 inst->callback = xlat_logical_or_resume;
1373 inst->stop_on_match = true;
1374 } else {
1375 inst->callback = xlat_logical_and_resume;
1376 inst->stop_on_match = false;
1377 }
1378
1379 return 0;
1380}
1381
1382
1383/** Process logical &&, ||
1384 *
1385 */
1386static xlat_action_t xlat_func_logical(TALLOC_CTX *ctx, fr_dcursor_t *out,
1387 xlat_ctx_t const *xctx,
1388 request_t *request, fr_value_box_list_t *in)
1389{
1390 xlat_logical_rctx_t *rctx;
1391 xlat_logical_inst_t const *inst = talloc_get_type_abort_const(xctx->inst, xlat_logical_inst_t);
1392
1393 MEM(rctx = talloc_zero(unlang_interpret_frame_talloc_ctx(request), xlat_logical_rctx_t));
1394 rctx->ctx = ctx;
1395 rctx->current = 0;
1396
1397 if (inst->stop_on_match) {
1398 rctx->box = NULL;
1399 } else {
1400 MEM(rctx->box = fr_value_box_alloc(ctx, FR_TYPE_BOOL, attr_expr_bool_enum));
1401 rctx->box->vb_bool = true;
1402 }
1403 fr_value_box_list_init(&rctx->list);
1404
1405 (UNCONST(xlat_ctx_t *, xctx))->rctx = rctx; /* ensure it's there before a resume! */
1406
1407 return xlat_logical_process_arg(ctx, out, xctx, request, in);
1408}
1409
1410
1411static xlat_arg_parser_t const unary_op_xlat_args[] = {
1412 { .required = true, .single = true, .concat = true },
1413 XLAT_ARG_PARSER_TERMINATOR
1414};
1415
1416static xlat_action_t xlat_func_unary_op(TALLOC_CTX *ctx, fr_dcursor_t *out,
1417 UNUSED xlat_ctx_t const *xctx,
1418 request_t *request, fr_value_box_list_t *in, fr_token_t op)
1419{
1420 int rcode;
1421 fr_value_box_t *dst, *group, *vb;
1422
1423 /*
1424 * We do some basic type checks here.
1425 */
1426 group = fr_value_box_list_head(in);
1427 vb = fr_value_box_list_head(&group->vb_group);
1428
1429 /*
1430 * -NULL is an error
1431 * ~NULL is an error
1432 * !NULL is handled by xlat_func_unary_not
1433 */
1434 if (!vb) {
1435 fr_strerror_printf("Input is empty");
1436 return XLAT_ACTION_FAIL;
1437 }
1438
1439 if (!fr_type_is_leaf(vb->type) || fr_type_is_variable_size(vb->type)) {
1440 REDEBUG("Cannot perform operation on data type %s", fr_type_to_str(vb->type));
1441 return XLAT_ACTION_FAIL;
1442 }
1443
1444 MEM(dst = fr_value_box_alloc_null(ctx));
1445
1446 /*
1447 * We rely on this function to do the remainder of the type checking.
1448 */
1449 rcode = fr_value_calc_unary_op(dst, dst, op, vb);
1450 if ((rcode < 0) || fr_type_is_null(dst->type)) {
1451 talloc_free(dst);
1452 return XLAT_ACTION_FAIL;
1453 }
1454
1455 fr_dcursor_append(out, dst);
1456 return XLAT_ACTION_DONE;
1457}
1458
1459
1460static xlat_action_t xlat_func_unary_not(TALLOC_CTX *ctx, fr_dcursor_t *out,
1461 UNUSED xlat_ctx_t const *xctx,
1462 UNUSED request_t *request, fr_value_box_list_t *in)
1463{
1464 fr_value_box_t *dst, *group, *vb;
1465
1466 group = fr_value_box_list_head(in);
1467 vb = fr_value_box_list_head(&group->vb_group);
1468
1469 /*
1470 * Don't call calc_unary_op(), because we want the enum names.
1471 */
1472 MEM(dst = fr_value_box_alloc(ctx, FR_TYPE_BOOL, attr_expr_bool_enum));
1473
1474 /*
1475 * !NULL = true
1476 */
1477 if (!vb) {
1478 dst->vb_bool = true;
1479 } else {
1480 dst->vb_bool = !fr_value_box_is_truthy(vb);
1481 }
1482
1483 fr_dcursor_append(out, dst);
1484 return XLAT_ACTION_DONE;
1485}
1486
1487static xlat_action_t xlat_func_unary_minus(TALLOC_CTX *ctx, fr_dcursor_t *out,
1488 xlat_ctx_t const *xctx,
1489 request_t *request, fr_value_box_list_t *in)
1490{
1491 return xlat_func_unary_op(ctx, out, xctx, request, in, T_SUB);
1492}
1493
1494static xlat_action_t xlat_func_unary_complement(TALLOC_CTX *ctx, fr_dcursor_t *out,
1495 xlat_ctx_t const *xctx,
1496 request_t *request, fr_value_box_list_t *in)
1497{
1498 return xlat_func_unary_op(ctx, out, xctx, request, in, T_COMPLEMENT);
1499}
1500
1501static xlat_arg_parser_t const xlat_func_expr_rcode_arg[] = {
1502 { .concat = true, .type = FR_TYPE_STRING },
1503 XLAT_ARG_PARSER_TERMINATOR
1504};
1505
1506/** Holds the result of pre-parsing the rcode on startup
1507 */
1508typedef struct {
1509 rlm_rcode_t rcode; //!< The preparsed rcode.
1510} xlat_rcode_inst_t;
1511
1512/** Convert static expr_rcode arguments into rcodes
1513 *
1514 * This saves doing the lookup at runtime, which given how frequently this xlat is used
1515 * could get quite expensive.
1516 */
1517static int xlat_instantiate_expr_rcode(xlat_inst_ctx_t const *xctx)
1518{
1519 xlat_rcode_inst_t *inst = talloc_get_type_abort(xctx->inst, xlat_rcode_inst_t);
1520 xlat_exp_t *arg;
1521 xlat_exp_t *rcode_arg;
1522 fr_value_box_t *rcode;
1523
1524 /*
1525 * If it's literal data, then we can pre-resolve it to
1526 * a rcode now, and skip that at runtime.
1527 */
1528 arg = xlat_exp_head(xctx->ex->call.args);
1529 fr_assert(arg->type == XLAT_GROUP);
1530
1531 /*
1532 * We can only pre-parse if this if the value is
1533 * in a single box...
1534 */
1535 if (fr_dlist_num_elements(&arg->group->dlist) != 1) return 0;
1536 rcode_arg = xlat_exp_head(arg->group);
1537
1538 /*
1539 * We can only pre-parse is this is a static value.
1540 */
1541 if (rcode_arg->type != XLAT_BOX) return 0;
1542
1543 rcode = &rcode_arg->data;
1544
1545 switch (rcode->type) {
1546 case FR_TYPE_STRING:
1547 inst->rcode = fr_table_value_by_str(rcode_table, rcode->vb_strvalue, RLM_MODULE_NOT_SET);
1548 if (inst->rcode == RLM_MODULE_NOT_SET) {
1549 unknown:
1550 ERROR("Unknown rcode '%pV'", rcode);
1551 return -1;
1552 }
1553 break;
1554
1555 case FR_TYPE_INT8:
1556 case FR_TYPE_INT16:
1557 case FR_TYPE_INT32:
1558 case FR_TYPE_INT64:
1559 case FR_TYPE_UINT16:
1560 case FR_TYPE_UINT32:
1561 case FR_TYPE_UINT64:
1562 case FR_TYPE_SIZE:
1563 if (fr_value_box_cast_in_place(rcode_arg, rcode, FR_TYPE_UINT8, NULL) < 0) {
1564 invalid:
1565 ERROR("Invalid value for rcode '%pV'", rcode);
1566 return -1;
1567 }
1568 FALL_THROUGH;
1569
1570 case FR_TYPE_UINT8:
1571 if (rcode->vb_uint8 >= RLM_MODULE_NUMCODES) goto invalid;
1572 inst->rcode = rcode->vb_uint8;
1573 break;
1574
1575 default:
1576 goto unknown;
1577 }
1578
1579 /*
1580 * No point in creating useless boxes at runtime,
1581 * nuke the argument now.
1582 */
1583 (void) fr_dlist_remove(&xctx->ex->call.args->dlist, arg);
1584 talloc_free(arg);
1585
1586 return 0;
1587}
1588
1589static fr_slen_t xlat_expr_print_rcode(fr_sbuff_t *out, xlat_exp_t const *node, void *instance, UNUSED fr_sbuff_escape_rules_t const *e_rules)
1590{
1591 size_t at_in = fr_sbuff_used_total(out);
1592 xlat_rcode_inst_t *inst = instance;
1593
1594 FR_SBUFF_IN_STRCPY_LITERAL_RETURN(out, "%interpreter.rcode('");
1595 if (xlat_exp_head(node->call.args)) {
1596 ssize_t slen;
1597
1598 xlat_exp_foreach(node->call.args, child) {
1599 slen = xlat_print_node(out, node->call.args, child, NULL, 0);
1600 if (slen < 0) return slen;
1601 }
1602 } else {
1603 FR_SBUFF_IN_STRCPY_RETURN(out, fr_table_str_by_value(rcode_table, inst->rcode, "<INVALID>"));
1604 }
1605 FR_SBUFF_IN_STRCPY_LITERAL_RETURN(out, "')");
1606
1607 return fr_sbuff_used_total(out) - at_in;
1608}
1609
1610/** Match the passed rcode against request->rcode
1611 *
1612 * Example:
1613@verbatim
1614%interpreter.rcode('handled') == true
1615
1616# ...or how it's used normally used
1617if (handled) {
1618 ...
1619}
1620@endverbatim
1621 *
1622 * @ingroup xlat_functions
1623 */
1624static xlat_action_t xlat_func_expr_rcode(TALLOC_CTX *ctx, fr_dcursor_t *out,
1625 xlat_ctx_t const *xctx,
1626 request_t *request, fr_value_box_list_t *args)
1627{
1628 xlat_rcode_inst_t const *inst = talloc_get_type_abort_const(xctx->inst, xlat_rcode_inst_t);
1629 fr_value_box_t *arg_rcode;
1630 rlm_rcode_t rcode;
1631 fr_value_box_t *vb;
1632
1633 /*
1634 * If we have zero args, it's because the instantiation
1635 * function consumed them. Unless the user read the debug
1636 * output, and tried to see what the rcode is, in case we
1637 */
1638 if (fr_value_box_list_num_elements(args) == 0) {
1639 if (inst->rcode == RLM_MODULE_NOT_SET) {
1640 RDEBUG("Request rcode is '%s'",
1641 fr_table_str_by_value(rcode_table, request->rcode, "<INVALID>"));
1642 return XLAT_ACTION_DONE;
1643 }
1644
1645 rcode = inst->rcode;
1646 } else {
1647 XLAT_ARGS(args, &arg_rcode);
1648 rcode = fr_table_value_by_str(rcode_table, arg_rcode->vb_strvalue, RLM_MODULE_NOT_SET);
1649 if (rcode == RLM_MODULE_NOT_SET) {
1650 REDEBUG("Invalid rcode '%pV'", arg_rcode);
1651 return XLAT_ACTION_FAIL;
1652 }
1653 }
1654
1655 RDEBUG3("Request rcode is '%s'",
1656 fr_table_str_by_value(rcode_table, request->rcode, "<INVALID>"));
1657
1658 MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_BOOL, attr_expr_bool_enum));
1659 fr_dcursor_append(out, vb);
1660 vb->vb_bool = (request->rcode == rcode);
1661
1662 return XLAT_ACTION_DONE;
1663}
1664
1665/** Takes no arguments
1666 */
1667static xlat_arg_parser_t const xlat_func_rcode_arg[] = {
1668 XLAT_ARG_PARSER_TERMINATOR, /* Coverity gets tripped up by only having a single entry here */
1669 XLAT_ARG_PARSER_TERMINATOR
1670};
1671
1672/** Return the current rcode as a string
1673 *
1674 * Example:
1675@verbatim
1676"%rcode()" == "handled"
1677@endverbatim
1678 *
1679 * @ingroup xlat_functions
1680 */
1681static xlat_action_t xlat_func_rcode(TALLOC_CTX *ctx, fr_dcursor_t *out,
1682 UNUSED xlat_ctx_t const *xctx,
1683 request_t *request, UNUSED fr_value_box_list_t *args)
1684{
1685 fr_value_box_t *vb;
1686
1687 /*
1688 * FIXME - This should really be an enum
1689 */
1690 MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_STRING, NULL));
1691 if (fr_value_box_strdup(vb, vb, NULL, fr_table_str_by_value(rcode_table, request->rcode, "<INVALID>"), false) < 0) {
1692 talloc_free(vb);
1693 return XLAT_ACTION_FAIL;
1694 }
1695 fr_dcursor_append(out, vb);
1696
1697 return XLAT_ACTION_DONE;
1698}
1699
1700typedef struct {
1701 tmpl_t const *vpt; //!< the attribute reference
1702} xlat_exists_inst_t;
1703
1708
1709/*
1710 * We just print the node as-is.
1711 */
1712static fr_slen_t xlat_expr_print_exists(fr_sbuff_t *out, xlat_exp_t const *node, void *instance, fr_sbuff_escape_rules_t const *e_rules)
1713{
1714 size_t at_in = fr_sbuff_used_total(out);
1715 xlat_exists_inst_t *inst = instance;
1716
1717 if (inst->vpt) {
1718 FR_SBUFF_IN_STRCPY_RETURN(out, inst->vpt->name);
1719 } else {
1720 xlat_print_node(out, node->call.args, xlat_exp_head(node->call.args), e_rules, 0);
1721 }
1722
1723 return fr_sbuff_used_total(out) - at_in;
1724}
1725
1726/*
1727 * Don't expand the argument if it's already an attribute reference.
1728 */
1729static int xlat_instantiate_exists(xlat_inst_ctx_t const *xctx)
1730{
1731 xlat_exists_inst_t *inst = talloc_get_type_abort(xctx->inst, xlat_exists_inst_t);
1732 xlat_exp_t *arg, *node;
1733
1734 arg = xlat_exp_head(xctx->ex->call.args);
1735
1736 fr_assert(arg->type == XLAT_GROUP);
1737 node = xlat_exp_head(arg->group);
1738
1739 /*
1740 * @todo - add an escape callback to this xlat
1741 * registration, so that it can take untrusted inputs.
1742 */
1743 if ((node->type != XLAT_TMPL) || !tmpl_contains_attr(node->vpt)) {
1744 fr_strerror_const("The %exists() function can only be used internally");
1745 return -1;
1746 }
1747
1748 inst->vpt = talloc_steal(inst, node->vpt);
1749
1750 /*
1751 * Free the input arguments so that they don't get expanded.
1752 */
1753 while ((arg = fr_dlist_pop_head(&xctx->ex->call.args->dlist)) != NULL) {
1754 talloc_free(arg);
1755 }
1756
1757 return 0;
1758}
1759
1760static xlat_action_t xlat_attr_exists(TALLOC_CTX *ctx, fr_dcursor_t *out,
1761 request_t *request, tmpl_t const *vpt, bool do_free)
1762{
1763 fr_pair_t *vp;
1764 fr_value_box_t *dst;
1765 fr_dcursor_t cursor;
1766 tmpl_dcursor_ctx_t cc;
1767
1768 MEM(dst = fr_value_box_alloc(ctx, FR_TYPE_BOOL, attr_expr_bool_enum));
1769
1770 vp = tmpl_dcursor_init(NULL, NULL, &cc, &cursor, request, vpt);
1771 dst->vb_bool = (vp != NULL);
1772
1773 if (do_free) talloc_const_free(vpt);
1774 tmpl_dcursor_clear(&cc);
1775 fr_dcursor_append(out, dst);
1776 return XLAT_ACTION_DONE;
1777}
1778
1779/** See if a named attribute exists
1780 *
1781 * Example:
1782@verbatim
1783"%{exists:&Foo}" == true
1784@endverbatim
1785 *
1786 * @ingroup xlat_functions
1787 */
1788static xlat_action_t xlat_func_exists(TALLOC_CTX *ctx, fr_dcursor_t *out,
1789 xlat_ctx_t const *xctx,
1790 request_t *request, UNUSED fr_value_box_list_t *in)
1791{
1792 xlat_exists_inst_t const *inst = talloc_get_type_abort_const(xctx->inst, xlat_exists_inst_t);
1793
1794 /*
1795 * We return "true" if the attribute exists. Otherwise we return "false".
1796 */
1797 fr_assert(inst->vpt);
1798
1799 return xlat_attr_exists(ctx, out, request, inst->vpt, false);
1800}
1801
1802#undef XLAT_REGISTER_BINARY_OP
1803#define XLAT_REGISTER_BINARY_OP(_op, _name) \
1804do { \
1805 if (unlikely((xlat = xlat_func_register(NULL, "op_" STRINGIFY(_name), xlat_func_op_ ## _name, FR_TYPE_VOID)) == NULL)) return -1; \
1806 xlat_func_args_set(xlat, binary_op_xlat_args); \
1807 xlat_func_flags_set(xlat, XLAT_FUNC_FLAG_PURE | XLAT_FUNC_FLAG_INTERNAL); \
1808 xlat_func_print_set(xlat, xlat_expr_print_binary); \
1809 xlat->token = _op; \
1810} while (0)
1811
1812#undef XLAT_REGISTER_BINARY_CMP
1813#define XLAT_REGISTER_BINARY_CMP(_op, _name) \
1814do { \
1815 if (unlikely((xlat = xlat_func_register(NULL, "cmp_" STRINGIFY(_name), xlat_func_cmp_ ## _name, FR_TYPE_BOOL)) == NULL)) return -1; \
1816 xlat_func_args_set(xlat, binary_cmp_xlat_args); \
1817 xlat_func_flags_set(xlat, XLAT_FUNC_FLAG_PURE | XLAT_FUNC_FLAG_INTERNAL); \
1818 xlat_func_print_set(xlat, xlat_expr_print_binary); \
1819 xlat_func_resolve_set(xlat, xlat_expr_resolve_binary); \
1820 xlat->token = _op; \
1821} while (0)
1822
1823#undef XLAT_REGISTER_NARY_OP
1824#define XLAT_REGISTER_NARY_OP(_op, _name, _func_name) \
1825do { \
1826 if (unlikely((xlat = xlat_func_register(NULL, STRINGIFY(_name), xlat_func_ ## _func_name, FR_TYPE_VOID)) == NULL)) return -1; \
1827 xlat_func_instantiate_set(xlat, xlat_instantiate_ ## _func_name, xlat_ ## _func_name ## _inst_t, NULL, NULL); \
1828 xlat_func_flags_set(xlat, XLAT_FUNC_FLAG_PURE | XLAT_FUNC_FLAG_INTERNAL); \
1829 xlat_func_print_set(xlat, xlat_expr_print_nary); \
1830 xlat_purify_func_set(xlat, xlat_expr_logical_purify); \
1831 xlat->token = _op; \
1832} while (0)
1833
1834#undef XLAT_REGISTER_REGEX_OP
1835#define XLAT_REGISTER_REGEX_OP(_op, _name) \
1836do { \
1837 if (unlikely((xlat = xlat_func_register(NULL, STRINGIFY(_name), xlat_func_ ## _name, FR_TYPE_BOOL)) == NULL)) return -1; \
1838 xlat_func_args_set(xlat, regex_op_xlat_args); \
1839 xlat_func_flags_set(xlat, XLAT_FUNC_FLAG_PURE | XLAT_FUNC_FLAG_INTERNAL); \
1840 xlat_func_instantiate_set(xlat, xlat_instantiate_regex, xlat_regex_inst_t, NULL, NULL); \
1841 xlat_func_print_set(xlat, xlat_expr_print_regex); \
1842 xlat->token = _op; \
1843} while (0)
1844
1845#define XLAT_REGISTER_BOOL(_xlat, _func, _arg, _ret_type) \
1846do { \
1847 if (unlikely((xlat = xlat_func_register(NULL, _xlat, _func, _ret_type)) == NULL)) return -1; \
1848 xlat_func_args_set(xlat, _arg); \
1849 xlat_func_flags_set(xlat, XLAT_FUNC_FLAG_INTERNAL); \
1850} while (0)
1851
1852#define XLAT_REGISTER_UNARY(_op, _xlat, _func) \
1853do { \
1854 if (unlikely((xlat = xlat_func_register(NULL, _xlat, _func, FR_TYPE_VOID)) == NULL)) return -1; \
1855 xlat_func_args_set(xlat, unary_op_xlat_args); \
1856 xlat_func_flags_set(xlat, XLAT_FUNC_FLAG_PURE | XLAT_FUNC_FLAG_INTERNAL); \
1857 xlat_func_print_set(xlat, xlat_expr_print_unary); \
1858 xlat->token = _op; \
1859} while (0)
1860
1861int xlat_register_expressions(void)
1862{
1863 xlat_t *xlat;
1864
1865 XLAT_REGISTER_BINARY_OP(T_ADD, add);
1866 XLAT_REGISTER_BINARY_OP(T_SUB, sub);
1867 XLAT_REGISTER_BINARY_OP(T_MUL, mul);
1868 XLAT_REGISTER_BINARY_OP(T_DIV, div);
1869 XLAT_REGISTER_BINARY_OP(T_MOD, mod);
1870 XLAT_REGISTER_BINARY_OP(T_AND, and);
1871 XLAT_REGISTER_BINARY_OP(T_OR, or);
1872 XLAT_REGISTER_BINARY_OP(T_XOR, xor);
1873 XLAT_REGISTER_BINARY_OP(T_RSHIFT, rshift);
1874 XLAT_REGISTER_BINARY_OP(T_LSHIFT, lshift);
1875
1876 XLAT_REGISTER_BINARY_CMP(T_OP_CMP_EQ, eq);
1877 XLAT_REGISTER_BINARY_CMP(T_OP_NE, ne);
1878 XLAT_REGISTER_BINARY_CMP(T_OP_LT, lt);
1879 XLAT_REGISTER_BINARY_CMP(T_OP_LE, le);
1880 XLAT_REGISTER_BINARY_CMP(T_OP_GT, gt);
1881 XLAT_REGISTER_BINARY_CMP(T_OP_GE, ge);
1882 XLAT_REGISTER_BINARY_CMP(T_OP_CMP_EQ_TYPE, eq_type);
1883 XLAT_REGISTER_BINARY_CMP(T_OP_CMP_NE_TYPE, ne_type);
1884
1885 XLAT_REGISTER_REGEX_OP(T_OP_REG_EQ, reg_eq);
1886 XLAT_REGISTER_REGEX_OP(T_OP_REG_NE, reg_ne);
1887
1888 if (unlikely((xlat = xlat_func_register(NULL, "regex.search", xlat_func_regex_search, FR_TYPE_BOOL)) == NULL)) return -1;
1889 xlat_func_args_set(xlat, regex_search_xlat_args);
1890 xlat_func_flags_set(xlat, XLAT_FUNC_FLAG_PURE);
1891
1892 /*
1893 * &&, ||
1894 *
1895 * @todo - remove tmpl_resolve() from tokenize_field(), and add xlat_resolve_logical_or() / xlat_resolve_logical_and()
1896 * functions which do partial resolution.
1897 */
1898 XLAT_REGISTER_NARY_OP(T_LAND, logical_and, logical);
1899 XLAT_REGISTER_NARY_OP(T_LOR, logical_or, logical);
1900
1901 XLAT_REGISTER_BOOL("interpreter.rcode", xlat_func_expr_rcode, xlat_func_expr_rcode_arg, FR_TYPE_BOOL);
1902 xlat_func_instantiate_set(xlat, xlat_instantiate_expr_rcode, xlat_rcode_inst_t, NULL, NULL);
1903 xlat_func_print_set(xlat, xlat_expr_print_rcode);
1904
1905 XLAT_REGISTER_BOOL("expr.rcode", xlat_func_expr_rcode, xlat_func_expr_rcode_arg, FR_TYPE_BOOL);
1906 xlat->deprecated = true;
1907 xlat_func_instantiate_set(xlat, xlat_instantiate_expr_rcode, xlat_rcode_inst_t, NULL, NULL);
1908 xlat_func_print_set(xlat, xlat_expr_print_rcode);
1909
1910 XLAT_REGISTER_BOOL("exists", xlat_func_exists, xlat_func_exists_arg, FR_TYPE_BOOL);
1911 xlat_func_instantiate_set(xlat, xlat_instantiate_exists, xlat_exists_inst_t, NULL, NULL);
1912 xlat_func_print_set(xlat, xlat_expr_print_exists);
1913 xlat_func_flags_set(xlat, XLAT_FUNC_FLAG_INTERNAL);
1914
1915 if (unlikely((xlat = xlat_func_register(NULL, "rcode", xlat_func_rcode, FR_TYPE_STRING)) == NULL)) return -1;
1916 xlat_func_args_set(xlat, xlat_func_rcode_arg);
1917 xlat_func_flags_set(xlat, XLAT_FUNC_FLAG_INTERNAL);
1918
1919 /*
1920 * -EXPR
1921 * ~EXPR
1922 * !EXPR
1923 */
1924 XLAT_REGISTER_UNARY(T_SUB, "unary_minus", xlat_func_unary_minus);
1925 XLAT_REGISTER_UNARY(T_COMPLEMENT, "unary_complement", xlat_func_unary_complement);
1926 XLAT_REGISTER_UNARY(T_NOT, "unary_not", xlat_func_unary_not);
1927
1928 return 0;
1929}
1930
1931/*
1932 * Must use the same names as above.
1933 */
1934static const fr_sbuff_term_elem_t binary_ops[T_TOKEN_LAST] = {
1935 [ T_ADD ] = L("op_add"),
1936 [ T_SUB ] = L("op_sub"),
1937 [ T_MUL ] = L("op_mul"),
1938 [ T_DIV ] = L("op_div"),
1939 [ T_MOD ] = L("op_mod"),
1940 [ T_AND ] = L("op_and"),
1941 [ T_OR ] = L("op_or"),
1942 [ T_XOR ] = L("op_xor"),
1943 [ T_RSHIFT ] = L("op_rshift"),
1944 [ T_LSHIFT ] = L("op_lshift"),
1945
1946 [ T_LAND ] = L("logical_and"),
1947 [ T_LOR ] = L("logical_or"),
1948
1949 [ T_OP_CMP_EQ ] = L("cmp_eq"),
1950 [ T_OP_NE ] = L("cmp_ne"),
1951 [ T_OP_LT ] = L("cmp_lt"),
1952 [ T_OP_LE ] = L("cmp_le"),
1953 [ T_OP_GT ] = L("cmp_gt"),
1954 [ T_OP_GE ] = L("cmp_ge"),
1955
1956 [ T_OP_CMP_EQ_TYPE ] = L("cmp_eq_type"),
1957 [ T_OP_CMP_NE_TYPE ] = L("cmp_ne_type"),
1958
1959 [ T_OP_REG_EQ ] = L("reg_eq"),
1960 [ T_OP_REG_NE ] = L("reg_ne"),
1961};
1962
1963/*
1964 * Which are logical operations
1965 */
1966static const bool logical_ops[T_TOKEN_LAST] = {
1967 [T_LAND] = true,
1968 [T_LOR] = true,
1969};
1970
1971/*
1972 * These operators can take multiple arguments.
1973 *
1974 * @todo - include T_ADD, T_SUB, T_MUL, T_AND, T_OR, T_XOR, here too.
1975 *
1976 * This array should contain a function pointer to the code which either appends the results, or does
1977 * peephole optimizations to merge the arguments together. This merging will reduce run-time effort.
1978 */
1979static const bool multivalue_ops[T_TOKEN_LAST] = {
1980 [T_LAND] = true,
1981 [T_LOR] = true,
1982};
1983
1984/*
1985 * Allow for BEDMAS ordering. Gross ordering is first number,
1986 * fine ordering is second number. Unused operators are assigned as zero.
1987 *
1988 * Larger numbers are higher precedence.
1989 */
1990#define P(_x, _y) (((_x) << 4) | (_y))
1991
1992static const int precedence[T_TOKEN_LAST] = {
1993 [T_INVALID] = 0,
1994
1995 /*
1996 * Assignment operators go here as P(1,n)
1997 *
1998 * += -= *= /= %= <<= >>= &= ^= |=
1999 *
2000 * We want the output of the assignment operators to be the result of the assignment. This means
2001 * that the assignments can really only be done for simple attributes, and not tmpls with filters
2002 * which select multiple attributes.
2003 *
2004 * Which (for now) means that we likely want to disallow assignments in expressions. That's
2005 * fine, as this isn't C, and we're not sure that it makes sense to do something like:
2006 *
2007 * if ((&foo += 5) > 60) ...
2008 *
2009 * Or maybe it does. Who knows?
2010 */
2011
2012 [T_LOR] = P(2,0),
2013 [T_LAND] = P(2,1),
2014
2015 [T_OR] = P(3,0),
2016 [T_XOR] = P(3,1),
2017 [T_AND] = P(3,2),
2018
2019 [T_OP_REG_EQ] = P(4,0),
2020 [T_OP_REG_NE] = P(4,0),
2021
2022 [T_OP_CMP_EQ] = P(4,1),
2023 [T_OP_NE] = P(4,1),
2024
2025 [T_OP_CMP_EQ_TYPE] = P(4,1),
2026 [T_OP_CMP_NE_TYPE] = P(4,1),
2027
2028 [T_OP_LT] = P(5,0),
2029 [T_OP_LE] = P(5,0),
2030 [T_OP_GT] = P(5,0),
2031 [T_OP_GE] = P(5,0),
2032
2033 [T_RSHIFT] = P(6,0),
2034 [T_LSHIFT] = P(6,0),
2035
2036 [T_SUB] = P(7,0),
2037 [T_ADD] = P(7,1),
2038
2039 [T_MOD] = P(8,0),
2040 [T_MUL] = P(8,1),
2041 [T_DIV] = P(8,2),
2042
2043 [T_LBRACE] = P(10,0),
2044};
2045
2046#define fr_sbuff_skip_whitespace(_x) \
2047 do { \
2048 while (isspace((uint8_t) fr_sbuff_char(_x, '\0'))) fr_sbuff_advance(_x, 1); \
2049 } while (0)
2050
2051static ssize_t tokenize_expression(xlat_exp_head_t *head, xlat_exp_t **out, fr_sbuff_t *in,
2052 fr_sbuff_parse_rules_t const *p_rules, tmpl_rules_t const *t_rules,
2053 fr_token_t prev, fr_sbuff_parse_rules_t const *bracket_rules,
2054 fr_sbuff_parse_rules_t const *input_rules, bool cond) CC_HINT(nonnull(1,2,3,4,5));
2055
2056static ssize_t tokenize_field(xlat_exp_head_t *head, xlat_exp_t **out, fr_sbuff_t *in,
2057 fr_sbuff_parse_rules_t const *p_rules, tmpl_rules_t const *t_rules,
2058 fr_sbuff_parse_rules_t const *bracket_rules, char *out_c, bool cond) CC_HINT(nonnull(1,2,3,4,5));
2059
2060static fr_slen_t tokenize_unary(xlat_exp_head_t *head, xlat_exp_t **out, fr_sbuff_t *in,
2061 fr_sbuff_parse_rules_t const *p_rules, tmpl_rules_t const *t_rules,
2062 fr_sbuff_parse_rules_t const *bracket_rules, char *out_c, bool cond) CC_HINT(nonnull(1,2,3,4,5));
2063
2064static fr_table_num_sorted_t const expr_quote_table[] = {
2065 { L("\""), T_DOUBLE_QUOTED_STRING }, /* Don't re-order, backslash throws off ordering */
2066 { L("'"), T_SINGLE_QUOTED_STRING },
2067 { L("/"), T_SOLIDUS_QUOTED_STRING },
2068 { L("`"), T_BACK_QUOTED_STRING }
2069};
2070static size_t expr_quote_table_len = NUM_ELEMENTS(expr_quote_table);
2071
2072
2073/*
2074 * Look for prefix operators
2075 *
2076 * + = ignore
2077 * - = unary_minus(next)
2078 * ! = unary_not(next)
2079 * ~ = unary_xor(0, next)
2080 * (expr) = recurse, and parse expr
2081 *
2082 * as a special case, <type> is a cast. Which lets us know how
2083 * to parse the next thing we get. Otherwise, parse the thing as
2084 * int64_t.
2085 */
2086static fr_slen_t tokenize_unary(xlat_exp_head_t *head, xlat_exp_t **out, fr_sbuff_t *in,
2087 fr_sbuff_parse_rules_t const *p_rules, tmpl_rules_t const *t_rules,
2088 fr_sbuff_parse_rules_t const *bracket_rules, char *out_c, bool cond)
2089{
2090 xlat_exp_t *node = NULL, *unary = NULL;
2091 xlat_t *func = NULL;
2092 fr_sbuff_t our_in = FR_SBUFF(in);
2093 char c = '\0';
2094
2095 XLAT_DEBUG("UNARY <-- %pV", fr_box_strvalue_len(fr_sbuff_current(in), fr_sbuff_remaining(in)));
2096
2097 /*
2098 * Handle !-~ by adding a unary function to the xlat
2099 * node, with the first argument being the _next_ thing
2100 * we allocate.
2101 */
2102 if (fr_sbuff_next_if_char(&our_in, '!')) { /* unary not */
2103 func = xlat_func_find("unary_not", 9);
2104 fr_assert(func != NULL);
2105 c = '!';
2106 goto check_for_double;
2107
2108 }
2109 else if (fr_sbuff_next_if_char(&our_in, '-')) { /* unary minus */
2110 fr_sbuff_skip_whitespace(&our_in);
2111
2112 /*
2113 * -4 is a number, not minus(4).
2114 */
2115 if (fr_sbuff_is_digit(&our_in)) goto field;
2116
2117 func = xlat_func_find("unary_minus", 11);
2118 fr_assert(func != NULL);
2119 c = '-';
2120 goto check_for_double;
2121
2122 }
2123 else if (fr_sbuff_next_if_char(&our_in, '~')) { /* unary complement */
2124 func = xlat_func_find("unary_complement", 16);
2125 fr_assert(func != NULL);
2126 c = '~';
2127 goto check_for_double;
2128
2129 }
2130 else if (fr_sbuff_next_if_char(&our_in, '+')) { /* ignore unary + */
2131 c = '+';
2132
2133 check_for_double:
2134 fr_sbuff_skip_whitespace(&our_in);
2135 fr_sbuff_skip_whitespace(&our_in);
2136 if (fr_sbuff_is_char(&our_in, c)) {
2137 fr_strerror_const("Double operator is invalid");
2138 FR_SBUFF_ERROR_RETURN(&our_in);
2139 }
2140 }
2141
2142 /*
2143 * Maybe we have a unary not / etc. If so, make sure
2144 * that we return that, and not the child node
2145 */
2146 if (!func) {
2147 field:
2148 return tokenize_field(head, out, in, p_rules, t_rules, bracket_rules, out_c, cond);
2149 }
2150
2151 /*
2152 * Tokenize_field may reset this if the operation is wrapped inside of another expression.
2153 */
2154 *out_c = c;
2155
2156 MEM(unary = xlat_exp_alloc(head, XLAT_FUNC, fr_tokens[func->token], strlen(fr_tokens[func->token])));
2157 xlat_exp_set_func(unary, func, t_rules->attr.dict_def);
2158 MEM(unary->call.args = xlat_exp_head_alloc(unary));
2159 unary->call.args->is_argv = true;
2160
2161 if (tokenize_field(unary->call.args, &node, &our_in, p_rules, t_rules, bracket_rules, out_c, (c == '!')) <= 0) {
2162 talloc_free(unary);
2163 FR_SBUFF_ERROR_RETURN(&our_in);
2164 }
2165
2166 if (!node) {
2167 fr_strerror_const("Empty expressions are invalid");
2168 FR_SBUFF_ERROR_RETURN(&our_in);
2169 }
2170
2171 xlat_func_append_arg(unary, node, (c == '!'));
2172 unary->flags.can_purify = (unary->call.func->flags.pure && unary->call.args->flags.pure) | unary->call.args->flags.can_purify;
2173
2174 /*
2175 * Don't add it to head->flags, that will be done when it's actually inserted.
2176 */
2177
2178 *out = unary;
2179
2180 FR_SBUFF_SET_RETURN(in, &our_in);
2181}
2182
2183/** Allocate a specific cast node.
2184 *
2185 * With the first argument being a UINT8 of the data type.
2186 * See xlat_func_cast() for the implementation.
2187 *
2188 */
2189static xlat_exp_t *expr_cast_alloc(TALLOC_CTX *ctx, fr_type_t type, xlat_exp_t *child)
2190{
2191 xlat_exp_t *cast, *node;
2192 char const *str;
2193
2194 /*
2195 * Create a "cast" node. The first argument is a UINT8 value-box of the cast type. The RHS is
2196 * whatever "node" comes next.
2197 */
2198 MEM(cast = xlat_exp_alloc(ctx, XLAT_FUNC, "cast", 4));
2199 MEM(cast->call.func = xlat_func_find("cast", 4));
2200 // no need to set dict here
2201 fr_assert(cast->call.func != NULL);
2202 cast->flags = cast->call.func->flags;
2203
2204 /*
2205 * Create argv[0] UINT8, with "Cast-Base" as
2206 * the "da". This allows the printing routines
2207 * to print the name of the type, and not the
2208 * number.
2209 */
2210 str = fr_type_to_str(type);
2211 fr_assert(str != NULL);
2212
2213 MEM(node = xlat_exp_alloc(cast, XLAT_BOX, NULL, 0));
2214 xlat_exp_set_name(node, str, strlen(str));
2215
2216 fr_value_box_init(&node->data, FR_TYPE_UINT8, attr_cast_base, false);
2217 node->data.vb_uint8 = type;
2218
2219 xlat_func_append_arg(cast, node, false);
2220 (void) talloc_steal(cast, child);
2221 xlat_func_append_arg(cast, child, false);
2222
2223 return cast;
2224}
2225
2226static fr_slen_t expr_cast_from_substr(fr_type_t *cast, fr_sbuff_t *in)
2227{
2228 fr_sbuff_t our_in = FR_SBUFF(in);
2229 ssize_t slen;
2230
2231 if (!fr_sbuff_next_if_char(&our_in, '(')) {
2232 no_cast:
2233 *cast = FR_TYPE_NULL;
2234 return 0;
2235 }
2236
2237 /*
2238 * Check for an actual data type.
2239 */
2240 fr_sbuff_out_by_longest_prefix(&slen, cast, fr_type_table, &our_in, FR_TYPE_NULL);
2241
2242 /*
2243 * It's not a known data type, so it's not a cast.
2244 */
2245 if (*cast == FR_TYPE_NULL) {
2246 goto no_cast;
2247 }
2248
2249 /*
2250 * We're not allowed to start expressions with data types:
2251 *
2252 * (ipaddr ...
2253 * (ipaddr+...
2254 * (ipaddr(...
2255 */
2256 if (!fr_sbuff_next_if_char(&our_in, ')')) {
2257 if (!fr_sbuff_is_in_charset(&our_in, sbuff_char_word)) {
2258 fr_strerror_printf("Unexpected text after data type '%s'", fr_type_to_str(*cast));
2259 FR_SBUFF_ERROR_RETURN(&our_in);
2260 }
2261
2262 goto no_cast;
2263 }
2264
2265 /*
2266 * We're not allowed to cast to a structural data type: (group)
2267 *
2268 * @todo - maybe cast to structural data type could mean "parse it as a string"? But then where
2269 * do the pairs go..
2270 */
2271 if (!fr_type_is_leaf(*cast)) {
2272 fr_strerror_printf("Invalid structural data type '%s' in cast", fr_type_to_str(*cast));
2273 FR_SBUFF_ERROR_RETURN(&our_in);
2274 }
2275
2276 fr_sbuff_adv_past_whitespace(&our_in, SIZE_MAX, NULL);
2277 FR_SBUFF_SET_RETURN(in, &our_in);
2278}
2279
2280/*
2281 * Tokenize the RHS of a regular expression.
2282 */
2283static fr_slen_t tokenize_regex_rhs(xlat_exp_head_t *head, xlat_exp_t **out, fr_sbuff_t *in,
2284 tmpl_rules_t const *t_rules,
2285 fr_sbuff_parse_rules_t const *bracket_rules)
2286{
2287 ssize_t slen;
2288 xlat_exp_t *node = NULL;
2289 fr_sbuff_t our_in = FR_SBUFF(in);
2290 fr_sbuff_marker_t opand_m, flag;
2291 tmpl_t *vpt;
2292 fr_token_t quote = T_SOLIDUS_QUOTED_STRING;
2293
2294 XLAT_DEBUG("REGEX_RHS <-- %pV", fr_box_strvalue_len(fr_sbuff_current(in), fr_sbuff_remaining(in)));
2295
2296 fr_sbuff_skip_whitespace(&our_in);
2297
2298 /*
2299 * Record where the operand begins for better error offsets later
2300 */
2301 fr_sbuff_marker(&opand_m, &our_in);
2302
2303 /*
2304 * Regexes cannot have casts or sub-expressions.
2305 */
2306 if (!fr_sbuff_next_if_char(&our_in, '/')) {
2307 /*
2308 * Allow for m'...' ala Perl
2309 */
2310 if (!fr_sbuff_is_str(&our_in, "m'", 2)) {
2311 fr_strerror_const("Expected regular expression");
2312 goto error;
2313 }
2314
2315 fr_sbuff_advance(&our_in, 2);
2316 quote = T_SINGLE_QUOTED_STRING;
2317 }
2318
2319 /*
2320 * Allocate the xlat node now so the talloc hierarchy is correct
2321 */
2322 MEM(node = xlat_exp_alloc(head, XLAT_TMPL, NULL, 0));
2323
2324 /*
2325 * tmpl_afrom_substr does pretty much all the work of parsing the operand. Note that we pass '/'
2326 * as the quote, so that the tmpl gets parsed as a regex.
2327 */
2328 (void) tmpl_afrom_substr(node, &vpt, &our_in, T_SOLIDUS_QUOTED_STRING, value_parse_rules_quoted[quote], t_rules);
2329 if (!vpt) {
2330 error:
2331 talloc_free(node);
2332 FR_SBUFF_ERROR_RETURN(&our_in);
2333 }
2334
2335 /*
2336 * @todo - allow for the RHS to be an attribute, too?
2337 */
2338
2339 /*
2340 * It would be nice if tmpl_afrom_substr() did this :(
2341 */
2342 if (!fr_sbuff_next_if_char(&our_in, fr_token_quote[quote])) {
2343 fr_strerror_const("Unterminated regular expression");
2344 goto error;
2345 }
2346
2347 /*
2348 * Remember where the flags start
2349 */
2350 fr_sbuff_marker(&flag, &our_in);
2351 if (tmpl_regex_flags_substr(vpt, &our_in, bracket_rules->terminals) < 0) {
2352 talloc_free(node);
2353 FR_SBUFF_ERROR_RETURN(&our_in);
2354 }
2355
2356 fr_sbuff_skip_whitespace(&our_in);
2357
2358 /*
2359 * Try to compile regular expressions, but only if
2360 * they're not being dynamically expanded.
2361 */
2362 if (!tmpl_contains_xlat(vpt)) {
2363 slen = tmpl_regex_compile(vpt, true);
2364 if (slen <= 0) goto error;
2365 }
2366
2367 node->quote = quote;
2368 xlat_exp_set_vpt(node, vpt);
2369
2370 XLAT_VERIFY(node);
2371 *out = node;
2372
2373 FR_SBUFF_SET_RETURN(in, &our_in);
2374}
2375
2376
2377static ssize_t tokenize_rcode(xlat_exp_head_t *head, xlat_exp_t **out, fr_sbuff_t *in, fr_sbuff_term_t const *terminals)
2378{
2379 rlm_rcode_t rcode;
2380 ssize_t slen;
2381 xlat_t *func;
2382 xlat_exp_t *node, *arg;
2383 fr_sbuff_t our_in = FR_SBUFF(in);
2384
2385 fr_sbuff_out_by_longest_prefix(&slen, &rcode, rcode_table, &our_in, T_BARE_WORD);
2386 if (slen <= 0) return 0;
2387
2388 if (!fr_sbuff_is_terminal(&our_in, terminals)) {
2389 if (!fr_dict_attr_allowed_chars[fr_sbuff_char(&our_in, '\0')]) {
2390 fr_strerror_const("Unexpected text after return code");
2391 FR_SBUFF_ERROR_RETURN(&our_in);
2392 }
2393 return 0;
2394 }
2395
2396 /*
2397 * We do NOT do math on return codes. But these two characters are allowed for attribute names.
2398 * So we don't parse "Invalid-Packet" as "Invalid - packet".
2399 */
2400 if (fr_sbuff_is_char(&our_in, '-') || fr_sbuff_is_char(&our_in, '/')) {
2401 return 0;
2402 }
2403
2404 /*
2405 * @todo - allow for attributes to have the name "ok-foo" ???
2406 */
2407 func = xlat_func_find("interpreter.rcode", -1);
2408 fr_assert(func != NULL);
2409
2410 MEM(node = xlat_exp_alloc(head, XLAT_FUNC, fr_sbuff_start(&our_in), slen));
2411 node->call.func = func;
2412 // no need to set dict here
2413 node->flags = func->flags; /* rcode is impure, but can be calculated statically */
2414
2415 MEM(arg = xlat_exp_alloc(node, XLAT_BOX, fr_sbuff_start(&our_in), slen));
2416
2417 /*
2418 * We need a string for unit tests, but this should really be just a number.
2419 */
2420 fr_value_box_init(&arg->data, FR_TYPE_STRING, NULL, false);
2421 (void) fr_value_box_bstrndup(arg, &arg->data, NULL, fr_sbuff_start(&our_in), slen, false);
2422
2423 xlat_func_append_arg(node, arg, false);
2424
2425 *out = node;
2426
2427 FR_SBUFF_SET_RETURN(in, &our_in);
2428}
2429
2430
2431/*
2432 * Tokenize a field without unary operators.
2433 */
2434static fr_slen_t tokenize_field(xlat_exp_head_t *head, xlat_exp_t **out, fr_sbuff_t *in,
2435 fr_sbuff_parse_rules_t const *p_rules, tmpl_rules_t const *t_rules,
2436 fr_sbuff_parse_rules_t const *bracket_rules, char *out_c, bool cond)
2437{
2438 ssize_t slen;
2439 xlat_exp_t *node = NULL;
2440 fr_sbuff_t our_in = FR_SBUFF(in);
2441 fr_sbuff_marker_t opand_m;
2442 tmpl_rules_t our_t_rules;
2443 tmpl_t *vpt = NULL;
2444 fr_token_t quote;
2445 fr_type_t cast_type;
2446 fr_dict_attr_t const *enumv;
2447
2448 XLAT_DEBUG("FIELD <-- %pV", fr_box_strvalue_len(fr_sbuff_current(in), fr_sbuff_remaining(in)));
2449
2450 /*
2451 * Allow for explicit casts. Non-leaf types are forbidden.
2452 */
2453 if (expr_cast_from_substr(&cast_type, &our_in) < 0) FR_SBUFF_ERROR_RETURN(&our_in);
2454
2455 /*
2456 * Do NOT pass the cast down to the next set of parsing routines. Instead, let the next data be
2457 * parsed as whatever, and then add a cast, or cast in place as necessary.
2458 */
2459 our_t_rules = *t_rules;
2460 if (cast_type == FR_TYPE_NULL) {
2461 cast_type = our_t_rules.cast;
2462 enumv = our_t_rules.enumv;
2463 } else {
2464 enumv = NULL;
2465 }
2466
2467 our_t_rules.cast = FR_TYPE_NULL;
2468// our_t_rules.enumv = NULL;
2469
2470 /*
2471 * As a special case, we allow
2472 *
2473 * &reply = "foo = bar"
2474 *
2475 * and then we don't parse the RHS as any enum.
2476 */
2477 if ( our_t_rules.enumv && !fr_type_is_leaf(our_t_rules.enumv->type)) {
2478 our_t_rules.enumv = enumv = NULL;
2479 }
2480
2481 /*
2482 * If we still have '(', then recurse for other expressions
2483 *
2484 * Tokenize the sub-expression, ensuring that we stop at ')'.
2485 *
2486 * Note that if we have a sub-expression, then we don't use the hinting for "type".
2487 * That's because we're parsing a complete expression here (EXPR). So the intermediate
2488 * nodes in the expression can be almost anything. And we only cast it to the final
2489 * value when we get the output of the expression.
2490 */
2491 if (fr_sbuff_next_if_char(&our_in, '(')) {
2492 our_t_rules.cast = FR_TYPE_NULL;
2493 our_t_rules.enumv = NULL;
2494
2495 fr_sbuff_skip_whitespace(&our_in);
2496 if (fr_sbuff_is_char(&our_in, ')')) {
2497 fr_strerror_printf("Empty expressions are invalid");
2498 FR_SBUFF_ERROR_RETURN(&our_in);
2499 }
2500
2501 /*
2502 * No input rules means "ignore external terminal sequences, as we're expecting a ')' as
2503 * our terminal sequence.
2504 */
2505 if (tokenize_expression(head, &node, &our_in, bracket_rules, &our_t_rules, T_INVALID, bracket_rules, NULL, cond) <= 0) {
2506 FR_SBUFF_ERROR_RETURN(&our_in);
2507 }
2508
2509 if (!fr_sbuff_next_if_char(&our_in, ')')) {
2510 fr_strerror_printf("Failed to find trailing ')'");
2511 FR_SBUFF_ERROR_RETURN(&our_in);
2512 }
2513
2514 /*
2515 * We've parsed one "thing", so we stop. The next thing should be an operator, not
2516 * another value.
2517 *
2518 * The nested call to tokenize_expression() can return >=0 if there are spaces followed by a
2519 * terminal character. So "node" may be NULL;
2520 */
2521 if (!node) {
2522 fr_strerror_const("Empty expressions are invalid");
2523 FR_SBUFF_ERROR_RETURN(&our_in);
2524 }
2525
2526 *out_c = '\0';
2527 goto done;
2528 }
2529
2530 /*
2531 * Record where the operand begins for better error offsets later
2532 */
2533 fr_sbuff_skip_whitespace(&our_in);
2534 fr_sbuff_marker(&opand_m, &our_in);
2535
2536 fr_sbuff_out_by_longest_prefix(&slen, &quote, expr_quote_table, &our_in, T_BARE_WORD);
2537
2538 switch (quote) {
2539 case T_BARE_WORD:
2540 p_rules = bracket_rules;
2541
2542 /*
2543 * Peek for rcodes.
2544 */
2545 if (cond) {
2546 slen = tokenize_rcode(head, &node, &our_in, p_rules->terminals);
2547 if (slen < 0) FR_SBUFF_ERROR_RETURN(&our_in);
2548
2549 if (slen > 0) {
2550 fr_assert(node != NULL);
2551 goto done;
2552 }
2553 }
2554 FALL_THROUGH;
2555
2556 default:
2557 slen = xlat_tokenize_word(head, &node, &our_in, quote, p_rules, &our_t_rules);
2558 if (slen <= 0) FR_SBUFF_ERROR_RETURN(&our_in);
2559
2560 fr_assert(node != NULL);
2561 break;
2562 }
2563
2564 /*
2565 * Cast value-box.
2566 */
2567 if (node->type == XLAT_BOX) {
2568 if (cast_type != FR_TYPE_NULL) {
2569 if (node->data.type != cast_type) {
2570 if (fr_value_box_cast_in_place(node, &node->data, cast_type, NULL) < 0) goto error;
2571 }
2572
2573 cast_type = FR_TYPE_NULL;
2574 }
2575 }
2576
2577 /*
2578 * Something other than a tmpl, we can just return.
2579 */
2580 if (node->type != XLAT_TMPL) {
2581 xlat_exp_set_name(node, fr_sbuff_current(&opand_m), fr_sbuff_behind(&opand_m));
2582 goto done;
2583 }
2584
2585 vpt = node->vpt;
2586
2587 /*
2588 * The tmpl has a cast, and it's the same as the explicit cast we were given, we can sometimes
2589 * discard the explicit cast.
2590 */
2591 if (cast_type != FR_TYPE_NULL) {
2592 if (tmpl_rules_cast(vpt) == cast_type) {
2593 fr_assert(0);
2594 cast_type = FR_TYPE_NULL;
2595
2596 } else if (tmpl_is_attr(vpt)) {
2597 fr_dict_attr_t const *da;
2598
2599 fr_assert(!tmpl_is_attr_unresolved(vpt));
2600
2601 da = tmpl_attr_tail_da(vpt); /* could be a list! */
2602
2603 /*
2604 * Set the cast for attributes. Note that tmpl_cast_set() will take care of
2605 * suppressing redundant casts. But it still allows (uint32)&Service-Type,
2606 * which means "return the raw value", and not "return enum name".
2607 */
2608 if (da) {
2609 if (tmpl_cast_set(vpt, cast_type) < 0) {
2610 error:
2611 fr_sbuff_set(&our_in, &opand_m);
2612 talloc_free(node);
2613 FR_SBUFF_ERROR_RETURN(&our_in);
2614 }
2615
2616 cast_type = FR_TYPE_NULL;
2617
2618 } else { /* it's something like &reply. */
2619 fr_assert(0);
2620 }
2621
2622 } else if (tmpl_is_data(vpt)) {
2623 fr_assert(!tmpl_is_data_unresolved(vpt));
2624
2625 /*
2626 * Omit our cast type if the data is already of the right type.
2627 *
2628 * Otherwise if we have a cast, then convert the data now, and then reset the
2629 * cast_type to nothing. This work allows for better errors at startup, and
2630 * minimizes run-time work.
2631 */
2632 if (tmpl_value_type(vpt) == cast_type) {
2633 cast_type = FR_TYPE_NULL;
2634
2635 } else if (tmpl_cast_in_place(vpt, cast_type, enumv) < 0) {
2636 fr_sbuff_set(&our_in, &opand_m);
2637 goto error;
2638
2639 } else {
2640 /*
2641 * We've parsed the data as the new data type, so we don't need any more
2642 * casting.
2643 */
2644 cast_type = FR_TYPE_NULL;
2645 }
2646
2647 } else if (tmpl_contains_xlat(vpt)) {
2648 /*
2649 * (string) "foo %{...}" is redundant. Drop the cast.
2650 */
2651 if ((cast_type == FR_TYPE_STRING) && (vpt->quote != T_BARE_WORD)) {
2652 tmpl_cast_set(vpt, FR_TYPE_NULL);
2653 cast_type = FR_TYPE_NULL;
2654
2655 } else {
2656 /*
2657 * Push the cast to the tmpl.
2658 */
2659 tmpl_cast_set(vpt, cast_type);
2660 cast_type = FR_TYPE_NULL;
2661 }
2662
2663 } else if (tmpl_is_attr_unresolved(vpt)) {
2664 fr_assert(t_rules->attr.allow_unresolved);
2665
2666 } else if (tmpl_is_data_unresolved(vpt)) {
2667 fr_assert(0);
2668
2669 fr_assert(quote == T_BARE_WORD);
2670 fr_strerror_const("Failed parsing input");
2671 fr_sbuff_set(&our_in, &opand_m);
2672 goto error;
2673
2674 } else {
2675 /*
2676 * Regex? Or something else weird?
2677 */
2678 tmpl_debug(stderr, vpt);
2679 fr_assert(0);
2680 }
2681 }
2682
2683 fr_assert(!tmpl_contains_regex(vpt));
2684
2685done:
2686 /*
2687 * If there is a cast, then reparent the node with a cast wrapper.
2688 */
2689 if (cast_type != FR_TYPE_NULL) {
2690 xlat_exp_t *cast;
2691
2692 MEM(cast = expr_cast_alloc(head, cast_type, node));
2693 node = cast;
2694 }
2695
2696 *out = node;
2697
2698 fr_sbuff_skip_whitespace(&our_in);
2699 FR_SBUFF_SET_RETURN(in, &our_in);
2700}
2701
2702/*
2703 * A mapping of operators to tokens.
2704 */
2705static fr_table_num_ordered_t const expr_assignment_op_table[] = {
2706 { L("!="), T_OP_NE },
2707 { L("!=="), T_OP_CMP_NE_TYPE },
2708
2709 { L("&"), T_AND },
2710 { L("&&"), T_LAND },
2711 { L("*"), T_MUL },
2712 { L("+"), T_ADD },
2713 { L("-"), T_SUB },
2714 { L("/"), T_DIV },
2715 { L("%"), T_MOD },
2716 { L("^"), T_XOR },
2717
2718 { L("|"), T_OR },
2719 { L("||"), T_LOR },
2720
2721 { L("<"), T_OP_LT },
2722 { L("<<"), T_LSHIFT },
2723 { L("<="), T_OP_LE },
2724
2725 { L("="), T_OP_EQ },
2726 { L("=="), T_OP_CMP_EQ },
2727 { L("==="), T_OP_CMP_EQ_TYPE },
2728
2729 { L("=~"), T_OP_REG_EQ },
2730 { L("!~"), T_OP_REG_NE },
2731
2732 { L(">"), T_OP_GT },
2733 { L(">="), T_OP_GE },
2734 { L(">>"), T_RSHIFT },
2735
2736};
2737static size_t const expr_assignment_op_table_len = NUM_ELEMENTS(expr_assignment_op_table);
2738
2739static bool valid_type(xlat_exp_t *node)
2740{
2741 fr_dict_attr_t const *da;
2742
2743#ifdef STATIC_ANALYZER
2744 if (!node) return false;
2745#endif
2746
2747 if (node->type != XLAT_TMPL) return true;
2748
2749 if (tmpl_is_list(node->vpt)) {
2750 list:
2751 fr_strerror_const("Cannot use list references in condition");
2752 return false;
2753 }
2754
2755 if (!tmpl_is_attr(node->vpt)) return true;
2756
2757 da = tmpl_attr_tail_da(node->vpt);
2758 if (fr_type_is_structural(da->type)) {
2759 if (da->dict == fr_dict_internal()) goto list;
2760
2761 fr_strerror_const("Cannot use structural types in condition");
2762 return false;
2763 }
2764
2765 return true;
2766}
2767
2768
2769/** Tokenize a mathematical operation.
2770 *
2771 * (EXPR)
2772 * !EXPR
2773 * A OP B
2774 *
2775 * If "out" is NULL then the expression is added to "head".
2776 * Otherwise, it's returned to the caller.
2777 */
2778static fr_slen_t tokenize_expression(xlat_exp_head_t *head, xlat_exp_t **out, fr_sbuff_t *in,
2779 fr_sbuff_parse_rules_t const *p_rules, tmpl_rules_t const *t_rules,
2780 fr_token_t prev, fr_sbuff_parse_rules_t const *bracket_rules,
2781 fr_sbuff_parse_rules_t const *input_rules, bool cond)
2782{
2783 xlat_exp_t *lhs = NULL, *rhs, *node;
2784 xlat_t *func = NULL;
2785 fr_token_t op;
2786 ssize_t slen;
2787 fr_sbuff_marker_t m_lhs, m_op, m_rhs;
2788 fr_sbuff_t our_in = FR_SBUFF(in);
2789 char c = '\0';
2790
2791 XLAT_DEBUG("EXPRESSION <-- %pV", fr_box_strvalue_len(fr_sbuff_current(in), fr_sbuff_remaining(in)));
2792
2793 fr_sbuff_skip_whitespace(&our_in);
2794
2795 fr_sbuff_marker(&m_lhs, &our_in);
2796
2797 /*
2798 * Get the LHS of the operation.
2799 */
2800 slen = tokenize_unary(head, &lhs, &our_in, p_rules, t_rules, bracket_rules, &c, cond);
2801 if (slen <= 0) FR_SBUFF_ERROR_RETURN(&our_in);
2802
2803 if (slen == 0) {
2804 fr_assert(lhs == NULL);
2805 *out = NULL;
2806 FR_SBUFF_SET_RETURN(in, &our_in);
2807 }
2808
2809redo:
2810 rhs = NULL;
2811
2812 fr_sbuff_skip_whitespace(&our_in);
2813
2814 /*
2815 * No more input, we're done.
2816 */
2817 if (fr_sbuff_extend(&our_in) == 0) {
2818 done:
2819 /*
2820 * LHS may be NULL if the expression has spaces followed by a terminal character.
2821 */
2822 *out = lhs;
2823 FR_SBUFF_SET_RETURN(in, &our_in);
2824 }
2825
2826 /*
2827 * ')' is a terminal, even if we didn't expect it.
2828 * Because if we didn't expect it, then it's an error.
2829 *
2830 * If we did expect it, then we return whatever we found,
2831 * and let the caller eat the ')'.
2832 */
2833 if (fr_sbuff_is_char(&our_in, ')')) {
2834 if (!bracket_rules) {
2835 fr_strerror_printf("Unexpected ')'");
2836 FR_SBUFF_ERROR_RETURN(&our_in);
2837 }
2838
2839 goto done;
2840 }
2841 fr_sbuff_skip_whitespace(&our_in);
2842
2843 /*
2844 * We hit a terminal sequence, stop.
2845 */
2846 if (input_rules && fr_sbuff_is_terminal(&our_in, input_rules->terminals)) goto done;
2847
2848 /*
2849 * Remember where we were after parsing the LHS.
2850 */
2851 fr_sbuff_marker(&m_op, &our_in);
2852
2853 /*
2854 * Get the operator.
2855 */
2856 XLAT_DEBUG(" operator <-- %pV", fr_box_strvalue_len(fr_sbuff_current(&our_in), fr_sbuff_remaining(&our_in)));
2857 fr_sbuff_out_by_longest_prefix(&slen, &op, expr_assignment_op_table, &our_in, T_INVALID);
2858 if ((op == T_INVALID) || !binary_ops[op].str) {
2859 fr_strerror_const("Invalid operator");
2860 fr_sbuff_set(&our_in, &m_op);
2861 talloc_free(lhs);
2862 FR_SBUFF_ERROR_RETURN(&our_in);
2863 }
2864
2865 /*
2866 * We can't (yet) do &list1 = &list2 + &list3
2867 */
2868 if (fr_binary_op[op] && t_rules->enumv && fr_type_is_structural(t_rules->enumv->type)) {
2869 fr_strerror_const("Invalid operator for structural attribute");
2870 fr_sbuff_set(&our_in, &m_op);
2871 talloc_free(lhs);
2872 FR_SBUFF_ERROR_RETURN(&our_in);
2873 }
2874
2875 fr_assert(precedence[op] != 0);
2876
2877 /*
2878 * a * b + c ... = (a * b) + c ...
2879 *
2880 * Feed the current expression to the caller, who will
2881 * take care of continuing.
2882 */
2883 if (precedence[op] <= precedence[prev]) {
2884 fr_sbuff_set(&our_in, &m_op);
2885 goto done;
2886 }
2887
2888 /*
2889 * &Foo and !&Foo are permitted as the LHS of || and &&
2890 */
2891 if (((c == '!') || (c == '~')) && (op != T_LAND) && (op != T_LOR)) {
2892 fr_strerror_printf("Operator '%c' is only applied to the left hand side of the '%s' operation, add (..) to evaluate the operation first", c, fr_tokens[op]);
2893 fail_lhs:
2894 fr_sbuff_set(&our_in, &m_lhs);
2895 FR_SBUFF_ERROR_RETURN(&our_in);
2896 }
2897
2898 fr_sbuff_skip_whitespace(&our_in);
2899 fr_sbuff_marker(&m_rhs, &our_in);
2900
2901 /*
2902 * We now parse the RHS, allowing a (perhaps different) cast on the RHS.
2903 */
2904 XLAT_DEBUG(" recurse RHS <-- %pV", fr_box_strvalue_len(fr_sbuff_current(&our_in), fr_sbuff_remaining(&our_in)));
2905 if ((op == T_OP_REG_EQ) || (op == T_OP_REG_NE)) {
2906 fr_type_t type;
2907
2908 /*
2909 * @todo - LHS shouldn't be anything else.
2910 */
2911 switch (lhs->type) {
2912 case XLAT_TMPL:
2913 type = tmpl_cast_get(lhs->vpt);
2914 if ((type != FR_TYPE_NULL) && (type != FR_TYPE_STRING)) {
2915 fr_strerror_const("Casts cannot be used with regular expressions");
2916 fr_sbuff_set(&our_in, &m_lhs);
2917 FR_SBUFF_ERROR_RETURN(&our_in);
2918 }
2919
2920 /*
2921 * Cast the LHS to a string, if it's not already one!
2922 */
2923 if (lhs->vpt->quote == T_BARE_WORD) tmpl_cast_set(lhs->vpt, FR_TYPE_STRING);
2924 break;
2925
2926 case XLAT_BOX:
2927 /*
2928 * 192.168.0.1 =~ /foo/
2929 *
2930 * Gets the LHS automatically converted to a string.
2931 */
2932 if (lhs->data.type != FR_TYPE_STRING) {
2933 if (fr_value_box_cast_in_place(lhs, &lhs->data, FR_TYPE_STRING, NULL) < 0) {
2934 fr_sbuff_set(&our_in, &m_lhs);
2935 FR_SBUFF_ERROR_RETURN(&our_in);
2936 }
2937 }
2938 break;
2939
2940 default:
2941 /*
2942 * @todo - if we hoist the LHS to a function instead of an xlat->tmpl->xlat, then
2943 * we can't cast the LHS to a string. OR, we have to manually add a lHS cast to
2944 * a string. Maybe we need to delay the LHS hoisting until such time as we know
2945 * it's safe.
2946 *
2947 * Also, hoisting a double-quoted xlat string to a _list_ of xlats is hard,
2948 * because we expect the LHS here to be one node. So perhaps the hoisting has to
2949 * be from an XLAT_TMPL to an XLAT_GROUP, which is still perhaps a bit of an
2950 * improvement.
2951 */
2952 break;
2953
2954 }
2955
2956 slen = tokenize_regex_rhs(head, &rhs, &our_in, t_rules, bracket_rules);
2957 } else {
2958 tmpl_rules_t our_t_rules = *t_rules;
2959
2960 /*
2961 * Pass the enumv down ONLY if the RHS name begins with "::".
2962 *
2963 * Otherwise, the terminal rules for expressions includes "-" and "+", both of which are
2964 * allowed in enum names. If we pass the enumv down to the next function, it will see
2965 * "Access-Accept", and then only parse "Access". Which is wrong.
2966 */
2967 if ((lhs->type == XLAT_TMPL) && tmpl_is_attr(lhs->vpt) &&
2968 fr_sbuff_is_str_literal(&our_in, "::")) {
2969 our_t_rules.enumv = tmpl_attr_tail_da(lhs->vpt);
2970 }
2971
2972 slen = tokenize_expression(head, &rhs, &our_in, p_rules, &our_t_rules, op, bracket_rules, input_rules, cond);
2973 }
2974 if (slen <= 0) {
2975 talloc_free(lhs);
2976 FR_SBUFF_ERROR_RETURN(&our_in);
2977 }
2978
2979 /*
2980 * The nested call to tokenize_expression() can return >=0 if there are spaces followed by a
2981 * terminal character.
2982 */
2983 if (!rhs) goto done;
2984
2985 func = xlat_func_find(binary_ops[op].str, binary_ops[op].len);
2986 fr_assert(func != NULL);
2987
2988 if (multivalue_ops[op]) {
2989 if ((lhs->type == XLAT_FUNC) && (lhs->call.func->token == op)) {
2990 xlat_func_append_arg(lhs, rhs, cond);
2991
2992 lhs->call.args->flags.can_purify |= rhs->flags.can_purify | rhs->flags.pure;
2993 lhs->flags.can_purify = lhs->call.args->flags.can_purify;
2994 goto redo;
2995 }
2996 goto purify;
2997 }
2998
2999 /*
3000 * Complain on comparisons between invalid data types.
3001 *
3002 * @todo - allow
3003 *
3004 * &structural == {}
3005 * &structural != {}
3006 *
3007 * as special cases, so we can check lists for emptiness.
3008 */
3009 if (fr_comparison_op[op]) {
3010 if (!valid_type(lhs)) goto fail_lhs;
3011 if (!valid_type(rhs)) {
3012 fr_sbuff_set(&our_in, &m_rhs);
3013 FR_SBUFF_ERROR_RETURN(&our_in);
3014 }
3015
3016 /*
3017 * Peephole optimization. If both LHS
3018 * and RHS are static values, then just call the
3019 * relevant condition code to get the result.
3020 */
3021 if (cond) {
3022 int rcode;
3023
3024 purify:
3025 rcode = xlat_purify_op(head, &node, lhs, op, rhs);
3026 if (rcode < 0) goto fail_lhs;
3027
3028 if (rcode) {
3029 lhs = node;
3030 goto redo;
3031 }
3032 }
3033 }
3034
3035 /*
3036 * Create the function node, with the LHS / RHS arguments.
3037 */
3038 MEM(node = xlat_exp_alloc(head, XLAT_FUNC, fr_tokens[op], strlen(fr_tokens[op])));
3039 xlat_exp_set_func(node, func, t_rules->attr.dict_def);
3040
3041 xlat_func_append_arg(node, lhs, logical_ops[op] && cond);
3042 xlat_func_append_arg(node, rhs, logical_ops[op] && cond);
3043
3044 fr_assert(xlat_exp_head(node->call.args) != NULL);
3045
3046 /*
3047 * Logical operations can be purified if ANY of their arguments can be purified.
3048 */
3049 if (logical_ops[op]) {
3050 xlat_exp_foreach(node->call.args, arg) {
3051 node->call.args->flags.can_purify |= arg->flags.can_purify | arg->flags.pure;
3052 if (node->call.args->flags.can_purify) break;
3053 }
3054 node->flags.can_purify = node->call.args->flags.can_purify;
3055
3056 } else {
3057 node->flags.can_purify = (node->call.func->flags.pure && node->call.args->flags.pure) | node->call.args->flags.can_purify;
3058 }
3059
3060 lhs = node;
3061 goto redo;
3062}
3063
3064static const fr_sbuff_term_t bracket_terms = FR_SBUFF_TERMS(
3065 L(""),
3066 L(")"),
3067);
3068
3069static const fr_sbuff_term_t operator_terms = FR_SBUFF_TERMS(
3070 L("\t"),
3071 L("\n"),
3072 L("\r"),
3073 L(" "),
3074 L("!"),
3075 L("%"),
3076 L("&"),
3077 L("*"),
3078 L("+"),
3079 L("-"),
3080 L("/"),
3081 L("<"),
3082 L("="),
3083 L(">"),
3084 L("^"),
3085 L("|"),
3086 L("~"),
3087);
3088
3089static fr_slen_t xlat_tokenize_expression_internal(TALLOC_CTX *ctx, xlat_exp_head_t **out, fr_sbuff_t *in,
3090 fr_sbuff_parse_rules_t const *p_rules, tmpl_rules_t const *t_rules, bool cond)
3091{
3092 fr_slen_t slen;
3093 fr_sbuff_parse_rules_t *bracket_rules = NULL;
3094 fr_sbuff_parse_rules_t *terminal_rules = NULL;
3095 tmpl_rules_t my_rules = { };
3096 xlat_exp_head_t *head;
3097 xlat_exp_t *node = NULL;
3098
3099 /*
3100 * Whatever the caller passes, ensure that we have a
3101 * terminal rule which ends on operators, and a terminal
3102 * rule which ends on ')'.
3103 */
3104 MEM(bracket_rules = talloc_zero(ctx, fr_sbuff_parse_rules_t));
3105 MEM(terminal_rules = talloc_zero(ctx, fr_sbuff_parse_rules_t));
3106 if (p_rules) {
3107 *bracket_rules = *p_rules;
3108 *terminal_rules = *p_rules;
3109
3110 if (p_rules->terminals) {
3111 MEM(terminal_rules->terminals = fr_sbuff_terminals_amerge(terminal_rules,
3112 p_rules->terminals,
3113 &operator_terms));
3114 } else {
3115 terminal_rules->terminals = &operator_terms;
3116 }
3117 } else {
3118 terminal_rules->terminals = &operator_terms;
3119 }
3120 MEM(bracket_rules->terminals = fr_sbuff_terminals_amerge(bracket_rules,
3121 terminal_rules->terminals,
3122 &bracket_terms));
3123
3124 MEM(head = xlat_exp_head_alloc(ctx));
3125 if (!t_rules) t_rules = &my_rules;
3126
3127 slen = tokenize_expression(head, &node, in, terminal_rules, t_rules, T_INVALID, bracket_rules, p_rules, cond);
3128 talloc_free(bracket_rules);
3129 talloc_free(terminal_rules);
3130
3131 if (slen <= 0) {
3132 talloc_free(head);
3133 return slen;
3134 }
3135
3136 if (!node) {
3137 *out = head;
3138 return slen;
3139 }
3140
3141 /*
3142 * If the tmpl is not resolved, then it refers to an attribute which doesn't exist. That's an
3143 * error.
3144 */
3145 if (node->type == XLAT_TMPL) {
3146 if (tmpl_is_data_unresolved(node->vpt)) {
3147 fr_strerror_const("Unknown attribute");
3148 return -1;
3149 }
3150
3151 /*
3152 * Convert raw existence checks to existence functions.
3153 */
3154 if (tmpl_contains_attr(node->vpt)) {
3155 if (cond) MEM(node = xlat_exists_alloc(head, node));
3156 }
3157 }
3158
3159 xlat_exp_insert_tail(head, node);
3160
3161 *out = head;
3162 return slen;
3163}
3164
3165fr_slen_t xlat_tokenize_expression(TALLOC_CTX *ctx, xlat_exp_head_t **out, fr_sbuff_t *in,
3166 fr_sbuff_parse_rules_t const *p_rules, tmpl_rules_t const *t_rules)
3167{
3168 fr_slen_t slen;
3169
3170 slen = xlat_tokenize_expression_internal(ctx, out, in, p_rules, t_rules, false);
3171 if (slen < 0) return slen;
3172
3173#ifdef STATIC_ANALYZER
3174 /*
3175 * Coverity doesn't realise that out will be set by this point
3176 * by a successful call to xlat_tokenize_expression_internal.
3177 */
3178 if (!out) return -1;
3179#endif
3180 if (!*out) {
3181 fr_strerror_const("Empty expressions are invalid");
3182 return -1;
3183 }
3184
3185 if (xlat_finalize(*out, t_rules->xlat.runtime_el) < 0) {
3186 TALLOC_FREE(*out);
3187 return -1;
3188 }
3189
3190 return slen;
3191}
3192
3193fr_slen_t xlat_tokenize_condition(TALLOC_CTX *ctx, xlat_exp_head_t **out, fr_sbuff_t *in,
3194 fr_sbuff_parse_rules_t const *p_rules, tmpl_rules_t const *t_rules)
3195{
3196 fr_slen_t slen;
3197
3198 slen = xlat_tokenize_expression_internal(ctx, out, in, p_rules, t_rules, true);
3199 if (slen < 0) return slen;
3200
3201#ifdef STATIC_ANALYZER
3202 if (!out) return -1;
3203#endif
3204 if (!*out) {
3205 fr_strerror_const("Empty conditions are invalid");
3206 return -1;
3207 }
3208
3209 if (xlat_finalize(*out, t_rules->xlat.runtime_el) < 0) {
3210 TALLOC_FREE(*out);
3211 return -1;
3212 }
3213
3214 return slen;
3215}
3216
3217/** Allow callers to see if an xlat is truthy
3218 *
3219 * So the caller can cache it, and needs to check fewer things at run
3220 * time.
3221 *
3222 * @param[in] head of the xlat to check
3223 * @param[out] out truthiness of the box
3224 * @return
3225 * - false - xlat is not truthy, *out is unchanged.
3226 * - true - xlat is truthy, *out is the result of fr_value_box_is_truthy()
3227 */
3228bool xlat_is_truthy(xlat_exp_head_t const *head, bool *out)
3229{
3230 xlat_exp_t const *node;
3231 fr_value_box_t const *box;
3232
3233 /*
3234 * Only pure / constant things can be truthy.
3235 */
3236 if (!head->flags.pure) goto return_false;
3237
3238 node = xlat_exp_head(head);
3239 if (!node) {
3240 *out = false;
3241 return true;
3242 }
3243
3244 if (xlat_exp_next(head, node)) goto return_false;
3245
3246 if (node->type == XLAT_BOX) {
3247 box = &node->data;
3248
3249 } else if ((node->type == XLAT_TMPL) && tmpl_is_data(node->vpt)) {
3250 box = tmpl_value(node->vpt);
3251
3252 } else {
3253 return_false:
3254 *out = false;
3255 return false;
3256 }
3257
3258 *out = fr_value_box_is_truthy(box);
3259 return true;
3260}
args
va_list args
Definition acutest.h:772
UNCONST
#define UNCONST(_type, _ptr)
Remove const qualification from a pointer.
Definition build.h:167
RCSID
#define RCSID(id)
Definition build.h:487
L
#define L(_str)
Helper for initialising arrays of string literals.
Definition build.h:209
FALL_THROUGH
#define FALL_THROUGH
clang 10 doesn't recognised the FALL-THROUGH comment anymore
Definition build.h:324
unlikely
#define unlikely(_x)
Definition build.h:383
UNUSED
#define UNUSED
Definition build.h:317
NUM_ELEMENTS
#define NUM_ELEMENTS(_t)
Definition build.h:339
fr_value_calc_list_cmp
int fr_value_calc_list_cmp(TALLOC_CTX *ctx, fr_value_box_t *dst, fr_value_box_list_t const *list1, fr_token_t op, fr_value_box_list_t const *list2)
Definition calc.c:2651
fr_value_calc_binary_op
int fr_value_calc_binary_op(TALLOC_CTX *ctx, fr_value_box_t *dst, fr_type_t hint, fr_value_box_t const *a, fr_token_t op, fr_value_box_t const *b)
Calculate DST = A OP B.
Definition calc.c:1928
fr_value_calc_unary_op
int fr_value_calc_unary_op(TALLOC_CTX *ctx, fr_value_box_t *dst, fr_token_t op, fr_value_box_t const *src)
Calculate unary operations.
Definition calc.c:2485
fr_dcursor_append
static int fr_dcursor_append(fr_dcursor_t *cursor, void *v)
Insert a single item at the end of the list.
Definition dcursor.h:408
fr_dcursor_s
Definition dcursor.h:93
fr_cond_assert
#define fr_cond_assert(_x)
Calls panic_action ifndef NDEBUG, else logs error and evaluates to value of _x.
Definition debug.h:131
MEM
#define MEM(x)
Definition debug.h:36
ERROR
#define ERROR(fmt,...)
Definition dhcpclient.c:41
fr_dict_attr_allowed_chars
bool const fr_dict_attr_allowed_chars[UINT8_MAX+1]
Characters allowed in a single dictionary attribute name.
Definition dict_util.c:64
fr_dict_internal
fr_dict_t const * fr_dict_internal(void)
Definition dict_util.c:4935
in
static fr_slen_t in
Definition dict.h:884
fr_dlist_remove
static void * fr_dlist_remove(fr_dlist_head_t *list_head, void *ptr)
Remove an item from the list.
Definition dlist.h:620
fr_dlist_num_elements
static unsigned int fr_dlist_num_elements(fr_dlist_head_t const *head)
Return the number of elements in the dlist.
Definition dlist.h:921
fr_dlist_pop_head
static void * fr_dlist_pop_head(fr_dlist_head_t *list_head)
Remove the head item in a list.
Definition dlist.h:654
fr_dlist_insert_tail
static int fr_dlist_insert_tail(fr_dlist_head_t *list_head, void *ptr)
Insert an item into the tail of a list.
Definition dlist.h:360
xlat_func_rcode
static xlat_action_t xlat_func_rcode(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, UNUSED fr_value_box_list_t *args)
Return the current rcode as a string.
Definition xlat_expr.c:1681
xlat_func_exists
static xlat_action_t xlat_func_exists(TALLOC_CTX *ctx, fr_dcursor_t *out, xlat_ctx_t const *xctx, request_t *request, UNUSED fr_value_box_list_t *in)
See if a named attribute exists.
Definition xlat_expr.c:1788
xlat_func_expr_rcode
static xlat_action_t xlat_func_expr_rcode(TALLOC_CTX *ctx, fr_dcursor_t *out, xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *args)
Match the passed rcode against request->rcode.
Definition xlat_expr.c:1624
talloc_free
talloc_free(hp)
unlang_interpret_frame_talloc_ctx
TALLOC_CTX * unlang_interpret_frame_talloc_ctx(request_t *request)
Get a talloc_ctx which is valid only for this frame.
Definition interpret.c:1684
UNLANG_SUB_FRAME
#define UNLANG_SUB_FRAME
Definition interpret.h:37
unlang_result_t
Definition interpret.h:133
RDEBUG3
#define RDEBUG3(fmt,...)
Definition log.h:355
RPEDEBUG
#define RPEDEBUG(fmt,...)
Definition log.h:388
fr_type_t
fr_type_t
Definition merged_model.c:80
FR_TYPE_INT8
@ FR_TYPE_INT8
8 Bit signed integer.
Definition merged_model.c:103
FR_TYPE_STRING
@ FR_TYPE_STRING
String of printable characters.
Definition merged_model.c:83
FR_TYPE_NULL
@ FR_TYPE_NULL
Invalid (uninitialised) attribute type.
Definition merged_model.c:81
FR_TYPE_UINT16
@ FR_TYPE_UINT16
16 Bit unsigned integer.
Definition merged_model.c:98
FR_TYPE_INT64
@ FR_TYPE_INT64
64 Bit signed integer.
Definition merged_model.c:106
FR_TYPE_INT16
@ FR_TYPE_INT16
16 Bit signed integer.
Definition merged_model.c:104
FR_TYPE_UINT8
@ FR_TYPE_UINT8
8 Bit unsigned integer.
Definition merged_model.c:97
FR_TYPE_UINT32
@ FR_TYPE_UINT32
32 Bit unsigned integer.
Definition merged_model.c:99
FR_TYPE_INT32
@ FR_TYPE_INT32
32 Bit signed integer.
Definition merged_model.c:105
FR_TYPE_UINT64
@ FR_TYPE_UINT64
64 Bit unsigned integer.
Definition merged_model.c:100
FR_TYPE_VOID
@ FR_TYPE_VOID
User data.
Definition merged_model.c:127
FR_TYPE_BOOL
@ FR_TYPE_BOOL
A truth value.
Definition merged_model.c:95
FR_TYPE_SIZE
@ FR_TYPE_SIZE
Unsigned integer capable of representing any memory address on the local system.
Definition merged_model.c:115
FR_TYPE_OCTETS
@ FR_TYPE_OCTETS
Raw octets.
Definition merged_model.c:84
FR_TYPE_GROUP
@ FR_TYPE_GROUP
A grouping of other attributes.
Definition merged_model.c:124
uint32_t
unsigned int uint32_t
Definition merged_model.c:33
ssize_t
long int ssize_t
Definition merged_model.c:24
fr_slen_t
ssize_t fr_slen_t
Definition merged_model.c:35
fr_dict_attr_t
Definition merged_model.c:133
fr_sbuff_escape_rules_t
Definition merged_model.c:228
fr_sbuff_t
Definition merged_model.c:37
fr_value_box_t
Definition merged_model.c:136
request_t
Definition merged_model.c:210
tmpl_t
Definition merged_model.c:225
fr_assert
#define fr_assert(_expr)
Definition rad_assert.h:38
REDEBUG
#define REDEBUG(fmt,...)
Definition radclient-ng.h:52
RDEBUG
#define RDEBUG(fmt,...)
Definition radclient-ng.h:53
done
static bool done
Definition radclient.c:83
rcode_table
fr_table_num_sorted_t const rcode_table[]
Definition rcode.c:35
rlm_rcode_t
rlm_rcode_t
Return codes indicating the result of the module call.
Definition rcode.h:44
RLM_MODULE_NOT_SET
@ RLM_MODULE_NOT_SET
Error resolving rcode (should not be returned by modules).
Definition rcode.h:45
RLM_MODULE_NUMCODES
@ RLM_MODULE_NUMCODES
How many valid return codes there are.
Definition rcode.h:57
name
static char const * name
Definition rlm_redis_ippool_tool.c:156
sbuff_char_word
bool const sbuff_char_word[SBUFF_CHAR_CLASS]
Definition sbuff.c:99
fr_sbuff_is_terminal
bool fr_sbuff_is_terminal(fr_sbuff_t *in, fr_sbuff_term_t const *tt)
Efficient terminal string search.
Definition sbuff.c:2180
fr_sbuff_terminals_amerge
fr_sbuff_term_t * fr_sbuff_terminals_amerge(TALLOC_CTX *ctx, fr_sbuff_term_t const *a, fr_sbuff_term_t const *b)
Merge two sets of terminal strings.
Definition sbuff.c:650
fr_sbuff_next_if_char
bool fr_sbuff_next_if_char(fr_sbuff_t *sbuff, char c)
Return true if the current char matches, and if it does, advance.
Definition sbuff.c:2116
fr_sbuff_start
#define fr_sbuff_start(_sbuff_or_marker)
fr_sbuff_out_by_longest_prefix
#define fr_sbuff_out_by_longest_prefix(_match_len, _out, _table, _sbuff, _def)
fr_sbuff_is_str_literal
#define fr_sbuff_is_str_literal(_sbuff, _str)
FR_SBUFF_IN_CHAR_RETURN
#define FR_SBUFF_IN_CHAR_RETURN(_sbuff,...)
fr_sbuff_set
#define fr_sbuff_set(_dst, _src)
fr_sbuff_adv_past_whitespace
#define fr_sbuff_adv_past_whitespace(_sbuff, _len, _tt)
fr_sbuff_current
#define fr_sbuff_current(_sbuff_or_marker)
fr_sbuff_char
#define fr_sbuff_char(_sbuff_or_marker, _eob)
FR_SBUFF_TERMS
#define FR_SBUFF_TERMS(...)
Initialise a terminal structure with a list of sorted strings.
Definition sbuff.h:193
FR_SBUFF_IN_STRCPY_LITERAL_RETURN
#define FR_SBUFF_IN_STRCPY_LITERAL_RETURN(_sbuff, _str)
fr_sbuff_extend
#define fr_sbuff_extend(_sbuff_or_marker)
fr_sbuff_used_total
#define fr_sbuff_used_total(_sbuff_or_marker)
FR_SBUFF_RETURN
#define FR_SBUFF_RETURN(_func, _sbuff,...)
fr_sbuff_is_char
#define fr_sbuff_is_char(_sbuff_or_marker, _c)
FR_SBUFF_ERROR_RETURN
#define FR_SBUFF_ERROR_RETURN(_sbuff_or_marker)
FR_SBUFF_SET_RETURN
#define FR_SBUFF_SET_RETURN(_dst, _src)
fr_sbuff_is_digit
#define fr_sbuff_is_digit(_sbuff_or_marker)
FR_SBUFF
#define FR_SBUFF(_sbuff_or_marker)
fr_sbuff_advance
#define fr_sbuff_advance(_sbuff_or_marker, _len)
fr_sbuff_remaining
#define fr_sbuff_remaining(_sbuff_or_marker)
fr_sbuff_used
#define fr_sbuff_used(_sbuff_or_marker)
fr_sbuff_behind
#define fr_sbuff_behind(_sbuff_or_marker)
FR_SBUFF_IN_STRCPY_RETURN
#define FR_SBUFF_IN_STRCPY_RETURN(...)
FR_SBUFF_TALLOC_THREAD_LOCAL
#define FR_SBUFF_TALLOC_THREAD_LOCAL(_out, _init, _max)
fr_sbuff_ptr_s
Definition sbuff.h:85
fr_sbuff_term_elem_t
Terminal element with pre-calculated lengths.
Definition sbuff.h:162
fr_sbuff_term_t
Set of terminal elements.
Definition merged_model.c:161
tmpl_contains_xlat
#define tmpl_contains_xlat(vpt)
Definition tmpl.h:227
tmpl_is_attr_unresolved
#define tmpl_is_attr_unresolved(vpt)
Definition tmpl.h:219
tmpl_resolve
int tmpl_resolve(tmpl_t *vpt, tmpl_res_rules_t const *tr_rules))
Attempt to resolve functions and attributes in xlats and attribute references.
Definition tmpl_tokenize.c:4320
tmpl_value
#define tmpl_value(_tmpl)
Definition tmpl.h:937
tmpl_contains_regex
#define tmpl_contains_regex(vpt)
Definition tmpl.h:226
tmpl_is_attr
#define tmpl_is_attr(vpt)
Definition tmpl.h:208
tmpl_rules_s::enumv
fr_dict_attr_t const * enumv
Enumeration attribute used to resolve enum values.
Definition tmpl.h:342
tmpl_xlat
#define tmpl_xlat(_tmpl)
Definition tmpl.h:930
tmpl_rules_cast
#define tmpl_rules_cast(_tmpl)
Definition tmpl.h:942
tmpl_contains_attr
#define tmpl_contains_attr(vpt)
Definition tmpl.h:225
tmpl_afrom_substr
ssize_t tmpl_afrom_substr(TALLOC_CTX *ctx, tmpl_t **out, fr_sbuff_t *in, fr_token_t quote, fr_sbuff_parse_rules_t const *p_rules, tmpl_rules_t const *t_rules))
Convert an arbitrary string into a tmpl_t.
Definition tmpl_tokenize.c:3268
tmpl_rules_s::xlat
tmpl_xlat_rules_t xlat
Rules/data for parsing xlats.
Definition tmpl.h:340
tmpl_is_list
static bool tmpl_is_list(tmpl_t const *vpt)
Definition tmpl.h:920
tmpl_cast_in_place
int tmpl_cast_in_place(tmpl_t *vpt, fr_type_t type, fr_dict_attr_t const *enumv))
Convert tmpl_t of type TMPL_TYPE_DATA_UNRESOLVED or TMPL_TYPE_DATA to TMPL_TYPE_DATA of type specifie...
Definition tmpl_tokenize.c:4011
tmpl_is_data
#define tmpl_is_data(vpt)
Definition tmpl.h:206
vpt
static fr_slen_t vpt
Definition tmpl.h:1269
tmpl_debug
void tmpl_debug(FILE *fp, tmpl_t const *vpt)
Definition tmpl_tokenize.c:315
tmpl_value_type
#define tmpl_value_type(_tmpl)
Definition tmpl.h:939
tmpl_cast_get
static fr_type_t tmpl_cast_get(tmpl_t *vpt)
Definition tmpl.h:1220
tmpl_is_data_unresolved
#define tmpl_is_data_unresolved(vpt)
Definition tmpl.h:217
tmpl_rules_s::cast
fr_type_t cast
Whether there was an explicit cast.
Definition tmpl.h:344
tmpl_rules_s::attr
tmpl_attr_rules_t attr
Rules/data for parsing attribute references.
Definition tmpl.h:339
tmpl_attr_tail_da
static fr_dict_attr_t const * tmpl_attr_tail_da(tmpl_t const *vpt)
Return the last attribute reference da.
Definition tmpl.h:801
tmpl_res_rules_t
struct tmpl_res_rules_s tmpl_res_rules_t
Definition tmpl.h:237
tmpl_is_regex
#define tmpl_is_regex(vpt)
Definition tmpl.h:213
tmpl_res_rules_s::enumv
fr_dict_attr_t const * enumv
for resolving T_BARE_WORD
Definition tmpl.h:377
tmpl_xlat_rules_s::runtime_el
fr_event_list_t * runtime_el
The eventlist to use for runtime instantiation of xlats.
Definition tmpl.h:328
tmpl_needs_resolving
#define tmpl_needs_resolving(vpt)
Definition tmpl.h:223
tmpl_cast_set
int tmpl_cast_set(tmpl_t *vpt, fr_type_t type)
Set a cast for a tmpl.
Definition tmpl_tokenize.c:3824
tmpl_res_rules_s
Similar to tmpl_rules_t, but used to specify parameters that may change during subsequent resolution ...
Definition tmpl.h:368
tmpl_rules_s
Optional arguments passed to vp_tmpl functions.
Definition tmpl.h:336
xor
static void xor(char *out, char *in1, char *in2, int n)
Definition smbdes.c:183
lshift
static void lshift(char *d, int count, int n)
Definition smbdes.c:165
inst
eap_aka_sim_process_conf_t * inst
Definition state_machine.c:3651
type
fr_aka_sim_id_type_t type
Definition state_machine.c:3654
vp
fr_pair_t * vp
Definition state_machine.c:2293
tmpl_attr_rules_s::dict_def
fr_dict_t const * dict_def
Default dictionary to use with unqualified attribute references.
Definition tmpl.h:273
tmpl_attr_rules_s::allow_unresolved
unsigned int allow_unresolved
Allow attributes that look valid but were not found in the dictionaries.
Definition tmpl.h:306
value_pair_s
Stores an attribute, a value and various bits of other data.
Definition pair.h:68
fr_table_value_by_str
#define fr_table_value_by_str(_table, _name, _def)
Convert a string to a value using a sorted or ordered table.
Definition table.h:653
fr_table_str_by_value
#define fr_table_str_by_value(_table, _number, _def)
Convert an integer to a string.
Definition table.h:772
fr_table_num_ordered_t
An element in an arbitrarily ordered array of name to num mappings.
Definition table.h:57
fr_table_num_sorted_t
An element in a lexicographically sorted array of name to num mappings.
Definition table.h:49
talloc_get_type_abort_const
#define talloc_get_type_abort_const
Definition talloc.h:245
talloc_const_free
static int talloc_const_free(void const *ptr)
Free const'd memory.
Definition talloc.h:230
tmpl_dcursor_clear
void tmpl_dcursor_clear(tmpl_dcursor_ctx_t *cc)
Clear any temporary state allocations.
Definition tmpl_dcursor.c:478
tmpl_dcursor_init
#define tmpl_dcursor_init(_err, _ctx, _cc, _cursor, _request, _vpt)
Definition tmpl_dcursor.h:104
tmpl_dcursor_ctx_s
Maintains state between cursor calls.
Definition tmpl_dcursor.h:62
fr_token_quote
const char fr_token_quote[T_TOKEN_LAST]
Convert tokens back to a quoting character.
Definition token.c:157
fr_tokens
char const * fr_tokens[T_TOKEN_LAST]
Definition token.c:79
fr_comparison_op
const bool fr_comparison_op[T_TOKEN_LAST]
Definition token.c:199
fr_binary_op
const bool fr_binary_op[T_TOKEN_LAST]
Definition token.c:217
fr_token_t
enum fr_token fr_token_t
T_AND
@ T_AND
Definition token.h:55
T_INVALID
@ T_INVALID
Definition token.h:39
T_SUB
@ T_SUB
Definition token.h:52
T_RSHIFT
@ T_RSHIFT
Definition token.h:62
T_NOT
@ T_NOT
Definition token.h:57
T_XOR
@ T_XOR
Definition token.h:58
T_DIV
@ T_DIV
Definition token.h:54
T_SINGLE_QUOTED_STRING
@ T_SINGLE_QUOTED_STRING
Definition token.h:122
T_MOD
@ T_MOD
Definition token.h:60
T_BARE_WORD
@ T_BARE_WORD
Definition token.h:120
T_OP_EQ
@ T_OP_EQ
Definition token.h:83
T_LAND
@ T_LAND
Definition token.h:91
T_COMPLEMENT
@ T_COMPLEMENT
Definition token.h:59
T_ADD
@ T_ADD
Definition token.h:51
T_BACK_QUOTED_STRING
@ T_BACK_QUOTED_STRING
Definition token.h:123
T_OP_NE
@ T_OP_NE
Definition token.h:97
T_LOR
@ T_LOR
Definition token.h:92
T_LSHIFT
@ T_LSHIFT
Definition token.h:63
T_OP_REG_EQ
@ T_OP_REG_EQ
Definition token.h:102
T_OP_CMP_EQ_TYPE
@ T_OP_CMP_EQ_TYPE
Definition token.h:107
T_DOUBLE_QUOTED_STRING
@ T_DOUBLE_QUOTED_STRING
Definition token.h:121
T_OP_CMP_EQ
@ T_OP_CMP_EQ
Definition token.h:106
T_LBRACE
@ T_LBRACE
Definition token.h:43
T_MUL
@ T_MUL
Definition token.h:53
T_OP_LE
@ T_OP_LE
Definition token.h:100
T_OP_CMP_NE_TYPE
@ T_OP_CMP_NE_TYPE
Definition token.h:108
T_OP_GE
@ T_OP_GE
Definition token.h:98
T_OP_GT
@ T_OP_GT
Definition token.h:99
T_SOLIDUS_QUOTED_STRING
@ T_SOLIDUS_QUOTED_STRING
Definition token.h:124
T_OP_LT
@ T_OP_LT
Definition token.h:101
T_OP_REG_NE
@ T_OP_REG_NE
Definition token.h:103
T_OR
@ T_OR
Definition token.h:56
T_TOKEN_LAST
#define T_TOKEN_LAST
Definition token.h:129
unlang_xlat_yield
xlat_action_t unlang_xlat_yield(request_t *request, xlat_func_t resume, xlat_func_signal_t signal, fr_signal_t sigmask, void *rctx)
Yield a request back to the interpreter from within a module.
Definition xlat.c:544
unlang_xlat_push
int unlang_xlat_push(TALLOC_CTX *ctx, unlang_result_t *p_result, fr_value_box_list_t *out, request_t *request, xlat_exp_head_t const *xlat, bool top_frame)
Push a pre-compiled xlat onto the stack for evaluation.
Definition xlat.c:270
xlat_res_rules_t::tr_rules
tmpl_res_rules_t const * tr_rules
tmpl resolution rules.
Definition xlat.h:165
xlat_arg_parser_t::type
fr_type_t type
Type to cast argument to.
Definition xlat.h:155
xlat_flags_t::pure
unsigned int pure
has no external side effects, true for BOX, LITERAL, and some functions
Definition xlat.h:110
xlat_print
fr_slen_t xlat_print(fr_sbuff_t *in, xlat_exp_head_t const *node, fr_sbuff_escape_rules_t const *e_rules)
Reconstitute an xlat expression from its constituent nodes.
Definition xlat_tokenize.c:1341
xlat_arg_parser_t::concat
unsigned int concat
Concat boxes together.
Definition xlat.h:147
head
static fr_slen_t head
Definition xlat.h:420
XLAT_RESULT_SUCCESS
#define XLAT_RESULT_SUCCESS(_p_result)
Definition xlat.h:500
xlat_aprint
static fr_slen_t xlat_aprint(TALLOC_CTX *ctx, char **out, xlat_exp_head_t const *head, fr_sbuff_escape_rules_t const *e_rules) 1(xlat_print
xlat_purify_op
int xlat_purify_op(TALLOC_CTX *ctx, xlat_exp_t **out, xlat_exp_t *lhs, fr_token_t op, xlat_exp_t *rhs)
Definition xlat_purify.c:545
xlat_func_t
xlat_action_t(* xlat_func_t)(TALLOC_CTX *ctx, fr_dcursor_t *out, xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *in)
xlat callback function
Definition xlat.h:232
XLAT_ARGS
#define XLAT_ARGS(_list,...)
Populate local variables with value boxes from the input list.
Definition xlat.h:383
xlat_flatten_to_argv
int xlat_flatten_to_argv(TALLOC_CTX *ctx, xlat_exp_head_t ***argv, xlat_exp_head_t *head)
Turn am xlat list into an argv[] array, and nuke the input list.
Definition xlat_eval.c:1904
xlat_arg_parser_t::required
unsigned int required
Argument must be present, and non-empty.
Definition xlat.h:146
XLAT_VERIFY
#define XLAT_VERIFY(_node)
Definition xlat.h:463
xlat_resolve
int xlat_resolve(xlat_exp_head_t *head, xlat_res_rules_t const *xr_rules)
Walk over an xlat tree recursively, resolving any unresolved functions or references.
Definition xlat_tokenize.c:1981
XLAT_ARG_PARSER_TERMINATOR
#define XLAT_ARG_PARSER_TERMINATOR
Definition xlat.h:170
xlat_finalize
int xlat_finalize(xlat_exp_head_t *head, fr_event_list_t *runtime_el)
Bootstrap static xlats, or instantiate ephemeral ones.
Definition xlat_inst.c:693
xlat_action_t
xlat_action_t
Definition xlat.h:37
XLAT_ACTION_FAIL
@ XLAT_ACTION_FAIL
An xlat function failed.
Definition xlat.h:44
XLAT_ACTION_YIELD
@ XLAT_ACTION_YIELD
An xlat function pushed a resume frame onto the stack.
Definition xlat.h:42
XLAT_ACTION_PUSH_UNLANG
@ XLAT_ACTION_PUSH_UNLANG
An xlat function pushed an unlang frame onto the unlang stack.
Definition xlat.h:39
XLAT_ACTION_DONE
@ XLAT_ACTION_DONE
We're done evaluating this level of nesting.
Definition xlat.h:43
xlat_flags_t::can_purify
unsigned int can_purify
if the xlat has a pure function with pure arguments.
Definition xlat.h:112
xlat_flags_t::constant
unsigned int constant
xlat is just tmpl_attr_tail_data, or XLAT_BOX
Definition xlat.h:114
xlat_flags_t::needs_resolving
unsigned int needs_resolving
Needs pass2 resolution.
Definition xlat.h:109
xlat_instance_unregister_func
int xlat_instance_unregister_func(xlat_exp_t *node)
Remove a node from the list of xlat instance data.
Definition xlat_inst.c:548
xlat_arg_parser_t
Definition for a single argument consumend by an xlat function.
Definition xlat.h:145
xlat_flags_t
Flags that control resolution and evaluation.
Definition xlat.h:108
xlat_res_rules_t
Definition xlat.h:164
parent
static fr_slen_t parent
Definition pair.h:858
add
#define add(_type, _out, _in)
Definition stats.c:187
fr_strerror_printf
#define fr_strerror_printf(_fmt,...)
Log to thread local error buffer.
Definition strerror.h:64
fr_strerror_const
#define fr_strerror_const(_msg)
Definition strerror.h:223
fr_type_table
fr_table_num_ordered_t const fr_type_table[]
Map data types to names representing those types.
Definition types.c:31
fr_type_is_variable_size
#define fr_type_is_variable_size(_x)
Definition types.h:389
fr_type_is_structural
#define fr_type_is_structural(_x)
Definition types.h:393
fr_type_is_null
#define fr_type_is_null(_x)
Definition types.h:348
fr_type_is_leaf
#define fr_type_is_leaf(_x)
Definition types.h:394
fr_type_to_str
static char const * fr_type_to_str(fr_type_t type)
Return a static string containing the type name.
Definition types.h:455
fr_value_box_list_concat_as_string
ssize_t fr_value_box_list_concat_as_string(fr_value_box_t *safety, fr_sbuff_t *sbuff, fr_value_box_list_t *list, char const *sep, size_t sep_len, fr_sbuff_escape_rules_t const *e_rules, fr_value_box_list_action_t proc_action, fr_value_box_safe_for_t safe_for, bool flatten)
Concatenate a list of value boxes together.
Definition value.c:6396
value_parse_rules_quoted
fr_sbuff_parse_rules_t const * value_parse_rules_quoted[T_TOKEN_LAST]
Parse rules for quoted strings.
Definition value.c:612
fr_value_box_copy
int fr_value_box_copy(TALLOC_CTX *ctx, fr_value_box_t *dst, const fr_value_box_t *src)
Copy value data verbatim duplicating any buffers.
Definition value.c:4409
fr_value_box_is_truthy
bool fr_value_box_is_truthy(fr_value_box_t const *in)
Check truthiness of values.
Definition value.c:7284
fr_value_box_cast_in_place
int fr_value_box_cast_in_place(TALLOC_CTX *ctx, fr_value_box_t *vb, fr_type_t dst_type, fr_dict_attr_t const *dst_enumv)
Convert one type of fr_value_box_t to another in place.
Definition value.c:4211
fr_value_box_memdup_shallow
void fr_value_box_memdup_shallow(fr_value_box_t *dst, fr_dict_attr_t const *enumv, uint8_t const *src, size_t len, bool tainted)
Assign a buffer to a box, but don't copy it.
Definition value.c:5178
fr_value_box_strdup
int fr_value_box_strdup(TALLOC_CTX *ctx, fr_value_box_t *dst, fr_dict_attr_t const *enumv, char const *src, bool tainted)
Copy a nul terminated string to a fr_value_box_t.
Definition value.c:4634
fr_value_box_strdup_shallow
void fr_value_box_strdup_shallow(fr_value_box_t *dst, fr_dict_attr_t const *enumv, char const *src, bool tainted)
Assign a buffer containing a nul terminated string to a box, but don't copy it.
Definition value.c:4744
fr_value_box_safety_copy
void fr_value_box_safety_copy(fr_value_box_t *out, fr_value_box_t const *in)
Copy the safety values from one box to another.
Definition value.c:7224
fr_value_box_clear
void fr_value_box_clear(fr_value_box_t *data)
Clear/free any existing value and metadata.
Definition value.c:4392
fr_value_box_bstrndup
int fr_value_box_bstrndup(TALLOC_CTX *ctx, fr_value_box_t *dst, fr_dict_attr_t const *enumv, char const *src, size_t len, bool tainted)
Copy a string to to a fr_value_box_t.
Definition value.c:4853
FR_VALUE_BOX_LIST_FREE_BOX
@ FR_VALUE_BOX_LIST_FREE_BOX
Free each processed box.
Definition value.h:235
fr_value_box_alloc
#define fr_value_box_alloc(_ctx, _type, _enumv)
Allocate a value box of a specific type.
Definition value.h:644
fr_value_box_mark_safe_for
#define fr_value_box_mark_safe_for(_box, _safe_for)
Definition value.h:1087
fr_box_strvalue_len
#define fr_box_strvalue_len(_val, _len)
Definition value.h:309
VALUE_BOX_LIST_VERIFY
#define VALUE_BOX_LIST_VERIFY(_x)
Definition value.h:1365
nonnull
int nonnull(2, 5))
fr_value_box_alloc_null
#define fr_value_box_alloc_null(_ctx)
Allocate a value box for later use with a value assignment function.
Definition value.h:655
fr_value_box_init
#define fr_value_box_init(_vb, _type, _enumv, _tainted)
Initialise a fr_value_box_t.
Definition value.h:610
fr_value_box_list_foreach
#define fr_value_box_list_foreach(_list_head, _iter)
Definition value.h:224
out
static size_t char ** out
Definition value.h:1024
FR_VALUE_BOX_SAFE_FOR_ANY
#define FR_VALUE_BOX_SAFE_FOR_ANY
Definition value.h:173
xlat_exp_set_vpt
void xlat_exp_set_vpt(xlat_exp_t *node, tmpl_t *vpt)
Set the tmpl for a node, along with flags and the name.
Definition xlat_alloc.c:252
xlat_exp_set_name
void xlat_exp_set_name(xlat_exp_t *node, char const *fmt, size_t len)
Set the format string for an xlat node.
Definition xlat_alloc.c:308
xlat_exp_set_func
void xlat_exp_set_func(xlat_exp_t *node, xlat_t const *func, fr_dict_t const *dict)
Set the function for a node.
Definition xlat_alloc.c:274
xlat_exp_set_name_shallow
void xlat_exp_set_name_shallow(xlat_exp_t *node, char const *fmt)
Set the format string for an xlat node from a pre-existing buffer.
Definition xlat_alloc.c:338
xlat_ctx_s::rctx
void * rctx
Resume context.
Definition xlat_ctx.h:54
xlat_inst_ctx_s::ex
xlat_exp_t * ex
Tokenized expression to use in expansion.
Definition xlat_ctx.h:64
xlat_ctx_s::inst
void const * inst
xlat instance data.
Definition xlat_ctx.h:50
xlat_inst_ctx_s::inst
void * inst
xlat instance data to populate.
Definition xlat_ctx.h:63
xlat_ctx_s
An xlat calling ctx.
Definition xlat_ctx.h:49
xlat_inst_ctx_s
An xlat instantiation ctx.
Definition xlat_ctx.h:62
attr_expr_bool_enum
fr_dict_attr_t const * attr_expr_bool_enum
Definition xlat_eval.c:44
attr_cast_base
fr_dict_attr_t const * attr_cast_base
Definition xlat_eval.c:45
xlat_func_regex_search
static xlat_action_t xlat_func_regex_search(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *in)
Definition xlat_expr.c:835
xlat_exists_inst_t::vpt
tmpl_t const * vpt
the attribute reference
Definition xlat_expr.c:1701
fr_sbuff_skip_whitespace
#define fr_sbuff_skip_whitespace(_x)
Definition xlat_expr.c:2046
expr_assignment_op_table_len
static size_t const expr_assignment_op_table_len
Definition xlat_expr.c:2737
xlat_expr_print_binary
static fr_slen_t xlat_expr_print_binary(fr_sbuff_t *out, xlat_exp_t const *node, UNUSED void *inst, fr_sbuff_escape_rules_t const *e_rules)
Definition xlat_expr.c:151
XLAT_REGISTER_BOOL
#define XLAT_REGISTER_BOOL(_xlat, _func, _arg, _ret_type)
Definition xlat_expr.c:1845
xlat_logical_inst_t::argc
int argc
Definition xlat_expr.c:867
xlat_expr_print_rcode
static fr_slen_t xlat_expr_print_rcode(fr_sbuff_t *out, xlat_exp_t const *node, void *instance, UNUSED fr_sbuff_escape_rules_t const *e_rules)
Definition xlat_expr.c:1589
xlat_func_append_arg
static void xlat_func_append_arg(xlat_exp_t *head, xlat_exp_t *node, bool exists)
Definition xlat_expr.c:70
xlat_is_truthy
bool xlat_is_truthy(xlat_exp_head_t const *head, bool *out)
Allow callers to see if an xlat is truthy.
Definition xlat_expr.c:3228
xlat_func_logical
static xlat_action_t xlat_func_logical(TALLOC_CTX *ctx, fr_dcursor_t *out, xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *in)
Process logical &&, ||.
Definition xlat_expr.c:1386
xlat_regex_inst_t::xlat
xlat_exp_t * xlat
to expand
Definition xlat_expr.c:514
XLAT_BINARY_FUNC
#define XLAT_BINARY_FUNC(_name, _op)
Definition xlat_expr.c:375
bracket_terms
static const fr_sbuff_term_t bracket_terms
Definition xlat_expr.c:3064
expr_quote_table_len
static size_t expr_quote_table_len
Definition xlat_expr.c:2070
xlat_instantiate_exists
static int xlat_instantiate_exists(xlat_inst_ctx_t const *xctx)
Definition xlat_expr.c:1729
xlat_expr_print_nary
static fr_slen_t xlat_expr_print_nary(fr_sbuff_t *out, xlat_exp_t const *node, void *instance, fr_sbuff_escape_rules_t const *e_rules)
Definition xlat_expr.c:879
xlat_register_expressions
int xlat_register_expressions(void)
Definition xlat_expr.c:1861
xlat_func_exists_arg
static xlat_arg_parser_t const xlat_func_exists_arg[]
Definition xlat_expr.c:1704
xlat_logical_process_arg
static xlat_action_t xlat_logical_process_arg(UNUSED TALLOC_CTX *ctx, UNUSED fr_dcursor_t *out, xlat_ctx_t const *xctx, request_t *request, UNUSED fr_value_box_list_t *in)
Process one argument of a logical operation.
Definition xlat_expr.c:1128
xlat_tokenize_expression_internal
static fr_slen_t xlat_tokenize_expression_internal(TALLOC_CTX *ctx, xlat_exp_head_t **out, fr_sbuff_t *in, fr_sbuff_parse_rules_t const *p_rules, tmpl_rules_t const *t_rules, bool cond)
Definition xlat_expr.c:3089
xlat_expr_print_unary
static fr_slen_t xlat_expr_print_unary(fr_sbuff_t *out, xlat_exp_t const *node, UNUSED void *inst, fr_sbuff_escape_rules_t const *e_rules)
Definition xlat_expr.c:141
P
#define P(_x, _y)
Definition xlat_expr.c:1990
regex_op_xlat_args
static xlat_arg_parser_t const regex_op_xlat_args[]
Definition xlat_expr.c:631
xlat_ungroup
static void xlat_ungroup(xlat_exp_head_t *head)
Undo work which shouldn't have been done.
Definition xlat_expr.c:975
xlat_func_unary_complement
static xlat_action_t xlat_func_unary_complement(TALLOC_CTX *ctx, fr_dcursor_t *out, xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *in)
Definition xlat_expr.c:1494
xlat_cmp_op
static xlat_action_t xlat_cmp_op(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, UNUSED request_t *request, fr_value_box_list_t *in, fr_token_t op)
Definition xlat_expr.c:449
precedence
static const int precedence[T_TOKEN_LAST]
Definition xlat_expr.c:1992
xlat_func_unary_minus
static xlat_action_t xlat_func_unary_minus(TALLOC_CTX *ctx, fr_dcursor_t *out, xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *in)
Definition xlat_expr.c:1487
xlat_logical_or_resume
static xlat_action_t xlat_logical_or_resume(TALLOC_CTX *ctx, fr_dcursor_t *out, xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *in)
Definition xlat_expr.c:1207
xlat_logical_rctx_t::last_result
unlang_result_t last_result
Definition xlat_expr.c:873
expr_quote_table
static fr_table_num_sorted_t const expr_quote_table[]
Definition xlat_expr.c:2064
XLAT_REGISTER_BINARY_OP
#define XLAT_REGISTER_BINARY_OP(_op, _name)
Definition xlat_expr.c:1803
XLAT_REGEX_FUNC
#define XLAT_REGEX_FUNC(_name, _op)
Definition xlat_expr.c:824
xlat_binary_op
static xlat_action_t xlat_binary_op(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *in, fr_token_t op, fr_type_t default_type, fr_dict_attr_t const *enumv)
Definition xlat_expr.c:303
valid_type
static bool valid_type(xlat_exp_t *node)
Definition xlat_expr.c:2739
xlat_logical_and
static bool xlat_logical_and(xlat_logical_rctx_t *rctx, fr_value_box_list_t const *in)
See if the input is truthy or not.
Definition xlat_expr.c:1264
xlat_logical_rctx_t::box
fr_value_box_t * box
output value-box
Definition xlat_expr.c:874
xlat_logical_inst_t::stop_on_match
bool stop_on_match
Definition xlat_expr.c:865
XLAT_DEBUG
#define XLAT_DEBUG(...)
Definition xlat_expr.c:38
xlat_regex_rctx_t::list
fr_value_box_list_t list
Definition xlat_expr.c:520
xlat_regex_op
static xlat_action_t xlat_regex_op(TALLOC_CTX *ctx, fr_dcursor_t *out, xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *in, fr_token_t op)
Definition xlat_expr.c:791
xlat_func_unary_not
static xlat_action_t xlat_func_unary_not(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, UNUSED request_t *request, fr_value_box_list_t *in)
Definition xlat_expr.c:1460
xlat_regex_inst_t::regex_flags
fr_regex_flags_t * regex_flags
Definition xlat_expr.c:515
xlat_node_matches_bool
static bool xlat_node_matches_bool(bool *result, xlat_exp_t *parent, xlat_exp_head_t *head, bool sense)
Definition xlat_expr.c:927
xlat_instantiate_regex
static int xlat_instantiate_regex(xlat_inst_ctx_t const *xctx)
Definition xlat_expr.c:587
xlat_func_unary_op
static xlat_action_t xlat_func_unary_op(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *in, fr_token_t op)
Definition xlat_expr.c:1416
xlat_expr_resolve_binary
static int xlat_expr_resolve_binary(xlat_exp_t *node, UNUSED void *inst, xlat_res_rules_t const *xr_rules)
Definition xlat_expr.c:174
logical_ops
static const bool logical_ops[T_TOKEN_LAST]
Definition xlat_expr.c:1966
xlat_logical_inst_t::callback
xlat_func_t callback
Definition xlat_expr.c:866
binary_op_xlat_args
static xlat_arg_parser_t const binary_op_xlat_args[]
Definition xlat_expr.c:297
xlat_attr_exists
static xlat_action_t xlat_attr_exists(TALLOC_CTX *ctx, fr_dcursor_t *out, request_t *request, tmpl_t const *vpt, bool do_free)
Definition xlat_expr.c:1760
binary_cmp_xlat_args
static xlat_arg_parser_t const binary_cmp_xlat_args[]
Definition xlat_expr.c:394
multivalue_ops
static const bool multivalue_ops[T_TOKEN_LAST]
Definition xlat_expr.c:1979
tokenize_unary
static fr_slen_t tokenize_unary(xlat_exp_head_t *head, xlat_exp_t **out, fr_sbuff_t *in, fr_sbuff_parse_rules_t const *p_rules, tmpl_rules_t const *t_rules, fr_sbuff_parse_rules_t const *bracket_rules, char *out_c, bool cond))
Definition xlat_expr.c:2086
binary_ops
static const fr_sbuff_term_elem_t binary_ops[T_TOKEN_LAST]
Definition xlat_expr.c:1934
xlat_logical_or
static bool xlat_logical_or(xlat_logical_rctx_t *rctx, fr_value_box_list_t const *in)
See if the input is truthy or not.
Definition xlat_expr.c:1165
xlat_logical_rctx_t::current
int current
Definition xlat_expr.c:875
xlat_regex_inst_t::op
fr_token_t op
Definition xlat_expr.c:512
xlat_logical_rctx_t::ctx
TALLOC_CTX * ctx
Definition xlat_expr.c:872
xlat_regex_inst_t::regex
regex_t * regex
precompiled regex
Definition xlat_expr.c:513
XLAT_REGISTER_NARY_OP
#define XLAT_REGISTER_NARY_OP(_op, _name, _func_name)
Definition xlat_expr.c:1824
xlat_instantiate_expr_rcode
static int xlat_instantiate_expr_rcode(xlat_inst_ctx_t const *xctx)
Convert static expr_rcode arguments into rcodes.
Definition xlat_expr.c:1517
fr_value_box_init_zero
static void fr_value_box_init_zero(fr_value_box_t *vb, fr_type_t type)
Definition xlat_expr.c:280
xlat_regex_resume
static xlat_action_t xlat_regex_resume(TALLOC_CTX *ctx, fr_dcursor_t *out, xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *in)
Definition xlat_expr.c:751
expr_assignment_op_table
static fr_table_num_ordered_t const expr_assignment_op_table[]
Definition xlat_expr.c:2705
xlat_exists_alloc
static xlat_exp_t * xlat_exists_alloc(TALLOC_CTX *ctx, xlat_exp_t *child)
Allocate a specific cast node.
Definition xlat_expr.c:112
expr_cast_alloc
static xlat_exp_t * expr_cast_alloc(TALLOC_CTX *ctx, fr_type_t type, xlat_exp_t *child)
Allocate a specific cast node.
Definition xlat_expr.c:2189
regex_search_xlat_args
static xlat_arg_parser_t const regex_search_xlat_args[]
Definition xlat_expr.c:637
expr_cast_from_substr
static fr_slen_t expr_cast_from_substr(fr_type_t *cast, fr_sbuff_t *in)
Definition xlat_expr.c:2226
tokenize_rcode
static ssize_t tokenize_rcode(xlat_exp_head_t *head, xlat_exp_t **out, fr_sbuff_t *in, fr_sbuff_term_t const *terminals)
Definition xlat_expr.c:2377
XLAT_REGISTER_BINARY_CMP
#define XLAT_REGISTER_BINARY_CMP(_op, _name)
Definition xlat_expr.c:1813
xlat_func_rcode_arg
static xlat_arg_parser_t const xlat_func_rcode_arg[]
Takes no arguments.
Definition xlat_expr.c:1667
xlat_expr_logical_purify
static int xlat_expr_logical_purify(xlat_exp_t *node, void *instance, request_t *request)
If any argument resolves to inst->stop_on_match, the entire thing is a bool of inst->stop_on_match.
Definition xlat_expr.c:1001
xlat_logical_rctx_t::list
fr_value_box_list_t list
Definition xlat_expr.c:876
xlat_rcode_inst_t::rcode
rlm_rcode_t rcode
The preparsed rcode.
Definition xlat_expr.c:1509
xlat_logical_inst_t::argv
xlat_exp_head_t ** argv
Definition xlat_expr.c:868
xlat_expr_print_exists
static fr_slen_t xlat_expr_print_exists(fr_sbuff_t *out, xlat_exp_t const *node, void *instance, fr_sbuff_escape_rules_t const *e_rules)
Definition xlat_expr.c:1712
xlat_instantiate_logical
static int xlat_instantiate_logical(xlat_inst_ctx_t const *xctx)
Definition xlat_expr.c:1366
XLAT_REGISTER_UNARY
#define XLAT_REGISTER_UNARY(_op, _xlat, _func)
Definition xlat_expr.c:1852
unary_op_xlat_args
static xlat_arg_parser_t const unary_op_xlat_args[]
Definition xlat_expr.c:1411
xlat_tokenize_expression
fr_slen_t xlat_tokenize_expression(TALLOC_CTX *ctx, xlat_exp_head_t **out, fr_sbuff_t *in, fr_sbuff_parse_rules_t const *p_rules, tmpl_rules_t const *t_rules)
Definition xlat_expr.c:3165
xlat_func_expr_rcode_arg
static xlat_arg_parser_t const xlat_func_expr_rcode_arg[]
Definition xlat_expr.c:1501
tokenize_regex_rhs
static fr_slen_t tokenize_regex_rhs(xlat_exp_head_t *head, xlat_exp_t **out, fr_sbuff_t *in, tmpl_rules_t const *t_rules, fr_sbuff_parse_rules_t const *bracket_rules)
Definition xlat_expr.c:2283
xlat_expr_print_regex
static fr_slen_t xlat_expr_print_regex(fr_sbuff_t *out, xlat_exp_t const *node, void *instance, fr_sbuff_escape_rules_t const *e_rules)
Definition xlat_expr.c:523
operator_terms
static const fr_sbuff_term_t operator_terms
Definition xlat_expr.c:3069
XLAT_REGISTER_REGEX_OP
#define XLAT_REGISTER_REGEX_OP(_op, _name)
Definition xlat_expr.c:1835
xlat_logical_and_resume
static xlat_action_t xlat_logical_and_resume(TALLOC_CTX *ctx, fr_dcursor_t *out, xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *in)
Definition xlat_expr.c:1311
tokenize_expression
static ssize_t tokenize_expression(xlat_exp_head_t *head, xlat_exp_t **out, fr_sbuff_t *in, fr_sbuff_parse_rules_t const *p_rules, tmpl_rules_t const *t_rules, fr_token_t prev, fr_sbuff_parse_rules_t const *bracket_rules, fr_sbuff_parse_rules_t const *input_rules, bool cond))
Tokenize a mathematical operation.
Definition xlat_expr.c:2778
XLAT_CMP_FUNC
#define XLAT_CMP_FUNC(_name, _op)
Definition xlat_expr.c:494
tokenize_field
static ssize_t tokenize_field(xlat_exp_head_t *head, xlat_exp_t **out, fr_sbuff_t *in, fr_sbuff_parse_rules_t const *p_rules, tmpl_rules_t const *t_rules, fr_sbuff_parse_rules_t const *bracket_rules, char *out_c, bool cond))
Definition xlat_expr.c:2434
xlat_regex_rctx_t::last_result
unlang_result_t last_result
Definition xlat_expr.c:519
xlat_tokenize_condition
fr_slen_t xlat_tokenize_condition(TALLOC_CTX *ctx, xlat_exp_head_t **out, fr_sbuff_t *in, fr_sbuff_parse_rules_t const *p_rules, tmpl_rules_t const *t_rules)
Definition xlat_expr.c:3193
xlat_regex_do_op
static xlat_action_t xlat_regex_do_op(TALLOC_CTX *ctx, request_t *request, fr_value_box_list_t *in, regex_t **preg, fr_dcursor_t *out, fr_token_t op)
Perform a regular expressions comparison between two operands.
Definition xlat_expr.c:665
xlat_exists_inst_t
Definition xlat_expr.c:1700
xlat_logical_inst_t
Definition xlat_expr.c:864
xlat_logical_rctx_t
Definition xlat_expr.c:871
xlat_rcode_inst_t
Holds the result of pre-parsing the rcode on startup.
Definition xlat_expr.c:1508
xlat_regex_inst_t
Definition xlat_expr.c:511
xlat_regex_rctx_t
Definition xlat_expr.c:518
xlat_func_flags_set
void xlat_func_flags_set(xlat_t *x, xlat_func_flags_t flags)
Specify flags that alter the xlat's behaviour.
Definition xlat_func.c:399
xlat_func_args_set
int xlat_func_args_set(xlat_t *x, xlat_arg_parser_t const args[])
Register the arguments of an xlat.
Definition xlat_func.c:363
xlat_func_register
xlat_t * xlat_func_register(TALLOC_CTX *ctx, char const *name, xlat_func_t func, fr_type_t return_type)
Register an xlat function.
Definition xlat_func.c:216
xlat_func_print_set
void xlat_func_print_set(xlat_t *xlat, xlat_print_t func)
Set a print routine for an xlat function.
Definition xlat_func.c:411
xlat_func_find
xlat_t * xlat_func_find(char const *in, ssize_t inlen)
Definition xlat_func.c:77
xlat_func_instantiate_set
#define xlat_func_instantiate_set(_xlat, _instantiate, _inst_struct, _detach, _uctx)
Set a callback for global instantiation of xlat functions.
Definition xlat_func.h:93
XLAT_FUNC_FLAG_PURE
@ XLAT_FUNC_FLAG_PURE
Definition xlat_func.h:38
XLAT_FUNC_FLAG_INTERNAL
@ XLAT_FUNC_FLAG_INTERNAL
Definition xlat_func.h:39
xlat_exp_head_alloc
#define xlat_exp_head_alloc(_ctx)
Definition xlat_priv.h:274
xlat_exp_s::flags
xlat_flags_t flags
Flags that control resolution and evaluation.
Definition xlat_priv.h:154
xlat_exp_next
static xlat_exp_t * xlat_exp_next(xlat_exp_head_t const *head, xlat_exp_t const *node)
Definition xlat_priv.h:247
xlat_exp_head_s::flags
xlat_flags_t flags
Flags that control resolution and evaluation.
Definition xlat_priv.h:190
xlat_tokenize_word
fr_slen_t xlat_tokenize_word(TALLOC_CTX *ctx, xlat_exp_t **out, fr_sbuff_t *in, fr_token_t quote, fr_sbuff_parse_rules_t const *p_rules, tmpl_rules_t const *t_rules)
Definition xlat_tokenize.c:1387
xlat_exp_s::quote
fr_token_t quote
Type of quoting around XLAT_GROUP types.
Definition xlat_priv.h:152
XLAT_BOX
@ XLAT_BOX
fr_value_box_t
Definition xlat_priv.h:108
XLAT_TMPL
@ XLAT_TMPL
xlat attribute
Definition xlat_priv.h:112
XLAT_FUNC
@ XLAT_FUNC
xlat module
Definition xlat_priv.h:110
XLAT_GROUP
@ XLAT_GROUP
encapsulated string of xlats
Definition xlat_priv.h:116
xlat_s::deprecated
bool deprecated
this function was deprecated
Definition xlat_priv.h:68
xlat_flags_merge
static void xlat_flags_merge(xlat_flags_t *parent, xlat_flags_t const *child)
Merge flags from child to parent.
Definition xlat_priv.h:230
xlat_exp_set_type
#define xlat_exp_set_type(_node, _type)
Definition xlat_priv.h:277
xlat_s::token
fr_token_t token
for expressions
Definition xlat_priv.h:70
xlat_exp_s::fmt
char const *_CONST fmt
The original format string (a talloced buffer).
Definition xlat_priv.h:151
xlat_print_node
ssize_t xlat_print_node(fr_sbuff_t *out, xlat_exp_head_t const *head, xlat_exp_t const *node, fr_sbuff_escape_rules_t const *e_rules, char c)
Definition xlat_tokenize.c:1151
xlat_purify_list
int xlat_purify_list(xlat_exp_head_t *head, request_t *request)
Definition xlat_purify.c:66
xlat_exp_s::type
xlat_type_t _CONST type
type of this expansion.
Definition xlat_priv.h:155
xlat_exp_alloc
#define xlat_exp_alloc(_ctx, _type, _in, _inlen)
Definition xlat_priv.h:283
xlat_s::flags
xlat_flags_t flags
various flags
Definition xlat_priv.h:92
xlat_exp_foreach
#define xlat_exp_foreach(_list_head, _iter)
Iterate over the contents of a list, only one level.
Definition xlat_priv.h:223
xlat_exp_insert_tail
static int xlat_exp_insert_tail(xlat_exp_head_t *head, xlat_exp_t *node)
Definition xlat_priv.h:239
xlat_exp_head
static xlat_exp_t * xlat_exp_head(xlat_exp_head_t const *head)
Definition xlat_priv.h:210
xlat_exp_head_s
Definition xlat_priv.h:188
xlat_exp_s
An xlat expansion node.
Definition xlat_priv.h:148
xlat_s
Definition xlat_priv.h:59
Generated by   doxygen 1.9.8