The FreeRADIUS server $Id: 15bac2a4c627c01d1aa2047687b3418955ac7f00 $
Loading...
Searching...
No Matches
xlat_expr.c
Go to the documentation of this file.
1/*
2 * This program is free software; you can redistribute it and/or modify
3 * it under the terms of the GNU General Public License as published by
4 * the Free Software Foundation; either version 2 of the License, or
5 * (at your option) any later version.
6 *
7 * This program is distributed in the hope that it will be useful,
8 * but WITHOUT ANY WARRANTY; without even the implied warranty of
9 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
10 * GNU General Public License for more details.
11 *
12 * You should have received a copy of the GNU General Public License
13 * along with this program; if not, write to the Free Software
14 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
15 */
16
17/**
18 * $Id: 236fe9d4a12a5d6097e5ea35c977c18009553c1e $
19 *
20 * @file xlat_expr.c
21 * @brief Tokenizers and support functions for xlat expressions
22 *
23 * @copyright 2021 The FreeRADIUS server project
24 * @copyright 2021 Network RADIUS SAS (legal@networkradius.com)
25 */
26
27RCSID("$Id: 236fe9d4a12a5d6097e5ea35c977c18009553c1e $")
28
29#include <freeradius-devel/server/base.h>
30#include <freeradius-devel/unlang/xlat_priv.h>
31#include <freeradius-devel/util/calc.h>
32#include <freeradius-devel/server/tmpl_dcursor.h>
33#include <freeradius-devel/unlang/xlat_func.h>
34
35#undef XLAT_DEBUG
36#ifdef DEBUG_XLAT
37# define XLAT_DEBUG(_fmt, ...) DEBUG3("%s[%i] "_fmt, __FILE__, __LINE__, ##__VA_ARGS__)
38#else
39# define XLAT_DEBUG(...)
40#endif
41
42extern bool tmpl_require_enum_prefix;
43
44/*
45 * The new tokenizer accepts most things which are accepted by the old one. Many of the errors will be
46 * different, though.
47 *
48 * @todo - add a "output" fr_type_t to xlat_t, which is mainly used by the comparison functions. Right
49 * now it will happily parse things like:
50 *
51 * (1 < 2) < 3
52 *
53 * though the result of (1 < 2) is a boolean, so the result is always true. We probably want to have
54 * that as a compile-time error / check. This can probably just be done with xlat_purify() ? which
55 * doesn't need to interpret the LHS, but just knows its limits. We perhaps want a "range compare"
56 * function, which just checks ranges on one side against values on the right.
57 *
58 * Even worse, when we do "((bool) 1) < 3", the RHS is cast to the type of the LHS by
59 * tmpl_afrom_substr(). This is because we pass the LHS data type recursively down, which works most of
60 * the time, but not all of the time. There are currently hacks in the "upcast" code here to fix this,
61 * but it's a hack.
62 *
63 * @todo - add instantiation routines for assignment operations. This lets us do things
64 * like:
65 * if ((&foo += 4) > 6) ...
66 *
67 * However, this would also require us adding an edit list pointer to the xlat evaluation functions,
68 * which is not trivial. Or, maybe we attach it to the request somehow?
69 */
70
71static xlat_exp_t *xlat_exists_alloc(TALLOC_CTX *ctx, xlat_exp_t *child);
72
73static void xlat_func_append_arg(xlat_exp_t *head, xlat_exp_t *node, bool exists)
74{
75 xlat_exp_t *group;
76
77 fr_assert(head->type == XLAT_FUNC);
78
79 if (node->type == XLAT_GROUP) {
80 xlat_exp_insert_tail(head->call.args, node);
81 xlat_flags_merge(&head->flags, &head->call.args->flags);
82 return;
83 }
84
85 /*
86 * Wrap existence checks for attribute reference.
87 */
88 if (exists && (node->type == XLAT_TMPL) && tmpl_contains_attr(node->vpt)) {
89 node = xlat_exists_alloc(head, node);
90 }
91
92 group = xlat_exp_alloc(head->call.args, XLAT_GROUP, NULL, 0);
93 group->quote = T_BARE_WORD;
94
95 xlat_exp_set_name_buffer_shallow(group, node->fmt); /* not entirely correct, but good enough for now */
96 group->flags = node->flags;
97
98 talloc_steal(group->group, node);
99 xlat_exp_insert_tail(group->group, node);
100
101 xlat_exp_insert_tail(head->call.args, group);
102
103 xlat_flags_merge(&head->flags, &head->call.args->flags);
104}
105
106
107/** Allocate a specific cast node.
108 *
109 * With the first argument being a UINT8 of the data type.
110 * See xlat_func_cast() for the implementation.
111 *
112 */
113static xlat_exp_t *xlat_exists_alloc(TALLOC_CTX *ctx, xlat_exp_t *child)
114{
115 xlat_exp_t *node;
116
117 /*
118 * Create an "exists" node.
119 */
120 MEM(node = xlat_exp_alloc(ctx, XLAT_FUNC, "exists", 6));
121 MEM(node->call.func = xlat_func_find("exists", 6));
122 fr_assert(node->call.func != NULL);
123 node->flags = node->call.func->flags;
124
125 fr_assert(child->type == XLAT_TMPL);
126 fr_assert(tmpl_contains_attr(child->vpt));
127 xlat_exp_set_name_buffer_shallow(node, child->vpt->name);
128
129 xlat_func_append_arg(node, child, false);
130
131 return node;
132}
133
134
135static fr_slen_t xlat_expr_print_unary(fr_sbuff_t *out, xlat_exp_t const *node, UNUSED void *inst, fr_sbuff_escape_rules_t const *e_rules)
136{
137 size_t at_in = fr_sbuff_used_total(out);
138
139 FR_SBUFF_IN_STRCPY_RETURN(out, fr_tokens[node->call.func->token]);
140 xlat_print_node(out, node->call.args, xlat_exp_head(node->call.args), e_rules, 0);
141
142 return fr_sbuff_used_total(out) - at_in;
143}
144
145static fr_slen_t xlat_expr_print_binary(fr_sbuff_t *out, xlat_exp_t const *node, UNUSED void *inst, fr_sbuff_escape_rules_t const *e_rules)
146{
147 size_t at_in = fr_sbuff_used_total(out);
148 xlat_exp_t *child = xlat_exp_head(node->call.args);
149
150 fr_assert(child != NULL);
151
152 FR_SBUFF_IN_CHAR_RETURN(out, '(');
153 xlat_print_node(out, node->call.args, child, e_rules, 0); /* prints a space after the first argument */
154
155 FR_SBUFF_IN_STRCPY_RETURN(out, fr_tokens[node->call.func->token]);
156 FR_SBUFF_IN_CHAR_RETURN(out, ' ');
157
158 child = xlat_exp_next(node->call.args, child);
159 fr_assert(child != NULL);
160
161 xlat_print_node(out, node->call.args, child, e_rules, 0);
162
163 FR_SBUFF_IN_CHAR_RETURN(out, ')');
164
165 return fr_sbuff_used_total(out) - at_in;
166}
167
168static int xlat_expr_resolve_binary(xlat_exp_t *node, UNUSED void *inst, xlat_res_rules_t const *xr_rules)
169{
170 xlat_exp_t *arg1, *arg2;
171 xlat_exp_t *a, *b;
172 tmpl_res_rules_t my_tr_rules;
173
174 XLAT_DEBUG("RESOLVE %s\n", node->fmt);
175
176 arg1 = xlat_exp_head(node->call.args);
177 fr_assert(arg1);
178 fr_assert(arg1->type == XLAT_GROUP);
179
180 arg2 = xlat_exp_next(node->call.args, arg1);
181 fr_assert(arg2);
182 fr_assert(arg2->type == XLAT_GROUP);
183
184 a = xlat_exp_head(arg1->group);
185 b = xlat_exp_head(arg2->group);
186
187 /*
188 * We have many things here, just call resolve recursively.
189 */
190 if (xlat_exp_next(arg1->group, a) || (xlat_exp_next(arg2->group, b))) goto resolve;
191
192 /*
193 * Anything else must get resolved at run time.
194 */
195 if ((a->type != XLAT_TMPL) || (b->type != XLAT_TMPL)) goto resolve;
196
197 /*
198 * The tr_rules should always contain dict_def
199 */
200 fr_assert(xr_rules); /* always set by xlat_resolve() */
201 if (xr_rules->tr_rules) {
202 my_tr_rules = *xr_rules->tr_rules;
203 } else {
204 my_tr_rules = (tmpl_res_rules_t) { };
205 }
206
207 /*
208 * The LHS attribute dictates the enumv for the RHS one.
209 */
210 if (tmpl_contains_attr(a->vpt)) {
211 XLAT_DEBUG("\ta - %s %s\n", a->fmt, b->fmt);
212
213 if (a->flags.needs_resolving) {
214 XLAT_DEBUG("\tresolve attr a\n");
215 if (tmpl_resolve(a->vpt, &my_tr_rules) < 0) return -1;
216 a->flags.needs_resolving = false;
217 }
218
219 my_tr_rules.enumv = tmpl_attr_tail_da(a->vpt);
220
221 XLAT_DEBUG("\tresolve other b\n");
222 if (tmpl_resolve(b->vpt, &my_tr_rules) < 0) return -1;
223
224 b->flags.needs_resolving = false;
225 b->flags.pure = tmpl_is_data(b->vpt);
226 b->flags.constant = b->flags.pure;
227 goto flags;
228 }
229
230 if (tmpl_contains_attr(b->vpt)) {
231 XLAT_DEBUG("\tb - %s %s\n", a->fmt, b->fmt);
232
233 if (b->flags.needs_resolving) {
234 XLAT_DEBUG("\tresolve attr b\n");
235 if (tmpl_resolve(b->vpt, &my_tr_rules) < 0) return -1;
236
237 b->flags.needs_resolving = false;
238 }
239
240 my_tr_rules.enumv = tmpl_attr_tail_da(b->vpt);
241
242 XLAT_DEBUG("\tresolve other a\n");
243 if (tmpl_resolve(a->vpt, &my_tr_rules) < 0) return -1;
244
245 a->flags.needs_resolving = false;
246 a->flags.pure = tmpl_is_data(a->vpt);
247 a->flags.constant = a->flags.pure;
248 goto flags;
249 }
250
251resolve:
252 /*
253 * This call will fix everything recursively.
254 */
255 return xlat_resolve(node->call.args, xr_rules);
256
257flags:
258 arg1->flags = arg1->group->flags = a->flags;
259 arg2->flags = arg2->group->flags = b->flags;
260 xlat_flags_merge(&node->call.args->flags, &arg2->flags);
261
262 fr_assert(!a->flags.needs_resolving);
263 fr_assert(!b->flags.needs_resolving);
264
265 fr_assert(!arg1->flags.needs_resolving);
266 fr_assert(!arg2->flags.needs_resolving);
267
268 node->call.args->flags.needs_resolving = false;
269
270 return 0;
271}
272
273static void fr_value_box_init_zero(fr_value_box_t *vb, fr_type_t type)
274{
275 switch (type) {
276 case FR_TYPE_STRING:
277 fr_value_box_strdup_shallow(vb, NULL, "", false);
278 break;
279
280 case FR_TYPE_OCTETS:
281 fr_value_box_memdup_shallow(vb, NULL, (void const *) "", 0, false);
282 break;
283
284 default:
285 fr_value_box_init(vb, type, NULL, false);
286 break;
287 }
288}
289
290static xlat_arg_parser_t const binary_op_xlat_args[] = {
291 { .required = false, .type = FR_TYPE_VOID },
292 { .required = false, .type = FR_TYPE_VOID },
293 XLAT_ARG_PARSER_TERMINATOR
294};
295
296static xlat_action_t xlat_binary_op(TALLOC_CTX *ctx, fr_dcursor_t *out,
297 UNUSED xlat_ctx_t const *xctx,
298 request_t *request, fr_value_box_list_t *in,
299 fr_token_t op,
300 fr_type_t default_type, fr_dict_attr_t const *enumv)
301{
302 int rcode;
303 fr_value_box_t *dst, *a, *b;
304 fr_value_box_t one, two;
305
306 MEM(dst = fr_value_box_alloc_null(ctx));
307
308 /*
309 * Each argument is a FR_TYPE_GROUP, with one or more elements in a list.
310 */
311 a = fr_value_box_list_head(in);
312 b = fr_value_box_list_next(in, a);
313
314 if (!a && !b) return XLAT_ACTION_FAIL;
315
316 fr_assert(!a || (a->type == FR_TYPE_GROUP));
317 fr_assert(!b || (b->type == FR_TYPE_GROUP));
318
319 fr_assert(!fr_comparison_op[op]);
320
321 if (fr_value_box_list_num_elements(&a->vb_group) > 1) {
322 REDEBUG("Expected one value as the first argument, got %u",
323 fr_value_box_list_num_elements(&a->vb_group));
324 return XLAT_ACTION_FAIL;
325 }
326 a = fr_value_box_list_head(&a->vb_group);
327
328 if (fr_value_box_list_num_elements(&b->vb_group) > 1) {
329 REDEBUG("Expected one value as the second argument, got %u",
330 fr_value_box_list_num_elements(&b->vb_group));
331 return XLAT_ACTION_FAIL;
332 }
333 b = fr_value_box_list_head(&b->vb_group);
334
335 if (!a) {
336 a = &one;
337 fr_value_box_init_zero(a, b->type);
338 }
339
340 if (!b) {
341 b = &two;
342 fr_value_box_init_zero(b, a->type);
343 }
344
345 rcode = fr_value_calc_binary_op(dst, dst, default_type, a, op, b);
346 if (rcode < 0) {
347 talloc_free(dst);
348 return XLAT_ACTION_FAIL;
349 }
350
351 /*
352 * Over-write, but only if it's present. Otherwise leave
353 * any existing enum alone.
354 */
355 if (enumv) dst->enumv = enumv;
356
357 fr_dcursor_append(out, dst);
358 VALUE_BOX_LIST_VERIFY((fr_value_box_list_t *)out->dlist);
359 return XLAT_ACTION_DONE;
360}
361
362#define XLAT_BINARY_FUNC(_name, _op) \
363static xlat_action_t xlat_func_ ## _name(TALLOC_CTX *ctx, fr_dcursor_t *out, \
364 xlat_ctx_t const *xctx, \
365 request_t *request, fr_value_box_list_t *in) \
366{ \
367 return xlat_binary_op(ctx, out, xctx, request, in, _op, FR_TYPE_NULL, NULL); \
368}
369
370XLAT_BINARY_FUNC(op_add, T_ADD)
371XLAT_BINARY_FUNC(op_sub, T_SUB)
372XLAT_BINARY_FUNC(op_mul, T_MUL)
373XLAT_BINARY_FUNC(op_div, T_DIV)
374XLAT_BINARY_FUNC(op_mod, T_MOD)
375XLAT_BINARY_FUNC(op_and, T_AND)
376XLAT_BINARY_FUNC(op_or, T_OR)
377XLAT_BINARY_FUNC(op_xor, T_XOR)
378XLAT_BINARY_FUNC(op_rshift, T_RSHIFT)
379XLAT_BINARY_FUNC(op_lshift, T_LSHIFT)
380
381static xlat_arg_parser_t const binary_cmp_xlat_args[] = {
382 { .required = false, .type = FR_TYPE_VOID },
383 { .required = false, .type = FR_TYPE_VOID },
384 XLAT_ARG_PARSER_TERMINATOR
385};
386
387static xlat_action_t xlat_cmp_op(TALLOC_CTX *ctx, fr_dcursor_t *out,
388 UNUSED xlat_ctx_t const *xctx,
389 UNUSED request_t *request, fr_value_box_list_t *in,
390 fr_token_t op)
391{
392 int rcode;
393 fr_value_box_t *dst, *a, *b;
394
395 /*
396 * Each argument is a FR_TYPE_GROUP, with one or more elements in a list.
397 */
398 a = fr_value_box_list_head(in);
399 b = fr_value_box_list_next(in, a);
400
401 if (!a || !b) return XLAT_ACTION_FAIL;
402
403 fr_assert(a->type == FR_TYPE_GROUP);
404 fr_assert(b->type == FR_TYPE_GROUP);
405
406 fr_assert(fr_comparison_op[op]);
407
408 MEM(dst = fr_value_box_alloc(ctx, FR_TYPE_BOOL, attr_expr_bool_enum));
409
410 rcode = fr_value_calc_list_cmp(dst, dst, &a->vb_group, op, &b->vb_group);
411 if (rcode < 0) {
412 talloc_free(dst);
413 return XLAT_ACTION_FAIL;
414 }
415
416 fr_assert(dst->type == FR_TYPE_BOOL);
417 dst->enumv = attr_expr_bool_enum;
418
419 fr_dcursor_append(out, dst);
420 VALUE_BOX_LIST_VERIFY((fr_value_box_list_t *)out->dlist);
421 return XLAT_ACTION_DONE;
422}
423
424
425#define XLAT_CMP_FUNC(_name, _op) \
426static xlat_action_t xlat_func_ ## _name(TALLOC_CTX *ctx, fr_dcursor_t *out, \
427 xlat_ctx_t const *xctx, \
428 request_t *request, fr_value_box_list_t *in) \
429{ \
430 return xlat_cmp_op(ctx, out, xctx, request, in, _op); \
431}
432
433XLAT_CMP_FUNC(cmp_eq, T_OP_CMP_EQ)
434XLAT_CMP_FUNC(cmp_ne, T_OP_NE)
435XLAT_CMP_FUNC(cmp_lt, T_OP_LT)
436XLAT_CMP_FUNC(cmp_le, T_OP_LE)
437XLAT_CMP_FUNC(cmp_gt, T_OP_GT)
438XLAT_CMP_FUNC(cmp_ge, T_OP_GE)
439XLAT_CMP_FUNC(cmp_eq_type, T_OP_CMP_EQ_TYPE)
440XLAT_CMP_FUNC(cmp_ne_type, T_OP_CMP_NE_TYPE)
441
442typedef struct {
443 fr_token_t op;
444 regex_t *regex; //!< precompiled regex
445 xlat_exp_t *xlat; //!< to expand
446 fr_regex_flags_t *regex_flags;
447} xlat_regex_inst_t;
448
449typedef struct {
450 bool last_success;
451 fr_value_box_list_t list;
452} xlat_regex_rctx_t;
453
454static fr_slen_t xlat_expr_print_regex(fr_sbuff_t *out, xlat_exp_t const *node, void *instance, fr_sbuff_escape_rules_t const *e_rules)
455{
456 size_t at_in = fr_sbuff_used_total(out);
457 xlat_exp_t *child = xlat_exp_head(node->call.args);
458 xlat_regex_inst_t *inst = instance;
459
460 fr_assert(child != NULL);
461
462 FR_SBUFF_IN_CHAR_RETURN(out, '(');
463 xlat_print_node(out, node->call.args, child, e_rules, 0);
464
465 /*
466 * A space is printed after the first argument only if
467 * there's a second one. So add one if we "ate" the second argument.
468 */
469 if (inst->xlat) FR_SBUFF_IN_CHAR_RETURN(out, ' ');
470
471 FR_SBUFF_IN_STRCPY_RETURN(out, fr_tokens[node->call.func->token]);
472 FR_SBUFF_IN_CHAR_RETURN(out, ' ');
473
474 /*
475 * Regexes which aren't instantiated: only for unit tests.
476 */
477 if (!inst->xlat) {
478 child = xlat_exp_next(node->call.args, child);
479 fr_assert(!xlat_exp_next(node->call.args, child));
480 fr_assert(child->type == XLAT_GROUP);
481
482 FR_SBUFF_IN_CHAR_RETURN(out, '/');
483 FR_SBUFF_IN_STRCPY_RETURN(out, child->fmt);
484 FR_SBUFF_IN_CHAR_RETURN(out, '/');
485
486 child = xlat_exp_head(child->group);
487 fr_assert(child->type == XLAT_TMPL);
488
489 /*
490 * The RHS may be a group
491 */
492 FR_SBUFF_RETURN(regex_flags_print, out, tmpl_regex_flags(child->vpt));
493 goto done;
494 }
495
496 fr_assert(tmpl_contains_regex(inst->xlat->vpt));
497
498 if (inst->xlat->quote == T_SINGLE_QUOTED_STRING) FR_SBUFF_IN_CHAR_RETURN(out, 'm');
499 FR_SBUFF_IN_CHAR_RETURN(out, fr_token_quote[inst->xlat->quote]);
500 FR_SBUFF_IN_STRCPY_RETURN(out, inst->xlat->vpt->name);
501 FR_SBUFF_IN_CHAR_RETURN(out, fr_token_quote[inst->xlat->quote]);
502
503 FR_SBUFF_RETURN(regex_flags_print, out, inst->regex_flags);
504
505done:
506 FR_SBUFF_IN_CHAR_RETURN(out, ')');
507
508 return fr_sbuff_used_total(out) - at_in;
509}
510
511
512/*
513 * Each argument is it's own head, because we do NOT always want
514 * to go to the next argument.
515 */
516static int xlat_instantiate_regex(xlat_inst_ctx_t const *xctx)
517{
518 xlat_regex_inst_t *inst = talloc_get_type_abort(xctx->inst, xlat_regex_inst_t);
519 xlat_exp_t *lhs, *rhs, *regex;
520
521 lhs = xlat_exp_head(xctx->ex->call.args);
522 rhs = xlat_exp_next(xctx->ex->call.args, lhs);
523
524 (void) fr_dlist_remove(&xctx->ex->call.args->dlist, rhs);
525
526 fr_assert(rhs);
527 fr_assert(rhs->type == XLAT_GROUP);
528 regex = xlat_exp_head(rhs->group);
529 fr_assert(tmpl_contains_regex(regex->vpt));
530
531 inst->op = xctx->ex->call.func->token;
532 inst->regex_flags = tmpl_regex_flags(regex->vpt);
533
534 inst->xlat = talloc_steal(inst, regex);
535 talloc_free(rhs); /* group wrapper is no longer needed */
536
537 /*
538 * The RHS is more then just one regex node, it has to be dynamically expanded.
539 */
540 if (tmpl_contains_xlat(regex->vpt)) {
541 return 0;
542 }
543
544 if (tmpl_is_data_unresolved(regex->vpt)) {
545 fr_strerror_const("Regex must be resolved before instantiation");
546 return -1;
547 }
548
549 /*
550 * Must have been caught in the parse phase.
551 */
552 fr_assert(tmpl_is_regex(regex->vpt));
553
554 inst->regex = tmpl_regex(regex->vpt);
555
556 return 0;
557}
558
559
560static const fr_sbuff_escape_rules_t regex_escape_rules = {
561 .name = "regex",
562 .chr = '\\',
563 .subs = {
564 ['$'] = '$',
565 ['('] = '(',
566 ['*'] = '*',
567 ['+'] = '+',
568 ['.'] = '.',
569 ['/'] = '/',
570 ['?'] = '?',
571 ['['] = '[',
572 ['\\'] = '\\',
573 ['^'] = '^',
574 ['`'] = '`',
575 ['|'] = '|',
576 ['\a'] = 'a',
577 ['\b'] = 'b',
578 ['\n'] = 'n',
579 ['\r'] = 'r',
580 ['\t'] = 't',
581 ['\v'] = 'v'
582 },
583 .esc = {
584 SBUFF_CHAR_UNPRINTABLES_LOW,
585 SBUFF_CHAR_UNPRINTABLES_EXTENDED
586 },
587 .do_utf8 = true,
588 .do_oct = true
589};
590
591static xlat_arg_parser_t const regex_op_xlat_args[] = {
592 { .required = true, .type = FR_TYPE_STRING },
593 { .concat = true, .type = FR_TYPE_STRING },
594 XLAT_ARG_PARSER_TERMINATOR
595};
596
597
598/** Perform a regular expressions comparison between two operands
599 *
600 * @param[in] ctx to allocate resulting box in.
601 * @param[in] request The current request.
602 * @param[in] in list of item or items
603 * @param[in,out] preg Pointer to pre-compiled or runtime-compiled
604 * regular expression. In the case of runtime-compiled
605 * the pattern may be stolen by the `regex_sub_to_request`
606 * function as the original pattern is needed to resolve
607 * capture groups.
608 * The caller should only free the `regex_t *` if it
609 * compiled it, and the pointer has not been set to NULL
610 * when this function returns.
611 * @param[out] out Where result is written.
612 * @param[in] op the operation to perform.
613 * @return
614 * - -1 on failure.
615 * - 0 for "no match".
616 * - 1 for "match".
617 */
618static xlat_action_t xlat_regex_match(TALLOC_CTX *ctx, request_t *request, fr_value_box_list_t *in, regex_t **preg,
619 fr_dcursor_t *out, fr_token_t op)
620{
621 uint32_t subcaptures;
622 int ret = 0;
623
624 fr_regmatch_t *regmatch;
625 fr_value_box_t *dst;
626 fr_value_box_t *arg, *vb;
627 fr_sbuff_t *agg;
628 char const *subject;
629 size_t len;
630
631 FR_SBUFF_TALLOC_THREAD_LOCAL(&agg, 256, 8192);
632
633 arg = fr_value_box_list_head(in);
634 fr_assert(arg != NULL);
635 fr_assert(arg->type == FR_TYPE_GROUP);
636
637 subcaptures = regex_subcapture_count(*preg);
638 if (!subcaptures) subcaptures = REQUEST_MAX_REGEX + 1; /* +1 for %{0} (whole match) capture group */
639 MEM(regmatch = regex_match_data_alloc(NULL, subcaptures));
640
641 while ((vb = fr_value_box_list_pop_head(&arg->vb_group)) != NULL) {
642 if (vb->type == FR_TYPE_STRING) {
643 subject = vb->vb_strvalue;
644 len = vb->vb_length;
645
646 } else {
647 fr_value_box_list_t list;
648
649 fr_value_box_list_init(&list);
650 fr_value_box_list_insert_head(&list, vb);
651 vb = NULL;
652
653 /*
654 * Concatenate everything, and escape untrusted inputs.
655 */
656 if (fr_value_box_list_concat_as_string(NULL, NULL, agg, &list, NULL, 0, &regex_escape_rules,
657 FR_VALUE_BOX_LIST_FREE_BOX, FR_REGEX_SAFE_FOR, true) < 0) {
658 RPEDEBUG("Failed concatenating regular expression string");
659 talloc_free(regmatch);
660 return XLAT_ACTION_FAIL;
661 }
662
663 subject = fr_sbuff_start(agg);
664 len = fr_sbuff_used(agg);
665 }
666
667 /*
668 * Evaluate the expression
669 */
670 ret = regex_exec(*preg, subject, len, regmatch);
671 switch (ret) {
672 default:
673 RPEDEBUG("REGEX failed");
674 talloc_free(vb);
675 talloc_free(regmatch);
676 return XLAT_ACTION_FAIL;
677
678 case 0:
679 regex_sub_to_request(request, NULL, NULL); /* clear out old entries */
680 continue;
681
682 case 1:
683 regex_sub_to_request(request, preg, &regmatch);
684 talloc_free(vb);
685 goto done;
686
687 }
688
689 talloc_free(vb);
690 }
691
692done:
693 talloc_free(regmatch); /* free if not consumed */
694
695 MEM(dst = fr_value_box_alloc(ctx, FR_TYPE_BOOL, attr_expr_bool_enum));
696 dst->vb_bool = (ret == (op == T_OP_REG_EQ));
697
698 fr_dcursor_append(out, dst);
699
700 return XLAT_ACTION_DONE;
701}
702
703static xlat_action_t xlat_regex_resume(TALLOC_CTX *ctx, fr_dcursor_t *out,
704 xlat_ctx_t const *xctx,
705 request_t *request, fr_value_box_list_t *in)
706{
707 xlat_regex_inst_t const *inst = talloc_get_type_abort_const(xctx->inst, xlat_regex_inst_t);
708 xlat_regex_rctx_t *rctx = talloc_get_type_abort(xctx->rctx, xlat_regex_rctx_t);
709 ssize_t slen;
710 regex_t *preg = NULL;
711 fr_sbuff_t *agg;
712
713 FR_SBUFF_TALLOC_THREAD_LOCAL(&agg, 256, 8192);
714
715 /*
716 * If the expansions fails, then we fail the entire thing.
717 */
718 if (!rctx->last_success) {
719 talloc_free(rctx);
720 return XLAT_ACTION_FAIL;
721 }
722
723 /*
724 * Because we expanded the RHS ourselves, the "concat"
725 * flag to the RHS argument is ignored. So we just
726 * concatenate it here. We escape the various untrusted inputs.
727 */
728 if (fr_value_box_list_concat_as_string(NULL, NULL, agg, &rctx->list, NULL, 0, &regex_escape_rules,
729 FR_VALUE_BOX_LIST_FREE_BOX, FR_REGEX_SAFE_FOR, true) < 0) {
730 RPEDEBUG("Failed concatenating regular expression string");
731 return XLAT_ACTION_FAIL;
732 }
733
734 fr_assert(inst->regex == NULL);
735
736 slen = regex_compile(rctx, &preg, fr_sbuff_start(agg), fr_sbuff_used(agg),
737 tmpl_regex_flags(inst->xlat->vpt), true, true); /* flags, allow subcaptures, at runtime */
738 if (slen <= 0) return XLAT_ACTION_FAIL;
739
740 return xlat_regex_match(ctx, request, in, &preg, out, inst->op);
741}
742
743static xlat_action_t xlat_regex_op(TALLOC_CTX *ctx, fr_dcursor_t *out,
744 xlat_ctx_t const *xctx,
745 request_t *request, fr_value_box_list_t *in,
746 fr_token_t op)
747{
748 xlat_regex_inst_t const *inst = talloc_get_type_abort_const(xctx->inst, xlat_regex_inst_t);
749 xlat_regex_rctx_t *rctx;
750 regex_t *preg;
751
752 /*
753 * Just run precompiled regexes.
754 */
755 if (inst->regex) {
756 preg = tmpl_regex(inst->xlat->vpt);
757
758 return xlat_regex_match(ctx, request, in, &preg, out, op);
759 }
760
761 MEM(rctx = talloc_zero(unlang_interpret_frame_talloc_ctx(request), xlat_regex_rctx_t));
762 fr_value_box_list_init(&rctx->list);
763
764 if (unlang_xlat_yield(request, xlat_regex_resume, NULL, 0, rctx) != XLAT_ACTION_YIELD) {
765 fail:
766 talloc_free(rctx);
767 return XLAT_ACTION_FAIL;
768 }
769
770 if (unlang_xlat_push(ctx, &rctx->last_success, &rctx->list,
771 request, tmpl_xlat(inst->xlat->vpt), UNLANG_SUB_FRAME) < 0) goto fail;
772
773 return XLAT_ACTION_PUSH_UNLANG;
774}
775
776#define XLAT_REGEX_FUNC(_name, _op) \
777static xlat_action_t xlat_func_ ## _name(TALLOC_CTX *ctx, fr_dcursor_t *out, \
778 xlat_ctx_t const *xctx, \
779 request_t *request, fr_value_box_list_t *in) \
780{ \
781 return xlat_regex_op(ctx, out, xctx, request, in, _op); \
782}
783
784XLAT_REGEX_FUNC(reg_eq, T_OP_REG_EQ)
785XLAT_REGEX_FUNC(reg_ne, T_OP_REG_NE)
786
793
794typedef struct {
795 TALLOC_CTX *ctx;
796 bool last_success;
797 fr_value_box_t *box; //!< output value-box
798 int current;
799 fr_value_box_list_t list;
800} xlat_logical_rctx_t;
801
802static fr_slen_t xlat_expr_print_nary(fr_sbuff_t *out, xlat_exp_t const *node, void *instance, fr_sbuff_escape_rules_t const *e_rules)
803{
804 size_t at_in = fr_sbuff_used_total(out);
805 xlat_logical_inst_t *inst = instance;
806 xlat_exp_head_t *head;
807
808 FR_SBUFF_IN_CHAR_RETURN(out, '(');
809
810 /*
811 * We might get called before the node is instantiated.
812 */
813 if (!inst->argv) {
814 head = node->call.args;
815
816 fr_assert(head != NULL);
817
818 xlat_exp_foreach(head, child) {
819 xlat_print_node(out, head, child, e_rules, 0);
820
821 if (!xlat_exp_next(head, child)) break;
822
823 FR_SBUFF_IN_STRCPY_RETURN(out, fr_tokens[node->call.func->token]);
824 FR_SBUFF_IN_CHAR_RETURN(out, ' ');
825 }
826 } else {
827 int i;
828
829 for (i = 0; i < inst->argc; i++) {
830 xlat_print(out, inst->argv[i], e_rules);
831 if (i == (inst->argc - 1)) break;
832
833 FR_SBUFF_IN_CHAR_RETURN(out, ' ');
834 FR_SBUFF_IN_STRCPY_RETURN(out, fr_tokens[node->call.func->token]);
835 if ((i + 1) < inst->argc) FR_SBUFF_IN_CHAR_RETURN(out, ' ');
836 }
837 }
838
839 FR_SBUFF_IN_CHAR_RETURN(out, ')');
840
841 return fr_sbuff_used_total(out) - at_in;
842}
843
844/*
845 * This returns "false" for "ignore this argument"
846 *
847 * result is "false" for "delete this argument"
848 * result is "true" for "return this argument".
849 */
850static bool xlat_node_matches_bool(bool *result, xlat_exp_t *parent, xlat_exp_head_t *head, bool sense)
851{
852 fr_value_box_t *box;
853 xlat_exp_t *node;
854
855 if (!head->flags.pure) return false;
856
857 node = xlat_exp_head(head);
858 if (!node || xlat_exp_next(head, node)) {
859 return false;
860 }
861
862 if (node->type == XLAT_BOX) {
863 box = &node->data;
864 goto check;
865 }
866
867 if (node->type != XLAT_TMPL) {
868 return false;
869 }
870
871 if (!tmpl_is_data(node->vpt)) {
872 return false;
873 }
874
875 box = tmpl_value(node->vpt);
876
877check:
878 /*
879 * On "true", replace the entire logical operation with the value-box.
880 *
881 * On "false", omit this argument, and go to the next one.
882 */
883 *result = (fr_value_box_is_truthy(box) == sense);
884
885 if (!*result) return true;
886
887 xlat_instance_unregister_func(parent);
888
889 xlat_exp_set_type(parent, XLAT_BOX);
890 fr_value_box_copy(parent, &parent->data, box);
891 parent->flags = (xlat_flags_t) { .pure = true, .constant = true, };
892
893 talloc_free_children(parent);
894
895 return true;
896}
897
898/** Undo work which shouldn't have been done. :(
899 *
900 */
901static void xlat_ungroup(xlat_exp_head_t *head)
902{
903 xlat_exp_t *group, *node;
904
905 group = xlat_exp_head(head);
906 if (!group || xlat_exp_next(head, group)) return;
907
908 if (group->type != XLAT_GROUP) return;
909
910 node = xlat_exp_head(group->group);
911 if (!node || xlat_exp_next(group->group, node)) return;
912
913 (void) fr_dlist_remove(&head->dlist, group);
914 (void) fr_dlist_remove(&group->group->dlist, node);
915 (void) talloc_steal(head, node);
916
917 talloc_free(group);
918
919 fr_dlist_insert_tail(&head->dlist, node);
920 head->flags = node->flags;
921}
922
923/** If any argument resolves to inst->stop_on_match, the entire thing is a bool of inst->stop_on_match.
924 *
925 * If any argument resolves to !inst->stop_on_match, it is removed.
926 */
927static int xlat_expr_logical_purify(xlat_exp_t *node, void *instance, request_t *request)
928{
929 int i, j;
930 int deleted = 0;
931 bool result;
932 xlat_logical_inst_t *inst = talloc_get_type_abort(instance, xlat_logical_inst_t);
933 xlat_exp_head_t *group;
934
935 fr_assert(node->type == XLAT_FUNC);
936
937 /*
938 * Don't check the last argument. If everything else gets deleted,
939 * then we just return the last argument.
940 */
941 for (i = 0; i < inst->argc; i++) {
942 /*
943 * The argument is pure, so we purify it before
944 * doing any other checks.
945 */
946 if (inst->argv[i]->flags.can_purify) {
947 if (xlat_purify_list(inst->argv[i], request) < 0) return -1;
948
949 /*
950 * xlat_purify_list expects that its outputs will be arguments to functions, so
951 * they're grouped. We con't need that, so we ungroup them here.
952 */
953 xlat_ungroup(inst->argv[i]);
954 }
955
956 /*
957 * This returns "false" for "ignore".
958 *
959 * result is "false" for "delete this argument"
960 * result is "true" for "return this argument".
961 */
962 if (!xlat_node_matches_bool(&result, node, inst->argv[i], inst->stop_on_match)) continue;
963
964 /*
965 * 0 && EXPR --> 0.
966 * 1 || EXPR --> 1
967 *
968 * Parent is now an XLAT_BOX, so we're done.
969 */
970 if (result) return 0;
971
972 /*
973 * We're at the last argument. If we've deleted everything else, then just leave the
974 * last argument alone. Otherwise some arguments remain, so we can delete the last one.
975 */
976 if (((i + 1) == inst->argc) && (deleted == i)) break;
977
978 TALLOC_FREE(inst->argv[i]);
979 deleted++;
980 }
981
982 if (!deleted) return 0;
983
984 /*
985 * Pack the array. We insert at i, and read from j. We don't need to read the deleted entries,
986 * as they all MUST be NULL.
987 */
988 i = 0;
989 j = -1;
990 while (i < (inst->argc - deleted)) {
991 if (inst->argv[i]) {
992 i++;
993 continue;
994 }
995
996 /*
997 * Start searching from the next entry, OR start searching from where we left off before.
998 */
999 if (j < 0) j = i + 1;
1000
1001 /*
1002 * Find the first non-NULL entry, and insert it in argv[i]. We search here until the end
1003 * of the array, because we may have deleted entries from the start of the array.
1004 */
1005 while (j < inst->argc) {
1006 if (inst->argv[j]) break;
1007 j++;
1008 }
1009
1010 /*
1011 * Move the entry down, and clear out the tail end of the array.
1012 */
1013 inst->argv[i++] = inst->argv[j];
1014 inst->argv[j++] = NULL;
1015 }
1016
1017 inst->argc -= deleted;
1018
1019 if (inst->argc > 1) return 0;
1020
1021 /*
1022 * Only one argument left/ We can hoist the child into ourselves, and omit the logical operation.
1023 */
1024 group = inst->argv[0];
1025 fr_assert(group != NULL);
1026 talloc_steal(node, group);
1027
1028 xlat_instance_unregister_func(node);
1029 xlat_exp_set_type(node, XLAT_GROUP);
1030
1031 /* re-print, with purified nodes removed */
1032 {
1033 char *name;
1034
1035 MEM(xlat_aprint(node, &name, group, NULL) >= 0);
1036 xlat_exp_set_name_buffer_shallow(node, name);
1037 }
1038
1039 node->group = group;
1040 node->flags = group->flags;
1041
1042 return 0;
1043}
1044
1045/** Process one argument of a logical operation.
1046 *
1047 * If we see a list in a truthy context, then we DON'T expand the list. Instead, we return a bool which
1048 * indicates if the list was empty (or not). This prevents us from returning a whole mess of value-boxes
1049 * when the user just wanted to see if the list existed.
1050 *
1051 * Otherwise, we expand the xlat, and continue.
1052 */
1053static xlat_action_t xlat_logical_process_arg(UNUSED TALLOC_CTX *ctx, UNUSED fr_dcursor_t *out,
1054 xlat_ctx_t const *xctx,
1055 request_t *request, UNUSED fr_value_box_list_t *in)
1056{
1057 xlat_logical_inst_t const *inst = talloc_get_type_abort_const(xctx->inst, xlat_logical_inst_t);
1058 xlat_logical_rctx_t *rctx = talloc_get_type_abort(xctx->rctx, xlat_logical_rctx_t);
1059
1060 /*
1061 * Push the xlat onto the stack for expansion.
1062 */
1063 if (unlang_xlat_yield(request, inst->callback, NULL, 0, rctx) != XLAT_ACTION_YIELD) {
1064 fail:
1065 talloc_free(rctx->box);
1066 talloc_free(rctx);
1067 return XLAT_ACTION_FAIL;
1068 }
1069
1070 if (unlang_xlat_push(rctx, &rctx->last_success, &rctx->list,
1071 request, inst->argv[rctx->current], UNLANG_SUB_FRAME) < 0) goto fail;
1072
1073 return XLAT_ACTION_PUSH_UNLANG;
1074}
1075
1076/** See if the input is truthy or not.
1077 *
1078 * @param[in] rctx our ctx
1079 * @param[in] in list of value-boxes to check
1080 * @return
1081 * - false if there are no truthy values. The last box is copied to the rctx.
1082 * This is to allow us to return default values which may not be truthy,
1083 * e.g. %{&Counter || 0} or %{&Framed-IP-Address || 0.0.0.0}.
1084 * If we don't copy the last box to the rctx, the expression just returns NULL
1085 * which is never useful...
1086 * - true if we find a truthy value. The first truthy box is copied to the rctx.
1087 *
1088 * Empty lists are not truthy.
1089 */
1090static bool xlat_logical_or(xlat_logical_rctx_t *rctx, fr_value_box_list_t const *in)
1091{
1092 fr_value_box_t *last = NULL;
1093 bool ret = false;
1094
1095 /*
1096 * Empty lists are !truthy.
1097 */
1098 if (!fr_value_box_list_num_elements(in)) return false;
1099
1100 /*
1101 * Loop over the input list. If the box is a group, then do this recursively.
1102 */
1103 fr_value_box_list_foreach(in, box) {
1104 if (fr_box_is_group(box)) {
1105 if (!xlat_logical_or(rctx, &box->vb_group)) return false;
1106 continue;
1107 }
1108
1109 last = box;
1110
1111 /*
1112 * Remember the last box we found.
1113 *
1114 * If it's truthy, then we stop immediately.
1115 */
1116 if (fr_value_box_is_truthy(box)) {
1117 ret = true;
1118 break;
1119 }
1120 }
1121
1122 if (!rctx->box) {
1123 MEM(rctx->box = fr_value_box_alloc_null(rctx->ctx));
1124 } else {
1125 fr_value_box_clear(rctx->box);
1126 }
1127 if (last) fr_value_box_copy(rctx->box, rctx->box, last);
1128
1129 return ret;
1130}
1131
1132/*
1133 * We've evaluated an expression. Let's see if we need to continue with ||
1134 */
1135static xlat_action_t xlat_logical_or_resume(TALLOC_CTX *ctx, fr_dcursor_t *out,
1136 xlat_ctx_t const *xctx,
1137 request_t *request, fr_value_box_list_t *in)
1138{
1139 xlat_logical_inst_t const *inst = talloc_get_type_abort_const(xctx->inst, xlat_logical_inst_t);
1140 xlat_logical_rctx_t *rctx = talloc_get_type_abort(xctx->rctx, xlat_logical_rctx_t);
1141 bool match;
1142
1143 /*
1144 * If one of the expansions fails, then we fail the
1145 * entire thing.
1146 */
1147 if (!rctx->last_success) {
1148 talloc_free(rctx->box);
1149 talloc_free(rctx);
1150 return XLAT_ACTION_FAIL;
1151 }
1152
1153 /*
1154 * Recursively check groups. i.e. we effectively flatten each list.
1155 *
1156 * (a, b, c) || (d, e, f) == a || b || c || d || e || f
1157 */
1158 match = xlat_logical_or(rctx, &rctx->list);
1159 if (match) goto done;
1160
1161 fr_value_box_list_talloc_free(&rctx->list);
1162
1163 rctx->current++;
1164
1165 /*
1166 * Nothing to expand, return the final value we saw.
1167 */
1168 if (rctx->current >= inst->argc) {
1169 done:
1170 /*
1171 * Otherwise we stop on failure, with the boolean
1172 * we just updated.
1173 */
1174 if (rctx->box) fr_dcursor_append(out, rctx->box);
1175
1176 talloc_free(rctx);
1177 return XLAT_ACTION_DONE;
1178 }
1179
1180 return xlat_logical_process_arg(ctx, out, xctx, request, in);
1181}
1182
1183/** See if the input is truthy or not.
1184 *
1185 * @param[in] rctx our ctx
1186 * @param[in] in list of value-boxes to check
1187 * @return
1188 * - false on failure
1189 * - true for match, with dst updated to contain the relevant box.
1190 *
1191 * Empty lists are not truthy.
1192 */
1193static bool xlat_logical_and(xlat_logical_rctx_t *rctx, fr_value_box_list_t const *in)
1194{
1195 fr_value_box_t *found = NULL;
1196
1197 /*
1198 * Empty lists are !truthy.
1199 */
1200 if (!fr_value_box_list_num_elements(in)) return false;
1201
1202 /*
1203 * Loop over the input list. If the box is a group, then do this recursively.
1204 */
1205 fr_value_box_list_foreach(in, box) {
1206 if (fr_box_is_group(box)) {
1207 if (!xlat_logical_and(rctx, &box->vb_group)) return false;
1208 continue;
1209 }
1210
1211 /*
1212 * Remember the last box we found.
1213 *
1214 * If it's truthy, then we keep going either
1215 * until the end, or until we get a "false".
1216 */
1217 if (fr_value_box_is_truthy(box)) {
1218 found = box;
1219 continue;
1220 }
1221
1222 /*
1223 * Stop on the first "false"
1224 */
1225 return false;
1226 }
1227
1228 if (!found) return false;
1229
1230 if (!rctx->box) {
1231 MEM(rctx->box = fr_value_box_alloc_null(rctx));
1232 } else {
1233 fr_value_box_clear(rctx->box);
1234 }
1235 fr_value_box_copy(rctx->box, rctx->box, found);
1236
1237 return true;
1238}
1239
1240/*
1241 * We've evaluated an expression. Let's see if we need to continue with &&
1242 */
1243static xlat_action_t xlat_logical_and_resume(TALLOC_CTX *ctx, fr_dcursor_t *out,
1244 xlat_ctx_t const *xctx,
1245 request_t *request, fr_value_box_list_t *in)
1246{
1247 xlat_logical_inst_t const *inst = talloc_get_type_abort_const(xctx->inst, xlat_logical_inst_t);
1248 xlat_logical_rctx_t *rctx = talloc_get_type_abort(xctx->rctx, xlat_logical_rctx_t);
1249 bool match;
1250
1251 /*
1252 * If one of the expansions fails, then we fail the
1253 * entire thing.
1254 */
1255 if (!rctx->last_success) {
1256 talloc_free(rctx->box);
1257 talloc_free(rctx);
1258 return XLAT_ACTION_FAIL;
1259 }
1260
1261 /*
1262 * Recursively check groups. i.e. we effectively flatten each list.
1263 *
1264 * (a, b, c) && (d, e, f) == a && b && c && d && e && f
1265 */
1266 match = xlat_logical_and(rctx, &rctx->list);
1267 if (!match) return XLAT_ACTION_DONE;
1268
1269 fr_value_box_list_talloc_free(&rctx->list);
1270
1271 rctx->current++;
1272
1273 /*
1274 * Nothing to expand, return the final value we saw.
1275 */
1276 if (rctx->current >= inst->argc) {
1277 /*
1278 * Otherwise we stop on failure, with the boolean
1279 * we just updated.
1280 */
1281 fr_assert(rctx->box != NULL);
1282 fr_dcursor_append(out, rctx->box);
1283
1284 talloc_free(rctx);
1285 return XLAT_ACTION_DONE;
1286 }
1287
1288 return xlat_logical_process_arg(ctx, out, xctx, request, in);
1289}
1290
1291/*
1292 * Each argument is it's own head, because we do NOT always want
1293 * to go to the next argument.
1294 */
1295static int xlat_instantiate_logical(xlat_inst_ctx_t const *xctx)
1296{
1297 xlat_logical_inst_t *inst = talloc_get_type_abort(xctx->inst, xlat_logical_inst_t);
1298
1299 inst->argc = xlat_flatten_compiled_argv(inst, &inst->argv, xctx->ex->call.args);
1300 if (xctx->ex->call.func->token == T_LOR) {
1301 inst->callback = xlat_logical_or_resume;
1302 inst->stop_on_match = true;
1303 } else {
1304 inst->callback = xlat_logical_and_resume;
1305 inst->stop_on_match = false;
1306 }
1307
1308 return 0;
1309}
1310
1311
1312/** Process logical &&, ||
1313 *
1314 */
1315static xlat_action_t xlat_func_logical(TALLOC_CTX *ctx, fr_dcursor_t *out,
1316 xlat_ctx_t const *xctx,
1317 request_t *request, fr_value_box_list_t *in)
1318{
1319 xlat_logical_rctx_t *rctx;
1320 xlat_logical_inst_t const *inst = talloc_get_type_abort_const(xctx->inst, xlat_logical_inst_t);
1321
1322 MEM(rctx = talloc_zero(unlang_interpret_frame_talloc_ctx(request), xlat_logical_rctx_t));
1323 rctx->ctx = ctx;
1324 rctx->current = 0;
1325
1326 if (inst->stop_on_match) {
1327 rctx->box = NULL;
1328 } else {
1329 MEM(rctx->box = fr_value_box_alloc(ctx, FR_TYPE_BOOL, attr_expr_bool_enum));
1330 rctx->box->vb_bool = true;
1331 }
1332 fr_value_box_list_init(&rctx->list);
1333
1334 (UNCONST(xlat_ctx_t *, xctx))->rctx = rctx; /* ensure it's there before a resume! */
1335
1336 return xlat_logical_process_arg(ctx, out, xctx, request, in);
1337}
1338
1339
1340static xlat_arg_parser_t const unary_op_xlat_args[] = {
1341 { .required = true, .single = true, .concat = true },
1342 XLAT_ARG_PARSER_TERMINATOR
1343};
1344
1345static xlat_action_t xlat_func_unary_op(TALLOC_CTX *ctx, fr_dcursor_t *out,
1346 UNUSED xlat_ctx_t const *xctx,
1347 request_t *request, fr_value_box_list_t *in, fr_token_t op)
1348{
1349 int rcode;
1350 fr_value_box_t *dst, *group, *vb;
1351
1352 /*
1353 * We do some basic type checks here.
1354 */
1355 group = fr_value_box_list_head(in);
1356 vb = fr_value_box_list_head(&group->vb_group);
1357
1358 /*
1359 * -NULL is an error
1360 * ~NULL is an error
1361 * !NULL is handled by xlat_func_unary_not
1362 */
1363 if (!vb) {
1364 fr_strerror_printf("Input is empty");
1365 return XLAT_ACTION_FAIL;
1366 }
1367
1368 if (!fr_type_is_leaf(vb->type) || fr_type_is_variable_size(vb->type)) {
1369 REDEBUG("Cannot perform operation on data type %s", fr_type_to_str(vb->type));
1370 return XLAT_ACTION_FAIL;
1371 }
1372
1373 MEM(dst = fr_value_box_alloc_null(ctx));
1374
1375 /*
1376 * We rely on this function to do the remainder of the type checking.
1377 */
1378 rcode = fr_value_calc_unary_op(dst, dst, op, vb);
1379 if ((rcode < 0) || fr_type_is_null(dst->type)) {
1380 talloc_free(dst);
1381 return XLAT_ACTION_FAIL;
1382 }
1383
1384 fr_dcursor_append(out, dst);
1385 return XLAT_ACTION_DONE;
1386}
1387
1388
1389static xlat_action_t xlat_func_unary_not(TALLOC_CTX *ctx, fr_dcursor_t *out,
1390 UNUSED xlat_ctx_t const *xctx,
1391 UNUSED request_t *request, fr_value_box_list_t *in)
1392{
1393 fr_value_box_t *dst, *group, *vb;
1394
1395 group = fr_value_box_list_head(in);
1396 vb = fr_value_box_list_head(&group->vb_group);
1397
1398 /*
1399 * Don't call calc_unary_op(), because we want the enum names.
1400 */
1401 MEM(dst = fr_value_box_alloc(ctx, FR_TYPE_BOOL, attr_expr_bool_enum));
1402
1403 /*
1404 * !NULL = true
1405 */
1406 if (!vb) {
1407 dst->vb_bool = true;
1408 } else {
1409 dst->vb_bool = !fr_value_box_is_truthy(vb);
1410 }
1411
1412 fr_dcursor_append(out, dst);
1413 return XLAT_ACTION_DONE;
1414}
1415
1416static xlat_action_t xlat_func_unary_minus(TALLOC_CTX *ctx, fr_dcursor_t *out,
1417 xlat_ctx_t const *xctx,
1418 request_t *request, fr_value_box_list_t *in)
1419{
1420 return xlat_func_unary_op(ctx, out, xctx, request, in, T_SUB);
1421}
1422
1423static xlat_action_t xlat_func_unary_complement(TALLOC_CTX *ctx, fr_dcursor_t *out,
1424 xlat_ctx_t const *xctx,
1425 request_t *request, fr_value_box_list_t *in)
1426{
1427 return xlat_func_unary_op(ctx, out, xctx, request, in, T_COMPLEMENT);
1428}
1429
1430/** Convert XLAT_BOX arguments to XLAT_TMPL
1431 *
1432 * xlat_tokenize() just makes all unknown arguments into XLAT_BOX, of data type FR_TYPE_STRING. Whereas
1433 * xlat_tokenize_expr() calls tmpl_afrom_substr(), which tries hard to create a particular data type.
1434 *
1435 * This function fixes up calls of the form %op_add(3, 4), which normally passes 2 arguments of "3" and "4",
1436 * so that the arguments are instead passed as integers 3 and 4.
1437 *
1438 * This fixup isn't *strictly* necessary, but it's good to have no surprises in the code, if the user creates
1439 * an expression manually.
1440 */
1441static int xlat_function_args_to_tmpl(xlat_inst_ctx_t const *xctx)
1442{
1443 xlat_exp_foreach(xctx->ex->call.args, arg) {
1444 ssize_t slen;
1445 xlat_exp_t *node;
1446 tmpl_t *vpt;
1447
1448 fr_assert(arg->type == XLAT_GROUP);
1449
1450 node = xlat_exp_head(arg->group);
1451 if (!node) continue;
1452 if (node->type != XLAT_BOX) continue;
1453 if (node->data.type != FR_TYPE_STRING) continue;
1454
1455 /*
1456 * Try to parse it. If we can't, leave it for a run-time error.
1457 */
1458 slen = tmpl_afrom_substr(node, &vpt, &FR_SBUFF_IN(node->data.vb_strvalue, node->data.vb_length),
1459 node->quote, NULL, NULL);
1460 if (slen <= 0) continue;
1461 if ((size_t) slen < node->data.vb_length) continue;
1462
1463 /*
1464 * Leave it as XLAT_BOX, but with the (guessed) new data type.
1465 */
1466 fr_value_box_clear(&node->data);
1467 fr_value_box_copy(node, &node->data, tmpl_value(vpt));
1468 talloc_free(vpt);
1469 }
1470
1471 return 0;
1472}
1473
1474static xlat_arg_parser_t const xlat_func_expr_rcode_arg[] = {
1475 { .concat = true, .type = FR_TYPE_STRING },
1476 XLAT_ARG_PARSER_TERMINATOR
1477};
1478
1479/** Holds the result of pre-parsing the rcode on startup
1480 */
1481typedef struct {
1482 rlm_rcode_t rcode; //!< The preparsed rcode.
1483} xlat_rcode_inst_t;
1484
1485/** Convert static expr_rcode arguments into rcodes
1486 *
1487 * This saves doing the lookup at runtime, which given how frequently this xlat is used
1488 * could get quite expensive.
1489 */
1490static int xlat_instantiate_expr_rcode(xlat_inst_ctx_t const *xctx)
1491{
1492 xlat_rcode_inst_t *inst = talloc_get_type_abort(xctx->inst, xlat_rcode_inst_t);
1493 xlat_exp_t *arg;
1494 xlat_exp_t *rcode_arg;
1495 fr_value_box_t *rcode;
1496
1497 /*
1498 * If it's literal data, then we can pre-resolve it to
1499 * a rcode now, and skip that at runtime.
1500 */
1501 arg = xlat_exp_head(xctx->ex->call.args);
1502 fr_assert(arg->type == XLAT_GROUP);
1503
1504 /*
1505 * We can only pre-parse if this if the value is
1506 * in a single box...
1507 */
1508 if (fr_dlist_num_elements(&arg->group->dlist) != 1) return 0;
1509 rcode_arg = xlat_exp_head(arg->group);
1510
1511 /*
1512 * We can only pre-parse is this is a static value.
1513 */
1514 if (rcode_arg->type != XLAT_BOX) return 0;
1515
1516 rcode = &rcode_arg->data;
1517
1518 switch (rcode->type) {
1519 case FR_TYPE_STRING:
1520 inst->rcode = fr_table_value_by_str(rcode_table, rcode->vb_strvalue, RLM_MODULE_NOT_SET);
1521 if (inst->rcode == RLM_MODULE_NOT_SET) {
1522 unknown:
1523 ERROR("Unknown rcode '%pV'", rcode);
1524 return -1;
1525 }
1526 break;
1527
1528 case FR_TYPE_INT8:
1529 case FR_TYPE_INT16:
1530 case FR_TYPE_INT32:
1531 case FR_TYPE_INT64:
1532 case FR_TYPE_UINT16:
1533 case FR_TYPE_UINT32:
1534 case FR_TYPE_UINT64:
1535 case FR_TYPE_SIZE:
1536 if (fr_value_box_cast_in_place(rcode_arg, rcode, FR_TYPE_UINT8, NULL) < 0) {
1537 invalid:
1538 ERROR("Invalid value for rcode '%pV'", rcode);
1539 return -1;
1540 }
1541 FALL_THROUGH;
1542
1543 case FR_TYPE_UINT8:
1544 if (rcode->vb_uint8 >= RLM_MODULE_NUMCODES) goto invalid;
1545 inst->rcode = rcode->vb_uint8;
1546 break;
1547
1548 default:
1549 goto unknown;
1550 }
1551
1552 /*
1553 * No point in creating useless boxes at runtime,
1554 * nuke the argument now.
1555 */
1556 (void) fr_dlist_remove(&xctx->ex->call.args->dlist, arg);
1557 talloc_free(arg);
1558
1559 return 0;
1560}
1561
1562static fr_slen_t xlat_expr_print_rcode(fr_sbuff_t *out, xlat_exp_t const *node, void *instance, UNUSED fr_sbuff_escape_rules_t const *e_rules)
1563{
1564 size_t at_in = fr_sbuff_used_total(out);
1565 xlat_rcode_inst_t *inst = instance;
1566
1567 FR_SBUFF_IN_STRCPY_LITERAL_RETURN(out, "%expr.rcode('");
1568 if (xlat_exp_head(node->call.args)) {
1569 ssize_t slen;
1570
1571 xlat_exp_foreach(node->call.args, child) {
1572 slen = xlat_print_node(out, node->call.args, child, NULL, 0);
1573 if (slen < 0) return slen;
1574 }
1575 } else {
1576 FR_SBUFF_IN_STRCPY_RETURN(out, fr_table_str_by_value(rcode_table, inst->rcode, "<INVALID>"));
1577 }
1578 FR_SBUFF_IN_STRCPY_LITERAL_RETURN(out, "')");
1579
1580 return fr_sbuff_used_total(out) - at_in;
1581}
1582
1583/** Match the passed rcode against request->rcode
1584 *
1585 * Example:
1586@verbatim
1587%expr.rcode('handled') == true
1588
1589# ...or how it's used normally used
1590if (handled) {
1591 ...
1592}
1593@endverbatim
1594 *
1595 * @ingroup xlat_functions
1596 */
1597static xlat_action_t xlat_func_expr_rcode(TALLOC_CTX *ctx, fr_dcursor_t *out,
1598 xlat_ctx_t const *xctx,
1599 request_t *request, fr_value_box_list_t *args)
1600{
1601 xlat_rcode_inst_t const *inst = talloc_get_type_abort_const(xctx->inst, xlat_rcode_inst_t);
1602 fr_value_box_t *arg_rcode;
1603 rlm_rcode_t rcode;
1604 fr_value_box_t *vb;
1605
1606 /*
1607 * If we have zero args, it's because the instantiation
1608 * function consumed them. om nom nom.
1609 */
1610 if (fr_value_box_list_num_elements(args) == 0) {
1611 fr_assert(inst->rcode != RLM_MODULE_NOT_SET);
1612 rcode = inst->rcode;
1613 } else {
1614 XLAT_ARGS(args, &arg_rcode);
1615 rcode = fr_table_value_by_str(rcode_table, arg_rcode->vb_strvalue, RLM_MODULE_NOT_SET);
1616 if (rcode == RLM_MODULE_NOT_SET) {
1617 REDEBUG("Invalid rcode '%pV'", arg_rcode);
1618 return XLAT_ACTION_FAIL;
1619 }
1620 }
1621
1622 RDEBUG3("Request rcode is '%s'",
1623 fr_table_str_by_value(rcode_table, request->rcode, "<INVALID>"));
1624
1625 MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_BOOL, attr_expr_bool_enum));
1626 fr_dcursor_append(out, vb);
1627 vb->vb_bool = (request->rcode == rcode);
1628
1629 return XLAT_ACTION_DONE;
1630}
1631
1632/** Takes no arguments
1633 */
1634static xlat_arg_parser_t const xlat_func_rcode_arg[] = {
1635 XLAT_ARG_PARSER_TERMINATOR, /* Coverity gets tripped up by only having a single entry here */
1636 XLAT_ARG_PARSER_TERMINATOR
1637};
1638
1639/** Return the current rcode as a string
1640 *
1641 * Example:
1642@verbatim
1643"%rcode()" == "handled"
1644@endverbatim
1645 *
1646 * @ingroup xlat_functions
1647 */
1648static xlat_action_t xlat_func_rcode(TALLOC_CTX *ctx, fr_dcursor_t *out,
1649 UNUSED xlat_ctx_t const *xctx,
1650 request_t *request, UNUSED fr_value_box_list_t *args)
1651{
1652 fr_value_box_t *vb;
1653
1654 /*
1655 * FIXME - This should really be an enum
1656 */
1657 MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_STRING, NULL));
1658 if (fr_value_box_strdup(vb, vb, NULL, fr_table_str_by_value(rcode_table, request->rcode, "<INVALID>"), false) < 0) {
1659 talloc_free(vb);
1660 return XLAT_ACTION_FAIL;
1661 }
1662 fr_dcursor_append(out, vb);
1663
1664 return XLAT_ACTION_DONE;
1665}
1666
1667typedef struct {
1668 tmpl_t const *vpt; //!< the attribute reference
1669 xlat_exp_head_t *xlat; //!< the xlat which needs expanding
1670} xlat_exists_inst_t;
1671
1672typedef struct {
1673 bool last_success;
1674 fr_value_box_list_t list;
1675} xlat_exists_rctx_t;
1676
1677static xlat_arg_parser_t const xlat_func_exists_arg[] = {
1678 { .concat = true, .type = FR_TYPE_STRING },
1679 XLAT_ARG_PARSER_TERMINATOR
1680};
1681
1682/*
1683 * We just print the xlat as-is.
1684 */
1685static fr_slen_t xlat_expr_print_exists(fr_sbuff_t *out, xlat_exp_t const *node, void *instance, fr_sbuff_escape_rules_t const *e_rules)
1686{
1687 size_t at_in = fr_sbuff_used_total(out);
1688 xlat_exists_inst_t *inst = instance;
1689
1690 if (inst->xlat) {
1691 xlat_print(out, inst->xlat, e_rules);
1692 } else {
1693 xlat_print_node(out, node->call.args, xlat_exp_head(node->call.args), e_rules, 0);
1694 }
1695
1696 return fr_sbuff_used_total(out) - at_in;
1697}
1698
1699/*
1700 * Don't expand the argument if it's already an attribute reference.
1701 */
1702static int xlat_instantiate_exists(xlat_inst_ctx_t const *xctx)
1703{
1704 xlat_exists_inst_t *inst = talloc_get_type_abort(xctx->inst, xlat_exists_inst_t);
1705 xlat_exp_t *arg, *xlat;
1706
1707 arg = xlat_exp_head(xctx->ex->call.args);
1708 (void) fr_dlist_remove(&xctx->ex->call.args->dlist, arg);
1709
1710 fr_assert(arg->type == XLAT_GROUP);
1711 xlat = xlat_exp_head(arg->group);
1712
1713 inst->xlat = talloc_steal(inst, arg->group);
1714 talloc_free(arg);
1715
1716 /*
1717 * If it's an attribute, we can cache a reference to it.
1718 */
1719 if ((xlat->type == XLAT_TMPL) && (tmpl_contains_attr(xlat->vpt))) {
1720 inst->vpt = xlat->vpt;
1721 }
1722
1723 return 0;
1724}
1725
1726static xlat_action_t xlat_attr_exists(TALLOC_CTX *ctx, fr_dcursor_t *out,
1727 request_t *request, tmpl_t const *vpt, bool do_free)
1728{
1729 fr_pair_t *vp;
1730 fr_value_box_t *dst;
1731 fr_dcursor_t cursor;
1732 tmpl_dcursor_ctx_t cc;
1733
1734 MEM(dst = fr_value_box_alloc(ctx, FR_TYPE_BOOL, attr_expr_bool_enum));
1735
1736 vp = tmpl_dcursor_init(NULL, NULL, &cc, &cursor, request, vpt);
1737 dst->vb_bool = (vp != NULL);
1738
1739 if (do_free) talloc_const_free(vpt);
1740 tmpl_dcursor_clear(&cc);
1741 fr_dcursor_append(out, dst);
1742 return XLAT_ACTION_DONE;
1743}
1744
1745static xlat_action_t xlat_exists_resume(TALLOC_CTX *ctx, fr_dcursor_t *out,
1746 xlat_ctx_t const *xctx,
1747 request_t *request, UNUSED fr_value_box_list_t *in)
1748{
1749 xlat_exists_rctx_t *rctx = talloc_get_type_abort(xctx->rctx, xlat_exists_rctx_t);
1750 ssize_t slen;
1751 tmpl_t *vpt;
1752 fr_value_box_t *vb;
1753 fr_sbuff_t *agg;
1754
1755 FR_SBUFF_TALLOC_THREAD_LOCAL(&agg, 256, 8192);
1756
1757 /*
1758 * If the expansions fails, then we fail the entire thing.
1759 */
1760 if (!rctx->last_success) {
1761 fail:
1762 talloc_free(rctx);
1763 return XLAT_ACTION_FAIL;
1764 }
1765
1766 /*
1767 * Because we expanded the RHS ourselves, the "concat"
1768 * flag to the RHS argument is ignored. So we just
1769 * concatenate it here. We escape the various untrusted inputs.
1770 */
1771 if (fr_value_box_list_concat_as_string(NULL, NULL, agg, &rctx->list, NULL, 0, NULL,
1772 FR_VALUE_BOX_LIST_FREE_BOX, 0, true) < 0) {
1773 RPEDEBUG("Failed concatenating attribute name string");
1774 return XLAT_ACTION_FAIL;
1775 }
1776
1777 vb = fr_value_box_list_head(&rctx->list);
1778
1779 slen = tmpl_afrom_attr_str(ctx, NULL, &vpt, vb->vb_strvalue,
1780 &(tmpl_rules_t) {
1781 .attr = {
1782 .dict_def = request->dict,
1783 .request_def = &tmpl_request_def_current,
1784 .list_def = request_attr_request,
1785 .prefix = TMPL_ATTR_REF_PREFIX_AUTO,
1786 .allow_unknown = false,
1787 .allow_unresolved = false,
1788 },
1789 });
1790 if (slen <= 0) goto fail;
1791
1792 talloc_free(rctx); /* no longer needed */
1793 return xlat_attr_exists(ctx, out, request, vpt, true);
1794}
1795
1796/** See if a named attribute exists
1797 *
1798 * Example:
1799@verbatim
1800"%{exists:&Foo}" == true
1801@endverbatim
1802 *
1803 * @ingroup xlat_functions
1804 */
1805static xlat_action_t xlat_func_exists(TALLOC_CTX *ctx, fr_dcursor_t *out,
1806 xlat_ctx_t const *xctx,
1807 request_t *request, UNUSED fr_value_box_list_t *in)
1808{
1809 xlat_exists_inst_t const *inst = talloc_get_type_abort_const(xctx->inst, xlat_exists_inst_t);
1810 xlat_exists_rctx_t *rctx;
1811
1812 /*
1813 * We return "true" if the attribute exists. Otherwise we return "false".
1814 *
1815 * Except for virtual attributes. If we're testing for
1816 * their existence, we always return "true".
1817 */
1818 if (inst->vpt) {
1819 return xlat_attr_exists(ctx, out, request, inst->vpt, false);
1820 }
1821
1822 /*
1823 * Expand the xlat into a string.
1824 */
1825 MEM(rctx = talloc_zero(unlang_interpret_frame_talloc_ctx(request), xlat_exists_rctx_t));
1826 fr_value_box_list_init(&rctx->list);
1827
1828 if (unlang_xlat_yield(request, xlat_exists_resume, NULL, 0, rctx) != XLAT_ACTION_YIELD) {
1829 fail:
1830 talloc_free(rctx);
1831 return XLAT_ACTION_FAIL;
1832 }
1833
1834 if (unlang_xlat_push(ctx, &rctx->last_success, &rctx->list,
1835 request, inst->xlat, UNLANG_SUB_FRAME) < 0) goto fail;
1836
1837 return XLAT_ACTION_PUSH_UNLANG;
1838}
1839
1840#undef XLAT_REGISTER_BINARY_OP
1841#define XLAT_REGISTER_BINARY_OP(_op, _name) \
1842do { \
1843 if (unlikely((xlat = xlat_func_register(NULL, "op_" STRINGIFY(_name), xlat_func_op_ ## _name, FR_TYPE_VOID)) == NULL)) return -1; \
1844 xlat_func_args_set(xlat, binary_op_xlat_args); \
1845 xlat_func_flags_set(xlat, XLAT_FUNC_FLAG_PURE | XLAT_FUNC_FLAG_INTERNAL); \
1846 xlat_func_print_set(xlat, xlat_expr_print_binary); \
1847 xlat_func_instantiate_set(xlat, xlat_function_args_to_tmpl, NULL, NULL, NULL); \
1848 xlat->token = _op; \
1849} while (0)
1850
1851#undef XLAT_REGISTER_BINARY_CMP
1852#define XLAT_REGISTER_BINARY_CMP(_op, _name) \
1853do { \
1854 if (unlikely((xlat = xlat_func_register(NULL, "cmp_" STRINGIFY(_name), xlat_func_cmp_ ## _name, FR_TYPE_BOOL)) == NULL)) return -1; \
1855 xlat_func_args_set(xlat, binary_cmp_xlat_args); \
1856 xlat_func_flags_set(xlat, XLAT_FUNC_FLAG_PURE | XLAT_FUNC_FLAG_INTERNAL); \
1857 xlat_func_print_set(xlat, xlat_expr_print_binary); \
1858 xlat_func_resolve_set(xlat, xlat_expr_resolve_binary); \
1859 xlat->token = _op; \
1860} while (0)
1861
1862#undef XLAT_REGISTER_NARY_OP
1863#define XLAT_REGISTER_NARY_OP(_op, _name, _func_name) \
1864do { \
1865 if (unlikely((xlat = xlat_func_register(NULL, STRINGIFY(_name), xlat_func_ ## _func_name, FR_TYPE_VOID)) == NULL)) return -1; \
1866 xlat_func_instantiate_set(xlat, xlat_instantiate_ ## _func_name, xlat_ ## _func_name ## _inst_t, NULL, NULL); \
1867 xlat_func_flags_set(xlat, XLAT_FUNC_FLAG_PURE | XLAT_FUNC_FLAG_INTERNAL); \
1868 xlat_func_print_set(xlat, xlat_expr_print_nary); \
1869 xlat_purify_func_set(xlat, xlat_expr_logical_purify); \
1870 xlat->token = _op; \
1871} while (0)
1872
1873#undef XLAT_REGISTER_REGEX_OP
1874#define XLAT_REGISTER_REGEX_OP(_op, _name) \
1875do { \
1876 if (unlikely((xlat = xlat_func_register(NULL, STRINGIFY(_name), xlat_func_ ## _name, FR_TYPE_VOID)) == NULL)) return -1; \
1877 xlat_func_args_set(xlat, regex_op_xlat_args); \
1878 xlat_func_flags_set(xlat, XLAT_FUNC_FLAG_PURE | XLAT_FUNC_FLAG_INTERNAL); \
1879 xlat_func_instantiate_set(xlat, xlat_instantiate_regex, xlat_regex_inst_t, NULL, NULL); \
1880 xlat_func_print_set(xlat, xlat_expr_print_regex); \
1881 xlat->token = _op; \
1882} while (0)
1883
1884#define XLAT_REGISTER_BOOL(_xlat, _func, _arg, _ret_type) \
1885do { \
1886 if (unlikely((xlat = xlat_func_register(NULL, _xlat, _func, _ret_type)) == NULL)) return -1; \
1887 xlat_func_args_set(xlat, _arg); \
1888 xlat_func_flags_set(xlat, XLAT_FUNC_FLAG_INTERNAL); \
1889} while (0)
1890
1891#define XLAT_REGISTER_UNARY(_op, _xlat, _func) \
1892do { \
1893 if (unlikely((xlat = xlat_func_register(NULL, _xlat, _func, FR_TYPE_VOID)) == NULL)) return -1; \
1894 xlat_func_args_set(xlat, unary_op_xlat_args); \
1895 xlat_func_flags_set(xlat, XLAT_FUNC_FLAG_PURE | XLAT_FUNC_FLAG_INTERNAL); \
1896 xlat_func_print_set(xlat, xlat_expr_print_unary); \
1897 xlat->token = _op; \
1898} while (0)
1899
1900int xlat_register_expressions(void)
1901{
1902 xlat_t *xlat;
1903
1904 XLAT_REGISTER_BINARY_OP(T_ADD, add);
1905 XLAT_REGISTER_BINARY_OP(T_SUB, sub);
1906 XLAT_REGISTER_BINARY_OP(T_MUL, mul);
1907 XLAT_REGISTER_BINARY_OP(T_DIV, div);
1908 XLAT_REGISTER_BINARY_OP(T_MOD, mod);
1909 XLAT_REGISTER_BINARY_OP(T_AND, and);
1910 XLAT_REGISTER_BINARY_OP(T_OR, or);
1911 XLAT_REGISTER_BINARY_OP(T_XOR, xor);
1912 XLAT_REGISTER_BINARY_OP(T_RSHIFT, rshift);
1913 XLAT_REGISTER_BINARY_OP(T_LSHIFT, lshift);
1914
1915 XLAT_REGISTER_BINARY_CMP(T_OP_CMP_EQ, eq);
1916 XLAT_REGISTER_BINARY_CMP(T_OP_NE, ne);
1917 XLAT_REGISTER_BINARY_CMP(T_OP_LT, lt);
1918 XLAT_REGISTER_BINARY_CMP(T_OP_LE, le);
1919 XLAT_REGISTER_BINARY_CMP(T_OP_GT, gt);
1920 XLAT_REGISTER_BINARY_CMP(T_OP_GE, ge);
1921 XLAT_REGISTER_BINARY_CMP(T_OP_CMP_EQ_TYPE, eq_type);
1922 XLAT_REGISTER_BINARY_CMP(T_OP_CMP_NE_TYPE, ne_type);
1923
1924 XLAT_REGISTER_REGEX_OP(T_OP_REG_EQ, reg_eq);
1925 XLAT_REGISTER_REGEX_OP(T_OP_REG_NE, reg_ne);
1926
1927 /*
1928 * &&, ||
1929 *
1930 * @todo - remove tmpl_resolve() from tokenize_field(), and add xlat_resolve_logical_or() / xlat_resolve_logical_and()
1931 * functions which do partial resolution.
1932 */
1933 XLAT_REGISTER_NARY_OP(T_LAND, logical_and, logical);
1934 XLAT_REGISTER_NARY_OP(T_LOR, logical_or, logical);
1935
1936 XLAT_REGISTER_BOOL("expr.rcode", xlat_func_expr_rcode, xlat_func_expr_rcode_arg, FR_TYPE_BOOL);
1937 xlat_func_instantiate_set(xlat, xlat_instantiate_expr_rcode, xlat_rcode_inst_t, NULL, NULL);
1938 xlat_func_print_set(xlat, xlat_expr_print_rcode);
1939
1940 XLAT_REGISTER_BOOL("exists", xlat_func_exists, xlat_func_exists_arg, FR_TYPE_BOOL);
1941 xlat_func_instantiate_set(xlat, xlat_instantiate_exists, xlat_exists_inst_t, NULL, NULL);
1942 xlat_func_print_set(xlat, xlat_expr_print_exists);
1943
1944 if (unlikely((xlat = xlat_func_register(NULL, "rcode", xlat_func_rcode, FR_TYPE_STRING)) == NULL)) return -1;
1945 xlat_func_args_set(xlat, xlat_func_rcode_arg);
1946 xlat_func_flags_set(xlat, XLAT_FUNC_FLAG_INTERNAL);
1947
1948 /*
1949 * -EXPR
1950 * ~EXPR
1951 * !EXPR
1952 */
1953 XLAT_REGISTER_UNARY(T_SUB, "unary_minus", xlat_func_unary_minus);
1954 XLAT_REGISTER_UNARY(T_COMPLEMENT, "unary_complement", xlat_func_unary_complement);
1955 XLAT_REGISTER_UNARY(T_NOT, "unary_not", xlat_func_unary_not);
1956
1957 return 0;
1958}
1959
1960/*
1961 * Must use the same names as above.
1962 */
1963static const fr_sbuff_term_elem_t binary_ops[T_TOKEN_LAST] = {
1964 [ T_ADD ] = L("op_add"),
1965 [ T_SUB ] = L("op_sub"),
1966 [ T_MUL ] = L("op_mul"),
1967 [ T_DIV ] = L("op_div"),
1968 [ T_MOD ] = L("op_mod"),
1969 [ T_AND ] = L("op_and"),
1970 [ T_OR ] = L("op_or"),
1971 [ T_XOR ] = L("op_xor"),
1972 [ T_RSHIFT ] = L("op_rshift"),
1973 [ T_LSHIFT ] = L("op_lshift"),
1974
1975 [ T_LAND ] = L("logical_and"),
1976 [ T_LOR ] = L("logical_or"),
1977
1978 [ T_OP_CMP_EQ ] = L("cmp_eq"),
1979 [ T_OP_NE ] = L("cmp_ne"),
1980 [ T_OP_LT ] = L("cmp_lt"),
1981 [ T_OP_LE ] = L("cmp_le"),
1982 [ T_OP_GT ] = L("cmp_gt"),
1983 [ T_OP_GE ] = L("cmp_ge"),
1984
1985 [ T_OP_CMP_EQ_TYPE ] = L("cmp_eq_type"),
1986 [ T_OP_CMP_NE_TYPE ] = L("cmp_ne_type"),
1987
1988 [ T_OP_REG_EQ ] = L("reg_eq"),
1989 [ T_OP_REG_NE ] = L("reg_ne"),
1990};
1991
1992/*
1993 * Which are logical operations
1994 */
1995static const bool logical_ops[T_TOKEN_LAST] = {
1996 [T_LAND] = true,
1997 [T_LOR] = true,
1998};
1999
2000/*
2001 * These operators can take multiple arguments.
2002 */
2003static const bool multivalue_ops[T_TOKEN_LAST] = {
2004 [T_LAND] = true,
2005 [T_LOR] = true,
2006};
2007
2008/*
2009 * Allow for BEDMAS ordering. Gross ordering is first number,
2010 * fine ordering is second number. Unused operators are assigned as zero.
2011 *
2012 * Larger numbers are higher precedence.
2013 */
2014#define P(_x, _y) (((_x) << 4) | (_y))
2015
2016static const int precedence[T_TOKEN_LAST] = {
2017 [T_INVALID] = 0,
2018
2019 /*
2020 * Assignment operators go here as P(1,n)
2021 *
2022 * += -= *= /= %= <<= >>= &= ^= |=
2023 *
2024 * We want the output of the assignment operators to be the result of the assignment. This means
2025 * that the assignments can really only be done for simple attributes, and not tmpls with filters
2026 * which select multiple attributes.
2027 *
2028 * Which (for now) means that we likely want to disallow assignments in expressions. That's
2029 * fine, as this isn't C, and we're not sure that it makes sense to do something like:
2030 *
2031 * if ((&foo += 5) > 60) ...
2032 *
2033 * Or maybe it does. Who knows?
2034 */
2035
2036 [T_LOR] = P(2,0),
2037 [T_LAND] = P(2,1),
2038
2039 [T_OR] = P(3,0),
2040 [T_XOR] = P(3,1),
2041 [T_AND] = P(3,2),
2042
2043 [T_OP_REG_EQ] = P(4,0),
2044 [T_OP_REG_NE] = P(4,0),
2045
2046 [T_OP_CMP_EQ] = P(4,1),
2047 [T_OP_NE] = P(4,1),
2048
2049 [T_OP_CMP_EQ_TYPE] = P(4,1),
2050 [T_OP_CMP_NE_TYPE] = P(4,1),
2051
2052 [T_OP_LT] = P(5,0),
2053 [T_OP_LE] = P(5,0),
2054 [T_OP_GT] = P(5,0),
2055 [T_OP_GE] = P(5,0),
2056
2057 [T_RSHIFT] = P(6,0),
2058 [T_LSHIFT] = P(6,0),
2059
2060 [T_SUB] = P(7,0),
2061 [T_ADD] = P(7,1),
2062
2063 [T_MOD] = P(8,0),
2064 [T_MUL] = P(8,1),
2065 [T_DIV] = P(8,2),
2066
2067 [T_LBRACE] = P(10,0),
2068};
2069
2070#define fr_sbuff_skip_whitespace(_x) \
2071 do { \
2072 while (isspace((uint8_t) fr_sbuff_char(_x, '\0'))) fr_sbuff_advance(_x, 1); \
2073 } while (0)
2074
2075static ssize_t tokenize_expression(xlat_exp_head_t *head, xlat_exp_t **out, fr_sbuff_t *in,
2076 fr_sbuff_parse_rules_t const *p_rules, tmpl_rules_t const *t_rules,
2077 fr_token_t prev, fr_sbuff_parse_rules_t const *bracket_rules,
2078 fr_sbuff_parse_rules_t const *input_rules, bool cond);
2079
2080static ssize_t tokenize_field(xlat_exp_head_t *head, xlat_exp_t **out, fr_sbuff_t *in,
2081 fr_sbuff_parse_rules_t const *p_rules, tmpl_rules_t const *t_rules,
2082 fr_sbuff_parse_rules_t const *bracket_rules, char *out_c, bool cond);
2083
2084static fr_table_num_sorted_t const expr_quote_table[] = {
2085 { L("\""), T_DOUBLE_QUOTED_STRING }, /* Don't re-order, backslash throws off ordering */
2086 { L("'"), T_SINGLE_QUOTED_STRING },
2087 { L("/"), T_SOLIDUS_QUOTED_STRING },
2088 { L("`"), T_BACK_QUOTED_STRING }
2089};
2090static size_t expr_quote_table_len = NUM_ELEMENTS(expr_quote_table);
2091
2092
2093/*
2094 * Look for prefix operators
2095 *
2096 * + = ignore
2097 * - = unary_minus(next)
2098 * ! = unary_not(next)
2099 * ~ = unary_xor(0, next)
2100 * (expr) = recurse, and parse expr
2101 *
2102 * as a special case, <type> is a cast. Which lets us know how
2103 * to parse the next thing we get. Otherwise, parse the thing as
2104 * int64_t.
2105 */
2106static fr_slen_t tokenize_unary(xlat_exp_head_t *head, xlat_exp_t **out, fr_sbuff_t *in,
2107 fr_sbuff_parse_rules_t const *p_rules, tmpl_rules_t const *t_rules,
2108 fr_sbuff_parse_rules_t const *bracket_rules, char *out_c, bool cond)
2109{
2110 xlat_exp_t *node = NULL, *unary = NULL;
2111 xlat_t *func = NULL;
2112 fr_sbuff_t our_in = FR_SBUFF(in);
2113 char c = '\0';
2114
2115 XLAT_DEBUG("UNARY <-- %pV", fr_box_strvalue_len(fr_sbuff_current(in), fr_sbuff_remaining(in)));
2116
2117 /*
2118 * Handle !-~ by adding a unary function to the xlat
2119 * node, with the first argument being the _next_ thing
2120 * we allocate.
2121 */
2122 if (fr_sbuff_next_if_char(&our_in, '!')) { /* unary not */
2123 func = xlat_func_find("unary_not", 9);
2124 fr_assert(func != NULL);
2125 c = '!';
2126 goto check_for_double;
2127
2128 }
2129 else if (fr_sbuff_next_if_char(&our_in, '-')) { /* unary minus */
2130 fr_sbuff_skip_whitespace(&our_in);
2131
2132 /*
2133 * -4 is a number, not minus(4).
2134 */
2135 if (fr_sbuff_is_digit(&our_in)) goto field;
2136
2137 func = xlat_func_find("unary_minus", 11);
2138 fr_assert(func != NULL);
2139 c = '-';
2140 goto check_for_double;
2141
2142 }
2143 else if (fr_sbuff_next_if_char(&our_in, '~')) { /* unary complement */
2144 func = xlat_func_find("unary_complement", 16);
2145 fr_assert(func != NULL);
2146 c = '~';
2147 goto check_for_double;
2148
2149 }
2150 else if (fr_sbuff_next_if_char(&our_in, '+')) { /* ignore unary + */
2151 c = '+';
2152
2153 check_for_double:
2154 fr_sbuff_skip_whitespace(&our_in);
2155 fr_sbuff_skip_whitespace(&our_in);
2156 if (fr_sbuff_is_char(&our_in, c)) {
2157 fr_strerror_const("Double operator is invalid");
2158 FR_SBUFF_ERROR_RETURN(&our_in);
2159 }
2160 }
2161
2162 /*
2163 * Maybe we have a unary not / etc. If so, make sure
2164 * that we return that, and not the child node
2165 */
2166 if (!func) {
2167 field:
2168 return tokenize_field(head, out, in, p_rules, t_rules, bracket_rules, out_c, cond);
2169 }
2170
2171 /*
2172 * Tokenize_field may reset this if the operation is wrapped inside of another expression.
2173 */
2174 *out_c = c;
2175
2176 MEM(unary = xlat_exp_alloc(head, XLAT_FUNC, fr_tokens[func->token], strlen(fr_tokens[func->token])));
2177 unary->call.func = func;
2178 unary->call.dict = t_rules->attr.dict_def;
2179 unary->flags = func->flags;
2180 unary->flags.impure_func = !func->flags.pure;
2181
2182 if (tokenize_field(unary->call.args, &node, &our_in, p_rules, t_rules, bracket_rules, out_c, (c == '!')) <= 0) {
2183 talloc_free(unary);
2184 FR_SBUFF_ERROR_RETURN(&our_in);
2185 }
2186
2187 if (!node) {
2188 fr_strerror_const("Empty expression is invalid");
2189 FR_SBUFF_ERROR_RETURN(&our_in);
2190 }
2191
2192 xlat_func_append_arg(unary, node, (c == '!'));
2193 unary->flags.can_purify = (unary->call.func->flags.pure && unary->call.args->flags.pure) | unary->call.args->flags.can_purify;
2194
2195 /*
2196 * Don't add it to head->flags, that will be done when it's actually inserted.
2197 */
2198
2199 *out = unary;
2200
2201 FR_SBUFF_SET_RETURN(in, &our_in);
2202}
2203
2204/** Allocate a specific cast node.
2205 *
2206 * With the first argument being a UINT8 of the data type.
2207 * See xlat_func_cast() for the implementation.
2208 *
2209 */
2210static xlat_exp_t *expr_cast_alloc(TALLOC_CTX *ctx, fr_type_t type)
2211{
2212 xlat_exp_t *cast, *node;
2213
2214 /*
2215 * Create a "cast" node. The first argument is a UINT8 value-box of the cast type. The RHS is
2216 * whatever "node" comes next.
2217 */
2218 MEM(cast = xlat_exp_alloc(ctx, XLAT_FUNC, "cast", 4));
2219 MEM(cast->call.func = xlat_func_find("cast", 4));
2220 // no need to set dict here
2221 fr_assert(cast->call.func != NULL);
2222 cast->flags = cast->call.func->flags;
2223
2224 /*
2225 * Create argv[0] UINT8, with "Cast-Base" as
2226 * the "da". This allows the printing routines
2227 * to print the name of the type, and not the
2228 * number.
2229 */
2230 MEM(node = xlat_exp_alloc(cast, XLAT_BOX, NULL, 0));
2231 node->flags.constant = true;
2232 {
2233 char const *type_name = fr_table_str_by_value(fr_type_table, type, "<INVALID>");
2234 xlat_exp_set_name(node, type_name, strlen(type_name));
2235 }
2236
2237 fr_value_box_init(&node->data, FR_TYPE_UINT8, attr_cast_base, false);
2238 node->data.vb_uint8 = type;
2239
2240 xlat_func_append_arg(cast, node, false);
2241
2242 return cast;
2243}
2244
2245static fr_slen_t expr_cast_from_substr(fr_type_t *cast, fr_sbuff_t *in)
2246{
2247 fr_sbuff_t our_in = FR_SBUFF(in);
2248 fr_sbuff_marker_t m;
2249 ssize_t slen;
2250
2251 if (!fr_sbuff_next_if_char(&our_in, '(')) {
2252 no_cast:
2253 *cast = FR_TYPE_NULL;
2254 return 0;
2255 }
2256
2257 fr_sbuff_marker(&m, &our_in);
2258 fr_sbuff_out_by_longest_prefix(&slen, cast, fr_type_table, &our_in, FR_TYPE_NULL);
2259
2260 /*
2261 * We didn't read anything, there's no cast.
2262 */
2263 if (fr_sbuff_diff(&our_in, &m) == 0) goto no_cast;
2264
2265 if (!fr_sbuff_next_if_char(&our_in, ')')) goto no_cast;
2266
2267 if (fr_type_is_null(*cast)) {
2268 fr_strerror_printf("Invalid data type in cast");
2269 FR_SBUFF_ERROR_RETURN(&m);
2270 }
2271
2272 if (!fr_type_is_leaf(*cast)) {
2273 fr_strerror_printf("Invalid data type '%s' in cast", fr_type_to_str(*cast));
2274 FR_SBUFF_ERROR_RETURN(&our_in);
2275 }
2276
2277 fr_sbuff_adv_past_whitespace(&our_in, SIZE_MAX, NULL);
2278
2279 FR_SBUFF_SET_RETURN(in, &our_in);
2280}
2281
2282/*
2283 * Tokenize the RHS of a regular expression.
2284 */
2285static fr_slen_t tokenize_regex_rhs(xlat_exp_head_t *head, xlat_exp_t **out, fr_sbuff_t *in,
2286 tmpl_rules_t const *t_rules,
2287 fr_sbuff_parse_rules_t const *bracket_rules)
2288{
2289 ssize_t slen;
2290 xlat_exp_t *node = NULL;
2291 fr_sbuff_t our_in = FR_SBUFF(in);
2292 fr_sbuff_marker_t opand_m, flag;
2293 tmpl_t *vpt;
2294 fr_token_t quote = T_SOLIDUS_QUOTED_STRING;
2295
2296 XLAT_DEBUG("REGEX_RHS <-- %pV", fr_box_strvalue_len(fr_sbuff_current(in), fr_sbuff_remaining(in)));
2297
2298 fr_sbuff_skip_whitespace(&our_in);
2299
2300 /*
2301 * Record where the operand begins for better error offsets later
2302 */
2303 fr_sbuff_marker(&opand_m, &our_in);
2304
2305 /*
2306 * Regexes cannot have casts or sub-expressions.
2307 */
2308 if (!fr_sbuff_next_if_char(&our_in, '/')) {
2309 /*
2310 * Allow for m'...' ala Perl
2311 */
2312 if (!fr_sbuff_is_str(&our_in, "m'", 2)) {
2313 fr_strerror_const("Expected regular expression");
2314 goto error;
2315 }
2316
2317 fr_sbuff_advance(&our_in, 2);
2318 quote = T_SINGLE_QUOTED_STRING;
2319 }
2320
2321 /*
2322 * Allocate the xlat node now so the talloc hierarchy is correct
2323 */
2324 MEM(node = xlat_exp_alloc(head, XLAT_TMPL, NULL, 0));
2325
2326 /*
2327 * tmpl_afrom_substr does pretty much all the work of parsing the operand. Note that we pass '/'
2328 * as the quote, so that the tmpl gets parsed as a regex.
2329 */
2330 (void) tmpl_afrom_substr(node, &vpt, &our_in, T_SOLIDUS_QUOTED_STRING, value_parse_rules_quoted[quote], t_rules);
2331 if (!vpt) {
2332 error:
2333 talloc_free(node);
2334 FR_SBUFF_ERROR_RETURN(&our_in);
2335 }
2336
2337 /*
2338 * @todo - allow for the RHS to be an attribute, too?
2339 */
2340
2341 /*
2342 * It would be nice if tmpl_afrom_substr() did this :(
2343 */
2344 if (!fr_sbuff_next_if_char(&our_in, fr_token_quote[quote])) {
2345 fr_strerror_const("Unterminated regular expression");
2346 goto error;
2347 }
2348
2349 /*
2350 * Remember where the flags start
2351 */
2352 fr_sbuff_marker(&flag, &our_in);
2353 if (tmpl_regex_flags_substr(vpt, &our_in, bracket_rules->terminals) < 0) {
2354 talloc_free(node);
2355 FR_SBUFF_ERROR_RETURN(&our_in);
2356 }
2357
2358 fr_sbuff_skip_whitespace(&our_in);
2359
2360 /*
2361 * Try to compile regular expressions, but only if
2362 * they're not being dynamically expanded.
2363 */
2364 if (!tmpl_contains_xlat(vpt)) {
2365 slen = tmpl_regex_compile(vpt, true);
2366 if (slen <= 0) goto error;
2367 }
2368
2369 node->vpt = vpt;
2370 node->quote = quote;
2371 xlat_exp_set_name_buffer_shallow(node, vpt->name);
2372
2373 node->flags.pure = !tmpl_contains_xlat(node->vpt);
2374 node->flags.needs_resolving = tmpl_needs_resolving(node->vpt);
2375
2376 *out = node;
2377
2378 FR_SBUFF_SET_RETURN(in, &our_in);
2379}
2380
2381
2382static fr_slen_t tokenize_rcode(xlat_exp_head_t *head, xlat_exp_t **out, fr_sbuff_t *in)
2383{
2384 rlm_rcode_t rcode;
2385 ssize_t slen;
2386 xlat_t *func;
2387 xlat_exp_t *node, *arg;
2388 fr_sbuff_t our_in = FR_SBUFF(in);
2389
2390 fr_sbuff_out_by_longest_prefix(&slen, &rcode, rcode_table, &our_in, T_BARE_WORD);
2391 if (slen <= 0) return 0;
2392
2393 /*
2394 * @todo - allow for attributes to have the name "ok-foo" ???
2395 */
2396 func = xlat_func_find("expr.rcode", -1);
2397 fr_assert(func != NULL);
2398
2399 MEM(node = xlat_exp_alloc(head, XLAT_FUNC, fr_sbuff_start(&our_in), slen));
2400 node->call.func = func;
2401 // no need to set dict here
2402 node->flags = func->flags; /* rcode is impure, but can be calculated statically */
2403
2404 MEM(arg = xlat_exp_alloc(node, XLAT_BOX, fr_sbuff_start(&our_in), slen));
2405
2406 /*
2407 * Doesn't need resolving, isn't pure, doesn't need anything else.
2408 */
2409 arg->flags = (xlat_flags_t) { };
2410
2411 /*
2412 * We need a string for unit tests, but this should really be just a number.
2413 */
2414 fr_value_box_init(&arg->data, FR_TYPE_STRING, NULL, false);
2415 (void) fr_value_box_bstrndup(arg, &arg->data, NULL, fr_sbuff_start(&our_in), slen, false);
2416
2417 xlat_func_append_arg(node, arg, false);
2418
2419 *out = node;
2420
2421 FR_SBUFF_SET_RETURN(in, &our_in);
2422}
2423
2424
2425/*
2426 * Tokenize a field without unary operators.
2427 */
2428static fr_slen_t tokenize_field(xlat_exp_head_t *head, xlat_exp_t **out, fr_sbuff_t *in,
2429 fr_sbuff_parse_rules_t const *p_rules, tmpl_rules_t const *t_rules,
2430 fr_sbuff_parse_rules_t const *bracket_rules, char *out_c, bool cond)
2431{
2432 ssize_t slen;
2433 xlat_exp_t *node = NULL;
2434 fr_sbuff_t our_in = FR_SBUFF(in);
2435 fr_sbuff_marker_t opand_m;
2436 tmpl_rules_t our_t_rules;
2437 tmpl_t *vpt = NULL;
2438 fr_token_t quote;
2439 int triple = 1;
2440 fr_type_t cast_type;
2441 fr_dict_attr_t const *enumv;
2442
2443 XLAT_DEBUG("FIELD <-- %pV", fr_box_strvalue_len(fr_sbuff_current(in), fr_sbuff_remaining(in)));
2444
2445 /*
2446 * Allow for explicit casts. Non-leaf types are forbidden.
2447 */
2448 if (expr_cast_from_substr(&cast_type, &our_in) < 0) return -1;
2449
2450 /*
2451 * Do NOT pass the cast down to the next set of parsing routines. Instead, let the next data be
2452 * parsed as whatever, and then add a cast, or cast in place as necessary.
2453 */
2454 our_t_rules = *t_rules;
2455 if (cast_type == FR_TYPE_NULL) {
2456 cast_type = our_t_rules.cast;
2457 enumv = our_t_rules.enumv;
2458 } else {
2459 enumv = NULL;
2460 }
2461
2462 our_t_rules.cast = FR_TYPE_NULL;
2463// our_t_rules.enumv = NULL;
2464
2465 /*
2466 * As a special case, we allow
2467 *
2468 * &reply = "foo = bar"
2469 *
2470 * and then we don't parse the RHS as any enum.
2471 */
2472 if ( our_t_rules.enumv && !fr_type_is_leaf(our_t_rules.enumv->type)) {
2473 our_t_rules.enumv = enumv = NULL;
2474 }
2475
2476 /*
2477 * If we still have '(', then recurse for other expressions
2478 *
2479 * Tokenize the sub-expression, ensuring that we stop at ')'.
2480 *
2481 * Note that if we have a sub-expression, then we don't use the hinting for "type".
2482 * That's because we're parsing a complete expression here (EXPR). So the intermediate
2483 * nodes in the expression can be almost anything. And we only cast it to the final
2484 * value when we get the output of the expression.
2485 */
2486 if (fr_sbuff_next_if_char(&our_in, '(')) {
2487 our_t_rules.cast = FR_TYPE_NULL;
2488 our_t_rules.enumv = NULL;
2489
2490 fr_sbuff_skip_whitespace(&our_in);
2491 if (fr_sbuff_is_char(&our_in, ')')) {
2492 fr_strerror_printf("Empty expressions are invalid.");
2493 FR_SBUFF_ERROR_RETURN(&our_in);
2494 }
2495
2496 /*
2497 * No input rules means "ignore external terminal sequences, as we're expecting a ')' as
2498 * our terminal sequence.
2499 */
2500 if (tokenize_expression(head, &node, &our_in, bracket_rules, &our_t_rules, T_INVALID, bracket_rules, NULL, cond) <= 0) {
2501 FR_SBUFF_ERROR_RETURN(&our_in);
2502 }
2503
2504 if (!fr_sbuff_next_if_char(&our_in, ')')) {
2505 fr_strerror_printf("Failed to find trailing ')'");
2506 FR_SBUFF_ERROR_RETURN(&our_in);
2507 }
2508
2509 /*
2510 * We've parsed one "thing", so we stop. The
2511 * next thing should be an operator, not another
2512 * value.
2513 */
2514 *out_c = '\0';
2515 goto done;
2516 }
2517
2518 /*
2519 * Record where the operand begins for better error offsets later
2520 */
2521 fr_sbuff_marker(&opand_m, &our_in);
2522
2523 fr_sbuff_out_by_longest_prefix(&slen, &quote, expr_quote_table, &our_in, T_BARE_WORD);
2524
2525 switch (quote) {
2526 default:
2527 case T_BARE_WORD:
2528 p_rules = bracket_rules;
2529
2530 /*
2531 * Peek for rcodes.
2532 */
2533 slen = tokenize_rcode(head, &node, &our_in);
2534 if (slen > 0) {
2535 *out = node;
2536 FR_SBUFF_SET_RETURN(in, &our_in);
2537 }
2538 break;
2539
2540 case T_SOLIDUS_QUOTED_STRING:
2541 fr_strerror_const("Unexpected regular expression");
2542 fr_sbuff_set(&our_in, &opand_m); /* Error points to the quoting char at the start of the string */
2543 goto error;
2544
2545 case T_DOUBLE_QUOTED_STRING:
2546 case T_SINGLE_QUOTED_STRING:
2547 /*
2548 * We want to force the output to be a string.
2549 */
2550 if (cast_type == FR_TYPE_NULL) cast_type = FR_TYPE_STRING;
2551 FALL_THROUGH;
2552
2553 case T_BACK_QUOTED_STRING:
2554 p_rules = value_parse_rules_quoted[quote];
2555
2556 /*
2557 * Triple-quoted strings have different terminal conditions.
2558 */
2559 if (fr_sbuff_remaining(&our_in) >= 2) {
2560 char const *p = fr_sbuff_current(&our_in);
2561 char c = fr_token_quote[quote];
2562
2563 /*
2564 * """foo "quote" and end"""
2565 */
2566 if ((p[0] == c) && (p[1] == c)) {
2567 triple = 3;
2568 (void) fr_sbuff_advance(&our_in, 2);
2569 p_rules = value_parse_rules_3quoted[quote];
2570 }
2571 }
2572
2573 break;
2574 }
2575
2576 /*
2577 * Allocate the xlat node now so the talloc hierarchy is correct
2578 */
2579 MEM(node = xlat_exp_alloc(head, XLAT_TMPL, NULL, 0));
2580
2581 /*
2582 * tmpl_afrom_substr does pretty much all the work of
2583 * parsing the operand. It pays attention to the cast on
2584 * our_t_rules, and will try to parse any data there as
2585 * of the correct type.
2586 */
2587 slen = tmpl_afrom_substr(node, &vpt, &our_in, quote, p_rules, &our_t_rules);
2588 if ((slen < 0) || ((slen == 0) && (quote == T_BARE_WORD))) {
2589 error:
2590 talloc_free(node);
2591 FR_SBUFF_ERROR_RETURN(&our_in);
2592 }
2593
2594 /*
2595 * Add in unknown attributes, by defining them in the local dictionary.
2596 */
2597 if (tmpl_is_attr(vpt) && (tmpl_attr_unknown_add(vpt) < 0)) {
2598 fr_strerror_printf("Failed defining attribute %s", tmpl_attr_tail_da(vpt)->name);
2599 fr_sbuff_set(&our_in, &opand_m);
2600 goto error;
2601 }
2602
2603 if (quote != T_BARE_WORD) {
2604 /*
2605 * Ensure that the string ends with the correct number of quotes.
2606 */
2607 do {
2608 if (!fr_sbuff_is_char(&our_in, fr_token_quote[quote])) {
2609 fr_strerror_const("Unterminated string");
2610 fr_sbuff_set(&our_in, &opand_m);
2611 goto error;
2612 }
2613
2614 fr_sbuff_advance(&our_in, 1);
2615 } while (--triple > 0);
2616
2617 /*
2618 * Quoted strings just get resolved now.
2619 *
2620 * @todo - this means that things like
2621 *
2622 * &Session-Timeout == '10'
2623 *
2624 * are run-time errors, instead of load-time parse errors.
2625 *
2626 * On the other hand, if people assign static strings to non-string
2627 * attributes... they sort of deserve what they get.
2628 */
2629 if (tmpl_is_data_unresolved(vpt) && (tmpl_resolve(vpt, NULL) < 0)) goto error;
2630 } else {
2631 /*
2632 * Catch the old case of alternation :(
2633 */
2634 char const *p;
2635
2636 fr_assert(talloc_array_length(vpt->name) > 1);
2637
2638 p = vpt->name + talloc_array_length(vpt->name) - 2;
2639 if ((*p == ':') && fr_sbuff_is_char(&our_in, '-')) {
2640 fr_sbuff_set(&our_in, fr_sbuff_current(&our_in) - 2);
2641 fr_strerror_const("Alternation is no longer supported. Use '%{a || b}' instead of '%{a:-b}'");
2642 goto error;
2643 }
2644 }
2645
2646 fr_sbuff_skip_whitespace(&our_in);
2647
2648 /*
2649 * A bare word which is NOT a known attribute. That's an error.
2650 */
2651 if (tmpl_require_enum_prefix && tmpl_is_data_unresolved(vpt)) {
2652 fr_assert(quote == T_BARE_WORD);
2653 fr_strerror_const("Failed parsing input");
2654 fr_sbuff_set(&our_in, &opand_m);
2655 goto error;
2656 }
2657
2658 /*
2659 * The tmpl has a cast, and it's the same as the explicit cast we were given, we can sometimes
2660 * discard the explicit cast.
2661 */
2662 if (cast_type != FR_TYPE_NULL) {
2663 if (tmpl_rules_cast(vpt) == cast_type) {
2664 fr_assert(0);
2665 cast_type = FR_TYPE_NULL;
2666
2667 } else if (tmpl_is_attr(vpt)) {
2668 fr_dict_attr_t const *da;
2669
2670 fr_assert(!tmpl_is_attr_unresolved(vpt));
2671
2672 da = tmpl_attr_tail_da(vpt); /* could be a list! */
2673
2674 /*
2675 * Set the cast for attributes. Note that tmpl_cast_set() will take care of
2676 * suppressing redundant casts. But it still allows (uint32)&Service-Type,
2677 * which means "return the raw value", and not "return enum name".
2678 */
2679 if (da) {
2680 if (tmpl_cast_set(vpt, cast_type) < 0) {
2681 fr_sbuff_set(&our_in, &opand_m);
2682 goto error;
2683 } else {
2684 cast_type = FR_TYPE_NULL;
2685 }
2686 } else { /* it's something like &reply. */
2687 fr_assert(0);
2688 }
2689
2690 } else if (tmpl_is_data(vpt)) {
2691 fr_assert(!tmpl_is_data_unresolved(vpt));
2692
2693 /*
2694 * Omit our cast type if the data is already of the right type.
2695 *
2696 * Otherwise if we have a cast, then convert the data now, and then reset the
2697 * cast_type to nothing. This work allows for better errors at startup, and
2698 * minimizes run-time work.
2699 */
2700 if (tmpl_value_type(vpt) == cast_type) {
2701 cast_type = FR_TYPE_NULL;
2702
2703 } else if (tmpl_cast_in_place(vpt, cast_type, enumv) < 0) {
2704 fr_sbuff_set(&our_in, &opand_m);
2705 goto error;
2706
2707 } else {
2708 /*
2709 * We've parsed the data as the new data type, so we don't need any more
2710 * casting.
2711 */
2712 cast_type = FR_TYPE_NULL;
2713 }
2714
2715 } else if (tmpl_contains_xlat(vpt)) {
2716 /*
2717 * (string) "foo %{...}" is redundant. Drop the cast.
2718 */
2719 if ((cast_type == FR_TYPE_STRING) && (vpt->quote != T_BARE_WORD)) {
2720 tmpl_cast_set(vpt, FR_TYPE_NULL);
2721 cast_type = FR_TYPE_NULL;
2722
2723 } else {
2724 /*
2725 * Push the cast to the tmpl.
2726 */
2727 tmpl_cast_set(vpt, cast_type);
2728 cast_type = FR_TYPE_NULL;
2729 }
2730
2731 } else if (tmpl_is_attr_unresolved(vpt)) {
2732 fr_assert(t_rules->attr.allow_unresolved);
2733
2734 } else if (tmpl_is_data_unresolved(vpt)) {
2735 fr_assert(!tmpl_require_enum_prefix);
2736
2737 fr_assert(quote == T_BARE_WORD);
2738 fr_strerror_const("Failed parsing input");
2739 fr_sbuff_set(&our_in, &opand_m);
2740 goto error;
2741
2742 } else {
2743 /*
2744 * Regex? Or something else weird?
2745 */
2746 tmpl_debug(vpt);
2747 fr_assert(0);
2748 }
2749 }
2750
2751 /*
2752 * Assign the tmpl to the node.
2753 */
2754 node->vpt = vpt;
2755 node->quote = quote;
2756 xlat_exp_set_name_buffer_shallow(node, vpt->name);
2757
2758 if (tmpl_is_data(node->vpt)) {
2759 /*
2760 * Print "true" and "false" instead of "yes" and "no".
2761 */
2762 if ((tmpl_value_type(vpt) == FR_TYPE_BOOL) && !tmpl_value_enumv(vpt)) {
2763 tmpl_value_enumv(vpt) = attr_expr_bool_enum;
2764 }
2765
2766 node->flags.constant = true;
2767 node->flags.pure = true;
2768
2769 } else if (tmpl_contains_xlat(node->vpt)) {
2770 node->flags = tmpl_xlat(vpt)->flags;
2771
2772 } else if (tmpl_is_attr(node->vpt)) {
2773 node->flags.pure = false;
2774
2775#ifndef NDEBUG
2776 if (vpt->name[0] == '%') {
2777 fr_assert(vpt->rules.attr.prefix == TMPL_ATTR_REF_PREFIX_NO);
2778 } else if (!tmpl_require_enum_prefix) {
2779 fr_assert(vpt->rules.attr.prefix == TMPL_ATTR_REF_PREFIX_YES);
2780 }
2781#endif
2782
2783 } else {
2784 node->flags.pure = false;
2785 }
2786
2787 node->flags.constant = node->flags.pure;
2788 node->flags.needs_resolving = tmpl_needs_resolving(node->vpt);
2789
2790 fr_assert(!tmpl_contains_regex(vpt));
2791
2792done:
2793 /*
2794 * If there is a cast, then reparent the node with a cast wrapper.
2795 */
2796 if (cast_type != FR_TYPE_NULL) {
2797 xlat_exp_t *cast;
2798
2799 MEM(cast = expr_cast_alloc(head, cast_type));
2800 xlat_func_append_arg(cast, node, false);
2801 node = cast;
2802 }
2803
2804 *out = node;
2805
2806 FR_SBUFF_SET_RETURN(in, &our_in);
2807}
2808
2809/*
2810 * A mapping of operators to tokens.
2811 */
2812static fr_table_num_ordered_t const expr_assignment_op_table[] = {
2813 { L("!="), T_OP_NE },
2814 { L("!=="), T_OP_CMP_NE_TYPE },
2815
2816 { L("&"), T_AND },
2817 { L("&&"), T_LAND },
2818 { L("*"), T_MUL },
2819 { L("+"), T_ADD },
2820 { L("-"), T_SUB },
2821 { L("/"), T_DIV },
2822 { L("%"), T_MOD },
2823 { L("^"), T_XOR },
2824
2825 { L("|"), T_OR },
2826 { L("||"), T_LOR },
2827
2828 { L("<"), T_OP_LT },
2829 { L("<<"), T_LSHIFT },
2830 { L("<="), T_OP_LE },
2831
2832 { L("="), T_OP_EQ },
2833 { L("=="), T_OP_CMP_EQ },
2834 { L("==="), T_OP_CMP_EQ_TYPE },
2835
2836 { L("=~"), T_OP_REG_EQ },
2837 { L("!~"), T_OP_REG_NE },
2838
2839 { L(">"), T_OP_GT },
2840 { L(">="), T_OP_GE },
2841 { L(">>"), T_RSHIFT },
2842
2843};
2844static size_t const expr_assignment_op_table_len = NUM_ELEMENTS(expr_assignment_op_table);
2845
2846static bool valid_type(xlat_exp_t *node)
2847{
2848 fr_dict_attr_t const *da;
2849
2850#ifdef STATIC_ANALYZER
2851 if (!node) return false;
2852#endif
2853
2854 if (node->type != XLAT_TMPL) return true;
2855
2856 if (tmpl_is_list(node->vpt)) {
2857 list:
2858 fr_strerror_const("Cannot use list references in condition");
2859 return false;
2860 }
2861
2862 if (!tmpl_is_attr(node->vpt)) return true;
2863
2864 da = tmpl_attr_tail_da(node->vpt);
2865 if (fr_type_is_structural(da->type)) {
2866 if (da->dict == fr_dict_internal()) goto list;
2867
2868 fr_strerror_const("Cannot use structural types in condition");
2869 return false;
2870 }
2871
2872 return true;
2873}
2874
2875
2876/** Tokenize a mathematical operation.
2877 *
2878 * (EXPR)
2879 * !EXPR
2880 * A OP B
2881 *
2882 * If "out" is NULL then the expression is added to "head".
2883 * Otherwise, it's returned to the caller.
2884 */
2885static fr_slen_t tokenize_expression(xlat_exp_head_t *head, xlat_exp_t **out, fr_sbuff_t *in,
2886 fr_sbuff_parse_rules_t const *p_rules, tmpl_rules_t const *t_rules,
2887 fr_token_t prev, fr_sbuff_parse_rules_t const *bracket_rules,
2888 fr_sbuff_parse_rules_t const *input_rules, bool cond)
2889{
2890 xlat_exp_t *lhs = NULL, *rhs, *node;
2891 xlat_t *func = NULL;
2892 fr_token_t op;
2893 ssize_t slen;
2894 fr_sbuff_marker_t m_lhs, m_op, m_rhs;
2895 fr_sbuff_t our_in = FR_SBUFF(in);
2896 char c = '\0';
2897
2898 XLAT_DEBUG("EXPRESSION <-- %pV", fr_box_strvalue_len(fr_sbuff_current(in), fr_sbuff_remaining(in)));
2899
2900 fr_sbuff_skip_whitespace(&our_in);
2901
2902 fr_sbuff_marker(&m_lhs, &our_in);
2903
2904 /*
2905 * Get the LHS of the operation.
2906 */
2907 slen = tokenize_unary(head, &lhs, &our_in, p_rules, t_rules, bracket_rules, &c, cond);
2908 if (slen <= 0) FR_SBUFF_ERROR_RETURN(&our_in);
2909
2910 if (slen == 0) {
2911 fr_assert(lhs == NULL);
2912 *out = NULL;
2913 FR_SBUFF_SET_RETURN(in, &our_in);
2914 }
2915
2916redo:
2917 rhs = NULL;
2918
2919#ifdef STATIC_ANALYZER
2920 if (!lhs) return 0; /* shut up stupid analyzer */
2921#else
2922 fr_assert(lhs != NULL);
2923#endif
2924
2925 fr_sbuff_skip_whitespace(&our_in);
2926
2927 /*
2928 * No more input, we're done.
2929 */
2930 if (fr_sbuff_extend(&our_in) == 0) {
2931 done:
2932 *out = lhs;
2933 FR_SBUFF_SET_RETURN(in, &our_in);
2934 }
2935
2936 /*
2937 * ')' is a terminal, even if we didn't expect it.
2938 * Because if we didn't expect it, then it's an error.
2939 *
2940 * If we did expect it, then we return whatever we found,
2941 * and let the caller eat the ')'.
2942 */
2943 if (fr_sbuff_is_char(&our_in, ')')) {
2944 if (!bracket_rules) {
2945 fr_strerror_printf("Unexpected ')'");
2946 FR_SBUFF_ERROR_RETURN(&our_in);
2947 }
2948
2949 goto done;
2950 }
2951 fr_sbuff_skip_whitespace(&our_in);
2952
2953 /*
2954 * We hit a terminal sequence, stop.
2955 */
2956 if (input_rules && fr_sbuff_is_terminal(&our_in, input_rules->terminals)) goto done;
2957
2958 /*
2959 * Remember where we were after parsing the LHS.
2960 */
2961 fr_sbuff_marker(&m_op, &our_in);
2962
2963 /*
2964 * Get the operator.
2965 */
2966 XLAT_DEBUG(" operator <-- %pV", fr_box_strvalue_len(fr_sbuff_current(&our_in), fr_sbuff_remaining(&our_in)));
2967 fr_sbuff_out_by_longest_prefix(&slen, &op, expr_assignment_op_table, &our_in, T_INVALID);
2968 if ((op == T_INVALID) || !binary_ops[op].str) {
2969 fr_strerror_const("Invalid operator");
2970 fr_sbuff_set(&our_in, &m_op);
2971 talloc_free(lhs);
2972 FR_SBUFF_ERROR_RETURN(&our_in);
2973 }
2974
2975 /*
2976 * We can't (yet) do &list1 = &list2 + &list3
2977 */
2978 if (fr_binary_op[op] && t_rules->enumv && fr_type_is_structural(t_rules->enumv->type)) {
2979 fr_strerror_const("Invalid operator for structural attribute");
2980 fr_sbuff_set(&our_in, &m_op);
2981 talloc_free(lhs);
2982 FR_SBUFF_ERROR_RETURN(&our_in);
2983 }
2984
2985 fr_assert(precedence[op] != 0);
2986
2987 /*
2988 * a * b + c ... = (a * b) + c ...
2989 *
2990 * Feed the current expression to the caller, who will
2991 * take care of continuing.
2992 */
2993 if (precedence[op] <= precedence[prev]) {
2994 fr_sbuff_set(&our_in, &m_op);
2995 goto done;
2996 }
2997
2998 /*
2999 * &Foo and !&Foo are permitted as the LHS of || and &&
3000 */
3001 if (((c == '!') || (c == '~')) && (op != T_LAND) && (op != T_LOR)) {
3002 fr_strerror_printf("Operator '%c' is only applied to the left hand side of the '%s' operation, add (..) to evaluate the operation first", c, fr_tokens[op]);
3003 fail_lhs:
3004 fr_sbuff_set(&our_in, &m_lhs);
3005 FR_SBUFF_ERROR_RETURN(&our_in);
3006 }
3007
3008 fr_sbuff_skip_whitespace(&our_in);
3009 fr_sbuff_marker(&m_rhs, &our_in);
3010
3011 /*
3012 * We now parse the RHS, allowing a (perhaps different) cast on the RHS.
3013 */
3014 XLAT_DEBUG(" recurse RHS <-- %pV", fr_box_strvalue_len(fr_sbuff_current(&our_in), fr_sbuff_remaining(&our_in)));
3015 if ((op == T_OP_REG_EQ) || (op == T_OP_REG_NE)) {
3016 fr_type_t type;
3017
3018 /*
3019 * @todo - LHS shouldn't be anything else.
3020 */
3021 fr_assert(lhs->type == XLAT_TMPL);
3022
3023 type = tmpl_cast_get(lhs->vpt);
3024 if ((type != FR_TYPE_NULL) && (type != FR_TYPE_STRING)) {
3025 fr_strerror_const("Casts cannot be used with regular expressions");
3026 fr_sbuff_set(&our_in, &m_lhs);
3027 FR_SBUFF_ERROR_RETURN(&our_in);
3028 }
3029
3030 /*
3031 * Cast the LHS to a string, if it's not already one!
3032 */
3033 if (lhs->vpt->quote == T_BARE_WORD) tmpl_cast_set(lhs->vpt, FR_TYPE_STRING);
3034
3035 slen = tokenize_regex_rhs(head, &rhs, &our_in, t_rules, bracket_rules);
3036 } else {
3037 tmpl_rules_t our_t_rules = *t_rules;
3038
3039 /*
3040 * The terminal rules for expressions includes "-" and "+", both of which are allowed in
3041 * enum names. If we pass the enumv down to the next function, it will see
3042 * "Access-Accept", and then only parse "Access". Which is wrong.
3043 *
3044 * For now, if we _don't_ have tmpl_require_enum_prefix, then we don't pass the enumv,
3045 * and we somehow skip the entire enum name. The name is then resolved later by
3046 * something...
3047 */
3048 if (tmpl_require_enum_prefix && (lhs->type == XLAT_TMPL) && tmpl_is_attr(lhs->vpt) &&
3049 fr_sbuff_is_str_literal(&our_in, "::")) {
3050 our_t_rules.enumv = tmpl_attr_tail_da(lhs->vpt);
3051 }
3052
3053 slen = tokenize_expression(head, &rhs, &our_in, p_rules, &our_t_rules, op, bracket_rules, input_rules, cond);
3054 }
3055 if (slen <= 0) {
3056 talloc_free(lhs);
3057 FR_SBUFF_ERROR_RETURN(&our_in);
3058 }
3059
3060#ifdef STATIC_ANALYZER
3061 if (!rhs) return -1;
3062#endif
3063
3064 func = xlat_func_find(binary_ops[op].str, binary_ops[op].len);
3065 fr_assert(func != NULL);
3066
3067 if (multivalue_ops[op]) {
3068 if ((lhs->type == XLAT_FUNC) && (lhs->call.func->token == op)) {
3069 xlat_func_append_arg(lhs, rhs, cond);
3070
3071 lhs->call.args->flags.can_purify |= rhs->flags.can_purify | rhs->flags.pure;
3072 lhs->flags.can_purify = lhs->call.args->flags.can_purify;
3073 goto redo;
3074 }
3075 goto purify;
3076 }
3077
3078 /*
3079 * Complain on comparisons between invalid data types.
3080 *
3081 * @todo - allow
3082 *
3083 * &structural == {}
3084 * &structural != {}
3085 *
3086 * as special cases, so we can check lists for emptiness.
3087 */
3088 if (fr_comparison_op[op]) {
3089 if (!valid_type(lhs)) goto fail_lhs;
3090 if (!valid_type(rhs)) {
3091 fr_sbuff_set(&our_in, &m_rhs);
3092 FR_SBUFF_ERROR_RETURN(&our_in);
3093 }
3094
3095 /*
3096 * Peephole optimization. If both LHS
3097 * and RHS are static values, then just call the
3098 * relevant condition code to get the result.
3099 */
3100 if (cond) {
3101 int rcode;
3102
3103 purify:
3104 rcode = xlat_purify_op(head, &node, lhs, op, rhs);
3105 if (rcode < 0) goto fail_lhs;
3106
3107 if (rcode) {
3108 lhs = node;
3109 goto redo;
3110 }
3111 }
3112 }
3113
3114 /*
3115 * Create the function node, with the LHS / RHS arguments.
3116 */
3117 MEM(node = xlat_exp_alloc(head, XLAT_FUNC, fr_tokens[op], strlen(fr_tokens[op])));
3118 node->call.func = func;
3119 node->call.dict = t_rules->attr.dict_def;
3120 node->flags = func->flags;
3121 node->flags.impure_func = !func->flags.pure;
3122
3123 xlat_func_append_arg(node, lhs, logical_ops[op] && cond);
3124 xlat_func_append_arg(node, rhs, logical_ops[op] && cond);
3125
3126 fr_assert(xlat_exp_head(node->call.args) != NULL);
3127
3128 /*
3129 * Logical operations can be purified if ANY of their arguments can be purified.
3130 */
3131 if (logical_ops[op]) {
3132 xlat_exp_foreach(node->call.args, arg) {
3133 node->call.args->flags.can_purify |= arg->flags.can_purify | arg->flags.pure;
3134 if (node->call.args->flags.can_purify) break;
3135 }
3136 node->flags.can_purify = node->call.args->flags.can_purify;
3137
3138 } else {
3139 node->flags.can_purify = (node->call.func->flags.pure && node->call.args->flags.pure) | node->call.args->flags.can_purify;
3140 }
3141
3142 lhs = node;
3143 goto redo;
3144}
3145
3146static const fr_sbuff_term_t bracket_terms = FR_SBUFF_TERMS(
3147 L(""),
3148 L(")"),
3149);
3150
3151static const fr_sbuff_term_t operator_terms = FR_SBUFF_TERMS(
3152 L("\t"),
3153 L("\n"),
3154 L("\r"),
3155 L(" "),
3156 L("!"),
3157 L("%"),
3158 L("&"),
3159 L("*"),
3160 L("+"),
3161 L("-"),
3162 L("/"),
3163 L("<"),
3164 L("="),
3165 L(">"),
3166 L("^"),
3167 L("|"),
3168 L("~"),
3169);
3170
3171static fr_slen_t xlat_tokenize_expression_internal(TALLOC_CTX *ctx, xlat_exp_head_t **out, fr_sbuff_t *in,
3172 fr_sbuff_parse_rules_t const *p_rules, tmpl_rules_t const *t_rules, bool cond)
3173{
3174 ssize_t slen;
3175 fr_sbuff_parse_rules_t *bracket_rules = NULL;
3176 fr_sbuff_parse_rules_t *terminal_rules = NULL;
3177 tmpl_rules_t my_rules = { };
3178 xlat_exp_head_t *head;
3179 xlat_exp_t *node = NULL;
3180
3181 /*
3182 * Whatever the caller passes, ensure that we have a
3183 * terminal rule which ends on operators, and a terminal
3184 * rule which ends on ')'.
3185 */
3186 MEM(bracket_rules = talloc_zero(ctx, fr_sbuff_parse_rules_t));
3187 MEM(terminal_rules = talloc_zero(ctx, fr_sbuff_parse_rules_t));
3188 if (p_rules) {
3189 *bracket_rules = *p_rules;
3190 *terminal_rules = *p_rules;
3191
3192 if (p_rules->terminals) {
3193 MEM(terminal_rules->terminals = fr_sbuff_terminals_amerge(terminal_rules,
3194 p_rules->terminals,
3195 &operator_terms));
3196 } else {
3197 terminal_rules->terminals = &operator_terms;
3198 }
3199 } else {
3200 terminal_rules->terminals = &operator_terms;
3201 }
3202 MEM(bracket_rules->terminals = fr_sbuff_terminals_amerge(bracket_rules,
3203 terminal_rules->terminals,
3204 &bracket_terms));
3205
3206 MEM(head = xlat_exp_head_alloc(ctx));
3207 if (!t_rules) t_rules = &my_rules;
3208
3209 slen = tokenize_expression(head, &node, in, terminal_rules, t_rules, T_INVALID, bracket_rules, p_rules, cond);
3210 talloc_free(bracket_rules);
3211 talloc_free(terminal_rules);
3212
3213 if (slen <= 0) {
3214 talloc_free(head);
3215 FR_SBUFF_ERROR_RETURN(in);
3216 }
3217
3218 if (!node) {
3219 *out = head;
3220 return slen;
3221 }
3222
3223 /*
3224 * If the tmpl is not resolved, then it refers to an attribute which doesn't exist. That's an
3225 * error.
3226 */
3227 if ((node->type == XLAT_TMPL) && tmpl_is_data_unresolved(node->vpt)) {
3228 if (!tmpl_require_enum_prefix) {
3229 fr_strerror_const("Unexpected text - attribute names must be prefixed with '&'");
3230 } else {
3231 fr_strerror_const("Unknown attribute");
3232 }
3233 return -1;
3234 }
3235
3236 /*
3237 * Convert raw existence checks to existence functions.
3238 */
3239 if (cond && (node->type == XLAT_TMPL) && tmpl_contains_attr(node->vpt)) {
3240 node = xlat_exists_alloc(head, node);
3241 }
3242
3243 xlat_exp_insert_tail(head, node);
3244
3245 /*
3246 * Add nodes that need to be bootstrapped to
3247 * the registry.
3248 */
3249 if (xlat_finalize(head, t_rules->xlat.runtime_el) < 0) {
3250 talloc_free(head);
3251 return -1;
3252 }
3253
3254 *out = head;
3255 return slen;
3256}
3257
3258fr_slen_t xlat_tokenize_expression(TALLOC_CTX *ctx, xlat_exp_head_t **out, fr_sbuff_t *in,
3259 fr_sbuff_parse_rules_t const *p_rules, tmpl_rules_t const *t_rules)
3260{
3261 return xlat_tokenize_expression_internal(ctx, out, in, p_rules, t_rules, false);
3262}
3263
3264fr_slen_t xlat_tokenize_condition(TALLOC_CTX *ctx, xlat_exp_head_t **out, fr_sbuff_t *in,
3265 fr_sbuff_parse_rules_t const *p_rules, tmpl_rules_t const *t_rules)
3266{
3267 return xlat_tokenize_expression_internal(ctx, out, in, p_rules, t_rules, true);
3268}
3269
3270/** Allow callers to see if an xlat is truthy
3271 *
3272 * So the caller can cache it, and needs to check fewer things at run
3273 * time.
3274 *
3275 * @param[in] head of the xlat to check
3276 * @param[out] out truthiness of the box
3277 * @return
3278 * - false - xlat is not truthy, *out is unchanged.
3279 * - true - xlat is truthy, *out is the result of fr_value_box_is_truthy()
3280 */
3281bool xlat_is_truthy(xlat_exp_head_t const *head, bool *out)
3282{
3283 xlat_exp_t const *node;
3284 fr_value_box_t const *box;
3285
3286 /*
3287 * Only pure / constant things can be truthy.
3288 */
3289 if (!head->flags.pure) goto return_false;
3290
3291 node = xlat_exp_head(head);
3292 if (!node) {
3293 *out = false;
3294 return true;
3295 }
3296
3297 if (xlat_exp_next(head, node)) goto return_false;
3298
3299 if (node->type == XLAT_BOX) {
3300 box = &node->data;
3301
3302 } else if ((node->type == XLAT_TMPL) && tmpl_is_data(node->vpt)) {
3303 box = tmpl_value(node->vpt);
3304
3305 } else {
3306 return_false:
3307 *out = false;
3308 return false;
3309 }
3310
3311 *out = fr_value_box_is_truthy(box);
3312 return true;
3313}
args
va_list args
Definition acutest.h:770
UNCONST
#define UNCONST(_type, _ptr)
Remove const qualification from a pointer.
Definition build.h:167
RCSID
#define RCSID(id)
Definition build.h:483
L
#define L(_str)
Helper for initialising arrays of string literals.
Definition build.h:209
FALL_THROUGH
#define FALL_THROUGH
clang 10 doesn't recognised the FALL-THROUGH comment anymore
Definition build.h:322
unlikely
#define unlikely(_x)
Definition build.h:381
UNUSED
#define UNUSED
Definition build.h:315
NUM_ELEMENTS
#define NUM_ELEMENTS(_t)
Definition build.h:337
fr_value_calc_list_cmp
int fr_value_calc_list_cmp(TALLOC_CTX *ctx, fr_value_box_t *dst, fr_value_box_list_t const *list1, fr_token_t op, fr_value_box_list_t const *list2)
Definition calc.c:2688
fr_value_calc_binary_op
int fr_value_calc_binary_op(TALLOC_CTX *ctx, fr_value_box_t *dst, fr_type_t hint, fr_value_box_t const *a, fr_token_t op, fr_value_box_t const *b)
Calculate DST = A OP B.
Definition calc.c:1894
fr_value_calc_unary_op
int fr_value_calc_unary_op(TALLOC_CTX *ctx, fr_value_box_t *dst, fr_token_t op, fr_value_box_t const *src)
Calculate unary operations.
Definition calc.c:2460
fr_dcursor_append
static int fr_dcursor_append(fr_dcursor_t *cursor, void *v)
Insert a single item at the end of the list.
Definition dcursor.h:406
fr_dcursor_s
Definition dcursor.h:93
MEM
#define MEM(x)
Definition debug.h:36
ERROR
#define ERROR(fmt,...)
Definition dhcpclient.c:41
fr_dict_internal
fr_dict_t const * fr_dict_internal(void)
Definition dict_util.c:4614
in
static fr_slen_t in
Definition dict.h:823
fr_dlist_remove
static void * fr_dlist_remove(fr_dlist_head_t *list_head, void *ptr)
Remove an item from the list.
Definition dlist.h:638
fr_dlist_num_elements
static unsigned int fr_dlist_num_elements(fr_dlist_head_t const *head)
Return the number of elements in the dlist.
Definition dlist.h:939
fr_dlist_insert_tail
static int fr_dlist_insert_tail(fr_dlist_head_t *list_head, void *ptr)
Insert an item into the tail of a list.
Definition dlist.h:378
xlat_func_rcode
static xlat_action_t xlat_func_rcode(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, UNUSED fr_value_box_list_t *args)
Return the current rcode as a string.
Definition xlat_expr.c:1648
xlat_func_exists
static xlat_action_t xlat_func_exists(TALLOC_CTX *ctx, fr_dcursor_t *out, xlat_ctx_t const *xctx, request_t *request, UNUSED fr_value_box_list_t *in)
See if a named attribute exists.
Definition xlat_expr.c:1805
xlat_func_expr_rcode
static xlat_action_t xlat_func_expr_rcode(TALLOC_CTX *ctx, fr_dcursor_t *out, xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *args)
Match the passed rcode against request->rcode.
Definition xlat_expr.c:1597
unlang_interpret_frame_talloc_ctx
TALLOC_CTX * unlang_interpret_frame_talloc_ctx(request_t *request)
Get a talloc_ctx which is valid only for this frame.
Definition interpret.c:1407
UNLANG_SUB_FRAME
#define UNLANG_SUB_FRAME
Definition interpret.h:36
RDEBUG3
#define RDEBUG3(fmt,...)
Definition log.h:343
RPEDEBUG
#define RPEDEBUG(fmt,...)
Definition log.h:376
talloc_free
talloc_free(reap)
TMPL_ATTR_REF_PREFIX_NO
@ TMPL_ATTR_REF_PREFIX_NO
Attribute refs have no '&' prefix.
Definition merged_model.c:230
TMPL_ATTR_REF_PREFIX_YES
@ TMPL_ATTR_REF_PREFIX_YES
Attribute refs must have '&' prefix.
Definition merged_model.c:229
fr_type_t
fr_type_t
Definition merged_model.c:80
FR_TYPE_INT8
@ FR_TYPE_INT8
8 Bit signed integer.
Definition merged_model.c:103
FR_TYPE_STRING
@ FR_TYPE_STRING
String of printable characters.
Definition merged_model.c:83
FR_TYPE_NULL
@ FR_TYPE_NULL
Invalid (uninitialised) attribute type.
Definition merged_model.c:81
FR_TYPE_UINT16
@ FR_TYPE_UINT16
16 Bit unsigned integer.
Definition merged_model.c:98
FR_TYPE_INT64
@ FR_TYPE_INT64
64 Bit signed integer.
Definition merged_model.c:106
FR_TYPE_INT16
@ FR_TYPE_INT16
16 Bit signed integer.
Definition merged_model.c:104
FR_TYPE_UINT8
@ FR_TYPE_UINT8
8 Bit unsigned integer.
Definition merged_model.c:97
FR_TYPE_UINT32
@ FR_TYPE_UINT32
32 Bit unsigned integer.
Definition merged_model.c:99
FR_TYPE_INT32
@ FR_TYPE_INT32
32 Bit signed integer.
Definition merged_model.c:105
FR_TYPE_UINT64
@ FR_TYPE_UINT64
64 Bit unsigned integer.
Definition merged_model.c:100
FR_TYPE_VOID
@ FR_TYPE_VOID
User data.
Definition merged_model.c:127
FR_TYPE_BOOL
@ FR_TYPE_BOOL
A truth value.
Definition merged_model.c:95
FR_TYPE_SIZE
@ FR_TYPE_SIZE
Unsigned integer capable of representing any memory address on the local system.
Definition merged_model.c:115
FR_TYPE_OCTETS
@ FR_TYPE_OCTETS
Raw octets.
Definition merged_model.c:84
FR_TYPE_GROUP
@ FR_TYPE_GROUP
A grouping of other attributes.
Definition merged_model.c:124
uint32_t
unsigned int uint32_t
Definition merged_model.c:33
ssize_t
long int ssize_t
Definition merged_model.c:24
fr_slen_t
ssize_t fr_slen_t
Definition merged_model.c:35
fr_dict_attr_t
Definition merged_model.c:133
fr_sbuff_escape_rules_t
Definition merged_model.c:234
fr_sbuff_t
Definition merged_model.c:37
fr_value_box_t
Definition merged_model.c:136
request_t
Definition merged_model.c:210
tmpl_t
Definition merged_model.c:225
check
#define check(_handle, _len_p)
Definition bio.c:44
fr_assert
#define fr_assert(_expr)
Definition rad_assert.h:38
done
static bool done
Definition radclient.c:80
REDEBUG
#define REDEBUG(fmt,...)
Definition radclient.h:52
rcode_table
fr_table_num_sorted_t const rcode_table[]
Definition rcode.c:35
rlm_rcode_t
rlm_rcode_t
Return codes indicating the result of the module call.
Definition rcode.h:40
RLM_MODULE_NOT_SET
@ RLM_MODULE_NOT_SET
Error resolving rcode (should not be returned by modules).
Definition rcode.h:51
RLM_MODULE_NUMCODES
@ RLM_MODULE_NUMCODES
How many valid return codes there are.
Definition rcode.h:50
name
static char const * name
Definition rlm_redis_ippool_tool.c:156
fr_sbuff_is_terminal
bool fr_sbuff_is_terminal(fr_sbuff_t *in, fr_sbuff_term_t const *tt)
Efficient terminal string search.
Definition sbuff.c:2152
fr_sbuff_terminals_amerge
fr_sbuff_term_t * fr_sbuff_terminals_amerge(TALLOC_CTX *ctx, fr_sbuff_term_t const *a, fr_sbuff_term_t const *b)
Merge two sets of terminal strings.
Definition sbuff.c:645
fr_sbuff_next_if_char
bool fr_sbuff_next_if_char(fr_sbuff_t *sbuff, char c)
Return true if the current char matches, and if it does, advance.
Definition sbuff.c:2088
fr_sbuff_start
#define fr_sbuff_start(_sbuff_or_marker)
fr_sbuff_out_by_longest_prefix
#define fr_sbuff_out_by_longest_prefix(_match_len, _out, _table, _sbuff, _def)
fr_sbuff_is_str_literal
#define fr_sbuff_is_str_literal(_sbuff, _str)
FR_SBUFF_IN_CHAR_RETURN
#define FR_SBUFF_IN_CHAR_RETURN(_sbuff,...)
fr_sbuff_set
#define fr_sbuff_set(_dst, _src)
fr_sbuff_diff
#define fr_sbuff_diff(_a, _b)
FR_SBUFF_IN
#define FR_SBUFF_IN(_start, _len_or_end)
fr_sbuff_adv_past_whitespace
#define fr_sbuff_adv_past_whitespace(_sbuff, _len, _tt)
fr_sbuff_current
#define fr_sbuff_current(_sbuff_or_marker)
FR_SBUFF_TERMS
#define FR_SBUFF_TERMS(...)
Initialise a terminal structure with a list of sorted strings.
Definition sbuff.h:192
FR_SBUFF_IN_STRCPY_LITERAL_RETURN
#define FR_SBUFF_IN_STRCPY_LITERAL_RETURN(_sbuff, _str)
fr_sbuff_extend
#define fr_sbuff_extend(_sbuff_or_marker)
fr_sbuff_used_total
#define fr_sbuff_used_total(_sbuff_or_marker)
FR_SBUFF_RETURN
#define FR_SBUFF_RETURN(_func, _sbuff,...)
fr_sbuff_is_char
#define fr_sbuff_is_char(_sbuff_or_marker, _c)
FR_SBUFF_ERROR_RETURN
#define FR_SBUFF_ERROR_RETURN(_sbuff_or_marker)
FR_SBUFF_SET_RETURN
#define FR_SBUFF_SET_RETURN(_dst, _src)
fr_sbuff_is_digit
#define fr_sbuff_is_digit(_sbuff_or_marker)
SBUFF_CHAR_UNPRINTABLES_EXTENDED
#define SBUFF_CHAR_UNPRINTABLES_EXTENDED
FR_SBUFF
#define FR_SBUFF(_sbuff_or_marker)
fr_sbuff_advance
#define fr_sbuff_advance(_sbuff_or_marker, _len)
fr_sbuff_remaining
#define fr_sbuff_remaining(_sbuff_or_marker)
SBUFF_CHAR_UNPRINTABLES_LOW
#define SBUFF_CHAR_UNPRINTABLES_LOW
fr_sbuff_used
#define fr_sbuff_used(_sbuff_or_marker)
FR_SBUFF_IN_STRCPY_RETURN
#define FR_SBUFF_IN_STRCPY_RETURN(...)
FR_SBUFF_TALLOC_THREAD_LOCAL
#define FR_SBUFF_TALLOC_THREAD_LOCAL(_out, _init, _max)
fr_sbuff_ptr_s
Definition sbuff.h:84
fr_sbuff_term_elem_t
Terminal element with pre-calculated lengths.
Definition sbuff.h:161
fr_sbuff_term_t
Set of terminal elements.
Definition merged_model.c:161
tmpl_contains_xlat
#define tmpl_contains_xlat(vpt)
Definition tmpl.h:232
tmpl_is_attr_unresolved
#define tmpl_is_attr_unresolved(vpt)
Definition tmpl.h:224
vpt
static fr_slen_t vpt
Definition tmpl.h:1278
tmpl_resolve
int tmpl_resolve(tmpl_t *vpt, tmpl_res_rules_t const *tr_rules))
Attempt to resolve functions and attributes in xlats and attribute references.
Definition tmpl_tokenize.c:4239
tmpl_value
#define tmpl_value(_tmpl)
Definition tmpl.h:954
tmpl_attr_unknown_add
int tmpl_attr_unknown_add(tmpl_t *vpt)
Add an unknown fr_dict_attr_t specified by a tmpl_t to the main dictionary.
Definition tmpl_tokenize.c:4511
tmpl_contains_regex
#define tmpl_contains_regex(vpt)
Definition tmpl.h:231
tmpl_is_attr
#define tmpl_is_attr(vpt)
Definition tmpl.h:213
tmpl_rules_s::enumv
fr_dict_attr_t const * enumv
Enumeration attribute used to resolve enum values.
Definition tmpl.h:353
tmpl_value_enumv
#define tmpl_value_enumv(_tmpl)
Definition tmpl.h:957
tmpl_xlat
#define tmpl_xlat(_tmpl)
Definition tmpl.h:947
tmpl_rules_cast
#define tmpl_rules_cast(_tmpl)
Definition tmpl.h:959
tmpl_afrom_attr_str
ssize_t tmpl_afrom_attr_str(TALLOC_CTX *ctx, tmpl_attr_error_t *err, tmpl_t **out, char const *name, tmpl_rules_t const *rules))
Parse a string into a TMPL_TYPE_ATTR_* type tmpl_t.
Definition tmpl_tokenize.c:2510
tmpl_contains_attr
#define tmpl_contains_attr(vpt)
Definition tmpl.h:230
tmpl_afrom_substr
ssize_t tmpl_afrom_substr(TALLOC_CTX *ctx, tmpl_t **out, fr_sbuff_t *in, fr_token_t quote, fr_sbuff_parse_rules_t const *p_rules, tmpl_rules_t const *t_rules))
Convert an arbitrary string into a tmpl_t.
Definition tmpl_tokenize.c:3224
tmpl_rules_s::xlat
tmpl_xlat_rules_t xlat
Rules/data for parsing xlats.
Definition tmpl.h:351
tmpl_is_list
static bool tmpl_is_list(tmpl_t const *vpt)
Definition tmpl.h:937
tmpl_cast_in_place
int tmpl_cast_in_place(tmpl_t *vpt, fr_type_t type, fr_dict_attr_t const *enumv))
Convert tmpl_t of type TMPL_TYPE_DATA_UNRESOLVED or TMPL_TYPE_DATA to TMPL_TYPE_DATA of type specifie...
Definition tmpl_tokenize.c:3931
tmpl_is_data
#define tmpl_is_data(vpt)
Definition tmpl.h:211
tmpl_debug
void tmpl_debug(tmpl_t const *vpt)
Definition tmpl_tokenize.c:323
tmpl_value_type
#define tmpl_value_type(_tmpl)
Definition tmpl.h:956
tmpl_cast_get
static fr_type_t tmpl_cast_get(tmpl_t *vpt)
Definition tmpl.h:1232
tmpl_is_data_unresolved
#define tmpl_is_data_unresolved(vpt)
Definition tmpl.h:222
tmpl_rules_s::cast
fr_type_t cast
Whether there was an explicit cast.
Definition tmpl.h:355
tmpl_rules_s::attr
tmpl_attr_rules_t attr
Rules/data for parsing attribute references.
Definition tmpl.h:350
tmpl_attr_tail_da
static fr_dict_attr_t const * tmpl_attr_tail_da(tmpl_t const *vpt)
Return the last attribute reference da.
Definition tmpl.h:818
tmpl_res_rules_t
struct tmpl_res_rules_s tmpl_res_rules_t
Definition tmpl.h:242
tmpl_is_regex
#define tmpl_is_regex(vpt)
Definition tmpl.h:218
tmpl_res_rules_s::enumv
fr_dict_attr_t const * enumv
for resolving T_BARE_WORD
Definition tmpl.h:388
tmpl_xlat_rules_s::runtime_el
fr_event_list_t * runtime_el
The eventlist to use for runtime instantiation of xlats.
Definition tmpl.h:339
tmpl_needs_resolving
#define tmpl_needs_resolving(vpt)
Definition tmpl.h:228
tmpl_cast_set
int tmpl_cast_set(tmpl_t *vpt, fr_type_t type)
Set a cast for a tmpl.
Definition tmpl_tokenize.c:3744
tmpl_res_rules_s
Similar to tmpl_rules_t, but used to specify parameters that may change during subsequent resolution ...
Definition tmpl.h:379
tmpl_rules_s
Optional arguments passed to vp_tmpl functions.
Definition tmpl.h:347
xor
static void xor(char *out, char *in1, char *in2, int n)
Definition smbdes.c:183
lshift
static void lshift(char *d, int count, int n)
Definition smbdes.c:165
inst
eap_aka_sim_process_conf_t * inst
Definition state_machine.c:3620
type
fr_aka_sim_id_type_t type
Definition state_machine.c:3623
vp
fr_pair_t * vp
Definition state_machine.c:2262
tmpl_attr_rules_s::allow_unresolved
uint8_t allow_unresolved
Allow attributes that look valid but were not found in the dictionaries.
Definition tmpl.h:321
tmpl_attr_rules_s::dict_def
fr_dict_t const * dict_def
Default dictionary to use with unqualified attribute references.
Definition tmpl.h:287
value_pair_s
Stores an attribute, a value and various bits of other data.
Definition pair.h:68
fr_table_value_by_str
#define fr_table_value_by_str(_table, _name, _def)
Convert a string to a value using a sorted or ordered table.
Definition table.h:653
fr_table_str_by_value
#define fr_table_str_by_value(_table, _number, _def)
Convert an integer to a string.
Definition table.h:772
fr_table_num_ordered_t
An element in an arbitrarily ordered array of name to num mappings.
Definition table.h:57
fr_table_num_sorted_t
An element in a lexicographically sorted array of name to num mappings.
Definition table.h:49
talloc_get_type_abort_const
#define talloc_get_type_abort_const
Definition talloc.h:282
talloc_const_free
static int talloc_const_free(void const *ptr)
Free const'd memory.
Definition talloc.h:224
tmpl_dcursor_clear
void tmpl_dcursor_clear(tmpl_dcursor_ctx_t *cc)
Clear any temporary state allocations.
Definition tmpl_dcursor.c:495
tmpl_dcursor_init
#define tmpl_dcursor_init(_err, _ctx, _cc, _cursor, _request, _vpt)
Definition tmpl_dcursor.h:100
tmpl_dcursor_ctx_s
Maintains state between cursor calls.
Definition tmpl_dcursor.h:62
fr_token_quote
const char fr_token_quote[T_TOKEN_LAST]
Convert tokens back to a quoting character.
Definition token.c:156
fr_tokens
char const * fr_tokens[T_TOKEN_LAST]
Definition token.c:78
fr_comparison_op
const bool fr_comparison_op[T_TOKEN_LAST]
Definition token.c:198
fr_binary_op
const bool fr_binary_op[T_TOKEN_LAST]
Definition token.c:216
fr_token_t
enum fr_token fr_token_t
T_AND
@ T_AND
Definition token.h:55
T_INVALID
@ T_INVALID
Definition token.h:39
T_SUB
@ T_SUB
Definition token.h:52
T_RSHIFT
@ T_RSHIFT
Definition token.h:62
T_NOT
@ T_NOT
Definition token.h:57
T_XOR
@ T_XOR
Definition token.h:58
T_DIV
@ T_DIV
Definition token.h:54
T_SINGLE_QUOTED_STRING
@ T_SINGLE_QUOTED_STRING
Definition token.h:122
T_MOD
@ T_MOD
Definition token.h:60
T_BARE_WORD
@ T_BARE_WORD
Definition token.h:120
T_OP_EQ
@ T_OP_EQ
Definition token.h:83
T_LAND
@ T_LAND
Definition token.h:91
T_COMPLEMENT
@ T_COMPLEMENT
Definition token.h:59
T_ADD
@ T_ADD
Definition token.h:51
T_BACK_QUOTED_STRING
@ T_BACK_QUOTED_STRING
Definition token.h:123
T_OP_NE
@ T_OP_NE
Definition token.h:97
T_LOR
@ T_LOR
Definition token.h:92
T_LSHIFT
@ T_LSHIFT
Definition token.h:63
T_OP_REG_EQ
@ T_OP_REG_EQ
Definition token.h:102
T_OP_CMP_EQ_TYPE
@ T_OP_CMP_EQ_TYPE
Definition token.h:107
T_DOUBLE_QUOTED_STRING
@ T_DOUBLE_QUOTED_STRING
Definition token.h:121
T_OP_CMP_EQ
@ T_OP_CMP_EQ
Definition token.h:106
T_LBRACE
@ T_LBRACE
Definition token.h:43
T_MUL
@ T_MUL
Definition token.h:53
T_OP_LE
@ T_OP_LE
Definition token.h:100
T_OP_CMP_NE_TYPE
@ T_OP_CMP_NE_TYPE
Definition token.h:108
T_OP_GE
@ T_OP_GE
Definition token.h:98
T_OP_GT
@ T_OP_GT
Definition token.h:99
T_SOLIDUS_QUOTED_STRING
@ T_SOLIDUS_QUOTED_STRING
Definition token.h:124
T_OP_LT
@ T_OP_LT
Definition token.h:101
T_OP_REG_NE
@ T_OP_REG_NE
Definition token.h:103
T_OR
@ T_OR
Definition token.h:56
T_TOKEN_LAST
#define T_TOKEN_LAST
Definition token.h:129
unlang_xlat_yield
xlat_action_t unlang_xlat_yield(request_t *request, xlat_func_t resume, xlat_func_signal_t signal, fr_signal_t sigmask, void *rctx)
Yield a request back to the interpreter from within a module.
Definition xlat.c:573
unlang_xlat_push
int unlang_xlat_push(TALLOC_CTX *ctx, bool *p_success, fr_value_box_list_t *out, request_t *request, xlat_exp_head_t const *xlat, bool top_frame)
Push a pre-compiled xlat onto the stack for evaluation.
Definition xlat.c:286
xlat_res_rules_t::tr_rules
tmpl_res_rules_t const * tr_rules
tmpl resolution rules.
Definition xlat.h:163
xlat_print
fr_slen_t xlat_print(fr_sbuff_t *in, xlat_exp_head_t const *node, fr_sbuff_escape_rules_t const *e_rules)
Reconstitute an xlat expression from its constituent nodes.
Definition xlat_tokenize.c:1300
xlat_arg_parser_t::required
bool required
Argument must be present, and non-empty.
Definition xlat.h:148
head
static fr_slen_t head
Definition xlat.h:422
xlat_flatten_compiled_argv
int xlat_flatten_compiled_argv(TALLOC_CTX *ctx, xlat_exp_head_t ***argv, xlat_exp_head_t *head)
Turn xlat_tokenize_argv() into an argv[] array, and nuke the input list.
Definition xlat_eval.c:1622
xlat_arg_parser_t::concat
bool concat
Concat boxes together.
Definition xlat.h:149
xlat_aprint
static fr_slen_t xlat_aprint(TALLOC_CTX *ctx, char **out, xlat_exp_head_t const *head, fr_sbuff_escape_rules_t const *e_rules) 1(xlat_print
xlat_flags_t::can_purify
bool can_purify
if the xlat has a pure function with pure arguments.
Definition xlat.h:116
xlat_purify_op
int xlat_purify_op(TALLOC_CTX *ctx, xlat_exp_t **out, xlat_exp_t *lhs, fr_token_t op, xlat_exp_t *rhs)
Definition xlat_purify.c:425
xlat_func_t
xlat_action_t(* xlat_func_t)(TALLOC_CTX *ctx, fr_dcursor_t *out, xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *in)
xlat callback function
Definition xlat.h:230
XLAT_ARGS
#define XLAT_ARGS(_list,...)
Populate local variables with value boxes from the input list.
Definition xlat.h:381
xlat_flags_t::pure
bool pure
has no external side effects, true for BOX, LITERAL, and some functions
Definition xlat.h:114
xlat_flags_t::needs_resolving
bool needs_resolving
Needs pass2 resolution.
Definition xlat.h:113
xlat_resolve
int xlat_resolve(xlat_exp_head_t *head, xlat_res_rules_t const *xr_rules)
Walk over an xlat tree recursively, resolving any unresolved functions or references.
Definition xlat_tokenize.c:1681
XLAT_ARG_PARSER_TERMINATOR
#define XLAT_ARG_PARSER_TERMINATOR
Definition xlat.h:168
xlat_finalize
int xlat_finalize(xlat_exp_head_t *head, fr_event_list_t *runtime_el)
Bootstrap static xlats, or instantiate ephemeral ones.
Definition xlat_inst.c:695
xlat_action_t
xlat_action_t
Definition xlat.h:37
XLAT_ACTION_FAIL
@ XLAT_ACTION_FAIL
An xlat function failed.
Definition xlat.h:44
XLAT_ACTION_YIELD
@ XLAT_ACTION_YIELD
An xlat function pushed a resume frame onto the stack.
Definition xlat.h:42
XLAT_ACTION_PUSH_UNLANG
@ XLAT_ACTION_PUSH_UNLANG
An xlat function pushed an unlang frame onto the unlang stack.
Definition xlat.h:39
XLAT_ACTION_DONE
@ XLAT_ACTION_DONE
We're done evaluating this level of nesting.
Definition xlat.h:43
xlat_flags_t::constant
bool constant
xlat is just tmpl_attr_tail_data, or XLAT_BOX
Definition xlat.h:118
xlat_flags_t::impure_func
bool impure_func
xlat contains an impure function
Definition xlat.h:115
xlat_instance_unregister_func
int xlat_instance_unregister_func(xlat_exp_t *node)
Remove a node from the list of xlat instance data.
Definition xlat_inst.c:550
xlat_arg_parser_t
Definition for a single argument consumend by an xlat function.
Definition xlat.h:147
xlat_flags_t
Flags that control resolution and evaluation.
Definition xlat.h:112
xlat_res_rules_t
Definition xlat.h:162
parent
static fr_slen_t parent
Definition pair.h:851
fr_strerror_printf
#define fr_strerror_printf(_fmt,...)
Log to thread local error buffer.
Definition strerror.h:64
fr_strerror_const
#define fr_strerror_const(_msg)
Definition strerror.h:223
fr_type_table
fr_table_num_ordered_t const fr_type_table[]
Map data types to names representing those types.
Definition types.c:31
fr_type_is_variable_size
#define fr_type_is_variable_size(_x)
Definition types.h:367
fr_type_is_structural
#define fr_type_is_structural(_x)
Definition types.h:371
fr_type_is_null
#define fr_type_is_null(_x)
Definition types.h:326
fr_type_is_leaf
#define fr_type_is_leaf(_x)
Definition types.h:372
fr_type_to_str
static char const * fr_type_to_str(fr_type_t type)
Return a static string containing the type name.
Definition types.h:433
value_parse_rules_quoted
fr_sbuff_parse_rules_t const * value_parse_rules_quoted[T_TOKEN_LAST]
Parse rules for quoted strings.
Definition value.c:606
fr_value_box_copy
int fr_value_box_copy(TALLOC_CTX *ctx, fr_value_box_t *dst, const fr_value_box_t *src)
Copy value data verbatim duplicating any buffers.
Definition value.c:3740
fr_value_box_is_truthy
bool fr_value_box_is_truthy(fr_value_box_t const *in)
Check truthiness of values.
Definition value.c:6372
fr_value_box_cast_in_place
int fr_value_box_cast_in_place(TALLOC_CTX *ctx, fr_value_box_t *vb, fr_type_t dst_type, fr_dict_attr_t const *dst_enumv)
Convert one type of fr_value_box_t to another in place.
Definition value.c:3572
fr_value_box_memdup_shallow
void fr_value_box_memdup_shallow(fr_value_box_t *dst, fr_dict_attr_t const *enumv, uint8_t const *src, size_t len, bool tainted)
Assign a buffer to a box, but don't copy it.
Definition value.c:4548
value_parse_rules_3quoted
fr_sbuff_parse_rules_t const * value_parse_rules_3quoted[T_TOKEN_LAST]
Definition value.c:622
fr_value_box_strdup
int fr_value_box_strdup(TALLOC_CTX *ctx, fr_value_box_t *dst, fr_dict_attr_t const *enumv, char const *src, bool tainted)
Copy a nul terminated string to a fr_value_box_t.
Definition value.c:3927
fr_value_box_strdup_shallow
void fr_value_box_strdup_shallow(fr_value_box_t *dst, fr_dict_attr_t const *enumv, char const *src, bool tainted)
Assign a buffer containing a nul terminated string to a box, but don't copy it.
Definition value.c:4036
fr_value_box_list_concat_as_string
ssize_t fr_value_box_list_concat_as_string(bool *tainted, bool *secret, fr_sbuff_t *sbuff, fr_value_box_list_t *list, char const *sep, size_t sep_len, fr_sbuff_escape_rules_t const *e_rules, fr_value_box_list_action_t proc_action, fr_value_box_safe_for_t safe_for, bool flatten)
Concatenate a list of value boxes together.
Definition value.c:5630
fr_value_box_clear
void fr_value_box_clear(fr_value_box_t *data)
Clear/free any existing value and metadata.
Definition value.c:3723
fr_value_box_bstrndup
int fr_value_box_bstrndup(TALLOC_CTX *ctx, fr_value_box_t *dst, fr_dict_attr_t const *enumv, char const *src, size_t len, bool tainted)
Copy a string to to a fr_value_box_t.
Definition value.c:4148
FR_VALUE_BOX_LIST_FREE_BOX
@ FR_VALUE_BOX_LIST_FREE_BOX
Free each processed box.
Definition value.h:218
fr_value_box_alloc
#define fr_value_box_alloc(_ctx, _type, _enumv)
Allocate a value box of a specific type.
Definition value.h:621
data
static fr_slen_t data
Definition value.h:1265
fr_box_strvalue_len
#define fr_box_strvalue_len(_val, _len)
Definition value.h:286
fr_box_is_group
#define fr_box_is_group(_x)
Definition value.h:430
VALUE_BOX_LIST_VERIFY
#define VALUE_BOX_LIST_VERIFY(_x)
Definition value.h:1296
fr_value_box_alloc_null
#define fr_value_box_alloc_null(_ctx)
Allocate a value box for later use with a value assignment function.
Definition value.h:632
fr_value_box_init
#define fr_value_box_init(_vb, _type, _enumv, _tainted)
Initialise a fr_value_box_t.
Definition value.h:587
fr_value_box_list_foreach
#define fr_value_box_list_foreach(_list_head, _iter)
Definition value.h:206
out
static size_t char ** out
Definition value.h:997
xlat_exp_set_name
void xlat_exp_set_name(xlat_exp_t *node, char const *fmt, size_t len)
Set the format string for an xlat node.
Definition xlat_alloc.c:191
xlat_exp_set_name_buffer_shallow
void xlat_exp_set_name_buffer_shallow(xlat_exp_t *node, char const *fmt)
Set the format string for an xlat node from a pre-existing buffer.
Definition xlat_alloc.c:213
xlat_ctx_s::rctx
void * rctx
Resume context.
Definition xlat_ctx.h:54
xlat_inst_ctx_s::ex
xlat_exp_t * ex
Tokenized expression to use in expansion.
Definition xlat_ctx.h:63
xlat_ctx_s::inst
void const * inst
xlat instance data.
Definition xlat_ctx.h:50
xlat_inst_ctx_s::inst
void * inst
xlat instance data to populate.
Definition xlat_ctx.h:62
xlat_ctx_s
An xlat calling ctx.
Definition xlat_ctx.h:49
xlat_inst_ctx_s
An xlat instantiation ctx.
Definition xlat_ctx.h:61
attr_expr_bool_enum
fr_dict_attr_t const * attr_expr_bool_enum
Definition xlat_eval.c:49
attr_cast_base
fr_dict_attr_t const * attr_cast_base
Definition xlat_eval.c:50
regex_escape_rules
static const fr_sbuff_escape_rules_t regex_escape_rules
Definition xlat_expr.c:560
xlat_exists_inst_t::vpt
tmpl_t const * vpt
the attribute reference
Definition xlat_expr.c:1668
xlat_exists_rctx_t::list
fr_value_box_list_t list
Definition xlat_expr.c:1674
fr_sbuff_skip_whitespace
#define fr_sbuff_skip_whitespace(_x)
Definition xlat_expr.c:2070
expr_assignment_op_table_len
static size_t const expr_assignment_op_table_len
Definition xlat_expr.c:2844
xlat_expr_print_binary
static fr_slen_t xlat_expr_print_binary(fr_sbuff_t *out, xlat_exp_t const *node, UNUSED void *inst, fr_sbuff_escape_rules_t const *e_rules)
Definition xlat_expr.c:145
XLAT_REGISTER_BOOL
#define XLAT_REGISTER_BOOL(_xlat, _func, _arg, _ret_type)
Definition xlat_expr.c:1884
xlat_logical_inst_t::argc
int argc
Definition xlat_expr.c:790
xlat_expr_print_rcode
static fr_slen_t xlat_expr_print_rcode(fr_sbuff_t *out, xlat_exp_t const *node, void *instance, UNUSED fr_sbuff_escape_rules_t const *e_rules)
Definition xlat_expr.c:1562
xlat_regex_match
static xlat_action_t xlat_regex_match(TALLOC_CTX *ctx, request_t *request, fr_value_box_list_t *in, regex_t **preg, fr_dcursor_t *out, fr_token_t op)
Perform a regular expressions comparison between two operands.
Definition xlat_expr.c:618
xlat_func_append_arg
static void xlat_func_append_arg(xlat_exp_t *head, xlat_exp_t *node, bool exists)
Definition xlat_expr.c:73
xlat_is_truthy
bool xlat_is_truthy(xlat_exp_head_t const *head, bool *out)
Allow callers to see if an xlat is truthy.
Definition xlat_expr.c:3281
xlat_func_logical
static xlat_action_t xlat_func_logical(TALLOC_CTX *ctx, fr_dcursor_t *out, xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *in)
Process logical &&, ||.
Definition xlat_expr.c:1315
xlat_regex_inst_t::xlat
xlat_exp_t * xlat
to expand
Definition xlat_expr.c:445
xlat_regex_rctx_t::last_success
bool last_success
Definition xlat_expr.c:450
XLAT_BINARY_FUNC
#define XLAT_BINARY_FUNC(_name, _op)
Definition xlat_expr.c:362
bracket_terms
static const fr_sbuff_term_t bracket_terms
Definition xlat_expr.c:3146
tokenize_unary
static fr_slen_t tokenize_unary(xlat_exp_head_t *head, xlat_exp_t **out, fr_sbuff_t *in, fr_sbuff_parse_rules_t const *p_rules, tmpl_rules_t const *t_rules, fr_sbuff_parse_rules_t const *bracket_rules, char *out_c, bool cond)
Definition xlat_expr.c:2106
tmpl_require_enum_prefix
bool tmpl_require_enum_prefix
Definition tmpl_tokenize.c:49
expr_quote_table_len
static size_t expr_quote_table_len
Definition xlat_expr.c:2090
xlat_exists_resume
static xlat_action_t xlat_exists_resume(TALLOC_CTX *ctx, fr_dcursor_t *out, xlat_ctx_t const *xctx, request_t *request, UNUSED fr_value_box_list_t *in)
Definition xlat_expr.c:1745
xlat_instantiate_exists
static int xlat_instantiate_exists(xlat_inst_ctx_t const *xctx)
Definition xlat_expr.c:1702
xlat_expr_print_nary
static fr_slen_t xlat_expr_print_nary(fr_sbuff_t *out, xlat_exp_t const *node, void *instance, fr_sbuff_escape_rules_t const *e_rules)
Definition xlat_expr.c:802
xlat_register_expressions
int xlat_register_expressions(void)
Definition xlat_expr.c:1900
xlat_exists_inst_t::xlat
xlat_exp_head_t * xlat
the xlat which needs expanding
Definition xlat_expr.c:1669
xlat_func_exists_arg
static xlat_arg_parser_t const xlat_func_exists_arg[]
Definition xlat_expr.c:1677
xlat_logical_process_arg
static xlat_action_t xlat_logical_process_arg(UNUSED TALLOC_CTX *ctx, UNUSED fr_dcursor_t *out, xlat_ctx_t const *xctx, request_t *request, UNUSED fr_value_box_list_t *in)
Process one argument of a logical operation.
Definition xlat_expr.c:1053
xlat_tokenize_expression_internal
static fr_slen_t xlat_tokenize_expression_internal(TALLOC_CTX *ctx, xlat_exp_head_t **out, fr_sbuff_t *in, fr_sbuff_parse_rules_t const *p_rules, tmpl_rules_t const *t_rules, bool cond)
Definition xlat_expr.c:3171
xlat_function_args_to_tmpl
static int xlat_function_args_to_tmpl(xlat_inst_ctx_t const *xctx)
Convert XLAT_BOX arguments to XLAT_TMPL.
Definition xlat_expr.c:1441
xlat_expr_print_unary
static fr_slen_t xlat_expr_print_unary(fr_sbuff_t *out, xlat_exp_t const *node, UNUSED void *inst, fr_sbuff_escape_rules_t const *e_rules)
Definition xlat_expr.c:135
P
#define P(_x, _y)
Definition xlat_expr.c:2014
regex_op_xlat_args
static xlat_arg_parser_t const regex_op_xlat_args[]
Definition xlat_expr.c:591
xlat_ungroup
static void xlat_ungroup(xlat_exp_head_t *head)
Undo work which shouldn't have been done.
Definition xlat_expr.c:901
xlat_func_unary_complement
static xlat_action_t xlat_func_unary_complement(TALLOC_CTX *ctx, fr_dcursor_t *out, xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *in)
Definition xlat_expr.c:1423
xlat_cmp_op
static xlat_action_t xlat_cmp_op(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, UNUSED request_t *request, fr_value_box_list_t *in, fr_token_t op)
Definition xlat_expr.c:387
precedence
static const int precedence[T_TOKEN_LAST]
Definition xlat_expr.c:2016
xlat_func_unary_minus
static xlat_action_t xlat_func_unary_minus(TALLOC_CTX *ctx, fr_dcursor_t *out, xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *in)
Definition xlat_expr.c:1416
xlat_logical_or_resume
static xlat_action_t xlat_logical_or_resume(TALLOC_CTX *ctx, fr_dcursor_t *out, xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *in)
Definition xlat_expr.c:1135
expr_quote_table
static fr_table_num_sorted_t const expr_quote_table[]
Definition xlat_expr.c:2084
XLAT_REGISTER_BINARY_OP
#define XLAT_REGISTER_BINARY_OP(_op, _name)
Definition xlat_expr.c:1841
XLAT_REGEX_FUNC
#define XLAT_REGEX_FUNC(_name, _op)
Definition xlat_expr.c:776
tokenize_rcode
static fr_slen_t tokenize_rcode(xlat_exp_head_t *head, xlat_exp_t **out, fr_sbuff_t *in)
Definition xlat_expr.c:2382
xlat_binary_op
static xlat_action_t xlat_binary_op(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *in, fr_token_t op, fr_type_t default_type, fr_dict_attr_t const *enumv)
Definition xlat_expr.c:296
valid_type
static bool valid_type(xlat_exp_t *node)
Definition xlat_expr.c:2846
expr_cast_alloc
static xlat_exp_t * expr_cast_alloc(TALLOC_CTX *ctx, fr_type_t type)
Allocate a specific cast node.
Definition xlat_expr.c:2210
xlat_logical_and
static bool xlat_logical_and(xlat_logical_rctx_t *rctx, fr_value_box_list_t const *in)
See if the input is truthy or not.
Definition xlat_expr.c:1193
xlat_logical_rctx_t::last_success
bool last_success
Definition xlat_expr.c:796
xlat_logical_rctx_t::box
fr_value_box_t * box
output value-box
Definition xlat_expr.c:797
xlat_logical_inst_t::stop_on_match
bool stop_on_match
Definition xlat_expr.c:788
XLAT_DEBUG
#define XLAT_DEBUG(...)
Definition xlat_expr.c:39
xlat_regex_rctx_t::list
fr_value_box_list_t list
Definition xlat_expr.c:451
xlat_regex_op
static xlat_action_t xlat_regex_op(TALLOC_CTX *ctx, fr_dcursor_t *out, xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *in, fr_token_t op)
Definition xlat_expr.c:743
xlat_func_unary_not
static xlat_action_t xlat_func_unary_not(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, UNUSED request_t *request, fr_value_box_list_t *in)
Definition xlat_expr.c:1389
xlat_regex_inst_t::regex_flags
fr_regex_flags_t * regex_flags
Definition xlat_expr.c:446
xlat_node_matches_bool
static bool xlat_node_matches_bool(bool *result, xlat_exp_t *parent, xlat_exp_head_t *head, bool sense)
Definition xlat_expr.c:850
xlat_instantiate_regex
static int xlat_instantiate_regex(xlat_inst_ctx_t const *xctx)
Definition xlat_expr.c:516
xlat_func_unary_op
static xlat_action_t xlat_func_unary_op(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *in, fr_token_t op)
Definition xlat_expr.c:1345
xlat_expr_resolve_binary
static int xlat_expr_resolve_binary(xlat_exp_t *node, UNUSED void *inst, xlat_res_rules_t const *xr_rules)
Definition xlat_expr.c:168
logical_ops
static const bool logical_ops[T_TOKEN_LAST]
Definition xlat_expr.c:1995
xlat_logical_inst_t::callback
xlat_func_t callback
Definition xlat_expr.c:789
xlat_exists_rctx_t::last_success
bool last_success
Definition xlat_expr.c:1673
binary_op_xlat_args
static xlat_arg_parser_t const binary_op_xlat_args[]
Definition xlat_expr.c:290
xlat_attr_exists
static xlat_action_t xlat_attr_exists(TALLOC_CTX *ctx, fr_dcursor_t *out, request_t *request, tmpl_t const *vpt, bool do_free)
Definition xlat_expr.c:1726
binary_cmp_xlat_args
static xlat_arg_parser_t const binary_cmp_xlat_args[]
Definition xlat_expr.c:381
multivalue_ops
static const bool multivalue_ops[T_TOKEN_LAST]
Definition xlat_expr.c:2003
binary_ops
static const fr_sbuff_term_elem_t binary_ops[T_TOKEN_LAST]
Definition xlat_expr.c:1963
xlat_logical_or
static bool xlat_logical_or(xlat_logical_rctx_t *rctx, fr_value_box_list_t const *in)
See if the input is truthy or not.
Definition xlat_expr.c:1090
xlat_logical_rctx_t::current
int current
Definition xlat_expr.c:798
xlat_regex_inst_t::op
fr_token_t op
Definition xlat_expr.c:443
xlat_logical_rctx_t::ctx
TALLOC_CTX * ctx
Definition xlat_expr.c:795
xlat_regex_inst_t::regex
regex_t * regex
precompiled regex
Definition xlat_expr.c:444
XLAT_REGISTER_NARY_OP
#define XLAT_REGISTER_NARY_OP(_op, _name, _func_name)
Definition xlat_expr.c:1863
xlat_instantiate_expr_rcode
static int xlat_instantiate_expr_rcode(xlat_inst_ctx_t const *xctx)
Convert static expr_rcode arguments into rcodes.
Definition xlat_expr.c:1490
fr_value_box_init_zero
static void fr_value_box_init_zero(fr_value_box_t *vb, fr_type_t type)
Definition xlat_expr.c:273
xlat_regex_resume
static xlat_action_t xlat_regex_resume(TALLOC_CTX *ctx, fr_dcursor_t *out, xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *in)
Definition xlat_expr.c:703
expr_assignment_op_table
static fr_table_num_ordered_t const expr_assignment_op_table[]
Definition xlat_expr.c:2812
xlat_exists_alloc
static xlat_exp_t * xlat_exists_alloc(TALLOC_CTX *ctx, xlat_exp_t *child)
Allocate a specific cast node.
Definition xlat_expr.c:113
expr_cast_from_substr
static fr_slen_t expr_cast_from_substr(fr_type_t *cast, fr_sbuff_t *in)
Definition xlat_expr.c:2245
XLAT_REGISTER_BINARY_CMP
#define XLAT_REGISTER_BINARY_CMP(_op, _name)
Definition xlat_expr.c:1852
xlat_func_rcode_arg
static xlat_arg_parser_t const xlat_func_rcode_arg[]
Takes no arguments.
Definition xlat_expr.c:1634
xlat_expr_logical_purify
static int xlat_expr_logical_purify(xlat_exp_t *node, void *instance, request_t *request)
If any argument resolves to inst->stop_on_match, the entire thing is a bool of inst->stop_on_match.
Definition xlat_expr.c:927
xlat_logical_rctx_t::list
fr_value_box_list_t list
Definition xlat_expr.c:799
xlat_rcode_inst_t::rcode
rlm_rcode_t rcode
The preparsed rcode.
Definition xlat_expr.c:1482
xlat_logical_inst_t::argv
xlat_exp_head_t ** argv
Definition xlat_expr.c:791
xlat_expr_print_exists
static fr_slen_t xlat_expr_print_exists(fr_sbuff_t *out, xlat_exp_t const *node, void *instance, fr_sbuff_escape_rules_t const *e_rules)
Definition xlat_expr.c:1685
xlat_instantiate_logical
static int xlat_instantiate_logical(xlat_inst_ctx_t const *xctx)
Definition xlat_expr.c:1295
XLAT_REGISTER_UNARY
#define XLAT_REGISTER_UNARY(_op, _xlat, _func)
Definition xlat_expr.c:1891
unary_op_xlat_args
static xlat_arg_parser_t const unary_op_xlat_args[]
Definition xlat_expr.c:1340
xlat_tokenize_expression
fr_slen_t xlat_tokenize_expression(TALLOC_CTX *ctx, xlat_exp_head_t **out, fr_sbuff_t *in, fr_sbuff_parse_rules_t const *p_rules, tmpl_rules_t const *t_rules)
Definition xlat_expr.c:3258
xlat_func_expr_rcode_arg
static xlat_arg_parser_t const xlat_func_expr_rcode_arg[]
Definition xlat_expr.c:1474
tokenize_regex_rhs
static fr_slen_t tokenize_regex_rhs(xlat_exp_head_t *head, xlat_exp_t **out, fr_sbuff_t *in, tmpl_rules_t const *t_rules, fr_sbuff_parse_rules_t const *bracket_rules)
Definition xlat_expr.c:2285
xlat_expr_print_regex
static fr_slen_t xlat_expr_print_regex(fr_sbuff_t *out, xlat_exp_t const *node, void *instance, fr_sbuff_escape_rules_t const *e_rules)
Definition xlat_expr.c:454
operator_terms
static const fr_sbuff_term_t operator_terms
Definition xlat_expr.c:3151
XLAT_REGISTER_REGEX_OP
#define XLAT_REGISTER_REGEX_OP(_op, _name)
Definition xlat_expr.c:1874
xlat_logical_and_resume
static xlat_action_t xlat_logical_and_resume(TALLOC_CTX *ctx, fr_dcursor_t *out, xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *in)
Definition xlat_expr.c:1243
tokenize_field
static ssize_t tokenize_field(xlat_exp_head_t *head, xlat_exp_t **out, fr_sbuff_t *in, fr_sbuff_parse_rules_t const *p_rules, tmpl_rules_t const *t_rules, fr_sbuff_parse_rules_t const *bracket_rules, char *out_c, bool cond)
Definition xlat_expr.c:2428
tokenize_expression
static ssize_t tokenize_expression(xlat_exp_head_t *head, xlat_exp_t **out, fr_sbuff_t *in, fr_sbuff_parse_rules_t const *p_rules, tmpl_rules_t const *t_rules, fr_token_t prev, fr_sbuff_parse_rules_t const *bracket_rules, fr_sbuff_parse_rules_t const *input_rules, bool cond)
Tokenize a mathematical operation.
Definition xlat_expr.c:2885
XLAT_CMP_FUNC
#define XLAT_CMP_FUNC(_name, _op)
Definition xlat_expr.c:425
xlat_tokenize_condition
fr_slen_t xlat_tokenize_condition(TALLOC_CTX *ctx, xlat_exp_head_t **out, fr_sbuff_t *in, fr_sbuff_parse_rules_t const *p_rules, tmpl_rules_t const *t_rules)
Definition xlat_expr.c:3264
xlat_exists_inst_t
Definition xlat_expr.c:1667
xlat_exists_rctx_t
Definition xlat_expr.c:1672
xlat_logical_inst_t
Definition xlat_expr.c:787
xlat_logical_rctx_t
Definition xlat_expr.c:794
xlat_rcode_inst_t
Holds the result of pre-parsing the rcode on startup.
Definition xlat_expr.c:1481
xlat_regex_inst_t
Definition xlat_expr.c:442
xlat_regex_rctx_t
Definition xlat_expr.c:449
xlat_func_flags_set
void xlat_func_flags_set(xlat_t *x, xlat_func_flags_t flags)
Specify flags that alter the xlat's behaviour.
Definition xlat_func.c:402
xlat_func_args_set
int xlat_func_args_set(xlat_t *x, xlat_arg_parser_t const args[])
Register the arguments of an xlat.
Definition xlat_func.c:365
xlat_func_register
xlat_t * xlat_func_register(TALLOC_CTX *ctx, char const *name, xlat_func_t func, fr_type_t return_type)
Register an xlat function.
Definition xlat_func.c:218
xlat_func_print_set
void xlat_func_print_set(xlat_t *xlat, xlat_print_t func)
Set a print routine for an xlat function.
Definition xlat_func.c:414
xlat_func_find
xlat_t * xlat_func_find(char const *in, ssize_t inlen)
Definition xlat_func.c:79
xlat_func_instantiate_set
#define xlat_func_instantiate_set(_xlat, _instantiate, _inst_struct, _detach, _uctx)
Set a callback for global instantiation of xlat functions.
Definition xlat_func.h:93
XLAT_FUNC_FLAG_INTERNAL
@ XLAT_FUNC_FLAG_INTERNAL
Definition xlat_func.h:39
xlat_exp_head_alloc
#define xlat_exp_head_alloc(_ctx)
Definition xlat_priv.h:271
xlat_exp_s::flags
xlat_flags_t flags
Flags that control resolution and evaluation.
Definition xlat_priv.h:157
xlat_exp_next
static xlat_exp_t * xlat_exp_next(xlat_exp_head_t const *head, xlat_exp_t const *node)
Definition xlat_priv.h:244
xlat_exp_head_s::flags
xlat_flags_t flags
Flags that control resolution and evaluation.
Definition xlat_priv.h:190
xlat_exp_s::quote
fr_token_t quote
Type of quoting around XLAT_GROUP types.
Definition xlat_priv.h:155
XLAT_BOX
@ XLAT_BOX
fr_value_box_t
Definition xlat_priv.h:107
XLAT_TMPL
@ XLAT_TMPL
xlat attribute
Definition xlat_priv.h:113
XLAT_FUNC
@ XLAT_FUNC
xlat module
Definition xlat_priv.h:109
XLAT_GROUP
@ XLAT_GROUP
encapsulated string of xlats
Definition xlat_priv.h:117
xlat_flags_merge
static void xlat_flags_merge(xlat_flags_t *parent, xlat_flags_t const *child)
Merge flags from child to parent.
Definition xlat_priv.h:227
xlat_exp_set_type
#define xlat_exp_set_type(_node, _type)
Definition xlat_priv.h:274
xlat_s::token
fr_token_t token
for expressions
Definition xlat_priv.h:68
xlat_exp_s::fmt
char const *_CONST fmt
The original format string (a talloced buffer).
Definition xlat_priv.h:154
xlat_print_node
ssize_t xlat_print_node(fr_sbuff_t *out, xlat_exp_head_t const *head, xlat_exp_t const *node, fr_sbuff_escape_rules_t const *e_rules, char c)
Definition xlat_tokenize.c:1085
xlat_purify_list
int xlat_purify_list(xlat_exp_head_t *head, request_t *request)
Definition xlat_purify.c:60
xlat_exp_s::type
xlat_type_t _CONST type
type of this expansion.
Definition xlat_priv.h:158
xlat_exp_alloc
#define xlat_exp_alloc(_ctx, _type, _in, _inlen)
Definition xlat_priv.h:280
xlat_s::flags
xlat_flags_t flags
various flags
Definition xlat_priv.h:90
xlat_exp_foreach
#define xlat_exp_foreach(_list_head, _iter)
Iterate over the contents of a list, only one level.
Definition xlat_priv.h:220
xlat_exp_insert_tail
static int xlat_exp_insert_tail(xlat_exp_head_t *head, xlat_exp_t *node)
Definition xlat_priv.h:236
xlat_exp_head
static xlat_exp_t * xlat_exp_head(xlat_exp_head_t const *head)
Definition xlat_priv.h:207
xlat_exp_head_s
Definition xlat_priv.h:188
xlat_exp_s
An xlat expansion node.
Definition xlat_priv.h:151
xlat_s
Definition xlat_priv.h:59
Generated by   doxygen 1.9.8