The FreeRADIUS server $Id: 15bac2a4c627c01d1aa2047687b3418955ac7f00 $
Loading...
Searching...
No Matches
xlat_expr.c
Go to the documentation of this file.
1/*
2 * This program is free software; you can redistribute it and/or modify
3 * it under the terms of the GNU General Public License as published by
4 * the Free Software Foundation; either version 2 of the License, or
5 * (at your option) any later version.
6 *
7 * This program is distributed in the hope that it will be useful,
8 * but WITHOUT ANY WARRANTY; without even the implied warranty of
9 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
10 * GNU General Public License for more details.
11 *
12 * You should have received a copy of the GNU General Public License
13 * along with this program; if not, write to the Free Software
14 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
15 */
16
17/**
18 * $Id: 72c0339625da403c8b5a33b37dfbb3f7acec5569 $
19 *
20 * @file xlat_expr.c
21 * @brief Tokenizers and support functions for xlat expressions
22 *
23 * @copyright 2021 The FreeRADIUS server project
24 * @copyright 2021 Network RADIUS SAS (legal@networkradius.com)
25 */
26
27RCSID("$Id: 72c0339625da403c8b5a33b37dfbb3f7acec5569 $")
28
29#include <freeradius-devel/server/base.h>
30#include <freeradius-devel/unlang/xlat_priv.h>
31#include <freeradius-devel/util/calc.h>
32#include <freeradius-devel/server/tmpl_dcursor.h>
33#include <freeradius-devel/unlang/xlat_func.h>
34
35#undef XLAT_DEBUG
36#ifdef DEBUG_XLAT
37# define XLAT_DEBUG(_fmt, ...) DEBUG3("%s[%i] "_fmt, __FILE__, __LINE__, ##__VA_ARGS__)
38#else
39# define XLAT_DEBUG(...)
40#endif
41
42/*
43 * The new tokenizer accepts most things which are accepted by the old one. Many of the errors will be
44 * different, though.
45 *
46 * @todo - add a "output" fr_type_t to xlat_t, which is mainly used by the comparison functions. Right
47 * now it will happily parse things like:
48 *
49 * (1 < 2) < 3
50 *
51 * though the result of (1 < 2) is a boolean, so the result is always true. We probably want to have
52 * that as a compile-time error / check. This can probably just be done with xlat_purify() ? which
53 * doesn't need to interpret the LHS, but just knows its limits. We perhaps want a "range compare"
54 * function, which just checks ranges on one side against values on the right.
55 *
56 * Even worse, when we do "((bool) 1) < 3", the RHS is cast to the type of the LHS by
57 * tmpl_afrom_substr(). This is because we pass the LHS data type recursively down, which works most of
58 * the time, but not all of the time. There are currently hacks in the "upcast" code here to fix this,
59 * but it's a hack.
60 *
61 * @todo - add instantiation routines for assignment operations. This lets us do things
62 * like:
63 * if ((&foo += 4) > 6) ...
64 *
65 * However, this would also require us adding an edit list pointer to the xlat evaluation functions,
66 * which is not trivial. Or, maybe we attach it to the request somehow?
67 */
68
69static xlat_exp_t *xlat_exists_alloc(TALLOC_CTX *ctx, xlat_exp_t *child);
70
71static void xlat_func_append_arg(xlat_exp_t *head, xlat_exp_t *node, bool exists)
72{
73 xlat_exp_t *group;
74
75 fr_assert(head->type == XLAT_FUNC);
76
77 if (node->type == XLAT_GROUP) {
78 xlat_exp_insert_tail(head->call.args, node);
79 xlat_flags_merge(&head->flags, &head->call.args->flags);
80 return;
81 }
82
83 /*
84 * Wrap existence checks for attribute reference.
85 */
86 if (exists && (node->type == XLAT_TMPL) && tmpl_contains_attr(node->vpt)) {
87 node = xlat_exists_alloc(head, node);
88 }
89
90 group = xlat_exp_alloc(head->call.args, XLAT_GROUP, NULL, 0);
91 group->quote = T_BARE_WORD;
92
93 xlat_exp_set_name_shallow(group, node->fmt); /* not entirely correct, but good enough for now */
94 group->flags = node->flags;
95
96 talloc_steal(group->group, node);
97 xlat_exp_insert_tail(group->group, node);
98
99 xlat_exp_insert_tail(head->call.args, group);
100
101 xlat_flags_merge(&head->flags, &head->call.args->flags);
102}
103
104
105/** Allocate a specific cast node.
106 *
107 * With the first argument being a UINT8 of the data type.
108 * See xlat_func_cast() for the implementation.
109 *
110 */
111static xlat_exp_t *xlat_exists_alloc(TALLOC_CTX *ctx, xlat_exp_t *child)
112{
113 xlat_exp_t *node;
114
115 /*
116 * Create an "exists" node.
117 */
118 MEM(node = xlat_exp_alloc(ctx, XLAT_FUNC, "exists", 6));
119 MEM(node->call.func = xlat_func_find("exists", 6));
120 fr_assert(node->call.func != NULL);
121 node->flags = node->call.func->flags;
122
123 fr_assert(child->type == XLAT_TMPL);
124 fr_assert(tmpl_contains_attr(child->vpt));
125 xlat_exp_set_name_shallow(node, child->vpt->name);
126
127 xlat_func_append_arg(node, child, false);
128
129 return node;
130}
131
132
133static fr_slen_t xlat_expr_print_unary(fr_sbuff_t *out, xlat_exp_t const *node, UNUSED void *inst, fr_sbuff_escape_rules_t const *e_rules)
134{
135 size_t at_in = fr_sbuff_used_total(out);
136
137 FR_SBUFF_IN_STRCPY_RETURN(out, fr_tokens[node->call.func->token]);
138 xlat_print_node(out, node->call.args, xlat_exp_head(node->call.args), e_rules, 0);
139
140 return fr_sbuff_used_total(out) - at_in;
141}
142
143static fr_slen_t xlat_expr_print_binary(fr_sbuff_t *out, xlat_exp_t const *node, UNUSED void *inst, fr_sbuff_escape_rules_t const *e_rules)
144{
145 size_t at_in = fr_sbuff_used_total(out);
146 xlat_exp_t *child = xlat_exp_head(node->call.args);
147
148 fr_assert(child != NULL);
149
150 FR_SBUFF_IN_CHAR_RETURN(out, '(');
151 xlat_print_node(out, node->call.args, child, e_rules, 0); /* prints a space after the first argument */
152
153 FR_SBUFF_IN_STRCPY_RETURN(out, fr_tokens[node->call.func->token]);
154 FR_SBUFF_IN_CHAR_RETURN(out, ' ');
155
156 child = xlat_exp_next(node->call.args, child);
157 fr_assert(child != NULL);
158
159 xlat_print_node(out, node->call.args, child, e_rules, 0);
160
161 FR_SBUFF_IN_CHAR_RETURN(out, ')');
162
163 return fr_sbuff_used_total(out) - at_in;
164}
165
166static int xlat_expr_resolve_binary(xlat_exp_t *node, UNUSED void *inst, xlat_res_rules_t const *xr_rules)
167{
168 xlat_exp_t *arg1, *arg2;
169 xlat_exp_t *a, *b;
170 tmpl_res_rules_t my_tr_rules;
171
172 XLAT_DEBUG("RESOLVE %s\n", node->fmt);
173
174 arg1 = xlat_exp_head(node->call.args);
175 fr_assert(arg1);
176 fr_assert(arg1->type == XLAT_GROUP);
177
178 arg2 = xlat_exp_next(node->call.args, arg1);
179 fr_assert(arg2);
180 fr_assert(arg2->type == XLAT_GROUP);
181
182 a = xlat_exp_head(arg1->group);
183 b = xlat_exp_head(arg2->group);
184
185 /*
186 * We have many things here, just call resolve recursively.
187 */
188 if (xlat_exp_next(arg1->group, a) || (xlat_exp_next(arg2->group, b))) goto resolve;
189
190 /*
191 * Anything else must get resolved at run time.
192 */
193 if ((a->type != XLAT_TMPL) || (b->type != XLAT_TMPL)) goto resolve;
194
195 /*
196 * The tr_rules should always contain dict_def
197 */
198 fr_assert(xr_rules); /* always set by xlat_resolve() */
199 if (xr_rules->tr_rules) {
200 my_tr_rules = *xr_rules->tr_rules;
201 } else {
202 my_tr_rules = (tmpl_res_rules_t) { };
203 }
204
205 /*
206 * The LHS attribute dictates the enumv for the RHS one.
207 */
208 if (tmpl_contains_attr(a->vpt)) {
209 XLAT_DEBUG("\ta - %s %s\n", a->fmt, b->fmt);
210
211 if (a->flags.needs_resolving) {
212 XLAT_DEBUG("\tresolve attr a\n");
213 if (tmpl_resolve(a->vpt, &my_tr_rules) < 0) return -1;
214 a->flags.needs_resolving = false;
215 }
216
217 my_tr_rules.enumv = tmpl_attr_tail_da(a->vpt);
218
219 XLAT_DEBUG("\tresolve other b\n");
220 if (tmpl_resolve(b->vpt, &my_tr_rules) < 0) return -1;
221
222 b->flags.needs_resolving = false;
223 b->flags.pure = tmpl_is_data(b->vpt);
224 b->flags.constant = b->flags.pure;
225 goto flags;
226 }
227
228 if (tmpl_contains_attr(b->vpt)) {
229 XLAT_DEBUG("\tb - %s %s\n", a->fmt, b->fmt);
230
231 if (b->flags.needs_resolving) {
232 XLAT_DEBUG("\tresolve attr b\n");
233 if (tmpl_resolve(b->vpt, &my_tr_rules) < 0) return -1;
234
235 b->flags.needs_resolving = false;
236 }
237
238 my_tr_rules.enumv = tmpl_attr_tail_da(b->vpt);
239
240 XLAT_DEBUG("\tresolve other a\n");
241 if (tmpl_resolve(a->vpt, &my_tr_rules) < 0) return -1;
242
243 a->flags.needs_resolving = false;
244 a->flags.pure = tmpl_is_data(a->vpt);
245 a->flags.constant = a->flags.pure;
246 goto flags;
247 }
248
249resolve:
250 /*
251 * This call will fix everything recursively.
252 */
253 return xlat_resolve(node->call.args, xr_rules);
254
255flags:
256 arg1->flags = arg1->group->flags = a->flags;
257 arg2->flags = arg2->group->flags = b->flags;
258 xlat_flags_merge(&node->call.args->flags, &arg2->flags);
259
260 fr_assert(!a->flags.needs_resolving);
261 fr_assert(!b->flags.needs_resolving);
262
263 fr_assert(!arg1->flags.needs_resolving);
264 fr_assert(!arg2->flags.needs_resolving);
265
266 node->call.args->flags.needs_resolving = false;
267
268 return 0;
269}
270
271static void fr_value_box_init_zero(fr_value_box_t *vb, fr_type_t type)
272{
273 switch (type) {
274 case FR_TYPE_STRING:
275 fr_value_box_strdup_shallow(vb, NULL, "", false);
276 break;
277
278 case FR_TYPE_OCTETS:
279 fr_value_box_memdup_shallow(vb, NULL, (void const *) "", 0, false);
280 break;
281
282 default:
283 fr_value_box_init(vb, type, NULL, false);
284 break;
285 }
286}
287
288static xlat_arg_parser_t const binary_op_xlat_args[] = {
289 { .required = false, .type = FR_TYPE_VOID },
290 { .required = false, .type = FR_TYPE_VOID },
291 XLAT_ARG_PARSER_TERMINATOR
292};
293
294static xlat_action_t xlat_binary_op(TALLOC_CTX *ctx, fr_dcursor_t *out,
295 UNUSED xlat_ctx_t const *xctx,
296 request_t *request, fr_value_box_list_t *in,
297 fr_token_t op,
298 fr_type_t default_type, fr_dict_attr_t const *enumv)
299{
300 int rcode;
301 fr_value_box_t *dst, *a, *b;
302 fr_value_box_t one, two;
303
304 MEM(dst = fr_value_box_alloc_null(ctx));
305
306 /*
307 * Each argument is a FR_TYPE_GROUP, with one or more elements in a list.
308 */
309 a = fr_value_box_list_head(in);
310 b = fr_value_box_list_next(in, a);
311
312 if (!a && !b) return XLAT_ACTION_FAIL;
313
314 fr_assert(!a || (a->type == FR_TYPE_GROUP));
315 fr_assert(!b || (b->type == FR_TYPE_GROUP));
316
317 fr_assert(!fr_comparison_op[op]);
318
319 if (fr_value_box_list_num_elements(&a->vb_group) > 1) {
320 REDEBUG("Expected one value as the first argument, got %u",
321 fr_value_box_list_num_elements(&a->vb_group));
322 return XLAT_ACTION_FAIL;
323 }
324 a = fr_value_box_list_head(&a->vb_group);
325
326 if (fr_value_box_list_num_elements(&b->vb_group) > 1) {
327 REDEBUG("Expected one value as the second argument, got %u",
328 fr_value_box_list_num_elements(&b->vb_group));
329 return XLAT_ACTION_FAIL;
330 }
331 b = fr_value_box_list_head(&b->vb_group);
332
333 if (!a) {
334 a = &one;
335 fr_value_box_init_zero(a, b->type);
336 }
337
338 if (!b) {
339 b = &two;
340 fr_value_box_init_zero(b, a->type);
341 }
342
343 rcode = fr_value_calc_binary_op(dst, dst, default_type, a, op, b);
344 if (rcode < 0) {
345 talloc_free(dst);
346 return XLAT_ACTION_FAIL;
347 }
348
349 /*
350 * Over-write, but only if it's present. Otherwise leave
351 * any existing enum alone.
352 */
353 if (enumv) dst->enumv = enumv;
354
355 fr_dcursor_append(out, dst);
356 VALUE_BOX_LIST_VERIFY((fr_value_box_list_t *)out->dlist);
357 return XLAT_ACTION_DONE;
358}
359
360#define XLAT_BINARY_FUNC(_name, _op) \
361static xlat_action_t xlat_func_ ## _name(TALLOC_CTX *ctx, fr_dcursor_t *out, \
362 xlat_ctx_t const *xctx, \
363 request_t *request, fr_value_box_list_t *in) \
364{ \
365 return xlat_binary_op(ctx, out, xctx, request, in, _op, FR_TYPE_NULL, NULL); \
366}
367
368XLAT_BINARY_FUNC(op_add, T_ADD)
369XLAT_BINARY_FUNC(op_sub, T_SUB)
370XLAT_BINARY_FUNC(op_mul, T_MUL)
371XLAT_BINARY_FUNC(op_div, T_DIV)
372XLAT_BINARY_FUNC(op_mod, T_MOD)
373XLAT_BINARY_FUNC(op_and, T_AND)
374XLAT_BINARY_FUNC(op_or, T_OR)
375XLAT_BINARY_FUNC(op_xor, T_XOR)
376XLAT_BINARY_FUNC(op_rshift, T_RSHIFT)
377XLAT_BINARY_FUNC(op_lshift, T_LSHIFT)
378
379static xlat_arg_parser_t const binary_cmp_xlat_args[] = {
380 { .required = false, .type = FR_TYPE_VOID },
381 { .required = false, .type = FR_TYPE_VOID },
382 XLAT_ARG_PARSER_TERMINATOR
383};
384
385static xlat_action_t xlat_cmp_op(TALLOC_CTX *ctx, fr_dcursor_t *out,
386 UNUSED xlat_ctx_t const *xctx,
387 UNUSED request_t *request, fr_value_box_list_t *in,
388 fr_token_t op)
389{
390 int rcode;
391 fr_value_box_t *dst, *a, *b;
392
393 /*
394 * Each argument is a FR_TYPE_GROUP, with one or more elements in a list.
395 */
396 a = fr_value_box_list_head(in);
397 b = fr_value_box_list_next(in, a);
398
399 if (!a || !b) return XLAT_ACTION_FAIL;
400
401 fr_assert(a->type == FR_TYPE_GROUP);
402 fr_assert(b->type == FR_TYPE_GROUP);
403
404 fr_assert(fr_comparison_op[op]);
405
406 MEM(dst = fr_value_box_alloc(ctx, FR_TYPE_BOOL, attr_expr_bool_enum));
407
408 rcode = fr_value_calc_list_cmp(dst, dst, &a->vb_group, op, &b->vb_group);
409 if (rcode < 0) {
410 talloc_free(dst);
411 return XLAT_ACTION_FAIL;
412 }
413
414 fr_assert(dst->type == FR_TYPE_BOOL);
415 dst->enumv = attr_expr_bool_enum;
416
417 fr_dcursor_append(out, dst);
418 VALUE_BOX_LIST_VERIFY((fr_value_box_list_t *)out->dlist);
419 return XLAT_ACTION_DONE;
420}
421
422
423#define XLAT_CMP_FUNC(_name, _op) \
424static xlat_action_t xlat_func_ ## _name(TALLOC_CTX *ctx, fr_dcursor_t *out, \
425 xlat_ctx_t const *xctx, \
426 request_t *request, fr_value_box_list_t *in) \
427{ \
428 return xlat_cmp_op(ctx, out, xctx, request, in, _op); \
429}
430
431XLAT_CMP_FUNC(cmp_eq, T_OP_CMP_EQ)
432XLAT_CMP_FUNC(cmp_ne, T_OP_NE)
433XLAT_CMP_FUNC(cmp_lt, T_OP_LT)
434XLAT_CMP_FUNC(cmp_le, T_OP_LE)
435XLAT_CMP_FUNC(cmp_gt, T_OP_GT)
436XLAT_CMP_FUNC(cmp_ge, T_OP_GE)
437XLAT_CMP_FUNC(cmp_eq_type, T_OP_CMP_EQ_TYPE)
438XLAT_CMP_FUNC(cmp_ne_type, T_OP_CMP_NE_TYPE)
439
440typedef struct {
441 fr_token_t op;
442 regex_t *regex; //!< precompiled regex
443 xlat_exp_t *xlat; //!< to expand
444 fr_regex_flags_t *regex_flags;
445} xlat_regex_inst_t;
446
447typedef struct {
448 bool last_success;
449 fr_value_box_list_t list;
450} xlat_regex_rctx_t;
451
452static fr_slen_t xlat_expr_print_regex(fr_sbuff_t *out, xlat_exp_t const *node, void *instance, fr_sbuff_escape_rules_t const *e_rules)
453{
454 size_t at_in = fr_sbuff_used_total(out);
455 xlat_exp_t *child = xlat_exp_head(node->call.args);
456 xlat_regex_inst_t *inst = instance;
457
458 fr_assert(child != NULL);
459
460 FR_SBUFF_IN_CHAR_RETURN(out, '(');
461 xlat_print_node(out, node->call.args, child, e_rules, 0);
462
463 /*
464 * A space is printed after the first argument only if
465 * there's a second one. So add one if we "ate" the second argument.
466 */
467 if (inst->xlat) FR_SBUFF_IN_CHAR_RETURN(out, ' ');
468
469 FR_SBUFF_IN_STRCPY_RETURN(out, fr_tokens[node->call.func->token]);
470 FR_SBUFF_IN_CHAR_RETURN(out, ' ');
471
472 /*
473 * Regexes which aren't instantiated: only for unit tests.
474 */
475 if (!inst->xlat) {
476 child = xlat_exp_next(node->call.args, child);
477
478 fr_assert(child != NULL);
479 fr_assert(!xlat_exp_next(node->call.args, child));
480 fr_assert(child->type == XLAT_GROUP);
481
482 FR_SBUFF_IN_CHAR_RETURN(out, '/');
483 FR_SBUFF_IN_STRCPY_RETURN(out, child->fmt);
484 FR_SBUFF_IN_CHAR_RETURN(out, '/');
485
486 child = xlat_exp_head(child->group);
487 fr_assert(child->type == XLAT_TMPL);
488
489 /*
490 * The RHS may be a group
491 */
492 FR_SBUFF_RETURN(regex_flags_print, out, tmpl_regex_flags(child->vpt));
493 goto done;
494 }
495
496 fr_assert(tmpl_contains_regex(inst->xlat->vpt));
497
498 if (inst->xlat->quote == T_SINGLE_QUOTED_STRING) FR_SBUFF_IN_CHAR_RETURN(out, 'm');
499 FR_SBUFF_IN_CHAR_RETURN(out, fr_token_quote[inst->xlat->quote]);
500 FR_SBUFF_IN_STRCPY_RETURN(out, inst->xlat->vpt->name);
501 FR_SBUFF_IN_CHAR_RETURN(out, fr_token_quote[inst->xlat->quote]);
502
503 FR_SBUFF_RETURN(regex_flags_print, out, inst->regex_flags);
504
505done:
506 FR_SBUFF_IN_CHAR_RETURN(out, ')');
507
508 return fr_sbuff_used_total(out) - at_in;
509}
510
511
512/*
513 * Each argument is it's own head, because we do NOT always want
514 * to go to the next argument.
515 */
516static int xlat_instantiate_regex(xlat_inst_ctx_t const *xctx)
517{
518 xlat_regex_inst_t *inst = talloc_get_type_abort(xctx->inst, xlat_regex_inst_t);
519 xlat_exp_t *lhs, *rhs, *regex;
520
521 lhs = xlat_exp_head(xctx->ex->call.args);
522 rhs = xlat_exp_next(xctx->ex->call.args, lhs);
523
524 (void) fr_dlist_remove(&xctx->ex->call.args->dlist, rhs);
525
526 fr_assert(rhs);
527 fr_assert(rhs->type == XLAT_GROUP);
528 regex = xlat_exp_head(rhs->group);
529 fr_assert(tmpl_contains_regex(regex->vpt));
530
531 inst->op = xctx->ex->call.func->token;
532 inst->regex_flags = tmpl_regex_flags(regex->vpt);
533
534 inst->xlat = talloc_steal(inst, regex);
535 talloc_free(rhs); /* group wrapper is no longer needed */
536
537 /*
538 * The RHS is more then just one regex node, it has to be dynamically expanded.
539 */
540 if (tmpl_contains_xlat(regex->vpt)) {
541 return 0;
542 }
543
544 if (tmpl_is_data_unresolved(regex->vpt)) {
545 fr_strerror_const("Regex must be resolved before instantiation");
546 return -1;
547 }
548
549 /*
550 * Must have been caught in the parse phase.
551 */
552 fr_assert(tmpl_is_regex(regex->vpt));
553
554 inst->regex = tmpl_regex(regex->vpt);
555
556 return 0;
557}
558
559
560static xlat_arg_parser_t const regex_op_xlat_args[] = {
561 { .required = true, .type = FR_TYPE_STRING },
562 { .concat = true, .type = FR_TYPE_STRING },
563 XLAT_ARG_PARSER_TERMINATOR
564};
565
566
567/** Perform a regular expressions comparison between two operands
568 *
569 * @param[in] ctx to allocate resulting box in.
570 * @param[in] request The current request.
571 * @param[in] in list of item or items
572 * @param[in,out] preg Pointer to pre-compiled or runtime-compiled
573 * regular expression. In the case of runtime-compiled
574 * the pattern may be stolen by the `regex_sub_to_request`
575 * function as the original pattern is needed to resolve
576 * capture groups.
577 * The caller should only free the `regex_t *` if it
578 * compiled it, and the pointer has not been set to NULL
579 * when this function returns.
580 * @param[out] out Where result is written.
581 * @param[in] op the operation to perform.
582 * @return
583 * - -1 on failure.
584 * - 0 for "no match".
585 * - 1 for "match".
586 */
587static xlat_action_t xlat_regex_match(TALLOC_CTX *ctx, request_t *request, fr_value_box_list_t *in, regex_t **preg,
588 fr_dcursor_t *out, fr_token_t op)
589{
590 uint32_t subcaptures;
591 int ret = 0;
592
593 fr_regmatch_t *regmatch;
594 fr_value_box_t *dst;
595 fr_value_box_t *arg, *vb;
596 fr_sbuff_t *agg;
597 char const *subject;
598 size_t len;
599 fr_value_box_t safety = {};
600
601 FR_SBUFF_TALLOC_THREAD_LOCAL(&agg, 256, 8192);
602
603 arg = fr_value_box_list_head(in);
604 fr_assert(arg != NULL);
605 fr_assert(arg->type == FR_TYPE_GROUP);
606
607 subcaptures = regex_subcapture_count(*preg);
608 if (!subcaptures) subcaptures = REQUEST_MAX_REGEX + 1; /* +1 for %{0} (whole match) capture group */
609 MEM(regmatch = regex_match_data_alloc(NULL, subcaptures));
610
611 while ((vb = fr_value_box_list_pop_head(&arg->vb_group)) != NULL) {
612 if (vb->type == FR_TYPE_STRING) {
613 subject = vb->vb_strvalue;
614 len = vb->vb_length;
615 fr_value_box_safety_copy(&safety, vb);
616
617 } else {
618 fr_value_box_list_t list;
619
620 fr_value_box_list_init(&list);
621 fr_value_box_list_insert_head(&list, vb);
622 fr_value_box_mark_safe_for(&safety, FR_VALUE_BOX_SAFE_FOR_ANY);
623
624 vb = NULL;
625
626 /*
627 * Concatenate everything, and escape untrusted inputs.
628 */
629 if (fr_value_box_list_concat_as_string(&safety, agg, &list, NULL, 0, &regex_escape_rules,
630 FR_VALUE_BOX_LIST_FREE_BOX, FR_REGEX_SAFE_FOR, true) < 0) {
631 RPEDEBUG("Failed concatenating regular expression string");
632 talloc_free(regmatch);
633 return XLAT_ACTION_FAIL;
634 }
635
636 subject = fr_sbuff_start(agg);
637 len = fr_sbuff_used(agg);
638 }
639
640 /*
641 * Evaluate the expression
642 */
643 ret = regex_exec(*preg, subject, len, regmatch);
644 switch (ret) {
645 default:
646 RPEDEBUG("REGEX failed");
647 talloc_free(vb);
648 talloc_free(regmatch);
649 return XLAT_ACTION_FAIL;
650
651 case 0:
652 regex_sub_to_request(request, NULL, NULL, NULL); /* clear out old entries */
653 continue;
654
655 case 1:
656 regex_sub_to_request(request, preg, &regmatch, &safety);
657 talloc_free(vb);
658 goto done;
659
660 }
661
662 talloc_free(vb);
663 }
664
665done:
666 talloc_free(regmatch); /* free if not consumed */
667
668 MEM(dst = fr_value_box_alloc(ctx, FR_TYPE_BOOL, attr_expr_bool_enum));
669 dst->vb_bool = (ret == (op == T_OP_REG_EQ));
670
671 fr_dcursor_append(out, dst);
672
673 return XLAT_ACTION_DONE;
674}
675
676static xlat_action_t xlat_regex_resume(TALLOC_CTX *ctx, fr_dcursor_t *out,
677 xlat_ctx_t const *xctx,
678 request_t *request, fr_value_box_list_t *in)
679{
680 xlat_regex_inst_t const *inst = talloc_get_type_abort_const(xctx->inst, xlat_regex_inst_t);
681 xlat_regex_rctx_t *rctx = talloc_get_type_abort(xctx->rctx, xlat_regex_rctx_t);
682 ssize_t slen;
683 regex_t *preg = NULL;
684 fr_sbuff_t *agg;
685
686 FR_SBUFF_TALLOC_THREAD_LOCAL(&agg, 256, 8192);
687
688 /*
689 * If the expansions fails, then we fail the entire thing.
690 */
691 if (!rctx->last_success) {
692 talloc_free(rctx);
693 return XLAT_ACTION_FAIL;
694 }
695
696 /*
697 * Because we expanded the RHS ourselves, the "concat"
698 * flag to the RHS argument is ignored. So we just
699 * concatenate it here. We escape the various untrusted inputs.
700 */
701 if (fr_value_box_list_concat_as_string(NULL, agg, &rctx->list, NULL, 0, &regex_escape_rules,
702 FR_VALUE_BOX_LIST_FREE_BOX, FR_REGEX_SAFE_FOR, true) < 0) {
703 RPEDEBUG("Failed concatenating regular expression string");
704 return XLAT_ACTION_FAIL;
705 }
706
707 fr_assert(inst->regex == NULL);
708
709 slen = regex_compile(rctx, &preg, fr_sbuff_start(agg), fr_sbuff_used(agg),
710 tmpl_regex_flags(inst->xlat->vpt), true, true); /* flags, allow subcaptures, at runtime */
711 if (slen <= 0) return XLAT_ACTION_FAIL;
712
713 return xlat_regex_match(ctx, request, in, &preg, out, inst->op);
714}
715
716static xlat_action_t xlat_regex_op(TALLOC_CTX *ctx, fr_dcursor_t *out,
717 xlat_ctx_t const *xctx,
718 request_t *request, fr_value_box_list_t *in,
719 fr_token_t op)
720{
721 xlat_regex_inst_t const *inst = talloc_get_type_abort_const(xctx->inst, xlat_regex_inst_t);
722 xlat_regex_rctx_t *rctx;
723 regex_t *preg;
724
725 /*
726 * Just run precompiled regexes.
727 */
728 if (inst->regex) {
729 preg = tmpl_regex(inst->xlat->vpt);
730
731 return xlat_regex_match(ctx, request, in, &preg, out, op);
732 }
733
734 MEM(rctx = talloc_zero(unlang_interpret_frame_talloc_ctx(request), xlat_regex_rctx_t));
735 fr_value_box_list_init(&rctx->list);
736
737 if (unlang_xlat_yield(request, xlat_regex_resume, NULL, 0, rctx) != XLAT_ACTION_YIELD) {
738 fail:
739 talloc_free(rctx);
740 return XLAT_ACTION_FAIL;
741 }
742
743 if (unlang_xlat_push(ctx, &rctx->last_success, &rctx->list,
744 request, tmpl_xlat(inst->xlat->vpt), UNLANG_SUB_FRAME) < 0) goto fail;
745
746 return XLAT_ACTION_PUSH_UNLANG;
747}
748
749#define XLAT_REGEX_FUNC(_name, _op) \
750static xlat_action_t xlat_func_ ## _name(TALLOC_CTX *ctx, fr_dcursor_t *out, \
751 xlat_ctx_t const *xctx, \
752 request_t *request, fr_value_box_list_t *in) \
753{ \
754 return xlat_regex_op(ctx, out, xctx, request, in, _op); \
755}
756
757XLAT_REGEX_FUNC(reg_eq, T_OP_REG_EQ)
758XLAT_REGEX_FUNC(reg_ne, T_OP_REG_NE)
759
766
767typedef struct {
768 TALLOC_CTX *ctx;
769 bool last_success;
770 fr_value_box_t *box; //!< output value-box
771 int current;
772 fr_value_box_list_t list;
773} xlat_logical_rctx_t;
774
775static fr_slen_t xlat_expr_print_nary(fr_sbuff_t *out, xlat_exp_t const *node, void *instance, fr_sbuff_escape_rules_t const *e_rules)
776{
777 size_t at_in = fr_sbuff_used_total(out);
778 xlat_logical_inst_t *inst = instance;
779 xlat_exp_head_t *head;
780
781 FR_SBUFF_IN_CHAR_RETURN(out, '(');
782
783 /*
784 * We might get called before the node is instantiated.
785 */
786 if (!inst->argv) {
787 head = node->call.args;
788
789 fr_assert(head != NULL);
790
791 xlat_exp_foreach(head, child) {
792 xlat_print_node(out, head, child, e_rules, 0);
793
794 if (!xlat_exp_next(head, child)) break;
795
796 FR_SBUFF_IN_STRCPY_RETURN(out, fr_tokens[node->call.func->token]);
797 FR_SBUFF_IN_CHAR_RETURN(out, ' ');
798 }
799 } else {
800 int i;
801
802 for (i = 0; i < inst->argc; i++) {
803 xlat_print(out, inst->argv[i], e_rules);
804 if (i == (inst->argc - 1)) break;
805
806 FR_SBUFF_IN_CHAR_RETURN(out, ' ');
807 FR_SBUFF_IN_STRCPY_RETURN(out, fr_tokens[node->call.func->token]);
808 if ((i + 1) < inst->argc) FR_SBUFF_IN_CHAR_RETURN(out, ' ');
809 }
810 }
811
812 FR_SBUFF_IN_CHAR_RETURN(out, ')');
813
814 return fr_sbuff_used_total(out) - at_in;
815}
816
817/*
818 * This returns "false" for "ignore this argument"
819 *
820 * result is "false" for "delete this argument"
821 * result is "true" for "return this argument".
822 */
823static bool xlat_node_matches_bool(bool *result, xlat_exp_t *parent, xlat_exp_head_t *head, bool sense)
824{
825 fr_value_box_t *box;
826 xlat_exp_t *node;
827
828 if (!head->flags.pure) return false;
829
830 node = xlat_exp_head(head);
831 if (!node || xlat_exp_next(head, node)) {
832 return false;
833 }
834
835 if (node->type == XLAT_BOX) {
836 box = &node->data;
837 goto check;
838 }
839
840 if (node->type != XLAT_TMPL) {
841 return false;
842 }
843
844 if (!tmpl_is_data(node->vpt)) {
845 return false;
846 }
847
848 box = tmpl_value(node->vpt);
849
850check:
851 /*
852 * On "true", replace the entire logical operation with the value-box.
853 *
854 * On "false", omit this argument, and go to the next one.
855 */
856 *result = (fr_value_box_is_truthy(box) == sense);
857
858 if (!*result) return true;
859
860 xlat_instance_unregister_func(parent);
861
862 xlat_exp_set_type(parent, XLAT_BOX);
863 fr_value_box_copy(parent, &parent->data, box);
864 parent->flags = (xlat_flags_t) { .pure = true, .constant = true, };
865
866 talloc_free_children(parent);
867
868 return true;
869}
870
871/** Undo work which shouldn't have been done. :(
872 *
873 */
874static void xlat_ungroup(xlat_exp_head_t *head)
875{
876 xlat_exp_t *group, *node;
877
878 group = xlat_exp_head(head);
879 if (!group || xlat_exp_next(head, group)) return;
880
881 if (group->type != XLAT_GROUP) return;
882
883 node = xlat_exp_head(group->group);
884 if (!node || xlat_exp_next(group->group, node)) return;
885
886 (void) fr_dlist_remove(&head->dlist, group);
887 (void) fr_dlist_remove(&group->group->dlist, node);
888 (void) talloc_steal(head, node);
889
890 talloc_free(group);
891
892 fr_dlist_insert_tail(&head->dlist, node);
893 head->flags = node->flags;
894}
895
896/** If any argument resolves to inst->stop_on_match, the entire thing is a bool of inst->stop_on_match.
897 *
898 * If any argument resolves to !inst->stop_on_match, it is removed.
899 */
900static int xlat_expr_logical_purify(xlat_exp_t *node, void *instance, request_t *request)
901{
902 int i, j;
903 int deleted = 0;
904 bool result;
905 xlat_logical_inst_t *inst = talloc_get_type_abort(instance, xlat_logical_inst_t);
906 xlat_exp_head_t *group;
907
908 fr_assert(node->type == XLAT_FUNC);
909
910 /*
911 * Don't check the last argument. If everything else gets deleted,
912 * then we just return the last argument.
913 */
914 for (i = 0; i < inst->argc; i++) {
915 /*
916 * The argument is pure, so we purify it before
917 * doing any other checks.
918 */
919 if (inst->argv[i]->flags.can_purify) {
920 if (xlat_purify_list(inst->argv[i], request) < 0) return -1;
921
922 /*
923 * xlat_purify_list expects that its outputs will be arguments to functions, so
924 * they're grouped. We con't need that, so we ungroup them here.
925 */
926 xlat_ungroup(inst->argv[i]);
927 }
928
929 /*
930 * This returns "false" for "ignore".
931 *
932 * result is "false" for "delete this argument"
933 * result is "true" for "return this argument".
934 */
935 if (!xlat_node_matches_bool(&result, node, inst->argv[i], inst->stop_on_match)) continue;
936
937 /*
938 * 0 && EXPR --> 0.
939 * 1 || EXPR --> 1
940 *
941 * Parent is now an XLAT_BOX, so we're done.
942 */
943 if (result) return 0;
944
945 /*
946 * We're at the last argument. If we've deleted everything else, then just leave the
947 * last argument alone. Otherwise some arguments remain, so we can delete the last one.
948 */
949 if (((i + 1) == inst->argc) && (deleted == i)) break;
950
951 TALLOC_FREE(inst->argv[i]);
952 deleted++;
953 }
954
955 if (!deleted) return 0;
956
957 /*
958 * Pack the array. We insert at i, and read from j. We don't need to read the deleted entries,
959 * as they all MUST be NULL.
960 */
961 i = 0;
962 j = -1;
963 while (i < (inst->argc - deleted)) {
964 if (inst->argv[i]) {
965 i++;
966 continue;
967 }
968
969 /*
970 * Start searching from the next entry, OR start searching from where we left off before.
971 */
972 if (j < 0) j = i + 1;
973
974 /*
975 * Find the first non-NULL entry, and insert it in argv[i]. We search here until the end
976 * of the array, because we may have deleted entries from the start of the array.
977 */
978 while (j < inst->argc) {
979 if (inst->argv[j]) break;
980 j++;
981 }
982
983 /*
984 * Move the entry down, and clear out the tail end of the array.
985 */
986 inst->argv[i++] = inst->argv[j];
987 inst->argv[j++] = NULL;
988 }
989
990 inst->argc -= deleted;
991
992 if (inst->argc > 1) return 0;
993
994 /*
995 * Only one argument left/ We can hoist the child into ourselves, and omit the logical operation.
996 */
997 group = inst->argv[0];
998 fr_assert(group != NULL);
999 talloc_steal(node, group);
1000
1001 xlat_instance_unregister_func(node);
1002 xlat_exp_set_type(node, XLAT_GROUP);
1003
1004 /* re-print, with purified nodes removed */
1005 {
1006 char *name;
1007
1008 MEM(xlat_aprint(node, &name, group, NULL) >= 0);
1009 xlat_exp_set_name_shallow(node, name);
1010 }
1011
1012 node->group = group;
1013 node->flags = group->flags;
1014
1015 return 0;
1016}
1017
1018/** Process one argument of a logical operation.
1019 *
1020 * If we see a list in a truthy context, then we DON'T expand the list. Instead, we return a bool which
1021 * indicates if the list was empty (or not). This prevents us from returning a whole mess of value-boxes
1022 * when the user just wanted to see if the list existed.
1023 *
1024 * Otherwise, we expand the xlat, and continue.
1025 */
1026static xlat_action_t xlat_logical_process_arg(UNUSED TALLOC_CTX *ctx, UNUSED fr_dcursor_t *out,
1027 xlat_ctx_t const *xctx,
1028 request_t *request, UNUSED fr_value_box_list_t *in)
1029{
1030 xlat_logical_inst_t const *inst = talloc_get_type_abort_const(xctx->inst, xlat_logical_inst_t);
1031 xlat_logical_rctx_t *rctx = talloc_get_type_abort(xctx->rctx, xlat_logical_rctx_t);
1032
1033 /*
1034 * Push the xlat onto the stack for expansion.
1035 */
1036 if (unlang_xlat_yield(request, inst->callback, NULL, 0, rctx) != XLAT_ACTION_YIELD) {
1037 fail:
1038 talloc_free(rctx->box);
1039 talloc_free(rctx);
1040 return XLAT_ACTION_FAIL;
1041 }
1042
1043 if (unlang_xlat_push(rctx, &rctx->last_success, &rctx->list,
1044 request, inst->argv[rctx->current], UNLANG_SUB_FRAME) < 0) goto fail;
1045
1046 return XLAT_ACTION_PUSH_UNLANG;
1047}
1048
1049/** See if the input is truthy or not.
1050 *
1051 * @param[in] rctx our ctx
1052 * @param[in] in list of value-boxes to check
1053 * @return
1054 * - false if there are no truthy values. The last box is copied to the rctx.
1055 * This is to allow us to return default values which may not be truthy,
1056 * e.g. %{&Counter || 0} or %{&Framed-IP-Address || 0.0.0.0}.
1057 * If we don't copy the last box to the rctx, the expression just returns NULL
1058 * which is never useful...
1059 * - true if we find a truthy value. The first truthy box is copied to the rctx.
1060 *
1061 * Empty lists are not truthy.
1062 */
1063static bool xlat_logical_or(xlat_logical_rctx_t *rctx, fr_value_box_list_t const *in)
1064{
1065 fr_value_box_t *last = NULL;
1066 bool ret = false;
1067
1068 /*
1069 * Empty lists are !truthy.
1070 */
1071 if (!fr_value_box_list_num_elements(in)) return false;
1072
1073 /*
1074 * Loop over the input list. If the box is a group, then do this recursively.
1075 */
1076 fr_value_box_list_foreach(in, box) {
1077 if (fr_box_is_group(box)) {
1078 if (!xlat_logical_or(rctx, &box->vb_group)) return false;
1079 continue;
1080 }
1081
1082 last = box;
1083
1084 /*
1085 * Remember the last box we found.
1086 *
1087 * If it's truthy, then we stop immediately.
1088 */
1089 if (fr_value_box_is_truthy(box)) {
1090 ret = true;
1091 break;
1092 }
1093 }
1094
1095 if (!rctx->box) {
1096 MEM(rctx->box = fr_value_box_alloc_null(rctx->ctx));
1097 } else {
1098 fr_value_box_clear(rctx->box);
1099 }
1100 if (last) fr_value_box_copy(rctx->box, rctx->box, last);
1101
1102 return ret;
1103}
1104
1105/*
1106 * We've evaluated an expression. Let's see if we need to continue with ||
1107 */
1108static xlat_action_t xlat_logical_or_resume(TALLOC_CTX *ctx, fr_dcursor_t *out,
1109 xlat_ctx_t const *xctx,
1110 request_t *request, fr_value_box_list_t *in)
1111{
1112 xlat_logical_inst_t const *inst = talloc_get_type_abort_const(xctx->inst, xlat_logical_inst_t);
1113 xlat_logical_rctx_t *rctx = talloc_get_type_abort(xctx->rctx, xlat_logical_rctx_t);
1114 bool match;
1115
1116 /*
1117 * If one of the expansions fails, then we fail the
1118 * entire thing.
1119 */
1120 if (!rctx->last_success) {
1121 talloc_free(rctx->box);
1122 talloc_free(rctx);
1123 return XLAT_ACTION_FAIL;
1124 }
1125
1126 /*
1127 * Recursively check groups. i.e. we effectively flatten each list.
1128 *
1129 * (a, b, c) || (d, e, f) == a || b || c || d || e || f
1130 */
1131 match = xlat_logical_or(rctx, &rctx->list);
1132 if (match) goto done;
1133
1134 fr_value_box_list_talloc_free(&rctx->list);
1135
1136 rctx->current++;
1137
1138 /*
1139 * Nothing to expand, return the final value we saw.
1140 */
1141 if (rctx->current >= inst->argc) {
1142 done:
1143 /*
1144 * Otherwise we stop on failure, with the boolean
1145 * we just updated.
1146 */
1147 if (rctx->box) fr_dcursor_append(out, rctx->box);
1148
1149 talloc_free(rctx);
1150 return XLAT_ACTION_DONE;
1151 }
1152
1153 return xlat_logical_process_arg(ctx, out, xctx, request, in);
1154}
1155
1156/** See if the input is truthy or not.
1157 *
1158 * @param[in] rctx our ctx
1159 * @param[in] in list of value-boxes to check
1160 * @return
1161 * - false on failure
1162 * - true for match, with dst updated to contain the relevant box.
1163 *
1164 * Empty lists are not truthy.
1165 */
1166static bool xlat_logical_and(xlat_logical_rctx_t *rctx, fr_value_box_list_t const *in)
1167{
1168 fr_value_box_t *found = NULL;
1169
1170 /*
1171 * Empty lists are !truthy.
1172 */
1173 if (!fr_value_box_list_num_elements(in)) return false;
1174
1175 /*
1176 * Loop over the input list. If the box is a group, then do this recursively.
1177 */
1178 fr_value_box_list_foreach(in, box) {
1179 if (fr_box_is_group(box)) {
1180 if (!xlat_logical_and(rctx, &box->vb_group)) return false;
1181 continue;
1182 }
1183
1184 /*
1185 * Remember the last box we found.
1186 *
1187 * If it's truthy, then we keep going either
1188 * until the end, or until we get a "false".
1189 */
1190 if (fr_value_box_is_truthy(box)) {
1191 found = box;
1192 continue;
1193 }
1194
1195 /*
1196 * Stop on the first "false"
1197 */
1198 return false;
1199 }
1200
1201 if (!found) return false;
1202
1203 if (!rctx->box) {
1204 MEM(rctx->box = fr_value_box_alloc_null(rctx));
1205 } else {
1206 fr_value_box_clear(rctx->box);
1207 }
1208 fr_value_box_copy(rctx->box, rctx->box, found);
1209
1210 return true;
1211}
1212
1213/*
1214 * We've evaluated an expression. Let's see if we need to continue with &&
1215 */
1216static xlat_action_t xlat_logical_and_resume(TALLOC_CTX *ctx, fr_dcursor_t *out,
1217 xlat_ctx_t const *xctx,
1218 request_t *request, fr_value_box_list_t *in)
1219{
1220 xlat_logical_inst_t const *inst = talloc_get_type_abort_const(xctx->inst, xlat_logical_inst_t);
1221 xlat_logical_rctx_t *rctx = talloc_get_type_abort(xctx->rctx, xlat_logical_rctx_t);
1222 bool match;
1223
1224 /*
1225 * If one of the expansions fails, then we fail the
1226 * entire thing.
1227 */
1228 if (!rctx->last_success) {
1229 talloc_free(rctx->box);
1230 talloc_free(rctx);
1231 return XLAT_ACTION_FAIL;
1232 }
1233
1234 /*
1235 * Recursively check groups. i.e. we effectively flatten each list.
1236 *
1237 * (a, b, c) && (d, e, f) == a && b && c && d && e && f
1238 */
1239 match = xlat_logical_and(rctx, &rctx->list);
1240 if (!match) return XLAT_ACTION_DONE;
1241
1242 fr_value_box_list_talloc_free(&rctx->list);
1243
1244 rctx->current++;
1245
1246 /*
1247 * Nothing to expand, return the final value we saw.
1248 */
1249 if (rctx->current >= inst->argc) {
1250 /*
1251 * Otherwise we stop on failure, with the boolean
1252 * we just updated.
1253 */
1254 fr_assert(rctx->box != NULL);
1255 fr_dcursor_append(out, rctx->box);
1256
1257 talloc_free(rctx);
1258 return XLAT_ACTION_DONE;
1259 }
1260
1261 return xlat_logical_process_arg(ctx, out, xctx, request, in);
1262}
1263
1264/*
1265 * Each argument is it's own head, because we do NOT always want
1266 * to go to the next argument.
1267 */
1268static int xlat_instantiate_logical(xlat_inst_ctx_t const *xctx)
1269{
1270 xlat_logical_inst_t *inst = talloc_get_type_abort(xctx->inst, xlat_logical_inst_t);
1271
1272 inst->argc = xlat_flatten_to_argv(inst, &inst->argv, xctx->ex->call.args);
1273 if (xctx->ex->call.func->token == T_LOR) {
1274 inst->callback = xlat_logical_or_resume;
1275 inst->stop_on_match = true;
1276 } else {
1277 inst->callback = xlat_logical_and_resume;
1278 inst->stop_on_match = false;
1279 }
1280
1281 return 0;
1282}
1283
1284
1285/** Process logical &&, ||
1286 *
1287 */
1288static xlat_action_t xlat_func_logical(TALLOC_CTX *ctx, fr_dcursor_t *out,
1289 xlat_ctx_t const *xctx,
1290 request_t *request, fr_value_box_list_t *in)
1291{
1292 xlat_logical_rctx_t *rctx;
1293 xlat_logical_inst_t const *inst = talloc_get_type_abort_const(xctx->inst, xlat_logical_inst_t);
1294
1295 MEM(rctx = talloc_zero(unlang_interpret_frame_talloc_ctx(request), xlat_logical_rctx_t));
1296 rctx->ctx = ctx;
1297 rctx->current = 0;
1298
1299 if (inst->stop_on_match) {
1300 rctx->box = NULL;
1301 } else {
1302 MEM(rctx->box = fr_value_box_alloc(ctx, FR_TYPE_BOOL, attr_expr_bool_enum));
1303 rctx->box->vb_bool = true;
1304 }
1305 fr_value_box_list_init(&rctx->list);
1306
1307 (UNCONST(xlat_ctx_t *, xctx))->rctx = rctx; /* ensure it's there before a resume! */
1308
1309 return xlat_logical_process_arg(ctx, out, xctx, request, in);
1310}
1311
1312
1313static xlat_arg_parser_t const unary_op_xlat_args[] = {
1314 { .required = true, .single = true, .concat = true },
1315 XLAT_ARG_PARSER_TERMINATOR
1316};
1317
1318static xlat_action_t xlat_func_unary_op(TALLOC_CTX *ctx, fr_dcursor_t *out,
1319 UNUSED xlat_ctx_t const *xctx,
1320 request_t *request, fr_value_box_list_t *in, fr_token_t op)
1321{
1322 int rcode;
1323 fr_value_box_t *dst, *group, *vb;
1324
1325 /*
1326 * We do some basic type checks here.
1327 */
1328 group = fr_value_box_list_head(in);
1329 vb = fr_value_box_list_head(&group->vb_group);
1330
1331 /*
1332 * -NULL is an error
1333 * ~NULL is an error
1334 * !NULL is handled by xlat_func_unary_not
1335 */
1336 if (!vb) {
1337 fr_strerror_printf("Input is empty");
1338 return XLAT_ACTION_FAIL;
1339 }
1340
1341 if (!fr_type_is_leaf(vb->type) || fr_type_is_variable_size(vb->type)) {
1342 REDEBUG("Cannot perform operation on data type %s", fr_type_to_str(vb->type));
1343 return XLAT_ACTION_FAIL;
1344 }
1345
1346 MEM(dst = fr_value_box_alloc_null(ctx));
1347
1348 /*
1349 * We rely on this function to do the remainder of the type checking.
1350 */
1351 rcode = fr_value_calc_unary_op(dst, dst, op, vb);
1352 if ((rcode < 0) || fr_type_is_null(dst->type)) {
1353 talloc_free(dst);
1354 return XLAT_ACTION_FAIL;
1355 }
1356
1357 fr_dcursor_append(out, dst);
1358 return XLAT_ACTION_DONE;
1359}
1360
1361
1362static xlat_action_t xlat_func_unary_not(TALLOC_CTX *ctx, fr_dcursor_t *out,
1363 UNUSED xlat_ctx_t const *xctx,
1364 UNUSED request_t *request, fr_value_box_list_t *in)
1365{
1366 fr_value_box_t *dst, *group, *vb;
1367
1368 group = fr_value_box_list_head(in);
1369 vb = fr_value_box_list_head(&group->vb_group);
1370
1371 /*
1372 * Don't call calc_unary_op(), because we want the enum names.
1373 */
1374 MEM(dst = fr_value_box_alloc(ctx, FR_TYPE_BOOL, attr_expr_bool_enum));
1375
1376 /*
1377 * !NULL = true
1378 */
1379 if (!vb) {
1380 dst->vb_bool = true;
1381 } else {
1382 dst->vb_bool = !fr_value_box_is_truthy(vb);
1383 }
1384
1385 fr_dcursor_append(out, dst);
1386 return XLAT_ACTION_DONE;
1387}
1388
1389static xlat_action_t xlat_func_unary_minus(TALLOC_CTX *ctx, fr_dcursor_t *out,
1390 xlat_ctx_t const *xctx,
1391 request_t *request, fr_value_box_list_t *in)
1392{
1393 return xlat_func_unary_op(ctx, out, xctx, request, in, T_SUB);
1394}
1395
1396static xlat_action_t xlat_func_unary_complement(TALLOC_CTX *ctx, fr_dcursor_t *out,
1397 xlat_ctx_t const *xctx,
1398 request_t *request, fr_value_box_list_t *in)
1399{
1400 return xlat_func_unary_op(ctx, out, xctx, request, in, T_COMPLEMENT);
1401}
1402
1403static xlat_arg_parser_t const xlat_func_expr_rcode_arg[] = {
1404 { .concat = true, .type = FR_TYPE_STRING },
1405 XLAT_ARG_PARSER_TERMINATOR
1406};
1407
1408/** Holds the result of pre-parsing the rcode on startup
1409 */
1410typedef struct {
1411 rlm_rcode_t rcode; //!< The preparsed rcode.
1412} xlat_rcode_inst_t;
1413
1414/** Convert static expr_rcode arguments into rcodes
1415 *
1416 * This saves doing the lookup at runtime, which given how frequently this xlat is used
1417 * could get quite expensive.
1418 */
1419static int xlat_instantiate_expr_rcode(xlat_inst_ctx_t const *xctx)
1420{
1421 xlat_rcode_inst_t *inst = talloc_get_type_abort(xctx->inst, xlat_rcode_inst_t);
1422 xlat_exp_t *arg;
1423 xlat_exp_t *rcode_arg;
1424 fr_value_box_t *rcode;
1425
1426 /*
1427 * If it's literal data, then we can pre-resolve it to
1428 * a rcode now, and skip that at runtime.
1429 */
1430 arg = xlat_exp_head(xctx->ex->call.args);
1431 fr_assert(arg->type == XLAT_GROUP);
1432
1433 /*
1434 * We can only pre-parse if this if the value is
1435 * in a single box...
1436 */
1437 if (fr_dlist_num_elements(&arg->group->dlist) != 1) return 0;
1438 rcode_arg = xlat_exp_head(arg->group);
1439
1440 /*
1441 * We can only pre-parse is this is a static value.
1442 */
1443 if (rcode_arg->type != XLAT_BOX) return 0;
1444
1445 rcode = &rcode_arg->data;
1446
1447 switch (rcode->type) {
1448 case FR_TYPE_STRING:
1449 inst->rcode = fr_table_value_by_str(rcode_table, rcode->vb_strvalue, RLM_MODULE_NOT_SET);
1450 if (inst->rcode == RLM_MODULE_NOT_SET) {
1451 unknown:
1452 ERROR("Unknown rcode '%pV'", rcode);
1453 return -1;
1454 }
1455 break;
1456
1457 case FR_TYPE_INT8:
1458 case FR_TYPE_INT16:
1459 case FR_TYPE_INT32:
1460 case FR_TYPE_INT64:
1461 case FR_TYPE_UINT16:
1462 case FR_TYPE_UINT32:
1463 case FR_TYPE_UINT64:
1464 case FR_TYPE_SIZE:
1465 if (fr_value_box_cast_in_place(rcode_arg, rcode, FR_TYPE_UINT8, NULL) < 0) {
1466 invalid:
1467 ERROR("Invalid value for rcode '%pV'", rcode);
1468 return -1;
1469 }
1470 FALL_THROUGH;
1471
1472 case FR_TYPE_UINT8:
1473 if (rcode->vb_uint8 >= RLM_MODULE_NUMCODES) goto invalid;
1474 inst->rcode = rcode->vb_uint8;
1475 break;
1476
1477 default:
1478 goto unknown;
1479 }
1480
1481 /*
1482 * No point in creating useless boxes at runtime,
1483 * nuke the argument now.
1484 */
1485 (void) fr_dlist_remove(&xctx->ex->call.args->dlist, arg);
1486 talloc_free(arg);
1487
1488 return 0;
1489}
1490
1491static fr_slen_t xlat_expr_print_rcode(fr_sbuff_t *out, xlat_exp_t const *node, void *instance, UNUSED fr_sbuff_escape_rules_t const *e_rules)
1492{
1493 size_t at_in = fr_sbuff_used_total(out);
1494 xlat_rcode_inst_t *inst = instance;
1495
1496 FR_SBUFF_IN_STRCPY_LITERAL_RETURN(out, "%expr.rcode('");
1497 if (xlat_exp_head(node->call.args)) {
1498 ssize_t slen;
1499
1500 xlat_exp_foreach(node->call.args, child) {
1501 slen = xlat_print_node(out, node->call.args, child, NULL, 0);
1502 if (slen < 0) return slen;
1503 }
1504 } else {
1505 FR_SBUFF_IN_STRCPY_RETURN(out, fr_table_str_by_value(rcode_table, inst->rcode, "<INVALID>"));
1506 }
1507 FR_SBUFF_IN_STRCPY_LITERAL_RETURN(out, "')");
1508
1509 return fr_sbuff_used_total(out) - at_in;
1510}
1511
1512/** Match the passed rcode against request->rcode
1513 *
1514 * Example:
1515@verbatim
1516%expr.rcode('handled') == true
1517
1518# ...or how it's used normally used
1519if (handled) {
1520 ...
1521}
1522@endverbatim
1523 *
1524 * @ingroup xlat_functions
1525 */
1526static xlat_action_t xlat_func_expr_rcode(TALLOC_CTX *ctx, fr_dcursor_t *out,
1527 xlat_ctx_t const *xctx,
1528 request_t *request, fr_value_box_list_t *args)
1529{
1530 xlat_rcode_inst_t const *inst = talloc_get_type_abort_const(xctx->inst, xlat_rcode_inst_t);
1531 fr_value_box_t *arg_rcode;
1532 rlm_rcode_t rcode;
1533 fr_value_box_t *vb;
1534
1535 /*
1536 * If we have zero args, it's because the instantiation
1537 * function consumed them. om nom nom.
1538 */
1539 if (fr_value_box_list_num_elements(args) == 0) {
1540 fr_assert(inst->rcode != RLM_MODULE_NOT_SET);
1541 rcode = inst->rcode;
1542 } else {
1543 XLAT_ARGS(args, &arg_rcode);
1544 rcode = fr_table_value_by_str(rcode_table, arg_rcode->vb_strvalue, RLM_MODULE_NOT_SET);
1545 if (rcode == RLM_MODULE_NOT_SET) {
1546 REDEBUG("Invalid rcode '%pV'", arg_rcode);
1547 return XLAT_ACTION_FAIL;
1548 }
1549 }
1550
1551 RDEBUG3("Request rcode is '%s'",
1552 fr_table_str_by_value(rcode_table, request->rcode, "<INVALID>"));
1553
1554 MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_BOOL, attr_expr_bool_enum));
1555 fr_dcursor_append(out, vb);
1556 vb->vb_bool = (request->rcode == rcode);
1557
1558 return XLAT_ACTION_DONE;
1559}
1560
1561/** Takes no arguments
1562 */
1563static xlat_arg_parser_t const xlat_func_rcode_arg[] = {
1564 XLAT_ARG_PARSER_TERMINATOR, /* Coverity gets tripped up by only having a single entry here */
1565 XLAT_ARG_PARSER_TERMINATOR
1566};
1567
1568/** Return the current rcode as a string
1569 *
1570 * Example:
1571@verbatim
1572"%rcode()" == "handled"
1573@endverbatim
1574 *
1575 * @ingroup xlat_functions
1576 */
1577static xlat_action_t xlat_func_rcode(TALLOC_CTX *ctx, fr_dcursor_t *out,
1578 UNUSED xlat_ctx_t const *xctx,
1579 request_t *request, UNUSED fr_value_box_list_t *args)
1580{
1581 fr_value_box_t *vb;
1582
1583 /*
1584 * FIXME - This should really be an enum
1585 */
1586 MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_STRING, NULL));
1587 if (fr_value_box_strdup(vb, vb, NULL, fr_table_str_by_value(rcode_table, request->rcode, "<INVALID>"), false) < 0) {
1588 talloc_free(vb);
1589 return XLAT_ACTION_FAIL;
1590 }
1591 fr_dcursor_append(out, vb);
1592
1593 return XLAT_ACTION_DONE;
1594}
1595
1596typedef struct {
1597 tmpl_t const *vpt; //!< the attribute reference
1598} xlat_exists_inst_t;
1599
1600typedef struct {
1601 bool last_success;
1602 fr_value_box_list_t list;
1603} xlat_exists_rctx_t;
1604
1609
1610/*
1611 * We just print the node as-is.
1612 */
1613static fr_slen_t xlat_expr_print_exists(fr_sbuff_t *out, xlat_exp_t const *node, void *instance, fr_sbuff_escape_rules_t const *e_rules)
1614{
1615 size_t at_in = fr_sbuff_used_total(out);
1616 xlat_exists_inst_t *inst = instance;
1617
1618 if (inst->vpt) {
1619 FR_SBUFF_IN_STRCPY_RETURN(out, inst->vpt->name);
1620 } else {
1621 xlat_print_node(out, node->call.args, xlat_exp_head(node->call.args), e_rules, 0);
1622 }
1623
1624 return fr_sbuff_used_total(out) - at_in;
1625}
1626
1627/*
1628 * Don't expand the argument if it's already an attribute reference.
1629 */
1630static int xlat_instantiate_exists(xlat_inst_ctx_t const *xctx)
1631{
1632 xlat_exists_inst_t *inst = talloc_get_type_abort(xctx->inst, xlat_exists_inst_t);
1633 xlat_exp_t *arg, *node;
1634
1635 arg = xlat_exp_head(xctx->ex->call.args);
1636
1637 fr_assert(arg->type == XLAT_GROUP);
1638 node = xlat_exp_head(arg->group);
1639
1640 /*
1641 * @todo - add an escape callback to this xlat
1642 * registration, so that it can take untrusted inputs.
1643 */
1644 if ((node->type != XLAT_TMPL) || !tmpl_contains_attr(node->vpt)) {
1645 fr_strerror_const("The %exists() function can only be used internally");
1646 return -1;
1647 }
1648
1649 inst->vpt = talloc_steal(inst, node->vpt);
1650
1651 /*
1652 * Free the input arguments so that they don't get expanded.
1653 */
1654 while ((arg = fr_dlist_pop_head(&xctx->ex->call.args->dlist)) != NULL) {
1655 talloc_free(arg);
1656 }
1657
1658 return 0;
1659}
1660
1661static xlat_action_t xlat_attr_exists(TALLOC_CTX *ctx, fr_dcursor_t *out,
1662 request_t *request, tmpl_t const *vpt, bool do_free)
1663{
1664 fr_pair_t *vp;
1665 fr_value_box_t *dst;
1666 fr_dcursor_t cursor;
1667 tmpl_dcursor_ctx_t cc;
1668
1669 MEM(dst = fr_value_box_alloc(ctx, FR_TYPE_BOOL, attr_expr_bool_enum));
1670
1671 vp = tmpl_dcursor_init(NULL, NULL, &cc, &cursor, request, vpt);
1672 dst->vb_bool = (vp != NULL);
1673
1674 if (do_free) talloc_const_free(vpt);
1675 tmpl_dcursor_clear(&cc);
1676 fr_dcursor_append(out, dst);
1677 return XLAT_ACTION_DONE;
1678}
1679
1680/** See if a named attribute exists
1681 *
1682 * Example:
1683@verbatim
1684"%{exists:&Foo}" == true
1685@endverbatim
1686 *
1687 * @ingroup xlat_functions
1688 */
1689static xlat_action_t xlat_func_exists(TALLOC_CTX *ctx, fr_dcursor_t *out,
1690 xlat_ctx_t const *xctx,
1691 request_t *request, UNUSED fr_value_box_list_t *in)
1692{
1693 xlat_exists_inst_t const *inst = talloc_get_type_abort_const(xctx->inst, xlat_exists_inst_t);
1694
1695 /*
1696 * We return "true" if the attribute exists. Otherwise we return "false".
1697 */
1698 fr_assert(inst->vpt);
1699
1700 return xlat_attr_exists(ctx, out, request, inst->vpt, false);
1701}
1702
1703#undef XLAT_REGISTER_BINARY_OP
1704#define XLAT_REGISTER_BINARY_OP(_op, _name) \
1705do { \
1706 if (unlikely((xlat = xlat_func_register(NULL, "op_" STRINGIFY(_name), xlat_func_op_ ## _name, FR_TYPE_VOID)) == NULL)) return -1; \
1707 xlat_func_args_set(xlat, binary_op_xlat_args); \
1708 xlat_func_flags_set(xlat, XLAT_FUNC_FLAG_PURE | XLAT_FUNC_FLAG_INTERNAL); \
1709 xlat_func_print_set(xlat, xlat_expr_print_binary); \
1710 xlat->token = _op; \
1711} while (0)
1712
1713#undef XLAT_REGISTER_BINARY_CMP
1714#define XLAT_REGISTER_BINARY_CMP(_op, _name) \
1715do { \
1716 if (unlikely((xlat = xlat_func_register(NULL, "cmp_" STRINGIFY(_name), xlat_func_cmp_ ## _name, FR_TYPE_BOOL)) == NULL)) return -1; \
1717 xlat_func_args_set(xlat, binary_cmp_xlat_args); \
1718 xlat_func_flags_set(xlat, XLAT_FUNC_FLAG_PURE | XLAT_FUNC_FLAG_INTERNAL); \
1719 xlat_func_print_set(xlat, xlat_expr_print_binary); \
1720 xlat_func_resolve_set(xlat, xlat_expr_resolve_binary); \
1721 xlat->token = _op; \
1722} while (0)
1723
1724#undef XLAT_REGISTER_NARY_OP
1725#define XLAT_REGISTER_NARY_OP(_op, _name, _func_name) \
1726do { \
1727 if (unlikely((xlat = xlat_func_register(NULL, STRINGIFY(_name), xlat_func_ ## _func_name, FR_TYPE_VOID)) == NULL)) return -1; \
1728 xlat_func_instantiate_set(xlat, xlat_instantiate_ ## _func_name, xlat_ ## _func_name ## _inst_t, NULL, NULL); \
1729 xlat_func_flags_set(xlat, XLAT_FUNC_FLAG_PURE | XLAT_FUNC_FLAG_INTERNAL); \
1730 xlat_func_print_set(xlat, xlat_expr_print_nary); \
1731 xlat_purify_func_set(xlat, xlat_expr_logical_purify); \
1732 xlat->token = _op; \
1733} while (0)
1734
1735#undef XLAT_REGISTER_REGEX_OP
1736#define XLAT_REGISTER_REGEX_OP(_op, _name) \
1737do { \
1738 if (unlikely((xlat = xlat_func_register(NULL, STRINGIFY(_name), xlat_func_ ## _name, FR_TYPE_VOID)) == NULL)) return -1; \
1739 xlat_func_args_set(xlat, regex_op_xlat_args); \
1740 xlat_func_flags_set(xlat, XLAT_FUNC_FLAG_PURE | XLAT_FUNC_FLAG_INTERNAL); \
1741 xlat_func_instantiate_set(xlat, xlat_instantiate_regex, xlat_regex_inst_t, NULL, NULL); \
1742 xlat_func_print_set(xlat, xlat_expr_print_regex); \
1743 xlat->token = _op; \
1744} while (0)
1745
1746#define XLAT_REGISTER_BOOL(_xlat, _func, _arg, _ret_type) \
1747do { \
1748 if (unlikely((xlat = xlat_func_register(NULL, _xlat, _func, _ret_type)) == NULL)) return -1; \
1749 xlat_func_args_set(xlat, _arg); \
1750 xlat_func_flags_set(xlat, XLAT_FUNC_FLAG_INTERNAL); \
1751} while (0)
1752
1753#define XLAT_REGISTER_UNARY(_op, _xlat, _func) \
1754do { \
1755 if (unlikely((xlat = xlat_func_register(NULL, _xlat, _func, FR_TYPE_VOID)) == NULL)) return -1; \
1756 xlat_func_args_set(xlat, unary_op_xlat_args); \
1757 xlat_func_flags_set(xlat, XLAT_FUNC_FLAG_PURE | XLAT_FUNC_FLAG_INTERNAL); \
1758 xlat_func_print_set(xlat, xlat_expr_print_unary); \
1759 xlat->token = _op; \
1760} while (0)
1761
1762int xlat_register_expressions(void)
1763{
1764 xlat_t *xlat;
1765
1766 XLAT_REGISTER_BINARY_OP(T_ADD, add);
1767 XLAT_REGISTER_BINARY_OP(T_SUB, sub);
1768 XLAT_REGISTER_BINARY_OP(T_MUL, mul);
1769 XLAT_REGISTER_BINARY_OP(T_DIV, div);
1770 XLAT_REGISTER_BINARY_OP(T_MOD, mod);
1771 XLAT_REGISTER_BINARY_OP(T_AND, and);
1772 XLAT_REGISTER_BINARY_OP(T_OR, or);
1773 XLAT_REGISTER_BINARY_OP(T_XOR, xor);
1774 XLAT_REGISTER_BINARY_OP(T_RSHIFT, rshift);
1775 XLAT_REGISTER_BINARY_OP(T_LSHIFT, lshift);
1776
1777 XLAT_REGISTER_BINARY_CMP(T_OP_CMP_EQ, eq);
1778 XLAT_REGISTER_BINARY_CMP(T_OP_NE, ne);
1779 XLAT_REGISTER_BINARY_CMP(T_OP_LT, lt);
1780 XLAT_REGISTER_BINARY_CMP(T_OP_LE, le);
1781 XLAT_REGISTER_BINARY_CMP(T_OP_GT, gt);
1782 XLAT_REGISTER_BINARY_CMP(T_OP_GE, ge);
1783 XLAT_REGISTER_BINARY_CMP(T_OP_CMP_EQ_TYPE, eq_type);
1784 XLAT_REGISTER_BINARY_CMP(T_OP_CMP_NE_TYPE, ne_type);
1785
1786 XLAT_REGISTER_REGEX_OP(T_OP_REG_EQ, reg_eq);
1787 XLAT_REGISTER_REGEX_OP(T_OP_REG_NE, reg_ne);
1788
1789 /*
1790 * &&, ||
1791 *
1792 * @todo - remove tmpl_resolve() from tokenize_field(), and add xlat_resolve_logical_or() / xlat_resolve_logical_and()
1793 * functions which do partial resolution.
1794 */
1795 XLAT_REGISTER_NARY_OP(T_LAND, logical_and, logical);
1796 XLAT_REGISTER_NARY_OP(T_LOR, logical_or, logical);
1797
1798 XLAT_REGISTER_BOOL("expr.rcode", xlat_func_expr_rcode, xlat_func_expr_rcode_arg, FR_TYPE_BOOL);
1799 xlat_func_instantiate_set(xlat, xlat_instantiate_expr_rcode, xlat_rcode_inst_t, NULL, NULL);
1800 xlat_func_print_set(xlat, xlat_expr_print_rcode);
1801
1802 XLAT_REGISTER_BOOL("exists", xlat_func_exists, xlat_func_exists_arg, FR_TYPE_BOOL);
1803 xlat_func_instantiate_set(xlat, xlat_instantiate_exists, xlat_exists_inst_t, NULL, NULL);
1804 xlat_func_print_set(xlat, xlat_expr_print_exists);
1805
1806 if (unlikely((xlat = xlat_func_register(NULL, "rcode", xlat_func_rcode, FR_TYPE_STRING)) == NULL)) return -1;
1807 xlat_func_args_set(xlat, xlat_func_rcode_arg);
1808 xlat_func_flags_set(xlat, XLAT_FUNC_FLAG_INTERNAL);
1809
1810 /*
1811 * -EXPR
1812 * ~EXPR
1813 * !EXPR
1814 */
1815 XLAT_REGISTER_UNARY(T_SUB, "unary_minus", xlat_func_unary_minus);
1816 XLAT_REGISTER_UNARY(T_COMPLEMENT, "unary_complement", xlat_func_unary_complement);
1817 XLAT_REGISTER_UNARY(T_NOT, "unary_not", xlat_func_unary_not);
1818
1819 return 0;
1820}
1821
1822/*
1823 * Must use the same names as above.
1824 */
1825static const fr_sbuff_term_elem_t binary_ops[T_TOKEN_LAST] = {
1826 [ T_ADD ] = L("op_add"),
1827 [ T_SUB ] = L("op_sub"),
1828 [ T_MUL ] = L("op_mul"),
1829 [ T_DIV ] = L("op_div"),
1830 [ T_MOD ] = L("op_mod"),
1831 [ T_AND ] = L("op_and"),
1832 [ T_OR ] = L("op_or"),
1833 [ T_XOR ] = L("op_xor"),
1834 [ T_RSHIFT ] = L("op_rshift"),
1835 [ T_LSHIFT ] = L("op_lshift"),
1836
1837 [ T_LAND ] = L("logical_and"),
1838 [ T_LOR ] = L("logical_or"),
1839
1840 [ T_OP_CMP_EQ ] = L("cmp_eq"),
1841 [ T_OP_NE ] = L("cmp_ne"),
1842 [ T_OP_LT ] = L("cmp_lt"),
1843 [ T_OP_LE ] = L("cmp_le"),
1844 [ T_OP_GT ] = L("cmp_gt"),
1845 [ T_OP_GE ] = L("cmp_ge"),
1846
1847 [ T_OP_CMP_EQ_TYPE ] = L("cmp_eq_type"),
1848 [ T_OP_CMP_NE_TYPE ] = L("cmp_ne_type"),
1849
1850 [ T_OP_REG_EQ ] = L("reg_eq"),
1851 [ T_OP_REG_NE ] = L("reg_ne"),
1852};
1853
1854/*
1855 * Which are logical operations
1856 */
1857static const bool logical_ops[T_TOKEN_LAST] = {
1858 [T_LAND] = true,
1859 [T_LOR] = true,
1860};
1861
1862/*
1863 * These operators can take multiple arguments.
1864 *
1865 * @todo - include T_ADD, T_SUB, T_MUL, T_AND, T_OR, T_XOR, here too.
1866 *
1867 * This array should contain a function pointer to the code which either appends the results, or does
1868 * peephole optimizations to merge the arguments together. This merging will reduce run-time effort.
1869 */
1870static const bool multivalue_ops[T_TOKEN_LAST] = {
1871 [T_LAND] = true,
1872 [T_LOR] = true,
1873};
1874
1875/*
1876 * Allow for BEDMAS ordering. Gross ordering is first number,
1877 * fine ordering is second number. Unused operators are assigned as zero.
1878 *
1879 * Larger numbers are higher precedence.
1880 */
1881#define P(_x, _y) (((_x) << 4) | (_y))
1882
1883static const int precedence[T_TOKEN_LAST] = {
1884 [T_INVALID] = 0,
1885
1886 /*
1887 * Assignment operators go here as P(1,n)
1888 *
1889 * += -= *= /= %= <<= >>= &= ^= |=
1890 *
1891 * We want the output of the assignment operators to be the result of the assignment. This means
1892 * that the assignments can really only be done for simple attributes, and not tmpls with filters
1893 * which select multiple attributes.
1894 *
1895 * Which (for now) means that we likely want to disallow assignments in expressions. That's
1896 * fine, as this isn't C, and we're not sure that it makes sense to do something like:
1897 *
1898 * if ((&foo += 5) > 60) ...
1899 *
1900 * Or maybe it does. Who knows?
1901 */
1902
1903 [T_LOR] = P(2,0),
1904 [T_LAND] = P(2,1),
1905
1906 [T_OR] = P(3,0),
1907 [T_XOR] = P(3,1),
1908 [T_AND] = P(3,2),
1909
1910 [T_OP_REG_EQ] = P(4,0),
1911 [T_OP_REG_NE] = P(4,0),
1912
1913 [T_OP_CMP_EQ] = P(4,1),
1914 [T_OP_NE] = P(4,1),
1915
1916 [T_OP_CMP_EQ_TYPE] = P(4,1),
1917 [T_OP_CMP_NE_TYPE] = P(4,1),
1918
1919 [T_OP_LT] = P(5,0),
1920 [T_OP_LE] = P(5,0),
1921 [T_OP_GT] = P(5,0),
1922 [T_OP_GE] = P(5,0),
1923
1924 [T_RSHIFT] = P(6,0),
1925 [T_LSHIFT] = P(6,0),
1926
1927 [T_SUB] = P(7,0),
1928 [T_ADD] = P(7,1),
1929
1930 [T_MOD] = P(8,0),
1931 [T_MUL] = P(8,1),
1932 [T_DIV] = P(8,2),
1933
1934 [T_LBRACE] = P(10,0),
1935};
1936
1937#define fr_sbuff_skip_whitespace(_x) \
1938 do { \
1939 while (isspace((uint8_t) fr_sbuff_char(_x, '\0'))) fr_sbuff_advance(_x, 1); \
1940 } while (0)
1941
1942static ssize_t tokenize_expression(xlat_exp_head_t *head, xlat_exp_t **out, fr_sbuff_t *in,
1943 fr_sbuff_parse_rules_t const *p_rules, tmpl_rules_t const *t_rules,
1944 fr_token_t prev, fr_sbuff_parse_rules_t const *bracket_rules,
1945 fr_sbuff_parse_rules_t const *input_rules, bool cond);
1946
1947static ssize_t tokenize_field(xlat_exp_head_t *head, xlat_exp_t **out, fr_sbuff_t *in,
1948 fr_sbuff_parse_rules_t const *p_rules, tmpl_rules_t const *t_rules,
1949 fr_sbuff_parse_rules_t const *bracket_rules, char *out_c, bool cond);
1950
1951static fr_table_num_sorted_t const expr_quote_table[] = {
1952 { L("\""), T_DOUBLE_QUOTED_STRING }, /* Don't re-order, backslash throws off ordering */
1953 { L("'"), T_SINGLE_QUOTED_STRING },
1954 { L("/"), T_SOLIDUS_QUOTED_STRING },
1955 { L("`"), T_BACK_QUOTED_STRING }
1956};
1957static size_t expr_quote_table_len = NUM_ELEMENTS(expr_quote_table);
1958
1959
1960/*
1961 * Look for prefix operators
1962 *
1963 * + = ignore
1964 * - = unary_minus(next)
1965 * ! = unary_not(next)
1966 * ~ = unary_xor(0, next)
1967 * (expr) = recurse, and parse expr
1968 *
1969 * as a special case, <type> is a cast. Which lets us know how
1970 * to parse the next thing we get. Otherwise, parse the thing as
1971 * int64_t.
1972 */
1973static fr_slen_t tokenize_unary(xlat_exp_head_t *head, xlat_exp_t **out, fr_sbuff_t *in,
1974 fr_sbuff_parse_rules_t const *p_rules, tmpl_rules_t const *t_rules,
1975 fr_sbuff_parse_rules_t const *bracket_rules, char *out_c, bool cond)
1976{
1977 xlat_exp_t *node = NULL, *unary = NULL;
1978 xlat_t *func = NULL;
1979 fr_sbuff_t our_in = FR_SBUFF(in);
1980 char c = '\0';
1981
1982 XLAT_DEBUG("UNARY <-- %pV", fr_box_strvalue_len(fr_sbuff_current(in), fr_sbuff_remaining(in)));
1983
1984 /*
1985 * Handle !-~ by adding a unary function to the xlat
1986 * node, with the first argument being the _next_ thing
1987 * we allocate.
1988 */
1989 if (fr_sbuff_next_if_char(&our_in, '!')) { /* unary not */
1990 func = xlat_func_find("unary_not", 9);
1991 fr_assert(func != NULL);
1992 c = '!';
1993 goto check_for_double;
1994
1995 }
1996 else if (fr_sbuff_next_if_char(&our_in, '-')) { /* unary minus */
1997 fr_sbuff_skip_whitespace(&our_in);
1998
1999 /*
2000 * -4 is a number, not minus(4).
2001 */
2002 if (fr_sbuff_is_digit(&our_in)) goto field;
2003
2004 func = xlat_func_find("unary_minus", 11);
2005 fr_assert(func != NULL);
2006 c = '-';
2007 goto check_for_double;
2008
2009 }
2010 else if (fr_sbuff_next_if_char(&our_in, '~')) { /* unary complement */
2011 func = xlat_func_find("unary_complement", 16);
2012 fr_assert(func != NULL);
2013 c = '~';
2014 goto check_for_double;
2015
2016 }
2017 else if (fr_sbuff_next_if_char(&our_in, '+')) { /* ignore unary + */
2018 c = '+';
2019
2020 check_for_double:
2021 fr_sbuff_skip_whitespace(&our_in);
2022 fr_sbuff_skip_whitespace(&our_in);
2023 if (fr_sbuff_is_char(&our_in, c)) {
2024 fr_strerror_const("Double operator is invalid");
2025 FR_SBUFF_ERROR_RETURN(&our_in);
2026 }
2027 }
2028
2029 /*
2030 * Maybe we have a unary not / etc. If so, make sure
2031 * that we return that, and not the child node
2032 */
2033 if (!func) {
2034 field:
2035 return tokenize_field(head, out, in, p_rules, t_rules, bracket_rules, out_c, cond);
2036 }
2037
2038 /*
2039 * Tokenize_field may reset this if the operation is wrapped inside of another expression.
2040 */
2041 *out_c = c;
2042
2043 MEM(unary = xlat_exp_alloc(head, XLAT_FUNC, fr_tokens[func->token], strlen(fr_tokens[func->token])));
2044 unary->call.func = func;
2045 unary->call.dict = t_rules->attr.dict_def;
2046 unary->flags = func->flags;
2047 unary->flags.impure_func = !func->flags.pure;
2048
2049 if (tokenize_field(unary->call.args, &node, &our_in, p_rules, t_rules, bracket_rules, out_c, (c == '!')) <= 0) {
2050 talloc_free(unary);
2051 FR_SBUFF_ERROR_RETURN(&our_in);
2052 }
2053
2054 if (!node) {
2055 fr_strerror_const("Empty expressions are invalid");
2056 FR_SBUFF_ERROR_RETURN(&our_in);
2057 }
2058
2059 xlat_func_append_arg(unary, node, (c == '!'));
2060 unary->flags.can_purify = (unary->call.func->flags.pure && unary->call.args->flags.pure) | unary->call.args->flags.can_purify;
2061
2062 /*
2063 * Don't add it to head->flags, that will be done when it's actually inserted.
2064 */
2065
2066 *out = unary;
2067
2068 FR_SBUFF_SET_RETURN(in, &our_in);
2069}
2070
2071/** Allocate a specific cast node.
2072 *
2073 * With the first argument being a UINT8 of the data type.
2074 * See xlat_func_cast() for the implementation.
2075 *
2076 */
2077static xlat_exp_t *expr_cast_alloc(TALLOC_CTX *ctx, fr_type_t type, xlat_exp_t *child)
2078{
2079 xlat_exp_t *cast, *node;
2080
2081 /*
2082 * Create a "cast" node. The first argument is a UINT8 value-box of the cast type. The RHS is
2083 * whatever "node" comes next.
2084 */
2085 MEM(cast = xlat_exp_alloc(ctx, XLAT_FUNC, "cast", 4));
2086 MEM(cast->call.func = xlat_func_find("cast", 4));
2087 // no need to set dict here
2088 fr_assert(cast->call.func != NULL);
2089 cast->flags = cast->call.func->flags;
2090
2091 /*
2092 * Create argv[0] UINT8, with "Cast-Base" as
2093 * the "da". This allows the printing routines
2094 * to print the name of the type, and not the
2095 * number.
2096 */
2097 MEM(node = xlat_exp_alloc(cast, XLAT_BOX, NULL, 0));
2098 node->flags.constant = true;
2099 {
2100 char const *type_name = fr_table_str_by_value(fr_type_table, type, "<INVALID>");
2101 xlat_exp_set_name(node, type_name, strlen(type_name));
2102 }
2103
2104 fr_value_box_init(&node->data, FR_TYPE_UINT8, attr_cast_base, false);
2105 node->data.vb_uint8 = type;
2106
2107 xlat_func_append_arg(cast, node, false);
2108 (void) talloc_steal(cast, child);
2109 xlat_func_append_arg(cast, child, false);
2110
2111 return cast;
2112}
2113
2114static fr_slen_t expr_cast_from_substr(fr_type_t *cast, fr_sbuff_t *in)
2115{
2116 fr_sbuff_t our_in = FR_SBUFF(in);
2117 fr_sbuff_marker_t m;
2118 ssize_t slen;
2119
2120 if (!fr_sbuff_next_if_char(&our_in, '(')) {
2121 no_cast:
2122 *cast = FR_TYPE_NULL;
2123 return 0;
2124 }
2125
2126 fr_sbuff_marker(&m, &our_in);
2127 fr_sbuff_out_by_longest_prefix(&slen, cast, fr_type_table, &our_in, FR_TYPE_NULL);
2128
2129 /*
2130 * We didn't read anything, there's no cast.
2131 */
2132 if (fr_sbuff_diff(&our_in, &m) == 0) goto no_cast;
2133
2134 if (!fr_sbuff_next_if_char(&our_in, ')')) goto no_cast;
2135
2136 if (fr_type_is_null(*cast)) {
2137 fr_strerror_printf("Invalid data type in cast");
2138 FR_SBUFF_ERROR_RETURN(&m);
2139 }
2140
2141 if (!fr_type_is_leaf(*cast)) {
2142 fr_strerror_printf("Invalid data type '%s' in cast", fr_type_to_str(*cast));
2143 FR_SBUFF_ERROR_RETURN(&our_in);
2144 }
2145
2146 fr_sbuff_adv_past_whitespace(&our_in, SIZE_MAX, NULL);
2147
2148 FR_SBUFF_SET_RETURN(in, &our_in);
2149}
2150
2151/*
2152 * Tokenize the RHS of a regular expression.
2153 */
2154static fr_slen_t tokenize_regex_rhs(xlat_exp_head_t *head, xlat_exp_t **out, fr_sbuff_t *in,
2155 tmpl_rules_t const *t_rules,
2156 fr_sbuff_parse_rules_t const *bracket_rules)
2157{
2158 ssize_t slen;
2159 xlat_exp_t *node = NULL;
2160 fr_sbuff_t our_in = FR_SBUFF(in);
2161 fr_sbuff_marker_t opand_m, flag;
2162 tmpl_t *vpt;
2163 fr_token_t quote = T_SOLIDUS_QUOTED_STRING;
2164
2165 XLAT_DEBUG("REGEX_RHS <-- %pV", fr_box_strvalue_len(fr_sbuff_current(in), fr_sbuff_remaining(in)));
2166
2167 fr_sbuff_skip_whitespace(&our_in);
2168
2169 /*
2170 * Record where the operand begins for better error offsets later
2171 */
2172 fr_sbuff_marker(&opand_m, &our_in);
2173
2174 /*
2175 * Regexes cannot have casts or sub-expressions.
2176 */
2177 if (!fr_sbuff_next_if_char(&our_in, '/')) {
2178 /*
2179 * Allow for m'...' ala Perl
2180 */
2181 if (!fr_sbuff_is_str(&our_in, "m'", 2)) {
2182 fr_strerror_const("Expected regular expression");
2183 goto error;
2184 }
2185
2186 fr_sbuff_advance(&our_in, 2);
2187 quote = T_SINGLE_QUOTED_STRING;
2188 }
2189
2190 /*
2191 * Allocate the xlat node now so the talloc hierarchy is correct
2192 */
2193 MEM(node = xlat_exp_alloc(head, XLAT_TMPL, NULL, 0));
2194
2195 /*
2196 * tmpl_afrom_substr does pretty much all the work of parsing the operand. Note that we pass '/'
2197 * as the quote, so that the tmpl gets parsed as a regex.
2198 */
2199 (void) tmpl_afrom_substr(node, &vpt, &our_in, T_SOLIDUS_QUOTED_STRING, value_parse_rules_quoted[quote], t_rules);
2200 if (!vpt) {
2201 error:
2202 talloc_free(node);
2203 FR_SBUFF_ERROR_RETURN(&our_in);
2204 }
2205
2206 /*
2207 * @todo - allow for the RHS to be an attribute, too?
2208 */
2209
2210 /*
2211 * It would be nice if tmpl_afrom_substr() did this :(
2212 */
2213 if (!fr_sbuff_next_if_char(&our_in, fr_token_quote[quote])) {
2214 fr_strerror_const("Unterminated regular expression");
2215 goto error;
2216 }
2217
2218 /*
2219 * Remember where the flags start
2220 */
2221 fr_sbuff_marker(&flag, &our_in);
2222 if (tmpl_regex_flags_substr(vpt, &our_in, bracket_rules->terminals) < 0) {
2223 talloc_free(node);
2224 FR_SBUFF_ERROR_RETURN(&our_in);
2225 }
2226
2227 fr_sbuff_skip_whitespace(&our_in);
2228
2229 /*
2230 * Try to compile regular expressions, but only if
2231 * they're not being dynamically expanded.
2232 */
2233 if (!tmpl_contains_xlat(vpt)) {
2234 slen = tmpl_regex_compile(vpt, true);
2235 if (slen <= 0) goto error;
2236 }
2237
2238 node->vpt = vpt;
2239 node->quote = quote;
2240 xlat_exp_set_name_shallow(node, vpt->name);
2241
2242 node->flags.pure = !tmpl_contains_xlat(node->vpt);
2243 node->flags.needs_resolving = tmpl_needs_resolving(node->vpt);
2244
2245 *out = node;
2246
2247 FR_SBUFF_SET_RETURN(in, &our_in);
2248}
2249
2250
2251static ssize_t tokenize_rcode(xlat_exp_head_t *head, xlat_exp_t **out, fr_sbuff_t *in, fr_sbuff_term_t const *terminals)
2252{
2253 rlm_rcode_t rcode;
2254 ssize_t slen;
2255 xlat_t *func;
2256 xlat_exp_t *node, *arg;
2257 fr_sbuff_t our_in = FR_SBUFF(in);
2258
2259 fr_sbuff_out_by_longest_prefix(&slen, &rcode, rcode_table, &our_in, T_BARE_WORD);
2260 if (slen <= 0) return 0;
2261
2262 if (!fr_sbuff_is_terminal(&our_in, terminals)) {
2263 if (!fr_dict_attr_allowed_chars[fr_sbuff_char(&our_in, '\0')]) {
2264 fr_strerror_const("Unexpected text after return code");
2265 return -slen;
2266 }
2267 return 0;
2268 }
2269
2270 /*
2271 * @todo - allow for attributes to have the name "ok-foo" ???
2272 */
2273 func = xlat_func_find("expr.rcode", -1);
2274 fr_assert(func != NULL);
2275
2276 MEM(node = xlat_exp_alloc(head, XLAT_FUNC, fr_sbuff_start(&our_in), slen));
2277 node->call.func = func;
2278 // no need to set dict here
2279 node->flags = func->flags; /* rcode is impure, but can be calculated statically */
2280
2281 MEM(arg = xlat_exp_alloc(node, XLAT_BOX, fr_sbuff_start(&our_in), slen));
2282
2283 /*
2284 * Doesn't need resolving, isn't pure, doesn't need anything else.
2285 */
2286 arg->flags = (xlat_flags_t) { };
2287
2288 /*
2289 * We need a string for unit tests, but this should really be just a number.
2290 */
2291 fr_value_box_init(&arg->data, FR_TYPE_STRING, NULL, false);
2292 (void) fr_value_box_bstrndup(arg, &arg->data, NULL, fr_sbuff_start(&our_in), slen, false);
2293
2294 xlat_func_append_arg(node, arg, false);
2295
2296 *out = node;
2297
2298 FR_SBUFF_SET_RETURN(in, &our_in);
2299}
2300
2301
2302/*
2303 * Tokenize a field without unary operators.
2304 */
2305static fr_slen_t tokenize_field(xlat_exp_head_t *head, xlat_exp_t **out, fr_sbuff_t *in,
2306 fr_sbuff_parse_rules_t const *p_rules, tmpl_rules_t const *t_rules,
2307 fr_sbuff_parse_rules_t const *bracket_rules, char *out_c, bool cond)
2308{
2309 ssize_t slen;
2310 xlat_exp_t *node = NULL;
2311 fr_sbuff_t our_in = FR_SBUFF(in);
2312 fr_sbuff_marker_t opand_m;
2313 tmpl_rules_t our_t_rules;
2314 tmpl_t *vpt = NULL;
2315 fr_token_t quote;
2316 int triple = 1;
2317 fr_type_t cast_type;
2318 fr_dict_attr_t const *enumv;
2319
2320 XLAT_DEBUG("FIELD <-- %pV", fr_box_strvalue_len(fr_sbuff_current(in), fr_sbuff_remaining(in)));
2321
2322 /*
2323 * Allow for explicit casts. Non-leaf types are forbidden.
2324 */
2325 if (expr_cast_from_substr(&cast_type, &our_in) < 0) return -1;
2326
2327 /*
2328 * Do NOT pass the cast down to the next set of parsing routines. Instead, let the next data be
2329 * parsed as whatever, and then add a cast, or cast in place as necessary.
2330 */
2331 our_t_rules = *t_rules;
2332 if (cast_type == FR_TYPE_NULL) {
2333 cast_type = our_t_rules.cast;
2334 enumv = our_t_rules.enumv;
2335 } else {
2336 enumv = NULL;
2337 }
2338
2339 our_t_rules.cast = FR_TYPE_NULL;
2340// our_t_rules.enumv = NULL;
2341
2342 /*
2343 * As a special case, we allow
2344 *
2345 * &reply = "foo = bar"
2346 *
2347 * and then we don't parse the RHS as any enum.
2348 */
2349 if ( our_t_rules.enumv && !fr_type_is_leaf(our_t_rules.enumv->type)) {
2350 our_t_rules.enumv = enumv = NULL;
2351 }
2352
2353 /*
2354 * If we still have '(', then recurse for other expressions
2355 *
2356 * Tokenize the sub-expression, ensuring that we stop at ')'.
2357 *
2358 * Note that if we have a sub-expression, then we don't use the hinting for "type".
2359 * That's because we're parsing a complete expression here (EXPR). So the intermediate
2360 * nodes in the expression can be almost anything. And we only cast it to the final
2361 * value when we get the output of the expression.
2362 */
2363 if (fr_sbuff_next_if_char(&our_in, '(')) {
2364 our_t_rules.cast = FR_TYPE_NULL;
2365 our_t_rules.enumv = NULL;
2366
2367 fr_sbuff_skip_whitespace(&our_in);
2368 if (fr_sbuff_is_char(&our_in, ')')) {
2369 fr_strerror_printf("Empty expressions are invalid");
2370 FR_SBUFF_ERROR_RETURN(&our_in);
2371 }
2372
2373 /*
2374 * No input rules means "ignore external terminal sequences, as we're expecting a ')' as
2375 * our terminal sequence.
2376 */
2377 if (tokenize_expression(head, &node, &our_in, bracket_rules, &our_t_rules, T_INVALID, bracket_rules, NULL, cond) <= 0) {
2378 FR_SBUFF_ERROR_RETURN(&our_in);
2379 }
2380
2381 if (!fr_sbuff_next_if_char(&our_in, ')')) {
2382 fr_strerror_printf("Failed to find trailing ')'");
2383 FR_SBUFF_ERROR_RETURN(&our_in);
2384 }
2385
2386 /*
2387 * We've parsed one "thing", so we stop. The next thing should be an operator, not
2388 * another value.
2389 *
2390 * The nested call to tokenize_expression() can return >=0 if there are spaces followed by a
2391 * terminal character. So "node" may be NULL;
2392 */
2393 if (!node) {
2394 fr_strerror_const("Empty expressions are invalid");
2395 FR_SBUFF_ERROR_RETURN(&our_in);
2396 }
2397
2398 *out_c = '\0';
2399 goto done;
2400 }
2401
2402 /*
2403 * Record where the operand begins for better error offsets later
2404 */
2405 fr_sbuff_skip_whitespace(&our_in);
2406 fr_sbuff_marker(&opand_m, &our_in);
2407
2408 fr_sbuff_out_by_longest_prefix(&slen, &quote, expr_quote_table, &our_in, T_BARE_WORD);
2409
2410 switch (quote) {
2411 default:
2412 case T_BARE_WORD:
2413 p_rules = bracket_rules;
2414
2415 /*
2416 * Peek for rcodes.
2417 */
2418 slen = tokenize_rcode(head, &node, &our_in, p_rules->terminals);
2419 if (slen < 0) {
2420 fr_sbuff_advance(&our_in, -slen);
2421 FR_SBUFF_ERROR_RETURN(&our_in);
2422 }
2423 if (slen > 0) {
2424 *out = node;
2425 FR_SBUFF_SET_RETURN(in, &our_in);
2426 }
2427
2428#ifdef HAVE_REGEX
2429 /*
2430 * Regular expression expansions are %{...}
2431 */
2432 if (fr_sbuff_adv_past_str_literal(&our_in, "%{")) {
2433 int ret;
2434 fr_sbuff_marker_t m_s;
2435
2436 fr_sbuff_marker(&m_s, &our_in);
2437
2438 ret = xlat_tokenize_regex(head, out, &our_in, &m_s);
2439 if (ret < 0) FR_SBUFF_ERROR_RETURN(&our_in);
2440
2441 if (ret == 1) FR_SBUFF_SET_RETURN(in, &our_in);
2442
2443 fr_sbuff_set(&our_in, &opand_m);
2444 }
2445#endif /* HAVE_REGEX */
2446
2447 /*
2448 * @todo - check if the input is %{...}, AND the contents are not exactly tmpl_attr_allowed_chars.
2449 * If so, parse it here as a nested expression. That way we avoid a bounce through:
2450 *
2451 * tmpl_afrom_substr() ->
2452 * xalt_tokenize() ->
2453 * xlat_tokenize_input() ->
2454 * xlat_tokenize_expansion() ->
2455 * xlat_tokenize_expression()
2456 *
2457 * Which is horribly inefficient. It also means that we have xlats containing tmpls
2458 * which then contain xlats.
2459 *
2460 * If the content is exactly tmpl_attr_allowed_chars, then we can parse it either as a
2461 * regex reference, OR as an attribute expansion.
2462 */
2463 break;
2464
2465 case T_SOLIDUS_QUOTED_STRING:
2466 fr_strerror_const("Unexpected regular expression");
2467 fr_sbuff_set(&our_in, &opand_m); /* Error points to the quoting char at the start of the string */
2468 goto error;
2469
2470 case T_DOUBLE_QUOTED_STRING:
2471 case T_SINGLE_QUOTED_STRING:
2472 /*
2473 * We want to force the output to be a string.
2474 */
2475 if (cast_type == FR_TYPE_NULL) cast_type = FR_TYPE_STRING;
2476 FALL_THROUGH;
2477
2478 case T_BACK_QUOTED_STRING:
2479 p_rules = value_parse_rules_quoted[quote];
2480
2481 /*
2482 * Triple-quoted strings have different terminal conditions.
2483 */
2484 if (fr_sbuff_remaining(&our_in) >= 2) {
2485 char const *p = fr_sbuff_current(&our_in);
2486 char c = fr_token_quote[quote];
2487
2488 /*
2489 * """foo "quote" and end"""
2490 */
2491 if ((p[0] == c) && (p[1] == c)) {
2492 triple = 3;
2493 (void) fr_sbuff_advance(&our_in, 2);
2494 p_rules = value_parse_rules_3quoted[quote];
2495 }
2496 }
2497
2498 break;
2499 }
2500
2501 /*
2502 * Allocate the xlat node now so the talloc hierarchy is correct
2503 */
2504 MEM(node = xlat_exp_alloc(head, XLAT_TMPL, NULL, 0));
2505
2506 /*
2507 * tmpl_afrom_substr does pretty much all the work of
2508 * parsing the operand. It pays attention to the cast on
2509 * our_t_rules, and will try to parse any data there as
2510 * of the correct type.
2511 */
2512 slen = tmpl_afrom_substr(node, &vpt, &our_in, quote, p_rules, &our_t_rules);
2513 if ((slen < 0) || ((slen == 0) && (quote == T_BARE_WORD))) {
2514 error:
2515 talloc_free(node);
2516 FR_SBUFF_ERROR_RETURN(&our_in);
2517 }
2518
2519 /*
2520 * Add in unknown attributes, by defining them in the local dictionary.
2521 */
2522 if (tmpl_is_attr(vpt) && (tmpl_attr_unknown_add(vpt) < 0)) {
2523 fr_strerror_printf("Failed defining attribute %s", tmpl_attr_tail_da(vpt)->name);
2524 fr_sbuff_set(&our_in, &opand_m);
2525 goto error;
2526 }
2527
2528 if (quote != T_BARE_WORD) {
2529 /*
2530 * Ensure that the string ends with the correct number of quotes.
2531 */
2532 do {
2533 if (!fr_sbuff_is_char(&our_in, fr_token_quote[quote])) {
2534 fr_strerror_const("Unterminated string");
2535 fr_sbuff_set(&our_in, &opand_m);
2536 goto error;
2537 }
2538
2539 fr_sbuff_advance(&our_in, 1);
2540 } while (--triple > 0);
2541
2542 /*
2543 * Quoted strings just get resolved now.
2544 *
2545 * @todo - this means that things like
2546 *
2547 * &Session-Timeout == '10'
2548 *
2549 * are run-time errors, instead of load-time parse errors.
2550 *
2551 * On the other hand, if people assign static strings to non-string
2552 * attributes... they sort of deserve what they get.
2553 */
2554 if (tmpl_is_data_unresolved(vpt) && (tmpl_resolve(vpt, NULL) < 0)) goto error;
2555 } else {
2556 /*
2557 * Catch the old case of alternation :(
2558 */
2559 char const *p;
2560
2561 fr_assert(talloc_array_length(vpt->name) > 1);
2562
2563 p = vpt->name + talloc_array_length(vpt->name) - 2;
2564 if ((*p == ':') && fr_sbuff_is_char(&our_in, '-')) {
2565 fr_sbuff_set(&our_in, fr_sbuff_current(&our_in) - 2);
2566 fr_strerror_const("Alternation is no longer supported. Use '%{a || b}' instead of '%{a:-b}'");
2567 goto error;
2568 }
2569 }
2570
2571 fr_sbuff_skip_whitespace(&our_in);
2572
2573 /*
2574 * A bare word which is NOT a known attribute. That's an error.
2575 */
2576 if (tmpl_is_data_unresolved(vpt)) {
2577 fr_assert(quote == T_BARE_WORD);
2578 fr_strerror_const("Failed parsing input");
2579 fr_sbuff_set(&our_in, &opand_m);
2580 goto error;
2581 }
2582
2583 /*
2584 * The tmpl has a cast, and it's the same as the explicit cast we were given, we can sometimes
2585 * discard the explicit cast.
2586 */
2587 if (cast_type != FR_TYPE_NULL) {
2588 if (tmpl_rules_cast(vpt) == cast_type) {
2589 fr_assert(0);
2590 cast_type = FR_TYPE_NULL;
2591
2592 } else if (tmpl_is_attr(vpt)) {
2593 fr_dict_attr_t const *da;
2594
2595 fr_assert(!tmpl_is_attr_unresolved(vpt));
2596
2597 da = tmpl_attr_tail_da(vpt); /* could be a list! */
2598
2599 /*
2600 * Set the cast for attributes. Note that tmpl_cast_set() will take care of
2601 * suppressing redundant casts. But it still allows (uint32)&Service-Type,
2602 * which means "return the raw value", and not "return enum name".
2603 */
2604 if (da) {
2605 if (tmpl_cast_set(vpt, cast_type) < 0) {
2606 fr_sbuff_set(&our_in, &opand_m);
2607 goto error;
2608 } else {
2609 cast_type = FR_TYPE_NULL;
2610 }
2611 } else { /* it's something like &reply. */
2612 fr_assert(0);
2613 }
2614
2615 } else if (tmpl_is_data(vpt)) {
2616 fr_assert(!tmpl_is_data_unresolved(vpt));
2617
2618 /*
2619 * Omit our cast type if the data is already of the right type.
2620 *
2621 * Otherwise if we have a cast, then convert the data now, and then reset the
2622 * cast_type to nothing. This work allows for better errors at startup, and
2623 * minimizes run-time work.
2624 */
2625 if (tmpl_value_type(vpt) == cast_type) {
2626 cast_type = FR_TYPE_NULL;
2627
2628 } else if (tmpl_cast_in_place(vpt, cast_type, enumv) < 0) {
2629 fr_sbuff_set(&our_in, &opand_m);
2630 goto error;
2631
2632 } else {
2633 /*
2634 * We've parsed the data as the new data type, so we don't need any more
2635 * casting.
2636 */
2637 cast_type = FR_TYPE_NULL;
2638 }
2639
2640 } else if (tmpl_contains_xlat(vpt)) {
2641 /*
2642 * (string) "foo %{...}" is redundant. Drop the cast.
2643 */
2644 if ((cast_type == FR_TYPE_STRING) && (vpt->quote != T_BARE_WORD)) {
2645 tmpl_cast_set(vpt, FR_TYPE_NULL);
2646 cast_type = FR_TYPE_NULL;
2647
2648 } else {
2649 /*
2650 * Push the cast to the tmpl.
2651 */
2652 tmpl_cast_set(vpt, cast_type);
2653 cast_type = FR_TYPE_NULL;
2654 }
2655
2656 } else if (tmpl_is_attr_unresolved(vpt)) {
2657 fr_assert(t_rules->attr.allow_unresolved);
2658
2659 } else if (tmpl_is_data_unresolved(vpt)) {
2660 fr_assert(0);
2661
2662 fr_assert(quote == T_BARE_WORD);
2663 fr_strerror_const("Failed parsing input");
2664 fr_sbuff_set(&our_in, &opand_m);
2665 goto error;
2666
2667 } else {
2668 /*
2669 * Regex? Or something else weird?
2670 */
2671 tmpl_debug(vpt);
2672 fr_assert(0);
2673 }
2674 }
2675
2676 /*
2677 * Assign the tmpl to the node.
2678 */
2679 node->vpt = vpt;
2680 node->quote = quote;
2681 xlat_exp_set_name_shallow(node, vpt->name);
2682
2683 if (tmpl_is_data(node->vpt)) {
2684 /*
2685 * Print "true" and "false" instead of "yes" and "no".
2686 */
2687 if ((tmpl_value_type(vpt) == FR_TYPE_BOOL) && !tmpl_value_enumv(vpt)) {
2688 tmpl_value_enumv(vpt) = attr_expr_bool_enum;
2689 }
2690
2691 node->flags.constant = true;
2692 node->flags.pure = node->flags.can_purify = true;
2693
2694 /*
2695 * Casts must have been handled above.
2696 */
2697 fr_assert(cast_type == FR_TYPE_NULL);
2698 fr_assert(tmpl_rules_cast(vpt) == FR_TYPE_NULL);
2699
2700 /*
2701 * Convert the XLAT_TMPL to XLAT_BOX
2702 */
2703 fr_value_box_steal(node, &node->data, tmpl_value(vpt));
2704 xlat_exp_set_name_buffer(node, vpt->name);
2705 talloc_free(vpt);
2706 xlat_exp_set_type(node, XLAT_BOX);
2707 goto done;
2708
2709 } else if (tmpl_contains_xlat(node->vpt)) {
2710 node->flags = tmpl_xlat(vpt)->flags;
2711
2712 } else if (tmpl_is_attr(node->vpt)) {
2713 node->flags.pure = node->flags.can_purify = false;
2714
2715 } else {
2716 node->flags.pure = false;
2717 }
2718
2719 node->flags.constant = node->flags.pure;
2720 node->flags.needs_resolving = tmpl_needs_resolving(node->vpt);
2721
2722 fr_assert(!tmpl_contains_regex(vpt));
2723
2724done:
2725 /*
2726 * If there is a cast, then reparent the node with a cast wrapper.
2727 */
2728 if (cast_type != FR_TYPE_NULL) {
2729 xlat_exp_t *cast;
2730
2731 MEM(cast = expr_cast_alloc(head, cast_type, node));
2732 node = cast;
2733 }
2734
2735 *out = node;
2736
2737 FR_SBUFF_SET_RETURN(in, &our_in);
2738}
2739
2740/*
2741 * A mapping of operators to tokens.
2742 */
2743static fr_table_num_ordered_t const expr_assignment_op_table[] = {
2744 { L("!="), T_OP_NE },
2745 { L("!=="), T_OP_CMP_NE_TYPE },
2746
2747 { L("&"), T_AND },
2748 { L("&&"), T_LAND },
2749 { L("*"), T_MUL },
2750 { L("+"), T_ADD },
2751 { L("-"), T_SUB },
2752 { L("/"), T_DIV },
2753 { L("%"), T_MOD },
2754 { L("^"), T_XOR },
2755
2756 { L("|"), T_OR },
2757 { L("||"), T_LOR },
2758
2759 { L("<"), T_OP_LT },
2760 { L("<<"), T_LSHIFT },
2761 { L("<="), T_OP_LE },
2762
2763 { L("="), T_OP_EQ },
2764 { L("=="), T_OP_CMP_EQ },
2765 { L("==="), T_OP_CMP_EQ_TYPE },
2766
2767 { L("=~"), T_OP_REG_EQ },
2768 { L("!~"), T_OP_REG_NE },
2769
2770 { L(">"), T_OP_GT },
2771 { L(">="), T_OP_GE },
2772 { L(">>"), T_RSHIFT },
2773
2774};
2775static size_t const expr_assignment_op_table_len = NUM_ELEMENTS(expr_assignment_op_table);
2776
2777static bool valid_type(xlat_exp_t *node)
2778{
2779 fr_dict_attr_t const *da;
2780
2781#ifdef STATIC_ANALYZER
2782 if (!node) return false;
2783#endif
2784
2785 if (node->type != XLAT_TMPL) return true;
2786
2787 if (tmpl_is_list(node->vpt)) {
2788 list:
2789 fr_strerror_const("Cannot use list references in condition");
2790 return false;
2791 }
2792
2793 if (!tmpl_is_attr(node->vpt)) return true;
2794
2795 da = tmpl_attr_tail_da(node->vpt);
2796 if (fr_type_is_structural(da->type)) {
2797 if (da->dict == fr_dict_internal()) goto list;
2798
2799 fr_strerror_const("Cannot use structural types in condition");
2800 return false;
2801 }
2802
2803 return true;
2804}
2805
2806
2807/** Tokenize a mathematical operation.
2808 *
2809 * (EXPR)
2810 * !EXPR
2811 * A OP B
2812 *
2813 * If "out" is NULL then the expression is added to "head".
2814 * Otherwise, it's returned to the caller.
2815 */
2816static fr_slen_t tokenize_expression(xlat_exp_head_t *head, xlat_exp_t **out, fr_sbuff_t *in,
2817 fr_sbuff_parse_rules_t const *p_rules, tmpl_rules_t const *t_rules,
2818 fr_token_t prev, fr_sbuff_parse_rules_t const *bracket_rules,
2819 fr_sbuff_parse_rules_t const *input_rules, bool cond)
2820{
2821 xlat_exp_t *lhs = NULL, *rhs, *node;
2822 xlat_t *func = NULL;
2823 fr_token_t op;
2824 ssize_t slen;
2825 fr_sbuff_marker_t m_lhs, m_op, m_rhs;
2826 fr_sbuff_t our_in = FR_SBUFF(in);
2827 char c = '\0';
2828
2829 XLAT_DEBUG("EXPRESSION <-- %pV", fr_box_strvalue_len(fr_sbuff_current(in), fr_sbuff_remaining(in)));
2830
2831 fr_sbuff_skip_whitespace(&our_in);
2832
2833 fr_sbuff_marker(&m_lhs, &our_in);
2834
2835 /*
2836 * Get the LHS of the operation.
2837 */
2838 slen = tokenize_unary(head, &lhs, &our_in, p_rules, t_rules, bracket_rules, &c, cond);
2839 if (slen <= 0) FR_SBUFF_ERROR_RETURN(&our_in);
2840
2841 if (slen == 0) {
2842 fr_assert(lhs == NULL);
2843 *out = NULL;
2844 FR_SBUFF_SET_RETURN(in, &our_in);
2845 }
2846
2847redo:
2848 rhs = NULL;
2849
2850 fr_sbuff_skip_whitespace(&our_in);
2851
2852 /*
2853 * No more input, we're done.
2854 */
2855 if (fr_sbuff_extend(&our_in) == 0) {
2856 done:
2857 /*
2858 * LHS may be NULL if the expression has spaces followed by a terminal character.
2859 */
2860 *out = lhs;
2861 FR_SBUFF_SET_RETURN(in, &our_in);
2862 }
2863
2864 /*
2865 * ')' is a terminal, even if we didn't expect it.
2866 * Because if we didn't expect it, then it's an error.
2867 *
2868 * If we did expect it, then we return whatever we found,
2869 * and let the caller eat the ')'.
2870 */
2871 if (fr_sbuff_is_char(&our_in, ')')) {
2872 if (!bracket_rules) {
2873 fr_strerror_printf("Unexpected ')'");
2874 FR_SBUFF_ERROR_RETURN(&our_in);
2875 }
2876
2877 goto done;
2878 }
2879 fr_sbuff_skip_whitespace(&our_in);
2880
2881 /*
2882 * We hit a terminal sequence, stop.
2883 */
2884 if (input_rules && fr_sbuff_is_terminal(&our_in, input_rules->terminals)) goto done;
2885
2886 /*
2887 * Remember where we were after parsing the LHS.
2888 */
2889 fr_sbuff_marker(&m_op, &our_in);
2890
2891 /*
2892 * Get the operator.
2893 */
2894 XLAT_DEBUG(" operator <-- %pV", fr_box_strvalue_len(fr_sbuff_current(&our_in), fr_sbuff_remaining(&our_in)));
2895 fr_sbuff_out_by_longest_prefix(&slen, &op, expr_assignment_op_table, &our_in, T_INVALID);
2896 if ((op == T_INVALID) || !binary_ops[op].str) {
2897 fr_strerror_const("Invalid operator");
2898 fr_sbuff_set(&our_in, &m_op);
2899 talloc_free(lhs);
2900 FR_SBUFF_ERROR_RETURN(&our_in);
2901 }
2902
2903 /*
2904 * We can't (yet) do &list1 = &list2 + &list3
2905 */
2906 if (fr_binary_op[op] && t_rules->enumv && fr_type_is_structural(t_rules->enumv->type)) {
2907 fr_strerror_const("Invalid operator for structural attribute");
2908 fr_sbuff_set(&our_in, &m_op);
2909 talloc_free(lhs);
2910 FR_SBUFF_ERROR_RETURN(&our_in);
2911 }
2912
2913 fr_assert(precedence[op] != 0);
2914
2915 /*
2916 * a * b + c ... = (a * b) + c ...
2917 *
2918 * Feed the current expression to the caller, who will
2919 * take care of continuing.
2920 */
2921 if (precedence[op] <= precedence[prev]) {
2922 fr_sbuff_set(&our_in, &m_op);
2923 goto done;
2924 }
2925
2926 /*
2927 * &Foo and !&Foo are permitted as the LHS of || and &&
2928 */
2929 if (((c == '!') || (c == '~')) && (op != T_LAND) && (op != T_LOR)) {
2930 fr_strerror_printf("Operator '%c' is only applied to the left hand side of the '%s' operation, add (..) to evaluate the operation first", c, fr_tokens[op]);
2931 fail_lhs:
2932 fr_sbuff_set(&our_in, &m_lhs);
2933 FR_SBUFF_ERROR_RETURN(&our_in);
2934 }
2935
2936 fr_sbuff_skip_whitespace(&our_in);
2937 fr_sbuff_marker(&m_rhs, &our_in);
2938
2939 /*
2940 * We now parse the RHS, allowing a (perhaps different) cast on the RHS.
2941 */
2942 XLAT_DEBUG(" recurse RHS <-- %pV", fr_box_strvalue_len(fr_sbuff_current(&our_in), fr_sbuff_remaining(&our_in)));
2943 if ((op == T_OP_REG_EQ) || (op == T_OP_REG_NE)) {
2944 fr_type_t type;
2945
2946 /*
2947 * @todo - LHS shouldn't be anything else.
2948 */
2949 switch (lhs->type) {
2950 case XLAT_TMPL:
2951 type = tmpl_cast_get(lhs->vpt);
2952 if ((type != FR_TYPE_NULL) && (type != FR_TYPE_STRING)) {
2953 fr_strerror_const("Casts cannot be used with regular expressions");
2954 fr_sbuff_set(&our_in, &m_lhs);
2955 FR_SBUFF_ERROR_RETURN(&our_in);
2956 }
2957
2958 /*
2959 * Cast the LHS to a string, if it's not already one!
2960 */
2961 if (lhs->vpt->quote == T_BARE_WORD) tmpl_cast_set(lhs->vpt, FR_TYPE_STRING);
2962 break;
2963
2964 case XLAT_BOX:
2965 /*
2966 * 192.168.0.1 =~ /foo/
2967 *
2968 * Gets the LHS automatically converted to a string.
2969 */
2970 if (lhs->data.type != FR_TYPE_STRING) {
2971 if (fr_value_box_cast_in_place(lhs, &lhs->data, FR_TYPE_STRING, NULL) < 0) {
2972 fr_sbuff_set(&our_in, &m_lhs);
2973 FR_SBUFF_ERROR_RETURN(&our_in);
2974 }
2975 }
2976 break;
2977
2978 default:
2979 /*
2980 * @todo - if we hoist the LHS to a function instead of an xlat->tmpl->xlat, then
2981 * we can't cast the LHS to a string. OR, we have to manually add a lHS cast to
2982 * a string. Maybe we need to delay the LHS hoisting until such time as we know
2983 * it's safe.
2984 *
2985 * Also, hoisting a double-quoted xlat string to a _list_ of xlats is hard,
2986 * because we expect the LHS here to be one node. So perhaps the hoisting has to
2987 * be from an XLAT_TMPL to an XLAT_GROUP, which is still perhaps a bit of an
2988 * improvement.
2989 */
2990 fr_assert(0);
2991 break;
2992
2993 }
2994
2995 slen = tokenize_regex_rhs(head, &rhs, &our_in, t_rules, bracket_rules);
2996 } else {
2997 tmpl_rules_t our_t_rules = *t_rules;
2998
2999 /*
3000 * Pass the enumv down ONLY if the RHS name begins with "::".
3001 *
3002 * Otherwise, the terminal rules for expressions includes "-" and "+", both of which are
3003 * allowed in enum names. If we pass the enumv down to the next function, it will see
3004 * "Access-Accept", and then only parse "Access". Which is wrong.
3005 */
3006 if ((lhs->type == XLAT_TMPL) && tmpl_is_attr(lhs->vpt) &&
3007 fr_sbuff_is_str_literal(&our_in, "::")) {
3008 our_t_rules.enumv = tmpl_attr_tail_da(lhs->vpt);
3009 }
3010
3011 slen = tokenize_expression(head, &rhs, &our_in, p_rules, &our_t_rules, op, bracket_rules, input_rules, cond);
3012 }
3013 if (slen <= 0) {
3014 talloc_free(lhs);
3015 FR_SBUFF_ERROR_RETURN(&our_in);
3016 }
3017
3018 /*
3019 * The nested call to tokenize_expression() can return >=0 if there are spaces followed by a
3020 * terminal character.
3021 */
3022 if (!rhs) goto done;
3023
3024 func = xlat_func_find(binary_ops[op].str, binary_ops[op].len);
3025 fr_assert(func != NULL);
3026
3027 if (multivalue_ops[op]) {
3028 if ((lhs->type == XLAT_FUNC) && (lhs->call.func->token == op)) {
3029 xlat_func_append_arg(lhs, rhs, cond);
3030
3031 lhs->call.args->flags.can_purify |= rhs->flags.can_purify | rhs->flags.pure;
3032 lhs->flags.can_purify = lhs->call.args->flags.can_purify;
3033 goto redo;
3034 }
3035 goto purify;
3036 }
3037
3038 /*
3039 * Complain on comparisons between invalid data types.
3040 *
3041 * @todo - allow
3042 *
3043 * &structural == {}
3044 * &structural != {}
3045 *
3046 * as special cases, so we can check lists for emptiness.
3047 */
3048 if (fr_comparison_op[op]) {
3049 if (!valid_type(lhs)) goto fail_lhs;
3050 if (!valid_type(rhs)) {
3051 fr_sbuff_set(&our_in, &m_rhs);
3052 FR_SBUFF_ERROR_RETURN(&our_in);
3053 }
3054
3055 /*
3056 * Peephole optimization. If both LHS
3057 * and RHS are static values, then just call the
3058 * relevant condition code to get the result.
3059 */
3060 if (cond) {
3061 int rcode;
3062
3063 purify:
3064 rcode = xlat_purify_op(head, &node, lhs, op, rhs);
3065 if (rcode < 0) goto fail_lhs;
3066
3067 if (rcode) {
3068 lhs = node;
3069 goto redo;
3070 }
3071 }
3072 }
3073
3074 /*
3075 * Create the function node, with the LHS / RHS arguments.
3076 */
3077 MEM(node = xlat_exp_alloc(head, XLAT_FUNC, fr_tokens[op], strlen(fr_tokens[op])));
3078 node->call.func = func;
3079 node->call.dict = t_rules->attr.dict_def;
3080 node->flags = func->flags;
3081 node->flags.impure_func = !func->flags.pure;
3082
3083 xlat_func_append_arg(node, lhs, logical_ops[op] && cond);
3084 xlat_func_append_arg(node, rhs, logical_ops[op] && cond);
3085
3086 fr_assert(xlat_exp_head(node->call.args) != NULL);
3087
3088 /*
3089 * Logical operations can be purified if ANY of their arguments can be purified.
3090 */
3091 if (logical_ops[op]) {
3092 xlat_exp_foreach(node->call.args, arg) {
3093 node->call.args->flags.can_purify |= arg->flags.can_purify | arg->flags.pure;
3094 if (node->call.args->flags.can_purify) break;
3095 }
3096 node->flags.can_purify = node->call.args->flags.can_purify;
3097
3098 } else {
3099 node->flags.can_purify = (node->call.func->flags.pure && node->call.args->flags.pure) | node->call.args->flags.can_purify;
3100 }
3101
3102 lhs = node;
3103 goto redo;
3104}
3105
3106static const fr_sbuff_term_t bracket_terms = FR_SBUFF_TERMS(
3107 L(""),
3108 L(")"),
3109);
3110
3111static const fr_sbuff_term_t operator_terms = FR_SBUFF_TERMS(
3112 L("\t"),
3113 L("\n"),
3114 L("\r"),
3115 L(" "),
3116 L("!"),
3117 L("%"),
3118 L("&"),
3119 L("*"),
3120 L("+"),
3121 L("-"),
3122 L("/"),
3123 L("<"),
3124 L("="),
3125 L(">"),
3126 L("^"),
3127 L("|"),
3128 L("~"),
3129);
3130
3131static fr_slen_t xlat_tokenize_expression_internal(TALLOC_CTX *ctx, xlat_exp_head_t **out, fr_sbuff_t *in,
3132 fr_sbuff_parse_rules_t const *p_rules, tmpl_rules_t const *t_rules, bool cond)
3133{
3134 ssize_t slen;
3135 fr_sbuff_parse_rules_t *bracket_rules = NULL;
3136 fr_sbuff_parse_rules_t *terminal_rules = NULL;
3137 tmpl_rules_t my_rules = { };
3138 xlat_exp_head_t *head;
3139 xlat_exp_t *node = NULL;
3140
3141 /*
3142 * Whatever the caller passes, ensure that we have a
3143 * terminal rule which ends on operators, and a terminal
3144 * rule which ends on ')'.
3145 */
3146 MEM(bracket_rules = talloc_zero(ctx, fr_sbuff_parse_rules_t));
3147 MEM(terminal_rules = talloc_zero(ctx, fr_sbuff_parse_rules_t));
3148 if (p_rules) {
3149 *bracket_rules = *p_rules;
3150 *terminal_rules = *p_rules;
3151
3152 if (p_rules->terminals) {
3153 MEM(terminal_rules->terminals = fr_sbuff_terminals_amerge(terminal_rules,
3154 p_rules->terminals,
3155 &operator_terms));
3156 } else {
3157 terminal_rules->terminals = &operator_terms;
3158 }
3159 } else {
3160 terminal_rules->terminals = &operator_terms;
3161 }
3162 MEM(bracket_rules->terminals = fr_sbuff_terminals_amerge(bracket_rules,
3163 terminal_rules->terminals,
3164 &bracket_terms));
3165
3166 MEM(head = xlat_exp_head_alloc(ctx));
3167 if (!t_rules) t_rules = &my_rules;
3168
3169 slen = tokenize_expression(head, &node, in, terminal_rules, t_rules, T_INVALID, bracket_rules, p_rules, cond);
3170 talloc_free(bracket_rules);
3171 talloc_free(terminal_rules);
3172
3173 if (slen <= 0) {
3174 talloc_free(head);
3175 FR_SBUFF_ERROR_RETURN(in);
3176 }
3177
3178 if (!node) {
3179 *out = head;
3180 return slen;
3181 }
3182
3183 /*
3184 * If the tmpl is not resolved, then it refers to an attribute which doesn't exist. That's an
3185 * error.
3186 */
3187 if (node->type == XLAT_TMPL) {
3188 if (tmpl_is_data_unresolved(node->vpt)) {
3189 fr_strerror_const("Unknown attribute");
3190 return -1;
3191 }
3192
3193 /*
3194 * Convert raw existence checks to existence functions.
3195 */
3196 if (tmpl_contains_attr(node->vpt)) {
3197 if (cond) MEM(node = xlat_exists_alloc(head, node));
3198 }
3199 }
3200
3201 XLAT_VERIFY(node);
3202 xlat_exp_insert_tail(head, node);
3203
3204 *out = head;
3205 return slen;
3206}
3207
3208fr_slen_t xlat_tokenize_expression(TALLOC_CTX *ctx, xlat_exp_head_t **out, fr_sbuff_t *in,
3209 fr_sbuff_parse_rules_t const *p_rules, tmpl_rules_t const *t_rules)
3210{
3211 fr_slen_t slen;
3212
3213 slen = xlat_tokenize_expression_internal(ctx, out, in, p_rules, t_rules, false);
3214 if (slen < 0) return slen;
3215
3216#ifdef STATIC_ANALYZER
3217 /*
3218 * Coverity doesn't realise that out will be set by this point
3219 * by a successful call to xlat_tokenize_expression_internal.
3220 */
3221 if (!out) return -1;
3222#endif
3223 if (!*out) {
3224 fr_strerror_const("Empty expressions are invalid");
3225 return -1;
3226 }
3227
3228 if (xlat_finalize(*out, t_rules->xlat.runtime_el) < 0) {
3229 TALLOC_FREE(*out);
3230 return -1;
3231 }
3232
3233 return slen;
3234}
3235
3236fr_slen_t xlat_tokenize_condition(TALLOC_CTX *ctx, xlat_exp_head_t **out, fr_sbuff_t *in,
3237 fr_sbuff_parse_rules_t const *p_rules, tmpl_rules_t const *t_rules)
3238{
3239 fr_slen_t slen;
3240
3241 slen = xlat_tokenize_expression_internal(ctx, out, in, p_rules, t_rules, true);
3242 if (slen < 0) return slen;
3243
3244#ifdef STATIC_ANALYZER
3245 if (!out) return -1;
3246#endif
3247 if (!*out) {
3248 fr_strerror_const("Empty conditions are invalid");
3249 return -1;
3250 }
3251
3252 if (xlat_finalize(*out, t_rules->xlat.runtime_el) < 0) {
3253 TALLOC_FREE(*out);
3254 return -1;
3255 }
3256
3257 return slen;
3258}
3259
3260/** Allow callers to see if an xlat is truthy
3261 *
3262 * So the caller can cache it, and needs to check fewer things at run
3263 * time.
3264 *
3265 * @param[in] head of the xlat to check
3266 * @param[out] out truthiness of the box
3267 * @return
3268 * - false - xlat is not truthy, *out is unchanged.
3269 * - true - xlat is truthy, *out is the result of fr_value_box_is_truthy()
3270 */
3271bool xlat_is_truthy(xlat_exp_head_t const *head, bool *out)
3272{
3273 xlat_exp_t const *node;
3274 fr_value_box_t const *box;
3275
3276 /*
3277 * Only pure / constant things can be truthy.
3278 */
3279 if (!head->flags.pure) goto return_false;
3280
3281 node = xlat_exp_head(head);
3282 if (!node) {
3283 *out = false;
3284 return true;
3285 }
3286
3287 if (xlat_exp_next(head, node)) goto return_false;
3288
3289 if (node->type == XLAT_BOX) {
3290 box = &node->data;
3291
3292 } else if ((node->type == XLAT_TMPL) && tmpl_is_data(node->vpt)) {
3293 box = tmpl_value(node->vpt);
3294
3295 } else {
3296 return_false:
3297 *out = false;
3298 return false;
3299 }
3300
3301 *out = fr_value_box_is_truthy(box);
3302 return true;
3303}
args
va_list args
Definition acutest.h:770
UNCONST
#define UNCONST(_type, _ptr)
Remove const qualification from a pointer.
Definition build.h:167
RCSID
#define RCSID(id)
Definition build.h:485
L
#define L(_str)
Helper for initialising arrays of string literals.
Definition build.h:209
FALL_THROUGH
#define FALL_THROUGH
clang 10 doesn't recognised the FALL-THROUGH comment anymore
Definition build.h:324
unlikely
#define unlikely(_x)
Definition build.h:383
UNUSED
#define UNUSED
Definition build.h:317
NUM_ELEMENTS
#define NUM_ELEMENTS(_t)
Definition build.h:339
fr_value_calc_list_cmp
int fr_value_calc_list_cmp(TALLOC_CTX *ctx, fr_value_box_t *dst, fr_value_box_list_t const *list1, fr_token_t op, fr_value_box_list_t const *list2)
Definition calc.c:2647
fr_value_calc_binary_op
int fr_value_calc_binary_op(TALLOC_CTX *ctx, fr_value_box_t *dst, fr_type_t hint, fr_value_box_t const *a, fr_token_t op, fr_value_box_t const *b)
Calculate DST = A OP B.
Definition calc.c:1924
fr_value_calc_unary_op
int fr_value_calc_unary_op(TALLOC_CTX *ctx, fr_value_box_t *dst, fr_token_t op, fr_value_box_t const *src)
Calculate unary operations.
Definition calc.c:2481
fr_dcursor_append
static int fr_dcursor_append(fr_dcursor_t *cursor, void *v)
Insert a single item at the end of the list.
Definition dcursor.h:406
fr_dcursor_s
Definition dcursor.h:93
MEM
#define MEM(x)
Definition debug.h:36
ERROR
#define ERROR(fmt,...)
Definition dhcpclient.c:41
fr_dict_attr_allowed_chars
bool const fr_dict_attr_allowed_chars[UINT8_MAX+1]
Characters that are allowed in dictionary attribute names.
Definition dict_util.c:51
fr_dict_internal
fr_dict_t const * fr_dict_internal(void)
Definition dict_util.c:4617
in
static fr_slen_t in
Definition dict.h:831
fr_dlist_remove
static void * fr_dlist_remove(fr_dlist_head_t *list_head, void *ptr)
Remove an item from the list.
Definition dlist.h:638
fr_dlist_num_elements
static unsigned int fr_dlist_num_elements(fr_dlist_head_t const *head)
Return the number of elements in the dlist.
Definition dlist.h:939
fr_dlist_pop_head
static void * fr_dlist_pop_head(fr_dlist_head_t *list_head)
Remove the head item in a list.
Definition dlist.h:672
fr_dlist_insert_tail
static int fr_dlist_insert_tail(fr_dlist_head_t *list_head, void *ptr)
Insert an item into the tail of a list.
Definition dlist.h:378
xlat_func_rcode
static xlat_action_t xlat_func_rcode(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, UNUSED fr_value_box_list_t *args)
Return the current rcode as a string.
Definition xlat_expr.c:1577
xlat_func_exists
static xlat_action_t xlat_func_exists(TALLOC_CTX *ctx, fr_dcursor_t *out, xlat_ctx_t const *xctx, request_t *request, UNUSED fr_value_box_list_t *in)
See if a named attribute exists.
Definition xlat_expr.c:1689
xlat_func_expr_rcode
static xlat_action_t xlat_func_expr_rcode(TALLOC_CTX *ctx, fr_dcursor_t *out, xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *args)
Match the passed rcode against request->rcode.
Definition xlat_expr.c:1526
unlang_interpret_frame_talloc_ctx
TALLOC_CTX * unlang_interpret_frame_talloc_ctx(request_t *request)
Get a talloc_ctx which is valid only for this frame.
Definition interpret.c:1418
UNLANG_SUB_FRAME
#define UNLANG_SUB_FRAME
Definition interpret.h:36
RDEBUG3
#define RDEBUG3(fmt,...)
Definition log.h:343
RPEDEBUG
#define RPEDEBUG(fmt,...)
Definition log.h:376
talloc_free
talloc_free(reap)
fr_type_t
fr_type_t
Definition merged_model.c:80
FR_TYPE_INT8
@ FR_TYPE_INT8
8 Bit signed integer.
Definition merged_model.c:103
FR_TYPE_STRING
@ FR_TYPE_STRING
String of printable characters.
Definition merged_model.c:83
FR_TYPE_NULL
@ FR_TYPE_NULL
Invalid (uninitialised) attribute type.
Definition merged_model.c:81
FR_TYPE_UINT16
@ FR_TYPE_UINT16
16 Bit unsigned integer.
Definition merged_model.c:98
FR_TYPE_INT64
@ FR_TYPE_INT64
64 Bit signed integer.
Definition merged_model.c:106
FR_TYPE_INT16
@ FR_TYPE_INT16
16 Bit signed integer.
Definition merged_model.c:104
FR_TYPE_UINT8
@ FR_TYPE_UINT8
8 Bit unsigned integer.
Definition merged_model.c:97
FR_TYPE_UINT32
@ FR_TYPE_UINT32
32 Bit unsigned integer.
Definition merged_model.c:99
FR_TYPE_INT32
@ FR_TYPE_INT32
32 Bit signed integer.
Definition merged_model.c:105
FR_TYPE_UINT64
@ FR_TYPE_UINT64
64 Bit unsigned integer.
Definition merged_model.c:100
FR_TYPE_VOID
@ FR_TYPE_VOID
User data.
Definition merged_model.c:127
FR_TYPE_BOOL
@ FR_TYPE_BOOL
A truth value.
Definition merged_model.c:95
FR_TYPE_SIZE
@ FR_TYPE_SIZE
Unsigned integer capable of representing any memory address on the local system.
Definition merged_model.c:115
FR_TYPE_OCTETS
@ FR_TYPE_OCTETS
Raw octets.
Definition merged_model.c:84
FR_TYPE_GROUP
@ FR_TYPE_GROUP
A grouping of other attributes.
Definition merged_model.c:124
uint32_t
unsigned int uint32_t
Definition merged_model.c:33
ssize_t
long int ssize_t
Definition merged_model.c:24
fr_slen_t
ssize_t fr_slen_t
Definition merged_model.c:35
fr_dict_attr_t
Definition merged_model.c:133
fr_sbuff_escape_rules_t
Definition merged_model.c:228
fr_sbuff_t
Definition merged_model.c:37
fr_value_box_t
Definition merged_model.c:136
request_t
Definition merged_model.c:210
tmpl_t
Definition merged_model.c:225
check
#define check(_handle, _len_p)
Definition bio.c:44
fr_assert
#define fr_assert(_expr)
Definition rad_assert.h:38
done
static bool done
Definition radclient.c:80
REDEBUG
#define REDEBUG(fmt,...)
Definition radclient.h:52
rcode_table
fr_table_num_sorted_t const rcode_table[]
Definition rcode.c:35
rlm_rcode_t
rlm_rcode_t
Return codes indicating the result of the module call.
Definition rcode.h:40
RLM_MODULE_NOT_SET
@ RLM_MODULE_NOT_SET
Error resolving rcode (should not be returned by modules).
Definition rcode.h:51
RLM_MODULE_NUMCODES
@ RLM_MODULE_NUMCODES
How many valid return codes there are.
Definition rcode.h:50
name
static char const * name
Definition rlm_redis_ippool_tool.c:156
fr_sbuff_is_terminal
bool fr_sbuff_is_terminal(fr_sbuff_t *in, fr_sbuff_term_t const *tt)
Efficient terminal string search.
Definition sbuff.c:2152
fr_sbuff_terminals_amerge
fr_sbuff_term_t * fr_sbuff_terminals_amerge(TALLOC_CTX *ctx, fr_sbuff_term_t const *a, fr_sbuff_term_t const *b)
Merge two sets of terminal strings.
Definition sbuff.c:645
fr_sbuff_next_if_char
bool fr_sbuff_next_if_char(fr_sbuff_t *sbuff, char c)
Return true if the current char matches, and if it does, advance.
Definition sbuff.c:2088
fr_sbuff_start
#define fr_sbuff_start(_sbuff_or_marker)
fr_sbuff_out_by_longest_prefix
#define fr_sbuff_out_by_longest_prefix(_match_len, _out, _table, _sbuff, _def)
fr_sbuff_adv_past_str_literal
#define fr_sbuff_adv_past_str_literal(_sbuff, _needle)
fr_sbuff_is_str_literal
#define fr_sbuff_is_str_literal(_sbuff, _str)
FR_SBUFF_IN_CHAR_RETURN
#define FR_SBUFF_IN_CHAR_RETURN(_sbuff,...)
fr_sbuff_set
#define fr_sbuff_set(_dst, _src)
fr_sbuff_diff
#define fr_sbuff_diff(_a, _b)
fr_sbuff_adv_past_whitespace
#define fr_sbuff_adv_past_whitespace(_sbuff, _len, _tt)
fr_sbuff_current
#define fr_sbuff_current(_sbuff_or_marker)
fr_sbuff_char
#define fr_sbuff_char(_sbuff_or_marker, _eob)
FR_SBUFF_TERMS
#define FR_SBUFF_TERMS(...)
Initialise a terminal structure with a list of sorted strings.
Definition sbuff.h:192
FR_SBUFF_IN_STRCPY_LITERAL_RETURN
#define FR_SBUFF_IN_STRCPY_LITERAL_RETURN(_sbuff, _str)
fr_sbuff_extend
#define fr_sbuff_extend(_sbuff_or_marker)
fr_sbuff_used_total
#define fr_sbuff_used_total(_sbuff_or_marker)
FR_SBUFF_RETURN
#define FR_SBUFF_RETURN(_func, _sbuff,...)
fr_sbuff_is_char
#define fr_sbuff_is_char(_sbuff_or_marker, _c)
FR_SBUFF_ERROR_RETURN
#define FR_SBUFF_ERROR_RETURN(_sbuff_or_marker)
FR_SBUFF_SET_RETURN
#define FR_SBUFF_SET_RETURN(_dst, _src)
fr_sbuff_is_digit
#define fr_sbuff_is_digit(_sbuff_or_marker)
FR_SBUFF
#define FR_SBUFF(_sbuff_or_marker)
fr_sbuff_advance
#define fr_sbuff_advance(_sbuff_or_marker, _len)
fr_sbuff_remaining
#define fr_sbuff_remaining(_sbuff_or_marker)
fr_sbuff_used
#define fr_sbuff_used(_sbuff_or_marker)
FR_SBUFF_IN_STRCPY_RETURN
#define FR_SBUFF_IN_STRCPY_RETURN(...)
FR_SBUFF_TALLOC_THREAD_LOCAL
#define FR_SBUFF_TALLOC_THREAD_LOCAL(_out, _init, _max)
fr_sbuff_ptr_s
Definition sbuff.h:84
fr_sbuff_term_elem_t
Terminal element with pre-calculated lengths.
Definition sbuff.h:161
fr_sbuff_term_t
Set of terminal elements.
Definition merged_model.c:161
tmpl_contains_xlat
#define tmpl_contains_xlat(vpt)
Definition tmpl.h:232
tmpl_is_attr_unresolved
#define tmpl_is_attr_unresolved(vpt)
Definition tmpl.h:224
tmpl_resolve
int tmpl_resolve(tmpl_t *vpt, tmpl_res_rules_t const *tr_rules))
Attempt to resolve functions and attributes in xlats and attribute references.
Definition tmpl_tokenize.c:4199
tmpl_value
#define tmpl_value(_tmpl)
Definition tmpl.h:942
tmpl_attr_unknown_add
int tmpl_attr_unknown_add(tmpl_t *vpt)
Add an unknown fr_dict_attr_t specified by a tmpl_t to the main dictionary.
Definition tmpl_tokenize.c:4433
tmpl_contains_regex
#define tmpl_contains_regex(vpt)
Definition tmpl.h:231
tmpl_is_attr
#define tmpl_is_attr(vpt)
Definition tmpl.h:213
tmpl_rules_s::enumv
fr_dict_attr_t const * enumv
Enumeration attribute used to resolve enum values.
Definition tmpl.h:343
tmpl_value_enumv
#define tmpl_value_enumv(_tmpl)
Definition tmpl.h:945
tmpl_xlat
#define tmpl_xlat(_tmpl)
Definition tmpl.h:935
tmpl_rules_cast
#define tmpl_rules_cast(_tmpl)
Definition tmpl.h:947
tmpl_contains_attr
#define tmpl_contains_attr(vpt)
Definition tmpl.h:230
tmpl_afrom_substr
ssize_t tmpl_afrom_substr(TALLOC_CTX *ctx, tmpl_t **out, fr_sbuff_t *in, fr_token_t quote, fr_sbuff_parse_rules_t const *p_rules, tmpl_rules_t const *t_rules))
Convert an arbitrary string into a tmpl_t.
Definition tmpl_tokenize.c:3175
tmpl_rules_s::xlat
tmpl_xlat_rules_t xlat
Rules/data for parsing xlats.
Definition tmpl.h:341
tmpl_is_list
static bool tmpl_is_list(tmpl_t const *vpt)
Definition tmpl.h:925
tmpl_cast_in_place
int tmpl_cast_in_place(tmpl_t *vpt, fr_type_t type, fr_dict_attr_t const *enumv))
Convert tmpl_t of type TMPL_TYPE_DATA_UNRESOLVED or TMPL_TYPE_DATA to TMPL_TYPE_DATA of type specifie...
Definition tmpl_tokenize.c:3890
tmpl_is_data
#define tmpl_is_data(vpt)
Definition tmpl.h:211
tmpl_debug
void tmpl_debug(tmpl_t const *vpt)
Definition tmpl_tokenize.c:316
vpt
static fr_slen_t vpt
Definition tmpl.h:1274
tmpl_value_type
#define tmpl_value_type(_tmpl)
Definition tmpl.h:944
tmpl_cast_get
static fr_type_t tmpl_cast_get(tmpl_t *vpt)
Definition tmpl.h:1223
tmpl_is_data_unresolved
#define tmpl_is_data_unresolved(vpt)
Definition tmpl.h:222
tmpl_rules_s::cast
fr_type_t cast
Whether there was an explicit cast.
Definition tmpl.h:345
tmpl_rules_s::attr
tmpl_attr_rules_t attr
Rules/data for parsing attribute references.
Definition tmpl.h:340
tmpl_attr_tail_da
static fr_dict_attr_t const * tmpl_attr_tail_da(tmpl_t const *vpt)
Return the last attribute reference da.
Definition tmpl.h:806
tmpl_res_rules_t
struct tmpl_res_rules_s tmpl_res_rules_t
Definition tmpl.h:242
tmpl_is_regex
#define tmpl_is_regex(vpt)
Definition tmpl.h:218
tmpl_res_rules_s::enumv
fr_dict_attr_t const * enumv
for resolving T_BARE_WORD
Definition tmpl.h:378
tmpl_xlat_rules_s::runtime_el
fr_event_list_t * runtime_el
The eventlist to use for runtime instantiation of xlats.
Definition tmpl.h:329
tmpl_needs_resolving
#define tmpl_needs_resolving(vpt)
Definition tmpl.h:228
tmpl_cast_set
int tmpl_cast_set(tmpl_t *vpt, fr_type_t type)
Set a cast for a tmpl.
Definition tmpl_tokenize.c:3703
tmpl_res_rules_s
Similar to tmpl_rules_t, but used to specify parameters that may change during subsequent resolution ...
Definition tmpl.h:369
tmpl_rules_s
Optional arguments passed to vp_tmpl functions.
Definition tmpl.h:337
xor
static void xor(char *out, char *in1, char *in2, int n)
Definition smbdes.c:183
lshift
static void lshift(char *d, int count, int n)
Definition smbdes.c:165
inst
eap_aka_sim_process_conf_t * inst
Definition state_machine.c:3620
type
fr_aka_sim_id_type_t type
Definition state_machine.c:3623
vp
fr_pair_t * vp
Definition state_machine.c:2262
tmpl_attr_rules_s::allow_unresolved
uint8_t allow_unresolved
Allow attributes that look valid but were not found in the dictionaries.
Definition tmpl.h:309
tmpl_attr_rules_s::dict_def
fr_dict_t const * dict_def
Default dictionary to use with unqualified attribute references.
Definition tmpl.h:278
value_pair_s
Stores an attribute, a value and various bits of other data.
Definition pair.h:68
fr_table_value_by_str
#define fr_table_value_by_str(_table, _name, _def)
Convert a string to a value using a sorted or ordered table.
Definition table.h:653
fr_table_str_by_value
#define fr_table_str_by_value(_table, _number, _def)
Convert an integer to a string.
Definition table.h:772
fr_table_num_ordered_t
An element in an arbitrarily ordered array of name to num mappings.
Definition table.h:57
fr_table_num_sorted_t
An element in a lexicographically sorted array of name to num mappings.
Definition table.h:49
talloc_get_type_abort_const
#define talloc_get_type_abort_const
Definition talloc.h:282
talloc_const_free
static int talloc_const_free(void const *ptr)
Free const'd memory.
Definition talloc.h:224
tmpl_dcursor_clear
void tmpl_dcursor_clear(tmpl_dcursor_ctx_t *cc)
Clear any temporary state allocations.
Definition tmpl_dcursor.c:495
tmpl_dcursor_init
#define tmpl_dcursor_init(_err, _ctx, _cc, _cursor, _request, _vpt)
Definition tmpl_dcursor.h:100
tmpl_dcursor_ctx_s
Maintains state between cursor calls.
Definition tmpl_dcursor.h:62
fr_token_quote
const char fr_token_quote[T_TOKEN_LAST]
Convert tokens back to a quoting character.
Definition token.c:156
fr_tokens
char const * fr_tokens[T_TOKEN_LAST]
Definition token.c:78
fr_comparison_op
const bool fr_comparison_op[T_TOKEN_LAST]
Definition token.c:198
fr_binary_op
const bool fr_binary_op[T_TOKEN_LAST]
Definition token.c:216
fr_token_t
enum fr_token fr_token_t
T_AND
@ T_AND
Definition token.h:55
T_INVALID
@ T_INVALID
Definition token.h:39
T_SUB
@ T_SUB
Definition token.h:52
T_RSHIFT
@ T_RSHIFT
Definition token.h:62
T_NOT
@ T_NOT
Definition token.h:57
T_XOR
@ T_XOR
Definition token.h:58
T_DIV
@ T_DIV
Definition token.h:54
T_SINGLE_QUOTED_STRING
@ T_SINGLE_QUOTED_STRING
Definition token.h:122
T_MOD
@ T_MOD
Definition token.h:60
T_BARE_WORD
@ T_BARE_WORD
Definition token.h:120
T_OP_EQ
@ T_OP_EQ
Definition token.h:83
T_LAND
@ T_LAND
Definition token.h:91
T_COMPLEMENT
@ T_COMPLEMENT
Definition token.h:59
T_ADD
@ T_ADD
Definition token.h:51
T_BACK_QUOTED_STRING
@ T_BACK_QUOTED_STRING
Definition token.h:123
T_OP_NE
@ T_OP_NE
Definition token.h:97
T_LOR
@ T_LOR
Definition token.h:92
T_LSHIFT
@ T_LSHIFT
Definition token.h:63
T_OP_REG_EQ
@ T_OP_REG_EQ
Definition token.h:102
T_OP_CMP_EQ_TYPE
@ T_OP_CMP_EQ_TYPE
Definition token.h:107
T_DOUBLE_QUOTED_STRING
@ T_DOUBLE_QUOTED_STRING
Definition token.h:121
T_OP_CMP_EQ
@ T_OP_CMP_EQ
Definition token.h:106
T_LBRACE
@ T_LBRACE
Definition token.h:43
T_MUL
@ T_MUL
Definition token.h:53
T_OP_LE
@ T_OP_LE
Definition token.h:100
T_OP_CMP_NE_TYPE
@ T_OP_CMP_NE_TYPE
Definition token.h:108
T_OP_GE
@ T_OP_GE
Definition token.h:98
T_OP_GT
@ T_OP_GT
Definition token.h:99
T_SOLIDUS_QUOTED_STRING
@ T_SOLIDUS_QUOTED_STRING
Definition token.h:124
T_OP_LT
@ T_OP_LT
Definition token.h:101
T_OP_REG_NE
@ T_OP_REG_NE
Definition token.h:103
T_OR
@ T_OR
Definition token.h:56
T_TOKEN_LAST
#define T_TOKEN_LAST
Definition token.h:129
unlang_xlat_yield
xlat_action_t unlang_xlat_yield(request_t *request, xlat_func_t resume, xlat_func_signal_t signal, fr_signal_t sigmask, void *rctx)
Yield a request back to the interpreter from within a module.
Definition xlat.c:574
unlang_xlat_push
int unlang_xlat_push(TALLOC_CTX *ctx, bool *p_success, fr_value_box_list_t *out, request_t *request, xlat_exp_head_t const *xlat, bool top_frame)
Push a pre-compiled xlat onto the stack for evaluation.
Definition xlat.c:287
xlat_res_rules_t::tr_rules
tmpl_res_rules_t const * tr_rules
tmpl resolution rules.
Definition xlat.h:163
xlat_arg_parser_t::type
fr_type_t type
Type to cast argument to.
Definition xlat.h:155
xlat_print
fr_slen_t xlat_print(fr_sbuff_t *in, xlat_exp_head_t const *node, fr_sbuff_escape_rules_t const *e_rules)
Reconstitute an xlat expression from its constituent nodes.
Definition xlat_tokenize.c:1226
xlat_arg_parser_t::required
bool required
Argument must be present, and non-empty.
Definition xlat.h:148
head
static fr_slen_t head
Definition xlat.h:418
xlat_arg_parser_t::concat
bool concat
Concat boxes together.
Definition xlat.h:149
xlat_aprint
static fr_slen_t xlat_aprint(TALLOC_CTX *ctx, char **out, xlat_exp_head_t const *head, fr_sbuff_escape_rules_t const *e_rules) 1(xlat_print
xlat_flags_t::can_purify
bool can_purify
if the xlat has a pure function with pure arguments.
Definition xlat.h:116
xlat_purify_op
int xlat_purify_op(TALLOC_CTX *ctx, xlat_exp_t **out, xlat_exp_t *lhs, fr_token_t op, xlat_exp_t *rhs)
Definition xlat_purify.c:499
xlat_func_t
xlat_action_t(* xlat_func_t)(TALLOC_CTX *ctx, fr_dcursor_t *out, xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *in)
xlat callback function
Definition xlat.h:230
XLAT_ARGS
#define XLAT_ARGS(_list,...)
Populate local variables with value boxes from the input list.
Definition xlat.h:381
xlat_flatten_to_argv
int xlat_flatten_to_argv(TALLOC_CTX *ctx, xlat_exp_head_t ***argv, xlat_exp_head_t *head)
Turn am xlat list into an argv[] array, and nuke the input list.
Definition xlat_eval.c:1559
XLAT_VERIFY
#define XLAT_VERIFY(_node)
Definition xlat.h:464
xlat_flags_t::pure
bool pure
has no external side effects, true for BOX, LITERAL, and some functions
Definition xlat.h:114
xlat_flags_t::needs_resolving
bool needs_resolving
Needs pass2 resolution.
Definition xlat.h:113
xlat_resolve
int xlat_resolve(xlat_exp_head_t *head, xlat_res_rules_t const *xr_rules)
Walk over an xlat tree recursively, resolving any unresolved functions or references.
Definition xlat_tokenize.c:1725
XLAT_ARG_PARSER_TERMINATOR
#define XLAT_ARG_PARSER_TERMINATOR
Definition xlat.h:168
xlat_finalize
int xlat_finalize(xlat_exp_head_t *head, fr_event_list_t *runtime_el)
Bootstrap static xlats, or instantiate ephemeral ones.
Definition xlat_inst.c:695
xlat_action_t
xlat_action_t
Definition xlat.h:37
XLAT_ACTION_FAIL
@ XLAT_ACTION_FAIL
An xlat function failed.
Definition xlat.h:44
XLAT_ACTION_YIELD
@ XLAT_ACTION_YIELD
An xlat function pushed a resume frame onto the stack.
Definition xlat.h:42
XLAT_ACTION_PUSH_UNLANG
@ XLAT_ACTION_PUSH_UNLANG
An xlat function pushed an unlang frame onto the unlang stack.
Definition xlat.h:39
XLAT_ACTION_DONE
@ XLAT_ACTION_DONE
We're done evaluating this level of nesting.
Definition xlat.h:43
xlat_flags_t::constant
bool constant
xlat is just tmpl_attr_tail_data, or XLAT_BOX
Definition xlat.h:118
xlat_flags_t::impure_func
bool impure_func
xlat contains an impure function
Definition xlat.h:115
xlat_instance_unregister_func
int xlat_instance_unregister_func(xlat_exp_t *node)
Remove a node from the list of xlat instance data.
Definition xlat_inst.c:550
xlat_arg_parser_t
Definition for a single argument consumend by an xlat function.
Definition xlat.h:147
xlat_flags_t
Flags that control resolution and evaluation.
Definition xlat.h:112
xlat_res_rules_t
Definition xlat.h:162
parent
static fr_slen_t parent
Definition pair.h:845
fr_strerror_printf
#define fr_strerror_printf(_fmt,...)
Log to thread local error buffer.
Definition strerror.h:64
fr_strerror_const
#define fr_strerror_const(_msg)
Definition strerror.h:223
fr_type_table
fr_table_num_ordered_t const fr_type_table[]
Map data types to names representing those types.
Definition types.c:31
fr_type_is_variable_size
#define fr_type_is_variable_size(_x)
Definition types.h:367
fr_type_is_structural
#define fr_type_is_structural(_x)
Definition types.h:371
fr_type_is_null
#define fr_type_is_null(_x)
Definition types.h:326
fr_type_is_leaf
#define fr_type_is_leaf(_x)
Definition types.h:372
fr_type_to_str
static char const * fr_type_to_str(fr_type_t type)
Return a static string containing the type name.
Definition types.h:433
fr_value_box_list_concat_as_string
ssize_t fr_value_box_list_concat_as_string(fr_value_box_t *safety, fr_sbuff_t *sbuff, fr_value_box_list_t *list, char const *sep, size_t sep_len, fr_sbuff_escape_rules_t const *e_rules, fr_value_box_list_action_t proc_action, fr_value_box_safe_for_t safe_for, bool flatten)
Concatenate a list of value boxes together.
Definition value.c:5514
value_parse_rules_quoted
fr_sbuff_parse_rules_t const * value_parse_rules_quoted[T_TOKEN_LAST]
Parse rules for quoted strings.
Definition value.c:606
fr_value_box_copy
int fr_value_box_copy(TALLOC_CTX *ctx, fr_value_box_t *dst, const fr_value_box_t *src)
Copy value data verbatim duplicating any buffers.
Definition value.c:3759
fr_value_box_is_truthy
bool fr_value_box_is_truthy(fr_value_box_t const *in)
Check truthiness of values.
Definition value.c:6370
fr_value_box_cast_in_place
int fr_value_box_cast_in_place(TALLOC_CTX *ctx, fr_value_box_t *vb, fr_type_t dst_type, fr_dict_attr_t const *dst_enumv)
Convert one type of fr_value_box_t to another in place.
Definition value.c:3591
fr_value_box_memdup_shallow
void fr_value_box_memdup_shallow(fr_value_box_t *dst, fr_dict_attr_t const *enumv, uint8_t const *src, size_t len, bool tainted)
Assign a buffer to a box, but don't copy it.
Definition value.c:4499
value_parse_rules_3quoted
fr_sbuff_parse_rules_t const * value_parse_rules_3quoted[T_TOKEN_LAST]
Definition value.c:622
fr_value_box_strdup
int fr_value_box_strdup(TALLOC_CTX *ctx, fr_value_box_t *dst, fr_dict_attr_t const *enumv, char const *src, bool tainted)
Copy a nul terminated string to a fr_value_box_t.
Definition value.c:3957
fr_value_box_strdup_shallow
void fr_value_box_strdup_shallow(fr_value_box_t *dst, fr_dict_attr_t const *enumv, char const *src, bool tainted)
Assign a buffer containing a nul terminated string to a box, but don't copy it.
Definition value.c:4066
fr_value_box_safety_copy
void fr_value_box_safety_copy(fr_value_box_t *out, fr_value_box_t const *in)
Copy the safety values from one box to another.
Definition value.c:6310
fr_value_box_steal
int fr_value_box_steal(TALLOC_CTX *ctx, fr_value_box_t *dst, fr_value_box_t *src)
Copy value data verbatim moving any buffers to the specified context.
Definition value.c:3888
fr_value_box_clear
void fr_value_box_clear(fr_value_box_t *data)
Clear/free any existing value and metadata.
Definition value.c:3742
fr_value_box_bstrndup
int fr_value_box_bstrndup(TALLOC_CTX *ctx, fr_value_box_t *dst, fr_dict_attr_t const *enumv, char const *src, size_t len, bool tainted)
Copy a string to to a fr_value_box_t.
Definition value.c:4178
FR_VALUE_BOX_LIST_FREE_BOX
@ FR_VALUE_BOX_LIST_FREE_BOX
Free each processed box.
Definition value.h:229
fr_value_box_alloc
#define fr_value_box_alloc(_ctx, _type, _enumv)
Allocate a value box of a specific type.
Definition value.h:632
fr_value_box_mark_safe_for
#define fr_value_box_mark_safe_for(_box, _safe_for)
Definition value.h:1063
fr_box_strvalue_len
#define fr_box_strvalue_len(_val, _len)
Definition value.h:297
fr_box_is_group
#define fr_box_is_group(_x)
Definition value.h:441
VALUE_BOX_LIST_VERIFY
#define VALUE_BOX_LIST_VERIFY(_x)
Definition value.h:1305
fr_value_box_alloc_null
#define fr_value_box_alloc_null(_ctx)
Allocate a value box for later use with a value assignment function.
Definition value.h:643
fr_value_box_init
#define fr_value_box_init(_vb, _type, _enumv, _tainted)
Initialise a fr_value_box_t.
Definition value.h:598
fr_value_box_list_foreach
#define fr_value_box_list_foreach(_list_head, _iter)
Definition value.h:217
out
static size_t char ** out
Definition value.h:1012
FR_VALUE_BOX_SAFE_FOR_ANY
#define FR_VALUE_BOX_SAFE_FOR_ANY
Definition value.h:166
xlat_exp_set_name
void xlat_exp_set_name(xlat_exp_t *node, char const *fmt, size_t len)
Set the format string for an xlat node.
Definition xlat_alloc.c:191
xlat_exp_set_name_buffer
void xlat_exp_set_name_buffer(xlat_exp_t *node, char const *fmt)
Set the format string for an xlat node, copying from a talloc'd buffer.
Definition xlat_alloc.c:204
xlat_exp_set_name_shallow
void xlat_exp_set_name_shallow(xlat_exp_t *node, char const *fmt)
Set the format string for an xlat node from a pre-existing buffer.
Definition xlat_alloc.c:221
xlat_ctx_s::rctx
void * rctx
Resume context.
Definition xlat_ctx.h:54
xlat_inst_ctx_s::ex
xlat_exp_t * ex
Tokenized expression to use in expansion.
Definition xlat_ctx.h:63
xlat_ctx_s::inst
void const * inst
xlat instance data.
Definition xlat_ctx.h:50
xlat_inst_ctx_s::inst
void * inst
xlat instance data to populate.
Definition xlat_ctx.h:62
xlat_ctx_s
An xlat calling ctx.
Definition xlat_ctx.h:49
xlat_inst_ctx_s
An xlat instantiation ctx.
Definition xlat_ctx.h:61
attr_expr_bool_enum
fr_dict_attr_t const * attr_expr_bool_enum
Definition xlat_eval.c:46
attr_cast_base
fr_dict_attr_t const * attr_cast_base
Definition xlat_eval.c:47
xlat_exists_inst_t::vpt
tmpl_t const * vpt
the attribute reference
Definition xlat_expr.c:1597
xlat_exists_rctx_t::list
fr_value_box_list_t list
Definition xlat_expr.c:1602
fr_sbuff_skip_whitespace
#define fr_sbuff_skip_whitespace(_x)
Definition xlat_expr.c:1937
expr_assignment_op_table_len
static size_t const expr_assignment_op_table_len
Definition xlat_expr.c:2775
xlat_expr_print_binary
static fr_slen_t xlat_expr_print_binary(fr_sbuff_t *out, xlat_exp_t const *node, UNUSED void *inst, fr_sbuff_escape_rules_t const *e_rules)
Definition xlat_expr.c:143
XLAT_REGISTER_BOOL
#define XLAT_REGISTER_BOOL(_xlat, _func, _arg, _ret_type)
Definition xlat_expr.c:1746
xlat_logical_inst_t::argc
int argc
Definition xlat_expr.c:763
xlat_expr_print_rcode
static fr_slen_t xlat_expr_print_rcode(fr_sbuff_t *out, xlat_exp_t const *node, void *instance, UNUSED fr_sbuff_escape_rules_t const *e_rules)
Definition xlat_expr.c:1491
xlat_regex_match
static xlat_action_t xlat_regex_match(TALLOC_CTX *ctx, request_t *request, fr_value_box_list_t *in, regex_t **preg, fr_dcursor_t *out, fr_token_t op)
Perform a regular expressions comparison between two operands.
Definition xlat_expr.c:587
xlat_func_append_arg
static void xlat_func_append_arg(xlat_exp_t *head, xlat_exp_t *node, bool exists)
Definition xlat_expr.c:71
xlat_is_truthy
bool xlat_is_truthy(xlat_exp_head_t const *head, bool *out)
Allow callers to see if an xlat is truthy.
Definition xlat_expr.c:3271
xlat_func_logical
static xlat_action_t xlat_func_logical(TALLOC_CTX *ctx, fr_dcursor_t *out, xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *in)
Process logical &&, ||.
Definition xlat_expr.c:1288
xlat_regex_inst_t::xlat
xlat_exp_t * xlat
to expand
Definition xlat_expr.c:443
xlat_regex_rctx_t::last_success
bool last_success
Definition xlat_expr.c:448
XLAT_BINARY_FUNC
#define XLAT_BINARY_FUNC(_name, _op)
Definition xlat_expr.c:360
bracket_terms
static const fr_sbuff_term_t bracket_terms
Definition xlat_expr.c:3106
tokenize_unary
static fr_slen_t tokenize_unary(xlat_exp_head_t *head, xlat_exp_t **out, fr_sbuff_t *in, fr_sbuff_parse_rules_t const *p_rules, tmpl_rules_t const *t_rules, fr_sbuff_parse_rules_t const *bracket_rules, char *out_c, bool cond)
Definition xlat_expr.c:1973
expr_quote_table_len
static size_t expr_quote_table_len
Definition xlat_expr.c:1957
xlat_instantiate_exists
static int xlat_instantiate_exists(xlat_inst_ctx_t const *xctx)
Definition xlat_expr.c:1630
xlat_expr_print_nary
static fr_slen_t xlat_expr_print_nary(fr_sbuff_t *out, xlat_exp_t const *node, void *instance, fr_sbuff_escape_rules_t const *e_rules)
Definition xlat_expr.c:775
xlat_register_expressions
int xlat_register_expressions(void)
Definition xlat_expr.c:1762
xlat_func_exists_arg
static xlat_arg_parser_t const xlat_func_exists_arg[]
Definition xlat_expr.c:1605
xlat_logical_process_arg
static xlat_action_t xlat_logical_process_arg(UNUSED TALLOC_CTX *ctx, UNUSED fr_dcursor_t *out, xlat_ctx_t const *xctx, request_t *request, UNUSED fr_value_box_list_t *in)
Process one argument of a logical operation.
Definition xlat_expr.c:1026
xlat_tokenize_expression_internal
static fr_slen_t xlat_tokenize_expression_internal(TALLOC_CTX *ctx, xlat_exp_head_t **out, fr_sbuff_t *in, fr_sbuff_parse_rules_t const *p_rules, tmpl_rules_t const *t_rules, bool cond)
Definition xlat_expr.c:3131
xlat_expr_print_unary
static fr_slen_t xlat_expr_print_unary(fr_sbuff_t *out, xlat_exp_t const *node, UNUSED void *inst, fr_sbuff_escape_rules_t const *e_rules)
Definition xlat_expr.c:133
P
#define P(_x, _y)
Definition xlat_expr.c:1881
regex_op_xlat_args
static xlat_arg_parser_t const regex_op_xlat_args[]
Definition xlat_expr.c:560
xlat_ungroup
static void xlat_ungroup(xlat_exp_head_t *head)
Undo work which shouldn't have been done.
Definition xlat_expr.c:874
xlat_func_unary_complement
static xlat_action_t xlat_func_unary_complement(TALLOC_CTX *ctx, fr_dcursor_t *out, xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *in)
Definition xlat_expr.c:1396
xlat_cmp_op
static xlat_action_t xlat_cmp_op(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, UNUSED request_t *request, fr_value_box_list_t *in, fr_token_t op)
Definition xlat_expr.c:385
precedence
static const int precedence[T_TOKEN_LAST]
Definition xlat_expr.c:1883
xlat_func_unary_minus
static xlat_action_t xlat_func_unary_minus(TALLOC_CTX *ctx, fr_dcursor_t *out, xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *in)
Definition xlat_expr.c:1389
xlat_logical_or_resume
static xlat_action_t xlat_logical_or_resume(TALLOC_CTX *ctx, fr_dcursor_t *out, xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *in)
Definition xlat_expr.c:1108
expr_quote_table
static fr_table_num_sorted_t const expr_quote_table[]
Definition xlat_expr.c:1951
XLAT_REGISTER_BINARY_OP
#define XLAT_REGISTER_BINARY_OP(_op, _name)
Definition xlat_expr.c:1704
XLAT_REGEX_FUNC
#define XLAT_REGEX_FUNC(_name, _op)
Definition xlat_expr.c:749
xlat_binary_op
static xlat_action_t xlat_binary_op(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *in, fr_token_t op, fr_type_t default_type, fr_dict_attr_t const *enumv)
Definition xlat_expr.c:294
valid_type
static bool valid_type(xlat_exp_t *node)
Definition xlat_expr.c:2777
xlat_logical_and
static bool xlat_logical_and(xlat_logical_rctx_t *rctx, fr_value_box_list_t const *in)
See if the input is truthy or not.
Definition xlat_expr.c:1166
xlat_logical_rctx_t::last_success
bool last_success
Definition xlat_expr.c:769
xlat_logical_rctx_t::box
fr_value_box_t * box
output value-box
Definition xlat_expr.c:770
xlat_logical_inst_t::stop_on_match
bool stop_on_match
Definition xlat_expr.c:761
XLAT_DEBUG
#define XLAT_DEBUG(...)
Definition xlat_expr.c:39
xlat_regex_rctx_t::list
fr_value_box_list_t list
Definition xlat_expr.c:449
xlat_regex_op
static xlat_action_t xlat_regex_op(TALLOC_CTX *ctx, fr_dcursor_t *out, xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *in, fr_token_t op)
Definition xlat_expr.c:716
xlat_func_unary_not
static xlat_action_t xlat_func_unary_not(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, UNUSED request_t *request, fr_value_box_list_t *in)
Definition xlat_expr.c:1362
xlat_regex_inst_t::regex_flags
fr_regex_flags_t * regex_flags
Definition xlat_expr.c:444
xlat_node_matches_bool
static bool xlat_node_matches_bool(bool *result, xlat_exp_t *parent, xlat_exp_head_t *head, bool sense)
Definition xlat_expr.c:823
xlat_instantiate_regex
static int xlat_instantiate_regex(xlat_inst_ctx_t const *xctx)
Definition xlat_expr.c:516
xlat_func_unary_op
static xlat_action_t xlat_func_unary_op(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *in, fr_token_t op)
Definition xlat_expr.c:1318
xlat_expr_resolve_binary
static int xlat_expr_resolve_binary(xlat_exp_t *node, UNUSED void *inst, xlat_res_rules_t const *xr_rules)
Definition xlat_expr.c:166
logical_ops
static const bool logical_ops[T_TOKEN_LAST]
Definition xlat_expr.c:1857
xlat_logical_inst_t::callback
xlat_func_t callback
Definition xlat_expr.c:762
xlat_exists_rctx_t::last_success
bool last_success
Definition xlat_expr.c:1601
binary_op_xlat_args
static xlat_arg_parser_t const binary_op_xlat_args[]
Definition xlat_expr.c:288
xlat_attr_exists
static xlat_action_t xlat_attr_exists(TALLOC_CTX *ctx, fr_dcursor_t *out, request_t *request, tmpl_t const *vpt, bool do_free)
Definition xlat_expr.c:1661
binary_cmp_xlat_args
static xlat_arg_parser_t const binary_cmp_xlat_args[]
Definition xlat_expr.c:379
multivalue_ops
static const bool multivalue_ops[T_TOKEN_LAST]
Definition xlat_expr.c:1870
binary_ops
static const fr_sbuff_term_elem_t binary_ops[T_TOKEN_LAST]
Definition xlat_expr.c:1825
xlat_logical_or
static bool xlat_logical_or(xlat_logical_rctx_t *rctx, fr_value_box_list_t const *in)
See if the input is truthy or not.
Definition xlat_expr.c:1063
xlat_logical_rctx_t::current
int current
Definition xlat_expr.c:771
xlat_regex_inst_t::op
fr_token_t op
Definition xlat_expr.c:441
xlat_logical_rctx_t::ctx
TALLOC_CTX * ctx
Definition xlat_expr.c:768
xlat_regex_inst_t::regex
regex_t * regex
precompiled regex
Definition xlat_expr.c:442
XLAT_REGISTER_NARY_OP
#define XLAT_REGISTER_NARY_OP(_op, _name, _func_name)
Definition xlat_expr.c:1725
xlat_instantiate_expr_rcode
static int xlat_instantiate_expr_rcode(xlat_inst_ctx_t const *xctx)
Convert static expr_rcode arguments into rcodes.
Definition xlat_expr.c:1419
fr_value_box_init_zero
static void fr_value_box_init_zero(fr_value_box_t *vb, fr_type_t type)
Definition xlat_expr.c:271
xlat_regex_resume
static xlat_action_t xlat_regex_resume(TALLOC_CTX *ctx, fr_dcursor_t *out, xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *in)
Definition xlat_expr.c:676
expr_assignment_op_table
static fr_table_num_ordered_t const expr_assignment_op_table[]
Definition xlat_expr.c:2743
xlat_exists_alloc
static xlat_exp_t * xlat_exists_alloc(TALLOC_CTX *ctx, xlat_exp_t *child)
Allocate a specific cast node.
Definition xlat_expr.c:111
expr_cast_alloc
static xlat_exp_t * expr_cast_alloc(TALLOC_CTX *ctx, fr_type_t type, xlat_exp_t *child)
Allocate a specific cast node.
Definition xlat_expr.c:2077
expr_cast_from_substr
static fr_slen_t expr_cast_from_substr(fr_type_t *cast, fr_sbuff_t *in)
Definition xlat_expr.c:2114
tokenize_rcode
static ssize_t tokenize_rcode(xlat_exp_head_t *head, xlat_exp_t **out, fr_sbuff_t *in, fr_sbuff_term_t const *terminals)
Definition xlat_expr.c:2251
XLAT_REGISTER_BINARY_CMP
#define XLAT_REGISTER_BINARY_CMP(_op, _name)
Definition xlat_expr.c:1714
xlat_func_rcode_arg
static xlat_arg_parser_t const xlat_func_rcode_arg[]
Takes no arguments.
Definition xlat_expr.c:1563
xlat_expr_logical_purify
static int xlat_expr_logical_purify(xlat_exp_t *node, void *instance, request_t *request)
If any argument resolves to inst->stop_on_match, the entire thing is a bool of inst->stop_on_match.
Definition xlat_expr.c:900
xlat_logical_rctx_t::list
fr_value_box_list_t list
Definition xlat_expr.c:772
xlat_rcode_inst_t::rcode
rlm_rcode_t rcode
The preparsed rcode.
Definition xlat_expr.c:1411
xlat_logical_inst_t::argv
xlat_exp_head_t ** argv
Definition xlat_expr.c:764
xlat_expr_print_exists
static fr_slen_t xlat_expr_print_exists(fr_sbuff_t *out, xlat_exp_t const *node, void *instance, fr_sbuff_escape_rules_t const *e_rules)
Definition xlat_expr.c:1613
xlat_instantiate_logical
static int xlat_instantiate_logical(xlat_inst_ctx_t const *xctx)
Definition xlat_expr.c:1268
XLAT_REGISTER_UNARY
#define XLAT_REGISTER_UNARY(_op, _xlat, _func)
Definition xlat_expr.c:1753
unary_op_xlat_args
static xlat_arg_parser_t const unary_op_xlat_args[]
Definition xlat_expr.c:1313
xlat_tokenize_expression
fr_slen_t xlat_tokenize_expression(TALLOC_CTX *ctx, xlat_exp_head_t **out, fr_sbuff_t *in, fr_sbuff_parse_rules_t const *p_rules, tmpl_rules_t const *t_rules)
Definition xlat_expr.c:3208
xlat_func_expr_rcode_arg
static xlat_arg_parser_t const xlat_func_expr_rcode_arg[]
Definition xlat_expr.c:1403
tokenize_regex_rhs
static fr_slen_t tokenize_regex_rhs(xlat_exp_head_t *head, xlat_exp_t **out, fr_sbuff_t *in, tmpl_rules_t const *t_rules, fr_sbuff_parse_rules_t const *bracket_rules)
Definition xlat_expr.c:2154
xlat_expr_print_regex
static fr_slen_t xlat_expr_print_regex(fr_sbuff_t *out, xlat_exp_t const *node, void *instance, fr_sbuff_escape_rules_t const *e_rules)
Definition xlat_expr.c:452
operator_terms
static const fr_sbuff_term_t operator_terms
Definition xlat_expr.c:3111
XLAT_REGISTER_REGEX_OP
#define XLAT_REGISTER_REGEX_OP(_op, _name)
Definition xlat_expr.c:1736
xlat_logical_and_resume
static xlat_action_t xlat_logical_and_resume(TALLOC_CTX *ctx, fr_dcursor_t *out, xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *in)
Definition xlat_expr.c:1216
tokenize_field
static ssize_t tokenize_field(xlat_exp_head_t *head, xlat_exp_t **out, fr_sbuff_t *in, fr_sbuff_parse_rules_t const *p_rules, tmpl_rules_t const *t_rules, fr_sbuff_parse_rules_t const *bracket_rules, char *out_c, bool cond)
Definition xlat_expr.c:2305
tokenize_expression
static ssize_t tokenize_expression(xlat_exp_head_t *head, xlat_exp_t **out, fr_sbuff_t *in, fr_sbuff_parse_rules_t const *p_rules, tmpl_rules_t const *t_rules, fr_token_t prev, fr_sbuff_parse_rules_t const *bracket_rules, fr_sbuff_parse_rules_t const *input_rules, bool cond)
Tokenize a mathematical operation.
Definition xlat_expr.c:2816
XLAT_CMP_FUNC
#define XLAT_CMP_FUNC(_name, _op)
Definition xlat_expr.c:423
xlat_tokenize_condition
fr_slen_t xlat_tokenize_condition(TALLOC_CTX *ctx, xlat_exp_head_t **out, fr_sbuff_t *in, fr_sbuff_parse_rules_t const *p_rules, tmpl_rules_t const *t_rules)
Definition xlat_expr.c:3236
xlat_exists_inst_t
Definition xlat_expr.c:1596
xlat_exists_rctx_t
Definition xlat_expr.c:1600
xlat_logical_inst_t
Definition xlat_expr.c:760
xlat_logical_rctx_t
Definition xlat_expr.c:767
xlat_rcode_inst_t
Holds the result of pre-parsing the rcode on startup.
Definition xlat_expr.c:1410
xlat_regex_inst_t
Definition xlat_expr.c:440
xlat_regex_rctx_t
Definition xlat_expr.c:447
xlat_func_flags_set
void xlat_func_flags_set(xlat_t *x, xlat_func_flags_t flags)
Specify flags that alter the xlat's behaviour.
Definition xlat_func.c:402
xlat_func_args_set
int xlat_func_args_set(xlat_t *x, xlat_arg_parser_t const args[])
Register the arguments of an xlat.
Definition xlat_func.c:365
xlat_func_register
xlat_t * xlat_func_register(TALLOC_CTX *ctx, char const *name, xlat_func_t func, fr_type_t return_type)
Register an xlat function.
Definition xlat_func.c:218
xlat_func_print_set
void xlat_func_print_set(xlat_t *xlat, xlat_print_t func)
Set a print routine for an xlat function.
Definition xlat_func.c:414
xlat_func_find
xlat_t * xlat_func_find(char const *in, ssize_t inlen)
Definition xlat_func.c:79
xlat_func_instantiate_set
#define xlat_func_instantiate_set(_xlat, _instantiate, _inst_struct, _detach, _uctx)
Set a callback for global instantiation of xlat functions.
Definition xlat_func.h:93
XLAT_FUNC_FLAG_INTERNAL
@ XLAT_FUNC_FLAG_INTERNAL
Definition xlat_func.h:39
xlat_exp_head_alloc
#define xlat_exp_head_alloc(_ctx)
Definition xlat_priv.h:269
xlat_exp_s::flags
xlat_flags_t flags
Flags that control resolution and evaluation.
Definition xlat_priv.h:155
xlat_exp_next
static xlat_exp_t * xlat_exp_next(xlat_exp_head_t const *head, xlat_exp_t const *node)
Definition xlat_priv.h:242
xlat_exp_head_s::flags
xlat_flags_t flags
Flags that control resolution and evaluation.
Definition xlat_priv.h:188
xlat_tokenize_regex
int xlat_tokenize_regex(xlat_exp_head_t *head, xlat_exp_t **out, fr_sbuff_t *in, fr_sbuff_marker_t *m_s)
xlat_exp_s::quote
fr_token_t quote
Type of quoting around XLAT_GROUP types.
Definition xlat_priv.h:153
XLAT_BOX
@ XLAT_BOX
fr_value_box_t
Definition xlat_priv.h:107
XLAT_TMPL
@ XLAT_TMPL
xlat attribute
Definition xlat_priv.h:111
XLAT_FUNC
@ XLAT_FUNC
xlat module
Definition xlat_priv.h:109
XLAT_GROUP
@ XLAT_GROUP
encapsulated string of xlats
Definition xlat_priv.h:115
xlat_flags_merge
static void xlat_flags_merge(xlat_flags_t *parent, xlat_flags_t const *child)
Merge flags from child to parent.
Definition xlat_priv.h:225
xlat_exp_set_type
#define xlat_exp_set_type(_node, _type)
Definition xlat_priv.h:272
xlat_s::token
fr_token_t token
for expressions
Definition xlat_priv.h:68
xlat_exp_s::fmt
char const *_CONST fmt
The original format string (a talloced buffer).
Definition xlat_priv.h:152
xlat_print_node
ssize_t xlat_print_node(fr_sbuff_t *out, xlat_exp_head_t const *head, xlat_exp_t const *node, fr_sbuff_escape_rules_t const *e_rules, char c)
Definition xlat_tokenize.c:1031
xlat_purify_list
int xlat_purify_list(xlat_exp_head_t *head, request_t *request)
Definition xlat_purify.c:61
xlat_exp_s::type
xlat_type_t _CONST type
type of this expansion.
Definition xlat_priv.h:156
xlat_exp_alloc
#define xlat_exp_alloc(_ctx, _type, _in, _inlen)
Definition xlat_priv.h:278
xlat_s::flags
xlat_flags_t flags
various flags
Definition xlat_priv.h:90
xlat_exp_foreach
#define xlat_exp_foreach(_list_head, _iter)
Iterate over the contents of a list, only one level.
Definition xlat_priv.h:218
xlat_exp_insert_tail
static int xlat_exp_insert_tail(xlat_exp_head_t *head, xlat_exp_t *node)
Definition xlat_priv.h:234
xlat_exp_head
static xlat_exp_t * xlat_exp_head(xlat_exp_head_t const *head)
Definition xlat_priv.h:205
xlat_exp_head_s
Definition xlat_priv.h:186
xlat_exp_s
An xlat expansion node.
Definition xlat_priv.h:149
xlat_s
Definition xlat_priv.h:59
Generated by   doxygen 1.9.8