The FreeRADIUS server $Id: 15bac2a4c627c01d1aa2047687b3418955ac7f00 $
Loading...
Searching...
No Matches
xlat_expr.c
Go to the documentation of this file.
1/*
2 * This program is free software; you can redistribute it and/or modify
3 * it under the terms of the GNU General Public License as published by
4 * the Free Software Foundation; either version 2 of the License, or
5 * (at your option) any later version.
6 *
7 * This program is distributed in the hope that it will be useful,
8 * but WITHOUT ANY WARRANTY; without even the implied warranty of
9 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
10 * GNU General Public License for more details.
11 *
12 * You should have received a copy of the GNU General Public License
13 * along with this program; if not, write to the Free Software
14 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
15 */
16
17/**
18 * $Id: c2da1069ba59b7c1e6b72fafa8c9157bd1a88048 $
19 *
20 * @file xlat_expr.c
21 * @brief Tokenizers and support functions for xlat expressions
22 *
23 * @copyright 2021 The FreeRADIUS server project
24 * @copyright 2021 Network RADIUS SAS (legal@networkradius.com)
25 */
26
27RCSID("$Id: c2da1069ba59b7c1e6b72fafa8c9157bd1a88048 $")
28
29#include <freeradius-devel/server/base.h>
30#include <freeradius-devel/unlang/xlat_priv.h>
31#include <freeradius-devel/util/calc.h>
32#include <freeradius-devel/server/tmpl_dcursor.h>
33
34#undef XLAT_DEBUG
35#ifdef DEBUG_XLAT
36# define XLAT_DEBUG(_fmt, ...) DEBUG3("%s[%i] "_fmt, __FILE__, __LINE__, ##__VA_ARGS__)
37#else
38# define XLAT_DEBUG(...)
39#endif
40
41/*
42 * The new tokenizer accepts most things which are accepted by the old one. Many of the errors will be
43 * different, though.
44 *
45 * @todo - add a "output" fr_type_t to xlat_t, which is mainly used by the comparison functions. Right
46 * now it will happily parse things like:
47 *
48 * (1 < 2) < 3
49 *
50 * though the result of (1 < 2) is a boolean, so the result is always true. We probably want to have
51 * that as a compile-time error / check. This can probably just be done with xlat_purify() ? which
52 * doesn't need to interpret the LHS, but just knows its limits. We perhaps want a "range compare"
53 * function, which just checks ranges on one side against values on the right.
54 *
55 * Even worse, when we do "((bool) 1) < 3", the RHS is cast to the type of the LHS by
56 * tmpl_afrom_substr(). This is because we pass the LHS data type recursively down, which works most of
57 * the time, but not all of the time. There are currently hacks in the "upcast" code here to fix this,
58 * but it's a hack.
59 *
60 * @todo - add instantiation routines for assignment operations. This lets us do things
61 * like:
62 * if ((&foo += 4) > 6) ...
63 *
64 * However, this would also require us adding an edit list pointer to the xlat evaluation functions,
65 * which is not trivial. Or, maybe we attach it to the request somehow?
66 */
67
68static xlat_exp_t *xlat_exists_alloc(TALLOC_CTX *ctx, xlat_exp_t *child);
69
70static void xlat_func_append_arg(xlat_exp_t *head, xlat_exp_t *node, bool exists)
71{
72 xlat_exp_t *group;
73
74 fr_assert(head->type == XLAT_FUNC);
75
76 /*
77 * Wrap existence checks for attribute reference.
78 */
79 if (exists && (node->type == XLAT_TMPL) && tmpl_contains_attr(node->vpt)) {
80 node = xlat_exists_alloc(head, node);
81 }
82
83 if (!head->call.args) {
84 MEM(head->call.args = xlat_exp_head_alloc(head));
85 head->call.args->is_argv = true;
86 }
87
88 /*
89 * Wrap it in a group.
90 */
91 group = xlat_exp_alloc(head->call.args, XLAT_GROUP, NULL, 0);
92 group->quote = T_BARE_WORD;
93
94 xlat_exp_set_name_shallow(group, node->fmt); /* not entirely correct, but good enough for now */
95 group->flags = node->flags;
96
97 talloc_steal(group->group, node);
98 xlat_exp_insert_tail(group->group, node);
99
100 xlat_exp_insert_tail(head->call.args, group);
101
102 xlat_flags_merge(&head->flags, &head->call.args->flags);
103}
104
105
106/** Allocate a specific cast node.
107 *
108 * With the first argument being a UINT8 of the data type.
109 * See xlat_func_cast() for the implementation.
110 *
111 */
112static xlat_exp_t *xlat_exists_alloc(TALLOC_CTX *ctx, xlat_exp_t *child)
113{
114 xlat_exp_t *node;
115
116 fr_assert(child->type == XLAT_TMPL);
117 fr_assert(tmpl_contains_attr(child->vpt));
118
119 /*
120 * Create an "exists" node.
121 */
122 MEM(node = xlat_exp_alloc(ctx, XLAT_FUNC, "exists", 6));
123 xlat_exp_set_name_shallow(node, child->vpt->name);
124
125 MEM(node->call.func = xlat_func_find("exists", 6));
126 fr_assert(node->call.func != NULL);
127
128 /*
129 * The attribute may need resolving, in which case we have to set the flag as appropriate.
130 */
131 node->flags = (xlat_flags_t) { .needs_resolving = tmpl_needs_resolving(child->vpt)};
132
133 if (!node->flags.needs_resolving) node->call.dict = tmpl_attr_tail_da(child->vpt)->dict;
134
135 xlat_func_append_arg(node, child, false);
136
137 return node;
138}
139
140
141static fr_slen_t xlat_expr_print_unary(fr_sbuff_t *out, xlat_exp_t const *node, UNUSED void *inst, fr_sbuff_escape_rules_t const *e_rules)
142{
143 size_t at_in = fr_sbuff_used_total(out);
144
145 FR_SBUFF_IN_STRCPY_RETURN(out, fr_tokens[node->call.func->token]);
146 xlat_print_node(out, node->call.args, xlat_exp_head(node->call.args), e_rules, 0);
147
148 return fr_sbuff_used_total(out) - at_in;
149}
150
151static fr_slen_t xlat_expr_print_binary(fr_sbuff_t *out, xlat_exp_t const *node, UNUSED void *inst, fr_sbuff_escape_rules_t const *e_rules)
152{
153 size_t at_in = fr_sbuff_used_total(out);
154 xlat_exp_t *child = xlat_exp_head(node->call.args);
155
156 fr_assert(child != NULL);
157
158 FR_SBUFF_IN_CHAR_RETURN(out, '(');
159 xlat_print_node(out, node->call.args, child, e_rules, 0); /* prints a space after the first argument */
160
161 FR_SBUFF_IN_STRCPY_RETURN(out, fr_tokens[node->call.func->token]);
162 FR_SBUFF_IN_CHAR_RETURN(out, ' ');
163
164 child = xlat_exp_next(node->call.args, child);
165 fr_assert(child != NULL);
166
167 xlat_print_node(out, node->call.args, child, e_rules, 0);
168
169 FR_SBUFF_IN_CHAR_RETURN(out, ')');
170
171 return fr_sbuff_used_total(out) - at_in;
172}
173
174static int xlat_expr_resolve_binary(xlat_exp_t *node, UNUSED void *inst, xlat_res_rules_t const *xr_rules)
175{
176 xlat_exp_t *arg1, *arg2;
177 xlat_exp_t *a, *b;
178 tmpl_res_rules_t my_tr_rules;
179
180 XLAT_DEBUG("RESOLVE %s\n", node->fmt);
181
182 arg1 = xlat_exp_head(node->call.args);
183 fr_assert(arg1);
184 fr_assert(arg1->type == XLAT_GROUP);
185
186 arg2 = xlat_exp_next(node->call.args, arg1);
187 fr_assert(arg2);
188 fr_assert(arg2->type == XLAT_GROUP);
189
190 a = xlat_exp_head(arg1->group);
191 b = xlat_exp_head(arg2->group);
192
193 /*
194 * We have many things here, just call resolve recursively.
195 */
196 if (xlat_exp_next(arg1->group, a) || (xlat_exp_next(arg2->group, b))) goto resolve;
197
198 /*
199 * Anything else must get resolved at run time.
200 */
201 if ((a->type != XLAT_TMPL) || (b->type != XLAT_TMPL)) goto resolve;
202
203 /*
204 * The tr_rules should always contain dict_def
205 */
206 fr_assert(xr_rules); /* always set by xlat_resolve() */
207 if (xr_rules->tr_rules) {
208 my_tr_rules = *xr_rules->tr_rules;
209 } else {
210 my_tr_rules = (tmpl_res_rules_t) { };
211 }
212
213 /*
214 * The LHS attribute dictates the enumv for the RHS one.
215 */
216 if (tmpl_contains_attr(a->vpt)) {
217 XLAT_DEBUG("\ta - %s %s\n", a->fmt, b->fmt);
218
219 if (a->flags.needs_resolving) {
220 XLAT_DEBUG("\tresolve attr a\n");
221 if (tmpl_resolve(a->vpt, &my_tr_rules) < 0) return -1;
222 a->flags.needs_resolving = false;
223 }
224
225 my_tr_rules.enumv = tmpl_attr_tail_da(a->vpt);
226
227 XLAT_DEBUG("\tresolve other b\n");
228 if (tmpl_resolve(b->vpt, &my_tr_rules) < 0) return -1;
229
230 b->flags.needs_resolving = false;
231 b->flags.pure = tmpl_is_data(b->vpt);
232 b->flags.constant = b->flags.pure;
233 goto flags;
234 }
235
236 if (tmpl_contains_attr(b->vpt)) {
237 XLAT_DEBUG("\tb - %s %s\n", a->fmt, b->fmt);
238
239 if (b->flags.needs_resolving) {
240 XLAT_DEBUG("\tresolve attr b\n");
241 if (tmpl_resolve(b->vpt, &my_tr_rules) < 0) return -1;
242
243 b->flags.needs_resolving = false;
244 }
245
246 my_tr_rules.enumv = tmpl_attr_tail_da(b->vpt);
247
248 XLAT_DEBUG("\tresolve other a\n");
249 if (tmpl_resolve(a->vpt, &my_tr_rules) < 0) return -1;
250
251 a->flags.needs_resolving = false;
252 a->flags.pure = tmpl_is_data(a->vpt);
253 a->flags.constant = a->flags.pure;
254 goto flags;
255 }
256
257resolve:
258 /*
259 * This call will fix everything recursively.
260 */
261 return xlat_resolve(node->call.args, xr_rules);
262
263flags:
264 arg1->flags = arg1->group->flags = a->flags;
265 arg2->flags = arg2->group->flags = b->flags;
266 xlat_flags_merge(&node->call.args->flags, &arg2->flags);
267
268 fr_assert(!a->flags.needs_resolving);
269 fr_assert(!b->flags.needs_resolving);
270
271 fr_assert(!arg1->flags.needs_resolving);
272 fr_assert(!arg2->flags.needs_resolving);
273
274 node->call.args->flags.needs_resolving = false;
275
276 return 0;
277}
278
279static void fr_value_box_init_zero(fr_value_box_t *vb, fr_type_t type)
280{
281 switch (type) {
282 case FR_TYPE_STRING:
283 fr_value_box_strdup_shallow(vb, NULL, "", false);
284 break;
285
286 case FR_TYPE_OCTETS:
287 fr_value_box_memdup_shallow(vb, NULL, (void const *) "", 0, false);
288 break;
289
290 default:
291 fr_value_box_init(vb, type, NULL, false);
292 break;
293 }
294}
295
296static xlat_arg_parser_t const binary_op_xlat_args[] = {
297 { .required = false, .type = FR_TYPE_VOID },
298 { .required = false, .type = FR_TYPE_VOID },
299 XLAT_ARG_PARSER_TERMINATOR
300};
301
302static xlat_action_t xlat_binary_op(TALLOC_CTX *ctx, fr_dcursor_t *out,
303 UNUSED xlat_ctx_t const *xctx,
304 request_t *request, fr_value_box_list_t *in,
305 fr_token_t op,
306 fr_type_t default_type, fr_dict_attr_t const *enumv)
307{
308 int rcode;
309 fr_value_box_t *dst, *a, *b;
310 fr_value_box_t one, two;
311
312 MEM(dst = fr_value_box_alloc_null(ctx));
313
314 /*
315 * Each argument is a FR_TYPE_GROUP, with one or more elements in a list.
316 */
317 a = fr_value_box_list_head(in);
318 b = fr_value_box_list_next(in, a);
319
320 if (!a && !b) return XLAT_ACTION_FAIL;
321
322 fr_assert(!a || (a->type == FR_TYPE_GROUP));
323 fr_assert(!b || (b->type == FR_TYPE_GROUP));
324
325 fr_assert(!fr_comparison_op[op]);
326
327 if (fr_value_box_list_num_elements(&a->vb_group) > 1) {
328 REDEBUG("Expected one value as the first argument, got %u",
329 fr_value_box_list_num_elements(&a->vb_group));
330 return XLAT_ACTION_FAIL;
331 }
332 a = fr_value_box_list_head(&a->vb_group);
333
334 if (fr_value_box_list_num_elements(&b->vb_group) > 1) {
335 REDEBUG("Expected one value as the second argument, got %u",
336 fr_value_box_list_num_elements(&b->vb_group));
337 return XLAT_ACTION_FAIL;
338 }
339 b = fr_value_box_list_head(&b->vb_group);
340
341 if (!a) {
342 a = &one;
343 fr_value_box_init_zero(a, b->type);
344 }
345
346 if (!b) {
347 b = &two;
348 fr_value_box_init_zero(b, a->type);
349 }
350
351 rcode = fr_value_calc_binary_op(dst, dst, default_type, a, op, b);
352 if (rcode < 0) {
353 RPEDEBUG("Failed calculating '%pV %s %pV'", a, fr_tokens[op], b);
354 talloc_free(dst);
355 return XLAT_ACTION_FAIL;
356 }
357
358 /*
359 * Over-write, but only if it's present. Otherwise leave
360 * any existing enum alone.
361 */
362 if (enumv) dst->enumv = enumv;
363 fr_dcursor_append(out, dst);
364
365 VALUE_BOX_LIST_VERIFY((fr_value_box_list_t *)out->dlist);
366 return XLAT_ACTION_DONE;
367}
368
369#define XLAT_BINARY_FUNC(_name, _op) \
370static xlat_action_t xlat_func_ ## _name(TALLOC_CTX *ctx, fr_dcursor_t *out, \
371 xlat_ctx_t const *xctx, \
372 request_t *request, fr_value_box_list_t *in) \
373{ \
374 return xlat_binary_op(ctx, out, xctx, request, in, _op, FR_TYPE_NULL, NULL); \
375}
376
377XLAT_BINARY_FUNC(op_add, T_ADD)
378XLAT_BINARY_FUNC(op_sub, T_SUB)
379XLAT_BINARY_FUNC(op_mul, T_MUL)
380XLAT_BINARY_FUNC(op_div, T_DIV)
381XLAT_BINARY_FUNC(op_mod, T_MOD)
382XLAT_BINARY_FUNC(op_and, T_AND)
383XLAT_BINARY_FUNC(op_or, T_OR)
384XLAT_BINARY_FUNC(op_xor, T_XOR)
385XLAT_BINARY_FUNC(op_rshift, T_RSHIFT)
386XLAT_BINARY_FUNC(op_lshift, T_LSHIFT)
387
388static xlat_arg_parser_t const binary_cmp_xlat_args[] = {
389 { .required = false, .type = FR_TYPE_VOID },
390 { .required = false, .type = FR_TYPE_VOID },
391 XLAT_ARG_PARSER_TERMINATOR
392};
393
394/*
395 * @todo - arguably this function should process its own arguments, like logical_or.
396 *
397 * That way it can return XLAT_ACTION_FAIL if either argument fails to be found,
398 * or if the comparison matches, it returns the RHS value. This behavior will
399 * let us to multiple comparisons, like:
400 *
401 * if (0 < x < 5) ...
402 *
403 * Which is then syntactic sugar for
404 *
405 * if ((0 < x) < 5) ...
406 *
407 * That means the comparisons no longer return "bool", so if we
408 * want to do this, the change has to be made before v4 is
409 * released.
410 *
411 * Other operators like "+=" would return their LHS value. But in order to do that, we would have to
412 * update the expression parser to allow in-place edits, and that may be a fair bit of work.
413 *
414 * It also lets us do more interesting selectors, such as:
415 *
416 * foo || (0 < x)
417 *
418 * which if "foo" doesn't exist, evaluates the RHS, and then returns "x" only if x is greater than zero.
419 * This short-hand can remove a lot of complex / nested "if" conditions.
420 *
421 * It could also allow us to do better attribute filtering:
422 *
423 * foo := (0 < foo < 5)
424 *
425 * Which ensures that "foo" has value only 1..4.
426 *
427 * It would be nice to have a syntax for "self", so we could instead do:
428 *
429 * foo := (0 < $$ < 5)
430 *
431 * Which could then also be used inside of attribute selectors:
432 *
433 * foreach foo (Vendor-Specific.Cisco.AVPair[$$ =~ /^x/]) { ...
434 *
435 * and now that we have pair cursors as value-boxes, this becomes a lot easier.
436 * "$$" then becomes syntactic sugar for "the pair at the current cursor".
437 *
438 * It also means tracking somehow the value of $$ in the interpreter? Maybe as a short-hand, just update
439 * the #request_t to add a #fr_pair_t of the current cursor value. This is a horrible hack, but would be
440 * easy to do. It doesn't allow nested cursors, but whatever. The syntax for that would be hard to get
441 * right.
442 */
443static xlat_action_t xlat_cmp_op(TALLOC_CTX *ctx, fr_dcursor_t *out,
444 UNUSED xlat_ctx_t const *xctx,
445 UNUSED request_t *request, fr_value_box_list_t *in,
446 fr_token_t op)
447{
448 int rcode;
449 fr_value_box_t *dst, *a, *b;
450
451 /*
452 * Each argument is a FR_TYPE_GROUP, with one or more elements in a list.
453 */
454 a = fr_value_box_list_head(in);
455 b = fr_value_box_list_next(in, a);
456
457 if (!a || !b) return XLAT_ACTION_FAIL;
458
459 fr_assert(a->type == FR_TYPE_GROUP);
460 fr_assert(b->type == FR_TYPE_GROUP);
461
462 fr_assert(fr_comparison_op[op]);
463
464 MEM(dst = fr_value_box_alloc(ctx, FR_TYPE_BOOL, attr_expr_bool_enum));
465
466 rcode = fr_value_calc_list_cmp(dst, dst, &a->vb_group, op, &b->vb_group);
467 if (rcode < 0) {
468 talloc_free(dst);
469 return XLAT_ACTION_FAIL;
470 }
471
472 fr_assert(dst->type == FR_TYPE_BOOL);
473 dst->enumv = attr_expr_bool_enum;
474
475 fr_dcursor_append(out, dst);
476 VALUE_BOX_LIST_VERIFY((fr_value_box_list_t *)out->dlist);
477 return XLAT_ACTION_DONE;
478}
479
480
481#define XLAT_CMP_FUNC(_name, _op) \
482static xlat_action_t xlat_func_ ## _name(TALLOC_CTX *ctx, fr_dcursor_t *out, \
483 xlat_ctx_t const *xctx, \
484 request_t *request, fr_value_box_list_t *in) \
485{ \
486 return xlat_cmp_op(ctx, out, xctx, request, in, _op); \
487}
488
489XLAT_CMP_FUNC(cmp_eq, T_OP_CMP_EQ)
490XLAT_CMP_FUNC(cmp_ne, T_OP_NE)
491XLAT_CMP_FUNC(cmp_lt, T_OP_LT)
492XLAT_CMP_FUNC(cmp_le, T_OP_LE)
493XLAT_CMP_FUNC(cmp_gt, T_OP_GT)
494XLAT_CMP_FUNC(cmp_ge, T_OP_GE)
495XLAT_CMP_FUNC(cmp_eq_type, T_OP_CMP_EQ_TYPE)
496XLAT_CMP_FUNC(cmp_ne_type, T_OP_CMP_NE_TYPE)
497
498typedef struct {
499 fr_token_t op;
500 regex_t *regex; //!< precompiled regex
501 xlat_exp_t *xlat; //!< to expand
502 fr_regex_flags_t *regex_flags;
503} xlat_regex_inst_t;
504
505typedef struct {
506 bool last_success;
507 fr_value_box_list_t list;
508} xlat_regex_rctx_t;
509
510static fr_slen_t xlat_expr_print_regex(fr_sbuff_t *out, xlat_exp_t const *node, void *instance, fr_sbuff_escape_rules_t const *e_rules)
511{
512 size_t at_in = fr_sbuff_used_total(out);
513 xlat_exp_t *child = xlat_exp_head(node->call.args);
514 xlat_regex_inst_t *inst = instance;
515
516 fr_assert(child != NULL);
517
518 FR_SBUFF_IN_CHAR_RETURN(out, '(');
519 xlat_print_node(out, node->call.args, child, e_rules, 0);
520
521 /*
522 * A space is printed after the first argument only if
523 * there's a second one. So add one if we "ate" the second argument.
524 */
525 if (inst->xlat) FR_SBUFF_IN_CHAR_RETURN(out, ' ');
526
527 FR_SBUFF_IN_STRCPY_RETURN(out, fr_tokens[node->call.func->token]);
528 FR_SBUFF_IN_CHAR_RETURN(out, ' ');
529
530 /*
531 * Regexes which aren't instantiated: only for unit tests.
532 */
533 if (!inst->xlat) {
534 child = xlat_exp_next(node->call.args, child);
535
536 fr_assert(child != NULL);
537 fr_assert(!xlat_exp_next(node->call.args, child));
538 fr_assert(child->type == XLAT_GROUP);
539
540 FR_SBUFF_IN_CHAR_RETURN(out, '/');
541 FR_SBUFF_IN_STRCPY_RETURN(out, child->fmt);
542 FR_SBUFF_IN_CHAR_RETURN(out, '/');
543
544 child = xlat_exp_head(child->group);
545 fr_assert(child->type == XLAT_TMPL);
546
547 /*
548 * The RHS may be a group
549 */
550 FR_SBUFF_RETURN(regex_flags_print, out, tmpl_regex_flags(child->vpt));
551 goto done;
552 }
553
554 fr_assert(tmpl_contains_regex(inst->xlat->vpt));
555
556 if (inst->xlat->quote == T_SINGLE_QUOTED_STRING) FR_SBUFF_IN_CHAR_RETURN(out, 'm');
557 FR_SBUFF_IN_CHAR_RETURN(out, fr_token_quote[inst->xlat->quote]);
558 FR_SBUFF_IN_STRCPY_RETURN(out, inst->xlat->vpt->name);
559 FR_SBUFF_IN_CHAR_RETURN(out, fr_token_quote[inst->xlat->quote]);
560
561 FR_SBUFF_RETURN(regex_flags_print, out, inst->regex_flags);
562
563done:
564 FR_SBUFF_IN_CHAR_RETURN(out, ')');
565
566 return fr_sbuff_used_total(out) - at_in;
567}
568
569
570/*
571 * Each argument is it's own head, because we do NOT always want
572 * to go to the next argument.
573 */
574static int xlat_instantiate_regex(xlat_inst_ctx_t const *xctx)
575{
576 xlat_regex_inst_t *inst = talloc_get_type_abort(xctx->inst, xlat_regex_inst_t);
577 xlat_exp_t *lhs, *rhs, *regex;
578
579 lhs = xlat_exp_head(xctx->ex->call.args);
580 rhs = xlat_exp_next(xctx->ex->call.args, lhs);
581
582 (void) fr_dlist_remove(&xctx->ex->call.args->dlist, rhs);
583
584 fr_assert(rhs);
585 fr_assert(rhs->type == XLAT_GROUP);
586 regex = xlat_exp_head(rhs->group);
587 fr_assert(tmpl_contains_regex(regex->vpt));
588
589 inst->op = xctx->ex->call.func->token;
590 inst->regex_flags = tmpl_regex_flags(regex->vpt);
591
592 inst->xlat = talloc_steal(inst, regex);
593 talloc_free(rhs); /* group wrapper is no longer needed */
594
595 /*
596 * The RHS is more then just one regex node, it has to be dynamically expanded.
597 */
598 if (tmpl_contains_xlat(regex->vpt)) {
599 return 0;
600 }
601
602 if (tmpl_is_data_unresolved(regex->vpt)) {
603 fr_strerror_const("Regex must be resolved before instantiation");
604 return -1;
605 }
606
607 /*
608 * Must have been caught in the parse phase.
609 */
610 fr_assert(tmpl_is_regex(regex->vpt));
611
612 inst->regex = tmpl_regex(regex->vpt);
613
614 return 0;
615}
616
617
618static xlat_arg_parser_t const regex_op_xlat_args[] = {
619 { .required = true, .type = FR_TYPE_STRING },
620 { .concat = true, .type = FR_TYPE_STRING },
621 XLAT_ARG_PARSER_TERMINATOR
622};
623
624static xlat_arg_parser_t const regex_search_xlat_args[] = {
625 { .required = true, .concat = true, .type = FR_TYPE_STRING }, /* regex string */
626 { .required = true, .concat = false, .type = FR_TYPE_STRING }, /* broken out things to match */
627 { .required = false, .concat = true, .type = FR_TYPE_STRING }, /* flags */
628 XLAT_ARG_PARSER_TERMINATOR
629};
630
631
632/** Perform a regular expressions comparison between two operands
633 *
634 * @param[in] ctx to allocate resulting box in.
635 * @param[in] request The current request.
636 * @param[in] in list of item or items
637 * @param[in,out] preg Pointer to pre-compiled or runtime-compiled
638 * regular expression. In the case of runtime-compiled
639 * the pattern may be stolen by the `regex_sub_to_request`
640 * function as the original pattern is needed to resolve
641 * capture groups.
642 * The caller should only free the `regex_t *` if it
643 * compiled it, and the pointer has not been set to NULL
644 * when this function returns.
645 * @param[out] out Where result is written.
646 * @param[in] op the operation to perform.
647 * @return
648 * - -1 on failure.
649 * - 0 for "no match".
650 * - 1 for "match".
651 */
652static xlat_action_t xlat_regex_do_op(TALLOC_CTX *ctx, request_t *request, fr_value_box_list_t *in, regex_t **preg,
653 fr_dcursor_t *out, fr_token_t op)
654{
655 uint32_t subcaptures;
656 int ret = 0;
657
658 fr_regmatch_t *regmatch;
659 fr_value_box_t *dst;
660 fr_value_box_t *arg, *vb;
661 fr_sbuff_t *agg;
662 char const *subject;
663 size_t len;
664 fr_value_box_t safety = {};
665
666 FR_SBUFF_TALLOC_THREAD_LOCAL(&agg, 256, 8192);
667
668 arg = fr_value_box_list_head(in);
669 fr_assert(arg != NULL);
670 fr_assert(arg->type == FR_TYPE_GROUP);
671
672 subcaptures = regex_subcapture_count(*preg);
673 if (!subcaptures) subcaptures = REQUEST_MAX_REGEX + 1; /* +1 for %{0} (whole match) capture group */
674 MEM(regmatch = regex_match_data_alloc(NULL, subcaptures));
675
676 while ((vb = fr_value_box_list_pop_head(&arg->vb_group)) != NULL) {
677 if (vb->type == FR_TYPE_STRING) {
678 subject = vb->vb_strvalue;
679 len = vb->vb_length;
680 fr_value_box_safety_copy(&safety, vb);
681
682 } else {
683 fr_value_box_list_t list;
684
685 fr_value_box_list_init(&list);
686 fr_value_box_list_insert_head(&list, vb);
687 fr_value_box_mark_safe_for(&safety, FR_VALUE_BOX_SAFE_FOR_ANY);
688
689 vb = NULL;
690
691 /*
692 * Concatenate everything, and escape untrusted inputs.
693 */
694 if (fr_value_box_list_concat_as_string(&safety, agg, &list, NULL, 0, &regex_escape_rules,
695 FR_VALUE_BOX_LIST_FREE_BOX, FR_REGEX_SAFE_FOR, true) < 0) {
696 RPEDEBUG("Failed concatenating regular expression string");
697 talloc_free(regmatch);
698 return XLAT_ACTION_FAIL;
699 }
700
701 subject = fr_sbuff_start(agg);
702 len = fr_sbuff_used(agg);
703 }
704
705 /*
706 * Evaluate the expression
707 */
708 ret = regex_exec(*preg, subject, len, regmatch);
709 switch (ret) {
710 default:
711 RPEDEBUG("REGEX failed");
712 talloc_free(vb);
713 talloc_free(regmatch);
714 return XLAT_ACTION_FAIL;
715
716 case 0:
717 regex_sub_to_request(request, NULL, NULL, NULL); /* clear out old entries */
718 continue;
719
720 case 1:
721 regex_sub_to_request(request, preg, &regmatch, &safety);
722 talloc_free(vb);
723 goto done;
724
725 }
726
727 talloc_free(vb);
728 }
729
730done:
731 talloc_free(regmatch); /* free if not consumed */
732
733 MEM(dst = fr_value_box_alloc(ctx, FR_TYPE_BOOL, attr_expr_bool_enum));
734 dst->vb_bool = (ret == (op == T_OP_REG_EQ));
735
736 fr_dcursor_append(out, dst);
737
738 return XLAT_ACTION_DONE;
739}
740
741static xlat_action_t xlat_regex_resume(TALLOC_CTX *ctx, fr_dcursor_t *out,
742 xlat_ctx_t const *xctx,
743 request_t *request, fr_value_box_list_t *in)
744{
745 xlat_regex_inst_t const *inst = talloc_get_type_abort_const(xctx->inst, xlat_regex_inst_t);
746 xlat_regex_rctx_t *rctx = talloc_get_type_abort(xctx->rctx, xlat_regex_rctx_t);
747 ssize_t slen;
748 regex_t *preg = NULL;
749 fr_sbuff_t *agg;
750
751 FR_SBUFF_TALLOC_THREAD_LOCAL(&agg, 256, 8192);
752
753 /*
754 * If the expansions fails, then we fail the entire thing.
755 */
756 if (!rctx->last_success) {
757 talloc_free(rctx);
758 return XLAT_ACTION_FAIL;
759 }
760
761 /*
762 * Because we expanded the RHS ourselves, the "concat"
763 * flag to the RHS argument is ignored. So we just
764 * concatenate it here. We escape the various untrusted inputs.
765 */
766 if (fr_value_box_list_concat_as_string(NULL, agg, &rctx->list, NULL, 0, &regex_escape_rules,
767 FR_VALUE_BOX_LIST_FREE_BOX, FR_REGEX_SAFE_FOR, true) < 0) {
768 RPEDEBUG("Failed concatenating regular expression string");
769 return XLAT_ACTION_FAIL;
770 }
771
772 fr_assert(inst->regex == NULL);
773
774 slen = regex_compile(rctx, &preg, fr_sbuff_start(agg), fr_sbuff_used(agg),
775 tmpl_regex_flags(inst->xlat->vpt), true, true); /* flags, allow subcaptures, at runtime */
776 if (slen <= 0) return XLAT_ACTION_FAIL;
777
778 return xlat_regex_do_op(ctx, request, in, &preg, out, inst->op);
779}
780
781static xlat_action_t xlat_regex_op(TALLOC_CTX *ctx, fr_dcursor_t *out,
782 xlat_ctx_t const *xctx,
783 request_t *request, fr_value_box_list_t *in,
784 fr_token_t op)
785{
786 xlat_regex_inst_t const *inst = talloc_get_type_abort_const(xctx->inst, xlat_regex_inst_t);
787 xlat_regex_rctx_t *rctx;
788 regex_t *preg;
789
790 /*
791 * Just run precompiled regexes.
792 */
793 if (inst->regex) {
794 preg = tmpl_regex(inst->xlat->vpt);
795
796 return xlat_regex_do_op(ctx, request, in, &preg, out, op);
797 }
798
799 MEM(rctx = talloc_zero(unlang_interpret_frame_talloc_ctx(request), xlat_regex_rctx_t));
800 fr_value_box_list_init(&rctx->list);
801
802 if (unlang_xlat_yield(request, xlat_regex_resume, NULL, 0, rctx) != XLAT_ACTION_YIELD) {
803 fail:
804 talloc_free(rctx);
805 return XLAT_ACTION_FAIL;
806 }
807
808 if (unlang_xlat_push(ctx, &rctx->last_success, &rctx->list,
809 request, tmpl_xlat(inst->xlat->vpt), UNLANG_SUB_FRAME) < 0) goto fail;
810
811 return XLAT_ACTION_PUSH_UNLANG;
812}
813
814#define XLAT_REGEX_FUNC(_name, _op) \
815static xlat_action_t xlat_func_ ## _name(TALLOC_CTX *ctx, fr_dcursor_t *out, \
816 xlat_ctx_t const *xctx, \
817 request_t *request, fr_value_box_list_t *in) \
818{ \
819 return xlat_regex_op(ctx, out, xctx, request, in, _op); \
820}
821
822XLAT_REGEX_FUNC(reg_eq, T_OP_REG_EQ)
823XLAT_REGEX_FUNC(reg_ne, T_OP_REG_NE)
824
825static xlat_action_t xlat_func_regex_search(TALLOC_CTX *ctx, fr_dcursor_t *out,
826 UNUSED xlat_ctx_t const *xctx,
827 request_t *request, fr_value_box_list_t *in)
828{
829 ssize_t slen;
830 regex_t *preg;
831 fr_value_box_t *regex;
832 xlat_action_t action;
833
834 RDEBUG("IN IS %pM", in);
835
836 regex = fr_value_box_list_pop_head(in);
837 fr_assert(regex);
838 fr_assert(regex->type == FR_TYPE_STRING);
839
840 slen = regex_compile(ctx, &preg, regex->vb_strvalue, regex->vb_length,
841 NULL, true, true); /* flags, allow subcaptures, at runtime */
842 if (slen <= 0) {
843 RPEDEBUG("Failed parsing regular expression %pV", regex);
844 talloc_free(regex);
845 return XLAT_ACTION_FAIL;
846 }
847
848 action = xlat_regex_do_op(ctx, request, in, &preg, out, T_OP_REG_EQ);
849 talloc_free(regex);
850 talloc_free(preg);
851 return action;
852}
853
860
861typedef struct {
862 TALLOC_CTX *ctx;
863 bool last_success;
864 fr_value_box_t *box; //!< output value-box
865 int current;
866 fr_value_box_list_t list;
867} xlat_logical_rctx_t;
868
869static fr_slen_t xlat_expr_print_nary(fr_sbuff_t *out, xlat_exp_t const *node, void *instance, fr_sbuff_escape_rules_t const *e_rules)
870{
871 size_t at_in = fr_sbuff_used_total(out);
872 xlat_logical_inst_t *inst = instance;
873 xlat_exp_head_t *head;
874
875 FR_SBUFF_IN_CHAR_RETURN(out, '(');
876
877 /*
878 * We might get called before the node is instantiated.
879 */
880 if (!inst->argv) {
881 head = node->call.args;
882
883 fr_assert(head != NULL);
884
885 xlat_exp_foreach(head, child) {
886 xlat_print_node(out, head, child, e_rules, 0);
887
888 if (!xlat_exp_next(head, child)) break;
889
890 FR_SBUFF_IN_STRCPY_RETURN(out, fr_tokens[node->call.func->token]);
891 FR_SBUFF_IN_CHAR_RETURN(out, ' ');
892 }
893 } else {
894 int i;
895
896 for (i = 0; i < inst->argc; i++) {
897 xlat_print(out, inst->argv[i], e_rules);
898 if (i == (inst->argc - 1)) break;
899
900 FR_SBUFF_IN_CHAR_RETURN(out, ' ');
901 FR_SBUFF_IN_STRCPY_RETURN(out, fr_tokens[node->call.func->token]);
902 if ((i + 1) < inst->argc) FR_SBUFF_IN_CHAR_RETURN(out, ' ');
903 }
904 }
905
906 FR_SBUFF_IN_CHAR_RETURN(out, ')');
907
908 return fr_sbuff_used_total(out) - at_in;
909}
910
911/*
912 * This returns "false" for "ignore this argument"
913 *
914 * result is "false" for "delete this argument"
915 * result is "true" for "return this argument".
916 */
917static bool xlat_node_matches_bool(bool *result, xlat_exp_t *parent, xlat_exp_head_t *head, bool sense)
918{
919 fr_value_box_t *box;
920 xlat_exp_t *node;
921
922 if (!head->flags.pure) return false;
923
924 node = xlat_exp_head(head);
925 if (!node || xlat_exp_next(head, node)) {
926 return false;
927 }
928
929 if (node->type == XLAT_BOX) {
930 box = &node->data;
931 goto check;
932 }
933
934 if (node->type != XLAT_TMPL) {
935 return false;
936 }
937
938 if (!tmpl_is_data(node->vpt)) {
939 return false;
940 }
941
942 box = tmpl_value(node->vpt);
943
944check:
945 /*
946 * On "true", replace the entire logical operation with the value-box.
947 *
948 * On "false", omit this argument, and go to the next one.
949 */
950 *result = (fr_value_box_is_truthy(box) == sense);
951
952 if (!*result) return true;
953
954 xlat_instance_unregister_func(parent);
955
956 xlat_exp_set_type(parent, XLAT_BOX);
957 fr_value_box_copy(parent, &parent->data, box);
958
959 return true;
960}
961
962/** Undo work which shouldn't have been done. :(
963 *
964 */
965static void xlat_ungroup(xlat_exp_head_t *head)
966{
967 xlat_exp_t *group, *node;
968
969 group = xlat_exp_head(head);
970 if (!group || xlat_exp_next(head, group)) return;
971
972 if (group->type != XLAT_GROUP) return;
973
974 node = xlat_exp_head(group->group);
975 if (!node || xlat_exp_next(group->group, node)) return;
976
977 (void) fr_dlist_remove(&head->dlist, group);
978 (void) fr_dlist_remove(&group->group->dlist, node);
979 (void) talloc_steal(head, node);
980
981 talloc_free(group);
982
983 fr_dlist_insert_tail(&head->dlist, node);
984 head->flags = node->flags;
985}
986
987/** If any argument resolves to inst->stop_on_match, the entire thing is a bool of inst->stop_on_match.
988 *
989 * If any argument resolves to !inst->stop_on_match, it is removed.
990 */
991static int xlat_expr_logical_purify(xlat_exp_t *node, void *instance, request_t *request)
992{
993 int i, j;
994 int deleted = 0;
995 bool result;
996 xlat_logical_inst_t *inst = talloc_get_type_abort(instance, xlat_logical_inst_t);
997 xlat_exp_head_t *group;
998
999 fr_assert(node->type == XLAT_FUNC);
1000
1001 /*
1002 * Don't check the last argument. If everything else gets deleted,
1003 * then we just return the last argument.
1004 */
1005 for (i = 0; i < inst->argc; i++) {
1006 /*
1007 * The argument is pure, so we purify it before
1008 * doing any other checks.
1009 */
1010 if (inst->argv[i]->flags.can_purify) {
1011 if (xlat_purify_list(inst->argv[i], request) < 0) return -1;
1012
1013 /*
1014 * xlat_purify_list expects that its outputs will be arguments to functions, so
1015 * they're grouped. We con't need that, so we ungroup them here.
1016 */
1017 xlat_ungroup(inst->argv[i]);
1018 }
1019
1020 /*
1021 * This returns "false" for "ignore".
1022 *
1023 * result is "false" for "delete this argument"
1024 * result is "true" for "return this argument".
1025 */
1026 if (!xlat_node_matches_bool(&result, node, inst->argv[i], inst->stop_on_match)) continue;
1027
1028 /*
1029 * 0 && EXPR --> 0.
1030 * 1 || EXPR --> 1
1031 *
1032 * Parent is now an XLAT_BOX, so we're done.
1033 */
1034 if (result) return 0;
1035
1036 /*
1037 * We're at the last argument. If we've deleted everything else, then just leave the
1038 * last argument alone. Otherwise some arguments remain, so we can delete the last one.
1039 */
1040 if (((i + 1) == inst->argc) && (deleted == i)) break;
1041
1042 TALLOC_FREE(inst->argv[i]);
1043 deleted++;
1044 }
1045
1046 if (!deleted) return 0;
1047
1048 /*
1049 * Pack the array. We insert at i, and read from j. We don't need to read the deleted entries,
1050 * as they all MUST be NULL.
1051 */
1052 i = 0;
1053 j = -1;
1054 while (i < (inst->argc - deleted)) {
1055 if (inst->argv[i]) {
1056 i++;
1057 continue;
1058 }
1059
1060 /*
1061 * Start searching from the next entry, OR start searching from where we left off before.
1062 */
1063 if (j < 0) j = i + 1;
1064
1065 /*
1066 * Find the first non-NULL entry, and insert it in argv[i]. We search here until the end
1067 * of the array, because we may have deleted entries from the start of the array.
1068 */
1069 while (j < inst->argc) {
1070 if (inst->argv[j]) break;
1071 j++;
1072 }
1073
1074 /*
1075 * Move the entry down, and clear out the tail end of the array.
1076 */
1077 inst->argv[i++] = inst->argv[j];
1078 inst->argv[j++] = NULL;
1079 }
1080
1081 inst->argc -= deleted;
1082
1083 if (inst->argc > 1) return 0;
1084
1085 /*
1086 * Only one argument left. We can hoist the child into ourselves, and omit the logical operation.
1087 */
1088 group = inst->argv[0];
1089 fr_assert(group != NULL);
1090 talloc_steal(node, group);
1091
1092 xlat_instance_unregister_func(node);
1093 xlat_exp_set_type(node, XLAT_GROUP);
1094
1095 /* re-print, with purified nodes removed */
1096 {
1097 char *name;
1098
1099 MEM(xlat_aprint(node, &name, group, NULL) >= 0);
1100 xlat_exp_set_name_shallow(node, name);
1101 }
1102
1103 talloc_free(node->group);
1104 node->group = group;
1105 node->flags = group->flags;
1106
1107 return 0;
1108}
1109
1110/** Process one argument of a logical operation.
1111 *
1112 * If we see a list in a truthy context, then we DON'T expand the list. Instead, we return a bool which
1113 * indicates if the list was empty (or not). This prevents us from returning a whole mess of value-boxes
1114 * when the user just wanted to see if the list existed.
1115 *
1116 * Otherwise, we expand the xlat, and continue.
1117 */
1118static xlat_action_t xlat_logical_process_arg(UNUSED TALLOC_CTX *ctx, UNUSED fr_dcursor_t *out,
1119 xlat_ctx_t const *xctx,
1120 request_t *request, UNUSED fr_value_box_list_t *in)
1121{
1122 xlat_logical_inst_t const *inst = talloc_get_type_abort_const(xctx->inst, xlat_logical_inst_t);
1123 xlat_logical_rctx_t *rctx = talloc_get_type_abort(xctx->rctx, xlat_logical_rctx_t);
1124
1125 /*
1126 * Push the xlat onto the stack for expansion.
1127 */
1128 if (unlang_xlat_yield(request, inst->callback, NULL, 0, rctx) != XLAT_ACTION_YIELD) {
1129 fail:
1130 talloc_free(rctx->box);
1131 talloc_free(rctx);
1132 return XLAT_ACTION_FAIL;
1133 }
1134
1135 if (unlang_xlat_push(rctx, &rctx->last_success, &rctx->list,
1136 request, inst->argv[rctx->current], UNLANG_SUB_FRAME) < 0) goto fail;
1137
1138 return XLAT_ACTION_PUSH_UNLANG;
1139}
1140
1141/** See if the input is truthy or not.
1142 *
1143 * @param[in] rctx our ctx
1144 * @param[in] in list of value-boxes to check
1145 * @return
1146 * - false if there are no truthy values. The last box is copied to the rctx.
1147 * This is to allow us to return default values which may not be truthy,
1148 * e.g. %{&Counter || 0} or %{&Framed-IP-Address || 0.0.0.0}.
1149 * If we don't copy the last box to the rctx, the expression just returns NULL
1150 * which is never useful...
1151 * - true if we find a truthy value. The first truthy box is copied to the rctx.
1152 *
1153 * Empty lists are not truthy.
1154 */
1155static bool xlat_logical_or(xlat_logical_rctx_t *rctx, fr_value_box_list_t const *in)
1156{
1157 fr_value_box_t *last = NULL;
1158 bool ret = false;
1159
1160 /*
1161 * Empty lists are !truthy.
1162 */
1163 if (!fr_value_box_list_num_elements(in)) return false;
1164
1165 /*
1166 * Loop over the input list. We CANNOT do groups.
1167 */
1168 fr_value_box_list_foreach(in, box) {
1169 fr_assert(fr_type_is_leaf(box->type) || fr_type_is_null(box->type));
1170
1171 last = box;
1172
1173 /*
1174 * Remember the last box we found.
1175 *
1176 * If it's truthy, then we stop immediately.
1177 */
1178 if (fr_value_box_is_truthy(box)) {
1179 ret = true;
1180 break;
1181 }
1182 }
1183
1184 if (!rctx->box) {
1185 MEM(rctx->box = fr_value_box_alloc_null(rctx->ctx));
1186 } else {
1187 fr_value_box_clear(rctx->box);
1188 }
1189 if (last) fr_value_box_copy(rctx->box, rctx->box, last);
1190
1191 return ret;
1192}
1193
1194/*
1195 * We've evaluated an expression. Let's see if we need to continue with ||
1196 */
1197static xlat_action_t xlat_logical_or_resume(TALLOC_CTX *ctx, fr_dcursor_t *out,
1198 xlat_ctx_t const *xctx,
1199 request_t *request, fr_value_box_list_t *in)
1200{
1201 xlat_logical_inst_t const *inst = talloc_get_type_abort_const(xctx->inst, xlat_logical_inst_t);
1202 xlat_logical_rctx_t *rctx = talloc_get_type_abort(xctx->rctx, xlat_logical_rctx_t);
1203 bool match;
1204
1205 /*
1206 * If one of the expansions fails, then we fail the
1207 * entire thing.
1208 */
1209 if (!rctx->last_success) {
1210 talloc_free(rctx->box);
1211 talloc_free(rctx);
1212 return XLAT_ACTION_FAIL;
1213 }
1214
1215 /*
1216 * Recursively check groups. i.e. we effectively flatten each list.
1217 *
1218 * (a, b, c) || (d, e, f) == a || b || c || d || e || f
1219 */
1220 match = xlat_logical_or(rctx, &rctx->list);
1221 if (match) goto done;
1222
1223 fr_value_box_list_talloc_free(&rctx->list);
1224
1225 rctx->current++;
1226
1227 /*
1228 * Nothing to expand, return the final value we saw.
1229 */
1230 if (rctx->current >= inst->argc) {
1231 done:
1232 /*
1233 * Otherwise we stop on failure, with the boolean
1234 * we just updated.
1235 */
1236 if (rctx->box) fr_dcursor_append(out, rctx->box);
1237
1238 talloc_free(rctx);
1239 return XLAT_ACTION_DONE;
1240 }
1241
1242 return xlat_logical_process_arg(ctx, out, xctx, request, in);
1243}
1244
1245/** See if the input is truthy or not.
1246 *
1247 * @param[in] rctx our ctx
1248 * @param[in] in list of value-boxes to check
1249 * @return
1250 * - false on failure
1251 * - true for match, with dst updated to contain the relevant box.
1252 *
1253 * Empty lists are not truthy.
1254 */
1255static bool xlat_logical_and(xlat_logical_rctx_t *rctx, fr_value_box_list_t const *in)
1256{
1257 fr_value_box_t *found = NULL;
1258
1259 /*
1260 * Empty lists are !truthy.
1261 */
1262 if (!fr_value_box_list_num_elements(in)) return false;
1263
1264 /*
1265 * Loop over the input list. We CANNOT do groups.
1266 */
1267 fr_value_box_list_foreach(in, box) {
1268 fr_assert(fr_type_is_leaf(box->type));
1269
1270 /*
1271 * Remember the last box we found.
1272 *
1273 * If it's truthy, then we keep going either
1274 * until the end, or until we get a "false".
1275 */
1276 if (fr_value_box_is_truthy(box)) {
1277 found = box;
1278 continue;
1279 }
1280
1281 /*
1282 * Stop on the first "false"
1283 */
1284 return false;
1285 }
1286
1287 if (!found) return false;
1288
1289 if (!rctx->box) {
1290 MEM(rctx->box = fr_value_box_alloc_null(rctx));
1291 } else {
1292 fr_value_box_clear(rctx->box);
1293 }
1294 fr_value_box_copy(rctx->box, rctx->box, found);
1295
1296 return true;
1297}
1298
1299/*
1300 * We've evaluated an expression. Let's see if we need to continue with &&
1301 */
1302static xlat_action_t xlat_logical_and_resume(TALLOC_CTX *ctx, fr_dcursor_t *out,
1303 xlat_ctx_t const *xctx,
1304 request_t *request, fr_value_box_list_t *in)
1305{
1306 xlat_logical_inst_t const *inst = talloc_get_type_abort_const(xctx->inst, xlat_logical_inst_t);
1307 xlat_logical_rctx_t *rctx = talloc_get_type_abort(xctx->rctx, xlat_logical_rctx_t);
1308 bool match;
1309
1310 /*
1311 * If one of the expansions fails, then we fail the
1312 * entire thing.
1313 */
1314 if (!rctx->last_success) {
1315 talloc_free(rctx->box);
1316 talloc_free(rctx);
1317 return XLAT_ACTION_FAIL;
1318 }
1319
1320 /*
1321 * Recursively check groups. i.e. we effectively flatten each list.
1322 *
1323 * (a, b, c) && (d, e, f) == a && b && c && d && e && f
1324 */
1325 match = xlat_logical_and(rctx, &rctx->list);
1326 if (!match) return XLAT_ACTION_DONE;
1327
1328 fr_value_box_list_talloc_free(&rctx->list);
1329
1330 rctx->current++;
1331
1332 /*
1333 * Nothing to expand, return the final value we saw.
1334 */
1335 if (rctx->current >= inst->argc) {
1336 /*
1337 * Otherwise we stop on failure, with the boolean
1338 * we just updated.
1339 */
1340 fr_assert(rctx->box != NULL);
1341 fr_dcursor_append(out, rctx->box);
1342
1343 talloc_free(rctx);
1344 return XLAT_ACTION_DONE;
1345 }
1346
1347 return xlat_logical_process_arg(ctx, out, xctx, request, in);
1348}
1349
1350/*
1351 * Each argument is it's own head, because we do NOT always want
1352 * to go to the next argument.
1353 */
1354static int xlat_instantiate_logical(xlat_inst_ctx_t const *xctx)
1355{
1356 xlat_logical_inst_t *inst = talloc_get_type_abort(xctx->inst, xlat_logical_inst_t);
1357
1358 inst->argc = xlat_flatten_to_argv(inst, &inst->argv, xctx->ex->call.args);
1359 if (xctx->ex->call.func->token == T_LOR) {
1360 inst->callback = xlat_logical_or_resume;
1361 inst->stop_on_match = true;
1362 } else {
1363 inst->callback = xlat_logical_and_resume;
1364 inst->stop_on_match = false;
1365 }
1366
1367 return 0;
1368}
1369
1370
1371/** Process logical &&, ||
1372 *
1373 */
1374static xlat_action_t xlat_func_logical(TALLOC_CTX *ctx, fr_dcursor_t *out,
1375 xlat_ctx_t const *xctx,
1376 request_t *request, fr_value_box_list_t *in)
1377{
1378 xlat_logical_rctx_t *rctx;
1379 xlat_logical_inst_t const *inst = talloc_get_type_abort_const(xctx->inst, xlat_logical_inst_t);
1380
1381 MEM(rctx = talloc_zero(unlang_interpret_frame_talloc_ctx(request), xlat_logical_rctx_t));
1382 rctx->ctx = ctx;
1383 rctx->current = 0;
1384
1385 if (inst->stop_on_match) {
1386 rctx->box = NULL;
1387 } else {
1388 MEM(rctx->box = fr_value_box_alloc(ctx, FR_TYPE_BOOL, attr_expr_bool_enum));
1389 rctx->box->vb_bool = true;
1390 }
1391 fr_value_box_list_init(&rctx->list);
1392
1393 (UNCONST(xlat_ctx_t *, xctx))->rctx = rctx; /* ensure it's there before a resume! */
1394
1395 return xlat_logical_process_arg(ctx, out, xctx, request, in);
1396}
1397
1398
1399static xlat_arg_parser_t const unary_op_xlat_args[] = {
1400 { .required = true, .single = true, .concat = true },
1401 XLAT_ARG_PARSER_TERMINATOR
1402};
1403
1404static xlat_action_t xlat_func_unary_op(TALLOC_CTX *ctx, fr_dcursor_t *out,
1405 UNUSED xlat_ctx_t const *xctx,
1406 request_t *request, fr_value_box_list_t *in, fr_token_t op)
1407{
1408 int rcode;
1409 fr_value_box_t *dst, *group, *vb;
1410
1411 /*
1412 * We do some basic type checks here.
1413 */
1414 group = fr_value_box_list_head(in);
1415 vb = fr_value_box_list_head(&group->vb_group);
1416
1417 /*
1418 * -NULL is an error
1419 * ~NULL is an error
1420 * !NULL is handled by xlat_func_unary_not
1421 */
1422 if (!vb) {
1423 fr_strerror_printf("Input is empty");
1424 return XLAT_ACTION_FAIL;
1425 }
1426
1427 if (!fr_type_is_leaf(vb->type) || fr_type_is_variable_size(vb->type)) {
1428 REDEBUG("Cannot perform operation on data type %s", fr_type_to_str(vb->type));
1429 return XLAT_ACTION_FAIL;
1430 }
1431
1432 MEM(dst = fr_value_box_alloc_null(ctx));
1433
1434 /*
1435 * We rely on this function to do the remainder of the type checking.
1436 */
1437 rcode = fr_value_calc_unary_op(dst, dst, op, vb);
1438 if ((rcode < 0) || fr_type_is_null(dst->type)) {
1439 talloc_free(dst);
1440 return XLAT_ACTION_FAIL;
1441 }
1442
1443 fr_dcursor_append(out, dst);
1444 return XLAT_ACTION_DONE;
1445}
1446
1447
1448static xlat_action_t xlat_func_unary_not(TALLOC_CTX *ctx, fr_dcursor_t *out,
1449 UNUSED xlat_ctx_t const *xctx,
1450 UNUSED request_t *request, fr_value_box_list_t *in)
1451{
1452 fr_value_box_t *dst, *group, *vb;
1453
1454 group = fr_value_box_list_head(in);
1455 vb = fr_value_box_list_head(&group->vb_group);
1456
1457 /*
1458 * Don't call calc_unary_op(), because we want the enum names.
1459 */
1460 MEM(dst = fr_value_box_alloc(ctx, FR_TYPE_BOOL, attr_expr_bool_enum));
1461
1462 /*
1463 * !NULL = true
1464 */
1465 if (!vb) {
1466 dst->vb_bool = true;
1467 } else {
1468 dst->vb_bool = !fr_value_box_is_truthy(vb);
1469 }
1470
1471 fr_dcursor_append(out, dst);
1472 return XLAT_ACTION_DONE;
1473}
1474
1475static xlat_action_t xlat_func_unary_minus(TALLOC_CTX *ctx, fr_dcursor_t *out,
1476 xlat_ctx_t const *xctx,
1477 request_t *request, fr_value_box_list_t *in)
1478{
1479 return xlat_func_unary_op(ctx, out, xctx, request, in, T_SUB);
1480}
1481
1482static xlat_action_t xlat_func_unary_complement(TALLOC_CTX *ctx, fr_dcursor_t *out,
1483 xlat_ctx_t const *xctx,
1484 request_t *request, fr_value_box_list_t *in)
1485{
1486 return xlat_func_unary_op(ctx, out, xctx, request, in, T_COMPLEMENT);
1487}
1488
1489static xlat_arg_parser_t const xlat_func_expr_rcode_arg[] = {
1490 { .concat = true, .type = FR_TYPE_STRING },
1491 XLAT_ARG_PARSER_TERMINATOR
1492};
1493
1494/** Holds the result of pre-parsing the rcode on startup
1495 */
1496typedef struct {
1497 rlm_rcode_t rcode; //!< The preparsed rcode.
1498} xlat_rcode_inst_t;
1499
1500/** Convert static expr_rcode arguments into rcodes
1501 *
1502 * This saves doing the lookup at runtime, which given how frequently this xlat is used
1503 * could get quite expensive.
1504 */
1505static int xlat_instantiate_expr_rcode(xlat_inst_ctx_t const *xctx)
1506{
1507 xlat_rcode_inst_t *inst = talloc_get_type_abort(xctx->inst, xlat_rcode_inst_t);
1508 xlat_exp_t *arg;
1509 xlat_exp_t *rcode_arg;
1510 fr_value_box_t *rcode;
1511
1512 /*
1513 * If it's literal data, then we can pre-resolve it to
1514 * a rcode now, and skip that at runtime.
1515 */
1516 arg = xlat_exp_head(xctx->ex->call.args);
1517 fr_assert(arg->type == XLAT_GROUP);
1518
1519 /*
1520 * We can only pre-parse if this if the value is
1521 * in a single box...
1522 */
1523 if (fr_dlist_num_elements(&arg->group->dlist) != 1) return 0;
1524 rcode_arg = xlat_exp_head(arg->group);
1525
1526 /*
1527 * We can only pre-parse is this is a static value.
1528 */
1529 if (rcode_arg->type != XLAT_BOX) return 0;
1530
1531 rcode = &rcode_arg->data;
1532
1533 switch (rcode->type) {
1534 case FR_TYPE_STRING:
1535 inst->rcode = fr_table_value_by_str(rcode_table, rcode->vb_strvalue, RLM_MODULE_NOT_SET);
1536 if (inst->rcode == RLM_MODULE_NOT_SET) {
1537 unknown:
1538 ERROR("Unknown rcode '%pV'", rcode);
1539 return -1;
1540 }
1541 break;
1542
1543 case FR_TYPE_INT8:
1544 case FR_TYPE_INT16:
1545 case FR_TYPE_INT32:
1546 case FR_TYPE_INT64:
1547 case FR_TYPE_UINT16:
1548 case FR_TYPE_UINT32:
1549 case FR_TYPE_UINT64:
1550 case FR_TYPE_SIZE:
1551 if (fr_value_box_cast_in_place(rcode_arg, rcode, FR_TYPE_UINT8, NULL) < 0) {
1552 invalid:
1553 ERROR("Invalid value for rcode '%pV'", rcode);
1554 return -1;
1555 }
1556 FALL_THROUGH;
1557
1558 case FR_TYPE_UINT8:
1559 if (rcode->vb_uint8 >= RLM_MODULE_NUMCODES) goto invalid;
1560 inst->rcode = rcode->vb_uint8;
1561 break;
1562
1563 default:
1564 goto unknown;
1565 }
1566
1567 /*
1568 * No point in creating useless boxes at runtime,
1569 * nuke the argument now.
1570 */
1571 (void) fr_dlist_remove(&xctx->ex->call.args->dlist, arg);
1572 talloc_free(arg);
1573
1574 return 0;
1575}
1576
1577static fr_slen_t xlat_expr_print_rcode(fr_sbuff_t *out, xlat_exp_t const *node, void *instance, UNUSED fr_sbuff_escape_rules_t const *e_rules)
1578{
1579 size_t at_in = fr_sbuff_used_total(out);
1580 xlat_rcode_inst_t *inst = instance;
1581
1582 FR_SBUFF_IN_STRCPY_LITERAL_RETURN(out, "%expr.rcode('");
1583 if (xlat_exp_head(node->call.args)) {
1584 ssize_t slen;
1585
1586 xlat_exp_foreach(node->call.args, child) {
1587 slen = xlat_print_node(out, node->call.args, child, NULL, 0);
1588 if (slen < 0) return slen;
1589 }
1590 } else {
1591 FR_SBUFF_IN_STRCPY_RETURN(out, fr_table_str_by_value(rcode_table, inst->rcode, "<INVALID>"));
1592 }
1593 FR_SBUFF_IN_STRCPY_LITERAL_RETURN(out, "')");
1594
1595 return fr_sbuff_used_total(out) - at_in;
1596}
1597
1598/** Match the passed rcode against request->rcode
1599 *
1600 * Example:
1601@verbatim
1602%expr.rcode('handled') == true
1603
1604# ...or how it's used normally used
1605if (handled) {
1606 ...
1607}
1608@endverbatim
1609 *
1610 * @ingroup xlat_functions
1611 */
1612static xlat_action_t xlat_func_expr_rcode(TALLOC_CTX *ctx, fr_dcursor_t *out,
1613 xlat_ctx_t const *xctx,
1614 request_t *request, fr_value_box_list_t *args)
1615{
1616 xlat_rcode_inst_t const *inst = talloc_get_type_abort_const(xctx->inst, xlat_rcode_inst_t);
1617 fr_value_box_t *arg_rcode;
1618 rlm_rcode_t rcode;
1619 fr_value_box_t *vb;
1620
1621 /*
1622 * If we have zero args, it's because the instantiation
1623 * function consumed them. om nom nom.
1624 */
1625 if (fr_value_box_list_num_elements(args) == 0) {
1626 fr_assert(inst->rcode != RLM_MODULE_NOT_SET);
1627 rcode = inst->rcode;
1628 } else {
1629 XLAT_ARGS(args, &arg_rcode);
1630 rcode = fr_table_value_by_str(rcode_table, arg_rcode->vb_strvalue, RLM_MODULE_NOT_SET);
1631 if (rcode == RLM_MODULE_NOT_SET) {
1632 REDEBUG("Invalid rcode '%pV'", arg_rcode);
1633 return XLAT_ACTION_FAIL;
1634 }
1635 }
1636
1637 RDEBUG3("Request rcode is '%s'",
1638 fr_table_str_by_value(rcode_table, request->rcode, "<INVALID>"));
1639
1640 MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_BOOL, attr_expr_bool_enum));
1641 fr_dcursor_append(out, vb);
1642 vb->vb_bool = (request->rcode == rcode);
1643
1644 return XLAT_ACTION_DONE;
1645}
1646
1647/** Takes no arguments
1648 */
1649static xlat_arg_parser_t const xlat_func_rcode_arg[] = {
1650 XLAT_ARG_PARSER_TERMINATOR, /* Coverity gets tripped up by only having a single entry here */
1651 XLAT_ARG_PARSER_TERMINATOR
1652};
1653
1654/** Return the current rcode as a string
1655 *
1656 * Example:
1657@verbatim
1658"%rcode()" == "handled"
1659@endverbatim
1660 *
1661 * @ingroup xlat_functions
1662 */
1663static xlat_action_t xlat_func_rcode(TALLOC_CTX *ctx, fr_dcursor_t *out,
1664 UNUSED xlat_ctx_t const *xctx,
1665 request_t *request, UNUSED fr_value_box_list_t *args)
1666{
1667 fr_value_box_t *vb;
1668
1669 /*
1670 * FIXME - This should really be an enum
1671 */
1672 MEM(vb = fr_value_box_alloc(ctx, FR_TYPE_STRING, NULL));
1673 if (fr_value_box_strdup(vb, vb, NULL, fr_table_str_by_value(rcode_table, request->rcode, "<INVALID>"), false) < 0) {
1674 talloc_free(vb);
1675 return XLAT_ACTION_FAIL;
1676 }
1677 fr_dcursor_append(out, vb);
1678
1679 return XLAT_ACTION_DONE;
1680}
1681
1682typedef struct {
1683 tmpl_t const *vpt; //!< the attribute reference
1684} xlat_exists_inst_t;
1685
1686typedef struct {
1687 bool last_success;
1688 fr_value_box_list_t list;
1689} xlat_exists_rctx_t;
1690
1695
1696/*
1697 * We just print the node as-is.
1698 */
1699static fr_slen_t xlat_expr_print_exists(fr_sbuff_t *out, xlat_exp_t const *node, void *instance, fr_sbuff_escape_rules_t const *e_rules)
1700{
1701 size_t at_in = fr_sbuff_used_total(out);
1702 xlat_exists_inst_t *inst = instance;
1703
1704 if (inst->vpt) {
1705 FR_SBUFF_IN_STRCPY_RETURN(out, inst->vpt->name);
1706 } else {
1707 xlat_print_node(out, node->call.args, xlat_exp_head(node->call.args), e_rules, 0);
1708 }
1709
1710 return fr_sbuff_used_total(out) - at_in;
1711}
1712
1713/*
1714 * Don't expand the argument if it's already an attribute reference.
1715 */
1716static int xlat_instantiate_exists(xlat_inst_ctx_t const *xctx)
1717{
1718 xlat_exists_inst_t *inst = talloc_get_type_abort(xctx->inst, xlat_exists_inst_t);
1719 xlat_exp_t *arg, *node;
1720
1721 arg = xlat_exp_head(xctx->ex->call.args);
1722
1723 fr_assert(arg->type == XLAT_GROUP);
1724 node = xlat_exp_head(arg->group);
1725
1726 /*
1727 * @todo - add an escape callback to this xlat
1728 * registration, so that it can take untrusted inputs.
1729 */
1730 if ((node->type != XLAT_TMPL) || !tmpl_contains_attr(node->vpt)) {
1731 fr_strerror_const("The %exists() function can only be used internally");
1732 return -1;
1733 }
1734
1735 inst->vpt = talloc_steal(inst, node->vpt);
1736
1737 /*
1738 * Free the input arguments so that they don't get expanded.
1739 */
1740 while ((arg = fr_dlist_pop_head(&xctx->ex->call.args->dlist)) != NULL) {
1741 talloc_free(arg);
1742 }
1743
1744 return 0;
1745}
1746
1747static xlat_action_t xlat_attr_exists(TALLOC_CTX *ctx, fr_dcursor_t *out,
1748 request_t *request, tmpl_t const *vpt, bool do_free)
1749{
1750 fr_pair_t *vp;
1751 fr_value_box_t *dst;
1752 fr_dcursor_t cursor;
1753 tmpl_dcursor_ctx_t cc;
1754
1755 MEM(dst = fr_value_box_alloc(ctx, FR_TYPE_BOOL, attr_expr_bool_enum));
1756
1757 vp = tmpl_dcursor_init(NULL, NULL, &cc, &cursor, request, vpt);
1758 dst->vb_bool = (vp != NULL);
1759
1760 if (do_free) talloc_const_free(vpt);
1761 tmpl_dcursor_clear(&cc);
1762 fr_dcursor_append(out, dst);
1763 return XLAT_ACTION_DONE;
1764}
1765
1766/** See if a named attribute exists
1767 *
1768 * Example:
1769@verbatim
1770"%{exists:&Foo}" == true
1771@endverbatim
1772 *
1773 * @ingroup xlat_functions
1774 */
1775static xlat_action_t xlat_func_exists(TALLOC_CTX *ctx, fr_dcursor_t *out,
1776 xlat_ctx_t const *xctx,
1777 request_t *request, UNUSED fr_value_box_list_t *in)
1778{
1779 xlat_exists_inst_t const *inst = talloc_get_type_abort_const(xctx->inst, xlat_exists_inst_t);
1780
1781 /*
1782 * We return "true" if the attribute exists. Otherwise we return "false".
1783 */
1784 fr_assert(inst->vpt);
1785
1786 return xlat_attr_exists(ctx, out, request, inst->vpt, false);
1787}
1788
1789#undef XLAT_REGISTER_BINARY_OP
1790#define XLAT_REGISTER_BINARY_OP(_op, _name) \
1791do { \
1792 if (unlikely((xlat = xlat_func_register(NULL, "op_" STRINGIFY(_name), xlat_func_op_ ## _name, FR_TYPE_VOID)) == NULL)) return -1; \
1793 xlat_func_args_set(xlat, binary_op_xlat_args); \
1794 xlat_func_flags_set(xlat, XLAT_FUNC_FLAG_PURE | XLAT_FUNC_FLAG_INTERNAL); \
1795 xlat_func_print_set(xlat, xlat_expr_print_binary); \
1796 xlat->token = _op; \
1797} while (0)
1798
1799#undef XLAT_REGISTER_BINARY_CMP
1800#define XLAT_REGISTER_BINARY_CMP(_op, _name) \
1801do { \
1802 if (unlikely((xlat = xlat_func_register(NULL, "cmp_" STRINGIFY(_name), xlat_func_cmp_ ## _name, FR_TYPE_BOOL)) == NULL)) return -1; \
1803 xlat_func_args_set(xlat, binary_cmp_xlat_args); \
1804 xlat_func_flags_set(xlat, XLAT_FUNC_FLAG_PURE | XLAT_FUNC_FLAG_INTERNAL); \
1805 xlat_func_print_set(xlat, xlat_expr_print_binary); \
1806 xlat_func_resolve_set(xlat, xlat_expr_resolve_binary); \
1807 xlat->token = _op; \
1808} while (0)
1809
1810#undef XLAT_REGISTER_NARY_OP
1811#define XLAT_REGISTER_NARY_OP(_op, _name, _func_name) \
1812do { \
1813 if (unlikely((xlat = xlat_func_register(NULL, STRINGIFY(_name), xlat_func_ ## _func_name, FR_TYPE_VOID)) == NULL)) return -1; \
1814 xlat_func_instantiate_set(xlat, xlat_instantiate_ ## _func_name, xlat_ ## _func_name ## _inst_t, NULL, NULL); \
1815 xlat_func_flags_set(xlat, XLAT_FUNC_FLAG_PURE | XLAT_FUNC_FLAG_INTERNAL); \
1816 xlat_func_print_set(xlat, xlat_expr_print_nary); \
1817 xlat_purify_func_set(xlat, xlat_expr_logical_purify); \
1818 xlat->token = _op; \
1819} while (0)
1820
1821#undef XLAT_REGISTER_REGEX_OP
1822#define XLAT_REGISTER_REGEX_OP(_op, _name) \
1823do { \
1824 if (unlikely((xlat = xlat_func_register(NULL, STRINGIFY(_name), xlat_func_ ## _name, FR_TYPE_BOOL)) == NULL)) return -1; \
1825 xlat_func_args_set(xlat, regex_op_xlat_args); \
1826 xlat_func_flags_set(xlat, XLAT_FUNC_FLAG_PURE | XLAT_FUNC_FLAG_INTERNAL); \
1827 xlat_func_instantiate_set(xlat, xlat_instantiate_regex, xlat_regex_inst_t, NULL, NULL); \
1828 xlat_func_print_set(xlat, xlat_expr_print_regex); \
1829 xlat->token = _op; \
1830} while (0)
1831
1832#define XLAT_REGISTER_BOOL(_xlat, _func, _arg, _ret_type) \
1833do { \
1834 if (unlikely((xlat = xlat_func_register(NULL, _xlat, _func, _ret_type)) == NULL)) return -1; \
1835 xlat_func_args_set(xlat, _arg); \
1836 xlat_func_flags_set(xlat, XLAT_FUNC_FLAG_INTERNAL); \
1837} while (0)
1838
1839#define XLAT_REGISTER_UNARY(_op, _xlat, _func) \
1840do { \
1841 if (unlikely((xlat = xlat_func_register(NULL, _xlat, _func, FR_TYPE_VOID)) == NULL)) return -1; \
1842 xlat_func_args_set(xlat, unary_op_xlat_args); \
1843 xlat_func_flags_set(xlat, XLAT_FUNC_FLAG_PURE | XLAT_FUNC_FLAG_INTERNAL); \
1844 xlat_func_print_set(xlat, xlat_expr_print_unary); \
1845 xlat->token = _op; \
1846} while (0)
1847
1848int xlat_register_expressions(void)
1849{
1850 xlat_t *xlat;
1851
1852 XLAT_REGISTER_BINARY_OP(T_ADD, add);
1853 XLAT_REGISTER_BINARY_OP(T_SUB, sub);
1854 XLAT_REGISTER_BINARY_OP(T_MUL, mul);
1855 XLAT_REGISTER_BINARY_OP(T_DIV, div);
1856 XLAT_REGISTER_BINARY_OP(T_MOD, mod);
1857 XLAT_REGISTER_BINARY_OP(T_AND, and);
1858 XLAT_REGISTER_BINARY_OP(T_OR, or);
1859 XLAT_REGISTER_BINARY_OP(T_XOR, xor);
1860 XLAT_REGISTER_BINARY_OP(T_RSHIFT, rshift);
1861 XLAT_REGISTER_BINARY_OP(T_LSHIFT, lshift);
1862
1863 XLAT_REGISTER_BINARY_CMP(T_OP_CMP_EQ, eq);
1864 XLAT_REGISTER_BINARY_CMP(T_OP_NE, ne);
1865 XLAT_REGISTER_BINARY_CMP(T_OP_LT, lt);
1866 XLAT_REGISTER_BINARY_CMP(T_OP_LE, le);
1867 XLAT_REGISTER_BINARY_CMP(T_OP_GT, gt);
1868 XLAT_REGISTER_BINARY_CMP(T_OP_GE, ge);
1869 XLAT_REGISTER_BINARY_CMP(T_OP_CMP_EQ_TYPE, eq_type);
1870 XLAT_REGISTER_BINARY_CMP(T_OP_CMP_NE_TYPE, ne_type);
1871
1872 XLAT_REGISTER_REGEX_OP(T_OP_REG_EQ, reg_eq);
1873 XLAT_REGISTER_REGEX_OP(T_OP_REG_NE, reg_ne);
1874
1875 if (unlikely((xlat = xlat_func_register(NULL, "regex.search", xlat_func_regex_search, FR_TYPE_BOOL)) == NULL)) return -1;
1876 xlat_func_args_set(xlat, regex_search_xlat_args);
1877 xlat_func_flags_set(xlat, XLAT_FUNC_FLAG_PURE);
1878
1879 /*
1880 * &&, ||
1881 *
1882 * @todo - remove tmpl_resolve() from tokenize_field(), and add xlat_resolve_logical_or() / xlat_resolve_logical_and()
1883 * functions which do partial resolution.
1884 */
1885 XLAT_REGISTER_NARY_OP(T_LAND, logical_and, logical);
1886 XLAT_REGISTER_NARY_OP(T_LOR, logical_or, logical);
1887
1888 XLAT_REGISTER_BOOL("expr.rcode", xlat_func_expr_rcode, xlat_func_expr_rcode_arg, FR_TYPE_BOOL);
1889 xlat_func_instantiate_set(xlat, xlat_instantiate_expr_rcode, xlat_rcode_inst_t, NULL, NULL);
1890 xlat_func_print_set(xlat, xlat_expr_print_rcode);
1891
1892 XLAT_REGISTER_BOOL("exists", xlat_func_exists, xlat_func_exists_arg, FR_TYPE_BOOL);
1893 xlat_func_instantiate_set(xlat, xlat_instantiate_exists, xlat_exists_inst_t, NULL, NULL);
1894 xlat_func_print_set(xlat, xlat_expr_print_exists);
1895 xlat_func_flags_set(xlat, XLAT_FUNC_FLAG_INTERNAL);
1896
1897 if (unlikely((xlat = xlat_func_register(NULL, "rcode", xlat_func_rcode, FR_TYPE_STRING)) == NULL)) return -1;
1898 xlat_func_args_set(xlat, xlat_func_rcode_arg);
1899 xlat_func_flags_set(xlat, XLAT_FUNC_FLAG_INTERNAL);
1900
1901 /*
1902 * -EXPR
1903 * ~EXPR
1904 * !EXPR
1905 */
1906 XLAT_REGISTER_UNARY(T_SUB, "unary_minus", xlat_func_unary_minus);
1907 XLAT_REGISTER_UNARY(T_COMPLEMENT, "unary_complement", xlat_func_unary_complement);
1908 XLAT_REGISTER_UNARY(T_NOT, "unary_not", xlat_func_unary_not);
1909
1910 return 0;
1911}
1912
1913/*
1914 * Must use the same names as above.
1915 */
1916static const fr_sbuff_term_elem_t binary_ops[T_TOKEN_LAST] = {
1917 [ T_ADD ] = L("op_add"),
1918 [ T_SUB ] = L("op_sub"),
1919 [ T_MUL ] = L("op_mul"),
1920 [ T_DIV ] = L("op_div"),
1921 [ T_MOD ] = L("op_mod"),
1922 [ T_AND ] = L("op_and"),
1923 [ T_OR ] = L("op_or"),
1924 [ T_XOR ] = L("op_xor"),
1925 [ T_RSHIFT ] = L("op_rshift"),
1926 [ T_LSHIFT ] = L("op_lshift"),
1927
1928 [ T_LAND ] = L("logical_and"),
1929 [ T_LOR ] = L("logical_or"),
1930
1931 [ T_OP_CMP_EQ ] = L("cmp_eq"),
1932 [ T_OP_NE ] = L("cmp_ne"),
1933 [ T_OP_LT ] = L("cmp_lt"),
1934 [ T_OP_LE ] = L("cmp_le"),
1935 [ T_OP_GT ] = L("cmp_gt"),
1936 [ T_OP_GE ] = L("cmp_ge"),
1937
1938 [ T_OP_CMP_EQ_TYPE ] = L("cmp_eq_type"),
1939 [ T_OP_CMP_NE_TYPE ] = L("cmp_ne_type"),
1940
1941 [ T_OP_REG_EQ ] = L("reg_eq"),
1942 [ T_OP_REG_NE ] = L("reg_ne"),
1943};
1944
1945/*
1946 * Which are logical operations
1947 */
1948static const bool logical_ops[T_TOKEN_LAST] = {
1949 [T_LAND] = true,
1950 [T_LOR] = true,
1951};
1952
1953/*
1954 * These operators can take multiple arguments.
1955 *
1956 * @todo - include T_ADD, T_SUB, T_MUL, T_AND, T_OR, T_XOR, here too.
1957 *
1958 * This array should contain a function pointer to the code which either appends the results, or does
1959 * peephole optimizations to merge the arguments together. This merging will reduce run-time effort.
1960 */
1961static const bool multivalue_ops[T_TOKEN_LAST] = {
1962 [T_LAND] = true,
1963 [T_LOR] = true,
1964};
1965
1966/*
1967 * Allow for BEDMAS ordering. Gross ordering is first number,
1968 * fine ordering is second number. Unused operators are assigned as zero.
1969 *
1970 * Larger numbers are higher precedence.
1971 */
1972#define P(_x, _y) (((_x) << 4) | (_y))
1973
1974static const int precedence[T_TOKEN_LAST] = {
1975 [T_INVALID] = 0,
1976
1977 /*
1978 * Assignment operators go here as P(1,n)
1979 *
1980 * += -= *= /= %= <<= >>= &= ^= |=
1981 *
1982 * We want the output of the assignment operators to be the result of the assignment. This means
1983 * that the assignments can really only be done for simple attributes, and not tmpls with filters
1984 * which select multiple attributes.
1985 *
1986 * Which (for now) means that we likely want to disallow assignments in expressions. That's
1987 * fine, as this isn't C, and we're not sure that it makes sense to do something like:
1988 *
1989 * if ((&foo += 5) > 60) ...
1990 *
1991 * Or maybe it does. Who knows?
1992 */
1993
1994 [T_LOR] = P(2,0),
1995 [T_LAND] = P(2,1),
1996
1997 [T_OR] = P(3,0),
1998 [T_XOR] = P(3,1),
1999 [T_AND] = P(3,2),
2000
2001 [T_OP_REG_EQ] = P(4,0),
2002 [T_OP_REG_NE] = P(4,0),
2003
2004 [T_OP_CMP_EQ] = P(4,1),
2005 [T_OP_NE] = P(4,1),
2006
2007 [T_OP_CMP_EQ_TYPE] = P(4,1),
2008 [T_OP_CMP_NE_TYPE] = P(4,1),
2009
2010 [T_OP_LT] = P(5,0),
2011 [T_OP_LE] = P(5,0),
2012 [T_OP_GT] = P(5,0),
2013 [T_OP_GE] = P(5,0),
2014
2015 [T_RSHIFT] = P(6,0),
2016 [T_LSHIFT] = P(6,0),
2017
2018 [T_SUB] = P(7,0),
2019 [T_ADD] = P(7,1),
2020
2021 [T_MOD] = P(8,0),
2022 [T_MUL] = P(8,1),
2023 [T_DIV] = P(8,2),
2024
2025 [T_LBRACE] = P(10,0),
2026};
2027
2028#define fr_sbuff_skip_whitespace(_x) \
2029 do { \
2030 while (isspace((uint8_t) fr_sbuff_char(_x, '\0'))) fr_sbuff_advance(_x, 1); \
2031 } while (0)
2032
2033static ssize_t tokenize_expression(xlat_exp_head_t *head, xlat_exp_t **out, fr_sbuff_t *in,
2034 fr_sbuff_parse_rules_t const *p_rules, tmpl_rules_t const *t_rules,
2035 fr_token_t prev, fr_sbuff_parse_rules_t const *bracket_rules,
2036 fr_sbuff_parse_rules_t const *input_rules, bool cond) CC_HINT(nonnull(1,2,3,4,5));
2037
2038static ssize_t tokenize_field(xlat_exp_head_t *head, xlat_exp_t **out, fr_sbuff_t *in,
2039 fr_sbuff_parse_rules_t const *p_rules, tmpl_rules_t const *t_rules,
2040 fr_sbuff_parse_rules_t const *bracket_rules, char *out_c, bool cond) CC_HINT(nonnull(1,2,3,4,5));
2041
2042static fr_slen_t tokenize_unary(xlat_exp_head_t *head, xlat_exp_t **out, fr_sbuff_t *in,
2043 fr_sbuff_parse_rules_t const *p_rules, tmpl_rules_t const *t_rules,
2044 fr_sbuff_parse_rules_t const *bracket_rules, char *out_c, bool cond) CC_HINT(nonnull(1,2,3,4,5));
2045
2046static fr_table_num_sorted_t const expr_quote_table[] = {
2047 { L("\""), T_DOUBLE_QUOTED_STRING }, /* Don't re-order, backslash throws off ordering */
2048 { L("'"), T_SINGLE_QUOTED_STRING },
2049 { L("/"), T_SOLIDUS_QUOTED_STRING },
2050 { L("`"), T_BACK_QUOTED_STRING }
2051};
2052static size_t expr_quote_table_len = NUM_ELEMENTS(expr_quote_table);
2053
2054
2055/*
2056 * Look for prefix operators
2057 *
2058 * + = ignore
2059 * - = unary_minus(next)
2060 * ! = unary_not(next)
2061 * ~ = unary_xor(0, next)
2062 * (expr) = recurse, and parse expr
2063 *
2064 * as a special case, <type> is a cast. Which lets us know how
2065 * to parse the next thing we get. Otherwise, parse the thing as
2066 * int64_t.
2067 */
2068static fr_slen_t tokenize_unary(xlat_exp_head_t *head, xlat_exp_t **out, fr_sbuff_t *in,
2069 fr_sbuff_parse_rules_t const *p_rules, tmpl_rules_t const *t_rules,
2070 fr_sbuff_parse_rules_t const *bracket_rules, char *out_c, bool cond)
2071{
2072 xlat_exp_t *node = NULL, *unary = NULL;
2073 xlat_t *func = NULL;
2074 fr_sbuff_t our_in = FR_SBUFF(in);
2075 char c = '\0';
2076
2077 XLAT_DEBUG("UNARY <-- %pV", fr_box_strvalue_len(fr_sbuff_current(in), fr_sbuff_remaining(in)));
2078
2079 /*
2080 * Handle !-~ by adding a unary function to the xlat
2081 * node, with the first argument being the _next_ thing
2082 * we allocate.
2083 */
2084 if (fr_sbuff_next_if_char(&our_in, '!')) { /* unary not */
2085 func = xlat_func_find("unary_not", 9);
2086 fr_assert(func != NULL);
2087 c = '!';
2088 goto check_for_double;
2089
2090 }
2091 else if (fr_sbuff_next_if_char(&our_in, '-')) { /* unary minus */
2092 fr_sbuff_skip_whitespace(&our_in);
2093
2094 /*
2095 * -4 is a number, not minus(4).
2096 */
2097 if (fr_sbuff_is_digit(&our_in)) goto field;
2098
2099 func = xlat_func_find("unary_minus", 11);
2100 fr_assert(func != NULL);
2101 c = '-';
2102 goto check_for_double;
2103
2104 }
2105 else if (fr_sbuff_next_if_char(&our_in, '~')) { /* unary complement */
2106 func = xlat_func_find("unary_complement", 16);
2107 fr_assert(func != NULL);
2108 c = '~';
2109 goto check_for_double;
2110
2111 }
2112 else if (fr_sbuff_next_if_char(&our_in, '+')) { /* ignore unary + */
2113 c = '+';
2114
2115 check_for_double:
2116 fr_sbuff_skip_whitespace(&our_in);
2117 fr_sbuff_skip_whitespace(&our_in);
2118 if (fr_sbuff_is_char(&our_in, c)) {
2119 fr_strerror_const("Double operator is invalid");
2120 FR_SBUFF_ERROR_RETURN(&our_in);
2121 }
2122 }
2123
2124 /*
2125 * Maybe we have a unary not / etc. If so, make sure
2126 * that we return that, and not the child node
2127 */
2128 if (!func) {
2129 field:
2130 return tokenize_field(head, out, in, p_rules, t_rules, bracket_rules, out_c, cond);
2131 }
2132
2133 /*
2134 * Tokenize_field may reset this if the operation is wrapped inside of another expression.
2135 */
2136 *out_c = c;
2137
2138 MEM(unary = xlat_exp_alloc(head, XLAT_FUNC, fr_tokens[func->token], strlen(fr_tokens[func->token])));
2139 xlat_exp_set_func(unary, func, t_rules->attr.dict_def);
2140 MEM(unary->call.args = xlat_exp_head_alloc(unary));
2141 unary->call.args->is_argv = true;
2142
2143 if (tokenize_field(unary->call.args, &node, &our_in, p_rules, t_rules, bracket_rules, out_c, (c == '!')) <= 0) {
2144 talloc_free(unary);
2145 FR_SBUFF_ERROR_RETURN(&our_in);
2146 }
2147
2148 if (!node) {
2149 fr_strerror_const("Empty expressions are invalid");
2150 FR_SBUFF_ERROR_RETURN(&our_in);
2151 }
2152
2153 xlat_func_append_arg(unary, node, (c == '!'));
2154 unary->flags.can_purify = (unary->call.func->flags.pure && unary->call.args->flags.pure) | unary->call.args->flags.can_purify;
2155
2156 /*
2157 * Don't add it to head->flags, that will be done when it's actually inserted.
2158 */
2159
2160 *out = unary;
2161
2162 FR_SBUFF_SET_RETURN(in, &our_in);
2163}
2164
2165/** Allocate a specific cast node.
2166 *
2167 * With the first argument being a UINT8 of the data type.
2168 * See xlat_func_cast() for the implementation.
2169 *
2170 */
2171static xlat_exp_t *expr_cast_alloc(TALLOC_CTX *ctx, fr_type_t type, xlat_exp_t *child)
2172{
2173 xlat_exp_t *cast, *node;
2174 char const *str;
2175
2176 /*
2177 * Create a "cast" node. The first argument is a UINT8 value-box of the cast type. The RHS is
2178 * whatever "node" comes next.
2179 */
2180 MEM(cast = xlat_exp_alloc(ctx, XLAT_FUNC, "cast", 4));
2181 MEM(cast->call.func = xlat_func_find("cast", 4));
2182 // no need to set dict here
2183 fr_assert(cast->call.func != NULL);
2184 cast->flags = cast->call.func->flags;
2185
2186 /*
2187 * Create argv[0] UINT8, with "Cast-Base" as
2188 * the "da". This allows the printing routines
2189 * to print the name of the type, and not the
2190 * number.
2191 */
2192 str = fr_type_to_str(type);
2193 fr_assert(str != NULL);
2194
2195 MEM(node = xlat_exp_alloc(cast, XLAT_BOX, NULL, 0));
2196 xlat_exp_set_name(node, str, strlen(str));
2197
2198 fr_value_box_init(&node->data, FR_TYPE_UINT8, attr_cast_base, false);
2199 node->data.vb_uint8 = type;
2200
2201 xlat_func_append_arg(cast, node, false);
2202 (void) talloc_steal(cast, child);
2203 xlat_func_append_arg(cast, child, false);
2204
2205 return cast;
2206}
2207
2208static fr_slen_t expr_cast_from_substr(fr_type_t *cast, fr_sbuff_t *in)
2209{
2210 fr_sbuff_t our_in = FR_SBUFF(in);
2211 fr_sbuff_marker_t m;
2212 ssize_t slen;
2213
2214 if (!fr_sbuff_next_if_char(&our_in, '(')) {
2215 no_cast:
2216 *cast = FR_TYPE_NULL;
2217 return 0;
2218 }
2219
2220 fr_sbuff_marker(&m, &our_in);
2221 fr_sbuff_out_by_longest_prefix(&slen, cast, fr_type_table, &our_in, FR_TYPE_NULL);
2222
2223 /*
2224 * We didn't read anything, there's no cast.
2225 */
2226 if (fr_sbuff_diff(&our_in, &m) == 0) goto no_cast;
2227
2228 if (!fr_sbuff_next_if_char(&our_in, ')')) goto no_cast;
2229
2230 if (fr_type_is_null(*cast)) {
2231 fr_strerror_printf("Invalid data type in cast");
2232 FR_SBUFF_ERROR_RETURN(&m);
2233 }
2234
2235 if (!fr_type_is_leaf(*cast)) {
2236 fr_strerror_printf("Invalid data type '%s' in cast", fr_type_to_str(*cast));
2237 FR_SBUFF_ERROR_RETURN(&our_in);
2238 }
2239
2240 fr_sbuff_adv_past_whitespace(&our_in, SIZE_MAX, NULL);
2241
2242 FR_SBUFF_SET_RETURN(in, &our_in);
2243}
2244
2245/*
2246 * Tokenize the RHS of a regular expression.
2247 */
2248static fr_slen_t tokenize_regex_rhs(xlat_exp_head_t *head, xlat_exp_t **out, fr_sbuff_t *in,
2249 tmpl_rules_t const *t_rules,
2250 fr_sbuff_parse_rules_t const *bracket_rules)
2251{
2252 ssize_t slen;
2253 xlat_exp_t *node = NULL;
2254 fr_sbuff_t our_in = FR_SBUFF(in);
2255 fr_sbuff_marker_t opand_m, flag;
2256 tmpl_t *vpt;
2257 fr_token_t quote = T_SOLIDUS_QUOTED_STRING;
2258
2259 XLAT_DEBUG("REGEX_RHS <-- %pV", fr_box_strvalue_len(fr_sbuff_current(in), fr_sbuff_remaining(in)));
2260
2261 fr_sbuff_skip_whitespace(&our_in);
2262
2263 /*
2264 * Record where the operand begins for better error offsets later
2265 */
2266 fr_sbuff_marker(&opand_m, &our_in);
2267
2268 /*
2269 * Regexes cannot have casts or sub-expressions.
2270 */
2271 if (!fr_sbuff_next_if_char(&our_in, '/')) {
2272 /*
2273 * Allow for m'...' ala Perl
2274 */
2275 if (!fr_sbuff_is_str(&our_in, "m'", 2)) {
2276 fr_strerror_const("Expected regular expression");
2277 goto error;
2278 }
2279
2280 fr_sbuff_advance(&our_in, 2);
2281 quote = T_SINGLE_QUOTED_STRING;
2282 }
2283
2284 /*
2285 * Allocate the xlat node now so the talloc hierarchy is correct
2286 */
2287 MEM(node = xlat_exp_alloc(head, XLAT_TMPL, NULL, 0));
2288
2289 /*
2290 * tmpl_afrom_substr does pretty much all the work of parsing the operand. Note that we pass '/'
2291 * as the quote, so that the tmpl gets parsed as a regex.
2292 */
2293 (void) tmpl_afrom_substr(node, &vpt, &our_in, T_SOLIDUS_QUOTED_STRING, value_parse_rules_quoted[quote], t_rules);
2294 if (!vpt) {
2295 error:
2296 talloc_free(node);
2297 FR_SBUFF_ERROR_RETURN(&our_in);
2298 }
2299
2300 /*
2301 * @todo - allow for the RHS to be an attribute, too?
2302 */
2303
2304 /*
2305 * It would be nice if tmpl_afrom_substr() did this :(
2306 */
2307 if (!fr_sbuff_next_if_char(&our_in, fr_token_quote[quote])) {
2308 fr_strerror_const("Unterminated regular expression");
2309 goto error;
2310 }
2311
2312 /*
2313 * Remember where the flags start
2314 */
2315 fr_sbuff_marker(&flag, &our_in);
2316 if (tmpl_regex_flags_substr(vpt, &our_in, bracket_rules->terminals) < 0) {
2317 talloc_free(node);
2318 FR_SBUFF_ERROR_RETURN(&our_in);
2319 }
2320
2321 fr_sbuff_skip_whitespace(&our_in);
2322
2323 /*
2324 * Try to compile regular expressions, but only if
2325 * they're not being dynamically expanded.
2326 */
2327 if (!tmpl_contains_xlat(vpt)) {
2328 slen = tmpl_regex_compile(vpt, true);
2329 if (slen <= 0) goto error;
2330 }
2331
2332 node->quote = quote;
2333 xlat_exp_set_vpt(node, vpt);
2334
2335 XLAT_VERIFY(node);
2336 *out = node;
2337
2338 FR_SBUFF_SET_RETURN(in, &our_in);
2339}
2340
2341
2342static ssize_t tokenize_rcode(xlat_exp_head_t *head, xlat_exp_t **out, fr_sbuff_t *in, fr_sbuff_term_t const *terminals)
2343{
2344 rlm_rcode_t rcode;
2345 ssize_t slen;
2346 xlat_t *func;
2347 xlat_exp_t *node, *arg;
2348 fr_sbuff_t our_in = FR_SBUFF(in);
2349
2350 fr_sbuff_out_by_longest_prefix(&slen, &rcode, rcode_table, &our_in, T_BARE_WORD);
2351 if (slen <= 0) return 0;
2352
2353 if (!fr_sbuff_is_terminal(&our_in, terminals)) {
2354 if (!fr_dict_attr_allowed_chars[fr_sbuff_char(&our_in, '\0')]) {
2355 fr_strerror_const("Unexpected text after return code");
2356 FR_SBUFF_ERROR_RETURN(&our_in);
2357 }
2358 return 0;
2359 }
2360
2361 /*
2362 * @todo - allow for attributes to have the name "ok-foo" ???
2363 */
2364 func = xlat_func_find("expr.rcode", -1);
2365 fr_assert(func != NULL);
2366
2367 MEM(node = xlat_exp_alloc(head, XLAT_FUNC, fr_sbuff_start(&our_in), slen));
2368 node->call.func = func;
2369 // no need to set dict here
2370 node->flags = func->flags; /* rcode is impure, but can be calculated statically */
2371
2372 MEM(arg = xlat_exp_alloc(node, XLAT_BOX, fr_sbuff_start(&our_in), slen));
2373
2374 /*
2375 * We need a string for unit tests, but this should really be just a number.
2376 */
2377 fr_value_box_init(&arg->data, FR_TYPE_STRING, NULL, false);
2378 (void) fr_value_box_bstrndup(arg, &arg->data, NULL, fr_sbuff_start(&our_in), slen, false);
2379
2380 xlat_func_append_arg(node, arg, false);
2381
2382 *out = node;
2383
2384 FR_SBUFF_SET_RETURN(in, &our_in);
2385}
2386
2387
2388/*
2389 * Tokenize a field without unary operators.
2390 */
2391static fr_slen_t tokenize_field(xlat_exp_head_t *head, xlat_exp_t **out, fr_sbuff_t *in,
2392 fr_sbuff_parse_rules_t const *p_rules, tmpl_rules_t const *t_rules,
2393 fr_sbuff_parse_rules_t const *bracket_rules, char *out_c, bool cond)
2394{
2395 ssize_t slen;
2396 xlat_exp_t *node = NULL;
2397 fr_sbuff_t our_in = FR_SBUFF(in);
2398 fr_sbuff_marker_t opand_m;
2399 tmpl_rules_t our_t_rules;
2400 tmpl_t *vpt = NULL;
2401 fr_token_t quote;
2402 fr_type_t cast_type;
2403 fr_dict_attr_t const *enumv;
2404
2405 XLAT_DEBUG("FIELD <-- %pV", fr_box_strvalue_len(fr_sbuff_current(in), fr_sbuff_remaining(in)));
2406
2407 /*
2408 * Allow for explicit casts. Non-leaf types are forbidden.
2409 */
2410 if (expr_cast_from_substr(&cast_type, &our_in) < 0) return -1;
2411
2412 /*
2413 * Do NOT pass the cast down to the next set of parsing routines. Instead, let the next data be
2414 * parsed as whatever, and then add a cast, or cast in place as necessary.
2415 */
2416 our_t_rules = *t_rules;
2417 if (cast_type == FR_TYPE_NULL) {
2418 cast_type = our_t_rules.cast;
2419 enumv = our_t_rules.enumv;
2420 } else {
2421 enumv = NULL;
2422 }
2423
2424 our_t_rules.cast = FR_TYPE_NULL;
2425// our_t_rules.enumv = NULL;
2426
2427 /*
2428 * As a special case, we allow
2429 *
2430 * &reply = "foo = bar"
2431 *
2432 * and then we don't parse the RHS as any enum.
2433 */
2434 if ( our_t_rules.enumv && !fr_type_is_leaf(our_t_rules.enumv->type)) {
2435 our_t_rules.enumv = enumv = NULL;
2436 }
2437
2438 /*
2439 * If we still have '(', then recurse for other expressions
2440 *
2441 * Tokenize the sub-expression, ensuring that we stop at ')'.
2442 *
2443 * Note that if we have a sub-expression, then we don't use the hinting for "type".
2444 * That's because we're parsing a complete expression here (EXPR). So the intermediate
2445 * nodes in the expression can be almost anything. And we only cast it to the final
2446 * value when we get the output of the expression.
2447 */
2448 if (fr_sbuff_next_if_char(&our_in, '(')) {
2449 our_t_rules.cast = FR_TYPE_NULL;
2450 our_t_rules.enumv = NULL;
2451
2452 fr_sbuff_skip_whitespace(&our_in);
2453 if (fr_sbuff_is_char(&our_in, ')')) {
2454 fr_strerror_printf("Empty expressions are invalid");
2455 FR_SBUFF_ERROR_RETURN(&our_in);
2456 }
2457
2458 /*
2459 * No input rules means "ignore external terminal sequences, as we're expecting a ')' as
2460 * our terminal sequence.
2461 */
2462 if (tokenize_expression(head, &node, &our_in, bracket_rules, &our_t_rules, T_INVALID, bracket_rules, NULL, cond) <= 0) {
2463 FR_SBUFF_ERROR_RETURN(&our_in);
2464 }
2465
2466 if (!fr_sbuff_next_if_char(&our_in, ')')) {
2467 fr_strerror_printf("Failed to find trailing ')'");
2468 FR_SBUFF_ERROR_RETURN(&our_in);
2469 }
2470
2471 /*
2472 * We've parsed one "thing", so we stop. The next thing should be an operator, not
2473 * another value.
2474 *
2475 * The nested call to tokenize_expression() can return >=0 if there are spaces followed by a
2476 * terminal character. So "node" may be NULL;
2477 */
2478 if (!node) {
2479 fr_strerror_const("Empty expressions are invalid");
2480 FR_SBUFF_ERROR_RETURN(&our_in);
2481 }
2482
2483 *out_c = '\0';
2484 goto done;
2485 }
2486
2487 /*
2488 * Record where the operand begins for better error offsets later
2489 */
2490 fr_sbuff_skip_whitespace(&our_in);
2491 fr_sbuff_marker(&opand_m, &our_in);
2492
2493 fr_sbuff_out_by_longest_prefix(&slen, &quote, expr_quote_table, &our_in, T_BARE_WORD);
2494
2495 switch (quote) {
2496 case T_BARE_WORD:
2497 p_rules = bracket_rules;
2498
2499 /*
2500 * Peek for rcodes.
2501 */
2502 slen = tokenize_rcode(head, &node, &our_in, p_rules->terminals);
2503 if (slen < 0) FR_SBUFF_ERROR_RETURN(&our_in);
2504
2505 if (slen > 0) {
2506 fr_assert(node != NULL);
2507 goto done;
2508 }
2509 FALL_THROUGH;
2510
2511 default:
2512 slen = xlat_tokenize_word(head, &node, &our_in, quote, p_rules, &our_t_rules);
2513 if (slen <= 0) FR_SBUFF_ERROR_RETURN(&our_in);
2514
2515 fr_assert(node != NULL);
2516 break;
2517 }
2518
2519 /*
2520 * Cast value-box.
2521 */
2522 if (node->type == XLAT_BOX) {
2523 if (cast_type != FR_TYPE_NULL) {
2524 if (node->data.type != cast_type) {
2525 if (fr_value_box_cast_in_place(node, &node->data, cast_type, NULL) < 0) goto error;
2526 }
2527
2528 cast_type = FR_TYPE_NULL;
2529 }
2530 }
2531
2532 /*
2533 * Something other than a tmpl, we can just return.
2534 */
2535 if (node->type != XLAT_TMPL) {
2536 xlat_exp_set_name(node, fr_sbuff_current(&opand_m), fr_sbuff_behind(&opand_m));
2537 goto done;
2538 }
2539
2540 vpt = node->vpt;
2541
2542 /*
2543 * The tmpl has a cast, and it's the same as the explicit cast we were given, we can sometimes
2544 * discard the explicit cast.
2545 */
2546 if (cast_type != FR_TYPE_NULL) {
2547 if (tmpl_rules_cast(vpt) == cast_type) {
2548 fr_assert(0);
2549 cast_type = FR_TYPE_NULL;
2550
2551 } else if (tmpl_is_attr(vpt)) {
2552 fr_dict_attr_t const *da;
2553
2554 fr_assert(!tmpl_is_attr_unresolved(vpt));
2555
2556 da = tmpl_attr_tail_da(vpt); /* could be a list! */
2557
2558 /*
2559 * Set the cast for attributes. Note that tmpl_cast_set() will take care of
2560 * suppressing redundant casts. But it still allows (uint32)&Service-Type,
2561 * which means "return the raw value", and not "return enum name".
2562 */
2563 if (da) {
2564 if (tmpl_cast_set(vpt, cast_type) < 0) {
2565 error:
2566 fr_sbuff_set(&our_in, &opand_m);
2567 talloc_free(node);
2568 FR_SBUFF_ERROR_RETURN(&our_in);
2569 }
2570
2571 cast_type = FR_TYPE_NULL;
2572
2573 } else { /* it's something like &reply. */
2574 fr_assert(0);
2575 }
2576
2577 } else if (tmpl_is_data(vpt)) {
2578 fr_assert(!tmpl_is_data_unresolved(vpt));
2579
2580 /*
2581 * Omit our cast type if the data is already of the right type.
2582 *
2583 * Otherwise if we have a cast, then convert the data now, and then reset the
2584 * cast_type to nothing. This work allows for better errors at startup, and
2585 * minimizes run-time work.
2586 */
2587 if (tmpl_value_type(vpt) == cast_type) {
2588 cast_type = FR_TYPE_NULL;
2589
2590 } else if (tmpl_cast_in_place(vpt, cast_type, enumv) < 0) {
2591 fr_sbuff_set(&our_in, &opand_m);
2592 goto error;
2593
2594 } else {
2595 /*
2596 * We've parsed the data as the new data type, so we don't need any more
2597 * casting.
2598 */
2599 cast_type = FR_TYPE_NULL;
2600 }
2601
2602 } else if (tmpl_contains_xlat(vpt)) {
2603 /*
2604 * (string) "foo %{...}" is redundant. Drop the cast.
2605 */
2606 if ((cast_type == FR_TYPE_STRING) && (vpt->quote != T_BARE_WORD)) {
2607 tmpl_cast_set(vpt, FR_TYPE_NULL);
2608 cast_type = FR_TYPE_NULL;
2609
2610 } else {
2611 /*
2612 * Push the cast to the tmpl.
2613 */
2614 tmpl_cast_set(vpt, cast_type);
2615 cast_type = FR_TYPE_NULL;
2616 }
2617
2618 } else if (tmpl_is_attr_unresolved(vpt)) {
2619 fr_assert(t_rules->attr.allow_unresolved);
2620
2621 } else if (tmpl_is_data_unresolved(vpt)) {
2622 fr_assert(0);
2623
2624 fr_assert(quote == T_BARE_WORD);
2625 fr_strerror_const("Failed parsing input");
2626 fr_sbuff_set(&our_in, &opand_m);
2627 goto error;
2628
2629 } else {
2630 /*
2631 * Regex? Or something else weird?
2632 */
2633 tmpl_debug(vpt);
2634 fr_assert(0);
2635 }
2636 }
2637
2638 fr_assert(!tmpl_contains_regex(vpt));
2639
2640done:
2641 /*
2642 * If there is a cast, then reparent the node with a cast wrapper.
2643 */
2644 if (cast_type != FR_TYPE_NULL) {
2645 xlat_exp_t *cast;
2646
2647 MEM(cast = expr_cast_alloc(head, cast_type, node));
2648 node = cast;
2649 }
2650
2651 *out = node;
2652
2653 fr_sbuff_skip_whitespace(&our_in);
2654 FR_SBUFF_SET_RETURN(in, &our_in);
2655}
2656
2657/*
2658 * A mapping of operators to tokens.
2659 */
2660static fr_table_num_ordered_t const expr_assignment_op_table[] = {
2661 { L("!="), T_OP_NE },
2662 { L("!=="), T_OP_CMP_NE_TYPE },
2663
2664 { L("&"), T_AND },
2665 { L("&&"), T_LAND },
2666 { L("*"), T_MUL },
2667 { L("+"), T_ADD },
2668 { L("-"), T_SUB },
2669 { L("/"), T_DIV },
2670 { L("%"), T_MOD },
2671 { L("^"), T_XOR },
2672
2673 { L("|"), T_OR },
2674 { L("||"), T_LOR },
2675
2676 { L("<"), T_OP_LT },
2677 { L("<<"), T_LSHIFT },
2678 { L("<="), T_OP_LE },
2679
2680 { L("="), T_OP_EQ },
2681 { L("=="), T_OP_CMP_EQ },
2682 { L("==="), T_OP_CMP_EQ_TYPE },
2683
2684 { L("=~"), T_OP_REG_EQ },
2685 { L("!~"), T_OP_REG_NE },
2686
2687 { L(">"), T_OP_GT },
2688 { L(">="), T_OP_GE },
2689 { L(">>"), T_RSHIFT },
2690
2691};
2692static size_t const expr_assignment_op_table_len = NUM_ELEMENTS(expr_assignment_op_table);
2693
2694static bool valid_type(xlat_exp_t *node)
2695{
2696 fr_dict_attr_t const *da;
2697
2698#ifdef STATIC_ANALYZER
2699 if (!node) return false;
2700#endif
2701
2702 if (node->type != XLAT_TMPL) return true;
2703
2704 if (tmpl_is_list(node->vpt)) {
2705 list:
2706 fr_strerror_const("Cannot use list references in condition");
2707 return false;
2708 }
2709
2710 if (!tmpl_is_attr(node->vpt)) return true;
2711
2712 da = tmpl_attr_tail_da(node->vpt);
2713 if (fr_type_is_structural(da->type)) {
2714 if (da->dict == fr_dict_internal()) goto list;
2715
2716 fr_strerror_const("Cannot use structural types in condition");
2717 return false;
2718 }
2719
2720 return true;
2721}
2722
2723
2724/** Tokenize a mathematical operation.
2725 *
2726 * (EXPR)
2727 * !EXPR
2728 * A OP B
2729 *
2730 * If "out" is NULL then the expression is added to "head".
2731 * Otherwise, it's returned to the caller.
2732 */
2733static fr_slen_t tokenize_expression(xlat_exp_head_t *head, xlat_exp_t **out, fr_sbuff_t *in,
2734 fr_sbuff_parse_rules_t const *p_rules, tmpl_rules_t const *t_rules,
2735 fr_token_t prev, fr_sbuff_parse_rules_t const *bracket_rules,
2736 fr_sbuff_parse_rules_t const *input_rules, bool cond)
2737{
2738 xlat_exp_t *lhs = NULL, *rhs, *node;
2739 xlat_t *func = NULL;
2740 fr_token_t op;
2741 ssize_t slen;
2742 fr_sbuff_marker_t m_lhs, m_op, m_rhs;
2743 fr_sbuff_t our_in = FR_SBUFF(in);
2744 char c = '\0';
2745
2746 XLAT_DEBUG("EXPRESSION <-- %pV", fr_box_strvalue_len(fr_sbuff_current(in), fr_sbuff_remaining(in)));
2747
2748 fr_sbuff_skip_whitespace(&our_in);
2749
2750 fr_sbuff_marker(&m_lhs, &our_in);
2751
2752 /*
2753 * Get the LHS of the operation.
2754 */
2755 slen = tokenize_unary(head, &lhs, &our_in, p_rules, t_rules, bracket_rules, &c, cond);
2756 if (slen <= 0) FR_SBUFF_ERROR_RETURN(&our_in);
2757
2758 if (slen == 0) {
2759 fr_assert(lhs == NULL);
2760 *out = NULL;
2761 FR_SBUFF_SET_RETURN(in, &our_in);
2762 }
2763
2764redo:
2765 rhs = NULL;
2766
2767 fr_sbuff_skip_whitespace(&our_in);
2768
2769 /*
2770 * No more input, we're done.
2771 */
2772 if (fr_sbuff_extend(&our_in) == 0) {
2773 done:
2774 /*
2775 * LHS may be NULL if the expression has spaces followed by a terminal character.
2776 */
2777 *out = lhs;
2778 FR_SBUFF_SET_RETURN(in, &our_in);
2779 }
2780
2781 /*
2782 * ')' is a terminal, even if we didn't expect it.
2783 * Because if we didn't expect it, then it's an error.
2784 *
2785 * If we did expect it, then we return whatever we found,
2786 * and let the caller eat the ')'.
2787 */
2788 if (fr_sbuff_is_char(&our_in, ')')) {
2789 if (!bracket_rules) {
2790 fr_strerror_printf("Unexpected ')'");
2791 FR_SBUFF_ERROR_RETURN(&our_in);
2792 }
2793
2794 goto done;
2795 }
2796 fr_sbuff_skip_whitespace(&our_in);
2797
2798 /*
2799 * We hit a terminal sequence, stop.
2800 */
2801 if (input_rules && fr_sbuff_is_terminal(&our_in, input_rules->terminals)) goto done;
2802
2803 /*
2804 * Remember where we were after parsing the LHS.
2805 */
2806 fr_sbuff_marker(&m_op, &our_in);
2807
2808 /*
2809 * Get the operator.
2810 */
2811 XLAT_DEBUG(" operator <-- %pV", fr_box_strvalue_len(fr_sbuff_current(&our_in), fr_sbuff_remaining(&our_in)));
2812 fr_sbuff_out_by_longest_prefix(&slen, &op, expr_assignment_op_table, &our_in, T_INVALID);
2813 if ((op == T_INVALID) || !binary_ops[op].str) {
2814 fr_strerror_const("Invalid operator");
2815 fr_sbuff_set(&our_in, &m_op);
2816 talloc_free(lhs);
2817 FR_SBUFF_ERROR_RETURN(&our_in);
2818 }
2819
2820 /*
2821 * We can't (yet) do &list1 = &list2 + &list3
2822 */
2823 if (fr_binary_op[op] && t_rules->enumv && fr_type_is_structural(t_rules->enumv->type)) {
2824 fr_strerror_const("Invalid operator for structural attribute");
2825 fr_sbuff_set(&our_in, &m_op);
2826 talloc_free(lhs);
2827 FR_SBUFF_ERROR_RETURN(&our_in);
2828 }
2829
2830 fr_assert(precedence[op] != 0);
2831
2832 /*
2833 * a * b + c ... = (a * b) + c ...
2834 *
2835 * Feed the current expression to the caller, who will
2836 * take care of continuing.
2837 */
2838 if (precedence[op] <= precedence[prev]) {
2839 fr_sbuff_set(&our_in, &m_op);
2840 goto done;
2841 }
2842
2843 /*
2844 * &Foo and !&Foo are permitted as the LHS of || and &&
2845 */
2846 if (((c == '!') || (c == '~')) && (op != T_LAND) && (op != T_LOR)) {
2847 fr_strerror_printf("Operator '%c' is only applied to the left hand side of the '%s' operation, add (..) to evaluate the operation first", c, fr_tokens[op]);
2848 fail_lhs:
2849 fr_sbuff_set(&our_in, &m_lhs);
2850 FR_SBUFF_ERROR_RETURN(&our_in);
2851 }
2852
2853 fr_sbuff_skip_whitespace(&our_in);
2854 fr_sbuff_marker(&m_rhs, &our_in);
2855
2856 /*
2857 * We now parse the RHS, allowing a (perhaps different) cast on the RHS.
2858 */
2859 XLAT_DEBUG(" recurse RHS <-- %pV", fr_box_strvalue_len(fr_sbuff_current(&our_in), fr_sbuff_remaining(&our_in)));
2860 if ((op == T_OP_REG_EQ) || (op == T_OP_REG_NE)) {
2861 fr_type_t type;
2862
2863 /*
2864 * @todo - LHS shouldn't be anything else.
2865 */
2866 switch (lhs->type) {
2867 case XLAT_TMPL:
2868 type = tmpl_cast_get(lhs->vpt);
2869 if ((type != FR_TYPE_NULL) && (type != FR_TYPE_STRING)) {
2870 fr_strerror_const("Casts cannot be used with regular expressions");
2871 fr_sbuff_set(&our_in, &m_lhs);
2872 FR_SBUFF_ERROR_RETURN(&our_in);
2873 }
2874
2875 /*
2876 * Cast the LHS to a string, if it's not already one!
2877 */
2878 if (lhs->vpt->quote == T_BARE_WORD) tmpl_cast_set(lhs->vpt, FR_TYPE_STRING);
2879 break;
2880
2881 case XLAT_BOX:
2882 /*
2883 * 192.168.0.1 =~ /foo/
2884 *
2885 * Gets the LHS automatically converted to a string.
2886 */
2887 if (lhs->data.type != FR_TYPE_STRING) {
2888 if (fr_value_box_cast_in_place(lhs, &lhs->data, FR_TYPE_STRING, NULL) < 0) {
2889 fr_sbuff_set(&our_in, &m_lhs);
2890 FR_SBUFF_ERROR_RETURN(&our_in);
2891 }
2892 }
2893 break;
2894
2895 default:
2896 /*
2897 * @todo - if we hoist the LHS to a function instead of an xlat->tmpl->xlat, then
2898 * we can't cast the LHS to a string. OR, we have to manually add a lHS cast to
2899 * a string. Maybe we need to delay the LHS hoisting until such time as we know
2900 * it's safe.
2901 *
2902 * Also, hoisting a double-quoted xlat string to a _list_ of xlats is hard,
2903 * because we expect the LHS here to be one node. So perhaps the hoisting has to
2904 * be from an XLAT_TMPL to an XLAT_GROUP, which is still perhaps a bit of an
2905 * improvement.
2906 */
2907 break;
2908
2909 }
2910
2911 slen = tokenize_regex_rhs(head, &rhs, &our_in, t_rules, bracket_rules);
2912 } else {
2913 tmpl_rules_t our_t_rules = *t_rules;
2914
2915 /*
2916 * Pass the enumv down ONLY if the RHS name begins with "::".
2917 *
2918 * Otherwise, the terminal rules for expressions includes "-" and "+", both of which are
2919 * allowed in enum names. If we pass the enumv down to the next function, it will see
2920 * "Access-Accept", and then only parse "Access". Which is wrong.
2921 */
2922 if ((lhs->type == XLAT_TMPL) && tmpl_is_attr(lhs->vpt) &&
2923 fr_sbuff_is_str_literal(&our_in, "::")) {
2924 our_t_rules.enumv = tmpl_attr_tail_da(lhs->vpt);
2925 }
2926
2927 slen = tokenize_expression(head, &rhs, &our_in, p_rules, &our_t_rules, op, bracket_rules, input_rules, cond);
2928 }
2929 if (slen <= 0) {
2930 talloc_free(lhs);
2931 FR_SBUFF_ERROR_RETURN(&our_in);
2932 }
2933
2934 /*
2935 * The nested call to tokenize_expression() can return >=0 if there are spaces followed by a
2936 * terminal character.
2937 */
2938 if (!rhs) goto done;
2939
2940 func = xlat_func_find(binary_ops[op].str, binary_ops[op].len);
2941 fr_assert(func != NULL);
2942
2943 if (multivalue_ops[op]) {
2944 if ((lhs->type == XLAT_FUNC) && (lhs->call.func->token == op)) {
2945 xlat_func_append_arg(lhs, rhs, cond);
2946
2947 lhs->call.args->flags.can_purify |= rhs->flags.can_purify | rhs->flags.pure;
2948 lhs->flags.can_purify = lhs->call.args->flags.can_purify;
2949 goto redo;
2950 }
2951 goto purify;
2952 }
2953
2954 /*
2955 * Complain on comparisons between invalid data types.
2956 *
2957 * @todo - allow
2958 *
2959 * &structural == {}
2960 * &structural != {}
2961 *
2962 * as special cases, so we can check lists for emptiness.
2963 */
2964 if (fr_comparison_op[op]) {
2965 if (!valid_type(lhs)) goto fail_lhs;
2966 if (!valid_type(rhs)) {
2967 fr_sbuff_set(&our_in, &m_rhs);
2968 FR_SBUFF_ERROR_RETURN(&our_in);
2969 }
2970
2971 /*
2972 * Peephole optimization. If both LHS
2973 * and RHS are static values, then just call the
2974 * relevant condition code to get the result.
2975 */
2976 if (cond) {
2977 int rcode;
2978
2979 purify:
2980 rcode = xlat_purify_op(head, &node, lhs, op, rhs);
2981 if (rcode < 0) goto fail_lhs;
2982
2983 if (rcode) {
2984 lhs = node;
2985 goto redo;
2986 }
2987 }
2988 }
2989
2990 /*
2991 * Create the function node, with the LHS / RHS arguments.
2992 */
2993 MEM(node = xlat_exp_alloc(head, XLAT_FUNC, fr_tokens[op], strlen(fr_tokens[op])));
2994 xlat_exp_set_func(node, func, t_rules->attr.dict_def);
2995
2996 xlat_func_append_arg(node, lhs, logical_ops[op] && cond);
2997 xlat_func_append_arg(node, rhs, logical_ops[op] && cond);
2998
2999 fr_assert(xlat_exp_head(node->call.args) != NULL);
3000
3001 /*
3002 * Logical operations can be purified if ANY of their arguments can be purified.
3003 */
3004 if (logical_ops[op]) {
3005 xlat_exp_foreach(node->call.args, arg) {
3006 node->call.args->flags.can_purify |= arg->flags.can_purify | arg->flags.pure;
3007 if (node->call.args->flags.can_purify) break;
3008 }
3009 node->flags.can_purify = node->call.args->flags.can_purify;
3010
3011 } else {
3012 node->flags.can_purify = (node->call.func->flags.pure && node->call.args->flags.pure) | node->call.args->flags.can_purify;
3013 }
3014
3015 lhs = node;
3016 goto redo;
3017}
3018
3019static const fr_sbuff_term_t bracket_terms = FR_SBUFF_TERMS(
3020 L(""),
3021 L(")"),
3022);
3023
3024static const fr_sbuff_term_t operator_terms = FR_SBUFF_TERMS(
3025 L("\t"),
3026 L("\n"),
3027 L("\r"),
3028 L(" "),
3029 L("!"),
3030 L("%"),
3031 L("&"),
3032 L("*"),
3033 L("+"),
3034 L("-"),
3035 L("/"),
3036 L("<"),
3037 L("="),
3038 L(">"),
3039 L("^"),
3040 L("|"),
3041 L("~"),
3042);
3043
3044static fr_slen_t xlat_tokenize_expression_internal(TALLOC_CTX *ctx, xlat_exp_head_t **out, fr_sbuff_t *in,
3045 fr_sbuff_parse_rules_t const *p_rules, tmpl_rules_t const *t_rules, bool cond)
3046{
3047 fr_slen_t slen;
3048 fr_sbuff_parse_rules_t *bracket_rules = NULL;
3049 fr_sbuff_parse_rules_t *terminal_rules = NULL;
3050 tmpl_rules_t my_rules = { };
3051 xlat_exp_head_t *head;
3052 xlat_exp_t *node = NULL;
3053
3054 /*
3055 * Whatever the caller passes, ensure that we have a
3056 * terminal rule which ends on operators, and a terminal
3057 * rule which ends on ')'.
3058 */
3059 MEM(bracket_rules = talloc_zero(ctx, fr_sbuff_parse_rules_t));
3060 MEM(terminal_rules = talloc_zero(ctx, fr_sbuff_parse_rules_t));
3061 if (p_rules) {
3062 *bracket_rules = *p_rules;
3063 *terminal_rules = *p_rules;
3064
3065 if (p_rules->terminals) {
3066 MEM(terminal_rules->terminals = fr_sbuff_terminals_amerge(terminal_rules,
3067 p_rules->terminals,
3068 &operator_terms));
3069 } else {
3070 terminal_rules->terminals = &operator_terms;
3071 }
3072 } else {
3073 terminal_rules->terminals = &operator_terms;
3074 }
3075 MEM(bracket_rules->terminals = fr_sbuff_terminals_amerge(bracket_rules,
3076 terminal_rules->terminals,
3077 &bracket_terms));
3078
3079 MEM(head = xlat_exp_head_alloc(ctx));
3080 if (!t_rules) t_rules = &my_rules;
3081
3082 slen = tokenize_expression(head, &node, in, terminal_rules, t_rules, T_INVALID, bracket_rules, p_rules, cond);
3083 talloc_free(bracket_rules);
3084 talloc_free(terminal_rules);
3085
3086 if (slen <= 0) {
3087 talloc_free(head);
3088 return slen;
3089 }
3090
3091 if (!node) {
3092 *out = head;
3093 return slen;
3094 }
3095
3096 /*
3097 * If the tmpl is not resolved, then it refers to an attribute which doesn't exist. That's an
3098 * error.
3099 */
3100 if (node->type == XLAT_TMPL) {
3101 if (tmpl_is_data_unresolved(node->vpt)) {
3102 fr_strerror_const("Unknown attribute");
3103 return -1;
3104 }
3105
3106 /*
3107 * Convert raw existence checks to existence functions.
3108 */
3109 if (tmpl_contains_attr(node->vpt)) {
3110 if (cond) MEM(node = xlat_exists_alloc(head, node));
3111 }
3112 }
3113
3114 xlat_exp_insert_tail(head, node);
3115
3116 *out = head;
3117 return slen;
3118}
3119
3120fr_slen_t xlat_tokenize_expression(TALLOC_CTX *ctx, xlat_exp_head_t **out, fr_sbuff_t *in,
3121 fr_sbuff_parse_rules_t const *p_rules, tmpl_rules_t const *t_rules)
3122{
3123 fr_slen_t slen;
3124
3125 slen = xlat_tokenize_expression_internal(ctx, out, in, p_rules, t_rules, false);
3126 if (slen < 0) return slen;
3127
3128#ifdef STATIC_ANALYZER
3129 /*
3130 * Coverity doesn't realise that out will be set by this point
3131 * by a successful call to xlat_tokenize_expression_internal.
3132 */
3133 if (!out) return -1;
3134#endif
3135 if (!*out) {
3136 fr_strerror_const("Empty expressions are invalid");
3137 return -1;
3138 }
3139
3140 if (xlat_finalize(*out, t_rules->xlat.runtime_el) < 0) {
3141 TALLOC_FREE(*out);
3142 return -1;
3143 }
3144
3145 return slen;
3146}
3147
3148fr_slen_t xlat_tokenize_condition(TALLOC_CTX *ctx, xlat_exp_head_t **out, fr_sbuff_t *in,
3149 fr_sbuff_parse_rules_t const *p_rules, tmpl_rules_t const *t_rules)
3150{
3151 fr_slen_t slen;
3152
3153 slen = xlat_tokenize_expression_internal(ctx, out, in, p_rules, t_rules, true);
3154 if (slen < 0) return slen;
3155
3156#ifdef STATIC_ANALYZER
3157 if (!out) return -1;
3158#endif
3159 if (!*out) {
3160 fr_strerror_const("Empty conditions are invalid");
3161 return -1;
3162 }
3163
3164 if (xlat_finalize(*out, t_rules->xlat.runtime_el) < 0) {
3165 TALLOC_FREE(*out);
3166 return -1;
3167 }
3168
3169 return slen;
3170}
3171
3172/** Allow callers to see if an xlat is truthy
3173 *
3174 * So the caller can cache it, and needs to check fewer things at run
3175 * time.
3176 *
3177 * @param[in] head of the xlat to check
3178 * @param[out] out truthiness of the box
3179 * @return
3180 * - false - xlat is not truthy, *out is unchanged.
3181 * - true - xlat is truthy, *out is the result of fr_value_box_is_truthy()
3182 */
3183bool xlat_is_truthy(xlat_exp_head_t const *head, bool *out)
3184{
3185 xlat_exp_t const *node;
3186 fr_value_box_t const *box;
3187
3188 /*
3189 * Only pure / constant things can be truthy.
3190 */
3191 if (!head->flags.pure) goto return_false;
3192
3193 node = xlat_exp_head(head);
3194 if (!node) {
3195 *out = false;
3196 return true;
3197 }
3198
3199 if (xlat_exp_next(head, node)) goto return_false;
3200
3201 if (node->type == XLAT_BOX) {
3202 box = &node->data;
3203
3204 } else if ((node->type == XLAT_TMPL) && tmpl_is_data(node->vpt)) {
3205 box = tmpl_value(node->vpt);
3206
3207 } else {
3208 return_false:
3209 *out = false;
3210 return false;
3211 }
3212
3213 *out = fr_value_box_is_truthy(box);
3214 return true;
3215}
args
va_list args
Definition acutest.h:770
UNCONST
#define UNCONST(_type, _ptr)
Remove const qualification from a pointer.
Definition build.h:167
RCSID
#define RCSID(id)
Definition build.h:485
L
#define L(_str)
Helper for initialising arrays of string literals.
Definition build.h:209
FALL_THROUGH
#define FALL_THROUGH
clang 10 doesn't recognised the FALL-THROUGH comment anymore
Definition build.h:324
unlikely
#define unlikely(_x)
Definition build.h:383
UNUSED
#define UNUSED
Definition build.h:317
NUM_ELEMENTS
#define NUM_ELEMENTS(_t)
Definition build.h:339
fr_value_calc_list_cmp
int fr_value_calc_list_cmp(TALLOC_CTX *ctx, fr_value_box_t *dst, fr_value_box_list_t const *list1, fr_token_t op, fr_value_box_list_t const *list2)
Definition calc.c:2647
fr_value_calc_binary_op
int fr_value_calc_binary_op(TALLOC_CTX *ctx, fr_value_box_t *dst, fr_type_t hint, fr_value_box_t const *a, fr_token_t op, fr_value_box_t const *b)
Calculate DST = A OP B.
Definition calc.c:1924
fr_value_calc_unary_op
int fr_value_calc_unary_op(TALLOC_CTX *ctx, fr_value_box_t *dst, fr_token_t op, fr_value_box_t const *src)
Calculate unary operations.
Definition calc.c:2481
fr_dcursor_append
static int fr_dcursor_append(fr_dcursor_t *cursor, void *v)
Insert a single item at the end of the list.
Definition dcursor.h:408
fr_dcursor_s
Definition dcursor.h:93
MEM
#define MEM(x)
Definition debug.h:36
ERROR
#define ERROR(fmt,...)
Definition dhcpclient.c:41
fr_dict_attr_allowed_chars
bool const fr_dict_attr_allowed_chars[UINT8_MAX+1]
Characters that are allowed in dictionary attribute names.
Definition dict_util.c:47
fr_dict_internal
fr_dict_t const * fr_dict_internal(void)
Definition dict_util.c:4654
in
static fr_slen_t in
Definition dict.h:840
fr_dlist_remove
static void * fr_dlist_remove(fr_dlist_head_t *list_head, void *ptr)
Remove an item from the list.
Definition dlist.h:638
fr_dlist_num_elements
static unsigned int fr_dlist_num_elements(fr_dlist_head_t const *head)
Return the number of elements in the dlist.
Definition dlist.h:939
fr_dlist_pop_head
static void * fr_dlist_pop_head(fr_dlist_head_t *list_head)
Remove the head item in a list.
Definition dlist.h:672
fr_dlist_insert_tail
static int fr_dlist_insert_tail(fr_dlist_head_t *list_head, void *ptr)
Insert an item into the tail of a list.
Definition dlist.h:378
xlat_func_rcode
static xlat_action_t xlat_func_rcode(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, UNUSED fr_value_box_list_t *args)
Return the current rcode as a string.
Definition xlat_expr.c:1663
xlat_func_exists
static xlat_action_t xlat_func_exists(TALLOC_CTX *ctx, fr_dcursor_t *out, xlat_ctx_t const *xctx, request_t *request, UNUSED fr_value_box_list_t *in)
See if a named attribute exists.
Definition xlat_expr.c:1775
xlat_func_expr_rcode
static xlat_action_t xlat_func_expr_rcode(TALLOC_CTX *ctx, fr_dcursor_t *out, xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *args)
Match the passed rcode against request->rcode.
Definition xlat_expr.c:1612
unlang_interpret_frame_talloc_ctx
TALLOC_CTX * unlang_interpret_frame_talloc_ctx(request_t *request)
Get a talloc_ctx which is valid only for this frame.
Definition interpret.c:1405
UNLANG_SUB_FRAME
#define UNLANG_SUB_FRAME
Definition interpret.h:36
RDEBUG3
#define RDEBUG3(fmt,...)
Definition log.h:343
RPEDEBUG
#define RPEDEBUG(fmt,...)
Definition log.h:376
talloc_free
talloc_free(reap)
fr_type_t
fr_type_t
Definition merged_model.c:80
FR_TYPE_INT8
@ FR_TYPE_INT8
8 Bit signed integer.
Definition merged_model.c:103
FR_TYPE_STRING
@ FR_TYPE_STRING
String of printable characters.
Definition merged_model.c:83
FR_TYPE_NULL
@ FR_TYPE_NULL
Invalid (uninitialised) attribute type.
Definition merged_model.c:81
FR_TYPE_UINT16
@ FR_TYPE_UINT16
16 Bit unsigned integer.
Definition merged_model.c:98
FR_TYPE_INT64
@ FR_TYPE_INT64
64 Bit signed integer.
Definition merged_model.c:106
FR_TYPE_INT16
@ FR_TYPE_INT16
16 Bit signed integer.
Definition merged_model.c:104
FR_TYPE_UINT8
@ FR_TYPE_UINT8
8 Bit unsigned integer.
Definition merged_model.c:97
FR_TYPE_UINT32
@ FR_TYPE_UINT32
32 Bit unsigned integer.
Definition merged_model.c:99
FR_TYPE_INT32
@ FR_TYPE_INT32
32 Bit signed integer.
Definition merged_model.c:105
FR_TYPE_UINT64
@ FR_TYPE_UINT64
64 Bit unsigned integer.
Definition merged_model.c:100
FR_TYPE_VOID
@ FR_TYPE_VOID
User data.
Definition merged_model.c:127
FR_TYPE_BOOL
@ FR_TYPE_BOOL
A truth value.
Definition merged_model.c:95
FR_TYPE_SIZE
@ FR_TYPE_SIZE
Unsigned integer capable of representing any memory address on the local system.
Definition merged_model.c:115
FR_TYPE_OCTETS
@ FR_TYPE_OCTETS
Raw octets.
Definition merged_model.c:84
FR_TYPE_GROUP
@ FR_TYPE_GROUP
A grouping of other attributes.
Definition merged_model.c:124
uint32_t
unsigned int uint32_t
Definition merged_model.c:33
ssize_t
long int ssize_t
Definition merged_model.c:24
fr_slen_t
ssize_t fr_slen_t
Definition merged_model.c:35
fr_dict_attr_t
Definition merged_model.c:133
fr_sbuff_escape_rules_t
Definition merged_model.c:228
fr_sbuff_t
Definition merged_model.c:37
fr_value_box_t
Definition merged_model.c:136
request_t
Definition merged_model.c:210
tmpl_t
Definition merged_model.c:225
fr_assert
#define fr_assert(_expr)
Definition rad_assert.h:38
done
static bool done
Definition radclient.c:81
REDEBUG
#define REDEBUG(fmt,...)
Definition radclient.h:52
RDEBUG
#define RDEBUG(fmt,...)
Definition radclient.h:53
rcode_table
fr_table_num_sorted_t const rcode_table[]
Definition rcode.c:35
rlm_rcode_t
rlm_rcode_t
Return codes indicating the result of the module call.
Definition rcode.h:40
RLM_MODULE_NOT_SET
@ RLM_MODULE_NOT_SET
Error resolving rcode (should not be returned by modules).
Definition rcode.h:52
RLM_MODULE_NUMCODES
@ RLM_MODULE_NUMCODES
How many valid return codes there are.
Definition rcode.h:51
name
static char const * name
Definition rlm_redis_ippool_tool.c:156
fr_sbuff_is_terminal
bool fr_sbuff_is_terminal(fr_sbuff_t *in, fr_sbuff_term_t const *tt)
Efficient terminal string search.
Definition sbuff.c:2154
fr_sbuff_terminals_amerge
fr_sbuff_term_t * fr_sbuff_terminals_amerge(TALLOC_CTX *ctx, fr_sbuff_term_t const *a, fr_sbuff_term_t const *b)
Merge two sets of terminal strings.
Definition sbuff.c:647
fr_sbuff_next_if_char
bool fr_sbuff_next_if_char(fr_sbuff_t *sbuff, char c)
Return true if the current char matches, and if it does, advance.
Definition sbuff.c:2090
fr_sbuff_start
#define fr_sbuff_start(_sbuff_or_marker)
fr_sbuff_out_by_longest_prefix
#define fr_sbuff_out_by_longest_prefix(_match_len, _out, _table, _sbuff, _def)
fr_sbuff_is_str_literal
#define fr_sbuff_is_str_literal(_sbuff, _str)
FR_SBUFF_IN_CHAR_RETURN
#define FR_SBUFF_IN_CHAR_RETURN(_sbuff,...)
fr_sbuff_set
#define fr_sbuff_set(_dst, _src)
fr_sbuff_diff
#define fr_sbuff_diff(_a, _b)
fr_sbuff_adv_past_whitespace
#define fr_sbuff_adv_past_whitespace(_sbuff, _len, _tt)
fr_sbuff_current
#define fr_sbuff_current(_sbuff_or_marker)
fr_sbuff_char
#define fr_sbuff_char(_sbuff_or_marker, _eob)
FR_SBUFF_TERMS
#define FR_SBUFF_TERMS(...)
Initialise a terminal structure with a list of sorted strings.
Definition sbuff.h:192
FR_SBUFF_IN_STRCPY_LITERAL_RETURN
#define FR_SBUFF_IN_STRCPY_LITERAL_RETURN(_sbuff, _str)
fr_sbuff_extend
#define fr_sbuff_extend(_sbuff_or_marker)
fr_sbuff_used_total
#define fr_sbuff_used_total(_sbuff_or_marker)
FR_SBUFF_RETURN
#define FR_SBUFF_RETURN(_func, _sbuff,...)
fr_sbuff_is_char
#define fr_sbuff_is_char(_sbuff_or_marker, _c)
FR_SBUFF_ERROR_RETURN
#define FR_SBUFF_ERROR_RETURN(_sbuff_or_marker)
FR_SBUFF_SET_RETURN
#define FR_SBUFF_SET_RETURN(_dst, _src)
fr_sbuff_is_digit
#define fr_sbuff_is_digit(_sbuff_or_marker)
FR_SBUFF
#define FR_SBUFF(_sbuff_or_marker)
fr_sbuff_advance
#define fr_sbuff_advance(_sbuff_or_marker, _len)
fr_sbuff_remaining
#define fr_sbuff_remaining(_sbuff_or_marker)
fr_sbuff_used
#define fr_sbuff_used(_sbuff_or_marker)
fr_sbuff_behind
#define fr_sbuff_behind(_sbuff_or_marker)
FR_SBUFF_IN_STRCPY_RETURN
#define FR_SBUFF_IN_STRCPY_RETURN(...)
FR_SBUFF_TALLOC_THREAD_LOCAL
#define FR_SBUFF_TALLOC_THREAD_LOCAL(_out, _init, _max)
fr_sbuff_ptr_s
Definition sbuff.h:84
fr_sbuff_term_elem_t
Terminal element with pre-calculated lengths.
Definition sbuff.h:161
fr_sbuff_term_t
Set of terminal elements.
Definition merged_model.c:161
tmpl_contains_xlat
#define tmpl_contains_xlat(vpt)
Definition tmpl.h:227
tmpl_is_attr_unresolved
#define tmpl_is_attr_unresolved(vpt)
Definition tmpl.h:219
tmpl_resolve
int tmpl_resolve(tmpl_t *vpt, tmpl_res_rules_t const *tr_rules))
Attempt to resolve functions and attributes in xlats and attribute references.
Definition tmpl_tokenize.c:4203
tmpl_value
#define tmpl_value(_tmpl)
Definition tmpl.h:937
tmpl_contains_regex
#define tmpl_contains_regex(vpt)
Definition tmpl.h:226
tmpl_is_attr
#define tmpl_is_attr(vpt)
Definition tmpl.h:208
tmpl_rules_s::enumv
fr_dict_attr_t const * enumv
Enumeration attribute used to resolve enum values.
Definition tmpl.h:338
tmpl_xlat
#define tmpl_xlat(_tmpl)
Definition tmpl.h:930
tmpl_rules_cast
#define tmpl_rules_cast(_tmpl)
Definition tmpl.h:942
tmpl_contains_attr
#define tmpl_contains_attr(vpt)
Definition tmpl.h:225
tmpl_afrom_substr
ssize_t tmpl_afrom_substr(TALLOC_CTX *ctx, tmpl_t **out, fr_sbuff_t *in, fr_token_t quote, fr_sbuff_parse_rules_t const *p_rules, tmpl_rules_t const *t_rules))
Convert an arbitrary string into a tmpl_t.
Definition tmpl_tokenize.c:3155
tmpl_rules_s::xlat
tmpl_xlat_rules_t xlat
Rules/data for parsing xlats.
Definition tmpl.h:336
tmpl_is_list
static bool tmpl_is_list(tmpl_t const *vpt)
Definition tmpl.h:920
tmpl_cast_in_place
int tmpl_cast_in_place(tmpl_t *vpt, fr_type_t type, fr_dict_attr_t const *enumv))
Convert tmpl_t of type TMPL_TYPE_DATA_UNRESOLVED or TMPL_TYPE_DATA to TMPL_TYPE_DATA of type specifie...
Definition tmpl_tokenize.c:3894
tmpl_is_data
#define tmpl_is_data(vpt)
Definition tmpl.h:206
tmpl_debug
void tmpl_debug(tmpl_t const *vpt)
Definition tmpl_tokenize.c:310
vpt
static fr_slen_t vpt
Definition tmpl.h:1269
tmpl_value_type
#define tmpl_value_type(_tmpl)
Definition tmpl.h:939
tmpl_cast_get
static fr_type_t tmpl_cast_get(tmpl_t *vpt)
Definition tmpl.h:1218
tmpl_is_data_unresolved
#define tmpl_is_data_unresolved(vpt)
Definition tmpl.h:217
tmpl_rules_s::cast
fr_type_t cast
Whether there was an explicit cast.
Definition tmpl.h:340
tmpl_rules_s::attr
tmpl_attr_rules_t attr
Rules/data for parsing attribute references.
Definition tmpl.h:335
tmpl_attr_tail_da
static fr_dict_attr_t const * tmpl_attr_tail_da(tmpl_t const *vpt)
Return the last attribute reference da.
Definition tmpl.h:801
tmpl_res_rules_t
struct tmpl_res_rules_s tmpl_res_rules_t
Definition tmpl.h:237
tmpl_is_regex
#define tmpl_is_regex(vpt)
Definition tmpl.h:213
tmpl_res_rules_s::enumv
fr_dict_attr_t const * enumv
for resolving T_BARE_WORD
Definition tmpl.h:373
tmpl_xlat_rules_s::runtime_el
fr_event_list_t * runtime_el
The eventlist to use for runtime instantiation of xlats.
Definition tmpl.h:324
tmpl_needs_resolving
#define tmpl_needs_resolving(vpt)
Definition tmpl.h:223
tmpl_cast_set
int tmpl_cast_set(tmpl_t *vpt, fr_type_t type)
Set a cast for a tmpl.
Definition tmpl_tokenize.c:3707
tmpl_res_rules_s
Similar to tmpl_rules_t, but used to specify parameters that may change during subsequent resolution ...
Definition tmpl.h:364
tmpl_rules_s
Optional arguments passed to vp_tmpl functions.
Definition tmpl.h:332
xor
static void xor(char *out, char *in1, char *in2, int n)
Definition smbdes.c:183
lshift
static void lshift(char *d, int count, int n)
Definition smbdes.c:165
inst
eap_aka_sim_process_conf_t * inst
Definition state_machine.c:3620
type
fr_aka_sim_id_type_t type
Definition state_machine.c:3623
vp
fr_pair_t * vp
Definition state_machine.c:2262
tmpl_attr_rules_s::allow_unresolved
uint8_t allow_unresolved
Allow attributes that look valid but were not found in the dictionaries.
Definition tmpl.h:304
tmpl_attr_rules_s::dict_def
fr_dict_t const * dict_def
Default dictionary to use with unqualified attribute references.
Definition tmpl.h:273
value_pair_s
Stores an attribute, a value and various bits of other data.
Definition pair.h:68
fr_table_value_by_str
#define fr_table_value_by_str(_table, _name, _def)
Convert a string to a value using a sorted or ordered table.
Definition table.h:653
fr_table_str_by_value
#define fr_table_str_by_value(_table, _number, _def)
Convert an integer to a string.
Definition table.h:772
fr_table_num_ordered_t
An element in an arbitrarily ordered array of name to num mappings.
Definition table.h:57
fr_table_num_sorted_t
An element in a lexicographically sorted array of name to num mappings.
Definition table.h:49
talloc_get_type_abort_const
#define talloc_get_type_abort_const
Definition talloc.h:287
talloc_const_free
static int talloc_const_free(void const *ptr)
Free const'd memory.
Definition talloc.h:229
tmpl_dcursor_clear
void tmpl_dcursor_clear(tmpl_dcursor_ctx_t *cc)
Clear any temporary state allocations.
Definition tmpl_dcursor.c:458
tmpl_dcursor_init
#define tmpl_dcursor_init(_err, _ctx, _cc, _cursor, _request, _vpt)
Definition tmpl_dcursor.h:100
tmpl_dcursor_ctx_s
Maintains state between cursor calls.
Definition tmpl_dcursor.h:62
fr_token_quote
const char fr_token_quote[T_TOKEN_LAST]
Convert tokens back to a quoting character.
Definition token.c:157
fr_tokens
char const * fr_tokens[T_TOKEN_LAST]
Definition token.c:79
fr_comparison_op
const bool fr_comparison_op[T_TOKEN_LAST]
Definition token.c:199
fr_binary_op
const bool fr_binary_op[T_TOKEN_LAST]
Definition token.c:217
fr_token_t
enum fr_token fr_token_t
T_AND
@ T_AND
Definition token.h:55
T_INVALID
@ T_INVALID
Definition token.h:39
T_SUB
@ T_SUB
Definition token.h:52
T_RSHIFT
@ T_RSHIFT
Definition token.h:62
T_NOT
@ T_NOT
Definition token.h:57
T_XOR
@ T_XOR
Definition token.h:58
T_DIV
@ T_DIV
Definition token.h:54
T_SINGLE_QUOTED_STRING
@ T_SINGLE_QUOTED_STRING
Definition token.h:122
T_MOD
@ T_MOD
Definition token.h:60
T_BARE_WORD
@ T_BARE_WORD
Definition token.h:120
T_OP_EQ
@ T_OP_EQ
Definition token.h:83
T_LAND
@ T_LAND
Definition token.h:91
T_COMPLEMENT
@ T_COMPLEMENT
Definition token.h:59
T_ADD
@ T_ADD
Definition token.h:51
T_BACK_QUOTED_STRING
@ T_BACK_QUOTED_STRING
Definition token.h:123
T_OP_NE
@ T_OP_NE
Definition token.h:97
T_LOR
@ T_LOR
Definition token.h:92
T_LSHIFT
@ T_LSHIFT
Definition token.h:63
T_OP_REG_EQ
@ T_OP_REG_EQ
Definition token.h:102
T_OP_CMP_EQ_TYPE
@ T_OP_CMP_EQ_TYPE
Definition token.h:107
T_DOUBLE_QUOTED_STRING
@ T_DOUBLE_QUOTED_STRING
Definition token.h:121
T_OP_CMP_EQ
@ T_OP_CMP_EQ
Definition token.h:106
T_LBRACE
@ T_LBRACE
Definition token.h:43
T_MUL
@ T_MUL
Definition token.h:53
T_OP_LE
@ T_OP_LE
Definition token.h:100
T_OP_CMP_NE_TYPE
@ T_OP_CMP_NE_TYPE
Definition token.h:108
T_OP_GE
@ T_OP_GE
Definition token.h:98
T_OP_GT
@ T_OP_GT
Definition token.h:99
T_SOLIDUS_QUOTED_STRING
@ T_SOLIDUS_QUOTED_STRING
Definition token.h:124
T_OP_LT
@ T_OP_LT
Definition token.h:101
T_OP_REG_NE
@ T_OP_REG_NE
Definition token.h:103
T_OR
@ T_OR
Definition token.h:56
T_TOKEN_LAST
#define T_TOKEN_LAST
Definition token.h:129
unlang_xlat_yield
xlat_action_t unlang_xlat_yield(request_t *request, xlat_func_t resume, xlat_func_signal_t signal, fr_signal_t sigmask, void *rctx)
Yield a request back to the interpreter from within a module.
Definition xlat.c:567
unlang_xlat_push
int unlang_xlat_push(TALLOC_CTX *ctx, bool *p_success, fr_value_box_list_t *out, request_t *request, xlat_exp_head_t const *xlat, bool top_frame)
Push a pre-compiled xlat onto the stack for evaluation.
Definition xlat.c:283
xlat_res_rules_t::tr_rules
tmpl_res_rules_t const * tr_rules
tmpl resolution rules.
Definition xlat.h:164
xlat_arg_parser_t::type
fr_type_t type
Type to cast argument to.
Definition xlat.h:154
xlat_print
fr_slen_t xlat_print(fr_sbuff_t *in, xlat_exp_head_t const *node, fr_sbuff_escape_rules_t const *e_rules)
Reconstitute an xlat expression from its constituent nodes.
Definition xlat_tokenize.c:1317
head
static fr_slen_t head
Definition xlat.h:419
xlat_aprint
static fr_slen_t xlat_aprint(TALLOC_CTX *ctx, char **out, xlat_exp_head_t const *head, fr_sbuff_escape_rules_t const *e_rules) 1(xlat_print
xlat_arg_parser_t::required
uint8_t required
Argument must be present, and non-empty.
Definition xlat.h:145
xlat_purify_op
int xlat_purify_op(TALLOC_CTX *ctx, xlat_exp_t **out, xlat_exp_t *lhs, fr_token_t op, xlat_exp_t *rhs)
Definition xlat_purify.c:536
xlat_func_t
xlat_action_t(* xlat_func_t)(TALLOC_CTX *ctx, fr_dcursor_t *out, xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *in)
xlat callback function
Definition xlat.h:231
XLAT_ARGS
#define XLAT_ARGS(_list,...)
Populate local variables with value boxes from the input list.
Definition xlat.h:382
xlat_flatten_to_argv
int xlat_flatten_to_argv(TALLOC_CTX *ctx, xlat_exp_head_t ***argv, xlat_exp_head_t *head)
Turn am xlat list into an argv[] array, and nuke the input list.
Definition xlat_eval.c:1818
xlat_arg_parser_t::concat
uint8_t concat
Concat boxes together.
Definition xlat.h:146
xlat_flags_t::needs_resolving
uint8_t needs_resolving
Needs pass2 resolution.
Definition xlat.h:108
XLAT_VERIFY
#define XLAT_VERIFY(_node)
Definition xlat.h:465
xlat_flags_t::can_purify
uint8_t can_purify
if the xlat has a pure function with pure arguments.
Definition xlat.h:111
xlat_flags_t::pure
uint8_t pure
has no external side effects, true for BOX, LITERAL, and some functions
Definition xlat.h:109
xlat_resolve
int xlat_resolve(xlat_exp_head_t *head, xlat_res_rules_t const *xr_rules)
Walk over an xlat tree recursively, resolving any unresolved functions or references.
Definition xlat_tokenize.c:1951
XLAT_ARG_PARSER_TERMINATOR
#define XLAT_ARG_PARSER_TERMINATOR
Definition xlat.h:169
xlat_finalize
int xlat_finalize(xlat_exp_head_t *head, fr_event_list_t *runtime_el)
Bootstrap static xlats, or instantiate ephemeral ones.
Definition xlat_inst.c:693
xlat_action_t
xlat_action_t
Definition xlat.h:37
XLAT_ACTION_FAIL
@ XLAT_ACTION_FAIL
An xlat function failed.
Definition xlat.h:44
XLAT_ACTION_YIELD
@ XLAT_ACTION_YIELD
An xlat function pushed a resume frame onto the stack.
Definition xlat.h:42
XLAT_ACTION_PUSH_UNLANG
@ XLAT_ACTION_PUSH_UNLANG
An xlat function pushed an unlang frame onto the unlang stack.
Definition xlat.h:39
XLAT_ACTION_DONE
@ XLAT_ACTION_DONE
We're done evaluating this level of nesting.
Definition xlat.h:43
xlat_flags_t::constant
uint8_t constant
xlat is just tmpl_attr_tail_data, or XLAT_BOX
Definition xlat.h:113
xlat_instance_unregister_func
int xlat_instance_unregister_func(xlat_exp_t *node)
Remove a node from the list of xlat instance data.
Definition xlat_inst.c:548
xlat_arg_parser_t
Definition for a single argument consumend by an xlat function.
Definition xlat.h:144
xlat_flags_t
Flags that control resolution and evaluation.
Definition xlat.h:107
xlat_res_rules_t
Definition xlat.h:163
parent
static fr_slen_t parent
Definition pair.h:839
fr_strerror_printf
#define fr_strerror_printf(_fmt,...)
Log to thread local error buffer.
Definition strerror.h:64
fr_strerror_const
#define fr_strerror_const(_msg)
Definition strerror.h:223
fr_type_table
fr_table_num_ordered_t const fr_type_table[]
Map data types to names representing those types.
Definition types.c:31
fr_type_is_variable_size
#define fr_type_is_variable_size(_x)
Definition types.h:384
fr_type_is_structural
#define fr_type_is_structural(_x)
Definition types.h:388
fr_type_is_null
#define fr_type_is_null(_x)
Definition types.h:343
fr_type_is_leaf
#define fr_type_is_leaf(_x)
Definition types.h:389
fr_type_to_str
static char const * fr_type_to_str(fr_type_t type)
Return a static string containing the type name.
Definition types.h:450
fr_value_box_list_concat_as_string
ssize_t fr_value_box_list_concat_as_string(fr_value_box_t *safety, fr_sbuff_t *sbuff, fr_value_box_list_t *list, char const *sep, size_t sep_len, fr_sbuff_escape_rules_t const *e_rules, fr_value_box_list_action_t proc_action, fr_value_box_safe_for_t safe_for, bool flatten)
Concatenate a list of value boxes together.
Definition value.c:5733
value_parse_rules_quoted
fr_sbuff_parse_rules_t const * value_parse_rules_quoted[T_TOKEN_LAST]
Parse rules for quoted strings.
Definition value.c:605
fr_value_box_copy
int fr_value_box_copy(TALLOC_CTX *ctx, fr_value_box_t *dst, const fr_value_box_t *src)
Copy value data verbatim duplicating any buffers.
Definition value.c:3962
fr_value_box_is_truthy
bool fr_value_box_is_truthy(fr_value_box_t const *in)
Check truthiness of values.
Definition value.c:6587
fr_value_box_cast_in_place
int fr_value_box_cast_in_place(TALLOC_CTX *ctx, fr_value_box_t *vb, fr_type_t dst_type, fr_dict_attr_t const *dst_enumv)
Convert one type of fr_value_box_t to another in place.
Definition value.c:3790
fr_value_box_memdup_shallow
void fr_value_box_memdup_shallow(fr_value_box_t *dst, fr_dict_attr_t const *enumv, uint8_t const *src, size_t len, bool tainted)
Assign a buffer to a box, but don't copy it.
Definition value.c:4700
fr_value_box_strdup
int fr_value_box_strdup(TALLOC_CTX *ctx, fr_value_box_t *dst, fr_dict_attr_t const *enumv, char const *src, bool tainted)
Copy a nul terminated string to a fr_value_box_t.
Definition value.c:4158
fr_value_box_strdup_shallow
void fr_value_box_strdup_shallow(fr_value_box_t *dst, fr_dict_attr_t const *enumv, char const *src, bool tainted)
Assign a buffer containing a nul terminated string to a box, but don't copy it.
Definition value.c:4267
fr_value_box_safety_copy
void fr_value_box_safety_copy(fr_value_box_t *out, fr_value_box_t const *in)
Copy the safety values from one box to another.
Definition value.c:6527
fr_value_box_clear
void fr_value_box_clear(fr_value_box_t *data)
Clear/free any existing value and metadata.
Definition value.c:3945
fr_value_box_bstrndup
int fr_value_box_bstrndup(TALLOC_CTX *ctx, fr_value_box_t *dst, fr_dict_attr_t const *enumv, char const *src, size_t len, bool tainted)
Copy a string to to a fr_value_box_t.
Definition value.c:4379
FR_VALUE_BOX_LIST_FREE_BOX
@ FR_VALUE_BOX_LIST_FREE_BOX
Free each processed box.
Definition value.h:234
fr_value_box_alloc
#define fr_value_box_alloc(_ctx, _type, _enumv)
Allocate a value box of a specific type.
Definition value.h:640
fr_value_box_mark_safe_for
#define fr_value_box_mark_safe_for(_box, _safe_for)
Definition value.h:1071
fr_box_strvalue_len
#define fr_box_strvalue_len(_val, _len)
Definition value.h:305
VALUE_BOX_LIST_VERIFY
#define VALUE_BOX_LIST_VERIFY(_x)
Definition value.h:1319
nonnull
int nonnull(2, 5))
fr_value_box_alloc_null
#define fr_value_box_alloc_null(_ctx)
Allocate a value box for later use with a value assignment function.
Definition value.h:651
fr_value_box_init
#define fr_value_box_init(_vb, _type, _enumv, _tainted)
Initialise a fr_value_box_t.
Definition value.h:606
fr_value_box_list_foreach
#define fr_value_box_list_foreach(_list_head, _iter)
Definition value.h:222
out
static size_t char ** out
Definition value.h:1020
FR_VALUE_BOX_SAFE_FOR_ANY
#define FR_VALUE_BOX_SAFE_FOR_ANY
Definition value.h:171
xlat_exp_set_vpt
void xlat_exp_set_vpt(xlat_exp_t *node, tmpl_t *vpt)
Set the tmpl for a node, along with flags and the name.
Definition xlat_alloc.c:252
xlat_exp_set_name
void xlat_exp_set_name(xlat_exp_t *node, char const *fmt, size_t len)
Set the format string for an xlat node.
Definition xlat_alloc.c:308
xlat_exp_set_func
void xlat_exp_set_func(xlat_exp_t *node, xlat_t const *func, fr_dict_t const *dict)
Set the function for a node.
Definition xlat_alloc.c:274
xlat_exp_set_name_shallow
void xlat_exp_set_name_shallow(xlat_exp_t *node, char const *fmt)
Set the format string for an xlat node from a pre-existing buffer.
Definition xlat_alloc.c:338
xlat_ctx_s::rctx
void * rctx
Resume context.
Definition xlat_ctx.h:54
xlat_inst_ctx_s::ex
xlat_exp_t * ex
Tokenized expression to use in expansion.
Definition xlat_ctx.h:64
xlat_ctx_s::inst
void const * inst
xlat instance data.
Definition xlat_ctx.h:50
xlat_inst_ctx_s::inst
void * inst
xlat instance data to populate.
Definition xlat_ctx.h:63
xlat_ctx_s
An xlat calling ctx.
Definition xlat_ctx.h:49
xlat_inst_ctx_s
An xlat instantiation ctx.
Definition xlat_ctx.h:62
attr_expr_bool_enum
fr_dict_attr_t const * attr_expr_bool_enum
Definition xlat_eval.c:42
attr_cast_base
fr_dict_attr_t const * attr_cast_base
Definition xlat_eval.c:43
xlat_func_regex_search
static xlat_action_t xlat_func_regex_search(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *in)
Definition xlat_expr.c:825
xlat_exists_inst_t::vpt
tmpl_t const * vpt
the attribute reference
Definition xlat_expr.c:1683
xlat_exists_rctx_t::list
fr_value_box_list_t list
Definition xlat_expr.c:1688
fr_sbuff_skip_whitespace
#define fr_sbuff_skip_whitespace(_x)
Definition xlat_expr.c:2028
expr_assignment_op_table_len
static size_t const expr_assignment_op_table_len
Definition xlat_expr.c:2692
xlat_expr_print_binary
static fr_slen_t xlat_expr_print_binary(fr_sbuff_t *out, xlat_exp_t const *node, UNUSED void *inst, fr_sbuff_escape_rules_t const *e_rules)
Definition xlat_expr.c:151
XLAT_REGISTER_BOOL
#define XLAT_REGISTER_BOOL(_xlat, _func, _arg, _ret_type)
Definition xlat_expr.c:1832
xlat_logical_inst_t::argc
int argc
Definition xlat_expr.c:857
xlat_expr_print_rcode
static fr_slen_t xlat_expr_print_rcode(fr_sbuff_t *out, xlat_exp_t const *node, void *instance, UNUSED fr_sbuff_escape_rules_t const *e_rules)
Definition xlat_expr.c:1577
xlat_func_append_arg
static void xlat_func_append_arg(xlat_exp_t *head, xlat_exp_t *node, bool exists)
Definition xlat_expr.c:70
xlat_is_truthy
bool xlat_is_truthy(xlat_exp_head_t const *head, bool *out)
Allow callers to see if an xlat is truthy.
Definition xlat_expr.c:3183
xlat_func_logical
static xlat_action_t xlat_func_logical(TALLOC_CTX *ctx, fr_dcursor_t *out, xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *in)
Process logical &&, ||.
Definition xlat_expr.c:1374
xlat_regex_inst_t::xlat
xlat_exp_t * xlat
to expand
Definition xlat_expr.c:501
xlat_regex_rctx_t::last_success
bool last_success
Definition xlat_expr.c:506
XLAT_BINARY_FUNC
#define XLAT_BINARY_FUNC(_name, _op)
Definition xlat_expr.c:369
bracket_terms
static const fr_sbuff_term_t bracket_terms
Definition xlat_expr.c:3019
expr_quote_table_len
static size_t expr_quote_table_len
Definition xlat_expr.c:2052
xlat_instantiate_exists
static int xlat_instantiate_exists(xlat_inst_ctx_t const *xctx)
Definition xlat_expr.c:1716
xlat_expr_print_nary
static fr_slen_t xlat_expr_print_nary(fr_sbuff_t *out, xlat_exp_t const *node, void *instance, fr_sbuff_escape_rules_t const *e_rules)
Definition xlat_expr.c:869
xlat_register_expressions
int xlat_register_expressions(void)
Definition xlat_expr.c:1848
xlat_func_exists_arg
static xlat_arg_parser_t const xlat_func_exists_arg[]
Definition xlat_expr.c:1691
xlat_logical_process_arg
static xlat_action_t xlat_logical_process_arg(UNUSED TALLOC_CTX *ctx, UNUSED fr_dcursor_t *out, xlat_ctx_t const *xctx, request_t *request, UNUSED fr_value_box_list_t *in)
Process one argument of a logical operation.
Definition xlat_expr.c:1118
xlat_tokenize_expression_internal
static fr_slen_t xlat_tokenize_expression_internal(TALLOC_CTX *ctx, xlat_exp_head_t **out, fr_sbuff_t *in, fr_sbuff_parse_rules_t const *p_rules, tmpl_rules_t const *t_rules, bool cond)
Definition xlat_expr.c:3044
xlat_expr_print_unary
static fr_slen_t xlat_expr_print_unary(fr_sbuff_t *out, xlat_exp_t const *node, UNUSED void *inst, fr_sbuff_escape_rules_t const *e_rules)
Definition xlat_expr.c:141
P
#define P(_x, _y)
Definition xlat_expr.c:1972
regex_op_xlat_args
static xlat_arg_parser_t const regex_op_xlat_args[]
Definition xlat_expr.c:618
xlat_ungroup
static void xlat_ungroup(xlat_exp_head_t *head)
Undo work which shouldn't have been done.
Definition xlat_expr.c:965
xlat_func_unary_complement
static xlat_action_t xlat_func_unary_complement(TALLOC_CTX *ctx, fr_dcursor_t *out, xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *in)
Definition xlat_expr.c:1482
xlat_cmp_op
static xlat_action_t xlat_cmp_op(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, UNUSED request_t *request, fr_value_box_list_t *in, fr_token_t op)
Definition xlat_expr.c:443
precedence
static const int precedence[T_TOKEN_LAST]
Definition xlat_expr.c:1974
xlat_func_unary_minus
static xlat_action_t xlat_func_unary_minus(TALLOC_CTX *ctx, fr_dcursor_t *out, xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *in)
Definition xlat_expr.c:1475
xlat_logical_or_resume
static xlat_action_t xlat_logical_or_resume(TALLOC_CTX *ctx, fr_dcursor_t *out, xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *in)
Definition xlat_expr.c:1197
expr_quote_table
static fr_table_num_sorted_t const expr_quote_table[]
Definition xlat_expr.c:2046
XLAT_REGISTER_BINARY_OP
#define XLAT_REGISTER_BINARY_OP(_op, _name)
Definition xlat_expr.c:1790
XLAT_REGEX_FUNC
#define XLAT_REGEX_FUNC(_name, _op)
Definition xlat_expr.c:814
xlat_binary_op
static xlat_action_t xlat_binary_op(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *in, fr_token_t op, fr_type_t default_type, fr_dict_attr_t const *enumv)
Definition xlat_expr.c:302
valid_type
static bool valid_type(xlat_exp_t *node)
Definition xlat_expr.c:2694
xlat_logical_and
static bool xlat_logical_and(xlat_logical_rctx_t *rctx, fr_value_box_list_t const *in)
See if the input is truthy or not.
Definition xlat_expr.c:1255
xlat_logical_rctx_t::last_success
bool last_success
Definition xlat_expr.c:863
xlat_logical_rctx_t::box
fr_value_box_t * box
output value-box
Definition xlat_expr.c:864
xlat_logical_inst_t::stop_on_match
bool stop_on_match
Definition xlat_expr.c:855
XLAT_DEBUG
#define XLAT_DEBUG(...)
Definition xlat_expr.c:38
xlat_regex_rctx_t::list
fr_value_box_list_t list
Definition xlat_expr.c:507
xlat_regex_op
static xlat_action_t xlat_regex_op(TALLOC_CTX *ctx, fr_dcursor_t *out, xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *in, fr_token_t op)
Definition xlat_expr.c:781
xlat_func_unary_not
static xlat_action_t xlat_func_unary_not(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, UNUSED request_t *request, fr_value_box_list_t *in)
Definition xlat_expr.c:1448
xlat_regex_inst_t::regex_flags
fr_regex_flags_t * regex_flags
Definition xlat_expr.c:502
xlat_node_matches_bool
static bool xlat_node_matches_bool(bool *result, xlat_exp_t *parent, xlat_exp_head_t *head, bool sense)
Definition xlat_expr.c:917
xlat_instantiate_regex
static int xlat_instantiate_regex(xlat_inst_ctx_t const *xctx)
Definition xlat_expr.c:574
xlat_func_unary_op
static xlat_action_t xlat_func_unary_op(TALLOC_CTX *ctx, fr_dcursor_t *out, UNUSED xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *in, fr_token_t op)
Definition xlat_expr.c:1404
xlat_expr_resolve_binary
static int xlat_expr_resolve_binary(xlat_exp_t *node, UNUSED void *inst, xlat_res_rules_t const *xr_rules)
Definition xlat_expr.c:174
logical_ops
static const bool logical_ops[T_TOKEN_LAST]
Definition xlat_expr.c:1948
xlat_logical_inst_t::callback
xlat_func_t callback
Definition xlat_expr.c:856
xlat_exists_rctx_t::last_success
bool last_success
Definition xlat_expr.c:1687
binary_op_xlat_args
static xlat_arg_parser_t const binary_op_xlat_args[]
Definition xlat_expr.c:296
xlat_attr_exists
static xlat_action_t xlat_attr_exists(TALLOC_CTX *ctx, fr_dcursor_t *out, request_t *request, tmpl_t const *vpt, bool do_free)
Definition xlat_expr.c:1747
binary_cmp_xlat_args
static xlat_arg_parser_t const binary_cmp_xlat_args[]
Definition xlat_expr.c:388
multivalue_ops
static const bool multivalue_ops[T_TOKEN_LAST]
Definition xlat_expr.c:1961
tokenize_unary
static fr_slen_t tokenize_unary(xlat_exp_head_t *head, xlat_exp_t **out, fr_sbuff_t *in, fr_sbuff_parse_rules_t const *p_rules, tmpl_rules_t const *t_rules, fr_sbuff_parse_rules_t const *bracket_rules, char *out_c, bool cond))
Definition xlat_expr.c:2068
binary_ops
static const fr_sbuff_term_elem_t binary_ops[T_TOKEN_LAST]
Definition xlat_expr.c:1916
xlat_logical_or
static bool xlat_logical_or(xlat_logical_rctx_t *rctx, fr_value_box_list_t const *in)
See if the input is truthy or not.
Definition xlat_expr.c:1155
xlat_logical_rctx_t::current
int current
Definition xlat_expr.c:865
xlat_regex_inst_t::op
fr_token_t op
Definition xlat_expr.c:499
xlat_logical_rctx_t::ctx
TALLOC_CTX * ctx
Definition xlat_expr.c:862
xlat_regex_inst_t::regex
regex_t * regex
precompiled regex
Definition xlat_expr.c:500
XLAT_REGISTER_NARY_OP
#define XLAT_REGISTER_NARY_OP(_op, _name, _func_name)
Definition xlat_expr.c:1811
xlat_instantiate_expr_rcode
static int xlat_instantiate_expr_rcode(xlat_inst_ctx_t const *xctx)
Convert static expr_rcode arguments into rcodes.
Definition xlat_expr.c:1505
fr_value_box_init_zero
static void fr_value_box_init_zero(fr_value_box_t *vb, fr_type_t type)
Definition xlat_expr.c:279
xlat_regex_resume
static xlat_action_t xlat_regex_resume(TALLOC_CTX *ctx, fr_dcursor_t *out, xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *in)
Definition xlat_expr.c:741
expr_assignment_op_table
static fr_table_num_ordered_t const expr_assignment_op_table[]
Definition xlat_expr.c:2660
xlat_exists_alloc
static xlat_exp_t * xlat_exists_alloc(TALLOC_CTX *ctx, xlat_exp_t *child)
Allocate a specific cast node.
Definition xlat_expr.c:112
expr_cast_alloc
static xlat_exp_t * expr_cast_alloc(TALLOC_CTX *ctx, fr_type_t type, xlat_exp_t *child)
Allocate a specific cast node.
Definition xlat_expr.c:2171
regex_search_xlat_args
static xlat_arg_parser_t const regex_search_xlat_args[]
Definition xlat_expr.c:624
expr_cast_from_substr
static fr_slen_t expr_cast_from_substr(fr_type_t *cast, fr_sbuff_t *in)
Definition xlat_expr.c:2208
tokenize_rcode
static ssize_t tokenize_rcode(xlat_exp_head_t *head, xlat_exp_t **out, fr_sbuff_t *in, fr_sbuff_term_t const *terminals)
Definition xlat_expr.c:2342
XLAT_REGISTER_BINARY_CMP
#define XLAT_REGISTER_BINARY_CMP(_op, _name)
Definition xlat_expr.c:1800
xlat_func_rcode_arg
static xlat_arg_parser_t const xlat_func_rcode_arg[]
Takes no arguments.
Definition xlat_expr.c:1649
xlat_expr_logical_purify
static int xlat_expr_logical_purify(xlat_exp_t *node, void *instance, request_t *request)
If any argument resolves to inst->stop_on_match, the entire thing is a bool of inst->stop_on_match.
Definition xlat_expr.c:991
xlat_logical_rctx_t::list
fr_value_box_list_t list
Definition xlat_expr.c:866
xlat_rcode_inst_t::rcode
rlm_rcode_t rcode
The preparsed rcode.
Definition xlat_expr.c:1497
xlat_logical_inst_t::argv
xlat_exp_head_t ** argv
Definition xlat_expr.c:858
xlat_expr_print_exists
static fr_slen_t xlat_expr_print_exists(fr_sbuff_t *out, xlat_exp_t const *node, void *instance, fr_sbuff_escape_rules_t const *e_rules)
Definition xlat_expr.c:1699
xlat_instantiate_logical
static int xlat_instantiate_logical(xlat_inst_ctx_t const *xctx)
Definition xlat_expr.c:1354
XLAT_REGISTER_UNARY
#define XLAT_REGISTER_UNARY(_op, _xlat, _func)
Definition xlat_expr.c:1839
unary_op_xlat_args
static xlat_arg_parser_t const unary_op_xlat_args[]
Definition xlat_expr.c:1399
xlat_tokenize_expression
fr_slen_t xlat_tokenize_expression(TALLOC_CTX *ctx, xlat_exp_head_t **out, fr_sbuff_t *in, fr_sbuff_parse_rules_t const *p_rules, tmpl_rules_t const *t_rules)
Definition xlat_expr.c:3120
xlat_func_expr_rcode_arg
static xlat_arg_parser_t const xlat_func_expr_rcode_arg[]
Definition xlat_expr.c:1489
tokenize_regex_rhs
static fr_slen_t tokenize_regex_rhs(xlat_exp_head_t *head, xlat_exp_t **out, fr_sbuff_t *in, tmpl_rules_t const *t_rules, fr_sbuff_parse_rules_t const *bracket_rules)
Definition xlat_expr.c:2248
xlat_expr_print_regex
static fr_slen_t xlat_expr_print_regex(fr_sbuff_t *out, xlat_exp_t const *node, void *instance, fr_sbuff_escape_rules_t const *e_rules)
Definition xlat_expr.c:510
operator_terms
static const fr_sbuff_term_t operator_terms
Definition xlat_expr.c:3024
XLAT_REGISTER_REGEX_OP
#define XLAT_REGISTER_REGEX_OP(_op, _name)
Definition xlat_expr.c:1822
xlat_logical_and_resume
static xlat_action_t xlat_logical_and_resume(TALLOC_CTX *ctx, fr_dcursor_t *out, xlat_ctx_t const *xctx, request_t *request, fr_value_box_list_t *in)
Definition xlat_expr.c:1302
tokenize_expression
static ssize_t tokenize_expression(xlat_exp_head_t *head, xlat_exp_t **out, fr_sbuff_t *in, fr_sbuff_parse_rules_t const *p_rules, tmpl_rules_t const *t_rules, fr_token_t prev, fr_sbuff_parse_rules_t const *bracket_rules, fr_sbuff_parse_rules_t const *input_rules, bool cond))
Tokenize a mathematical operation.
Definition xlat_expr.c:2733
XLAT_CMP_FUNC
#define XLAT_CMP_FUNC(_name, _op)
Definition xlat_expr.c:481
tokenize_field
static ssize_t tokenize_field(xlat_exp_head_t *head, xlat_exp_t **out, fr_sbuff_t *in, fr_sbuff_parse_rules_t const *p_rules, tmpl_rules_t const *t_rules, fr_sbuff_parse_rules_t const *bracket_rules, char *out_c, bool cond))
Definition xlat_expr.c:2391
xlat_tokenize_condition
fr_slen_t xlat_tokenize_condition(TALLOC_CTX *ctx, xlat_exp_head_t **out, fr_sbuff_t *in, fr_sbuff_parse_rules_t const *p_rules, tmpl_rules_t const *t_rules)
Definition xlat_expr.c:3148
xlat_regex_do_op
static xlat_action_t xlat_regex_do_op(TALLOC_CTX *ctx, request_t *request, fr_value_box_list_t *in, regex_t **preg, fr_dcursor_t *out, fr_token_t op)
Perform a regular expressions comparison between two operands.
Definition xlat_expr.c:652
xlat_exists_inst_t
Definition xlat_expr.c:1682
xlat_exists_rctx_t
Definition xlat_expr.c:1686
xlat_logical_inst_t
Definition xlat_expr.c:854
xlat_logical_rctx_t
Definition xlat_expr.c:861
xlat_rcode_inst_t
Holds the result of pre-parsing the rcode on startup.
Definition xlat_expr.c:1496
xlat_regex_inst_t
Definition xlat_expr.c:498
xlat_regex_rctx_t
Definition xlat_expr.c:505
xlat_func_flags_set
void xlat_func_flags_set(xlat_t *x, xlat_func_flags_t flags)
Specify flags that alter the xlat's behaviour.
Definition xlat_func.c:399
xlat_func_args_set
int xlat_func_args_set(xlat_t *x, xlat_arg_parser_t const args[])
Register the arguments of an xlat.
Definition xlat_func.c:363
xlat_func_register
xlat_t * xlat_func_register(TALLOC_CTX *ctx, char const *name, xlat_func_t func, fr_type_t return_type)
Register an xlat function.
Definition xlat_func.c:216
xlat_func_print_set
void xlat_func_print_set(xlat_t *xlat, xlat_print_t func)
Set a print routine for an xlat function.
Definition xlat_func.c:411
xlat_func_find
xlat_t * xlat_func_find(char const *in, ssize_t inlen)
Definition xlat_func.c:77
xlat_func_instantiate_set
#define xlat_func_instantiate_set(_xlat, _instantiate, _inst_struct, _detach, _uctx)
Set a callback for global instantiation of xlat functions.
Definition xlat_func.h:93
XLAT_FUNC_FLAG_PURE
@ XLAT_FUNC_FLAG_PURE
Definition xlat_func.h:38
XLAT_FUNC_FLAG_INTERNAL
@ XLAT_FUNC_FLAG_INTERNAL
Definition xlat_func.h:39
xlat_exp_head_alloc
#define xlat_exp_head_alloc(_ctx)
Definition xlat_priv.h:273
xlat_exp_s::flags
xlat_flags_t flags
Flags that control resolution and evaluation.
Definition xlat_priv.h:154
xlat_exp_next
static xlat_exp_t * xlat_exp_next(xlat_exp_head_t const *head, xlat_exp_t const *node)
Definition xlat_priv.h:246
xlat_exp_head_s::flags
xlat_flags_t flags
Flags that control resolution and evaluation.
Definition xlat_priv.h:190
xlat_tokenize_word
fr_slen_t xlat_tokenize_word(TALLOC_CTX *ctx, xlat_exp_t **out, fr_sbuff_t *in, fr_token_t quote, fr_sbuff_parse_rules_t const *p_rules, tmpl_rules_t const *t_rules)
Definition xlat_tokenize.c:1363
xlat_exp_s::quote
fr_token_t quote
Type of quoting around XLAT_GROUP types.
Definition xlat_priv.h:152
XLAT_BOX
@ XLAT_BOX
fr_value_box_t
Definition xlat_priv.h:108
XLAT_TMPL
@ XLAT_TMPL
xlat attribute
Definition xlat_priv.h:112
XLAT_FUNC
@ XLAT_FUNC
xlat module
Definition xlat_priv.h:110
XLAT_GROUP
@ XLAT_GROUP
encapsulated string of xlats
Definition xlat_priv.h:116
xlat_flags_merge
static void xlat_flags_merge(xlat_flags_t *parent, xlat_flags_t const *child)
Merge flags from child to parent.
Definition xlat_priv.h:229
xlat_exp_set_type
#define xlat_exp_set_type(_node, _type)
Definition xlat_priv.h:276
xlat_s::token
fr_token_t token
for expressions
Definition xlat_priv.h:70
xlat_exp_s::fmt
char const *_CONST fmt
The original format string (a talloced buffer).
Definition xlat_priv.h:151
xlat_print_node
ssize_t xlat_print_node(fr_sbuff_t *out, xlat_exp_head_t const *head, xlat_exp_t const *node, fr_sbuff_escape_rules_t const *e_rules, char c)
Definition xlat_tokenize.c:1119
xlat_purify_list
int xlat_purify_list(xlat_exp_head_t *head, request_t *request)
Definition xlat_purify.c:60
xlat_exp_s::type
xlat_type_t _CONST type
type of this expansion.
Definition xlat_priv.h:155
xlat_exp_alloc
#define xlat_exp_alloc(_ctx, _type, _in, _inlen)
Definition xlat_priv.h:282
xlat_s::flags
xlat_flags_t flags
various flags
Definition xlat_priv.h:92
xlat_exp_foreach
#define xlat_exp_foreach(_list_head, _iter)
Iterate over the contents of a list, only one level.
Definition xlat_priv.h:222
xlat_exp_insert_tail
static int xlat_exp_insert_tail(xlat_exp_head_t *head, xlat_exp_t *node)
Definition xlat_priv.h:238
xlat_exp_head
static xlat_exp_t * xlat_exp_head(xlat_exp_head_t const *head)
Definition xlat_priv.h:209
xlat_exp_head_s
Definition xlat_priv.h:188
xlat_exp_s
An xlat expansion node.
Definition xlat_priv.h:148
xlat_s
Definition xlat_priv.h:59
Generated by   doxygen 1.9.8