2 * valuepair.c Functions to handle VALUE_PAIRs
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2.1 of the License, or (at your option) any later version.
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, write to the Free Software
18 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307, USA
20 * Copyright 2000 The FreeRADIUS server project
23 static const char rcsid[] = "$Id$";
27 #include <sys/types.h>
34 #include "libradius.h"
46 static const char *months[] = {
47 "jan", "feb", "mar", "apr", "may", "jun",
48 "jul", "aug", "sep", "oct", "nov", "dec" };
52 * Create a new valuepair.
54 VALUE_PAIR *paircreate(int attr, int type)
59 if ((vp = malloc(sizeof(VALUE_PAIR))) == NULL) {
60 librad_log("out of memory");
63 memset(vp, 0, sizeof(VALUE_PAIR));
65 vp->operator = T_OP_EQ;
69 * Dictionary type over-rides what the caller says.
71 if ((da = dict_attrbyvalue(attr)) != NULL) {
72 strcpy(vp->name, da->name);
74 vp->flags = da->flags;
75 } else if (VENDOR(attr) == 0) {
76 sprintf(vp->name, "Attr-%u", attr);
80 v = dict_vendorbyvalue(VENDOR(attr));
82 sprintf(vp->name, "%s-Attr-%u",
83 v->name, attr & 0xffff);
85 sprintf(vp->name, "Vendor-%u-Attr-%u",
86 VENDOR(attr), attr & 0xffff);
104 * release the memory used by a single attribute-value pair
105 * just a wrapper around free() for now.
107 void pairbasicfree(VALUE_PAIR *pair)
109 /* clear the memory here */
110 memset(pair, 0, sizeof(*pair));
115 * Release the memory used by a list of attribute-value
116 * pairs, and sets the pair pointer to NULL.
118 void pairfree(VALUE_PAIR **pair_ptr)
120 VALUE_PAIR *next, *pair;
122 if (!pair_ptr) return;
125 while (pair != NULL) {
136 * Find the pair with the matching attribute
138 VALUE_PAIR * pairfind(VALUE_PAIR *first, int attr)
140 while(first && first->attribute != attr)
147 * Delete the pair(s) with the matching attribute
149 void pairdelete(VALUE_PAIR **first, int attr)
151 VALUE_PAIR *i, *next;
152 VALUE_PAIR **last = first;
154 for(i = *first; i; i = next) {
156 if (i->attribute == attr) {
166 * Add a pair at the end of a VALUE_PAIR list.
168 void pairadd(VALUE_PAIR **first, VALUE_PAIR *add)
172 if (*first == NULL) {
176 for(i = *first; i->next; i = i->next)
182 * Add or replace a pair at the end of a VALUE_PAIR list.
184 void pairreplace(VALUE_PAIR **first, VALUE_PAIR *replace)
186 VALUE_PAIR *i, *next;
187 VALUE_PAIR **prev = first;
189 if (*first == NULL) {
195 * Not an empty list, so find item if it is there, and
196 * replace it. Note, we always replace the first one, and
197 * we ignore any others that might exist.
199 for(i = *first; i; i = next) {
203 * Found the first attribute, replace it,
206 if (i->attribute == replace->attribute) {
210 * Should really assert that replace->next == NULL
212 replace->next = next;
218 * Point to where the attribute should go.
224 * If we got here, we didn't find anything to replace, so
225 * stopped at the last item, which we just append to.
231 * Copy just a certain type of pairs.
233 VALUE_PAIR *paircopy2(VALUE_PAIR *vp, int attr)
235 VALUE_PAIR *first, *n, **last;
241 if (attr >= 0 && vp->attribute != attr) {
245 if ((n = (VALUE_PAIR *)malloc(sizeof(VALUE_PAIR))) == NULL) {
246 librad_log("out of memory");
249 memcpy(n, vp, sizeof(VALUE_PAIR));
262 VALUE_PAIR *paircopy(VALUE_PAIR *vp)
264 return paircopy2(vp, -1);
269 * Move attributes from one list to the other
270 * if not already present.
272 void pairmove(VALUE_PAIR **to, VALUE_PAIR **from)
274 VALUE_PAIR **tailto, *i, *j, *next;
275 VALUE_PAIR *tailfrom = NULL;
277 int has_password = 0;
286 * First, see if there are any passwords here, and
287 * point "tailto" to the end of the "to" list.
290 for(i = *to; i; i = i->next) {
291 if (i->attribute == PW_PASSWORD ||
292 i->attribute == PW_CRYPT_PASSWORD)
298 * Loop over the "from" list.
300 for(i = *from; i; i = next) {
303 * If there was a password in the "to" list,
304 * do not move any other password from the
305 * "from" to the "to" list.
308 (i->attribute == PW_PASSWORD ||
309 i->attribute == PW_CRYPT_PASSWORD)) {
314 * If the attribute is already present in "to",
315 * do not move it from "from" to "to". We make
316 * an exception for "Hint" which can appear multiple
317 * times, and we never move "Fall-Through".
319 if (i->attribute == PW_FALL_THROUGH ||
320 (i->attribute != PW_HINT && i->attribute != PW_FRAMED_ROUTE)) {
322 found = pairfind(*to, i->attribute);
323 switch (i->operator) {
326 * If a similar attribute is found,
329 case T_OP_SUB: /* -= */
331 if (!i->strvalue[0] ||
332 (strcmp((char *)found->strvalue,
333 (char *)i->strvalue) == 0)){
334 pairdelete(to, found->attribute);
337 * 'tailto' may have been
341 for(j = *to; j; j = j->next) {
350 /* really HAVE_REGEX_H */
353 * Attr-Name =~ "s/find/replace/"
355 * Very bad code. Barely working,
361 (i->strvalue[0] == 's')) {
369 q = strchr(p + 1, *p);
370 if (!q || (q[strlen(q) - 1] != *p)) {
374 str = strdup(i->strvalue + 2);
377 q[strlen(q) - 1] = '\0';
379 regcomp(®, str, 0);
380 if (regexec(®, found->strvalue,
382 fprintf(stderr, "\"%s\" will have %d to %d replaced with %s\n",
383 found->strvalue, match[0].rm_so,
390 tailfrom = i; /* don't copy it over */
394 case T_OP_EQ: /* = */
396 * FIXME: Tunnel attributes with
397 * different tags are different
402 continue; /* with the loop */
407 * If a similar attribute is found,
408 * replace it with the new one. Otherwise,
409 * add the new one to the list.
411 case T_OP_SET: /* := */
413 pairdelete(to, found->attribute);
415 * 'tailto' may have been
419 for(j = *to; j; j = j->next) {
426 * Add the new element to the list, even
427 * if similar ones already exist.
430 case T_OP_ADD: /* += */
435 tailfrom->next = next;
440 * If ALL of the 'to' attributes have been deleted,
441 * then ensure that the 'tail' is updated to point
456 * Move one kind of attributes from one list to the other
458 void pairmove2(VALUE_PAIR **to, VALUE_PAIR **from, int attr)
460 VALUE_PAIR *to_tail, *i, *next;
461 VALUE_PAIR *iprev = NULL;
464 * Find the last pair in the "to" list and put it in "to_tail".
468 for(i = *to; i; i = i->next)
473 for(i = *from; i; i = next) {
478 * If the attribute to move is NOT a VSA, then it
479 * ignores any attributes which do not match exactly.
481 if ((attr != PW_VENDOR_SPECIFIC) &&
482 (i->attribute != attr)) {
488 * If the attribute to move IS a VSA, then it ignores
489 * any non-VSA attribute.
491 if ((attr == PW_VENDOR_SPECIFIC) &&
492 (VENDOR(i->attribute) == 0)) {
498 * Remove the attribute from the "from" list.
506 * Add the attribute to the "to" list.
519 * Sort of strtok/strsep function.
521 static char *mystrtok(char **ptr, const char *sep)
527 while (**ptr && strchr(sep, **ptr))
532 while (**ptr && strchr(sep, **ptr) == NULL)
540 * Turn printable string into time_t
541 * Returns -1 on error, 0 on OK.
543 static int gettime(const char *valstr, time_t *lvalue)
554 * Test for unix timestamp date
556 *lvalue = strtoul(valstr, &tail, 10);
562 memset(tm, 0, sizeof(*tm));
563 tm->tm_isdst = -1; /* don't know, and don't care about DST */
565 strNcpy(buf, valstr, sizeof(buf));
568 f[0] = mystrtok(&p, " \t");
569 f[1] = mystrtok(&p, " \t");
570 f[2] = mystrtok(&p, " \t");
571 f[3] = mystrtok(&p, " \t"); /* may, or may not, be present */
572 if (!f[0] || !f[1] || !f[2]) return -1;
575 * The month is text, which allows us to find it easily.
578 for (i = 0; i < 3; i++) {
579 if (isalpha( (int) *f[i])) {
581 * Bubble the month to the front of the list
587 for (i = 0; i < 12; i++) {
588 if (strncasecmp(months[i], f[0], 3) == 0) {
596 /* month not found? */
597 if (tm->tm_mon == 12) return -1;
600 * The year may be in f[1], or in f[2]
602 tm->tm_year = atoi(f[1]);
603 tm->tm_mday = atoi(f[2]);
605 if (tm->tm_year >= 1900) {
610 * We can't use 2-digit years any more, they make it
611 * impossible to tell what's the day, and what's the year.
613 if (tm->tm_mday < 1900) return -1;
616 * Swap the year and the day.
619 tm->tm_year = tm->tm_mday - 1900;
624 * If the day is out of range, die.
626 if ((tm->tm_mday < 1) || (tm->tm_mday > 31)) {
631 * There may be %H:%M:%S. Parse it in a hacky way.
634 f[0] = f[3]; /* HH */
635 f[1] = strchr(f[0], ':'); /* find : separator */
636 if (!f[1]) return -1;
638 *(f[1]++) = '\0'; /* nuke it, and point to MM:SS */
640 f[2] = strchr(f[1], ':'); /* find : separator */
641 if (!f[2]) return -1;
642 *(f[2]++) = '\0'; /* nuke it, and point to SS */
644 tm->tm_hour = atoi(f[0]);
645 tm->tm_min = atoi(f[1]);
646 tm->tm_sec = atoi(f[2]);
650 * Returns -1 on error.
653 if (t == (time_t) -1) return -1;
661 * Parse a string value into a given VALUE_PAIR
663 VALUE_PAIR *pairparsevalue(VALUE_PAIR *vp, const char *value)
670 * Even for integers, dates and ip addresses we
671 * keep the original string in vp->strvalue.
673 strNcpy((char *)vp->strvalue, value, sizeof(vp->strvalue));
674 vp->length = strlen(vp->strvalue);
679 * Already handled above.
685 * FIXME: complain if hostname
686 * cannot be resolved, or resolve later!
688 if ((p = strrchr(value, '+')) != NULL && !p[1]) {
689 cs = s = strdup(value);
692 vp->flags.addport = 1;
697 vp->lvalue = librad_dodns ? ip_getaddr(cs) :
702 case PW_TYPE_INTEGER:
704 * If it starts with a digit, it must
705 * be a number (or a range).
707 * Note that ALL integers are unsigned!
709 if (isdigit((int) *value)) {
710 vp->lvalue = (uint32_t) strtoul(value, NULL, 10);
714 * Look for the named value for the given
717 else if ((dval = dict_valbyname(vp->attribute, value)) == NULL) {
718 librad_log("Unknown value %s for attribute %s",
722 vp->lvalue = dval->value;
728 if (gettime(value, (time_t *)&vp->lvalue) < 0) {
729 librad_log("failed to parse time string "
735 case PW_TYPE_ABINARY:
738 * Special case to convert filter to binary
740 strNcpy(vp->strvalue, value, sizeof(vp->strvalue));
741 if (ascend_parse_filter(vp) < 0 ) {
742 librad_log("failed to parse Ascend binary attribute: %s",
748 * If Ascend binary is NOT defined,
749 * then fall through to raw octets, so that
750 * the user can at least make them by hand...
753 /* raw octets: 0x01020304... */
755 if (strncasecmp(value, "0x", 2) == 0) {
761 while (*cp && vp->length < MAX_STRING_LEN) {
764 if (sscanf(cp, "%02x", &tmp) != 1) {
765 librad_log("Non-hex characters at %c%c", cp[0], cp[1]);
778 if (ifid_aton(value, vp->strvalue) == NULL) {
779 librad_log("failed to parse interface-id "
780 "string \"%s\"", value);
784 vp->strvalue[vp->length] = '\0';
787 case PW_TYPE_IPV6ADDR:
788 if (ipv6_addr(value, vp->strvalue) < 0) {
789 librad_log("failed to parse IPv6 address "
790 "string \"%s\"", value);
793 vp->length = 16; /* length of IPv6 address */
794 vp->strvalue[vp->length] = '\0';
800 librad_log("unknown attribute type %d", vp->type);
808 * Create a VALUE_PAIR from an ASCII attribute and value,
809 * where the attribute name is in the form:
814 static VALUE_PAIR *pairmake_any(const char *attribute, const char *value,
823 * Unknown attributes MUST be of type 'octets'
825 if (strncasecmp(value, "0x", 2) != 0) {
832 if (strncasecmp(attribute, "Attr-", 5) == 0) {
833 attr = atoi(attribute + 5);
835 p += strspn(p, "0123456789");
836 if (*p != 0) goto error;
842 } else if (strncasecmp(attribute, "Vendor-", 7) == 0) {
845 vendor = atoi(attribute + 7);
846 if ((vendor == 0) || (vendor > 65535)) goto error;
849 p += strspn(p, "0123456789");
852 * Not Vendor-%d-Attr-%d
854 if (strncasecmp(p, "-Attr-", 6) != 0) goto error;
859 p += strspn(p, "0123456789");
860 if (*p != 0) goto error;
862 if ((attr == 0) || (attr > 65535)) goto error;
864 attr |= (vendor << 16);
869 } else if (((p = strchr(attribute, '-')) != NULL) &&
870 (strncasecmp(p, "-Attr-", 6) == 0)) {
874 if ((p - attribute) >= sizeof(buffer)) goto error;
876 memcpy(buffer, attribute, p - attribute);
877 buffer[p - attribute] = '\0';
879 vendor = dict_vendorbyname(buffer);
880 if (vendor == 0) goto error;
885 p += strspn(p, "0123456789");
886 if (*p != 0) goto error;
888 if ((attr == 0) || (attr > 65535)) goto error;
890 attr |= (vendor << 16);
892 } else { /* very much unknown: die */
894 librad_log("Unknown attribute %s", attribute);
899 * We've now parsed the attribute properly, and verified
900 * it to have value 'octets'. Let's create it.
902 if ((vp = (VALUE_PAIR *)malloc(sizeof(VALUE_PAIR))) == NULL) {
903 librad_log("out of memory");
906 memset(vp, 0, sizeof(VALUE_PAIR));
907 vp->type = PW_TYPE_OCTETS;
910 * It may not be valid hex characters. If not, die.
912 if (pairparsevalue(vp, value) == NULL) {
918 * Dictionary type over-rides what the caller says.
919 * This "converts" the parsed value into the appropriate
922 * Also, normalize the name of the attribute...
924 * Much of this code is copied from paircreate()
926 if ((da = dict_attrbyvalue(attr)) != NULL) {
927 strcpy(vp->name, da->name);
929 vp->flags = da->flags;
932 * Sanity check the type for length. We don't
933 * want to look at attributes which are of the
938 case PW_TYPE_INTEGER:
939 case PW_TYPE_IPADDR: /* always kept in network byte order */
940 if (vp->length != 4) {
943 librad_log("Attribute has invalid length");
946 memcpy(&vp->lvalue, vp->strvalue, sizeof(vp->lvalue));
950 if (vp->length != 8) goto length_error;
953 case PW_TYPE_IPV6ADDR:
954 if (vp->length != 16) goto length_error;
958 case PW_TYPE_ABINARY:
959 if (vp->length != 32) goto length_error;
962 default: /* string, octets, etc. */
966 } else if (VENDOR(attr) == 0) {
967 sprintf(vp->name, "Attr-%u", attr);
969 sprintf(vp->name, "Vendor-%u-Attr-%u",
970 VENDOR(attr), attr & 0xffff);
973 vp->attribute = attr;
974 vp->operator = (operator == 0) ? T_OP_EQ : operator;
982 * Create a VALUE_PAIR from an ASCII attribute and value.
984 VALUE_PAIR *pairmake(const char *attribute, const char *value, int operator)
997 * Check for tags in 'Attribute:Tag' format.
1002 ts = strrchr( attribute, ':' );
1004 /* Colon found with something behind it */
1005 if (ts[1] == '*' && ts[2] == 0) {
1006 /* Wildcard tag for check items */
1009 } else if ((ts[1] >= '0') && (ts[1] <= '9')) {
1010 /* It's not a wild card tag */
1011 tag = strtol(ts + 1, &tc, 0);
1012 if (tc && !*tc && TAG_VALID_ZERO(tag))
1016 librad_log("Invalid tag for attribute %s", attribute);
1023 * It's not found in the dictionary, so we use
1024 * another method to create the attribute.
1026 if ((da = dict_attrbyname(attribute)) == NULL) {
1027 return pairmake_any(attribute, value, operator);
1030 if ((vp = (VALUE_PAIR *)malloc(sizeof(VALUE_PAIR))) == NULL) {
1031 librad_log("out of memory");
1035 memset(vp, 0, sizeof(VALUE_PAIR));
1036 vp->attribute = da->attr;
1037 vp->type = da->type;
1038 vp->operator = (operator == 0) ? T_OP_EQ : operator;
1039 strcpy(vp->name, da->name);
1040 vp->flags = da->flags;
1043 /* Check for a tag in the 'Merit' format of:
1044 * :Tag:Value. Print an error if we already found
1045 * a tag in the Attribute.
1048 if (value && (*value == ':' && da->flags.has_tag)) {
1049 /* If we already found a tag, this is invalid */
1052 librad_log("Duplicate tag %s for attribute %s",
1054 DEBUG("Duplicate tag %s for attribute %s\n",
1059 /* Colon found and attribute allows a tag */
1060 if (value[1] == '*' && value[2] == ':') {
1061 /* Wildcard tag for check items */
1066 tag = strtol(value + 1, &tc, 0);
1067 if (tc && *tc==':' && TAG_VALID_ZERO(tag))
1075 vp->flags.tag = tag;
1078 switch (vp->operator) {
1083 * For =* and !* operators, the value is irrelevant
1087 case T_OP_CMP_FALSE:
1088 vp->strvalue[0] = '\0';
1094 * Regular expression comparison of integer attributes
1095 * does a STRING comparison of the names of their
1096 * integer attributes.
1098 case T_OP_REG_EQ: /* =~ */
1099 case T_OP_REG_NE: /* !~ */
1100 if (vp->type == PW_TYPE_INTEGER) {
1105 * Regular expression match with no regular
1106 * expression is wrong.
1113 res = regcomp(&cre, value, REG_EXTENDED|REG_NOSUB);
1117 regerror(res, &cre, msg, sizeof(msg));
1118 librad_log("Illegal regular expression in attribute: %s: %s",
1125 librad_log("Regelar expressions not enabled in this build, error in attribute %s",
1132 if (value && (pairparsevalue(vp, value) == NULL)) {
1141 * Read a valuepair from a buffer, and advance pointer.
1142 * Sets *eol to T_EOL if end of line was encountered.
1144 VALUE_PAIR *pairread(char **ptr, LRAD_TOKEN *eol)
1150 LRAD_TOKEN token, t, xlat;
1155 /* Get attribute. */
1156 token = gettoken(ptr, attr, sizeof(attr));
1158 /* If it's a comment, then exit, as we haven't read a pair */
1159 if (token == T_HASH) {
1161 librad_log("Read a comment instead of a token");
1165 /* It's not a comment, so it MUST be an attribute */
1166 if ((token == T_EOL) ||
1168 librad_log("No token read where we expected an attribute name");
1172 /* Now we should have an '=' here. */
1173 token = gettoken(ptr, buf, sizeof(buf));
1174 if (token < T_EQSTART || token > T_EQEND) {
1175 librad_log("expecting '='");
1179 /* Read value. Note that empty string values are allowed */
1180 xlat = gettoken(ptr, value, sizeof(value));
1181 if (xlat == T_EOL) {
1182 librad_log("failed to get value");
1187 * Peek at the next token. Must be T_EOL, T_COMMA, or T_HASH
1190 t = gettoken(&p, buf, sizeof(buf));
1191 if (t != T_EOL && t != T_COMMA && t != T_HASH) {
1192 librad_log("Expected end of line or comma");
1203 * Make the full pair now.
1206 vp = pairmake(attr, value, token);
1210 * Mark the pair to be allocated later.
1212 case T_BACK_QUOTED_STRING:
1213 vp = pairmake(attr, NULL, token);
1216 vp->flags.do_xlat = 1;
1217 strNcpy(vp->strvalue, value, sizeof(vp->strvalue));
1226 * Read one line of attribute/value pairs. This might contain
1227 * multiple pairs seperated by comma's.
1229 LRAD_TOKEN userparse(char *buffer, VALUE_PAIR **first_pair)
1233 LRAD_TOKEN last_token = T_INVALID;
1234 LRAD_TOKEN previous_token;
1237 * We allow an empty line.
1244 previous_token = last_token;
1245 if ((vp = pairread(&p, &last_token)) == NULL) {
1248 pairadd(first_pair, vp);
1249 } while (*p && (last_token == T_COMMA));
1252 * Don't tell the caller that there was a comment.
1254 if (last_token == T_HASH) {
1255 return previous_token;
1259 * And return the last token which we read.
1265 * Read valuepairs from the fp up to End-Of-File.
1267 * Hmm... this function is only used by radclient..
1269 VALUE_PAIR *readvp2(FILE *fp, int *pfiledone, const char *errprefix)
1272 LRAD_TOKEN last_token = T_EOL;
1279 while (!error && fgets(buf, sizeof(buf), fp) != NULL) {
1281 * If we get a '\n' by itself, we assume that's
1282 * the end of that VP
1284 if ((buf[0] == '\n') && (list)) {
1287 if ((buf[0] == '\n') && (!list)) {
1292 * Comments get ignored
1294 if (buf[0] == '#') continue;
1297 * Read all of the attributes on the current line.
1300 last_token = userparse(buf, &vp);
1302 if (last_token != T_EOL) {
1303 librad_perror(errprefix);
1314 if (error) pairfree(&list);
1318 return error ? NULL: list;