2 * This program is free software; you can redistribute it and/or modify
3 * it under the terms of the GNU General Public License as published by
4 * the Free Software Foundation; either version 2 of the License, or
5 * (at your option) any later version.
7 * This program is distributed in the hope that it will be useful,
8 * but WITHOUT ANY WARRANTY; without even the implied warranty of
9 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
10 * GNU General Public License for more details.
12 * You should have received a copy of the GNU General Public License
13 * along with this program; if not, write to the Free Software
14 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
21 * @brief String expansion ("translation"). Implements %Attribute -> value
23 * @copyright 2000,2006 The FreeRADIUS server project
24 * @copyright 2000 Alan DeKok <aland@ox.org>
29 #include <freeradius-devel/radiusd.h>
30 #include <freeradius-devel/parser.h>
31 #include <freeradius-devel/rad_assert.h>
32 #include <freeradius-devel/base64.h>
36 typedef struct xlat_t {
37 char name[MAX_STRING_LEN]; //!< Name of the xlat expansion.
38 int length; //!< Length of name.
39 void *instance; //!< Module instance passed to xlat and escape functions.
40 RAD_XLAT_FUNC func; //!< xlat function.
41 RADIUS_ESCAPE_STRING escape; //!< Escape function to apply to dynamic input to func.
42 bool internal; //!< If true, cannot be redefined.
46 XLAT_LITERAL, //!< Literal string
47 XLAT_PERCENT, //!< Literal string with %v
48 XLAT_MODULE, //!< xlat module
49 XLAT_VIRTUAL, //!< virtual attribute
50 XLAT_ATTRIBUTE, //!< xlat attribute
52 XLAT_REGEX, //!< regex reference
54 XLAT_ALTERNATE //!< xlat conditional syntax :-
58 char const *fmt; //!< The format string.
59 size_t len; //!< Length of the format string.
61 xlat_state_t type; //!< type of this expansion.
62 xlat_exp_t *next; //!< Next in the list.
64 xlat_exp_t *child; //!< Nested expansion.
65 xlat_exp_t *alternate; //!< Alternative expansion if this one expanded to a zero length string.
67 value_pair_tmpl_t attr; //!< An attribute template.
68 xlat_t const *xlat; //!< The xlat expansion to expand format with.
71 typedef struct xlat_out {
72 char const *out; //!< Output data.
73 size_t len; //!< Length of the output string.
76 static rbtree_t *xlat_root = NULL;
79 static char const * const xlat_foreach_names[] = {"Foreach-Variable-0",
92 #if REQUEST_MAX_REGEX > 8
93 # error Please fix the following line
95 static int xlat_inst[] = { 0, 1, 2, 3, 4, 5, 6, 7, 8 }; /* up to 8 for regex */
97 char const *radiusd_short_version = RADIUSD_VERSION_STRING;
99 /** Print length of its RHS.
102 static ssize_t xlat_strlen(UNUSED void *instance, UNUSED REQUEST *request,
103 char const *fmt, char *out, size_t outlen)
105 snprintf(out, outlen, "%u", (unsigned int) strlen(fmt));
109 /** Print the size of the attribute in bytes.
112 static ssize_t xlat_length(UNUSED void *instance, UNUSED REQUEST *request,
113 char const *fmt, char *out, size_t outlen)
116 while (isspace((int) *fmt)) fmt++;
118 if ((radius_get_vp(&vp, request, fmt) < 0) || !vp) {
123 snprintf(out, outlen, "%zu", vp->length);
127 /** Print data as integer, not as VALUE.
130 static ssize_t xlat_integer(UNUSED void *instance, REQUEST *request,
131 char const *fmt, char *out, size_t outlen)
135 uint64_t int64 = 0; /* Needs to be initialised to zero */
136 uint32_t int32 = 0; /* Needs to be initialised to zero */
138 while (isspace((int) *fmt)) fmt++;
140 if ((radius_get_vp(&vp, request, fmt) < 0) || !vp) {
145 switch (vp->da->type) {
148 if (vp->length > 8) {
152 if (vp->length > 4) {
153 memcpy(&int64, vp->vp_octets, vp->length);
154 return snprintf(out, outlen, "%" PRIu64, htonll(int64));
157 memcpy(&int32, vp->vp_octets, vp->length);
158 return snprintf(out, outlen, "%i", htonl(int32));
160 case PW_TYPE_INTEGER64:
161 return snprintf(out, outlen, "%" PRIu64, vp->vp_integer64);
164 * IP addresses are treated specially, as parsing functions assume the value
165 * is bigendian and will convert it for us.
167 case PW_TYPE_IPV4_ADDR:
168 return snprintf(out, outlen, "%u", htonl(vp->vp_ipaddr));
170 case PW_TYPE_IPV4_PREFIX:
171 return snprintf(out, outlen, "%u", htonl((*(uint32_t *)(vp->vp_ipv4prefix + 2))));
173 case PW_TYPE_INTEGER:
175 return snprintf(out, outlen, "%u", vp->vp_integer);
177 return snprintf(out, outlen, "%u", (unsigned int) vp->vp_byte);
179 return snprintf(out, outlen, "%u", (unsigned int) vp->vp_short);
182 * Ethernet is weird... It's network related, so we assume to it should be
185 case PW_TYPE_ETHERNET:
186 memcpy(&int64, &vp->vp_ether, vp->length);
187 return snprintf(out, outlen, "%" PRIu64, htonll(int64));
190 return snprintf(out, outlen, "%i", vp->vp_signed);
192 case PW_TYPE_IPV6_ADDR:
193 return fr_prints_uint128(out, outlen, ntohlll(*(uint128_t const *) &vp->vp_ipv6addr));
195 case PW_TYPE_IPV6_PREFIX:
196 return fr_prints_uint128(out, outlen, ntohlll(*(uint128_t const *) &(vp->vp_ipv6prefix[2])));
202 REDEBUG("Type '%s' of length %zu cannot be converted to integer",
203 fr_int2str(dict_attr_types, vp->da->type, "???"), vp->length);
209 /** Print data as hex, not as VALUE.
212 static ssize_t xlat_hex(UNUSED void *instance, REQUEST *request,
213 char const *fmt, char *out, size_t outlen)
221 uint8_t const *buff = NULL;
223 while (isspace((int) *fmt)) fmt++;
225 if ((radius_get_vp(&vp, request, fmt) < 0) || !vp) {
234 if (vp->da->type == PW_TYPE_OCTETS) {
238 * Cast the value_data_t of the VP to an octets string and
242 ret = value_data_cast(request, &dst, PW_TYPE_OCTETS, NULL, vp->da->type,
243 NULL, &vp->data, vp->length);
245 REDEBUG("%s", fr_strerror());
249 p = buff = dst.octets;
255 * Don't truncate the data.
257 if (outlen < (len * 2)) {
258 rad_const_free(buff);
262 for (i = 0; i < len; i++) {
263 snprintf(out + 2*i, 3, "%02x", p[i]);
265 rad_const_free(buff);
270 /** Return the tag of an attribute reference
273 static ssize_t xlat_tag(UNUSED void *instance, REQUEST *request,
274 char const *fmt, char *out, size_t outlen)
278 while (isspace((int) *fmt)) fmt++;
280 if ((radius_get_vp(&vp, request, fmt) < 0) || !vp) {
285 if (!vp->da->flags.has_tag || !TAG_VALID(vp->tag)) {
290 return snprintf(out, outlen, "%u", vp->tag);
293 /** Print out attribute info
295 * Prints out all instances of a current attribute, or all attributes in a list.
297 * At higher debugging levels, also prints out alternative decodings of the same
298 * value. This is helpful to determine types for unknown attributes of long
299 * passed vendors, or just crazy/broken NAS.
301 * It's also useful for exposing issues in the packet decoding functions, as in
302 * some cases they get fed random garbage data.
304 * This expands to a zero length string.
306 static ssize_t xlat_debug_attr(UNUSED void *instance, REQUEST *request, char const *fmt,
307 char *out, UNUSED size_t outlen)
312 value_pair_tmpl_t vpt;
314 if (!RDEBUG_ENABLED2) {
319 while (isspace((int) *fmt)) fmt++;
321 if (tmpl_from_attr_str(&vpt, fmt, REQUEST_CURRENT, PAIR_LIST_REQUEST) <= 0) {
322 RDEBUG("%s", fr_strerror());
326 RIDEBUG("Attributes matching \"%s\"", fmt);
329 for (vp = tmpl_cursor_init(NULL, &cursor, request, &vpt);
331 vp = tmpl_cursor_next(&cursor, &vpt)) {
332 FR_NAME_NUMBER const *type;
335 value = vp_aprints_value(vp, vp, '\'');
336 if (vp->da->flags.has_tag) {
337 RIDEBUG2("&%s:%s:%i %s %s",
338 fr_int2str(pair_lists, vpt.tmpl_list, "<INVALID>"),
341 fr_int2str(fr_tokens, vp->op, "<INVALID>"),
344 RIDEBUG2("&%s:%s %s %s",
345 fr_int2str(pair_lists, vpt.tmpl_list, "<INVALID>"),
347 fr_int2str(fr_tokens, vp->op, "<INVALID>"),
352 if (!RDEBUG_ENABLED3) continue;
354 if (vp->da->vendor) {
357 dv = dict_vendorbyvalue(vp->da->vendor);
358 RIDEBUG2("Vendor : %i (%s)", vp->da->vendor, dv ? dv->name : "unknown");
360 RIDEBUG2("Type : %s", fr_int2str(dict_attr_types, vp->da->type, "<INVALID>"));
361 RIDEBUG2("Length : %zu", vp->length);
363 if (!RDEBUG_ENABLED4) continue;
365 type = dict_attr_types;
369 value_data_t *dst = NULL;
373 if ((PW_TYPE) type->number == vp->da->type) {
377 switch (type->number) {
378 case PW_TYPE_INVALID: /* Not real type */
379 case PW_TYPE_MAX: /* Not real type */
380 case PW_TYPE_EXTENDED: /* Not safe/appropriate */
381 case PW_TYPE_LONG_EXTENDED: /* Not safe/appropriate */
382 case PW_TYPE_TLV: /* Not safe/appropriate */
383 case PW_TYPE_EVS: /* Not safe/appropriate */
384 case PW_TYPE_VSA: /* @fixme We need special behaviour for these */
385 case PW_TYPE_COMBO_IP_ADDR: /* Covered by IPv4 address IPv6 address */
386 case PW_TYPE_COMBO_IP_PREFIX: /* Covered by IPv4 address IPv6 address */
387 case PW_TYPE_TIMEVAL: /* Not a VALUE_PAIR type */
395 dst = talloc_zero(vp, value_data_t);
396 ret = value_data_cast(dst, dst, type->number, NULL, vp->da->type, vp->da,
397 &vp->data, vp->length);
398 if (ret < 0) goto next_type; /* We expect some to fail */
400 value = vp_data_aprints_value(dst, type->number, NULL, dst, (size_t)ret, '\'');
401 if (!value) goto next_type;
403 if ((pad = (11 - strlen(type->name))) < 0) {
408 RDEBUG2("as %s%*s: %s", type->name, pad, " ", value);
421 /** Prints the current module processing the request
424 static ssize_t xlat_module(UNUSED void *instance, REQUEST *request,
425 UNUSED char const *fmt, char *out, size_t outlen)
427 strlcpy(out, request->module, outlen);
433 /** Implements the Foreach-Variable-X
437 static ssize_t xlat_foreach(void *instance, REQUEST *request,
438 UNUSED char const *fmt, char *out, size_t outlen)
444 * See modcall, "FOREACH" for how this works.
446 pvp = (VALUE_PAIR **) request_data_reference(request, radius_get_vp, *(int*) instance);
452 len = vp_prints_value(out, outlen, *pvp, 0);
453 if (is_truncated(len, outlen)) {
454 RDEBUG("Insufficient buffer space to write foreach value");
462 /** Print data as string, if possible.
464 * If attribute "Foo" is defined as "octets" it will normally
465 * be printed as 0x0a0a0a. The xlat "%{string:Foo}" will instead
468 static ssize_t xlat_string(UNUSED void *instance, REQUEST *request,
469 char const *fmt, char *out, size_t outlen)
476 while (isspace((int) *fmt)) fmt++;
484 if ((radius_get_vp(&vp, request, fmt) < 0) || !vp) goto nothing;
486 ret = rad_vp2data(&p, vp);
491 switch (vp->da->type) {
493 len = fr_print_string((char const *) p, vp->length, out, outlen, '\0');
497 len = strlcpy(out, vp->vp_strvalue, outlen);
501 len = fr_print_string((char const *) p, ret, out, outlen, '\0');
508 /** xlat expand string attribute value
511 static ssize_t xlat_xlat(UNUSED void *instance, REQUEST *request,
512 char const *fmt, char *out, size_t outlen)
516 while (isspace((int) *fmt)) fmt++;
524 if ((radius_get_vp(&vp, request, fmt) < 0) || !vp) goto nothing;
526 return radius_xlat(out, outlen, request, vp->vp_strvalue, NULL, NULL);
529 /** Dynamically change the debugging level for the current request
533 static ssize_t xlat_debug(UNUSED void *instance, REQUEST *request,
534 char const *fmt, char *out, size_t outlen)
539 * Expand to previous (or current) level
541 snprintf(out, outlen, "%d", request->log.lvl & RAD_REQUEST_OPTION_DEBUG4);
544 * Assume we just want to get the current value and NOT set it to 0
551 request->log.lvl = RAD_REQUEST_OPTION_NONE;
552 request->log.func = NULL;
554 if (level > 4) level = 4;
556 request->log.lvl = level;
557 request->log.func = vradlog_request;
565 * Compare two xlat_t structs, based ONLY on the module name.
567 static int xlat_cmp(void const *one, void const *two)
569 xlat_t const *a = one;
570 xlat_t const *b = two;
572 if (a->length != b->length) {
573 return a->length - b->length;
576 return memcmp(a->name, b->name, a->length);
581 * find the appropriate registered xlat function.
583 static xlat_t *xlat_find(char const *name)
587 strlcpy(my_xlat.name, name, sizeof(my_xlat.name));
588 my_xlat.length = strlen(my_xlat.name);
590 return rbtree_finddata(xlat_root, &my_xlat);
594 /** Register an xlat function.
596 * @param[in] name xlat name.
597 * @param[in] func xlat function to be called.
598 * @param[in] escape function to sanitize any sub expansions passed to the xlat function.
599 * @param[in] instance of module that's registering the xlat function.
600 * @return 0 on success, -1 on failure
602 int xlat_register(char const *name, RAD_XLAT_FUNC func, RADIUS_ESCAPE_STRING escape, void *instance)
608 if (!name || !*name) {
609 DEBUG("xlat_register: Invalid xlat name");
614 * First time around, build up the tree...
616 * FIXME: This code should be hoisted out of this function,
617 * and into a global "initialization". But it isn't critical...
624 xlat_root = rbtree_create(NULL, xlat_cmp, NULL, RBTREE_FLAG_REPLACE);
626 DEBUG("xlat_register: Failed to create tree");
631 for (i = 0; xlat_foreach_names[i] != NULL; i++) {
632 xlat_register(xlat_foreach_names[i],
633 xlat_foreach, NULL, &xlat_inst[i]);
634 c = xlat_find(xlat_foreach_names[i]);
635 rad_assert(c != NULL);
640 #define XLAT_REGISTER(_x) xlat_register(STRINGIFY(_x), xlat_ ## _x, NULL, NULL); \
641 c = xlat_find(STRINGIFY(_x)); \
642 rad_assert(c != NULL); \
645 XLAT_REGISTER(integer);
646 XLAT_REGISTER(strlen);
647 XLAT_REGISTER(length);
650 XLAT_REGISTER(string);
652 XLAT_REGISTER(module);
653 XLAT_REGISTER(debug_attr);
655 xlat_register("debug", xlat_debug, NULL, &xlat_inst[0]);
656 c = xlat_find("debug");
657 rad_assert(c != NULL);
662 * If it already exists, replace the instance.
664 strlcpy(my_xlat.name, name, sizeof(my_xlat.name));
665 my_xlat.length = strlen(my_xlat.name);
666 c = rbtree_finddata(xlat_root, &my_xlat);
669 DEBUG("xlat_register: Cannot re-define internal xlat");
675 c->instance = instance;
680 * Doesn't exist. Create it.
682 c = talloc_zero(xlat_root, xlat_t);
686 strlcpy(c->name, name, sizeof(c->name));
687 c->length = strlen(c->name);
688 c->instance = instance;
690 node = rbtree_insert_node(xlat_root, c);
697 * Ensure that the data is deleted when the node is
700 * @todo: Maybe this should be the other way around...
701 * when a thing IN the tree is deleted, it's automatically
702 * removed from the tree. But for now, this works.
704 (void) talloc_steal(node, c);
708 /** Unregister an xlat function
710 * We can only have one function to call per name, so the passing of "func"
711 * here is extraneous.
713 * @param[in] name xlat to unregister.
714 * @param[in] func unused.
715 * @param[in] instance data.
717 void xlat_unregister(char const *name, UNUSED RAD_XLAT_FUNC func, void *instance)
724 strlcpy(my_xlat.name, name, sizeof(my_xlat.name));
725 my_xlat.length = strlen(my_xlat.name);
727 c = rbtree_finddata(xlat_root, &my_xlat);
730 if (c->instance != instance) return;
732 rbtree_deletebydata(xlat_root, c);
735 static int xlat_unregister_callback(void *instance, void *data)
737 xlat_t *c = (xlat_t *) data;
739 if (c->instance != instance) return 0; /* keep walking */
741 return 2; /* delete it */
744 void xlat_unregister_module(void *instance)
746 rbtree_walk(xlat_root, RBTREE_DELETE_ORDER, xlat_unregister_callback, instance);
750 /** Crappy temporary function to add attribute ref support to xlats
752 * This needs to die, and hopefully will die, when xlat functions accept
753 * xlat node structures.
755 * Provides either a pointer to a buffer which contains the value of the reference VALUE_PAIR
756 * in an architecture independent format. Or a pointer to the start of the fmt string.
758 * The pointer is only guaranteed to be valid between calls to xlat_fmt_to_ref,
759 * and so long as the source VALUE_PAIR is not freed.
761 * @param out where to write a pointer to the buffer to the data the xlat function needs to work on.
762 * @param request current request.
764 * @returns the length of the data or -1 on error.
766 ssize_t xlat_fmt_to_ref(uint8_t const **out, REQUEST *request, char const *fmt)
770 while (isspace((int) *fmt)) fmt++;
773 if ((radius_get_vp(&vp, request, fmt) < 0) || !vp) {
778 return rad_vp2data(out, vp);
781 *out = (uint8_t const *)fmt;
785 /** De-register all xlat functions, used mainly for debugging.
790 rbtree_free(xlat_root);
795 # define XLAT_DEBUG DEBUG3
797 # define XLAT_DEBUG(...)
800 static ssize_t xlat_tokenize_expansion(TALLOC_CTX *ctx, char *fmt, xlat_exp_t **head,
802 static ssize_t xlat_tokenize_literal(TALLOC_CTX *ctx, char *fmt, xlat_exp_t **head,
803 int brace, char const **error);
804 static size_t xlat_process(char **out, REQUEST *request, xlat_exp_t const * const head,
805 RADIUS_ESCAPE_STRING escape, void *escape_ctx);
807 static ssize_t xlat_tokenize_alternation(TALLOC_CTX *ctx, char *fmt, xlat_exp_t **head,
814 rad_assert(fmt[0] == '%');
815 rad_assert(fmt[1] == '{');
816 rad_assert(fmt[2] == '%');
817 rad_assert(fmt[3] == '{');
819 XLAT_DEBUG("ALTERNATE <-- %s", fmt);
821 node = talloc_zero(ctx, xlat_exp_t);
822 node->type = XLAT_ALTERNATE;
825 slen = xlat_tokenize_expansion(node, p, &node->child, error);
828 return slen - (p - fmt);
834 *error = "Expected ':' after first expansion";
841 *error = "Expected '-' after ':'";
847 * Allow the RHS to be empty as a special case.
851 * Hack up an empty string.
853 node->alternate = talloc_zero(node, xlat_exp_t);
854 node->alternate->type = XLAT_LITERAL;
855 node->alternate->fmt = talloc_typed_strdup(node->alternate, "");
859 slen = xlat_tokenize_literal(node, p, &node->alternate, true, error);
862 return slen - (p - fmt);
865 if (!node->alternate) {
867 *error = "Empty expansion is invalid";
877 static ssize_t xlat_tokenize_expansion(TALLOC_CTX *ctx, char *fmt, xlat_exp_t **head,
882 char const *attrname;
885 rad_assert(fmt[0] == '%');
886 rad_assert(fmt[1] == '{');
891 if ((fmt[2] == '%') && (fmt[3] == '{')) {
892 return xlat_tokenize_alternation(ctx, fmt, head, error);
895 XLAT_DEBUG("EXPANSION <-- %s", fmt);
896 node = talloc_zero(ctx, xlat_exp_t);
897 attrname = node->fmt = fmt + 2;
902 * Handle regex's specially.
904 if (isdigit((int) fmt[2]) && (fmt[3] == '}')) {
907 *error = "Invalid regex reference";
911 XLAT_DEBUG("REGEX <-- %s", fmt);
913 node->attr.tmpl_num = fmt[2] - '0'; /* ASCII */
915 node->type = XLAT_REGEX;
919 #endif /* HAVE_REGEX */
924 * %{Tunnel-Password:1}
925 * %{Tunnel-Password:1[#]}
926 * %{request:Attr-Name}
927 * %{request:Tunnel-Password:1}
928 * %{request:Tunnel-Password:1[#]}
932 for (p = fmt + 2; *p != '\0'; p++) {
933 if (*p == ':') break;
935 if (isspace((int) *p)) break;
937 if (*p == '[') break;
939 if (*p == '}') break;
942 if (*p != ':') p = NULL;
945 * Might be a module name reference.
953 node->xlat = xlat_find(node->fmt);
955 node->type = XLAT_MODULE;
957 XLAT_DEBUG("MOD <-- %s ... %s", node->fmt, p + 1);
959 slen = xlat_tokenize_literal(node, p + 1, &node->child, true, error);
962 return slen - (p - fmt);
967 rad_assert(node->next == NULL);
972 * Modules can have '}' in their RHS, so we
973 * didn't check for that until now.
975 * As of now, node->fmt MUST be a reference to an
976 * attribute, however complicated. So it MUST have a closing brace.
978 brace = strchr(p + 1, '}');
979 if (!brace) goto no_brace;
985 * %{Tunnel-Password:1}
986 * %{request:Tunnel-Password:1}
988 * <sigh> The syntax is fairly poor.
990 XLAT_DEBUG("Looking for list in '%s'", attrname);
993 * Not a module. Has to be an attribute
996 * As of v3, we've removed %{request: ..>} as
997 * internally registered xlats.
1000 node->attr.tmpl_request = radius_request_name(&attrname, REQUEST_CURRENT);
1001 rad_assert(node->attr.tmpl_request != REQUEST_UNKNOWN);
1003 node->attr.tmpl_list = radius_list_name(&attrname, PAIR_LIST_REQUEST);
1004 if (node->attr.tmpl_list == PAIR_LIST_UNKNOWN) {
1006 *error = "Unknown module";
1011 * Check for a trailing tag.
1013 p = strchr(attrname, ':');
1017 brace = strchr(attrname, '}');
1021 *error = "No matching closing brace";
1022 return -1; /* second character of format string */
1026 node->attr.tmpl_request = REQUEST_CURRENT;
1027 node->attr.tmpl_list = PAIR_LIST_REQUEST;
1032 XLAT_DEBUG("Looking for attribute name in %s", attrname);
1035 * Allow for an array reference. They come AFTER the
1036 * tag, if the tag exists. Otherwise, they come after
1037 * the attribute name.
1040 q = strchr(p + 1, '[');
1042 q = strchr(attrname, '[');
1044 if (q) *(q++) = '\0';
1048 *error = "Empty expression is invalid";
1049 return -(attrname - fmt);
1053 * It's either an attribute name, or a Tunnel-Password:TAG
1054 * with the ':' already set to NULL.
1056 node->attr.tmpl_da = dict_attrbyname(attrname);
1057 if (!node->attr.tmpl_da) {
1059 * Foreach. Maybe other stuff, too.
1061 node->xlat = xlat_find(attrname);
1063 node->type = XLAT_VIRTUAL;
1064 node->fmt = attrname;
1066 XLAT_DEBUG("VIRTUAL <-- %s", node->fmt);
1068 rad_assert(node->next == NULL);
1074 *error = "Unknown attribute";
1075 return -(attrname - fmt);
1085 if (!node->attr.tmpl_da->flags.has_tag) {
1087 *error = "Attribute cannot have a tag";
1091 tag = strtoul(p + 1, &end, 10);
1094 if (tag == ULONG_MAX) {
1096 *error = "Invalid tag value";
1100 node->attr.tmpl_tag = tag;
1105 *error = "Unexpected text after tag";
1110 node->attr.tmpl_tag = TAG_ANY;
1115 * Check for array reference
1123 node->attr.tmpl_num = NUM_COUNT;
1126 } else if (*p == '*') {
1127 node->attr.tmpl_num = NUM_ALL;
1130 } else if (isdigit((int) *p)) {
1131 num = strtoul(p, &end, 10);
1134 *error = "Invalid array index";
1138 node->attr.tmpl_num = num;
1142 *error = "Invalid array index";
1148 *error = "Expected ']'";
1155 *error = "Unexpected text after array reference";
1159 node->attr.tmpl_num = NUM_ANY;
1162 rad_assert(!p || (p == brace));
1164 node->type = XLAT_ATTRIBUTE;
1168 rad_assert(node->next == NULL);
1173 static ssize_t xlat_tokenize_literal(TALLOC_CTX *ctx, char *fmt, xlat_exp_t **head,
1174 int brace, char const **error)
1179 if (!*fmt) return 0;
1181 XLAT_DEBUG("LITERAL <-- %s", fmt);
1183 node = talloc_zero(ctx, xlat_exp_t);
1186 node->type = XLAT_LITERAL;
1194 *error = "Invalid escape at end of string";
1202 * Process the expansion.
1204 if ((p[0] == '%') && (p[1] == '{')) {
1207 XLAT_DEBUG("LITERAL <-- %s", node->fmt);
1209 slen = xlat_tokenize_expansion(node, p, &node->next, error);
1212 return slen - (p - fmt);
1214 *p = '\0'; /* end the literal */
1217 rad_assert(node->next != NULL);
1220 * Short-circuit the recursive call.
1221 * This saves another function call and
1222 * memory allocation.
1227 * "foo %{User-Name} bar"
1229 * EXPANSION User-Name
1232 slen = xlat_tokenize_literal(node->next, p, &(node->next->next), brace, error);
1233 rad_assert(slen != 0);
1236 return slen - (p - fmt);
1240 break; /* stop processing the string */
1244 * Check for valid single-character expansions.
1250 if (!p[1] || !strchr("%dlmtDGHISTYv", p[1])) {
1252 *error = "Invalid variable expansion";
1257 next = talloc_zero(node, xlat_exp_t);
1261 next->fmt = talloc_typed_strdup(next, "%");
1263 XLAT_DEBUG("LITERAL <-- %s", next->fmt);
1264 next->type = XLAT_LITERAL;
1269 XLAT_DEBUG("PERCENT <-- %c", *next->fmt);
1270 next->type = XLAT_PERCENT;
1282 slen = xlat_tokenize_literal(node->next, p, &(node->next->next), brace, error);
1283 rad_assert(slen != 0);
1286 return slen - (p - fmt);
1290 break; /* stop processing the string */
1294 * If required, eat the brace.
1296 if (brace && (*p == '}')) {
1307 * Squash zero-width literals
1309 if (node->len > 0) {
1313 (void) talloc_steal(ctx, node->next);
1322 static char const xlat_tabs[] = " ";
1324 static void xlat_tokenize_debug(xlat_exp_t const *node, int lvl)
1326 rad_assert(node != NULL);
1328 if (lvl >= (int) sizeof(xlat_tabs)) lvl = sizeof(xlat_tabs);
1331 switch (node->type) {
1333 DEBUG("%.*sliteral --> %s", lvl, xlat_tabs, node->fmt);
1337 DEBUG("%.*spercent --> %c", lvl, xlat_tabs, node->fmt[0]);
1340 case XLAT_ATTRIBUTE:
1341 rad_assert(node->attr.tmpl_da != NULL);
1342 DEBUG("%.*sattribute --> %s", lvl, xlat_tabs, node->attr.tmpl_da->name);
1343 rad_assert(node->child == NULL);
1344 if ((node->attr.tmpl_tag != TAG_ANY) || (node->attr.tmpl_num != NUM_ANY)) {
1345 DEBUG("%.*s{", lvl, xlat_tabs);
1347 DEBUG("%.*sref %d", lvl + 1, xlat_tabs, node->attr.tmpl_request);
1348 DEBUG("%.*slist %d", lvl + 1, xlat_tabs, node->attr.tmpl_list);
1350 if (node->attr.tmpl_tag != TAG_ANY) {
1351 DEBUG("%.*stag %d", lvl + 1, xlat_tabs, node->attr.tmpl_tag);
1353 if (node->attr.tmpl_num != NUM_ANY) {
1354 if (node->attr.tmpl_num == NUM_COUNT) {
1355 DEBUG("%.*s[#]", lvl + 1, xlat_tabs);
1356 } else if (node->attr.tmpl_num == NUM_ALL) {
1357 DEBUG("%.*s[*]", lvl + 1, xlat_tabs);
1359 DEBUG("%.*s[%d]", lvl + 1, xlat_tabs, node->attr.tmpl_num);
1363 DEBUG("%.*s}", lvl, xlat_tabs);
1368 rad_assert(node->fmt != NULL);
1369 DEBUG("%.*svirtual --> %s", lvl, xlat_tabs, node->fmt);
1373 rad_assert(node->xlat != NULL);
1374 DEBUG("%.*sxlat --> %s", lvl, xlat_tabs, node->xlat->name);
1376 DEBUG("%.*s{", lvl, xlat_tabs);
1377 xlat_tokenize_debug(node->child, lvl + 1);
1378 DEBUG("%.*s}", lvl, xlat_tabs);
1384 DEBUG("%.*sregex-var --> %d", lvl, xlat_tabs, node->attr.tmpl_num);
1388 case XLAT_ALTERNATE:
1389 DEBUG("%.*sif {", lvl, xlat_tabs);
1390 xlat_tokenize_debug(node->child, lvl + 1);
1391 DEBUG("%.*s}", lvl, xlat_tabs);
1392 DEBUG("%.*selse {", lvl, xlat_tabs);
1393 xlat_tokenize_debug(node->alternate, lvl + 1);
1394 DEBUG("%.*s}", lvl, xlat_tabs);
1401 size_t xlat_sprint(char *buffer, size_t bufsize, xlat_exp_t const *node)
1412 end = buffer + bufsize;
1415 switch (node->type) {
1417 strlcpy(p, node->fmt, end - p);
1423 p[1] = node->fmt[0];
1427 case XLAT_ATTRIBUTE:
1431 if (node->attr.tmpl_request != REQUEST_CURRENT) {
1432 strlcpy(p, fr_int2str(request_refs, node->attr.tmpl_request, "??"), end - p);
1437 if ((node->attr.tmpl_request != REQUEST_CURRENT) ||
1438 (node->attr.tmpl_list != PAIR_LIST_REQUEST)) {
1439 strlcpy(p, fr_int2str(pair_lists, node->attr.tmpl_list, "??"), end - p);
1444 strlcpy(p, node->attr.tmpl_da->name, end - p);
1447 if (node->attr.tmpl_tag != TAG_ANY) {
1449 snprintf(p, end - p, "%u", node->attr.tmpl_tag);
1453 if (node->attr.tmpl_num != NUM_ANY) {
1455 switch (node->attr.tmpl_num) {
1465 snprintf(p, end - p, "%i", node->attr.tmpl_num);
1474 snprintf(p, end - p, "%%{%i}", node->attr.tmpl_num);
1481 strlcpy(p, node->fmt, end - p);
1489 strlcpy(p, node->xlat->name, end - p);
1492 rad_assert(node->child != NULL);
1493 len = xlat_sprint(p, end - p, node->child);
1498 case XLAT_ALTERNATE:
1502 len = xlat_sprint(p, end - p, node->child);
1508 len = xlat_sprint(p, end - p, node->alternate);
1516 if (p == end) break;
1526 ssize_t xlat_tokenize(TALLOC_CTX *ctx, char *fmt, xlat_exp_t **head,
1529 return xlat_tokenize_literal(ctx, fmt, head, false, error);
1533 /** Tokenize an xlat expansion
1535 * @param[in] request the input request. Memory will be attached here.
1536 * @param[in] fmt the format string to expand
1537 * @param[out] head the head of the xlat list / tree structure.
1539 static ssize_t xlat_tokenize_request(REQUEST *request, char const *fmt, xlat_exp_t **head)
1548 * Copy the original format string to a buffer so that
1549 * the later functions can mangle it in-place, which is
1552 tokens = talloc_typed_strdup(request, fmt);
1553 if (!tokens) return -1;
1555 slen = xlat_tokenize_literal(request, tokens, head, false, &error);
1558 * Zero length expansion, return a zero length node.
1561 *head = talloc_zero(request, xlat_exp_t);
1565 * Output something like:
1568 * " ^ error was here"
1571 talloc_free(tokens);
1572 rad_assert(error != NULL);
1574 REMARKER(fmt, -slen, error);
1578 if (*head && (debug_flag > 2)) {
1580 DEBUG("Parsed xlat tree:");
1581 xlat_tokenize_debug(*head, 0);
1585 * All of the nodes point to offsets in the "tokens"
1586 * string. Let's ensure that free'ing head will free
1589 (void) talloc_steal(*head, tokens);
1595 static char *xlat_getvp(TALLOC_CTX *ctx, REQUEST *request, pair_lists_t list, DICT_ATTR const *da,
1596 int8_t tag, int num, bool return_null)
1598 VALUE_PAIR *vp = NULL, *vps = NULL, *myvp = NULL;
1599 RADIUS_PACKET *packet = NULL;
1604 * Arg. Too much abstraction is annoying.
1608 if (return_null) return NULL;
1609 return vp_aprint_type(ctx, da->type);
1611 case PAIR_LIST_CONTROL:
1612 vps = request->config_items;
1615 case PAIR_LIST_REQUEST:
1616 packet = request->packet;
1617 if (packet) vps = packet->vps;
1620 case PAIR_LIST_REPLY:
1621 packet = request->reply;
1622 if (packet) vps = packet->vps;
1626 case PAIR_LIST_PROXY_REQUEST:
1627 packet = request->proxy;
1628 if (packet) vps = packet->vps;
1631 case PAIR_LIST_PROXY_REPLY:
1632 packet = request->proxy_reply;
1633 if (packet) vps = packet->vps;
1640 if (request->coa) packet = request->coa->packet;
1641 if (packet) vps = packet->vps;
1644 case PAIR_LIST_COA_REPLY:
1645 case PAIR_LIST_DM_REPLY:
1646 if (request->coa) packet = request->coa->reply;
1647 if (packet) vps = packet->vps;
1654 * Counting attributes doesn't require us to search for them
1656 if (!da->flags.virtual && (num == NUM_COUNT)) goto do_print;
1659 * Now we have the list, check to see if we have an attribute in
1660 * the request, if we do, it takes precedence over the virtual
1663 * This allows users to manipulate virtual attributes as if they
1666 vp = pair_find_by_da(vps, da, tag);
1667 if (vp) goto do_print;
1670 * We didn't find the VP in a list. It MIGHT be a
1671 * virtual one, in which case we do lots more checks
1672 * below. However, if we're looking for a normal
1673 * attribute, it must exist, and therefore not finding it
1674 * means we return NULL.
1676 if (!da->flags.virtual) return NULL;
1679 * Some non-packet expansions
1683 break; /* ignore them */
1685 case PW_CLIENT_SHORTNAME:
1686 if (num == NUM_COUNT) goto count;
1687 if (request->client && request->client->shortname) {
1688 return talloc_typed_strdup(ctx, request->client->shortname);
1690 return talloc_typed_strdup(ctx, "<UNKNOWN-CLIENT>");
1692 case PW_REQUEST_PROCESSING_STAGE:
1693 if (num == NUM_COUNT) goto count;
1694 if (request->component) {
1695 return talloc_typed_strdup(ctx, request->component);
1697 return talloc_typed_strdup(ctx, "server_core");
1699 case PW_VIRTUAL_SERVER:
1700 if (num == NUM_COUNT) goto count;
1701 if (!request->server) return NULL;
1702 return talloc_typed_strdup(ctx, request->server);
1704 case PW_MODULE_RETURN_CODE:
1705 if (num == NUM_COUNT) goto count;
1706 if (!request->rcode) return NULL;
1707 return talloc_typed_strdup(ctx, fr_int2str(modreturn_table, request->rcode, ""));
1711 * All of the attributes must now refer to a packet.
1712 * If there's no packet, we can't print any attribute
1716 if (return_null) return NULL;
1717 return vp_aprint_type(ctx, da->type);
1725 case PW_PACKET_TYPE:
1726 dv = dict_valbyattr(PW_PACKET_TYPE, 0, packet->code);
1727 if (dv) return talloc_typed_strdup(ctx, dv->name);
1728 return talloc_typed_asprintf(ctx, "%d", packet->code);
1730 case PW_RESPONSE_PACKET_TYPE:
1735 if (request->proxy_reply && (!request->reply || !request->reply->code)) {
1736 code = request->proxy_reply->code;
1739 if (request->reply) {
1740 code = request->reply->code;
1743 return talloc_typed_strdup(ctx, fr_packet_codes[code]);
1747 * Virtual attributes which require a temporary VALUE_PAIR
1748 * to be allocated. We can't use stack allocated memory
1749 * because of the talloc checks sprinkled throughout the
1750 * various VP functions.
1752 case PW_PACKET_AUTHENTICATION_VECTOR:
1753 myvp = pairalloc(ctx, da);
1754 pairmemcpy(myvp, packet->vector, sizeof(packet->vector));
1758 case PW_CLIENT_IP_ADDRESS:
1759 case PW_PACKET_SRC_IP_ADDRESS:
1760 if (packet->src_ipaddr.af == AF_INET) {
1761 myvp = pairalloc(ctx, da);
1762 myvp->vp_ipaddr = packet->src_ipaddr.ipaddr.ip4addr.s_addr;
1767 case PW_PACKET_DST_IP_ADDRESS:
1768 if (packet->dst_ipaddr.af == AF_INET) {
1769 myvp = pairalloc(ctx, da);
1770 myvp->vp_ipaddr = packet->dst_ipaddr.ipaddr.ip4addr.s_addr;
1775 case PW_PACKET_SRC_IPV6_ADDRESS:
1776 if (packet->src_ipaddr.af == AF_INET6) {
1777 myvp = pairalloc(ctx, da);
1778 memcpy(&myvp->vp_ipv6addr,
1779 &packet->src_ipaddr.ipaddr.ip6addr,
1780 sizeof(packet->src_ipaddr.ipaddr.ip6addr));
1785 case PW_PACKET_DST_IPV6_ADDRESS:
1786 if (packet->dst_ipaddr.af == AF_INET6) {
1787 myvp = pairalloc(ctx, da);
1788 memcpy(&myvp->vp_ipv6addr,
1789 &packet->dst_ipaddr.ipaddr.ip6addr,
1790 sizeof(packet->dst_ipaddr.ipaddr.ip6addr));
1795 case PW_PACKET_SRC_PORT:
1796 myvp = pairalloc(ctx, da);
1797 myvp->vp_integer = packet->src_port;
1801 case PW_PACKET_DST_PORT:
1802 myvp = pairalloc(ctx, da);
1803 myvp->vp_integer = packet->dst_port;
1809 * Fake various operations for virtual attributes.
1812 if (num != NUM_ANY) switch (num) {
1814 * [n] is NULL (we only have [0])
1819 * [*] means only one.
1825 * [#] means 1 (as there's only one)
1829 ret = talloc_strdup(ctx, "1");
1833 * [0] is fine (get the first instance)
1843 * We want the N'th VP.
1845 if (num != NUM_ANY) {
1851 * Return a count of the VPs.
1854 fr_cursor_init(&cursor, &vps);
1855 while (fr_cursor_next_by_da(&cursor, da, tag) != NULL) count++;
1857 return talloc_typed_asprintf(ctx, "%d", count);
1860 * Ugly, but working.
1866 (void) fr_cursor_init(&cursor, &vps);
1867 vp = fr_cursor_next_by_da(&cursor, da, tag);
1868 if (!vp) return NULL;
1870 p = vp_aprints_value(ctx, vp, '"');
1871 if (!p) return NULL;
1872 while ((vp = fr_cursor_next_by_da(&cursor, da, tag)) != NULL) {
1873 q = vp_aprints_value(ctx, vp, '"');
1874 if (!q) return NULL;
1875 p = talloc_strdup_append(p, ",");
1876 p = talloc_strdup_append(p, q);
1883 fr_cursor_init(&cursor, &vps);
1884 while ((vp = fr_cursor_next_by_da(&cursor, da, tag)) != NULL) {
1885 if (count++ == num) break;
1892 if (return_null) return NULL;
1893 return vp_aprint_type(ctx, da->type);
1897 ret = vp_aprints_value(ctx, vp, '"');
1905 static const char xlat_spaces[] = " ";
1908 static char *xlat_aprint(TALLOC_CTX *ctx, REQUEST *request, xlat_exp_t const * const node,
1909 RADIUS_ESCAPE_STRING escape, void *escape_ctx, int lvl)
1912 char *str = NULL, *child;
1917 XLAT_DEBUG("%.*sxlat aprint %d", lvl, xlat_spaces, node->type);
1919 switch (node->type) {
1921 * Don't escape this.
1924 XLAT_DEBUG("xlat_aprint LITERAL");
1925 return talloc_typed_strdup(ctx, node->fmt);
1928 * Do a one-character expansion.
1933 size_t freespace = 256;
1937 XLAT_DEBUG("xlat_aprint PERCENT");
1939 str = talloc_array(ctx, char, freespace); /* @todo do better allocation */
1942 when = request->timestamp;
1943 if (request->packet) {
1944 when = request->packet->timestamp.tv_sec;
1953 case 'd': /* request day */
1954 if (!localtime_r(&when, &ts)) goto error;
1955 strftime(str, freespace, "%d", &ts);
1958 case 'l': /* request timestamp */
1959 snprintf(str, freespace, "%lu",
1960 (unsigned long) when);
1963 case 'm': /* request month */
1964 if (!localtime_r(&when, &ts)) goto error;
1965 strftime(str, freespace, "%m", &ts);
1968 case 'n': /* Request Number*/
1969 snprintf(str, freespace, "%u", request->number);
1972 case 't': /* request timestamp */
1973 CTIME_R(&when, str, freespace);
1974 nl = strchr(str, '\n');
1978 case 'D': /* request date */
1979 if (!localtime_r(&when, &ts)) goto error;
1980 strftime(str, freespace, "%Y%m%d", &ts);
1983 case 'G': /* request minute */
1984 if (!localtime_r(&when, &ts)) goto error;
1985 strftime(str, freespace, "%M", &ts);
1988 case 'H': /* request hour */
1989 if (!localtime_r(&when, &ts)) goto error;
1990 strftime(str, freespace, "%H", &ts);
1993 case 'I': /* Request ID */
1994 if (request->packet) {
1995 snprintf(str, freespace, "%i", request->packet->id);
1999 case 'S': /* request timestamp in SQL format*/
2000 if (!localtime_r(&when, &ts)) goto error;
2001 strftime(str, freespace, "%Y-%m-%d %H:%M:%S", &ts);
2004 case 'T': /* request timestamp */
2005 if (!localtime_r(&when, &ts)) goto error;
2006 strftime(str, freespace, "%Y-%m-%d-%H.%M.%S.000000", &ts);
2009 case 'Y': /* request year */
2010 if (!localtime_r(&when, &ts)) {
2012 REDEBUG("Failed converting packet timestamp to localtime: %s", fr_syserror(errno));
2016 strftime(str, freespace, "%Y", &ts);
2019 case 'v': /* Version of code */
2020 snprintf(str, freespace, "%s", radiusd_short_version);
2030 case XLAT_ATTRIBUTE:
2031 XLAT_DEBUG("xlat_aprint ATTRIBUTE");
2033 if (radius_request(&ref, node->attr.tmpl_request) < 0) {
2038 * Some attributes are virtual <sigh>
2040 str = xlat_getvp(ctx, ref, node->attr.tmpl_list, node->attr.tmpl_da, node->attr.tmpl_tag, node->attr.tmpl_num, true);
2042 XLAT_DEBUG("EXPAND attr %s", node->attr.tmpl_da->name);
2043 XLAT_DEBUG(" ---> %s", str);
2048 XLAT_DEBUG("xlat_aprint VIRTUAL");
2049 str = talloc_array(ctx, char, 2048); /* FIXME: have the module call talloc_typed_asprintf */
2050 rcode = node->xlat->func(node->xlat->instance, request, NULL, str, 2048);
2058 XLAT_DEBUG("xlat_aprint MODULE");
2059 if (xlat_process(&child, request, node->child, node->xlat->escape, node->xlat->instance) == 0) {
2063 XLAT_DEBUG("%.*sEXPAND mod %s %s", lvl, xlat_spaces, node->fmt, node->child->fmt);
2064 XLAT_DEBUG("%.*s ---> %s", lvl, xlat_spaces, child);
2069 * The OUTPUT of xlat is a printable string. The INPUT might not be...
2071 * This is really the reverse of fr_print_string().
2075 if (*p == '\\') switch (p[1]) {
2096 str = talloc_array(ctx, char, 2048); /* FIXME: have the module call talloc_typed_asprintf */
2097 *str = '\0'; /* Be sure the string is NULL terminated, we now only free on error */
2099 rcode = node->xlat->func(node->xlat->instance, request, child, str, 2048);
2109 XLAT_DEBUG("xlat_aprint REGEX");
2110 child = request_data_reference(request, request,
2111 REQUEST_DATA_REGEX | node->attr.tmpl_num);
2112 if (!child) return NULL;
2114 str = talloc_typed_strdup(ctx, child);
2118 case XLAT_ALTERNATE:
2119 XLAT_DEBUG("xlat_aprint ALTERNATE");
2120 rad_assert(node->child != NULL);
2121 rad_assert(node->alternate != NULL);
2123 str = xlat_aprint(ctx, request, node->child, escape, escape_ctx, lvl);
2126 str = xlat_aprint(ctx, request, node->alternate, escape, escape_ctx, lvl);
2132 * Escape the non-literals we found above.
2134 if (str && escape) {
2137 escaped = talloc_array(ctx, char, 2048); /* FIXME: do something intelligent */
2138 escape(request, escaped, 2038, str, escape_ctx);
2147 static size_t xlat_process(char **out, REQUEST *request, xlat_exp_t const * const head,
2148 RADIUS_ESCAPE_STRING escape, void *escape_ctx)
2152 char **array, *answer;
2153 xlat_exp_t const *node;
2158 * There are no nodes to process, so the result is a zero
2162 *out = talloc_zero_array(request, char, 1);
2167 * Hack for speed. If it's one expansion, just allocate
2168 * that and return, instead of allocating an intermediary
2173 * Pass the MAIN escape function. Recursive
2174 * calls will call node-specific escape
2177 answer = xlat_aprint(request, request, head, escape, escape_ctx, 0);
2179 *out = talloc_zero_array(request, char, 1);
2183 return strlen(answer);
2186 list = 0; /* FIXME: calculate this once */
2187 for (node = head; node != NULL; node = node->next) {
2191 array = talloc_array(request, char *, list);
2192 if (!array) return -1;
2194 for (node = head, i = 0; node != NULL; node = node->next, i++) {
2195 array[i] = xlat_aprint(array, request, node, escape, escape_ctx, 0); /* may be NULL */
2199 for (i = 0; i < list; i++) {
2200 if (array[i]) total += strlen(array[i]); /* FIXME: calculate strlen once */
2205 *out = talloc_zero_array(request, char, 1);
2209 answer = talloc_array(request, char, total + 1);
2212 for (i = 0; i < list; i++) {
2216 len = strlen(array[i]);
2217 memcpy(answer + total, array[i], len);
2221 answer[total] = '\0';
2222 talloc_free(array); /* and child entries */
2229 /** Replace %whatever in a string.
2231 * See 'doc/variables.txt' for more information.
2233 * @param[out] out Where to write pointer to output buffer.
2234 * @param[in] outlen Size of out.
2235 * @param[in] request current request.
2236 * @param[in] node the xlat structure to expand
2237 * @param[in] escape function to escape final value e.g. SQL quoting.
2238 * @param[in] escape_ctx pointer to pass to escape function.
2239 * @return length of string written @bug should really have -1 for failure
2241 static ssize_t xlat_expand_struct(char **out, size_t outlen, REQUEST *request, xlat_exp_t const *node,
2242 RADIUS_ESCAPE_STRING escape, void *escape_ctx)
2247 rad_assert(node != NULL);
2249 len = xlat_process(&buff, request, node, escape, escape_ctx);
2250 if ((len < 0) || !buff) {
2251 rad_assert(buff == NULL);
2252 if (*out) *out[0] = '\0';
2259 strlcpy(*out, buff, outlen);
2263 return strlen(*out);
2266 static ssize_t xlat_expand(char **out, size_t outlen, REQUEST *request, char const *fmt,
2267 RADIUS_ESCAPE_STRING escape, void *escape_ctx) CC_HINT(nonnull (1, 3, 4));
2269 /** Replace %whatever in a string.
2271 * See 'doc/variables.txt' for more information.
2273 * @param[out] out Where to write pointer to output buffer.
2274 * @param[in] outlen Size of out.
2275 * @param[in] request current request.
2276 * @param[in] fmt string to expand.
2277 * @param[in] escape function to escape final value e.g. SQL quoting.
2278 * @param[in] escape_ctx pointer to pass to escape function.
2279 * @return length of string written @bug should really have -1 for failure
2281 static ssize_t xlat_expand(char **out, size_t outlen, REQUEST *request, char const *fmt,
2282 RADIUS_ESCAPE_STRING escape, void *escape_ctx)
2288 * Give better errors than the old code.
2290 len = xlat_tokenize_request(request, fmt, &node);
2295 *out = talloc_zero_array(request, char, 1);
2301 if (*out) *out[0] = '\0';
2305 len = xlat_expand_struct(out, outlen, request, node, escape, escape_ctx);
2308 RDEBUG2("EXPAND %s", fmt);
2309 RDEBUG2(" --> %s", *out);
2315 * Try to convert an xlat to a tmpl for efficiency
2317 value_pair_tmpl_t *radius_xlat2tmpl(TALLOC_CTX *ctx, xlat_exp_t *node)
2319 value_pair_tmpl_t *vpt;
2321 if (node->next || (node->type != XLAT_ATTRIBUTE)) return NULL;
2324 * @todo it should be possible to emulate the concat and count operations in the
2327 if ((node->attr.tmpl_num == NUM_COUNT) || (node->attr.tmpl_num == NUM_ALL)) return NULL;
2329 vpt = tmpl_alloc(ctx, TMPL_TYPE_ATTR, node->fmt, -1);
2330 if (!vpt) return NULL;
2331 vpt->tmpl_request = node->attr.tmpl_request;
2332 vpt->tmpl_list = node->attr.tmpl_list;
2333 vpt->tmpl_da = node->attr.tmpl_da;
2334 vpt->tmpl_num = node->attr.tmpl_num;
2335 vpt->tmpl_tag = node->attr.tmpl_tag;
2342 ssize_t radius_xlat(char *out, size_t outlen, REQUEST *request, char const *fmt, RADIUS_ESCAPE_STRING escape, void *ctx)
2344 return xlat_expand(&out, outlen, request, fmt, escape, ctx);
2347 ssize_t radius_axlat(char **out, REQUEST *request, char const *fmt, RADIUS_ESCAPE_STRING escape, void *ctx)
2349 return xlat_expand(out, 0, request, fmt, escape, ctx);
2352 ssize_t radius_axlat_struct(char **out, REQUEST *request, xlat_exp_t const *xlat, RADIUS_ESCAPE_STRING escape, void *ctx)
2354 return xlat_expand_struct(out, 0, request, xlat, escape, ctx);