extern char **environ;
#endif
-/*
- * structure to hold perl configuration items.
- * they are stored in a hash (fr_hash_table_t), using FreeRADIUS functions.
- */
-typedef struct perl_conf_t
-{
- char *attr;
- char *value;
-} perl_conf_t;
-
/*
* Define a structure for our module configuration.
*
*/
typedef struct rlm_perl_t {
/* Name of the perl module */
- char *module;
+ char const *module;
/* Name of the functions for each module method */
- char *func_authorize;
- char *func_authenticate;
- char *func_accounting;
- char *func_start_accounting;
- char *func_stop_accounting;
- char *func_preacct;
- char *func_checksimul;
- char *func_detach;
- char *func_xlat;
+ char const *func_authorize;
+ char const *func_authenticate;
+ char const *func_accounting;
+ char const *func_start_accounting;
+ char const *func_stop_accounting;
+ char const *func_preacct;
+ char const *func_checksimul;
+ char const *func_detach;
+ char const *func_xlat;
#ifdef WITH_PROXY
- char *func_pre_proxy;
- char *func_post_proxy;
+ char const *func_pre_proxy;
+ char const *func_post_proxy;
#endif
- char *func_post_auth;
+ char const *func_post_auth;
#ifdef WITH_COA
- char *func_recv_coa;
- char *func_send_coa;
+ char const *func_recv_coa;
+ char const *func_send_coa;
#endif
- char *xlat_name;
- char *perl_flags;
- PerlInterpreter *perl;
+ char const *xlat_name;
+ char const *perl_flags;
+ PerlInterpreter *perl;
pthread_key_t *thread_key;
#ifdef USE_ITHREADS
- pthread_mutex_t clone_mutex;
+ pthread_mutex_t clone_mutex;
#endif
- fr_hash_table_t *perl_conf_ht; // holds "config" section entries
-
+ HV *rad_perlconf_hv; //!< holds "config" items (perl %RAD_PERLCONF hash).
+
} rlm_perl_t;
/*
* A mapping of configuration file names to internal variables.
*/
-#define RLM_PERL_CONF(_x) { "func_" STRINGIFY(_x), PW_TYPE_STRING_PTR, \
+#define RLM_PERL_CONF(_x) { "func_" STRINGIFY(_x), PW_TYPE_STRING, \
offsetof(rlm_perl_t,func_##_x), NULL, STRINGIFY(_x)}
static const CONF_PARSER module_config[] = {
- { "module", PW_TYPE_FILE_INPUT | PW_TYPE_DEPRECATED,
- offsetof(rlm_perl_t,module), NULL, NULL},
- { "filename", PW_TYPE_FILE_INPUT | PW_TYPE_REQUIRED,
- offsetof(rlm_perl_t,module), NULL, NULL},
+ { "module", FR_CONF_OFFSET(PW_TYPE_FILE_INPUT | PW_TYPE_DEPRECATED, rlm_perl_t, module), NULL },
+ { "filename", FR_CONF_OFFSET(PW_TYPE_FILE_INPUT | PW_TYPE_REQUIRED, rlm_perl_t, module), NULL },
RLM_PERL_CONF(authorize),
RLM_PERL_CONF(authenticate),
RLM_PERL_CONF(recv_coa),
RLM_PERL_CONF(send_coa),
#endif
- { "perl_flags", PW_TYPE_STRING_PTR,
- offsetof(rlm_perl_t,perl_flags), NULL, NULL},
+ { "perl_flags", FR_CONF_OFFSET(PW_TYPE_STRING, rlm_perl_t, perl_flags), NULL },
- { "func_start_accounting", PW_TYPE_STRING_PTR,
- offsetof(rlm_perl_t,func_start_accounting), NULL, NULL},
+ { "func_start_accounting", FR_CONF_OFFSET(PW_TYPE_STRING, rlm_perl_t, func_start_accounting), NULL },
- { "func_stop_accounting", PW_TYPE_STRING_PTR,
- offsetof(rlm_perl_t,func_stop_accounting), NULL, NULL},
+ { "func_stop_accounting", FR_CONF_OFFSET(PW_TYPE_STRING, rlm_perl_t, func_stop_accounting), NULL },
{ NULL, -1, 0, NULL, NULL } /* end the list */
};
PL_ptr_table = NULL;
PERL_SET_CONTEXT(aTHX);
- rlm_perl_clear_handles(aTHX);
+ rlm_perl_clear_handles(aTHX);
ret = pthread_setspecific(*key, interp);
if (ret != 0) {
#endif
/*
- *
* This is wrapper for radlog
* Now users can call radiusd::radlog(level,msg) wich is the same
* calling radlog from C code.
- * Boyan
*/
static XS(XS_radiusd_radlog)
{
static ssize_t perl_xlat(void *instance, REQUEST *request, char const *fmt, char *out, size_t freespace)
{
- rlm_perl_t *inst= (rlm_perl_t *) instance;
+ rlm_perl_t *inst = (rlm_perl_t *) instance;
char *tmp;
char const *p, *q;
int count;
return ret;
}
-/*
- * Hash functions for the perl configuration items
+/*
+ * Parse a configuration section, and populate a HV.
+ * This function is recursively called (allows to have nested hashes.)
*/
-static uint32_t perl_conf_hash(void const *data)
+static void perl_parse_config(CONF_SECTION *cs, int lvl, HV *rad_hv)
{
- const perl_conf_t *pt_conf_item = data;
- return fr_hash_string(pt_conf_item->attr);
-}
-static int perl_conf_cmp(void const *a, void const *b)
-{
- const perl_conf_t *pt_conf_item_a = a;
- const perl_conf_t *pt_conf_item_b = b;
-
- if ((NULL == pt_conf_item_a) || (NULL == pt_conf_item_b)) return -1;
-
- const char * attr_a = pt_conf_item_a->attr;
- const char * attr_b = pt_conf_item_b->attr;
-
- if ((NULL == attr_a) || (NULL == attr_b)) return -1;
-
- return strcmp(attr_a, attr_b);
+ if (!cs || !rad_hv) return;
+
+ int indent_section = (lvl + 1) * 4;
+ int indent_item = (lvl + 2) * 4;
+
+ DEBUG("%*s%s {", indent_section, " ", cf_section_name1(cs));
+
+ CONF_ITEM *ci;
+
+ for (ci = cf_item_find_next(cs, NULL);
+ ci;
+ ci = cf_item_find_next(cs, ci)) {
+ /*
+ * This is a section.
+ * Create a new HV, store it as a reference in current HV,
+ * Then recursively call perl_parse_config with this section and the new HV.
+ */
+ if (cf_item_is_section(ci)) {
+ CONF_SECTION *sub_cs = cf_itemtosection(ci);
+ char const *key = cf_section_name1(sub_cs); /* hash key */
+ HV *sub_hv;
+ SV *ref;
+
+ if (!key) continue;
+
+ if (hv_exists(rad_hv, key, strlen(key))) {
+ WARN("rlm_perl: Ignoring duplicate config section '%s'", key);
+ continue;
+ }
+
+ sub_hv = newHV();
+ ref = newRV_inc((SV*) sub_hv);
+
+ (void)hv_store(rad_hv, key, strlen(key), ref, 0);
+
+ perl_parse_config(sub_cs, lvl + 1, sub_hv);
+ } else if (cf_item_is_pair(ci)){
+ CONF_PAIR *cp = cf_itemtopair(ci);
+ char const *key = cf_pair_attr(cp); /* hash key */
+ char const *value = cf_pair_value(cp); /* hash value */
+
+ if (!key || !value) continue;
+
+ /*
+ * This is an item.
+ * Store item attr / value in current HV.
+ */
+ if (hv_exists(rad_hv, key, strlen(key))) {
+ WARN("rlm_perl: Ignoring duplicate config item '%s'", key);
+ continue;
+ }
+
+ (void)hv_store(rad_hv, key, strlen(key), newSVpv(value, strlen(value)), 0);
+
+ DEBUG("%*s%s = %s", indent_item, " ", key, value);
+ }
+ }
+
+ DEBUG("%*s}", indent_section, " ");
}
/*
* that must be referenced in later calls, store a handle to it
* in *instance otherwise put a null pointer there.
*
- * Boyan:
* Setup a hashes wich we will use later
* parse a module and give him a chance to live
*
rlm_perl_t *inst = instance;
AV *end_AV;
+ char const **embed_c; /* Stupid Perl and lack of const consistency */
char **embed;
char **envp = NULL;
char const *xlat_name;
int exitstatus = 0, argc=0;
- MEM(embed = talloc_zero_array(inst, char *, 4));
-
+ MEM(embed_c = talloc_zero_array(inst, char const *, 4));
+ memcpy(&embed, &embed_c, sizeof(embed));
/*
* Create pthread key. This key will be stored in instance
*/
char arg[] = "0";
- embed[0] = NULL;
+ embed_c[0] = NULL;
if (inst->perl_flags) {
- embed[1] = inst->perl_flags;
- embed[2] = inst->module;
- embed[3] = arg;
+ embed_c[1] = inst->perl_flags;
+ embed_c[2] = inst->module;
+ embed_c[3] = arg;
argc = 4;
} else {
- embed[1] = inst->module;
- embed[2] = arg;
+ embed_c[1] = inst->module;
+ embed_c[2] = arg;
argc = 3;
}
CONF_SECTION *cs;
cs = cf_section_sub_find(conf, "config");
if (cs) {
- CONF_ITEM *ci;
+ DEBUG("rlm_perl (%s): parsing 'config' section...", xlat_name);
- inst->perl_conf_ht = fr_hash_table_create(perl_conf_hash, perl_conf_cmp, NULL);
-
- for (ci = cf_item_find_next(cs, NULL);
- ci != NULL;
- ci = cf_item_find_next(cs, ci))
- {
- char const *attr;
- char const *value;
-
- if (!cf_item_is_pair(ci)) continue;
-
- CONF_PAIR *cp = cf_itemtopair(ci);
-
- attr = cf_pair_attr(cp);
- value = cf_pair_value(cp);
- if ((!attr) || (!value)) continue;
-
- perl_conf_t *pt_conf_item = talloc_zero(inst, perl_conf_t);
-
- pt_conf_item->attr = talloc_strdup(pt_conf_item, attr);
- pt_conf_item->value = talloc_strdup(pt_conf_item, value);
-
- // Be kind to minor mistakes.
- if (fr_hash_table_finddata(inst->perl_conf_ht, pt_conf_item)) {
- WARN("rlm_perl (%s): Ignoring duplicate conf item '%s'", xlat_name, attr);
- talloc_free(pt_conf_item);
- continue;
- }
+ inst->rad_perlconf_hv = get_hv("RAD_PERLCONF",1);
+ perl_parse_config(cs, 0, inst->rad_perlconf_hv);
- if (!fr_hash_table_insert(inst->perl_conf_ht, pt_conf_item)) {
- ERROR("rlm_perl (%s): Failed inserting '%s' into perl_conf table",
- xlat_name, attr);
- return -1;
- }
-
- DEBUG("rlm_perl (%s): stored perl conf item '%s' = [%s]", xlat_name, pt_conf_item->attr, pt_conf_item->value);
- }
+ DEBUG("rlm_perl (%s): done parsing 'config'.", xlat_name);
}
-
+
return 0;
}
* Example for this is Cisco-AVPair that holds multiple values.
* Which will be available as array_ref in $RAD_REQUEST{'Cisco-AVPair'}
*/
-static void perl_store_vps(TALLOC_CTX *ctx, VALUE_PAIR *vps, HV *rad_hv)
+static void perl_store_vps(UNUSED TALLOC_CTX *ctx, REQUEST *request, VALUE_PAIR *vps, HV *rad_hv)
{
- VALUE_PAIR *head, *sublist;
- AV *av;
- char const *name;
- char namebuf[256];
- char buffer[1024];
- size_t len;
+ VALUE_PAIR *vp;
hv_undef(rad_hv);
- /*
- * Copy the valuepair list so we can remove attributes
- * we've already processed. This is a horrible hack to
- * get around various other stupidity.
- */
- head = paircopy(ctx, vps);
+ vp_cursor_t cursor;
+
+ pairsort(&vps, attrtagcmp);
+ for (vp = fr_cursor_init(&cursor, &vps);
+ vp;
+ vp = fr_cursor_next(&cursor)) {
+ VALUE_PAIR *next;
+
+ char const *name;
+ char namebuf[256];
+ char buffer[1024];
+
+ size_t len;
- while (head) {
- vp_cursor_t cursor;
/*
* Tagged attributes are added to the hash with name
* <attribute>:<tag>, others just use the normal attribute
* name as the key.
*/
- if (head->da->flags.has_tag && (head->tag != 0)) {
- snprintf(namebuf, sizeof(namebuf), "%s:%d",
- head->da->name, head->tag);
+ if (vp->da->flags.has_tag && (vp->tag != TAG_ANY)) {
+ snprintf(namebuf, sizeof(namebuf), "%s:%d", vp->da->name, vp->tag);
name = namebuf;
} else {
- name = head->da->name;
+ name = vp->da->name;
}
/*
- * Create a new list with all the attributes like this one
- * which are in the same tag group.
+ * We've sorted by type, then tag, so attributes of the
+ * same type/tag should follow on from each other.
*/
- sublist = NULL;
- pairfilter(ctx, &sublist, &head, head->da->attr, head->da->vendor, head->tag);
-
- fr_cursor_init(&cursor, &sublist);
- /*
- * Attribute has multiple values
- */
- if (fr_cursor_next(&cursor)) {
- VALUE_PAIR *vp;
+ if ((next = fr_cursor_next_peek(&cursor)) && ATTRIBUTE_EQ(vp, next)) {
+ AV *av;
av = newAV();
- for (vp = fr_cursor_first(&cursor);
- vp;
- vp = fr_cursor_next(&cursor)) {
- len = vp_prints_value(buffer, sizeof(buffer), vp, 0);
- av_push(av, newSVpv(buffer, truncate_len(len, sizeof(buffer))));
+ for (next = fr_cursor_first(&cursor);
+ next;
+ next = fr_cursor_next_by_da(&cursor, vp->da, vp->tag)) {
+ switch (vp->da->type) {
+ case PW_TYPE_STRING:
+ av_push(av, newSVpv(next->vp_strvalue, next->length));
+ RDEBUG("<-- %s = %s", next->da->name, next->vp_strvalue);
+ break;
+
+ default:
+ len = vp_prints_value(buffer, sizeof(buffer), next, 0);
+ RDEBUG("<-- %s = %s", next->da->name, buffer);
+ av_push(av, newSVpv(buffer, truncate_len(len, sizeof(buffer))));
+ break;
+ }
}
(void)hv_store(rad_hv, name, strlen(name), newRV_noinc((SV *)av), 0);
- /*
- * Attribute has a single value, so its value just gets
- * added to the hash.
- */
- } else {
- len = vp_prints_value(buffer, sizeof(buffer), sublist, 0);
- (void)hv_store(rad_hv, name, strlen(name), newSVpv(buffer, truncate_len(len, sizeof(buffer))), 0);
+ continue;
}
- pairfree(&sublist);
+ /*
+ * It's a normal single valued attribute
+ */
+ switch (vp->da->type) {
+ case PW_TYPE_STRING:
+ RDEBUG("<-- %s = %s", next->da->name, next->vp_strvalue);
+ (void)hv_store(rad_hv, name, strlen(name), newSVpv(vp->vp_strvalue, vp->length), 0);
+ break;
+
+ default:
+ len = vp_prints_value(buffer, sizeof(buffer), next, 0);
+ RDEBUG("<-- %s = %s", next->da->name, buffer);
+ (void)hv_store(rad_hv, name, strlen(name), newSVpv(buffer, truncate_len(len, sizeof(buffer))), 0);
+ break;
+ }
}
-
- rad_assert(!head);
-}
-
-/*
- * Walk perl_conf hash and use it to populate rad_hv (perl %RAD_PERLCONF hash).
- */
-static int perlconf_walk_callback(void *ctx, void *data)
-{
- HV *rad_hv = ctx;
- perl_conf_t *pt_conf_item = (perl_conf_t *)data;
-
- const char *attr = pt_conf_item->attr;
- const char *value = pt_conf_item->value;
-
- if ((NULL == attr) || (NULL == value)) return -1;
-
- (void)hv_store(rad_hv, attr, strlen(attr), newSVpv(value, strlen(value)), 0);
-
- return 0;
-}
-
-/*
- * Store content of perl_conf hash into a perl hash.
- */
-static void perl_store_perlconf(fr_hash_table_t *ht, HV *rad_hv)
-{
- hv_undef(rad_hv);
-
- fr_hash_table_walk(ht, perlconf_walk_callback, rad_hv);
}
/*
* Value Pair Format
*
*/
-static int pairadd_sv(TALLOC_CTX *ctx, VALUE_PAIR **vps, char *key, SV *sv, FR_TOKEN op)
+static int pairadd_sv(TALLOC_CTX *ctx, REQUEST *request, VALUE_PAIR **vps, char *key, SV *sv, FR_TOKEN op)
{
char *val;
VALUE_PAIR *vp;
if (SvOK(sv)) {
- val = SvPV_nolen(sv);
- vp = pairmake(ctx, vps, key, val, op);
- if (vp != NULL) {
- DEBUG("rlm_perl: Added pair %s = %s", key, val);
- return 1;
+ STRLEN len;
+ val = SvPV(sv, len);
+ vp = pairmake(ctx, vps, key, NULL, op);
+ if (!vp) {
+ fail:
+ REDEBUG("Failed to create pair %s = %s", key, val);
+ return 0;
+ }
+
+ if (vp->da->type != PW_TYPE_STRING) {
+ if (pairparsevalue(vp, val, 0) < 0) goto fail;
} else {
- EDEBUG("rlm_perl: Failed to create pair %s = %s", key, val);
+ pairstrncpy(vp, val, len);
}
+
+ RDEBUG("--> %s = %s", key, val);
+ return 1;
}
return 0;
}
/*
- * Boyan :
* Gets the content from hashes
*/
-static int get_hv_content(TALLOC_CTX *ctx, HV *my_hv, VALUE_PAIR **vps)
+static int get_hv_content(TALLOC_CTX *ctx, REQUEST *request, HV *my_hv, VALUE_PAIR **vps)
{
SV *res_sv, **av_sv;
AV *av;
len = av_len(av);
for (j = 0; j <= len; j++) {
av_sv = av_fetch(av, j, 0);
- ret = pairadd_sv(ctx, vps, key, *av_sv, T_OP_ADD) + ret;
+ ret = pairadd_sv(ctx, request, vps, key, *av_sv, T_OP_ADD) + ret;
}
- } else ret = pairadd_sv(ctx, vps, key, res_sv, T_OP_EQ) + ret;
+ } else ret = pairadd_sv(ctx, request, vps, key, res_sv, T_OP_EQ) + ret;
}
return ret;
* Store all vps in hashes %RAD_CHECK %RAD_REPLY %RAD_REQUEST
*
*/
-static int do_perl(void *instance, REQUEST *request, char *function_name)
+static int do_perl(void *instance, REQUEST *request, char const *function_name)
{
rlm_perl_t *inst = instance;
rad_config_hv = get_hv("RAD_CONFIG",1);
rad_request_hv = get_hv("RAD_REQUEST",1);
- perl_store_vps(request->reply, request->reply->vps, rad_reply_hv);
- perl_store_vps(request, request->config_items, rad_check_hv);
- perl_store_vps(request->packet, request->packet->vps, rad_request_hv);
- perl_store_vps(request, request->config_items, rad_config_hv);
+ perl_store_vps(request->reply, request, request->reply->vps, rad_reply_hv);
+ perl_store_vps(request, request, request->config_items, rad_check_hv);
+ perl_store_vps(request->packet, request, request->packet->vps, rad_request_hv);
+ perl_store_vps(request, request, request->config_items, rad_config_hv);
#ifdef WITH_PROXY
rad_request_proxy_hv = get_hv("RAD_REQUEST_PROXY",1);
rad_request_proxy_reply_hv = get_hv("RAD_REQUEST_PROXY_REPLY",1);
if (request->proxy != NULL) {
- perl_store_vps(request->proxy, request->proxy->vps, rad_request_proxy_hv);
+ perl_store_vps(request->proxy, request, request->proxy->vps, rad_request_proxy_hv);
} else {
hv_undef(rad_request_proxy_hv);
}
if (request->proxy_reply !=NULL) {
- perl_store_vps(request->proxy_reply, request->proxy_reply->vps, rad_request_proxy_reply_hv);
+ perl_store_vps(request->proxy_reply, request, request->proxy_reply->vps, rad_request_proxy_reply_hv);
} else {
hv_undef(rad_request_proxy_reply_hv);
}
#endif
- /* store perl configuration items in %RAD_PERLCONF */
- HV *rad_perlconf_hv;
- rad_perlconf_hv = get_hv("RAD_PERLCONF",1);
-
- perl_store_perlconf(inst->perl_conf_ht, rad_perlconf_hv);
-
PUSHMARK(SP);
/*
* This way %RAD_xx can be pushed onto stack as sub parameters.
LEAVE;
vp = NULL;
- if ((get_hv_content(request->packet, rad_request_hv, &vp)) > 0 ) {
+ if ((get_hv_content(request->packet, request, rad_request_hv, &vp)) > 0 ) {
pairfree(&request->packet->vps);
request->packet->vps = vp;
vp = NULL;
request->password = pairfind(request->packet->vps, PW_CHAP_PASSWORD, 0, TAG_ANY);
}
- if ((get_hv_content(request->reply, rad_reply_hv, &vp)) > 0 ) {
+ if ((get_hv_content(request->reply, request, rad_reply_hv, &vp)) > 0 ) {
pairfree(&request->reply->vps);
request->reply->vps = vp;
vp = NULL;
}
- if ((get_hv_content(request, rad_check_hv, &vp)) > 0 ) {
+ if ((get_hv_content(request, request, rad_check_hv, &vp)) > 0 ) {
pairfree(&request->config_items);
request->config_items = vp;
vp = NULL;
#ifdef WITH_PROXY
if (request->proxy &&
- (get_hv_content(request->proxy, rad_request_proxy_hv, &vp) > 0)) {
+ (get_hv_content(request->proxy, request, rad_request_proxy_hv, &vp) > 0)) {
pairfree(&request->proxy->vps);
request->proxy->vps = vp;
vp = NULL;
}
if (request->proxy_reply &&
- (get_hv_content(request->proxy_reply, rad_request_proxy_reply_hv, &vp) > 0)) {
+ (get_hv_content(request->proxy_reply, request, rad_request_proxy_reply_hv, &vp) > 0)) {
pairfree(&request->proxy_reply->vps);
request->proxy_reply->vps = vp;
vp = NULL;
return exitstatus;
}
-#define RLM_PERL_FUNC(_x) static rlm_rcode_t mod_##_x(void *instance, REQUEST *request) \
+#define RLM_PERL_FUNC(_x) static rlm_rcode_t CC_HINT(nonnull) mod_##_x(void *instance, REQUEST *request) \
{ \
return do_perl(instance, request, \
((rlm_perl_t *)instance)->func_##_x); \
/*
* Write accounting information to this modules database.
*/
-static rlm_rcode_t mod_accounting(void *instance, REQUEST *request)
+static rlm_rcode_t CC_HINT(nonnull) mod_accounting(void *instance, REQUEST *request)
{
VALUE_PAIR *pair;
int acctstatustype=0;
rlm_perl_t *inst = (rlm_perl_t *) instance;
int exitstatus = 0, count = 0;
+ hv_undef(inst->rad_perlconf_hv);
+
#if 0
/*
* FIXME: Call this in the destruct function?