X-Git-Url: http://www.project-moonshot.org/gitweb/?a=blobdiff_plain;f=src%2Fmodules%2Frlm_policy%2Fevaluate.c;h=3c1a000c6fffc3f1284c72c9fd3a88e90fadf36d;hb=9960563934a7da222528a1d82224aecc207c8aa8;hp=2bc5f1025d7bc4c5e980610eb2bb33a423a4c085;hpb=8ea249a2368657d811bd17b0e623a0f657651893;p=freeradius.git diff --git a/src/modules/rlm_policy/evaluate.c b/src/modules/rlm_policy/evaluate.c index 2bc5f10..3c1a000 100644 --- a/src/modules/rlm_policy/evaluate.c +++ b/src/modules/rlm_policy/evaluate.c @@ -38,29 +38,29 @@ RCSID("$Id$") static void policy_print(const policy_item_t *item, int indent) { if (!item) { - if (indent) printf("%*s", indent, " "); - printf("[NULL]\n"); + if (indent) fprintf(fr_log_fp, "%*s", indent, " "); + fprintf(fr_log_fp, "[NULL]\n"); return; } while (item) { switch (item->type) { case POLICY_TYPE_BAD: - if (indent) printf("%*s", indent, " "); - printf("[BAD STATEMENT]"); + if (indent) fprintf(fr_log_fp, "%*s", indent, " "); + fprintf(fr_log_fp, "[BAD STATEMENT]"); break; case POLICY_TYPE_PRINT: - if (indent) printf("%*s", indent, " "); + if (indent) fprintf(fr_log_fp, "%*s", indent, " "); { const policy_print_t *this; this = (const policy_print_t *) item; if (this->rhs_type == POLICY_LEX_BARE_WORD) { - printf("print %s\n", this->rhs); + fprintf(fr_log_fp, "print %s\n", this->rhs); } else { - printf("print \"%s\"\n", this->rhs); + fprintf(fr_log_fp, "print \"%s\"\n", this->rhs); } } break; @@ -70,18 +70,18 @@ static void policy_print(const policy_item_t *item, int indent) const policy_assignment_t *assign; assign = (const policy_assignment_t *) item; - if (indent) printf("%*s", indent, " "); + if (indent) fprintf(fr_log_fp, "%*s", indent, " "); - printf("\t%s %s ", assign->lhs, + fprintf(fr_log_fp, "\t%s %s ", assign->lhs, fr_int2str(rlm_policy_tokens, assign->assign, "?")); if (assign->rhs_type == POLICY_LEX_BARE_WORD) { - printf("%s\n", assign->rhs); + fprintf(fr_log_fp, "%s\n", assign->rhs); } else { /* * FIXME: escape " */ - printf("\"%s\"\n", assign->rhs); + fprintf(fr_log_fp, "\"%s\"\n", assign->rhs); } } break; @@ -92,61 +92,65 @@ static void policy_print(const policy_item_t *item, int indent) condition = (const policy_condition_t *) item; - printf("("); + fprintf(fr_log_fp, "("); + + if (condition->sense) { + fprintf(fr_log_fp, "!"); + } /* * Nested conditions. */ if (condition->compare == POLICY_LEX_L_BRACKET) { policy_print(condition->child, indent); - printf(")"); + fprintf(fr_log_fp, ")"); break; } if (condition->compare == POLICY_LEX_L_NOT) { - printf("!"); + fprintf(fr_log_fp, "!"); policy_print(condition->child, indent); - printf(")"); + fprintf(fr_log_fp, ")"); break; } if (condition->compare == POLICY_LEX_CMP_TRUE) { - printf("%s)", condition->lhs); + fprintf(fr_log_fp, "%s)", condition->lhs); break; } if (condition->lhs_type == POLICY_LEX_FUNCTION) { - printf("%s()", condition->lhs); + fprintf(fr_log_fp, "%s()", condition->lhs); } else { /* * FIXME: escape ", * and move all of this logic * to a function. */ - printf("\"%s\"", condition->lhs); + fprintf(fr_log_fp, "\"%s\"", condition->lhs); } /* * We always print this condition. */ - printf(" %s ", fr_int2str(rlm_policy_tokens, + fprintf(fr_log_fp, " %s ", fr_int2str(rlm_policy_tokens, condition->compare, "?")); if (condition->rhs_type == POLICY_LEX_BARE_WORD) { - printf("%s", condition->rhs); + fprintf(fr_log_fp, "%s", condition->rhs); } else { /* * FIXME: escape ", * and move all of this logic * to a function. */ - printf("\"%s\"", condition->rhs); + fprintf(fr_log_fp, "\"%s\"", condition->rhs); } - printf(")"); + fprintf(fr_log_fp, ")"); if ((condition->child_condition != POLICY_LEX_BAD) && (condition->child_condition != POLICY_LEX_BARE_WORD)) { - printf(" %s ", fr_int2str(rlm_policy_tokens, condition->child_condition, "?")); + fprintf(fr_log_fp, " %s ", fr_int2str(rlm_policy_tokens, condition->child_condition, "?")); policy_print(condition->child, indent); } } @@ -158,24 +162,24 @@ static void policy_print(const policy_item_t *item, int indent) statement = (const policy_if_t *) item; - if (indent) printf("%*s", indent, " "); - printf("if "); + if (indent) fprintf(fr_log_fp, "%*s", indent, " "); + fprintf(fr_log_fp, "if "); policy_print(statement->condition, indent); - printf(" {\n"); + fprintf(fr_log_fp, " {\n"); policy_print(statement->if_true, indent + 1); - if (indent) printf("%*s", indent, " "); + if (indent) fprintf(fr_log_fp, "%*s", indent, " "); if (statement->if_false) { - printf("} else "); + fprintf(fr_log_fp, "} else "); if (statement->if_false->type == POLICY_TYPE_ASSIGNMENT) { - printf(" { "); + fprintf(fr_log_fp, " { "); policy_print(statement->if_false, indent + 1); - if (indent) printf("%*s", indent, " "); - printf(" }"); + if (indent) fprintf(fr_log_fp, "%*s", indent, " "); + fprintf(fr_log_fp, " }"); } else { policy_print(statement->if_false, indent + 1); } } else { - printf("}\n"); + fprintf(fr_log_fp, "}\n"); } } break; @@ -186,15 +190,15 @@ static void policy_print(const policy_item_t *item, int indent) this = (const policy_attributes_t *) item; - if (indent) printf("%*s", indent, " "); - printf("%s %s {\n", + if (indent) fprintf(fr_log_fp, "%*s", indent, " "); + fprintf(fr_log_fp, "%s %s {\n", fr_int2str(policy_reserved_words, this->where, "?"), fr_int2str(rlm_policy_tokens, this->how, "?")); policy_print(this->attributes, indent + 1); - if (indent) printf("%*s", indent, " "); - printf("}\n"); + if (indent) fprintf(fr_log_fp, "%*s", indent, " "); + fprintf(fr_log_fp, "}\n"); } break; @@ -203,11 +207,11 @@ static void policy_print(const policy_item_t *item, int indent) const policy_named_t *this; this = (const policy_named_t *) item; - if (indent) printf("%*s", indent, " "); - printf("policy %s {\n", this->name); + if (indent) fprintf(fr_log_fp, "%*s", indent, " "); + fprintf(fr_log_fp, "policy %s {\n", this->name); policy_print(this->policy, indent + 1); - if (indent) printf("%*s", indent, " "); - printf("}\n"); + if (indent) fprintf(fr_log_fp, "%*s", indent, " "); + fprintf(fr_log_fp, "}\n"); } break; @@ -216,8 +220,8 @@ static void policy_print(const policy_item_t *item, int indent) const policy_call_t *this; this = (const policy_call_t *) item; - if (indent) printf("%*s", indent, " "); - printf("call %s\n", this->name); + if (indent) fprintf(fr_log_fp, "%*s", indent, " "); + fprintf(fr_log_fp, "call %s\n", this->name); } break; @@ -226,8 +230,8 @@ static void policy_print(const policy_item_t *item, int indent) const policy_return_t *this; this = (const policy_return_t *) item; - if (indent) printf("%*s", indent, " "); - printf("return %s\n", + if (indent) fprintf(fr_log_fp, "%*s", indent, " "); + fprintf(fr_log_fp, "return %s\n", fr_int2str(policy_return_codes, this->rcode, "???")); } @@ -238,16 +242,16 @@ static void policy_print(const policy_item_t *item, int indent) const policy_module_t *this; this = (const policy_module_t *) item; - if (indent) printf("%*s", indent, " "); - printf("module %s \n", + if (indent) fprintf(fr_log_fp, "%*s", indent, " "); + fprintf(fr_log_fp, "module %s \n", fr_int2str(policy_component_names, this->component, "???")); } break; default: - if (indent) printf("%*s", indent, " "); - printf("[HUH?]\n"); + if (indent) fprintf(fr_log_fp, "%*s", indent, " "); + fprintf(fr_log_fp, "[HUH?]\n"); break; } @@ -259,9 +263,10 @@ static void policy_print(const policy_item_t *item, int indent) void rlm_policy_print(const policy_item_t *item) { - printf("----------------------------------------------------------\n"); + if (!fr_log_fp) return; + + fprintf(fr_log_fp, "# rlm_policy \n"); policy_print(item, 0); - printf("----------------------------------------------------------\n"); } /* @@ -386,16 +391,19 @@ static int evaluate_print(policy_state_t *state, const policy_item_t *item) { const policy_print_t *this; + if (!fr_log_fp) return 1; + this = (const policy_print_t *) item; if (this->rhs_type == POLICY_LEX_BARE_WORD) { - printf("%s\n", this->rhs); + fprintf(fr_log_fp, "%s\n", this->rhs); } else { char buffer[1024]; radius_xlat(buffer, sizeof(buffer), this->rhs, state->request, NULL); - printf("%s", buffer); + fprintf(fr_log_fp, "%s", buffer); + if (!strchr(buffer, '\n')) fprintf(fr_log_fp, "\n"); } /* @@ -430,6 +438,7 @@ static VALUE_PAIR *find_vp(REQUEST *request, const char *name) } else if (strncasecmp(name, "reply:", 6) == 0) { p += 6; vps = request->reply->vps; +#ifdef WITH_PROXY } else if (strncasecmp(name, "proxy-request:", 14) == 0) { p += 14; if (request->proxy) { @@ -440,6 +449,7 @@ static VALUE_PAIR *find_vp(REQUEST *request, const char *name) if (request->proxy_reply) { vps = request->proxy_reply->vps; } +#endif } else if (strncasecmp(name, "control:", 8) == 0) { p += 8; vps = request->config_items; @@ -455,7 +465,7 @@ static VALUE_PAIR *find_vp(REQUEST *request, const char *name) return NULL; /* no such attribute */ } - return pairfind(vps, dattr->attr); + return pairfind(vps, dattr->attr, dattr->vendor); } @@ -464,7 +474,7 @@ static VALUE_PAIR *find_vp(REQUEST *request, const char *name) * * Not really used much... */ -static int evaluate_assignment(policy_state_t *state, const policy_item_t *item) +static int evaluate_assignment(UNUSED policy_state_t *state, const policy_item_t *item) { const policy_assignment_t *this; #if 0 @@ -579,10 +589,13 @@ static int evaluate_condition(policy_state_t *state, const policy_item_t *item) vp = find_vp(state->request, this->lhs); /* - * A op B always returns FALSE if A doesn't + * A op B is FALSE if A doesn't * exist. */ - if (!vp) return FALSE; /* not in the request */ + if (!vp) { + rcode = FALSE; + break; + } /* * FIXME: Move sanity checks to @@ -614,7 +627,7 @@ static int evaluate_condition(policy_state_t *state, const policy_item_t *item) /* * FIXME: Do something for RHS type? */ - printf("CMP %s %s\n", lhs_buffer, this->rhs); + fr_printf_log("CMP %s %s\n", lhs_buffer, this->rhs); compare = strcmp(lhs_buffer, this->rhs); } @@ -656,6 +669,7 @@ static int evaluate_condition(policy_state_t *state, const policy_item_t *item) */ if (regcomp(®, this->rhs, REG_EXTENDED) != 0) { + /* FIXME: print error */ return FALSE; } rad_assert(data != NULL); @@ -734,6 +748,8 @@ static int evaluate_condition(policy_state_t *state, const policy_item_t *item) break; /* default from first switch over compare */ } + if (this->sense) rcode = (rcode == FALSE); /* reverse sense of test */ + /* * No trailing &&, || */ @@ -838,7 +854,7 @@ static VALUE_PAIR *assign2vp(REQUEST *request, vp = pairmake(assign->lhs, value, operator); if (!vp) { - fprintf(stderr, "SHIT: %s %s\n", value, librad_errstr); + fprintf(stderr, "Failed creating pair: %s %s\n", value, fr_strerror()); } return vp; @@ -871,6 +887,7 @@ static int evaluate_attr_list(policy_state_t *state, const policy_item_t *item) vps = &(state->request->reply->vps); break; +#ifdef WITH_PROXY case POLICY_RESERVED_PROXY_REQUEST: if (!state->request->proxy) return 0; /* FIXME: print error */ vps = &(state->request->proxy->vps); @@ -880,6 +897,7 @@ static int evaluate_attr_list(policy_state_t *state, const policy_item_t *item) if (!state->request->proxy_reply) return 0; /* FIXME: print error */ vps = &(state->request->proxy_reply->vps); break; +#endif default: return 0; @@ -924,7 +942,7 @@ static int evaluate_attr_list(policy_state_t *state, const policy_item_t *item) break; case POLICY_LEX_BEFORE_HEAD_ASSIGN: - pairmove(&head, &vps); + pairmove(&head, vps); pairfree(vps); *vps = head; break;