2 * conffile.c Read the radiusd.conf file.
4 * Yep I should learn to use lex & yacc, or at least
5 * write a decent parser. I know how to do that, really :)
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License as published by
12 * the Free Software Foundation; either version 2 of the License, or
13 * (at your option) any later version.
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 * GNU General Public License for more details.
20 * You should have received a copy of the GNU General Public License
21 * along with this program; if not, write to the Free Software
22 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
24 * Copyright 2000,2006 The FreeRADIUS server project
25 * Copyright 2000 Miquel van Smoorenburg <miquels@cistron.nl>
26 * Copyright 2000 Alan DeKok <aland@ox.org>
29 #include <freeradius-devel/ident.h>
32 #include <freeradius-devel/radiusd.h>
33 #include <freeradius-devel/rad_assert.h>
39 #ifdef HAVE_SYS_STAT_H
45 typedef enum conf_type {
46 CONF_ITEM_INVALID = 0,
53 struct conf_item *next;
54 struct conf_part *parent;
64 LRAD_TOKEN value_type;
70 struct conf_item *children;
71 struct conf_item *tail; /* for speed */
72 CONF_SECTION *template;
73 rbtree_t *pair_tree; /* and a partridge.. */
74 rbtree_t *section_tree; /* no jokes here */
75 rbtree_t *name2_tree; /* for sections of the same name2 */
79 const CONF_PARSER *variables;
84 * Internal data that is associated with a configuration section,
85 * so that we don't have to track it separately.
91 void *data; /* user data */
92 void (*free)(void *); /* free user data function */
96 static int cf_data_add_internal(CONF_SECTION *cs, const char *name,
97 void *data, void (*data_free)(void *),
99 static void *cf_data_find_internal(CONF_SECTION *cs, const char *name,
103 * Isolate the scary casts in these tiny provably-safe functions
105 CONF_PAIR *cf_itemtopair(CONF_ITEM *ci)
109 rad_assert(ci->type == CONF_ITEM_PAIR);
110 return (CONF_PAIR *)ci;
112 CONF_SECTION *cf_itemtosection(CONF_ITEM *ci)
116 rad_assert(ci->type == CONF_ITEM_SECTION);
117 return (CONF_SECTION *)ci;
119 CONF_ITEM *cf_pairtoitem(CONF_PAIR *cp)
123 return (CONF_ITEM *)cp;
125 CONF_ITEM *cf_sectiontoitem(CONF_SECTION *cs)
129 return (CONF_ITEM *)cs;
132 static CONF_DATA *cf_itemtodata(CONF_ITEM *ci)
136 rad_assert(ci->type == CONF_ITEM_DATA);
137 return (CONF_DATA *)ci;
139 static CONF_ITEM *cf_datatoitem(CONF_DATA *cd)
143 return (CONF_ITEM *)cd;
147 * Create a new CONF_PAIR
149 static CONF_PAIR *cf_pair_alloc(const char *attr, const char *value,
150 LRAD_TOKEN operator, LRAD_TOKEN value_type,
151 CONF_SECTION *parent)
155 cp = rad_malloc(sizeof(*cp));
156 memset(cp, 0, sizeof(*cp));
157 cp->item.type = CONF_ITEM_PAIR;
158 cp->item.parent = parent;
159 cp->attr = strdup(attr);
160 if (value) cp->value = strdup(value);
161 cp->value_type = value_type;
162 cp->operator = operator;
170 void cf_pair_free(CONF_PAIR **cp)
172 if (!cp || !*cp) return;
180 memset(*cp, 0, sizeof(*cp));
188 static void cf_data_free(CONF_DATA **cd)
190 if (!cd || !*cd) return;
192 if ((*cd)->flag != 0) free((*cd)->name);
196 ((*cd)->free)((*cd)->data);
199 memset(*cd, 0, sizeof(*cd));
206 * rbtree callback function
208 static int pair_cmp(const void *a, const void *b)
210 const CONF_PAIR *one = a;
211 const CONF_PAIR *two = b;
213 return strcmp(one->attr, two->attr);
218 * rbtree callback function
220 static int section_cmp(const void *a, const void *b)
222 const CONF_SECTION *one = a;
223 const CONF_SECTION *two = b;
225 return strcmp(one->name1, two->name1);
230 * rbtree callback function
232 static int name2_cmp(const void *a, const void *b)
234 const CONF_SECTION *one = a;
235 const CONF_SECTION *two = b;
237 rad_assert(strcmp(one->name1, two->name1) == 0);
239 if (!one->name2 && !two->name2) return 0;
240 if (!one->name2) return -1;
241 if (!two->name2) return +1;
243 return strcmp(one->name2, two->name2);
248 * rbtree callback function
250 static int data_cmp(const void *a, const void *b)
254 const CONF_DATA *one = a;
255 const CONF_DATA *two = b;
257 rcode = one->flag - two->flag;
258 if (rcode != 0) return rcode;
260 return strcmp(one->name, two->name);
265 * Free strings we've parsed into data structures.
267 void cf_section_parse_free(CONF_SECTION *cs, void *base)
270 const CONF_PARSER *variables = cs->variables;
273 * Don't automatically free the strings if we're being
274 * called from a module. This is also for clients.c,
275 * where client_free() expects to be able to free the
276 * client structure. If we moved everything to key off
277 * of the config files, we might solve some problems...
279 if (!variables) return;
282 * Free up dynamically allocated string pointers.
284 for (i = 0; variables[i].name != NULL; i++) {
287 if ((variables[i].type != PW_TYPE_STRING_PTR) &&
288 (variables[i].type != PW_TYPE_FILENAME)) {
293 * No base struct offset, data must be the pointer.
294 * If data doesn't exist, ignore the entry, there
295 * must be something wrong.
298 if (!variables[i].data) {
302 p = (char **) variables[i].data;;
304 } else if (variables[i].data) {
305 p = (char **) variables[i].data;;
308 p = (char **) (((char *)base) + variables[i].offset);
318 * Free a CONF_SECTION
320 void cf_section_free(CONF_SECTION **cs)
322 CONF_ITEM *ci, *next;
324 if (!cs || !*cs) return;
326 cf_section_parse_free(*cs, (*cs)->base);
328 for (ci = (*cs)->children; ci; ci = next) {
332 case CONF_ITEM_PAIR: {
333 CONF_PAIR *pair = cf_itemtopair(ci);
338 case CONF_ITEM_SECTION: {
339 CONF_SECTION *section = cf_itemtosection(ci);
340 cf_section_free(§ion);
344 case CONF_ITEM_DATA: {
345 CONF_DATA *data = cf_itemtodata(ci);
350 default: /* should really be an error. */
359 if ((*cs)->pair_tree)
360 rbtree_free((*cs)->pair_tree);
361 if ((*cs)->section_tree)
362 rbtree_free((*cs)->section_tree);
363 if ((*cs)->name2_tree)
364 rbtree_free((*cs)->name2_tree);
365 if ((*cs)->data_tree)
366 rbtree_free((*cs)->data_tree);
369 * And free the section
372 memset(*cs, 0, sizeof(*cs));
381 * Allocate a CONF_SECTION
383 static CONF_SECTION *cf_section_alloc(const char *name1, const char *name2,
384 CONF_SECTION *parent)
388 if (!name1) return NULL;
390 cs = rad_malloc(sizeof(*cs));
391 memset(cs, 0, sizeof(*cs));
392 cs->item.type = CONF_ITEM_SECTION;
393 cs->item.parent = parent;
394 cs->name1 = strdup(name1);
396 cf_section_free(&cs);
400 if (name2 && *name2) {
401 cs->name2 = strdup(name2);
403 cf_section_free(&cs);
407 cs->pair_tree = rbtree_create(pair_cmp, NULL, 0);
408 if (!cs->pair_tree) {
409 cf_section_free(&cs);
414 * Don't create a data tree, it may not be needed.
418 * Don't create the section tree here, it may not
422 if (parent) cs->depth = parent->depth + 1;
429 * Add an item to a configuration section.
431 static void cf_item_add(CONF_SECTION *cs, CONF_ITEM *ci)
434 rad_assert(cs->tail == NULL);
437 rad_assert(cs->tail != NULL);
442 * Update the trees (and tail) for each item added.
444 for (/* nothing */; ci != NULL; ci = ci->next) {
448 * For fast lookups, pair's and sections get
453 rbtree_insert(cs->pair_tree, ci);
456 case CONF_ITEM_SECTION: {
457 const CONF_SECTION *cs_new = cf_itemtosection(ci);
459 if (!cs->section_tree) {
460 cs->section_tree = rbtree_create(section_cmp, NULL, 0);
461 /* ignore any errors */
464 if (cs->section_tree) {
465 rbtree_insert(cs->section_tree, cs_new); }
468 * Two names: find the named instance.
471 CONF_SECTION *old_cs;
475 * CONF_SECTION having
476 * the given name1, and
480 old_cs = rbtree_finddata(cs->section_tree, cs_new);
481 if (!old_cs) return; /* this is a bad error! */
483 if (!old_cs->name2_tree) {
484 old_cs->name2_tree = rbtree_create(name2_cmp,
487 if (old_cs->name2_tree) {
488 rbtree_insert(old_cs->name2_tree, cs_new);
492 } /* was a section */
495 if (!cs->data_tree) {
496 cs->data_tree = rbtree_create(data_cmp, NULL, 0);
499 rbtree_insert(cs->data_tree, ci);
503 default: /* FIXME: assert & error! */
506 } /* switch over conf types */
511 CONF_ITEM *cf_reference_item(const CONF_SECTION *parentcs,
512 const CONF_SECTION *outercs,
516 const CONF_SECTION *cs = outercs, *next;
520 strlcpy(name, ptr, sizeof(name));
524 * ".foo" means "foo from the current section"
530 * ..foo means "foo from the section
531 * enclosing this section" (etc.)
535 cs = cs->item.parent;
540 * "foo.bar.baz" means "from the root"
542 } else if (strchr(p, '.') != NULL) {
553 if (r && q > r) q = NULL;
554 if (q && q < r) r = NULL;
560 q = strchr(r + 1, ']');
561 if (!q) return NULL; /* parse error */
564 * Points to foo[bar]xx: parse error,
565 * it should be foo[bar] or foo[bar].baz
567 if (q[1] && q[1] != '.') goto no_such_item;
571 next = cf_section_sub_find_name2(cs, p, r + 1);
576 * Points to a named instance of a section.
579 if (!next) goto no_such_item;
580 return cf_sectiontoitem(next);
583 q++; /* ensure we skip the ']' and '.' */
587 next = cf_section_sub_find(cs, p);
591 if (!next) break; /* it MAY be a pair in this section! */
597 if (!*p) goto no_such_item;
601 * Find it in the current referenced
604 cp = cf_pair_find(cs, p);
605 if (cp) return cf_pairtoitem(cp);
607 next = cf_section_sub_find(cs, p);
608 if (next) return cf_sectiontoitem(next);
611 * "foo" is "in the current section, OR in main".
613 if ((p == name) && (cs != parentcs)) {
619 DEBUG2("WARNING: No such configuration item %s", ptr);
624 CONF_SECTION *cf_top_section(const CONF_SECTION *cs)
626 while (cs->item.parent != NULL) {
627 cs = cs->item.parent;
635 * Expand the variables in an input string.
637 static const char *cf_expand_variables(const char *cf, int *lineno,
638 const CONF_SECTION *outercs,
639 char *output, const char *input)
642 const char *end, *ptr;
643 const CONF_SECTION *parentcs;
647 * Find the master parent conf section.
648 * We can't use mainconfig.config, because we're in the
649 * process of re-building it, and it isn't set up yet...
651 parentcs = cf_top_section(outercs);
657 * Ignore anything other than "${"
659 if ((*ptr == '$') && (ptr[1] == '{')) {
664 * FIXME: Add support for ${foo:-bar},
669 * Look for trailing '}', and log a
670 * warning for anything that doesn't match,
671 * and exit with a fatal error.
673 end = strchr(ptr, '}');
676 radlog(L_INFO, "%s[%d]: Variable expansion missing }",
684 * Can't really happen because input lines are
685 * capped at 8k, which is sizeof(name)
687 if ((end - ptr) >= sizeof(name)) {
688 radlog(L_ERR, "%s[%d]: Reference string is too large",
693 memcpy(name, ptr, end - ptr);
694 name[end - ptr] = '\0';
696 ci = cf_reference_item(parentcs, outercs, name);
697 if (!ci || (ci->type != CONF_ITEM_PAIR)) {
698 radlog(L_ERR, "%s[%d]: Reference \"%s\" not found",
704 * Substitute the value of the variable.
706 cp = cf_itemtopair(ci);
707 strcpy(p, cp->value);
711 } else if (memcmp(ptr, "$ENV{", 5) == 0) {
717 * Look for trailing '}', and log a
718 * warning for anything that doesn't match,
719 * and exit with a fatal error.
721 end = strchr(ptr, '}');
724 radlog(L_INFO, "%s[%d]: Environment variable expansion missing }",
730 * Can't really happen because input lines are
731 * capped at 8k, which is sizeof(name)
733 if ((end - ptr) >= sizeof(name)) {
734 radlog(L_ERR, "%s[%d]: Environment variable name is too large",
739 memcpy(name, ptr, end - ptr);
740 name[end - ptr] = '\0';
743 * Get the environment variable.
744 * If none exists, then make it an empty string.
758 * Copy it over verbatim.
762 } /* loop over all of the input string. */
771 * Parses an item (not a CONF_ITEM) into the specified format,
772 * with a default value.
774 * Returns -1 on error, 0 for correctly parsed, and 1 if the
775 * default value was used. Note that the default value will be
776 * used ONLY if the CONF_PAIR is NULL.
778 int cf_item_parse(CONF_SECTION *cs, const char *name,
779 int type, void *data, const char *dflt)
784 lrad_ipaddr_t ipaddr;
788 cp = cf_pair_find(cs, name);
793 return 1; /* nothing to parse, return default value */
805 case PW_TYPE_BOOLEAN:
807 * Allow yes/no and on/off
809 if ((strcasecmp(value, "yes") == 0) ||
810 (strcasecmp(value, "on") == 0)) {
812 } else if ((strcasecmp(value, "no") == 0) ||
813 (strcasecmp(value, "off") == 0)) {
817 radlog(L_ERR, "Bad value \"%s\" for boolean variable %s", value, name);
820 DEBUG2("\t%s = %s", name, value);
823 case PW_TYPE_INTEGER:
824 *(int *)data = strtol(value, 0, 0);
825 DEBUG2("\t%s = %d", name, *(int *)data);
828 case PW_TYPE_STRING_PTR:
835 * Expand variables which haven't already been
836 * expanded automagically when the configuration
842 int lineno = cs->item.lineno;
845 * FIXME: sizeof(buffer)?
847 value = cf_expand_variables("?",
850 if (!value) return -1;
853 DEBUG2("\t%s = \"%s\"", name, value ? value : "(null)");
854 *q = value ? strdup(value) : NULL;
858 * This is the same as PW_TYPE_STRING_PTR,
859 * except that we also "stat" the file, and
862 case PW_TYPE_FILENAME:
869 * Expand variables which haven't already been
870 * expanded automagically when the configuration
876 int lineno = cs->item.lineno;
879 * FIXME: sizeof(buffer)?
881 value = cf_expand_variables("?",
884 if (!value) return -1;
887 DEBUG2("\t%s = \"%s\"", name, value ? value : "(null)");
888 *q = value ? strdup(value) : NULL;
891 * And now we "stat" the file.
896 if (stat(*q, &buf) == 0) {
899 mtime = rad_malloc(sizeof(*mtime));
900 *mtime = buf.st_mtime;
902 cf_data_add_internal(cs, *q, mtime, free,
910 * Allow '*' as any address
912 if (strcmp(value, "*") == 0) {
913 *(uint32_t *) data = htonl(INADDR_ANY);
914 DEBUG2("\t%s = *", name);
917 if (ip_hton(value, AF_INET, &ipaddr) < 0) {
918 radlog(L_ERR, "Can't find IP address for host %s", value);
922 if (strspn(value, "0123456789.") == strlen(value)) {
923 DEBUG2("\t%s = %s", name, value);
925 DEBUG2("\t%s = %s IP address [%s]", name, value,
926 ip_ntoh(&ipaddr, ipbuf, sizeof(ipbuf)));
928 *(uint32_t *) data = ipaddr.ipaddr.ip4addr.s_addr;
931 case PW_TYPE_IPV6ADDR:
932 if (ip_hton(value, AF_INET6, &ipaddr) < 0) {
933 radlog(L_ERR, "Can't find IPv6 address for host %s", value);
936 DEBUG2("\t%s = %s IPv6 address [%s]", name, value,
937 ip_ntoh(&ipaddr, ipbuf, sizeof(ipbuf)));
938 memcpy(data, &ipaddr.ipaddr.ip6addr,
939 sizeof(ipaddr.ipaddr.ip6addr));
943 radlog(L_ERR, "type %d not supported yet", type);
946 } /* switch over variable type */
951 static const char *parse_spaces = " ";
954 * Parse a configuration section into user-supplied variables.
956 int cf_section_parse(CONF_SECTION *cs, void *base,
957 const CONF_PARSER *variables)
962 cs->variables = variables; /* this doesn't hurt anything */
965 DEBUG2("%.*s%s {", cs->depth, parse_spaces,
968 DEBUG2("%.*s%s %s {", cs->depth, parse_spaces,
969 cs->name1, cs->name2);
973 * Handle the known configuration parameters.
975 for (i = 0; variables[i].name != NULL; i++) {
977 * Handle subsections specially
979 if (variables[i].type == PW_TYPE_SUBSECTION) {
980 const CONF_SECTION *subcs;
981 subcs = cf_section_sub_find(cs, variables[i].name);
984 * If the configuration section is NOT there,
987 * FIXME! This is probably wrong... we should
988 * probably set the items to their default values.
990 if (!subcs) continue;
992 if (!variables[i].dflt) {
993 DEBUG2("Internal sanity check 1 failed in cf_section_parse");
997 if (cf_section_parse(subcs, base,
998 (const CONF_PARSER *) variables[i].dflt) < 0) {
1002 } /* else it's a CONF_PAIR */
1004 if (variables[i].data) {
1005 data = variables[i].data; /* prefer this. */
1007 data = ((char *)base) + variables[i].offset;
1009 DEBUG2("Internal sanity check 2 failed in cf_section_parse");
1014 * Parse the pair we found, or a default value.
1016 if (cf_item_parse(cs, variables[i].name, variables[i].type,
1017 data, variables[i].dflt) < 0) {
1020 } /* for all variables in the configuration section */
1022 DEBUG2("%.*s}", cs->depth, parse_spaces);
1029 DEBUG2("%.*s}", cs->depth, parse_spaces);
1030 cf_section_parse_free(cs, base);
1036 * Sanity check the "if" or "elsif", presuming that the first '('
1037 * has already been eaten.
1039 * We're not really parsing it here, just checking if it's mostly
1042 static int condition_looks_ok(const char **ptr)
1046 const char *p = *ptr;
1058 return 0; /* no trailing slash */
1070 return 0; /* no trailing slash */
1081 if (num_braces == 1) {
1082 const char *q = p + 1;
1085 * Validate that there isn't much
1086 * else after the closing brace.
1088 while ((*q == ' ') || (*q == '\t')) q++;
1097 *ptr = p + 1; /* include the trailing ')' */
1121 static const char *cf_local_file(CONF_SECTION *cs, const char *local,
1122 char *buffer, size_t bufsize)
1126 CONF_SECTION *parentcs = cf_top_section(cs);
1128 p = strrchr(parentcs->item.filename, '/');
1129 if (!p) return local;
1131 dirsize = (p - parentcs->item.filename) + 1;
1133 if ((dirsize + strlen(local)) >= bufsize) {
1137 memcpy(buffer, parentcs->item.filename, dirsize);
1138 strlcpy(buffer + dirsize, local, bufsize - dirsize);
1145 * Read a part of the config file.
1147 static int cf_section_read(const char *filename, int *lineno, FILE *fp,
1148 CONF_SECTION *current)
1151 CONF_SECTION *this, *css;
1163 this = current; /* add items here */
1166 * Read, checking for line continuations ('\\' at EOL)
1172 * Get data, and remember if we are at EOF.
1174 eof = (fgets(cbuf, sizeof(buf) - (cbuf - buf), fp) == NULL);
1180 * We've filled the buffer, and there isn't
1183 if ((cbuf[len - 1] != '\n') && !feof(fp)) {
1184 radlog(L_ERR, "%s[%d]: Line too long",
1190 * Check for continuations.
1192 if (cbuf[len - 1] == '\n') len--;
1195 * Last character is '\\'. Over-write it,
1196 * and read another line.
1198 if ((len > 0) && (cbuf[len - 1] == '\\')) {
1199 if (len >= (sizeof(buf) - 5)) {
1200 radlog(L_ERR, "%s[%d]: Line too long",
1205 cbuf[len - 1] = '\0';
1211 * We're at EOF, and haven't read anything. Stop.
1213 if (eof && (cbuf == buf)) {
1218 t1 = gettoken(&ptr, buf1, sizeof(buf1));
1220 if ((*buf1 == '#') || (*buf1 == '\0')) {
1225 * The caller eats "name1 name2 {", and calls us
1226 * for the data inside of the section. So if we
1227 * receive a closing brace, then it must mean the
1228 * end of the section.
1230 if (t1 == T_RCBRACE) {
1231 if (this == current) {
1232 radlog(L_ERR, "%s[%d]: Too many closing braces",
1237 this = this->item.parent;
1242 * Allow for $INCLUDE files
1244 * This *SHOULD* work for any level include.
1245 * I really really really hate this file. -cparker
1247 if ((strcasecmp(buf1, "$INCLUDE") == 0) ||
1248 (strcasecmp(buf1, "$-INCLUDE") == 0)) {
1249 t2 = getword(&ptr, buf2, sizeof(buf2));
1251 value = cf_expand_variables(filename, lineno, this, buf, buf2);
1252 if (!value) return -1;
1254 if (value[0] != '/') {
1255 value = cf_local_file(current, value, buf3,
1258 radlog(L_ERR, "%s[%d]: Directories too deep.",
1265 #ifdef HAVE_DIRENT_H
1269 * Include ALL non-"dot" files in the directory.
1272 if (value[strlen(value) - 1] == '/') {
1275 struct stat stat_buf;
1277 DEBUG2("including files in directory %s", value );
1278 dir = opendir(value);
1280 radlog(L_ERR, "%s[%d]: Error reading directory %s: %s",
1281 filename, *lineno, value,
1287 * Read the directory, ignoring "." files.
1289 while ((dp = readdir(dir)) != NULL) {
1292 if (dp->d_name[0] == '.') continue;
1295 * Check for valid characters
1297 for (p = dp->d_name; *p != '\0'; p++) {
1298 if (isalpha((int)*p) ||
1302 (*p == '.')) continue;
1305 if (*p != '\0') continue;
1307 snprintf(buf2, sizeof(buf2), "%s%s",
1309 if ((stat(buf2, &stat_buf) != 0) ||
1310 S_ISDIR(stat_buf.st_mode)) continue;
1312 * Read the file into the current
1313 * configuration sectoin.
1315 if (cf_file_include(buf2, this) < 0) {
1323 { /* it was a normal file */
1324 if (buf1[1] == '-') {
1325 struct stat statbuf;
1327 if (stat(value, &statbuf) < 0) {
1328 DEBUG("WARNING: Not including file %s: %s", value, strerror(errno));
1333 if (cf_file_include(value, this) < 0) {
1338 } /* we were in an include */
1340 if (strcasecmp(buf1, "$template") == 0) {
1342 CONF_SECTION *parentcs;
1343 t2 = getword(&ptr, buf2, sizeof(buf2));
1345 parentcs = cf_top_section(current);
1347 ci = cf_reference_item(parentcs, this, buf2);
1348 if (!ci || (ci->type != CONF_ITEM_SECTION)) {
1349 radlog(L_ERR, "%s[%d]: Reference \"%s\" not found",
1350 filename, *lineno, buf2);
1354 if (this->template) {
1355 radlog(L_ERR, "%s[%d]: Section already has a template",
1360 this->template = cf_itemtosection(ci);
1365 * Ensure that the user can't add CONF_PAIRs
1366 * with 'internal' names;
1368 if (buf1[0] == '_') {
1369 radlog(L_ERR, "%s[%d]: Illegal configuration pair name \"%s\"",
1370 filename, *lineno, buf1);
1375 * Grab the next token.
1377 t2 = gettoken(&ptr, buf2, sizeof(buf2));
1390 if (!this || (strcmp(this->name1, "update") != 0)) {
1391 radlog(L_ERR, "%s[%d]: Invalid operator in assignment",
1399 t3 = getstring(&ptr, buf3, sizeof(buf3));
1402 * Handle variable substitution via ${foo}
1404 if ((t3 == T_BARE_WORD) ||
1405 (t3 == T_DOUBLE_QUOTED_STRING)) {
1406 value = cf_expand_variables(filename, lineno, this,
1408 if (!value) return -1;
1409 } else if ((t3 == T_EOL) ||
1417 * Add this CONF_PAIR to our CONF_SECTION
1419 cpn = cf_pair_alloc(buf1, value, t2, t3, this);
1420 cpn->item.filename = filename;
1421 cpn->item.lineno = *lineno;
1422 cf_item_add(this, cf_pairtoitem(cpn));
1426 * This horrible code is here to support
1427 * if/then/else failover in the
1428 * authorize, etc. sections. It makes no
1429 * sense anywhere else.
1432 if ((strcmp(buf1, "if") == 0) ||
1433 (strcmp(buf1, "elsif") == 0)) {
1434 const char *end = ptr;
1435 CONF_SECTION *server;
1437 if (!condition_looks_ok(&end)) {
1438 radlog(L_ERR, "%s[%d]: Parse error in condition at: %s",
1439 filename, *lineno, ptr);
1443 if ((end - ptr) >= (sizeof(buf2) - 1)) {
1444 radlog(L_ERR, "%s[%d]: Statement too complicated after \"%s\"",
1445 filename, *lineno, buf1);
1450 * More sanity checking. This is
1451 * getting to be a horrible hack.
1455 if (strcmp(server->name1, "server") == 0) break;
1456 server = server->item.parent;
1460 radlog(L_ERR, "%s[%d]: Processing directives such as \"%s\" cannot be used here.",
1461 filename, *lineno, buf1);
1466 memcpy(buf2 + 1, ptr, end - ptr);
1467 buf2[end - ptr + 1] = '\0';
1473 radlog(L_ERR, "%s[%d]: Parse error after \"%s\"",
1474 filename, *lineno, buf1);
1481 * No '=', must be a section or sub-section.
1484 case T_DOUBLE_QUOTED_STRING:
1485 case T_SINGLE_QUOTED_STRING:
1486 t3 = gettoken(&ptr, buf3, sizeof(buf3));
1487 if (t3 != T_LCBRACE) {
1488 radlog(L_ERR, "%s[%d]: Expecting section start brace '{' after \"%s %s\"",
1489 filename, *lineno, buf1, buf2);
1495 css = cf_section_alloc(buf1,
1496 t2 == T_LCBRACE ? NULL : buf2,
1499 radlog(L_ERR, "%s[%d]: Failed allocating memory for section",
1503 cf_item_add(this, cf_sectiontoitem(css));
1504 css->item.filename = filename;
1505 css->item.lineno = *lineno;
1508 * The current section is now the child section.
1514 radlog(L_ERR, "%s[%d]: Parse error after \"%s\"",
1515 filename, *lineno, buf1);
1521 * See if EOF was unexpected ..
1523 if (feof(fp) && (this != current)) {
1524 radlog(L_ERR, "%s[%d]: EOF reached without closing brace for section %s starting at line %d",
1526 cf_section_name1(this), cf_section_lineno(this));
1534 * Include one config file in another.
1536 int cf_file_include(const char *filename, CONF_SECTION *cs)
1540 struct stat statbuf;
1544 DEBUG2( "including configuration file %s", filename);
1546 if (stat(filename, &statbuf) == 0) {
1548 if ((statbuf.st_mode & S_IWOTH) != 0) {
1549 radlog(L_ERR|L_CONS, "Configuration file %s is globally writable. Refusing to start due to insecure configuration.",
1556 if (0 && (statbuf.st_mode & S_IROTH) != 0) {
1557 radlog(L_ERR|L_CONS, "Configuration file %s is globally readable. Refusing to start due to insecure configuration.",
1564 fp = fopen(filename, "r");
1566 radlog(L_ERR|L_CONS, "Unable to open file \"%s\": %s",
1567 filename, strerror(errno));
1572 * Add the filename to the section
1574 mtime = rad_malloc(sizeof(*mtime));
1575 *mtime = statbuf.st_mtime;
1577 if (cf_data_add_internal(cs, filename, mtime, free,
1578 PW_TYPE_FILENAME) < 0) {
1579 radlog(L_ERR|L_CONS, "Internal error open file \"%s\"",
1584 cd = cf_data_find_internal(cs, filename, PW_TYPE_FILENAME);
1586 radlog(L_ERR|L_CONS, "Internal error open file \"%s\"",
1591 if (!cs->item.filename) cs->item.filename = filename;
1594 * Read the section. It's OK to have EOF without a
1595 * matching close brace.
1597 if (cf_section_read(cd->name, &lineno, fp, cs) < 0) {
1607 * Bootstrap a config file.
1609 CONF_SECTION *cf_file_read(const char *filename)
1615 cs = cf_section_alloc("main", NULL, NULL);
1616 if (!cs) return NULL;
1618 cp = cf_pair_alloc("confdir", filename, T_OP_SET, T_BARE_WORD, cs);
1619 if (!cp) return NULL;
1621 p = strrchr(cp->value, '/');
1624 cp->item.filename = "internal";
1625 cp->item.lineno = 0;
1626 cf_item_add(cs, cf_pairtoitem(cp));
1628 if (cf_file_include(filename, cs) < 0) {
1629 cf_section_free(&cs);
1637 * Return a CONF_PAIR within a CONF_SECTION.
1639 CONF_PAIR *cf_pair_find(const CONF_SECTION *cs, const char *name)
1642 CONF_PAIR *cp = NULL;
1644 if (!cs) return NULL;
1647 * Find the name in the tree, for speed.
1653 cp = rbtree_finddata(cs->pair_tree, &mycp);
1656 * Else find the first one that matches
1658 for (ci = cs->children; ci; ci = ci->next) {
1659 if (ci->type == CONF_ITEM_PAIR) {
1660 return cf_itemtopair(ci);
1665 if (cp || !cs->template) return cp;
1667 return cf_pair_find(cs->template, name);
1671 * Return the attr of a CONF_PAIR
1674 char *cf_pair_attr(CONF_PAIR *pair)
1676 return (pair ? pair->attr : NULL);
1680 * Return the value of a CONF_PAIR
1683 char *cf_pair_value(CONF_PAIR *pair)
1685 return (pair ? pair->value : NULL);
1689 * Copied here for error reporting.
1691 extern void librad_log(const char *, ...);
1694 * Turn a CONF_PAIR into a VALUE_PAIR
1695 * For now, ignore the "value_type" field...
1697 VALUE_PAIR *cf_pairtovp(CONF_PAIR *pair)
1703 librad_log("Internal error");
1707 da = dict_attrbyname(pair->attr);
1709 librad_log("Unknown attribute %s", pair->attr);
1714 librad_log("No value given for attribute %s", pair->attr);
1720 librad_log("Out of memory");
1724 vp->operator = pair->operator;
1726 if ((pair->value_type == T_BARE_WORD) ||
1727 (pair->value_type == T_SINGLE_QUOTED_STRING)) {
1728 if (!pairparsevalue(vp, pair->value)) {
1732 vp->flags.do_xlat = 0;
1734 vp->flags.do_xlat = 1;
1741 * Return the first label of a CONF_SECTION
1744 const char *cf_section_name1(const CONF_SECTION *cs)
1746 return (cs ? cs->name1 : NULL);
1750 * Return the second label of a CONF_SECTION
1753 const char *cf_section_name2(const CONF_SECTION *cs)
1755 return (cs ? cs->name2 : NULL);
1759 * Find a value in a CONF_SECTION
1761 char *cf_section_value_find(const CONF_SECTION *cs, const char *attr)
1765 cp = cf_pair_find(cs, attr);
1767 return (cp ? cp->value : NULL);
1771 * Return the next pair after a CONF_PAIR
1772 * with a certain name (char *attr) If the requested
1773 * attr is NULL, any attr matches.
1776 CONF_PAIR *cf_pair_find_next(const CONF_SECTION *cs,
1777 const CONF_PAIR *pair, const char *attr)
1782 * If pair is NULL this must be a first time run
1783 * Find the pair with correct name
1787 return cf_pair_find(cs, attr);
1790 ci = cf_pairtoitem(pair)->next;
1792 for (; ci; ci = ci->next) {
1793 if (ci->type != CONF_ITEM_PAIR)
1795 if (attr == NULL || strcmp(cf_itemtopair(ci)->attr, attr) == 0)
1799 return cf_itemtopair(ci);
1803 * Find a CONF_SECTION, or return the root if name is NULL
1806 CONF_SECTION *cf_section_find(const char *name)
1809 return cf_section_sub_find(mainconfig.config, name);
1811 return mainconfig.config;
1815 * Find a sub-section in a section
1818 CONF_SECTION *cf_section_sub_find(const CONF_SECTION *cs, const char *name)
1823 * Do the fast lookup if possible.
1825 if (name && cs->section_tree) {
1830 return rbtree_finddata(cs->section_tree, &mycs);
1833 for (ci = cs->children; ci; ci = ci->next) {
1834 if (ci->type != CONF_ITEM_SECTION)
1836 if (strcmp(cf_itemtosection(ci)->name1, name) == 0)
1840 return cf_itemtosection(ci);
1846 * Find a CONF_SECTION with both names.
1848 CONF_SECTION *cf_section_sub_find_name2(const CONF_SECTION *cs,
1849 const char *name1, const char *name2)
1853 if (!cs) cs = mainconfig.config;
1855 if (name1 && (cs->section_tree)) {
1856 CONF_SECTION mycs, *master_cs;
1861 master_cs = rbtree_finddata(cs->section_tree, &mycs);
1863 return rbtree_finddata(master_cs->name2_tree, &mycs);
1868 * Else do it the old-fashioned way.
1870 for (ci = cs->children; ci; ci = ci->next) {
1871 CONF_SECTION *subcs;
1873 if (ci->type != CONF_ITEM_SECTION)
1876 subcs = cf_itemtosection(ci);
1878 if (!subcs->name2) {
1879 if (strcmp(subcs->name1, name2) == 0) break;
1881 if (strcmp(subcs->name2, name2) == 0) break;
1883 continue; /* don't do the string comparisons below */
1886 if ((strcmp(subcs->name1, name1) == 0) &&
1887 (subcs->name2 != NULL) &&
1888 (strcmp(subcs->name2, name2) == 0))
1892 return cf_itemtosection(ci);
1896 * Return the next subsection after a CONF_SECTION
1897 * with a certain name1 (char *name1). If the requested
1898 * name1 is NULL, any name1 matches.
1901 CONF_SECTION *cf_subsection_find_next(CONF_SECTION *section,
1902 CONF_SECTION *subsection,
1908 * If subsection is NULL this must be a first time run
1909 * Find the subsection with correct name
1912 if (subsection == NULL){
1913 ci = section->children;
1915 ci = cf_sectiontoitem(subsection)->next;
1918 for (; ci; ci = ci->next) {
1919 if (ci->type != CONF_ITEM_SECTION)
1921 if ((name1 == NULL) ||
1922 (strcmp(cf_itemtosection(ci)->name1, name1) == 0))
1926 return cf_itemtosection(ci);
1931 * Return the next section after a CONF_SECTION
1932 * with a certain name1 (char *name1). If the requested
1933 * name1 is NULL, any name1 matches.
1936 CONF_SECTION *cf_section_find_next(CONF_SECTION *section,
1937 CONF_SECTION *subsection,
1940 if (!section->item.parent) return NULL;
1942 return cf_subsection_find_next(section->item.parent, subsection, name1);
1946 * Return the next item after a CONF_ITEM.
1949 CONF_ITEM *cf_item_find_next(CONF_SECTION *section, CONF_ITEM *item)
1952 * If item is NULL this must be a first time run
1953 * Return the first item
1957 return section->children;
1963 int cf_section_lineno(CONF_SECTION *section)
1965 return cf_sectiontoitem(section)->lineno;
1968 const char *cf_pair_filename(CONF_PAIR *pair)
1970 return cf_pairtoitem(pair)->filename;
1973 const char *cf_section_filename(CONF_SECTION *section)
1975 return cf_sectiontoitem(section)->filename;
1978 int cf_pair_lineno(CONF_PAIR *pair)
1980 return cf_pairtoitem(pair)->lineno;
1983 int cf_item_is_section(CONF_ITEM *item)
1985 return item->type == CONF_ITEM_SECTION;
1987 int cf_item_is_pair(CONF_ITEM *item)
1989 return item->type == CONF_ITEM_PAIR;
1993 static CONF_DATA *cf_data_alloc(CONF_SECTION *parent, const char *name,
1994 void *data, void (*data_free)(void *))
1998 cd = rad_malloc(sizeof(*cd));
1999 memset(cd, 0, sizeof(*cd));
2001 cd->item.type = CONF_ITEM_DATA;
2002 cd->item.parent = parent;
2003 cd->name = strdup(name);
2005 cd->free = data_free;
2011 static void *cf_data_find_internal(CONF_SECTION *cs, const char *name,
2014 if (!cs || !name) return NULL;
2017 * Find the name in the tree, for speed.
2019 if (cs->data_tree) {
2024 return rbtree_finddata(cs->data_tree, &mycd);
2031 * Find data from a particular section.
2033 void *cf_data_find(CONF_SECTION *cs, const char *name)
2035 CONF_DATA *cd = cf_data_find_internal(cs, name, 0);
2037 if (cd) return cd->data;
2043 * Add named data to a configuration section.
2045 static int cf_data_add_internal(CONF_SECTION *cs, const char *name,
2046 void *data, void (*data_free)(void *),
2051 if (!cs || !name) return -1;
2054 * Already exists. Can't add it.
2056 if (cf_data_find_internal(cs, name, flag) != NULL) return -1;
2058 cd = cf_data_alloc(cs, name, data, data_free);
2062 cf_item_add(cs, cf_datatoitem(cd));
2068 * Add named data to a configuration section.
2070 int cf_data_add(CONF_SECTION *cs, const char *name,
2071 void *data, void (*data_free)(void *))
2073 return cf_data_add_internal(cs, name, data, data_free, 0);
2078 * Copy CONF_DATA from src to dst
2080 static void cf_section_copy_data(CONF_SECTION *s, CONF_SECTION *d)
2083 CONF_ITEM *cd, *next, **last;
2086 * Don't check if s->data_tree is NULL. It's child
2087 * sections may have data, even if this section doesn't.
2090 rad_assert(d->data_tree == NULL);
2091 d->data_tree = s->data_tree;
2092 s->data_tree = NULL;
2095 * Walk through src, moving CONF_ITEM_DATA
2098 last = &(s->children);
2099 for (cd = s->children; cd != NULL; cd = next) {
2103 * Recursively copy data from child sections.
2105 if (cd->type == CONF_ITEM_SECTION) {
2106 CONF_SECTION *s1, *d1;
2108 s1 = cf_itemtosection(cd);
2109 d1 = cf_section_sub_find_name2(d, s1->name1, s1->name2);
2111 cf_section_copy_data(s1, d1);
2118 * Not conf data, remember last ptr.
2120 if (cd->type != CONF_ITEM_DATA) {
2126 * Remove it from the src list
2132 * Add it to the dst list
2135 rad_assert(d->tail == NULL);
2138 rad_assert(d->tail != NULL);
2146 * For a CONF_DATA element, stat the filename, if necessary.
2148 static int filename_stat(void *context, void *data)
2151 CONF_DATA *cd = data;
2153 context = context; /* -Wunused */
2155 if (cd->flag != PW_TYPE_FILENAME) return 0;
2157 if (stat(cd->name, &buf) < 0) return -1;
2159 if (buf.st_mtime != *(time_t *) cd->data) return -1;
2166 * Compare two CONF_SECTIONS. The items MUST be in the same
2169 static int cf_section_cmp(CONF_SECTION *a, CONF_SECTION *b)
2171 CONF_ITEM *ca = a->children;
2172 CONF_ITEM *cb = b->children;
2180 if (!ca && !cb) break;
2185 if (ca && ca->type == CONF_ITEM_DATA) {
2189 if (cb && cb->type == CONF_ITEM_DATA) {
2195 * One is smaller than the other. Exit.
2197 if (!ca || !cb) return 0;
2199 if (ca->type != cb->type) return 0;
2202 * Deal with subsections.
2204 if (ca->type == CONF_ITEM_SECTION) {
2205 CONF_SECTION *sa = cf_itemtosection(ca);
2206 CONF_SECTION *sb = cf_itemtosection(cb);
2208 if (!cf_section_cmp(sa, sb)) return 0;
2212 rad_assert(ca->type == CONF_ITEM_PAIR);
2214 pa = cf_itemtopair(ca);
2215 pb = cf_itemtopair(cb);
2218 * Different attr and/or value, Exit.
2220 if ((strcmp(pa->attr, pb->attr) != 0) ||
2221 (strcmp(pa->value, pb->value) != 0)) return 0;
2225 * And go to the next element.
2233 * Walk over the CONF_DATA, stat'ing PW_TYPE_FILENAME.
2236 (rbtree_walk(a->data_tree, InOrder, filename_stat, NULL) != 0)) {
2241 * They must be the same, say so.
2248 * Migrate CONF_DATA from one section to another.
2250 int cf_section_migrate(CONF_SECTION *dst, CONF_SECTION *src)
2253 CONF_SECTION *s, *d;
2255 for (ci = src->children; ci != NULL; ci = ci->next) {
2256 if (ci->type != CONF_ITEM_SECTION)
2259 s = cf_itemtosection(ci);
2260 d = cf_section_sub_find_name2(dst, s->name1, s->name2);
2262 if (!d) continue; /* not in new one, don't migrate it */
2265 * A section of the same name is in BOTH src & dst,
2266 * compare the CONF_PAIR's. If they're all the same,
2267 * then copy the CONF_DATA from one to the other.
2269 if (cf_section_cmp(s, d)) {
2270 cf_section_copy_data(s, d);
2274 return 1; /* rcode means anything? */
2277 int cf_section_template(CONF_SECTION *cs, CONF_SECTION *template)
2279 if (!cs || !template || cs->template || template->template) return -1;
2281 cs->template = template;
2288 * This is here to make the rest of the code easier to read. It
2289 * ties conffile.c to log.c, but it means we don't have to
2292 void cf_log_err(CONF_ITEM *ci, const char *fmt, ...)
2298 vsnprintf(buffer, sizeof(buffer), fmt, ap);
2301 radlog(L_ERR, "%s[%d]: %s", ci->filename, ci->lineno, buffer);
2307 * JMG dump_config tries to dump the config structure in a readable format
2311 static int dump_config_section(CONF_SECTION *cs, int indent)
2317 /* The DEBUG macro doesn't let me
2318 * for(i=0;i<indent;++i) debugputchar('\t');
2319 * so I had to get creative. --Pac. */
2321 for (ci = cs->children; ci; ci = ci->next) {
2323 case CONF_ITEM_PAIR:
2324 cp=cf_itemtopair(ci);
2325 DEBUG("%.*s%s = %s",
2326 indent, "\t\t\t\t\t\t\t\t\t\t\t",
2327 cp->attr, cp->value);
2330 case CONF_ITEM_SECTION:
2331 scs=cf_itemtosection(ci);
2332 DEBUG("%.*s%s %s%s{",
2333 indent, "\t\t\t\t\t\t\t\t\t\t\t",
2335 scs->name2 ? scs->name2 : "",
2336 scs->name2 ? " " : "");
2337 dump_config_section(scs, indent+1);
2339 indent, "\t\t\t\t\t\t\t\t\t\t\t");
2342 default: /* FIXME: Do more! */
2350 int dump_config(CONF_SECTION *cs)
2352 return dump_config_section(cs, 0);