2 * conffile.c Read the radiusd.conf file.
4 * Yep I should learn to use lex & yacc, or at least
5 * write a decent parser. I know how to do that, really :)
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License as published by
12 * the Free Software Foundation; either version 2 of the License, or
13 * (at your option) any later version.
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 * GNU General Public License for more details.
20 * You should have received a copy of the GNU General Public License
21 * along with this program; if not, write to the Free Software
22 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
24 * Copyright 2000,2006 The FreeRADIUS server project
25 * Copyright 2000 Miquel van Smoorenburg <miquels@cistron.nl>
26 * Copyright 2000 Alan DeKok <aland@ox.org>
29 #include <freeradius-devel/ident.h>
32 #include <freeradius-devel/radiusd.h>
33 #include <freeradius-devel/rad_assert.h>
38 #ifdef HAVE_SYS_STAT_H
45 typedef enum conf_type {
46 CONF_ITEM_INVALID = 0,
53 struct conf_item *next;
54 struct conf_part *parent;
63 LRAD_TOKEN value_type;
69 struct conf_item *children;
70 struct conf_item *tail; /* for speed */
71 CONF_SECTION *template;
72 rbtree_t *pair_tree; /* and a partridge.. */
73 rbtree_t *section_tree; /* no jokes here */
74 rbtree_t *name2_tree; /* for sections of the same name2 */
78 const CONF_PARSER *variables;
83 * Internal data that is associated with a configuration section,
84 * so that we don't have to track it separately.
90 void *data; /* user data */
91 void (*free)(void *); /* free user data function */
95 static int cf_data_add_internal(CONF_SECTION *cs, const char *name,
96 void *data, void (*data_free)(void *),
98 static void *cf_data_find_internal(CONF_SECTION *cs, const char *name,
102 * Isolate the scary casts in these tiny provably-safe functions
104 CONF_PAIR *cf_itemtopair(CONF_ITEM *ci)
108 rad_assert(ci->type == CONF_ITEM_PAIR);
109 return (CONF_PAIR *)ci;
111 CONF_SECTION *cf_itemtosection(CONF_ITEM *ci)
115 rad_assert(ci->type == CONF_ITEM_SECTION);
116 return (CONF_SECTION *)ci;
118 CONF_ITEM *cf_pairtoitem(CONF_PAIR *cp)
122 return (CONF_ITEM *)cp;
124 CONF_ITEM *cf_sectiontoitem(CONF_SECTION *cs)
128 return (CONF_ITEM *)cs;
131 static CONF_DATA *cf_itemtodata(CONF_ITEM *ci)
135 rad_assert(ci->type == CONF_ITEM_DATA);
136 return (CONF_DATA *)ci;
138 static CONF_ITEM *cf_datatoitem(CONF_DATA *cd)
142 return (CONF_ITEM *)cd;
146 * Create a new CONF_PAIR
148 static CONF_PAIR *cf_pair_alloc(const char *attr, const char *value,
149 LRAD_TOKEN operator, LRAD_TOKEN value_type,
150 CONF_SECTION *parent)
154 cp = rad_malloc(sizeof(*cp));
155 memset(cp, 0, sizeof(*cp));
156 cp->item.type = CONF_ITEM_PAIR;
157 cp->item.parent = parent;
158 cp->attr = strdup(attr);
159 cp->value = strdup(value);
160 cp->value_type = value_type;
161 cp->operator = operator;
169 void cf_pair_free(CONF_PAIR **cp)
171 if (!cp || !*cp) return;
179 memset(*cp, 0, sizeof(*cp));
187 static void cf_data_free(CONF_DATA **cd)
189 if (!cd || !*cd) return;
191 if ((*cd)->flag != 0) free((*cd)->name);
195 ((*cd)->free)((*cd)->data);
198 memset(*cd, 0, sizeof(*cd));
205 * rbtree callback function
207 static int pair_cmp(const void *a, const void *b)
209 const CONF_PAIR *one = a;
210 const CONF_PAIR *two = b;
212 return strcmp(one->attr, two->attr);
217 * rbtree callback function
219 static int section_cmp(const void *a, const void *b)
221 const CONF_SECTION *one = a;
222 const CONF_SECTION *two = b;
224 return strcmp(one->name1, two->name1);
229 * rbtree callback function
231 static int name2_cmp(const void *a, const void *b)
233 const CONF_SECTION *one = a;
234 const CONF_SECTION *two = b;
236 rad_assert(strcmp(one->name1, two->name1) == 0);
238 if (!one->name2 && !two->name2) return 0;
239 if (!one->name2) return -1;
240 if (!two->name2) return +1;
242 return strcmp(one->name2, two->name2);
247 * rbtree callback function
249 static int data_cmp(const void *a, const void *b)
253 const CONF_DATA *one = a;
254 const CONF_DATA *two = b;
256 rcode = one->flag - two->flag;
257 if (rcode != 0) return rcode;
259 return strcmp(one->name, two->name);
264 * Free strings we've parsed into data structures.
266 static void cf_section_parse_free(void *base, const CONF_PARSER *variables)
271 * Don't automatically free the strings if we're being
272 * called from a module. This is also for clients.c,
273 * where client_free() expects to be able to free the
274 * client structure. If we moved everything to key off
275 * of the config files, we might solve some problems...
277 if (!variables) return;
280 * Free up dynamically allocated string pointers.
282 for (i = 0; variables[i].name != NULL; i++) {
285 if ((variables[i].type != PW_TYPE_STRING_PTR) &&
286 (variables[i].type != PW_TYPE_FILENAME)) {
291 * No base struct offset, data must be the pointer.
292 * If data doesn't exist, ignore the entry, there
293 * must be something wrong.
296 if (!variables[i].data) {
300 p = (char **) variables[i].data;;
302 } else if (variables[i].data) {
303 p = (char **) variables[i].data;;
306 p = (char **) (((char *)base) + variables[i].offset);
316 * Free a CONF_SECTION
318 void cf_section_free(CONF_SECTION **cs)
320 CONF_ITEM *ci, *next;
322 if (!cs || !*cs) return;
324 if ((*cs)->variables) {
325 cf_section_parse_free((*cs)->base, (*cs)->variables);
328 for (ci = (*cs)->children; ci; ci = next) {
332 case CONF_ITEM_PAIR: {
333 CONF_PAIR *pair = cf_itemtopair(ci);
338 case CONF_ITEM_SECTION: {
339 CONF_SECTION *section = cf_itemtosection(ci);
340 cf_section_free(§ion);
344 case CONF_ITEM_DATA: {
345 CONF_DATA *data = cf_itemtodata(ci);
350 default: /* should really be an error. */
359 if ((*cs)->pair_tree)
360 rbtree_free((*cs)->pair_tree);
361 if ((*cs)->section_tree)
362 rbtree_free((*cs)->section_tree);
363 if ((*cs)->name2_tree)
364 rbtree_free((*cs)->name2_tree);
365 if ((*cs)->data_tree)
366 rbtree_free((*cs)->data_tree);
369 * And free the section
372 memset(*cs, 0, sizeof(*cs));
381 * Allocate a CONF_SECTION
383 static CONF_SECTION *cf_section_alloc(const char *name1, const char *name2,
384 CONF_SECTION *parent)
388 if (!name1) return NULL;
390 cs = rad_malloc(sizeof(*cs));
391 memset(cs, 0, sizeof(*cs));
392 cs->item.type = CONF_ITEM_SECTION;
393 cs->item.parent = parent;
394 cs->name1 = strdup(name1);
396 cf_section_free(&cs);
400 if (name2 && *name2) {
401 cs->name2 = strdup(name2);
403 cf_section_free(&cs);
407 cs->pair_tree = rbtree_create(pair_cmp, NULL, 0);
408 if (!cs->pair_tree) {
409 cf_section_free(&cs);
414 * Don't create a data tree, it may not be needed.
418 * Don't create the section tree here, it may not
422 if (parent) cs->depth = parent->depth + 1;
429 * Add an item to a configuration section.
431 static void cf_item_add(CONF_SECTION *cs, CONF_ITEM *ci)
434 rad_assert(cs->tail == NULL);
437 rad_assert(cs->tail != NULL);
442 * Update the trees (and tail) for each item added.
444 for (/* nothing */; ci != NULL; ci = ci->next) {
448 * For fast lookups, pair's and sections get
453 rbtree_insert(cs->pair_tree, ci);
456 case CONF_ITEM_SECTION: {
457 const CONF_SECTION *cs_new = cf_itemtosection(ci);
459 if (!cs->section_tree) {
460 cs->section_tree = rbtree_create(section_cmp, NULL, 0);
461 /* ignore any errors */
464 if (cs->section_tree) {
465 rbtree_insert(cs->section_tree, cs_new); }
468 * Two names: find the named instance.
471 CONF_SECTION *old_cs;
475 * CONF_SECTION having
476 * the given name1, and
480 old_cs = rbtree_finddata(cs->section_tree, cs_new);
481 if (!old_cs) return; /* this is a bad error! */
483 if (!old_cs->name2_tree) {
484 old_cs->name2_tree = rbtree_create(name2_cmp,
487 if (old_cs->name2_tree) {
488 rbtree_insert(old_cs->name2_tree, cs_new);
492 } /* was a section */
495 if (!cs->data_tree) {
496 cs->data_tree = rbtree_create(data_cmp, NULL, 0);
499 rbtree_insert(cs->data_tree, ci);
503 default: /* FIXME: assert & error! */
506 } /* switch over conf types */
511 * Expand the variables in an input string.
513 static const char *cf_expand_variables(const char *cf, int *lineno,
514 const CONF_SECTION *outercs,
515 char *output, const char *input)
518 const char *end, *ptr;
520 const CONF_SECTION *parentcs;
523 * Find the master parent conf section.
524 * We can't use mainconfig.config, because we're in the
525 * process of re-building it, and it isn't set up yet...
527 for (parentcs = outercs;
528 parentcs->item.parent != NULL;
529 parentcs = parentcs->item.parent) {
537 * Ignore anything other than "${"
539 if ((*ptr == '$') && (ptr[1] == '{')) {
542 const CONF_SECTION *cs;
545 * FIXME: Add support for ${foo:-bar},
550 * Look for trailing '}', and log a
551 * warning for anything that doesn't match,
552 * and exit with a fatal error.
554 end = strchr(ptr, '}');
557 radlog(L_INFO, "%s[%d]: Variable expansion missing }",
568 * ${.foo} means "foo from the current section"
576 * ${..foo} means "foo from the section
577 * enclosing this section" (etc.)
579 while (*ptr == '.') {
581 cs = cs->item.parent;
588 * ${foo} is local, with
589 * main as lower priority
594 * ${foo.bar.baz} is always rooted
597 for (q = ptr; *q && q != end; q++) {
609 * Find the next section.
612 (*ptr != 0) && (*ptr != '.') &&
620 * The character is a '.', find a
621 * section (as the user has given
622 * us a subsection to find)
627 ptr++; /* skip the period */
630 * Find the sub-section.
632 next = cf_section_sub_find(cs, name);
634 radlog(L_ERR, "config: No such section %s in variable %s", name, input);
639 } else { /* no period, must be a conf-part */
641 * Find in the current referenced
644 cp = cf_pair_find(cs, name);
647 * It it was NOT ${..foo}
649 * top-level config items.
651 if (!up) cp = cf_pair_find(parentcs, name);
654 radlog(L_ERR, "config: No such configuration item %s in section %s when expanding string \"%s\"", name,
655 cf_section_name1(cs),
660 } /* until cp is non-NULL */
663 * Substitute the value of the variable.
665 strcpy(p, cp->value);
669 } else if (memcmp(ptr, "$ENV{", 5) == 0) {
675 * Look for trailing '}', and log a
676 * warning for anything that doesn't match,
677 * and exit with a fatal error.
679 end = strchr(ptr, '}');
682 radlog(L_INFO, "%s[%d]: Environment variable expansion missing }",
687 memcpy(name, ptr, end - ptr);
688 name[end - ptr] = '\0';
691 * Get the environment variable.
692 * If none exists, then make it an empty string.
706 * Copy it over verbatim.
710 } /* loop over all of the input string. */
719 * Parses an item (not a CONF_ITEM) into the specified format,
720 * with a default value.
722 * Returns -1 on error, 0 for correctly parsed, and 1 if the
723 * default value was used. Note that the default value will be
724 * used ONLY if the CONF_PAIR is NULL.
726 int cf_item_parse(CONF_SECTION *cs, const char *name,
727 int type, void *data, const char *dflt)
732 lrad_ipaddr_t ipaddr;
736 cp = cf_pair_find(cs, name);
741 return 1; /* nothing to parse, return default value */
749 case PW_TYPE_BOOLEAN:
751 * Allow yes/no and on/off
753 if ((strcasecmp(value, "yes") == 0) ||
754 (strcasecmp(value, "on") == 0)) {
756 } else if ((strcasecmp(value, "no") == 0) ||
757 (strcasecmp(value, "off") == 0)) {
761 radlog(L_ERR, "Bad value \"%s\" for boolean variable %s", value, name);
764 DEBUG2("\t%s = %s", name, value);
767 case PW_TYPE_INTEGER:
768 *(int *)data = strtol(value, 0, 0);
769 DEBUG2("\t%s = %d", name, *(int *)data);
772 case PW_TYPE_STRING_PTR:
779 * Expand variables which haven't already been
780 * expanded automagically when the configuration
786 int lineno = cs->item.lineno;
789 * FIXME: sizeof(buffer)?
791 value = cf_expand_variables("?",
794 if (!value) return -1;
797 DEBUG2("\t%s = \"%s\"", name, value ? value : "(null)");
798 *q = value ? strdup(value) : NULL;
802 * This is the same as PW_TYPE_STRING_PTR,
803 * except that we also "stat" the file, and
806 case PW_TYPE_FILENAME:
813 * Expand variables which haven't already been
814 * expanded automagically when the configuration
820 int lineno = cs->item.lineno;
823 * FIXME: sizeof(buffer)?
825 value = cf_expand_variables("?",
828 if (!value) return -1;
831 DEBUG2("\t%s = \"%s\"", name, value ? value : "(null)");
832 *q = value ? strdup(value) : NULL;
835 * And now we "stat" the file.
840 if (stat(*q, &buf) == 0) {
843 mtime = rad_malloc(sizeof(*mtime));
844 *mtime = buf.st_mtime;
846 cf_data_add_internal(cs, *q, mtime, free,
854 * Allow '*' as any address
856 if (strcmp(value, "*") == 0) {
857 *(uint32_t *) data = htonl(INADDR_ANY);
858 DEBUG2("\t%s = *", name);
861 if (ip_hton(value, AF_INET, &ipaddr) < 0) {
862 radlog(L_ERR, "Can't find IP address for host %s", value);
865 DEBUG2("\t%s = %s IP address [%s]", name, value,
866 ip_ntoh(&ipaddr, ipbuf, sizeof(ipbuf)));
867 *(uint32_t *) data = ipaddr.ipaddr.ip4addr.s_addr;
870 case PW_TYPE_IPV6ADDR:
871 if (ip_hton(value, AF_INET6, &ipaddr) < 0) {
872 radlog(L_ERR, "Can't find IPv6 address for host %s", value);
875 DEBUG2("\t%s = %s IPv6 address [%s]", name, value,
876 ip_ntoh(&ipaddr, ipbuf, sizeof(ipbuf)));
877 memcpy(data, &ipaddr.ipaddr.ip6addr,
878 sizeof(ipaddr.ipaddr.ip6addr));
882 radlog(L_ERR, "type %d not supported yet", type);
885 } /* switch over variable type */
890 static const char *parse_spaces = " ";
893 * Parse a configuration section into user-supplied variables.
895 int cf_section_parse(CONF_SECTION *cs, void *base,
896 const CONF_PARSER *variables)
902 DEBUG2("%.*s%s {", cs->depth, parse_spaces,
905 DEBUG2("%.*s%s %s {", cs->depth, parse_spaces,
906 cs->name1, cs->name2);
910 * Handle the known configuration parameters.
912 for (i = 0; variables[i].name != NULL; i++) {
914 * Handle subsections specially
916 if (variables[i].type == PW_TYPE_SUBSECTION) {
917 const CONF_SECTION *subcs;
918 subcs = cf_section_sub_find(cs, variables[i].name);
921 * If the configuration section is NOT there,
924 * FIXME! This is probably wrong... we should
925 * probably set the items to their default values.
927 if (!subcs) continue;
929 if (!variables[i].dflt) {
930 DEBUG2("Internal sanity check 1 failed in cf_section_parse");
934 if (cf_section_parse(subcs, base,
935 (const CONF_PARSER *) variables[i].dflt) < 0) {
939 } /* else it's a CONF_PAIR */
941 if (variables[i].data) {
942 data = variables[i].data; /* prefer this. */
944 data = ((char *)base) + variables[i].offset;
946 DEBUG2("Internal sanity check 2 failed in cf_section_parse");
951 * Parse the pair we found, or a default value.
953 if (cf_item_parse(cs, variables[i].name, variables[i].type,
954 data, variables[i].dflt) < 0) {
957 } /* for all variables in the configuration section */
959 DEBUG2("%.*s}", cs->depth, parse_spaces);
962 cs->variables = variables;
967 DEBUG2("%.*s}", cs->depth, parse_spaces);
968 cf_section_parse_free(base, variables);
974 * Sanity check the "if" or "elsif", presuming that the first '('
975 * has already been eaten.
977 * We're not really parsing it here, just checking if it's mostly
980 static int condition_looks_ok(const char **ptr)
984 const char *p = *ptr;
996 return 0; /* no trailing slash */
1008 return 0; /* no trailing slash */
1019 if (num_braces == 1) {
1020 const char *q = p + 1;
1023 * Validate that there isn't much
1024 * else after the closing brace.
1026 while ((*q == ' ') || (*q == '\t')) q++;
1035 *ptr = p + 1; /* include the trailing ')' */
1060 * Read a part of the config file.
1062 static int cf_section_read(const char *file, int *lineno, FILE *fp,
1063 CONF_SECTION *current)
1066 CONF_SECTION *this, *css;
1078 this = current; /* add items here */
1081 * Read, checking for line continuations ('\\' at EOL)
1087 * Get data, and remember if we are at EOF.
1089 eof = (fgets(cbuf, sizeof(buf) - (cbuf - buf), fp) == NULL);
1095 * We've filled the buffer, and there isn't
1098 if ((cbuf[len - 1] != '\n') && !feof(fp)) {
1099 radlog(L_ERR, "%s[%d]: Line too long",
1105 * Check for continuations.
1107 if (cbuf[len - 1] == '\n') len--;
1110 * Last character is '\\'. Over-write it,
1111 * and read another line.
1113 if ((len > 0) && (cbuf[len - 1] == '\\')) {
1114 if (len >= (sizeof(buf) - 5)) {
1115 radlog(L_ERR, "%s[%d]: Line too long",
1120 cbuf[len - 1] = '\0';
1126 * We're at EOF, and haven't read anything. Stop.
1128 if (eof && (cbuf == buf)) {
1133 t1 = gettoken(&ptr, buf1, sizeof(buf1));
1135 if ((*buf1 == '#') || (*buf1 == '\0')) {
1140 * The caller eats "name1 name2 {", and calls us
1141 * for the data inside of the section. So if we
1142 * receive a closing brace, then it must mean the
1143 * end of the section.
1145 if (t1 == T_RCBRACE) {
1146 if (this == current) {
1147 radlog(L_ERR, "%s[%d]: Too many closing braces",
1152 this = this->item.parent;
1157 * Allow for $INCLUDE files
1159 * This *SHOULD* work for any level include.
1160 * I really really really hate this file. -cparker
1162 if (strcasecmp(buf1, "$INCLUDE") == 0) {
1163 t2 = getword(&ptr, buf2, sizeof(buf2));
1165 value = cf_expand_variables(file, lineno, this, buf, buf2);
1166 if (!value) return -1;
1168 #ifdef HAVE_DIRENT_H
1172 * Include ALL non-"dot" files in the directory.
1175 if (value[strlen(value) - 1] == '/') {
1178 struct stat stat_buf;
1180 DEBUG2( "Config: including files in directory: %s", value );
1181 dir = opendir(value);
1183 radlog(L_ERR, "%s[%d]: Error reading directory %s: %s",
1184 file, *lineno, value,
1190 * Read the directory, ignoring "." files.
1192 while ((dp = readdir(dir)) != NULL) {
1195 if (dp->d_name[0] == '.') continue;
1198 * Check for valid characters
1200 for (p = dp->d_name; *p != '\0'; p++) {
1201 if (isalpha((int)*p) ||
1204 (*p == '.')) continue;
1207 if (*p != '\0') continue;
1209 snprintf(buf2, sizeof(buf2), "%s%s",
1211 if ((stat(buf2, &stat_buf) != 0) ||
1212 S_ISDIR(stat_buf.st_mode)) continue;
1214 * Read the file into the current
1215 * configuration sectoin.
1217 if (cf_file_include(buf2, this) < 0) {
1225 { /* it was a normal file */
1226 if (cf_file_include(value, this) < 0) {
1231 } /* we were in an include */
1234 * Ensure that the user can't add CONF_PAIRs
1235 * with 'internal' names;
1237 if (buf1[0] == '_') {
1238 radlog(L_ERR, "%s[%d]: Illegal configuration pair name \"%s\"",
1239 file, *lineno, buf1);
1244 * Grab the next token.
1246 t2 = gettoken(&ptr, buf2, sizeof(buf2));
1257 if (!this || (strcmp(this->name1, "update") != 0)) {
1258 radlog(L_ERR, "%s[%d]: Invalid operator in assignment",
1266 t3 = getstring(&ptr, buf3, sizeof(buf3));
1269 * Handle variable substitution via ${foo}
1271 if ((t3 == T_BARE_WORD) ||
1272 (t3 == T_DOUBLE_QUOTED_STRING)) {
1273 value = cf_expand_variables(file, lineno, this,
1275 if (!value) return -1;
1281 * Add this CONF_PAIR to our CONF_SECTION
1283 cpn = cf_pair_alloc(buf1, value, t2, t3, this);
1284 cpn->item.lineno = *lineno;
1285 cf_item_add(this, cf_pairtoitem(cpn));
1289 * This horrible code is here to support
1290 * if/then/else failover in the
1291 * authorize, etc. sections. It makes no
1292 * sense anywhere else.
1295 if ((strcmp(buf1, "if") == 0) ||
1296 (strcmp(buf1, "elsif") == 0)) {
1297 const char *end = ptr;
1299 if (!condition_looks_ok(&end)) {
1300 radlog(L_ERR, "%s[%d]: Parse error in condition at: %s",
1301 file, *lineno, ptr);
1305 if ((end - ptr) >= (sizeof(buf2) - 1)) {
1306 radlog(L_ERR, "%s[%d]: Statement too complicated after \"%s\"",
1307 file, *lineno, buf1);
1311 memcpy(buf2 + 1, ptr, end - ptr);
1312 buf2[end - ptr + 1] = '\0';
1318 radlog(L_ERR, "%s[%d]: Parse error after \"%s\"",
1319 file, *lineno, buf1);
1325 * No '=', must be a section or sub-section.
1328 case T_DOUBLE_QUOTED_STRING:
1329 case T_SINGLE_QUOTED_STRING:
1330 t3 = gettoken(&ptr, buf3, sizeof(buf3));
1331 if (t3 != T_LCBRACE) {
1332 radlog(L_ERR, "%s[%d]: Expecting section start brace '{' after \"%s %s\"",
1333 file, *lineno, buf1, buf2);
1339 css = cf_section_alloc(buf1,
1340 t2 == T_LCBRACE ? NULL : buf2,
1343 radlog(L_ERR, "%s[%d]: Failed allocating memory for section",
1347 cf_item_add(this, cf_sectiontoitem(css));
1348 css->item.lineno = *lineno;
1351 * The current section is now the child section.
1357 radlog(L_ERR, "%s[%d]: Parse error after \"%s\"",
1358 file, *lineno, buf1);
1364 * See if EOF was unexpected ..
1366 if (feof(fp) && (this != current)) {
1367 radlog(L_ERR, "%s[%d]: EOF reached without closing brace for section %s starting at line %d",
1369 cf_section_name1(this), cf_section_lineno(this));
1377 * Include one config file in another.
1379 int cf_file_include(const char *file, CONF_SECTION *cs)
1383 struct stat statbuf;
1386 DEBUG2( "Config: including file: %s", file);
1388 if (stat(file, &statbuf) == 0) {
1390 if ((statbuf.st_mode & S_IWOTH) != 0) {
1391 radlog(L_ERR|L_CONS, "Configuration file %s is globally writable. Refusing to start due to insecure configuration.",
1398 if (0 && (statbuf.st_mode & S_IROTH) != 0) {
1399 radlog(L_ERR|L_CONS, "Configuration file %s is globally readable. Refusing to start due to insecure configuration.",
1406 fp = fopen(file, "r");
1408 radlog(L_ERR|L_CONS, "Unable to open file \"%s\": %s",
1409 file, strerror(errno));
1414 * Read the section. It's OK to have EOF without a
1415 * matching close brace.
1417 if (cf_section_read(file, &lineno, fp, cs) < 0) {
1423 * Add the filename to the section
1425 mtime = rad_malloc(sizeof(*mtime));
1426 *mtime = statbuf.st_mtime;
1428 cf_data_add_internal(cs, file, mtime, free,
1436 * Bootstrap a config file.
1438 CONF_SECTION *cf_file_read(const char *file)
1442 cs = cf_section_alloc("main", NULL, NULL);
1443 if (!cs) return NULL;
1445 if (cf_file_include(file, cs) < 0) {
1446 cf_section_free(&cs);
1454 * Return a CONF_PAIR within a CONF_SECTION.
1456 CONF_PAIR *cf_pair_find(const CONF_SECTION *cs, const char *name)
1459 CONF_PAIR *cp = NULL;
1461 if (!cs) cs = mainconfig.config;
1464 * Find the name in the tree, for speed.
1470 cp = rbtree_finddata(cs->pair_tree, &mycp);
1473 * Else find the first one that matches
1475 for (ci = cs->children; ci; ci = ci->next) {
1476 if (ci->type == CONF_ITEM_PAIR) {
1477 return cf_itemtopair(ci);
1482 if (cp || !cs->template) return cp;
1484 return cf_pair_find(cs->template, name);
1488 * Return the attr of a CONF_PAIR
1491 char *cf_pair_attr(CONF_PAIR *pair)
1493 return (pair ? pair->attr : NULL);
1497 * Return the value of a CONF_PAIR
1500 char *cf_pair_value(CONF_PAIR *pair)
1502 return (pair ? pair->value : NULL);
1506 * Copied here for error reporting.
1508 extern void librad_log(const char *, ...);
1511 * Turn a CONF_PAIR into a VALUE_PAIR
1512 * For now, ignore the "value_type" field...
1514 VALUE_PAIR *cf_pairtovp(CONF_PAIR *pair)
1520 librad_log("Internal error");
1524 da = dict_attrbyname(pair->attr);
1526 librad_log("Unknown attribute %s", pair->attr);
1531 librad_log("No value given for attribute %s", pair->attr);
1537 librad_log("Out of memory");
1541 vp->operator = pair->operator;
1543 if ((pair->value_type == T_BARE_WORD) ||
1544 (pair->value_type == T_SINGLE_QUOTED_STRING)) {
1545 if (!pairparsevalue(vp, pair->value)) {
1549 vp->flags.do_xlat = 0;
1551 vp->flags.do_xlat = 1;
1558 * Return the first label of a CONF_SECTION
1561 const char *cf_section_name1(const CONF_SECTION *cs)
1563 return (cs ? cs->name1 : NULL);
1567 * Return the second label of a CONF_SECTION
1570 const char *cf_section_name2(const CONF_SECTION *cs)
1572 return (cs ? cs->name2 : NULL);
1576 * Find a value in a CONF_SECTION
1578 char *cf_section_value_find(const CONF_SECTION *cs, const char *attr)
1582 cp = cf_pair_find(cs, attr);
1584 return (cp ? cp->value : NULL);
1588 * Return the next pair after a CONF_PAIR
1589 * with a certain name (char *attr) If the requested
1590 * attr is NULL, any attr matches.
1593 CONF_PAIR *cf_pair_find_next(const CONF_SECTION *cs,
1594 const CONF_PAIR *pair, const char *attr)
1599 * If pair is NULL this must be a first time run
1600 * Find the pair with correct name
1604 return cf_pair_find(cs, attr);
1607 ci = cf_pairtoitem(pair)->next;
1609 for (; ci; ci = ci->next) {
1610 if (ci->type != CONF_ITEM_PAIR)
1612 if (attr == NULL || strcmp(cf_itemtopair(ci)->attr, attr) == 0)
1616 return cf_itemtopair(ci);
1620 * Find a CONF_SECTION, or return the root if name is NULL
1623 CONF_SECTION *cf_section_find(const char *name)
1626 return cf_section_sub_find(mainconfig.config, name);
1628 return mainconfig.config;
1632 * Find a sub-section in a section
1635 CONF_SECTION *cf_section_sub_find(const CONF_SECTION *cs, const char *name)
1640 * Do the fast lookup if possible.
1642 if (name && cs->section_tree) {
1647 return rbtree_finddata(cs->section_tree, &mycs);
1650 for (ci = cs->children; ci; ci = ci->next) {
1651 if (ci->type != CONF_ITEM_SECTION)
1653 if (strcmp(cf_itemtosection(ci)->name1, name) == 0)
1657 return cf_itemtosection(ci);
1663 * Find a CONF_SECTION with both names.
1665 CONF_SECTION *cf_section_sub_find_name2(const CONF_SECTION *cs,
1666 const char *name1, const char *name2)
1670 if (!name2) return cf_section_sub_find(cs, name1);
1672 if (!cs) cs = mainconfig.config;
1674 if (name1 && (cs->section_tree)) {
1675 CONF_SECTION mycs, *master_cs;
1680 master_cs = rbtree_finddata(cs->section_tree, &mycs);
1682 return rbtree_finddata(master_cs->name2_tree, &mycs);
1687 * Else do it the old-fashioned way.
1689 for (ci = cs->children; ci; ci = ci->next) {
1690 CONF_SECTION *subcs;
1692 if (ci->type != CONF_ITEM_SECTION)
1695 subcs = cf_itemtosection(ci);
1697 if (!subcs->name2) {
1698 if (strcmp(subcs->name1, name2) == 0) break;
1700 if (strcmp(subcs->name2, name2) == 0) break;
1702 continue; /* don't do the string comparisons below */
1705 if ((strcmp(subcs->name1, name1) == 0) &&
1706 (subcs->name2 != NULL) &&
1707 (strcmp(subcs->name2, name2) == 0))
1711 return cf_itemtosection(ci);
1715 * Return the next subsection after a CONF_SECTION
1716 * with a certain name1 (char *name1). If the requested
1717 * name1 is NULL, any name1 matches.
1720 CONF_SECTION *cf_subsection_find_next(CONF_SECTION *section,
1721 CONF_SECTION *subsection,
1727 * If subsection is NULL this must be a first time run
1728 * Find the subsection with correct name
1731 if (subsection == NULL){
1732 ci = section->children;
1734 ci = cf_sectiontoitem(subsection)->next;
1737 for (; ci; ci = ci->next) {
1738 if (ci->type != CONF_ITEM_SECTION)
1740 if ((name1 == NULL) ||
1741 (strcmp(cf_itemtosection(ci)->name1, name1) == 0))
1745 return cf_itemtosection(ci);
1749 * Return the next item after a CONF_ITEM.
1752 CONF_ITEM *cf_item_find_next(CONF_SECTION *section, CONF_ITEM *item)
1755 * If item is NULL this must be a first time run
1756 * Return the first item
1760 return section->children;
1766 int cf_section_lineno(CONF_SECTION *section)
1768 return cf_sectiontoitem(section)->lineno;
1771 int cf_pair_lineno(CONF_PAIR *pair)
1773 return cf_pairtoitem(pair)->lineno;
1776 int cf_item_is_section(CONF_ITEM *item)
1778 return item->type == CONF_ITEM_SECTION;
1780 int cf_item_is_pair(CONF_ITEM *item)
1782 return item->type == CONF_ITEM_PAIR;
1786 static CONF_DATA *cf_data_alloc(CONF_SECTION *parent, const char *name,
1787 void *data, void (*data_free)(void *))
1791 cd = rad_malloc(sizeof(*cd));
1792 memset(cd, 0, sizeof(*cd));
1794 cd->item.type = CONF_ITEM_DATA;
1795 cd->item.parent = parent;
1796 cd->name = strdup(name);
1798 cd->free = data_free;
1804 static void *cf_data_find_internal(CONF_SECTION *cs, const char *name,
1807 if (!cs || !name) return NULL;
1810 * Find the name in the tree, for speed.
1812 if (cs->data_tree) {
1813 CONF_DATA mycd, *cd;
1817 cd = rbtree_finddata(cs->data_tree, &mycd);
1818 if (cd) return cd->data;
1825 * Find data from a particular section.
1827 void *cf_data_find(CONF_SECTION *cs, const char *name)
1829 return cf_data_find_internal(cs, name, 0);
1834 * Add named data to a configuration section.
1836 static int cf_data_add_internal(CONF_SECTION *cs, const char *name,
1837 void *data, void (*data_free)(void *),
1842 if (!cs || !name) return -1;
1845 * Already exists. Can't add it.
1847 if (cf_data_find_internal(cs, name, flag) != NULL) return -1;
1849 cd = cf_data_alloc(cs, name, data, data_free);
1853 cf_item_add(cs, cf_datatoitem(cd));
1859 * Add named data to a configuration section.
1861 int cf_data_add(CONF_SECTION *cs, const char *name,
1862 void *data, void (*data_free)(void *))
1864 return cf_data_add_internal(cs, name, data, data_free, 0);
1869 * Copy CONF_DATA from src to dst
1871 static void cf_section_copy_data(CONF_SECTION *s, CONF_SECTION *d)
1874 CONF_ITEM *cd, *next, **last;
1877 * Don't check if s->data_tree is NULL. It's child
1878 * sections may have data, even if this section doesn't.
1881 rad_assert(d->data_tree == NULL);
1882 d->data_tree = s->data_tree;
1883 s->data_tree = NULL;
1886 * Walk through src, moving CONF_ITEM_DATA
1889 last = &(s->children);
1890 for (cd = s->children; cd != NULL; cd = next) {
1894 * Recursively copy data from child sections.
1896 if (cd->type == CONF_ITEM_SECTION) {
1897 CONF_SECTION *s1, *d1;
1899 s1 = cf_itemtosection(cd);
1900 d1 = cf_section_sub_find_name2(d, s1->name1, s1->name2);
1902 cf_section_copy_data(s1, d1);
1909 * Not conf data, remember last ptr.
1911 if (cd->type != CONF_ITEM_DATA) {
1917 * Remove it from the src list
1923 * Add it to the dst list
1926 rad_assert(d->tail == NULL);
1929 rad_assert(d->tail != NULL);
1937 * For a CONF_DATA element, stat the filename, if necessary.
1939 static int filename_stat(void *context, void *data)
1942 CONF_DATA *cd = data;
1944 context = context; /* -Wunused */
1946 if (cd->flag != PW_TYPE_FILENAME) return 0;
1948 if (stat(cd->name, &buf) < 0) return -1;
1950 if (buf.st_mtime != *(time_t *) cd->data) return -1;
1957 * Compare two CONF_SECTIONS. The items MUST be in the same
1960 static int cf_section_cmp(CONF_SECTION *a, CONF_SECTION *b)
1962 CONF_ITEM *ca = a->children;
1963 CONF_ITEM *cb = b->children;
1971 if (!ca && !cb) break;
1976 if (ca && ca->type == CONF_ITEM_DATA) {
1980 if (cb && cb->type == CONF_ITEM_DATA) {
1986 * One is smaller than the other. Exit.
1988 if (!ca || !cb) return 0;
1990 if (ca->type != cb->type) return 0;
1993 * Deal with subsections.
1995 if (ca->type == CONF_ITEM_SECTION) {
1996 CONF_SECTION *sa = cf_itemtosection(ca);
1997 CONF_SECTION *sb = cf_itemtosection(cb);
1999 if (!cf_section_cmp(sa, sb)) return 0;
2003 rad_assert(ca->type == CONF_ITEM_PAIR);
2005 pa = cf_itemtopair(ca);
2006 pb = cf_itemtopair(cb);
2009 * Different attr and/or value, Exit.
2011 if ((strcmp(pa->attr, pb->attr) != 0) ||
2012 (strcmp(pa->value, pb->value) != 0)) return 0;
2016 * And go to the next element.
2024 * Walk over the CONF_DATA, stat'ing PW_TYPE_FILENAME.
2027 (rbtree_walk(a->data_tree, InOrder, filename_stat, NULL) != 0)) {
2032 * They must be the same, say so.
2039 * Migrate CONF_DATA from one section to another.
2041 int cf_section_migrate(CONF_SECTION *dst, CONF_SECTION *src)
2044 CONF_SECTION *s, *d;
2046 for (ci = src->children; ci != NULL; ci = ci->next) {
2047 if (ci->type != CONF_ITEM_SECTION)
2050 s = cf_itemtosection(ci);
2051 d = cf_section_sub_find_name2(dst, s->name1, s->name2);
2053 if (!d) continue; /* not in new one, don't migrate it */
2056 * A section of the same name is in BOTH src & dst,
2057 * compare the CONF_PAIR's. If they're all the same,
2058 * then copy the CONF_DATA from one to the other.
2060 if (cf_section_cmp(s, d)) {
2061 cf_section_copy_data(s, d);
2065 return 1; /* rcode means anything? */
2068 int cf_section_template(CONF_SECTION *cs, CONF_SECTION *template)
2070 if (!cs || !template || cs->template || template->template) return -1;
2072 cs->template = template;
2079 * JMG dump_config tries to dump the config structure in a readable format
2083 static int dump_config_section(CONF_SECTION *cs, int indent)
2089 /* The DEBUG macro doesn't let me
2090 * for(i=0;i<indent;++i) debugputchar('\t');
2091 * so I had to get creative. --Pac. */
2093 for (ci = cs->children; ci; ci = ci->next) {
2095 case CONF_ITEM_PAIR:
2096 cp=cf_itemtopair(ci);
2097 DEBUG("%.*s%s = %s",
2098 indent, "\t\t\t\t\t\t\t\t\t\t\t",
2099 cp->attr, cp->value);
2102 case CONF_ITEM_SECTION:
2103 scs=cf_itemtosection(ci);
2104 DEBUG("%.*s%s %s%s{",
2105 indent, "\t\t\t\t\t\t\t\t\t\t\t",
2107 scs->name2 ? scs->name2 : "",
2108 scs->name2 ? " " : "");
2109 dump_config_section(scs, indent+1);
2111 indent, "\t\t\t\t\t\t\t\t\t\t\t");
2114 default: /* FIXME: Do more! */
2122 int dump_config(void)
2124 return dump_config_section(mainconfig.config, 0);