2 * conffile.c Read the radiusd.conf file.
4 * Yep I should learn to use lex & yacc, or at least
5 * write a decent parser. I know how to do that, really :)
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License as published by
12 * the Free Software Foundation; either version 2 of the License, or
13 * (at your option) any later version.
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 * GNU General Public License for more details.
20 * You should have received a copy of the GNU General Public License
21 * along with this program; if not, write to the Free Software
22 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
24 * Copyright 2000,2006 The FreeRADIUS server project
25 * Copyright 2000 Miquel van Smoorenburg <miquels@cistron.nl>
26 * Copyright 2000 Alan DeKok <aland@ox.org>
31 #include <freeradius-devel/radiusd.h>
32 #include <freeradius-devel/parser.h>
33 #include <freeradius-devel/rad_assert.h>
39 #ifdef HAVE_SYS_STAT_H
45 bool check_config = false;
47 typedef enum conf_property {
48 CONF_PROPERTY_INVALID = 0,
50 CONF_PROPERTY_INSTANCE,
53 static const FR_NAME_NUMBER conf_property_name[] = {
54 { "name", CONF_PROPERTY_NAME},
55 { "instance", CONF_PROPERTY_INSTANCE},
60 typedef enum conf_type {
61 CONF_ITEM_INVALID = 0,
68 struct conf_item *next; //!< Sibling.
69 struct conf_part *parent; //!< Parent.
70 int lineno; //!< The line number the config item began on.
71 char const *filename; //!< The file the config item was parsed from.
72 CONF_ITEM_TYPE type; //!< Whether the config item is a config_pair, conf_section or conf_data.
75 /** Configuration AVP similar to a VALUE_PAIR
80 char const *attr; //!< Attribute name
81 char const *value; //!< Attribute value
82 FR_TOKEN op; //!< Operator e.g. =, :=
83 FR_TOKEN lhs_type; //!< Name quoting style T_(DOUBLE|SINGLE|BACK)_QUOTE_STRING or T_BARE_WORD.
84 FR_TOKEN rhs_type; //!< Value Quoting style T_(DOUBLE|SINGLE|BACK)_QUOTE_STRING or T_BARE_WORD.
85 bool pass2; //!< do expansion in pass2.
86 bool parsed; //!< Was this item used during parsing?
89 /** Internal data that is associated with a configuration section
96 void *data; //!< User data
97 void (*free)(void *); //!< Free user data function
102 char const *name1; //!< First name token. Given ``foo bar {}`` would be ``foo``.
103 char const *name2; //!< Second name token. Given ``foo bar {}`` would be ``bar``.
105 FR_TOKEN name2_type; //!< The type of quoting around name2.
108 CONF_ITEM *tail; //!< For speed.
109 CONF_SECTION *template;
111 rbtree_t *pair_tree; //!< and a partridge..
112 rbtree_t *section_tree; //!< no jokes here.
113 rbtree_t *name2_tree; //!< for sections of the same name2
119 CONF_PARSER const *variables;
122 typedef struct cf_file_t {
123 char const *filename;
128 CONF_SECTION *root_config = NULL;
129 bool cf_new_escape = false;
132 static int cf_data_add_internal(CONF_SECTION *cs, char const *name, void *data,
133 void (*data_free)(void *), int flag);
135 static void *cf_data_find_internal(CONF_SECTION const *cs, char const *name, int flag);
137 static char const *cf_expand_variables(char const *cf, int *lineno,
138 CONF_SECTION *outercs,
139 char *output, size_t outsize,
140 char const *input, bool *soft_fail);
142 static int cf_file_include(CONF_SECTION *cs, char const *filename_in);
147 * Isolate the scary casts in these tiny provably-safe functions
150 /** Cast a CONF_ITEM to a CONF_PAIR
153 CONF_PAIR *cf_item_to_pair(CONF_ITEM const *ci)
157 if (ci == NULL) return NULL;
159 rad_assert(ci->type == CONF_ITEM_PAIR);
161 memcpy(&out, &ci, sizeof(out));
165 /** Cast a CONF_ITEM to a CONF_SECTION
168 CONF_SECTION *cf_item_to_section(CONF_ITEM const *ci)
172 if (ci == NULL) return NULL;
174 rad_assert(ci->type == CONF_ITEM_SECTION);
176 memcpy(&out, &ci, sizeof(out));
180 /** Cast a CONF_PAIR to a CONF_ITEM
183 CONF_ITEM *cf_pair_to_item(CONF_PAIR const *cp)
187 if (cp == NULL) return NULL;
189 memcpy(&out, &cp, sizeof(out));
193 /** Cast a CONF_SECTION to a CONF_ITEM
196 CONF_ITEM *cf_section_to_item(CONF_SECTION const *cs)
200 if (cs == NULL) return NULL;
202 memcpy(&out, &cs, sizeof(out));
206 /** Cast CONF_DATA to a CONF_ITEM
209 static CONF_ITEM *cf_data_to_item(CONF_DATA const *cd)
217 memcpy(&out, &cd, sizeof(out));
221 static int _cf_data_free(CONF_DATA *cd)
223 if (cd->free) cd->free(cd->data);
229 * rbtree callback function
231 static int pair_cmp(void const *a, void const *b)
233 CONF_PAIR const *one = a;
234 CONF_PAIR const *two = b;
236 return strcmp(one->attr, two->attr);
241 * rbtree callback function
243 static int section_cmp(void const *a, void const *b)
245 CONF_SECTION const *one = a;
246 CONF_SECTION const *two = b;
248 return strcmp(one->name1, two->name1);
253 * rbtree callback function
255 static int name2_cmp(void const *a, void const *b)
257 CONF_SECTION const *one = a;
258 CONF_SECTION const *two = b;
260 rad_assert(strcmp(one->name1, two->name1) == 0);
262 if (!one->name2 && !two->name2) return 0;
263 if (one->name2 && !two->name2) return -1;
264 if (!one->name2 && two->name2) return +1;
266 return strcmp(one->name2, two->name2);
271 * rbtree callback function
273 static int data_cmp(void const *a, void const *b)
277 CONF_DATA const *one = a;
278 CONF_DATA const *two = b;
280 rcode = one->flag - two->flag;
281 if (rcode != 0) return rcode;
283 return strcmp(one->name, two->name);
287 * Functions for tracking filenames.
289 static int filename_cmp(void const *a, void const *b)
291 cf_file_t const *one = a;
292 cf_file_t const *two = b;
294 if (one->buf.st_dev < two->buf.st_dev) return -1;
295 if (one->buf.st_dev > two->buf.st_dev) return +1;
297 if (one->buf.st_ino < two->buf.st_ino) return -1;
298 if (one->buf.st_ino > two->buf.st_ino) return +1;
303 static FILE *cf_file_open(CONF_SECTION *cs, char const *filename)
312 top = cf_top_section(cs);
313 cd = cf_data_find_internal(top, "filename", 0);
314 if (!cd) return NULL;
318 fp = fopen(filename, "r");
320 ERROR("Unable to open file \"%s\": %s",
321 filename, fr_syserror(errno));
327 file = talloc(tree, cf_file_t);
333 file->filename = filename;
336 if (fstat(fd, &file->buf) == 0) {
338 if ((file->buf.st_mode & S_IWOTH) != 0) {
339 ERROR("Configuration file %s is globally writable. "
340 "Refusing to start due to insecure configuration.", filename);
350 * We can include the same file twice. e.g. when it
351 * contains common definitions, such as for SQL.
353 * Though the admin should really use templates for that.
355 if (!rbtree_insert(tree, file)) {
363 * Do some checks on the file
365 static bool cf_file_check(CONF_SECTION *cs, char const *filename, bool check_perms)
372 top = cf_top_section(cs);
373 cd = cf_data_find_internal(top, "filename", 0);
374 if (!cd) return false;
378 file = talloc(tree, cf_file_t);
379 if (!file) return false;
381 file->filename = filename;
384 if (stat(filename, &file->buf) < 0) {
385 ERROR("Unable to check file \"%s\": %s", filename, fr_syserror(errno));
396 if ((file->buf.st_mode & S_IWOTH) != 0) {
397 ERROR("Configuration file %s is globally writable. "
398 "Refusing to start due to insecure configuration.", filename);
405 * It's OK to include the same file twice...
407 if (!rbtree_insert(tree, file)) {
416 typedef struct cf_file_callback_t {
418 rb_walker_t callback;
419 CONF_SECTION *modules;
420 } cf_file_callback_t;
424 * Return 0 for keep going, 1 for stop.
426 static int file_callback(void *ctx, void *data)
428 cf_file_callback_t *cb = ctx;
429 cf_file_t *file = data;
433 * The file doesn't exist or we can no longer read it.
435 if (stat(file->filename, &buf) < 0) {
436 cb->rcode = CF_FILE_ERROR;
441 * The file changed, we'll need to re-read it.
443 if (buf.st_mtime != file->buf.st_mtime) {
445 if (cb->callback(cb->modules, file->cs)) {
446 cb->rcode |= CF_FILE_MODULE;
447 DEBUG3("HUP: Changed module file %s", file->filename);
449 DEBUG3("HUP: Changed config file %s", file->filename);
450 cb->rcode |= CF_FILE_CONFIG;
459 * See if any of the files have changed.
461 int cf_file_changed(CONF_SECTION *cs, rb_walker_t callback)
465 cf_file_callback_t cb;
468 top = cf_top_section(cs);
469 cd = cf_data_find_internal(top, "filename", 0);
470 if (!cd) return true;
474 cb.rcode = CF_FILE_NONE;
475 cb.callback = callback;
476 cb.modules = cf_section_sub_find(cs, "modules");
478 (void) rbtree_walk(tree, RBTREE_IN_ORDER, file_callback, &cb);
483 static int _cf_section_free(CONF_SECTION *cs)
486 * Name1 and name2 are allocated contiguous with
490 rbtree_free(cs->pair_tree);
491 cs->pair_tree = NULL;
493 if (cs->section_tree) {
494 rbtree_free(cs->section_tree);
495 cs->section_tree = NULL;
497 if (cs->name2_tree) {
498 rbtree_free(cs->name2_tree);
499 cs->name2_tree = NULL;
502 rbtree_free(cs->data_tree);
503 cs->data_tree = NULL;
509 /** Allocate a CONF_PAIR
511 * @param parent CONF_SECTION to hang this CONF_PAIR off of.
513 * @param value of CONF_PAIR.
514 * @param op T_OP_EQ, T_OP_SET etc.
515 * @param lhs_type T_BARE_WORD, T_DOUBLE_QUOTED_STRING, T_BACK_QUOTED_STRING
516 * @param rhs_type T_BARE_WORD, T_DOUBLE_QUOTED_STRING, T_BACK_QUOTED_STRING
517 * @return NULL on error, else a new CONF_SECTION parented by parent.
519 CONF_PAIR *cf_pair_alloc(CONF_SECTION *parent, char const *attr, char const *value,
520 FR_TOKEN op, FR_TOKEN lhs_type, FR_TOKEN rhs_type)
524 rad_assert(fr_equality_op[op] || fr_assignment_op[op]);
525 if (!attr) return NULL;
527 cp = talloc_zero(parent, CONF_PAIR);
528 if (!cp) return NULL;
530 cp->item.type = CONF_ITEM_PAIR;
531 cp->item.parent = parent;
532 cp->lhs_type = lhs_type;
533 cp->rhs_type = rhs_type;
536 cp->attr = talloc_typed_strdup(cp, attr);
544 cp->value = talloc_typed_strdup(cp, value);
545 if (!cp->value) goto error;
551 /** Duplicate a CONF_PAIR
553 * @param parent to allocate new pair in.
554 * @param cp to duplicate.
555 * @return NULL on error, else a duplicate of the input pair.
557 CONF_PAIR *cf_pair_dup(CONF_SECTION *parent, CONF_PAIR *cp)
564 new = cf_pair_alloc(parent, cp->attr, cf_pair_value(cp),
565 cp->op, cp->lhs_type, cp->rhs_type);
566 if (!new) return NULL;
568 new->parsed = cp->parsed;
569 new->item.lineno = cp->item.lineno;
572 * Avoid mallocs if possible.
574 if (!cp->item.filename || (parent->item.filename && !strcmp(parent->item.filename, cp->item.filename))) {
575 new->item.filename = parent->item.filename;
577 new->item.filename = talloc_strdup(new, cp->item.filename);
583 /** Add a configuration pair to a section
585 * @param parent section to add pair to.
588 void cf_pair_add(CONF_SECTION *parent, CONF_PAIR *cp)
590 cf_item_add(parent, cf_pair_to_item(cp));
593 /** Allocate a CONF_SECTION
595 * @param parent CONF_SECTION to hang this CONF_SECTION off of.
596 * @param name1 Primary name.
597 * @param name2 Secondary name.
598 * @return NULL on error, else a new CONF_SECTION parented by parent.
600 CONF_SECTION *cf_section_alloc(CONF_SECTION *parent, char const *name1, char const *name2)
605 if (!name1) return NULL;
607 if (name2 && parent) {
608 if (strchr(name2, '$')) {
609 name2 = cf_expand_variables(parent->item.filename,
610 &parent->item.lineno,
612 buffer, sizeof(buffer), name2, NULL);
614 ERROR("Failed expanding section name");
620 cs = talloc_zero(parent, CONF_SECTION);
621 if (!cs) return NULL;
623 cs->item.type = CONF_ITEM_SECTION;
624 cs->item.parent = parent;
626 cs->name1 = talloc_typed_strdup(cs, name1);
634 cs->name2 = talloc_typed_strdup(cs, name2);
635 if (!cs->name2) goto error;
638 cs->pair_tree = rbtree_create(cs, pair_cmp, NULL, 0);
639 if (!cs->pair_tree) goto error;
641 talloc_set_destructor(cs, _cf_section_free);
644 * Don't create a data tree, it may not be needed.
648 * Don't create the section tree here, it may not
652 if (parent) cs->depth = parent->depth + 1;
657 /** Duplicate a configuration section
659 * @note recursively duplicates any child sections.
660 * @note does not duplicate any data associated with a section, or its child sections.
662 * @param parent section (may be NULL).
663 * @param cs to duplicate.
664 * @param name1 of new section.
665 * @param name2 of new section.
666 * @param copy_meta Copy additional meta data for a section (like template, base, depth and variables).
667 * @return a duplicate of the existing section, or NULL on error.
669 CONF_SECTION *cf_section_dup(CONF_SECTION *parent, CONF_SECTION const *cs,
670 char const *name1, char const *name2, bool copy_meta)
672 CONF_SECTION *new, *subcs;
676 new = cf_section_alloc(parent, name1, name2);
679 new->template = cs->template;
680 new->base = cs->base;
681 new->depth = cs->depth;
682 new->variables = cs->variables;
685 new->item.lineno = cs->item.lineno;
687 if (!cs->item.filename || (parent && (strcmp(parent->item.filename, cs->item.filename) == 0))) {
688 new->item.filename = parent->item.filename;
690 new->item.filename = talloc_strdup(new, cs->item.filename);
693 for (ci = cs->children; ci; ci = ci->next) {
695 case CONF_ITEM_SECTION:
696 subcs = cf_item_to_section(ci);
697 subcs = cf_section_dup(new, subcs,
698 cf_section_name1(subcs), cf_section_name2(subcs),
704 cf_section_add(new, subcs);
708 cp = cf_pair_dup(new, cf_item_to_pair(ci));
713 cf_pair_add(new, cp);
716 case CONF_ITEM_DATA: /* Skip data */
719 case CONF_ITEM_INVALID:
727 void cf_section_add(CONF_SECTION *parent, CONF_SECTION *cs)
729 cf_item_add(parent, &(cs->item));
732 /** Replace pair in a given section with a new pair, of the given value.
734 * @param cs to replace pair in.
735 * @param cp to replace.
736 * @param value New value to assign to cp.
737 * @return 0 on success, -1 on failure.
739 int cf_pair_replace(CONF_SECTION *cs, CONF_PAIR *cp, char const *value)
742 CONF_ITEM *ci, *cn, **last;
744 newp = cf_pair_alloc(cs, cp->attr, value, cp->op, cp->lhs_type, cp->rhs_type);
745 if (!newp) return -1;
751 * Find the old one from the linked list, and replace it
754 for (last = &cs->children; (*last) != NULL; last = &(*last)->next) {
756 cn->next = (*last)->next;
763 rbtree_deletebydata(cs->pair_tree, ci);
765 rbtree_insert(cs->pair_tree, cn);
772 * Add an item to a configuration section.
774 void cf_item_add(CONF_SECTION *cs, CONF_ITEM *ci)
777 CONF_ITEM *first = ci;
780 rad_assert((void *)cs != (void *)ci);
782 if (!cs || !ci) return;
785 rad_assert(cs->tail == NULL);
788 rad_assert(cs->tail != NULL);
793 * Update the trees (and tail) for each item added.
795 for (/* nothing */; ci != NULL; ci = ci->next) {
796 rad_assert(ci->next != first); /* simple cycle detection */
801 * For fast lookups, pairs and sections get
806 if (!rbtree_insert(cs->pair_tree, ci)) {
807 CONF_PAIR *cp = cf_item_to_pair(ci);
809 if (strcmp(cp->attr, "confdir") == 0) break;
810 if (!cp->value) break; /* module name, "ok", etc. */
814 case CONF_ITEM_SECTION: {
815 CONF_SECTION *cs_new = cf_item_to_section(ci);
816 CONF_SECTION *name1_cs;
818 if (!cs->section_tree) {
819 cs->section_tree = rbtree_create(cs, section_cmp, NULL, 0);
820 if (!cs->section_tree) {
821 ERROR("Out of memory");
826 name1_cs = rbtree_finddata(cs->section_tree, cs_new);
828 if (!rbtree_insert(cs->section_tree, cs_new)) {
829 ERROR("Failed inserting section into tree");
836 * We already have a section of
837 * this "name1". Add a new
838 * sub-section based on name2.
840 if (!name1_cs->name2_tree) {
841 name1_cs->name2_tree = rbtree_create(name1_cs, name2_cmp, NULL, 0);
842 if (!name1_cs->name2_tree) {
843 ERROR("Out of memory");
849 * We don't care if this fails.
850 * If the user tries to create
851 * two sections of the same
852 * name1/name2, the duplicate
853 * section is just silently
856 rbtree_insert(name1_cs->name2_tree, cs_new);
858 } /* was a section */
861 if (!cs->data_tree) {
862 cs->data_tree = rbtree_create(cs, data_cmp, NULL, 0);
865 rbtree_insert(cs->data_tree, ci);
869 default: /* FIXME: assert & error! */
872 } /* switch over conf types */
877 CONF_ITEM *cf_reference_item(CONF_SECTION const *parentcs,
878 CONF_SECTION *outercs,
883 CONF_SECTION const *cs = outercs;
887 if (!cs) goto no_such_item;
889 strlcpy(name, ptr, sizeof(name));
893 * ".foo" means "foo from the current section"
899 * Just '.' means the current section
902 return cf_section_to_item(cs);
906 * ..foo means "foo from the section
907 * enclosing this section" (etc.)
910 if (cs->item.parent) {
911 cs = cs->item.parent;
915 * .. means the section
916 * enclosing this section
919 return cf_section_to_item(cs);
924 * "foo.bar.baz" means "from the root"
926 } else if (strchr(p, '.') != NULL) {
927 if (!parentcs) goto no_such_item;
939 if (r && q > r) q = NULL;
940 if (q && q < r) r = NULL;
946 q = strchr(r + 1, ']');
947 if (!q) return NULL; /* parse error */
950 * Points to foo[bar]xx: parse error,
951 * it should be foo[bar] or foo[bar].baz
953 if (q[1] && q[1] != '.') goto no_such_item;
957 next = cf_section_sub_find_name2(cs, p, r + 1);
962 * Points to a named instance of a section.
965 if (!next) goto no_such_item;
966 return &(next->item);
969 q++; /* ensure we skip the ']' and '.' */
973 next = cf_section_sub_find(cs, p);
977 if (!next) break; /* it MAY be a pair in this section! */
983 if (!*p) goto no_such_item;
987 * Find it in the current referenced
990 cp = cf_pair_find(cs, p);
992 cp->parsed = true; /* conf pairs which are referenced count as parsed */
996 next = cf_section_sub_find(cs, p);
997 if (next) return &(next->item);
1000 * "foo" is "in the current section, OR in main".
1002 if ((p == name) && (parentcs != NULL) && (cs != parentcs)) {
1012 CONF_SECTION *cf_top_section(CONF_SECTION *cs)
1014 if (!cs) return NULL;
1016 while (cs->item.parent != NULL) {
1017 cs = cs->item.parent;
1025 * Expand the variables in an input string.
1027 static char const *cf_expand_variables(char const *cf, int *lineno,
1028 CONF_SECTION *outercs,
1029 char *output, size_t outsize,
1030 char const *input, bool *soft_fail)
1033 char const *end, *ptr;
1034 CONF_SECTION const *parentcs;
1037 if (soft_fail) *soft_fail = false;
1040 * Find the master parent conf section.
1041 * We can't use main_config.config, because we're in the
1042 * process of re-building it, and it isn't set up yet...
1044 parentcs = cf_top_section(outercs);
1050 * Ignore anything other than "${"
1052 if ((*ptr == '$') && (ptr[1] == '{')) {
1058 * FIXME: Add support for ${foo:-bar},
1063 * Look for trailing '}', and log a
1064 * warning for anything that doesn't match,
1065 * and exit with a fatal error.
1067 end = strchr(ptr, '}');
1070 INFO("%s[%d]: Variable expansion missing }",
1078 * Can't really happen because input lines are
1079 * capped at 8k, which is sizeof(name)
1081 if ((size_t) (end - ptr) >= sizeof(name)) {
1082 ERROR("%s[%d]: Reference string is too large",
1087 memcpy(name, ptr, end - ptr);
1088 name[end - ptr] = '\0';
1090 q = strchr(name, ':');
1095 ci = cf_reference_item(parentcs, outercs, name);
1097 if (soft_fail) *soft_fail = true;
1098 ERROR("%s[%d]: Reference \"${%s}\" not found", cf, *lineno, name);
1103 * The expansion doesn't refer to another item or section
1104 * it's the property of a section.
1107 CONF_SECTION *mycs = cf_item_to_section(ci);
1109 if (ci->type != CONF_ITEM_SECTION) {
1110 ERROR("%s[%d]: Can only reference properties of sections", cf, *lineno);
1114 switch (fr_str2int(conf_property_name, q, CONF_PROPERTY_INVALID)) {
1115 case CONF_PROPERTY_NAME:
1116 strcpy(p, mycs->name1);
1119 case CONF_PROPERTY_INSTANCE:
1120 strcpy(p, mycs->name2 ? mycs->name2 : mycs->name1);
1124 ERROR("%s[%d]: Invalid property '%s'", cf, *lineno, q);
1130 } else if (ci->type == CONF_ITEM_PAIR) {
1132 * Substitute the value of the variable.
1134 cp = cf_item_to_pair(ci);
1137 * If the thing we reference is
1138 * marked up as being expanded in
1139 * pass2, don't expand it now.
1140 * Let it be expanded in pass2.
1143 if (soft_fail) *soft_fail = true;
1145 ERROR("%s[%d]: Reference \"%s\" points to a variable which has not been expanded.",
1146 cf, *lineno, input);
1151 ERROR("%s[%d]: Reference \"%s\" has no value",
1152 cf, *lineno, input);
1156 if (p + strlen(cp->value) >= output + outsize) {
1157 ERROR("%s[%d]: Reference \"%s\" is too long",
1158 cf, *lineno, input);
1162 strcpy(p, cp->value);
1166 } else if (ci->type == CONF_ITEM_SECTION) {
1167 CONF_SECTION *subcs;
1170 * Adding an entry again to a
1171 * section is wrong. We don't
1172 * want an infinite loop.
1174 if (ci->parent == outercs) {
1175 ERROR("%s[%d]: Cannot reference different item in same section", cf, *lineno);
1180 * Copy the section instead of
1183 subcs = cf_item_to_section(ci);
1184 subcs = cf_section_dup(outercs, subcs,
1185 cf_section_name1(subcs), cf_section_name2(subcs),
1188 ERROR("%s[%d]: Failed copying reference %s", cf, *lineno, name);
1192 subcs->item.filename = ci->filename;
1193 subcs->item.lineno = ci->lineno;
1194 cf_item_add(outercs, &(subcs->item));
1199 ERROR("%s[%d]: Reference \"%s\" type is invalid", cf, *lineno, input);
1202 } else if (strncmp(ptr, "$ENV{", 5) == 0) {
1208 * Look for trailing '}', and log a
1209 * warning for anything that doesn't match,
1210 * and exit with a fatal error.
1212 end = strchr(ptr, '}');
1215 INFO("%s[%d]: Environment variable expansion missing }",
1221 * Can't really happen because input lines are
1222 * capped at 8k, which is sizeof(name)
1224 if ((size_t) (end - ptr) >= sizeof(name)) {
1225 ERROR("%s[%d]: Environment variable name is too large",
1230 memcpy(name, ptr, end - ptr);
1231 name[end - ptr] = '\0';
1234 * Get the environment variable.
1235 * If none exists, then make it an empty string.
1243 if (p + strlen(env) >= output + outsize) {
1244 ERROR("%s[%d]: Reference \"%s\" is too long",
1245 cf, *lineno, input);
1255 * Copy it over verbatim.
1261 if (p >= (output + outsize)) {
1262 ERROR("%s[%d]: Reference \"%s\" is too long",
1263 cf, *lineno, input);
1266 } /* loop over all of the input string. */
1273 static char const parse_spaces[] = " ";
1275 /** Validation function for ipaddr conffile types
1278 static inline int fr_item_validate_ipaddr(CONF_SECTION *cs, char const *name, PW_TYPE type, char const *value,
1279 fr_ipaddr_t *ipaddr)
1283 if (strcmp(value, "*") == 0) {
1284 cf_log_info(cs, "%.*s\t%s = *", cs->depth, parse_spaces, name);
1285 } else if (strspn(value, ".0123456789abdefABCDEF:%[]/") == strlen(value)) {
1286 cf_log_info(cs, "%.*s\t%s = %s", cs->depth, parse_spaces, name, value);
1288 cf_log_info(cs, "%.*s\t%s = %s IPv%s address [%s]", cs->depth, parse_spaces, name, value,
1289 (ipaddr->af == AF_INET ? "4" : " 6"), ip_ntoh(ipaddr, ipbuf, sizeof(ipbuf)));
1293 case PW_TYPE_IPV4_ADDR:
1294 case PW_TYPE_IPV6_ADDR:
1295 case PW_TYPE_COMBO_IP_ADDR:
1296 switch (ipaddr->af) {
1298 if (ipaddr->prefix != 32) {
1299 ERROR("Invalid IPv4 mask length \"/%i\". Only \"/32\" permitted for non-prefix types",
1307 if (ipaddr->prefix != 128) {
1308 ERROR("Invalid IPv6 mask length \"/%i\". Only \"/128\" permitted for non-prefix types",
1323 /** Parses a #CONF_PAIR into a C data type, with a default value.
1325 * Takes fields from a #CONF_PARSER struct and uses them to parse the string value
1326 * of a #CONF_PAIR into a C data type matching the type argument.
1328 * The format of the types are the same as #value_data_t types.
1330 * @note The dflt value will only be used if no matching #CONF_PAIR is found. Empty strings will not
1331 * result in the dflt value being used.
1333 * **PW_TYPE to data type mappings**
1334 * | PW_TYPE | Data type | Dynamically allocated |
1335 * | ----------------------- | ------------------ | ---------------------- |
1336 * | PW_TYPE_TMPL | ``vp_tmpl_t`` | Yes |
1337 * | PW_TYPE_BOOLEAN | ``bool`` | No |
1338 * | PW_TYPE_INTEGER | ``uint32_t`` | No |
1339 * | PW_TYPE_SHORT | ``uint16_t`` | No |
1340 * | PW_TYPE_INTEGER64 | ``uint64_t`` | No |
1341 * | PW_TYPE_SIGNED | ``int32_t`` | No |
1342 * | PW_TYPE_STRING | ``char const *`` | Yes |
1343 * | PW_TYPE_IPV4_ADDR | ``fr_ipaddr_t`` | No |
1344 * | PW_TYPE_IPV4_PREFIX | ``fr_ipaddr_t`` | No |
1345 * | PW_TYPE_IPV6_ADDR | ``fr_ipaddr_t`` | No |
1346 * | PW_TYPE_IPV6_PREFIX | ``fr_ipaddr_t`` | No |
1347 * | PW_TYPE_COMBO_IP_ADDR | ``fr_ipaddr_t`` | No |
1348 * | PW_TYPE_COMBO_IP_PREFIX | ``fr_ipaddr_t`` | No |
1349 * | PW_TYPE_TIMEVAL | ``struct timeval`` | No |
1351 * @param cs to search for matching #CONF_PAIR in.
1352 * @param name of #CONF_PAIR to search for.
1353 * @param type Data type to parse #CONF_PAIR value as.
1354 * Should be one of the following ``data`` types, and one or more of the following ``flag`` types or'd together:
1355 * - ``data`` #PW_TYPE_TMPL - @copybrief PW_TYPE_TMPL
1356 * Feeds the value into #tmpl_afrom_str. Value can be
1357 * obtained when processing requests, with #tmpl_expand or #tmpl_aexpand.
1358 * - ``data`` #PW_TYPE_BOOLEAN - @copybrief PW_TYPE_BOOLEAN
1359 * - ``data`` #PW_TYPE_INTEGER - @copybrief PW_TYPE_INTEGER
1360 * - ``data`` #PW_TYPE_SHORT - @copybrief PW_TYPE_SHORT
1361 * - ``data`` #PW_TYPE_INTEGER64 - @copybrief PW_TYPE_INTEGER64
1362 * - ``data`` #PW_TYPE_SIGNED - @copybrief PW_TYPE_SIGNED
1363 * - ``data`` #PW_TYPE_STRING - @copybrief PW_TYPE_STRING
1364 * - ``data`` #PW_TYPE_IPV4_ADDR - @copybrief PW_TYPE_IPV4_ADDR (IPv4 address with prefix 32).
1365 * - ``data`` #PW_TYPE_IPV4_PREFIX - @copybrief PW_TYPE_IPV4_PREFIX (IPv4 address with variable prefix).
1366 * - ``data`` #PW_TYPE_IPV6_ADDR - @copybrief PW_TYPE_IPV6_ADDR (IPv6 address with prefix 128).
1367 * - ``data`` #PW_TYPE_IPV6_PREFIX - @copybrief PW_TYPE_IPV6_PREFIX (IPv6 address with variable prefix).
1368 * - ``data`` #PW_TYPE_COMBO_IP_ADDR - @copybrief PW_TYPE_COMBO_IP_ADDR (IPv4/IPv6 address with
1370 * - ``data`` #PW_TYPE_COMBO_IP_PREFIX - @copybrief PW_TYPE_COMBO_IP_PREFIX (IPv4/IPv6 address with
1372 * - ``data`` #PW_TYPE_TIMEVAL - @copybrief PW_TYPE_TIMEVAL
1373 * - ``flag`` #PW_TYPE_DEPRECATED - @copybrief PW_TYPE_DEPRECATED
1374 * - ``flag`` #PW_TYPE_REQUIRED - @copybrief PW_TYPE_REQUIRED
1375 * - ``flag`` #PW_TYPE_ATTRIBUTE - @copybrief PW_TYPE_ATTRIBUTE
1376 * - ``flag`` #PW_TYPE_SECRET - @copybrief PW_TYPE_SECRET
1377 * - ``flag`` #PW_TYPE_FILE_INPUT - @copybrief PW_TYPE_FILE_INPUT
1378 * - ``flag`` #PW_TYPE_NOT_EMPTY - @copybrief PW_TYPE_NOT_EMPTY
1379 * @param data Pointer to a global variable, or pointer to a field in the struct being populated with values.
1380 * @param dflt value to use, if no #CONF_PAIR is found.
1382 * - 1 if default value was used.
1385 * - -2 if deprecated.
1387 int cf_item_parse(CONF_SECTION *cs, char const *name, unsigned int type, void *data, char const *dflt)
1390 bool deprecated, required, attribute, secret, file_input, cant_be_empty, tmpl, multi, file_exists;
1393 CONF_PAIR *cp = NULL;
1394 fr_ipaddr_t *ipaddr;
1402 deprecated = (type & PW_TYPE_DEPRECATED);
1403 required = (type & PW_TYPE_REQUIRED);
1404 attribute = (type & PW_TYPE_ATTRIBUTE);
1405 secret = (type & PW_TYPE_SECRET);
1406 file_input = (type == PW_TYPE_FILE_INPUT); /* check, not and */
1407 file_exists = (type == PW_TYPE_FILE_EXISTS); /* check, not and */
1408 cant_be_empty = (type & PW_TYPE_NOT_EMPTY);
1409 tmpl = (type & PW_TYPE_TMPL);
1410 multi = (type & PW_TYPE_MULTI);
1412 if (attribute) required = true;
1413 if (required) cant_be_empty = true; /* May want to review this in the future... */
1416 * Everything except templates must have a base type.
1418 if (!(type & 0xff) && !tmpl) {
1419 cf_log_err(c_item, "Configuration item \"%s\" must have a data type", name);
1423 type &= 0xff; /* normal types are small */
1427 cp = cf_pair_find(cs, name);
1430 * No pairs match the configuration item name in the current
1431 * section, use the default value.
1434 if (deprecated) return 0; /* Don't set the default value */
1439 * Something matched, used the CONF_PAIR value.
1442 CONF_PAIR *next = cp;
1449 cf_log_err(c_item, "Configuration item \"%s\" is deprecated", name);
1454 * A quick check to see if the next item is the same.
1456 if (!multi && cp->item.next && (cp->item.next->type == CONF_ITEM_PAIR)) {
1457 next = cf_item_to_pair(cp->item.next);
1459 if (strcmp(next->attr, name) == 0) {
1460 WARN("%s[%d]: Ignoring duplicate configuration item '%s'",
1461 next->item.filename ? next->item.filename : "unknown",
1462 next->item.lineno, name);
1467 while ((next = cf_pair_find_next(cs, next, name)) != NULL) {
1469 * @fixme We should actually validate
1470 * the value of the pairs too
1472 next->parsed = true;
1479 cf_log_err(c_item, "Configuration item \"%s\" must have a value", name);
1486 if ((value[0] == '\0') && cant_be_empty) {
1488 cf_log_err(c_item, "Configuration item \"%s\" must not be empty (zero length)", name);
1489 if (!required) cf_log_err(c_item, "Comment item to silence this message");
1496 * Process a value as a LITERAL template. Once all of
1497 * the attrs and xlats are defined, the pass2 code
1498 * converts it to the appropriate type.
1504 *(vp_tmpl_t **)data = NULL;
1508 rad_assert(!attribute);
1509 vpt = tmpl_alloc(cs, TMPL_TYPE_LITERAL, value, strlen(value));
1510 *(vp_tmpl_t **)data = vpt;
1516 case PW_TYPE_BOOLEAN:
1518 * Allow yes/no, true/false, and on/off
1520 if ((strcasecmp(value, "yes") == 0) ||
1521 (strcasecmp(value, "true") == 0) ||
1522 (strcasecmp(value, "on") == 0)) {
1523 *(bool *)data = true;
1524 } else if ((strcasecmp(value, "no") == 0) ||
1525 (strcasecmp(value, "false") == 0) ||
1526 (strcasecmp(value, "off") == 0)) {
1527 *(bool *)data = false;
1529 *(bool *)data = false;
1530 cf_log_err(&(cs->item), "Invalid value \"%s\" for boolean "
1531 "variable %s", value, name);
1534 cf_log_info(cs, "%.*s\t%s = %s",
1535 cs->depth, parse_spaces, name, value);
1538 case PW_TYPE_INTEGER:
1540 unsigned long v = strtoul(value, 0, 0);
1543 * Restrict integer values to 0-INT32_MAX, this means
1544 * it will always be safe to cast them to a signed type
1545 * for comparisons, and imposes the same range limit as
1546 * before we switched to using an unsigned type to
1547 * represent config item integers.
1549 if (v > INT32_MAX) {
1550 cf_log_err(&(cs->item), "Invalid value \"%s\" for variable %s, must be between 0-%u", value,
1555 *(uint32_t *)data = v;
1556 cf_log_info(cs, "%.*s\t%s = %u", cs->depth, parse_spaces, name, *(uint32_t *)data);
1562 unsigned long v = strtoul(value, 0, 0);
1564 if (v > UINT8_MAX) {
1565 cf_log_err(&(cs->item), "Invalid value \"%s\" for variable %s, must be between 0-%u", value,
1569 *(uint8_t *)data = (uint8_t) v;
1570 cf_log_info(cs, "%.*s\t%s = %u", cs->depth, parse_spaces, name, *(uint8_t *)data);
1576 unsigned long v = strtoul(value, 0, 0);
1578 if (v > UINT16_MAX) {
1579 cf_log_err(&(cs->item), "Invalid value \"%s\" for variable %s, must be between 0-%u", value,
1583 *(uint16_t *)data = (uint16_t) v;
1584 cf_log_info(cs, "%.*s\t%s = %u", cs->depth, parse_spaces, name, *(uint16_t *)data);
1588 case PW_TYPE_INTEGER64:
1589 *(uint64_t *)data = strtoull(value, 0, 0);
1590 cf_log_info(cs, "%.*s\t%s = %" PRIu64, cs->depth, parse_spaces, name, *(uint64_t *)data);
1593 case PW_TYPE_SIGNED:
1594 *(int32_t *)data = strtol(value, 0, 0);
1595 cf_log_info(cs, "%.*s\t%s = %d", cs->depth, parse_spaces, name, *(int32_t *)data);
1598 case PW_TYPE_STRING:
1605 * Expand variables which haven't already been
1606 * expanded automagically when the configuration
1609 if (value == dflt) {
1612 lineno = cs->item.lineno;
1614 value = cf_expand_variables("<internal>",
1616 cs, buffer, sizeof(buffer),
1619 cf_log_err(&(cs->item),"Failed expanding variable %s", name);
1624 if (cant_be_empty && (value[0] == '\0')) goto cant_be_empty;
1627 if (!dict_attrbyname(value)) {
1629 cf_log_err(&(cs->item), "No such attribute '%s' for configuration '%s'",
1632 cf_log_err(&(cp->item), "No such attribute '%s'", value);
1639 * Hide secrets when using "radiusd -X".
1641 if (secret && (rad_debug_lvl <= 2)) {
1642 cf_log_info(cs, "%.*s\t%s = <<< secret >>>",
1643 cs->depth, parse_spaces, name);
1645 cf_log_info(cs, "%.*s\t%s = \"%s\"",
1646 cs->depth, parse_spaces, name, value ? value : "(null)");
1648 *q = value ? talloc_typed_strdup(cs, value) : NULL;
1651 * If there's data AND it's an input file, check
1652 * that we can read it. This check allows errors
1653 * to be caught as early as possible, during
1656 if (*q && file_input && !cf_file_check(cs, *q, true)) {
1660 if (*q && file_exists && !cf_file_check(cs, *q, false)) {
1665 case PW_TYPE_IPV4_ADDR:
1666 case PW_TYPE_IPV4_PREFIX:
1669 if (fr_pton4(ipaddr, value, -1, true, false) < 0) {
1670 ERROR("%s", fr_strerror());
1673 if (fr_item_validate_ipaddr(cs, name, type, value, ipaddr) < 0) return -1;
1676 case PW_TYPE_IPV6_ADDR:
1677 case PW_TYPE_IPV6_PREFIX:
1680 if (fr_pton6(ipaddr, value, -1, true, false) < 0) {
1681 ERROR("%s", fr_strerror());
1684 if (fr_item_validate_ipaddr(cs, name, type, value, ipaddr) < 0) return -1;
1687 case PW_TYPE_COMBO_IP_ADDR:
1688 case PW_TYPE_COMBO_IP_PREFIX:
1691 if (fr_pton(ipaddr, value, -1, AF_UNSPEC, true) < 0) {
1692 ERROR("%s", fr_strerror());
1695 if (fr_item_validate_ipaddr(cs, name, type, value, ipaddr) < 0) return -1;
1698 case PW_TYPE_TIMEVAL: {
1703 sec = strtoul(value, &end, 10);
1709 len = strlen(end + 1);
1712 ERROR("Too much precision for timeval");
1717 * If they write "0.1", that means
1718 * "10000" microseconds.
1720 sec = strtoul(end + 1, NULL, 10);
1728 cf_log_info(cs, "%.*s\t%s = %d.%06d",
1729 cs->depth, parse_spaces, name, (int) tv.tv_sec, (int) tv.tv_usec);
1730 memcpy(data, &tv, sizeof(tv));
1736 * If we get here, it's a sanity check error.
1737 * It's not an error parsing the configuration
1740 rad_assert(type > PW_TYPE_INVALID);
1741 rad_assert(type < PW_TYPE_MAX);
1743 ERROR("type '%s' is not supported in the configuration files",
1744 fr_int2str(dict_attr_types, type, "?Unknown?"));
1746 } /* switch over variable type */
1751 cpn = cf_pair_alloc(cs, name, value, T_OP_SET, T_BARE_WORD, T_BARE_WORD);
1752 if (!cpn) return -1;
1754 cpn->item.filename = "<internal>";
1755 cpn->item.lineno = 0;
1756 cf_item_add(cs, &(cpn->item));
1764 * A copy of cf_section_parse that initializes pointers before
1767 static void cf_section_parse_init(CONF_SECTION *cs, void *base,
1768 CONF_PARSER const *variables)
1772 for (i = 0; variables[i].name != NULL; i++) {
1773 if (variables[i].type == PW_TYPE_SUBSECTION) {
1774 CONF_SECTION *subcs;
1776 if (!variables[i].dflt) continue;
1778 subcs = cf_section_sub_find(cs, variables[i].name);
1781 * If there's no subsection in the
1782 * config, BUT the CONF_PARSER wants one,
1783 * then create an empty one. This is so
1784 * that we can track the strings,
1785 * etc. allocated in the subsection.
1788 subcs = cf_section_alloc(cs, variables[i].name, NULL);
1791 subcs->item.filename = cs->item.filename;
1792 subcs->item.lineno = cs->item.lineno;
1793 cf_item_add(cs, &(subcs->item));
1796 cf_section_parse_init(subcs, (uint8_t *)base + variables[i].offset,
1797 (CONF_PARSER const *) variables[i].dflt);
1801 if ((variables[i].type != PW_TYPE_STRING) &&
1802 (variables[i].type != PW_TYPE_FILE_INPUT) &&
1803 (variables[i].type != PW_TYPE_FILE_OUTPUT)) {
1807 if (variables[i].data) {
1808 *(char **) variables[i].data = NULL;
1810 *(char **) (((char *)base) + variables[i].offset) = NULL;
1814 } /* for all variables in the configuration section */
1818 static void cf_section_parse_warn(CONF_SECTION *cs)
1822 for (ci = cs->children; ci; ci = ci->next) {
1824 * Don't recurse on sections. We can only safely
1825 * check conf pairs at the same level as the
1826 * section that was just parsed.
1828 if (ci->type == CONF_ITEM_SECTION) continue;
1829 if (ci->type == CONF_ITEM_PAIR) {
1832 cp = cf_item_to_pair(ci);
1833 if (cp->parsed) continue;
1835 WARN("%s[%d]: The item '%s' is defined, but is unused by the configuration",
1836 cp->item.filename ? cp->item.filename : "unknown",
1837 cp->item.lineno ? cp->item.lineno : 0,
1842 * Skip everything else.
1847 /** Parse a configuration section into user-supplied variables
1849 * @param cs to parse.
1850 * @param base pointer to a struct to fill with data. Any buffers will also be talloced
1851 * using this parent as a pointer.
1852 * @param variables mappings between struct fields and #CONF_ITEM s.
1855 * - -1 on general error.
1856 * - -2 if a deprecated #CONF_ITEM was found.
1858 int cf_section_parse(CONF_SECTION *cs, void *base, CONF_PARSER const *variables)
1864 cs->variables = variables; /* this doesn't hurt anything */
1867 cf_log_info(cs, "%.*s%s {", cs->depth, parse_spaces, cs->name1);
1869 cf_log_info(cs, "%.*s%s %s {", cs->depth, parse_spaces, cs->name1, cs->name2);
1872 cf_section_parse_init(cs, base, variables);
1875 * Handle the known configuration parameters.
1877 for (i = 0; variables[i].name != NULL; i++) {
1879 * Handle subsections specially
1881 if (variables[i].type == PW_TYPE_SUBSECTION) {
1882 CONF_SECTION *subcs;
1884 subcs = cf_section_sub_find(cs, variables[i].name);
1886 * Default in this case is overloaded to mean a pointer
1887 * to the CONF_PARSER struct for the subsection.
1889 if (!variables[i].dflt || !subcs) {
1890 ERROR("Internal sanity check 1 failed in cf_section_parse %s", variables[i].name);
1895 ret = cf_section_parse(subcs, (uint8_t *)base + variables[i].offset,
1896 (CONF_PARSER const *) variables[i].dflt);
1897 if (ret < 0) goto finish;
1899 } /* else it's a CONF_PAIR */
1901 if (variables[i].data) {
1902 data = variables[i].data; /* prefer this. */
1904 data = ((char *)base) + variables[i].offset;
1906 ERROR("Internal sanity check 2 failed in cf_section_parse");
1912 * Parse the pair we found, or a default value.
1914 ret = cf_item_parse(cs, variables[i].name, variables[i].type, data, variables[i].dflt);
1916 case 1: /* Used default */
1923 case -1: /* Parse error */
1926 case -2: /* Deprecated CONF ITEM */
1927 if ((variables[i + 1].offset == variables[i].offset) &&
1928 (variables[i + 1].data == variables[i].data)) {
1929 cf_log_err(&(cs->item), "Replace \"%s\" with \"%s\"", variables[i].name,
1930 variables[i + 1].name);
1932 cf_log_err(&(cs->item), "Cannot use deprecated configuration item \"%s\"", variables[i].name);
1936 } /* for all variables in the configuration section */
1939 * Ensure we have a proper terminator, type so we catch
1940 * missing terminators reliably
1942 rad_assert(variables[i].type == -1);
1945 * Warn about items in the configuration which weren't
1946 * checked during parsing.
1948 if (rad_debug_lvl >= 3) cf_section_parse_warn(cs);
1952 cf_log_info(cs, "%.*s}", cs->depth, parse_spaces);
1960 * Check XLAT things in pass 2. But don't cache the xlat stuff anywhere.
1962 int cf_section_parse_pass2(CONF_SECTION *cs, void *base, CONF_PARSER const *variables)
1971 * Handle the known configuration parameters.
1973 for (i = 0; variables[i].name != NULL; i++) {
1978 * Handle subsections specially
1980 if (variables[i].type == PW_TYPE_SUBSECTION) {
1981 CONF_SECTION *subcs;
1982 subcs = cf_section_sub_find(cs, variables[i].name);
1984 if (cf_section_parse_pass2(subcs, (uint8_t *)base + variables[i].offset,
1985 (CONF_PARSER const *) variables[i].dflt) < 0) {
1989 } /* else it's a CONF_PAIR */
1992 * Figure out which data we need to fix.
1994 if (variables[i].data) {
1995 data = variables[i].data; /* prefer this. */
1997 data = ((char *)base) + variables[i].offset;
2002 cp = cf_pair_find(cs, variables[i].name);
2006 if (!cp || !cp->value || !data) continue;
2008 if ((cp->rhs_type != T_DOUBLE_QUOTED_STRING) &&
2009 (cp->rhs_type != T_BARE_WORD)) continue;
2012 * Non-xlat expansions shouldn't have xlat!
2014 if (((variables[i].type & PW_TYPE_XLAT) == 0) &&
2015 ((variables[i].type & PW_TYPE_TMPL) == 0)) {
2017 * Ignore %{... in shared secrets.
2018 * They're never dynamically expanded.
2020 if ((variables[i].type & PW_TYPE_SECRET) != 0) continue;
2022 if (strstr(cp->value, "%{") != NULL) {
2023 WARN("%s[%d]: Found dynamic expansion in string which will not be dynamically expanded",
2024 cp->item.filename ? cp->item.filename : "unknown",
2025 cp->item.lineno ? cp->item.lineno : 0);
2031 * Parse (and throw away) the xlat string.
2033 * FIXME: All of these should be converted from PW_TYPE_XLAT
2036 if ((variables[i].type & PW_TYPE_XLAT) != 0) {
2038 * xlat expansions should be parseable.
2040 value = talloc_strdup(cs, cp->value); /* modified by xlat_tokenize */
2043 slen = xlat_tokenize(cs, value, &xlat, &error);
2045 char *spaces, *text;
2048 fr_canonicalize_error(cs, &spaces, &text, slen, cp->value);
2050 cf_log_err(&cp->item, "Failed parsing expanded string:");
2051 cf_log_err(&cp->item, "%s", text);
2052 cf_log_err(&cp->item, "%s^ %s", spaces, error);
2054 talloc_free(spaces);
2066 * Convert the LITERAL template to the actual
2069 if ((variables[i].type & PW_TYPE_TMPL) != 0) {
2072 slen = tmpl_afrom_str(cs, &vpt, cp->value, talloc_array_length(cp->value) - 1,
2074 REQUEST_CURRENT, PAIR_LIST_REQUEST, true);
2076 error = fr_strerror();
2083 * Don't add default - update with new types.
2085 switch (vpt->type) {
2087 * All attributes should have been defined by this point.
2089 case TMPL_TYPE_ATTR_UNDEFINED:
2090 cf_log_err(&cp->item, "Unknown attribute '%s'", vpt->tmpl_unknown_name);
2093 case TMPL_TYPE_LITERAL:
2094 case TMPL_TYPE_ATTR:
2095 case TMPL_TYPE_LIST:
2096 case TMPL_TYPE_DATA:
2097 case TMPL_TYPE_EXEC:
2098 case TMPL_TYPE_XLAT:
2099 case TMPL_TYPE_XLAT_STRUCT:
2102 case TMPL_TYPE_UNKNOWN:
2103 case TMPL_TYPE_REGEX:
2104 case TMPL_TYPE_REGEX_STRUCT:
2105 case TMPL_TYPE_NULL:
2109 talloc_free(*(vp_tmpl_t **)data);
2110 *(vp_tmpl_t **)data = vpt;
2114 * If the "multi" flag is set, check all of them.
2116 if ((variables[i].type & PW_TYPE_MULTI) != 0) {
2117 cp = cf_pair_find_next(cs, cp, cp->attr);
2120 } /* for all variables in the configuration section */
2126 * Merge the template so everyting else "just works".
2128 static bool cf_template_merge(CONF_SECTION *cs, CONF_SECTION const *template)
2132 if (!cs || !template) return true;
2134 cs->template = NULL;
2137 * Walk over the template, adding its' entries to the
2138 * current section. But only if the entries don't
2139 * already exist in the current section.
2141 for (ci = template->children; ci; ci = ci->next) {
2142 if (ci->type == CONF_ITEM_PAIR) {
2143 CONF_PAIR *cp1, *cp2;
2146 * It exists, don't over-write it.
2148 cp1 = cf_item_to_pair(ci);
2149 if (cf_pair_find(cs, cp1->attr)) {
2154 * Create a new pair with all of the data
2157 cp2 = cf_pair_dup(cs, cp1);
2158 if (!cp2) return false;
2160 cp2->item.filename = cp1->item.filename;
2161 cp2->item.lineno = cp1->item.lineno;
2163 cf_item_add(cs, &(cp2->item));
2167 if (ci->type == CONF_ITEM_SECTION) {
2168 CONF_SECTION *subcs1, *subcs2;
2170 subcs1 = cf_item_to_section(ci);
2171 rad_assert(subcs1 != NULL);
2173 subcs2 = cf_section_sub_find_name2(cs, subcs1->name1, subcs1->name2);
2176 * sub-sections get merged.
2178 if (!cf_template_merge(subcs2, subcs1)) {
2185 * Our section doesn't have a matching
2186 * sub-section. Copy it verbatim from
2189 subcs2 = cf_section_dup(cs, subcs1,
2190 cf_section_name1(subcs1), cf_section_name2(subcs1),
2192 if (!subcs2) return false;
2194 subcs2->item.filename = subcs1->item.filename;
2195 subcs2->item.lineno = subcs1->item.lineno;
2197 cf_item_add(cs, &(subcs2->item));
2201 /* ignore everything else */
2207 static char const *cf_local_file(char const *base, char const *filename,
2208 char *buffer, size_t bufsize)
2213 strlcpy(buffer, base, bufsize);
2215 p = strrchr(buffer, FR_DIR_SEP);
2216 if (!p) return filename;
2217 if (p[1]) { /* ./foo */
2221 dirsize = (p - buffer) + 1;
2223 if ((dirsize + strlen(filename)) >= bufsize) {
2227 strlcpy(p + 1, filename, bufsize - dirsize);
2234 * Read a part of the config file.
2236 static int cf_section_read(char const *filename, int *lineno, FILE *fp,
2237 CONF_SECTION *current)
2240 CONF_SECTION *this, *css;
2249 FR_TOKEN t1 = T_INVALID, t2, t3;
2250 bool has_spaces = false;
2255 this = current; /* add items here */
2258 * Read, checking for line continuations ('\\' at EOL)
2265 * Get data, and remember if we are at EOF.
2267 at_eof = (fgets(cbuf, sizeof(buf) - (cbuf - buf), fp) == NULL);
2271 * We read the entire 8k worth of data: complain.
2272 * Note that we don't care if the last character
2273 * is \n: it's still forbidden. This means that
2274 * the maximum allowed length of text is 8k-1, which
2278 if ((cbuf + len + 1) >= (buf + sizeof(buf))) {
2279 ERROR("%s[%d]: Line too long",
2286 while (isspace((int) *ptr)) ptr++;
2289 memmove(cbuf, ptr, len - (ptr - cbuf));
2290 len -= (ptr - cbuf);
2295 * Not doing continuations: check for edge
2302 while (*ptr && isspace((int) *ptr)) ptr++;
2304 if (!*ptr || (*ptr == '#')) continue;
2306 } else if (at_eof || (len == 0)) {
2307 ERROR("%s[%d]: Continuation at EOF is illegal",
2313 * See if there's a continuation.
2316 ((cbuf[len - 1] == '\n') || (cbuf[len - 1] == '\r'))) {
2321 if ((len > 0) && (cbuf[len - 1] == '\\')) {
2323 * Check for "suppress spaces" magic.
2325 if (!has_spaces && (len > 2) && (cbuf[len - 2] == '"')) {
2329 cbuf[len - 1] = '\0';
2341 * The parser is getting to be evil.
2343 while ((*ptr == ' ') || (*ptr == '\t')) ptr++;
2345 if (((ptr[0] == '%') && (ptr[1] == '{')) ||
2349 if (ptr[0] == '%') {
2350 hack = rad_copy_variable(buf1, ptr);
2352 hack = rad_copy_string(buf1, ptr);
2355 ERROR("%s[%d]: Invalid expansion: %s",
2356 filename, *lineno, ptr);
2362 t2 = gettoken(&ptr, buf2, sizeof(buf2), true);
2369 ERROR("%s[%d]: Invalid expansion: %s",
2370 filename, *lineno, ptr);
2374 t1 = gettoken(&ptr, buf1, sizeof(buf1), true);
2378 * The caller eats "name1 name2 {", and calls us
2379 * for the data inside of the section. So if we
2380 * receive a closing brace, then it must mean the
2381 * end of the section.
2383 if (t1 == T_RCBRACE) {
2384 if (this == current) {
2385 ERROR("%s[%d]: Too many closing braces",
2391 * Merge the template into the existing
2392 * section. This uses more memory, but
2393 * means that templates now work with
2394 * sub-sections, etc.
2396 if (!cf_template_merge(this, this->template)) {
2400 this = this->item.parent;
2401 goto check_for_more;
2404 if (t1 != T_BARE_WORD) goto skip_keywords;
2407 * Allow for $INCLUDE files
2409 * This *SHOULD* work for any level include.
2410 * I really really really hate this file. -cparker
2412 if ((strcasecmp(buf1, "$INCLUDE") == 0) ||
2413 (strcasecmp(buf1, "$-INCLUDE") == 0)) {
2414 bool relative = true;
2416 t2 = getword(&ptr, buf2, sizeof(buf2), true);
2418 ERROR("%s[%d]: Unexpected text after $INCLUDE",
2423 if (buf2[0] == '$') relative = false;
2425 value = cf_expand_variables(filename, lineno, this, buf4, sizeof(buf4), buf2, NULL);
2426 if (!value) return -1;
2428 if (!FR_DIR_IS_RELATIVE(value)) relative = false;
2431 value = cf_local_file(filename, value, buf3,
2434 ERROR("%s[%d]: Directories too deep.",
2441 #ifdef HAVE_DIRENT_H
2445 * Include ALL non-"dot" files in the directory.
2448 if (value[strlen(value) - 1] == '/') {
2451 struct stat stat_buf;
2453 DEBUG2("including files in directory %s", value );
2458 if (stat(value, &stat_buf) < 0) {
2459 ERROR("%s[%d]: Failed reading directory %s: %s",
2461 value, fr_syserror(errno));
2465 if ((stat_buf.st_mode & S_IWOTH) != 0) {
2466 ERROR("%s[%d]: Directory %s is globally writable. Refusing to start due to "
2467 "insecure configuration", filename, *lineno, value);
2471 dir = opendir(value);
2473 ERROR("%s[%d]: Error reading directory %s: %s",
2474 filename, *lineno, value,
2475 fr_syserror(errno));
2480 * Read the directory, ignoring "." files.
2482 while ((dp = readdir(dir)) != NULL) {
2485 if (dp->d_name[0] == '.') continue;
2488 * Check for valid characters
2490 for (p = dp->d_name; *p != '\0'; p++) {
2491 if (isalpha((int)*p) ||
2495 (*p == '.')) continue;
2498 if (*p != '\0') continue;
2500 snprintf(buf2, sizeof(buf2), "%s%s",
2502 if ((stat(buf2, &stat_buf) != 0) ||
2503 S_ISDIR(stat_buf.st_mode)) continue;
2505 * Read the file into the current
2506 * configuration section.
2508 if (cf_file_include(this, buf2) < 0) {
2516 { /* it was a normal file */
2517 if (buf1[1] == '-') {
2518 struct stat statbuf;
2520 if (stat(value, &statbuf) < 0) {
2521 WARN("Not including file %s: %s", value, fr_syserror(errno));
2526 if (cf_file_include(this, value) < 0) {
2531 } /* we were in an include */
2533 if (strcasecmp(buf1, "$template") == 0) {
2535 CONF_SECTION *parentcs, *templatecs;
2536 t2 = getword(&ptr, buf2, sizeof(buf2), true);
2539 ERROR("%s[%d]: Unexpected text after $TEMPLATE", filename, *lineno);
2543 parentcs = cf_top_section(current);
2545 templatecs = cf_section_sub_find(parentcs, "templates");
2547 ERROR("%s[%d]: No \"templates\" section for reference \"%s\"", filename, *lineno, buf2);
2551 ci = cf_reference_item(parentcs, templatecs, buf2);
2552 if (!ci || (ci->type != CONF_ITEM_SECTION)) {
2553 ERROR("%s[%d]: Reference \"%s\" not found", filename, *lineno, buf2);
2558 ERROR("%s[%d]: Internal sanity check error in template reference", filename, *lineno);
2562 if (this->template) {
2563 ERROR("%s[%d]: Section already has a template", filename, *lineno);
2567 this->template = cf_item_to_section(ci);
2572 * Ensure that the user can't add CONF_PAIRs
2573 * with 'internal' names;
2575 if (buf1[0] == '_') {
2576 ERROR("%s[%d]: Illegal configuration pair name \"%s\"", filename, *lineno, buf1);
2581 * Handle if/elsif specially.
2583 if ((strcmp(buf1, "if") == 0) || (strcmp(buf1, "elsif") == 0)) {
2585 char const *error = NULL;
2587 CONF_SECTION *server;
2588 fr_cond_t *cond = NULL;
2591 * if / elsif MUST be inside of a
2592 * processing section, which MUST in turn
2593 * be inside of a "server" directive.
2595 if (!this->item.parent) {
2597 ERROR("%s[%d]: Invalid location for '%s'",
2598 filename, *lineno, buf1);
2603 * Can only have "if" in 3 named sections.
2605 server = this->item.parent;
2607 (strcmp(server->name1, "server") != 0) &&
2608 (strcmp(server->name1, "policy") != 0) &&
2609 (strcmp(server->name1, "instantiate") != 0)) {
2610 server = server->item.parent;
2611 if (!server) goto invalid_location;
2615 * Skip (...) to find the {
2617 slen = fr_condition_tokenize(this, cf_section_to_item(this), ptr, &cond,
2618 &error, FR_COND_TWO_PASS);
2619 memcpy(&p, &ptr, sizeof(p));
2622 if (p[-slen] != '{') goto cond_error;
2628 * This hack is so that the NEXT stage
2629 * doesn't go "too far" in expanding the
2630 * variable. We can parse the conditions
2631 * without expanding the ${...} stuff.
2632 * BUT we don't want to expand all of the
2633 * stuff AFTER the condition. So we do
2636 * The first pass is to discover the end
2637 * of the condition. We then expand THAT
2638 * string, and do a second pass parsing
2639 * the expanded condition.
2645 * If there's a ${...}. If so, expand it.
2647 if (strchr(ptr, '$') != NULL) {
2648 ptr = cf_expand_variables(filename, lineno,
2653 ERROR("%s[%d]: Parse error expanding ${...} in condition",
2657 } /* else leave it alone */
2659 css = cf_section_alloc(this, buf1, ptr);
2661 ERROR("%s[%d]: Failed allocating memory for section",
2665 css->item.filename = filename;
2666 css->item.lineno = *lineno;
2668 slen = fr_condition_tokenize(css, cf_section_to_item(css), ptr, &cond,
2669 &error, FR_COND_TWO_PASS);
2670 *p = '{'; /* put it back */
2674 char *spaces, *text;
2676 fr_canonicalize_error(this, &spaces, &text, slen, ptr);
2678 ERROR("%s[%d]: Parse error in condition",
2680 ERROR("%s[%d]: %s", filename, *lineno, text);
2681 ERROR("%s[%d]: %s^ %s", filename, *lineno, spaces, error);
2683 talloc_free(spaces);
2689 if ((size_t) slen >= (sizeof(buf2) - 1)) {
2691 ERROR("%s[%d]: Condition is too large after \"%s\"",
2692 filename, *lineno, buf1);
2697 * Copy the expanded and parsed condition
2698 * into buf2. Then, parse the text after
2699 * the condition, which now MUST be a '{.
2701 * If it wasn't '{' it would have been
2702 * caught in the first pass of
2703 * conditional parsing, above.
2705 memcpy(buf2, ptr, slen);
2709 if ((t3 = gettoken(&ptr, buf3, sizeof(buf3), true)) != T_LCBRACE) {
2711 ERROR("%s[%d]: Expected '{' %d",
2712 filename, *lineno, t3);
2717 * Swap the condition with trailing stuff for
2718 * the final condition.
2720 memcpy(&p, &css->name2, sizeof(css->name2));
2722 css->name2 = talloc_typed_strdup(css, buf2);
2724 cf_item_add(this, &(css->item));
2725 cf_data_add_internal(css, "if", cond, NULL, false);
2728 * The current section is now the child section.
2732 goto check_for_more;
2737 * Grab the next token.
2739 t2 = gettoken(&ptr, buf2, sizeof(buf2), !cf_new_escape);
2756 case T_OP_CMP_FALSE:
2757 if (!this || (strcmp(this->name1, "update") != 0)) {
2758 ERROR("%s[%d]: Invalid operator in assignment",
2766 while (isspace((int) *ptr)) ptr++;
2769 * New parser: non-quoted strings are
2770 * bare words, and we parse everything
2771 * until the next newline, or the next
2772 * comma. If they have { or } in a bare
2773 * word, well... too bad.
2775 if (cf_new_escape && (*ptr != '"') && (*ptr != '\'')
2776 && (*ptr != '`') && (*ptr != '/')) {
2777 const char *q = ptr;
2780 while (*q && (*q >= ' ') && (*q != ',') &&
2783 if ((size_t) (q - ptr) >= sizeof(buf3)) {
2784 ERROR("%s[%d]: Parse error: value too long",
2789 memcpy(buf3, ptr, (q - ptr));
2790 buf3[q - ptr] = '\0';
2794 t3 = getstring(&ptr, buf3, sizeof(buf3), !cf_new_escape);
2797 if (t3 == T_INVALID) {
2798 ERROR("%s[%d]: Parse error: %s",
2805 * Allow "foo" by itself, or "foo = bar"
2811 case T_DOUBLE_QUOTED_STRING:
2812 case T_BACK_QUOTED_STRING:
2813 value = cf_expand_variables(filename, lineno, this, buf4, sizeof(buf4), buf3, &soft_fail);
2815 if (!soft_fail) return -1;
2818 * References an item which doesn't exist,
2819 * or which is already marked up as being
2820 * expanded in pass2. Wait for pass2 to
2821 * do the expansions.
2839 * Add this CONF_PAIR to our CONF_SECTION
2842 cpn = cf_pair_alloc(this, buf1, value, t2, t1, t3);
2843 if (!cpn) return -1;
2844 cpn->item.filename = filename;
2845 cpn->item.lineno = *lineno;
2847 cf_item_add(this, &(cpn->item));
2850 * Hacks for escaping
2852 if (!cf_new_escape && !this->item.parent && value &&
2853 (strcmp(buf1, "correct_escapes") == 0) &&
2854 ((strcmp(value, "true") == 0) ||
2855 (strcmp(value, "yes") == 0) ||
2856 (strcmp(value, "1") == 0))) {
2857 cf_new_escape = true;
2861 * Require a comma, unless there's a comment.
2863 while (isspace(*ptr)) ptr++;
2872 * foo = bar # other stuff
2874 if ((t3 == T_HASH) || (t3 == T_COMMA) || (t3 == T_EOL) || (*ptr == '#')) continue;
2876 if (!*ptr || (*ptr == '}')) break;
2878 ERROR("%s[%d]: Syntax error: Expected comma after '%s': %s",
2879 filename, *lineno, value, ptr);
2883 * No '=', must be a section or sub-section.
2886 case T_DOUBLE_QUOTED_STRING:
2887 case T_SINGLE_QUOTED_STRING:
2888 t3 = gettoken(&ptr, buf3, sizeof(buf3), true);
2889 if (t3 != T_LCBRACE) {
2890 ERROR("%s[%d]: Expecting section start brace '{' after \"%s %s\"",
2891 filename, *lineno, buf1, buf2);
2897 css = cf_section_alloc(this, buf1,
2898 t2 == T_LCBRACE ? NULL : buf2);
2900 ERROR("%s[%d]: Failed allocating memory for section",
2905 css->item.filename = filename;
2906 css->item.lineno = *lineno;
2907 cf_item_add(this, &(css->item));
2910 * There may not be a name2
2912 css->name2_type = (t2 == T_LCBRACE) ? T_INVALID : t2;
2915 * The current section is now the child section.
2921 ERROR("%s[%d]: Syntax error in '%s': %s", filename, *lineno, ptr, fr_strerror());
2926 ERROR("%s[%d]: Parse error after \"%s\": unexpected token \"%s\"",
2927 filename, *lineno, buf1, fr_int2str(fr_tokens, t2, "<INVALID>"));
2934 * Done parsing one thing. Skip to EOL if possible.
2936 while (isspace(*ptr)) ptr++;
2938 if (*ptr == '#') continue;
2947 * See if EOF was unexpected ..
2949 if (feof(fp) && (this != current)) {
2950 ERROR("%s[%d]: EOF reached without closing brace for section %s starting at line %d",
2951 filename, *lineno, cf_section_name1(this), cf_section_lineno(this));
2959 * Include one config file in another.
2961 static int cf_file_include(CONF_SECTION *cs, char const *filename_in)
2965 char const *filename;
2968 * So we only need to do this once.
2970 filename = talloc_strdup(cs, filename_in);
2972 DEBUG2("including configuration file %s", filename);
2974 fp = cf_file_open(cs, filename);
2977 if (!cs->item.filename) cs->item.filename = filename;
2980 * Read the section. It's OK to have EOF without a
2981 * matching close brace.
2983 if (cf_section_read(filename, &lineno, fp, cs) < 0) {
2994 * Do variable expansion in pass2.
2996 * This is a breadth-first expansion. "deep
2998 static int cf_section_pass2(CONF_SECTION *cs)
3002 for (ci = cs->children; ci; ci = ci->next) {
3007 if (ci->type != CONF_ITEM_PAIR) continue;
3009 cp = cf_item_to_pair(ci);
3010 if (!cp->value || !cp->pass2) continue;
3012 rad_assert((cp->rhs_type == T_BARE_WORD) ||
3013 (cp->rhs_type == T_DOUBLE_QUOTED_STRING) ||
3014 (cp->rhs_type == T_BACK_QUOTED_STRING));
3016 value = cf_expand_variables(ci->filename, &ci->lineno, cs, buffer, sizeof(buffer), cp->value, NULL);
3017 if (!value) return -1;
3019 rad_const_free(cp->value);
3020 cp->value = talloc_typed_strdup(cp, value);
3023 for (ci = cs->children; ci; ci = ci->next) {
3024 if (ci->type != CONF_ITEM_SECTION) continue;
3026 if (cf_section_pass2(cf_item_to_section(ci)) < 0) return -1;
3034 * Bootstrap a config file.
3036 int cf_file_read(CONF_SECTION *cs, char const *filename)
3042 cp = cf_pair_alloc(cs, "confdir", filename, T_OP_SET, T_BARE_WORD, T_SINGLE_QUOTED_STRING);
3045 p = strrchr(cp->value, FR_DIR_SEP);
3048 cp->item.filename = "<internal>";
3049 cp->item.lineno = -1;
3050 cf_item_add(cs, &(cp->item));
3052 tree = rbtree_create(cs, filename_cmp, NULL, 0);
3053 if (!tree) return -1;
3055 cf_data_add_internal(cs, "filename", tree, NULL, 0);
3057 if (cf_file_include(cs, filename) < 0) return -1;
3060 * Now that we've read the file, go back through it and
3061 * expand the variables.
3063 if (cf_section_pass2(cs) < 0) return -1;
3069 void cf_file_free(CONF_SECTION *cs)
3076 * Return a CONF_PAIR within a CONF_SECTION.
3078 CONF_PAIR *cf_pair_find(CONF_SECTION const *cs, char const *name)
3080 CONF_PAIR *cp, mycp;
3082 if (!cs || !name) return NULL;
3085 cp = rbtree_finddata(cs->pair_tree, &mycp);
3088 if (!cs->template) return NULL;
3090 return rbtree_finddata(cs->template->pair_tree, &mycp);
3094 * Return the attr of a CONF_PAIR
3097 char const *cf_pair_attr(CONF_PAIR const *pair)
3099 return (pair ? pair->attr : NULL);
3103 * Return the value of a CONF_PAIR
3106 char const *cf_pair_value(CONF_PAIR const *pair)
3108 return (pair ? pair->value : NULL);
3111 FR_TOKEN cf_pair_operator(CONF_PAIR const *pair)
3113 return (pair ? pair->op : T_INVALID);
3116 /** Return the value (lhs) type
3118 * @param pair to extract value type from.
3119 * @return one of T_BARE_WORD, T_SINGLE_QUOTED_STRING, T_BACK_QUOTED_STRING
3120 * T_DOUBLE_QUOTED_STRING or T_INVALID if the pair is NULL.
3122 FR_TOKEN cf_pair_attr_type(CONF_PAIR const *pair)
3124 return (pair ? pair->lhs_type : T_INVALID);
3127 /** Return the value (rhs) type
3129 * @param pair to extract value type from.
3130 * @return one of T_BARE_WORD, T_SINGLE_QUOTED_STRING, T_BACK_QUOTED_STRING
3131 * T_DOUBLE_QUOTED_STRING or T_INVALID if the pair is NULL.
3133 FR_TOKEN cf_pair_value_type(CONF_PAIR const *pair)
3135 return (pair ? pair->rhs_type : T_INVALID);
3139 * Turn a CONF_PAIR into a VALUE_PAIR
3140 * For now, ignore the "value_type" field...
3142 VALUE_PAIR *cf_pairtovp(CONF_PAIR *pair)
3145 fr_strerror_printf("Internal error");
3150 fr_strerror_printf("No value given for attribute %s", pair->attr);
3155 * false comparisons never match. BUT if it's a "string"
3156 * or `string`, then remember to expand it later.
3158 if ((pair->op != T_OP_CMP_FALSE) &&
3159 ((pair->rhs_type == T_DOUBLE_QUOTED_STRING) ||
3160 (pair->rhs_type == T_BACK_QUOTED_STRING))) {
3163 vp = fr_pair_make(pair, NULL, pair->attr, NULL, pair->op);
3168 if (fr_pair_mark_xlat(vp, pair->value) < 0) {
3177 return fr_pair_make(pair, NULL, pair->attr, pair->value, pair->op);
3181 * Return the first label of a CONF_SECTION
3184 char const *cf_section_name1(CONF_SECTION const *cs)
3186 return (cs ? cs->name1 : NULL);
3190 * Return the second label of a CONF_SECTION
3193 char const *cf_section_name2(CONF_SECTION const *cs)
3195 return (cs ? cs->name2 : NULL);
3198 /** Return name2 if set, else name1
3201 char const *cf_section_name(CONF_SECTION const *cs)
3205 name = cf_section_name2(cs);
3206 if (name) return name;
3208 return cf_section_name1(cs);
3212 * Find a value in a CONF_SECTION
3214 char const *cf_section_value_find(CONF_SECTION const *cs, char const *attr)
3218 cp = cf_pair_find(cs, attr);
3220 return (cp ? cp->value : NULL);
3224 CONF_SECTION *cf_section_find_name2(CONF_SECTION const *cs,
3225 char const *name1, char const *name2)
3228 CONF_ITEM const *ci;
3230 if (!cs || !name1) return NULL;
3232 for (ci = &(cs->item); ci; ci = ci->next) {
3233 if (ci->type != CONF_ITEM_SECTION)
3236 if (strcmp(cf_item_to_section(ci)->name1, name1) != 0) {
3240 their2 = cf_item_to_section(ci)->name2;
3242 if ((!name2 && !their2) ||
3243 (name2 && their2 && (strcmp(name2, their2) == 0))) {
3244 return cf_item_to_section(ci);
3251 /** Find a pair with a name matching attr, after specified pair.
3253 * @param cs to search in.
3254 * @param pair to search from (may be NULL).
3255 * @param attr to find (may be NULL in which case any attribute matches).
3256 * @return the next matching CONF_PAIR or NULL if none matched.
3258 CONF_PAIR *cf_pair_find_next(CONF_SECTION const *cs,
3259 CONF_PAIR const *pair, char const *attr)
3263 if (!cs) return NULL;
3266 * If pair is NULL and we're trying to find a specific
3267 * attribute this must be a first time run.
3269 * Find the pair with correct name.
3271 if (!pair && attr) return cf_pair_find(cs, attr);
3274 * Start searching from the next child, or from the head
3275 * of the list of children (if no pair was provided).
3277 for (ci = pair ? pair->item.next : cs->children;
3280 if (ci->type != CONF_ITEM_PAIR) continue;
3282 if (!attr || strcmp(cf_item_to_pair(ci)->attr, attr) == 0) break;
3285 return cf_item_to_pair(ci);
3289 * Find a CONF_SECTION, or return the root if name is NULL
3292 CONF_SECTION *cf_section_find(char const *name)
3295 return cf_section_sub_find(root_config, name);
3300 /** Find a sub-section in a section
3302 * This finds ANY section having the same first name.
3303 * The second name is ignored.
3305 CONF_SECTION *cf_section_sub_find(CONF_SECTION const *cs, char const *name)
3309 if (!cs || !name) return NULL; /* can't find an un-named section */
3312 * No sub-sections have been defined, so none exist.
3314 if (!cs->section_tree) return NULL;
3318 return rbtree_finddata(cs->section_tree, &mycs);
3322 /** Find a CONF_SECTION with both names.
3325 CONF_SECTION *cf_section_sub_find_name2(CONF_SECTION const *cs,
3326 char const *name1, char const *name2)
3330 if (!cs) cs = root_config;
3331 if (!cs) return NULL;
3334 CONF_SECTION mycs, *master_cs;
3336 if (!cs->section_tree) return NULL;
3341 master_cs = rbtree_finddata(cs->section_tree, &mycs);
3342 if (!master_cs) return NULL;
3345 * Look it up in the name2 tree. If it's there,
3348 if (master_cs->name2_tree) {
3349 CONF_SECTION *subcs;
3351 subcs = rbtree_finddata(master_cs->name2_tree, &mycs);
3352 if (subcs) return subcs;
3356 * We don't insert ourselves into the name2 tree.
3357 * So if there's nothing in the name2 tree, maybe
3358 * *we* are the answer.
3360 if (!master_cs->name2 && name2) return NULL;
3361 if (master_cs->name2 && !name2) return NULL;
3362 if (!master_cs->name2 && !name2) return master_cs;
3364 if (strcmp(master_cs->name2, name2) == 0) {
3372 * Else do it the old-fashioned way.
3374 for (ci = cs->children; ci; ci = ci->next) {
3375 CONF_SECTION *subcs;
3377 if (ci->type != CONF_ITEM_SECTION)
3380 subcs = cf_item_to_section(ci);
3381 if (!subcs->name2) {
3382 if (strcmp(subcs->name1, name2) == 0) break;
3384 if (strcmp(subcs->name2, name2) == 0) break;
3388 return cf_item_to_section(ci);
3392 * Return the next subsection after a CONF_SECTION
3393 * with a certain name1 (char *name1). If the requested
3394 * name1 is NULL, any name1 matches.
3397 CONF_SECTION *cf_subsection_find_next(CONF_SECTION const *section,
3398 CONF_SECTION const *subsection,
3403 if (!section) return NULL;
3406 * If subsection is NULL this must be a first time run
3407 * Find the subsection with correct name
3411 ci = section->children;
3413 ci = subsection->item.next;
3416 for (; ci; ci = ci->next) {
3417 if (ci->type != CONF_ITEM_SECTION)
3419 if ((name1 == NULL) ||
3420 (strcmp(cf_item_to_section(ci)->name1, name1) == 0))
3424 return cf_item_to_section(ci);
3429 * Return the next section after a CONF_SECTION
3430 * with a certain name1 (char *name1). If the requested
3431 * name1 is NULL, any name1 matches.
3434 CONF_SECTION *cf_section_find_next(CONF_SECTION const *section,
3435 CONF_SECTION const *subsection,
3438 if (!section) return NULL;
3440 if (!section->item.parent) return NULL;
3442 return cf_subsection_find_next(section->item.parent, subsection, name1);
3445 /** Return the next item after a CONF_ITEM.
3448 CONF_ITEM *cf_item_find_next(CONF_SECTION const *section, CONF_ITEM const *item)
3450 if (!section) return NULL;
3453 * If item is NULL this must be a first time run
3454 * Return the first item
3457 return section->children;
3463 static void _pair_count(int *count, CONF_SECTION const *cs)
3465 CONF_ITEM const *ci;
3467 for (ci = cf_item_find_next(cs, NULL);
3469 ci = cf_item_find_next(cs, ci)) {
3471 if (cf_item_is_section(ci)) {
3472 _pair_count(count, cf_item_to_section(ci));
3480 /** Count the number of conf pairs beneath a section
3482 * @param[in] cs to search for items in.
3483 * @return number of pairs nested within section.
3485 int cf_pair_count(CONF_SECTION const *cs)
3489 _pair_count(&count, cs);
3494 CONF_SECTION *cf_item_parent(CONF_ITEM const *ci)
3496 if (!ci) return NULL;
3501 int cf_section_lineno(CONF_SECTION const *section)
3503 return section->item.lineno;
3506 char const *cf_pair_filename(CONF_PAIR const *pair)
3508 return pair->item.filename;
3511 char const *cf_section_filename(CONF_SECTION const *section)
3513 return section->item.filename;
3516 int cf_pair_lineno(CONF_PAIR const *pair)
3518 return pair->item.lineno;
3521 bool cf_item_is_section(CONF_ITEM const *item)
3523 return item->type == CONF_ITEM_SECTION;
3526 bool cf_item_is_pair(CONF_ITEM const *item)
3528 return item->type == CONF_ITEM_PAIR;
3532 static CONF_DATA *cf_data_alloc(CONF_SECTION *parent, char const *name,
3533 void *data, void (*data_free)(void *))
3537 cd = talloc_zero(parent, CONF_DATA);
3538 if (!cd) return NULL;
3540 cd->item.type = CONF_ITEM_DATA;
3541 cd->item.parent = parent;
3542 cd->name = talloc_typed_strdup(cd, name);
3549 cd->free = data_free;
3552 talloc_set_destructor(cd, _cf_data_free);
3558 static void *cf_data_find_internal(CONF_SECTION const *cs, char const *name, int flag)
3560 if (!cs || !name) return NULL;
3563 * Find the name in the tree, for speed.
3565 if (cs->data_tree) {
3570 return rbtree_finddata(cs->data_tree, &mycd);
3577 * Find data from a particular section.
3579 void *cf_data_find(CONF_SECTION const *cs, char const *name)
3581 CONF_DATA *cd = cf_data_find_internal(cs, name, 0);
3583 if (cd) return cd->data;
3589 * Add named data to a configuration section.
3591 static int cf_data_add_internal(CONF_SECTION *cs, char const *name,
3592 void *data, void (*data_free)(void *),
3597 if (!cs || !name) return -1;
3600 * Already exists. Can't add it.
3602 if (cf_data_find_internal(cs, name, flag) != NULL) return -1;
3604 cd = cf_data_alloc(cs, name, data, data_free);
3608 cf_item_add(cs, cf_data_to_item(cd));
3614 * Add named data to a configuration section.
3616 int cf_data_add(CONF_SECTION *cs, char const *name,
3617 void *data, void (*data_free)(void *))
3619 return cf_data_add_internal(cs, name, data, data_free, 0);
3622 /** Remove named data from a configuration section
3625 void *cf_data_remove(CONF_SECTION *cs, char const *name)
3632 if (!cs || !name) return NULL;
3633 if (!cs->data_tree) return NULL;
3636 * Find the name in the tree, for speed.
3640 cd = rbtree_finddata(cs->data_tree, &mycd);
3641 if (!cd) return NULL;
3643 ci = cf_data_to_item(cd);
3644 if (cs->children == ci) {
3645 cs->children = ci->next;
3646 if (cs->tail == ci) cs->tail = NULL;
3648 for (it = cs->children; it; it = it->next) {
3649 if (it->next == ci) {
3650 it->next = ci->next;
3651 if (cs->tail == ci) cs->tail = it;
3657 talloc_set_destructor(cd, NULL); /* Disarm the destructor */
3658 rbtree_deletebydata(cs->data_tree, &mycd);
3667 * This is here to make the rest of the code easier to read. It
3668 * ties conffile.c to log.c, but it means we don't have to
3669 * pollute every other function with the knowledge of the
3670 * configuration internals.
3672 void cf_log_err(CONF_ITEM const *ci, char const *fmt, ...)
3678 vsnprintf(buffer, sizeof(buffer), fmt, ap);
3683 ci->filename ? ci->filename : "unknown",
3684 ci->lineno ? ci->lineno : 0,
3687 ERROR("<unknown>[*]: %s", buffer);
3691 void cf_log_err_cs(CONF_SECTION const *cs, char const *fmt, ...)
3697 vsnprintf(buffer, sizeof(buffer), fmt, ap);
3700 rad_assert(cs != NULL);
3703 cs->item.filename ? cs->item.filename : "unknown",
3704 cs->item.lineno ? cs->item.lineno : 0,
3708 void cf_log_err_cp(CONF_PAIR const *cp, char const *fmt, ...)
3714 vsnprintf(buffer, sizeof(buffer), fmt, ap);
3717 rad_assert(cp != NULL);
3720 cp->item.filename ? cp->item.filename : "unknown",
3721 cp->item.lineno ? cp->item.lineno : 0,
3725 void cf_log_info(CONF_SECTION const *cs, char const *fmt, ...)
3730 if ((rad_debug_lvl > 1) && cs) vradlog(L_DBG, fmt, ap);
3735 * Wrapper to simplify the code.
3737 void cf_log_module(CONF_SECTION const *cs, char const *fmt, ...)
3743 if (rad_debug_lvl > 1 && cs) {
3744 vsnprintf(buffer, sizeof(buffer), fmt, ap);
3746 DEBUG("%.*s# %s", cs->depth, parse_spaces, buffer);
3751 const CONF_PARSER *cf_section_parse_table(CONF_SECTION *cs)
3753 if (!cs) return NULL;
3755 return cs->variables;
3759 * For "switch" and "case" statements.
3761 FR_TOKEN cf_section_name2_type(CONF_SECTION const *cs)
3763 if (!cs) return T_INVALID;
3765 return cs->name2_type;