2 * conffile.c Read the radiusd.conf file.
4 * Yep I should learn to use lex & yacc, or at least
5 * write a decent parser. I know how to do that, really :)
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License as published by
12 * the Free Software Foundation; either version 2 of the License, or
13 * (at your option) any later version.
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 * GNU General Public License for more details.
20 * You should have received a copy of the GNU General Public License
21 * along with this program; if not, write to the Free Software
22 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
24 * Copyright 2000,2006 The FreeRADIUS server project
25 * Copyright 2000 Miquel van Smoorenburg <miquels@cistron.nl>
26 * Copyright 2000 Alan DeKok <aland@ox.org>
29 #include <freeradius-devel/ident.h>
32 #include <freeradius-devel/radiusd.h>
33 #include <freeradius-devel/rad_assert.h>
39 #ifdef HAVE_SYS_STAT_H
45 typedef enum conf_type {
46 CONF_ITEM_INVALID = 0,
53 struct conf_item *next;
54 struct conf_part *parent;
70 struct conf_item *children;
71 struct conf_item *tail; /* for speed */
72 CONF_SECTION *template;
73 rbtree_t *pair_tree; /* and a partridge.. */
74 rbtree_t *section_tree; /* no jokes here */
75 rbtree_t *name2_tree; /* for sections of the same name2 */
79 const CONF_PARSER *variables;
84 * Internal data that is associated with a configuration section,
85 * so that we don't have to track it separately.
91 void *data; /* user data */
92 void (*free)(void *); /* free user data function */
96 static int cf_data_add_internal(CONF_SECTION *cs, const char *name,
97 void *data, void (*data_free)(void *),
99 static void *cf_data_find_internal(CONF_SECTION *cs, const char *name,
102 int cf_log_config = 1;
103 int cf_log_modules = 1;
106 * Isolate the scary casts in these tiny provably-safe functions
108 CONF_PAIR *cf_itemtopair(CONF_ITEM *ci)
112 rad_assert(ci->type == CONF_ITEM_PAIR);
113 return (CONF_PAIR *)ci;
115 CONF_SECTION *cf_itemtosection(CONF_ITEM *ci)
119 rad_assert(ci->type == CONF_ITEM_SECTION);
120 return (CONF_SECTION *)ci;
122 CONF_ITEM *cf_pairtoitem(CONF_PAIR *cp)
126 return (CONF_ITEM *)cp;
128 CONF_ITEM *cf_sectiontoitem(CONF_SECTION *cs)
132 return (CONF_ITEM *)cs;
135 static CONF_DATA *cf_itemtodata(CONF_ITEM *ci)
139 rad_assert(ci->type == CONF_ITEM_DATA);
140 return (CONF_DATA *)ci;
142 static CONF_ITEM *cf_datatoitem(CONF_DATA *cd)
146 return (CONF_ITEM *)cd;
150 * Create a new CONF_PAIR
152 static CONF_PAIR *cf_pair_alloc(const char *attr, const char *value,
153 FR_TOKEN operator, FR_TOKEN value_type,
154 CONF_SECTION *parent)
157 size_t attr_len, value_len = 0;
160 if (!attr) return NULL;
161 attr_len = strlen(attr) + 1;
162 if (value) value_len = strlen(value) + 1;
164 p = rad_malloc(sizeof(*cp) + attr_len + value_len);
166 cp = (CONF_PAIR *) p;
167 memset(cp, 0, sizeof(*cp));
168 cp->item.type = CONF_ITEM_PAIR;
169 cp->item.parent = parent;
172 memcpy(p, attr, attr_len);
177 memcpy(p, value, value_len);
180 cp->value_type = value_type;
181 cp->operator = operator;
189 void cf_pair_free(CONF_PAIR **cp)
191 if (!cp || !*cp) return;
194 * attr && value are allocated contiguous with cp.
198 memset(*cp, 0, sizeof(*cp));
206 static void cf_data_free(CONF_DATA **cd)
208 if (!cd || !*cd) return;
210 /* name is allocated contiguous with cd */
214 ((*cd)->free)((*cd)->data);
217 memset(*cd, 0, sizeof(*cd));
224 * rbtree callback function
226 static int pair_cmp(const void *a, const void *b)
228 const CONF_PAIR *one = a;
229 const CONF_PAIR *two = b;
231 return strcmp(one->attr, two->attr);
236 * rbtree callback function
238 static int section_cmp(const void *a, const void *b)
240 const CONF_SECTION *one = a;
241 const CONF_SECTION *two = b;
243 return strcmp(one->name1, two->name1);
248 * rbtree callback function
250 static int name2_cmp(const void *a, const void *b)
252 const CONF_SECTION *one = a;
253 const CONF_SECTION *two = b;
255 rad_assert(strcmp(one->name1, two->name1) == 0);
257 if (!one->name2 && !two->name2) return 0;
258 if (!one->name2) return -1;
259 if (!two->name2) return +1;
261 return strcmp(one->name2, two->name2);
266 * rbtree callback function
268 static int data_cmp(const void *a, const void *b)
272 const CONF_DATA *one = a;
273 const CONF_DATA *two = b;
275 rcode = one->flag - two->flag;
276 if (rcode != 0) return rcode;
278 return strcmp(one->name, two->name);
283 * Free strings we've parsed into data structures.
285 void cf_section_parse_free(CONF_SECTION *cs, void *base)
288 const CONF_PARSER *variables = cs->variables;
291 * Don't automatically free the strings if we're being
292 * called from a module. This is also for clients.c,
293 * where client_free() expects to be able to free the
294 * client structure. If we moved everything to key off
295 * of the config files, we might solve some problems...
297 if (!variables) return;
300 * Free up dynamically allocated string pointers.
302 for (i = 0; variables[i].name != NULL; i++) {
305 if ((variables[i].type != PW_TYPE_STRING_PTR) &&
306 (variables[i].type != PW_TYPE_FILENAME)) {
311 * No base struct offset, data must be the pointer.
312 * If data doesn't exist, ignore the entry, there
313 * must be something wrong.
316 if (!variables[i].data) {
320 p = (char **) variables[i].data;;
322 } else if (variables[i].data) {
323 p = (char **) variables[i].data;;
326 p = (char **) (((char *)base) + variables[i].offset);
336 * Free a CONF_SECTION
338 void cf_section_free(CONF_SECTION **cs)
340 CONF_ITEM *ci, *next;
342 if (!cs || !*cs) return;
344 cf_section_parse_free(*cs, (*cs)->base);
346 for (ci = (*cs)->children; ci; ci = next) {
350 case CONF_ITEM_PAIR: {
351 CONF_PAIR *pair = cf_itemtopair(ci);
356 case CONF_ITEM_SECTION: {
357 CONF_SECTION *section = cf_itemtosection(ci);
358 cf_section_free(§ion);
362 case CONF_ITEM_DATA: {
363 CONF_DATA *data = cf_itemtodata(ci);
368 default: /* should really be an error. */
374 * Name1 and name2 are allocated contiguous with
377 if ((*cs)->pair_tree)
378 rbtree_free((*cs)->pair_tree);
379 if ((*cs)->section_tree)
380 rbtree_free((*cs)->section_tree);
381 if ((*cs)->name2_tree)
382 rbtree_free((*cs)->name2_tree);
383 if ((*cs)->data_tree)
384 rbtree_free((*cs)->data_tree);
387 * And free the section
390 memset(*cs, 0, sizeof(*cs));
399 * Allocate a CONF_SECTION
401 static CONF_SECTION *cf_section_alloc(const char *name1, const char *name2,
402 CONF_SECTION *parent)
404 size_t name1_len, name2_len = 0;
408 if (!name1) return NULL;
410 name1_len = strlen(name1) + 1;
411 if (name2) name2_len = strlen(name2) + 1;
413 p = rad_malloc(sizeof(*cs) + name1_len + name2_len);
415 cs = (CONF_SECTION *) p;
416 memset(cs, 0, sizeof(*cs));
417 cs->item.type = CONF_ITEM_SECTION;
418 cs->item.parent = parent;
421 memcpy(p, name1, name1_len);
424 if (name2 && *name2) {
426 memcpy(p, name2, name2_len);
430 cs->pair_tree = rbtree_create(pair_cmp, NULL, 0);
431 if (!cs->pair_tree) {
432 cf_section_free(&cs);
437 * Don't create a data tree, it may not be needed.
441 * Don't create the section tree here, it may not
445 if (parent) cs->depth = parent->depth + 1;
452 * Add an item to a configuration section.
454 static void cf_item_add(CONF_SECTION *cs, CONF_ITEM *ci)
457 rad_assert(cs->tail == NULL);
460 rad_assert(cs->tail != NULL);
465 * Update the trees (and tail) for each item added.
467 for (/* nothing */; ci != NULL; ci = ci->next) {
471 * For fast lookups, pair's and sections get
476 rbtree_insert(cs->pair_tree, ci);
479 case CONF_ITEM_SECTION: {
480 CONF_SECTION *cs_new = cf_itemtosection(ci);
482 if (!cs->section_tree) {
483 cs->section_tree = rbtree_create(section_cmp, NULL, 0);
484 /* ignore any errors */
487 if (cs->section_tree) {
488 rbtree_insert(cs->section_tree, cs_new); }
491 * Two names: find the named instance.
494 CONF_SECTION *old_cs;
498 * CONF_SECTION having
499 * the given name1, and
503 old_cs = rbtree_finddata(cs->section_tree, cs_new);
504 if (!old_cs) return; /* this is a bad error! */
506 if (!old_cs->name2_tree) {
507 old_cs->name2_tree = rbtree_create(name2_cmp,
510 if (old_cs->name2_tree) {
511 rbtree_insert(old_cs->name2_tree, cs_new);
515 } /* was a section */
518 if (!cs->data_tree) {
519 cs->data_tree = rbtree_create(data_cmp, NULL, 0);
522 rbtree_insert(cs->data_tree, ci);
526 default: /* FIXME: assert & error! */
529 } /* switch over conf types */
534 CONF_ITEM *cf_reference_item(const CONF_SECTION *parentcs,
535 CONF_SECTION *outercs,
540 const CONF_SECTION *cs = outercs;
544 strlcpy(name, ptr, sizeof(name));
548 * ".foo" means "foo from the current section"
554 * ..foo means "foo from the section
555 * enclosing this section" (etc.)
559 cs = cs->item.parent;
564 * "foo.bar.baz" means "from the root"
566 } else if (strchr(p, '.') != NULL) {
577 if (r && q > r) q = NULL;
578 if (q && q < r) r = NULL;
584 q = strchr(r + 1, ']');
585 if (!q) return NULL; /* parse error */
588 * Points to foo[bar]xx: parse error,
589 * it should be foo[bar] or foo[bar].baz
591 if (q[1] && q[1] != '.') goto no_such_item;
595 next = cf_section_sub_find_name2(cs, p, r + 1);
600 * Points to a named instance of a section.
603 if (!next) goto no_such_item;
604 return cf_sectiontoitem(next);
607 q++; /* ensure we skip the ']' and '.' */
611 next = cf_section_sub_find(cs, p);
615 if (!next) break; /* it MAY be a pair in this section! */
621 if (!*p) goto no_such_item;
625 * Find it in the current referenced
628 cp = cf_pair_find(cs, p);
629 if (cp) return cf_pairtoitem(cp);
631 next = cf_section_sub_find(cs, p);
632 if (next) return cf_sectiontoitem(next);
635 * "foo" is "in the current section, OR in main".
637 if ((p == name) && (cs != parentcs)) {
643 DEBUG2("WARNING: No such configuration item %s", ptr);
648 CONF_SECTION *cf_top_section(CONF_SECTION *cs)
650 while (cs->item.parent != NULL) {
651 cs = cs->item.parent;
659 * Expand the variables in an input string.
661 static const char *cf_expand_variables(const char *cf, int *lineno,
662 CONF_SECTION *outercs,
663 char *output, const char *input)
666 const char *end, *ptr;
667 const CONF_SECTION *parentcs;
671 * Find the master parent conf section.
672 * We can't use mainconfig.config, because we're in the
673 * process of re-building it, and it isn't set up yet...
675 parentcs = cf_top_section(outercs);
681 * Ignore anything other than "${"
683 if ((*ptr == '$') && (ptr[1] == '{')) {
688 * FIXME: Add support for ${foo:-bar},
693 * Look for trailing '}', and log a
694 * warning for anything that doesn't match,
695 * and exit with a fatal error.
697 end = strchr(ptr, '}');
700 radlog(L_INFO, "%s[%d]: Variable expansion missing }",
708 * Can't really happen because input lines are
709 * capped at 8k, which is sizeof(name)
711 if ((size_t) (end - ptr) >= sizeof(name)) {
712 radlog(L_ERR, "%s[%d]: Reference string is too large",
717 memcpy(name, ptr, end - ptr);
718 name[end - ptr] = '\0';
720 ci = cf_reference_item(parentcs, outercs, name);
721 if (!ci || (ci->type != CONF_ITEM_PAIR)) {
722 radlog(L_ERR, "%s[%d]: Reference \"%s\" not found",
728 * Substitute the value of the variable.
730 cp = cf_itemtopair(ci);
731 strcpy(p, cp->value);
735 } else if (memcmp(ptr, "$ENV{", 5) == 0) {
741 * Look for trailing '}', and log a
742 * warning for anything that doesn't match,
743 * and exit with a fatal error.
745 end = strchr(ptr, '}');
748 radlog(L_INFO, "%s[%d]: Environment variable expansion missing }",
754 * Can't really happen because input lines are
755 * capped at 8k, which is sizeof(name)
757 if ((size_t) (end - ptr) >= sizeof(name)) {
758 radlog(L_ERR, "%s[%d]: Environment variable name is too large",
763 memcpy(name, ptr, end - ptr);
764 name[end - ptr] = '\0';
767 * Get the environment variable.
768 * If none exists, then make it an empty string.
782 * Copy it over verbatim.
786 } /* loop over all of the input string. */
795 * Parses an item (not a CONF_ITEM) into the specified format,
796 * with a default value.
798 * Returns -1 on error, 0 for correctly parsed, and 1 if the
799 * default value was used. Note that the default value will be
800 * used ONLY if the CONF_PAIR is NULL.
802 int cf_item_parse(CONF_SECTION *cs, const char *name,
803 int type, void *data, const char *dflt)
812 cp = cf_pair_find(cs, name);
817 return 1; /* nothing to parse, return default value */
829 case PW_TYPE_BOOLEAN:
831 * Allow yes/no and on/off
833 if ((strcasecmp(value, "yes") == 0) ||
834 (strcasecmp(value, "on") == 0)) {
836 } else if ((strcasecmp(value, "no") == 0) ||
837 (strcasecmp(value, "off") == 0)) {
841 radlog(L_ERR, "Bad value \"%s\" for boolean variable %s", value, name);
844 cf_log_info(cs, "\t%s = %s", name, value);
847 case PW_TYPE_INTEGER:
848 *(int *)data = strtol(value, 0, 0);
849 cf_log_info(cs, "\t%s = %d", name, *(int *)data);
852 case PW_TYPE_STRING_PTR:
859 * Expand variables which haven't already been
860 * expanded automagically when the configuration
866 int lineno = cs->item.lineno;
869 * FIXME: sizeof(buffer)?
871 value = cf_expand_variables("?",
874 if (!value) return -1;
877 cf_log_info(cs, "\t%s = \"%s\"", name, value ? value : "(null)");
878 *q = value ? strdup(value) : NULL;
882 * This is the same as PW_TYPE_STRING_PTR,
883 * except that we also "stat" the file, and
886 case PW_TYPE_FILENAME:
893 * Expand variables which haven't already been
894 * expanded automagically when the configuration
900 int lineno = cs->item.lineno;
903 * FIXME: sizeof(buffer)?
905 value = cf_expand_variables("?",
908 if (!value) return -1;
911 cf_log_info(cs, "\t%s = \"%s\"", name, value ? value : "(null)");
912 *q = value ? strdup(value) : NULL;
915 * And now we "stat" the file.
917 * FIXME: This appears to leak memory on exit,
918 * and we don't use this information. So it's
919 * commented out for now.
924 if (stat(*q, &buf) == 0) {
927 mtime = rad_malloc(sizeof(*mtime));
928 *mtime = buf.st_mtime;
930 cf_data_add_internal(cs, *q, mtime, free,
938 * Allow '*' as any address
940 if (strcmp(value, "*") == 0) {
941 *(uint32_t *) data = htonl(INADDR_ANY);
942 cf_log_info(cs, "\t%s = *", name);
945 if (ip_hton(value, AF_INET, &ipaddr) < 0) {
946 radlog(L_ERR, "Can't find IP address for host %s", value);
950 if (strspn(value, "0123456789.") == strlen(value)) {
951 cf_log_info(cs, "\t%s = %s", name, value);
953 cf_log_info(cs, "\t%s = %s IP address [%s]", name, value,
954 ip_ntoh(&ipaddr, ipbuf, sizeof(ipbuf)));
956 *(uint32_t *) data = ipaddr.ipaddr.ip4addr.s_addr;
959 case PW_TYPE_IPV6ADDR:
960 if (ip_hton(value, AF_INET6, &ipaddr) < 0) {
961 radlog(L_ERR, "Can't find IPv6 address for host %s", value);
964 cf_log_info(cs, "\t%s = %s IPv6 address [%s]", name, value,
965 ip_ntoh(&ipaddr, ipbuf, sizeof(ipbuf)));
966 memcpy(data, &ipaddr.ipaddr.ip6addr,
967 sizeof(ipaddr.ipaddr.ip6addr));
971 radlog(L_ERR, "type %d not supported yet", type);
974 } /* switch over variable type */
979 static const char *parse_spaces = " ";
982 * Parse a configuration section into user-supplied variables.
984 int cf_section_parse(CONF_SECTION *cs, void *base,
985 const CONF_PARSER *variables)
990 cs->variables = variables; /* this doesn't hurt anything */
993 cf_log_info(cs, "%.*s%s {", cs->depth, parse_spaces,
996 cf_log_info(cs, "%.*s%s %s {", cs->depth, parse_spaces,
997 cs->name1, cs->name2);
1001 * Handle the known configuration parameters.
1003 for (i = 0; variables[i].name != NULL; i++) {
1005 * Handle subsections specially
1007 if (variables[i].type == PW_TYPE_SUBSECTION) {
1008 CONF_SECTION *subcs;
1009 subcs = cf_section_sub_find(cs, variables[i].name);
1012 * If the configuration section is NOT there,
1015 * FIXME! This is probably wrong... we should
1016 * probably set the items to their default values.
1018 if (!subcs) continue;
1020 if (!variables[i].dflt) {
1021 DEBUG2("Internal sanity check 1 failed in cf_section_parse");
1025 if (cf_section_parse(subcs, base,
1026 (const CONF_PARSER *) variables[i].dflt) < 0) {
1030 } /* else it's a CONF_PAIR */
1032 if (variables[i].data) {
1033 data = variables[i].data; /* prefer this. */
1035 data = ((char *)base) + variables[i].offset;
1037 DEBUG2("Internal sanity check 2 failed in cf_section_parse");
1042 * Parse the pair we found, or a default value.
1044 if (cf_item_parse(cs, variables[i].name, variables[i].type,
1045 data, variables[i].dflt) < 0) {
1048 } /* for all variables in the configuration section */
1050 cf_log_info(cs, "%.*s}", cs->depth, parse_spaces);
1057 cf_log_info(cs, "%.*s}", cs->depth, parse_spaces);
1058 cf_section_parse_free(cs, base);
1064 * Sanity check the "if" or "elsif", presuming that the first '('
1065 * has already been eaten.
1067 * We're not really parsing it here, just checking if it's mostly
1070 static int condition_looks_ok(const char **ptr)
1074 const char *p = *ptr;
1086 return 0; /* no trailing slash */
1098 return 0; /* no trailing slash */
1109 if (num_braces == 1) {
1110 const char *q = p + 1;
1113 * Validate that there isn't much
1114 * else after the closing brace.
1116 while ((*q == ' ') || (*q == '\t')) q++;
1125 *ptr = p + 1; /* include the trailing ')' */
1149 static const char *cf_local_file(CONF_SECTION *cs, const char *local,
1150 char *buffer, size_t bufsize)
1154 CONF_SECTION *parentcs = cf_top_section(cs);
1156 p = strrchr(parentcs->item.filename, FR_DIR_SEP);
1157 if (!p) return local;
1159 dirsize = (p - parentcs->item.filename) + 1;
1161 if ((dirsize + strlen(local)) >= bufsize) {
1165 memcpy(buffer, parentcs->item.filename, dirsize);
1166 strlcpy(buffer + dirsize, local, bufsize - dirsize);
1173 * Read a part of the config file.
1175 static int cf_section_read(const char *filename, int *lineno, FILE *fp,
1176 CONF_SECTION *current)
1179 CONF_SECTION *this, *css;
1191 this = current; /* add items here */
1194 * Read, checking for line continuations ('\\' at EOL)
1200 * Get data, and remember if we are at EOF.
1202 eof = (fgets(cbuf, sizeof(buf) - (cbuf - buf), fp) == NULL);
1206 * We read the entire 8k worth of data: complain.
1207 * Note that we don't care if the last character
1208 * is \n: it's still forbidden. This means that
1209 * the maximum allowed length of text is 8k-1, which
1213 if ((cbuf + len + 1) >= (buf + sizeof(buf))) {
1214 radlog(L_ERR, "%s[%d]: Line too long",
1220 * Not doing continuations: check for edge
1227 while (*ptr && isspace((int) *ptr)) ptr++;
1229 if (!*ptr || (*ptr == '#')) continue;
1231 } else if (eof || (len == 0)) {
1232 radlog(L_ERR, "%s[%d]: Continuation at EOF is illegal",
1238 * See if there's a continuation.
1241 ((cbuf[len - 1] == '\n') || (cbuf[len - 1] == '\r'))) {
1246 if ((len > 0) && (cbuf[len - 1] == '\\')) {
1247 cbuf[len - 1] = '\0';
1253 t1 = gettoken(&ptr, buf1, sizeof(buf1));
1256 * The caller eats "name1 name2 {", and calls us
1257 * for the data inside of the section. So if we
1258 * receive a closing brace, then it must mean the
1259 * end of the section.
1261 if (t1 == T_RCBRACE) {
1262 if (this == current) {
1263 radlog(L_ERR, "%s[%d]: Too many closing braces",
1268 this = this->item.parent;
1273 * Allow for $INCLUDE files
1275 * This *SHOULD* work for any level include.
1276 * I really really really hate this file. -cparker
1278 if ((strcasecmp(buf1, "$INCLUDE") == 0) ||
1279 (strcasecmp(buf1, "$-INCLUDE") == 0)) {
1282 t2 = getword(&ptr, buf2, sizeof(buf2));
1284 if (buf2[0] == '$') relative = 0;
1286 value = cf_expand_variables(filename, lineno, this, buf, buf2);
1287 if (!value) return -1;
1289 if (!FR_DIR_IS_RELATIVE(value)) relative = 0;
1292 value = cf_local_file(current, value, buf3,
1295 radlog(L_ERR, "%s[%d]: Directories too deep.",
1302 #ifdef HAVE_DIRENT_H
1306 * Include ALL non-"dot" files in the directory.
1309 if (value[strlen(value) - 1] == '/') {
1312 struct stat stat_buf;
1314 DEBUG2("including files in directory %s", value );
1315 dir = opendir(value);
1317 radlog(L_ERR, "%s[%d]: Error reading directory %s: %s",
1318 filename, *lineno, value,
1324 * Read the directory, ignoring "." files.
1326 while ((dp = readdir(dir)) != NULL) {
1329 if (dp->d_name[0] == '.') continue;
1332 * Check for valid characters
1334 for (p = dp->d_name; *p != '\0'; p++) {
1335 if (isalpha((int)*p) ||
1339 (*p == '.')) continue;
1342 if (*p != '\0') continue;
1344 snprintf(buf2, sizeof(buf2), "%s%s",
1346 if ((stat(buf2, &stat_buf) != 0) ||
1347 S_ISDIR(stat_buf.st_mode)) continue;
1349 * Read the file into the current
1350 * configuration sectoin.
1352 if (cf_file_include(buf2, this) < 0) {
1360 { /* it was a normal file */
1361 if (buf1[1] == '-') {
1362 struct stat statbuf;
1364 if (stat(value, &statbuf) < 0) {
1365 DEBUG("WARNING: Not including file %s: %s", value, strerror(errno));
1370 if (cf_file_include(value, this) < 0) {
1375 } /* we were in an include */
1377 if (strcasecmp(buf1, "$template") == 0) {
1379 CONF_SECTION *parentcs;
1380 t2 = getword(&ptr, buf2, sizeof(buf2));
1382 parentcs = cf_top_section(current);
1384 ci = cf_reference_item(parentcs, this, buf2);
1385 if (!ci || (ci->type != CONF_ITEM_SECTION)) {
1386 radlog(L_ERR, "%s[%d]: Reference \"%s\" not found",
1387 filename, *lineno, buf2);
1391 if (this->template) {
1392 radlog(L_ERR, "%s[%d]: Section already has a template",
1397 this->template = cf_itemtosection(ci);
1402 * Ensure that the user can't add CONF_PAIRs
1403 * with 'internal' names;
1405 if (buf1[0] == '_') {
1406 radlog(L_ERR, "%s[%d]: Illegal configuration pair name \"%s\"",
1407 filename, *lineno, buf1);
1412 * Grab the next token.
1414 t2 = gettoken(&ptr, buf2, sizeof(buf2));
1427 if (!this || (strcmp(this->name1, "update") != 0)) {
1428 radlog(L_ERR, "%s[%d]: Invalid operator in assignment",
1436 t3 = getstring(&ptr, buf3, sizeof(buf3));
1439 * Handle variable substitution via ${foo}
1441 if ((t3 == T_BARE_WORD) ||
1442 (t3 == T_DOUBLE_QUOTED_STRING)) {
1443 value = cf_expand_variables(filename, lineno, this,
1445 if (!value) return -1;
1446 } else if ((t3 == T_EOL) ||
1454 * Add this CONF_PAIR to our CONF_SECTION
1456 cpn = cf_pair_alloc(buf1, value, t2, t3, this);
1457 cpn->item.filename = filename;
1458 cpn->item.lineno = *lineno;
1459 cf_item_add(this, cf_pairtoitem(cpn));
1463 * This horrible code is here to support
1464 * if/then/else failover in the
1465 * authorize, etc. sections. It makes no
1466 * sense anywhere else.
1469 if ((strcmp(buf1, "if") == 0) ||
1470 (strcmp(buf1, "elsif") == 0)) {
1471 const char *end = ptr;
1472 CONF_SECTION *server;
1474 if (!condition_looks_ok(&end)) {
1475 radlog(L_ERR, "%s[%d]: Parse error in condition at: %s",
1476 filename, *lineno, ptr);
1480 if ((size_t) (end - ptr) >= (sizeof(buf2) - 1)) {
1481 radlog(L_ERR, "%s[%d]: Statement too complicated after \"%s\"",
1482 filename, *lineno, buf1);
1487 * More sanity checking. This is
1488 * getting to be a horrible hack.
1492 if (strcmp(server->name1, "server") == 0) break;
1493 server = server->item.parent;
1497 radlog(L_ERR, "%s[%d]: Processing directives such as \"%s\" cannot be used here.",
1498 filename, *lineno, buf1);
1503 memcpy(buf2 + 1, ptr, end - ptr);
1504 buf2[end - ptr + 1] = '\0';
1510 radlog(L_ERR, "%s[%d]: Parse error after \"%s\"",
1511 filename, *lineno, buf1);
1518 * No '=', must be a section or sub-section.
1521 case T_DOUBLE_QUOTED_STRING:
1522 case T_SINGLE_QUOTED_STRING:
1523 t3 = gettoken(&ptr, buf3, sizeof(buf3));
1524 if (t3 != T_LCBRACE) {
1525 radlog(L_ERR, "%s[%d]: Expecting section start brace '{' after \"%s %s\"",
1526 filename, *lineno, buf1, buf2);
1532 css = cf_section_alloc(buf1,
1533 t2 == T_LCBRACE ? NULL : buf2,
1536 radlog(L_ERR, "%s[%d]: Failed allocating memory for section",
1540 cf_item_add(this, cf_sectiontoitem(css));
1541 css->item.filename = filename;
1542 css->item.lineno = *lineno;
1545 * The current section is now the child section.
1551 radlog(L_ERR, "%s[%d]: Parse error after \"%s\"",
1552 filename, *lineno, buf1);
1558 * See if EOF was unexpected ..
1560 if (feof(fp) && (this != current)) {
1561 radlog(L_ERR, "%s[%d]: EOF reached without closing brace for section %s starting at line %d",
1563 cf_section_name1(this), cf_section_lineno(this));
1571 * Include one config file in another.
1573 int cf_file_include(const char *filename, CONF_SECTION *cs)
1577 struct stat statbuf;
1581 DEBUG2( "including configuration file %s", filename);
1583 if (stat(filename, &statbuf) == 0) {
1585 if ((statbuf.st_mode & S_IWOTH) != 0) {
1586 radlog(L_ERR|L_CONS, "Configuration file %s is globally writable. Refusing to start due to insecure configuration.",
1593 if (0 && (statbuf.st_mode & S_IROTH) != 0) {
1594 radlog(L_ERR|L_CONS, "Configuration file %s is globally readable. Refusing to start due to insecure configuration.",
1601 fp = fopen(filename, "r");
1603 radlog(L_ERR|L_CONS, "Unable to open file \"%s\": %s",
1604 filename, strerror(errno));
1609 * Add the filename to the section
1611 mtime = rad_malloc(sizeof(*mtime));
1612 *mtime = statbuf.st_mtime;
1614 if (cf_data_add_internal(cs, filename, mtime, free,
1615 PW_TYPE_FILENAME) < 0) {
1617 radlog(L_ERR|L_CONS, "Internal error open file \"%s\"",
1622 cd = cf_data_find_internal(cs, filename, PW_TYPE_FILENAME);
1625 radlog(L_ERR|L_CONS, "Internal error open file \"%s\"",
1630 if (!cs->item.filename) cs->item.filename = filename;
1633 * Read the section. It's OK to have EOF without a
1634 * matching close brace.
1636 if (cf_section_read(cd->name, &lineno, fp, cs) < 0) {
1646 * Bootstrap a config file.
1648 CONF_SECTION *cf_file_read(const char *filename)
1654 cs = cf_section_alloc("main", NULL, NULL);
1655 if (!cs) return NULL;
1657 cp = cf_pair_alloc("confdir", filename, T_OP_SET, T_BARE_WORD, cs);
1658 if (!cp) return NULL;
1660 p = strrchr(cp->value, FR_DIR_SEP);
1663 cp->item.filename = "internal";
1664 cp->item.lineno = 0;
1665 cf_item_add(cs, cf_pairtoitem(cp));
1667 if (cf_file_include(filename, cs) < 0) {
1668 cf_section_free(&cs);
1676 * Return a CONF_PAIR within a CONF_SECTION.
1678 CONF_PAIR *cf_pair_find(const CONF_SECTION *cs, const char *name)
1681 CONF_PAIR *cp = NULL;
1683 if (!cs) return NULL;
1686 * Find the name in the tree, for speed.
1692 cp = rbtree_finddata(cs->pair_tree, &mycp);
1695 * Else find the first one that matches
1697 for (ci = cs->children; ci; ci = ci->next) {
1698 if (ci->type == CONF_ITEM_PAIR) {
1699 return cf_itemtopair(ci);
1704 if (cp || !cs->template) return cp;
1706 return cf_pair_find(cs->template, name);
1710 * Return the attr of a CONF_PAIR
1713 const char *cf_pair_attr(CONF_PAIR *pair)
1715 return (pair ? pair->attr : NULL);
1719 * Return the value of a CONF_PAIR
1722 const char *cf_pair_value(CONF_PAIR *pair)
1724 return (pair ? pair->value : NULL);
1728 * Copied here for error reporting.
1730 extern void librad_log(const char *, ...);
1733 * Turn a CONF_PAIR into a VALUE_PAIR
1734 * For now, ignore the "value_type" field...
1736 VALUE_PAIR *cf_pairtovp(CONF_PAIR *pair)
1742 librad_log("Internal error");
1746 da = dict_attrbyname(pair->attr);
1748 librad_log("Unknown attribute %s", pair->attr);
1753 librad_log("No value given for attribute %s", pair->attr);
1759 librad_log("Out of memory");
1763 vp->operator = pair->operator;
1765 if ((pair->value_type == T_BARE_WORD) ||
1766 (pair->value_type == T_SINGLE_QUOTED_STRING)) {
1767 if (!pairparsevalue(vp, pair->value)) {
1771 vp->flags.do_xlat = 0;
1773 vp->flags.do_xlat = 1;
1780 * Return the first label of a CONF_SECTION
1783 const char *cf_section_name1(const CONF_SECTION *cs)
1785 return (cs ? cs->name1 : NULL);
1789 * Return the second label of a CONF_SECTION
1792 const char *cf_section_name2(const CONF_SECTION *cs)
1794 return (cs ? cs->name2 : NULL);
1798 * Find a value in a CONF_SECTION
1800 const char *cf_section_value_find(const CONF_SECTION *cs, const char *attr)
1804 cp = cf_pair_find(cs, attr);
1806 return (cp ? cp->value : NULL);
1810 * Return the next pair after a CONF_PAIR
1811 * with a certain name (char *attr) If the requested
1812 * attr is NULL, any attr matches.
1815 CONF_PAIR *cf_pair_find_next(const CONF_SECTION *cs,
1816 CONF_PAIR *pair, const char *attr)
1821 * If pair is NULL this must be a first time run
1822 * Find the pair with correct name
1826 return cf_pair_find(cs, attr);
1829 ci = cf_pairtoitem(pair)->next;
1831 for (; ci; ci = ci->next) {
1832 if (ci->type != CONF_ITEM_PAIR)
1834 if (attr == NULL || strcmp(cf_itemtopair(ci)->attr, attr) == 0)
1838 return cf_itemtopair(ci);
1842 * Find a CONF_SECTION, or return the root if name is NULL
1845 CONF_SECTION *cf_section_find(const char *name)
1848 return cf_section_sub_find(mainconfig.config, name);
1850 return mainconfig.config;
1854 * Find a sub-section in a section
1857 CONF_SECTION *cf_section_sub_find(const CONF_SECTION *cs, const char *name)
1862 * Do the fast lookup if possible.
1864 if (name && cs->section_tree) {
1869 return rbtree_finddata(cs->section_tree, &mycs);
1872 for (ci = cs->children; ci; ci = ci->next) {
1873 if (ci->type != CONF_ITEM_SECTION)
1875 if (strcmp(cf_itemtosection(ci)->name1, name) == 0)
1879 return cf_itemtosection(ci);
1885 * Find a CONF_SECTION with both names.
1887 CONF_SECTION *cf_section_sub_find_name2(const CONF_SECTION *cs,
1888 const char *name1, const char *name2)
1892 if (!cs) cs = mainconfig.config;
1894 if (name1 && (cs->section_tree)) {
1895 CONF_SECTION mycs, *master_cs;
1900 master_cs = rbtree_finddata(cs->section_tree, &mycs);
1902 return rbtree_finddata(master_cs->name2_tree, &mycs);
1907 * Else do it the old-fashioned way.
1909 for (ci = cs->children; ci; ci = ci->next) {
1910 CONF_SECTION *subcs;
1912 if (ci->type != CONF_ITEM_SECTION)
1915 subcs = cf_itemtosection(ci);
1917 if (!subcs->name2) {
1918 if (strcmp(subcs->name1, name2) == 0) break;
1920 if (strcmp(subcs->name2, name2) == 0) break;
1922 continue; /* don't do the string comparisons below */
1925 if ((strcmp(subcs->name1, name1) == 0) &&
1926 (subcs->name2 != NULL) &&
1927 (strcmp(subcs->name2, name2) == 0))
1931 return cf_itemtosection(ci);
1935 * Return the next subsection after a CONF_SECTION
1936 * with a certain name1 (char *name1). If the requested
1937 * name1 is NULL, any name1 matches.
1940 CONF_SECTION *cf_subsection_find_next(CONF_SECTION *section,
1941 CONF_SECTION *subsection,
1947 * If subsection is NULL this must be a first time run
1948 * Find the subsection with correct name
1951 if (subsection == NULL){
1952 ci = section->children;
1954 ci = cf_sectiontoitem(subsection)->next;
1957 for (; ci; ci = ci->next) {
1958 if (ci->type != CONF_ITEM_SECTION)
1960 if ((name1 == NULL) ||
1961 (strcmp(cf_itemtosection(ci)->name1, name1) == 0))
1965 return cf_itemtosection(ci);
1970 * Return the next section after a CONF_SECTION
1971 * with a certain name1 (char *name1). If the requested
1972 * name1 is NULL, any name1 matches.
1975 CONF_SECTION *cf_section_find_next(CONF_SECTION *section,
1976 CONF_SECTION *subsection,
1979 if (!section->item.parent) return NULL;
1981 return cf_subsection_find_next(section->item.parent, subsection, name1);
1985 * Return the next item after a CONF_ITEM.
1988 CONF_ITEM *cf_item_find_next(CONF_SECTION *section, CONF_ITEM *item)
1991 * If item is NULL this must be a first time run
1992 * Return the first item
1996 return section->children;
2002 int cf_section_lineno(CONF_SECTION *section)
2004 return cf_sectiontoitem(section)->lineno;
2007 const char *cf_pair_filename(CONF_PAIR *pair)
2009 return cf_pairtoitem(pair)->filename;
2012 const char *cf_section_filename(CONF_SECTION *section)
2014 return cf_sectiontoitem(section)->filename;
2017 int cf_pair_lineno(CONF_PAIR *pair)
2019 return cf_pairtoitem(pair)->lineno;
2022 int cf_item_is_section(CONF_ITEM *item)
2024 return item->type == CONF_ITEM_SECTION;
2026 int cf_item_is_pair(CONF_ITEM *item)
2028 return item->type == CONF_ITEM_PAIR;
2032 static CONF_DATA *cf_data_alloc(CONF_SECTION *parent, const char *name,
2033 void *data, void (*data_free)(void *))
2039 name_len = strlen(name) + 1;
2041 p = rad_malloc(sizeof(*cd) + name_len);
2042 cd = (CONF_DATA *) p;
2043 memset(cd, 0, sizeof(*cd));
2045 cd->item.type = CONF_ITEM_DATA;
2046 cd->item.parent = parent;
2048 cd->free = data_free;
2051 memcpy(p, name, name_len);
2057 static void *cf_data_find_internal(CONF_SECTION *cs, const char *name,
2060 if (!cs || !name) return NULL;
2063 * Find the name in the tree, for speed.
2065 if (cs->data_tree) {
2070 return rbtree_finddata(cs->data_tree, &mycd);
2077 * Find data from a particular section.
2079 void *cf_data_find(CONF_SECTION *cs, const char *name)
2081 CONF_DATA *cd = cf_data_find_internal(cs, name, 0);
2083 if (cd) return cd->data;
2089 * Add named data to a configuration section.
2091 static int cf_data_add_internal(CONF_SECTION *cs, const char *name,
2092 void *data, void (*data_free)(void *),
2097 if (!cs || !name) return -1;
2100 * Already exists. Can't add it.
2102 if (cf_data_find_internal(cs, name, flag) != NULL) return -1;
2104 cd = cf_data_alloc(cs, name, data, data_free);
2108 cf_item_add(cs, cf_datatoitem(cd));
2114 * Add named data to a configuration section.
2116 int cf_data_add(CONF_SECTION *cs, const char *name,
2117 void *data, void (*data_free)(void *))
2119 return cf_data_add_internal(cs, name, data, data_free, 0);
2124 * Copy CONF_DATA from src to dst
2126 static void cf_section_copy_data(CONF_SECTION *s, CONF_SECTION *d)
2129 CONF_ITEM *cd, *next, **last;
2132 * Don't check if s->data_tree is NULL. It's child
2133 * sections may have data, even if this section doesn't.
2136 rad_assert(d->data_tree == NULL);
2137 d->data_tree = s->data_tree;
2138 s->data_tree = NULL;
2141 * Walk through src, moving CONF_ITEM_DATA
2144 last = &(s->children);
2145 for (cd = s->children; cd != NULL; cd = next) {
2149 * Recursively copy data from child sections.
2151 if (cd->type == CONF_ITEM_SECTION) {
2152 CONF_SECTION *s1, *d1;
2154 s1 = cf_itemtosection(cd);
2155 d1 = cf_section_sub_find_name2(d, s1->name1, s1->name2);
2157 cf_section_copy_data(s1, d1);
2164 * Not conf data, remember last ptr.
2166 if (cd->type != CONF_ITEM_DATA) {
2172 * Remove it from the src list
2178 * Add it to the dst list
2181 rad_assert(d->tail == NULL);
2184 rad_assert(d->tail != NULL);
2192 * For a CONF_DATA element, stat the filename, if necessary.
2194 static int filename_stat(void *context, void *data)
2197 CONF_DATA *cd = data;
2199 context = context; /* -Wunused */
2201 if (cd->flag != PW_TYPE_FILENAME) return 0;
2203 if (stat(cd->name, &buf) < 0) return -1;
2205 if (buf.st_mtime != *(time_t *) cd->data) return -1;
2212 * Compare two CONF_SECTIONS. The items MUST be in the same
2215 static int cf_section_cmp(CONF_SECTION *a, CONF_SECTION *b)
2217 CONF_ITEM *ca = a->children;
2218 CONF_ITEM *cb = b->children;
2226 if (!ca && !cb) break;
2231 if (ca && ca->type == CONF_ITEM_DATA) {
2235 if (cb && cb->type == CONF_ITEM_DATA) {
2241 * One is smaller than the other. Exit.
2243 if (!ca || !cb) return 0;
2245 if (ca->type != cb->type) return 0;
2248 * Deal with subsections.
2250 if (ca->type == CONF_ITEM_SECTION) {
2251 CONF_SECTION *sa = cf_itemtosection(ca);
2252 CONF_SECTION *sb = cf_itemtosection(cb);
2254 if (!cf_section_cmp(sa, sb)) return 0;
2258 rad_assert(ca->type == CONF_ITEM_PAIR);
2260 pa = cf_itemtopair(ca);
2261 pb = cf_itemtopair(cb);
2264 * Different attr and/or value, Exit.
2266 if ((strcmp(pa->attr, pb->attr) != 0) ||
2267 (strcmp(pa->value, pb->value) != 0)) return 0;
2271 * And go to the next element.
2279 * Walk over the CONF_DATA, stat'ing PW_TYPE_FILENAME.
2282 (rbtree_walk(a->data_tree, InOrder, filename_stat, NULL) != 0)) {
2287 * They must be the same, say so.
2294 * Migrate CONF_DATA from one section to another.
2296 int cf_section_migrate(CONF_SECTION *dst, CONF_SECTION *src)
2299 CONF_SECTION *s, *d;
2301 for (ci = src->children; ci != NULL; ci = ci->next) {
2302 if (ci->type != CONF_ITEM_SECTION)
2305 s = cf_itemtosection(ci);
2306 d = cf_section_sub_find_name2(dst, s->name1, s->name2);
2308 if (!d) continue; /* not in new one, don't migrate it */
2311 * A section of the same name is in BOTH src & dst,
2312 * compare the CONF_PAIR's. If they're all the same,
2313 * then copy the CONF_DATA from one to the other.
2315 if (cf_section_cmp(s, d)) {
2316 cf_section_copy_data(s, d);
2320 return 1; /* rcode means anything? */
2324 int cf_section_template(CONF_SECTION *cs, CONF_SECTION *template)
2326 if (!cs || !template || cs->template || template->template) return -1;
2328 cs->template = template;
2335 * This is here to make the rest of the code easier to read. It
2336 * ties conffile.c to log.c, but it means we don't have to
2337 * pollute every other function with the knowledge of the
2338 * configuration internals.
2340 void cf_log_err(CONF_ITEM *ci, const char *fmt, ...)
2346 vsnprintf(buffer, sizeof(buffer), fmt, ap);
2349 radlog(L_ERR, "%s[%d]: %s", ci->filename, ci->lineno, buffer);
2353 void cf_log_info(UNUSED CONF_SECTION *cs, const char *fmt, ...)
2358 if (debug_flag > 1 && cf_log_config) vradlog(L_DBG, fmt, ap);
2363 * Wrapper to simplify the code.
2365 void cf_log_module(UNUSED CONF_SECTION *cs, const char *fmt, ...)
2371 if (debug_flag > 1 && cf_log_modules) {
2372 vsnprintf(buffer, sizeof(buffer), fmt, ap);
2374 radlog(L_DBG, " Module: %s", buffer);
2382 * JMG dump_config tries to dump the config structure in a readable format
2386 static int dump_config_section(CONF_SECTION *cs, int indent)
2392 /* The DEBUG macro doesn't let me
2393 * for(i=0;i<indent;++i) debugputchar('\t');
2394 * so I had to get creative. --Pac. */
2396 for (ci = cs->children; ci; ci = ci->next) {
2398 case CONF_ITEM_PAIR:
2399 cp=cf_itemtopair(ci);
2400 DEBUG("%.*s%s = %s",
2401 indent, "\t\t\t\t\t\t\t\t\t\t\t",
2402 cp->attr, cp->value);
2405 case CONF_ITEM_SECTION:
2406 scs=cf_itemtosection(ci);
2407 DEBUG("%.*s%s %s%s{",
2408 indent, "\t\t\t\t\t\t\t\t\t\t\t",
2410 scs->name2 ? scs->name2 : "",
2411 scs->name2 ? " " : "");
2412 dump_config_section(scs, indent+1);
2414 indent, "\t\t\t\t\t\t\t\t\t\t\t");
2417 default: /* FIXME: Do more! */
2425 int dump_config(CONF_SECTION *cs)
2427 return dump_config_section(cs, 0);