* License along with this library; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
*
- * Copyright 2000 The FreeRADIUS server project
+ * Copyright 2000,2006 The FreeRADIUS server project
*/
-static const char rcsid[] = "$Id$";
+#include <freeradius-devel/ident.h>
+RCSID("$Id$")
-#include "autoconf.h"
+#include <freeradius-devel/libradius.h>
-#include <stdlib.h>
#include <ctype.h>
-#include <string.h>
#ifdef HAVE_MALLOC_H
#include <malloc.h>
#include <sys/stat.h>
#endif
-#include <unistd.h>
-
-#include "missing.h"
-#include "libradius.h"
-
#define DICT_VALUE_MAX_NAME_LEN (128)
#define DICT_VENDOR_MAX_NAME_LEN (128)
+#define DICT_ATTR_MAX_NAME_LEN (128)
-static lrad_hash_table_t *vendors_byname = NULL;
-static lrad_hash_table_t *vendors_byvalue = NULL;
+static fr_hash_table_t *vendors_byname = NULL;
+static fr_hash_table_t *vendors_byvalue = NULL;
-static lrad_hash_table_t *attributes_byname = NULL;
-static lrad_hash_table_t *attributes_byvalue = NULL;
+static fr_hash_table_t *attributes_byname = NULL;
+static fr_hash_table_t *attributes_byvalue = NULL;
-static lrad_hash_table_t *values_byvalue = NULL;
-static lrad_hash_table_t *values_byname = NULL;
+static fr_hash_table_t *values_byvalue = NULL;
+static fr_hash_table_t *values_byname = NULL;
+
+static DICT_ATTR *dict_base_attrs[256];
/*
* For faster HUP's, we cache the stat information for
static dict_stat_t *stat_tail = NULL;
typedef struct value_fixup_t {
- char attrstr[40];
- uint32_t hash;
+ char attrstr[DICT_ATTR_MAX_NAME_LEN];
DICT_VALUE *dval;
struct value_fixup_t *next;
} value_fixup_t;
*/
static value_fixup_t *value_fixup = NULL;
-static const LRAD_NAME_NUMBER type_table[] = {
- { "string", PW_TYPE_STRING },
+static const FR_NAME_NUMBER type_table[] = {
{ "integer", PW_TYPE_INTEGER },
+ { "string", PW_TYPE_STRING },
{ "ipaddr", PW_TYPE_IPADDR },
{ "date", PW_TYPE_DATE },
{ "abinary", PW_TYPE_ABINARY },
{ "ifid", PW_TYPE_IFID },
{ "ipv6addr", PW_TYPE_IPV6ADDR },
{ "ipv6prefix", PW_TYPE_IPV6PREFIX },
+ { "byte", PW_TYPE_BYTE },
+ { "short", PW_TYPE_SHORT },
+ { "ether", PW_TYPE_ETHERNET },
+ { "combo-ip", PW_TYPE_COMBO_IP },
+ { "tlv", PW_TYPE_TLV },
+ { "signed", PW_TYPE_SIGNED },
{ NULL, 0 }
};
+
+/*
+ * WiMAX craziness.
+ */
+#define MAX_TLV_NEST (4)
+/*
+ * Bit packing:
+ * 8 bits of base VSA
+ * 8 bits for nested TLV 1
+ * 8 bits for nested TLV 2
+ * 5 bits for nested TLV 3
+ * 3 bits for nested TLV 4
+ */
+const int fr_wimax_max_tlv = MAX_TLV_NEST;
+const int fr_wimax_shift[MAX_TLV_NEST + 1] = {
+ 0, 8, 16, 24, 29
+};
+
+const int fr_wimax_mask[MAX_TLV_NEST + 1] = {
+ 0, 0xff, 0xff, 0x1f, 0x07
+};
+
+
/*
* Create the hash of the name.
+ *
+ * We copy the hash function here because it's substantially faster.
*/
+#define FNV_MAGIC_INIT (0x811c9dc5)
+#define FNV_MAGIC_PRIME (0x01000193)
+
static uint32_t dict_hashname(const char *name)
{
+ uint32_t hash = FNV_MAGIC_INIT;
const char *p;
- char *q;
- size_t len = 0;
- char buffer[1024];
-
- p = name;
- q = buffer;
- while (*p && (len < sizeof(buffer))) {
- if (isalpha(*p)) {
- *(q++) = tolower((int) *(p++));
- } else {
- *(q++) = *(p++);
- }
- len++;
+
+ for (p = name; *p != '\0'; p++) {
+ int c = *(const unsigned char *) p;
+ if (isalpha(c)) c = tolower(c);
+
+ hash *= FNV_MAGIC_PRIME;
+ hash ^= (uint32_t ) (c & 0xff);
}
- return lrad_hash(buffer, len);
+
+ return hash;
+}
+
+
+/*
+ * Hash callback functions.
+ */
+static uint32_t dict_attr_name_hash(const void *data)
+{
+ return dict_hashname(((const DICT_ATTR *)data)->name);
+}
+
+static int dict_attr_name_cmp(const void *one, const void *two)
+{
+ const DICT_ATTR *a = one;
+ const DICT_ATTR *b = two;
+
+ return strcasecmp(a->name, b->name);
+}
+
+static uint32_t dict_attr_value_hash(const void *data)
+{
+ uint32_t hash;
+ const DICT_ATTR *attr = data;
+
+ hash = fr_hash(&attr->vendor, sizeof(attr->vendor));
+ return fr_hash_update(&attr->attr, sizeof(attr->attr), hash);
+}
+
+static int dict_attr_value_cmp(const void *one, const void *two)
+{
+ const DICT_ATTR *a = one;
+ const DICT_ATTR *b = two;
+
+ if (a->vendor < b->vendor) return -1;
+ if (a->vendor > b->vendor) return +1;
+
+ return a->attr - b->attr;
+}
+
+static uint32_t dict_vendor_name_hash(const void *data)
+{
+ return dict_hashname(((const DICT_VENDOR *)data)->name);
+}
+
+static int dict_vendor_name_cmp(const void *one, const void *two)
+{
+ const DICT_VENDOR *a = one;
+ const DICT_VENDOR *b = two;
+
+ return strcasecmp(a->name, b->name);
+}
+
+static uint32_t dict_vendor_value_hash(const void *data)
+{
+ return fr_hash(&(((const DICT_VENDOR *)data)->vendorpec),
+ sizeof(((const DICT_VENDOR *)data)->vendorpec));
+}
+
+static int dict_vendor_value_cmp(const void *one, const void *two)
+{
+ const DICT_VENDOR *a = one;
+ const DICT_VENDOR *b = two;
+
+ return a->vendorpec - b->vendorpec;
+}
+
+static uint32_t dict_value_name_hash(const void *data)
+{
+ uint32_t hash;
+ const DICT_VALUE *dval = data;
+
+ hash = dict_hashname(dval->name);
+ hash = fr_hash_update(&dval->vendor, sizeof(dval->vendor), hash);
+ return fr_hash_update(&dval->attr, sizeof(dval->attr), hash);
+}
+
+static int dict_value_name_cmp(const void *one, const void *two)
+{
+ int rcode;
+ const DICT_VALUE *a = one;
+ const DICT_VALUE *b = two;
+
+ rcode = a->attr - b->attr;
+ if (rcode != 0) return rcode;
+
+ rcode = a->vendor - b->vendor;
+ if (rcode != 0) return rcode;
+
+ return strcasecmp(a->name, b->name);
+}
+
+static uint32_t dict_value_value_hash(const void *data)
+{
+ uint32_t hash;
+ const DICT_VALUE *dval = data;
+
+ hash = fr_hash(&dval->attr, sizeof(dval->attr));
+ hash = fr_hash_update(&dval->vendor, sizeof(dval->vendor), hash);
+ return fr_hash_update(&dval->value, sizeof(dval->value), hash);
+}
+
+static int dict_value_value_cmp(const void *one, const void *two)
+{
+ int rcode;
+ const DICT_VALUE *a = one;
+ const DICT_VALUE *b = two;
+
+ if (a->vendor < b->vendor) return -1;
+ if (a->vendor > b->vendor) return +1;
+
+ rcode = a->attr - b->attr;
+ if (rcode != 0) return rcode;
+
+ return a->value - b->value;
}
dict_stat_t *this;
this = malloc(sizeof(*this));
+ if (!this) return;
memset(this, 0, sizeof(*this));
this->name = strdup(name);
return 1;
}
+typedef struct fr_pool_t {
+ void *page_end;
+ void *free_ptr;
+ struct fr_pool_t *page_free;
+ struct fr_pool_t *page_next;
+} fr_pool_t;
+
+#define FR_POOL_SIZE (32768)
+#define FR_ALLOC_ALIGN (8)
+
+static fr_pool_t *dict_pool = NULL;
+
+static fr_pool_t *fr_pool_create(void)
+{
+ fr_pool_t *fp = malloc(FR_POOL_SIZE);
+
+ if (!fp) return NULL;
+
+ memset(fp, 0, FR_POOL_SIZE);
+
+ fp->page_end = ((uint8_t *) fp) + FR_POOL_SIZE;
+ fp->free_ptr = ((uint8_t *) fp) + sizeof(*fp);
+ fp->page_free = fp;
+ fp->page_next = NULL;
+ return fp;
+}
+
+static void fr_pool_delete(fr_pool_t **pfp)
+{
+ fr_pool_t *fp, *next;
+
+ if (!pfp || !*pfp) return;
+
+ for (fp = *pfp; fp != NULL; fp = next) {
+ next = fp->page_next;
+ free(fp);
+ }
+}
+
+
+static void *fr_pool_alloc(size_t size)
+{
+ void *ptr;
+
+ if (size == 0) return NULL;
+
+ if (size > 256) return NULL; /* shouldn't happen */
+
+ if (!dict_pool) {
+ dict_pool = fr_pool_create();
+ if (!dict_pool) return NULL;
+ }
+
+ if ((size & (FR_ALLOC_ALIGN - 1)) != 0) {
+ size += FR_ALLOC_ALIGN - (size & (FR_ALLOC_ALIGN - 1));
+ }
+
+ if ((((uint8_t *) dict_pool->page_free->free_ptr) + size) > (uint8_t *) dict_pool->page_free->page_end) {
+ dict_pool->page_free->page_next = fr_pool_create();
+ if (!dict_pool->page_free->page_next) return NULL;
+ dict_pool->page_free = dict_pool->page_free->page_next;
+ }
+
+ ptr = dict_pool->page_free->free_ptr;
+ dict_pool->page_free->free_ptr = ((uint8_t *) dict_pool->page_free->free_ptr) + size;
+
+ return ptr;
+}
+
+
+static void fr_pool_free(UNUSED void *ptr)
+{
+ /*
+ * Place-holder for later code.
+ */
+}
/*
* Free the dictionary_attributes and dictionary_values lists.
void dict_free(void)
{
/*
- * Free the trees
+ * Free the tables
*/
- lrad_hash_table_free(vendors_byname);
- lrad_hash_table_free(vendors_byvalue);
+ fr_hash_table_free(vendors_byname);
+ fr_hash_table_free(vendors_byvalue);
vendors_byname = NULL;
vendors_byvalue = NULL;
- lrad_hash_table_free(attributes_byname);
- lrad_hash_table_free(attributes_byvalue);
+ fr_hash_table_free(attributes_byname);
+ fr_hash_table_free(attributes_byvalue);
attributes_byname = NULL;
attributes_byvalue = NULL;
- lrad_hash_table_free(values_byname);
- lrad_hash_table_free(values_byvalue);
+ fr_hash_table_free(values_byname);
+ fr_hash_table_free(values_byvalue);
values_byname = NULL;
values_byvalue = NULL;
+ memset(dict_base_attrs, 0, sizeof(dict_base_attrs));
+
+ fr_pool_delete(&dict_pool);
+
dict_stat_free();
}
int dict_addvendor(const char *name, int value)
{
size_t length;
- uint32_t hash;
DICT_VENDOR *dv;
- if (value >= (1 << 16)) {
- librad_log("dict_addvendor: Cannot handle vendor ID larger than 65535");
+ if (value > FR_MAX_VENDOR) {
+ fr_strerror_printf("dict_addvendor: Cannot handle vendor ID larger than 2^24");
return -1;
}
if ((length = strlen(name)) >= DICT_VENDOR_MAX_NAME_LEN) {
- librad_log("dict_addvendor: vendor name too long");
+ fr_strerror_printf("dict_addvendor: vendor name too long");
return -1;
}
-
- if ((dv = malloc(sizeof(*dv) + length)) == NULL) {
- librad_log("dict_addvendor: out of memory");
+
+ if ((dv = fr_pool_alloc(sizeof(*dv) + length)) == NULL) {
+ fr_strerror_printf("dict_addvendor: out of memory");
return -1;
}
- hash = dict_hashname(name);
strcpy(dv->name, name);
dv->vendorpec = value;
dv->type = dv->length = 1; /* defaults */
- if (!lrad_hash_table_insert(vendors_byname, hash, dv)) {
+ if (!fr_hash_table_insert(vendors_byname, dv)) {
DICT_VENDOR *old_dv;
- old_dv = lrad_hash_table_finddata(vendors_byname, hash);
+ old_dv = fr_hash_table_finddata(vendors_byname, dv);
if (!old_dv) {
- librad_log("dict_addvendor: Failed inserting vendor name %s", name);
+ fr_strerror_printf("dict_addvendor: Failed inserting vendor name %s", name);
return -1;
}
if (old_dv->vendorpec != dv->vendorpec) {
- librad_log("dict_addvendor: Duplicate vendor name %s", name);
+ fr_strerror_printf("dict_addvendor: Duplicate vendor name %s", name);
return -1;
}
/*
* Already inserted. Discard the duplicate entry.
*/
- free(dv);
+ fr_pool_free(dv);
return 0;
}
/*
- * Insert the SAME pointer (not free'd when this tree is
- * deleted), into another tree.
- *
- * If the newly inserted entry is a duplicate of an existing
- * entry, then the old entry is tossed, and the new one
- * replaces it. This behaviour is configured in the
- * lrad_hash_table_create() function.
+ * Insert the SAME pointer (not free'd when this table is
+ * deleted), into another table.
*
* We want this behaviour because we want OLD names for
* the attributes to be read from the configuration
* files, but when we're printing them, (and looking up
* by value) we want to use the NEW name.
*/
- if (!lrad_hash_table_insert(vendors_byvalue,
- lrad_hash(&dv->vendorpec,
- sizeof(dv->vendorpec)),
- dv)) {
- librad_log("dict_addvendor: Failed inserting vendor %s",
+ if (!fr_hash_table_replace(vendors_byvalue, dv)) {
+ fr_strerror_printf("dict_addvendor: Failed inserting vendor %s",
name);
return -1;
}
/*
* Add an attribute to the dictionary.
*/
-int dict_addattr(const char *name, int vendor, int type, int value,
+int dict_addattr(const char *name, int attr, int vendor, int type,
ATTR_FLAGS flags)
{
+ size_t namelen;
static int max_attr = 0;
- uint32_t hash;
- DICT_ATTR *attr;
+ DICT_ATTR *da;
- if (strlen(name) > (sizeof(attr->name) -1)) {
- librad_log("dict_addattr: attribute name too long");
+ namelen = strlen(name);
+ if (namelen >= DICT_ATTR_MAX_NAME_LEN) {
+ fr_strerror_printf("dict_addattr: attribute name too long");
return -1;
}
/*
- * If the value is '-1', that means use a pre-existing
+ * If the attr is '-1', that means use a pre-existing
* one (if it already exists). If one does NOT already exist,
* then create a new attribute, with a non-conflicting value,
* and use that.
*/
- if (value == -1) {
+ if (attr == -1) {
if (dict_attrbyname(name)) {
return 0; /* exists, don't add it again */
}
- value = ++max_attr;
+ attr = ++max_attr;
} else if (vendor == 0) {
/*
* Update 'max_attr'
*/
- if (value > max_attr) {
- max_attr = value;
+ if (attr > max_attr) {
+ max_attr = attr;
}
}
- if (value < 0) {
- librad_log("dict_addattr: ATTRIBUTE has invalid number (less than zero)");
- return -1;
+ /*
+ * Additional checks for extended attributes.
+ */
+ if (flags.extended || flags.extended_flags) {
+ if (vendor != 0) {
+ fr_strerror_printf("dict_addattr: VSAs cannot use the \"extended\" attribute format.");
+ return -1;
+ }
+ vendor = VENDORPEC_EXTENDED;
+
+ if ((attr < 256) && (type != PW_TYPE_OCTETS)) {
+ fr_strerror_printf("dict_addattr: The base \"extended\" attribute definition MUST be of type \"octets\".");
+ return -1;
+ }
+
+ if (flags.has_tag || flags.array || (flags.encrypt != FLAG_ENCRYPT_NONE)) {
+ fr_strerror_printf("dict_addattr: The \"extended\" attributes MUST NOT have any flags set.");
+ return -1;
+ }
}
- if (value >= 65536) {
- librad_log("dict_addattr: ATTRIBUTE has invalid number (larger than 65535).");
+ if (attr < 0) {
+ fr_strerror_printf("dict_addattr: ATTRIBUTE has invalid number (less than zero)");
return -1;
}
- if (vendor) {
- DICT_VENDOR *dv = dict_vendorbyvalue(vendor);
+ if (vendor && (vendor != VENDORPEC_EXTENDED)) {
+ DICT_VENDOR *dv;
+ static DICT_VENDOR *last_vendor = NULL;
+
+ if (flags.has_tlv && (flags.encrypt != FLAG_ENCRYPT_NONE)) {
+ fr_strerror_printf("TLV's cannot be encrypted");
+ return -1;
+ }
+
+ if (flags.is_tlv && flags.has_tag) {
+ fr_strerror_printf("Sub-TLV's cannot have a tag");
+ return -1;
+ }
+
+ if (flags.has_tlv && flags.has_tag) {
+ fr_strerror_printf("TLV's cannot have a tag");
+ return -1;
+ }
+
+ /*
+ * Most ATTRIBUTEs are bunched together by
+ * VENDOR. We can save a lot of lookups on
+ * dictionary initialization by caching the last
+ * vendor.
+ */
+ if (last_vendor && (vendor == last_vendor->vendorpec)) {
+ dv = last_vendor;
+ } else {
+ dv = dict_vendorbyvalue(vendor);
+ last_vendor = dv;
+ }
/*
- * If the vendor isn't defined, die/
+ * If the vendor isn't defined, die.
*/
if (!dv) {
- librad_log("dict_addattr: Unknown vendor");
+ fr_strerror_printf("dict_addattr: Unknown vendor %d",
+ vendor);
return -1;
}
/*
- * With a few exceptions, attributes can only be
- * 1..255. The check above catches the less than
- * zero case.
+ * FIXME: Switch over dv->type, and limit things
+ * properly.
*/
- if ((dv->type == 1) && (value >= 256)) {
- librad_log("dict_addattr: ATTRIBUTE has invalid number (larger than 255).");
+ if ((dv->type == 1) && (attr >= 256) && !flags.is_tlv) {
+ fr_strerror_printf("dict_addattr: ATTRIBUTE has invalid number (larger than 255).");
return -1;
} /* else 256..65535 are allowed */
}
/*
* Create a new attribute for the list
*/
- if ((attr = malloc(sizeof(*attr))) == NULL) {
- librad_log("dict_addattr: out of memory");
+ if ((da = fr_pool_alloc(sizeof(*da) + namelen)) == NULL) {
+ fr_strerror_printf("dict_addattr: out of memory");
return -1;
}
- hash = dict_hashname(name);
- strcpy(attr->name, name);
- attr->attr = value;
- attr->attr |= (vendor << 16); /* FIXME: hack */
- attr->type = type;
- attr->flags = flags;
- attr->vendor = vendor;
-
+ memcpy(da->name, name, namelen);
+ da->name[namelen] = '\0';
+ da->attr = attr;
+ da->vendor = vendor;
+ da->type = type;
+ da->flags = flags;
/*
* Insert the attribute, only if it's not a duplicate.
*/
- if (!lrad_hash_table_insert(attributes_byname, hash, attr)) {
+ if (!fr_hash_table_insert(attributes_byname, da)) {
DICT_ATTR *a;
/*
* If the attribute has identical number, then
* ignore the duplicate.
*/
- a = lrad_hash_table_finddata(attributes_byname, hash);
- if (a && (strcasecmp(a->name, attr->name) == 0)) {
- if (a->attr != attr->attr) {
- librad_log("dict_addattr: Duplicate attribute name %s", name);
+ a = fr_hash_table_finddata(attributes_byname, da);
+ if (a && (strcasecmp(a->name, da->name) == 0)) {
+ if (a->attr != da->attr) {
+ fr_strerror_printf("dict_addattr: Duplicate attribute name %s", name);
+ fr_pool_free(da);
return -1;
}
* over-ride the old one.
*/
}
+
+
+ fr_hash_table_delete(attributes_byvalue, a);
+
+ if (!fr_hash_table_replace(attributes_byname, da)) {
+ fr_strerror_printf("dict_addattr: Internal error storing attribute %s", name);
+ fr_pool_free(da);
+ return -1;
+ }
}
/*
- * Insert the SAME pointer (not free'd when this tree is
- * deleted), into another tree.
- *
- * If the newly inserted entry is a duplicate of an existing
- * entry, then the old entry is tossed, and the new one
- * replaces it. This behaviour is configured in the
- * lrad_hash_table_create() function.
+ * Insert the SAME pointer (not free'd when this entry is
+ * deleted), into another table.
*
* We want this behaviour because we want OLD names for
* the attributes to be read from the configuration
* files, but when we're printing them, (and looking up
* by value) we want to use the NEW name.
*/
- if (!lrad_hash_table_insert(attributes_byvalue,
- lrad_hash(&attr->attr, sizeof(attr->attr)),
- attr)) {
- librad_log("dict_addattr: Failed inserting attribute attribute name %s", name);
+ if (!fr_hash_table_replace(attributes_byvalue, da)) {
+ fr_strerror_printf("dict_addattr: Failed inserting attribute name %s", name);
return -1;
}
+ if (!vendor && (attr > 0) && (attr < 256)) {
+ dict_base_attrs[attr] = da;
+ }
+
return 0;
}
{
size_t length;
DICT_ATTR *dattr;
- uint32_t hash;
DICT_VALUE *dval;
+ static DICT_ATTR *last_attr = NULL;
+
+ if (!*namestr) {
+ fr_strerror_printf("dict_addvalue: empty names are not permitted");
+ return -1;
+ }
+
if ((length = strlen(namestr)) >= DICT_VALUE_MAX_NAME_LEN) {
- librad_log("dict_addvalue: value name too long");
+ fr_strerror_printf("dict_addvalue: value name too long");
return -1;
}
- if ((dval = malloc(sizeof(*dval) + length)) == NULL) {
- librad_log("dict_addvalue: out of memory");
+ if ((dval = fr_pool_alloc(sizeof(*dval) + length)) == NULL) {
+ fr_strerror_printf("dict_addvalue: out of memory");
return -1;
}
memset(dval, 0, sizeof(*dval));
- hash = dict_hashname(namestr);
strcpy(dval->name, namestr);
dval->value = value;
/*
+ * Most VALUEs are bunched together by ATTRIBUTE. We can
+ * save a lot of lookups on dictionary initialization by
+ * caching the last attribute.
+ */
+ if (last_attr && (strcasecmp(attrstr, last_attr->name) == 0)) {
+ dattr = last_attr;
+ } else {
+ dattr = dict_attrbyname(attrstr);
+ last_attr = dattr;
+ }
+
+ /*
* Remember which attribute is associated with this
* value, if possible.
*/
- dattr = dict_attrbyname(attrstr);
if (dattr) {
+ if (dattr->flags.has_value_alias) {
+ fr_strerror_printf("dict_addvalue: Cannot add VALUE for ATTRIBUTE \"%s\": It already has a VALUE-ALIAS", attrstr);
+ return -1;
+ }
+
dval->attr = dattr->attr;
- hash = lrad_hash_update(&dval->attr, sizeof(dval->attr), hash);
+ dval->vendor = dattr->vendor;
+
+ /*
+ * Enforce valid values
+ *
+ * Don't worry about fixups...
+ */
+ switch (dattr->type) {
+ case PW_TYPE_BYTE:
+ if (value > 255) {
+ fr_pool_free(dval);
+ fr_strerror_printf("dict_addvalue: ATTRIBUTEs of type 'byte' cannot have VALUEs larger than 255");
+ return -1;
+ }
+ break;
+ case PW_TYPE_SHORT:
+ if (value > 65535) {
+ fr_pool_free(dval);
+ fr_strerror_printf("dict_addvalue: ATTRIBUTEs of type 'short' cannot have VALUEs larger than 65535");
+ return -1;
+ }
+ break;
+
+ /*
+ * Allow octets for now, because
+ * of dictionary.cablelabs
+ */
+ case PW_TYPE_OCTETS:
+
+ case PW_TYPE_INTEGER:
+ break;
+
+ default:
+ fr_pool_free(dval);
+ fr_strerror_printf("dict_addvalue: VALUEs cannot be defined for attributes of type '%s'",
+ fr_int2str(type_table, dattr->type, "?Unknown?"));
+ return -1;
+ }
+
+ dattr->flags.has_value = 1;
} else {
value_fixup_t *fixup;
-
+
fixup = (value_fixup_t *) malloc(sizeof(*fixup));
if (!fixup) {
- librad_log("dict_addvalue: out of memory");
+ fr_pool_free(dval);
+ fr_strerror_printf("dict_addvalue: out of memory");
return -1;
}
memset(fixup, 0, sizeof(*fixup));
- strNcpy(fixup->attrstr, attrstr, sizeof(fixup->attrstr));
- fixup->hash = hash;
+ strlcpy(fixup->attrstr, attrstr, sizeof(fixup->attrstr));
fixup->dval = dval;
-
+
/*
* Insert to the head of the list.
*/
/*
* Add the value into the dictionary.
*/
- if (!lrad_hash_table_insert(values_byname, hash, dval)) {
+ if (!fr_hash_table_insert(values_byname, dval)) {
if (dattr) {
DICT_VALUE *old;
-
+
/*
* Suppress duplicates with the same
* name and value. There are lots in
* dictionary.ascend.
*/
- old = dict_valbyname(dattr->attr, namestr);
+ old = dict_valbyname(dattr->attr, dattr->vendor, namestr);
if (old && (old->value == dval->value)) {
- free(dval);
+ fr_pool_free(dval);
return 0;
}
}
- librad_log("dict_addvalue: Duplicate value name %s for attribute %s", namestr, attrstr);
+ fr_pool_free(dval);
+ fr_strerror_printf("dict_addvalue: Duplicate value name %s for attribute %s", namestr, attrstr);
return -1;
}
* There are multiple VALUE's, keyed by attribute, so we
* take care of that here.
*/
- hash = dval->attr;
- hash = lrad_hash_update(&dval->value, sizeof(dval->value), hash);
- if (!lrad_hash_table_insert(values_byvalue, hash, dval)) {
- librad_log("dict_addvalue: Failed inserting value %s",
+ if (!fr_hash_table_replace(values_byvalue, dval)) {
+ fr_strerror_printf("dict_addvalue: Failed inserting value %s",
namestr);
return -1;
}
return 0;
}
+static int sscanf_i(const char *str, int *pvalue)
+{
+ int rcode = 0;
+ int base = 10;
+ static const char *tab = "0123456789";
+
+ if ((str[0] == '0') &&
+ ((str[1] == 'x') || (str[1] == 'X'))) {
+ tab = "0123456789abcdef";
+ base = 16;
+
+ str += 2;
+ }
+
+ while (*str) {
+ const char *c;
+
+ c = memchr(tab, tolower((int) *str), base);
+ if (!c) return 0;
+
+ rcode *= base;
+ rcode += (c - tab);
+ str++;
+ }
+
+ *pvalue = rcode;
+ return 1;
+}
+
+
/*
* Process the ATTRIBUTE command
*/
static int process_attribute(const char* fn, const int line,
- const int block_vendor, char **argv,
- int argc)
+ const int block_vendor, DICT_ATTR *block_tlv,
+ int tlv_depth, char **argv, int argc)
{
int vendor = 0;
int value;
int type;
- char *s, *c;
+ int length = 0;
ATTR_FLAGS flags;
+ char *p;
if ((argc < 3) || (argc > 4)) {
- librad_log("dict_init: %s[%d]: invalid ATTRIBUTE line",
+ fr_strerror_printf("dict_init: %s[%d]: invalid ATTRIBUTE line",
fn, line);
return -1;
}
+ memset(&flags, 0, sizeof(flags));
+
+ /*
+ * Look for extended attributes before doing anything else.
+ */
+ p = strchr(argv[1], '.');
+ if (p) *p = '\0';
+
/*
* Validate all entries
*/
- if (!isdigit((int) argv[1][0])) {
- librad_log("dict_init: %s[%d]: invalid value", fn, line);
+ if (!sscanf_i(argv[1], &value)) {
+ fr_strerror_printf("dict_init: %s[%d]: invalid value", fn, line);
return -1;
}
- sscanf(argv[1], "%i", &value);
/*
- * find the type of the attribute.
+ * Parse extended attributes.
*/
- type = lrad_str2int(type_table, argv[2], -1);
- if (type < 0) {
- librad_log("dict_init: %s[%d]: invalid type \"%s\"",
- fn, line, argv[2]);
- return -1;
+ if (p) {
+ int sub;
+ char *q;
+ DICT_ATTR *da;
+
+ *p = '.'; /* reset forlater printing */
+
+ /*
+ * Does the parent attribute exist?
+ */
+ da = dict_attrbyvalue(value, VENDORPEC_EXTENDED);
+ if (!da) {
+ fr_strerror_printf("dict_init: %s[%d]: Entry refers to unknown attribute %d", fn, line, value);
+ return -1;
+ }
+
+ /*
+ * 241.1 means 241 is of type "extended".
+ * Otherwise, die.
+ */
+ if (!da->flags.extended && !da->flags.extended_flags) {
+ fr_strerror_printf("dict_init: %s[%d]: Entry refers to a non-extended attribute %d", fn, line, value);
+ return -1;
+ }
+
+ /*
+ * Look for sub-TLVs
+ */
+ q = strchr(p + 1, '.');
+ if (q) *q = '\0';
+
+ /*
+ * Parse error.
+ */
+ if (!sscanf_i(p + 1, &sub)) {
+ fr_strerror_printf("dict_init: %s[%d]: Parse error in value \"%s\"", fn, line, argv[1]);
+ return -1;
+ }
+
+ /*
+ * Value is out of bounds.
+ */
+ if ((sub == 0) || (sub > 255)) {
+ fr_strerror_printf("dict_init: %s[%d]: Entry has value out of range 0..255: %d", fn, line, sub);
+ return -1;
+ }
+
+ value |= (sub << fr_wimax_shift[1]);
+
+ /*
+ * If this is defining the contents of a TLV,
+ * look for the parent, and check it.
+ */
+ if (q) {
+ DICT_ATTR *tlv;
+
+ tlv = dict_attrbyvalue(value, VENDORPEC_EXTENDED);
+ if (!tlv || !tlv->flags.has_tlv ||
+ (!tlv->flags.extended && !tlv->flags.extended_flags)) {
+ fr_strerror_printf("dict_init: %s[%d]: Entry refers to Attribute \"%s\", which is not an extended attribute TLV", fn, line, argv[1]);
+ return -1;
+
+ }
+
+ flags.is_tlv = 1;
+
+ /*
+ * Parse error.
+ */
+ if (!sscanf_i(q + 1, &sub)) {
+ fr_strerror_printf("dict_init: %s[%d]: Parse error in value \"%s\"", fn, line, argv[1]);
+ return -1;
+ }
+
+ /*
+ * Value is out of bounds.
+ */
+ if ((sub == 0) || (sub > 255)) {
+ fr_strerror_printf("dict_init: %s[%d]: Entry has value out of range 0..255: %d", fn, line, sub);
+ return -1;
+ }
+
+ value |= (sub << fr_wimax_shift[2]);
+ }
+
+ /*
+ * Set which type of attribute this is.
+ */
+ flags.extended = da->flags.extended;
+ flags.extended_flags = da->flags.extended_flags;
+ }
+
+ if (strncmp(argv[2], "octets[", 7) != 0) {
+ /*
+ * find the type of the attribute.
+ */
+ type = fr_str2int(type_table, argv[2], -1);
+ if (type < 0) {
+ fr_strerror_printf("dict_init: %s[%d]: invalid type \"%s\"",
+ fn, line, argv[2]);
+ return -1;
+ }
+ } else {
+ type = PW_TYPE_OCTETS;
+
+ p = strchr(argv[2] + 7, ']');
+ if (!p) {
+ fr_strerror_printf("dict_init: %s[%d]: Invalid format for octets", fn, line);
+ return -1;
+ }
+
+ *p = 0;
+
+ if (!sscanf_i(argv[1], &length)) {
+ fr_strerror_printf("dict_init: %s[%d]: invalid length", fn, line);
+ return -1;
+ }
+
+ if ((length == 0) || (length > 253)) {
+ fr_strerror_printf("dict_init: %s[%d]: invalid length", fn, line);
+ return -1;
+ }
}
/*
* Only look up the vendor if the string
* is non-empty.
*/
- memset(&flags, 0, sizeof(flags));
- if (argc == 4) {
- s = strtok(argv[3], ",");
- while (s) {
- if (strcmp(s, "has_tag") == 0 ||
- strcmp(s, "has_tag=1") == 0) {
+ if (argc < 4) {
+ /*
+ * Force "length" for data types of fixed length;
+ */
+ switch (type) {
+ case PW_TYPE_BYTE:
+ length = 1;
+ break;
+
+ case PW_TYPE_SHORT:
+ length = 2;
+ break;
+
+ case PW_TYPE_DATE:
+ case PW_TYPE_IPADDR:
+ case PW_TYPE_INTEGER:
+ case PW_TYPE_SIGNED:
+ length = 4;
+ break;
+
+ case PW_TYPE_ETHERNET:
+ length = 6;
+ break;
+
+ case PW_TYPE_IFID:
+ length = 8;
+ break;
+
+ case PW_TYPE_IPV6ADDR:
+ length = 16;
+ break;
+
+ default:
+ break;
+ }
+
+ flags.length = length;
+
+ } else { /* argc == 4: we have options */
+ char *key, *next, *last;
+
+ if (length != 0) {
+ fr_strerror_printf("dict_init: %s[%d]: length cannot be used with options", fn, line);
+ return -1;
+ }
+
+ key = argv[3];
+ do {
+ next = strchr(key, ',');
+ if (next) *(next++) = '\0';
+
+ if (strcmp(key, "has_tag") == 0 ||
+ strcmp(key, "has_tag=1") == 0) {
/* Boolean flag, means this is a
tagged attribute */
flags.has_tag = 1;
- } else if (strncmp(s, "encrypt=", 8) == 0) {
+ } else if (strncmp(key, "encrypt=", 8) == 0) {
/* Encryption method, defaults to 0 (none).
Currently valid is just type 2,
Tunnel-Password style, which can only
be applied to strings. */
- flags.encrypt = strtol(s + 8, &c, 0);
- if (*c) {
- librad_log( "dict_init: %s[%d] invalid option %s",
- fn, line, s);
+ flags.encrypt = strtol(key + 8, &last, 0);
+ if (*last) {
+ fr_strerror_printf( "dict_init: %s[%d] invalid option %s",
+ fn, line, key);
return -1;
}
- } else {
- /* Must be a vendor 'flag'... */
- if (strncmp(s, "vendor=", 7) == 0) {
- /* New format */
- s += 7;
- }
- vendor = dict_vendorbyname(s);
- if (!vendor) {
- librad_log( "dict_init: %s[%d]: unknown vendor %s",
- fn, line, s);
+ } else if (strncmp(key, "array", 6) == 0) {
+ flags.array = 1;
+
+ switch (type) {
+ case PW_TYPE_IPADDR:
+ case PW_TYPE_BYTE:
+ case PW_TYPE_SHORT:
+ case PW_TYPE_INTEGER:
+ case PW_TYPE_DATE:
+ break;
+
+ default:
+ fr_strerror_printf( "dict_init: %s[%d] Only IP addresses can have the \"array\" flag set.",
+ fn, line);
+ return -1;
+ }
+
+ /*
+ * The only thing is the vendor name,
+ * and it's a known name: allow it.
+ */
+ } else if ((key == argv[3]) && !next && !block_vendor &&
+ ((vendor = dict_vendorbyname(key)) !=0)) {
+ break;
+
+ } else if (strncmp(key, "extended-flags", 15) == 0) {
+ if (flags.extended) {
+ fr_strerror_printf( "dict_init: %s[%d] You cannot set two \"extended\" flags.",
+ fn, line);
return -1;
}
- if (block_vendor && argv[3][0] &&
- (block_vendor != vendor)) {
- librad_log("dict_init: %s[%d]: mismatched vendor %s within BEGIN-VENDOR/END-VENDOR block",
- fn, line, argv[3]);
+
+ flags.extended_flags = 1;
+
+ } else if (strncmp(key, "extended", 9) == 0) {
+ if (flags.extended_flags) {
+ fr_strerror_printf( "dict_init: %s[%d] You cannot set two \"extended\" flags.",
+ fn, line);
return -1;
}
+ flags.extended = 1;
+
+ } else {
+ fr_strerror_printf( "dict_init: %s[%d]: unknown option \"%s\"",
+ fn, line, key);
+ return -1;
}
- s = strtok(NULL, ",");
- }
+
+ key = next;
+ if (key && !*key) break;
+ } while (key);
}
if (block_vendor) vendor = block_vendor;
*/
if (flags.has_tag) {
/*
- * VSA's can't be tagged.
- */
- if (vendor) {
- librad_log("dict_init: %s[%d]: Vendor attributes cannot be tagged.",
- fn, line);
- return -1;
- }
-
- /*
* Only string, octets, and integer can be tagged.
*/
switch (type) {
break;
default:
- librad_log("dict_init: %s[%d]: Attributes of type %s cannot be tagged.",
+ fr_strerror_printf("dict_init: %s[%d]: Attributes of type %s cannot be tagged.",
fn, line,
- lrad_int2str(type_table, type, "?Unknown?"));
+ fr_int2str(type_table, type, "?Unknown?"));
+ return -1;
+ }
+ }
+
+ if (type == PW_TYPE_TLV) {
+ flags.has_tlv = 1;
+ }
+
+ if (block_tlv) {
+ /*
+ * TLV's can be only one octet.
+ */
+ if ((value <= 0) || ((value & ~fr_wimax_mask[tlv_depth]) != 0)) {
+ fr_strerror_printf( "dict_init: %s[%d]: sub-tlv has invalid attribute number",
+ fn, line);
return -1;
-
}
+
+ /*
+ *
+ */
+ value <<= fr_wimax_shift[tlv_depth];
+ value |= block_tlv->attr;
+ flags.is_tlv = 1;
}
/*
* Add it in.
*/
- if (dict_addattr(argv[0], vendor, type, value, flags) < 0) {
- librad_log("dict_init: %s[%d]: %s",
- fn, line, librad_errstr);
+ if (dict_addattr(argv[0], value, vendor, type, flags) < 0) {
+ char buffer[256];
+
+ strlcpy(buffer, fr_strerror(), sizeof(buffer));
+
+ fr_strerror_printf("dict_init: %s[%d]: %s",
+ fn, line, buffer);
return -1;
}
int value;
if (argc != 3) {
- librad_log("dict_init: %s[%d]: invalid VALUE line",
+ fr_strerror_printf("dict_init: %s[%d]: invalid VALUE line",
fn, line);
return -1;
}
/*
* Validate all entries
*/
- if (!isdigit((int) argv[2][0])) {
- librad_log("dict_init: %s[%d]: invalid value",
+ if (!sscanf_i(argv[2], &value)) {
+ fr_strerror_printf("dict_init: %s[%d]: invalid value",
fn, line);
return -1;
}
- sscanf(argv[2], "%i", &value);
- /*
- * valuepair.c will get excited when creating attributes,
- * if it sees values which look like integers, so we can't
- * use them here.
- */
- if (isdigit(argv[1][0])) {
- librad_log("dict_init: %s[%d]: Names for VALUEs cannot start with a digit.",
+ if (dict_addvalue(argv[1], argv[0], value) < 0) {
+ char buffer[256];
+
+ strlcpy(buffer, fr_strerror(), sizeof(buffer));
+
+ fr_strerror_printf("dict_init: %s[%d]: %s",
+ fn, line, buffer);
+ return -1;
+ }
+
+ return 0;
+}
+
+
+/*
+ * Process the VALUE-ALIAS command
+ *
+ * This allows VALUE mappings to be shared among multiple
+ * attributes.
+ */
+static int process_value_alias(const char* fn, const int line, char **argv,
+ int argc)
+{
+ DICT_ATTR *my_da, *da;
+ DICT_VALUE *dval;
+
+ if (argc != 2) {
+ fr_strerror_printf("dict_init: %s[%d]: invalid VALUE-ALIAS line",
+ fn, line);
+ return -1;
+ }
+
+ my_da = dict_attrbyname(argv[0]);
+ if (!my_da) {
+ fr_strerror_printf("dict_init: %s[%d]: ATTRIBUTE \"%s\" does not exist",
+ fn, line, argv[1]);
+ return -1;
+ }
+
+ if (my_da->flags.has_value) {
+ fr_strerror_printf("dict_init: %s[%d]: Cannot add VALUE-ALIAS to ATTRIBUTE \"%s\" with pre-existing VALUE",
+ fn, line, argv[0]);
+ return -1;
+ }
+
+ if (my_da->flags.has_value_alias) {
+ fr_strerror_printf("dict_init: %s[%d]: Cannot add VALUE-ALIAS to ATTRIBUTE \"%s\" with pre-existing VALUE-ALIAS",
+ fn, line, argv[0]);
+ return -1;
+ }
+
+ da = dict_attrbyname(argv[1]);
+ if (!da) {
+ fr_strerror_printf("dict_init: %s[%d]: Cannot find ATTRIBUTE \"%s\" for alias",
+ fn, line, argv[1]);
+ return -1;
+ }
+
+ if (!da->flags.has_value) {
+ fr_strerror_printf("dict_init: %s[%d]: VALUE-ALIAS cannot refer to ATTRIBUTE %s: It has no values",
+ fn, line, argv[1]);
+ return -1;
+ }
+
+ if (da->flags.has_value_alias) {
+ fr_strerror_printf("dict_init: %s[%d]: Cannot add VALUE-ALIAS to ATTRIBUTE \"%s\" which itself has a VALUE-ALIAS",
+ fn, line, argv[1]);
+ return -1;
+ }
+
+ if (my_da->type != da->type) {
+ fr_strerror_printf("dict_init: %s[%d]: Cannot add VALUE-ALIAS between attributes of differing type",
fn, line);
+ return -1;
}
-
- if (dict_addvalue(argv[1], argv[0], value) < 0) {
- librad_log("dict_init: %s[%d]: %s",
- fn, line, librad_errstr);
+
+ if ((dval = fr_pool_alloc(sizeof(*dval))) == NULL) {
+ fr_strerror_printf("dict_addvalue: out of memory");
+ return -1;
+ }
+
+ dval->name[0] = '\0'; /* empty name */
+ dval->attr = my_da->attr;
+ dval->vendor = my_da->vendor;
+ dval->value = da->attr;
+
+ if (!fr_hash_table_insert(values_byname, dval)) {
+ fr_strerror_printf("dict_init: %s[%d]: Error create alias",
+ fn, line);
+ fr_pool_free(dval);
return -1;
}
int argc)
{
int value;
+ int continuation = 0;
const char *format = NULL;
if ((argc < 2) || (argc > 3)) {
- librad_log( "dict_init: %s[%d] invalid VENDOR entry",
+ fr_strerror_printf( "dict_init: %s[%d] invalid VENDOR entry",
fn, line);
return -1;
}
* Validate all entries
*/
if (!isdigit((int) argv[1][0])) {
- librad_log("dict_init: %s[%d]: invalid value",
+ fr_strerror_printf("dict_init: %s[%d]: invalid value",
fn, line);
return -1;
}
/* Create a new VENDOR entry for the list */
if (dict_addvendor(argv[0], value) < 0) {
- librad_log("dict_init: %s[%d]: %s",
- fn, line, librad_errstr);
+ char buffer[256];
+
+ strlcpy(buffer, fr_strerror(), sizeof(buffer));
+
+ fr_strerror_printf("dict_init: %s[%d]: %s",
+ fn, line, buffer);
return -1;
}
DICT_VENDOR *dv;
if (strncasecmp(format, "format=", 7) != 0) {
- librad_log("dict_init: %s[%d]: Invalid format for VENDOR. Expected \"format=\", got \"%s\"",
+ fr_strerror_printf("dict_init: %s[%d]: Invalid format for VENDOR. Expected \"format=\", got \"%s\"",
fn, line, format);
return -1;
}
p = format + 7;
- if ((strlen(p) != 3) ||
+ if ((strlen(p) < 3) ||
!isdigit((int) p[0]) ||
(p[1] != ',') ||
- !isdigit((int) p[2])) {
- librad_log("dict_init: %s[%d]: Invalid format for VENDOR. Expected text like \"1,1\", got \"%s\"",
+ !isdigit((int) p[2]) ||
+ (p[3] && (p[3] != ','))) {
+ fr_strerror_printf("dict_init: %s[%d]: Invalid format for VENDOR. Expected text like \"1,1\", got \"%s\"",
fn, line, p);
return -1;
}
type = (int) (p[0] - '0');
length = (int) (p[2] - '0');
+ if (p[3] == ',') {
+ if ((p[4] != 'c') ||
+ (p[5] != '\0')) {
+ fr_strerror_printf("dict_init: %s[%d]: Invalid format for VENDOR. Expected text like \"1,1\", got \"%s\"",
+ fn, line, p);
+ return -1;
+ }
+ continuation = 1;
+
+ if ((value != VENDORPEC_WIMAX) ||
+ (type != 1) || (length != 1)) {
+ fr_strerror_printf("dict_init: %s[%d]: Only WiMAX VSAs can have continuations",
+ fn, line);
+ return -1;
+ }
+ }
+
dv = dict_vendorbyvalue(value);
if (!dv) {
- librad_log("dict_init: %s[%d]: Failed adding format for VENDOR",
+ fr_strerror_printf("dict_init: %s[%d]: Failed adding format for VENDOR",
fn, line);
return -1;
}
if ((type != 1) && (type != 2) && (type != 4)) {
- librad_log("dict_init: %s[%d]: invalid type value %d for VENDOR",
+ fr_strerror_printf("dict_init: %s[%d]: invalid type value %d for VENDOR",
fn, line, type);
return -1;
}
if ((length != 0) && (length != 1) && (length != 2)) {
- librad_log("dict_init: %s[%d]: invalid length value %d for VENDOR",
+ fr_strerror_printf("dict_init: %s[%d]: invalid length value %d for VENDOR",
fn, line, length);
return -1;
}
dv->type = type;
dv->length = length;
+ dv->flags = continuation;
}
return 0;
int argc = 0;
while (*str) {
- if (argc >= max_argc) return argc;
+ if (argc >= max_argc) break;
/*
* Chop out comments early.
(*str == '\r') ||
(*str == '\n')) *(str++) = '\0';
- if (!*str) return argc;
+ if (!*str) break;
argv[argc] = str;
argc++;
struct stat statbuf;
char *argv[MAX_ARGV];
int argc;
+ DICT_ATTR *da, *block_tlv[MAX_TLV_NEST + 1];
+ int which_block_tlv = 0;
+
+ block_tlv[0] = NULL;
+ block_tlv[1] = NULL;
+ block_tlv[2] = NULL;
if (strlen(fn) >= sizeof(dirtmp) / 2 ||
strlen(dir) >= sizeof(dirtmp) / 2) {
- librad_log("dict_init: filename name too long");
+ fr_strerror_printf("dict_init: filename name too long");
return -1;
}
* First see if fn is relative to dir. If so, create
* new filename. If not, remember the absolute dir.
*/
- if ((p = strrchr(fn, '/')) != NULL) {
+ if ((p = strrchr(fn, FR_DIR_SEP)) != NULL) {
strcpy(dirtmp, fn);
dirtmp[p - fn] = 0;
dir = dirtmp;
if ((fp = fopen(fn, "r")) == NULL) {
if (!src_file) {
- librad_log("dict_init: Couldn't open dictionary \"%s\": %s",
+ fr_strerror_printf("dict_init: Couldn't open dictionary \"%s\": %s",
fn, strerror(errno));
} else {
- librad_log("dict_init: %s[%d]: Couldn't open dictionary \"%s\": %s",
+ fr_strerror_printf("dict_init: %s[%d]: Couldn't open dictionary \"%s\": %s",
src_file, src_line, fn, strerror(errno));
}
return -1;
stat(fn, &statbuf); /* fopen() guarantees this will succeed */
if (!S_ISREG(statbuf.st_mode)) {
fclose(fp);
- librad_log("dict_init: Dictionary \"%s\" is not a regular file",
+ fr_strerror_printf("dict_init: Dictionary \"%s\" is not a regular file",
+ fn);
+ return -1;
+ }
+
+ /*
+ * Globally writable dictionaries means that users can control
+ * the server configuration with little difficulty.
+ */
+#ifdef S_IWOTH
+ if ((statbuf.st_mode & S_IWOTH) != 0) {
+ fclose(fp);
+ fr_strerror_printf("dict_init: Dictionary \"%s\" is globally writable. Refusing to start due to insecure configuration.",
fn);
- return -1;
+ return -1;
}
+#endif
+
dict_stat_add(fn, &statbuf);
/*
* Seed the random pool with data.
*/
- lrad_rand_seed(&statbuf, sizeof(statbuf));
+ fr_rand_seed(&statbuf, sizeof(statbuf));
block_vendor = 0;
if (argc == 0) continue;
if (argc == 1) {
- librad_log( "dict_init: %s[%d] invalid entry",
+ fr_strerror_printf( "dict_init: %s[%d] invalid entry",
fn, line);
fclose(fp);
return -1;
}
- if (0) {
- int i;
-
- fprintf(stderr, "ARGC = %d\n",argc);
- for (i = 0; i < argc; i++) {
- fprintf(stderr, "\t%s\n", argv[i]);
- }
- }
-
/*
- * See if we need to import another dictionary.
+ * Process VALUE lines.
*/
- if (strcasecmp(argv[0], "$INCLUDE") == 0) {
- if (my_dict_init(dir, argv[1], fn, line) < 0) {
+ if (strcasecmp(argv[0], "VALUE") == 0) {
+ if (process_value(fn, line,
+ argv + 1, argc - 1) == -1) {
fclose(fp);
return -1;
}
continue;
- } /* $INCLUDE */
+ }
/*
* Perhaps this is an attribute.
*/
if (strcasecmp(argv[0], "ATTRIBUTE") == 0) {
if (process_attribute(fn, line, block_vendor,
+ block_tlv[which_block_tlv],
+ which_block_tlv,
argv + 1, argc - 1) == -1) {
fclose(fp);
return -1;
}
/*
- * Process VALUE lines.
+ * See if we need to import another dictionary.
*/
- if (strcasecmp(argv[0], "VALUE") == 0) {
- if (process_value(fn, line,
- argv + 1, argc - 1) == -1) {
+ if (strcasecmp(argv[0], "$INCLUDE") == 0) {
+ if (my_dict_init(dir, argv[1], fn, line) < 0) {
+ fclose(fp);
+ return -1;
+ }
+ continue;
+ } /* $INCLUDE */
+
+ if (strcasecmp(argv[0], "VALUE-ALIAS") == 0) {
+ if (process_value_alias(fn, line,
+ argv + 1, argc - 1) == -1) {
fclose(fp);
return -1;
}
continue;
}
+ if (strcasecmp(argv[0], "BEGIN-TLV") == 0) {
+ if (argc != 2) {
+ fr_strerror_printf(
+ "dict_init: %s[%d] invalid BEGIN-TLV entry",
+ fn, line);
+ fclose(fp);
+ return -1;
+ }
+
+ da = dict_attrbyname(argv[1]);
+ if (!da) {
+ fr_strerror_printf(
+ "dict_init: %s[%d]: unknown attribute %s",
+ fn, line, argv[1]);
+ fclose(fp);
+ return -1;
+ }
+
+ if (da->type != PW_TYPE_TLV) {
+ fr_strerror_printf(
+ "dict_init: %s[%d]: attribute %s is not of type tlv",
+ fn, line, argv[1]);
+ fclose(fp);
+ return -1;
+ }
+
+ if (which_block_tlv >= MAX_TLV_NEST) {
+ fr_strerror_printf(
+ "dict_init: %s[%d]: TLVs are nested too deep",
+ fn, line);
+ fclose(fp);
+ return -1;
+ }
+
+
+ block_tlv[++which_block_tlv] = da;
+ continue;
+ } /* BEGIN-TLV */
+
+ if (strcasecmp(argv[0], "END-TLV") == 0) {
+ if (argc != 2) {
+ fr_strerror_printf(
+ "dict_init: %s[%d] invalid END-TLV entry",
+ fn, line);
+ fclose(fp);
+ return -1;
+ }
+
+ da = dict_attrbyname(argv[1]);
+ if (!da) {
+ fr_strerror_printf(
+ "dict_init: %s[%d]: unknown attribute %s",
+ fn, line, argv[1]);
+ fclose(fp);
+ return -1;
+ }
+
+ if (da != block_tlv[which_block_tlv]) {
+ fr_strerror_printf(
+ "dict_init: %s[%d]: END-TLV %s does not match any previous BEGIN-TLV",
+ fn, line, argv[1]);
+ fclose(fp);
+ return -1;
+ }
+ block_tlv[which_block_tlv--] = NULL;
+ continue;
+ } /* END-VENDOR */
+
if (strcasecmp(argv[0], "BEGIN-VENDOR") == 0) {
if (argc != 2) {
- librad_log(
+ fr_strerror_printf(
"dict_init: %s[%d] invalid BEGIN-VENDOR entry",
fn, line);
fclose(fp);
vendor = dict_vendorbyname(argv[1]);
if (!vendor) {
- librad_log(
+ fr_strerror_printf(
"dict_init: %s[%d]: unknown vendor %s",
fn, line, argv[1]);
fclose(fp);
if (strcasecmp(argv[0], "END-VENDOR") == 0) {
if (argc != 2) {
- librad_log(
+ fr_strerror_printf(
"dict_init: %s[%d] invalid END-VENDOR entry",
fn, line);
fclose(fp);
vendor = dict_vendorbyname(argv[1]);
if (!vendor) {
- librad_log(
+ fr_strerror_printf(
"dict_init: %s[%d]: unknown vendor %s",
fn, line, argv[1]);
fclose(fp);
}
if (vendor != block_vendor) {
- librad_log(
+ fr_strerror_printf(
"dict_init: %s[%d]: END-VENDOR %s does not match any previous BEGIN-VENDOR",
fn, line, argv[1]);
fclose(fp);
/*
* Any other string: We don't recognize it.
*/
- librad_log(
- "dict_init: %s[%d] invalid keyword \"%s\"",
- fn, line, argv[0]);
+ fr_strerror_printf("dict_init: %s[%d] invalid keyword \"%s\"",
+ fn, line, argv[0]);
fclose(fp);
return -1;
}
return 0;
}
+
+/*
+ * Empty callback for hash table initialization.
+ */
+static int null_callback(void *ctx, void *data)
+{
+ ctx = ctx; /* -Wunused */
+ data = data; /* -Wunused */
+
+ return 0;
+}
+
+
/*
* Initialize the directory, then fix the attr member of
* all attributes.
stat_root_file = strdup(fn);
/*
- * Create the tree of vendor by name. There MAY NOT
+ * Create the table of vendor by name. There MAY NOT
* be multiple vendors of the same name.
*
* Each vendor is malloc'd, so the free function is free.
*/
- vendors_byname = lrad_hash_table_create(free);
+ vendors_byname = fr_hash_table_create(dict_vendor_name_hash,
+ dict_vendor_name_cmp,
+ fr_pool_free);
if (!vendors_byname) {
return -1;
}
/*
- * Create the tree of vendors by value. There MAY
+ * Create the table of vendors by value. There MAY
* be vendors of the same value. If there are, we
* pick the latest one.
*/
- vendors_byvalue = lrad_hash_table_create(NULL);
+ vendors_byvalue = fr_hash_table_create(dict_vendor_value_hash,
+ dict_vendor_value_cmp,
+ fr_pool_free);
if (!vendors_byvalue) {
return -1;
}
/*
- * Create the tree of attributes by name. There MAY NOT
+ * Create the table of attributes by name. There MAY NOT
* be multiple attributes of the same name.
*
* Each attribute is malloc'd, so the free function is free.
*/
- attributes_byname = lrad_hash_table_create(free);
+ attributes_byname = fr_hash_table_create(dict_attr_name_hash,
+ dict_attr_name_cmp,
+ fr_pool_free);
if (!attributes_byname) {
return -1;
}
/*
- * Create the tree of attributes by value. There MAY
+ * Create the table of attributes by value. There MAY
* be attributes of the same value. If there are, we
* pick the latest one.
*/
- attributes_byvalue = lrad_hash_table_create(NULL);
+ attributes_byvalue = fr_hash_table_create(dict_attr_value_hash,
+ dict_attr_value_cmp,
+ fr_pool_free);
if (!attributes_byvalue) {
return -1;
}
- values_byname = lrad_hash_table_create(free);
+ values_byname = fr_hash_table_create(dict_value_name_hash,
+ dict_value_name_cmp,
+ fr_pool_free);
if (!values_byname) {
return -1;
}
- values_byvalue = lrad_hash_table_create(NULL);
+ values_byvalue = fr_hash_table_create(dict_value_value_hash,
+ dict_value_value_cmp,
+ fr_pool_free);
if (!values_byvalue) {
return -1;
}
return -1;
if (value_fixup) {
- uint32_t hash;
DICT_ATTR *a;
value_fixup_t *this, *next;
a = dict_attrbyname(this->attrstr);
if (!a) {
- librad_log(
+ fr_strerror_printf(
"dict_init: No ATTRIBUTE \"%s\" defined for VALUE \"%s\"",
this->attrstr, this->dval->name);
return -1; /* leak, but they should die... */
/*
* Add the value into the dictionary.
*/
- hash = lrad_hash_update(&this->dval->attr,
- sizeof(this->dval->attr),
- this->hash);
- if (!lrad_hash_table_insert(values_byname,
- hash, this->dval)) {
- librad_log("dict_addvalue: Duplicate value name %s for attribute %s", this->dval->name, a->name);
+ if (!fr_hash_table_replace(values_byname,
+ this->dval)) {
+ fr_strerror_printf("dict_addvalue: Duplicate value name %s for attribute %s", this->dval->name, a->name);
return -1;
}
-
+
/*
* Allow them to use the old name, but
* prefer the new name when printing
* values.
*/
- hash = lrad_hash(&this->dval->attr,
- sizeof(this->dval->attr));
- hash = lrad_hash_update(&this->dval->value,
- sizeof(this->dval->value),
- hash);
- if (!lrad_hash_table_finddata(values_byvalue, hash)) {
- lrad_hash_table_insert(values_byvalue,
- hash, this->dval);
+ if (!fr_hash_table_finddata(values_byvalue, this->dval)) {
+ fr_hash_table_replace(values_byvalue,
+ this->dval);
}
free(this);
}
}
+ /*
+ * Walk over all of the hash tables to ensure they're
+ * initialized. We do this because the threads may perform
+ * lookups, and we don't want multi-threaded re-ordering
+ * of the table entries. That would be bad.
+ */
+ fr_hash_table_walk(vendors_byname, null_callback, NULL);
+ fr_hash_table_walk(vendors_byvalue, null_callback, NULL);
+
+ fr_hash_table_walk(attributes_byname, null_callback, NULL);
+ fr_hash_table_walk(attributes_byvalue, null_callback, NULL);
+
+ fr_hash_table_walk(values_byvalue, null_callback, NULL);
+ fr_hash_table_walk(values_byname, null_callback, NULL);
+
return 0;
}
/*
* Get an attribute by its numerical value.
*/
-DICT_ATTR *dict_attrbyvalue(int val)
+DICT_ATTR *dict_attrbyvalue(unsigned int attr, unsigned int vendor)
{
- return lrad_hash_table_finddata(attributes_byvalue,
- lrad_hash(&val, sizeof(val)));
+ DICT_ATTR dattr;
+
+ if ((attr > 0) && (attr < 256) && !vendor) return dict_base_attrs[attr];
+
+ dattr.attr = attr;
+ dattr.vendor = vendor;
+
+ return fr_hash_table_finddata(attributes_byvalue, &dattr);
}
/*
*/
DICT_ATTR *dict_attrbyname(const char *name)
{
+ DICT_ATTR *da;
+ uint32_t buffer[(sizeof(*da) + DICT_ATTR_MAX_NAME_LEN + 3)/4];
+
if (!name) return NULL;
- return lrad_hash_table_finddata(attributes_byname,
- dict_hashname(name));
+ da = (DICT_ATTR *) buffer;
+ strlcpy(da->name, name, DICT_ATTR_MAX_NAME_LEN + 1);
+
+ return fr_hash_table_finddata(attributes_byname, da);
}
/*
* Associate a value with an attribute and return it.
*/
-DICT_VALUE *dict_valbyattr(int attr, int val)
+DICT_VALUE *dict_valbyattr(unsigned int attr, unsigned int vendor, int value)
{
- uint32_t hash = attr;
+ DICT_VALUE dval, *dv;
- hash = lrad_hash_update(&val, sizeof(val), hash);
+ /*
+ * First, look up aliases.
+ */
+ dval.attr = attr;
+ dval.vendor = vendor;
+ dval.name[0] = '\0';
+
+ /*
+ * Look up the attribute alias target, and use
+ * the correct attribute number if found.
+ */
+ dv = fr_hash_table_finddata(values_byname, &dval);
+ if (dv) dval.attr = dv->value;
- return lrad_hash_table_finddata(values_byvalue, hash);
+ dval.value = value;
+
+ return fr_hash_table_finddata(values_byvalue, &dval);
}
/*
* Get a value by its name, keyed off of an attribute.
*/
-DICT_VALUE *dict_valbyname(int attr, const char *name)
+DICT_VALUE *dict_valbyname(unsigned int attr, unsigned int vendor, const char *name)
{
- uint32_t hash;
+ DICT_VALUE *my_dv, *dv;
+ uint32_t buffer[(sizeof(*my_dv) + DICT_VALUE_MAX_NAME_LEN + 3)/4];
if (!name) return NULL;
- hash = dict_hashname(name);
- hash = lrad_hash_update(&attr, sizeof(attr), hash);
+ my_dv = (DICT_VALUE *) buffer;
+ my_dv->attr = attr;
+ my_dv->vendor = vendor;
+ my_dv->name[0] = '\0';
- return lrad_hash_table_finddata(values_byname, hash);
+ /*
+ * Look up the attribute alias target, and use
+ * the correct attribute number if found.
+ */
+ dv = fr_hash_table_finddata(values_byname, my_dv);
+ if (dv) my_dv->attr = dv->value;
+
+ strlcpy(my_dv->name, name, DICT_VALUE_MAX_NAME_LEN + 1);
+
+ return fr_hash_table_finddata(values_byname, my_dv);
}
/*
*/
int dict_vendorbyname(const char *name)
{
- uint32_t hash;
- DICT_VENDOR *dv;
+ DICT_VENDOR *dv;
+ uint32_t buffer[(sizeof(*dv) + DICT_VENDOR_MAX_NAME_LEN + 3)/4];
if (!name) return 0;
- hash = dict_hashname(name);
-
- dv = lrad_hash_table_finddata(vendors_byname, hash);
+ dv = (DICT_VENDOR *) buffer;
+ strlcpy(dv->name, name, DICT_VENDOR_MAX_NAME_LEN + 1);
+
+ dv = fr_hash_table_finddata(vendors_byname, dv);
if (!dv) return 0;
return dv->vendorpec;
/*
* Return the vendor struct based on the PEC.
*/
-DICT_VENDOR *dict_vendorbyvalue(int vendor)
+DICT_VENDOR *dict_vendorbyvalue(int vendorpec)
{
- return lrad_hash_table_finddata(vendors_byvalue,
- lrad_hash(&vendor, sizeof(vendor)));
+ DICT_VENDOR dv;
+
+ dv.vendorpec = vendorpec;
+
+ return fr_hash_table_finddata(vendors_byvalue, &dv);
}
projects / freeradius.git / blobdiff