#include <freeradius-devel/ident.h>
RCSID("$Id$")
-#include <freeradius-devel/autoconf.h>
+#include <freeradius-devel/radiusd.h>
+#include <freeradius-devel/modules.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
#ifdef HAVE_REGEX_H
# include <regex.h>
#endif
-#include <freeradius-devel/radiusd.h>
-#include <freeradius-devel/modules.h>
-
#define RLM_REGEX_INPACKET 0
#define RLM_REGEX_INCONFIG 1
#define RLM_REGEX_INREPLY 2
typedef struct rlm_attr_rewrite_t {
char *attribute; /* The attribute to search for */
- int attr_num; /* The attribute number */
+ DICT_ATTR *da; /* The attribute definition */
char *search; /* The pattern to search for */
int search_len; /* The length of the search pattern */
- char *searchin_str; /* The VALUE_PAIR list to search in. Can be either packet,reply,proxy,proxy_reply or config */
+ char *searchin_str; /* The VALUE_PAIR list to search in. Can be either packet,reply,proxy,proxy_reply or control (plus it's alias 'config') */
char searchin; /* The same as above just coded as a number for speed */
char *replace; /* The replacement */
int replace_len; /* The length of the replacement string */
int nocase; /* Ignore case */
int new_attr; /* Boolean. Do we create a new attribute or not? */
int num_matches; /* Maximum number of matches */
- char *name; /* The module name */
+ const char *name; /* The module name */
} rlm_attr_rewrite_t;
static const CONF_PARSER module_config[] = {
{
rlm_attr_rewrite_t *data;
DICT_ATTR *dattr;
- const char *instance_name = NULL;
/*
* Set up a storage area for instance data
data->searchin = RLM_REGEX_INPACKET;
else if (strcmp(data->searchin_str, "config") == 0)
data->searchin = RLM_REGEX_INCONFIG;
+ else if (strcmp(data->searchin_str, "control") == 0)
+ data->searchin = RLM_REGEX_INCONFIG;
else if (strcmp(data->searchin_str, "reply") == 0)
data->searchin = RLM_REGEX_INREPLY;
+#ifdef WITH_PROXY
else if (strcmp(data->searchin_str, "proxy") == 0)
data->searchin = RLM_REGEX_INPROXY;
else if (strcmp(data->searchin_str, "proxy_reply") == 0)
data->searchin = RLM_REGEX_INPROXYREPLY;
+#endif
else {
radlog(L_ERR, "rlm_attr_rewrite: Illegal searchin directive given. Assuming packet.");
data->searchin = RLM_REGEX_INPACKET;
}
- free((char *)data->searchin_str);
}
dattr = dict_attrbyname(data->attribute);
if (dattr == NULL) {
data->attribute);
return -1;
}
- data->attr_num = dattr->attr;
+ data->da = dattr;
/* Add the module instance name */
- data->name = NULL;
- instance_name = cf_section_name2(conf);
- if (instance_name != NULL)
- data->name = strdup(instance_name);
-
+ data->name = cf_section_name2(conf); /* may be NULL */
*instance = data;
char *ptr, *ptr2;
char search_STR[MAX_STRING_LEN];
char replace_STR[MAX_STRING_LEN];
- int replace_len = 0;
- if ((attr_vp = pairfind(request->config_items, PW_REWRITE_RULE)) != NULL){
+ if ((attr_vp = pairfind(request->config_items, PW_REWRITE_RULE, 0)) != NULL){
if (data->name == NULL || strcmp(data->name,attr_vp->vp_strvalue))
return RLM_MODULE_NOOP;
}
if (data->new_attr){
/* new_attribute = yes */
if (!radius_xlat(replace_STR, sizeof(replace_STR), data->replace, request, NULL)) {
- DEBUG2("rlm_attr_rewrite: xlat on replace string failed.");
+ DEBUG2("%s: xlat on replace string failed.", data->name);
return ret;
}
- replace_len = strlen(replace_STR);
attr_vp = pairmake(data->attribute,replace_STR,0);
if (attr_vp == NULL){
- DEBUG2("rlm_attr_rewrite: Could not add new attribute %s with value '%s'",
+ DEBUG2("%s: Could not add new attribute %s with value '%s'", data->name,
data->attribute,replace_STR);
return ret;
}
case RLM_REGEX_INREPLY:
pairadd(&request->reply->vps,attr_vp);
break;
+#ifdef WITH_PROXY
case RLM_REGEX_INPROXY:
if (!request->proxy) {
pairbasicfree(attr_vp);
}
pairadd(&request->proxy_reply->vps, attr_vp);
break;
+#endif
default:
- radlog(L_ERR, "rlm_attr_rewrite: Illegal value for searchin. Changing to packet.");
+ radlog(L_ERR, "%s: Illegal value for searchin. Changing to packet.", data->name);
data->searchin = RLM_REGEX_INPACKET;
pairadd(&request->packet->vps,attr_vp);
break;
}
- DEBUG2("rlm_attr_rewrite: Added attribute %s with value '%s'",data->attribute,replace_STR);
+ DEBUG2("%s: Added attribute %s with value '%s'", data->name,data->attribute,replace_STR);
ret = RLM_MODULE_OK;
} else {
+ int replace_len = 0;
+
/* new_attribute = no */
switch (data->searchin) {
case RLM_REGEX_INPACKET:
- if (data->attr_num == PW_USER_NAME)
+ if (!data->da->vendor && (data->da->attr == PW_USER_NAME))
attr_vp = request->username;
- else if (data->attr_num == PW_USER_PASSWORD)
+ else if (!data->da->vendor && (data->da->attr == PW_USER_PASSWORD))
attr_vp = request->password;
else
tmp = request->packet->vps;
case RLM_REGEX_INREPLY:
tmp = request->reply->vps;
break;
+#ifdef WITH_PROXY
case RLM_REGEX_INPROXYREPLY:
if (!request->proxy_reply)
return RLM_MODULE_NOOP;
return RLM_MODULE_NOOP;
tmp = request->proxy->vps;
break;
+#endif
default:
- radlog(L_ERR, "rlm_attr_rewrite: Illegal value for searchin. Changing to packet.");
+ radlog(L_ERR, "%s: Illegal value for searchin. Changing to packet.", data->name);
data->searchin = RLM_REGEX_INPACKET;
- attr_vp = pairfind(request->packet->vps, data->attr_num);
+ attr_vp = pairfind(request->packet->vps, data->da->attr, data->da->vendor);
break;
}
do_again:
if (tmp != NULL)
- attr_vp = pairfind(tmp, data->attr_num);
+ attr_vp = pairfind(tmp, data->da->attr, data->da->vendor);
if (attr_vp == NULL) {
- DEBUG2("rlm_attr_rewrite: Could not find value pair for attribute %s",data->attribute);
+ DEBUG2("%s: Could not find value pair for attribute %s", data->name,data->attribute);
return ret;
}
if (attr_vp->vp_strvalue == NULL || attr_vp->length == 0){
- DEBUG2("rlm_attr_rewrite: Attribute %s string value NULL or of zero length",data->attribute);
+ DEBUG2("%s: Attribute %s string value NULL or of zero length", data->name,data->attribute);
return ret;
}
cflags |= REG_EXTENDED;
cflags |= REG_ICASE;
if (!radius_xlat(search_STR, sizeof(search_STR), data->search, request, NULL) && data->search_len != 0) {
- DEBUG2("rlm_attr_rewrite: xlat on search string failed.");
+ DEBUG2("%s: xlat on search string failed.", data->name);
return ret;
}
if ((err = regcomp(&preg,search_STR,cflags))) {
regerror(err, &preg, err_msg, MAX_STRING_LEN);
- DEBUG2("rlm_attr_rewrite: regcomp() returned error: %s",err_msg);
+ DEBUG2("%s: regcomp() returned error: %s", data->name,err_msg);
return ret;
}
-
+
if ((attr_vp->type == PW_TYPE_IPADDR) &&
(attr_vp->vp_strvalue[0] == '\0')) {
- inet_ntop(AF_INET, &(attr_vp->lvalue),
- attr_vp->vp_strvalue,
- sizeof(attr_vp->vp_strvalue));
+ inet_ntop(AF_INET, &(attr_vp->vp_ipaddr),
+ attr_vp->vp_strvalue,
+ sizeof(attr_vp->vp_strvalue));
}
ptr = new_str;
err = regexec(&preg, ptr2, REQUEST_MAX_REGEX, pmatch, 0);
if (err == REG_NOMATCH) {
if (i == 0) {
- DEBUG2("rlm_attr_rewrite: No match found for attribute %s with value '%s'",
+ DEBUG2("%s: Does not match: %s = %s", data->name,
data->attribute, attr_vp->vp_strvalue);
regfree(&preg);
goto to_do_again;
}
if (err != 0) {
regfree(&preg);
- radlog(L_ERR, "rlm_attr_rewrite: match failure for attribute %s with value '%s'",
+ radlog(L_ERR, "%s: match failure for attribute %s with value '%s'", data->name,
data->attribute, attr_vp->vp_strvalue);
return ret;
}
counter += len;
if (counter >= MAX_STRING_LEN) {
regfree(&preg);
- DEBUG2("rlm_attr_rewrite: Replacement out of limits for attribute %s with value '%s'",
+ DEBUG2("%s: Replacement out of limits for attribute %s with value '%s'", data->name,
data->attribute, attr_vp->vp_strvalue);
return ret;
}
- strlcpy(ptr, ptr2,len);
+ memcpy(ptr, ptr2,len);
ptr += len;
+ *ptr = '\0';
ptr2 += pmatch[0].rm_eo;
if (i == 0){
if (!done_xlat){
if (data->replace_len != 0 &&
radius_xlat(replace_STR, sizeof(replace_STR), data->replace, request, NULL) == 0) {
- DEBUG2("rlm_attr_rewrite: xlat on replace string failed.");
+ DEBUG2("%s: xlat on replace string failed.", data->name);
return ret;
}
replace_len = (data->replace_len != 0) ? strlen(replace_STR) : 0;
counter += replace_len;
if (counter >= MAX_STRING_LEN) {
regfree(&preg);
- DEBUG2("rlm_attr_rewrite: Replacement out of limits for attribute %s with value '%s'",
+ DEBUG2("%s: Replacement out of limits for attribute %s with value '%s'", data->name,
data->attribute, attr_vp->vp_strvalue);
return ret;
}
if (replace_len){
- strlcpy(ptr, replace_STR, replace_len);
+ memcpy(ptr, replace_STR, replace_len);
ptr += replace_len;
+ *ptr = '\0';
}
}
regfree(&preg);
len = strlen(ptr2) + 1; /* We add the ending NULL */
counter += len;
if (counter >= MAX_STRING_LEN){
- DEBUG2("rlm_attr_rewrite: Replacement out of limits for attribute %s with value '%s'",
+ DEBUG2("%s: Replacement out of limits for attribute %s with value '%s'", data->name,
data->attribute, attr_vp->vp_strvalue);
return ret;
}
- strlcpy(ptr, ptr2, len);
+ memcpy(ptr, ptr2, len);
+ ptr[len] = '\0';
- DEBUG2("rlm_attr_rewrite: Changed value for attribute %s from '%s' to '%s'",
+ DEBUG2("%s: Changed value for attribute %s from '%s' to '%s'", data->name,
data->attribute, attr_vp->vp_strvalue, new_str);
if (pairparsevalue(attr_vp, new_str) == NULL) {
- DEBUG2("rlm_attr_rewrite: Could not write value '%s' into attribute %s: %s", new_str, data->attribute, librad_errstr);
+ DEBUG2("%s: Could not write value '%s' into attribute %s: %s", data->name, new_str, data->attribute, fr_strerror());
return ret;
}
return do_attr_rewrite(instance, request);
}
+#ifdef WITH_PROXY
static int attr_rewrite_preproxy(void *instance, REQUEST *request)
{
return do_attr_rewrite(instance, request);
{
return do_attr_rewrite(instance, request);
}
+#endif
static int attr_rewrite_postauth(void *instance, REQUEST *request)
{
static int attr_rewrite_detach(void *instance)
{
- rlm_attr_rewrite_t *data = (rlm_attr_rewrite_t *) instance;
-
- if (data->name)
- free(data->name);
-
free(instance);
return 0;
}
attr_rewrite_preacct, /* preaccounting */
attr_rewrite_accounting, /* accounting */
attr_rewrite_checksimul, /* checksimul */
+#ifdef WITH_PROXY
attr_rewrite_preproxy, /* pre-proxy */
attr_rewrite_postproxy, /* post-proxy */
+#else
+ NULL, NULL,
+#endif
attr_rewrite_postauth /* post-auth */
},
};