/** Convert CONFIG_PAIR to VALUE_PAIR_MAP.
*
* Treats the left operand as a
* @verbatim<request>.<list>.<attribute>@endverbatim reference and the right
* operand as a module specific value.
*
* The left operand will be pre-parsed into request ref, dst list, and da,
* the right operand will be left as a string.
*
* Return must be freed with radius_mapfree.
*
* @param[in] cp to convert to map.
* @param[in] request_def The default request to insert unqualified
* attributes into.
* @param[in] list_def The default list to insert unqualified attributes into.
* @return VALUE_PAIR_MAP if successful or NULL on error.
*/
VALUE_PAIR_MAP *radius_cp2map(CONF_PAIR *cp, request_refs_t request_def,
pair_lists_t list_def)
{
VALUE_PAIR_MAP *map;
const char *attr;
const char *value;
map = rad_malloc(sizeof(VALUE_PAIR_MAP));
memset(map, 0, sizeof(VALUE_PAIR_MAP));
attr = cf_pair_attr(cp);
map->dst = radius_attr2tmpl(attr, request_def, list_def);
if (!map->dst){
goto error;
}
value = cf_pair_value(cp);
if (!value) {
radlog(L_ERR, "Missing attribute name");
goto error;
}
map->src = radius_str2tmpl(value);
if (!map->src) {
goto error;
}
map->op_token = cf_pair_operator(cp);
/*
* Infer whether we need to expand the mapping values
* The old style attribute map allowed the user to specify
* whether the LDAP value should be expanded.
* We can't really support that easily, but equivalent
* functionality should be available with %{eval:}
*/
switch (cf_pair_value_type(cp))
{
case T_BARE_WORD:
case T_SINGLE_QUOTED_STRING:
map->src->do_xlat = FALSE;
break;
case T_BACK_QUOTED_STRING:
case T_DOUBLE_QUOTED_STRING:
map->src->do_xlat = TRUE;
break;
default:
rad_assert(0);
goto error;
}
return map;
error:
radius_mapfree(&map);
return NULL;
}
/** Convert an 'update' config section into an attribute map.
*
* Uses 'name2' of section to set default request and lists.
*
* @param[in] parent to convert to map.
* @param[out] head Where to store the head of the map.
* @param[in] dst_list_def The default destination list, usually dictated by
* the section the module is being called in.
* @param[in] src_list_def The default source list, usually dictated by the
* section the module is being called in.
* @param[in] max number of mappings to process.
* @return -1 on error, else 0.
*/
int radius_attrmap(CONF_SECTION *parent, value_pair_map_t **head,
pair_lists_t dst_list_def, pair_lists_t src_list_def,
unsigned int max)
{
const char *cs_list, *p;
request_refs_t request_def = REQUEST_CURRENT;
CONF_SECTION *cs;
CONF_ITEM *ci = cf_sectiontoitem(cs);
CONF_PAIR *cp;
unsigned int total = 0;
value_pair_map_t **tail, *map;
*head = NULL;
tail = head;
if (!parent) return 0;
cs = cf_section_sub_find(parent, "update");
if (!cs) return 0;
cs_list = p = cf_section_name2(cs);
if (cs_list) {
request_def = radius_request_name(&p, REQUEST_UNKNOWN);
if (request_def == REQUEST_UNKNOWN) {
cf_log_err(ci, "Default request specified "
"in mapping section is invalid");
return -1;
}
dst_list_def = fr_str2int(pair_lists, p, PAIR_LIST_UNKNOWN);
if (dst_list_def == PAIR_LIST_UNKNOWN) {
cf_log_err(ci, "Default list \"%s\" specified "
"in mapping section is invalid", p);
return -1;
}
}
for (ci = cf_item_find_next(cs, NULL);
ci != NULL;
ci = cf_item_find_next(cs, ci)) {
if (total++ == max) {
cf_log_err(ci, "Map size exceeded");
goto error;
}
if (!cf_item_is_pair(ci)) {
cf_log_err(ci, "Entry is not in \"attribute = "
"value\" format");
goto error;
}
cp = cf_itemtopair(ci);
map = radius_cp2map(cp, request_def, dst_list_def,
REQUEST_CURRENT, src_list_def);
if (!map) {
goto error;
}
*tail = map;
tail = &(map->next);
}
return 0;
error:
radius_mapfree(head);
return -1;
}
/** Convert CONFIG_PAIR (which may contain refs) to value_pair_map_t.
*
* Treats the left operand as an attribute reference
* @verbatim<request>.<list>.<attribute>@endverbatim
*
* Treatment of left operand depends on quotation, barewords are treated as
* attribute references, double quoted values are treated as expandable strings,
* single quoted values are treated as literal strings.
*
* Return must be freed with radius_mapfree.
*
* @param[in] cp to convert to map.
* @param[in] dst_request_def The default request to insert unqualified
* attributes into.
* @param[in] dst_list_def The default list to insert unqualified attributes
* into.
* @param[in] src_request_def The default request to resolve attribute
* references in.
* @param[in] src_list_def The default list to resolve unqualified attributes
* in.
* @return value_pair_map_t if successful or NULL on error.
*/
value_pair_map_t *radius_cp2map(CONF_PAIR *cp,
request_refs_t dst_request_def,
pair_lists_t dst_list_def,
request_refs_t src_request_def,
pair_lists_t src_list_def)
{
value_pair_map_t *map;
const char *attr;
const char *value;
FR_TOKEN type;
CONF_ITEM *ci = cf_pairtoitem(cp);
if (!cp) return NULL;
map = rad_calloc(sizeof(value_pair_map_t));
attr = cf_pair_attr(cp);
value = cf_pair_value(cp);
if (!value) {
cf_log_err(ci, "Missing attribute value");
goto error;
}
map->dst = radius_attr2tmpl(attr, dst_request_def, dst_list_def);
if (!map->dst){
goto error;
}
/*
* Bare words always mean attribute references.
*/
type = cf_pair_value_type(cp);
map->src = type == T_BARE_WORD ?
radius_attr2tmpl(value, src_request_def, src_list_def) :
radius_str2tmpl(value, type);
if (!map->src) {
goto error;
}
map->op = cf_pair_operator(cp);
map->ci = ci;
/*
* Lots of sanity checks for insane people...
*/
/*
* We don't support implicit type conversion
*/
if (map->dst->da && map->src->da &&
(map->src->da->type != map->dst->da->type)) {
cf_log_err(ci, "Attribute type mismatch");
goto error;
}
/*
* What exactly where you expecting to happen here?
*/
if ((map->dst->type == VPT_TYPE_ATTR) &&
(map->src->type == VPT_TYPE_LIST)) {
cf_log_err(ci, "Can't copy list into an attribute");
goto error;
}
switch (map->src->type)
{
/*
* Only += and -= operators are supported for list copy.
*/
case VPT_TYPE_LIST:
switch (map->op) {
case T_OP_SUB:
case T_OP_ADD:
break;
default:
cf_log_err(ci, "Operator \"%s\" not allowed "
"for list copy",
fr_int2str(fr_tokens, map->op,
"¿unknown?"));
goto error;
}
break;
/*
* @todo add support for exec expansion.
*/
case VPT_TYPE_EXEC:
cf_log_err(ci, "Exec values are not allowed");
break;
default:
break;
}
return map;
error:
radius_mapfree(&map);
return NULL;
}
