]> git.ipfire.org Git - thirdparty/freeradius-server.git/commitdiff
projects / thirdparty / freeradius-server.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 2b62506)
add migration configuration to forbid the use of "update"
authorAlan T. DeKok <aland@freeradius.org>
Wed, 16 Nov 2022 12:57:23 +0000 (07:57 -0500)
committerAlan T. DeKok <aland@freeradius.org>
Thu, 17 Nov 2022 12:34:52 +0000 (07:34 -0500)
src/lib/server/main_config.c patch | blob | blame | history
src/lib/server/main_config.h patch | blob | blame | history
src/lib/unlang/compile.c patch | blob | blame | history

diff --git a/src/lib/server/main_config.c b/src/lib/server/main_config.c
index ec2c11c375c3439361898d7ea990fe32f08d30d2..ff68acc4be2b57acf8428c5f188fd2d6d741e2bc 100644 (file)
--- a/src/lib/server/main_config.c
+++ b/src/lib/server/main_config.c
@@ -185,6 +185,7 @@ static const CONF_PARSER migrate_config[] = {
        { FR_CONF_OFFSET("parse_new_conditions", FR_TYPE_BOOL | FR_TYPE_HIDDEN, main_config_t, parse_new_conditions) },
        { FR_CONF_OFFSET("use_new_conditions", FR_TYPE_BOOL | FR_TYPE_HIDDEN, main_config_t, use_new_conditions) },
        { FR_CONF_OFFSET("rewrite_update", FR_TYPE_BOOL | FR_TYPE_HIDDEN, main_config_t, rewrite_update) },
+       { FR_CONF_OFFSET("forbid_update", FR_TYPE_BOOL | FR_TYPE_HIDDEN, main_config_t, forbid_update) },
        CONF_PARSER_TERMINATOR
 };
 
@@ -1445,6 +1446,7 @@ static fr_table_num_ordered_t config_arg_table[] = {
        { L("use_new_conditions"),       offsetof(main_config_t, use_new_conditions) },
        { L("tmpl_tokenize_all_nested"), offsetof(main_config_t, tmpl_tokenize_all_nested) },
        { L("rewrite_update"),           offsetof(main_config_t, rewrite_update) },
+       { L("forbid_update"),            offsetof(main_config_t, forbid_update) },
 };
 static size_t config_arg_table_len = NUM_ELEMENTS(config_arg_table);
 
diff --git a/src/lib/server/main_config.h b/src/lib/server/main_config.h
index 4bd204304b3ec438ef1ff4c89dd063126eaf69cb..7bb03fb6d1dc0b2e2d308200ac67775151a46a52 100644 (file)
--- a/src/lib/server/main_config.h
+++ b/src/lib/server/main_config.h
@@ -165,6 +165,7 @@ struct main_config_s {
        bool            parse_new_conditions;           //!< the new xlat expressions will be parsed, but not used.
        bool            use_new_conditions;             //!< the new xlat expressions will be used for conditions, instead of the old code
        bool            rewrite_update;                 //!< rewrite "update" to be new edit sections
+       bool            forbid_update;                  //!< forbid "update" sections
 };
 
 void                   main_config_name_set_default(main_config_t *config, char const *name, bool overwrite_config);
diff --git a/src/lib/unlang/compile.c b/src/lib/unlang/compile.c
index b8c3e06ee93c0ff9462b1326d53cdb21ab1a2e07..7ce3154346f302fedad09d9078b6cdec6276b3b0 100644 (file)
--- a/src/lib/unlang/compile.c
+++ b/src/lib/unlang/compile.c
@@ -1554,6 +1554,11 @@ static unlang_t *compile_update(unlang_t *parent, unlang_compile_t *unlang_ctx,
                .type_name = "unlang_map_t"
        };
 
+       if (main_config_migrate_option_get("forbid_update")) {
+               cf_log_err(cs, "The use of 'update' sections is forbidden by the server configuration");
+               return NULL;
+       }
+
        /*
         *      If we're migrating "update" sections to edit, then go
         *      do that now.
Mirror of https://github.com/FreeRADIUS/freeradius-server.git