Add "required" option to call_env subsections

author Nick Porter <nick@portercomputing.co.uk>

Thu, 31 Aug 2023 13:40:55 +0000 (14:40 +0100)

committer Nick Porter <nick@portercomputing.co.uk>

Thu, 31 Aug 2023 17:16:11 +0000 (18:16 +0100)
author Nick Porter <nick@portercomputing.co.uk>
Thu, 31 Aug 2023 13:40:55 +0000 (14:40 +0100)
committer Nick Porter <nick@portercomputing.co.uk>
Thu, 31 Aug 2023 17:16:11 +0000 (18:16 +0100)
diff --git a/src/lib/unlang/call_env.c b/src/lib/unlang/call_env.c

index a3c396a95a984def80bab8e35ae2601019f13d51..d60c5c53b3b3ef06a123e2a4daa38cbf157e3820 100644 (file)
--- a/src/lib/unlang/call_env.c
+++ b/src/lib/unlang/call_env.c
@@ -58,7 +58,11 @@ int call_env_parse(TALLOC_CTX *ctx, call_env_parsed_head_t *parsed, char const *
                 if (FR_BASE_TYPE(call_env->type) == FR_TYPE_SUBSECTION) {
                         CONF_SECTION const *subcs;
                         subcs = cf_section_find(cs, call_env->name, call_env->section.ident2);
-                       if (!subcs) goto next;
+                       if (!subcs) {
+                               if (!call_env->section.required) goto next;
+                               cf_log_err(cs, "Module %s missing required section %s", name, call_env->name);
+                               return -1;
+                       }
  
                         if (call_env_parse(ctx, parsed, name, dict_def, subcs, call_env->section.subcs) < 0) return -1;
                         goto next;
diff --git a/src/lib/unlang/call_env.h b/src/lib/unlang/call_env.h

index 5932cf6f22b5371e066e20ad3c6ce2d2d7493105..d4cfdeb7f1cd691726fdd4a927091c485976cd89 100644 (file)
--- a/src/lib/unlang/call_env.h
+++ b/src/lib/unlang/call_env.h
@@ -89,6 +89,7 @@ struct call_env_s {
                 struct {
                         char const              *ident2;        //!< Second identifier for a section
                         call_env_t const        *subcs;         //!< Nested definitions for subsection.
+                       bool                    required;       //!< Section is required.
                 } section;
         };
  };
@@ -210,11 +211,12 @@ _Generic((((_s *)NULL)->_f), \
                   .type = CALL_ENV_TYPE_TMPL_ONLY, \
                   .tmpl_offset = offsetof(_struct, _tmpl_field) }
  
-#define FR_CALL_ENV_SUBSECTION(_name, _ident2, _subcs ) \
+#define FR_CALL_ENV_SUBSECTION(_name, _ident2, _subcs, _required ) \
         .name = _name, \
         .type = FR_TYPE_SUBSECTION, \
         .section = { .ident2 = _ident2, \
-                    .subcs = _subcs }
+                    .subcs = _subcs, \
+                    .required = _required }
  
  int call_env_parse(TALLOC_CTX *ctx, call_env_parsed_head_t *parsed, char const *name, fr_dict_t const *dict_def,
                    CONF_SECTION const *cs, call_env_t const *call_env) CC_HINT(nonnull);
diff --git a/src/modules/rlm_ldap/rlm_ldap.c b/src/modules/rlm_ldap/rlm_ldap.c

index a2a5e09c1290315fbfce78ddecb234f75e32f010..331ca21757428c19d890d620a10552d77c9a28e9 100644 (file)
--- a/src/modules/rlm_ldap/rlm_ldap.c
+++ b/src/modules/rlm_ldap/rlm_ldap.c
@@ -105,7 +105,7 @@ static const call_env_t _prefix ## _user_call_env[] = { \
         CALL_ENV_TERMINATOR \
  }
  
-user_call_env(auth, ldap_auth_call_env_t, { FR_CALL_ENV_SUBSECTION("sasl", NULL, sasl_call_env) },
+user_call_env(auth, ldap_auth_call_env_t, { FR_CALL_ENV_SUBSECTION("sasl", NULL, sasl_call_env, false) },
               { FR_CALL_ENV_TMPL_OFFSET("password_attribute", FR_TYPE_STRING | FR_TYPE_ATTRIBUTE, ldap_auth_call_env_t, password,
                 password_tmpl, "&User-Password", T_BARE_WORD, true, true, true) } );
  
@@ -199,25 +199,25 @@ static const CONF_PARSER module_config[] = {
   *     Method specific call environments
   */
  static const call_env_t authenticate_call_env[] = {
-       { FR_CALL_ENV_SUBSECTION("user", NULL, auth_user_call_env) },
+       { FR_CALL_ENV_SUBSECTION("user", NULL, auth_user_call_env, true) },
         CALL_ENV_TERMINATOR
  };
  
  static const call_env_t authorize_call_env[] = {
-       { FR_CALL_ENV_SUBSECTION("user", NULL, autz_user_call_env) },
-       { FR_CALL_ENV_SUBSECTION("group", NULL, autz_group_call_env) },
-       { FR_CALL_ENV_SUBSECTION("profile", NULL, autz_profile_call_env) },
+       { FR_CALL_ENV_SUBSECTION("user", NULL, autz_user_call_env, true) },
+       { FR_CALL_ENV_SUBSECTION("group", NULL, autz_group_call_env, false) },
+       { FR_CALL_ENV_SUBSECTION("profile", NULL, autz_profile_call_env, false) },
         CALL_ENV_TERMINATOR
  };
  
  static const call_env_t usermod_call_env[] = {
-       { FR_CALL_ENV_SUBSECTION("user", NULL, usermod_user_call_env) },
+       { FR_CALL_ENV_SUBSECTION("user", NULL, usermod_user_call_env, true) },
         CALL_ENV_TERMINATOR
  };
  
  static const call_env_t memberof_call_env[] = {
-       { FR_CALL_ENV_SUBSECTION("user", NULL, memberof_user_call_env) },
-       { FR_CALL_ENV_SUBSECTION("group", NULL, memberof_group_call_env) },
+       { FR_CALL_ENV_SUBSECTION("user", NULL, memberof_user_call_env, true) },
+       { FR_CALL_ENV_SUBSECTION("group", NULL, memberof_group_call_env, false) },
         CALL_ENV_TERMINATOR
  };
author	Nick Porter <nick@portercomputing.co.uk>
	Thu, 31 Aug 2023 13:40:55 +0000 (14:40 +0100)
committer	Nick Porter <nick@portercomputing.co.uk>
	Thu, 31 Aug 2023 17:16:11 +0000 (18:16 +0100)
src/lib/unlang/call_env.c		patch \| blob \| blame \| history
src/lib/unlang/call_env.h		patch \| blob \| blame \| history
src/modules/rlm_ldap/rlm_ldap.c		patch \| blob \| blame \| history