]> git.ipfire.org Git - thirdparty/freeradius-server.git/log
thirdparty/freeradius-server.git
2 years agoUpdate inline docs for builtin xlats
Nick Porter [Fri, 13 Oct 2023 14:55:04 +0000 (15:55 +0100)] 
Update inline docs for builtin xlats

2 years agoDon't delete .work file if there are outstanding requests
Nick Porter [Fri, 13 Oct 2023 11:16:37 +0000 (12:16 +0100)] 
Don't delete .work file if there are outstanding requests

2 years agojust use %l or %c directly
Alan T. DeKok [Thu, 12 Oct 2023 20:04:03 +0000 (16:04 -0400)] 
just use %l or %c directly

there's no need to convert them to dates, and then cast them to
integers.  Those expansions are already integers

2 years agotypo
Alan T. DeKok [Thu, 12 Oct 2023 18:35:42 +0000 (14:35 -0400)] 
typo

2 years agostop on empty buffer, too.
Alan T. DeKok [Thu, 12 Oct 2023 17:57:09 +0000 (13:57 -0400)] 
stop on empty buffer, too.

The fr_pair_list_afrom_str() function should really be converted
to sbuffs, but that isn't immediately trivial.

It expect to see NUL-terminated C strings, and will misbehave
if given bad data.  Happily, all of the stgring value-boxes in
the server are zero-terminated, so this isn't much of an issue.

The same goes for input from unit_test_attribute.

2 years agoadd assertion for paranoia
Alan T. DeKok [Thu, 12 Oct 2023 16:53:35 +0000 (12:53 -0400)] 
add assertion for paranoia

2 years agodocs corrections
Nick Porter [Thu, 12 Oct 2023 15:36:21 +0000 (16:36 +0100)] 
docs corrections

2 years agoadd end check to loop limit
Alan T. DeKok [Thu, 12 Oct 2023 15:29:14 +0000 (11:29 -0400)] 
add end check to loop limit

and remove end check inside of loop.

The fr_struct_from_network() function will also enforce "end"

2 years agodocument "retransmit=no"
Alan T. DeKok [Thu, 12 Oct 2023 14:11:13 +0000 (10:11 -0400)] 
document "retransmit=no"

2 years agoretry.count is incremented by fr_retry_next()
Nick Porter [Thu, 12 Oct 2023 14:18:06 +0000 (15:18 +0100)] 
retry.count is incremented by fr_retry_next()

2 years agoif we're not retransmitting, mark done even on failure
Alan T. DeKok [Thu, 12 Oct 2023 14:08:56 +0000 (10:08 -0400)] 
if we're not retransmitting, mark done even on failure

2 years agonote limitations
Alan T. DeKok [Wed, 11 Oct 2023 20:01:17 +0000 (16:01 -0400)] 
note limitations

2 years agoDebug output correction
Nick Porter [Wed, 11 Oct 2023 21:27:36 +0000 (22:27 +0100)] 
Debug output correction

2 years agolist overrides are not allowed
Alan T. DeKok [Wed, 11 Oct 2023 19:55:47 +0000 (15:55 -0400)] 
list overrides are not allowed

The edit.c code calls fr_pair_list_afrom_str(), which does NOT
handle list over-rides.

Plus, we are assigning to a list as

&list += "pairs = value"

so having a list override does not make sense.

2 years agobetter error messages, so that we know what's going on
Alan T. DeKok [Wed, 11 Oct 2023 19:53:44 +0000 (15:53 -0400)] 
better error messages, so that we know what's going on

2 years agojust use the right comparison
Alan T. DeKok [Wed, 11 Oct 2023 14:37:50 +0000 (10:37 -0400)] 
just use the right comparison

2 years agoempty lists are equal when compared via ==
Alan T. DeKok [Wed, 11 Oct 2023 14:06:20 +0000 (10:06 -0400)] 
empty lists are equal when compared via ==

2 years agoadd %test.fail() which always returns XLAT_ACTION_FAIL
Alan T. DeKok [Wed, 11 Oct 2023 14:04:39 +0000 (10:04 -0400)] 
add %test.fail() which always returns XLAT_ACTION_FAIL

2 years agomake !(a == b) the same as (a != b)
Alan T. DeKok [Wed, 11 Oct 2023 12:26:28 +0000 (08:26 -0400)] 
make !(a == b) the same as (a != b)

2 years agoclarify error
Alan T. DeKok [Wed, 11 Oct 2023 12:18:26 +0000 (08:18 -0400)] 
clarify error

2 years agoupdate antora config
Matthew Newton [Tue, 10 Oct 2023 16:16:35 +0000 (17:16 +0100)] 
update antora config

2 years agodon't always try and be clever with the package version
Matthew Newton [Tue, 10 Oct 2023 14:01:25 +0000 (15:01 +0100)] 
don't always try and be clever with the package version

2 years agoadd dist version checks from v3
Matthew Newton [Tue, 10 Oct 2023 14:00:00 +0000 (15:00 +0100)] 
add dist version checks from v3

2 years agoupdate version.sh to cope with a prerelease
Matthew Newton [Tue, 10 Oct 2023 13:39:24 +0000 (14:39 +0100)] 
update version.sh to cope with a prerelease

2 years agofix version.sh output when we're on a tag
Matthew Newton [Tue, 10 Oct 2023 11:20:16 +0000 (12:20 +0100)] 
fix version.sh output when we're on a tag

2 years agouse commas in function args and other cleanups
Alan T. DeKok [Tue, 10 Oct 2023 00:53:19 +0000 (20:53 -0400)] 
use commas in function args and other cleanups

2 years agoallow &foo := {} to mean "delete leaf attributes"
Alan T. DeKok [Tue, 10 Oct 2023 00:45:53 +0000 (20:45 -0400)] 
allow &foo := {} to mean "delete leaf attributes"

because if the RHS is a dynamic expansion which returns no values,
that's what it means there

2 years agouse the correct array offsets.
Alan T. DeKok [Mon, 9 Oct 2023 19:40:23 +0000 (15:40 -0400)] 
use the correct array offsets.

Perhaps these changes should stop

2 years agoquiet static analyzer
Alan T. DeKok [Mon, 9 Oct 2023 19:25:20 +0000 (15:25 -0400)] 
quiet static analyzer

if we didn't find any match, return false

2 years agoread the debug output a bit more and fix the tests
Alan T. DeKok [Mon, 9 Oct 2023 19:23:32 +0000 (15:23 -0400)] 
read the debug output a bit more and fix the tests

2 years agomove this back to before &&/|| changes
Alan T. DeKok [Mon, 9 Oct 2023 17:59:29 +0000 (13:59 -0400)] 
move this back to before &&/|| changes

2 years agotry to quiet clang scan
Alan T. DeKok [Mon, 9 Oct 2023 17:41:58 +0000 (13:41 -0400)] 
try to quiet clang scan

2 years agoseparate out && and || code, and clean up tests
Alan T. DeKok [Mon, 9 Oct 2023 17:22:26 +0000 (13:22 -0400)] 
separate out && and || code, and clean up tests

2 years agomove %(foo:) to new syntax
Alan T. DeKok [Mon, 9 Oct 2023 16:32:24 +0000 (12:32 -0400)] 
move %(foo:) to new syntax

2 years agomove to new syntax
Alan T. DeKok [Mon, 9 Oct 2023 16:11:21 +0000 (12:11 -0400)] 
move to new syntax

perl -p -i -e 's/%\(([a-zA-Z0-0._-]+):([a-zA-Z0-9.]+)\)/%$1\($2\)/g'   $(git grep -lE '%\([a-z]+:' src/tests/keywords/)

perl -p -i -e 's/%\(([a-zA-Z0-0._-]+):%{([^%{}]+)}\)/%$1\(%{$2}\)/g'   $(git grep -lE '%\([a-z]+:' src/tests/keywords/)

2 years agoconver to new function syntax
Alan T. DeKok [Mon, 9 Oct 2023 16:04:49 +0000 (12:04 -0400)] 
conver to new function syntax

2 years agomore remove alternation :-
Alan T. DeKok [Mon, 9 Oct 2023 15:49:01 +0000 (11:49 -0400)] 
more remove alternation :-

2 years agocatch corner cases of && and ||
Alan T. DeKok [Mon, 9 Oct 2023 15:14:32 +0000 (11:14 -0400)] 
catch corner cases of && and ||

where there's no input, so the output shouldn't exist, either

2 years agoremove alternation
Alan T. DeKok [Mon, 9 Oct 2023 13:22:52 +0000 (09:22 -0400)] 
remove alternation

2 years agoAlign xlat function debug with new function call format
Nick Porter [Mon, 9 Oct 2023 15:04:10 +0000 (16:04 +0100)] 
Align xlat function debug with new function call format

2 years agoUpdate LDAP tests
Nick Porter [Mon, 9 Oct 2023 14:28:53 +0000 (15:28 +0100)] 
Update LDAP tests

2 years agoRemove unnecessary ""
Nick Porter [Mon, 9 Oct 2023 14:00:53 +0000 (15:00 +0100)] 
Remove unnecessary ""

2 years agoRevert "auto-convert LDAP"
Alan T. DeKok [Mon, 9 Oct 2023 13:18:40 +0000 (09:18 -0400)] 
Revert "auto-convert LDAP"

This reverts commit b4af84428990140af855f5ca7a6ecbc7790cc4bf.

Nope.  LDAP tests fail.  Reverting until we do the conversion
manually.

2 years agoauto-convert functions with fixed string arguments
Alan T. DeKok [Mon, 9 Oct 2023 13:09:33 +0000 (09:09 -0400)] 
auto-convert functions with fixed string arguments

perl -p -i -e "s/%{([a-zA-Z0-9._-]+):([^&%{}=']+)}/%\$1('\$2')/g"  $(git grep -lE '%\{[a-z0-9.-]+:' src/tests/keywords/ src/tests/modules)

2 years agoauto-convert LDAP
Alan T. DeKok [Mon, 9 Oct 2023 13:06:08 +0000 (09:06 -0400)] 
auto-convert LDAP

perl -p -i -e 's/"%{ldap:(.*?)}"/%ldap("$1")/' $(git grep -lE '%\{[a-z]+:' src/tests/modules/)

2 years agoauto-convert SQL
Alan T. DeKok [Mon, 9 Oct 2023 13:04:03 +0000 (09:04 -0400)] 
auto-convert SQL

perl -p -i -e 's/"%{sql:(.*?)}"/%sql("$1")/' $(git grep -lE '%\{[a-z]+:' src/tests/modules/)

2 years agomore auto-conversion
Alan T. DeKok [Mon, 9 Oct 2023 13:00:36 +0000 (09:00 -0400)] 
more auto-conversion

perl -p -i -e "s/%{([a-zA-Z0-9._-]+):([a-zA-Z0-9.]+)}/%\$1('\$2')/g"  $(git grep -lE '%\{[a-z0-9.-]+:' src/tests/keywords/ src/tests/modules)

2 years agoauto-convert to new syntax
Alan T. DeKok [Mon, 9 Oct 2023 12:52:10 +0000 (08:52 -0400)] 
auto-convert to new syntax

perl -p -i -e 's/%{([a-zA-Z0-9._-]+):%{([a-zA-Z0-9._-]+)}}/%$1(%{$2})/g'  $(git grep -lE '%\{[a-z]+:' src/tests/keywords/)

2 years agoCoverity #1547098
Alan T. DeKok [Mon, 9 Oct 2023 12:37:00 +0000 (08:37 -0400)] 
Coverity #1547098

2 years agoadd missing case
Alan T. DeKok [Sun, 8 Oct 2023 17:18:08 +0000 (13:18 -0400)] 
add missing case

2 years agoadd log.debug() and log.info()
Alan T. DeKok [Sun, 8 Oct 2023 16:37:48 +0000 (12:37 -0400)] 
add log.debug() and log.info()

so that we can log to the normal request log in unlang

2 years agoadd "request" destination for linelog
Alan T. DeKok [Sun, 8 Oct 2023 16:37:26 +0000 (12:37 -0400)] 
add "request" destination for linelog

so that it can log to the normal request log

2 years agoremove old text
Alan T. DeKok [Sun, 8 Oct 2023 13:32:00 +0000 (09:32 -0400)] 
remove old text

2 years agostupid local compiler misses things
Alan T. DeKok [Sun, 8 Oct 2023 13:25:19 +0000 (09:25 -0400)] 
stupid local compiler misses things

2 years agoremove %expr()
Alan T. DeKok [Sun, 8 Oct 2023 13:15:03 +0000 (09:15 -0400)] 
remove %expr()

2 years agomore typos
Alan T. DeKok [Sun, 8 Oct 2023 13:13:08 +0000 (09:13 -0400)] 
more typos

2 years agoshow which condition failed to parse
Alan T. DeKok [Sun, 8 Oct 2023 13:11:40 +0000 (09:11 -0400)] 
show which condition failed to parse

2 years agotypo
Alan T. DeKok [Sun, 8 Oct 2023 12:57:16 +0000 (08:57 -0400)] 
typo

2 years agoupdate redis tests to not use %expr
Alan T. DeKok [Sun, 8 Oct 2023 12:37:39 +0000 (08:37 -0400)] 
update redis tests to not use %expr

2 years agoquiet static analyzer
Alan T. DeKok [Sun, 8 Oct 2023 12:37:07 +0000 (08:37 -0400)] 
quiet static analyzer

2 years agomore "get rid of expr"
Alan T. DeKok [Sun, 8 Oct 2023 12:03:26 +0000 (08:03 -0400)] 
more "get rid of expr"

2 years agoget rid of backticks in tests
Alan T. DeKok [Sun, 8 Oct 2023 12:03:57 +0000 (08:03 -0400)] 
get rid of backticks in tests

2 years agodon't pull casts into in-place expressions
Alan T. DeKok [Sun, 8 Oct 2023 12:00:32 +0000 (08:00 -0400)] 
don't pull casts into in-place expressions

because that would change how the text inside of the expression
is parsed, and we don't want that

2 years agodon't allow unresolved functions at runtime
Alan T. DeKok [Sun, 8 Oct 2023 00:47:59 +0000 (20:47 -0400)] 
don't allow unresolved functions at runtime

because otherwise xlat_resolve() will call xlat_bootstrap_func(),
which modifies the xlat_inst_tree at runtime, from a child thread

2 years agojust move everything to xlat_bootstrap()
Alan T. DeKok [Sun, 8 Oct 2023 00:32:42 +0000 (20:32 -0400)] 
just move everything to xlat_bootstrap()

2 years agoquiet static analyzer
Alan T. DeKok [Sat, 7 Oct 2023 21:58:11 +0000 (17:58 -0400)] 
quiet static analyzer

2 years agoadd xlat wrapper function for bootstrap / instantiate ephemeral
Alan T. DeKok [Sat, 7 Oct 2023 21:29:21 +0000 (17:29 -0400)] 
add xlat wrapper function for bootstrap / instantiate ephemeral

* xlat_bootstrap() - when reading the configuration files
  pretty much only called by xlat_redundant()

* xlat_instantiate_ephemeral() - when we have a #request_t and
  are parsing things at run-time

* xlat_finalize() - when we have a #tmpl_rules_t, and we're not
  sure if we're run-time or config load time.

The issue is that the various xlat tokenize funtions call each
other in different combinations.  The only way to consistently
know if we're run-time or config time is via the #tmpl_rules_t.

This change (also via previous commits) allows us to get rid of
the various public tokenize_ephemeral() functions, which were
confusing the issue.

2 years agoensure runtime_el is set
Alan T. DeKok [Sat, 7 Oct 2023 18:18:34 +0000 (14:18 -0400)] 
ensure runtime_el is set

and instantiate ephemeral xlats in tmpl_tokenize

2 years agomove to xlat_tokenize(), as ephemeral checks are in t_rules
Alan T. DeKok [Sat, 7 Oct 2023 15:00:46 +0000 (11:00 -0400)] 
move to xlat_tokenize(), as ephemeral checks are in t_rules

2 years agoget rid of tokenize_ephemeral_expression()
Alan T. DeKok [Sat, 7 Oct 2023 14:49:35 +0000 (10:49 -0400)] 
get rid of tokenize_ephemeral_expression()

and just rely on t_rules->xlat.runtime_el

2 years agomake cmp return bool and fix associated tests
Alan T. DeKok [Sat, 7 Oct 2023 14:34:51 +0000 (10:34 -0400)] 
make cmp return bool and fix associated tests

2 years agouse t_rules->xlat.runtime_el
Alan T. DeKok [Sat, 7 Oct 2023 14:34:13 +0000 (10:34 -0400)] 
use t_rules->xlat.runtime_el

2 years agomore set head->el
Alan T. DeKok [Sat, 7 Oct 2023 13:07:45 +0000 (09:07 -0400)] 
more set head->el

2 years agoit's an expansion
Alan T. DeKok [Sat, 7 Oct 2023 12:19:18 +0000 (08:19 -0400)] 
it's an expansion

2 years agonotes on quoting
Alan T. DeKok [Fri, 6 Oct 2023 23:42:48 +0000 (19:42 -0400)] 
notes on quoting

2 years agoDelete from correct table
Nick Porter [Fri, 6 Oct 2023 20:58:11 +0000 (21:58 +0100)] 
Delete from correct table

2 years agoAlternation fixes
Nick Porter [Fri, 6 Oct 2023 19:53:34 +0000 (20:53 +0100)] 
Alternation fixes

2 years agodon't do too much optimization for logical or
Alan T. DeKok [Fri, 6 Oct 2023 17:21:28 +0000 (13:21 -0400)] 
don't do too much optimization for logical or

2 years agoNAK clients don't have a connection - report the src IP instead
Nick Porter [Fri, 6 Oct 2023 15:46:54 +0000 (16:46 +0100)] 
NAK clients don't have a connection - report the src IP instead

2 years agoBlank correct pairs in dynamic client requests
Nick Porter [Fri, 6 Oct 2023 15:11:45 +0000 (16:11 +0100)] 
Blank correct pairs in dynamic client requests

2 years agoRun correct section when new client fails
Nick Porter [Fri, 6 Oct 2023 15:10:01 +0000 (16:10 +0100)] 
Run correct section when new client fails

2 years agoBad DN LDAP response is really notfound, not fail
Nick Porter [Fri, 6 Oct 2023 14:49:34 +0000 (15:49 +0100)] 
Bad DN LDAP response is really notfound, not fail

2 years agopush event list down to ephemeral expressions
Alan T. DeKok [Fri, 6 Oct 2023 12:58:25 +0000 (08:58 -0400)] 
push event list down to ephemeral expressions

2 years agoremove extraneous empty line
Alan T. DeKok [Fri, 6 Oct 2023 12:33:31 +0000 (08:33 -0400)] 
remove extraneous empty line

2 years agodon't use bare words in || expansions
Alan T. DeKok [Fri, 6 Oct 2023 12:28:30 +0000 (08:28 -0400)] 
don't use bare words in || expansions

2 years agomore move to new function syntax
Alan T. DeKok [Fri, 6 Oct 2023 12:25:41 +0000 (08:25 -0400)] 
more move to new function syntax

2 years agoget rid of old function syntax everywhere except old examples
Alan T. DeKok [Fri, 6 Oct 2023 12:16:54 +0000 (08:16 -0400)] 
get rid of old function syntax everywhere except old examples

2 years agomore remove alternation
Alan T. DeKok [Fri, 6 Oct 2023 11:50:34 +0000 (07:50 -0400)] 
more remove alternation

this time where the second argument is just a string, and not
an attribute reference

perl -p -i -e 's/%{%{([^%{}]+)}:-([^%{}]+)}/%{\&$1 || $2}/g'  $(git grep -l ':-' raddb/)

and then re-build the antora docs from the raddb sources

2 years agoremove much alternation
Alan T. DeKok [Fri, 6 Oct 2023 11:45:59 +0000 (07:45 -0400)] 
remove much alternation

perl -p -i -e 's/%{%{([^%{}]+)}:-%{([^%{}]+)}}/%{\&$1 || \&$2}/g'  $(git grep -l ':-' raddb/)

and then re-build the antora docs from the raddb sources

2 years agotypos
Alan T. DeKok [Fri, 6 Oct 2023 11:43:17 +0000 (07:43 -0400)] 
typos

2 years agototp: The fr_totp_cmp() expects token in call_env 'user_password'
Jorge Pereira [Wed, 4 Oct 2023 16:43:11 +0000 (13:43 -0300)] 
totp: The fr_totp_cmp() expects token in call_env 'user_password'

Which is taken from control.TOTP.From-User

2 years agototp: Fix call_env setting
Jorge Pereira [Wed, 4 Oct 2023 16:42:09 +0000 (13:42 -0300)] 
totp: Fix call_env setting

The 'nullable' field should be true.

2 years agonote that you don't always have to use %concat()
Alan T. DeKok [Thu, 5 Oct 2023 19:46:20 +0000 (15:46 -0400)] 
note that you don't always have to use %concat()

"+" is usually better.

2 years agoadd more tests
Alan T. DeKok [Thu, 5 Oct 2023 19:46:12 +0000 (15:46 -0400)] 
add more tests

2 years agomove to %func(args) everywhere in raddb/*
Jorge Pereira [Wed, 4 Oct 2023 22:10:31 +0000 (19:10 -0300)] 
move to %func(args) everywhere in raddb/*

2 years agoxlat cmp requires both arguments
Nick Porter [Fri, 6 Oct 2023 08:22:53 +0000 (09:22 +0100)] 
xlat cmp requires both arguments

2 years agohandle multiple values better with list on the RHS
Alan T. DeKok [Thu, 5 Oct 2023 19:08:27 +0000 (15:08 -0400)] 
handle multiple values better with list on the RHS

If we have :=, then create multiple values.

if we have other operators, then only create the first one,
and then apply the operations to it

don't create multiple copies of local variables

2 years agosplit out comparison from binary ops
Alan T. DeKok [Thu, 5 Oct 2023 18:48:56 +0000 (14:48 -0400)] 
split out comparison from binary ops

there's no real reason for them to be the same

2 years agoallow n-ary operations for time delta, too
Alan T. DeKok [Thu, 5 Oct 2023 18:48:39 +0000 (14:48 -0400)] 
allow n-ary operations for time delta, too

2 years agoadd calc n-ary op, for add, or, and, xor, etc.
Alan T. DeKok [Thu, 5 Oct 2023 14:09:12 +0000 (10:09 -0400)] 
add calc n-ary op, for add, or, and, xor, etc.

This should make expressions a bit more efficient, as there will
be fewer intermediate nodes, and more work will be done at parse
time.

The expr wrappers aren't done, so that needs adding.  We will have
to do some cleanups of the resolve, etc. code for that to be best.

The logical operators || and && aren't implemented in calc.c,
because they are short-circuit operators, and calc.c gets a fully
evaluated list of value-boxes.

That being said, it's likely not much work to add short-circuit
operators to the calc.c code.