2 8d1b399b 2021-07-22 op * Copyright (c) 2021 Omar Polo <op@omarpolo.com>
3 8d1b399b 2021-07-22 op * Copyright (c) 2018 Florian Obser <florian@openbsd.org>
4 8d1b399b 2021-07-22 op * Copyright (c) 2004, 2005 Esben Norby <norby@openbsd.org>
5 8d1b399b 2021-07-22 op * Copyright (c) 2004 Ryan McBride <mcbride@openbsd.org>
6 8d1b399b 2021-07-22 op * Copyright (c) 2002, 2003, 2004 Henning Brauer <henning@openbsd.org>
7 8d1b399b 2021-07-22 op * Copyright (c) 2001 Markus Friedl. All rights reserved.
8 8d1b399b 2021-07-22 op * Copyright (c) 2001 Daniel Hartmeier. All rights reserved.
9 8d1b399b 2021-07-22 op * Copyright (c) 2001 Theo de Raadt. All rights reserved.
11 8d1b399b 2021-07-22 op * Permission to use, copy, modify, and distribute this software for any
12 8d1b399b 2021-07-22 op * purpose with or without fee is hereby granted, provided that the above
13 8d1b399b 2021-07-22 op * copyright notice and this permission notice appear in all copies.
15 8d1b399b 2021-07-22 op * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
16 8d1b399b 2021-07-22 op * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
17 8d1b399b 2021-07-22 op * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
18 8d1b399b 2021-07-22 op * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
19 8d1b399b 2021-07-22 op * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
20 8d1b399b 2021-07-22 op * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
21 8d1b399b 2021-07-22 op * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
25 8d1b399b 2021-07-22 op #include "compat.h"
27 8d1b399b 2021-07-22 op #include <sys/stat.h>
29 8d1b399b 2021-07-22 op #include <ctype.h>
30 8d1b399b 2021-07-22 op #include <err.h>
31 8d1b399b 2021-07-22 op #include <errno.h>
32 8d1b399b 2021-07-22 op #include <event.h>
33 8d1b399b 2021-07-22 op #include <inttypes.h>
34 8d1b399b 2021-07-22 op #include <limits.h>
35 8d1b399b 2021-07-22 op #include <stdarg.h>
36 8d1b399b 2021-07-22 op #include <stdio.h>
37 8d1b399b 2021-07-22 op #include <stdlib.h>
38 8d1b399b 2021-07-22 op #include <string.h>
39 8d1b399b 2021-07-22 op #include <syslog.h>
40 8d1b399b 2021-07-22 op #include <unistd.h>
42 8d1b399b 2021-07-22 op #include "log.h"
43 8d1b399b 2021-07-22 op #include "kamid.h"
44 8d1b399b 2021-07-22 op #include "table.h"
45 8d1b399b 2021-07-22 op #include "utils.h"
47 8d1b399b 2021-07-22 op TAILQ_HEAD(files, file) files = TAILQ_HEAD_INITIALIZER(files);
48 8d1b399b 2021-07-22 op static struct file {
49 8d1b399b 2021-07-22 op TAILQ_ENTRY(file) entry;
52 8d1b399b 2021-07-22 op size_t ungetpos;
53 8d1b399b 2021-07-22 op size_t ungetsize;
54 8d1b399b 2021-07-22 op u_char *ungetbuf;
55 8d1b399b 2021-07-22 op int eof_reached;
58 8d1b399b 2021-07-22 op } *file, *topfile;
59 8d1b399b 2021-07-22 op struct file *pushfile(const char *, int);
60 8d1b399b 2021-07-22 op int popfile(void);
61 8d1b399b 2021-07-22 op int check_file_secrecy(int, const char *);
62 8d1b399b 2021-07-22 op int yyparse(void);
63 8d1b399b 2021-07-22 op int yylex(void);
64 8d1b399b 2021-07-22 op int yyerror(const char *, ...)
65 8d1b399b 2021-07-22 op __attribute__((__format__ (printf, 1, 2)))
66 8d1b399b 2021-07-22 op __attribute__((__nonnull__ (1)));
67 8d1b399b 2021-07-22 op int kw_cmp(const void *, const void *);
68 8d1b399b 2021-07-22 op int lookup(char *);
69 8d1b399b 2021-07-22 op int igetc(void);
70 8d1b399b 2021-07-22 op int lgetc(int);
71 8d1b399b 2021-07-22 op void lungetc(int);
72 8d1b399b 2021-07-22 op int findeol(void);
74 8d1b399b 2021-07-22 op TAILQ_HEAD(symhead, sym) symhead = TAILQ_HEAD_INITIALIZER(symhead);
76 8d1b399b 2021-07-22 op TAILQ_ENTRY(sym) entry;
83 8d1b399b 2021-07-22 op int symset(const char *, const char *, int);
84 8d1b399b 2021-07-22 op char *symget(const char *);
86 8d1b399b 2021-07-22 op void clear_config(struct kd_conf *xconf);
88 8d1b399b 2021-07-22 op static void add_table(const char *, const char *, const char *);
89 8d1b399b 2021-07-22 op static struct table *findtable(const char *name);
90 8d1b399b 2021-07-22 op static void add_cert(const char *, const char *);
91 8d1b399b 2021-07-22 op static void add_key(const char *, const char *);
92 d82b9f6d 2021-07-22 op static struct kd_listen_conf *listen_new(void);
94 8d1b399b 2021-07-22 op static uint32_t counter;
95 8d1b399b 2021-07-22 op static struct table *table;
96 95eb4eb9 2021-07-22 op static struct kd_listen_conf *listener;
97 8d1b399b 2021-07-22 op static struct kd_conf *conf;
98 8d1b399b 2021-07-22 op static int errors;
100 8d1b399b 2021-07-22 op typedef struct {
102 8d1b399b 2021-07-22 op int64_t number;
103 8d1b399b 2021-07-22 op char *string;
104 8d1b399b 2021-07-22 op struct table *table;
114 8d1b399b 2021-07-22 op %token INCLUDE
116 8d1b399b 2021-07-22 op %token LISTEN
119 8d1b399b 2021-07-22 op %token PKI PORT
120 8d1b399b 2021-07-22 op %token TABLE TLS
121 c35679af 2021-12-18 op %token USERDATA
122 c35679af 2021-12-18 op %token VIRTUAL
125 8d1b399b 2021-07-22 op %token <v.string> STRING
126 8d1b399b 2021-07-22 op %token <v.number> NUMBER
127 8d1b399b 2021-07-22 op %type <v.number> yesno
128 8d1b399b 2021-07-22 op %type <v.string> string
129 8d1b399b 2021-07-22 op %type <v.table> tableref
133 8d1b399b 2021-07-22 op grammar : /* empty */
134 8d1b399b 2021-07-22 op | grammar include '\n'
135 8d1b399b 2021-07-22 op | grammar '\n'
136 8d1b399b 2021-07-22 op | grammar table '\n'
137 8d1b399b 2021-07-22 op | grammar pki '\n'
138 8d1b399b 2021-07-22 op | grammar listen '\n'
139 8d1b399b 2021-07-22 op | grammar varset '\n'
140 8d1b399b 2021-07-22 op | grammar error '\n' { file->errors++; }
143 8d1b399b 2021-07-22 op include : INCLUDE STRING {
144 8d1b399b 2021-07-22 op struct file *nfile;
146 8d1b399b 2021-07-22 op if ((nfile = pushfile($2, 0)) == NULL) {
147 8d1b399b 2021-07-22 op yyerror("failed to include file %s", $2);
153 8d1b399b 2021-07-22 op file = nfile;
154 8d1b399b 2021-07-22 op lungetc('\n');
158 8d1b399b 2021-07-22 op string : string STRING {
159 8d1b399b 2021-07-22 op if (asprintf(&$$, "%s %s", $1, $2) == -1) {
162 8d1b399b 2021-07-22 op yyerror("string: asprintf");
171 8d1b399b 2021-07-22 op yesno : YES { $$ = 1; }
172 8d1b399b 2021-07-22 op | NO { $$ = 0; }
175 8d1b399b 2021-07-22 op optnl : '\n' optnl /* zero or more newlines */
179 8d1b399b 2021-07-22 op nl : '\n' optnl /* one or more newlines */
182 8d1b399b 2021-07-22 op arrow : '=' '>' ;
184 8d1b399b 2021-07-22 op comma : ',' optnl
187 8d1b399b 2021-07-22 op varset : STRING '=' string {
188 8d1b399b 2021-07-22 op char *s = $1;
190 8d1b399b 2021-07-22 op printf("%s = \"%s\"\n", $1, $3);
191 8d1b399b 2021-07-22 op while (*s++) {
192 8d1b399b 2021-07-22 op if (isspace((unsigned char)*s)) {
193 8d1b399b 2021-07-22 op yyerror("macro name cannot contain "
194 8d1b399b 2021-07-22 op "whitespace");
200 8d1b399b 2021-07-22 op if (symset($1, $3, 0) == -1)
201 8d1b399b 2021-07-22 op fatal("cannot store variable");
207 8d1b399b 2021-07-22 op pki : PKI STRING CERT STRING { add_cert($2, $4); }
208 8d1b399b 2021-07-22 op | PKI STRING KEY STRING { add_key($2, $4); }
211 156f1ecc 2021-11-30 op table_kp : string arrow string optnl {
212 8d1b399b 2021-07-22 op if (table_add(table, $1, $3) == -1)
213 8d1b399b 2021-07-22 op yyerror("can't add to table %s",
214 8d1b399b 2021-07-22 op table->t_name);
220 8d1b399b 2021-07-22 op table_kps : table_kp
221 8d1b399b 2021-07-22 op | table_kp comma table_kps
224 8d1b399b 2021-07-22 op stringel : STRING {
225 8d1b399b 2021-07-22 op if (table_add(table, $1, NULL) == -1)
226 8d1b399b 2021-07-22 op yyerror("can't add to table %s",
227 8d1b399b 2021-07-22 op table->t_name);
232 8d1b399b 2021-07-22 op string_list : stringel
233 8d1b399b 2021-07-22 op | stringel comma string_list
236 8d1b399b 2021-07-22 op table_vals : table_kps
237 8d1b399b 2021-07-22 op | string_list
240 8d1b399b 2021-07-22 op table : TABLE STRING STRING {
243 8d1b399b 2021-07-22 op if ((p = strchr($3, ':')) == NULL) {
244 8d1b399b 2021-07-22 op yyerror("invalid table %s", $2);
249 8d1b399b 2021-07-22 op add_table($2, $3, p+1);
253 8d1b399b 2021-07-22 op | TABLE STRING {
254 8d1b399b 2021-07-22 op add_table($2, "static", NULL);
255 156f1ecc 2021-11-30 op } '{' optnl table_vals '}' {
256 8d1b399b 2021-07-22 op table = NULL;
260 8d1b399b 2021-07-22 op tableref : '<' STRING '>' {
261 d82b9f6d 2021-07-22 op struct table *t;
263 d82b9f6d 2021-07-22 op t = findtable($2);
265 d82b9f6d 2021-07-22 op if (t == NULL)
271 95eb4eb9 2021-07-22 op listen : LISTEN { listener = listen_new(); }
272 fccfa871 2021-07-23 op listen_opts {
273 fccfa871 2021-07-23 op if (listener->auth_table == NULL)
274 fccfa871 2021-07-23 op yyerror("missing auth table");
275 2695b856 2021-07-23 op if (!(listener->flags & L_TLS))
276 2695b856 2021-07-23 op yyerror("can't define a non-tls listener");
277 fccfa871 2021-07-23 op listener = NULL;
281 d82b9f6d 2021-07-22 op listen_opts : listen_opt
282 d82b9f6d 2021-07-22 op | listen_opt listen_opts
285 d82b9f6d 2021-07-22 op listen_opt : ON STRING PORT NUMBER {
286 95eb4eb9 2021-07-22 op if (*listener->iface != '\0')
287 d82b9f6d 2021-07-22 op yyerror("listen address and port already"
289 95eb4eb9 2021-07-22 op strlcpy(listener->iface, $2, sizeof(listener->iface));
290 95eb4eb9 2021-07-22 op listener->port = $4;
292 d82b9f6d 2021-07-22 op | TLS PKI STRING {
293 95eb4eb9 2021-07-22 op if (*listener->pki != '\0')
294 d82b9f6d 2021-07-22 op yyerror("listen tls pki already defined");
295 fccfa871 2021-07-23 op listener->flags |= L_TLS;
296 95eb4eb9 2021-07-22 op strlcpy(listener->pki, $3, sizeof(listener->pki));
298 d82b9f6d 2021-07-22 op | AUTH tableref {
299 95eb4eb9 2021-07-22 op if (listener->auth_table != NULL)
300 d82b9f6d 2021-07-22 op yyerror("listen auth already defined");
301 95eb4eb9 2021-07-22 op listener->auth_table = $2;
303 c35679af 2021-12-18 op | USERDATA tableref {
304 c35679af 2021-12-18 op if (listener->userdata_table != NULL)
305 c35679af 2021-12-18 op yyerror("userdata table already defined");
306 c35679af 2021-12-18 op listener->userdata_table = $2;
308 c35679af 2021-12-18 op | VIRTUAL tableref {
309 c35679af 2021-12-18 op if (listener->virtual_table != NULL)
310 c35679af 2021-12-18 op yyerror("virtual table already defined");
311 c35679af 2021-12-18 op listener->virtual_table = $2;
317 8d1b399b 2021-07-22 op struct keywords {
318 8d1b399b 2021-07-22 op const char *k_name;
323 8d1b399b 2021-07-22 op yyerror(const char *fmt, ...)
328 8d1b399b 2021-07-22 op file->errors++;
329 8d1b399b 2021-07-22 op va_start(ap, fmt);
330 8d1b399b 2021-07-22 op if (vasprintf(&msg, fmt, ap) == -1)
331 8d1b399b 2021-07-22 op fatalx("yyerror vasprintf");
333 8d1b399b 2021-07-22 op logit(LOG_CRIT, "%s:%d: %s", file->name, yylval.lineno, msg);
339 8d1b399b 2021-07-22 op kw_cmp(const void *k, const void *e)
341 8d1b399b 2021-07-22 op return strcmp(k, ((const struct keywords *)e)->k_name);
345 8d1b399b 2021-07-22 op lookup(char *s)
347 8d1b399b 2021-07-22 op /* This has to be sorted always. */
348 8d1b399b 2021-07-22 op static const struct keywords keywords[] = {
349 8d1b399b 2021-07-22 op {"auth", AUTH},
350 8d1b399b 2021-07-22 op {"cert", CERT},
351 8d1b399b 2021-07-22 op {"include", INCLUDE},
352 8d1b399b 2021-07-22 op {"key", KEY},
353 8d1b399b 2021-07-22 op {"listen", LISTEN},
356 8d1b399b 2021-07-22 op {"pki", PKI},
357 8d1b399b 2021-07-22 op {"port", PORT},
358 8d1b399b 2021-07-22 op {"table", TABLE},
359 8d1b399b 2021-07-22 op {"tls", TLS},
360 c35679af 2021-12-18 op {"userdata", USERDATA},
361 c35679af 2021-12-18 op {"virtual", VIRTUAL},
362 8d1b399b 2021-07-22 op {"yes", YES},
364 8d1b399b 2021-07-22 op const struct keywords *p;
366 8d1b399b 2021-07-22 op p = bsearch(s, keywords, sizeof(keywords)/sizeof(keywords[0]),
367 8d1b399b 2021-07-22 op sizeof(keywords[0]), kw_cmp);
370 8d1b399b 2021-07-22 op return p->k_val;
372 8d1b399b 2021-07-22 op return STRING;
375 8d1b399b 2021-07-22 op #define START_EXPAND 1
376 8d1b399b 2021-07-22 op #define DONE_EXPAND 2
378 8d1b399b 2021-07-22 op static int expanding;
386 8d1b399b 2021-07-22 op if (file->ungetpos > 0)
387 8d1b399b 2021-07-22 op c = file->ungetbuf[--file->ungetpos];
389 8d1b399b 2021-07-22 op c = getc(file->stream);
391 8d1b399b 2021-07-22 op if (c == START_EXPAND)
392 8d1b399b 2021-07-22 op expanding = 1;
393 8d1b399b 2021-07-22 op else if (c == DONE_EXPAND)
394 8d1b399b 2021-07-22 op expanding = 0;
402 8d1b399b 2021-07-22 op lgetc(int quotec)
406 8d1b399b 2021-07-22 op if (quotec) {
407 8d1b399b 2021-07-22 op if ((c = igetc()) == EOF) {
408 8d1b399b 2021-07-22 op yyerror("reached end of file while parsing "
409 8d1b399b 2021-07-22 op "quoted string");
410 8d1b399b 2021-07-22 op if (file == topfile || popfile() == EOF)
412 8d1b399b 2021-07-22 op return quotec;
417 8d1b399b 2021-07-22 op while ((c = igetc()) == '\\') {
418 8d1b399b 2021-07-22 op next = igetc();
419 8d1b399b 2021-07-22 op if (next != '\n') {
423 8d1b399b 2021-07-22 op yylval.lineno = file->lineno;
424 8d1b399b 2021-07-22 op file->lineno++;
427 8d1b399b 2021-07-22 op if (c == EOF) {
429 8d1b399b 2021-07-22 op * Fake EOL when hit EOF for the first time. This gets line
430 8d1b399b 2021-07-22 op * count right if last line in included file is syntactically
431 8d1b399b 2021-07-22 op * invalid and has no newline.
433 8d1b399b 2021-07-22 op if (file->eof_reached == 0) {
434 8d1b399b 2021-07-22 op file->eof_reached = 1;
437 8d1b399b 2021-07-22 op while (c == EOF) {
438 8d1b399b 2021-07-22 op if (file == topfile || popfile() == EOF)
447 8d1b399b 2021-07-22 op lungetc(int c)
449 8d1b399b 2021-07-22 op if (c == EOF)
452 8d1b399b 2021-07-22 op if (file->ungetpos >= file->ungetsize) {
453 8d1b399b 2021-07-22 op void *p = reallocarray(file->ungetbuf, file->ungetsize, 2);
454 8d1b399b 2021-07-22 op if (p == NULL)
455 8d1b399b 2021-07-22 op err(1, "lungetc");
456 8d1b399b 2021-07-22 op file->ungetbuf = p;
457 8d1b399b 2021-07-22 op file->ungetsize *= 2;
459 8d1b399b 2021-07-22 op file->ungetbuf[file->ungetpos++] = c;
463 8d1b399b 2021-07-22 op findeol(void)
467 8d1b399b 2021-07-22 op /* Skip to either EOF or the first real EOL. */
469 8d1b399b 2021-07-22 op c = lgetc(0);
470 8d1b399b 2021-07-22 op if (c == '\n') {
471 8d1b399b 2021-07-22 op file->lineno++;
474 8d1b399b 2021-07-22 op if (c == EOF)
477 8d1b399b 2021-07-22 op return ERROR;
481 ab51127d 2021-08-04 op int my_yylex(void);
488 ab51127d 2021-08-04 op switch (x = my_yylex()) {
490 ab51127d 2021-08-04 op puts("auth");
493 ab51127d 2021-08-04 op puts("cert");
496 ab51127d 2021-08-04 op puts("error");
498 ab51127d 2021-08-04 op case INCLUDE:
499 ab51127d 2021-08-04 op puts("include");
505 ab51127d 2021-08-04 op puts("listen");
517 ab51127d 2021-08-04 op puts("port");
520 ab51127d 2021-08-04 op puts("table");
529 ab51127d 2021-08-04 op printf("string \"%s\"\n", yylval.v.string);
532 ab51127d 2021-08-04 op printf("number %"PRIi64"\n", yylval.v.number);
534 ab51127d 2021-08-04 op printf("character ");
535 ab51127d 2021-08-04 op if (x == '\n')
536 ab51127d 2021-08-04 op printf("\\n");
538 ab51127d 2021-08-04 op printf("%c", x);
539 ab51127d 2021-08-04 op printf(" [0x%x]", x);
540 ab51127d 2021-08-04 op printf("\n");
548 ab51127d 2021-08-04 op my_yylex(void)
554 e63bf1fb 2021-11-30 op char buf[8096];
555 e63bf1fb 2021-11-30 op char *p, *val;
556 e63bf1fb 2021-11-30 op int quotec, next, c;
561 8d1b399b 2021-07-22 op while ((c = lgetc(0)) == ' ' || c == '\t')
562 8d1b399b 2021-07-22 op ; /* nothing */
564 8d1b399b 2021-07-22 op yylval.lineno = file->lineno;
565 8d1b399b 2021-07-22 op if (c == '#')
566 8d1b399b 2021-07-22 op while ((c = lgetc(0)) != '\n' && c != EOF)
567 8d1b399b 2021-07-22 op ; /* nothing */
568 8d1b399b 2021-07-22 op if (c == '$' && !expanding) {
570 8d1b399b 2021-07-22 op if ((c = lgetc(0)) == EOF)
573 8d1b399b 2021-07-22 op if (p + 1 >= buf + sizeof(buf) - 1) {
574 8d1b399b 2021-07-22 op yyerror("string too long");
575 8d1b399b 2021-07-22 op return findeol();
577 8d1b399b 2021-07-22 op if (isalnum(c) || c == '_') {
585 8d1b399b 2021-07-22 op val = symget(buf);
586 8d1b399b 2021-07-22 op if (val == NULL) {
587 8d1b399b 2021-07-22 op yyerror("macro '%s' not defined", buf);
588 8d1b399b 2021-07-22 op return findeol();
590 8d1b399b 2021-07-22 op p = val + strlen(val) - 1;
591 8d1b399b 2021-07-22 op lungetc(DONE_EXPAND);
592 8d1b399b 2021-07-22 op while (p >= val) {
593 e63bf1fb 2021-11-30 op lungetc((unsigned char)*p);
596 8d1b399b 2021-07-22 op lungetc(START_EXPAND);
605 8d1b399b 2021-07-22 op if ((c = lgetc(quotec)) == EOF)
607 8d1b399b 2021-07-22 op if (c == '\n') {
608 8d1b399b 2021-07-22 op file->lineno++;
610 8d1b399b 2021-07-22 op } else if (c == '\\') {
611 8d1b399b 2021-07-22 op if ((next = lgetc(quotec)) == EOF)
613 8d1b399b 2021-07-22 op if (next == quotec || next == ' ' ||
614 8d1b399b 2021-07-22 op next == '\t')
616 8d1b399b 2021-07-22 op else if (next == '\n') {
617 8d1b399b 2021-07-22 op file->lineno++;
620 8d1b399b 2021-07-22 op lungetc(next);
621 8d1b399b 2021-07-22 op } else if (c == quotec) {
624 8d1b399b 2021-07-22 op } else if (c == '\0') {
625 8d1b399b 2021-07-22 op yyerror("syntax error");
626 8d1b399b 2021-07-22 op return findeol();
628 8d1b399b 2021-07-22 op if (p + 1 >= buf + sizeof(buf) - 1) {
629 8d1b399b 2021-07-22 op yyerror("string too long");
630 8d1b399b 2021-07-22 op return findeol();
634 8d1b399b 2021-07-22 op yylval.v.string = strdup(buf);
635 8d1b399b 2021-07-22 op if (yylval.v.string == NULL)
636 8d1b399b 2021-07-22 op err(1, "yylex: strdup");
637 8d1b399b 2021-07-22 op return STRING;
640 8d1b399b 2021-07-22 op #define allowed_to_end_number(x) \
641 8d1b399b 2021-07-22 op (isspace(x) || x == ')' || x ==',' || x == '/' || x == '}' || x == '=')
643 8d1b399b 2021-07-22 op if (c == '-' || isdigit(c)) {
646 8d1b399b 2021-07-22 op if ((size_t)(p-buf) >= sizeof(buf)) {
647 8d1b399b 2021-07-22 op yyerror("string too long");
648 8d1b399b 2021-07-22 op return findeol();
650 8d1b399b 2021-07-22 op } while ((c = lgetc(0)) != EOF && isdigit(c));
652 8d1b399b 2021-07-22 op if (p == buf + 1 && buf[0] == '-')
653 8d1b399b 2021-07-22 op goto nodigits;
654 8d1b399b 2021-07-22 op if (c == EOF || allowed_to_end_number(c)) {
655 8d1b399b 2021-07-22 op const char *errstr = NULL;
658 8d1b399b 2021-07-22 op yylval.v.number = strtonum(buf, LLONG_MIN,
659 8d1b399b 2021-07-22 op LLONG_MAX, &errstr);
660 8d1b399b 2021-07-22 op if (errstr) {
661 8d1b399b 2021-07-22 op yyerror("\"%s\" invalid number: %s",
662 8d1b399b 2021-07-22 op buf, errstr);
663 8d1b399b 2021-07-22 op return findeol();
665 8d1b399b 2021-07-22 op return NUMBER;
668 8d1b399b 2021-07-22 op while (p > buf + 1)
669 e63bf1fb 2021-11-30 op lungetc((unsigned char)*--p);
670 e63bf1fb 2021-11-30 op c = (unsigned char)*--p;
671 8d1b399b 2021-07-22 op if (c == '-')
676 8d1b399b 2021-07-22 op #define allowed_in_string(x) \
677 8d1b399b 2021-07-22 op (isalnum(x) || (ispunct(x) && x != '(' && x != ')' && \
678 8d1b399b 2021-07-22 op x != '{' && x != '}' && \
679 8d1b399b 2021-07-22 op x != '!' && x != '=' && x != '#' && \
680 afb31195 2021-08-04 op x != ',' && x != '>'))
682 8d1b399b 2021-07-22 op if (isalnum(c) || c == ':' || c == '_') {
685 8d1b399b 2021-07-22 op if ((size_t)(p-buf) >= sizeof(buf)) {
686 8d1b399b 2021-07-22 op yyerror("string too long");
687 8d1b399b 2021-07-22 op return findeol();
689 8d1b399b 2021-07-22 op } while ((c = lgetc(0)) != EOF && (allowed_in_string(c)));
692 8d1b399b 2021-07-22 op if ((token = lookup(buf)) == STRING)
693 8d1b399b 2021-07-22 op if ((yylval.v.string = strdup(buf)) == NULL)
694 8d1b399b 2021-07-22 op err(1, "yylex: strdup");
695 8d1b399b 2021-07-22 op return token;
697 8d1b399b 2021-07-22 op if (c == '\n') {
698 8d1b399b 2021-07-22 op yylval.lineno = file->lineno;
699 8d1b399b 2021-07-22 op file->lineno++;
701 8d1b399b 2021-07-22 op if (c == EOF)
707 8d1b399b 2021-07-22 op check_file_secrecy(int fd, const char *fname)
709 8d1b399b 2021-07-22 op struct stat st;
711 8d1b399b 2021-07-22 op if (fstat(fd, &st)) {
712 8d1b399b 2021-07-22 op log_warn("cannot stat %s", fname);
715 8d1b399b 2021-07-22 op if (st.st_uid != 0 && st.st_uid != getuid()) {
716 8d1b399b 2021-07-22 op log_warnx("%s: owner not root or current user", fname);
719 8d1b399b 2021-07-22 op if (st.st_mode & (S_IWGRP | S_IXGRP | S_IRWXO)) {
720 8d1b399b 2021-07-22 op log_warnx("%s: group writable or world read/writable", fname);
726 8d1b399b 2021-07-22 op struct file *
727 8d1b399b 2021-07-22 op pushfile(const char *name, int secret)
729 8d1b399b 2021-07-22 op struct file *nfile;
731 8d1b399b 2021-07-22 op if ((nfile = calloc(1, sizeof(struct file))) == NULL) {
732 8d1b399b 2021-07-22 op log_warn("calloc");
735 8d1b399b 2021-07-22 op if ((nfile->name = strdup(name)) == NULL) {
736 8d1b399b 2021-07-22 op log_warn("strdup");
740 8d1b399b 2021-07-22 op if ((nfile->stream = fopen(nfile->name, "r")) == NULL) {
741 8d1b399b 2021-07-22 op log_warn("%s", nfile->name);
742 8d1b399b 2021-07-22 op free(nfile->name);
745 8d1b399b 2021-07-22 op } else if (secret &&
746 8d1b399b 2021-07-22 op check_file_secrecy(fileno(nfile->stream), nfile->name)) {
747 8d1b399b 2021-07-22 op fclose(nfile->stream);
748 8d1b399b 2021-07-22 op free(nfile->name);
752 8d1b399b 2021-07-22 op nfile->lineno = TAILQ_EMPTY(&files) ? 1 : 0;
753 8d1b399b 2021-07-22 op nfile->ungetsize = 16;
754 8d1b399b 2021-07-22 op nfile->ungetbuf = malloc(nfile->ungetsize);
755 8d1b399b 2021-07-22 op if (nfile->ungetbuf == NULL) {
756 8d1b399b 2021-07-22 op log_warn("malloc");
757 8d1b399b 2021-07-22 op fclose(nfile->stream);
758 8d1b399b 2021-07-22 op free(nfile->name);
762 8d1b399b 2021-07-22 op TAILQ_INSERT_TAIL(&files, nfile, entry);
763 8d1b399b 2021-07-22 op return nfile;
767 8d1b399b 2021-07-22 op popfile(void)
769 8d1b399b 2021-07-22 op struct file *prev;
771 8d1b399b 2021-07-22 op if ((prev = TAILQ_PREV(file, files, entry)) != NULL)
772 8d1b399b 2021-07-22 op prev->errors += file->errors;
774 8d1b399b 2021-07-22 op TAILQ_REMOVE(&files, file, entry);
775 8d1b399b 2021-07-22 op fclose(file->stream);
776 8d1b399b 2021-07-22 op free(file->name);
777 8d1b399b 2021-07-22 op free(file->ungetbuf);
780 8d1b399b 2021-07-22 op return file ? 0 : EOF;
783 8d1b399b 2021-07-22 op struct kd_conf *
784 8d1b399b 2021-07-22 op parse_config(const char *filename)
786 8d1b399b 2021-07-22 op struct sym *sym, *next;
789 8d1b399b 2021-07-22 op conf = config_new_empty();
791 8d1b399b 2021-07-22 op file = pushfile(filename, 0);
792 8d1b399b 2021-07-22 op if (file == NULL) {
796 8d1b399b 2021-07-22 op topfile = file;
799 8d1b399b 2021-07-22 op errors = file->errors;
802 8d1b399b 2021-07-22 op /* Free macros and check which have not been used. */
803 8d1b399b 2021-07-22 op TAILQ_FOREACH_SAFE(sym, &symhead, entry, next) {
804 8d1b399b 2021-07-22 op if (verbose && !sym->used)
805 8d1b399b 2021-07-22 op fprintf(stderr, "warning: macro '%s' not used\n",
807 8d1b399b 2021-07-22 op if (!sym->persist) {
808 8d1b399b 2021-07-22 op free(sym->nam);
809 8d1b399b 2021-07-22 op free(sym->val);
810 8d1b399b 2021-07-22 op TAILQ_REMOVE(&symhead, sym, entry);
815 8d1b399b 2021-07-22 op if (errors) {
816 8d1b399b 2021-07-22 op clear_config(conf);
824 8d1b399b 2021-07-22 op symset(const char *nam, const char *val, int persist)
826 8d1b399b 2021-07-22 op struct sym *sym;
828 8d1b399b 2021-07-22 op TAILQ_FOREACH(sym, &symhead, entry) {
829 8d1b399b 2021-07-22 op if (strcmp(nam, sym->nam) == 0)
833 8d1b399b 2021-07-22 op if (sym != NULL) {
834 8d1b399b 2021-07-22 op if (sym->persist == 1)
837 8d1b399b 2021-07-22 op free(sym->nam);
838 8d1b399b 2021-07-22 op free(sym->val);
839 8d1b399b 2021-07-22 op TAILQ_REMOVE(&symhead, sym, entry);
843 8d1b399b 2021-07-22 op if ((sym = calloc(1, sizeof(*sym))) == NULL)
846 8d1b399b 2021-07-22 op sym->nam = strdup(nam);
847 8d1b399b 2021-07-22 op if (sym->nam == NULL) {
851 8d1b399b 2021-07-22 op sym->val = strdup(val);
852 8d1b399b 2021-07-22 op if (sym->val == NULL) {
853 8d1b399b 2021-07-22 op free(sym->nam);
857 8d1b399b 2021-07-22 op sym->used = 0;
858 8d1b399b 2021-07-22 op sym->persist = persist;
859 8d1b399b 2021-07-22 op TAILQ_INSERT_TAIL(&symhead, sym, entry);
864 8d1b399b 2021-07-22 op cmdline_symset(char *s)
866 8d1b399b 2021-07-22 op char *sym, *val;
869 8d1b399b 2021-07-22 op if ((val = strrchr(s, '=')) == NULL)
871 8d1b399b 2021-07-22 op sym = strndup(s, val - s);
872 8d1b399b 2021-07-22 op if (sym == NULL)
873 8d1b399b 2021-07-22 op errx(1, "%s: strndup", __func__);
874 8d1b399b 2021-07-22 op ret = symset(sym, val + 1, 1);
881 8d1b399b 2021-07-22 op symget(const char *nam)
883 8d1b399b 2021-07-22 op struct sym *sym;
885 8d1b399b 2021-07-22 op TAILQ_FOREACH(sym, &symhead, entry) {
886 8d1b399b 2021-07-22 op if (strcmp(nam, sym->nam) == 0) {
887 8d1b399b 2021-07-22 op sym->used = 1;
888 8d1b399b 2021-07-22 op return sym->val;
895 8d1b399b 2021-07-22 op clear_config(struct kd_conf *xconf)
897 8d1b399b 2021-07-22 op /* free stuff? */
903 8d1b399b 2021-07-22 op add_table(const char *name, const char *type, const char *path)
905 8d1b399b 2021-07-22 op if (table_open(conf, name, type, path) == -1)
906 8d1b399b 2021-07-22 op yyerror("can't initialize table %s", name);
907 c25feded 2021-07-26 op table = STAILQ_FIRST(&conf->table_head)->table;
910 8d1b399b 2021-07-22 op static struct table *
911 8d1b399b 2021-07-22 op findtable(const char *name)
913 8d1b399b 2021-07-22 op struct kd_tables_conf *i;
915 c25feded 2021-07-26 op STAILQ_FOREACH(i, &conf->table_head, entry) {
916 8d1b399b 2021-07-22 op if (!strcmp(i->table->t_name, name))
917 8d1b399b 2021-07-22 op return i->table;
920 8d1b399b 2021-07-22 op yyerror("unknown table %s", name);
925 8d1b399b 2021-07-22 op add_cert(const char *name, const char *path)
927 8d1b399b 2021-07-22 op struct kd_pki_conf *pki;
929 c25feded 2021-07-26 op STAILQ_FOREACH(pki, &conf->pki_head, entry) {
930 8d1b399b 2021-07-22 op if (strcmp(name, pki->name) != 0)
933 8d1b399b 2021-07-22 op if (pki->cert != NULL) {
934 8d1b399b 2021-07-22 op yyerror("duplicate `pki %s cert'", name);
941 8d1b399b 2021-07-22 op pki = xcalloc(1, sizeof(*pki));
942 8d1b399b 2021-07-22 op strlcpy(pki->name, name, sizeof(pki->name));
943 c25feded 2021-07-26 op STAILQ_INSERT_HEAD(&conf->pki_head, pki, entry);
946 8d1b399b 2021-07-22 op if ((pki->cert = tls_load_file(path, &pki->certlen, NULL)) == NULL)
951 8d1b399b 2021-07-22 op add_key(const char *name, const char *path)
953 8d1b399b 2021-07-22 op struct kd_pki_conf *pki;
955 c25feded 2021-07-26 op STAILQ_FOREACH(pki, &conf->pki_head, entry) {
956 8d1b399b 2021-07-22 op if (strcmp(name, pki->name) != 0)
959 8d1b399b 2021-07-22 op if (pki->key != NULL) {
960 8d1b399b 2021-07-22 op yyerror("duplicate `pki %s key'", name);
967 8d1b399b 2021-07-22 op pki = xcalloc(1, sizeof(*pki));
968 8d1b399b 2021-07-22 op strlcpy(pki->name, name, sizeof(pki->name));
969 c25feded 2021-07-26 op STAILQ_INSERT_HEAD(&conf->pki_head, pki, entry);
972 8d1b399b 2021-07-22 op if ((pki->key = tls_load_file(path, &pki->keylen, NULL)) == NULL)
976 d82b9f6d 2021-07-22 op static struct kd_listen_conf *
977 d82b9f6d 2021-07-22 op listen_new(void)
979 8d1b399b 2021-07-22 op struct kd_listen_conf *l;
981 8d1b399b 2021-07-22 op l = xcalloc(1, sizeof(*l));
982 8d1b399b 2021-07-22 op l->id = counter++;
985 c25feded 2021-07-26 op STAILQ_INSERT_HEAD(&conf->listen_head, l, entry);
