Blob

Date:
Message:
add missing RO and RW tokens; pointed out by op@
Actions:
History | Blame | Raw File
1 /*

2  * Copyright (c) 2022 Stefan Sperling <stsp@openbsd.org>

3  * Copyright (c) 2016-2019, 2020-2021 Tracey Emery <tracey@traceyemery.net>

4  * Copyright (c) 2004, 2005 Esben Norby <norby@openbsd.org>

5  * Copyright (c) 2004 Ryan McBride <mcbride@openbsd.org>

6  * Copyright (c) 2002, 2003, 2004 Henning Brauer <henning@openbsd.org>

7  * Copyright (c) 2001 Markus Friedl.  All rights reserved.

8  * Copyright (c) 2001 Daniel Hartmeier.  All rights reserved.

9  * Copyright (c) 2001 Theo de Raadt.  All rights reserved.

10  *

11  * Permission to use, copy, modify, and distribute this software for any

12  * purpose with or without fee is hereby granted, provided that the above

13  * copyright notice and this permission notice appear in all copies.

14  *

15  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES

16  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF

17  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR

18  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES

19  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN

20  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF

21  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.

22  */

24 %{

25 #include <sys/time.h>

26 #include <sys/types.h>

27 #include <sys/queue.h>

28 #include <sys/stat.h>

30 #include <ctype.h>

31 #include <err.h>

32 #include <errno.h>

33 #include <event.h>

34 #include <imsg.h>

35 #include <limits.h>

36 #include <sha1.h>

37 #include <stdarg.h>

38 #include <stdlib.h>

39 #include <stdio.h>

40 #include <string.h>

41 #include <syslog.h>

42 #include <unistd.h>

44 #include "got_error.h"

45 #include "got_path.h"

47 #include "log.h"

48 #include "gotd.h"

50 TAILQ_HEAD(files, file)		 files = TAILQ_HEAD_INITIALIZER(files);

51 static struct file {

52 	TAILQ_ENTRY(file)	 entry;

53 	FILE			*stream;

54 	char			*name;

55 	int			 lineno;

56 	int			 errors;

57 } *file;

58 struct file	*newfile(const char *, int);

59 static void	 closefile(struct file *);

60 int		 check_file_secrecy(int, const char *);

61 int		 yyparse(void);

62 int		 yylex(void);

63 int		 yyerror(const char *, ...)

64     __attribute__((__format__ (printf, 1, 2)))

65     __attribute__((__nonnull__ (1)));

66 int		 kw_cmp(const void *, const void *);

67 int		 lookup(char *);

68 int		 lgetc(int);

69 int		 lungetc(int);

70 int		 findeol(void);

72 TAILQ_HEAD(symhead, sym)	 symhead = TAILQ_HEAD_INITIALIZER(symhead);

73 struct sym {

74 	TAILQ_ENTRY(sym)	 entry;

75 	int			 used;

76 	int			 persist;

77 	char			*nam;

78 	char			*val;

79 };

81 int	 symset(const char *, const char *, int);

82 char	*symget(const char *);

84 static int		 errors;

86 static struct gotd		*gotd;

87 static struct gotd_repo		*new_repo;

88 static struct gotd_repo		*conf_new_repo(const char *);

89 static enum gotd_procid		 gotd_proc_id;

91 typedef struct {

92 	union {

93 		long long	 number;

94 		char		*string;

95 	} v;

96 	int lineno;

97 } YYSTYPE;

99 %}

101 %token	PATH ERROR ON UNIX_SOCKET UNIX_GROUP USER REPOSITORY PERMIT DENY

102 %token	RO RW

104 %token	<v.string>	STRING

105 %token	<v.number>	NUMBER

106 %type	<v.number>	boolean

108 %%

110 grammar		:

111 		| grammar '\n'

112 		| grammar main '\n'

113 		| grammar repository '\n'

116 boolean		: STRING {

117 			if (strcasecmp($1, "1") == 0 ||

118 			    strcasecmp($1, "yes") == 0 ||

119 			    strcasecmp($1, "on") == 0)

120 				$$ = 1;

121 			else if (strcasecmp($1, "0") == 0 ||

122 			    strcasecmp($1, "off") == 0 ||

123 			    strcasecmp($1, "no") == 0)

124 				$$ = 0;

125 			else {

126 				yyerror("invalid boolean value '%s'", $1);

127 				free($1);

128 				YYERROR;

130 			free($1);

132 		| ON { $$ = 1; }

133 		| NUMBER { $$ = $1; }

136 main		: UNIX_SOCKET STRING {

137 			if (gotd_proc_id == PROC_GOTD) {

138 				if (strlcpy(gotd->unix_socket_path, $2,

139 				    sizeof(gotd->unix_socket_path)) >=

140 				    sizeof(gotd->unix_socket_path)) {

141 					yyerror("%s: unix socket path too long",

142 					    __func__);

143 					free($2);

144 					YYERROR;

147 			free($2);

149 		| UNIX_GROUP STRING {

150 			if (strlcpy(gotd->unix_group_name, $2,

151 			    sizeof(gotd->unix_group_name)) >=

152 			    sizeof(gotd->unix_group_name)) {

153 				yyerror("%s: unix group name too long",

154 				    __func__);

155 				free($2);

156 				YYERROR;

158 			free($2);

160 		| USER STRING {

161 			if (strlcpy(gotd->user_name, $2,

162 			    sizeof(gotd->user_name)) >=

163 			    sizeof(gotd->user_name)) {

164 				yyerror("%s: user name too long", __func__);

165 				free($2);

166 				YYERROR;

168 			free($2);

172 repository	: REPOSITORY STRING {

173 			struct gotd_repo *repo;

175 			TAILQ_FOREACH(repo, &gotd->repos, entry) {

176 				if (strcmp(repo->name, $2) == 0) {

177 					yyerror("duplicate repository '%s'", $2);

178 					free($2);

179 					YYERROR;

183 			if (gotd_proc_id == PROC_GOTD) {

184 				new_repo = conf_new_repo($2);

186 			free($2);

188 		| REPOSITORY STRING {

189 			struct gotd_repo *repo;

191 			TAILQ_FOREACH(repo, &gotd->repos, entry) {

192 				if (strcmp(repo->name, $2) == 0) {

193 					yyerror("duplicate repository '%s'", $2);

194 					free($2);

195 					YYERROR;

199 			if (gotd_proc_id == PROC_GOTD) {

200 				new_repo = conf_new_repo($2);

202 			free($2);

203 		} '{' optnl repoopts2 '}' {

207 repoopts1	: PATH STRING {

208 			if (gotd_proc_id == PROC_GOTD) {

209 				if (!got_path_is_absolute($2)) {

210 					yyerror("%s: path %s is not absolute",

211 					    __func__, $2);

212 					free($2);

213 					YYERROR;

215 				if (strlcpy(new_repo->path, $2,

216 				    sizeof(new_repo->path)) >=

217 				    sizeof(new_repo->path)) {

218 					yyerror("%s: path truncated", __func__);

219 					free($2);

220 					YYERROR;

223 			free($2);

225 		| PERMIT RO STRING {

226 			if (gotd_proc_id == PROC_GOTD) {

227 				conf_new_access_rule(new_repo,

228 				    GOTD_ACCESS_PERMITTED, GOTD_AUTH_READ, $3);

231 		| PERMIT RW STRING {

232 			if (gotd_proc_id == PROC_GOTD) {

233 				conf_new_access_rule(new_repo,

234 				    GOTD_ACCESS_PERMITTED,

235 				    GOTD_AUTH_READ | GOTD_AUTH_WRITE, $3);

238 		| DENY STRING {

239 			if (gotd_proc_id == PROC_GOTD) {

240 				conf_new_access_rule(new_repo,

241 				    GOTD_ACCESS_DENIED, 0, $2);

246 repoopts2	: repoopts2 repoopts1 nl

247 		| repoopts1 optnl

250 nl		: '\n' optnl

253 optnl		: '\n' optnl		/* zero or more newlines */

254 		| /* empty */

257 %%

259 struct keywords {

260 	const char	*k_name;

261 	int		 k_val;

262 };

264 int

265 yyerror(const char *fmt, ...)

267 	va_list ap;

268 	char *msg;

270 	file->errors++;

271 	va_start(ap, fmt);

272 	if (vasprintf(&msg, fmt, ap) == -1)

273 		fatalx("yyerror vasprintf");

274 	va_end(ap);

275 	logit(LOG_CRIT, "%s:%d: %s", file->name, yylval.lineno, msg);

276 	free(msg);

277 	return (0);

280 int

281 kw_cmp(const void *k, const void *e)

283 	return (strcmp(k, ((const struct keywords *)e)->k_name));

286 int

287 lookup(char *s)

289 	/* This has to be sorted always. */

290 	static const struct keywords keywords[] = {

291 		{ "deny",			DENY },

292 		{ "on",				ON },

293 		{ "path",			PATH },

294 		{ "permit",			PERMIT },

295 		{ "repository",			REPOSITORY },

296 		{ "ro",				RO },

297 		{ "rw",				RW },

298 		{ "unix_group",			UNIX_GROUP },

299 		{ "unix_socket",		UNIX_SOCKET },

300 		{ "user",			USER },

301 	};

302 	const struct keywords *p;

304 	p = bsearch(s, keywords, sizeof(keywords)/sizeof(keywords[0]),

305 	    sizeof(keywords[0]), kw_cmp);

307 	if (p)

308 		return (p->k_val);

309 	else

310 		return (STRING);

313 #define MAXPUSHBACK	128

315 unsigned char *parsebuf;

316 int parseindex;

317 unsigned char pushback_buffer[MAXPUSHBACK];

318 int pushback_index = 0;

320 int

321 lgetc(int quotec)

323 	int c, next;

325 	if (parsebuf) {

326 		/* Read character from the parsebuffer instead of input. */

327 		if (parseindex >= 0) {

328 			c = parsebuf[parseindex++];

329 			if (c != '\0')

330 				return (c);

331 			parsebuf = NULL;

332 		} else

333 			parseindex++;

336 	if (pushback_index)

337 		return (pushback_buffer[--pushback_index]);

339 	if (quotec) {

340 		c = getc(file->stream);

341 		if (c == EOF)

342 			yyerror("reached end of file while parsing "

343 			    "quoted string");

344 		return (c);

347 	c = getc(file->stream);

348 	while (c == '\\') {

349 		next = getc(file->stream);

350 		if (next != '\n') {

351 			c = next;

352 			break;

354 		yylval.lineno = file->lineno;

355 		file->lineno++;

356 		c = getc(file->stream);

359 	return (c);

362 int

363 lungetc(int c)

365 	if (c == EOF)

366 		return (EOF);

367 	if (parsebuf) {

368 		parseindex--;

369 		if (parseindex >= 0)

370 			return (c);

372 	if (pushback_index < MAXPUSHBACK-1)

373 		return (pushback_buffer[pushback_index++] = c);

374 	else

375 		return (EOF);

378 int

379 findeol(void)

381 	int c;

383 	parsebuf = NULL;

385 	/* Skip to either EOF or the first real EOL. */

386 	while (1) {

387 		if (pushback_index)

388 			c = pushback_buffer[--pushback_index];

389 		else

390 			c = lgetc(0);

391 		if (c == '\n') {

392 			file->lineno++;

393 			break;

395 		if (c == EOF)

396 			break;

398 	return (ERROR);

401 int

402 yylex(void)

404 	unsigned char buf[8096];

405 	unsigned char *p, *val;

406 	int quotec, next, c;

407 	int token;

409 top:

410 	p = buf;

411 	c = lgetc(0);

412 	while (c == ' ' || c == '\t')

413 		c = lgetc(0); /* nothing */

415 	yylval.lineno = file->lineno;

416 	if (c == '#') {

417 		c = lgetc(0);

418 		while (c != '\n' && c != EOF)

419 			c = lgetc(0); /* nothing */

421 	if (c == '$' && parsebuf == NULL) {

422 		while (1) {

423 			c = lgetc(0);

424 			if (c == EOF)

425 				return (0);

427 			if (p + 1 >= buf + sizeof(buf) - 1) {

428 				yyerror("string too long");

429 				return (findeol());

431 			if (isalnum(c) || c == '_') {

432 				*p++ = c;

433 				continue;

435 			*p = '\0';

436 			lungetc(c);

437 			break;

439 		val = symget(buf);

440 		if (val == NULL) {

441 			yyerror("macro '%s' not defined", buf);

442 			return (findeol());

444 		parsebuf = val;

445 		parseindex = 0;

446 		goto top;

449 	switch (c) {

450 	case '\'':

451 	case '"':

452 		quotec = c;

453 		while (1) {

454 			c = lgetc(quotec);

455 			if (c == EOF)

456 				return (0);

457 			if (c == '\n') {

458 				file->lineno++;

459 				continue;

460 			} else if (c == '\\') {

461 				next = lgetc(quotec);

462 				if (next == EOF)

463 					return (0);

464 				if (next == quotec || c == ' ' || c == '\t')

465 					c = next;

466 				else if (next == '\n') {

467 					file->lineno++;

468 					continue;

469 				} else

470 					lungetc(next);

471 			} else if (c == quotec) {

472 				*p = '\0';

473 				break;

474 			} else if (c == '\0') {

475 				yyerror("syntax error");

476 				return (findeol());

478 			if (p + 1 >= buf + sizeof(buf) - 1) {

479 				yyerror("string too long");

480 				return (findeol());

482 			*p++ = c;

484 		yylval.v.string = strdup(buf);

485 		if (yylval.v.string == NULL)

486 			err(1, "yylex: strdup");

487 		return (STRING);

490 #define allowed_to_end_number(x) \

491 	(isspace(x) || x == ')' || x ==',' || x == '/' || x == '}' || x == '=')

493 	if (c == '-' || isdigit(c)) {

494 		do {

495 			*p++ = c;

496 			if ((unsigned)(p-buf) >= sizeof(buf)) {

497 				yyerror("string too long");

498 				return (findeol());

500 			c = lgetc(0);

501 		} while (c != EOF && isdigit(c));

502 		lungetc(c);

503 		if (p == buf + 1 && buf[0] == '-')

504 			goto nodigits;

505 		if (c == EOF || allowed_to_end_number(c)) {

506 			const char *errstr = NULL;

508 			*p = '\0';

509 			yylval.v.number = strtonum(buf, LLONG_MIN,

510 			    LLONG_MAX, &errstr);

511 			if (errstr) {

512 				yyerror("\"%s\" invalid number: %s",

513 				    buf, errstr);

514 				return (findeol());

516 			return (NUMBER);

517 		} else {

518 nodigits:

519 			while (p > buf + 1)

520 				lungetc(*--p);

521 			c = *--p;

522 			if (c == '-')

523 				return (c);

527 #define allowed_in_string(x) \

528 	(isalnum(x) || (ispunct(x) && x != '(' && x != ')' && \

529 	x != '{' && x != '}' && \

530 	x != '!' && x != '=' && x != '#' && \

531 	x != ','))

533 	if (isalnum(c) || c == ':' || c == '_') {

534 		do {

535 			*p++ = c;

536 			if ((unsigned)(p-buf) >= sizeof(buf)) {

537 				yyerror("string too long");

538 				return (findeol());

540 			c = lgetc(0);

541 		} while (c != EOF && (allowed_in_string(c)));

542 		lungetc(c);

543 		*p = '\0';

544 		token = lookup(buf);

545 		if (token == STRING) {

546 			yylval.v.string = strdup(buf);

547 			if (yylval.v.string == NULL)

548 				err(1, "yylex: strdup");

550 		return (token);

552 	if (c == '\n') {

553 		yylval.lineno = file->lineno;

554 		file->lineno++;

556 	if (c == EOF)

557 		return (0);

558 	return (c);

561 int

562 check_file_secrecy(int fd, const char *fname)

564 	struct stat st;

566 	if (fstat(fd, &st)) {

567 		log_warn("cannot stat %s", fname);

568 		return (-1);

570 	if (st.st_uid != 0 && st.st_uid != getuid()) {

571 		log_warnx("%s: owner not root or current user", fname);

572 		return (-1);

574 	if (st.st_mode & (S_IWGRP | S_IXGRP | S_IRWXO)) {

575 		log_warnx("%s: group writable or world read/writable", fname);

576 		return (-1);

578 	return (0);

581 struct file *

582 newfile(const char *name, int secret)

584 	struct file *nfile;

586 	nfile = calloc(1, sizeof(struct file));

587 	if (nfile == NULL) {

588 		log_warn("calloc");

589 		return (NULL);

591 	nfile->name = strdup(name);

592 	if (nfile->name == NULL) {

593 		log_warn("strdup");

594 		free(nfile);

595 		return (NULL);

597 	nfile->stream = fopen(nfile->name, "r");

598 	if (nfile->stream == NULL) {

599 		/* no warning, we don't require a conf file */

600 		free(nfile->name);

601 		free(nfile);

602 		return (NULL);

603 	} else if (secret &&

604 	    check_file_secrecy(fileno(nfile->stream), nfile->name)) {

605 		fclose(nfile->stream);

606 		free(nfile->name);

607 		free(nfile);

608 		return (NULL);

610 	nfile->lineno = 1;

611 	return (nfile);

614 static void

615 closefile(struct file *xfile)

617 	fclose(xfile->stream);

618 	free(xfile->name);

619 	free(xfile);

622 int

623 parse_config(const char *filename, enum gotd_procid proc_id,

624     struct gotd *env)

626 	struct sym *sym, *next;

628 	memset(env, 0, sizeof(*env));

630 	gotd = env;

631 	gotd_proc_id = proc_id;

632 	TAILQ_INIT(&gotd->repos);

634 	/* Apply default values. */

635 	if (strlcpy(gotd->unix_socket_path, GOTD_UNIX_SOCKET,

636 	    sizeof(gotd->unix_socket_path)) >= sizeof(gotd->unix_socket_path)) {

637 		fprintf(stderr, "%s: unix socket path too long", __func__);

638 		return -1;

640 	if (strlcpy(gotd->unix_group_name, GOTD_UNIX_GROUP,

641 	    sizeof(gotd->unix_group_name)) >= sizeof(gotd->unix_group_name)) {

642 		fprintf(stderr, "%s: unix group name too long", __func__);

643 		return -1;

645 	if (strlcpy(gotd->user_name, GOTD_USER,

646 	    sizeof(gotd->user_name)) >= sizeof(gotd->user_name)) {

647 		fprintf(stderr, "%s: user name too long", __func__);

648 		return -1;

651 	file = newfile(filename, 0);

652 	if (file == NULL) {

653 		/* just return, as we don't require a conf file */

654 		return (0);

657 	yyparse();

658 	errors = file->errors;

659 	closefile(file);

661 	/* Free macros and check which have not been used. */

662 	TAILQ_FOREACH_SAFE(sym, &symhead, entry, next) {

663 		if ((gotd->verbosity > 1) && !sym->used)

664 			fprintf(stderr, "warning: macro '%s' not used\n",

665 			    sym->nam);

666 		if (!sym->persist) {

667 			free(sym->nam);

668 			free(sym->val);

669 			TAILQ_REMOVE(&symhead, sym, entry);

670 			free(sym);

674 	if (errors)

675 		return (-1);

677 	return (0);

680 static struct gotd_repo *

681 conf_new_repo(const char *name)

683 	struct gotd_repo *repo;

685 	if (strchr(name, '\n') != NULL) {

686 		fatalx("%s: repository names must not contain linefeeds: %s",

687 		    getprogname(), name);

690 	repo = calloc(1, sizeof(*repo));

691 	if (repo == NULL)

692 		fatalx("%s: calloc", __func__);

694 	STAILQ_INIT(&repo->rules);

696 	if (strlcpy(repo->name, name, sizeof(repo->name)) >=

697 	    sizeof(repo->name))

698 		fatalx("%s: strlcpy", __func__);

700 	TAILQ_INSERT_TAIL(&gotd->repos, repo, entry);

701 	gotd->nrepos++;

703 	return repo;

704 };

706 static void

707 conf_new_access_rule(struct gotd_repo *repo, enum gotd_access access,

708     int authorization, char *identifier)

710 	struct gotd_access_rule *rule;

712 	rule = calloc(1, sizeof(*rule));

713 	if (rule == NULL)

714 		fatal("calloc");

716 	rule->access = access;

717 	rule->authorization = authorization;

718 	rule->identifier = identifier;

720 	STAILQ_INSERT_TAIL(&repo->rules, rule, entry);

723 int

724 symset(const char *nam, const char *val, int persist)

726 	struct sym *sym;

728 	TAILQ_FOREACH(sym, &symhead, entry) {

729 		if (strcmp(nam, sym->nam) == 0)

730 			break;

733 	if (sym != NULL) {

734 		if (sym->persist == 1)

735 			return (0);

736 		else {

737 			free(sym->nam);

738 			free(sym->val);

739 			TAILQ_REMOVE(&symhead, sym, entry);

740 			free(sym);

743 	sym = calloc(1, sizeof(*sym));

744 	if (sym == NULL)

745 		return (-1);

747 	sym->nam = strdup(nam);

748 	if (sym->nam == NULL) {

749 		free(sym);

750 		return (-1);

752 	sym->val = strdup(val);

753 	if (sym->val == NULL) {

754 		free(sym->nam);

755 		free(sym);

756 		return (-1);

758 	sym->used = 0;

759 	sym->persist = persist;

760 	TAILQ_INSERT_TAIL(&symhead, sym, entry);

761 	return (0);

764 char *

765 symget(const char *nam)

767 	struct sym *sym;

769 	TAILQ_FOREACH(sym, &symhead, entry) {

770 		if (strcmp(nam, sym->nam) == 0) {

771 			sym->used = 1;

772 			return (sym->val);

775 	return (NULL);