2 * Copyright (c) 2022 Stefan Sperling <stsp@openbsd.org>
3 * Copyright (c) 2016-2019, 2020-2021 Tracey Emery <tracey@traceyemery.net>
4 * Copyright (c) 2004, 2005 Esben Norby <norby@openbsd.org>
5 * Copyright (c) 2004 Ryan McBride <mcbride@openbsd.org>
6 * Copyright (c) 2002, 2003, 2004 Henning Brauer <henning@openbsd.org>
7 * Copyright (c) 2001 Markus Friedl. All rights reserved.
8 * Copyright (c) 2001 Daniel Hartmeier. All rights reserved.
9 * Copyright (c) 2001 Theo de Raadt. All rights reserved.
11 * Permission to use, copy, modify, and distribute this software for any
12 * purpose with or without fee is hereby granted, provided that the above
13 * copyright notice and this permission notice appear in all copies.
15 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
16 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
17 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
18 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
19 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
20 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
21 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
26 #include <sys/types.h>
27 #include <sys/queue.h>
44 #include "got_error.h"
50 TAILQ_HEAD(files, file) files = TAILQ_HEAD_INITIALIZER(files);
52 TAILQ_ENTRY(file) entry;
58 struct file *newfile(const char *, int);
59 static void closefile(struct file *);
60 int check_file_secrecy(int, const char *);
63 int yyerror(const char *, ...)
64 __attribute__((__format__ (printf, 1, 2)))
65 __attribute__((__nonnull__ (1)));
66 int kw_cmp(const void *, const void *);
72 TAILQ_HEAD(symhead, sym) symhead = TAILQ_HEAD_INITIALIZER(symhead);
74 TAILQ_ENTRY(sym) entry;
81 int symset(const char *, const char *, int);
82 char *symget(const char *);
86 static struct gotd *gotd;
87 static struct gotd_repo *new_repo;
88 static struct gotd_repo *conf_new_repo(const char *);
89 static void conf_new_access_rule(struct gotd_repo *,
90 enum gotd_access, int, char *);
91 static enum gotd_procid gotd_proc_id;
103 %token PATH ERROR ON UNIX_SOCKET UNIX_GROUP USER REPOSITORY PERMIT DENY
106 %token <v.string> STRING
107 %token <v.number> NUMBER
108 %type <v.number> boolean
115 | grammar repository '\n'
119 if (strcasecmp($1, "1") == 0 ||
120 strcasecmp($1, "yes") == 0 ||
121 strcasecmp($1, "on") == 0)
123 else if (strcasecmp($1, "0") == 0 ||
124 strcasecmp($1, "off") == 0 ||
125 strcasecmp($1, "no") == 0)
128 yyerror("invalid boolean value '%s'", $1);
135 | NUMBER { $$ = $1; }
138 main : UNIX_SOCKET STRING {
139 if (gotd_proc_id == PROC_LISTEN) {
140 if (strlcpy(gotd->unix_socket_path, $2,
141 sizeof(gotd->unix_socket_path)) >=
142 sizeof(gotd->unix_socket_path)) {
143 yyerror("%s: unix socket path too long",
151 | UNIX_GROUP STRING {
152 if (strlcpy(gotd->unix_group_name, $2,
153 sizeof(gotd->unix_group_name)) >=
154 sizeof(gotd->unix_group_name)) {
155 yyerror("%s: unix group name too long",
163 if (strlcpy(gotd->user_name, $2,
164 sizeof(gotd->user_name)) >=
165 sizeof(gotd->user_name)) {
166 yyerror("%s: user name too long", __func__);
174 repository : REPOSITORY STRING {
175 struct gotd_repo *repo;
177 TAILQ_FOREACH(repo, &gotd->repos, entry) {
178 if (strcmp(repo->name, $2) == 0) {
179 yyerror("duplicate repository '%s'", $2);
185 if (gotd_proc_id == PROC_GOTD ||
186 gotd_proc_id == PROC_AUTH) {
187 new_repo = conf_new_repo($2);
191 | REPOSITORY STRING {
192 struct gotd_repo *repo;
194 TAILQ_FOREACH(repo, &gotd->repos, entry) {
195 if (strcmp(repo->name, $2) == 0) {
196 yyerror("duplicate repository '%s'", $2);
202 if (gotd_proc_id == PROC_GOTD ||
203 gotd_proc_id == PROC_AUTH) {
204 new_repo = conf_new_repo($2);
207 } '{' optnl repoopts2 '}' {
211 repoopts1 : PATH STRING {
212 if (gotd_proc_id == PROC_GOTD ||
213 gotd_proc_id == PROC_AUTH) {
214 if (!got_path_is_absolute($2)) {
215 yyerror("%s: path %s is not absolute",
220 if (strlcpy(new_repo->path, $2,
221 sizeof(new_repo->path)) >=
222 sizeof(new_repo->path)) {
223 yyerror("%s: path truncated", __func__);
231 if (gotd_proc_id == PROC_AUTH) {
232 conf_new_access_rule(new_repo,
233 GOTD_ACCESS_PERMITTED, GOTD_AUTH_READ, $3);
237 if (gotd_proc_id == PROC_AUTH) {
238 conf_new_access_rule(new_repo,
239 GOTD_ACCESS_PERMITTED,
240 GOTD_AUTH_READ | GOTD_AUTH_WRITE, $3);
244 if (gotd_proc_id == PROC_AUTH) {
245 conf_new_access_rule(new_repo,
246 GOTD_ACCESS_DENIED, 0, $2);
251 repoopts2 : repoopts2 repoopts1 nl
258 optnl : '\n' optnl /* zero or more newlines */
270 yyerror(const char *fmt, ...)
277 if (vasprintf(&msg, fmt, ap) == -1)
278 fatalx("yyerror vasprintf");
280 logit(LOG_CRIT, "%s:%d: %s", file->name, yylval.lineno, msg);
286 kw_cmp(const void *k, const void *e)
288 return (strcmp(k, ((const struct keywords *)e)->k_name));
294 /* This has to be sorted always. */
295 static const struct keywords keywords[] = {
299 { "permit", PERMIT },
300 { "repository", REPOSITORY },
303 { "unix_group", UNIX_GROUP },
304 { "unix_socket", UNIX_SOCKET },
307 const struct keywords *p;
309 p = bsearch(s, keywords, sizeof(keywords)/sizeof(keywords[0]),
310 sizeof(keywords[0]), kw_cmp);
318 #define MAXPUSHBACK 128
320 unsigned char *parsebuf;
322 unsigned char pushback_buffer[MAXPUSHBACK];
323 int pushback_index = 0;
331 /* Read character from the parsebuffer instead of input. */
332 if (parseindex >= 0) {
333 c = parsebuf[parseindex++];
342 return (pushback_buffer[--pushback_index]);
345 c = getc(file->stream);
347 yyerror("reached end of file while parsing "
352 c = getc(file->stream);
354 next = getc(file->stream);
359 yylval.lineno = file->lineno;
361 c = getc(file->stream);
377 if (pushback_index < MAXPUSHBACK-1)
378 return (pushback_buffer[pushback_index++] = c);
390 /* Skip to either EOF or the first real EOL. */
393 c = pushback_buffer[--pushback_index];
409 unsigned char buf[8096];
410 unsigned char *p, *val;
417 while (c == ' ' || c == '\t')
418 c = lgetc(0); /* nothing */
420 yylval.lineno = file->lineno;
423 while (c != '\n' && c != EOF)
424 c = lgetc(0); /* nothing */
426 if (c == '$' && parsebuf == NULL) {
432 if (p + 1 >= buf + sizeof(buf) - 1) {
433 yyerror("string too long");
436 if (isalnum(c) || c == '_') {
446 yyerror("macro '%s' not defined", buf);
465 } else if (c == '\\') {
466 next = lgetc(quotec);
469 if (next == quotec || c == ' ' || c == '\t')
471 else if (next == '\n') {
476 } else if (c == quotec) {
479 } else if (c == '\0') {
480 yyerror("syntax error");
483 if (p + 1 >= buf + sizeof(buf) - 1) {
484 yyerror("string too long");
489 yylval.v.string = strdup(buf);
490 if (yylval.v.string == NULL)
491 err(1, "yylex: strdup");
495 #define allowed_to_end_number(x) \
496 (isspace(x) || x == ')' || x ==',' || x == '/' || x == '}' || x == '=')
498 if (c == '-' || isdigit(c)) {
501 if ((unsigned)(p-buf) >= sizeof(buf)) {
502 yyerror("string too long");
506 } while (c != EOF && isdigit(c));
508 if (p == buf + 1 && buf[0] == '-')
510 if (c == EOF || allowed_to_end_number(c)) {
511 const char *errstr = NULL;
514 yylval.v.number = strtonum(buf, LLONG_MIN,
517 yyerror("\"%s\" invalid number: %s",
532 #define allowed_in_string(x) \
533 (isalnum(x) || (ispunct(x) && x != '(' && x != ')' && \
534 x != '{' && x != '}' && \
535 x != '!' && x != '=' && x != '#' && \
538 if (isalnum(c) || c == ':' || c == '_') {
541 if ((unsigned)(p-buf) >= sizeof(buf)) {
542 yyerror("string too long");
546 } while (c != EOF && (allowed_in_string(c)));
550 if (token == STRING) {
551 yylval.v.string = strdup(buf);
552 if (yylval.v.string == NULL)
553 err(1, "yylex: strdup");
558 yylval.lineno = file->lineno;
567 check_file_secrecy(int fd, const char *fname)
571 if (fstat(fd, &st)) {
572 log_warn("cannot stat %s", fname);
575 if (st.st_uid != 0 && st.st_uid != getuid()) {
576 log_warnx("%s: owner not root or current user", fname);
579 if (st.st_mode & (S_IWGRP | S_IXGRP | S_IRWXO)) {
580 log_warnx("%s: group writable or world read/writable", fname);
587 newfile(const char *name, int secret)
591 nfile = calloc(1, sizeof(struct file));
596 nfile->name = strdup(name);
597 if (nfile->name == NULL) {
602 nfile->stream = fopen(nfile->name, "r");
603 if (nfile->stream == NULL) {
604 /* no warning, we don't require a conf file */
609 check_file_secrecy(fileno(nfile->stream), nfile->name)) {
610 fclose(nfile->stream);
620 closefile(struct file *xfile)
622 fclose(xfile->stream);
628 parse_config(const char *filename, enum gotd_procid proc_id,
631 struct sym *sym, *next;
633 memset(env, 0, sizeof(*env));
636 gotd_proc_id = proc_id;
637 TAILQ_INIT(&gotd->repos);
639 /* Apply default values. */
640 if (strlcpy(gotd->unix_socket_path, GOTD_UNIX_SOCKET,
641 sizeof(gotd->unix_socket_path)) >= sizeof(gotd->unix_socket_path)) {
642 fprintf(stderr, "%s: unix socket path too long", __func__);
645 if (strlcpy(gotd->unix_group_name, GOTD_UNIX_GROUP,
646 sizeof(gotd->unix_group_name)) >= sizeof(gotd->unix_group_name)) {
647 fprintf(stderr, "%s: unix group name too long", __func__);
650 if (strlcpy(gotd->user_name, GOTD_USER,
651 sizeof(gotd->user_name)) >= sizeof(gotd->user_name)) {
652 fprintf(stderr, "%s: user name too long", __func__);
656 file = newfile(filename, 0);
658 /* just return, as we don't require a conf file */
663 errors = file->errors;
666 /* Free macros and check which have not been used. */
667 TAILQ_FOREACH_SAFE(sym, &symhead, entry, next) {
668 if ((gotd->verbosity > 1) && !sym->used)
669 fprintf(stderr, "warning: macro '%s' not used\n",
674 TAILQ_REMOVE(&symhead, sym, entry);
685 static struct gotd_repo *
686 conf_new_repo(const char *name)
688 struct gotd_repo *repo;
690 if (strchr(name, '\n') != NULL) {
691 fatalx("%s: repository names must not contain linefeeds: %s",
692 getprogname(), name);
695 repo = calloc(1, sizeof(*repo));
697 fatalx("%s: calloc", __func__);
699 STAILQ_INIT(&repo->rules);
701 if (strlcpy(repo->name, name, sizeof(repo->name)) >=
703 fatalx("%s: strlcpy", __func__);
705 TAILQ_INSERT_TAIL(&gotd->repos, repo, entry);
712 conf_new_access_rule(struct gotd_repo *repo, enum gotd_access access,
713 int authorization, char *identifier)
715 struct gotd_access_rule *rule;
717 rule = calloc(1, sizeof(*rule));
721 rule->access = access;
722 rule->authorization = authorization;
723 rule->identifier = identifier;
725 STAILQ_INSERT_TAIL(&repo->rules, rule, entry);
729 symset(const char *nam, const char *val, int persist)
733 TAILQ_FOREACH(sym, &symhead, entry) {
734 if (strcmp(nam, sym->nam) == 0)
739 if (sym->persist == 1)
744 TAILQ_REMOVE(&symhead, sym, entry);
748 sym = calloc(1, sizeof(*sym));
752 sym->nam = strdup(nam);
753 if (sym->nam == NULL) {
757 sym->val = strdup(val);
758 if (sym->val == NULL) {
764 sym->persist = persist;
765 TAILQ_INSERT_TAIL(&symhead, sym, entry);
770 symget(const char *nam)
774 TAILQ_FOREACH(sym, &symhead, entry) {
775 if (strcmp(nam, sym->nam) == 0) {