File: | src/usr.sbin/ldapd/obj/parse.c |
Warning: | line 1992, column 14 Use of zero-allocated memory |
Press '?' to see keyboard shortcuts
Keyboard shortcuts:
1 | #include <stdlib.h> | ||||
2 | #include <string.h> | ||||
3 | #define YYBYACC1 1 | ||||
4 | #define YYMAJOR1 1 | ||||
5 | #define YYMINOR9 9 | ||||
6 | #define YYLEXyylex() yylex() | ||||
7 | #define YYEMPTY-1 -1 | ||||
8 | #define yyclearin(yychar=(-1)) (yychar=(YYEMPTY-1)) | ||||
9 | #define yyerrok(yyerrflag=0) (yyerrflag=0) | ||||
10 | #define YYRECOVERING()(yyerrflag!=0) (yyerrflag!=0) | ||||
11 | #define YYPREFIX"yy" "yy" | ||||
12 | #line 25 "/usr/src/usr.sbin/ldapd/parse.y" | ||||
13 | #include <sys/types.h> | ||||
14 | #include <sys/queue.h> | ||||
15 | #include <sys/tree.h> | ||||
16 | #include <sys/socket.h> | ||||
17 | #include <sys/stat.h> | ||||
18 | #include <sys/un.h> | ||||
19 | #include <netinet/in.h> | ||||
20 | #include <arpa/inet.h> | ||||
21 | |||||
22 | #include <ctype.h> | ||||
23 | #include <err.h> | ||||
24 | #include <errno(*__errno()).h> | ||||
25 | #include <ifaddrs.h> | ||||
26 | #include <limits.h> | ||||
27 | #include <netdb.h> | ||||
28 | #include <stdarg.h> | ||||
29 | #include <stdio.h> | ||||
30 | #include <stdlib.h> | ||||
31 | #include <string.h> | ||||
32 | #include <syslog.h> | ||||
33 | #include <unistd.h> | ||||
34 | |||||
35 | #include "ldapd.h" | ||||
36 | #include "log.h" | ||||
37 | |||||
38 | TAILQ_HEAD(files, file)struct files { struct file *tqh_first; struct file **tqh_last ; } files = TAILQ_HEAD_INITIALIZER(files){ ((void*)0), &(files).tqh_first }; | ||||
39 | static struct file { | ||||
40 | TAILQ_ENTRY(file)struct { struct file *tqe_next; struct file **tqe_prev; } entry; | ||||
41 | FILE *stream; | ||||
42 | char *name; | ||||
43 | size_t ungetpos; | ||||
44 | size_t ungetsize; | ||||
45 | u_char *ungetbuf; | ||||
46 | int eof_reached; | ||||
47 | int lineno; | ||||
48 | int errors; | ||||
49 | } *file, *topfile; | ||||
50 | struct file *pushfile(const char *, int); | ||||
51 | int popfile(void); | ||||
52 | int check_file_secrecy(int, const char *); | ||||
53 | int yyparse(void); | ||||
54 | int yylex(void); | ||||
55 | int yyerror(const char *, ...) | ||||
56 | __attribute__((__format__ (printf, 1, 2))) | ||||
57 | __attribute__((__nonnull__ (1))); | ||||
58 | int kw_cmp(const void *, const void *); | ||||
59 | int lookup(char *); | ||||
60 | int igetc(void); | ||||
61 | int lgetc(int); | ||||
62 | void lungetc(int); | ||||
63 | int findeol(void); | ||||
64 | |||||
65 | struct listener *host_unix(const char *path); | ||||
66 | struct listener *host_v4(const char *, in_port_t); | ||||
67 | struct listener *host_v6(const char *, in_port_t); | ||||
68 | int host_dns(const char *, const char *, | ||||
69 | struct listenerlist *, in_port_t, u_int8_t); | ||||
70 | int host(const char *, const char *, | ||||
71 | struct listenerlist *, in_port_t, u_int8_t); | ||||
72 | int interface(const char *, const char *, | ||||
73 | struct listenerlist *, in_port_t, u_int8_t); | ||||
74 | int load_certfile(struct ldapd_config *, const char *, u_int8_t, u_int8_t); | ||||
75 | |||||
76 | TAILQ_HEAD(symhead, sym)struct symhead { struct sym *tqh_first; struct sym **tqh_last ; } symhead = TAILQ_HEAD_INITIALIZER(symhead){ ((void*)0), &(symhead).tqh_first }; | ||||
77 | struct sym { | ||||
78 | TAILQ_ENTRY(sym)struct { struct sym *tqe_next; struct sym **tqe_prev; } entry; | ||||
79 | int used; | ||||
80 | int persist; | ||||
81 | char *nam; | ||||
82 | char *val; | ||||
83 | }; | ||||
84 | int symset(const char *, const char *, int); | ||||
85 | char *symget(const char *); | ||||
86 | |||||
87 | struct ldapd_config *conf; | ||||
88 | |||||
89 | SPLAY_GENERATE(ssltree, ssl, ssl_nodes, ssl_cmp)struct ssl * ssltree_SPLAY_INSERT(struct ssltree *head, struct ssl *elm) { if (((head)->sph_root == ((void*)0))) { (elm) ->ssl_nodes.spe_left = (elm)->ssl_nodes.spe_right = ((void *)0); } else { int __comp; ssltree_SPLAY(head, elm); __comp = (ssl_cmp)(elm, (head)->sph_root); if(__comp < 0) { (elm )->ssl_nodes.spe_left = ((head)->sph_root)->ssl_nodes .spe_left; (elm)->ssl_nodes.spe_right = (head)->sph_root ; ((head)->sph_root)->ssl_nodes.spe_left = ((void*)0); } else if (__comp > 0) { (elm)->ssl_nodes.spe_right = (( head)->sph_root)->ssl_nodes.spe_right; (elm)->ssl_nodes .spe_left = (head)->sph_root; ((head)->sph_root)->ssl_nodes .spe_right = ((void*)0); } else return ((head)->sph_root); } (head)->sph_root = (elm); return (((void*)0)); } struct ssl * ssltree_SPLAY_REMOVE(struct ssltree *head, struct ssl * elm) { struct ssl *__tmp; if (((head)->sph_root == ((void* )0))) return (((void*)0)); ssltree_SPLAY(head, elm); if ((ssl_cmp )(elm, (head)->sph_root) == 0) { if (((head)->sph_root) ->ssl_nodes.spe_left == ((void*)0)) { (head)->sph_root = ((head)->sph_root)->ssl_nodes.spe_right; } else { __tmp = ((head)->sph_root)->ssl_nodes.spe_right; (head)-> sph_root = ((head)->sph_root)->ssl_nodes.spe_left; ssltree_SPLAY (head, elm); ((head)->sph_root)->ssl_nodes.spe_right = __tmp ; } return (elm); } return (((void*)0)); } void ssltree_SPLAY (struct ssltree *head, struct ssl *elm) { struct ssl __node, * __left, *__right, *__tmp; int __comp; (&__node)->ssl_nodes .spe_left = (&__node)->ssl_nodes.spe_right = ((void*)0 ); __left = __right = &__node; while ((__comp = (ssl_cmp) (elm, (head)->sph_root))) { if (__comp < 0) { __tmp = ( (head)->sph_root)->ssl_nodes.spe_left; if (__tmp == ((void *)0)) break; if ((ssl_cmp)(elm, __tmp) < 0){ do { ((head)-> sph_root)->ssl_nodes.spe_left = (__tmp)->ssl_nodes.spe_right ; (__tmp)->ssl_nodes.spe_right = (head)->sph_root; (head )->sph_root = __tmp; } while (0); if (((head)->sph_root )->ssl_nodes.spe_left == ((void*)0)) break; } do { (__right )->ssl_nodes.spe_left = (head)->sph_root; __right = (head )->sph_root; (head)->sph_root = ((head)->sph_root)-> ssl_nodes.spe_left; } while (0); } else if (__comp > 0) { __tmp = ((head)->sph_root)->ssl_nodes.spe_right; if (__tmp == ((void*)0)) break; if ((ssl_cmp)(elm, __tmp) > 0){ do { ( (head)->sph_root)->ssl_nodes.spe_right = (__tmp)->ssl_nodes .spe_left; (__tmp)->ssl_nodes.spe_left = (head)->sph_root ; (head)->sph_root = __tmp; } while (0); if (((head)->sph_root )->ssl_nodes.spe_right == ((void*)0)) break; } do { (__left )->ssl_nodes.spe_right = (head)->sph_root; __left = (head )->sph_root; (head)->sph_root = ((head)->sph_root)-> ssl_nodes.spe_right; } while (0); } } do { (__left)->ssl_nodes .spe_right = ((head)->sph_root)->ssl_nodes.spe_left; (__right )->ssl_nodes.spe_left = ((head)->sph_root)->ssl_nodes .spe_right; ((head)->sph_root)->ssl_nodes.spe_left = (& __node)->ssl_nodes.spe_right; ((head)->sph_root)->ssl_nodes .spe_right = (&__node)->ssl_nodes.spe_left; } while (0 ); } void ssltree_SPLAY_MINMAX(struct ssltree *head, int __comp ) { struct ssl __node, *__left, *__right, *__tmp; (&__node )->ssl_nodes.spe_left = (&__node)->ssl_nodes.spe_right = ((void*)0); __left = __right = &__node; while (1) { if (__comp < 0) { __tmp = ((head)->sph_root)->ssl_nodes .spe_left; if (__tmp == ((void*)0)) break; if (__comp < 0) { do { ((head)->sph_root)->ssl_nodes.spe_left = (__tmp) ->ssl_nodes.spe_right; (__tmp)->ssl_nodes.spe_right = ( head)->sph_root; (head)->sph_root = __tmp; } while (0); if (((head)->sph_root)->ssl_nodes.spe_left == ((void*) 0)) break; } do { (__right)->ssl_nodes.spe_left = (head)-> sph_root; __right = (head)->sph_root; (head)->sph_root = ((head)->sph_root)->ssl_nodes.spe_left; } while (0); } else if (__comp > 0) { __tmp = ((head)->sph_root)-> ssl_nodes.spe_right; if (__tmp == ((void*)0)) break; if (__comp > 0) { do { ((head)->sph_root)->ssl_nodes.spe_right = (__tmp)->ssl_nodes.spe_left; (__tmp)->ssl_nodes.spe_left = (head)->sph_root; (head)->sph_root = __tmp; } while ( 0); if (((head)->sph_root)->ssl_nodes.spe_right == ((void *)0)) break; } do { (__left)->ssl_nodes.spe_right = (head) ->sph_root; __left = (head)->sph_root; (head)->sph_root = ((head)->sph_root)->ssl_nodes.spe_right; } while (0) ; } } do { (__left)->ssl_nodes.spe_right = ((head)->sph_root )->ssl_nodes.spe_left; (__right)->ssl_nodes.spe_left = ( (head)->sph_root)->ssl_nodes.spe_right; ((head)->sph_root )->ssl_nodes.spe_left = (&__node)->ssl_nodes.spe_right ; ((head)->sph_root)->ssl_nodes.spe_right = (&__node )->ssl_nodes.spe_left; } while (0); }; | ||||
90 | |||||
91 | static struct aci *mk_aci(int type, int rights, enum scope scope, | ||||
92 | char *target, char *subject, char *attr); | ||||
93 | |||||
94 | typedef struct { | ||||
95 | union { | ||||
96 | int64_t number; | ||||
97 | char *string; | ||||
98 | struct aci *aci; | ||||
99 | } v; | ||||
100 | int lineno; | ||||
101 | } YYSTYPE; | ||||
102 | |||||
103 | static struct namespace *current_ns = NULL((void*)0); | ||||
104 | |||||
105 | #line 106 "parse.c" | ||||
106 | #define ERROR257 257 | ||||
107 | #define LISTEN258 258 | ||||
108 | #define ON259 259 | ||||
109 | #define LEGACY260 260 | ||||
110 | #define TLS261 261 | ||||
111 | #define LDAPS262 262 | ||||
112 | #define PORT263 263 | ||||
113 | #define NAMESPACE264 264 | ||||
114 | #define ROOTDN265 265 | ||||
115 | #define ROOTPW266 266 | ||||
116 | #define INDEX267 267 | ||||
117 | #define SECURE268 268 | ||||
118 | #define RELAX269 269 | ||||
119 | #define STRICT270 270 | ||||
120 | #define SCHEMA271 271 | ||||
121 | #define USE272 272 | ||||
122 | #define COMPRESSION273 273 | ||||
123 | #define LEVEL274 274 | ||||
124 | #define INCLUDE275 275 | ||||
125 | #define CERTIFICATE276 276 | ||||
126 | #define FSYNC277 277 | ||||
127 | #define CACHE_SIZE278 278 | ||||
128 | #define INDEX_CACHE_SIZE279 279 | ||||
129 | #define DENY280 280 | ||||
130 | #define ALLOW281 281 | ||||
131 | #define READ282 282 | ||||
132 | #define WRITE283 283 | ||||
133 | #define BIND284 284 | ||||
134 | #define ACCESS285 285 | ||||
135 | #define TO286 286 | ||||
136 | #define ROOT287 287 | ||||
137 | #define REFERRAL288 288 | ||||
138 | #define ANY289 289 | ||||
139 | #define CHILDREN290 290 | ||||
140 | #define OF291 291 | ||||
141 | #define ATTRIBUTE292 292 | ||||
142 | #define IN293 293 | ||||
143 | #define SUBTREE294 294 | ||||
144 | #define BY295 295 | ||||
145 | #define SELF296 296 | ||||
146 | #define STRING297 297 | ||||
147 | #define NUMBER298 298 | ||||
148 | #define YYERRCODE256 256 | ||||
149 | const short yylhs[] = | ||||
150 | { -1, | ||||
151 | 0, 0, 0, 0, 0, 0, 0, 0, 0, 5, | ||||
152 | 5, 6, 6, 6, 6, 2, 15, 15, 1, 1, | ||||
153 | 1, 19, 19, 19, 19, 23, 20, 3, 3, 22, | ||||
154 | 22, 22, 24, 24, 24, 24, 24, 24, 24, 24, | ||||
155 | 24, 24, 24, 4, 4, 16, 16, 7, 7, 8, | ||||
156 | 8, 8, 9, 9, 10, 10, 10, 11, 11, 11, | ||||
157 | 12, 12, 12, 13, 13, 14, 14, 14, 14, 17, | ||||
158 | 18, 21, | ||||
159 | }; | ||||
160 | const short yylen[] = | ||||
161 | { 2, | ||||
162 | 0, 2, 3, 3, 3, 3, 3, 3, 3, 0, | ||||
163 | 1, 0, 1, 1, 1, 2, 0, 2, 2, 2, | ||||
164 | 0, 6, 2, 2, 2, 0, 7, 1, 1, 0, | ||||
165 | 2, 3, 2, 2, 2, 2, 2, 2, 1, 2, | ||||
166 | 2, 3, 2, 0, 2, 7, 2, 1, 1, 0, | ||||
167 | 1, 2, 1, 3, 1, 1, 1, 0, 1, 2, | ||||
168 | 1, 1, 1, 0, 2, 0, 2, 2, 2, 2, | ||||
169 | 3, 2, | ||||
170 | }; | ||||
171 | const short yydefred[] = | ||||
172 | { 1, | ||||
173 | 0, 0, 0, 0, 0, 0, 0, 0, 48, 49, | ||||
174 | 0, 0, 2, 0, 0, 0, 0, 0, 0, 0, | ||||
175 | 6, 0, 0, 24, 25, 72, 70, 23, 0, 55, | ||||
176 | 56, 57, 51, 0, 0, 53, 8, 3, 4, 5, | ||||
177 | 7, 9, 0, 0, 71, 0, 52, 0, 0, 0, | ||||
178 | 26, 0, 59, 0, 54, 19, 20, 11, 0, 0, | ||||
179 | 30, 60, 62, 61, 63, 0, 0, 22, 13, 14, | ||||
180 | 15, 16, 0, 0, 0, 18, 0, 0, 0, 0, | ||||
181 | 0, 0, 0, 0, 0, 0, 31, 27, 39, 0, | ||||
182 | 65, 0, 46, 33, 34, 35, 40, 41, 0, 29, | ||||
183 | 28, 38, 36, 37, 43, 32, 67, 69, 68, 0, | ||||
184 | 42, 45, | ||||
185 | }; | ||||
186 | const short yydgoto[] = | ||||
187 | { 1, | ||||
188 | 50, 59, 102, 111, 60, 72, 14, 34, 35, 36, | ||||
189 | 54, 66, 75, 93, 68, 15, 16, 17, 18, 19, | ||||
190 | 20, 73, 61, 90, | ||||
191 | }; | ||||
192 | const short yysindex[] = | ||||
193 | { 0, | ||||
194 | -10, 8, -238, -269, -265, -261, -260, -259, 0, 0, | ||||
195 | -257, -22, 0, -258, 31, 32, 34, 35, 36, 37, | ||||
196 | 0, -249, -74, 0, 0, 0, 0, 0, -247, 0, | ||||
197 | 0, 0, 0, -235, -40, 0, 0, 0, 0, 0, | ||||
198 | 0, 0, -211, 43, 0, -271, 0, -253, -263, -206, | ||||
199 | 0, -236, 0, -280, 0, 0, 0, 0, -220, -246, | ||||
200 | 0, 0, 0, 0, 0, -234, -240, 0, 0, 0, | ||||
201 | 0, 0, 23, -237, -233, 0, -232, -231, -230, -212, | ||||
202 | -210, -209, -254, -229, -228, -226, 0, 0, 0, 53, | ||||
203 | 0, -283, 0, 0, 0, 0, 0, 0, -202, 0, | ||||
204 | 0, 0, 0, 0, 0, 0, 0, 0, 0, -225, | ||||
205 | 0, 0,}; | ||||
206 | const short yyrindex[] = | ||||
207 | { 0, | ||||
208 | 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, | ||||
209 | 0, 0, 0, -7, 0, 0, 0, 0, 0, 0, | ||||
210 | 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, | ||||
211 | 0, 0, 0, 58, 0, 0, 0, 0, 0, 0, | ||||
212 | 0, 0, -2, 0, 0, -277, 0, 0, 0, 1, | ||||
213 | 0, 0, 0, 0, 0, 0, 0, 0, 64, -8, | ||||
214 | 0, 0, 0, 0, 0, -9, 0, 0, 0, 0, | ||||
215 | 0, 0, 0, 0, 65, 0, 0, 0, 0, 0, | ||||
216 | 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, | ||||
217 | 0, 0, 0, 0, 0, 0, 0, 0, 66, 0, | ||||
218 | 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, | ||||
219 | 0, 0,}; | ||||
220 | const short yygindex[] = | ||||
221 | { 0, | ||||
222 | 0, 0, 0, 0, 0, 0, 0, 0, 0, 29, | ||||
223 | 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, | ||||
224 | 0, 0, 0, 0, | ||||
225 | }; | ||||
226 | #define YYTABLESIZE311 311 | ||||
227 | const short yytable[] = | ||||
228 | { 13, | ||||
229 | 64, 12, 50, 48, 100, 107, 63, 21, 64, 58, | ||||
230 | 10, 58, 108, 109, 69, 70, 65, 21, 52, 58, | ||||
231 | 22, 71, 53, 30, 31, 32, 33, 23, 30, 31, | ||||
232 | 32, 24, 87, 56, 57, 25, 26, 27, 29, 28, | ||||
233 | 37, 38, 101, 39, 40, 41, 42, 43, 44, 45, | ||||
234 | 46, 49, 51, 58, 62, 67, 76, 74, 97, 91, | ||||
235 | 98, 92, 106, 99, 94, 95, 96, 47, 103, 104, | ||||
236 | 105, 110, 112, 17, 66, 44, 55, 89, 0, 0, | ||||
237 | 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, | ||||
238 | 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, | ||||
239 | 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, | ||||
240 | 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, | ||||
241 | 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, | ||||
242 | 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, | ||||
243 | 0, 0, 0, 0, 0, 0, 0, 88, 0, 0, | ||||
244 | 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, | ||||
245 | 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, | ||||
246 | 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, | ||||
247 | 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, | ||||
248 | 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, | ||||
249 | 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, | ||||
250 | 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, | ||||
251 | 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, | ||||
252 | 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, | ||||
253 | 0, 0, 0, 0, 47, 2, 0, 3, 0, 0, | ||||
254 | 0, 0, 0, 4, 5, 6, 0, 21, 21, 21, | ||||
255 | 7, 10, 10, 0, 8, 21, 0, 12, 10, 9, | ||||
256 | 10, 0, 0, 21, 0, 0, 10, 11, 50, 0, | ||||
257 | 0, 0, 0, 0, 0, 64, 12, 77, 78, 79, | ||||
258 | 0, 80, 81, 0, 82, 0, 0, 0, 0, 83, | ||||
259 | 84, 85, 9, 10, 0, 0, 0, 0, 0, 0, | ||||
260 | 86, | ||||
261 | }; | ||||
262 | const short yycheck[] = | ||||
263 | { 10, | ||||
264 | 10, 10, 10, 44, 259, 289, 287, 10, 289, 287, | ||||
265 | 10, 289, 296, 297, 261, 262, 297, 10, 290, 297, | ||||
266 | 259, 268, 294, 282, 283, 284, 285, 297, 282, 283, | ||||
267 | 284, 297, 10, 297, 298, 297, 297, 297, 61, 297, | ||||
268 | 10, 10, 297, 10, 10, 10, 10, 297, 123, 297, | ||||
269 | 286, 263, 10, 260, 291, 276, 297, 292, 271, 297, | ||||
270 | 271, 295, 10, 273, 297, 297, 297, 10, 298, 298, | ||||
271 | 297, 274, 298, 10, 10, 10, 48, 73, -1, -1, | ||||
272 | -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, | ||||
273 | -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, | ||||
274 | -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, | ||||
275 | -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, | ||||
276 | -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, | ||||
277 | -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, | ||||
278 | -1, -1, -1, -1, -1, -1, -1, 125, -1, -1, | ||||
279 | -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, | ||||
280 | -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, | ||||
281 | -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, | ||||
282 | -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, | ||||
283 | -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, | ||||
284 | -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, | ||||
285 | -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, | ||||
286 | -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, | ||||
287 | -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, | ||||
288 | -1, -1, -1, -1, 285, 256, -1, 258, -1, -1, | ||||
289 | -1, -1, -1, 264, 265, 266, -1, 260, 261, 262, | ||||
290 | 271, 261, 262, -1, 275, 268, -1, 276, 268, 280, | ||||
291 | 281, -1, -1, 276, -1, -1, 276, 288, 286, -1, | ||||
292 | -1, -1, -1, -1, -1, 295, 297, 265, 266, 267, | ||||
293 | -1, 269, 270, -1, 272, -1, -1, -1, -1, 277, | ||||
294 | 278, 279, 280, 281, -1, -1, -1, -1, -1, -1, | ||||
295 | 288, | ||||
296 | }; | ||||
297 | #define YYFINAL1 1 | ||||
298 | #ifndef YYDEBUG0 | ||||
299 | #define YYDEBUG0 0 | ||||
300 | #endif | ||||
301 | #define YYMAXTOKEN298 298 | ||||
302 | #if YYDEBUG0 | ||||
303 | const char * const yyname[] = | ||||
304 | { | ||||
305 | "end-of-file",0,0,0,0,0,0,0,0,0,"'\\n'",0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, | ||||
306 | 0,0,0,0,0,0,0,0,0,0,0,0,0,"','",0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,"'='",0,0,0,0,0, | ||||
307 | 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, | ||||
308 | 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,"'{'",0,"'}'",0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, | ||||
309 | 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, | ||||
310 | 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, | ||||
311 | 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,"ERROR", | ||||
312 | "LISTEN","ON","LEGACY","TLS","LDAPS","PORT","NAMESPACE","ROOTDN","ROOTPW", | ||||
313 | "INDEX","SECURE","RELAX","STRICT","SCHEMA","USE","COMPRESSION","LEVEL", | ||||
314 | "INCLUDE","CERTIFICATE","FSYNC","CACHE_SIZE","INDEX_CACHE_SIZE","DENY","ALLOW", | ||||
315 | "READ","WRITE","BIND","ACCESS","TO","ROOT","REFERRAL","ANY","CHILDREN","OF", | ||||
316 | "ATTRIBUTE","IN","SUBTREE","BY","SELF","STRING","NUMBER", | ||||
317 | }; | ||||
318 | const char * const yyrule[] = | ||||
319 | {"$accept : grammar", | ||||
320 | "grammar :", | ||||
321 | "grammar : grammar '\\n'", | ||||
322 | "grammar : grammar include '\\n'", | ||||
323 | "grammar : grammar varset '\\n'", | ||||
324 | "grammar : grammar conf_main '\\n'", | ||||
325 | "grammar : grammar error '\\n'", | ||||
326 | "grammar : grammar namespace '\\n'", | ||||
327 | "grammar : grammar aci '\\n'", | ||||
328 | "grammar : grammar schema '\\n'", | ||||
329 | "legacy :", | ||||
330 | "legacy : LEGACY", | ||||
331 | "protocol :", | ||||
332 | "protocol : TLS", | ||||
333 | "protocol : LDAPS", | ||||
334 | "protocol : SECURE", | ||||
335 | "ssl : legacy protocol", | ||||
336 | "certname :", | ||||
337 | "certname : CERTIFICATE STRING", | ||||
338 | "port : PORT STRING", | ||||
339 | "port : PORT NUMBER", | ||||
340 | "port :", | ||||
341 | "conf_main : LISTEN ON STRING port ssl certname", | ||||
342 | "conf_main : REFERRAL STRING", | ||||
343 | "conf_main : ROOTDN STRING", | ||||
344 | "conf_main : ROOTPW STRING", | ||||
345 | "$$1 :", | ||||
346 | "namespace : NAMESPACE STRING '{' '\\n' $$1 ns_opts '}'", | ||||
347 | "boolean : STRING", | ||||
348 | "boolean : ON", | ||||
349 | "ns_opts :", | ||||
350 | "ns_opts : ns_opts '\\n'", | ||||
351 | "ns_opts : ns_opts ns_opt '\\n'", | ||||
352 | "ns_opt : ROOTDN STRING", | ||||
353 | "ns_opt : ROOTPW STRING", | ||||
354 | "ns_opt : INDEX STRING", | ||||
355 | "ns_opt : CACHE_SIZE NUMBER", | ||||
356 | "ns_opt : INDEX_CACHE_SIZE NUMBER", | ||||
357 | "ns_opt : FSYNC boolean", | ||||
358 | "ns_opt : aci", | ||||
359 | "ns_opt : RELAX SCHEMA", | ||||
360 | "ns_opt : STRICT SCHEMA", | ||||
361 | "ns_opt : USE COMPRESSION comp_level", | ||||
362 | "ns_opt : REFERRAL STRING", | ||||
363 | "comp_level :", | ||||
364 | "comp_level : LEVEL NUMBER", | ||||
365 | "aci : aci_type aci_access TO aci_scope aci_target aci_attr aci_subject", | ||||
366 | "aci : aci_type aci_access", | ||||
367 | "aci_type : DENY", | ||||
368 | "aci_type : ALLOW", | ||||
369 | "aci_access :", | ||||
370 | "aci_access : ACCESS", | ||||
371 | "aci_access : aci_rights ACCESS", | ||||
372 | "aci_rights : aci_right", | ||||
373 | "aci_rights : aci_rights ',' aci_right", | ||||
374 | "aci_right : READ", | ||||
375 | "aci_right : WRITE", | ||||
376 | "aci_right : BIND", | ||||
377 | "aci_scope :", | ||||
378 | "aci_scope : SUBTREE", | ||||
379 | "aci_scope : CHILDREN OF", | ||||
380 | "aci_target : ANY", | ||||
381 | "aci_target : ROOT", | ||||
382 | "aci_target : STRING", | ||||
383 | "aci_attr :", | ||||
384 | "aci_attr : ATTRIBUTE STRING", | ||||
385 | "aci_subject :", | ||||
386 | "aci_subject : BY ANY", | ||||
387 | "aci_subject : BY STRING", | ||||
388 | "aci_subject : BY SELF", | ||||
389 | "include : INCLUDE STRING", | ||||
390 | "varset : STRING '=' STRING", | ||||
391 | "schema : SCHEMA STRING", | ||||
392 | }; | ||||
393 | #endif | ||||
394 | #ifdef YYSTACKSIZE10000 | ||||
395 | #undef YYMAXDEPTH10000 | ||||
396 | #define YYMAXDEPTH10000 YYSTACKSIZE10000 | ||||
397 | #else | ||||
398 | #ifdef YYMAXDEPTH10000 | ||||
399 | #define YYSTACKSIZE10000 YYMAXDEPTH10000 | ||||
400 | #else | ||||
401 | #define YYSTACKSIZE10000 10000 | ||||
402 | #define YYMAXDEPTH10000 10000 | ||||
403 | #endif | ||||
404 | #endif | ||||
405 | #define YYINITSTACKSIZE200 200 | ||||
406 | /* LINTUSED */ | ||||
407 | int yydebug; | ||||
408 | int yynerrs; | ||||
409 | int yyerrflag; | ||||
410 | int yychar; | ||||
411 | short *yyssp; | ||||
412 | YYSTYPE *yyvsp; | ||||
413 | YYSTYPE yyval; | ||||
414 | YYSTYPE yylval; | ||||
415 | short *yyss; | ||||
416 | short *yysslim; | ||||
417 | YYSTYPE *yyvs; | ||||
418 | unsigned int yystacksize; | ||||
419 | int yyparse(void); | ||||
420 | #line 408 "/usr/src/usr.sbin/ldapd/parse.y" | ||||
421 | |||||
422 | struct keywords { | ||||
423 | const char *k_name; | ||||
424 | int k_val; | ||||
425 | }; | ||||
426 | |||||
427 | int | ||||
428 | yyerror(const char *fmt, ...) | ||||
429 | { | ||||
430 | va_list ap; | ||||
431 | char *msg; | ||||
432 | |||||
433 | file->errors++; | ||||
434 | va_start(ap, fmt)__builtin_va_start(ap, fmt); | ||||
435 | if (vasprintf(&msg, fmt, ap) == -1) | ||||
436 | fatalx("yyerror vasprintf"); | ||||
437 | va_end(ap)__builtin_va_end(ap); | ||||
438 | logit(LOG_CRIT2, "%s:%d: %s", file->name, yylval.lineno, msg); | ||||
439 | free(msg); | ||||
440 | return (0); | ||||
441 | } | ||||
442 | |||||
443 | int | ||||
444 | kw_cmp(const void *k, const void *e) | ||||
445 | { | ||||
446 | return (strcmp(k, ((const struct keywords *)e)->k_name)); | ||||
447 | } | ||||
448 | |||||
449 | int | ||||
450 | lookup(char *s) | ||||
451 | { | ||||
452 | /* this has to be sorted always */ | ||||
453 | static const struct keywords keywords[] = { | ||||
454 | { "access", ACCESS285 }, | ||||
455 | { "allow", ALLOW281 }, | ||||
456 | { "any", ANY289 }, | ||||
457 | { "attribute", ATTRIBUTE292 }, | ||||
458 | { "bind", BIND284 }, | ||||
459 | { "by", BY295 }, | ||||
460 | { "cache-size", CACHE_SIZE278 }, | ||||
461 | { "certificate", CERTIFICATE276 }, | ||||
462 | { "children", CHILDREN290 }, | ||||
463 | { "compression", COMPRESSION273 }, | ||||
464 | { "deny", DENY280 }, | ||||
465 | { "fsync", FSYNC277 }, | ||||
466 | { "in", IN293 }, | ||||
467 | { "include", INCLUDE275 }, | ||||
468 | { "index", INDEX267 }, | ||||
469 | { "index-cache-size", INDEX_CACHE_SIZE279 }, | ||||
470 | { "ldaps", LDAPS262 }, | ||||
471 | { "legacy", LEGACY260 }, | ||||
472 | { "level", LEVEL274 }, | ||||
473 | { "listen", LISTEN258 }, | ||||
474 | { "namespace", NAMESPACE264 }, | ||||
475 | { "of", OF291 }, | ||||
476 | { "on", ON259 }, | ||||
477 | { "port", PORT263 }, | ||||
478 | { "read", READ282 }, | ||||
479 | { "referral", REFERRAL288 }, | ||||
480 | { "relax", RELAX269 }, | ||||
481 | { "root", ROOT287 }, | ||||
482 | { "rootdn", ROOTDN265 }, | ||||
483 | { "rootpw", ROOTPW266 }, | ||||
484 | { "schema", SCHEMA271 }, | ||||
485 | { "secure", SECURE268 }, | ||||
486 | { "self", SELF296 }, | ||||
487 | { "strict", STRICT270 }, | ||||
488 | { "subtree", SUBTREE294 }, | ||||
489 | { "tls", TLS261 }, | ||||
490 | { "to", TO286 }, | ||||
491 | { "use", USE272 }, | ||||
492 | { "write", WRITE283 }, | ||||
493 | |||||
494 | }; | ||||
495 | const struct keywords *p; | ||||
496 | |||||
497 | p = bsearch(s, keywords, sizeof(keywords)/sizeof(keywords[0]), | ||||
498 | sizeof(keywords[0]), kw_cmp); | ||||
499 | |||||
500 | if (p) | ||||
501 | return (p->k_val); | ||||
502 | else | ||||
503 | return (STRING297); | ||||
504 | } | ||||
505 | |||||
506 | #define START_EXPAND1 1 | ||||
507 | #define DONE_EXPAND2 2 | ||||
508 | |||||
509 | static int expanding; | ||||
510 | |||||
511 | int | ||||
512 | igetc(void) | ||||
513 | { | ||||
514 | int c; | ||||
515 | |||||
516 | while (1) { | ||||
517 | if (file->ungetpos > 0) | ||||
518 | c = file->ungetbuf[--file->ungetpos]; | ||||
519 | else | ||||
520 | c = getc(file->stream)(!__isthreaded ? (--(file->stream)->_r < 0 ? __srget (file->stream) : (int)(*(file->stream)->_p++)) : (getc )(file->stream)); | ||||
521 | |||||
522 | if (c == START_EXPAND1) | ||||
523 | expanding = 1; | ||||
524 | else if (c == DONE_EXPAND2) | ||||
525 | expanding = 0; | ||||
526 | else | ||||
527 | break; | ||||
528 | } | ||||
529 | return (c); | ||||
530 | } | ||||
531 | |||||
532 | int | ||||
533 | lgetc(int quotec) | ||||
534 | { | ||||
535 | int c, next; | ||||
536 | |||||
537 | if (quotec) { | ||||
538 | if ((c = igetc()) == EOF(-1)) { | ||||
539 | yyerror("reached end of file while parsing " | ||||
540 | "quoted string"); | ||||
541 | if (file == topfile || popfile() == EOF(-1)) | ||||
542 | return (EOF(-1)); | ||||
543 | return (quotec); | ||||
544 | } | ||||
545 | return (c); | ||||
546 | } | ||||
547 | |||||
548 | while ((c = igetc()) == '\\') { | ||||
549 | next = igetc(); | ||||
550 | if (next != '\n') { | ||||
551 | c = next; | ||||
552 | break; | ||||
553 | } | ||||
554 | yylval.lineno = file->lineno; | ||||
555 | file->lineno++; | ||||
556 | } | ||||
557 | |||||
558 | if (c == EOF(-1)) { | ||||
559 | /* | ||||
560 | * Fake EOL when hit EOF for the first time. This gets line | ||||
561 | * count right if last line in included file is syntactically | ||||
562 | * invalid and has no newline. | ||||
563 | */ | ||||
564 | if (file->eof_reached == 0) { | ||||
565 | file->eof_reached = 1; | ||||
566 | return ('\n'); | ||||
567 | } | ||||
568 | while (c == EOF(-1)) { | ||||
569 | if (file == topfile || popfile() == EOF(-1)) | ||||
570 | return (EOF(-1)); | ||||
571 | c = igetc(); | ||||
572 | } | ||||
573 | } | ||||
574 | return (c); | ||||
575 | } | ||||
576 | |||||
577 | void | ||||
578 | lungetc(int c) | ||||
579 | { | ||||
580 | if (c == EOF(-1)) | ||||
581 | return; | ||||
582 | |||||
583 | if (file->ungetpos >= file->ungetsize) { | ||||
584 | void *p = reallocarray(file->ungetbuf, file->ungetsize, 2); | ||||
585 | if (p == NULL((void*)0)) | ||||
586 | err(1, "%s", __func__); | ||||
587 | file->ungetbuf = p; | ||||
588 | file->ungetsize *= 2; | ||||
589 | } | ||||
590 | file->ungetbuf[file->ungetpos++] = c; | ||||
591 | } | ||||
592 | |||||
593 | int | ||||
594 | findeol(void) | ||||
595 | { | ||||
596 | int c; | ||||
597 | |||||
598 | /* skip to either EOF or the first real EOL */ | ||||
599 | while (1) { | ||||
600 | c = lgetc(0); | ||||
601 | if (c == '\n') { | ||||
602 | file->lineno++; | ||||
603 | break; | ||||
604 | } | ||||
605 | if (c == EOF(-1)) | ||||
606 | break; | ||||
607 | } | ||||
608 | return (ERROR257); | ||||
609 | } | ||||
610 | |||||
611 | int | ||||
612 | yylex(void) | ||||
613 | { | ||||
614 | char buf[4096]; | ||||
615 | char *p, *val; | ||||
616 | int quotec, next, c; | ||||
617 | int token; | ||||
618 | |||||
619 | top: | ||||
620 | p = buf; | ||||
621 | while ((c = lgetc(0)) == ' ' || c == '\t') | ||||
622 | ; /* nothing */ | ||||
623 | |||||
624 | yylval.lineno = file->lineno; | ||||
625 | if (c == '#') | ||||
626 | while ((c = lgetc(0)) != '\n' && c != EOF(-1)) | ||||
627 | ; /* nothing */ | ||||
628 | if (c == '$' && !expanding) { | ||||
629 | while (1) { | ||||
630 | if ((c = lgetc(0)) == EOF(-1)) | ||||
631 | return (0); | ||||
632 | |||||
633 | if (p + 1 >= buf + sizeof(buf) - 1) { | ||||
634 | yyerror("string too long"); | ||||
635 | return (findeol()); | ||||
636 | } | ||||
637 | if (isalnum(c) || c == '_') { | ||||
638 | *p++ = c; | ||||
639 | continue; | ||||
640 | } | ||||
641 | *p = '\0'; | ||||
642 | lungetc(c); | ||||
643 | break; | ||||
644 | } | ||||
645 | val = symget(buf); | ||||
646 | if (val == NULL((void*)0)) { | ||||
647 | yyerror("macro '%s' not defined", buf); | ||||
648 | return (findeol()); | ||||
649 | } | ||||
650 | p = val + strlen(val) - 1; | ||||
651 | lungetc(DONE_EXPAND2); | ||||
652 | while (p >= val) { | ||||
653 | lungetc((unsigned char)*p); | ||||
654 | p--; | ||||
655 | } | ||||
656 | lungetc(START_EXPAND1); | ||||
657 | goto top; | ||||
658 | } | ||||
659 | |||||
660 | switch (c) { | ||||
661 | case '\'': | ||||
662 | case '"': | ||||
663 | quotec = c; | ||||
664 | while (1) { | ||||
665 | if ((c = lgetc(quotec)) == EOF(-1)) | ||||
666 | return (0); | ||||
667 | if (c == '\n') { | ||||
668 | file->lineno++; | ||||
669 | continue; | ||||
670 | } else if (c == '\\') { | ||||
671 | if ((next = lgetc(quotec)) == EOF(-1)) | ||||
672 | return (0); | ||||
673 | if (next == quotec || next == ' ' || | ||||
674 | next == '\t') | ||||
675 | c = next; | ||||
676 | else if (next == '\n') { | ||||
677 | file->lineno++; | ||||
678 | continue; | ||||
679 | } else | ||||
680 | lungetc(next); | ||||
681 | } else if (c == quotec) { | ||||
682 | *p = '\0'; | ||||
683 | break; | ||||
684 | } else if (c == '\0') { | ||||
685 | yyerror("syntax error"); | ||||
686 | return (findeol()); | ||||
687 | } | ||||
688 | if (p + 1 >= buf + sizeof(buf) - 1) { | ||||
689 | log_warnx("string too long"); | ||||
690 | return (findeol()); | ||||
691 | } | ||||
692 | *p++ = c; | ||||
693 | } | ||||
694 | yylval.v.string = strdup(buf); | ||||
695 | if (yylval.v.string == NULL((void*)0)) | ||||
696 | fatal("yylex: strdup"); | ||||
697 | return (STRING297); | ||||
698 | } | ||||
699 | |||||
700 | #define allowed_to_end_number(x)(isspace(x) || x == ')' || x ==',' || x == '/' || x == '}' || x == '=') \ | ||||
701 | (isspace(x) || x == ')' || x ==',' || x == '/' || x == '}' || x == '=') | ||||
702 | |||||
703 | if (c == '-' || isdigit(c)) { | ||||
704 | do { | ||||
705 | *p++ = c; | ||||
706 | if ((size_t)(p-buf) >= sizeof(buf)) { | ||||
707 | yyerror("string too long"); | ||||
708 | return (findeol()); | ||||
709 | } | ||||
710 | } while ((c = lgetc(0)) != EOF(-1) && isdigit(c)); | ||||
711 | lungetc(c); | ||||
712 | if (p == buf + 1 && buf[0] == '-') | ||||
713 | goto nodigits; | ||||
714 | if (c == EOF(-1) || allowed_to_end_number(c)(isspace(c) || c == ')' || c ==',' || c == '/' || c == '}' || c == '=')) { | ||||
715 | const char *errstr = NULL((void*)0); | ||||
716 | |||||
717 | *p = '\0'; | ||||
718 | yylval.v.number = strtonum(buf, LLONG_MIN(-9223372036854775807LL -1LL), | ||||
719 | LLONG_MAX9223372036854775807LL, &errstr); | ||||
720 | if (errstr) { | ||||
721 | yyerror("\"%s\" invalid number: %s", | ||||
722 | buf, errstr); | ||||
723 | return (findeol()); | ||||
724 | } | ||||
725 | return (NUMBER298); | ||||
726 | } else { | ||||
727 | nodigits: | ||||
728 | while (p > buf + 1) | ||||
729 | lungetc((unsigned char)*--p); | ||||
730 | c = (unsigned char)*--p; | ||||
731 | if (c == '-') | ||||
732 | return (c); | ||||
733 | } | ||||
734 | } | ||||
735 | |||||
736 | #define allowed_in_string(x)(isalnum(x) || (ispunct(x) && x != '(' && x != ')' && x != '{' && x != '}' && x != '<' && x != '>' && x != '!' && x != '=' && x != '/' && x != '#' && x != ',') ) \ | ||||
737 | (isalnum(x) || (ispunct(x) && x != '(' && x != ')' && \ | ||||
738 | x != '{' && x != '}' && x != '<' && x != '>' && \ | ||||
739 | x != '!' && x != '=' && x != '/' && x != '#' && \ | ||||
740 | x != ',')) | ||||
741 | |||||
742 | if (isalnum(c) || c == ':' || c == '_' || c == '*') { | ||||
743 | do { | ||||
744 | *p++ = c; | ||||
745 | if ((size_t)(p-buf) >= sizeof(buf)) { | ||||
746 | yyerror("string too long"); | ||||
747 | return (findeol()); | ||||
748 | } | ||||
749 | } while ((c = lgetc(0)) != EOF(-1) && (allowed_in_string(c)(isalnum(c) || (ispunct(c) && c != '(' && c != ')' && c != '{' && c != '}' && c != '<' && c != '>' && c != '!' && c != '=' && c != '/' && c != '#' && c != ',') ))); | ||||
750 | lungetc(c); | ||||
751 | *p = '\0'; | ||||
752 | if ((token = lookup(buf)) == STRING297) | ||||
753 | if ((yylval.v.string = strdup(buf)) == NULL((void*)0)) | ||||
754 | fatal("yylex: strdup"); | ||||
755 | return (token); | ||||
756 | } | ||||
757 | if (c == '\n') { | ||||
758 | yylval.lineno = file->lineno; | ||||
759 | file->lineno++; | ||||
760 | } | ||||
761 | if (c == EOF(-1)) | ||||
762 | return (0); | ||||
763 | return (c); | ||||
764 | } | ||||
765 | |||||
766 | int | ||||
767 | check_file_secrecy(int fd, const char *fname) | ||||
768 | { | ||||
769 | struct stat st; | ||||
770 | |||||
771 | if (fstat(fd, &st)) { | ||||
772 | log_warn("cannot stat %s", fname); | ||||
773 | return (-1); | ||||
774 | } | ||||
775 | if (st.st_uid != 0 && st.st_uid != getuid()) { | ||||
776 | log_warnx("%s: owner not root or current user", fname); | ||||
777 | return (-1); | ||||
778 | } | ||||
779 | if (st.st_mode & (S_IWGRP0000020 | S_IXGRP0000010 | S_IRWXO0000007)) { | ||||
780 | log_warnx("%s: group writable or world read/writable", fname); | ||||
781 | return (-1); | ||||
782 | } | ||||
783 | return (0); | ||||
784 | } | ||||
785 | |||||
786 | struct file * | ||||
787 | pushfile(const char *name, int secret) | ||||
788 | { | ||||
789 | struct file *nfile; | ||||
790 | |||||
791 | log_debug("parsing config %s", name); | ||||
792 | |||||
793 | if ((nfile = calloc(1, sizeof(struct file))) == NULL((void*)0)) { | ||||
794 | log_warn("%s", __func__); | ||||
795 | return (NULL((void*)0)); | ||||
796 | } | ||||
797 | if ((nfile->name = strdup(name)) == NULL((void*)0)) { | ||||
798 | log_warn("%s", __func__); | ||||
799 | free(nfile); | ||||
800 | return (NULL((void*)0)); | ||||
801 | } | ||||
802 | if ((nfile->stream = fopen(nfile->name, "r")) == NULL((void*)0)) { | ||||
803 | log_warn("%s: %s", __func__, nfile->name); | ||||
804 | free(nfile->name); | ||||
805 | free(nfile); | ||||
806 | return (NULL((void*)0)); | ||||
807 | } | ||||
808 | if (secret && | ||||
809 | check_file_secrecy(fileno(nfile->stream)(!__isthreaded ? ((nfile->stream)->_file) : (fileno)(nfile ->stream)), nfile->name)) { | ||||
810 | fclose(nfile->stream); | ||||
811 | free(nfile->name); | ||||
812 | free(nfile); | ||||
813 | return (NULL((void*)0)); | ||||
814 | } | ||||
815 | nfile->lineno = TAILQ_EMPTY(&files)(((&files)->tqh_first) == ((void*)0)) ? 1 : 0; | ||||
816 | nfile->ungetsize = 16; | ||||
817 | nfile->ungetbuf = malloc(nfile->ungetsize); | ||||
818 | if (nfile->ungetbuf == NULL((void*)0)) { | ||||
819 | log_warn("%s", __func__); | ||||
820 | fclose(nfile->stream); | ||||
821 | free(nfile->name); | ||||
822 | free(nfile); | ||||
823 | return (NULL((void*)0)); | ||||
824 | } | ||||
825 | TAILQ_INSERT_TAIL(&files, nfile, entry)do { (nfile)->entry.tqe_next = ((void*)0); (nfile)->entry .tqe_prev = (&files)->tqh_last; *(&files)->tqh_last = (nfile); (&files)->tqh_last = &(nfile)->entry .tqe_next; } while (0); | ||||
826 | return (nfile); | ||||
827 | } | ||||
828 | |||||
829 | int | ||||
830 | popfile(void) | ||||
831 | { | ||||
832 | struct file *prev; | ||||
833 | |||||
834 | if ((prev = TAILQ_PREV(file, files, entry)(*(((struct files *)((file)->entry.tqe_prev))->tqh_last ))) != NULL((void*)0)) | ||||
835 | prev->errors += file->errors; | ||||
836 | |||||
837 | TAILQ_REMOVE(&files, file, entry)do { if (((file)->entry.tqe_next) != ((void*)0)) (file)-> entry.tqe_next->entry.tqe_prev = (file)->entry.tqe_prev ; else (&files)->tqh_last = (file)->entry.tqe_prev; *(file)->entry.tqe_prev = (file)->entry.tqe_next; ; ; } while (0); | ||||
838 | fclose(file->stream); | ||||
839 | free(file->name); | ||||
840 | free(file->ungetbuf); | ||||
841 | free(file); | ||||
842 | file = prev; | ||||
843 | return (file ? 0 : EOF(-1)); | ||||
844 | } | ||||
845 | |||||
846 | int | ||||
847 | parse_config(char *filename) | ||||
848 | { | ||||
849 | struct sym *sym, *next; | ||||
850 | int errors = 0; | ||||
851 | |||||
852 | if ((conf = calloc(1, sizeof(struct ldapd_config))) == NULL((void*)0)) | ||||
853 | fatal(NULL((void*)0)); | ||||
854 | |||||
855 | conf->schema = schema_new(); | ||||
856 | if (conf->schema == NULL((void*)0)) | ||||
857 | fatal("schema_new"); | ||||
858 | |||||
859 | TAILQ_INIT(&conf->namespaces)do { (&conf->namespaces)->tqh_first = ((void*)0); ( &conf->namespaces)->tqh_last = &(&conf-> namespaces)->tqh_first; } while (0); | ||||
860 | TAILQ_INIT(&conf->listeners)do { (&conf->listeners)->tqh_first = ((void*)0); (& conf->listeners)->tqh_last = &(&conf->listeners )->tqh_first; } while (0); | ||||
861 | if ((conf->sc_ssl = calloc(1, sizeof(*conf->sc_ssl))) == NULL((void*)0)) | ||||
862 | fatal(NULL((void*)0)); | ||||
863 | SPLAY_INIT(conf->sc_ssl)do { (conf->sc_ssl)->sph_root = ((void*)0); } while (0); | ||||
864 | SIMPLEQ_INIT(&conf->acl)do { (&conf->acl)->sqh_first = ((void*)0); (&conf ->acl)->sqh_last = &(&conf->acl)->sqh_first ; } while (0); | ||||
865 | SLIST_INIT(&conf->referrals){ ((&conf->referrals)->slh_first) = ((void*)0); }; | ||||
866 | |||||
867 | if ((file = pushfile(filename, 1)) == NULL((void*)0)) { | ||||
868 | free(conf); | ||||
869 | return (-1); | ||||
870 | } | ||||
871 | topfile = file; | ||||
872 | |||||
873 | yyparse(); | ||||
874 | errors = file->errors; | ||||
875 | popfile(); | ||||
876 | |||||
877 | /* Free macros and check which have not been used. */ | ||||
878 | TAILQ_FOREACH_SAFE(sym, &symhead, entry, next)for ((sym) = ((&symhead)->tqh_first); (sym) != ((void* )0) && ((next) = ((sym)->entry.tqe_next), 1); (sym ) = (next)) { | ||||
879 | log_debug("warning: macro \"%s\" not used", sym->nam); | ||||
880 | if (!sym->persist) { | ||||
881 | free(sym->nam); | ||||
882 | free(sym->val); | ||||
883 | TAILQ_REMOVE(&symhead, sym, entry)do { if (((sym)->entry.tqe_next) != ((void*)0)) (sym)-> entry.tqe_next->entry.tqe_prev = (sym)->entry.tqe_prev; else (&symhead)->tqh_last = (sym)->entry.tqe_prev; *(sym)->entry.tqe_prev = (sym)->entry.tqe_next; ; ; } while (0); | ||||
884 | free(sym); | ||||
885 | } | ||||
886 | } | ||||
887 | |||||
888 | return (errors ? -1 : 0); | ||||
889 | } | ||||
890 | |||||
891 | int | ||||
892 | symset(const char *nam, const char *val, int persist) | ||||
893 | { | ||||
894 | struct sym *sym; | ||||
895 | |||||
896 | TAILQ_FOREACH(sym, &symhead, entry)for((sym) = ((&symhead)->tqh_first); (sym) != ((void*) 0); (sym) = ((sym)->entry.tqe_next)) { | ||||
897 | if (strcmp(nam, sym->nam) == 0) | ||||
898 | break; | ||||
899 | } | ||||
900 | |||||
901 | if (sym != NULL((void*)0)) { | ||||
902 | if (sym->persist == 1) | ||||
903 | return (0); | ||||
904 | else { | ||||
905 | free(sym->nam); | ||||
906 | free(sym->val); | ||||
907 | TAILQ_REMOVE(&symhead, sym, entry)do { if (((sym)->entry.tqe_next) != ((void*)0)) (sym)-> entry.tqe_next->entry.tqe_prev = (sym)->entry.tqe_prev; else (&symhead)->tqh_last = (sym)->entry.tqe_prev; *(sym)->entry.tqe_prev = (sym)->entry.tqe_next; ; ; } while (0); | ||||
908 | free(sym); | ||||
909 | } | ||||
910 | } | ||||
911 | if ((sym = calloc(1, sizeof(*sym))) == NULL((void*)0)) | ||||
912 | return (-1); | ||||
913 | |||||
914 | sym->nam = strdup(nam); | ||||
915 | if (sym->nam == NULL((void*)0)) { | ||||
916 | free(sym); | ||||
917 | return (-1); | ||||
918 | } | ||||
919 | sym->val = strdup(val); | ||||
920 | if (sym->val == NULL((void*)0)) { | ||||
921 | free(sym->nam); | ||||
922 | free(sym); | ||||
923 | return (-1); | ||||
924 | } | ||||
925 | sym->used = 0; | ||||
926 | sym->persist = persist; | ||||
927 | TAILQ_INSERT_TAIL(&symhead, sym, entry)do { (sym)->entry.tqe_next = ((void*)0); (sym)->entry.tqe_prev = (&symhead)->tqh_last; *(&symhead)->tqh_last = (sym); (&symhead)->tqh_last = &(sym)->entry.tqe_next ; } while (0); | ||||
928 | return (0); | ||||
929 | } | ||||
930 | |||||
931 | int | ||||
932 | cmdline_symset(char *s) | ||||
933 | { | ||||
934 | char *sym, *val; | ||||
935 | int ret; | ||||
936 | |||||
937 | if ((val = strrchr(s, '=')) == NULL((void*)0)) | ||||
938 | return (-1); | ||||
939 | sym = strndup(s, val - s); | ||||
940 | if (sym == NULL((void*)0)) | ||||
941 | fatal("%s: strndup", __func__); | ||||
942 | ret = symset(sym, val + 1, 1); | ||||
943 | free(sym); | ||||
944 | |||||
945 | return (ret); | ||||
946 | } | ||||
947 | |||||
948 | char * | ||||
949 | symget(const char *nam) | ||||
950 | { | ||||
951 | struct sym *sym; | ||||
952 | |||||
953 | TAILQ_FOREACH(sym, &symhead, entry)for((sym) = ((&symhead)->tqh_first); (sym) != ((void*) 0); (sym) = ((sym)->entry.tqe_next)) { | ||||
954 | if (strcmp(nam, sym->nam) == 0) { | ||||
955 | sym->used = 1; | ||||
956 | return (sym->val); | ||||
957 | } | ||||
958 | } | ||||
959 | return (NULL((void*)0)); | ||||
960 | } | ||||
961 | |||||
962 | struct listener * | ||||
963 | host_unix(const char *path) | ||||
964 | { | ||||
965 | struct sockaddr_un *saun; | ||||
966 | struct listener *h; | ||||
967 | |||||
968 | if (*path != '/') | ||||
969 | return (NULL((void*)0)); | ||||
970 | |||||
971 | if ((h = calloc(1, sizeof(*h))) == NULL((void*)0)) | ||||
972 | fatal(NULL((void*)0)); | ||||
973 | saun = (struct sockaddr_un *)&h->ss; | ||||
974 | saun->sun_len = sizeof(struct sockaddr_un); | ||||
975 | saun->sun_family = AF_UNIX1; | ||||
976 | if (strlcpy(saun->sun_path, path, sizeof(saun->sun_path)) >= | ||||
977 | sizeof(saun->sun_path)) | ||||
978 | fatal("socket path too long"); | ||||
979 | h->flags = F_SECURE0x04; | ||||
980 | |||||
981 | return (h); | ||||
982 | } | ||||
983 | |||||
984 | struct listener * | ||||
985 | host_v4(const char *s, in_port_t port) | ||||
986 | { | ||||
987 | struct in_addr ina; | ||||
988 | struct sockaddr_in *sain; | ||||
989 | struct listener *h; | ||||
990 | |||||
991 | memset(&ina, 0, sizeof(ina)); | ||||
992 | if (inet_pton(AF_INET2, s, &ina) != 1) | ||||
993 | return (NULL((void*)0)); | ||||
994 | |||||
995 | if ((h = calloc(1, sizeof(*h))) == NULL((void*)0)) | ||||
996 | fatal(NULL((void*)0)); | ||||
997 | sain = (struct sockaddr_in *)&h->ss; | ||||
998 | sain->sin_len = sizeof(struct sockaddr_in); | ||||
999 | sain->sin_family = AF_INET2; | ||||
1000 | sain->sin_addr.s_addr = ina.s_addr; | ||||
1001 | sain->sin_port = port; | ||||
1002 | |||||
1003 | return (h); | ||||
1004 | } | ||||
1005 | |||||
1006 | struct listener * | ||||
1007 | host_v6(const char *s, in_port_t port) | ||||
1008 | { | ||||
1009 | struct in6_addr ina6; | ||||
1010 | struct sockaddr_in6 *sin6; | ||||
1011 | struct listener *h; | ||||
1012 | |||||
1013 | memset(&ina6, 0, sizeof(ina6)); | ||||
1014 | if (inet_pton(AF_INET624, s, &ina6) != 1) | ||||
1015 | return (NULL((void*)0)); | ||||
1016 | |||||
1017 | if ((h = calloc(1, sizeof(*h))) == NULL((void*)0)) | ||||
1018 | fatal(NULL((void*)0)); | ||||
1019 | sin6 = (struct sockaddr_in6 *)&h->ss; | ||||
1020 | sin6->sin6_len = sizeof(struct sockaddr_in6); | ||||
1021 | sin6->sin6_family = AF_INET624; | ||||
1022 | sin6->sin6_port = port; | ||||
1023 | memcpy(&sin6->sin6_addr, &ina6, sizeof(ina6)); | ||||
1024 | |||||
1025 | return (h); | ||||
1026 | } | ||||
1027 | |||||
1028 | int | ||||
1029 | host_dns(const char *s, const char *cert, | ||||
1030 | struct listenerlist *al, in_port_t port, u_int8_t flags) | ||||
1031 | { | ||||
1032 | struct addrinfo hints, *res0, *res; | ||||
1033 | int error; | ||||
1034 | struct sockaddr_in *sain; | ||||
1035 | struct sockaddr_in6 *sin6; | ||||
1036 | struct listener *h; | ||||
1037 | |||||
1038 | memset(&hints, 0, sizeof(hints)); | ||||
1039 | hints.ai_family = PF_UNSPEC0; | ||||
1040 | hints.ai_socktype = SOCK_DGRAM2; /* DUMMY */ | ||||
1041 | error = getaddrinfo(s, NULL((void*)0), &hints, &res0); | ||||
1042 | if (error == EAI_AGAIN-3 || error == EAI_NODATA-5 || error == EAI_NONAME-2) | ||||
1043 | return (0); | ||||
1044 | if (error) { | ||||
1045 | log_warnx("host_dns: could not parse \"%s\": %s", s, | ||||
1046 | gai_strerror(error)); | ||||
1047 | return (-1); | ||||
1048 | } | ||||
1049 | |||||
1050 | for (res = res0; res; res = res->ai_next) { | ||||
1051 | if (res->ai_family != AF_INET2 && | ||||
1052 | res->ai_family != AF_INET624) | ||||
1053 | continue; | ||||
1054 | if ((h = calloc(1, sizeof(*h))) == NULL((void*)0)) | ||||
1055 | fatal(NULL((void*)0)); | ||||
1056 | |||||
1057 | h->port = port; | ||||
1058 | h->flags = flags; | ||||
1059 | h->ss.ss_family = res->ai_family; | ||||
1060 | h->ssl = NULL((void*)0); | ||||
1061 | h->ssl_cert_name[0] = '\0'; | ||||
1062 | if (cert != NULL((void*)0)) | ||||
1063 | (void)strlcpy(h->ssl_cert_name, cert, sizeof(h->ssl_cert_name)); | ||||
1064 | |||||
1065 | if (res->ai_family == AF_INET2) { | ||||
1066 | sain = (struct sockaddr_in *)&h->ss; | ||||
1067 | sain->sin_len = sizeof(struct sockaddr_in); | ||||
1068 | sain->sin_addr.s_addr = ((struct sockaddr_in *) | ||||
1069 | res->ai_addr)->sin_addr.s_addr; | ||||
1070 | sain->sin_port = port; | ||||
1071 | } else { | ||||
1072 | sin6 = (struct sockaddr_in6 *)&h->ss; | ||||
1073 | sin6->sin6_len = sizeof(struct sockaddr_in6); | ||||
1074 | memcpy(&sin6->sin6_addr, &((struct sockaddr_in6 *) | ||||
1075 | res->ai_addr)->sin6_addr, sizeof(struct in6_addr)); | ||||
1076 | sin6->sin6_port = port; | ||||
1077 | } | ||||
1078 | |||||
1079 | TAILQ_INSERT_HEAD(al, h, entry)do { if (((h)->entry.tqe_next = (al)->tqh_first) != ((void *)0)) (al)->tqh_first->entry.tqe_prev = &(h)->entry .tqe_next; else (al)->tqh_last = &(h)->entry.tqe_next ; (al)->tqh_first = (h); (h)->entry.tqe_prev = &(al )->tqh_first; } while (0); | ||||
1080 | } | ||||
1081 | freeaddrinfo(res0); | ||||
1082 | return 1; | ||||
1083 | } | ||||
1084 | |||||
1085 | int | ||||
1086 | host(const char *s, const char *cert, struct listenerlist *al, | ||||
1087 | in_port_t port, u_int8_t flags) | ||||
1088 | { | ||||
1089 | struct listener *h; | ||||
1090 | |||||
1091 | /* Unix socket path? */ | ||||
1092 | h = host_unix(s); | ||||
1093 | |||||
1094 | /* IPv4 address? */ | ||||
1095 | if (h == NULL((void*)0)) | ||||
1096 | h = host_v4(s, port); | ||||
1097 | |||||
1098 | /* IPv6 address? */ | ||||
1099 | if (h == NULL((void*)0)) | ||||
1100 | h = host_v6(s, port); | ||||
1101 | |||||
1102 | if (h != NULL((void*)0)) { | ||||
1103 | h->port = port; | ||||
1104 | h->flags |= flags; | ||||
1105 | h->ssl = NULL((void*)0); | ||||
1106 | h->ssl_cert_name[0] = '\0'; | ||||
1107 | if (cert != NULL((void*)0)) | ||||
1108 | strlcpy(h->ssl_cert_name, cert, sizeof(h->ssl_cert_name)); | ||||
1109 | |||||
1110 | TAILQ_INSERT_HEAD(al, h, entry)do { if (((h)->entry.tqe_next = (al)->tqh_first) != ((void *)0)) (al)->tqh_first->entry.tqe_prev = &(h)->entry .tqe_next; else (al)->tqh_last = &(h)->entry.tqe_next ; (al)->tqh_first = (h); (h)->entry.tqe_prev = &(al )->tqh_first; } while (0); | ||||
1111 | return (1); | ||||
1112 | } | ||||
1113 | |||||
1114 | return (host_dns(s, cert, al, port, flags)); | ||||
1115 | } | ||||
1116 | |||||
1117 | int | ||||
1118 | interface(const char *s, const char *cert, | ||||
1119 | struct listenerlist *al, in_port_t port, u_int8_t flags) | ||||
1120 | { | ||||
1121 | int ret = 0; | ||||
1122 | struct ifaddrs *ifap, *p; | ||||
1123 | struct sockaddr_in *sain; | ||||
1124 | struct sockaddr_in6 *sin6; | ||||
1125 | struct listener *h; | ||||
1126 | |||||
1127 | if (getifaddrs(&ifap) == -1) | ||||
1128 | fatal("getifaddrs"); | ||||
1129 | |||||
1130 | for (p = ifap; p != NULL((void*)0); p = p->ifa_next) { | ||||
1131 | if (strcmp(s, p->ifa_name) != 0) | ||||
1132 | continue; | ||||
1133 | if (p->ifa_addr == NULL((void*)0)) | ||||
1134 | continue; | ||||
1135 | |||||
1136 | switch (p->ifa_addr->sa_family) { | ||||
1137 | case AF_INET2: | ||||
1138 | if ((h = calloc(1, sizeof(*h))) == NULL((void*)0)) | ||||
1139 | fatal(NULL((void*)0)); | ||||
1140 | sain = (struct sockaddr_in *)&h->ss; | ||||
1141 | *sain = *(struct sockaddr_in *)p->ifa_addr; | ||||
1142 | sain->sin_len = sizeof(struct sockaddr_in); | ||||
1143 | sain->sin_port = port; | ||||
1144 | |||||
1145 | h->fd = -1; | ||||
1146 | h->port = port; | ||||
1147 | h->flags = flags; | ||||
1148 | h->ssl = NULL((void*)0); | ||||
1149 | h->ssl_cert_name[0] = '\0'; | ||||
1150 | if (cert != NULL((void*)0)) | ||||
1151 | (void)strlcpy(h->ssl_cert_name, cert, sizeof(h->ssl_cert_name)); | ||||
1152 | |||||
1153 | ret = 1; | ||||
1154 | TAILQ_INSERT_HEAD(al, h, entry)do { if (((h)->entry.tqe_next = (al)->tqh_first) != ((void *)0)) (al)->tqh_first->entry.tqe_prev = &(h)->entry .tqe_next; else (al)->tqh_last = &(h)->entry.tqe_next ; (al)->tqh_first = (h); (h)->entry.tqe_prev = &(al )->tqh_first; } while (0); | ||||
1155 | |||||
1156 | break; | ||||
1157 | |||||
1158 | case AF_INET624: | ||||
1159 | if ((h = calloc(1, sizeof(*h))) == NULL((void*)0)) | ||||
1160 | fatal(NULL((void*)0)); | ||||
1161 | sin6 = (struct sockaddr_in6 *)&h->ss; | ||||
1162 | *sin6 = *(struct sockaddr_in6 *)p->ifa_addr; | ||||
1163 | sin6->sin6_len = sizeof(struct sockaddr_in6); | ||||
1164 | sin6->sin6_port = port; | ||||
1165 | |||||
1166 | h->fd = -1; | ||||
1167 | h->port = port; | ||||
1168 | h->flags = flags; | ||||
1169 | h->ssl = NULL((void*)0); | ||||
1170 | h->ssl_cert_name[0] = '\0'; | ||||
1171 | if (cert != NULL((void*)0)) | ||||
1172 | (void)strlcpy(h->ssl_cert_name, cert, sizeof(h->ssl_cert_name)); | ||||
1173 | |||||
1174 | ret = 1; | ||||
1175 | TAILQ_INSERT_HEAD(al, h, entry)do { if (((h)->entry.tqe_next = (al)->tqh_first) != ((void *)0)) (al)->tqh_first->entry.tqe_prev = &(h)->entry .tqe_next; else (al)->tqh_last = &(h)->entry.tqe_next ; (al)->tqh_first = (h); (h)->entry.tqe_prev = &(al )->tqh_first; } while (0); | ||||
1176 | |||||
1177 | break; | ||||
1178 | } | ||||
1179 | } | ||||
1180 | |||||
1181 | freeifaddrs(ifap); | ||||
1182 | |||||
1183 | return ret; | ||||
1184 | } | ||||
1185 | |||||
1186 | static struct aci * | ||||
1187 | mk_aci(int type, int rights, enum scope scope, char *target, char *attr, | ||||
1188 | char *subject) | ||||
1189 | { | ||||
1190 | struct aci *aci; | ||||
1191 | |||||
1192 | if ((aci = calloc(1, sizeof(*aci))) == NULL((void*)0)) { | ||||
1193 | yyerror("calloc"); | ||||
1194 | return NULL((void*)0); | ||||
1195 | } | ||||
1196 | aci->type = type; | ||||
1197 | aci->rights = rights; | ||||
1198 | aci->scope = scope; | ||||
1199 | aci->target = target; | ||||
1200 | aci->attribute = attr; | ||||
1201 | aci->subject = subject; | ||||
1202 | |||||
1203 | log_debug("%s %02X access to %s%s%s scope %d by %s", | ||||
1204 | aci->type == ACI_DENY0 ? "deny" : "allow", | ||||
1205 | aci->rights, | ||||
1206 | aci->target ? aci->target : "any", | ||||
1207 | aci->attribute ? " attribute " : "", | ||||
1208 | aci->attribute ? aci->attribute : "", | ||||
1209 | aci->scope, | ||||
1210 | aci->subject ? aci->subject : "any"); | ||||
1211 | |||||
1212 | return aci; | ||||
1213 | } | ||||
1214 | |||||
1215 | struct namespace * | ||||
1216 | namespace_new(const char *suffix) | ||||
1217 | { | ||||
1218 | struct namespace *ns; | ||||
1219 | |||||
1220 | if ((ns = calloc(1, sizeof(*ns))) == NULL((void*)0)) | ||||
1221 | return NULL((void*)0); | ||||
1222 | ns->sync = 1; | ||||
1223 | ns->cache_size = 1024; | ||||
1224 | ns->index_cache_size = 512; | ||||
1225 | ns->suffix = strdup(suffix); | ||||
1226 | if (ns->suffix == NULL((void*)0)) { | ||||
1227 | free(ns->suffix); | ||||
1228 | free(ns); | ||||
1229 | return NULL((void*)0); | ||||
1230 | } | ||||
1231 | normalize_dn(ns->suffix); | ||||
1232 | TAILQ_INIT(&ns->indices)do { (&ns->indices)->tqh_first = ((void*)0); (& ns->indices)->tqh_last = &(&ns->indices)-> tqh_first; } while (0); | ||||
1233 | TAILQ_INIT(&ns->request_queue)do { (&ns->request_queue)->tqh_first = ((void*)0); ( &ns->request_queue)->tqh_last = &(&ns->request_queue )->tqh_first; } while (0); | ||||
1234 | SIMPLEQ_INIT(&ns->acl)do { (&ns->acl)->sqh_first = ((void*)0); (&ns-> acl)->sqh_last = &(&ns->acl)->sqh_first; } while (0); | ||||
1235 | SLIST_INIT(&ns->referrals){ ((&ns->referrals)->slh_first) = ((void*)0); }; | ||||
1236 | |||||
1237 | return ns; | ||||
1238 | } | ||||
1239 | |||||
1240 | int | ||||
1241 | ssl_cmp(struct ssl *s1, struct ssl *s2) | ||||
1242 | { | ||||
1243 | return (strcmp(s1->ssl_name, s2->ssl_name)); | ||||
1244 | } | ||||
1245 | |||||
1246 | int | ||||
1247 | load_certfile(struct ldapd_config *env, const char *name, u_int8_t flags, | ||||
1248 | u_int8_t protocol) | ||||
1249 | { | ||||
1250 | struct ssl *s; | ||||
1251 | struct ssl key; | ||||
1252 | char certfile[PATH_MAX1024]; | ||||
1253 | uint32_t tls_protocols = TLS_PROTOCOLS_DEFAULT((1 << 3)|(1 << 4)); | ||||
1254 | const char *tls_ciphers = "default"; | ||||
1255 | |||||
1256 | if (strlcpy(key.ssl_name, name, sizeof(key.ssl_name)) | ||||
1257 | >= sizeof(key.ssl_name)) { | ||||
1258 | log_warn("load_certfile: certificate name truncated"); | ||||
1259 | return -1; | ||||
1260 | } | ||||
1261 | |||||
1262 | s = SPLAY_FIND(ssltree, env->sc_ssl, &key)ssltree_SPLAY_FIND(env->sc_ssl, &key); | ||||
1263 | if (s != NULL((void*)0)) { | ||||
1264 | s->flags |= flags; | ||||
1265 | return 0; | ||||
1266 | } | ||||
1267 | |||||
1268 | if ((s = calloc(1, sizeof(*s))) == NULL((void*)0)) | ||||
1269 | fatal(NULL((void*)0)); | ||||
1270 | |||||
1271 | s->flags = flags; | ||||
1272 | (void)strlcpy(s->ssl_name, key.ssl_name, sizeof(s->ssl_name)); | ||||
1273 | |||||
1274 | s->config = tls_config_new(); | ||||
1275 | if (s->config == NULL((void*)0)) | ||||
1276 | goto err; | ||||
1277 | |||||
1278 | if (protocol & F_LEGACY0x08) { | ||||
1279 | tls_protocols = TLS_PROTOCOLS_ALL((1 << 1)|(1 << 2)| (1 << 3)|(1 << 4) ); | ||||
1280 | tls_ciphers = "all"; | ||||
1281 | } | ||||
1282 | if (tls_config_set_protocols(s->config, tls_protocols) != 0) { | ||||
1283 | log_warn("load_certfile: failed to set tls protocols: %s", | ||||
1284 | tls_config_error(s->config)); | ||||
1285 | goto err; | ||||
1286 | } | ||||
1287 | if (tls_config_set_ciphers(s->config, tls_ciphers)) { | ||||
1288 | log_warn("load_certfile: failed to set tls ciphers: %s", | ||||
1289 | tls_config_error(s->config)); | ||||
1290 | goto err; | ||||
1291 | } | ||||
1292 | |||||
1293 | if (name[0] == '/') { | ||||
1294 | if (!bsnprintf(certfile, sizeof(certfile), "%s.crt", name)) { | ||||
1295 | log_warn("load_certfile: path truncated"); | ||||
1296 | goto err; | ||||
1297 | } | ||||
1298 | } else { | ||||
1299 | if (!bsnprintf(certfile, sizeof(certfile), | ||||
1300 | "/etc/ldap/certs/%s.crt", name)) { | ||||
1301 | log_warn("load_certfile: path truncated"); | ||||
1302 | goto err; | ||||
1303 | } | ||||
1304 | } | ||||
1305 | |||||
1306 | log_debug("loading certificate file %s", certfile); | ||||
1307 | s->ssl_cert = tls_load_file(certfile, &s->ssl_cert_len, NULL((void*)0)); | ||||
1308 | if (s->ssl_cert == NULL((void*)0)) | ||||
1309 | goto err; | ||||
1310 | |||||
1311 | if (tls_config_set_cert_mem(s->config, s->ssl_cert, s->ssl_cert_len)) { | ||||
1312 | log_warn("load_certfile: failed to set tls certificate: %s", | ||||
1313 | tls_config_error(s->config)); | ||||
1314 | goto err; | ||||
1315 | } | ||||
1316 | |||||
1317 | if (name[0] == '/') { | ||||
1318 | if (!bsnprintf(certfile, sizeof(certfile), "%s.key", name)) { | ||||
1319 | log_warn("load_certfile: path truncated"); | ||||
1320 | goto err; | ||||
1321 | } | ||||
1322 | } else { | ||||
1323 | if (!bsnprintf(certfile, sizeof(certfile), | ||||
1324 | "/etc/ldap/certs/%s.key", name)) { | ||||
1325 | log_warn("load_certfile: path truncated"); | ||||
1326 | goto err; | ||||
1327 | } | ||||
1328 | } | ||||
1329 | |||||
1330 | log_debug("loading key file %s", certfile); | ||||
1331 | s->ssl_key = tls_load_file(certfile, &s->ssl_key_len, NULL((void*)0)); | ||||
1332 | if (s->ssl_key == NULL((void*)0)) | ||||
1333 | goto err; | ||||
1334 | |||||
1335 | if (tls_config_set_key_mem(s->config, s->ssl_key, s->ssl_key_len)) { | ||||
1336 | log_warn("load_certfile: failed to set tls key: %s", | ||||
1337 | tls_config_error(s->config)); | ||||
1338 | goto err; | ||||
1339 | } | ||||
1340 | |||||
1341 | SPLAY_INSERT(ssltree, env->sc_ssl, s)ssltree_SPLAY_INSERT(env->sc_ssl, s); | ||||
1342 | |||||
1343 | return (0); | ||||
1344 | err: | ||||
1345 | free(s->ssl_cert); | ||||
1346 | free(s->ssl_key); | ||||
1347 | tls_config_free(s->config); | ||||
1348 | free(s); | ||||
1349 | return (-1); | ||||
1350 | } | ||||
1351 | #line 1344 "parse.c" | ||||
1352 | /* allocate initial stack or double stack size, up to YYMAXDEPTH */ | ||||
1353 | static int yygrowstack(void) | ||||
1354 | { | ||||
1355 | unsigned int newsize; | ||||
1356 | long sslen; | ||||
1357 | short *newss; | ||||
1358 | YYSTYPE *newvs; | ||||
1359 | |||||
1360 | if ((newsize = yystacksize) == 0) | ||||
1361 | newsize = YYINITSTACKSIZE200; | ||||
1362 | else if (newsize >= YYMAXDEPTH10000) | ||||
1363 | return -1; | ||||
1364 | else if ((newsize *= 2) > YYMAXDEPTH10000) | ||||
1365 | newsize = YYMAXDEPTH10000; | ||||
1366 | sslen = yyssp - yyss; | ||||
1367 | #ifdef SIZE_MAX0xffffffffffffffffUL | ||||
1368 | #define YY_SIZE_MAX0xffffffffffffffffUL SIZE_MAX0xffffffffffffffffUL | ||||
1369 | #else | ||||
1370 | #define YY_SIZE_MAX0xffffffffffffffffUL 0xffffffffU | ||||
1371 | #endif | ||||
1372 | if (newsize && YY_SIZE_MAX0xffffffffffffffffUL / newsize < sizeof *newss) | ||||
1373 | goto bail; | ||||
1374 | newss = (short *)realloc(yyss, newsize * sizeof *newss); | ||||
1375 | if (newss == NULL((void*)0)) | ||||
1376 | goto bail; | ||||
1377 | yyss = newss; | ||||
1378 | yyssp = newss + sslen; | ||||
1379 | if (newsize
| ||||
1380 | goto bail; | ||||
1381 | newvs = (YYSTYPE *)realloc(yyvs, newsize * sizeof *newvs); | ||||
1382 | if (newvs == NULL((void*)0)) | ||||
1383 | goto bail; | ||||
1384 | yyvs = newvs; | ||||
1385 | yyvsp = newvs + sslen; | ||||
1386 | yystacksize = newsize; | ||||
1387 | yysslim = yyss + newsize - 1; | ||||
1388 | return 0; | ||||
1389 | bail: | ||||
1390 | if (yyss) | ||||
1391 | free(yyss); | ||||
1392 | if (yyvs) | ||||
1393 | free(yyvs); | ||||
1394 | yyss = yyssp = NULL((void*)0); | ||||
1395 | yyvs = yyvsp = NULL((void*)0); | ||||
1396 | yystacksize = 0; | ||||
1397 | return -1; | ||||
1398 | } | ||||
1399 | |||||
1400 | #define YYABORTgoto yyabort goto yyabort | ||||
1401 | #define YYREJECTgoto yyabort goto yyabort | ||||
1402 | #define YYACCEPTgoto yyaccept goto yyaccept | ||||
1403 | #define YYERRORgoto yyerrlab goto yyerrlab | ||||
1404 | int | ||||
1405 | yyparse(void) | ||||
1406 | { | ||||
1407 | int yym, yyn, yystate; | ||||
1408 | #if YYDEBUG0 | ||||
1409 | const char *yys; | ||||
1410 | |||||
1411 | if ((yys = getenv("YYDEBUG"))) | ||||
1412 | { | ||||
1413 | yyn = *yys; | ||||
1414 | if (yyn >= '0' && yyn <= '9') | ||||
1415 | yydebug = yyn - '0'; | ||||
1416 | } | ||||
1417 | #endif /* YYDEBUG */ | ||||
1418 | |||||
1419 | yynerrs = 0; | ||||
1420 | yyerrflag = 0; | ||||
1421 | yychar = (-1); | ||||
1422 | |||||
1423 | if (yyss == NULL((void*)0) && yygrowstack()) goto yyoverflow; | ||||
| |||||
1424 | yyssp = yyss; | ||||
1425 | yyvsp = yyvs; | ||||
1426 | *yyssp = yystate = 0; | ||||
1427 | |||||
1428 | yyloop: | ||||
1429 | if ((yyn = yydefred[yystate]) != 0) goto yyreduce; | ||||
1430 | if (yychar
| ||||
1431 | { | ||||
1432 | if ((yychar = yylex()) < 0) yychar = 0; | ||||
1433 | #if YYDEBUG0 | ||||
1434 | if (yydebug) | ||||
1435 | { | ||||
1436 | yys = 0; | ||||
1437 | if (yychar <= YYMAXTOKEN298) yys = yyname[yychar]; | ||||
1438 | if (!yys) yys = "illegal-symbol"; | ||||
1439 | printf("%sdebug: state %d, reading %d (%s)\n", | ||||
1440 | YYPREFIX"yy", yystate, yychar, yys); | ||||
1441 | } | ||||
1442 | #endif | ||||
1443 | } | ||||
1444 | if ((yyn = yysindex[yystate]) && (yyn += yychar) >= 0 && | ||||
1445 | yyn <= YYTABLESIZE311 && yycheck[yyn] == yychar) | ||||
1446 | { | ||||
1447 | #if YYDEBUG0 | ||||
1448 | if (yydebug) | ||||
1449 | printf("%sdebug: state %d, shifting to state %d\n", | ||||
1450 | YYPREFIX"yy", yystate, yytable[yyn]); | ||||
1451 | #endif | ||||
1452 | if (yyssp >= yysslim && yygrowstack()) | ||||
1453 | { | ||||
1454 | goto yyoverflow; | ||||
1455 | } | ||||
1456 | *++yyssp = yystate = yytable[yyn]; | ||||
1457 | *++yyvsp = yylval; | ||||
1458 | yychar = (-1); | ||||
1459 | if (yyerrflag > 0) --yyerrflag; | ||||
1460 | goto yyloop; | ||||
1461 | } | ||||
1462 | if ((yyn = yyrindex[yystate]) && (yyn += yychar) >= 0 && | ||||
1463 | yyn <= YYTABLESIZE311 && yycheck[yyn] == yychar) | ||||
1464 | { | ||||
1465 | yyn = yytable[yyn]; | ||||
1466 | goto yyreduce; | ||||
1467 | } | ||||
1468 | if (yyerrflag) goto yyinrecovery; | ||||
1469 | #if defined(__GNUC__4) | ||||
1470 | goto yynewerror; | ||||
1471 | #endif | ||||
1472 | yynewerror: | ||||
1473 | yyerror("syntax error"); | ||||
1474 | #if defined(__GNUC__4) | ||||
1475 | goto yyerrlab; | ||||
1476 | #endif | ||||
1477 | yyerrlab: | ||||
1478 | ++yynerrs; | ||||
1479 | yyinrecovery: | ||||
1480 | if (yyerrflag < 3) | ||||
1481 | { | ||||
1482 | yyerrflag = 3; | ||||
1483 | for (;;) | ||||
1484 | { | ||||
1485 | if ((yyn = yysindex[*yyssp]) && (yyn += YYERRCODE256) >= 0 && | ||||
1486 | yyn <= YYTABLESIZE311 && yycheck[yyn] == YYERRCODE256) | ||||
1487 | { | ||||
1488 | #if YYDEBUG0 | ||||
1489 | if (yydebug) | ||||
1490 | printf("%sdebug: state %d, error recovery shifting\ | ||||
1491 | to state %d\n", YYPREFIX"yy", *yyssp, yytable[yyn]); | ||||
1492 | #endif | ||||
1493 | if (yyssp >= yysslim && yygrowstack()) | ||||
1494 | { | ||||
1495 | goto yyoverflow; | ||||
1496 | } | ||||
1497 | *++yyssp = yystate = yytable[yyn]; | ||||
1498 | *++yyvsp = yylval; | ||||
1499 | goto yyloop; | ||||
1500 | } | ||||
1501 | else | ||||
1502 | { | ||||
1503 | #if YYDEBUG0 | ||||
1504 | if (yydebug) | ||||
1505 | printf("%sdebug: error recovery discarding state %d\n", | ||||
1506 | YYPREFIX"yy", *yyssp); | ||||
1507 | #endif | ||||
1508 | if (yyssp <= yyss) goto yyabort; | ||||
1509 | --yyssp; | ||||
1510 | --yyvsp; | ||||
1511 | } | ||||
1512 | } | ||||
1513 | } | ||||
1514 | else | ||||
1515 | { | ||||
1516 | if (yychar == 0) goto yyabort; | ||||
1517 | #if YYDEBUG0 | ||||
1518 | if (yydebug) | ||||
1519 | { | ||||
1520 | yys = 0; | ||||
1521 | if (yychar <= YYMAXTOKEN298) yys = yyname[yychar]; | ||||
1522 | if (!yys) yys = "illegal-symbol"; | ||||
1523 | printf("%sdebug: state %d, error recovery discards token %d (%s)\n", | ||||
1524 | YYPREFIX"yy", yystate, yychar, yys); | ||||
1525 | } | ||||
1526 | #endif | ||||
1527 | yychar = (-1); | ||||
1528 | goto yyloop; | ||||
1529 | } | ||||
1530 | yyreduce: | ||||
1531 | #if YYDEBUG0 | ||||
1532 | if (yydebug) | ||||
1533 | printf("%sdebug: state %d, reducing by rule %d (%s)\n", | ||||
1534 | YYPREFIX"yy", yystate, yyn, yyrule[yyn]); | ||||
1535 | #endif | ||||
1536 | yym = yylen[yyn]; | ||||
1537 | if (yym
| ||||
1538 | yyval = yyvsp[1-yym]; | ||||
1539 | else | ||||
1540 | memset(&yyval, 0, sizeof yyval); | ||||
1541 | switch (yyn) | ||||
1542 | { | ||||
1543 | case 6: | ||||
1544 | #line 138 "/usr/src/usr.sbin/ldapd/parse.y" | ||||
1545 | { file->errors++; } | ||||
1546 | break; | ||||
1547 | case 8: | ||||
1548 | #line 140 "/usr/src/usr.sbin/ldapd/parse.y" | ||||
1549 | { | ||||
1550 | SIMPLEQ_INSERT_TAIL(&conf->acl, yyvsp[-1].v.aci, entry)do { (yyvsp[-1].v.aci)->entry.sqe_next = ((void*)0); *(& conf->acl)->sqh_last = (yyvsp[-1].v.aci); (&conf-> acl)->sqh_last = &(yyvsp[-1].v.aci)->entry.sqe_next ; } while (0); | ||||
1551 | } | ||||
1552 | break; | ||||
1553 | case 10: | ||||
1554 | #line 146 "/usr/src/usr.sbin/ldapd/parse.y" | ||||
1555 | { yyval.v.number = 0; } | ||||
1556 | break; | ||||
1557 | case 11: | ||||
1558 | #line 147 "/usr/src/usr.sbin/ldapd/parse.y" | ||||
1559 | { yyval.v.number = F_LEGACY0x08; } | ||||
1560 | break; | ||||
1561 | case 12: | ||||
1562 | #line 150 "/usr/src/usr.sbin/ldapd/parse.y" | ||||
1563 | { yyval.v.number = 0; } | ||||
1564 | break; | ||||
1565 | case 13: | ||||
1566 | #line 151 "/usr/src/usr.sbin/ldapd/parse.y" | ||||
1567 | { yyval.v.number = F_STARTTLS0x01; } | ||||
1568 | break; | ||||
1569 | case 14: | ||||
1570 | #line 152 "/usr/src/usr.sbin/ldapd/parse.y" | ||||
1571 | { yyval.v.number = F_LDAPS0x02; } | ||||
1572 | break; | ||||
1573 | case 15: | ||||
1574 | #line 153 "/usr/src/usr.sbin/ldapd/parse.y" | ||||
1575 | { yyval.v.number = F_SECURE0x04; } | ||||
1576 | break; | ||||
1577 | case 16: | ||||
1578 | #line 156 "/usr/src/usr.sbin/ldapd/parse.y" | ||||
1579 | { yyval.v.number = yyvsp[-1].v.number | yyvsp[0].v.number; } | ||||
1580 | break; | ||||
1581 | case 17: | ||||
1582 | #line 159 "/usr/src/usr.sbin/ldapd/parse.y" | ||||
1583 | { yyval.v.string = NULL((void*)0); } | ||||
1584 | break; | ||||
1585 | case 18: | ||||
1586 | #line 160 "/usr/src/usr.sbin/ldapd/parse.y" | ||||
1587 | { yyval.v.string = yyvsp[0].v.string; } | ||||
1588 | break; | ||||
1589 | case 19: | ||||
1590 | #line 163 "/usr/src/usr.sbin/ldapd/parse.y" | ||||
1591 | { | ||||
1592 | struct servent *servent; | ||||
1593 | |||||
1594 | servent = getservbyname(yyvsp[0].v.string, "tcp"); | ||||
1595 | if (servent == NULL((void*)0)) { | ||||
1596 | yyerror("port %s is invalid", yyvsp[0].v.string); | ||||
1597 | free(yyvsp[0].v.string); | ||||
1598 | YYERRORgoto yyerrlab; | ||||
1599 | } | ||||
1600 | yyval.v.number = servent->s_port; | ||||
1601 | free(yyvsp[0].v.string); | ||||
1602 | } | ||||
1603 | break; | ||||
1604 | case 20: | ||||
1605 | #line 175 "/usr/src/usr.sbin/ldapd/parse.y" | ||||
1606 | { | ||||
1607 | if (yyvsp[0].v.number <= 0 || yyvsp[0].v.number > (int)USHRT_MAX(32767 *2 +1)) { | ||||
1608 | yyerror("invalid port: %lld", yyvsp[0].v.number); | ||||
1609 | YYERRORgoto yyerrlab; | ||||
1610 | } | ||||
1611 | yyval.v.number = htons(yyvsp[0].v.number)(__uint16_t)(__builtin_constant_p(yyvsp[0].v.number) ? (__uint16_t )(((__uint16_t)(yyvsp[0].v.number) & 0xffU) << 8 | ( (__uint16_t)(yyvsp[0].v.number) & 0xff00U) >> 8) : __swap16md (yyvsp[0].v.number)); | ||||
1612 | } | ||||
1613 | break; | ||||
1614 | case 21: | ||||
1615 | #line 182 "/usr/src/usr.sbin/ldapd/parse.y" | ||||
1616 | { | ||||
1617 | yyval.v.number = 0; | ||||
1618 | } | ||||
1619 | break; | ||||
1620 | case 22: | ||||
1621 | #line 187 "/usr/src/usr.sbin/ldapd/parse.y" | ||||
1622 | { | ||||
1623 | char *cert; | ||||
1624 | |||||
1625 | if (yyvsp[-2].v.number == 0) { | ||||
1626 | if (yyvsp[-1].v.number & F_LDAPS0x02) | ||||
1627 | yyvsp[-2].v.number = htons(LDAPS_PORT)(__uint16_t)(__builtin_constant_p(636) ? (__uint16_t)(((__uint16_t )(636) & 0xffU) << 8 | ((__uint16_t)(636) & 0xff00U ) >> 8) : __swap16md(636)); | ||||
1628 | else | ||||
1629 | yyvsp[-2].v.number = htons(LDAP_PORT)(__uint16_t)(__builtin_constant_p(389) ? (__uint16_t)(((__uint16_t )(389) & 0xffU) << 8 | ((__uint16_t)(389) & 0xff00U ) >> 8) : __swap16md(389)); | ||||
1630 | } | ||||
1631 | |||||
1632 | cert = (yyvsp[0].v.string != NULL((void*)0)) ? yyvsp[0].v.string : yyvsp[-3].v.string; | ||||
1633 | |||||
1634 | if ((yyvsp[-1].v.number & F_SSL(0x02|0x01)) && | ||||
1635 | load_certfile(conf, cert, F_SCERT0x01, yyvsp[-1].v.number) < 0) { | ||||
1636 | yyerror("cannot load certificate: %s", cert); | ||||
1637 | free(yyvsp[0].v.string); | ||||
1638 | free(yyvsp[-3].v.string); | ||||
1639 | YYERRORgoto yyerrlab; | ||||
1640 | } | ||||
1641 | |||||
1642 | if (! interface(yyvsp[-3].v.string, cert, &conf->listeners, | ||||
1643 | yyvsp[-2].v.number, yyvsp[-1].v.number)) { | ||||
1644 | if (host(yyvsp[-3].v.string, cert, &conf->listeners, | ||||
1645 | yyvsp[-2].v.number, yyvsp[-1].v.number) != 1) { | ||||
1646 | yyerror("invalid virtual ip or interface: %s", yyvsp[-3].v.string); | ||||
1647 | free(yyvsp[0].v.string); | ||||
1648 | free(yyvsp[-3].v.string); | ||||
1649 | YYERRORgoto yyerrlab; | ||||
1650 | } | ||||
1651 | } | ||||
1652 | free(yyvsp[0].v.string); | ||||
1653 | free(yyvsp[-3].v.string); | ||||
1654 | } | ||||
1655 | break; | ||||
1656 | case 23: | ||||
1657 | #line 220 "/usr/src/usr.sbin/ldapd/parse.y" | ||||
1658 | { | ||||
1659 | struct referral *ref; | ||||
1660 | if ((ref = calloc(1, sizeof(*ref))) == NULL((void*)0)) { | ||||
1661 | yyerror("calloc"); | ||||
1662 | free(yyvsp[0].v.string); | ||||
1663 | YYERRORgoto yyerrlab; | ||||
1664 | } | ||||
1665 | ref->url = yyvsp[0].v.string; | ||||
1666 | SLIST_INSERT_HEAD(&conf->referrals, ref, next)do { (ref)->next.sle_next = (&conf->referrals)-> slh_first; (&conf->referrals)->slh_first = (ref); } while (0); | ||||
1667 | } | ||||
1668 | break; | ||||
1669 | case 24: | ||||
1670 | #line 230 "/usr/src/usr.sbin/ldapd/parse.y" | ||||
1671 | { | ||||
1672 | conf->rootdn = yyvsp[0].v.string; | ||||
1673 | normalize_dn(conf->rootdn); | ||||
1674 | } | ||||
1675 | break; | ||||
1676 | case 25: | ||||
1677 | #line 234 "/usr/src/usr.sbin/ldapd/parse.y" | ||||
1678 | { conf->rootpw = yyvsp[0].v.string; } | ||||
1679 | break; | ||||
1680 | case 26: | ||||
1681 | #line 237 "/usr/src/usr.sbin/ldapd/parse.y" | ||||
1682 | { | ||||
1683 | log_debug("parsing namespace %s", yyvsp[-2].v.string); | ||||
1684 | current_ns = namespace_new(yyvsp[-2].v.string); | ||||
1685 | free(yyvsp[-2].v.string); | ||||
1686 | TAILQ_INSERT_TAIL(&conf->namespaces, current_ns, next)do { (current_ns)->next.tqe_next = ((void*)0); (current_ns )->next.tqe_prev = (&conf->namespaces)->tqh_last ; *(&conf->namespaces)->tqh_last = (current_ns); (& conf->namespaces)->tqh_last = &(current_ns)->next .tqe_next; } while (0); | ||||
1687 | } | ||||
1688 | break; | ||||
1689 | case 27: | ||||
1690 | #line 242 "/usr/src/usr.sbin/ldapd/parse.y" | ||||
1691 | { current_ns = NULL((void*)0); } | ||||
1692 | break; | ||||
1693 | case 28: | ||||
1694 | #line 245 "/usr/src/usr.sbin/ldapd/parse.y" | ||||
1695 | { | ||||
1696 | if (strcasecmp(yyvsp[0].v.string, "true") == 0 || | ||||
1697 | strcasecmp(yyvsp[0].v.string, "yes") == 0) | ||||
1698 | yyval.v.number = 1; | ||||
1699 | else if (strcasecmp(yyvsp[0].v.string, "false") == 0 || | ||||
1700 | strcasecmp(yyvsp[0].v.string, "off") == 0 || | ||||
1701 | strcasecmp(yyvsp[0].v.string, "no") == 0) | ||||
1702 | yyval.v.number = 0; | ||||
1703 | else { | ||||
1704 | yyerror("invalid boolean value '%s'", yyvsp[0].v.string); | ||||
1705 | free(yyvsp[0].v.string); | ||||
1706 | YYERRORgoto yyerrlab; | ||||
1707 | } | ||||
1708 | free(yyvsp[0].v.string); | ||||
1709 | } | ||||
1710 | break; | ||||
1711 | case 29: | ||||
1712 | #line 260 "/usr/src/usr.sbin/ldapd/parse.y" | ||||
1713 | { yyval.v.number = 1; } | ||||
1714 | break; | ||||
1715 | case 33: | ||||
1716 | #line 268 "/usr/src/usr.sbin/ldapd/parse.y" | ||||
1717 | { | ||||
1718 | current_ns->rootdn = yyvsp[0].v.string; | ||||
1719 | normalize_dn(current_ns->rootdn); | ||||
1720 | } | ||||
1721 | break; | ||||
1722 | case 34: | ||||
1723 | #line 272 "/usr/src/usr.sbin/ldapd/parse.y" | ||||
1724 | { current_ns->rootpw = yyvsp[0].v.string; } | ||||
1725 | break; | ||||
1726 | case 35: | ||||
1727 | #line 273 "/usr/src/usr.sbin/ldapd/parse.y" | ||||
1728 | { | ||||
1729 | struct attr_index *ai; | ||||
1730 | if ((ai = calloc(1, sizeof(*ai))) == NULL((void*)0)) { | ||||
1731 | yyerror("calloc"); | ||||
1732 | free(yyvsp[0].v.string); | ||||
1733 | YYERRORgoto yyerrlab; | ||||
1734 | } | ||||
1735 | ai->attr = yyvsp[0].v.string; | ||||
1736 | ai->type = INDEX_EQUAL; | ||||
1737 | TAILQ_INSERT_TAIL(¤t_ns->indices, ai, next)do { (ai)->next.tqe_next = ((void*)0); (ai)->next.tqe_prev = (¤t_ns->indices)->tqh_last; *(¤t_ns ->indices)->tqh_last = (ai); (¤t_ns->indices )->tqh_last = &(ai)->next.tqe_next; } while (0); | ||||
1738 | } | ||||
1739 | break; | ||||
1740 | case 36: | ||||
1741 | #line 284 "/usr/src/usr.sbin/ldapd/parse.y" | ||||
1742 | { current_ns->cache_size = yyvsp[0].v.number; } | ||||
1743 | break; | ||||
1744 | case 37: | ||||
1745 | #line 285 "/usr/src/usr.sbin/ldapd/parse.y" | ||||
1746 | { current_ns->index_cache_size = yyvsp[0].v.number; } | ||||
1747 | break; | ||||
1748 | case 38: | ||||
1749 | #line 286 "/usr/src/usr.sbin/ldapd/parse.y" | ||||
1750 | { current_ns->sync = yyvsp[0].v.number; } | ||||
1751 | break; | ||||
1752 | case 39: | ||||
1753 | #line 287 "/usr/src/usr.sbin/ldapd/parse.y" | ||||
1754 | { | ||||
1755 | SIMPLEQ_INSERT_TAIL(¤t_ns->acl, yyvsp[0].v.aci, entry)do { (yyvsp[0].v.aci)->entry.sqe_next = ((void*)0); *(& current_ns->acl)->sqh_last = (yyvsp[0].v.aci); (¤t_ns ->acl)->sqh_last = &(yyvsp[0].v.aci)->entry.sqe_next ; } while (0); | ||||
1756 | } | ||||
1757 | break; | ||||
1758 | case 40: | ||||
1759 | #line 290 "/usr/src/usr.sbin/ldapd/parse.y" | ||||
1760 | { current_ns->relax = 1; } | ||||
1761 | break; | ||||
1762 | case 41: | ||||
1763 | #line 291 "/usr/src/usr.sbin/ldapd/parse.y" | ||||
1764 | { current_ns->relax = 0; } | ||||
1765 | break; | ||||
1766 | case 42: | ||||
1767 | #line 292 "/usr/src/usr.sbin/ldapd/parse.y" | ||||
1768 | { current_ns->compression_level = yyvsp[0].v.number; } | ||||
1769 | break; | ||||
1770 | case 43: | ||||
1771 | #line 293 "/usr/src/usr.sbin/ldapd/parse.y" | ||||
1772 | { | ||||
1773 | struct referral *ref; | ||||
1774 | if ((ref = calloc(1, sizeof(*ref))) == NULL((void*)0)) { | ||||
1775 | yyerror("calloc"); | ||||
1776 | free(yyvsp[0].v.string); | ||||
1777 | YYERRORgoto yyerrlab; | ||||
1778 | } | ||||
1779 | ref->url = yyvsp[0].v.string; | ||||
1780 | SLIST_INSERT_HEAD(¤t_ns->referrals, ref, next)do { (ref)->next.sle_next = (¤t_ns->referrals )->slh_first; (¤t_ns->referrals)->slh_first = (ref); } while (0); | ||||
1781 | } | ||||
1782 | break; | ||||
1783 | case 44: | ||||
1784 | #line 305 "/usr/src/usr.sbin/ldapd/parse.y" | ||||
1785 | { yyval.v.number = 6; } | ||||
1786 | break; | ||||
1787 | case 45: | ||||
1788 | #line 306 "/usr/src/usr.sbin/ldapd/parse.y" | ||||
1789 | { yyval.v.number = yyvsp[0].v.number; } | ||||
1790 | break; | ||||
1791 | case 46: | ||||
1792 | #line 309 "/usr/src/usr.sbin/ldapd/parse.y" | ||||
1793 | { | ||||
1794 | if ((yyval.v.aci = mk_aci(yyvsp[-6].v.number, yyvsp[-5].v.number, yyvsp[-3].v.number, yyvsp[-2].v.string, yyvsp[-1].v.string, yyvsp[0].v.string)) == NULL((void*)0)) { | ||||
1795 | free(yyvsp[-2].v.string); | ||||
1796 | free(yyvsp[-1].v.string); | ||||
1797 | YYERRORgoto yyerrlab; | ||||
1798 | } | ||||
1799 | } | ||||
1800 | break; | ||||
1801 | case 47: | ||||
1802 | #line 316 "/usr/src/usr.sbin/ldapd/parse.y" | ||||
1803 | { | ||||
1804 | if ((yyval.v.aci = mk_aci(yyvsp[-1].v.number, yyvsp[0].v.number, LDAP_SCOPE_SUBTREE, NULL((void*)0), | ||||
1805 | NULL((void*)0), NULL((void*)0))) == NULL((void*)0)) { | ||||
1806 | YYERRORgoto yyerrlab; | ||||
1807 | } | ||||
1808 | } | ||||
1809 | break; | ||||
1810 | case 48: | ||||
1811 | #line 324 "/usr/src/usr.sbin/ldapd/parse.y" | ||||
1812 | { yyval.v.number = ACI_DENY0; } | ||||
1813 | break; | ||||
1814 | case 49: | ||||
1815 | #line 325 "/usr/src/usr.sbin/ldapd/parse.y" | ||||
1816 | { yyval.v.number = ACI_ALLOW1; } | ||||
1817 | break; | ||||
1818 | case 50: | ||||
1819 | #line 328 "/usr/src/usr.sbin/ldapd/parse.y" | ||||
1820 | { yyval.v.number = ACI_ALL0x1F; } | ||||
1821 | break; | ||||
1822 | case 51: | ||||
1823 | #line 329 "/usr/src/usr.sbin/ldapd/parse.y" | ||||
1824 | { yyval.v.number = ACI_ALL0x1F; } | ||||
1825 | break; | ||||
1826 | case 52: | ||||
1827 | #line 330 "/usr/src/usr.sbin/ldapd/parse.y" | ||||
1828 | { yyval.v.number = yyvsp[-1].v.number; } | ||||
1829 | break; | ||||
1830 | case 53: | ||||
1831 | #line 333 "/usr/src/usr.sbin/ldapd/parse.y" | ||||
1832 | { yyval.v.number = yyvsp[0].v.number; } | ||||
1833 | break; | ||||
1834 | case 54: | ||||
1835 | #line 334 "/usr/src/usr.sbin/ldapd/parse.y" | ||||
1836 | { yyval.v.number = yyvsp[-2].v.number | yyvsp[0].v.number; } | ||||
1837 | break; | ||||
1838 | case 55: | ||||
1839 | #line 337 "/usr/src/usr.sbin/ldapd/parse.y" | ||||
1840 | { yyval.v.number = ACI_READ0x01; } | ||||
1841 | break; | ||||
1842 | case 56: | ||||
1843 | #line 338 "/usr/src/usr.sbin/ldapd/parse.y" | ||||
1844 | { yyval.v.number = ACI_WRITE0x02; } | ||||
1845 | break; | ||||
1846 | case 57: | ||||
1847 | #line 339 "/usr/src/usr.sbin/ldapd/parse.y" | ||||
1848 | { yyval.v.number = ACI_BIND0x10; } | ||||
1849 | break; | ||||
1850 | case 58: | ||||
1851 | #line 343 "/usr/src/usr.sbin/ldapd/parse.y" | ||||
1852 | { yyval.v.number = LDAP_SCOPE_BASE; } | ||||
1853 | break; | ||||
1854 | case 59: | ||||
1855 | #line 344 "/usr/src/usr.sbin/ldapd/parse.y" | ||||
1856 | { yyval.v.number = LDAP_SCOPE_SUBTREE; } | ||||
1857 | break; | ||||
1858 | case 60: | ||||
1859 | #line 345 "/usr/src/usr.sbin/ldapd/parse.y" | ||||
1860 | { yyval.v.number = LDAP_SCOPE_ONELEVEL; } | ||||
1861 | break; | ||||
1862 | case 61: | ||||
1863 | #line 348 "/usr/src/usr.sbin/ldapd/parse.y" | ||||
1864 | { yyval.v.string = NULL((void*)0); } | ||||
1865 | break; | ||||
1866 | case 62: | ||||
1867 | #line 349 "/usr/src/usr.sbin/ldapd/parse.y" | ||||
1868 | { yyval.v.string = strdup(""); } | ||||
1869 | break; | ||||
1870 | case 63: | ||||
1871 | #line 350 "/usr/src/usr.sbin/ldapd/parse.y" | ||||
1872 | { yyval.v.string = yyvsp[0].v.string; normalize_dn(yyval.v.string); } | ||||
1873 | break; | ||||
1874 | case 64: | ||||
1875 | #line 353 "/usr/src/usr.sbin/ldapd/parse.y" | ||||
1876 | { yyval.v.string = NULL((void*)0); } | ||||
1877 | break; | ||||
1878 | case 65: | ||||
1879 | #line 354 "/usr/src/usr.sbin/ldapd/parse.y" | ||||
1880 | { yyval.v.string = yyvsp[0].v.string; } | ||||
1881 | break; | ||||
1882 | case 66: | ||||
1883 | #line 357 "/usr/src/usr.sbin/ldapd/parse.y" | ||||
1884 | { yyval.v.string = NULL((void*)0); } | ||||
1885 | break; | ||||
1886 | case 67: | ||||
1887 | #line 358 "/usr/src/usr.sbin/ldapd/parse.y" | ||||
1888 | { yyval.v.string = NULL((void*)0); } | ||||
1889 | break; | ||||
1890 | case 68: | ||||
1891 | #line 359 "/usr/src/usr.sbin/ldapd/parse.y" | ||||
1892 | { yyval.v.string = yyvsp[0].v.string; normalize_dn(yyval.v.string); } | ||||
1893 | break; | ||||
1894 | case 69: | ||||
1895 | #line 360 "/usr/src/usr.sbin/ldapd/parse.y" | ||||
1896 | { yyval.v.string = strdup("@"); } | ||||
1897 | break; | ||||
1898 | case 70: | ||||
1899 | #line 363 "/usr/src/usr.sbin/ldapd/parse.y" | ||||
1900 | { | ||||
1901 | struct file *nfile; | ||||
1902 | |||||
1903 | if ((nfile = pushfile(yyvsp[0].v.string, 1)) == NULL((void*)0)) { | ||||
1904 | yyerror("failed to include file %s", yyvsp[0].v.string); | ||||
1905 | free(yyvsp[0].v.string); | ||||
1906 | YYERRORgoto yyerrlab; | ||||
1907 | } | ||||
1908 | free(yyvsp[0].v.string); | ||||
1909 | |||||
1910 | file = nfile; | ||||
1911 | lungetc('\n'); | ||||
1912 | } | ||||
1913 | break; | ||||
1914 | case 71: | ||||
1915 | #line 378 "/usr/src/usr.sbin/ldapd/parse.y" | ||||
1916 | { | ||||
1917 | char *s = yyvsp[-2].v.string; | ||||
1918 | while (*s++) { | ||||
1919 | if (isspace((unsigned char)*s)) { | ||||
1920 | yyerror("macro name cannot contain " | ||||
1921 | "whitespace"); | ||||
1922 | free(yyvsp[-2].v.string); | ||||
1923 | free(yyvsp[0].v.string); | ||||
1924 | YYERRORgoto yyerrlab; | ||||
1925 | } | ||||
1926 | } | ||||
1927 | if (symset(yyvsp[-2].v.string, yyvsp[0].v.string, 0) == -1) | ||||
1928 | fatal("cannot store variable"); | ||||
1929 | free(yyvsp[-2].v.string); | ||||
1930 | free(yyvsp[0].v.string); | ||||
1931 | } | ||||
1932 | break; | ||||
1933 | case 72: | ||||
1934 | #line 396 "/usr/src/usr.sbin/ldapd/parse.y" | ||||
1935 | { | ||||
1936 | int ret; | ||||
1937 | |||||
1938 | ret = schema_parse(conf->schema, yyvsp[0].v.string); | ||||
1939 | free(yyvsp[0].v.string); | ||||
1940 | if (ret != 0) { | ||||
1941 | YYERRORgoto yyerrlab; | ||||
1942 | } | ||||
1943 | } | ||||
1944 | break; | ||||
1945 | #line 1938 "parse.c" | ||||
1946 | } | ||||
1947 | yyssp -= yym; | ||||
1948 | yystate = *yyssp; | ||||
1949 | yyvsp -= yym; | ||||
1950 | yym = yylhs[yyn]; | ||||
1951 | if (yystate
| ||||
1952 | { | ||||
1953 | #if YYDEBUG0 | ||||
1954 | if (yydebug) | ||||
1955 | printf("%sdebug: after reduction, shifting from state 0 to\ | ||||
1956 | state %d\n", YYPREFIX"yy", YYFINAL1); | ||||
1957 | #endif | ||||
1958 | yystate = YYFINAL1; | ||||
1959 | *++yyssp = YYFINAL1; | ||||
1960 | *++yyvsp = yyval; | ||||
1961 | if (yychar
| ||||
1962 | { | ||||
1963 | if ((yychar = yylex()) < 0) yychar = 0; | ||||
1964 | #if YYDEBUG0 | ||||
1965 | if (yydebug) | ||||
1966 | { | ||||
1967 | yys = 0; | ||||
1968 | if (yychar <= YYMAXTOKEN298) yys = yyname[yychar]; | ||||
1969 | if (!yys) yys = "illegal-symbol"; | ||||
1970 | printf("%sdebug: state %d, reading %d (%s)\n", | ||||
1971 | YYPREFIX"yy", YYFINAL1, yychar, yys); | ||||
1972 | } | ||||
1973 | #endif | ||||
1974 | } | ||||
1975 | if (yychar == 0) goto yyaccept; | ||||
1976 | goto yyloop; | ||||
1977 | } | ||||
1978 | if ((yyn = yygindex[yym]) && (yyn += yystate) >= 0 && | ||||
1979 | yyn <= YYTABLESIZE311 && yycheck[yyn] == yystate) | ||||
1980 | yystate = yytable[yyn]; | ||||
1981 | else | ||||
1982 | yystate = yydgoto[yym]; | ||||
1983 | #if YYDEBUG0 | ||||
1984 | if (yydebug) | ||||
1985 | printf("%sdebug: after reduction, shifting from state %d \ | ||||
1986 | to state %d\n", YYPREFIX"yy", *yyssp, yystate); | ||||
1987 | #endif | ||||
1988 | if (yyssp >= yysslim && yygrowstack()) | ||||
1989 | { | ||||
1990 | goto yyoverflow; | ||||
1991 | } | ||||
1992 | *++yyssp = yystate; | ||||
| |||||
1993 | *++yyvsp = yyval; | ||||
1994 | goto yyloop; | ||||
1995 | yyoverflow: | ||||
1996 | yyerror("yacc stack overflow"); | ||||
1997 | yyabort: | ||||
1998 | if (yyss) | ||||
1999 | free(yyss); | ||||
2000 | if (yyvs) | ||||
2001 | free(yyvs); | ||||
2002 | yyss = yyssp = NULL((void*)0); | ||||
2003 | yyvs = yyvsp = NULL((void*)0); | ||||
2004 | yystacksize = 0; | ||||
2005 | return (1); | ||||
2006 | yyaccept: | ||||
2007 | if (yyss) | ||||
2008 | free(yyss); | ||||
2009 | if (yyvs) | ||||
2010 | free(yyvs); | ||||
2011 | yyss = yyssp = NULL((void*)0); | ||||
2012 | yyvs = yyvsp = NULL((void*)0); | ||||
2013 | yystacksize = 0; | ||||
2014 | return (0); | ||||
2015 | } |