File: | src/usr.sbin/ldapctl/obj/parse.c |
Warning: | line 1426, column 12 Use of zero-allocated memory |
Press '?' to see keyboard shortcuts
Keyboard shortcuts:
1 | #include <stdlib.h> | |||
2 | #include <string.h> | |||
3 | #define YYBYACC1 1 | |||
4 | #define YYMAJOR1 1 | |||
5 | #define YYMINOR9 9 | |||
6 | #define YYLEXyylex() yylex() | |||
7 | #define YYEMPTY-1 -1 | |||
8 | #define yyclearin(yychar=(-1)) (yychar=(YYEMPTY-1)) | |||
9 | #define yyerrok(yyerrflag=0) (yyerrflag=0) | |||
10 | #define YYRECOVERING()(yyerrflag!=0) (yyerrflag!=0) | |||
11 | #define YYPREFIX"yy" "yy" | |||
12 | #line 25 "/usr/src/usr.sbin/ldapctl/../ldapd/parse.y" | |||
13 | #include <sys/types.h> | |||
14 | #include <sys/queue.h> | |||
15 | #include <sys/tree.h> | |||
16 | #include <sys/socket.h> | |||
17 | #include <sys/stat.h> | |||
18 | #include <sys/un.h> | |||
19 | #include <netinet/in.h> | |||
20 | #include <arpa/inet.h> | |||
21 | ||||
22 | #include <ctype.h> | |||
23 | #include <err.h> | |||
24 | #include <errno(*__errno()).h> | |||
25 | #include <ifaddrs.h> | |||
26 | #include <limits.h> | |||
27 | #include <netdb.h> | |||
28 | #include <stdarg.h> | |||
29 | #include <stdio.h> | |||
30 | #include <stdlib.h> | |||
31 | #include <string.h> | |||
32 | #include <syslog.h> | |||
33 | #include <unistd.h> | |||
34 | ||||
35 | #include "ldapd.h" | |||
36 | #include "log.h" | |||
37 | ||||
38 | TAILQ_HEAD(files, file)struct files { struct file *tqh_first; struct file **tqh_last ; } files = TAILQ_HEAD_INITIALIZER(files){ ((void*)0), &(files).tqh_first }; | |||
39 | static struct file { | |||
40 | TAILQ_ENTRY(file)struct { struct file *tqe_next; struct file **tqe_prev; } entry; | |||
41 | FILE *stream; | |||
42 | char *name; | |||
43 | size_t ungetpos; | |||
44 | size_t ungetsize; | |||
45 | u_char *ungetbuf; | |||
46 | int eof_reached; | |||
47 | int lineno; | |||
48 | int errors; | |||
49 | } *file, *topfile; | |||
50 | struct file *pushfile(const char *, int); | |||
51 | int popfile(void); | |||
52 | int check_file_secrecy(int, const char *); | |||
53 | int yyparse(void); | |||
54 | int yylex(void); | |||
55 | int yyerror(const char *, ...) | |||
56 | __attribute__((__format__ (printf, 1, 2))) | |||
57 | __attribute__((__nonnull__ (1))); | |||
58 | int kw_cmp(const void *, const void *); | |||
59 | int lookup(char *); | |||
60 | int igetc(void); | |||
61 | int lgetc(int); | |||
62 | void lungetc(int); | |||
63 | int findeol(void); | |||
64 | ||||
65 | struct listener *host_unix(const char *path); | |||
66 | struct listener *host_v4(const char *, in_port_t); | |||
67 | struct listener *host_v6(const char *, in_port_t); | |||
68 | int host_dns(const char *, const char *, | |||
69 | struct listenerlist *, in_port_t, u_int8_t); | |||
70 | int host(const char *, const char *, | |||
71 | struct listenerlist *, in_port_t, u_int8_t); | |||
72 | int interface(const char *, const char *, | |||
73 | struct listenerlist *, in_port_t, u_int8_t); | |||
74 | int load_certfile(struct ldapd_config *, const char *, u_int8_t, u_int8_t); | |||
75 | ||||
76 | TAILQ_HEAD(symhead, sym)struct symhead { struct sym *tqh_first; struct sym **tqh_last ; } symhead = TAILQ_HEAD_INITIALIZER(symhead){ ((void*)0), &(symhead).tqh_first }; | |||
77 | struct sym { | |||
78 | TAILQ_ENTRY(sym)struct { struct sym *tqe_next; struct sym **tqe_prev; } entry; | |||
79 | int used; | |||
80 | int persist; | |||
81 | char *nam; | |||
82 | char *val; | |||
83 | }; | |||
84 | int symset(const char *, const char *, int); | |||
85 | char *symget(const char *); | |||
86 | ||||
87 | struct ldapd_config *conf; | |||
88 | ||||
89 | SPLAY_GENERATE(ssltree, ssl, ssl_nodes, ssl_cmp)struct ssl * ssltree_SPLAY_INSERT(struct ssltree *head, struct ssl *elm) { if (((head)->sph_root == ((void*)0))) { (elm) ->ssl_nodes.spe_left = (elm)->ssl_nodes.spe_right = ((void *)0); } else { int __comp; ssltree_SPLAY(head, elm); __comp = (ssl_cmp)(elm, (head)->sph_root); if(__comp < 0) { (elm )->ssl_nodes.spe_left = ((head)->sph_root)->ssl_nodes .spe_left; (elm)->ssl_nodes.spe_right = (head)->sph_root ; ((head)->sph_root)->ssl_nodes.spe_left = ((void*)0); } else if (__comp > 0) { (elm)->ssl_nodes.spe_right = (( head)->sph_root)->ssl_nodes.spe_right; (elm)->ssl_nodes .spe_left = (head)->sph_root; ((head)->sph_root)->ssl_nodes .spe_right = ((void*)0); } else return ((head)->sph_root); } (head)->sph_root = (elm); return (((void*)0)); } struct ssl * ssltree_SPLAY_REMOVE(struct ssltree *head, struct ssl * elm) { struct ssl *__tmp; if (((head)->sph_root == ((void* )0))) return (((void*)0)); ssltree_SPLAY(head, elm); if ((ssl_cmp )(elm, (head)->sph_root) == 0) { if (((head)->sph_root) ->ssl_nodes.spe_left == ((void*)0)) { (head)->sph_root = ((head)->sph_root)->ssl_nodes.spe_right; } else { __tmp = ((head)->sph_root)->ssl_nodes.spe_right; (head)-> sph_root = ((head)->sph_root)->ssl_nodes.spe_left; ssltree_SPLAY (head, elm); ((head)->sph_root)->ssl_nodes.spe_right = __tmp ; } return (elm); } return (((void*)0)); } void ssltree_SPLAY (struct ssltree *head, struct ssl *elm) { struct ssl __node, * __left, *__right, *__tmp; int __comp; (&__node)->ssl_nodes .spe_left = (&__node)->ssl_nodes.spe_right = ((void*)0 ); __left = __right = &__node; while ((__comp = (ssl_cmp) (elm, (head)->sph_root))) { if (__comp < 0) { __tmp = ( (head)->sph_root)->ssl_nodes.spe_left; if (__tmp == ((void *)0)) break; if ((ssl_cmp)(elm, __tmp) < 0){ do { ((head)-> sph_root)->ssl_nodes.spe_left = (__tmp)->ssl_nodes.spe_right ; (__tmp)->ssl_nodes.spe_right = (head)->sph_root; (head )->sph_root = __tmp; } while (0); if (((head)->sph_root )->ssl_nodes.spe_left == ((void*)0)) break; } do { (__right )->ssl_nodes.spe_left = (head)->sph_root; __right = (head )->sph_root; (head)->sph_root = ((head)->sph_root)-> ssl_nodes.spe_left; } while (0); } else if (__comp > 0) { __tmp = ((head)->sph_root)->ssl_nodes.spe_right; if (__tmp == ((void*)0)) break; if ((ssl_cmp)(elm, __tmp) > 0){ do { ( (head)->sph_root)->ssl_nodes.spe_right = (__tmp)->ssl_nodes .spe_left; (__tmp)->ssl_nodes.spe_left = (head)->sph_root ; (head)->sph_root = __tmp; } while (0); if (((head)->sph_root )->ssl_nodes.spe_right == ((void*)0)) break; } do { (__left )->ssl_nodes.spe_right = (head)->sph_root; __left = (head )->sph_root; (head)->sph_root = ((head)->sph_root)-> ssl_nodes.spe_right; } while (0); } } do { (__left)->ssl_nodes .spe_right = ((head)->sph_root)->ssl_nodes.spe_left; (__right )->ssl_nodes.spe_left = ((head)->sph_root)->ssl_nodes .spe_right; ((head)->sph_root)->ssl_nodes.spe_left = (& __node)->ssl_nodes.spe_right; ((head)->sph_root)->ssl_nodes .spe_right = (&__node)->ssl_nodes.spe_left; } while (0 ); } void ssltree_SPLAY_MINMAX(struct ssltree *head, int __comp ) { struct ssl __node, *__left, *__right, *__tmp; (&__node )->ssl_nodes.spe_left = (&__node)->ssl_nodes.spe_right = ((void*)0); __left = __right = &__node; while (1) { if (__comp < 0) { __tmp = ((head)->sph_root)->ssl_nodes .spe_left; if (__tmp == ((void*)0)) break; if (__comp < 0) { do { ((head)->sph_root)->ssl_nodes.spe_left = (__tmp) ->ssl_nodes.spe_right; (__tmp)->ssl_nodes.spe_right = ( head)->sph_root; (head)->sph_root = __tmp; } while (0); if (((head)->sph_root)->ssl_nodes.spe_left == ((void*) 0)) break; } do { (__right)->ssl_nodes.spe_left = (head)-> sph_root; __right = (head)->sph_root; (head)->sph_root = ((head)->sph_root)->ssl_nodes.spe_left; } while (0); } else if (__comp > 0) { __tmp = ((head)->sph_root)-> ssl_nodes.spe_right; if (__tmp == ((void*)0)) break; if (__comp > 0) { do { ((head)->sph_root)->ssl_nodes.spe_right = (__tmp)->ssl_nodes.spe_left; (__tmp)->ssl_nodes.spe_left = (head)->sph_root; (head)->sph_root = __tmp; } while ( 0); if (((head)->sph_root)->ssl_nodes.spe_right == ((void *)0)) break; } do { (__left)->ssl_nodes.spe_right = (head) ->sph_root; __left = (head)->sph_root; (head)->sph_root = ((head)->sph_root)->ssl_nodes.spe_right; } while (0) ; } } do { (__left)->ssl_nodes.spe_right = ((head)->sph_root )->ssl_nodes.spe_left; (__right)->ssl_nodes.spe_left = ( (head)->sph_root)->ssl_nodes.spe_right; ((head)->sph_root )->ssl_nodes.spe_left = (&__node)->ssl_nodes.spe_right ; ((head)->sph_root)->ssl_nodes.spe_right = (&__node )->ssl_nodes.spe_left; } while (0); }; | |||
90 | ||||
91 | static struct aci *mk_aci(int type, int rights, enum scope scope, | |||
92 | char *target, char *subject, char *attr); | |||
93 | ||||
94 | typedef struct { | |||
95 | union { | |||
96 | int64_t number; | |||
97 | char *string; | |||
98 | struct aci *aci; | |||
99 | } v; | |||
100 | int lineno; | |||
101 | } YYSTYPE; | |||
102 | ||||
103 | static struct namespace *current_ns = NULL((void*)0); | |||
104 | ||||
105 | #line 106 "parse.c" | |||
106 | #define ERROR257 257 | |||
107 | #define LISTEN258 258 | |||
108 | #define ON259 259 | |||
109 | #define LEGACY260 260 | |||
110 | #define TLS261 261 | |||
111 | #define LDAPS262 262 | |||
112 | #define PORT263 263 | |||
113 | #define NAMESPACE264 264 | |||
114 | #define ROOTDN265 265 | |||
115 | #define ROOTPW266 266 | |||
116 | #define INDEX267 267 | |||
117 | #define SECURE268 268 | |||
118 | #define RELAX269 269 | |||
119 | #define STRICT270 270 | |||
120 | #define SCHEMA271 271 | |||
121 | #define USE272 272 | |||
122 | #define COMPRESSION273 273 | |||
123 | #define LEVEL274 274 | |||
124 | #define INCLUDE275 275 | |||
125 | #define CERTIFICATE276 276 | |||
126 | #define FSYNC277 277 | |||
127 | #define CACHE_SIZE278 278 | |||
128 | #define INDEX_CACHE_SIZE279 279 | |||
129 | #define DENY280 280 | |||
130 | #define ALLOW281 281 | |||
131 | #define READ282 282 | |||
132 | #define WRITE283 283 | |||
133 | #define BIND284 284 | |||
134 | #define ACCESS285 285 | |||
135 | #define TO286 286 | |||
136 | #define ROOT287 287 | |||
137 | #define REFERRAL288 288 | |||
138 | #define ANY289 289 | |||
139 | #define CHILDREN290 290 | |||
140 | #define OF291 291 | |||
141 | #define ATTRIBUTE292 292 | |||
142 | #define IN293 293 | |||
143 | #define SUBTREE294 294 | |||
144 | #define BY295 295 | |||
145 | #define SELF296 296 | |||
146 | #define STRING297 297 | |||
147 | #define NUMBER298 298 | |||
148 | #define YYERRCODE256 256 | |||
149 | const short yylhs[] = | |||
150 | { -1, | |||
151 | 0, 0, 0, 0, 0, 0, 0, 0, 0, 5, | |||
152 | 5, 6, 6, 6, 6, 2, 15, 15, 1, 1, | |||
153 | 1, 19, 19, 19, 19, 23, 20, 3, 3, 22, | |||
154 | 22, 22, 24, 24, 24, 24, 24, 24, 24, 24, | |||
155 | 24, 24, 24, 4, 4, 16, 16, 7, 7, 8, | |||
156 | 8, 8, 9, 9, 10, 10, 10, 11, 11, 11, | |||
157 | 12, 12, 12, 13, 13, 14, 14, 14, 14, 17, | |||
158 | 18, 21, | |||
159 | }; | |||
160 | const short yylen[] = | |||
161 | { 2, | |||
162 | 0, 2, 3, 3, 3, 3, 3, 3, 3, 0, | |||
163 | 1, 0, 1, 1, 1, 2, 0, 2, 2, 2, | |||
164 | 0, 6, 2, 2, 2, 0, 7, 1, 1, 0, | |||
165 | 2, 3, 2, 2, 2, 2, 2, 2, 1, 2, | |||
166 | 2, 3, 2, 0, 2, 7, 2, 1, 1, 0, | |||
167 | 1, 2, 1, 3, 1, 1, 1, 0, 1, 2, | |||
168 | 1, 1, 1, 0, 2, 0, 2, 2, 2, 2, | |||
169 | 3, 2, | |||
170 | }; | |||
171 | const short yydefred[] = | |||
172 | { 1, | |||
173 | 0, 0, 0, 0, 0, 0, 0, 0, 48, 49, | |||
174 | 0, 0, 2, 0, 0, 0, 0, 0, 0, 0, | |||
175 | 6, 0, 0, 24, 25, 72, 70, 23, 0, 55, | |||
176 | 56, 57, 51, 0, 0, 53, 8, 3, 4, 5, | |||
177 | 7, 9, 0, 0, 71, 0, 52, 0, 0, 0, | |||
178 | 26, 0, 59, 0, 54, 19, 20, 11, 0, 0, | |||
179 | 30, 60, 62, 61, 63, 0, 0, 22, 13, 14, | |||
180 | 15, 16, 0, 0, 0, 18, 0, 0, 0, 0, | |||
181 | 0, 0, 0, 0, 0, 0, 31, 27, 39, 0, | |||
182 | 65, 0, 46, 33, 34, 35, 40, 41, 0, 29, | |||
183 | 28, 38, 36, 37, 43, 32, 67, 69, 68, 0, | |||
184 | 42, 45, | |||
185 | }; | |||
186 | const short yydgoto[] = | |||
187 | { 1, | |||
188 | 50, 59, 102, 111, 60, 72, 14, 34, 35, 36, | |||
189 | 54, 66, 75, 93, 68, 15, 16, 17, 18, 19, | |||
190 | 20, 73, 61, 90, | |||
191 | }; | |||
192 | const short yysindex[] = | |||
193 | { 0, | |||
194 | -10, 8, -238, -269, -265, -261, -260, -259, 0, 0, | |||
195 | -257, -22, 0, -258, 31, 32, 34, 35, 36, 37, | |||
196 | 0, -249, -74, 0, 0, 0, 0, 0, -247, 0, | |||
197 | 0, 0, 0, -235, -40, 0, 0, 0, 0, 0, | |||
198 | 0, 0, -211, 43, 0, -271, 0, -253, -263, -206, | |||
199 | 0, -236, 0, -280, 0, 0, 0, 0, -220, -246, | |||
200 | 0, 0, 0, 0, 0, -234, -240, 0, 0, 0, | |||
201 | 0, 0, 23, -237, -233, 0, -232, -231, -230, -212, | |||
202 | -210, -209, -254, -229, -228, -226, 0, 0, 0, 53, | |||
203 | 0, -283, 0, 0, 0, 0, 0, 0, -202, 0, | |||
204 | 0, 0, 0, 0, 0, 0, 0, 0, 0, -225, | |||
205 | 0, 0,}; | |||
206 | const short yyrindex[] = | |||
207 | { 0, | |||
208 | 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, | |||
209 | 0, 0, 0, -7, 0, 0, 0, 0, 0, 0, | |||
210 | 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, | |||
211 | 0, 0, 0, 58, 0, 0, 0, 0, 0, 0, | |||
212 | 0, 0, -2, 0, 0, -277, 0, 0, 0, 1, | |||
213 | 0, 0, 0, 0, 0, 0, 0, 0, 64, -8, | |||
214 | 0, 0, 0, 0, 0, -9, 0, 0, 0, 0, | |||
215 | 0, 0, 0, 0, 65, 0, 0, 0, 0, 0, | |||
216 | 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, | |||
217 | 0, 0, 0, 0, 0, 0, 0, 0, 66, 0, | |||
218 | 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, | |||
219 | 0, 0,}; | |||
220 | const short yygindex[] = | |||
221 | { 0, | |||
222 | 0, 0, 0, 0, 0, 0, 0, 0, 0, 29, | |||
223 | 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, | |||
224 | 0, 0, 0, 0, | |||
225 | }; | |||
226 | #define YYTABLESIZE311 311 | |||
227 | const short yytable[] = | |||
228 | { 13, | |||
229 | 64, 12, 50, 48, 100, 107, 63, 21, 64, 58, | |||
230 | 10, 58, 108, 109, 69, 70, 65, 21, 52, 58, | |||
231 | 22, 71, 53, 30, 31, 32, 33, 23, 30, 31, | |||
232 | 32, 24, 87, 56, 57, 25, 26, 27, 29, 28, | |||
233 | 37, 38, 101, 39, 40, 41, 42, 43, 44, 45, | |||
234 | 46, 49, 51, 58, 62, 67, 76, 74, 97, 91, | |||
235 | 98, 92, 106, 99, 94, 95, 96, 47, 103, 104, | |||
236 | 105, 110, 112, 17, 66, 44, 55, 89, 0, 0, | |||
237 | 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, | |||
238 | 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, | |||
239 | 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, | |||
240 | 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, | |||
241 | 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, | |||
242 | 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, | |||
243 | 0, 0, 0, 0, 0, 0, 0, 88, 0, 0, | |||
244 | 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, | |||
245 | 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, | |||
246 | 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, | |||
247 | 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, | |||
248 | 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, | |||
249 | 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, | |||
250 | 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, | |||
251 | 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, | |||
252 | 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, | |||
253 | 0, 0, 0, 0, 47, 2, 0, 3, 0, 0, | |||
254 | 0, 0, 0, 4, 5, 6, 0, 21, 21, 21, | |||
255 | 7, 10, 10, 0, 8, 21, 0, 12, 10, 9, | |||
256 | 10, 0, 0, 21, 0, 0, 10, 11, 50, 0, | |||
257 | 0, 0, 0, 0, 0, 64, 12, 77, 78, 79, | |||
258 | 0, 80, 81, 0, 82, 0, 0, 0, 0, 83, | |||
259 | 84, 85, 9, 10, 0, 0, 0, 0, 0, 0, | |||
260 | 86, | |||
261 | }; | |||
262 | const short yycheck[] = | |||
263 | { 10, | |||
264 | 10, 10, 10, 44, 259, 289, 287, 10, 289, 287, | |||
265 | 10, 289, 296, 297, 261, 262, 297, 10, 290, 297, | |||
266 | 259, 268, 294, 282, 283, 284, 285, 297, 282, 283, | |||
267 | 284, 297, 10, 297, 298, 297, 297, 297, 61, 297, | |||
268 | 10, 10, 297, 10, 10, 10, 10, 297, 123, 297, | |||
269 | 286, 263, 10, 260, 291, 276, 297, 292, 271, 297, | |||
270 | 271, 295, 10, 273, 297, 297, 297, 10, 298, 298, | |||
271 | 297, 274, 298, 10, 10, 10, 48, 73, -1, -1, | |||
272 | -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, | |||
273 | -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, | |||
274 | -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, | |||
275 | -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, | |||
276 | -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, | |||
277 | -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, | |||
278 | -1, -1, -1, -1, -1, -1, -1, 125, -1, -1, | |||
279 | -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, | |||
280 | -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, | |||
281 | -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, | |||
282 | -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, | |||
283 | -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, | |||
284 | -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, | |||
285 | -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, | |||
286 | -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, | |||
287 | -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, | |||
288 | -1, -1, -1, -1, 285, 256, -1, 258, -1, -1, | |||
289 | -1, -1, -1, 264, 265, 266, -1, 260, 261, 262, | |||
290 | 271, 261, 262, -1, 275, 268, -1, 276, 268, 280, | |||
291 | 281, -1, -1, 276, -1, -1, 276, 288, 286, -1, | |||
292 | -1, -1, -1, -1, -1, 295, 297, 265, 266, 267, | |||
293 | -1, 269, 270, -1, 272, -1, -1, -1, -1, 277, | |||
294 | 278, 279, 280, 281, -1, -1, -1, -1, -1, -1, | |||
295 | 288, | |||
296 | }; | |||
297 | #define YYFINAL1 1 | |||
298 | #ifndef YYDEBUG0 | |||
299 | #define YYDEBUG0 0 | |||
300 | #endif | |||
301 | #define YYMAXTOKEN298 298 | |||
302 | #if YYDEBUG0 | |||
303 | const char * const yyname[] = | |||
304 | { | |||
305 | "end-of-file",0,0,0,0,0,0,0,0,0,"'\\n'",0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, | |||
306 | 0,0,0,0,0,0,0,0,0,0,0,0,0,"','",0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,"'='",0,0,0,0,0, | |||
307 | 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, | |||
308 | 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,"'{'",0,"'}'",0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, | |||
309 | 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, | |||
310 | 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, | |||
311 | 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,"ERROR", | |||
312 | "LISTEN","ON","LEGACY","TLS","LDAPS","PORT","NAMESPACE","ROOTDN","ROOTPW", | |||
313 | "INDEX","SECURE","RELAX","STRICT","SCHEMA","USE","COMPRESSION","LEVEL", | |||
314 | "INCLUDE","CERTIFICATE","FSYNC","CACHE_SIZE","INDEX_CACHE_SIZE","DENY","ALLOW", | |||
315 | "READ","WRITE","BIND","ACCESS","TO","ROOT","REFERRAL","ANY","CHILDREN","OF", | |||
316 | "ATTRIBUTE","IN","SUBTREE","BY","SELF","STRING","NUMBER", | |||
317 | }; | |||
318 | const char * const yyrule[] = | |||
319 | {"$accept : grammar", | |||
320 | "grammar :", | |||
321 | "grammar : grammar '\\n'", | |||
322 | "grammar : grammar include '\\n'", | |||
323 | "grammar : grammar varset '\\n'", | |||
324 | "grammar : grammar conf_main '\\n'", | |||
325 | "grammar : grammar error '\\n'", | |||
326 | "grammar : grammar namespace '\\n'", | |||
327 | "grammar : grammar aci '\\n'", | |||
328 | "grammar : grammar schema '\\n'", | |||
329 | "legacy :", | |||
330 | "legacy : LEGACY", | |||
331 | "protocol :", | |||
332 | "protocol : TLS", | |||
333 | "protocol : LDAPS", | |||
334 | "protocol : SECURE", | |||
335 | "ssl : legacy protocol", | |||
336 | "certname :", | |||
337 | "certname : CERTIFICATE STRING", | |||
338 | "port : PORT STRING", | |||
339 | "port : PORT NUMBER", | |||
340 | "port :", | |||
341 | "conf_main : LISTEN ON STRING port ssl certname", | |||
342 | "conf_main : REFERRAL STRING", | |||
343 | "conf_main : ROOTDN STRING", | |||
344 | "conf_main : ROOTPW STRING", | |||
345 | "$$1 :", | |||
346 | "namespace : NAMESPACE STRING '{' '\\n' $$1 ns_opts '}'", | |||
347 | "boolean : STRING", | |||
348 | "boolean : ON", | |||
349 | "ns_opts :", | |||
350 | "ns_opts : ns_opts '\\n'", | |||
351 | "ns_opts : ns_opts ns_opt '\\n'", | |||
352 | "ns_opt : ROOTDN STRING", | |||
353 | "ns_opt : ROOTPW STRING", | |||
354 | "ns_opt : INDEX STRING", | |||
355 | "ns_opt : CACHE_SIZE NUMBER", | |||
356 | "ns_opt : INDEX_CACHE_SIZE NUMBER", | |||
357 | "ns_opt : FSYNC boolean", | |||
358 | "ns_opt : aci", | |||
359 | "ns_opt : RELAX SCHEMA", | |||
360 | "ns_opt : STRICT SCHEMA", | |||
361 | "ns_opt : USE COMPRESSION comp_level", | |||
362 | "ns_opt : REFERRAL STRING", | |||
363 | "comp_level :", | |||
364 | "comp_level : LEVEL NUMBER", | |||
365 | "aci : aci_type aci_access TO aci_scope aci_target aci_attr aci_subject", | |||
366 | "aci : aci_type aci_access", | |||
367 | "aci_type : DENY", | |||
368 | "aci_type : ALLOW", | |||
369 | "aci_access :", | |||
370 | "aci_access : ACCESS", | |||
371 | "aci_access : aci_rights ACCESS", | |||
372 | "aci_rights : aci_right", | |||
373 | "aci_rights : aci_rights ',' aci_right", | |||
374 | "aci_right : READ", | |||
375 | "aci_right : WRITE", | |||
376 | "aci_right : BIND", | |||
377 | "aci_scope :", | |||
378 | "aci_scope : SUBTREE", | |||
379 | "aci_scope : CHILDREN OF", | |||
380 | "aci_target : ANY", | |||
381 | "aci_target : ROOT", | |||
382 | "aci_target : STRING", | |||
383 | "aci_attr :", | |||
384 | "aci_attr : ATTRIBUTE STRING", | |||
385 | "aci_subject :", | |||
386 | "aci_subject : BY ANY", | |||
387 | "aci_subject : BY STRING", | |||
388 | "aci_subject : BY SELF", | |||
389 | "include : INCLUDE STRING", | |||
390 | "varset : STRING '=' STRING", | |||
391 | "schema : SCHEMA STRING", | |||
392 | }; | |||
393 | #endif | |||
394 | #ifdef YYSTACKSIZE10000 | |||
395 | #undef YYMAXDEPTH10000 | |||
396 | #define YYMAXDEPTH10000 YYSTACKSIZE10000 | |||
397 | #else | |||
398 | #ifdef YYMAXDEPTH10000 | |||
399 | #define YYSTACKSIZE10000 YYMAXDEPTH10000 | |||
400 | #else | |||
401 | #define YYSTACKSIZE10000 10000 | |||
402 | #define YYMAXDEPTH10000 10000 | |||
403 | #endif | |||
404 | #endif | |||
405 | #define YYINITSTACKSIZE200 200 | |||
406 | /* LINTUSED */ | |||
407 | int yydebug; | |||
408 | int yynerrs; | |||
409 | int yyerrflag; | |||
410 | int yychar; | |||
411 | short *yyssp; | |||
412 | YYSTYPE *yyvsp; | |||
413 | YYSTYPE yyval; | |||
414 | YYSTYPE yylval; | |||
415 | short *yyss; | |||
416 | short *yysslim; | |||
417 | YYSTYPE *yyvs; | |||
418 | unsigned int yystacksize; | |||
419 | int yyparse(void); | |||
420 | #line 408 "/usr/src/usr.sbin/ldapctl/../ldapd/parse.y" | |||
421 | ||||
422 | struct keywords { | |||
423 | const char *k_name; | |||
424 | int k_val; | |||
425 | }; | |||
426 | ||||
427 | int | |||
428 | yyerror(const char *fmt, ...) | |||
429 | { | |||
430 | va_list ap; | |||
431 | char *msg; | |||
432 | ||||
433 | file->errors++; | |||
434 | va_start(ap, fmt)__builtin_va_start(ap, fmt); | |||
435 | if (vasprintf(&msg, fmt, ap) == -1) | |||
436 | fatalx("yyerror vasprintf"); | |||
437 | va_end(ap)__builtin_va_end(ap); | |||
438 | logit(LOG_CRIT2, "%s:%d: %s", file->name, yylval.lineno, msg); | |||
439 | free(msg); | |||
440 | return (0); | |||
441 | } | |||
442 | ||||
443 | int | |||
444 | kw_cmp(const void *k, const void *e) | |||
445 | { | |||
446 | return (strcmp(k, ((const struct keywords *)e)->k_name)); | |||
447 | } | |||
448 | ||||
449 | int | |||
450 | lookup(char *s) | |||
451 | { | |||
452 | /* this has to be sorted always */ | |||
453 | static const struct keywords keywords[] = { | |||
454 | { "access", ACCESS285 }, | |||
455 | { "allow", ALLOW281 }, | |||
456 | { "any", ANY289 }, | |||
457 | { "attribute", ATTRIBUTE292 }, | |||
458 | { "bind", BIND284 }, | |||
459 | { "by", BY295 }, | |||
460 | { "cache-size", CACHE_SIZE278 }, | |||
461 | { "certificate", CERTIFICATE276 }, | |||
462 | { "children", CHILDREN290 }, | |||
463 | { "compression", COMPRESSION273 }, | |||
464 | { "deny", DENY280 }, | |||
465 | { "fsync", FSYNC277 }, | |||
466 | { "in", IN293 }, | |||
467 | { "include", INCLUDE275 }, | |||
468 | { "index", INDEX267 }, | |||
469 | { "index-cache-size", INDEX_CACHE_SIZE279 }, | |||
470 | { "ldaps", LDAPS262 }, | |||
471 | { "legacy", LEGACY260 }, | |||
472 | { "level", LEVEL274 }, | |||
473 | { "listen", LISTEN258 }, | |||
474 | { "namespace", NAMESPACE264 }, | |||
475 | { "of", OF291 }, | |||
476 | { "on", ON259 }, | |||
477 | { "port", PORT263 }, | |||
478 | { "read", READ282 }, | |||
479 | { "referral", REFERRAL288 }, | |||
480 | { "relax", RELAX269 }, | |||
481 | { "root", ROOT287 }, | |||
482 | { "rootdn", ROOTDN265 }, | |||
483 | { "rootpw", ROOTPW266 }, | |||
484 | { "schema", SCHEMA271 }, | |||
485 | { "secure", SECURE268 }, | |||
486 | { "self", SELF296 }, | |||
487 | { "strict", STRICT270 }, | |||
488 | { "subtree", SUBTREE294 }, | |||
489 | { "tls", TLS261 }, | |||
490 | { "to", TO286 }, | |||
491 | { "use", USE272 }, | |||
492 | { "write", WRITE283 }, | |||
493 | ||||
494 | }; | |||
495 | const struct keywords *p; | |||
496 | ||||
497 | p = bsearch(s, keywords, sizeof(keywords)/sizeof(keywords[0]), | |||
498 | sizeof(keywords[0]), kw_cmp); | |||
499 | ||||
500 | if (p) | |||
501 | return (p->k_val); | |||
502 | else | |||
503 | return (STRING297); | |||
504 | } | |||
505 | ||||
506 | #define START_EXPAND1 1 | |||
507 | #define DONE_EXPAND2 2 | |||
508 | ||||
509 | static int expanding; | |||
510 | ||||
511 | int | |||
512 | igetc(void) | |||
513 | { | |||
514 | int c; | |||
515 | ||||
516 | while (1) { | |||
517 | if (file->ungetpos > 0) | |||
518 | c = file->ungetbuf[--file->ungetpos]; | |||
519 | else | |||
520 | c = getc(file->stream)(!__isthreaded ? (--(file->stream)->_r < 0 ? __srget (file->stream) : (int)(*(file->stream)->_p++)) : (getc )(file->stream)); | |||
521 | ||||
522 | if (c == START_EXPAND1) | |||
523 | expanding = 1; | |||
524 | else if (c == DONE_EXPAND2) | |||
525 | expanding = 0; | |||
526 | else | |||
527 | break; | |||
528 | } | |||
529 | return (c); | |||
530 | } | |||
531 | ||||
532 | int | |||
533 | lgetc(int quotec) | |||
534 | { | |||
535 | int c, next; | |||
536 | ||||
537 | if (quotec) { | |||
538 | if ((c = igetc()) == EOF(-1)) { | |||
539 | yyerror("reached end of file while parsing " | |||
540 | "quoted string"); | |||
541 | if (file == topfile || popfile() == EOF(-1)) | |||
542 | return (EOF(-1)); | |||
543 | return (quotec); | |||
544 | } | |||
545 | return (c); | |||
546 | } | |||
547 | ||||
548 | while ((c = igetc()) == '\\') { | |||
549 | next = igetc(); | |||
550 | if (next != '\n') { | |||
551 | c = next; | |||
552 | break; | |||
553 | } | |||
554 | yylval.lineno = file->lineno; | |||
555 | file->lineno++; | |||
556 | } | |||
557 | ||||
558 | if (c == EOF(-1)) { | |||
559 | /* | |||
560 | * Fake EOL when hit EOF for the first time. This gets line | |||
561 | * count right if last line in included file is syntactically | |||
562 | * invalid and has no newline. | |||
563 | */ | |||
564 | if (file->eof_reached == 0) { | |||
565 | file->eof_reached = 1; | |||
566 | return ('\n'); | |||
567 | } | |||
568 | while (c == EOF(-1)) { | |||
569 | if (file == topfile || popfile() == EOF(-1)) | |||
570 | return (EOF(-1)); | |||
571 | c = igetc(); | |||
572 | } | |||
573 | } | |||
574 | return (c); | |||
575 | } | |||
576 | ||||
577 | void | |||
578 | lungetc(int c) | |||
579 | { | |||
580 | if (c == EOF(-1)) | |||
581 | return; | |||
582 | ||||
583 | if (file->ungetpos >= file->ungetsize) { | |||
584 | void *p = reallocarray(file->ungetbuf, file->ungetsize, 2); | |||
585 | if (p == NULL((void*)0)) | |||
586 | err(1, "%s", __func__); | |||
587 | file->ungetbuf = p; | |||
588 | file->ungetsize *= 2; | |||
589 | } | |||
590 | file->ungetbuf[file->ungetpos++] = c; | |||
591 | } | |||
592 | ||||
593 | int | |||
594 | findeol(void) | |||
595 | { | |||
596 | int c; | |||
597 | ||||
598 | /* skip to either EOF or the first real EOL */ | |||
599 | while (1) { | |||
600 | c = lgetc(0); | |||
601 | if (c == '\n') { | |||
602 | file->lineno++; | |||
603 | break; | |||
604 | } | |||
605 | if (c == EOF(-1)) | |||
606 | break; | |||
607 | } | |||
608 | return (ERROR257); | |||
609 | } | |||
610 | ||||
611 | int | |||
612 | yylex(void) | |||
613 | { | |||
614 | char buf[4096]; | |||
615 | char *p, *val; | |||
616 | int quotec, next, c; | |||
617 | int token; | |||
618 | ||||
619 | top: | |||
620 | p = buf; | |||
621 | while ((c = lgetc(0)) == ' ' || c == '\t') | |||
622 | ; /* nothing */ | |||
623 | ||||
624 | yylval.lineno = file->lineno; | |||
625 | if (c == '#') | |||
626 | while ((c = lgetc(0)) != '\n' && c != EOF(-1)) | |||
627 | ; /* nothing */ | |||
628 | if (c == '$' && !expanding) { | |||
629 | while (1) { | |||
630 | if ((c = lgetc(0)) == EOF(-1)) | |||
631 | return (0); | |||
632 | ||||
633 | if (p + 1 >= buf + sizeof(buf) - 1) { | |||
634 | yyerror("string too long"); | |||
635 | return (findeol()); | |||
636 | } | |||
637 | if (isalnum(c) || c == '_') { | |||
638 | *p++ = c; | |||
639 | continue; | |||
640 | } | |||
641 | *p = '\0'; | |||
642 | lungetc(c); | |||
643 | break; | |||
644 | } | |||
645 | val = symget(buf); | |||
646 | if (val == NULL((void*)0)) { | |||
647 | yyerror("macro '%s' not defined", buf); | |||
648 | return (findeol()); | |||
649 | } | |||
650 | p = val + strlen(val) - 1; | |||
651 | lungetc(DONE_EXPAND2); | |||
652 | while (p >= val) { | |||
653 | lungetc((unsigned char)*p); | |||
654 | p--; | |||
655 | } | |||
656 | lungetc(START_EXPAND1); | |||
657 | goto top; | |||
658 | } | |||
659 | ||||
660 | switch (c) { | |||
661 | case '\'': | |||
662 | case '"': | |||
663 | quotec = c; | |||
664 | while (1) { | |||
665 | if ((c = lgetc(quotec)) == EOF(-1)) | |||
666 | return (0); | |||
667 | if (c == '\n') { | |||
668 | file->lineno++; | |||
669 | continue; | |||
670 | } else if (c == '\\') { | |||
671 | if ((next = lgetc(quotec)) == EOF(-1)) | |||
672 | return (0); | |||
673 | if (next == quotec || next == ' ' || | |||
674 | next == '\t') | |||
675 | c = next; | |||
676 | else if (next == '\n') { | |||
677 | file->lineno++; | |||
678 | continue; | |||
679 | } else | |||
680 | lungetc(next); | |||
681 | } else if (c == quotec) { | |||
682 | *p = '\0'; | |||
683 | break; | |||
684 | } else if (c == '\0') { | |||
685 | yyerror("syntax error"); | |||
686 | return (findeol()); | |||
687 | } | |||
688 | if (p + 1 >= buf + sizeof(buf) - 1) { | |||
689 | log_warnx("string too long"); | |||
690 | return (findeol()); | |||
691 | } | |||
692 | *p++ = c; | |||
693 | } | |||
694 | yylval.v.string = strdup(buf); | |||
695 | if (yylval.v.string == NULL((void*)0)) | |||
696 | fatal("yylex: strdup"); | |||
697 | return (STRING297); | |||
698 | } | |||
699 | ||||
700 | #define allowed_to_end_number(x)(isspace(x) || x == ')' || x ==',' || x == '/' || x == '}' || x == '=') \ | |||
701 | (isspace(x) || x == ')' || x ==',' || x == '/' || x == '}' || x == '=') | |||
702 | ||||
703 | if (c == '-' || isdigit(c)) { | |||
704 | do { | |||
705 | *p++ = c; | |||
706 | if ((size_t)(p-buf) >= sizeof(buf)) { | |||
707 | yyerror("string too long"); | |||
708 | return (findeol()); | |||
709 | } | |||
710 | } while ((c = lgetc(0)) != EOF(-1) && isdigit(c)); | |||
711 | lungetc(c); | |||
712 | if (p == buf + 1 && buf[0] == '-') | |||
713 | goto nodigits; | |||
714 | if (c == EOF(-1) || allowed_to_end_number(c)(isspace(c) || c == ')' || c ==',' || c == '/' || c == '}' || c == '=')) { | |||
715 | const char *errstr = NULL((void*)0); | |||
716 | ||||
717 | *p = '\0'; | |||
718 | yylval.v.number = strtonum(buf, LLONG_MIN(-9223372036854775807LL -1LL), | |||
719 | LLONG_MAX9223372036854775807LL, &errstr); | |||
720 | if (errstr) { | |||
721 | yyerror("\"%s\" invalid number: %s", | |||
722 | buf, errstr); | |||
723 | return (findeol()); | |||
724 | } | |||
725 | return (NUMBER298); | |||
726 | } else { | |||
727 | nodigits: | |||
728 | while (p > buf + 1) | |||
729 | lungetc((unsigned char)*--p); | |||
730 | c = (unsigned char)*--p; | |||
731 | if (c == '-') | |||
732 | return (c); | |||
733 | } | |||
734 | } | |||
735 | ||||
736 | #define allowed_in_string(x)(isalnum(x) || (ispunct(x) && x != '(' && x != ')' && x != '{' && x != '}' && x != '<' && x != '>' && x != '!' && x != '=' && x != '/' && x != '#' && x != ',') ) \ | |||
737 | (isalnum(x) || (ispunct(x) && x != '(' && x != ')' && \ | |||
738 | x != '{' && x != '}' && x != '<' && x != '>' && \ | |||
739 | x != '!' && x != '=' && x != '/' && x != '#' && \ | |||
740 | x != ',')) | |||
741 | ||||
742 | if (isalnum(c) || c == ':' || c == '_' || c == '*') { | |||
743 | do { | |||
744 | *p++ = c; | |||
745 | if ((size_t)(p-buf) >= sizeof(buf)) { | |||
746 | yyerror("string too long"); | |||
747 | return (findeol()); | |||
748 | } | |||
749 | } while ((c = lgetc(0)) != EOF(-1) && (allowed_in_string(c)(isalnum(c) || (ispunct(c) && c != '(' && c != ')' && c != '{' && c != '}' && c != '<' && c != '>' && c != '!' && c != '=' && c != '/' && c != '#' && c != ',') ))); | |||
750 | lungetc(c); | |||
751 | *p = '\0'; | |||
752 | if ((token = lookup(buf)) == STRING297) | |||
753 | if ((yylval.v.string = strdup(buf)) == NULL((void*)0)) | |||
754 | fatal("yylex: strdup"); | |||
755 | return (token); | |||
756 | } | |||
757 | if (c == '\n') { | |||
758 | yylval.lineno = file->lineno; | |||
759 | file->lineno++; | |||
760 | } | |||
761 | if (c == EOF(-1)) | |||
762 | return (0); | |||
763 | return (c); | |||
764 | } | |||
765 | ||||
766 | int | |||
767 | check_file_secrecy(int fd, const char *fname) | |||
768 | { | |||
769 | struct stat st; | |||
770 | ||||
771 | if (fstat(fd, &st)) { | |||
772 | log_warn("cannot stat %s", fname); | |||
773 | return (-1); | |||
774 | } | |||
775 | if (st.st_uid != 0 && st.st_uid != getuid()) { | |||
776 | log_warnx("%s: owner not root or current user", fname); | |||
777 | return (-1); | |||
778 | } | |||
779 | if (st.st_mode & (S_IWGRP0000020 | S_IXGRP0000010 | S_IRWXO0000007)) { | |||
780 | log_warnx("%s: group writable or world read/writable", fname); | |||
781 | return (-1); | |||
782 | } | |||
783 | return (0); | |||
784 | } | |||
785 | ||||
786 | struct file * | |||
787 | pushfile(const char *name, int secret) | |||
788 | { | |||
789 | struct file *nfile; | |||
790 | ||||
791 | log_debug("parsing config %s", name); | |||
792 | ||||
793 | if ((nfile = calloc(1, sizeof(struct file))) == NULL((void*)0)) { | |||
794 | log_warn("%s", __func__); | |||
795 | return (NULL((void*)0)); | |||
796 | } | |||
797 | if ((nfile->name = strdup(name)) == NULL((void*)0)) { | |||
798 | log_warn("%s", __func__); | |||
799 | free(nfile); | |||
800 | return (NULL((void*)0)); | |||
801 | } | |||
802 | if ((nfile->stream = fopen(nfile->name, "r")) == NULL((void*)0)) { | |||
803 | log_warn("%s: %s", __func__, nfile->name); | |||
804 | free(nfile->name); | |||
805 | free(nfile); | |||
806 | return (NULL((void*)0)); | |||
807 | } | |||
808 | if (secret && | |||
809 | check_file_secrecy(fileno(nfile->stream)(!__isthreaded ? ((nfile->stream)->_file) : (fileno)(nfile ->stream)), nfile->name)) { | |||
810 | fclose(nfile->stream); | |||
811 | free(nfile->name); | |||
812 | free(nfile); | |||
813 | return (NULL((void*)0)); | |||
814 | } | |||
815 | nfile->lineno = TAILQ_EMPTY(&files)(((&files)->tqh_first) == ((void*)0)) ? 1 : 0; | |||
816 | nfile->ungetsize = 16; | |||
817 | nfile->ungetbuf = malloc(nfile->ungetsize); | |||
818 | if (nfile->ungetbuf == NULL((void*)0)) { | |||
819 | log_warn("%s", __func__); | |||
820 | fclose(nfile->stream); | |||
821 | free(nfile->name); | |||
822 | free(nfile); | |||
823 | return (NULL((void*)0)); | |||
824 | } | |||
825 | TAILQ_INSERT_TAIL(&files, nfile, entry)do { (nfile)->entry.tqe_next = ((void*)0); (nfile)->entry .tqe_prev = (&files)->tqh_last; *(&files)->tqh_last = (nfile); (&files)->tqh_last = &(nfile)->entry .tqe_next; } while (0); | |||
826 | return (nfile); | |||
827 | } | |||
828 | ||||
829 | int | |||
830 | popfile(void) | |||
831 | { | |||
832 | struct file *prev; | |||
833 | ||||
834 | if ((prev = TAILQ_PREV(file, files, entry)(*(((struct files *)((file)->entry.tqe_prev))->tqh_last ))) != NULL((void*)0)) | |||
835 | prev->errors += file->errors; | |||
836 | ||||
837 | TAILQ_REMOVE(&files, file, entry)do { if (((file)->entry.tqe_next) != ((void*)0)) (file)-> entry.tqe_next->entry.tqe_prev = (file)->entry.tqe_prev ; else (&files)->tqh_last = (file)->entry.tqe_prev; *(file)->entry.tqe_prev = (file)->entry.tqe_next; ; ; } while (0); | |||
838 | fclose(file->stream); | |||
839 | free(file->name); | |||
840 | free(file->ungetbuf); | |||
841 | free(file); | |||
842 | file = prev; | |||
843 | return (file ? 0 : EOF(-1)); | |||
844 | } | |||
845 | ||||
846 | int | |||
847 | parse_config(char *filename) | |||
848 | { | |||
849 | struct sym *sym, *next; | |||
850 | int errors = 0; | |||
851 | ||||
852 | if ((conf = calloc(1, sizeof(struct ldapd_config))) == NULL((void*)0)) | |||
853 | fatal(NULL((void*)0)); | |||
854 | ||||
855 | conf->schema = schema_new(); | |||
856 | if (conf->schema == NULL((void*)0)) | |||
857 | fatal("schema_new"); | |||
858 | ||||
859 | TAILQ_INIT(&conf->namespaces)do { (&conf->namespaces)->tqh_first = ((void*)0); ( &conf->namespaces)->tqh_last = &(&conf-> namespaces)->tqh_first; } while (0); | |||
860 | TAILQ_INIT(&conf->listeners)do { (&conf->listeners)->tqh_first = ((void*)0); (& conf->listeners)->tqh_last = &(&conf->listeners )->tqh_first; } while (0); | |||
861 | if ((conf->sc_ssl = calloc(1, sizeof(*conf->sc_ssl))) == NULL((void*)0)) | |||
862 | fatal(NULL((void*)0)); | |||
863 | SPLAY_INIT(conf->sc_ssl)do { (conf->sc_ssl)->sph_root = ((void*)0); } while (0); | |||
864 | SIMPLEQ_INIT(&conf->acl)do { (&conf->acl)->sqh_first = ((void*)0); (&conf ->acl)->sqh_last = &(&conf->acl)->sqh_first ; } while (0); | |||
865 | SLIST_INIT(&conf->referrals){ ((&conf->referrals)->slh_first) = ((void*)0); }; | |||
866 | ||||
867 | if ((file = pushfile(filename, 1)) == NULL((void*)0)) { | |||
868 | free(conf); | |||
869 | return (-1); | |||
870 | } | |||
871 | topfile = file; | |||
872 | ||||
873 | yyparse(); | |||
874 | errors = file->errors; | |||
875 | popfile(); | |||
876 | ||||
877 | /* Free macros and check which have not been used. */ | |||
878 | TAILQ_FOREACH_SAFE(sym, &symhead, entry, next)for ((sym) = ((&symhead)->tqh_first); (sym) != ((void* )0) && ((next) = ((sym)->entry.tqe_next), 1); (sym ) = (next)) { | |||
879 | log_debug("warning: macro \"%s\" not used", sym->nam); | |||
880 | if (!sym->persist) { | |||
881 | free(sym->nam); | |||
882 | free(sym->val); | |||
883 | TAILQ_REMOVE(&symhead, sym, entry)do { if (((sym)->entry.tqe_next) != ((void*)0)) (sym)-> entry.tqe_next->entry.tqe_prev = (sym)->entry.tqe_prev; else (&symhead)->tqh_last = (sym)->entry.tqe_prev; *(sym)->entry.tqe_prev = (sym)->entry.tqe_next; ; ; } while (0); | |||
884 | free(sym); | |||
885 | } | |||
886 | } | |||
887 | ||||
888 | return (errors ? -1 : 0); | |||
889 | } | |||
890 | ||||
891 | int | |||
892 | symset(const char *nam, const char *val, int persist) | |||
893 | { | |||
894 | struct sym *sym; | |||
895 | ||||
896 | TAILQ_FOREACH(sym, &symhead, entry)for((sym) = ((&symhead)->tqh_first); (sym) != ((void*) 0); (sym) = ((sym)->entry.tqe_next)) { | |||
897 | if (strcmp(nam, sym->nam) == 0) | |||
898 | break; | |||
899 | } | |||
900 | ||||
901 | if (sym != NULL((void*)0)) { | |||
902 | if (sym->persist == 1) | |||
903 | return (0); | |||
904 | else { | |||
905 | free(sym->nam); | |||
906 | free(sym->val); | |||
907 | TAILQ_REMOVE(&symhead, sym, entry)do { if (((sym)->entry.tqe_next) != ((void*)0)) (sym)-> entry.tqe_next->entry.tqe_prev = (sym)->entry.tqe_prev; else (&symhead)->tqh_last = (sym)->entry.tqe_prev; *(sym)->entry.tqe_prev = (sym)->entry.tqe_next; ; ; } while (0); | |||
908 | free(sym); | |||
909 | } | |||
910 | } | |||
911 | if ((sym = calloc(1, sizeof(*sym))) == NULL((void*)0)) | |||
912 | return (-1); | |||
913 | ||||
914 | sym->nam = strdup(nam); | |||
915 | if (sym->nam == NULL((void*)0)) { | |||
916 | free(sym); | |||
917 | return (-1); | |||
918 | } | |||
919 | sym->val = strdup(val); | |||
920 | if (sym->val == NULL((void*)0)) { | |||
921 | free(sym->nam); | |||
922 | free(sym); | |||
923 | return (-1); | |||
924 | } | |||
925 | sym->used = 0; | |||
926 | sym->persist = persist; | |||
927 | TAILQ_INSERT_TAIL(&symhead, sym, entry)do { (sym)->entry.tqe_next = ((void*)0); (sym)->entry.tqe_prev = (&symhead)->tqh_last; *(&symhead)->tqh_last = (sym); (&symhead)->tqh_last = &(sym)->entry.tqe_next ; } while (0); | |||
928 | return (0); | |||
929 | } | |||
930 | ||||
931 | int | |||
932 | cmdline_symset(char *s) | |||
933 | { | |||
934 | char *sym, *val; | |||
935 | int ret; | |||
936 | ||||
937 | if ((val = strrchr(s, '=')) == NULL((void*)0)) | |||
938 | return (-1); | |||
939 | sym = strndup(s, val - s); | |||
940 | if (sym == NULL((void*)0)) | |||
941 | fatal("%s: strndup", __func__); | |||
942 | ret = symset(sym, val + 1, 1); | |||
943 | free(sym); | |||
944 | ||||
945 | return (ret); | |||
946 | } | |||
947 | ||||
948 | char * | |||
949 | symget(const char *nam) | |||
950 | { | |||
951 | struct sym *sym; | |||
952 | ||||
953 | TAILQ_FOREACH(sym, &symhead, entry)for((sym) = ((&symhead)->tqh_first); (sym) != ((void*) 0); (sym) = ((sym)->entry.tqe_next)) { | |||
954 | if (strcmp(nam, sym->nam) == 0) { | |||
955 | sym->used = 1; | |||
956 | return (sym->val); | |||
957 | } | |||
958 | } | |||
959 | return (NULL((void*)0)); | |||
960 | } | |||
961 | ||||
962 | struct listener * | |||
963 | host_unix(const char *path) | |||
964 | { | |||
965 | struct sockaddr_un *saun; | |||
966 | struct listener *h; | |||
967 | ||||
968 | if (*path != '/') | |||
969 | return (NULL((void*)0)); | |||
970 | ||||
971 | if ((h = calloc(1, sizeof(*h))) == NULL((void*)0)) | |||
972 | fatal(NULL((void*)0)); | |||
973 | saun = (struct sockaddr_un *)&h->ss; | |||
974 | saun->sun_len = sizeof(struct sockaddr_un); | |||
975 | saun->sun_family = AF_UNIX1; | |||
976 | if (strlcpy(saun->sun_path, path, sizeof(saun->sun_path)) >= | |||
977 | sizeof(saun->sun_path)) | |||
978 | fatal("socket path too long"); | |||
979 | h->flags = F_SECURE0x04; | |||
980 | ||||
981 | return (h); | |||
982 | } | |||
983 | ||||
984 | struct listener * | |||
985 | host_v4(const char *s, in_port_t port) | |||
986 | { | |||
987 | struct in_addr ina; | |||
988 | struct sockaddr_in *sain; | |||
989 | struct listener *h; | |||
990 | ||||
991 | memset(&ina, 0, sizeof(ina)); | |||
992 | if (inet_pton(AF_INET2, s, &ina) != 1) | |||
993 | return (NULL((void*)0)); | |||
994 | ||||
995 | if ((h = calloc(1, sizeof(*h))) == NULL((void*)0)) | |||
996 | fatal(NULL((void*)0)); | |||
997 | sain = (struct sockaddr_in *)&h->ss; | |||
998 | sain->sin_len = sizeof(struct sockaddr_in); | |||
999 | sain->sin_family = AF_INET2; | |||
1000 | sain->sin_addr.s_addr = ina.s_addr; | |||
1001 | sain->sin_port = port; | |||
1002 | ||||
1003 | return (h); | |||
1004 | } | |||
1005 | ||||
1006 | struct listener * | |||
1007 | host_v6(const char *s, in_port_t port) | |||
1008 | { | |||
1009 | struct in6_addr ina6; | |||
1010 | struct sockaddr_in6 *sin6; | |||
1011 | struct listener *h; | |||
1012 | ||||
1013 | memset(&ina6, 0, sizeof(ina6)); | |||
1014 | if (inet_pton(AF_INET624, s, &ina6) != 1) | |||
1015 | return (NULL((void*)0)); | |||
1016 | ||||
1017 | if ((h = calloc(1, sizeof(*h))) == NULL((void*)0)) | |||
1018 | fatal(NULL((void*)0)); | |||
1019 | sin6 = (struct sockaddr_in6 *)&h->ss; | |||
1020 | sin6->sin6_len = sizeof(struct sockaddr_in6); | |||
1021 | sin6->sin6_family = AF_INET624; | |||
1022 | sin6->sin6_port = port; | |||
1023 | memcpy(&sin6->sin6_addr, &ina6, sizeof(ina6)); | |||
1024 | ||||
1025 | return (h); | |||
1026 | } | |||
1027 | ||||
1028 | int | |||
1029 | host_dns(const char *s, const char *cert, | |||
1030 | struct listenerlist *al, in_port_t port, u_int8_t flags) | |||
1031 | { | |||
1032 | struct addrinfo hints, *res0, *res; | |||
1033 | int error; | |||
1034 | struct sockaddr_in *sain; | |||
1035 | struct sockaddr_in6 *sin6; | |||
1036 | struct listener *h; | |||
1037 | ||||
1038 | memset(&hints, 0, sizeof(hints)); | |||
1039 | hints.ai_family = PF_UNSPEC0; | |||
1040 | hints.ai_socktype = SOCK_DGRAM2; /* DUMMY */ | |||
1041 | error = getaddrinfo(s, NULL((void*)0), &hints, &res0); | |||
1042 | if (error == EAI_AGAIN-3 || error == EAI_NODATA-5 || error == EAI_NONAME-2) | |||
1043 | return (0); | |||
1044 | if (error) { | |||
1045 | log_warnx("host_dns: could not parse \"%s\": %s", s, | |||
1046 | gai_strerror(error)); | |||
1047 | return (-1); | |||
1048 | } | |||
1049 | ||||
1050 | for (res = res0; res; res = res->ai_next) { | |||
1051 | if (res->ai_family != AF_INET2 && | |||
1052 | res->ai_family != AF_INET624) | |||
1053 | continue; | |||
1054 | if ((h = calloc(1, sizeof(*h))) == NULL((void*)0)) | |||
1055 | fatal(NULL((void*)0)); | |||
1056 | ||||
1057 | h->port = port; | |||
1058 | h->flags = flags; | |||
1059 | h->ss.ss_family = res->ai_family; | |||
1060 | h->ssl = NULL((void*)0); | |||
1061 | h->ssl_cert_name[0] = '\0'; | |||
1062 | if (cert != NULL((void*)0)) | |||
1063 | (void)strlcpy(h->ssl_cert_name, cert, sizeof(h->ssl_cert_name)); | |||
1064 | ||||
1065 | if (res->ai_family == AF_INET2) { | |||
1066 | sain = (struct sockaddr_in *)&h->ss; | |||
1067 | sain->sin_len = sizeof(struct sockaddr_in); | |||
1068 | sain->sin_addr.s_addr = ((struct sockaddr_in *) | |||
1069 | res->ai_addr)->sin_addr.s_addr; | |||
1070 | sain->sin_port = port; | |||
1071 | } else { | |||
1072 | sin6 = (struct sockaddr_in6 *)&h->ss; | |||
1073 | sin6->sin6_len = sizeof(struct sockaddr_in6); | |||
1074 | memcpy(&sin6->sin6_addr, &((struct sockaddr_in6 *) | |||
1075 | res->ai_addr)->sin6_addr, sizeof(struct in6_addr)); | |||
1076 | sin6->sin6_port = port; | |||
1077 | } | |||
1078 | ||||
1079 | TAILQ_INSERT_HEAD(al, h, entry)do { if (((h)->entry.tqe_next = (al)->tqh_first) != ((void *)0)) (al)->tqh_first->entry.tqe_prev = &(h)->entry .tqe_next; else (al)->tqh_last = &(h)->entry.tqe_next ; (al)->tqh_first = (h); (h)->entry.tqe_prev = &(al )->tqh_first; } while (0); | |||
1080 | } | |||
1081 | freeaddrinfo(res0); | |||
1082 | return 1; | |||
1083 | } | |||
1084 | ||||
1085 | int | |||
1086 | host(const char *s, const char *cert, struct listenerlist *al, | |||
1087 | in_port_t port, u_int8_t flags) | |||
1088 | { | |||
1089 | struct listener *h; | |||
1090 | ||||
1091 | /* Unix socket path? */ | |||
1092 | h = host_unix(s); | |||
1093 | ||||
1094 | /* IPv4 address? */ | |||
1095 | if (h == NULL((void*)0)) | |||
1096 | h = host_v4(s, port); | |||
1097 | ||||
1098 | /* IPv6 address? */ | |||
1099 | if (h == NULL((void*)0)) | |||
1100 | h = host_v6(s, port); | |||
1101 | ||||
1102 | if (h != NULL((void*)0)) { | |||
1103 | h->port = port; | |||
1104 | h->flags |= flags; | |||
1105 | h->ssl = NULL((void*)0); | |||
1106 | h->ssl_cert_name[0] = '\0'; | |||
1107 | if (cert != NULL((void*)0)) | |||
1108 | strlcpy(h->ssl_cert_name, cert, sizeof(h->ssl_cert_name)); | |||
1109 | ||||
1110 | TAILQ_INSERT_HEAD(al, h, entry)do { if (((h)->entry.tqe_next = (al)->tqh_first) != ((void *)0)) (al)->tqh_first->entry.tqe_prev = &(h)->entry .tqe_next; else (al)->tqh_last = &(h)->entry.tqe_next ; (al)->tqh_first = (h); (h)->entry.tqe_prev = &(al )->tqh_first; } while (0); | |||
1111 | return (1); | |||
1112 | } | |||
1113 | ||||
1114 | return (host_dns(s, cert, al, port, flags)); | |||
1115 | } | |||
1116 | ||||
1117 | int | |||
1118 | interface(const char *s, const char *cert, | |||
1119 | struct listenerlist *al, in_port_t port, u_int8_t flags) | |||
1120 | { | |||
1121 | int ret = 0; | |||
1122 | struct ifaddrs *ifap, *p; | |||
1123 | struct sockaddr_in *sain; | |||
1124 | struct sockaddr_in6 *sin6; | |||
1125 | struct listener *h; | |||
1126 | ||||
1127 | if (getifaddrs(&ifap) == -1) | |||
1128 | fatal("getifaddrs"); | |||
1129 | ||||
1130 | for (p = ifap; p != NULL((void*)0); p = p->ifa_next) { | |||
1131 | if (strcmp(s, p->ifa_name) != 0) | |||
1132 | continue; | |||
1133 | if (p->ifa_addr == NULL((void*)0)) | |||
1134 | continue; | |||
1135 | ||||
1136 | switch (p->ifa_addr->sa_family) { | |||
1137 | case AF_INET2: | |||
1138 | if ((h = calloc(1, sizeof(*h))) == NULL((void*)0)) | |||
1139 | fatal(NULL((void*)0)); | |||
1140 | sain = (struct sockaddr_in *)&h->ss; | |||
1141 | *sain = *(struct sockaddr_in *)p->ifa_addr; | |||
1142 | sain->sin_len = sizeof(struct sockaddr_in); | |||
1143 | sain->sin_port = port; | |||
1144 | ||||
1145 | h->fd = -1; | |||
1146 | h->port = port; | |||
1147 | h->flags = flags; | |||
1148 | h->ssl = NULL((void*)0); | |||
1149 | h->ssl_cert_name[0] = '\0'; | |||
1150 | if (cert != NULL((void*)0)) | |||
1151 | (void)strlcpy(h->ssl_cert_name, cert, sizeof(h->ssl_cert_name)); | |||
1152 | ||||
1153 | ret = 1; | |||
1154 | TAILQ_INSERT_HEAD(al, h, entry)do { if (((h)->entry.tqe_next = (al)->tqh_first) != ((void *)0)) (al)->tqh_first->entry.tqe_prev = &(h)->entry .tqe_next; else (al)->tqh_last = &(h)->entry.tqe_next ; (al)->tqh_first = (h); (h)->entry.tqe_prev = &(al )->tqh_first; } while (0); | |||
1155 | ||||
1156 | break; | |||
1157 | ||||
1158 | case AF_INET624: | |||
1159 | if ((h = calloc(1, sizeof(*h))) == NULL((void*)0)) | |||
1160 | fatal(NULL((void*)0)); | |||
1161 | sin6 = (struct sockaddr_in6 *)&h->ss; | |||
1162 | *sin6 = *(struct sockaddr_in6 *)p->ifa_addr; | |||
1163 | sin6->sin6_len = sizeof(struct sockaddr_in6); | |||
1164 | sin6->sin6_port = port; | |||
1165 | ||||
1166 | h->fd = -1; | |||
1167 | h->port = port; | |||
1168 | h->flags = flags; | |||
1169 | h->ssl = NULL((void*)0); | |||
1170 | h->ssl_cert_name[0] = '\0'; | |||
1171 | if (cert != NULL((void*)0)) | |||
1172 | (void)strlcpy(h->ssl_cert_name, cert, sizeof(h->ssl_cert_name)); | |||
1173 | ||||
1174 | ret = 1; | |||
1175 | TAILQ_INSERT_HEAD(al, h, entry)do { if (((h)->entry.tqe_next = (al)->tqh_first) != ((void *)0)) (al)->tqh_first->entry.tqe_prev = &(h)->entry .tqe_next; else (al)->tqh_last = &(h)->entry.tqe_next ; (al)->tqh_first = (h); (h)->entry.tqe_prev = &(al )->tqh_first; } while (0); | |||
1176 | ||||
1177 | break; | |||
1178 | } | |||
1179 | } | |||
1180 | ||||
1181 | freeifaddrs(ifap); | |||
1182 | ||||
1183 | return ret; | |||
1184 | } | |||
1185 | ||||
1186 | static struct aci * | |||
1187 | mk_aci(int type, int rights, enum scope scope, char *target, char *attr, | |||
1188 | char *subject) | |||
1189 | { | |||
1190 | struct aci *aci; | |||
1191 | ||||
1192 | if ((aci = calloc(1, sizeof(*aci))) == NULL((void*)0)) { | |||
1193 | yyerror("calloc"); | |||
1194 | return NULL((void*)0); | |||
1195 | } | |||
1196 | aci->type = type; | |||
1197 | aci->rights = rights; | |||
1198 | aci->scope = scope; | |||
1199 | aci->target = target; | |||
1200 | aci->attribute = attr; | |||
1201 | aci->subject = subject; | |||
1202 | ||||
1203 | log_debug("%s %02X access to %s%s%s scope %d by %s", | |||
1204 | aci->type == ACI_DENY0 ? "deny" : "allow", | |||
1205 | aci->rights, | |||
1206 | aci->target ? aci->target : "any", | |||
1207 | aci->attribute ? " attribute " : "", | |||
1208 | aci->attribute ? aci->attribute : "", | |||
1209 | aci->scope, | |||
1210 | aci->subject ? aci->subject : "any"); | |||
1211 | ||||
1212 | return aci; | |||
1213 | } | |||
1214 | ||||
1215 | struct namespace * | |||
1216 | namespace_new(const char *suffix) | |||
1217 | { | |||
1218 | struct namespace *ns; | |||
1219 | ||||
1220 | if ((ns = calloc(1, sizeof(*ns))) == NULL((void*)0)) | |||
1221 | return NULL((void*)0); | |||
1222 | ns->sync = 1; | |||
1223 | ns->cache_size = 1024; | |||
1224 | ns->index_cache_size = 512; | |||
1225 | ns->suffix = strdup(suffix); | |||
1226 | if (ns->suffix == NULL((void*)0)) { | |||
1227 | free(ns->suffix); | |||
1228 | free(ns); | |||
1229 | return NULL((void*)0); | |||
1230 | } | |||
1231 | normalize_dn(ns->suffix); | |||
1232 | TAILQ_INIT(&ns->indices)do { (&ns->indices)->tqh_first = ((void*)0); (& ns->indices)->tqh_last = &(&ns->indices)-> tqh_first; } while (0); | |||
1233 | TAILQ_INIT(&ns->request_queue)do { (&ns->request_queue)->tqh_first = ((void*)0); ( &ns->request_queue)->tqh_last = &(&ns->request_queue )->tqh_first; } while (0); | |||
1234 | SIMPLEQ_INIT(&ns->acl)do { (&ns->acl)->sqh_first = ((void*)0); (&ns-> acl)->sqh_last = &(&ns->acl)->sqh_first; } while (0); | |||
1235 | SLIST_INIT(&ns->referrals){ ((&ns->referrals)->slh_first) = ((void*)0); }; | |||
1236 | ||||
1237 | return ns; | |||
1238 | } | |||
1239 | ||||
1240 | int | |||
1241 | ssl_cmp(struct ssl *s1, struct ssl *s2) | |||
1242 | { | |||
1243 | return (strcmp(s1->ssl_name, s2->ssl_name)); | |||
1244 | } | |||
1245 | ||||
1246 | int | |||
1247 | load_certfile(struct ldapd_config *env, const char *name, u_int8_t flags, | |||
1248 | u_int8_t protocol) | |||
1249 | { | |||
1250 | struct ssl *s; | |||
1251 | struct ssl key; | |||
1252 | char certfile[PATH_MAX1024]; | |||
1253 | uint32_t tls_protocols = TLS_PROTOCOLS_DEFAULT((1 << 3)|(1 << 4)); | |||
1254 | const char *tls_ciphers = "default"; | |||
1255 | ||||
1256 | if (strlcpy(key.ssl_name, name, sizeof(key.ssl_name)) | |||
1257 | >= sizeof(key.ssl_name)) { | |||
1258 | log_warn("load_certfile: certificate name truncated"); | |||
1259 | return -1; | |||
1260 | } | |||
1261 | ||||
1262 | s = SPLAY_FIND(ssltree, env->sc_ssl, &key)ssltree_SPLAY_FIND(env->sc_ssl, &key); | |||
1263 | if (s != NULL((void*)0)) { | |||
1264 | s->flags |= flags; | |||
1265 | return 0; | |||
1266 | } | |||
1267 | ||||
1268 | if ((s = calloc(1, sizeof(*s))) == NULL((void*)0)) | |||
1269 | fatal(NULL((void*)0)); | |||
1270 | ||||
1271 | s->flags = flags; | |||
1272 | (void)strlcpy(s->ssl_name, key.ssl_name, sizeof(s->ssl_name)); | |||
1273 | ||||
1274 | s->config = tls_config_new(); | |||
1275 | if (s->config == NULL((void*)0)) | |||
1276 | goto err; | |||
1277 | ||||
1278 | if (protocol & F_LEGACY0x08) { | |||
1279 | tls_protocols = TLS_PROTOCOLS_ALL((1 << 1)|(1 << 2)| (1 << 3)|(1 << 4) ); | |||
1280 | tls_ciphers = "all"; | |||
1281 | } | |||
1282 | if (tls_config_set_protocols(s->config, tls_protocols) != 0) { | |||
1283 | log_warn("load_certfile: failed to set tls protocols: %s", | |||
1284 | tls_config_error(s->config)); | |||
1285 | goto err; | |||
1286 | } | |||
1287 | if (tls_config_set_ciphers(s->config, tls_ciphers)) { | |||
1288 | log_warn("load_certfile: failed to set tls ciphers: %s", | |||
1289 | tls_config_error(s->config)); | |||
1290 | goto err; | |||
1291 | } | |||
1292 | ||||
1293 | if (name[0] == '/') { | |||
1294 | if (!bsnprintf(certfile, sizeof(certfile), "%s.crt", name)) { | |||
1295 | log_warn("load_certfile: path truncated"); | |||
1296 | goto err; | |||
1297 | } | |||
1298 | } else { | |||
1299 | if (!bsnprintf(certfile, sizeof(certfile), | |||
1300 | "/etc/ldap/certs/%s.crt", name)) { | |||
1301 | log_warn("load_certfile: path truncated"); | |||
1302 | goto err; | |||
1303 | } | |||
1304 | } | |||
1305 | ||||
1306 | log_debug("loading certificate file %s", certfile); | |||
1307 | s->ssl_cert = tls_load_file(certfile, &s->ssl_cert_len, NULL((void*)0)); | |||
1308 | if (s->ssl_cert == NULL((void*)0)) | |||
1309 | goto err; | |||
1310 | ||||
1311 | if (tls_config_set_cert_mem(s->config, s->ssl_cert, s->ssl_cert_len)) { | |||
1312 | log_warn("load_certfile: failed to set tls certificate: %s", | |||
1313 | tls_config_error(s->config)); | |||
1314 | goto err; | |||
1315 | } | |||
1316 | ||||
1317 | if (name[0] == '/') { | |||
1318 | if (!bsnprintf(certfile, sizeof(certfile), "%s.key", name)) { | |||
1319 | log_warn("load_certfile: path truncated"); | |||
1320 | goto err; | |||
1321 | } | |||
1322 | } else { | |||
1323 | if (!bsnprintf(certfile, sizeof(certfile), | |||
1324 | "/etc/ldap/certs/%s.key", name)) { | |||
1325 | log_warn("load_certfile: path truncated"); | |||
1326 | goto err; | |||
1327 | } | |||
1328 | } | |||
1329 | ||||
1330 | log_debug("loading key file %s", certfile); | |||
1331 | s->ssl_key = tls_load_file(certfile, &s->ssl_key_len, NULL((void*)0)); | |||
1332 | if (s->ssl_key == NULL((void*)0)) | |||
1333 | goto err; | |||
1334 | ||||
1335 | if (tls_config_set_key_mem(s->config, s->ssl_key, s->ssl_key_len)) { | |||
1336 | log_warn("load_certfile: failed to set tls key: %s", | |||
1337 | tls_config_error(s->config)); | |||
1338 | goto err; | |||
1339 | } | |||
1340 | ||||
1341 | SPLAY_INSERT(ssltree, env->sc_ssl, s)ssltree_SPLAY_INSERT(env->sc_ssl, s); | |||
1342 | ||||
1343 | return (0); | |||
1344 | err: | |||
1345 | free(s->ssl_cert); | |||
1346 | free(s->ssl_key); | |||
1347 | tls_config_free(s->config); | |||
1348 | free(s); | |||
1349 | return (-1); | |||
1350 | } | |||
1351 | #line 1344 "parse.c" | |||
1352 | /* allocate initial stack or double stack size, up to YYMAXDEPTH */ | |||
1353 | static int yygrowstack(void) | |||
1354 | { | |||
1355 | unsigned int newsize; | |||
1356 | long sslen; | |||
1357 | short *newss; | |||
1358 | YYSTYPE *newvs; | |||
1359 | ||||
1360 | if ((newsize = yystacksize) == 0) | |||
1361 | newsize = YYINITSTACKSIZE200; | |||
1362 | else if (newsize >= YYMAXDEPTH10000) | |||
1363 | return -1; | |||
1364 | else if ((newsize *= 2) > YYMAXDEPTH10000) | |||
1365 | newsize = YYMAXDEPTH10000; | |||
1366 | sslen = yyssp - yyss; | |||
1367 | #ifdef SIZE_MAX0xffffffffffffffffUL | |||
1368 | #define YY_SIZE_MAX0xffffffffffffffffUL SIZE_MAX0xffffffffffffffffUL | |||
1369 | #else | |||
1370 | #define YY_SIZE_MAX0xffffffffffffffffUL 0xffffffffU | |||
1371 | #endif | |||
1372 | if (newsize && YY_SIZE_MAX0xffffffffffffffffUL / newsize < sizeof *newss) | |||
1373 | goto bail; | |||
1374 | newss = (short *)realloc(yyss, newsize * sizeof *newss); | |||
1375 | if (newss == NULL((void*)0)) | |||
1376 | goto bail; | |||
1377 | yyss = newss; | |||
1378 | yyssp = newss + sslen; | |||
1379 | if (newsize
| |||
1380 | goto bail; | |||
1381 | newvs = (YYSTYPE *)realloc(yyvs, newsize * sizeof *newvs); | |||
1382 | if (newvs == NULL((void*)0)) | |||
1383 | goto bail; | |||
1384 | yyvs = newvs; | |||
1385 | yyvsp = newvs + sslen; | |||
1386 | yystacksize = newsize; | |||
1387 | yysslim = yyss + newsize - 1; | |||
1388 | return 0; | |||
1389 | bail: | |||
1390 | if (yyss) | |||
1391 | free(yyss); | |||
1392 | if (yyvs) | |||
1393 | free(yyvs); | |||
1394 | yyss = yyssp = NULL((void*)0); | |||
1395 | yyvs = yyvsp = NULL((void*)0); | |||
1396 | yystacksize = 0; | |||
1397 | return -1; | |||
1398 | } | |||
1399 | ||||
1400 | #define YYABORTgoto yyabort goto yyabort | |||
1401 | #define YYREJECTgoto yyabort goto yyabort | |||
1402 | #define YYACCEPTgoto yyaccept goto yyaccept | |||
1403 | #define YYERRORgoto yyerrlab goto yyerrlab | |||
1404 | int | |||
1405 | yyparse(void) | |||
1406 | { | |||
1407 | int yym, yyn, yystate; | |||
1408 | #if YYDEBUG0 | |||
1409 | const char *yys; | |||
1410 | ||||
1411 | if ((yys = getenv("YYDEBUG"))) | |||
1412 | { | |||
1413 | yyn = *yys; | |||
1414 | if (yyn >= '0' && yyn <= '9') | |||
1415 | yydebug = yyn - '0'; | |||
1416 | } | |||
1417 | #endif /* YYDEBUG */ | |||
1418 | ||||
1419 | yynerrs = 0; | |||
1420 | yyerrflag = 0; | |||
1421 | yychar = (-1); | |||
1422 | ||||
1423 | if (yyss == NULL((void*)0) && yygrowstack()) goto yyoverflow; | |||
| ||||
1424 | yyssp = yyss; | |||
1425 | yyvsp = yyvs; | |||
1426 | *yyssp = yystate = 0; | |||
| ||||
1427 | ||||
1428 | yyloop: | |||
1429 | if ((yyn = yydefred[yystate]) != 0) goto yyreduce; | |||
1430 | if (yychar < 0) | |||
1431 | { | |||
1432 | if ((yychar = yylex()) < 0) yychar = 0; | |||
1433 | #if YYDEBUG0 | |||
1434 | if (yydebug) | |||
1435 | { | |||
1436 | yys = 0; | |||
1437 | if (yychar <= YYMAXTOKEN298) yys = yyname[yychar]; | |||
1438 | if (!yys) yys = "illegal-symbol"; | |||
1439 | printf("%sdebug: state %d, reading %d (%s)\n", | |||
1440 | YYPREFIX"yy", yystate, yychar, yys); | |||
1441 | } | |||
1442 | #endif | |||
1443 | } | |||
1444 | if ((yyn = yysindex[yystate]) && (yyn += yychar) >= 0 && | |||
1445 | yyn <= YYTABLESIZE311 && yycheck[yyn] == yychar) | |||
1446 | { | |||
1447 | #if YYDEBUG0 | |||
1448 | if (yydebug) | |||
1449 | printf("%sdebug: state %d, shifting to state %d\n", | |||
1450 | YYPREFIX"yy", yystate, yytable[yyn]); | |||
1451 | #endif | |||
1452 | if (yyssp >= yysslim && yygrowstack()) | |||
1453 | { | |||
1454 | goto yyoverflow; | |||
1455 | } | |||
1456 | *++yyssp = yystate = yytable[yyn]; | |||
1457 | *++yyvsp = yylval; | |||
1458 | yychar = (-1); | |||
1459 | if (yyerrflag > 0) --yyerrflag; | |||
1460 | goto yyloop; | |||
1461 | } | |||
1462 | if ((yyn = yyrindex[yystate]) && (yyn += yychar) >= 0 && | |||
1463 | yyn <= YYTABLESIZE311 && yycheck[yyn] == yychar) | |||
1464 | { | |||
1465 | yyn = yytable[yyn]; | |||
1466 | goto yyreduce; | |||
1467 | } | |||
1468 | if (yyerrflag) goto yyinrecovery; | |||
1469 | #if defined(__GNUC__4) | |||
1470 | goto yynewerror; | |||
1471 | #endif | |||
1472 | yynewerror: | |||
1473 | yyerror("syntax error"); | |||
1474 | #if defined(__GNUC__4) | |||
1475 | goto yyerrlab; | |||
1476 | #endif | |||
1477 | yyerrlab: | |||
1478 | ++yynerrs; | |||
1479 | yyinrecovery: | |||
1480 | if (yyerrflag < 3) | |||
1481 | { | |||
1482 | yyerrflag = 3; | |||
1483 | for (;;) | |||
1484 | { | |||
1485 | if ((yyn = yysindex[*yyssp]) && (yyn += YYERRCODE256) >= 0 && | |||
1486 | yyn <= YYTABLESIZE311 && yycheck[yyn] == YYERRCODE256) | |||
1487 | { | |||
1488 | #if YYDEBUG0 | |||
1489 | if (yydebug) | |||
1490 | printf("%sdebug: state %d, error recovery shifting\ | |||
1491 | to state %d\n", YYPREFIX"yy", *yyssp, yytable[yyn]); | |||
1492 | #endif | |||
1493 | if (yyssp >= yysslim && yygrowstack()) | |||
1494 | { | |||
1495 | goto yyoverflow; | |||
1496 | } | |||
1497 | *++yyssp = yystate = yytable[yyn]; | |||
1498 | *++yyvsp = yylval; | |||
1499 | goto yyloop; | |||
1500 | } | |||
1501 | else | |||
1502 | { | |||
1503 | #if YYDEBUG0 | |||
1504 | if (yydebug) | |||
1505 | printf("%sdebug: error recovery discarding state %d\n", | |||
1506 | YYPREFIX"yy", *yyssp); | |||
1507 | #endif | |||
1508 | if (yyssp <= yyss) goto yyabort; | |||
1509 | --yyssp; | |||
1510 | --yyvsp; | |||
1511 | } | |||
1512 | } | |||
1513 | } | |||
1514 | else | |||
1515 | { | |||
1516 | if (yychar == 0) goto yyabort; | |||
1517 | #if YYDEBUG0 | |||
1518 | if (yydebug) | |||
1519 | { | |||
1520 | yys = 0; | |||
1521 | if (yychar <= YYMAXTOKEN298) yys = yyname[yychar]; | |||
1522 | if (!yys) yys = "illegal-symbol"; | |||
1523 | printf("%sdebug: state %d, error recovery discards token %d (%s)\n", | |||
1524 | YYPREFIX"yy", yystate, yychar, yys); | |||
1525 | } | |||
1526 | #endif | |||
1527 | yychar = (-1); | |||
1528 | goto yyloop; | |||
1529 | } | |||
1530 | yyreduce: | |||
1531 | #if YYDEBUG0 | |||
1532 | if (yydebug) | |||
1533 | printf("%sdebug: state %d, reducing by rule %d (%s)\n", | |||
1534 | YYPREFIX"yy", yystate, yyn, yyrule[yyn]); | |||
1535 | #endif | |||
1536 | yym = yylen[yyn]; | |||
1537 | if (yym) | |||
1538 | yyval = yyvsp[1-yym]; | |||
1539 | else | |||
1540 | memset(&yyval, 0, sizeof yyval); | |||
1541 | switch (yyn) | |||
1542 | { | |||
1543 | case 6: | |||
1544 | #line 138 "/usr/src/usr.sbin/ldapctl/../ldapd/parse.y" | |||
1545 | { file->errors++; } | |||
1546 | break; | |||
1547 | case 8: | |||
1548 | #line 140 "/usr/src/usr.sbin/ldapctl/../ldapd/parse.y" | |||
1549 | { | |||
1550 | SIMPLEQ_INSERT_TAIL(&conf->acl, yyvsp[-1].v.aci, entry)do { (yyvsp[-1].v.aci)->entry.sqe_next = ((void*)0); *(& conf->acl)->sqh_last = (yyvsp[-1].v.aci); (&conf-> acl)->sqh_last = &(yyvsp[-1].v.aci)->entry.sqe_next ; } while (0); | |||
1551 | } | |||
1552 | break; | |||
1553 | case 10: | |||
1554 | #line 146 "/usr/src/usr.sbin/ldapctl/../ldapd/parse.y" | |||
1555 | { yyval.v.number = 0; } | |||
1556 | break; | |||
1557 | case 11: | |||
1558 | #line 147 "/usr/src/usr.sbin/ldapctl/../ldapd/parse.y" | |||
1559 | { yyval.v.number = F_LEGACY0x08; } | |||
1560 | break; | |||
1561 | case 12: | |||
1562 | #line 150 "/usr/src/usr.sbin/ldapctl/../ldapd/parse.y" | |||
1563 | { yyval.v.number = 0; } | |||
1564 | break; | |||
1565 | case 13: | |||
1566 | #line 151 "/usr/src/usr.sbin/ldapctl/../ldapd/parse.y" | |||
1567 | { yyval.v.number = F_STARTTLS0x01; } | |||
1568 | break; | |||
1569 | case 14: | |||
1570 | #line 152 "/usr/src/usr.sbin/ldapctl/../ldapd/parse.y" | |||
1571 | { yyval.v.number = F_LDAPS0x02; } | |||
1572 | break; | |||
1573 | case 15: | |||
1574 | #line 153 "/usr/src/usr.sbin/ldapctl/../ldapd/parse.y" | |||
1575 | { yyval.v.number = F_SECURE0x04; } | |||
1576 | break; | |||
1577 | case 16: | |||
1578 | #line 156 "/usr/src/usr.sbin/ldapctl/../ldapd/parse.y" | |||
1579 | { yyval.v.number = yyvsp[-1].v.number | yyvsp[0].v.number; } | |||
1580 | break; | |||
1581 | case 17: | |||
1582 | #line 159 "/usr/src/usr.sbin/ldapctl/../ldapd/parse.y" | |||
1583 | { yyval.v.string = NULL((void*)0); } | |||
1584 | break; | |||
1585 | case 18: | |||
1586 | #line 160 "/usr/src/usr.sbin/ldapctl/../ldapd/parse.y" | |||
1587 | { yyval.v.string = yyvsp[0].v.string; } | |||
1588 | break; | |||
1589 | case 19: | |||
1590 | #line 163 "/usr/src/usr.sbin/ldapctl/../ldapd/parse.y" | |||
1591 | { | |||
1592 | struct servent *servent; | |||
1593 | ||||
1594 | servent = getservbyname(yyvsp[0].v.string, "tcp"); | |||
1595 | if (servent == NULL((void*)0)) { | |||
1596 | yyerror("port %s is invalid", yyvsp[0].v.string); | |||
1597 | free(yyvsp[0].v.string); | |||
1598 | YYERRORgoto yyerrlab; | |||
1599 | } | |||
1600 | yyval.v.number = servent->s_port; | |||
1601 | free(yyvsp[0].v.string); | |||
1602 | } | |||
1603 | break; | |||
1604 | case 20: | |||
1605 | #line 175 "/usr/src/usr.sbin/ldapctl/../ldapd/parse.y" | |||
1606 | { | |||
1607 | if (yyvsp[0].v.number <= 0 || yyvsp[0].v.number > (int)USHRT_MAX(32767 *2 +1)) { | |||
1608 | yyerror("invalid port: %lld", yyvsp[0].v.number); | |||
1609 | YYERRORgoto yyerrlab; | |||
1610 | } | |||
1611 | yyval.v.number = htons(yyvsp[0].v.number)(__uint16_t)(__builtin_constant_p(yyvsp[0].v.number) ? (__uint16_t )(((__uint16_t)(yyvsp[0].v.number) & 0xffU) << 8 | ( (__uint16_t)(yyvsp[0].v.number) & 0xff00U) >> 8) : __swap16md (yyvsp[0].v.number)); | |||
1612 | } | |||
1613 | break; | |||
1614 | case 21: | |||
1615 | #line 182 "/usr/src/usr.sbin/ldapctl/../ldapd/parse.y" | |||
1616 | { | |||
1617 | yyval.v.number = 0; | |||
1618 | } | |||
1619 | break; | |||
1620 | case 22: | |||
1621 | #line 187 "/usr/src/usr.sbin/ldapctl/../ldapd/parse.y" | |||
1622 | { | |||
1623 | char *cert; | |||
1624 | ||||
1625 | if (yyvsp[-2].v.number == 0) { | |||
1626 | if (yyvsp[-1].v.number & F_LDAPS0x02) | |||
1627 | yyvsp[-2].v.number = htons(LDAPS_PORT)(__uint16_t)(__builtin_constant_p(636) ? (__uint16_t)(((__uint16_t )(636) & 0xffU) << 8 | ((__uint16_t)(636) & 0xff00U ) >> 8) : __swap16md(636)); | |||
1628 | else | |||
1629 | yyvsp[-2].v.number = htons(LDAP_PORT)(__uint16_t)(__builtin_constant_p(389) ? (__uint16_t)(((__uint16_t )(389) & 0xffU) << 8 | ((__uint16_t)(389) & 0xff00U ) >> 8) : __swap16md(389)); | |||
1630 | } | |||
1631 | ||||
1632 | cert = (yyvsp[0].v.string != NULL((void*)0)) ? yyvsp[0].v.string : yyvsp[-3].v.string; | |||
1633 | ||||
1634 | if ((yyvsp[-1].v.number & F_SSL(0x02|0x01)) && | |||
1635 | load_certfile(conf, cert, F_SCERT0x01, yyvsp[-1].v.number) < 0) { | |||
1636 | yyerror("cannot load certificate: %s", cert); | |||
1637 | free(yyvsp[0].v.string); | |||
1638 | free(yyvsp[-3].v.string); | |||
1639 | YYERRORgoto yyerrlab; | |||
1640 | } | |||
1641 | ||||
1642 | if (! interface(yyvsp[-3].v.string, cert, &conf->listeners, | |||
1643 | yyvsp[-2].v.number, yyvsp[-1].v.number)) { | |||
1644 | if (host(yyvsp[-3].v.string, cert, &conf->listeners, | |||
1645 | yyvsp[-2].v.number, yyvsp[-1].v.number) != 1) { | |||
1646 | yyerror("invalid virtual ip or interface: %s", yyvsp[-3].v.string); | |||
1647 | free(yyvsp[0].v.string); | |||
1648 | free(yyvsp[-3].v.string); | |||
1649 | YYERRORgoto yyerrlab; | |||
1650 | } | |||
1651 | } | |||
1652 | free(yyvsp[0].v.string); | |||
1653 | free(yyvsp[-3].v.string); | |||
1654 | } | |||
1655 | break; | |||
1656 | case 23: | |||
1657 | #line 220 "/usr/src/usr.sbin/ldapctl/../ldapd/parse.y" | |||
1658 | { | |||
1659 | struct referral *ref; | |||
1660 | if ((ref = calloc(1, sizeof(*ref))) == NULL((void*)0)) { | |||
1661 | yyerror("calloc"); | |||
1662 | free(yyvsp[0].v.string); | |||
1663 | YYERRORgoto yyerrlab; | |||
1664 | } | |||
1665 | ref->url = yyvsp[0].v.string; | |||
1666 | SLIST_INSERT_HEAD(&conf->referrals, ref, next)do { (ref)->next.sle_next = (&conf->referrals)-> slh_first; (&conf->referrals)->slh_first = (ref); } while (0); | |||
1667 | } | |||
1668 | break; | |||
1669 | case 24: | |||
1670 | #line 230 "/usr/src/usr.sbin/ldapctl/../ldapd/parse.y" | |||
1671 | { | |||
1672 | conf->rootdn = yyvsp[0].v.string; | |||
1673 | normalize_dn(conf->rootdn); | |||
1674 | } | |||
1675 | break; | |||
1676 | case 25: | |||
1677 | #line 234 "/usr/src/usr.sbin/ldapctl/../ldapd/parse.y" | |||
1678 | { conf->rootpw = yyvsp[0].v.string; } | |||
1679 | break; | |||
1680 | case 26: | |||
1681 | #line 237 "/usr/src/usr.sbin/ldapctl/../ldapd/parse.y" | |||
1682 | { | |||
1683 | log_debug("parsing namespace %s", yyvsp[-2].v.string); | |||
1684 | current_ns = namespace_new(yyvsp[-2].v.string); | |||
1685 | free(yyvsp[-2].v.string); | |||
1686 | TAILQ_INSERT_TAIL(&conf->namespaces, current_ns, next)do { (current_ns)->next.tqe_next = ((void*)0); (current_ns )->next.tqe_prev = (&conf->namespaces)->tqh_last ; *(&conf->namespaces)->tqh_last = (current_ns); (& conf->namespaces)->tqh_last = &(current_ns)->next .tqe_next; } while (0); | |||
1687 | } | |||
1688 | break; | |||
1689 | case 27: | |||
1690 | #line 242 "/usr/src/usr.sbin/ldapctl/../ldapd/parse.y" | |||
1691 | { current_ns = NULL((void*)0); } | |||
1692 | break; | |||
1693 | case 28: | |||
1694 | #line 245 "/usr/src/usr.sbin/ldapctl/../ldapd/parse.y" | |||
1695 | { | |||
1696 | if (strcasecmp(yyvsp[0].v.string, "true") == 0 || | |||
1697 | strcasecmp(yyvsp[0].v.string, "yes") == 0) | |||
1698 | yyval.v.number = 1; | |||
1699 | else if (strcasecmp(yyvsp[0].v.string, "false") == 0 || | |||
1700 | strcasecmp(yyvsp[0].v.string, "off") == 0 || | |||
1701 | strcasecmp(yyvsp[0].v.string, "no") == 0) | |||
1702 | yyval.v.number = 0; | |||
1703 | else { | |||
1704 | yyerror("invalid boolean value '%s'", yyvsp[0].v.string); | |||
1705 | free(yyvsp[0].v.string); | |||
1706 | YYERRORgoto yyerrlab; | |||
1707 | } | |||
1708 | free(yyvsp[0].v.string); | |||
1709 | } | |||
1710 | break; | |||
1711 | case 29: | |||
1712 | #line 260 "/usr/src/usr.sbin/ldapctl/../ldapd/parse.y" | |||
1713 | { yyval.v.number = 1; } | |||
1714 | break; | |||
1715 | case 33: | |||
1716 | #line 268 "/usr/src/usr.sbin/ldapctl/../ldapd/parse.y" | |||
1717 | { | |||
1718 | current_ns->rootdn = yyvsp[0].v.string; | |||
1719 | normalize_dn(current_ns->rootdn); | |||
1720 | } | |||
1721 | break; | |||
1722 | case 34: | |||
1723 | #line 272 "/usr/src/usr.sbin/ldapctl/../ldapd/parse.y" | |||
1724 | { current_ns->rootpw = yyvsp[0].v.string; } | |||
1725 | break; | |||
1726 | case 35: | |||
1727 | #line 273 "/usr/src/usr.sbin/ldapctl/../ldapd/parse.y" | |||
1728 | { | |||
1729 | struct attr_index *ai; | |||
1730 | if ((ai = calloc(1, sizeof(*ai))) == NULL((void*)0)) { | |||
1731 | yyerror("calloc"); | |||
1732 | free(yyvsp[0].v.string); | |||
1733 | YYERRORgoto yyerrlab; | |||
1734 | } | |||
1735 | ai->attr = yyvsp[0].v.string; | |||
1736 | ai->type = INDEX_EQUAL; | |||
1737 | TAILQ_INSERT_TAIL(¤t_ns->indices, ai, next)do { (ai)->next.tqe_next = ((void*)0); (ai)->next.tqe_prev = (¤t_ns->indices)->tqh_last; *(¤t_ns ->indices)->tqh_last = (ai); (¤t_ns->indices )->tqh_last = &(ai)->next.tqe_next; } while (0); | |||
1738 | } | |||
1739 | break; | |||
1740 | case 36: | |||
1741 | #line 284 "/usr/src/usr.sbin/ldapctl/../ldapd/parse.y" | |||
1742 | { current_ns->cache_size = yyvsp[0].v.number; } | |||
1743 | break; | |||
1744 | case 37: | |||
1745 | #line 285 "/usr/src/usr.sbin/ldapctl/../ldapd/parse.y" | |||
1746 | { current_ns->index_cache_size = yyvsp[0].v.number; } | |||
1747 | break; | |||
1748 | case 38: | |||
1749 | #line 286 "/usr/src/usr.sbin/ldapctl/../ldapd/parse.y" | |||
1750 | { current_ns->sync = yyvsp[0].v.number; } | |||
1751 | break; | |||
1752 | case 39: | |||
1753 | #line 287 "/usr/src/usr.sbin/ldapctl/../ldapd/parse.y" | |||
1754 | { | |||
1755 | SIMPLEQ_INSERT_TAIL(¤t_ns->acl, yyvsp[0].v.aci, entry)do { (yyvsp[0].v.aci)->entry.sqe_next = ((void*)0); *(& current_ns->acl)->sqh_last = (yyvsp[0].v.aci); (¤t_ns ->acl)->sqh_last = &(yyvsp[0].v.aci)->entry.sqe_next ; } while (0); | |||
1756 | } | |||
1757 | break; | |||
1758 | case 40: | |||
1759 | #line 290 "/usr/src/usr.sbin/ldapctl/../ldapd/parse.y" | |||
1760 | { current_ns->relax = 1; } | |||
1761 | break; | |||
1762 | case 41: | |||
1763 | #line 291 "/usr/src/usr.sbin/ldapctl/../ldapd/parse.y" | |||
1764 | { current_ns->relax = 0; } | |||
1765 | break; | |||
1766 | case 42: | |||
1767 | #line 292 "/usr/src/usr.sbin/ldapctl/../ldapd/parse.y" | |||
1768 | { current_ns->compression_level = yyvsp[0].v.number; } | |||
1769 | break; | |||
1770 | case 43: | |||
1771 | #line 293 "/usr/src/usr.sbin/ldapctl/../ldapd/parse.y" | |||
1772 | { | |||
1773 | struct referral *ref; | |||
1774 | if ((ref = calloc(1, sizeof(*ref))) == NULL((void*)0)) { | |||
1775 | yyerror("calloc"); | |||
1776 | free(yyvsp[0].v.string); | |||
1777 | YYERRORgoto yyerrlab; | |||
1778 | } | |||
1779 | ref->url = yyvsp[0].v.string; | |||
1780 | SLIST_INSERT_HEAD(¤t_ns->referrals, ref, next)do { (ref)->next.sle_next = (¤t_ns->referrals )->slh_first; (¤t_ns->referrals)->slh_first = (ref); } while (0); | |||
1781 | } | |||
1782 | break; | |||
1783 | case 44: | |||
1784 | #line 305 "/usr/src/usr.sbin/ldapctl/../ldapd/parse.y" | |||
1785 | { yyval.v.number = 6; } | |||
1786 | break; | |||
1787 | case 45: | |||
1788 | #line 306 "/usr/src/usr.sbin/ldapctl/../ldapd/parse.y" | |||
1789 | { yyval.v.number = yyvsp[0].v.number; } | |||
1790 | break; | |||
1791 | case 46: | |||
1792 | #line 309 "/usr/src/usr.sbin/ldapctl/../ldapd/parse.y" | |||
1793 | { | |||
1794 | if ((yyval.v.aci = mk_aci(yyvsp[-6].v.number, yyvsp[-5].v.number, yyvsp[-3].v.number, yyvsp[-2].v.string, yyvsp[-1].v.string, yyvsp[0].v.string)) == NULL((void*)0)) { | |||
1795 | free(yyvsp[-2].v.string); | |||
1796 | free(yyvsp[-1].v.string); | |||
1797 | YYERRORgoto yyerrlab; | |||
1798 | } | |||
1799 | } | |||
1800 | break; | |||
1801 | case 47: | |||
1802 | #line 316 "/usr/src/usr.sbin/ldapctl/../ldapd/parse.y" | |||
1803 | { | |||
1804 | if ((yyval.v.aci = mk_aci(yyvsp[-1].v.number, yyvsp[0].v.number, LDAP_SCOPE_SUBTREE, NULL((void*)0), | |||
1805 | NULL((void*)0), NULL((void*)0))) == NULL((void*)0)) { | |||
1806 | YYERRORgoto yyerrlab; | |||
1807 | } | |||
1808 | } | |||
1809 | break; | |||
1810 | case 48: | |||
1811 | #line 324 "/usr/src/usr.sbin/ldapctl/../ldapd/parse.y" | |||
1812 | { yyval.v.number = ACI_DENY0; } | |||
1813 | break; | |||
1814 | case 49: | |||
1815 | #line 325 "/usr/src/usr.sbin/ldapctl/../ldapd/parse.y" | |||
1816 | { yyval.v.number = ACI_ALLOW1; } | |||
1817 | break; | |||
1818 | case 50: | |||
1819 | #line 328 "/usr/src/usr.sbin/ldapctl/../ldapd/parse.y" | |||
1820 | { yyval.v.number = ACI_ALL0x1F; } | |||
1821 | break; | |||
1822 | case 51: | |||
1823 | #line 329 "/usr/src/usr.sbin/ldapctl/../ldapd/parse.y" | |||
1824 | { yyval.v.number = ACI_ALL0x1F; } | |||
1825 | break; | |||
1826 | case 52: | |||
1827 | #line 330 "/usr/src/usr.sbin/ldapctl/../ldapd/parse.y" | |||
1828 | { yyval.v.number = yyvsp[-1].v.number; } | |||
1829 | break; | |||
1830 | case 53: | |||
1831 | #line 333 "/usr/src/usr.sbin/ldapctl/../ldapd/parse.y" | |||
1832 | { yyval.v.number = yyvsp[0].v.number; } | |||
1833 | break; | |||
1834 | case 54: | |||
1835 | #line 334 "/usr/src/usr.sbin/ldapctl/../ldapd/parse.y" | |||
1836 | { yyval.v.number = yyvsp[-2].v.number | yyvsp[0].v.number; } | |||
1837 | break; | |||
1838 | case 55: | |||
1839 | #line 337 "/usr/src/usr.sbin/ldapctl/../ldapd/parse.y" | |||
1840 | { yyval.v.number = ACI_READ0x01; } | |||
1841 | break; | |||
1842 | case 56: | |||
1843 | #line 338 "/usr/src/usr.sbin/ldapctl/../ldapd/parse.y" | |||
1844 | { yyval.v.number = ACI_WRITE0x02; } | |||
1845 | break; | |||
1846 | case 57: | |||
1847 | #line 339 "/usr/src/usr.sbin/ldapctl/../ldapd/parse.y" | |||
1848 | { yyval.v.number = ACI_BIND0x10; } | |||
1849 | break; | |||
1850 | case 58: | |||
1851 | #line 343 "/usr/src/usr.sbin/ldapctl/../ldapd/parse.y" | |||
1852 | { yyval.v.number = LDAP_SCOPE_BASE; } | |||
1853 | break; | |||
1854 | case 59: | |||
1855 | #line 344 "/usr/src/usr.sbin/ldapctl/../ldapd/parse.y" | |||
1856 | { yyval.v.number = LDAP_SCOPE_SUBTREE; } | |||
1857 | break; | |||
1858 | case 60: | |||
1859 | #line 345 "/usr/src/usr.sbin/ldapctl/../ldapd/parse.y" | |||
1860 | { yyval.v.number = LDAP_SCOPE_ONELEVEL; } | |||
1861 | break; | |||
1862 | case 61: | |||
1863 | #line 348 "/usr/src/usr.sbin/ldapctl/../ldapd/parse.y" | |||
1864 | { yyval.v.string = NULL((void*)0); } | |||
1865 | break; | |||
1866 | case 62: | |||
1867 | #line 349 "/usr/src/usr.sbin/ldapctl/../ldapd/parse.y" | |||
1868 | { yyval.v.string = strdup(""); } | |||
1869 | break; | |||
1870 | case 63: | |||
1871 | #line 350 "/usr/src/usr.sbin/ldapctl/../ldapd/parse.y" | |||
1872 | { yyval.v.string = yyvsp[0].v.string; normalize_dn(yyval.v.string); } | |||
1873 | break; | |||
1874 | case 64: | |||
1875 | #line 353 "/usr/src/usr.sbin/ldapctl/../ldapd/parse.y" | |||
1876 | { yyval.v.string = NULL((void*)0); } | |||
1877 | break; | |||
1878 | case 65: | |||
1879 | #line 354 "/usr/src/usr.sbin/ldapctl/../ldapd/parse.y" | |||
1880 | { yyval.v.string = yyvsp[0].v.string; } | |||
1881 | break; | |||
1882 | case 66: | |||
1883 | #line 357 "/usr/src/usr.sbin/ldapctl/../ldapd/parse.y" | |||
1884 | { yyval.v.string = NULL((void*)0); } | |||
1885 | break; | |||
1886 | case 67: | |||
1887 | #line 358 "/usr/src/usr.sbin/ldapctl/../ldapd/parse.y" | |||
1888 | { yyval.v.string = NULL((void*)0); } | |||
1889 | break; | |||
1890 | case 68: | |||
1891 | #line 359 "/usr/src/usr.sbin/ldapctl/../ldapd/parse.y" | |||
1892 | { yyval.v.string = yyvsp[0].v.string; normalize_dn(yyval.v.string); } | |||
1893 | break; | |||
1894 | case 69: | |||
1895 | #line 360 "/usr/src/usr.sbin/ldapctl/../ldapd/parse.y" | |||
1896 | { yyval.v.string = strdup("@"); } | |||
1897 | break; | |||
1898 | case 70: | |||
1899 | #line 363 "/usr/src/usr.sbin/ldapctl/../ldapd/parse.y" | |||
1900 | { | |||
1901 | struct file *nfile; | |||
1902 | ||||
1903 | if ((nfile = pushfile(yyvsp[0].v.string, 1)) == NULL((void*)0)) { | |||
1904 | yyerror("failed to include file %s", yyvsp[0].v.string); | |||
1905 | free(yyvsp[0].v.string); | |||
1906 | YYERRORgoto yyerrlab; | |||
1907 | } | |||
1908 | free(yyvsp[0].v.string); | |||
1909 | ||||
1910 | file = nfile; | |||
1911 | lungetc('\n'); | |||
1912 | } | |||
1913 | break; | |||
1914 | case 71: | |||
1915 | #line 378 "/usr/src/usr.sbin/ldapctl/../ldapd/parse.y" | |||
1916 | { | |||
1917 | char *s = yyvsp[-2].v.string; | |||
1918 | while (*s++) { | |||
1919 | if (isspace((unsigned char)*s)) { | |||
1920 | yyerror("macro name cannot contain " | |||
1921 | "whitespace"); | |||
1922 | free(yyvsp[-2].v.string); | |||
1923 | free(yyvsp[0].v.string); | |||
1924 | YYERRORgoto yyerrlab; | |||
1925 | } | |||
1926 | } | |||
1927 | if (symset(yyvsp[-2].v.string, yyvsp[0].v.string, 0) == -1) | |||
1928 | fatal("cannot store variable"); | |||
1929 | free(yyvsp[-2].v.string); | |||
1930 | free(yyvsp[0].v.string); | |||
1931 | } | |||
1932 | break; | |||
1933 | case 72: | |||
1934 | #line 396 "/usr/src/usr.sbin/ldapctl/../ldapd/parse.y" | |||
1935 | { | |||
1936 | int ret; | |||
1937 | ||||
1938 | ret = schema_parse(conf->schema, yyvsp[0].v.string); | |||
1939 | free(yyvsp[0].v.string); | |||
1940 | if (ret != 0) { | |||
1941 | YYERRORgoto yyerrlab; | |||
1942 | } | |||
1943 | } | |||
1944 | break; | |||
1945 | #line 1938 "parse.c" | |||
1946 | } | |||
1947 | yyssp -= yym; | |||
1948 | yystate = *yyssp; | |||
1949 | yyvsp -= yym; | |||
1950 | yym = yylhs[yyn]; | |||
1951 | if (yystate == 0 && yym == 0) | |||
1952 | { | |||
1953 | #if YYDEBUG0 | |||
1954 | if (yydebug) | |||
1955 | printf("%sdebug: after reduction, shifting from state 0 to\ | |||
1956 | state %d\n", YYPREFIX"yy", YYFINAL1); | |||
1957 | #endif | |||
1958 | yystate = YYFINAL1; | |||
1959 | *++yyssp = YYFINAL1; | |||
1960 | *++yyvsp = yyval; | |||
1961 | if (yychar < 0) | |||
1962 | { | |||
1963 | if ((yychar = yylex()) < 0) yychar = 0; | |||
1964 | #if YYDEBUG0 | |||
1965 | if (yydebug) | |||
1966 | { | |||
1967 | yys = 0; | |||
1968 | if (yychar <= YYMAXTOKEN298) yys = yyname[yychar]; | |||
1969 | if (!yys) yys = "illegal-symbol"; | |||
1970 | printf("%sdebug: state %d, reading %d (%s)\n", | |||
1971 | YYPREFIX"yy", YYFINAL1, yychar, yys); | |||
1972 | } | |||
1973 | #endif | |||
1974 | } | |||
1975 | if (yychar == 0) goto yyaccept; | |||
1976 | goto yyloop; | |||
1977 | } | |||
1978 | if ((yyn = yygindex[yym]) && (yyn += yystate) >= 0 && | |||
1979 | yyn <= YYTABLESIZE311 && yycheck[yyn] == yystate) | |||
1980 | yystate = yytable[yyn]; | |||
1981 | else | |||
1982 | yystate = yydgoto[yym]; | |||
1983 | #if YYDEBUG0 | |||
1984 | if (yydebug) | |||
1985 | printf("%sdebug: after reduction, shifting from state %d \ | |||
1986 | to state %d\n", YYPREFIX"yy", *yyssp, yystate); | |||
1987 | #endif | |||
1988 | if (yyssp >= yysslim && yygrowstack()) | |||
1989 | { | |||
1990 | goto yyoverflow; | |||
1991 | } | |||
1992 | *++yyssp = yystate; | |||
1993 | *++yyvsp = yyval; | |||
1994 | goto yyloop; | |||
1995 | yyoverflow: | |||
1996 | yyerror("yacc stack overflow"); | |||
1997 | yyabort: | |||
1998 | if (yyss) | |||
1999 | free(yyss); | |||
2000 | if (yyvs) | |||
2001 | free(yyvs); | |||
2002 | yyss = yyssp = NULL((void*)0); | |||
2003 | yyvs = yyvsp = NULL((void*)0); | |||
2004 | yystacksize = 0; | |||
2005 | return (1); | |||
2006 | yyaccept: | |||
2007 | if (yyss) | |||
2008 | free(yyss); | |||
2009 | if (yyvs) | |||
2010 | free(yyvs); | |||
2011 | yyss = yyssp = NULL((void*)0); | |||
2012 | yyvs = yyvsp = NULL((void*)0); | |||
2013 | yystacksize = 0; | |||
2014 | return (0); | |||
2015 | } |