2 * Copyright (c) 2022 Stefan Sperling <stsp@openbsd.org>
3 * Copyright (c) 2016-2019, 2020-2021 Tracey Emery <tracey@traceyemery.net>
4 * Copyright (c) 2004, 2005 Esben Norby <norby@openbsd.org>
5 * Copyright (c) 2004 Ryan McBride <mcbride@openbsd.org>
6 * Copyright (c) 2002, 2003, 2004 Henning Brauer <henning@openbsd.org>
7 * Copyright (c) 2001 Markus Friedl. All rights reserved.
8 * Copyright (c) 2001 Daniel Hartmeier. All rights reserved.
9 * Copyright (c) 2001 Theo de Raadt. All rights reserved.
11 * Permission to use, copy, modify, and distribute this software for any
12 * purpose with or without fee is hereby granted, provided that the above
13 * copyright notice and this permission notice appear in all copies.
15 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
16 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
17 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
18 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
19 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
20 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
21 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
26 #include <sys/types.h>
27 #include <sys/queue.h>
44 #include "got_error.h"
52 TAILQ_HEAD(files, file) files = TAILQ_HEAD_INITIALIZER(files);
54 TAILQ_ENTRY(file) entry;
60 struct file *newfile(const char *, int);
61 static void closefile(struct file *);
62 int check_file_secrecy(int, const char *);
65 int yyerror(const char *, ...)
66 __attribute__((__format__ (printf, 1, 2)))
67 __attribute__((__nonnull__ (1)));
68 int kw_cmp(const void *, const void *);
74 TAILQ_HEAD(symhead, sym) symhead = TAILQ_HEAD_INITIALIZER(symhead);
76 TAILQ_ENTRY(sym) entry;
83 int symset(const char *, const char *, int);
84 char *symget(const char *);
88 static struct gotd *gotd;
89 static struct gotd_repo *new_repo;
90 static int conf_limit_user_connections(const char *, int);
91 static struct gotd_repo *conf_new_repo(const char *);
92 static void conf_new_access_rule(struct gotd_repo *,
93 enum gotd_access, int, char *);
94 static enum gotd_procid gotd_proc_id;
107 %token PATH ERROR ON UNIX_SOCKET UNIX_GROUP USER REPOSITORY PERMIT DENY
108 %token RO RW CONNECTION LIMIT REQUEST TIMEOUT
110 %token <v.string> STRING
111 %token <v.number> NUMBER
112 %type <v.number> boolean
120 | grammar repository '\n'
124 if (strcasecmp($1, "1") == 0 ||
125 strcasecmp($1, "yes") == 0 ||
126 strcasecmp($1, "on") == 0)
128 else if (strcasecmp($1, "0") == 0 ||
129 strcasecmp($1, "off") == 0 ||
130 strcasecmp($1, "no") == 0)
133 yyerror("invalid boolean value '%s'", $1);
140 | NUMBER { $$ = $1; }
145 yyerror("invalid timeout: %lld", $1);
153 const char *type = "seconds";
158 yyerror("invalid number of seconds: %s", $1);
164 switch ($1[len - 1]) {
184 $$.tv_sec = strtonum($1, 0, INT_MAX, &errstr);
186 yyerror("number of %s is %s: %s", type,
192 if ($$.tv_sec > INT_MAX / mul) {
193 yyerror("number of %s is too too large: %s",
204 main : UNIX_SOCKET STRING {
205 if (gotd_proc_id == PROC_LISTEN) {
206 if (strlcpy(gotd->unix_socket_path, $2,
207 sizeof(gotd->unix_socket_path)) >=
208 sizeof(gotd->unix_socket_path)) {
209 yyerror("%s: unix socket path too long",
217 | UNIX_GROUP STRING {
218 if (strlcpy(gotd->unix_group_name, $2,
219 sizeof(gotd->unix_group_name)) >=
220 sizeof(gotd->unix_group_name)) {
221 yyerror("%s: unix group name too long",
229 if (strlcpy(gotd->user_name, $2,
230 sizeof(gotd->user_name)) >=
231 sizeof(gotd->user_name)) {
232 yyerror("%s: user name too long", __func__);
241 connection : CONNECTION '{' optnl conflags_l '}'
242 | CONNECTION conflags
244 conflags_l : conflags optnl conflags_l
248 conflags : REQUEST TIMEOUT timeout {
249 if ($3.tv_sec <= 0) {
250 yyerror("invalid timeout: %lld", $3.tv_sec);
253 memcpy(&gotd->request_timeout, &$3,
254 sizeof(gotd->request_timeout));
256 | LIMIT USER STRING NUMBER {
257 if (gotd_proc_id == PROC_LISTEN &&
258 conf_limit_user_connections($3, $4) == -1) {
266 repository : REPOSITORY STRING {
267 struct gotd_repo *repo;
269 TAILQ_FOREACH(repo, &gotd->repos, entry) {
270 if (strcmp(repo->name, $2) == 0) {
271 yyerror("duplicate repository '%s'", $2);
277 if (gotd_proc_id == PROC_GOTD ||
278 gotd_proc_id == PROC_AUTH) {
279 new_repo = conf_new_repo($2);
282 } '{' optnl repoopts2 '}' {
286 repoopts1 : PATH STRING {
287 if (gotd_proc_id == PROC_GOTD ||
288 gotd_proc_id == PROC_AUTH) {
289 if (!got_path_is_absolute($2)) {
290 yyerror("%s: path %s is not absolute",
295 if (strlcpy(new_repo->path, $2,
296 sizeof(new_repo->path)) >=
297 sizeof(new_repo->path)) {
298 yyerror("%s: path truncated", __func__);
306 if (gotd_proc_id == PROC_AUTH) {
307 conf_new_access_rule(new_repo,
308 GOTD_ACCESS_PERMITTED, GOTD_AUTH_READ, $3);
312 if (gotd_proc_id == PROC_AUTH) {
313 conf_new_access_rule(new_repo,
314 GOTD_ACCESS_PERMITTED,
315 GOTD_AUTH_READ | GOTD_AUTH_WRITE, $3);
319 if (gotd_proc_id == PROC_AUTH) {
320 conf_new_access_rule(new_repo,
321 GOTD_ACCESS_DENIED, 0, $2);
326 repoopts2 : repoopts2 repoopts1 nl
333 optnl : '\n' optnl /* zero or more newlines */
345 yyerror(const char *fmt, ...)
352 if (vasprintf(&msg, fmt, ap) == -1)
353 fatalx("yyerror vasprintf");
355 logit(LOG_CRIT, "%s:%d: %s", file->name, yylval.lineno, msg);
361 kw_cmp(const void *k, const void *e)
363 return (strcmp(k, ((const struct keywords *)e)->k_name));
369 /* This has to be sorted always. */
370 static const struct keywords keywords[] = {
371 { "connection", CONNECTION },
376 { "permit", PERMIT },
377 { "repository", REPOSITORY },
378 { "request", REQUEST },
381 { "timeout", TIMEOUT },
382 { "unix_group", UNIX_GROUP },
383 { "unix_socket", UNIX_SOCKET },
386 const struct keywords *p;
388 p = bsearch(s, keywords, sizeof(keywords)/sizeof(keywords[0]),
389 sizeof(keywords[0]), kw_cmp);
397 #define MAXPUSHBACK 128
399 unsigned char *parsebuf;
401 unsigned char pushback_buffer[MAXPUSHBACK];
402 int pushback_index = 0;
410 /* Read character from the parsebuffer instead of input. */
411 if (parseindex >= 0) {
412 c = parsebuf[parseindex++];
421 return (pushback_buffer[--pushback_index]);
424 c = getc(file->stream);
426 yyerror("reached end of file while parsing "
431 c = getc(file->stream);
433 next = getc(file->stream);
438 yylval.lineno = file->lineno;
440 c = getc(file->stream);
456 if (pushback_index < MAXPUSHBACK-1)
457 return (pushback_buffer[pushback_index++] = c);
469 /* Skip to either EOF or the first real EOL. */
472 c = pushback_buffer[--pushback_index];
488 unsigned char buf[8096];
489 unsigned char *p, *val;
496 while (c == ' ' || c == '\t')
497 c = lgetc(0); /* nothing */
499 yylval.lineno = file->lineno;
502 while (c != '\n' && c != EOF)
503 c = lgetc(0); /* nothing */
505 if (c == '$' && parsebuf == NULL) {
511 if (p + 1 >= buf + sizeof(buf) - 1) {
512 yyerror("string too long");
515 if (isalnum(c) || c == '_') {
525 yyerror("macro '%s' not defined", buf);
544 } else if (c == '\\') {
545 next = lgetc(quotec);
548 if (next == quotec || c == ' ' || c == '\t')
550 else if (next == '\n') {
555 } else if (c == quotec) {
558 } else if (c == '\0') {
559 yyerror("syntax error");
562 if (p + 1 >= buf + sizeof(buf) - 1) {
563 yyerror("string too long");
568 yylval.v.string = strdup(buf);
569 if (yylval.v.string == NULL)
570 err(1, "yylex: strdup");
574 #define allowed_to_end_number(x) \
575 (isspace(x) || x == ')' || x ==',' || x == '/' || x == '}' || x == '=')
577 if (c == '-' || isdigit(c)) {
580 if ((unsigned)(p-buf) >= sizeof(buf)) {
581 yyerror("string too long");
585 } while (c != EOF && isdigit(c));
587 if (p == buf + 1 && buf[0] == '-')
589 if (c == EOF || allowed_to_end_number(c)) {
590 const char *errstr = NULL;
593 yylval.v.number = strtonum(buf, LLONG_MIN,
596 yyerror("\"%s\" invalid number: %s",
611 #define allowed_in_string(x) \
612 (isalnum(x) || (ispunct(x) && x != '(' && x != ')' && \
613 x != '{' && x != '}' && \
614 x != '!' && x != '=' && x != '#' && \
617 if (isalnum(c) || c == ':' || c == '_') {
620 if ((unsigned)(p-buf) >= sizeof(buf)) {
621 yyerror("string too long");
625 } while (c != EOF && (allowed_in_string(c)));
629 if (token == STRING) {
630 yylval.v.string = strdup(buf);
631 if (yylval.v.string == NULL)
632 err(1, "yylex: strdup");
637 yylval.lineno = file->lineno;
646 check_file_secrecy(int fd, const char *fname)
650 if (fstat(fd, &st)) {
651 log_warn("cannot stat %s", fname);
654 if (st.st_uid != 0 && st.st_uid != getuid()) {
655 log_warnx("%s: owner not root or current user", fname);
658 if (st.st_mode & (S_IWGRP | S_IXGRP | S_IRWXO)) {
659 log_warnx("%s: group writable or world read/writable", fname);
666 newfile(const char *name, int secret)
670 nfile = calloc(1, sizeof(struct file));
675 nfile->name = strdup(name);
676 if (nfile->name == NULL) {
681 nfile->stream = fopen(nfile->name, "r");
682 if (nfile->stream == NULL) {
683 /* no warning, we don't require a conf file */
688 check_file_secrecy(fileno(nfile->stream), nfile->name)) {
689 fclose(nfile->stream);
699 closefile(struct file *xfile)
701 fclose(xfile->stream);
707 parse_config(const char *filename, enum gotd_procid proc_id,
710 struct sym *sym, *next;
711 struct gotd_repo *repo;
713 memset(env, 0, sizeof(*env));
716 gotd_proc_id = proc_id;
717 TAILQ_INIT(&gotd->repos);
719 /* Apply default values. */
720 if (strlcpy(gotd->unix_socket_path, GOTD_UNIX_SOCKET,
721 sizeof(gotd->unix_socket_path)) >= sizeof(gotd->unix_socket_path)) {
722 fprintf(stderr, "%s: unix socket path too long", __func__);
725 if (strlcpy(gotd->unix_group_name, GOTD_UNIX_GROUP,
726 sizeof(gotd->unix_group_name)) >= sizeof(gotd->unix_group_name)) {
727 fprintf(stderr, "%s: unix group name too long", __func__);
730 if (strlcpy(gotd->user_name, GOTD_USER,
731 sizeof(gotd->user_name)) >= sizeof(gotd->user_name)) {
732 fprintf(stderr, "%s: user name too long", __func__);
736 gotd->request_timeout.tv_sec = GOTD_DEFAULT_REQUEST_TIMEOUT;
737 gotd->request_timeout.tv_usec = 0;
739 file = newfile(filename, 0);
741 /* just return, as we don't require a conf file */
746 errors = file->errors;
749 /* Free macros and check which have not been used. */
750 TAILQ_FOREACH_SAFE(sym, &symhead, entry, next) {
751 if ((gotd->verbosity > 1) && !sym->used)
752 fprintf(stderr, "warning: macro '%s' not used\n",
757 TAILQ_REMOVE(&symhead, sym, entry);
765 TAILQ_FOREACH(repo, &gotd->repos, entry) {
766 if (repo->path[0] == '\0') {
767 log_warnx("repository \"%s\": no path provided in "
768 "configuration file", repo->name);
777 uid_connection_limit_cmp(const void *pa, const void *pb)
779 const struct gotd_uid_connection_limit *a = pa, *b = pb;
783 else if (a->uid > b->uid);
790 conf_limit_user_connections(const char *user, int maximum)
793 struct gotd_uid_connection_limit *limit;
797 yyerror("max connections cannot be smaller 1");
800 if (maximum > GOTD_MAXCLIENTS) {
801 yyerror("max connections must be <= %d", GOTD_MAXCLIENTS);
805 if (gotd_auth_parseuid(user, &uid) == -1) {
806 yyerror("%s: no such user", user);
810 limit = gotd_find_uid_connection_limit(gotd->connection_limits,
811 gotd->nconnection_limits, uid);
813 limit->max_connections = maximum;
817 limit = gotd->connection_limits;
818 nlimits = gotd->nconnection_limits + 1;
819 limit = reallocarray(limit, nlimits, sizeof(*limit));
821 fatal("reallocarray");
823 limit[nlimits - 1].uid = uid;
824 limit[nlimits - 1].max_connections = maximum;
826 gotd->connection_limits = limit;
827 gotd->nconnection_limits = nlimits;
828 qsort(gotd->connection_limits, gotd->nconnection_limits,
829 sizeof(gotd->connection_limits[0]), uid_connection_limit_cmp);
834 static struct gotd_repo *
835 conf_new_repo(const char *name)
837 struct gotd_repo *repo;
839 if (name[0] == '\0') {
840 fatalx("syntax error: empty repository name found in %s",
844 if (strchr(name, '\n') != NULL)
845 fatalx("repository names must not contain linefeeds: %s", name);
847 repo = calloc(1, sizeof(*repo));
849 fatalx("%s: calloc", __func__);
851 STAILQ_INIT(&repo->rules);
853 if (strlcpy(repo->name, name, sizeof(repo->name)) >=
855 fatalx("%s: strlcpy", __func__);
857 TAILQ_INSERT_TAIL(&gotd->repos, repo, entry);
864 conf_new_access_rule(struct gotd_repo *repo, enum gotd_access access,
865 int authorization, char *identifier)
867 struct gotd_access_rule *rule;
869 rule = calloc(1, sizeof(*rule));
873 rule->access = access;
874 rule->authorization = authorization;
875 rule->identifier = identifier;
877 STAILQ_INSERT_TAIL(&repo->rules, rule, entry);
881 symset(const char *nam, const char *val, int persist)
885 TAILQ_FOREACH(sym, &symhead, entry) {
886 if (strcmp(nam, sym->nam) == 0)
891 if (sym->persist == 1)
896 TAILQ_REMOVE(&symhead, sym, entry);
900 sym = calloc(1, sizeof(*sym));
904 sym->nam = strdup(nam);
905 if (sym->nam == NULL) {
909 sym->val = strdup(val);
910 if (sym->val == NULL) {
916 sym->persist = persist;
917 TAILQ_INSERT_TAIL(&symhead, sym, entry);
922 symget(const char *nam)
926 TAILQ_FOREACH(sym, &symhead, entry) {
927 if (strcmp(nam, sym->nam) == 0) {