1/*	$OpenBSD: parse.c,v 1.11 2004/05/05 23:07:47 deraadt Exp $	*/
2
3/* Common parser code for dhcpd and dhclient. */
4
5/*-
6 * SPDX-License-Identifier: BSD-3-Clause
7 *
8 * Copyright (c) 1995, 1996, 1997, 1998 The Internet Software Consortium.
9 * All rights reserved.
10 *
11 * Redistribution and use in source and binary forms, with or without
12 * modification, are permitted provided that the following conditions
13 * are met:
14 *
15 * 1. Redistributions of source code must retain the above copyright
16 *    notice, this list of conditions and the following disclaimer.
17 * 2. Redistributions in binary form must reproduce the above copyright
18 *    notice, this list of conditions and the following disclaimer in the
19 *    documentation and/or other materials provided with the distribution.
20 * 3. Neither the name of The Internet Software Consortium nor the names
21 *    of its contributors may be used to endorse or promote products derived
22 *    from this software without specific prior written permission.
23 *
24 * THIS SOFTWARE IS PROVIDED BY THE INTERNET SOFTWARE CONSORTIUM AND
25 * CONTRIBUTORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
26 * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
27 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
28 * DISCLAIMED.  IN NO EVENT SHALL THE INTERNET SOFTWARE CONSORTIUM OR
29 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
30 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
31 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
32 * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
33 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
34 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
35 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
36 * SUCH DAMAGE.
37 *
38 * This software has been written for the Internet Software Consortium
39 * by Ted Lemon <mellon@fugue.com> in cooperation with Vixie
40 * Enterprises.  To learn more about the Internet Software Consortium,
41 * see ``http://www.vix.com/isc''.  To learn more about Vixie
42 * Enterprises, see ``http://www.vix.com''.
43 */
44
45#include <sys/cdefs.h>
46__FBSDID("$FreeBSD$");
47
48#include <stdbool.h>
49
50#include "dhcpd.h"
51#include "dhctoken.h"
52
53/* Skip to the semicolon ending the current statement.   If we encounter
54 * braces, the matching closing brace terminates the statement.   If we
55 * encounter a right brace but haven't encountered a left brace, return
56 * leaving the brace in the token buffer for the caller.   If we see a
57 * semicolon and haven't seen a left brace, return.   This lets us skip
58 * over:
59 *
60 *	statement;
61 *	statement foo bar { }
62 *	statement foo bar { statement { } }
63 *	statement}
64 *
65 *	...et cetera.
66 */
67void
68skip_to_semi(FILE *cfile)
69{
70	int brace_count = 0, token;
71	char *val;
72
73	do {
74		token = peek_token(&val, cfile);
75		if (token == RBRACE) {
76			if (brace_count) {
77				token = next_token(&val, cfile);
78				if (!--brace_count)
79					return;
80			} else
81				return;
82		} else if (token == LBRACE) {
83			brace_count++;
84		} else if (token == SEMI && !brace_count) {
85			token = next_token(&val, cfile);
86			return;
87		} else if (token == '\n') {
88			/*
89			 * EOL only happens when parsing
90			 * /etc/resolv.conf, and we treat it like a
91			 * semicolon because the resolv.conf file is
92			 * line-oriented.
93			 */
94			token = next_token(&val, cfile);
95			return;
96		}
97		token = next_token(&val, cfile);
98	} while (token != EOF);
99}
100
101int
102parse_semi(FILE *cfile)
103{
104	int token;
105	char *val;
106
107	token = next_token(&val, cfile);
108	if (token != SEMI) {
109		parse_warn("semicolon expected.");
110		skip_to_semi(cfile);
111		return (0);
112	}
113	return (1);
114}
115
116/*
117 * string-parameter :== STRING SEMI
118 */
119char *
120parse_string(FILE *cfile)
121{
122	char *val, *s;
123	size_t valsize;
124	int token;
125
126	token = next_token(&val, cfile);
127	if (token != STRING) {
128		parse_warn("filename must be a string");
129		skip_to_semi(cfile);
130		return (NULL);
131	}
132	valsize = strlen(val) + 1;
133	s = malloc(valsize);
134	if (!s)
135		error("no memory for string %s.", val);
136	memcpy(s, val, valsize);
137
138	if (!parse_semi(cfile)) {
139		free(s);
140		return (NULL);
141	}
142	return (s);
143}
144
145int
146parse_ip_addr(FILE *cfile, struct iaddr *addr)
147{
148	addr->len = 4;
149	if (parse_numeric_aggregate(cfile, addr->iabuf,
150	    &addr->len, DOT, 10, 8))
151		return (1);
152	return (0);
153}
154
155/*
156 * hardware-parameter :== HARDWARE ETHERNET csns SEMI
157 * csns :== NUMBER | csns COLON NUMBER
158 */
159void
160parse_hardware_param(FILE *cfile, struct hardware *hardware)
161{
162	unsigned char *t;
163	int token;
164	size_t hlen;
165	char *val;
166
167	token = next_token(&val, cfile);
168	switch (token) {
169	case ETHERNET:
170		hardware->htype = HTYPE_ETHER;
171		break;
172	case TOKEN_RING:
173		hardware->htype = HTYPE_IEEE802;
174		break;
175	case FDDI:
176		hardware->htype = HTYPE_FDDI;
177		break;
178	default:
179		parse_warn("expecting a network hardware type");
180		skip_to_semi(cfile);
181		return;
182	}
183
184	/*
185	 * Parse the hardware address information.   Technically, it
186	 * would make a lot of sense to restrict the length of the data
187	 * we'll accept here to the length of a particular hardware
188	 * address type.   Unfortunately, there are some broken clients
189	 * out there that put bogus data in the chaddr buffer, and we
190	 * accept that data in the lease file rather than simply failing
191	 * on such clients.   Yuck.
192	 */
193	hlen = 0;
194	t = parse_numeric_aggregate(cfile, NULL, &hlen, COLON, 16, 8);
195	if (!t)
196		return;
197	if (hlen > sizeof(hardware->haddr)) {
198		free(t);
199		parse_warn("hardware address too long");
200	} else {
201		hardware->hlen = hlen;
202		memcpy((unsigned char *)&hardware->haddr[0], t,
203		    hardware->hlen);
204		if (hlen < sizeof(hardware->haddr))
205			memset(&hardware->haddr[hlen], 0,
206			    sizeof(hardware->haddr) - hlen);
207		free(t);
208	}
209
210	token = next_token(&val, cfile);
211	if (token != SEMI) {
212		parse_warn("expecting semicolon.");
213		skip_to_semi(cfile);
214	}
215}
216
217/*
218 * lease-time :== NUMBER SEMI
219 */
220void
221parse_lease_time(FILE *cfile, time_t *timep)
222{
223	char *val;
224	int token;
225
226	token = next_token(&val, cfile);
227	if (token != NUMBER) {
228		parse_warn("Expecting numeric lease time");
229		skip_to_semi(cfile);
230		return;
231	}
232	convert_num((unsigned char *)timep, val, 10, 32);
233	/* Unswap the number - convert_num returns stuff in NBO. */
234	*timep = ntohl(*timep); /* XXX */
235
236	parse_semi(cfile);
237}
238
239/*
240 * No BNF for numeric aggregates - that's defined by the caller.  What
241 * this function does is to parse a sequence of numbers separated by the
242 * token specified in separator.  If max is zero, any number of numbers
243 * will be parsed; otherwise, exactly max numbers are expected.  Base
244 * and size tell us how to internalize the numbers once they've been
245 * tokenized.
246 */
247unsigned char *
248parse_numeric_aggregate(FILE *cfile, unsigned char *buf, size_t *max,
249    int separator, unsigned base, int size)
250{
251	unsigned char *bufp = buf, *s = NULL;
252	int token;
253	char *val, *t;
254	size_t valsize, count = 0;
255	pair c = NULL;
256	unsigned char *lbufp = NULL;
257
258	if (!bufp && *max) {
259		lbufp = bufp = malloc(*max * size / 8);
260		if (!bufp)
261			error("can't allocate space for numeric aggregate");
262	} else
263		s = bufp;
264
265	do {
266		if (count) {
267			token = peek_token(&val, cfile);
268			if (token != separator) {
269				if (!*max)
270					break;
271				if (token != RBRACE && token != LBRACE)
272					token = next_token(&val, cfile);
273				parse_warn("too few numbers.");
274				if (token != SEMI)
275					skip_to_semi(cfile);
276				free(lbufp);
277				return (NULL);
278			}
279			token = next_token(&val, cfile);
280		}
281		token = next_token(&val, cfile);
282
283		if (token == EOF) {
284			parse_warn("unexpected end of file");
285			break;
286		}
287
288		/* Allow NUMBER_OR_NAME if base is 16. */
289		if (token != NUMBER &&
290		    (base != 16 || token != NUMBER_OR_NAME)) {
291			parse_warn("expecting numeric value.");
292			skip_to_semi(cfile);
293			free(lbufp);
294			return (NULL);
295		}
296		/*
297		 * If we can, convert the number now; otherwise, build a
298		 * linked list of all the numbers.
299		 */
300		if (s) {
301			convert_num(s, val, base, size);
302			s += size / 8;
303		} else {
304			valsize = strlen(val) + 1;
305			t = malloc(valsize);
306			if (!t)
307				error("no temp space for number.");
308			memcpy(t, val, valsize);
309			c = cons(t, c);
310		}
311	} while (++count != *max);
312
313	/* If we had to cons up a list, convert it now. */
314	if (c) {
315		free(lbufp);
316		bufp = malloc(count * size / 8);
317		if (!bufp)
318			error("can't allocate space for numeric aggregate.");
319		s = bufp + count - size / 8;
320		*max = count;
321	}
322	while (c) {
323		pair cdr = c->cdr;
324		convert_num(s, (char *)c->car, base, size);
325		s -= size / 8;
326		/* Free up temp space. */
327		free(c->car);
328		free(c);
329		c = cdr;
330	}
331	return (bufp);
332}
333
334void
335convert_num(unsigned char *buf, char *str, unsigned base, int size)
336{
337	bool negative = false;
338	unsigned tval, max;
339	u_int32_t val = 0;
340	char *ptr = str;
341
342	if (*ptr == '-') {
343		negative = true;
344		ptr++;
345	}
346
347	/* If base wasn't specified, figure it out from the data. */
348	if (!base) {
349		if (ptr[0] == '0') {
350			if (ptr[1] == 'x') {
351				base = 16;
352				ptr += 2;
353			} else if (isascii(ptr[1]) && isdigit(ptr[1])) {
354				base = 8;
355				ptr += 1;
356			} else
357				base = 10;
358		} else
359			base = 10;
360	}
361
362	do {
363		tval = *ptr++;
364		/* XXX assumes ASCII... */
365		if (tval >= 'a')
366			tval = tval - 'a' + 10;
367		else if (tval >= 'A')
368			tval = tval - 'A' + 10;
369		else if (tval >= '0')
370			tval -= '0';
371		else {
372			warning("Bogus number: %s.", str);
373			break;
374		}
375		if (tval >= base) {
376			warning("Bogus number: %s: digit %d not in base %d",
377			    str, tval, base);
378			break;
379		}
380		val = val * base + tval;
381	} while (*ptr);
382
383	if (negative)
384		max = (1 << (size - 1));
385	else
386		max = (1 << (size - 1)) + ((1 << (size - 1)) - 1);
387	if (val > max) {
388		switch (base) {
389		case 8:
390			warning("value %s%o exceeds max (%d) for precision.",
391			    negative ? "-" : "", val, max);
392			break;
393		case 16:
394			warning("value %s%x exceeds max (%d) for precision.",
395			    negative ? "-" : "", val, max);
396			break;
397		default:
398			warning("value %s%u exceeds max (%d) for precision.",
399			    negative ? "-" : "", val, max);
400			break;
401		}
402	}
403
404	if (negative)
405		switch (size) {
406		case 8:
407			*buf = -(unsigned long)val;
408			break;
409		case 16:
410			putShort(buf, -(unsigned long)val);
411			break;
412		case 32:
413			putLong(buf, -(unsigned long)val);
414			break;
415		default:
416			warning("Unexpected integer size: %d", size);
417			break;
418		}
419	else
420		switch (size) {
421		case 8:
422			*buf = (u_int8_t)val;
423			break;
424		case 16:
425			putUShort(buf, (u_int16_t)val);
426			break;
427		case 32:
428			putULong(buf, val);
429			break;
430		default:
431			warning("Unexpected integer size: %d", size);
432			break;
433		}
434}
435
436/*
437 * date :== NUMBER NUMBER SLASH NUMBER SLASH NUMBER
438 *		NUMBER COLON NUMBER COLON NUMBER SEMI
439 *
440 * Dates are always in GMT; first number is day of week; next is
441 * year/month/day; next is hours:minutes:seconds on a 24-hour
442 * clock.
443 */
444time_t
445parse_date(FILE *cfile)
446{
447	static int months[11] = { 31, 59, 90, 120, 151, 181,
448	    212, 243, 273, 304, 334 };
449	int guess, token;
450	struct tm tm;
451	char *val;
452
453	/* Day of week... */
454	token = next_token(&val, cfile);
455	if (token != NUMBER) {
456		parse_warn("numeric day of week expected.");
457		if (token != SEMI)
458			skip_to_semi(cfile);
459		return (0);
460	}
461	tm.tm_wday = atoi(val);
462
463	/* Year... */
464	token = next_token(&val, cfile);
465	if (token != NUMBER) {
466		parse_warn("numeric year expected.");
467		if (token != SEMI)
468			skip_to_semi(cfile);
469		return (0);
470	}
471	tm.tm_year = atoi(val);
472	if (tm.tm_year > 1900)
473		tm.tm_year -= 1900;
474
475	/* Slash separating year from month... */
476	token = next_token(&val, cfile);
477	if (token != SLASH) {
478		parse_warn("expected slash separating year from month.");
479		if (token != SEMI)
480			skip_to_semi(cfile);
481		return (0);
482	}
483
484	/* Month... */
485	token = next_token(&val, cfile);
486	if (token != NUMBER) {
487		parse_warn("numeric month expected.");
488		if (token != SEMI)
489			skip_to_semi(cfile);
490		return (0);
491	}
492	tm.tm_mon = atoi(val) - 1;
493
494	/* Slash separating month from day... */
495	token = next_token(&val, cfile);
496	if (token != SLASH) {
497		parse_warn("expected slash separating month from day.");
498		if (token != SEMI)
499			skip_to_semi(cfile);
500		return (0);
501	}
502
503	/* Month... */
504	token = next_token(&val, cfile);
505	if (token != NUMBER) {
506		parse_warn("numeric day of month expected.");
507		if (token != SEMI)
508			skip_to_semi(cfile);
509		return (0);
510	}
511	tm.tm_mday = atoi(val);
512
513	/* Hour... */
514	token = next_token(&val, cfile);
515	if (token != NUMBER) {
516		parse_warn("numeric hour expected.");
517		if (token != SEMI)
518			skip_to_semi(cfile);
519		return (0);
520	}
521	tm.tm_hour = atoi(val);
522
523	/* Colon separating hour from minute... */
524	token = next_token(&val, cfile);
525	if (token != COLON) {
526		parse_warn("expected colon separating hour from minute.");
527		if (token != SEMI)
528			skip_to_semi(cfile);
529		return (0);
530	}
531
532	/* Minute... */
533	token = next_token(&val, cfile);
534	if (token != NUMBER) {
535		parse_warn("numeric minute expected.");
536		if (token != SEMI)
537			skip_to_semi(cfile);
538		return (0);
539	}
540	tm.tm_min = atoi(val);
541
542	/* Colon separating minute from second... */
543	token = next_token(&val, cfile);
544	if (token != COLON) {
545		parse_warn("expected colon separating hour from minute.");
546		if (token != SEMI)
547			skip_to_semi(cfile);
548		return (0);
549	}
550
551	/* Minute... */
552	token = next_token(&val, cfile);
553	if (token != NUMBER) {
554		parse_warn("numeric minute expected.");
555		if (token != SEMI)
556			skip_to_semi(cfile);
557		return (0);
558	}
559	tm.tm_sec = atoi(val);
560	tm.tm_isdst = 0;
561
562	/* XXX: We assume that mktime does not use tm_yday. */
563	tm.tm_yday = 0;
564
565	/* Make sure the date ends in a semicolon... */
566	token = next_token(&val, cfile);
567	if (token != SEMI) {
568		parse_warn("semicolon expected.");
569		skip_to_semi(cfile);
570		return (0);
571	}
572
573	/* Guess the time value... */
574	guess = ((((((365 * (tm.tm_year - 70) +	/* Days in years since '70 */
575		    (tm.tm_year - 69) / 4 +	/* Leap days since '70 */
576		    (tm.tm_mon			/* Days in months this year */
577		    ? months[tm.tm_mon - 1]
578		    : 0) +
579		    (tm.tm_mon > 1 &&		/* Leap day this year */
580		    !((tm.tm_year - 72) & 3)) +
581		    tm.tm_mday - 1) * 24) +	/* Day of month */
582		    tm.tm_hour) * 60) +
583		    tm.tm_min) * 60) + tm.tm_sec;
584
585	/*
586	 * This guess could be wrong because of leap seconds or other
587	 * weirdness we don't know about that the system does.   For
588	 * now, we're just going to accept the guess, but at some point
589	 * it might be nice to do a successive approximation here to get
590	 * an exact value.   Even if the error is small, if the server
591	 * is restarted frequently (and thus the lease database is
592	 * reread), the error could accumulate into something
593	 * significant.
594	 */
595	return (guess);
596}
597