xref: /openbsd-src/usr.sbin/dhcpd/parse.c (revision fcde59b201a29a2b4570b00b71e7aa25d61cb5c1) 
1 /*	$OpenBSD: parse.c,v 1.27 2020/04/16 23:23:21 dtucker Exp $	*/
2 
3 /* Common parser code for dhcpd and dhclient. */
4 
5 /*
6  * Copyright (c) 1995, 1996, 1997, 1998 The Internet Software Consortium.
7  * All rights reserved.
8  *
9  * Redistribution and use in source and binary forms, with or without
10  * modification, are permitted provided that the following conditions
11  * are met:
12  *
13  * 1. Redistributions of source code must retain the above copyright
14  *    notice, this list of conditions and the following disclaimer.
15  * 2. Redistributions in binary form must reproduce the above copyright
16  *    notice, this list of conditions and the following disclaimer in the
17  *    documentation and/or other materials provided with the distribution.
18  * 3. Neither the name of The Internet Software Consortium nor the names
19  *    of its contributors may be used to endorse or promote products derived
20  *    from this software without specific prior written permission.
21  *
22  * THIS SOFTWARE IS PROVIDED BY THE INTERNET SOFTWARE CONSORTIUM AND
23  * CONTRIBUTORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
24  * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
25  * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
26  * DISCLAIMED.  IN NO EVENT SHALL THE INTERNET SOFTWARE CONSORTIUM OR
27  * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
28  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
29  * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
30  * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
31  * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
32  * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
33  * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
34  * SUCH DAMAGE.
35  *
36  * This software has been written for the Internet Software Consortium
37  * by Ted Lemon <mellon@fugue.com> in cooperation with Vixie
38  * Enterprises.  To learn more about the Internet Software Consortium,
39  * see ``http://www.vix.com/isc''.  To learn more about Vixie
40  * Enterprises, see ``http://www.vix.com''.
41  */
42 
43 #include <sys/types.h>
44 #include <sys/socket.h>
45 
46 #include <net/if.h>
47 
48 #include <netinet/in.h>
49 #include <netinet/if_ether.h>
50 
51 #include <ctype.h>
52 #include <errno.h>
53 #include <stdarg.h>
54 #include <stdint.h>
55 #include <stdio.h>
56 #include <stdlib.h>
57 #include <string.h>
58 #include <syslog.h>
59 #include <time.h>
60 #include <unistd.h>
61 
62 #include "dhcp.h"
63 #include "tree.h"
64 #include "dhcpd.h"
65 #include "dhctoken.h"
66 #include "log.h"
67 
68 /*
69  * Skip to the semicolon ending the current statement.   If we encounter
70  * braces, the matching closing brace terminates the statement.   If we
71  * encounter a right brace but haven't encountered a left brace, return
72  * leaving the brace in the token buffer for the caller.   If we see a
73  * semicolon and haven't seen a left brace, return.   This lets us skip
74  * over:
75  *
76  *	statement;
77  *	statement foo bar { }
78  *	statement foo bar { statement { } }
79  *	statement}
80  *
81  *	...et cetera.
82  */
83 void
84 skip_to_semi(FILE *cfile)
85 {
86 	int		 token;
87 	char		*val;
88 	int		 brace_count = 0;
89 
90 	do {
91 		token = peek_token(&val, cfile);
92 		if (token == '}') {
93 			if (brace_count) {
94 				token = next_token(&val, cfile);
95 				if (!--brace_count)
96 					return;
97 			} else
98 				return;
99 		} else if (token == '{') {
100 			brace_count++;
101 		} else if (token == ';' && !brace_count) {
102 			token = next_token(&val, cfile);
103 			return;
104 		} else if (token == '\n') {
105 			/*
106 			 * EOL only happens when parsing
107 			 * /etc/resolv.conf, and we treat it like a
108 			 * semicolon because the resolv.conf file is
109 			 * line-oriented.
110 			 */
111 			token = next_token(&val, cfile);
112 			return;
113 		}
114 		token = next_token(&val, cfile);
115 	} while (token != EOF);
116 }
117 
118 int
119 parse_semi(FILE *cfile)
120 {
121 	int token;
122 	char *val;
123 
124 	token = next_token(&val, cfile);
125 	if (token != ';') {
126 		parse_warn("semicolon expected.");
127 		skip_to_semi(cfile);
128 		return (0);
129 	}
130 	return (1);
131 }
132 
133 /*
134  * string-parameter :== STRING SEMI
135  */
136 char *
137 parse_string(FILE *cfile)
138 {
139 	char *val, *s;
140 	int token;
141 
142 	token = next_token(&val, cfile);
143 	if (token != TOK_STRING) {
144 		parse_warn("filename must be a string");
145 		skip_to_semi(cfile);
146 		return (NULL);
147 	}
148 	s = strdup(val);
149 	if (s == NULL)
150 		fatalx("no memory for string %s.", val);
151 
152 	if (!parse_semi(cfile)) {
153 		free(s);
154 		return (NULL);
155 	}
156 	return (s);
157 }
158 
159 /*
160  * hostname :== identifier | hostname DOT identifier
161  */
162 char *
163 parse_host_name(FILE *cfile)
164 {
165 	char *val, *s, *t;
166 	int token, len = 0;
167 	pair c = NULL;
168 
169 	/* Read a dotted hostname... */
170 	do {
171 		/* Read a token, which should be an identifier. */
172 		token = next_token(&val, cfile);
173 		if (!is_identifier(token)) {
174 			parse_warn("expecting an identifier in hostname");
175 			skip_to_semi(cfile);
176 			return (NULL);
177 		}
178 		/* Store this identifier... */
179 		s = strdup(val);
180 		if (s == NULL)
181 			fatalx("can't allocate temp space for hostname.");
182 		c = cons((caddr_t) s, c);
183 		len += strlen(s) + 1;
184 		/*
185 		 * Look for a dot; if it's there, keep going, otherwise
186 		 * we're done.
187 		 */
188 		token = peek_token(&val, cfile);
189 		if (token == '.')
190 			token = next_token(&val, cfile);
191 	} while (token == '.');
192 
193 	/* Assemble the hostname together into a string. */
194 	if (!(s = malloc(len)))
195 		fatalx("can't allocate space for hostname.");
196 	t = s + len;
197 	*--t = '\0';
198 	while (c) {
199 		pair cdr = c->cdr;
200 		int l = strlen((char *)c->car);
201 
202 		t -= l;
203 		memcpy(t, (char *)c->car, l);
204 		/* Free up temp space. */
205 		free(c->car);
206 		free(c);
207 		c = cdr;
208 		if (t != s)
209 			*--t = '.';
210 	}
211 	return (s);
212 }
213 
214 /*
215  * hardware-parameter :== HARDWARE ETHERNET csns SEMI
216  * csns :== NUMBER | csns COLON NUMBER
217  */
218 void
219 parse_hardware_param(FILE *cfile, struct hardware *hardware)
220 {
221 	char *val;
222 	int token, hlen = 0;
223 	unsigned char *e, *t = NULL;
224 
225 	token = next_token(&val, cfile);
226 	switch (token) {
227 	case TOK_ETHERNET:
228 		hardware->htype = HTYPE_ETHER;
229 		break;
230 	case TOK_IPSEC_TUNNEL:
231 		hardware->htype = HTYPE_IPSEC_TUNNEL;
232 		break;
233 	default:
234 		parse_warn("expecting a network hardware type");
235 		skip_to_semi(cfile);
236 		return;
237 	}
238 
239 
240 	/* Try looking up in /etc/ethers first. */
241 	if (hardware->htype == HTYPE_ETHER) {
242 		token = peek_token(&val, cfile);
243 		hlen = sizeof(struct ether_addr);
244 		if ((e = malloc(hlen)) == NULL)
245 			fatalx("can't allocate space for ethernet address.");
246 		if (ether_hostton(val, (struct ether_addr *)e) == 0) {
247 			(void)next_token(&val, cfile); /* consume token */
248 			t = e;
249 		} else
250 			free(e);
251 	}
252 
253 	/*
254 	 * Parse the hardware address information.   Technically, it
255 	 * would make a lot of sense to restrict the length of the data
256 	 * we'll accept here to the length of a particular hardware
257 	 * address type.   Unfortunately, there are some broken clients
258 	 * out there that put bogus data in the chaddr buffer, and we
259 	 * accept that data in the lease file rather than simply failing
260 	 * on such clients.   Yuck.
261 	 */
262 	if (!t)
263 		t = parse_numeric_aggregate(cfile, NULL, &hlen, ':', 16, 8);
264 
265 	if (!t)
266 		return;
267 	if (hlen > sizeof(hardware->haddr)) {
268 		free(t);
269 		parse_warn("hardware address too long");
270 	} else {
271 		hardware->hlen = hlen;
272 		memcpy((unsigned char *)&hardware->haddr[0], t,
273 		    hardware->hlen);
274 		if (hlen < sizeof(hardware->haddr))
275 			memset(&hardware->haddr[hlen], 0,
276 			    sizeof(hardware->haddr) - hlen);
277 		free(t);
278 	}
279 
280 	token = next_token(&val, cfile);
281 	if (token != ';') {
282 		parse_warn("expecting semicolon.");
283 		skip_to_semi(cfile);
284 	}
285 }
286 
287 /*
288  * lease-time :== NUMBER SEMI
289  */
290 void
291 parse_lease_time(FILE *cfile, time_t *timep)
292 {
293 	const char *errstr;
294 	char *val;
295 	uint32_t value;
296 	int token;
297 
298 	token = next_token(&val, cfile);
299 
300 	value = strtonum(val, 0, UINT32_MAX, &errstr);
301 	if (errstr) {
302 		parse_warn("lease time is %s: %s", errstr, val);
303 		skip_to_semi(cfile);
304 		return;
305 	}
306 
307 	*timep = value;
308 
309 	parse_semi(cfile);
310 }
311 
312 /*
313  * No BNF for numeric aggregates - that's defined by the caller.  What
314  * this function does is to parse a sequence of numbers separated by the
315  * token specified in separator.  If max is zero, any number of numbers
316  * will be parsed; otherwise, exactly max numbers are expected.  Base
317  * and size tell us how to internalize the numbers once they've been
318  * tokenized.
319  */
320 unsigned char *
321 parse_numeric_aggregate(FILE *cfile, unsigned char *buf, int *max,
322     int separator, int base, int size)
323 {
324 	char *val, *t;
325 	int token, count = 0;
326 	unsigned char *bufp = buf, *s = NULL;
327 	pair c = NULL;
328 
329 	if (!bufp && *max) {
330 		bufp = malloc(*max * size / 8);
331 		if (!bufp)
332 			fatalx("can't allocate space for numeric aggregate");
333 	} else
334 		s = bufp;
335 
336 	do {
337 		if (count) {
338 			token = peek_token(&val, cfile);
339 			if (token != separator) {
340 				if (!*max)
341 					break;
342 				if (token != '{' && token != '}')
343 					token = next_token(&val, cfile);
344 				parse_warn("too few numbers.");
345 				if (token != ';')
346 					skip_to_semi(cfile);
347 				return (NULL);
348 			}
349 			token = next_token(&val, cfile);
350 		}
351 		token = next_token(&val, cfile);
352 
353 		if (token == EOF) {
354 			parse_warn("unexpected end of file");
355 			break;
356 		}
357 		if (token != TOK_NUMBER && token != TOK_NUMBER_OR_NAME) {
358 			parse_warn("expecting numeric value.");
359 			skip_to_semi(cfile);
360 			return (NULL);
361 		}
362 		/*
363 		 * If we can, convert the number now; otherwise, build a
364 		 * linked list of all the numbers.
365 		 */
366 		if (s) {
367 			convert_num(s, val, base, size);
368 			s += size / 8;
369 		} else {
370 			t = strdup(val);
371 			if (t == NULL)
372 				fatalx("no temp space for number.");
373 			c = cons(t, c);
374 		}
375 	} while (++count != *max);
376 
377 	/* If we had to cons up a list, convert it now. */
378 	if (c) {
379 		bufp = malloc(count * size / 8);
380 		if (!bufp)
381 			fatalx("can't allocate space for numeric aggregate.");
382 		s = bufp + count - size / 8;
383 		*max = count;
384 	}
385 	while (c) {
386 		pair		cdr = c->cdr;
387 		convert_num(s, (char *)c->car, base, size);
388 		s -= size / 8;
389 		/* Free up temp space. */
390 		free(c->car);
391 		free(c);
392 		c = cdr;
393 	}
394 	return (bufp);
395 }
396 
397 void
398 convert_num(unsigned char *buf, char *str, int base, int size)
399 {
400 	int negative = 0, tval, max;
401 	u_int32_t val = 0;
402 	char *ptr = str;
403 
404 	if (*ptr == '-') {
405 		negative = 1;
406 		ptr++;
407 	}
408 
409 	/* If base wasn't specified, figure it out from the data. */
410 	if (!base) {
411 		if (ptr[0] == '0') {
412 			if (ptr[1] == 'x') {
413 				base = 16;
414 				ptr += 2;
415 			} else if (isascii((unsigned char)ptr[1]) &&
416 			    isdigit((unsigned char)ptr[1])) {
417 				base = 8;
418 				ptr += 1;
419 			} else
420 				base = 10;
421 		} else
422 			base = 10;
423 	}
424 
425 	do {
426 		tval = *ptr++;
427 		/* XXX assumes ASCII... */
428 		if (tval >= 'a')
429 			tval = tval - 'a' + 10;
430 		else if (tval >= 'A')
431 			tval = tval - 'A' + 10;
432 		else if (tval >= '0')
433 			tval -= '0';
434 		else {
435 			log_warnx("Bogus number: %s.", str);
436 			break;
437 		}
438 		if (tval >= base) {
439 			log_warnx("Bogus number: %s: digit %d not in base %d",
440 			    str, tval, base);
441 			break;
442 		}
443 		val = val * base + tval;
444 	} while (*ptr);
445 
446 	if (negative)
447 		max = (1 << (size - 1));
448 	else
449 		max = (1 << (size - 1)) + ((1 << (size - 1)) - 1);
450 	if (val > max) {
451 		switch (base) {
452 		case 8:
453 			log_warnx("value %s%o exceeds max (%d) for precision.",
454 			    negative ? "-" : "", val, max);
455 			break;
456 		case 16:
457 			log_warnx("value %s%x exceeds max (%d) for precision.",
458 			    negative ? "-" : "", val, max);
459 			break;
460 		default:
461 			log_warnx("value %s%u exceeds max (%d) for precision.",
462 			    negative ? "-" : "", val, max);
463 			break;
464 		}
465 	}
466 
467 	if (negative) {
468 		switch (size) {
469 		case 8:
470 			*buf = -(unsigned long)val;
471 			break;
472 		case 16:
473 			putShort(buf, -(unsigned long)val);
474 			break;
475 		case 32:
476 			putLong(buf, -(unsigned long)val);
477 			break;
478 		default:
479 			log_warnx("Unexpected integer size: %d", size);
480 			break;
481 		}
482 	} else {
483 		switch (size) {
484 		case 8:
485 			*buf = (u_int8_t)val;
486 			break;
487 		case 16:
488 			putUShort(buf, (u_int16_t)val);
489 			break;
490 		case 32:
491 			putULong(buf, val);
492 			break;
493 		default:
494 			log_warnx("Unexpected integer size: %d", size);
495 			break;
496 		}
497 	}
498 }
499 
500 /*
501  * date :== NUMBER NUMBER SLASH NUMBER SLASH NUMBER
502  *		NUMBER COLON NUMBER COLON NUMBER UTC SEMI
503  *
504  * Dates are always in UTC; first number is day of week; next is
505  * year/month/day; next is hours:minutes:seconds on a 24-hour
506  * clock.
507  */
508 time_t
509 parse_date(FILE *cfile)
510 {
511 	struct tm tm;
512 	char timestr[26]; /* "w yyyy/mm/dd hh:mm:ss UTC" */
513 	char *val, *p;
514 	size_t n;
515 	time_t guess;
516 	int token;
517 
518 	memset(timestr, 0, sizeof(timestr));
519 
520 	do {
521 		token = peek_token(NULL, cfile);
522 		switch (token) {
523 		case TOK_NAME:
524 		case TOK_NUMBER:
525 		case TOK_NUMBER_OR_NAME:
526 		case '/':
527 		case ':':
528 			token = next_token(&val, cfile);
529 			n = strlcat(timestr, val, sizeof(timestr));
530 			if (n >= sizeof(timestr)) {
531 				/* XXX Will break after year 9999! */
532 				parse_warn("time string too long");
533 				skip_to_semi(cfile);
534 				return (0);
535 			}
536 			break;
537 		case';':
538 			break;
539 		default:
540 			parse_warn("invalid time string");
541 			skip_to_semi(cfile);
542 			return (0);
543 		}
544 	} while (token != ';');
545 
546 	parse_semi(cfile);
547 
548 	memset(&tm, 0, sizeof(tm));	/* 'cuz strptime ignores tm_isdt. */
549 	p = strptime(timestr, DB_TIMEFMT, &tm);
550 	if (p == NULL || *p != '\0') {
551 		p = strptime(timestr, OLD_DB_TIMEFMT, &tm);
552 		if (p == NULL || *p != '\0') {
553 			parse_warn("unparseable time string");
554 			return (0);
555 		}
556 	}
557 
558 	guess = timegm(&tm);
559 	if (guess == -1) {
560 		parse_warn("time could not be represented");
561 		return (0);
562 	}
563 
564 	return (guess);
565 }
566 
567 int warnings_occurred;
568 
569 int
570 parse_warn(char *fmt, ...)
571 {
572 	static char fbuf[1024];
573 	static char mbuf[1024];
574 	static char spaces[81];
575 	va_list list;
576 	int i;
577 
578 	snprintf(fbuf, sizeof(fbuf), "%s line %d: %s", tlname, lexline, mbuf);
579 	va_start(list, fmt);
580 	vsnprintf(mbuf, sizeof(mbuf), fbuf, list);
581 	va_end(list);
582 
583 	log_warnx("%s", mbuf);
584 	log_warnx("%s", token_line);
585 	if (lexchar < sizeof(spaces)) {
586 		memset(spaces, 0, sizeof(spaces));
587 		for (i = 0; i < lexchar - 1; i++) {
588 			if (token_line[i] == '\t')
589 				spaces[i] = '\t';
590 			else
591 				spaces[i] = ' ';
592 		}
593 	}
594 	log_warnx("%s^", spaces);
595 
596 	warnings_occurred = 1;
597 
598 	return (0);
599 }
600