[fwd] / conf.c

/* -*-c-*-
 *
 * $Id: conf.c,v 1.1 1999/07/01 08:56:23 mdw Exp $
 *
 * Configuration parsing
 *
 * (c) 1999 Mark Wooding
 */

/*----- Licensing notice --------------------------------------------------* 
 *
 * This file is part of the `fw' port forwarder.
 *
 * `fw' is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 2 of the License, or
 * (at your option) any later version.
 * 
 * `fw' is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 * 
 * You should have received a copy of the GNU General Public License
 * along with `fw'; if not, write to the Free Software Foundation,
 * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
 */

/*----- Revision history --------------------------------------------------* 
 *
 * $Log: conf.c,v $
 * Revision 1.1  1999/07/01 08:56:23  mdw
 * Initial revision
 *
 */

/*----- Header files ------------------------------------------------------*/

#include "config.h"

#include <ctype.h>
#include <errno.h>
#include <stdarg.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>

#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <netdb.h>

#include <mLib/dstr.h>
#include <mLib/quis.h>
#include <mLib/report.h>

#include "acl.h"
#include "listener.h"
#include "scan.h"

/*----- Magic numbers -----------------------------------------------------*/

#define CTOK_EOF (-1)
#define CTOK_WORD 256

/*----- Main code ---------------------------------------------------------*/

/* --- @token@ --- *
 *
 * Arguments:	@scanner *sc@ = pointer to scanner definition
 *
 * Returns:	Type of token scanned.
 *
 * Use:		Reads the next token from the character scanner.
 */

static int token(scanner *sc)
{
#define SCAN(sc) (sc)->ops->scan((sc))
#define UNSCAN(sc, x) (sc)->ops->unscan((x), (sc))

  int ch;

  for (;;) {
    ch = SCAN(sc);
    if (ch == '\n')
      sc->line++;
    else if (isspace((unsigned char)ch))
      ;
    else switch (ch) {
      case EOF:
	return (sc->t = CTOK_EOF);
      case '#':
	do ch = SCAN(sc); while (ch != EOF && ch != '\n');
	if (ch == '\n')
	  sc->line++;
	break;
      case '{':
      case '}':
      case ':':
      case '/':
      case ';':
	return (sc->t = ch);
      default:
	DRESET(&sc->d);
	do {
	  DPUTC(&sc->d, ch);
	  ch = SCAN(sc);
	} while (ch != EOF && ch != '{' && ch != ';' &&
		 ch != '}' && ch != ':' && ch != '/' &&
		 !isspace((unsigned char)(ch)));
	UNSCAN(sc, ch);
	DPUTZ(&sc->d);
	return (sc->t = CTOK_WORD);
    }
  }

#undef SCAN
#undef UNSCAN
}

/* --- @error@ --- *
 *
 * Arguments:	@scanner *sc@ = pointer to scanner definition
 *		@const char *msg@ = message skeleton string
 *		@...@ = extra arguments for the skeleton
 *
 * Returns:	Doesn't
 *
 * Use:		Reports an error at the current scanner location.
 */

static void error(scanner *sc, const char *msg, ...)
{
  va_list ap;
  va_start(ap, msg);
  fprintf(stderr, "%s: %s:%i: ", QUIS, sc->src, sc->line);
  vfprintf(stderr, msg, ap);
  fputc('\n', stderr);
  exit(1);
}

/* --- @portnum@ --- *
 *
 * Arguments:	@scanner *sc@ = pointer to scanner (for error reporting)
 *		@const char *p@ = pointer to port name
 *
 * Returns:	Port number (network byte order)
 *
 * Use:		Converts a textual port name or number into a usable thing.
 */

static unsigned short portnum(scanner *sc, const char *p)
{
  struct servent *s;
  if (isdigit((unsigned char)*p))
    return (htons(atoi(p)));
  if ((s = getservbyname(p, "tcp")) == 0)
    error(sc, "unknown tcp service `%s'", p);
  return (s->s_port);
}

/* --- @getconf@ --- *
 *
 * Arguments:	@scanner *sc@ = pointer to scanner to read from
 *		@listener *l@ = listener to configure (or zero)
 *		@acl_entry ***a@ = pointer to tail of ACL (or zero)
 *
 * Returns:	---
 *
 * Use:		Reads a local or global configuration statement.
 */

static void getconf(scanner *sc, listener *l, acl_entry ***a)
{
  unsigned act;

  /* --- Access control limitations --- */

  if ((strcmp(sc->d.buf, "allow") == 0 && (act = ACL_ALLOW, 1)) ||
      (strcmp(sc->d.buf, "deny") == 0 && (act = ACL_DENY, 1))) {
    struct hostent *h;
    struct netent *n;
    struct in_addr addr, mask;

    /* --- Find the host or network address --- */

    token(sc);
    if (sc->t == CTOK_WORD && strcmp(sc->d.buf, "from") == 0)
      token(sc);
    if (sc->t != CTOK_WORD)
      error(sc, "parse error, address expected");
    if ((n = getnetbyname(sc->d.buf)) != 0)
      addr.s_addr = htonl(n->n_net);
    else if ((h = gethostbyname(sc->d.buf)) == 0)
      error(sc, "couldn't resolve address `%s'", sc->d.buf);
    else
      memcpy(&addr, h->h_addr, sizeof(struct in_addr));
    token(sc);

    /* --- Find the netmask, if any --- */

    if (sc->t != '/')
      mask.s_addr = ~0ul;
    else {
      token(sc);
      if (sc->t != CTOK_WORD)
	error(sc, "parse error, netmask expected");
      if (strchr(sc->d.buf, '.') == 0)
	mask.s_addr = htonl((~0ul << (32 - atoi(sc->d.buf))) & 0xffffffff);
      else {
#ifdef HAVE_INET_ATON
	if (!inet_aton(sc->d.buf, &mask))
	  error(sc, "bad netmask `%s'", sc->d.buf);
#else
	mask.s_addr = inet_addr(sc->d.buf);
#endif
      }
      token(sc);
    }

    /* --- Add the access control entry --- */

    acl_add(a, act, addr, mask);
  }

  /* --- Anything unrecognized --- */

  else
    error(sc, "parse error, unknown configuration keyword `%s'", sc->d.buf);
}

/* --- @conf_parse@ --- *
 *
 * Arguments:	@void *scp@ = pointer to scanner definition
 *
 * Returns:	---
 *
 * Use:		Parses a configuration file from the scanner.
 */

void conf_parse(void *scp)
{
  scanner *sc = scp;

  token(sc);

  for (;;) {
    if (sc->t == CTOK_EOF)
      break;
    if (sc->t != CTOK_WORD)
      error(sc, "parse error, keyword expected");

    /* --- Handle a forwarding request --- */

    if (strcmp(sc->d.buf, "forward") == 0 ||
	strcmp(sc->d.buf, "fw") == 0) {
      unsigned short sp, dp;
      struct sockaddr_in sin;
      struct hostent *h;
      int fd;
      listener *l;

      /* --- Read the source port --- */

      token(sc);
      if (sc->t == CTOK_WORD && strcmp(sc->d.buf, "port") == 0)
	token(sc);
      if (sc->t != CTOK_WORD)
	error(sc, "parse error, source port expected");
      sp = portnum(sc, sc->d.buf);

      /* --- Read the destination address --- */

      token(sc);
      if (sc->t == CTOK_WORD && strcmp(sc->d.buf, "to") == 0)
	token(sc);
      if (sc->t != CTOK_WORD)
	error(sc, "parse error, destination address expected");
      if ((h = gethostbyname(sc->d.buf)) == 0)
	error(sc, "couldn't resolve address `%s'", sc->d.buf);

      token(sc);
      if (sc->t == ':')
	token(sc);
      if (sc->t != CTOK_WORD)
	error(sc, "parse error, destination port expected");
      dp = portnum(sc, sc->d.buf);

      /* --- Make the socket --- */

      if ((fd = socket(PF_INET, SOCK_STREAM, 0)) < 0)
	error(sc, "couldn't create socket: %s", strerror(errno));

      /* --- Set it to allow address reuse --- */

      {
	int opt = 1;
	setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, &opt, sizeof(opt));
      }

      /* --- Bind it to the right port --- */

      sin.sin_family = AF_INET;
      sin.sin_addr.s_addr = htonl(INADDR_ANY);
      sin.sin_port = sp;
      if (bind(fd, (struct sockaddr *)&sin, sizeof(sin))) {
	error(sc, "couldn't bind to port %i: %s",
	      ntohs(sp), strerror(errno));
      }

      /* --- Set it to listen for connections --- */

      if (listen(fd, 5))
	error(sc, "couldn't listen on socket: %s", strerror(errno));

      /* --- Fill in a new listener --- */

      memcpy(&sin.sin_addr, h->h_addr, sizeof(struct in_addr));
      sin.sin_port = dp;
      l = listener_add(fd, sp, &sin);

      /* --- Snarf access controls and other attributes --- */

      token(sc);
      if (sc->t == '{') {
	acl_entry **a = &l->acl;
	token(sc);
	while (sc->t != '}') {
	  if (sc->t != CTOK_WORD)
	    error(sc, "parse error, keyword or `}' expected");
	  getconf(sc, l, &a);
	  if (sc->t == ';')
	    token(sc);
	}
	*a = 0;
	token(sc);
      }
    }

    /* --- Other configuration is handled elsewhere --- */

    else
      getconf(sc, 0, 0);

    if (sc->t == ';')
      token(sc);
  }
}

/*----- That's all, folks -------------------------------------------------*/
Commit	Line	Data
e82f7154	1	/* --c--
	2	*
	3	* $Id: conf.c,v 1.1 1999/07/01 08:56:23 mdw Exp $
	4	*
	5	* Configuration parsing
	6	*
	7	* (c) 1999 Mark Wooding
	8	*/
	9
	10	/----- Licensing notice --------------------------------------------------
	11	*
	12	* This file is part of the `fw' port forwarder.
	13	*
	14	* `fw' is free software; you can redistribute it and/or modify
	15	* it under the terms of the GNU General Public License as published by
	16	* the Free Software Foundation; either version 2 of the License, or
	17	* (at your option) any later version.
	18	*
	19	* `fw' is distributed in the hope that it will be useful,
	20	* but WITHOUT ANY WARRANTY; without even the implied warranty of
	21	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	22	* GNU General Public License for more details.
	23	*
	24	* You should have received a copy of the GNU General Public License
	25	* along with `fw'; if not, write to the Free Software Foundation,
	26	* Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
	27	*/
	28
	29	/----- Revision history --------------------------------------------------
	30	*
	31	* $Log: conf.c,v $
	32	* Revision 1.1 1999/07/01 08:56:23 mdw
	33	* Initial revision
	34	*
	35	*/
	36
	37	/----- Header files ------------------------------------------------------/
	38
	39	#include "config.h"
	40
	41	#include <ctype.h>
	42	#include <errno.h>
	43	#include <stdarg.h>
	44	#include <stdio.h>
	45	#include <stdlib.h>
	46	#include <string.h>
	47
	48	#include <sys/socket.h>
	49	#include <netinet/in.h>
	50	#include <arpa/inet.h>
	51	#include <netdb.h>
	52
	53	#include <mLib/dstr.h>
	54	#include <mLib/quis.h>
	55	#include <mLib/report.h>
	56
	57	#include "acl.h"
	58	#include "listener.h"
	59	#include "scan.h"
	60
	61	/----- Magic numbers -----------------------------------------------------/
	62
	63	#define CTOK_EOF (-1)
	64	#define CTOK_WORD 256
65
66	/----- Main code ---------------------------------------------------------/
67
68	/* --- @token@ --- *
69	*
70	* Arguments: @scanner *sc@ = pointer to scanner definition
71	*
72	* Returns: Type of token scanned.
73	*
74	* Use: Reads the next token from the character scanner.
75	*/
76
77	static int token(scanner *sc)
78	{
79	#define SCAN(sc) (sc)->ops->scan((sc))
80	#define UNSCAN(sc, x) (sc)->ops->unscan((x), (sc))
81
82	int ch;
83
84	for (;;) {
85	ch = SCAN(sc);
86	if (ch == '\n')
87	sc->line++;
88	else if (isspace((unsigned char)ch))
89	;
90	else switch (ch) {
91	case EOF:
92	return (sc->t = CTOK_EOF);
93	case '#':
94	do ch = SCAN(sc); while (ch != EOF && ch != '\n');
95	if (ch == '\n')
96	sc->line++;
97	break;
98	case '{':
99	case '}':
100	case ':':
101	case '/':
102	case ';':
103	return (sc->t = ch);
104	default:
105	DRESET(&sc->d);
106	do {
107	DPUTC(&sc->d, ch);
108	ch = SCAN(sc);
109	} while (ch != EOF && ch != '{' && ch != ';' &&
110	ch != '}' && ch != ':' && ch != '/' &&
111	!isspace((unsigned char)(ch)));
112	UNSCAN(sc, ch);
113	DPUTZ(&sc->d);
114	return (sc->t = CTOK_WORD);
115	}
116	}
117
118	#undef SCAN
119	#undef UNSCAN
120	}
121
122	/* --- @error@ --- *
123	*
124	* Arguments: @scanner *sc@ = pointer to scanner definition
125	* @const char *msg@ = message skeleton string
126	* @...@ = extra arguments for the skeleton
127	*
128	* Returns: Doesn't
129	*
130	* Use: Reports an error at the current scanner location.
131	*/
132
133	static void error(scanner sc, const char msg, ...)
134	{
135	va_list ap;
136	va_start(ap, msg);
137	fprintf(stderr, "%s: %s:%i: ", QUIS, sc->src, sc->line);
138	vfprintf(stderr, msg, ap);
139	fputc('\n', stderr);
140	exit(1);
141	}
142
143	/* --- @portnum@ --- *
144	*
145	* Arguments: @scanner *sc@ = pointer to scanner (for error reporting)
146	* @const char *p@ = pointer to port name
147	*
148	* Returns: Port number (network byte order)
149	*
150	* Use: Converts a textual port name or number into a usable thing.
151	*/
152
153	static unsigned short portnum(scanner sc, const char p)
154	{
155	struct servent *s;
156	if (isdigit((unsigned char)*p))
157	return (htons(atoi(p)));
158	if ((s = getservbyname(p, "tcp")) == 0)
159	error(sc, "unknown tcp service `%s'", p);
160	return (s->s_port);
161	}
162
163	/* --- @getconf@ --- *
164	*
165	* Arguments: @scanner *sc@ = pointer to scanner to read from
166	* @listener *l@ = listener to configure (or zero)
167	* @acl_entry ***a@ = pointer to tail of ACL (or zero)
168	*
169	* Returns: ---
170	*
171	* Use: Reads a local or global configuration statement.
172	*/
173
174	static void getconf(scanner sc, listener l, acl_entry ***a)
175	{
176	unsigned act;
177
178	/* --- Access control limitations --- */
179
180	if ((strcmp(sc->d.buf, "allow") == 0 && (act = ACL_ALLOW, 1)) \|\|
181	(strcmp(sc->d.buf, "deny") == 0 && (act = ACL_DENY, 1))) {
182	struct hostent *h;
183	struct netent *n;
184	struct in_addr addr, mask;
185
186	/* --- Find the host or network address --- */
187
188	token(sc);
189	if (sc->t == CTOK_WORD && strcmp(sc->d.buf, "from") == 0)
190	token(sc);
191	if (sc->t != CTOK_WORD)
192	error(sc, "parse error, address expected");
193	if ((n = getnetbyname(sc->d.buf)) != 0)
194	addr.s_addr = htonl(n->n_net);
195	else if ((h = gethostbyname(sc->d.buf)) == 0)
196	error(sc, "couldn't resolve address `%s'", sc->d.buf);
197	else
198	memcpy(&addr, h->h_addr, sizeof(struct in_addr));
199	token(sc);
200
201	/* --- Find the netmask, if any --- */
202
203	if (sc->t != '/')
204	mask.s_addr = ~0ul;
205	else {
206	token(sc);
207	if (sc->t != CTOK_WORD)
208	error(sc, "parse error, netmask expected");
209	if (strchr(sc->d.buf, '.') == 0)
210	mask.s_addr = htonl((~0ul << (32 - atoi(sc->d.buf))) & 0xffffffff);
211	else {
212	#ifdef HAVE_INET_ATON
213	if (!inet_aton(sc->d.buf, &mask))
214	error(sc, "bad netmask `%s'", sc->d.buf);
215	#else
216	mask.s_addr = inet_addr(sc->d.buf);
217	#endif
218	}
219	token(sc);
220	}
221
222	/* --- Add the access control entry --- */
223
224	acl_add(a, act, addr, mask);
225	}
226
227	/* --- Anything unrecognized --- */
228
229	else
230	error(sc, "parse error, unknown configuration keyword `%s'", sc->d.buf);
231	}
232
233	/* --- @conf_parse@ --- *
234	*
235	* Arguments: @void *scp@ = pointer to scanner definition
236	*
237	* Returns: ---
238	*
239	* Use: Parses a configuration file from the scanner.
240	*/
241
242	void conf_parse(void *scp)
243	{
244	scanner *sc = scp;
245
246	token(sc);
247
248	for (;;) {
249	if (sc->t == CTOK_EOF)
250	break;
251	if (sc->t != CTOK_WORD)
252	error(sc, "parse error, keyword expected");
253
254	/* --- Handle a forwarding request --- */
255
256	if (strcmp(sc->d.buf, "forward") == 0 \|\|
257	strcmp(sc->d.buf, "fw") == 0) {
258	unsigned short sp, dp;
259	struct sockaddr_in sin;
260	struct hostent *h;
261	int fd;
262	listener *l;
263
264	/* --- Read the source port --- */
265
266	token(sc);
267	if (sc->t == CTOK_WORD && strcmp(sc->d.buf, "port") == 0)
268	token(sc);
269	if (sc->t != CTOK_WORD)
270	error(sc, "parse error, source port expected");
271	sp = portnum(sc, sc->d.buf);
272
273	/* --- Read the destination address --- */
274
275	token(sc);
276	if (sc->t == CTOK_WORD && strcmp(sc->d.buf, "to") == 0)
277	token(sc);
278	if (sc->t != CTOK_WORD)
279	error(sc, "parse error, destination address expected");
280	if ((h = gethostbyname(sc->d.buf)) == 0)
281	error(sc, "couldn't resolve address `%s'", sc->d.buf);
282
283	token(sc);
284	if (sc->t == ':')
285	token(sc);
286	if (sc->t != CTOK_WORD)
287	error(sc, "parse error, destination port expected");
288	dp = portnum(sc, sc->d.buf);
289
290	/* --- Make the socket --- */
291
292	if ((fd = socket(PF_INET, SOCK_STREAM, 0)) < 0)
293	error(sc, "couldn't create socket: %s", strerror(errno));
294
295	/* --- Set it to allow address reuse --- */
296
297	{
298	int opt = 1;
299	setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, &opt, sizeof(opt));
300	}
301
302	/* --- Bind it to the right port --- */
303
304	sin.sin_family = AF_INET;
305	sin.sin_addr.s_addr = htonl(INADDR_ANY);
306	sin.sin_port = sp;
307	if (bind(fd, (struct sockaddr *)&sin, sizeof(sin))) {
308	error(sc, "couldn't bind to port %i: %s",
309	ntohs(sp), strerror(errno));
310	}
311
312	/* --- Set it to listen for connections --- */
313
314	if (listen(fd, 5))
315	error(sc, "couldn't listen on socket: %s", strerror(errno));
316
317	/* --- Fill in a new listener --- */
318
319	memcpy(&sin.sin_addr, h->h_addr, sizeof(struct in_addr));
320	sin.sin_port = dp;
321	l = listener_add(fd, sp, &sin);
322
323	/* --- Snarf access controls and other attributes --- */
324
325	token(sc);
326	if (sc->t == '{') {
327	acl_entry **a = &l->acl;
328	token(sc);
329	while (sc->t != '}') {
330	if (sc->t != CTOK_WORD)
331	error(sc, "parse error, keyword or `}' expected");
332	getconf(sc, l, &a);
333	if (sc->t == ';')
334	token(sc);
335	}
336	*a = 0;
337	token(sc);
338	}
339	}
340
341	/* --- Other configuration is handled elsewhere --- */
342
343	else
344	getconf(sc, 0, 0);
345
346	if (sc->t == ';')
347	token(sc);
348	}
349	}
350
351	/----- That's all, folks -------------------------------------------------/