update filter configuration parsing (not plugged yet)

author: eric <eric@openbsd.org> 2014-07-08 21:58:33 +0000
committer: eric <eric@openbsd.org> 2014-07-08 21:58:33 +0000
commit: 4a858bf26cec238c22fd3898bfa1b8dd9cc30718 (patch)
tree: ec72464d127fbba5336b43b635c8c66ed033fb27
parent: send correct imsg when enabling profiling at runtime (diff)
download: wireguard-openbsd-4a858bf26cec238c22fd3898bfa1b8dd9cc30718.tar.xz
wireguard-openbsd-4a858bf26cec238c22fd3898bfa1b8dd9cc30718.zip
2 files changed, 68 insertions, 75 deletions
diff --git a/usr.sbin/smtpd/parse.y b/usr.sbin/smtpd/parse.y
index b80ee85dd8e..6a964aaf8f6 100644
--- a/usr.sbin/smtpd/parse.y
+++ b/usr.sbin/smtpd/parse.y
@@ -1,4 +1,4 @@
-/*	$OpenBSD: parse.y,v 1.143 2014/04/19 17:23:19 gilles Exp $	*/
+/*	$OpenBSD: parse.y,v 1.144 2014/07/08 21:58:33 eric Exp $	*/
 
 /*
  * Copyright (c) 2008 Gilles Chehade <gilles@poolp.org>
@@ -91,7 +91,7 @@ char		*symget(const char *);
 struct smtpd		*conf = NULL;
 static int		 errors = 0;
 
-struct filter		*filter = NULL;
+struct filter_conf	*filter = NULL;
 struct table		*table = NULL;
 struct rule		*rule = NULL;
 struct listener		 l;
@@ -124,9 +124,9 @@ void		 set_localaddrs(void);
 int		 delaytonum(char *);
 int		 is_if_in_group(const char *, const char *);
 
-static struct filter	*create_filter(const char *, const char *);
-static struct filter	*create_filter_chain(const char *);
-static int		 extend_filter_chain(struct filter *, const char *);
+static struct filter_conf *create_filter_proc(char *, char *);
+static struct filter_conf *create_filter_chain(char *);
+static int add_filter_arg(struct filter_conf *, char *);
 
 typedef struct {
 	union {
@@ -145,7 +145,7 @@ typedef struct {
 %token	TABLE SECURE SMTPS CERTIFICATE DOMAIN BOUNCEWARN LIMIT INET4 INET6
 %token  RELAY BACKUP VIA DELIVER TO LMTP MAILDIR MBOX HOSTNAME HOSTNAMES
 %token	ACCEPT REJECT INCLUDE ERROR MDA FROM FOR SOURCE MTA PKI SCHEDULER
-%token	ARROW AUTH TLS LOCAL VIRTUAL TAG TAGGED ALIAS FILTER FILTERCHAIN KEY CA DHPARAMS
+%token	ARROW AUTH TLS LOCAL VIRTUAL TAG TAGGED ALIAS FILTER KEY CA DHPARAMS
 %token	AUTH_OPTIONAL TLS_REQUIRE USERBASE SENDER MASK_SOURCE VERIFY FORWARDONLY RECIPIENT
 %token	<v.string>	STRING
 %token  <v.number>	NUMBER
@@ -621,20 +621,21 @@ main		: BOUNCEWARN {
 			create_listener(conf->sc_listeners, &listen_opts);
 		}
 		| FILTER STRING STRING {
-			if (!create_filter($2, $3)) {
-				free($2);
+			if (!strcmp($3, "chain")) {
 				free($3);
-				YYERROR;
+				if ((filter = create_filter_chain($2)) == NULL) {
+					free($2);
+					YYERROR;
+				}
 			}
-			free($2);
-			free($3);
-		}
-		| FILTERCHAIN STRING {
-			if ((filter = create_filter_chain($2)) == NULL) {
-				free($2);
-				YYERROR;
+			else {
+				if ((filter = create_filter_proc($2, $3)) == NULL) {
+					free($2);
+					free($3);
+					YYERROR;
+				}
 			}
-		} filter_list
+		} filter_args;
 		| PKI STRING	{
 			char buf[MAXHOSTNAMELEN];
 			xlowercase(buf, $2, sizeof(buf));
@@ -648,6 +649,15 @@ main		: BOUNCEWARN {
 		} pki
 		;
 
+filter_args	:
+		| STRING {
+			if (!add_filter_arg(filter, $1)) {
+				free($1);
+				YYERROR;
+			}
+		} filter_args
+		;
+
 table		: TABLE STRING STRING	{
 			char *p, *backend, *config;
 
@@ -718,15 +728,6 @@ string_list	: stringel
 		| stringel comma string_list
 		;
 
-filter_list	:
-		| STRING {
-			if (!extend_filter_chain(filter, $1)) {
-				free($1);
-				YYERROR;
-			}
-		} filter_list
-		;
-
 tableval_list	: string_list			{ }
 		| keyval_list			{ }
 		;
@@ -1144,7 +1145,6 @@ lookup(char *s)
 		{ "encryption",		ENCRYPTION },
 		{ "expire",		EXPIRE },
 		{ "filter",		FILTER },
-		{ "filterchain",	FILTERCHAIN },
 		{ "for",		FOR },
 		{ "forward-only",      	FORWARDONLY },
 		{ "from",		FROM },
@@ -2106,49 +2106,45 @@ end:
 	return ret;
 }
 
-struct filter *
-create_filter(const char *name, const char *path)
+static struct filter_conf *
+create_filter_proc(char *name, char *prog)
 {
-	struct filter	*f;
+	struct filter_conf	*f;
+	char			*path;
 
 	if (dict_get(&conf->sc_filters, name)) {
 		yyerror("filter \"%s\" already defined", name);
 		return (NULL);
 	}
 
-	f = xcalloc(1, sizeof(*f), "create_filter");
-	if (strlcpy(f->name, name, sizeof(f->name))
-	    >= sizeof (f->name)) {
-		yyerror("filter name \"%s\" too long", name);
-		return (NULL);
-	}
-	if (strlcpy(f->path, path, sizeof(f->path))
-	    >= sizeof (f->path)) {
-		yyerror("filter path \"%s\" too long", path);
-		return (NULL);
+	if (asprintf(&path, "%s/filter-%s", PATH_LIBEXEC, prog) == -1) {
+		yyerror("filter \"%s\" asprintf failed", name);
+		return (0);
 	}
 
+	f = xcalloc(1, sizeof(*f), "create_filter");
+	f->path = path;
+	f->name = name;
+	f->argv[f->argc++] = name;
+
 	dict_xset(&conf->sc_filters, name, f);
 
 	return (f);
 }
 
-static struct filter *
-create_filter_chain(const char *name)
+static struct filter_conf *
+create_filter_chain(char *name)
 {
-	struct filter	*f;
+	struct filter_conf	*f;
 
 	if (dict_get(&conf->sc_filters, name)) {
 		yyerror("filter \"%s\" already defined", name);
 		return (NULL);
 	}
+
 	f = xcalloc(1, sizeof(*f), "create_filter_chain");
-	if (strlcpy(f->name, name, sizeof(f->name)) >=
-	    sizeof(f->name)) {
-		yyerror("filter chain name \"%s\" too long", name);
-		return (NULL);
-	}
 	f->chain = 1;
+	f->name = name;
 
 	dict_xset(&conf->sc_filters, name, f);
 
@@ -2156,30 +2152,25 @@ create_filter_chain(const char *name)
 }
 
 static int
-extend_filter_chain(struct filter *f, const char *name)
+add_filter_arg(struct filter_conf *f, char *arg)
 {
-	int	i;
-
-	if (!f->chain) {
-		yyerror("filter \"%s\" is not a chain", f->name);
+	if (f->argc == MAX_FILTER_ARGS) {
+		yyerror("filter \"%s\" is full", f->name);
 		return (0);
 	}
 
-	if (dict_get(&conf->sc_filters, name) == NULL) {
-		yyerror("undefined filter \"%s\"", name);
-		return (0);
-	}
-	if (dict_get(&conf->sc_filters, name) == f) {
-		yyerror("filter chain cannot contain itself");
-		return (0);
-	}
-
-	for (i = 0; i < MAX_FILTER_PER_CHAIN; i++) {
-		if (f->filters[i][0] == '\0') {
-			(void)strlcpy(f->filters[i], name, sizeof(f->filters[i]));
-			return (1);
+	if (f->chain) {
+		if (dict_get(&conf->sc_filters, arg) == NULL) {
+			yyerror("undefined filter \"%s\"", arg);
+			return (0);
+		}
+		if (dict_get(&conf->sc_filters, arg) == f) {
+			yyerror("filter chain cannot contain itself");
+			return (0);
 		}
 	}
-	yyerror("filter chain \"%s\" is full", f->name);
-	return (0);
+
+	f->argv[f->argc++] = arg;
+
+	return (1);
 }
diff --git a/usr.sbin/smtpd/smtpd.h b/usr.sbin/smtpd/smtpd.h
index 5f80e9044f5..9b0cb2ef9e0 100644
--- a/usr.sbin/smtpd/smtpd.h
+++ b/usr.sbin/smtpd/smtpd.h
@@ -1,4 +1,4 @@
-/*	$OpenBSD: smtpd.h,v 1.464 2014/07/08 20:14:46 eric Exp $	*/
+/*	$OpenBSD: smtpd.h,v 1.465 2014/07/08 21:58:33 eric Exp $	*/
 
 /*
  * Copyright (c) 2008 Gilles Chehade <gilles@poolp.org>
@@ -37,6 +37,7 @@
 #define	DEFAULT_MAX_BODY_SIZE	(35*1024*1024)
 #define MAX_TAG_SIZE		 32
 #define	MAX_FILTER_NAME		 32
+#define	MAX_FILTER_ARGS		 255
 
 #define	EXPAND_BUFFER		 1024
 
@@ -629,12 +630,13 @@ struct deliver {
 };
 
 #define MAX_FILTER_PER_CHAIN	16
-struct filter {
-	int			chain;
-	int			done;
-	char			name[MAX_FILTER_NAME];
-	char			path[SMTPD_MAXPATHLEN];
-	char			filters[MAX_FILTER_NAME][MAX_FILTER_PER_CHAIN];
+struct filter_conf {
+	int		 chain;
+	int		 done;
+	int		 argc;
+	char		*name;
+	char		*argv[MAX_FILTER_ARGS + 1];
+	char		*path;
 };
 
 struct mta_host {
author	eric <eric@openbsd.org>	2014-07-08 21:58:33 +0000
committer	eric <eric@openbsd.org>	2014-07-08 21:58:33 +0000
commit	4a858bf26cec238c22fd3898bfa1b8dd9cc30718 (patch)
tree	ec72464d127fbba5336b43b635c8c66ed033fb27
parent	send correct imsg when enabling profiling at runtime (diff)
download	wireguard-openbsd-4a858bf26cec238c22fd3898bfa1b8dd9cc30718.tar.xz wireguard-openbsd-4a858bf26cec238c22fd3898bfa1b8dd9cc30718.zip