3 * rcfile_y.y -- Run control file parser for fetchmail
5 * For license terms, see the file COPYING in this directory.
10 #include <sys/types.h>
12 #if defined(HAVE_SYS_WAIT_H)
17 #if defined(STDC_HEADERS)
20 #if defined(HAVE_UNISTD_H)
26 #include <net/security.h>
27 #endif /* NET_SECURITY */
29 #include "fetchmail.h"
31 /* parser reads these */
32 char *rcfile; /* path name of rc file */
33 struct query cmd_opts; /* where to put command-line info */
35 /* parser sets these */
36 struct query *querylist; /* head of server list (globally visible) */
38 int yydebug; /* in case we didn't generate with -- debug */
40 static struct query current; /* current server record */
41 static int prc_errflag;
42 static struct hostdata *leadentry;
45 static void record_current(void);
46 static void user_reset(void);
47 static void reset_server(const char *name, int skip);
49 /* using Bison, this arranges that yydebug messages will show actual tokens */
51 #define YYPRINT(fp, type, val) fprintf(fp, " = \"%s\"", yytext)
60 %token DEFAULTS POLL SKIP VIA AKA LOCALDOMAINS PROTOCOL
61 %token PREAUTHENTICATE TIMEOUT KPOP SDPS KERBEROS4 KERBEROS5 KERBEROS
62 %token ENVELOPE QVIRTUAL USERNAME PASSWORD FOLDER SMTPHOST MDA BSMTP LMTP
63 %token SMTPADDRESS SPAMRESPONSE PRECONNECT POSTCONNECT LIMIT WARNINGS
64 %token NETSEC INTERFACE MONITOR PLUGIN PLUGOUT
65 %token IS HERE THERE TO MAP WILDCARD
66 %token BATCHLIMIT FETCHLIMIT EXPUNGE PROPERTIES
67 %token SET LOGFILE DAEMON SYSLOG IDFILE INVISIBLE POSTMASTER BOUNCEMAIL
70 %token <number> NUMBER
71 %token NO KEEP FLUSH FETCHALL REWRITE FORCECR STRIPCR PASS8BITS DROPSTATUS
72 %token DNS SERVICE PORT UIDL INTERVAL MIMEDECODE CHECKALIAS SSL SSLKEY SSLCERT
80 statement_list : statement
81 | statement_list statement
84 optmap : MAP | /* EMPTY */;
86 /* future global options should also have the form SET <name> optmap <value> */
87 statement : SET LOGFILE optmap STRING {run.logfile = xstrdup($4);}
88 | SET IDFILE optmap STRING {run.idfile = xstrdup($4);}
89 | SET DAEMON optmap NUMBER {run.poll_interval = $4;}
90 | SET POSTMASTER optmap STRING {run.postmaster = xstrdup($4);}
91 | SET BOUNCEMAIL {run.bouncemail = TRUE;}
92 | SET NO BOUNCEMAIL {run.bouncemail = FALSE;}
93 | SET PROPERTIES optmap STRING {run.properties =xstrdup($4);}
94 | SET SYSLOG {run.use_syslog = TRUE;}
95 | SET INVISIBLE {run.invisible = TRUE;}
98 * The way the next two productions are written depends on the fact that
99 * userspecs cannot be empty. It's a kluge to deal with files that set
100 * up a load of defaults and then have poll statements following with no
101 * user options at all.
103 | define_server serverspecs {record_current();}
104 | define_server serverspecs userspecs
106 /* detect and complain about the most common user error */
107 | define_server serverspecs userspecs serv_option
108 {yyerror("server option after user options");}
111 define_server : POLL STRING {reset_server($2, FALSE);}
112 | SKIP STRING {reset_server($2, TRUE);}
113 | DEFAULTS {reset_server("defaults", FALSE);}
116 serverspecs : /* EMPTY */
117 | serverspecs serv_option
120 alias_list : STRING {save_str(¤t.server.akalist,$1,0);}
121 | alias_list STRING {save_str(¤t.server.akalist,$2,0);}
124 domain_list : STRING {save_str(¤t.server.localdomains,$1,0);}
125 | domain_list STRING {save_str(¤t.server.localdomains,$2,0);}
128 serv_option : AKA alias_list
129 | VIA STRING {current.server.via = xstrdup($2);}
130 | LOCALDOMAINS domain_list
131 | PROTOCOL PROTO {current.server.protocol = $2;}
133 current.server.protocol = P_POP3;
135 if (current.server.preauthenticate == A_PASSWORD)
137 current.server.preauthenticate = A_KERBEROS_V5;
139 current.server.preauthenticate = A_KERBEROS_V4;
140 #endif /* KERBEROS_V5 */
142 current.server.service = KPOP_PORT;
143 #else /* INET6_ENABLE */
144 current.server.port = KPOP_PORT;
145 #endif /* INET6_ENABLE */
149 current.server.protocol = P_POP3;
150 current.server.sdps = TRUE;
152 yyerror("SDPS not enabled.");
153 #endif /* SDPS_ENABLE */
155 | UIDL {current.server.uidl = FLAG_TRUE;}
156 | NO UIDL {current.server.uidl = FLAG_FALSE;}
157 | CHECKALIAS {current.server.checkalias = FLAG_TRUE;}
158 | NO CHECKALIAS {current.server.checkalias = FLAG_FALSE;}
161 current.server.service = $2;
162 #endif /* INET6_ENABLE */
166 current.server.port = $2;
167 #endif /* !INET6_ENABLE */
169 | INTERVAL NUMBER {current.server.interval = $2;}
170 | PREAUTHENTICATE PASSWORD {current.server.preauthenticate = A_PASSWORD;}
171 | PREAUTHENTICATE KERBEROS4 {current.server.preauthenticate = A_KERBEROS_V4;}
172 | PREAUTHENTICATE KERBEROS5 {current.server.preauthenticate = A_KERBEROS_V5;}
173 | PREAUTHENTICATE KERBEROS {
175 current.server.preauthenticate = A_KERBEROS_V5;
177 current.server.preauthenticate = A_KERBEROS_V4;
178 #endif /* KERBEROS_V5 */
180 | TIMEOUT NUMBER {current.server.timeout = $2;}
182 | ENVELOPE NUMBER STRING
184 current.server.envelope =
186 current.server.envskip = $2;
190 current.server.envelope =
192 current.server.envskip = 0;
195 | QVIRTUAL STRING {current.server.qvirtual=xstrdup($2);}
201 if (net_security_strtorequest($2, &request, &requestlen))
202 yyerror("invalid security request");
204 current.server.netsec = xstrdup($2);
208 yyerror("network-security support disabled");
209 #endif /* NET_SECURITY */
212 #if (defined(linux) && !defined(INET6_ENABLE)) || defined(__FreeBSD__)
213 interface_parse($2, ¤t.server);
214 #else /* (defined(linux) && !defined(INET6_ENABLE)) || defined(__FreeBSD__) */
215 fprintf(stderr, "fetchmail: interface option is only supported under Linux and FreeBSD\n");
216 #endif /* (defined(linux) && !defined(INET6_ENABLE)) || defined(__FreeBSD__) */
219 #if (defined(linux) && !defined(INET6_ENABLE)) || defined(__FreeBSD__)
220 current.server.monitor = xstrdup($2);
221 #else /* (defined(linux) && !defined(INET6_ENABLE)) || defined(__FreeBSD__) */
222 fprintf(stderr, "fetchmail: monitor option is only supported under Linux\n");
223 #endif /* (defined(linux) && !defined(INET6_ENABLE) || defined(__FreeBSD__)) */
225 | PLUGIN STRING { current.server.plugin = xstrdup($2); }
226 | PLUGOUT STRING { current.server.plugout = xstrdup($2); }
227 | DNS {current.server.dns = FLAG_TRUE;}
228 | NO DNS {current.server.dns = FLAG_FALSE;}
229 | NO ENVELOPE {current.server.envelope = STRING_DISABLED;}
232 userspecs : user1opts {record_current(); user_reset();}
236 explicits : explicitdef {record_current(); user_reset();}
237 | explicits explicitdef {record_current(); user_reset();}
240 explicitdef : userdef user0opts
243 userdef : USERNAME STRING {current.remotename = xstrdup($2);}
244 | USERNAME mapping_list HERE
245 | USERNAME STRING THERE {current.remotename = xstrdup($2);}
248 user0opts : /* EMPTY */
249 | user0opts user_option
252 user1opts : user_option
253 | user1opts user_option
256 localnames : WILDCARD {current.wildcard = TRUE;}
257 | mapping_list {current.wildcard = FALSE;}
258 | mapping_list WILDCARD {current.wildcard = TRUE;}
261 mapping_list : mapping
262 | mapping_list mapping
266 {save_str_pair(¤t.localnames, $1, NULL);}
268 {save_str_pair(¤t.localnames, $1, $3);}
271 folder_list : STRING {save_str(¤t.mailboxes,$1,0);}
272 | folder_list STRING {save_str(¤t.mailboxes,$2,0);}
275 smtp_list : STRING {save_str(¤t.smtphunt, $1,TRUE);}
276 | smtp_list STRING {save_str(¤t.smtphunt, $2,TRUE);}
282 id=save_str(¤t.antispam,STRING_DUMMY,0);
283 id->val.status.num = $1;
288 id=save_str(¤t.antispam,STRING_DUMMY,0);
289 id->val.status.num = $2;
293 user_option : TO localnames HERE
298 | IS STRING THERE {current.remotename = xstrdup($2);}
299 | PASSWORD STRING {current.password = xstrdup($2);}
302 | SMTPADDRESS STRING {current.smtpaddress = xstrdup($2);}
303 | SPAMRESPONSE num_list
304 | MDA STRING {current.mda = xstrdup($2);}
305 | BSMTP STRING {current.bsmtp = xstrdup($2);}
306 | LMTP {current.listener = LMTP_MODE;}
307 | PRECONNECT STRING {current.preconnect = xstrdup($2);}
308 | POSTCONNECT STRING {current.postconnect = xstrdup($2);}
310 | KEEP {current.keep = FLAG_TRUE;}
311 | FLUSH {current.flush = FLAG_TRUE;}
312 | FETCHALL {current.fetchall = FLAG_TRUE;}
313 | REWRITE {current.rewrite = FLAG_TRUE;}
314 | FORCECR {current.forcecr = FLAG_TRUE;}
315 | STRIPCR {current.stripcr = FLAG_TRUE;}
316 | PASS8BITS {current.pass8bits = FLAG_TRUE;}
317 | DROPSTATUS {current.dropstatus = FLAG_TRUE;}
318 | MIMEDECODE {current.mimedecode = FLAG_TRUE;}
320 | SSL {current.use_ssl = FLAG_TRUE;}
321 | SSLKEY STRING {current.sslkey = xstrdup($2);}
322 | SSLCERT STRING {current.sslcert = xstrdup($2);}
324 | NO KEEP {current.keep = FLAG_FALSE;}
325 | NO FLUSH {current.flush = FLAG_FALSE;}
326 | NO FETCHALL {current.fetchall = FLAG_FALSE;}
327 | NO REWRITE {current.rewrite = FLAG_FALSE;}
328 | NO FORCECR {current.forcecr = FLAG_FALSE;}
329 | NO STRIPCR {current.stripcr = FLAG_FALSE;}
330 | NO PASS8BITS {current.pass8bits = FLAG_FALSE;}
331 | NO DROPSTATUS {current.dropstatus = FLAG_FALSE;}
332 | NO MIMEDECODE {current.mimedecode = FLAG_FALSE;}
334 | NO SSL {current.use_ssl = FLAG_FALSE;}
336 | LIMIT NUMBER {current.limit = NUM_VALUE_IN($2);}
337 | WARNINGS NUMBER {current.warnings = NUM_VALUE_IN($2);}
338 | FETCHLIMIT NUMBER {current.fetchlimit = NUM_VALUE_IN($2);}
339 | BATCHLIMIT NUMBER {current.batchlimit = NUM_VALUE_IN($2);}
340 | EXPUNGE NUMBER {current.expunge = NUM_VALUE_IN($2);}
342 | PROPERTIES STRING {current.properties = xstrdup($2);}
346 /* lexer interface */
348 extern int prc_lineno;
352 static struct query *hosttail; /* where to add new elements */
354 void yyerror (const char *s)
355 /* report a syntax error */
357 report_at_line(stderr, 0, rcfile, prc_lineno, "%s at %s", s,
358 (yytext && yytext[0]) ? yytext : "end of input");
362 int prc_filecheck(const char *pathname, const flag securecheck)
363 /* check that a configuration file is secure */
370 /* special case useful for debugging purposes */
371 if (strcmp("/dev/null", pathname) == 0)
374 /* pass through the special name for stdin */
375 if (strcmp("-", pathname) == 0)
378 /* the run control file must have the same uid as the REAL uid of this
379 process, it must have permissions no greater than 600, and it must not
380 be a symbolic link. We check these conditions here. */
382 if (lstat(pathname, &statbuf) < 0) {
386 report(stderr, "lstat: %s: %s\n", pathname, strerror(errno));
391 if (!securecheck) return PS_SUCCESS;
393 if ((statbuf.st_mode & S_IFLNK) == S_IFLNK)
395 fprintf(stderr, "File %s must not be a symbolic link.\n", pathname);
399 if (statbuf.st_mode & ~(S_IFREG | S_IREAD | S_IWRITE | S_IEXEC | S_IXGRP))
401 fprintf(stderr, "File %s must have no more than -rwx--x--- (0710) permissions.\n",
407 if (statbuf.st_uid != geteuid())
409 if (statbuf.st_uid != getuid())
410 #endif /* HAVE_GETEUID */
412 fprintf(stderr, "File %s must be owned by you.\n", pathname);
419 int prc_parse_file (const char *pathname, const flag securecheck)
420 /* digest the configuration into a linked list of host records */
423 querylist = hosttail = (struct query *)NULL;
427 /* Check that the file is secure */
428 if ( (prc_errflag = prc_filecheck(pathname, securecheck)) != 0 )
432 * Croak if the configuration directory does not exist.
433 * This probably means an NFS mount failed and we can't
434 * see a configuration file that ought to be there.
435 * Question: is this a portable check? It's not clear
436 * that all implementations of lstat() will return ENOTDIR
437 * rather than plain ENOENT in this case...
439 if (errno == ENOTDIR)
441 else if (errno == ENOENT)
444 /* Open the configuration file and feed it to the lexer. */
445 if (strcmp(pathname, "-") == 0)
447 else if ((yyin = fopen(pathname,"r")) == (FILE *)NULL) {
448 report(stderr, "open: %s: %s\n", pathname, strerror(errno));
452 yyparse(); /* parse entire file */
462 static void reset_server(const char *name, int skip)
463 /* clear the entire global record and initialize it with a new name */
466 memset(¤t,'\0',sizeof(current));
467 current.smtp_socket = -1;
468 current.server.pollname = xstrdup(name);
469 current.server.skip = skip;
473 static void user_reset(void)
474 /* clear the global current record (user parameters) used by the parser */
476 struct hostdata save;
479 * Purpose of this code is to initialize the new server block, but
480 * preserve whatever server name was previously set. Also
481 * preserve server options unless the command-line explicitly
484 save = current.server;
486 memset(¤t, '\0', sizeof(current));
487 current.smtp_socket = -1;
489 current.server = save;
492 struct query *hostalloc(init)
493 /* append a host record to the host list */
494 struct query *init; /* pointer to block containing initial values */
498 /* allocate new node */
499 node = (struct query *) xmalloc(sizeof(struct query));
503 memcpy(node, init, sizeof(struct query));
506 memset(node, '\0', sizeof(struct query));
507 node->smtp_socket = -1;
510 /* append to end of list */
511 if (hosttail != (struct query *) 0)
512 hosttail->next = node; /* list contains at least one element */
514 querylist = node; /* list is empty */
518 node->server.lead_server = leadentry;
521 node->server.lead_server = NULL;
522 leadentry = &node->server;
528 static void record_current(void)
529 /* register current parameters and append to the host list */
531 (void) hostalloc(¤t);
535 /* easier to do this than cope with variations in where the library lives */
536 int yywrap(void) {return 1;}
538 /* rcfile_y.y ends here */