3 * rcfile_y.y -- Run control file parser for fetchmail
5 * For license terms, see the file COPYING in this directory.
10 #include <sys/types.h>
12 #if defined(HAVE_SYS_WAIT_H)
17 #if defined(STDC_HEADERS)
20 #if defined(HAVE_UNISTD_H)
26 #include <net/security.h>
27 #endif /* NET_SECURITY */
29 #include "fetchmail.h"
32 /* parser reads these */
33 char *rcfile; /* path name of rc file */
34 struct query cmd_opts; /* where to put command-line info */
36 /* parser sets these */
37 struct query *querylist; /* head of server list (globally visible) */
39 int yydebug; /* in case we didn't generate with -- debug */
41 static struct query current; /* current server record */
42 static int prc_errflag;
43 static struct hostdata *leadentry;
46 static void record_current(void);
47 static void user_reset(void);
48 static void reset_server(const char *name, int skip);
50 /* these should be of size PATH_MAX */
51 char currentwd[1024] = "", rcfiledir[1024] = "";
53 /* using Bison, this arranges that yydebug messages will show actual tokens */
55 #define YYPRINT(fp, type, val) fprintf(fp, " = \"%s\"", yytext)
64 %token DEFAULTS POLL SKIP VIA AKA LOCALDOMAINS PROTOCOL
65 %token AUTHENTICATE TIMEOUT KPOP SDPS ENVELOPE QVIRTUAL
66 %token USERNAME PASSWORD FOLDER SMTPHOST FETCHDOMAINS MDA BSMTP LMTP
67 %token SMTPADDRESS SMTPNAME SPAMRESPONSE PRECONNECT POSTCONNECT LIMIT WARNINGS
68 %token NETSEC INTERFACE MONITOR PLUGIN PLUGOUT
69 %token IS HERE THERE TO MAP WILDCARD
70 %token BATCHLIMIT FETCHLIMIT EXPUNGE PROPERTIES
71 %token SET LOGFILE DAEMON SYSLOG IDFILE INVISIBLE POSTMASTER BOUNCEMAIL
72 %token SPAMBOUNCE SHOWDOTS
73 %token <proto> PROTO AUTHTYPE
75 %token <number> NUMBER
76 %token NO KEEP FLUSH FETCHALL REWRITE FORCECR STRIPCR PASS8BITS
77 %token DROPSTATUS DROPDELIVERED
78 %token DNS SERVICE PORT UIDL INTERVAL MIMEDECODE IDLE CHECKALIAS
79 %token SSL SSLKEY SSLCERT SSLPROTO SSLCERTCK SSLCERTPATH SSLFINGERPRINT
80 %token PRINCIPAL ESMTPNAME ESMTPPASSWORD
89 statement_list : statement
90 | statement_list statement
93 optmap : MAP | /* EMPTY */;
95 /* future global options should also have the form SET <name> optmap <value> */
96 statement : SET LOGFILE optmap STRING {run.logfile = prependdir ($4, rcfiledir);}
97 | SET IDFILE optmap STRING {run.idfile = prependdir ($4, rcfiledir);}
98 | SET DAEMON optmap NUMBER {run.poll_interval = $4;}
99 | SET POSTMASTER optmap STRING {run.postmaster = xstrdup($4);}
100 | SET BOUNCEMAIL {run.bouncemail = TRUE;}
101 | SET NO BOUNCEMAIL {run.bouncemail = FALSE;}
102 | SET SPAMBOUNCE {run.spambounce = TRUE;}
103 | SET NO SPAMBOUNCE {run.spambounce = FALSE;}
104 | SET PROPERTIES optmap STRING {run.properties =xstrdup($4);}
105 | SET SYSLOG {run.use_syslog = TRUE;}
106 | SET NO SYSLOG {run.use_syslog = FALSE;}
107 | SET INVISIBLE {run.invisible = TRUE;}
108 | SET NO INVISIBLE {run.invisible = FALSE;}
109 | SET SHOWDOTS {run.showdots = FLAG_TRUE;}
110 | SET NO SHOWDOTS {run.showdots = FLAG_FALSE;}
113 * The way the next two productions are written depends on the fact that
114 * userspecs cannot be empty. It's a kluge to deal with files that set
115 * up a load of defaults and then have poll statements following with no
116 * user options at all.
118 | define_server serverspecs {record_current();}
119 | define_server serverspecs userspecs
121 /* detect and complain about the most common user error */
122 | define_server serverspecs userspecs serv_option
123 {yyerror(GT_("server option after user options"));}
126 define_server : POLL STRING {reset_server($2, FALSE);}
127 | SKIP STRING {reset_server($2, TRUE);}
128 | DEFAULTS {reset_server("defaults", FALSE);}
131 serverspecs : /* EMPTY */
132 | serverspecs serv_option
135 alias_list : STRING {save_str(¤t.server.akalist,$1,0);}
136 | alias_list STRING {save_str(¤t.server.akalist,$2,0);}
139 domain_list : STRING {save_str(¤t.server.localdomains,$1,0);}
140 | domain_list STRING {save_str(¤t.server.localdomains,$2,0);}
143 serv_option : AKA alias_list
144 | VIA STRING {current.server.via = xstrdup($2);}
145 | LOCALDOMAINS domain_list
146 | PROTOCOL PROTO {current.server.protocol = $2;}
148 current.server.protocol = P_POP3;
150 if (current.server.authenticate == A_PASSWORD)
152 current.server.authenticate = A_KERBEROS_V5;
154 current.server.authenticate = A_KERBEROS_V4;
155 #endif /* KERBEROS_V5 */
157 current.server.service = KPOP_PORT;
158 #else /* INET6_ENABLE */
159 current.server.port = KPOP_PORT;
160 #endif /* INET6_ENABLE */
162 | PRINCIPAL STRING {current.server.principal = xstrdup($2);}
163 | ESMTPNAME STRING {current.server.esmtp_name = xstrdup($2);}
164 | ESMTPPASSWORD STRING {current.server.esmtp_password = xstrdup($2);}
167 current.server.protocol = P_POP3;
168 current.server.sdps = TRUE;
170 yyerror(GT_("SDPS not enabled."));
171 #endif /* SDPS_ENABLE */
173 | UIDL {current.server.uidl = FLAG_TRUE;}
174 | NO UIDL {current.server.uidl = FLAG_FALSE;}
175 | CHECKALIAS {current.server.checkalias = FLAG_TRUE;}
176 | NO CHECKALIAS {current.server.checkalias = FLAG_FALSE;}
179 current.server.service = $2;
180 #endif /* INET6_ENABLE */
186 sprintf(buf, "%d", port);
187 current.server.service = xstrdup(buf);
189 current.server.port = $2;
190 #endif /* INET6_ENABLE */
193 {current.server.interval = $2;}
194 | AUTHENTICATE AUTHTYPE
195 {current.server.authenticate = $2;}
197 {current.server.timeout = $2;}
198 | ENVELOPE NUMBER STRING
200 current.server.envelope =
202 current.server.envskip = $2;
206 current.server.envelope =
208 current.server.envskip = 0;
211 | QVIRTUAL STRING {current.server.qvirtual=xstrdup($2);}
217 if (net_security_strtorequest($2, &request, &requestlen))
218 yyerror(GT_("invalid security request"));
220 current.server.netsec = xstrdup($2);
224 yyerror(GT_("network-security support disabled"));
225 #endif /* NET_SECURITY */
228 #if (defined(linux) && !defined(INET6_ENABLE)) || defined(__FreeBSD__)
229 interface_parse($2, ¤t.server);
230 #else /* (defined(linux) && !defined(INET6_ENABLE)) || defined(__FreeBSD__) */
231 fprintf(stderr, GT_("fetchmail: interface option is only supported under Linux (without IPv6) and FreeBSD\n"));
232 #endif /* (defined(linux) && !defined(INET6_ENABLE)) || defined(__FreeBSD__) */
235 #if (defined(linux) && !defined(INET6_ENABLE)) || defined(__FreeBSD__)
236 current.server.monitor = xstrdup($2);
237 #else /* (defined(linux) && !defined(INET6_ENABLE)) || defined(__FreeBSD__) */
238 fprintf(stderr, GT_("fetchmail: monitor option is only supported under Linux (without IPv6) and FreeBSD\n"));
239 #endif /* (defined(linux) && !defined(INET6_ENABLE) || defined(__FreeBSD__)) */
241 | PLUGIN STRING { current.server.plugin = xstrdup($2); }
242 | PLUGOUT STRING { current.server.plugout = xstrdup($2); }
243 | DNS {current.server.dns = FLAG_TRUE;}
244 | NO DNS {current.server.dns = FLAG_FALSE;}
245 | NO ENVELOPE {current.server.envelope = STRING_DISABLED;}
246 | TRACEPOLLS {current.tracepolls = FLAG_TRUE;}
247 | NO TRACEPOLLS {current.tracepolls = FLAG_FALSE;}
250 userspecs : user1opts {record_current(); user_reset();}
254 explicits : explicitdef {record_current(); user_reset();}
255 | explicits explicitdef {record_current(); user_reset();}
258 explicitdef : userdef user0opts
261 userdef : USERNAME STRING {current.remotename = xstrdup($2);}
262 | USERNAME mapping_list HERE
263 | USERNAME STRING THERE {current.remotename = xstrdup($2);}
266 user0opts : /* EMPTY */
267 | user0opts user_option
270 user1opts : user_option
271 | user1opts user_option
274 localnames : WILDCARD {current.wildcard = TRUE;}
275 | mapping_list {current.wildcard = FALSE;}
276 | mapping_list WILDCARD {current.wildcard = TRUE;}
279 mapping_list : mapping
280 | mapping_list mapping
284 {save_str_pair(¤t.localnames, $1, NULL);}
286 {save_str_pair(¤t.localnames, $1, $3);}
289 folder_list : STRING {save_str(¤t.mailboxes,$1,0);}
290 | folder_list STRING {save_str(¤t.mailboxes,$2,0);}
293 smtp_list : STRING {save_str(¤t.smtphunt, $1,TRUE);}
294 | smtp_list STRING {save_str(¤t.smtphunt, $2,TRUE);}
297 fetch_list : STRING {save_str(¤t.domainlist, $1,TRUE);}
298 | fetch_list STRING {save_str(¤t.domainlist, $2,TRUE);}
304 id=save_str(¤t.antispam,STRING_DUMMY,0);
305 id->val.status.num = $1;
310 id=save_str(¤t.antispam,STRING_DUMMY,0);
311 id->val.status.num = $2;
315 user_option : TO localnames HERE
320 | IS STRING THERE {current.remotename = xstrdup($2);}
321 | PASSWORD STRING {current.password = xstrdup($2);}
324 | FETCHDOMAINS fetch_list
325 | SMTPADDRESS STRING {current.smtpaddress = xstrdup($2);}
326 | SMTPNAME STRING {current.smtpname = xstrdup($2);}
327 | SPAMRESPONSE num_list
328 | MDA STRING {current.mda = xstrdup($2);}
329 | BSMTP STRING {current.bsmtp = prependdir ($2, rcfiledir);}
330 | LMTP {current.listener = LMTP_MODE;}
331 | PRECONNECT STRING {current.preconnect = xstrdup($2);}
332 | POSTCONNECT STRING {current.postconnect = xstrdup($2);}
334 | KEEP {current.keep = FLAG_TRUE;}
335 | FLUSH {current.flush = FLAG_TRUE;}
336 | FETCHALL {current.fetchall = FLAG_TRUE;}
337 | REWRITE {current.rewrite = FLAG_TRUE;}
338 | FORCECR {current.forcecr = FLAG_TRUE;}
339 | STRIPCR {current.stripcr = FLAG_TRUE;}
340 | PASS8BITS {current.pass8bits = FLAG_TRUE;}
341 | DROPSTATUS {current.dropstatus = FLAG_TRUE;}
342 | DROPDELIVERED {current.dropdelivered = FLAG_TRUE;}
343 | MIMEDECODE {current.mimedecode = FLAG_TRUE;}
344 | IDLE {current.idle = FLAG_TRUE;}
348 current.use_ssl = FLAG_TRUE;
350 yyerror(GT_("SSL is not enabled"));
353 | SSLKEY STRING {current.sslkey = prependdir ($2, rcfiledir);}
354 | SSLCERT STRING {current.sslcert = prependdir ($2, rcfiledir);}
355 | SSLPROTO STRING {current.sslproto = xstrdup($2);}
356 | SSLCERTCK {current.sslcertck = FLAG_TRUE;}
357 | SSLCERTPATH STRING {current.sslcertpath = prependdir($2, rcfiledir);}
358 | SSLFINGERPRINT STRING {current.sslfingerprint = xstrdup($2);}
360 | NO KEEP {current.keep = FLAG_FALSE;}
361 | NO FLUSH {current.flush = FLAG_FALSE;}
362 | NO FETCHALL {current.fetchall = FLAG_FALSE;}
363 | NO REWRITE {current.rewrite = FLAG_FALSE;}
364 | NO FORCECR {current.forcecr = FLAG_FALSE;}
365 | NO STRIPCR {current.stripcr = FLAG_FALSE;}
366 | NO PASS8BITS {current.pass8bits = FLAG_FALSE;}
367 | NO DROPSTATUS {current.dropstatus = FLAG_FALSE;}
368 | NO DROPDELIVERED {current.dropdelivered = FLAG_FALSE;}
369 | NO MIMEDECODE {current.mimedecode = FLAG_FALSE;}
370 | NO IDLE {current.idle = FLAG_FALSE;}
372 | NO SSL {current.use_ssl = FLAG_FALSE;}
374 | LIMIT NUMBER {current.limit = NUM_VALUE_IN($2);}
375 | WARNINGS NUMBER {current.warnings = NUM_VALUE_IN($2);}
376 | FETCHLIMIT NUMBER {current.fetchlimit = NUM_VALUE_IN($2);}
377 | BATCHLIMIT NUMBER {current.batchlimit = NUM_VALUE_IN($2);}
378 | EXPUNGE NUMBER {current.expunge = NUM_VALUE_IN($2);}
380 | PROPERTIES STRING {current.properties = xstrdup($2);}
384 /* lexer interface */
386 extern int prc_lineno;
390 static struct query *hosttail; /* where to add new elements */
392 void yyerror (const char *s)
393 /* report a syntax error */
395 report_at_line(stderr, 0, rcfile, prc_lineno, GT_("%s at %s"), s,
396 (yytext && yytext[0]) ? yytext : GT_("end of input"));
400 int prc_filecheck(const char *pathname, const flag securecheck)
401 /* check that a configuration file is secure */
408 /* special case useful for debugging purposes */
409 if (strcmp("/dev/null", pathname) == 0)
412 /* pass through the special name for stdin */
413 if (strcmp("-", pathname) == 0)
416 /* the run control file must have the same uid as the REAL uid of this
417 process, it must have permissions no greater than 600, and it must not
418 be a symbolic link. We check these conditions here. */
420 if (lstat(pathname, &statbuf) < 0) {
424 report(stderr, "lstat: %s: %s\n", pathname, strerror(errno));
429 if (!securecheck) return PS_SUCCESS;
431 if (!S_ISREG(statbuf.st_mode))
433 fprintf(stderr, GT_("File %s must be a regular file.\n"), pathname);
438 if (statbuf.st_mode & (S_IRGRP | S_IWGRP | S_IROTH | S_IWOTH | S_IXOTH))
440 fprintf(stderr, GT_("File %s must have no more than -rwx--x--- (0710) permissions.\n"),
444 #endif /* __BEOS__ */
447 if (statbuf.st_uid != geteuid())
449 if (statbuf.st_uid != getuid())
450 #endif /* HAVE_GETEUID */
452 fprintf(stderr, GT_("File %s must be owned by you.\n"), pathname);
459 int prc_parse_file (const char *pathname, const flag securecheck)
460 /* digest the configuration into a linked list of host records */
463 querylist = hosttail = (struct query *)NULL;
467 /* Check that the file is secure */
468 if ( (prc_errflag = prc_filecheck(pathname, securecheck)) != 0 )
472 * Croak if the configuration directory does not exist.
473 * This probably means an NFS mount failed and we can't
474 * see a configuration file that ought to be there.
475 * Question: is this a portable check? It's not clear
476 * that all implementations of lstat() will return ENOTDIR
477 * rather than plain ENOENT in this case...
479 if (errno == ENOTDIR)
481 else if (errno == ENOENT)
484 /* Open the configuration file and feed it to the lexer. */
485 if (strcmp(pathname, "-") == 0)
487 else if ((yyin = fopen(pathname,"r")) == (FILE *)NULL) {
488 report(stderr, "open: %s: %s\n", pathname, strerror(errno));
492 yyparse(); /* parse entire file */
494 fclose(yyin); /* not checking this should be safe, file mode was r */
502 static void reset_server(const char *name, int skip)
503 /* clear the entire global record and initialize it with a new name */
506 memset(¤t,'\0',sizeof(current));
507 current.smtp_socket = -1;
508 current.server.pollname = xstrdup(name);
509 current.server.skip = skip;
510 current.server.principal = (char *)NULL;
514 static void user_reset(void)
515 /* clear the global current record (user parameters) used by the parser */
517 struct hostdata save;
520 * Purpose of this code is to initialize the new server block, but
521 * preserve whatever server name was previously set. Also
522 * preserve server options unless the command-line explicitly
525 save = current.server;
527 memset(¤t, '\0', sizeof(current));
528 current.smtp_socket = -1;
530 current.server = save;
533 struct query *hostalloc(init)
534 /* append a host record to the host list */
535 struct query *init; /* pointer to block containing initial values */
539 /* allocate new node */
540 node = (struct query *) xmalloc(sizeof(struct query));
544 memcpy(node, init, sizeof(struct query));
547 memset(node, '\0', sizeof(struct query));
548 node->smtp_socket = -1;
551 /* append to end of list */
552 if (hosttail != (struct query *) 0)
553 hosttail->next = node; /* list contains at least one element */
555 querylist = node; /* list is empty */
559 node->server.lead_server = leadentry;
562 node->server.lead_server = NULL;
563 leadentry = &node->server;
569 static void record_current(void)
570 /* register current parameters and append to the host list */
572 (void) hostalloc(¤t);
576 char *prependdir (const char *file, const char *dir)
577 /* if a filename is relative to dir, convert it to an absolute path */
580 if (!file[0] || /* null path */
581 file[0] == '/' || /* absolute path */
582 strcmp(file, "-") == 0 || /* stdin/stdout */
583 !dir[0]) /* we don't HAVE_GETCWD */
584 return xstrdup (file);
585 newfile = xmalloc (strlen (dir) + 1 + strlen (file) + 1);
586 if (dir[strlen(dir) - 1] != '/')
587 sprintf (newfile, "%s/%s", dir, file);
589 sprintf (newfile, "%s%s", dir, file);
593 /* easier to do this than cope with variations in where the library lives */
594 int yywrap(void) {return 1;}
596 /* rcfile_y.y ends here */