1 /*
2  * Copyright (c) 2022 Stefan Sperling <stsp@openbsd.org>
3  * Copyright (c) 2016-2019, 2020-2021 Tracey Emery <tracey@traceyemery.net>
4  * Copyright (c) 2004, 2005 Esben Norby <norby@openbsd.org>
5  * Copyright (c) 2004 Ryan McBride <mcbride@openbsd.org>
6  * Copyright (c) 2002, 2003, 2004 Henning Brauer <henning@openbsd.org>
7  * Copyright (c) 2001 Markus Friedl.  All rights reserved.
8  * Copyright (c) 2001 Daniel Hartmeier.  All rights reserved.
9  * Copyright (c) 2001 Theo de Raadt.  All rights reserved.
10  *
11  * Permission to use, copy, modify, and distribute this software for any
12  * purpose with or without fee is hereby granted, provided that the above
13  * copyright notice and this permission notice appear in all copies.
14  *
15  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
16  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
17  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
18  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
19  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
20  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
21  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
22  */
23 
24 %{
25 #include <sys/time.h>
26 #include <sys/types.h>
27 #include <sys/queue.h>
28 #include <sys/stat.h>
29 
30 #include <ctype.h>
31 #include <err.h>
32 #include <errno.h>
33 #include <event.h>
34 #include <imsg.h>
35 #include <limits.h>
36 #include <sha1.h>
37 #include <stdarg.h>
38 #include <stdlib.h>
39 #include <stdio.h>
40 #include <string.h>
41 #include <syslog.h>
42 #include <unistd.h>
43 
44 #include "got_error.h"
45 #include "got_path.h"
46 
47 #include "log.h"
48 #include "gotd.h"
49 #include "auth.h"
50 #include "listen.h"
51 
52 TAILQ_HEAD(files, file)		 files = TAILQ_HEAD_INITIALIZER(files);
53 static struct file {
54 	TAILQ_ENTRY(file)	 entry;
55 	FILE			*stream;
56 	char			*name;
57 	int			 lineno;
58 	int			 errors;
59 } *file;
60 struct file	*newfile(const char *, int);
61 static void	 closefile(struct file *);
62 int		 check_file_secrecy(int, const char *);
63 int		 yyparse(void);
64 int		 yylex(void);
65 int		 yyerror(const char *, ...)
66     __attribute__((__format__ (printf, 1, 2)))
67     __attribute__((__nonnull__ (1)));
68 int		 kw_cmp(const void *, const void *);
69 int		 lookup(char *);
70 int		 lgetc(int);
71 int		 lungetc(int);
72 int		 findeol(void);
73 
74 TAILQ_HEAD(symhead, sym)	 symhead = TAILQ_HEAD_INITIALIZER(symhead);
75 struct sym {
76 	TAILQ_ENTRY(sym)	 entry;
77 	int			 used;
78 	int			 persist;
79 	char			*nam;
80 	char			*val;
81 };
82 
83 int	 symset(const char *, const char *, int);
84 char	*symget(const char *);
85 
86 static int		 errors;
87 
88 static struct gotd		*gotd;
89 static struct gotd_repo		*new_repo;
90 static int			 conf_limit_user_connections(const char *, int);
91 static struct gotd_repo		*conf_new_repo(const char *);
92 static void			 conf_new_access_rule(struct gotd_repo *,
93 				    enum gotd_access, int, char *);
94 static enum gotd_procid		 gotd_proc_id;
95 
96 typedef struct {
97 	union {
98 		long long	 number;
99 		char		*string;
100 		struct timeval	 tv;
101 	} v;
102 	int lineno;
103 } YYSTYPE;
104 
105 %}
106 
107 %token	PATH ERROR ON UNIX_SOCKET UNIX_GROUP USER REPOSITORY PERMIT DENY
108 %token	RO RW CONNECTION LIMIT REQUEST TIMEOUT
109 
110 %token	<v.string>	STRING
111 %token	<v.number>	NUMBER
112 %type	<v.number>	boolean
113 %type	<v.tv>		timeout
114 
115 %%
116 
117 grammar		:
118 		| grammar '\n'
119 		| grammar main '\n'
120 		| grammar repository '\n'
121 		;
122 
123 boolean		: STRING {
124 			if (strcasecmp($1, "1") == 0 ||
125 			    strcasecmp($1, "yes") == 0 ||
126 			    strcasecmp($1, "on") == 0)
127 				$$ = 1;
128 			else if (strcasecmp($1, "0") == 0 ||
129 			    strcasecmp($1, "off") == 0 ||
130 			    strcasecmp($1, "no") == 0)
131 				$$ = 0;
132 			else {
133 				yyerror("invalid boolean value '%s'", $1);
134 				free($1);
135 				YYERROR;
136 			}
137 			free($1);
138 		}
139 		| ON { $$ = 1; }
140 		| NUMBER { $$ = $1; }
141 		;
142 
143 timeout		: NUMBER {
144 			if ($1 < 0) {
145 				yyerror("invalid timeout: %lld", $1);
146 				YYERROR;
147 			}
148 			$$.tv_sec = $1;
149 			$$.tv_usec = 0;
150 		}
151 		| STRING {
152 			const char	*errstr;
153 			const char	*type = "seconds";
154 			size_t		 len;
155 			int		 mul = 1;
156 
157 			if (*$1 == '\0') {
158 				yyerror("invalid number of seconds: %s", $1);
159 				free($1);
160 				YYERROR;
161 			}
162 
163 			len = strlen($1);
164 			switch ($1[len - 1]) {
165 			case 'S':
166 			case 's':
167 				$1[len - 1] = '\0';
168 				break;
169 			case 'M':
170 			case 'm':
171 				type = "minutes";
172 				mul = 60;
173 				$1[len - 1] = '\0';
174 				break;
175 			case 'H':
176 			case 'h':
177 				type = "hours";
178 				mul = 60 * 60;
179 				$1[len - 1] = '\0';
180 				break;
181 			}
182 
183 			$$.tv_usec = 0;
184 			$$.tv_sec = strtonum($1, 0, INT_MAX, &errstr);
185 			if (errstr) {
186 				yyerror("number of %s is %s: %s", type,
187 				    errstr, $1);
188 				free($1);
189 				YYERROR;
190 			}
191 
192 			if ($$.tv_sec > INT_MAX / mul) {
193 				yyerror("number of %s is too too large: %s",
194 				    type, $1);
195 				free($1);
196 				YYERROR;
197 			}
198 
199 			$$.tv_sec *= mul;
200 			free($1);
201 		}
202 		;
203 
204 main		: UNIX_SOCKET STRING {
205 			if (gotd_proc_id == PROC_LISTEN) {
206 				if (strlcpy(gotd->unix_socket_path, $2,
207 				    sizeof(gotd->unix_socket_path)) >=
208 				    sizeof(gotd->unix_socket_path)) {
209 					yyerror("%s: unix socket path too long",
210 					    __func__);
211 					free($2);
212 					YYERROR;
213 				}
214 			}
215 			free($2);
216 		}
217 		| UNIX_GROUP STRING {
218 			if (strlcpy(gotd->unix_group_name, $2,
219 			    sizeof(gotd->unix_group_name)) >=
220 			    sizeof(gotd->unix_group_name)) {
221 				yyerror("%s: unix group name too long",
222 				    __func__);
223 				free($2);
224 				YYERROR;
225 			}
226 			free($2);
227 		}
228 		| USER STRING {
229 			if (strlcpy(gotd->user_name, $2,
230 			    sizeof(gotd->user_name)) >=
231 			    sizeof(gotd->user_name)) {
232 				yyerror("%s: user name too long", __func__);
233 				free($2);
234 				YYERROR;
235 			}
236 			free($2);
237 		}
238 		| connection
239 		;
240 
241 connection	: CONNECTION '{' optnl conflags_l '}'
242 		| CONNECTION conflags
243 
244 conflags_l	: conflags optnl conflags_l
245 		| conflags optnl
246 		;
247 
248 conflags	: REQUEST TIMEOUT timeout		{
249 			if ($3.tv_sec <= 0) {
250 				yyerror("invalid timeout: %lld", $3.tv_sec);
251 				YYERROR;
252 			}
253 			memcpy(&gotd->request_timeout, &$3,
254 			    sizeof(gotd->request_timeout));
255 		}
256 		| LIMIT USER STRING NUMBER	{
257 			if (gotd_proc_id == PROC_LISTEN &&
258 			    conf_limit_user_connections($3, $4) == -1) {
259 				free($3);
260 				YYERROR;
261 			}
262 			free($3);
263 		}
264 		;
265 
266 repository	: REPOSITORY STRING {
267 			struct gotd_repo *repo;
268 
269 			TAILQ_FOREACH(repo, &gotd->repos, entry) {
270 				if (strcmp(repo->name, $2) == 0) {
271 					yyerror("duplicate repository '%s'", $2);
272 					free($2);
273 					YYERROR;
274 				}
275 			}
276 
277 			if (gotd_proc_id == PROC_GOTD ||
278 			    gotd_proc_id == PROC_AUTH) {
279 				new_repo = conf_new_repo($2);
280 			}
281 			free($2);
282 		} '{' optnl repoopts2 '}' {
283 		}
284 		;
285 
286 repoopts1	: PATH STRING {
287 			if (gotd_proc_id == PROC_GOTD ||
288 			    gotd_proc_id == PROC_AUTH) {
289 				if (!got_path_is_absolute($2)) {
290 					yyerror("%s: path %s is not absolute",
291 					    __func__, $2);
292 					free($2);
293 					YYERROR;
294 				}
295 				if (strlcpy(new_repo->path, $2,
296 				    sizeof(new_repo->path)) >=
297 				    sizeof(new_repo->path)) {
298 					yyerror("%s: path truncated", __func__);
299 					free($2);
300 					YYERROR;
301 				}
302 			}
303 			free($2);
304 		}
305 		| PERMIT RO STRING {
306 			if (gotd_proc_id == PROC_AUTH) {
307 				conf_new_access_rule(new_repo,
308 				    GOTD_ACCESS_PERMITTED, GOTD_AUTH_READ, $3);
309 			}
310 		}
311 		| PERMIT RW STRING {
312 			if (gotd_proc_id == PROC_AUTH) {
313 				conf_new_access_rule(new_repo,
314 				    GOTD_ACCESS_PERMITTED,
315 				    GOTD_AUTH_READ | GOTD_AUTH_WRITE, $3);
316 			}
317 		}
318 		| DENY STRING {
319 			if (gotd_proc_id == PROC_AUTH) {
320 				conf_new_access_rule(new_repo,
321 				    GOTD_ACCESS_DENIED, 0, $2);
322 			}
323 		}
324 		;
325 
326 repoopts2	: repoopts2 repoopts1 nl
327 		| repoopts1 optnl
328 		;
329 
330 nl		: '\n' optnl
331 		;
332 
333 optnl		: '\n' optnl		/* zero or more newlines */
334 		| /* empty */
335 		;
336 
337 %%
338 
339 struct keywords {
340 	const char	*k_name;
341 	int		 k_val;
342 };
343 
344 int
345 yyerror(const char *fmt, ...)
346 {
347 	va_list ap;
348 	char *msg;
349 
350 	file->errors++;
351 	va_start(ap, fmt);
352 	if (vasprintf(&msg, fmt, ap) == -1)
353 		fatalx("yyerror vasprintf");
354 	va_end(ap);
355 	logit(LOG_CRIT, "%s:%d: %s", file->name, yylval.lineno, msg);
356 	free(msg);
357 	return (0);
358 }
359 
360 int
361 kw_cmp(const void *k, const void *e)
362 {
363 	return (strcmp(k, ((const struct keywords *)e)->k_name));
364 }
365 
366 int
367 lookup(char *s)
368 {
369 	/* This has to be sorted always. */
370 	static const struct keywords keywords[] = {
371 		{ "connection",			CONNECTION },
372 		{ "deny",			DENY },
373 		{ "limit",			LIMIT },
374 		{ "on",				ON },
375 		{ "path",			PATH },
376 		{ "permit",			PERMIT },
377 		{ "repository",			REPOSITORY },
378 		{ "request",			REQUEST },
379 		{ "ro",				RO },
380 		{ "rw",				RW },
381 		{ "timeout",			TIMEOUT },
382 		{ "unix_group",			UNIX_GROUP },
383 		{ "unix_socket",		UNIX_SOCKET },
384 		{ "user",			USER },
385 	};
386 	const struct keywords *p;
387 
388 	p = bsearch(s, keywords, sizeof(keywords)/sizeof(keywords[0]),
389 	    sizeof(keywords[0]), kw_cmp);
390 
391 	if (p)
392 		return (p->k_val);
393 	else
394 		return (STRING);
395 }
396 
397 #define MAXPUSHBACK	128
398 
399 unsigned char *parsebuf;
400 int parseindex;
401 unsigned char pushback_buffer[MAXPUSHBACK];
402 int pushback_index = 0;
403 
404 int
405 lgetc(int quotec)
406 {
407 	int c, next;
408 
409 	if (parsebuf) {
410 		/* Read character from the parsebuffer instead of input. */
411 		if (parseindex >= 0) {
412 			c = parsebuf[parseindex++];
413 			if (c != '\0')
414 				return (c);
415 			parsebuf = NULL;
416 		} else
417 			parseindex++;
418 	}
419 
420 	if (pushback_index)
421 		return (pushback_buffer[--pushback_index]);
422 
423 	if (quotec) {
424 		c = getc(file->stream);
425 		if (c == EOF)
426 			yyerror("reached end of file while parsing "
427 			    "quoted string");
428 		return (c);
429 	}
430 
431 	c = getc(file->stream);
432 	while (c == '\\') {
433 		next = getc(file->stream);
434 		if (next != '\n') {
435 			c = next;
436 			break;
437 		}
438 		yylval.lineno = file->lineno;
439 		file->lineno++;
440 		c = getc(file->stream);
441 	}
442 
443 	return (c);
444 }
445 
446 int
447 lungetc(int c)
448 {
449 	if (c == EOF)
450 		return (EOF);
451 	if (parsebuf) {
452 		parseindex--;
453 		if (parseindex >= 0)
454 			return (c);
455 	}
456 	if (pushback_index < MAXPUSHBACK-1)
457 		return (pushback_buffer[pushback_index++] = c);
458 	else
459 		return (EOF);
460 }
461 
462 int
463 findeol(void)
464 {
465 	int c;
466 
467 	parsebuf = NULL;
468 
469 	/* Skip to either EOF or the first real EOL. */
470 	while (1) {
471 		if (pushback_index)
472 			c = pushback_buffer[--pushback_index];
473 		else
474 			c = lgetc(0);
475 		if (c == '\n') {
476 			file->lineno++;
477 			break;
478 		}
479 		if (c == EOF)
480 			break;
481 	}
482 	return (ERROR);
483 }
484 
485 int
486 yylex(void)
487 {
488 	unsigned char buf[8096];
489 	unsigned char *p, *val;
490 	int quotec, next, c;
491 	int token;
492 
493 top:
494 	p = buf;
495 	c = lgetc(0);
496 	while (c == ' ' || c == '\t')
497 		c = lgetc(0); /* nothing */
498 
499 	yylval.lineno = file->lineno;
500 	if (c == '#') {
501 		c = lgetc(0);
502 		while (c != '\n' && c != EOF)
503 			c = lgetc(0); /* nothing */
504 	}
505 	if (c == '$' && parsebuf == NULL) {
506 		while (1) {
507 			c = lgetc(0);
508 			if (c == EOF)
509 				return (0);
510 
511 			if (p + 1 >= buf + sizeof(buf) - 1) {
512 				yyerror("string too long");
513 				return (findeol());
514 			}
515 			if (isalnum(c) || c == '_') {
516 				*p++ = c;
517 				continue;
518 			}
519 			*p = '\0';
520 			lungetc(c);
521 			break;
522 		}
523 		val = symget(buf);
524 		if (val == NULL) {
525 			yyerror("macro '%s' not defined", buf);
526 			return (findeol());
527 		}
528 		parsebuf = val;
529 		parseindex = 0;
530 		goto top;
531 	}
532 
533 	switch (c) {
534 	case '\'':
535 	case '"':
536 		quotec = c;
537 		while (1) {
538 			c = lgetc(quotec);
539 			if (c == EOF)
540 				return (0);
541 			if (c == '\n') {
542 				file->lineno++;
543 				continue;
544 			} else if (c == '\\') {
545 				next = lgetc(quotec);
546 				if (next == EOF)
547 					return (0);
548 				if (next == quotec || c == ' ' || c == '\t')
549 					c = next;
550 				else if (next == '\n') {
551 					file->lineno++;
552 					continue;
553 				} else
554 					lungetc(next);
555 			} else if (c == quotec) {
556 				*p = '\0';
557 				break;
558 			} else if (c == '\0') {
559 				yyerror("syntax error");
560 				return (findeol());
561 			}
562 			if (p + 1 >= buf + sizeof(buf) - 1) {
563 				yyerror("string too long");
564 				return (findeol());
565 			}
566 			*p++ = c;
567 		}
568 		yylval.v.string = strdup(buf);
569 		if (yylval.v.string == NULL)
570 			err(1, "yylex: strdup");
571 		return (STRING);
572 	}
573 
574 #define allowed_to_end_number(x) \
575 	(isspace(x) || x == ')' || x ==',' || x == '/' || x == '}' || x == '=')
576 
577 	if (c == '-' || isdigit(c)) {
578 		do {
579 			*p++ = c;
580 			if ((unsigned)(p-buf) >= sizeof(buf)) {
581 				yyerror("string too long");
582 				return (findeol());
583 			}
584 			c = lgetc(0);
585 		} while (c != EOF && isdigit(c));
586 		lungetc(c);
587 		if (p == buf + 1 && buf[0] == '-')
588 			goto nodigits;
589 		if (c == EOF || allowed_to_end_number(c)) {
590 			const char *errstr = NULL;
591 
592 			*p = '\0';
593 			yylval.v.number = strtonum(buf, LLONG_MIN,
594 			    LLONG_MAX, &errstr);
595 			if (errstr) {
596 				yyerror("\"%s\" invalid number: %s",
597 				    buf, errstr);
598 				return (findeol());
599 			}
600 			return (NUMBER);
601 		} else {
602 nodigits:
603 			while (p > buf + 1)
604 				lungetc(*--p);
605 			c = *--p;
606 			if (c == '-')
607 				return (c);
608 		}
609 	}
610 
611 #define allowed_in_string(x) \
612 	(isalnum(x) || (ispunct(x) && x != '(' && x != ')' && \
613 	x != '{' && x != '}' && \
614 	x != '!' && x != '=' && x != '#' && \
615 	x != ','))
616 
617 	if (isalnum(c) || c == ':' || c == '_') {
618 		do {
619 			*p++ = c;
620 			if ((unsigned)(p-buf) >= sizeof(buf)) {
621 				yyerror("string too long");
622 				return (findeol());
623 			}
624 			c = lgetc(0);
625 		} while (c != EOF && (allowed_in_string(c)));
626 		lungetc(c);
627 		*p = '\0';
628 		token = lookup(buf);
629 		if (token == STRING) {
630 			yylval.v.string = strdup(buf);
631 			if (yylval.v.string == NULL)
632 				err(1, "yylex: strdup");
633 		}
634 		return (token);
635 	}
636 	if (c == '\n') {
637 		yylval.lineno = file->lineno;
638 		file->lineno++;
639 	}
640 	if (c == EOF)
641 		return (0);
642 	return (c);
643 }
644 
645 int
646 check_file_secrecy(int fd, const char *fname)
647 {
648 	struct stat st;
649 
650 	if (fstat(fd, &st)) {
651 		log_warn("cannot stat %s", fname);
652 		return (-1);
653 	}
654 	if (st.st_uid != 0 && st.st_uid != getuid()) {
655 		log_warnx("%s: owner not root or current user", fname);
656 		return (-1);
657 	}
658 	if (st.st_mode & (S_IWGRP | S_IXGRP | S_IRWXO)) {
659 		log_warnx("%s: group writable or world read/writable", fname);
660 		return (-1);
661 	}
662 	return (0);
663 }
664 
665 struct file *
666 newfile(const char *name, int secret)
667 {
668 	struct file *nfile;
669 
670 	nfile = calloc(1, sizeof(struct file));
671 	if (nfile == NULL) {
672 		log_warn("calloc");
673 		return (NULL);
674 	}
675 	nfile->name = strdup(name);
676 	if (nfile->name == NULL) {
677 		log_warn("strdup");
678 		free(nfile);
679 		return (NULL);
680 	}
681 	nfile->stream = fopen(nfile->name, "r");
682 	if (nfile->stream == NULL) {
683 		/* no warning, we don't require a conf file */
684 		free(nfile->name);
685 		free(nfile);
686 		return (NULL);
687 	} else if (secret &&
688 	    check_file_secrecy(fileno(nfile->stream), nfile->name)) {
689 		fclose(nfile->stream);
690 		free(nfile->name);
691 		free(nfile);
692 		return (NULL);
693 	}
694 	nfile->lineno = 1;
695 	return (nfile);
696 }
697 
698 static void
699 closefile(struct file *xfile)
700 {
701 	fclose(xfile->stream);
702 	free(xfile->name);
703 	free(xfile);
704 }
705 
706 int
707 parse_config(const char *filename, enum gotd_procid proc_id,
708     struct gotd *env)
709 {
710 	struct sym *sym, *next;
711 	struct gotd_repo *repo;
712 
713 	memset(env, 0, sizeof(*env));
714 
715 	gotd = env;
716 	gotd_proc_id = proc_id;
717 	TAILQ_INIT(&gotd->repos);
718 
719 	/* Apply default values. */
720 	if (strlcpy(gotd->unix_socket_path, GOTD_UNIX_SOCKET,
721 	    sizeof(gotd->unix_socket_path)) >= sizeof(gotd->unix_socket_path)) {
722 		fprintf(stderr, "%s: unix socket path too long", __func__);
723 		return -1;
724 	}
725 	if (strlcpy(gotd->unix_group_name, GOTD_UNIX_GROUP,
726 	    sizeof(gotd->unix_group_name)) >= sizeof(gotd->unix_group_name)) {
727 		fprintf(stderr, "%s: unix group name too long", __func__);
728 		return -1;
729 	}
730 	if (strlcpy(gotd->user_name, GOTD_USER,
731 	    sizeof(gotd->user_name)) >= sizeof(gotd->user_name)) {
732 		fprintf(stderr, "%s: user name too long", __func__);
733 		return -1;
734 	}
735 
736 	gotd->request_timeout.tv_sec = GOTD_DEFAULT_REQUEST_TIMEOUT;
737 	gotd->request_timeout.tv_usec = 0;
738 
739 	file = newfile(filename, 0);
740 	if (file == NULL) {
741 		/* just return, as we don't require a conf file */
742 		return (0);
743 	}
744 
745 	yyparse();
746 	errors = file->errors;
747 	closefile(file);
748 
749 	/* Free macros and check which have not been used. */
750 	TAILQ_FOREACH_SAFE(sym, &symhead, entry, next) {
751 		if ((gotd->verbosity > 1) && !sym->used)
752 			fprintf(stderr, "warning: macro '%s' not used\n",
753 			    sym->nam);
754 		if (!sym->persist) {
755 			free(sym->nam);
756 			free(sym->val);
757 			TAILQ_REMOVE(&symhead, sym, entry);
758 			free(sym);
759 		}
760 	}
761 
762 	if (errors)
763 		return (-1);
764 
765 	TAILQ_FOREACH(repo, &gotd->repos, entry) {
766 		if (repo->path[0] == '\0') {
767 			log_warnx("repository \"%s\": no path provided in "
768 			    "configuration file", repo->name);
769 			return (-1);
770 		}
771 	}
772 
773 	return (0);
774 }
775 
776 static int
777 uid_connection_limit_cmp(const void *pa, const void *pb)
778 {
779 	const struct gotd_uid_connection_limit *a = pa, *b = pb;
780 
781 	if (a->uid < b->uid)
782 		return -1;
783 	else if (a->uid > b->uid);
784 		return 1;
785 
786 	return 0;
787 }
788 
789 static int
790 conf_limit_user_connections(const char *user, int maximum)
791 {
792 	uid_t uid;
793 	struct gotd_uid_connection_limit *limit;
794 	size_t nlimits;
795 
796 	if (maximum < 1) {
797 		yyerror("max connections cannot be smaller 1");
798 		return -1;
799 	}
800 	if (maximum > GOTD_MAXCLIENTS) {
801 		yyerror("max connections must be <= %d", GOTD_MAXCLIENTS);
802 		return -1;
803 	}
804 
805 	if (gotd_auth_parseuid(user, &uid) == -1) {
806 		yyerror("%s: no such user", user);
807 		return -1;
808 	}
809 
810 	limit = gotd_find_uid_connection_limit(gotd->connection_limits,
811 	    gotd->nconnection_limits, uid);
812 	if (limit) {
813 		limit->max_connections = maximum;
814 		return 0;
815 	}
816 
817 	limit = gotd->connection_limits;
818 	nlimits = gotd->nconnection_limits + 1;
819 	limit = reallocarray(limit, nlimits, sizeof(*limit));
820 	if (limit == NULL)
821 		fatal("reallocarray");
822 
823 	limit[nlimits - 1].uid = uid;
824 	limit[nlimits - 1].max_connections = maximum;
825 
826 	gotd->connection_limits = limit;
827 	gotd->nconnection_limits = nlimits;
828 	qsort(gotd->connection_limits, gotd->nconnection_limits,
829 	    sizeof(gotd->connection_limits[0]), uid_connection_limit_cmp);
830 
831 	return 0;
832 }
833 
834 static struct gotd_repo *
835 conf_new_repo(const char *name)
836 {
837 	struct gotd_repo *repo;
838 
839 	if (name[0] == '\0') {
840 		fatalx("syntax error: empty repository name found in %s",
841 		    file->name);
842 	}
843 
844 	if (strchr(name, '\n') != NULL)
845 		fatalx("repository names must not contain linefeeds: %s", name);
846 
847 	repo = calloc(1, sizeof(*repo));
848 	if (repo == NULL)
849 		fatalx("%s: calloc", __func__);
850 
851 	STAILQ_INIT(&repo->rules);
852 
853 	if (strlcpy(repo->name, name, sizeof(repo->name)) >=
854 	    sizeof(repo->name))
855 		fatalx("%s: strlcpy", __func__);
856 
857 	TAILQ_INSERT_TAIL(&gotd->repos, repo, entry);
858 	gotd->nrepos++;
859 
860 	return repo;
861 };
862 
863 static void
864 conf_new_access_rule(struct gotd_repo *repo, enum gotd_access access,
865     int authorization, char *identifier)
866 {
867 	struct gotd_access_rule *rule;
868 
869 	rule = calloc(1, sizeof(*rule));
870 	if (rule == NULL)
871 		fatal("calloc");
872 
873 	rule->access = access;
874 	rule->authorization = authorization;
875 	rule->identifier = identifier;
876 
877 	STAILQ_INSERT_TAIL(&repo->rules, rule, entry);
878 }
879 
880 int
881 symset(const char *nam, const char *val, int persist)
882 {
883 	struct sym *sym;
884 
885 	TAILQ_FOREACH(sym, &symhead, entry) {
886 		if (strcmp(nam, sym->nam) == 0)
887 			break;
888 	}
889 
890 	if (sym != NULL) {
891 		if (sym->persist == 1)
892 			return (0);
893 		else {
894 			free(sym->nam);
895 			free(sym->val);
896 			TAILQ_REMOVE(&symhead, sym, entry);
897 			free(sym);
898 		}
899 	}
900 	sym = calloc(1, sizeof(*sym));
901 	if (sym == NULL)
902 		return (-1);
903 
904 	sym->nam = strdup(nam);
905 	if (sym->nam == NULL) {
906 		free(sym);
907 		return (-1);
908 	}
909 	sym->val = strdup(val);
910 	if (sym->val == NULL) {
911 		free(sym->nam);
912 		free(sym);
913 		return (-1);
914 	}
915 	sym->used = 0;
916 	sym->persist = persist;
917 	TAILQ_INSERT_TAIL(&symhead, sym, entry);
918 	return (0);
919 }
920 
921 char *
922 symget(const char *nam)
923 {
924 	struct sym *sym;
925 
926 	TAILQ_FOREACH(sym, &symhead, entry) {
927 		if (strcmp(nam, sym->nam) == 0) {
928 			sym->used = 1;
929 			return (sym->val);
930 		}
931 	}
932 	return (NULL);
933 }