%{
/* $OpenBSD: keynote.l,v 1.18 2009/12/11 17:25:43 deraadt Exp $ */
/*
 * The author of this code is Angelos D. Keromytis (angelos@dsl.cis.upenn.edu)
 *
 * This code was written by Angelos D. Keromytis in Philadelphia, PA, USA,
 * in April-May 1998
 *
 * Copyright (C) 1998, 1999 by Angelos D. Keromytis.
 *	
 * Permission to use, copy, and modify this software with or without fee
 * is hereby granted, provided that this entire notice is included in
 * all copies of any software which is or includes a copy or
 * modification of this software. 
 *
 * THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR
 * IMPLIED WARRANTY. IN PARTICULAR, THE AUTHORS MAKES NO
 * REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE
 * MERCHANTABILITY OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR
 * PURPOSE.
 */

#include <sys/time.h>
#include <sys/types.h>

#include <ctype.h>
#include <regex.h>
#include <string.h>
#include <time.h>
#include <unistd.h>

#include "k.tab.h"
#include "keynote.h"
#include "assertion.h"

static void mystrncpy(char *, char *, int);

struct lex_list
{
    int   lex_type;
    void *lex_s;
};

static struct lex_list *keynote_lex_list = (struct lex_list *) NULL;
static int    keynote_max_lex_list = 32;
static int    keynote_lex_counter = 0;
static int    first_tok = 0;
%}
digit		[0-9]
specnumber      [1-9][0-9]*
number		{digit}+
flt		{digit}+"."{digit}+
vstring		[a-zA-Z_][a-zA-Z0-9_]*
litstring	\"(((\\\n)|(\\.)|([^\\\n\"]))*)\"
variable	{vstring}
comment		"#"[^\n]*
%s ACTIONSTRING LOCALINIT KEYPREDICATE SIGNERINIT KEYNOTEVERSION
%pointer
%option noyywrap never-interactive yylineno
%%
%{
    /*
     * Return a preset token, so we can have more than one grammars
     * in yacc.
     */
    extern int first_tok;
    
    if (first_tok)
    {
	int holdtok = first_tok;
	
	first_tok = 0;
	return holdtok;
    }
%}

<KEYPREDICATE>{specnumber}"-of"		{
					  knlval.intval = atoi(kntext);
					  return KOF;
					}
<ACTIONSTRING,KEYPREDICATE>"("		return OPENPAREN;
<ACTIONSTRING,KEYPREDICATE>")"		return CLOSEPAREN;
<ACTIONSTRING,KEYPREDICATE>"&&"		return AND;
<ACTIONSTRING,KEYPREDICATE>"||"		return OR;
<ACTIONSTRING>"+"			return PLUS;
<ACTIONSTRING>"->"              return HINT;
<ACTIONSTRING>"{"               return OPENBLOCK;
<ACTIONSTRING>"}"               return CLOSEBLOCK;
<ACTIONSTRING>";"               return SEMICOLON;
<ACTIONSTRING>"!"		return NOT;
<ACTIONSTRING>"~="		return REGEXP;
<ACTIONSTRING>"=="		return EQ;
<ACTIONSTRING>"!="		return NE;
<ACTIONSTRING>"<"		return LT;
<ACTIONSTRING>">"		return GT;
<ACTIONSTRING>"<="		return LE;
<ACTIONSTRING>">="		return GE;
<ACTIONSTRING>"-"		return MINUS;
<ACTIONSTRING>"*"		return MULT;
<ACTIONSTRING>"/"		return DIV;
<ACTIONSTRING>"%"		return MOD;
<ACTIONSTRING>"^"		return EXP;
"."		                return DOTT;
<ACTIONSTRING>"true"            return TRUE;
<ACTIONSTRING>"false"           return FALSE;
{comment}		/* eat up comments */
<LOCALINIT>"="	                return EQQ;
<KEYPREDICATE>"," 		return COMMA;
<ACTIONSTRING,KEYPREDICATE,SIGNERINIT,LOCALINIT>{variable} {
					int len;
                                        if (keynote_exceptionflag ||
					    keynote_donteval)
					{
					    knlval.string = (char *) NULL;
					    return VARIABLE;
					}

					len = strlen(kntext) + 1;
					knlval.string = calloc(len, sizeof(char));
                                        if (knlval.string == (char *) NULL)
					{
					    keynote_errno = ERROR_MEMORY;
					    return -1;
					}
		  	          	strlcpy(knlval.string, kntext, len);
					if (keynote_lex_add(knlval.string,
							    LEXTYPE_CHAR) ==
					    -1)
					  return -1;
		  	         	return VARIABLE;
			      	      }
"$"                             return DEREF;
<ACTIONSTRING>"@"	    	return OPENNUM;
<ACTIONSTRING>"&"	    	return OPENFLT;
<ACTIONSTRING>{flt}	      {
				knlval.doubval = atof(kntext);
				return FLOAT;
			      }
<KEYNOTEVERSION>{number}      {
				int len;

                                if (keynote_exceptionflag ||
				    keynote_donteval)
				{
				    knlval.string = (char *) NULL;
				    return STRING;
				}

				len = strlen(kntext) + 1;
				knlval.string = calloc(len, sizeof(char));
                                if (knlval.string == (char *) NULL)
				{
				    keynote_errno = ERROR_MEMORY;
				    return -1;
				}
		  	        strlcpy(knlval.string, kntext, len);
				if (keynote_lex_add(knlval.string,
						    LEXTYPE_CHAR) == -1)
				  return -1;
		  	        return STRING;
			      }
<ACTIONSTRING>{number}	      {
				knlval.intval = atoi(kntext);
				return NUM;
			      }
{litstring}                   {
                                if (keynote_exceptionflag ||
				    keynote_donteval)
				{
				    knlval.string = (char *) NULL;
				    return STRING;
				}
    
				knlval.string = calloc(strlen(kntext) - 1,
						       sizeof(char));
                                if (knlval.string == (char *) NULL)
				{
				    keynote_errno = ERROR_MEMORY;
				    return -1;
				}

				mystrncpy(knlval.string, kntext + 1, 
					  strlen(kntext) - 2);

				if (keynote_lex_add(knlval.string,
						    LEXTYPE_CHAR) == -1)
				  return -1;
				return STRING;
                              }
[ \t\n]
.                             { keynote_errno = ERROR_SYNTAX; 
                                return -1;
				REJECT; /* Avoid -Wall warning. Not reached */
                              }
%%

/*
 * Zap everything.
 */
static void
keynote_lex_zap(void)
{
    int i;
    
    if (keynote_lex_counter == 0)
      return;

    for (i = 0; i < keynote_max_lex_list; i++)
      if (keynote_lex_list[i].lex_s != (void *) NULL)
      {
	  switch (keynote_lex_list[i].lex_type)
	  {
	      case LEXTYPE_CHAR:
	          free(keynote_lex_list[i].lex_s);
		  break;
	  }

	  keynote_lex_counter--;
	  keynote_lex_list[i].lex_s = (void *) NULL;
	  keynote_lex_list[i].lex_type = 0;
      }
}
	
/*
 * Initialize.
 */
static int
keynote_lex_init(void)
{
    if (keynote_lex_list != (struct lex_list *) NULL)
      memset(keynote_lex_list, 0,
	     keynote_max_lex_list * sizeof(struct lex_list));
    else
    {
	keynote_lex_list = (struct lex_list *) calloc(keynote_max_lex_list,
					              sizeof(struct lex_list));
        if (keynote_lex_list == (struct lex_list *) NULL)
	{
	    keynote_errno = ERROR_MEMORY;
	    return -1;
	}
    }

    return RESULT_TRUE;
}

/*
 * Add the string in a list of allocated but "dangling" memory references.
 * If out of memory, free the string and return -1 (and set keynote_errno).
 */
int
keynote_lex_add(void *s, int type)
{
    struct lex_list *p;
    int i;

    if (s == (void *) NULL)
      return RESULT_TRUE;

    for (i = 0; i < keynote_max_lex_list; i++)
      if (keynote_lex_list[i].lex_s == (void *) NULL)
      {
    	  keynote_lex_list[i].lex_s = (void *) s;
	  keynote_lex_list[i].lex_type = type;
	  keynote_lex_counter++;
     	  return RESULT_TRUE;
      }

    /* Not enough space, increase the size of the array */
    keynote_max_lex_list *= 2;

    p = (struct lex_list *) realloc(keynote_lex_list,
				    keynote_max_lex_list *
				    sizeof(struct lex_list));
    if (p == (struct lex_list *) NULL)
    {
	switch (type)
	{
	    case LEXTYPE_CHAR:
	        free(s);
		break;
	}

        keynote_max_lex_list /= 2;
	keynote_errno = ERROR_MEMORY;
        return -1;
    }

    if (p != keynote_lex_list)
 	free(keynote_lex_list);

    keynote_lex_list = p;
    keynote_lex_list[i].lex_s = s;
    keynote_lex_list[i++].lex_type = type;
    keynote_lex_counter++;

    /* Zero out the rest */
    memset(&(keynote_lex_list[i]), 0,
	   (keynote_max_lex_list - i) * sizeof(struct lex_list));

    return RESULT_TRUE;
}

/*
 * Remove string.
 */
void
keynote_lex_remove(void *s)
{
    int i;

    for (i = 0; i < keynote_max_lex_list; i++)
      if (keynote_lex_list[i].lex_s == s)
      {
	  memset(&(keynote_lex_list[i]), 0, sizeof(struct lex_list));
	  keynote_lex_counter--;
	  return;
      }
}

/*
 * Return RESULT_TRUE if character is octal digit, RESULT_FALSE otherwise.
 */
static int
is_octal(char c)
{
    switch (c)
    {
	case '0': case '1': case '2': case '3':
	case '4': case '5': case '6': case '7':
	    return RESULT_TRUE;

	default:
	    return RESULT_FALSE;
    }
}

/*
 * Return octal value (non-zero) if argument starts with such a
 * representation, otherwise 0.
 */
static unsigned char
get_octal(char *s, int len, int *adv)
{
    unsigned char res = 0;

    if (*s == '0')
    {
	if (len > 0)
	{
	    if (is_octal(*(s + 1)))
	    {
		res = *(s + 1) - '0';
		*adv = 2;

		if (is_octal(*(s + 2)) && (len - 1 > 0))
		{
		    res = res * 8 + (*(s + 2) - '0');
		    *adv = 3;
		}
	    }
	}
    }
    else
      if (is_octal(*s) && (len - 1 > 0))  /* Non-zero leading */
      {
	  if (is_octal(*(s + 1)) &&
	      is_octal(*(s + 2)))
	  {
	      *adv = 3;
	      res = (((*s) - '0') * 64) +
		    (((*(s + 1)) - '0') * 8) +
		    ((*(s + 2)) - '0');
	  }
      }

    return res;
}

/*
 * Copy at most len characters to string s1 from string s2, taking
 * care of escaped characters in the process. String s1 is assumed
 * to have enough space, and be zero'ed.
 */
static void
mystrncpy(char *s1, char *s2, int len)
{
    unsigned char c;
    int advance;

    if (len == 0)
      return;

    while (len-- > 0)
    {
        if (*s2 == '\\')
	{
	    s2++;

	    if (len-- <= 0)
	      break;

	    if (*s2 == '\n')
	    {
		while (isspace((int) *(++s2)) && (len-- > 0))
		  ;
	    }
	    else
	      if ((c = get_octal(s2, len, &advance)) != 0)
	      {
		  len -= advance - 1;
		  s2 += advance;
		  *s1++ = c;
	      }
	      else
		if (*s2 == 'n')  /* Newline */
		{
		    *s1++ = '\n';
		    s2++;
		}
		else
		  if (*s2 == 't')  /* Tab */
		  {
		      *s1++ = '\t';
		      s2++;
		  }
		  else
		    if (*s2 == 'r')  /* Linefeed */
		    {
			*s1++ = '\r';
			s2++;
		    }
		    else
		      if (*s2 == 'f')  /* Formfeed */
		      {
			  *s1++ = '\f';
			  s2++;
		      }
		      else
			if ((*s1++ = *s2++) == 0)
			  break;

	    continue;
	}

        if ((*s1++ = *s2++) == 0)
	  break;
     }
}

/* 
 * Evaluate an assertion, with as->as_result holding the result.
 * Return RESULT_TRUE if all ok. Also return the result.
 */
int
keynote_evaluate_assertion(struct assertion *as)
{
    YY_BUFFER_STATE keynote_bs;

    /* Non-existent Conditions field means highest return value */
    if (as->as_conditions_s == (char *) NULL)
    {
	as->as_result = keynote_current_session->ks_values_num - 1;
	return RESULT_TRUE;
    }

    if (keynote_lex_init() != RESULT_TRUE)
      return -1;

    keynote_used_variable = 0;
    keynote_init_list = as->as_env;     /* Setup the local-init var list */

    keynote_bs = kn_scan_bytes(as->as_conditions_s,
			       as->as_conditions_e - as->as_conditions_s);
    BEGIN(ACTIONSTRING);	/* We're doing conditions-string parsing */
    first_tok = ACTSTR;
    as->as_result = 0;
    keynote_returnvalue = 0;
    
    switch (knparse())
    {
	case 1:  /* Fall through */
	    keynote_errno = ERROR_SYNTAX;
	case -1:
	    as->as_result = 0;
	    break;
	    
	case 0:
	    as->as_result = keynote_returnvalue;
	    break;
    }

    keynote_env_cleanup(&keynote_temp_list, 1);
    keynote_lex_zap();
    kn_delete_buffer(keynote_bs);

    keynote_used_variable = 0;
    keynote_returnvalue = 0;
    keynote_temp_list = (struct environment *) NULL;
    keynote_init_list = (struct environment *) NULL;

    if (keynote_errno != 0)
      return -1;
    else
      return RESULT_TRUE;
}

/* 
 * Parse/evaluate a key predicate field. 
 * Store keys in key predicate as keylist in as->as_keylist, if second
 * argument is true.
 */
int
keynote_parse_keypred(struct assertion *as, int record)
{
    YY_BUFFER_STATE keypred_state;
    int p = 0, err;

    if (as->as_keypred_s == (char *) NULL)
      return keynote_current_session->ks_values_num - 1;

    if (keynote_lex_init() != RESULT_TRUE)
      return -1;

    keynote_used_variable = 0;
    keynote_returnvalue = 0;
    keynote_justrecord = record; /* Just want the list of keys in predicate */
    keynote_init_list = as->as_env;

    keypred_state = kn_scan_bytes(as->as_keypred_s,
				  as->as_keypred_e - as->as_keypred_s);
    BEGIN(KEYPREDICATE);
    first_tok = KEYPRE;

    err = knparse();
    if (err != 0)
      if (keynote_errno == 0)
	keynote_errno = ERROR_SYNTAX;

    kn_delete_buffer(keypred_state);
    keynote_lex_zap(); 
    keynote_cleanup_kth();

    keynote_init_list = (struct environment *) NULL;
    keynote_justrecord = 0;
    p = keynote_returnvalue;
    keynote_returnvalue = 0;

    if (record)
    {
	if (keynote_errno != 0)
	{
	    keynote_keylist_free(keynote_keypred_keylist);
	    keynote_keypred_keylist = (struct keylist *) NULL;
	    return -1;
	}
	else
	{
	    /* Mark for re-processing if/when environment changes */
	    if (keynote_used_variable)
	    {
		keynote_used_variable = 0;
		as->as_internalflags |= ASSERT_IFLAG_WEIRDLICS;
	    }

	    if (as->as_keylist)
              keynote_keylist_free(as->as_keylist);
	    as->as_keylist = keynote_keypred_keylist;
	    keynote_keypred_keylist = (struct keylist *) NULL;
	    return RESULT_TRUE;
	}
    }
    else
      return p;
}

/* Evaluate an authorizer or signature field. Return RESULT_TRUE on success.
 * Store key in as->as_authorizer. Second argument is set only for Authorizer
 * field parsing.
 */
int
keynote_evaluate_authorizer(struct assertion *as, int flag)
{
    YY_BUFFER_STATE authorizer_state;
    int err;

    if (keynote_lex_init() != RESULT_TRUE)
      return -1;

    keynote_init_list = as->as_env;
    keynote_justrecord = 1;
    keynote_used_variable = 0;

    if ((flag) && (as->as_authorizer != (void *) NULL))
    {
	keynote_free_key(as->as_authorizer, as->as_signeralgorithm);
	as->as_authorizer = (void *) NULL;
    }

    if (flag)
      authorizer_state = kn_scan_bytes(as->as_authorizer_string_s,
				       as->as_authorizer_string_e -
				       as->as_authorizer_string_s);
    else
      authorizer_state = kn_scan_bytes(as->as_signature_string_s,
				       as->as_signature_string_e -
				       as->as_signature_string_s);

    BEGIN(SIGNERINIT);
    if (flag)
      first_tok = SIGNERKEY;
    else
      first_tok = SIGNATUREENTRY;

    err = knparse();
    if ((err != 0) && (keynote_errno == 0))
      keynote_errno = ERROR_SYNTAX;

    kn_delete_buffer(authorizer_state);
    keynote_lex_zap();

    keynote_justrecord = 0;
    keynote_init_list = (struct environment *) NULL;
    keynote_returnvalue = 0;

    if (keynote_keypred_keylist != (struct keylist *) NULL)
    {
	if (flag)
	{
	    if (keynote_used_variable)
	      as->as_internalflags |= ASSERT_IFLAG_WEIRDAUTH;

	    as->as_authorizer = keynote_keypred_keylist->key_key;
	    as->as_signeralgorithm = keynote_keypred_keylist->key_alg;
	}
	else
	{
	    if (keynote_used_variable)
	      as->as_internalflags |= ASSERT_IFLAG_WEIRDSIG;

	    as->as_signature = keynote_keypred_keylist->key_key;
	}
	
	keynote_keypred_keylist->key_key = (char *) NULL;
	keynote_keylist_free(keynote_keypred_keylist);
	keynote_keypred_keylist = (struct keylist *) NULL;
    }

    keynote_used_variable = 0;

    if (keynote_errno != 0)
      return -1;
    else
      return RESULT_TRUE;
}

/*
 * Exportable front-end to keynote_get_private_key().
 */
char *
kn_get_string(char *buf)
{
    return keynote_get_private_key(buf);
}

/*
 * Parse a private key -- actually, it can deal with any kind of string.
 */
char *
keynote_get_private_key(char *buf)
{
    YY_BUFFER_STATE pkey;
    char *s;
    int err;

    if (keynote_lex_init() != RESULT_TRUE)
      return (char *) NULL;

    keynote_privkey = (char *) NULL;
    pkey = kn_scan_bytes(buf, strlen(buf));
    first_tok = PRIVATEKEY;
    err = knparse();
    kn_delete_buffer(pkey);
    keynote_lex_zap();

    if (err != 0)
    {
	if (keynote_privkey != (char *) NULL)
	{
	    free(keynote_privkey);
	    keynote_privkey = (char *) NULL;
	}

	if (keynote_errno == 0)
	  keynote_errno = ERROR_SYNTAX;

	return (char *) NULL;
    }

    s = keynote_privkey;
    keynote_privkey = (char *) NULL;
    return s;
}

/*
 * Parse Local-Constants and KeyNote-Version fields.
 */
struct environment *
keynote_get_envlist(char *buf, char *bufend, int whichfield)
{
    struct environment *en = (struct environment *) NULL;
    YY_BUFFER_STATE localinit_state;
    int err;

    if (keynote_lex_init() != RESULT_TRUE)
      return (struct environment *) NULL;

    localinit_state = kn_scan_bytes(buf, bufend - buf);
    if (whichfield == 0)
    {
	BEGIN(LOCALINIT);	/* We're doing Local-Constants parsing */
	first_tok = LOCINI;
    }
    else
    {
	BEGIN(KEYNOTEVERSION);	/* KeyNote-Version parsing */
      	first_tok = KNVERSION;
    }

    err = knparse();
    if (err != 0)
      if (keynote_errno == 0)
	keynote_errno = ERROR_SYNTAX;

    kn_delete_buffer(localinit_state);
    keynote_lex_zap();

    if (!whichfield)
    {
	if (keynote_errno != 0)
	  keynote_env_cleanup(&keynote_init_list, 1);
	else
	  en = keynote_init_list;

    	keynote_init_list = (struct environment *) NULL;
    }

    /* Avoid compiler (-Wall) warnings. Never reached. */
    if (0)
    {
	yyunput(0, NULL);
	yy_flex_realloc(0, NULL);
    }

    return en;
}