Jan Engelhardt | aa37acc | 2011-02-07 04:00:50 +0100 | [diff] [blame] | 1 | /* |
| 2 | * Argument parser |
| 3 | * Copyright © Jan Engelhardt, 2011 |
| 4 | * |
| 5 | * This program is free software; you can redistribute it and/or |
| 6 | * modify it under the terms of the GNU General Public License as |
| 7 | * published by the Free Software Foundation; either version 2 of |
| 8 | * the License, or (at your option) any later version. |
| 9 | */ |
| 10 | #include <errno.h> |
| 11 | #include <getopt.h> |
| 12 | #include <limits.h> |
| 13 | #include <netdb.h> |
| 14 | #include <stdbool.h> |
| 15 | #include <stdint.h> |
| 16 | #include <stdio.h> |
| 17 | #include <stdlib.h> |
| 18 | #include <string.h> |
| 19 | #include <arpa/inet.h> |
| 20 | #include "xtables.h" |
| 21 | #include "xshared.h" |
| 22 | |
| 23 | #define XTOPT_MKPTR(cb) \ |
| 24 | ((void *)((char *)(cb)->data + (cb)->entry->ptroff)) |
| 25 | |
| 26 | /** |
| 27 | * Creates getopt options from the x6-style option map, and assigns each a |
| 28 | * getopt id. |
| 29 | */ |
| 30 | struct option * |
| 31 | xtables_options_xfrm(struct option *orig_opts, struct option *oldopts, |
| 32 | const struct xt_option_entry *entry, unsigned int *offset) |
| 33 | { |
| 34 | unsigned int num_orig, num_old = 0, num_new, i; |
| 35 | struct option *merge, *mp; |
| 36 | |
| 37 | if (entry == NULL) |
| 38 | return oldopts; |
| 39 | for (num_orig = 0; orig_opts[num_orig].name != NULL; ++num_orig) |
| 40 | ; |
| 41 | if (oldopts != NULL) |
| 42 | for (num_old = 0; oldopts[num_old].name != NULL; ++num_old) |
| 43 | ; |
| 44 | for (num_new = 0; entry[num_new].name != NULL; ++num_new) |
| 45 | ; |
| 46 | |
| 47 | /* |
| 48 | * Since @oldopts also has @orig_opts already (and does so at the |
| 49 | * start), skip these entries. |
| 50 | */ |
| 51 | oldopts += num_orig; |
| 52 | num_old -= num_orig; |
| 53 | |
| 54 | merge = malloc(sizeof(*mp) * (num_orig + num_old + num_new + 1)); |
| 55 | if (merge == NULL) |
| 56 | return NULL; |
| 57 | |
| 58 | /* Let the base options -[ADI...] have precedence over everything */ |
| 59 | memcpy(merge, orig_opts, sizeof(*mp) * num_orig); |
| 60 | mp = merge + num_orig; |
| 61 | |
| 62 | /* Second, the new options */ |
| 63 | xt_params->option_offset += XT_OPTION_OFFSET_SCALE; |
| 64 | *offset = xt_params->option_offset; |
| 65 | |
| 66 | for (i = 0; i < num_new; ++i, ++mp, ++entry) { |
| 67 | mp->name = entry->name; |
| 68 | mp->has_arg = entry->type != XTTYPE_NONE; |
| 69 | mp->flag = NULL; |
| 70 | mp->val = entry->id + *offset; |
| 71 | } |
| 72 | |
| 73 | /* Third, the old options */ |
| 74 | memcpy(mp, oldopts, sizeof(*mp) * num_old); |
| 75 | mp += num_old; |
| 76 | xtables_free_opts(0); |
| 77 | |
| 78 | /* Clear trailing entry */ |
| 79 | memset(mp, 0, sizeof(*mp)); |
| 80 | return merge; |
| 81 | } |
| 82 | |
Jan Engelhardt | a93142d | 2011-02-16 01:22:25 +0100 | [diff] [blame] | 83 | /** |
| 84 | * Require a simple integer. |
| 85 | */ |
| 86 | static void xtopt_parse_int(struct xt_option_call *cb) |
| 87 | { |
| 88 | const struct xt_option_entry *entry = cb->entry; |
| 89 | unsigned int lmin = 0, lmax = UINT32_MAX; |
| 90 | unsigned int value; |
| 91 | |
Jan Engelhardt | dfe99f1 | 2011-02-27 19:03:28 +0100 | [diff] [blame] | 92 | if (entry->type == XTTYPE_UINT8) |
| 93 | lmax = UINT8_MAX; |
Jan Engelhardt | d78254d | 2011-02-27 17:38:34 +0100 | [diff] [blame] | 94 | if (cb->entry->min != 0) |
| 95 | lmin = cb->entry->min; |
| 96 | if (cb->entry->max != 0) |
| 97 | lmax = cb->entry->max; |
| 98 | |
Jan Engelhardt | a93142d | 2011-02-16 01:22:25 +0100 | [diff] [blame] | 99 | if (!xtables_strtoui(cb->arg, NULL, &value, lmin, lmax)) |
| 100 | xt_params->exit_err(PARAMETER_PROBLEM, |
| 101 | "%s: bad value for option \"--%s\", " |
| 102 | "or out of range (%u-%u).\n", |
| 103 | cb->ext_name, entry->name, lmin, lmax); |
| 104 | |
Jan Engelhardt | dfe99f1 | 2011-02-27 19:03:28 +0100 | [diff] [blame] | 105 | if (entry->type == XTTYPE_UINT8) { |
| 106 | cb->val.u8 = value; |
| 107 | if (entry->flags & XTOPT_PUT) |
| 108 | *(uint8_t *)XTOPT_MKPTR(cb) = cb->val.u8; |
| 109 | } else if (entry->type == XTTYPE_UINT32) { |
Jan Engelhardt | a93142d | 2011-02-16 01:22:25 +0100 | [diff] [blame] | 110 | cb->val.u32 = value; |
| 111 | if (entry->flags & XTOPT_PUT) |
| 112 | *(uint32_t *)XTOPT_MKPTR(cb) = cb->val.u32; |
| 113 | } |
| 114 | } |
| 115 | |
Jan Engelhardt | 04bb988 | 2011-02-27 23:41:10 +0100 | [diff] [blame^] | 116 | /** |
| 117 | * Multiple integer parse routine. |
| 118 | * |
| 119 | * This function is capable of parsing any number of fields. Only the first |
| 120 | * two values from the string will be put into @cb however (and as such, |
| 121 | * @cb->val.uXX_range is just that large) to cater for the few extensions that |
| 122 | * do not have a range[2] field, but {min, max}, and which cannot use |
| 123 | * XTOPT_POINTER. |
| 124 | */ |
| 125 | static void xtopt_parse_mint(struct xt_option_call *cb) |
| 126 | { |
| 127 | const struct xt_option_entry *entry = cb->entry; |
| 128 | const char *arg = cb->arg; |
| 129 | uint32_t *put = XTOPT_MKPTR(cb); |
| 130 | unsigned int maxiter, value; |
| 131 | char *end = ""; |
| 132 | char sep = ':'; |
| 133 | |
| 134 | maxiter = entry->size / sizeof(uint32_t); |
| 135 | if (maxiter == 0) |
| 136 | maxiter = 2; /* ARRAY_SIZE(cb->val.uXX_range) */ |
| 137 | if (entry->size % sizeof(uint32_t) != 0) |
| 138 | xt_params->exit_err(OTHER_PROBLEM, "%s: memory block does " |
| 139 | "not have proper size\n", __func__); |
| 140 | |
| 141 | cb->nvals = 0; |
| 142 | for (arg = cb->arg; ; arg = end + 1) { |
| 143 | if (cb->nvals == maxiter) |
| 144 | xt_params->exit_err(PARAMETER_PROBLEM, "%s: Too many " |
| 145 | "components for option \"--%s\" (max: %u)\n", |
| 146 | cb->ext_name, entry->name, maxiter); |
| 147 | if (!xtables_strtoui(arg, &end, &value, 0, UINT32_MAX)) |
| 148 | xt_params->exit_err(PARAMETER_PROBLEM, |
| 149 | "%s: bad value for option \"--%s\", " |
| 150 | "or out of range (0-%u).\n", |
| 151 | cb->ext_name, entry->name, UINT32_MAX); |
| 152 | if (*end != '\0' && *end != sep) |
| 153 | xt_params->exit_err(PARAMETER_PROBLEM, |
| 154 | "%s: Argument to \"--%s\" has unexpected " |
| 155 | "characters.\n", cb->ext_name, entry->name); |
| 156 | ++cb->nvals; |
| 157 | if (cb->nvals < ARRAY_SIZE(cb->val.u32_range)) |
| 158 | cb->val.u32_range[cb->nvals] = value; |
| 159 | if (entry->flags & XTOPT_PUT) |
| 160 | *put++ = value; |
| 161 | if (*end == '\0') |
| 162 | break; |
| 163 | } |
| 164 | } |
| 165 | |
Jan Engelhardt | aa37acc | 2011-02-07 04:00:50 +0100 | [diff] [blame] | 166 | static void (*const xtopt_subparse[])(struct xt_option_call *) = { |
Jan Engelhardt | dfe99f1 | 2011-02-27 19:03:28 +0100 | [diff] [blame] | 167 | [XTTYPE_UINT8] = xtopt_parse_int, |
Jan Engelhardt | a93142d | 2011-02-16 01:22:25 +0100 | [diff] [blame] | 168 | [XTTYPE_UINT32] = xtopt_parse_int, |
Jan Engelhardt | 04bb988 | 2011-02-27 23:41:10 +0100 | [diff] [blame^] | 169 | [XTTYPE_UINT32RC] = xtopt_parse_mint, |
Jan Engelhardt | aa37acc | 2011-02-07 04:00:50 +0100 | [diff] [blame] | 170 | }; |
| 171 | |
| 172 | static const size_t xtopt_psize[] = { |
Jan Engelhardt | dfe99f1 | 2011-02-27 19:03:28 +0100 | [diff] [blame] | 173 | [XTTYPE_UINT8] = sizeof(uint8_t), |
Jan Engelhardt | a93142d | 2011-02-16 01:22:25 +0100 | [diff] [blame] | 174 | [XTTYPE_UINT32] = sizeof(uint32_t), |
Jan Engelhardt | 04bb988 | 2011-02-27 23:41:10 +0100 | [diff] [blame^] | 175 | [XTTYPE_UINT32RC] = sizeof(uint32_t[2]), |
Jan Engelhardt | aa37acc | 2011-02-07 04:00:50 +0100 | [diff] [blame] | 176 | }; |
| 177 | |
| 178 | /** |
| 179 | * The master option parsing routine. May be used for the ".x6_parse" |
| 180 | * function pointer in extensions if fully automatic parsing is desired. |
| 181 | * It may be also called manually from a custom x6_parse function. |
| 182 | */ |
| 183 | void xtables_option_parse(struct xt_option_call *cb) |
| 184 | { |
| 185 | const struct xt_option_entry *entry = cb->entry; |
| 186 | unsigned int eflag = 1 << cb->entry->id; |
| 187 | |
| 188 | /* |
| 189 | * With {.id = P_FOO, .excl = P_FOO} we can have simple double-use |
| 190 | * prevention. Though it turned out that this is too much typing (most |
| 191 | * of the options are one-time use only), so now we also have |
| 192 | * %XTOPT_MULTI. |
| 193 | */ |
| 194 | if ((!(entry->flags & XTOPT_MULTI) || (entry->excl & eflag)) && |
| 195 | cb->xflags & eflag) |
| 196 | xt_params->exit_err(PARAMETER_PROBLEM, |
| 197 | "%s: option \"--%s\" can only be used once.\n", |
| 198 | cb->ext_name, cb->entry->name); |
| 199 | if (cb->invert && !(entry->flags & XTOPT_INVERT)) |
| 200 | xt_params->exit_err(PARAMETER_PROBLEM, |
| 201 | "%s: option \"--%s\" cannot be inverted.\n", |
| 202 | cb->ext_name, entry->name); |
| 203 | if (entry->type != XTTYPE_NONE && optarg == NULL) |
| 204 | xt_params->exit_err(PARAMETER_PROBLEM, |
| 205 | "%s: option \"--%s\" requires an argument.\n", |
| 206 | cb->ext_name, entry->name); |
| 207 | if (entry->type <= ARRAY_SIZE(xtopt_subparse) && |
| 208 | xtopt_subparse[entry->type] != NULL) |
| 209 | xtopt_subparse[entry->type](cb); |
| 210 | /* Exclusion with other flags tested later in finalize. */ |
| 211 | cb->xflags |= 1 << entry->id; |
| 212 | } |
| 213 | |
| 214 | /** |
| 215 | * Verifies that an extension's option map descriptor is valid, and ought to |
| 216 | * be called right after the extension has been loaded, and before option |
| 217 | * merging/xfrm. |
| 218 | */ |
| 219 | void xtables_option_metavalidate(const char *name, |
| 220 | const struct xt_option_entry *entry) |
| 221 | { |
| 222 | for (; entry->name != NULL; ++entry) { |
| 223 | if (entry->id >= CHAR_BIT * sizeof(unsigned int) || |
| 224 | entry->id >= XT_OPTION_OFFSET_SCALE) |
| 225 | xt_params->exit_err(OTHER_PROBLEM, |
| 226 | "Extension %s uses invalid ID %u\n", |
| 227 | name, entry->id); |
| 228 | if (!(entry->flags & XTOPT_PUT)) |
| 229 | continue; |
| 230 | if (entry->type >= ARRAY_SIZE(xtopt_psize)) |
| 231 | xt_params->exit_err(OTHER_PROBLEM, |
| 232 | "%s: entry type of option \"--%s\" cannot be " |
| 233 | "combined with XTOPT_PUT\n", |
| 234 | name, entry->name); |
Jan Engelhardt | 04bb988 | 2011-02-27 23:41:10 +0100 | [diff] [blame^] | 235 | if (xtopt_psize[entry->type] != -1 && |
| 236 | xtopt_psize[entry->type] != entry->size) |
Jan Engelhardt | aa37acc | 2011-02-07 04:00:50 +0100 | [diff] [blame] | 237 | xt_params->exit_err(OTHER_PROBLEM, |
| 238 | "%s: option \"--%s\" points to a memory block " |
| 239 | "of wrong size (expected %zu, got %zu)\n", |
| 240 | name, entry->name, |
| 241 | xtopt_psize[entry->type], entry->size); |
| 242 | } |
| 243 | } |
| 244 | |
| 245 | /** |
| 246 | * Find an option entry by its id. |
| 247 | */ |
| 248 | static const struct xt_option_entry * |
| 249 | xtables_option_lookup(const struct xt_option_entry *entry, unsigned int id) |
| 250 | { |
| 251 | for (; entry->name != NULL; ++entry) |
| 252 | if (entry->id == id) |
| 253 | return entry; |
| 254 | return NULL; |
| 255 | } |
| 256 | |
| 257 | /** |
| 258 | * @c: getopt id (i.e. with offset) |
| 259 | * @fw: struct ipt_entry or ip6t_entry |
| 260 | * |
| 261 | * Dispatch arguments to the appropriate parse function, based upon the |
| 262 | * extension's choice of API. |
| 263 | */ |
| 264 | void xtables_option_tpcall(unsigned int c, char **argv, bool invert, |
| 265 | struct xtables_target *t, void *fw) |
| 266 | { |
| 267 | struct xt_option_call cb; |
| 268 | |
| 269 | if (t->x6_parse == NULL) { |
| 270 | if (t->parse != NULL) |
| 271 | t->parse(c - t->option_offset, argv, invert, |
| 272 | &t->tflags, fw, &t->t); |
| 273 | return; |
| 274 | } |
| 275 | |
| 276 | c -= t->option_offset; |
| 277 | cb.entry = xtables_option_lookup(t->x6_options, c); |
| 278 | if (cb.entry == NULL) |
| 279 | xtables_error(OTHER_PROBLEM, |
| 280 | "Extension does not know id %u\n", c); |
| 281 | cb.arg = optarg; |
| 282 | cb.invert = invert; |
| 283 | cb.ext_name = t->name; |
| 284 | cb.data = t->t->data; |
| 285 | cb.xflags = t->tflags; |
| 286 | t->x6_parse(&cb); |
| 287 | t->tflags = cb.xflags; |
| 288 | } |
| 289 | |
| 290 | /** |
| 291 | * @c: getopt id (i.e. with offset) |
| 292 | * @fw: struct ipt_entry or ip6t_entry |
| 293 | * |
| 294 | * Dispatch arguments to the appropriate parse function, based upon the |
| 295 | * extension's choice of API. |
| 296 | */ |
| 297 | void xtables_option_mpcall(unsigned int c, char **argv, bool invert, |
| 298 | struct xtables_match *m, void *fw) |
| 299 | { |
| 300 | struct xt_option_call cb; |
| 301 | |
| 302 | if (m->x6_parse == NULL) { |
| 303 | if (m->parse != NULL) |
| 304 | m->parse(c - m->option_offset, argv, invert, |
| 305 | &m->mflags, fw, &m->m); |
| 306 | return; |
| 307 | } |
| 308 | |
| 309 | c -= m->option_offset; |
| 310 | cb.entry = xtables_option_lookup(m->x6_options, c); |
| 311 | if (cb.entry == NULL) |
| 312 | xtables_error(OTHER_PROBLEM, |
| 313 | "Extension does not know id %u\n", c); |
| 314 | cb.arg = optarg; |
| 315 | cb.invert = invert; |
| 316 | cb.ext_name = m->name; |
| 317 | cb.data = m->m->data; |
| 318 | cb.xflags = m->mflags; |
| 319 | m->x6_parse(&cb); |
| 320 | m->mflags = cb.xflags; |
| 321 | } |
| 322 | |
| 323 | /** |
| 324 | * @name: name of extension |
| 325 | * @entry: current option (from all ext's entries) being validated |
| 326 | * @xflags: flags the extension has collected |
| 327 | * @i: conflicting option (id) to test for |
| 328 | */ |
| 329 | static void |
| 330 | xtables_option_fcheck2(const char *name, const struct xt_option_entry *entry, |
| 331 | const struct xt_option_entry *other, |
| 332 | unsigned int xflags) |
| 333 | { |
| 334 | unsigned int ef = 1 << entry->id, of = 1 << other->id; |
| 335 | |
| 336 | if (entry->also & of && !(xflags & of)) |
| 337 | xt_params->exit_err(PARAMETER_PROBLEM, |
| 338 | "%s: option \"--%s\" also requires \"--%s\".\n", |
| 339 | name, entry->name, other->name); |
| 340 | |
| 341 | if (!(entry->excl & of)) |
| 342 | /* Use of entry does not collide with other option, good. */ |
| 343 | return; |
| 344 | if ((xflags & (ef | of)) != (ef | of)) |
| 345 | /* Conflicting options were not used. */ |
| 346 | return; |
| 347 | |
| 348 | xt_params->exit_err(PARAMETER_PROBLEM, |
| 349 | "%s: option \"--%s\" cannot be used together with \"--%s\".\n", |
| 350 | name, entry->name, other->name); |
| 351 | } |
| 352 | |
| 353 | /** |
| 354 | * @name: name of extension |
| 355 | * @xflags: accumulated flags |
| 356 | * @entry: extension's option table |
| 357 | * |
| 358 | * Check that all option constraints have been met. This effectively replaces |
| 359 | * ->final_check of the older API. |
| 360 | */ |
| 361 | void xtables_options_fcheck(const char *name, unsigned int xflags, |
| 362 | const struct xt_option_entry *table) |
| 363 | { |
| 364 | const struct xt_option_entry *entry, *other; |
| 365 | unsigned int i; |
| 366 | |
| 367 | for (entry = table; entry->name != NULL; ++entry) { |
| 368 | if (entry->flags & XTOPT_MAND && |
| 369 | !(xflags & (1 << entry->id))) |
| 370 | xt_params->exit_err(PARAMETER_PROBLEM, |
| 371 | "%s: option \"--%s\" must be specified\n", |
| 372 | name, entry->name); |
| 373 | |
| 374 | for (i = 0; i < CHAR_BIT * sizeof(entry->id); ++i) { |
| 375 | if (entry->id == i) |
| 376 | /* |
| 377 | * Avoid conflict with self. Multi-use check |
| 378 | * was done earlier in xtables_option_parse. |
| 379 | */ |
| 380 | continue; |
| 381 | other = xtables_option_lookup(table, i); |
| 382 | if (other == NULL) |
| 383 | continue; |
| 384 | xtables_option_fcheck2(name, entry, other, xflags); |
| 385 | } |
| 386 | } |
| 387 | } |
Jan Engelhardt | 3af739b | 2011-02-10 16:57:37 +0100 | [diff] [blame] | 388 | |
| 389 | /** |
| 390 | * Dispatch arguments to the appropriate final_check function, based upon the |
| 391 | * extension's choice of API. |
| 392 | */ |
| 393 | void xtables_option_tfcall(struct xtables_target *t) |
| 394 | { |
| 395 | if (t->x6_fcheck != NULL) { |
| 396 | struct xt_fcheck_call cb; |
| 397 | |
| 398 | cb.ext_name = t->name; |
| 399 | cb.data = t->t->data; |
| 400 | cb.xflags = t->tflags; |
| 401 | t->x6_fcheck(&cb); |
| 402 | } else if (t->final_check != NULL) { |
| 403 | t->final_check(t->tflags); |
| 404 | } |
| 405 | if (t->x6_options != NULL) |
| 406 | xtables_options_fcheck(t->name, t->tflags, t->x6_options); |
| 407 | } |
| 408 | |
| 409 | /** |
| 410 | * Dispatch arguments to the appropriate final_check function, based upon the |
| 411 | * extension's choice of API. |
| 412 | */ |
| 413 | void xtables_option_mfcall(struct xtables_match *m) |
| 414 | { |
| 415 | if (m->x6_fcheck != NULL) { |
| 416 | struct xt_fcheck_call cb; |
| 417 | |
| 418 | cb.ext_name = m->name; |
| 419 | cb.data = m->m->data; |
| 420 | cb.xflags = m->mflags; |
| 421 | m->x6_fcheck(&cb); |
| 422 | } else if (m->final_check != NULL) { |
| 423 | m->final_check(m->mflags); |
| 424 | } |
| 425 | if (m->x6_options != NULL) |
| 426 | xtables_options_fcheck(m->name, m->mflags, m->x6_options); |
| 427 | } |