Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / iptables / 04bb988275ac76815a15788a7fc75ac78f3bb833 / . / xtoptions.c
blob: 03c629e06b9c42fff1c35a73f3b2770545047df5 [file] [log] [blame]
Jan Engelhardtaa37acc2011-02-07 04:00:50 +0100[diff] [blame]1/*
2 * Argument parser
3 * Copyright © Jan Engelhardt, 2011
4 *
5 * This program is free software; you can redistribute it and/or
6 * modify it under the terms of the GNU General Public License as
7 * published by the Free Software Foundation; either version 2 of
8 * the License, or (at your option) any later version.
9 */
10#include <errno.h>
11#include <getopt.h>
12#include <limits.h>
13#include <netdb.h>
14#include <stdbool.h>
15#include <stdint.h>
16#include <stdio.h>
17#include <stdlib.h>
18#include <string.h>
19#include <arpa/inet.h>
20#include "xtables.h"
21#include "xshared.h"
22
23#define XTOPT_MKPTR(cb) \
24 ((void *)((char *)(cb)->data + (cb)->entry->ptroff))
25
26/**
27 * Creates getopt options from the x6-style option map, and assigns each a
28 * getopt id.
29 */
30struct option *
31xtables_options_xfrm(struct option *orig_opts, struct option *oldopts,
32 const struct xt_option_entry *entry, unsigned int *offset)
33{
34 unsigned int num_orig, num_old = 0, num_new, i;
35 struct option *merge, *mp;
36
37 if (entry == NULL)
38 return oldopts;
39 for (num_orig = 0; orig_opts[num_orig].name != NULL; ++num_orig)
40 ;
41 if (oldopts != NULL)
42 for (num_old = 0; oldopts[num_old].name != NULL; ++num_old)
43 ;
44 for (num_new = 0; entry[num_new].name != NULL; ++num_new)
45 ;
46
47 /*
48 * Since @oldopts also has @orig_opts already (and does so at the
49 * start), skip these entries.
50 */
51 oldopts += num_orig;
52 num_old -= num_orig;
53
54 merge = malloc(sizeof(*mp) * (num_orig + num_old + num_new + 1));
55 if (merge == NULL)
56 return NULL;
57
58 /* Let the base options -[ADI...] have precedence over everything */
59 memcpy(merge, orig_opts, sizeof(*mp) * num_orig);
60 mp = merge + num_orig;
61
62 /* Second, the new options */
63 xt_params->option_offset += XT_OPTION_OFFSET_SCALE;
64 *offset = xt_params->option_offset;
65
66 for (i = 0; i < num_new; ++i, ++mp, ++entry) {
67 mp->name = entry->name;
68 mp->has_arg = entry->type != XTTYPE_NONE;
69 mp->flag = NULL;
70 mp->val = entry->id + *offset;
71 }
72
73 /* Third, the old options */
74 memcpy(mp, oldopts, sizeof(*mp) * num_old);
75 mp += num_old;
76 xtables_free_opts(0);
77
78 /* Clear trailing entry */
79 memset(mp, 0, sizeof(*mp));
80 return merge;
81}
82
Jan Engelhardta93142d2011-02-16 01:22:25 +0100[diff] [blame]83/**
84 * Require a simple integer.
85 */
86static void xtopt_parse_int(struct xt_option_call *cb)
87{
88 const struct xt_option_entry *entry = cb->entry;
89 unsigned int lmin = 0, lmax = UINT32_MAX;
90 unsigned int value;
91
Jan Engelhardtdfe99f12011-02-27 19:03:28 +0100[diff] [blame]92 if (entry->type == XTTYPE_UINT8)
93 lmax = UINT8_MAX;
Jan Engelhardtd78254d2011-02-27 17:38:34 +0100[diff] [blame]94 if (cb->entry->min != 0)
95 lmin = cb->entry->min;
96 if (cb->entry->max != 0)
97 lmax = cb->entry->max;
98
Jan Engelhardta93142d2011-02-16 01:22:25 +0100[diff] [blame]99 if (!xtables_strtoui(cb->arg, NULL, &value, lmin, lmax))
100 xt_params->exit_err(PARAMETER_PROBLEM,
101 "%s: bad value for option \"--%s\", "
102 "or out of range (%u-%u).\n",
103 cb->ext_name, entry->name, lmin, lmax);
104
Jan Engelhardtdfe99f12011-02-27 19:03:28 +0100[diff] [blame]105 if (entry->type == XTTYPE_UINT8) {
106 cb->val.u8 = value;
107 if (entry->flags & XTOPT_PUT)
108 *(uint8_t *)XTOPT_MKPTR(cb) = cb->val.u8;
109 } else if (entry->type == XTTYPE_UINT32) {
Jan Engelhardta93142d2011-02-16 01:22:25 +0100[diff] [blame]110 cb->val.u32 = value;
111 if (entry->flags & XTOPT_PUT)
112 *(uint32_t *)XTOPT_MKPTR(cb) = cb->val.u32;
113 }
114}
115
Jan Engelhardt04bb9882011-02-27 23:41:10 +0100[diff] [blame^]116/**
117 * Multiple integer parse routine.
118 *
119 * This function is capable of parsing any number of fields. Only the first
120 * two values from the string will be put into @cb however (and as such,
121 * @cb->val.uXX_range is just that large) to cater for the few extensions that
122 * do not have a range[2] field, but {min, max}, and which cannot use
123 * XTOPT_POINTER.
124 */
125static void xtopt_parse_mint(struct xt_option_call *cb)
126{
127 const struct xt_option_entry *entry = cb->entry;
128 const char *arg = cb->arg;
129 uint32_t *put = XTOPT_MKPTR(cb);
130 unsigned int maxiter, value;
131 char *end = "";
132 char sep = ':';
133
134 maxiter = entry->size / sizeof(uint32_t);
135 if (maxiter == 0)
136 maxiter = 2; /* ARRAY_SIZE(cb->val.uXX_range) */
137 if (entry->size % sizeof(uint32_t) != 0)
138 xt_params->exit_err(OTHER_PROBLEM, "%s: memory block does "
139 "not have proper size\n", __func__);
140
141 cb->nvals = 0;
142 for (arg = cb->arg; ; arg = end + 1) {
143 if (cb->nvals == maxiter)
144 xt_params->exit_err(PARAMETER_PROBLEM, "%s: Too many "
145 "components for option \"--%s\" (max: %u)\n",
146 cb->ext_name, entry->name, maxiter);
147 if (!xtables_strtoui(arg, &end, &value, 0, UINT32_MAX))
148 xt_params->exit_err(PARAMETER_PROBLEM,
149 "%s: bad value for option \"--%s\", "
150 "or out of range (0-%u).\n",
151 cb->ext_name, entry->name, UINT32_MAX);
152 if (*end != '\0' && *end != sep)
153 xt_params->exit_err(PARAMETER_PROBLEM,
154 "%s: Argument to \"--%s\" has unexpected "
155 "characters.\n", cb->ext_name, entry->name);
156 ++cb->nvals;
157 if (cb->nvals < ARRAY_SIZE(cb->val.u32_range))
158 cb->val.u32_range[cb->nvals] = value;
159 if (entry->flags & XTOPT_PUT)
160 *put++ = value;
161 if (*end == '\0')
162 break;
163 }
164}
165
Jan Engelhardtaa37acc2011-02-07 04:00:50 +0100[diff] [blame]166static void (*const xtopt_subparse[])(struct xt_option_call *) = {
Jan Engelhardtdfe99f12011-02-27 19:03:28 +0100[diff] [blame]167 [XTTYPE_UINT8] = xtopt_parse_int,
Jan Engelhardta93142d2011-02-16 01:22:25 +0100[diff] [blame]168 [XTTYPE_UINT32] = xtopt_parse_int,
Jan Engelhardt04bb9882011-02-27 23:41:10 +0100[diff] [blame^]169 [XTTYPE_UINT32RC] = xtopt_parse_mint,
Jan Engelhardtaa37acc2011-02-07 04:00:50 +0100[diff] [blame]170};
171
172static const size_t xtopt_psize[] = {
Jan Engelhardtdfe99f12011-02-27 19:03:28 +0100[diff] [blame]173 [XTTYPE_UINT8] = sizeof(uint8_t),
Jan Engelhardta93142d2011-02-16 01:22:25 +0100[diff] [blame]174 [XTTYPE_UINT32] = sizeof(uint32_t),
Jan Engelhardt04bb9882011-02-27 23:41:10 +0100[diff] [blame^]175 [XTTYPE_UINT32RC] = sizeof(uint32_t[2]),
Jan Engelhardtaa37acc2011-02-07 04:00:50 +0100[diff] [blame]176};
177
178/**
179 * The master option parsing routine. May be used for the ".x6_parse"
180 * function pointer in extensions if fully automatic parsing is desired.
181 * It may be also called manually from a custom x6_parse function.
182 */
183void xtables_option_parse(struct xt_option_call *cb)
184{
185 const struct xt_option_entry *entry = cb->entry;
186 unsigned int eflag = 1 << cb->entry->id;
187
188 /*
189 * With {.id = P_FOO, .excl = P_FOO} we can have simple double-use
190 * prevention. Though it turned out that this is too much typing (most
191 * of the options are one-time use only), so now we also have
192 * %XTOPT_MULTI.
193 */
194 if ((!(entry->flags & XTOPT_MULTI) || (entry->excl & eflag)) &&
195 cb->xflags & eflag)
196 xt_params->exit_err(PARAMETER_PROBLEM,
197 "%s: option \"--%s\" can only be used once.\n",
198 cb->ext_name, cb->entry->name);
199 if (cb->invert && !(entry->flags & XTOPT_INVERT))
200 xt_params->exit_err(PARAMETER_PROBLEM,
201 "%s: option \"--%s\" cannot be inverted.\n",
202 cb->ext_name, entry->name);
203 if (entry->type != XTTYPE_NONE && optarg == NULL)
204 xt_params->exit_err(PARAMETER_PROBLEM,
205 "%s: option \"--%s\" requires an argument.\n",
206 cb->ext_name, entry->name);
207 if (entry->type <= ARRAY_SIZE(xtopt_subparse) &&
208 xtopt_subparse[entry->type] != NULL)
209 xtopt_subparse[entry->type](cb);
210 /* Exclusion with other flags tested later in finalize. */
211 cb->xflags |= 1 << entry->id;
212}
213
214/**
215 * Verifies that an extension's option map descriptor is valid, and ought to
216 * be called right after the extension has been loaded, and before option
217 * merging/xfrm.
218 */
219void xtables_option_metavalidate(const char *name,
220 const struct xt_option_entry *entry)
221{
222 for (; entry->name != NULL; ++entry) {
223 if (entry->id >= CHAR_BIT * sizeof(unsigned int) ||
224 entry->id >= XT_OPTION_OFFSET_SCALE)
225 xt_params->exit_err(OTHER_PROBLEM,
226 "Extension %s uses invalid ID %u\n",
227 name, entry->id);
228 if (!(entry->flags & XTOPT_PUT))
229 continue;
230 if (entry->type >= ARRAY_SIZE(xtopt_psize))
231 xt_params->exit_err(OTHER_PROBLEM,
232 "%s: entry type of option \"--%s\" cannot be "
233 "combined with XTOPT_PUT\n",
234 name, entry->name);
Jan Engelhardt04bb9882011-02-27 23:41:10 +0100[diff] [blame^]235 if (xtopt_psize[entry->type] != -1 &&
236 xtopt_psize[entry->type] != entry->size)
Jan Engelhardtaa37acc2011-02-07 04:00:50 +0100[diff] [blame]237 xt_params->exit_err(OTHER_PROBLEM,
238 "%s: option \"--%s\" points to a memory block "
239 "of wrong size (expected %zu, got %zu)\n",
240 name, entry->name,
241 xtopt_psize[entry->type], entry->size);
242 }
243}
244
245/**
246 * Find an option entry by its id.
247 */
248static const struct xt_option_entry *
249xtables_option_lookup(const struct xt_option_entry *entry, unsigned int id)
250{
251 for (; entry->name != NULL; ++entry)
252 if (entry->id == id)
253 return entry;
254 return NULL;
255}
256
257/**
258 * @c: getopt id (i.e. with offset)
259 * @fw: struct ipt_entry or ip6t_entry
260 *
261 * Dispatch arguments to the appropriate parse function, based upon the
262 * extension's choice of API.
263 */
264void xtables_option_tpcall(unsigned int c, char **argv, bool invert,
265 struct xtables_target *t, void *fw)
266{
267 struct xt_option_call cb;
268
269 if (t->x6_parse == NULL) {
270 if (t->parse != NULL)
271 t->parse(c - t->option_offset, argv, invert,
272 &t->tflags, fw, &t->t);
273 return;
274 }
275
276 c -= t->option_offset;
277 cb.entry = xtables_option_lookup(t->x6_options, c);
278 if (cb.entry == NULL)
279 xtables_error(OTHER_PROBLEM,
280 "Extension does not know id %u\n", c);
281 cb.arg = optarg;
282 cb.invert = invert;
283 cb.ext_name = t->name;
284 cb.data = t->t->data;
285 cb.xflags = t->tflags;
286 t->x6_parse(&cb);
287 t->tflags = cb.xflags;
288}
289
290/**
291 * @c: getopt id (i.e. with offset)
292 * @fw: struct ipt_entry or ip6t_entry
293 *
294 * Dispatch arguments to the appropriate parse function, based upon the
295 * extension's choice of API.
296 */
297void xtables_option_mpcall(unsigned int c, char **argv, bool invert,
298 struct xtables_match *m, void *fw)
299{
300 struct xt_option_call cb;
301
302 if (m->x6_parse == NULL) {
303 if (m->parse != NULL)
304 m->parse(c - m->option_offset, argv, invert,
305 &m->mflags, fw, &m->m);
306 return;
307 }
308
309 c -= m->option_offset;
310 cb.entry = xtables_option_lookup(m->x6_options, c);
311 if (cb.entry == NULL)
312 xtables_error(OTHER_PROBLEM,
313 "Extension does not know id %u\n", c);
314 cb.arg = optarg;
315 cb.invert = invert;
316 cb.ext_name = m->name;
317 cb.data = m->m->data;
318 cb.xflags = m->mflags;
319 m->x6_parse(&cb);
320 m->mflags = cb.xflags;
321}
322
323/**
324 * @name: name of extension
325 * @entry: current option (from all ext's entries) being validated
326 * @xflags: flags the extension has collected
327 * @i: conflicting option (id) to test for
328 */
329static void
330xtables_option_fcheck2(const char *name, const struct xt_option_entry *entry,
331 const struct xt_option_entry *other,
332 unsigned int xflags)
333{
334 unsigned int ef = 1 << entry->id, of = 1 << other->id;
335
336 if (entry->also & of && !(xflags & of))
337 xt_params->exit_err(PARAMETER_PROBLEM,
338 "%s: option \"--%s\" also requires \"--%s\".\n",
339 name, entry->name, other->name);
340
341 if (!(entry->excl & of))
342 /* Use of entry does not collide with other option, good. */
343 return;
344 if ((xflags & (ef | of)) != (ef | of))
345 /* Conflicting options were not used. */
346 return;
347
348 xt_params->exit_err(PARAMETER_PROBLEM,
349 "%s: option \"--%s\" cannot be used together with \"--%s\".\n",
350 name, entry->name, other->name);
351}
352
353/**
354 * @name: name of extension
355 * @xflags: accumulated flags
356 * @entry: extension's option table
357 *
358 * Check that all option constraints have been met. This effectively replaces
359 * ->final_check of the older API.
360 */
361void xtables_options_fcheck(const char *name, unsigned int xflags,
362 const struct xt_option_entry *table)
363{
364 const struct xt_option_entry *entry, *other;
365 unsigned int i;
366
367 for (entry = table; entry->name != NULL; ++entry) {
368 if (entry->flags & XTOPT_MAND &&
369 !(xflags & (1 << entry->id)))
370 xt_params->exit_err(PARAMETER_PROBLEM,
371 "%s: option \"--%s\" must be specified\n",
372 name, entry->name);
373
374 for (i = 0; i < CHAR_BIT * sizeof(entry->id); ++i) {
375 if (entry->id == i)
376 /*
377 * Avoid conflict with self. Multi-use check
378 * was done earlier in xtables_option_parse.
379 */
380 continue;
381 other = xtables_option_lookup(table, i);
382 if (other == NULL)
383 continue;
384 xtables_option_fcheck2(name, entry, other, xflags);
385 }
386 }
387}
Jan Engelhardt3af739b2011-02-10 16:57:37 +0100[diff] [blame]388
389/**
390 * Dispatch arguments to the appropriate final_check function, based upon the
391 * extension's choice of API.
392 */
393void xtables_option_tfcall(struct xtables_target *t)
394{
395 if (t->x6_fcheck != NULL) {
396 struct xt_fcheck_call cb;
397
398 cb.ext_name = t->name;
399 cb.data = t->t->data;
400 cb.xflags = t->tflags;
401 t->x6_fcheck(&cb);
402 } else if (t->final_check != NULL) {
403 t->final_check(t->tflags);
404 }
405 if (t->x6_options != NULL)
406 xtables_options_fcheck(t->name, t->tflags, t->x6_options);
407}
408
409/**
410 * Dispatch arguments to the appropriate final_check function, based upon the
411 * extension's choice of API.
412 */
413void xtables_option_mfcall(struct xtables_match *m)
414{
415 if (m->x6_fcheck != NULL) {
416 struct xt_fcheck_call cb;
417
418 cb.ext_name = m->name;
419 cb.data = m->m->data;
420 cb.xflags = m->mflags;
421 m->x6_fcheck(&cb);
422 } else if (m->final_check != NULL) {
423 m->final_check(m->mflags);
424 }
425 if (m->x6_options != NULL)
426 xtables_options_fcheck(m->name, m->mflags, m->x6_options);
427}