2013.10.24

[uclinux-h8/uClinux-dist.git] / freeswan / utils / _confread

#!/bin/sh
# configuration-file reader utility
# Copyright (C) 1999-2002  Henry Spencer.
# 
# This program is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License as published by the
# Free Software Foundation; either version 2 of the License, or (at your
# option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
# 
# This program is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
# or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
# for more details.
#
# RCSID $Id: _confread,v 1.47 2002/03/26 17:49:42 henry Exp $
#
# Extract configuration info from /etc/ipsec.conf, repackage as assignments
# to shell variables or tab-delimited fields.  Success or failure is reported
# inline, as extra data, due to the vagaries of shell backquote handling.
# In the absence of --varprefix, output is tab-separated fields, like:
#       =       sectionname
#       :       parameter       value
#       !       status (empty for success, else complaint)
# In the presence of (say) "--varprefix IPSEC", output is like:
#       IPSEC_confreadsection="sectionname"
#       IPSECparameter="value"
#       IPSEC_confreadstatus="status" (same empty/complaint convention)
#
# The "--search parametername" option inverts the search:  instead of
# yielding the parameters of the specified name(s), it yields the names
# of sections with parameter <parametername> having (one of) the
# specified value(s).  In this case, --varprefix output is a list of
# names in the <prefix>_confreadnames variable.  Search values with
# white space in them are currently not handled properly.
#
# Typical usage:
# eval `ipsec _confread --varprefix IPSEC --type config setup`
# if test " $IPSEC_confreadstatus" != " "
# then
#       echo "$0: $IPSEC_confreadstatus -- aborting" 2>&1
#       exit 1
# fi

config=${IPSEC_CONFS-/etc}/ipsec.conf
include=yes
type=conn
fieldfmt=yes
prefix=
search=
export=0
me="ipsec _confread"

for dummy
do
        case "$1" in
        --config)       config="$2" ; shift     ;;
        --noinclude)    include=                ;;
        --type)         type="$2" ; shift       ;;
        --varprefix)    fieldfmt=
                        prefix="$2"
                        shift                   ;;
        --export)       export=1                ;;
        --search)       search="$2" ; shift     ;;
        --version)      echo "$me $IPSEC_VERSION" ; exit 0      ;;
        --)             shift ; break           ;;
        -*)             echo "$0: unknown option \`$1'" >&2 ; exit 2    ;;
        *)              break                   ;;
        esac
        shift
done

if test "$include"
then
        ipsec _include --inband $config
else
        cat $config
fi |
awk 'BEGIN {
        type = "'"$type"'"
        names = "'"$*"'"
        prefix = "'"$prefix"'"
        export = "'"$export"'"
        search = "'"$search"'"
        searching = 0
        if (search != "") {
                searching = 1
                searchpat = "^[ \t]+" search "[ \t]*=[ \t]*"
        }
        fieldfmt = 0
        if ("'"$fieldfmt"'" == "yes")
                fieldfmt = 1
        including = 0
        if ("'"$include"'" == "yes")
                including = 1
        filename = "'"$config"'"
        lineno = 0
        originalfilename = filename
        if (fieldfmt)
                bq = eq = "\""
        else
                bq = eq = "\\\""
        failed = 0
        insection = 0
        indefault = 0
        outputting = 0
        sawnondefault = 0
        OFS = "\t"
        o_status = "!"
        o_parm = ":"
        o_section = "="
        o_names = "%"
        o_end = "."
        n = split(names, na, " ")
        if (n == 0)
                fail("no section names supplied")
        for (i = 1; i <= n; i++) {
                if (na[i] in wanted)
                        fail("section " bq na[i] eq " requested more than once")
                wanted[na[i]] = 1
                pending[na[i]] = 1
                if (!searching && na[i] !~ /^[a-zA-Z][a-zA-Z0-9._-]*$/)
                        fail("invalid section name " bq na[i] eq)
        }

        good = "also type auto authby _plutodevel"
        left = " left leftsubnet leftnexthop leftfirewall leftupdown"
        akey = " keyexchange auth pfs pfsgroup keylife rekey rekeymargin rekeyfuzz"
        akey = akey " compress"
        obs = " lifetime rekeystart rekeytries"
        akey = akey " keyingtries ikelifetime disablearrivalcheck ike" obs
        mkey = " spibase spi esp espenckey espauthkey espreplay_window"
        left = left " leftespenckey leftespauthkey leftahkey"
        left = left " leftespspi leftahspi leftid leftrsasigkey"
        left = left " leftcert leftsubnetwithin leftprotoport"
        mkey = mkey " ah ahkey ahreplay_window"
        right = left
        gsub(/left/, "right", right)
        n = split(good left right akey mkey, g)
        for (i = 1; i <= n; i++)
                goodnames["conn:" g[i]] = 1

        good = "also interfaces forwardcontrol syslog klipsdebug plutodebug"
        good = good " dumpdir dump manualstart pluto plutoload plutostart"
        good = good " plutowait plutobackgroundload prepluto postpluto"
        good = good " fragicmp no_eroute_pass opportunistic hidetos uniqueids"
        good = good " packetdefault overridemtu nocrsend"
        good = good " nat_traversal keep_alive force_keepalive"
        good = good " disable_port_floating virtual_private"
        n = split(good, g)
        for (i = 1; i <= n; i++)
                goodnames["config:" g[i]] = 1

        goodtypes["conn"] = 1
        goodtypes["config"] = 1

        badchars = ""
        for (i = 1; i < 32; i++)
                badchars = badchars sprintf("%c", i)
        for (i = 127; i < 128+32; i++)
                badchars = badchars sprintf("%c", i)
        badchar = "[" badchars "]"

        seen[""] = ""
        default[""] = ""
        usesdefault [""] = ""
}



function output(code, v1, v2) {
        if (code == o_parm) {
                if (v2 == "")           # suppress empty parameters
                        return
                if (privatename(v1))    # and private ones
                        return
                if (v2 ~ badchar)
                        fail("parameter value " bq v2 eq " contains unprintable character")
        }

        if (fieldfmt) {
                print code, v1, v2
                return
        }

        if (code == o_status) {
                v2 = v1
                v1 = "_confreadstatus"
        } else if (code == o_section) {
                v2 = v1
                v1 = "_confreadsection"
        } else if (code == o_names) {
                v2 = v1
                v1 = "_confreadnames"
        } else if (code != o_parm)
                return          # currently no variable version of o_end

        print prefix v1 "=\"" v2 "\""
        if (export)
                print "export " prefix v1
}
function searchfound(sectionname,    n, i, reflist) {
        # a hit in x is a hit in everybody who refers to x too
        n = split(refsto[sectionname], reflist, ";")
        for (i = 1; i <= n; i++)
                if (reflist[i] in seen)
                        fail("duplicated parameter " bq search eq)
                else
                        seen[reflist[i]] = 1
        seen[sectionname] = 1
}
function fail(msg) {
        output(o_status, ("(" filename ", line " lineno ") " msg))
        failed = 1
        while ((getline junk) > 0)
                continue
        exit
}
function badname(n) {
        if ((type ":" n) in goodnames)
                return 0
        if (privatename(n))
                return 0
        return 1
}
function privatename(n) {
        if (n ~ /^[xX][-_]/)
                return 1
        return 0
}
function addref(from, to) {
        if (to in refsto)
                refsto[to] = refsto[to] ";" from
        else
                refsto[to] = from
}
function chainref(from, to,    i, reflist, listnum) {
        # referencing is transitive:  xyz->from->to
        if (from in refsto) {
                listnum = split(refsto[from], reflist, ";")
                for (i = 1; i <= listnum; i++)
                        chainref(reflist[i], to)
        }
        addref(from, to)
}



{
        lineno++
        # lineno is now the number of this line
}
including && $0 ~ /^#[<>:]/ {
        # _include control line
        if ($1 ~ /^#[<>]$/) {
                filename = $2
                lineno = $3 - 1
        } else if ($0 ~ /^#:/) {
                msg = substr($0, 3)
                gsub(/"/, "\\\"", msg)
                fail(msg)
        }
        next
}
$0 !~ /^[ \t]/ {
        # any non-leading-white-space line is a section end
        ### but not the end of relevant stuff, might be also= sections later
        ###if (insection && !indefault && !searching && outputting)
        ###     output(o_end)
        insection = 0
        indefault = 0
        outputting = 0
}
{
        # strip trailing comments and space
        sub(/[ \t]+(#.*)?$/, "")
}
$0 == "" || $0 ~ /^#/ {
        # empty lines and comments are ignored
        next
}
$0 !~ /^[ \t]/ && NF != 2 {
        # bad section header
        fail("section header \"" $0 "\" has wrong number of fields (" NF ")")
}
$0 !~ /^[ \t]/ && !($1 in goodtypes) {
        # unknown section type
        fail("section type \"" $1 "\" not recognized")
}
$0 !~ /^[ \t]/ && $1 == type && $2 != "%default" {
        # non-default section header of our type
        sawnondefault = 1
}
$0 !~ /^[ \t]/ && $1 == type && searching && $2 != "%default" {
        # section header, during search
        insection = 1
        sectionname = $2
        usesdefault[sectionname] = 1            # tentatively
        next
}
$0 !~ /^[ \t]/ && !($1 == type && ($2 in wanted || $2 == "%default")) {
        # section header, but not one we want
        insection = 1
        next
}
$0 !~ /^[ \t]/ && $1 == type && ($2 in wanted) {
        # one of our wanted section headers
        if (!($2 in pending))
                fail("duplicate " type " section " bq $2 eq)
        delete pending[$2]
        tag = bq type " " $2 eq
        outputting = 1
        insection = 1
        output(o_section, $2)
        next
}
$0 !~ /^[ \t]/ && $1 == type && $2 == "%default" {
        # relevant default section header
        if (sawnondefault)
                fail("\"" $1 " %default\" sections must precede non-default ones")
        tag = bq type " " $2 eq
        indefault = 1
        next
}
$0 !~ /^[ \t]/ {
        fail("internal error, supposedly cannot happen")
}
!insection && !indefault {
        # starts with white space but not in a section... oops
        fail("parameter is not within a section")
}
searching && $0 ~ searchpat {
        # search found the right parameter name
        match($0, searchpat)
        rest = substr($0, RLENGTH+1)
        if (rest ~ /^"/)
                rest = substr(rest, 2, length(rest)-2)
        if (!indefault)
                delete usesdefault[sectionname]
        if (rest in wanted) {   # a hit
                if (indefault)
                        default[search] = rest
                else
                        searchfound(sectionname)
        } else {
                # rather a kludge, but must check this somewhere
                if (search == "auto" && rest !~ /^(add|route|start|ignore)$/)
                        fail("illegal auto value " bq rest eq)
        }
        next
}
!searching && !outputting && !indefault {
        # uninteresting line
        next
}
$0 ~ /"/ && $0 !~ /^[^=]+=[ \t]*"[^"]*"$/ {
        if (!searching)
                fail("mismatched quotes in parameter value")
        else
                gsub(/"/, "", $0)
}
$0 !~ /^[ \t]+[a-zA-Z_][a-zA-Z0-9_-]*[ \t]*=/ {
        if (searching)
                next                    # just ignore it
        fail("syntax error or illegal parameter name")
}
{
        sub(/^[ \t]+/, "")              # get rid of leading white space
        sub(/[ \t]*=[ \t]*/, "=")       # and embedded white space
}
$0 ~ /^also=/ {
        if (indefault)
                fail("%default section may not contain \"also\" parameter")
        sub(/^also=/, "")
        if ($0 !~ /^[a-zA-Z][a-zA-Z0-9._-]*$/)
                fail("invalid section name " bq $0 eq)
        if (!searching) {
                if ($0 in wanted)
                        fail("section " bq $0 eq " requested more than once")
                wanted[$0] = 1
                pending[$0] = 1
        } else
                chainref(sectionname, $0)
        next
}
!outputting && !indefault {
        # uninteresting line even for a search
        next
}
{
        equal = match($0, /[=]/)
        name = substr($0, 1, equal-1)
        if (badname(name))
                fail("unknown parameter name " bq name eq)
        value = substr($0, equal+1)
        if (value ~ /^"/)
                value = substr(value, 2, length(value)-2)
        else if (value ~ /[ \t]/)
                fail("white space within non-quoted parameter " bq name eq)
}
indefault {
        if (name in default)
                fail("duplicated default parameter " bq name eq)
        default[name] = value
        next
}
{
        if (name in seen)
                fail("duplicated parameter " bq name eq)
        seen[name] = 1
        output(o_parm, name, value)
}
END {
        if (failed)
                exit 1
        filename = originalfilename
        unseen = ""
        for (i in pending)
                unseen = unseen " " i
        if (!searching && unseen != "")
                fail("did not find " type " section(s) " bq substr(unseen, 2) eq)
        if (!searching) {
                for (name in default)
                        if (!(name in seen))
                                output(o_parm, name, default[name])
        } else {
                if (default[search] in wanted)
                        for (name in usesdefault)
                                seen[name] = 1
                if (fieldfmt)
                        for (name in seen)
                                output(o_section, name)
                else {
                        outlist = ""
                        for (name in seen)
                                if (outlist == "")
                                        outlist = name
                                else
                                        outlist = outlist " " name
                        output(o_names, outlist)
                }
        }
        output(o_status, "")
}'