veriexecctl_parse.y revision 1.1 
11.1Sblymn%{
21.1Sblymn/*
31.1Sblymn * Parser for verified exec fingerprint file.
41.1Sblymn *
51.1Sblymn * $NetBSD: veriexecctl_parse.y,v 1.1 2002/11/23 10:52:49 blymn Exp $
61.1Sblymn *
71.1Sblymn */
81.1Sblymn
91.1Sblymn#include <stdio.h>
101.1Sblymn#include <string.h>
111.1Sblymn#include <errno.h>
121.1Sblymn#include <sys/ioctl.h>
131.1Sblymn#include <sys/verified_exec.h>
141.1Sblymn
151.1Sblymn/* yacc internal function */
161.1Sblymnstatic int     yygrowstack __P((void));
171.1Sblymnint yylex __P((void));
181.1Sblymnvoid yyerror __P((const char *));
191.1Sblymn
201.1Sblymn/* function prototypes */
211.1Sblymnstatic int
221.1Sblymnconvert(char *fp, unsigned int count, unsigned char *out);
231.1Sblymn
241.1Sblymn/* ioctl parameter struct */
251.1Sblymnstruct verified_exec_params params;
261.1Sblymnextern int fd;
271.1Sblymnextern int lineno;
281.1Sblymn
291.1Sblymn%}
301.1Sblymn
311.1Sblymn%union {
321.1Sblymn  char *string;
331.1Sblymn  int  intval;
341.1Sblymn}
351.1Sblymn
361.1Sblymn%token EOL
371.1Sblymn%token <string> PATH
381.1Sblymn%token <string> STRING
391.1Sblymn
401.1Sblymn%%
411.1Sblymn
421.1Sblymnstatement: /* empty */
431.1Sblymn  | statement path type fingerprint flags eol
441.1Sblymn  ;
451.1Sblymn
461.1Sblymnpath: PATH
471.1Sblymn{
481.1Sblymn	strncpy(params.file, $1, 255);
491.1Sblymn	params.type = VERIEXEC_DIRECT;
501.1Sblymn};
511.1Sblymn
521.1Sblymntype: STRING
531.1Sblymn{
541.1Sblymn	if (strcasecmp($1, "md5") == 0) {
551.1Sblymn		params.fp_type = FINGERPRINT_TYPE_MD5;
561.1Sblymn	} else if (strcasecmp($1, "sha1") == 0) {
571.1Sblymn		params.fp_type = FINGERPRINT_TYPE_SHA1;
581.1Sblymn	} else {
591.1Sblymn		fprintf(stderr, "%s %s at %d, %s\n",
601.1Sblymn			"verifiedexec_load: bad fingerprint type", $1, lineno,
611.1Sblymn			"assuming MD5");
621.1Sblymn		params.fp_type = FINGERPRINT_TYPE_MD5;
631.1Sblymn	}
641.1Sblymn};
651.1Sblymn
661.1Sblymn
671.1Sblymnfingerprint: STRING
681.1Sblymn{
691.1Sblymn	unsigned int count;
701.1Sblymn
711.1Sblymn	if (params.fp_type == FINGERPRINT_TYPE_SHA1)
721.1Sblymn		count = SHA1_FINGERPRINTLEN;
731.1Sblymn	else
741.1Sblymn		count = MD5_FINGERPRINTLEN;
751.1Sblymn
761.1Sblymn	if (convert($1, count, params.fingerprint) < 0) {
771.1Sblymn		fprintf(stderr,
781.1Sblymn			"verifiedexec_load: bad fingerprint at line %d\n",
791.1Sblymn			lineno);
801.1Sblymn	}
811.1Sblymn};
821.1Sblymn
831.1Sblymnflags: /* empty */
841.1Sblymn	| flag_spec flags;
851.1Sblymn
861.1Sblymnflag_spec: STRING
871.1Sblymn{
881.1Sblymn	params.type = VERIEXEC_DIRECT;
891.1Sblymn	if (strcasecmp($1, "indirect") == 0) {
901.1Sblymn		params.type = VERIEXEC_INDIRECT;
911.1Sblymn	} else if (strcasecmp($1, "file") == 0) {
921.1Sblymn		params.type = VERIEXEC_FILE;
931.1Sblymn	}
941.1Sblymn};
951.1Sblymn
961.1Sblymneol: EOL
971.1Sblymn{
981.1Sblymn	do_ioctl();
991.1Sblymn};
1001.1Sblymn
1011.1Sblymn%%
1021.1Sblymn
1031.1Sblymn/*
1041.1Sblymn * Convert: takes the hexadecimal string pointed to by fp and converts
1051.1Sblymn * it to a "count" byte binary number which is stored in the array pointed to
1061.1Sblymn * by out.  Returns -1 if the conversion fails.
1071.1Sblymn */
1081.1Sblymnstatic int
1091.1Sblymnconvert(char *fp, unsigned int count, unsigned char *out)
1101.1Sblymn{
1111.1Sblymn        int i, value, error = 0;
1121.1Sblymn
1131.1Sblymn        for (i = 0; i < count; i++) {
1141.1Sblymn                if ((fp[2*i] >= '0') && (fp[2*i] <= '9')) {
1151.1Sblymn                        value = 16 * (fp[2*i] - '0');
1161.1Sblymn                } else if ((fp[2*i] >= 'a') && (fp[2*i] <= 'f')) {
1171.1Sblymn                        value = 16 * (10 + fp[2*i] - 'a');
1181.1Sblymn                } else {
1191.1Sblymn                        error = -1;
1201.1Sblymn                        break;
1211.1Sblymn                }
1221.1Sblymn
1231.1Sblymn                if ((fp[2*i + 1] >= '0') && (fp[2*i + 1] <= '9')) {
1241.1Sblymn                        value += fp[2*i + 1] - '0';
1251.1Sblymn                } else if ((fp[2*i + 1] >= 'a') && (fp[2*i + 1] <= 'f')) {
1261.1Sblymn                        value += fp[2*i + 1] - 'a' + 10;
1271.1Sblymn                } else {
1281.1Sblymn                        error = -1;
1291.1Sblymn                        break;
1301.1Sblymn                }
1311.1Sblymn
1321.1Sblymn                out[i] = value;
1331.1Sblymn        }
1341.1Sblymn
1351.1Sblymn        return error;
1361.1Sblymn}
1371.1Sblymn
1381.1Sblymn/*
1391.1Sblymn * Perform the load of the fingerprint.  Assumes that the fingerprint
1401.1Sblymn * pseudo-device is opened and the file handle is in fd.
1411.1Sblymn */
1421.1Sblymnstatic void
1431.1Sblymndo_ioctl(void)
1441.1Sblymn{
1451.1Sblymn	if (ioctl(fd, VERIEXECLOAD, &params) < 0)
1461.1Sblymn		fprintf(stderr,	"Ioctl failed with error `%s' on file %s\n",
1471.1Sblymn			strerror(errno), params.file);
1481.1Sblymn}
149