1 |
diff --git a/squidGuard-1.4/configure b/squidGuard-1.4/configure |
2 |
index 6d9c4f2..e79774a 100755 |
3 |
--- a/squidGuard-1.4/configure |
4 |
+++ b/squidGuard-1.4/configure |
5 |
@@ -4260,7 +4260,7 @@ if test $ac_cv_lib_ldap_ldap_init = yes; then |
6 |
echo "checking for ldap support... yes" |
7 |
with_ldap=yes |
8 |
LIBS="$LIBS -lldap" |
9 |
- YACCLINE=" | LDAPUSERSEARCH WORD { sgSourceLdapUserSearch(\$2); }" |
10 |
+ YACCLINE=" | LDAPUSERSEARCH STRING { sgSourceLdapUserSearch(\$2); }" |
11 |
|
12 |
else |
13 |
|
14 |
diff --git a/squidGuard-1.4/configure.in b/squidGuard-1.4/configure.in |
15 |
index ea09c3b..9dfca11 100644 |
16 |
--- a/squidGuard-1.4/configure.in |
17 |
+++ b/squidGuard-1.4/configure.in |
18 |
@@ -175,7 +175,7 @@ if test "$with_ldap" = "yes" -o "$with_ldap" = "true"; then |
19 |
echo "checking for ldap support... yes" |
20 |
with_ldap=yes |
21 |
LIBS="$LIBS -lldap" |
22 |
- YACCLINE=" | LDAPUSERSEARCH WORD { sgSourceLdapUserSearch(\$2); }" |
23 |
+ YACCLINE=" | LDAPUSERSEARCH STRING { sgSourceLdapUserSearch(\$2); }" |
24 |
],[ |
25 |
AC_MSG_WARN([Cannot find LDAP libraries. LDAP support disabled]) |
26 |
with_ldap=no |
27 |
diff --git a/squidGuard-1.4/src/sg.l b/squidGuard-1.4/src/sg.l |
28 |
index 74507cd..7728f31 100644 |
29 |
--- a/squidGuard-1.4/src/sg.l |
30 |
+++ b/squidGuard-1.4/src/sg.l |
31 |
@@ -74,23 +74,14 @@ weekdays (({weekday}{s}*[, \t]+{s}*)*{weekday})|[\*] |
32 |
<hexchar> ::= 0-9, a-f, A-F |
33 |
*/ |
34 |
|
35 |
-ldaphexchar [0-9a-fA-f] |
36 |
-ldaphex {ldaphexchar}{ldaphexchar} |
37 |
-ldapspecial [,=+<>#;\r\n] |
38 |
-ldapstringchar [^,=+<>#;\r\n] |
39 |
-ldappair \\({ldapspecial}|\\|\") |
40 |
-ldapstring (({ldapstringchar}|{ldappair})*|\"({ldapstringchar}|{ldapspecial}|{ldappair})*\"|#{ldaphex}) |
41 |
-ldapkey [a-zA-Z0-9][a-zA-Z0-9 ]* |
42 |
-ldapattribute {ldapkey}{s}*={s}*{ldapstring} |
43 |
-ldapnamecomponent ({ldapattribute}{s}*+{s}*)*{ldapattribute} |
44 |
-ldapspacedseparator \ *[,;]\ * |
45 |
-ldapdn ({ldapnamecomponent}{ldapspacedseparator})*{ldapnamecomponent} |
46 |
- |
47 |
%x REDIRECT_STATE |
48 |
%x EXEC_STATE |
49 |
-%x LDAPDN_STATE |
50 |
+%x STRING_STATE |
51 |
|
52 |
%% |
53 |
+ char string_buf[MAX_BUF]; |
54 |
+ char *string_buf_ptr; |
55 |
+ |
56 |
|
57 |
[ \t]*#.* ; |
58 |
"{" return START_BRACKET; |
59 |
@@ -107,7 +98,7 @@ ldapdn ({ldapnamecomponent}{ldapspacedseparator})*{ldapnamecompo |
60 |
^logdir return LOGDIR; |
61 |
^ldapcachetime return LDAPCACHETIME; |
62 |
^ldapprotover return LDAPPROTOVER; |
63 |
-^ldapbinddn { BEGIN LDAPDN_STATE; return LDAPBINDDN; } |
64 |
+^ldapbinddn return LDAPBINDDN; |
65 |
^ldapbindpass return LDAPBINDPASS; |
66 |
^mysqlusername return MYSQLUSERNAME; |
67 |
^mysqlpassword return MYSQLPASSWORD; |
68 |
@@ -124,7 +115,7 @@ userquery { |
69 |
} |
70 |
ldapusersearch { |
71 |
/* use the REDIRECT_STATE logic, since it handles URLs nicely */ |
72 |
- BEGIN REDIRECT_STATE; |
73 |
+ /* BEGIN REDIRECT_STATE; */ |
74 |
return LDAPUSERSEARCH; |
75 |
} |
76 |
execuserlist { |
77 |
@@ -169,8 +160,34 @@ ip return IP; |
78 |
<EXEC_STATE>[^\n]* { yylval.string = yytext; BEGIN 0; return EXECCMD; } |
79 |
<EXEC_STATE>\n {lineno++;} |
80 |
|
81 |
-<LDAPDN_STATE>{ldapdn} {yylval.string = yytext; BEGIN 0; return LDAPDNSTR;} |
82 |
-<LDAPDN_STATE>\n {lineno++;} |
83 |
+\" { string_buf_ptr = string_buf; BEGIN STRING_STATE; } |
84 |
+<STRING_STATE>\" { *string_buf_ptr = '\0'; yylval.string = string_buf; BEGIN 0; return QUOTED_STRING; } |
85 |
+<STRING_STATE>\\x[0-9a-fA-F]{2} { |
86 |
+ if (string_buf_ptr-string_buf < sizeof(string_buf)-1) |
87 |
+ { |
88 |
+ int hexcode; |
89 |
+ sscanf( yytext + 2, "%x", &hexcode ); |
90 |
+ *string_buf_ptr++ = (char) hexcode; |
91 |
+ } |
92 |
+ } |
93 |
+<STRING_STATE>\\n { if (string_buf_ptr-string_buf < sizeof(string_buf)-1) *string_buf_ptr++ = '\n'; } |
94 |
+<STRING_STATE>\\r { if (string_buf_ptr-string_buf < sizeof(string_buf)-1) *string_buf_ptr++ = '\r'; } |
95 |
+<STRING_STATE>\\a { if (string_buf_ptr-string_buf < sizeof(string_buf)-1) *string_buf_ptr++ = '\a'; } |
96 |
+<STRING_STATE>\\b { if (string_buf_ptr-string_buf < sizeof(string_buf)-1) *string_buf_ptr++ = '\b'; } |
97 |
+<STRING_STATE>\\t { if (string_buf_ptr-string_buf < sizeof(string_buf)-1) *string_buf_ptr++ = '\t'; } |
98 |
+<STRING_STATE>\n { if (string_buf_ptr-string_buf < sizeof(string_buf)-1) *string_buf_ptr++ = '\n'; } |
99 |
+<STRING_STATE>\\\n { /* continuation line - ignore the \ and newline */; } |
100 |
+<STRING_STATE>\\. { if (string_buf_ptr-string_buf < sizeof(string_buf)-1) *string_buf_ptr++ = yytext[1]; } |
101 |
+<STRING_STATE>[^\\\n\"]+ { |
102 |
+ char *yyptr = yytext; |
103 |
+ while (*yyptr) |
104 |
+ { |
105 |
+ if (string_buf_ptr-string_buf >= sizeof(string_buf)-1) |
106 |
+ break; |
107 |
+ *string_buf_ptr++ = *yyptr++; |
108 |
+ } |
109 |
+ } |
110 |
+<STRING_STATE>. { if (string_buf_ptr-string_buf < sizeof(string_buf)-1) *string_buf_ptr++ = yytext[1]; } |
111 |
|
112 |
[a-zA-Z\/][a-zA-Z0-9/_\-\.\/\:\%\+\?=&]* {yylval.string = yytext ; return WORD;} |
113 |
s@(([^@}]|\\@|\\\})+)@(([^@}]|\\@|\\\})+)@[girR]* {yylval.string = yytext; return SUBST;} |
114 |
diff --git a/squidGuard-1.4/src/sg.y.in b/squidGuard-1.4/src/sg.y.in |
115 |
index 9862664..b311b4b 100644 |
116 |
--- a/squidGuard-1.4/src/sg.y.in |
117 |
+++ b/squidGuard-1.4/src/sg.y.in |
118 |
@@ -85,7 +85,7 @@ rfc1738_unescape(char *s) |
119 |
int *integer; |
120 |
} |
121 |
|
122 |
-%token WORD END START_BRACKET STOP_BRACKET WEEKDAY LDAPDNSTR |
123 |
+%token WORD END START_BRACKET STOP_BRACKET WEEKDAY |
124 |
%token DESTINATION REWRITE ACL TIME TVAL DVAL DVALCRON |
125 |
%token SOURCE CIDR IPCLASS CONTINUE |
126 |
%token IPADDR DBHOME DOMAINLIST URLLIST EXPRESSIONLIST IPLIST |
127 |
@@ -94,8 +94,11 @@ rfc1738_unescape(char *s) |
128 |
%token WITHIN OUTSIDE ELSE LOGFILE ANONYMOUS VERBOSE CONTINIOUS SPORADIC |
129 |
%token LDAPCACHETIME EXECUSERLIST EXECCMD LDAPPROTOVER |
130 |
%token LDAPBINDDN LDAPBINDPASS MYSQLUSERNAME MYSQLPASSWORD DATABASE |
131 |
+%token QUOTED_STRING |
132 |
|
133 |
%type <string> WORD |
134 |
+%type <string> QUOTED_STRING |
135 |
+%type <string> STRING |
136 |
%type <string> EXECCMD |
137 |
%type <string> WEEKDAY |
138 |
%type <string> LDAPDNSTR |
139 |
@@ -121,10 +124,16 @@ rfc1738_unescape(char *s) |
140 |
start: statements |
141 |
; |
142 |
|
143 |
-dbhome: DBHOME WORD { sgSetting("dbhome",$2); } |
144 |
+STRING: WORD | QUOTED_STRING |
145 |
+ ; |
146 |
+ |
147 |
+LDAPDNSTR: QUOTED_STRING |
148 |
+ ; |
149 |
+ |
150 |
+dbhome: DBHOME STRING { sgSetting("dbhome",$2); } |
151 |
; |
152 |
|
153 |
-logdir: LOGDIR WORD { sgSetting("logdir",$2); } |
154 |
+logdir: LOGDIR STRING { sgSetting("logdir",$2); } |
155 |
; |
156 |
|
157 |
ldapcachetime: LDAPCACHETIME NUMBER { sgSetting("ldapcachetime",$2); } |
158 |
@@ -136,16 +145,16 @@ ldapprotover: LDAPPROTOVER NUMBER {sgSetting("ldapprotover",$2); } |
159 |
ldapbinddn: LDAPBINDDN LDAPDNSTR { sgSetting("ldapbinddn",$2); } |
160 |
; |
161 |
|
162 |
-ldapbindpass: LDAPBINDPASS WORD { sgSetting("ldapbindpass",$2); } |
163 |
+ldapbindpass: LDAPBINDPASS STRING { sgSetting("ldapbindpass",$2); } |
164 |
; |
165 |
|
166 |
-mysqlusername: MYSQLUSERNAME WORD { sgSetting("mysqlusername",$2); } |
167 |
+mysqlusername: MYSQLUSERNAME STRING { sgSetting("mysqlusername",$2); } |
168 |
; |
169 |
|
170 |
-mysqlpassword: MYSQLPASSWORD WORD { sgSetting("mysqlpassword",$2); } |
171 |
+mysqlpassword: MYSQLPASSWORD STRING { sgSetting("mysqlpassword",$2); } |
172 |
; |
173 |
|
174 |
-mysqldb: DATABASE WORD { sgSetting("mysqldb",$2); } |
175 |
+mysqldb: DATABASE STRING { sgSetting("mysqldb",$2); } |
176 |
; |
177 |
|
178 |
start_block: |
179 |
@@ -167,22 +176,22 @@ destination_contents: |
180 |
| destination_contents destination_content |
181 |
; |
182 |
destination_content: |
183 |
- DOMAINLIST WORD { sgDestDomainList($2); } |
184 |
+ DOMAINLIST STRING { sgDestDomainList($2); } |
185 |
| DOMAINLIST '-' { sgDestDomainList(NULL); } |
186 |
- | URLLIST WORD { sgDestUrlList($2); } |
187 |
+ | URLLIST STRING { sgDestUrlList($2); } |
188 |
| URLLIST '-' { sgDestUrlList(NULL); } |
189 |
| EXPRESSIONLIST '-' { sgDestExpressionList(NULL,NULL); } |
190 |
- | EXPRESSIONLIST 'i' WORD { sgDestExpressionList($3,"i"); } |
191 |
- | EXPRESSIONLIST WORD { sgDestExpressionList($2,"n"); } |
192 |
- | REDIRECT WORD {sgDestRedirect($2); } |
193 |
- | REWRITE WORD {sgDestRewrite($2); } |
194 |
+ | EXPRESSIONLIST 'i' STRING { sgDestExpressionList($3,"i"); } |
195 |
+ | EXPRESSIONLIST STRING { sgDestExpressionList($2,"n"); } |
196 |
+ | REDIRECT STRING {sgDestRedirect($2); } |
197 |
+ | REWRITE STRING {sgDestRewrite($2); } |
198 |
| WITHIN WORD { sgDestTime($2,WITHIN); } |
199 |
| OUTSIDE WORD { sgDestTime($2,OUTSIDE); } |
200 |
- | LOGFILE ANONYMOUS WORD { sgLogFile(SG_BLOCK_DESTINATION,1,0,$3); } |
201 |
- | LOGFILE VERBOSE WORD { sgLogFile(SG_BLOCK_DESTINATION,0,1,$3); } |
202 |
- | LOGFILE ANONYMOUS VERBOSE WORD { sgLogFile(SG_BLOCK_DESTINATION,1,1,$4); } |
203 |
- | LOGFILE VERBOSE ANONYMOUS WORD { sgLogFile(SG_BLOCK_DESTINATION,1,1,$4); } |
204 |
- | LOGFILE WORD { sgLogFile(SG_BLOCK_DESTINATION,0,0,$2); } |
205 |
+ | LOGFILE ANONYMOUS STRING { sgLogFile(SG_BLOCK_DESTINATION,1,0,$3); } |
206 |
+ | LOGFILE VERBOSE STRING { sgLogFile(SG_BLOCK_DESTINATION,0,1,$3); } |
207 |
+ | LOGFILE ANONYMOUS VERBOSE STRING { sgLogFile(SG_BLOCK_DESTINATION,1,1,$4); } |
208 |
+ | LOGFILE VERBOSE ANONYMOUS STRING { sgLogFile(SG_BLOCK_DESTINATION,1,1,$4); } |
209 |
+ | LOGFILE STRING { sgLogFile(SG_BLOCK_DESTINATION,0,0,$2); } |
210 |
; |
211 |
|
212 |
source: SOURCE WORD { sgSource($2); } |
213 |
@@ -197,7 +206,7 @@ source_contents: |
214 |
|
215 |
source_content: DOMAIN domain |
216 |
| USER user |
217 |
- | USERLIST WORD { sgSourceUserList($2); } |
218 |
+ | USERLIST STRING { sgSourceUserList($2); } |
219 |
@MYSQLLINE@ |
220 |
@YACCLINE@ |
221 |
| EXECUSERLIST EXECCMD { sgSourceExecUserList($2); } |
222 |
@@ -206,23 +215,23 @@ source_content: DOMAIN domain |
223 |
| USERQUOTA NUMBER NUMBER WEEKLY { sgSourceUserQuota($2,$3,"604800");} |
224 |
| USERQUOTA NUMBER NUMBER NUMBER { sgSourceUserQuota($2,$3,$4);} |
225 |
| IP ips |
226 |
- | IPLIST WORD { sgSourceIpList($2); } |
227 |
+ | IPLIST WORD { sgSourceIpList($2); } |
228 |
| WITHIN WORD { sgSourceTime($2,WITHIN); } |
229 |
| OUTSIDE WORD { sgSourceTime($2,OUTSIDE); } |
230 |
- | LOGFILE ANONYMOUS WORD {sgLogFile(SG_BLOCK_SOURCE,1,0,$3);} |
231 |
- | LOGFILE VERBOSE WORD {sgLogFile(SG_BLOCK_SOURCE,0,1,$3);} |
232 |
- | LOGFILE ANONYMOUS VERBOSE WORD {sgLogFile(SG_BLOCK_SOURCE,1,1,$4);} |
233 |
- | LOGFILE VERBOSE ANONYMOUS WORD {sgLogFile(SG_BLOCK_SOURCE,1,1,$4);} |
234 |
- | LOGFILE WORD { sgLogFile(SG_BLOCK_SOURCE,0,0,$2); } |
235 |
+ | LOGFILE ANONYMOUS STRING {sgLogFile(SG_BLOCK_SOURCE,1,0,$3);} |
236 |
+ | LOGFILE VERBOSE STRING {sgLogFile(SG_BLOCK_SOURCE,0,1,$3);} |
237 |
+ | LOGFILE ANONYMOUS VERBOSE STRING {sgLogFile(SG_BLOCK_SOURCE,1,1,$4);} |
238 |
+ | LOGFILE VERBOSE ANONYMOUS STRING {sgLogFile(SG_BLOCK_SOURCE,1,1,$4);} |
239 |
+ | LOGFILE STRING { sgLogFile(SG_BLOCK_SOURCE,0,0,$2); } |
240 |
| CONTINUE { lastSource->cont_search = 1; } |
241 |
; |
242 |
domain: |
243 |
- | domain WORD { sgSourceDomain($2); } |
244 |
+ | domain STRING { sgSourceDomain($2); } |
245 |
| domain ',' |
246 |
; |
247 |
|
248 |
user: |
249 |
- | user WORD { sgSourceUser($2); } |
250 |
+ | user STRING { sgSourceUser($2); } |
251 |
| user ',' |
252 |
; |
253 |
|
254 |
@@ -250,12 +259,12 @@ access_contents: |
255 |
|
256 |
access_content: PASS access_pass { } |
257 |
| REWRITE WORD { sgAclSetValue("rewrite",$2,0); } |
258 |
- | REDIRECT WORD { sgAclSetValue("redirect",$2,0); } |
259 |
- | LOGFILE ANONYMOUS WORD {sgLogFile(SG_BLOCK_ACL,1,0,$3);} |
260 |
- | LOGFILE VERBOSE WORD {sgLogFile(SG_BLOCK_ACL,0,1,$3);} |
261 |
- | LOGFILE ANONYMOUS VERBOSE WORD {sgLogFile(SG_BLOCK_ACL,1,1,$4);} |
262 |
- | LOGFILE VERBOSE ANONYMOUS WORD {sgLogFile(SG_BLOCK_ACL,1,1,$4);} |
263 |
- | LOGFILE WORD { sgLogFile(SG_BLOCK_ACL,0,0,$2); } |
264 |
+ | REDIRECT STRING { sgAclSetValue("redirect",$2,0); } |
265 |
+ | LOGFILE ANONYMOUS STRING {sgLogFile(SG_BLOCK_ACL,1,0,$3);} |
266 |
+ | LOGFILE VERBOSE STRING {sgLogFile(SG_BLOCK_ACL,0,1,$3);} |
267 |
+ | LOGFILE ANONYMOUS VERBOSE STRING {sgLogFile(SG_BLOCK_ACL,1,1,$4);} |
268 |
+ | LOGFILE VERBOSE ANONYMOUS STRING {sgLogFile(SG_BLOCK_ACL,1,1,$4);} |
269 |
+ | LOGFILE STRING { sgLogFile(SG_BLOCK_ACL,0,0,$2); } |
270 |
; |
271 |
|
272 |
access_pass: |
273 |
@@ -294,11 +303,11 @@ rew_contents: |
274 |
rew_content: SUBST { sgRewriteSubstitute($1); } |
275 |
| WITHIN WORD { sgRewriteTime($2,WITHIN); } |
276 |
| OUTSIDE WORD { sgRewriteTime($2,OUTSIDE); } |
277 |
- | LOGFILE ANONYMOUS WORD { sgLogFile(SG_BLOCK_REWRITE,1,0,$3); } |
278 |
- | LOGFILE VERBOSE WORD { sgLogFile(SG_BLOCK_REWRITE,0,1,$3); } |
279 |
- | LOGFILE ANONYMOUS VERBOSE WORD { sgLogFile(SG_BLOCK_REWRITE,1,1,$4); } |
280 |
- | LOGFILE VERBOSE ANONYMOUS WORD { sgLogFile(SG_BLOCK_REWRITE,1,1,$4); } |
281 |
- | LOGFILE WORD { sgLogFile(SG_BLOCK_REWRITE,0,0,$2); } |
282 |
+ | LOGFILE ANONYMOUS STRING { sgLogFile(SG_BLOCK_REWRITE,1,0,$3); } |
283 |
+ | LOGFILE VERBOSE STRING { sgLogFile(SG_BLOCK_REWRITE,0,1,$3); } |
284 |
+ | LOGFILE ANONYMOUS VERBOSE STRING { sgLogFile(SG_BLOCK_REWRITE,1,1,$4); } |
285 |
+ | LOGFILE VERBOSE ANONYMOUS STRING { sgLogFile(SG_BLOCK_REWRITE,1,1,$4); } |
286 |
+ | LOGFILE STRING { sgLogFile(SG_BLOCK_REWRITE,0,0,$2); } |
287 |
; |
288 |
|