current/SOURCES/squidGuard-1.4-quoted_string_support.diff

diff --git a/squidGuard-1.4/configure b/squidGuard-1.4/configure
index 6d9c4f2..e79774a 100755
--- a/squidGuard-1.4/configure
+++ b/squidGuard-1.4/configure
@@ -4260,7 +4260,7 @@ if test $ac_cv_lib_ldap_ldap_init = yes; then
        echo "checking for ldap support... yes"
        with_ldap=yes
        LIBS="$LIBS -lldap"
-       YACCLINE="                     | LDAPUSERSEARCH WORD { sgSourceLdapUserSearch(\$2); }"
+       YACCLINE="                     | LDAPUSERSEARCH STRING { sgSourceLdapUserSearch(\$2); }"
 
 else
 
diff --git a/squidGuard-1.4/configure.in b/squidGuard-1.4/configure.in
index ea09c3b..9dfca11 100644
--- a/squidGuard-1.4/configure.in
+++ b/squidGuard-1.4/configure.in
@@ -175,7 +175,7 @@ if test "$with_ldap" = "yes" -o "$with_ldap" = "true"; then
        echo "checking for ldap support... yes"
        with_ldap=yes
        LIBS="$LIBS -lldap"
-       YACCLINE="                     | LDAPUSERSEARCH WORD { sgSourceLdapUserSearch(\$2); }"
+       YACCLINE="                     | LDAPUSERSEARCH STRING { sgSourceLdapUserSearch(\$2); }"
        ],[
        AC_MSG_WARN([Cannot find LDAP libraries. LDAP support disabled])
        with_ldap=no
diff --git a/squidGuard-1.4/src/sg.l b/squidGuard-1.4/src/sg.l
index 74507cd..7728f31 100644
--- a/squidGuard-1.4/src/sg.l
+++ b/squidGuard-1.4/src/sg.l
@@ -74,23 +74,14 @@ weekdays (({weekday}{s}*[, \t]+{s}*)*{weekday})|[\*]
    <hexchar> ::= 0-9, a-f, A-F
 */
 
-ldaphexchar            [0-9a-fA-f]
-ldaphex                        {ldaphexchar}{ldaphexchar}
-ldapspecial            [,=+<>#;\r\n]
-ldapstringchar         [^,=+<>#;\r\n]
-ldappair               \\({ldapspecial}|\\|\")
-ldapstring             (({ldapstringchar}|{ldappair})*|\"({ldapstringchar}|{ldapspecial}|{ldappair})*\"|#{ldaphex})
-ldapkey                        [a-zA-Z0-9][a-zA-Z0-9 ]*
-ldapattribute          {ldapkey}{s}*={s}*{ldapstring}
-ldapnamecomponent      ({ldapattribute}{s}*+{s}*)*{ldapattribute}
-ldapspacedseparator    \ *[,;]\ *
-ldapdn                 ({ldapnamecomponent}{ldapspacedseparator})*{ldapnamecomponent}
-
 %x REDIRECT_STATE
 %x EXEC_STATE
-%x LDAPDN_STATE
+%x STRING_STATE
 
 %%
+       char string_buf[MAX_BUF];
+       char *string_buf_ptr;
+
 
 [ \t]*#.*        ;
 "{"         return START_BRACKET;
@@ -107,7 +98,7 @@ ldapdn                 ({ldapnamecomponent}{ldapspacedseparator})*{ldapnamecompo
 ^logdir                return LOGDIR;
 ^ldapcachetime return LDAPCACHETIME;
 ^ldapprotover  return LDAPPROTOVER;
-^ldapbinddn    { BEGIN LDAPDN_STATE; return LDAPBINDDN; }
+^ldapbinddn    return LDAPBINDDN;
 ^ldapbindpass  return LDAPBINDPASS;
 ^mysqlusername return MYSQLUSERNAME;
 ^mysqlpassword return MYSQLPASSWORD;
@@ -124,7 +115,7 @@ userquery   {
        }
 ldapusersearch {
        /* use the REDIRECT_STATE logic, since it handles URLs nicely */
-       BEGIN REDIRECT_STATE;
+       /* BEGIN REDIRECT_STATE; */
        return LDAPUSERSEARCH;
        }
 execuserlist {
@@ -169,8 +160,34 @@ ip          return IP;
 <EXEC_STATE>[^\n]* { yylval.string = yytext; BEGIN 0; return EXECCMD; }
 <EXEC_STATE>\n     {lineno++;}
 
-<LDAPDN_STATE>{ldapdn}   {yylval.string = yytext; BEGIN 0; return LDAPDNSTR;}
-<LDAPDN_STATE>\n          {lineno++;}
+\"                 { string_buf_ptr = string_buf; BEGIN STRING_STATE; }
+<STRING_STATE>\"   { *string_buf_ptr = '\0'; yylval.string = string_buf; BEGIN 0; return QUOTED_STRING; }
+<STRING_STATE>\\x[0-9a-fA-F]{2} {
+                     if (string_buf_ptr-string_buf < sizeof(string_buf)-1)
+                     {
+                       int hexcode;
+                       sscanf( yytext + 2, "%x", &hexcode );
+                       *string_buf_ptr++ = (char) hexcode;
+                     }
+                   }
+<STRING_STATE>\\n  { if (string_buf_ptr-string_buf < sizeof(string_buf)-1) *string_buf_ptr++ = '\n'; }
+<STRING_STATE>\\r  { if (string_buf_ptr-string_buf < sizeof(string_buf)-1) *string_buf_ptr++ = '\r'; }
+<STRING_STATE>\\a  { if (string_buf_ptr-string_buf < sizeof(string_buf)-1) *string_buf_ptr++ = '\a'; }
+<STRING_STATE>\\b  { if (string_buf_ptr-string_buf < sizeof(string_buf)-1) *string_buf_ptr++ = '\b'; }
+<STRING_STATE>\\t  { if (string_buf_ptr-string_buf < sizeof(string_buf)-1) *string_buf_ptr++ = '\t'; }
+<STRING_STATE>\n   { if (string_buf_ptr-string_buf < sizeof(string_buf)-1) *string_buf_ptr++ = '\n'; }
+<STRING_STATE>\\\n { /* continuation line - ignore the \ and newline */; }
+<STRING_STATE>\\.  { if (string_buf_ptr-string_buf < sizeof(string_buf)-1) *string_buf_ptr++ = yytext[1];  }
+<STRING_STATE>[^\\\n\"]+ {
+                     char *yyptr = yytext;
+                     while (*yyptr)
+                     {
+                       if (string_buf_ptr-string_buf >= sizeof(string_buf)-1)
+                         break;
+                       *string_buf_ptr++ = *yyptr++;
+                        }
+                   }
+<STRING_STATE>.    { if (string_buf_ptr-string_buf < sizeof(string_buf)-1) *string_buf_ptr++ = yytext[1];  }
 
 [a-zA-Z\/][a-zA-Z0-9/_\-\.\/\:\%\+\?=&]*  {yylval.string = yytext ; return WORD;}
 s@(([^@}]|\\@|\\\})+)@(([^@}]|\\@|\\\})+)@[girR]* {yylval.string = yytext; return SUBST;}
diff --git a/squidGuard-1.4/src/sg.y.in b/squidGuard-1.4/src/sg.y.in
index 9862664..b311b4b 100644
--- a/squidGuard-1.4/src/sg.y.in
+++ b/squidGuard-1.4/src/sg.y.in
@@ -85,7 +85,7 @@ rfc1738_unescape(char *s)
   int  *integer;
 }
 
-%token WORD END START_BRACKET STOP_BRACKET WEEKDAY LDAPDNSTR
+%token WORD END START_BRACKET STOP_BRACKET WEEKDAY
 %token DESTINATION REWRITE ACL TIME TVAL DVAL DVALCRON
 %token SOURCE CIDR IPCLASS CONTINUE
 %token IPADDR DBHOME DOMAINLIST URLLIST EXPRESSIONLIST IPLIST
@@ -94,8 +94,11 @@ rfc1738_unescape(char *s)
 %token WITHIN OUTSIDE ELSE LOGFILE ANONYMOUS VERBOSE CONTINIOUS SPORADIC
 %token LDAPCACHETIME EXECUSERLIST EXECCMD LDAPPROTOVER
 %token LDAPBINDDN LDAPBINDPASS MYSQLUSERNAME MYSQLPASSWORD DATABASE
+%token QUOTED_STRING
 
 %type <string> WORD 
+%type <string> QUOTED_STRING
+%type <string> STRING
 %type <string> EXECCMD
 %type <string> WEEKDAY
 %type <string> LDAPDNSTR
@@ -121,10 +124,16 @@ rfc1738_unescape(char *s)
 start: statements
        ; 
 
-dbhome:    DBHOME WORD { sgSetting("dbhome",$2); }
+STRING: WORD | QUOTED_STRING
+       ;
+
+LDAPDNSTR: QUOTED_STRING
+       ;
+
+dbhome:    DBHOME STRING { sgSetting("dbhome",$2); }
          ;
 
-logdir:    LOGDIR WORD { sgSetting("logdir",$2); }
+logdir:    LOGDIR STRING { sgSetting("logdir",$2); }
          ;
 
 ldapcachetime: LDAPCACHETIME NUMBER { sgSetting("ldapcachetime",$2); }
@@ -136,16 +145,16 @@ ldapprotover: LDAPPROTOVER NUMBER {sgSetting("ldapprotover",$2); }
 ldapbinddn: LDAPBINDDN LDAPDNSTR { sgSetting("ldapbinddn",$2); }
        ;
 
-ldapbindpass: LDAPBINDPASS WORD { sgSetting("ldapbindpass",$2); }
+ldapbindpass: LDAPBINDPASS STRING { sgSetting("ldapbindpass",$2); }
        ;
 
-mysqlusername: MYSQLUSERNAME WORD { sgSetting("mysqlusername",$2); }
+mysqlusername: MYSQLUSERNAME STRING { sgSetting("mysqlusername",$2); }
        ;
 
-mysqlpassword: MYSQLPASSWORD WORD { sgSetting("mysqlpassword",$2); }
+mysqlpassword: MYSQLPASSWORD STRING { sgSetting("mysqlpassword",$2); }
        ;
 
-mysqldb:       DATABASE WORD { sgSetting("mysqldb",$2); }
+mysqldb:       DATABASE STRING { sgSetting("mysqldb",$2); }
        ;
 
 start_block:
@@ -167,22 +176,22 @@ destination_contents:
                   | destination_contents destination_content
                  ;
 destination_content:  
-           DOMAINLIST WORD { sgDestDomainList($2); }
+           DOMAINLIST STRING { sgDestDomainList($2); }
             | DOMAINLIST '-' { sgDestDomainList(NULL); }
-            | URLLIST WORD { sgDestUrlList($2); }
+            | URLLIST STRING { sgDestUrlList($2); }
             | URLLIST '-'  { sgDestUrlList(NULL); }
             | EXPRESSIONLIST '-' { sgDestExpressionList(NULL,NULL); }
-            | EXPRESSIONLIST 'i' WORD { sgDestExpressionList($3,"i"); }
-            | EXPRESSIONLIST WORD  { sgDestExpressionList($2,"n"); }
-            | REDIRECT WORD  {sgDestRedirect($2); }
-            | REWRITE WORD  {sgDestRewrite($2); }
+            | EXPRESSIONLIST 'i' STRING { sgDestExpressionList($3,"i"); }
+            | EXPRESSIONLIST STRING  { sgDestExpressionList($2,"n"); }
+            | REDIRECT STRING  {sgDestRedirect($2); }
+            | REWRITE STRING  {sgDestRewrite($2); }
             | WITHIN WORD { sgDestTime($2,WITHIN); }
             | OUTSIDE WORD { sgDestTime($2,OUTSIDE); }
-            | LOGFILE ANONYMOUS WORD { sgLogFile(SG_BLOCK_DESTINATION,1,0,$3); }
-            | LOGFILE VERBOSE WORD { sgLogFile(SG_BLOCK_DESTINATION,0,1,$3); }
-            | LOGFILE ANONYMOUS VERBOSE WORD { sgLogFile(SG_BLOCK_DESTINATION,1,1,$4); }
-            | LOGFILE VERBOSE ANONYMOUS WORD { sgLogFile(SG_BLOCK_DESTINATION,1,1,$4); }
-            | LOGFILE WORD { sgLogFile(SG_BLOCK_DESTINATION,0,0,$2); }
+            | LOGFILE ANONYMOUS STRING { sgLogFile(SG_BLOCK_DESTINATION,1,0,$3); }
+            | LOGFILE VERBOSE STRING { sgLogFile(SG_BLOCK_DESTINATION,0,1,$3); }
+            | LOGFILE ANONYMOUS VERBOSE STRING { sgLogFile(SG_BLOCK_DESTINATION,1,1,$4); }
+            | LOGFILE VERBOSE ANONYMOUS STRING { sgLogFile(SG_BLOCK_DESTINATION,1,1,$4); }
+            | LOGFILE STRING { sgLogFile(SG_BLOCK_DESTINATION,0,0,$2); }
             ;
 
 source:      SOURCE WORD { sgSource($2); }
@@ -197,7 +206,7 @@ source_contents:
 
 source_content:     DOMAIN domain
                     | USER user 
-                    | USERLIST WORD { sgSourceUserList($2); } 
+                    | USERLIST STRING { sgSourceUserList($2); } 
 @MYSQLLINE@
 @YACCLINE@
                     | EXECUSERLIST EXECCMD { sgSourceExecUserList($2); }
@@ -206,23 +215,23 @@ source_content:     DOMAIN domain
                     | USERQUOTA NUMBER NUMBER WEEKLY { sgSourceUserQuota($2,$3,"604800");} 
                     | USERQUOTA NUMBER NUMBER NUMBER { sgSourceUserQuota($2,$3,$4);} 
                     | IP ips
-                    | IPLIST WORD { sgSourceIpList($2); }
+                    | IPLIST WORD { sgSourceIpList($2); }
                     | WITHIN WORD { sgSourceTime($2,WITHIN); }
                     | OUTSIDE WORD { sgSourceTime($2,OUTSIDE); }
-                    | LOGFILE ANONYMOUS WORD {sgLogFile(SG_BLOCK_SOURCE,1,0,$3);}
-                    | LOGFILE VERBOSE WORD {sgLogFile(SG_BLOCK_SOURCE,0,1,$3);}
-                    | LOGFILE ANONYMOUS VERBOSE WORD {sgLogFile(SG_BLOCK_SOURCE,1,1,$4);}
-                    | LOGFILE VERBOSE ANONYMOUS WORD {sgLogFile(SG_BLOCK_SOURCE,1,1,$4);}
-                    | LOGFILE WORD { sgLogFile(SG_BLOCK_SOURCE,0,0,$2); }
+                    | LOGFILE ANONYMOUS STRING {sgLogFile(SG_BLOCK_SOURCE,1,0,$3);}
+                    | LOGFILE VERBOSE STRING {sgLogFile(SG_BLOCK_SOURCE,0,1,$3);}
+                    | LOGFILE ANONYMOUS VERBOSE STRING {sgLogFile(SG_BLOCK_SOURCE,1,1,$4);}
+                    | LOGFILE VERBOSE ANONYMOUS STRING {sgLogFile(SG_BLOCK_SOURCE,1,1,$4);}
+                    | LOGFILE STRING { sgLogFile(SG_BLOCK_SOURCE,0,0,$2); }
                     | CONTINUE { lastSource->cont_search = 1; }
                     ;
 domain:                    
-                   | domain WORD { sgSourceDomain($2); }
+                   | domain STRING { sgSourceDomain($2); }
                     | domain ','
                    ;
 
 user:              
-                   | user WORD { sgSourceUser($2); }
+                   | user STRING { sgSourceUser($2); }
                     | user ','
                    ;
 
@@ -250,12 +259,12 @@ access_contents:
 
 access_content:    PASS access_pass { }
                   | REWRITE WORD { sgAclSetValue("rewrite",$2,0); }
-                  | REDIRECT WORD { sgAclSetValue("redirect",$2,0); }
-                  | LOGFILE ANONYMOUS WORD {sgLogFile(SG_BLOCK_ACL,1,0,$3);}
-                  | LOGFILE VERBOSE WORD {sgLogFile(SG_BLOCK_ACL,0,1,$3);}
-                  | LOGFILE ANONYMOUS VERBOSE WORD {sgLogFile(SG_BLOCK_ACL,1,1,$4);}
-                  | LOGFILE VERBOSE ANONYMOUS WORD {sgLogFile(SG_BLOCK_ACL,1,1,$4);}
-                  | LOGFILE WORD { sgLogFile(SG_BLOCK_ACL,0,0,$2); }
+                  | REDIRECT STRING { sgAclSetValue("redirect",$2,0); }
+                  | LOGFILE ANONYMOUS STRING {sgLogFile(SG_BLOCK_ACL,1,0,$3);}
+                  | LOGFILE VERBOSE STRING {sgLogFile(SG_BLOCK_ACL,0,1,$3);}
+                  | LOGFILE ANONYMOUS VERBOSE STRING {sgLogFile(SG_BLOCK_ACL,1,1,$4);}
+                  | LOGFILE VERBOSE ANONYMOUS STRING {sgLogFile(SG_BLOCK_ACL,1,1,$4);}
+                  | LOGFILE STRING { sgLogFile(SG_BLOCK_ACL,0,0,$2); }
                   ;
 
 access_pass:     
@@ -294,11 +303,11 @@ rew_contents:
 rew_content:    SUBST  { sgRewriteSubstitute($1); }
                 | WITHIN WORD { sgRewriteTime($2,WITHIN); }
                 | OUTSIDE WORD { sgRewriteTime($2,OUTSIDE); }
-                | LOGFILE ANONYMOUS WORD { sgLogFile(SG_BLOCK_REWRITE,1,0,$3); }
-                | LOGFILE VERBOSE WORD { sgLogFile(SG_BLOCK_REWRITE,0,1,$3); }
-                | LOGFILE ANONYMOUS VERBOSE WORD { sgLogFile(SG_BLOCK_REWRITE,1,1,$4); }
-                | LOGFILE VERBOSE ANONYMOUS WORD { sgLogFile(SG_BLOCK_REWRITE,1,1,$4); }
-                | LOGFILE WORD { sgLogFile(SG_BLOCK_REWRITE,0,0,$2); }
+                | LOGFILE ANONYMOUS STRING { sgLogFile(SG_BLOCK_REWRITE,1,0,$3); }
+                | LOGFILE VERBOSE STRING { sgLogFile(SG_BLOCK_REWRITE,0,1,$3); }
+                | LOGFILE ANONYMOUS VERBOSE STRING { sgLogFile(SG_BLOCK_REWRITE,1,1,$4); }
+                | LOGFILE VERBOSE ANONYMOUS STRING { sgLogFile(SG_BLOCK_REWRITE,1,1,$4); }
+                | LOGFILE STRING { sgLogFile(SG_BLOCK_REWRITE,0,0,$2); }
                 ;
 
1	diff --git a/squidGuard-1.4/configure b/squidGuard-1.4/configure
2	index 6d9c4f2..e79774a 100755
3	--- a/squidGuard-1.4/configure
4	+++ b/squidGuard-1.4/configure
5	@@ -4260,7 +4260,7 @@ if test $ac_cv_lib_ldap_ldap_init = yes; then
6	echo "checking for ldap support... yes"
7	with_ldap=yes
8	LIBS="$LIBS -lldap"
9	- YACCLINE=" \| LDAPUSERSEARCH WORD { sgSourceLdapUserSearch(\$2); }"
10	+ YACCLINE=" \| LDAPUSERSEARCH STRING { sgSourceLdapUserSearch(\$2); }"
11
12	else
13
14	diff --git a/squidGuard-1.4/configure.in b/squidGuard-1.4/configure.in
15	index ea09c3b..9dfca11 100644
16	--- a/squidGuard-1.4/configure.in
17	+++ b/squidGuard-1.4/configure.in
18	@@ -175,7 +175,7 @@ if test "$with_ldap" = "yes" -o "$with_ldap" = "true"; then
19	echo "checking for ldap support... yes"
20	with_ldap=yes
21	LIBS="$LIBS -lldap"
22	- YACCLINE=" \| LDAPUSERSEARCH WORD { sgSourceLdapUserSearch(\$2); }"
23	+ YACCLINE=" \| LDAPUSERSEARCH STRING { sgSourceLdapUserSearch(\$2); }"
24	],[
25	AC_MSG_WARN([Cannot find LDAP libraries. LDAP support disabled])
26	with_ldap=no
27	diff --git a/squidGuard-1.4/src/sg.l b/squidGuard-1.4/src/sg.l
28	index 74507cd..7728f31 100644
29	--- a/squidGuard-1.4/src/sg.l
30	+++ b/squidGuard-1.4/src/sg.l
31	@@ -74,23 +74,14 @@ weekdays (({weekday}{s}[, \t]+{s}){weekday})\|[\]
32	<hexchar> ::= 0-9, a-f, A-F
33	*/
34
35	-ldaphexchar [0-9a-fA-f]
36	-ldaphex {ldaphexchar}{ldaphexchar}
37	-ldapspecial [,=+<>#;\r\n]
38	-ldapstringchar [^,=+<>#;\r\n]
39	-ldappair \\({ldapspecial}\|\\\|\")
40	-ldapstring (({ldapstringchar}\|{ldappair})\|\"({ldapstringchar}\|{ldapspecial}\|{ldappair})\"\|#{ldaphex})
41	-ldapkey [a-zA-Z0-9][a-zA-Z0-9 ]*
42	-ldapattribute {ldapkey}{s}={s}{ldapstring}
43	-ldapnamecomponent ({ldapattribute}{s}+{s})*{ldapattribute}
44	-ldapspacedseparator \ [,;]\
45	-ldapdn ({ldapnamecomponent}{ldapspacedseparator})*{ldapnamecomponent}
46	-
47	%x REDIRECT_STATE
48	%x EXEC_STATE
49	-%x LDAPDN_STATE
50	+%x STRING_STATE
51
52	%%
53	+ char string_buf[MAX_BUF];
54	+ char *string_buf_ptr;
55	+
56
57	[ \t]#. ;
58	"{" return START_BRACKET;
59	@@ -107,7 +98,7 @@ ldapdn ({ldapnamecomponent}{ldapspacedseparator})*{ldapnamecompo
60	^logdir return LOGDIR;
61	^ldapcachetime return LDAPCACHETIME;
62	^ldapprotover return LDAPPROTOVER;
63	-^ldapbinddn { BEGIN LDAPDN_STATE; return LDAPBINDDN; }
64	+^ldapbinddn return LDAPBINDDN;
65	^ldapbindpass return LDAPBINDPASS;
66	^mysqlusername return MYSQLUSERNAME;
67	^mysqlpassword return MYSQLPASSWORD;
68	@@ -124,7 +115,7 @@ userquery {
69	}
70	ldapusersearch {
71	/* use the REDIRECT_STATE logic, since it handles URLs nicely */
72	- BEGIN REDIRECT_STATE;
73	+ /* BEGIN REDIRECT_STATE; */
74	return LDAPUSERSEARCH;
75	}
76	execuserlist {
77	@@ -169,8 +160,34 @@ ip return IP;
78	<EXEC_STATE>[^\n]* { yylval.string = yytext; BEGIN 0; return EXECCMD; }
79	<EXEC_STATE>\n {lineno++;}
80
81	-<LDAPDN_STATE>{ldapdn} {yylval.string = yytext; BEGIN 0; return LDAPDNSTR;}
82	-<LDAPDN_STATE>\n {lineno++;}
83	+\" { string_buf_ptr = string_buf; BEGIN STRING_STATE; }
84	+<STRING_STATE>\" { *string_buf_ptr = '\0'; yylval.string = string_buf; BEGIN 0; return QUOTED_STRING; }
85	+<STRING_STATE>\\x[0-9a-fA-F]{2} {
86	+ if (string_buf_ptr-string_buf < sizeof(string_buf)-1)
87	+ {
88	+ int hexcode;
89	+ sscanf( yytext + 2, "%x", &hexcode );
90	+ *string_buf_ptr++ = (char) hexcode;
91	+ }
92	+ }
93	+<STRING_STATE>\\n { if (string_buf_ptr-string_buf < sizeof(string_buf)-1) *string_buf_ptr++ = '\n'; }
94	+<STRING_STATE>\\r { if (string_buf_ptr-string_buf < sizeof(string_buf)-1) *string_buf_ptr++ = '\r'; }
95	+<STRING_STATE>\\a { if (string_buf_ptr-string_buf < sizeof(string_buf)-1) *string_buf_ptr++ = '\a'; }
96	+<STRING_STATE>\\b { if (string_buf_ptr-string_buf < sizeof(string_buf)-1) *string_buf_ptr++ = '\b'; }
97	+<STRING_STATE>\\t { if (string_buf_ptr-string_buf < sizeof(string_buf)-1) *string_buf_ptr++ = '\t'; }
98	+<STRING_STATE>\n { if (string_buf_ptr-string_buf < sizeof(string_buf)-1) *string_buf_ptr++ = '\n'; }
99	+<STRING_STATE>\\\n { /* continuation line - ignore the \ and newline */; }
100	+<STRING_STATE>\\. { if (string_buf_ptr-string_buf < sizeof(string_buf)-1) *string_buf_ptr++ = yytext[1]; }
101	+<STRING_STATE>[^\\\n\"]+ {
102	+ char *yyptr = yytext;
103	+ while (*yyptr)
104	+ {
105	+ if (string_buf_ptr-string_buf >= sizeof(string_buf)-1)
106	+ break;
107	+ string_buf_ptr++ = yyptr++;
108	+ }
109	+ }
110	+<STRING_STATE>. { if (string_buf_ptr-string_buf < sizeof(string_buf)-1) *string_buf_ptr++ = yytext[1]; }
111
112	[a-zA-Z\/][a-zA-Z0-9/_\-\.\/\:\%\+\?=&]* {yylval.string = yytext ; return WORD;}
113	s@(([^@}]\|\\@\|\\\})+)@(([^@}]\|\\@\|\\\})+)@[girR]* {yylval.string = yytext; return SUBST;}
114	diff --git a/squidGuard-1.4/src/sg.y.in b/squidGuard-1.4/src/sg.y.in
115	index 9862664..b311b4b 100644
116	--- a/squidGuard-1.4/src/sg.y.in
117	+++ b/squidGuard-1.4/src/sg.y.in
118	@@ -85,7 +85,7 @@ rfc1738_unescape(char *s)
119	int *integer;
120	}
121
122	-%token WORD END START_BRACKET STOP_BRACKET WEEKDAY LDAPDNSTR
123	+%token WORD END START_BRACKET STOP_BRACKET WEEKDAY
124	%token DESTINATION REWRITE ACL TIME TVAL DVAL DVALCRON
125	%token SOURCE CIDR IPCLASS CONTINUE
126	%token IPADDR DBHOME DOMAINLIST URLLIST EXPRESSIONLIST IPLIST
127	@@ -94,8 +94,11 @@ rfc1738_unescape(char *s)
128	%token WITHIN OUTSIDE ELSE LOGFILE ANONYMOUS VERBOSE CONTINIOUS SPORADIC
129	%token LDAPCACHETIME EXECUSERLIST EXECCMD LDAPPROTOVER
130	%token LDAPBINDDN LDAPBINDPASS MYSQLUSERNAME MYSQLPASSWORD DATABASE
131	+%token QUOTED_STRING
132
133	%type <string> WORD
134	+%type <string> QUOTED_STRING
135	+%type <string> STRING
136	%type <string> EXECCMD
137	%type <string> WEEKDAY
138	%type <string> LDAPDNSTR
139	@@ -121,10 +124,16 @@ rfc1738_unescape(char *s)
140	start: statements
141	;
142
143	-dbhome: DBHOME WORD { sgSetting("dbhome",$2); }
144	+STRING: WORD \| QUOTED_STRING
145	+ ;
146	+
147	+LDAPDNSTR: QUOTED_STRING
148	+ ;
149	+
150	+dbhome: DBHOME STRING { sgSetting("dbhome",$2); }
151	;
152
153	-logdir: LOGDIR WORD { sgSetting("logdir",$2); }
154	+logdir: LOGDIR STRING { sgSetting("logdir",$2); }
155	;
156
157	ldapcachetime: LDAPCACHETIME NUMBER { sgSetting("ldapcachetime",$2); }
158	@@ -136,16 +145,16 @@ ldapprotover: LDAPPROTOVER NUMBER {sgSetting("ldapprotover",$2); }
159	ldapbinddn: LDAPBINDDN LDAPDNSTR { sgSetting("ldapbinddn",$2); }
160	;
161
162	-ldapbindpass: LDAPBINDPASS WORD { sgSetting("ldapbindpass",$2); }
163	+ldapbindpass: LDAPBINDPASS STRING { sgSetting("ldapbindpass",$2); }
164	;
165
166	-mysqlusername: MYSQLUSERNAME WORD { sgSetting("mysqlusername",$2); }
167	+mysqlusername: MYSQLUSERNAME STRING { sgSetting("mysqlusername",$2); }
168	;
169
170	-mysqlpassword: MYSQLPASSWORD WORD { sgSetting("mysqlpassword",$2); }
171	+mysqlpassword: MYSQLPASSWORD STRING { sgSetting("mysqlpassword",$2); }
172	;
173
174	-mysqldb: DATABASE WORD { sgSetting("mysqldb",$2); }
175	+mysqldb: DATABASE STRING { sgSetting("mysqldb",$2); }
176	;
177
178	start_block:
179	@@ -167,22 +176,22 @@ destination_contents:
180	\| destination_contents destination_content
181	;
182	destination_content:
183	- DOMAINLIST WORD { sgDestDomainList($2); }
184	+ DOMAINLIST STRING { sgDestDomainList($2); }
185	\| DOMAINLIST '-' { sgDestDomainList(NULL); }
186	- \| URLLIST WORD { sgDestUrlList($2); }
187	+ \| URLLIST STRING { sgDestUrlList($2); }
188	\| URLLIST '-' { sgDestUrlList(NULL); }
189	\| EXPRESSIONLIST '-' { sgDestExpressionList(NULL,NULL); }
190	- \| EXPRESSIONLIST 'i' WORD { sgDestExpressionList($3,"i"); }
191	- \| EXPRESSIONLIST WORD { sgDestExpressionList($2,"n"); }
192	- \| REDIRECT WORD {sgDestRedirect($2); }
193	- \| REWRITE WORD {sgDestRewrite($2); }
194	+ \| EXPRESSIONLIST 'i' STRING { sgDestExpressionList($3,"i"); }
195	+ \| EXPRESSIONLIST STRING { sgDestExpressionList($2,"n"); }
196	+ \| REDIRECT STRING {sgDestRedirect($2); }
197	+ \| REWRITE STRING {sgDestRewrite($2); }
198	\| WITHIN WORD { sgDestTime($2,WITHIN); }
199	\| OUTSIDE WORD { sgDestTime($2,OUTSIDE); }
200	- \| LOGFILE ANONYMOUS WORD { sgLogFile(SG_BLOCK_DESTINATION,1,0,$3); }
201	- \| LOGFILE VERBOSE WORD { sgLogFile(SG_BLOCK_DESTINATION,0,1,$3); }
202	- \| LOGFILE ANONYMOUS VERBOSE WORD { sgLogFile(SG_BLOCK_DESTINATION,1,1,$4); }
203	- \| LOGFILE VERBOSE ANONYMOUS WORD { sgLogFile(SG_BLOCK_DESTINATION,1,1,$4); }
204	- \| LOGFILE WORD { sgLogFile(SG_BLOCK_DESTINATION,0,0,$2); }
205	+ \| LOGFILE ANONYMOUS STRING { sgLogFile(SG_BLOCK_DESTINATION,1,0,$3); }
206	+ \| LOGFILE VERBOSE STRING { sgLogFile(SG_BLOCK_DESTINATION,0,1,$3); }
207	+ \| LOGFILE ANONYMOUS VERBOSE STRING { sgLogFile(SG_BLOCK_DESTINATION,1,1,$4); }
208	+ \| LOGFILE VERBOSE ANONYMOUS STRING { sgLogFile(SG_BLOCK_DESTINATION,1,1,$4); }
209	+ \| LOGFILE STRING { sgLogFile(SG_BLOCK_DESTINATION,0,0,$2); }
210	;
211
212	source: SOURCE WORD { sgSource($2); }
213	@@ -197,7 +206,7 @@ source_contents:
214
215	source_content: DOMAIN domain
216	\| USER user
217	- \| USERLIST WORD { sgSourceUserList($2); }
218	+ \| USERLIST STRING { sgSourceUserList($2); }
219	@MYSQLLINE@
220	@YACCLINE@
221	\| EXECUSERLIST EXECCMD { sgSourceExecUserList($2); }
222	@@ -206,23 +215,23 @@ source_content: DOMAIN domain
223	\| USERQUOTA NUMBER NUMBER WEEKLY { sgSourceUserQuota($2,$3,"604800");}
224	\| USERQUOTA NUMBER NUMBER NUMBER { sgSourceUserQuota($2,$3,$4);}
225	\| IP ips
226	- \| IPLIST WORD { sgSourceIpList($2); }
227	+ \| IPLIST WORD { sgSourceIpList($2); }
228	\| WITHIN WORD { sgSourceTime($2,WITHIN); }
229	\| OUTSIDE WORD { sgSourceTime($2,OUTSIDE); }
230	- \| LOGFILE ANONYMOUS WORD {sgLogFile(SG_BLOCK_SOURCE,1,0,$3);}
231	- \| LOGFILE VERBOSE WORD {sgLogFile(SG_BLOCK_SOURCE,0,1,$3);}
232	- \| LOGFILE ANONYMOUS VERBOSE WORD {sgLogFile(SG_BLOCK_SOURCE,1,1,$4);}
233	- \| LOGFILE VERBOSE ANONYMOUS WORD {sgLogFile(SG_BLOCK_SOURCE,1,1,$4);}
234	- \| LOGFILE WORD { sgLogFile(SG_BLOCK_SOURCE,0,0,$2); }
235	+ \| LOGFILE ANONYMOUS STRING {sgLogFile(SG_BLOCK_SOURCE,1,0,$3);}
236	+ \| LOGFILE VERBOSE STRING {sgLogFile(SG_BLOCK_SOURCE,0,1,$3);}
237	+ \| LOGFILE ANONYMOUS VERBOSE STRING {sgLogFile(SG_BLOCK_SOURCE,1,1,$4);}
238	+ \| LOGFILE VERBOSE ANONYMOUS STRING {sgLogFile(SG_BLOCK_SOURCE,1,1,$4);}
239	+ \| LOGFILE STRING { sgLogFile(SG_BLOCK_SOURCE,0,0,$2); }
240	\| CONTINUE { lastSource->cont_search = 1; }
241	;
242	domain:
243	- \| domain WORD { sgSourceDomain($2); }
244	+ \| domain STRING { sgSourceDomain($2); }
245	\| domain ','
246	;
247
248	user:
249	- \| user WORD { sgSourceUser($2); }
250	+ \| user STRING { sgSourceUser($2); }
251	\| user ','
252	;
253
254	@@ -250,12 +259,12 @@ access_contents:
255
256	access_content: PASS access_pass { }
257	\| REWRITE WORD { sgAclSetValue("rewrite",$2,0); }
258	- \| REDIRECT WORD { sgAclSetValue("redirect",$2,0); }
259	- \| LOGFILE ANONYMOUS WORD {sgLogFile(SG_BLOCK_ACL,1,0,$3);}
260	- \| LOGFILE VERBOSE WORD {sgLogFile(SG_BLOCK_ACL,0,1,$3);}
261	- \| LOGFILE ANONYMOUS VERBOSE WORD {sgLogFile(SG_BLOCK_ACL,1,1,$4);}
262	- \| LOGFILE VERBOSE ANONYMOUS WORD {sgLogFile(SG_BLOCK_ACL,1,1,$4);}
263	- \| LOGFILE WORD { sgLogFile(SG_BLOCK_ACL,0,0,$2); }
264	+ \| REDIRECT STRING { sgAclSetValue("redirect",$2,0); }
265	+ \| LOGFILE ANONYMOUS STRING {sgLogFile(SG_BLOCK_ACL,1,0,$3);}
266	+ \| LOGFILE VERBOSE STRING {sgLogFile(SG_BLOCK_ACL,0,1,$3);}
267	+ \| LOGFILE ANONYMOUS VERBOSE STRING {sgLogFile(SG_BLOCK_ACL,1,1,$4);}
268	+ \| LOGFILE VERBOSE ANONYMOUS STRING {sgLogFile(SG_BLOCK_ACL,1,1,$4);}
269	+ \| LOGFILE STRING { sgLogFile(SG_BLOCK_ACL,0,0,$2); }
270	;
271
272	access_pass:
273	@@ -294,11 +303,11 @@ rew_contents:
274	rew_content: SUBST { sgRewriteSubstitute($1); }
275	\| WITHIN WORD { sgRewriteTime($2,WITHIN); }
276	\| OUTSIDE WORD { sgRewriteTime($2,OUTSIDE); }
277	- \| LOGFILE ANONYMOUS WORD { sgLogFile(SG_BLOCK_REWRITE,1,0,$3); }
278	- \| LOGFILE VERBOSE WORD { sgLogFile(SG_BLOCK_REWRITE,0,1,$3); }
279	- \| LOGFILE ANONYMOUS VERBOSE WORD { sgLogFile(SG_BLOCK_REWRITE,1,1,$4); }
280	- \| LOGFILE VERBOSE ANONYMOUS WORD { sgLogFile(SG_BLOCK_REWRITE,1,1,$4); }
281	- \| LOGFILE WORD { sgLogFile(SG_BLOCK_REWRITE,0,0,$2); }
282	+ \| LOGFILE ANONYMOUS STRING { sgLogFile(SG_BLOCK_REWRITE,1,0,$3); }
283	+ \| LOGFILE VERBOSE STRING { sgLogFile(SG_BLOCK_REWRITE,0,1,$3); }
284	+ \| LOGFILE ANONYMOUS VERBOSE STRING { sgLogFile(SG_BLOCK_REWRITE,1,1,$4); }
285	+ \| LOGFILE VERBOSE ANONYMOUS STRING { sgLogFile(SG_BLOCK_REWRITE,1,1,$4); }
286	+ \| LOGFILE STRING { sgLogFile(SG_BLOCK_REWRITE,0,0,$2); }
287	;
288