[userv.git] / parser.c

/*
 * userv - parser.c
 * configuration file parser; this file is actually #included from
 * lexer.c, which is generated using flex from lexer.l, in turn from
 * lexer.l.m4.  It's in a separate file so that we don't have to worry
 * about m4 quoting &c.
 *
 * Copyright (C)1996-1997 Ian Jackson
 *
 * This is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 2 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful, but
 * WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 * General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with userv; if not, write to the Free Software
 * Foundation, 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
 */

struct parser_state {
  int lineno, atnewline, notedreferer;
  const char *filename;
  YY_BUFFER_STATE ybuf;
  struct parser_state *upstate;
};

static const char *currentfile= 0;
static struct parser_state *parser_topstate= 0;

static directive_fnt *lr_dir=0;
static parmcondition_fnt *lr_parmcond=0;
static parameter_fnt *lr_parameter=0;
static int lr_loglevel, lr_logfacility, lr_min, lr_max, *lr_flag;
static int lr_flagval, lr_controlend;
static int lr_fdwant_readwrite;

static void useless(void) { (void)yyunput; (void)useless; /* to shut up GCC ! */ }

static void closeerrorfile(void) {
  if (ehfile && !ehfilekeep) { fclose(ehfile); free(ehfilename); }
  ehfile= 0; ehfilename= 0; ehfilekeep= 0;
}

static void senderrmsg(const char *errmsg, int useehandling) {
  char suberrmsg[MAX_ERRMSG_LEN];
  int e;
  time_t now;
  struct tm *lt;

  switch (useehandling) {
  case tokv_word_errorstostderr:
    senderrmsgstderr(errmsg);
    break;
  case tokv_word_errorstosyslog:
    ensurelogopen(ehlogfacility);
    syslog(ehloglevel,"%s",errmsg);
    break;
  case tokv_word_errorstofile:
    if (time(&now)==-1) syscallerror("get current time");
    lt= localtime(&now); if (!lt) syscallerror("convert current time");
    if (fprintf(ehfile,"%d-%02d-%02d %02d:%02d:%02d: uservd: %s\n",
                lt->tm_year+1900, lt->tm_mon+1, lt->tm_mday,
                lt->tm_hour, lt->tm_min, lt->tm_sec,
                errmsg) == EOF) {
      e= errno;
      closeerrorfile(); ehandling= tokv_word_errorstofile;
      snyprintf(suberrmsg,sizeof(suberrmsg),
                "error writing to error log file `%.*s': %s;"
                " reverting to errors-to-stderr",
                (int)(sizeof(suberrmsg)>>1),ehfilename,strerror(e));
      senderrmsg(suberrmsg,ehandling);
      senderrmsg(errmsg,ehandling);
    }
    break;
  default:
    abort();
  }
}

static void errwhere(int iflineno, const char *filename, int *ifnotedreferer,
                     struct parser_state *upstate, char *bufput, int bufputlen) {
  static const char suffix[]= "references ...";
  char errmsg[MAX_ERRMSG_LEN];
  
  if (!upstate) {
    filename= "<initialisation>";
  } else if (!*ifnotedreferer && upstate->upstate && upstate->upstate->upstate) {
    errwhere(upstate->lineno-upstate->atnewline,upstate->filename,
             &upstate->notedreferer,upstate->upstate,
             errmsg,sizeof(errmsg)-sizeof(suffix));
    strcat(errmsg,suffix);
    senderrmsg(errmsg,ehandling);
    *ifnotedreferer= 1;
  }
  snyprintf(bufput,bufputlen,"%.*s:%d: ",bufputlen-10,filename,iflineno);
}

void parseerrprint(const char *fmt, ...) {
  va_list al;
  char errmsg[MAX_ERRMSG_LEN];

  va_start(al,fmt);
  errwhere(lineno-atnewline,currentfile,&notedreferer,parser_topstate,
           errmsg,sizeof(errmsg)>>1);
  vsnytprintfcat(errmsg,sizeof(errmsg),fmt,al);
  senderrmsg(errmsg,ehandling);
  va_end(al);
}

static void freecharparray(char **array) {
  char **pp;

  if (!array) return;
  for (pp=array; *pp; pp++) free(*pp);
  free(array);
}

static int dequote(char *inplace) {
  char *p, *q, buf[4], *bep;
  int v;
  
  p=q=inplace;
  assert(*p++ = '"');
  while (*p && *p != '"') {
    if (*p != '\\') { *q++= *p++; continue; }
    switch (*++p) {
    case 'n': *q++= '\n'; continue;
    case 'r': *q++= '\r'; continue;
    case 't': *q++= '\t'; continue;
    case 'x':
      assert(buf[0]= *++p); assert(buf[1]= *++p); buf[2]= 0;
      v= strtoul(buf,&bep,16); assert(bep == buf+2);
      assert(!(v & ~0xff)); *q++= v; p++; continue;
    default:
      if (isalpha(*p)) {
        parseerrprint("unknown \\<letter> sequence \\%c in quoted string",*p);
        return tokv_error;
      } else if (isdigit(*p)) {
        assert(buf[0]= *++p); assert(buf[1]= *++p); assert(buf[2]= *++p);
        buf[3]= 0; v= strtoul(buf,&bep,8);
        if (bep != buf+3 || (v & ~0xff)); {
          parseerrprint("invalid \\<octal> sequence \\%s in quoted string",buf);
          return tokv_error;
        }
        *q++= v; p++; continue;
      } else if (ispunct(*p)) {
        *q++= *p++; continue;
      } else {
        while (*p==' ' || *p=='\t') p++;
        assert(*p=='\n');
      }
    }
  }
  assert(*p); assert(!*++p); return tokv_quotedstring;
}

const char *printtoken(int token) {
  static char buf[250];
  
  char *q;
  const char *p;
  int i, c;
  
  if ((token & tokm_repres) == tokr_word) {
    assert(strlen(yytext)+50<sizeof(buf));
    sprintf(buf,"word `%s'",yytext);
    return buf;
  } else if (token & tokt_number) {
    sprintf(buf,"number %d",lr_min); return buf;
  } else if (token & tokt_fdrange) {
    sprintf(buf,"fdrange %d..%d",lr_min,lr_max); return buf;
  } else if ((token & tokm_repres) == tokr_punct) {
    assert(strlen(yytext)+50<sizeof(buf));
    sprintf(buf,"operator `%s'",yytext);
    return buf;
  } else if (token & tokt_string) {
    switch (token) {
    case tokv_barestring: strcpy(buf,"unquoted string (bare word)"); break;
    case tokv_quotedstring: strcpy(buf,"quoted string"); break;
    default: abort();
    }
    strcat(buf," `");
    i= sizeof(buf)-50; p= yytext; q= buf+strlen(buf);
    while (i-- >0 && (c= *p++)) {
      if (isspace(c)) c= ' ';
      else if (!isprint(c) || iscntrl(c)) c= '?';
      *q++= c;
    }
    strcpy(q,"'");
    return buf;
  } else {
    switch (token) {
    case tokv_lwsp:    return "linear whitespace";
    case tokv_newline: return "newline (or comment followed by newline)";
    case tokv_eof:     return "end of input file";
    case tokv_error:   return "syntax error token";
    default:
      sprintf(buf,"token#0%o",token); return buf;
    }
  }
}

static const char *string2path(const char *in) {
  static char *p=0;
  static int pl=0;
  
  int l;
  
  if (strncmp(in,USERDIRPREFIX,sizeof(USERDIRPREFIX)-1)) return in;
  l= strlen(serviceuser_dir)+strlen(in)+1-(sizeof(USERDIRPREFIX)-1)+
     sizeof(DIRSEP)-1;
  if (l>pl) { p= realloc(p,l); pl=l; }
  strcpy(p,serviceuser_dir); strcat(p,DIRSEP);
  strcat(p,in+(sizeof(USERDIRPREFIX)-1));
  return p;
}

static void parser_push(struct parser_state *saveinto,
                        const char *newfile) {
  saveinto->lineno= lineno;
  saveinto->atnewline= atnewline;
  saveinto->filename= currentfile;
  saveinto->notedreferer= notedreferer;
  saveinto->ybuf= YY_CURRENT_BUFFER;
  saveinto->upstate= parser_topstate;

  lineno= 1;
  notedreferer= 0;
  currentfile= newfile;
  parser_topstate= saveinto;
}

static void parser_pop(void) {
  YY_BUFFER_STATE ybuf;
  ybuf= YY_CURRENT_BUFFER;
  
  lineno= parser_topstate->lineno;
  atnewline= parser_topstate->atnewline;
  currentfile= parser_topstate->filename;
  notedreferer= parser_topstate->notedreferer;
  if (parser_topstate->ybuf) yy_switch_to_buffer(parser_topstate->ybuf);
  parser_topstate= parser_topstate->upstate;
  
  yy_delete_buffer(ybuf);
}

/* parser component functions pa_ return tokv_error or 0,
 *  having scanned exactly what they were expecting
 * complete argument list parsers paa_ return tokv_error or 0,
 *  having scanned up to and including the newline
 */

static int unexpected(int found, int wanted, const char *wantedstr) {
  /* pass wanted==-1 if you know it's not what you wanted;
   * otherwise this function will check it for you.
   */
  if (found == wanted) return 0;
  if (found != tokv_error) {
    parseerrprint("found %s, expected %s",printtoken(found),wantedstr);
  }
  return tokv_error;
}

static int pa_mnl(void) {
  return unexpected(yylex(),tokv_newline,"newline");
}
static int pa_mwsp(void) {
  return unexpected(yylex(),tokv_lwsp,"linear whitespace");
}

static void parm_1string(char ***rvalues, const char *tocopy) {
  char **a;
  a= xmalloc(sizeof(char*)*2);
  a[0]= xstrdup(tocopy);
  a[1]= 0;
  *rvalues= a;
}

static int pa_string(const char **rv) {
  /* Value returned in *rv is overwritten by repeated calls */
  static char *p= 0;
  static int pl= 0;

  int r, l;

  r= pa_mwsp(); if (r) return r;
  r= yylex(); if (r == tokv_error) return r;
  if ((r & tokm_repres) == tokr_nonstring) return unexpected(r,-1,"string");
  l= strlen(yytext)+1;
  makeroom(&p,&pl,l);
  strcpy(p,yytext); *rv= p;

  return 0;
}  

static int paa_1string(const char **rv) {
  /* Value returned in *rv is overwritten by repeated calls */
  int r;

  r= pa_string(rv); if (r) return r;
  return pa_mnl();
}  

static int paa_1path(const char **rv) {
  /* Value returned in *rv is overwritten by repeated calls */
  const char *cp;
  int r;
  
  r= paa_1string(&cp); if (r) return r;
  *rv= string2path(cp); return 0;
}

static int pa_parameter(char ***rvalues) {
  /* Scans a single parameter token and calls the appropriate parameter
   * function, returning tokv_error or 0 just like the parameter function.
   */
  int token, r, i;

  token= yylex(); if (token == tokv_error) return token;
  if ((token & tokm_repres) != tokr_nonstring &&
      !memcmp(yytext,"u-",2) && strlen(yytext)>=3) {
    for (i=0;
         i<request_mbuf.nvars && strcmp(yytext+2,defvararray[i][0]);
         i++);
    if (i>=request_mbuf.nvars) {
      *rvalues= xmalloc(sizeof(char*));
      **rvalues= 0;
    } else {
      parm_1string(rvalues,defvararray[i][1]);
    }
  } else {
    if (!(token & tokt_parameter)) return unexpected(token,-1,"parameter name");
    r= (lr_parameter)(token,rvalues);
    if (r) return r;
  }
  debug_dumpparameter(yytext,*rvalues);
  return 0;
}

static int pa_condition(int *rtrue) {
  /* Scans up to and including the newline following the condition;
   * may scan more than one line if the condition is a multi-line
   * one.  Returns 0 (setting *rtrue) or tokv_error.  Expects to
   * scan the whitespace before its condition.
   */
  int r, token, andor, ctrue, actrue;
  char **parmvalues;

  r= pa_mwsp(); if (r) return r;
  token= yylex();
  if (token == tokv_error) {
    return token;
  } else if (token == tokv_not) {
    r= pa_condition(&ctrue); if (r) return r;
    *rtrue= !ctrue; return 0;
  } else if (token == tokv_openparen) {
    andor= 0; actrue= -1;
    for (;;) {
      r= pa_condition(&ctrue); if (r) return r;
      switch (andor) {
      case 0:         assert(actrue==-1); actrue= ctrue;           break;
      case tokv_and:  assert(actrue>=0); actrue= actrue && ctrue;  break;
      case tokv_or:   assert(actrue>=0); actrue= actrue || ctrue;  break;
      default:        abort();
      }
      do { token= yylex(); } while (token == tokv_lwsp);
      if (token == tokv_error) return token;
      if (token == tokv_closeparen) break;
      if (andor) {
        r= unexpected(token,andor,"same conjunction as before"); if (r) return r;
      } else {
        if (token != tokv_and && token != tokv_or)
          return unexpected(token,-1,"first conjunction inside connective");
        andor= token;
      }
    }
    r= pa_mnl(); if (r) return r;
    *rtrue= actrue; return 0;
  } else if (token & tokt_parmcondition) {
    r= pa_mwsp(); if (r) return r;
    r= pa_parameter(&parmvalues); if (r) return r;
    r= (lr_parmcond)(token,parmvalues,rtrue); freecharparray(parmvalues);
    return r;
  }
  return unexpected(token,-1,"condition");
}

static int pa_numberdollar(int *rv) {
  /* Also parses the whitespace beforehand. */
  int r;

  r= pa_mwsp(); if (r) return r;
  r= yylex(); if (r == tokv_error || r == tokv_dollar) return r;
  if (unexpected(r,tokv_ordinal,"expected number or dollar")) return tokv_error;
  *rv= lr_min; return r;
}

/* Main parser routines */

static int skiptoeol(void) {
  int token;

  do { token= yylex(); }
  while (token != tokv_newline && !(token & tokt_exception));
  if (token == tokv_newline) return 0;
  if (token == tokv_error) return token;
  assert(token == tokv_eof);
  parseerrprint("unexpected end of file while looking for end of line");
  return tokv_error;
}

static int skip(int allowce) {
  /* Scans a piece of config without executing it.
   * Returns tokv_error, or the tokt_controlend token
   * with type allowce if one was found.
   */
  int token, r;

  for (;;) { /* loop over lines */
    do { token= yylex(); } while (token == tokv_lwsp);
    if (token & tokt_exception) {
      return token;
    } else if (token & tokt_controlend) {
      if (allowce == lr_controlend) return token;
      return unexpected(token,-1,"control structure end of a different kind");
    } else if (token & tokt_controlstart) {
      r= token;
      while (r & tokt_controlstart) {
        r= skiptoeol(); if (r) return r;
        r= skip(token); if (r & tokt_exception) return r;
      }
    } else if (!(token & tokt_directive) && !(token & tokt_condop)) {
      parseerrprint("not a directive (or conditional operator) "
                    "while looking for control structure end");
      return tokv_error;
    }
    r= skiptoeol(); if (r) return r;
  }
}
      
static int parser(int allowce) {
  /* Returns:
   *  an exception (error, eof or quit)
   *   then rest of `file' is uninteresting
   * or
   *  token if allowce was !0 and equal to token's controlend
   *   then rest of `file' not scanned yet
   */
  int token, r;

  for (;;) { /* loop over lines */
    do { token= yylex(); } while (token == tokv_lwsp);
    if (token & tokt_exception) {
      return token;
    } else if (token & tokt_controlend) {
      if (lr_controlend == allowce) return token;
      return unexpected(token,-1,"directive (not this kind of control structure end)");
    } else if (token & tokt_directive) {
      r= (lr_dir)(token); if (r) { assert(r & tokt_exception); return r; }
    } else if (token == tokv_newline) {
      /* ignore blank links (and comment-only lines) */
    } else {
      return unexpected(token,-1,"directive");
    }
  }
}

int parse_string(const char *string, const char *descrip) {
  /* Returns the same things as parser, except that tokv_eof
   * is turned into 0. */
  struct parser_state save;
  YY_BUFFER_STATE ybuf;
  int r;
  
  parser_push(&save,descrip);
  ybuf= yy_scan_string(string);
  if (!ybuf) syscallerror("unable to create flex buffer for internal string");
  yy_switch_to_buffer(ybuf);
  
  r= parser(0);

  parser_pop();
  if (r == tokv_eof) r= 0;
  return r;
}

static int parse_file(const char *string, int *didexist) {
  /* Returns the same things as parser, except that tokv_eof
   * is turned into 0. */
  static int fileparselevel= 0;
  
  struct parser_state save;
  YY_BUFFER_STATE ybuf;
  int r;
  FILE *file;

  if (fileparselevel >= MAX_INCLUDE_NEST) {
    parseerrprint("too many nested levels of included files");
    return tokv_error;
  }
  file= fopen(string,"r"); if (!file) {
    if (errno == ENOENT) {
      if (didexist) *didexist= 0;
      return 0;
    }
    parseerrprint("unable to open config file `%s': %s",string,strerror(errno));
    return tokv_error;
  }
  if (didexist) *didexist= 1;

  parser_push(&save,string);
  ybuf= yy_create_buffer(file,YY_BUF_SIZE);
  if (!ybuf) syscallerror("unable to create flex buffer for file");
  yy_switch_to_buffer(ybuf);
  fileparselevel++;
  
  r= parser(0);
  if (ferror(file)) {
    parseerrprint("error reading configuration file `%s'",string);
    r= tokv_error;
  }
  
  fileparselevel--;
  parser_pop();
  fclose(file);
  if (r == tokv_eof) r= 0;
  return r;
}

/* Parameter-based conditional functions (parmcondition's) */

int pcf_glob(int ctoken, char **pv, int *rtrue) {
  int token, actrue, r;
  char **pp;

  actrue= 0;
  r= pa_mwsp(); if (r) return r;
  for (;;) {
    token= yylex();
    if ((token & tokm_repres) == tokr_nonstring)
      return unexpected(token,-1,"glob pattern");
    for (pp= pv; !actrue && *pp; pp++) if (!fnmatch(yytext,*pp,0)) actrue= 1;
    token= yylex(); 
    if (token == tokv_newline) break;
    if (unexpected(token,tokv_lwsp,"newline after or whitespace between glob patterns"))
      return tokv_error;
  }
  *rtrue= actrue;
  return 0;
}

int pcf_range(int ctoken, char **pv, int *rtrue) {
  int mintoken, min, maxtoken, max, r;
  char **pp, *ep;
  unsigned long v;

  r= pa_mwsp(); if (r) return r;
  mintoken= pa_numberdollar(&min); if (mintoken == tokv_error) return mintoken;
  r= pa_mwsp(); if (r) return r;
  maxtoken= pa_numberdollar(&max); if (maxtoken == tokv_error) return maxtoken;
  r= pa_mnl(); if (r) return r;
  for (pp= pv; *pp; pp++) {
    v= strtoul(*pp,&ep,10); if (*ep) continue;
    if (mintoken != tokv_dollar && v < min) continue;
    if (maxtoken != tokv_dollar && v > max) continue;
    *rtrue= 1; return 0;
  }
  *rtrue= 0; return 0;
}

int pcf_grep(int ctoken, char **pv, int *rtrue) {
  FILE *file;
  const char *cp;
  char **pp, *buf, *p;
  int r, maxlen, l, c, actrue, posstrue;
  
  r= paa_1path(&cp); if (r) return r;
  file= fopen(cp,"r"); if (!file) {
    parseerrprint("unable to open file `%s' for grep: %s",cp,strerror(errno));
    return tokv_error;
  }
  maxlen= 0;
  for (pp= pv; *pp; pp++) { l= strlen(*pp); if (l > maxlen) maxlen= l; }
  buf= xmalloc(maxlen+2); actrue= 0; c= 0;
  while (!actrue && c!=EOF) {
    c= getc(file); if (c==EOF) break;
    if (isspace(c)) continue;
    l= maxlen+1; p= buf;
    while (l>0 && c!='\n' && c!=EOF) { *p++= c; l--; c= getc(file); } 
    if (c=='\n' || c==EOF || isspace(c)) {
      while (p>buf && isspace(p[-1])) --p;
      *p= 0; posstrue= 0;
      for (pp= pv; *pp; pp++) if (!strcmp(*pp,buf)) { posstrue= 1; break; }
    } else {
      posstrue= 0;
    }
    if (c!='\n' && c!=EOF) {
      for (;;) {
        c= getc(file);
        if (c==EOF || c=='\n') break;
        if (!isspace(c)) posstrue= 0;
      }
    }
    if (posstrue) actrue= 1;
  }
  if (ferror(file)) {
    parseerrprint("error while reading `%s' for grep: %s",cp,strerror(errno));
    fclose(file); free(buf); return tokv_error;
  }
  assert(actrue || feof(file));
  fclose(file); free(buf); *rtrue= actrue; return 0;
} 

/* Parameter functions and associated `common code' functions */

int pf_service(int ptoken, char ***rvalues) {
  parm_1string(rvalues,service); return 0;
}

static char *parm_ulong(unsigned long ul) {
  char *p;
  int l;

  l= CHAR_BIT*sizeof(unsigned long)/3+4;
  p= xmalloc(l);
  snyprintf(p,l,"%lu",ul);
  return p;
}

static int parm_usernameuid(char ***rvalues, const char *name, uid_t id) {
  char **a;
  a= xmalloc(sizeof(char*)*3);
  a[0]= xstrdup(name);
  a[1]= parm_ulong(id);
  a[2]= 0;
  *rvalues= a; return 0;
}

int pf_callinguser(int ptoken, char ***rvalues) {
  return parm_usernameuid(rvalues,logname,request_mbuf.callinguid);
}

int pf_serviceuser(int ptoken, char ***rvalues) {
  return parm_usernameuid(rvalues,serviceuser,serviceuser_uid);
}

static char *parm_gidname(gid_t id) {
  static char ebuf[200];

  struct group *ge;

  ge= getgrgid(id);
  if (!ge) {
    sprintf(ebuf,"look up group with id %lu",(unsigned long)id);
    syscallerror(ebuf);
  }
  return xstrdup(ge->gr_name);
}

static int parm_gids(char ***rvalues, int size, gid_t *list) {
  char **a;
  int i;
  
  if (size >= 2 && list[0] == list[1]) { size--; list++; }
  a= xmalloc(sizeof(char*)*(size+1)*2);
  for (i=0; i<size; i++) {
    a[i]= parm_gidname(list[i]);
    a[size+i]= parm_ulong(list[i]);
  }
  a[size*2]= 0;
  *rvalues= a; return 0;
}  

int pf_callinggroup(int ptoken, char ***rvalues) {
  return parm_gids(rvalues,request_mbuf.ngids,gidarray);
}

int pf_servicegroup(int ptoken, char ***rvalues) {
  static int size=-1;
  static gid_t *list;

  if (size == -1) {
    size= getgroups(0,0); if (size == -1) syscallerror("getgroups(0,0)");
    list= xmalloc(sizeof(gid_t)*(size+1));
    if (getgroups(size,list+1) != size) syscallerror("getgroups(size,list)");
    list[0]= serviceuser_gid;
  }
  return parm_gids(rvalues,size,list);
}

int pf_callingusershell(int ptoken, char ***rvalues) {
  parm_1string(rvalues,callinguser_shell); return 0;
}

int pf_serviceusershell(int ptoken, char ***rvalues) {
  parm_1string(rvalues,serviceuser_shell); return 0;
}

/* Directive functions and associated `common code' functions */

int df_reject(int dtoken) {
  int r;
  
  r= pa_mnl(); if (r) return r;
  execute= tokv_word_reject;
  free(execpath); execpath= 0;
  freecharparray(execargs); execargs= 0;
  return 0;
}

int df_executefrompath(int dtoken) {
  int r;
  
  r= pa_mnl(); if (r) return r;
  execute= tokv_word_executefrompath;
  free(execpath); execpath= 0;
  freecharparray(execargs); execargs= 0;
  return 0;
}

static int paa_pathargs(const char **rv, char ***newargs_r) {
  /* Repeated calls do _not_ overwrite newargs_r; caller must free.
   * Repeated calls _do_ overwrite string returned in rv.
   */
  char **newargs;
  int used, size, r;

  used=0; size=0;
  newargs= xmalloc(sizeof(char*)*(size+1));
  r= pa_string(rv); if (r == tokv_error) return r;
  for (;;) {
    r= yylex(); if (r == tokv_error) goto error;
    if (r==tokv_newline) break;
    if (unexpected(r,tokv_lwsp,"newline after or whitespace between arguments")) {
      r= tokv_error;
      goto error;
    }
    r= yylex(); if (r==tokv_error) goto error;
    if ((r & tokm_repres) == tokr_nonstring) {
      r= unexpected(r,-1,"string for command argument");
      goto error;
    }
    if (used>=size) {
      size= (used+5)<<2;
      newargs= xrealloc(newargs,sizeof(char*)*(size+1));
    }
    newargs[used++]= xmstrsave(yytext);
  }
  newargs[used]= 0;
  *newargs_r= newargs;
  return 0;
  
error:
  newargs[used]=0;
  freecharparray(newargs);
  return r;
}

int df_execute(int dtoken) {
  const char *rv;
  char **newargs;
  int r;

  r= paa_pathargs(&rv,&newargs); if (r) return r;
  execute= tokv_word_execute;
  freecharparray(execargs); execargs= newargs;
  free(execpath); execpath= xmstrsave(rv);
  return 0;
}

int df_executefromdirectory(int dtoken) {
  const char *p, *q, *rv;
  struct stat stab;
  char *fn, **newargs;
  int l, r;

  r= paa_pathargs(&rv,&newargs); if (r) return r;
  p= strrchr(service,'/'); if (p) p++; else p= service;
  if (!*p || !isalnum(*p)) {
    parseerrprint("execute-from-directory requires initial char of service "
                  "portion to be alphanumeric (service portion was `%s')",
                  p);
    freecharparray(newargs);
    return tokv_error;
  }
  for (q=p+1; *q; q++) {
    if (!isalnum(*q) && *q != '-') {
      parseerrprint("execute-from-directory requires service portion to "
                    "contain only alphanumerics and hyphens (was `%s')",
                    p);
      freecharparray(newargs);
      return tokv_error;
    }
  }
  l= strlen(rv)+sizeof(DIRSEP)+strlen(p);
  fn= xmalloc(l); strcpy(fn,rv); strcat(fn,DIRSEP); strcat(fn,p);
  if (stat(fn,&stab)) {
    if (errno == ENOENT) { free(fn); freecharparray(newargs); return 0; }
    parseerrprint("failed to stat `%s' for execute-from-directory: %s",
                  fn,strerror(errno));
    free(fn); freecharparray(newargs); return tokv_error;
  }
  if (!S_ISREG(stab.st_mode)) {
    parseerrprint("file `%s' in execute-from-directory is not an ordinary file"
                  " or link to one (mode=0%o)",fn,stab.st_mode);
    free(fn); freecharparray(newargs); return tokv_error;
  }
  execute= tokv_word_executefromdirectory;
  freecharparray(execargs); execargs= newargs;
  free(execpath); execpath= fn;
  return 0;
}

int df_errorstostderr(int dtoken) {
  int r;
  
  r= pa_mnl(); if (r) return r;
  closeerrorfile(); ehandling= dtoken; return 0;
}

int df_errorstosyslog(int dtoken) {
  int token, level, facility;

  facility= DEFUSERLOGFACILITY;
  level= DEFUSERLOGLEVEL;
  token= yylex();
  if (token == tokv_lwsp) {
    token= yylex(); if (token == tokv_error) return token;
    if (!(token & tokt_logfacility))
      return unexpected(token,-1,"syslog facility (or end of line)");
    facility= lr_logfacility;
    token= yylex();
  }    
  if (token == tokv_lwsp) {
    token= yylex(); if (token == tokv_error) return token;
    if (!(token & tokt_loglevel))
      return unexpected(token,-1,"syslog level (or end of line) after facility");
    level= lr_loglevel;
    token= yylex();
  }
  if (unexpected(token,tokv_newline,"end of line somewhere after errors-to-syslog"))
    return tokv_error;
  closeerrorfile(); ehandling= tokv_word_errorstosyslog;
  ehlogfacility= facility; ehloglevel= level; return 0;
}

int df_errorstofile(int dtoken) {
  const char *cp;
  FILE *file;
  int r;
  
  r= paa_1path(&cp); if (r) return r;
  file= fopen(cp,"a");
  if (!file) {
    parseerrprint("unable to open error log file `%s': %s",cp,strerror(errno));
    return tokv_error;
  }
  if (setvbuf(file,0,_IOLBF,MAX_ERRMSG_LEN)) {
    parseerrprint("unable to set line buffering on errors file: %s",strerror(errno));
    fclose(file); return tokv_error;
  }
  closeerrorfile(); ehandling= tokv_word_errorstofile;
  ehfile= file; ehfilename= xmstrsave(cp); ehfilekeep= 0; return 0;
}

int dfg_setflag(int dtoken) {
  int r;

  r= pa_mnl(); if (r) return r;
  *lr_flag= lr_flagval; return 0;
}

int df_reset(int dtoken) {
  int r;

  r= pa_mnl(); if (r) return r;
  r= parse_string(RESET_CONFIGURATION,"<builtin reset configuration>");
  assert(!r); return 0;  
}

int df_cd(int dtoken) {
  const char *cp;
  int r;

  r= paa_1path(&cp); if (r) return r;
  if (!chdir(cp)) return 0;
  parseerrprint("unable to change directory to `%s': %s",cp,strerror(errno));
  return tokv_error;
}

int df_userrcfile(int dtoken) {
  const char *cp;
  int r;

  r= paa_1path(&cp); if (r) return r;
  free(userrcfile); userrcfile= xstrdup(cp);
  return 0;
}

int dfi_includeuserrcfile(int dtoken) {
  int r;

  r= pa_mnl(); if (r) return r;
  if (userrcfile) return parse_file(userrcfile,0);
  parseerrprint("_include-user-rcfile (for-internal-use directive) "
                "found but user-rcfile not set"); return tokv_error;
}

int dfi_includeclientconfig(int dtoken) {
  int r;

  r= pa_mnl(); if (r) return r;
  if (!overridedata) {
    parseerrprint("_include-client-config (for-internal-use directive) "
                  "found but configuration not overridden");
    return tokv_error;
  }
  return parse_string(overridedata,"<configuration override data>");
}

int df_include(int dtoken) {
  const char *cp;
  int r, found;

  r= paa_1path(&cp); if (r) return r;
  r= parse_file(cp,&found); if (r) return r;
  if (found || dtoken == tokv_word_includeifexist) return 0;
  parseerrprint(dtoken == tokv_word_includesysconfig ?
                "system configuration file `%s' does not exist" :
                "included file `%s' does not exist",
                cp);
  return tokv_error;
}

static int paa_message(const char **message_r) {
  static char *buildbuf;
  static int buildbuflen;

  int r, tl;

  r= pa_mwsp(); if (r) return r;
  tl= 1;
  makeroom(&buildbuf,&buildbuflen,10);
  buildbuf[0]= 0;
  for (;;) {
    r= yylex(); if (r == tokv_error) return r;
    if (r == tokv_eof) {
      parseerrprint("unexpected end of file in message text"); return tokv_error;
    }
    if (r == tokv_newline) break;
    tl+= strlen(yytext);
    makeroom(&buildbuf,&buildbuflen,tl);
    strcat(buildbuf,yytext);
  }
  *message_r= buildbuf;
  return 0;
}

int df_message(int dtoken) {
  const char *mp;
  int r;

  r= paa_message(&mp); if (r) return r;
  parseerrprint("`message' directive: %s",mp);
  return 0;
}

int df_error(int dtoken) {
  const char *mp;
  int r;

  r= paa_message(&mp); if (r) return r;
  parseerrprint("`error' directive: %s",mp); return tokv_error;
}

int df_includedirectory(int dtoken) {
  static char *buildbuf=0;
  static int buildbuflen=0;
  
  int r, cpl, tel, c, found;
  DIR *d;
  struct dirent *de;
  const char *p, *cp;
  
  r= paa_1path(&cp); if (r) return r;
  d= opendir(cp);
  if (!d) {
    parseerrprint("unable to open directory `%s': %s",cp,strerror(errno));
    return tokv_error;
  }
  cpl= strlen(cp);
  while ((de= readdir(d))) {
    tel= strlen(de->d_name);
    if (!tel) continue;
    p= de->d_name;
    if (!isalnum(*p)) continue;
    while ((c= *++p)) if (!(isalnum(c) || c=='-')) break;
    if (c) continue;
    makeroom(&buildbuf,&buildbuflen,cpl+tel+sizeof(DIRSEP));
    strcpy(buildbuf,cp);
    strcat(buildbuf,DIRSEP);
    strcat(buildbuf,de->d_name);
    r= parse_file(buildbuf,&found); if (r) { closedir(d); return r; }
    if (!found) {
      parseerrprint("unable to open file `%s' in included directory `%s': %s",
                    de->d_name,cp,strerror(errno));
      closedir(d); return tokv_error;
    }
  }
  if (closedir(d)) {
    parseerrprint("error closing directory `%s': %s",cp,strerror(errno));
    return tokv_error;
  }
  return 0;
}

int df_includelookup(int dtoken) {
  static char *buildbuf=0;
  int buildbuflen=0;
  
  char **parmvalues, **pp, *p, *q;
  const char *cp;
  struct stat stab;
  int r, done, thisdone, cpl, c;

  r= pa_mwsp(); if (r) return r;
  r= pa_parameter(&parmvalues); if (r) return r;
  r= paa_1path(&cp); if (r) { freecharparray(parmvalues); return r; }
  if (stat(cp,&stab)) {
    parseerrprint("unable to access directory `%s': %s",cp,strerror(errno));
    freecharparray(parmvalues); return tokv_error;
  }
  if (!S_ISDIR(stab.st_mode)) {
    parseerrprint("object `%s' is not a directory or link to one",cp);
    freecharparray(parmvalues); return tokv_error;
  }
  done= 0;
  cpl= strlen(cp);
  if (!parmvalues[0]) {
    makeroom(&buildbuf,&buildbuflen,cpl+sizeof(DIRSEP NONEINCLUDELOOKUP));
    strcpy(buildbuf,cp);
    strcat(buildbuf,DIRSEP NONEINCLUDELOOKUP);
    r= parse_file(buildbuf,&thisdone);
    if (r) { freecharparray(parmvalues); return r; }
    if (thisdone) done= 1;
  } else {
    for (pp=parmvalues;
         *pp && (!done || dtoken == tokv_word_includelookupall);
         pp++) {
      makeroom(&buildbuf,&buildbuflen,
               cpl+sizeof(DIRSEP)+strlen(*pp)*2+3+sizeof(EMPTYINCLUDELOOKUP));
      strcpy(buildbuf,cp);
      strcat(buildbuf,DIRSEP);
      p= *pp; q= buildbuf+cpl+sizeof(DIRSEP)-1;
      if (*p=='.') *q++= ':';
      while ((c= *p++)) {
        if (c=='/') { *q++= ':'; c='-'; }
        else if (c==':') { *q++= ':'; }
        *q++= c;
      }
      *q++= 0;
      r= parse_file(buildbuf,&thisdone);
      if (r) { freecharparray(parmvalues); return r; }
      if (thisdone) done= 1;
    }
  }
  freecharparray(parmvalues);
  if (!done) {
    makeroom(&buildbuf,&buildbuflen,
             cpl+sizeof(DIRSEP)+sizeof(DEFAULTINCLUDELOOKUP));
    strcpy(buildbuf,cp);
    strcat(buildbuf,DIRSEP DEFAULTINCLUDELOOKUP);
    r= parse_file(buildbuf,0); if (r) return r;
  }
  return 0;
}

int df_catchquit(int dtoken) {
  int r;

  r= pa_mnl(); if (r) return r;
  r= parser(tokv_word_catchquit);
  if (r & tokt_controlend) {
    assert(r == tokv_word_hctac);
    r= pa_mnl();
  } else if (r == tokv_quit || r == tokv_error) {
    if (r == tokv_error) {
      r= parse_string(RESET_CONFIGURATION,
                      "<builtin reset configuration (caught error)>");
      assert(!r);
      while (!atnewline) {
        r= yylex(); if (r == tokv_error) return r;
      }
    }
    r= skip(tokv_word_catchquit);
    if (r & tokt_controlend) {
      assert(r == tokv_word_hctac);
      r= pa_mnl();
    }
  }
  return r;
}

int df_if(int dtoken) {
  int r, true, done;
  
  done= 0;
  do {
    r= pa_condition(&true); if (r) return r;
    if (!done && true) { r= parser(tokv_word_if); done= 1; }
    else { r= skip(tokv_word_if); }
    if (!(r & tokv_word_if)) return r;
  } while (r == tokv_word_elif);
  if (r == tokv_word_else) {
    r= pa_mnl(); if (r) return r;
    if (done) r= skip(tokv_word_if);
    else r= parser(tokv_word_if);
    if (!(r & tokv_word_if)) return r;
  }
  if (unexpected(r,tokv_word_fi,"`fi' to end `if'")) return tokv_error;
  return pa_mnl();
}

int dfg_fdwant(int dtoken) {
  int fdmin, fdmax, r, needreadwrite, havereadwrite, fd;

  needreadwrite= lr_fdwant_readwrite;
  r= pa_mwsp(); if (r) return r;
  r= yylex(); if (r == tokv_error) return r;
  if (!(r & tokt_fdrange)) return r;
  fdmin= lr_min; fdmax= lr_max;
  r= yylex(); if (r == tokv_error) return r;
  if (r == tokv_newline) {
    if (needreadwrite > 0) {
      parseerrprint("read or write is required"); return tokv_error;
    }
    havereadwrite= 0;
  } else if (r == tokv_lwsp) {
    if (needreadwrite < 0) {
      parseerrprint("read or write not allowed"); return tokv_error;
    }
    r= yylex(); if (r == tokv_error) return r;
    if (!(r & tokt_readwrite))
      return unexpected(r,-1,"read or write (or perhaps newline)");
    havereadwrite= r;
    r= pa_mnl(); if (r) return r;
  } else {
    return unexpected(r,-1,"whitespace before read or write or newline");
  }
  ensurefdarray(fdmin);
  if (fdmax == -1) {
    if (!(dtoken == tokv_word_rejectfd || dtoken == tokv_word_ignorefd))
      parseerrprint("unspecified maximum only allowed with reject-fd and ignore-fd");
    fdmax= fdarrayused-1;
    restfdwantstate= dtoken;
    restfdwantrw= havereadwrite;
  }    
  for (fd=fdmin; fd<=fdmax; fd++) {
    fdarray[fd].wantstate= dtoken;
    fdarray[fd].wantrw= havereadwrite;
  }
  return 0;
}

int df_quit(int dtoken) {
  int r;

  r= pa_mnl(); if (r) return r;
  return tokv_quit;
}

int df_eof(int dtoken) {
  int r;

  r= pa_mnl(); if (r) return r;
  return tokv_eof;
}

int df_errorspush(int dt) {
  int saveehandling, saveehlogfacility, saveehloglevel, saveehfilekeep;
  FILE *saveehfile;
  char *saveehfilename;
  int r;

  r= pa_mnl(); if (r) return r;

  saveehandling= ehandling;
  saveehlogfacility= ehlogfacility;
  saveehloglevel= ehloglevel;
  saveehfile= ehfile;
  saveehfilekeep= ehfilekeep;
  saveehfilename= ehfilename;
  if (ehandling == tokv_word_errorstofile) ehfilekeep= 1;

  r= parser(tokv_word_errorspush);
  
  ehandling= saveehandling;
  ehlogfacility= saveehlogfacility;
  ehloglevel= saveehloglevel;
  ehfile= saveehfile;
  ehfilekeep= saveehfilekeep;
  ehfilename= saveehfilename;

  if (r & tokt_controlend) {
    assert(r == tokv_word_srorre);
    r= pa_mnl();
  }
  return r;
}