+struct onak_db_config *find_db_backend_config(struct ll *backends, char *name)
+{
+ struct ll *cur;
+
+ cur = backends;
+ while (cur != NULL && strcmp(name,
+ ((struct onak_db_config *) cur->object)->name)) {
+ cur = cur->next;
+ }
+
+ return (cur != NULL) ? (struct onak_db_config *) cur->object : NULL;
+}
+
+bool parsebool(char *str, bool fallback)
+{
+ if (!strcasecmp(str, "false") || !strcasecmp(str, "no") ||
+ !strcasecmp(str, "0")) {
+ return false;
+ } else if (!strcasecmp(str, "true") || !strcasecmp(str, "yes") ||
+ !strcasecmp(str, "1")) {
+ return true;
+ } else {
+ logthing(LOGTHING_CRITICAL,
+ "Couldn't parse %s as a boolean config variable, "
+ "returning fallback of '%s'.",
+ str,
+ fallback ? "true" : "false");
+ return fallback;
+ }
+}
+
+/*
+ * Parse an old pksd style config line, as used in onak 0.4.6 and earlier.
+ */
+static bool parseoldconfigline(char *line)
+{
+ if (line[0] == '#' || line[0] == 0) {
+ /*
+ * Comment line, ignore.
+ */
+ } else if (!strncmp("db_dir ", line, 7)) {
+ config.backend->location = strdup(&line[7]);
+ } else if (!strncmp("debug ", line, 6)) {
+ /*
+ * Not supported yet; ignore for compatibility with
+ * pksd.
+ */
+ } else if (!strncmp("default_language ", line, 17)) {
+ /*
+ * Not supported yet; ignore for compatibility with
+ * pksd.
+ */
+ } else if (!strncmp("mail_delivery_client ", line, 21)) {
+ config.mta = strdup(&line[21]);
+ } else if (!strncmp("maintainer_email ", line, 17)) {
+ config.adminemail = strdup(&line[17]);
+ } else if (!strncmp("mail_intro_file ", line, 16)) {
+ /*
+ * Not supported yet; ignore for compatibility with
+ * pksd.
+ */
+ } else if (!strncmp("help_dir ", line, 9)) {
+ /*
+ * Not supported yet; ignore for compatibility with
+ * pksd.
+ */
+ } else if (!strncmp("max_last ", line, 9)) {
+ /*
+ * Not supported yet; ignore for compatibility with
+ * pksd.
+ */
+ } else if (!strncmp("max_reply_keys ", line, 15)) {
+ config.maxkeys = atoi(&line[15]);
+ } else if (!strncmp("pg_dbhost ", line, 10)) {
+ config.backend->hostname = strdup(&line[10]);
+ } else if (!strncmp("pg_dbname ", line, 10)) {
+ config.backend->location = strdup(&line[10]);
+ } else if (!strncmp("pg_dbuser ", line, 10)) {
+ config.backend->username = strdup(&line[10]);
+ } else if (!strncmp("pg_dbpass ", line, 10)) {
+ config.backend->password = strdup(&line[10]);
+ } else if (!strncmp("syncsite ", line, 9)) {
+ config.syncsites =
+ lladd(config.syncsites, strdup(&line[9]));
+ } else if (!strncmp("logfile ", line, 8)) {
+ config.logfile = strdup(&line[8]);
+ } else if (!strncmp("loglevel ", line, 9)) {
+ setlogthreshold(atoi(&line[9]));
+ } else if (!strncmp("this_site ", line, 10)) {
+ config.thissite = strdup(&line[10]);
+ } else if (!strncmp("socket_name ", line, 12) ||
+ !strncmp("www_port ", line, 9)) {
+ /*
+ * Not applicable; ignored for compatibility with pksd.
+ */
+ } else if (!strncmp("pks_bin_dir ", line, 12)) {
+ config.bin_dir = strdup(&line[12]);
+ } else if (!strncmp("mail_dir ", line, 9)) {
+ config.mail_dir = strdup(&line[9]);
+ } else if (!strncmp("db_backend ", line, 11)) {
+ config.backend->type = strdup(&line[11]);
+ config.backend->name = strdup(&line[11]);
+ config.db_backend = strdup(&line[11]);
+ } else if (!strncmp("backends_dir ", line, 13)) {
+ config.backends_dir = strdup(&line[13]);
+ } else if (!strncmp("use_keyd ", line, 9)) {
+ config.use_keyd = parsebool(&line[9],
+ config.use_keyd);
+ } else if (!strncmp("sock_dir ", line, 9)) {
+ config.sock_dir = strdup(&line[9]);
+ } else if (!strncmp("check_sighash ", line, 9)) {
+ if (parsebool(&line[9], config.clean_policies &
+ ONAK_CLEAN_CHECK_SIGHASH)) {
+ config.clean_policies |=
+ ONAK_CLEAN_CHECK_SIGHASH;
+ } else {
+ config.clean_policies &=
+ ~ONAK_CLEAN_CHECK_SIGHASH;
+ }
+ } else {
+ return false;
+ }
+
+ return true;
+}
+
+/*
+ * Parse a new style .ini config line, supporting [sections] and name=value
+ * format.
+ */
+static bool parseconfigline(char *line)
+{
+ /* Yes, this means we're not re-entrant. */
+ static char section[32] = "";
+ struct onak_db_config *backend;
+ size_t len;
+ char *name, *value;
+
+ if (line[0] == '#' || line[0] == ';' ||
+ line[0] == 0) {
+ /*
+ * Comment line, ignore.
+ */
+ } else if (line[0] == '[') {
+ /* Section name */
+ len = strlen(line);
+ if (line[len - 1] != ']') {
+ logthing(LOGTHING_CRITICAL,
+ "Malformed section header '%s' in "
+ "config file.", line);
+ return false;
+ }
+ if (len > sizeof(section)) {
+ logthing(LOGTHING_CRITICAL,
+ "Section header '%s' is too long in "
+ "config file.", line);
+ return false;
+ }
+ line[len - 1] = 0;
+ strncpy(section, &line[1], len);
+ } else if ((value = strchr(line, '=')) != NULL) {
+ name = line;
+ *value++ = 0;
+
+ /* We can have multiple backend: sections */
+ if (!strncmp(section, "backend:", 8)) {
+ backend = find_db_backend_config(
+ config.backends, §ion[8]);
+ if (backend == NULL) {
+ backend = calloc(1,
+ sizeof(struct onak_db_config));
+ backend->name = strdup(§ion[8]);
+ config.backends = lladd(config.backends,
+ backend);
+ }
+
+ if (!strcmp(name, "type")) {
+ backend->type = strdup(value);
+ } else if (!strcmp(name, "location")) {
+ backend->location = strdup(value);
+ } else if (!strcmp(name, "hostname")) {
+ backend->location = strdup(value);
+ } else if (!strcmp(name, "username")) {
+ backend->location = strdup(value);
+ } else if (!strcmp(name, "password")) {
+ backend->location = strdup(value);
+ }
+
+#define MATCH(s, n) !strcmp(section, s) && !strcmp(name, n)
+ /* [main] section */
+ } else if (MATCH("main", "backend")) {
+ config.db_backend = strdup(value);
+ } else if (MATCH("main", "backends_dir")) {
+ config.backends_dir = strdup(value);
+ } else if (MATCH("main", "logfile")) {
+ config.logfile = strdup(value);
+ } else if (MATCH("main", "loglevel")) {
+ setlogthreshold(atoi(value));
+ } else if (MATCH("main", "use_keyd")) {
+ config.use_keyd = parsebool(value,
+ config.use_keyd);
+ } else if (MATCH("main", "sock_dir")) {
+ config.sock_dir = strdup(value);
+ } else if (MATCH("main", "max_reply_keys")) {
+ config.maxkeys = atoi(value);
+ /* [mail] section */
+ } else if (MATCH("mail", "maintainer_email")) {
+ config.adminemail = strdup(value);
+ } else if (MATCH("mail", "mail_dir")) {
+ config.mail_dir = strdup(value);
+ } else if (MATCH("mail", "mta")) {
+ config.mta = strdup(value);
+ } else if (MATCH("mail", "bin_dir")) {
+ config.bin_dir = strdup(value);
+ } else if (MATCH("mail", "this_site")) {
+ config.thissite = strdup(value);
+ } else if (MATCH("mail", "syncsite")) {
+ config.syncsites = lladd(config.syncsites,
+ strdup(value));
+ /* [verification] section */
+ } else if (MATCH("verification", "blacklist")) {
+ array_load(&config.blacklist, value);
+ } else if (MATCH("verification", "drop_v3")) {
+ if (parsebool(value, config.clean_policies &
+ ONAK_CLEAN_DROP_V3_KEYS)) {
+ config.clean_policies |=
+ ONAK_CLEAN_DROP_V3_KEYS;
+ } else {
+ config.clean_policies &=
+ ~ONAK_CLEAN_DROP_V3_KEYS;
+ }
+ } else if (MATCH("verification", "check_sighash")) {
+ if (parsebool(value, config.clean_policies &
+ ONAK_CLEAN_CHECK_SIGHASH)) {
+ config.clean_policies |=
+ ONAK_CLEAN_CHECK_SIGHASH;
+ } else {
+ config.clean_policies &=
+ ~ONAK_CLEAN_CHECK_SIGHASH;
+ }
+ } else if (MATCH("verification", "check_packet_size")) {
+ if (parsebool(value, config.clean_policies &
+ ONAK_CLEAN_LARGE_PACKETS)) {
+ config.clean_policies |=
+ ONAK_CLEAN_LARGE_PACKETS;
+ } else {
+ config.clean_policies &=
+ ~ONAK_CLEAN_LARGE_PACKETS;
+ }
+ } else if (MATCH("verification", "require_other_sig")) {
+#if HAVE_CRYPTO
+ if (parsebool(value, config.clean_policies &
+ ONAK_CLEAN_NEED_OTHER_SIG)) {
+ config.clean_policies |=
+ ONAK_CLEAN_NEED_OTHER_SIG;
+ } else {
+ config.clean_policies &=
+ ~ONAK_CLEAN_NEED_OTHER_SIG;
+ }
+#else
+ logthing(LOGTHING_ERROR,
+ "Compiled without crypto support, "
+ "require_other_sig not available.");
+#endif
+ } else if (MATCH("verification", "update_only")) {
+ if (parsebool(value, config.clean_policies &
+ ONAK_CLEAN_UPDATE_ONLY)) {
+ config.clean_policies |=
+ ONAK_CLEAN_UPDATE_ONLY;
+ } else {
+ config.clean_policies &=
+ ~ONAK_CLEAN_UPDATE_ONLY;
+ }
+ } else if (MATCH("verification", "verify_signatures")) {
+#if HAVE_CRYPTO
+ if (parsebool(value, config.clean_policies &
+ ONAK_CLEAN_VERIFY_SIGNATURES)) {
+ config.clean_policies |=
+ ONAK_CLEAN_VERIFY_SIGNATURES;
+ } else {
+ config.clean_policies &=
+ ~ONAK_CLEAN_VERIFY_SIGNATURES;
+ }
+#else
+ logthing(LOGTHING_ERROR,
+ "Compiled without crypto support, "
+ "verify_signatures not available.");
+#endif
+ } else {
+ return false;
+ }
+ } else {
+ return false;
+ }
+
+ return true;
+}
+