[718ad924] | 1 | |
---|
| 2 | /* bison grammar rules for process new rt1 statements */ |
---|
| 3 | |
---|
| 4 | /* |
---|
| 5 | [keyid:isi].role:employee <- [keyid:ted] |
---|
| 6 | [keyid:ted].role:friend <- [keyid:mike] |
---|
| 7 | [keyid:usc].role:employee <- [keyid:isi].role:employee |
---|
| 8 | [keyid:usc].role:playground <- [keyid:usc].role:employee.role:friend |
---|
| 9 | query, |
---|
| 10 | [keyid:isi].role:playground <- [keyid:?Z] |
---|
| 11 | [keyid:isi].role:playground <- [keyid:mike] |
---|
| 12 | |
---|
| 13 | USC.evaluatorOf(this)<-USC.managerOf(this) |
---|
| 14 | USC.managerOf(this)<-USC.employee |
---|
| 15 | ISI.managerOf(Maryann) <- John |
---|
| 16 | USC.employee <- ISI.employee |
---|
| 17 | ISI.employee <- Maryann |
---|
| 18 | ISI.employee <- John |
---|
| 19 | |
---|
| 20 | USC.employee <-?- John |
---|
| 21 | USC.evaluatorOf(Maryann)<-?- John |
---|
| 22 | */ |
---|
| 23 | |
---|
| 24 | %{ |
---|
| 25 | // include the GNU extension of asprintf |
---|
| 26 | #define _GNU_SOURCE |
---|
| 27 | |
---|
| 28 | /* C declarations */ |
---|
| 29 | #include <stdio.h> |
---|
| 30 | #include <string.h> |
---|
| 31 | |
---|
| 32 | #include "abac_pl_yy.h" |
---|
| 33 | |
---|
| 34 | int yyerror (char *s); |
---|
| 35 | |
---|
| 36 | FILE *abac_yyin = NULL; |
---|
| 37 | FILE *abac_yyout = NULL; |
---|
| 38 | char *abac_yyfptr = NULL; |
---|
| 39 | |
---|
| 40 | static int sz_overhead = 0; |
---|
| 41 | static int abac_yy_error_code = 0; /* keeping last error code */ |
---|
| 42 | |
---|
| 43 | void panic(char *msg); |
---|
| 44 | |
---|
| 45 | extern void set_yap_clauses(abac_list_t *); |
---|
| 46 | extern abac_list_t *make_statement(abac_yy_role_expression_t *, |
---|
| 47 | abac_yy_role_expression_t *); |
---|
| 48 | extern abac_yy_role_expression_t *make_yy_role_expression(int, |
---|
| 49 | abac_yy_principal_t *, abac_yy_role_t *, abac_yy_role_t *); |
---|
| 50 | extern abac_yy_principal_t *make_yy_principal(char *, char *, int); |
---|
| 51 | extern abac_yy_role_t *make_yy_role(char *, abac_yy_dterm_t *); |
---|
| 52 | extern abac_yy_param_data_t *make_yy_param_data(char*, int); |
---|
| 53 | extern abac_yy_param_principal_t *make_yy_param_principal(char*); |
---|
| 54 | extern abac_yy_dterm_t *make_yy_dterm_anonymous(); |
---|
| 55 | extern abac_yy_dterm_t *make_yy_dterm_principal(abac_yy_param_principal_t *); |
---|
| 56 | extern abac_yy_dterm_t *make_yy_dterm_named(abac_yy_principal_t *); |
---|
| 57 | extern abac_yy_dterm_t *make_yy_dterm_data(abac_yy_param_data_t *); |
---|
| 58 | extern char *abac_cn_with_sha(char*); |
---|
| 59 | extern abac_yy_dterm_t *add_yy_dterm(abac_yy_dterm_t *, abac_yy_dterm_t *); |
---|
| 60 | extern abac_yy_role_expression_t *add_yy_role_expression( |
---|
| 61 | abac_yy_role_expression_t *, abac_yy_role_expression_t *); |
---|
| 62 | extern void set_yy_param_data_is_variable(abac_yy_param_data_t *); |
---|
| 63 | extern void abac_init_yy_id_certs(); |
---|
| 64 | |
---|
| 65 | %} |
---|
| 66 | /* Bison declarations */ |
---|
| 67 | %union { |
---|
| 68 | struct _abac_yy_principal_t *pstruct; |
---|
| 69 | struct _abac_yy_param_principal_t *ppstruct; |
---|
| 70 | struct _abac_yy_param_data_t *pdstruct; |
---|
| 71 | struct _abac_yy_role_t *rstruct; |
---|
| 72 | struct _abac_yy_dterm_t *dstruct; |
---|
| 73 | struct _abac_yy_role_expression_t *estruct; |
---|
| 74 | struct abac_list_t *lstruct; |
---|
| 75 | char *string; /* For returning char strings */ |
---|
| 76 | } |
---|
| 77 | %type <lstruct> stmt |
---|
| 78 | %type <rstruct> rolepart |
---|
| 79 | %type <estruct> left |
---|
| 80 | %type <estruct> right |
---|
| 81 | %type <estruct> roleterm |
---|
| 82 | %type <pstruct> keypart |
---|
| 83 | %type <dstruct> dterms |
---|
| 84 | %type <dstruct> dterm |
---|
| 85 | %type <pdstruct> typedpart |
---|
| 86 | %type <ppstruct> principalpart |
---|
| 87 | |
---|
| 88 | %token <string> IDEN /* keyname or rolename */ |
---|
| 89 | %token <string> ROLE /* the word, role */ |
---|
| 90 | %token <string> PRINCIPAL /* the word, principal */ |
---|
| 91 | %token <string> KEYTYPE /* keyid | or something else */ |
---|
| 92 | |
---|
| 93 | %token <operator> DERIVE "<-" |
---|
| 94 | %token <operator> DOT "." |
---|
| 95 | %token <operator> AND "&" |
---|
| 96 | %token <operator> LPAREN "(" |
---|
| 97 | %token <operator> RPAREN ")" |
---|
| 98 | %token <operator> LSQUARE "[" |
---|
| 99 | %token <operator> RSQUARE "]" |
---|
| 100 | %token <operator> LANGLE "<" |
---|
| 101 | %token <operator> RANGLE ">" |
---|
| 102 | %token <operator> COLON ":" |
---|
| 103 | %token <operator> COMMA "," |
---|
| 104 | %token <operator> QMARK "?" |
---|
| 105 | |
---|
| 106 | %% |
---|
| 107 | /* Grammar rules */ |
---|
| 108 | |
---|
| 109 | input: /* empty */ |
---|
| 110 | { } |
---|
| 111 | | stmt |
---|
| 112 | { |
---|
| 113 | set_yap_clauses($1); |
---|
| 114 | } |
---|
| 115 | |
---|
| 116 | /* generate/concate prolog credentials clauses */ |
---|
| 117 | stmt : left DERIVE right |
---|
| 118 | { |
---|
| 119 | abac_yy_role_expression_t *headexpr=$1; |
---|
| 120 | abac_yy_role_expression_t *tailexpr=$3; |
---|
| 121 | abac_list_t *ret=make_statement(headexpr, tailexpr); |
---|
| 122 | if(ret == NULL) { |
---|
| 123 | panic("unable to parse the rule statment"); |
---|
| 124 | YYERROR; |
---|
| 125 | } else { |
---|
| 126 | $$=ret; |
---|
| 127 | } |
---|
| 128 | } |
---|
| 129 | /* |
---|
| 130 | [keyid:isi].role:modifyBy([keyid:mike]) |
---|
| 131 | [keyid:acme].role:preferred |
---|
| 132 | */ |
---|
| 133 | left : keypart DOT rolepart |
---|
| 134 | { |
---|
| 135 | abac_yy_principal_t *keypart=$1; |
---|
| 136 | abac_yy_role_t *rolepart=$3; |
---|
| 137 | abac_yy_role_expression_t *expr= |
---|
| 138 | make_yy_role_expression(EXPR_ROLE,keypart,rolepart,NULL); |
---|
| 139 | $$=expr; |
---|
| 140 | } |
---|
| 141 | |
---|
| 142 | /* [keyid:mike] */ |
---|
| 143 | keypart : LSQUARE KEYTYPE COLON IDEN RSQUARE |
---|
| 144 | { |
---|
| 145 | char *cn=abac_cn_with_sha($4); |
---|
| 146 | int idtype=abac_verify_keyid_type($2); |
---|
| 147 | if(cn && idtype) { |
---|
| 148 | $$=make_yy_principal($4, cn, idtype); |
---|
| 149 | } else { |
---|
| 150 | panic("encountered an invalid SHA id"); |
---|
| 151 | YYERROR; |
---|
| 152 | } |
---|
| 153 | } |
---|
| 154 | /* |
---|
| 155 | role:modifyBy([keyid:mike],[keyid:ted]) |
---|
| 156 | role:modifyBy([keyid:mike]) |
---|
| 157 | role:preferred |
---|
| 158 | */ |
---|
| 159 | rolepart : ROLE COLON IDEN LPAREN dterms RPAREN |
---|
| 160 | { |
---|
| 161 | $$=make_yy_role($3,$5); |
---|
| 162 | } |
---|
| 163 | | ROLE COLON IDEN |
---|
| 164 | { |
---|
| 165 | $$=make_yy_role($3,NULL); |
---|
| 166 | } |
---|
| 167 | |
---|
| 168 | /* |
---|
| 169 | [keyid:mike],[keyid:ted] |
---|
| 170 | [keyid:mike] |
---|
| 171 | [principal:?Z] |
---|
| 172 | ?? [principal:?this] |
---|
| 173 | [int:99] |
---|
| 174 | [int:?Z] |
---|
| 175 | [?] |
---|
| 176 | */ |
---|
| 177 | dterms : dterm COMMA dterms |
---|
| 178 | { |
---|
| 179 | abac_yy_dterm_t *nterm=$1; |
---|
| 180 | abac_yy_dterm_t *dterms=$3; |
---|
| 181 | $$=add_yy_dterm(nterm, dterms); |
---|
| 182 | } |
---|
| 183 | | dterm |
---|
| 184 | { |
---|
| 185 | $$=$1; |
---|
| 186 | } |
---|
| 187 | |
---|
| 188 | /* XX need to handdle principal:?X dterm ??? */ |
---|
| 189 | dterm : LSQUARE QMARK RSQUARE |
---|
| 190 | { $$= make_yy_dterm_anonymous(); } |
---|
| 191 | | keypart |
---|
| 192 | { $$= make_yy_dterm_named($1); } |
---|
| 193 | | principalpart |
---|
| 194 | { $$= make_yy_dterm_principal($1); } |
---|
| 195 | | typedpart |
---|
| 196 | { $$= make_yy_dterm_data($1); } |
---|
| 197 | |
---|
| 198 | typedpart : LSQUARE IDEN COLON IDEN RSQUARE |
---|
| 199 | { |
---|
| 200 | int type=abac_verify_dterm_type($2); |
---|
| 201 | if (type) { |
---|
| 202 | $$ = make_yy_param_data($4, type); |
---|
| 203 | } else { |
---|
| 204 | panic("wrong type in data dterm!!"); |
---|
| 205 | YYERROR; |
---|
| 206 | } |
---|
| 207 | } |
---|
| 208 | | LSQUARE IDEN COLON QMARK IDEN RSQUARE |
---|
| 209 | { |
---|
| 210 | int type=abac_verify_dterm_type($2); |
---|
| 211 | if (type) { |
---|
| 212 | abac_yy_param_data_t *ptr=make_yy_param_data($5, type); |
---|
| 213 | set_yy_param_data_is_variable(ptr); |
---|
| 214 | $$=ptr; |
---|
| 215 | } else { |
---|
| 216 | panic("wrong type in data dterm!!"); |
---|
| 217 | YYERROR; |
---|
| 218 | } |
---|
| 219 | } |
---|
| 220 | |
---|
| 221 | /* [principal:?Z] */ |
---|
| 222 | principalpart : LSQUARE PRINCIPAL COLON QMARK IDEN RSQUARE |
---|
| 223 | { |
---|
| 224 | $$ = make_yy_param_principal($5); |
---|
| 225 | } |
---|
| 226 | |
---|
| 227 | right : roleterm AND right |
---|
| 228 | { |
---|
| 229 | abac_yy_role_expression_t *nexpr=$1; |
---|
| 230 | abac_yy_role_expression_t *exprs=$3; |
---|
| 231 | $$=add_yy_role_expression(nexpr,exprs); |
---|
| 232 | } |
---|
| 233 | | roleterm |
---|
| 234 | { $$=$1; } |
---|
| 235 | |
---|
| 236 | /* role at tail/right side |
---|
| 237 | [keyid:usc].role:employee.role:friend |
---|
| 238 | [keyid:usc].role:worker |
---|
| 239 | [keyid:mike] |
---|
| 240 | */ |
---|
| 241 | roleterm : keypart DOT rolepart DOT rolepart |
---|
| 242 | { |
---|
| 243 | abac_yy_principal_t *keypart=$1; |
---|
| 244 | abac_yy_role_t *linked_rolepart=$3; |
---|
| 245 | abac_yy_role_t *rolepart=$5; |
---|
| 246 | abac_yy_role_expression_t *expr= |
---|
| 247 | make_yy_role_expression(EXPR_LINKED,keypart,rolepart,linked_rolepart); |
---|
| 248 | $$=expr; |
---|
| 249 | } |
---|
| 250 | | keypart DOT rolepart |
---|
| 251 | { |
---|
| 252 | abac_yy_principal_t *keypart=$1; |
---|
| 253 | abac_yy_role_t *rolepart=$3; |
---|
| 254 | abac_yy_role_expression_t *expr= |
---|
| 255 | make_yy_role_expression(EXPR_ROLE,keypart,rolepart,NULL); |
---|
| 256 | $$=expr; |
---|
| 257 | } |
---|
| 258 | | keypart |
---|
| 259 | { |
---|
| 260 | abac_yy_principal_t *keypart=$1; |
---|
| 261 | abac_yy_role_expression_t *expr= |
---|
| 262 | make_yy_role_expression(EXPR_NAMED,keypart,NULL,NULL); |
---|
| 263 | $$=expr; |
---|
| 264 | } |
---|
| 265 | %% |
---|
| 266 | |
---|
| 267 | /* Additional C code */ |
---|
| 268 | int yywrap() |
---|
| 269 | { |
---|
| 270 | /* exit when done lexing the current input */ |
---|
| 271 | return 1; |
---|
| 272 | } |
---|
| 273 | |
---|
| 274 | int yyerror (char *s) |
---|
| 275 | { |
---|
| 276 | fprintf (abac_yyout,"yyerror: %s\n", s); |
---|
| 277 | } |
---|
| 278 | |
---|
| 279 | /* setting defaults */ |
---|
| 280 | void abac_yyinit() |
---|
| 281 | { |
---|
| 282 | abac_yyin=abac_get_yyin(); |
---|
| 283 | abac_yyout=abac_get_yyout(); |
---|
| 284 | abac_yyfptr = abac_get_yyfptr(); |
---|
| 285 | sz_overhead = strlen(abac_yyfptr)+2000; |
---|
| 286 | abac_init_yap_id_clauses(); |
---|
| 287 | abac_init_yy_id_certs(); |
---|
| 288 | } |
---|
| 289 | |
---|
| 290 | void panic(char *msg) |
---|
| 291 | { |
---|
| 292 | yyerror(msg); |
---|
| 293 | } |
---|
| 294 | |
---|
| 295 | void set_error_code(int v) |
---|
| 296 | { |
---|
| 297 | abac_yy_error_code=v; |
---|
| 298 | } |
---|
| 299 | |
---|
| 300 | static int get_error_code() |
---|
| 301 | { |
---|
| 302 | return abac_yy_error_code; |
---|
| 303 | } |
---|
| 304 | |
---|