From: Omar Polo <op@omarpolo.com>
Subject: smtpd: allow slashes in literal strings
To: tech@openbsd.org
Cc: gilles@poolp.org
Date: Sun, 03 Nov 2024 12:29:19 +0100

Over in the -portable repository there was a user with a configuration
like this:

	domain = "example.com"
	certf = "/example/fullchain.pem"
	pki $domain cert $certf

This yields a syntax error, but it's not easy to spot.  The problem lies
in how $certf gets expanded (i.e. literally) and our grammar not
allowing non-quoted strings to start with or contain a '/'.

Since we have several rules that may take a path, and given how it's
ugly to double-quote the content of a macro, why not allow strings to
contain slashes too?

below diff probably conflicts with kirill' suggestion in the other
thread, but I'd like to get this smaller one in first and then bring up
the topic of using more braces to group some parts of the grammar next.

thoughs/oks?

Thanks,
Omar Polo


diff /usr/src
commit - b759c4391157008cc068d8f1770b263f8cc16aed
path + /usr/src
blob - d975100507999952f9d8c5404608697687520278
file + usr.sbin/smtpd/parse.y
--- usr.sbin/smtpd/parse.y
+++ usr.sbin/smtpd/parse.y
@@ -3011,12 +3011,12 @@ nodigits:
 	}
 
 #define allowed_in_string(x) \
-	(isalnum(x) || (ispunct(x) && x != '(' && x != ')' && \
+	(isalnum(x) || x == '/' || (ispunct(x) && x != '(' && x != ')' && \
 	x != '{' && x != '}' && x != '<' && x != '>' && \
 	x != '!' && x != '=' && x != '#' && \
 	x != ','))
 
-	if (isalnum(c) || c == ':' || c == '_') {
+	if (isalnum(c) || c == ':' || c == '_' || c == '/') {
 		do {
 			*p++ = c;
 			if ((size_t)(p-buf) >= sizeof(buf)) {