static void sh_prelink_fd(sh_tas_t * task)
{
SL_TICKET ticket;
char * tmp;
char hashbuf[KEYBUF_SIZE];
if (task->com_ti != (-1))
{
(void) sl_close(task->com_ti);
task->com_fd = -1;
task->com_ti = -1;
}
ticket = sl_open_read(FIL__, __LINE__, task->command,
task->privileged == 0 ? SL_NOPRIV : SL_YESPRIV);
if (SL_ISERROR(ticket))
{
char errbuf[SH_ERRBUF_SIZE];
char errbuf2[SH_ERRBUF_SIZE];
sh_error_message(errno, errbuf2, sizeof(errbuf2));
sl_strlcpy(errbuf, sl_error_string(ticket), sizeof(errbuf));
tmp = sh_util_safe_name (task->command);
sh_error_handle(SH_ERR_ERR, FIL__, __LINE__, ticket, MSG_E_READ, errbuf, errbuf2, tmp);
SH_FREE(tmp);
return;
}
if (*(task->checksum) == '\0' ||
0 == sl_strcmp(task->checksum,
sh_tiger_hash (task->command, ticket, TIGER_NOLIM, hashbuf, sizeof(hashbuf))))
{
task->com_fd = get_the_fd(ticket);
task->com_ti = ticket;
}
else
{
tmp = sh_util_safe_name (task->command);
sh_error_handle(SH_ERR_ERR, FIL__, __LINE__, ticket, MSG_E_HASH, tmp);
SH_FREE(tmp);
(void) sl_close(ticket);
}
return;
}
/* returns static storage
*/
int sh_prelink_run (char * path, char * file_hash, int alert_timeout, unsigned long mask)
{
static int init = S_FALSE;
static int args_filled = 0;
static sh_tas_t task;
int status = 0;
char * p;
SL_ENTER(_("sh_prelink_run"));
/* reset if path == NULL
*/
if (path == NULL)
{
if (init == S_FALSE)
{
SL_RETURN (0, _("sh_prelink_run"));
}
sh_ext_tas_free(&task);
init = S_FALSE;
args_filled = 0;
SL_RETURN (0, _("sh_prelink_run"));
}
/* initialize task structure
*/
if (init == S_FALSE)
{
char dir[SH_PATHBUF];
sh_ext_tas_init(&task);
p = sh_unix_getUIDdir (SH_ERR_ERR, task.run_user_uid, dir, sizeof(dir));
if (p)
{
(void) sh_ext_tas_add_envv (&task, _("HOME"), p);
}
(void) sh_ext_tas_add_envv (&task, _("SHELL"),
_("/bin/sh"));
(void) sh_ext_tas_add_envv (&task, _("PATH"),
_("/sbin:/usr/sbin:/bin:/usr/bin"));
if (sh.timezone != NULL)
{
(void) sh_ext_tas_add_envv(&task, "TZ", sh.timezone);
}
if (prelink_path == NULL)
{
sh_ext_tas_command(&task, _("/usr/sbin/prelink"));
(void) sh_ext_tas_add_argv(&task, _("/usr/sbin/prelink"));
}
else
{
sh_ext_tas_command(&task, prelink_path);
(void) sh_ext_tas_add_argv(&task, prelink_path);
}
args_filled = sh_ext_tas_add_argv(&task, _("--verify"));
if (prelink_hash != NULL)
{
(void) sl_strlcpy(task.checksum, prelink_hash, KEY_LEN+1);
}
task.rw = 'r';
task.fork_twice = S_FALSE;
sh_prelink_fd(&task);
init = S_TRUE;
}
/* rm filename arg if set; fill in filename
*/
if (args_filled == 3)
args_filled = sh_ext_tas_rm_argv(&task);
if (args_filled == 2)
args_filled = sh_ext_tas_add_argv(&task, path);
else
{
sh_error_handle(SH_ERR_ERR, FIL__, __LINE__, args_filled, MSG_E_SUBGEN,
_("Bad argument count"), _("sh_prelink_run"));
SL_RETURN ((-1), _("sh_prelink_run"));
}
/* open pipe
*/
status = sh_ext_popen(&task);
if (status != 0)
{
sh_error_handle(SH_ERR_ALL, FIL__, __LINE__, status, MSG_E_SUBGEN,
_("Could not open pipe"), _("sh_prelink_run"));
SL_RETURN ((-1), _("sh_prelink_run"));
}
if (SL_ISERROR(task.pipeTI))
{
sh_error_handle(SH_ERR_ALL, FIL__, __LINE__, task.pipeTI, MSG_E_SUBGEN,
_("No valid ticket"), _("sh_prelink_run"));
SL_RETURN ((-1), _("sh_prelink_run"));
}
/* read from pipe
*/
sl_read_timeout_prep (task.pipeTI);
{
char hashbuf[KEYBUF_SIZE];
UINT64 length_nolim = TIGER_NOLIM;
if (sh.flag.opts == S_TRUE) sh_tiger_set_hashtype_mask(mask);
sl_strlcpy(file_hash,
sh_tiger_generic_hash (path, task.pipeTI, &length_nolim, alert_timeout,
hashbuf, sizeof(hashbuf)),
KEY_LEN+1);
}
/* close pipe and return exit status
*/
status = sh_ext_pclose(&task);
SL_RETURN ((status), _("sh_prelink_run"));
}
int sl_trustfile(const char *fname, uid_t *okusers, uid_t *badusers)
{
char * fexp = NULL; /* file name fully expanded */
register char *p; /* used to hold name to be checked */
struct stat stbuf; /* used to check file permissions */
char c; /* used to hold temp char */
int errgrp = 0;
SL_ENTER(_("sl_trustfile"));
if (fname == NULL)
SL_IRETURN(SL_EBADFILE, _("sl_trustfile"));
fexp = calloc(1, MAXFILENAME );
if (!fexp)
SL_IRETURN(SL_EMEM, _("sl_trustfile"));
p = fexp;
/*
* next expand to the full file name
* getfname sets sl_errno as appropriate
*/
#ifdef TRUST_MAIN
sl_errno = getfname(fname, fexp, MAXFILENAME);
if (sl_errno != 0)
{
free(fexp);
return sl_errno;
}
#else
if (SL_ISERROR(getfname(fname, fexp, MAXFILENAME)))
{
free(fexp);
SL_IRETURN(sl_errno, _("sl_trustfile"));
}
#endif
if (okusers == NULL && badusers == NULL)
{
okusers = rootonly;
rootonly[EUIDSLOT] = tf_euid;
}
/*
* now loop through the path a component at a time
* note we have to special-case root
*/
while(*p)
{
/*
* get next component
*/
while(*p && *p != '/')
p++;
/* save where you are
*/
if (p == fexp)
{
/* keep the / if it's the root dir
*/
c = p[1];
p[1] = '\0';
}
else
{
/* clobber the / if it isn't the root dir
*/
c = *p;
*p = '\0';
}
/*
* now get the information
*/
if (retry_lstat(FIL__, __LINE__, fexp, &stbuf) < 0)
{
(void) strncpy(tf_path, fexp, sizeof(tf_path));
tf_path[sizeof(tf_path)-1] = '\0';
#ifdef TRUST_MAIN
fprintf(stderr, "---------------------------------------------\n");
fprintf(stderr, "trustfile: ESTAT: stat(%s) failed,\n", fexp);
fprintf(stderr, "maybe the file does not exist\n");
fprintf(stderr, "---------------------------------------------\n");
#endif
free(fexp);
SL_IRETURN(SL_ESTAT, _("sl_trustfile"));
}
#ifdef S_IFLNK
/*
* if it's a symbolic link, recurse
*/
if ((stbuf.st_mode & S_IFLNK) == S_IFLNK)
{
/*
* this is tricky
* if the symlink is to an absolute path
* name, just call trustfile on it; but
* if it's a relative path name, it's
* interpreted WRT the current working
* directory AND NOT THE FILE NAME!!!!!
* so, we simply put /../ at the end of
* the file name, then append the symlink
* contents; trustfile will canonicalize
* this, and the /../ we added "undoes"
* the name of the symlink to put us in
* the current working directory, at
* which point the symlink contents (appended
* to the CWD) are interpreted correctly.
* got it?
*/
char * csym; /* contents of symlink file */
char * full; /* "full" name of symlink */
char *b; /* used to copy stuff around */
const char *t; /* used to copy stuff around */
int lsym; /* num chars in symlink ref */
int i; /* trustworthy or not? */
const char * t_const;
char *end;
/*
* get what the symbolic link points to
*
* The original code does not check the return code of readlink(),
* and has an off-by-one error
* (MAXFILENAME instead of MAXFILENAME-1)
* R.W. Tue May 29 22:05:16 CEST 2001
*/
csym = calloc(1, MAXFILENAME );
if (!csym)
{
free(fexp);
SL_IRETURN(SL_EMEM, _("sl_trustfile"));
}
lsym = readlink(fexp, csym, MAXFILENAME-1);
if (lsym >= 0)
csym[lsym] = '\0';
else
{
#ifdef TRUST_MAIN
fprintf(stderr, "---------------------------------------------\n");
fprintf(stderr, "trustfile: EBADNAME: readlink(%s) failed\n",
fexp);
fprintf(stderr, "---------------------------------------------\n");
#endif
free(csym);
free(fexp);
SL_IRETURN(SL_EBADNAME, _("sl_trustfile"));
}
full = calloc(1, MAXFILENAME );
if (!full)
{
free(csym);
free(fexp);
SL_IRETURN(SL_EMEM, _("sl_trustfile"));
}
/*
* relative or absolute referent?
*/
if (csym[0] != '/')
{
/* pointer to one above last element
*/
end = &full[MAXFILENAME-1]; ++end;
/* initialize pointers
*/
b = full;
/* copy in base path
*/
t = fexp;
while(*t && b < end)
*b++ = *t++;
/* smack on the /../
*/
t_const = "/../"; t = (const char *)t_const;
while(*t && b < end)
*b++ = *t++;
/* append the symlink referent
*/
t = csym;
while(*t && b < end)
*b++ = *t++;
/* see if we're too big
*/
if (*t || b == end)
{
/* yes -- error
*/
(void) strncpy(tf_path, fexp, sizeof(tf_path));
tf_path[sizeof(tf_path)-1] = '\0';
#ifdef TRUST_MAIN
fprintf(stderr, "---------------------------------------------\n");
fprintf(stderr,
"trustfile: ETRUNC: normalized path too long (%s)\n",
fexp);
fprintf(stderr, "---------------------------------------------\n");
#endif
free(full);
free(csym);
free(fexp);
SL_IRETURN(SL_ETRUNC, _("sl_trustfile"));
}
*b = '\0';
}
else
{
/* absolute -- just copy */
/* overflow can't occur as the arrays */
/* are the same size */
(void) strcpy(full, csym); /* known to fit */
}
/*
* now check out this file and its ancestors
*/
if ((i = sl_trustfile(full, okusers, badusers)) != SL_ENONE)
{
free(full);
free(csym);
free(fexp);
SL_IRETURN(i, _("sl_trustfile"));
}
/*
* okay, this part is valid ... let's check the rest
* put the / back
*/
if (p == fexp)
{
/* special case for root */
p[1] = c;
p++;
}
else
{
/* ordinary case for everything else */
*p = c;
if (*p)
p++;
}
free(full);
free(csym);
continue;
}
#endif
#ifdef TRUST_DEBUG
fprintf(stderr, "\ntrustfile: checking path=%s\n", fexp);
#endif
/*
* if the owner is not trusted then -- as the owner can
* change protection modes -- he/she can write to the
* file regardless of permissions, so bomb
*/
if (((okusers != NULL && S_FALSE == isin((uid_t)stbuf.st_uid,okusers))||
(badusers != NULL && S_TRUE == isin((uid_t)stbuf.st_uid,badusers))))
{
#ifdef TRUST_DEBUG
fprintf(stderr, "---------------------------------------------\n");
fprintf(stderr, "trustfile: EBADUID %s (owner not trusted)\n",
fexp);
fprintf(stderr, "The owner of this file/directory is not in samhains\n");
fprintf(stderr, "list of trusted users.\n");
fprintf(stderr, "Please run ./configure again with the option\n");
fprintf(stderr, " ./configure [more options] --with-trusted=0,...,UID\n");
fprintf(stderr, "where UID is the UID of the (yet) untrusted user.\n");
fprintf(stderr, "---------------------------------------------\n");
#endif
(void) strncpy(tf_path, fexp, sizeof(tf_path));
tf_path[sizeof(tf_path)-1] = '\0';
tf_baduid = (uid_t) stbuf.st_uid;
free(fexp);
SL_IRETURN(SL_EBADUID, _("sl_trustfile"));
}
/*
* if a group member can write but the
* member is not trusted, bomb; but if
* sticky bit semantics are honored, it's
* okay
*/
/* Thu Mar 29 21:10:28 CEST 2001 Rainer Wichmann
* replace !isingrp() with onlytrustedingrp(), as isingrp()
* will return at the first trusted user, even if there are additional
* (untrusted) users in the group
*/
if (((stbuf.st_mode & S_IWGRP) == S_IWGRP) &&
((okusers != NULL && !onlytrustedingrp((gid_t)stbuf.st_gid,okusers,&errgrp))||
(badusers != NULL && isingrp((gid_t)stbuf.st_gid, badusers,&errgrp)))
#ifdef STICKY
&& ((stbuf.st_mode&S_IFDIR) != S_IFDIR ||
(stbuf.st_mode&S_ISVTX) != S_ISVTX)
#endif
)
{
#ifdef TRUST_DEBUG
fprintf(stderr, "---------------------------------------------\n");
fprintf(stderr,
"trustfile: EBADGID %ld %s (group member not trusted)\n",
(UID_CAST)stbuf.st_gid, fexp);
fprintf(stderr, "This file/directory is group writeable, and one of the group members\n");
fprintf(stderr, "is not in samhains list of trusted users.\n");
fprintf(stderr, "Please run ./configure again with the option\n");
fprintf(stderr, " ./configure [more options] --with-trusted=0,...,UID\n");
fprintf(stderr, "where UID is the UID of the (yet) untrusted user.\n");
fprintf(stderr, "---------------------------------------------\n");
#endif
(void) strncpy(tf_path, fexp, sizeof(tf_path));
tf_path[sizeof(tf_path)-1] = '\0';
tf_badgid = (gid_t) stbuf.st_gid;
free(fexp);
SL_IRETURN((errgrp == ERANGE) ? SL_ERANGE : SL_EBADGID, _("sl_trustfile"));
}
/*
* if other can write, bomb; but if the sticky
* bit semantics are honored, it's okay
*/
if (((stbuf.st_mode & S_IWOTH) == S_IWOTH)
#ifdef STICKY
&& ((stbuf.st_mode&S_IFDIR) != S_IFDIR ||
(stbuf.st_mode&S_ISVTX) != S_ISVTX)
#endif
)
{
#ifdef TRUST_DEBUG
fprintf(stderr, "---------------------------------------------\n");
fprintf(stderr, "trustfile: EBADOTH (world writeable): %s\n",
fexp);
fprintf(stderr, "This file/directory is world writeable.\n");
fprintf(stderr, "---------------------------------------------\n");
#endif
(void) strncpy(tf_path, fexp, sizeof(tf_path));
tf_path[sizeof(tf_path)-1] = '\0';
free(fexp);
SL_IRETURN(SL_EBADOTH, _("sl_trustfile"));
}
/*
* put the / back
*/
if (p == fexp)
{
/* special case for root */
p[1] = c;
p++;
}
else
{
/* ordinary case for everything else */
*p = c;
if (*p)
p++;
}
}
/*
* yes, it can be trusted
*/
(void) strncpy(tf_path, fexp, sizeof(tf_path));
tf_path[sizeof(tf_path)-1] = '\0';
free(fexp);
SL_IRETURN(SL_ENONE, _("sl_trustfile"));
}
/* --- Read the configuration file. ---
*/
int sh_readconf_read (void)
{
#if defined (SH_WITH_CLIENT) || defined (SH_STANDALONE)
/* This is for modules.
*/
int modnum;
#endif
int i;
SL_TICKET fd = -1;
#if defined(SH_STEALTH) && !defined(SH_STEALTH_MICRO)
SL_TICKET fdTmp = -1;
#endif
#if defined(WITH_GPG) || defined(WITH_PGP)
SL_TICKET fdGpg = -1;
#endif
char * tmp;
#define SH_LINE_IN 16384
char * line_in;
char * line;
/* This is for nested conditionals.
*/
int cond_depth = 0;
int cond_excl = 0;
int local_file = 1;
char local_flag = 'R';
#if defined(WITH_GPG) || defined(WITH_PGP)
int signed_content = S_FALSE;
int true_content = S_FALSE;
#endif
#if defined(SH_STEALTH) && !defined(SH_STEALTH_MICRO)
int hidden_count = 0;
#endif
uid_t euid;
char hashbuf[KEYBUF_SIZE];
SL_ENTER(_("sh_readconf_read"));
/* --- Open config file, exit on failure. ---
*/
#if defined(SH_WITH_CLIENT)
if (0 == sl_strcmp(file_path('C', 'R'), _("REQ_FROM_SERVER")))
{
sh_error_handle ((-1), FIL__, __LINE__, 0, MSG_D_START);
fd = sh_forward_req_file(_("CONF"));
if (!SL_ISERROR(fd))
{
local_file = 0;
}
else if (sh.flag.checkSum != SH_CHECK_INIT)
{
aud_exit (FIL__, __LINE__, EXIT_FAILURE);
}
else
{
sh_error_handle ((-1), FIL__, __LINE__, fd, MSG_D_FAIL);
local_file = 1;
local_flag = 'I';
}
}
#endif
/* Use a local configuration file.
*/
if (local_file == 1)
{
if (0 != tf_trust_check (file_path('C', local_flag), SL_YESPRIV))
{
sl_get_euid(&euid);
dlog(1, FIL__, __LINE__,
_("The configuration file: %s is untrusted, i.e. an\nuntrusted user owns or can write to some directory in the path.\n"),
( (NULL == file_path('C', local_flag))
? _("(null)") : file_path('C', local_flag) ));
sh_error_handle ((-1), FIL__, __LINE__, EACCES, MSG_TRUST,
(long) euid,
( (NULL == file_path('C', local_flag))
? _("(null)") : file_path('C', local_flag) )
);
aud_exit (FIL__, __LINE__, EXIT_FAILURE);
}
if (SL_ISERROR(fd = sl_open_read(FIL__, __LINE__,
file_path('C',local_flag),SL_YESPRIV)))
{
sl_get_euid(&euid);
dlog(1, FIL__, __LINE__,
_("Could not open the local configuration file for reading because\nof the following error: %s (errnum = %ld)\nIf this is a permission problem, you need to change file permissions\nto make the file readable for the effective UID: %d\n"),
sl_get_errmsg(), fd, (int) euid);
sh_error_handle ((-1), FIL__, __LINE__, fd, MSG_NOACCESS,
(long) euid,
( (NULL == file_path('C', local_flag))
? _("(null)") : file_path('C', local_flag) )
);
aud_exit (FIL__, __LINE__, EXIT_FAILURE);
}
}
/* Compute the checksum of the open file.
*/
sl_strlcpy(sh.conf.hash,
sh_tiger_hash(file_path('C',local_flag), fd, TIGER_NOLIM,
hashbuf, sizeof(hashbuf)),
KEY_LEN+1);
sl_rewind (fd);
line_in = SH_ALLOC(SH_LINE_IN);
#if defined(SH_STEALTH) && !defined(SH_STEALTH_MICRO)
/* extract the data and copy to temporary file
*/
fdTmp = open_tmp();
sh_unix_getline_stealth (0, NULL, 0); /* initialize */
while ( sh_unix_getline_stealth (fd, line_in, SH_LINE_IN-2) > 0) {
hidden_count++;
if (line_in[0] == '\n')
{
sl_write(fdTmp, line_in, 1);
}
else
{
sl_write_line(fdTmp, line_in, sl_strlen(line_in));
}
#if defined(WITH_GPG) || defined(WITH_PGP)
if (0 == sl_strncmp(line_in, _("-----END PGP SIGNATURE-----"), 25))
break;
#else
if (0 == sl_strncmp(line_in, _("[EOF]"), 5))
break;
#endif
if (hidden_count > 1048576) /* arbitrary safeguard, 1024*1024 */
break;
}
sl_close(fd);
fd = fdTmp;
sl_rewind (fd);
#endif
#if defined(WITH_GPG) || defined(WITH_PGP)
/* extract the data and copy to temporary file
*/
fdGpg = sh_gpg_extract_signed(fd);
sl_close(fd);
fd = fdGpg;
/* Validate signature of open file.
*/
if (0 != sh_gpg_check_sign (fd, 0, 1))
{
SH_FREE(line_in);
aud_exit (FIL__, __LINE__, EXIT_FAILURE);
}
sl_rewind (fd);
#endif
/* --- Start reading lines. ---
*/
conf_line = 0;
while ( sh_unix_getline (fd, line_in, SH_LINE_IN-2) > 0) {
++conf_line;
line = &(line_in[0]);
/* fprintf(stderr, "<%s>\n", line); */
/* Sun May 27 18:40:05 CEST 2001
*/
#if defined(WITH_GPG) || defined(WITH_PGP)
if (signed_content == S_FALSE)
{
if (0 == sl_strcmp(line, _("-----BEGIN PGP SIGNED MESSAGE-----")))
signed_content = S_TRUE;
else
continue;
}
else if (true_content == S_FALSE)
{
if (line[0] == '\n')
true_content = S_TRUE;
else
continue;
}
else if (signed_content == S_TRUE)
{
if (0 == sl_strcmp(line, _("-----BEGIN PGP SIGNATURE-----")))
break;
else if (0 == sl_strcmp(line, _("-----BEGIN PGP SIGNED MESSAGE-----")))
{
sh_error_handle((-1), FIL__, __LINE__, 0, MSG_E_SUBGEN,
_("second signed message in file"),
_("sh_readconf_read"));
dlog(1, FIL__, __LINE__,
_("There seems to be more than one signed message in the configuration\nfile. Please make sure there is only one signed message.\n"));
sh_error_handle ((-1), FIL__, __LINE__, 0, MSG_EXIT_ABORT1,
sh.prg_name);
SH_FREE(line_in);
aud_exit (FIL__, __LINE__,EXIT_FAILURE);
}
}
#endif
/* Skip leading white space.
*/
while (isspace((int)*line)) ++line;
/* Skip header etc.
*/
if (line[0] == '#' || line[0] == '\0' || line[0] == ';' ||
(line[0] == '/' && line[1] == '/'))
continue;
/* Clip off trailing white space.
*/
tmp = line + sl_strlen( line ); --tmp;
while( isspace((int) *tmp ) && tmp >= line ) *tmp-- = '\0';
/* --- an @host/@if/$system directive -------------- */
if (line[0] == '@' || (line[0] == '!' && line[1] == '@') ||
line[0] == '$' || (line[0] == '!' && line[1] == '$'))
{
if (sh_readconf_is_end(line))
{
if (0 == cond_depth) {
sh_error_handle ((-1), FIL__, __LINE__, 0, MSG_EINVALD,
_("config file"),
(long) conf_line);
}
else {
if (cond_excl == cond_depth)
cond_excl = 0;
--cond_depth;
}
}
else if (sh_readconf_is_else(line))
{
if (0 == cond_depth) {
sh_error_handle ((-1), FIL__, __LINE__, 0, MSG_EINVALD,
_("config file"),
(long) conf_line);
}
else if (cond_excl == cond_depth) {
cond_excl = 0;
}
else if (cond_excl == 0) {
cond_excl = cond_depth;
}
}
else
{
if (sh_readconf_cond_match(line, conf_line)) {
++cond_depth;
}
else {
++cond_depth;
if (cond_excl == 0)
cond_excl = cond_depth;
}
}
continue;
}
/****************************************************
*
* Only carry on if this section is intended for us
*
****************************************************/
if (cond_excl != 0) {
continue;
}
/* ------- starts a section ------------ */
else if (line[0] == '[')
{
read_mode = SH_SECTION_NONE;
if (0 == sl_strncasecmp (line, _("[EOF]"), 5)) {
goto nopel;
}
i = 0;
while (tab_ListSections[i].name != 0)
{
if (sl_strncasecmp (line, _(tab_ListSections[i].name),
sl_strlen(tab_ListSections[i].name)) == 0)
{
read_mode = tab_ListSections[i].type;
break;
}
++i;
}
#if defined (SH_WITH_CLIENT) || defined (SH_STANDALONE)
if (read_mode == SH_SECTION_NONE)
{
for (modnum = 0; modList[modnum].name != NULL; ++modnum)
{
if (0 == sl_strncasecmp (line, _(modList[modnum].conf_section),
sl_strlen(modList[modnum].conf_section)) )
read_mode = SH_SECTION_OTHER;
}
}
#endif
if (read_mode == SH_SECTION_NONE)
{
sh_error_handle ((-1), FIL__, __LINE__, 0, MSG_EINVALHEAD,
(long) conf_line);
}
}
/* --- an %schedule directive ------------ */
else if (line[0] == '%' || (line[0] == '!' && line[1] == '%'))
{
#if defined (SH_WITH_CLIENT) || defined (SH_STANDALONE)
if (line[0] == '!' && 0 == sl_strcasecmp(&(line[2]), _("SCHEDULE_TWO")))
set_dirList(1);
else if (0 == sl_strcasecmp(&(line[1]), _("SCHEDULE_TWO")))
set_dirList(2);
#else
;
#endif
}
/* ------ no new section -------------- */
else if (read_mode != SH_SECTION_NONE)
{
if (0 != sh_readconfig_line (line))
{
sh_error_handle ((-1), FIL__, __LINE__, 0, MSG_EINVALCONF,
(long) conf_line);
}
}
} /* while getline() */
nopel:
if (0 != cond_depth)
sh_error_handle ((-1), FIL__, __LINE__, 0, MSG_EINVALDD,
_("config file"),
(long) conf_line);
sl_close (fd);
sh_error_fixup();
read_mode = SH_SECTION_NONE; /* reset b/o sighup reload */
SH_FREE(line_in);
SL_RETURN( 0, _("sh_readconf_read"));
}
