]>
Commit | Line | Data |
---|---|---|
1 | /* $KAME: token.l,v 1.44 2003/10/21 07:20:58 itojun Exp $ */ | |
2 | ||
3 | /* | |
4 | * Copyright (C) 1995, 1996, 1997, 1998, and 1999 WIDE Project. | |
5 | * All rights reserved. | |
6 | * | |
7 | * Redistribution and use in source and binary forms, with or without | |
8 | * modification, are permitted provided that the following conditions | |
9 | * are met: | |
10 | * 1. Redistributions of source code must retain the above copyright | |
11 | * notice, this list of conditions and the following disclaimer. | |
12 | * 2. Redistributions in binary form must reproduce the above copyright | |
13 | * notice, this list of conditions and the following disclaimer in the | |
14 | * documentation and/or other materials provided with the distribution. | |
15 | * 3. Neither the name of the project nor the names of its contributors | |
16 | * may be used to endorse or promote products derived from this software | |
17 | * without specific prior written permission. | |
18 | * | |
19 | * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND | |
20 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | |
21 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | |
22 | * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE | |
23 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | |
24 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | |
25 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |
26 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | |
27 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | |
28 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | |
29 | * SUCH DAMAGE. | |
30 | */ | |
31 | ||
32 | %option noyywrap | |
33 | %{ | |
34 | ||
35 | #ifdef HAVE_CONFIG_H | |
36 | #include "config.h" | |
37 | #endif | |
38 | ||
39 | #include <sys/types.h> | |
40 | #include <sys/param.h> | |
41 | #include <sys/socket.h> | |
42 | #include <net/pfkeyv2.h> | |
43 | #include <netinet/in.h> | |
44 | #ifdef HAVE_NETINET6_IPSEC | |
45 | # include <netinet6/ipsec.h> | |
46 | #else | |
47 | # include <netinet/ipsec.h> | |
48 | #endif | |
49 | ||
50 | #include <stdlib.h> | |
51 | #include <limits.h> | |
52 | #include <string.h> | |
53 | #include <unistd.h> | |
54 | #include <errno.h> | |
55 | #include <netdb.h> | |
56 | ||
57 | #include "vchar.h" | |
58 | #include "y.tab.h" | |
59 | ||
60 | #include "extern.h" | |
61 | ||
62 | /* make the code compile on *BSD-current */ | |
63 | #ifndef SADB_X_AALG_SHA2_256 | |
64 | #define SADB_X_AALG_SHA2_256 (-1) | |
65 | #endif | |
66 | #ifndef SADB_X_AALG_SHA2_384 | |
67 | #define SADB_X_AALG_SHA2_384 (-1) | |
68 | #endif | |
69 | #ifndef SADB_X_AALG_SHA2_512 | |
70 | #define SADB_X_AALG_SHA2_512 (-1) | |
71 | #endif | |
72 | #ifndef SADB_X_AALG_RIPEMD160HMAC | |
73 | #define SADB_X_AALG_RIPEMD160HMAC (-1) | |
74 | #endif | |
75 | #ifndef SADB_X_AALG_AES_XCBC_MAC | |
76 | #define SADB_X_AALG_AES_XCBC_MAC (-1) | |
77 | #endif | |
78 | #ifndef SADB_X_EALG_TWOFISHCBC | |
79 | #define SADB_X_EALG_TWOFISHCBC (-1) | |
80 | #endif | |
81 | #ifndef SADB_X_EALG_AESCTR | |
82 | #define SADB_X_EALG_AESCTR (-1) | |
83 | #endif | |
84 | %} | |
85 | ||
86 | /* common section */ | |
87 | nl \n | |
88 | ws [ \t]+ | |
89 | digit [0-9] | |
90 | letter [0-9A-Za-z] | |
91 | hexdigit [0-9A-Fa-f] | |
92 | dot \. | |
93 | hyphen \- | |
94 | slash \/ | |
95 | blcl \[ | |
96 | elcl \] | |
97 | semi \; | |
98 | comment \#.* | |
99 | quotedstring \"[^"]*\" | |
100 | decstring {digit}+ | |
101 | hexstring 0[xX]{hexdigit}+ | |
102 | ipaddress [a-fA-F0-9:]([a-fA-F0-9:\.]*|[a-fA-F0-9:\.]*%[a-zA-Z0-9]*) | |
103 | ipaddrmask {slash}{digit}{1,3} | |
104 | name {letter}(({letter}|{digit}|{hyphen})*({letter}|{digit}))* | |
105 | hostname {name}(({dot}{name})+{dot}?)? | |
106 | ||
107 | %s S_PL S_AUTHALG S_ENCALG | |
108 | ||
109 | %% | |
110 | ||
111 | add { return(ADD); } | |
112 | delete { return(DELETE); } | |
113 | deleteall { return(DELETEALL); } | |
114 | get { return(GET); } | |
115 | flush { return(FLUSH); } | |
116 | dump { return(DUMP); } | |
117 | exit { return(EXIT); } | |
118 | quit { return(EXIT); } | |
119 | bye { return(EXIT); } | |
120 | ||
121 | /* for management SPD */ | |
122 | spdadd { return(SPDADD); } | |
123 | spddelete { return(SPDDELETE); } | |
124 | spddump { return(SPDDUMP); } | |
125 | spdflush { return(SPDFLUSH); } | |
126 | tagged { return(TAGGED); } | |
127 | {hyphen}P { BEGIN S_PL; return(F_POLICY); } | |
128 | <S_PL>[a-zA-Z0-9:\.\-_/ \n\t][a-zA-Z0-9:\.%\-+_/ \n\t\]\[]* { | |
129 | yymore(); | |
130 | ||
131 | /* count up for nl */ | |
132 | { | |
133 | char *p; | |
134 | for (p = yytext; *p != '\0'; p++) | |
135 | if (*p == '\n') | |
136 | lineno++; | |
137 | } | |
138 | ||
139 | yylval.val.len = strlen(yytext); | |
140 | yylval.val.buf = strdup(yytext); | |
141 | if (!yylval.val.buf) | |
142 | yyfatal("insufficient memory"); | |
143 | ||
144 | return(PL_REQUESTS); | |
145 | } | |
146 | <S_PL>{semi} { BEGIN INITIAL; return(EOT); } | |
147 | ||
148 | /* address resolution flags */ | |
149 | {hyphen}[n46][n46]* { | |
150 | yylval.val.len = strlen(yytext); | |
151 | yylval.val.buf = strdup(yytext); | |
152 | if (!yylval.val.buf) | |
153 | yyfatal("insufficient memory"); | |
154 | return(F_AIFLAGS); | |
155 | } | |
156 | ||
157 | /* security protocols */ | |
158 | ah { yylval.num = 0; return(PR_AH); } | |
159 | esp { yylval.num = 0; return(PR_ESP); } | |
160 | ah-old { yylval.num = 1; return(PR_AH); } | |
161 | esp-old { yylval.num = 1; return(PR_ESP); } | |
162 | esp-udp { yylval.num = 0; return(PR_ESPUDP); } | |
163 | ipcomp { yylval.num = 0; return(PR_IPCOMP); } | |
164 | tcp { | |
165 | yylval.num = 0; return(PR_TCP); | |
166 | } | |
167 | ||
168 | /* authentication alogorithm */ | |
169 | {hyphen}A { BEGIN S_AUTHALG; return(F_AUTH); } | |
170 | <S_AUTHALG>hmac-md5 { yylval.num = SADB_AALG_MD5HMAC; BEGIN INITIAL; return(ALG_AUTH); } | |
171 | <S_AUTHALG>hmac-sha1 { yylval.num = SADB_AALG_SHA1HMAC; BEGIN INITIAL; return(ALG_AUTH); } | |
172 | <S_AUTHALG>keyed-md5 { yylval.num = SADB_X_AALG_MD5; BEGIN INITIAL; return(ALG_AUTH); } | |
173 | <S_AUTHALG>keyed-sha1 { yylval.num = SADB_X_AALG_SHA; BEGIN INITIAL; return(ALG_AUTH); } | |
174 | <S_AUTHALG>hmac-sha2-256 { yylval.num = SADB_X_AALG_SHA2_256; BEGIN INITIAL; return(ALG_AUTH); } | |
175 | <S_AUTHALG>hmac-sha256 { yylval.num = SADB_X_AALG_SHA2_256; BEGIN INITIAL; return(ALG_AUTH); } | |
176 | <S_AUTHALG>hmac-sha2-384 { yylval.num = SADB_X_AALG_SHA2_384; BEGIN INITIAL; return(ALG_AUTH); } | |
177 | <S_AUTHALG>hmac-sha384 { yylval.num = SADB_X_AALG_SHA2_384; BEGIN INITIAL; return(ALG_AUTH); } | |
178 | <S_AUTHALG>hmac-sha2-512 { yylval.num = SADB_X_AALG_SHA2_512; BEGIN INITIAL; return(ALG_AUTH); } | |
179 | <S_AUTHALG>hmac-sha512 { yylval.num = SADB_X_AALG_SHA2_512; BEGIN INITIAL; return(ALG_AUTH); } | |
180 | <S_AUTHALG>hmac-ripemd160 { yylval.num = SADB_X_AALG_RIPEMD160HMAC; BEGIN INITIAL; return(ALG_AUTH); } | |
181 | <S_AUTHALG>aes-xcbc-mac { yylval.num = SADB_X_AALG_AES_XCBC_MAC; BEGIN INITIAL; return(ALG_AUTH); } | |
182 | <S_AUTHALG>tcp-md5 { | |
183 | #ifdef SADB_X_AALG_TCP_MD5 | |
184 | yylval.num = SADB_X_AALG_TCP_MD5; | |
185 | BEGIN INITIAL; | |
186 | return(ALG_AUTH); | |
187 | #endif | |
188 | } | |
189 | <S_AUTHALG>null { yylval.num = SADB_X_AALG_NULL; BEGIN INITIAL; return(ALG_AUTH_NOKEY); } | |
190 | ||
191 | /* encryption alogorithm */ | |
192 | {hyphen}E { BEGIN S_ENCALG; return(F_ENC); } | |
193 | <S_ENCALG>des-cbc { yylval.num = SADB_EALG_DESCBC; BEGIN INITIAL; return(ALG_ENC); } | |
194 | <S_ENCALG>3des-cbc { yylval.num = SADB_EALG_3DESCBC; BEGIN INITIAL; return(ALG_ENC); } | |
195 | <S_ENCALG>null { yylval.num = SADB_EALG_NULL; BEGIN INITIAL; return(ALG_ENC_NOKEY); } | |
196 | <S_ENCALG>simple { yylval.num = SADB_EALG_NULL; BEGIN INITIAL; return(ALG_ENC_OLD); } | |
197 | <S_ENCALG>blowfish-cbc { yylval.num = SADB_X_EALG_BLOWFISHCBC; BEGIN INITIAL; return(ALG_ENC); } | |
198 | <S_ENCALG>cast128-cbc { yylval.num = SADB_X_EALG_CAST128CBC; BEGIN INITIAL; return(ALG_ENC); } | |
199 | <S_ENCALG>des-deriv { yylval.num = SADB_EALG_DESCBC; BEGIN INITIAL; return(ALG_ENC_DESDERIV); } | |
200 | <S_ENCALG>des-32iv { yylval.num = SADB_EALG_DESCBC; BEGIN INITIAL; return(ALG_ENC_DES32IV); } | |
201 | <S_ENCALG>twofish-cbc { yylval.num = SADB_X_EALG_TWOFISHCBC; BEGIN INITIAL; return(ALG_ENC); } | |
202 | <S_ENCALG>aes-cbc { | |
203 | #ifdef SADB_X_EALG_AESCBC | |
204 | yylval.num = SADB_X_EALG_AESCBC; BEGIN INITIAL; return(ALG_ENC); | |
205 | #endif | |
206 | } | |
207 | <S_ENCALG>rijndael-cbc { | |
208 | #ifdef SADB_X_EALG_AESCBC | |
209 | yylval.num = SADB_X_EALG_AESCBC; BEGIN INITIAL; return(ALG_ENC); | |
210 | #endif | |
211 | } | |
212 | <S_ENCALG>aes-ctr { yylval.num = SADB_X_EALG_AESCTR; BEGIN INITIAL; return(ALG_ENC); } | |
213 | ||
214 | /* compression algorithms */ | |
215 | {hyphen}C { return(F_COMP); } | |
216 | oui { yylval.num = SADB_X_CALG_OUI; return(ALG_COMP); } | |
217 | deflate { yylval.num = SADB_X_CALG_DEFLATE; return(ALG_COMP); } | |
218 | lzs { yylval.num = SADB_X_CALG_LZS; return(ALG_COMP); } | |
219 | {hyphen}R { return(F_RAWCPI); } | |
220 | ||
221 | /* extension */ | |
222 | {hyphen}m { return(F_MODE); } | |
223 | transport { yylval.num = IPSEC_MODE_TRANSPORT; return(MODE); } | |
224 | tunnel { yylval.num = IPSEC_MODE_TUNNEL; return(MODE); } | |
225 | {hyphen}u { return(F_REQID); } | |
226 | {hyphen}f { return(F_EXT); } | |
227 | random-pad { yylval.num = SADB_X_EXT_PRAND; return(EXTENSION); } | |
228 | seq-pad { yylval.num = SADB_X_EXT_PSEQ; return(EXTENSION); } | |
229 | zero-pad { yylval.num = SADB_X_EXT_PZERO; return(EXTENSION); } | |
230 | nocyclic-seq { return(NOCYCLICSEQ); } | |
231 | {hyphen}r { return(F_REPLAY); } | |
232 | {hyphen}lh { return(F_LIFETIME_HARD); } | |
233 | {hyphen}ls { return(F_LIFETIME_SOFT); } | |
234 | {hyphen}bh { return(F_LIFEBYTE_HARD); } | |
235 | {hyphen}bs { return(F_LIFEBYTE_SOFT); } | |
236 | ||
237 | /* ... */ | |
238 | any { return(ANY); } | |
239 | {ws} { } | |
240 | {nl} { lineno++; } | |
241 | {comment} | |
242 | {semi} { return(EOT); } | |
243 | ||
244 | /* for address parameters: /prefix, [port] */ | |
245 | {slash} { return SLASH; } | |
246 | {blcl} { return BLCL; } | |
247 | {elcl} { return ELCL; } | |
248 | ||
249 | /* parameter */ | |
250 | {decstring} { | |
251 | char *bp; | |
252 | ||
253 | yylval.ulnum = strtoul(yytext, &bp, 10); | |
254 | return(DECSTRING); | |
255 | } | |
256 | ||
257 | {hexstring} { | |
258 | yylval.val.buf = strdup(yytext + 2); | |
259 | if (!yylval.val.buf) | |
260 | yyfatal("insufficient memory"); | |
261 | yylval.val.len = strlen(yylval.val.buf); | |
262 | ||
263 | return(HEXSTRING); | |
264 | } | |
265 | ||
266 | {quotedstring} { | |
267 | char *p = yytext; | |
268 | while (*++p != '"') ; | |
269 | *p = '\0'; | |
270 | yytext++; | |
271 | yylval.val.len = yyleng - 2; | |
272 | yylval.val.buf = strdup(yytext); | |
273 | if (!yylval.val.buf) | |
274 | yyfatal("insufficient memory"); | |
275 | ||
276 | return(QUOTEDSTRING); | |
277 | } | |
278 | ||
279 | [A-Za-z0-9:][A-Za-z0-9:%\.-]* { | |
280 | yylval.val.len = yyleng; | |
281 | yylval.val.buf = strdup(yytext); | |
282 | if (!yylval.val.buf) | |
283 | yyfatal("insufficient memory"); | |
284 | return(STRING); | |
285 | } | |
286 | ||
287 | [0-9,]+ { | |
288 | yylval.val.len = yyleng; | |
289 | yylval.val.buf = strdup(yytext); | |
290 | if (!yylval.val.buf) | |
291 | yyfatal("insufficient memory"); | |
292 | return(STRING); | |
293 | } | |
294 | ||
295 | . { | |
296 | yyfatal("Syntax error"); | |
297 | /*NOTREACHED*/ | |
298 | } | |
299 | ||
300 | %% | |
301 | ||
302 | void | |
303 | yyfatal(s) | |
304 | const char *s; | |
305 | { | |
306 | yyerror(s); | |
307 | exit(1); | |
308 | } | |
309 | ||
310 | void | |
311 | yyerror(s) | |
312 | const char *s; | |
313 | { | |
314 | printf("line %d: %s at [%s]\n", lineno, s, yytext); | |
315 | } | |
316 | ||
317 | int | |
318 | parse(fp) | |
319 | FILE **fp; | |
320 | { | |
321 | yyin = *fp; | |
322 | ||
323 | lineno = 1; | |
324 | parse_init(); | |
325 | ||
326 | if (yyparse()) { | |
327 | printf("parse failed, line %d.\n", lineno); | |
328 | return(-1); | |
329 | } | |
330 | ||
331 | return(0); | |
332 | } | |
333 | ||
334 | int | |
335 | parse_string (char *src) | |
336 | { | |
337 | int result; | |
338 | YY_BUFFER_STATE buf_state; | |
339 | ||
340 | buf_state = yy_scan_string(src); | |
341 | result = yyparse(); | |
342 | yy_delete_buffer(buf_state); | |
343 | return result; | |
344 | } | |
345 |