ipsec-tools/libipsec/policy_token.l

   1 /* $Id: policy_token.l,v 1.10.4.1 2005/05/07 14:30:38 manubsd Exp $ */
   2
   3 /*
   4  * Copyright (C) 1995, 1996, 1997, 1998, and 1999 WIDE Project.
   5  * All rights reserved.
   6  *
   7  * Redistribution and use in source and binary forms, with or without
   8  * modification, are permitted provided that the following conditions
   9  * are met:
  10  * 1. Redistributions of source code must retain the above copyright
  11  *    notice, this list of conditions and the following disclaimer.
  12  * 2. Redistributions in binary form must reproduce the above copyright
  13  *    notice, this list of conditions and the following disclaimer in the
  14  *    documentation and/or other materials provided with the distribution.
  15  * 3. Neither the name of the project nor the names of its contributors
  16  *    may be used to endorse or promote products derived from this software
  17  *    without specific prior written permission.
  18  *
  19  * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
  20  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  21  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  22  * ARE DISCLAIMED.  IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
  23  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  24  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  25  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  26  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  27  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  28  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  29  * SUCH DAMAGE.
  30  */
  31
  32 %{
  33 #ifdef HAVE_CONFIG_H
  34 #include "config.h"
  35 #endif
  36
  37 #include <sys/types.h>
  38 #include <sys/param.h>
  39 #include <sys/socket.h>
  40 #ifdef __APPLE__
  41 #include <System/net/pfkeyv2.h>
  42 #else
  43 #include <net/pfkeyv2.h>
  44 #endif
  45 #include <netinet/in.h>
  46 #ifdef HAVE_NETINET6_IPSEC
  47 #  include <netinet6/ipsec.h>
  48 #else
  49 #  include <netinet/ipsec.h>
  50 #endif
  51
  52 #include <stdlib.h>
  53 #include <limits.h>
  54 #include <string.h>
  55 #include <unistd.h>
  56 #include <errno.h>
  57
  58 #include "libpfkey.h"
  59
  60 #if !defined(__NetBSD__) && !defined(__FreeBSD__) && !defined(__linux__)
  61 #include "y.tab.h"
  62 #else
  63 #include "policy_parse.h"
  64 #endif
  65 #define yylval __libipseclval   /* XXX */
  66
  67 int yylex __P((void));
  68 %}
  69
  70 %option noyywrap
  71 %option nounput
  72
  73 /* common section */
  74 nl              \n
  75 ws              [ \t]+
  76 digit           [0-9]
  77 hexdigit        [0-9A-Fa-f]
  78 special         [()+\|\?\*,]
  79 dot             \.
  80 comma           \,
  81 hyphen          \-
  82 colon           \:
  83 slash           \/
  84 bcl             \{
  85 ecl             \}
  86 blcl            \[
  87 elcl            \]
  88 percent         \%
  89 semi            \;
  90 plus    \+
  91 usec            {dot}{digit}{1,6}
  92 comment         \#.*
  93 ccomment        "/*"
  94 bracketstring   \<[^>]*\>
  95 quotedstring    \"[^"]*\"
  96 decstring       {digit}+
  97 hexpair         {hexdigit}{hexdigit}
  98 hexstring       0[xX]{hexdigit}+
  99 octetstring     {octet}({dot}{octet})+
 100 ipaddress       [a-zA-Z0-9:\._][a-zA-Z0-9:\._]*(%[a-zA-Z0-9]+)?
 101
 102 %%
 103
 104 in              { yylval.num = IPSEC_DIR_INBOUND; return(DIR); }
 105 out             { yylval.num = IPSEC_DIR_OUTBOUND; return(DIR); }
 106 fwd             {
 107 #ifdef HAVE_POLICY_FWD
 108                   yylval.num = IPSEC_DIR_FWD; return(DIR);
 109 #else
 110                   yylval.num = IPSEC_DIR_INBOUND; return(DIR);
 111 #endif
 112                 }
 113
 114 priority        { return(PRIORITY); }
 115 prio    { return(PRIORITY); }
 116 low     { yylval.num32 = PRIORITY_LOW; return(PRIO_BASE); }
 117 def { yylval.num32 = PRIORITY_DEFAULT; return(PRIO_BASE); }
 118 high    { yylval.num32 = PRIORITY_HIGH; return(PRIO_BASE); }
 119 {plus}  { return(PLUS); }
 120 {decstring}     {
 121                         yylval.val.len = strlen(yytext);
 122                         yylval.val.buf = yytext;
 123                         return(PRIO_OFFSET);
 124 }
 125
 126 discard         { yylval.num = IPSEC_POLICY_DISCARD; return(ACTION); }
 127 generate        { yylval.num = IPSEC_POLICY_GENERATE; return(ACTION); }
 128 none            { yylval.num = IPSEC_POLICY_NONE; return(ACTION); }
 129 ipsec           { yylval.num = IPSEC_POLICY_IPSEC; return(ACTION); }
 130 bypass          { yylval.num = IPSEC_POLICY_BYPASS; return(ACTION); }
 131 entrust         { yylval.num = IPSEC_POLICY_ENTRUST; return(ACTION); }
 132
 133 esp             { yylval.num = IPPROTO_ESP; return(PROTOCOL); }
 134 ah              { yylval.num = IPPROTO_AH; return(PROTOCOL); }
 135 ipcomp          { yylval.num = IPPROTO_IPCOMP; return(PROTOCOL); }
 136
 137 transport       { yylval.num = IPSEC_MODE_TRANSPORT; return(MODE); }
 138 tunnel          { yylval.num = IPSEC_MODE_TUNNEL; return(MODE); }
 139
 140 me              { return(ME); }
 141 any             { return(ANY); }
 142
 143 default         { yylval.num = IPSEC_LEVEL_DEFAULT; return(LEVEL); }
 144 use             { yylval.num = IPSEC_LEVEL_USE; return(LEVEL); }
 145 require         { yylval.num = IPSEC_LEVEL_REQUIRE; return(LEVEL); }
 146 unique{colon}{decstring} {
 147                         yylval.val.len = strlen(yytext + 7);
 148                         yylval.val.buf = yytext + 7;
 149                         return(LEVEL_SPECIFY);
 150                 }
 151 unique          { yylval.num = IPSEC_LEVEL_UNIQUE; return(LEVEL); }
 152 {slash}         { return(SLASH); }
 153
 154 {ipaddress}     {
 155                         yylval.val.len = strlen(yytext);
 156                         yylval.val.buf = yytext;
 157                         return(IPADDRESS);
 158                 }
 159
 160 {hyphen}        { return(HYPHEN); }
 161
 162 {blcl}{decstring}{elcl} {
 163                         /* Remove leading '[' and trailing ']' */
 164                         yylval.val.buf = yytext + 1;
 165                         yylval.val.len = strlen(yytext) - 2;
 166
 167                         return(PORT);
 168                 }
 169
 170 {ws}            { ; }
 171 {nl}            { ; }
 172
 173 %%
 174
 175 void __policy__strbuffer__init__ __P((char *));
 176 void __policy__strbuffer__free__ __P((void));
 177
 178 static YY_BUFFER_STATE strbuffer;
 179
 180 void
 181 __policy__strbuffer__init__(msg)
 182         char *msg;
 183 {
 184         if (YY_CURRENT_BUFFER)
 185                 yy_delete_buffer(YY_CURRENT_BUFFER);
 186         strbuffer = (YY_BUFFER_STATE)yy_scan_string(msg);
 187         yy_switch_to_buffer(strbuffer);
 188
 189         return;
 190 }
 191
 192 void
 193 __policy__strbuffer__free__()
 194 {
 195         yy_delete_buffer(strbuffer);
 196
 197         return;
 198 }