ipsec-tools/setkey/token.l

   1 /*      $KAME: token.l,v 1.44 2003/10/21 07:20:58 itojun Exp $  */
   2
   3 /*
   4  * Copyright (C) 1995, 1996, 1997, 1998, and 1999 WIDE Project.
   5  * All rights reserved.
   6  *
   7  * Redistribution and use in source and binary forms, with or without
   8  * modification, are permitted provided that the following conditions
   9  * are met:
  10  * 1. Redistributions of source code must retain the above copyright
  11  *    notice, this list of conditions and the following disclaimer.
  12  * 2. Redistributions in binary form must reproduce the above copyright
  13  *    notice, this list of conditions and the following disclaimer in the
  14  *    documentation and/or other materials provided with the distribution.
  15  * 3. Neither the name of the project nor the names of its contributors
  16  *    may be used to endorse or promote products derived from this software
  17  *    without specific prior written permission.
  18  *
  19  * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
  20  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  21  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  22  * ARE DISCLAIMED.  IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
  23  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  24  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  25  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  26  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  27  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  28  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  29  * SUCH DAMAGE.
  30  */
  31
  32 %option noyywrap
  33 %{
  34
  35 #ifdef HAVE_CONFIG_H
  36 #include "config.h"
  37 #endif
  38
  39 #include <sys/types.h>
  40 #include <sys/param.h>
  41 #include <sys/socket.h>
  42 #ifdef __APPLE__
  43 #include <System/net/pfkeyv2.h>
  44 #else
  45 #include <net/pfkeyv2.h>
  46 #endif
  47 #include <netinet/in.h>
  48 #ifdef HAVE_NETINET6_IPSEC
  49 #  include <netinet6/ipsec.h>
  50 #else
  51 #  include <netinet/ipsec.h>
  52 #endif
  53
  54 #include <stdlib.h>
  55 #include <limits.h>
  56 #include <string.h>
  57 #include <unistd.h>
  58 #include <errno.h>
  59 #include <netdb.h>
  60
  61 #include "vchar.h"
  62 #if defined(__NetBSD__) || defined(__FreeBSD__) || defined(__linux__)
  63 #include "parse.h"
  64 #else
  65 #include "y.tab.h"
  66 #endif
  67
  68 #include "extern.h"
  69
  70 /* make the code compile on *BSD-current */
  71 #ifndef SADB_X_AALG_SHA2_256
  72 #define SADB_X_AALG_SHA2_256    (-1)
  73 #endif
  74 #ifndef SADB_X_AALG_SHA2_384
  75 #define SADB_X_AALG_SHA2_384    (-1)
  76 #endif
  77 #ifndef SADB_X_AALG_SHA2_512
  78 #define SADB_X_AALG_SHA2_512    (-1)
  79 #endif
  80 #ifndef SADB_X_AALG_RIPEMD160HMAC
  81 #define SADB_X_AALG_RIPEMD160HMAC       (-1)
  82 #endif
  83 #ifndef SADB_X_AALG_AES_XCBC_MAC
  84 #define SADB_X_AALG_AES_XCBC_MAC        (-1)
  85 #endif
  86 #ifndef SADB_X_EALG_TWOFISHCBC
  87 #define SADB_X_EALG_TWOFISHCBC  (-1)
  88 #endif
  89 #ifndef SADB_X_EALG_AESCTR
  90 #define SADB_X_EALG_AESCTR      (-1)
  91 #endif
  92 %}
  93
  94 /* common section */
  95 nl              \n
  96 ws              [ \t]+
  97 digit           [0-9]
  98 letter          [0-9A-Za-z]
  99 hexdigit        [0-9A-Fa-f]
 100 dot             \.
 101 hyphen          \-
 102 slash           \/
 103 blcl            \[
 104 elcl            \]
 105 semi            \;
 106 comment         \#.*
 107 quotedstring    \"[^"]*\"
 108 decstring       {digit}+
 109 hexstring       0[xX]{hexdigit}+
 110 ipaddress       [a-fA-F0-9:]([a-fA-F0-9:\.]*|[a-fA-F0-9:\.]*%[a-zA-Z0-9]*)
 111 ipaddrmask      {slash}{digit}{1,3}
 112 name            {letter}(({letter}|{digit}|{hyphen})*({letter}|{digit}))*
 113 hostname        {name}(({dot}{name})+{dot}?)?
 114
 115 %s S_PL S_AUTHALG S_ENCALG
 116
 117 %%
 118
 119 add             { return(ADD); }
 120 delete          { return(DELETE); }
 121 deleteall       { return(DELETEALL); }
 122 get             { return(GET); }
 123 flush           { return(FLUSH); }
 124 dump            { return(DUMP); }
 125 exit            { return(EXIT); }
 126 quit            { return(EXIT); }
 127 bye             { return(EXIT); }
 128
 129         /* for management SPD */
 130 spdadd          { return(SPDADD); }
 131 spddelete       { return(SPDDELETE); }
 132 spddump         { return(SPDDUMP); }
 133 spdflush        { return(SPDFLUSH); }
 134 tagged          { return(TAGGED); }
 135 {hyphen}P       { BEGIN S_PL; return(F_POLICY); }
 136 <S_PL>[a-zA-Z0-9:\.\-_/ \n\t][a-zA-Z0-9:\.%\-+_/ \n\t\]\[]* {
 137                         yymore();
 138
 139                         /* count up for nl */
 140                             {
 141                                 char *p;
 142                                 for (p = yytext; *p != '\0'; p++)
 143                                         if (*p == '\n')
 144                                                 lineno++;
 145                             }
 146
 147                         yylval.val.len = strlen(yytext);
 148                         yylval.val.buf = strdup(yytext);
 149                         if (!yylval.val.buf)
 150                                 yyfatal("insufficient memory");
 151
 152                         return(PL_REQUESTS);
 153                 }
 154 <S_PL>{semi}    { BEGIN INITIAL; return(EOT); }
 155
 156         /* address resolution flags */
 157 {hyphen}[n46][n46]*     {
 158                         yylval.val.len = strlen(yytext);
 159                         yylval.val.buf = strdup(yytext);
 160                         if (!yylval.val.buf)
 161                                 yyfatal("insufficient memory");
 162                         return(F_AIFLAGS);
 163                 }
 164
 165         /* security protocols */
 166 ah              { yylval.num = 0; return(PR_AH); }
 167 esp             { yylval.num = 0; return(PR_ESP); }
 168 ah-old          { yylval.num = 1; return(PR_AH); }
 169 esp-old         { yylval.num = 1; return(PR_ESP); }
 170 esp-udp         { yylval.num = 0; return(PR_ESPUDP); }
 171 ipcomp          { yylval.num = 0; return(PR_IPCOMP); }
 172 tcp             {
 173                         yylval.num = 0; return(PR_TCP);
 174                 }
 175
 176         /* authentication alogorithm */
 177 {hyphen}A       { BEGIN S_AUTHALG; return(F_AUTH); }
 178 <S_AUTHALG>hmac-md5     { yylval.num = SADB_AALG_MD5HMAC; BEGIN INITIAL; return(ALG_AUTH); }
 179 <S_AUTHALG>hmac-sha1    { yylval.num = SADB_AALG_SHA1HMAC; BEGIN INITIAL; return(ALG_AUTH); }
 180 <S_AUTHALG>keyed-md5    { yylval.num = SADB_X_AALG_MD5; BEGIN INITIAL; return(ALG_AUTH); }
 181 <S_AUTHALG>keyed-sha1   { yylval.num = SADB_X_AALG_SHA; BEGIN INITIAL; return(ALG_AUTH); }
 182 <S_AUTHALG>hmac-sha2-256 { yylval.num = SADB_X_AALG_SHA2_256; BEGIN INITIAL; return(ALG_AUTH); }
 183 <S_AUTHALG>hmac-sha256 { yylval.num = SADB_X_AALG_SHA2_256; BEGIN INITIAL; return(ALG_AUTH); }
 184 <S_AUTHALG>hmac-sha2-384 { yylval.num = SADB_X_AALG_SHA2_384; BEGIN INITIAL; return(ALG_AUTH); }
 185 <S_AUTHALG>hmac-sha384 { yylval.num = SADB_X_AALG_SHA2_384; BEGIN INITIAL; return(ALG_AUTH); }
 186 <S_AUTHALG>hmac-sha2-512 { yylval.num = SADB_X_AALG_SHA2_512; BEGIN INITIAL; return(ALG_AUTH); }
 187 <S_AUTHALG>hmac-sha512 { yylval.num = SADB_X_AALG_SHA2_512; BEGIN INITIAL; return(ALG_AUTH); }
 188 <S_AUTHALG>hmac-ripemd160 { yylval.num = SADB_X_AALG_RIPEMD160HMAC; BEGIN INITIAL; return(ALG_AUTH); }
 189 <S_AUTHALG>aes-xcbc-mac { yylval.num = SADB_X_AALG_AES_XCBC_MAC; BEGIN INITIAL; return(ALG_AUTH); }
 190 <S_AUTHALG>tcp-md5      {
 191 #ifdef SADB_X_AALG_TCP_MD5
 192                                 yylval.num = SADB_X_AALG_TCP_MD5;
 193                                 BEGIN INITIAL;
 194                                 return(ALG_AUTH);
 195 #endif
 196                         }
 197 <S_AUTHALG>null { yylval.num = SADB_X_AALG_NULL; BEGIN INITIAL; return(ALG_AUTH_NOKEY); }
 198
 199         /* encryption alogorithm */
 200 {hyphen}E       { BEGIN S_ENCALG; return(F_ENC); }
 201 <S_ENCALG>des-cbc       { yylval.num = SADB_EALG_DESCBC; BEGIN INITIAL; return(ALG_ENC); }
 202 <S_ENCALG>3des-cbc      { yylval.num = SADB_EALG_3DESCBC; BEGIN INITIAL; return(ALG_ENC); }
 203 <S_ENCALG>null          { yylval.num = SADB_EALG_NULL; BEGIN INITIAL; return(ALG_ENC_NOKEY); }
 204 <S_ENCALG>simple        { yylval.num = SADB_EALG_NULL; BEGIN INITIAL; return(ALG_ENC_OLD); }
 205 <S_ENCALG>blowfish-cbc  { yylval.num = SADB_X_EALG_BLOWFISHCBC; BEGIN INITIAL; return(ALG_ENC); }
 206 <S_ENCALG>cast128-cbc   { yylval.num = SADB_X_EALG_CAST128CBC; BEGIN INITIAL; return(ALG_ENC); }
 207 <S_ENCALG>des-deriv     { yylval.num = SADB_EALG_DESCBC; BEGIN INITIAL; return(ALG_ENC_DESDERIV); }
 208 <S_ENCALG>des-32iv      { yylval.num = SADB_EALG_DESCBC; BEGIN INITIAL; return(ALG_ENC_DES32IV); }
 209 <S_ENCALG>twofish-cbc   { yylval.num = SADB_X_EALG_TWOFISHCBC; BEGIN INITIAL; return(ALG_ENC); }
 210 <S_ENCALG>aes-cbc       {
 211 #ifdef SADB_X_EALG_AESCBC
 212         yylval.num = SADB_X_EALG_AESCBC; BEGIN INITIAL; return(ALG_ENC);
 213 #endif
 214 }
 215 <S_ENCALG>rijndael-cbc  {
 216 #ifdef SADB_X_EALG_AESCBC
 217         yylval.num = SADB_X_EALG_AESCBC; BEGIN INITIAL; return(ALG_ENC);
 218 #endif
 219 }
 220 <S_ENCALG>aes-ctr       { yylval.num = SADB_X_EALG_AESCTR; BEGIN INITIAL; return(ALG_ENC); }
 221
 222         /* compression algorithms */
 223 {hyphen}C       { return(F_COMP); }
 224 oui             { yylval.num = SADB_X_CALG_OUI; return(ALG_COMP); }
 225 deflate         { yylval.num = SADB_X_CALG_DEFLATE; return(ALG_COMP); }
 226 lzs             { yylval.num = SADB_X_CALG_LZS; return(ALG_COMP); }
 227 {hyphen}R       { return(F_RAWCPI); }
 228
 229         /* extension */
 230 {hyphen}m       { return(F_MODE); }
 231 transport       { yylval.num = IPSEC_MODE_TRANSPORT; return(MODE); }
 232 tunnel          { yylval.num = IPSEC_MODE_TUNNEL; return(MODE); }
 233 {hyphen}u       { return(F_REQID); }
 234 {hyphen}f       { return(F_EXT); }
 235 random-pad      { yylval.num = SADB_X_EXT_PRAND; return(EXTENSION); }
 236 seq-pad         { yylval.num = SADB_X_EXT_PSEQ; return(EXTENSION); }
 237 zero-pad        { yylval.num = SADB_X_EXT_PZERO; return(EXTENSION); }
 238 nocyclic-seq    { return(NOCYCLICSEQ); }
 239 {hyphen}r       { return(F_REPLAY); }
 240 {hyphen}lh      { return(F_LIFETIME_HARD); }
 241 {hyphen}ls      { return(F_LIFETIME_SOFT); }
 242 {hyphen}bh      { return(F_LIFEBYTE_HARD); }
 243 {hyphen}bs      { return(F_LIFEBYTE_SOFT); }
 244
 245         /* ... */
 246 any             { return(ANY); }
 247 {ws}            { }
 248 {nl}            { lineno++; }
 249 {comment}
 250 {semi}          { return(EOT); }
 251
 252         /* for address parameters: /prefix, [port] */
 253 {slash}         { return SLASH; }
 254 {blcl}          { return BLCL; }
 255 {elcl}          { return ELCL; }
 256
 257         /* parameter */
 258 {decstring}     {
 259                         char *bp;
 260
 261                         yylval.ulnum = strtoul(yytext, &bp, 10);
 262                         return(DECSTRING);
 263                 }
 264
 265 {hexstring}     {
 266                         yylval.val.buf = strdup(yytext + 2);
 267                         if (!yylval.val.buf)
 268                                 yyfatal("insufficient memory");
 269                         yylval.val.len = strlen(yylval.val.buf);
 270
 271                         return(HEXSTRING);
 272                 }
 273
 274 {quotedstring}  {
 275                         char *p = yytext;
 276                         while (*++p != '"') ;
 277                         *p = '\0';
 278                         yytext++;
 279                         yylval.val.len = yyleng - 2;
 280                         yylval.val.buf = strdup(yytext);
 281                         if (!yylval.val.buf)
 282                                 yyfatal("insufficient memory");
 283
 284                         return(QUOTEDSTRING);
 285                 }
 286
 287 [A-Za-z0-9:][A-Za-z0-9:%\.-]* {
 288                         yylval.val.len = yyleng;
 289                         yylval.val.buf = strdup(yytext);
 290                         if (!yylval.val.buf)
 291                                 yyfatal("insufficient memory");
 292                         return(STRING);
 293                 }
 294
 295 [0-9,]+ {
 296                         yylval.val.len = yyleng;
 297                         yylval.val.buf = strdup(yytext);
 298                         if (!yylval.val.buf)
 299                                 yyfatal("insufficient memory");
 300                         return(STRING);
 301                 }
 302
 303 .               {
 304                         yyfatal("Syntax error");
 305                         /*NOTREACHED*/
 306                 }
 307
 308 %%
 309
 310 void
 311 yyfatal(s)
 312         const char *s;
 313 {
 314         yyerror(s);
 315         exit(1);
 316 }
 317
 318 void
 319 yyerror(s)
 320         const char *s;
 321 {
 322         printf("line %d: %s at [%s]\n", lineno, s, yytext);
 323 }
 324
 325 int
 326 parse(fp)
 327         FILE **fp;
 328 {
 329         yyin = *fp;
 330
 331         lineno = 1;
 332         parse_init();
 333
 334         if (yyparse()) {
 335                 printf("parse failed, line %d.\n", lineno);
 336                 return(-1);
 337         }
 338
 339         return(0);
 340 }
 341
 342 int
 343 parse_string (char *src)
 344 {
 345         int             result;
 346         YY_BUFFER_STATE buf_state;
 347
 348         buf_state = yy_scan_string(src);
 349         result = yyparse();
 350         yy_delete_buffer(buf_state);
 351         return result;
 352 }
 353