]> git.saurik.com Git - apple/ipsec.git/blob - ipsec-tools/libipsec/policy_token.l
ipsec-93.10.tar.gz
[apple/ipsec.git] / ipsec-tools / libipsec / policy_token.l
1 /* $Id: policy_token.l,v 1.10.4.1 2005/05/07 14:30:38 manubsd Exp $ */
2
3 /*
4 * Copyright (C) 1995, 1996, 1997, 1998, and 1999 WIDE Project.
5 * All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 * 3. Neither the name of the project nor the names of its contributors
16 * may be used to endorse or promote products derived from this software
17 * without specific prior written permission.
18 *
19 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
22 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29 * SUCH DAMAGE.
30 */
31
32 %{
33 #ifdef HAVE_CONFIG_H
34 #include "config.h"
35 #endif
36
37 #include <sys/types.h>
38 #include <sys/param.h>
39 #include <sys/socket.h>
40 #ifdef __APPLE__
41 #include <System/net/pfkeyv2.h>
42 #else
43 #include <net/pfkeyv2.h>
44 #endif
45 #include <netinet/in.h>
46 #ifdef HAVE_NETINET6_IPSEC
47 # include <netinet6/ipsec.h>
48 #else
49 # include <netinet/ipsec.h>
50 #endif
51
52 #include <stdlib.h>
53 #include <limits.h>
54 #include <string.h>
55 #include <unistd.h>
56 #include <errno.h>
57
58 #include "libpfkey.h"
59
60 #if !defined(__NetBSD__) && !defined(__FreeBSD__) && !defined(__linux__)
61 #include "y.tab.h"
62 #else
63 #include "policy_parse.h"
64 #endif
65 #define yylval __libipseclval /* XXX */
66
67 int yylex __P((void));
68 %}
69
70 %option noyywrap
71 %option nounput
72
73 /* common section */
74 nl \n
75 ws [ \t]+
76 digit [0-9]
77 hexdigit [0-9A-Fa-f]
78 special [()+\|\?\*,]
79 dot \.
80 comma \,
81 hyphen \-
82 colon \:
83 slash \/
84 bcl \{
85 ecl \}
86 blcl \[
87 elcl \]
88 percent \%
89 semi \;
90 plus \+
91 usec {dot}{digit}{1,6}
92 comment \#.*
93 ccomment "/*"
94 bracketstring \<[^>]*\>
95 quotedstring \"[^"]*\"
96 decstring {digit}+
97 hexpair {hexdigit}{hexdigit}
98 hexstring 0[xX]{hexdigit}+
99 octetstring {octet}({dot}{octet})+
100 ipaddress [a-zA-Z0-9:\._][a-zA-Z0-9:\._]*(%[a-zA-Z0-9]+)?
101
102 %%
103
104 in { yylval.num = IPSEC_DIR_INBOUND; return(DIR); }
105 out { yylval.num = IPSEC_DIR_OUTBOUND; return(DIR); }
106 fwd {
107 #ifdef HAVE_POLICY_FWD
108 yylval.num = IPSEC_DIR_FWD; return(DIR);
109 #else
110 yylval.num = IPSEC_DIR_INBOUND; return(DIR);
111 #endif
112 }
113
114 priority { return(PRIORITY); }
115 prio { return(PRIORITY); }
116 low { yylval.num32 = PRIORITY_LOW; return(PRIO_BASE); }
117 def { yylval.num32 = PRIORITY_DEFAULT; return(PRIO_BASE); }
118 high { yylval.num32 = PRIORITY_HIGH; return(PRIO_BASE); }
119 {plus} { return(PLUS); }
120 {decstring} {
121 yylval.val.len = strlen(yytext);
122 yylval.val.buf = yytext;
123 return(PRIO_OFFSET);
124 }
125
126 discard { yylval.num = IPSEC_POLICY_DISCARD; return(ACTION); }
127 generate { yylval.num = IPSEC_POLICY_GENERATE; return(ACTION); }
128 none { yylval.num = IPSEC_POLICY_NONE; return(ACTION); }
129 ipsec { yylval.num = IPSEC_POLICY_IPSEC; return(ACTION); }
130 bypass { yylval.num = IPSEC_POLICY_BYPASS; return(ACTION); }
131 entrust { yylval.num = IPSEC_POLICY_ENTRUST; return(ACTION); }
132
133 esp { yylval.num = IPPROTO_ESP; return(PROTOCOL); }
134 ah { yylval.num = IPPROTO_AH; return(PROTOCOL); }
135 ipcomp { yylval.num = IPPROTO_IPCOMP; return(PROTOCOL); }
136
137 transport { yylval.num = IPSEC_MODE_TRANSPORT; return(MODE); }
138 tunnel { yylval.num = IPSEC_MODE_TUNNEL; return(MODE); }
139
140 me { return(ME); }
141 any { return(ANY); }
142
143 default { yylval.num = IPSEC_LEVEL_DEFAULT; return(LEVEL); }
144 use { yylval.num = IPSEC_LEVEL_USE; return(LEVEL); }
145 require { yylval.num = IPSEC_LEVEL_REQUIRE; return(LEVEL); }
146 unique{colon}{decstring} {
147 yylval.val.len = strlen(yytext + 7);
148 yylval.val.buf = yytext + 7;
149 return(LEVEL_SPECIFY);
150 }
151 unique { yylval.num = IPSEC_LEVEL_UNIQUE; return(LEVEL); }
152 {slash} { return(SLASH); }
153
154 {ipaddress} {
155 yylval.val.len = strlen(yytext);
156 yylval.val.buf = yytext;
157 return(IPADDRESS);
158 }
159
160 {hyphen} { return(HYPHEN); }
161
162 {blcl}{decstring}{elcl} {
163 /* Remove leading '[' and trailing ']' */
164 yylval.val.buf = yytext + 1;
165 yylval.val.len = strlen(yytext) - 2;
166
167 return(PORT);
168 }
169
170 {ws} { ; }
171 {nl} { ; }
172
173 %%
174
175 void __policy__strbuffer__init__ __P((char *));
176 void __policy__strbuffer__free__ __P((void));
177
178 static YY_BUFFER_STATE strbuffer;
179
180 void
181 __policy__strbuffer__init__(msg)
182 char *msg;
183 {
184 if (YY_CURRENT_BUFFER)
185 yy_delete_buffer(YY_CURRENT_BUFFER);
186 strbuffer = (YY_BUFFER_STATE)yy_scan_string(msg);
187 yy_switch_to_buffer(strbuffer);
188
189 return;
190 }
191
192 void
193 __policy__strbuffer__free__()
194 {
195 yy_delete_buffer(strbuffer);
196
197 return;
198 }