//%%% BUG FIX - 2 missing include files when not using
// the bison files
+#ifdef HAVE_OPENSSL
#include <openssl/bn.h>
#include <openssl/rsa.h>
-
+#endif
+
#include "var.h"
#include "misc.h"
#include "vmbuf.h"
#include "gcmalloc.h"
#endif
-#ifdef __APPLE__
#include "y.tab.h"
-#else
-#include "cfparse.h"
-#endif
int yyerrorcount = 0;
#if defined(YIPS_DEBUG)
-# define YYDB plog(LLV_DEBUG2, LOCATION, NULL, \
+# define YYDB plog(ASL_LEVEL_DEBUG, \
"begin <%d>%s\n", yy_start, yytext);
# define YYD { \
- plog(LLV_DEBUG2, LOCATION, NULL, "<%d>%s", \
- yy_start, loglevel >= LLV_DEBUG2 ? "\n" : ""); \
+ plog(ASL_LEVEL_DEBUG, "<%d>%s", \
+ yy_start, loglevel >= ASL_LEVEL_DEBUG ? "\n" : ""); \
}
#else
# define YYDB
}
%}
- /* privsep */
-<S_INI>privsep { BEGIN S_PRIV; YYDB; return(PRIVSEP); }
-<S_PRIV>{bcl} { return(BOC); }
-<S_PRIV>user { YYD; return(USER); }
-<S_PRIV>group { YYD; return(GROUP); }
-<S_PRIV>chroot { YYD; return(CHROOT); }
-<S_PRIV>{ecl} { BEGIN S_INI; return(EOC); }
/* path */
<S_INI>path { BEGIN S_PTH; YYDB; return(PATH); }
return(PATHTYPE); }
<S_PTH>certificate { YYD; yylval.num = LC_PATHTYPE_CERT;
return(PATHTYPE); }
-<S_PTH>script { YYD; yylval.num = LC_PATHTYPE_SCRIPT;
- return(PATHTYPE); }
-<S_PTH>backupsa { YYD; yylval.num = LC_PATHTYPE_BACKUPSA;
- return(PATHTYPE); }
<S_PTH>pidfile { YYD; yylval.num = LC_PATHTYPE_PIDFILE;
return(PATHTYPE); }
<S_PTH>logfile { YYD; yylval.num = LC_PATHTYPE_LOGFILE;
<S_INI>include { YYDB; return(INCLUDE); }
/* self information */
-<S_INI>identifier { BEGIN S_INF; YYDB; yywarn("it is obsoleted. use \"my_identifier\" in each remote directives."); return(IDENTIFIER); }
+<S_INI>identifier { BEGIN S_INF; YYDB; racoon_yywarn("it is obsoleted. use \"my_identifier\" in each remote directives."); return(IDENTIFIER); }
<S_INF>{semi} { BEGIN S_INI; return(EOS); }
/* special */
/* logging */
<S_INI>log { BEGIN S_LOG; YYDB; return(LOGGING); }
-<S_LOG>error { YYD; yylval.num = LLV_ERROR; return(LOGLEV); }
-<S_LOG>warning { YYD; yylval.num = LLV_WARNING; return(LOGLEV); }
-<S_LOG>notify { YYD; yylval.num = LLV_NOTIFY; return(LOGLEV); }
-<S_LOG>info { YYD; yylval.num = LLV_INFO; return(LOGLEV); }
-<S_LOG>debug { YYD; yylval.num = LLV_DEBUG; return(LOGLEV); }
-<S_LOG>debug2 { YYD; yylval.num = LLV_DEBUG2; return(LOGLEV); }
-<S_LOG>debug3 { YYD; yywarn("it is obsoleted. use \"debug2\""); yylval.num = LLV_DEBUG2; return(LOGLEV); }
-<S_LOG>debug4 { YYD; yywarn("it is obsoleted. use \"debug2\""); yylval.num = LLV_DEBUG2; return(LOGLEV); }
+<S_LOG>error { YYD; yylval.num = ASL_LEVEL_ERR; return(LOGLEV); }
+<S_LOG>warning { YYD; yylval.num = ASL_LEVEL_WARNING; return(LOGLEV); }
+<S_LOG>notify { YYD; yylval.num = ASL_LEVEL_NOTICE; return(LOGLEV); }
+<S_LOG>info { YYD; yylval.num = ASL_LEVEL_INFO; return(LOGLEV); }
+<S_LOG>debug { YYD; yylval.num = ASL_LEVEL_DEBUG; return(LOGLEV); }
+<S_LOG>debug2 { YYD; yylval.num = ASL_LEVEL_DEBUG; return(LOGLEV); }
+<S_LOG>debug3 { YYD; racoon_yywarn("it is obsoleted. use \"debug2\""); yylval.num = ASL_LEVEL_DEBUG; return(LOGLEV); }
+<S_LOG>debug4 { YYD; racoon_yywarn("it is obsoleted. use \"debug2\""); yylval.num = ASL_LEVEL_DEBUG; return(LOGLEV); }
<S_LOG>{semi} { BEGIN S_INI; return(EOS); }
/* padding */
<S_SAINFS>{ecl} { BEGIN S_INI; return(EOC); }
<S_SAINFS>pfs_group { YYD; return(PFS_GROUP); }
<S_SAINFS>remoteid { YYD; return(REMOTEID); }
-<S_SAINFS>identifier { YYD; yywarn("it is obsoleted. use \"my_identifier\"."); return(IDENTIFIER); }
+<S_SAINFS>identifier { YYD; racoon_yywarn("it is obsoleted. use \"my_identifier\"."); return(IDENTIFIER); }
<S_SAINFS>my_identifier { YYD; return(MY_IDENTIFIER); }
<S_SAINFS>lifetime { YYD; return(LIFETIME); }
<S_SAINFS>time { YYD; return(LIFETYPE_TIME); }
<S_RMTS>{ecl} { BEGIN S_INI; return(EOC); }
<S_RMTS>exchange_mode { YYD; return(EXCHANGE_MODE); }
<S_RMTS>{comma} { YYD; /* XXX ignored, but to be handled. */ ; }
-<S_RMTS>base { YYD; yylval.num = ISAKMP_ETYPE_BASE; return(EXCHANGETYPE); }
<S_RMTS>main { YYD; yylval.num = ISAKMP_ETYPE_IDENT; return(EXCHANGETYPE); }
<S_RMTS>aggressive { YYD; yylval.num = ISAKMP_ETYPE_AGG; return(EXCHANGETYPE); }
<S_RMTS>doi { YYD; return(DOI); }
<S_RMTS>ipsec_doi { YYD; yylval.num = IPSEC_DOI; return(DOITYPE); }
<S_RMTS>situation { YYD; return(SITUATION); }
+<S_RMTS>ike_version { YYD; return(IKE_VERSION); }
<S_RMTS>identity_only { YYD; yylval.num = IPSECDOI_SIT_IDENTITY_ONLY; return(SITUATIONTYPE); }
<S_RMTS>secrecy { YYD; yylval.num = IPSECDOI_SIT_SECRECY; return(SITUATIONTYPE); }
<S_RMTS>integrity { YYD; yylval.num = IPSECDOI_SIT_INTEGRITY; return(SITUATIONTYPE); }
-<S_RMTS>identifier { YYD; yywarn("it is obsoleted. use \"my_identifier\"."); return(IDENTIFIER); }
+<S_RMTS>identifier { YYD; racoon_yywarn("it is obsoleted. use \"my_identifier\"."); return(IDENTIFIER); }
<S_RMTS>my_identifier { YYD; return(MY_IDENTIFIER); }
<S_RMTS>xauth_login { YYD; return(XAUTH_LOGIN); /* formerly identifier type login */ }
<S_RMTS>peers_identifier { YYD; return(PEERS_IDENTIFIER); }
<S_RMTS>verify_identifier { YYD; return(VERIFY_IDENTIFIER); }
+<S_RMTS>local_address { YYD; return(LOCAL_ADDRESS); }
<S_RMTS>certificate_type { YYD; return(CERTIFICATE_TYPE); }
<S_RMTS>ca_type { YYD; return(CA_TYPE); }
<S_RMTS>x509 { YYD; yylval.num = ISAKMP_CERT_X509SIGN; return(CERT_X509); }
-<S_RMTS>plain_rsa { YYD; yylval.num = ISAKMP_CERT_PLAINRSA; return(CERT_PLAINRSA); }
+<S_RMTS>plain_rsa {
+ racoon_yyerror("plainrsa not supported.");
+}
<S_RMTS>open_dir_auth_group {
-#if defined(__APPLE__) && HAVE_OPENDIR
+#if HAVE_OPENDIR
YYD;
return(OPEN_DIR_AUTH_GROUP);
#else
- yyerror("Apple specific features not compiled in.");
+ racoon_yyerror("Apple specific features not compiled in.");
#endif
}
<S_RMTS>shared_secret {
-#ifdef __APPLE__
YYD;
return(SHARED_SECRET);
-#else
- yyerror("Apple specific features not compiled in.");
-#endif
}
<S_RMTS>in_keychain {
-#ifdef __APPLE__
YYD;
return(IN_KEYCHAIN);
-#else
- yyerror("Apple specific features not compiled in.");
-#endif
}
<S_RMTS>certificate_verification {
-#ifdef __APPLE__
YYD;
return(CERTIFICATE_VERIFICATION);
-#else
- yyerror("Apple specific features not compiled in.");
-#endif
}
<S_RMTS>peers_certfile { YYD; return(PEERS_CERTFILE); }
<S_RMTS>dnssec { YYD; return(DNSSEC); }
<S_RMTS>dh_group { YYD; return(DH_GROUP); }
<S_RMTS>nonce_size { YYD; return(NONCE_SIZE); }
<S_RMTS>generate_policy { YYD; return(GENERATE_POLICY); }
-<S_RMTS>support_mip6 { YYD; yywarn("it is obsoleted. use \"support_proxy\"."); return(SUPPORT_PROXY); }
+<S_RMTS>support_mip6 { YYD; racoon_yywarn("it is obsoleted. use \"support_proxy\"."); return(SUPPORT_PROXY); }
<S_RMTS>support_proxy { YYD; return(SUPPORT_PROXY); }
<S_RMTS>initial_contact { YYD; return(INITIAL_CONTACT); }
<S_RMTS>nat_traversal { YYD; return(NAT_TRAVERSAL); }
<S_RMTS>force { YYD; yylval.num = NATT_FORCE; return(NAT_TRAVERSAL_LEVEL); }
<S_RMTS>nat_traversal_multi_user {
-#ifdef __APPLE__
YYD;
return(NAT_TRAVERSAL_MULTI_USER);
-#else
- yyerror("Apple specific features not compiled in.");
-#endif
}
<S_RMTS>nat_traversal_keepalive {
-#ifdef __APPLE__
YYD;
return(NAT_TRAVERSAL_KEEPALIVE);
-#else
- yyerror("Apple specific features not compiled in.");
-#endif
}
<S_RMTS>proposal_check { YYD; return(PROPOSAL_CHECK); }
<S_RMTS>obey { YYD; yylval.num = PROP_CHECK_OBEY; return(PROPOSAL_CHECK_LEVEL); }
<S_RMTS>idle_direction { YYD; return(IDLE_DIRECTION); }
<S_RMTS>ike_frag { YYD; return(IKE_FRAG); }
<S_RMTS>esp_frag { YYD; return(ESP_FRAG); }
-<S_RMTS>script { YYD; return(SCRIPT); }
-<S_RMTS>phase1_up { YYD; return(PHASE1_UP); }
-<S_RMTS>phase1_down { YYD; return(PHASE1_DOWN); }
<S_RMTS>mode_cfg { YYD; return(MODE_CFG); }
<S_RMTS>weak_phase1_check { YYD; return(WEAK_PHASE1_CHECK); }
/* remote proposal */
yytext++;
yylval.val = vmalloc(yyleng + 1);
if (yylval.val == NULL) {
- yyerror("vmalloc failed");
+ racoon_yyerror("vmalloc failed");
return -1;
}
memcpy(yylval.val->v, yytext, yylval.val->l);
rijndael { YYD; yylval.num = algtype_aes; return(ALGORITHMTYPE); }
twofish { YYD; yylval.num = algtype_twofish; return(ALGORITHMTYPE); }
non_auth { YYD; yylval.num = algtype_non_auth; return(ALGORITHMTYPE); }
-hmac_md5 { YYD; yylval.num = algtype_hmac_md5; return(ALGORITHMTYPE); }
-hmac_sha1 { YYD; yylval.num = algtype_hmac_sha1; return(ALGORITHMTYPE); }
+hmac_md5 { YYD; yylval.num = algtype_hmac_md5_128; return(ALGORITHMTYPE); }
+hmac_sha1 { YYD; yylval.num = algtype_hmac_sha1_160; return(ALGORITHMTYPE); }
hmac_sha2_256 { YYD; yylval.num = algtype_hmac_sha2_256; return(ALGORITHMTYPE); }
hmac_sha256 { YYD; yylval.num = algtype_hmac_sha2_256; return(ALGORITHMTYPE); }
hmac_sha2_384 { YYD; yylval.num = algtype_hmac_sha2_384; return(ALGORITHMTYPE); }
hmac_sha384 { YYD; yylval.num = algtype_hmac_sha2_384; return(ALGORITHMTYPE); }
hmac_sha2_512 { YYD; yylval.num = algtype_hmac_sha2_512; return(ALGORITHMTYPE); }
hmac_sha512 { YYD; yylval.num = algtype_hmac_sha2_512; return(ALGORITHMTYPE); }
+hmac_md5_96 { YYD; yylval.num = algtype_hmac_md5_96; return(ALGORITHMTYPE); }
+hmac_sha1_96 { YYD; yylval.num = algtype_hmac_sha1_96; return(ALGORITHMTYPE); }
des_mac { YYD; yylval.num = algtype_des_mac; return(ALGORITHMTYPE); }
kpdk { YYD; yylval.num = algtype_kpdk; return(ALGORITHMTYPE); }
md5 { YYD; yylval.num = algtype_md5; return(ALGORITHMTYPE); }
#ifdef ENABLE_HYBRID
YYD; yylval.num = algtype_hybrid_rsa_s; return(ALGORITHMTYPE);
#else
- yyerror("racoon not configured with --enable-hybrid");
+ racoon_yyerror("racoon not configured with --enable-hybrid");
#endif
}
hybrid_dss_server {
#ifdef ENABLE_HYBRID
YYD; yylval.num = algtype_hybrid_dss_s; return(ALGORITHMTYPE);
#else
- yyerror("racoon not configured with --enable-hybrid");
+ racoon_yyerror("racoon not configured with --enable-hybrid");
#endif
}
hybrid_rsa_client {
#ifdef ENABLE_HYBRID
YYD; yylval.num = algtype_hybrid_rsa_c; return(ALGORITHMTYPE);
#else
- yyerror("racoon not configured with --enable-hybrid");
+ racoon_yyerror("racoon not configured with --enable-hybrid");
#endif
}
hybrid_dss_client {
#ifdef ENABLE_HYBRID
YYD; yylval.num = algtype_hybrid_dss_c; return(ALGORITHMTYPE);
#else
- yyerror("racoon not configured with --enable-hybrid");
+ racoon_yyerror("racoon not configured with --enable-hybrid");
#endif
}
#ifdef ENABLE_HYBRID
YYD; yylval.num = algtype_xauth_psk_s; return(ALGORITHMTYPE);
#else
- yyerror("racoon not configured with --enable-hybrid");
+ racoon_yyerror("racoon not configured with --enable-hybrid");
#endif
}
xauth_psk_client {
#ifdef ENABLE_HYBRID
YYD; yylval.num = algtype_xauth_psk_c; return(ALGORITHMTYPE);
#else
- yyerror("racoon not configured with --enable-hybrid");
+ racoon_yyerror("racoon not configured with --enable-hybrid");
#endif
}
xauth_rsa_server {
#ifdef ENABLE_HYBRID
YYD; yylval.num = algtype_xauth_rsa_s; return(ALGORITHMTYPE);
#else
- yyerror("racoon not configured with --enable-hybrid");
+ racoon_yyerror("racoon not configured with --enable-hybrid");
#endif
}
xauth_rsa_client {
#ifdef ENABLE_HYBRID
YYD; yylval.num = algtype_xauth_rsa_c; return(ALGORITHMTYPE);
#else
- yyerror("racoon not configured with --enable-hybrid");
+ racoon_yyerror("racoon not configured with --enable-hybrid");
#endif
}
+eap_psk_client {
+ #ifdef ENABLE_HYBRID
+ YYD; yylval.num = algtype_eap_psk_c; return(ALGORITHMTYPE);
+ #else
+ racoon_yyerror("racoon not configured with --enable-hybrid");
+ #endif
+}
+eap_rsa_client {
+ #ifdef ENABLE_HYBRID
+ YYD; yylval.num = algtype_eap_rsa_c; return(ALGORITHMTYPE);
+ #else
+ racoon_yyerror("racoon not configured with --enable-hybrid");
+ #endif
+}
/* identifier type */
-vendor_id { YYD; yywarn("it is obsoleted."); return(VENDORID); }
+vendor_id { YYD; racoon_yywarn("it is obsoleted."); return(VENDORID); }
user_fqdn { YYD; yylval.num = IDTYPE_USERFQDN; return(IDENTIFIERTYPE); }
fqdn { YYD; yylval.num = IDTYPE_FQDN; return(IDENTIFIERTYPE); }
keyid { YYD; yylval.num = IDTYPE_KEYID; return(IDENTIFIERTYPE); }
keyid_use {
-#ifdef __APPLE__
YYD;
yylval.num = IDTYPE_KEYIDUSE;
return(IDENTIFIERTYPE);
-#else
- yyerror("Apple specific features not compiled in.");
-#endif
}
address { YYD; yylval.num = IDTYPE_ADDRESS; return(IDENTIFIERTYPE); }
subnet { YYD; yylval.num = IDTYPE_SUBNET; return(IDENTIFIERTYPE); }
asn1dn { YYD; yylval.num = IDTYPE_ASN1DN; return(IDENTIFIERTYPE); }
-certname { YYD; yywarn("certname will be obsoleted in near future."); yylval.num = IDTYPE_ASN1DN; return(IDENTIFIERTYPE); }
+certname { YYD; racoon_yywarn("certname will be obsoleted in near future."); yylval.num = IDTYPE_ASN1DN; return(IDENTIFIERTYPE); }
/* shared secret type */
use {
-#ifdef __APPLE__
YYD;
yylval.num = SECRETTYPE_USE;
return(SECRETTYPE);
-#else
- yyerror("Apple specific features not compiled in.");
-#endif
}
key {
-#ifdef __APPLE__
YYD;
yylval.num = SECRETTYPE_KEY;
return(SECRETTYPE);
-#else
- yyerror("Apple specific features not compiled in.");
-#endif
}
keychain {
-#if defined(__APPLE__) && HAVE_KEYCHAIN
+#if HAVE_KEYCHAIN
YYD;
yylval.num = SECRETTYPE_KEYCHAIN;
return(SECRETTYPE);
#else
- yyerror("Apple specific features not compiled in.");
+ racoon_yyerror("Apple specific features not compiled in.");
#endif
}
keychain_by_id {
-#ifdef __APPLE__
YYD;
yylval.num = SECRETTYPE_KEYCHAIN_BY_ID;
return(SECRETTYPE);
-#else
- yyerror("Apple specific features not compiled in.");
-#endif
}
/* certificate verification */
openssl {
-#ifdef __APPLE__
YYD;
yylval.num = VERIFICATION_MODULE_OPENSSL;
return(VERIFICATION_MODULE);
-#else
- yyerror("Apple specific features not compiled in.");
-#endif
}
sec_framework {
-#ifdef __APPLE__
YYD;
yylval.num = VERIFICATION_MODULE_SEC_FRAMEWORK;
return(VERIFICATION_MODULE);
-#else
- yyerror("Apple specific features not compiled in.");
-#endif
}
use_open_dir {
-#ifdef __APPLE__
YYD;
yylval.num = VERIFICATION_OPTION_OPEN_DIR;
return(VERIFICATION_OPTION);
-#else
- yyerror("Apple specific features not compiled in.");
-#endif
}
use_peers_identifier {
-#ifdef __APPLE__
YYD;
yylval.num = VERIFICATION_OPTION_PEERS_IDENTIFIER;
return(VERIFICATION_OPTION);
-#else
- yyerror("Apple specific features not compiled in.");
-#endif
}
/* identifier qualifier */
YYD;
yylval.val = vmalloc(yyleng + (yyleng & 1) + 1);
if (yylval.val == NULL) {
- yyerror("vmalloc failed");
+ racoon_yyerror("vmalloc failed");
return -1;
}
yylval.val = vmalloc(yyleng - 1);
if (yylval.val == NULL) {
- yyerror("vmalloc failed");
+ racoon_yyerror("vmalloc failed");
return -1;
}
memcpy(yylval.val->v, &yytext[1], yylval.val->l);
yylval.val = vmalloc(yyleng + 1);
if (yylval.val == NULL) {
- yyerror("vmalloc failed");
+ racoon_yyerror("vmalloc failed");
return -1;
}
memcpy(yylval.val->v, yytext, yylval.val->l);
yy_delete_buffer(YY_CURRENT_BUFFER);
incstackp--;
nextfile:
- if (incstack[incstackp].matchon <
+ if (incstack[incstackp].matches.gl_pathc != 0 &&
+ incstack[incstackp].matches.gl_pathv &&
+ incstack[incstackp].matchon <
incstack[incstackp].matches.gl_pathc) {
char* filepath = incstack[incstackp].matches.gl_pathv[incstack[incstackp].matchon];
incstack[incstackp].matchon++;
%%
void
-yyerror(char *s, ...)
+yyerror(const char *msg)
{
- char fmt[512];
-
- va_list ap;
-#ifdef HAVE_STDARG_H
- va_start(ap, s);
-#else
- va_start(ap);
-#endif
- snprintf(fmt, sizeof(fmt), "%s:%d: \"%s\" %s\n",
- incstack[incstackp].path, incstack[incstackp].lineno,
- yytext, s);
- plogv(LLV_ERROR, LOCATION, NULL, fmt, &ap);
- va_end(ap);
-
+ plog(ASL_LEVEL_ERR, "%s:%d: %s\n", incstack[incstackp].path, incstack[incstackp].lineno, msg);
yyerrorcount++;
}
void
-yywarn(char *s, ...)
+yywarn(const char *msg)
{
- char fmt[512];
+ plog(ASL_LEVEL_ERR, "%s:%d: %s\n", incstack[incstackp].path, incstack[incstackp].lineno, msg);
+}
- va_list ap;
-#ifdef HAVE_STDARG_H
- va_start(ap, s);
-#else
- va_start(ap);
-#endif
- snprintf(fmt, sizeof(fmt), "%s:%d: \"%s\" %s\n",
- incstack[incstackp].path, incstack[incstackp].lineno,
- yytext, s);
- plogv(LLV_WARNING, LOCATION, NULL, fmt, &ap);
- va_end(ap);
+void
+racoon_yyerror(const char *fmt, ...)
+{
+ va_list ap;
+ char msg[512];
+
+ va_start(ap, fmt);
+ vsnprintf(msg, sizeof(msg), fmt, ap);
+ va_end(ap);
+
+ yyerror(msg);
+}
+
+void
+racoon_yywarn(const char *fmt, ...)
+{
+ va_list ap;
+ char msg[512];
+
+ va_start(ap, fmt);
+ vsnprintf(msg, sizeof(msg), fmt, ap);
+ va_end(ap);
+
+ yywarn(msg);
}
int
/* got the include file name */
if (incstackp >= MAX_INCLUDE_DEPTH) {
- plog(LLV_ERROR, LOCATION, NULL,
+ plog(ASL_LEVEL_ERR,
"Includes nested too deeply");
return -1;
}
if (glob(path, GLOB_TILDE, NULL, &incstack[incstackp].matches) != 0 ||
incstack[incstackp].matches.gl_pathc == 0) {
- plog(LLV_WARNING, LOCATION, NULL,
+ plog(ASL_LEVEL_WARNING,
"glob found no matches for path \"%s\"\n", path);
return 0;
}
if (yyin == NULL) {
fprintf(stderr, "failed to open file %s (%s)\n",
path, strerror(errno));
- plog(LLV_ERROR, LOCATION, NULL,
+ plog(ASL_LEVEL_ERR,
"failed to open file %s (%s)\n",
path, strerror(errno));
return -1;
incstack[incstackp].path = racoon_strdup(path);
STRDUP_FATAL(incstack[incstackp].path);
incstack[incstackp].lineno = 1;
- plog(LLV_DEBUG, LOCATION, NULL,
- "reading config file %s\n", path);
+ plog(ASL_LEVEL_DEBUG,
+ "reading configuration file %s\n", path);
return 0;
}
projects / apple / ipsec.git / blobdiff