1 /* A Bison parser, made by GNU Bison 1.875. */
3 /* Skeleton parser for Yacc-like parsing with Bison,
4 Copyright (C) 1984, 1989, 1990, 2000, 2001, 2002 Free Software Foundation, Inc.
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 2, or (at your option)
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program; if not, write to the Free Software
18 Foundation, Inc., 59 Temple Place - Suite 330,
19 Boston, MA 02111-1307, USA. */
21 /* As a special exception, when this file is copied by Bison into a
22 Bison output file, you may use that output file without restriction.
23 This special exception was added by the Free Software Foundation
24 in version 1.24 of Bison. */
26 /* Written by Richard Stallman by simplifying the original so called
27 ``semantic'' parser. */
29 /* All symbols defined below should begin with yy or YY, to avoid
30 infringing on user name space. This should be done even for local
31 variables, as they might otherwise be expanded by user macros.
32 There are some unavoidable exceptions within include files to
33 define necessary library symbols; they are noted "INFRINGES ON
34 USER NAME SPACE" below. */
36 /* Identify Bison output. */
40 #define YYSKELETON_NAME "yacc.c"
45 /* Using locations. */
46 #define YYLSP_NEEDED 0
48 /* If NAME_PREFIX is specified substitute the variables and functions
50 #define yyparse __libipsecparse
51 #define yylex __libipseclex
52 #define yyerror __libipsecerror
53 #define yylval __libipseclval
54 #define yychar __libipsecchar
55 #define yydebug __libipsecdebug
56 #define yynerrs __libipsecnerrs
62 /* Put the tokens into the symbol table, so that GDB and other debuggers
86 #define PRIO_OFFSET 262
91 #define LEVEL_SPECIFY 267
101 /* Copy the first part of user declarations. */
102 #line 63 "policy_parse.y"
108 #include <sys/types.h>
109 #include <sys/param.h>
110 #include <sys/socket.h>
112 #include <netinet/in.h>
113 #ifdef HAVE_NETINET6_IPSEC
114 # include <netinet6/ipsec.h>
116 # include <netinet/ipsec.h>
128 #include "ipsec_strerror.h"
129 #include "libpfkey.h"
132 #define INT32_MAX (0xffffffff)
136 #define INT32_MIN (-INT32_MAX-1)
140 (isdigit(c) ? (c - '0') : (isupper(c) ? (c - 'A' + 10) : (c - 'a' + 10) ))
142 static u_int8_t *pbuf = NULL; /* sadb_x_policy buffer */
143 static int tlen = 0; /* total length of pbuf */
144 static int offset = 0; /* offset of pbuf */
145 static int p_dir, p_type, p_protocol, p_mode, p_level, p_reqid;
146 static u_int32_t p_priority = 0;
147 static long p_priority_offset = 0;
148 static struct sockaddr *p_src = NULL;
149 static struct sockaddr *p_dst = NULL;
152 extern void yyerror __P((char *msg));
153 static struct sockaddr *parse_sockaddr __P((struct _val *buf));
154 static int rule_check __P((void));
155 static int init_x_policy __P((void));
156 static int set_x_request __P((struct sockaddr *src, struct sockaddr *dst));
157 static int set_sockaddr __P((struct sockaddr *addr));
158 static void policy_parse_request_init __P((void));
159 static caddr_t policy_parse __P((char *msg, int msglen));
161 extern void __policy__strbuffer__init__ __P((char *msg));
162 extern void __policy__strbuffer__free__ __P((void));
163 extern int yyparse __P((void));
164 extern int yylex __P((void));
166 extern char *__libipsectext; /*XXX*/
170 /* Enabling traces. */
175 /* Enabling verbose error messages. */
176 #ifdef YYERROR_VERBOSE
177 # undef YYERROR_VERBOSE
178 # define YYERROR_VERBOSE 1
180 # define YYERROR_VERBOSE 0
183 #if ! defined (YYSTYPE) && ! defined (YYSTYPE_IS_DECLARED)
184 #line 130 "policy_parse.y"
185 typedef union YYSTYPE {
193 /* Line 191 of yacc.c. */
194 #line 194 "policy_parse.c"
195 # define yystype YYSTYPE /* obsolescent; will be withdrawn */
196 # define YYSTYPE_IS_DECLARED 1
197 # define YYSTYPE_IS_TRIVIAL 1
202 /* Copy the second part of user declarations. */
205 /* Line 214 of yacc.c. */
206 #line 206 "policy_parse.c"
208 #if ! defined (yyoverflow) || YYERROR_VERBOSE
210 /* The parser invokes alloca or malloc; define the necessary symbols. */
212 # if YYSTACK_USE_ALLOCA
213 # define YYSTACK_ALLOC alloca
215 # ifndef YYSTACK_USE_ALLOCA
216 # if defined (alloca) || defined (_ALLOCA_H)
217 # define YYSTACK_ALLOC alloca
220 # define YYSTACK_ALLOC __builtin_alloca
226 # ifdef YYSTACK_ALLOC
227 /* Pacify GCC's `empty if-body' warning. */
228 # define YYSTACK_FREE(Ptr) do { /* empty */; } while (0)
230 # if defined (__STDC__) || defined (__cplusplus)
231 # include <stdlib.h> /* INFRINGES ON USER NAME SPACE */
232 # define YYSIZE_T size_t
234 # define YYSTACK_ALLOC malloc
235 # define YYSTACK_FREE free
237 #endif /* ! defined (yyoverflow) || YYERROR_VERBOSE */
240 #if (! defined (yyoverflow) \
241 && (! defined (__cplusplus) \
242 || (YYSTYPE_IS_TRIVIAL)))
244 /* A type that is properly aligned for any stack member. */
251 /* The size of the maximum gap between one aligned stack and the next. */
252 # define YYSTACK_GAP_MAXIMUM (sizeof (union yyalloc) - 1)
254 /* The size of an array large to enough to hold all stacks, each with
256 # define YYSTACK_BYTES(N) \
257 ((N) * (sizeof (short) + sizeof (YYSTYPE)) \
258 + YYSTACK_GAP_MAXIMUM)
260 /* Copy COUNT objects from FROM to TO. The source and destination do
264 # define YYCOPY(To, From, Count) \
265 __builtin_memcpy (To, From, (Count) * sizeof (*(From)))
267 # define YYCOPY(To, From, Count) \
270 register YYSIZE_T yyi; \
271 for (yyi = 0; yyi < (Count); yyi++) \
272 (To)[yyi] = (From)[yyi]; \
278 /* Relocate STACK from its old location to the new one. The
279 local variables YYSIZE and YYSTACKSIZE give the old and new number of
280 elements in the stack, and YYPTR gives the new location of the
281 stack. Advance YYPTR to a properly aligned location for the next
283 # define YYSTACK_RELOCATE(Stack) \
286 YYSIZE_T yynewbytes; \
287 YYCOPY (&yyptr->Stack, Stack, yysize); \
288 Stack = &yyptr->Stack; \
289 yynewbytes = yystacksize * sizeof (*Stack) + YYSTACK_GAP_MAXIMUM; \
290 yyptr += yynewbytes / sizeof (*yyptr); \
296 #if defined (__STDC__) || defined (__cplusplus)
297 typedef signed char yysigned_char;
299 typedef short yysigned_char;
302 /* YYFINAL -- State number of the termination state. */
304 /* YYLAST -- Last index in YYTABLE. */
307 /* YYNTOKENS -- Number of terminals. */
309 /* YYNNTS -- Number of nonterminals. */
311 /* YYNRULES -- Number of rules. */
313 /* YYNRULES -- Number of states. */
316 /* YYTRANSLATE(YYLEX) -- Bison symbol number corresponding to YYLEX. */
318 #define YYMAXUTOK 272
320 #define YYTRANSLATE(YYX) \
321 ((unsigned int) (YYX) <= YYMAXUTOK ? yytranslate[YYX] : YYUNDEFTOK)
323 /* YYTRANSLATE[YYLEX] -- Bison symbol number corresponding to YYLEX. */
324 static const unsigned char yytranslate[] =
326 0, 2, 2, 2, 2, 2, 2, 2, 2, 2,
327 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
328 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
329 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
330 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
331 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
332 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
333 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
334 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
335 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
336 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
337 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
338 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
339 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
340 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
341 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
342 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
343 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
344 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
345 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
346 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
347 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
348 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
349 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
350 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
351 2, 2, 2, 2, 2, 2, 1, 2, 3, 4,
352 5, 6, 7, 8, 9, 10, 11, 12, 13, 14,
357 /* YYPRHS[YYN] -- Index of the first RHS symbol of rule number YYN in
359 static const unsigned char yyprhs[] =
361 0, 0, 3, 4, 9, 10, 17, 18, 26, 27,
362 34, 35, 44, 45, 54, 56, 57, 60, 68, 75,
363 81, 86, 93, 97, 100, 102, 104, 106, 108, 110,
367 /* YYRHS -- A `-1'-separated list of the rules' RHS. */
368 static const yysigned_char yyrhs[] =
370 19, 0, -1, -1, 3, 8, 20, 26, -1, -1,
371 3, 4, 7, 8, 21, 26, -1, -1, 3, 4,
372 17, 7, 8, 22, 26, -1, -1, 3, 4, 6,
373 8, 23, 26, -1, -1, 3, 4, 6, 5, 7,
374 8, 24, 26, -1, -1, 3, 4, 6, 17, 7,
375 8, 25, 26, -1, 3, -1, -1, 26, 27, -1,
376 28, 16, 29, 16, 31, 16, 30, -1, 28, 16,
377 29, 16, 31, 16, -1, 28, 16, 29, 16, 31,
378 -1, 28, 16, 29, 16, -1, 28, 16, 29, 16,
379 16, 30, -1, 28, 16, 29, -1, 28, 16, -1,
380 28, -1, 9, -1, 10, -1, 11, -1, 12, -1,
381 -1, 13, 32, 17, 13, -1, 14, 17, 15, -1,
385 /* YYRLINE[YYN] -- source line where rule number YYN was defined. */
386 static const unsigned short yyrline[] =
388 0, 152, 152, 151, 167, 166, 203, 202, 225, 224,
389 236, 235, 258, 257, 279, 291, 293, 305, 306, 307,
390 308, 309, 310, 311, 315, 322, 326, 330, 334, 341,
395 #if YYDEBUG || YYERROR_VERBOSE
396 /* YYTNME[SYMBOL-NUM] -- String name of the symbol SYMBOL-NUM.
397 First, the terminals, then, starting at YYNTOKENS, nonterminals. */
398 static const char *const yytname[] =
400 "$end", "error", "$undefined", "DIR", "PRIORITY", "PLUS", "PRIO_BASE",
401 "PRIO_OFFSET", "ACTION", "PROTOCOL", "MODE", "LEVEL", "LEVEL_SPECIFY",
402 "IPADDRESS", "ME", "ANY", "SLASH", "HYPHEN", "$accept", "policy_spec",
403 "@1", "@2", "@3", "@4", "@5", "@6", "rules", "rule", "protocol", "mode",
404 "level", "addresses", "@7", 0
409 /* YYTOKNUM[YYLEX-NUM] -- Internal token number corresponding to
411 static const unsigned short yytoknum[] =
413 0, 256, 257, 258, 259, 260, 261, 262, 263, 264,
414 265, 266, 267, 268, 269, 270, 271, 272
418 /* YYR1[YYN] -- Symbol number of symbol that rule YYN derives. */
419 static const unsigned char yyr1[] =
421 0, 18, 20, 19, 21, 19, 22, 19, 23, 19,
422 24, 19, 25, 19, 19, 26, 26, 27, 27, 27,
423 27, 27, 27, 27, 27, 28, 29, 30, 30, 32,
427 /* YYR2[YYN] -- Number of symbols composing right hand side of rule YYN. */
428 static const unsigned char yyr2[] =
430 0, 2, 0, 4, 0, 6, 0, 7, 0, 6,
431 0, 8, 0, 8, 1, 0, 2, 7, 6, 5,
432 4, 6, 3, 2, 1, 1, 1, 1, 1, 0,
436 /* YYDEFACT[STATE-NAME] -- Default rule to reduce with in state
437 STATE-NUM when YYTABLE doesn't specify something else to do. Zero
438 means the default is an error. */
439 static const unsigned char yydefact[] =
441 0, 14, 0, 0, 2, 1, 0, 0, 0, 15,
442 0, 8, 0, 4, 0, 3, 0, 15, 0, 15,
443 6, 25, 16, 24, 10, 9, 12, 5, 15, 23,
444 15, 15, 7, 26, 22, 11, 13, 20, 29, 0,
445 0, 0, 19, 0, 0, 0, 27, 28, 21, 18,
449 /* YYDEFGOTO[NTERM-NUM]. */
450 static const yysigned_char yydefgoto[] =
452 -1, 2, 9, 19, 28, 17, 30, 31, 15, 22,
456 /* YYPACT[STATE-NUM] -- Index in YYTABLE of the portion describing
458 #define YYPACT_NINF -19
459 static const yysigned_char yypact[] =
461 7, -3, 4, 1, -19, -19, -2, 15, 2, -19,
462 17, -19, 18, -19, 19, 3, 20, -19, 21, -19,
463 -19, -19, -19, 10, -19, 3, -19, 3, -19, 22,
464 -19, -19, 3, -19, 14, 3, 3, 6, -19, 16,
465 23, 5, 25, 26, 24, 28, -19, -19, -19, 5,
466 31, -19, -19, -19, -19
469 /* YYPGOTO[NTERM-NUM]. */
470 static const yysigned_char yypgoto[] =
472 -19, -19, -19, -19, -19, -19, -19, -19, -17, -19,
473 -19, -19, -18, -19, -19
476 /* YYTABLE[YYPACT[STATE-NUM]]. What to do in state STATE-NUM. If
477 positive, shift that token. If negative, reduce the rule which
478 number is the opposite. If zero, do what YYDEFACT says.
479 If YYTABLE_NINF, syntax error. */
480 #define YYTABLE_NINF -1
481 static const unsigned char yytable[] =
483 25, 3, 27, 10, 5, 4, 11, 6, 7, 14,
484 1, 32, 21, 35, 36, 12, 46, 47, 8, 38,
485 39, 40, 41, 13, 16, 18, 29, 20, 24, 26,
486 37, 53, 33, 44, 0, 0, 0, 0, 0, 51,
490 static const yysigned_char yycheck[] =
492 17, 4, 19, 5, 0, 8, 8, 6, 7, 7,
493 3, 28, 9, 30, 31, 17, 11, 12, 17, 13,
494 14, 15, 16, 8, 7, 7, 16, 8, 8, 8,
495 16, 49, 10, 17, -1, -1, -1, -1, -1, 15,
499 /* YYSTOS[STATE-NUM] -- The (internal number of the) accessing
500 symbol of state STATE-NUM. */
501 static const unsigned char yystos[] =
503 0, 3, 19, 4, 8, 0, 6, 7, 17, 20,
504 5, 8, 17, 8, 7, 26, 7, 23, 7, 21,
505 8, 9, 27, 28, 8, 26, 8, 26, 22, 16,
506 24, 25, 26, 10, 29, 26, 26, 16, 13, 14,
507 15, 16, 31, 32, 17, 17, 11, 12, 30, 16,
511 #if ! defined (YYSIZE_T) && defined (__SIZE_TYPE__)
512 # define YYSIZE_T __SIZE_TYPE__
514 #if ! defined (YYSIZE_T) && defined (size_t)
515 # define YYSIZE_T size_t
517 #if ! defined (YYSIZE_T)
518 # if defined (__STDC__) || defined (__cplusplus)
519 # include <stddef.h> /* INFRINGES ON USER NAME SPACE */
520 # define YYSIZE_T size_t
523 #if ! defined (YYSIZE_T)
524 # define YYSIZE_T unsigned int
527 #define yyerrok (yyerrstatus = 0)
528 #define yyclearin (yychar = YYEMPTY)
532 #define YYACCEPT goto yyacceptlab
533 #define YYABORT goto yyabortlab
534 #define YYERROR goto yyerrlab1
536 /* Like YYERROR except do call yyerror. This remains here temporarily
537 to ease the transition to the new meaning of YYERROR, for GCC.
538 Once GCC version 2 has supplanted version 1, this can go. */
540 #define YYFAIL goto yyerrlab
542 #define YYRECOVERING() (!!yyerrstatus)
544 #define YYBACKUP(Token, Value) \
546 if (yychar == YYEMPTY && yylen == 1) \
550 yytoken = YYTRANSLATE (yychar); \
556 yyerror ("syntax error: cannot back up");\
562 #define YYERRCODE 256
564 /* YYLLOC_DEFAULT -- Compute the default location (before the actions
567 #ifndef YYLLOC_DEFAULT
568 # define YYLLOC_DEFAULT(Current, Rhs, N) \
569 Current.first_line = Rhs[1].first_line; \
570 Current.first_column = Rhs[1].first_column; \
571 Current.last_line = Rhs[N].last_line; \
572 Current.last_column = Rhs[N].last_column;
575 /* YYLEX -- calling `yylex' with the right arguments. */
578 # define YYLEX yylex (YYLEX_PARAM)
580 # define YYLEX yylex ()
583 /* Enable debugging if requested. */
587 # include <stdio.h> /* INFRINGES ON USER NAME SPACE */
588 # define YYFPRINTF fprintf
591 # define YYDPRINTF(Args) \
597 # define YYDSYMPRINT(Args) \
603 # define YYDSYMPRINTF(Title, Token, Value, Location) \
607 YYFPRINTF (stderr, "%s ", Title); \
608 yysymprint (stderr, \
610 YYFPRINTF (stderr, "\n"); \
614 /*------------------------------------------------------------------.
615 | yy_stack_print -- Print the state stack from its BOTTOM up to its |
617 `------------------------------------------------------------------*/
619 #if defined (__STDC__) || defined (__cplusplus)
621 yy_stack_print (short *bottom, short *top)
624 yy_stack_print (bottom, top)
629 YYFPRINTF (stderr, "Stack now");
630 for (/* Nothing. */; bottom <= top; ++bottom)
631 YYFPRINTF (stderr, " %d", *bottom);
632 YYFPRINTF (stderr, "\n");
635 # define YY_STACK_PRINT(Bottom, Top) \
638 yy_stack_print ((Bottom), (Top)); \
642 /*------------------------------------------------.
643 | Report that the YYRULE is going to be reduced. |
644 `------------------------------------------------*/
646 #if defined (__STDC__) || defined (__cplusplus)
648 yy_reduce_print (int yyrule)
651 yy_reduce_print (yyrule)
656 unsigned int yylineno = yyrline[yyrule];
657 YYFPRINTF (stderr, "Reducing stack by rule %d (line %u), ",
658 yyrule - 1, yylineno);
659 /* Print the symbols being reduced, and their result. */
660 for (yyi = yyprhs[yyrule]; 0 <= yyrhs[yyi]; yyi++)
661 YYFPRINTF (stderr, "%s ", yytname [yyrhs[yyi]]);
662 YYFPRINTF (stderr, "-> %s\n", yytname [yyr1[yyrule]]);
665 # define YY_REDUCE_PRINT(Rule) \
668 yy_reduce_print (Rule); \
671 /* Nonzero means print parse trace. It is left uninitialized so that
672 multiple parsers can coexist. */
675 # define YYDPRINTF(Args)
676 # define YYDSYMPRINT(Args)
677 # define YYDSYMPRINTF(Title, Token, Value, Location)
678 # define YY_STACK_PRINT(Bottom, Top)
679 # define YY_REDUCE_PRINT(Rule)
680 #endif /* !YYDEBUG */
683 /* YYINITDEPTH -- initial size of the parser's stacks. */
685 # define YYINITDEPTH 200
688 /* YYMAXDEPTH -- maximum size the stacks can grow to (effective only
689 if the built-in stack extension method is used).
691 Do not make this value too large; the results are undefined if
692 SIZE_MAX < YYSTACK_BYTES (YYMAXDEPTH)
693 evaluated with infinite-precision integer arithmetic. */
700 # define YYMAXDEPTH 10000
708 # if defined (__GLIBC__) && defined (_STRING_H)
709 # define yystrlen strlen
711 /* Return the length of YYSTR. */
713 # if defined (__STDC__) || defined (__cplusplus)
714 yystrlen (const char *yystr)
720 register const char *yys = yystr;
722 while (*yys++ != '\0')
725 return yys - yystr - 1;
731 # if defined (__GLIBC__) && defined (_STRING_H) && defined (_GNU_SOURCE)
732 # define yystpcpy stpcpy
734 /* Copy YYSRC to YYDEST, returning the address of the terminating '\0' in
737 # if defined (__STDC__) || defined (__cplusplus)
738 yystpcpy (char *yydest, const char *yysrc)
740 yystpcpy (yydest, yysrc)
745 register char *yyd = yydest;
746 register const char *yys = yysrc;
748 while ((*yyd++ = *yys++) != '\0')
756 #endif /* !YYERROR_VERBOSE */
761 /*--------------------------------.
762 | Print this symbol on YYOUTPUT. |
763 `--------------------------------*/
765 #if defined (__STDC__) || defined (__cplusplus)
767 yysymprint (FILE *yyoutput, int yytype, YYSTYPE *yyvaluep)
770 yysymprint (yyoutput, yytype, yyvaluep)
776 /* Pacify ``unused variable'' warnings. */
779 if (yytype < YYNTOKENS)
781 YYFPRINTF (yyoutput, "token %s (", yytname[yytype]);
783 YYPRINT (yyoutput, yytoknum[yytype], *yyvaluep);
787 YYFPRINTF (yyoutput, "nterm %s (", yytname[yytype]);
794 YYFPRINTF (yyoutput, ")");
797 #endif /* ! YYDEBUG */
798 /*-----------------------------------------------.
799 | Release the memory associated to this symbol. |
800 `-----------------------------------------------*/
802 #if defined (__STDC__) || defined (__cplusplus)
804 yydestruct (int yytype, YYSTYPE *yyvaluep)
807 yydestruct (yytype, yyvaluep)
812 /* Pacify ``unused variable'' warnings. */
824 /* Prevent warnings from -Wmissing-prototypes. */
827 # if defined (__STDC__) || defined (__cplusplus)
828 int yyparse (void *YYPARSE_PARAM);
832 #else /* ! YYPARSE_PARAM */
833 #if defined (__STDC__) || defined (__cplusplus)
838 #endif /* ! YYPARSE_PARAM */
842 /* The lookahead symbol. */
845 /* The semantic value of the lookahead symbol. */
848 /* Number of syntax errors so far. */
858 # if defined (__STDC__) || defined (__cplusplus)
859 int yyparse (void *YYPARSE_PARAM)
861 int yyparse (YYPARSE_PARAM)
864 #else /* ! YYPARSE_PARAM */
865 #if defined (__STDC__) || defined (__cplusplus)
876 register int yystate;
879 /* Number of tokens to shift before error messages enabled. */
881 /* Lookahead token as an internal (translated) token number. */
884 /* Three stacks and their tools:
885 `yyss': related to states,
886 `yyvs': related to semantic values,
887 `yyls': related to locations.
889 Refer to the stacks thru separate pointers, to allow yyoverflow
890 to reallocate them elsewhere. */
892 /* The state stack. */
893 short yyssa[YYINITDEPTH];
895 register short *yyssp;
897 /* The semantic value stack. */
898 YYSTYPE yyvsa[YYINITDEPTH];
899 YYSTYPE *yyvs = yyvsa;
900 register YYSTYPE *yyvsp;
904 #define YYPOPSTACK (yyvsp--, yyssp--)
906 YYSIZE_T yystacksize = YYINITDEPTH;
908 /* The variables used to return semantic value and location from the
913 /* When reducing, the number of symbols on the RHS of the reduced
917 YYDPRINTF ((stderr, "Starting parse\n"));
922 yychar = YYEMPTY; /* Cause a token to be read. */
924 /* Initialize stack pointers.
925 Waste one element of value and location stack
926 so that they stay on the same level as the state stack.
927 The wasted elements are never initialized. */
934 /*------------------------------------------------------------.
935 | yynewstate -- Push a new state, which is found in yystate. |
936 `------------------------------------------------------------*/
938 /* In all cases, when you get here, the value and location stacks
939 have just been pushed. so pushing a state here evens the stacks.
946 if (yyss + yystacksize - 1 <= yyssp)
948 /* Get the current used size of the three stacks, in elements. */
949 YYSIZE_T yysize = yyssp - yyss + 1;
953 /* Give user a chance to reallocate the stack. Use copies of
954 these so that the &'s don't force the real ones into
956 YYSTYPE *yyvs1 = yyvs;
960 /* Each stack pointer address is followed by the size of the
961 data in use in that stack, in bytes. This used to be a
962 conditional around just the two extra args, but that might
963 be undefined if yyoverflow is a macro. */
964 yyoverflow ("parser stack overflow",
965 &yyss1, yysize * sizeof (*yyssp),
966 &yyvs1, yysize * sizeof (*yyvsp),
973 #else /* no yyoverflow */
974 # ifndef YYSTACK_RELOCATE
977 /* Extend the stack our own way. */
978 if (YYMAXDEPTH <= yystacksize)
981 if (YYMAXDEPTH < yystacksize)
982 yystacksize = YYMAXDEPTH;
986 union yyalloc *yyptr =
987 (union yyalloc *) YYSTACK_ALLOC (YYSTACK_BYTES (yystacksize));
990 YYSTACK_RELOCATE (yyss);
991 YYSTACK_RELOCATE (yyvs);
993 # undef YYSTACK_RELOCATE
995 YYSTACK_FREE (yyss1);
998 #endif /* no yyoverflow */
1000 yyssp = yyss + yysize - 1;
1001 yyvsp = yyvs + yysize - 1;
1004 YYDPRINTF ((stderr, "Stack size increased to %lu\n",
1005 (unsigned long int) yystacksize));
1007 if (yyss + yystacksize - 1 <= yyssp)
1011 YYDPRINTF ((stderr, "Entering state %d\n", yystate));
1020 /* Do appropriate processing given the current state. */
1021 /* Read a lookahead token if we need one and don't already have one. */
1024 /* First try to decide what to do without reference to lookahead token. */
1026 yyn = yypact[yystate];
1027 if (yyn == YYPACT_NINF)
1030 /* Not known => get a lookahead token if don't already have one. */
1032 /* YYCHAR is either YYEMPTY or YYEOF or a valid lookahead symbol. */
1033 if (yychar == YYEMPTY)
1035 YYDPRINTF ((stderr, "Reading a token: "));
1039 if (yychar <= YYEOF)
1041 yychar = yytoken = YYEOF;
1042 YYDPRINTF ((stderr, "Now at end of input.\n"));
1046 yytoken = YYTRANSLATE (yychar);
1047 YYDSYMPRINTF ("Next token is", yytoken, &yylval, &yylloc);
1050 /* If the proper action on seeing token YYTOKEN is to reduce or to
1051 detect an error, take that action. */
1053 if (yyn < 0 || YYLAST < yyn || yycheck[yyn] != yytoken)
1058 if (yyn == 0 || yyn == YYTABLE_NINF)
1067 /* Shift the lookahead token. */
1068 YYDPRINTF ((stderr, "Shifting token %s, ", yytname[yytoken]));
1070 /* Discard the token being shifted unless it is eof. */
1071 if (yychar != YYEOF)
1077 /* Count tokens shifted since error; after three, turn off error
1086 /*-----------------------------------------------------------.
1087 | yydefault -- do the default action for the current state. |
1088 `-----------------------------------------------------------*/
1090 yyn = yydefact[yystate];
1096 /*-----------------------------.
1097 | yyreduce -- Do a reduction. |
1098 `-----------------------------*/
1100 /* yyn is the number of a rule to reduce with. */
1103 /* If YYLEN is nonzero, implement the default value of the action:
1106 Otherwise, the following line sets YYVAL to garbage.
1107 This behavior is undocumented and Bison
1108 users should not rely upon it. Assigning to YYVAL
1109 unconditionally makes the parser a bit smaller, and it avoids a
1110 GCC warning that YYVAL may be used uninitialized. */
1111 yyval = yyvsp[1-yylen];
1114 YY_REDUCE_PRINT (yyn);
1118 #line 152 "policy_parse.y"
1120 p_dir = yyvsp[-1].num;
1121 p_type = yyvsp[0].num;
1123 #ifdef HAVE_PFKEY_POLICY_PRIORITY
1124 p_priority = PRIORITY_DEFAULT;
1129 if (init_x_policy())
1135 #line 167 "policy_parse.y"
1139 p_dir = yyvsp[-3].num;
1140 p_type = yyvsp[0].num;
1142 /* buffer big enough to hold a prepended negative sign */
1143 offset_buf = malloc(yyvsp[-1].val.len + 2);
1144 if (offset_buf == NULL)
1146 __ipsec_errcode = EIPSEC_NO_BUFS;
1150 /* positive input value means higher priority, therefore lower
1151 actual value so that is closer to the beginning of the list */
1152 sprintf (offset_buf, "-%s", yyvsp[-1].val.buf);
1155 p_priority_offset = atol(offset_buf);
1159 if (errno != 0 || p_priority_offset < INT32_MIN)
1161 __ipsec_errcode = EIPSEC_INVAL_PRIORITY_OFFSET;
1165 p_priority = PRIORITY_DEFAULT + (u_int32_t) p_priority_offset;
1167 if (init_x_policy())
1173 #line 203 "policy_parse.y"
1175 p_dir = yyvsp[-4].num;
1176 p_type = yyvsp[0].num;
1179 p_priority_offset = atol(yyvsp[-1].val.buf);
1181 if (errno != 0 || p_priority_offset > INT32_MAX)
1183 __ipsec_errcode = EIPSEC_INVAL_PRIORITY_OFFSET;
1187 /* negative input value means lower priority, therefore higher
1188 actual value so that is closer to the end of the list */
1189 p_priority = PRIORITY_DEFAULT + (u_int32_t) p_priority_offset;
1191 if (init_x_policy())
1197 #line 225 "policy_parse.y"
1199 p_dir = yyvsp[-3].num;
1200 p_type = yyvsp[0].num;
1202 p_priority = yyvsp[-1].num32;
1204 if (init_x_policy())
1210 #line 236 "policy_parse.y"
1212 p_dir = yyvsp[-5].num;
1213 p_type = yyvsp[0].num;
1216 p_priority_offset = atol(yyvsp[-1].val.buf);
1218 if (errno != 0 || p_priority_offset > PRIORITY_OFFSET_NEGATIVE_MAX)
1220 __ipsec_errcode = EIPSEC_INVAL_PRIORITY_BASE_OFFSET;
1224 /* adding value means higher priority, therefore lower
1225 actual value so that is closer to the beginning of the list */
1226 p_priority = yyvsp[-3].num32 - (u_int32_t) p_priority_offset;
1228 if (init_x_policy())
1234 #line 258 "policy_parse.y"
1236 p_dir = yyvsp[-5].num;
1237 p_type = yyvsp[0].num;
1240 p_priority_offset = atol(yyvsp[-1].val.buf);
1242 if (errno != 0 || p_priority_offset > PRIORITY_OFFSET_POSITIVE_MAX)
1244 __ipsec_errcode = EIPSEC_INVAL_PRIORITY_BASE_OFFSET;
1248 /* subtracting value means lower priority, therefore higher
1249 actual value so that is closer to the end of the list */
1250 p_priority = yyvsp[-3].num32 + (u_int32_t) p_priority_offset;
1252 if (init_x_policy())
1258 #line 280 "policy_parse.y"
1260 p_dir = yyvsp[0].num;
1261 p_type = 0; /* ignored it by kernel */
1265 if (init_x_policy())
1271 #line 293 "policy_parse.y"
1273 if (rule_check() < 0)
1276 if (set_x_request(p_src, p_dst) < 0)
1279 policy_parse_request_init();
1284 #line 311 "policy_parse.y"
1286 __ipsec_errcode = EIPSEC_FEW_ARGUMENTS;
1292 #line 315 "policy_parse.y"
1294 __ipsec_errcode = EIPSEC_FEW_ARGUMENTS;
1300 #line 322 "policy_parse.y"
1301 { p_protocol = yyvsp[0].num; }
1305 #line 326 "policy_parse.y"
1306 { p_mode = yyvsp[0].num; }
1310 #line 330 "policy_parse.y"
1312 p_level = yyvsp[0].num;
1318 #line 334 "policy_parse.y"
1320 p_level = IPSEC_LEVEL_UNIQUE;
1321 p_reqid = atol(yyvsp[0].val.buf); /* atol() is good. */
1326 #line 341 "policy_parse.y"
1328 p_src = parse_sockaddr(&yyvsp[0].val);
1335 #line 347 "policy_parse.y"
1337 p_dst = parse_sockaddr(&yyvsp[0].val);
1344 #line 352 "policy_parse.y"
1346 if (p_dir != IPSEC_DIR_OUTBOUND) {
1347 __ipsec_errcode = EIPSEC_INVAL_DIR;
1354 #line 358 "policy_parse.y"
1356 if (p_dir != IPSEC_DIR_INBOUND) {
1357 __ipsec_errcode = EIPSEC_INVAL_DIR;
1366 /* Line 991 of yacc.c. */
1367 #line 1367 "policy_parse.c"
1373 YY_STACK_PRINT (yyss, yyssp);
1378 /* Now `shift' the result of the reduction. Determine what state
1379 that goes to, based on the state we popped back to and the rule
1380 number reduced by. */
1384 yystate = yypgoto[yyn - YYNTOKENS] + *yyssp;
1385 if (0 <= yystate && yystate <= YYLAST && yycheck[yystate] == *yyssp)
1386 yystate = yytable[yystate];
1388 yystate = yydefgoto[yyn - YYNTOKENS];
1393 /*------------------------------------.
1394 | yyerrlab -- here on detecting error |
1395 `------------------------------------*/
1397 /* If not already recovering from an error, report this error. */
1402 yyn = yypact[yystate];
1404 if (YYPACT_NINF < yyn && yyn < YYLAST)
1406 YYSIZE_T yysize = 0;
1407 int yytype = YYTRANSLATE (yychar);
1412 /* Start YYX at -YYN if negative to avoid negative indexes in
1414 for (yyx = yyn < 0 ? -yyn : 0;
1415 yyx < (int) (sizeof (yytname) / sizeof (char *)); yyx++)
1416 if (yycheck[yyx + yyn] == yyx && yyx != YYTERROR)
1417 yysize += yystrlen (yytname[yyx]) + 15, yycount++;
1418 yysize += yystrlen ("syntax error, unexpected ") + 1;
1419 yysize += yystrlen (yytname[yytype]);
1420 yymsg = (char *) YYSTACK_ALLOC (yysize);
1423 char *yyp = yystpcpy (yymsg, "syntax error, unexpected ");
1424 yyp = yystpcpy (yyp, yytname[yytype]);
1429 for (yyx = yyn < 0 ? -yyn : 0;
1430 yyx < (int) (sizeof (yytname) / sizeof (char *));
1432 if (yycheck[yyx + yyn] == yyx && yyx != YYTERROR)
1434 const char *yyq = ! yycount ? ", expecting " : " or ";
1435 yyp = yystpcpy (yyp, yyq);
1436 yyp = yystpcpy (yyp, yytname[yyx]);
1441 YYSTACK_FREE (yymsg);
1444 yyerror ("syntax error; also virtual memory exhausted");
1447 #endif /* YYERROR_VERBOSE */
1448 yyerror ("syntax error");
1453 if (yyerrstatus == 3)
1455 /* If just tried and failed to reuse lookahead token after an
1456 error, discard it. */
1458 /* Return failure if at end of input. */
1459 if (yychar == YYEOF)
1461 /* Pop the error token. */
1463 /* Pop the rest of the stack. */
1464 while (yyss < yyssp)
1466 YYDSYMPRINTF ("Error: popping", yystos[*yyssp], yyvsp, yylsp);
1467 yydestruct (yystos[*yyssp], yyvsp);
1473 YYDSYMPRINTF ("Error: discarding", yytoken, &yylval, &yylloc);
1474 yydestruct (yytoken, &yylval);
1479 /* Else will try to reuse lookahead token after shifting the error
1484 /*----------------------------------------------------.
1485 | yyerrlab1 -- error raised explicitly by an action. |
1486 `----------------------------------------------------*/
1489 /* Suppress GCC warning that yyerrlab1 is unused when no action
1491 #if defined (__GNUC_MINOR__) && 2093 <= (__GNUC__ * 1000 + __GNUC_MINOR__) \
1492 && !defined __cplusplus
1493 __attribute__ ((__unused__))
1500 /*---------------------------------------------------------------.
1501 | yyerrlab2 -- pop states until the error token can be shifted. |
1502 `---------------------------------------------------------------*/
1504 yyerrstatus = 3; /* Each real token shifted decrements this. */
1508 yyn = yypact[yystate];
1509 if (yyn != YYPACT_NINF)
1512 if (0 <= yyn && yyn <= YYLAST && yycheck[yyn] == YYTERROR)
1520 /* Pop the current state because it cannot handle the error token. */
1524 YYDSYMPRINTF ("Error: popping", yystos[*yyssp], yyvsp, yylsp);
1525 yydestruct (yystos[yystate], yyvsp);
1529 YY_STACK_PRINT (yyss, yyssp);
1535 YYDPRINTF ((stderr, "Shifting error token, "));
1544 /*-------------------------------------.
1545 | yyacceptlab -- YYACCEPT comes here. |
1546 `-------------------------------------*/
1551 /*-----------------------------------.
1552 | yyabortlab -- YYABORT comes here. |
1553 `-----------------------------------*/
1559 /*----------------------------------------------.
1560 | yyoverflowlab -- parser overflow comes here. |
1561 `----------------------------------------------*/
1563 yyerror ("parser stack overflow");
1571 YYSTACK_FREE (yyss);
1577 #line 369 "policy_parse.y"
1584 fprintf(stderr, "libipsec: %s while parsing \"%s\"\n",
1585 msg, __libipsectext);
1590 static struct sockaddr *
1594 struct addrinfo hints, *res;
1597 struct sockaddr *newaddr = NULL;
1599 memset(&hints, 0, sizeof(hints));
1600 hints.ai_family = PF_UNSPEC;
1601 hints.ai_flags = AI_NUMERICHOST;
1602 error = getaddrinfo(buf->buf, serv, &hints, &res);
1604 yyerror("invalid IP address");
1605 __ipsec_set_strerror(gai_strerror(error));
1609 if (res->ai_addr == NULL) {
1610 yyerror("invalid IP address");
1611 __ipsec_set_strerror(gai_strerror(error));
1615 newaddr = malloc(res->ai_addrlen);
1616 if (newaddr == NULL) {
1617 __ipsec_errcode = EIPSEC_NO_BUFS;
1621 memcpy(newaddr, res->ai_addr, res->ai_addrlen);
1625 __ipsec_errcode = EIPSEC_NO_ERROR;
1632 if (p_type == IPSEC_POLICY_IPSEC) {
1633 if (p_protocol == IPPROTO_IP) {
1634 __ipsec_errcode = EIPSEC_NO_PROTO;
1638 if (p_mode != IPSEC_MODE_TRANSPORT
1639 && p_mode != IPSEC_MODE_TUNNEL) {
1640 __ipsec_errcode = EIPSEC_INVAL_MODE;
1644 if (p_src == NULL && p_dst == NULL) {
1645 if (p_mode != IPSEC_MODE_TRANSPORT) {
1646 __ipsec_errcode = EIPSEC_INVAL_ADDRESS;
1650 else if (p_src->sa_family != p_dst->sa_family) {
1651 __ipsec_errcode = EIPSEC_FAMILY_MISMATCH;
1656 __ipsec_errcode = EIPSEC_NO_ERROR;
1663 struct sadb_x_policy *p;
1669 pbuf = malloc(sizeof(struct sadb_x_policy));
1671 __ipsec_errcode = EIPSEC_NO_BUFS;
1674 tlen = sizeof(struct sadb_x_policy);
1676 memset(pbuf, 0, tlen);
1677 p = (struct sadb_x_policy *)pbuf;
1678 p->sadb_x_policy_len = 0; /* must update later */
1679 p->sadb_x_policy_exttype = SADB_X_EXT_POLICY;
1680 p->sadb_x_policy_type = p_type;
1681 p->sadb_x_policy_dir = p_dir;
1682 p->sadb_x_policy_id = 0;
1683 #ifdef HAVE_PFKEY_POLICY_PRIORITY
1684 p->sadb_x_policy_priority = p_priority;
1686 /* fail if given a priority and libipsec was not compiled with
1688 if (p_priority != 0)
1690 __ipsec_errcode = EIPSEC_PRIORITY_NOT_COMPILED;
1697 __ipsec_errcode = EIPSEC_NO_ERROR;
1702 set_x_request(src, dst)
1703 struct sockaddr *src, *dst;
1705 struct sadb_x_ipsecrequest *p;
1710 + (src ? sysdep_sa_len(src) : 0)
1711 + (dst ? sysdep_sa_len(dst) : 0);
1712 tlen += reqlen; /* increment to total length */
1714 n = realloc(pbuf, tlen);
1716 __ipsec_errcode = EIPSEC_NO_BUFS;
1720 p = (struct sadb_x_ipsecrequest *)&pbuf[offset];
1721 p->sadb_x_ipsecrequest_len = reqlen;
1722 p->sadb_x_ipsecrequest_proto = p_protocol;
1723 p->sadb_x_ipsecrequest_mode = p_mode;
1724 p->sadb_x_ipsecrequest_level = p_level;
1725 p->sadb_x_ipsecrequest_reqid = p_reqid;
1726 offset += sizeof(*p);
1728 if (set_sockaddr(src) || set_sockaddr(dst))
1731 __ipsec_errcode = EIPSEC_NO_ERROR;
1737 struct sockaddr *addr;
1740 __ipsec_errcode = EIPSEC_NO_ERROR;
1744 /* tlen has already incremented */
1746 memcpy(&pbuf[offset], addr, sysdep_sa_len(addr));
1748 offset += sysdep_sa_len(addr);
1750 __ipsec_errcode = EIPSEC_NO_ERROR;
1755 policy_parse_request_init()
1757 p_protocol = IPPROTO_IP;
1758 p_mode = IPSEC_MODE_ANY;
1759 p_level = IPSEC_LEVEL_DEFAULT;
1761 if (p_src != NULL) {
1765 if (p_dst != NULL) {
1774 policy_parse(msg, msglen)
1784 p_dir = IPSEC_DIR_INVALID;
1785 p_type = IPSEC_POLICY_DISCARD;
1786 policy_parse_request_init();
1787 __policy__strbuffer__init__(msg);
1789 error = yyparse(); /* it must be set errcode. */
1790 __policy__strbuffer__free__();
1798 /* update total length */
1799 ((struct sadb_x_policy *)pbuf)->sadb_x_policy_len = PFKEY_UNIT64(tlen);
1801 __ipsec_errcode = EIPSEC_NO_ERROR;
1807 ipsec_set_policy(msg, msglen)
1813 policy = policy_parse(msg, msglen);
1814 if (policy == NULL) {
1815 if (__ipsec_errcode == EIPSEC_NO_ERROR)
1816 __ipsec_errcode = EIPSEC_INVAL_ARGUMENT;
1820 __ipsec_errcode = EIPSEC_NO_ERROR;