1 /* $KAME: token.l,v 1.44 2003/10/21 07:20:58 itojun Exp $ */
4 * Copyright (C) 1995, 1996, 1997, 1998, and 1999 WIDE Project.
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 * 3. Neither the name of the project nor the names of its contributors
16 * may be used to endorse or promote products derived from this software
17 * without specific prior written permission.
19 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
22 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
38 #include <sys/types.h>
39 #include <sys/param.h>
40 #include <sys/socket.h>
41 #include <net/pfkeyv2.h>
42 #include <netinet/in.h>
43 #ifdef HAVE_NETINET6_IPSEC
44 # include <netinet6/ipsec.h>
46 # include <netinet/ipsec.h>
57 #if defined(__NetBSD__) || defined(__FreeBSD__) || defined(__linux__)
65 extern u_char m_buf[BUFSIZ];
69 int yylex __P((void));
70 void yyfatal __P((const char *s));
71 void yyerror __P((const char *s));
72 extern void parse_init __P((void));
73 int parse __P((FILE **));
74 int yyparse __P((void));
76 /* make the code compile on *BSD-current */
77 #ifndef SADB_X_AALG_SHA2_256
78 #define SADB_X_AALG_SHA2_256 (-1)
80 #ifndef SADB_X_AALG_SHA2_384
81 #define SADB_X_AALG_SHA2_384 (-1)
83 #ifndef SADB_X_AALG_SHA2_512
84 #define SADB_X_AALG_SHA2_512 (-1)
86 #ifndef SADB_X_AALG_RIPEMD160HMAC
87 #define SADB_X_AALG_RIPEMD160HMAC (-1)
89 #ifndef SADB_X_AALG_AES_XCBC_MAC
90 #define SADB_X_AALG_AES_XCBC_MAC (-1)
92 #ifndef SADB_X_EALG_TWOFISHCBC
93 #define SADB_X_EALG_TWOFISHCBC (-1)
95 #ifndef SADB_X_EALG_AESCTR
96 #define SADB_X_EALG_AESCTR (-1)
113 quotedstring \"[^"]*\"
115 hexstring 0[xX]{hexdigit}+
116 ipaddress [a-fA-F0-9:]([a-fA-F0-9:\.]*|[a-fA-F0-9:\.]*%[a-zA-Z0-9]*)
117 ipaddrmask {slash}{digit}{1,3}
118 name {letter}(({letter}|{digit}|{hyphen})*({letter}|{digit}))*
119 hostname {name}(({dot}{name})+{dot}?)?
121 %s S_PL S_AUTHALG S_ENCALG
126 delete { return(DELETE); }
127 deleteall { return(DELETEALL); }
129 flush { return(FLUSH); }
130 dump { return(DUMP); }
131 exit { return(EXIT); }
132 quit { return(EXIT); }
133 bye { return(EXIT); }
135 /* for management SPD */
136 spdadd { return(SPDADD); }
137 spddelete { return(SPDDELETE); }
138 spddump { return(SPDDUMP); }
139 spdflush { return(SPDFLUSH); }
140 tagged { return(TAGGED); }
141 {hyphen}P { BEGIN S_PL; return(F_POLICY); }
142 <S_PL>[a-zA-Z0-9:\.\-_/ \n\t][a-zA-Z0-9:\.%\-+_/ \n\t]* {
145 /* count up for nl */
148 for (p = yytext; *p != '\0'; p++)
153 yylval.val.len = strlen(yytext);
154 yylval.val.buf = strdup(yytext);
156 yyfatal("insufficient memory");
160 <S_PL>{semi} { BEGIN INITIAL; return(EOT); }
162 /* address resolution flags */
163 {hyphen}[n46][n46]* {
164 yylval.val.len = strlen(yytext);
165 yylval.val.buf = strdup(yytext);
167 yyfatal("insufficient memory");
171 /* security protocols */
172 ah { yylval.num = 0; return(PR_AH); }
173 esp { yylval.num = 0; return(PR_ESP); }
174 ah-old { yylval.num = 1; return(PR_AH); }
175 esp-old { yylval.num = 1; return(PR_ESP); }
176 esp-udp { yylval.num = 0; return(PR_ESPUDP); }
177 ipcomp { yylval.num = 0; return(PR_IPCOMP); }
179 /* authentication alogorithm */
180 {hyphen}A { BEGIN S_AUTHALG; return(F_AUTH); }
181 <S_AUTHALG>hmac-md5 { yylval.num = SADB_AALG_MD5HMAC; BEGIN INITIAL; return(ALG_AUTH); }
182 <S_AUTHALG>hmac-sha1 { yylval.num = SADB_AALG_SHA1HMAC; BEGIN INITIAL; return(ALG_AUTH); }
183 <S_AUTHALG>keyed-md5 { yylval.num = SADB_X_AALG_MD5; BEGIN INITIAL; return(ALG_AUTH); }
184 <S_AUTHALG>keyed-sha1 { yylval.num = SADB_X_AALG_SHA; BEGIN INITIAL; return(ALG_AUTH); }
185 <S_AUTHALG>hmac-sha2-256 { yylval.num = SADB_X_AALG_SHA2_256; BEGIN INITIAL; return(ALG_AUTH); }
186 <S_AUTHALG>hmac-sha2-384 { yylval.num = SADB_X_AALG_SHA2_384; BEGIN INITIAL; return(ALG_AUTH); }
187 <S_AUTHALG>hmac-sha2-512 { yylval.num = SADB_X_AALG_SHA2_512; BEGIN INITIAL; return(ALG_AUTH); }
188 <S_AUTHALG>hmac-ripemd160 { yylval.num = SADB_X_AALG_RIPEMD160HMAC; BEGIN INITIAL; return(ALG_AUTH); }
189 <S_AUTHALG>aes-xcbc-mac { yylval.num = SADB_X_AALG_AES_XCBC_MAC; BEGIN INITIAL; return(ALG_AUTH); }
190 <S_AUTHALG>null { yylval.num = SADB_X_AALG_NULL; BEGIN INITIAL; return(ALG_AUTH_NOKEY); }
192 /* encryption alogorithm */
193 {hyphen}E { BEGIN S_ENCALG; return(F_ENC); }
194 <S_ENCALG>des-cbc { yylval.num = SADB_EALG_DESCBC; BEGIN INITIAL; return(ALG_ENC); }
195 <S_ENCALG>3des-cbc { yylval.num = SADB_EALG_3DESCBC; BEGIN INITIAL; return(ALG_ENC); }
196 <S_ENCALG>null { yylval.num = SADB_EALG_NULL; BEGIN INITIAL; return(ALG_ENC_NOKEY); }
197 <S_ENCALG>simple { yylval.num = SADB_EALG_NULL; BEGIN INITIAL; return(ALG_ENC_OLD); }
198 <S_ENCALG>blowfish-cbc { yylval.num = SADB_X_EALG_BLOWFISHCBC; BEGIN INITIAL; return(ALG_ENC); }
199 <S_ENCALG>cast128-cbc { yylval.num = SADB_X_EALG_CAST128CBC; BEGIN INITIAL; return(ALG_ENC); }
200 <S_ENCALG>des-deriv { yylval.num = SADB_EALG_DESCBC; BEGIN INITIAL; return(ALG_ENC_DESDERIV); }
201 <S_ENCALG>des-32iv { yylval.num = SADB_EALG_DESCBC; BEGIN INITIAL; return(ALG_ENC_DES32IV); }
202 <S_ENCALG>twofish-cbc { yylval.num = SADB_X_EALG_TWOFISHCBC; BEGIN INITIAL; return(ALG_ENC); }
204 #ifdef SADB_X_EALG_AESCBC
205 yylval.num = SADB_X_EALG_AESCBC; BEGIN INITIAL; return(ALG_ENC);
208 <S_ENCALG>rijndael-cbc {
209 #ifdef SADB_X_EALG_AESCBC
210 yylval.num = SADB_X_EALG_AESCBC; BEGIN INITIAL; return(ALG_ENC);
213 <S_ENCALG>aes-ctr { yylval.num = SADB_X_EALG_AESCTR; BEGIN INITIAL; return(ALG_ENC); }
215 /* compression algorithms */
216 {hyphen}C { return(F_COMP); }
217 oui { yylval.num = SADB_X_CALG_OUI; return(ALG_COMP); }
218 deflate { yylval.num = SADB_X_CALG_DEFLATE; return(ALG_COMP); }
219 lzs { yylval.num = SADB_X_CALG_LZS; return(ALG_COMP); }
220 {hyphen}R { return(F_RAWCPI); }
223 {hyphen}m { return(F_MODE); }
224 transport { yylval.num = IPSEC_MODE_TRANSPORT; return(MODE); }
225 tunnel { yylval.num = IPSEC_MODE_TUNNEL; return(MODE); }
226 {hyphen}u { return(F_REQID); }
227 {hyphen}f { return(F_EXT); }
228 random-pad { yylval.num = SADB_X_EXT_PRAND; return(EXTENSION); }
229 seq-pad { yylval.num = SADB_X_EXT_PSEQ; return(EXTENSION); }
230 zero-pad { yylval.num = SADB_X_EXT_PZERO; return(EXTENSION); }
231 nocyclic-seq { return(NOCYCLICSEQ); }
232 {hyphen}r { return(F_REPLAY); }
233 {hyphen}lh { return(F_LIFETIME_HARD); }
234 {hyphen}ls { return(F_LIFETIME_SOFT); }
235 {hyphen}bh { return(F_LIFEBYTE_HARD); }
236 {hyphen}bs { return(F_LIFEBYTE_SOFT); }
243 {semi} { return(EOT); }
245 /* for address parameters: /prefix, [port] */
246 {slash} { return SLASH; }
247 {blcl} { return BLCL; }
248 {elcl} { return ELCL; }
254 yylval.ulnum = strtoul(yytext, &bp, 10);
259 yylval.val.buf = strdup(yytext + 2);
261 yyfatal("insufficient memory");
262 yylval.val.len = strlen(yylval.val.buf);
269 while (*++p != '"') ;
272 yylval.val.len = yyleng - 2;
273 yylval.val.buf = strdup(yytext);
275 yyfatal("insufficient memory");
277 return(QUOTEDSTRING);
280 [A-Za-z0-9:][A-Za-z0-9:%\.-]* {
281 yylval.val.len = yyleng;
282 yylval.val.buf = strdup(yytext);
284 yyfatal("insufficient memory");
289 yylval.val.len = yyleng;
290 yylval.val.buf = strdup(yytext);
292 yyfatal("insufficient memory");
297 yyfatal("Syntax error");
315 printf("line %d: %s at [%s]\n", lineno, s, yytext);
327 printf("parse failed, line %d.\n", lineno);
335 parse_string (char *src)
338 YY_BUFFER_STATE buf_state;
340 buf_state = yy_scan_string(src);
342 yy_delete_buffer(buf_state);