1/* $FreeBSD$ */ 2/* $KAME: token.l,v 1.43 2003/07/25 09:35:28 itojun Exp $ */ 3 4/*- 5 * SPDX-License-Identifier: BSD-3-Clause 6 * 7 * Copyright (C) 1995, 1996, 1997, 1998, and 1999 WIDE Project. 8 * All rights reserved. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 3. Neither the name of the project nor the names of its contributors 19 * may be used to endorse or promote products derived from this software 20 * without specific prior written permission. 21 * 22 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 23 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 24 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 25 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 26 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 27 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 28 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 29 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 30 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 31 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 32 * SUCH DAMAGE. 33 */ 34 35%{ 36#include <sys/types.h> 37#include <sys/param.h> 38#include <sys/socket.h> 39#include <net/route.h> 40#include <net/pfkeyv2.h> 41#include <netipsec/keydb.h> 42#include <netipsec/key_debug.h> 43#include <netinet/in.h> 44#include <netipsec/ipsec.h> 45 46#include <stdlib.h> 47#include <limits.h> 48#include <string.h> 49#include <unistd.h> 50#include <errno.h> 51#include <netdb.h> 52 53#include "vchar.h" 54#include "y.tab.h" 55 56int lineno = 1; 57 58extern u_char m_buf[BUFSIZ]; 59extern u_int m_len; 60extern int f_debug; 61 62int yylex(void); 63void yyfatal(const char *s); 64void yyerror(const char *s); 65extern void parse_init(void); 66int parse(FILE **); 67int yyparse(void); 68%} 69 70%option noyywrap 71 72/* common section */ 73nl \n 74ws [ \t]+ 75digit [0-9] 76letter [0-9A-Za-z] 77hexdigit [0-9A-Fa-f] 78dot \. 79hyphen \- 80slash \/ 81blcl \[ 82elcl \] 83semi \; 84comment \#.* 85quotedstring \"[^"]*\" 86decstring {digit}+ 87hexstring 0[xX]{hexdigit}+ 88ipaddress [a-fA-F0-9:]([a-fA-F0-9:\.]*|[a-fA-F0-9:\.]*%[a-zA-Z0-9]*) 89ipaddrmask {slash}{digit}{1,3} 90name {letter}(({letter}|{digit}|{hyphen})*({letter}|{digit}))* 91hostname {name}(({dot}{name})+{dot}?)? 92 93%s S_PL S_AUTHALG S_ENCALG 94 95%% 96 97add { return(ADD); } 98delete { return(DELETE); } 99deleteall { return(DELETEALL); } 100get { return(GET); } 101flush { return(FLUSH); } 102dump { return(DUMP); } 103 104 /* for management SPD */ 105spdadd { return(SPDADD); } 106spddelete { return(SPDDELETE); } 107spddump { return(SPDDUMP); } 108spdflush { return(SPDFLUSH); } 109tagged { return(TAGGED); } 110{hyphen}P { BEGIN S_PL; return(F_POLICY); } 111<S_PL>[a-zA-Z0-9:\.\-_/ \n\t][a-zA-Z0-9:\.%\-_/ \n\t]* { 112 yymore(); 113 114 /* count up for nl */ 115 { 116 char *p; 117 for (p = yytext; *p != '\0'; p++) 118 if (*p == '\n') 119 lineno++; 120 } 121 122 yylval.val.len = strlen(yytext); 123 yylval.val.buf = strdup(yytext); 124 if (!yylval.val.buf) 125 yyfatal("insufficient memory"); 126 127 return(PL_REQUESTS); 128 } 129<S_PL>{semi} { BEGIN INITIAL; return(EOT); } 130 131 /* address resolution flags */ 132{hyphen}[n46][n46]* { 133 yylval.val.len = strlen(yytext); 134 yylval.val.buf = strdup(yytext); 135 if (!yylval.val.buf) 136 yyfatal("insufficient memory"); 137 return(F_AIFLAGS); 138 } 139 140 /* security protocols */ 141ah { yylval.num = 0; return(PR_AH); } 142esp { yylval.num = 0; return(PR_ESP); } 143ah-old { yylval.num = 1; return(PR_AH); } 144esp-old { yylval.num = 1; return(PR_ESP); } 145ipcomp { yylval.num = 0; return(PR_IPCOMP); } 146tcp { yylval.num = 0; return(PR_TCP); } 147 148 /* authentication alogorithm */ 149{hyphen}A { BEGIN S_AUTHALG; return(F_AUTH); } 150<S_AUTHALG>hmac-md5 { yylval.num = SADB_AALG_MD5HMAC; BEGIN INITIAL; return(ALG_AUTH); } 151<S_AUTHALG>hmac-sha1 { yylval.num = SADB_AALG_SHA1HMAC; BEGIN INITIAL; return(ALG_AUTH); } 152<S_AUTHALG>keyed-md5 { yylval.num = SADB_X_AALG_MD5; BEGIN INITIAL; return(ALG_AUTH); } 153<S_AUTHALG>keyed-sha1 { yylval.num = SADB_X_AALG_SHA; BEGIN INITIAL; return(ALG_AUTH); } 154<S_AUTHALG>hmac-sha2-256 { yylval.num = SADB_X_AALG_SHA2_256; BEGIN INITIAL; return(ALG_AUTH); } 155<S_AUTHALG>hmac-sha2-384 { yylval.num = SADB_X_AALG_SHA2_384; BEGIN INITIAL; return(ALG_AUTH); } 156<S_AUTHALG>hmac-sha2-512 { yylval.num = SADB_X_AALG_SHA2_512; BEGIN INITIAL; return(ALG_AUTH); } 157<S_AUTHALG>hmac-ripemd160 { yylval.num = SADB_X_AALG_RIPEMD160HMAC; BEGIN INITIAL; return(ALG_AUTH); } 158<S_AUTHALG>aes-xcbc-mac { yylval.num = SADB_X_AALG_AES_XCBC_MAC; BEGIN INITIAL; return(ALG_AUTH); } 159<S_AUTHALG>tcp-md5 { yylval.num = SADB_X_AALG_TCP_MD5; BEGIN INITIAL; return(ALG_AUTH); } 160<S_AUTHALG>null { yylval.num = SADB_X_AALG_NULL; BEGIN INITIAL; return(ALG_AUTH_NOKEY); } 161 162 /* encryption alogorithm */ 163{hyphen}E { BEGIN S_ENCALG; return(F_ENC); } 164<S_ENCALG>des-cbc { yylval.num = SADB_EALG_DESCBC; BEGIN INITIAL; return(ALG_ENC); } 165<S_ENCALG>3des-cbc { yylval.num = SADB_EALG_3DESCBC; BEGIN INITIAL; return(ALG_ENC); } 166<S_ENCALG>null { yylval.num = SADB_EALG_NULL; BEGIN INITIAL; return(ALG_ENC); } 167<S_ENCALG>simple { yylval.num = SADB_EALG_NULL; BEGIN INITIAL; return(ALG_ENC_OLD); } 168<S_ENCALG>blowfish-cbc { yylval.num = SADB_X_EALG_BLOWFISHCBC; BEGIN INITIAL; return(ALG_ENC); } 169<S_ENCALG>cast128-cbc { yylval.num = SADB_X_EALG_CAST128CBC; BEGIN INITIAL; return(ALG_ENC); } 170<S_ENCALG>des-deriv { yylval.num = SADB_EALG_DESCBC; BEGIN INITIAL; return(ALG_ENC_DESDERIV); } 171<S_ENCALG>des-32iv { yylval.num = SADB_EALG_DESCBC; BEGIN INITIAL; return(ALG_ENC_DES32IV); } 172<S_ENCALG>rijndael-cbc { yylval.num = SADB_X_EALG_AESCBC; BEGIN INITIAL; return(ALG_ENC); } 173<S_ENCALG>aes-cbc { yylval.num = SADB_X_EALG_AESCBC; BEGIN INITIAL; return(ALG_ENC); } 174<S_ENCALG>aes-ctr { yylval.num = SADB_X_EALG_AESCTR; BEGIN INITIAL; return(ALG_ENC_SALT); } 175<S_ENCALG>camellia-cbc { yylval.num = SADB_X_EALG_CAMELLIACBC; BEGIN INITIAL; return(ALG_ENC); } 176<S_ENCALG>aes-gcm-16 { yylval.num = SADB_X_EALG_AESGCM16; BEGIN INITIAL; return(ALG_ENC_SALT); } 177 178 /* compression algorithms */ 179{hyphen}C { return(F_COMP); } 180oui { yylval.num = SADB_X_CALG_OUI; return(ALG_COMP); } 181deflate { yylval.num = SADB_X_CALG_DEFLATE; return(ALG_COMP); } 182lzs { yylval.num = SADB_X_CALG_LZS; return(ALG_COMP); } 183{hyphen}R { return(F_RAWCPI); } 184 185 /* extension */ 186{hyphen}m { return(F_MODE); } 187transport { yylval.num = IPSEC_MODE_TRANSPORT; return(MODE); } 188tunnel { yylval.num = IPSEC_MODE_TUNNEL; return(MODE); } 189{hyphen}u { return(F_REQID); } 190{hyphen}f { return(F_EXT); } 191random-pad { yylval.num = SADB_X_EXT_PRAND; return(EXTENSION); } 192seq-pad { yylval.num = SADB_X_EXT_PSEQ; return(EXTENSION); } 193zero-pad { yylval.num = SADB_X_EXT_PZERO; return(EXTENSION); } 194nocyclic-seq { return(NOCYCLICSEQ); } 195{hyphen}r { return(F_REPLAY); } 196{hyphen}lh { return(F_LIFETIME_HARD); } 197{hyphen}ls { return(F_LIFETIME_SOFT); } 198 199 /* ... */ 200any { return(ANY); } 201{ws} { } 202{nl} { lineno++; } 203{comment} 204{semi} { return(EOT); } 205 206 /* for address parameters: /prefix, [port] */ 207{slash} { return SLASH; } 208{blcl} { return BLCL; } 209{elcl} { return ELCL; } 210 211 /* parameter */ 212{decstring} { 213 char *bp; 214 215 yylval.ulnum = strtoul(yytext, &bp, 10); 216 return(DECSTRING); 217 } 218 219{hexstring} { 220 yylval.val.buf = strdup(yytext + 2); 221 if (!yylval.val.buf) 222 yyfatal("insufficient memory"); 223 yylval.val.len = strlen(yylval.val.buf); 224 225 return(HEXSTRING); 226 } 227 228{quotedstring} { 229 char *p = yytext; 230 while (*++p != '"') ; 231 *p = '\0'; 232 yytext++; 233 yylval.val.len = yyleng - 2; 234 yylval.val.buf = strdup(yytext); 235 if (!yylval.val.buf) 236 yyfatal("insufficient memory"); 237 238 return(QUOTEDSTRING); 239 } 240 241[A-Za-z0-9:][A-Za-z0-9:%\.-]* { 242 yylval.val.len = yyleng; 243 yylval.val.buf = strdup(yytext); 244 if (!yylval.val.buf) 245 yyfatal("insufficient memory"); 246 return(STRING); 247 } 248 249[0-9,]+ { 250 yylval.val.len = yyleng; 251 yylval.val.buf = strdup(yytext); 252 if (!yylval.val.buf) 253 yyfatal("insufficient memory"); 254 return(STRING); 255 } 256 257. { 258 yyfatal("Syntax error"); 259 /*NOTREACHED*/ 260 } 261 262%% 263 264void 265yyfatal(s) 266 const char *s; 267{ 268 yyerror(s); 269 exit(1); 270} 271 272void 273yyerror(s) 274 const char *s; 275{ 276 printf("line %d: %s at [%s]\n", lineno, s, yytext); 277} 278 279int 280parse(fp) 281 FILE **fp; 282{ 283 yyin = *fp; 284 285 parse_init(); 286 287 if (yyparse()) { 288 printf("parse failed, line %d.\n", lineno); 289 return(-1); 290 } 291 292 return(0); 293} 294