1/* $KAME: token.l,v 1.44 2003/10/21 07:20:58 itojun Exp $ */ 2 3/* 4 * Copyright (C) 1995, 1996, 1997, 1998, and 1999 WIDE Project. 5 * All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 3. Neither the name of the project nor the names of its contributors 16 * may be used to endorse or promote products derived from this software 17 * without specific prior written permission. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 22 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29 * SUCH DAMAGE. 30 */ 31 32%option noyywrap 33%{ 34 35#ifdef HAVE_CONFIG_H 36#include "config.h" 37#endif 38 39#include <sys/types.h> 40#include <sys/param.h> 41#include <sys/socket.h> 42#include <net/pfkeyv2.h> 43#include <netinet/in.h> 44#ifdef HAVE_NETINET6_IPSEC 45# include <netinet6/ipsec.h> 46#else 47# include <netinet/ipsec.h> 48#endif 49 50#include <stdlib.h> 51#include <limits.h> 52#include <string.h> 53#include <unistd.h> 54#include <errno.h> 55#include <netdb.h> 56 57#include "vchar.h" 58#include "y.tab.h" 59 60#include "extern.h" 61 62/* make the code compile on *BSD-current */ 63#ifndef SADB_X_AALG_SHA2_256 64#define SADB_X_AALG_SHA2_256 (-1) 65#endif 66#ifndef SADB_X_AALG_SHA2_384 67#define SADB_X_AALG_SHA2_384 (-1) 68#endif 69#ifndef SADB_X_AALG_SHA2_512 70#define SADB_X_AALG_SHA2_512 (-1) 71#endif 72#ifndef SADB_X_AALG_RIPEMD160HMAC 73#define SADB_X_AALG_RIPEMD160HMAC (-1) 74#endif 75#ifndef SADB_X_AALG_AES_XCBC_MAC 76#define SADB_X_AALG_AES_XCBC_MAC (-1) 77#endif 78#ifndef SADB_X_EALG_TWOFISHCBC 79#define SADB_X_EALG_TWOFISHCBC (-1) 80#endif 81#ifndef SADB_X_EALG_AESCTR 82#define SADB_X_EALG_AESCTR (-1) 83#endif 84%} 85 86/* common section */ 87nl \n 88ws [ \t]+ 89digit [0-9] 90letter [0-9A-Za-z] 91hexdigit [0-9A-Fa-f] 92dot \. 93hyphen \- 94slash \/ 95blcl \[ 96elcl \] 97semi \; 98comment \#.* 99quotedstring \"[^"]*\" 100decstring {digit}+ 101hexstring 0[xX]{hexdigit}+ 102ipaddress [a-fA-F0-9:]([a-fA-F0-9:\.]*|[a-fA-F0-9:\.]*%[a-zA-Z0-9]*) 103ipaddrmask {slash}{digit}{1,3} 104name {letter}(({letter}|{digit}|{hyphen})*({letter}|{digit}))* 105hostname {name}(({dot}{name})+{dot}?)? 106 107%s S_PL S_AUTHALG S_ENCALG 108 109%% 110 111add { return(ADD); } 112delete { return(DELETE); } 113deleteall { return(DELETEALL); } 114get { return(GET); } 115flush { return(FLUSH); } 116dump { return(DUMP); } 117exit { return(EXIT); } 118quit { return(EXIT); } 119bye { return(EXIT); } 120 121 /* for management SPD */ 122spdadd { return(SPDADD); } 123spddelete { return(SPDDELETE); } 124spddump { return(SPDDUMP); } 125spdflush { return(SPDFLUSH); } 126tagged { return(TAGGED); } 127{hyphen}P { BEGIN S_PL; return(F_POLICY); } 128<S_PL>[a-zA-Z0-9:\.\-_/ \n\t][a-zA-Z0-9:\.%\-+_/ \n\t\]\[]* { 129 yymore(); 130 131 /* count up for nl */ 132 { 133 char *p; 134 for (p = yytext; *p != '\0'; p++) 135 if (*p == '\n') 136 lineno++; 137 } 138 139 yylval.val.len = strlen(yytext); 140 yylval.val.buf = strdup(yytext); 141 if (!yylval.val.buf) 142 yyfatal("insufficient memory"); 143 144 return(PL_REQUESTS); 145 } 146<S_PL>{semi} { BEGIN INITIAL; return(EOT); } 147 148 /* address resolution flags */ 149{hyphen}[n46][n46]* { 150 yylval.val.len = strlen(yytext); 151 yylval.val.buf = strdup(yytext); 152 if (!yylval.val.buf) 153 yyfatal("insufficient memory"); 154 return(F_AIFLAGS); 155 } 156 157 /* security protocols */ 158ah { yylval.num = 0; return(PR_AH); } 159esp { yylval.num = 0; return(PR_ESP); } 160ah-old { yylval.num = 1; return(PR_AH); } 161esp-old { yylval.num = 1; return(PR_ESP); } 162esp-udp { yylval.num = 0; return(PR_ESPUDP); } 163ipcomp { yylval.num = 0; return(PR_IPCOMP); } 164tcp { 165 yylval.num = 0; return(PR_TCP); 166 } 167 168 /* authentication alogorithm */ 169{hyphen}A { BEGIN S_AUTHALG; return(F_AUTH); } 170<S_AUTHALG>hmac-md5 { yylval.num = SADB_AALG_MD5HMAC; BEGIN INITIAL; return(ALG_AUTH); } 171<S_AUTHALG>hmac-sha1 { yylval.num = SADB_AALG_SHA1HMAC; BEGIN INITIAL; return(ALG_AUTH); } 172<S_AUTHALG>keyed-md5 { yylval.num = SADB_X_AALG_MD5; BEGIN INITIAL; return(ALG_AUTH); } 173<S_AUTHALG>keyed-sha1 { yylval.num = SADB_X_AALG_SHA; BEGIN INITIAL; return(ALG_AUTH); } 174<S_AUTHALG>hmac-sha2-256 { yylval.num = SADB_X_AALG_SHA2_256; BEGIN INITIAL; return(ALG_AUTH); } 175<S_AUTHALG>hmac-sha256 { yylval.num = SADB_X_AALG_SHA2_256; BEGIN INITIAL; return(ALG_AUTH); } 176<S_AUTHALG>hmac-sha2-384 { yylval.num = SADB_X_AALG_SHA2_384; BEGIN INITIAL; return(ALG_AUTH); } 177<S_AUTHALG>hmac-sha384 { yylval.num = SADB_X_AALG_SHA2_384; BEGIN INITIAL; return(ALG_AUTH); } 178<S_AUTHALG>hmac-sha2-512 { yylval.num = SADB_X_AALG_SHA2_512; BEGIN INITIAL; return(ALG_AUTH); } 179<S_AUTHALG>hmac-sha512 { yylval.num = SADB_X_AALG_SHA2_512; BEGIN INITIAL; return(ALG_AUTH); } 180<S_AUTHALG>hmac-ripemd160 { yylval.num = SADB_X_AALG_RIPEMD160HMAC; BEGIN INITIAL; return(ALG_AUTH); } 181<S_AUTHALG>aes-xcbc-mac { yylval.num = SADB_X_AALG_AES_XCBC_MAC; BEGIN INITIAL; return(ALG_AUTH); } 182<S_AUTHALG>tcp-md5 { 183#ifdef SADB_X_AALG_TCP_MD5 184 yylval.num = SADB_X_AALG_TCP_MD5; 185 BEGIN INITIAL; 186 return(ALG_AUTH); 187#endif 188 } 189<S_AUTHALG>null { yylval.num = SADB_X_AALG_NULL; BEGIN INITIAL; return(ALG_AUTH_NOKEY); } 190 191 /* encryption alogorithm */ 192{hyphen}E { BEGIN S_ENCALG; return(F_ENC); } 193<S_ENCALG>des-cbc { yylval.num = SADB_EALG_DESCBC; BEGIN INITIAL; return(ALG_ENC); } 194<S_ENCALG>3des-cbc { yylval.num = SADB_EALG_3DESCBC; BEGIN INITIAL; return(ALG_ENC); } 195<S_ENCALG>null { yylval.num = SADB_EALG_NULL; BEGIN INITIAL; return(ALG_ENC_NOKEY); } 196<S_ENCALG>simple { yylval.num = SADB_EALG_NULL; BEGIN INITIAL; return(ALG_ENC_OLD); } 197<S_ENCALG>blowfish-cbc { yylval.num = SADB_X_EALG_BLOWFISHCBC; BEGIN INITIAL; return(ALG_ENC); } 198<S_ENCALG>cast128-cbc { yylval.num = SADB_X_EALG_CAST128CBC; BEGIN INITIAL; return(ALG_ENC); } 199<S_ENCALG>des-deriv { yylval.num = SADB_EALG_DESCBC; BEGIN INITIAL; return(ALG_ENC_DESDERIV); } 200<S_ENCALG>des-32iv { yylval.num = SADB_EALG_DESCBC; BEGIN INITIAL; return(ALG_ENC_DES32IV); } 201<S_ENCALG>twofish-cbc { yylval.num = SADB_X_EALG_TWOFISHCBC; BEGIN INITIAL; return(ALG_ENC); } 202<S_ENCALG>aes-cbc { 203#ifdef SADB_X_EALG_AESCBC 204 yylval.num = SADB_X_EALG_AESCBC; BEGIN INITIAL; return(ALG_ENC); 205#endif 206} 207<S_ENCALG>rijndael-cbc { 208#ifdef SADB_X_EALG_AESCBC 209 yylval.num = SADB_X_EALG_AESCBC; BEGIN INITIAL; return(ALG_ENC); 210#endif 211} 212<S_ENCALG>aes-ctr { yylval.num = SADB_X_EALG_AESCTR; BEGIN INITIAL; return(ALG_ENC); } 213 214 /* compression algorithms */ 215{hyphen}C { return(F_COMP); } 216oui { yylval.num = SADB_X_CALG_OUI; return(ALG_COMP); } 217deflate { yylval.num = SADB_X_CALG_DEFLATE; return(ALG_COMP); } 218lzs { yylval.num = SADB_X_CALG_LZS; return(ALG_COMP); } 219{hyphen}R { return(F_RAWCPI); } 220 221 /* extension */ 222{hyphen}m { return(F_MODE); } 223transport { yylval.num = IPSEC_MODE_TRANSPORT; return(MODE); } 224tunnel { yylval.num = IPSEC_MODE_TUNNEL; return(MODE); } 225{hyphen}u { return(F_REQID); } 226{hyphen}f { return(F_EXT); } 227random-pad { yylval.num = SADB_X_EXT_PRAND; return(EXTENSION); } 228seq-pad { yylval.num = SADB_X_EXT_PSEQ; return(EXTENSION); } 229zero-pad { yylval.num = SADB_X_EXT_PZERO; return(EXTENSION); } 230nocyclic-seq { return(NOCYCLICSEQ); } 231{hyphen}r { return(F_REPLAY); } 232{hyphen}lh { return(F_LIFETIME_HARD); } 233{hyphen}ls { return(F_LIFETIME_SOFT); } 234{hyphen}bh { return(F_LIFEBYTE_HARD); } 235{hyphen}bs { return(F_LIFEBYTE_SOFT); } 236 237 /* ... */ 238any { return(ANY); } 239{ws} { } 240{nl} { lineno++; } 241{comment} 242{semi} { return(EOT); } 243 244 /* for address parameters: /prefix, [port] */ 245{slash} { return SLASH; } 246{blcl} { return BLCL; } 247{elcl} { return ELCL; } 248 249 /* parameter */ 250{decstring} { 251 char *bp; 252 253 yylval.ulnum = strtoul(yytext, &bp, 10); 254 return(DECSTRING); 255 } 256 257{hexstring} { 258 yylval.val.buf = strdup(yytext + 2); 259 if (!yylval.val.buf) 260 yyfatal("insufficient memory"); 261 yylval.val.len = strlen(yylval.val.buf); 262 263 return(HEXSTRING); 264 } 265 266{quotedstring} { 267 char *p = yytext; 268 while (*++p != '"') ; 269 *p = '\0'; 270 yytext++; 271 yylval.val.len = yyleng - 2; 272 yylval.val.buf = strdup(yytext); 273 if (!yylval.val.buf) 274 yyfatal("insufficient memory"); 275 276 return(QUOTEDSTRING); 277 } 278 279[A-Za-z0-9:][A-Za-z0-9:%\.-]* { 280 yylval.val.len = yyleng; 281 yylval.val.buf = strdup(yytext); 282 if (!yylval.val.buf) 283 yyfatal("insufficient memory"); 284 return(STRING); 285 } 286 287[0-9,]+ { 288 yylval.val.len = yyleng; 289 yylval.val.buf = strdup(yytext); 290 if (!yylval.val.buf) 291 yyfatal("insufficient memory"); 292 return(STRING); 293 } 294 295. { 296 yyfatal("Syntax error"); 297 /*NOTREACHED*/ 298 } 299 300%% 301 302void 303yyfatal(s) 304 const char *s; 305{ 306 yyerror(s); 307 exit(1); 308} 309 310void 311yyerror(s) 312 const char *s; 313{ 314 printf("line %d: %s at [%s]\n", lineno, s, yytext); 315} 316 317int 318parse(fp) 319 FILE **fp; 320{ 321 yyin = *fp; 322 323 lineno = 1; 324 parse_init(); 325 326 if (yyparse()) { 327 printf("parse failed, line %d.\n", lineno); 328 return(-1); 329 } 330 331 return(0); 332} 333 334int 335parse_string (char *src) 336{ 337 int result; 338 YY_BUFFER_STATE buf_state; 339 340 buf_state = yy_scan_string(src); 341 result = yyparse(); 342 yy_delete_buffer(buf_state); 343 return result; 344} 345 346