1/* $Id: policy_token.l,v 1.10.4.1 2005/05/07 14:30:38 manubsd Exp $ */ 2 3/* 4 * Copyright (C) 1995, 1996, 1997, 1998, and 1999 WIDE Project. 5 * All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 3. Neither the name of the project nor the names of its contributors 16 * may be used to endorse or promote products derived from this software 17 * without specific prior written permission. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 22 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29 * SUCH DAMAGE. 30 */ 31 32%{ 33#ifdef HAVE_CONFIG_H 34#include "config.h" 35#endif 36 37#include <sys/types.h> 38#include <sys/param.h> 39#include <sys/socket.h> 40#include <net/pfkeyv2.h> 41#include <netinet/in.h> 42#ifdef HAVE_NETINET6_IPSEC 43# include <netinet6/ipsec.h> 44#else 45# include <netinet/ipsec.h> 46#endif 47 48#include <stdlib.h> 49#include <limits.h> 50#include <string.h> 51#include <unistd.h> 52#include <errno.h> 53 54#include "libpfkey.h" 55 56#include "y.tab.h" 57#define yylval __libipseclval /* XXX */ 58 59int yylex (void); 60%} 61 62%option noyywrap 63%option nounput 64 65/* common section */ 66nl \n 67ws [ \t]+ 68digit [0-9] 69hexdigit [0-9A-Fa-f] 70special [()+\|\?\*,] 71dot \. 72comma \, 73hyphen \- 74colon \: 75slash \/ 76bcl \{ 77ecl \} 78blcl \[ 79elcl \] 80percent \% 81semi \; 82plus \+ 83usec {dot}{digit}{1,6} 84comment \#.* 85ccomment "/*" 86bracketstring \<[^>]*\> 87quotedstring \"[^"]*\" 88decstring {digit}+ 89hexpair {hexdigit}{hexdigit} 90hexstring 0[xX]{hexdigit}+ 91octetstring {octet}({dot}{octet})+ 92ipaddress [a-zA-Z0-9:\._][a-zA-Z0-9:\._]*(%[a-zA-Z0-9]+)? 93 94%% 95 96in { yylval.num = IPSEC_DIR_INBOUND; return(DIR); } 97out { yylval.num = IPSEC_DIR_OUTBOUND; return(DIR); } 98fwd { 99#ifdef HAVE_POLICY_FWD 100 yylval.num = IPSEC_DIR_FWD; return(DIR); 101#else 102 yylval.num = IPSEC_DIR_INBOUND; return(DIR); 103#endif 104 } 105 106priority { return(PRIORITY); } 107prio { return(PRIORITY); } 108low { yylval.num32 = PRIORITY_LOW; return(PRIO_BASE); } 109def { yylval.num32 = PRIORITY_DEFAULT; return(PRIO_BASE); } 110high { yylval.num32 = PRIORITY_HIGH; return(PRIO_BASE); } 111{plus} { return(PLUS); } 112{decstring} { 113 yylval.val.len = strlen(yytext); 114 yylval.val.buf = yytext; 115 return(PRIO_OFFSET); 116} 117 118discard { yylval.num = IPSEC_POLICY_DISCARD; return(ACTION); } 119generate { yylval.num = IPSEC_POLICY_GENERATE; return(ACTION); } 120none { yylval.num = IPSEC_POLICY_NONE; return(ACTION); } 121ipsec { yylval.num = IPSEC_POLICY_IPSEC; return(ACTION); } 122bypass { yylval.num = IPSEC_POLICY_BYPASS; return(ACTION); } 123entrust { yylval.num = IPSEC_POLICY_ENTRUST; return(ACTION); } 124 125esp { yylval.num = IPPROTO_ESP; return(PROTOCOL); } 126ah { yylval.num = IPPROTO_AH; return(PROTOCOL); } 127ipcomp { yylval.num = IPPROTO_IPCOMP; return(PROTOCOL); } 128 129transport { yylval.num = IPSEC_MODE_TRANSPORT; return(MODE); } 130tunnel { yylval.num = IPSEC_MODE_TUNNEL; return(MODE); } 131 132me { return(ME); } 133any { return(ANY); } 134 135default { yylval.num = IPSEC_LEVEL_DEFAULT; return(LEVEL); } 136use { yylval.num = IPSEC_LEVEL_USE; return(LEVEL); } 137require { yylval.num = IPSEC_LEVEL_REQUIRE; return(LEVEL); } 138unique{colon}{decstring} { 139 yylval.val.len = strlen(yytext + 7); 140 yylval.val.buf = yytext + 7; 141 return(LEVEL_SPECIFY); 142 } 143unique { yylval.num = IPSEC_LEVEL_UNIQUE; return(LEVEL); } 144{slash} { return(SLASH); } 145 146{ipaddress} { 147 yylval.val.len = strlen(yytext); 148 yylval.val.buf = yytext; 149 return(IPADDRESS); 150 } 151 152{hyphen} { return(HYPHEN); } 153 154{blcl}{decstring}{elcl} { 155 /* Remove leading '[' and trailing ']' */ 156 yylval.val.buf = yytext + 1; 157 yylval.val.len = strlen(yytext) - 2; 158 159 return(PORT); 160 } 161 162{ws} { ; } 163{nl} { ; } 164 165%% 166 167void __policy__strbuffer__init__ (char *); 168void __policy__strbuffer__free__ (void); 169 170static YY_BUFFER_STATE strbuffer; 171 172void 173__policy__strbuffer__init__(msg) 174 char *msg; 175{ 176 if (YY_CURRENT_BUFFER) 177 yy_delete_buffer(YY_CURRENT_BUFFER); 178 strbuffer = (YY_BUFFER_STATE)yy_scan_string(msg); 179 yy_switch_to_buffer(strbuffer); 180 181 return; 182} 183 184void 185__policy__strbuffer__free__() 186{ 187 yy_delete_buffer(strbuffer); 188 189 return; 190} 191