xref: /freebsd/sbin/setkey/token.l (revision 119b75925c562202145d7bac7b676b98029c6cb9)
1 /*	$FreeBSD$	*/
2 /*	$KAME: token.l,v 1.43 2003/07/25 09:35:28 itojun Exp $	*/
3 
4 /*
5  * Copyright (C) 1995, 1996, 1997, 1998, and 1999 WIDE Project.
6  * All rights reserved.
7  *
8  * Redistribution and use in source and binary forms, with or without
9  * modification, are permitted provided that the following conditions
10  * are met:
11  * 1. Redistributions of source code must retain the above copyright
12  *    notice, this list of conditions and the following disclaimer.
13  * 2. Redistributions in binary form must reproduce the above copyright
14  *    notice, this list of conditions and the following disclaimer in the
15  *    documentation and/or other materials provided with the distribution.
16  * 3. Neither the name of the project nor the names of its contributors
17  *    may be used to endorse or promote products derived from this software
18  *    without specific prior written permission.
19  *
20  * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
21  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23  * ARE DISCLAIMED.  IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
24  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
25  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
26  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
29  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
30  * SUCH DAMAGE.
31  */
32 
33 %{
34 #include <sys/types.h>
35 #include <sys/param.h>
36 #include <sys/socket.h>
37 #include <net/route.h>
38 #include <net/pfkeyv2.h>
39 #include <netipsec/keydb.h>
40 #include <netipsec/key_debug.h>
41 #include <netinet/in.h>
42 #include <netipsec/ipsec.h>
43 
44 #include <stdlib.h>
45 #include <limits.h>
46 #include <string.h>
47 #include <unistd.h>
48 #include <errno.h>
49 #include <netdb.h>
50 
51 #include "vchar.h"
52 #include "y.tab.h"
53 
54 int lineno = 1;
55 
56 extern u_char m_buf[BUFSIZ];
57 extern u_int m_len;
58 extern int f_debug;
59 
60 int yylex(void);
61 void yyfatal(const char *s);
62 void yyerror(const char *s);
63 extern void parse_init(void);
64 int parse(FILE **);
65 int yyparse(void);
66 %}
67 
68 /* common section */
69 nl		\n
70 ws		[ \t]+
71 digit		[0-9]
72 letter		[0-9A-Za-z]
73 hexdigit	[0-9A-Fa-f]
74 dot		\.
75 hyphen		\-
76 slash		\/
77 blcl		\[
78 elcl		\]
79 semi		\;
80 comment		\#.*
81 quotedstring	\"[^"]*\"
82 decstring	{digit}+
83 hexstring	0[xX]{hexdigit}+
84 ipaddress	[a-fA-F0-9:]([a-fA-F0-9:\.]*|[a-fA-F0-9:\.]*%[a-zA-Z0-9]*)
85 ipaddrmask	{slash}{digit}{1,3}
86 name		{letter}(({letter}|{digit}|{hyphen})*({letter}|{digit}))*
87 hostname	{name}(({dot}{name})+{dot}?)?
88 
89 %s S_PL S_AUTHALG S_ENCALG
90 
91 %%
92 
93 add		{ return(ADD); }
94 delete		{ return(DELETE); }
95 deleteall	{ return(DELETEALL); }
96 get		{ return(GET); }
97 flush		{ return(FLUSH); }
98 dump		{ return(DUMP); }
99 
100 	/* for management SPD */
101 spdadd		{ return(SPDADD); }
102 spddelete	{ return(SPDDELETE); }
103 spddump		{ return(SPDDUMP); }
104 spdflush	{ return(SPDFLUSH); }
105 tagged		{ return(TAGGED); }
106 {hyphen}P	{ BEGIN S_PL; return(F_POLICY); }
107 <S_PL>[a-zA-Z0-9:\.\-_/ \n\t][a-zA-Z0-9:\.%\-_/ \n\t]* {
108 			yymore();
109 
110 			/* count up for nl */
111 			    {
112 				char *p;
113 				for (p = yytext; *p != '\0'; p++)
114 					if (*p == '\n')
115 						lineno++;
116 			    }
117 
118 			yylval.val.len = strlen(yytext);
119 			yylval.val.buf = strdup(yytext);
120 			if (!yylval.val.buf)
121 				yyfatal("insufficient memory");
122 
123 			return(PL_REQUESTS);
124 		}
125 <S_PL>{semi}	{ BEGIN INITIAL; return(EOT); }
126 
127 	/* address resolution flags */
128 {hyphen}[n46][n46]*	{
129 			yylval.val.len = strlen(yytext);
130 			yylval.val.buf = strdup(yytext);
131 			if (!yylval.val.buf)
132 				yyfatal("insufficient memory");
133 			return(F_AIFLAGS);
134 		}
135 
136 	/* security protocols */
137 ah		{ yylval.num = 0; return(PR_AH); }
138 esp		{ yylval.num = 0; return(PR_ESP); }
139 ah-old		{ yylval.num = 1; return(PR_AH); }
140 esp-old		{ yylval.num = 1; return(PR_ESP); }
141 ipcomp		{ yylval.num = 0; return(PR_IPCOMP); }
142 tcp		{ yylval.num = 0; return(PR_TCP); }
143 
144 	/* authentication alogorithm */
145 {hyphen}A	{ BEGIN S_AUTHALG; return(F_AUTH); }
146 <S_AUTHALG>hmac-md5	{ yylval.num = SADB_AALG_MD5HMAC; BEGIN INITIAL; return(ALG_AUTH); }
147 <S_AUTHALG>hmac-sha1	{ yylval.num = SADB_AALG_SHA1HMAC; BEGIN INITIAL; return(ALG_AUTH); }
148 <S_AUTHALG>keyed-md5	{ yylval.num = SADB_X_AALG_MD5; BEGIN INITIAL; return(ALG_AUTH); }
149 <S_AUTHALG>keyed-sha1	{ yylval.num = SADB_X_AALG_SHA; BEGIN INITIAL; return(ALG_AUTH); }
150 <S_AUTHALG>hmac-sha2-256 { yylval.num = SADB_X_AALG_SHA2_256; BEGIN INITIAL; return(ALG_AUTH); }
151 <S_AUTHALG>hmac-sha2-384 { yylval.num = SADB_X_AALG_SHA2_384; BEGIN INITIAL; return(ALG_AUTH); }
152 <S_AUTHALG>hmac-sha2-512 { yylval.num = SADB_X_AALG_SHA2_512; BEGIN INITIAL; return(ALG_AUTH); }
153 <S_AUTHALG>hmac-ripemd160 { yylval.num = SADB_X_AALG_RIPEMD160HMAC; BEGIN INITIAL; return(ALG_AUTH); }
154 <S_AUTHALG>aes-xcbc-mac { yylval.num = SADB_X_AALG_AES_XCBC_MAC; BEGIN INITIAL; return(ALG_AUTH); }
155 <S_AUTHALG>tcp-md5	{ yylval.num = SADB_X_AALG_TCP_MD5; BEGIN INITIAL; return(ALG_AUTH); }
156 <S_AUTHALG>null { yylval.num = SADB_X_AALG_NULL; BEGIN INITIAL; return(ALG_AUTH_NOKEY); }
157 
158 	/* encryption alogorithm */
159 {hyphen}E	{ BEGIN S_ENCALG; return(F_ENC); }
160 <S_ENCALG>des-cbc	{ yylval.num = SADB_EALG_DESCBC; BEGIN INITIAL; return(ALG_ENC); }
161 <S_ENCALG>3des-cbc	{ yylval.num = SADB_EALG_3DESCBC; BEGIN INITIAL; return(ALG_ENC); }
162 <S_ENCALG>null		{ yylval.num = SADB_EALG_NULL; BEGIN INITIAL; return(ALG_ENC); }
163 <S_ENCALG>simple	{ yylval.num = SADB_EALG_NULL; BEGIN INITIAL; return(ALG_ENC_OLD); }
164 <S_ENCALG>blowfish-cbc	{ yylval.num = SADB_X_EALG_BLOWFISHCBC; BEGIN INITIAL; return(ALG_ENC); }
165 <S_ENCALG>cast128-cbc	{ yylval.num = SADB_X_EALG_CAST128CBC; BEGIN INITIAL; return(ALG_ENC); }
166 <S_ENCALG>des-deriv	{ yylval.num = SADB_EALG_DESCBC; BEGIN INITIAL; return(ALG_ENC_DESDERIV); }
167 <S_ENCALG>des-32iv	{ yylval.num = SADB_EALG_DESCBC; BEGIN INITIAL; return(ALG_ENC_DES32IV); }
168 <S_ENCALG>rijndael-cbc	{ yylval.num = SADB_X_EALG_RIJNDAELCBC; BEGIN INITIAL; return(ALG_ENC); }
169 <S_ENCALG>aes-ctr	{ yylval.num = SADB_X_EALG_AESCTR; BEGIN INITIAL; return(ALG_ENC); }
170 <S_ENCALG>camellia-cbc	{ yylval.num = SADB_X_EALG_CAMELLIACBC; BEGIN INITIAL; return(ALG_ENC); }
171 <S_ENCALG>aes-gcm-16	{ yylval.num = SADB_X_EALG_AESGCM16; BEGIN INITIAL; return(ALG_ENC); }
172 
173 	/* compression algorithms */
174 {hyphen}C	{ return(F_COMP); }
175 oui		{ yylval.num = SADB_X_CALG_OUI; return(ALG_COMP); }
176 deflate		{ yylval.num = SADB_X_CALG_DEFLATE; return(ALG_COMP); }
177 lzs		{ yylval.num = SADB_X_CALG_LZS; return(ALG_COMP); }
178 {hyphen}R	{ return(F_RAWCPI); }
179 
180 	/* extension */
181 {hyphen}m	{ return(F_MODE); }
182 transport	{ yylval.num = IPSEC_MODE_TRANSPORT; return(MODE); }
183 tunnel		{ yylval.num = IPSEC_MODE_TUNNEL; return(MODE); }
184 {hyphen}u	{ return(F_REQID); }
185 {hyphen}f	{ return(F_EXT); }
186 random-pad	{ yylval.num = SADB_X_EXT_PRAND; return(EXTENSION); }
187 seq-pad		{ yylval.num = SADB_X_EXT_PSEQ; return(EXTENSION); }
188 zero-pad	{ yylval.num = SADB_X_EXT_PZERO; return(EXTENSION); }
189 nocyclic-seq	{ return(NOCYCLICSEQ); }
190 {hyphen}r	{ return(F_REPLAY); }
191 {hyphen}lh	{ return(F_LIFETIME_HARD); }
192 {hyphen}ls	{ return(F_LIFETIME_SOFT); }
193 
194 	/* ... */
195 any		{ return(ANY); }
196 {ws}		{ }
197 {nl}		{ lineno++; }
198 {comment}
199 {semi}		{ return(EOT); }
200 
201 	/* for address parameters: /prefix, [port] */
202 {slash}		{ return SLASH; }
203 {blcl}		{ return BLCL; }
204 {elcl}		{ return ELCL; }
205 
206 	/* parameter */
207 {decstring}	{
208 			char *bp;
209 
210 			yylval.ulnum = strtoul(yytext, &bp, 10);
211 			return(DECSTRING);
212 		}
213 
214 {hexstring}	{
215 			yylval.val.buf = strdup(yytext + 2);
216 			if (!yylval.val.buf)
217 				yyfatal("insufficient memory");
218 			yylval.val.len = strlen(yylval.val.buf);
219 
220 			return(HEXSTRING);
221 		}
222 
223 {quotedstring}	{
224 			char *p = yytext;
225 			while (*++p != '"') ;
226 			*p = '\0';
227 			yytext++;
228 			yylval.val.len = yyleng - 2;
229 			yylval.val.buf = strdup(yytext);
230 			if (!yylval.val.buf)
231 				yyfatal("insufficient memory");
232 
233 			return(QUOTEDSTRING);
234 		}
235 
236 [A-Za-z0-9:][A-Za-z0-9:%\.-]* {
237 			yylval.val.len = yyleng;
238 			yylval.val.buf = strdup(yytext);
239 			if (!yylval.val.buf)
240 				yyfatal("insufficient memory");
241 			return(STRING);
242 		}
243 
244 [0-9,]+ {
245 			yylval.val.len = yyleng;
246 			yylval.val.buf = strdup(yytext);
247 			if (!yylval.val.buf)
248 				yyfatal("insufficient memory");
249 			return(STRING);
250 		}
251 
252 .		{
253 			yyfatal("Syntax error");
254 			/*NOTREACHED*/
255 		}
256 
257 %%
258 
259 void
260 yyfatal(s)
261 	const char *s;
262 {
263 	yyerror(s);
264 	exit(1);
265 }
266 
267 void
268 yyerror(s)
269 	const char *s;
270 {
271 	printf("line %d: %s at [%s]\n", lineno, s, yytext);
272 }
273 
274 int
275 parse(fp)
276 	FILE **fp;
277 {
278 	yyin = *fp;
279 
280 	parse_init();
281 
282 	if (yyparse()) {
283 		printf("parse failed, line %d.\n", lineno);
284 		return(-1);
285 	}
286 
287 	return(0);
288 }
289