1 /* $FreeBSD$ */ 2 /* $KAME: token.l,v 1.43 2003/07/25 09:35:28 itojun Exp $ */ 3 4 /* 5 * Copyright (C) 1995, 1996, 1997, 1998, and 1999 WIDE Project. 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. Neither the name of the project nor the names of its contributors 17 * may be used to endorse or promote products derived from this software 18 * without specific prior written permission. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30 * SUCH DAMAGE. 31 */ 32 33 %{ 34 #include <sys/types.h> 35 #include <sys/param.h> 36 #include <sys/socket.h> 37 #include <net/route.h> 38 #include <net/pfkeyv2.h> 39 #include <netipsec/keydb.h> 40 #include <netipsec/key_debug.h> 41 #include <netinet/in.h> 42 #include <netipsec/ipsec.h> 43 44 #include <stdlib.h> 45 #include <limits.h> 46 #include <string.h> 47 #include <unistd.h> 48 #include <errno.h> 49 #include <netdb.h> 50 51 #include "vchar.h" 52 #include "y.tab.h" 53 54 int lineno = 1; 55 56 extern u_char m_buf[BUFSIZ]; 57 extern u_int m_len; 58 extern int f_debug; 59 60 int yylex(void); 61 void yyfatal(const char *s); 62 void yyerror(const char *s); 63 extern void parse_init(void); 64 int parse(FILE **); 65 int yyparse(void); 66 %} 67 68 /* common section */ 69 nl \n 70 ws [ \t]+ 71 digit [0-9] 72 letter [0-9A-Za-z] 73 hexdigit [0-9A-Fa-f] 74 dot \. 75 hyphen \- 76 slash \/ 77 blcl \[ 78 elcl \] 79 semi \; 80 comment \#.* 81 quotedstring \"[^"]*\" 82 decstring {digit}+ 83 hexstring 0[xX]{hexdigit}+ 84 ipaddress [a-fA-F0-9:]([a-fA-F0-9:\.]*|[a-fA-F0-9:\.]*%[a-zA-Z0-9]*) 85 ipaddrmask {slash}{digit}{1,3} 86 name {letter}(({letter}|{digit}|{hyphen})*({letter}|{digit}))* 87 hostname {name}(({dot}{name})+{dot}?)? 88 89 %s S_PL S_AUTHALG S_ENCALG 90 91 %% 92 93 add { return(ADD); } 94 delete { return(DELETE); } 95 deleteall { return(DELETEALL); } 96 get { return(GET); } 97 flush { return(FLUSH); } 98 dump { return(DUMP); } 99 100 /* for management SPD */ 101 spdadd { return(SPDADD); } 102 spddelete { return(SPDDELETE); } 103 spddump { return(SPDDUMP); } 104 spdflush { return(SPDFLUSH); } 105 tagged { return(TAGGED); } 106 {hyphen}P { BEGIN S_PL; return(F_POLICY); } 107 <S_PL>[a-zA-Z0-9:\.\-_/ \n\t][a-zA-Z0-9:\.%\-_/ \n\t]* { 108 yymore(); 109 110 /* count up for nl */ 111 { 112 char *p; 113 for (p = yytext; *p != '\0'; p++) 114 if (*p == '\n') 115 lineno++; 116 } 117 118 yylval.val.len = strlen(yytext); 119 yylval.val.buf = strdup(yytext); 120 if (!yylval.val.buf) 121 yyfatal("insufficient memory"); 122 123 return(PL_REQUESTS); 124 } 125 <S_PL>{semi} { BEGIN INITIAL; return(EOT); } 126 127 /* address resolution flags */ 128 {hyphen}[n46][n46]* { 129 yylval.val.len = strlen(yytext); 130 yylval.val.buf = strdup(yytext); 131 if (!yylval.val.buf) 132 yyfatal("insufficient memory"); 133 return(F_AIFLAGS); 134 } 135 136 /* security protocols */ 137 ah { yylval.num = 0; return(PR_AH); } 138 esp { yylval.num = 0; return(PR_ESP); } 139 ah-old { yylval.num = 1; return(PR_AH); } 140 esp-old { yylval.num = 1; return(PR_ESP); } 141 ipcomp { yylval.num = 0; return(PR_IPCOMP); } 142 tcp { yylval.num = 0; return(PR_TCP); } 143 144 /* authentication alogorithm */ 145 {hyphen}A { BEGIN S_AUTHALG; return(F_AUTH); } 146 <S_AUTHALG>hmac-md5 { yylval.num = SADB_AALG_MD5HMAC; BEGIN INITIAL; return(ALG_AUTH); } 147 <S_AUTHALG>hmac-sha1 { yylval.num = SADB_AALG_SHA1HMAC; BEGIN INITIAL; return(ALG_AUTH); } 148 <S_AUTHALG>keyed-md5 { yylval.num = SADB_X_AALG_MD5; BEGIN INITIAL; return(ALG_AUTH); } 149 <S_AUTHALG>keyed-sha1 { yylval.num = SADB_X_AALG_SHA; BEGIN INITIAL; return(ALG_AUTH); } 150 <S_AUTHALG>hmac-sha2-256 { yylval.num = SADB_X_AALG_SHA2_256; BEGIN INITIAL; return(ALG_AUTH); } 151 <S_AUTHALG>hmac-sha2-384 { yylval.num = SADB_X_AALG_SHA2_384; BEGIN INITIAL; return(ALG_AUTH); } 152 <S_AUTHALG>hmac-sha2-512 { yylval.num = SADB_X_AALG_SHA2_512; BEGIN INITIAL; return(ALG_AUTH); } 153 <S_AUTHALG>hmac-ripemd160 { yylval.num = SADB_X_AALG_RIPEMD160HMAC; BEGIN INITIAL; return(ALG_AUTH); } 154 <S_AUTHALG>aes-xcbc-mac { yylval.num = SADB_X_AALG_AES_XCBC_MAC; BEGIN INITIAL; return(ALG_AUTH); } 155 <S_AUTHALG>tcp-md5 { yylval.num = SADB_X_AALG_TCP_MD5; BEGIN INITIAL; return(ALG_AUTH); } 156 <S_AUTHALG>null { yylval.num = SADB_X_AALG_NULL; BEGIN INITIAL; return(ALG_AUTH_NOKEY); } 157 158 /* encryption alogorithm */ 159 {hyphen}E { BEGIN S_ENCALG; return(F_ENC); } 160 <S_ENCALG>des-cbc { yylval.num = SADB_EALG_DESCBC; BEGIN INITIAL; return(ALG_ENC); } 161 <S_ENCALG>3des-cbc { yylval.num = SADB_EALG_3DESCBC; BEGIN INITIAL; return(ALG_ENC); } 162 <S_ENCALG>null { yylval.num = SADB_EALG_NULL; BEGIN INITIAL; return(ALG_ENC); } 163 <S_ENCALG>simple { yylval.num = SADB_EALG_NULL; BEGIN INITIAL; return(ALG_ENC_OLD); } 164 <S_ENCALG>blowfish-cbc { yylval.num = SADB_X_EALG_BLOWFISHCBC; BEGIN INITIAL; return(ALG_ENC); } 165 <S_ENCALG>cast128-cbc { yylval.num = SADB_X_EALG_CAST128CBC; BEGIN INITIAL; return(ALG_ENC); } 166 <S_ENCALG>des-deriv { yylval.num = SADB_EALG_DESCBC; BEGIN INITIAL; return(ALG_ENC_DESDERIV); } 167 <S_ENCALG>des-32iv { yylval.num = SADB_EALG_DESCBC; BEGIN INITIAL; return(ALG_ENC_DES32IV); } 168 <S_ENCALG>rijndael-cbc { yylval.num = SADB_X_EALG_RIJNDAELCBC; BEGIN INITIAL; return(ALG_ENC); } 169 <S_ENCALG>aes-ctr { yylval.num = SADB_X_EALG_AESCTR; BEGIN INITIAL; return(ALG_ENC); } 170 <S_ENCALG>camellia-cbc { yylval.num = SADB_X_EALG_CAMELLIACBC; BEGIN INITIAL; return(ALG_ENC); } 171 <S_ENCALG>aes-gcm-16 { yylval.num = SADB_X_EALG_AESGCM16; BEGIN INITIAL; return(ALG_ENC); } 172 173 /* compression algorithms */ 174 {hyphen}C { return(F_COMP); } 175 oui { yylval.num = SADB_X_CALG_OUI; return(ALG_COMP); } 176 deflate { yylval.num = SADB_X_CALG_DEFLATE; return(ALG_COMP); } 177 lzs { yylval.num = SADB_X_CALG_LZS; return(ALG_COMP); } 178 {hyphen}R { return(F_RAWCPI); } 179 180 /* extension */ 181 {hyphen}m { return(F_MODE); } 182 transport { yylval.num = IPSEC_MODE_TRANSPORT; return(MODE); } 183 tunnel { yylval.num = IPSEC_MODE_TUNNEL; return(MODE); } 184 {hyphen}u { return(F_REQID); } 185 {hyphen}f { return(F_EXT); } 186 random-pad { yylval.num = SADB_X_EXT_PRAND; return(EXTENSION); } 187 seq-pad { yylval.num = SADB_X_EXT_PSEQ; return(EXTENSION); } 188 zero-pad { yylval.num = SADB_X_EXT_PZERO; return(EXTENSION); } 189 nocyclic-seq { return(NOCYCLICSEQ); } 190 {hyphen}r { return(F_REPLAY); } 191 {hyphen}lh { return(F_LIFETIME_HARD); } 192 {hyphen}ls { return(F_LIFETIME_SOFT); } 193 194 /* ... */ 195 any { return(ANY); } 196 {ws} { } 197 {nl} { lineno++; } 198 {comment} 199 {semi} { return(EOT); } 200 201 /* for address parameters: /prefix, [port] */ 202 {slash} { return SLASH; } 203 {blcl} { return BLCL; } 204 {elcl} { return ELCL; } 205 206 /* parameter */ 207 {decstring} { 208 char *bp; 209 210 yylval.ulnum = strtoul(yytext, &bp, 10); 211 return(DECSTRING); 212 } 213 214 {hexstring} { 215 yylval.val.buf = strdup(yytext + 2); 216 if (!yylval.val.buf) 217 yyfatal("insufficient memory"); 218 yylval.val.len = strlen(yylval.val.buf); 219 220 return(HEXSTRING); 221 } 222 223 {quotedstring} { 224 char *p = yytext; 225 while (*++p != '"') ; 226 *p = '\0'; 227 yytext++; 228 yylval.val.len = yyleng - 2; 229 yylval.val.buf = strdup(yytext); 230 if (!yylval.val.buf) 231 yyfatal("insufficient memory"); 232 233 return(QUOTEDSTRING); 234 } 235 236 [A-Za-z0-9:][A-Za-z0-9:%\.-]* { 237 yylval.val.len = yyleng; 238 yylval.val.buf = strdup(yytext); 239 if (!yylval.val.buf) 240 yyfatal("insufficient memory"); 241 return(STRING); 242 } 243 244 [0-9,]+ { 245 yylval.val.len = yyleng; 246 yylval.val.buf = strdup(yytext); 247 if (!yylval.val.buf) 248 yyfatal("insufficient memory"); 249 return(STRING); 250 } 251 252 . { 253 yyfatal("Syntax error"); 254 /*NOTREACHED*/ 255 } 256 257 %% 258 259 void 260 yyfatal(s) 261 const char *s; 262 { 263 yyerror(s); 264 exit(1); 265 } 266 267 void 268 yyerror(s) 269 const char *s; 270 { 271 printf("line %d: %s at [%s]\n", lineno, s, yytext); 272 } 273 274 int 275 parse(fp) 276 FILE **fp; 277 { 278 yyin = *fp; 279 280 parse_init(); 281 282 if (yyparse()) { 283 printf("parse failed, line %d.\n", lineno); 284 return(-1); 285 } 286 287 return(0); 288 } 289