Annotation of embedaddon/ipsec-tools/src/racoon/cftoken.l, revision 1.1
1.1 ! misho 1: /* $NetBSD: cftoken.l,v 1.23 2011/02/02 15:21:34 vanhu Exp $ */
! 2:
! 3: /* Id: cftoken.l,v 1.53 2006/08/22 18:17:17 manubsd Exp */
! 4:
! 5: %{
! 6: /*
! 7: * Copyright (C) 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002 and 2003 WIDE Project.
! 8: * All rights reserved.
! 9: *
! 10: * Redistribution and use in source and binary forms, with or without
! 11: * modification, are permitted provided that the following conditions
! 12: * are met:
! 13: * 1. Redistributions of source code must retain the above copyright
! 14: * notice, this list of conditions and the following disclaimer.
! 15: * 2. Redistributions in binary form must reproduce the above copyright
! 16: * notice, this list of conditions and the following disclaimer in the
! 17: * documentation and/or other materials provided with the distribution.
! 18: * 3. Neither the name of the project nor the names of its contributors
! 19: * may be used to endorse or promote products derived from this software
! 20: * without specific prior written permission.
! 21: *
! 22: * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
! 23: * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
! 24: * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
! 25: * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
! 26: * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
! 27: * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
! 28: * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
! 29: * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
! 30: * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
! 31: * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
! 32: * SUCH DAMAGE.
! 33: */
! 34:
! 35: #include "config.h"
! 36:
! 37: #include <sys/types.h>
! 38: #include <sys/param.h>
! 39: #include <sys/socket.h>
! 40:
! 41: #include <netinet/in.h>
! 42: #include PATH_IPSEC_H
! 43:
! 44: #include <stdlib.h>
! 45: #include <stdio.h>
! 46: #include <string.h>
! 47: #include <errno.h>
! 48: #include <limits.h>
! 49: #include <ctype.h>
! 50: #include <glob.h>
! 51: #ifdef HAVE_STDARG_H
! 52: #include <stdarg.h>
! 53: #else
! 54: #include <varargs.h>
! 55: #endif
! 56:
! 57: #include "var.h"
! 58: #include "misc.h"
! 59: #include "vmbuf.h"
! 60: #include "plog.h"
! 61: #include "debug.h"
! 62:
! 63: #include "algorithm.h"
! 64: #include "cfparse_proto.h"
! 65: #include "cftoken_proto.h"
! 66: #include "localconf.h"
! 67: #include "oakley.h"
! 68: #include "isakmp_var.h"
! 69: #include "isakmp.h"
! 70: #include "ipsec_doi.h"
! 71: #include "policy.h"
! 72: #include "proposal.h"
! 73: #include "remoteconf.h"
! 74: #ifdef GC
! 75: #include "gcmalloc.h"
! 76: #endif
! 77:
! 78: #include "cfparse.h"
! 79:
! 80: int yyerrorcount = 0;
! 81:
! 82: #if defined(YIPS_DEBUG)
! 83: # define YYDB plog(LLV_DEBUG2, LOCATION, NULL, \
! 84: "begin <%d>%s\n", yy_start, yytext);
! 85: # define YYD { \
! 86: plog(LLV_DEBUG2, LOCATION, NULL, "<%d>%s", \
! 87: yy_start, loglevel >= LLV_DEBUG2 ? "\n" : ""); \
! 88: }
! 89: #else
! 90: # define YYDB
! 91: # define YYD
! 92: #endif /* defined(YIPS_DEBUG) */
! 93:
! 94: #define MAX_INCLUDE_DEPTH 10
! 95:
! 96: static struct include_stack {
! 97: char *path;
! 98: FILE *fp;
! 99: YY_BUFFER_STATE prevstate;
! 100: int lineno;
! 101: glob_t matches;
! 102: int matchon;
! 103: } incstack[MAX_INCLUDE_DEPTH];
! 104: static int incstackp = 0;
! 105:
! 106: static int yy_first_time = 1;
! 107: %}
! 108:
! 109: /* common seciton */
! 110: nl \n
! 111: ws [ \t]+
! 112: digit [0-9]
! 113: letter [A-Za-z]
! 114: hexdigit [0-9A-Fa-f]
! 115: /*octet (([01]?{digit}?{digit})|((2([0-4]{digit}))|(25[0-5]))) */
! 116: special [()+\|\?\*]
! 117: comma \,
! 118: dot \.
! 119: slash \/
! 120: bcl \{
! 121: ecl \}
! 122: blcl \[
! 123: elcl \]
! 124: hyphen \-
! 125: percent \%
! 126: semi \;
! 127: comment \#.*
! 128: ccomment "/*"
! 129: bracketstring \<[^>]*\>
! 130: quotedstring \"[^"]*\"
! 131: addrstring [a-fA-F0-9:]([a-fA-F0-9:\.]*|[a-fA-F0-9:\.]*%[a-zA-Z0-9]*)
! 132: decstring {digit}+
! 133: hexstring 0x{hexdigit}+
! 134:
! 135: %s S_INI S_PRIV S_PTH S_LOG S_PAD S_LST S_RTRY S_CFG S_LDAP S_RAD
! 136: %s S_ALGST S_ALGCL
! 137: %s S_SAINF S_SAINFS
! 138: %s S_RMT S_RMTS S_RMTP
! 139: %s S_SA
! 140: %s S_GSSENC
! 141:
! 142: %%
! 143: %{
! 144: if (yy_first_time) {
! 145: BEGIN S_INI;
! 146: yy_first_time = 0;
! 147: }
! 148: %}
! 149:
! 150: /* privsep */
! 151: <S_INI>privsep { BEGIN S_PRIV; YYDB; return(PRIVSEP); }
! 152: <S_PRIV>{bcl} { return(BOC); }
! 153: <S_PRIV>user { YYD; return(USER); }
! 154: <S_PRIV>group { YYD; return(GROUP); }
! 155: <S_PRIV>chroot { YYD; return(CHROOT); }
! 156: <S_PRIV>{ecl} { BEGIN S_INI; return(EOC); }
! 157:
! 158: /* path */
! 159: <S_INI>path { BEGIN S_PTH; YYDB; return(PATH); }
! 160: <S_PTH>include { YYD; yylval.num = LC_PATHTYPE_INCLUDE;
! 161: return(PATHTYPE); }
! 162: <S_PTH>pre_shared_key { YYD; yylval.num = LC_PATHTYPE_PSK;
! 163: return(PATHTYPE); }
! 164: <S_PTH>certificate { YYD; yylval.num = LC_PATHTYPE_CERT;
! 165: return(PATHTYPE); }
! 166: <S_PTH>script { YYD; yylval.num = LC_PATHTYPE_SCRIPT;
! 167: return(PATHTYPE); }
! 168: <S_PTH>backupsa { YYD; yylval.num = LC_PATHTYPE_BACKUPSA;
! 169: return(PATHTYPE); }
! 170: <S_PTH>pidfile { YYD; yylval.num = LC_PATHTYPE_PIDFILE;
! 171: return(PATHTYPE); }
! 172: <S_PTH>{semi} { BEGIN S_INI; YYDB; return(EOS); }
! 173:
! 174: /* include */
! 175: <S_INI>include { YYDB; return(INCLUDE); }
! 176:
! 177: /* pfkey_buffer */
! 178: <S_INI>pfkey_buffer { YYDB; return(PFKEY_BUFFER); }
! 179:
! 180: /* special */
! 181: <S_INI>complex_bundle { YYDB; return(COMPLEX_BUNDLE); }
! 182:
! 183: /* logging */
! 184: <S_INI>log { BEGIN S_LOG; YYDB; return(LOGGING); }
! 185: <S_LOG>error { YYD; yylval.num = LLV_ERROR; return(LOGLEV); }
! 186: <S_LOG>warning { YYD; yylval.num = LLV_WARNING; return(LOGLEV); }
! 187: <S_LOG>notify { YYD; yylval.num = LLV_NOTIFY; return(LOGLEV); }
! 188: <S_LOG>info { YYD; yylval.num = LLV_INFO; return(LOGLEV); }
! 189: <S_LOG>debug { YYD; yylval.num = LLV_DEBUG; return(LOGLEV); }
! 190: <S_LOG>debug2 { YYD; yylval.num = LLV_DEBUG2; return(LOGLEV); }
! 191: <S_LOG>{semi} { BEGIN S_INI; return(EOS); }
! 192:
! 193: /* padding */
! 194: <S_INI>padding { BEGIN S_PAD; YYDB; return(PADDING); }
! 195: <S_PAD>{bcl} { return(BOC); }
! 196: <S_PAD>randomize { YYD; return(PAD_RANDOMIZE); }
! 197: <S_PAD>randomize_length { YYD; return(PAD_RANDOMIZELEN); }
! 198: <S_PAD>maximum_length { YYD; return(PAD_MAXLEN); }
! 199: <S_PAD>strict_check { YYD; return(PAD_STRICT); }
! 200: <S_PAD>exclusive_tail { YYD; return(PAD_EXCLTAIL); }
! 201: <S_PAD>{ecl} { BEGIN S_INI; return(EOC); }
! 202:
! 203: /* listen */
! 204: <S_INI>listen { BEGIN S_LST; YYDB; return(LISTEN); }
! 205: <S_LST>{bcl} { return(BOC); }
! 206: <S_LST>isakmp { YYD; return(X_ISAKMP); }
! 207: <S_LST>isakmp_natt { YYD; return(X_ISAKMP_NATT); }
! 208: <S_LST>admin { YYD; return(X_ADMIN); }
! 209: <S_LST>adminsock { YYD; return(ADMINSOCK); }
! 210: <S_LST>disabled { YYD; return(DISABLED); }
! 211: <S_LST>strict_address { YYD; return(STRICT_ADDRESS); }
! 212: <S_LST>{ecl} { BEGIN S_INI; return(EOC); }
! 213:
! 214: /* radius config */
! 215: <S_INI>radiuscfg { BEGIN S_RAD; YYDB; return(RADCFG); }
! 216: <S_RAD>{bcl} { return(BOC); }
! 217: <S_RAD>auth { YYD; return(RAD_AUTH); }
! 218: <S_RAD>acct { YYD; return(RAD_ACCT); }
! 219: <S_RAD>timeout { YYD; return(RAD_TIMEOUT); }
! 220: <S_RAD>retries { YYD; return(RAD_RETRIES); }
! 221: <S_RAD>{ecl} { BEGIN S_INI; return(EOC); }
! 222:
! 223: /* ldap config */
! 224: <S_INI>ldapcfg { BEGIN S_LDAP; YYDB; return(LDAPCFG); }
! 225: <S_LDAP>{bcl} { return(BOC); }
! 226: <S_LDAP>version { YYD; return(LDAP_PVER); }
! 227: <S_LDAP>host { YYD; return(LDAP_HOST); }
! 228: <S_LDAP>port { YYD; return(LDAP_PORT); }
! 229: <S_LDAP>base { YYD; return(LDAP_BASE); }
! 230: <S_LDAP>subtree { YYD; return(LDAP_SUBTREE); }
! 231: <S_LDAP>bind_dn { YYD; return(LDAP_BIND_DN); }
! 232: <S_LDAP>bind_pw { YYD; return(LDAP_BIND_PW); }
! 233: <S_LDAP>attr_user { YYD; return(LDAP_ATTR_USER); }
! 234: <S_LDAP>attr_addr { YYD; return(LDAP_ATTR_ADDR); }
! 235: <S_LDAP>attr_mask { YYD; return(LDAP_ATTR_MASK); }
! 236: <S_LDAP>attr_group { YYD; return(LDAP_ATTR_GROUP); }
! 237: <S_LDAP>attr_member { YYD; return(LDAP_ATTR_MEMBER); }
! 238: <S_LDAP>{ecl} { BEGIN S_INI; return(EOC); }
! 239:
! 240: /* mode_cfg */
! 241: <S_INI>mode_cfg { BEGIN S_CFG; YYDB; return(MODECFG); }
! 242: <S_CFG>{bcl} { return(BOC); }
! 243: <S_CFG>network4 { YYD; return(CFG_NET4); }
! 244: <S_CFG>netmask4 { YYD; return(CFG_MASK4); }
! 245: <S_CFG>dns4 { YYD; return(CFG_DNS4); }
! 246: <S_CFG>nbns4 { YYD; return(CFG_NBNS4); }
! 247: <S_CFG>wins4 { YYD; return(CFG_NBNS4); }
! 248: <S_CFG>default_domain { YYD; return(CFG_DEFAULT_DOMAIN); }
! 249: <S_CFG>auth_source { YYD; return(CFG_AUTH_SOURCE); }
! 250: <S_CFG>auth_groups { YYD; return(CFG_AUTH_GROUPS); }
! 251: <S_CFG>group_source { YYD; return(CFG_GROUP_SOURCE); }
! 252: <S_CFG>conf_source { YYD; return(CFG_CONF_SOURCE); }
! 253: <S_CFG>accounting { YYD; return(CFG_ACCOUNTING); }
! 254: <S_CFG>system { YYD; return(CFG_SYSTEM); }
! 255: <S_CFG>local { YYD; return(CFG_LOCAL); }
! 256: <S_CFG>none { YYD; return(CFG_NONE); }
! 257: <S_CFG>radius { YYD; return(CFG_RADIUS); }
! 258: <S_CFG>pam { YYD; return(CFG_PAM); }
! 259: <S_CFG>ldap { YYD; return(CFG_LDAP); }
! 260: <S_CFG>pool_size { YYD; return(CFG_POOL_SIZE); }
! 261: <S_CFG>banner { YYD; return(CFG_MOTD); }
! 262: <S_CFG>auth_throttle { YYD; return(CFG_AUTH_THROTTLE); }
! 263: <S_CFG>split_network { YYD; return(CFG_SPLIT_NETWORK); }
! 264: <S_CFG>local_lan { YYD; return(CFG_SPLIT_LOCAL); }
! 265: <S_CFG>include { YYD; return(CFG_SPLIT_INCLUDE); }
! 266: <S_CFG>split_dns { YYD; return(CFG_SPLIT_DNS); }
! 267: <S_CFG>pfs_group { YYD; return(CFG_PFS_GROUP); }
! 268: <S_CFG>save_passwd { YYD; return(CFG_SAVE_PASSWD); }
! 269: <S_CFG>{comma} { YYD; return(COMMA); }
! 270: <S_CFG>{ecl} { BEGIN S_INI; return(EOC); }
! 271:
! 272: /* timer */
! 273: <S_INI>timer { BEGIN S_RTRY; YYDB; return(RETRY); }
! 274: <S_RTRY>{bcl} { return(BOC); }
! 275: <S_RTRY>counter { YYD; return(RETRY_COUNTER); }
! 276: <S_RTRY>interval { YYD; return(RETRY_INTERVAL); }
! 277: <S_RTRY>persend { YYD; return(RETRY_PERSEND); }
! 278: <S_RTRY>phase1 { YYD; return(RETRY_PHASE1); }
! 279: <S_RTRY>phase2 { YYD; return(RETRY_PHASE2); }
! 280: <S_RTRY>natt_keepalive { YYD; return(NATT_KA); }
! 281: <S_RTRY>{ecl} { BEGIN S_INI; return(EOC); }
! 282:
! 283: /* sainfo */
! 284: <S_INI>sainfo { BEGIN S_SAINF; YYDB; return(SAINFO); }
! 285: <S_SAINF>anonymous { YYD; return(ANONYMOUS); }
! 286: <S_SAINF>clientaddr { YYD; return(CLIENTADDR); }
! 287: <S_SAINF>{blcl}any{elcl} { YYD; return(PORTANY); }
! 288: <S_SAINF>any { YYD; return(ANY); }
! 289: <S_SAINF>from { YYD; return(FROM); }
! 290: <S_SAINF>group { YYD; return(GROUP); }
! 291: /* sainfo spec */
! 292: <S_SAINF>{bcl} { BEGIN S_SAINFS; return(BOC); }
! 293: <S_SAINF>{semi} { BEGIN S_INI; return(EOS); }
! 294: <S_SAINFS>{ecl} { BEGIN S_INI; return(EOC); }
! 295: <S_SAINFS>pfs_group { YYD; return(PFS_GROUP); }
! 296: <S_SAINFS>remoteid { YYD; return(REMOTEID); }
! 297: <S_SAINFS>my_identifier { YYD; return(MY_IDENTIFIER); }
! 298: <S_SAINFS>lifetime { YYD; return(LIFETIME); }
! 299: <S_SAINFS>time { YYD; return(LIFETYPE_TIME); }
! 300: <S_SAINFS>byte { YYD; return(LIFETYPE_BYTE); }
! 301: <S_SAINFS>encryption_algorithm { YYD; yylval.num = algclass_ipsec_enc; return(ALGORITHM_CLASS); }
! 302: <S_SAINFS>authentication_algorithm { YYD; yylval.num = algclass_ipsec_auth; return(ALGORITHM_CLASS); }
! 303: <S_SAINFS>compression_algorithm { YYD; yylval.num = algclass_ipsec_comp; return(ALGORITHM_CLASS); }
! 304: <S_SAINFS>{comma} { YYD; return(COMMA); }
! 305:
! 306: /* remote */
! 307: <S_INI>remote { BEGIN S_RMT; YYDB; return(REMOTE); }
! 308: <S_RMT>anonymous { YYD; return(ANONYMOUS); }
! 309: <S_RMT>inherit { YYD; return(INHERIT); }
! 310: /* remote spec */
! 311: <S_RMT>{bcl} { BEGIN S_RMTS; return(BOC); }
! 312: <S_RMTS>{ecl} { BEGIN S_INI; return(EOC); }
! 313: <S_RMTS>remote_address { YYD; return(REMOTE_ADDRESS); }
! 314: <S_RMTS>exchange_mode { YYD; return(EXCHANGE_MODE); }
! 315: <S_RMTS>{comma} { YYD; /* XXX ignored, but to be handled. */ ; }
! 316: <S_RMTS>base { YYD; yylval.num = ISAKMP_ETYPE_BASE; return(EXCHANGETYPE); }
! 317: <S_RMTS>main { YYD; yylval.num = ISAKMP_ETYPE_IDENT; return(EXCHANGETYPE); }
! 318: <S_RMTS>aggressive { YYD; yylval.num = ISAKMP_ETYPE_AGG; return(EXCHANGETYPE); }
! 319: <S_RMTS>doi { YYD; return(DOI); }
! 320: <S_RMTS>ipsec_doi { YYD; yylval.num = IPSEC_DOI; return(DOITYPE); }
! 321: <S_RMTS>situation { YYD; return(SITUATION); }
! 322: <S_RMTS>identity_only { YYD; yylval.num = IPSECDOI_SIT_IDENTITY_ONLY; return(SITUATIONTYPE); }
! 323: <S_RMTS>secrecy { YYD; yylval.num = IPSECDOI_SIT_SECRECY; return(SITUATIONTYPE); }
! 324: <S_RMTS>integrity { YYD; yylval.num = IPSECDOI_SIT_INTEGRITY; return(SITUATIONTYPE); }
! 325: <S_RMTS>my_identifier { YYD; return(MY_IDENTIFIER); }
! 326: <S_RMTS>xauth_login { YYD; return(XAUTH_LOGIN); /* formerly identifier type login */ }
! 327: <S_RMTS>peers_identifier { YYD; return(PEERS_IDENTIFIER); }
! 328: <S_RMTS>verify_identifier { YYD; return(VERIFY_IDENTIFIER); }
! 329: <S_RMTS>certificate_type { YYD; return(CERTIFICATE_TYPE); }
! 330: <S_RMTS>ca_type { YYD; return(CA_TYPE); }
! 331: <S_RMTS>x509 { YYD; yylval.num = ISAKMP_CERT_X509SIGN; return(CERT_X509); }
! 332: <S_RMTS>plain_rsa { YYD; yylval.num = ISAKMP_CERT_PLAINRSA; return(CERT_PLAINRSA); }
! 333: <S_RMTS>peers_certfile { YYD; return(PEERS_CERTFILE); }
! 334: <S_RMTS>dnssec { YYD; return(DNSSEC); }
! 335: <S_RMTS>verify_cert { YYD; return(VERIFY_CERT); }
! 336: <S_RMTS>send_cert { YYD; return(SEND_CERT); }
! 337: <S_RMTS>send_cr { YYD; return(SEND_CR); }
! 338: <S_RMTS>match_empty_cr { YYD; return(MATCH_EMPTY_CR); }
! 339: <S_RMTS>dh_group { YYD; return(DH_GROUP); }
! 340: <S_RMTS>nonce_size { YYD; return(NONCE_SIZE); }
! 341: <S_RMTS>generate_policy { YYD; return(GENERATE_POLICY); }
! 342: <S_RMTS>unique { YYD; yylval.num = GENERATE_POLICY_UNIQUE; return(GENERATE_LEVEL); }
! 343: <S_RMTS>require { YYD; yylval.num = GENERATE_POLICY_REQUIRE; return(GENERATE_LEVEL); }
! 344: <S_RMTS>support_proxy { YYD; return(SUPPORT_PROXY); }
! 345: <S_RMTS>initial_contact { YYD; return(INITIAL_CONTACT); }
! 346: <S_RMTS>nat_traversal { YYD; return(NAT_TRAVERSAL); }
! 347: <S_RMTS>force { YYD; return(REMOTE_FORCE_LEVEL); }
! 348: <S_RMTS>proposal_check { YYD; return(PROPOSAL_CHECK); }
! 349: <S_RMTS>obey { YYD; yylval.num = PROP_CHECK_OBEY; return(PROPOSAL_CHECK_LEVEL); }
! 350: <S_RMTS>strict { YYD; yylval.num = PROP_CHECK_STRICT; return(PROPOSAL_CHECK_LEVEL); }
! 351: <S_RMTS>exact { YYD; yylval.num = PROP_CHECK_EXACT; return(PROPOSAL_CHECK_LEVEL); }
! 352: <S_RMTS>claim { YYD; yylval.num = PROP_CHECK_CLAIM; return(PROPOSAL_CHECK_LEVEL); }
! 353: <S_RMTS>keepalive { YYD; return(KEEPALIVE); }
! 354: <S_RMTS>passive { YYD; return(PASSIVE); }
! 355: <S_RMTS>lifetime { YYD; return(LIFETIME); }
! 356: <S_RMTS>time { YYD; return(LIFETYPE_TIME); }
! 357: <S_RMTS>byte { YYD; return(LIFETYPE_BYTE); }
! 358: <S_RMTS>dpd { YYD; return(DPD); }
! 359: <S_RMTS>dpd_delay { YYD; return(DPD_DELAY); }
! 360: <S_RMTS>dpd_retry { YYD; return(DPD_RETRY); }
! 361: <S_RMTS>dpd_maxfail { YYD; return(DPD_MAXFAIL); }
! 362: <S_RMTS>ph1id { YYD; return(PH1ID); }
! 363: <S_RMTS>ike_frag { YYD; return(IKE_FRAG); }
! 364: <S_RMTS>esp_frag { YYD; return(ESP_FRAG); }
! 365: <S_RMTS>script { YYD; return(SCRIPT); }
! 366: <S_RMTS>phase1_up { YYD; return(PHASE1_UP); }
! 367: <S_RMTS>phase1_down { YYD; return(PHASE1_DOWN); }
! 368: <S_RMTS>phase1_dead { YYD; return(PHASE1_DEAD); }
! 369: <S_RMTS>mode_cfg { YYD; return(MODE_CFG); }
! 370: <S_RMTS>weak_phase1_check { YYD; return(WEAK_PHASE1_CHECK); }
! 371: <S_RMTS>rekey { YYD; return(REKEY); }
! 372: /* remote proposal */
! 373: <S_RMTS>proposal { BEGIN S_RMTP; YYDB; return(PROPOSAL); }
! 374: <S_RMTP>{bcl} { return(BOC); }
! 375: <S_RMTP>{ecl} { BEGIN S_RMTS; return(EOC); }
! 376: <S_RMTP>lifetime { YYD; return(LIFETIME); }
! 377: <S_RMTP>time { YYD; return(LIFETYPE_TIME); }
! 378: <S_RMTP>byte { YYD; return(LIFETYPE_BYTE); }
! 379: <S_RMTP>encryption_algorithm { YYD; yylval.num = algclass_isakmp_enc; return(ALGORITHM_CLASS); }
! 380: <S_RMTP>authentication_method { YYD; yylval.num = algclass_isakmp_ameth; return(ALGORITHM_CLASS); }
! 381: <S_RMTP>hash_algorithm { YYD; yylval.num = algclass_isakmp_hash; return(ALGORITHM_CLASS); }
! 382: <S_RMTP>dh_group { YYD; return(DH_GROUP); }
! 383: <S_RMTP>gss_id { YYD; return(GSS_ID); }
! 384: <S_RMTP>gssapi_id { YYD; return(GSS_ID); } /* for back compatibility */
! 385:
! 386: /* GSS ID encoding type (global) */
! 387: <S_INI>gss_id_enc { BEGIN S_GSSENC; YYDB; return(GSS_ID_ENC); }
! 388: <S_GSSENC>latin1 { YYD; yylval.num = LC_GSSENC_LATIN1;
! 389: return(GSS_ID_ENCTYPE); }
! 390: <S_GSSENC>utf-16le { YYD; yylval.num = LC_GSSENC_UTF16LE;
! 391: return(GSS_ID_ENCTYPE); }
! 392: <S_GSSENC>{semi} { BEGIN S_INI; YYDB; return(EOS); }
! 393:
! 394: /* parameter */
! 395: on { YYD; yylval.num = TRUE; return(SWITCH); }
! 396: off { YYD; yylval.num = FALSE; return(SWITCH); }
! 397:
! 398: /* prefix */
! 399: {slash}{digit}{1,3} {
! 400: YYD;
! 401: yytext++;
! 402: yylval.num = atoi(yytext);
! 403: return(PREFIX);
! 404: }
! 405:
! 406: /* port number */
! 407: {blcl}{decstring}{elcl} {
! 408: char *p = yytext;
! 409: YYD;
! 410: while (*++p != ']') ;
! 411: *p = 0;
! 412: yytext++;
! 413: yylval.num = atoi(yytext);
! 414: return(PORT);
! 415: }
! 416:
! 417: /* address range */
! 418: {hyphen}{addrstring} {
! 419: YYD;
! 420: yytext++;
! 421: yylval.val = vmalloc(yyleng + 1);
! 422: if (yylval.val == NULL) {
! 423: yyerror("vmalloc failed");
! 424: return -1;
! 425: }
! 426: memcpy(yylval.val->v, yytext, yylval.val->l);
! 427: return(ADDRRANGE);
! 428: }
! 429:
! 430: /* upper protocol */
! 431: esp { YYD; yylval.num = IPPROTO_ESP; return(UL_PROTO); }
! 432: ah { YYD; yylval.num = IPPROTO_AH; return(UL_PROTO); }
! 433: ipcomp { YYD; yylval.num = IPPROTO_IPCOMP; return(UL_PROTO); }
! 434: icmp { YYD; yylval.num = IPPROTO_ICMP; return(UL_PROTO); }
! 435: icmp6 { YYD; yylval.num = IPPROTO_ICMPV6; return(UL_PROTO); }
! 436: tcp { YYD; yylval.num = IPPROTO_TCP; return(UL_PROTO); }
! 437: udp { YYD; yylval.num = IPPROTO_UDP; return(UL_PROTO); }
! 438: gre { YYD; yylval.num = IPPROTO_GRE; return(UL_PROTO); }
! 439:
! 440: /* algorithm type */
! 441: des_iv64 { YYD; yylval.num = algtype_des_iv64; return(ALGORITHMTYPE); }
! 442: des { YYD; yylval.num = algtype_des; return(ALGORITHMTYPE); }
! 443: 3des { YYD; yylval.num = algtype_3des; return(ALGORITHMTYPE); }
! 444: rc5 { YYD; yylval.num = algtype_rc5; return(ALGORITHMTYPE); }
! 445: idea { YYD; yylval.num = algtype_idea; return(ALGORITHMTYPE); }
! 446: cast128 { YYD; yylval.num = algtype_cast128; return(ALGORITHMTYPE); }
! 447: blowfish { YYD; yylval.num = algtype_blowfish; return(ALGORITHMTYPE); }
! 448: 3idea { YYD; yylval.num = algtype_3idea; return(ALGORITHMTYPE); }
! 449: des_iv32 { YYD; yylval.num = algtype_des_iv32; return(ALGORITHMTYPE); }
! 450: rc4 { YYD; yylval.num = algtype_rc4; return(ALGORITHMTYPE); }
! 451: null_enc { YYD; yylval.num = algtype_null_enc; return(ALGORITHMTYPE); }
! 452: null { YYD; yylval.num = algtype_null_enc; return(ALGORITHMTYPE); }
! 453: aes { YYD; yylval.num = algtype_aes; return(ALGORITHMTYPE); }
! 454: rijndael { YYD; yylval.num = algtype_aes; return(ALGORITHMTYPE); }
! 455: twofish { YYD; yylval.num = algtype_twofish; return(ALGORITHMTYPE); }
! 456: camellia { YYD; yylval.num = algtype_camellia; return(ALGORITHMTYPE); }
! 457: non_auth { YYD; yylval.num = algtype_non_auth; return(ALGORITHMTYPE); }
! 458: hmac_md5 { YYD; yylval.num = algtype_hmac_md5; return(ALGORITHMTYPE); }
! 459: hmac_sha1 { YYD; yylval.num = algtype_hmac_sha1; return(ALGORITHMTYPE); }
! 460: hmac_sha2_256 { YYD; yylval.num = algtype_hmac_sha2_256; return(ALGORITHMTYPE); }
! 461: hmac_sha256 { YYD; yylval.num = algtype_hmac_sha2_256; return(ALGORITHMTYPE); }
! 462: hmac_sha2_384 { YYD; yylval.num = algtype_hmac_sha2_384; return(ALGORITHMTYPE); }
! 463: hmac_sha384 { YYD; yylval.num = algtype_hmac_sha2_384; return(ALGORITHMTYPE); }
! 464: hmac_sha2_512 { YYD; yylval.num = algtype_hmac_sha2_512; return(ALGORITHMTYPE); }
! 465: hmac_sha512 { YYD; yylval.num = algtype_hmac_sha2_512; return(ALGORITHMTYPE); }
! 466: des_mac { YYD; yylval.num = algtype_des_mac; return(ALGORITHMTYPE); }
! 467: kpdk { YYD; yylval.num = algtype_kpdk; return(ALGORITHMTYPE); }
! 468: md5 { YYD; yylval.num = algtype_md5; return(ALGORITHMTYPE); }
! 469: sha1 { YYD; yylval.num = algtype_sha1; return(ALGORITHMTYPE); }
! 470: tiger { YYD; yylval.num = algtype_tiger; return(ALGORITHMTYPE); }
! 471: sha2_256 { YYD; yylval.num = algtype_sha2_256; return(ALGORITHMTYPE); }
! 472: sha256 { YYD; yylval.num = algtype_sha2_256; return(ALGORITHMTYPE); }
! 473: sha2_384 { YYD; yylval.num = algtype_sha2_384; return(ALGORITHMTYPE); }
! 474: sha384 { YYD; yylval.num = algtype_sha2_384; return(ALGORITHMTYPE); }
! 475: sha2_512 { YYD; yylval.num = algtype_sha2_512; return(ALGORITHMTYPE); }
! 476: sha512 { YYD; yylval.num = algtype_sha2_512; return(ALGORITHMTYPE); }
! 477: oui { YYD; yylval.num = algtype_oui; return(ALGORITHMTYPE); }
! 478: deflate { YYD; yylval.num = algtype_deflate; return(ALGORITHMTYPE); }
! 479: lzs { YYD; yylval.num = algtype_lzs; return(ALGORITHMTYPE); }
! 480: modp768 { YYD; yylval.num = algtype_modp768; return(ALGORITHMTYPE); }
! 481: modp1024 { YYD; yylval.num = algtype_modp1024; return(ALGORITHMTYPE); }
! 482: modp1536 { YYD; yylval.num = algtype_modp1536; return(ALGORITHMTYPE); }
! 483: ec2n155 { YYD; yylval.num = algtype_ec2n155; return(ALGORITHMTYPE); }
! 484: ec2n185 { YYD; yylval.num = algtype_ec2n185; return(ALGORITHMTYPE); }
! 485: modp2048 { YYD; yylval.num = algtype_modp2048; return(ALGORITHMTYPE); }
! 486: modp3072 { YYD; yylval.num = algtype_modp3072; return(ALGORITHMTYPE); }
! 487: modp4096 { YYD; yylval.num = algtype_modp4096; return(ALGORITHMTYPE); }
! 488: modp6144 { YYD; yylval.num = algtype_modp6144; return(ALGORITHMTYPE); }
! 489: modp8192 { YYD; yylval.num = algtype_modp8192; return(ALGORITHMTYPE); }
! 490: pre_shared_key { YYD; yylval.num = algtype_psk; return(ALGORITHMTYPE); }
! 491: rsasig { YYD; yylval.num = algtype_rsasig; return(ALGORITHMTYPE); }
! 492: dsssig { YYD; yylval.num = algtype_dsssig; return(ALGORITHMTYPE); }
! 493: rsaenc { YYD; yylval.num = algtype_rsaenc; return(ALGORITHMTYPE); }
! 494: rsarev { YYD; yylval.num = algtype_rsarev; return(ALGORITHMTYPE); }
! 495: gssapi_krb { YYD; yylval.num = algtype_gssapikrb; return(ALGORITHMTYPE); }
! 496: hybrid_rsa_server {
! 497: #ifdef ENABLE_HYBRID
! 498: YYD; yylval.num = algtype_hybrid_rsa_s; return(ALGORITHMTYPE);
! 499: #else
! 500: yyerror("racoon not configured with --enable-hybrid");
! 501: #endif
! 502: }
! 503: hybrid_dss_server {
! 504: #ifdef ENABLE_HYBRID
! 505: YYD; yylval.num = algtype_hybrid_dss_s; return(ALGORITHMTYPE);
! 506: #else
! 507: yyerror("racoon not configured with --enable-hybrid");
! 508: #endif
! 509: }
! 510: hybrid_rsa_client {
! 511: #ifdef ENABLE_HYBRID
! 512: YYD; yylval.num = algtype_hybrid_rsa_c; return(ALGORITHMTYPE);
! 513: #else
! 514: yyerror("racoon not configured with --enable-hybrid");
! 515: #endif
! 516: }
! 517: hybrid_dss_client {
! 518: #ifdef ENABLE_HYBRID
! 519: YYD; yylval.num = algtype_hybrid_dss_c; return(ALGORITHMTYPE);
! 520: #else
! 521: yyerror("racoon not configured with --enable-hybrid");
! 522: #endif
! 523: }
! 524: xauth_psk_server {
! 525: #ifdef ENABLE_HYBRID
! 526: YYD; yylval.num = algtype_xauth_psk_s; return(ALGORITHMTYPE);
! 527: #else
! 528: yyerror("racoon not configured with --enable-hybrid");
! 529: #endif
! 530: }
! 531: xauth_psk_client {
! 532: #ifdef ENABLE_HYBRID
! 533: YYD; yylval.num = algtype_xauth_psk_c; return(ALGORITHMTYPE);
! 534: #else
! 535: yyerror("racoon not configured with --enable-hybrid");
! 536: #endif
! 537: }
! 538: xauth_rsa_server {
! 539: #ifdef ENABLE_HYBRID
! 540: YYD; yylval.num = algtype_xauth_rsa_s; return(ALGORITHMTYPE);
! 541: #else
! 542: yyerror("racoon not configured with --enable-hybrid");
! 543: #endif
! 544: }
! 545: xauth_rsa_client {
! 546: #ifdef ENABLE_HYBRID
! 547: YYD; yylval.num = algtype_xauth_rsa_c; return(ALGORITHMTYPE);
! 548: #else
! 549: yyerror("racoon not configured with --enable-hybrid");
! 550: #endif
! 551: }
! 552:
! 553:
! 554: /* identifier type */
! 555: user_fqdn { YYD; yylval.num = IDTYPE_USERFQDN; return(IDENTIFIERTYPE); }
! 556: fqdn { YYD; yylval.num = IDTYPE_FQDN; return(IDENTIFIERTYPE); }
! 557: keyid { YYD; yylval.num = IDTYPE_KEYID; return(IDENTIFIERTYPE); }
! 558: address { YYD; yylval.num = IDTYPE_ADDRESS; return(IDENTIFIERTYPE); }
! 559: subnet { YYD; yylval.num = IDTYPE_SUBNET; return(IDENTIFIERTYPE); }
! 560: asn1dn { YYD; yylval.num = IDTYPE_ASN1DN; return(IDENTIFIERTYPE); }
! 561:
! 562: /* identifier qualifier */
! 563: tag { YYD; yylval.num = IDQUAL_TAG; return(IDENTIFIERQUAL); }
! 564: file { YYD; yylval.num = IDQUAL_FILE; return(IDENTIFIERQUAL); }
! 565:
! 566: /* units */
! 567: B|byte|bytes { YYD; return(UNITTYPE_BYTE); }
! 568: KB { YYD; return(UNITTYPE_KBYTES); }
! 569: MB { YYD; return(UNITTYPE_MBYTES); }
! 570: TB { YYD; return(UNITTYPE_TBYTES); }
! 571: sec|secs|second|seconds { YYD; return(UNITTYPE_SEC); }
! 572: min|mins|minute|minutes { YYD; return(UNITTYPE_MIN); }
! 573: hour|hours { YYD; return(UNITTYPE_HOUR); }
! 574:
! 575: /* boolean */
! 576: yes { YYD; yylval.num = TRUE; return(BOOLEAN); }
! 577: no { YYD; yylval.num = FALSE; return(BOOLEAN); }
! 578:
! 579: {decstring} {
! 580: char *bp;
! 581:
! 582: YYD;
! 583: yylval.num = strtoul(yytext, &bp, 10);
! 584: return(NUMBER);
! 585: }
! 586:
! 587: {hexstring} {
! 588: char *p;
! 589:
! 590: YYD;
! 591: yylval.val = vmalloc(yyleng + (yyleng & 1) + 1);
! 592: if (yylval.val == NULL) {
! 593: yyerror("vmalloc failed");
! 594: return -1;
! 595: }
! 596:
! 597: p = yylval.val->v;
! 598: *p++ = '0';
! 599: *p++ = 'x';
! 600:
! 601: /* fixed string if length is odd. */
! 602: if (yyleng & 1)
! 603: *p++ = '0';
! 604: memcpy(p, &yytext[2], yyleng - 1);
! 605:
! 606: return(HEXSTRING);
! 607: }
! 608:
! 609: {quotedstring} {
! 610: char *p = yytext;
! 611:
! 612: YYD;
! 613: while (*++p != '"') ;
! 614: *p = '\0';
! 615:
! 616: yylval.val = vmalloc(yyleng - 1);
! 617: if (yylval.val == NULL) {
! 618: yyerror("vmalloc failed");
! 619: return -1;
! 620: }
! 621: memcpy(yylval.val->v, &yytext[1], yylval.val->l);
! 622:
! 623: return(QUOTEDSTRING);
! 624: }
! 625:
! 626: {addrstring} {
! 627: YYD;
! 628:
! 629: yylval.val = vmalloc(yyleng + 1);
! 630: if (yylval.val == NULL) {
! 631: yyerror("vmalloc failed");
! 632: return -1;
! 633: }
! 634: memcpy(yylval.val->v, yytext, yylval.val->l);
! 635:
! 636: return(ADDRSTRING);
! 637: }
! 638:
! 639: <<EOF>> {
! 640: yy_delete_buffer(YY_CURRENT_BUFFER);
! 641: fclose (incstack[incstackp].fp);
! 642: incstack[incstackp].fp = NULL;
! 643: racoon_free(incstack[incstackp].path);
! 644: incstack[incstackp].path = NULL;
! 645: incstackp--;
! 646: nextfile:
! 647: if (incstack[incstackp].matchon <
! 648: incstack[incstackp].matches.gl_pathc) {
! 649: char* filepath = incstack[incstackp].matches.gl_pathv[incstack[incstackp].matchon];
! 650: incstack[incstackp].matchon++;
! 651: incstackp++;
! 652: if (yycf_set_buffer(filepath) != 0) {
! 653: incstackp--;
! 654: goto nextfile;
! 655: }
! 656: yy_switch_to_buffer(yy_create_buffer(yyin, YY_BUF_SIZE));
! 657: BEGIN(S_INI);
! 658: } else {
! 659: globfree(&incstack[incstackp].matches);
! 660: if (incstackp == 0)
! 661: yyterminate();
! 662: else
! 663: yy_switch_to_buffer(incstack[incstackp].prevstate);
! 664: }
! 665: }
! 666:
! 667: /* ... */
! 668: {ws} { ; }
! 669: {nl} { incstack[incstackp].lineno++; }
! 670: {comment} { YYD; }
! 671: {semi} { return(EOS); }
! 672: . { yymore(); }
! 673:
! 674: %%
! 675:
! 676: void
! 677: yyerror(char *s, ...)
! 678: {
! 679: char fmt[512];
! 680:
! 681: va_list ap;
! 682: #ifdef HAVE_STDARG_H
! 683: va_start(ap, s);
! 684: #else
! 685: va_start(ap);
! 686: #endif
! 687: snprintf(fmt, sizeof(fmt), "%s:%d: \"%s\" %s\n",
! 688: incstack[incstackp].path, incstack[incstackp].lineno,
! 689: yytext, s);
! 690: plogv(LLV_ERROR, LOCATION, NULL, fmt, ap);
! 691: va_end(ap);
! 692:
! 693: yyerrorcount++;
! 694: }
! 695:
! 696: void
! 697: yywarn(char *s, ...)
! 698: {
! 699: char fmt[512];
! 700:
! 701: va_list ap;
! 702: #ifdef HAVE_STDARG_H
! 703: va_start(ap, s);
! 704: #else
! 705: va_start(ap);
! 706: #endif
! 707: snprintf(fmt, sizeof(fmt), "%s:%d: \"%s\" %s\n",
! 708: incstack[incstackp].path, incstack[incstackp].lineno,
! 709: yytext, s);
! 710: plogv(LLV_WARNING, LOCATION, NULL, fmt, ap);
! 711: va_end(ap);
! 712: }
! 713:
! 714: int
! 715: yycf_switch_buffer(path)
! 716: char *path;
! 717: {
! 718: char *filepath = NULL;
! 719:
! 720: /* got the include file name */
! 721: if (incstackp >= MAX_INCLUDE_DEPTH) {
! 722: plog(LLV_ERROR, LOCATION, NULL,
! 723: "Includes nested too deeply");
! 724: return -1;
! 725: }
! 726:
! 727: if (glob(path, GLOB_TILDE, NULL, &incstack[incstackp].matches) != 0 ||
! 728: incstack[incstackp].matches.gl_pathc == 0) {
! 729: plog(LLV_ERROR, LOCATION, NULL,
! 730: "glob found no matches for path \"%s\"\n", path);
! 731: return -1;
! 732: }
! 733: incstack[incstackp].matchon = 0;
! 734: incstack[incstackp].prevstate = YY_CURRENT_BUFFER;
! 735:
! 736: nextmatch:
! 737: if (incstack[incstackp].matchon >= incstack[incstackp].matches.gl_pathc)
! 738: return -1;
! 739: filepath =
! 740: incstack[incstackp].matches.gl_pathv[incstack[incstackp].matchon];
! 741: incstack[incstackp].matchon++;
! 742: incstackp++;
! 743:
! 744: if (yycf_set_buffer(filepath) != 0) {
! 745: incstackp--;
! 746: goto nextmatch;
! 747: }
! 748:
! 749: yy_switch_to_buffer(yy_create_buffer(yyin, YY_BUF_SIZE));
! 750:
! 751: BEGIN(S_INI);
! 752:
! 753: return 0;
! 754: }
! 755:
! 756: int
! 757: yycf_set_buffer(path)
! 758: char *path;
! 759: {
! 760: yyin = fopen(path, "r");
! 761: if (yyin == NULL) {
! 762: fprintf(stderr, "failed to open file %s (%s)\n",
! 763: path, strerror(errno));
! 764: plog(LLV_ERROR, LOCATION, NULL,
! 765: "failed to open file %s (%s)\n",
! 766: path, strerror(errno));
! 767: return -1;
! 768: }
! 769:
! 770: /* initialize */
! 771: incstack[incstackp].fp = yyin;
! 772: if (incstack[incstackp].path != NULL)
! 773: racoon_free(incstack[incstackp].path);
! 774: incstack[incstackp].path = racoon_strdup(path);
! 775: STRDUP_FATAL(incstack[incstackp].path);
! 776: incstack[incstackp].lineno = 1;
! 777: plog(LLV_DEBUG, LOCATION, NULL,
! 778: "reading config file %s\n", path);
! 779:
! 780: return 0;
! 781: }
! 782:
! 783: void
! 784: yycf_init_buffer()
! 785: {
! 786: int i;
! 787:
! 788: for (i = 0; i < MAX_INCLUDE_DEPTH; i++)
! 789: memset(&incstack[i], 0, sizeof(incstack[i]));
! 790: incstackp = 0;
! 791: }
! 792:
! 793: void
! 794: yycf_clean_buffer()
! 795: {
! 796: int i;
! 797:
! 798: for (i = 0; i < MAX_INCLUDE_DEPTH; i++) {
! 799: if (incstack[i].path != NULL) {
! 800: fclose(incstack[i].fp);
! 801: racoon_free(incstack[i].path);
! 802: incstack[i].path = NULL;
! 803: }
! 804: }
! 805: }
! 806:
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to cftoken.l CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / ipsec-tools / src / racoon