1 | /* $NetBSD: token.l,v 1.15 2010/06/04 13:06:03 vanhu Exp $ */ |
---|
2 | |
---|
3 | /* $KAME: token.l,v 1.44 2003/10/21 07:20:58 itojun Exp $ */ |
---|
4 | |
---|
5 | /* |
---|
6 | * Copyright (C) 1995, 1996, 1997, 1998, and 1999 WIDE Project. |
---|
7 | * All rights reserved. |
---|
8 | * |
---|
9 | * Redistribution and use in source and binary forms, with or without |
---|
10 | * modification, are permitted provided that the following conditions |
---|
11 | * are met: |
---|
12 | * 1. Redistributions of source code must retain the above copyright |
---|
13 | * notice, this list of conditions and the following disclaimer. |
---|
14 | * 2. Redistributions in binary form must reproduce the above copyright |
---|
15 | * notice, this list of conditions and the following disclaimer in the |
---|
16 | * documentation and/or other materials provided with the distribution. |
---|
17 | * 3. Neither the name of the project nor the names of its contributors |
---|
18 | * may be used to endorse or promote products derived from this software |
---|
19 | * without specific prior written permission. |
---|
20 | * |
---|
21 | * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND |
---|
22 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
---|
23 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
---|
24 | * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE |
---|
25 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL |
---|
26 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS |
---|
27 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) |
---|
28 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT |
---|
29 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY |
---|
30 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF |
---|
31 | * SUCH DAMAGE. |
---|
32 | */ |
---|
33 | |
---|
34 | %{ |
---|
35 | |
---|
36 | #ifdef HAVE_CONFIG_H |
---|
37 | #include "config.h" |
---|
38 | #endif |
---|
39 | |
---|
40 | #include <sys/types.h> |
---|
41 | #include <sys/param.h> |
---|
42 | #include <sys/socket.h> |
---|
43 | #include <net/pfkeyv2.h> |
---|
44 | #include <netinet/in.h> |
---|
45 | #include PATH_IPSEC_H |
---|
46 | |
---|
47 | #include <stdlib.h> |
---|
48 | #include <limits.h> |
---|
49 | #include <string.h> |
---|
50 | #include <unistd.h> |
---|
51 | #include <errno.h> |
---|
52 | #include <netdb.h> |
---|
53 | |
---|
54 | #include "vchar.h" |
---|
55 | #if defined(__NetBSD__) || defined(__FreeBSD__) || defined(__linux__) || \ |
---|
56 | (defined(__APPLE__) && defined(__MACH__)) |
---|
57 | #include "parse.h" |
---|
58 | #else |
---|
59 | #include "y.tab.h" |
---|
60 | #endif |
---|
61 | |
---|
62 | #include "extern.h" |
---|
63 | |
---|
64 | /* make the code compile on *BSD-current */ |
---|
65 | #ifndef SADB_X_AALG_SHA2_256 |
---|
66 | #define SADB_X_AALG_SHA2_256 (-1) |
---|
67 | #endif |
---|
68 | #ifndef SADB_X_AALG_SHA2_384 |
---|
69 | #define SADB_X_AALG_SHA2_384 (-1) |
---|
70 | #endif |
---|
71 | #ifndef SADB_X_AALG_SHA2_512 |
---|
72 | #define SADB_X_AALG_SHA2_512 (-1) |
---|
73 | #endif |
---|
74 | #ifndef SADB_X_AALG_RIPEMD160HMAC |
---|
75 | #define SADB_X_AALG_RIPEMD160HMAC (-1) |
---|
76 | #endif |
---|
77 | #ifndef SADB_X_AALG_AES_XCBC_MAC |
---|
78 | #define SADB_X_AALG_AES_XCBC_MAC (-1) |
---|
79 | #endif |
---|
80 | #ifndef SADB_X_EALG_TWOFISHCBC |
---|
81 | #define SADB_X_EALG_TWOFISHCBC (-1) |
---|
82 | #endif |
---|
83 | #ifndef SADB_X_EALG_AESCTR |
---|
84 | #define SADB_X_EALG_AESCTR (-1) |
---|
85 | #endif |
---|
86 | #if defined(SADB_X_EALG_AES) && ! defined(SADB_X_EALG_AESCBC) |
---|
87 | #define SADB_X_EALG_AESCBC SADB_X_EALG_AES |
---|
88 | #endif |
---|
89 | %} |
---|
90 | |
---|
91 | /* common section */ |
---|
92 | nl \n |
---|
93 | ws [ \t]+ |
---|
94 | digit [0-9] |
---|
95 | letter [0-9A-Za-z] |
---|
96 | hexdigit [0-9A-Fa-f] |
---|
97 | dot \. |
---|
98 | hyphen \- |
---|
99 | slash \/ |
---|
100 | blcl \[ |
---|
101 | elcl \] |
---|
102 | semi \; |
---|
103 | comment \#.* |
---|
104 | quotedstring \"[^"]*\" |
---|
105 | decstring {digit}+ |
---|
106 | hexstring 0[xX]{hexdigit}+ |
---|
107 | ipaddress [a-fA-F0-9:]([a-fA-F0-9:\.]*|[a-fA-F0-9:\.]*%[a-zA-Z0-9]*) |
---|
108 | ipaddrmask {slash}{digit}{1,3} |
---|
109 | name {letter}(({letter}|{digit}|{hyphen})*({letter}|{digit}))* |
---|
110 | hostname {name}(({dot}{name})+{dot}?)? |
---|
111 | |
---|
112 | %s S_PL S_AUTHALG S_ENCALG |
---|
113 | |
---|
114 | %option noinput nounput |
---|
115 | %% |
---|
116 | |
---|
117 | |
---|
118 | add { return(ADD); } |
---|
119 | delete { return(DELETE); } |
---|
120 | deleteall { return(DELETEALL); } |
---|
121 | get { return(GET); } |
---|
122 | flush { return(FLUSH); } |
---|
123 | dump { return(DUMP); } |
---|
124 | exit { return(EXIT); } |
---|
125 | quit { return(EXIT); } |
---|
126 | bye { return(EXIT); } |
---|
127 | |
---|
128 | /* for management SPD */ |
---|
129 | spdadd { return(SPDADD); } |
---|
130 | spdupdate { return(SPDUPDATE); } |
---|
131 | spddelete { return(SPDDELETE); } |
---|
132 | spddump { return(SPDDUMP); } |
---|
133 | spdflush { return(SPDFLUSH); } |
---|
134 | tagged { return(TAGGED); } |
---|
135 | {hyphen}P { BEGIN S_PL; return(F_POLICY); } |
---|
136 | <S_PL>[a-zA-Z0-9:\.\-_/ \n\t][a-zA-Z0-9:\.%\-+_/ \n\t\]\[]* { |
---|
137 | yymore(); |
---|
138 | |
---|
139 | /* count up for nl */ |
---|
140 | { |
---|
141 | char *p; |
---|
142 | for (p = yytext; *p != '\0'; p++) |
---|
143 | if (*p == '\n') |
---|
144 | lineno++; |
---|
145 | } |
---|
146 | |
---|
147 | yylval.val.len = strlen(yytext); |
---|
148 | yylval.val.buf = strdup(yytext); |
---|
149 | if (!yylval.val.buf) |
---|
150 | yyfatal("insufficient memory"); |
---|
151 | |
---|
152 | return(PL_REQUESTS); |
---|
153 | } |
---|
154 | <S_PL>{semi} { BEGIN INITIAL; return(EOT); } |
---|
155 | |
---|
156 | /* address resolution flags */ |
---|
157 | {hyphen}[n46][n46]* { |
---|
158 | yylval.val.len = strlen(yytext); |
---|
159 | yylval.val.buf = strdup(yytext); |
---|
160 | if (!yylval.val.buf) |
---|
161 | yyfatal("insufficient memory"); |
---|
162 | return(F_AIFLAGS); |
---|
163 | } |
---|
164 | |
---|
165 | /* security protocols */ |
---|
166 | ah { yylval.num = 0; return(PR_AH); } |
---|
167 | esp { yylval.num = 0; return(PR_ESP); } |
---|
168 | ah-old { yylval.num = 1; return(PR_AH); } |
---|
169 | esp-old { yylval.num = 1; return(PR_ESP); } |
---|
170 | esp-udp { yylval.num = 0; return(PR_ESPUDP); } |
---|
171 | ipcomp { yylval.num = 0; return(PR_IPCOMP); } |
---|
172 | tcp { |
---|
173 | yylval.num = 0; return(PR_TCP); |
---|
174 | } |
---|
175 | |
---|
176 | /* authentication alogorithm */ |
---|
177 | {hyphen}A { BEGIN S_AUTHALG; return(F_AUTH); } |
---|
178 | <S_AUTHALG>hmac-md5 { yylval.num = SADB_AALG_MD5HMAC; BEGIN INITIAL; return(ALG_AUTH); } |
---|
179 | <S_AUTHALG>hmac-sha1 { yylval.num = SADB_AALG_SHA1HMAC; BEGIN INITIAL; return(ALG_AUTH); } |
---|
180 | <S_AUTHALG>keyed-md5 { yylval.num = SADB_X_AALG_MD5; BEGIN INITIAL; return(ALG_AUTH); } |
---|
181 | <S_AUTHALG>keyed-sha1 { yylval.num = SADB_X_AALG_SHA; BEGIN INITIAL; return(ALG_AUTH); } |
---|
182 | <S_AUTHALG>hmac-sha2-256 { yylval.num = SADB_X_AALG_SHA2_256; BEGIN INITIAL; return(ALG_AUTH); } |
---|
183 | <S_AUTHALG>hmac-sha256 { yylval.num = SADB_X_AALG_SHA2_256; BEGIN INITIAL; return(ALG_AUTH); } |
---|
184 | <S_AUTHALG>hmac-sha2-384 { yylval.num = SADB_X_AALG_SHA2_384; BEGIN INITIAL; return(ALG_AUTH); } |
---|
185 | <S_AUTHALG>hmac-sha384 { yylval.num = SADB_X_AALG_SHA2_384; BEGIN INITIAL; return(ALG_AUTH); } |
---|
186 | <S_AUTHALG>hmac-sha2-512 { yylval.num = SADB_X_AALG_SHA2_512; BEGIN INITIAL; return(ALG_AUTH); } |
---|
187 | <S_AUTHALG>hmac-sha512 { yylval.num = SADB_X_AALG_SHA2_512; BEGIN INITIAL; return(ALG_AUTH); } |
---|
188 | <S_AUTHALG>hmac-ripemd160 { yylval.num = SADB_X_AALG_RIPEMD160HMAC; BEGIN INITIAL; return(ALG_AUTH); } |
---|
189 | <S_AUTHALG>aes-xcbc-mac { yylval.num = SADB_X_AALG_AES_XCBC_MAC; BEGIN INITIAL; return(ALG_AUTH); } |
---|
190 | <S_AUTHALG>tcp-md5 { |
---|
191 | #ifdef SADB_X_AALG_TCP_MD5 |
---|
192 | yylval.num = SADB_X_AALG_TCP_MD5; |
---|
193 | BEGIN INITIAL; |
---|
194 | return(ALG_AUTH); |
---|
195 | #endif |
---|
196 | } |
---|
197 | <S_AUTHALG>null { yylval.num = SADB_X_AALG_NULL; BEGIN INITIAL; return(ALG_AUTH_NOKEY); } |
---|
198 | |
---|
199 | /* encryption alogorithm */ |
---|
200 | {hyphen}E { BEGIN S_ENCALG; return(F_ENC); } |
---|
201 | <S_ENCALG>des-cbc { yylval.num = SADB_EALG_DESCBC; BEGIN INITIAL; return(ALG_ENC); } |
---|
202 | <S_ENCALG>3des-cbc { yylval.num = SADB_EALG_3DESCBC; BEGIN INITIAL; return(ALG_ENC); } |
---|
203 | <S_ENCALG>null { yylval.num = SADB_EALG_NULL; BEGIN INITIAL; return(ALG_ENC_NOKEY); } |
---|
204 | <S_ENCALG>simple { yylval.num = SADB_EALG_NULL; BEGIN INITIAL; return(ALG_ENC_OLD); } |
---|
205 | <S_ENCALG>blowfish-cbc { yylval.num = SADB_X_EALG_BLOWFISHCBC; BEGIN INITIAL; return(ALG_ENC); } |
---|
206 | <S_ENCALG>cast128-cbc { yylval.num = SADB_X_EALG_CAST128CBC; BEGIN INITIAL; return(ALG_ENC); } |
---|
207 | <S_ENCALG>des-deriv { yylval.num = SADB_EALG_DESCBC; BEGIN INITIAL; return(ALG_ENC_DESDERIV); } |
---|
208 | <S_ENCALG>des-32iv { yylval.num = SADB_EALG_DESCBC; BEGIN INITIAL; return(ALG_ENC_DES32IV); } |
---|
209 | <S_ENCALG>twofish-cbc { yylval.num = SADB_X_EALG_TWOFISHCBC; BEGIN INITIAL; return(ALG_ENC); } |
---|
210 | <S_ENCALG>aes-cbc { |
---|
211 | #ifdef SADB_X_EALG_AESCBC |
---|
212 | yylval.num = SADB_X_EALG_AESCBC; BEGIN INITIAL; return(ALG_ENC); |
---|
213 | #endif |
---|
214 | } |
---|
215 | <S_ENCALG>rijndael-cbc { |
---|
216 | #ifdef SADB_X_EALG_AESCBC |
---|
217 | yylval.num = SADB_X_EALG_AESCBC; BEGIN INITIAL; return(ALG_ENC); |
---|
218 | #endif |
---|
219 | } |
---|
220 | <S_ENCALG>aes-ctr { yylval.num = SADB_X_EALG_AESCTR; BEGIN INITIAL; return(ALG_ENC); } |
---|
221 | <S_ENCALG>camellia-cbc { |
---|
222 | #ifdef SADB_X_EALG_CAMELLIACBC |
---|
223 | yylval.num = SADB_X_EALG_CAMELLIACBC; BEGIN INITIAL; return(ALG_ENC); |
---|
224 | #endif |
---|
225 | } |
---|
226 | |
---|
227 | /* compression algorithms */ |
---|
228 | {hyphen}C { return(F_COMP); } |
---|
229 | oui { yylval.num = SADB_X_CALG_OUI; return(ALG_COMP); } |
---|
230 | deflate { yylval.num = SADB_X_CALG_DEFLATE; return(ALG_COMP); } |
---|
231 | lzs { yylval.num = SADB_X_CALG_LZS; return(ALG_COMP); } |
---|
232 | {hyphen}R { return(F_RAWCPI); } |
---|
233 | |
---|
234 | /* extension */ |
---|
235 | {hyphen}m { return(F_MODE); } |
---|
236 | transport { yylval.num = IPSEC_MODE_TRANSPORT; return(MODE); } |
---|
237 | tunnel { yylval.num = IPSEC_MODE_TUNNEL; return(MODE); } |
---|
238 | {hyphen}u { return(F_REQID); } |
---|
239 | {hyphen}f { return(F_EXT); } |
---|
240 | random-pad { yylval.num = SADB_X_EXT_PRAND; return(EXTENSION); } |
---|
241 | seq-pad { yylval.num = SADB_X_EXT_PSEQ; return(EXTENSION); } |
---|
242 | zero-pad { yylval.num = SADB_X_EXT_PZERO; return(EXTENSION); } |
---|
243 | nocyclic-seq { return(NOCYCLICSEQ); } |
---|
244 | {hyphen}r { return(F_REPLAY); } |
---|
245 | {hyphen}lh { return(F_LIFETIME_HARD); } |
---|
246 | {hyphen}ls { return(F_LIFETIME_SOFT); } |
---|
247 | {hyphen}bh { return(F_LIFEBYTE_HARD); } |
---|
248 | {hyphen}bs { return(F_LIFEBYTE_SOFT); } |
---|
249 | {hyphen}ctx { return(SECURITY_CTX); } |
---|
250 | |
---|
251 | /* ... */ |
---|
252 | any { return(ANY); } |
---|
253 | {ws} { } |
---|
254 | {nl} { lineno++; } |
---|
255 | {comment} |
---|
256 | {semi} { return(EOT); } |
---|
257 | |
---|
258 | /* for address parameters: /prefix, [port] */ |
---|
259 | {slash} { return SLASH; } |
---|
260 | {blcl} { return BLCL; } |
---|
261 | {elcl} { return ELCL; } |
---|
262 | |
---|
263 | /* parameter */ |
---|
264 | {decstring} { |
---|
265 | char *bp; |
---|
266 | |
---|
267 | yylval.ulnum = strtoul(yytext, &bp, 10); |
---|
268 | return(DECSTRING); |
---|
269 | } |
---|
270 | |
---|
271 | {hexstring} { |
---|
272 | yylval.val.buf = strdup(yytext + 2); |
---|
273 | if (!yylval.val.buf) |
---|
274 | yyfatal("insufficient memory"); |
---|
275 | yylval.val.len = strlen(yylval.val.buf); |
---|
276 | |
---|
277 | return(HEXSTRING); |
---|
278 | } |
---|
279 | |
---|
280 | {quotedstring} { |
---|
281 | char *p = yytext; |
---|
282 | while (*++p != '"') ; |
---|
283 | *p = '\0'; |
---|
284 | yytext++; |
---|
285 | yylval.val.len = yyleng - 2; |
---|
286 | yylval.val.buf = strdup(yytext); |
---|
287 | if (!yylval.val.buf) |
---|
288 | yyfatal("insufficient memory"); |
---|
289 | |
---|
290 | return(QUOTEDSTRING); |
---|
291 | } |
---|
292 | |
---|
293 | [A-Za-z0-9:][A-Za-z0-9:%\.-]* { |
---|
294 | yylval.val.len = yyleng; |
---|
295 | yylval.val.buf = strdup(yytext); |
---|
296 | if (!yylval.val.buf) |
---|
297 | yyfatal("insufficient memory"); |
---|
298 | return(STRING); |
---|
299 | } |
---|
300 | |
---|
301 | [0-9,]+ { |
---|
302 | yylval.val.len = yyleng; |
---|
303 | yylval.val.buf = strdup(yytext); |
---|
304 | if (!yylval.val.buf) |
---|
305 | yyfatal("insufficient memory"); |
---|
306 | return(STRING); |
---|
307 | } |
---|
308 | |
---|
309 | . { |
---|
310 | yyfatal("Syntax error"); |
---|
311 | /*NOTREACHED*/ |
---|
312 | } |
---|
313 | |
---|
314 | %% |
---|
315 | |
---|
316 | void |
---|
317 | yyfatal(s) |
---|
318 | const char *s; |
---|
319 | { |
---|
320 | yyerror(s); |
---|
321 | exit(1); |
---|
322 | } |
---|
323 | |
---|
324 | void |
---|
325 | yyerror(s) |
---|
326 | const char *s; |
---|
327 | { |
---|
328 | printf("line %d: %s at [%s]\n", lineno, s, yytext); |
---|
329 | } |
---|
330 | |
---|
331 | int |
---|
332 | parse(fp) |
---|
333 | FILE **fp; |
---|
334 | { |
---|
335 | yyin = *fp; |
---|
336 | |
---|
337 | lineno = 1; |
---|
338 | parse_init(); |
---|
339 | |
---|
340 | if (yyparse()) { |
---|
341 | printf("parse failed, line %d.\n", lineno); |
---|
342 | return(-1); |
---|
343 | } |
---|
344 | |
---|
345 | return(0); |
---|
346 | } |
---|
347 | |
---|
348 | int |
---|
349 | parse_string (char *src) |
---|
350 | { |
---|
351 | int result; |
---|
352 | YY_BUFFER_STATE buf_state; |
---|
353 | |
---|
354 | buf_state = yy_scan_string(src); |
---|
355 | result = yyparse(); |
---|
356 | yy_delete_buffer(buf_state); |
---|
357 | return result; |
---|
358 | } |
---|
359 | |
---|