1/* $KAME: token.l,v 1.43 2003/07/25 09:35:28 itojun Exp $ */ 2 3/*- 4 * SPDX-License-Identifier: BSD-3-Clause 5 * 6 * Copyright (C) 1995, 1996, 1997, 1998, and 1999 WIDE Project. 7 * All rights reserved. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 2. Redistributions in binary form must reproduce the above copyright 15 * notice, this list of conditions and the following disclaimer in the 16 * documentation and/or other materials provided with the distribution. 17 * 3. Neither the name of the project nor the names of its contributors 18 * may be used to endorse or promote products derived from this software 19 * without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 */ 33 34%{ 35#include <sys/types.h> 36#include <sys/param.h> 37#include <sys/socket.h> 38#include <net/route.h> 39#include <net/pfkeyv2.h> 40#include <netipsec/keydb.h> 41#include <netipsec/key_debug.h> 42#include <netinet/in.h> 43#include <netipsec/ipsec.h> 44 45#include <stdlib.h> 46#include <limits.h> 47#include <string.h> 48#include <unistd.h> 49#include <errno.h> 50#include <netdb.h> 51 52#include "vchar.h" 53#include "y.tab.h" 54 55int lineno = 1; 56 57extern u_char m_buf[BUFSIZ]; 58extern u_int m_len; 59extern int f_debug; 60 61int yylex(void); 62void yyfatal(const char *s); 63void yyerror(const char *s); 64extern void parse_init(void); 65int parse(FILE **); 66int yyparse(void); 67%} 68 69%option noyywrap 70 71/* common section */ 72nl \n 73ws [ \t]+ 74digit [0-9] 75letter [0-9A-Za-z] 76hexdigit [0-9A-Fa-f] 77dot \. 78hyphen \- 79slash \/ 80blcl \[ 81elcl \] 82semi \; 83comment \#.* 84quotedstring \"[^"]*\" 85decstring {digit}+ 86hexstring 0[xX]{hexdigit}+ 87ipaddress [a-fA-F0-9:]([a-fA-F0-9:\.]*|[a-fA-F0-9:\.]*%[a-zA-Z0-9]*) 88ipaddrmask {slash}{digit}{1,3} 89name {letter}(({letter}|{digit}|{hyphen})*({letter}|{digit}))* 90hostname {name}(({dot}{name})+{dot}?)? 91 92%s S_PL S_AUTHALG S_ENCALG 93 94%% 95 96add { return(ADD); } 97delete { return(DELETE); } 98deleteall { return(DELETEALL); } 99get { return(GET); } 100flush { return(FLUSH); } 101dump { return(DUMP); } 102 103 /* for management SPD */ 104spdadd { return(SPDADD); } 105spddelete { return(SPDDELETE); } 106spddump { return(SPDDUMP); } 107spdflush { return(SPDFLUSH); } 108tagged { return(TAGGED); } 109{hyphen}P { BEGIN S_PL; return(F_POLICY); } 110<S_PL>[a-zA-Z0-9:\.\-_/ \n\t][a-zA-Z0-9:\.%\-_/ \n\t]* { 111 yymore(); 112 113 /* count up for nl */ 114 { 115 char *p; 116 for (p = yytext; *p != '\0'; p++) 117 if (*p == '\n') 118 lineno++; 119 } 120 121 yylval.val.len = strlen(yytext); 122 yylval.val.buf = strdup(yytext); 123 if (!yylval.val.buf) 124 yyfatal("insufficient memory"); 125 126 return(PL_REQUESTS); 127 } 128<S_PL>{semi} { BEGIN INITIAL; return(EOT); } 129 130 /* address resolution flags */ 131{hyphen}[n46][n46]* { 132 yylval.val.len = strlen(yytext); 133 yylval.val.buf = strdup(yytext); 134 if (!yylval.val.buf) 135 yyfatal("insufficient memory"); 136 return(F_AIFLAGS); 137 } 138 139 /* security protocols */ 140ah { yylval.num = 0; return(PR_AH); } 141esp { yylval.num = 0; return(PR_ESP); } 142ah-old { yylval.num = 1; return(PR_AH); } 143esp-old { yylval.num = 1; return(PR_ESP); } 144ipcomp { yylval.num = 0; return(PR_IPCOMP); } 145tcp { yylval.num = 0; return(PR_TCP); } 146 147 /* authentication alogorithm */ 148{hyphen}A { BEGIN S_AUTHALG; return(F_AUTH); } 149<S_AUTHALG>chacha20-poly1305 { yylval.num = SADB_X_AALG_CHACHA20POLY1305; BEGIN INITIAL; return(ALG_AUTH); } 150<S_AUTHALG>hmac-sha1 { yylval.num = SADB_AALG_SHA1HMAC; BEGIN INITIAL; return(ALG_AUTH); } 151<S_AUTHALG>hmac-sha2-256 { yylval.num = SADB_X_AALG_SHA2_256; BEGIN INITIAL; return(ALG_AUTH); } 152<S_AUTHALG>hmac-sha2-384 { yylval.num = SADB_X_AALG_SHA2_384; BEGIN INITIAL; return(ALG_AUTH); } 153<S_AUTHALG>hmac-sha2-512 { yylval.num = SADB_X_AALG_SHA2_512; BEGIN INITIAL; return(ALG_AUTH); } 154<S_AUTHALG>aes-xcbc-mac { yylval.num = SADB_X_AALG_AES_XCBC_MAC; BEGIN INITIAL; return(ALG_AUTH); } 155<S_AUTHALG>tcp-md5 { yylval.num = SADB_X_AALG_TCP_MD5; BEGIN INITIAL; return(ALG_AUTH); } 156<S_AUTHALG>null { yylval.num = SADB_X_AALG_NULL; BEGIN INITIAL; return(ALG_AUTH_NOKEY); } 157 158 /* encryption alogorithm */ 159{hyphen}E { BEGIN S_ENCALG; return(F_ENC); } 160<S_ENCALG>null { yylval.num = SADB_EALG_NULL; BEGIN INITIAL; return(ALG_ENC); } 161<S_ENCALG>simple { yylval.num = SADB_EALG_NULL; BEGIN INITIAL; return(ALG_ENC_OLD); } 162<S_ENCALG>rijndael-cbc { yylval.num = SADB_X_EALG_AESCBC; BEGIN INITIAL; return(ALG_ENC); } 163<S_ENCALG>aes-cbc { yylval.num = SADB_X_EALG_AESCBC; BEGIN INITIAL; return(ALG_ENC); } 164<S_ENCALG>aes-ctr { yylval.num = SADB_X_EALG_AESCTR; BEGIN INITIAL; return(ALG_ENC_SALT); } 165<S_ENCALG>aes-gcm-16 { yylval.num = SADB_X_EALG_AESGCM16; BEGIN INITIAL; return(ALG_ENC_SALT); } 166<S_ENCALG>chacha20-poly1305 { yylval.num = SADB_X_EALG_CHACHA20POLY1305; BEGIN INITIAL; return(ALG_ENC_SALT); } 167 168 /* compression algorithms */ 169{hyphen}C { return(F_COMP); } 170oui { yylval.num = SADB_X_CALG_OUI; return(ALG_COMP); } 171deflate { yylval.num = SADB_X_CALG_DEFLATE; return(ALG_COMP); } 172lzs { yylval.num = SADB_X_CALG_LZS; return(ALG_COMP); } 173{hyphen}R { return(F_RAWCPI); } 174 175 /* extension */ 176{hyphen}m { return(F_MODE); } 177transport { yylval.num = IPSEC_MODE_TRANSPORT; return(MODE); } 178tunnel { yylval.num = IPSEC_MODE_TUNNEL; return(MODE); } 179{hyphen}u { return(F_REQID); } 180{hyphen}f { return(F_EXT); } 181random-pad { yylval.num = SADB_X_EXT_PRAND; return(EXTENSION); } 182seq-pad { yylval.num = SADB_X_EXT_PSEQ; return(EXTENSION); } 183zero-pad { yylval.num = SADB_X_EXT_PZERO; return(EXTENSION); } 184nocyclic-seq { return(NOCYCLICSEQ); } 185{hyphen}r { return(F_REPLAY); } 186{hyphen}lh { return(F_LIFETIME_HARD); } 187{hyphen}ls { return(F_LIFETIME_SOFT); } 188{hyphen}natt { return(F_NATT); } 189{hyphen}natt_mtu { return(F_NATT_MTU); } 190 191 /* ... */ 192any { return(ANY); } 193{ws} { } 194{nl} { lineno++; } 195{comment} 196{semi} { return(EOT); } 197 198 /* for address parameters: /prefix, [port] */ 199{slash} { return SLASH; } 200{blcl} { return BLCL; } 201{elcl} { return ELCL; } 202 203 /* parameter */ 204{decstring} { 205 char *bp; 206 207 yylval.ulnum = strtoul(yytext, &bp, 10); 208 return(DECSTRING); 209 } 210 211{hexstring} { 212 yylval.val.buf = strdup(yytext + 2); 213 if (!yylval.val.buf) 214 yyfatal("insufficient memory"); 215 yylval.val.len = strlen(yylval.val.buf); 216 217 return(HEXSTRING); 218 } 219 220{quotedstring} { 221 char *p = yytext; 222 while (*++p != '"') ; 223 *p = '\0'; 224 yytext++; 225 yylval.val.len = yyleng - 2; 226 yylval.val.buf = strdup(yytext); 227 if (!yylval.val.buf) 228 yyfatal("insufficient memory"); 229 230 return(QUOTEDSTRING); 231 } 232 233[A-Za-z0-9:][A-Za-z0-9:%\.-]* { 234 yylval.val.len = yyleng; 235 yylval.val.buf = strdup(yytext); 236 if (!yylval.val.buf) 237 yyfatal("insufficient memory"); 238 return(STRING); 239 } 240 241[0-9,]+ { 242 yylval.val.len = yyleng; 243 yylval.val.buf = strdup(yytext); 244 if (!yylval.val.buf) 245 yyfatal("insufficient memory"); 246 return(STRING); 247 } 248 249. { 250 yyfatal("Syntax error"); 251 /*NOTREACHED*/ 252 } 253 254%% 255 256void 257yyfatal(const char *s) 258{ 259 yyerror(s); 260 exit(1); 261} 262 263void 264yyerror(const char *s) 265{ 266 printf("line %d: %s at [%s]\n", lineno, s, yytext); 267} 268 269int 270parse(FILE **fp) 271{ 272 yyin = *fp; 273 274 parse_init(); 275 276 if (yyparse()) { 277 printf("parse failed, line %d.\n", lineno); 278 return(-1); 279 } 280 281 return(0); 282} 283