2 /* $KAME: policy_token.l,v 1.13 2003/05/09 05:19:55 sakane Exp $ */
5 * SPDX-License-Identifier: BSD-3-Clause
7 * Copyright (C) 1995, 1996, 1997, 1998, and 1999 WIDE Project.
10 * Redistribution and use in source and binary forms, with or without
11 * modification, are permitted provided that the following conditions
13 * 1. Redistributions of source code must retain the above copyright
14 * notice, this list of conditions and the following disclaimer.
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in the
17 * documentation and/or other materials provided with the distribution.
18 * 3. Neither the name of the project nor the names of its contributors
19 * may be used to endorse or promote products derived from this software
20 * without specific prior written permission.
22 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
23 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
25 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
26 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
28 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
29 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
30 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
31 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
36 #include <sys/types.h>
37 #include <sys/param.h>
38 #include <sys/socket.h>
39 #include <net/route.h>
40 #include <net/pfkeyv2.h>
41 #include <netipsec/keydb.h>
42 #include <netinet/in.h>
43 #include <netipsec/ipsec.h>
52 #define yylval __libipsecyylval /* XXX */
78 usec {dot}{digit}{1,6}
81 bracketstring \<[^>]*\>
82 quotedstring \"[^"]*\"
84 hexpair {hexdigit}{hexdigit}
85 hexstring 0[xX]{hexdigit}+
86 octetstring {octet}({dot}{octet})+
87 ipaddress [a-zA-Z0-9:\._][a-zA-Z0-9:\._]*(%[a-zA-Z0-9]+)?
91 in { yylval.num = IPSEC_DIR_INBOUND; return(DIR); }
92 out { yylval.num = IPSEC_DIR_OUTBOUND; return(DIR); }
94 discard { yylval.num = IPSEC_POLICY_DISCARD; return(ACTION); }
95 none { yylval.num = IPSEC_POLICY_NONE; return(ACTION); }
96 ipsec { yylval.num = IPSEC_POLICY_IPSEC; return(ACTION); }
97 bypass { yylval.num = IPSEC_POLICY_BYPASS; return(ACTION); }
98 entrust { yylval.num = IPSEC_POLICY_ENTRUST; return(ACTION); }
100 esp { yylval.num = IPPROTO_ESP; return(PROTOCOL); }
101 ah { yylval.num = IPPROTO_AH; return(PROTOCOL); }
102 ipcomp { yylval.num = IPPROTO_IPCOMP; return(PROTOCOL); }
103 tcp { yylval.num = IPPROTO_TCP; return(PROTOCOL); }
105 transport { yylval.num = IPSEC_MODE_TRANSPORT; return(MODE); }
106 tunnel { yylval.num = IPSEC_MODE_TUNNEL; return(MODE); }
111 default { yylval.num = IPSEC_LEVEL_DEFAULT; return(LEVEL); }
112 use { yylval.num = IPSEC_LEVEL_USE; return(LEVEL); }
113 require { yylval.num = IPSEC_LEVEL_REQUIRE; return(LEVEL); }
114 unique{colon}{decstring} {
115 yylval.val.len = strlen(yytext + 7);
116 yylval.val.buf = yytext + 7;
117 return(LEVEL_SPECIFY);
119 unique { yylval.num = IPSEC_LEVEL_UNIQUE; return(LEVEL); }
120 {slash} { return(SLASH); }
123 yylval.val.len = strlen(yytext);
124 yylval.val.buf = yytext;
128 {hyphen} { return(HYPHEN); }
135 void __policy__strbuffer__init__(char *);
136 void __policy__strbuffer__free__(void);
138 static YY_BUFFER_STATE strbuffer;
141 __policy__strbuffer__init__(msg)
144 if (YY_CURRENT_BUFFER)
145 yy_delete_buffer(YY_CURRENT_BUFFER);
146 strbuffer = (YY_BUFFER_STATE)yy_scan_string(msg);
147 yy_switch_to_buffer(strbuffer);
153 __policy__strbuffer__free__()
155 yy_delete_buffer(strbuffer);