1 /* $KAME: policy_token.l,v 1.13 2003/05/09 05:19:55 sakane Exp $ */
4 * SPDX-License-Identifier: BSD-3-Clause
6 * Copyright (C) 1995, 1996, 1997, 1998, and 1999 WIDE Project.
9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted provided that the following conditions
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 * 2. Redistributions in binary form must reproduce the above copyright
15 * notice, this list of conditions and the following disclaimer in the
16 * documentation and/or other materials provided with the distribution.
17 * 3. Neither the name of the project nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
35 #include <sys/types.h>
36 #include <sys/param.h>
37 #include <sys/socket.h>
38 #include <net/route.h>
39 #include <net/pfkeyv2.h>
40 #include <netipsec/keydb.h>
41 #include <netinet/in.h>
42 #include <netipsec/ipsec.h>
51 #define yylval __libipsecyylval /* XXX */
77 usec {dot}{digit}{1,6}
80 bracketstring \<[^>]*\>
81 quotedstring \"[^"]*\"
83 hexpair {hexdigit}{hexdigit}
84 hexstring 0[xX]{hexdigit}+
85 octetstring {octet}({dot}{octet})+
86 ipaddress [a-zA-Z0-9:\._][a-zA-Z0-9:\._]*(%[a-zA-Z0-9]+)?
90 in { yylval.num = IPSEC_DIR_INBOUND; return(DIR); }
91 out { yylval.num = IPSEC_DIR_OUTBOUND; return(DIR); }
93 discard { yylval.num = IPSEC_POLICY_DISCARD; return(ACTION); }
94 none { yylval.num = IPSEC_POLICY_NONE; return(ACTION); }
95 ipsec { yylval.num = IPSEC_POLICY_IPSEC; return(ACTION); }
96 bypass { yylval.num = IPSEC_POLICY_BYPASS; return(ACTION); }
97 entrust { yylval.num = IPSEC_POLICY_ENTRUST; return(ACTION); }
99 esp { yylval.num = IPPROTO_ESP; return(PROTOCOL); }
100 ah { yylval.num = IPPROTO_AH; return(PROTOCOL); }
101 ipcomp { yylval.num = IPPROTO_IPCOMP; return(PROTOCOL); }
102 tcp { yylval.num = IPPROTO_TCP; return(PROTOCOL); }
104 transport { yylval.num = IPSEC_MODE_TRANSPORT; return(MODE); }
105 tunnel { yylval.num = IPSEC_MODE_TUNNEL; return(MODE); }
110 default { yylval.num = IPSEC_LEVEL_DEFAULT; return(LEVEL); }
111 use { yylval.num = IPSEC_LEVEL_USE; return(LEVEL); }
112 require { yylval.num = IPSEC_LEVEL_REQUIRE; return(LEVEL); }
113 unique{colon}{decstring} {
114 yylval.val.len = strlen(yytext + 7);
115 yylval.val.buf = yytext + 7;
116 return(LEVEL_SPECIFY);
118 unique { yylval.num = IPSEC_LEVEL_UNIQUE; return(LEVEL); }
119 {slash} { return(SLASH); }
122 yylval.val.len = strlen(yytext);
123 yylval.val.buf = yytext;
127 {hyphen} { return(HYPHEN); }
134 void __policy__strbuffer__init__(char *);
135 void __policy__strbuffer__free__(void);
137 static YY_BUFFER_STATE strbuffer;
140 __policy__strbuffer__init__(char *msg)
142 if (YY_CURRENT_BUFFER)
143 yy_delete_buffer(YY_CURRENT_BUFFER);
144 strbuffer = (YY_BUFFER_STATE)yy_scan_string(msg);
145 yy_switch_to_buffer(strbuffer);
151 __policy__strbuffer__free__(void)
153 yy_delete_buffer(strbuffer);