sbin/setkey/token.l

   1 /*      $FreeBSD$       */
   2 /*      $KAME: token.l,v 1.43 2003/07/25 09:35:28 itojun Exp $  */
   3
   4 /*-
   5  * SPDX-License-Identifier: BSD-3-Clause
   6  *
   7  * Copyright (C) 1995, 1996, 1997, 1998, and 1999 WIDE Project.
   8  * All rights reserved.
   9  *
  10  * Redistribution and use in source and binary forms, with or without
  11  * modification, are permitted provided that the following conditions
  12  * are met:
  13  * 1. Redistributions of source code must retain the above copyright
  14  *    notice, this list of conditions and the following disclaimer.
  15  * 2. Redistributions in binary form must reproduce the above copyright
  16  *    notice, this list of conditions and the following disclaimer in the
  17  *    documentation and/or other materials provided with the distribution.
  18  * 3. Neither the name of the project nor the names of its contributors
  19  *    may be used to endorse or promote products derived from this software
  20  *    without specific prior written permission.
  21  *
  22  * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
  23  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  24  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  25  * ARE DISCLAIMED.  IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
  26  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  27  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  28  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  29  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  30  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  31  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  32  * SUCH DAMAGE.
  33  */
  34
  35 %{
  36 #include <sys/types.h>
  37 #include <sys/param.h>
  38 #include <sys/socket.h>
  39 #include <net/route.h>
  40 #include <net/pfkeyv2.h>
  41 #include <netipsec/keydb.h>
  42 #include <netipsec/key_debug.h>
  43 #include <netinet/in.h>
  44 #include <netipsec/ipsec.h>
  45
  46 #include <stdlib.h>
  47 #include <limits.h>
  48 #include <string.h>
  49 #include <unistd.h>
  50 #include <errno.h>
  51 #include <netdb.h>
  52
  53 #include "vchar.h"
  54 #include "y.tab.h"
  55
  56 int lineno = 1;
  57
  58 extern u_char m_buf[BUFSIZ];
  59 extern u_int m_len;
  60 extern int f_debug;
  61
  62 int yylex(void);
  63 void yyfatal(const char *s);
  64 void yyerror(const char *s);
  65 extern void parse_init(void);
  66 int parse(FILE **);
  67 int yyparse(void);
  68 %}
  69
  70 %option noyywrap
  71
  72 /* common section */
  73 nl              \n
  74 ws              [ \t]+
  75 digit           [0-9]
  76 letter          [0-9A-Za-z]
  77 hexdigit        [0-9A-Fa-f]
  78 dot             \.
  79 hyphen          \-
  80 slash           \/
  81 blcl            \[
  82 elcl            \]
  83 semi            \;
  84 comment         \#.*
  85 quotedstring    \"[^"]*\"
  86 decstring       {digit}+
  87 hexstring       0[xX]{hexdigit}+
  88 ipaddress       [a-fA-F0-9:]([a-fA-F0-9:\.]*|[a-fA-F0-9:\.]*%[a-zA-Z0-9]*)
  89 ipaddrmask      {slash}{digit}{1,3}
  90 name            {letter}(({letter}|{digit}|{hyphen})*({letter}|{digit}))*
  91 hostname        {name}(({dot}{name})+{dot}?)?
  92
  93 %s S_PL S_AUTHALG S_ENCALG
  94
  95 %%
  96
  97 add             { return(ADD); }
  98 delete          { return(DELETE); }
  99 deleteall       { return(DELETEALL); }
 100 get             { return(GET); }
 101 flush           { return(FLUSH); }
 102 dump            { return(DUMP); }
 103
 104         /* for management SPD */
 105 spdadd          { return(SPDADD); }
 106 spddelete       { return(SPDDELETE); }
 107 spddump         { return(SPDDUMP); }
 108 spdflush        { return(SPDFLUSH); }
 109 tagged          { return(TAGGED); }
 110 {hyphen}P       { BEGIN S_PL; return(F_POLICY); }
 111 <S_PL>[a-zA-Z0-9:\.\-_/ \n\t][a-zA-Z0-9:\.%\-_/ \n\t]* {
 112                         yymore();
 113
 114                         /* count up for nl */
 115                             {
 116                                 char *p;
 117                                 for (p = yytext; *p != '\0'; p++)
 118                                         if (*p == '\n')
 119                                                 lineno++;
 120                             }
 121
 122                         yylval.val.len = strlen(yytext);
 123                         yylval.val.buf = strdup(yytext);
 124                         if (!yylval.val.buf)
 125                                 yyfatal("insufficient memory");
 126
 127                         return(PL_REQUESTS);
 128                 }
 129 <S_PL>{semi}    { BEGIN INITIAL; return(EOT); }
 130
 131         /* address resolution flags */
 132 {hyphen}[n46][n46]*     {
 133                         yylval.val.len = strlen(yytext);
 134                         yylval.val.buf = strdup(yytext);
 135                         if (!yylval.val.buf)
 136                                 yyfatal("insufficient memory");
 137                         return(F_AIFLAGS);
 138                 }
 139
 140         /* security protocols */
 141 ah              { yylval.num = 0; return(PR_AH); }
 142 esp             { yylval.num = 0; return(PR_ESP); }
 143 ah-old          { yylval.num = 1; return(PR_AH); }
 144 esp-old         { yylval.num = 1; return(PR_ESP); }
 145 ipcomp          { yylval.num = 0; return(PR_IPCOMP); }
 146 tcp             { yylval.num = 0; return(PR_TCP); }
 147
 148         /* authentication alogorithm */
 149 {hyphen}A       { BEGIN S_AUTHALG; return(F_AUTH); }
 150 <S_AUTHALG>hmac-md5     { yylval.num = SADB_AALG_MD5HMAC; BEGIN INITIAL; return(ALG_AUTH); }
 151 <S_AUTHALG>hmac-sha1    { yylval.num = SADB_AALG_SHA1HMAC; BEGIN INITIAL; return(ALG_AUTH); }
 152 <S_AUTHALG>keyed-md5    { yylval.num = SADB_X_AALG_MD5; BEGIN INITIAL; return(ALG_AUTH); }
 153 <S_AUTHALG>keyed-sha1   { yylval.num = SADB_X_AALG_SHA; BEGIN INITIAL; return(ALG_AUTH); }
 154 <S_AUTHALG>hmac-sha2-256 { yylval.num = SADB_X_AALG_SHA2_256; BEGIN INITIAL; return(ALG_AUTH); }
 155 <S_AUTHALG>hmac-sha2-384 { yylval.num = SADB_X_AALG_SHA2_384; BEGIN INITIAL; return(ALG_AUTH); }
 156 <S_AUTHALG>hmac-sha2-512 { yylval.num = SADB_X_AALG_SHA2_512; BEGIN INITIAL; return(ALG_AUTH); }
 157 <S_AUTHALG>hmac-ripemd160 { yylval.num = SADB_X_AALG_RIPEMD160HMAC; BEGIN INITIAL; return(ALG_AUTH); }
 158 <S_AUTHALG>aes-xcbc-mac { yylval.num = SADB_X_AALG_AES_XCBC_MAC; BEGIN INITIAL; return(ALG_AUTH); }
 159 <S_AUTHALG>tcp-md5      { yylval.num = SADB_X_AALG_TCP_MD5; BEGIN INITIAL; return(ALG_AUTH); }
 160 <S_AUTHALG>null { yylval.num = SADB_X_AALG_NULL; BEGIN INITIAL; return(ALG_AUTH_NOKEY); }
 161
 162         /* encryption alogorithm */
 163 {hyphen}E       { BEGIN S_ENCALG; return(F_ENC); }
 164 <S_ENCALG>des-cbc       { yylval.num = SADB_EALG_DESCBC; BEGIN INITIAL; return(ALG_ENC); }
 165 <S_ENCALG>3des-cbc      { yylval.num = SADB_EALG_3DESCBC; BEGIN INITIAL; return(ALG_ENC); }
 166 <S_ENCALG>null          { yylval.num = SADB_EALG_NULL; BEGIN INITIAL; return(ALG_ENC); }
 167 <S_ENCALG>simple        { yylval.num = SADB_EALG_NULL; BEGIN INITIAL; return(ALG_ENC_OLD); }
 168 <S_ENCALG>blowfish-cbc  { yylval.num = SADB_X_EALG_BLOWFISHCBC; BEGIN INITIAL; return(ALG_ENC); }
 169 <S_ENCALG>cast128-cbc   { yylval.num = SADB_X_EALG_CAST128CBC; BEGIN INITIAL; return(ALG_ENC); }
 170 <S_ENCALG>des-deriv     { yylval.num = SADB_EALG_DESCBC; BEGIN INITIAL; return(ALG_ENC_DESDERIV); }
 171 <S_ENCALG>des-32iv      { yylval.num = SADB_EALG_DESCBC; BEGIN INITIAL; return(ALG_ENC_DES32IV); }
 172 <S_ENCALG>rijndael-cbc  { yylval.num = SADB_X_EALG_AESCBC; BEGIN INITIAL; return(ALG_ENC); }
 173 <S_ENCALG>aes-cbc       { yylval.num = SADB_X_EALG_AESCBC; BEGIN INITIAL; return(ALG_ENC); }
 174 <S_ENCALG>aes-ctr       { yylval.num = SADB_X_EALG_AESCTR; BEGIN INITIAL; return(ALG_ENC_SALT); }
 175 <S_ENCALG>camellia-cbc  { yylval.num = SADB_X_EALG_CAMELLIACBC; BEGIN INITIAL; return(ALG_ENC); }
 176 <S_ENCALG>aes-gcm-16    { yylval.num = SADB_X_EALG_AESGCM16; BEGIN INITIAL; return(ALG_ENC_SALT); }
 177
 178         /* compression algorithms */
 179 {hyphen}C       { return(F_COMP); }
 180 oui             { yylval.num = SADB_X_CALG_OUI; return(ALG_COMP); }
 181 deflate         { yylval.num = SADB_X_CALG_DEFLATE; return(ALG_COMP); }
 182 lzs             { yylval.num = SADB_X_CALG_LZS; return(ALG_COMP); }
 183 {hyphen}R       { return(F_RAWCPI); }
 184
 185         /* extension */
 186 {hyphen}m       { return(F_MODE); }
 187 transport       { yylval.num = IPSEC_MODE_TRANSPORT; return(MODE); }
 188 tunnel          { yylval.num = IPSEC_MODE_TUNNEL; return(MODE); }
 189 {hyphen}u       { return(F_REQID); }
 190 {hyphen}f       { return(F_EXT); }
 191 random-pad      { yylval.num = SADB_X_EXT_PRAND; return(EXTENSION); }
 192 seq-pad         { yylval.num = SADB_X_EXT_PSEQ; return(EXTENSION); }
 193 zero-pad        { yylval.num = SADB_X_EXT_PZERO; return(EXTENSION); }
 194 nocyclic-seq    { return(NOCYCLICSEQ); }
 195 {hyphen}r       { return(F_REPLAY); }
 196 {hyphen}lh      { return(F_LIFETIME_HARD); }
 197 {hyphen}ls      { return(F_LIFETIME_SOFT); }
 198
 199         /* ... */
 200 any             { return(ANY); }
 201 {ws}            { }
 202 {nl}            { lineno++; }
 203 {comment}
 204 {semi}          { return(EOT); }
 205
 206         /* for address parameters: /prefix, [port] */
 207 {slash}         { return SLASH; }
 208 {blcl}          { return BLCL; }
 209 {elcl}          { return ELCL; }
 210
 211         /* parameter */
 212 {decstring}     {
 213                         char *bp;
 214
 215                         yylval.ulnum = strtoul(yytext, &bp, 10);
 216                         return(DECSTRING);
 217                 }
 218
 219 {hexstring}     {
 220                         yylval.val.buf = strdup(yytext + 2);
 221                         if (!yylval.val.buf)
 222                                 yyfatal("insufficient memory");
 223                         yylval.val.len = strlen(yylval.val.buf);
 224
 225                         return(HEXSTRING);
 226                 }
 227
 228 {quotedstring}  {
 229                         char *p = yytext;
 230                         while (*++p != '"') ;
 231                         *p = '\0';
 232                         yytext++;
 233                         yylval.val.len = yyleng - 2;
 234                         yylval.val.buf = strdup(yytext);
 235                         if (!yylval.val.buf)
 236                                 yyfatal("insufficient memory");
 237
 238                         return(QUOTEDSTRING);
 239                 }
 240
 241 [A-Za-z0-9:][A-Za-z0-9:%\.-]* {
 242                         yylval.val.len = yyleng;
 243                         yylval.val.buf = strdup(yytext);
 244                         if (!yylval.val.buf)
 245                                 yyfatal("insufficient memory");
 246                         return(STRING);
 247                 }
 248
 249 [0-9,]+ {
 250                         yylval.val.len = yyleng;
 251                         yylval.val.buf = strdup(yytext);
 252                         if (!yylval.val.buf)
 253                                 yyfatal("insufficient memory");
 254                         return(STRING);
 255                 }
 256
 257 .               {
 258                         yyfatal("Syntax error");
 259                         /*NOTREACHED*/
 260                 }
 261
 262 %%
 263
 264 void
 265 yyfatal(s)
 266         const char *s;
 267 {
 268         yyerror(s);
 269         exit(1);
 270 }
 271
 272 void
 273 yyerror(s)
 274         const char *s;
 275 {
 276         printf("line %d: %s at [%s]\n", lineno, s, yytext);
 277 }
 278
 279 int
 280 parse(fp)
 281         FILE **fp;
 282 {
 283         yyin = *fp;
 284
 285         parse_init();
 286
 287         if (yyparse()) {
 288                 printf("parse failed, line %d.\n", lineno);
 289                 return(-1);
 290         }
 291
 292         return(0);
 293 }