Home | History | Annotate | Download | only in libipsec
      1 /*	$NetBSD: policy_token.l,v 1.6.6.1 2007/08/01 11:52:19 vanhu Exp $	*/
      2 
      3 /* Id: policy_token.l,v 1.12 2005/05/05 12:32:18 manubsd Exp */
      4 
      5 /*
      6  * Copyright (C) 1995, 1996, 1997, 1998, and 1999 WIDE Project.
      7  * All rights reserved.
      8  *
      9  * Redistribution and use in source and binary forms, with or without
     10  * modification, are permitted provided that the following conditions
     11  * are met:
     12  * 1. Redistributions of source code must retain the above copyright
     13  *    notice, this list of conditions and the following disclaimer.
     14  * 2. Redistributions in binary form must reproduce the above copyright
     15  *    notice, this list of conditions and the following disclaimer in the
     16  *    documentation and/or other materials provided with the distribution.
     17  * 3. Neither the name of the project nor the names of its contributors
     18  *    may be used to endorse or promote products derived from this software
     19  *    without specific prior written permission.
     20  *
     21  * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
     22  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
     23  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
     24  * ARE DISCLAIMED.  IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
     25  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
     26  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
     27  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
     28  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
     29  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
     30  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
     31  * SUCH DAMAGE.
     32  */
     33 
     34 %{
     35 #ifdef HAVE_CONFIG_H
     36 #include "config.h"
     37 #endif
     38 
     39 #include <sys/types.h>
     40 #include <sys/param.h>
     41 #include <sys/socket.h>
     42 #include <net/pfkeyv2.h>
     43 #include <netinet/in.h>
     44 #include PATH_IPSEC_H
     45 
     46 #include <stdlib.h>
     47 #include <limits.h>
     48 #include <string.h>
     49 #include <unistd.h>
     50 #include <errno.h>
     51 
     52 #include "libpfkey.h"
     53 
     54 #if !defined(__NetBSD__) && !defined(__FreeBSD__) && !defined(__linux__)  && \
     55 !defined(__APPLE__) && !defined(__MACH__)
     56 #include "y.tab.h"
     57 #else
     58 #include "policy_parse.h"
     59 #endif
     60 #define yylval __libipseclval	/* XXX */
     61 
     62 int yylex __P((void));
     63 %}
     64 
     65 %option noyywrap
     66 %option nounput
     67 
     68 /* common section */
     69 nl		\n
     70 ws		[ \t]+
     71 digit		[0-9]
     72 hexdigit	[0-9A-Fa-f]
     73 special		[()+\|\?\*,]
     74 dot		\.
     75 comma		\,
     76 hyphen		\-
     77 colon		\:
     78 slash		\/
     79 bcl		\{
     80 ecl		\}
     81 blcl		\[
     82 elcl		\]
     83 percent		\%
     84 semi		\;
     85 plus	\+
     86 usec		{dot}{digit}{1,6}
     87 comment		\#.*
     88 ccomment	"/*"
     89 bracketstring	\<[^>]*\>
     90 quotedstring	\"[^"]*\"
     91 decstring	{digit}+
     92 hexpair		{hexdigit}{hexdigit}
     93 hexstring	0[xX]{hexdigit}+
     94 octetstring	{octet}({dot}{octet})+
     95 ipaddress	[a-zA-Z0-9:\._][a-zA-Z0-9:\._]*(%[a-zA-Z0-9]+)?
     96 
     97 %%
     98 
     99 in		{ yylval.num = IPSEC_DIR_INBOUND; return(DIR); }
    100 out		{ yylval.num = IPSEC_DIR_OUTBOUND; return(DIR); }
    101 fwd		{
    102 #ifdef HAVE_POLICY_FWD
    103 		  yylval.num = IPSEC_DIR_FWD; return(DIR);
    104 #else
    105 		  yylval.num = IPSEC_DIR_INBOUND; return(DIR);
    106 #endif
    107 		}
    108 
    109 priority	{ return(PRIORITY); }
    110 prio	{ return(PRIORITY); }
    111 low	{ yylval.num32 = PRIORITY_LOW; return(PRIO_BASE); }
    112 def { yylval.num32 = PRIORITY_DEFAULT; return(PRIO_BASE); }
    113 high	{ yylval.num32 = PRIORITY_HIGH; return(PRIO_BASE); }
    114 {plus}	{ return(PLUS); }
    115 {decstring}	{
    116 			yylval.val.len = strlen(yytext);
    117 			yylval.val.buf = yytext;
    118 			return(PRIO_OFFSET);
    119 }
    120 
    121 discard		{ yylval.num = IPSEC_POLICY_DISCARD; return(ACTION); }
    122 none		{ yylval.num = IPSEC_POLICY_NONE; return(ACTION); }
    123 ipsec		{ yylval.num = IPSEC_POLICY_IPSEC; return(ACTION); }
    124 bypass		{ yylval.num = IPSEC_POLICY_BYPASS; return(ACTION); }
    125 entrust		{ yylval.num = IPSEC_POLICY_ENTRUST; return(ACTION); }
    126 
    127 esp		{ yylval.num = IPPROTO_ESP; return(PROTOCOL); }
    128 ah		{ yylval.num = IPPROTO_AH; return(PROTOCOL); }
    129 ipcomp		{ yylval.num = IPPROTO_IPCOMP; return(PROTOCOL); }
    130 
    131 transport	{ yylval.num = IPSEC_MODE_TRANSPORT; return(MODE); }
    132 tunnel		{ yylval.num = IPSEC_MODE_TUNNEL; return(MODE); }
    133 
    134 me		{ return(ME); }
    135 any		{ return(ANY); }
    136 
    137 default		{ yylval.num = IPSEC_LEVEL_DEFAULT; return(LEVEL); }
    138 use		{ yylval.num = IPSEC_LEVEL_USE; return(LEVEL); }
    139 require		{ yylval.num = IPSEC_LEVEL_REQUIRE; return(LEVEL); }
    140 unique{colon}{decstring} {
    141 			yylval.val.len = strlen(yytext + 7);
    142 			yylval.val.buf = yytext + 7;
    143 			return(LEVEL_SPECIFY);
    144 		}
    145 unique		{ yylval.num = IPSEC_LEVEL_UNIQUE; return(LEVEL); }
    146 {slash}		{ return(SLASH); }
    147 
    148 {ipaddress}	{
    149 			yylval.val.len = strlen(yytext);
    150 			yylval.val.buf = yytext;
    151 			return(IPADDRESS);
    152 		}
    153 
    154 {hyphen}	{ return(HYPHEN); }
    155 
    156 {blcl}{decstring}{elcl} {
    157 			/* Remove leading '[' and trailing ']' */
    158 			yylval.val.buf = yytext + 1;
    159 			yylval.val.len = strlen(yytext) - 2;
    160 
    161 			return(PORT);
    162 		}
    163 
    164 {ws}		{ ; }
    165 {nl}		{ ; }
    166 
    167 %%
    168 
    169 void __policy__strbuffer__init__ __P((char *));
    170 void __policy__strbuffer__free__ __P((void));
    171 
    172 static YY_BUFFER_STATE strbuffer;
    173 
    174 void
    175 __policy__strbuffer__init__(msg)
    176 	char *msg;
    177 {
    178 	if (YY_CURRENT_BUFFER)
    179 		yy_delete_buffer(YY_CURRENT_BUFFER);
    180 	strbuffer = (YY_BUFFER_STATE)yy_scan_string(msg);
    181 	yy_switch_to_buffer(strbuffer);
    182 
    183 	return;
    184 }
    185 
    186 void
    187 __policy__strbuffer__free__()
    188 {
    189 	yy_delete_buffer(strbuffer);
    190 
    191 	return;
    192 }
    193