diff options
author | Rene Mayrhofer <rene@mayrhofer.eu.org> | 2010-05-25 19:09:13 +0000 |
---|---|---|
committer | Rene Mayrhofer <rene@mayrhofer.eu.org> | 2010-05-25 19:09:13 +0000 |
commit | 4e55071879aae604b7b61c93dc815a357571cd88 (patch) | |
tree | 4be73b1dfa1bf0df8368023010f530954ed3ff7c /src/starter | |
parent | a1c93c13ae14bf12110f9a5d5813a22668d69bfe (diff) | |
download | vyos-strongswan-4e55071879aae604b7b61c93dc815a357571cd88.tar.gz vyos-strongswan-4e55071879aae604b7b61c93dc815a357571cd88.zip |
New upstream release.
Diffstat (limited to 'src/starter')
-rw-r--r-- | src/starter/Makefile.am | 2 | ||||
-rw-r--r-- | src/starter/Makefile.in | 3 | ||||
-rw-r--r-- | src/starter/args.c | 3 | ||||
-rw-r--r-- | src/starter/cmp.c | 1 | ||||
-rw-r--r-- | src/starter/confread.c | 64 | ||||
-rw-r--r-- | src/starter/confread.h | 1 | ||||
-rw-r--r-- | src/starter/ipsec.conf.5 | 7 | ||||
-rw-r--r-- | src/starter/keywords.c | 224 | ||||
-rw-r--r-- | src/starter/keywords.h | 3 | ||||
-rw-r--r-- | src/starter/keywords.txt | 2 | ||||
-rw-r--r-- | src/starter/lex.yy.c | 44 | ||||
-rw-r--r-- | src/starter/parser.l | 4 | ||||
-rw-r--r-- | src/starter/parser.y | 16 | ||||
-rw-r--r-- | src/starter/starter.c | 11 | ||||
-rw-r--r-- | src/starter/starterstroke.c | 1 | ||||
-rw-r--r-- | src/starter/starterwhack.c | 29 | ||||
-rw-r--r-- | src/starter/y.tab.c | 325 | ||||
-rw-r--r-- | src/starter/y.tab.h | 42 |
18 files changed, 417 insertions, 365 deletions
diff --git a/src/starter/Makefile.am b/src/starter/Makefile.am index 7524b5f26..a235013f2 100644 --- a/src/starter/Makefile.am +++ b/src/starter/Makefile.am @@ -38,7 +38,7 @@ if USE_CHARON AM_CFLAGS += -DSTART_CHARON endif -lex.yy.c: $(srcdir)/parser.l $(srcdir)/parser.y $(srcdir)/parser.h +lex.yy.c: $(srcdir)/parser.l $(srcdir)/parser.y $(srcdir)/parser.h y.tab.h $(LEX) $(srcdir)/parser.l y.tab.c: $(srcdir)/parser.y $(srcdir)/parser.l $(srcdir)/parser.h diff --git a/src/starter/Makefile.in b/src/starter/Makefile.in index 79ea9de32..11449f465 100644 --- a/src/starter/Makefile.in +++ b/src/starter/Makefile.in @@ -232,6 +232,7 @@ ipsecuid = @ipsecuid@ ipsecuser = @ipsecuser@ libdir = @libdir@ libexecdir = @libexecdir@ +libhydra_plugins = @libhydra_plugins@ libstrongswan_plugins = @libstrongswan_plugins@ linux_headers = @linux_headers@ localedir = @localedir@ @@ -718,7 +719,7 @@ uninstall-man: uninstall-man5 uninstall-man8 uninstall-man8 -lex.yy.c: $(srcdir)/parser.l $(srcdir)/parser.y $(srcdir)/parser.h +lex.yy.c: $(srcdir)/parser.l $(srcdir)/parser.y $(srcdir)/parser.h y.tab.h $(LEX) $(srcdir)/parser.l y.tab.c: $(srcdir)/parser.y $(srcdir)/parser.l $(srcdir)/parser.h diff --git a/src/starter/args.c b/src/starter/args.c index ebbd42cc8..512f2f46f 100644 --- a/src/starter/args.c +++ b/src/starter/args.c @@ -248,11 +248,12 @@ static const token_info_t token_info[] = /* end keywords */ { ARG_MISC, 0, NULL /* KW_HOST */ }, + { ARG_UINT, offsetof(starter_end_t, ikeport), NULL }, { ARG_MISC, 0, NULL /* KW_NEXTHOP */ }, { ARG_STR, offsetof(starter_end_t, subnet), NULL }, { ARG_MISC, 0, NULL /* KW_SUBNETWITHIN */ }, { ARG_MISC, 0, NULL /* KW_PROTOPORT */ }, - { ARG_MISC, 0, NULL /* KW_SOURCEIP */ }, + { ARG_STR, offsetof(starter_end_t, sourceip), NULL }, { ARG_MISC, 0, NULL /* KW_NATIP */ }, { ARG_ENUM, offsetof(starter_end_t, firewall), LST_bool }, { ARG_ENUM, offsetof(starter_end_t, hostaccess), LST_bool }, diff --git a/src/starter/cmp.c b/src/starter/cmp.c index 8462a4819..33a057b44 100644 --- a/src/starter/cmp.c +++ b/src/starter/cmp.c @@ -43,6 +43,7 @@ starter_cmp_end(starter_end_t *c1, starter_end_t *c2) { ADDCMP(addr); } + VARCMP(ikeport); ADDCMP(nexthop); VARCMP(has_client); VARCMP(has_client_wildcard); diff --git a/src/starter/confread.c b/src/starter/confread.c index 07cc11503..e9b9028d5 100644 --- a/src/starter/confread.c +++ b/src/starter/confread.c @@ -96,6 +96,8 @@ static void default_values(starter_config_t *cfg) anyaddr(AF_INET, &cfg->conn_default.left.nexthop); anyaddr(AF_INET, &cfg->conn_default.right.addr); anyaddr(AF_INET, &cfg->conn_default.right.nexthop); + cfg->conn_default.left.ikeport = 500; + cfg->conn_default.right.ikeport = 500; cfg->ca_default.seen = LEMPTY; } @@ -105,8 +107,7 @@ static void default_values(starter_config_t *cfg) else if (streq(kw->value, sn)) { conn->policy &= ~fl; } \ else { plog("# bad policy value: %s=%s", kw->entry->name, kw->value); cfg->err++; } -static void -load_setup(starter_config_t *cfg, config_parsed_t *cfgp) +static void load_setup(starter_config_t *cfg, config_parsed_t *cfgp) { kw_list_t *kw; @@ -193,11 +194,13 @@ static void kw_end(starter_conn_t *conn, starter_end_t *end, kw_token_t token, streq(value, "%config") || streq(value, "%cfg")) { /* request ip via config payload */ + free(end->sourceip); end->sourceip = NULL; end->sourceip_mask = 1; } else { /* %poolname, strip %, serve ip requests */ + free(end->sourceip); end->sourceip = clone_str(value+1); end->sourceip_mask = 0; } @@ -221,6 +224,7 @@ static void kw_end(starter_conn_t *conn, starter_end_t *end, kw_token_t token, goto err; } *pos = '\0'; + free(end->sourceip); end->sourceip = clone_str(value); end->sourceip_mask = atoi(pos + 1); } @@ -232,7 +236,6 @@ static void kw_end(starter_conn_t *conn, starter_end_t *end, kw_token_t token, plog("# bad addr: %s=%s [%s]", name, value, ugh); goto err; } - end->sourceip = clone_str(value); end->sourceip_mask = (conn->tunnel_addr_family == AF_INET) ? 32 : 128; } @@ -419,8 +422,8 @@ err: /* * handles left|right=<FQDN> DNS resolution failure */ -static void -handle_dns_failure( const char *label, starter_end_t *end, starter_config_t *cfg) +static void handle_dns_failure(const char *label, starter_end_t *end, + starter_config_t *cfg) { if (end->dns_failed) { @@ -440,8 +443,8 @@ handle_dns_failure( const char *label, starter_end_t *end, starter_config_t *cfg /* * handles left|rightfirewall and left|rightupdown parameters */ -static void -handle_firewall( const char *label, starter_end_t *end, starter_config_t *cfg) +static void handle_firewall(const char *label, starter_end_t *end, + starter_config_t *cfg) { if (end->firewall && (end->seen & LELEM(KW_FIREWALL - KW_END_FIRST))) { @@ -461,8 +464,7 @@ handle_firewall( const char *label, starter_end_t *end, starter_config_t *cfg) /* * parse a conn section */ -static void -load_conn(starter_conn_t *conn, kw_list_t *kw, starter_config_t *cfg) +static void load_conn(starter_conn_t *conn, kw_list_t *kw, starter_config_t *cfg) { char *conn_name = (conn->name == NULL)? "%default":conn->name; @@ -718,8 +720,7 @@ load_conn(starter_conn_t *conn, kw_list_t *kw, starter_config_t *cfg) /* * initialize a conn object with the default conn */ -static void -conn_default(char *name, starter_conn_t *conn, starter_conn_t *def) +static void conn_default(char *name, starter_conn_t *conn, starter_conn_t *def) { memcpy(conn, def, sizeof(starter_conn_t)); conn->name = clone_str(name); @@ -732,8 +733,7 @@ conn_default(char *name, starter_conn_t *conn, starter_conn_t *def) /* * parse a ca section */ -static void -load_ca(starter_ca_t *ca, kw_list_t *kw, starter_config_t *cfg) +static void load_ca(starter_ca_t *ca, kw_list_t *kw, starter_config_t *cfg) { char *ca_name = (ca->name == NULL)? "%default":ca->name; @@ -786,8 +786,7 @@ load_ca(starter_ca_t *ca, kw_list_t *kw, starter_config_t *cfg) /* * initialize a ca object with the default ca */ -static void -ca_default(char *name, starter_ca_t *ca, starter_ca_t *def) +static void ca_default(char *name, starter_ca_t *ca, starter_ca_t *def) { memcpy(ca, def, sizeof(starter_ca_t)); ca->name = clone_str(name); @@ -795,11 +794,11 @@ ca_default(char *name, starter_ca_t *ca, starter_ca_t *def) clone_args(KW_CA_FIRST, KW_CA_LAST, (char *)ca, (char *)def); } -static kw_list_t* -find_also_conn(const char* name, starter_conn_t *conn, starter_config_t *cfg); +static kw_list_t* find_also_conn(const char* name, starter_conn_t *conn, + starter_config_t *cfg); -static void -load_also_conns(starter_conn_t *conn, also_t *also, starter_config_t *cfg) +static void load_also_conns(starter_conn_t *conn, also_t *also, + starter_config_t *cfg) { while (also != NULL) { @@ -825,8 +824,8 @@ load_also_conns(starter_conn_t *conn, also_t *also, starter_config_t *cfg) /* * find a conn included by also */ -static kw_list_t* -find_also_conn(const char* name, starter_conn_t *conn, starter_config_t *cfg) +static kw_list_t* find_also_conn(const char* name, starter_conn_t *conn, + starter_config_t *cfg) { starter_conn_t *c = cfg->conn_first; @@ -852,11 +851,10 @@ find_also_conn(const char* name, starter_conn_t *conn, starter_config_t *cfg) return NULL; } -static kw_list_t* -find_also_ca(const char* name, starter_ca_t *ca, starter_config_t *cfg); +static kw_list_t* find_also_ca(const char* name, starter_ca_t *ca, + starter_config_t *cfg); -static void -load_also_cas(starter_ca_t *ca, also_t *also, starter_config_t *cfg) +static void load_also_cas(starter_ca_t *ca, also_t *also, starter_config_t *cfg) { while (also != NULL) { @@ -882,8 +880,8 @@ load_also_cas(starter_ca_t *ca, also_t *also, starter_config_t *cfg) /* * find a ca included by also */ -static kw_list_t* -find_also_ca(const char* name, starter_ca_t *ca, starter_config_t *cfg) +static kw_list_t* find_also_ca(const char* name, starter_ca_t *ca, + starter_config_t *cfg) { starter_ca_t *c = cfg->ca_first; @@ -912,8 +910,7 @@ find_also_ca(const char* name, starter_ca_t *ca, starter_config_t *cfg) /* * free the memory used by also_t objects */ -static void -free_also(also_t *head) +static void free_also(also_t *head) { while (head != NULL) { @@ -928,8 +925,7 @@ free_also(also_t *head) /* * free the memory used by a starter_conn_t object */ -static void -confread_free_conn(starter_conn_t *conn) +static void confread_free_conn(starter_conn_t *conn) { free_args(KW_END_FIRST, KW_END_LAST, (char *)&conn->left); free_args(KW_END_FIRST, KW_END_LAST, (char *)&conn->right); @@ -950,8 +946,7 @@ confread_free_ca(starter_ca_t *ca) /* * free the memory used by a starter_config_t object */ -void -confread_free(starter_config_t *cfg) +void confread_free(starter_config_t *cfg) { starter_conn_t *conn = cfg->conn_first; starter_ca_t *ca = cfg->ca_first; @@ -986,8 +981,7 @@ confread_free(starter_config_t *cfg) /* * load and parse an IPsec configuration file */ -starter_config_t * -confread_load(const char *file) +starter_config_t* confread_load(const char *file) { starter_config_t *cfg = NULL; config_parsed_t *cfgp; diff --git a/src/starter/confread.h b/src/starter/confread.h index 7f3211628..199fab642 100644 --- a/src/starter/confread.h +++ b/src/starter/confread.h @@ -66,6 +66,7 @@ struct starter_end { char *groups; char *iface; ip_address addr; + u_int ikeport; ip_address nexthop; char *subnet; bool has_client; diff --git a/src/starter/ipsec.conf.5 b/src/starter/ipsec.conf.5 index d4dd7238f..4cb1cb0fc 100644 --- a/src/starter/ipsec.conf.5 +++ b/src/starter/ipsec.conf.5 @@ -604,6 +604,13 @@ identity to use for a second authentication for the left participant (IKEv2 only); defaults to .BR leftid . .TP +.B leftikeport +UDP port the left participant uses for IKE communication. Currently supported in +IKEv2 connections only. If unspecified, port 500 is used with port floating to +4500 if NAT is detected or MOBIKE enabled. Specifying a local IKE port +different from the default additionally requires a socket implementation that +listens to this port. +.TP .B leftnexthop this parameter is not needed any more because the NETKEY IPsec stack does not require explicit routing entries for the traffic to be tunneled. diff --git a/src/starter/keywords.c b/src/starter/keywords.c index e379f78e9..df39f0dc7 100644 --- a/src/starter/keywords.c +++ b/src/starter/keywords.c @@ -54,12 +54,12 @@ struct kw_entry { kw_token_t token; }; -#define TOTAL_KEYWORDS 119 +#define TOTAL_KEYWORDS 121 #define MIN_WORD_LENGTH 3 #define MAX_WORD_LENGTH 17 -#define MIN_HASH_VALUE 17 -#define MAX_HASH_VALUE 215 -/* maximum key range = 199, duplicates = 0 */ +#define MIN_HASH_VALUE 11 +#define MAX_HASH_VALUE 230 +/* maximum key range = 220, duplicates = 0 */ #ifdef __GNUC__ __inline @@ -75,32 +75,32 @@ hash (str, len) { static const unsigned char asso_values[] = { - 216, 216, 216, 216, 216, 216, 216, 216, 216, 216, - 216, 216, 216, 216, 216, 216, 216, 216, 216, 216, - 216, 216, 216, 216, 216, 216, 216, 216, 216, 216, - 216, 216, 216, 216, 216, 216, 216, 216, 216, 216, - 216, 216, 216, 216, 216, 216, 216, 216, 216, 12, - 78, 216, 216, 216, 216, 216, 216, 216, 216, 216, - 216, 216, 216, 216, 216, 216, 216, 216, 216, 216, - 216, 216, 216, 216, 216, 216, 216, 216, 216, 216, - 216, 216, 216, 216, 216, 216, 216, 216, 216, 216, - 216, 216, 216, 216, 216, 4, 216, 20, 216, 45, - 55, 4, 77, 14, 78, 4, 216, 119, 4, 89, - 46, 34, 29, 216, 6, 12, 5, 56, 34, 216, - 4, 20, 5, 216, 216, 216, 216, 216, 216, 216, - 216, 216, 216, 216, 216, 216, 216, 216, 216, 216, - 216, 216, 216, 216, 216, 216, 216, 216, 216, 216, - 216, 216, 216, 216, 216, 216, 216, 216, 216, 216, - 216, 216, 216, 216, 216, 216, 216, 216, 216, 216, - 216, 216, 216, 216, 216, 216, 216, 216, 216, 216, - 216, 216, 216, 216, 216, 216, 216, 216, 216, 216, - 216, 216, 216, 216, 216, 216, 216, 216, 216, 216, - 216, 216, 216, 216, 216, 216, 216, 216, 216, 216, - 216, 216, 216, 216, 216, 216, 216, 216, 216, 216, - 216, 216, 216, 216, 216, 216, 216, 216, 216, 216, - 216, 216, 216, 216, 216, 216, 216, 216, 216, 216, - 216, 216, 216, 216, 216, 216, 216, 216, 216, 216, - 216, 216, 216, 216, 216, 216 + 231, 231, 231, 231, 231, 231, 231, 231, 231, 231, + 231, 231, 231, 231, 231, 231, 231, 231, 231, 231, + 231, 231, 231, 231, 231, 231, 231, 231, 231, 231, + 231, 231, 231, 231, 231, 231, 231, 231, 231, 231, + 231, 231, 231, 231, 231, 231, 231, 231, 231, 26, + 75, 231, 231, 231, 231, 231, 231, 231, 231, 231, + 231, 231, 231, 231, 231, 231, 231, 231, 231, 231, + 231, 231, 231, 231, 231, 231, 231, 231, 231, 231, + 231, 231, 231, 231, 231, 231, 231, 231, 231, 231, + 231, 231, 231, 231, 231, 2, 231, 25, 231, 40, + 61, 2, 114, 24, 3, 2, 231, 101, 2, 96, + 48, 35, 23, 231, 4, 10, 3, 69, 25, 231, + 2, 18, 16, 231, 231, 231, 231, 231, 231, 231, + 231, 231, 231, 231, 231, 231, 231, 231, 231, 231, + 231, 231, 231, 231, 231, 231, 231, 231, 231, 231, + 231, 231, 231, 231, 231, 231, 231, 231, 231, 231, + 231, 231, 231, 231, 231, 231, 231, 231, 231, 231, + 231, 231, 231, 231, 231, 231, 231, 231, 231, 231, + 231, 231, 231, 231, 231, 231, 231, 231, 231, 231, + 231, 231, 231, 231, 231, 231, 231, 231, 231, 231, + 231, 231, 231, 231, 231, 231, 231, 231, 231, 231, + 231, 231, 231, 231, 231, 231, 231, 231, 231, 231, + 231, 231, 231, 231, 231, 231, 231, 231, 231, 231, + 231, 231, 231, 231, 231, 231, 231, 231, 231, 231, + 231, 231, 231, 231, 231, 231, 231, 231, 231, 231, + 231, 231, 231, 231, 231, 231 }; register int hval = len; @@ -128,119 +128,121 @@ static const struct kw_entry wordlist[] = {"right", KW_RIGHT}, {"lifetime", KW_KEYLIFE}, {"leftcert", KW_LEFTCERT,}, + {"reauth", KW_REAUTH}, {"leftfirewall", KW_LEFTFIREWALL}, {"leftsendcert", KW_LEFTSENDCERT}, + {"rightikeport", KW_RIGHTIKEPORT}, {"leftprotoport", KW_LEFTPROTOPORT}, {"type", KW_TYPE}, - {"rekey", KW_REKEY}, {"leftgroups", KW_LEFTGROUPS}, + {"rekey", KW_REKEY}, {"rightsubnet", KW_RIGHTSUBNET}, {"rightsendcert", KW_RIGHTSENDCERT}, + {"righthostaccess", KW_RIGHTHOSTACCESS}, + {"xauth", KW_XAUTH}, {"leftallowany", KW_LEFTALLOWANY}, - {"rightgroups", KW_RIGHTGROUPS}, {"esp", KW_ESP}, + {"leftnexthop", KW_LEFTNEXTHOP}, {"lifebytes", KW_LIFEBYTES}, {"rightrsasigkey", KW_RIGHTRSASIGKEY}, - {"lifepackets", KW_LIFEPACKETS}, - {"leftnexthop", KW_LEFTNEXTHOP}, + {"rightauth", KW_RIGHTAUTH}, {"leftrsasigkey", KW_LEFTRSASIGKEY}, - {"leftca", KW_LEFTCA}, - {"eap", KW_EAP}, - {"strictcrlpolicy", KW_STRICTCRLPOLICY}, {"rightprotoport", KW_RIGHTPROTOPORT}, {"plutostart", KW_PLUTOSTART}, - {"also", KW_ALSO}, - {"rightallowany", KW_RIGHTALLOWANY}, + {"strictcrlpolicy", KW_STRICTCRLPOLICY}, + {"lifepackets", KW_LIFEPACKETS}, + {"rightgroups", KW_RIGHTGROUPS}, {"rightsourceip", KW_RIGHTSOURCEIP}, + {"eap", KW_EAP}, {"crluri", KW_CRLURI}, - {"leftnatip", KW_LEFTNATIP}, - {"lefthostaccess", KW_LEFTHOSTACCESS}, + {"hidetos", KW_HIDETOS}, {"rightcert", KW_RIGHTCERT}, {"certuribase", KW_CERTURIBASE}, + {"leftca", KW_LEFTCA}, + {"leftnatip", KW_LEFTNATIP}, + {"rightallowany", KW_RIGHTALLOWANY}, + {"lefthostaccess", KW_LEFTHOSTACCESS}, + {"crlcheckinterval", KW_CRLCHECKINTERVAL}, + {"also", KW_ALSO}, {"packetdefault", KW_PACKETDEFAULT}, + {"virtual_private", KW_VIRTUAL_PRIVATE}, {"plutostderrlog", KW_PLUTOSTDERRLOG}, - {"crluri1", KW_CRLURI}, - {"crlcheckinterval", KW_CRLCHECKINTERVAL}, + {"leftsourceip", KW_LEFTSOURCEIP}, {"rightid", KW_RIGHTID}, - {"virtual_private", KW_VIRTUAL_PRIVATE}, - {"leftsubnet", KW_LEFTSUBNET}, {"cacert", KW_CACERT}, {"rightca", KW_RIGHTCA}, - {"leftsourceip", KW_LEFTSOURCEIP}, + {"crluri1", KW_CRLURI}, {"inactivity", KW_INACTIVITY}, {"rightsubnetwithin", KW_RIGHTSUBNETWITHIN}, {"installpolicy", KW_INSTALLPOLICY}, - {"nat_traversal", KW_NAT_TRAVERSAL}, - {"ldapbase", KW_LDAPBASE}, + {"leftauth", KW_LEFTAUTH}, {"leftupdown", KW_LEFTUPDOWN}, + {"leftsubnet", KW_LEFTSUBNET}, {"rightnatip", KW_RIGHTNATIP}, {"ocspuri", KW_OCSPURI}, {"rightnexthop", KW_RIGHTNEXTHOP}, {"leftcert2", KW_LEFTCERT2,}, {"rightid2", KW_RIGHTID2}, - {"rekeyfuzz", KW_REKEYFUZZ}, + {"nat_traversal", KW_NAT_TRAVERSAL}, {"compress", KW_COMPRESS}, - {"rightfirewall", KW_RIGHTFIREWALL}, - {"ocspuri1", KW_OCSPURI}, - {"ldaphost", KW_LDAPHOST}, - {"xauth", KW_XAUTH}, + {"ldapbase", KW_LDAPBASE}, + {"auth", KW_AUTH}, {"postpluto", KW_POSTPLUTO}, - {"eap_identity", KW_EAP_IDENTITY}, - {"plutodebug", KW_PLUTODEBUG}, + {"charonstart", KW_CHARONSTART}, + {"ike", KW_IKE}, + {"ldaphost", KW_LDAPHOST}, {"leftca2", KW_LEFTCA2}, - {"auto", KW_AUTO}, - {"righthostaccess", KW_RIGHTHOSTACCESS}, {"dpddelay", KW_DPDDELAY}, - {"rightauth", KW_RIGHTAUTH}, + {"ocspuri1", KW_OCSPURI}, {"rightauth2", KW_RIGHTAUTH2}, - {"pfs", KW_PFS}, - {"authby", KW_AUTHBY}, - {"rightupdown", KW_RIGHTUPDOWN}, + {"eap_identity", KW_EAP_IDENTITY}, + {"leftikeport", KW_LEFTIKEPORT}, + {"plutodebug", KW_PLUTODEBUG}, + {"cachecrls", KW_CACHECRLS}, + {"charondebug", KW_CHARONDEBUG}, + {"crluri2", KW_CRLURI2}, + {"rightca2", KW_RIGHTCA2}, + {"mediated_by", KW_MEDIATED_BY}, + {"rightcert2", KW_RIGHTCERT2}, {"leftid", KW_LEFTID}, + {"auto", KW_AUTO}, + {"rightupdown", KW_RIGHTUPDOWN}, + {"rightfirewall", KW_RIGHTFIREWALL}, + {"authby", KW_AUTHBY}, {"leftsubnetwithin", KW_LEFTSUBNETWITHIN}, {"uniqueids", KW_UNIQUEIDS}, - {"dumpdir", KW_DUMPDIR}, - {"mediated_by", KW_MEDIATED_BY}, - {"ike", KW_IKE}, - {"cachecrls", KW_CACHECRLS}, {"prepluto", KW_PREPLUTO}, - {"force_keepalive", KW_FORCE_KEEPALIVE}, - {"hidetos", KW_HIDETOS}, + {"keep_alive", KW_KEEP_ALIVE}, {"mobike", KW_MOBIKE}, - {"forceencaps", KW_FORCEENCAPS}, {"overridemtu", KW_OVERRIDEMTU}, - {"crluri2", KW_CRLURI2}, - {"rightca2", KW_RIGHTCA2}, - {"rightcert2", KW_RIGHTCERT2}, + {"dumpdir", KW_DUMPDIR}, {"dpdaction", KW_DPDACTION}, - {"nocrsend", KW_NOCRSEND}, + {"rekeyfuzz", KW_REKEYFUZZ}, {"leftid2", KW_LEFTID2}, - {"interfaces", KW_INTERFACES}, - {"leftauth", KW_LEFTAUTH}, + {"keyingtries", KW_KEYINGTRIES}, + {"pfs", KW_PFS}, + {"nocrsend", KW_NOCRSEND}, + {"keyexchange", KW_KEYEXCHANGE}, {"leftauth2", KW_LEFTAUTH2}, {"mediation", KW_MEDIATION}, {"rekeymargin", KW_REKEYMARGIN}, - {"keep_alive", KW_KEEP_ALIVE}, - {"auth", KW_AUTH}, - {"keyingtries", KW_KEYINGTRIES}, - {"me_peerid", KW_ME_PEERID}, - {"fragicmp", KW_FRAGICMP}, - {"margintime", KW_REKEYMARGIN}, {"ocspuri2", KW_OCSPURI2}, - {"reauth", KW_REAUTH}, {"pkcs11module", KW_PKCS11MODULE}, - {"pfsgroup", KW_PFSGROUP}, - {"marginbytes", KW_MARGINBYTES}, {"pkcs11keepstate", KW_PKCS11KEEPSTATE}, - {"marginpackets", KW_MARGINPACKETS}, - {"modeconfig", KW_MODECONFIG}, - {"keyexchange", KW_KEYEXCHANGE}, - {"charonstart", KW_CHARONSTART}, + {"force_keepalive", KW_FORCE_KEEPALIVE}, + {"me_peerid", KW_ME_PEERID}, + {"forceencaps", KW_FORCEENCAPS}, {"pkcs11initargs", KW_PKCS11INITARGS}, - {"dpdtimeout", KW_DPDTIMEOUT}, {"pkcs11proxy", KW_PKCS11PROXY}, - {"charondebug", KW_CHARONDEBUG}, + {"margintime", KW_REKEYMARGIN}, + {"interfaces", KW_INTERFACES}, + {"fragicmp", KW_FRAGICMP}, + {"marginbytes", KW_MARGINBYTES}, + {"marginpackets", KW_MARGINPACKETS}, + {"dpdtimeout", KW_DPDTIMEOUT}, {"klipsdebug", KW_KLIPSDEBUG}, + {"modeconfig", KW_MODECONFIG}, + {"pfsgroup", KW_PFSGROUP}, {"keylife", KW_KEYLIFE}, {"ikelifetime", KW_IKELIFETIME} }; @@ -248,27 +250,29 @@ static const struct kw_entry wordlist[] = static const short lookup[] = { -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, -1, -1, 0, -1, -1, - 1, -1, -1, -1, 2, 3, -1, -1, 4, 5, - -1, -1, 6, 7, -1, 8, 9, -1, 10, -1, - 11, -1, -1, -1, 12, -1, -1, 13, 14, 15, - 16, 17, 18, 19, 20, -1, 21, 22, 23, -1, - 24, -1, 25, 26, 27, 28, 29, -1, 30, 31, - 32, -1, 33, 34, 35, 36, 37, 38, -1, 39, - -1, 40, 41, 42, 43, 44, -1, 45, -1, 46, - -1, 47, -1, 48, -1, 49, 50, 51, -1, 52, - 53, 54, -1, 55, 56, 57, 58, 59, -1, -1, - 60, 61, 62, 63, 64, 65, 66, 67, 68, -1, - -1, 69, 70, 71, 72, -1, 73, 74, 75, 76, - 77, 78, -1, 79, 80, 81, -1, 82, 83, 84, - 85, 86, -1, 87, 88, -1, -1, 89, 90, 91, - 92, 93, -1, 94, -1, -1, 95, 96, 97, -1, - 98, 99, -1, -1, -1, 100, -1, -1, -1, 101, - -1, 102, 103, -1, -1, -1, 104, 105, 106, 107, - 108, 109, -1, 110, -1, 111, 112, -1, 113, -1, - -1, 114, -1, -1, 115, -1, -1, -1, -1, -1, - -1, -1, 116, -1, -1, -1, -1, -1, -1, -1, - -1, 117, -1, -1, -1, 118 + -1, 0, -1, -1, 1, -1, 2, 3, 4, -1, + 5, 6, -1, 7, 8, -1, -1, 9, 10, 11, + 12, -1, 13, -1, 14, 15, 16, -1, 17, -1, + 18, 19, 20, 21, -1, 22, 23, -1, 24, 25, + 26, 27, 28, 29, 30, -1, -1, 31, 32, 33, + 34, 35, 36, 37, 38, -1, 39, 40, -1, 41, + -1, -1, -1, 42, 43, -1, 44, 45, 46, 47, + 48, 49, -1, 50, 51, 52, 53, 54, 55, 56, + 57, 58, 59, -1, -1, 60, -1, -1, 61, -1, + -1, 62, -1, -1, 63, 64, -1, -1, 65, 66, + -1, 67, 68, 69, -1, -1, 70, -1, 71, 72, + 73, -1, -1, -1, 74, -1, 75, -1, 76, 77, + 78, 79, 80, 81, 82, 83, 84, 85, 86, 87, + 88, 89, 90, 91, 92, 93, -1, 94, 95, -1, + 96, -1, -1, -1, 97, -1, 98, 99, 100, -1, + -1, 101, 102, -1, 103, -1, -1, 104, 105, -1, + 106, -1, 107, -1, 108, -1, -1, -1, -1, 109, + -1, 110, -1, -1, 111, -1, -1, -1, -1, 112, + 113, -1, 114, 115, -1, -1, -1, -1, 116, -1, + 117, -1, -1, 118, -1, -1, -1, -1, -1, -1, + -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, + -1, -1, -1, -1, -1, -1, 119, -1, -1, -1, + 120 }; #ifdef __GNUC__ diff --git a/src/starter/keywords.h b/src/starter/keywords.h index 8be31d148..6c3907a6a 100644 --- a/src/starter/keywords.h +++ b/src/starter/keywords.h @@ -118,6 +118,7 @@ typedef enum { /* end keywords */ KW_HOST, KW_NEXTHOP, + KW_IKEPORT, KW_SUBNET, KW_SUBNETWITHIN, KW_PROTOPORT, @@ -145,6 +146,7 @@ typedef enum { /* left end keywords */ KW_LEFT, + KW_LEFTIKEPORT, KW_LEFTNEXTHOP, KW_LEFTSUBNET, KW_LEFTSUBNETWITHIN, @@ -172,6 +174,7 @@ typedef enum { /* right end keywords */ KW_RIGHT, + KW_RIGHTIKEPORT, KW_RIGHTNEXTHOP, KW_RIGHTSUBNET, KW_RIGHTSUBNETWITHIN, diff --git a/src/starter/keywords.txt b/src/starter/keywords.txt index adf3069bf..12037a685 100644 --- a/src/starter/keywords.txt +++ b/src/starter/keywords.txt @@ -98,6 +98,7 @@ ocspuri1, KW_OCSPURI ocspuri2, KW_OCSPURI2 certuribase, KW_CERTURIBASE left, KW_LEFT +leftikeport, KW_LEFTIKEPORT leftnexthop, KW_LEFTNEXTHOP leftsubnet, KW_LEFTSUBNET leftsubnetwithin, KW_LEFTSUBNETWITHIN @@ -120,6 +121,7 @@ leftca, KW_LEFTCA leftca2, KW_LEFTCA2 leftgroups, KW_LEFTGROUPS right, KW_RIGHT +rightikeport, KW_RIGHTIKEPORT rightnexthop, KW_RIGHTNEXTHOP rightsubnet, KW_RIGHTSUBNET rightsubnetwithin, KW_RIGHTSUBNETWITHIN diff --git a/src/starter/lex.yy.c b/src/starter/lex.yy.c index 4596c0cc3..13bf87f0b 100644 --- a/src/starter/lex.yy.c +++ b/src/starter/lex.yy.c @@ -513,7 +513,8 @@ char *yytext; #define MAX_INCLUDE_DEPTH 20 extern void yyerror(const char *); -extern int yylex (void); +extern int yylex(void); +extern int yylex_destroy(void); static struct { int stack_ptr; @@ -557,6 +558,7 @@ void _parser_y_fini (void) fclose(__parser_y_private.file[i]); } memset(&__parser_y_private, 0, sizeof(__parser_y_private)); + yylex_destroy(); } int _parser_y_include (const char *filename) @@ -617,7 +619,7 @@ int _parser_y_include (const char *filename) return 0; } -#line 621 "lex.yy.c" +#line 623 "lex.yy.c" #define INITIAL 0 @@ -805,10 +807,10 @@ YY_DECL register char *yy_cp, *yy_bp; register int yy_act; -#line 133 "./parser.l" +#line 135 "./parser.l" -#line 812 "lex.yy.c" +#line 814 "lex.yy.c" if ( !(yy_init) ) { @@ -893,7 +895,7 @@ do_action: /* This label is used only to access EOF actions. */ goto yy_find_action; case YY_STATE_EOF(INITIAL): -#line 135 "./parser.l" +#line 137 "./parser.l" { if (__parser_y_private.filename[__parser_y_private.stack_ptr]) { free(__parser_y_private.filename[__parser_y_private.stack_ptr]); @@ -913,23 +915,23 @@ case YY_STATE_EOF(INITIAL): YY_BREAK case 1: YY_RULE_SETUP -#line 152 "./parser.l" +#line 154 "./parser.l" return FIRST_SPACES; YY_BREAK case 2: YY_RULE_SETUP -#line 154 "./parser.l" +#line 156 "./parser.l" /* ignore spaces in line */ ; YY_BREAK case 3: YY_RULE_SETUP -#line 156 "./parser.l" +#line 158 "./parser.l" return EQUAL; YY_BREAK case 4: /* rule 4 can match eol */ YY_RULE_SETUP -#line 158 "./parser.l" +#line 160 "./parser.l" { __parser_y_private.line[__parser_y_private.stack_ptr]++; return EOL; @@ -937,37 +939,37 @@ YY_RULE_SETUP YY_BREAK case 5: YY_RULE_SETUP -#line 163 "./parser.l" +#line 165 "./parser.l" return CONFIG; YY_BREAK case 6: YY_RULE_SETUP -#line 164 "./parser.l" +#line 166 "./parser.l" return SETUP; YY_BREAK case 7: YY_RULE_SETUP -#line 165 "./parser.l" +#line 167 "./parser.l" return CONN; YY_BREAK case 8: YY_RULE_SETUP -#line 166 "./parser.l" +#line 168 "./parser.l" return CA; YY_BREAK case 9: YY_RULE_SETUP -#line 167 "./parser.l" +#line 169 "./parser.l" return INCLUDE; YY_BREAK case 10: YY_RULE_SETUP -#line 168 "./parser.l" +#line 170 "./parser.l" return FILE_VERSION; YY_BREAK case 11: YY_RULE_SETUP -#line 170 "./parser.l" +#line 172 "./parser.l" { yylval.s = strdup(yytext); return STRING; @@ -975,7 +977,7 @@ YY_RULE_SETUP YY_BREAK case 12: YY_RULE_SETUP -#line 175 "./parser.l" +#line 177 "./parser.l" { yylval.s = strdup(yytext+1); if (yylval.s) yylval.s[strlen(yylval.s)-1]='\0'; @@ -984,15 +986,15 @@ YY_RULE_SETUP YY_BREAK case 13: YY_RULE_SETUP -#line 181 "./parser.l" +#line 183 "./parser.l" yyerror(yytext); YY_BREAK case 14: YY_RULE_SETUP -#line 183 "./parser.l" +#line 185 "./parser.l" ECHO; YY_BREAK -#line 996 "lex.yy.c" +#line 998 "lex.yy.c" case YY_END_OF_BUFFER: { @@ -1954,7 +1956,7 @@ void yyfree (void * ptr ) #define YYTABLES_NAME "yytables" -#line 183 "./parser.l" +#line 185 "./parser.l" diff --git a/src/starter/parser.l b/src/starter/parser.l index 5857c0815..c45847c5c 100644 --- a/src/starter/parser.l +++ b/src/starter/parser.l @@ -24,7 +24,8 @@ #define MAX_INCLUDE_DEPTH 20 extern void yyerror(const char *); -extern int yylex (void); +extern int yylex(void); +extern int yylex_destroy(void); static struct { int stack_ptr; @@ -68,6 +69,7 @@ void _parser_y_fini (void) fclose(__parser_y_private.file[i]); } memset(&__parser_y_private, 0, sizeof(__parser_y_private)); + yylex_destroy(); } int _parser_y_include (const char *filename) diff --git a/src/starter/parser.y b/src/starter/parser.y index 4533228c2..b0b1f6f21 100644 --- a/src/starter/parser.y +++ b/src/starter/parser.y @@ -156,21 +156,20 @@ statement_kw: %% -void -yyerror(const char *s) +void yyerror(const char *s) { if (_save_errors_) _parser_y_error(parser_errstring, ERRSTRING_LEN, s); } -config_parsed_t * -parser_load_conf(const char *file) +config_parsed_t *parser_load_conf(const char *file) { config_parsed_t *cfg = NULL; int err = 0; FILE *f; - extern void _parser_y_init (const char *f); + extern void _parser_y_init(const char *f); + extern void _parser_y_fini(void); extern FILE *yyin; memset(parser_errstring, 0, ERRSTRING_LEN+1); @@ -231,11 +230,11 @@ parser_load_conf(const char *file) cfg = NULL; } + _parser_y_fini(); return cfg; } -static void -parser_free_kwlist(kw_list_t *list) +static void parser_free_kwlist(kw_list_t *list) { kw_list_t *elt; @@ -248,8 +247,7 @@ parser_free_kwlist(kw_list_t *list) } } -void -parser_free_conf(config_parsed_t *cfg) +void parser_free_conf(config_parsed_t *cfg) { section_list_t *sec; if (cfg) diff --git a/src/starter/starter.c b/src/starter/starter.c index 0aab76d43..50ef9c07b 100644 --- a/src/starter/starter.c +++ b/src/starter/starter.c @@ -28,6 +28,7 @@ #include <grp.h> #include <freeswan.h> +#include <library.h> #include "../pluto/constants.h" #include "../pluto/defs.h" @@ -245,6 +246,9 @@ int main (int argc, char **argv) log_to_stderr = TRUE; base_debugging = DBG_NONE; + library_init(NULL); + atexit(library_deinit); + /* parse command line */ for (i = 1; i < argc; i++) { @@ -358,6 +362,7 @@ int main (int argc, char **argv) if (stat(STARTER_PID_FILE, &stb) == 0) { plog("starter is already running (%s exists) -- no fork done", STARTER_PID_FILE); + confread_free(cfg); exit(LSB_RC_SUCCESS); } @@ -388,6 +393,7 @@ int main (int argc, char **argv) plog("can't fork: %s", strerror(errno)); break; default: + confread_free(cfg); exit(LSB_RC_SUCCESS); } } @@ -422,11 +428,8 @@ int main (int argc, char **argv) confread_free(cfg); unlink(STARTER_PID_FILE); unlink(INFO_FILE); -#ifdef LEAK_DETECTIVE - report_leaks(); -#endif /* LEAK_DETECTIVE */ - close_log(); plog("ipsec starter stopped"); + close_log(); exit(LSB_RC_SUCCESS); } diff --git a/src/starter/starterstroke.c b/src/starter/starterstroke.c index 665350c00..d877661ec 100644 --- a/src/starter/starterstroke.c +++ b/src/starter/starterstroke.c @@ -186,6 +186,7 @@ static void starter_stroke_add_end(stroke_msg_t *msg, stroke_end_t *msg_end, sta msg_end->updown = push_string(msg, conn_end->updown); ip_address2string(&conn_end->addr, buffer, sizeof(buffer)); msg_end->address = push_string(msg, buffer); + msg_end->ikeport = conn_end->ikeport; msg_end->subnets = push_string(msg, conn_end->subnet); msg_end->sourceip = push_string(msg, conn_end->sourceip); msg_end->sourceip_mask = conn_end->sourceip_mask; diff --git a/src/starter/starterwhack.c b/src/starter/starterwhack.c index 67916395f..527142a4e 100644 --- a/src/starter/starterwhack.c +++ b/src/starter/starterwhack.c @@ -91,6 +91,8 @@ static int send_whack_msg (whack_message_t *msg) || !pack_str(&msg->ike, &str_next, &str_roof) || !pack_str(&msg->esp, &str_next, &str_roof) || !pack_str(&msg->sc_data, &str_next, &str_roof) + || !pack_str(&msg->whack_lease_ip, &str_next, &str_roof) + || !pack_str(&msg->whack_lease_id, &str_next, &str_roof) || (str_roof - str_next < msg->keyval.len)) { plog("send_wack_msg(): can't pack strings"); @@ -138,14 +140,12 @@ static void init_whack_msg(whack_message_t *msg) msg->magic = WHACK_MAGIC; } -static char *connection_name(starter_conn_t *conn) +static char *connection_name(starter_conn_t *conn, char *buf, size_t size) { /* if connection name is '%auto', create a new name like conn_xxxxx */ - static char buf[32]; - if (streq(conn->name, "%auto")) { - sprintf(buf, "conn_%ld", conn->id); + snprintf(buf, size, "conn_%ld", conn->id); return buf; } return conn->name; @@ -161,7 +161,7 @@ static void set_whack_end(whack_end_t *w, starter_end_t *end, sa_family_t family w->has_client = end->has_client; w->sourceip = end->sourceip; w->sourceip_mask = end->sourceip_mask; - + if (end->sourceip && end->sourceip_mask > 0) { ttoaddr(end->sourceip, 0, ip_version(end->sourceip), &w->host_srcip); @@ -226,10 +226,11 @@ starter_whack_add_pubkey (starter_conn_t *conn, starter_end_t *end { const char *err; static char keyspace[1024 + 4]; - char buf[ADDRTOT_BUF]; + char buf[ADDRTOT_BUF], name[32]; whack_message_t msg; init_whack_msg(&msg); + connection_name(conn, name, sizeof(name)); msg.whack_key = TRUE; msg.pubkey_alg = PUBKEY_ALG_RSA; @@ -246,7 +247,7 @@ starter_whack_add_pubkey (starter_conn_t *conn, starter_end_t *end err = atobytes(end->rsakey, 0, keyspace, sizeof(keyspace), &msg.keyval.len); if (err) { - plog("conn %s/%s: rsakey malformed [%s]", connection_name(conn), lr, err); + plog("conn %s/%s: rsakey malformed [%s]", name, lr, err); return 1; } if (end->id) @@ -266,13 +267,14 @@ starter_whack_add_pubkey (starter_conn_t *conn, starter_end_t *end int starter_whack_add_conn(starter_conn_t *conn) { + char esp_buf[256], name[32]; whack_message_t msg; int r; init_whack_msg(&msg); msg.whack_connection = TRUE; - msg.name = connection_name(conn); + msg.name = connection_name(conn, name, sizeof(name)); msg.ikev1 = conn->keyexchange != KEY_EXCHANGE_IKEV2; msg.addr_family = conn->addr_family; @@ -302,8 +304,6 @@ int starter_whack_add_conn(starter_conn_t *conn) /* taken from pluto/whack.c */ if (msg.pfsgroup) { - char esp_buf[256]; - snprintf(esp_buf, sizeof (esp_buf), "%s;%s" , msg.esp ? msg.esp : "" , msg.pfsgroup ? msg.pfsgroup : ""); @@ -331,32 +331,35 @@ int starter_whack_add_conn(starter_conn_t *conn) int starter_whack_del_conn(starter_conn_t *conn) { + char name[32]; whack_message_t msg; init_whack_msg(&msg); msg.whack_delete = TRUE; - msg.name = connection_name(conn); + msg.name = connection_name(conn, name, sizeof(name)); return send_whack_msg(&msg); } int starter_whack_route_conn(starter_conn_t *conn) { + char name[32]; whack_message_t msg; init_whack_msg(&msg); msg.whack_route = TRUE; - msg.name = connection_name(conn); + msg.name = connection_name(conn, name, sizeof(name)); return send_whack_msg(&msg); } int starter_whack_initiate_conn(starter_conn_t *conn) { + char name[32]; whack_message_t msg; init_whack_msg(&msg); msg.whack_initiate = TRUE; msg.whack_async = TRUE; - msg.name = connection_name(conn); + msg.name = connection_name(conn, name, sizeof(name)); return send_whack_msg(&msg); } diff --git a/src/starter/y.tab.c b/src/starter/y.tab.c index b78c1b1f9..504b5589e 100644 --- a/src/starter/y.tab.c +++ b/src/starter/y.tab.c @@ -1,24 +1,23 @@ -/* A Bison parser, made by GNU Bison 2.3. */ -/* Skeleton implementation for Bison's Yacc-like parsers in C +/* A Bison parser, made by GNU Bison 2.4.1. */ - Copyright (C) 1984, 1989, 1990, 2000, 2001, 2002, 2003, 2004, 2005, 2006 +/* Skeleton implementation for Bison's Yacc-like parsers in C + + Copyright (C) 1984, 1989, 1990, 2000, 2001, 2002, 2003, 2004, 2005, 2006 Free Software Foundation, Inc. - - This program is free software; you can redistribute it and/or modify + + This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2, or (at your option) - any later version. - + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. - + You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 51 Franklin Street, Fifth Floor, - Boston, MA 02110-1301, USA. */ + along with this program. If not, see <http://www.gnu.org/licenses/>. */ /* As a special exception, you may create a larger work that contains part or all of the Bison parser skeleton and distribute that work @@ -29,7 +28,7 @@ special exception, which will cause the skeleton and the resulting Bison output files to be licensed under the GNU General Public License without this special exception. - + This special exception was added by the Free Software Foundation in version 2.2 of Bison. */ @@ -47,7 +46,7 @@ #define YYBISON 1 /* Bison version. */ -#define YYBISON_VERSION "2.3" +#define YYBISON_VERSION "2.4.1" /* Skeleton name. */ #define YYSKELETON_NAME "yacc.c" @@ -55,45 +54,20 @@ /* Pure parsers. */ #define YYPURE 0 -/* Using locations. */ -#define YYLSP_NEEDED 0 - +/* Push parsers. */ +#define YYPUSH 0 +/* Pull parsers. */ +#define YYPULL 1 -/* Tokens. */ -#ifndef YYTOKENTYPE -# define YYTOKENTYPE - /* Put the tokens into the symbol table, so that GDB and other debuggers - know about them. */ - enum yytokentype { - EQUAL = 258, - FIRST_SPACES = 259, - EOL = 260, - CONFIG = 261, - SETUP = 262, - CONN = 263, - CA = 264, - INCLUDE = 265, - FILE_VERSION = 266, - STRING = 267 - }; -#endif -/* Tokens. */ -#define EQUAL 258 -#define FIRST_SPACES 259 -#define EOL 260 -#define CONFIG 261 -#define SETUP 262 -#define CONN 263 -#define CA 264 -#define INCLUDE 265 -#define FILE_VERSION 266 -#define STRING 267 - +/* Using locations. */ +#define YYLSP_NEEDED 0 /* Copy the first part of user declarations. */ + +/* Line 189 of yacc.c */ #line 1 "./parser.y" /* strongSwan config file parser (parser.y) @@ -148,6 +122,9 @@ extern kw_entry_t *in_word_set (char *str, unsigned int len); +/* Line 189 of yacc.c */ +#line 127 "y.tab.c" + /* Enabling traces. */ #ifndef YYDEBUG # define YYDEBUG 0 @@ -166,25 +143,63 @@ extern kw_entry_t *in_word_set (char *str, unsigned int len); # define YYTOKEN_TABLE 0 #endif + +/* Tokens. */ +#ifndef YYTOKENTYPE +# define YYTOKENTYPE + /* Put the tokens into the symbol table, so that GDB and other debuggers + know about them. */ + enum yytokentype { + EQUAL = 258, + FIRST_SPACES = 259, + EOL = 260, + CONFIG = 261, + SETUP = 262, + CONN = 263, + CA = 264, + INCLUDE = 265, + FILE_VERSION = 266, + STRING = 267 + }; +#endif +/* Tokens. */ +#define EQUAL 258 +#define FIRST_SPACES 259 +#define EOL 260 +#define CONFIG 261 +#define SETUP 262 +#define CONN 263 +#define CA 264 +#define INCLUDE 265 +#define FILE_VERSION 266 +#define STRING 267 + + + + #if ! defined YYSTYPE && ! defined YYSTYPE_IS_DECLARED typedef union YYSTYPE +{ + +/* Line 214 of yacc.c */ #line 54 "./parser.y" -{ char *s; } -/* Line 187 of yacc.c. */ -#line 175 "y.tab.c" - YYSTYPE; + char *s; + + +/* Line 214 of yacc.c */ +#line 191 "y.tab.c" +} YYSTYPE; +# define YYSTYPE_IS_TRIVIAL 1 # define yystype YYSTYPE /* obsolescent; will be withdrawn */ # define YYSTYPE_IS_DECLARED 1 -# define YYSTYPE_IS_TRIVIAL 1 #endif - /* Copy the second part of user declarations. */ -/* Line 216 of yacc.c. */ -#line 188 "y.tab.c" +/* Line 264 of yacc.c */ +#line 203 "y.tab.c" #ifdef short # undef short @@ -259,14 +274,14 @@ typedef short int yytype_int16; #if (defined __STDC__ || defined __C99__FUNC__ \ || defined __cplusplus || defined _MSC_VER) static int -YYID (int i) +YYID (int yyi) #else static int -YYID (i) - int i; +YYID (yyi) + int yyi; #endif { - return i; + return yyi; } #endif @@ -347,9 +362,9 @@ void free (void *); /* INFRINGES ON USER NAME SPACE */ /* A type that is properly aligned for any stack member. */ union yyalloc { - yytype_int16 yyss; - YYSTYPE yyvs; - }; + yytype_int16 yyss_alloc; + YYSTYPE yyvs_alloc; +}; /* The size of the maximum gap between one aligned stack and the next. */ # define YYSTACK_GAP_MAXIMUM (sizeof (union yyalloc) - 1) @@ -383,12 +398,12 @@ union yyalloc elements in the stack, and YYPTR gives the new location of the stack. Advance YYPTR to a properly aligned location for the next stack. */ -# define YYSTACK_RELOCATE(Stack) \ +# define YYSTACK_RELOCATE(Stack_alloc, Stack) \ do \ { \ YYSIZE_T yynewbytes; \ - YYCOPY (&yyptr->Stack, Stack, yysize); \ - Stack = &yyptr->Stack; \ + YYCOPY (&yyptr->Stack_alloc, Stack, yysize); \ + Stack = &yyptr->Stack_alloc; \ yynewbytes = yystacksize * sizeof (*Stack) + YYSTACK_GAP_MAXIMUM; \ yyptr += yynewbytes / sizeof (*yyptr); \ } \ @@ -484,7 +499,7 @@ static const char *const yytname[] = { "$end", "error", "$undefined", "EQUAL", "FIRST_SPACES", "EOL", "CONFIG", "SETUP", "CONN", "CA", "INCLUDE", "FILE_VERSION", "STRING", "$accept", - "config_file", "section_or_include", "@1", "@2", "@3", "@4", + "config_file", "section_or_include", "$@1", "$@2", "$@3", "$@4", "kw_section", "statement_kw", 0 }; #endif @@ -758,17 +773,20 @@ yy_symbol_print (yyoutput, yytype, yyvaluep) #if (defined __STDC__ || defined __C99__FUNC__ \ || defined __cplusplus || defined _MSC_VER) static void -yy_stack_print (yytype_int16 *bottom, yytype_int16 *top) +yy_stack_print (yytype_int16 *yybottom, yytype_int16 *yytop) #else static void -yy_stack_print (bottom, top) - yytype_int16 *bottom; - yytype_int16 *top; +yy_stack_print (yybottom, yytop) + yytype_int16 *yybottom; + yytype_int16 *yytop; #endif { YYFPRINTF (stderr, "Stack now"); - for (; bottom <= top; ++bottom) - YYFPRINTF (stderr, " %d", *bottom); + for (; yybottom <= yytop; yybottom++) + { + int yybot = *yybottom; + YYFPRINTF (stderr, " %d", yybot); + } YYFPRINTF (stderr, "\n"); } @@ -802,11 +820,11 @@ yy_reduce_print (yyvsp, yyrule) /* The symbols being reduced. */ for (yyi = 0; yyi < yynrhs; yyi++) { - fprintf (stderr, " $%d = ", yyi + 1); + YYFPRINTF (stderr, " $%d = ", yyi + 1); yy_symbol_print (stderr, yyrhs[yyprhs[yyrule] + yyi], &(yyvsp[(yyi + 1) - (yynrhs)]) ); - fprintf (stderr, "\n"); + YYFPRINTF (stderr, "\n"); } } @@ -1086,10 +1104,8 @@ yydestruct (yymsg, yytype, yyvaluep) break; } } - /* Prevent warnings from -Wmissing-prototypes. */ - #ifdef YYPARSE_PARAM #if defined __STDC__ || defined __cplusplus int yyparse (void *YYPARSE_PARAM); @@ -1105,11 +1121,10 @@ int yyparse (); #endif /* ! YYPARSE_PARAM */ - -/* The look-ahead symbol. */ +/* The lookahead symbol. */ int yychar; -/* The semantic value of the look-ahead symbol. */ +/* The semantic value of the lookahead symbol. */ YYSTYPE yylval; /* Number of syntax errors so far. */ @@ -1117,9 +1132,9 @@ int yynerrs; -/*----------. -| yyparse. | -`----------*/ +/*-------------------------. +| yyparse or yypush_parse. | +`-------------------------*/ #ifdef YYPARSE_PARAM #if (defined __STDC__ || defined __C99__FUNC__ \ @@ -1143,66 +1158,68 @@ yyparse () #endif #endif { - - int yystate; - int yyn; - int yyresult; - /* Number of tokens to shift before error messages enabled. */ - int yyerrstatus; - /* Look-ahead token as an internal (translated) token number. */ - int yytoken = 0; -#if YYERROR_VERBOSE - /* Buffer for error messages, and its allocated size. */ - char yymsgbuf[128]; - char *yymsg = yymsgbuf; - YYSIZE_T yymsg_alloc = sizeof yymsgbuf; -#endif - /* Three stacks and their tools: - `yyss': related to states, - `yyvs': related to semantic values, - `yyls': related to locations. - Refer to the stacks thru separate pointers, to allow yyoverflow - to reallocate them elsewhere. */ + int yystate; + /* Number of tokens to shift before error messages enabled. */ + int yyerrstatus; - /* The state stack. */ - yytype_int16 yyssa[YYINITDEPTH]; - yytype_int16 *yyss = yyssa; - yytype_int16 *yyssp; + /* The stacks and their tools: + `yyss': related to states. + `yyvs': related to semantic values. - /* The semantic value stack. */ - YYSTYPE yyvsa[YYINITDEPTH]; - YYSTYPE *yyvs = yyvsa; - YYSTYPE *yyvsp; + Refer to the stacks thru separate pointers, to allow yyoverflow + to reallocate them elsewhere. */ + /* The state stack. */ + yytype_int16 yyssa[YYINITDEPTH]; + yytype_int16 *yyss; + yytype_int16 *yyssp; + /* The semantic value stack. */ + YYSTYPE yyvsa[YYINITDEPTH]; + YYSTYPE *yyvs; + YYSTYPE *yyvsp; -#define YYPOPSTACK(N) (yyvsp -= (N), yyssp -= (N)) - - YYSIZE_T yystacksize = YYINITDEPTH; + YYSIZE_T yystacksize; + int yyn; + int yyresult; + /* Lookahead token as an internal (translated) token number. */ + int yytoken; /* The variables used to return semantic value and location from the action routines. */ YYSTYPE yyval; +#if YYERROR_VERBOSE + /* Buffer for error messages, and its allocated size. */ + char yymsgbuf[128]; + char *yymsg = yymsgbuf; + YYSIZE_T yymsg_alloc = sizeof yymsgbuf; +#endif + +#define YYPOPSTACK(N) (yyvsp -= (N), yyssp -= (N)) /* The number of symbols on the RHS of the reduced rule. Keep to zero when no symbol should be popped. */ int yylen = 0; + yytoken = 0; + yyss = yyssa; + yyvs = yyvsa; + yystacksize = YYINITDEPTH; + YYDPRINTF ((stderr, "Starting parse\n")); yystate = 0; yyerrstatus = 0; yynerrs = 0; - yychar = YYEMPTY; /* Cause a token to be read. */ + yychar = YYEMPTY; /* Cause a token to be read. */ /* Initialize stack pointers. Waste one element of value and location stack so that they stay on the same level as the state stack. The wasted elements are never initialized. */ - yyssp = yyss; yyvsp = yyvs; @@ -1232,7 +1249,6 @@ yyparse () YYSTYPE *yyvs1 = yyvs; yytype_int16 *yyss1 = yyss; - /* Each stack pointer address is followed by the size of the data in use in that stack, in bytes. This used to be a conditional around just the two extra args, but that might @@ -1240,7 +1256,6 @@ yyparse () yyoverflow (YY_("memory exhausted"), &yyss1, yysize * sizeof (*yyssp), &yyvs1, yysize * sizeof (*yyvsp), - &yystacksize); yyss = yyss1; @@ -1263,9 +1278,8 @@ yyparse () (union yyalloc *) YYSTACK_ALLOC (YYSTACK_BYTES (yystacksize)); if (! yyptr) goto yyexhaustedlab; - YYSTACK_RELOCATE (yyss); - YYSTACK_RELOCATE (yyvs); - + YYSTACK_RELOCATE (yyss_alloc, yyss); + YYSTACK_RELOCATE (yyvs_alloc, yyvs); # undef YYSTACK_RELOCATE if (yyss1 != yyssa) YYSTACK_FREE (yyss1); @@ -1276,7 +1290,6 @@ yyparse () yyssp = yyss + yysize - 1; yyvsp = yyvs + yysize - 1; - YYDPRINTF ((stderr, "Stack size increased to %lu\n", (unsigned long int) yystacksize)); @@ -1286,6 +1299,9 @@ yyparse () YYDPRINTF ((stderr, "Entering state %d\n", yystate)); + if (yystate == YYFINAL) + YYACCEPT; + goto yybackup; /*-----------. @@ -1294,16 +1310,16 @@ yyparse () yybackup: /* Do appropriate processing given the current state. Read a - look-ahead token if we need one and don't already have one. */ + lookahead token if we need one and don't already have one. */ - /* First try to decide what to do without reference to look-ahead token. */ + /* First try to decide what to do without reference to lookahead token. */ yyn = yypact[yystate]; if (yyn == YYPACT_NINF) goto yydefault; - /* Not known => get a look-ahead token if don't already have one. */ + /* Not known => get a lookahead token if don't already have one. */ - /* YYCHAR is either YYEMPTY or YYEOF or a valid look-ahead symbol. */ + /* YYCHAR is either YYEMPTY or YYEOF or a valid lookahead symbol. */ if (yychar == YYEMPTY) { YYDPRINTF ((stderr, "Reading a token: ")); @@ -1335,20 +1351,16 @@ yybackup: goto yyreduce; } - if (yyn == YYFINAL) - YYACCEPT; - /* Count tokens shifted since error; after three, turn off error status. */ if (yyerrstatus) yyerrstatus--; - /* Shift the look-ahead token. */ + /* Shift the lookahead token. */ YY_SYMBOL_PRINT ("Shifting", yytoken, &yylval, &yylloc); - /* Discard the shifted token unless it is eof. */ - if (yychar != YYEOF) - yychar = YYEMPTY; + /* Discard the shifted token. */ + yychar = YYEMPTY; yystate = yyn; *++yyvsp = yylval; @@ -1388,6 +1400,8 @@ yyreduce: switch (yyn) { case 4: + +/* Line 1455 of yacc.c */ #line 71 "./parser.y" { free((yyvsp[(2) - (3)].s)); @@ -1395,6 +1409,8 @@ yyreduce: break; case 5: + +/* Line 1455 of yacc.c */ #line 75 "./parser.y" { _parser_kw = &(_parser_cfg->config_setup); @@ -1403,6 +1419,8 @@ yyreduce: break; case 7: + +/* Line 1455 of yacc.c */ #line 80 "./parser.y" { section_list_t *section = malloc_thing(section_list_t); @@ -1422,6 +1440,8 @@ yyreduce: break; case 9: + +/* Line 1455 of yacc.c */ #line 96 "./parser.y" { section_list_t *section = malloc_thing(section_list_t); @@ -1440,6 +1460,8 @@ yyreduce: break; case 11: + +/* Line 1455 of yacc.c */ #line 111 "./parser.y" { extern void _parser_y_include (const char *f); @@ -1449,6 +1471,8 @@ yyreduce: break; case 16: + +/* Line 1455 of yacc.c */ #line 126 "./parser.y" { kw_list_t *new; @@ -1477,6 +1501,8 @@ yyreduce: break; case 17: + +/* Line 1455 of yacc.c */ #line 151 "./parser.y" { free((yyvsp[(1) - (2)].s)); @@ -1484,8 +1510,9 @@ yyreduce: break; -/* Line 1267 of yacc.c. */ -#line 1489 "y.tab.c" + +/* Line 1455 of yacc.c */ +#line 1516 "y.tab.c" default: break; } YY_SYMBOL_PRINT ("-> $$ =", yyr1[yyn], &yyval, &yyloc); @@ -1496,7 +1523,6 @@ yyreduce: *++yyvsp = yyval; - /* Now `shift' the result of the reduction. Determine what state that goes to, based on the state we popped back to and the rule number reduced by. */ @@ -1561,7 +1587,7 @@ yyerrlab: if (yyerrstatus == 3) { - /* If just tried and failed to reuse look-ahead token after an + /* If just tried and failed to reuse lookahead token after an error, discard it. */ if (yychar <= YYEOF) @@ -1578,7 +1604,7 @@ yyerrlab: } } - /* Else will try to reuse look-ahead token after shifting the error + /* Else will try to reuse lookahead token after shifting the error token. */ goto yyerrlab1; @@ -1635,9 +1661,6 @@ yyerrlab1: YY_STACK_PRINT (yyss, yyssp); } - if (yyn == YYFINAL) - YYACCEPT; - *++yyvsp = yylval; @@ -1662,7 +1685,7 @@ yyabortlab: yyresult = 1; goto yyreturn; -#ifndef yyoverflow +#if !defined(yyoverflow) || YYERROR_VERBOSE /*-------------------------------------------------. | yyexhaustedlab -- memory exhaustion comes here. | `-------------------------------------------------*/ @@ -1673,7 +1696,7 @@ yyexhaustedlab: #endif yyreturn: - if (yychar != YYEOF && yychar != YYEMPTY) + if (yychar != YYEMPTY) yydestruct ("Cleanup: discarding lookahead", yytoken, &yylval); /* Do not reclaim the symbols of the rule which action triggered @@ -1699,24 +1722,25 @@ yyreturn: } + +/* Line 1675 of yacc.c */ #line 157 "./parser.y" -void -yyerror(const char *s) +void yyerror(const char *s) { if (_save_errors_) _parser_y_error(parser_errstring, ERRSTRING_LEN, s); } -config_parsed_t * -parser_load_conf(const char *file) +config_parsed_t *parser_load_conf(const char *file) { config_parsed_t *cfg = NULL; int err = 0; FILE *f; - extern void _parser_y_init (const char *f); + extern void _parser_y_init(const char *f); + extern void _parser_y_fini(void); extern FILE *yyin; memset(parser_errstring, 0, ERRSTRING_LEN+1); @@ -1777,11 +1801,11 @@ parser_load_conf(const char *file) cfg = NULL; } + _parser_y_fini(); return cfg; } -static void -parser_free_kwlist(kw_list_t *list) +static void parser_free_kwlist(kw_list_t *list) { kw_list_t *elt; @@ -1794,8 +1818,7 @@ parser_free_kwlist(kw_list_t *list) } } -void -parser_free_conf(config_parsed_t *cfg) +void parser_free_conf(config_parsed_t *cfg) { section_list_t *sec; if (cfg) diff --git a/src/starter/y.tab.h b/src/starter/y.tab.h index 871de1e97..caf6ea172 100644 --- a/src/starter/y.tab.h +++ b/src/starter/y.tab.h @@ -1,24 +1,23 @@ -/* A Bison parser, made by GNU Bison 2.3. */ -/* Skeleton interface for Bison's Yacc-like parsers in C +/* A Bison parser, made by GNU Bison 2.4.1. */ - Copyright (C) 1984, 1989, 1990, 2000, 2001, 2002, 2003, 2004, 2005, 2006 +/* Skeleton interface for Bison's Yacc-like parsers in C + + Copyright (C) 1984, 1989, 1990, 2000, 2001, 2002, 2003, 2004, 2005, 2006 Free Software Foundation, Inc. - - This program is free software; you can redistribute it and/or modify + + This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2, or (at your option) - any later version. - + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. - + You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 51 Franklin Street, Fifth Floor, - Boston, MA 02110-1301, USA. */ + along with this program. If not, see <http://www.gnu.org/licenses/>. */ /* As a special exception, you may create a larger work that contains part or all of the Bison parser skeleton and distribute that work @@ -29,10 +28,11 @@ special exception, which will cause the skeleton and the resulting Bison output files to be licensed under the GNU General Public License without this special exception. - + This special exception was added by the Free Software Foundation in version 2.2 of Bison. */ + /* Tokens. */ #ifndef YYTOKENTYPE # define YYTOKENTYPE @@ -68,15 +68,21 @@ #if ! defined YYSTYPE && ! defined YYSTYPE_IS_DECLARED typedef union YYSTYPE +{ + +/* Line 1676 of yacc.c */ #line 54 "./parser.y" -{ char *s; } -/* Line 1489 of yacc.c. */ -#line 75 "y.tab.h" - YYSTYPE; + char *s; + + +/* Line 1676 of yacc.c */ +#line 80 "y.tab.h" +} YYSTYPE; +# define YYSTYPE_IS_TRIVIAL 1 # define yystype YYSTYPE /* obsolescent; will be withdrawn */ # define YYSTYPE_IS_DECLARED 1 -# define YYSTYPE_IS_TRIVIAL 1 #endif extern YYSTYPE yylval; + |