summaryrefslogtreecommitdiff
path: root/src/starter
diff options
context:
space:
mode:
Diffstat (limited to 'src/starter')
-rw-r--r--src/starter/Makefile.in40
-rw-r--r--src/starter/args.c10
-rw-r--r--src/starter/confread.c4
-rw-r--r--src/starter/confread.h10
-rw-r--r--src/starter/invokecharon.c2
-rw-r--r--src/starter/keywords.c302
-rw-r--r--src/starter/keywords.h1
-rw-r--r--src/starter/keywords.txt1
-rw-r--r--src/starter/klips.c2
-rw-r--r--src/starter/netkey.c2
-rw-r--r--src/starter/parser.c471
-rw-r--r--src/starter/parser.h14
-rw-r--r--src/starter/parser.y2
-rw-r--r--src/starter/starter.c15
-rw-r--r--src/starter/starterstroke.c13
-rw-r--r--src/starter/starterstroke.h1
16 files changed, 493 insertions, 397 deletions
diff --git a/src/starter/Makefile.in b/src/starter/Makefile.in
index a6d55c5e2..b2c86384e 100644
--- a/src/starter/Makefile.in
+++ b/src/starter/Makefile.in
@@ -1,9 +1,9 @@
-# Makefile.in generated by automake 1.11.1 from Makefile.am.
+# Makefile.in generated by automake 1.11.3 from Makefile.am.
# @configure_input@
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation,
-# Inc.
+# 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software
+# Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
@@ -82,13 +82,13 @@ CCLD = $(CC)
LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
--mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \
$(LDFLAGS) -o $@
-LEXCOMPILE = $(LEX) $(LFLAGS) $(AM_LFLAGS)
+LEXCOMPILE = $(LEX) $(AM_LFLAGS) $(LFLAGS)
LTLEXCOMPILE = $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
- --mode=compile $(LEX) $(LFLAGS) $(AM_LFLAGS)
+ --mode=compile $(LEX) $(AM_LFLAGS) $(LFLAGS)
YLWRAP = $(top_srcdir)/ylwrap
-YACCCOMPILE = $(YACC) $(YFLAGS) $(AM_YFLAGS)
+YACCCOMPILE = $(YACC) $(AM_YFLAGS) $(YFLAGS)
LTYACCCOMPILE = $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
- --mode=compile $(YACC) $(YFLAGS) $(AM_YFLAGS)
+ --mode=compile $(YACC) $(AM_YFLAGS) $(YFLAGS)
SOURCES = $(starter_SOURCES)
DIST_SOURCES = $(starter_SOURCES)
ETAGS = etags
@@ -113,6 +113,7 @@ CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
DLLIB = @DLLIB@
+DLLTOOL = @DLLTOOL@
DSYMUTIL = @DSYMUTIL@
DUMPBIN = @DUMPBIN@
ECHO_C = @ECHO_C@
@@ -140,6 +141,7 @@ LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
+MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
MYSQLCFLAG = @MYSQLCFLAG@
MYSQLCONFIG = @MYSQLCONFIG@
@@ -167,6 +169,7 @@ RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
RUBYINCLUDE = @RUBYINCLUDE@
+RUBYLIB = @RUBYLIB@
SED = @SED@
SET_MAKE = @SET_MAKE@
SHELL = @SHELL@
@@ -179,6 +182,7 @@ abs_builddir = @abs_builddir@
abs_srcdir = @abs_srcdir@
abs_top_builddir = @abs_top_builddir@
abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
ac_ct_CC = @ac_ct_CC@
ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
am__include = @am__include@
@@ -232,7 +236,6 @@ libexecdir = @libexecdir@
linux_headers = @linux_headers@
localedir = @localedir@
localstatedir = @localstatedir@
-lt_ECHO = @lt_ECHO@
maemo_CFLAGS = @maemo_CFLAGS@
maemo_LIBS = @maemo_LIBS@
manager_plugins = @manager_plugins@
@@ -382,11 +385,9 @@ clean-ipsecPROGRAMS:
echo " rm -f" $$list; \
rm -f $$list
parser.h: parser.c
- @if test ! -f $@; then \
- rm -f parser.c; \
- $(MAKE) $(AM_MAKEFLAGS) parser.c; \
- else :; fi
-starter$(EXEEXT): $(starter_OBJECTS) $(starter_DEPENDENCIES)
+ @if test ! -f $@; then rm -f parser.c; else :; fi
+ @if test ! -f $@; then $(MAKE) $(AM_MAKEFLAGS) parser.c; else :; fi
+starter$(EXEEXT): $(starter_OBJECTS) $(starter_DEPENDENCIES) $(EXTRA_starter_DEPENDENCIES)
@rm -f starter$(EXEEXT)
$(LINK) $(starter_OBJECTS) $(starter_LDADD) $(LIBS)
@@ -542,10 +543,15 @@ install-am: all-am
installcheck: installcheck-am
install-strip:
- $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
- install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
- `test -z '$(STRIP)' || \
- echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+ if test -z '$(STRIP)'; then \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ install; \
+ else \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+ fi
mostlyclean-generic:
clean-generic:
diff --git a/src/starter/args.c b/src/starter/args.c
index 2416960bd..390062a99 100644
--- a/src/starter/args.c
+++ b/src/starter/args.c
@@ -18,7 +18,7 @@
#include <string.h>
#include <library.h>
-#include <debug.h>
+#include <utils/debug.h>
#include "keywords.h"
#include "confread.h"
@@ -108,6 +108,13 @@ static const char *LST_authby[] = {
NULL
};
+static const char *LST_fragmentation[] = {
+ "no",
+ "yes",
+ "force",
+ NULL
+};
+
typedef struct {
arg_t type;
size_t offset;
@@ -138,6 +145,7 @@ static const token_info_t token_info[] =
{ ARG_STR, offsetof(starter_conn_t, aaa_identity), NULL },
{ ARG_MISC, 0, NULL /* KW_MOBIKE */ },
{ ARG_MISC, 0, NULL /* KW_FORCEENCAPS */ },
+ { ARG_ENUM, offsetof(starter_conn_t, fragmentation), LST_fragmentation },
{ ARG_TIME, offsetof(starter_conn_t, sa_ike_life_seconds), NULL },
{ ARG_TIME, offsetof(starter_conn_t, sa_ipsec_life_seconds), NULL },
{ ARG_TIME, offsetof(starter_conn_t, sa_rekey_margin), NULL },
diff --git a/src/starter/confread.c b/src/starter/confread.c
index 6544b1ccd..fecb998df 100644
--- a/src/starter/confread.c
+++ b/src/starter/confread.c
@@ -22,7 +22,7 @@
#include <netdb.h>
#include <library.h>
-#include <debug.h>
+#include <utils/debug.h>
#include "keywords.h"
#include "confread.h"
@@ -36,7 +36,7 @@
#define SA_REPLACEMENT_RETRIES_DEFAULT 3
static const char ike_defaults[] = "aes128-sha1-modp2048,3des-sha1-modp1536";
-static const char esp_defaults[] = "aes128-sha1-modp2048,3des-sha1-modp1536";
+static const char esp_defaults[] = "aes128-sha1,3des-sha1";
static const char firewall_defaults[] = "ipsec _updown iptables";
diff --git a/src/starter/confread.h b/src/starter/confread.h
index 3f2079883..a0f6234f9 100644
--- a/src/starter/confread.h
+++ b/src/starter/confread.h
@@ -50,7 +50,7 @@ typedef enum {
typedef enum {
STRICT_NO,
STRICT_YES,
- STRICT_IFURI
+ STRICT_IFURI,
} strict_t;
typedef enum {
@@ -70,6 +70,13 @@ typedef enum {
} dpd_action_t;
typedef enum {
+ /* same as in ike_cfg.h */
+ FRAGMENTATION_NO,
+ FRAGMENTATION_YES,
+ FRAGMENTATION_FORCE,
+} fragmentation_t;
+
+typedef enum {
/* IPsec options */
SA_OPTION_AUTHENTICATE = 1 << 0, /* use AH instead of ESP? */
SA_OPTION_COMPRESS = 1 << 1, /* use IPComp */
@@ -140,6 +147,7 @@ struct starter_conn {
char *authby;
ipsec_mode_t mode;
bool proxy_mode;
+ fragmentation_t fragmentation;
sa_option_t options;
time_t sa_ike_life_seconds;
time_t sa_ipsec_life_seconds;
diff --git a/src/starter/invokecharon.c b/src/starter/invokecharon.c
index 102d1589e..1c93381f7 100644
--- a/src/starter/invokecharon.c
+++ b/src/starter/invokecharon.c
@@ -24,7 +24,7 @@
#include <errno.h>
#include <library.h>
-#include <debug.h>
+#include <utils/debug.h>
#include "confread.h"
#include "invokecharon.h"
diff --git a/src/starter/keywords.c b/src/starter/keywords.c
index 7615a81d2..b75ff1395 100644
--- a/src/starter/keywords.c
+++ b/src/starter/keywords.c
@@ -54,12 +54,12 @@ struct kw_entry {
kw_token_t token;
};
-#define TOTAL_KEYWORDS 134
+#define TOTAL_KEYWORDS 135
#define MIN_WORD_LENGTH 3
#define MAX_WORD_LENGTH 17
-#define MIN_HASH_VALUE 9
-#define MAX_HASH_VALUE 220
-/* maximum key range = 212, duplicates = 0 */
+#define MIN_HASH_VALUE 10
+#define MAX_HASH_VALUE 259
+/* maximum key range = 250, duplicates = 0 */
#ifdef __GNUC__
__inline
@@ -73,34 +73,34 @@ hash (str, len)
register const char *str;
register unsigned int len;
{
- static const unsigned char asso_values[] =
+ static const unsigned short asso_values[] =
{
- 221, 221, 221, 221, 221, 221, 221, 221, 221, 221,
- 221, 221, 221, 221, 221, 221, 221, 221, 221, 221,
- 221, 221, 221, 221, 221, 221, 221, 221, 221, 221,
- 221, 221, 221, 221, 221, 221, 221, 221, 221, 221,
- 221, 221, 221, 221, 221, 221, 221, 221, 221, 62,
- 117, 221, 221, 221, 221, 221, 221, 221, 221, 221,
- 221, 221, 221, 221, 221, 221, 221, 221, 221, 221,
- 221, 221, 221, 221, 221, 221, 221, 221, 221, 221,
- 221, 221, 221, 221, 221, 221, 221, 221, 221, 221,
- 221, 221, 221, 221, 221, 0, 221, 27, 0, 79,
- 26, 0, 6, 0, 92, 0, 221, 44, 58, 36,
- 36, 73, 33, 5, 16, 0, 7, 87, 0, 221,
- 221, 11, 3, 221, 221, 221, 221, 221, 221, 221,
- 221, 221, 221, 221, 221, 221, 221, 221, 221, 221,
- 221, 221, 221, 221, 221, 221, 221, 221, 221, 221,
- 221, 221, 221, 221, 221, 221, 221, 221, 221, 221,
- 221, 221, 221, 221, 221, 221, 221, 221, 221, 221,
- 221, 221, 221, 221, 221, 221, 221, 221, 221, 221,
- 221, 221, 221, 221, 221, 221, 221, 221, 221, 221,
- 221, 221, 221, 221, 221, 221, 221, 221, 221, 221,
- 221, 221, 221, 221, 221, 221, 221, 221, 221, 221,
- 221, 221, 221, 221, 221, 221, 221, 221, 221, 221,
- 221, 221, 221, 221, 221, 221, 221, 221, 221, 221,
- 221, 221, 221, 221, 221, 221, 221, 221, 221, 221,
- 221, 221, 221, 221, 221, 221, 221, 221, 221, 221,
- 221, 221, 221, 221, 221, 221
+ 260, 260, 260, 260, 260, 260, 260, 260, 260, 260,
+ 260, 260, 260, 260, 260, 260, 260, 260, 260, 260,
+ 260, 260, 260, 260, 260, 260, 260, 260, 260, 260,
+ 260, 260, 260, 260, 260, 260, 260, 260, 260, 260,
+ 260, 260, 260, 260, 260, 260, 260, 260, 260, 15,
+ 99, 260, 260, 260, 260, 260, 260, 260, 260, 260,
+ 260, 260, 260, 260, 260, 260, 260, 260, 260, 260,
+ 260, 260, 260, 260, 260, 260, 260, 260, 260, 260,
+ 260, 260, 260, 260, 260, 260, 260, 260, 260, 260,
+ 260, 260, 260, 260, 260, 11, 260, 11, 2, 80,
+ 55, 6, 3, 2, 114, 2, 260, 83, 70, 6,
+ 22, 81, 51, 7, 14, 2, 7, 122, 2, 260,
+ 260, 43, 19, 260, 260, 260, 260, 260, 260, 260,
+ 260, 260, 260, 260, 260, 260, 260, 260, 260, 260,
+ 260, 260, 260, 260, 260, 260, 260, 260, 260, 260,
+ 260, 260, 260, 260, 260, 260, 260, 260, 260, 260,
+ 260, 260, 260, 260, 260, 260, 260, 260, 260, 260,
+ 260, 260, 260, 260, 260, 260, 260, 260, 260, 260,
+ 260, 260, 260, 260, 260, 260, 260, 260, 260, 260,
+ 260, 260, 260, 260, 260, 260, 260, 260, 260, 260,
+ 260, 260, 260, 260, 260, 260, 260, 260, 260, 260,
+ 260, 260, 260, 260, 260, 260, 260, 260, 260, 260,
+ 260, 260, 260, 260, 260, 260, 260, 260, 260, 260,
+ 260, 260, 260, 260, 260, 260, 260, 260, 260, 260,
+ 260, 260, 260, 260, 260, 260, 260, 260, 260, 260,
+ 260, 260, 260, 260, 260, 260
};
register int hval = len;
@@ -124,166 +124,170 @@ hash (str, len)
static const struct kw_entry wordlist[] =
{
{"pfs", KW_PFS_DEPRECATED},
- {"aggressive", KW_AGGRESSIVE},
- {"rightgroups", KW_RIGHTGROUPS},
{"right", KW_RIGHT},
- {"lifetime", KW_KEYLIFE},
+ {"rightgroups", KW_RIGHTGROUPS},
{"left", KW_LEFT},
+ {"lifetime", KW_KEYLIFE},
+ {"aggressive", KW_AGGRESSIVE},
{"rightsubnet", KW_RIGHTSUBNET},
{"rightikeport", KW_RIGHTIKEPORT},
{"rightsendcert", KW_RIGHTSENDCERT},
+ {"lifepackets", KW_LIFEPACKETS},
{"leftcert", KW_LEFTCERT},
- {"keyingtries", KW_KEYINGTRIES},
- {"keylife", KW_KEYLIFE},
{"leftsendcert", KW_LEFTSENDCERT},
- {"lifebytes", KW_LIFEBYTES},
- {"leftrsasigkey", KW_LEFTRSASIGKEY},
- {"leftcertpolicy", KW_LEFTCERTPOLICY},
{"leftgroups", KW_LEFTGROUPS},
- {"rightid", KW_RIGHTID},
- {"rightdns", KW_RIGHTDNS},
- {"me_peerid", KW_ME_PEERID},
- {"reqid", KW_REQID},
+ {"leftca", KW_LEFTCA},
{"keep_alive", KW_SETUP_DEPRECATED},
- {"rightrsasigkey", KW_RIGHTRSASIGKEY},
+ {"leftdns", KW_LEFTDNS},
+ {"uniqueids", KW_UNIQUEIDS},
{"leftprotoport", KW_LEFTPROTOPORT},
+ {"interfaces", KW_SETUP_DEPRECATED},
+ {"rightsubnetwithin", KW_RIGHTSUBNET},
+ {"virtual_private", KW_SETUP_DEPRECATED},
{"certuribase", KW_CERTURIBASE},
- {"lifepackets", KW_LIFEPACKETS},
- {"uniqueids", KW_UNIQUEIDS},
+ {"mark_in", KW_MARK_IN},
+ {"lifebytes", KW_LIFEBYTES},
+ {"marginbytes", KW_MARGINBYTES},
+ {"marginpackets", KW_MARGINPACKETS},
+ {"margintime", KW_REKEYMARGIN},
+ {"keyingtries", KW_KEYINGTRIES},
+ {"keylife", KW_KEYLIFE},
+ {"fragmentation", KW_FRAGMENTATION},
+ {"leftrsasigkey", KW_LEFTRSASIGKEY},
+ {"rightid", KW_RIGHTID},
+ {"rightdns", KW_RIGHTDNS},
{"rightsourceip", KW_RIGHTSOURCEIP},
- {"ike", KW_IKE},
- {"type", KW_TYPE},
- {"leftdns", KW_LEFTDNS},
- {"leftnexthop", KW_LEFT_DEPRECATED},
{"rightallowany", KW_RIGHTALLOWANY},
- {"rightsubnetwithin", KW_RIGHTSUBNET},
+ {"leftcertpolicy", KW_LEFTCERTPOLICY},
+ {"reqid", KW_REQID},
+ {"rightrsasigkey", KW_RIGHTRSASIGKEY},
{"rightprotoport", KW_RIGHTPROTOPORT},
- {"mediated_by", KW_MEDIATED_BY},
+ {"leftnexthop", KW_LEFT_DEPRECATED},
{"strictcrlpolicy", KW_STRICTCRLPOLICY},
- {"virtual_private", KW_SETUP_DEPRECATED},
- {"interfaces", KW_SETUP_DEPRECATED},
- {"rekey", KW_REKEY},
- {"ikelifetime", KW_IKELIFETIME},
- {"rekeyfuzz", KW_REKEYFUZZ},
- {"leftid", KW_LEFTID},
- {"leftca", KW_LEFTCA},
- {"leftikeport", KW_LEFTIKEPORT},
- {"esp", KW_ESP},
- {"leftfirewall", KW_LEFTFIREWALL},
+ {"me_peerid", KW_ME_PEERID},
+ {"inactivity", KW_INACTIVITY},
+ {"rightnexthop", KW_RIGHT_DEPRECATED},
{"rightfirewall", KW_RIGHTFIREWALL},
+ {"ldapbase", KW_CA_DEPRECATED},
+ {"leftupdown", KW_LEFTUPDOWN},
+ {"leftfirewall", KW_LEFTFIREWALL},
+ {"crluri", KW_CRLURI},
+ {"ike", KW_IKE},
{"mediation", KW_MEDIATION},
+ {"rightcert", KW_RIGHTCERT},
{"mobike", KW_MOBIKE},
- {"crluri", KW_CRLURI},
- {"rightnexthop", KW_RIGHT_DEPRECATED},
- {"inactivity", KW_INACTIVITY},
- {"leftupdown", KW_LEFTUPDOWN},
- {"mark_in", KW_MARK_IN},
- {"leftallowany", KW_LEFTALLOWANY},
- {"ldapbase", KW_CA_DEPRECATED},
- {"margintime", KW_REKEYMARGIN},
- {"marginbytes", KW_MARGINBYTES},
- {"mark", KW_MARK},
- {"marginpackets", KW_MARGINPACKETS},
+ {"rightca", KW_RIGHTCA},
+ {"compress", KW_COMPRESS},
+ {"type", KW_TYPE},
+ {"ocspuri", KW_OCSPURI},
{"lefthostaccess", KW_LEFTHOSTACCESS},
- {"klipsdebug", KW_SETUP_DEPRECATED},
- {"rightcert", KW_RIGHTCERT},
- {"eap", KW_CONN_DEPRECATED},
- {"overridemtu", KW_SETUP_DEPRECATED},
+ {"esp", KW_ESP},
+ {"crluri1", KW_CRLURI},
+ {"ikelifetime", KW_IKELIFETIME},
+ {"leftikeport", KW_LEFTIKEPORT},
+ {"cacert", KW_CACERT},
+ {"mark", KW_MARK},
+ {"rightid2", KW_RIGHTID2},
{"forceencaps", KW_FORCEENCAPS},
- {"keyexchange", KW_KEYEXCHANGE},
- {"ocspuri", KW_OCSPURI},
- {"aaa_identity", KW_AAA_IDENTITY},
+ {"nat_traversal", KW_SETUP_DEPRECATED},
+ {"eap", KW_CONN_DEPRECATED},
+ {"rightgroups2", KW_RIGHTGROUPS2},
+ {"packetdefault", KW_SETUP_DEPRECATED},
+ {"ocspuri1", KW_OCSPURI},
+ {"rekeyfuzz", KW_REKEYFUZZ},
+ {"mark_out", KW_MARK_OUT},
+ {"mediated_by", KW_MEDIATED_BY},
+ {"leftcert2", KW_LEFTCERT2},
+ {"rightauth2", KW_RIGHTAUTH2},
+ {"leftid", KW_LEFTID},
+ {"leftca2", KW_LEFTCA2},
{"force_keepalive", KW_SETUP_DEPRECATED},
+ {"rekeymargin", KW_REKEYMARGIN},
+ {"dpdtimeout", KW_DPDTIMEOUT},
+ {"aaa_identity", KW_AAA_IDENTITY},
+ {"leftgroups2", KW_LEFTGROUPS2},
+ {"leftallowany", KW_LEFTALLOWANY},
+ {"righthostaccess", KW_RIGHTHOSTACCESS},
+ {"rekey", KW_REKEY},
+ {"rightauth", KW_RIGHTAUTH},
+ {"klipsdebug", KW_SETUP_DEPRECATED},
{"rightcertpolicy", KW_RIGHTCERTPOLICY},
+ {"overridemtu", KW_SETUP_DEPRECATED},
+ {"dpdaction", KW_DPDACTION},
+ {"pfsgroup", KW_PFS_DEPRECATED},
+ {"keyexchange", KW_KEYEXCHANGE},
{"hidetos", KW_SETUP_DEPRECATED},
- {"righthostaccess", KW_RIGHTHOSTACCESS},
- {"eap_identity", KW_EAP_IDENTITY},
{"leftsubnet", KW_LEFTSUBNET},
- {"dpdaction", KW_DPDACTION},
- {"dpdtimeout", KW_DPDTIMEOUT},
- {"rightca", KW_RIGHTCA},
- {"compress", KW_COMPRESS},
{"installpolicy", KW_INSTALLPOLICY},
- {"pfsgroup", KW_PFS_DEPRECATED},
- {"nat_traversal", KW_SETUP_DEPRECATED},
- {"authby", KW_AUTHBY},
+ {"dumpdir", KW_SETUP_DEPRECATED},
{"leftsourceip", KW_LEFTSOURCEIP},
- {"rightid2", KW_RIGHTID2},
- {"cacert", KW_CACERT},
- {"rekeymargin", KW_REKEYMARGIN},
- {"rightauth", KW_RIGHTAUTH},
- {"rightgroups2", KW_RIGHTGROUPS2},
- {"mark_out", KW_MARK_OUT},
- {"leftcert2", KW_LEFTCERT2},
- {"packetdefault", KW_SETUP_DEPRECATED},
- {"rightupdown", KW_RIGHTUPDOWN},
{"also", KW_ALSO},
- {"dpddelay", KW_DPDDELAY},
- {"xauth_identity", KW_XAUTH_IDENTITY},
+ {"rightupdown", KW_RIGHTUPDOWN},
+ {"charondebug", KW_CHARONDEBUG},
{"ldaphost", KW_CA_DEPRECATED},
- {"crluri1", KW_CRLURI},
+ {"fragicmp", KW_SETUP_DEPRECATED},
+ {"charonstart", KW_SETUP_DEPRECATED},
+ {"tfc", KW_TFC},
{"leftsubnetwithin", KW_LEFTSUBNET},
- {"dumpdir", KW_SETUP_DEPRECATED},
- {"crlcheckinterval", KW_SETUP_DEPRECATED},
- {"leftgroups2", KW_LEFTGROUPS2},
- {"rightauth2", KW_RIGHTAUTH2},
{"leftid2", KW_LEFTID2},
- {"leftca2", KW_LEFTCA2},
+ {"eap_identity", KW_EAP_IDENTITY},
+ {"crlcheckinterval", KW_SETUP_DEPRECATED},
+ {"cachecrls", KW_CACHECRLS},
+ {"rightca2", KW_RIGHTCA2},
+ {"crluri2", KW_CRLURI2},
+ {"rightcert2", KW_RIGHTCERT2},
+ {"pkcs11initargs", KW_PKCS11_DEPRECATED},
+ {"closeaction", KW_CLOSEACTION},
+ {"pkcs11module", KW_PKCS11_DEPRECATED},
+ {"pkcs11keepstate", KW_PKCS11_DEPRECATED},
+ {"xauth_identity", KW_XAUTH_IDENTITY},
+ {"ocspuri2", KW_OCSPURI2},
{"plutostderrlog", KW_SETUP_DEPRECATED},
{"plutostart", KW_SETUP_DEPRECATED},
- {"fragicmp", KW_SETUP_DEPRECATED},
- {"ocspuri1", KW_OCSPURI},
- {"charondebug", KW_CHARONDEBUG},
- {"tfc", KW_TFC},
{"auto", KW_AUTO},
- {"charonstart", KW_SETUP_DEPRECATED},
- {"plutodebug", KW_SETUP_DEPRECATED},
+ {"authby", KW_AUTHBY},
+ {"dpddelay", KW_DPDDELAY},
{"modeconfig", KW_MODECONFIG},
- {"prepluto", KW_SETUP_DEPRECATED},
{"nocrsend", KW_SETUP_DEPRECATED},
- {"auth", KW_AUTH},
- {"leftauth", KW_LEFTAUTH},
- {"cachecrls", KW_CACHECRLS},
- {"pkcs11module", KW_PKCS11_DEPRECATED},
- {"crluri2", KW_CRLURI2},
- {"pkcs11initargs", KW_PKCS11_DEPRECATED},
- {"pkcs11keepstate", KW_PKCS11_DEPRECATED},
- {"rightca2", KW_RIGHTCA2},
- {"closeaction", KW_CLOSEACTION},
- {"rightcert2", KW_RIGHTCERT2},
+ {"prepluto", KW_SETUP_DEPRECATED},
{"pkcs11proxy", KW_PKCS11_DEPRECATED},
- {"xauth", KW_XAUTH},
+ {"leftauth2", KW_LEFTAUTH2},
{"postpluto", KW_SETUP_DEPRECATED},
+ {"auth", KW_AUTH},
{"reauth", KW_REAUTH},
- {"leftauth2", KW_LEFTAUTH2},
- {"ocspuri2", KW_OCSPURI2}
+ {"xauth", KW_XAUTH},
+ {"leftauth", KW_LEFTAUTH},
+ {"plutodebug", KW_SETUP_DEPRECATED}
};
static const short lookup[] =
{
- -1, -1, -1, -1, -1, -1, -1, -1, -1, 0,
- 1, 2, 3, -1, 4, -1, -1, 5, 6, 7,
- 8, 9, 10, -1, 11, 12, 13, -1, -1, -1,
- 14, 15, 16, 17, 18, 19, 20, 21, -1, -1,
- -1, 22, 23, 24, 25, 26, 27, 28, 29, 30,
- 31, 32, -1, 33, 34, 35, 36, -1, 37, 38,
- 39, 40, 41, -1, 42, -1, 43, -1, 44, 45,
- -1, -1, -1, -1, -1, -1, 46, 47, 48, 49,
- 50, 51, -1, -1, 52, 53, 54, 55, 56, 57,
- 58, 59, 60, 61, 62, 63, 64, -1, 65, -1,
- 66, 67, 68, 69, 70, 71, 72, 73, -1, 74,
- 75, 76, 77, 78, -1, -1, -1, 79, 80, -1,
- 81, 82, 83, -1, 84, 85, 86, 87, 88, 89,
- -1, 90, 91, 92, 93, 94, 95, -1, -1, 96,
- -1, 97, -1, 98, -1, 99, 100, -1, 101, -1,
- 102, -1, -1, -1, 103, -1, 104, 105, -1, 106,
- -1, -1, 107, 108, -1, 109, 110, 111, -1, -1,
- -1, 112, -1, 113, -1, -1, -1, -1, -1, -1,
- -1, 114, 115, -1, 116, -1, 117, -1, -1, -1,
- 118, -1, -1, 119, 120, -1, -1, 121, 122, 123,
- 124, -1, -1, -1, 125, 126, 127, 128, -1, -1,
- -1, 129, -1, 130, -1, -1, -1, 131, -1, 132,
- 133
+ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
+ 0, -1, -1, -1, -1, -1, 1, -1, -1, 2,
+ 3, 4, 5, -1, 6, 7, 8, -1, -1, 9,
+ 10, -1, -1, -1, 11, 12, -1, 13, -1, 14,
+ 15, 16, -1, 17, 18, 19, -1, -1, 20, -1,
+ -1, 21, -1, -1, -1, -1, 22, -1, -1, 23,
+ 24, -1, 25, 26, 27, 28, 29, 30, 31, 32,
+ 33, 34, 35, 36, -1, 37, 38, 39, -1, -1,
+ -1, -1, -1, -1, -1, -1, 40, 41, 42, 43,
+ 44, 45, 46, 47, 48, -1, -1, -1, 49, 50,
+ 51, 52, 53, 54, 55, 56, 57, 58, 59, 60,
+ 61, 62, 63, 64, 65, 66, 67, 68, 69, 70,
+ 71, 72, 73, 74, 75, 76, 77, 78, 79, 80,
+ -1, -1, 81, 82, 83, 84, -1, 85, 86, 87,
+ -1, -1, 88, 89, 90, 91, 92, 93, 94, -1,
+ 95, 96, -1, 97, -1, -1, -1, 98, -1, 99,
+ 100, -1, 101, -1, 102, 103, 104, -1, -1, 105,
+ 106, -1, 107, -1, -1, -1, 108, -1, -1, -1,
+ -1, -1, 109, -1, -1, -1, -1, -1, -1, -1,
+ -1, 110, 111, 112, 113, 114, 115, -1, -1, 116,
+ -1, 117, -1, 118, -1, -1, -1, -1, -1, -1,
+ 119, 120, -1, -1, 121, -1, -1, -1, -1, -1,
+ -1, 122, -1, -1, -1, -1, -1, 123, -1, 124,
+ 125, 126, 127, -1, -1, -1, -1, -1, -1, 128,
+ -1, -1, -1, 129, -1, -1, -1, 130, -1, -1,
+ -1, 131, 132, 133, -1, -1, -1, -1, -1, 134
};
#ifdef __GNUC__
diff --git a/src/starter/keywords.h b/src/starter/keywords.h
index 537bceb07..f776f33c9 100644
--- a/src/starter/keywords.h
+++ b/src/starter/keywords.h
@@ -42,6 +42,7 @@ typedef enum {
KW_AAA_IDENTITY,
KW_MOBIKE,
KW_FORCEENCAPS,
+ KW_FRAGMENTATION,
KW_IKELIFETIME,
KW_KEYLIFE,
KW_REKEYMARGIN,
diff --git a/src/starter/keywords.txt b/src/starter/keywords.txt
index 8366f5209..1f1641287 100644
--- a/src/starter/keywords.txt
+++ b/src/starter/keywords.txt
@@ -40,6 +40,7 @@ eap_identity, KW_EAP_IDENTITY
aaa_identity, KW_AAA_IDENTITY
mobike, KW_MOBIKE
forceencaps, KW_FORCEENCAPS
+fragmentation, KW_FRAGMENTATION
ikelifetime, KW_IKELIFETIME
lifetime, KW_KEYLIFE
keylife, KW_KEYLIFE
diff --git a/src/starter/klips.c b/src/starter/klips.c
index 484b7e281..22165465f 100644
--- a/src/starter/klips.c
+++ b/src/starter/klips.c
@@ -17,7 +17,7 @@
#include <stdlib.h>
#include <library.h>
-#include <debug.h>
+#include <utils/debug.h>
#include "files.h"
diff --git a/src/starter/netkey.c b/src/starter/netkey.c
index 25f68e505..921a220db 100644
--- a/src/starter/netkey.c
+++ b/src/starter/netkey.c
@@ -18,7 +18,7 @@
#include <library.h>
#include <hydra.h>
-#include <debug.h>
+#include <utils/debug.h>
#include "files.h"
diff --git a/src/starter/parser.c b/src/starter/parser.c
index beb752a51..9a5831ef8 100644
--- a/src/starter/parser.c
+++ b/src/starter/parser.c
@@ -1,10 +1,8 @@
+/* A Bison parser, made by GNU Bison 2.5. */
-/* A Bison parser, made by GNU Bison 2.4.1. */
-
-/* Skeleton implementation for Bison's Yacc-like parsers in C
+/* Bison implementation for Yacc-like parsers in C
- Copyright (C) 1984, 1989, 1990, 2000, 2001, 2002, 2003, 2004, 2005, 2006
- Free Software Foundation, Inc.
+ Copyright (C) 1984, 1989-1990, 2000-2011 Free Software Foundation, Inc.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@@ -46,7 +44,7 @@
#define YYBISON 1
/* Bison version. */
-#define YYBISON_VERSION "2.4.1"
+#define YYBISON_VERSION "2.5"
/* Skeleton name. */
#define YYSKELETON_NAME "yacc.c"
@@ -67,7 +65,7 @@
/* Copy the first part of user declarations. */
-/* Line 189 of yacc.c */
+/* Line 268 of yacc.c */
#line 1 "parser.y"
/* strongSwan config file parser (parser.y)
@@ -89,7 +87,7 @@
#include <string.h>
#include <library.h>
-#include <debug.h>
+#include <utils/debug.h>
#include "ipsec-parser.h"
@@ -120,8 +118,8 @@ extern kw_entry_t *in_word_set (char *str, unsigned int len);
-/* Line 189 of yacc.c */
-#line 125 "parser.c"
+/* Line 268 of yacc.c */
+#line 123 "parser.c"
/* Enabling traces. */
#ifndef YYDEBUG
@@ -179,13 +177,13 @@ extern kw_entry_t *in_word_set (char *str, unsigned int len);
typedef union YYSTYPE
{
-/* Line 214 of yacc.c */
+/* Line 293 of yacc.c */
#line 52 "parser.y"
char *s;
-/* Line 214 of yacc.c */
-#line 189 "parser.c"
+/* Line 293 of yacc.c */
+#line 187 "parser.c"
} YYSTYPE;
# define YYSTYPE_IS_TRIVIAL 1
# define yystype YYSTYPE /* obsolescent; will be withdrawn */
@@ -196,8 +194,8 @@ typedef union YYSTYPE
/* Copy the second part of user declarations. */
-/* Line 264 of yacc.c */
-#line 201 "parser.c"
+/* Line 343 of yacc.c */
+#line 199 "parser.c"
#ifdef short
# undef short
@@ -247,7 +245,7 @@ typedef short int yytype_int16;
#define YYSIZE_MAXIMUM ((YYSIZE_T) -1)
#ifndef YY_
-# if YYENABLE_NLS
+# if defined YYENABLE_NLS && YYENABLE_NLS
# if ENABLE_NLS
# include <libintl.h> /* INFRINGES ON USER NAME SPACE */
# define YY_(msgid) dgettext ("bison-runtime", msgid)
@@ -300,11 +298,11 @@ YYID (yyi)
# define alloca _alloca
# else
# define YYSTACK_ALLOC alloca
-# if ! defined _ALLOCA_H && ! defined _STDLIB_H && (defined __STDC__ || defined __C99__FUNC__ \
+# if ! defined _ALLOCA_H && ! defined EXIT_SUCCESS && (defined __STDC__ || defined __C99__FUNC__ \
|| defined __cplusplus || defined _MSC_VER)
# include <stdlib.h> /* INFRINGES ON USER NAME SPACE */
-# ifndef _STDLIB_H
-# define _STDLIB_H 1
+# ifndef EXIT_SUCCESS
+# define EXIT_SUCCESS 0
# endif
# endif
# endif
@@ -327,24 +325,24 @@ YYID (yyi)
# ifndef YYSTACK_ALLOC_MAXIMUM
# define YYSTACK_ALLOC_MAXIMUM YYSIZE_MAXIMUM
# endif
-# if (defined __cplusplus && ! defined _STDLIB_H \
+# if (defined __cplusplus && ! defined EXIT_SUCCESS \
&& ! ((defined YYMALLOC || defined malloc) \
&& (defined YYFREE || defined free)))
# include <stdlib.h> /* INFRINGES ON USER NAME SPACE */
-# ifndef _STDLIB_H
-# define _STDLIB_H 1
+# ifndef EXIT_SUCCESS
+# define EXIT_SUCCESS 0
# endif
# endif
# ifndef YYMALLOC
# define YYMALLOC malloc
-# if ! defined malloc && ! defined _STDLIB_H && (defined __STDC__ || defined __C99__FUNC__ \
+# if ! defined malloc && ! defined EXIT_SUCCESS && (defined __STDC__ || defined __C99__FUNC__ \
|| defined __cplusplus || defined _MSC_VER)
void *malloc (YYSIZE_T); /* INFRINGES ON USER NAME SPACE */
# endif
# endif
# ifndef YYFREE
# define YYFREE free
-# if ! defined free && ! defined _STDLIB_H && (defined __STDC__ || defined __C99__FUNC__ \
+# if ! defined free && ! defined EXIT_SUCCESS && (defined __STDC__ || defined __C99__FUNC__ \
|| defined __cplusplus || defined _MSC_VER)
void free (void *); /* INFRINGES ON USER NAME SPACE */
# endif
@@ -373,23 +371,7 @@ union yyalloc
((N) * (sizeof (yytype_int16) + sizeof (YYSTYPE)) \
+ YYSTACK_GAP_MAXIMUM)
-/* Copy COUNT objects from FROM to TO. The source and destination do
- not overlap. */
-# ifndef YYCOPY
-# if defined __GNUC__ && 1 < __GNUC__
-# define YYCOPY(To, From, Count) \
- __builtin_memcpy (To, From, (Count) * sizeof (*(From)))
-# else
-# define YYCOPY(To, From, Count) \
- do \
- { \
- YYSIZE_T yyi; \
- for (yyi = 0; yyi < (Count); yyi++) \
- (To)[yyi] = (From)[yyi]; \
- } \
- while (YYID (0))
-# endif
-# endif
+# define YYCOPY_NEEDED 1
/* Relocate STACK from its old location to the new one. The
local variables YYSIZE and YYSTACKSIZE give the old and new number of
@@ -409,6 +391,26 @@ union yyalloc
#endif
+#if defined YYCOPY_NEEDED && YYCOPY_NEEDED
+/* Copy COUNT objects from FROM to TO. The source and destination do
+ not overlap. */
+# ifndef YYCOPY
+# if defined __GNUC__ && 1 < __GNUC__
+# define YYCOPY(To, From, Count) \
+ __builtin_memcpy (To, From, (Count) * sizeof (*(From)))
+# else
+# define YYCOPY(To, From, Count) \
+ do \
+ { \
+ YYSIZE_T yyi; \
+ for (yyi = 0; yyi < (Count); yyi++) \
+ (To)[yyi] = (From)[yyi]; \
+ } \
+ while (YYID (0))
+# endif
+# endif
+#endif /* !YYCOPY_NEEDED */
+
/* YYFINAL -- State number of the termination state. */
#define YYFINAL 2
/* YYLAST -- Last index in YYTABLE. */
@@ -526,8 +528,8 @@ static const yytype_uint8 yyr2[] =
5, 0, 4, 1, 4, 0, 3, 2, 0
};
-/* YYDEFACT[STATE-NAME] -- Default rule to reduce with in state
- STATE-NUM when YYTABLE doesn't specify something else to do. Zero
+/* YYDEFACT[STATE-NAME] -- Default reduction number in state STATE-NUM.
+ Performed when YYTABLE doesn't specify something else to do. Zero
means the default is an error. */
static const yytype_uint8 yydefact[] =
{
@@ -562,8 +564,7 @@ static const yytype_int8 yypgoto[] =
/* YYTABLE[YYPACT[STATE-NUM]]. What to do in state STATE-NUM. If
positive, shift that token. If negative, reduce the rule which
- number is the opposite. If zero, do what YYDEFACT says.
- If YYTABLE_NINF, syntax error. */
+ number is the opposite. If YYTABLE_NINF, syntax error. */
#define YYTABLE_NINF -1
static const yytype_uint8 yytable[] =
{
@@ -572,6 +573,12 @@ static const yytype_uint8 yytable[] =
24, 28, 30, 31, 0, 0, 0, 32
};
+#define yypact_value_is_default(yystate) \
+ ((yystate) == (-20))
+
+#define yytable_value_is_error(yytable_value) \
+ YYID (0)
+
static const yytype_int8 yycheck[] =
{
0, 7, 21, 22, 12, 5, 6, 12, 8, 9,
@@ -601,9 +608,18 @@ static const yytype_uint8 yystos[] =
/* Like YYERROR except do call yyerror. This remains here temporarily
to ease the transition to the new meaning of YYERROR, for GCC.
- Once GCC version 2 has supplanted version 1, this can go. */
+ Once GCC version 2 has supplanted version 1, this can go. However,
+ YYFAIL appears to be in use. Nevertheless, it is formally deprecated
+ in Bison 2.4.2's NEWS entry, where a plan to phase it out is
+ discussed. */
#define YYFAIL goto yyerrlab
+#if defined YYFAIL
+ /* This is here to suppress warnings from the GCC cpp's
+ -Wunused-macros. Normally we don't worry about that warning, but
+ some users do, and we want to make it easy for users to remove
+ YYFAIL uses, which will produce warnings from Bison 2.5. */
+#endif
#define YYRECOVERING() (!!yyerrstatus)
@@ -613,7 +629,6 @@ do \
{ \
yychar = (Token); \
yylval = (Value); \
- yytoken = YYTRANSLATE (yychar); \
YYPOPSTACK (1); \
goto yybackup; \
} \
@@ -655,19 +670,10 @@ while (YYID (0))
#endif
-/* YY_LOCATION_PRINT -- Print the location on the stream.
- This macro was not mandated originally: define only if we know
- we won't break user code: when these are the locations we know. */
+/* This macro is provided for backward compatibility. */
#ifndef YY_LOCATION_PRINT
-# if YYLTYPE_IS_TRIVIAL
-# define YY_LOCATION_PRINT(File, Loc) \
- fprintf (File, "%d.%d-%d.%d", \
- (Loc).first_line, (Loc).first_column, \
- (Loc).last_line, (Loc).last_column)
-# else
-# define YY_LOCATION_PRINT(File, Loc) ((void) 0)
-# endif
+# define YY_LOCATION_PRINT(File, Loc) ((void) 0)
#endif
@@ -859,7 +865,6 @@ int yydebug;
# define YYMAXDEPTH 10000
#endif
-
#if YYERROR_VERBOSE
@@ -962,115 +967,142 @@ yytnamerr (char *yyres, const char *yystr)
}
# endif
-/* Copy into YYRESULT an error message about the unexpected token
- YYCHAR while in state YYSTATE. Return the number of bytes copied,
- including the terminating null byte. If YYRESULT is null, do not
- copy anything; just return the number of bytes that would be
- copied. As a special case, return 0 if an ordinary "syntax error"
- message will do. Return YYSIZE_MAXIMUM if overflow occurs during
- size calculation. */
-static YYSIZE_T
-yysyntax_error (char *yyresult, int yystate, int yychar)
-{
- int yyn = yypact[yystate];
+/* Copy into *YYMSG, which is of size *YYMSG_ALLOC, an error message
+ about the unexpected token YYTOKEN for the state stack whose top is
+ YYSSP.
- if (! (YYPACT_NINF < yyn && yyn <= YYLAST))
- return 0;
- else
+ Return 0 if *YYMSG was successfully written. Return 1 if *YYMSG is
+ not large enough to hold the message. In that case, also set
+ *YYMSG_ALLOC to the required number of bytes. Return 2 if the
+ required number of bytes is too large to store. */
+static int
+yysyntax_error (YYSIZE_T *yymsg_alloc, char **yymsg,
+ yytype_int16 *yyssp, int yytoken)
+{
+ YYSIZE_T yysize0 = yytnamerr (0, yytname[yytoken]);
+ YYSIZE_T yysize = yysize0;
+ YYSIZE_T yysize1;
+ enum { YYERROR_VERBOSE_ARGS_MAXIMUM = 5 };
+ /* Internationalized format string. */
+ const char *yyformat = 0;
+ /* Arguments of yyformat. */
+ char const *yyarg[YYERROR_VERBOSE_ARGS_MAXIMUM];
+ /* Number of reported tokens (one for the "unexpected", one per
+ "expected"). */
+ int yycount = 0;
+
+ /* There are many possibilities here to consider:
+ - Assume YYFAIL is not used. It's too flawed to consider. See
+ <http://lists.gnu.org/archive/html/bison-patches/2009-12/msg00024.html>
+ for details. YYERROR is fine as it does not invoke this
+ function.
+ - If this state is a consistent state with a default action, then
+ the only way this function was invoked is if the default action
+ is an error action. In that case, don't check for expected
+ tokens because there are none.
+ - The only way there can be no lookahead present (in yychar) is if
+ this state is a consistent state with a default action. Thus,
+ detecting the absence of a lookahead is sufficient to determine
+ that there is no unexpected or expected token to report. In that
+ case, just report a simple "syntax error".
+ - Don't assume there isn't a lookahead just because this state is a
+ consistent state with a default action. There might have been a
+ previous inconsistent state, consistent state with a non-default
+ action, or user semantic action that manipulated yychar.
+ - Of course, the expected token list depends on states to have
+ correct lookahead information, and it depends on the parser not
+ to perform extra reductions after fetching a lookahead from the
+ scanner and before detecting a syntax error. Thus, state merging
+ (from LALR or IELR) and default reductions corrupt the expected
+ token list. However, the list is correct for canonical LR with
+ one exception: it will still contain any token that will not be
+ accepted due to an error action in a later state.
+ */
+ if (yytoken != YYEMPTY)
{
- int yytype = YYTRANSLATE (yychar);
- YYSIZE_T yysize0 = yytnamerr (0, yytname[yytype]);
- YYSIZE_T yysize = yysize0;
- YYSIZE_T yysize1;
- int yysize_overflow = 0;
- enum { YYERROR_VERBOSE_ARGS_MAXIMUM = 5 };
- char const *yyarg[YYERROR_VERBOSE_ARGS_MAXIMUM];
- int yyx;
-
-# if 0
- /* This is so xgettext sees the translatable formats that are
- constructed on the fly. */
- YY_("syntax error, unexpected %s");
- YY_("syntax error, unexpected %s, expecting %s");
- YY_("syntax error, unexpected %s, expecting %s or %s");
- YY_("syntax error, unexpected %s, expecting %s or %s or %s");
- YY_("syntax error, unexpected %s, expecting %s or %s or %s or %s");
-# endif
- char *yyfmt;
- char const *yyf;
- static char const yyunexpected[] = "syntax error, unexpected %s";
- static char const yyexpecting[] = ", expecting %s";
- static char const yyor[] = " or %s";
- char yyformat[sizeof yyunexpected
- + sizeof yyexpecting - 1
- + ((YYERROR_VERBOSE_ARGS_MAXIMUM - 2)
- * (sizeof yyor - 1))];
- char const *yyprefix = yyexpecting;
-
- /* Start YYX at -YYN if negative to avoid negative indexes in
- YYCHECK. */
- int yyxbegin = yyn < 0 ? -yyn : 0;
-
- /* Stay within bounds of both yycheck and yytname. */
- int yychecklim = YYLAST - yyn + 1;
- int yyxend = yychecklim < YYNTOKENS ? yychecklim : YYNTOKENS;
- int yycount = 1;
-
- yyarg[0] = yytname[yytype];
- yyfmt = yystpcpy (yyformat, yyunexpected);
-
- for (yyx = yyxbegin; yyx < yyxend; ++yyx)
- if (yycheck[yyx + yyn] == yyx && yyx != YYTERROR)
- {
- if (yycount == YYERROR_VERBOSE_ARGS_MAXIMUM)
- {
- yycount = 1;
- yysize = yysize0;
- yyformat[sizeof yyunexpected - 1] = '\0';
- break;
- }
- yyarg[yycount++] = yytname[yyx];
- yysize1 = yysize + yytnamerr (0, yytname[yyx]);
- yysize_overflow |= (yysize1 < yysize);
- yysize = yysize1;
- yyfmt = yystpcpy (yyfmt, yyprefix);
- yyprefix = yyor;
- }
+ int yyn = yypact[*yyssp];
+ yyarg[yycount++] = yytname[yytoken];
+ if (!yypact_value_is_default (yyn))
+ {
+ /* Start YYX at -YYN if negative to avoid negative indexes in
+ YYCHECK. In other words, skip the first -YYN actions for
+ this state because they are default actions. */
+ int yyxbegin = yyn < 0 ? -yyn : 0;
+ /* Stay within bounds of both yycheck and yytname. */
+ int yychecklim = YYLAST - yyn + 1;
+ int yyxend = yychecklim < YYNTOKENS ? yychecklim : YYNTOKENS;
+ int yyx;
+
+ for (yyx = yyxbegin; yyx < yyxend; ++yyx)
+ if (yycheck[yyx + yyn] == yyx && yyx != YYTERROR
+ && !yytable_value_is_error (yytable[yyx + yyn]))
+ {
+ if (yycount == YYERROR_VERBOSE_ARGS_MAXIMUM)
+ {
+ yycount = 1;
+ yysize = yysize0;
+ break;
+ }
+ yyarg[yycount++] = yytname[yyx];
+ yysize1 = yysize + yytnamerr (0, yytname[yyx]);
+ if (! (yysize <= yysize1
+ && yysize1 <= YYSTACK_ALLOC_MAXIMUM))
+ return 2;
+ yysize = yysize1;
+ }
+ }
+ }
- yyf = YY_(yyformat);
- yysize1 = yysize + yystrlen (yyf);
- yysize_overflow |= (yysize1 < yysize);
- yysize = yysize1;
+ switch (yycount)
+ {
+# define YYCASE_(N, S) \
+ case N: \
+ yyformat = S; \
+ break
+ YYCASE_(0, YY_("syntax error"));
+ YYCASE_(1, YY_("syntax error, unexpected %s"));
+ YYCASE_(2, YY_("syntax error, unexpected %s, expecting %s"));
+ YYCASE_(3, YY_("syntax error, unexpected %s, expecting %s or %s"));
+ YYCASE_(4, YY_("syntax error, unexpected %s, expecting %s or %s or %s"));
+ YYCASE_(5, YY_("syntax error, unexpected %s, expecting %s or %s or %s or %s"));
+# undef YYCASE_
+ }
- if (yysize_overflow)
- return YYSIZE_MAXIMUM;
+ yysize1 = yysize + yystrlen (yyformat);
+ if (! (yysize <= yysize1 && yysize1 <= YYSTACK_ALLOC_MAXIMUM))
+ return 2;
+ yysize = yysize1;
- if (yyresult)
- {
- /* Avoid sprintf, as that infringes on the user's name space.
- Don't have undefined behavior even if the translation
- produced a string with the wrong number of "%s"s. */
- char *yyp = yyresult;
- int yyi = 0;
- while ((*yyp = *yyf) != '\0')
- {
- if (*yyp == '%' && yyf[1] == 's' && yyi < yycount)
- {
- yyp += yytnamerr (yyp, yyarg[yyi++]);
- yyf += 2;
- }
- else
- {
- yyp++;
- yyf++;
- }
- }
- }
- return yysize;
+ if (*yymsg_alloc < yysize)
+ {
+ *yymsg_alloc = 2 * yysize;
+ if (! (yysize <= *yymsg_alloc
+ && *yymsg_alloc <= YYSTACK_ALLOC_MAXIMUM))
+ *yymsg_alloc = YYSTACK_ALLOC_MAXIMUM;
+ return 1;
}
+
+ /* Avoid sprintf, as that infringes on the user's name space.
+ Don't have undefined behavior even if the translation
+ produced a string with the wrong number of "%s"s. */
+ {
+ char *yyp = *yymsg;
+ int yyi = 0;
+ while ((*yyp = *yyformat) != '\0')
+ if (*yyp == '%' && yyformat[1] == 's' && yyi < yycount)
+ {
+ yyp += yytnamerr (yyp, yyarg[yyi++]);
+ yyformat += 2;
+ }
+ else
+ {
+ yyp++;
+ yyformat++;
+ }
+ }
+ return 0;
}
#endif /* YYERROR_VERBOSE */
-
/*-----------------------------------------------.
| Release the memory associated to this symbol. |
@@ -1103,6 +1135,7 @@ yydestruct (yymsg, yytype, yyvaluep)
}
}
+
/* Prevent warnings from -Wmissing-prototypes. */
#ifdef YYPARSE_PARAM
#if defined __STDC__ || defined __cplusplus
@@ -1129,10 +1162,9 @@ YYSTYPE yylval;
int yynerrs;
-
-/*-------------------------.
-| yyparse or yypush_parse. |
-`-------------------------*/
+/*----------.
+| yyparse. |
+`----------*/
#ifdef YYPARSE_PARAM
#if (defined __STDC__ || defined __C99__FUNC__ \
@@ -1156,8 +1188,6 @@ yyparse ()
#endif
#endif
{
-
-
int yystate;
/* Number of tokens to shift before error messages enabled. */
int yyerrstatus;
@@ -1312,7 +1342,7 @@ yybackup:
/* First try to decide what to do without reference to lookahead token. */
yyn = yypact[yystate];
- if (yyn == YYPACT_NINF)
+ if (yypact_value_is_default (yyn))
goto yydefault;
/* Not known => get a lookahead token if don't already have one. */
@@ -1343,8 +1373,8 @@ yybackup:
yyn = yytable[yyn];
if (yyn <= 0)
{
- if (yyn == 0 || yyn == YYTABLE_NINF)
- goto yyerrlab;
+ if (yytable_value_is_error (yyn))
+ goto yyerrlab;
yyn = -yyn;
goto yyreduce;
}
@@ -1399,7 +1429,7 @@ yyreduce:
{
case 4:
-/* Line 1455 of yacc.c */
+/* Line 1806 of yacc.c */
#line 69 "parser.y"
{
free((yyvsp[(2) - (3)].s));
@@ -1408,7 +1438,7 @@ yyreduce:
case 5:
-/* Line 1455 of yacc.c */
+/* Line 1806 of yacc.c */
#line 73 "parser.y"
{
_parser_kw = &(_parser_cfg->config_setup);
@@ -1418,7 +1448,7 @@ yyreduce:
case 7:
-/* Line 1455 of yacc.c */
+/* Line 1806 of yacc.c */
#line 78 "parser.y"
{
section_list_t *section = malloc_thing(section_list_t);
@@ -1439,7 +1469,7 @@ yyreduce:
case 9:
-/* Line 1455 of yacc.c */
+/* Line 1806 of yacc.c */
#line 94 "parser.y"
{
section_list_t *section = malloc_thing(section_list_t);
@@ -1459,7 +1489,7 @@ yyreduce:
case 11:
-/* Line 1455 of yacc.c */
+/* Line 1806 of yacc.c */
#line 109 "parser.y"
{
extern void _parser_y_include (const char *f);
@@ -1470,7 +1500,7 @@ yyreduce:
case 16:
-/* Line 1455 of yacc.c */
+/* Line 1806 of yacc.c */
#line 124 "parser.y"
{
kw_list_t *new;
@@ -1500,7 +1530,7 @@ yyreduce:
case 17:
-/* Line 1455 of yacc.c */
+/* Line 1806 of yacc.c */
#line 149 "parser.y"
{
free((yyvsp[(1) - (2)].s));
@@ -1509,10 +1539,21 @@ yyreduce:
-/* Line 1455 of yacc.c */
-#line 1514 "parser.c"
+/* Line 1806 of yacc.c */
+#line 1544 "parser.c"
default: break;
}
+ /* User semantic actions sometimes alter yychar, and that requires
+ that yytoken be updated with the new translation. We take the
+ approach of translating immediately before every use of yytoken.
+ One alternative is translating here after every semantic action,
+ but that translation would be missed if the semantic action invokes
+ YYABORT, YYACCEPT, or YYERROR immediately after altering yychar or
+ if it invokes YYBACKUP. In the case of YYABORT or YYACCEPT, an
+ incorrect destructor might then be invoked immediately. In the
+ case of YYERROR or YYBACKUP, subsequent parser actions might lead
+ to an incorrect destructor call or verbose syntax error message
+ before the lookahead is translated. */
YY_SYMBOL_PRINT ("-> $$ =", yyr1[yyn], &yyval, &yyloc);
YYPOPSTACK (yylen);
@@ -1540,6 +1581,10 @@ yyreduce:
| yyerrlab -- here on detecting error |
`------------------------------------*/
yyerrlab:
+ /* Make sure we have latest lookahead translation. See comments at
+ user semantic actions for why this is necessary. */
+ yytoken = yychar == YYEMPTY ? YYEMPTY : YYTRANSLATE (yychar);
+
/* If not already recovering from an error, report this error. */
if (!yyerrstatus)
{
@@ -1547,37 +1592,36 @@ yyerrlab:
#if ! YYERROR_VERBOSE
yyerror (YY_("syntax error"));
#else
+# define YYSYNTAX_ERROR yysyntax_error (&yymsg_alloc, &yymsg, \
+ yyssp, yytoken)
{
- YYSIZE_T yysize = yysyntax_error (0, yystate, yychar);
- if (yymsg_alloc < yysize && yymsg_alloc < YYSTACK_ALLOC_MAXIMUM)
- {
- YYSIZE_T yyalloc = 2 * yysize;
- if (! (yysize <= yyalloc && yyalloc <= YYSTACK_ALLOC_MAXIMUM))
- yyalloc = YYSTACK_ALLOC_MAXIMUM;
- if (yymsg != yymsgbuf)
- YYSTACK_FREE (yymsg);
- yymsg = (char *) YYSTACK_ALLOC (yyalloc);
- if (yymsg)
- yymsg_alloc = yyalloc;
- else
- {
- yymsg = yymsgbuf;
- yymsg_alloc = sizeof yymsgbuf;
- }
- }
-
- if (0 < yysize && yysize <= yymsg_alloc)
- {
- (void) yysyntax_error (yymsg, yystate, yychar);
- yyerror (yymsg);
- }
- else
- {
- yyerror (YY_("syntax error"));
- if (yysize != 0)
- goto yyexhaustedlab;
- }
+ char const *yymsgp = YY_("syntax error");
+ int yysyntax_error_status;
+ yysyntax_error_status = YYSYNTAX_ERROR;
+ if (yysyntax_error_status == 0)
+ yymsgp = yymsg;
+ else if (yysyntax_error_status == 1)
+ {
+ if (yymsg != yymsgbuf)
+ YYSTACK_FREE (yymsg);
+ yymsg = (char *) YYSTACK_ALLOC (yymsg_alloc);
+ if (!yymsg)
+ {
+ yymsg = yymsgbuf;
+ yymsg_alloc = sizeof yymsgbuf;
+ yysyntax_error_status = 2;
+ }
+ else
+ {
+ yysyntax_error_status = YYSYNTAX_ERROR;
+ yymsgp = yymsg;
+ }
+ }
+ yyerror (yymsgp);
+ if (yysyntax_error_status == 2)
+ goto yyexhaustedlab;
}
+# undef YYSYNTAX_ERROR
#endif
}
@@ -1636,7 +1680,7 @@ yyerrlab1:
for (;;)
{
yyn = yypact[yystate];
- if (yyn != YYPACT_NINF)
+ if (!yypact_value_is_default (yyn))
{
yyn += YYTERROR;
if (0 <= yyn && yyn <= YYLAST && yycheck[yyn] == YYTERROR)
@@ -1695,8 +1739,13 @@ yyexhaustedlab:
yyreturn:
if (yychar != YYEMPTY)
- yydestruct ("Cleanup: discarding lookahead",
- yytoken, &yylval);
+ {
+ /* Make sure we have latest lookahead translation. See comments at
+ user semantic actions for why this is necessary. */
+ yytoken = YYTRANSLATE (yychar);
+ yydestruct ("Cleanup: discarding lookahead",
+ yytoken, &yylval);
+ }
/* Do not reclaim the symbols of the rule which action triggered
this YYABORT or YYACCEPT. */
YYPOPSTACK (yylen);
@@ -1721,7 +1770,7 @@ yyreturn:
-/* Line 1675 of yacc.c */
+/* Line 2067 of yacc.c */
#line 155 "parser.y"
diff --git a/src/starter/parser.h b/src/starter/parser.h
index eff532f6d..7007dfef5 100644
--- a/src/starter/parser.h
+++ b/src/starter/parser.h
@@ -1,10 +1,8 @@
+/* A Bison parser, made by GNU Bison 2.5. */
-/* A Bison parser, made by GNU Bison 2.4.1. */
-
-/* Skeleton interface for Bison's Yacc-like parsers in C
+/* Bison interface for Yacc-like parsers in C
- Copyright (C) 1984, 1989, 1990, 2000, 2001, 2002, 2003, 2004, 2005, 2006
- Free Software Foundation, Inc.
+ Copyright (C) 1984, 1989-1990, 2000-2011 Free Software Foundation, Inc.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@@ -70,13 +68,13 @@
typedef union YYSTYPE
{
-/* Line 1676 of yacc.c */
+/* Line 2068 of yacc.c */
#line 52 "parser.y"
char *s;
-/* Line 1676 of yacc.c */
-#line 80 "parser.h"
+/* Line 2068 of yacc.c */
+#line 78 "parser.h"
} YYSTYPE;
# define YYSTYPE_IS_TRIVIAL 1
# define yystype YYSTYPE /* obsolescent; will be withdrawn */
diff --git a/src/starter/parser.y b/src/starter/parser.y
index 424e3a9fd..2cf0501f4 100644
--- a/src/starter/parser.y
+++ b/src/starter/parser.y
@@ -18,7 +18,7 @@
#include <string.h>
#include <library.h>
-#include <debug.h>
+#include <utils/debug.h>
#include "ipsec-parser.h"
diff --git a/src/starter/starter.c b/src/starter/starter.c
index c6efcb2f4..ae6863fd7 100644
--- a/src/starter/starter.c
+++ b/src/starter/starter.c
@@ -34,7 +34,7 @@
#include <hydra.h>
#include <utils/backtrace.h>
#include <threading/thread.h>
-#include <debug.h>
+#include <utils/debug.h>
#include "confread.h"
#include "files.h"
@@ -328,7 +328,8 @@ static bool check_pid(char *pid_file)
static void usage(char *name)
{
fprintf(stderr, "Usage: starter [--nofork] [--auto-update <sec>]\n"
- " [--debug|--debug-more|--debug-all|--nolog]\n");
+ " [--debug|--debug-more|--debug-all|--nolog]\n"
+ " [--attach-gdb]\n");
exit(LSB_RC_INVALID_ARGUMENT);
}
@@ -594,6 +595,10 @@ int main (int argc, char **argv)
{
if (starter_charon_pid())
{
+ if (conn->startup == STARTUP_ROUTE)
+ {
+ starter_stroke_unroute_conn(conn);
+ }
starter_stroke_del_conn(conn);
}
conn->state = STATE_TO_ADD;
@@ -622,7 +627,7 @@ int main (int argc, char **argv)
DBG2(DBG_APP, "Reloading config...");
new_cfg = confread_load(CONFIG_FILE);
- if (new_cfg && (new_cfg->err + new_cfg->non_fatal_err == 0))
+ if (new_cfg && (new_cfg->err == 0))
{
/* Switch to new config. New conn will be loaded below */
@@ -651,6 +656,10 @@ int main (int argc, char **argv)
{
if (starter_charon_pid())
{
+ if (conn->startup == STARTUP_ROUTE)
+ {
+ starter_stroke_unroute_conn(conn);
+ }
starter_stroke_del_conn(conn);
}
}
diff --git a/src/starter/starterstroke.c b/src/starter/starterstroke.c
index d6ad3eb89..4f9e8fb14 100644
--- a/src/starter/starterstroke.c
+++ b/src/starter/starterstroke.c
@@ -27,7 +27,7 @@
#include <credentials/auth_cfg.h>
#include <library.h>
-#include <debug.h>
+#include <utils/debug.h>
#include <stroke_msg.h>
@@ -180,6 +180,7 @@ int starter_stroke_add_conn(starter_config_t *cfg, starter_conn_t *conn)
}
msg.add_conn.mobike = conn->options & SA_OPTION_MOBIKE;
msg.add_conn.force_encap = conn->options & SA_OPTION_FORCE_ENCAP;
+ msg.add_conn.fragmentation = conn->fragmentation;
msg.add_conn.ipcomp = conn->options & SA_OPTION_COMPRESS;
msg.add_conn.install_policy = conn->install_policy;
msg.add_conn.aggressive = conn->aggressive;
@@ -270,6 +271,16 @@ int starter_stroke_route_conn(starter_conn_t *conn)
return send_stroke_msg(&msg);
}
+int starter_stroke_unroute_conn(starter_conn_t *conn)
+{
+ stroke_msg_t msg;
+
+ msg.type = STR_UNROUTE;
+ msg.length = offsetof(stroke_msg_t, buffer);
+ msg.route.name = push_string(&msg, connection_name(conn));
+ return send_stroke_msg(&msg);
+}
+
int starter_stroke_initiate_conn(starter_conn_t *conn)
{
stroke_msg_t msg;
diff --git a/src/starter/starterstroke.h b/src/starter/starterstroke.h
index fd2a3e320..126486325 100644
--- a/src/starter/starterstroke.h
+++ b/src/starter/starterstroke.h
@@ -21,6 +21,7 @@
int starter_stroke_add_conn(starter_config_t *cfg, starter_conn_t *conn);
int starter_stroke_del_conn(starter_conn_t *conn);
int starter_stroke_route_conn(starter_conn_t *conn);
+int starter_stroke_unroute_conn(starter_conn_t *conn);
int starter_stroke_initiate_conn(starter_conn_t *conn);
int starter_stroke_add_ca(starter_ca_t *ca);
int starter_stroke_del_ca(starter_ca_t *ca);