From 7585facf05d927eb6df3929ce09ed5e60d905437 Mon Sep 17 00:00:00 2001 From: Yves-Alexis Perez Date: Thu, 7 Feb 2013 13:27:27 +0100 Subject: Imported Upstream version 5.0.2 --- src/starter/Makefile.in | 40 ++-- src/starter/args.c | 10 +- src/starter/confread.c | 4 +- src/starter/confread.h | 10 +- src/starter/invokecharon.c | 2 +- src/starter/keywords.c | 302 ++++++++++++++-------------- src/starter/keywords.h | 1 + src/starter/keywords.txt | 1 + src/starter/klips.c | 2 +- src/starter/netkey.c | 2 +- src/starter/parser.c | 471 ++++++++++++++++++++++++-------------------- src/starter/parser.h | 14 +- src/starter/parser.y | 2 +- src/starter/starter.c | 15 +- src/starter/starterstroke.c | 13 +- src/starter/starterstroke.h | 1 + 16 files changed, 493 insertions(+), 397 deletions(-) (limited to 'src/starter') diff --git a/src/starter/Makefile.in b/src/starter/Makefile.in index a6d55c5e2..b2c86384e 100644 --- a/src/starter/Makefile.in +++ b/src/starter/Makefile.in @@ -1,9 +1,9 @@ -# Makefile.in generated by automake 1.11.1 from Makefile.am. +# Makefile.in generated by automake 1.11.3 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation, -# Inc. +# 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software +# Foundation, Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -82,13 +82,13 @@ CCLD = $(CC) LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ $(LDFLAGS) -o $@ -LEXCOMPILE = $(LEX) $(LFLAGS) $(AM_LFLAGS) +LEXCOMPILE = $(LEX) $(AM_LFLAGS) $(LFLAGS) LTLEXCOMPILE = $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=compile $(LEX) $(LFLAGS) $(AM_LFLAGS) + --mode=compile $(LEX) $(AM_LFLAGS) $(LFLAGS) YLWRAP = $(top_srcdir)/ylwrap -YACCCOMPILE = $(YACC) $(YFLAGS) $(AM_YFLAGS) +YACCCOMPILE = $(YACC) $(AM_YFLAGS) $(YFLAGS) LTYACCCOMPILE = $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=compile $(YACC) $(YFLAGS) $(AM_YFLAGS) + --mode=compile $(YACC) $(AM_YFLAGS) $(YFLAGS) SOURCES = $(starter_SOURCES) DIST_SOURCES = $(starter_SOURCES) ETAGS = etags @@ -113,6 +113,7 @@ CYGPATH_W = @CYGPATH_W@ DEFS = @DEFS@ DEPDIR = @DEPDIR@ DLLIB = @DLLIB@ +DLLTOOL = @DLLTOOL@ DSYMUTIL = @DSYMUTIL@ DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ @@ -140,6 +141,7 @@ LIPO = @LIPO@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAKEINFO = @MAKEINFO@ +MANIFEST_TOOL = @MANIFEST_TOOL@ MKDIR_P = @MKDIR_P@ MYSQLCFLAG = @MYSQLCFLAG@ MYSQLCONFIG = @MYSQLCONFIG@ @@ -167,6 +169,7 @@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ RUBY = @RUBY@ RUBYINCLUDE = @RUBYINCLUDE@ +RUBYLIB = @RUBYLIB@ SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ @@ -179,6 +182,7 @@ abs_builddir = @abs_builddir@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ abs_top_srcdir = @abs_top_srcdir@ +ac_ct_AR = @ac_ct_AR@ ac_ct_CC = @ac_ct_CC@ ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ am__include = @am__include@ @@ -232,7 +236,6 @@ libexecdir = @libexecdir@ linux_headers = @linux_headers@ localedir = @localedir@ localstatedir = @localstatedir@ -lt_ECHO = @lt_ECHO@ maemo_CFLAGS = @maemo_CFLAGS@ maemo_LIBS = @maemo_LIBS@ manager_plugins = @manager_plugins@ @@ -382,11 +385,9 @@ clean-ipsecPROGRAMS: echo " rm -f" $$list; \ rm -f $$list parser.h: parser.c - @if test ! -f $@; then \ - rm -f parser.c; \ - $(MAKE) $(AM_MAKEFLAGS) parser.c; \ - else :; fi -starter$(EXEEXT): $(starter_OBJECTS) $(starter_DEPENDENCIES) + @if test ! -f $@; then rm -f parser.c; else :; fi + @if test ! -f $@; then $(MAKE) $(AM_MAKEFLAGS) parser.c; else :; fi +starter$(EXEEXT): $(starter_OBJECTS) $(starter_DEPENDENCIES) $(EXTRA_starter_DEPENDENCIES) @rm -f starter$(EXEEXT) $(LINK) $(starter_OBJECTS) $(starter_LDADD) $(LIBS) @@ -542,10 +543,15 @@ install-am: all-am installcheck: installcheck-am install-strip: - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - `test -z '$(STRIP)' || \ - echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install + if test -z '$(STRIP)'; then \ + $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ + install; \ + else \ + $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ + "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \ + fi mostlyclean-generic: clean-generic: diff --git a/src/starter/args.c b/src/starter/args.c index 2416960bd..390062a99 100644 --- a/src/starter/args.c +++ b/src/starter/args.c @@ -18,7 +18,7 @@ #include #include -#include +#include #include "keywords.h" #include "confread.h" @@ -108,6 +108,13 @@ static const char *LST_authby[] = { NULL }; +static const char *LST_fragmentation[] = { + "no", + "yes", + "force", + NULL +}; + typedef struct { arg_t type; size_t offset; @@ -138,6 +145,7 @@ static const token_info_t token_info[] = { ARG_STR, offsetof(starter_conn_t, aaa_identity), NULL }, { ARG_MISC, 0, NULL /* KW_MOBIKE */ }, { ARG_MISC, 0, NULL /* KW_FORCEENCAPS */ }, + { ARG_ENUM, offsetof(starter_conn_t, fragmentation), LST_fragmentation }, { ARG_TIME, offsetof(starter_conn_t, sa_ike_life_seconds), NULL }, { ARG_TIME, offsetof(starter_conn_t, sa_ipsec_life_seconds), NULL }, { ARG_TIME, offsetof(starter_conn_t, sa_rekey_margin), NULL }, diff --git a/src/starter/confread.c b/src/starter/confread.c index 6544b1ccd..fecb998df 100644 --- a/src/starter/confread.c +++ b/src/starter/confread.c @@ -22,7 +22,7 @@ #include #include -#include +#include #include "keywords.h" #include "confread.h" @@ -36,7 +36,7 @@ #define SA_REPLACEMENT_RETRIES_DEFAULT 3 static const char ike_defaults[] = "aes128-sha1-modp2048,3des-sha1-modp1536"; -static const char esp_defaults[] = "aes128-sha1-modp2048,3des-sha1-modp1536"; +static const char esp_defaults[] = "aes128-sha1,3des-sha1"; static const char firewall_defaults[] = "ipsec _updown iptables"; diff --git a/src/starter/confread.h b/src/starter/confread.h index 3f2079883..a0f6234f9 100644 --- a/src/starter/confread.h +++ b/src/starter/confread.h @@ -50,7 +50,7 @@ typedef enum { typedef enum { STRICT_NO, STRICT_YES, - STRICT_IFURI + STRICT_IFURI, } strict_t; typedef enum { @@ -69,6 +69,13 @@ typedef enum { DPD_ACTION_UNKNOW, } dpd_action_t; +typedef enum { + /* same as in ike_cfg.h */ + FRAGMENTATION_NO, + FRAGMENTATION_YES, + FRAGMENTATION_FORCE, +} fragmentation_t; + typedef enum { /* IPsec options */ SA_OPTION_AUTHENTICATE = 1 << 0, /* use AH instead of ESP? */ @@ -140,6 +147,7 @@ struct starter_conn { char *authby; ipsec_mode_t mode; bool proxy_mode; + fragmentation_t fragmentation; sa_option_t options; time_t sa_ike_life_seconds; time_t sa_ipsec_life_seconds; diff --git a/src/starter/invokecharon.c b/src/starter/invokecharon.c index 102d1589e..1c93381f7 100644 --- a/src/starter/invokecharon.c +++ b/src/starter/invokecharon.c @@ -24,7 +24,7 @@ #include #include -#include +#include #include "confread.h" #include "invokecharon.h" diff --git a/src/starter/keywords.c b/src/starter/keywords.c index 7615a81d2..b75ff1395 100644 --- a/src/starter/keywords.c +++ b/src/starter/keywords.c @@ -54,12 +54,12 @@ struct kw_entry { kw_token_t token; }; -#define TOTAL_KEYWORDS 134 +#define TOTAL_KEYWORDS 135 #define MIN_WORD_LENGTH 3 #define MAX_WORD_LENGTH 17 -#define MIN_HASH_VALUE 9 -#define MAX_HASH_VALUE 220 -/* maximum key range = 212, duplicates = 0 */ +#define MIN_HASH_VALUE 10 +#define MAX_HASH_VALUE 259 +/* maximum key range = 250, duplicates = 0 */ #ifdef __GNUC__ __inline @@ -73,34 +73,34 @@ hash (str, len) register const char *str; register unsigned int len; { - static const unsigned char asso_values[] = + static const unsigned short asso_values[] = { - 221, 221, 221, 221, 221, 221, 221, 221, 221, 221, - 221, 221, 221, 221, 221, 221, 221, 221, 221, 221, - 221, 221, 221, 221, 221, 221, 221, 221, 221, 221, - 221, 221, 221, 221, 221, 221, 221, 221, 221, 221, - 221, 221, 221, 221, 221, 221, 221, 221, 221, 62, - 117, 221, 221, 221, 221, 221, 221, 221, 221, 221, - 221, 221, 221, 221, 221, 221, 221, 221, 221, 221, - 221, 221, 221, 221, 221, 221, 221, 221, 221, 221, - 221, 221, 221, 221, 221, 221, 221, 221, 221, 221, - 221, 221, 221, 221, 221, 0, 221, 27, 0, 79, - 26, 0, 6, 0, 92, 0, 221, 44, 58, 36, - 36, 73, 33, 5, 16, 0, 7, 87, 0, 221, - 221, 11, 3, 221, 221, 221, 221, 221, 221, 221, - 221, 221, 221, 221, 221, 221, 221, 221, 221, 221, - 221, 221, 221, 221, 221, 221, 221, 221, 221, 221, - 221, 221, 221, 221, 221, 221, 221, 221, 221, 221, - 221, 221, 221, 221, 221, 221, 221, 221, 221, 221, - 221, 221, 221, 221, 221, 221, 221, 221, 221, 221, - 221, 221, 221, 221, 221, 221, 221, 221, 221, 221, - 221, 221, 221, 221, 221, 221, 221, 221, 221, 221, - 221, 221, 221, 221, 221, 221, 221, 221, 221, 221, - 221, 221, 221, 221, 221, 221, 221, 221, 221, 221, - 221, 221, 221, 221, 221, 221, 221, 221, 221, 221, - 221, 221, 221, 221, 221, 221, 221, 221, 221, 221, - 221, 221, 221, 221, 221, 221, 221, 221, 221, 221, - 221, 221, 221, 221, 221, 221 + 260, 260, 260, 260, 260, 260, 260, 260, 260, 260, + 260, 260, 260, 260, 260, 260, 260, 260, 260, 260, + 260, 260, 260, 260, 260, 260, 260, 260, 260, 260, + 260, 260, 260, 260, 260, 260, 260, 260, 260, 260, + 260, 260, 260, 260, 260, 260, 260, 260, 260, 15, + 99, 260, 260, 260, 260, 260, 260, 260, 260, 260, + 260, 260, 260, 260, 260, 260, 260, 260, 260, 260, + 260, 260, 260, 260, 260, 260, 260, 260, 260, 260, + 260, 260, 260, 260, 260, 260, 260, 260, 260, 260, + 260, 260, 260, 260, 260, 11, 260, 11, 2, 80, + 55, 6, 3, 2, 114, 2, 260, 83, 70, 6, + 22, 81, 51, 7, 14, 2, 7, 122, 2, 260, + 260, 43, 19, 260, 260, 260, 260, 260, 260, 260, + 260, 260, 260, 260, 260, 260, 260, 260, 260, 260, + 260, 260, 260, 260, 260, 260, 260, 260, 260, 260, + 260, 260, 260, 260, 260, 260, 260, 260, 260, 260, + 260, 260, 260, 260, 260, 260, 260, 260, 260, 260, + 260, 260, 260, 260, 260, 260, 260, 260, 260, 260, + 260, 260, 260, 260, 260, 260, 260, 260, 260, 260, + 260, 260, 260, 260, 260, 260, 260, 260, 260, 260, + 260, 260, 260, 260, 260, 260, 260, 260, 260, 260, + 260, 260, 260, 260, 260, 260, 260, 260, 260, 260, + 260, 260, 260, 260, 260, 260, 260, 260, 260, 260, + 260, 260, 260, 260, 260, 260, 260, 260, 260, 260, + 260, 260, 260, 260, 260, 260, 260, 260, 260, 260, + 260, 260, 260, 260, 260, 260 }; register int hval = len; @@ -124,166 +124,170 @@ hash (str, len) static const struct kw_entry wordlist[] = { {"pfs", KW_PFS_DEPRECATED}, - {"aggressive", KW_AGGRESSIVE}, - {"rightgroups", KW_RIGHTGROUPS}, {"right", KW_RIGHT}, - {"lifetime", KW_KEYLIFE}, + {"rightgroups", KW_RIGHTGROUPS}, {"left", KW_LEFT}, + {"lifetime", KW_KEYLIFE}, + {"aggressive", KW_AGGRESSIVE}, {"rightsubnet", KW_RIGHTSUBNET}, {"rightikeport", KW_RIGHTIKEPORT}, {"rightsendcert", KW_RIGHTSENDCERT}, + {"lifepackets", KW_LIFEPACKETS}, {"leftcert", KW_LEFTCERT}, - {"keyingtries", KW_KEYINGTRIES}, - {"keylife", KW_KEYLIFE}, {"leftsendcert", KW_LEFTSENDCERT}, - {"lifebytes", KW_LIFEBYTES}, - {"leftrsasigkey", KW_LEFTRSASIGKEY}, - {"leftcertpolicy", KW_LEFTCERTPOLICY}, {"leftgroups", KW_LEFTGROUPS}, - {"rightid", KW_RIGHTID}, - {"rightdns", KW_RIGHTDNS}, - {"me_peerid", KW_ME_PEERID}, - {"reqid", KW_REQID}, + {"leftca", KW_LEFTCA}, {"keep_alive", KW_SETUP_DEPRECATED}, - {"rightrsasigkey", KW_RIGHTRSASIGKEY}, + {"leftdns", KW_LEFTDNS}, + {"uniqueids", KW_UNIQUEIDS}, {"leftprotoport", KW_LEFTPROTOPORT}, + {"interfaces", KW_SETUP_DEPRECATED}, + {"rightsubnetwithin", KW_RIGHTSUBNET}, + {"virtual_private", KW_SETUP_DEPRECATED}, {"certuribase", KW_CERTURIBASE}, - {"lifepackets", KW_LIFEPACKETS}, - {"uniqueids", KW_UNIQUEIDS}, + {"mark_in", KW_MARK_IN}, + {"lifebytes", KW_LIFEBYTES}, + {"marginbytes", KW_MARGINBYTES}, + {"marginpackets", KW_MARGINPACKETS}, + {"margintime", KW_REKEYMARGIN}, + {"keyingtries", KW_KEYINGTRIES}, + {"keylife", KW_KEYLIFE}, + {"fragmentation", KW_FRAGMENTATION}, + {"leftrsasigkey", KW_LEFTRSASIGKEY}, + {"rightid", KW_RIGHTID}, + {"rightdns", KW_RIGHTDNS}, {"rightsourceip", KW_RIGHTSOURCEIP}, - {"ike", KW_IKE}, - {"type", KW_TYPE}, - {"leftdns", KW_LEFTDNS}, - {"leftnexthop", KW_LEFT_DEPRECATED}, {"rightallowany", KW_RIGHTALLOWANY}, - {"rightsubnetwithin", KW_RIGHTSUBNET}, + {"leftcertpolicy", KW_LEFTCERTPOLICY}, + {"reqid", KW_REQID}, + {"rightrsasigkey", KW_RIGHTRSASIGKEY}, {"rightprotoport", KW_RIGHTPROTOPORT}, - {"mediated_by", KW_MEDIATED_BY}, + {"leftnexthop", KW_LEFT_DEPRECATED}, {"strictcrlpolicy", KW_STRICTCRLPOLICY}, - {"virtual_private", KW_SETUP_DEPRECATED}, - {"interfaces", KW_SETUP_DEPRECATED}, - {"rekey", KW_REKEY}, - {"ikelifetime", KW_IKELIFETIME}, - {"rekeyfuzz", KW_REKEYFUZZ}, - {"leftid", KW_LEFTID}, - {"leftca", KW_LEFTCA}, - {"leftikeport", KW_LEFTIKEPORT}, - {"esp", KW_ESP}, - {"leftfirewall", KW_LEFTFIREWALL}, + {"me_peerid", KW_ME_PEERID}, + {"inactivity", KW_INACTIVITY}, + {"rightnexthop", KW_RIGHT_DEPRECATED}, {"rightfirewall", KW_RIGHTFIREWALL}, + {"ldapbase", KW_CA_DEPRECATED}, + {"leftupdown", KW_LEFTUPDOWN}, + {"leftfirewall", KW_LEFTFIREWALL}, + {"crluri", KW_CRLURI}, + {"ike", KW_IKE}, {"mediation", KW_MEDIATION}, + {"rightcert", KW_RIGHTCERT}, {"mobike", KW_MOBIKE}, - {"crluri", KW_CRLURI}, - {"rightnexthop", KW_RIGHT_DEPRECATED}, - {"inactivity", KW_INACTIVITY}, - {"leftupdown", KW_LEFTUPDOWN}, - {"mark_in", KW_MARK_IN}, - {"leftallowany", KW_LEFTALLOWANY}, - {"ldapbase", KW_CA_DEPRECATED}, - {"margintime", KW_REKEYMARGIN}, - {"marginbytes", KW_MARGINBYTES}, - {"mark", KW_MARK}, - {"marginpackets", KW_MARGINPACKETS}, + {"rightca", KW_RIGHTCA}, + {"compress", KW_COMPRESS}, + {"type", KW_TYPE}, + {"ocspuri", KW_OCSPURI}, {"lefthostaccess", KW_LEFTHOSTACCESS}, - {"klipsdebug", KW_SETUP_DEPRECATED}, - {"rightcert", KW_RIGHTCERT}, - {"eap", KW_CONN_DEPRECATED}, - {"overridemtu", KW_SETUP_DEPRECATED}, + {"esp", KW_ESP}, + {"crluri1", KW_CRLURI}, + {"ikelifetime", KW_IKELIFETIME}, + {"leftikeport", KW_LEFTIKEPORT}, + {"cacert", KW_CACERT}, + {"mark", KW_MARK}, + {"rightid2", KW_RIGHTID2}, {"forceencaps", KW_FORCEENCAPS}, - {"keyexchange", KW_KEYEXCHANGE}, - {"ocspuri", KW_OCSPURI}, - {"aaa_identity", KW_AAA_IDENTITY}, + {"nat_traversal", KW_SETUP_DEPRECATED}, + {"eap", KW_CONN_DEPRECATED}, + {"rightgroups2", KW_RIGHTGROUPS2}, + {"packetdefault", KW_SETUP_DEPRECATED}, + {"ocspuri1", KW_OCSPURI}, + {"rekeyfuzz", KW_REKEYFUZZ}, + {"mark_out", KW_MARK_OUT}, + {"mediated_by", KW_MEDIATED_BY}, + {"leftcert2", KW_LEFTCERT2}, + {"rightauth2", KW_RIGHTAUTH2}, + {"leftid", KW_LEFTID}, + {"leftca2", KW_LEFTCA2}, {"force_keepalive", KW_SETUP_DEPRECATED}, + {"rekeymargin", KW_REKEYMARGIN}, + {"dpdtimeout", KW_DPDTIMEOUT}, + {"aaa_identity", KW_AAA_IDENTITY}, + {"leftgroups2", KW_LEFTGROUPS2}, + {"leftallowany", KW_LEFTALLOWANY}, + {"righthostaccess", KW_RIGHTHOSTACCESS}, + {"rekey", KW_REKEY}, + {"rightauth", KW_RIGHTAUTH}, + {"klipsdebug", KW_SETUP_DEPRECATED}, {"rightcertpolicy", KW_RIGHTCERTPOLICY}, + {"overridemtu", KW_SETUP_DEPRECATED}, + {"dpdaction", KW_DPDACTION}, + {"pfsgroup", KW_PFS_DEPRECATED}, + {"keyexchange", KW_KEYEXCHANGE}, {"hidetos", KW_SETUP_DEPRECATED}, - {"righthostaccess", KW_RIGHTHOSTACCESS}, - {"eap_identity", KW_EAP_IDENTITY}, {"leftsubnet", KW_LEFTSUBNET}, - {"dpdaction", KW_DPDACTION}, - {"dpdtimeout", KW_DPDTIMEOUT}, - {"rightca", KW_RIGHTCA}, - {"compress", KW_COMPRESS}, {"installpolicy", KW_INSTALLPOLICY}, - {"pfsgroup", KW_PFS_DEPRECATED}, - {"nat_traversal", KW_SETUP_DEPRECATED}, - {"authby", KW_AUTHBY}, + {"dumpdir", KW_SETUP_DEPRECATED}, {"leftsourceip", KW_LEFTSOURCEIP}, - {"rightid2", KW_RIGHTID2}, - {"cacert", KW_CACERT}, - {"rekeymargin", KW_REKEYMARGIN}, - {"rightauth", KW_RIGHTAUTH}, - {"rightgroups2", KW_RIGHTGROUPS2}, - {"mark_out", KW_MARK_OUT}, - {"leftcert2", KW_LEFTCERT2}, - {"packetdefault", KW_SETUP_DEPRECATED}, - {"rightupdown", KW_RIGHTUPDOWN}, {"also", KW_ALSO}, - {"dpddelay", KW_DPDDELAY}, - {"xauth_identity", KW_XAUTH_IDENTITY}, + {"rightupdown", KW_RIGHTUPDOWN}, + {"charondebug", KW_CHARONDEBUG}, {"ldaphost", KW_CA_DEPRECATED}, - {"crluri1", KW_CRLURI}, + {"fragicmp", KW_SETUP_DEPRECATED}, + {"charonstart", KW_SETUP_DEPRECATED}, + {"tfc", KW_TFC}, {"leftsubnetwithin", KW_LEFTSUBNET}, - {"dumpdir", KW_SETUP_DEPRECATED}, - {"crlcheckinterval", KW_SETUP_DEPRECATED}, - {"leftgroups2", KW_LEFTGROUPS2}, - {"rightauth2", KW_RIGHTAUTH2}, {"leftid2", KW_LEFTID2}, - {"leftca2", KW_LEFTCA2}, + {"eap_identity", KW_EAP_IDENTITY}, + {"crlcheckinterval", KW_SETUP_DEPRECATED}, + {"cachecrls", KW_CACHECRLS}, + {"rightca2", KW_RIGHTCA2}, + {"crluri2", KW_CRLURI2}, + {"rightcert2", KW_RIGHTCERT2}, + {"pkcs11initargs", KW_PKCS11_DEPRECATED}, + {"closeaction", KW_CLOSEACTION}, + {"pkcs11module", KW_PKCS11_DEPRECATED}, + {"pkcs11keepstate", KW_PKCS11_DEPRECATED}, + {"xauth_identity", KW_XAUTH_IDENTITY}, + {"ocspuri2", KW_OCSPURI2}, {"plutostderrlog", KW_SETUP_DEPRECATED}, {"plutostart", KW_SETUP_DEPRECATED}, - {"fragicmp", KW_SETUP_DEPRECATED}, - {"ocspuri1", KW_OCSPURI}, - {"charondebug", KW_CHARONDEBUG}, - {"tfc", KW_TFC}, {"auto", KW_AUTO}, - {"charonstart", KW_SETUP_DEPRECATED}, - {"plutodebug", KW_SETUP_DEPRECATED}, + {"authby", KW_AUTHBY}, + {"dpddelay", KW_DPDDELAY}, {"modeconfig", KW_MODECONFIG}, - {"prepluto", KW_SETUP_DEPRECATED}, {"nocrsend", KW_SETUP_DEPRECATED}, - {"auth", KW_AUTH}, - {"leftauth", KW_LEFTAUTH}, - {"cachecrls", KW_CACHECRLS}, - {"pkcs11module", KW_PKCS11_DEPRECATED}, - {"crluri2", KW_CRLURI2}, - {"pkcs11initargs", KW_PKCS11_DEPRECATED}, - {"pkcs11keepstate", KW_PKCS11_DEPRECATED}, - {"rightca2", KW_RIGHTCA2}, - {"closeaction", KW_CLOSEACTION}, - {"rightcert2", KW_RIGHTCERT2}, + {"prepluto", KW_SETUP_DEPRECATED}, {"pkcs11proxy", KW_PKCS11_DEPRECATED}, - {"xauth", KW_XAUTH}, + {"leftauth2", KW_LEFTAUTH2}, {"postpluto", KW_SETUP_DEPRECATED}, + {"auth", KW_AUTH}, {"reauth", KW_REAUTH}, - {"leftauth2", KW_LEFTAUTH2}, - {"ocspuri2", KW_OCSPURI2} + {"xauth", KW_XAUTH}, + {"leftauth", KW_LEFTAUTH}, + {"plutodebug", KW_SETUP_DEPRECATED} }; static const short lookup[] = { - -1, -1, -1, -1, -1, -1, -1, -1, -1, 0, - 1, 2, 3, -1, 4, -1, -1, 5, 6, 7, - 8, 9, 10, -1, 11, 12, 13, -1, -1, -1, - 14, 15, 16, 17, 18, 19, 20, 21, -1, -1, - -1, 22, 23, 24, 25, 26, 27, 28, 29, 30, - 31, 32, -1, 33, 34, 35, 36, -1, 37, 38, - 39, 40, 41, -1, 42, -1, 43, -1, 44, 45, - -1, -1, -1, -1, -1, -1, 46, 47, 48, 49, - 50, 51, -1, -1, 52, 53, 54, 55, 56, 57, - 58, 59, 60, 61, 62, 63, 64, -1, 65, -1, - 66, 67, 68, 69, 70, 71, 72, 73, -1, 74, - 75, 76, 77, 78, -1, -1, -1, 79, 80, -1, - 81, 82, 83, -1, 84, 85, 86, 87, 88, 89, - -1, 90, 91, 92, 93, 94, 95, -1, -1, 96, - -1, 97, -1, 98, -1, 99, 100, -1, 101, -1, - 102, -1, -1, -1, 103, -1, 104, 105, -1, 106, - -1, -1, 107, 108, -1, 109, 110, 111, -1, -1, - -1, 112, -1, 113, -1, -1, -1, -1, -1, -1, - -1, 114, 115, -1, 116, -1, 117, -1, -1, -1, - 118, -1, -1, 119, 120, -1, -1, 121, 122, 123, - 124, -1, -1, -1, 125, 126, 127, 128, -1, -1, - -1, 129, -1, 130, -1, -1, -1, 131, -1, 132, - 133 + -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, + 0, -1, -1, -1, -1, -1, 1, -1, -1, 2, + 3, 4, 5, -1, 6, 7, 8, -1, -1, 9, + 10, -1, -1, -1, 11, 12, -1, 13, -1, 14, + 15, 16, -1, 17, 18, 19, -1, -1, 20, -1, + -1, 21, -1, -1, -1, -1, 22, -1, -1, 23, + 24, -1, 25, 26, 27, 28, 29, 30, 31, 32, + 33, 34, 35, 36, -1, 37, 38, 39, -1, -1, + -1, -1, -1, -1, -1, -1, 40, 41, 42, 43, + 44, 45, 46, 47, 48, -1, -1, -1, 49, 50, + 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, + 61, 62, 63, 64, 65, 66, 67, 68, 69, 70, + 71, 72, 73, 74, 75, 76, 77, 78, 79, 80, + -1, -1, 81, 82, 83, 84, -1, 85, 86, 87, + -1, -1, 88, 89, 90, 91, 92, 93, 94, -1, + 95, 96, -1, 97, -1, -1, -1, 98, -1, 99, + 100, -1, 101, -1, 102, 103, 104, -1, -1, 105, + 106, -1, 107, -1, -1, -1, 108, -1, -1, -1, + -1, -1, 109, -1, -1, -1, -1, -1, -1, -1, + -1, 110, 111, 112, 113, 114, 115, -1, -1, 116, + -1, 117, -1, 118, -1, -1, -1, -1, -1, -1, + 119, 120, -1, -1, 121, -1, -1, -1, -1, -1, + -1, 122, -1, -1, -1, -1, -1, 123, -1, 124, + 125, 126, 127, -1, -1, -1, -1, -1, -1, 128, + -1, -1, -1, 129, -1, -1, -1, 130, -1, -1, + -1, 131, 132, 133, -1, -1, -1, -1, -1, 134 }; #ifdef __GNUC__ diff --git a/src/starter/keywords.h b/src/starter/keywords.h index 537bceb07..f776f33c9 100644 --- a/src/starter/keywords.h +++ b/src/starter/keywords.h @@ -42,6 +42,7 @@ typedef enum { KW_AAA_IDENTITY, KW_MOBIKE, KW_FORCEENCAPS, + KW_FRAGMENTATION, KW_IKELIFETIME, KW_KEYLIFE, KW_REKEYMARGIN, diff --git a/src/starter/keywords.txt b/src/starter/keywords.txt index 8366f5209..1f1641287 100644 --- a/src/starter/keywords.txt +++ b/src/starter/keywords.txt @@ -40,6 +40,7 @@ eap_identity, KW_EAP_IDENTITY aaa_identity, KW_AAA_IDENTITY mobike, KW_MOBIKE forceencaps, KW_FORCEENCAPS +fragmentation, KW_FRAGMENTATION ikelifetime, KW_IKELIFETIME lifetime, KW_KEYLIFE keylife, KW_KEYLIFE diff --git a/src/starter/klips.c b/src/starter/klips.c index 484b7e281..22165465f 100644 --- a/src/starter/klips.c +++ b/src/starter/klips.c @@ -17,7 +17,7 @@ #include #include -#include +#include #include "files.h" diff --git a/src/starter/netkey.c b/src/starter/netkey.c index 25f68e505..921a220db 100644 --- a/src/starter/netkey.c +++ b/src/starter/netkey.c @@ -18,7 +18,7 @@ #include #include -#include +#include #include "files.h" diff --git a/src/starter/parser.c b/src/starter/parser.c index beb752a51..9a5831ef8 100644 --- a/src/starter/parser.c +++ b/src/starter/parser.c @@ -1,10 +1,8 @@ +/* A Bison parser, made by GNU Bison 2.5. */ -/* A Bison parser, made by GNU Bison 2.4.1. */ - -/* Skeleton implementation for Bison's Yacc-like parsers in C +/* Bison implementation for Yacc-like parsers in C - Copyright (C) 1984, 1989, 1990, 2000, 2001, 2002, 2003, 2004, 2005, 2006 - Free Software Foundation, Inc. + Copyright (C) 1984, 1989-1990, 2000-2011 Free Software Foundation, Inc. This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -46,7 +44,7 @@ #define YYBISON 1 /* Bison version. */ -#define YYBISON_VERSION "2.4.1" +#define YYBISON_VERSION "2.5" /* Skeleton name. */ #define YYSKELETON_NAME "yacc.c" @@ -67,7 +65,7 @@ /* Copy the first part of user declarations. */ -/* Line 189 of yacc.c */ +/* Line 268 of yacc.c */ #line 1 "parser.y" /* strongSwan config file parser (parser.y) @@ -89,7 +87,7 @@ #include #include -#include +#include #include "ipsec-parser.h" @@ -120,8 +118,8 @@ extern kw_entry_t *in_word_set (char *str, unsigned int len); -/* Line 189 of yacc.c */ -#line 125 "parser.c" +/* Line 268 of yacc.c */ +#line 123 "parser.c" /* Enabling traces. */ #ifndef YYDEBUG @@ -179,13 +177,13 @@ extern kw_entry_t *in_word_set (char *str, unsigned int len); typedef union YYSTYPE { -/* Line 214 of yacc.c */ +/* Line 293 of yacc.c */ #line 52 "parser.y" char *s; -/* Line 214 of yacc.c */ -#line 189 "parser.c" +/* Line 293 of yacc.c */ +#line 187 "parser.c" } YYSTYPE; # define YYSTYPE_IS_TRIVIAL 1 # define yystype YYSTYPE /* obsolescent; will be withdrawn */ @@ -196,8 +194,8 @@ typedef union YYSTYPE /* Copy the second part of user declarations. */ -/* Line 264 of yacc.c */ -#line 201 "parser.c" +/* Line 343 of yacc.c */ +#line 199 "parser.c" #ifdef short # undef short @@ -247,7 +245,7 @@ typedef short int yytype_int16; #define YYSIZE_MAXIMUM ((YYSIZE_T) -1) #ifndef YY_ -# if YYENABLE_NLS +# if defined YYENABLE_NLS && YYENABLE_NLS # if ENABLE_NLS # include /* INFRINGES ON USER NAME SPACE */ # define YY_(msgid) dgettext ("bison-runtime", msgid) @@ -300,11 +298,11 @@ YYID (yyi) # define alloca _alloca # else # define YYSTACK_ALLOC alloca -# if ! defined _ALLOCA_H && ! defined _STDLIB_H && (defined __STDC__ || defined __C99__FUNC__ \ +# if ! defined _ALLOCA_H && ! defined EXIT_SUCCESS && (defined __STDC__ || defined __C99__FUNC__ \ || defined __cplusplus || defined _MSC_VER) # include /* INFRINGES ON USER NAME SPACE */ -# ifndef _STDLIB_H -# define _STDLIB_H 1 +# ifndef EXIT_SUCCESS +# define EXIT_SUCCESS 0 # endif # endif # endif @@ -327,24 +325,24 @@ YYID (yyi) # ifndef YYSTACK_ALLOC_MAXIMUM # define YYSTACK_ALLOC_MAXIMUM YYSIZE_MAXIMUM # endif -# if (defined __cplusplus && ! defined _STDLIB_H \ +# if (defined __cplusplus && ! defined EXIT_SUCCESS \ && ! ((defined YYMALLOC || defined malloc) \ && (defined YYFREE || defined free))) # include /* INFRINGES ON USER NAME SPACE */ -# ifndef _STDLIB_H -# define _STDLIB_H 1 +# ifndef EXIT_SUCCESS +# define EXIT_SUCCESS 0 # endif # endif # ifndef YYMALLOC # define YYMALLOC malloc -# if ! defined malloc && ! defined _STDLIB_H && (defined __STDC__ || defined __C99__FUNC__ \ +# if ! defined malloc && ! defined EXIT_SUCCESS && (defined __STDC__ || defined __C99__FUNC__ \ || defined __cplusplus || defined _MSC_VER) void *malloc (YYSIZE_T); /* INFRINGES ON USER NAME SPACE */ # endif # endif # ifndef YYFREE # define YYFREE free -# if ! defined free && ! defined _STDLIB_H && (defined __STDC__ || defined __C99__FUNC__ \ +# if ! defined free && ! defined EXIT_SUCCESS && (defined __STDC__ || defined __C99__FUNC__ \ || defined __cplusplus || defined _MSC_VER) void free (void *); /* INFRINGES ON USER NAME SPACE */ # endif @@ -373,23 +371,7 @@ union yyalloc ((N) * (sizeof (yytype_int16) + sizeof (YYSTYPE)) \ + YYSTACK_GAP_MAXIMUM) -/* Copy COUNT objects from FROM to TO. The source and destination do - not overlap. */ -# ifndef YYCOPY -# if defined __GNUC__ && 1 < __GNUC__ -# define YYCOPY(To, From, Count) \ - __builtin_memcpy (To, From, (Count) * sizeof (*(From))) -# else -# define YYCOPY(To, From, Count) \ - do \ - { \ - YYSIZE_T yyi; \ - for (yyi = 0; yyi < (Count); yyi++) \ - (To)[yyi] = (From)[yyi]; \ - } \ - while (YYID (0)) -# endif -# endif +# define YYCOPY_NEEDED 1 /* Relocate STACK from its old location to the new one. The local variables YYSIZE and YYSTACKSIZE give the old and new number of @@ -409,6 +391,26 @@ union yyalloc #endif +#if defined YYCOPY_NEEDED && YYCOPY_NEEDED +/* Copy COUNT objects from FROM to TO. The source and destination do + not overlap. */ +# ifndef YYCOPY +# if defined __GNUC__ && 1 < __GNUC__ +# define YYCOPY(To, From, Count) \ + __builtin_memcpy (To, From, (Count) * sizeof (*(From))) +# else +# define YYCOPY(To, From, Count) \ + do \ + { \ + YYSIZE_T yyi; \ + for (yyi = 0; yyi < (Count); yyi++) \ + (To)[yyi] = (From)[yyi]; \ + } \ + while (YYID (0)) +# endif +# endif +#endif /* !YYCOPY_NEEDED */ + /* YYFINAL -- State number of the termination state. */ #define YYFINAL 2 /* YYLAST -- Last index in YYTABLE. */ @@ -526,8 +528,8 @@ static const yytype_uint8 yyr2[] = 5, 0, 4, 1, 4, 0, 3, 2, 0 }; -/* YYDEFACT[STATE-NAME] -- Default rule to reduce with in state - STATE-NUM when YYTABLE doesn't specify something else to do. Zero +/* YYDEFACT[STATE-NAME] -- Default reduction number in state STATE-NUM. + Performed when YYTABLE doesn't specify something else to do. Zero means the default is an error. */ static const yytype_uint8 yydefact[] = { @@ -562,8 +564,7 @@ static const yytype_int8 yypgoto[] = /* YYTABLE[YYPACT[STATE-NUM]]. What to do in state STATE-NUM. If positive, shift that token. If negative, reduce the rule which - number is the opposite. If zero, do what YYDEFACT says. - If YYTABLE_NINF, syntax error. */ + number is the opposite. If YYTABLE_NINF, syntax error. */ #define YYTABLE_NINF -1 static const yytype_uint8 yytable[] = { @@ -572,6 +573,12 @@ static const yytype_uint8 yytable[] = 24, 28, 30, 31, 0, 0, 0, 32 }; +#define yypact_value_is_default(yystate) \ + ((yystate) == (-20)) + +#define yytable_value_is_error(yytable_value) \ + YYID (0) + static const yytype_int8 yycheck[] = { 0, 7, 21, 22, 12, 5, 6, 12, 8, 9, @@ -601,9 +608,18 @@ static const yytype_uint8 yystos[] = /* Like YYERROR except do call yyerror. This remains here temporarily to ease the transition to the new meaning of YYERROR, for GCC. - Once GCC version 2 has supplanted version 1, this can go. */ + Once GCC version 2 has supplanted version 1, this can go. However, + YYFAIL appears to be in use. Nevertheless, it is formally deprecated + in Bison 2.4.2's NEWS entry, where a plan to phase it out is + discussed. */ #define YYFAIL goto yyerrlab +#if defined YYFAIL + /* This is here to suppress warnings from the GCC cpp's + -Wunused-macros. Normally we don't worry about that warning, but + some users do, and we want to make it easy for users to remove + YYFAIL uses, which will produce warnings from Bison 2.5. */ +#endif #define YYRECOVERING() (!!yyerrstatus) @@ -613,7 +629,6 @@ do \ { \ yychar = (Token); \ yylval = (Value); \ - yytoken = YYTRANSLATE (yychar); \ YYPOPSTACK (1); \ goto yybackup; \ } \ @@ -655,19 +670,10 @@ while (YYID (0)) #endif -/* YY_LOCATION_PRINT -- Print the location on the stream. - This macro was not mandated originally: define only if we know - we won't break user code: when these are the locations we know. */ +/* This macro is provided for backward compatibility. */ #ifndef YY_LOCATION_PRINT -# if YYLTYPE_IS_TRIVIAL -# define YY_LOCATION_PRINT(File, Loc) \ - fprintf (File, "%d.%d-%d.%d", \ - (Loc).first_line, (Loc).first_column, \ - (Loc).last_line, (Loc).last_column) -# else -# define YY_LOCATION_PRINT(File, Loc) ((void) 0) -# endif +# define YY_LOCATION_PRINT(File, Loc) ((void) 0) #endif @@ -859,7 +865,6 @@ int yydebug; # define YYMAXDEPTH 10000 #endif - #if YYERROR_VERBOSE @@ -962,115 +967,142 @@ yytnamerr (char *yyres, const char *yystr) } # endif -/* Copy into YYRESULT an error message about the unexpected token - YYCHAR while in state YYSTATE. Return the number of bytes copied, - including the terminating null byte. If YYRESULT is null, do not - copy anything; just return the number of bytes that would be - copied. As a special case, return 0 if an ordinary "syntax error" - message will do. Return YYSIZE_MAXIMUM if overflow occurs during - size calculation. */ -static YYSIZE_T -yysyntax_error (char *yyresult, int yystate, int yychar) -{ - int yyn = yypact[yystate]; +/* Copy into *YYMSG, which is of size *YYMSG_ALLOC, an error message + about the unexpected token YYTOKEN for the state stack whose top is + YYSSP. - if (! (YYPACT_NINF < yyn && yyn <= YYLAST)) - return 0; - else + Return 0 if *YYMSG was successfully written. Return 1 if *YYMSG is + not large enough to hold the message. In that case, also set + *YYMSG_ALLOC to the required number of bytes. Return 2 if the + required number of bytes is too large to store. */ +static int +yysyntax_error (YYSIZE_T *yymsg_alloc, char **yymsg, + yytype_int16 *yyssp, int yytoken) +{ + YYSIZE_T yysize0 = yytnamerr (0, yytname[yytoken]); + YYSIZE_T yysize = yysize0; + YYSIZE_T yysize1; + enum { YYERROR_VERBOSE_ARGS_MAXIMUM = 5 }; + /* Internationalized format string. */ + const char *yyformat = 0; + /* Arguments of yyformat. */ + char const *yyarg[YYERROR_VERBOSE_ARGS_MAXIMUM]; + /* Number of reported tokens (one for the "unexpected", one per + "expected"). */ + int yycount = 0; + + /* There are many possibilities here to consider: + - Assume YYFAIL is not used. It's too flawed to consider. See + + for details. YYERROR is fine as it does not invoke this + function. + - If this state is a consistent state with a default action, then + the only way this function was invoked is if the default action + is an error action. In that case, don't check for expected + tokens because there are none. + - The only way there can be no lookahead present (in yychar) is if + this state is a consistent state with a default action. Thus, + detecting the absence of a lookahead is sufficient to determine + that there is no unexpected or expected token to report. In that + case, just report a simple "syntax error". + - Don't assume there isn't a lookahead just because this state is a + consistent state with a default action. There might have been a + previous inconsistent state, consistent state with a non-default + action, or user semantic action that manipulated yychar. + - Of course, the expected token list depends on states to have + correct lookahead information, and it depends on the parser not + to perform extra reductions after fetching a lookahead from the + scanner and before detecting a syntax error. Thus, state merging + (from LALR or IELR) and default reductions corrupt the expected + token list. However, the list is correct for canonical LR with + one exception: it will still contain any token that will not be + accepted due to an error action in a later state. + */ + if (yytoken != YYEMPTY) { - int yytype = YYTRANSLATE (yychar); - YYSIZE_T yysize0 = yytnamerr (0, yytname[yytype]); - YYSIZE_T yysize = yysize0; - YYSIZE_T yysize1; - int yysize_overflow = 0; - enum { YYERROR_VERBOSE_ARGS_MAXIMUM = 5 }; - char const *yyarg[YYERROR_VERBOSE_ARGS_MAXIMUM]; - int yyx; - -# if 0 - /* This is so xgettext sees the translatable formats that are - constructed on the fly. */ - YY_("syntax error, unexpected %s"); - YY_("syntax error, unexpected %s, expecting %s"); - YY_("syntax error, unexpected %s, expecting %s or %s"); - YY_("syntax error, unexpected %s, expecting %s or %s or %s"); - YY_("syntax error, unexpected %s, expecting %s or %s or %s or %s"); -# endif - char *yyfmt; - char const *yyf; - static char const yyunexpected[] = "syntax error, unexpected %s"; - static char const yyexpecting[] = ", expecting %s"; - static char const yyor[] = " or %s"; - char yyformat[sizeof yyunexpected - + sizeof yyexpecting - 1 - + ((YYERROR_VERBOSE_ARGS_MAXIMUM - 2) - * (sizeof yyor - 1))]; - char const *yyprefix = yyexpecting; - - /* Start YYX at -YYN if negative to avoid negative indexes in - YYCHECK. */ - int yyxbegin = yyn < 0 ? -yyn : 0; - - /* Stay within bounds of both yycheck and yytname. */ - int yychecklim = YYLAST - yyn + 1; - int yyxend = yychecklim < YYNTOKENS ? yychecklim : YYNTOKENS; - int yycount = 1; - - yyarg[0] = yytname[yytype]; - yyfmt = yystpcpy (yyformat, yyunexpected); - - for (yyx = yyxbegin; yyx < yyxend; ++yyx) - if (yycheck[yyx + yyn] == yyx && yyx != YYTERROR) - { - if (yycount == YYERROR_VERBOSE_ARGS_MAXIMUM) - { - yycount = 1; - yysize = yysize0; - yyformat[sizeof yyunexpected - 1] = '\0'; - break; - } - yyarg[yycount++] = yytname[yyx]; - yysize1 = yysize + yytnamerr (0, yytname[yyx]); - yysize_overflow |= (yysize1 < yysize); - yysize = yysize1; - yyfmt = yystpcpy (yyfmt, yyprefix); - yyprefix = yyor; - } + int yyn = yypact[*yyssp]; + yyarg[yycount++] = yytname[yytoken]; + if (!yypact_value_is_default (yyn)) + { + /* Start YYX at -YYN if negative to avoid negative indexes in + YYCHECK. In other words, skip the first -YYN actions for + this state because they are default actions. */ + int yyxbegin = yyn < 0 ? -yyn : 0; + /* Stay within bounds of both yycheck and yytname. */ + int yychecklim = YYLAST - yyn + 1; + int yyxend = yychecklim < YYNTOKENS ? yychecklim : YYNTOKENS; + int yyx; + + for (yyx = yyxbegin; yyx < yyxend; ++yyx) + if (yycheck[yyx + yyn] == yyx && yyx != YYTERROR + && !yytable_value_is_error (yytable[yyx + yyn])) + { + if (yycount == YYERROR_VERBOSE_ARGS_MAXIMUM) + { + yycount = 1; + yysize = yysize0; + break; + } + yyarg[yycount++] = yytname[yyx]; + yysize1 = yysize + yytnamerr (0, yytname[yyx]); + if (! (yysize <= yysize1 + && yysize1 <= YYSTACK_ALLOC_MAXIMUM)) + return 2; + yysize = yysize1; + } + } + } - yyf = YY_(yyformat); - yysize1 = yysize + yystrlen (yyf); - yysize_overflow |= (yysize1 < yysize); - yysize = yysize1; + switch (yycount) + { +# define YYCASE_(N, S) \ + case N: \ + yyformat = S; \ + break + YYCASE_(0, YY_("syntax error")); + YYCASE_(1, YY_("syntax error, unexpected %s")); + YYCASE_(2, YY_("syntax error, unexpected %s, expecting %s")); + YYCASE_(3, YY_("syntax error, unexpected %s, expecting %s or %s")); + YYCASE_(4, YY_("syntax error, unexpected %s, expecting %s or %s or %s")); + YYCASE_(5, YY_("syntax error, unexpected %s, expecting %s or %s or %s or %s")); +# undef YYCASE_ + } - if (yysize_overflow) - return YYSIZE_MAXIMUM; + yysize1 = yysize + yystrlen (yyformat); + if (! (yysize <= yysize1 && yysize1 <= YYSTACK_ALLOC_MAXIMUM)) + return 2; + yysize = yysize1; - if (yyresult) - { - /* Avoid sprintf, as that infringes on the user's name space. - Don't have undefined behavior even if the translation - produced a string with the wrong number of "%s"s. */ - char *yyp = yyresult; - int yyi = 0; - while ((*yyp = *yyf) != '\0') - { - if (*yyp == '%' && yyf[1] == 's' && yyi < yycount) - { - yyp += yytnamerr (yyp, yyarg[yyi++]); - yyf += 2; - } - else - { - yyp++; - yyf++; - } - } - } - return yysize; + if (*yymsg_alloc < yysize) + { + *yymsg_alloc = 2 * yysize; + if (! (yysize <= *yymsg_alloc + && *yymsg_alloc <= YYSTACK_ALLOC_MAXIMUM)) + *yymsg_alloc = YYSTACK_ALLOC_MAXIMUM; + return 1; } + + /* Avoid sprintf, as that infringes on the user's name space. + Don't have undefined behavior even if the translation + produced a string with the wrong number of "%s"s. */ + { + char *yyp = *yymsg; + int yyi = 0; + while ((*yyp = *yyformat) != '\0') + if (*yyp == '%' && yyformat[1] == 's' && yyi < yycount) + { + yyp += yytnamerr (yyp, yyarg[yyi++]); + yyformat += 2; + } + else + { + yyp++; + yyformat++; + } + } + return 0; } #endif /* YYERROR_VERBOSE */ - /*-----------------------------------------------. | Release the memory associated to this symbol. | @@ -1103,6 +1135,7 @@ yydestruct (yymsg, yytype, yyvaluep) } } + /* Prevent warnings from -Wmissing-prototypes. */ #ifdef YYPARSE_PARAM #if defined __STDC__ || defined __cplusplus @@ -1129,10 +1162,9 @@ YYSTYPE yylval; int yynerrs; - -/*-------------------------. -| yyparse or yypush_parse. | -`-------------------------*/ +/*----------. +| yyparse. | +`----------*/ #ifdef YYPARSE_PARAM #if (defined __STDC__ || defined __C99__FUNC__ \ @@ -1156,8 +1188,6 @@ yyparse () #endif #endif { - - int yystate; /* Number of tokens to shift before error messages enabled. */ int yyerrstatus; @@ -1312,7 +1342,7 @@ yybackup: /* First try to decide what to do without reference to lookahead token. */ yyn = yypact[yystate]; - if (yyn == YYPACT_NINF) + if (yypact_value_is_default (yyn)) goto yydefault; /* Not known => get a lookahead token if don't already have one. */ @@ -1343,8 +1373,8 @@ yybackup: yyn = yytable[yyn]; if (yyn <= 0) { - if (yyn == 0 || yyn == YYTABLE_NINF) - goto yyerrlab; + if (yytable_value_is_error (yyn)) + goto yyerrlab; yyn = -yyn; goto yyreduce; } @@ -1399,7 +1429,7 @@ yyreduce: { case 4: -/* Line 1455 of yacc.c */ +/* Line 1806 of yacc.c */ #line 69 "parser.y" { free((yyvsp[(2) - (3)].s)); @@ -1408,7 +1438,7 @@ yyreduce: case 5: -/* Line 1455 of yacc.c */ +/* Line 1806 of yacc.c */ #line 73 "parser.y" { _parser_kw = &(_parser_cfg->config_setup); @@ -1418,7 +1448,7 @@ yyreduce: case 7: -/* Line 1455 of yacc.c */ +/* Line 1806 of yacc.c */ #line 78 "parser.y" { section_list_t *section = malloc_thing(section_list_t); @@ -1439,7 +1469,7 @@ yyreduce: case 9: -/* Line 1455 of yacc.c */ +/* Line 1806 of yacc.c */ #line 94 "parser.y" { section_list_t *section = malloc_thing(section_list_t); @@ -1459,7 +1489,7 @@ yyreduce: case 11: -/* Line 1455 of yacc.c */ +/* Line 1806 of yacc.c */ #line 109 "parser.y" { extern void _parser_y_include (const char *f); @@ -1470,7 +1500,7 @@ yyreduce: case 16: -/* Line 1455 of yacc.c */ +/* Line 1806 of yacc.c */ #line 124 "parser.y" { kw_list_t *new; @@ -1500,7 +1530,7 @@ yyreduce: case 17: -/* Line 1455 of yacc.c */ +/* Line 1806 of yacc.c */ #line 149 "parser.y" { free((yyvsp[(1) - (2)].s)); @@ -1509,10 +1539,21 @@ yyreduce: -/* Line 1455 of yacc.c */ -#line 1514 "parser.c" +/* Line 1806 of yacc.c */ +#line 1544 "parser.c" default: break; } + /* User semantic actions sometimes alter yychar, and that requires + that yytoken be updated with the new translation. We take the + approach of translating immediately before every use of yytoken. + One alternative is translating here after every semantic action, + but that translation would be missed if the semantic action invokes + YYABORT, YYACCEPT, or YYERROR immediately after altering yychar or + if it invokes YYBACKUP. In the case of YYABORT or YYACCEPT, an + incorrect destructor might then be invoked immediately. In the + case of YYERROR or YYBACKUP, subsequent parser actions might lead + to an incorrect destructor call or verbose syntax error message + before the lookahead is translated. */ YY_SYMBOL_PRINT ("-> $$ =", yyr1[yyn], &yyval, &yyloc); YYPOPSTACK (yylen); @@ -1540,6 +1581,10 @@ yyreduce: | yyerrlab -- here on detecting error | `------------------------------------*/ yyerrlab: + /* Make sure we have latest lookahead translation. See comments at + user semantic actions for why this is necessary. */ + yytoken = yychar == YYEMPTY ? YYEMPTY : YYTRANSLATE (yychar); + /* If not already recovering from an error, report this error. */ if (!yyerrstatus) { @@ -1547,37 +1592,36 @@ yyerrlab: #if ! YYERROR_VERBOSE yyerror (YY_("syntax error")); #else +# define YYSYNTAX_ERROR yysyntax_error (&yymsg_alloc, &yymsg, \ + yyssp, yytoken) { - YYSIZE_T yysize = yysyntax_error (0, yystate, yychar); - if (yymsg_alloc < yysize && yymsg_alloc < YYSTACK_ALLOC_MAXIMUM) - { - YYSIZE_T yyalloc = 2 * yysize; - if (! (yysize <= yyalloc && yyalloc <= YYSTACK_ALLOC_MAXIMUM)) - yyalloc = YYSTACK_ALLOC_MAXIMUM; - if (yymsg != yymsgbuf) - YYSTACK_FREE (yymsg); - yymsg = (char *) YYSTACK_ALLOC (yyalloc); - if (yymsg) - yymsg_alloc = yyalloc; - else - { - yymsg = yymsgbuf; - yymsg_alloc = sizeof yymsgbuf; - } - } - - if (0 < yysize && yysize <= yymsg_alloc) - { - (void) yysyntax_error (yymsg, yystate, yychar); - yyerror (yymsg); - } - else - { - yyerror (YY_("syntax error")); - if (yysize != 0) - goto yyexhaustedlab; - } + char const *yymsgp = YY_("syntax error"); + int yysyntax_error_status; + yysyntax_error_status = YYSYNTAX_ERROR; + if (yysyntax_error_status == 0) + yymsgp = yymsg; + else if (yysyntax_error_status == 1) + { + if (yymsg != yymsgbuf) + YYSTACK_FREE (yymsg); + yymsg = (char *) YYSTACK_ALLOC (yymsg_alloc); + if (!yymsg) + { + yymsg = yymsgbuf; + yymsg_alloc = sizeof yymsgbuf; + yysyntax_error_status = 2; + } + else + { + yysyntax_error_status = YYSYNTAX_ERROR; + yymsgp = yymsg; + } + } + yyerror (yymsgp); + if (yysyntax_error_status == 2) + goto yyexhaustedlab; } +# undef YYSYNTAX_ERROR #endif } @@ -1636,7 +1680,7 @@ yyerrlab1: for (;;) { yyn = yypact[yystate]; - if (yyn != YYPACT_NINF) + if (!yypact_value_is_default (yyn)) { yyn += YYTERROR; if (0 <= yyn && yyn <= YYLAST && yycheck[yyn] == YYTERROR) @@ -1695,8 +1739,13 @@ yyexhaustedlab: yyreturn: if (yychar != YYEMPTY) - yydestruct ("Cleanup: discarding lookahead", - yytoken, &yylval); + { + /* Make sure we have latest lookahead translation. See comments at + user semantic actions for why this is necessary. */ + yytoken = YYTRANSLATE (yychar); + yydestruct ("Cleanup: discarding lookahead", + yytoken, &yylval); + } /* Do not reclaim the symbols of the rule which action triggered this YYABORT or YYACCEPT. */ YYPOPSTACK (yylen); @@ -1721,7 +1770,7 @@ yyreturn: -/* Line 1675 of yacc.c */ +/* Line 2067 of yacc.c */ #line 155 "parser.y" diff --git a/src/starter/parser.h b/src/starter/parser.h index eff532f6d..7007dfef5 100644 --- a/src/starter/parser.h +++ b/src/starter/parser.h @@ -1,10 +1,8 @@ +/* A Bison parser, made by GNU Bison 2.5. */ -/* A Bison parser, made by GNU Bison 2.4.1. */ - -/* Skeleton interface for Bison's Yacc-like parsers in C +/* Bison interface for Yacc-like parsers in C - Copyright (C) 1984, 1989, 1990, 2000, 2001, 2002, 2003, 2004, 2005, 2006 - Free Software Foundation, Inc. + Copyright (C) 1984, 1989-1990, 2000-2011 Free Software Foundation, Inc. This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -70,13 +68,13 @@ typedef union YYSTYPE { -/* Line 1676 of yacc.c */ +/* Line 2068 of yacc.c */ #line 52 "parser.y" char *s; -/* Line 1676 of yacc.c */ -#line 80 "parser.h" +/* Line 2068 of yacc.c */ +#line 78 "parser.h" } YYSTYPE; # define YYSTYPE_IS_TRIVIAL 1 # define yystype YYSTYPE /* obsolescent; will be withdrawn */ diff --git a/src/starter/parser.y b/src/starter/parser.y index 424e3a9fd..2cf0501f4 100644 --- a/src/starter/parser.y +++ b/src/starter/parser.y @@ -18,7 +18,7 @@ #include #include -#include +#include #include "ipsec-parser.h" diff --git a/src/starter/starter.c b/src/starter/starter.c index c6efcb2f4..ae6863fd7 100644 --- a/src/starter/starter.c +++ b/src/starter/starter.c @@ -34,7 +34,7 @@ #include #include #include -#include +#include #include "confread.h" #include "files.h" @@ -328,7 +328,8 @@ static bool check_pid(char *pid_file) static void usage(char *name) { fprintf(stderr, "Usage: starter [--nofork] [--auto-update ]\n" - " [--debug|--debug-more|--debug-all|--nolog]\n"); + " [--debug|--debug-more|--debug-all|--nolog]\n" + " [--attach-gdb]\n"); exit(LSB_RC_INVALID_ARGUMENT); } @@ -594,6 +595,10 @@ int main (int argc, char **argv) { if (starter_charon_pid()) { + if (conn->startup == STARTUP_ROUTE) + { + starter_stroke_unroute_conn(conn); + } starter_stroke_del_conn(conn); } conn->state = STATE_TO_ADD; @@ -622,7 +627,7 @@ int main (int argc, char **argv) DBG2(DBG_APP, "Reloading config..."); new_cfg = confread_load(CONFIG_FILE); - if (new_cfg && (new_cfg->err + new_cfg->non_fatal_err == 0)) + if (new_cfg && (new_cfg->err == 0)) { /* Switch to new config. New conn will be loaded below */ @@ -651,6 +656,10 @@ int main (int argc, char **argv) { if (starter_charon_pid()) { + if (conn->startup == STARTUP_ROUTE) + { + starter_stroke_unroute_conn(conn); + } starter_stroke_del_conn(conn); } } diff --git a/src/starter/starterstroke.c b/src/starter/starterstroke.c index d6ad3eb89..4f9e8fb14 100644 --- a/src/starter/starterstroke.c +++ b/src/starter/starterstroke.c @@ -27,7 +27,7 @@ #include #include -#include +#include #include @@ -180,6 +180,7 @@ int starter_stroke_add_conn(starter_config_t *cfg, starter_conn_t *conn) } msg.add_conn.mobike = conn->options & SA_OPTION_MOBIKE; msg.add_conn.force_encap = conn->options & SA_OPTION_FORCE_ENCAP; + msg.add_conn.fragmentation = conn->fragmentation; msg.add_conn.ipcomp = conn->options & SA_OPTION_COMPRESS; msg.add_conn.install_policy = conn->install_policy; msg.add_conn.aggressive = conn->aggressive; @@ -270,6 +271,16 @@ int starter_stroke_route_conn(starter_conn_t *conn) return send_stroke_msg(&msg); } +int starter_stroke_unroute_conn(starter_conn_t *conn) +{ + stroke_msg_t msg; + + msg.type = STR_UNROUTE; + msg.length = offsetof(stroke_msg_t, buffer); + msg.route.name = push_string(&msg, connection_name(conn)); + return send_stroke_msg(&msg); +} + int starter_stroke_initiate_conn(starter_conn_t *conn) { stroke_msg_t msg; diff --git a/src/starter/starterstroke.h b/src/starter/starterstroke.h index fd2a3e320..126486325 100644 --- a/src/starter/starterstroke.h +++ b/src/starter/starterstroke.h @@ -21,6 +21,7 @@ int starter_stroke_add_conn(starter_config_t *cfg, starter_conn_t *conn); int starter_stroke_del_conn(starter_conn_t *conn); int starter_stroke_route_conn(starter_conn_t *conn); +int starter_stroke_unroute_conn(starter_conn_t *conn); int starter_stroke_initiate_conn(starter_conn_t *conn); int starter_stroke_add_ca(starter_ca_t *ca); int starter_stroke_del_ca(starter_ca_t *ca); -- cgit v1.2.3