rtems/rtems-libbsd
1
0
Fork 0
mirror of https://git.rtems.org/rtems-libbsd/ synced 2025-06-28 22:24:56 +08:00
Code Issues Packages Projects Releases Wiki Activity

ipsec-tools: Port libipsec, setkey and racoon.

Browse Source 
Note that this replaces the libipsec from FreeBSD with the one provided
by ipsec-tools.
This commit is contained in:
Christian Mauderer 2018-05-03 14:15:11 +02:00
parent 8645c9d720
commit b376ae131d
170 changed files with 10964 additions and 20808 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

310
freebsd/lib/libipsec/ipsec_dump_policy.c
View File

@ -1,310 +0,0 @@
#include <machine/rtems-bsd-user-space.h>
/* $KAME: ipsec_dump_policy.c,v 1.13 2002/06/27 14:35:11 itojun Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, 1998, and 1999 WIDE Project.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. Neither the name of the project nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#include <sys/cdefs.h>
__FBSDID("$FreeBSD$");
#include <sys/types.h>
#include <sys/param.h>
#include <sys/socket.h>
#include <netipsec/key_var.h>
#include <netinet/in.h>
#include <netipsec/ipsec.h>
#include <arpa/inet.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <netdb.h>
#include "ipsec_strerror.h"
static const char *ipsp_dir_strs[] = {
"any", "in", "out",
};
static const char *ipsp_policy_strs[] = {
"discard", "none", "ipsec", "entrust", "bypass",
};
static char *ipsec_dump_ipsecrequest(char *, size_t,
struct sadb_x_ipsecrequest *, size_t);
static int set_addresses(char *, size_t, struct sockaddr *, struct sockaddr *);
static char *set_address(char *, size_t, struct sockaddr *);
/*
* policy is sadb_x_policy buffer.
* Must call free() later.
* When delimiter == NULL, alternatively ' '(space) is applied.
*/
char *
ipsec_dump_policy(policy, delimiter)
caddr_t policy;
char *delimiter;
{
struct sadb_x_policy *xpl = (struct sadb_x_policy *)policy;
struct sadb_x_ipsecrequest *xisr;
size_t off, buflen;
char *buf;
char isrbuf[1024];
char *newbuf;
/* sanity check */
if (policy == NULL)
return NULL;
if (xpl->sadb_x_policy_exttype != SADB_X_EXT_POLICY) {
__ipsec_errcode = EIPSEC_INVAL_EXTTYPE;
return NULL;
}
/* set delimiter */
if (delimiter == NULL)
delimiter = " ";
switch (xpl->sadb_x_policy_dir) {
case IPSEC_DIR_ANY:
case IPSEC_DIR_INBOUND:
case IPSEC_DIR_OUTBOUND:
break;
default:
__ipsec_errcode = EIPSEC_INVAL_DIR;
return NULL;
}
switch (xpl->sadb_x_policy_type) {
case IPSEC_POLICY_DISCARD:
case IPSEC_POLICY_NONE:
case IPSEC_POLICY_IPSEC:
case IPSEC_POLICY_BYPASS:
case IPSEC_POLICY_ENTRUST:
break;
default:
__ipsec_errcode = EIPSEC_INVAL_POLICY;
return NULL;
}
buflen = strlen(ipsp_dir_strs[xpl->sadb_x_policy_dir])
+ 1 /* space */
+ strlen(ipsp_policy_strs[xpl->sadb_x_policy_type])
+ 1; /* NUL */
if ((buf = malloc(buflen)) == NULL) {
__ipsec_errcode = EIPSEC_NO_BUFS;
return NULL;
}
snprintf(buf, buflen, "%s %s", ipsp_dir_strs[xpl->sadb_x_policy_dir],
ipsp_policy_strs[xpl->sadb_x_policy_type]);
if (xpl->sadb_x_policy_type != IPSEC_POLICY_IPSEC) {
__ipsec_errcode = EIPSEC_NO_ERROR;
return buf;
}
/* count length of buffer for use */
off = sizeof(*xpl);
while (off < PFKEY_EXTLEN(xpl)) {
xisr = (struct sadb_x_ipsecrequest *)((caddr_t)xpl + off);
off += xisr->sadb_x_ipsecrequest_len;
}
/* validity check */
if (off != PFKEY_EXTLEN(xpl)) {
__ipsec_errcode = EIPSEC_INVAL_SADBMSG;
free(buf);
return NULL;
}
off = sizeof(*xpl);
while (off < PFKEY_EXTLEN(xpl)) {
xisr = (struct sadb_x_ipsecrequest *)((caddr_t)xpl + off);
if (ipsec_dump_ipsecrequest(isrbuf, sizeof(isrbuf), xisr,
PFKEY_EXTLEN(xpl) - off) == NULL) {
free(buf);
return NULL;
}
buflen = strlen(buf) + strlen(delimiter) + strlen(isrbuf) + 1;
newbuf = (char *)realloc(buf, buflen);
if (newbuf == NULL) {
__ipsec_errcode = EIPSEC_NO_BUFS;
free(buf);
return NULL;
}
buf = newbuf;
snprintf(buf + strlen(buf), buflen - strlen(buf),
"%s%s", delimiter, isrbuf);
off += xisr->sadb_x_ipsecrequest_len;
}
__ipsec_errcode = EIPSEC_NO_ERROR;
return buf;
}
static char *
ipsec_dump_ipsecrequest(buf, len, xisr, bound)
char *buf;
size_t len;
struct sadb_x_ipsecrequest *xisr;
size_t bound; /* boundary */
{
const char *proto, *mode, *level;
char abuf[NI_MAXHOST * 2 + 2];
if (xisr->sadb_x_ipsecrequest_len > bound) {
__ipsec_errcode = EIPSEC_INVAL_PROTO;
return NULL;
}
switch (xisr->sadb_x_ipsecrequest_proto) {
case IPPROTO_ESP:
proto = "esp";
break;
case IPPROTO_AH:
proto = "ah";
break;
case IPPROTO_IPCOMP:
proto = "ipcomp";
break;
case IPPROTO_TCP:
proto = "tcp";
break;
default:
__ipsec_errcode = EIPSEC_INVAL_PROTO;
return NULL;
}
switch (xisr->sadb_x_ipsecrequest_mode) {
case IPSEC_MODE_ANY:
mode = "any";
break;
case IPSEC_MODE_TRANSPORT:
mode = "transport";
break;
case IPSEC_MODE_TUNNEL:
mode = "tunnel";
break;
default:
__ipsec_errcode = EIPSEC_INVAL_MODE;
return NULL;
}
abuf[0] = '\0';
if (xisr->sadb_x_ipsecrequest_len > sizeof(*xisr)) {
struct sockaddr *sa1, *sa2;
caddr_t p;
p = (caddr_t)(xisr + 1);
sa1 = (struct sockaddr *)p;
sa2 = (struct sockaddr *)(p + sa1->sa_len);
if (sizeof(*xisr) + sa1->sa_len + sa2->sa_len !=
xisr->sadb_x_ipsecrequest_len) {
__ipsec_errcode = EIPSEC_INVAL_ADDRESS;
return NULL;
}
if (set_addresses(abuf, sizeof(abuf), sa1, sa2) != 0) {
__ipsec_errcode = EIPSEC_INVAL_ADDRESS;
return NULL;
}
}
switch (xisr->sadb_x_ipsecrequest_level) {
case IPSEC_LEVEL_DEFAULT:
level = "default";
break;
case IPSEC_LEVEL_USE:
level = "use";
break;
case IPSEC_LEVEL_REQUIRE:
level = "require";
break;
case IPSEC_LEVEL_UNIQUE:
level = "unique";
break;
default:
__ipsec_errcode = EIPSEC_INVAL_LEVEL;
return NULL;
}
if (xisr->sadb_x_ipsecrequest_reqid == 0)
snprintf(buf, len, "%s/%s/%s/%s", proto, mode, abuf, level);
else {
int ch;
if (xisr->sadb_x_ipsecrequest_reqid > IPSEC_MANUAL_REQID_MAX)
ch = '#';
else
ch = ':';
snprintf(buf, len, "%s/%s/%s/%s%c%u", proto, mode, abuf, level,
ch, xisr->sadb_x_ipsecrequest_reqid);
}
return buf;
}
static int
set_addresses(buf, len, sa1, sa2)
char *buf;
size_t len;
struct sockaddr *sa1;
struct sockaddr *sa2;
{
char tmp1[NI_MAXHOST], tmp2[NI_MAXHOST];
if (set_address(tmp1, sizeof(tmp1), sa1) == NULL ||
set_address(tmp2, sizeof(tmp2), sa2) == NULL)
return -1;
if (strlen(tmp1) + 1 + strlen(tmp2) + 1 > len)
return -1;
snprintf(buf, len, "%s-%s", tmp1, tmp2);
return 0;
}
static char *
set_address(buf, len, sa)
char *buf;
size_t len;
struct sockaddr *sa;
{
const int niflags = NI_NUMERICHOST;
if (len < 1)
return NULL;
buf[0] = '\0';
if (getnameinfo(sa, sa->sa_len, buf, len, NULL, 0, niflags) != 0)
return NULL;
return buf;
}

92
freebsd/lib/libipsec/ipsec_strerror.c
View File

@ -1,92 +0,0 @@
#include <machine/rtems-bsd-user-space.h>
/* $KAME: ipsec_strerror.c,v 1.7 2000/07/30 00:45:12 itojun Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, 1998, and 1999 WIDE Project.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. Neither the name of the project nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#include <sys/cdefs.h>
__FBSDID("$FreeBSD$");
#include <sys/types.h>
#include <sys/param.h>
#include <string.h>
#include <netipsec/ipsec.h>
#include "ipsec_strerror.h"
int __ipsec_errcode;
static const char *ipsec_errlist[] = {
"Success", /*EIPSEC_NO_ERROR*/
"Not supported", /*EIPSEC_NOT_SUPPORTED*/
"Invalid argument", /*EIPSEC_INVAL_ARGUMENT*/
"Invalid sadb message", /*EIPSEC_INVAL_SADBMSG*/
"Invalid version", /*EIPSEC_INVAL_VERSION*/
"Invalid security policy", /*EIPSEC_INVAL_POLICY*/
"Invalid address specification", /*EIPSEC_INVAL_ADDRESS*/
"Invalid ipsec protocol", /*EIPSEC_INVAL_PROTO*/
"Invalid ipsec mode", /*EIPSEC_INVAL_MODE*/
"Invalid ipsec level", /*EIPSEC_INVAL_LEVEL*/
"Invalid SA type", /*EIPSEC_INVAL_SATYPE*/
"Invalid message type", /*EIPSEC_INVAL_MSGTYPE*/
"Invalid extension type", /*EIPSEC_INVAL_EXTTYPE*/
"Invalid algorithm type", /*EIPSEC_INVAL_ALGS*/
"Invalid key length", /*EIPSEC_INVAL_KEYLEN*/
"Invalid address family", /*EIPSEC_INVAL_FAMILY*/
"Invalid prefix length", /*EIPSEC_INVAL_PREFIXLEN*/
"Invalid direciton", /*EIPSEC_INVAL_DIR*/
"SPI range violation", /*EIPSEC_INVAL_SPI*/
"No protocol specified", /*EIPSEC_NO_PROTO*/
"No algorithm specified", /*EIPSEC_NO_ALGS*/
"No buffers available", /*EIPSEC_NO_BUFS*/
"Must get supported algorithms list first", /*EIPSEC_DO_GET_SUPP_LIST*/
"Protocol mismatch", /*EIPSEC_PROTO_MISMATCH*/
"Family mismatch", /*EIPSEC_FAMILY_MISMATCH*/
"Too few arguments", /*EIPSEC_FEW_ARGUMENTS*/
NULL, /*EIPSEC_SYSTEM_ERROR*/
"Unknown error", /*EIPSEC_MAX*/
};
const char *ipsec_strerror(void)
{
if (__ipsec_errcode < 0 || __ipsec_errcode > EIPSEC_MAX)
__ipsec_errcode = EIPSEC_MAX;
return ipsec_errlist[__ipsec_errcode];
}
void __ipsec_set_strerror(const char *str)
{
__ipsec_errcode = EIPSEC_SYSTEM_ERROR;
ipsec_errlist[EIPSEC_SYSTEM_ERROR] = str;
return;
}

63
freebsd/lib/libipsec/ipsec_strerror.h
View File

@ -1,63 +0,0 @@
/* $FreeBSD$ */
/* $KAME: ipsec_strerror.h,v 1.8 2000/07/30 00:45:12 itojun Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, 1998, and 1999 WIDE Project.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. Neither the name of the project nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
extern int __ipsec_errcode;
extern void __ipsec_set_strerror(const char *);
#define EIPSEC_NO_ERROR 0 /*success*/
#define EIPSEC_NOT_SUPPORTED 1 /*not supported*/
#define EIPSEC_INVAL_ARGUMENT 2 /*invalid argument*/
#define EIPSEC_INVAL_SADBMSG 3 /*invalid sadb message*/
#define EIPSEC_INVAL_VERSION 4 /*invalid version*/
#define EIPSEC_INVAL_POLICY 5 /*invalid security policy*/
#define EIPSEC_INVAL_ADDRESS 6 /*invalid address specification*/
#define EIPSEC_INVAL_PROTO 7 /*invalid ipsec protocol*/
#define EIPSEC_INVAL_MODE 8 /*Invalid ipsec mode*/
#define EIPSEC_INVAL_LEVEL 9 /*invalid ipsec level*/
#define EIPSEC_INVAL_SATYPE 10 /*invalid SA type*/
#define EIPSEC_INVAL_MSGTYPE 11 /*invalid message type*/
#define EIPSEC_INVAL_EXTTYPE 12 /*invalid extension type*/
#define EIPSEC_INVAL_ALGS 13 /*Invalid algorithm type*/
#define EIPSEC_INVAL_KEYLEN 14 /*invalid key length*/
#define EIPSEC_INVAL_FAMILY 15 /*invalid address family*/
#define EIPSEC_INVAL_PREFIXLEN 16 /*SPI range violation*/
#define EIPSEC_INVAL_DIR 17 /*Invalid direciton*/
#define EIPSEC_INVAL_SPI 18 /*invalid prefixlen*/
#define EIPSEC_NO_PROTO 19 /*no protocol specified*/
#define EIPSEC_NO_ALGS 20 /*No algorithm specified*/
#define EIPSEC_NO_BUFS 21 /*no buffers available*/
#define EIPSEC_DO_GET_SUPP_LIST 22 /*must get supported algorithm first*/
#define EIPSEC_PROTO_MISMATCH 23 /*protocol mismatch*/
#define EIPSEC_FAMILY_MISMATCH 24 /*family mismatch*/
#define EIPSEC_FEW_ARGUMENTS 25 /*Too few arguments*/
#define EIPSEC_SYSTEM_ERROR 26 /*system error*/
#define EIPSEC_MAX 27 /*unknown error*/

86
freebsd/lib/libipsec/libpfkey.h
View File

@ -1,86 +0,0 @@
/* $FreeBSD$ */
/* $KAME: libpfkey.h,v 1.6 2001/03/05 18:22:17 thorpej Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. Neither the name of the project nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
struct sadb_msg;
extern void pfkey_sadump(struct sadb_msg *);
extern void pfkey_spdump(struct sadb_msg *);
struct sockaddr;
struct sadb_alg;
int ipsec_check_keylen(u_int, u_int, u_int);
int ipsec_check_keylen2(u_int, u_int, u_int);
int ipsec_get_keylen(u_int, u_int, struct sadb_alg *);
u_int pfkey_set_softrate(u_int, u_int);
u_int pfkey_get_softrate(u_int);
int pfkey_send_getspi(int, u_int, u_int, struct sockaddr *, struct sockaddr *,
u_int32_t, u_int32_t, u_int32_t, u_int32_t);
int pfkey_send_update(int, u_int, u_int, struct sockaddr *, struct sockaddr *,
u_int32_t, u_int32_t, u_int, caddr_t, u_int, u_int, u_int, u_int,
u_int, u_int32_t, u_int64_t, u_int64_t, u_int64_t, u_int32_t);
int pfkey_send_add(int, u_int, u_int, struct sockaddr *, struct sockaddr *,
u_int32_t, u_int32_t, u_int, caddr_t, u_int, u_int, u_int, u_int,
u_int, u_int32_t, u_int64_t, u_int64_t, u_int64_t, u_int32_t);
int pfkey_send_delete(int, u_int, u_int, struct sockaddr *, struct sockaddr *,
u_int32_t);
int pfkey_send_delete_all(int, u_int, u_int, struct sockaddr *,
struct sockaddr *);
int pfkey_send_get(int, u_int, u_int, struct sockaddr *, struct sockaddr *,
u_int32_t);
int pfkey_send_register(int, u_int);
int pfkey_recv_register(int);
int pfkey_set_supported(struct sadb_msg *, int);
int pfkey_send_flush(int, u_int);
int pfkey_send_dump(int, u_int);
int pfkey_send_promisc_toggle(int, int);
int pfkey_send_spdadd(int, struct sockaddr *, u_int, struct sockaddr *, u_int,
u_int, caddr_t, int, u_int32_t);
int pfkey_send_spdadd2(int, struct sockaddr *, u_int, struct sockaddr *, u_int,
u_int, u_int64_t, u_int64_t, caddr_t, int, u_int32_t);
int pfkey_send_spdupdate(int, struct sockaddr *, u_int, struct sockaddr *,
u_int, u_int, caddr_t, int, u_int32_t);
int pfkey_send_spdupdate2(int, struct sockaddr *, u_int, struct sockaddr *,
u_int, u_int, u_int64_t, u_int64_t, caddr_t, int, u_int32_t);
int pfkey_send_spddelete(int, struct sockaddr *, u_int, struct sockaddr *,
u_int, u_int, caddr_t, int, u_int32_t);
int pfkey_send_spddelete2(int, u_int32_t);
int pfkey_send_spdget(int, u_int32_t);
int pfkey_send_spdsetidx(int, struct sockaddr *, u_int, struct sockaddr *,
u_int, u_int, caddr_t, int, u_int32_t);
int pfkey_send_spdflush(int);
int pfkey_send_spddump(int);
int pfkey_open(void);
void pfkey_close(int);
struct sadb_msg *pfkey_recv(int);
int pfkey_send(int, struct sadb_msg *, int);
int pfkey_align(struct sadb_msg *, caddr_t *);
int pfkey_check(caddr_t *);

2136
freebsd/lib/libipsec/pfkey.c
View File

File diff suppressed because it is too large Load Diff

682
freebsd/lib/libipsec/pfkey_dump.c
View File

@ -1,682 +0,0 @@
#include <machine/rtems-bsd-user-space.h>
/* $KAME: pfkey_dump.c,v 1.45 2003/09/08 10:14:56 itojun Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, 1998, and 1999 WIDE Project.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. Neither the name of the project nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#include <sys/cdefs.h>
__FBSDID("$FreeBSD$");
#include <sys/types.h>
#include <sys/param.h>
#include <sys/socket.h>
#include <net/if.h>
#include <net/pfkeyv2.h>
#include <netipsec/ipsec.h>
#include <netipsec/key_var.h>
#include <netipsec/key_debug.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <stdlib.h>
#include <unistd.h>
#include <stdio.h>
#include <string.h>
#include <time.h>
#include <netdb.h>
#include "ipsec_strerror.h"
#include "libpfkey.h"
/* cope with old kame headers - ugly */
#ifndef SADB_X_AALG_MD5
#define SADB_X_AALG_MD5 SADB_AALG_MD5
#endif
#ifndef SADB_X_AALG_SHA
#define SADB_X_AALG_SHA SADB_AALG_SHA
#endif
#ifndef SADB_X_AALG_NULL
#define SADB_X_AALG_NULL SADB_AALG_NULL
#endif
#ifndef SADB_X_EALG_BLOWFISHCBC
#define SADB_X_EALG_BLOWFISHCBC SADB_EALG_BLOWFISHCBC
#endif
#ifndef SADB_X_EALG_CAST128CBC
#define SADB_X_EALG_CAST128CBC SADB_EALG_CAST128CBC
#endif
#ifndef SADB_X_EALG_RC5CBC
#ifdef SADB_EALG_RC5CBC
#define SADB_X_EALG_RC5CBC SADB_EALG_RC5CBC
#endif
#endif
#define GETMSGSTR(str, num) \
do { \
if (sizeof((str)[0]) == 0 \
|| num >= sizeof(str)/sizeof((str)[0])) \
printf("%u ", (num)); \
else if (strlen((str)[(num)]) == 0) \
printf("%u ", (num)); \
else \
printf("%s ", (str)[(num)]); \
} while (0)
#define GETMSGV2S(v2s, num) \
do { \
struct val2str *p; \
for (p = (v2s); p && p->str; p++) { \
if (p->val == (num)) \
break; \
} \
if (p && p->str) \
printf("%s ", p->str); \
else \
printf("%u ", (num)); \
} while (0)
static char *str_ipaddr(struct sockaddr *);
static char *str_prefport(u_int, u_int, u_int, u_int);
static void str_upperspec(u_int, u_int, u_int);
static char *str_time(time_t);
static void str_lifetime_byte(struct sadb_lifetime *, char *);
struct val2str {
int val;
const char *str;
};
/*
* Must to be re-written about following strings.
*/
static char *str_satype[] = {
"unspec",
"unknown",
"ah",
"esp",
"unknown",
"rsvp",
"ospfv2",
"ripv2",
"mip",
"ipcomp",
"policy",
"tcp"
};
static char *str_mode[] = {
"any",
"transport",
"tunnel",
};
static char *str_state[] = {
"larval",
"mature",
"dying",
"dead",
};
static struct val2str str_alg_auth[] = {
{ SADB_AALG_NONE, "none", },
{ SADB_AALG_MD5HMAC, "hmac-md5", },
{ SADB_AALG_SHA1HMAC, "hmac-sha1", },
{ SADB_X_AALG_MD5, "md5", },
{ SADB_X_AALG_SHA, "sha", },
{ SADB_X_AALG_NULL, "null", },
{ SADB_X_AALG_TCP_MD5, "tcp-md5", },
#ifdef SADB_X_AALG_SHA2_256
{ SADB_X_AALG_SHA2_256, "hmac-sha2-256", },
#endif
#ifdef SADB_X_AALG_SHA2_384
{ SADB_X_AALG_SHA2_384, "hmac-sha2-384", },
#endif
#ifdef SADB_X_AALG_SHA2_512
{ SADB_X_AALG_SHA2_512, "hmac-sha2-512", },
#endif
#ifdef SADB_X_AALG_RIPEMD160HMAC
{ SADB_X_AALG_RIPEMD160HMAC, "hmac-ripemd160", },
#endif
#ifdef SADB_X_AALG_AES_XCBC_MAC
{ SADB_X_AALG_AES_XCBC_MAC, "aes-xcbc-mac", },
#endif
{ -1, NULL, },
};
static struct val2str str_alg_enc[] = {
{ SADB_EALG_NONE, "none", },
{ SADB_EALG_DESCBC, "des-cbc", },
{ SADB_EALG_3DESCBC, "3des-cbc", },
{ SADB_EALG_NULL, "null", },
#ifdef SADB_X_EALG_RC5CBC
{ SADB_X_EALG_RC5CBC, "rc5-cbc", },
#endif
{ SADB_X_EALG_CAST128CBC, "cast128-cbc", },
{ SADB_X_EALG_BLOWFISHCBC, "blowfish-cbc", },
#ifdef SADB_X_EALG_RIJNDAELCBC
{ SADB_X_EALG_RIJNDAELCBC, "rijndael-cbc", },
#endif
#ifdef SADB_X_EALG_TWOFISHCBC
{ SADB_X_EALG_TWOFISHCBC, "twofish-cbc", },
#endif
#ifdef SADB_X_EALG_AESCTR
{ SADB_X_EALG_AESCTR, "aes-ctr", },
#endif
#ifdef SADB_X_EALG_AESGCM16
{ SADB_X_EALG_AESGCM16, "aes-gcm-16", },
#endif
#ifdef SADB_X_EALG_CAMELLIACBC
{ SADB_X_EALG_CAMELLIACBC, "camellia-cbc", },
#endif
{ -1, NULL, },
};
static struct val2str str_alg_comp[] = {
{ SADB_X_CALG_NONE, "none", },
{ SADB_X_CALG_OUI, "oui", },
{ SADB_X_CALG_DEFLATE, "deflate", },
{ SADB_X_CALG_LZS, "lzs", },
{ -1, NULL, },
};
static struct val2str str_sp_scope[] = {
{ IPSEC_POLICYSCOPE_GLOBAL, "global" },
{ IPSEC_POLICYSCOPE_IFNET, "ifnet" },
{ IPSEC_POLICYSCOPE_PCB, "pcb"},
{ -1, NULL },
};
/*
* dump SADB_MSG formated. For debugging, you should use kdebug_sadb().
*/
void
pfkey_sadump(m)
struct sadb_msg *m;
{
caddr_t mhp[SADB_EXT_MAX + 1];
struct sadb_sa *m_sa;
struct sadb_x_sa2 *m_sa2;
struct sadb_lifetime *m_lftc, *m_lfth, *m_lfts;
struct sadb_address *m_saddr, *m_daddr, *m_paddr;
struct sadb_key *m_auth, *m_enc;
struct sadb_ident *m_sid, *m_did;
struct sadb_sens *m_sens;
struct sadb_x_sa_replay *m_sa_replay;
struct sadb_x_nat_t_type *natt_type;
struct sadb_x_nat_t_port *natt_sport, *natt_dport;
struct sadb_address *natt_oai, *natt_oar;
/* check pfkey message. */
if (pfkey_align(m, mhp)) {
printf("%s\n", ipsec_strerror());
return;
}
if (pfkey_check(mhp)) {
printf("%s\n", ipsec_strerror());
return;
}
m_sa = (struct sadb_sa *)mhp[SADB_EXT_SA];
m_sa2 = (struct sadb_x_sa2 *)mhp[SADB_X_EXT_SA2];
m_lftc = (struct sadb_lifetime *)mhp[SADB_EXT_LIFETIME_CURRENT];
m_lfth = (struct sadb_lifetime *)mhp[SADB_EXT_LIFETIME_HARD];
m_lfts = (struct sadb_lifetime *)mhp[SADB_EXT_LIFETIME_SOFT];
m_saddr = (struct sadb_address *)mhp[SADB_EXT_ADDRESS_SRC];
m_daddr = (struct sadb_address *)mhp[SADB_EXT_ADDRESS_DST];
m_paddr = (struct sadb_address *)mhp[SADB_EXT_ADDRESS_PROXY];
m_auth = (struct sadb_key *)mhp[SADB_EXT_KEY_AUTH];
m_enc = (struct sadb_key *)mhp[SADB_EXT_KEY_ENCRYPT];
m_sid = (struct sadb_ident *)mhp[SADB_EXT_IDENTITY_SRC];
m_did = (struct sadb_ident *)mhp[SADB_EXT_IDENTITY_DST];
m_sens = (struct sadb_sens *)mhp[SADB_EXT_SENSITIVITY];
m_sa_replay = (struct sadb_x_sa_replay *)mhp[SADB_X_EXT_SA_REPLAY];
natt_type = (struct sadb_x_nat_t_type *)mhp[SADB_X_EXT_NAT_T_TYPE];
natt_sport = (struct sadb_x_nat_t_port *)mhp[SADB_X_EXT_NAT_T_SPORT];
natt_dport = (struct sadb_x_nat_t_port *)mhp[SADB_X_EXT_NAT_T_DPORT];
natt_oai = (struct sadb_address *)mhp[SADB_X_EXT_NAT_T_OAI];
natt_oar = (struct sadb_address *)mhp[SADB_X_EXT_NAT_T_OAR];
/* source address */
if (m_saddr == NULL) {
printf("no ADDRESS_SRC extension.\n");
return;
}
printf("%s", str_ipaddr((struct sockaddr *)(m_saddr + 1)));
if (natt_type != NULL && natt_sport != NULL)
printf("[%u]", ntohs(natt_sport->sadb_x_nat_t_port_port));
/* destination address */
if (m_daddr == NULL) {
printf("\nno ADDRESS_DST extension.\n");
return;
}
printf(" %s", str_ipaddr((struct sockaddr *)(m_daddr + 1)));
if (natt_type != NULL && natt_dport != NULL)
printf("[%u]", ntohs(natt_dport->sadb_x_nat_t_port_port));
/* SA type */
if (m_sa == NULL) {
printf("\nno SA extension.\n");
return;
}
if (m_sa2 == NULL) {
printf("\nno SA2 extension.\n");
return;
}
printf("\n\t");
if (m->sadb_msg_satype == SADB_SATYPE_ESP && natt_type != NULL)
printf("esp-udp ");
else
GETMSGSTR(str_satype, m->sadb_msg_satype);
printf("mode=");
GETMSGSTR(str_mode, m_sa2->sadb_x_sa2_mode);
printf("spi=%u(0x%08x) reqid=%u(0x%08x)\n",
(u_int32_t)ntohl(m_sa->sadb_sa_spi),
(u_int32_t)ntohl(m_sa->sadb_sa_spi),
(u_int32_t)m_sa2->sadb_x_sa2_reqid,
(u_int32_t)m_sa2->sadb_x_sa2_reqid);
/* other NAT-T information */
if (natt_type != NULL && (natt_oai != NULL || natt_oar != NULL)) {
printf("\tNAT:");
if (natt_oai != NULL)
printf(" OAI=%s",
str_ipaddr((struct sockaddr *)(natt_oai + 1)));
if (natt_oar != NULL)
printf(" OAR=%s",
str_ipaddr((struct sockaddr *)(natt_oar + 1)));
printf("\n");
}
/* encryption key */
if (m->sadb_msg_satype == SADB_X_SATYPE_IPCOMP) {
printf("\tC: ");
GETMSGV2S(str_alg_comp, m_sa->sadb_sa_encrypt);
} else if (m->sadb_msg_satype == SADB_SATYPE_ESP) {
if (m_enc != NULL) {
printf("\tE: ");
GETMSGV2S(str_alg_enc, m_sa->sadb_sa_encrypt);
ipsec_hexdump((caddr_t)m_enc + sizeof(*m_enc),
m_enc->sadb_key_bits / 8);
printf("\n");
}
}
/* authentication key */
if (m_auth != NULL) {
printf("\tA: ");
GETMSGV2S(str_alg_auth, m_sa->sadb_sa_auth);
ipsec_hexdump((caddr_t)m_auth + sizeof(*m_auth),
m_auth->sadb_key_bits / 8);
printf("\n");
}
/* replay windoe size & flags */
printf("\tseq=0x%08x replay=%u flags=0x%08x ",
m_sa2->sadb_x_sa2_sequence,
m_sa_replay ? (m_sa_replay->sadb_x_sa_replay_replay >> 3) :
m_sa->sadb_sa_replay,
m_sa->sadb_sa_flags);
/* state */
printf("state=");
GETMSGSTR(str_state, m_sa->sadb_sa_state);
printf("\n");
/* lifetime */
if (m_lftc != NULL) {
time_t tmp_time = time(0);
printf("\tcreated: %s",
str_time(m_lftc->sadb_lifetime_addtime));
printf("\tcurrent: %s\n", str_time(tmp_time));
printf("\tdiff: %lu(s)",
(u_long)(m_lftc->sadb_lifetime_addtime == 0 ?
0 : (tmp_time - m_lftc->sadb_lifetime_addtime)));
printf("\thard: %lu(s)",
(u_long)(m_lfth == NULL ?
0 : m_lfth->sadb_lifetime_addtime));
printf("\tsoft: %lu(s)\n",
(u_long)(m_lfts == NULL ?
0 : m_lfts->sadb_lifetime_addtime));
printf("\tlast: %s",
str_time(m_lftc->sadb_lifetime_usetime));
printf("\thard: %lu(s)",
(u_long)(m_lfth == NULL ?
0 : m_lfth->sadb_lifetime_usetime));
printf("\tsoft: %lu(s)\n",
(u_long)(m_lfts == NULL ?
0 : m_lfts->sadb_lifetime_usetime));
str_lifetime_byte(m_lftc, "current");
str_lifetime_byte(m_lfth, "hard");
str_lifetime_byte(m_lfts, "soft");
printf("\n");
printf("\tallocated: %lu",
(unsigned long)m_lftc->sadb_lifetime_allocations);
printf("\thard: %lu",
(u_long)(m_lfth == NULL ?
0 : m_lfth->sadb_lifetime_allocations));
printf("\tsoft: %lu\n",
(u_long)(m_lfts == NULL ?
0 : m_lfts->sadb_lifetime_allocations));
}
printf("\tsadb_seq=%lu pid=%lu ",
(u_long)m->sadb_msg_seq,
(u_long)m->sadb_msg_pid);
/* XXX DEBUG */
printf("refcnt=%u\n", m->sadb_msg_reserved);
return;
}
void
pfkey_spdump(struct sadb_msg *m)
{
char pbuf[NI_MAXSERV];
caddr_t mhp[SADB_EXT_MAX + 1];
struct sadb_address *m_saddr, *m_daddr;
struct sadb_x_policy *m_xpl;
struct sadb_lifetime *m_lftc = NULL, *m_lfth = NULL;
struct sockaddr *sa;
u_int16_t sport = 0, dport = 0;
/* check pfkey message. */
if (pfkey_align(m, mhp)) {
printf("%s\n", ipsec_strerror());
return;
}
if (pfkey_check(mhp)) {
printf("%s\n", ipsec_strerror());
return;
}
m_saddr = (struct sadb_address *)mhp[SADB_EXT_ADDRESS_SRC];
m_daddr = (struct sadb_address *)mhp[SADB_EXT_ADDRESS_DST];
m_xpl = (struct sadb_x_policy *)mhp[SADB_X_EXT_POLICY];
m_lftc = (struct sadb_lifetime *)mhp[SADB_EXT_LIFETIME_CURRENT];
m_lfth = (struct sadb_lifetime *)mhp[SADB_EXT_LIFETIME_HARD];
if (m_saddr && m_daddr) {
/* source address */
sa = (struct sockaddr *)(m_saddr + 1);
switch (sa->sa_family) {
case AF_INET:
case AF_INET6:
if (getnameinfo(sa, sa->sa_len, NULL, 0,
pbuf, sizeof(pbuf), NI_NUMERICSERV) != 0)
sport = 0; /*XXX*/
else
sport = atoi(pbuf);
printf("%s%s ", str_ipaddr(sa),
str_prefport(sa->sa_family,
m_saddr->sadb_address_prefixlen, sport,
m_saddr->sadb_address_proto));
break;
default:
printf("unknown-af ");
break;
}
/* destination address */
sa = (struct sockaddr *)(m_daddr + 1);
switch (sa->sa_family) {
case AF_INET:
case AF_INET6:
if (getnameinfo(sa, sa->sa_len, NULL, 0,
pbuf, sizeof(pbuf), NI_NUMERICSERV) != 0)
dport = 0; /*XXX*/
else
dport = atoi(pbuf);
printf("%s%s ", str_ipaddr(sa),
str_prefport(sa->sa_family,
m_daddr->sadb_address_prefixlen, dport,
m_saddr->sadb_address_proto));
break;
default:
printf("unknown-af ");
break;
}
/* upper layer protocol */
if (m_saddr->sadb_address_proto !=
m_daddr->sadb_address_proto) {
printf("upper layer protocol mismatched.\n");
return;
}
str_upperspec(m_saddr->sadb_address_proto, sport, dport);
}
else
printf("(no selector, probably per-socket policy) ");
/* policy */
{
char *d_xpl;
if (m_xpl == NULL) {
printf("no X_POLICY extension.\n");
return;
}
d_xpl = ipsec_dump_policy((char *)m_xpl, "\n\t");
/* dump SPD */
printf("\n\t%s\n", d_xpl);
free(d_xpl);
}
/* lifetime */
if (m_lftc) {
printf("\tcreated: %s ",
str_time(m_lftc->sadb_lifetime_addtime));
printf("lastused: %s\n",
str_time(m_lftc->sadb_lifetime_usetime));
}
if (m_lfth) {
printf("\tlifetime: %lu(s) ",
(u_long)m_lfth->sadb_lifetime_addtime);
printf("validtime: %lu(s)\n",
(u_long)m_lfth->sadb_lifetime_usetime);
}
printf("\tspid=%ld seq=%ld pid=%ld scope=",
(u_long)m_xpl->sadb_x_policy_id,
(u_long)m->sadb_msg_seq,
(u_long)m->sadb_msg_pid);
GETMSGV2S(str_sp_scope, m_xpl->sadb_x_policy_scope);
if (m_xpl->sadb_x_policy_scope == IPSEC_POLICYSCOPE_IFNET &&
if_indextoname(m_xpl->sadb_x_policy_ifindex, pbuf) != NULL)
printf("ifname=%s", pbuf);
printf("\n");
/* XXX TEST */
printf("\trefcnt=%u\n", m->sadb_msg_reserved);
return;
}
/*
* set "ipaddress" to buffer.
*/
static char *
str_ipaddr(sa)
struct sockaddr *sa;
{
static char buf[NI_MAXHOST];
const int niflag = NI_NUMERICHOST;
if (sa == NULL)
return "";
if (getnameinfo(sa, sa->sa_len, buf, sizeof(buf), NULL, 0, niflag) == 0)
return buf;
return NULL;
}
/*
* set "/prefix[port number]" to buffer.
*/
static char *
str_prefport(family, pref, port, ulp)
u_int family, pref, port, ulp;
{
static char buf[128];
char prefbuf[128];
char portbuf[128];
int plen;
switch (family) {
case AF_INET:
plen = sizeof(struct in_addr) << 3;
break;
case AF_INET6:
plen = sizeof(struct in6_addr) << 3;
break;
default:
return "?";
}
if (pref == plen)
prefbuf[0] = '\0';
else
snprintf(prefbuf, sizeof(prefbuf), "/%u", pref);
if (ulp == IPPROTO_ICMPV6)
memset(portbuf, 0, sizeof(portbuf));
else {
if (port == IPSEC_PORT_ANY)
snprintf(portbuf, sizeof(portbuf), "[%s]", "any");
else
snprintf(portbuf, sizeof(portbuf), "[%u]", port);
}
snprintf(buf, sizeof(buf), "%s%s", prefbuf, portbuf);
return buf;
}
static void
str_upperspec(ulp, p1, p2)
u_int ulp, p1, p2;
{
if (ulp == IPSEC_ULPROTO_ANY)
printf("any");
else if (ulp == IPPROTO_ICMPV6) {
printf("icmp6");
if (!(p1 == IPSEC_PORT_ANY && p2 == IPSEC_PORT_ANY))
printf(" %u,%u", p1, p2);
} else {
struct protoent *ent;
switch (ulp) {
case IPPROTO_IPV4:
printf("ip4");
break;
default:
ent = getprotobynumber(ulp);
if (ent)
printf("%s", ent->p_name);
else
printf("%u", ulp);
endprotoent();
break;
}
}
}
/*
* set "Mon Day Time Year" to buffer
*/
static char *
str_time(t)
time_t t;
{
static char buf[128];
if (t == 0) {
int i = 0;
for (;i < 20;) buf[i++] = ' ';
} else {
char *t0;
t0 = ctime(&t);
memcpy(buf, t0 + 4, 20);
}
buf[20] = '\0';
return(buf);
}
static void
str_lifetime_byte(x, str)
struct sadb_lifetime *x;
char *str;
{
double y;
char *unit;
int w;
if (x == NULL) {
printf("\t%s: 0(bytes)", str);
return;
}
#if 0
if ((x->sadb_lifetime_bytes) / 1024 / 1024) {
y = (x->sadb_lifetime_bytes) * 1.0 / 1024 / 1024;
unit = "M";
w = 1;
} else if ((x->sadb_lifetime_bytes) / 1024) {
y = (x->sadb_lifetime_bytes) * 1.0 / 1024;
unit = "K";
w = 1;
} else {
y = (x->sadb_lifetime_bytes) * 1.0;
unit = "";
w = 0;
}
#else
y = (x->sadb_lifetime_bytes) * 1.0;
unit = "";
w = 0;
#endif
printf("\t%s: %.*f(%sbytes)", str, w, y, unit);
}

966
freebsd/lib/libipsec/policy_parse.c
View File

@ -1,966 +0,0 @@
/* original parser id follows */
/* yysccsid[] = "@(#)yaccpar 1.9 (Berkeley) 02/21/93" */
/* (use YYMAJOR/YYMINOR for ifdefs dependent on parser version) */
#define YYBYACC 1
#define YYMAJOR 1
#define YYMINOR 9
#define YYPATCH 20160324
#define YYEMPTY (-1)
#define yyclearin (yychar = YYEMPTY)
#define yyerrok (yyerrflag = 0)
#define YYRECOVERING() (yyerrflag != 0)
#define YYENOMEM (-2)
#define YYEOF 0
#ifndef yyparse
#define yyparse __libipsecyyparse
#endif /* yyparse */
#ifndef yylex
#define yylex __libipsecyylex
#endif /* yylex */
#ifndef yyerror
#define yyerror __libipsecyyerror
#endif /* yyerror */
#ifndef yychar
#define yychar __libipsecyychar
#endif /* yychar */
#ifndef yyval
#define yyval __libipsecyyval
#endif /* yyval */
#ifndef yylval
#define yylval __libipsecyylval
#endif /* yylval */
#ifndef yydebug
#define yydebug __libipsecyydebug
#endif /* yydebug */
#ifndef yynerrs
#define yynerrs __libipsecyynerrs
#endif /* yynerrs */
#ifndef yyerrflag
#define yyerrflag __libipsecyyerrflag
#endif /* yyerrflag */
#ifndef yylhs
#define yylhs __libipsecyylhs
#endif /* yylhs */
#ifndef yylen
#define yylen __libipsecyylen
#endif /* yylen */
#ifndef yydefred
#define yydefred __libipsecyydefred
#endif /* yydefred */
#ifndef yydgoto
#define yydgoto __libipsecyydgoto
#endif /* yydgoto */
#ifndef yysindex
#define yysindex __libipsecyysindex
#endif /* yysindex */
#ifndef yyrindex
#define yyrindex __libipsecyyrindex
#endif /* yyrindex */
#ifndef yygindex
#define yygindex __libipsecyygindex
#endif /* yygindex */
#ifndef yytable
#define yytable __libipsecyytable
#endif /* yytable */
#ifndef yycheck
#define yycheck __libipsecyycheck
#endif /* yycheck */
#ifndef yyname
#define yyname __libipsecyyname
#endif /* yyname */
#ifndef yyrule
#define yyrule __libipsecyyrule
#endif /* yyrule */
#define YYPREFIX "__libipsecyy"
#define YYPURE 0
#line 52 "../../freebsd/lib/libipsec/policy_parse.y"
#include <sys/cdefs.h>
__FBSDID("$FreeBSD$");
#include <sys/types.h>
#include <sys/param.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <netipsec/ipsec.h>
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
#include <netdb.h>
#include "ipsec_strerror.h"
#define ATOX(c) \
(isdigit(c) ? (c - '0') : (isupper(c) ? (c - 'A' + 10) : (c - 'a' + 10) ))
static caddr_t pbuf = NULL; /* sadb_x_policy buffer */
static int tlen = 0; /* total length of pbuf */
static int offset = 0; /* offset of pbuf */
static int p_dir, p_type, p_protocol, p_mode, p_level, p_reqid;
static struct sockaddr *p_src = NULL;
static struct sockaddr *p_dst = NULL;
struct _val;
extern void yyerror(char *msg);
static struct sockaddr *parse_sockaddr(struct _val *buf);
static int rule_check(void);
static int init_x_policy(void);
static int set_x_request(struct sockaddr *src, struct sockaddr *dst);
static int set_sockaddr(struct sockaddr *addr);
static void policy_parse_request_init(void);
static caddr_t policy_parse(char *msg, int msglen);
extern void __policy__strbuffer__init__(char *msg);
extern void __policy__strbuffer__free__(void);
extern int yylex(void);
extern char *__libipsecyytext; /*XXX*/
#line 97 "../../freebsd/lib/libipsec/policy_parse.y"
#ifdef YYSTYPE
#undef YYSTYPE_IS_DECLARED
#define YYSTYPE_IS_DECLARED 1
#endif
#ifndef YYSTYPE_IS_DECLARED
#define YYSTYPE_IS_DECLARED 1
typedef union {
u_int num;
struct _val {
int len;
char *buf;
} val;
} YYSTYPE;
#endif /* !YYSTYPE_IS_DECLARED */
#line 160 "__libipsecyy.tab.c"
/* compatibility with bison */
#ifdef YYPARSE_PARAM
/* compatibility with FreeBSD */
# ifdef YYPARSE_PARAM_TYPE
# define YYPARSE_DECL() yyparse(YYPARSE_PARAM_TYPE YYPARSE_PARAM)
# else
# define YYPARSE_DECL() yyparse(void *YYPARSE_PARAM)
# endif
#else
# define YYPARSE_DECL() yyparse(void)
#endif
/* Parameters sent to lex. */
#ifdef YYLEX_PARAM
# define YYLEX_DECL() yylex(void *YYLEX_PARAM)
# define YYLEX yylex(YYLEX_PARAM)
#else
# define YYLEX_DECL() yylex(void)
# define YYLEX yylex()
#endif
/* Parameters sent to yyerror. */
#ifndef YYERROR_DECL
#define YYERROR_DECL() yyerror(const char *s)
#endif
#ifndef YYERROR_CALL
#define YYERROR_CALL(msg) yyerror(msg)
#endif
extern int YYPARSE_DECL();
#define DIR 257
#define ACTION 258
#define PROTOCOL 259
#define MODE 260
#define LEVEL 261
#define LEVEL_SPECIFY 262
#define IPADDRESS 263
#define ME 264
#define ANY 265
#define SLASH 266
#define HYPHEN 267
#define YYERRCODE 256
typedef int YYINT;
static const YYINT __libipsecyylhs[] = { -1,
2, 0, 0, 1, 1, 3, 3, 3, 3, 3,
3, 3, 3, 4, 5, 7, 7, 8, 6, 6,
6,
};
static const YYINT __libipsecyylen[] = { 2,
0, 4, 1, 0, 2, 7, 6, 5, 4, 6,
3, 2, 1, 1, 1, 1, 1, 0, 4, 3,
3,
};
static const YYINT __libipsecyydefred[] = { 0,
0, 0, 1, 4, 0, 14, 5, 0, 0, 15,
0, 0, 18, 0, 0, 0, 0, 0, 0, 0,
16, 17, 10, 0, 0, 20, 21, 6, 19,
};
static const YYINT __libipsecyydgoto[] = { 2,
5, 4, 7, 8, 11, 17, 23, 18,
};
static const YYINT __libipsecyysindex[] = { -257,
-245, 0, 0, 0, -244, 0, 0, -252, -243, 0,
-248, -256, 0, -251, -247, -250, -242, -246, -240, -241,
0, 0, 0, -250, -237, 0, 0, 0, 0,
};
static const YYINT __libipsecyyrindex[] = { 0,
19, 0, 0, 0, 22, 0, 0, 1, 2, 0,
3, 4, 0, 0, 0, 0, 5, 0, 0, 0,
0, 0, 0, 6, 0, 0, 0, 0, 0,
};
static const YYINT __libipsecyygindex[] = { 0,
0, 0, 0, 0, 0, 0, 7, 0,
};
#define YYTABLESIZE 265
static const YYINT __libipsecyytable[] = { 1,
13, 12, 11, 9, 8, 7, 13, 14, 15, 16,
21, 22, 3, 9, 6, 19, 10, 12, 3, 20,
25, 2, 27, 24, 26, 29, 0, 0, 0, 0,
28, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 13,
12, 11, 9, 8, 7,
};
static const YYINT __libipsecyycheck[] = { 257,
0, 0, 0, 0, 0, 0, 263, 264, 265, 266,
261, 262, 258, 266, 259, 267, 260, 266, 0, 267,
267, 0, 264, 266, 265, 263, -1, -1, -1, -1,
24, -1, -1, -1, -1, -1, -1, -1, -1, -1,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
-1, -1, -1, -1, -1, -1, -1, -1, -1, 259,
259, 259, 259, 259, 259,
};
#define YYFINAL 2
#ifndef YYDEBUG
#define YYDEBUG 0
#endif
#define YYMAXTOKEN 267
#define YYUNDFTOKEN 278
#define YYTRANSLATE(a) ((a) > YYMAXTOKEN ? YYUNDFTOKEN : (a))
#if YYDEBUG
static const char *const __libipsecyyname[] = {
"end-of-file",0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,"DIR","ACTION","PROTOCOL","MODE",
"LEVEL","LEVEL_SPECIFY","IPADDRESS","ME","ANY","SLASH","HYPHEN",0,0,0,0,0,0,0,0,
0,0,"illegal-symbol",
};
static const char *const __libipsecyyrule[] = {
"$accept : policy_spec",
"$$1 :",
"policy_spec : DIR ACTION $$1 rules",
"policy_spec : DIR",
"rules :",
"rules : rules rule",
"rule : protocol SLASH mode SLASH addresses SLASH level",
"rule : protocol SLASH mode SLASH addresses SLASH",
"rule : protocol SLASH mode SLASH addresses",
"rule : protocol SLASH mode SLASH",
"rule : protocol SLASH mode SLASH SLASH level",
"rule : protocol SLASH mode",
"rule : protocol SLASH",
"rule : protocol",
"protocol : PROTOCOL",
"mode : MODE",
"level : LEVEL",
"level : LEVEL_SPECIFY",
"$$2 :",
"addresses : IPADDRESS $$2 HYPHEN IPADDRESS",
"addresses : ME HYPHEN ANY",
"addresses : ANY HYPHEN ME",
};
#endif
int yydebug;
int yynerrs;
int yyerrflag;
int yychar;
YYSTYPE yyval;
YYSTYPE yylval;
/* define the initial stack-sizes */
#ifdef YYSTACKSIZE
#undef YYMAXDEPTH
#define YYMAXDEPTH YYSTACKSIZE
#else
#ifdef YYMAXDEPTH
#define YYSTACKSIZE YYMAXDEPTH
#else
#define YYSTACKSIZE 10000
#define YYMAXDEPTH 10000
#endif
#endif
#define YYINITSTACKSIZE 200
typedef struct {
unsigned stacksize;
YYINT *s_base;
YYINT *s_mark;
YYINT *s_last;
YYSTYPE *l_base;
YYSTYPE *l_mark;
} YYSTACKDATA;
/* variables for the parser stack */
static YYSTACKDATA yystack;
#line 212 "../../freebsd/lib/libipsec/policy_parse.y"
void
yyerror(msg)
char *msg;
{
fprintf(stderr, "libipsec: %s while parsing \"%s\"\n",
msg, __libipsecyytext);
return;
}
static struct sockaddr *
parse_sockaddr(buf)
struct _val *buf;
{
struct addrinfo hints, *res;
char *serv = NULL;
int error;
struct sockaddr *newaddr = NULL;
memset(&hints, 0, sizeof(hints));
hints.ai_family = PF_UNSPEC;
hints.ai_flags = AI_NUMERICHOST;
error = getaddrinfo(buf->buf, serv, &hints, &res);
if (error != 0) {
yyerror("invalid IP address");
__ipsec_set_strerror(gai_strerror(error));
return NULL;
}
if (res->ai_addr == NULL) {
yyerror("invalid IP address");
__ipsec_set_strerror(gai_strerror(error));
return NULL;
}
newaddr = malloc(res->ai_addr->sa_len);
if (newaddr == NULL) {
__ipsec_errcode = EIPSEC_NO_BUFS;
freeaddrinfo(res);
return NULL;
}
memcpy(newaddr, res->ai_addr, res->ai_addr->sa_len);
freeaddrinfo(res);
__ipsec_errcode = EIPSEC_NO_ERROR;
return newaddr;
}
static int
rule_check()
{
if (p_type == IPSEC_POLICY_IPSEC) {
if (p_protocol == IPPROTO_IP) {
__ipsec_errcode = EIPSEC_NO_PROTO;
return -1;
}
if (p_mode != IPSEC_MODE_TRANSPORT
&& p_mode != IPSEC_MODE_TUNNEL) {
__ipsec_errcode = EIPSEC_INVAL_MODE;
return -1;
}
if (p_src == NULL && p_dst == NULL) {
if (p_mode != IPSEC_MODE_TRANSPORT) {
__ipsec_errcode = EIPSEC_INVAL_ADDRESS;
return -1;
}
}
else if (p_src->sa_family != p_dst->sa_family) {
__ipsec_errcode = EIPSEC_FAMILY_MISMATCH;
return -1;
}
}
__ipsec_errcode = EIPSEC_NO_ERROR;
return 0;
}
static int
init_x_policy()
{
struct sadb_x_policy *p;
tlen = sizeof(struct sadb_x_policy);
pbuf = malloc(tlen);
if (pbuf == NULL) {
__ipsec_errcode = EIPSEC_NO_BUFS;
return -1;
}
memset(pbuf, 0, tlen);
p = (struct sadb_x_policy *)pbuf;
p->sadb_x_policy_len = 0; /* must update later */
p->sadb_x_policy_exttype = SADB_X_EXT_POLICY;
p->sadb_x_policy_type = p_type;
p->sadb_x_policy_dir = p_dir;
p->sadb_x_policy_id = 0;
offset = tlen;
__ipsec_errcode = EIPSEC_NO_ERROR;
return 0;
}
static int
set_x_request(src, dst)
struct sockaddr *src, *dst;
{
struct sadb_x_ipsecrequest *p;
int reqlen;
reqlen = sizeof(*p)
+ (src ? src->sa_len : 0)
+ (dst ? dst->sa_len : 0);
tlen += reqlen; /* increment to total length */
pbuf = realloc(pbuf, tlen);
if (pbuf == NULL) {
__ipsec_errcode = EIPSEC_NO_BUFS;
return -1;
}
p = (struct sadb_x_ipsecrequest *)&pbuf[offset];
p->sadb_x_ipsecrequest_len = reqlen;
p->sadb_x_ipsecrequest_proto = p_protocol;
p->sadb_x_ipsecrequest_mode = p_mode;
p->sadb_x_ipsecrequest_level = p_level;
p->sadb_x_ipsecrequest_reqid = p_reqid;
offset += sizeof(*p);
if (set_sockaddr(src) || set_sockaddr(dst))
return -1;
__ipsec_errcode = EIPSEC_NO_ERROR;
return 0;
}
static int
set_sockaddr(addr)
struct sockaddr *addr;
{
if (addr == NULL) {
__ipsec_errcode = EIPSEC_NO_ERROR;
return 0;
}
/* tlen has already incremented */
memcpy(&pbuf[offset], addr, addr->sa_len);
offset += addr->sa_len;
__ipsec_errcode = EIPSEC_NO_ERROR;
return 0;
}
static void
policy_parse_request_init()
{
p_protocol = IPPROTO_IP;
p_mode = IPSEC_MODE_ANY;
p_level = IPSEC_LEVEL_DEFAULT;
p_reqid = 0;
if (p_src != NULL) {
free(p_src);
p_src = NULL;
}
if (p_dst != NULL) {
free(p_dst);
p_dst = NULL;
}
return;
}
static caddr_t
policy_parse(msg, msglen)
char *msg;
int msglen;
{
int error;
pbuf = NULL;
tlen = 0;
/* initialize */
p_dir = IPSEC_DIR_INVALID;
p_type = IPSEC_POLICY_DISCARD;
policy_parse_request_init();
__policy__strbuffer__init__(msg);
error = yyparse(); /* it must be set errcode. */
__policy__strbuffer__free__();
if (error) {
if (pbuf != NULL)
free(pbuf);
return NULL;
}
/* update total length */
((struct sadb_x_policy *)pbuf)->sadb_x_policy_len = PFKEY_UNIT64(tlen);
__ipsec_errcode = EIPSEC_NO_ERROR;
return pbuf;
}
caddr_t
ipsec_set_policy(msg, msglen)
char *msg;
int msglen;
{
caddr_t policy;
policy = policy_parse(msg, msglen);
if (policy == NULL) {
if (__ipsec_errcode == EIPSEC_NO_ERROR)
__ipsec_errcode = EIPSEC_INVAL_ARGUMENT;
return NULL;
}
__ipsec_errcode = EIPSEC_NO_ERROR;
return policy;
}
#line 604 "__libipsecyy.tab.c"
#if YYDEBUG
#include <stdio.h> /* needed for printf */
#endif
#include <stdlib.h> /* needed for malloc, etc */
#include <string.h> /* needed for memset */
/* allocate initial stack or double stack size, up to YYMAXDEPTH */
static int yygrowstack(YYSTACKDATA *data)
{
int i;
unsigned newsize;
YYINT *newss;
YYSTYPE *newvs;
if ((newsize = data->stacksize) == 0)
newsize = YYINITSTACKSIZE;
else if (newsize >= YYMAXDEPTH)
return YYENOMEM;
else if ((newsize *= 2) > YYMAXDEPTH)
newsize = YYMAXDEPTH;
i = (int) (data->s_mark - data->s_base);
newss = (YYINT *)realloc(data->s_base, newsize * sizeof(*newss));
if (newss == 0)
return YYENOMEM;
data->s_base = newss;
data->s_mark = newss + i;
newvs = (YYSTYPE *)realloc(data->l_base, newsize * sizeof(*newvs));
if (newvs == 0)
return YYENOMEM;
data->l_base = newvs;
data->l_mark = newvs + i;
data->stacksize = newsize;
data->s_last = data->s_base + newsize - 1;
return 0;
}
#if YYPURE || defined(YY_NO_LEAKS)
static void yyfreestack(YYSTACKDATA *data)
{
free(data->s_base);
free(data->l_base);
memset(data, 0, sizeof(*data));
}
#else
#define yyfreestack(data) /* nothing */
#endif
#define YYABORT goto yyabort
#define YYREJECT goto yyabort
#define YYACCEPT goto yyaccept
#define YYERROR goto yyerrlab
int
YYPARSE_DECL()
{
int yym, yyn, yystate;
#if YYDEBUG
const char *yys;
if ((yys = getenv("YYDEBUG")) != 0)
{
yyn = *yys;
if (yyn >= '0' && yyn <= '9')
yydebug = yyn - '0';
}
#endif
yynerrs = 0;
yyerrflag = 0;
yychar = YYEMPTY;
yystate = 0;
#if YYPURE
memset(&yystack, 0, sizeof(yystack));
#endif
if (yystack.s_base == NULL && yygrowstack(&yystack) == YYENOMEM) goto yyoverflow;
yystack.s_mark = yystack.s_base;
yystack.l_mark = yystack.l_base;
yystate = 0;
*yystack.s_mark = 0;
yyloop:
if ((yyn = yydefred[yystate]) != 0) goto yyreduce;
if (yychar < 0)
{
if ((yychar = YYLEX) < 0) yychar = YYEOF;
#if YYDEBUG
if (yydebug)
{
yys = yyname[YYTRANSLATE(yychar)];
printf("%sdebug: state %d, reading %d (%s)\n",
YYPREFIX, yystate, yychar, yys);
}
#endif
}
if ((yyn = yysindex[yystate]) && (yyn += yychar) >= 0 &&
yyn <= YYTABLESIZE && yycheck[yyn] == yychar)
{
#if YYDEBUG
if (yydebug)
printf("%sdebug: state %d, shifting to state %d\n",
YYPREFIX, yystate, yytable[yyn]);
#endif
if (yystack.s_mark >= yystack.s_last && yygrowstack(&yystack) == YYENOMEM)
{
goto yyoverflow;
}
yystate = yytable[yyn];
*++yystack.s_mark = yytable[yyn];
*++yystack.l_mark = yylval;
yychar = YYEMPTY;
if (yyerrflag > 0) --yyerrflag;
goto yyloop;
}
if ((yyn = yyrindex[yystate]) && (yyn += yychar) >= 0 &&
yyn <= YYTABLESIZE && yycheck[yyn] == yychar)
{
yyn = yytable[yyn];
goto yyreduce;
}
if (yyerrflag) goto yyinrecovery;
YYERROR_CALL("syntax error");
goto yyerrlab;
yyerrlab:
++yynerrs;
yyinrecovery:
if (yyerrflag < 3)
{
yyerrflag = 3;
for (;;)
{
if ((yyn = yysindex[*yystack.s_mark]) && (yyn += YYERRCODE) >= 0 &&
yyn <= YYTABLESIZE && yycheck[yyn] == YYERRCODE)
{
#if YYDEBUG
if (yydebug)
printf("%sdebug: state %d, error recovery shifting\
to state %d\n", YYPREFIX, *yystack.s_mark, yytable[yyn]);
#endif
if (yystack.s_mark >= yystack.s_last && yygrowstack(&yystack) == YYENOMEM)
{
goto yyoverflow;
}
yystate = yytable[yyn];
*++yystack.s_mark = yytable[yyn];
*++yystack.l_mark = yylval;
goto yyloop;
}
else
{
#if YYDEBUG
if (yydebug)
printf("%sdebug: error recovery discarding state %d\n",
YYPREFIX, *yystack.s_mark);
#endif
if (yystack.s_mark <= yystack.s_base) goto yyabort;
--yystack.s_mark;
--yystack.l_mark;
}
}
}
else
{
if (yychar == YYEOF) goto yyabort;
#if YYDEBUG
if (yydebug)
{
yys = yyname[YYTRANSLATE(yychar)];
printf("%sdebug: state %d, error recovery discards token %d (%s)\n",
YYPREFIX, yystate, yychar, yys);
}
#endif
yychar = YYEMPTY;
goto yyloop;
}
yyreduce:
#if YYDEBUG
if (yydebug)
printf("%sdebug: state %d, reducing by rule %d (%s)\n",
YYPREFIX, yystate, yyn, yyrule[yyn]);
#endif
yym = yylen[yyn];
if (yym)
yyval = yystack.l_mark[1-yym];
else
memset(&yyval, 0, sizeof yyval);
switch (yyn)
{
case 1:
#line 115 "../../freebsd/lib/libipsec/policy_parse.y"
{
p_dir = yystack.l_mark[-1].num;
p_type = yystack.l_mark[0].num;
if (init_x_policy())
return -1;
}
break;
case 3:
#line 124 "../../freebsd/lib/libipsec/policy_parse.y"
{
p_dir = yystack.l_mark[0].num;
p_type = 0; /* ignored it by kernel */
if (init_x_policy())
return -1;
}
break;
case 5:
#line 135 "../../freebsd/lib/libipsec/policy_parse.y"
{
if (rule_check() < 0)
return -1;
if (set_x_request(p_src, p_dst) < 0)
return -1;
policy_parse_request_init();
}
break;
case 12:
#line 153 "../../freebsd/lib/libipsec/policy_parse.y"
{
__ipsec_errcode = EIPSEC_FEW_ARGUMENTS;
return -1;
}
break;
case 13:
#line 157 "../../freebsd/lib/libipsec/policy_parse.y"
{
__ipsec_errcode = EIPSEC_FEW_ARGUMENTS;
return -1;
}
break;
case 14:
#line 164 "../../freebsd/lib/libipsec/policy_parse.y"
{ p_protocol = yystack.l_mark[0].num; }
break;
case 15:
#line 168 "../../freebsd/lib/libipsec/policy_parse.y"
{ p_mode = yystack.l_mark[0].num; }
break;
case 16:
#line 172 "../../freebsd/lib/libipsec/policy_parse.y"
{
p_level = yystack.l_mark[0].num;
p_reqid = 0;
}
break;
case 17:
#line 176 "../../freebsd/lib/libipsec/policy_parse.y"
{
p_level = IPSEC_LEVEL_UNIQUE;
p_reqid = atol(yystack.l_mark[0].val.buf); /* atol() is good. */
}
break;
case 18:
#line 183 "../../freebsd/lib/libipsec/policy_parse.y"
{
p_src = parse_sockaddr(&yystack.l_mark[0].val);
if (p_src == NULL)
return -1;
}
break;
case 19:
#line 189 "../../freebsd/lib/libipsec/policy_parse.y"
{
p_dst = parse_sockaddr(&yystack.l_mark[0].val);
if (p_dst == NULL)
return -1;
}
break;
case 20:
#line 194 "../../freebsd/lib/libipsec/policy_parse.y"
{
if (p_dir != IPSEC_DIR_OUTBOUND) {
__ipsec_errcode = EIPSEC_INVAL_DIR;
return -1;
}
}
break;
case 21:
#line 200 "../../freebsd/lib/libipsec/policy_parse.y"
{
if (p_dir != IPSEC_DIR_INBOUND) {
__ipsec_errcode = EIPSEC_INVAL_DIR;
return -1;
}
}
break;
#line 908 "__libipsecyy.tab.c"
}
yystack.s_mark -= yym;
yystate = *yystack.s_mark;
yystack.l_mark -= yym;
yym = yylhs[yyn];
if (yystate == 0 && yym == 0)
{
#if YYDEBUG
if (yydebug)
printf("%sdebug: after reduction, shifting from state 0 to\
state %d\n", YYPREFIX, YYFINAL);
#endif
yystate = YYFINAL;
*++yystack.s_mark = YYFINAL;
*++yystack.l_mark = yyval;
if (yychar < 0)
{
if ((yychar = YYLEX) < 0) yychar = YYEOF;
#if YYDEBUG
if (yydebug)
{
yys = yyname[YYTRANSLATE(yychar)];
printf("%sdebug: state %d, reading %d (%s)\n",
YYPREFIX, YYFINAL, yychar, yys);
}
#endif
}
if (yychar == YYEOF) goto yyaccept;
goto yyloop;
}
if ((yyn = yygindex[yym]) && (yyn += yystate) >= 0 &&
yyn <= YYTABLESIZE && yycheck[yyn] == yystate)
yystate = yytable[yyn];
else
yystate = yydgoto[yym];
#if YYDEBUG
if (yydebug)
printf("%sdebug: after reduction, shifting from state %d \
to state %d\n", YYPREFIX, *yystack.s_mark, yystate);
#endif
if (yystack.s_mark >= yystack.s_last && yygrowstack(&yystack) == YYENOMEM)
{
goto yyoverflow;
}
*++yystack.s_mark = (YYINT) yystate;
*++yystack.l_mark = yyval;
goto yyloop;
yyoverflow:
YYERROR_CALL("yacc stack overflow");
yyabort:
yyfreestack(&yystack);
return (1);
yyaccept:
yyfreestack(&yystack);
return (0);
}

438
freebsd/lib/libipsec/policy_parse.y
View File

@ -1,438 +0,0 @@
/* $KAME: policy_parse.y,v 1.14 2003/06/27 03:39:20 itojun Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, 1998, and 1999 WIDE Project.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. Neither the name of the project nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
/*
* IN/OUT bound policy configuration take place such below:
* in <policy>
* out <policy>
*
* <policy> is one of following:
* "discard", "none", "ipsec <requests>", "entrust", "bypass",
*
* The following requests are accepted as <requests>:
*
* protocol/mode/src-dst/level
* protocol/mode/src-dst parsed as protocol/mode/src-dst/default
* protocol/mode/src-dst/ parsed as protocol/mode/src-dst/default
* protocol/transport parsed as protocol/mode/any-any/default
* protocol/transport//level parsed as protocol/mode/any-any/level
*
* You can concatenate these requests with either ' '(single space) or '\n'.
*/
%{
#include <sys/cdefs.h>
__FBSDID("$FreeBSD$");
#include <sys/types.h>
#include <sys/param.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <netipsec/ipsec.h>
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
#include <netdb.h>
#include "ipsec_strerror.h"
#define ATOX(c) \
(isdigit(c) ? (c - '0') : (isupper(c) ? (c - 'A' + 10) : (c - 'a' + 10) ))
static caddr_t pbuf = NULL; /* sadb_x_policy buffer */
static int tlen = 0; /* total length of pbuf */
static int offset = 0; /* offset of pbuf */
static int p_dir, p_type, p_protocol, p_mode, p_level, p_reqid;
static struct sockaddr *p_src = NULL;
static struct sockaddr *p_dst = NULL;
struct _val;
extern void yyerror(char *msg);
static struct sockaddr *parse_sockaddr(struct _val *buf);
static int rule_check(void);
static int init_x_policy(void);
static int set_x_request(struct sockaddr *src, struct sockaddr *dst);
static int set_sockaddr(struct sockaddr *addr);
static void policy_parse_request_init(void);
static caddr_t policy_parse(char *msg, int msglen);
extern void __policy__strbuffer__init__(char *msg);
extern void __policy__strbuffer__free__(void);
extern int yylex(void);
extern char *__libipsecyytext; /*XXX*/
%}
%union {
u_int num;
struct _val {
int len;
char *buf;
} val;
}
%token DIR ACTION PROTOCOL MODE LEVEL LEVEL_SPECIFY
%token IPADDRESS
%token ME ANY
%token SLASH HYPHEN
%type <num> DIR ACTION PROTOCOL MODE LEVEL
%type <val> IPADDRESS LEVEL_SPECIFY
%%
policy_spec
: DIR ACTION
{
p_dir = $1;
p_type = $2;
if (init_x_policy())
return -1;
}
rules
| DIR
{
p_dir = $1;
p_type = 0; /* ignored it by kernel */
if (init_x_policy())
return -1;
}
;
rules
: /*NOTHING*/
| rules rule {
if (rule_check() < 0)
return -1;
if (set_x_request(p_src, p_dst) < 0)
return -1;
policy_parse_request_init();
}
;
rule
: protocol SLASH mode SLASH addresses SLASH level
| protocol SLASH mode SLASH addresses SLASH
| protocol SLASH mode SLASH addresses
| protocol SLASH mode SLASH
| protocol SLASH mode SLASH SLASH level
| protocol SLASH mode
| protocol SLASH {
__ipsec_errcode = EIPSEC_FEW_ARGUMENTS;
return -1;
}
| protocol {
__ipsec_errcode = EIPSEC_FEW_ARGUMENTS;
return -1;
}
;
protocol
: PROTOCOL { p_protocol = $1; }
;
mode
: MODE { p_mode = $1; }
;
level
: LEVEL {
p_level = $1;
p_reqid = 0;
}
| LEVEL_SPECIFY {
p_level = IPSEC_LEVEL_UNIQUE;
p_reqid = atol($1.buf); /* atol() is good. */
}
;
addresses
: IPADDRESS {
p_src = parse_sockaddr(&$1);
if (p_src == NULL)
return -1;
}
HYPHEN
IPADDRESS {
p_dst = parse_sockaddr(&$4);
if (p_dst == NULL)
return -1;
}
| ME HYPHEN ANY {
if (p_dir != IPSEC_DIR_OUTBOUND) {
__ipsec_errcode = EIPSEC_INVAL_DIR;
return -1;
}
}
| ANY HYPHEN ME {
if (p_dir != IPSEC_DIR_INBOUND) {
__ipsec_errcode = EIPSEC_INVAL_DIR;
return -1;
}
}
/*
| ME HYPHEN ME
*/
;
%%
void
yyerror(msg)
char *msg;
{
fprintf(stderr, "libipsec: %s while parsing \"%s\"\n",
msg, __libipsecyytext);
return;
}
static struct sockaddr *
parse_sockaddr(buf)
struct _val *buf;
{
struct addrinfo hints, *res;
char *serv = NULL;
int error;
struct sockaddr *newaddr = NULL;
memset(&hints, 0, sizeof(hints));
hints.ai_family = PF_UNSPEC;
hints.ai_flags = AI_NUMERICHOST;
error = getaddrinfo(buf->buf, serv, &hints, &res);
if (error != 0) {
yyerror("invalid IP address");
__ipsec_set_strerror(gai_strerror(error));
return NULL;
}
if (res->ai_addr == NULL) {
yyerror("invalid IP address");
__ipsec_set_strerror(gai_strerror(error));
return NULL;
}
newaddr = malloc(res->ai_addr->sa_len);
if (newaddr == NULL) {
__ipsec_errcode = EIPSEC_NO_BUFS;
freeaddrinfo(res);
return NULL;
}
memcpy(newaddr, res->ai_addr, res->ai_addr->sa_len);
freeaddrinfo(res);
__ipsec_errcode = EIPSEC_NO_ERROR;
return newaddr;
}
static int
rule_check()
{
if (p_type == IPSEC_POLICY_IPSEC) {
if (p_protocol == IPPROTO_IP) {
__ipsec_errcode = EIPSEC_NO_PROTO;
return -1;
}
if (p_mode != IPSEC_MODE_TRANSPORT
&& p_mode != IPSEC_MODE_TUNNEL) {
__ipsec_errcode = EIPSEC_INVAL_MODE;
return -1;
}
if (p_src == NULL && p_dst == NULL) {
if (p_mode != IPSEC_MODE_TRANSPORT) {
__ipsec_errcode = EIPSEC_INVAL_ADDRESS;
return -1;
}
}
else if (p_src->sa_family != p_dst->sa_family) {
__ipsec_errcode = EIPSEC_FAMILY_MISMATCH;
return -1;
}
}
__ipsec_errcode = EIPSEC_NO_ERROR;
return 0;
}
static int
init_x_policy()
{
struct sadb_x_policy *p;
tlen = sizeof(struct sadb_x_policy);
pbuf = malloc(tlen);
if (pbuf == NULL) {
__ipsec_errcode = EIPSEC_NO_BUFS;
return -1;
}
memset(pbuf, 0, tlen);
p = (struct sadb_x_policy *)pbuf;
p->sadb_x_policy_len = 0; /* must update later */
p->sadb_x_policy_exttype = SADB_X_EXT_POLICY;
p->sadb_x_policy_type = p_type;
p->sadb_x_policy_dir = p_dir;
p->sadb_x_policy_id = 0;
offset = tlen;
__ipsec_errcode = EIPSEC_NO_ERROR;
return 0;
}
static int
set_x_request(src, dst)
struct sockaddr *src, *dst;
{
struct sadb_x_ipsecrequest *p;
int reqlen;
reqlen = sizeof(*p)
+ (src ? src->sa_len : 0)
+ (dst ? dst->sa_len : 0);
tlen += reqlen; /* increment to total length */
pbuf = realloc(pbuf, tlen);
if (pbuf == NULL) {
__ipsec_errcode = EIPSEC_NO_BUFS;
return -1;
}
p = (struct sadb_x_ipsecrequest *)&pbuf[offset];
p->sadb_x_ipsecrequest_len = reqlen;
p->sadb_x_ipsecrequest_proto = p_protocol;
p->sadb_x_ipsecrequest_mode = p_mode;
p->sadb_x_ipsecrequest_level = p_level;
p->sadb_x_ipsecrequest_reqid = p_reqid;
offset += sizeof(*p);
if (set_sockaddr(src) || set_sockaddr(dst))
return -1;
__ipsec_errcode = EIPSEC_NO_ERROR;
return 0;
}
static int
set_sockaddr(addr)
struct sockaddr *addr;
{
if (addr == NULL) {
__ipsec_errcode = EIPSEC_NO_ERROR;
return 0;
}
/* tlen has already incremented */
memcpy(&pbuf[offset], addr, addr->sa_len);
offset += addr->sa_len;
__ipsec_errcode = EIPSEC_NO_ERROR;
return 0;
}
static void
policy_parse_request_init()
{
p_protocol = IPPROTO_IP;
p_mode = IPSEC_MODE_ANY;
p_level = IPSEC_LEVEL_DEFAULT;
p_reqid = 0;
if (p_src != NULL) {
free(p_src);
p_src = NULL;
}
if (p_dst != NULL) {
free(p_dst);
p_dst = NULL;
}
return;
}
static caddr_t
policy_parse(msg, msglen)
char *msg;
int msglen;
{
int error;
pbuf = NULL;
tlen = 0;
/* initialize */
p_dir = IPSEC_DIR_INVALID;
p_type = IPSEC_POLICY_DISCARD;
policy_parse_request_init();
__policy__strbuffer__init__(msg);
error = yyparse(); /* it must be set errcode. */
__policy__strbuffer__free__();
if (error) {
if (pbuf != NULL)
free(pbuf);
return NULL;
}
/* update total length */
((struct sadb_x_policy *)pbuf)->sadb_x_policy_len = PFKEY_UNIT64(tlen);
__ipsec_errcode = EIPSEC_NO_ERROR;
return pbuf;
}
caddr_t
ipsec_set_policy(msg, msglen)
char *msg;
int msglen;
{
caddr_t policy;
policy = policy_parse(msg, msglen);
if (policy == NULL) {
if (__ipsec_errcode == EIPSEC_NO_ERROR)
__ipsec_errcode = EIPSEC_INVAL_ARGUMENT;
return NULL;
}
__ipsec_errcode = EIPSEC_NO_ERROR;
return policy;
}

2005
freebsd/lib/libipsec/policy_token.c
View File

File diff suppressed because it is too large Load Diff

156
freebsd/lib/libipsec/policy_token.l
View File

@ -1,156 +0,0 @@
/* $FreeBSD$ */
/* $KAME: policy_token.l,v 1.13 2003/05/09 05:19:55 sakane Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, 1998, and 1999 WIDE Project.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. Neither the name of the project nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
%{
#include <sys/types.h>
#include <sys/param.h>
#include <sys/socket.h>
#include <net/route.h>
#include <net/pfkeyv2.h>
#include <netipsec/keydb.h>
#include <netinet/in.h>
#include <netipsec/ipsec.h>
#include <stdlib.h>
#include <limits.h>
#include <string.h>
#include <unistd.h>
#include <errno.h>
#include "y.tab.h"
#define yylval __libipsecyylval /* XXX */
int yylex(void);
%}
%option noyywrap
%option nounput
%option noinput
/* common section */
nl \n
ws [ \t]+
digit [0-9]
hexdigit [0-9A-Fa-f]
special [()+\|\?\*,]
dot \.
comma \,
hyphen \-
colon \:
slash \/
bcl \{
ecl \}
blcl \[
elcl \]
percent \%
semi \;
usec {dot}{digit}{1,6}
comment \#.*
ccomment "/*"
bracketstring \<[^>]*\>
quotedstring \"[^"]*\"
decstring {digit}+
hexpair {hexdigit}{hexdigit}
hexstring 0[xX]{hexdigit}+
octetstring {octet}({dot}{octet})+
ipaddress [a-zA-Z0-9:\._][a-zA-Z0-9:\._]*(%[a-zA-Z0-9]+)?
%%
in { yylval.num = IPSEC_DIR_INBOUND; return(DIR); }
out { yylval.num = IPSEC_DIR_OUTBOUND; return(DIR); }
discard { yylval.num = IPSEC_POLICY_DISCARD; return(ACTION); }
none { yylval.num = IPSEC_POLICY_NONE; return(ACTION); }
ipsec { yylval.num = IPSEC_POLICY_IPSEC; return(ACTION); }
bypass { yylval.num = IPSEC_POLICY_BYPASS; return(ACTION); }
entrust { yylval.num = IPSEC_POLICY_ENTRUST; return(ACTION); }
esp { yylval.num = IPPROTO_ESP; return(PROTOCOL); }
ah { yylval.num = IPPROTO_AH; return(PROTOCOL); }
ipcomp { yylval.num = IPPROTO_IPCOMP; return(PROTOCOL); }
tcp { yylval.num = IPPROTO_TCP; return(PROTOCOL); }
transport { yylval.num = IPSEC_MODE_TRANSPORT; return(MODE); }
tunnel { yylval.num = IPSEC_MODE_TUNNEL; return(MODE); }
me { return(ME); }
any { return(ANY); }
default { yylval.num = IPSEC_LEVEL_DEFAULT; return(LEVEL); }
use { yylval.num = IPSEC_LEVEL_USE; return(LEVEL); }
require { yylval.num = IPSEC_LEVEL_REQUIRE; return(LEVEL); }
unique{colon}{decstring} {
yylval.val.len = strlen(yytext + 7);
yylval.val.buf = yytext + 7;
return(LEVEL_SPECIFY);
}
unique { yylval.num = IPSEC_LEVEL_UNIQUE; return(LEVEL); }
{slash} { return(SLASH); }
{ipaddress} {
yylval.val.len = strlen(yytext);
yylval.val.buf = yytext;
return(IPADDRESS);
}
{hyphen} { return(HYPHEN); }
{ws} { ; }
{nl} { ; }
%%
void __policy__strbuffer__init__(char *);
void __policy__strbuffer__free__(void);
static YY_BUFFER_STATE strbuffer;
void
__policy__strbuffer__init__(msg)
char *msg;
{
if (YY_CURRENT_BUFFER)
yy_delete_buffer(YY_CURRENT_BUFFER);
strbuffer = (YY_BUFFER_STATE)yy_scan_string(msg);
yy_switch_to_buffer(strbuffer);
return;
}
void
__policy__strbuffer__free__()
{
yy_delete_buffer(strbuffer);
return;
}

114
freebsd/lib/libipsec/y.tab.h
View File

@ -1,114 +0,0 @@
/* A Bison parser, made by GNU Bison 2.7. */
/* Bison interface for Yacc-like parsers in C
Copyright (C) 1984, 1989-1990, 2000-2012 Free Software Foundation, Inc.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>. */
/* As a special exception, you may create a larger work that contains
part or all of the Bison parser skeleton and distribute that work
under terms of your choice, so long as that work isn't itself a
parser generator using the skeleton or a modified version thereof
as a parser skeleton. Alternatively, if you modify or redistribute
the parser skeleton itself, you may (at your option) remove this
special exception, which will cause the skeleton and the resulting
Bison output files to be licensed under the GNU General Public
License without this special exception.
This special exception was added by the Free Software Foundation in
version 2.2 of Bison. */
#ifndef YY__LIBIPSECYY_LIBIPSECYY_TAB_H_INCLUDED
# define YY__LIBIPSECYY_LIBIPSECYY_TAB_H_INCLUDED
/* Enabling traces. */
#ifndef YYDEBUG
# define YYDEBUG 0
#endif
#if YYDEBUG
extern int __libipsecyydebug;
#endif
/* Tokens. */
#ifndef YYTOKENTYPE
# define YYTOKENTYPE
/* Put the tokens into the symbol table, so that GDB and other debuggers
know about them. */
enum yytokentype {
DIR = 258,
ACTION = 259,
PROTOCOL = 260,
MODE = 261,
LEVEL = 262,
LEVEL_SPECIFY = 263,
IPADDRESS = 264,
ME = 265,
ANY = 266,
SLASH = 267,
HYPHEN = 268
};
#endif
/* Tokens. */
#define DIR 258
#define ACTION 259
#define PROTOCOL 260
#define MODE 261
#define LEVEL 262
#define LEVEL_SPECIFY 263
#define IPADDRESS 264
#define ME 265
#define ANY 266
#define SLASH 267
#define HYPHEN 268
#if ! defined YYSTYPE && ! defined YYSTYPE_IS_DECLARED
typedef union YYSTYPE
{
/* Line 2058 of yacc.c */
#line 98 "freebsd/lib/libipsec/policy_parse.y"
u_int num;
struct _val {
int len;
char *buf;
} val;
/* Line 2058 of yacc.c */
#line 92 "__libipsecyy.tab.h"
} YYSTYPE;
# define YYSTYPE_IS_TRIVIAL 1
# define yystype YYSTYPE /* obsolescent; will be withdrawn */
# define YYSTYPE_IS_DECLARED 1
#endif
extern YYSTYPE __libipsecyylval;
#ifdef YYPARSE_PARAM
#if defined __STDC__ || defined __cplusplus
int __libipsecyyparse (void *YYPARSE_PARAM);
#else
int __libipsecyyparse ();
#endif
#else /* ! YYPARSE_PARAM */
#if defined __STDC__ || defined __cplusplus
int __libipsecyyparse (void);
#else
int __libipsecyyparse ();
#endif
#endif /* ! YYPARSE_PARAM */
#endif /* !YY__LIBIPSECYY_LIBIPSECYY_TAB_H_INCLUDED */

276
ipsec-tools/src/config.h Normal file
View File

@ -0,0 +1,276 @@
/* Generated on a FreeBSD 11.1 machine and adapted for RTEMS */
/* Extra defines necessary for RTEMS. */
#define SYSCONFDIR "/etc"
/* config.h. Generated from config.h.in by configure. */
/* config.h.in. Generated from configure.ac by autoheader. */
/* in-kernel NAT-T is broken */
/* #undef BROKEN_NATT */
/* If printf doesn't support %zu. */
/* #undef BROKEN_PRINTF */
/* Enable admin port */
/* #undef ENABLE_ADMINPORT */
/* Enable dead peer detection */
#define ENABLE_DPD /**/
/* IKE fragmentation support */
#define ENABLE_FRAG /**/
/* Hybrid authentication support */
/* #undef ENABLE_HYBRID */
/* Enable NAT-Traversal */
#define ENABLE_NATT /**/
/* Enable NAT-Traversal draft 00 */
/* #undef ENABLE_NATT_00 */
/* Enable NAT-Traversal draft 01 */
/* #undef ENABLE_NATT_01 */
/* Enable NAT-Traversal draft 02 */
/* #undef ENABLE_NATT_02 */
/* Enable NAT-Traversal draft 03 */
/* #undef ENABLE_NATT_03 */
/* Enable NAT-Traversal draft 04 */
/* #undef ENABLE_NATT_04 */
/* Enable NAT-Traversal draft 05 */
/* #undef ENABLE_NATT_05 */
/* Enable NAT-Traversal draft 06 */
/* #undef ENABLE_NATT_06 */
/* Enable NAT-Traversal draft 07 */
/* #undef ENABLE_NATT_07 */
/* Enable NAT-Traversal draft 08 */
/* #undef ENABLE_NATT_08 */
/* Enable NAT-Traversal RFC version */
#define ENABLE_NATT_RFC /**/
/* Enable samode-unspec */
/* #undef ENABLE_SAMODE_UNSPECIFIED */
/* Enable statictics */
/* #undef ENABLE_STATS */
/* Have a monotonic clock */
#define HAVE_CLOCK_MONOTONIC /**/
/* Define to 1 if you have the <dlfcn.h> header file. */
#define HAVE_DLFCN_H 1
/* Define to 1 if you don't have `vprintf' but do have `_doprnt.' */
/* #undef HAVE_DOPRNT */
/* Have __func__ macro */
#define HAVE_FUNC_MACRO /**/
/* Define to 1 if you have the `gettimeofday' function. */
#define HAVE_GETTIMEOFDAY 1
/* Enable GSS API */
/* #undef HAVE_GSSAPI */
/* Have iconv using const */
/* #undef HAVE_ICONV_2ND_CONST */
/* Define to 1 if you have the `iconv_open' function. */
/* #undef HAVE_ICONV_OPEN */
/* Define to 1 if you have the <inttypes.h> header file. */
#define HAVE_INTTYPES_H 1
/* Have ipsec_policy_t */
/* #undef HAVE_IPSEC_POLICY_T */
/* Hybrid authentication uses LDAP */
/* #undef HAVE_LIBLDAP */
/* Hybrid authentication uses PAM */
/* #undef HAVE_LIBPAM */
/* Hybrid authentication uses RADIUS */
/* #undef HAVE_LIBRADIUS */
/* Define to 1 if you have the <limits.h> header file. */
#define HAVE_LIMITS_H 1
/* Define to 1 if you have the <memory.h> header file. */
#define HAVE_MEMORY_H 1
/* Define to 1 if you have the <openssl/aes.h> header file. */
#define HAVE_OPENSSL_AES_H 1
/* Define to 1 if you have the <openssl/camellia.h> header file. */
#define HAVE_OPENSSL_CAMELLIA_H 1
/* Define to 1 if you have the <openssl/engine.h> header file. */
#define HAVE_OPENSSL_ENGINE_H 1
/* Define to 1 if you have the <openssl/idea.h> header file. */
#define HAVE_OPENSSL_IDEA_H 1
/* Define to 1 if you have the <openssl/rc5.h> header file. */
/* #undef HAVE_OPENSSL_RC5_H */
/* Define to 1 if you have the `pam_start' function. */
/* #undef HAVE_PAM_START */
/* Are PF_KEY policy priorities supported? */
/* #undef HAVE_PFKEY_POLICY_PRIORITY */
/* Have forward policy */
/* #undef HAVE_POLICY_FWD */
/* Define to 1 if you have the `rad_create_request' function. */
/* #undef HAVE_RAD_CREATE_REQUEST */
/* Is readline available? */
/* #undef HAVE_READLINE */
/* Enable Security Context */
/* #undef HAVE_SECCTX */
/* Define to 1 if you have the `select' function. */
#define HAVE_SELECT 1
/* sha2 is defined in sha.h */
#define HAVE_SHA2_IN_SHA_H /**/
/* Define to 1 if you have the <shadow.h> header file. */
/* #undef HAVE_SHADOW_H */
/* Define to 1 if you have the `socket' function. */
#define HAVE_SOCKET 1
/* Define to 1 if you have the <stdarg.h> header file. */
#define HAVE_STDARG_H 1
/* Define to 1 if you have the <stdint.h> header file. */
#define HAVE_STDINT_H 1
/* Define to 1 if you have the <stdlib.h> header file. */
#define HAVE_STDLIB_H 1
/* Define to 1 if you have the `strdup' function. */
#define HAVE_STRDUP 1
/* Define to 1 if you have the `strerror' function. */
#define HAVE_STRERROR 1
/* Define to 1 if you have the <strings.h> header file. */
#define HAVE_STRINGS_H 1
/* Define to 1 if you have the <string.h> header file. */
#define HAVE_STRING_H 1
/* Define to 1 if you have the `strlcat' function. */
#define HAVE_STRLCAT 1
/* Define to 1 if you have the `strlcpy' function. */
#define HAVE_STRLCPY 1
/* Define to 1 if you have the `strtol' function. */
#define HAVE_STRTOL 1
/* Define to 1 if you have the `strtoul' function. */
#define HAVE_STRTOUL 1
/* Define to 1 if you have the <sys/stat.h> header file. */
#define HAVE_SYS_STAT_H 1
/* Define to 1 if you have the <sys/time.h> header file. */
#define HAVE_SYS_TIME_H 1
/* Define to 1 if you have the <sys/types.h> header file. */
#define HAVE_SYS_TYPES_H 1
/* Define to 1 if you have <sys/wait.h> that is POSIX.1 compatible. */
#define HAVE_SYS_WAIT_H 1
/* Define to 1 if you have the <unistd.h> header file. */
#define HAVE_UNISTD_H 1
/* Define to 1 if you have the <varargs.h> header file. */
/* #undef HAVE_VARARGS_H */
/* Define to 1 if you have the `vprintf' function. */
#define HAVE_VPRINTF 1
/* Support IPv6 */
#define INET6 /**/
/* Use advanced IPv6 API */
#define INET6_ADVAPI /**/
/* Define to the sub-directory in which libtool stores uninstalled libraries.
*/
#define LT_OBJDIR ".libs/"
/* Name of package */
#define PACKAGE "ipsec-tools"
/* Define to the address where bug reports for this package should be sent. */
#define PACKAGE_BUGREPORT ""
/* Define to the full name of this package. */
#define PACKAGE_NAME "ipsec-tools"
/* Define to the full name and version of this package. */
#define PACKAGE_STRING "ipsec-tools 0.8.2"
/* Define to the one symbol short name of this package. */
#define PACKAGE_TARNAME "ipsec-tools"
/* Define to the home page for this package. */
#define PACKAGE_URL ""
/* Define to the version of this package. */
#define PACKAGE_VERSION "0.8.2"
/* Path to ipsec.h */
#define PATH_IPSEC_H <netipsec/ipsec.h>
/* Define as the return type of signal handlers (`int' or `void'). */
#define RETSIGTYPE void
/* Define to 1 if you have the ANSI C header files. */
#define STDC_HEADERS 1
/* Define to 1 if you can safely include both <sys/time.h> and <time.h>. */
#define TIME_WITH_SYS_TIME 1
/* Define to 1 if your <sys/time.h> declares `struct tm'. */
/* #undef TM_IN_SYS_TIME */
/* A 'va_copy' style function */
#define VA_COPY va_copy
/* Version number of package */
#define VERSION "0.8.2"
/* SHA2 support */
#define WITH_SHA2 /**/
/* Define to 1 if `lex' declares `yytext' as a `char *' by default, not a
`char[]'. */
#define YYTEXT_POINTER 1
/* Define to empty if `const' does not conform to ANSI C. */
/* #undef const */
/* Define to `int' if <sys/types.h> does not define. */
/* #undef pid_t */
/* Define to `unsigned int' if <sys/types.h> does not define. */
/* #undef size_t */

1
ipsec-tools/src/libipsec/config.h Normal file
View File

@ -0,0 +1 @@
#include "../config.h"

2
ipsec-tools/src/libipsec/ipsec_dump_policy.c
View File

@ -1,3 +1,5 @@
#include <machine/rtems-bsd-user-space.h>
/* $NetBSD: ipsec_dump_policy.c,v 1.9 2010/12/03 15:01:11 tteras Exp $ */
/* Id: ipsec_dump_policy.c,v 1.10 2005/06/29 09:12:37 manubsd Exp */

2
ipsec-tools/src/libipsec/ipsec_get_policylen.c
View File

@ -1,3 +1,5 @@
#include <machine/rtems-bsd-user-space.h>
/* $NetBSD: ipsec_get_policylen.c,v 1.7 2007/07/18 12:07:50 vanhu Exp $ */
/* $KAME: ipsec_get_policylen.c,v 1.5 2000/05/07 05:25:03 itojun Exp $ */

2
ipsec-tools/src/libipsec/ipsec_strerror.c
View File

@ -1,3 +1,5 @@
#include <machine/rtems-bsd-user-space.h>
/* $NetBSD: ipsec_strerror.c,v 1.6 2010/04/07 14:53:52 vanhu Exp $ */
/* $KAME: ipsec_strerror.c,v 1.7 2000/07/30 00:45:12 itojun Exp $ */

2
ipsec-tools/src/libipsec/key_debug.c
View File

@ -1,3 +1,5 @@
#include <machine/rtems-bsd-user-space.h>
/* $NetBSD: key_debug.c,v 1.9 2008/12/05 06:02:20 tteras Exp $ */
/* $KAME: key_debug.c,v 1.29 2001/08/16 14:25:41 itojun Exp $ */

7
ipsec-tools/src/libipsec/libpfkey.h
View File

@ -93,7 +93,11 @@ struct pfkey_send_sa_args {
};
/* The options built into libipsec */
#ifndef __rtems__
extern int libipsec_opt;
#else /* __rtems__ */
extern const int libipsec_opt;
#endif /* __rtems__ */
#define LIBIPSEC_OPT_NATT 0x01
#define LIBIPSEC_OPT_FRAG 0x02
#define LIBIPSEC_OPT_SEC_CTX 0x04
@ -108,6 +112,9 @@ void ipsec_hexdump __P((const void *, int));
const char *ipsec_strerror __P((void));
void kdebug_sadb __P((struct sadb_msg *));
ipsec_policy_t ipsec_set_policy __P((__ipsec_const char *, int));
#ifdef __rtems__
extern void ipsec_free_policy(ipsec_policy_t buf);
#endif /* __rtems__ */
int ipsec_get_policylen __P((ipsec_policy_t));
char *ipsec_dump_policy __P((ipsec_policy_t, __ipsec_const char *));

10
ipsec-tools/src/libipsec/pfkey.c
View File

@ -1,3 +1,5 @@
#include <machine/rtems-bsd-user-space.h>
/* $NetBSD: pfkey.c,v 1.21.2.1 2011/11/14 13:25:06 tteras Exp $ */
/* $KAME: pfkey.c,v 1.47 2003/10/02 19:52:12 itojun Exp $ */
@ -95,7 +97,11 @@ static caddr_t pfkey_setsecctx __P((caddr_t, caddr_t, u_int, u_int8_t, u_int8_t,
caddr_t, u_int16_t));
#endif
#ifndef __rtems__
int libipsec_opt = 0
#else /* __rtems__ */
const int libipsec_opt = 0
#endif /* __rtems__ */
#ifdef SADB_X_EXT_NAT_T_TYPE
| LIBIPSEC_OPT_NATT
#endif
@ -116,7 +122,11 @@ static struct sadb_supported *ipsec_supported[] = { NULL, NULL, NULL,
#endif
};
#ifndef __rtems__
static int supported_map[] = {
#else /* __rtems__ */
static const int supported_map[] = {
#endif /* __rtems__ */
SADB_SATYPE_AH,
SADB_SATYPE_ESP,
SADB_X_SATYPE_IPCOMP,

26
ipsec-tools/src/libipsec/pfkey_dump.c
View File

@ -1,3 +1,5 @@
#include <machine/rtems-bsd-user-space.h>
/* $NetBSD: pfkey_dump.c,v 1.18 2010/12/03 14:32:52 tteras Exp $ */
/* $KAME: pfkey_dump.c,v 1.45 2003/09/08 10:14:56 itojun Exp $ */
@ -122,7 +124,11 @@ struct val2str {
/*
* Must to be re-written about following strings.
*/
#ifndef __rtems__
static char *str_satype[] = {
#else /* __rtems__ */
static const char *str_satype[] = {
#endif /* __rtems__ */
"unspec",
"unknown",
"ah",
@ -137,20 +143,32 @@ static char *str_satype[] = {
"tcp",
};
#ifndef __rtems__
static char *str_mode[] = {
#else /* __rtems__ */
static const char *str_mode[] = {
#endif /* __rtems__ */
"any",
"transport",
"tunnel",
};
#ifndef __rtems__
static char *str_state[] = {
#else /* __rtems__ */
static const char *str_state[] = {
#endif /* __rtems__ */
"larval",
"mature",
"dying",
"dead",
};
#ifndef __rtems__
static struct val2str str_alg_auth[] = {
#else /* __rtems__ */
static const struct val2str str_alg_auth[] = {
#endif /* __rtems__ */
{ SADB_AALG_NONE, "none", },
{ SADB_AALG_MD5HMAC, "hmac-md5", },
{ SADB_AALG_SHA1HMAC, "hmac-sha1", },
@ -178,7 +196,11 @@ static struct val2str str_alg_auth[] = {
{ -1, NULL, },
};
#ifndef __rtems__
static struct val2str str_alg_enc[] = {
#else /* __rtems__ */
static const struct val2str str_alg_enc[] = {
#endif /* __rtems__ */
{ SADB_EALG_NONE, "none", },
{ SADB_EALG_DESCBC, "des-cbc", },
{ SADB_EALG_3DESCBC, "3des-cbc", },
@ -203,7 +225,11 @@ static struct val2str str_alg_enc[] = {
{ -1, NULL, },
};
#ifndef __rtems__
static struct val2str str_alg_comp[] = {
#else /* __rtems__ */
static const struct val2str str_alg_comp[] = {
#endif /* __rtems__ */
{ SADB_X_CALG_NONE, "none", },
{ SADB_X_CALG_OUI, "oui", },
{ SADB_X_CALG_DEFLATE, "deflate", },

2729
ipsec-tools/src/libipsec/policy_parse.c
View File

File diff suppressed because it is too large Load Diff

139
ipsec-tools/src/libipsec/policy_parse.h
View File

@ -1,125 +1,32 @@
/* A Bison parser, made by GNU Bison 2.6.2. */
/* Bison interface for Yacc-like parsers in C
Copyright (C) 1984, 1989-1990, 2000-2012 Free Software Foundation, Inc.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>. */
/* As a special exception, you may create a larger work that contains
part or all of the Bison parser skeleton and distribute that work
under terms of your choice, so long as that work isn't itself a
parser generator using the skeleton or a modified version thereof
as a parser skeleton. Alternatively, if you modify or redistribute
the parser skeleton itself, you may (at your option) remove this
special exception, which will cause the skeleton and the resulting
Bison output files to be licensed under the GNU General Public
License without this special exception.
This special exception was added by the Free Software Foundation in
version 2.2 of Bison. */
#ifndef _LIBIPSEC_POLICY_PARSE_H
# define _LIBIPSEC_POLICY_PARSE_H
/* Enabling traces. */
#ifndef YYDEBUG
# define YYDEBUG 0
#define DIR 257
#define PRIORITY 258
#define PLUS 259
#define PRIO_BASE 260
#define PRIO_OFFSET 261
#define ACTION 262
#define PROTOCOL 263
#define MODE 264
#define LEVEL 265
#define LEVEL_SPECIFY 266
#define IPADDRESS 267
#define PORT 268
#define ME 269
#define ANY 270
#define SLASH 271
#define HYPHEN 272
#ifdef YYSTYPE
#undef YYSTYPE_IS_DECLARED
#define YYSTYPE_IS_DECLARED 1
#endif
#if YYDEBUG
extern int __libipsecdebug;
#endif
/* Tokens. */
#ifndef YYTOKENTYPE
# define YYTOKENTYPE
/* Put the tokens into the symbol table, so that GDB and other debuggers
know about them. */
enum yytokentype {
DIR = 258,
PRIORITY = 259,
PLUS = 260,
PRIO_BASE = 261,
PRIO_OFFSET = 262,
ACTION = 263,
PROTOCOL = 264,
MODE = 265,
LEVEL = 266,
LEVEL_SPECIFY = 267,
IPADDRESS = 268,
PORT = 269,
ME = 270,
ANY = 271,
SLASH = 272,
HYPHEN = 273
};
#endif
/* Tokens. */
#define DIR 258
#define PRIORITY 259
#define PLUS 260
#define PRIO_BASE 261
#define PRIO_OFFSET 262
#define ACTION 263
#define PROTOCOL 264
#define MODE 265
#define LEVEL 266
#define LEVEL_SPECIFY 267
#define IPADDRESS 268
#define PORT 269
#define ME 270
#define ANY 271
#define SLASH 272
#define HYPHEN 273
#if ! defined YYSTYPE && ! defined YYSTYPE_IS_DECLARED
typedef union YYSTYPE
{
/* Line 2049 of yacc.c */
#line 129 "policy_parse.y"
#ifndef YYSTYPE_IS_DECLARED
#define YYSTYPE_IS_DECLARED 1
typedef union {
u_int num;
u_int32_t num32;
struct _val {
int len;
char *buf;
} val;
/* Line 2049 of yacc.c */
#line 103 "policy_parse.h"
} YYSTYPE;
# define YYSTYPE_IS_TRIVIAL 1
# define yystype YYSTYPE /* obsolescent; will be withdrawn */
# define YYSTYPE_IS_DECLARED 1
#endif
#endif /* !YYSTYPE_IS_DECLARED */
extern YYSTYPE __libipseclval;
#ifdef YYPARSE_PARAM
#if defined __STDC__ || defined __cplusplus
int __libipsecparse (void *YYPARSE_PARAM);
#else
int __libipsecparse ();
#endif
#else /* ! YYPARSE_PARAM */
#if defined __STDC__ || defined __cplusplus
int __libipsecparse (void);
#else
int __libipsecparse ();
#endif
#endif /* ! YYPARSE_PARAM */
#endif /* !_LIBIPSEC_POLICY_PARSE_H */

15
ipsec-tools/src/libipsec/policy_parse.y
View File

@ -63,6 +63,9 @@
*/
%{
#ifdef __rtems__
#include <machine/rtems-bsd-user-space.h>
#endif /* __rtems__ */
#ifdef HAVE_CONFIG_H
#include "config.h"
#endif
@ -600,6 +603,10 @@ policy_parse(msg, msglen)
error = yyparse(); /* it must be set errcode. */
__policy__strbuffer__free__();
#ifdef __rtems__
/* This frees the p_src and p_dst buffers. */
policy_parse_request_init();
#endif /* __rtems__ */
if (error) {
if (pbuf != NULL)
@ -632,3 +639,11 @@ ipsec_set_policy(msg, msglen)
__ipsec_errcode = EIPSEC_NO_ERROR;
return policy;
}
#ifdef __rtems__
void
ipsec_free_policy(ipsec_policy_t buf)
{
free(buf);
}
#endif /* __rtems__ */

138
ipsec-tools/src/libipsec/policy_token.c
View File

@ -1,6 +1,5 @@
#line 2 "policy_token.c"
#line 4 "policy_token.c"
#line 3 "<stdout>"
#define YY_INT_ALIGNED short int
@ -35,6 +34,16 @@
/* First, we deal with platform-specific or compiler-specific issues. */
#if defined(__FreeBSD__)
#ifndef __STDC_LIMIT_MACROS
#define __STDC_LIMIT_MACROS
#endif
#include <sys/cdefs.h>
#include <stdint.h>
#else
#define __dead2
#endif
/* begin standard C headers. */
#include <stdio.h>
#include <string.h>
@ -50,7 +59,8 @@
/* C99 systems have <inttypes.h>. Non-C99 systems may or may not. */
#if defined (__STDC_VERSION__) && __STDC_VERSION__ >= 199901L
#if defined(__FreeBSD__) || \
(defined (__STDC_VERSION__) && __STDC_VERSION__ >= 199901L)
/* C99 says to define __STDC_LIMIT_MACROS before including stdint.h,
* if you want the limit (max/min) macros for int types.
@ -161,7 +171,7 @@ typedef unsigned int flex_uint32_t;
/* Size of default input buffer. */
#ifndef YY_BUF_SIZE
#define YY_BUF_SIZE 16384
#define YY_BUF_SIZE 1024
#endif
/* The state buf must be large enough to hold one state per character in the main buffer.
@ -283,6 +293,7 @@ static YY_BUFFER_STATE * yy_buffer_stack = 0; /**< Stack as an array. */
#define YY_CURRENT_BUFFER ( (yy_buffer_stack) \
? (yy_buffer_stack)[(yy_buffer_stack_top)] \
: NULL)
#define yy_current_buffer YY_CURRENT_BUFFER
/* Same as previous macro, but useful when we know that the buffer stack is not
* NULL or when we need an lvalue. For internal use only.
@ -371,7 +382,7 @@ extern char *__libipsectext;
static yy_state_type yy_get_previous_state (void );
static yy_state_type yy_try_NUL_trans (yy_state_type current_state );
static int yy_get_next_buffer (void );
static void yy_fatal_error (yyconst char msg[] );
static void yy_fatal_error (yyconst char msg[] ) __dead2;
/* Done after the current pattern has been matched and before the
* corresponding action - sets up __libipsectext.
@ -565,7 +576,7 @@ int __libipsec_flex_debug = 0;
#define YY_MORE_ADJ 0
#define YY_RESTORE_YY_MORE_OFFSET
char *__libipsectext;
#line 1 "policy_token.l"
#line 1 "../../ipsec-tools/src/libipsec/policy_token.l"
/* $NetBSD: policy_token.l,v 1.7 2007/07/18 12:07:50 vanhu Exp $ */
/* Id: policy_token.l,v 1.12 2005/05/05 12:32:18 manubsd Exp */
/*
@ -596,7 +607,10 @@ char *__libipsectext;
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#line 35 "policy_token.l"
#line 35 "../../ipsec-tools/src/libipsec/policy_token.l"
#ifdef __rtems__
#include <machine/rtems-bsd-user-space.h>
#endif /* __rtems__ */
#ifdef HAVE_CONFIG_H
#include "config.h"
#endif
@ -626,7 +640,7 @@ char *__libipsectext;
int __libipseclex __P((void));
/* common section */
#line 630 "policy_token.c"
#line 644 "<stdout>"
#define INITIAL 0
@ -802,14 +816,14 @@ extern int __libipseclex (void);
*/
YY_DECL
{
register yy_state_type yy_current_state;
register char *yy_cp, *yy_bp;
register int yy_act;
yy_state_type yy_current_state;
char *yy_cp, *yy_bp;
int yy_act;
#line 97 "policy_token.l"
#line 100 "../../ipsec-tools/src/libipsec/policy_token.l"
#line 813 "policy_token.c"
#line 827 "<stdout>"
if ( !(yy_init) )
{
@ -853,7 +867,7 @@ YY_DECL
yy_match:
do
{
register YY_CHAR yy_c = yy_ec[YY_SC_TO_UI(*yy_cp)];
YY_CHAR yy_c = yy_ec[YY_SC_TO_UI(*yy_cp)] ;
if ( yy_accept[yy_current_state] )
{
(yy_last_accepting_state) = yy_current_state;
@ -894,17 +908,17 @@ do_action: /* This label is used only to access EOF actions. */
case 1:
YY_RULE_SETUP
#line 99 "policy_token.l"
#line 102 "../../ipsec-tools/src/libipsec/policy_token.l"
{ yylval.num = IPSEC_DIR_INBOUND; return(DIR); }
YY_BREAK
case 2:
YY_RULE_SETUP
#line 100 "policy_token.l"
#line 103 "../../ipsec-tools/src/libipsec/policy_token.l"
{ yylval.num = IPSEC_DIR_OUTBOUND; return(DIR); }
YY_BREAK
case 3:
YY_RULE_SETUP
#line 101 "policy_token.l"
#line 104 "../../ipsec-tools/src/libipsec/policy_token.l"
{
#ifdef HAVE_POLICY_FWD
yylval.num = IPSEC_DIR_FWD; return(DIR);
@ -915,37 +929,37 @@ YY_RULE_SETUP
YY_BREAK
case 4:
YY_RULE_SETUP
#line 109 "policy_token.l"
#line 112 "../../ipsec-tools/src/libipsec/policy_token.l"
{ return(PRIORITY); }
YY_BREAK
case 5:
YY_RULE_SETUP
#line 110 "policy_token.l"
#line 113 "../../ipsec-tools/src/libipsec/policy_token.l"
{ return(PRIORITY); }
YY_BREAK
case 6:
YY_RULE_SETUP
#line 111 "policy_token.l"
#line 114 "../../ipsec-tools/src/libipsec/policy_token.l"
{ yylval.num32 = PRIORITY_LOW; return(PRIO_BASE); }
YY_BREAK
case 7:
YY_RULE_SETUP
#line 112 "policy_token.l"
#line 115 "../../ipsec-tools/src/libipsec/policy_token.l"
{ yylval.num32 = PRIORITY_DEFAULT; return(PRIO_BASE); }
YY_BREAK
case 8:
YY_RULE_SETUP
#line 113 "policy_token.l"
#line 116 "../../ipsec-tools/src/libipsec/policy_token.l"
{ yylval.num32 = PRIORITY_HIGH; return(PRIO_BASE); }
YY_BREAK
case 9:
YY_RULE_SETUP
#line 114 "policy_token.l"
#line 117 "../../ipsec-tools/src/libipsec/policy_token.l"
{ return(PLUS); }
YY_BREAK
case 10:
YY_RULE_SETUP
#line 115 "policy_token.l"
#line 118 "../../ipsec-tools/src/libipsec/policy_token.l"
{
yylval.val.len = strlen(__libipsectext);
yylval.val.buf = __libipsectext;
@ -954,82 +968,82 @@ YY_RULE_SETUP
YY_BREAK
case 11:
YY_RULE_SETUP
#line 121 "policy_token.l"
#line 124 "../../ipsec-tools/src/libipsec/policy_token.l"
{ yylval.num = IPSEC_POLICY_DISCARD; return(ACTION); }
YY_BREAK
case 12:
YY_RULE_SETUP
#line 122 "policy_token.l"
#line 125 "../../ipsec-tools/src/libipsec/policy_token.l"
{ yylval.num = IPSEC_POLICY_NONE; return(ACTION); }
YY_BREAK
case 13:
YY_RULE_SETUP
#line 123 "policy_token.l"
#line 126 "../../ipsec-tools/src/libipsec/policy_token.l"
{ yylval.num = IPSEC_POLICY_IPSEC; return(ACTION); }
YY_BREAK
case 14:
YY_RULE_SETUP
#line 124 "policy_token.l"
#line 127 "../../ipsec-tools/src/libipsec/policy_token.l"
{ yylval.num = IPSEC_POLICY_BYPASS; return(ACTION); }
YY_BREAK
case 15:
YY_RULE_SETUP
#line 125 "policy_token.l"
#line 128 "../../ipsec-tools/src/libipsec/policy_token.l"
{ yylval.num = IPSEC_POLICY_ENTRUST; return(ACTION); }
YY_BREAK
case 16:
YY_RULE_SETUP
#line 127 "policy_token.l"
#line 130 "../../ipsec-tools/src/libipsec/policy_token.l"
{ yylval.num = IPPROTO_ESP; return(PROTOCOL); }
YY_BREAK
case 17:
YY_RULE_SETUP
#line 128 "policy_token.l"
#line 131 "../../ipsec-tools/src/libipsec/policy_token.l"
{ yylval.num = IPPROTO_AH; return(PROTOCOL); }
YY_BREAK
case 18:
YY_RULE_SETUP
#line 129 "policy_token.l"
#line 132 "../../ipsec-tools/src/libipsec/policy_token.l"
{ yylval.num = IPPROTO_IPCOMP; return(PROTOCOL); }
YY_BREAK
case 19:
YY_RULE_SETUP
#line 131 "policy_token.l"
#line 134 "../../ipsec-tools/src/libipsec/policy_token.l"
{ yylval.num = IPSEC_MODE_TRANSPORT; return(MODE); }
YY_BREAK
case 20:
YY_RULE_SETUP
#line 132 "policy_token.l"
#line 135 "../../ipsec-tools/src/libipsec/policy_token.l"
{ yylval.num = IPSEC_MODE_TUNNEL; return(MODE); }
YY_BREAK
case 21:
YY_RULE_SETUP
#line 134 "policy_token.l"
#line 137 "../../ipsec-tools/src/libipsec/policy_token.l"
{ return(ME); }
YY_BREAK
case 22:
YY_RULE_SETUP
#line 135 "policy_token.l"
#line 138 "../../ipsec-tools/src/libipsec/policy_token.l"
{ return(ANY); }
YY_BREAK
case 23:
YY_RULE_SETUP
#line 137 "policy_token.l"
#line 140 "../../ipsec-tools/src/libipsec/policy_token.l"
{ yylval.num = IPSEC_LEVEL_DEFAULT; return(LEVEL); }
YY_BREAK
case 24:
YY_RULE_SETUP
#line 138 "policy_token.l"
#line 141 "../../ipsec-tools/src/libipsec/policy_token.l"
{ yylval.num = IPSEC_LEVEL_USE; return(LEVEL); }
YY_BREAK
case 25:
YY_RULE_SETUP
#line 139 "policy_token.l"
#line 142 "../../ipsec-tools/src/libipsec/policy_token.l"
{ yylval.num = IPSEC_LEVEL_REQUIRE; return(LEVEL); }
YY_BREAK
case 26:
YY_RULE_SETUP
#line 140 "policy_token.l"
#line 143 "../../ipsec-tools/src/libipsec/policy_token.l"
{
yylval.val.len = strlen(__libipsectext + 7);
yylval.val.buf = __libipsectext + 7;
@ -1038,17 +1052,17 @@ YY_RULE_SETUP
YY_BREAK
case 27:
YY_RULE_SETUP
#line 145 "policy_token.l"
#line 148 "../../ipsec-tools/src/libipsec/policy_token.l"
{ yylval.num = IPSEC_LEVEL_UNIQUE; return(LEVEL); }
YY_BREAK
case 28:
YY_RULE_SETUP
#line 146 "policy_token.l"
#line 149 "../../ipsec-tools/src/libipsec/policy_token.l"
{ return(SLASH); }
YY_BREAK
case 29:
YY_RULE_SETUP
#line 148 "policy_token.l"
#line 151 "../../ipsec-tools/src/libipsec/policy_token.l"
{
yylval.val.len = strlen(__libipsectext);
yylval.val.buf = __libipsectext;
@ -1057,12 +1071,12 @@ YY_RULE_SETUP
YY_BREAK
case 30:
YY_RULE_SETUP
#line 154 "policy_token.l"
#line 157 "../../ipsec-tools/src/libipsec/policy_token.l"
{ return(HYPHEN); }
YY_BREAK
case 31:
YY_RULE_SETUP
#line 156 "policy_token.l"
#line 159 "../../ipsec-tools/src/libipsec/policy_token.l"
{
/* Remove leading '[' and trailing ']' */
yylval.val.buf = __libipsectext + 1;
@ -1073,21 +1087,21 @@ YY_RULE_SETUP
YY_BREAK
case 32:
YY_RULE_SETUP
#line 164 "policy_token.l"
#line 167 "../../ipsec-tools/src/libipsec/policy_token.l"
{ ; }
YY_BREAK
case 33:
/* rule 33 can match eol */
YY_RULE_SETUP
#line 165 "policy_token.l"
#line 168 "../../ipsec-tools/src/libipsec/policy_token.l"
{ ; }
YY_BREAK
case 34:
YY_RULE_SETUP
#line 167 "policy_token.l"
#line 170 "../../ipsec-tools/src/libipsec/policy_token.l"
ECHO;
YY_BREAK
#line 1091 "policy_token.c"
#line 1105 "<stdout>"
case YY_STATE_EOF(INITIAL):
yyterminate();
@ -1229,9 +1243,9 @@ case YY_STATE_EOF(INITIAL):
*/
static int yy_get_next_buffer (void)
{
register char *dest = YY_CURRENT_BUFFER_LVALUE->yy_ch_buf;
register char *source = (yytext_ptr);
register int number_to_move, i;
char *dest = YY_CURRENT_BUFFER_LVALUE->yy_ch_buf;
char *source = (yytext_ptr);
int number_to_move, i;
int ret_val;
if ( (yy_c_buf_p) > &YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[(yy_n_chars) + 1] )
@ -1363,14 +1377,14 @@ static int yy_get_next_buffer (void)
static yy_state_type yy_get_previous_state (void)
{
register yy_state_type yy_current_state;
register char *yy_cp;
yy_state_type yy_current_state;
char *yy_cp;
yy_current_state = (yy_start);
for ( yy_cp = (yytext_ptr) + YY_MORE_ADJ; yy_cp < (yy_c_buf_p); ++yy_cp )
{
register YY_CHAR yy_c = (*yy_cp ? yy_ec[YY_SC_TO_UI(*yy_cp)] : 1);
YY_CHAR yy_c = (*yy_cp ? yy_ec[YY_SC_TO_UI(*yy_cp)] : 1);
if ( yy_accept[yy_current_state] )
{
(yy_last_accepting_state) = yy_current_state;
@ -1395,10 +1409,10 @@ static int yy_get_next_buffer (void)
*/
static yy_state_type yy_try_NUL_trans (yy_state_type yy_current_state )
{
register int yy_is_jam;
register char *yy_cp = (yy_c_buf_p);
int yy_is_jam;
char *yy_cp = (yy_c_buf_p);
register YY_CHAR yy_c = 1;
YY_CHAR yy_c = 1;
if ( yy_accept[yy_current_state] )
{
(yy_last_accepting_state) = yy_current_state;
@ -1814,7 +1828,7 @@ YY_BUFFER_STATE __libipsec_scan_bytes (yyconst char * yybytes, yy_size_t _yyby
YY_BUFFER_STATE b;
char *buf;
yy_size_t n;
int i;
yy_size_t i;
/* Get memory for full buffer, including space for trailing EOB's. */
n = _yybytes_len + 2;
@ -2003,7 +2017,7 @@ int __libipseclex_destroy (void)
#ifndef yytext_ptr
static void yy_flex_strncpy (char* s1, yyconst char * s2, int n )
{
register int i;
int i;
for ( i = 0; i < n; ++i )
s1[i] = s2[i];
}
@ -2012,7 +2026,7 @@ static void yy_flex_strncpy (char* s1, yyconst char * s2, int n )
#ifdef YY_NEED_STRLEN
static int yy_flex_strlen (yyconst char * s )
{
register int n;
int n;
for ( n = 0; s[n]; ++n )
;
@ -2044,7 +2058,7 @@ void __libipsecfree (void * ptr )
#define YYTABLES_NAME "yytables"
#line 167 "policy_token.l"
#line 170 "../../ipsec-tools/src/libipsec/policy_token.l"

3
ipsec-tools/src/libipsec/policy_token.l
View File

@ -32,6 +32,9 @@
*/
%{
#ifdef __rtems__
#include <machine/rtems-bsd-user-space.h>
#endif /* __rtems__ */
#ifdef HAVE_CONFIG_H
#include "config.h"
#endif

12
ipsec-tools/src/libipsec/test-policy.c
View File

@ -1,3 +1,5 @@
#include <machine/rtems-bsd-user-space.h>
/* $NetBSD: test-policy.c,v 1.4 2006/09/09 16:22:09 manu Exp $ */
/* $KAME: test-policy.c,v 1.16 2003/08/26 03:24:08 itojun Exp $ */
@ -51,7 +53,13 @@
struct req_t {
int result; /* expected result; 0:ok 1:ng */
char *str;
#ifndef __rtems__
} reqs[] = {
#else /* __rtems__ */
};
static const struct req_t reqs[] = {
#endif /* __rtems__ */
{ 0, "out ipsec" },
{ 1, "must_error" },
{ 1, "in ipsec must_error" },
@ -124,7 +132,11 @@ test1()
int
test1sub1(req)
#ifndef __rtems__
struct req_t *req;
#else /* __rtems__ */
const struct req_t *req;
#endif /* __rtems__ */
{
char *buf;

9
ipsec-tools/src/racoon/admin.c
View File

@ -1,3 +1,9 @@
#include <machine/rtems-bsd-user-space.h>
#ifdef __rtems__
#include <machine/rtems-bsd-program.h>
#include "rtems-bsd-racoon-namespace.h"
#endif /* __rtems__ */
/* $NetBSD: admin.c,v 1.38.4.1 2013/06/03 05:49:59 tteras Exp $ */
/* Id: admin.c,v 1.25 2006/04/06 14:31:04 manubsd Exp */
@ -773,3 +779,6 @@ admin_close()
}
#endif
#ifdef __rtems__
#include "rtems-bsd-racoon-admin-data.h"
#endif /* __rtems__ */

9
ipsec-tools/src/racoon/algorithm.c
View File

@ -1,3 +1,9 @@
#include <machine/rtems-bsd-user-space.h>
#ifdef __rtems__
#include <machine/rtems-bsd-program.h>
#include "rtems-bsd-racoon-namespace.h"
#endif /* __rtems__ */
/* $NetBSD: algorithm.c,v 1.8 2006/10/06 12:02:27 manu Exp $ */
/* Id: algorithm.c,v 1.15 2006/05/23 20:23:09 manubsd Exp */
@ -955,3 +961,6 @@ algclass2doi(class)
/*NOTREACHED*/
return -1;
}
#ifdef __rtems__
#include "rtems-bsd-racoon-algorithm-data.h"
#endif /* __rtems__ */

4
ipsec-tools/src/racoon/algorithm.h
View File

@ -34,7 +34,11 @@
#ifndef _ALGORITHM_H
#define _ALGORITHM_H
#ifndef __rtems__
#include <gnuc.h>
#else /* __rtems__ */
#include "gnuc.h"
#endif /* __rtems__ */
/* algorithm class */
enum {

12
ipsec-tools/src/racoon/backupsa.c
View File

@ -1,3 +1,9 @@
#include <machine/rtems-bsd-user-space.h>
#ifdef __rtems__
#include <machine/rtems-bsd-program.h>
#include "rtems-bsd-racoon-namespace.h"
#endif /* __rtems__ */
/* $NetBSD: backupsa.c,v 1.10 2010/04/02 15:15:00 christos Exp $ */
/* $KAME: backupsa.c,v 1.16 2001/12/31 20:13:40 thorpej Exp $ */
@ -36,6 +42,9 @@
#include <sys/types.h>
#include <sys/param.h>
#include <sys/socket.h>
#ifdef __rtems__
#define strtouq strtoull
#endif /* __rtems__ */
#include <stdlib.h>
#include <stdio.h>
@ -467,3 +476,6 @@ main()
exit(0);
}
#endif
#ifdef __rtems__
#include "rtems-bsd-racoon-backupsa-data.h"
#endif /* __rtems__ */

8782
ipsec-tools/src/racoon/cfparse.c
View File

File diff suppressed because it is too large Load Diff

606
ipsec-tools/src/racoon/cfparse.h
View File

@ -1,434 +1,186 @@
/* A Bison parser, made by GNU Bison 2.6.2. */
/* Bison interface for Yacc-like parsers in C
Copyright (C) 1984, 1989-1990, 2000-2012 Free Software Foundation, Inc.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>. */
/* As a special exception, you may create a larger work that contains
part or all of the Bison parser skeleton and distribute that work
under terms of your choice, so long as that work isn't itself a
parser generator using the skeleton or a modified version thereof
as a parser skeleton. Alternatively, if you modify or redistribute
the parser skeleton itself, you may (at your option) remove this
special exception, which will cause the skeleton and the resulting
Bison output files to be licensed under the GNU General Public
License without this special exception.
This special exception was added by the Free Software Foundation in
version 2.2 of Bison. */
#ifndef YY_CFPARSE_H
# define YY_CFPARSE_H
/* Enabling traces. */
#ifndef YYDEBUG
# define YYDEBUG 0
#define PRIVSEP 257
#define USER 258
#define GROUP 259
#define CHROOT 260
#define PATH 261
#define PATHTYPE 262
#define INCLUDE 263
#define PFKEY_BUFFER 264
#define LOGGING 265
#define LOGLEV 266
#define PADDING 267
#define PAD_RANDOMIZE 268
#define PAD_RANDOMIZELEN 269
#define PAD_MAXLEN 270
#define PAD_STRICT 271
#define PAD_EXCLTAIL 272
#define LISTEN 273
#define X_ISAKMP 274
#define X_ISAKMP_NATT 275
#define X_ADMIN 276
#define STRICT_ADDRESS 277
#define ADMINSOCK 278
#define DISABLED 279
#define LDAPCFG 280
#define LDAP_HOST 281
#define LDAP_PORT 282
#define LDAP_PVER 283
#define LDAP_BASE 284
#define LDAP_BIND_DN 285
#define LDAP_BIND_PW 286
#define LDAP_SUBTREE 287
#define LDAP_ATTR_USER 288
#define LDAP_ATTR_ADDR 289
#define LDAP_ATTR_MASK 290
#define LDAP_ATTR_GROUP 291
#define LDAP_ATTR_MEMBER 292
#define RADCFG 293
#define RAD_AUTH 294
#define RAD_ACCT 295
#define RAD_TIMEOUT 296
#define RAD_RETRIES 297
#define MODECFG 298
#define CFG_NET4 299
#define CFG_MASK4 300
#define CFG_DNS4 301
#define CFG_NBNS4 302
#define CFG_DEFAULT_DOMAIN 303
#define CFG_AUTH_SOURCE 304
#define CFG_AUTH_GROUPS 305
#define CFG_SYSTEM 306
#define CFG_RADIUS 307
#define CFG_PAM 308
#define CFG_LDAP 309
#define CFG_LOCAL 310
#define CFG_NONE 311
#define CFG_GROUP_SOURCE 312
#define CFG_ACCOUNTING 313
#define CFG_CONF_SOURCE 314
#define CFG_MOTD 315
#define CFG_POOL_SIZE 316
#define CFG_AUTH_THROTTLE 317
#define CFG_SPLIT_NETWORK 318
#define CFG_SPLIT_LOCAL 319
#define CFG_SPLIT_INCLUDE 320
#define CFG_SPLIT_DNS 321
#define CFG_PFS_GROUP 322
#define CFG_SAVE_PASSWD 323
#define RETRY 324
#define RETRY_COUNTER 325
#define RETRY_INTERVAL 326
#define RETRY_PERSEND 327
#define RETRY_PHASE1 328
#define RETRY_PHASE2 329
#define NATT_KA 330
#define ALGORITHM_CLASS 331
#define ALGORITHMTYPE 332
#define STRENGTHTYPE 333
#define SAINFO 334
#define FROM 335
#define REMOTE 336
#define ANONYMOUS 337
#define CLIENTADDR 338
#define INHERIT 339
#define REMOTE_ADDRESS 340
#define EXCHANGE_MODE 341
#define EXCHANGETYPE 342
#define DOI 343
#define DOITYPE 344
#define SITUATION 345
#define SITUATIONTYPE 346
#define CERTIFICATE_TYPE 347
#define CERTTYPE 348
#define PEERS_CERTFILE 349
#define CA_TYPE 350
#define VERIFY_CERT 351
#define SEND_CERT 352
#define SEND_CR 353
#define MATCH_EMPTY_CR 354
#define IDENTIFIERTYPE 355
#define IDENTIFIERQUAL 356
#define MY_IDENTIFIER 357
#define PEERS_IDENTIFIER 358
#define VERIFY_IDENTIFIER 359
#define DNSSEC 360
#define CERT_X509 361
#define CERT_PLAINRSA 362
#define NONCE_SIZE 363
#define DH_GROUP 364
#define KEEPALIVE 365
#define PASSIVE 366
#define INITIAL_CONTACT 367
#define NAT_TRAVERSAL 368
#define REMOTE_FORCE_LEVEL 369
#define PROPOSAL_CHECK 370
#define PROPOSAL_CHECK_LEVEL 371
#define GENERATE_POLICY 372
#define GENERATE_LEVEL 373
#define SUPPORT_PROXY 374
#define PROPOSAL 375
#define EXEC_PATH 376
#define EXEC_COMMAND 377
#define EXEC_SUCCESS 378
#define EXEC_FAILURE 379
#define GSS_ID 380
#define GSS_ID_ENC 381
#define GSS_ID_ENCTYPE 382
#define COMPLEX_BUNDLE 383
#define DPD 384
#define DPD_DELAY 385
#define DPD_RETRY 386
#define DPD_MAXFAIL 387
#define PH1ID 388
#define XAUTH_LOGIN 389
#define WEAK_PHASE1_CHECK 390
#define REKEY 391
#define PREFIX 392
#define PORT 393
#define PORTANY 394
#define UL_PROTO 395
#define ANY 396
#define IKE_FRAG 397
#define ESP_FRAG 398
#define MODE_CFG 399
#define PFS_GROUP 400
#define LIFETIME 401
#define LIFETYPE_TIME 402
#define LIFETYPE_BYTE 403
#define STRENGTH 404
#define REMOTEID 405
#define SCRIPT 406
#define PHASE1_UP 407
#define PHASE1_DOWN 408
#define PHASE1_DEAD 409
#define NUMBER 410
#define SWITCH 411
#define BOOLEAN 412
#define HEXSTRING 413
#define QUOTEDSTRING 414
#define ADDRSTRING 415
#define ADDRRANGE 416
#define UNITTYPE_BYTE 417
#define UNITTYPE_KBYTES 418
#define UNITTYPE_MBYTES 419
#define UNITTYPE_TBYTES 420
#define UNITTYPE_SEC 421
#define UNITTYPE_MIN 422
#define UNITTYPE_HOUR 423
#define EOS 424
#define BOC 425
#define EOC 426
#define COMMA 427
#ifdef YYSTYPE
#undef YYSTYPE_IS_DECLARED
#define YYSTYPE_IS_DECLARED 1
#endif
#if YYDEBUG
extern int yydebug;
#endif
/* Tokens. */
#ifndef YYTOKENTYPE
# define YYTOKENTYPE
/* Put the tokens into the symbol table, so that GDB and other debuggers
know about them. */
enum yytokentype {
PRIVSEP = 258,
USER = 259,
GROUP = 260,
CHROOT = 261,
PATH = 262,
PATHTYPE = 263,
INCLUDE = 264,
PFKEY_BUFFER = 265,
LOGGING = 266,
LOGLEV = 267,
PADDING = 268,
PAD_RANDOMIZE = 269,
PAD_RANDOMIZELEN = 270,
PAD_MAXLEN = 271,
PAD_STRICT = 272,
PAD_EXCLTAIL = 273,
LISTEN = 274,
X_ISAKMP = 275,
X_ISAKMP_NATT = 276,
X_ADMIN = 277,
STRICT_ADDRESS = 278,
ADMINSOCK = 279,
DISABLED = 280,
LDAPCFG = 281,
LDAP_HOST = 282,
LDAP_PORT = 283,
LDAP_PVER = 284,
LDAP_BASE = 285,
LDAP_BIND_DN = 286,
LDAP_BIND_PW = 287,
LDAP_SUBTREE = 288,
LDAP_ATTR_USER = 289,
LDAP_ATTR_ADDR = 290,
LDAP_ATTR_MASK = 291,
LDAP_ATTR_GROUP = 292,
LDAP_ATTR_MEMBER = 293,
RADCFG = 294,
RAD_AUTH = 295,
RAD_ACCT = 296,
RAD_TIMEOUT = 297,
RAD_RETRIES = 298,
MODECFG = 299,
CFG_NET4 = 300,
CFG_MASK4 = 301,
CFG_DNS4 = 302,
CFG_NBNS4 = 303,
CFG_DEFAULT_DOMAIN = 304,
CFG_AUTH_SOURCE = 305,
CFG_AUTH_GROUPS = 306,
CFG_SYSTEM = 307,
CFG_RADIUS = 308,
CFG_PAM = 309,
CFG_LDAP = 310,
CFG_LOCAL = 311,
CFG_NONE = 312,
CFG_GROUP_SOURCE = 313,
CFG_ACCOUNTING = 314,
CFG_CONF_SOURCE = 315,
CFG_MOTD = 316,
CFG_POOL_SIZE = 317,
CFG_AUTH_THROTTLE = 318,
CFG_SPLIT_NETWORK = 319,
CFG_SPLIT_LOCAL = 320,
CFG_SPLIT_INCLUDE = 321,
CFG_SPLIT_DNS = 322,
CFG_PFS_GROUP = 323,
CFG_SAVE_PASSWD = 324,
RETRY = 325,
RETRY_COUNTER = 326,
RETRY_INTERVAL = 327,
RETRY_PERSEND = 328,
RETRY_PHASE1 = 329,
RETRY_PHASE2 = 330,
NATT_KA = 331,
ALGORITHM_CLASS = 332,
ALGORITHMTYPE = 333,
STRENGTHTYPE = 334,
SAINFO = 335,
FROM = 336,
REMOTE = 337,
ANONYMOUS = 338,
CLIENTADDR = 339,
INHERIT = 340,
REMOTE_ADDRESS = 341,
EXCHANGE_MODE = 342,
EXCHANGETYPE = 343,
DOI = 344,
DOITYPE = 345,
SITUATION = 346,
SITUATIONTYPE = 347,
CERTIFICATE_TYPE = 348,
CERTTYPE = 349,
PEERS_CERTFILE = 350,
CA_TYPE = 351,
VERIFY_CERT = 352,
SEND_CERT = 353,
SEND_CR = 354,
MATCH_EMPTY_CR = 355,
IDENTIFIERTYPE = 356,
IDENTIFIERQUAL = 357,
MY_IDENTIFIER = 358,
PEERS_IDENTIFIER = 359,
VERIFY_IDENTIFIER = 360,
DNSSEC = 361,
CERT_X509 = 362,
CERT_PLAINRSA = 363,
NONCE_SIZE = 364,
DH_GROUP = 365,
KEEPALIVE = 366,
PASSIVE = 367,
INITIAL_CONTACT = 368,
NAT_TRAVERSAL = 369,
REMOTE_FORCE_LEVEL = 370,
PROPOSAL_CHECK = 371,
PROPOSAL_CHECK_LEVEL = 372,
GENERATE_POLICY = 373,
GENERATE_LEVEL = 374,
SUPPORT_PROXY = 375,
PROPOSAL = 376,
EXEC_PATH = 377,
EXEC_COMMAND = 378,
EXEC_SUCCESS = 379,
EXEC_FAILURE = 380,
GSS_ID = 381,
GSS_ID_ENC = 382,
GSS_ID_ENCTYPE = 383,
COMPLEX_BUNDLE = 384,
DPD = 385,
DPD_DELAY = 386,
DPD_RETRY = 387,
DPD_MAXFAIL = 388,
PH1ID = 389,
XAUTH_LOGIN = 390,
WEAK_PHASE1_CHECK = 391,
REKEY = 392,
PREFIX = 393,
PORT = 394,
PORTANY = 395,
UL_PROTO = 396,
ANY = 397,
IKE_FRAG = 398,
ESP_FRAG = 399,
MODE_CFG = 400,
PFS_GROUP = 401,
LIFETIME = 402,
LIFETYPE_TIME = 403,
LIFETYPE_BYTE = 404,
STRENGTH = 405,
REMOTEID = 406,
SCRIPT = 407,
PHASE1_UP = 408,
PHASE1_DOWN = 409,
PHASE1_DEAD = 410,
NUMBER = 411,
SWITCH = 412,
BOOLEAN = 413,
HEXSTRING = 414,
QUOTEDSTRING = 415,
ADDRSTRING = 416,
ADDRRANGE = 417,
UNITTYPE_BYTE = 418,
UNITTYPE_KBYTES = 419,
UNITTYPE_MBYTES = 420,
UNITTYPE_TBYTES = 421,
UNITTYPE_SEC = 422,
UNITTYPE_MIN = 423,
UNITTYPE_HOUR = 424,
EOS = 425,
BOC = 426,
EOC = 427,
COMMA = 428
};
#endif
/* Tokens. */
#define PRIVSEP 258
#define USER 259
#define GROUP 260
#define CHROOT 261
#define PATH 262
#define PATHTYPE 263
#define INCLUDE 264
#define PFKEY_BUFFER 265
#define LOGGING 266
#define LOGLEV 267
#define PADDING 268
#define PAD_RANDOMIZE 269
#define PAD_RANDOMIZELEN 270
#define PAD_MAXLEN 271
#define PAD_STRICT 272
#define PAD_EXCLTAIL 273
#define LISTEN 274
#define X_ISAKMP 275
#define X_ISAKMP_NATT 276
#define X_ADMIN 277
#define STRICT_ADDRESS 278
#define ADMINSOCK 279
#define DISABLED 280
#define LDAPCFG 281
#define LDAP_HOST 282
#define LDAP_PORT 283
#define LDAP_PVER 284
#define LDAP_BASE 285
#define LDAP_BIND_DN 286
#define LDAP_BIND_PW 287
#define LDAP_SUBTREE 288
#define LDAP_ATTR_USER 289
#define LDAP_ATTR_ADDR 290
#define LDAP_ATTR_MASK 291
#define LDAP_ATTR_GROUP 292
#define LDAP_ATTR_MEMBER 293
#define RADCFG 294
#define RAD_AUTH 295
#define RAD_ACCT 296
#define RAD_TIMEOUT 297
#define RAD_RETRIES 298
#define MODECFG 299
#define CFG_NET4 300
#define CFG_MASK4 301
#define CFG_DNS4 302
#define CFG_NBNS4 303
#define CFG_DEFAULT_DOMAIN 304
#define CFG_AUTH_SOURCE 305
#define CFG_AUTH_GROUPS 306
#define CFG_SYSTEM 307
#define CFG_RADIUS 308
#define CFG_PAM 309
#define CFG_LDAP 310
#define CFG_LOCAL 311
#define CFG_NONE 312
#define CFG_GROUP_SOURCE 313
#define CFG_ACCOUNTING 314
#define CFG_CONF_SOURCE 315
#define CFG_MOTD 316
#define CFG_POOL_SIZE 317
#define CFG_AUTH_THROTTLE 318
#define CFG_SPLIT_NETWORK 319
#define CFG_SPLIT_LOCAL 320
#define CFG_SPLIT_INCLUDE 321
#define CFG_SPLIT_DNS 322
#define CFG_PFS_GROUP 323
#define CFG_SAVE_PASSWD 324
#define RETRY 325
#define RETRY_COUNTER 326
#define RETRY_INTERVAL 327
#define RETRY_PERSEND 328
#define RETRY_PHASE1 329
#define RETRY_PHASE2 330
#define NATT_KA 331
#define ALGORITHM_CLASS 332
#define ALGORITHMTYPE 333
#define STRENGTHTYPE 334
#define SAINFO 335
#define FROM 336
#define REMOTE 337
#define ANONYMOUS 338
#define CLIENTADDR 339
#define INHERIT 340
#define REMOTE_ADDRESS 341
#define EXCHANGE_MODE 342
#define EXCHANGETYPE 343
#define DOI 344
#define DOITYPE 345
#define SITUATION 346
#define SITUATIONTYPE 347
#define CERTIFICATE_TYPE 348
#define CERTTYPE 349
#define PEERS_CERTFILE 350
#define CA_TYPE 351
#define VERIFY_CERT 352
#define SEND_CERT 353
#define SEND_CR 354
#define MATCH_EMPTY_CR 355
#define IDENTIFIERTYPE 356
#define IDENTIFIERQUAL 357
#define MY_IDENTIFIER 358
#define PEERS_IDENTIFIER 359
#define VERIFY_IDENTIFIER 360
#define DNSSEC 361
#define CERT_X509 362
#define CERT_PLAINRSA 363
#define NONCE_SIZE 364
#define DH_GROUP 365
#define KEEPALIVE 366
#define PASSIVE 367
#define INITIAL_CONTACT 368
#define NAT_TRAVERSAL 369
#define REMOTE_FORCE_LEVEL 370
#define PROPOSAL_CHECK 371
#define PROPOSAL_CHECK_LEVEL 372
#define GENERATE_POLICY 373
#define GENERATE_LEVEL 374
#define SUPPORT_PROXY 375
#define PROPOSAL 376
#define EXEC_PATH 377
#define EXEC_COMMAND 378
#define EXEC_SUCCESS 379
#define EXEC_FAILURE 380
#define GSS_ID 381
#define GSS_ID_ENC 382
#define GSS_ID_ENCTYPE 383
#define COMPLEX_BUNDLE 384
#define DPD 385
#define DPD_DELAY 386
#define DPD_RETRY 387
#define DPD_MAXFAIL 388
#define PH1ID 389
#define XAUTH_LOGIN 390
#define WEAK_PHASE1_CHECK 391
#define REKEY 392
#define PREFIX 393
#define PORT 394
#define PORTANY 395
#define UL_PROTO 396
#define ANY 397
#define IKE_FRAG 398
#define ESP_FRAG 399
#define MODE_CFG 400
#define PFS_GROUP 401
#define LIFETIME 402
#define LIFETYPE_TIME 403
#define LIFETYPE_BYTE 404
#define STRENGTH 405
#define REMOTEID 406
#define SCRIPT 407
#define PHASE1_UP 408
#define PHASE1_DOWN 409
#define PHASE1_DEAD 410
#define NUMBER 411
#define SWITCH 412
#define BOOLEAN 413
#define HEXSTRING 414
#define QUOTEDSTRING 415
#define ADDRSTRING 416
#define ADDRRANGE 417
#define UNITTYPE_BYTE 418
#define UNITTYPE_KBYTES 419
#define UNITTYPE_MBYTES 420
#define UNITTYPE_TBYTES 421
#define UNITTYPE_SEC 422
#define UNITTYPE_MIN 423
#define UNITTYPE_HOUR 424
#define EOS 425
#define BOC 426
#define EOC 427
#define COMMA 428
#if ! defined YYSTYPE && ! defined YYSTYPE_IS_DECLARED
typedef union YYSTYPE
{
/* Line 2049 of yacc.c */
#line 247 "cfparse.y"
#ifndef YYSTYPE_IS_DECLARED
#define YYSTYPE_IS_DECLARED 1
typedef union {
unsigned long num;
vchar_t *val;
struct remoteconf *rmconf;
struct sockaddr *saddr;
struct sainfoalg *alg;
/* Line 2049 of yacc.c */
#line 412 "cfparse.h"
} YYSTYPE;
# define YYSTYPE_IS_TRIVIAL 1
# define yystype YYSTYPE /* obsolescent; will be withdrawn */
# define YYSTYPE_IS_DECLARED 1
#endif
extern YYSTYPE yylval;
#ifdef YYPARSE_PARAM
#if defined __STDC__ || defined __cplusplus
int yyparse (void *YYPARSE_PARAM);
#else
int yyparse ();
#endif
#else /* ! YYPARSE_PARAM */
#if defined __STDC__ || defined __cplusplus
int yyparse (void);
#else
int yyparse ();
#endif
#endif /* ! YYPARSE_PARAM */
#endif /* !YY_CFPARSE_H */
#endif /* !YYSTYPE_IS_DECLARED */
extern YYSTYPE racoonyylval;

5
ipsec-tools/src/racoon/cfparse_wrapper.c Normal file
View File

@ -0,0 +1,5 @@
#include <machine/rtems-bsd-user-space.h>
#include <machine/rtems-bsd-program.h>
#include "rtems-bsd-racoon-namespace.h"
#include "cfparse.c"
#include "rtems-bsd-racoon-cfparse_wrapper-data.h"

1142
ipsec-tools/src/racoon/cftoken.c
View File

File diff suppressed because it is too large Load Diff

13
ipsec-tools/src/racoon/cftoken_proto.h
View File

@ -34,6 +34,19 @@
#ifndef _CFTOKEN_PROTO_H
#define _CFTOKEN_PROTO_H
#ifdef __rtems__
#define yylval racoonyylval
#define yyerror racoonyyerror
#define yywrap racoonyywrap
/*
* No idea where yywrap is defined for racoon on FreeBSD but after compilation it
* just is implemented as a function that always returns 1.
*/
static inline int yywrap()
{
return 1;
}
#endif /* __rtems__ */
extern int yyerrorcount;
extern int yylex __P((void));

5
ipsec-tools/src/racoon/cftoken_wrapper.c Normal file
View File

@ -0,0 +1,5 @@
#include <machine/rtems-bsd-user-space.h>
#include <machine/rtems-bsd-program.h>
#include "rtems-bsd-racoon-namespace.h"
#include "cftoken.c"
#include "rtems-bsd-racoon-cftoken_wrapper-data.h"

1
ipsec-tools/src/racoon/config.h Normal file
View File

@ -0,0 +1 @@
#include "../config.h"

16
ipsec-tools/src/racoon/crypto_openssl.c
View File

@ -1,3 +1,9 @@
#include <machine/rtems-bsd-user-space.h>
#ifdef __rtems__
#include <machine/rtems-bsd-program.h>
#include "rtems-bsd-racoon-namespace.h"
#endif /* __rtems__ */
/* $NetBSD: crypto_openssl.c,v 1.20.4.3 2012/12/24 14:50:39 tteras Exp $ */
/* Id: crypto_openssl.c,v 1.47 2006/05/06 20:42:09 manubsd Exp */
@ -86,7 +92,14 @@
#ifdef HAVE_OPENSSL_SHA2_H
#include <openssl/sha2.h>
#else
#ifndef __rtems__
#include "crypto/sha2/sha2.h"
#else /* __rtems__ */
#define SHA384_Init _bsd_SHA384_Init
#define SHA384_Update _bsd_SHA384_Update
#define SHA384_Final _bsd_SHA384_Final
#include <openssl/sha2/sha384.h>
#endif /* __rtems__ */
#endif
#endif
#include "plog.h"
@ -2584,3 +2597,6 @@ eay_version()
{
return SSLeay_version(SSLEAY_VERSION);
}
#ifdef __rtems__
#include "rtems-bsd-racoon-crypto_openssl-data.h"
#endif /* __rtems__ */

9
ipsec-tools/src/racoon/dnssec.c
View File

@ -1,3 +1,9 @@
#include <machine/rtems-bsd-user-space.h>
#ifdef __rtems__
#include <machine/rtems-bsd-program.h>
#include "rtems-bsd-racoon-namespace.h"
#endif /* __rtems__ */
/* $NetBSD: dnssec.c,v 1.5 2009/03/12 10:57:26 tteras Exp $ */
/* $KAME: dnssec.c,v 1.2 2001/08/05 18:46:07 itojun Exp $ */
@ -135,3 +141,6 @@ err:
freecertinfo(res);
return cert;
}
#ifdef __rtems__
#include "rtems-bsd-racoon-dnssec-data.h"
#endif /* __rtems__ */

2
ipsec-tools/src/racoon/eaytest.c
View File

@ -1,3 +1,5 @@
#include <machine/rtems-bsd-user-space.h>
/* $NetBSD: eaytest.c,v 1.10 2010/01/17 23:02:48 wiz Exp $ */
/* Id: eaytest.c,v 1.22 2005/06/19 18:02:54 manubsd Exp */

9
ipsec-tools/src/racoon/evt.c
View File

@ -1,3 +1,9 @@
#include <machine/rtems-bsd-user-space.h>
#ifdef __rtems__
#include <machine/rtems-bsd-program.h>
#include "rtems-bsd-racoon-namespace.h"
#endif /* __rtems__ */
/* $NetBSD: evt.c,v 1.10 2010/10/21 06:15:28 tteras Exp $ */
/* Id: evt.c,v 1.5 2006/06/22 20:11:35 manubsd Exp */
@ -397,3 +403,6 @@ evt_list_cleanup(list)
}
#endif /* ENABLE_ADMINPORT */
#ifdef __rtems__
#include "rtems-bsd-racoon-evt-data.h"
#endif /* __rtems__ */

9
ipsec-tools/src/racoon/genlist.c
View File

@ -1,3 +1,9 @@
#include <machine/rtems-bsd-user-space.h>
#ifdef __rtems__
#include <machine/rtems-bsd-program.h>
#include "rtems-bsd-racoon-namespace.h"
#endif /* __rtems__ */
/* $NetBSD: genlist.c,v 1.4 2006/09/09 16:22:09 manu Exp $ */
/* Id: genlist.c,v 1.2 2004/07/12 20:43:50 ludvigm Exp */
@ -172,3 +178,6 @@ int main()
return 0;
}
#endif
#ifdef __rtems__
#include "rtems-bsd-racoon-genlist-data.h"
#endif /* __rtems__ */

9
ipsec-tools/src/racoon/getcertsbyname.c
View File

@ -1,3 +1,9 @@
#include <machine/rtems-bsd-user-space.h>
#ifdef __rtems__
#include <machine/rtems-bsd-program.h>
#include "rtems-bsd-racoon-namespace.h"
#endif /* __rtems__ */
/* $NetBSD: getcertsbyname.c,v 1.4 2006/09/09 16:22:09 manu Exp $ */
/* $KAME: getcertsbyname.c,v 1.7 2001/11/16 04:12:59 sakane Exp $ */
@ -416,3 +422,6 @@ main(ac, av)
exit(0);
}
#endif
#ifdef __rtems__
#include "rtems-bsd-racoon-getcertsbyname-data.h"
#endif /* __rtems__ */

9
ipsec-tools/src/racoon/grabmyaddr.c
View File

@ -1,3 +1,9 @@
#include <machine/rtems-bsd-user-space.h>
#ifdef __rtems__
#include <machine/rtems-bsd-program.h>
#include "rtems-bsd-racoon-namespace.h"
#endif /* __rtems__ */
/* $NetBSD: grabmyaddr.c,v 1.28.2.2 2013/04/12 09:53:52 tteras Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@ -879,3 +885,6 @@ kernel_sync()
#error No supported interface to monitor local addresses.
#endif
#ifdef __rtems__
#include "rtems-bsd-racoon-grabmyaddr-data.h"
#endif /* __rtems__ */

9
ipsec-tools/src/racoon/gssapi.c
View File

@ -1,3 +1,9 @@
#include <machine/rtems-bsd-user-space.h>
#ifdef __rtems__
#include <machine/rtems-bsd-program.h>
#include "rtems-bsd-racoon-namespace.h"
#endif /* __rtems__ */
/* $NetBSD: gssapi.c,v 1.4 2006/09/09 16:22:09 manu Exp $ */
/* $KAME: gssapi.c,v 1.19 2001/04/03 15:51:55 thorpej Exp $ */
@ -752,3 +758,6 @@ gssapi_get_id(struct ph1handle *iph1)
#else
int __gssapi_dUmMy;
#endif
#ifdef __rtems__
#include "rtems-bsd-racoon-gssapi-data.h"
#endif /* __rtems__ */

9
ipsec-tools/src/racoon/handler.c
View File

@ -1,3 +1,9 @@
#include <machine/rtems-bsd-user-space.h>
#ifdef __rtems__
#include <machine/rtems-bsd-program.h>
#include "rtems-bsd-racoon-namespace.h"
#endif /* __rtems__ */
/* $NetBSD: handler.c,v 1.39.2.1 2011/11/17 14:46:31 vanhu Exp $ */
/* Id: handler.c,v 1.28 2006/05/26 12:17:29 manubsd Exp */
@ -1581,3 +1587,6 @@ purgeph1bylogin(login)
return found;
}
#endif
#ifdef __rtems__
#include "rtems-bsd-racoon-handler-data.h"
#endif /* __rtems__ */

9
ipsec-tools/src/racoon/ipsec_doi.c
View File

@ -1,3 +1,9 @@
#include <machine/rtems-bsd-user-space.h>
#ifdef __rtems__
#include <machine/rtems-bsd-program.h>
#include "rtems-bsd-racoon-namespace.h"
#endif /* __rtems__ */
/* $NetBSD: ipsec_doi.c,v 1.46.4.1 2013/06/18 05:40:36 tteras Exp $ */
/* Id: ipsec_doi.c,v 1.55 2006/08/17 09:20:41 vanhu Exp */
@ -4794,3 +4800,6 @@ doi2idtype(doi)
}
/*NOTREACHED*/
}
#ifdef __rtems__
#include "rtems-bsd-racoon-ipsec_doi-data.h"
#endif /* __rtems__ */

9
ipsec-tools/src/racoon/isakmp.c
View File

@ -1,3 +1,9 @@
#include <machine/rtems-bsd-user-space.h>
#ifdef __rtems__
#include <machine/rtems-bsd-program.h>
#include "rtems-bsd-racoon-namespace.h"
#endif /* __rtems__ */
/* $NetBSD: isakmp.c,v 1.71.2.2 2012/08/29 08:55:26 tteras Exp $ */
/* Id: isakmp.c,v 1.74 2006/05/07 21:32:59 manubsd Exp */
@ -3698,3 +3704,6 @@ setscopeid(sp_addr0, sa_addr0)
return 0;
}
#endif
#ifdef __rtems__
#include "rtems-bsd-racoon-isakmp-data.h"
#endif /* __rtems__ */

9
ipsec-tools/src/racoon/isakmp_agg.c
View File

@ -1,3 +1,9 @@
#include <machine/rtems-bsd-user-space.h>
#ifdef __rtems__
#include <machine/rtems-bsd-program.h>
#include "rtems-bsd-racoon-namespace.h"
#endif /* __rtems__ */
/* $NetBSD: isakmp_agg.c,v 1.16 2009/09/18 10:31:11 tteras Exp $ */
/* Id: isakmp_agg.c,v 1.28 2006/04/06 16:46:08 manubsd Exp */
@ -1449,3 +1455,6 @@ agg_r2send(iph1, msg)
end:
return error;
}
#ifdef __rtems__
#include "rtems-bsd-racoon-isakmp_agg-data.h"
#endif /* __rtems__ */

9
ipsec-tools/src/racoon/isakmp_base.c
View File

@ -1,3 +1,9 @@
#include <machine/rtems-bsd-user-space.h>
#ifdef __rtems__
#include <machine/rtems-bsd-program.h>
#include "rtems-bsd-racoon-namespace.h"
#endif /* __rtems__ */
/* $NetBSD: isakmp_base.c,v 1.12 2009/03/12 10:57:26 tteras Exp $ */
/* $KAME: isakmp_base.c,v 1.49 2003/11/13 02:30:20 sakane Exp $ */
@ -1392,3 +1398,6 @@ end:
vfree(vid);
return error;
}
#ifdef __rtems__
#include "rtems-bsd-racoon-isakmp_base-data.h"
#endif /* __rtems__ */

2
ipsec-tools/src/racoon/isakmp_cfg.c
View File

@ -1,3 +1,5 @@
#include <machine/rtems-bsd-user-space.h>
/* $NetBSD: isakmp_cfg.c,v 1.24.4.1 2013/04/12 10:04:21 tteras Exp $ */
/* Id: isakmp_cfg.c,v 1.55 2006/08/22 18:17:17 manubsd Exp */

9
ipsec-tools/src/racoon/isakmp_frag.c
View File

@ -1,3 +1,9 @@
#include <machine/rtems-bsd-user-space.h>
#ifdef __rtems__
#include <machine/rtems-bsd-program.h>
#include "rtems-bsd-racoon-namespace.h"
#endif /* __rtems__ */
/* $NetBSD: isakmp_frag.c,v 1.7 2017/07/23 05:40:27 christos Exp $ */
/* Id: isakmp_frag.c,v 1.4 2004/11/13 17:31:36 manubsd Exp */
@ -390,3 +396,6 @@ isakmp_frag_addcap(buf, cap)
return buf;
}
#ifdef __rtems__
#include "rtems-bsd-racoon-isakmp_frag-data.h"
#endif /* __rtems__ */

9
ipsec-tools/src/racoon/isakmp_ident.c
View File

@ -1,3 +1,9 @@
#include <machine/rtems-bsd-user-space.h>
#ifdef __rtems__
#include <machine/rtems-bsd-program.h>
#include "rtems-bsd-racoon-namespace.h"
#endif /* __rtems__ */
/* $NetBSD: isakmp_ident.c,v 1.13 2009/09/18 10:31:11 tteras Exp $ */
/* Id: isakmp_ident.c,v 1.21 2006/04/06 16:46:08 manubsd Exp */
@ -1898,3 +1904,6 @@ ident_recv_n(iph1, gen)
return 0;
}
#ifdef __rtems__
#include "rtems-bsd-racoon-isakmp_ident-data.h"
#endif /* __rtems__ */

9
ipsec-tools/src/racoon/isakmp_inf.c
View File

@ -1,3 +1,9 @@
#include <machine/rtems-bsd-user-space.h>
#ifdef __rtems__
#include <machine/rtems-bsd-program.h>
#include "rtems-bsd-racoon-namespace.h"
#endif /* __rtems__ */
/* $NetBSD: isakmp_inf.c,v 1.47.2.3 2013/04/12 09:53:52 tteras Exp $ */
/* Id: isakmp_inf.c,v 1.44 2006/05/06 20:45:52 manubsd Exp */
@ -1604,3 +1610,6 @@ isakmp_sched_r_u(iph1, retry)
return 0;
}
#endif
#ifdef __rtems__
#include "rtems-bsd-racoon-isakmp_inf-data.h"
#endif /* __rtems__ */

9
ipsec-tools/src/racoon/isakmp_newg.c
View File

@ -1,3 +1,9 @@
#include <machine/rtems-bsd-user-space.h>
#ifdef __rtems__
#include <machine/rtems-bsd-program.h>
#include "rtems-bsd-racoon-namespace.h"
#endif /* __rtems__ */
/* $NetBSD: isakmp_newg.c,v 1.4 2006/09/09 16:22:09 manu Exp $ */
/* $KAME: isakmp_newg.c,v 1.10 2002/09/27 05:55:52 itojun Exp $ */
@ -230,3 +236,6 @@ end:
return 0;
}
#ifdef __rtems__
#include "rtems-bsd-racoon-isakmp_newg-data.h"
#endif /* __rtems__ */

9
ipsec-tools/src/racoon/isakmp_quick.c
View File

@ -1,3 +1,9 @@
#include <machine/rtems-bsd-user-space.h>
#ifdef __rtems__
#include <machine/rtems-bsd-program.h>
#include "rtems-bsd-racoon-namespace.h"
#endif /* __rtems__ */
/* $NetBSD: isakmp_quick.c,v 1.29 2011/03/14 17:18:13 tteras Exp $ */
/* Id: isakmp_quick.c,v 1.29 2006/08/22 18:17:17 manubsd Exp */
@ -2629,3 +2635,6 @@ ph2_recv_n(iph2, gen)
return 0;
}
#ifdef __rtems__
#include "rtems-bsd-racoon-isakmp_quick-data.h"
#endif /* __rtems__ */

2
ipsec-tools/src/racoon/isakmp_unity.c
View File

@ -1,3 +1,5 @@
#include <machine/rtems-bsd-user-space.h>
/* $NetBSD: isakmp_unity.c,v 1.9.18.1 2012/01/01 17:32:04 tteras Exp $ */
/* Id: isakmp_unity.c,v 1.10 2006/07/31 04:49:23 manubsd Exp */

2
ipsec-tools/src/racoon/isakmp_xauth.c
View File

@ -1,3 +1,5 @@
#include <machine/rtems-bsd-user-space.h>
/* $NetBSD: isakmp_xauth.c,v 1.22.2.1 2013/02/05 06:23:42 tteras Exp $ */
/* Id: isakmp_xauth.c,v 1.38 2006/08/22 18:17:17 manubsd Exp */

2
ipsec-tools/src/racoon/kmpstat.c
View File

@ -1,3 +1,5 @@
#include <machine/rtems-bsd-user-space.h>
/* $NetBSD: kmpstat.c,v 1.7 2010/11/12 09:08:26 tteras Exp $ */
/* $KAME: kmpstat.c,v 1.33 2004/08/16 08:20:28 itojun Exp $ */

9
ipsec-tools/src/racoon/localconf.c
View File

@ -1,3 +1,9 @@
#include <machine/rtems-bsd-user-space.h>
#ifdef __rtems__
#include <machine/rtems-bsd-program.h>
#include "rtems-bsd-racoon-namespace.h"
#endif /* __rtems__ */
/* $NetBSD: localconf.c,v 1.7 2008/12/23 14:04:42 tteras Exp $ */
/* $KAME: localconf.c,v 1.33 2001/08/09 07:32:19 sakane Exp $ */
@ -357,3 +363,6 @@ save_params()
{
saverestore_params(0);
}
#ifdef __rtems__
#include "rtems-bsd-racoon-localconf-data.h"
#endif /* __rtems__ */

9
ipsec-tools/src/racoon/logger.c
View File

@ -1,3 +1,9 @@
#include <machine/rtems-bsd-user-space.h>
#ifdef __rtems__
#include <machine/rtems-bsd-program.h>
#include "rtems-bsd-racoon-namespace.h"
#endif /* __rtems__ */
/* $NetBSD: logger.c,v 1.4 2006/09/09 16:22:09 manu Exp $ */
/* $KAME: logger.c,v 1.9 2002/09/03 14:37:03 itojun Exp $ */
@ -260,3 +266,6 @@ main(argc, argv)
#endif
#ifdef __rtems__
#include "rtems-bsd-racoon-logger-data.h"
#endif /* __rtems__ */

59
ipsec-tools/src/racoon/main.c
View File

@ -1,3 +1,9 @@
#include <machine/rtems-bsd-user-space.h>
#ifdef __rtems__
#include <machine/rtems-bsd-program.h>
#include "rtems-bsd-racoon-namespace.h"
#endif /* __rtems__ */
/* $NetBSD: main.c,v 1.12.6.1 2013/07/12 13:12:24 tteras Exp $ */
/* Id: main.c,v 1.25 2006/06/20 20:31:34 manubsd Exp */
@ -31,6 +37,14 @@
* SUCH DAMAGE.
*/
#ifdef __rtems__
#include <rtems.h>
#define __need_getopt_newlib
#include <getopt.h>
#include <machine/rtems-bsd-commands.h>
#include <machine/rtems-bsd-racoon.h>
#include <rtems/linkersets.h>
#endif /* __rtems__ */
#include "config.h"
#include <sys/types.h>
@ -172,6 +186,15 @@ parse(ac, av)
#ifdef YYDEBUG
extern int yydebug;
#endif
#ifdef __rtems__
struct getopt_data getopt_data;
memset(&getopt_data, 0, sizeof(getopt_data));
#define optind getopt_data.optind
#define optarg getopt_data.optarg
#define opterr getopt_data.opterr
#define optopt getopt_data.optopt
#define getopt(argc, argv, opt) getopt_r(argc, argv, "+" opt, &getopt_data)
#endif /* __rtems__ */
pname = strrchr(*av, '/');
if (pname)
@ -263,6 +286,30 @@ parse(ac, av)
}
}
#ifdef __rtems__
static int
main(int argc, char **argv);
RTEMS_LINKER_RWSET(bsd_prog_racoon, char);
int rtems_bsd_command_racoon(int argc, char **argv)
{
int exit_code;
void *data_begin;
size_t data_size;
data_begin = RTEMS_LINKER_SET_BEGIN(bsd_prog_racoon);
data_size = RTEMS_LINKER_SET_SIZE(bsd_prog_racoon);
rtems_bsd_racoon_lock();
exit_code = rtems_bsd_program_call_main_with_data_restore("racoon",
main, argc, argv, data_begin, data_size);
rtems_bsd_racoon_unlock();
return exit_code;
}
#endif /* __rtems__ */
int
main(ac, av)
int ac;
@ -321,9 +368,15 @@ main(ac, av)
"SA recovering.");
}
#ifdef __rtems__
/* FIXME: RTEMS currently does not support daemon mode. */
f_foreground = 1;
plog(LLV_INFO, LOCATION, NULL, "RTEMS: Force foreground mode.\n");
#endif /* __rtems__ */
if (f_foreground)
close(0);
else {
#ifndef __rtems__
if (daemon(0, 0) < 0) {
errx(1, "failed to be daemon. (%s)",
strerror(errno));
@ -340,6 +393,9 @@ main(ac, av)
/* no big deal if it fails.. */
}
#endif
#else /* __rtems__ */
errx(1, "Daemon mode currently not supported in RTEMS.");
#endif /* __rtems__ */
}
session();
@ -347,3 +403,6 @@ main(ac, av)
return 0;
}
#ifdef __rtems__
#include "rtems-bsd-racoon-main-data.h"
#endif /* __rtems__ */

9
ipsec-tools/src/racoon/misc.c
View File

@ -1,3 +1,9 @@
#include <machine/rtems-bsd-user-space.h>
#ifdef __rtems__
#include <machine/rtems-bsd-program.h>
#include "rtems-bsd-racoon-namespace.h"
#endif /* __rtems__ */
/* $NetBSD: misc.c,v 1.6 2008/07/15 00:47:09 mgrooms Exp $ */
/* $KAME: misc.c,v 1.23 2001/08/16 14:37:29 itojun Exp $ */
@ -180,3 +186,6 @@ timedelta(t1, t2)
return t2->tv_sec - t1->tv_sec - 1 +
(double)(1000000 + t2->tv_usec - t1->tv_usec) / 1000000;
}
#ifdef __rtems__
#include "rtems-bsd-racoon-misc-data.h"
#endif /* __rtems__ */

2
ipsec-tools/src/racoon/missing/crypto/rijndael/rijndael-alg-fst.c
View File

@ -1,3 +1,5 @@
#include <machine/rtems-bsd-user-space.h>
/* $NetBSD: rijndael-alg-fst.c,v 1.4 2006/09/09 16:22:36 manu Exp $ */
/* $KAME: rijndael-alg-fst.c,v 1.1.1.1 2001/08/08 09:56:23 sakane Exp $ */

2
ipsec-tools/src/racoon/missing/crypto/rijndael/rijndael-api-fst.c
View File

@ -1,3 +1,5 @@
#include <machine/rtems-bsd-user-space.h>
/* $NetBSD: rijndael-api-fst.c,v 1.4 2006/09/09 16:22:36 manu Exp $ */
/* $KAME: rijndael-api-fst.c,v 1.8 2002/11/18 23:32:54 itojun Exp $ */

1
ipsec-tools/src/racoon/missing/crypto/sha2/config.h Normal file
View File

@ -0,0 +1 @@
#include "../../../config.h"

29
ipsec-tools/src/racoon/missing/crypto/sha2/sha2.c
View File

@ -1,3 +1,9 @@
#include <machine/rtems-bsd-user-space.h>
#ifdef __rtems__
#include <machine/rtems-bsd-program.h>
#include "../../../rtems-bsd-racoon-namespace.h"
#endif /* __rtems__ */
/* $NetBSD: sha2.c,v 1.4.40.1 2012/12/24 08:48:08 tteras Exp $ */
/* Id: sha2.c,v 1.6 2004/09/21 14:35:25 ludvigm Exp */
@ -44,7 +50,22 @@
#ifndef __linux__
#include <machine/endian.h>
#endif
#ifndef __rtems__
#include <crypto/sha2/sha2.h>
#else /* __rtems__ */
#define SHA256_Init _bsd_SHA256_Init
#define SHA256_Update _bsd_SHA256_Update
#define SHA256_Final _bsd_SHA256_Final
#include <crypto/sha2/sha256.h>
#define SHA384_Init _bsd_SHA384_Init
#define SHA384_Update _bsd_SHA384_Update
#define SHA384_Final _bsd_SHA384_Final
#include <crypto/sha2/sha384.h>
#define SHA512_Init _bsd_SHA512_Init
#define SHA512_Update _bsd_SHA512_Update
#define SHA512_Final _bsd_SHA512_Final
#include <crypto/sha2/sha512.h>
#endif /* __rtems__ */
#include <openssl/evp.h>
/* get openssl/ssleay version number */
@ -58,6 +79,7 @@
#define HAVE_EVP_097
#ifndef __rtems__
/*
* ASSERT NOTE:
* Some sanity checking code is included using assert(). On my FreeBSD
@ -984,7 +1006,6 @@ char* SHA512_Data(const sha2_byte* data, size_t len, char digest[SHA512_DIGEST_S
return SHA512_End(&context, digest);
}
/*** SHA-384: *********************************************************/
void SHA384_Init(SHA384_CTX* context) {
if (context == (SHA384_CTX*)0) {
@ -1059,6 +1080,8 @@ char* SHA384_Data(const sha2_byte* data, size_t len, char digest[SHA384_DIGEST_S
return SHA384_End(&context, digest);
}
#endif /* __rtems__ */
/*glue*/
#ifdef HAVE_EVP_097
@ -1197,3 +1220,7 @@ struct env_md_st *EVP_sha2_512(void)
{
return(&sha2_512_md);
}
#ifdef __rtems__
#include "../../../rtems-bsd-racoon-main-data.h"
#endif /* __rtems__ */

9
ipsec-tools/src/racoon/nattraversal.c
View File

@ -1,3 +1,9 @@
#include <machine/rtems-bsd-user-space.h>
#ifdef __rtems__
#include <machine/rtems-bsd-program.h>
#include "rtems-bsd-racoon-namespace.h"
#endif /* __rtems__ */
/* $NetBSD: nattraversal.c,v 1.14 2011/03/14 17:18:13 tteras Exp $ */
/*
@ -548,3 +554,6 @@ isakmp_plist_append_natt_vids (struct payload_list *plist, vchar_t *vid_natt[MAX
return plist;
}
#ifdef __rtems__
#include "rtems-bsd-racoon-nattraversal-data.h"
#endif /* __rtems__ */

9
ipsec-tools/src/racoon/oakley.c
View File

@ -1,3 +1,9 @@
#include <machine/rtems-bsd-user-space.h>
#ifdef __rtems__
#include <machine/rtems-bsd-program.h>
#include "rtems-bsd-racoon-namespace.h"
#endif /* __rtems__ */
/* $NetBSD: oakley.c,v 1.22.2.2 2012/08/29 11:35:09 tteras Exp $ */
/* Id: oakley.c,v 1.32 2006/05/26 12:19:46 manubsd Exp */
@ -3209,3 +3215,6 @@ oakley_padlen(len, base)
return padlen;
}
#ifdef __rtems__
#include "rtems-bsd-racoon-oakley-data.h"
#endif /* __rtems__ */

5
ipsec-tools/src/racoon/package_version.h Normal file
View File

@ -0,0 +1,5 @@
#define TOP_PACKAGE "ipsec-tools"
#define TOP_PACKAGE_NAME "ipsec-tools"
#define TOP_PACKAGE_VERSION "0.8.2"
#define TOP_PACKAGE_STRING "ipsec-tools 0.8.2"
#define TOP_PACKAGE_URL "http://ipsec-tools.sourceforge.net"

9
ipsec-tools/src/racoon/pfkey.c
View File

@ -1,3 +1,9 @@
#include <machine/rtems-bsd-user-space.h>
#ifdef __rtems__
#include <machine/rtems-bsd-program.h>
#include "rtems-bsd-racoon-namespace.h"
#endif /* __rtems__ */
/* $NetBSD: pfkey.c,v 1.57 2011/03/15 13:20:14 vanhu Exp $ */
/* $Id: pfkey.c,v 1.57 2011/03/15 13:20:14 vanhu Exp $ */
@ -3993,3 +3999,6 @@ sadbsecas2str(src, dst, proto, spi, mode)
return buf;
}
#ifdef __rtems__
#include "rtems-bsd-racoon-pfkey-data.h"
#endif /* __rtems__ */

2
ipsec-tools/src/racoon/plainrsa-gen.c
View File

@ -1,3 +1,5 @@
#include <machine/rtems-bsd-user-space.h>
/* $NetBSD: plainrsa-gen.c,v 1.6 2011/02/11 10:07:19 tteras Exp $ */
/* Id: plainrsa-gen.c,v 1.6 2005/04/21 09:08:40 monas Exp */

12
ipsec-tools/src/racoon/plog.c
View File

@ -1,3 +1,9 @@
#include <machine/rtems-bsd-user-space.h>
#ifdef __rtems__
#include <machine/rtems-bsd-program.h>
#include "rtems-bsd-racoon-namespace.h"
#endif /* __rtems__ */
/* $NetBSD: plog.c,v 1.7 2011/01/28 12:51:40 tteras Exp $ */
/* Id: plog.c,v 1.11 2006/06/20 09:57:31 vanhu Exp */
@ -58,6 +64,9 @@
#endif
#include <ctype.h>
#include <err.h>
#ifdef __rtems__
#include <netinet/in.h>
#endif /* __rtems__ */
#include "var.h"
#include "misc.h"
@ -293,3 +302,6 @@ binsanitize(binstr, n)
return d;
}
#ifdef __rtems__
#include "rtems-bsd-racoon-plog-data.h"
#endif /* __rtems__ */

9
ipsec-tools/src/racoon/policy.c
View File

@ -1,3 +1,9 @@
#include <machine/rtems-bsd-user-space.h>
#ifdef __rtems__
#include <machine/rtems-bsd-program.h>
#include "rtems-bsd-racoon-namespace.h"
#endif /* __rtems__ */
/* $NetBSD: policy.c,v 1.12 2011/03/14 17:18:13 tteras Exp $ */
/* $KAME: policy.c,v 1.46 2001/11/16 04:08:10 sakane Exp $ */
@ -496,3 +502,6 @@ spidx2str(spidx)
#endif
return buf;
}
#ifdef __rtems__
#include "rtems-bsd-racoon-policy-data.h"
#endif /* __rtems__ */

11
ipsec-tools/src/racoon/privsep.c
View File

@ -1,3 +1,9 @@
#include <machine/rtems-bsd-user-space.h>
#ifdef __rtems__
#include <machine/rtems-bsd-program.h>
#include "rtems-bsd-racoon-namespace.h"
#endif /* __rtems__ */
/* $NetBSD: privsep.c,v 1.21.2.1 2011/08/12 05:46:06 tteras Exp $ */
/* Id: privsep.c,v 1.15 2005/08/08 11:23:44 vanhu Exp */
@ -311,9 +317,11 @@ privsep_init(void)
plog(LLV_INFO, LOCATION, NULL,
"racoon unprivileged process running with PID %d\n", child_pid);
#ifndef __rtems__
#if defined(__NetBSD__) || defined(__FreeBSD__)
setproctitle("[priv]");
#endif
#endif /* __rtems__ */
/*
* Don't catch any signal
@ -1805,3 +1813,6 @@ privsep_cleanup_pam(port)
return;
}
#endif
#ifdef __rtems__
#include "rtems-bsd-racoon-privsep-data.h"
#endif /* __rtems__ */

9
ipsec-tools/src/racoon/proposal.c
View File

@ -1,3 +1,9 @@
#include <machine/rtems-bsd-user-space.h>
#ifdef __rtems__
#include <machine/rtems-bsd-program.h>
#include "rtems-bsd-racoon-namespace.h"
#endif /* __rtems__ */
/* $NetBSD: proposal.c,v 1.17 2008/09/19 11:14:49 tteras Exp $ */
/* $Id: proposal.c,v 1.17 2008/09/19 11:14:49 tteras Exp $ */
@ -1288,3 +1294,6 @@ end:
free_proppair(pair);
return error;
}
#ifdef __rtems__
#include "rtems-bsd-racoon-proposal-data.h"
#endif /* __rtems__ */

2570
ipsec-tools/src/racoon/prsa_par.c
View File

File diff suppressed because it is too large Load Diff

156
ipsec-tools/src/racoon/prsa_par.h
View File

@ -1,134 +1,36 @@
/* A Bison parser, made by GNU Bison 2.6.2. */
/* Bison interface for Yacc-like parsers in C
Copyright (C) 1984, 1989-1990, 2000-2012 Free Software Foundation, Inc.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>. */
/* As a special exception, you may create a larger work that contains
part or all of the Bison parser skeleton and distribute that work
under terms of your choice, so long as that work isn't itself a
parser generator using the skeleton or a modified version thereof
as a parser skeleton. Alternatively, if you modify or redistribute
the parser skeleton itself, you may (at your option) remove this
special exception, which will cause the skeleton and the resulting
Bison output files to be licensed under the GNU General Public
License without this special exception.
This special exception was added by the Free Software Foundation in
version 2.2 of Bison. */
#ifndef PRSA_PRSA_PAR_H
# define PRSA_PRSA_PAR_H
/* Enabling traces. */
#ifndef YYDEBUG
# define YYDEBUG 0
#define COLON 257
#define HEX 258
#define OBRACE 259
#define EBRACE 260
#define TAG_RSA 261
#define TAG_PUB 262
#define TAG_PSK 263
#define MODULUS 264
#define PUBLIC_EXPONENT 265
#define PRIVATE_EXPONENT 266
#define PRIME1 267
#define PRIME2 268
#define EXPONENT1 269
#define EXPONENT2 270
#define COEFFICIENT 271
#define ADDR4 272
#define ADDR6 273
#define ADDRANY 274
#define SLASH 275
#define NUMBER 276
#define BASE64 277
#ifdef YYSTYPE
#undef YYSTYPE_IS_DECLARED
#define YYSTYPE_IS_DECLARED 1
#endif
#if YYDEBUG
extern int prsadebug;
#endif
/* Tokens. */
#ifndef YYTOKENTYPE
# define YYTOKENTYPE
/* Put the tokens into the symbol table, so that GDB and other debuggers
know about them. */
enum yytokentype {
COLON = 258,
HEX = 259,
OBRACE = 260,
EBRACE = 261,
TAG_RSA = 262,
TAG_PUB = 263,
TAG_PSK = 264,
MODULUS = 265,
PUBLIC_EXPONENT = 266,
PRIVATE_EXPONENT = 267,
PRIME1 = 268,
PRIME2 = 269,
EXPONENT1 = 270,
EXPONENT2 = 271,
COEFFICIENT = 272,
ADDR4 = 273,
ADDR6 = 274,
ADDRANY = 275,
SLASH = 276,
NUMBER = 277,
BASE64 = 278
};
#endif
/* Tokens. */
#define COLON 258
#define HEX 259
#define OBRACE 260
#define EBRACE 261
#define TAG_RSA 262
#define TAG_PUB 263
#define TAG_PSK 264
#define MODULUS 265
#define PUBLIC_EXPONENT 266
#define PRIVATE_EXPONENT 267
#define PRIME1 268
#define PRIME2 269
#define EXPONENT1 270
#define EXPONENT2 271
#define COEFFICIENT 272
#define ADDR4 273
#define ADDR6 274
#define ADDRANY 275
#define SLASH 276
#define NUMBER 277
#define BASE64 278
#if ! defined YYSTYPE && ! defined YYSTYPE_IS_DECLARED
typedef union YYSTYPE
{
/* Line 2049 of yacc.c */
#line 130 "prsa_par.y"
#ifndef YYSTYPE_IS_DECLARED
#define YYSTYPE_IS_DECLARED 1
typedef union {
BIGNUM *bn;
RSA *rsa;
char *chr;
long num;
struct netaddr *naddr;
/* Line 2049 of yacc.c */
#line 112 "prsa_par.h"
} YYSTYPE;
# define YYSTYPE_IS_TRIVIAL 1
# define yystype YYSTYPE /* obsolescent; will be withdrawn */
# define YYSTYPE_IS_DECLARED 1
#endif
extern YYSTYPE prsalval;
#ifdef YYPARSE_PARAM
#if defined __STDC__ || defined __cplusplus
int prsaparse (void *YYPARSE_PARAM);
#else
int prsaparse ();
#endif
#else /* ! YYPARSE_PARAM */
#if defined __STDC__ || defined __cplusplus
int prsaparse (void);
#else
int prsaparse ();
#endif
#endif /* ! YYPARSE_PARAM */
#endif /* !PRSA_PRSA_PAR_H */
#endif /* !YYSTYPE_IS_DECLARED */
extern YYSTYPE racoonprsalval;

6
ipsec-tools/src/racoon/prsa_par.y
View File

@ -70,6 +70,12 @@
#include "crypto_openssl.h"
#include "sockmisc.h"
#include "rsalist.h"
#ifdef __rtems__
#define prsaparse yyparse
#define prsaerror yyerror
#define prsain racoonprsain
#define prsawrap racoonprsawrap
#endif /* __rtems__ */
extern void prsaerror(const char *str, ...);
extern int prsawrap (void);

5
ipsec-tools/src/racoon/prsa_par_wrapper.c Normal file
View File

@ -0,0 +1,5 @@
#include <machine/rtems-bsd-user-space.h>
#include <machine/rtems-bsd-program.h>
#include "rtems-bsd-racoon-namespace.h"
#include "prsa_par.c"
#include "rtems-bsd-racoon-prsa_par_wrapper-data.h"

543
ipsec-tools/src/racoon/prsa_tok.c
View File

File diff suppressed because it is too large Load Diff

4
ipsec-tools/src/racoon/prsa_tok.l
View File

@ -39,6 +39,10 @@
#include <openssl/bn.h>
#include <openssl/rsa.h>
#include "prsa_par.h"
#ifdef __rtems__
#define prsatext racoonprsatext
#define prsalval racoonprsalval
#endif /* __rtems__ */
extern int prsalex (void);
extern int prsa_cur_lineno;

5
ipsec-tools/src/racoon/prsa_tok_wrapper.c Normal file
View File

@ -0,0 +1,5 @@
#include <machine/rtems-bsd-user-space.h>
#include <machine/rtems-bsd-program.h>
#include "rtems-bsd-racoon-namespace.h"
#include "prsa_tok.c"
#include "rtems-bsd-racoon-prsa_tok_wrapper-data.h"

2
ipsec-tools/src/racoon/racoonctl.c
View File

@ -1,3 +1,5 @@
#include <machine/rtems-bsd-user-space.h>
/* $NetBSD: racoonctl.c,v 1.18 2010/11/12 09:08:26 tteras Exp $ */
/* Id: racoonctl.c,v 1.11 2006/04/06 17:06:25 manubsd Exp */

9
ipsec-tools/src/racoon/remoteconf.c
View File

@ -1,3 +1,9 @@
#include <machine/rtems-bsd-user-space.h>
#ifdef __rtems__
#include <machine/rtems-bsd-program.h>
#include "rtems-bsd-racoon-namespace.h"
#endif /* __rtems__ */
/* $NetBSD: remoteconf.c,v 1.26 2011/03/14 15:50:36 vanhu Exp $ */
/* Id: remoteconf.c,v 1.38 2006/05/06 15:52:44 manubsd Exp */
@ -1246,3 +1252,6 @@ checkisakmpsa(pcheck_level, proposal, acceptable)
return NULL;
}
#ifdef __rtems__
#include "rtems-bsd-racoon-remoteconf-data.h"
#endif /* __rtems__ */

9
ipsec-tools/src/racoon/rsalist.c
View File

@ -1,3 +1,9 @@
#include <machine/rtems-bsd-user-space.h>
#ifdef __rtems__
#include <machine/rtems-bsd-program.h>
#include "rtems-bsd-racoon-namespace.h"
#endif /* __rtems__ */
/* $NetBSD: rsalist.c,v 1.6 2011/03/14 15:50:36 vanhu Exp $ */
/* Id: rsalist.c,v 1.3 2004/11/08 12:04:23 ludvigm Exp */
@ -273,3 +279,6 @@ rsa_try_check_rsasign(vchar_t *source, vchar_t *sig, struct genlist *list)
}
return NULL;
}
#ifdef __rtems__
#include "rtems-bsd-racoon-rsalist-data.h"
#endif /* __rtems__ */

4
ipsec-tools/src/racoon/rtems-bsd-racoon-admin-data.h Normal file
View File

@ -0,0 +1,4 @@
/* generated by userspace-header-gen.py */
#include <rtems/linkersets.h>
#include "rtems-bsd-racoon-data.h"
/* admin.c */

12
ipsec-tools/src/racoon/rtems-bsd-racoon-algorithm-data.h Normal file
View File

@ -0,0 +1,12 @@
/* generated by userspace-header-gen.py */
#include <rtems/linkersets.h>
#include "rtems-bsd-racoon-data.h"
/* algorithm.c */
RTEMS_LINKER_RWSET_CONTENT(bsd_prog_racoon, static struct hash_algorithm oakley_hashdef[]);
RTEMS_LINKER_RWSET_CONTENT(bsd_prog_racoon, static struct hmac_algorithm oakley_hmacdef[]);
RTEMS_LINKER_RWSET_CONTENT(bsd_prog_racoon, static struct enc_algorithm oakley_encdef[]);
RTEMS_LINKER_RWSET_CONTENT(bsd_prog_racoon, static struct enc_algorithm ipsec_encdef[]);
RTEMS_LINKER_RWSET_CONTENT(bsd_prog_racoon, static struct hmac_algorithm ipsec_hmacdef[]);
RTEMS_LINKER_RWSET_CONTENT(bsd_prog_racoon, static struct misc_algorithm ipsec_compdef[]);
RTEMS_LINKER_RWSET_CONTENT(bsd_prog_racoon, static struct misc_algorithm oakley_authdef[]);
RTEMS_LINKER_RWSET_CONTENT(bsd_prog_racoon, static struct dh_algorithm oakley_dhdef[]);

6
ipsec-tools/src/racoon/rtems-bsd-racoon-backupsa-data.h Normal file
View File

@ -0,0 +1,6 @@
/* generated by userspace-header-gen.py */
#include <rtems/linkersets.h>
#include "rtems-bsd-racoon-data.h"
/* backupsa.c */
RTEMS_LINKER_RWSET_CONTENT(bsd_prog_racoon, static char *format);
RTEMS_LINKER_RWSET_CONTENT(bsd_prog_racoon, static char *strmon[]);

11
ipsec-tools/src/racoon/rtems-bsd-racoon-cfparse_wrapper-data.h Normal file
View File

@ -0,0 +1,11 @@
/* generated by userspace-header-gen.py */
#include <rtems/linkersets.h>
#include "rtems-bsd-racoon-data.h"
/* cfparse_wrapper.c */
RTEMS_LINKER_RWSET_CONTENT(bsd_prog_racoon, static int num2dhgroup[]);
RTEMS_LINKER_RWSET_CONTENT(bsd_prog_racoon, static struct remoteconf *cur_rmconf);
RTEMS_LINKER_RWSET_CONTENT(bsd_prog_racoon, static int tmpalgtype[]);
RTEMS_LINKER_RWSET_CONTENT(bsd_prog_racoon, static struct sainfo *cur_sainfo);
RTEMS_LINKER_RWSET_CONTENT(bsd_prog_racoon, static int cur_algclass);
RTEMS_LINKER_RWSET_CONTENT(bsd_prog_racoon, static int oldloglevel);
RTEMS_LINKER_RWSET_CONTENT(bsd_prog_racoon, static YYSTACKDATA yystack);

21
ipsec-tools/src/racoon/rtems-bsd-racoon-cftoken_wrapper-data.h Normal file
View File

@ -0,0 +1,21 @@
/* generated by userspace-header-gen.py */
#include <rtems/linkersets.h>
#include "rtems-bsd-racoon-data.h"
/* cftoken_wrapper.c */
RTEMS_LINKER_RWSET_CONTENT(bsd_prog_racoon, static size_t yy_buffer_stack_top);
RTEMS_LINKER_RWSET_CONTENT(bsd_prog_racoon, static size_t yy_buffer_stack_max);
RTEMS_LINKER_RWSET_CONTENT(bsd_prog_racoon, static YY_BUFFER_STATE *yy_buffer_stack);
RTEMS_LINKER_RWSET_CONTENT(bsd_prog_racoon, static char yy_hold_char);
RTEMS_LINKER_RWSET_CONTENT(bsd_prog_racoon, static yy_size_t yy_n_chars);
RTEMS_LINKER_RWSET_CONTENT(bsd_prog_racoon, extern yy_size_t racoonyyleng);
RTEMS_LINKER_RWSET_CONTENT(bsd_prog_racoon, static char *yy_c_buf_p);
RTEMS_LINKER_RWSET_CONTENT(bsd_prog_racoon, static int yy_init);
RTEMS_LINKER_RWSET_CONTENT(bsd_prog_racoon, static int yy_start);
RTEMS_LINKER_RWSET_CONTENT(bsd_prog_racoon, static int yy_did_buffer_switch_on_eof);
RTEMS_LINKER_RWSET_CONTENT(bsd_prog_racoon, static yy_state_type yy_last_accepting_state);
RTEMS_LINKER_RWSET_CONTENT(bsd_prog_racoon, static char *yy_last_accepting_cpos);
RTEMS_LINKER_RWSET_CONTENT(bsd_prog_racoon, static int yy_more_flag);
RTEMS_LINKER_RWSET_CONTENT(bsd_prog_racoon, static int yy_more_len);
RTEMS_LINKER_RWSET_CONTENT(bsd_prog_racoon, static struct include_stack incstack[]);
RTEMS_LINKER_RWSET_CONTENT(bsd_prog_racoon, static int incstackp);
RTEMS_LINKER_RWSET_CONTENT(bsd_prog_racoon, static int yy_first_time);

4
ipsec-tools/src/racoon/rtems-bsd-racoon-crypto_openssl-data.h Normal file
View File

@ -0,0 +1,4 @@
/* generated by userspace-header-gen.py */
#include <rtems/linkersets.h>
#include "rtems-bsd-racoon-data.h"
/* crypto_openssl.c */

90
ipsec-tools/src/racoon/rtems-bsd-racoon-data.h Normal file
View File

@ -0,0 +1,90 @@
/* generated by userspace-header-gen.py */
#include <rtems/linkersets.h>
/* admin.c */
/* algorithm.c */
/* backupsa.c */
/* cfparse_wrapper.c */
RTEMS_LINKER_RWSET_CONTENT(bsd_prog_racoon, extern int racoonyydebug);
RTEMS_LINKER_RWSET_CONTENT(bsd_prog_racoon, extern int racoonyynerrs);
RTEMS_LINKER_RWSET_CONTENT(bsd_prog_racoon, extern int racoonyyerrflag);
RTEMS_LINKER_RWSET_CONTENT(bsd_prog_racoon, extern int racoonyychar);
/* cftoken_wrapper.c */
RTEMS_LINKER_RWSET_CONTENT(bsd_prog_racoon, extern FILE *racoonyyin);
RTEMS_LINKER_RWSET_CONTENT(bsd_prog_racoon, extern FILE *racoonyyout);
RTEMS_LINKER_RWSET_CONTENT(bsd_prog_racoon, extern int racoonyylineno);
RTEMS_LINKER_RWSET_CONTENT(bsd_prog_racoon, extern int racoonyy_flex_debug);
RTEMS_LINKER_RWSET_CONTENT(bsd_prog_racoon, extern char *racoonyytext);
RTEMS_LINKER_RWSET_CONTENT(bsd_prog_racoon, extern int yyerrorcount);
/* crypto_openssl.c */
/* dnssec.c */
/* evt.c */
/* genlist.c */
/* getcertsbyname.c */
/* grabmyaddr.c */
/* gssapi.c */
RTEMS_LINKER_RWSET_CONTENT(bsd_prog_racoon, extern int __gssapi_dUmMy);
/* handler.c */
/* ipsec_doi.c */
/* isakmp_agg.c */
/* isakmp_base.c */
/* isakmp.c */
/* isakmp_frag.c */
/* isakmp_ident.c */
/* isakmp_inf.c */
/* isakmp_newg.c */
/* isakmp_quick.c */
/* localconf.c */
RTEMS_LINKER_RWSET_CONTENT(bsd_prog_racoon, extern struct localconf *lcconf);
/* logger.c */
/* main.c */
RTEMS_LINKER_RWSET_CONTENT(bsd_prog_racoon, extern int dump_config);
RTEMS_LINKER_RWSET_CONTENT(bsd_prog_racoon, extern int f_local);
RTEMS_LINKER_RWSET_CONTENT(bsd_prog_racoon, extern int vflag);
/* misc.c */
/* sha2.c */
/* nattraversal.c */
/* oakley.c */
RTEMS_LINKER_RWSET_CONTENT(bsd_prog_racoon, extern struct dhgroup dh_modp768);
RTEMS_LINKER_RWSET_CONTENT(bsd_prog_racoon, extern struct dhgroup dh_modp1024);
RTEMS_LINKER_RWSET_CONTENT(bsd_prog_racoon, extern struct dhgroup dh_modp1536);
RTEMS_LINKER_RWSET_CONTENT(bsd_prog_racoon, extern struct dhgroup dh_modp2048);
RTEMS_LINKER_RWSET_CONTENT(bsd_prog_racoon, extern struct dhgroup dh_modp3072);
RTEMS_LINKER_RWSET_CONTENT(bsd_prog_racoon, extern struct dhgroup dh_modp4096);
RTEMS_LINKER_RWSET_CONTENT(bsd_prog_racoon, extern struct dhgroup dh_modp6144);
RTEMS_LINKER_RWSET_CONTENT(bsd_prog_racoon, extern struct dhgroup dh_modp8192);
/* pfkey.c */
/* plog.c */
RTEMS_LINKER_RWSET_CONTENT(bsd_prog_racoon, extern char *pname);
RTEMS_LINKER_RWSET_CONTENT(bsd_prog_racoon, extern u_int32_t loglevel);
RTEMS_LINKER_RWSET_CONTENT(bsd_prog_racoon, extern int f_foreground);
RTEMS_LINKER_RWSET_CONTENT(bsd_prog_racoon, extern int print_location);
/* policy.c */
/* privsep.c */
/* proposal.c */
/* prsa_par_wrapper.c */
RTEMS_LINKER_RWSET_CONTENT(bsd_prog_racoon, extern int prsa_cur_lineno);
RTEMS_LINKER_RWSET_CONTENT(bsd_prog_racoon, extern char *prsa_cur_fname);
RTEMS_LINKER_RWSET_CONTENT(bsd_prog_racoon, extern struct genlist *prsa_cur_list);
RTEMS_LINKER_RWSET_CONTENT(bsd_prog_racoon, extern enum rsa_key_type prsa_cur_type);
RTEMS_LINKER_RWSET_CONTENT(bsd_prog_racoon, extern int racoonprsadebug);
RTEMS_LINKER_RWSET_CONTENT(bsd_prog_racoon, extern int racoonprsanerrs);
RTEMS_LINKER_RWSET_CONTENT(bsd_prog_racoon, extern int racoonprsaerrflag);
RTEMS_LINKER_RWSET_CONTENT(bsd_prog_racoon, extern int racoonprsachar);
/* prsa_tok_wrapper.c */
RTEMS_LINKER_RWSET_CONTENT(bsd_prog_racoon, extern FILE *racoonprsain);
RTEMS_LINKER_RWSET_CONTENT(bsd_prog_racoon, extern FILE *racoonprsaout);
RTEMS_LINKER_RWSET_CONTENT(bsd_prog_racoon, extern int racoonprsalineno);
RTEMS_LINKER_RWSET_CONTENT(bsd_prog_racoon, extern int racoonprsa_flex_debug);
RTEMS_LINKER_RWSET_CONTENT(bsd_prog_racoon, extern char *racoonprsatext);
/* remoteconf.c */
RTEMS_LINKER_RWSET_CONTENT(bsd_prog_racoon, extern char *script_names[]);
/* rsalist.c */
/* safefile.c */
/* sainfo.c */
/* schedule.c */
/* session.c */
/* sockmisc.c */
/* str2val.c */
/* strnames.c */
/* vendorid.c */
/* vmbuf.c */

4
ipsec-tools/src/racoon/rtems-bsd-racoon-dnssec-data.h Normal file
View File

@ -0,0 +1,4 @@
/* generated by userspace-header-gen.py */
#include <rtems/linkersets.h>
#include "rtems-bsd-racoon-data.h"
/* dnssec.c */

4
ipsec-tools/src/racoon/rtems-bsd-racoon-evt-data.h Normal file
View File

@ -0,0 +1,4 @@
/* generated by userspace-header-gen.py */
#include <rtems/linkersets.h>
#include "rtems-bsd-racoon-data.h"
/* evt.c */

4
ipsec-tools/src/racoon/rtems-bsd-racoon-genlist-data.h Normal file
View File

@ -0,0 +1,4 @@
/* generated by userspace-header-gen.py */
#include <rtems/linkersets.h>
#include "rtems-bsd-racoon-data.h"
/* genlist.c */

4
ipsec-tools/src/racoon/rtems-bsd-racoon-getcertsbyname-data.h Normal file
View File

@ -0,0 +1,4 @@
/* generated by userspace-header-gen.py */
#include <rtems/linkersets.h>
#include "rtems-bsd-racoon-data.h"
/* getcertsbyname.c */

6
ipsec-tools/src/racoon/rtems-bsd-racoon-grabmyaddr-data.h Normal file
View File

@ -0,0 +1,6 @@
/* generated by userspace-header-gen.py */
#include <rtems/linkersets.h>
#include "rtems-bsd-racoon-data.h"
/* grabmyaddr.c */
RTEMS_LINKER_RWSET_CONTENT(bsd_prog_racoon, static struct _myaddr_list_ configured);
RTEMS_LINKER_RWSET_CONTENT(bsd_prog_racoon, static struct _myaddr_list_ opened);

4
ipsec-tools/src/racoon/rtems-bsd-racoon-gssapi-data.h Normal file
View File

@ -0,0 +1,4 @@
/* generated by userspace-header-gen.py */
#include <rtems/linkersets.h>
#include "rtems-bsd-racoon-data.h"
/* gssapi.c */

9
ipsec-tools/src/racoon/rtems-bsd-racoon-handler-data.h Normal file
View File

@ -0,0 +1,9 @@
/* generated by userspace-header-gen.py */
#include <rtems/linkersets.h>
#include "rtems-bsd-racoon-data.h"
/* handler.c */
RTEMS_LINKER_RWSET_CONTENT(bsd_prog_racoon, static struct _ph1tree_ ph1tree);
RTEMS_LINKER_RWSET_CONTENT(bsd_prog_racoon, static struct _ph2tree_ ph2tree);
RTEMS_LINKER_RWSET_CONTENT(bsd_prog_racoon, static struct _ctdtree_ ctdtree);
RTEMS_LINKER_RWSET_CONTENT(bsd_prog_racoon, static struct _rcptree_ rcptree);
RTEMS_LINKER_RWSET_CONTENT(bsd_prog_racoon, static struct sched sc_sweep);

Some files were not shown because too many files have changed in this diff Show More