diff options
author | Waldemar Brodkorb <wbx@openadk.org> | 2009-05-30 20:39:07 +0200 |
---|---|---|
committer | Waldemar Brodkorb <wbx@openadk.org> | 2009-05-30 20:39:07 +0200 |
commit | ba3359722cbf8aa7b0ed39e1f81d1d74ec88fecd (patch) | |
tree | 10c726d162bc0ded85eb7aeacf8f246bd39ad63a /package/ipsec-tools | |
parent | bbd610f15a71b27c955175cb98392b114717fd47 (diff) |
optimize ipkg package management
- generate ipkg control file from PKG_* variables
- automatically install init scripts from ./files/*.init
set #PKG pkgname to set the binary package
- rename FWINIT -> INIT
- move postinst and conffiles meta data to ./files
- update the packages to the latest upstream version
- remove some unready or unused package (strongswan,..)
more cleanups needed after allmodconfig
Diffstat (limited to 'package/ipsec-tools')
17 files changed, 3016 insertions, 55 deletions
diff --git a/package/ipsec-tools/Config.in b/package/ipsec-tools/Config.in index b140738b1..7edadda2a 100644 --- a/package/ipsec-tools/Config.in +++ b/package/ipsec-tools/Config.in @@ -1,7 +1,6 @@ config ADK_PACKAGE_IPSEC_TOOLS prompt "ipsec-tools....................... IPsec management tools" tristate - depends ADK_LINUX_2_6 select ADK_PACKAGE_LIBOPENSSL default n help diff --git a/package/ipsec-tools/Makefile b/package/ipsec-tools/Makefile index 5fe7101aa..10a3539e9 100644 --- a/package/ipsec-tools/Makefile +++ b/package/ipsec-tools/Makefile @@ -6,19 +6,25 @@ include ${TOPDIR}/rules.mk PKG_NAME:= ipsec-tools -PKG_VERSION:= 0.6.4 +PKG_VERSION:= 0.7.2 PKG_RELEASE:= 1 -PKG_MD5SUM:= d0242a943c82c0cbf28005966ff35e21 +PKG_MD5SUM:= 72861f005746ee27984b2ee715ecc629 +PKG_DESCR:= IPsec management tools +PKG_SECTION:= net +PKG_DEPENDS:= libopenssl +PKG_URL:= http://ipsec-tools.sourceforge.net +PKG_SITES:= ${MASTER_SITE_SOURCEFORGE:=ipsec-tools/} + DISTFILES:= ${PKG_NAME}-${PKG_VERSION}.tar.bz2 -MASTER_SITES:= ${MASTER_SITE_SOURCEFORGE:=ipsec-tools/} include ${TOPDIR}/mk/package.mk -$(eval $(call PKG_template,IPSEC_TOOLS,ipsec-tools,${PKG_VERSION}-${PKG_RELEASE})) +$(eval $(call PKG_template,IPSEC_TOOLS,${PKG_NAME},${PKG_VERSION}-${PKG_RELEASE},${PKG_DEPENDS},${PKG_DESCR},${PKG_SECTION})) CONFIGURE_STYLE= gnu CONFIGURE_ARGS+= --with-kernel-headers="${LINUX_DIR}/include" \ --without-readline \ + --disable-security-context \ --with-openssl="${STAGING_DIR}/usr" \ --without-libradius \ --without-libpam diff --git a/package/ipsec-tools/ipkg/ipsec-tools.conffiles b/package/ipsec-tools/files/ipsec-tools.conffiles index 434045463..434045463 100644 --- a/package/ipsec-tools/ipkg/ipsec-tools.conffiles +++ b/package/ipsec-tools/files/ipsec-tools.conffiles diff --git a/package/ipsec-tools/ipkg/ipsec-tools.control b/package/ipsec-tools/ipkg/ipsec-tools.control deleted file mode 100644 index c1cade10b..000000000 --- a/package/ipsec-tools/ipkg/ipsec-tools.control +++ /dev/null @@ -1,5 +0,0 @@ -Package: ipsec-tools -Priority: optional -Section: net -Depends: libopenssl -Description: IPsec management tools diff --git a/package/ipsec-tools/patches/patch-configure b/package/ipsec-tools/patches/patch-configure index 5ff9866f7..29e65cf5b 100644 --- a/package/ipsec-tools/patches/patch-configure +++ b/package/ipsec-tools/patches/patch-configure @@ -1,12 +1,12 @@ -$Id$ ---- ipsec-tools-0.6.4.orig/configure 2005-12-09 10:03:34.000000000 +0100 -+++ ipsec-tools-0.6.4/configure 2007-06-28 16:58:31.000000000 +0200 -@@ -23147,7 +23147,7 @@ echo "${ECHO_T}${crypto_dir-default}" >& - - if test "x$crypto_dir" != "x"; then - LIBS="$LIBS -L${crypto_dir}/lib" -- CPPFLAGS="-I${crypto_dir}/include $CPPLAGS" -+ CPPFLAGS="-I${crypto_dir}/include $CPPFLAGS" - fi - echo "$as_me:$LINENO: checking openssl version" >&5 - echo $ECHO_N "checking openssl version... $ECHO_C" >&6 +$Id: update-patches 24 2008-08-31 14:56:13Z wbx $ +--- ipsec-tools-0.7.2.orig/configure 2009-04-21 16:41:45.000000000 +0200 ++++ ipsec-tools-0.7.2/configure 2009-05-29 15:28:06.991791782 +0200 +@@ -11963,7 +11963,7 @@ echo "${ECHO_T}$ac_cv_path_EGREP" >&6; } + + + +-CFLAGS_ADD="$CFLAGS_ADD -Wall -Werror -Wno-unused" ++CFLAGS_ADD="$CFLAGS_ADD -Wall -Wno-unused" + + case $host in + *netbsd*) diff --git a/package/ipsec-tools/patches/patch-configure_ac b/package/ipsec-tools/patches/patch-configure_ac deleted file mode 100644 index d28f9afb7..000000000 --- a/package/ipsec-tools/patches/patch-configure_ac +++ /dev/null @@ -1,12 +0,0 @@ -$Id$ ---- ipsec-tools-0.6.4.orig/configure.ac 2005-12-09 10:00:28.000000000 +0100 -+++ ipsec-tools-0.6.4/configure.ac 2007-06-28 16:58:31.000000000 +0200 -@@ -183,7 +183,7 @@ AC_MSG_RESULT(${crypto_dir-default}) - - if test "x$crypto_dir" != "x"; then - LIBS="$LIBS -L${crypto_dir}/lib" -- CPPFLAGS="-I${crypto_dir}/include $CPPLAGS" -+ CPPFLAGS="-I${crypto_dir}/include $CPPFLAGS" - fi - AC_MSG_CHECKING(openssl version) - diff --git a/package/ipsec-tools/patches/patch-src_racoon_algorithm_c b/package/ipsec-tools/patches/patch-src_racoon_algorithm_c new file mode 100644 index 000000000..351ce1771 --- /dev/null +++ b/package/ipsec-tools/patches/patch-src_racoon_algorithm_c @@ -0,0 +1,44 @@ +$Id: update-patches 24 2008-08-31 14:56:13Z wbx $ +--- ipsec-tools-0.7.2.orig/src/racoon/algorithm.c 2006-10-06 14:02:27.000000000 +0200 ++++ ipsec-tools-0.7.2/src/racoon/algorithm.c 2009-05-29 15:51:03.662094000 +0200 +@@ -111,9 +111,11 @@ static struct enc_algorithm oakley_encde + eay_idea_encrypt, eay_idea_decrypt, + eay_idea_weakkey, eay_idea_keylen, }, + #endif ++#ifndef OPENSSL_NO_BF + { "blowfish", algtype_blowfish, OAKLEY_ATTR_ENC_ALG_BLOWFISH, 8, + eay_bf_encrypt, eay_bf_decrypt, + eay_bf_weakkey, eay_bf_keylen, }, ++#endif + #ifdef HAVE_OPENSSL_RC5_H + { "rc5", algtype_rc5, OAKLEY_ATTR_ENC_ALG_RC5, 8, + eay_rc5_encrypt, eay_rc5_decrypt, +@@ -122,9 +124,11 @@ static struct enc_algorithm oakley_encde + { "3des", algtype_3des, OAKLEY_ATTR_ENC_ALG_3DES, 8, + eay_3des_encrypt, eay_3des_decrypt, + eay_3des_weakkey, eay_3des_keylen, }, ++#ifndef OPENSSL_NO_CAST + { "cast", algtype_cast128, OAKLEY_ATTR_ENC_ALG_CAST, 8, + eay_cast_encrypt, eay_cast_decrypt, + eay_cast_weakkey, eay_cast_keylen, }, ++#endif + { "aes", algtype_aes, OAKLEY_ATTR_ENC_ALG_AES, 16, + eay_aes_encrypt, eay_aes_decrypt, + eay_aes_weakkey, eay_aes_keylen, }, +@@ -150,12 +154,16 @@ static struct enc_algorithm ipsec_encdef + NULL, NULL, + NULL, eay_rc5_keylen, }, + #endif ++#ifndef OPENSSL_NO_CAST + { "cast", algtype_cast128, IPSECDOI_ESP_CAST, 8, + NULL, NULL, + NULL, eay_cast_keylen, }, ++#endif ++#ifndef OPENSSL_NO_CAST + { "blowfish", algtype_blowfish, IPSECDOI_ESP_BLOWFISH, 8, + NULL, NULL, + NULL, eay_bf_keylen, }, ++#endif + { "des-iv32", algtype_des_iv32, IPSECDOI_ESP_DES_IV32, 8, + NULL, NULL, + NULL, eay_des_keylen, }, diff --git a/package/ipsec-tools/patches/patch-src_racoon_cftoken_c b/package/ipsec-tools/patches/patch-src_racoon_cftoken_c new file mode 100644 index 000000000..29bdf1a77 --- /dev/null +++ b/package/ipsec-tools/patches/patch-src_racoon_cftoken_c @@ -0,0 +1,2026 @@ +$Id: update-patches 24 2008-08-31 14:56:13Z wbx $ +--- ipsec-tools-0.7.2.orig/src/racoon/cftoken.c 2008-07-23 13:49:19.000000000 +0200 ++++ ipsec-tools-0.7.2/src/racoon/cftoken.c 2009-05-29 15:50:16.982910033 +0200 +@@ -8,7 +8,7 @@ + #define FLEX_SCANNER + #define YY_FLEX_MAJOR_VERSION 2 + #define YY_FLEX_MINOR_VERSION 5 +-#define YY_FLEX_SUBMINOR_VERSION 34 ++#define YY_FLEX_SUBMINOR_VERSION 35 + #if YY_FLEX_SUBMINOR_VERSION > 0 + #define FLEX_BETA + #endif +@@ -178,13 +178,6 @@ extern FILE *yyin, *yyout; + + #define unput(c) yyunput( c, (yytext_ptr) ) + +-/* The following is because we cannot portably get our hands on size_t +- * (without autoconf's help, which isn't available because we want +- * flex-generated scanners to compile on their own). +- * Given that the standard has decreed that size_t exists since 1989, +- * I guess we can afford to depend on it. Manoj. +- */ +- + #ifndef YY_TYPEDEF_YY_SIZE_T + #define YY_TYPEDEF_YY_SIZE_T + typedef size_t yy_size_t; +@@ -1634,6 +1627,7 @@ static struct include_stack { + static int incstackp = 0; + + static int yy_first_time = 1; ++int yywrap(void) { return 1; } + /* common seciton */ + /*octet (([01]?{digit}?{digit})|((2([0-4]{digit}))|(25[0-5]))) */ + +@@ -1642,7 +1636,7 @@ static int yy_first_time = 1; + + + +-#line 1646 "cftoken.c" ++#line 1640 "cftoken.c" + + #define INITIAL 0 + #define S_INI 1 +@@ -1679,6 +1673,35 @@ static int yy_first_time = 1; + + static int yy_init_globals (void ); + ++/* Accessor methods to globals. ++ These are made visible to non-reentrant scanners for convenience. */ ++ ++int yylex_destroy (void ); ++ ++int yyget_debug (void ); ++ ++void yyset_debug (int debug_flag ); ++ ++YY_EXTRA_TYPE yyget_extra (void ); ++ ++void yyset_extra (YY_EXTRA_TYPE user_defined ); ++ ++FILE *yyget_in (void ); ++ ++void yyset_in (FILE * in_str ); ++ ++FILE *yyget_out (void ); ++ ++void yyset_out (FILE * out_str ); ++ ++int yyget_leng (void ); ++ ++char *yyget_text (void ); ++ ++int yyget_lineno (void ); ++ ++void yyset_lineno (int line_number ); ++ + /* Macros after this point can all be overridden by user definitions in + * section 1. + */ +@@ -1814,7 +1837,7 @@ YY_DECL + register char *yy_cp, *yy_bp; + register int yy_act; + +-#line 142 "cftoken.l" ++#line 143 "cftoken.l" + + + if (yy_first_time) { +@@ -1824,7 +1847,7 @@ YY_DECL + + + /* privsep */ +-#line 1828 "cftoken.c" ++#line 1851 "cftoken.c" + + if ( !(yy_init) ) + { +@@ -1915,1028 +1938,1028 @@ do_action: /* This label is used only to + + case 1: + YY_RULE_SETUP +-#line 151 "cftoken.l" ++#line 152 "cftoken.l" + { BEGIN S_PRIV; YYDB; return(PRIVSEP); } + YY_BREAK + case 2: + YY_RULE_SETUP +-#line 152 "cftoken.l" ++#line 153 "cftoken.l" + { return(BOC); } + YY_BREAK + case 3: + YY_RULE_SETUP +-#line 153 "cftoken.l" ++#line 154 "cftoken.l" + { YYD; return(USER); } + YY_BREAK + case 4: + YY_RULE_SETUP +-#line 154 "cftoken.l" ++#line 155 "cftoken.l" + { YYD; return(GROUP); } + YY_BREAK + case 5: + YY_RULE_SETUP +-#line 155 "cftoken.l" ++#line 156 "cftoken.l" + { YYD; return(CHROOT); } + YY_BREAK + case 6: + YY_RULE_SETUP +-#line 156 "cftoken.l" ++#line 157 "cftoken.l" + { BEGIN S_INI; return(EOC); } + YY_BREAK + /* path */ + case 7: + YY_RULE_SETUP +-#line 159 "cftoken.l" ++#line 160 "cftoken.l" + { BEGIN S_PTH; YYDB; return(PATH); } + YY_BREAK + case 8: + YY_RULE_SETUP +-#line 160 "cftoken.l" ++#line 161 "cftoken.l" + { YYD; yylval.num = LC_PATHTYPE_INCLUDE; + return(PATHTYPE); } + YY_BREAK + case 9: + YY_RULE_SETUP +-#line 162 "cftoken.l" ++#line 163 "cftoken.l" + { YYD; yylval.num = LC_PATHTYPE_PSK; + return(PATHTYPE); } + YY_BREAK + case 10: + YY_RULE_SETUP +-#line 164 "cftoken.l" ++#line 165 "cftoken.l" + { YYD; yylval.num = LC_PATHTYPE_CERT; + return(PATHTYPE); } + YY_BREAK + case 11: + YY_RULE_SETUP +-#line 166 "cftoken.l" ++#line 167 "cftoken.l" + { YYD; yylval.num = LC_PATHTYPE_SCRIPT; + return(PATHTYPE); } + YY_BREAK + case 12: + YY_RULE_SETUP +-#line 168 "cftoken.l" ++#line 169 "cftoken.l" + { YYD; yylval.num = LC_PATHTYPE_BACKUPSA; + return(PATHTYPE); } + YY_BREAK + case 13: + YY_RULE_SETUP +-#line 170 "cftoken.l" ++#line 171 "cftoken.l" + { YYD; yylval.num = LC_PATHTYPE_PIDFILE; + return(PATHTYPE); } + YY_BREAK + case 14: + YY_RULE_SETUP +-#line 172 "cftoken.l" ++#line 173 "cftoken.l" + { BEGIN S_INI; YYDB; return(EOS); } + YY_BREAK + /* include */ + case 15: + YY_RULE_SETUP +-#line 175 "cftoken.l" ++#line 176 "cftoken.l" + { YYDB; return(INCLUDE); } + YY_BREAK + /* self information */ + case 16: + YY_RULE_SETUP +-#line 178 "cftoken.l" ++#line 179 "cftoken.l" + { BEGIN S_INF; YYDB; yywarn("it is obsoleted. use \"my_identifier\" in each remote directives."); return(IDENTIFIER); } + YY_BREAK + case 17: + YY_RULE_SETUP +-#line 179 "cftoken.l" ++#line 180 "cftoken.l" + { BEGIN S_INI; return(EOS); } + YY_BREAK + /* special */ + case 18: + YY_RULE_SETUP +-#line 182 "cftoken.l" ++#line 183 "cftoken.l" + { YYDB; return(COMPLEX_BUNDLE); } + YY_BREAK + /* logging */ + case 19: + YY_RULE_SETUP +-#line 185 "cftoken.l" ++#line 186 "cftoken.l" + { BEGIN S_LOG; YYDB; return(LOGGING); } + YY_BREAK + case 20: + YY_RULE_SETUP +-#line 186 "cftoken.l" ++#line 187 "cftoken.l" + { YYD; yylval.num = LLV_ERROR; return(LOGLEV); } + YY_BREAK + case 21: + YY_RULE_SETUP +-#line 187 "cftoken.l" ++#line 188 "cftoken.l" + { YYD; yylval.num = LLV_WARNING; return(LOGLEV); } + YY_BREAK + case 22: + YY_RULE_SETUP +-#line 188 "cftoken.l" ++#line 189 "cftoken.l" + { YYD; yylval.num = LLV_NOTIFY; return(LOGLEV); } + YY_BREAK + case 23: + YY_RULE_SETUP +-#line 189 "cftoken.l" ++#line 190 "cftoken.l" + { YYD; yylval.num = LLV_INFO; return(LOGLEV); } + YY_BREAK + case 24: + YY_RULE_SETUP +-#line 190 "cftoken.l" ++#line 191 "cftoken.l" + { YYD; yylval.num = LLV_DEBUG; return(LOGLEV); } + YY_BREAK + case 25: + YY_RULE_SETUP +-#line 191 "cftoken.l" ++#line 192 "cftoken.l" + { YYD; yylval.num = LLV_DEBUG2; return(LOGLEV); } + YY_BREAK + case 26: + YY_RULE_SETUP +-#line 192 "cftoken.l" ++#line 193 "cftoken.l" + { YYD; yywarn("it is obsoleted. use \"debug2\""); yylval.num = LLV_DEBUG2; return(LOGLEV); } + YY_BREAK + case 27: + YY_RULE_SETUP +-#line 193 "cftoken.l" ++#line 194 "cftoken.l" + { YYD; yywarn("it is obsoleted. use \"debug2\""); yylval.num = LLV_DEBUG2; return(LOGLEV); } + YY_BREAK + case 28: + YY_RULE_SETUP +-#line 194 "cftoken.l" ++#line 195 "cftoken.l" + { BEGIN S_INI; return(EOS); } + YY_BREAK + /* padding */ + case 29: + YY_RULE_SETUP +-#line 197 "cftoken.l" ++#line 198 "cftoken.l" + { BEGIN S_PAD; YYDB; return(PADDING); } + YY_BREAK + case 30: + YY_RULE_SETUP +-#line 198 "cftoken.l" ++#line 199 "cftoken.l" + { return(BOC); } + YY_BREAK + case 31: + YY_RULE_SETUP +-#line 199 "cftoken.l" ++#line 200 "cftoken.l" + { YYD; return(PAD_RANDOMIZE); } + YY_BREAK + case 32: + YY_RULE_SETUP +-#line 200 "cftoken.l" ++#line 201 "cftoken.l" + { YYD; return(PAD_RANDOMIZELEN); } + YY_BREAK + case 33: + YY_RULE_SETUP +-#line 201 "cftoken.l" ++#line 202 "cftoken.l" + { YYD; return(PAD_MAXLEN); } + YY_BREAK + case 34: + YY_RULE_SETUP +-#line 202 "cftoken.l" ++#line 203 "cftoken.l" + { YYD; return(PAD_STRICT); } + YY_BREAK + case 35: + YY_RULE_SETUP +-#line 203 "cftoken.l" ++#line 204 "cftoken.l" + { YYD; return(PAD_EXCLTAIL); } + YY_BREAK + case 36: + YY_RULE_SETUP +-#line 204 "cftoken.l" ++#line 205 "cftoken.l" + { BEGIN S_INI; return(EOC); } + YY_BREAK + /* listen */ + case 37: + YY_RULE_SETUP +-#line 207 "cftoken.l" ++#line 208 "cftoken.l" + { BEGIN S_LST; YYDB; return(LISTEN); } + YY_BREAK + case 38: + YY_RULE_SETUP +-#line 208 "cftoken.l" ++#line 209 "cftoken.l" + { return(BOC); } + YY_BREAK + case 39: + YY_RULE_SETUP +-#line 209 "cftoken.l" ++#line 210 "cftoken.l" + { YYD; return(X_ISAKMP); } + YY_BREAK + case 40: + YY_RULE_SETUP +-#line 210 "cftoken.l" ++#line 211 "cftoken.l" + { YYD; return(X_ISAKMP_NATT); } + YY_BREAK + case 41: + YY_RULE_SETUP +-#line 211 "cftoken.l" ++#line 212 "cftoken.l" + { YYD; return(X_ADMIN); } + YY_BREAK + case 42: + YY_RULE_SETUP +-#line 212 "cftoken.l" ++#line 213 "cftoken.l" + { YYD; return(ADMINSOCK); } + YY_BREAK + case 43: + YY_RULE_SETUP +-#line 213 "cftoken.l" ++#line 214 "cftoken.l" + { YYD; return(DISABLED); } + YY_BREAK + case 44: + YY_RULE_SETUP +-#line 214 "cftoken.l" ++#line 215 "cftoken.l" + { YYD; return(STRICT_ADDRESS); } + YY_BREAK + case 45: + YY_RULE_SETUP +-#line 215 "cftoken.l" ++#line 216 "cftoken.l" + { BEGIN S_INI; return(EOC); } + YY_BREAK + /* ldap config */ + case 46: + YY_RULE_SETUP +-#line 218 "cftoken.l" ++#line 219 "cftoken.l" + { BEGIN S_LDAP; YYDB; return(LDAPCFG); } + YY_BREAK + case 47: + YY_RULE_SETUP +-#line 219 "cftoken.l" ++#line 220 "cftoken.l" + { return(BOC); } + YY_BREAK + case 48: + YY_RULE_SETUP +-#line 220 "cftoken.l" ++#line 221 "cftoken.l" + { YYD; return(LDAP_PVER); } + YY_BREAK + case 49: + YY_RULE_SETUP +-#line 221 "cftoken.l" ++#line 222 "cftoken.l" + { YYD; return(LDAP_HOST); } + YY_BREAK + case 50: + YY_RULE_SETUP +-#line 222 "cftoken.l" ++#line 223 "cftoken.l" + { YYD; return(LDAP_PORT); } + YY_BREAK + case 51: + YY_RULE_SETUP +-#line 223 "cftoken.l" ++#line 224 "cftoken.l" + { YYD; return(LDAP_BASE); } + YY_BREAK + case 52: + YY_RULE_SETUP +-#line 224 "cftoken.l" ++#line 225 "cftoken.l" + { YYD; return(LDAP_SUBTREE); } + YY_BREAK + case 53: + YY_RULE_SETUP +-#line 225 "cftoken.l" ++#line 226 "cftoken.l" + { YYD; return(LDAP_BIND_DN); } + YY_BREAK + case 54: + YY_RULE_SETUP +-#line 226 "cftoken.l" ++#line 227 "cftoken.l" + { YYD; return(LDAP_BIND_PW); } + YY_BREAK + case 55: + YY_RULE_SETUP +-#line 227 "cftoken.l" ++#line 228 "cftoken.l" + { YYD; return(LDAP_ATTR_USER); } + YY_BREAK + case 56: + YY_RULE_SETUP +-#line 228 "cftoken.l" ++#line 229 "cftoken.l" + { YYD; return(LDAP_ATTR_ADDR); } + YY_BREAK + case 57: + YY_RULE_SETUP +-#line 229 "cftoken.l" ++#line 230 "cftoken.l" + { YYD; return(LDAP_ATTR_MASK); } + YY_BREAK + case 58: + YY_RULE_SETUP +-#line 230 "cftoken.l" ++#line 231 "cftoken.l" + { YYD; return(LDAP_ATTR_GROUP); } + YY_BREAK + case 59: + YY_RULE_SETUP +-#line 231 "cftoken.l" ++#line 232 "cftoken.l" + { YYD; return(LDAP_ATTR_MEMBER); } + YY_BREAK + case 60: + YY_RULE_SETUP +-#line 232 "cftoken.l" ++#line 233 "cftoken.l" + { BEGIN S_INI; return(EOC); } + YY_BREAK + /* mode_cfg */ + case 61: + YY_RULE_SETUP +-#line 235 "cftoken.l" ++#line 236 "cftoken.l" + { BEGIN S_CFG; YYDB; return(MODECFG); } + YY_BREAK + case 62: + YY_RULE_SETUP +-#line 236 "cftoken.l" ++#line 237 "cftoken.l" + { return(BOC); } + YY_BREAK + case 63: + YY_RULE_SETUP +-#line 237 "cftoken.l" ++#line 238 "cftoken.l" + { YYD; return(CFG_NET4); } + YY_BREAK + case 64: + YY_RULE_SETUP +-#line 238 "cftoken.l" ++#line 239 "cftoken.l" + { YYD; return(CFG_MASK4); } + YY_BREAK + case 65: + YY_RULE_SETUP +-#line 239 "cftoken.l" ++#line 240 "cftoken.l" + { YYD; return(CFG_DNS4); } + YY_BREAK + case 66: + YY_RULE_SETUP +-#line 240 "cftoken.l" ++#line 241 "cftoken.l" + { YYD; return(CFG_NBNS4); } + YY_BREAK + case 67: + YY_RULE_SETUP +-#line 241 "cftoken.l" ++#line 242 "cftoken.l" + { YYD; return(CFG_NBNS4); } + YY_BREAK + case 68: + YY_RULE_SETUP +-#line 242 "cftoken.l" ++#line 243 "cftoken.l" + { YYD; return(CFG_DEFAULT_DOMAIN); } + YY_BREAK + case 69: + YY_RULE_SETUP +-#line 243 "cftoken.l" ++#line 244 "cftoken.l" + { YYD; return(CFG_AUTH_SOURCE); } + YY_BREAK + case 70: + YY_RULE_SETUP +-#line 244 "cftoken.l" ++#line 245 "cftoken.l" + { YYD; return(CFG_AUTH_GROUPS); } + YY_BREAK + case 71: + YY_RULE_SETUP +-#line 245 "cftoken.l" ++#line 246 "cftoken.l" + { YYD; return(CFG_GROUP_SOURCE); } + YY_BREAK + case 72: + YY_RULE_SETUP +-#line 246 "cftoken.l" ++#line 247 "cftoken.l" + { YYD; return(CFG_CONF_SOURCE); } + YY_BREAK + case 73: + YY_RULE_SETUP +-#line 247 "cftoken.l" ++#line 248 "cftoken.l" + { YYD; return(CFG_ACCOUNTING); } + YY_BREAK + case 74: + YY_RULE_SETUP +-#line 248 "cftoken.l" ++#line 249 "cftoken.l" + { YYD; return(CFG_SYSTEM); } + YY_BREAK + case 75: + YY_RULE_SETUP +-#line 249 "cftoken.l" ++#line 250 "cftoken.l" + { YYD; return(CFG_LOCAL); } + YY_BREAK + case 76: + YY_RULE_SETUP +-#line 250 "cftoken.l" ++#line 251 "cftoken.l" + { YYD; return(CFG_NONE); } + YY_BREAK + case 77: + YY_RULE_SETUP +-#line 251 "cftoken.l" ++#line 252 "cftoken.l" + { YYD; return(CFG_RADIUS); } + YY_BREAK + case 78: + YY_RULE_SETUP +-#line 252 "cftoken.l" ++#line 253 "cftoken.l" + { YYD; return(CFG_PAM); } + YY_BREAK + case 79: + YY_RULE_SETUP +-#line 253 "cftoken.l" ++#line 254 "cftoken.l" + { YYD; return(CFG_LDAP); } + YY_BREAK + case 80: + YY_RULE_SETUP +-#line 254 "cftoken.l" ++#line 255 "cftoken.l" + { YYD; return(CFG_POOL_SIZE); } + YY_BREAK + case 81: + YY_RULE_SETUP +-#line 255 "cftoken.l" ++#line 256 "cftoken.l" + { YYD; return(CFG_MOTD); } + YY_BREAK + case 82: + YY_RULE_SETUP +-#line 256 "cftoken.l" ++#line 257 "cftoken.l" + { YYD; return(CFG_AUTH_THROTTLE); } + YY_BREAK + case 83: + YY_RULE_SETUP +-#line 257 "cftoken.l" ++#line 258 "cftoken.l" + { YYD; return(CFG_SPLIT_NETWORK); } + YY_BREAK + case 84: + YY_RULE_SETUP +-#line 258 "cftoken.l" ++#line 259 "cftoken.l" + { YYD; return(CFG_SPLIT_LOCAL); } + YY_BREAK + case 85: + YY_RULE_SETUP +-#line 259 "cftoken.l" ++#line 260 "cftoken.l" + { YYD; return(CFG_SPLIT_INCLUDE); } + YY_BREAK + case 86: + YY_RULE_SETUP +-#line 260 "cftoken.l" ++#line 261 "cftoken.l" + { YYD; return(CFG_SPLIT_DNS); } + YY_BREAK + case 87: + YY_RULE_SETUP +-#line 261 "cftoken.l" ++#line 262 "cftoken.l" + { YYD; return(CFG_PFS_GROUP); } + YY_BREAK + case 88: + YY_RULE_SETUP +-#line 262 "cftoken.l" ++#line 263 "cftoken.l" + { YYD; return(CFG_SAVE_PASSWD); } + YY_BREAK + case 89: + YY_RULE_SETUP +-#line 263 "cftoken.l" ++#line 264 "cftoken.l" + { YYD; return(COMMA); } + YY_BREAK + case 90: + YY_RULE_SETUP +-#line 264 "cftoken.l" ++#line 265 "cftoken.l" + { BEGIN S_INI; return(EOC); } + YY_BREAK + /* timer */ + case 91: + YY_RULE_SETUP +-#line 267 "cftoken.l" ++#line 268 "cftoken.l" + { BEGIN S_RTRY; YYDB; return(RETRY); } + YY_BREAK + case 92: + YY_RULE_SETUP +-#line 268 "cftoken.l" ++#line 269 "cftoken.l" + { return(BOC); } + YY_BREAK + case 93: + YY_RULE_SETUP +-#line 269 "cftoken.l" ++#line 270 "cftoken.l" + { YYD; return(RETRY_COUNTER); } + YY_BREAK + case 94: + YY_RULE_SETUP +-#line 270 "cftoken.l" ++#line 271 "cftoken.l" + { YYD; return(RETRY_INTERVAL); } + YY_BREAK + case 95: + YY_RULE_SETUP +-#line 271 "cftoken.l" ++#line 272 "cftoken.l" + { YYD; return(RETRY_PERSEND); } + YY_BREAK + case 96: + YY_RULE_SETUP +-#line 272 "cftoken.l" ++#line 273 "cftoken.l" + { YYD; return(RETRY_PHASE1); } + YY_BREAK + case 97: + YY_RULE_SETUP +-#line 273 "cftoken.l" ++#line 274 "cftoken.l" + { YYD; return(RETRY_PHASE2); } + YY_BREAK + case 98: + YY_RULE_SETUP +-#line 274 "cftoken.l" ++#line 275 "cftoken.l" + { YYD; return(NATT_KA); } + YY_BREAK + case 99: + YY_RULE_SETUP +-#line 275 "cftoken.l" ++#line 276 "cftoken.l" + { BEGIN S_INI; return(EOC); } + YY_BREAK + /* sainfo */ + case 100: + YY_RULE_SETUP +-#line 278 "cftoken.l" ++#line 279 "cftoken.l" + { BEGIN S_SAINF; YYDB; return(SAINFO); } + YY_BREAK + case 101: + YY_RULE_SETUP +-#line 279 "cftoken.l" ++#line 280 "cftoken.l" + { YYD; return(ANONYMOUS); } + YY_BREAK + case 102: + YY_RULE_SETUP +-#line 280 "cftoken.l" ++#line 281 "cftoken.l" + { YYD; return(PORTANY); } + YY_BREAK + case 103: + YY_RULE_SETUP +-#line 281 "cftoken.l" ++#line 282 "cftoken.l" + { YYD; return(ANY); } + YY_BREAK + case 104: + YY_RULE_SETUP +-#line 282 "cftoken.l" ++#line 283 "cftoken.l" + { YYD; return(FROM); } + YY_BREAK + case 105: + YY_RULE_SETUP +-#line 283 "cftoken.l" ++#line 284 "cftoken.l" + { YYD; return(GROUP); } + YY_BREAK + /* sainfo spec */ + case 106: + YY_RULE_SETUP +-#line 285 "cftoken.l" ++#line 286 "cftoken.l" + { BEGIN S_SAINFS; return(BOC); } + YY_BREAK + case 107: + YY_RULE_SETUP +-#line 286 "cftoken.l" ++#line 287 "cftoken.l" + { BEGIN S_INI; return(EOS); } + YY_BREAK + case 108: + YY_RULE_SETUP +-#line 287 "cftoken.l" ++#line 288 "cftoken.l" + { BEGIN S_INI; return(EOC); } + YY_BREAK + case 109: + YY_RULE_SETUP +-#line 288 "cftoken.l" ++#line 289 "cftoken.l" + { YYD; return(PFS_GROUP); } + YY_BREAK + case 110: + YY_RULE_SETUP +-#line 289 "cftoken.l" ++#line 290 "cftoken.l" + { YYD; return(REMOTEID); } + YY_BREAK + case 111: + YY_RULE_SETUP +-#line 290 "cftoken.l" ++#line 291 "cftoken.l" + { YYD; yywarn("it is obsoleted. use \"my_identifier\"."); return(IDENTIFIER); } + YY_BREAK + case 112: + YY_RULE_SETUP +-#line 291 "cftoken.l" ++#line 292 "cftoken.l" + { YYD; return(MY_IDENTIFIER); } + YY_BREAK + case 113: + YY_RULE_SETUP +-#line 292 "cftoken.l" ++#line 293 "cftoken.l" + { YYD; return(LIFETIME); } + YY_BREAK + case 114: + YY_RULE_SETUP +-#line 293 "cftoken.l" ++#line 294 "cftoken.l" + { YYD; return(LIFETYPE_TIME); } + YY_BREAK + case 115: + YY_RULE_SETUP +-#line 294 "cftoken.l" ++#line 295 "cftoken.l" + { YYD; return(LIFETYPE_BYTE); } + YY_BREAK + case 116: + YY_RULE_SETUP +-#line 295 "cftoken.l" ++#line 296 "cftoken.l" + { YYD; yylval.num = algclass_ipsec_enc; return(ALGORITHM_CLASS); } + YY_BREAK + case 117: + YY_RULE_SETUP +-#line 296 "cftoken.l" ++#line 297 "cftoken.l" + { YYD; yylval.num = algclass_ipsec_auth; return(ALGORITHM_CLASS); } + YY_BREAK + case 118: + YY_RULE_SETUP +-#line 297 "cftoken.l" ++#line 298 "cftoken.l" + { YYD; yylval.num = algclass_ipsec_comp; return(ALGORITHM_CLASS); } + YY_BREAK + case 119: + YY_RULE_SETUP +-#line 298 "cftoken.l" ++#line 299 "cftoken.l" + { YYD; return(COMMA); } + YY_BREAK + /* remote */ + case 120: + YY_RULE_SETUP +-#line 301 "cftoken.l" ++#line 302 "cftoken.l" + { BEGIN S_RMT; YYDB; return(REMOTE); } + YY_BREAK + case 121: + YY_RULE_SETUP +-#line 302 "cftoken.l" ++#line 303 "cftoken.l" + { YYD; return(ANONYMOUS); } + YY_BREAK + case 122: + YY_RULE_SETUP +-#line 303 "cftoken.l" ++#line 304 "cftoken.l" + { YYD; return(INHERIT); } + YY_BREAK + /* remote spec */ + case 123: + YY_RULE_SETUP +-#line 305 "cftoken.l" ++#line 306 "cftoken.l" + { BEGIN S_RMTS; return(BOC); } + YY_BREAK + case 124: + YY_RULE_SETUP +-#line 306 "cftoken.l" ++#line 307 "cftoken.l" + { BEGIN S_INI; return(EOC); } + YY_BREAK + case 125: + YY_RULE_SETUP +-#line 307 "cftoken.l" ++#line 308 "cftoken.l" + { YYD; return(EXCHANGE_MODE); } + YY_BREAK + case 126: + YY_RULE_SETUP +-#line 308 "cftoken.l" ++#line 309 "cftoken.l" + { YYD; /* XXX ignored, but to be handled. */ ; } + YY_BREAK + case 127: + YY_RULE_SETUP +-#line 309 "cftoken.l" ++#line 310 "cftoken.l" + { YYD; yylval.num = ISAKMP_ETYPE_BASE; return(EXCHANGETYPE); } + YY_BREAK + case 128: + YY_RULE_SETUP +-#line 310 "cftoken.l" ++#line 311 "cftoken.l" + { YYD; yylval.num = ISAKMP_ETYPE_IDENT; return(EXCHANGETYPE); } + YY_BREAK + case 129: + YY_RULE_SETUP +-#line 311 "cftoken.l" ++#line 312 "cftoken.l" + { YYD; yylval.num = ISAKMP_ETYPE_AGG; return(EXCHANGETYPE); } + YY_BREAK + case 130: + YY_RULE_SETUP +-#line 312 "cftoken.l" ++#line 313 "cftoken.l" + { YYD; return(DOI); } + YY_BREAK + case 131: + YY_RULE_SETUP +-#line 313 "cftoken.l" ++#line 314 "cftoken.l" + { YYD; yylval.num = IPSEC_DOI; return(DOITYPE); } + YY_BREAK + case 132: + YY_RULE_SETUP +-#line 314 "cftoken.l" ++#line 315 "cftoken.l" + { YYD; return(SITUATION); } + YY_BREAK + case 133: + YY_RULE_SETUP +-#line 315 "cftoken.l" ++#line 316 "cftoken.l" + { YYD; yylval.num = IPSECDOI_SIT_IDENTITY_ONLY; return(SITUATIONTYPE); } + YY_BREAK + case 134: + YY_RULE_SETUP +-#line 316 "cftoken.l" ++#line 317 "cftoken.l" + { YYD; yylval.num = IPSECDOI_SIT_SECRECY; return(SITUATIONTYPE); } + YY_BREAK + case 135: + YY_RULE_SETUP +-#line 317 "cftoken.l" ++#line 318 "cftoken.l" + { YYD; yylval.num = IPSECDOI_SIT_INTEGRITY; return(SITUATIONTYPE); } + YY_BREAK + case 136: + YY_RULE_SETUP +-#line 318 "cftoken.l" ++#line 319 "cftoken.l" + { YYD; yywarn("it is obsoleted. use \"my_identifier\"."); return(IDENTIFIER); } + YY_BREAK + case 137: + YY_RULE_SETUP +-#line 319 "cftoken.l" ++#line 320 "cftoken.l" + { YYD; return(MY_IDENTIFIER); } + YY_BREAK + case 138: + YY_RULE_SETUP +-#line 320 "cftoken.l" ++#line 321 "cftoken.l" + { YYD; return(XAUTH_LOGIN); /* formerly identifier type login */ } + YY_BREAK + case 139: + YY_RULE_SETUP +-#line 321 "cftoken.l" ++#line 322 "cftoken.l" + { YYD; return(PEERS_IDENTIFIER); } + YY_BREAK + case 140: + YY_RULE_SETUP +-#line 322 "cftoken.l" ++#line 323 "cftoken.l" + { YYD; return(VERIFY_IDENTIFIER); } + YY_BREAK + case 141: + YY_RULE_SETUP +-#line 323 "cftoken.l" ++#line 324 "cftoken.l" + { YYD; return(CERTIFICATE_TYPE); } + YY_BREAK + case 142: + YY_RULE_SETUP +-#line 324 "cftoken.l" ++#line 325 "cftoken.l" + { YYD; return(CA_TYPE); } + YY_BREAK + case 143: + YY_RULE_SETUP +-#line 325 "cftoken.l" ++#line 326 "cftoken.l" + { YYD; yylval.num = ISAKMP_CERT_X509SIGN; return(CERT_X509); } + YY_BREAK + case 144: + YY_RULE_SETUP +-#line 326 "cftoken.l" ++#line 327 "cftoken.l" + { YYD; yylval.num = ISAKMP_CERT_PLAINRSA; return(CERT_PLAINRSA); } + YY_BREAK + case 145: + YY_RULE_SETUP +-#line 327 "cftoken.l" ++#line 328 "cftoken.l" + { YYD; return(PEERS_CERTFILE); } + YY_BREAK + case 146: + YY_RULE_SETUP +-#line 328 "cftoken.l" ++#line 329 "cftoken.l" + { YYD; return(DNSSEC); } + YY_BREAK + case 147: + YY_RULE_SETUP +-#line 329 "cftoken.l" ++#line 330 "cftoken.l" + { YYD; return(VERIFY_CERT); } + YY_BREAK + case 148: + YY_RULE_SETUP +-#line 330 "cftoken.l" ++#line 331 "cftoken.l" + { YYD; return(SEND_CERT); } + YY_BREAK + case 149: + YY_RULE_SETUP +-#line 331 "cftoken.l" ++#line 332 "cftoken.l" + { YYD; return(SEND_CR); } + YY_BREAK + case 150: + YY_RULE_SETUP +-#line 332 "cftoken.l" ++#line 333 "cftoken.l" + { YYD; return(DH_GROUP); } + YY_BREAK + case 151: + YY_RULE_SETUP +-#line 333 "cftoken.l" ++#line 334 "cftoken.l" + { YYD; return(NONCE_SIZE); } + YY_BREAK + case 152: + YY_RULE_SETUP +-#line 334 "cftoken.l" ++#line 335 "cftoken.l" + { YYD; return(GENERATE_POLICY); } + YY_BREAK + case 153: + YY_RULE_SETUP +-#line 335 "cftoken.l" ++#line 336 "cftoken.l" + { YYD; yylval.num = GENERATE_POLICY_UNIQUE; return(GENERATE_LEVEL); } + YY_BREAK + case 154: + YY_RULE_SETUP +-#line 336 "cftoken.l" ++#line 337 "cftoken.l" + { YYD; yylval.num = GENERATE_POLICY_REQUIRE; return(GENERATE_LEVEL); } + YY_BREAK + case 155: + YY_RULE_SETUP +-#line 337 "cftoken.l" ++#line 338 "cftoken.l" + { YYD; yywarn("it is obsoleted. use \"support_proxy\"."); return(SUPPORT_PROXY); } + YY_BREAK + case 156: + YY_RULE_SETUP +-#line 338 "cftoken.l" ++#line 339 "cftoken.l" + { YYD; return(SUPPORT_PROXY); } + YY_BREAK + case 157: + YY_RULE_SETUP +-#line 339 "cftoken.l" ++#line 340 "cftoken.l" + { YYD; return(INITIAL_CONTACT); } + YY_BREAK + case 158: + YY_RULE_SETUP +-#line 340 "cftoken.l" ++#line 341 "cftoken.l" + { YYD; return(NAT_TRAVERSAL); } + YY_BREAK + case 159: + YY_RULE_SETUP +-#line 341 "cftoken.l" ++#line 342 "cftoken.l" + { YYD; return(REMOTE_FORCE_LEVEL); } + YY_BREAK + case 160: + YY_RULE_SETUP +-#line 342 "cftoken.l" ++#line 343 "cftoken.l" + { YYD; return(PROPOSAL_CHECK); } + YY_BREAK + case 161: + YY_RULE_SETUP +-#line 343 "cftoken.l" ++#line 344 "cftoken.l" + { YYD; yylval.num = PROP_CHECK_OBEY; return(PROPOSAL_CHECK_LEVEL); } + YY_BREAK + case 162: + YY_RULE_SETUP +-#line 344 "cftoken.l" ++#line 345 "cftoken.l" + { YYD; yylval.num = PROP_CHECK_STRICT; return(PROPOSAL_CHECK_LEVEL); } + YY_BREAK + case 163: + YY_RULE_SETUP +-#line 345 "cftoken.l" ++#line 346 "cftoken.l" + { YYD; yylval.num = PROP_CHECK_EXACT; return(PROPOSAL_CHECK_LEVEL); } + YY_BREAK + case 164: + YY_RULE_SETUP +-#line 346 "cftoken.l" ++#line 347 "cftoken.l" + { YYD; yylval.num = PROP_CHECK_CLAIM; return(PROPOSAL_CHECK_LEVEL); } + YY_BREAK + case 165: + YY_RULE_SETUP +-#line 347 "cftoken.l" ++#line 348 "cftoken.l" + { YYD; return(KEEPALIVE); } + YY_BREAK + case 166: + YY_RULE_SETUP +-#line 348 "cftoken.l" ++#line 349 "cftoken.l" + { YYD; return(PASSIVE); } + YY_BREAK + case 167: + YY_RULE_SETUP +-#line 349 "cftoken.l" ++#line 350 "cftoken.l" + { YYD; return(LIFETIME); } + YY_BREAK + case 168: + YY_RULE_SETUP +-#line 350 "cftoken.l" ++#line 351 "cftoken.l" + { YYD; return(LIFETYPE_TIME); } + YY_BREAK + case 169: + YY_RULE_SETUP +-#line 351 "cftoken.l" ++#line 352 "cftoken.l" + { YYD; return(LIFETYPE_BYTE); } + YY_BREAK + case 170: + YY_RULE_SETUP +-#line 352 "cftoken.l" ++#line 353 "cftoken.l" + { YYD; return(DPD); } + YY_BREAK + case 171: + YY_RULE_SETUP +-#line 353 "cftoken.l" ++#line 354 "cftoken.l" + { YYD; return(DPD_DELAY); } + YY_BREAK + case 172: + YY_RULE_SETUP +-#line 354 "cftoken.l" ++#line 355 "cftoken.l" + { YYD; return(DPD_RETRY); } + YY_BREAK + case 173: + YY_RULE_SETUP +-#line 355 "cftoken.l" ++#line 356 "cftoken.l" + { YYD; return(DPD_MAXFAIL); } + YY_BREAK + case 174: + YY_RULE_SETUP +-#line 356 "cftoken.l" ++#line 357 "cftoken.l" + { YYD; return(PH1ID); } + YY_BREAK + case 175: + YY_RULE_SETUP +-#line 357 "cftoken.l" ++#line 358 "cftoken.l" + { YYD; return(IKE_FRAG); } + YY_BREAK + case 176: + YY_RULE_SETUP +-#line 358 "cftoken.l" ++#line 359 "cftoken.l" + { YYD; return(ESP_FRAG); } + YY_BREAK + case 177: + YY_RULE_SETUP +-#line 359 "cftoken.l" ++#line 360 "cftoken.l" + { YYD; return(SCRIPT); } + YY_BREAK + case 178: + YY_RULE_SETUP +-#line 360 "cftoken.l" ++#line 361 "cftoken.l" + { YYD; return(PHASE1_UP); } + YY_BREAK + case 179: + YY_RULE_SETUP +-#line 361 "cftoken.l" ++#line 362 "cftoken.l" + { YYD; return(PHASE1_DOWN); } + YY_BREAK + case 180: + YY_RULE_SETUP +-#line 362 "cftoken.l" ++#line 363 "cftoken.l" + { YYD; return(MODE_CFG); } + YY_BREAK + case 181: + YY_RULE_SETUP +-#line 363 "cftoken.l" ++#line 364 "cftoken.l" + { YYD; return(WEAK_PHASE1_CHECK); } + YY_BREAK + /* remote proposal */ + case 182: + YY_RULE_SETUP +-#line 365 "cftoken.l" ++#line 366 "cftoken.l" + { BEGIN S_RMTP; YYDB; return(PROPOSAL); } + YY_BREAK + case 183: + YY_RULE_SETUP +-#line 366 "cftoken.l" ++#line 367 "cftoken.l" + { return(BOC); } + YY_BREAK + case 184: + YY_RULE_SETUP +-#line 367 "cftoken.l" ++#line 368 "cftoken.l" + { BEGIN S_RMTS; return(EOC); } + YY_BREAK + case 185: + YY_RULE_SETUP +-#line 368 "cftoken.l" ++#line 369 "cftoken.l" + { YYD; return(LIFETIME); } + YY_BREAK + case 186: + YY_RULE_SETUP +-#line 369 "cftoken.l" ++#line 370 "cftoken.l" + { YYD; return(LIFETYPE_TIME); } + YY_BREAK + case 187: + YY_RULE_SETUP +-#line 370 "cftoken.l" ++#line 371 "cftoken.l" + { YYD; return(LIFETYPE_BYTE); } + YY_BREAK + case 188: + YY_RULE_SETUP +-#line 371 "cftoken.l" ++#line 372 "cftoken.l" + { YYD; yylval.num = algclass_isakmp_enc; return(ALGORITHM_CLASS); } + YY_BREAK + case 189: + YY_RULE_SETUP +-#line 372 "cftoken.l" ++#line 373 "cftoken.l" + { YYD; yylval.num = algclass_isakmp_ameth; return(ALGORITHM_CLASS); } + YY_BREAK + case 190: + YY_RULE_SETUP +-#line 373 "cftoken.l" ++#line 374 "cftoken.l" + { YYD; yylval.num = algclass_isakmp_hash; return(ALGORITHM_CLASS); } + YY_BREAK + case 191: + YY_RULE_SETUP +-#line 374 "cftoken.l" ++#line 375 "cftoken.l" + { YYD; return(DH_GROUP); } + YY_BREAK + case 192: + YY_RULE_SETUP +-#line 375 "cftoken.l" ++#line 376 "cftoken.l" + { YYD; return(GSS_ID); } + YY_BREAK + case 193: + YY_RULE_SETUP +-#line 376 "cftoken.l" ++#line 377 "cftoken.l" + { YYD; return(GSS_ID); } /* for back compatibility */ + YY_BREAK + /* GSS ID encoding type (global) */ + case 194: + YY_RULE_SETUP +-#line 379 "cftoken.l" ++#line 380 "cftoken.l" + { BEGIN S_GSSENC; YYDB; return(GSS_ID_ENC); } + YY_BREAK + case 195: + YY_RULE_SETUP +-#line 380 "cftoken.l" ++#line 381 "cftoken.l" + { YYD; yylval.num = LC_GSSENC_LATIN1; + return(GSS_ID_ENCTYPE); } + YY_BREAK + case 196: + YY_RULE_SETUP +-#line 382 "cftoken.l" ++#line 383 "cftoken.l" + { YYD; yylval.num = LC_GSSENC_UTF16LE; + return(GSS_ID_ENCTYPE); } + YY_BREAK + case 197: + YY_RULE_SETUP +-#line 384 "cftoken.l" ++#line 385 "cftoken.l" + { BEGIN S_INI; YYDB; return(EOS); } + YY_BREAK + /* parameter */ + case 198: + YY_RULE_SETUP +-#line 387 "cftoken.l" ++#line 388 "cftoken.l" + { YYD; yylval.num = TRUE; return(SWITCH); } + YY_BREAK + case 199: + YY_RULE_SETUP +-#line 388 "cftoken.l" ++#line 389 "cftoken.l" + { YYD; yylval.num = FALSE; return(SWITCH); } + YY_BREAK + /* prefix */ + case 200: + YY_RULE_SETUP +-#line 391 "cftoken.l" ++#line 392 "cftoken.l" + { + YYD; + yytext++; +@@ -2947,7 +2970,7 @@ YY_RULE_SETUP + /* port number */ + case 201: + YY_RULE_SETUP +-#line 399 "cftoken.l" ++#line 400 "cftoken.l" + { + char *p = yytext; + YYD; +@@ -2961,7 +2984,7 @@ YY_RULE_SETUP + /* address range */ + case 202: + YY_RULE_SETUP +-#line 410 "cftoken.l" ++#line 411 "cftoken.l" + { + YYD; + yytext++; +@@ -2977,318 +3000,318 @@ YY_RULE_SETUP + /* upper protocol */ + case 203: + YY_RULE_SETUP +-#line 423 "cftoken.l" ++#line 424 "cftoken.l" + { YYD; yylval.num = IPPROTO_ESP; return(UL_PROTO); } + YY_BREAK + case 204: + YY_RULE_SETUP +-#line 424 "cftoken.l" ++#line 425 "cftoken.l" + { YYD; yylval.num = IPPROTO_AH; return(UL_PROTO); } + YY_BREAK + case 205: + YY_RULE_SETUP +-#line 425 "cftoken.l" ++#line 426 "cftoken.l" + { YYD; yylval.num = IPPROTO_IPCOMP; return(UL_PROTO); } + YY_BREAK + case 206: + YY_RULE_SETUP +-#line 426 "cftoken.l" ++#line 427 "cftoken.l" + { YYD; yylval.num = IPPROTO_ICMP; return(UL_PROTO); } + YY_BREAK + case 207: + YY_RULE_SETUP +-#line 427 "cftoken.l" ++#line 428 "cftoken.l" + { YYD; yylval.num = IPPROTO_ICMPV6; return(UL_PROTO); } + YY_BREAK + case 208: + YY_RULE_SETUP +-#line 428 "cftoken.l" ++#line 429 "cftoken.l" + { YYD; yylval.num = IPPROTO_TCP; return(UL_PROTO); } + YY_BREAK + case 209: + YY_RULE_SETUP +-#line 429 "cftoken.l" ++#line 430 "cftoken.l" + { YYD; yylval.num = IPPROTO_UDP; return(UL_PROTO); } + YY_BREAK + /* algorithm type */ + case 210: + YY_RULE_SETUP +-#line 432 "cftoken.l" ++#line 433 "cftoken.l" + { YYD; yylval.num = algtype_des_iv64; return(ALGORITHMTYPE); } + YY_BREAK + case 211: + YY_RULE_SETUP +-#line 433 "cftoken.l" ++#line 434 "cftoken.l" + { YYD; yylval.num = algtype_des; return(ALGORITHMTYPE); } + YY_BREAK + case 212: + YY_RULE_SETUP +-#line 434 "cftoken.l" ++#line 435 "cftoken.l" + { YYD; yylval.num = algtype_3des; return(ALGORITHMTYPE); } + YY_BREAK + case 213: + YY_RULE_SETUP +-#line 435 "cftoken.l" ++#line 436 "cftoken.l" + { YYD; yylval.num = algtype_rc5; return(ALGORITHMTYPE); } + YY_BREAK + case 214: + YY_RULE_SETUP +-#line 436 "cftoken.l" ++#line 437 "cftoken.l" + { YYD; yylval.num = algtype_idea; return(ALGORITHMTYPE); } + YY_BREAK + case 215: + YY_RULE_SETUP +-#line 437 "cftoken.l" ++#line 438 "cftoken.l" + { YYD; yylval.num = algtype_cast128; return(ALGORITHMTYPE); } + YY_BREAK + case 216: + YY_RULE_SETUP +-#line 438 "cftoken.l" ++#line 439 "cftoken.l" + { YYD; yylval.num = algtype_blowfish; return(ALGORITHMTYPE); } + YY_BREAK + case 217: + YY_RULE_SETUP +-#line 439 "cftoken.l" ++#line 440 "cftoken.l" + { YYD; yylval.num = algtype_3idea; return(ALGORITHMTYPE); } + YY_BREAK + case 218: + YY_RULE_SETUP +-#line 440 "cftoken.l" ++#line 441 "cftoken.l" + { YYD; yylval.num = algtype_des_iv32; return(ALGORITHMTYPE); } + YY_BREAK + case 219: + YY_RULE_SETUP +-#line 441 "cftoken.l" ++#line 442 "cftoken.l" + { YYD; yylval.num = algtype_rc4; return(ALGORITHMTYPE); } + YY_BREAK + case 220: + YY_RULE_SETUP +-#line 442 "cftoken.l" ++#line 443 "cftoken.l" + { YYD; yylval.num = algtype_null_enc; return(ALGORITHMTYPE); } + YY_BREAK + case 221: + YY_RULE_SETUP +-#line 443 "cftoken.l" ++#line 444 "cftoken.l" + { YYD; yylval.num = algtype_null_enc; return(ALGORITHMTYPE); } + YY_BREAK + case 222: + YY_RULE_SETUP +-#line 444 "cftoken.l" ++#line 445 "cftoken.l" + { YYD; yylval.num = algtype_aes; return(ALGORITHMTYPE); } + YY_BREAK + case 223: + YY_RULE_SETUP +-#line 445 "cftoken.l" ++#line 446 "cftoken.l" + { YYD; yylval.num = algtype_aes; return(ALGORITHMTYPE); } + YY_BREAK + case 224: + YY_RULE_SETUP +-#line 446 "cftoken.l" ++#line 447 "cftoken.l" + { YYD; yylval.num = algtype_twofish; return(ALGORITHMTYPE); } + YY_BREAK + case 225: + YY_RULE_SETUP +-#line 447 "cftoken.l" ++#line 448 "cftoken.l" + { YYD; yylval.num = algtype_camellia; return(ALGORITHMTYPE); } + YY_BREAK + case 226: + YY_RULE_SETUP +-#line 448 "cftoken.l" ++#line 449 "cftoken.l" + { YYD; yylval.num = algtype_non_auth; return(ALGORITHMTYPE); } + YY_BREAK + case 227: + YY_RULE_SETUP +-#line 449 "cftoken.l" ++#line 450 "cftoken.l" + { YYD; yylval.num = algtype_hmac_md5; return(ALGORITHMTYPE); } + YY_BREAK + case 228: + YY_RULE_SETUP +-#line 450 "cftoken.l" ++#line 451 "cftoken.l" + { YYD; yylval.num = algtype_hmac_sha1; return(ALGORITHMTYPE); } + YY_BREAK + case 229: + YY_RULE_SETUP +-#line 451 "cftoken.l" ++#line 452 "cftoken.l" + { YYD; yylval.num = algtype_hmac_sha2_256; return(ALGORITHMTYPE); } + YY_BREAK + case 230: + YY_RULE_SETUP +-#line 452 "cftoken.l" ++#line 453 "cftoken.l" + { YYD; yylval.num = algtype_hmac_sha2_256; return(ALGORITHMTYPE); } + YY_BREAK + case 231: + YY_RULE_SETUP +-#line 453 "cftoken.l" ++#line 454 "cftoken.l" + { YYD; yylval.num = algtype_hmac_sha2_384; return(ALGORITHMTYPE); } + YY_BREAK + case 232: + YY_RULE_SETUP +-#line 454 "cftoken.l" ++#line 455 "cftoken.l" + { YYD; yylval.num = algtype_hmac_sha2_384; return(ALGORITHMTYPE); } + YY_BREAK + case 233: + YY_RULE_SETUP +-#line 455 "cftoken.l" ++#line 456 "cftoken.l" + { YYD; yylval.num = algtype_hmac_sha2_512; return(ALGORITHMTYPE); } + YY_BREAK + case 234: + YY_RULE_SETUP +-#line 456 "cftoken.l" ++#line 457 "cftoken.l" + { YYD; yylval.num = algtype_hmac_sha2_512; return(ALGORITHMTYPE); } + YY_BREAK + case 235: + YY_RULE_SETUP +-#line 457 "cftoken.l" ++#line 458 "cftoken.l" + { YYD; yylval.num = algtype_des_mac; return(ALGORITHMTYPE); } + YY_BREAK + case 236: + YY_RULE_SETUP +-#line 458 "cftoken.l" ++#line 459 "cftoken.l" + { YYD; yylval.num = algtype_kpdk; return(ALGORITHMTYPE); } + YY_BREAK + case 237: + YY_RULE_SETUP +-#line 459 "cftoken.l" ++#line 460 "cftoken.l" + { YYD; yylval.num = algtype_md5; return(ALGORITHMTYPE); } + YY_BREAK + case 238: + YY_RULE_SETUP +-#line 460 "cftoken.l" ++#line 461 "cftoken.l" + { YYD; yylval.num = algtype_sha1; return(ALGORITHMTYPE); } + YY_BREAK + case 239: + YY_RULE_SETUP +-#line 461 "cftoken.l" ++#line 462 "cftoken.l" + { YYD; yylval.num = algtype_tiger; return(ALGORITHMTYPE); } + YY_BREAK + case 240: + YY_RULE_SETUP +-#line 462 "cftoken.l" ++#line 463 "cftoken.l" + { YYD; yylval.num = algtype_sha2_256; return(ALGORITHMTYPE); } + YY_BREAK + case 241: + YY_RULE_SETUP +-#line 463 "cftoken.l" ++#line 464 "cftoken.l" + { YYD; yylval.num = algtype_sha2_256; return(ALGORITHMTYPE); } + YY_BREAK + case 242: + YY_RULE_SETUP +-#line 464 "cftoken.l" ++#line 465 "cftoken.l" + { YYD; yylval.num = algtype_sha2_384; return(ALGORITHMTYPE); } + YY_BREAK + case 243: + YY_RULE_SETUP +-#line 465 "cftoken.l" ++#line 466 "cftoken.l" + { YYD; yylval.num = algtype_sha2_384; return(ALGORITHMTYPE); } + YY_BREAK + case 244: + YY_RULE_SETUP +-#line 466 "cftoken.l" ++#line 467 "cftoken.l" + { YYD; yylval.num = algtype_sha2_512; return(ALGORITHMTYPE); } + YY_BREAK + case 245: + YY_RULE_SETUP +-#line 467 "cftoken.l" ++#line 468 "cftoken.l" + { YYD; yylval.num = algtype_sha2_512; return(ALGORITHMTYPE); } + YY_BREAK + case 246: + YY_RULE_SETUP +-#line 468 "cftoken.l" ++#line 469 "cftoken.l" + { YYD; yylval.num = algtype_oui; return(ALGORITHMTYPE); } + YY_BREAK + case 247: + YY_RULE_SETUP +-#line 469 "cftoken.l" ++#line 470 "cftoken.l" + { YYD; yylval.num = algtype_deflate; return(ALGORITHMTYPE); } + YY_BREAK + case 248: + YY_RULE_SETUP +-#line 470 "cftoken.l" ++#line 471 "cftoken.l" + { YYD; yylval.num = algtype_lzs; return(ALGORITHMTYPE); } + YY_BREAK + case 249: + YY_RULE_SETUP +-#line 471 "cftoken.l" ++#line 472 "cftoken.l" + { YYD; yylval.num = algtype_modp768; return(ALGORITHMTYPE); } + YY_BREAK + case 250: + YY_RULE_SETUP +-#line 472 "cftoken.l" ++#line 473 "cftoken.l" + { YYD; yylval.num = algtype_modp1024; return(ALGORITHMTYPE); } + YY_BREAK + case 251: + YY_RULE_SETUP +-#line 473 "cftoken.l" ++#line 474 "cftoken.l" + { YYD; yylval.num = algtype_modp1536; return(ALGORITHMTYPE); } + YY_BREAK + case 252: + YY_RULE_SETUP +-#line 474 "cftoken.l" ++#line 475 "cftoken.l" + { YYD; yylval.num = algtype_ec2n155; return(ALGORITHMTYPE); } + YY_BREAK + case 253: + YY_RULE_SETUP +-#line 475 "cftoken.l" ++#line 476 "cftoken.l" + { YYD; yylval.num = algtype_ec2n185; return(ALGORITHMTYPE); } + YY_BREAK + case 254: + YY_RULE_SETUP +-#line 476 "cftoken.l" ++#line 477 "cftoken.l" + { YYD; yylval.num = algtype_modp2048; return(ALGORITHMTYPE); } + YY_BREAK + case 255: + YY_RULE_SETUP +-#line 477 "cftoken.l" ++#line 478 "cftoken.l" + { YYD; yylval.num = algtype_modp3072; return(ALGORITHMTYPE); } + YY_BREAK + case 256: + YY_RULE_SETUP +-#line 478 "cftoken.l" ++#line 479 "cftoken.l" + { YYD; yylval.num = algtype_modp4096; return(ALGORITHMTYPE); } + YY_BREAK + case 257: + YY_RULE_SETUP +-#line 479 "cftoken.l" ++#line 480 "cftoken.l" + { YYD; yylval.num = algtype_modp6144; return(ALGORITHMTYPE); } + YY_BREAK + case 258: + YY_RULE_SETUP +-#line 480 "cftoken.l" ++#line 481 "cftoken.l" + { YYD; yylval.num = algtype_modp8192; return(ALGORITHMTYPE); } + YY_BREAK + case 259: + YY_RULE_SETUP +-#line 481 "cftoken.l" ++#line 482 "cftoken.l" + { YYD; yylval.num = algtype_psk; return(ALGORITHMTYPE); } + YY_BREAK + case 260: + YY_RULE_SETUP +-#line 482 "cftoken.l" ++#line 483 "cftoken.l" + { YYD; yylval.num = algtype_rsasig; return(ALGORITHMTYPE); } + YY_BREAK + case 261: + YY_RULE_SETUP +-#line 483 "cftoken.l" ++#line 484 "cftoken.l" + { YYD; yylval.num = algtype_dsssig; return(ALGORITHMTYPE); } + YY_BREAK + case 262: + YY_RULE_SETUP +-#line 484 "cftoken.l" ++#line 485 "cftoken.l" + { YYD; yylval.num = algtype_rsaenc; return(ALGORITHMTYPE); } + YY_BREAK + case 263: + YY_RULE_SETUP +-#line 485 "cftoken.l" ++#line 486 "cftoken.l" + { YYD; yylval.num = algtype_rsarev; return(ALGORITHMTYPE); } + YY_BREAK + case 264: + YY_RULE_SETUP +-#line 486 "cftoken.l" ++#line 487 "cftoken.l" + { YYD; yylval.num = algtype_gssapikrb; return(ALGORITHMTYPE); } + YY_BREAK + case 265: + YY_RULE_SETUP +-#line 487 "cftoken.l" ++#line 488 "cftoken.l" + { + #ifdef ENABLE_HYBRID + YYD; yylval.num = algtype_hybrid_rsa_s; return(ALGORITHMTYPE); +@@ -3299,7 +3322,7 @@ YY_RULE_SETUP + YY_BREAK + case 266: + YY_RULE_SETUP +-#line 494 "cftoken.l" ++#line 495 "cftoken.l" + { + #ifdef ENABLE_HYBRID + YYD; yylval.num = algtype_hybrid_dss_s; return(ALGORITHMTYPE); +@@ -3310,7 +3333,7 @@ YY_RULE_SETUP + YY_BREAK + case 267: + YY_RULE_SETUP +-#line 501 "cftoken.l" ++#line 502 "cftoken.l" + { + #ifdef ENABLE_HYBRID + YYD; yylval.num = algtype_hybrid_rsa_c; return(ALGORITHMTYPE); +@@ -3321,7 +3344,7 @@ YY_RULE_SETUP + YY_BREAK + case 268: + YY_RULE_SETUP +-#line 508 "cftoken.l" ++#line 509 "cftoken.l" + { + #ifdef ENABLE_HYBRID + YYD; yylval.num = algtype_hybrid_dss_c; return(ALGORITHMTYPE); +@@ -3332,7 +3355,7 @@ YY_RULE_SETUP + YY_BREAK + case 269: + YY_RULE_SETUP +-#line 515 "cftoken.l" ++#line 516 "cftoken.l" + { + #ifdef ENABLE_HYBRID + YYD; yylval.num = algtype_xauth_psk_s; return(ALGORITHMTYPE); +@@ -3343,7 +3366,7 @@ YY_RULE_SETUP + YY_BREAK + case 270: + YY_RULE_SETUP +-#line 522 "cftoken.l" ++#line 523 "cftoken.l" + { + #ifdef ENABLE_HYBRID + YYD; yylval.num = algtype_xauth_psk_c; return(ALGORITHMTYPE); +@@ -3354,7 +3377,7 @@ YY_RULE_SETUP + YY_BREAK + case 271: + YY_RULE_SETUP +-#line 529 "cftoken.l" ++#line 530 "cftoken.l" + { + #ifdef ENABLE_HYBRID + YYD; yylval.num = algtype_xauth_rsa_s; return(ALGORITHMTYPE); +@@ -3365,7 +3388,7 @@ YY_RULE_SETUP + YY_BREAK + case 272: + YY_RULE_SETUP +-#line 536 "cftoken.l" ++#line 537 "cftoken.l" + { + #ifdef ENABLE_HYBRID + YYD; yylval.num = algtype_xauth_rsa_c; return(ALGORITHMTYPE); +@@ -3377,105 +3400,105 @@ YY_RULE_SETUP + /* identifier type */ + case 273: + YY_RULE_SETUP +-#line 546 "cftoken.l" ++#line 547 "cftoken.l" + { YYD; yywarn("it is obsoleted."); return(VENDORID); } + YY_BREAK + case 274: + YY_RULE_SETUP +-#line 547 "cftoken.l" ++#line 548 "cftoken.l" + { YYD; yylval.num = IDTYPE_USERFQDN; return(IDENTIFIERTYPE); } + YY_BREAK + case 275: + YY_RULE_SETUP +-#line 548 "cftoken.l" ++#line 549 "cftoken.l" + { YYD; yylval.num = IDTYPE_FQDN; return(IDENTIFIERTYPE); } + YY_BREAK + case 276: + YY_RULE_SETUP +-#line 549 "cftoken.l" ++#line 550 "cftoken.l" + { YYD; yylval.num = IDTYPE_KEYID; return(IDENTIFIERTYPE); } + YY_BREAK + case 277: + YY_RULE_SETUP +-#line 550 "cftoken.l" ++#line 551 "cftoken.l" + { YYD; yylval.num = IDTYPE_ADDRESS; return(IDENTIFIERTYPE); } + YY_BREAK + case 278: + YY_RULE_SETUP +-#line 551 "cftoken.l" ++#line 552 "cftoken.l" + { YYD; yylval.num = IDTYPE_SUBNET; return(IDENTIFIERTYPE); } + YY_BREAK + case 279: + YY_RULE_SETUP +-#line 552 "cftoken.l" ++#line 553 "cftoken.l" + { YYD; yylval.num = IDTYPE_ASN1DN; return(IDENTIFIERTYPE); } + YY_BREAK + case 280: + YY_RULE_SETUP +-#line 553 "cftoken.l" ++#line 554 "cftoken.l" + { YYD; yywarn("certname will be obsoleted in near future."); yylval.num = IDTYPE_ASN1DN; return(IDENTIFIERTYPE); } + YY_BREAK + /* identifier qualifier */ + case 281: + YY_RULE_SETUP +-#line 556 "cftoken.l" ++#line 557 "cftoken.l" + { YYD; yylval.num = IDQUAL_TAG; return(IDENTIFIERQUAL); } + YY_BREAK + case 282: + YY_RULE_SETUP +-#line 557 "cftoken.l" ++#line 558 "cftoken.l" + { YYD; yylval.num = IDQUAL_FILE; return(IDENTIFIERQUAL); } + YY_BREAK + /* units */ + case 283: + YY_RULE_SETUP +-#line 560 "cftoken.l" ++#line 561 "cftoken.l" + { YYD; return(UNITTYPE_BYTE); } + YY_BREAK + case 284: + YY_RULE_SETUP +-#line 561 "cftoken.l" ++#line 562 "cftoken.l" + { YYD; return(UNITTYPE_KBYTES); } + YY_BREAK + case 285: + YY_RULE_SETUP +-#line 562 "cftoken.l" ++#line 563 "cftoken.l" + { YYD; return(UNITTYPE_MBYTES); } + YY_BREAK + case 286: + YY_RULE_SETUP +-#line 563 "cftoken.l" ++#line 564 "cftoken.l" + { YYD; return(UNITTYPE_TBYTES); } + YY_BREAK + case 287: + YY_RULE_SETUP +-#line 564 "cftoken.l" ++#line 565 "cftoken.l" + { YYD; return(UNITTYPE_SEC); } + YY_BREAK + case 288: + YY_RULE_SETUP +-#line 565 "cftoken.l" ++#line 566 "cftoken.l" + { YYD; return(UNITTYPE_MIN); } + YY_BREAK + case 289: + YY_RULE_SETUP +-#line 566 "cftoken.l" ++#line 567 "cftoken.l" + { YYD; return(UNITTYPE_HOUR); } + YY_BREAK + /* boolean */ + case 290: + YY_RULE_SETUP +-#line 569 "cftoken.l" ++#line 570 "cftoken.l" + { YYD; yylval.num = TRUE; return(BOOLEAN); } + YY_BREAK + case 291: + YY_RULE_SETUP +-#line 570 "cftoken.l" ++#line 571 "cftoken.l" + { YYD; yylval.num = FALSE; return(BOOLEAN); } + YY_BREAK + case 292: + YY_RULE_SETUP +-#line 572 "cftoken.l" ++#line 573 "cftoken.l" + { + char *bp; + +@@ -3486,7 +3509,7 @@ YY_RULE_SETUP + YY_BREAK + case 293: + YY_RULE_SETUP +-#line 580 "cftoken.l" ++#line 581 "cftoken.l" + { + char *p; + +@@ -3512,7 +3535,7 @@ YY_RULE_SETUP + case 294: + /* rule 294 can match eol */ + YY_RULE_SETUP +-#line 602 "cftoken.l" ++#line 603 "cftoken.l" + { + char *p = yytext; + +@@ -3532,7 +3555,7 @@ YY_RULE_SETUP + YY_BREAK + case 295: + YY_RULE_SETUP +-#line 619 "cftoken.l" ++#line 620 "cftoken.l" + { + YYD; + +@@ -3566,7 +3589,7 @@ case YY_STATE_EOF(S_RMTS): + case YY_STATE_EOF(S_RMTP): + case YY_STATE_EOF(S_SA): + case YY_STATE_EOF(S_GSSENC): +-#line 632 "cftoken.l" ++#line 633 "cftoken.l" + { + yy_delete_buffer(YY_CURRENT_BUFFER); + incstackp--; +@@ -3594,36 +3617,36 @@ case YY_STATE_EOF(S_GSSENC): + /* ... */ + case 296: + YY_RULE_SETUP +-#line 657 "cftoken.l" ++#line 658 "cftoken.l" + { ; } + YY_BREAK + case 297: + /* rule 297 can match eol */ + YY_RULE_SETUP +-#line 658 "cftoken.l" ++#line 659 "cftoken.l" + { incstack[incstackp].lineno++; } + YY_BREAK + case 298: + YY_RULE_SETUP +-#line 659 "cftoken.l" ++#line 660 "cftoken.l" + { YYD; } + YY_BREAK + case 299: + YY_RULE_SETUP +-#line 660 "cftoken.l" ++#line 661 "cftoken.l" + { return(EOS); } + YY_BREAK + case 300: + YY_RULE_SETUP +-#line 661 "cftoken.l" ++#line 662 "cftoken.l" + { yymore(); } + YY_BREAK + case 301: + YY_RULE_SETUP +-#line 663 "cftoken.l" ++#line 664 "cftoken.l" + ECHO; + YY_BREAK +-#line 3627 "cftoken.c" ++#line 3650 "cftoken.c" + + case YY_END_OF_BUFFER: + { +@@ -4171,9 +4194,19 @@ static void yy_load_buffer_state (void) + yyfree((void *) b ); + } + +-#ifndef __cplusplus ++#ifndef _UNISTD_H /* assume unistd.h has isatty() for us */ ++#ifdef __cplusplus ++extern "C" { ++#endif ++#ifdef __THROW /* this is a gnuism */ ++extern int isatty (int ) __THROW; ++#else + extern int isatty (int ); +-#endif /* __cplusplus */ ++#endif ++#ifdef __cplusplus ++} ++#endif ++#endif + + /* Initializes or reinitializes a buffer. + * This function is sometimes called more than once on the same buffer, +@@ -4619,7 +4652,7 @@ void yyfree (void * ptr ) + + #define YYTABLES_NAME "yytables" + +-#line 663 "cftoken.l" ++#line 664 "cftoken.l" + + + diff --git a/package/ipsec-tools/patches/patch-src_racoon_cftoken_l b/package/ipsec-tools/patches/patch-src_racoon_cftoken_l index 977ba8a37..8ada6f602 100644 --- a/package/ipsec-tools/patches/patch-src_racoon_cftoken_l +++ b/package/ipsec-tools/patches/patch-src_racoon_cftoken_l @@ -1,11 +1,10 @@ -$Id$ ---- ipsec-tools-0.6.4.orig/src/racoon/cftoken.l 2005-11-06 18:18:26.000000000 +0100 -+++ ipsec-tools-0.6.4/src/racoon/cftoken.l 2007-06-28 16:58:31.000000000 +0200 -@@ -105,6 +105,8 @@ static struct include_stack { +$Id: update-patches 24 2008-08-31 14:56:13Z wbx $ +--- ipsec-tools-0.7.2.orig/src/racoon/cftoken.l 2007-09-03 20:07:29.000000000 +0200 ++++ ipsec-tools-0.7.2/src/racoon/cftoken.l 2009-05-29 15:46:06.836399719 +0200 +@@ -104,6 +104,7 @@ static struct include_stack { static int incstackp = 0; static int yy_first_time = 1; -+ +int yywrap(void) { return 1; } %} diff --git a/package/ipsec-tools/patches/patch-src_racoon_crypto_openssl_c b/package/ipsec-tools/patches/patch-src_racoon_crypto_openssl_c index 66f9ba7d2..76c6a62cc 100644 --- a/package/ipsec-tools/patches/patch-src_racoon_crypto_openssl_c +++ b/package/ipsec-tools/patches/patch-src_racoon_crypto_openssl_c @@ -1,12 +1,48 @@ -$Id$ ---- ipsec-tools-0.6.4.orig/src/racoon/crypto_openssl.c 2005-07-12 13:50:15.000000000 +0200 -+++ ipsec-tools-0.6.4/src/racoon/crypto_openssl.c 2007-06-28 17:04:27.000000000 +0200 -@@ -81,7 +81,7 @@ - #ifdef HAVE_OPENSSL_SHA2_H - #include <openssl/sha2.h> - #else --#include "crypto/sha2/sha2.h" -+#include "missing/crypto/sha2/sha2.h" +$Id: update-patches 24 2008-08-31 14:56:13Z wbx $ +--- ipsec-tools-0.7.2.orig/src/racoon/crypto_openssl.c 2009-04-20 15:33:30.000000000 +0200 ++++ ipsec-tools-0.7.2/src/racoon/crypto_openssl.c 2009-05-29 15:31:04.728378359 +0200 +@@ -63,8 +63,12 @@ + #ifdef HAVE_OPENSSL_ENGINE_H + #include <openssl/engine.h> #endif ++#ifndef OPENSSL_NO_BF + #include <openssl/blowfish.h> ++#endif ++#ifndef OPENSSL_NO_CAST + #include <openssl/cast.h> ++#endif + #include <openssl/err.h> + #ifdef HAVE_OPENSSL_RC5_H + #include <openssl/rc5.h> +@@ -1347,6 +1351,7 @@ eay_idea_keylen(len) + } #endif ++#ifndef OPENSSL_NO_BF + /* + * BLOWFISH-CBC + */ +@@ -1381,6 +1386,7 @@ eay_bf_keylen(len) + return -1; + return len; + } ++#endif + + #ifdef HAVE_OPENSSL_RC5_H + /* +@@ -1492,6 +1498,7 @@ eay_3des_keylen(len) + return 192; + } + ++#ifndef OPENSSL_NO_CAST + /* + * CAST-CBC + */ +@@ -1526,6 +1533,7 @@ eay_cast_keylen(len) + return -1; + return len; + } ++#endif + + /* + * AES(RIJNDAEL)-CBC diff --git a/package/ipsec-tools/patches/patch-src_racoon_eaytest_c b/package/ipsec-tools/patches/patch-src_racoon_eaytest_c new file mode 100644 index 000000000..a7d7807c4 --- /dev/null +++ b/package/ipsec-tools/patches/patch-src_racoon_eaytest_c @@ -0,0 +1,27 @@ +$Id: update-patches 24 2008-08-31 14:56:13Z wbx $ +--- ipsec-tools-0.7.2.orig/src/racoon/eaytest.c 2008-07-16 10:50:02.000000000 +0200 ++++ ipsec-tools-0.7.2/src/racoon/eaytest.c 2009-05-29 15:33:04.286374004 +0200 +@@ -683,19 +683,23 @@ ciphertest(ac, av) + eay_aes_encrypt, eay_aes_decrypt) < 0) + return -1; + ++#ifndef OPENSSL_NO_BF + if (ciphertest_1 ("BLOWFISH", + &data, 8, + &key, key.l, + &iv0, 8, + eay_bf_encrypt, eay_bf_decrypt) < 0) + return -1; ++#endif + ++#ifndef OPENSSL_NO_CAST + if (ciphertest_1 ("CAST", + &data, 8, + &key, key.l, + &iv0, 8, + eay_cast_encrypt, eay_cast_decrypt) < 0) + return -1; ++#endif + + #ifdef HAVE_OPENSSL_IDEA_H + if (ciphertest_1 ("IDEA", diff --git a/package/ipsec-tools/patches/patch-src_racoon_isakmp_xauth_c b/package/ipsec-tools/patches/patch-src_racoon_isakmp_xauth_c new file mode 100644 index 000000000..7b612f035 --- /dev/null +++ b/package/ipsec-tools/patches/patch-src_racoon_isakmp_xauth_c @@ -0,0 +1,12 @@ +$Id: update-patches 24 2008-08-31 14:56:13Z wbx $ +--- ipsec-tools-0.7.2.orig/src/racoon/isakmp_xauth.c 2009-04-20 15:35:36.000000000 +0200 ++++ ipsec-tools-0.7.2/src/racoon/isakmp_xauth.c 2009-05-29 15:56:30.460377529 +0200 +@@ -585,7 +585,7 @@ PAM_conv(msg_count, msg, rsp, dontcare) + + if ((reply = racoon_malloc(sizeof(*reply) * msg_count)) == NULL) + return PAM_CONV_ERR; +- bzero(reply, sizeof(*reply) * msg_count); ++ memset(reply, 0, sizeof(*reply) * msg_count); + + for (i = 0; i < msg_count; i++) { + switch (msg[i]->msg_style) { diff --git a/package/ipsec-tools/patches/patch-src_racoon_pfkey_c b/package/ipsec-tools/patches/patch-src_racoon_pfkey_c new file mode 100644 index 000000000..cedbc5cdd --- /dev/null +++ b/package/ipsec-tools/patches/patch-src_racoon_pfkey_c @@ -0,0 +1,18 @@ +$Id: update-patches 24 2008-08-31 14:56:13Z wbx $ +--- ipsec-tools-0.7.2.orig/src/racoon/pfkey.c 2008-12-08 07:06:24.000000000 +0100 ++++ ipsec-tools-0.7.2/src/racoon/pfkey.c 2009-05-29 15:48:49.201433105 +0200 +@@ -3008,12 +3008,12 @@ addnewsp(mhp) + struct sockaddr *paddr; + + paddr = (struct sockaddr *)(xisr + 1); +- bcopy(paddr, &(*p_isr)->saidx.src, ++ memcpy(&(*p_isr)->saidx.src, paddr, + sysdep_sa_len(paddr)); + + paddr = (struct sockaddr *)((caddr_t)paddr + + sysdep_sa_len(paddr)); +- bcopy(paddr, &(*p_isr)->saidx.dst, ++ memcpy(&(*p_isr)->saidx.dst, paddr, + sysdep_sa_len(paddr)); + } + diff --git a/package/ipsec-tools/patches/patch-src_racoon_privsep_c b/package/ipsec-tools/patches/patch-src_racoon_privsep_c new file mode 100644 index 000000000..c69abd264 --- /dev/null +++ b/package/ipsec-tools/patches/patch-src_racoon_privsep_c @@ -0,0 +1,93 @@ +$Id: update-patches 24 2008-08-31 14:56:13Z wbx $ +--- ipsec-tools-0.7.2.orig/src/racoon/privsep.c 2008-12-08 07:06:24.000000000 +0100 ++++ ipsec-tools-0.7.2/src/racoon/privsep.c 2009-05-29 15:55:47.787585131 +0200 +@@ -323,7 +323,7 @@ privsep_init(void) + strerror(errno)); + goto out; + } +- bzero(reply, sizeof(*reply)); ++ memset(reply, 0, sizeof(*reply)); + reply->hdr.ac_cmd = combuf->hdr.ac_cmd; + reply->hdr.ac_len = sizeof(*reply); + +@@ -421,7 +421,7 @@ privsep_init(void) + strerror(errno)); + goto out; + } +- bzero(envp, (envc + 1) * sizeof(char *)); ++ memset(envp, 0, (envc + 1) * sizeof(char *)); + + + /* +@@ -716,7 +716,7 @@ privsep_eay_get_pkcs1privkey(path) + "Cannot allocate memory: %s\n", strerror(errno)); + return NULL; + } +- bzero(msg, len); ++ memset(msg, 0, len); + msg->hdr.ac_cmd = PRIVSEP_EAY_GET_PKCS1PRIVKEY; + msg->hdr.ac_len = len; + msg->bufs.buflen[0] = len - sizeof(*msg); +@@ -797,7 +797,7 @@ privsep_script_exec(script, name, envp) + return -1; + } + +- bzero(msg, sizeof(*msg)); ++ memset(msg, 0, sizeof(*msg)); + msg->hdr.ac_cmd = PRIVSEP_SCRIPT_EXEC; + msg->hdr.ac_len = sizeof(*msg); + +@@ -906,7 +906,7 @@ privsep_getpsk(str, keylen) + "Cannot allocate memory: %s\n", strerror(errno)); + return NULL; + } +- bzero(msg, len); ++ memset(msg, 0, len); + msg->hdr.ac_cmd = PRIVSEP_GETPSK; + msg->hdr.ac_len = len; + +@@ -960,7 +960,7 @@ privsep_xauth_login_system(usr, pwd) + "Cannot allocate memory: %s\n", strerror(errno)); + return -1; + } +- bzero(msg, len); ++ memset(msg, 0, len); + msg->hdr.ac_cmd = PRIVSEP_XAUTH_LOGIN_SYSTEM; + msg->hdr.ac_len = len; + +@@ -1014,7 +1014,7 @@ privsep_accounting_system(port, raddr, u + "Cannot allocate memory: %s\n", strerror(errno)); + return -1; + } +- bzero(msg, len); ++ memset(msg, 0, len); + msg->hdr.ac_cmd = PRIVSEP_ACCOUNTING_SYSTEM; + msg->hdr.ac_len = len; + msg->bufs.buflen[0] = sizeof(port); +@@ -1187,7 +1187,7 @@ privsep_accounting_pam(port, inout) + "Cannot allocate memory: %s\n", strerror(errno)); + return -1; + } +- bzero(msg, len); ++ memset(msg, 0, len); + msg->hdr.ac_cmd = PRIVSEP_ACCOUNTING_PAM; + msg->hdr.ac_len = len; + msg->bufs.buflen[0] = sizeof(port); +@@ -1248,7 +1248,7 @@ privsep_xauth_login_pam(port, raddr, usr + "Cannot allocate memory: %s\n", strerror(errno)); + return -1; + } +- bzero(msg, len); ++ memset(msg, 0, len); + msg->hdr.ac_cmd = PRIVSEP_XAUTH_LOGIN_PAM; + msg->hdr.ac_len = len; + msg->bufs.buflen[0] = sizeof(port); +@@ -1312,7 +1312,7 @@ privsep_cleanup_pam(port) + "Cannot allocate memory: %s\n", strerror(errno)); + return; + } +- bzero(msg, len); ++ memset(msg, 0, len); + msg->hdr.ac_cmd = PRIVSEP_CLEANUP_PAM; + msg->hdr.ac_len = len; + msg->bufs.buflen[0] = sizeof(port); diff --git a/package/ipsec-tools/patches/patch-src_racoon_racoonctl_c b/package/ipsec-tools/patches/patch-src_racoon_racoonctl_c new file mode 100644 index 000000000..d5d6267c6 --- /dev/null +++ b/package/ipsec-tools/patches/patch-src_racoon_racoonctl_c @@ -0,0 +1,12 @@ +$Id: update-patches 24 2008-08-31 14:56:13Z wbx $ +--- ipsec-tools-0.7.2.orig/src/racoon/racoonctl.c 2009-04-20 15:32:57.000000000 +0200 ++++ ipsec-tools-0.7.2/src/racoon/racoonctl.c 2009-05-29 15:57:45.600377208 +0200 +@@ -785,7 +785,7 @@ f_vpnc(ac, av) + errx(1, "cannot read source address"); + + /* We get "ip[port]" strip the port */ +- if ((idx = index(srcaddr, '[')) == NULL) ++ if ((idx = strchr(srcaddr, '[')) == NULL) + errx(1, "unexpected source address format"); + *idx = '\0'; + diff --git a/package/ipsec-tools/patches/patch-src_setkey_token_c b/package/ipsec-tools/patches/patch-src_setkey_token_c new file mode 100644 index 000000000..1c0231885 --- /dev/null +++ b/package/ipsec-tools/patches/patch-src_setkey_token_c @@ -0,0 +1,707 @@ +$Id: update-patches 24 2008-08-31 14:56:13Z wbx $ +--- ipsec-tools-0.7.2.orig/src/setkey/token.c 2008-07-23 10:26:58.000000000 +0200 ++++ ipsec-tools-0.7.2/src/setkey/token.c 2009-05-29 15:26:39.126303087 +0200 +@@ -8,7 +8,7 @@ + #define FLEX_SCANNER + #define YY_FLEX_MAJOR_VERSION 2 + #define YY_FLEX_MINOR_VERSION 5 +-#define YY_FLEX_SUBMINOR_VERSION 34 ++#define YY_FLEX_SUBMINOR_VERSION 35 + #if YY_FLEX_SUBMINOR_VERSION > 0 + #define FLEX_BETA + #endif +@@ -178,13 +178,6 @@ extern FILE *yyin, *yyout; + + #define unput(c) yyunput( c, (yytext_ptr) ) + +-/* The following is because we cannot portably get our hands on size_t +- * (without autoconf's help, which isn't available because we want +- * flex-generated scanners to compile on their own). +- * Given that the standard has decreed that size_t exists since 1989, +- * I guess we can afford to depend on it. Manoj. +- */ +- + #ifndef YY_TYPEDEF_YY_SIZE_T + #define YY_TYPEDEF_YY_SIZE_T + typedef size_t yy_size_t; +@@ -1069,9 +1062,10 @@ char *yytext; + #if defined(SADB_X_EALG_AES) && ! defined(SADB_X_EALG_AESCBC) + #define SADB_X_EALG_AESCBC SADB_X_EALG_AES + #endif ++int yywrap(void) { return 1; } + /* common section */ + +-#line 1075 "token.c" ++#line 1069 "token.c" + + #define INITIAL 0 + #define S_PL 1 +@@ -1092,6 +1086,35 @@ char *yytext; + + static int yy_init_globals (void ); + ++/* Accessor methods to globals. ++ These are made visible to non-reentrant scanners for convenience. */ ++ ++int yylex_destroy (void ); ++ ++int yyget_debug (void ); ++ ++void yyset_debug (int debug_flag ); ++ ++YY_EXTRA_TYPE yyget_extra (void ); ++ ++void yyset_extra (YY_EXTRA_TYPE user_defined ); ++ ++FILE *yyget_in (void ); ++ ++void yyset_in (FILE * in_str ); ++ ++FILE *yyget_out (void ); ++ ++void yyset_out (FILE * out_str ); ++ ++int yyget_leng (void ); ++ ++char *yyget_text (void ); ++ ++int yyget_lineno (void ); ++ ++void yyset_lineno (int line_number ); ++ + /* Macros after this point can all be overridden by user definitions in + * section 1. + */ +@@ -1227,10 +1250,10 @@ YY_DECL + register char *yy_cp, *yy_bp; + register int yy_act; + +-#line 114 "token.l" ++#line 115 "token.l" + + +-#line 1234 "token.c" ++#line 1257 "token.c" + + if ( !(yy_init) ) + { +@@ -1321,84 +1344,84 @@ do_action: /* This label is used only to + + case 1: + YY_RULE_SETUP +-#line 116 "token.l" ++#line 117 "token.l" + { return(ADD); } + YY_BREAK + case 2: + YY_RULE_SETUP +-#line 117 "token.l" ++#line 118 "token.l" + { return(DELETE); } + YY_BREAK + case 3: + YY_RULE_SETUP +-#line 118 "token.l" ++#line 119 "token.l" + { return(DELETEALL); } + YY_BREAK + case 4: + YY_RULE_SETUP +-#line 119 "token.l" ++#line 120 "token.l" + { return(GET); } + YY_BREAK + case 5: + YY_RULE_SETUP +-#line 120 "token.l" ++#line 121 "token.l" + { return(FLUSH); } + YY_BREAK + case 6: + YY_RULE_SETUP +-#line 121 "token.l" ++#line 122 "token.l" + { return(DUMP); } + YY_BREAK + case 7: + YY_RULE_SETUP +-#line 122 "token.l" ++#line 123 "token.l" + { return(EXIT); } + YY_BREAK + case 8: + YY_RULE_SETUP +-#line 123 "token.l" ++#line 124 "token.l" + { return(EXIT); } + YY_BREAK + case 9: + YY_RULE_SETUP +-#line 124 "token.l" ++#line 125 "token.l" + { return(EXIT); } + YY_BREAK + /* for management SPD */ + case 10: + YY_RULE_SETUP +-#line 127 "token.l" ++#line 128 "token.l" + { return(SPDADD); } + YY_BREAK + case 11: + YY_RULE_SETUP +-#line 128 "token.l" ++#line 129 "token.l" + { return(SPDDELETE); } + YY_BREAK + case 12: + YY_RULE_SETUP +-#line 129 "token.l" ++#line 130 "token.l" + { return(SPDDUMP); } + YY_BREAK + case 13: + YY_RULE_SETUP +-#line 130 "token.l" ++#line 131 "token.l" + { return(SPDFLUSH); } + YY_BREAK + case 14: + YY_RULE_SETUP +-#line 131 "token.l" ++#line 132 "token.l" + { return(TAGGED); } + YY_BREAK + case 15: + YY_RULE_SETUP +-#line 132 "token.l" ++#line 133 "token.l" + { BEGIN S_PL; return(F_POLICY); } + YY_BREAK + case 16: + /* rule 16 can match eol */ + YY_RULE_SETUP +-#line 133 "token.l" ++#line 134 "token.l" + { + yymore(); + +@@ -1420,13 +1443,13 @@ YY_RULE_SETUP + YY_BREAK + case 17: + YY_RULE_SETUP +-#line 151 "token.l" ++#line 152 "token.l" + { BEGIN INITIAL; return(EOT); } + YY_BREAK + /* address resolution flags */ + case 18: + YY_RULE_SETUP +-#line 154 "token.l" ++#line 155 "token.l" + { + yylval.val.len = strlen(yytext); + yylval.val.buf = strdup(yytext); +@@ -1438,37 +1461,37 @@ YY_RULE_SETUP + /* security protocols */ + case 19: + YY_RULE_SETUP +-#line 163 "token.l" ++#line 164 "token.l" + { yylval.num = 0; return(PR_AH); } + YY_BREAK + case 20: + YY_RULE_SETUP +-#line 164 "token.l" ++#line 165 "token.l" + { yylval.num = 0; return(PR_ESP); } + YY_BREAK + case 21: + YY_RULE_SETUP +-#line 165 "token.l" ++#line 166 "token.l" + { yylval.num = 1; return(PR_AH); } + YY_BREAK + case 22: + YY_RULE_SETUP +-#line 166 "token.l" ++#line 167 "token.l" + { yylval.num = 1; return(PR_ESP); } + YY_BREAK + case 23: + YY_RULE_SETUP +-#line 167 "token.l" ++#line 168 "token.l" + { yylval.num = 0; return(PR_ESPUDP); } + YY_BREAK + case 24: + YY_RULE_SETUP +-#line 168 "token.l" ++#line 169 "token.l" + { yylval.num = 0; return(PR_IPCOMP); } + YY_BREAK + case 25: + YY_RULE_SETUP +-#line 169 "token.l" ++#line 170 "token.l" + { + yylval.num = 0; return(PR_TCP); + } +@@ -1476,72 +1499,72 @@ YY_RULE_SETUP + /* authentication alogorithm */ + case 26: + YY_RULE_SETUP +-#line 174 "token.l" ++#line 175 "token.l" + { BEGIN S_AUTHALG; return(F_AUTH); } + YY_BREAK + case 27: + YY_RULE_SETUP +-#line 175 "token.l" ++#line 176 "token.l" + { yylval.num = SADB_AALG_MD5HMAC; BEGIN INITIAL; return(ALG_AUTH); } + YY_BREAK + case 28: + YY_RULE_SETUP +-#line 176 "token.l" ++#line 177 "token.l" + { yylval.num = SADB_AALG_SHA1HMAC; BEGIN INITIAL; return(ALG_AUTH); } + YY_BREAK + case 29: + YY_RULE_SETUP +-#line 177 "token.l" ++#line 178 "token.l" + { yylval.num = SADB_X_AALG_MD5; BEGIN INITIAL; return(ALG_AUTH); } + YY_BREAK + case 30: + YY_RULE_SETUP +-#line 178 "token.l" ++#line 179 "token.l" + { yylval.num = SADB_X_AALG_SHA; BEGIN INITIAL; return(ALG_AUTH); } + YY_BREAK + case 31: + YY_RULE_SETUP +-#line 179 "token.l" ++#line 180 "token.l" + { yylval.num = SADB_X_AALG_SHA2_256; BEGIN INITIAL; return(ALG_AUTH); } + YY_BREAK + case 32: + YY_RULE_SETUP +-#line 180 "token.l" ++#line 181 "token.l" + { yylval.num = SADB_X_AALG_SHA2_256; BEGIN INITIAL; return(ALG_AUTH); } + YY_BREAK + case 33: + YY_RULE_SETUP +-#line 181 "token.l" ++#line 182 "token.l" + { yylval.num = SADB_X_AALG_SHA2_384; BEGIN INITIAL; return(ALG_AUTH); } + YY_BREAK + case 34: + YY_RULE_SETUP +-#line 182 "token.l" ++#line 183 "token.l" + { yylval.num = SADB_X_AALG_SHA2_384; BEGIN INITIAL; return(ALG_AUTH); } + YY_BREAK + case 35: + YY_RULE_SETUP +-#line 183 "token.l" ++#line 184 "token.l" + { yylval.num = SADB_X_AALG_SHA2_512; BEGIN INITIAL; return(ALG_AUTH); } + YY_BREAK + case 36: + YY_RULE_SETUP +-#line 184 "token.l" ++#line 185 "token.l" + { yylval.num = SADB_X_AALG_SHA2_512; BEGIN INITIAL; return(ALG_AUTH); } + YY_BREAK + case 37: + YY_RULE_SETUP +-#line 185 "token.l" ++#line 186 "token.l" + { yylval.num = SADB_X_AALG_RIPEMD160HMAC; BEGIN INITIAL; return(ALG_AUTH); } + YY_BREAK + case 38: + YY_RULE_SETUP +-#line 186 "token.l" ++#line 187 "token.l" + { yylval.num = SADB_X_AALG_AES_XCBC_MAC; BEGIN INITIAL; return(ALG_AUTH); } + YY_BREAK + case 39: + YY_RULE_SETUP +-#line 187 "token.l" ++#line 188 "token.l" + { + #ifdef SADB_X_AALG_TCP_MD5 + yylval.num = SADB_X_AALG_TCP_MD5; +@@ -1552,63 +1575,63 @@ YY_RULE_SETUP + YY_BREAK + case 40: + YY_RULE_SETUP +-#line 194 "token.l" ++#line 195 "token.l" + { yylval.num = SADB_X_AALG_NULL; BEGIN INITIAL; return(ALG_AUTH_NOKEY); } + YY_BREAK + /* encryption alogorithm */ + case 41: + YY_RULE_SETUP +-#line 197 "token.l" ++#line 198 "token.l" + { BEGIN S_ENCALG; return(F_ENC); } + YY_BREAK + case 42: + YY_RULE_SETUP +-#line 198 "token.l" ++#line 199 "token.l" + { yylval.num = SADB_EALG_DESCBC; BEGIN INITIAL; return(ALG_ENC); } + YY_BREAK + case 43: + YY_RULE_SETUP +-#line 199 "token.l" ++#line 200 "token.l" + { yylval.num = SADB_EALG_3DESCBC; BEGIN INITIAL; return(ALG_ENC); } + YY_BREAK + case 44: + YY_RULE_SETUP +-#line 200 "token.l" ++#line 201 "token.l" + { yylval.num = SADB_EALG_NULL; BEGIN INITIAL; return(ALG_ENC_NOKEY); } + YY_BREAK + case 45: + YY_RULE_SETUP +-#line 201 "token.l" ++#line 202 "token.l" + { yylval.num = SADB_EALG_NULL; BEGIN INITIAL; return(ALG_ENC_OLD); } + YY_BREAK + case 46: + YY_RULE_SETUP +-#line 202 "token.l" ++#line 203 "token.l" + { yylval.num = SADB_X_EALG_BLOWFISHCBC; BEGIN INITIAL; return(ALG_ENC); } + YY_BREAK + case 47: + YY_RULE_SETUP +-#line 203 "token.l" ++#line 204 "token.l" + { yylval.num = SADB_X_EALG_CAST128CBC; BEGIN INITIAL; return(ALG_ENC); } + YY_BREAK + case 48: + YY_RULE_SETUP +-#line 204 "token.l" ++#line 205 "token.l" + { yylval.num = SADB_EALG_DESCBC; BEGIN INITIAL; return(ALG_ENC_DESDERIV); } + YY_BREAK + case 49: + YY_RULE_SETUP +-#line 205 "token.l" ++#line 206 "token.l" + { yylval.num = SADB_EALG_DESCBC; BEGIN INITIAL; return(ALG_ENC_DES32IV); } + YY_BREAK + case 50: + YY_RULE_SETUP +-#line 206 "token.l" ++#line 207 "token.l" + { yylval.num = SADB_X_EALG_TWOFISHCBC; BEGIN INITIAL; return(ALG_ENC); } + YY_BREAK + case 51: + YY_RULE_SETUP +-#line 207 "token.l" ++#line 208 "token.l" + { + #ifdef SADB_X_EALG_AESCBC + yylval.num = SADB_X_EALG_AESCBC; BEGIN INITIAL; return(ALG_ENC); +@@ -1617,7 +1640,7 @@ YY_RULE_SETUP + YY_BREAK + case 52: + YY_RULE_SETUP +-#line 212 "token.l" ++#line 213 "token.l" + { + #ifdef SADB_X_EALG_AESCBC + yylval.num = SADB_X_EALG_AESCBC; BEGIN INITIAL; return(ALG_ENC); +@@ -1626,12 +1649,12 @@ YY_RULE_SETUP + YY_BREAK + case 53: + YY_RULE_SETUP +-#line 217 "token.l" ++#line 218 "token.l" + { yylval.num = SADB_X_EALG_AESCTR; BEGIN INITIAL; return(ALG_ENC); } + YY_BREAK + case 54: + YY_RULE_SETUP +-#line 218 "token.l" ++#line 219 "token.l" + { + #ifdef SADB_X_EALG_CAMELLIACBC + yylval.num = SADB_X_EALG_CAMELLIACBC; BEGIN INITIAL; return(ALG_ENC); +@@ -1641,152 +1664,152 @@ YY_RULE_SETUP + /* compression algorithms */ + case 55: + YY_RULE_SETUP +-#line 225 "token.l" ++#line 226 "token.l" + { return(F_COMP); } + YY_BREAK + case 56: + YY_RULE_SETUP +-#line 226 "token.l" ++#line 227 "token.l" + { yylval.num = SADB_X_CALG_OUI; return(ALG_COMP); } + YY_BREAK + case 57: + YY_RULE_SETUP +-#line 227 "token.l" ++#line 228 "token.l" + { yylval.num = SADB_X_CALG_DEFLATE; return(ALG_COMP); } + YY_BREAK + case 58: + YY_RULE_SETUP +-#line 228 "token.l" ++#line 229 "token.l" + { yylval.num = SADB_X_CALG_LZS; return(ALG_COMP); } + YY_BREAK + case 59: + YY_RULE_SETUP +-#line 229 "token.l" ++#line 230 "token.l" + { return(F_RAWCPI); } + YY_BREAK + /* extension */ + case 60: + YY_RULE_SETUP +-#line 232 "token.l" ++#line 233 "token.l" + { return(F_MODE); } + YY_BREAK + case 61: + YY_RULE_SETUP +-#line 233 "token.l" ++#line 234 "token.l" + { yylval.num = IPSEC_MODE_TRANSPORT; return(MODE); } + YY_BREAK + case 62: + YY_RULE_SETUP +-#line 234 "token.l" ++#line 235 "token.l" + { yylval.num = IPSEC_MODE_TUNNEL; return(MODE); } + YY_BREAK + case 63: + YY_RULE_SETUP +-#line 235 "token.l" ++#line 236 "token.l" + { return(F_REQID); } + YY_BREAK + case 64: + YY_RULE_SETUP +-#line 236 "token.l" ++#line 237 "token.l" + { return(F_EXT); } + YY_BREAK + case 65: + YY_RULE_SETUP +-#line 237 "token.l" ++#line 238 "token.l" + { yylval.num = SADB_X_EXT_PRAND; return(EXTENSION); } + YY_BREAK + case 66: + YY_RULE_SETUP +-#line 238 "token.l" ++#line 239 "token.l" + { yylval.num = SADB_X_EXT_PSEQ; return(EXTENSION); } + YY_BREAK + case 67: + YY_RULE_SETUP +-#line 239 "token.l" ++#line 240 "token.l" + { yylval.num = SADB_X_EXT_PZERO; return(EXTENSION); } + YY_BREAK + case 68: + YY_RULE_SETUP +-#line 240 "token.l" ++#line 241 "token.l" + { return(NOCYCLICSEQ); } + YY_BREAK + case 69: + YY_RULE_SETUP +-#line 241 "token.l" ++#line 242 "token.l" + { return(F_REPLAY); } + YY_BREAK + case 70: + YY_RULE_SETUP +-#line 242 "token.l" ++#line 243 "token.l" + { return(F_LIFETIME_HARD); } + YY_BREAK + case 71: + YY_RULE_SETUP +-#line 243 "token.l" ++#line 244 "token.l" + { return(F_LIFETIME_SOFT); } + YY_BREAK + case 72: + YY_RULE_SETUP +-#line 244 "token.l" ++#line 245 "token.l" + { return(F_LIFEBYTE_HARD); } + YY_BREAK + case 73: + YY_RULE_SETUP +-#line 245 "token.l" ++#line 246 "token.l" + { return(F_LIFEBYTE_SOFT); } + YY_BREAK + case 74: + YY_RULE_SETUP +-#line 246 "token.l" ++#line 247 "token.l" + { return(SECURITY_CTX); } + YY_BREAK + /* ... */ + case 75: + YY_RULE_SETUP +-#line 249 "token.l" ++#line 250 "token.l" + { return(ANY); } + YY_BREAK + case 76: + YY_RULE_SETUP +-#line 250 "token.l" ++#line 251 "token.l" + { } + YY_BREAK + case 77: + /* rule 77 can match eol */ + YY_RULE_SETUP +-#line 251 "token.l" ++#line 252 "token.l" + { lineno++; } + YY_BREAK + case 78: + YY_RULE_SETUP +-#line 252 "token.l" ++#line 253 "token.l" + + YY_BREAK + case 79: + YY_RULE_SETUP +-#line 253 "token.l" ++#line 254 "token.l" + { return(EOT); } + YY_BREAK + /* for address parameters: /prefix, [port] */ + case 80: + YY_RULE_SETUP +-#line 256 "token.l" ++#line 257 "token.l" + { return SLASH; } + YY_BREAK + case 81: + YY_RULE_SETUP +-#line 257 "token.l" ++#line 258 "token.l" + { return BLCL; } + YY_BREAK + case 82: + YY_RULE_SETUP +-#line 258 "token.l" ++#line 259 "token.l" + { return ELCL; } + YY_BREAK + /* parameter */ + case 83: + YY_RULE_SETUP +-#line 261 "token.l" ++#line 262 "token.l" + { + char *bp; + +@@ -1796,7 +1819,7 @@ YY_RULE_SETUP + YY_BREAK + case 84: + YY_RULE_SETUP +-#line 268 "token.l" ++#line 269 "token.l" + { + yylval.val.buf = strdup(yytext + 2); + if (!yylval.val.buf) +@@ -1809,7 +1832,7 @@ YY_RULE_SETUP + case 85: + /* rule 85 can match eol */ + YY_RULE_SETUP +-#line 277 "token.l" ++#line 278 "token.l" + { + char *p = yytext; + while (*++p != '"') ; +@@ -1825,7 +1848,7 @@ YY_RULE_SETUP + YY_BREAK + case 86: + YY_RULE_SETUP +-#line 290 "token.l" ++#line 291 "token.l" + { + yylval.val.len = yyleng; + yylval.val.buf = strdup(yytext); +@@ -1836,7 +1859,7 @@ YY_RULE_SETUP + YY_BREAK + case 87: + YY_RULE_SETUP +-#line 298 "token.l" ++#line 299 "token.l" + { + yylval.val.len = yyleng; + yylval.val.buf = strdup(yytext); +@@ -1847,7 +1870,7 @@ YY_RULE_SETUP + YY_BREAK + case 88: + YY_RULE_SETUP +-#line 306 "token.l" ++#line 307 "token.l" + { + yyfatal("Syntax error"); + /*NOTREACHED*/ +@@ -1855,10 +1878,10 @@ YY_RULE_SETUP + YY_BREAK + case 89: + YY_RULE_SETUP +-#line 311 "token.l" ++#line 312 "token.l" + ECHO; + YY_BREAK +-#line 1862 "token.c" ++#line 1885 "token.c" + case YY_STATE_EOF(INITIAL): + case YY_STATE_EOF(S_PL): + case YY_STATE_EOF(S_AUTHALG): +@@ -2411,9 +2434,19 @@ static void yy_load_buffer_state (void) + yyfree((void *) b ); + } + +-#ifndef __cplusplus ++#ifndef _UNISTD_H /* assume unistd.h has isatty() for us */ ++#ifdef __cplusplus ++extern "C" { ++#endif ++#ifdef __THROW /* this is a gnuism */ ++extern int isatty (int ) __THROW; ++#else + extern int isatty (int ); +-#endif /* __cplusplus */ ++#endif ++#ifdef __cplusplus ++} ++#endif ++#endif + + /* Initializes or reinitializes a buffer. + * This function is sometimes called more than once on the same buffer, +@@ -2859,7 +2892,7 @@ void yyfree (void * ptr ) + + #define YYTABLES_NAME "yytables" + +-#line 311 "token.l" ++#line 312 "token.l" + + + diff --git a/package/ipsec-tools/patches/patch-src_setkey_token_l b/package/ipsec-tools/patches/patch-src_setkey_token_l index b73f73fea..e0697835c 100644 --- a/package/ipsec-tools/patches/patch-src_setkey_token_l +++ b/package/ipsec-tools/patches/patch-src_setkey_token_l @@ -1,11 +1,10 @@ -$Id$ ---- ipsec-tools-0.6.4.orig/src/setkey/token.l 2005-06-29 15:01:30.000000000 +0200 -+++ ipsec-tools-0.6.4/src/setkey/token.l 2007-06-28 16:58:31.000000000 +0200 -@@ -84,6 +84,8 @@ - #ifndef SADB_X_EALG_AESCTR - #define SADB_X_EALG_AESCTR (-1) +$Id: update-patches 24 2008-08-31 14:56:13Z wbx $ +--- ipsec-tools-0.7.2.orig/src/setkey/token.l 2007-08-01 13:52:23.000000000 +0200 ++++ ipsec-tools-0.7.2/src/setkey/token.l 2009-05-29 15:25:54.760377400 +0200 +@@ -86,6 +86,7 @@ + #if defined(SADB_X_EALG_AES) && ! defined(SADB_X_EALG_AESCBC) + #define SADB_X_EALG_AESCBC SADB_X_EALG_AES #endif -+ +int yywrap(void) { return 1; } %} |