summaryrefslogtreecommitdiff
path: root/package/ipsec-tools
diff options
context:
space:
mode:
Diffstat (limited to 'package/ipsec-tools')
-rw-r--r--package/ipsec-tools/Makefile7
-rw-r--r--package/ipsec-tools/patches/patch-configure34
-rw-r--r--package/ipsec-tools/patches/patch-ltmain_sh6
-rw-r--r--package/ipsec-tools/patches/patch-src_racoon_algorithm_c5
-rw-r--r--package/ipsec-tools/patches/patch-src_racoon_cftoken_c2026
-rw-r--r--package/ipsec-tools/patches/patch-src_racoon_cftoken_l11
-rw-r--r--package/ipsec-tools/patches/patch-src_racoon_crypto_openssl_c13
-rw-r--r--package/ipsec-tools/patches/patch-src_racoon_eaytest_c7
-rw-r--r--package/ipsec-tools/patches/patch-src_racoon_isakmp_xauth_c7
-rw-r--r--package/ipsec-tools/patches/patch-src_racoon_pfkey_c7
-rw-r--r--package/ipsec-tools/patches/patch-src_racoon_privsep_c25
-rw-r--r--package/ipsec-tools/patches/patch-src_racoon_racoonctl_c7
-rw-r--r--package/ipsec-tools/patches/patch-src_setkey_token_c707
-rw-r--r--package/ipsec-tools/patches/patch-src_setkey_token_l11
14 files changed, 2804 insertions, 69 deletions
diff --git a/package/ipsec-tools/Makefile b/package/ipsec-tools/Makefile
index 54f155f89..f3ed9dfa8 100644
--- a/package/ipsec-tools/Makefile
+++ b/package/ipsec-tools/Makefile
@@ -4,13 +4,13 @@
include ${TOPDIR}/rules.mk
PKG_NAME:= ipsec-tools
-PKG_VERSION:= 0.8.0
+PKG_VERSION:= 0.7.2
PKG_RELEASE:= 1
-PKG_MD5SUM:= b79aae3055a51f8de5c0f1b8ca6cf619
+PKG_MD5SUM:= 72861f005746ee27984b2ee715ecc629
PKG_DESCR:= IPsec management tools
PKG_SECTION:= net/security
-PKG_BUILDDEP:= openssl
PKG_DEPENDS:= libopenssl
+PKG_BUILDDEP:= openssl
PKG_URL:= http://ipsec-tools.sourceforge.net/
PKG_SITES:= ${MASTER_SITE_SOURCEFORGE:=ipsec-tools/}
@@ -24,7 +24,6 @@ include ${TOPDIR}/mk/package.mk
$(eval $(call PKG_template,IPSEC_TOOLS,${PKG_NAME},${PKG_VERSION}-${PKG_RELEASE},${PKG_DEPENDS},${PKG_DESCR},${PKG_SECTION}))
-TARGET_CFLAGS:= $(filter-out -flto,$(TARGET_CFLAGS))
CONFIGURE_ARGS+= --with-kernel-headers="${LINUX_DIR}/include" \
--without-readline \
--disable-security-context \
diff --git a/package/ipsec-tools/patches/patch-configure b/package/ipsec-tools/patches/patch-configure
index 87bfb96a4..29e65cf5b 100644
--- a/package/ipsec-tools/patches/patch-configure
+++ b/package/ipsec-tools/patches/patch-configure
@@ -1,6 +1,7 @@
---- ipsec-tools-0.8.0.orig/configure 2011-03-18 14:27:41.000000000 +0100
-+++ ipsec-tools-0.8.0/configure 2011-03-31 13:16:18.091819156 +0200
-@@ -11535,7 +11535,7 @@ $as_echo "$ac_cv_path_EGREP" >&6; }
+$Id: update-patches 24 2008-08-31 14:56:13Z wbx $
+--- ipsec-tools-0.7.2.orig/configure 2009-04-21 16:41:45.000000000 +0200
++++ ipsec-tools-0.7.2/configure 2009-05-29 15:28:06.991791782 +0200
+@@ -11963,7 +11963,7 @@ echo "${ECHO_T}$ac_cv_path_EGREP" >&6; }
@@ -9,30 +10,3 @@
case $host in
*netbsd*)
-@@ -12286,7 +12286,7 @@ $as_echo "$as_me: WARNING: Using a gener
- { $as_echo "$as_me:${as_lineno-$LINENO}: checking if printf accepts %z" >&5
- $as_echo_n "checking if printf accepts %z... " >&6; }
- saved_CFLAGS=$CFLAGS
--CFLAGS="$CFLAGS -Wall -Werror"
-+CFLAGS="$CFLAGS -Wall"
- cat confdefs.h - <<_ACEOF >conftest.$ac_ext
- /* end confdefs.h. */
-
-@@ -13739,7 +13739,7 @@ $as_echo "#define HAVE_LIBLDAP /**/" >>c
- LIBS="$LIBS -L$libldap_dir/lib -R$libldap_dir/lib -lldap"
-
- saved_CFLAGS=$CFLAGS
-- CFLAGS="$CFLAGS -Wall -Werror"
-+ CFLAGS="$CFLAGS -Wall"
- saved_CPPFLAGS=$CPPFLAGS
- CPPFLAGS="$CPPFLAGS $CPPFLAGS_ADD"
- cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-@@ -13852,7 +13852,7 @@ $as_echo "#define HAVE_GSSAPI /**/" >>co
-
- # Check if iconv 2nd argument needs const
- saved_CFLAGS=$CFLAGS
-- CFLAGS="$CFLAGS -Wall -Werror"
-+ CFLAGS="$CFLAGS -Wall"
- saved_CPPFLAGS=$CPPFLAGS
- CPPFLAGS="$CPPFLAGS $CPPFLAGS_ADD"
- ac_fn_c_check_header_mongrel "$LINENO" "iconv.h" "ac_cv_header_iconv_h" "$ac_includes_default"
diff --git a/package/ipsec-tools/patches/patch-ltmain_sh b/package/ipsec-tools/patches/patch-ltmain_sh
index 9771c2407..f0e98067d 100644
--- a/package/ipsec-tools/patches/patch-ltmain_sh
+++ b/package/ipsec-tools/patches/patch-ltmain_sh
@@ -1,6 +1,6 @@
---- ipsec-tools-0.8.0.orig/ltmain.sh 2011-03-18 14:27:39.000000000 +0100
-+++ ipsec-tools-0.8.0/ltmain.sh 2011-03-31 13:16:42.511821748 +0200
-@@ -4765,7 +4765,7 @@ func_mode_link ()
+--- ipsec-tools-0.7.2.orig/ltmain.sh 2009-04-21 16:41:43.000000000 +0200
++++ ipsec-tools-0.7.2/ltmain.sh 2011-01-15 21:50:23.000000000 +0100
+@@ -4238,7 +4238,7 @@ func_mode_link ()
# -p, -pg, --coverage, -fprofile-* pass through profiling flag for GCC
# @file GCC response files
-64|-mips[0-9]|-r[0-9][0-9]*|-xarch=*|-xtarget=*|+DA*|+DD*|-q*|-m*| \
diff --git a/package/ipsec-tools/patches/patch-src_racoon_algorithm_c b/package/ipsec-tools/patches/patch-src_racoon_algorithm_c
index 82a3d057b..351ce1771 100644
--- a/package/ipsec-tools/patches/patch-src_racoon_algorithm_c
+++ b/package/ipsec-tools/patches/patch-src_racoon_algorithm_c
@@ -1,5 +1,6 @@
---- ipsec-tools-0.8.0.orig/src/racoon/algorithm.c 2006-10-06 14:02:27.000000000 +0200
-+++ ipsec-tools-0.8.0/src/racoon/algorithm.c 2011-03-31 13:22:28.381818558 +0200
+$Id: update-patches 24 2008-08-31 14:56:13Z wbx $
+--- ipsec-tools-0.7.2.orig/src/racoon/algorithm.c 2006-10-06 14:02:27.000000000 +0200
++++ ipsec-tools-0.7.2/src/racoon/algorithm.c 2009-05-29 15:51:03.662094000 +0200
@@ -111,9 +111,11 @@ static struct enc_algorithm oakley_encde
eay_idea_encrypt, eay_idea_decrypt,
eay_idea_weakkey, eay_idea_keylen, },
diff --git a/package/ipsec-tools/patches/patch-src_racoon_cftoken_c b/package/ipsec-tools/patches/patch-src_racoon_cftoken_c
new file mode 100644
index 000000000..29bdf1a77
--- /dev/null
+++ b/package/ipsec-tools/patches/patch-src_racoon_cftoken_c
@@ -0,0 +1,2026 @@
+$Id: update-patches 24 2008-08-31 14:56:13Z wbx $
+--- ipsec-tools-0.7.2.orig/src/racoon/cftoken.c 2008-07-23 13:49:19.000000000 +0200
++++ ipsec-tools-0.7.2/src/racoon/cftoken.c 2009-05-29 15:50:16.982910033 +0200
+@@ -8,7 +8,7 @@
+ #define FLEX_SCANNER
+ #define YY_FLEX_MAJOR_VERSION 2
+ #define YY_FLEX_MINOR_VERSION 5
+-#define YY_FLEX_SUBMINOR_VERSION 34
++#define YY_FLEX_SUBMINOR_VERSION 35
+ #if YY_FLEX_SUBMINOR_VERSION > 0
+ #define FLEX_BETA
+ #endif
+@@ -178,13 +178,6 @@ extern FILE *yyin, *yyout;
+
+ #define unput(c) yyunput( c, (yytext_ptr) )
+
+-/* The following is because we cannot portably get our hands on size_t
+- * (without autoconf's help, which isn't available because we want
+- * flex-generated scanners to compile on their own).
+- * Given that the standard has decreed that size_t exists since 1989,
+- * I guess we can afford to depend on it. Manoj.
+- */
+-
+ #ifndef YY_TYPEDEF_YY_SIZE_T
+ #define YY_TYPEDEF_YY_SIZE_T
+ typedef size_t yy_size_t;
+@@ -1634,6 +1627,7 @@ static struct include_stack {
+ static int incstackp = 0;
+
+ static int yy_first_time = 1;
++int yywrap(void) { return 1; }
+ /* common seciton */
+ /*octet (([01]?{digit}?{digit})|((2([0-4]{digit}))|(25[0-5]))) */
+
+@@ -1642,7 +1636,7 @@ static int yy_first_time = 1;
+
+
+
+-#line 1646 "cftoken.c"
++#line 1640 "cftoken.c"
+
+ #define INITIAL 0
+ #define S_INI 1
+@@ -1679,6 +1673,35 @@ static int yy_first_time = 1;
+
+ static int yy_init_globals (void );
+
++/* Accessor methods to globals.
++ These are made visible to non-reentrant scanners for convenience. */
++
++int yylex_destroy (void );
++
++int yyget_debug (void );
++
++void yyset_debug (int debug_flag );
++
++YY_EXTRA_TYPE yyget_extra (void );
++
++void yyset_extra (YY_EXTRA_TYPE user_defined );
++
++FILE *yyget_in (void );
++
++void yyset_in (FILE * in_str );
++
++FILE *yyget_out (void );
++
++void yyset_out (FILE * out_str );
++
++int yyget_leng (void );
++
++char *yyget_text (void );
++
++int yyget_lineno (void );
++
++void yyset_lineno (int line_number );
++
+ /* Macros after this point can all be overridden by user definitions in
+ * section 1.
+ */
+@@ -1814,7 +1837,7 @@ YY_DECL
+ register char *yy_cp, *yy_bp;
+ register int yy_act;
+
+-#line 142 "cftoken.l"
++#line 143 "cftoken.l"
+
+
+ if (yy_first_time) {
+@@ -1824,7 +1847,7 @@ YY_DECL
+
+
+ /* privsep */
+-#line 1828 "cftoken.c"
++#line 1851 "cftoken.c"
+
+ if ( !(yy_init) )
+ {
+@@ -1915,1028 +1938,1028 @@ do_action: /* This label is used only to
+
+ case 1:
+ YY_RULE_SETUP
+-#line 151 "cftoken.l"
++#line 152 "cftoken.l"
+ { BEGIN S_PRIV; YYDB; return(PRIVSEP); }
+ YY_BREAK
+ case 2:
+ YY_RULE_SETUP
+-#line 152 "cftoken.l"
++#line 153 "cftoken.l"
+ { return(BOC); }
+ YY_BREAK
+ case 3:
+ YY_RULE_SETUP
+-#line 153 "cftoken.l"
++#line 154 "cftoken.l"
+ { YYD; return(USER); }
+ YY_BREAK
+ case 4:
+ YY_RULE_SETUP
+-#line 154 "cftoken.l"
++#line 155 "cftoken.l"
+ { YYD; return(GROUP); }
+ YY_BREAK
+ case 5:
+ YY_RULE_SETUP
+-#line 155 "cftoken.l"
++#line 156 "cftoken.l"
+ { YYD; return(CHROOT); }
+ YY_BREAK
+ case 6:
+ YY_RULE_SETUP
+-#line 156 "cftoken.l"
++#line 157 "cftoken.l"
+ { BEGIN S_INI; return(EOC); }
+ YY_BREAK
+ /* path */
+ case 7:
+ YY_RULE_SETUP
+-#line 159 "cftoken.l"
++#line 160 "cftoken.l"
+ { BEGIN S_PTH; YYDB; return(PATH); }
+ YY_BREAK
+ case 8:
+ YY_RULE_SETUP
+-#line 160 "cftoken.l"
++#line 161 "cftoken.l"
+ { YYD; yylval.num = LC_PATHTYPE_INCLUDE;
+ return(PATHTYPE); }
+ YY_BREAK
+ case 9:
+ YY_RULE_SETUP
+-#line 162 "cftoken.l"
++#line 163 "cftoken.l"
+ { YYD; yylval.num = LC_PATHTYPE_PSK;
+ return(PATHTYPE); }
+ YY_BREAK
+ case 10:
+ YY_RULE_SETUP
+-#line 164 "cftoken.l"
++#line 165 "cftoken.l"
+ { YYD; yylval.num = LC_PATHTYPE_CERT;
+ return(PATHTYPE); }
+ YY_BREAK
+ case 11:
+ YY_RULE_SETUP
+-#line 166 "cftoken.l"
++#line 167 "cftoken.l"
+ { YYD; yylval.num = LC_PATHTYPE_SCRIPT;
+ return(PATHTYPE); }
+ YY_BREAK
+ case 12:
+ YY_RULE_SETUP
+-#line 168 "cftoken.l"
++#line 169 "cftoken.l"
+ { YYD; yylval.num = LC_PATHTYPE_BACKUPSA;
+ return(PATHTYPE); }
+ YY_BREAK
+ case 13:
+ YY_RULE_SETUP
+-#line 170 "cftoken.l"
++#line 171 "cftoken.l"
+ { YYD; yylval.num = LC_PATHTYPE_PIDFILE;
+ return(PATHTYPE); }
+ YY_BREAK
+ case 14:
+ YY_RULE_SETUP
+-#line 172 "cftoken.l"
++#line 173 "cftoken.l"
+ { BEGIN S_INI; YYDB; return(EOS); }
+ YY_BREAK
+ /* include */
+ case 15:
+ YY_RULE_SETUP
+-#line 175 "cftoken.l"
++#line 176 "cftoken.l"
+ { YYDB; return(INCLUDE); }
+ YY_BREAK
+ /* self information */
+ case 16:
+ YY_RULE_SETUP
+-#line 178 "cftoken.l"
++#line 179 "cftoken.l"
+ { BEGIN S_INF; YYDB; yywarn("it is obsoleted. use \"my_identifier\" in each remote directives."); return(IDENTIFIER); }
+ YY_BREAK
+ case 17:
+ YY_RULE_SETUP
+-#line 179 "cftoken.l"
++#line 180 "cftoken.l"
+ { BEGIN S_INI; return(EOS); }
+ YY_BREAK
+ /* special */
+ case 18:
+ YY_RULE_SETUP
+-#line 182 "cftoken.l"
++#line 183 "cftoken.l"
+ { YYDB; return(COMPLEX_BUNDLE); }
+ YY_BREAK
+ /* logging */
+ case 19:
+ YY_RULE_SETUP
+-#line 185 "cftoken.l"
++#line 186 "cftoken.l"
+ { BEGIN S_LOG; YYDB; return(LOGGING); }
+ YY_BREAK
+ case 20:
+ YY_RULE_SETUP
+-#line 186 "cftoken.l"
++#line 187 "cftoken.l"
+ { YYD; yylval.num = LLV_ERROR; return(LOGLEV); }
+ YY_BREAK
+ case 21:
+ YY_RULE_SETUP
+-#line 187 "cftoken.l"
++#line 188 "cftoken.l"
+ { YYD; yylval.num = LLV_WARNING; return(LOGLEV); }
+ YY_BREAK
+ case 22:
+ YY_RULE_SETUP
+-#line 188 "cftoken.l"
++#line 189 "cftoken.l"
+ { YYD; yylval.num = LLV_NOTIFY; return(LOGLEV); }
+ YY_BREAK
+ case 23:
+ YY_RULE_SETUP
+-#line 189 "cftoken.l"
++#line 190 "cftoken.l"
+ { YYD; yylval.num = LLV_INFO; return(LOGLEV); }
+ YY_BREAK
+ case 24:
+ YY_RULE_SETUP
+-#line 190 "cftoken.l"
++#line 191 "cftoken.l"
+ { YYD; yylval.num = LLV_DEBUG; return(LOGLEV); }
+ YY_BREAK
+ case 25:
+ YY_RULE_SETUP
+-#line 191 "cftoken.l"
++#line 192 "cftoken.l"
+ { YYD; yylval.num = LLV_DEBUG2; return(LOGLEV); }
+ YY_BREAK
+ case 26:
+ YY_RULE_SETUP
+-#line 192 "cftoken.l"
++#line 193 "cftoken.l"
+ { YYD; yywarn("it is obsoleted. use \"debug2\""); yylval.num = LLV_DEBUG2; return(LOGLEV); }
+ YY_BREAK
+ case 27:
+ YY_RULE_SETUP
+-#line 193 "cftoken.l"
++#line 194 "cftoken.l"
+ { YYD; yywarn("it is obsoleted. use \"debug2\""); yylval.num = LLV_DEBUG2; return(LOGLEV); }
+ YY_BREAK
+ case 28:
+ YY_RULE_SETUP
+-#line 194 "cftoken.l"
++#line 195 "cftoken.l"
+ { BEGIN S_INI; return(EOS); }
+ YY_BREAK
+ /* padding */
+ case 29:
+ YY_RULE_SETUP
+-#line 197 "cftoken.l"
++#line 198 "cftoken.l"
+ { BEGIN S_PAD; YYDB; return(PADDING); }
+ YY_BREAK
+ case 30:
+ YY_RULE_SETUP
+-#line 198 "cftoken.l"
++#line 199 "cftoken.l"
+ { return(BOC); }
+ YY_BREAK
+ case 31:
+ YY_RULE_SETUP
+-#line 199 "cftoken.l"
++#line 200 "cftoken.l"
+ { YYD; return(PAD_RANDOMIZE); }
+ YY_BREAK
+ case 32:
+ YY_RULE_SETUP
+-#line 200 "cftoken.l"
++#line 201 "cftoken.l"
+ { YYD; return(PAD_RANDOMIZELEN); }
+ YY_BREAK
+ case 33:
+ YY_RULE_SETUP
+-#line 201 "cftoken.l"
++#line 202 "cftoken.l"
+ { YYD; return(PAD_MAXLEN); }
+ YY_BREAK
+ case 34:
+ YY_RULE_SETUP
+-#line 202 "cftoken.l"
++#line 203 "cftoken.l"
+ { YYD; return(PAD_STRICT); }
+ YY_BREAK
+ case 35:
+ YY_RULE_SETUP
+-#line 203 "cftoken.l"
++#line 204 "cftoken.l"
+ { YYD; return(PAD_EXCLTAIL); }
+ YY_BREAK
+ case 36:
+ YY_RULE_SETUP
+-#line 204 "cftoken.l"
++#line 205 "cftoken.l"
+ { BEGIN S_INI; return(EOC); }
+ YY_BREAK
+ /* listen */
+ case 37:
+ YY_RULE_SETUP
+-#line 207 "cftoken.l"
++#line 208 "cftoken.l"
+ { BEGIN S_LST; YYDB; return(LISTEN); }
+ YY_BREAK
+ case 38:
+ YY_RULE_SETUP
+-#line 208 "cftoken.l"
++#line 209 "cftoken.l"
+ { return(BOC); }
+ YY_BREAK
+ case 39:
+ YY_RULE_SETUP
+-#line 209 "cftoken.l"
++#line 210 "cftoken.l"
+ { YYD; return(X_ISAKMP); }
+ YY_BREAK
+ case 40:
+ YY_RULE_SETUP
+-#line 210 "cftoken.l"
++#line 211 "cftoken.l"
+ { YYD; return(X_ISAKMP_NATT); }
+ YY_BREAK
+ case 41:
+ YY_RULE_SETUP
+-#line 211 "cftoken.l"
++#line 212 "cftoken.l"
+ { YYD; return(X_ADMIN); }
+ YY_BREAK
+ case 42:
+ YY_RULE_SETUP
+-#line 212 "cftoken.l"
++#line 213 "cftoken.l"
+ { YYD; return(ADMINSOCK); }
+ YY_BREAK
+ case 43:
+ YY_RULE_SETUP
+-#line 213 "cftoken.l"
++#line 214 "cftoken.l"
+ { YYD; return(DISABLED); }
+ YY_BREAK
+ case 44:
+ YY_RULE_SETUP
+-#line 214 "cftoken.l"
++#line 215 "cftoken.l"
+ { YYD; return(STRICT_ADDRESS); }
+ YY_BREAK
+ case 45:
+ YY_RULE_SETUP
+-#line 215 "cftoken.l"
++#line 216 "cftoken.l"
+ { BEGIN S_INI; return(EOC); }
+ YY_BREAK
+ /* ldap config */
+ case 46:
+ YY_RULE_SETUP
+-#line 218 "cftoken.l"
++#line 219 "cftoken.l"
+ { BEGIN S_LDAP; YYDB; return(LDAPCFG); }
+ YY_BREAK
+ case 47:
+ YY_RULE_SETUP
+-#line 219 "cftoken.l"
++#line 220 "cftoken.l"
+ { return(BOC); }
+ YY_BREAK
+ case 48:
+ YY_RULE_SETUP
+-#line 220 "cftoken.l"
++#line 221 "cftoken.l"
+ { YYD; return(LDAP_PVER); }
+ YY_BREAK
+ case 49:
+ YY_RULE_SETUP
+-#line 221 "cftoken.l"
++#line 222 "cftoken.l"
+ { YYD; return(LDAP_HOST); }
+ YY_BREAK
+ case 50:
+ YY_RULE_SETUP
+-#line 222 "cftoken.l"
++#line 223 "cftoken.l"
+ { YYD; return(LDAP_PORT); }
+ YY_BREAK
+ case 51:
+ YY_RULE_SETUP
+-#line 223 "cftoken.l"
++#line 224 "cftoken.l"
+ { YYD; return(LDAP_BASE); }
+ YY_BREAK
+ case 52:
+ YY_RULE_SETUP
+-#line 224 "cftoken.l"
++#line 225 "cftoken.l"
+ { YYD; return(LDAP_SUBTREE); }
+ YY_BREAK
+ case 53:
+ YY_RULE_SETUP
+-#line 225 "cftoken.l"
++#line 226 "cftoken.l"
+ { YYD; return(LDAP_BIND_DN); }
+ YY_BREAK
+ case 54:
+ YY_RULE_SETUP
+-#line 226 "cftoken.l"
++#line 227 "cftoken.l"
+ { YYD; return(LDAP_BIND_PW); }
+ YY_BREAK
+ case 55:
+ YY_RULE_SETUP
+-#line 227 "cftoken.l"
++#line 228 "cftoken.l"
+ { YYD; return(LDAP_ATTR_USER); }
+ YY_BREAK
+ case 56:
+ YY_RULE_SETUP
+-#line 228 "cftoken.l"
++#line 229 "cftoken.l"
+ { YYD; return(LDAP_ATTR_ADDR); }
+ YY_BREAK
+ case 57:
+ YY_RULE_SETUP
+-#line 229 "cftoken.l"
++#line 230 "cftoken.l"
+ { YYD; return(LDAP_ATTR_MASK); }
+ YY_BREAK
+ case 58:
+ YY_RULE_SETUP
+-#line 230 "cftoken.l"
++#line 231 "cftoken.l"
+ { YYD; return(LDAP_ATTR_GROUP); }
+ YY_BREAK
+ case 59:
+ YY_RULE_SETUP
+-#line 231 "cftoken.l"
++#line 232 "cftoken.l"
+ { YYD; return(LDAP_ATTR_MEMBER); }
+ YY_BREAK
+ case 60:
+ YY_RULE_SETUP
+-#line 232 "cftoken.l"
++#line 233 "cftoken.l"
+ { BEGIN S_INI; return(EOC); }
+ YY_BREAK
+ /* mode_cfg */
+ case 61:
+ YY_RULE_SETUP
+-#line 235 "cftoken.l"
++#line 236 "cftoken.l"
+ { BEGIN S_CFG; YYDB; return(MODECFG); }
+ YY_BREAK
+ case 62:
+ YY_RULE_SETUP
+-#line 236 "cftoken.l"
++#line 237 "cftoken.l"
+ { return(BOC); }
+ YY_BREAK
+ case 63:
+ YY_RULE_SETUP
+-#line 237 "cftoken.l"
++#line 238 "cftoken.l"
+ { YYD; return(CFG_NET4); }
+ YY_BREAK
+ case 64:
+ YY_RULE_SETUP
+-#line 238 "cftoken.l"
++#line 239 "cftoken.l"
+ { YYD; return(CFG_MASK4); }
+ YY_BREAK
+ case 65:
+ YY_RULE_SETUP
+-#line 239 "cftoken.l"
++#line 240 "cftoken.l"
+ { YYD; return(CFG_DNS4); }
+ YY_BREAK
+ case 66:
+ YY_RULE_SETUP
+-#line 240 "cftoken.l"
++#line 241 "cftoken.l"
+ { YYD; return(CFG_NBNS4); }
+ YY_BREAK
+ case 67:
+ YY_RULE_SETUP
+-#line 241 "cftoken.l"
++#line 242 "cftoken.l"
+ { YYD; return(CFG_NBNS4); }
+ YY_BREAK
+ case 68:
+ YY_RULE_SETUP
+-#line 242 "cftoken.l"
++#line 243 "cftoken.l"
+ { YYD; return(CFG_DEFAULT_DOMAIN); }
+ YY_BREAK
+ case 69:
+ YY_RULE_SETUP
+-#line 243 "cftoken.l"
++#line 244 "cftoken.l"
+ { YYD; return(CFG_AUTH_SOURCE); }
+ YY_BREAK
+ case 70:
+ YY_RULE_SETUP
+-#line 244 "cftoken.l"
++#line 245 "cftoken.l"
+ { YYD; return(CFG_AUTH_GROUPS); }
+ YY_BREAK
+ case 71:
+ YY_RULE_SETUP
+-#line 245 "cftoken.l"
++#line 246 "cftoken.l"
+ { YYD; return(CFG_GROUP_SOURCE); }
+ YY_BREAK
+ case 72:
+ YY_RULE_SETUP
+-#line 246 "cftoken.l"
++#line 247 "cftoken.l"
+ { YYD; return(CFG_CONF_SOURCE); }
+ YY_BREAK
+ case 73:
+ YY_RULE_SETUP
+-#line 247 "cftoken.l"
++#line 248 "cftoken.l"
+ { YYD; return(CFG_ACCOUNTING); }
+ YY_BREAK
+ case 74:
+ YY_RULE_SETUP
+-#line 248 "cftoken.l"
++#line 249 "cftoken.l"
+ { YYD; return(CFG_SYSTEM); }
+ YY_BREAK
+ case 75:
+ YY_RULE_SETUP
+-#line 249 "cftoken.l"
++#line 250 "cftoken.l"
+ { YYD; return(CFG_LOCAL); }
+ YY_BREAK
+ case 76:
+ YY_RULE_SETUP
+-#line 250 "cftoken.l"
++#line 251 "cftoken.l"
+ { YYD; return(CFG_NONE); }
+ YY_BREAK
+ case 77:
+ YY_RULE_SETUP
+-#line 251 "cftoken.l"
++#line 252 "cftoken.l"
+ { YYD; return(CFG_RADIUS); }
+ YY_BREAK
+ case 78:
+ YY_RULE_SETUP
+-#line 252 "cftoken.l"
++#line 253 "cftoken.l"
+ { YYD; return(CFG_PAM); }
+ YY_BREAK
+ case 79:
+ YY_RULE_SETUP
+-#line 253 "cftoken.l"
++#line 254 "cftoken.l"
+ { YYD; return(CFG_LDAP); }
+ YY_BREAK
+ case 80:
+ YY_RULE_SETUP
+-#line 254 "cftoken.l"
++#line 255 "cftoken.l"
+ { YYD; return(CFG_POOL_SIZE); }
+ YY_BREAK
+ case 81:
+ YY_RULE_SETUP
+-#line 255 "cftoken.l"
++#line 256 "cftoken.l"
+ { YYD; return(CFG_MOTD); }
+ YY_BREAK
+ case 82:
+ YY_RULE_SETUP
+-#line 256 "cftoken.l"
++#line 257 "cftoken.l"
+ { YYD; return(CFG_AUTH_THROTTLE); }
+ YY_BREAK
+ case 83:
+ YY_RULE_SETUP
+-#line 257 "cftoken.l"
++#line 258 "cftoken.l"
+ { YYD; return(CFG_SPLIT_NETWORK); }
+ YY_BREAK
+ case 84:
+ YY_RULE_SETUP
+-#line 258 "cftoken.l"
++#line 259 "cftoken.l"
+ { YYD; return(CFG_SPLIT_LOCAL); }
+ YY_BREAK
+ case 85:
+ YY_RULE_SETUP
+-#line 259 "cftoken.l"
++#line 260 "cftoken.l"
+ { YYD; return(CFG_SPLIT_INCLUDE); }
+ YY_BREAK
+ case 86:
+ YY_RULE_SETUP
+-#line 260 "cftoken.l"
++#line 261 "cftoken.l"
+ { YYD; return(CFG_SPLIT_DNS); }
+ YY_BREAK
+ case 87:
+ YY_RULE_SETUP
+-#line 261 "cftoken.l"
++#line 262 "cftoken.l"
+ { YYD; return(CFG_PFS_GROUP); }
+ YY_BREAK
+ case 88:
+ YY_RULE_SETUP
+-#line 262 "cftoken.l"
++#line 263 "cftoken.l"
+ { YYD; return(CFG_SAVE_PASSWD); }
+ YY_BREAK
+ case 89:
+ YY_RULE_SETUP
+-#line 263 "cftoken.l"
++#line 264 "cftoken.l"
+ { YYD; return(COMMA); }
+ YY_BREAK
+ case 90:
+ YY_RULE_SETUP
+-#line 264 "cftoken.l"
++#line 265 "cftoken.l"
+ { BEGIN S_INI; return(EOC); }
+ YY_BREAK
+ /* timer */
+ case 91:
+ YY_RULE_SETUP
+-#line 267 "cftoken.l"
++#line 268 "cftoken.l"
+ { BEGIN S_RTRY; YYDB; return(RETRY); }
+ YY_BREAK
+ case 92:
+ YY_RULE_SETUP
+-#line 268 "cftoken.l"
++#line 269 "cftoken.l"
+ { return(BOC); }
+ YY_BREAK
+ case 93:
+ YY_RULE_SETUP
+-#line 269 "cftoken.l"
++#line 270 "cftoken.l"
+ { YYD; return(RETRY_COUNTER); }
+ YY_BREAK
+ case 94:
+ YY_RULE_SETUP
+-#line 270 "cftoken.l"
++#line 271 "cftoken.l"
+ { YYD; return(RETRY_INTERVAL); }
+ YY_BREAK
+ case 95:
+ YY_RULE_SETUP
+-#line 271 "cftoken.l"
++#line 272 "cftoken.l"
+ { YYD; return(RETRY_PERSEND); }
+ YY_BREAK
+ case 96:
+ YY_RULE_SETUP
+-#line 272 "cftoken.l"
++#line 273 "cftoken.l"
+ { YYD; return(RETRY_PHASE1); }
+ YY_BREAK
+ case 97:
+ YY_RULE_SETUP
+-#line 273 "cftoken.l"
++#line 274 "cftoken.l"
+ { YYD; return(RETRY_PHASE2); }
+ YY_BREAK
+ case 98:
+ YY_RULE_SETUP
+-#line 274 "cftoken.l"
++#line 275 "cftoken.l"
+ { YYD; return(NATT_KA); }
+ YY_BREAK
+ case 99:
+ YY_RULE_SETUP
+-#line 275 "cftoken.l"
++#line 276 "cftoken.l"
+ { BEGIN S_INI; return(EOC); }
+ YY_BREAK
+ /* sainfo */
+ case 100:
+ YY_RULE_SETUP
+-#line 278 "cftoken.l"
++#line 279 "cftoken.l"
+ { BEGIN S_SAINF; YYDB; return(SAINFO); }
+ YY_BREAK
+ case 101:
+ YY_RULE_SETUP
+-#line 279 "cftoken.l"
++#line 280 "cftoken.l"
+ { YYD; return(ANONYMOUS); }
+ YY_BREAK
+ case 102:
+ YY_RULE_SETUP
+-#line 280 "cftoken.l"
++#line 281 "cftoken.l"
+ { YYD; return(PORTANY); }
+ YY_BREAK
+ case 103:
+ YY_RULE_SETUP
+-#line 281 "cftoken.l"
++#line 282 "cftoken.l"
+ { YYD; return(ANY); }
+ YY_BREAK
+ case 104:
+ YY_RULE_SETUP
+-#line 282 "cftoken.l"
++#line 283 "cftoken.l"
+ { YYD; return(FROM); }
+ YY_BREAK
+ case 105:
+ YY_RULE_SETUP
+-#line 283 "cftoken.l"
++#line 284 "cftoken.l"
+ { YYD; return(GROUP); }
+ YY_BREAK
+ /* sainfo spec */
+ case 106:
+ YY_RULE_SETUP
+-#line 285 "cftoken.l"
++#line 286 "cftoken.l"
+ { BEGIN S_SAINFS; return(BOC); }
+ YY_BREAK
+ case 107:
+ YY_RULE_SETUP
+-#line 286 "cftoken.l"
++#line 287 "cftoken.l"
+ { BEGIN S_INI; return(EOS); }
+ YY_BREAK
+ case 108:
+ YY_RULE_SETUP
+-#line 287 "cftoken.l"
++#line 288 "cftoken.l"
+ { BEGIN S_INI; return(EOC); }
+ YY_BREAK
+ case 109:
+ YY_RULE_SETUP
+-#line 288 "cftoken.l"
++#line 289 "cftoken.l"
+ { YYD; return(PFS_GROUP); }
+ YY_BREAK
+ case 110:
+ YY_RULE_SETUP
+-#line 289 "cftoken.l"
++#line 290 "cftoken.l"
+ { YYD; return(REMOTEID); }
+ YY_BREAK
+ case 111:
+ YY_RULE_SETUP
+-#line 290 "cftoken.l"
++#line 291 "cftoken.l"
+ { YYD; yywarn("it is obsoleted. use \"my_identifier\"."); return(IDENTIFIER); }
+ YY_BREAK
+ case 112:
+ YY_RULE_SETUP
+-#line 291 "cftoken.l"
++#line 292 "cftoken.l"
+ { YYD; return(MY_IDENTIFIER); }
+ YY_BREAK
+ case 113:
+ YY_RULE_SETUP
+-#line 292 "cftoken.l"
++#line 293 "cftoken.l"
+ { YYD; return(LIFETIME); }
+ YY_BREAK
+ case 114:
+ YY_RULE_SETUP
+-#line 293 "cftoken.l"
++#line 294 "cftoken.l"
+ { YYD; return(LIFETYPE_TIME); }
+ YY_BREAK
+ case 115:
+ YY_RULE_SETUP
+-#line 294 "cftoken.l"
++#line 295 "cftoken.l"
+ { YYD; return(LIFETYPE_BYTE); }
+ YY_BREAK
+ case 116:
+ YY_RULE_SETUP
+-#line 295 "cftoken.l"
++#line 296 "cftoken.l"
+ { YYD; yylval.num = algclass_ipsec_enc; return(ALGORITHM_CLASS); }
+ YY_BREAK
+ case 117:
+ YY_RULE_SETUP
+-#line 296 "cftoken.l"
++#line 297 "cftoken.l"
+ { YYD; yylval.num = algclass_ipsec_auth; return(ALGORITHM_CLASS); }
+ YY_BREAK
+ case 118:
+ YY_RULE_SETUP
+-#line 297 "cftoken.l"
++#line 298 "cftoken.l"
+ { YYD; yylval.num = algclass_ipsec_comp; return(ALGORITHM_CLASS); }
+ YY_BREAK
+ case 119:
+ YY_RULE_SETUP
+-#line 298 "cftoken.l"
++#line 299 "cftoken.l"
+ { YYD; return(COMMA); }
+ YY_BREAK
+ /* remote */
+ case 120:
+ YY_RULE_SETUP
+-#line 301 "cftoken.l"
++#line 302 "cftoken.l"
+ { BEGIN S_RMT; YYDB; return(REMOTE); }
+ YY_BREAK
+ case 121:
+ YY_RULE_SETUP
+-#line 302 "cftoken.l"
++#line 303 "cftoken.l"
+ { YYD; return(ANONYMOUS); }
+ YY_BREAK
+ case 122:
+ YY_RULE_SETUP
+-#line 303 "cftoken.l"
++#line 304 "cftoken.l"
+ { YYD; return(INHERIT); }
+ YY_BREAK
+ /* remote spec */
+ case 123:
+ YY_RULE_SETUP
+-#line 305 "cftoken.l"
++#line 306 "cftoken.l"
+ { BEGIN S_RMTS; return(BOC); }
+ YY_BREAK
+ case 124:
+ YY_RULE_SETUP
+-#line 306 "cftoken.l"
++#line 307 "cftoken.l"
+ { BEGIN S_INI; return(EOC); }
+ YY_BREAK
+ case 125:
+ YY_RULE_SETUP
+-#line 307 "cftoken.l"
++#line 308 "cftoken.l"
+ { YYD; return(EXCHANGE_MODE); }
+ YY_BREAK
+ case 126:
+ YY_RULE_SETUP
+-#line 308 "cftoken.l"
++#line 309 "cftoken.l"
+ { YYD; /* XXX ignored, but to be handled. */ ; }
+ YY_BREAK
+ case 127:
+ YY_RULE_SETUP
+-#line 309 "cftoken.l"
++#line 310 "cftoken.l"
+ { YYD; yylval.num = ISAKMP_ETYPE_BASE; return(EXCHANGETYPE); }
+ YY_BREAK
+ case 128:
+ YY_RULE_SETUP
+-#line 310 "cftoken.l"
++#line 311 "cftoken.l"
+ { YYD; yylval.num = ISAKMP_ETYPE_IDENT; return(EXCHANGETYPE); }
+ YY_BREAK
+ case 129:
+ YY_RULE_SETUP
+-#line 311 "cftoken.l"
++#line 312 "cftoken.l"
+ { YYD; yylval.num = ISAKMP_ETYPE_AGG; return(EXCHANGETYPE); }
+ YY_BREAK
+ case 130:
+ YY_RULE_SETUP
+-#line 312 "cftoken.l"
++#line 313 "cftoken.l"
+ { YYD; return(DOI); }
+ YY_BREAK
+ case 131:
+ YY_RULE_SETUP
+-#line 313 "cftoken.l"
++#line 314 "cftoken.l"
+ { YYD; yylval.num = IPSEC_DOI; return(DOITYPE); }
+ YY_BREAK
+ case 132:
+ YY_RULE_SETUP
+-#line 314 "cftoken.l"
++#line 315 "cftoken.l"
+ { YYD; return(SITUATION); }
+ YY_BREAK
+ case 133:
+ YY_RULE_SETUP
+-#line 315 "cftoken.l"
++#line 316 "cftoken.l"
+ { YYD; yylval.num = IPSECDOI_SIT_IDENTITY_ONLY; return(SITUATIONTYPE); }
+ YY_BREAK
+ case 134:
+ YY_RULE_SETUP
+-#line 316 "cftoken.l"
++#line 317 "cftoken.l"
+ { YYD; yylval.num = IPSECDOI_SIT_SECRECY; return(SITUATIONTYPE); }
+ YY_BREAK
+ case 135:
+ YY_RULE_SETUP
+-#line 317 "cftoken.l"
++#line 318 "cftoken.l"
+ { YYD; yylval.num = IPSECDOI_SIT_INTEGRITY; return(SITUATIONTYPE); }
+ YY_BREAK
+ case 136:
+ YY_RULE_SETUP
+-#line 318 "cftoken.l"
++#line 319 "cftoken.l"
+ { YYD; yywarn("it is obsoleted. use \"my_identifier\"."); return(IDENTIFIER); }
+ YY_BREAK
+ case 137:
+ YY_RULE_SETUP
+-#line 319 "cftoken.l"
++#line 320 "cftoken.l"
+ { YYD; return(MY_IDENTIFIER); }
+ YY_BREAK
+ case 138:
+ YY_RULE_SETUP
+-#line 320 "cftoken.l"
++#line 321 "cftoken.l"
+ { YYD; return(XAUTH_LOGIN); /* formerly identifier type login */ }
+ YY_BREAK
+ case 139:
+ YY_RULE_SETUP
+-#line 321 "cftoken.l"
++#line 322 "cftoken.l"
+ { YYD; return(PEERS_IDENTIFIER); }
+ YY_BREAK
+ case 140:
+ YY_RULE_SETUP
+-#line 322 "cftoken.l"
++#line 323 "cftoken.l"
+ { YYD; return(VERIFY_IDENTIFIER); }
+ YY_BREAK
+ case 141:
+ YY_RULE_SETUP
+-#line 323 "cftoken.l"
++#line 324 "cftoken.l"
+ { YYD; return(CERTIFICATE_TYPE); }
+ YY_BREAK
+ case 142:
+ YY_RULE_SETUP
+-#line 324 "cftoken.l"
++#line 325 "cftoken.l"
+ { YYD; return(CA_TYPE); }
+ YY_BREAK
+ case 143:
+ YY_RULE_SETUP
+-#line 325 "cftoken.l"
++#line 326 "cftoken.l"
+ { YYD; yylval.num = ISAKMP_CERT_X509SIGN; return(CERT_X509); }
+ YY_BREAK
+ case 144:
+ YY_RULE_SETUP
+-#line 326 "cftoken.l"
++#line 327 "cftoken.l"
+ { YYD; yylval.num = ISAKMP_CERT_PLAINRSA; return(CERT_PLAINRSA); }
+ YY_BREAK
+ case 145:
+ YY_RULE_SETUP
+-#line 327 "cftoken.l"
++#line 328 "cftoken.l"
+ { YYD; return(PEERS_CERTFILE); }
+ YY_BREAK
+ case 146:
+ YY_RULE_SETUP
+-#line 328 "cftoken.l"
++#line 329 "cftoken.l"
+ { YYD; return(DNSSEC); }
+ YY_BREAK
+ case 147:
+ YY_RULE_SETUP
+-#line 329 "cftoken.l"
++#line 330 "cftoken.l"
+ { YYD; return(VERIFY_CERT); }
+ YY_BREAK
+ case 148:
+ YY_RULE_SETUP
+-#line 330 "cftoken.l"
++#line 331 "cftoken.l"
+ { YYD; return(SEND_CERT); }
+ YY_BREAK
+ case 149:
+ YY_RULE_SETUP
+-#line 331 "cftoken.l"
++#line 332 "cftoken.l"
+ { YYD; return(SEND_CR); }
+ YY_BREAK
+ case 150:
+ YY_RULE_SETUP
+-#line 332 "cftoken.l"
++#line 333 "cftoken.l"
+ { YYD; return(DH_GROUP); }
+ YY_BREAK
+ case 151:
+ YY_RULE_SETUP
+-#line 333 "cftoken.l"
++#line 334 "cftoken.l"
+ { YYD; return(NONCE_SIZE); }
+ YY_BREAK
+ case 152:
+ YY_RULE_SETUP
+-#line 334 "cftoken.l"
++#line 335 "cftoken.l"
+ { YYD; return(GENERATE_POLICY); }
+ YY_BREAK
+ case 153:
+ YY_RULE_SETUP
+-#line 335 "cftoken.l"
++#line 336 "cftoken.l"
+ { YYD; yylval.num = GENERATE_POLICY_UNIQUE; return(GENERATE_LEVEL); }
+ YY_BREAK
+ case 154:
+ YY_RULE_SETUP
+-#line 336 "cftoken.l"
++#line 337 "cftoken.l"
+ { YYD; yylval.num = GENERATE_POLICY_REQUIRE; return(GENERATE_LEVEL); }
+ YY_BREAK
+ case 155:
+ YY_RULE_SETUP
+-#line 337 "cftoken.l"
++#line 338 "cftoken.l"
+ { YYD; yywarn("it is obsoleted. use \"support_proxy\"."); return(SUPPORT_PROXY); }
+ YY_BREAK
+ case 156:
+ YY_RULE_SETUP
+-#line 338 "cftoken.l"
++#line 339 "cftoken.l"
+ { YYD; return(SUPPORT_PROXY); }
+ YY_BREAK
+ case 157:
+ YY_RULE_SETUP
+-#line 339 "cftoken.l"
++#line 340 "cftoken.l"
+ { YYD; return(INITIAL_CONTACT); }
+ YY_BREAK
+ case 158:
+ YY_RULE_SETUP
+-#line 340 "cftoken.l"
++#line 341 "cftoken.l"
+ { YYD; return(NAT_TRAVERSAL); }
+ YY_BREAK
+ case 159:
+ YY_RULE_SETUP
+-#line 341 "cftoken.l"
++#line 342 "cftoken.l"
+ { YYD; return(REMOTE_FORCE_LEVEL); }
+ YY_BREAK
+ case 160:
+ YY_RULE_SETUP
+-#line 342 "cftoken.l"
++#line 343 "cftoken.l"
+ { YYD; return(PROPOSAL_CHECK); }
+ YY_BREAK
+ case 161:
+ YY_RULE_SETUP
+-#line 343 "cftoken.l"
++#line 344 "cftoken.l"
+ { YYD; yylval.num = PROP_CHECK_OBEY; return(PROPOSAL_CHECK_LEVEL); }
+ YY_BREAK
+ case 162:
+ YY_RULE_SETUP
+-#line 344 "cftoken.l"
++#line 345 "cftoken.l"
+ { YYD; yylval.num = PROP_CHECK_STRICT; return(PROPOSAL_CHECK_LEVEL); }
+ YY_BREAK
+ case 163:
+ YY_RULE_SETUP
+-#line 345 "cftoken.l"
++#line 346 "cftoken.l"
+ { YYD; yylval.num = PROP_CHECK_EXACT; return(PROPOSAL_CHECK_LEVEL); }
+ YY_BREAK
+ case 164:
+ YY_RULE_SETUP
+-#line 346 "cftoken.l"
++#line 347 "cftoken.l"
+ { YYD; yylval.num = PROP_CHECK_CLAIM; return(PROPOSAL_CHECK_LEVEL); }
+ YY_BREAK
+ case 165:
+ YY_RULE_SETUP
+-#line 347 "cftoken.l"
++#line 348 "cftoken.l"
+ { YYD; return(KEEPALIVE); }
+ YY_BREAK
+ case 166:
+ YY_RULE_SETUP
+-#line 348 "cftoken.l"
++#line 349 "cftoken.l"
+ { YYD; return(PASSIVE); }
+ YY_BREAK
+ case 167:
+ YY_RULE_SETUP
+-#line 349 "cftoken.l"
++#line 350 "cftoken.l"
+ { YYD; return(LIFETIME); }
+ YY_BREAK
+ case 168:
+ YY_RULE_SETUP
+-#line 350 "cftoken.l"
++#line 351 "cftoken.l"
+ { YYD; return(LIFETYPE_TIME); }
+ YY_BREAK
+ case 169:
+ YY_RULE_SETUP
+-#line 351 "cftoken.l"
++#line 352 "cftoken.l"
+ { YYD; return(LIFETYPE_BYTE); }
+ YY_BREAK
+ case 170:
+ YY_RULE_SETUP
+-#line 352 "cftoken.l"
++#line 353 "cftoken.l"
+ { YYD; return(DPD); }
+ YY_BREAK
+ case 171:
+ YY_RULE_SETUP
+-#line 353 "cftoken.l"
++#line 354 "cftoken.l"
+ { YYD; return(DPD_DELAY); }
+ YY_BREAK
+ case 172:
+ YY_RULE_SETUP
+-#line 354 "cftoken.l"
++#line 355 "cftoken.l"
+ { YYD; return(DPD_RETRY); }
+ YY_BREAK
+ case 173:
+ YY_RULE_SETUP
+-#line 355 "cftoken.l"
++#line 356 "cftoken.l"
+ { YYD; return(DPD_MAXFAIL); }
+ YY_BREAK
+ case 174:
+ YY_RULE_SETUP
+-#line 356 "cftoken.l"
++#line 357 "cftoken.l"
+ { YYD; return(PH1ID); }
+ YY_BREAK
+ case 175:
+ YY_RULE_SETUP
+-#line 357 "cftoken.l"
++#line 358 "cftoken.l"
+ { YYD; return(IKE_FRAG); }
+ YY_BREAK
+ case 176:
+ YY_RULE_SETUP
+-#line 358 "cftoken.l"
++#line 359 "cftoken.l"
+ { YYD; return(ESP_FRAG); }
+ YY_BREAK
+ case 177:
+ YY_RULE_SETUP
+-#line 359 "cftoken.l"
++#line 360 "cftoken.l"
+ { YYD; return(SCRIPT); }
+ YY_BREAK
+ case 178:
+ YY_RULE_SETUP
+-#line 360 "cftoken.l"
++#line 361 "cftoken.l"
+ { YYD; return(PHASE1_UP); }
+ YY_BREAK
+ case 179:
+ YY_RULE_SETUP
+-#line 361 "cftoken.l"
++#line 362 "cftoken.l"
+ { YYD; return(PHASE1_DOWN); }
+ YY_BREAK
+ case 180:
+ YY_RULE_SETUP
+-#line 362 "cftoken.l"
++#line 363 "cftoken.l"
+ { YYD; return(MODE_CFG); }
+ YY_BREAK
+ case 181:
+ YY_RULE_SETUP
+-#line 363 "cftoken.l"
++#line 364 "cftoken.l"
+ { YYD; return(WEAK_PHASE1_CHECK); }
+ YY_BREAK
+ /* remote proposal */
+ case 182:
+ YY_RULE_SETUP
+-#line 365 "cftoken.l"
++#line 366 "cftoken.l"
+ { BEGIN S_RMTP; YYDB; return(PROPOSAL); }
+ YY_BREAK
+ case 183:
+ YY_RULE_SETUP
+-#line 366 "cftoken.l"
++#line 367 "cftoken.l"
+ { return(BOC); }
+ YY_BREAK
+ case 184:
+ YY_RULE_SETUP
+-#line 367 "cftoken.l"
++#line 368 "cftoken.l"
+ { BEGIN S_RMTS; return(EOC); }
+ YY_BREAK
+ case 185:
+ YY_RULE_SETUP
+-#line 368 "cftoken.l"
++#line 369 "cftoken.l"
+ { YYD; return(LIFETIME); }
+ YY_BREAK
+ case 186:
+ YY_RULE_SETUP
+-#line 369 "cftoken.l"
++#line 370 "cftoken.l"
+ { YYD; return(LIFETYPE_TIME); }
+ YY_BREAK
+ case 187:
+ YY_RULE_SETUP
+-#line 370 "cftoken.l"
++#line 371 "cftoken.l"
+ { YYD; return(LIFETYPE_BYTE); }
+ YY_BREAK
+ case 188:
+ YY_RULE_SETUP
+-#line 371 "cftoken.l"
++#line 372 "cftoken.l"
+ { YYD; yylval.num = algclass_isakmp_enc; return(ALGORITHM_CLASS); }
+ YY_BREAK
+ case 189:
+ YY_RULE_SETUP
+-#line 372 "cftoken.l"
++#line 373 "cftoken.l"
+ { YYD; yylval.num = algclass_isakmp_ameth; return(ALGORITHM_CLASS); }
+ YY_BREAK
+ case 190:
+ YY_RULE_SETUP
+-#line 373 "cftoken.l"
++#line 374 "cftoken.l"
+ { YYD; yylval.num = algclass_isakmp_hash; return(ALGORITHM_CLASS); }
+ YY_BREAK
+ case 191:
+ YY_RULE_SETUP
+-#line 374 "cftoken.l"
++#line 375 "cftoken.l"
+ { YYD; return(DH_GROUP); }
+ YY_BREAK
+ case 192:
+ YY_RULE_SETUP
+-#line 375 "cftoken.l"
++#line 376 "cftoken.l"
+ { YYD; return(GSS_ID); }
+ YY_BREAK
+ case 193:
+ YY_RULE_SETUP
+-#line 376 "cftoken.l"
++#line 377 "cftoken.l"
+ { YYD; return(GSS_ID); } /* for back compatibility */
+ YY_BREAK
+ /* GSS ID encoding type (global) */
+ case 194:
+ YY_RULE_SETUP
+-#line 379 "cftoken.l"
++#line 380 "cftoken.l"
+ { BEGIN S_GSSENC; YYDB; return(GSS_ID_ENC); }
+ YY_BREAK
+ case 195:
+ YY_RULE_SETUP
+-#line 380 "cftoken.l"
++#line 381 "cftoken.l"
+ { YYD; yylval.num = LC_GSSENC_LATIN1;
+ return(GSS_ID_ENCTYPE); }
+ YY_BREAK
+ case 196:
+ YY_RULE_SETUP
+-#line 382 "cftoken.l"
++#line 383 "cftoken.l"
+ { YYD; yylval.num = LC_GSSENC_UTF16LE;
+ return(GSS_ID_ENCTYPE); }
+ YY_BREAK
+ case 197:
+ YY_RULE_SETUP
+-#line 384 "cftoken.l"
++#line 385 "cftoken.l"
+ { BEGIN S_INI; YYDB; return(EOS); }
+ YY_BREAK
+ /* parameter */
+ case 198:
+ YY_RULE_SETUP
+-#line 387 "cftoken.l"
++#line 388 "cftoken.l"
+ { YYD; yylval.num = TRUE; return(SWITCH); }
+ YY_BREAK
+ case 199:
+ YY_RULE_SETUP
+-#line 388 "cftoken.l"
++#line 389 "cftoken.l"
+ { YYD; yylval.num = FALSE; return(SWITCH); }
+ YY_BREAK
+ /* prefix */
+ case 200:
+ YY_RULE_SETUP
+-#line 391 "cftoken.l"
++#line 392 "cftoken.l"
+ {
+ YYD;
+ yytext++;
+@@ -2947,7 +2970,7 @@ YY_RULE_SETUP
+ /* port number */
+ case 201:
+ YY_RULE_SETUP
+-#line 399 "cftoken.l"
++#line 400 "cftoken.l"
+ {
+ char *p = yytext;
+ YYD;
+@@ -2961,7 +2984,7 @@ YY_RULE_SETUP
+ /* address range */
+ case 202:
+ YY_RULE_SETUP
+-#line 410 "cftoken.l"
++#line 411 "cftoken.l"
+ {
+ YYD;
+ yytext++;
+@@ -2977,318 +3000,318 @@ YY_RULE_SETUP
+ /* upper protocol */
+ case 203:
+ YY_RULE_SETUP
+-#line 423 "cftoken.l"
++#line 424 "cftoken.l"
+ { YYD; yylval.num = IPPROTO_ESP; return(UL_PROTO); }
+ YY_BREAK
+ case 204:
+ YY_RULE_SETUP
+-#line 424 "cftoken.l"
++#line 425 "cftoken.l"
+ { YYD; yylval.num = IPPROTO_AH; return(UL_PROTO); }
+ YY_BREAK
+ case 205:
+ YY_RULE_SETUP
+-#line 425 "cftoken.l"
++#line 426 "cftoken.l"
+ { YYD; yylval.num = IPPROTO_IPCOMP; return(UL_PROTO); }
+ YY_BREAK
+ case 206:
+ YY_RULE_SETUP
+-#line 426 "cftoken.l"
++#line 427 "cftoken.l"
+ { YYD; yylval.num = IPPROTO_ICMP; return(UL_PROTO); }
+ YY_BREAK
+ case 207:
+ YY_RULE_SETUP
+-#line 427 "cftoken.l"
++#line 428 "cftoken.l"
+ { YYD; yylval.num = IPPROTO_ICMPV6; return(UL_PROTO); }
+ YY_BREAK
+ case 208:
+ YY_RULE_SETUP
+-#line 428 "cftoken.l"
++#line 429 "cftoken.l"
+ { YYD; yylval.num = IPPROTO_TCP; return(UL_PROTO); }
+ YY_BREAK
+ case 209:
+ YY_RULE_SETUP
+-#line 429 "cftoken.l"
++#line 430 "cftoken.l"
+ { YYD; yylval.num = IPPROTO_UDP; return(UL_PROTO); }
+ YY_BREAK
+ /* algorithm type */
+ case 210:
+ YY_RULE_SETUP
+-#line 432 "cftoken.l"
++#line 433 "cftoken.l"
+ { YYD; yylval.num = algtype_des_iv64; return(ALGORITHMTYPE); }
+ YY_BREAK
+ case 211:
+ YY_RULE_SETUP
+-#line 433 "cftoken.l"
++#line 434 "cftoken.l"
+ { YYD; yylval.num = algtype_des; return(ALGORITHMTYPE); }
+ YY_BREAK
+ case 212:
+ YY_RULE_SETUP
+-#line 434 "cftoken.l"
++#line 435 "cftoken.l"
+ { YYD; yylval.num = algtype_3des; return(ALGORITHMTYPE); }
+ YY_BREAK
+ case 213:
+ YY_RULE_SETUP
+-#line 435 "cftoken.l"
++#line 436 "cftoken.l"
+ { YYD; yylval.num = algtype_rc5; return(ALGORITHMTYPE); }
+ YY_BREAK
+ case 214:
+ YY_RULE_SETUP
+-#line 436 "cftoken.l"
++#line 437 "cftoken.l"
+ { YYD; yylval.num = algtype_idea; return(ALGORITHMTYPE); }
+ YY_BREAK
+ case 215:
+ YY_RULE_SETUP
+-#line 437 "cftoken.l"
++#line 438 "cftoken.l"
+ { YYD; yylval.num = algtype_cast128; return(ALGORITHMTYPE); }
+ YY_BREAK
+ case 216:
+ YY_RULE_SETUP
+-#line 438 "cftoken.l"
++#line 439 "cftoken.l"
+ { YYD; yylval.num = algtype_blowfish; return(ALGORITHMTYPE); }
+ YY_BREAK
+ case 217:
+ YY_RULE_SETUP
+-#line 439 "cftoken.l"
++#line 440 "cftoken.l"
+ { YYD; yylval.num = algtype_3idea; return(ALGORITHMTYPE); }
+ YY_BREAK
+ case 218:
+ YY_RULE_SETUP
+-#line 440 "cftoken.l"
++#line 441 "cftoken.l"
+ { YYD; yylval.num = algtype_des_iv32; return(ALGORITHMTYPE); }
+ YY_BREAK
+ case 219:
+ YY_RULE_SETUP
+-#line 441 "cftoken.l"
++#line 442 "cftoken.l"
+ { YYD; yylval.num = algtype_rc4; return(ALGORITHMTYPE); }
+ YY_BREAK
+ case 220:
+ YY_RULE_SETUP
+-#line 442 "cftoken.l"
++#line 443 "cftoken.l"
+ { YYD; yylval.num = algtype_null_enc; return(ALGORITHMTYPE); }
+ YY_BREAK
+ case 221:
+ YY_RULE_SETUP
+-#line 443 "cftoken.l"
++#line 444 "cftoken.l"
+ { YYD; yylval.num = algtype_null_enc; return(ALGORITHMTYPE); }
+ YY_BREAK
+ case 222:
+ YY_RULE_SETUP
+-#line 444 "cftoken.l"
++#line 445 "cftoken.l"
+ { YYD; yylval.num = algtype_aes; return(ALGORITHMTYPE); }
+ YY_BREAK
+ case 223:
+ YY_RULE_SETUP
+-#line 445 "cftoken.l"
++#line 446 "cftoken.l"
+ { YYD; yylval.num = algtype_aes; return(ALGORITHMTYPE); }
+ YY_BREAK
+ case 224:
+ YY_RULE_SETUP
+-#line 446 "cftoken.l"
++#line 447 "cftoken.l"
+ { YYD; yylval.num = algtype_twofish; return(ALGORITHMTYPE); }
+ YY_BREAK
+ case 225:
+ YY_RULE_SETUP
+-#line 447 "cftoken.l"
++#line 448 "cftoken.l"
+ { YYD; yylval.num = algtype_camellia; return(ALGORITHMTYPE); }
+ YY_BREAK
+ case 226:
+ YY_RULE_SETUP
+-#line 448 "cftoken.l"
++#line 449 "cftoken.l"
+ { YYD; yylval.num = algtype_non_auth; return(ALGORITHMTYPE); }
+ YY_BREAK
+ case 227:
+ YY_RULE_SETUP
+-#line 449 "cftoken.l"
++#line 450 "cftoken.l"
+ { YYD; yylval.num = algtype_hmac_md5; return(ALGORITHMTYPE); }
+ YY_BREAK
+ case 228:
+ YY_RULE_SETUP
+-#line 450 "cftoken.l"
++#line 451 "cftoken.l"
+ { YYD; yylval.num = algtype_hmac_sha1; return(ALGORITHMTYPE); }
+ YY_BREAK
+ case 229:
+ YY_RULE_SETUP
+-#line 451 "cftoken.l"
++#line 452 "cftoken.l"
+ { YYD; yylval.num = algtype_hmac_sha2_256; return(ALGORITHMTYPE); }
+ YY_BREAK
+ case 230:
+ YY_RULE_SETUP
+-#line 452 "cftoken.l"
++#line 453 "cftoken.l"
+ { YYD; yylval.num = algtype_hmac_sha2_256; return(ALGORITHMTYPE); }
+ YY_BREAK
+ case 231:
+ YY_RULE_SETUP
+-#line 453 "cftoken.l"
++#line 454 "cftoken.l"
+ { YYD; yylval.num = algtype_hmac_sha2_384; return(ALGORITHMTYPE); }
+ YY_BREAK
+ case 232:
+ YY_RULE_SETUP
+-#line 454 "cftoken.l"
++#line 455 "cftoken.l"
+ { YYD; yylval.num = algtype_hmac_sha2_384; return(ALGORITHMTYPE); }
+ YY_BREAK
+ case 233:
+ YY_RULE_SETUP
+-#line 455 "cftoken.l"
++#line 456 "cftoken.l"
+ { YYD; yylval.num = algtype_hmac_sha2_512; return(ALGORITHMTYPE); }
+ YY_BREAK
+ case 234:
+ YY_RULE_SETUP
+-#line 456 "cftoken.l"
++#line 457 "cftoken.l"
+ { YYD; yylval.num = algtype_hmac_sha2_512; return(ALGORITHMTYPE); }
+ YY_BREAK
+ case 235:
+ YY_RULE_SETUP
+-#line 457 "cftoken.l"
++#line 458 "cftoken.l"
+ { YYD; yylval.num = algtype_des_mac; return(ALGORITHMTYPE); }
+ YY_BREAK
+ case 236:
+ YY_RULE_SETUP
+-#line 458 "cftoken.l"
++#line 459 "cftoken.l"
+ { YYD; yylval.num = algtype_kpdk; return(ALGORITHMTYPE); }
+ YY_BREAK
+ case 237:
+ YY_RULE_SETUP
+-#line 459 "cftoken.l"
++#line 460 "cftoken.l"
+ { YYD; yylval.num = algtype_md5; return(ALGORITHMTYPE); }
+ YY_BREAK
+ case 238:
+ YY_RULE_SETUP
+-#line 460 "cftoken.l"
++#line 461 "cftoken.l"
+ { YYD; yylval.num = algtype_sha1; return(ALGORITHMTYPE); }
+ YY_BREAK
+ case 239:
+ YY_RULE_SETUP
+-#line 461 "cftoken.l"
++#line 462 "cftoken.l"
+ { YYD; yylval.num = algtype_tiger; return(ALGORITHMTYPE); }
+ YY_BREAK
+ case 240:
+ YY_RULE_SETUP
+-#line 462 "cftoken.l"
++#line 463 "cftoken.l"
+ { YYD; yylval.num = algtype_sha2_256; return(ALGORITHMTYPE); }
+ YY_BREAK
+ case 241:
+ YY_RULE_SETUP
+-#line 463 "cftoken.l"
++#line 464 "cftoken.l"
+ { YYD; yylval.num = algtype_sha2_256; return(ALGORITHMTYPE); }
+ YY_BREAK
+ case 242:
+ YY_RULE_SETUP
+-#line 464 "cftoken.l"
++#line 465 "cftoken.l"
+ { YYD; yylval.num = algtype_sha2_384; return(ALGORITHMTYPE); }
+ YY_BREAK
+ case 243:
+ YY_RULE_SETUP
+-#line 465 "cftoken.l"
++#line 466 "cftoken.l"
+ { YYD; yylval.num = algtype_sha2_384; return(ALGORITHMTYPE); }
+ YY_BREAK
+ case 244:
+ YY_RULE_SETUP
+-#line 466 "cftoken.l"
++#line 467 "cftoken.l"
+ { YYD; yylval.num = algtype_sha2_512; return(ALGORITHMTYPE); }
+ YY_BREAK
+ case 245:
+ YY_RULE_SETUP
+-#line 467 "cftoken.l"
++#line 468 "cftoken.l"
+ { YYD; yylval.num = algtype_sha2_512; return(ALGORITHMTYPE); }
+ YY_BREAK
+ case 246:
+ YY_RULE_SETUP
+-#line 468 "cftoken.l"
++#line 469 "cftoken.l"
+ { YYD; yylval.num = algtype_oui; return(ALGORITHMTYPE); }
+ YY_BREAK
+ case 247:
+ YY_RULE_SETUP
+-#line 469 "cftoken.l"
++#line 470 "cftoken.l"
+ { YYD; yylval.num = algtype_deflate; return(ALGORITHMTYPE); }
+ YY_BREAK
+ case 248:
+ YY_RULE_SETUP
+-#line 470 "cftoken.l"
++#line 471 "cftoken.l"
+ { YYD; yylval.num = algtype_lzs; return(ALGORITHMTYPE); }
+ YY_BREAK
+ case 249:
+ YY_RULE_SETUP
+-#line 471 "cftoken.l"
++#line 472 "cftoken.l"
+ { YYD; yylval.num = algtype_modp768; return(ALGORITHMTYPE); }
+ YY_BREAK
+ case 250:
+ YY_RULE_SETUP
+-#line 472 "cftoken.l"
++#line 473 "cftoken.l"
+ { YYD; yylval.num = algtype_modp1024; return(ALGORITHMTYPE); }
+ YY_BREAK
+ case 251:
+ YY_RULE_SETUP
+-#line 473 "cftoken.l"
++#line 474 "cftoken.l"
+ { YYD; yylval.num = algtype_modp1536; return(ALGORITHMTYPE); }
+ YY_BREAK
+ case 252:
+ YY_RULE_SETUP
+-#line 474 "cftoken.l"
++#line 475 "cftoken.l"
+ { YYD; yylval.num = algtype_ec2n155; return(ALGORITHMTYPE); }
+ YY_BREAK
+ case 253:
+ YY_RULE_SETUP
+-#line 475 "cftoken.l"
++#line 476 "cftoken.l"
+ { YYD; yylval.num = algtype_ec2n185; return(ALGORITHMTYPE); }
+ YY_BREAK
+ case 254:
+ YY_RULE_SETUP
+-#line 476 "cftoken.l"
++#line 477 "cftoken.l"
+ { YYD; yylval.num = algtype_modp2048; return(ALGORITHMTYPE); }
+ YY_BREAK
+ case 255:
+ YY_RULE_SETUP
+-#line 477 "cftoken.l"
++#line 478 "cftoken.l"
+ { YYD; yylval.num = algtype_modp3072; return(ALGORITHMTYPE); }
+ YY_BREAK
+ case 256:
+ YY_RULE_SETUP
+-#line 478 "cftoken.l"
++#line 479 "cftoken.l"
+ { YYD; yylval.num = algtype_modp4096; return(ALGORITHMTYPE); }
+ YY_BREAK
+ case 257:
+ YY_RULE_SETUP
+-#line 479 "cftoken.l"
++#line 480 "cftoken.l"
+ { YYD; yylval.num = algtype_modp6144; return(ALGORITHMTYPE); }
+ YY_BREAK
+ case 258:
+ YY_RULE_SETUP
+-#line 480 "cftoken.l"
++#line 481 "cftoken.l"
+ { YYD; yylval.num = algtype_modp8192; return(ALGORITHMTYPE); }
+ YY_BREAK
+ case 259:
+ YY_RULE_SETUP
+-#line 481 "cftoken.l"
++#line 482 "cftoken.l"
+ { YYD; yylval.num = algtype_psk; return(ALGORITHMTYPE); }
+ YY_BREAK
+ case 260:
+ YY_RULE_SETUP
+-#line 482 "cftoken.l"
++#line 483 "cftoken.l"
+ { YYD; yylval.num = algtype_rsasig; return(ALGORITHMTYPE); }
+ YY_BREAK
+ case 261:
+ YY_RULE_SETUP
+-#line 483 "cftoken.l"
++#line 484 "cftoken.l"
+ { YYD; yylval.num = algtype_dsssig; return(ALGORITHMTYPE); }
+ YY_BREAK
+ case 262:
+ YY_RULE_SETUP
+-#line 484 "cftoken.l"
++#line 485 "cftoken.l"
+ { YYD; yylval.num = algtype_rsaenc; return(ALGORITHMTYPE); }
+ YY_BREAK
+ case 263:
+ YY_RULE_SETUP
+-#line 485 "cftoken.l"
++#line 486 "cftoken.l"
+ { YYD; yylval.num = algtype_rsarev; return(ALGORITHMTYPE); }
+ YY_BREAK
+ case 264:
+ YY_RULE_SETUP
+-#line 486 "cftoken.l"
++#line 487 "cftoken.l"
+ { YYD; yylval.num = algtype_gssapikrb; return(ALGORITHMTYPE); }
+ YY_BREAK
+ case 265:
+ YY_RULE_SETUP
+-#line 487 "cftoken.l"
++#line 488 "cftoken.l"
+ {
+ #ifdef ENABLE_HYBRID
+ YYD; yylval.num = algtype_hybrid_rsa_s; return(ALGORITHMTYPE);
+@@ -3299,7 +3322,7 @@ YY_RULE_SETUP
+ YY_BREAK
+ case 266:
+ YY_RULE_SETUP
+-#line 494 "cftoken.l"
++#line 495 "cftoken.l"
+ {
+ #ifdef ENABLE_HYBRID
+ YYD; yylval.num = algtype_hybrid_dss_s; return(ALGORITHMTYPE);
+@@ -3310,7 +3333,7 @@ YY_RULE_SETUP
+ YY_BREAK
+ case 267:
+ YY_RULE_SETUP
+-#line 501 "cftoken.l"
++#line 502 "cftoken.l"
+ {
+ #ifdef ENABLE_HYBRID
+ YYD; yylval.num = algtype_hybrid_rsa_c; return(ALGORITHMTYPE);
+@@ -3321,7 +3344,7 @@ YY_RULE_SETUP
+ YY_BREAK
+ case 268:
+ YY_RULE_SETUP
+-#line 508 "cftoken.l"
++#line 509 "cftoken.l"
+ {
+ #ifdef ENABLE_HYBRID
+ YYD; yylval.num = algtype_hybrid_dss_c; return(ALGORITHMTYPE);
+@@ -3332,7 +3355,7 @@ YY_RULE_SETUP
+ YY_BREAK
+ case 269:
+ YY_RULE_SETUP
+-#line 515 "cftoken.l"
++#line 516 "cftoken.l"
+ {
+ #ifdef ENABLE_HYBRID
+ YYD; yylval.num = algtype_xauth_psk_s; return(ALGORITHMTYPE);
+@@ -3343,7 +3366,7 @@ YY_RULE_SETUP
+ YY_BREAK
+ case 270:
+ YY_RULE_SETUP
+-#line 522 "cftoken.l"
++#line 523 "cftoken.l"
+ {
+ #ifdef ENABLE_HYBRID
+ YYD; yylval.num = algtype_xauth_psk_c; return(ALGORITHMTYPE);
+@@ -3354,7 +3377,7 @@ YY_RULE_SETUP
+ YY_BREAK
+ case 271:
+ YY_RULE_SETUP
+-#line 529 "cftoken.l"
++#line 530 "cftoken.l"
+ {
+ #ifdef ENABLE_HYBRID
+ YYD; yylval.num = algtype_xauth_rsa_s; return(ALGORITHMTYPE);
+@@ -3365,7 +3388,7 @@ YY_RULE_SETUP
+ YY_BREAK
+ case 272:
+ YY_RULE_SETUP
+-#line 536 "cftoken.l"
++#line 537 "cftoken.l"
+ {
+ #ifdef ENABLE_HYBRID
+ YYD; yylval.num = algtype_xauth_rsa_c; return(ALGORITHMTYPE);
+@@ -3377,105 +3400,105 @@ YY_RULE_SETUP
+ /* identifier type */
+ case 273:
+ YY_RULE_SETUP
+-#line 546 "cftoken.l"
++#line 547 "cftoken.l"
+ { YYD; yywarn("it is obsoleted."); return(VENDORID); }
+ YY_BREAK
+ case 274:
+ YY_RULE_SETUP
+-#line 547 "cftoken.l"
++#line 548 "cftoken.l"
+ { YYD; yylval.num = IDTYPE_USERFQDN; return(IDENTIFIERTYPE); }
+ YY_BREAK
+ case 275:
+ YY_RULE_SETUP
+-#line 548 "cftoken.l"
++#line 549 "cftoken.l"
+ { YYD; yylval.num = IDTYPE_FQDN; return(IDENTIFIERTYPE); }
+ YY_BREAK
+ case 276:
+ YY_RULE_SETUP
+-#line 549 "cftoken.l"
++#line 550 "cftoken.l"
+ { YYD; yylval.num = IDTYPE_KEYID; return(IDENTIFIERTYPE); }
+ YY_BREAK
+ case 277:
+ YY_RULE_SETUP
+-#line 550 "cftoken.l"
++#line 551 "cftoken.l"
+ { YYD; yylval.num = IDTYPE_ADDRESS; return(IDENTIFIERTYPE); }
+ YY_BREAK
+ case 278:
+ YY_RULE_SETUP
+-#line 551 "cftoken.l"
++#line 552 "cftoken.l"
+ { YYD; yylval.num = IDTYPE_SUBNET; return(IDENTIFIERTYPE); }
+ YY_BREAK
+ case 279:
+ YY_RULE_SETUP
+-#line 552 "cftoken.l"
++#line 553 "cftoken.l"
+ { YYD; yylval.num = IDTYPE_ASN1DN; return(IDENTIFIERTYPE); }
+ YY_BREAK
+ case 280:
+ YY_RULE_SETUP
+-#line 553 "cftoken.l"
++#line 554 "cftoken.l"
+ { YYD; yywarn("certname will be obsoleted in near future."); yylval.num = IDTYPE_ASN1DN; return(IDENTIFIERTYPE); }
+ YY_BREAK
+ /* identifier qualifier */
+ case 281:
+ YY_RULE_SETUP
+-#line 556 "cftoken.l"
++#line 557 "cftoken.l"
+ { YYD; yylval.num = IDQUAL_TAG; return(IDENTIFIERQUAL); }
+ YY_BREAK
+ case 282:
+ YY_RULE_SETUP
+-#line 557 "cftoken.l"
++#line 558 "cftoken.l"
+ { YYD; yylval.num = IDQUAL_FILE; return(IDENTIFIERQUAL); }
+ YY_BREAK
+ /* units */
+ case 283:
+ YY_RULE_SETUP
+-#line 560 "cftoken.l"
++#line 561 "cftoken.l"
+ { YYD; return(UNITTYPE_BYTE); }
+ YY_BREAK
+ case 284:
+ YY_RULE_SETUP
+-#line 561 "cftoken.l"
++#line 562 "cftoken.l"
+ { YYD; return(UNITTYPE_KBYTES); }
+ YY_BREAK
+ case 285:
+ YY_RULE_SETUP
+-#line 562 "cftoken.l"
++#line 563 "cftoken.l"
+ { YYD; return(UNITTYPE_MBYTES); }
+ YY_BREAK
+ case 286:
+ YY_RULE_SETUP
+-#line 563 "cftoken.l"
++#line 564 "cftoken.l"
+ { YYD; return(UNITTYPE_TBYTES); }
+ YY_BREAK
+ case 287:
+ YY_RULE_SETUP
+-#line 564 "cftoken.l"
++#line 565 "cftoken.l"
+ { YYD; return(UNITTYPE_SEC); }
+ YY_BREAK
+ case 288:
+ YY_RULE_SETUP
+-#line 565 "cftoken.l"
++#line 566 "cftoken.l"
+ { YYD; return(UNITTYPE_MIN); }
+ YY_BREAK
+ case 289:
+ YY_RULE_SETUP
+-#line 566 "cftoken.l"
++#line 567 "cftoken.l"
+ { YYD; return(UNITTYPE_HOUR); }
+ YY_BREAK
+ /* boolean */
+ case 290:
+ YY_RULE_SETUP
+-#line 569 "cftoken.l"
++#line 570 "cftoken.l"
+ { YYD; yylval.num = TRUE; return(BOOLEAN); }
+ YY_BREAK
+ case 291:
+ YY_RULE_SETUP
+-#line 570 "cftoken.l"
++#line 571 "cftoken.l"
+ { YYD; yylval.num = FALSE; return(BOOLEAN); }
+ YY_BREAK
+ case 292:
+ YY_RULE_SETUP
+-#line 572 "cftoken.l"
++#line 573 "cftoken.l"
+ {
+ char *bp;
+
+@@ -3486,7 +3509,7 @@ YY_RULE_SETUP
+ YY_BREAK
+ case 293:
+ YY_RULE_SETUP
+-#line 580 "cftoken.l"
++#line 581 "cftoken.l"
+ {
+ char *p;
+
+@@ -3512,7 +3535,7 @@ YY_RULE_SETUP
+ case 294:
+ /* rule 294 can match eol */
+ YY_RULE_SETUP
+-#line 602 "cftoken.l"
++#line 603 "cftoken.l"
+ {
+ char *p = yytext;
+
+@@ -3532,7 +3555,7 @@ YY_RULE_SETUP
+ YY_BREAK
+ case 295:
+ YY_RULE_SETUP
+-#line 619 "cftoken.l"
++#line 620 "cftoken.l"
+ {
+ YYD;
+
+@@ -3566,7 +3589,7 @@ case YY_STATE_EOF(S_RMTS):
+ case YY_STATE_EOF(S_RMTP):
+ case YY_STATE_EOF(S_SA):
+ case YY_STATE_EOF(S_GSSENC):
+-#line 632 "cftoken.l"
++#line 633 "cftoken.l"
+ {
+ yy_delete_buffer(YY_CURRENT_BUFFER);
+ incstackp--;
+@@ -3594,36 +3617,36 @@ case YY_STATE_EOF(S_GSSENC):
+ /* ... */
+ case 296:
+ YY_RULE_SETUP
+-#line 657 "cftoken.l"
++#line 658 "cftoken.l"
+ { ; }
+ YY_BREAK
+ case 297:
+ /* rule 297 can match eol */
+ YY_RULE_SETUP
+-#line 658 "cftoken.l"
++#line 659 "cftoken.l"
+ { incstack[incstackp].lineno++; }
+ YY_BREAK
+ case 298:
+ YY_RULE_SETUP
+-#line 659 "cftoken.l"
++#line 660 "cftoken.l"
+ { YYD; }
+ YY_BREAK
+ case 299:
+ YY_RULE_SETUP
+-#line 660 "cftoken.l"
++#line 661 "cftoken.l"
+ { return(EOS); }
+ YY_BREAK
+ case 300:
+ YY_RULE_SETUP
+-#line 661 "cftoken.l"
++#line 662 "cftoken.l"
+ { yymore(); }
+ YY_BREAK
+ case 301:
+ YY_RULE_SETUP
+-#line 663 "cftoken.l"
++#line 664 "cftoken.l"
+ ECHO;
+ YY_BREAK
+-#line 3627 "cftoken.c"
++#line 3650 "cftoken.c"
+
+ case YY_END_OF_BUFFER:
+ {
+@@ -4171,9 +4194,19 @@ static void yy_load_buffer_state (void)
+ yyfree((void *) b );
+ }
+
+-#ifndef __cplusplus
++#ifndef _UNISTD_H /* assume unistd.h has isatty() for us */
++#ifdef __cplusplus
++extern "C" {
++#endif
++#ifdef __THROW /* this is a gnuism */
++extern int isatty (int ) __THROW;
++#else
+ extern int isatty (int );
+-#endif /* __cplusplus */
++#endif
++#ifdef __cplusplus
++}
++#endif
++#endif
+
+ /* Initializes or reinitializes a buffer.
+ * This function is sometimes called more than once on the same buffer,
+@@ -4619,7 +4652,7 @@ void yyfree (void * ptr )
+
+ #define YYTABLES_NAME "yytables"
+
+-#line 663 "cftoken.l"
++#line 664 "cftoken.l"
+
+
+
diff --git a/package/ipsec-tools/patches/patch-src_racoon_cftoken_l b/package/ipsec-tools/patches/patch-src_racoon_cftoken_l
new file mode 100644
index 000000000..8ada6f602
--- /dev/null
+++ b/package/ipsec-tools/patches/patch-src_racoon_cftoken_l
@@ -0,0 +1,11 @@
+$Id: update-patches 24 2008-08-31 14:56:13Z wbx $
+--- ipsec-tools-0.7.2.orig/src/racoon/cftoken.l 2007-09-03 20:07:29.000000000 +0200
++++ ipsec-tools-0.7.2/src/racoon/cftoken.l 2009-05-29 15:46:06.836399719 +0200
+@@ -104,6 +104,7 @@ static struct include_stack {
+ static int incstackp = 0;
+
+ static int yy_first_time = 1;
++int yywrap(void) { return 1; }
+ %}
+
+ /* common seciton */
diff --git a/package/ipsec-tools/patches/patch-src_racoon_crypto_openssl_c b/package/ipsec-tools/patches/patch-src_racoon_crypto_openssl_c
index cc10bca3b..76c6a62cc 100644
--- a/package/ipsec-tools/patches/patch-src_racoon_crypto_openssl_c
+++ b/package/ipsec-tools/patches/patch-src_racoon_crypto_openssl_c
@@ -1,5 +1,6 @@
---- ipsec-tools-0.8.0.orig/src/racoon/crypto_openssl.c 2010-10-20 15:40:02.000000000 +0200
-+++ ipsec-tools-0.8.0/src/racoon/crypto_openssl.c 2011-03-31 13:22:18.821818767 +0200
+$Id: update-patches 24 2008-08-31 14:56:13Z wbx $
+--- ipsec-tools-0.7.2.orig/src/racoon/crypto_openssl.c 2009-04-20 15:33:30.000000000 +0200
++++ ipsec-tools-0.7.2/src/racoon/crypto_openssl.c 2009-05-29 15:31:04.728378359 +0200
@@ -63,8 +63,12 @@
#ifdef HAVE_OPENSSL_ENGINE_H
#include <openssl/engine.h>
@@ -13,7 +14,7 @@
#include <openssl/err.h>
#ifdef HAVE_OPENSSL_RC5_H
#include <openssl/rc5.h>
-@@ -1405,6 +1409,7 @@ eay_idea_keylen(len)
+@@ -1347,6 +1351,7 @@ eay_idea_keylen(len)
}
#endif
@@ -21,7 +22,7 @@
/*
* BLOWFISH-CBC
*/
-@@ -1439,6 +1444,7 @@ eay_bf_keylen(len)
+@@ -1381,6 +1386,7 @@ eay_bf_keylen(len)
return -1;
return len;
}
@@ -29,7 +30,7 @@
#ifdef HAVE_OPENSSL_RC5_H
/*
-@@ -1550,6 +1556,7 @@ eay_3des_keylen(len)
+@@ -1492,6 +1498,7 @@ eay_3des_keylen(len)
return 192;
}
@@ -37,7 +38,7 @@
/*
* CAST-CBC
*/
-@@ -1584,6 +1591,7 @@ eay_cast_keylen(len)
+@@ -1526,6 +1533,7 @@ eay_cast_keylen(len)
return -1;
return len;
}
diff --git a/package/ipsec-tools/patches/patch-src_racoon_eaytest_c b/package/ipsec-tools/patches/patch-src_racoon_eaytest_c
index 86a5ff77e..a7d7807c4 100644
--- a/package/ipsec-tools/patches/patch-src_racoon_eaytest_c
+++ b/package/ipsec-tools/patches/patch-src_racoon_eaytest_c
@@ -1,6 +1,7 @@
---- ipsec-tools-0.8.0.orig/src/racoon/eaytest.c 2010-01-18 00:02:48.000000000 +0100
-+++ ipsec-tools-0.8.0/src/racoon/eaytest.c 2011-03-31 13:23:53.361808366 +0200
-@@ -684,19 +684,23 @@ ciphertest(ac, av)
+$Id: update-patches 24 2008-08-31 14:56:13Z wbx $
+--- ipsec-tools-0.7.2.orig/src/racoon/eaytest.c 2008-07-16 10:50:02.000000000 +0200
++++ ipsec-tools-0.7.2/src/racoon/eaytest.c 2009-05-29 15:33:04.286374004 +0200
+@@ -683,19 +683,23 @@ ciphertest(ac, av)
eay_aes_encrypt, eay_aes_decrypt) < 0)
return -1;
diff --git a/package/ipsec-tools/patches/patch-src_racoon_isakmp_xauth_c b/package/ipsec-tools/patches/patch-src_racoon_isakmp_xauth_c
index 63825a34d..7b612f035 100644
--- a/package/ipsec-tools/patches/patch-src_racoon_isakmp_xauth_c
+++ b/package/ipsec-tools/patches/patch-src_racoon_isakmp_xauth_c
@@ -1,6 +1,7 @@
---- ipsec-tools-0.8.0.orig/src/racoon/isakmp_xauth.c 2011-03-14 16:50:36.000000000 +0100
-+++ ipsec-tools-0.8.0/src/racoon/isakmp_xauth.c 2011-03-31 13:23:58.351808486 +0200
-@@ -655,7 +655,7 @@ PAM_conv(msg_count, msg, rsp, dontcare)
+$Id: update-patches 24 2008-08-31 14:56:13Z wbx $
+--- ipsec-tools-0.7.2.orig/src/racoon/isakmp_xauth.c 2009-04-20 15:35:36.000000000 +0200
++++ ipsec-tools-0.7.2/src/racoon/isakmp_xauth.c 2009-05-29 15:56:30.460377529 +0200
+@@ -585,7 +585,7 @@ PAM_conv(msg_count, msg, rsp, dontcare)
if ((reply = racoon_malloc(sizeof(*reply) * msg_count)) == NULL)
return PAM_CONV_ERR;
diff --git a/package/ipsec-tools/patches/patch-src_racoon_pfkey_c b/package/ipsec-tools/patches/patch-src_racoon_pfkey_c
index d0c416d83..cedbc5cdd 100644
--- a/package/ipsec-tools/patches/patch-src_racoon_pfkey_c
+++ b/package/ipsec-tools/patches/patch-src_racoon_pfkey_c
@@ -1,6 +1,7 @@
---- ipsec-tools-0.8.0.orig/src/racoon/pfkey.c 2011-03-15 14:20:14.000000000 +0100
-+++ ipsec-tools-0.8.0/src/racoon/pfkey.c 2011-03-31 13:24:03.781819000 +0200
-@@ -3855,12 +3855,12 @@ addnewsp(mhp, local, remote)
+$Id: update-patches 24 2008-08-31 14:56:13Z wbx $
+--- ipsec-tools-0.7.2.orig/src/racoon/pfkey.c 2008-12-08 07:06:24.000000000 +0100
++++ ipsec-tools-0.7.2/src/racoon/pfkey.c 2009-05-29 15:48:49.201433105 +0200
+@@ -3008,12 +3008,12 @@ addnewsp(mhp)
struct sockaddr *paddr;
paddr = (struct sockaddr *)(xisr + 1);
diff --git a/package/ipsec-tools/patches/patch-src_racoon_privsep_c b/package/ipsec-tools/patches/patch-src_racoon_privsep_c
index e8f678186..c69abd264 100644
--- a/package/ipsec-tools/patches/patch-src_racoon_privsep_c
+++ b/package/ipsec-tools/patches/patch-src_racoon_privsep_c
@@ -1,6 +1,7 @@
---- ipsec-tools-0.8.0.orig/src/racoon/privsep.c 2011-03-06 09:28:10.000000000 +0100
-+++ ipsec-tools-0.8.0/src/racoon/privsep.c 2011-03-31 13:24:07.981813178 +0200
-@@ -359,7 +359,7 @@ privsep_init(void)
+$Id: update-patches 24 2008-08-31 14:56:13Z wbx $
+--- ipsec-tools-0.7.2.orig/src/racoon/privsep.c 2008-12-08 07:06:24.000000000 +0100
++++ ipsec-tools-0.7.2/src/racoon/privsep.c 2009-05-29 15:55:47.787585131 +0200
+@@ -323,7 +323,7 @@ privsep_init(void)
strerror(errno));
goto out;
}
@@ -9,7 +10,7 @@
reply->hdr.ac_cmd = combuf->hdr.ac_cmd;
reply->hdr.ac_len = sizeof(*reply);
-@@ -457,7 +457,7 @@ privsep_init(void)
+@@ -421,7 +421,7 @@ privsep_init(void)
strerror(errno));
goto out;
}
@@ -18,7 +19,7 @@
/*
-@@ -903,7 +903,7 @@ privsep_eay_get_pkcs1privkey(path)
+@@ -716,7 +716,7 @@ privsep_eay_get_pkcs1privkey(path)
"Cannot allocate memory: %s\n", strerror(errno));
return NULL;
}
@@ -27,7 +28,7 @@
msg->hdr.ac_cmd = PRIVSEP_EAY_GET_PKCS1PRIVKEY;
msg->hdr.ac_len = len;
msg->bufs.buflen[0] = len - sizeof(*msg);
-@@ -953,7 +953,7 @@ privsep_script_exec(script, name, envp)
+@@ -797,7 +797,7 @@ privsep_script_exec(script, name, envp)
return -1;
}
@@ -36,7 +37,7 @@
msg->hdr.ac_cmd = PRIVSEP_SCRIPT_EXEC;
msg->hdr.ac_len = sizeof(*msg);
-@@ -1062,7 +1062,7 @@ privsep_getpsk(str, keylen)
+@@ -906,7 +906,7 @@ privsep_getpsk(str, keylen)
"Cannot allocate memory: %s\n", strerror(errno));
return NULL;
}
@@ -45,7 +46,7 @@
msg->hdr.ac_cmd = PRIVSEP_GETPSK;
msg->hdr.ac_len = len;
-@@ -1334,7 +1334,7 @@ privsep_xauth_login_system(usr, pwd)
+@@ -960,7 +960,7 @@ privsep_xauth_login_system(usr, pwd)
"Cannot allocate memory: %s\n", strerror(errno));
return -1;
}
@@ -54,7 +55,7 @@
msg->hdr.ac_cmd = PRIVSEP_XAUTH_LOGIN_SYSTEM;
msg->hdr.ac_len = len;
-@@ -1389,7 +1389,7 @@ privsep_accounting_system(port, raddr, u
+@@ -1014,7 +1014,7 @@ privsep_accounting_system(port, raddr, u
"Cannot allocate memory: %s\n", strerror(errno));
return -1;
}
@@ -63,7 +64,7 @@
msg->hdr.ac_cmd = PRIVSEP_ACCOUNTING_SYSTEM;
msg->hdr.ac_len = len;
msg->bufs.buflen[0] = sizeof(port);
-@@ -1643,7 +1643,7 @@ privsep_accounting_pam(port, inout)
+@@ -1187,7 +1187,7 @@ privsep_accounting_pam(port, inout)
"Cannot allocate memory: %s\n", strerror(errno));
return -1;
}
@@ -72,7 +73,7 @@
msg->hdr.ac_cmd = PRIVSEP_ACCOUNTING_PAM;
msg->hdr.ac_len = len;
msg->bufs.buflen[0] = sizeof(port);
-@@ -1705,7 +1705,7 @@ privsep_xauth_login_pam(port, raddr, usr
+@@ -1248,7 +1248,7 @@ privsep_xauth_login_pam(port, raddr, usr
"Cannot allocate memory: %s\n", strerror(errno));
return -1;
}
@@ -81,7 +82,7 @@
msg->hdr.ac_cmd = PRIVSEP_XAUTH_LOGIN_PAM;
msg->hdr.ac_len = len;
msg->bufs.buflen[0] = sizeof(port);
-@@ -1770,7 +1770,7 @@ privsep_cleanup_pam(port)
+@@ -1312,7 +1312,7 @@ privsep_cleanup_pam(port)
"Cannot allocate memory: %s\n", strerror(errno));
return;
}
diff --git a/package/ipsec-tools/patches/patch-src_racoon_racoonctl_c b/package/ipsec-tools/patches/patch-src_racoon_racoonctl_c
index 3b998fe24..d5d6267c6 100644
--- a/package/ipsec-tools/patches/patch-src_racoon_racoonctl_c
+++ b/package/ipsec-tools/patches/patch-src_racoon_racoonctl_c
@@ -1,6 +1,7 @@
---- ipsec-tools-0.8.0.orig/src/racoon/racoonctl.c 2010-11-12 10:08:26.000000000 +0100
-+++ ipsec-tools-0.8.0/src/racoon/racoonctl.c 2011-03-31 13:24:13.201808233 +0200
-@@ -693,7 +693,7 @@ f_vpnc(ac, av)
+$Id: update-patches 24 2008-08-31 14:56:13Z wbx $
+--- ipsec-tools-0.7.2.orig/src/racoon/racoonctl.c 2009-04-20 15:32:57.000000000 +0200
++++ ipsec-tools-0.7.2/src/racoon/racoonctl.c 2009-05-29 15:57:45.600377208 +0200
+@@ -785,7 +785,7 @@ f_vpnc(ac, av)
errx(1, "cannot read source address");
/* We get "ip[port]" strip the port */
diff --git a/package/ipsec-tools/patches/patch-src_setkey_token_c b/package/ipsec-tools/patches/patch-src_setkey_token_c
new file mode 100644
index 000000000..1c0231885
--- /dev/null
+++ b/package/ipsec-tools/patches/patch-src_setkey_token_c
@@ -0,0 +1,707 @@
+$Id: update-patches 24 2008-08-31 14:56:13Z wbx $
+--- ipsec-tools-0.7.2.orig/src/setkey/token.c 2008-07-23 10:26:58.000000000 +0200
++++ ipsec-tools-0.7.2/src/setkey/token.c 2009-05-29 15:26:39.126303087 +0200
+@@ -8,7 +8,7 @@
+ #define FLEX_SCANNER
+ #define YY_FLEX_MAJOR_VERSION 2
+ #define YY_FLEX_MINOR_VERSION 5
+-#define YY_FLEX_SUBMINOR_VERSION 34
++#define YY_FLEX_SUBMINOR_VERSION 35
+ #if YY_FLEX_SUBMINOR_VERSION > 0
+ #define FLEX_BETA
+ #endif
+@@ -178,13 +178,6 @@ extern FILE *yyin, *yyout;
+
+ #define unput(c) yyunput( c, (yytext_ptr) )
+
+-/* The following is because we cannot portably get our hands on size_t
+- * (without autoconf's help, which isn't available because we want
+- * flex-generated scanners to compile on their own).
+- * Given that the standard has decreed that size_t exists since 1989,
+- * I guess we can afford to depend on it. Manoj.
+- */
+-
+ #ifndef YY_TYPEDEF_YY_SIZE_T
+ #define YY_TYPEDEF_YY_SIZE_T
+ typedef size_t yy_size_t;
+@@ -1069,9 +1062,10 @@ char *yytext;
+ #if defined(SADB_X_EALG_AES) && ! defined(SADB_X_EALG_AESCBC)
+ #define SADB_X_EALG_AESCBC SADB_X_EALG_AES
+ #endif
++int yywrap(void) { return 1; }
+ /* common section */
+
+-#line 1075 "token.c"
++#line 1069 "token.c"
+
+ #define INITIAL 0
+ #define S_PL 1
+@@ -1092,6 +1086,35 @@ char *yytext;
+
+ static int yy_init_globals (void );
+
++/* Accessor methods to globals.
++ These are made visible to non-reentrant scanners for convenience. */
++
++int yylex_destroy (void );
++
++int yyget_debug (void );
++
++void yyset_debug (int debug_flag );
++
++YY_EXTRA_TYPE yyget_extra (void );
++
++void yyset_extra (YY_EXTRA_TYPE user_defined );
++
++FILE *yyget_in (void );
++
++void yyset_in (FILE * in_str );
++
++FILE *yyget_out (void );
++
++void yyset_out (FILE * out_str );
++
++int yyget_leng (void );
++
++char *yyget_text (void );
++
++int yyget_lineno (void );
++
++void yyset_lineno (int line_number );
++
+ /* Macros after this point can all be overridden by user definitions in
+ * section 1.
+ */
+@@ -1227,10 +1250,10 @@ YY_DECL
+ register char *yy_cp, *yy_bp;
+ register int yy_act;
+
+-#line 114 "token.l"
++#line 115 "token.l"
+
+
+-#line 1234 "token.c"
++#line 1257 "token.c"
+
+ if ( !(yy_init) )
+ {
+@@ -1321,84 +1344,84 @@ do_action: /* This label is used only to
+
+ case 1:
+ YY_RULE_SETUP
+-#line 116 "token.l"
++#line 117 "token.l"
+ { return(ADD); }
+ YY_BREAK
+ case 2:
+ YY_RULE_SETUP
+-#line 117 "token.l"
++#line 118 "token.l"
+ { return(DELETE); }
+ YY_BREAK
+ case 3:
+ YY_RULE_SETUP
+-#line 118 "token.l"
++#line 119 "token.l"
+ { return(DELETEALL); }
+ YY_BREAK
+ case 4:
+ YY_RULE_SETUP
+-#line 119 "token.l"
++#line 120 "token.l"
+ { return(GET); }
+ YY_BREAK
+ case 5:
+ YY_RULE_SETUP
+-#line 120 "token.l"
++#line 121 "token.l"
+ { return(FLUSH); }
+ YY_BREAK
+ case 6:
+ YY_RULE_SETUP
+-#line 121 "token.l"
++#line 122 "token.l"
+ { return(DUMP); }
+ YY_BREAK
+ case 7:
+ YY_RULE_SETUP
+-#line 122 "token.l"
++#line 123 "token.l"
+ { return(EXIT); }
+ YY_BREAK
+ case 8:
+ YY_RULE_SETUP
+-#line 123 "token.l"
++#line 124 "token.l"
+ { return(EXIT); }
+ YY_BREAK
+ case 9:
+ YY_RULE_SETUP
+-#line 124 "token.l"
++#line 125 "token.l"
+ { return(EXIT); }
+ YY_BREAK
+ /* for management SPD */
+ case 10:
+ YY_RULE_SETUP
+-#line 127 "token.l"
++#line 128 "token.l"
+ { return(SPDADD); }
+ YY_BREAK
+ case 11:
+ YY_RULE_SETUP
+-#line 128 "token.l"
++#line 129 "token.l"
+ { return(SPDDELETE); }
+ YY_BREAK
+ case 12:
+ YY_RULE_SETUP
+-#line 129 "token.l"
++#line 130 "token.l"
+ { return(SPDDUMP); }
+ YY_BREAK
+ case 13:
+ YY_RULE_SETUP
+-#line 130 "token.l"
++#line 131 "token.l"
+ { return(SPDFLUSH); }
+ YY_BREAK
+ case 14:
+ YY_RULE_SETUP
+-#line 131 "token.l"
++#line 132 "token.l"
+ { return(TAGGED); }
+ YY_BREAK
+ case 15:
+ YY_RULE_SETUP
+-#line 132 "token.l"
++#line 133 "token.l"
+ { BEGIN S_PL; return(F_POLICY); }
+ YY_BREAK
+ case 16:
+ /* rule 16 can match eol */
+ YY_RULE_SETUP
+-#line 133 "token.l"
++#line 134 "token.l"
+ {
+ yymore();
+
+@@ -1420,13 +1443,13 @@ YY_RULE_SETUP
+ YY_BREAK
+ case 17:
+ YY_RULE_SETUP
+-#line 151 "token.l"
++#line 152 "token.l"
+ { BEGIN INITIAL; return(EOT); }
+ YY_BREAK
+ /* address resolution flags */
+ case 18:
+ YY_RULE_SETUP
+-#line 154 "token.l"
++#line 155 "token.l"
+ {
+ yylval.val.len = strlen(yytext);
+ yylval.val.buf = strdup(yytext);
+@@ -1438,37 +1461,37 @@ YY_RULE_SETUP
+ /* security protocols */
+ case 19:
+ YY_RULE_SETUP
+-#line 163 "token.l"
++#line 164 "token.l"
+ { yylval.num = 0; return(PR_AH); }
+ YY_BREAK
+ case 20:
+ YY_RULE_SETUP
+-#line 164 "token.l"
++#line 165 "token.l"
+ { yylval.num = 0; return(PR_ESP); }
+ YY_BREAK
+ case 21:
+ YY_RULE_SETUP
+-#line 165 "token.l"
++#line 166 "token.l"
+ { yylval.num = 1; return(PR_AH); }
+ YY_BREAK
+ case 22:
+ YY_RULE_SETUP
+-#line 166 "token.l"
++#line 167 "token.l"
+ { yylval.num = 1; return(PR_ESP); }
+ YY_BREAK
+ case 23:
+ YY_RULE_SETUP
+-#line 167 "token.l"
++#line 168 "token.l"
+ { yylval.num = 0; return(PR_ESPUDP); }
+ YY_BREAK
+ case 24:
+ YY_RULE_SETUP
+-#line 168 "token.l"
++#line 169 "token.l"
+ { yylval.num = 0; return(PR_IPCOMP); }
+ YY_BREAK
+ case 25:
+ YY_RULE_SETUP
+-#line 169 "token.l"
++#line 170 "token.l"
+ {
+ yylval.num = 0; return(PR_TCP);
+ }
+@@ -1476,72 +1499,72 @@ YY_RULE_SETUP
+ /* authentication alogorithm */
+ case 26:
+ YY_RULE_SETUP
+-#line 174 "token.l"
++#line 175 "token.l"
+ { BEGIN S_AUTHALG; return(F_AUTH); }
+ YY_BREAK
+ case 27:
+ YY_RULE_SETUP
+-#line 175 "token.l"
++#line 176 "token.l"
+ { yylval.num = SADB_AALG_MD5HMAC; BEGIN INITIAL; return(ALG_AUTH); }
+ YY_BREAK
+ case 28:
+ YY_RULE_SETUP
+-#line 176 "token.l"
++#line 177 "token.l"
+ { yylval.num = SADB_AALG_SHA1HMAC; BEGIN INITIAL; return(ALG_AUTH); }
+ YY_BREAK
+ case 29:
+ YY_RULE_SETUP
+-#line 177 "token.l"
++#line 178 "token.l"
+ { yylval.num = SADB_X_AALG_MD5; BEGIN INITIAL; return(ALG_AUTH); }
+ YY_BREAK
+ case 30:
+ YY_RULE_SETUP
+-#line 178 "token.l"
++#line 179 "token.l"
+ { yylval.num = SADB_X_AALG_SHA; BEGIN INITIAL; return(ALG_AUTH); }
+ YY_BREAK
+ case 31:
+ YY_RULE_SETUP
+-#line 179 "token.l"
++#line 180 "token.l"
+ { yylval.num = SADB_X_AALG_SHA2_256; BEGIN INITIAL; return(ALG_AUTH); }
+ YY_BREAK
+ case 32:
+ YY_RULE_SETUP
+-#line 180 "token.l"
++#line 181 "token.l"
+ { yylval.num = SADB_X_AALG_SHA2_256; BEGIN INITIAL; return(ALG_AUTH); }
+ YY_BREAK
+ case 33:
+ YY_RULE_SETUP
+-#line 181 "token.l"
++#line 182 "token.l"
+ { yylval.num = SADB_X_AALG_SHA2_384; BEGIN INITIAL; return(ALG_AUTH); }
+ YY_BREAK
+ case 34:
+ YY_RULE_SETUP
+-#line 182 "token.l"
++#line 183 "token.l"
+ { yylval.num = SADB_X_AALG_SHA2_384; BEGIN INITIAL; return(ALG_AUTH); }
+ YY_BREAK
+ case 35:
+ YY_RULE_SETUP
+-#line 183 "token.l"
++#line 184 "token.l"
+ { yylval.num = SADB_X_AALG_SHA2_512; BEGIN INITIAL; return(ALG_AUTH); }
+ YY_BREAK
+ case 36:
+ YY_RULE_SETUP
+-#line 184 "token.l"
++#line 185 "token.l"
+ { yylval.num = SADB_X_AALG_SHA2_512; BEGIN INITIAL; return(ALG_AUTH); }
+ YY_BREAK
+ case 37:
+ YY_RULE_SETUP
+-#line 185 "token.l"
++#line 186 "token.l"
+ { yylval.num = SADB_X_AALG_RIPEMD160HMAC; BEGIN INITIAL; return(ALG_AUTH); }
+ YY_BREAK
+ case 38:
+ YY_RULE_SETUP
+-#line 186 "token.l"
++#line 187 "token.l"
+ { yylval.num = SADB_X_AALG_AES_XCBC_MAC; BEGIN INITIAL; return(ALG_AUTH); }
+ YY_BREAK
+ case 39:
+ YY_RULE_SETUP
+-#line 187 "token.l"
++#line 188 "token.l"
+ {
+ #ifdef SADB_X_AALG_TCP_MD5
+ yylval.num = SADB_X_AALG_TCP_MD5;
+@@ -1552,63 +1575,63 @@ YY_RULE_SETUP
+ YY_BREAK
+ case 40:
+ YY_RULE_SETUP
+-#line 194 "token.l"
++#line 195 "token.l"
+ { yylval.num = SADB_X_AALG_NULL; BEGIN INITIAL; return(ALG_AUTH_NOKEY); }
+ YY_BREAK
+ /* encryption alogorithm */
+ case 41:
+ YY_RULE_SETUP
+-#line 197 "token.l"
++#line 198 "token.l"
+ { BEGIN S_ENCALG; return(F_ENC); }
+ YY_BREAK
+ case 42:
+ YY_RULE_SETUP
+-#line 198 "token.l"
++#line 199 "token.l"
+ { yylval.num = SADB_EALG_DESCBC; BEGIN INITIAL; return(ALG_ENC); }
+ YY_BREAK
+ case 43:
+ YY_RULE_SETUP
+-#line 199 "token.l"
++#line 200 "token.l"
+ { yylval.num = SADB_EALG_3DESCBC; BEGIN INITIAL; return(ALG_ENC); }
+ YY_BREAK
+ case 44:
+ YY_RULE_SETUP
+-#line 200 "token.l"
++#line 201 "token.l"
+ { yylval.num = SADB_EALG_NULL; BEGIN INITIAL; return(ALG_ENC_NOKEY); }
+ YY_BREAK
+ case 45:
+ YY_RULE_SETUP
+-#line 201 "token.l"
++#line 202 "token.l"
+ { yylval.num = SADB_EALG_NULL; BEGIN INITIAL; return(ALG_ENC_OLD); }
+ YY_BREAK
+ case 46:
+ YY_RULE_SETUP
+-#line 202 "token.l"
++#line 203 "token.l"
+ { yylval.num = SADB_X_EALG_BLOWFISHCBC; BEGIN INITIAL; return(ALG_ENC); }
+ YY_BREAK
+ case 47:
+ YY_RULE_SETUP
+-#line 203 "token.l"
++#line 204 "token.l"
+ { yylval.num = SADB_X_EALG_CAST128CBC; BEGIN INITIAL; return(ALG_ENC); }
+ YY_BREAK
+ case 48:
+ YY_RULE_SETUP
+-#line 204 "token.l"
++#line 205 "token.l"
+ { yylval.num = SADB_EALG_DESCBC; BEGIN INITIAL; return(ALG_ENC_DESDERIV); }
+ YY_BREAK
+ case 49:
+ YY_RULE_SETUP
+-#line 205 "token.l"
++#line 206 "token.l"
+ { yylval.num = SADB_EALG_DESCBC; BEGIN INITIAL; return(ALG_ENC_DES32IV); }
+ YY_BREAK
+ case 50:
+ YY_RULE_SETUP
+-#line 206 "token.l"
++#line 207 "token.l"
+ { yylval.num = SADB_X_EALG_TWOFISHCBC; BEGIN INITIAL; return(ALG_ENC); }
+ YY_BREAK
+ case 51:
+ YY_RULE_SETUP
+-#line 207 "token.l"
++#line 208 "token.l"
+ {
+ #ifdef SADB_X_EALG_AESCBC
+ yylval.num = SADB_X_EALG_AESCBC; BEGIN INITIAL; return(ALG_ENC);
+@@ -1617,7 +1640,7 @@ YY_RULE_SETUP
+ YY_BREAK
+ case 52:
+ YY_RULE_SETUP
+-#line 212 "token.l"
++#line 213 "token.l"
+ {
+ #ifdef SADB_X_EALG_AESCBC
+ yylval.num = SADB_X_EALG_AESCBC; BEGIN INITIAL; return(ALG_ENC);
+@@ -1626,12 +1649,12 @@ YY_RULE_SETUP
+ YY_BREAK
+ case 53:
+ YY_RULE_SETUP
+-#line 217 "token.l"
++#line 218 "token.l"
+ { yylval.num = SADB_X_EALG_AESCTR; BEGIN INITIAL; return(ALG_ENC); }
+ YY_BREAK
+ case 54:
+ YY_RULE_SETUP
+-#line 218 "token.l"
++#line 219 "token.l"
+ {
+ #ifdef SADB_X_EALG_CAMELLIACBC
+ yylval.num = SADB_X_EALG_CAMELLIACBC; BEGIN INITIAL; return(ALG_ENC);
+@@ -1641,152 +1664,152 @@ YY_RULE_SETUP
+ /* compression algorithms */
+ case 55:
+ YY_RULE_SETUP
+-#line 225 "token.l"
++#line 226 "token.l"
+ { return(F_COMP); }
+ YY_BREAK
+ case 56:
+ YY_RULE_SETUP
+-#line 226 "token.l"
++#line 227 "token.l"
+ { yylval.num = SADB_X_CALG_OUI; return(ALG_COMP); }
+ YY_BREAK
+ case 57:
+ YY_RULE_SETUP
+-#line 227 "token.l"
++#line 228 "token.l"
+ { yylval.num = SADB_X_CALG_DEFLATE; return(ALG_COMP); }
+ YY_BREAK
+ case 58:
+ YY_RULE_SETUP
+-#line 228 "token.l"
++#line 229 "token.l"
+ { yylval.num = SADB_X_CALG_LZS; return(ALG_COMP); }
+ YY_BREAK
+ case 59:
+ YY_RULE_SETUP
+-#line 229 "token.l"
++#line 230 "token.l"
+ { return(F_RAWCPI); }
+ YY_BREAK
+ /* extension */
+ case 60:
+ YY_RULE_SETUP
+-#line 232 "token.l"
++#line 233 "token.l"
+ { return(F_MODE); }
+ YY_BREAK
+ case 61:
+ YY_RULE_SETUP
+-#line 233 "token.l"
++#line 234 "token.l"
+ { yylval.num = IPSEC_MODE_TRANSPORT; return(MODE); }
+ YY_BREAK
+ case 62:
+ YY_RULE_SETUP
+-#line 234 "token.l"
++#line 235 "token.l"
+ { yylval.num = IPSEC_MODE_TUNNEL; return(MODE); }
+ YY_BREAK
+ case 63:
+ YY_RULE_SETUP
+-#line 235 "token.l"
++#line 236 "token.l"
+ { return(F_REQID); }
+ YY_BREAK
+ case 64:
+ YY_RULE_SETUP
+-#line 236 "token.l"
++#line 237 "token.l"
+ { return(F_EXT); }
+ YY_BREAK
+ case 65:
+ YY_RULE_SETUP
+-#line 237 "token.l"
++#line 238 "token.l"
+ { yylval.num = SADB_X_EXT_PRAND; return(EXTENSION); }
+ YY_BREAK
+ case 66:
+ YY_RULE_SETUP
+-#line 238 "token.l"
++#line 239 "token.l"
+ { yylval.num = SADB_X_EXT_PSEQ; return(EXTENSION); }
+ YY_BREAK
+ case 67:
+ YY_RULE_SETUP
+-#line 239 "token.l"
++#line 240 "token.l"
+ { yylval.num = SADB_X_EXT_PZERO; return(EXTENSION); }
+ YY_BREAK
+ case 68:
+ YY_RULE_SETUP
+-#line 240 "token.l"
++#line 241 "token.l"
+ { return(NOCYCLICSEQ); }
+ YY_BREAK
+ case 69:
+ YY_RULE_SETUP
+-#line 241 "token.l"
++#line 242 "token.l"
+ { return(F_REPLAY); }
+ YY_BREAK
+ case 70:
+ YY_RULE_SETUP
+-#line 242 "token.l"
++#line 243 "token.l"
+ { return(F_LIFETIME_HARD); }
+ YY_BREAK
+ case 71:
+ YY_RULE_SETUP
+-#line 243 "token.l"
++#line 244 "token.l"
+ { return(F_LIFETIME_SOFT); }
+ YY_BREAK
+ case 72:
+ YY_RULE_SETUP
+-#line 244 "token.l"
++#line 245 "token.l"
+ { return(F_LIFEBYTE_HARD); }
+ YY_BREAK
+ case 73:
+ YY_RULE_SETUP
+-#line 245 "token.l"
++#line 246 "token.l"
+ { return(F_LIFEBYTE_SOFT); }
+ YY_BREAK
+ case 74:
+ YY_RULE_SETUP
+-#line 246 "token.l"
++#line 247 "token.l"
+ { return(SECURITY_CTX); }
+ YY_BREAK
+ /* ... */
+ case 75:
+ YY_RULE_SETUP
+-#line 249 "token.l"
++#line 250 "token.l"
+ { return(ANY); }
+ YY_BREAK
+ case 76:
+ YY_RULE_SETUP
+-#line 250 "token.l"
++#line 251 "token.l"
+ { }
+ YY_BREAK
+ case 77:
+ /* rule 77 can match eol */
+ YY_RULE_SETUP
+-#line 251 "token.l"
++#line 252 "token.l"
+ { lineno++; }
+ YY_BREAK
+ case 78:
+ YY_RULE_SETUP
+-#line 252 "token.l"
++#line 253 "token.l"
+
+ YY_BREAK
+ case 79:
+ YY_RULE_SETUP
+-#line 253 "token.l"
++#line 254 "token.l"
+ { return(EOT); }
+ YY_BREAK
+ /* for address parameters: /prefix, [port] */
+ case 80:
+ YY_RULE_SETUP
+-#line 256 "token.l"
++#line 257 "token.l"
+ { return SLASH; }
+ YY_BREAK
+ case 81:
+ YY_RULE_SETUP
+-#line 257 "token.l"
++#line 258 "token.l"
+ { return BLCL; }
+ YY_BREAK
+ case 82:
+ YY_RULE_SETUP
+-#line 258 "token.l"
++#line 259 "token.l"
+ { return ELCL; }
+ YY_BREAK
+ /* parameter */
+ case 83:
+ YY_RULE_SETUP
+-#line 261 "token.l"
++#line 262 "token.l"
+ {
+ char *bp;
+
+@@ -1796,7 +1819,7 @@ YY_RULE_SETUP
+ YY_BREAK
+ case 84:
+ YY_RULE_SETUP
+-#line 268 "token.l"
++#line 269 "token.l"
+ {
+ yylval.val.buf = strdup(yytext + 2);
+ if (!yylval.val.buf)
+@@ -1809,7 +1832,7 @@ YY_RULE_SETUP
+ case 85:
+ /* rule 85 can match eol */
+ YY_RULE_SETUP
+-#line 277 "token.l"
++#line 278 "token.l"
+ {
+ char *p = yytext;
+ while (*++p != '"') ;
+@@ -1825,7 +1848,7 @@ YY_RULE_SETUP
+ YY_BREAK
+ case 86:
+ YY_RULE_SETUP
+-#line 290 "token.l"
++#line 291 "token.l"
+ {
+ yylval.val.len = yyleng;
+ yylval.val.buf = strdup(yytext);
+@@ -1836,7 +1859,7 @@ YY_RULE_SETUP
+ YY_BREAK
+ case 87:
+ YY_RULE_SETUP
+-#line 298 "token.l"
++#line 299 "token.l"
+ {
+ yylval.val.len = yyleng;
+ yylval.val.buf = strdup(yytext);
+@@ -1847,7 +1870,7 @@ YY_RULE_SETUP
+ YY_BREAK
+ case 88:
+ YY_RULE_SETUP
+-#line 306 "token.l"
++#line 307 "token.l"
+ {
+ yyfatal("Syntax error");
+ /*NOTREACHED*/
+@@ -1855,10 +1878,10 @@ YY_RULE_SETUP
+ YY_BREAK
+ case 89:
+ YY_RULE_SETUP
+-#line 311 "token.l"
++#line 312 "token.l"
+ ECHO;
+ YY_BREAK
+-#line 1862 "token.c"
++#line 1885 "token.c"
+ case YY_STATE_EOF(INITIAL):
+ case YY_STATE_EOF(S_PL):
+ case YY_STATE_EOF(S_AUTHALG):
+@@ -2411,9 +2434,19 @@ static void yy_load_buffer_state (void)
+ yyfree((void *) b );
+ }
+
+-#ifndef __cplusplus
++#ifndef _UNISTD_H /* assume unistd.h has isatty() for us */
++#ifdef __cplusplus
++extern "C" {
++#endif
++#ifdef __THROW /* this is a gnuism */
++extern int isatty (int ) __THROW;
++#else
+ extern int isatty (int );
+-#endif /* __cplusplus */
++#endif
++#ifdef __cplusplus
++}
++#endif
++#endif
+
+ /* Initializes or reinitializes a buffer.
+ * This function is sometimes called more than once on the same buffer,
+@@ -2859,7 +2892,7 @@ void yyfree (void * ptr )
+
+ #define YYTABLES_NAME "yytables"
+
+-#line 311 "token.l"
++#line 312 "token.l"
+
+
+
diff --git a/package/ipsec-tools/patches/patch-src_setkey_token_l b/package/ipsec-tools/patches/patch-src_setkey_token_l
new file mode 100644
index 000000000..e0697835c
--- /dev/null
+++ b/package/ipsec-tools/patches/patch-src_setkey_token_l
@@ -0,0 +1,11 @@
+$Id: update-patches 24 2008-08-31 14:56:13Z wbx $
+--- ipsec-tools-0.7.2.orig/src/setkey/token.l 2007-08-01 13:52:23.000000000 +0200
++++ ipsec-tools-0.7.2/src/setkey/token.l 2009-05-29 15:25:54.760377400 +0200
+@@ -86,6 +86,7 @@
+ #if defined(SADB_X_EALG_AES) && ! defined(SADB_X_EALG_AESCBC)
+ #define SADB_X_EALG_AESCBC SADB_X_EALG_AES
+ #endif
++int yywrap(void) { return 1; }
+ %}
+
+ /* common section */
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-27 13:30:58 +0000