|
|
//////////////////////////////////////////////////////////////////////////////
// Module : parser.h
//
// Purpose : Parse the strings and gives concerned o/p to the
// related context for IPSec Implementation.
//
// Developers Name : N.Surendra Sai / Vunnam Kondal Rao
//
// History :
//
// Date Author Comments
//
//////////////////////////////////////////////////////////////////////////////
#ifndef _PARSER_H_
#define _PARSER_H_
#include "nshipsec.h"
//
// All Limits
//
const DWORD POTF_DEFAULT_P2REKEY_TIME = 0;const DWORD POTF_DEFAULT_P2REKEY_BYTES = 0;const DWORD POTF_DEF_P1SOFT_TIME = 480*60; // seconds
const DWORD POTF_DEFAULT_P1REKEY_TIME = 480*60;const DWORD POTF_DEFAULT_P1REKEY_QMS = 0;const time_t P2STORE_DEFAULT_POLLINT = 60 * 180;
#define MAX_MM_AUTH_INFO 40
#define P1_Min_LIFE_MIN 1 // in minutes
#define P1_Min_LIFE_MAX 71582788 // in minutes
#define P1_Kb_LIFE_MIN 20480 // in KB
#define P1_Kb_LIFE_MAX 2147438647 // in KB
#define P2_Sec_LIFE_MIN 300 // 300 in seconds
#define P2_Sec_LIFE_MAX 2147438647 // 172800 in seconds
#define P2_Kb_LIFE_MIN 20480 // 20480 in KB
#define P2_Kb_LIFE_MAX 2147438647 // in KB
#define POLLING_Min_MIN 0 // in min
#define POLLING_Min_MAX 43200 // in min
#define QMPERMM_MIN 0 // no. of sessions
#define QMPERMM_MAX 2147483647 // no. of sessions
#define MAX_PORT 65536
#define MAX_EXEMPTION_ENTRIES 1024
#define RETURN_NO_ERROR 9999
#define PARSE_ERROR 0xFFFFFFFF
#define TYPE_STRING 0
#define TYPE_BOOL 1
#define TYPE_DWORD 2
#define TYPE_ALL 3
#define TYPE_IP 4
#define TYPE_CONNTYPE 5
#define TYPE_PROTOCOL 6
#define TYPE_PFSGROUP 7
#define TYPE_VERBOSE 8
#define TYPE_BOUND 9
#define TYPE_TUNNEL 10
#define TYPE_ACTION 11
#define TYPE_RELEASE 12
#define TYPE_PROPERTY 13
#define TYPE_MASK 14
#define TYPE_QM_OFFER 15
#define TYPE_MM_OFFER 16
#define TYPE_FORMAT 17
#define TYPE_MODE 18
#define TYPE_DNSIP 19
#define TYPE_EXPORT 20
#define TYPE_PORT 21
#define TYPE_FILTER 22
#define TYPE_STATS 23
#define TYPE_ENLOGGING 24
#define TYPE_USERINPUT 25
#define TYPE_LOCATION 26
#define TYPE_KERBAUTH 27
#define TYPE_PSKAUTH 28
#define TYPE_ROOTCA 29
#define ARG_YES 1
#define ARG_NO 2
#define GROUP_CMD 1
#define PRI_CMD 2
#define SEC_CMD 3
#define PFSGROUP_TYPE_NOPFS 0
#define PFSGROUP_TYPE_P1 1
#define PFSGROUP_TYPE_P2 2
#define PFSGROUP_TYPE_2048 3
#define PFSGROUP_TYPE_MM 4
#define STR_MAX 1024
#define ADD_CMD 0
#define SET_CMD 1
#define MAX_ARGS 100
#define MAX_ARGS_LIMIT (MAX_ARGS-2) // Used in dwUsed++ checking
#define MAX_STR_LEN STR_MAX
#define IF_TYPE_ANY _TEXT("ANY")
#define IF_TYPE_ICMP _TEXT("ICMP")
#define IF_TYPE_TCP _TEXT("TCP")
#define IF_TYPE_UDP _TEXT("UDP")
#define IF_TYPE_RAW _TEXT("RAW")
#define PROPERTY_TYPE_ENABLEDIGNO _TEXT("ipsecdiagnostics")
#define PROPERTY_TYPE_IKELOG _TEXT("ikelogging")
#define PROPERTY_TYPE_CRLCHK _TEXT("strongcrlcheck")
#define PROPERTY_TYPE_LOGINTER _TEXT("ipsecloginterval")
#define PROPERTY_TYPE_EXEMPT _TEXT("ipsecexempt")
#define PROPERTY_TYPE_BOOTMODE _TEXT("bootmode")
#define PROPERTY_TYPE_BOOTEXEMP _TEXT("bootexemptions")
#define VALUE_TYPE_STATEFUL _TEXT("stateful")
#define VALUE_TYPE_BLOCK _TEXT("block")
#define VALUE_TYPE_PERMIT _TEXT("permit")
#define TOKEN_STR_INBOUND _TEXT("inbound")
#define TOKEN_STR_OUTBOUND _TEXT("outbound")
#define TOKEN_STR_NONE _TEXT("none")
#define ARG_TOKEN_STR_VERBOSE _TEXT("VERBOSE")
#define ARG_TOKEN_STR_NORMAL _TEXT("NORMAL")
#define TYPE_STR_LIST _TEXT("LIST")
#define TYPE_STR_TABLE _TEXT("TABLE")
#define TYPE_STR_TUNNEL _TEXT("TUNNEL")
#define TYPE_STR_TRANSPORT _TEXT("TRANSPORT")
#define PFS_TYPE_NOPFS _TEXT("NOPFS")
#define PFS_TYPE_P1 _TEXT("GRP1")
#define PFS_TYPE_P2 _TEXT("GRP2")
#define PFS_TYPE_P3 _TEXT("GRP3")
#define PFS_TYPE_MM _TEXT("GRPMM")
#define IF_TYPE_ALL _TEXT("ALL")
#define IF_TYPE_LAN _TEXT("LAN")
#define IF_TYPE_DIALUP _TEXT("DIALUP")
#define IF_TYPE_MAX _TEXT("MAX")
#define LOC_TYPE_PERSISTENT _TEXT("PERSISTENT")
#define LOC_TYPE_LOCAL _TEXT("LOCAL")
#define LOC_TYPE_DOMAIN _TEXT("DOMAIN")
#define EXPORT_IPSEC _TEXT(".ipsec")
#define TOKEN_LOCAL _TEXT("local")
#define DEFAULT_STR _TEXT("default")
//
// Token names starts here
//
#define CMD_TOKEN_STR_NAME _TEXT("name")
#define CMD_TOKEN_STR_DESCR _TEXT("description")
#define CMD_TOKEN_STR_MMPFS _TEXT("mmpfs")
#define CMD_TOKEN_STR_DEFAULTRULE _TEXT("defaultrule")
#define CMD_TOKEN_STR_PI _TEXT("pollinginterval")
#define CMD_TOKEN_STR_ASSIGN _TEXT("assign")
#define CMD_TOKEN_STR_FILTERLIST _TEXT("filterlist")
#define CMD_TOKEN_STR_NEWNAME _TEXT("newname")
#define CMD_TOKEN_STR_MMSECMETHODS _TEXT("mmsecmethods")
#define CMD_TOKEN_STR_SRCADDR _TEXT("srcaddr/srcdns")
#define CMD_TOKEN_STR_DSTADDR _TEXT("dstaddr/dstdns")
#define CMD_TOKEN_STR_PROTO _TEXT("protocol")
#define CMD_TOKEN_STR_QMSECMETHODS _TEXT("qmsecmethods")
#define CMD_TOKEN_STR_QMPFS _TEXT("qmpfs")
#define CMD_TOKEN_STR_INPASS _TEXT("inpass")
#define CMD_TOKEN_STR_SOFT _TEXT("soft")
#define CMD_TOKEN_STR_POLICY _TEXT("policy")
#define CMD_TOKEN_STR_TUNNEL _TEXT("tunnelIP/tunnelDNS")
#define CMD_TOKEN_STR_CONNTYPE _TEXT("conntype")
#define CMD_TOKEN_STR_ACTIVATE _TEXT("activate")
#define CMD_TOKEN_STR_KERB _TEXT("kerberos")
#define CMD_TOKEN_STR_PSK _TEXT("psk")
#define CMD_TOKEN_STR_ROOTCA _TEXT("rootca")
#define CMD_TOKEN_STR_MACHINE _TEXT("machine")
#define CMD_TOKEN_STR_LOCATION _TEXT("location")
#define CMD_TOKEN_STR_DS _TEXT("domain")
#define CMD_TOKEN_STR_FILE _TEXT("file")
#define CMD_TOKEN_STR_RULE _TEXT("rule")
#define CMD_TOKEN_STR_VERBOSE _TEXT("level")
#define CMD_TOKEN_STR_ID _TEXT("id")
#define CMD_TOKEN_STR_FILTERACTION _TEXT("filteraction")
#define CMD_TOKEN_STR_QMPERMM _TEXT("qmpermm")
#define CMD_TOKEN_STR_ALL _TEXT("all")
#define CMD_TOKEN_STR_SRCMASK _TEXT("srcmask")
#define CMD_TOKEN_STR_DSTMASK _TEXT("dstmask")
#define CMD_TOKEN_STR_MIRROR _TEXT("mirrored")
#define CMD_TOKEN_STR_SRCPORT _TEXT("srcport")
#define CMD_TOKEN_STR_DSTPORT _TEXT("dstport")
#define CMD_TOKEN_STR_ACTIVATEDEFRULE _TEXT("activatedefaultrule")
#define CMD_TOKEN_STR_GPONAME _TEXT("gponame")
#define CMD_TOKEN_STR_DEFRESPONSE _TEXT("defaultresponse")
#define CMD_TOKEN_STR_SOFTSAEXPTIME _TEXT("softsaexpirationtime")
#define CMD_TOKEN_STR_OUTBOUND _TEXT("actionoutbound")
#define CMD_TOKEN_STR_INBOUND _TEXT("actioninbound")
#define CMD_TOKEN_STR_MMFILTER _TEXT("mmfilter")
#define CMD_TOKEN_STR_LOGLEVEL _TEXT("loglevel")
#define CMD_TOKEN_STR_EXEMPT _TEXT("exempt")
#define CMD_TOKEN_STR_INTERVAL _TEXT("interval")
#define CMD_TOKEN_STR_LOG _TEXT("log")
#define CMD_TOKEN_STR_LOCAL _TEXT("local")
#define CMD_TOKEN_STR_CRL _TEXT("crl")
#define CMD_TOKEN_STR_MODE _TEXT("mode")
#define CMD_TOKEN_STR_PFSGROUP _TEXT("pfsgroup")
#define CMD_TOKEN_STR_TUNNELDST _TEXT("tunneldstaddress")
#define CMD_TOKEN_STR_NEGOTIATION _TEXT("qmsecmethods")
#define CMD_TOKEN_STR_VALUE _TEXT("value")
#define CMD_TOKEN_STR_MMPOLICY _TEXT("mmpolicy")
#define CMD_TOKEN_STR_QMPOLICY _TEXT("qmpolicy")
#define CMD_TOKEN_STR_FORMAT _TEXT("format")
#define CMD_TOKEN_STR_TYPE _TEXT("type")
#define CMD_TOKEN_STR_MMLIFETIME _TEXT("mmlifetime")
#define CMD_TOKEN_STR_GUID _TEXT("guid")
#define CMD_TOKEN_STR_ACTION _TEXT("action")
#define CMD_TOKEN_STR_RELEASE _TEXT("release")
#define CMD_TOKEN_STR_PROPERTY _TEXT("property")
#define CMD_TOKEN_STR_RESDNS _TEXT("resolvedns")
#define CMD_TOKEN_STR_WIDE _TEXT("wide")
#define CMD_TOKEN_STR_CERTTOMAP _TEXT("certmapping")
#define CMD_TOKEN_STR_FAILMMIFEXISTS _TEXT("forcemmfilter")
#define CMD_TOKEN_STR_ENABLE _TEXT("enable")
#define CMD_TOKEN_STR_USERINPUT _TEXT("userinput")
#define TOKEN_FIELD_DELIMITER _TEXT(":")
#define TOKEN_TUPLE_DELIMITER _TEXT(" \t")
#define CMD_TOKEN_NAME 1
#define CMD_TOKEN_DESCR 2
#define CMD_TOKEN_MMPFS 3
#define CMD_TOKEN_RESDNS 4
#define CMD_TOKEN_WIDE 5
#define CMD_TOKEN_PI 6
#define CMD_TOKEN_QMPERMM 7
#define CMD_TOKEN_ASSIGN 8
#define CMD_TOKEN_FILTERLIST 9
#define CMD_TOKEN_MMSECMETHODS 10
#define CMD_TOKEN_SRCADDR 11
#define CMD_TOKEN_DSTADDR 12
#define CMD_TOKEN_PROTO 13
#define CMD_TOKEN_QMSECMETHODS 14
#define CMD_TOKEN_QMPFS 15
#define CMD_TOKEN_INPASS 16
#define CMD_TOKEN_SOFT 17
#define CMD_TOKEN_POLICY 18
#define CMD_TOKEN_TUNNEL 19
#define CMD_TOKEN_CONNTYPE 20
#define CMD_TOKEN_ACTIVATE 21
#define CMD_TOKEN_AUTHMETHODS 22
#define CMD_TOKEN_LOCATION 23
#define CMD_TOKEN_DS 24
#define CMD_TOKEN_FILE 25
#define CMD_TOKEN_RULE 26
#define CMD_TOKEN_VERBOSE 27
#define CMD_TOKEN_ID 28
#define CMD_TOKEN_FILTERACTION 29
#define CMD_TOKEN_NEWNAME 30
#define CMD_TOKEN_ALL 31
#define CMD_TOKEN_SRCMASK 32
#define CMD_TOKEN_DSTMASK 33
#define CMD_TOKEN_MIRROR 34
#define CMD_TOKEN_SRCPORT 35
#define CMD_TOKEN_DSTPORT 36
#define CMD_TOKEN_KBLIFETIME 37
#define CMD_TOKEN_ACTIVATEDEFRULE 38
#define CMD_TOKEN_GPONAME 39
#define CMD_TOKEN_DEFRESPONSE 40
#define CMD_TOKEN_SOFTSAEXPTIME 41
#define CMD_TOKEN_INBOUND 42
#define CMD_TOKEN_OUTBOUND 43
#define CMD_TOKEN_MMFILTER 44
#define CMD_TOKEN_LOGLEVEL 45
#define CMD_TOKEN_EXEMPT 46
#define CMD_TOKEN_INTERVAL 47
#define CMD_TOKEN_LOG 48
#define CMD_TOKEN_LOCAL 49
#define CMD_TOKEN_CRL 50
#define CMD_TOKEN_MODE 51
#define CMD_TOKEN_PFSGROUP 52
#define CMD_TOKEN_TUNNELDST 54
#define CMD_TOKEN_NEGOTIATION 55
#define CMD_TOKEN_VALUE 56
#define CMD_TOKEN_MMPOLICY 57
#define CMD_TOKEN_QMPOLICY 58
#define CMD_TOKEN_FORMAT 59
#define CMD_TOKEN_TYPE 60
#define CMD_TOKEN_MMLIFETIME 61
#define CMD_TOKEN_GUID 62
#define CMD_TOKEN_ACTION 63
#define CMD_TOKEN_RELEASE 64
#define CMD_TOKEN_PROPERTY 65
#define CMD_TOKEN_CERTTOMAP 66
#define CMD_TOKEN_FAILMMIFEXISTS 67
#define CMD_TOKEN_ENABLE 68
#define CMD_TOKEN_USERINPUT 69
#define CMD_TOKEN_KERB 70
#define CMD_TOKEN_PSK 71
#define CMD_TOKEN_ROOTCA 72
#define SIZEOF_TOKEN_VALUE(_x) ( sizeof(_x) / sizeof(TOKEN_VALUE) )
#define SIZEOF_TAG_TYPE(_x) ( sizeof(_x) / sizeof(TAG_TYPE) )
#define SIZEOF_TAG_NEEDED(_x) ( sizeof(_x) / sizeof(TAG_NEEDED) )
#define CONTEXT_NULL 0
#define CONTEXT_IPSEC 1
#define VALID_TOKEN 0xFFFFFFFF
#define INVALID_TOKEN 0
#define GROUP_NULL 0
#define GROUP_STATIC 1
#define GROUP_DYNAMIC 2
#define PRI_NULL 0
#define PRI_ADD 1
#define PRI_SET 2
#define PRI_DELETE 3
#define PRI_SHOW 4
#define PRI_EXPORTPOLICY 5
#define PRI_IMPORTPOLICY 6
#define PRI_RESTOREDEFAULTS 7
#define PRI_CHECKINTEGRITY 8
#define SEC_NULL 0
#define SEC_POLICY 1
#define SEC_FILTER 2
#define SEC_FILTERLIST 3
#define SEC_FILTERACTION 4
#define SEC_RULE 5
#define SEC_ALL 6
#define SEC_STORE 7
#define SEC_DEFAULTRULE 8
#define SEC_ASSIGNEDPOLICY 9
#define SEC_INTERACTIVE 10
#define SEC_MMPOLICY 11
#define SEC_MMFILTER 12
#define SEC_QMPOLICY 13
#define SEC_QMFILTER 14
#define SEC_STATS 15
#define SEC_MMSAS 16
#define SEC_QMSAS 17
#define SEC_CONFIG 18
#define SEC_BATCH 19
#define SEC_EXTENDLOG 20
#define CON_IPSEC_STR _TEXT("ipsec")
#define GROUP_STATIC_STR _TEXT("static")
#define GROUP_DYNAMIC_STR _TEXT("dynamic")
#define PRI_ADD_STR _TEXT("add")
#define PRI_SET_STR _TEXT("set")
#define PRI_DELETE_STR _TEXT("delete")
#define PRI_SHOW_STR _TEXT("show")
#define PRI_EXPORTPOLICY_STR _TEXT("exportpolicy")
#define PRI_IMPORTPOLICY_STR _TEXT("importpolicy")
#define PRI_RESTOREDEFAULTS_STR _TEXT("restorepolicyexamples")
#define SEC_POLICY_STR _TEXT("policy")
#define SEC_ASSIGNEDPOLICY_STR _TEXT("gpoassignedpolicy")
#define SEC_FILTERLIST_STR _TEXT("filterlist")
#define SEC_FILTER_STR _TEXT("filter")
#define SEC_FILTERACTION_STR _TEXT("filteraction")
#define SEC_RULE_STR _TEXT("rule")
#define SEC_ALL_STR _TEXT("all")
#define SEC_STORE_STR _TEXT("store")
#define SEC_DEFAULTRULE_STR _TEXT("defaultrule")
#define SEC_INTERACTIVE_STR _TEXT("interactive")
#define SEC_BATCH_STR _TEXT("batch")
#define SEC_MMPOLICY_STR _TEXT("mmpolicy")
#define SEC_MMFILTER_STR _TEXT("mmfilter")
#define SEC_QMFILTER_STR _TEXT("qmfilter")
#define SEC_QMPOLICY_STR _TEXT("qmpolicy")
#define SEC_STATS_STR _TEXT("stats")
#define SEC_MMSAS_STR _TEXT("mmsas")
#define SEC_QMSAS_STR _TEXT("qmsas")
#define SEC_CONFIG_STR _TEXT("config")
#define DEFAULT_MMSECMETHODS _TEXT("3DES-SHA1-2 3DES-MD5-2 3DES-SHA1-3")
#define DEFAULT_AUTHMETHODS _TEXT("")
#define DEFAULT_QMSECMETHODS _TEXT("ESP[3DES,SHA1] ESP[3DES,MD5]")
#define C_BASE 10000 // Context Base
#define G_BASE 1000 // Group Base
#define P_BASE 100 // Primary Command Base
#define S_BASE 1 // Secondary Command Base
#define INDEX(_g,_p,_s) (C_BASE+_g*G_BASE+_p*P_BASE+_s*S_BASE)
#define STATIC_EXPORTPOLICY INDEX(GROUP_STATIC,PRI_EXPORTPOLICY,SEC_NULL)
#define STATIC_IMPORTPOLICY INDEX(GROUP_STATIC,PRI_IMPORTPOLICY,SEC_NULL)
#define STATIC_RESTOREDEFAULTS INDEX(GROUP_STATIC,PRI_RESTOREDEFAULTS,SEC_NULL)
#define STATIC_ADD_POLICY INDEX(GROUP_STATIC,PRI_ADD,SEC_POLICY)
#define STATIC_ADD_FILTER INDEX(GROUP_STATIC,PRI_ADD,SEC_FILTER)
#define STATIC_ADD_FILTERLIST INDEX(GROUP_STATIC,PRI_ADD,SEC_FILTERLIST)
#define STATIC_ADD_FILTERACTION INDEX(GROUP_STATIC,PRI_ADD,SEC_FILTERACTION)
#define STATIC_ADD_RULE INDEX(GROUP_STATIC,PRI_ADD,SEC_RULE)
#define STATIC_SET_POLICY INDEX(GROUP_STATIC,PRI_SET,SEC_POLICY)
#define STATIC_SET_FILTERLIST INDEX(GROUP_STATIC,PRI_SET,SEC_FILTERLIST)
#define STATIC_SET_FILTERACTION INDEX(GROUP_STATIC,PRI_SET,SEC_FILTERACTION)
#define STATIC_SET_RULE INDEX(GROUP_STATIC,PRI_SET,SEC_RULE)
#define STATIC_SET_DEFAULTRULE INDEX(GROUP_STATIC,PRI_SET,SEC_DEFAULTRULE)
#define STATIC_SET_STORE INDEX(GROUP_STATIC,PRI_SET,SEC_STORE)
#define STATIC_SET_INTERACTIVE INDEX(GROUP_STATIC,PRI_SET,SEC_INTERACTIVE)
#define STATIC_SET_BATCH INDEX(GROUP_STATIC,PRI_SET,SEC_BATCH)
#define STATIC_DELETE_POLICY INDEX(GROUP_STATIC,PRI_DELETE,SEC_POLICY)
#define STATIC_DELETE_FILTER INDEX(GROUP_STATIC,PRI_DELETE,SEC_FILTER)
#define STATIC_DELETE_FILTERLIST INDEX(GROUP_STATIC,PRI_DELETE,SEC_FILTERLIST)
#define STATIC_DELETE_FILTERACTION INDEX(GROUP_STATIC,PRI_DELETE,SEC_FILTERACTION)
#define STATIC_DELETE_RULE INDEX(GROUP_STATIC,PRI_DELETE,SEC_RULE)
#define STATIC_DELETE_ALL INDEX(GROUP_STATIC,PRI_DELETE,SEC_ALL)
#define STATIC_SHOW_POLICY INDEX(GROUP_STATIC,PRI_SHOW,SEC_POLICY)
#define STATIC_SHOW_FILTERLIST INDEX(GROUP_STATIC,PRI_SHOW,SEC_FILTERLIST)
#define STATIC_SHOW_FILTERACTION INDEX(GROUP_STATIC,PRI_SHOW,SEC_FILTERACTION)
#define STATIC_SHOW_RULE INDEX(GROUP_STATIC,PRI_SHOW,SEC_RULE)
#define STATIC_SHOW_DEFAULTRULE INDEX(GROUP_STATIC,PRI_SHOW,SEC_DEFAULTRULE)
#define STATIC_SHOW_STORE INDEX(GROUP_STATIC,PRI_SHOW,SEC_STORE)
#define STATIC_SHOW_ALL INDEX(GROUP_STATIC,PRI_SHOW,SEC_ALL)
#define STATIC_SHOW_ASSIGNEDPOLICY INDEX(GROUP_STATIC,PRI_SHOW,SEC_ASSIGNEDPOLICY)
#define DYNAMIC_ADD_MMPOLICY INDEX(GROUP_DYNAMIC,PRI_ADD,SEC_MMPOLICY)
#define DYNAMIC_ADD_FILTERACTION INDEX(GROUP_DYNAMIC,PRI_ADD,SEC_QMPOLICY)
#define DYNAMIC_ADD_RULE INDEX(GROUP_DYNAMIC,PRI_ADD,SEC_RULE)
#define DYNAMIC_SET_MMPOLICY INDEX(GROUP_DYNAMIC,PRI_SET,SEC_MMPOLICY)
#define DYNAMIC_SET_FILTERACTION INDEX(GROUP_DYNAMIC,PRI_SET,SEC_QMPOLICY)
#define DYNAMIC_SET_RULE INDEX(GROUP_DYNAMIC,PRI_SET,SEC_RULE)
#define DYNAMIC_SET_CONFIG INDEX(GROUP_DYNAMIC,PRI_SET,SEC_CONFIG)
#define DYNAMIC_SHOW_MMPOLICY INDEX(GROUP_DYNAMIC,PRI_SHOW,SEC_MMPOLICY)
#define DYNAMIC_SHOW_MMFILTER INDEX(GROUP_DYNAMIC,PRI_SHOW,SEC_MMFILTER)
#define DYNAMIC_SHOW_FILTERACTION INDEX(GROUP_DYNAMIC,PRI_SHOW,SEC_QMPOLICY)
#define DYNAMIC_SHOW_QMFILTER INDEX(GROUP_DYNAMIC,PRI_SHOW,SEC_QMFILTER)
#define DYNAMIC_SHOW_STATS INDEX(GROUP_DYNAMIC,PRI_SHOW,SEC_STATS)
#define DYNAMIC_SHOW_MMSAS INDEX(GROUP_DYNAMIC,PRI_SHOW,SEC_MMSAS)
#define DYNAMIC_SHOW_QMSAS INDEX(GROUP_DYNAMIC,PRI_SHOW,SEC_QMSAS)
#define DYNAMIC_SHOW_ALL INDEX(GROUP_DYNAMIC,PRI_SHOW,SEC_ALL)
#define DYNAMIC_SHOW_AUTHMETHODS INDEX(GROUP_DYNAMIC,PRI_SHOW,SEC_AUTHMETHODS)
#define DYNAMIC_SHOW_RULE INDEX(GROUP_DYNAMIC,PRI_SHOW,SEC_RULE)
#define DYNAMIC_SHOW_CONFIG INDEX(GROUP_DYNAMIC,PRI_SHOW,SEC_CONFIG)
#define DYNAMIC_DELETE_MMPOLICY INDEX(GROUP_DYNAMIC,PRI_DELETE,SEC_MMPOLICY)
#define DYNAMIC_DELETE_FILTERACTION INDEX(GROUP_DYNAMIC,PRI_DELETE,SEC_QMPOLICY)
#define DYNAMIC_DELETE_RULE INDEX(GROUP_DYNAMIC,PRI_DELETE,SEC_RULE)
#define DYNAMIC_DELETE_ALL INDEX(GROUP_DYNAMIC,PRI_DELETE,SEC_ALL)
#define IPAddr unsigned long
#define DEFAULT_CERTMAP_OPTION FALSE
#define CERTMAP_STR _TEXT("certmap")
#define QMSEC_PERMIT_STR _TEXT("PERMIT")
#define QMSEC_BLOCK_STR _TEXT("BLOCK")
#define QMSEC_NEGOTIATE_STR _TEXT("NEGOTIATE")
#define FILTER_TYPE_GENERIC_STR _TEXT("GENERIC")
#define FILTER_TYPE_SPECIFIC_STR _TEXT("SPECIFIC")
#define RELEASE_DOTNET_STR _TEXT("win2003")
#define RELEASE_WIN2K_STR _TEXT("WIN2K")
#define STATS_ALL_STR _TEXT("ALL")
#define STATS_IKE_STR _TEXT("IKE")
#define STATS_IPSEC_STR _TEXT("IPSEC")
#define SERVER_WINS_STR _TEXT("WINS")
#define SERVER_DHCP_STR _TEXT("DHCP")
#define SERVER_DNS_STR _TEXT("DNS")
#define SERVER_GATEWAY_STR _TEXT("GATEWAY")
#define IP_ME_STR _TEXT("ME")
#define IP_ANY_STR _TEXT("ANY")
#define YES_STR _TEXT("yes")
#define NO_STR _TEXT("no")
#define Y_STR _TEXT("y")
#define N_STR _TEXT("n")
#define ALL_STR _TEXT("all")
#define ERRMSG_NAMEALL _TEXT("Name or ALL")
#define ERRMSG_NAMEGUID _TEXT("Name or Guid")
#define ERRMSG_NAMERULEALL _TEXT("Name or Rule or ALL")
#define ERRMSG_NAMEIDALL _TEXT("Name or Id or ALL")
#define ERRMSG_NAMEID _TEXT("Name or ID")
#define ERRMSG_NAME _TEXT("Name")
#define ERRMSG_ALLSRCDSTADDR _TEXT("All or Srcaddr or Dstaddr")
#define ERRMSG_GETLASTERROR _TEXT("Parser PreprocessCommand() error\n")
#define TOKEN_QMSEC_PERMIT 1
#define TOKEN_QMSEC_BLOCK 2
#define TOKEN_QMSEC_NEGOTIATE 3
#define TOKEN_RELEASE_DOTNET 1
#define TOKEN_RELEASE_WIN2K 2
#define FILTER_GENERIC 1
#define FILTER_SPECIFIC 2
#define TYPE_TRANSPORT_FILTER 1
#define TYPE_TUNNEL_FILTER 2
#define STATS_ALL 1
#define STATS_IKE 2
#define STATS_IPSEC 3
#define USERINPUT_YES 1
#define USERINPUT_NO 2
#define USERINPUT_DEFAULT 3
#define SERVER_WINS 1
#define SERVER_DHCP 2
#define SERVER_DNS 3
#define SERVER_GATEWAY 4
#define IP_ME 5
#define IP_ANY 6
#define NOT_SPLSERVER VALID_TOKEN
#define POTF_P1_TOKEN _TEXT('-')
#define POTF_NEGPOL_CLOSE _TEXT(']')
#define POTF_REKEY_TOKEN _TEXT('/')
#define POTF_NEGPOL_DES _TEXT("DES")
#define POTF_NEGPOL_3DES _TEXT("3DES")
#define POTF_NEGPOL_SHA1 _TEXT("SHA1")
#define POTF_NEGPOL_MD5 _TEXT("MD5")
#define POTF_NEGPOL_NONE _TEXT("NONE")
#define POTF_NEGPOL_ESP _TEXT("ESP")
#define POTF_NEGPOL_AH _TEXT("AH")
#define POTF_P1_DES _TEXT("DES")
#define POTF_P1_3DES _TEXT("3DES")
#define POTF_P1_SHA1 _TEXT("SHA1")
#define POTF_P1_MD5 _TEXT("MD5")
#define POTF_ME_TUNNEL _TEXT("0")
#define POTF_PT_TOKEN _TEXT(':')
#define POTF_MASK_TOKEN _TEXT('/')
#define POTF_OAKAUTH_PRESHARE _TEXT("psk=")
#define POTF_OAKAUTH_CERT _TEXT("rootca=")
#define POTF_OAKAUTH_KERBEROS _TEXT("kerberos")
#define POTF_NEGPOL_OPEN _TEXT('[')
#define POTF_NEGPOL_AND _TEXT('+')
#define POTF_NEGPOL_PFS _TEXT('P')
#define POTF_ESPTRANS_TOKEN _TEXT(',')
#define POTF_OAKAUTH_TOKEN _TEXT('=')
#define POTF_OAKLEY_GROUP1 DH_GROUP_1
#define POTF_OAKLEY_GROUP2 DH_GROUP_2
#define POTF_OAKLEY_GROUP2048 DH_GROUP_2048
#define OFFER_SEPARATOR _TEXT(" \t") // ForQMSEC/MMSEC
#define VALID_HEXIP _TEXT("0123456789.xXaAbBcCdDeEfF")
//
// Define the error codes
//
#define T2P_OK ((DWORD)0x0BBB0001L)
#define T2P_PASSTHRU_NOT_CLOSED ((DWORD)0xCBBB0002L)
#define T2P_DROP_NOT_CLOSED ((DWORD)0xCBBB0003L)
#define T2P_AHESP_INVALID ((DWORD)0xCBBB0004L)
#define T2P_ENCODE_FAILED ((DWORD)0xCBBB0005L)
#define T2P_NULL_STRING ((DWORD)0xCBBB0006L)
#define T2P_DNSLOOKUP_FAILED ((DWORD)0xCBBB0007L)
#define T2P_INVALID_ADDR ((DWORD)0xCBBB0008L)
#define T2P_GENERAL_PARSE_ERROR ((DWORD)0xCBBB0009L)
#define T2P_INVALID_P2REKEY_UNIT ((DWORD)0xCBBB000AL)
#define T2P_INVALID_HASH_ALG ((DWORD)0xCBBB000BL)
#define T2P_DUP_ALGS ((DWORD)0xCBBB000CL)
#define T2P_NONE_NONE ((DWORD)0xCBBB000EL)
#define T2P_INCOMPLETE_ESPALGS ((DWORD)0xCBBB000FL)
#define T2P_INVALID_IPSECPROT ((DWORD)0xCBBB0010L)
#define T2P_NO_PRESHARED_KEY ((DWORD)0xCBBB0011L)
#define T2P_INVALID_AUTH_METHOD ((DWORD)0xCBBB0012L)
#define T2P_INVALID_P1GROUP ((DWORD)0xCBBB0013L)
#define T2P_P1GROUP_MISSING ((DWORD)0xCBBB0014L)
#define T2P_INVALID_P1REKEY_UNIT ((DWORD)0xCBBB0015L)
#define T2P_P2REKEY_TOO_LOW ((DWORD)0xCBBB0016L)
#define T2P_P2_SECLIFE_INVALID ((DWORD)0xCBBB0017L)
#define T2P_P2_KBLIFE_INVALID ((DWORD)0xCBBB0018L)
#define T2P_P2_KS_INVALID ((DWORD)0xCBBB0019L)
#define T2P_INVALID_MASKADDR ((DWORD)0xCBBB001AL)
#define IP_MASK_ERROR ((DWORD)0xCBBB0020L)
#define IP_DECODE_ERROR ((DWORD)0xCBBB0021L)
#define T2P_SUCCESS(Status) ((int)Status == T2P_OK)
#define NOT_FOUND_TAG 0
#define FOUND_NON_LIST_TAG 1
#define FOUND_LIST_TAG 2
//
// ERROR #define from the Parser Context
//
#define WIN32_ERR 0 // Error Types
#define IPSEC_ERR 1 // Error Types
//
// Protocol IDs
//
const DWORD PROT_ID_ANY = 0;const DWORD PROT_ID_ICMP = 1;const DWORD PROT_ID_TCP = 6;const DWORD PROT_ID_EGP = 8;const DWORD PROT_ID_UDP = 17;const DWORD PROT_ID_HMP = 20;const DWORD PROT_ID_XNS_IDP = 22;const DWORD PROT_ID_RDP = 27;const DWORD PROT_ID_RVD = 66;const DWORD PROT_ID_RAW = 255;
const PROPERTY_ENABLEDIGNO = 1;const PROPERTY_IKELOG = 2;const PROPERTY_CRLCHK = 3;const PROPERTY_LOGINTER = 4;const PROPERTY_EXEMPT = 5;const PROPERTY_BOOTMODE = 6;const PROPERTY_BOOTEXEMP = 7;
const VALUE_STATEFUL = 3;const VALUE_BLOCK = 1;const VALUE_PERMIT = 0;
#define BOOTMODE_DEFAULT VALUE_PERMIT
#define EXEMPT_ENTRY_TYPE_DEFAULT 0x00000001;
#define EXEMPT_ENTRY_SIZE_DEFAULT 0x00000010;
typedef struct _ERROR_TO_RC{ DWORD dwErrCode; // Ipsec Error Code
DWORD dwRcCode; // Corresponding Error String ID in .RC
} ERROR_TO_RC;
typedef struct _CMD_PKT{ DWORD dwCmdToken; // ID of Info String
VOID *pArg; // Arg Pointer
DWORD dwStatus; // For Non-List Commands Status Return Code ( 0 == Ok , N = ERR Code)
// For List Commands Status Return Code ( 0 == Err, N= Num of List Args)
} CMD_PKT, *PCMD_PKT;
typedef struct _DNSIPADDR{ LPTSTR pszDomainName; DWORD dwNumIpAddresses; PULONG puIpAddr;}DNSIPADDR, *PDNSIPADDR;
typedef struct _TAG_NEEDED{ LPCWSTR lpwstrTagName; // Name of the needed TAG
DWORD dwTagFlag; // TAG_NEEDED
// TAG_GROUP1 ... TAG_GROUP#n
} TAG_NEEDED, *PTAG_NEEDED;
typedef struct _PARSER_PKT{ const TAG_TYPE *ValidCmd; const TOKEN_VALUE *ValidTok; const TOKEN_VALUE *ValidList; TAG_NEEDED *TagNeeded; CMD_PKT Cmd[MAX_ARGS]; DWORD MaxTok; DWORD MaxCmd; DWORD MaxList; DWORD MaxTag;}PARSER_PKT,*PPARSER_PKT;
//
// local structures defined to support cert mapping, since parser gives
// the same (SPD) structure for both static and dynamic contexts
//
typedef struct _STA_MM_AUTH_METHODS{ DWORD dwSequence; BOOL bCertMappingSpecified; BOOL bCertMapping; BOOL bCRPExclude; PINT_IPSEC_MM_AUTH_INFO pAuthenticationInfo; // SPD Auth structure
} STA_MM_AUTH_METHODS, * PSTA_MM_AUTH_METHODS;
typedef struct _STA_AUTH_METHODS{ GUID gMMAuthID; DWORD dwFlags; DWORD dwNumAuthInfos; //count of auth methods
PSTA_MM_AUTH_METHODS pAuthMethodInfo;} STA_AUTH_METHODS, * PSTA_AUTH_METHODS;
DWORDParser( IN LPCWSTR pwszMachine, IN LPTSTR *ppwcArguments, IN DWORD dwCurrentIndex, IN DWORD dwArgCount, IN OUT PARSER_PKT *pParser );
DWORDLoadParserOutput( OUT PARSER_PKT *pParser, IN DWORD dwCount, OUT DWORD *dwUsed, IN LPTSTR str, IN DWORD dwTagType, IN DWORD dwConversionType );
DWORDRemoveList( IN LPWSTR *ppwcArguments, IN DWORD dwArgCount, IN DWORD dwCurrentIndex, IN PARSER_PKT *pParser, IN LPTSTR pwcListCmd, IN LPTSTR szAnotherList, // Another ListCmd also present ...
OUT LPTSTR pwcListArgs, OUT LPTSTR *pptok, IN DWORD dwInputAllocLen );
DWORDRemoveRootcaAuthMethods( IN LPTSTR *ppwcArguments, // Input stream
IN DWORD dwArgCount, // Input arg count
IN DWORD dwCurrentIndex, // Input current arg index
IN PARSER_PKT *pParser, // contains the MaxTok
IN LPTSTR szAnotherList, // Another ListCmd also present ...
OUT PSTA_MM_AUTH_METHODS *paRootcaAuthMethods, // o/p stream containing the list args
OUT LPTSTR *ppwcTok, // i/p stream stripped of list cmds
OUT DWORD *pdwNumRootcaAuthMethods, IN DWORD dwInputAllocLen, OUT PDWORD pdwCount );
DWORDMatchEnumTagToTagIndex( IN LPTSTR szToken, // Input Token
IN PARSER_PKT *pParser );
DWORDCheckNeededTags( IN LPTSTR *ppwcArguments, // Input stream
IN DWORD dwArgCount, // Input arg count
IN DWORD dwCurrentIndex, // Input current arg index
IN PARSER_PKT *pParser // contains the MaxTok
);
DWORDGetIpAddress( IN LPTSTR ppwcArg, OUT DNSIPADDR *pipAddress );
BOOLSplitCmdTok( IN LPTSTR szStr, OUT LPTSTR szCmd, OUT LPTSTR szTok, IN DWORD dwCmdLen, IN DWORD dwTokLen );
DWORDTokenToIPAddr( IN LPTSTR szText, IN OUT IPAddr *pAddress, IN BOOL bTunnel, IN BOOL bMask );
DWORDCheckIFType( IN LPTSTR SzText );
DWORDCheckLocationType( IN LPTSTR SzText );
DWORDCheckProtoType( IN LPTSTR SzText, OUT PDWORD dwValue );
DWORDisdnsname( IN LPTSTR szStr );
DWORDValidateBool( IN LPTSTR ppcTok );
DWORDCheckPFSGroup( IN LPTSTR str );
DWORDCheckBound( IN LPTSTR SzText );
BOOLIsWithinLimit( IN DWORD data, IN DWORD Min, IN DWORD Max );
DWORDTokenToDNSIPAddr( IN LPTSTR szText, IN DNSIPADDR *Address, IN OUT PDWORD *pdwUsed );
VOIDInitializeGlobalPointers( VOID );
DWORDTokenToProperty( IN LPTSTR SzText );
DWORDTokenToType( IN LPTSTR SzText );
DWORDTokenToStats( IN LPTSTR SzText );
VOIDCleanUp( VOID );
VOIDDisplayAllocPtr( VOID );
VOIDPrintQMOfferError( IN DWORD dwStatus, IN PPARSER_PKT pParser, IN DWORD dwTagType );
DWORDValidateSplServer( IN LPTSTR szText );
VOIDPrintIPError( IN DWORD dwStatus, IN LPTSTR szText );
DWORDLoadLevel( IN LPTSTR szInput, OUT PARSER_PKT *pParser, IN DWORD dwTagType, IN PDWORD pdwUsed, IN DWORD dwCount );
DWORDLoadConnectionType( IN LPTSTR szInput, OUT PARSER_PKT *pParser, IN DWORD dwTagType, IN PDWORD pdwUsed, IN DWORD dwCount );
DWORDLoadLocationType( IN LPTSTR pszInput, OUT PPARSER_PKT pParser, IN DWORD dwTagType, IN PDWORD pdwUsed, IN DWORD dwCount ); DWORDLoadProtocol( IN LPTSTR szInput, OUT PARSER_PKT *pParser, IN DWORD dwTagType, IN PDWORD pdwUsed, IN DWORD dwCount );
DWORDLoadPFSGroup( IN LPTSTR szInput, OUT PARSER_PKT *pParser, IN DWORD dwTagType, IN PDWORD pdwUsed, IN DWORD dwCount );
DWORDLoadQMAction( IN LPTSTR szInput, OUT PARSER_PKT *pParser, IN DWORD dwTagType, IN PDWORD pdwUsed, IN DWORD dwCount );
DWORDLoadFormat( IN LPTSTR szInput, OUT PARSER_PKT *pParser, IN DWORD dwTagType, IN PDWORD pdwUsed, IN DWORD dwCount );
DWORDLoadFilterMode( IN LPTSTR szInput, OUT PARSER_PKT *pParser, IN DWORD dwTagType, IN PDWORD pdwUsed, IN DWORD dwCount );
DWORDLoadOSType( IN LPTSTR szInput, OUT PPARSER_PKT pParser, IN DWORD dwTagType, IN PDWORD pdwUsed, IN DWORD dwCount );
DWORDLoadProperty( IN LPTSTR szInput, OUT PPARSER_PKT pParser, IN DWORD dwTagType, IN PDWORD pdwUsed, IN DWORD dwCount );
DWORDLoadPort( IN LPTSTR szInput, OUT PPARSER_PKT pParser, IN DWORD dwTagType, IN PDWORD pdwUsed, IN DWORD dwCount );
DWORDLoadFilterType( IN LPTSTR szInput, OUT PPARSER_PKT pParser, IN DWORD dwTagType, IN PDWORD pdwUsed, IN DWORD dwCount );
DWORDLoadStats( IN LPTSTR szInput, OUT PPARSER_PKT pParser, IN DWORD dwTagType, IN PDWORD pdwUsed, IN DWORD dwCount );
DWORDLoadFilterType( IN LPTSTR szInput, OUT PPARSER_PKT pParser, IN DWORD dwTagType, IN PDWORD pdwUsed, IN DWORD dwCount );
DWORDLoadUserInput( IN LPTSTR szInput, OUT PPARSER_PKT pParser, IN DWORD dwTagType, IN PDWORD pdwUsed, IN DWORD dwCount );
DWORDLoadIPAddrTunnel( IN LPTSTR szInput, OUT PPARSER_PKT pParser, IN DWORD dwTagType, IN PDWORD pdwUsed, IN DWORD dwCount, IN BOOL bTunnel );
DWORDLoadIPMask( IN LPTSTR szInput, OUT PPARSER_PKT pParser, IN DWORD dwTagType, IN PDWORD pdwUsed, IN DWORD dwCount );
DWORDLoadQMOffers( IN LPTSTR szInput, OUT PPARSER_PKT pParser, IN DWORD dwTagType, IN PDWORD pdwUsed, IN DWORD dwCount );
DWORDLoadMMOffers( IN LPTSTR szInput, OUT PPARSER_PKT pParser, IN DWORD dwTagType, IN PDWORD pdwUsed, IN DWORD dwCount );
DWORDLoadDNSIPAddr( IN LPTSTR szInput, OUT PPARSER_PKT pParser, IN DWORD dwTagType, IN PDWORD pdwUsed, IN DWORD dwCount );
DWORDLoadParserString( IN LPTSTR szInput, OUT PPARSER_PKT pParser, IN DWORD dwTagType, IN PDWORD pdwUsed, IN DWORD dwCount, IN BOOL bAppend, IN LPTSTR szAppend );
DWORDLoadDword( IN LPTSTR szInput, OUT PPARSER_PKT pParser, IN DWORD dwTagType, IN PDWORD pdwUsed, IN DWORD dwCount );
DWORDLoadBoolWithOption( IN LPTSTR szInput, OUT PPARSER_PKT pParser, IN DWORD dwTagType, IN PDWORD pdwUsed, IN DWORD dwCount, IN BOOL bOption, IN LPTSTR szCheckKeyWord );
DWORDLoadKerbAuthInfo( IN LPTSTR pszInput, OUT PPARSER_PKT pParser, IN DWORD dwTagType, IN PDWORD pdwUsed, IN DWORD dwCount );
DWORDLoadPskAuthInfo( IN LPTSTR pszInput, OUT PPARSER_PKT pParser, IN DWORD dwTagType, IN PDWORD pdwUsed, IN DWORD dwCount );
DWORDCheckCharForOccurances( IN LPTSTR szInput, IN _TCHAR chData );
DWORDConvertStringToDword( IN LPTSTR szInput, OUT PDWORD dwValue );
#endif //_PARSER_H_
|
