scanner: ah, esp: Move to own scopes

They share 'sequence' keyword with icmp and tcp expressions.

Signed-off-by: Phil Sutter <phil@nwl.cc>

diff --git a/include/parser.h b/include/parser.h
index 82402dbc54a7067b89b3cca4b731d1be27bd2594..7283a6e0652895b209a0cd64f79434d1e3312cfe 100644 (file)
--- a/include/parser.h
+++ b/include/parser.h
@@ -45,8 +45,10 @@ enum startcond_type {
        PARSER_SC_TCP,
        PARSER_SC_VLAN,
        PARSER_SC_CMD_LIST,
+       PARSER_SC_EXPR_AH,
        PARSER_SC_EXPR_COMP,
        PARSER_SC_EXPR_DCCP,
+       PARSER_SC_EXPR_ESP,
        PARSER_SC_EXPR_FIB,
        PARSER_SC_EXPR_HASH,
        PARSER_SC_EXPR_IPSEC,

diff --git a/src/parser_bison.y b/src/parser_bison.y
index e98553bb06b81d258f907592340631bb77d324f7..aa8858fe0e831a2f2cbea1dd8a9210949fbb58a1 100644 (file)
--- a/src/parser_bison.y
+++ b/src/parser_bison.y
@@ -929,11 +929,13 @@ opt_newline               :       NEWLINE
                        |       /* empty */
                        ;
 
+close_scope_ah         : { scanner_pop_start_cond(nft->scanner, PARSER_SC_EXPR_AH); };
 close_scope_arp                : { scanner_pop_start_cond(nft->scanner, PARSER_SC_ARP); };
 close_scope_comp       : { scanner_pop_start_cond(nft->scanner, PARSER_SC_EXPR_COMP); };
 close_scope_ct         : { scanner_pop_start_cond(nft->scanner, PARSER_SC_CT); };
 close_scope_counter    : { scanner_pop_start_cond(nft->scanner, PARSER_SC_COUNTER); };
 close_scope_dccp       : { scanner_pop_start_cond(nft->scanner, PARSER_SC_EXPR_DCCP); };
+close_scope_esp                : { scanner_pop_start_cond(nft->scanner, PARSER_SC_EXPR_ESP); };
 close_scope_eth                : { scanner_pop_start_cond(nft->scanner, PARSER_SC_ETH); };
 close_scope_fib                : { scanner_pop_start_cond(nft->scanner, PARSER_SC_EXPR_FIB); };
 close_scope_hash       : { scanner_pop_start_cond(nft->scanner, PARSER_SC_EXPR_HASH); };
@@ -4788,14 +4790,14 @@ primary_rhs_expr        :       symbol_expr             { $$ = $1; }
                                                         BYTEORDER_HOST_ENDIAN,
                                                         sizeof(data) * BITS_PER_BYTE, &data);
                        }
-                       |       ESP
+                       |       ESP     close_scope_esp
                        {
                                uint8_t data = IPPROTO_ESP;
                                $$ = constant_expr_alloc(&@$, &inet_protocol_type,
                                                         BYTEORDER_HOST_ENDIAN,
                                                         sizeof(data) * BITS_PER_BYTE, &data);
                        }
-                       |       AH
+                       |       AH      close_scope_ah
                        {
                                uint8_t data = IPPROTO_AH;
                                $$ = constant_expr_alloc(&@$, &inet_protocol_type,
@@ -5451,7 +5453,7 @@ icmp6_hdr_field           :       TYPE            { $$ = ICMP6HDR_TYPE; }
                        |       MAXDELAY        { $$ = ICMP6HDR_MAXDELAY; }
                        ;
 
-auth_hdr_expr          :       AH      auth_hdr_field
+auth_hdr_expr          :       AH      auth_hdr_field  close_scope_ah
                        {
                                $$ = payload_expr_alloc(&@$, &proto_ah, $2);
                        }
@@ -5464,7 +5466,7 @@ auth_hdr_field            :       NEXTHDR         { $$ = AHHDR_NEXTHDR; }
                        |       SEQUENCE        { $$ = AHHDR_SEQUENCE; }
                        ;
 
-esp_hdr_expr           :       ESP     esp_hdr_field
+esp_hdr_expr           :       ESP     esp_hdr_field   close_scope_esp
                        {
                                $$ = payload_expr_alloc(&@$, &proto_esp, $2);
                        }

diff --git a/src/scanner.l b/src/scanner.l
index 65640ebbf40ebf39bca1a2ed5d9e3a39c702d140..7c4d8b7f904c47ae39576139ed5b649b55312272 100644 (file)
--- a/src/scanner.l
+++ b/src/scanner.l
@@ -211,8 +211,10 @@ addrstring ({macaddr}|{ip4addr}|{ip6addr})
 %s SCANSTATE_TCP
 %s SCANSTATE_VLAN
 %s SCANSTATE_CMD_LIST
+%s SCANSTATE_EXPR_AH
 %s SCANSTATE_EXPR_COMP
 %s SCANSTATE_EXPR_DCCP
+%s SCANSTATE_EXPR_ESP
 %s SCANSTATE_EXPR_FIB
 %s SCANSTATE_EXPR_HASH
 %s SCANSTATE_EXPR_IPSEC
@@ -532,7 +534,9 @@ addrstring  ({macaddr}|{ip4addr}|{ip6addr})
        "max-delay"             { return MAXDELAY; }
        "mtu"                   { return MTU; }
 }
-"sequence"             { return SEQUENCE; }
+<SCANSTATE_EXPR_AH,SCANSTATE_EXPR_ESP,SCANSTATE_ICMP,SCANSTATE_TCP>{
+       "sequence"              { return SEQUENCE; }
+}
 
 "igmp"                 { scanner_push_start_cond(yyscanner, SCANSTATE_IGMP); return IGMP; }
 <SCANSTATE_IGMP>{
@@ -548,11 +552,11 @@ addrstring        ({macaddr}|{ip4addr}|{ip6addr})
 }
 "nexthdr"              { return NEXTHDR; }
 
-"ah"                   { return AH; }
+"ah"                   { scanner_push_start_cond(yyscanner, SCANSTATE_EXPR_AH); return AH; }
 "reserved"             { return RESERVED; }
-"spi"                  { return SPI; }
+<SCANSTATE_EXPR_AH,SCANSTATE_EXPR_ESP,SCANSTATE_EXPR_IPSEC>"spi"                       { return SPI; }
 
-"esp"                  { return ESP; }
+"esp"                  { scanner_push_start_cond(yyscanner, SCANSTATE_EXPR_ESP); return ESP; }
 
 "comp"                 { scanner_push_start_cond(yyscanner, SCANSTATE_EXPR_COMP); return COMP; }
 <SCANSTATE_EXPR_COMP>{