iked refactor: config and request parser logic

Thu, 26 Dec 2024 07:45:50 -0800 

>Synopsis:      Refactor iked parser to separate config and request parsing 
>logic
>Category:      bin
>Description:
        The current implementation in parse.y duplicates logic between CONFIG 
and REQUEST handling in the ikecfgvals grammar rule. This refactor extracts the 
common parsing logic into a new helper function parse_cfg_option() to improve 
readability and clarify the distinction between config and request parsing.
        
        The main changes:
        - Created new parse_cfg_option() helper function to handle common 
parsing logic
        - Removed duplicate code blocks in cfg grammar rule
        - Simplified error handling path
        - Maintained existing functionality while improving code organization
        
        This change makes the parser's behavior more maintainable and easier to 
understand by clearly separating the parsing logic for different types of 
configuration options.
>Fix:
        Index: parse.y
        ===================================================================
        RCS file: /cvs/src/sbin/iked/parse.y,v
        diff -u -p -u -p -r1.147 parse.y
        --- parse.y     13 Jul 2024 12:22:46 -0000      1.147
        +++ parse.y     14 Dec 2024 18:30:32 -0000
        @@ -595,33 +595,13 @@ ikecfgvals        : cfg                           
{ $$ = $1; }
                        }
                        ;
         
        -cfg            : CONFIG STRING host_spec       {
        -                       const struct ipsec_xf   *xf;
        -
        -                       if ((xf = parse_xf($2, $3->af, cpxfs)) == NULL) 
{
        -                               yyerror("not a valid ikecfg option");
        -                               free($2);
        -                               free($3);
        +cfg     : CONFIG STRING host_spec {
        +                       if (($$ = parse_cfg_option($2, $3, 
IKEV2_CP_REPLY)) == NULL)
                                        YYERROR;
        -                       }
        -                       free($2);
        -                       $$ = $3;
        -                       $$->type = xf->id;
        -                       $$->action = IKEV2_CP_REPLY;    /* XXX */
                        }
        -               | REQUEST STRING anyhost        {
        -                       const struct ipsec_xf   *xf;
        -
        -                       if ((xf = parse_xf($2, $3->af, cpxfs)) == NULL) 
{
        -                               yyerror("not a valid ikecfg option");
        -                               free($2);
        -                               free($3);
        +               | REQUEST STRING anyhost {
        +                       if (($$ = parse_cfg_option($2, $3, 
IKEV2_CP_REQUEST)) == NULL)
                                        YYERROR;
        -                       }
        -                       free($2);
        -                       $$ = $3;
        -                       $$->type = xf->id;
        -                       $$->action = IKEV2_CP_REQUEST;  /* XXX */
                        }
                        ;
         
        @@ -2593,6 +2573,23 @@ set_ipmask(struct ipsec_addr_wrap *addre
                        address->mask = address->af == AF_INET ? 32 : 128;
                else
                        address->mask = b;
        +}
        +
        +static struct ipsec_addr_wrap *
        +parse_cfg_option(char *str, struct ipsec_addr_wrap *host, int action)
        +{
        +       const struct ipsec_xf *xf;
        +
        +       if ((xf = parse_xf(str, host->af, cpxfs)) == NULL) {
        +               yyerror("not a valid ikecfg option");
        +               free(str);
        +               free(host);
        +               return NULL;
        +       }
        +       free(str);
        +       host->type = xf->id;
        +       host->action = action;
        +       return host;
         }
         
         const struct ipsec_xf *

Reply via email to