]> git.proxmox.com Git - mirror_frr.git/blame - lib/keychain.c
projects / mirror_frr.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Merge pull request #11003 from anlancs/bgpd-mh-trival-remove
[mirror_frr.git] / lib / keychain.c
CommitLineData
718e3744 1/* key-chain for authentication.
896014f4
DL		 2 * Copyright (C) 2000 Kunihiro Ishiguro
3 *
4 * This file is part of GNU Zebra.
5 *
6 * GNU Zebra is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published
8 * by the Free Software Foundation; either version 2, or (at your
9 * option) any later version.
10 *
11 * GNU Zebra is distributed in the hope that it will be useful, but
12 * WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License along
17 * with this program; see the file COPYING; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
19 */
718e3744 20
72000880 21#include "config.h"
718e3744 22#include <zebra.h>
23
24#include "command.h"
25#include "memory.h"
26#include "linklist.h"
27#include "keychain.h"
28
bf8d3d6a
DL		 29DEFINE_MTYPE_STATIC(LIB, KEY, "Key");
30DEFINE_MTYPE_STATIC(LIB, KEYCHAIN, "Key chain");
4a1ab8e4 31
96244aca
DL		 32DEFINE_QOBJ_TYPE(keychain);
33DEFINE_QOBJ_TYPE(key);
e80e7cce 34
718e3744 35/* Master list of key chain. */
c17faa4b 36static struct list *keychain_list;
718e3744 37
d62a17ae 38static struct keychain *keychain_new(void)
718e3744 39{
d62a17ae 40 struct keychain *keychain;
41 keychain = XCALLOC(MTYPE_KEYCHAIN, sizeof(struct keychain));
42 QOBJ_REG(keychain, keychain);
43 return keychain;
718e3744 44}
45
d62a17ae 46static void keychain_free(struct keychain *keychain)
718e3744 47{
d62a17ae 48 QOBJ_UNREG(keychain);
49 XFREE(MTYPE_KEYCHAIN, keychain);
718e3744 50}
51
d62a17ae 52static struct key *key_new(void)
718e3744 53{
d62a17ae 54 struct key *key = XCALLOC(MTYPE_KEY, sizeof(struct key));
55 QOBJ_REG(key, key);
56 return key;
718e3744 57}
58
d62a17ae 59static void key_free(struct key *key)
718e3744 60{
d62a17ae 61 QOBJ_UNREG(key);
62 XFREE(MTYPE_KEY, key);
718e3744 63}
64
d62a17ae 65struct keychain *keychain_lookup(const char *name)
718e3744 66{
d62a17ae 67 struct listnode *node;
68 struct keychain *keychain;
718e3744 69
d62a17ae 70 if (name == NULL)
71 return NULL;
718e3744 72
d62a17ae 73 for (ALL_LIST_ELEMENTS_RO(keychain_list, node, keychain)) {
74 if (strcmp(keychain->name, name) == 0)
75 return keychain;
76 }
77 return NULL;
718e3744 78}
79
d62a17ae 80static int key_cmp_func(void *arg1, void *arg2)
718e3744 81{
d62a17ae 82 const struct key *k1 = arg1;
83 const struct key *k2 = arg2;
84
85 if (k1->index > k2->index)
86 return 1;
87 if (k1->index < k2->index)
88 return -1;
89 return 0;
718e3744 90}
91
d62a17ae 92static void key_delete_func(struct key *key)
718e3744 93{
d62a17ae 94 if (key->string)
95 free(key->string);
96 key_free(key);
718e3744 97}
98
d62a17ae 99static struct keychain *keychain_get(const char *name)
718e3744 100{
d62a17ae 101 struct keychain *keychain;
718e3744 102
d62a17ae 103 keychain = keychain_lookup(name);
718e3744 104
d62a17ae 105 if (keychain)
106 return keychain;
718e3744 107
d62a17ae 108 keychain = keychain_new();
109 keychain->name = XSTRDUP(MTYPE_KEYCHAIN, name);
110 keychain->key = list_new();
111 keychain->key->cmp = (int (*)(void *, void *))key_cmp_func;
112 keychain->key->del = (void (*)(void *))key_delete_func;
113 listnode_add(keychain_list, keychain);
718e3744 114
d62a17ae 115 return keychain;
718e3744 116}
117
d62a17ae 118static void keychain_delete(struct keychain *keychain)
718e3744 119{
0a22ddfb 120 XFREE(MTYPE_KEYCHAIN, keychain->name);
718e3744 121
6a154c88 122 list_delete(&keychain->key);
d62a17ae 123 listnode_delete(keychain_list, keychain);
124 keychain_free(keychain);
718e3744 125}
126
d7c0a89a 127static struct key *key_lookup(const struct keychain *keychain, uint32_t index)
718e3744 128{
d62a17ae 129 struct listnode *node;
130 struct key *key;
718e3744 131
d62a17ae 132 for (ALL_LIST_ELEMENTS_RO(keychain->key, node, key)) {
133 if (key->index == index)
134 return key;
135 }
136 return NULL;
718e3744 137}
138
d62a17ae 139struct key *key_lookup_for_accept(const struct keychain *keychain,
d7c0a89a 140 uint32_t index)
718e3744 141{
d62a17ae 142 struct listnode *node;
143 struct key *key;
144 time_t now;
145
146 now = time(NULL);
147
148 for (ALL_LIST_ELEMENTS_RO(keychain->key, node, key)) {
149 if (key->index >= index) {
150 if (key->accept.start == 0)
151 return key;
152
153 if (key->accept.start <= now)
154 if (key->accept.end >= now
155 || key->accept.end == -1)
156 return key;
157 }
718e3744 158 }
d62a17ae 159 return NULL;
718e3744 160}
161
d62a17ae 162struct key *key_match_for_accept(const struct keychain *keychain,
163 const char *auth_str)
718e3744 164{
d62a17ae 165 struct listnode *node;
166 struct key *key;
167 time_t now;
168
169 now = time(NULL);
170
171 for (ALL_LIST_ELEMENTS_RO(keychain->key, node, key)) {
172 if (key->accept.start == 0
173 || (key->accept.start <= now
174 && (key->accept.end >= now || key->accept.end == -1)))
c4efb224 175 if (key->string && (strncmp(key->string, auth_str, 16) == 0))
d62a17ae 176 return key;
177 }
178 return NULL;
718e3744 179}
180
d62a17ae 181struct key *key_lookup_for_send(const struct keychain *keychain)
718e3744 182{
d62a17ae 183 struct listnode *node;
184 struct key *key;
185 time_t now;
718e3744 186
d62a17ae 187 now = time(NULL);
718e3744 188
d62a17ae 189 for (ALL_LIST_ELEMENTS_RO(keychain->key, node, key)) {
190 if (key->send.start == 0)
191 return key;
718e3744 192
d62a17ae 193 if (key->send.start <= now)
194 if (key->send.end >= now || key->send.end == -1)
195 return key;
196 }
197 return NULL;
718e3744 198}
199
d7c0a89a 200static struct key *key_get(const struct keychain *keychain, uint32_t index)
718e3744 201{
d62a17ae 202 struct key *key;
718e3744 203
d62a17ae 204 key = key_lookup(keychain, index);
718e3744 205
d62a17ae 206 if (key)
207 return key;
718e3744 208
d62a17ae 209 key = key_new();
210 key->index = index;
72000880 211 key->hash_algo = KEYCHAIN_ALGO_NULL;
d62a17ae 212 listnode_add_sort(keychain->key, key);
718e3744 213
d62a17ae 214 return key;
718e3744 215}
216
d62a17ae 217static void key_delete(struct keychain *keychain, struct key *key)
718e3744 218{
d62a17ae 219 listnode_delete(keychain->key, key);
718e3744 220
0a22ddfb 221 XFREE(MTYPE_KEY, key->string);
d62a17ae 222 key_free(key);
718e3744 223}
6b0655a2 224
505e5056 225DEFUN_NOSH (key_chain,
718e3744 226 key_chain_cmd,
227 "key chain WORD",
228 "Authentication key management\n"
229 "Key-chain management\n"
230 "Key-chain name\n")
231{
d62a17ae 232 int idx_word = 2;
233 struct keychain *keychain;
718e3744 234
d62a17ae 235 keychain = keychain_get(argv[idx_word]->arg);
236 VTY_PUSH_CONTEXT(KEYCHAIN_NODE, keychain);
718e3744 237
d62a17ae 238 return CMD_SUCCESS;
718e3744 239}
240
241DEFUN (no_key_chain,
242 no_key_chain_cmd,
243 "no key chain WORD",
244 NO_STR
245 "Authentication key management\n"
246 "Key-chain management\n"
247 "Key-chain name\n")
248{
d62a17ae 249 int idx_word = 3;
250 struct keychain *keychain;
718e3744 251
d62a17ae 252 keychain = keychain_lookup(argv[idx_word]->arg);
718e3744 253
d62a17ae 254 if (!keychain) {
255 vty_out(vty, "Can't find keychain %s\n", argv[idx_word]->arg);
256 return CMD_WARNING_CONFIG_FAILED;
257 }
718e3744 258
d62a17ae 259 keychain_delete(keychain);
718e3744 260
d62a17ae 261 return CMD_SUCCESS;
718e3744 262}
263
505e5056 264DEFUN_NOSH (key,
718e3744 265 key_cmd,
6147e2c6 266 "key (0-2147483647)",
718e3744 267 "Configure a key\n"
268 "Key identifier number\n")
269{
d62a17ae 270 int idx_number = 1;
271 VTY_DECLVAR_CONTEXT(keychain, keychain);
272 struct key *key;
d7c0a89a 273 uint32_t index;
d62a17ae 274
275 index = strtoul(argv[idx_number]->arg, NULL, 10);
276 key = key_get(keychain, index);
277 VTY_PUSH_CONTEXT_SUB(KEYCHAIN_KEY_NODE, key);
278
279 return CMD_SUCCESS;
718e3744 280}
281
282DEFUN (no_key,
283 no_key_cmd,
6147e2c6 284 "no key (0-2147483647)",
718e3744 285 NO_STR
286 "Delete a key\n"
287 "Key identifier number\n")
288{
d62a17ae 289 int idx_number = 2;
290 VTY_DECLVAR_CONTEXT(keychain, keychain);
291 struct key *key;
d7c0a89a 292 uint32_t index;
d62a17ae 293
294 index = strtoul(argv[idx_number]->arg, NULL, 10);
295 key = key_lookup(keychain, index);
296 if (!key) {
297 vty_out(vty, "Can't find key %d\n", index);
298 return CMD_WARNING_CONFIG_FAILED;
299 }
300
301 key_delete(keychain, key);
302
303 vty->node = KEYCHAIN_NODE;
304
305 return CMD_SUCCESS;
718e3744 306}
307
308DEFUN (key_string,
309 key_string_cmd,
310 "key-string LINE",
311 "Set key string\n"
312 "The key\n")
313{
d62a17ae 314 int idx_line = 1;
315 VTY_DECLVAR_CONTEXT_SUB(key, key);
718e3744 316
d62a17ae 317 if (key->string)
318 XFREE(MTYPE_KEY, key->string);
319 key->string = XSTRDUP(MTYPE_KEY, argv[idx_line]->arg);
718e3744 320
d62a17ae 321 return CMD_SUCCESS;
718e3744 322}
323
324DEFUN (no_key_string,
325 no_key_string_cmd,
326 "no key-string [LINE]",
327 NO_STR
328 "Unset key string\n"
329 "The key\n")
330{
d62a17ae 331 VTY_DECLVAR_CONTEXT_SUB(key, key);
718e3744 332
d62a17ae 333 if (key->string) {
334 XFREE(MTYPE_KEY, key->string);
335 key->string = NULL;
336 }
718e3744 337
d62a17ae 338 return CMD_SUCCESS;
718e3744 339}
340
72000880
AR		 341const struct keychain_algo_info algo_info[] = {
342 {KEYCHAIN_ALGO_NULL, "null", 0, 0, "NULL"},
343 {KEYCHAIN_ALGO_MD5, "md5", KEYCHAIN_MD5_HASH_SIZE,
344 KEYCHAIN_ALGO_MD5_INTERNAL_BLK_SIZE, "MD5"},
345 {KEYCHAIN_ALGO_HMAC_SHA1, "hmac-sha-1", KEYCHAIN_HMAC_SHA1_HASH_SIZE,
346 KEYCHAIN_ALGO_SHA1_INTERNAL_BLK_SIZE, "HMAC-SHA-1"},
347 {KEYCHAIN_ALGO_HMAC_SHA256, "hmac-sha-256",
348 KEYCHAIN_HMAC_SHA256_HASH_SIZE, KEYCHAIN_ALGO_SHA256_INTERNAL_BLK_SIZE,
349 "HMAC-SHA-256"},
350 {KEYCHAIN_ALGO_HMAC_SHA384, "hmac-sha-384",
351 KEYCHAIN_HMAC_SHA384_HASH_SIZE, KEYCHAIN_ALGO_SHA384_INTERNAL_BLK_SIZE,
352 "HMAC-SHA-384"},
353 {KEYCHAIN_ALGO_HMAC_SHA512, "hmac-sha-512",
354 KEYCHAIN_HMAC_SHA512_HASH_SIZE, KEYCHAIN_ALGO_SHA512_INTERNAL_BLK_SIZE,
355 "HMAC-SHA-512"},
356 {KEYCHAIN_ALGO_MAX, "max", KEYCHAIN_MAX_HASH_SIZE,
357 KEYCHAIN_ALGO_MAX_INTERNAL_BLK_SIZE, "Not defined"}
358};
359
42bfee18 360uint16_t keychain_get_block_size(enum keychain_hash_algo key)
72000880
AR		 361{
362 return algo_info[key].block;
363}
364
42bfee18 365uint16_t keychain_get_hash_len(enum keychain_hash_algo key)
72000880
AR		 366{
367 return algo_info[key].length;
368}
369
370const char *keychain_get_description(enum keychain_hash_algo key)
371{
372 return algo_info[key].desc;
373}
374
375struct keychain_algo_info
376keychain_get_hash_algo_info(enum keychain_hash_algo key)
377{
378 return algo_info[key];
379}
380
381enum keychain_hash_algo keychain_get_algo_id_by_name(const char *name)
382{
383#ifdef CRYPTO_INTERNAL
384 if (!strncmp(name, "hmac-sha-2", 10))
385 return KEYCHAIN_ALGO_HMAC_SHA256;
386 else if (!strncmp(name, "m", 1))
387 return KEYCHAIN_ALGO_MD5;
388 else
389 return KEYCHAIN_ALGO_NULL;
390#else
391 if (!strncmp(name, "m", 1))
392 return KEYCHAIN_ALGO_MD5;
393 else if (!strncmp(name, "hmac-sha-1", 10))
394 return KEYCHAIN_ALGO_HMAC_SHA1;
395 else if (!strncmp(name, "hmac-sha-2", 10))
396 return KEYCHAIN_ALGO_HMAC_SHA256;
397 else if (!strncmp(name, "hmac-sha-3", 10))
398 return KEYCHAIN_ALGO_HMAC_SHA384;
399 else if (!strncmp(name, "hmac-sha-5", 10))
400 return KEYCHAIN_ALGO_HMAC_SHA512;
401 else
402 return KEYCHAIN_ALGO_NULL;
403#endif
404}
405
406const char *keychain_get_algo_name_by_id(enum keychain_hash_algo key)
407{
408 return algo_info[key].name;
409}
410
411DEFUN(cryptographic_algorithm, cryptographic_algorithm_cmd,
412 "cryptographic-algorithm "
413 "<md5|hmac-sha-1|hmac-sha-256|hmac-sha-384|hmac-sha-512>",
414 "Cryptographic-algorithm\n"
415 "Use MD5 algorithm\n"
416 "Use HMAC-SHA-1 algorithm\n"
417 "Use HMAC-SHA-256 algorithm\n"
418 "Use HMAC-SHA-384 algorithm\n"
419 "Use HMAC-SHA-512 algorithm\n")
420{
421 int algo_idx = 1;
422 uint8_t hash_algo = KEYCHAIN_ALGO_NULL;
423
424 VTY_DECLVAR_CONTEXT_SUB(key, key);
425 hash_algo = keychain_get_algo_id_by_name(argv[algo_idx]->arg);
426#ifndef CRYPTO_OPENSSL
427 if (hash_algo == KEYCHAIN_ALGO_NULL) {
428 vty_out(vty,
429 "Hash algorithm not supported, compile with --with-crypto=openssl\n");
430 return CMD_WARNING_CONFIG_FAILED;
431 }
432#endif /* CRYPTO_OPENSSL */
433 key->hash_algo = hash_algo;
434 return CMD_SUCCESS;
435}
436
437DEFUN(no_cryptographic_algorithm, no_cryptographic_algorithm_cmd,
438 "no cryptographic-algorithm "
439 "[<md5|hmac-sha-1|hmac-sha-256|hmac-sha-384|hmac-sha-512>]",
440 NO_STR
441 "Cryptographic-algorithm\n"
442 "Use MD5 algorithm\n"
443 "Use HMAC-SHA-1 algorithm\n"
444 "Use HMAC-SHA-256 algorithm\n"
445 "Use HMAC-SHA-384 algorithm\n"
446 "Use HMAC-SHA-512 algorithm\n")
447{
448 int algo_idx = 2;
449 uint8_t hash_algo = KEYCHAIN_ALGO_NULL;
450
451 VTY_DECLVAR_CONTEXT_SUB(key, key);
452 if (argc > algo_idx) {
453 hash_algo = keychain_get_algo_id_by_name(argv[algo_idx]->arg);
454 if (hash_algo == KEYCHAIN_ALGO_NULL) {
455 vty_out(vty,
456 "Hash algorithm not supported, try compiling with --with-crypto=openssl\n");
457 return CMD_WARNING_CONFIG_FAILED;
458 }
459 }
460
461 if ((hash_algo != KEYCHAIN_ALGO_NULL) && (hash_algo != key->hash_algo))
462 return CMD_SUCCESS;
463
464 key->hash_algo = KEYCHAIN_ALGO_NULL;
465 return CMD_SUCCESS;
466}
467
718e3744 468/* Convert HH:MM:SS MON DAY YEAR to time_t value. -1 is returned when
469 given string is malformed. */
d62a17ae 470static time_t key_str2time(const char *time_str, const char *day_str,
471 const char *month_str, const char *year_str)
718e3744 472{
d62a17ae 473 int i = 0;
474 char *colon;
475 struct tm tm;
476 time_t time;
477 unsigned int sec, min, hour;
478 unsigned int day, month, year;
479
480 const char *month_name[] = {
481 "January", "February", "March", "April", "May",
482 "June", "July", "August", "September", "October",
483 "November", "December", NULL};
484
485#define _GET_LONG_RANGE(V, STR, MMCOND) \
486 { \
487 unsigned long tmpl; \
488 char *endptr = NULL; \
489 tmpl = strtoul((STR), &endptr, 10); \
490 if (*endptr != '\0' || tmpl == ULONG_MAX) \
491 return -1; \
492 if (MMCOND) \
493 return -1; \
494 (V) = tmpl; \
718e3744 495 }
d62a17ae 496#define GET_LONG_RANGE(V, STR, MIN, MAX) \
497 _GET_LONG_RANGE(V, STR, tmpl<(MIN) || tmpl>(MAX))
498#define GET_LONG_RANGE0(V, STR, MAX) _GET_LONG_RANGE(V, STR, tmpl > (MAX))
499
500 /* Check hour field of time_str. */
501 colon = strchr(time_str, ':');
502 if (colon == NULL)
503 return -1;
504 *colon = '\0';
505
506 /* Hour must be between 0 and 23. */
507 GET_LONG_RANGE0(hour, time_str, 23);
508
509 /* Check min field of time_str. */
510 time_str = colon + 1;
511 colon = strchr(time_str, ':');
512 if (*time_str == '\0' || colon == NULL)
513 return -1;
514 *colon = '\0';
515
516 /* Min must be between 0 and 59. */
517 GET_LONG_RANGE0(min, time_str, 59);
518
519 /* Check sec field of time_str. */
520 time_str = colon + 1;
521 if (*time_str == '\0')
522 return -1;
523
524 /* Sec must be between 0 and 59. */
525 GET_LONG_RANGE0(sec, time_str, 59);
526
527 /* Check day_str. Day must be <1-31>. */
528 GET_LONG_RANGE(day, day_str, 1, 31);
529
530 /* Check month_str. Month must match month_name. */
531 month = 0;
532 if (strlen(month_str) >= 3)
533 for (i = 0; month_name[i]; i++)
534 if (strncmp(month_str, month_name[i], strlen(month_str))
535 == 0) {
536 month = i;
537 break;
538 }
539 if (!month_name[i])
540 return -1;
541
542 /* Check year_str. Year must be <1993-2035>. */
543 GET_LONG_RANGE(year, year_str, 1993, 2035);
544
545 memset(&tm, 0, sizeof(struct tm));
546 tm.tm_sec = sec;
547 tm.tm_min = min;
548 tm.tm_hour = hour;
549 tm.tm_mon = month;
550 tm.tm_mday = day;
551 tm.tm_year = year - 1900;
552
553 time = mktime(&tm);
554
555 return time;
8cc4198f 556#undef GET_LONG_RANGE
718e3744 557}
558
d62a17ae 559static int key_lifetime_set(struct vty *vty, struct key_range *krange,
560 const char *stime_str, const char *sday_str,
561 const char *smonth_str, const char *syear_str,
562 const char *etime_str, const char *eday_str,
563 const char *emonth_str, const char *eyear_str)
718e3744 564{
d62a17ae 565 time_t time_start;
566 time_t time_end;
567
568 time_start = key_str2time(stime_str, sday_str, smonth_str, syear_str);
569 if (time_start < 0) {
570 vty_out(vty, "Malformed time value\n");
571 return CMD_WARNING_CONFIG_FAILED;
572 }
573 time_end = key_str2time(etime_str, eday_str, emonth_str, eyear_str);
574
575 if (time_end < 0) {
576 vty_out(vty, "Malformed time value\n");
577 return CMD_WARNING_CONFIG_FAILED;
578 }
579
580 if (time_end <= time_start) {
581 vty_out(vty, "Expire time is not later than start time\n");
582 return CMD_WARNING_CONFIG_FAILED;
583 }
584
585 krange->start = time_start;
586 krange->end = time_end;
587
588 return CMD_SUCCESS;
718e3744 589}
590
d62a17ae 591static int key_lifetime_duration_set(struct vty *vty, struct key_range *krange,
592 const char *stime_str,
593 const char *sday_str,
594 const char *smonth_str,
595 const char *syear_str,
596 const char *duration_str)
718e3744 597{
d62a17ae 598 time_t time_start;
d7c0a89a 599 uint32_t duration;
d62a17ae 600
601 time_start = key_str2time(stime_str, sday_str, smonth_str, syear_str);
602 if (time_start < 0) {
603 vty_out(vty, "Malformed time value\n");
604 return CMD_WARNING_CONFIG_FAILED;
605 }
606 krange->start = time_start;
607
608 duration = strtoul(duration_str, NULL, 10);
609 krange->duration = 1;
610 krange->end = time_start + duration;
611
612 return CMD_SUCCESS;
718e3744 613}
614
d62a17ae 615static int key_lifetime_infinite_set(struct vty *vty, struct key_range *krange,
616 const char *stime_str,
617 const char *sday_str,
618 const char *smonth_str,
619 const char *syear_str)
718e3744 620{
d62a17ae 621 time_t time_start;
622
623 time_start = key_str2time(stime_str, sday_str, smonth_str, syear_str);
624 if (time_start < 0) {
625 vty_out(vty, "Malformed time value\n");
626 return CMD_WARNING_CONFIG_FAILED;
627 }
628 krange->start = time_start;
629
630 krange->end = -1;
631
632 return CMD_SUCCESS;
718e3744 633}
6b0655a2 634
718e3744 635DEFUN (accept_lifetime_day_month_day_month,
636 accept_lifetime_day_month_day_month_cmd,
6147e2c6 637 "accept-lifetime HH:MM:SS (1-31) MONTH (1993-2035) HH:MM:SS (1-31) MONTH (1993-2035)",
718e3744 638 "Set accept lifetime of the key\n"
639 "Time to start\n"
640 "Day of th month to start\n"
641 "Month of the year to start\n"
642 "Year to start\n"
643 "Time to expire\n"
644 "Day of th month to expire\n"
645 "Month of the year to expire\n"
646 "Year to expire\n")
647{
d62a17ae 648 int idx_hhmmss = 1;
649 int idx_number = 2;
650 int idx_month = 3;
651 int idx_number_2 = 4;
652 int idx_hhmmss_2 = 5;
653 int idx_number_3 = 6;
654 int idx_month_2 = 7;
655 int idx_number_4 = 8;
656 VTY_DECLVAR_CONTEXT_SUB(key, key);
657
658 return key_lifetime_set(
659 vty, &key->accept, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
660 argv[idx_month]->arg, argv[idx_number_2]->arg,
661 argv[idx_hhmmss_2]->arg, argv[idx_number_3]->arg,
662 argv[idx_month_2]->arg, argv[idx_number_4]->arg);
718e3744 663}
664
665DEFUN (accept_lifetime_day_month_month_day,
666 accept_lifetime_day_month_month_day_cmd,
6147e2c6 667 "accept-lifetime HH:MM:SS (1-31) MONTH (1993-2035) HH:MM:SS MONTH (1-31) (1993-2035)",
718e3744 668 "Set accept lifetime of the key\n"
669 "Time to start\n"
670 "Day of th month to start\n"
671 "Month of the year to start\n"
672 "Year to start\n"
673 "Time to expire\n"
674 "Month of the year to expire\n"
675 "Day of th month to expire\n"
676 "Year to expire\n")
677{
d62a17ae 678 int idx_hhmmss = 1;
679 int idx_number = 2;
680 int idx_month = 3;
681 int idx_number_2 = 4;
682 int idx_hhmmss_2 = 5;
683 int idx_month_2 = 6;
684 int idx_number_3 = 7;
685 int idx_number_4 = 8;
686 VTY_DECLVAR_CONTEXT_SUB(key, key);
687
688 return key_lifetime_set(
689 vty, &key->accept, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
690 argv[idx_month]->arg, argv[idx_number_2]->arg,
691 argv[idx_hhmmss_2]->arg, argv[idx_number_3]->arg,
692 argv[idx_month_2]->arg, argv[idx_number_4]->arg);
718e3744 693}
694
695DEFUN (accept_lifetime_month_day_day_month,
696 accept_lifetime_month_day_day_month_cmd,
6147e2c6 697 "accept-lifetime HH:MM:SS MONTH (1-31) (1993-2035) HH:MM:SS (1-31) MONTH (1993-2035)",
718e3744 698 "Set accept lifetime of the key\n"
699 "Time to start\n"
700 "Month of the year to start\n"
701 "Day of th month to start\n"
702 "Year to start\n"
703 "Time to expire\n"
704 "Day of th month to expire\n"
705 "Month of the year to expire\n"
706 "Year to expire\n")
707{
d62a17ae 708 int idx_hhmmss = 1;
709 int idx_month = 2;
710 int idx_number = 3;
711 int idx_number_2 = 4;
712 int idx_hhmmss_2 = 5;
713 int idx_number_3 = 6;
714 int idx_month_2 = 7;
715 int idx_number_4 = 8;
716 VTY_DECLVAR_CONTEXT_SUB(key, key);
717
718 return key_lifetime_set(
719 vty, &key->accept, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
720 argv[idx_month]->arg, argv[idx_number_2]->arg,
721 argv[idx_hhmmss_2]->arg, argv[idx_number_3]->arg,
722 argv[idx_month_2]->arg, argv[idx_number_4]->arg);
718e3744 723}
724
725DEFUN (accept_lifetime_month_day_month_day,
726 accept_lifetime_month_day_month_day_cmd,
6147e2c6 727 "accept-lifetime HH:MM:SS MONTH (1-31) (1993-2035) HH:MM:SS MONTH (1-31) (1993-2035)",
718e3744 728 "Set accept lifetime of the key\n"
729 "Time to start\n"
730 "Month of the year to start\n"
731 "Day of th month to start\n"
732 "Year to start\n"
733 "Time to expire\n"
734 "Month of the year to expire\n"
735 "Day of th month to expire\n"
736 "Year to expire\n")
737{
d62a17ae 738 int idx_hhmmss = 1;
739 int idx_month = 2;
740 int idx_number = 3;
741 int idx_number_2 = 4;
742 int idx_hhmmss_2 = 5;
743 int idx_month_2 = 6;
744 int idx_number_3 = 7;
745 int idx_number_4 = 8;
746 VTY_DECLVAR_CONTEXT_SUB(key, key);
747
748 return key_lifetime_set(
749 vty, &key->accept, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
750 argv[idx_month]->arg, argv[idx_number_2]->arg,
751 argv[idx_hhmmss_2]->arg, argv[idx_number_3]->arg,
752 argv[idx_month_2]->arg, argv[idx_number_4]->arg);
718e3744 753}
754
755DEFUN (accept_lifetime_infinite_day_month,
756 accept_lifetime_infinite_day_month_cmd,
6147e2c6 757 "accept-lifetime HH:MM:SS (1-31) MONTH (1993-2035) infinite",
718e3744 758 "Set accept lifetime of the key\n"
759 "Time to start\n"
760 "Day of th month to start\n"
761 "Month of the year to start\n"
762 "Year to start\n"
efd7904e 763 "Never expires\n")
718e3744 764{
d62a17ae 765 int idx_hhmmss = 1;
766 int idx_number = 2;
767 int idx_month = 3;
768 int idx_number_2 = 4;
769 VTY_DECLVAR_CONTEXT_SUB(key, key);
770
771 return key_lifetime_infinite_set(
772 vty, &key->accept, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
773 argv[idx_month]->arg, argv[idx_number_2]->arg);
718e3744 774}
775
776DEFUN (accept_lifetime_infinite_month_day,
777 accept_lifetime_infinite_month_day_cmd,
6147e2c6 778 "accept-lifetime HH:MM:SS MONTH (1-31) (1993-2035) infinite",
718e3744 779 "Set accept lifetime of the key\n"
780 "Time to start\n"
781 "Month of the year to start\n"
782 "Day of th month to start\n"
783 "Year to start\n"
efd7904e 784 "Never expires\n")
718e3744 785{
d62a17ae 786 int idx_hhmmss = 1;
787 int idx_month = 2;
788 int idx_number = 3;
789 int idx_number_2 = 4;
790 VTY_DECLVAR_CONTEXT_SUB(key, key);
791
792 return key_lifetime_infinite_set(
793 vty, &key->accept, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
794 argv[idx_month]->arg, argv[idx_number_2]->arg);
718e3744 795}
796
797DEFUN (accept_lifetime_duration_day_month,
798 accept_lifetime_duration_day_month_cmd,
6147e2c6 799 "accept-lifetime HH:MM:SS (1-31) MONTH (1993-2035) duration (1-2147483646)",
718e3744 800 "Set accept lifetime of the key\n"
801 "Time to start\n"
802 "Day of th month to start\n"
803 "Month of the year to start\n"
804 "Year to start\n"
805 "Duration of the key\n"
806 "Duration seconds\n")
807{
d62a17ae 808 int idx_hhmmss = 1;
809 int idx_number = 2;
810 int idx_month = 3;
811 int idx_number_2 = 4;
812 int idx_number_3 = 6;
813 VTY_DECLVAR_CONTEXT_SUB(key, key);
814
815 return key_lifetime_duration_set(
816 vty, &key->accept, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
817 argv[idx_month]->arg, argv[idx_number_2]->arg,
818 argv[idx_number_3]->arg);
718e3744 819}
820
821DEFUN (accept_lifetime_duration_month_day,
822 accept_lifetime_duration_month_day_cmd,
6147e2c6 823 "accept-lifetime HH:MM:SS MONTH (1-31) (1993-2035) duration (1-2147483646)",
718e3744 824 "Set accept lifetime of the key\n"
825 "Time to start\n"
826 "Month of the year to start\n"
827 "Day of th month to start\n"
828 "Year to start\n"
829 "Duration of the key\n"
830 "Duration seconds\n")
831{
d62a17ae 832 int idx_hhmmss = 1;
833 int idx_month = 2;
834 int idx_number = 3;
835 int idx_number_2 = 4;
836 int idx_number_3 = 6;
837 VTY_DECLVAR_CONTEXT_SUB(key, key);
838
839 return key_lifetime_duration_set(
840 vty, &key->accept, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
841 argv[idx_month]->arg, argv[idx_number_2]->arg,
842 argv[idx_number_3]->arg);
718e3744 843}
6b0655a2 844
c50e6abd 845DEFUN (no_accept_lifetime,
846 no_accept_lifetime_cmd,
847 "no accept-lifetime",
848 NO_STR
849 "Unset accept-lifetime\n")
850{
851 VTY_DECLVAR_CONTEXT_SUB(key, key);
852
853 if (key->accept.start)
854 key->accept.start = 0;
855 if (key->accept.end)
856 key->accept.end = 0;
857 if (key->accept.duration)
858 key->accept.duration = 0;
859
860 return CMD_SUCCESS;
861}
862
718e3744 863DEFUN (send_lifetime_day_month_day_month,
864 send_lifetime_day_month_day_month_cmd,
6147e2c6 865 "send-lifetime HH:MM:SS (1-31) MONTH (1993-2035) HH:MM:SS (1-31) MONTH (1993-2035)",
718e3744 866 "Set send lifetime of the key\n"
867 "Time to start\n"
868 "Day of th month to start\n"
869 "Month of the year to start\n"
870 "Year to start\n"
871 "Time to expire\n"
872 "Day of th month to expire\n"
873 "Month of the year to expire\n"
874 "Year to expire\n")
875{
d62a17ae 876 int idx_hhmmss = 1;
877 int idx_number = 2;
878 int idx_month = 3;
879 int idx_number_2 = 4;
880 int idx_hhmmss_2 = 5;
881 int idx_number_3 = 6;
882 int idx_month_2 = 7;
883 int idx_number_4 = 8;
884 VTY_DECLVAR_CONTEXT_SUB(key, key);
885
886 return key_lifetime_set(
887 vty, &key->send, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
888 argv[idx_month]->arg, argv[idx_number_2]->arg,
889 argv[idx_hhmmss_2]->arg, argv[idx_number_3]->arg,
890 argv[idx_month_2]->arg, argv[idx_number_4]->arg);
718e3744 891}
892
893DEFUN (send_lifetime_day_month_month_day,
894 send_lifetime_day_month_month_day_cmd,
6147e2c6 895 "send-lifetime HH:MM:SS (1-31) MONTH (1993-2035) HH:MM:SS MONTH (1-31) (1993-2035)",
718e3744 896 "Set send lifetime of the key\n"
897 "Time to start\n"
898 "Day of th month to start\n"
899 "Month of the year to start\n"
900 "Year to start\n"
901 "Time to expire\n"
902 "Month of the year to expire\n"
903 "Day of th month to expire\n"
904 "Year to expire\n")
905{
d62a17ae 906 int idx_hhmmss = 1;
907 int idx_number = 2;
908 int idx_month = 3;
909 int idx_number_2 = 4;
910 int idx_hhmmss_2 = 5;
911 int idx_month_2 = 6;
912 int idx_number_3 = 7;
913 int idx_number_4 = 8;
914 VTY_DECLVAR_CONTEXT_SUB(key, key);
915
916 return key_lifetime_set(
917 vty, &key->send, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
918 argv[idx_month]->arg, argv[idx_number_2]->arg,
919 argv[idx_hhmmss_2]->arg, argv[idx_number_3]->arg,
920 argv[idx_month_2]->arg, argv[idx_number_4]->arg);
718e3744 921}
922
923DEFUN (send_lifetime_month_day_day_month,
924 send_lifetime_month_day_day_month_cmd,
6147e2c6 925 "send-lifetime HH:MM:SS MONTH (1-31) (1993-2035) HH:MM:SS (1-31) MONTH (1993-2035)",
718e3744 926 "Set send lifetime of the key\n"
927 "Time to start\n"
928 "Month of the year to start\n"
929 "Day of th month to start\n"
930 "Year to start\n"
931 "Time to expire\n"
932 "Day of th month to expire\n"
933 "Month of the year to expire\n"
934 "Year to expire\n")
935{
d62a17ae 936 int idx_hhmmss = 1;
937 int idx_month = 2;
938 int idx_number = 3;
939 int idx_number_2 = 4;
940 int idx_hhmmss_2 = 5;
941 int idx_number_3 = 6;
942 int idx_month_2 = 7;
943 int idx_number_4 = 8;
944 VTY_DECLVAR_CONTEXT_SUB(key, key);
945
946 return key_lifetime_set(
947 vty, &key->send, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
948 argv[idx_month]->arg, argv[idx_number_2]->arg,
949 argv[idx_hhmmss_2]->arg, argv[idx_number_3]->arg,
950 argv[idx_month_2]->arg, argv[idx_number_4]->arg);
718e3744 951}
952
953DEFUN (send_lifetime_month_day_month_day,
954 send_lifetime_month_day_month_day_cmd,
6147e2c6 955 "send-lifetime HH:MM:SS MONTH (1-31) (1993-2035) HH:MM:SS MONTH (1-31) (1993-2035)",
718e3744 956 "Set send lifetime of the key\n"
957 "Time to start\n"
958 "Month of the year to start\n"
959 "Day of th month to start\n"
960 "Year to start\n"
961 "Time to expire\n"
962 "Month of the year to expire\n"
963 "Day of th month to expire\n"
964 "Year to expire\n")
965{
d62a17ae 966 int idx_hhmmss = 1;
967 int idx_month = 2;
968 int idx_number = 3;
969 int idx_number_2 = 4;
970 int idx_hhmmss_2 = 5;
971 int idx_month_2 = 6;
972 int idx_number_3 = 7;
973 int idx_number_4 = 8;
974 VTY_DECLVAR_CONTEXT_SUB(key, key);
975
976 return key_lifetime_set(
977 vty, &key->send, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
978 argv[idx_month]->arg, argv[idx_number_2]->arg,
979 argv[idx_hhmmss_2]->arg, argv[idx_number_3]->arg,
980 argv[idx_month_2]->arg, argv[idx_number_4]->arg);
718e3744 981}
982
983DEFUN (send_lifetime_infinite_day_month,
984 send_lifetime_infinite_day_month_cmd,
6147e2c6 985 "send-lifetime HH:MM:SS (1-31) MONTH (1993-2035) infinite",
718e3744 986 "Set send lifetime of the key\n"
987 "Time to start\n"
988 "Day of th month to start\n"
989 "Month of the year to start\n"
990 "Year to start\n"
efd7904e 991 "Never expires\n")
718e3744 992{
d62a17ae 993 int idx_hhmmss = 1;
994 int idx_number = 2;
995 int idx_month = 3;
996 int idx_number_2 = 4;
997 VTY_DECLVAR_CONTEXT_SUB(key, key);
998
999 return key_lifetime_infinite_set(
1000 vty, &key->send, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
1001 argv[idx_month]->arg, argv[idx_number_2]->arg);
718e3744 1002}
1003
1004DEFUN (send_lifetime_infinite_month_day,
1005 send_lifetime_infinite_month_day_cmd,
6147e2c6 1006 "send-lifetime HH:MM:SS MONTH (1-31) (1993-2035) infinite",
718e3744 1007 "Set send lifetime of the key\n"
1008 "Time to start\n"
1009 "Month of the year to start\n"
1010 "Day of th month to start\n"
1011 "Year to start\n"
efd7904e 1012 "Never expires\n")
718e3744 1013{
d62a17ae 1014 int idx_hhmmss = 1;
1015 int idx_month = 2;
1016 int idx_number = 3;
1017 int idx_number_2 = 4;
1018 VTY_DECLVAR_CONTEXT_SUB(key, key);
1019
1020 return key_lifetime_infinite_set(
1021 vty, &key->send, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
1022 argv[idx_month]->arg, argv[idx_number_2]->arg);
718e3744 1023}
1024
1025DEFUN (send_lifetime_duration_day_month,
1026 send_lifetime_duration_day_month_cmd,
6147e2c6 1027 "send-lifetime HH:MM:SS (1-31) MONTH (1993-2035) duration (1-2147483646)",
718e3744 1028 "Set send lifetime of the key\n"
1029 "Time to start\n"
1030 "Day of th month to start\n"
1031 "Month of the year to start\n"
1032 "Year to start\n"
1033 "Duration of the key\n"
1034 "Duration seconds\n")
1035{
d62a17ae 1036 int idx_hhmmss = 1;
1037 int idx_number = 2;
1038 int idx_month = 3;
1039 int idx_number_2 = 4;
1040 int idx_number_3 = 6;
1041 VTY_DECLVAR_CONTEXT_SUB(key, key);
1042
1043 return key_lifetime_duration_set(
1044 vty, &key->send, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
1045 argv[idx_month]->arg, argv[idx_number_2]->arg,
1046 argv[idx_number_3]->arg);
718e3744 1047}
1048
1049DEFUN (send_lifetime_duration_month_day,
1050 send_lifetime_duration_month_day_cmd,
6147e2c6 1051 "send-lifetime HH:MM:SS MONTH (1-31) (1993-2035) duration (1-2147483646)",
718e3744 1052 "Set send lifetime of the key\n"
1053 "Time to start\n"
1054 "Month of the year to start\n"
1055 "Day of th month to start\n"
1056 "Year to start\n"
1057 "Duration of the key\n"
1058 "Duration seconds\n")
1059{
d62a17ae 1060 int idx_hhmmss = 1;
1061 int idx_month = 2;
1062 int idx_number = 3;
1063 int idx_number_2 = 4;
1064 int idx_number_3 = 6;
1065 VTY_DECLVAR_CONTEXT_SUB(key, key);
1066
1067 return key_lifetime_duration_set(
1068 vty, &key->send, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
1069 argv[idx_month]->arg, argv[idx_number_2]->arg,
1070 argv[idx_number_3]->arg);
718e3744 1071}
6b0655a2 1072
c50e6abd 1073DEFUN (no_send_lifetime,
1074 no_send_lifetime_cmd,
1075 "no send-lifetime",
1076 NO_STR
1077 "Unset send-lifetime\n")
1078{
1079 VTY_DECLVAR_CONTEXT_SUB(key, key);
1080
1081 if (key->send.start)
1082 key->send.start = 0;
1083 if (key->send.end)
1084 key->send.end = 0;
1085 if (key->send.duration)
1086 key->send.duration = 0;
1087
1088 return CMD_SUCCESS;
1089}
1090
612c2c15 1091static int keychain_config_write(struct vty *vty);
62b346ee 1092static struct cmd_node keychain_node = {
f4b8291f 1093 .name = "keychain",
62b346ee 1094 .node = KEYCHAIN_NODE,
24389580 1095 .parent_node = CONFIG_NODE,
62b346ee 1096 .prompt = "%s(config-keychain)# ",
612c2c15 1097 .config_write = keychain_config_write,
62b346ee
DL		 1098};
1099
1100static struct cmd_node keychain_key_node = {
f4b8291f 1101 .name = "keychain key",
62b346ee 1102 .node = KEYCHAIN_KEY_NODE,
24389580 1103 .parent_node = KEYCHAIN_NODE,
62b346ee 1104 .prompt = "%s(config-keychain-key)# ",
62b346ee 1105};
718e3744 1106
d62a17ae 1107static int keychain_strftime(char *buf, int bufsiz, time_t *time)
718e3744 1108{
a2700b50 1109 struct tm tm;
d62a17ae 1110 size_t len;
718e3744 1111
a2700b50 1112 localtime_r(time, &tm);
718e3744 1113
a2700b50 1114 len = strftime(buf, bufsiz, "%T %b %d %Y", &tm);
718e3744 1115
d62a17ae 1116 return len;
718e3744 1117}
1118
d62a17ae 1119static int keychain_config_write(struct vty *vty)
718e3744 1120{
d62a17ae 1121 struct keychain *keychain;
1122 struct key *key;
1123 struct listnode *node;
1124 struct listnode *knode;
1125 char buf[BUFSIZ];
1126
1127 for (ALL_LIST_ELEMENTS_RO(keychain_list, node, keychain)) {
1128 vty_out(vty, "key chain %s\n", keychain->name);
1129
1130 for (ALL_LIST_ELEMENTS_RO(keychain->key, knode, key)) {
1131 vty_out(vty, " key %d\n", key->index);
1132
1133 if (key->string)
1134 vty_out(vty, " key-string %s\n", key->string);
1135
72000880
AR		 1136 if (key->hash_algo != KEYCHAIN_ALGO_NULL)
1137 vty_out(vty, " cryptographic-algorithm %s\n",
1138 keychain_get_algo_name_by_id(
1139 key->hash_algo));
1140
d62a17ae 1141 if (key->accept.start) {
1142 keychain_strftime(buf, BUFSIZ,
1143 &key->accept.start);
1144 vty_out(vty, " accept-lifetime %s", buf);
1145
1146 if (key->accept.end == -1)
1147 vty_out(vty, " infinite");
1148 else if (key->accept.duration)
1149 vty_out(vty, " duration %ld",
1150 (long)(key->accept.end
1151 - key->accept.start));
1152 else {
1153 keychain_strftime(buf, BUFSIZ,
1154 &key->accept.end);
1155 vty_out(vty, " %s", buf);
1156 }
1157 vty_out(vty, "\n");
1158 }
1159
1160 if (key->send.start) {
1161 keychain_strftime(buf, BUFSIZ,
1162 &key->send.start);
1163 vty_out(vty, " send-lifetime %s", buf);
1164
1165 if (key->send.end == -1)
1166 vty_out(vty, " infinite");
1167 else if (key->send.duration)
1168 vty_out(vty, " duration %ld",
1169 (long)(key->send.end
1170 - key->send.start));
1171 else {
1172 keychain_strftime(buf, BUFSIZ,
1173 &key->send.end);
1174 vty_out(vty, " %s", buf);
1175 }
1176 vty_out(vty, "\n");
1177 }
deb95b37
AC		 1178
1179 vty_out(vty, " exit\n");
718e3744 1180 }
07679ad9 1181 vty_out(vty, "exit\n");
d62a17ae 1182 vty_out(vty, "!\n");
718e3744 1183 }
718e3744 1184
d62a17ae 1185 return 0;
718e3744 1186}
1187
72000880 1188
166f9103
AR		 1189static void keychain_active_config(vector comps, struct cmd_token *token)
1190{
1191 struct keychain *keychain;
1192 struct listnode *node;
1193
1194 for (ALL_LIST_ELEMENTS_RO(keychain_list, node, keychain))
1195 vector_set(comps, XSTRDUP(MTYPE_COMPLETION, keychain->name));
1196}
1197
1198static const struct cmd_variable_handler keychain_var_handlers[] = {
1199 {.varname = "key_chain", .completions = keychain_active_config},
1200 {.tokenname = "KEYCHAIN_NAME", .completions = keychain_active_config},
1201 {.tokenname = "KCHAIN_NAME", .completions = keychain_active_config},
1202 {.completions = NULL}
1203};
1204
4d762f26 1205void keychain_init(void)
718e3744 1206{
d62a17ae 1207 keychain_list = list_new();
1208
166f9103
AR		 1209 /* Register handler for keychain auto config support */
1210 cmd_variable_handler_register(keychain_var_handlers);
612c2c15
DL		 1211 install_node(&keychain_node);
1212 install_node(&keychain_key_node);
d62a17ae 1213
1214 install_default(KEYCHAIN_NODE);
1215 install_default(KEYCHAIN_KEY_NODE);
1216
1217 install_element(CONFIG_NODE, &key_chain_cmd);
1218 install_element(CONFIG_NODE, &no_key_chain_cmd);
1219 install_element(KEYCHAIN_NODE, &key_cmd);
1220 install_element(KEYCHAIN_NODE, &no_key_cmd);
1221
1222 install_element(KEYCHAIN_NODE, &key_chain_cmd);
1223 install_element(KEYCHAIN_NODE, &no_key_chain_cmd);
1224
1225 install_element(KEYCHAIN_KEY_NODE, &key_string_cmd);
1226 install_element(KEYCHAIN_KEY_NODE, &no_key_string_cmd);
1227
1228 install_element(KEYCHAIN_KEY_NODE, &key_chain_cmd);
1229 install_element(KEYCHAIN_KEY_NODE, &no_key_chain_cmd);
1230
1231 install_element(KEYCHAIN_KEY_NODE, &key_cmd);
1232 install_element(KEYCHAIN_KEY_NODE, &no_key_cmd);
1233
1234 install_element(KEYCHAIN_KEY_NODE,
1235 &accept_lifetime_day_month_day_month_cmd);
1236 install_element(KEYCHAIN_KEY_NODE,
1237 &accept_lifetime_day_month_month_day_cmd);
1238 install_element(KEYCHAIN_KEY_NODE,
1239 &accept_lifetime_month_day_day_month_cmd);
1240 install_element(KEYCHAIN_KEY_NODE,
1241 &accept_lifetime_month_day_month_day_cmd);
1242 install_element(KEYCHAIN_KEY_NODE,
1243 &accept_lifetime_infinite_day_month_cmd);
1244 install_element(KEYCHAIN_KEY_NODE,
1245 &accept_lifetime_infinite_month_day_cmd);
1246 install_element(KEYCHAIN_KEY_NODE,
1247 &accept_lifetime_duration_day_month_cmd);
1248 install_element(KEYCHAIN_KEY_NODE,
1249 &accept_lifetime_duration_month_day_cmd);
996c9314 1250 install_element(KEYCHAIN_KEY_NODE, &no_accept_lifetime_cmd);
d62a17ae 1251
1252 install_element(KEYCHAIN_KEY_NODE,
1253 &send_lifetime_day_month_day_month_cmd);
1254 install_element(KEYCHAIN_KEY_NODE,
1255 &send_lifetime_day_month_month_day_cmd);
1256 install_element(KEYCHAIN_KEY_NODE,
1257 &send_lifetime_month_day_day_month_cmd);
1258 install_element(KEYCHAIN_KEY_NODE,
1259 &send_lifetime_month_day_month_day_cmd);
1260 install_element(KEYCHAIN_KEY_NODE,
1261 &send_lifetime_infinite_day_month_cmd);
1262 install_element(KEYCHAIN_KEY_NODE,
1263 &send_lifetime_infinite_month_day_cmd);
1264 install_element(KEYCHAIN_KEY_NODE,
1265 &send_lifetime_duration_day_month_cmd);
1266 install_element(KEYCHAIN_KEY_NODE,
1267 &send_lifetime_duration_month_day_cmd);
996c9314 1268 install_element(KEYCHAIN_KEY_NODE, &no_send_lifetime_cmd);
72000880
AR		 1269 install_element(KEYCHAIN_KEY_NODE, &cryptographic_algorithm_cmd);
1270 install_element(KEYCHAIN_KEY_NODE, &no_cryptographic_algorithm_cmd);
718e3744 1271}
FRRouting mirror