]> git.proxmox.com Git - mirror_frr.git/blame - lib/keychain.c
projects / mirror_frr.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Merge pull request #964 from opensourcerouting/plist-trie-corruption-3.0
[mirror_frr.git] / lib / keychain.c
CommitLineData
718e3744 1/* key-chain for authentication.
896014f4
DL		 2 * Copyright (C) 2000 Kunihiro Ishiguro
3 *
4 * This file is part of GNU Zebra.
5 *
6 * GNU Zebra is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published
8 * by the Free Software Foundation; either version 2, or (at your
9 * option) any later version.
10 *
11 * GNU Zebra is distributed in the hope that it will be useful, but
12 * WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License along
17 * with this program; see the file COPYING; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
19 */
718e3744 20
21#include <zebra.h>
22
23#include "command.h"
24#include "memory.h"
25#include "linklist.h"
26#include "keychain.h"
27
d62a17ae 28DEFINE_MTYPE_STATIC(LIB, KEY, "Key")
4a1ab8e4
DL		 29DEFINE_MTYPE_STATIC(LIB, KEYCHAIN, "Key chain")
30
e80e7cce
DL		 31DEFINE_QOBJ_TYPE(keychain)
32DEFINE_QOBJ_TYPE(key)
33
718e3744 34/* Master list of key chain. */
35struct list *keychain_list;
36
d62a17ae 37static struct keychain *keychain_new(void)
718e3744 38{
d62a17ae 39 struct keychain *keychain;
40 keychain = XCALLOC(MTYPE_KEYCHAIN, sizeof(struct keychain));
41 QOBJ_REG(keychain, keychain);
42 return keychain;
718e3744 43}
44
d62a17ae 45static void keychain_free(struct keychain *keychain)
718e3744 46{
d62a17ae 47 QOBJ_UNREG(keychain);
48 XFREE(MTYPE_KEYCHAIN, keychain);
718e3744 49}
50
d62a17ae 51static struct key *key_new(void)
718e3744 52{
d62a17ae 53 struct key *key = XCALLOC(MTYPE_KEY, sizeof(struct key));
54 QOBJ_REG(key, key);
55 return key;
718e3744 56}
57
d62a17ae 58static void key_free(struct key *key)
718e3744 59{
d62a17ae 60 QOBJ_UNREG(key);
61 XFREE(MTYPE_KEY, key);
718e3744 62}
63
d62a17ae 64struct keychain *keychain_lookup(const char *name)
718e3744 65{
d62a17ae 66 struct listnode *node;
67 struct keychain *keychain;
718e3744 68
d62a17ae 69 if (name == NULL)
70 return NULL;
718e3744 71
d62a17ae 72 for (ALL_LIST_ELEMENTS_RO(keychain_list, node, keychain)) {
73 if (strcmp(keychain->name, name) == 0)
74 return keychain;
75 }
76 return NULL;
718e3744 77}
78
d62a17ae 79static int key_cmp_func(void *arg1, void *arg2)
718e3744 80{
d62a17ae 81 const struct key *k1 = arg1;
82 const struct key *k2 = arg2;
83
84 if (k1->index > k2->index)
85 return 1;
86 if (k1->index < k2->index)
87 return -1;
88 return 0;
718e3744 89}
90
d62a17ae 91static void key_delete_func(struct key *key)
718e3744 92{
d62a17ae 93 if (key->string)
94 free(key->string);
95 key_free(key);
718e3744 96}
97
d62a17ae 98static struct keychain *keychain_get(const char *name)
718e3744 99{
d62a17ae 100 struct keychain *keychain;
718e3744 101
d62a17ae 102 keychain = keychain_lookup(name);
718e3744 103
d62a17ae 104 if (keychain)
105 return keychain;
718e3744 106
d62a17ae 107 keychain = keychain_new();
108 keychain->name = XSTRDUP(MTYPE_KEYCHAIN, name);
109 keychain->key = list_new();
110 keychain->key->cmp = (int (*)(void *, void *))key_cmp_func;
111 keychain->key->del = (void (*)(void *))key_delete_func;
112 listnode_add(keychain_list, keychain);
718e3744 113
d62a17ae 114 return keychain;
718e3744 115}
116
d62a17ae 117static void keychain_delete(struct keychain *keychain)
718e3744 118{
d62a17ae 119 if (keychain->name)
120 XFREE(MTYPE_KEYCHAIN, keychain->name);
718e3744 121
d62a17ae 122 list_delete(keychain->key);
123 listnode_delete(keychain_list, keychain);
124 keychain_free(keychain);
718e3744 125}
126
d62a17ae 127static struct key *key_lookup(const struct keychain *keychain, u_int32_t index)
718e3744 128{
d62a17ae 129 struct listnode *node;
130 struct key *key;
718e3744 131
d62a17ae 132 for (ALL_LIST_ELEMENTS_RO(keychain->key, node, key)) {
133 if (key->index == index)
134 return key;
135 }
136 return NULL;
718e3744 137}
138
d62a17ae 139struct key *key_lookup_for_accept(const struct keychain *keychain,
140 u_int32_t index)
718e3744 141{
d62a17ae 142 struct listnode *node;
143 struct key *key;
144 time_t now;
145
146 now = time(NULL);
147
148 for (ALL_LIST_ELEMENTS_RO(keychain->key, node, key)) {
149 if (key->index >= index) {
150 if (key->accept.start == 0)
151 return key;
152
153 if (key->accept.start <= now)
154 if (key->accept.end >= now
155 || key->accept.end == -1)
156 return key;
157 }
718e3744 158 }
d62a17ae 159 return NULL;
718e3744 160}
161
d62a17ae 162struct key *key_match_for_accept(const struct keychain *keychain,
163 const char *auth_str)
718e3744 164{
d62a17ae 165 struct listnode *node;
166 struct key *key;
167 time_t now;
168
169 now = time(NULL);
170
171 for (ALL_LIST_ELEMENTS_RO(keychain->key, node, key)) {
172 if (key->accept.start == 0
173 || (key->accept.start <= now
174 && (key->accept.end >= now || key->accept.end == -1)))
175 if (strncmp(key->string, auth_str, 16) == 0)
176 return key;
177 }
178 return NULL;
718e3744 179}
180
d62a17ae 181struct key *key_lookup_for_send(const struct keychain *keychain)
718e3744 182{
d62a17ae 183 struct listnode *node;
184 struct key *key;
185 time_t now;
718e3744 186
d62a17ae 187 now = time(NULL);
718e3744 188
d62a17ae 189 for (ALL_LIST_ELEMENTS_RO(keychain->key, node, key)) {
190 if (key->send.start == 0)
191 return key;
718e3744 192
d62a17ae 193 if (key->send.start <= now)
194 if (key->send.end >= now || key->send.end == -1)
195 return key;
196 }
197 return NULL;
718e3744 198}
199
d62a17ae 200static struct key *key_get(const struct keychain *keychain, u_int32_t index)
718e3744 201{
d62a17ae 202 struct key *key;
718e3744 203
d62a17ae 204 key = key_lookup(keychain, index);
718e3744 205
d62a17ae 206 if (key)
207 return key;
718e3744 208
d62a17ae 209 key = key_new();
210 key->index = index;
211 listnode_add_sort(keychain->key, key);
718e3744 212
d62a17ae 213 return key;
718e3744 214}
215
d62a17ae 216static void key_delete(struct keychain *keychain, struct key *key)
718e3744 217{
d62a17ae 218 listnode_delete(keychain->key, key);
718e3744 219
d62a17ae 220 if (key->string)
221 XFREE(MTYPE_KEY, key->string);
222 key_free(key);
718e3744 223}
6b0655a2 224
505e5056 225DEFUN_NOSH (key_chain,
718e3744 226 key_chain_cmd,
227 "key chain WORD",
228 "Authentication key management\n"
229 "Key-chain management\n"
230 "Key-chain name\n")
231{
d62a17ae 232 int idx_word = 2;
233 struct keychain *keychain;
718e3744 234
d62a17ae 235 keychain = keychain_get(argv[idx_word]->arg);
236 VTY_PUSH_CONTEXT(KEYCHAIN_NODE, keychain);
718e3744 237
d62a17ae 238 return CMD_SUCCESS;
718e3744 239}
240
241DEFUN (no_key_chain,
242 no_key_chain_cmd,
243 "no key chain WORD",
244 NO_STR
245 "Authentication key management\n"
246 "Key-chain management\n"
247 "Key-chain name\n")
248{
d62a17ae 249 int idx_word = 3;
250 struct keychain *keychain;
718e3744 251
d62a17ae 252 keychain = keychain_lookup(argv[idx_word]->arg);
718e3744 253
d62a17ae 254 if (!keychain) {
255 vty_out(vty, "Can't find keychain %s\n", argv[idx_word]->arg);
256 return CMD_WARNING_CONFIG_FAILED;
257 }
718e3744 258
d62a17ae 259 keychain_delete(keychain);
718e3744 260
d62a17ae 261 return CMD_SUCCESS;
718e3744 262}
263
505e5056 264DEFUN_NOSH (key,
718e3744 265 key_cmd,
6147e2c6 266 "key (0-2147483647)",
718e3744 267 "Configure a key\n"
268 "Key identifier number\n")
269{
d62a17ae 270 int idx_number = 1;
271 VTY_DECLVAR_CONTEXT(keychain, keychain);
272 struct key *key;
273 u_int32_t index;
274
275 index = strtoul(argv[idx_number]->arg, NULL, 10);
276 key = key_get(keychain, index);
277 VTY_PUSH_CONTEXT_SUB(KEYCHAIN_KEY_NODE, key);
278
279 return CMD_SUCCESS;
718e3744 280}
281
282DEFUN (no_key,
283 no_key_cmd,
6147e2c6 284 "no key (0-2147483647)",
718e3744 285 NO_STR
286 "Delete a key\n"
287 "Key identifier number\n")
288{
d62a17ae 289 int idx_number = 2;
290 VTY_DECLVAR_CONTEXT(keychain, keychain);
291 struct key *key;
292 u_int32_t index;
293
294 index = strtoul(argv[idx_number]->arg, NULL, 10);
295 key = key_lookup(keychain, index);
296 if (!key) {
297 vty_out(vty, "Can't find key %d\n", index);
298 return CMD_WARNING_CONFIG_FAILED;
299 }
300
301 key_delete(keychain, key);
302
303 vty->node = KEYCHAIN_NODE;
304
305 return CMD_SUCCESS;
718e3744 306}
307
308DEFUN (key_string,
309 key_string_cmd,
310 "key-string LINE",
311 "Set key string\n"
312 "The key\n")
313{
d62a17ae 314 int idx_line = 1;
315 VTY_DECLVAR_CONTEXT_SUB(key, key);
718e3744 316
d62a17ae 317 if (key->string)
318 XFREE(MTYPE_KEY, key->string);
319 key->string = XSTRDUP(MTYPE_KEY, argv[idx_line]->arg);
718e3744 320
d62a17ae 321 return CMD_SUCCESS;
718e3744 322}
323
324DEFUN (no_key_string,
325 no_key_string_cmd,
326 "no key-string [LINE]",
327 NO_STR
328 "Unset key string\n"
329 "The key\n")
330{
d62a17ae 331 VTY_DECLVAR_CONTEXT_SUB(key, key);
718e3744 332
d62a17ae 333 if (key->string) {
334 XFREE(MTYPE_KEY, key->string);
335 key->string = NULL;
336 }
718e3744 337
d62a17ae 338 return CMD_SUCCESS;
718e3744 339}
340
341/* Convert HH:MM:SS MON DAY YEAR to time_t value. -1 is returned when
342 given string is malformed. */
d62a17ae 343static time_t key_str2time(const char *time_str, const char *day_str,
344 const char *month_str, const char *year_str)
718e3744 345{
d62a17ae 346 int i = 0;
347 char *colon;
348 struct tm tm;
349 time_t time;
350 unsigned int sec, min, hour;
351 unsigned int day, month, year;
352
353 const char *month_name[] = {
354 "January", "February", "March", "April", "May",
355 "June", "July", "August", "September", "October",
356 "November", "December", NULL};
357
358#define _GET_LONG_RANGE(V, STR, MMCOND) \
359 { \
360 unsigned long tmpl; \
361 char *endptr = NULL; \
362 tmpl = strtoul((STR), &endptr, 10); \
363 if (*endptr != '\0' || tmpl == ULONG_MAX) \
364 return -1; \
365 if (MMCOND) \
366 return -1; \
367 (V) = tmpl; \
718e3744 368 }
d62a17ae 369#define GET_LONG_RANGE(V, STR, MIN, MAX) \
370 _GET_LONG_RANGE(V, STR, tmpl<(MIN) || tmpl>(MAX))
371#define GET_LONG_RANGE0(V, STR, MAX) _GET_LONG_RANGE(V, STR, tmpl > (MAX))
372
373 /* Check hour field of time_str. */
374 colon = strchr(time_str, ':');
375 if (colon == NULL)
376 return -1;
377 *colon = '\0';
378
379 /* Hour must be between 0 and 23. */
380 GET_LONG_RANGE0(hour, time_str, 23);
381
382 /* Check min field of time_str. */
383 time_str = colon + 1;
384 colon = strchr(time_str, ':');
385 if (*time_str == '\0' || colon == NULL)
386 return -1;
387 *colon = '\0';
388
389 /* Min must be between 0 and 59. */
390 GET_LONG_RANGE0(min, time_str, 59);
391
392 /* Check sec field of time_str. */
393 time_str = colon + 1;
394 if (*time_str == '\0')
395 return -1;
396
397 /* Sec must be between 0 and 59. */
398 GET_LONG_RANGE0(sec, time_str, 59);
399
400 /* Check day_str. Day must be <1-31>. */
401 GET_LONG_RANGE(day, day_str, 1, 31);
402
403 /* Check month_str. Month must match month_name. */
404 month = 0;
405 if (strlen(month_str) >= 3)
406 for (i = 0; month_name[i]; i++)
407 if (strncmp(month_str, month_name[i], strlen(month_str))
408 == 0) {
409 month = i;
410 break;
411 }
412 if (!month_name[i])
413 return -1;
414
415 /* Check year_str. Year must be <1993-2035>. */
416 GET_LONG_RANGE(year, year_str, 1993, 2035);
417
418 memset(&tm, 0, sizeof(struct tm));
419 tm.tm_sec = sec;
420 tm.tm_min = min;
421 tm.tm_hour = hour;
422 tm.tm_mon = month;
423 tm.tm_mday = day;
424 tm.tm_year = year - 1900;
425
426 time = mktime(&tm);
427
428 return time;
8cc4198f 429#undef GET_LONG_RANGE
718e3744 430}
431
d62a17ae 432static int key_lifetime_set(struct vty *vty, struct key_range *krange,
433 const char *stime_str, const char *sday_str,
434 const char *smonth_str, const char *syear_str,
435 const char *etime_str, const char *eday_str,
436 const char *emonth_str, const char *eyear_str)
718e3744 437{
d62a17ae 438 time_t time_start;
439 time_t time_end;
440
441 time_start = key_str2time(stime_str, sday_str, smonth_str, syear_str);
442 if (time_start < 0) {
443 vty_out(vty, "Malformed time value\n");
444 return CMD_WARNING_CONFIG_FAILED;
445 }
446 time_end = key_str2time(etime_str, eday_str, emonth_str, eyear_str);
447
448 if (time_end < 0) {
449 vty_out(vty, "Malformed time value\n");
450 return CMD_WARNING_CONFIG_FAILED;
451 }
452
453 if (time_end <= time_start) {
454 vty_out(vty, "Expire time is not later than start time\n");
455 return CMD_WARNING_CONFIG_FAILED;
456 }
457
458 krange->start = time_start;
459 krange->end = time_end;
460
461 return CMD_SUCCESS;
718e3744 462}
463
d62a17ae 464static int key_lifetime_duration_set(struct vty *vty, struct key_range *krange,
465 const char *stime_str,
466 const char *sday_str,
467 const char *smonth_str,
468 const char *syear_str,
469 const char *duration_str)
718e3744 470{
d62a17ae 471 time_t time_start;
472 u_int32_t duration;
473
474 time_start = key_str2time(stime_str, sday_str, smonth_str, syear_str);
475 if (time_start < 0) {
476 vty_out(vty, "Malformed time value\n");
477 return CMD_WARNING_CONFIG_FAILED;
478 }
479 krange->start = time_start;
480
481 duration = strtoul(duration_str, NULL, 10);
482 krange->duration = 1;
483 krange->end = time_start + duration;
484
485 return CMD_SUCCESS;
718e3744 486}
487
d62a17ae 488static int key_lifetime_infinite_set(struct vty *vty, struct key_range *krange,
489 const char *stime_str,
490 const char *sday_str,
491 const char *smonth_str,
492 const char *syear_str)
718e3744 493{
d62a17ae 494 time_t time_start;
495
496 time_start = key_str2time(stime_str, sday_str, smonth_str, syear_str);
497 if (time_start < 0) {
498 vty_out(vty, "Malformed time value\n");
499 return CMD_WARNING_CONFIG_FAILED;
500 }
501 krange->start = time_start;
502
503 krange->end = -1;
504
505 return CMD_SUCCESS;
718e3744 506}
6b0655a2 507
718e3744 508DEFUN (accept_lifetime_day_month_day_month,
509 accept_lifetime_day_month_day_month_cmd,
6147e2c6 510 "accept-lifetime HH:MM:SS (1-31) MONTH (1993-2035) HH:MM:SS (1-31) MONTH (1993-2035)",
718e3744 511 "Set accept lifetime of the key\n"
512 "Time to start\n"
513 "Day of th month to start\n"
514 "Month of the year to start\n"
515 "Year to start\n"
516 "Time to expire\n"
517 "Day of th month to expire\n"
518 "Month of the year to expire\n"
519 "Year to expire\n")
520{
d62a17ae 521 int idx_hhmmss = 1;
522 int idx_number = 2;
523 int idx_month = 3;
524 int idx_number_2 = 4;
525 int idx_hhmmss_2 = 5;
526 int idx_number_3 = 6;
527 int idx_month_2 = 7;
528 int idx_number_4 = 8;
529 VTY_DECLVAR_CONTEXT_SUB(key, key);
530
531 return key_lifetime_set(
532 vty, &key->accept, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
533 argv[idx_month]->arg, argv[idx_number_2]->arg,
534 argv[idx_hhmmss_2]->arg, argv[idx_number_3]->arg,
535 argv[idx_month_2]->arg, argv[idx_number_4]->arg);
718e3744 536}
537
538DEFUN (accept_lifetime_day_month_month_day,
539 accept_lifetime_day_month_month_day_cmd,
6147e2c6 540 "accept-lifetime HH:MM:SS (1-31) MONTH (1993-2035) HH:MM:SS MONTH (1-31) (1993-2035)",
718e3744 541 "Set accept lifetime of the key\n"
542 "Time to start\n"
543 "Day of th month to start\n"
544 "Month of the year to start\n"
545 "Year to start\n"
546 "Time to expire\n"
547 "Month of the year to expire\n"
548 "Day of th month to expire\n"
549 "Year to expire\n")
550{
d62a17ae 551 int idx_hhmmss = 1;
552 int idx_number = 2;
553 int idx_month = 3;
554 int idx_number_2 = 4;
555 int idx_hhmmss_2 = 5;
556 int idx_month_2 = 6;
557 int idx_number_3 = 7;
558 int idx_number_4 = 8;
559 VTY_DECLVAR_CONTEXT_SUB(key, key);
560
561 return key_lifetime_set(
562 vty, &key->accept, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
563 argv[idx_month]->arg, argv[idx_number_2]->arg,
564 argv[idx_hhmmss_2]->arg, argv[idx_number_3]->arg,
565 argv[idx_month_2]->arg, argv[idx_number_4]->arg);
718e3744 566}
567
568DEFUN (accept_lifetime_month_day_day_month,
569 accept_lifetime_month_day_day_month_cmd,
6147e2c6 570 "accept-lifetime HH:MM:SS MONTH (1-31) (1993-2035) HH:MM:SS (1-31) MONTH (1993-2035)",
718e3744 571 "Set accept lifetime of the key\n"
572 "Time to start\n"
573 "Month of the year to start\n"
574 "Day of th month to start\n"
575 "Year to start\n"
576 "Time to expire\n"
577 "Day of th month to expire\n"
578 "Month of the year to expire\n"
579 "Year to expire\n")
580{
d62a17ae 581 int idx_hhmmss = 1;
582 int idx_month = 2;
583 int idx_number = 3;
584 int idx_number_2 = 4;
585 int idx_hhmmss_2 = 5;
586 int idx_number_3 = 6;
587 int idx_month_2 = 7;
588 int idx_number_4 = 8;
589 VTY_DECLVAR_CONTEXT_SUB(key, key);
590
591 return key_lifetime_set(
592 vty, &key->accept, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
593 argv[idx_month]->arg, argv[idx_number_2]->arg,
594 argv[idx_hhmmss_2]->arg, argv[idx_number_3]->arg,
595 argv[idx_month_2]->arg, argv[idx_number_4]->arg);
718e3744 596}
597
598DEFUN (accept_lifetime_month_day_month_day,
599 accept_lifetime_month_day_month_day_cmd,
6147e2c6 600 "accept-lifetime HH:MM:SS MONTH (1-31) (1993-2035) HH:MM:SS MONTH (1-31) (1993-2035)",
718e3744 601 "Set accept lifetime of the key\n"
602 "Time to start\n"
603 "Month of the year to start\n"
604 "Day of th month to start\n"
605 "Year to start\n"
606 "Time to expire\n"
607 "Month of the year to expire\n"
608 "Day of th month to expire\n"
609 "Year to expire\n")
610{
d62a17ae 611 int idx_hhmmss = 1;
612 int idx_month = 2;
613 int idx_number = 3;
614 int idx_number_2 = 4;
615 int idx_hhmmss_2 = 5;
616 int idx_month_2 = 6;
617 int idx_number_3 = 7;
618 int idx_number_4 = 8;
619 VTY_DECLVAR_CONTEXT_SUB(key, key);
620
621 return key_lifetime_set(
622 vty, &key->accept, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
623 argv[idx_month]->arg, argv[idx_number_2]->arg,
624 argv[idx_hhmmss_2]->arg, argv[idx_number_3]->arg,
625 argv[idx_month_2]->arg, argv[idx_number_4]->arg);
718e3744 626}
627
628DEFUN (accept_lifetime_infinite_day_month,
629 accept_lifetime_infinite_day_month_cmd,
6147e2c6 630 "accept-lifetime HH:MM:SS (1-31) MONTH (1993-2035) infinite",
718e3744 631 "Set accept lifetime of the key\n"
632 "Time to start\n"
633 "Day of th month to start\n"
634 "Month of the year to start\n"
635 "Year to start\n"
636 "Never expires")
637{
d62a17ae 638 int idx_hhmmss = 1;
639 int idx_number = 2;
640 int idx_month = 3;
641 int idx_number_2 = 4;
642 VTY_DECLVAR_CONTEXT_SUB(key, key);
643
644 return key_lifetime_infinite_set(
645 vty, &key->accept, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
646 argv[idx_month]->arg, argv[idx_number_2]->arg);
718e3744 647}
648
649DEFUN (accept_lifetime_infinite_month_day,
650 accept_lifetime_infinite_month_day_cmd,
6147e2c6 651 "accept-lifetime HH:MM:SS MONTH (1-31) (1993-2035) infinite",
718e3744 652 "Set accept lifetime of the key\n"
653 "Time to start\n"
654 "Month of the year to start\n"
655 "Day of th month to start\n"
656 "Year to start\n"
657 "Never expires")
658{
d62a17ae 659 int idx_hhmmss = 1;
660 int idx_month = 2;
661 int idx_number = 3;
662 int idx_number_2 = 4;
663 VTY_DECLVAR_CONTEXT_SUB(key, key);
664
665 return key_lifetime_infinite_set(
666 vty, &key->accept, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
667 argv[idx_month]->arg, argv[idx_number_2]->arg);
718e3744 668}
669
670DEFUN (accept_lifetime_duration_day_month,
671 accept_lifetime_duration_day_month_cmd,
6147e2c6 672 "accept-lifetime HH:MM:SS (1-31) MONTH (1993-2035) duration (1-2147483646)",
718e3744 673 "Set accept lifetime of the key\n"
674 "Time to start\n"
675 "Day of th month to start\n"
676 "Month of the year to start\n"
677 "Year to start\n"
678 "Duration of the key\n"
679 "Duration seconds\n")
680{
d62a17ae 681 int idx_hhmmss = 1;
682 int idx_number = 2;
683 int idx_month = 3;
684 int idx_number_2 = 4;
685 int idx_number_3 = 6;
686 VTY_DECLVAR_CONTEXT_SUB(key, key);
687
688 return key_lifetime_duration_set(
689 vty, &key->accept, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
690 argv[idx_month]->arg, argv[idx_number_2]->arg,
691 argv[idx_number_3]->arg);
718e3744 692}
693
694DEFUN (accept_lifetime_duration_month_day,
695 accept_lifetime_duration_month_day_cmd,
6147e2c6 696 "accept-lifetime HH:MM:SS MONTH (1-31) (1993-2035) duration (1-2147483646)",
718e3744 697 "Set accept lifetime of the key\n"
698 "Time to start\n"
699 "Month of the year to start\n"
700 "Day of th month to start\n"
701 "Year to start\n"
702 "Duration of the key\n"
703 "Duration seconds\n")
704{
d62a17ae 705 int idx_hhmmss = 1;
706 int idx_month = 2;
707 int idx_number = 3;
708 int idx_number_2 = 4;
709 int idx_number_3 = 6;
710 VTY_DECLVAR_CONTEXT_SUB(key, key);
711
712 return key_lifetime_duration_set(
713 vty, &key->accept, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
714 argv[idx_month]->arg, argv[idx_number_2]->arg,
715 argv[idx_number_3]->arg);
718e3744 716}
6b0655a2 717
718e3744 718DEFUN (send_lifetime_day_month_day_month,
719 send_lifetime_day_month_day_month_cmd,
6147e2c6 720 "send-lifetime HH:MM:SS (1-31) MONTH (1993-2035) HH:MM:SS (1-31) MONTH (1993-2035)",
718e3744 721 "Set send lifetime of the key\n"
722 "Time to start\n"
723 "Day of th month to start\n"
724 "Month of the year to start\n"
725 "Year to start\n"
726 "Time to expire\n"
727 "Day of th month to expire\n"
728 "Month of the year to expire\n"
729 "Year to expire\n")
730{
d62a17ae 731 int idx_hhmmss = 1;
732 int idx_number = 2;
733 int idx_month = 3;
734 int idx_number_2 = 4;
735 int idx_hhmmss_2 = 5;
736 int idx_number_3 = 6;
737 int idx_month_2 = 7;
738 int idx_number_4 = 8;
739 VTY_DECLVAR_CONTEXT_SUB(key, key);
740
741 return key_lifetime_set(
742 vty, &key->send, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
743 argv[idx_month]->arg, argv[idx_number_2]->arg,
744 argv[idx_hhmmss_2]->arg, argv[idx_number_3]->arg,
745 argv[idx_month_2]->arg, argv[idx_number_4]->arg);
718e3744 746}
747
748DEFUN (send_lifetime_day_month_month_day,
749 send_lifetime_day_month_month_day_cmd,
6147e2c6 750 "send-lifetime HH:MM:SS (1-31) MONTH (1993-2035) HH:MM:SS MONTH (1-31) (1993-2035)",
718e3744 751 "Set send lifetime of the key\n"
752 "Time to start\n"
753 "Day of th month to start\n"
754 "Month of the year to start\n"
755 "Year to start\n"
756 "Time to expire\n"
757 "Month of the year to expire\n"
758 "Day of th month to expire\n"
759 "Year to expire\n")
760{
d62a17ae 761 int idx_hhmmss = 1;
762 int idx_number = 2;
763 int idx_month = 3;
764 int idx_number_2 = 4;
765 int idx_hhmmss_2 = 5;
766 int idx_month_2 = 6;
767 int idx_number_3 = 7;
768 int idx_number_4 = 8;
769 VTY_DECLVAR_CONTEXT_SUB(key, key);
770
771 return key_lifetime_set(
772 vty, &key->send, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
773 argv[idx_month]->arg, argv[idx_number_2]->arg,
774 argv[idx_hhmmss_2]->arg, argv[idx_number_3]->arg,
775 argv[idx_month_2]->arg, argv[idx_number_4]->arg);
718e3744 776}
777
778DEFUN (send_lifetime_month_day_day_month,
779 send_lifetime_month_day_day_month_cmd,
6147e2c6 780 "send-lifetime HH:MM:SS MONTH (1-31) (1993-2035) HH:MM:SS (1-31) MONTH (1993-2035)",
718e3744 781 "Set send lifetime of the key\n"
782 "Time to start\n"
783 "Month of the year to start\n"
784 "Day of th month to start\n"
785 "Year to start\n"
786 "Time to expire\n"
787 "Day of th month to expire\n"
788 "Month of the year to expire\n"
789 "Year to expire\n")
790{
d62a17ae 791 int idx_hhmmss = 1;
792 int idx_month = 2;
793 int idx_number = 3;
794 int idx_number_2 = 4;
795 int idx_hhmmss_2 = 5;
796 int idx_number_3 = 6;
797 int idx_month_2 = 7;
798 int idx_number_4 = 8;
799 VTY_DECLVAR_CONTEXT_SUB(key, key);
800
801 return key_lifetime_set(
802 vty, &key->send, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
803 argv[idx_month]->arg, argv[idx_number_2]->arg,
804 argv[idx_hhmmss_2]->arg, argv[idx_number_3]->arg,
805 argv[idx_month_2]->arg, argv[idx_number_4]->arg);
718e3744 806}
807
808DEFUN (send_lifetime_month_day_month_day,
809 send_lifetime_month_day_month_day_cmd,
6147e2c6 810 "send-lifetime HH:MM:SS MONTH (1-31) (1993-2035) HH:MM:SS MONTH (1-31) (1993-2035)",
718e3744 811 "Set send lifetime of the key\n"
812 "Time to start\n"
813 "Month of the year to start\n"
814 "Day of th month to start\n"
815 "Year to start\n"
816 "Time to expire\n"
817 "Month of the year to expire\n"
818 "Day of th month to expire\n"
819 "Year to expire\n")
820{
d62a17ae 821 int idx_hhmmss = 1;
822 int idx_month = 2;
823 int idx_number = 3;
824 int idx_number_2 = 4;
825 int idx_hhmmss_2 = 5;
826 int idx_month_2 = 6;
827 int idx_number_3 = 7;
828 int idx_number_4 = 8;
829 VTY_DECLVAR_CONTEXT_SUB(key, key);
830
831 return key_lifetime_set(
832 vty, &key->send, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
833 argv[idx_month]->arg, argv[idx_number_2]->arg,
834 argv[idx_hhmmss_2]->arg, argv[idx_number_3]->arg,
835 argv[idx_month_2]->arg, argv[idx_number_4]->arg);
718e3744 836}
837
838DEFUN (send_lifetime_infinite_day_month,
839 send_lifetime_infinite_day_month_cmd,
6147e2c6 840 "send-lifetime HH:MM:SS (1-31) MONTH (1993-2035) infinite",
718e3744 841 "Set send lifetime of the key\n"
842 "Time to start\n"
843 "Day of th month to start\n"
844 "Month of the year to start\n"
845 "Year to start\n"
846 "Never expires")
847{
d62a17ae 848 int idx_hhmmss = 1;
849 int idx_number = 2;
850 int idx_month = 3;
851 int idx_number_2 = 4;
852 VTY_DECLVAR_CONTEXT_SUB(key, key);
853
854 return key_lifetime_infinite_set(
855 vty, &key->send, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
856 argv[idx_month]->arg, argv[idx_number_2]->arg);
718e3744 857}
858
859DEFUN (send_lifetime_infinite_month_day,
860 send_lifetime_infinite_month_day_cmd,
6147e2c6 861 "send-lifetime HH:MM:SS MONTH (1-31) (1993-2035) infinite",
718e3744 862 "Set send lifetime of the key\n"
863 "Time to start\n"
864 "Month of the year to start\n"
865 "Day of th month to start\n"
866 "Year to start\n"
867 "Never expires")
868{
d62a17ae 869 int idx_hhmmss = 1;
870 int idx_month = 2;
871 int idx_number = 3;
872 int idx_number_2 = 4;
873 VTY_DECLVAR_CONTEXT_SUB(key, key);
874
875 return key_lifetime_infinite_set(
876 vty, &key->send, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
877 argv[idx_month]->arg, argv[idx_number_2]->arg);
718e3744 878}
879
880DEFUN (send_lifetime_duration_day_month,
881 send_lifetime_duration_day_month_cmd,
6147e2c6 882 "send-lifetime HH:MM:SS (1-31) MONTH (1993-2035) duration (1-2147483646)",
718e3744 883 "Set send lifetime of the key\n"
884 "Time to start\n"
885 "Day of th month to start\n"
886 "Month of the year to start\n"
887 "Year to start\n"
888 "Duration of the key\n"
889 "Duration seconds\n")
890{
d62a17ae 891 int idx_hhmmss = 1;
892 int idx_number = 2;
893 int idx_month = 3;
894 int idx_number_2 = 4;
895 int idx_number_3 = 6;
896 VTY_DECLVAR_CONTEXT_SUB(key, key);
897
898 return key_lifetime_duration_set(
899 vty, &key->send, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
900 argv[idx_month]->arg, argv[idx_number_2]->arg,
901 argv[idx_number_3]->arg);
718e3744 902}
903
904DEFUN (send_lifetime_duration_month_day,
905 send_lifetime_duration_month_day_cmd,
6147e2c6 906 "send-lifetime HH:MM:SS MONTH (1-31) (1993-2035) duration (1-2147483646)",
718e3744 907 "Set send lifetime of the key\n"
908 "Time to start\n"
909 "Month of the year to start\n"
910 "Day of th month to start\n"
911 "Year to start\n"
912 "Duration of the key\n"
913 "Duration seconds\n")
914{
d62a17ae 915 int idx_hhmmss = 1;
916 int idx_month = 2;
917 int idx_number = 3;
918 int idx_number_2 = 4;
919 int idx_number_3 = 6;
920 VTY_DECLVAR_CONTEXT_SUB(key, key);
921
922 return key_lifetime_duration_set(
923 vty, &key->send, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
924 argv[idx_month]->arg, argv[idx_number_2]->arg,
925 argv[idx_number_3]->arg);
718e3744 926}
6b0655a2 927
d62a17ae 928static struct cmd_node keychain_node = {KEYCHAIN_NODE, "%s(config-keychain)# ",
929 1};
718e3744 930
d62a17ae 931static struct cmd_node keychain_key_node = {KEYCHAIN_KEY_NODE,
932 "%s(config-keychain-key)# ", 1};
718e3744 933
d62a17ae 934static int keychain_strftime(char *buf, int bufsiz, time_t *time)
718e3744 935{
d62a17ae 936 struct tm *tm;
937 size_t len;
718e3744 938
d62a17ae 939 tm = localtime(time);
718e3744 940
d62a17ae 941 len = strftime(buf, bufsiz, "%T %b %d %Y", tm);
718e3744 942
d62a17ae 943 return len;
718e3744 944}
945
d62a17ae 946static int keychain_config_write(struct vty *vty)
718e3744 947{
d62a17ae 948 struct keychain *keychain;
949 struct key *key;
950 struct listnode *node;
951 struct listnode *knode;
952 char buf[BUFSIZ];
953
954 for (ALL_LIST_ELEMENTS_RO(keychain_list, node, keychain)) {
955 vty_out(vty, "key chain %s\n", keychain->name);
956
957 for (ALL_LIST_ELEMENTS_RO(keychain->key, knode, key)) {
958 vty_out(vty, " key %d\n", key->index);
959
960 if (key->string)
961 vty_out(vty, " key-string %s\n", key->string);
962
963 if (key->accept.start) {
964 keychain_strftime(buf, BUFSIZ,
965 &key->accept.start);
966 vty_out(vty, " accept-lifetime %s", buf);
967
968 if (key->accept.end == -1)
969 vty_out(vty, " infinite");
970 else if (key->accept.duration)
971 vty_out(vty, " duration %ld",
972 (long)(key->accept.end
973 - key->accept.start));
974 else {
975 keychain_strftime(buf, BUFSIZ,
976 &key->accept.end);
977 vty_out(vty, " %s", buf);
978 }
979 vty_out(vty, "\n");
980 }
981
982 if (key->send.start) {
983 keychain_strftime(buf, BUFSIZ,
984 &key->send.start);
985 vty_out(vty, " send-lifetime %s", buf);
986
987 if (key->send.end == -1)
988 vty_out(vty, " infinite");
989 else if (key->send.duration)
990 vty_out(vty, " duration %ld",
991 (long)(key->send.end
992 - key->send.start));
993 else {
994 keychain_strftime(buf, BUFSIZ,
995 &key->send.end);
996 vty_out(vty, " %s", buf);
997 }
998 vty_out(vty, "\n");
999 }
718e3744 1000 }
d62a17ae 1001 vty_out(vty, "!\n");
718e3744 1002 }
718e3744 1003
d62a17ae 1004 return 0;
718e3744 1005}
1006
d62a17ae 1007void keychain_init()
718e3744 1008{
d62a17ae 1009 keychain_list = list_new();
1010
1011 install_node(&keychain_node, keychain_config_write);
1012 install_node(&keychain_key_node, NULL);
1013
1014 install_default(KEYCHAIN_NODE);
1015 install_default(KEYCHAIN_KEY_NODE);
1016
1017 install_element(CONFIG_NODE, &key_chain_cmd);
1018 install_element(CONFIG_NODE, &no_key_chain_cmd);
1019 install_element(KEYCHAIN_NODE, &key_cmd);
1020 install_element(KEYCHAIN_NODE, &no_key_cmd);
1021
1022 install_element(KEYCHAIN_NODE, &key_chain_cmd);
1023 install_element(KEYCHAIN_NODE, &no_key_chain_cmd);
1024
1025 install_element(KEYCHAIN_KEY_NODE, &key_string_cmd);
1026 install_element(KEYCHAIN_KEY_NODE, &no_key_string_cmd);
1027
1028 install_element(KEYCHAIN_KEY_NODE, &key_chain_cmd);
1029 install_element(KEYCHAIN_KEY_NODE, &no_key_chain_cmd);
1030
1031 install_element(KEYCHAIN_KEY_NODE, &key_cmd);
1032 install_element(KEYCHAIN_KEY_NODE, &no_key_cmd);
1033
1034 install_element(KEYCHAIN_KEY_NODE,
1035 &accept_lifetime_day_month_day_month_cmd);
1036 install_element(KEYCHAIN_KEY_NODE,
1037 &accept_lifetime_day_month_month_day_cmd);
1038 install_element(KEYCHAIN_KEY_NODE,
1039 &accept_lifetime_month_day_day_month_cmd);
1040 install_element(KEYCHAIN_KEY_NODE,
1041 &accept_lifetime_month_day_month_day_cmd);
1042 install_element(KEYCHAIN_KEY_NODE,
1043 &accept_lifetime_infinite_day_month_cmd);
1044 install_element(KEYCHAIN_KEY_NODE,
1045 &accept_lifetime_infinite_month_day_cmd);
1046 install_element(KEYCHAIN_KEY_NODE,
1047 &accept_lifetime_duration_day_month_cmd);
1048 install_element(KEYCHAIN_KEY_NODE,
1049 &accept_lifetime_duration_month_day_cmd);
1050
1051 install_element(KEYCHAIN_KEY_NODE,
1052 &send_lifetime_day_month_day_month_cmd);
1053 install_element(KEYCHAIN_KEY_NODE,
1054 &send_lifetime_day_month_month_day_cmd);
1055 install_element(KEYCHAIN_KEY_NODE,
1056 &send_lifetime_month_day_day_month_cmd);
1057 install_element(KEYCHAIN_KEY_NODE,
1058 &send_lifetime_month_day_month_day_cmd);
1059 install_element(KEYCHAIN_KEY_NODE,
1060 &send_lifetime_infinite_day_month_cmd);
1061 install_element(KEYCHAIN_KEY_NODE,
1062 &send_lifetime_infinite_month_day_cmd);
1063 install_element(KEYCHAIN_KEY_NODE,
1064 &send_lifetime_duration_day_month_cmd);
1065 install_element(KEYCHAIN_KEY_NODE,
1066 &send_lifetime_duration_month_day_cmd);
718e3744 1067}
FRRouting mirror