]> git.proxmox.com Git - mirror_frr.git/blame - lib/keychain.c
projects / mirror_frr.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Merge pull request #5746 from donaldsharp/bgp_sa
[mirror_frr.git] / lib / keychain.c
CommitLineData
718e3744 1/* key-chain for authentication.
896014f4
DL		 2 * Copyright (C) 2000 Kunihiro Ishiguro
3 *
4 * This file is part of GNU Zebra.
5 *
6 * GNU Zebra is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published
8 * by the Free Software Foundation; either version 2, or (at your
9 * option) any later version.
10 *
11 * GNU Zebra is distributed in the hope that it will be useful, but
12 * WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License along
17 * with this program; see the file COPYING; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
19 */
718e3744 20
21#include <zebra.h>
22
23#include "command.h"
24#include "memory.h"
25#include "linklist.h"
26#include "keychain.h"
27
d62a17ae 28DEFINE_MTYPE_STATIC(LIB, KEY, "Key")
4a1ab8e4
DL		 29DEFINE_MTYPE_STATIC(LIB, KEYCHAIN, "Key chain")
30
e80e7cce
DL		 31DEFINE_QOBJ_TYPE(keychain)
32DEFINE_QOBJ_TYPE(key)
33
718e3744 34/* Master list of key chain. */
c17faa4b 35static struct list *keychain_list;
718e3744 36
d62a17ae 37static struct keychain *keychain_new(void)
718e3744 38{
d62a17ae 39 struct keychain *keychain;
40 keychain = XCALLOC(MTYPE_KEYCHAIN, sizeof(struct keychain));
41 QOBJ_REG(keychain, keychain);
42 return keychain;
718e3744 43}
44
d62a17ae 45static void keychain_free(struct keychain *keychain)
718e3744 46{
d62a17ae 47 QOBJ_UNREG(keychain);
48 XFREE(MTYPE_KEYCHAIN, keychain);
718e3744 49}
50
d62a17ae 51static struct key *key_new(void)
718e3744 52{
d62a17ae 53 struct key *key = XCALLOC(MTYPE_KEY, sizeof(struct key));
54 QOBJ_REG(key, key);
55 return key;
718e3744 56}
57
d62a17ae 58static void key_free(struct key *key)
718e3744 59{
d62a17ae 60 QOBJ_UNREG(key);
61 XFREE(MTYPE_KEY, key);
718e3744 62}
63
d62a17ae 64struct keychain *keychain_lookup(const char *name)
718e3744 65{
d62a17ae 66 struct listnode *node;
67 struct keychain *keychain;
718e3744 68
d62a17ae 69 if (name == NULL)
70 return NULL;
718e3744 71
d62a17ae 72 for (ALL_LIST_ELEMENTS_RO(keychain_list, node, keychain)) {
73 if (strcmp(keychain->name, name) == 0)
74 return keychain;
75 }
76 return NULL;
718e3744 77}
78
d62a17ae 79static int key_cmp_func(void *arg1, void *arg2)
718e3744 80{
d62a17ae 81 const struct key *k1 = arg1;
82 const struct key *k2 = arg2;
83
84 if (k1->index > k2->index)
85 return 1;
86 if (k1->index < k2->index)
87 return -1;
88 return 0;
718e3744 89}
90
d62a17ae 91static void key_delete_func(struct key *key)
718e3744 92{
d62a17ae 93 if (key->string)
94 free(key->string);
95 key_free(key);
718e3744 96}
97
d62a17ae 98static struct keychain *keychain_get(const char *name)
718e3744 99{
d62a17ae 100 struct keychain *keychain;
718e3744 101
d62a17ae 102 keychain = keychain_lookup(name);
718e3744 103
d62a17ae 104 if (keychain)
105 return keychain;
718e3744 106
d62a17ae 107 keychain = keychain_new();
108 keychain->name = XSTRDUP(MTYPE_KEYCHAIN, name);
109 keychain->key = list_new();
110 keychain->key->cmp = (int (*)(void *, void *))key_cmp_func;
111 keychain->key->del = (void (*)(void *))key_delete_func;
112 listnode_add(keychain_list, keychain);
718e3744 113
d62a17ae 114 return keychain;
718e3744 115}
116
d62a17ae 117static void keychain_delete(struct keychain *keychain)
718e3744 118{
0a22ddfb 119 XFREE(MTYPE_KEYCHAIN, keychain->name);
718e3744 120
6a154c88 121 list_delete(&keychain->key);
d62a17ae 122 listnode_delete(keychain_list, keychain);
123 keychain_free(keychain);
718e3744 124}
125
d7c0a89a 126static struct key *key_lookup(const struct keychain *keychain, uint32_t index)
718e3744 127{
d62a17ae 128 struct listnode *node;
129 struct key *key;
718e3744 130
d62a17ae 131 for (ALL_LIST_ELEMENTS_RO(keychain->key, node, key)) {
132 if (key->index == index)
133 return key;
134 }
135 return NULL;
718e3744 136}
137
d62a17ae 138struct key *key_lookup_for_accept(const struct keychain *keychain,
d7c0a89a 139 uint32_t index)
718e3744 140{
d62a17ae 141 struct listnode *node;
142 struct key *key;
143 time_t now;
144
145 now = time(NULL);
146
147 for (ALL_LIST_ELEMENTS_RO(keychain->key, node, key)) {
148 if (key->index >= index) {
149 if (key->accept.start == 0)
150 return key;
151
152 if (key->accept.start <= now)
153 if (key->accept.end >= now
154 || key->accept.end == -1)
155 return key;
156 }
718e3744 157 }
d62a17ae 158 return NULL;
718e3744 159}
160
d62a17ae 161struct key *key_match_for_accept(const struct keychain *keychain,
162 const char *auth_str)
718e3744 163{
d62a17ae 164 struct listnode *node;
165 struct key *key;
166 time_t now;
167
168 now = time(NULL);
169
170 for (ALL_LIST_ELEMENTS_RO(keychain->key, node, key)) {
171 if (key->accept.start == 0
172 || (key->accept.start <= now
173 && (key->accept.end >= now || key->accept.end == -1)))
c4efb224 174 if (key->string && (strncmp(key->string, auth_str, 16) == 0))
d62a17ae 175 return key;
176 }
177 return NULL;
718e3744 178}
179
d62a17ae 180struct key *key_lookup_for_send(const struct keychain *keychain)
718e3744 181{
d62a17ae 182 struct listnode *node;
183 struct key *key;
184 time_t now;
718e3744 185
d62a17ae 186 now = time(NULL);
718e3744 187
d62a17ae 188 for (ALL_LIST_ELEMENTS_RO(keychain->key, node, key)) {
189 if (key->send.start == 0)
190 return key;
718e3744 191
d62a17ae 192 if (key->send.start <= now)
193 if (key->send.end >= now || key->send.end == -1)
194 return key;
195 }
196 return NULL;
718e3744 197}
198
d7c0a89a 199static struct key *key_get(const struct keychain *keychain, uint32_t index)
718e3744 200{
d62a17ae 201 struct key *key;
718e3744 202
d62a17ae 203 key = key_lookup(keychain, index);
718e3744 204
d62a17ae 205 if (key)
206 return key;
718e3744 207
d62a17ae 208 key = key_new();
209 key->index = index;
210 listnode_add_sort(keychain->key, key);
718e3744 211
d62a17ae 212 return key;
718e3744 213}
214
d62a17ae 215static void key_delete(struct keychain *keychain, struct key *key)
718e3744 216{
d62a17ae 217 listnode_delete(keychain->key, key);
718e3744 218
0a22ddfb 219 XFREE(MTYPE_KEY, key->string);
d62a17ae 220 key_free(key);
718e3744 221}
6b0655a2 222
505e5056 223DEFUN_NOSH (key_chain,
718e3744 224 key_chain_cmd,
225 "key chain WORD",
226 "Authentication key management\n"
227 "Key-chain management\n"
228 "Key-chain name\n")
229{
d62a17ae 230 int idx_word = 2;
231 struct keychain *keychain;
718e3744 232
d62a17ae 233 keychain = keychain_get(argv[idx_word]->arg);
234 VTY_PUSH_CONTEXT(KEYCHAIN_NODE, keychain);
718e3744 235
d62a17ae 236 return CMD_SUCCESS;
718e3744 237}
238
239DEFUN (no_key_chain,
240 no_key_chain_cmd,
241 "no key chain WORD",
242 NO_STR
243 "Authentication key management\n"
244 "Key-chain management\n"
245 "Key-chain name\n")
246{
d62a17ae 247 int idx_word = 3;
248 struct keychain *keychain;
718e3744 249
d62a17ae 250 keychain = keychain_lookup(argv[idx_word]->arg);
718e3744 251
d62a17ae 252 if (!keychain) {
253 vty_out(vty, "Can't find keychain %s\n", argv[idx_word]->arg);
254 return CMD_WARNING_CONFIG_FAILED;
255 }
718e3744 256
d62a17ae 257 keychain_delete(keychain);
718e3744 258
d62a17ae 259 return CMD_SUCCESS;
718e3744 260}
261
505e5056 262DEFUN_NOSH (key,
718e3744 263 key_cmd,
6147e2c6 264 "key (0-2147483647)",
718e3744 265 "Configure a key\n"
266 "Key identifier number\n")
267{
d62a17ae 268 int idx_number = 1;
269 VTY_DECLVAR_CONTEXT(keychain, keychain);
270 struct key *key;
d7c0a89a 271 uint32_t index;
d62a17ae 272
273 index = strtoul(argv[idx_number]->arg, NULL, 10);
274 key = key_get(keychain, index);
275 VTY_PUSH_CONTEXT_SUB(KEYCHAIN_KEY_NODE, key);
276
277 return CMD_SUCCESS;
718e3744 278}
279
280DEFUN (no_key,
281 no_key_cmd,
6147e2c6 282 "no key (0-2147483647)",
718e3744 283 NO_STR
284 "Delete a key\n"
285 "Key identifier number\n")
286{
d62a17ae 287 int idx_number = 2;
288 VTY_DECLVAR_CONTEXT(keychain, keychain);
289 struct key *key;
d7c0a89a 290 uint32_t index;
d62a17ae 291
292 index = strtoul(argv[idx_number]->arg, NULL, 10);
293 key = key_lookup(keychain, index);
294 if (!key) {
295 vty_out(vty, "Can't find key %d\n", index);
296 return CMD_WARNING_CONFIG_FAILED;
297 }
298
299 key_delete(keychain, key);
300
301 vty->node = KEYCHAIN_NODE;
302
303 return CMD_SUCCESS;
718e3744 304}
305
306DEFUN (key_string,
307 key_string_cmd,
308 "key-string LINE",
309 "Set key string\n"
310 "The key\n")
311{
d62a17ae 312 int idx_line = 1;
313 VTY_DECLVAR_CONTEXT_SUB(key, key);
718e3744 314
d62a17ae 315 if (key->string)
316 XFREE(MTYPE_KEY, key->string);
317 key->string = XSTRDUP(MTYPE_KEY, argv[idx_line]->arg);
718e3744 318
d62a17ae 319 return CMD_SUCCESS;
718e3744 320}
321
322DEFUN (no_key_string,
323 no_key_string_cmd,
324 "no key-string [LINE]",
325 NO_STR
326 "Unset key string\n"
327 "The key\n")
328{
d62a17ae 329 VTY_DECLVAR_CONTEXT_SUB(key, key);
718e3744 330
d62a17ae 331 if (key->string) {
332 XFREE(MTYPE_KEY, key->string);
333 key->string = NULL;
334 }
718e3744 335
d62a17ae 336 return CMD_SUCCESS;
718e3744 337}
338
339/* Convert HH:MM:SS MON DAY YEAR to time_t value. -1 is returned when
340 given string is malformed. */
d62a17ae 341static time_t key_str2time(const char *time_str, const char *day_str,
342 const char *month_str, const char *year_str)
718e3744 343{
d62a17ae 344 int i = 0;
345 char *colon;
346 struct tm tm;
347 time_t time;
348 unsigned int sec, min, hour;
349 unsigned int day, month, year;
350
351 const char *month_name[] = {
352 "January", "February", "March", "April", "May",
353 "June", "July", "August", "September", "October",
354 "November", "December", NULL};
355
356#define _GET_LONG_RANGE(V, STR, MMCOND) \
357 { \
358 unsigned long tmpl; \
359 char *endptr = NULL; \
360 tmpl = strtoul((STR), &endptr, 10); \
361 if (*endptr != '\0' || tmpl == ULONG_MAX) \
362 return -1; \
363 if (MMCOND) \
364 return -1; \
365 (V) = tmpl; \
718e3744 366 }
d62a17ae 367#define GET_LONG_RANGE(V, STR, MIN, MAX) \
368 _GET_LONG_RANGE(V, STR, tmpl<(MIN) || tmpl>(MAX))
369#define GET_LONG_RANGE0(V, STR, MAX) _GET_LONG_RANGE(V, STR, tmpl > (MAX))
370
371 /* Check hour field of time_str. */
372 colon = strchr(time_str, ':');
373 if (colon == NULL)
374 return -1;
375 *colon = '\0';
376
377 /* Hour must be between 0 and 23. */
378 GET_LONG_RANGE0(hour, time_str, 23);
379
380 /* Check min field of time_str. */
381 time_str = colon + 1;
382 colon = strchr(time_str, ':');
383 if (*time_str == '\0' || colon == NULL)
384 return -1;
385 *colon = '\0';
386
387 /* Min must be between 0 and 59. */
388 GET_LONG_RANGE0(min, time_str, 59);
389
390 /* Check sec field of time_str. */
391 time_str = colon + 1;
392 if (*time_str == '\0')
393 return -1;
394
395 /* Sec must be between 0 and 59. */
396 GET_LONG_RANGE0(sec, time_str, 59);
397
398 /* Check day_str. Day must be <1-31>. */
399 GET_LONG_RANGE(day, day_str, 1, 31);
400
401 /* Check month_str. Month must match month_name. */
402 month = 0;
403 if (strlen(month_str) >= 3)
404 for (i = 0; month_name[i]; i++)
405 if (strncmp(month_str, month_name[i], strlen(month_str))
406 == 0) {
407 month = i;
408 break;
409 }
410 if (!month_name[i])
411 return -1;
412
413 /* Check year_str. Year must be <1993-2035>. */
414 GET_LONG_RANGE(year, year_str, 1993, 2035);
415
416 memset(&tm, 0, sizeof(struct tm));
417 tm.tm_sec = sec;
418 tm.tm_min = min;
419 tm.tm_hour = hour;
420 tm.tm_mon = month;
421 tm.tm_mday = day;
422 tm.tm_year = year - 1900;
423
424 time = mktime(&tm);
425
426 return time;
8cc4198f 427#undef GET_LONG_RANGE
718e3744 428}
429
d62a17ae 430static int key_lifetime_set(struct vty *vty, struct key_range *krange,
431 const char *stime_str, const char *sday_str,
432 const char *smonth_str, const char *syear_str,
433 const char *etime_str, const char *eday_str,
434 const char *emonth_str, const char *eyear_str)
718e3744 435{
d62a17ae 436 time_t time_start;
437 time_t time_end;
438
439 time_start = key_str2time(stime_str, sday_str, smonth_str, syear_str);
440 if (time_start < 0) {
441 vty_out(vty, "Malformed time value\n");
442 return CMD_WARNING_CONFIG_FAILED;
443 }
444 time_end = key_str2time(etime_str, eday_str, emonth_str, eyear_str);
445
446 if (time_end < 0) {
447 vty_out(vty, "Malformed time value\n");
448 return CMD_WARNING_CONFIG_FAILED;
449 }
450
451 if (time_end <= time_start) {
452 vty_out(vty, "Expire time is not later than start time\n");
453 return CMD_WARNING_CONFIG_FAILED;
454 }
455
456 krange->start = time_start;
457 krange->end = time_end;
458
459 return CMD_SUCCESS;
718e3744 460}
461
d62a17ae 462static int key_lifetime_duration_set(struct vty *vty, struct key_range *krange,
463 const char *stime_str,
464 const char *sday_str,
465 const char *smonth_str,
466 const char *syear_str,
467 const char *duration_str)
718e3744 468{
d62a17ae 469 time_t time_start;
d7c0a89a 470 uint32_t duration;
d62a17ae 471
472 time_start = key_str2time(stime_str, sday_str, smonth_str, syear_str);
473 if (time_start < 0) {
474 vty_out(vty, "Malformed time value\n");
475 return CMD_WARNING_CONFIG_FAILED;
476 }
477 krange->start = time_start;
478
479 duration = strtoul(duration_str, NULL, 10);
480 krange->duration = 1;
481 krange->end = time_start + duration;
482
483 return CMD_SUCCESS;
718e3744 484}
485
d62a17ae 486static int key_lifetime_infinite_set(struct vty *vty, struct key_range *krange,
487 const char *stime_str,
488 const char *sday_str,
489 const char *smonth_str,
490 const char *syear_str)
718e3744 491{
d62a17ae 492 time_t time_start;
493
494 time_start = key_str2time(stime_str, sday_str, smonth_str, syear_str);
495 if (time_start < 0) {
496 vty_out(vty, "Malformed time value\n");
497 return CMD_WARNING_CONFIG_FAILED;
498 }
499 krange->start = time_start;
500
501 krange->end = -1;
502
503 return CMD_SUCCESS;
718e3744 504}
6b0655a2 505
718e3744 506DEFUN (accept_lifetime_day_month_day_month,
507 accept_lifetime_day_month_day_month_cmd,
6147e2c6 508 "accept-lifetime HH:MM:SS (1-31) MONTH (1993-2035) HH:MM:SS (1-31) MONTH (1993-2035)",
718e3744 509 "Set accept lifetime of the key\n"
510 "Time to start\n"
511 "Day of th month to start\n"
512 "Month of the year to start\n"
513 "Year to start\n"
514 "Time to expire\n"
515 "Day of th month to expire\n"
516 "Month of the year to expire\n"
517 "Year to expire\n")
518{
d62a17ae 519 int idx_hhmmss = 1;
520 int idx_number = 2;
521 int idx_month = 3;
522 int idx_number_2 = 4;
523 int idx_hhmmss_2 = 5;
524 int idx_number_3 = 6;
525 int idx_month_2 = 7;
526 int idx_number_4 = 8;
527 VTY_DECLVAR_CONTEXT_SUB(key, key);
528
529 return key_lifetime_set(
530 vty, &key->accept, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
531 argv[idx_month]->arg, argv[idx_number_2]->arg,
532 argv[idx_hhmmss_2]->arg, argv[idx_number_3]->arg,
533 argv[idx_month_2]->arg, argv[idx_number_4]->arg);
718e3744 534}
535
536DEFUN (accept_lifetime_day_month_month_day,
537 accept_lifetime_day_month_month_day_cmd,
6147e2c6 538 "accept-lifetime HH:MM:SS (1-31) MONTH (1993-2035) HH:MM:SS MONTH (1-31) (1993-2035)",
718e3744 539 "Set accept lifetime of the key\n"
540 "Time to start\n"
541 "Day of th month to start\n"
542 "Month of the year to start\n"
543 "Year to start\n"
544 "Time to expire\n"
545 "Month of the year to expire\n"
546 "Day of th month to expire\n"
547 "Year to expire\n")
548{
d62a17ae 549 int idx_hhmmss = 1;
550 int idx_number = 2;
551 int idx_month = 3;
552 int idx_number_2 = 4;
553 int idx_hhmmss_2 = 5;
554 int idx_month_2 = 6;
555 int idx_number_3 = 7;
556 int idx_number_4 = 8;
557 VTY_DECLVAR_CONTEXT_SUB(key, key);
558
559 return key_lifetime_set(
560 vty, &key->accept, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
561 argv[idx_month]->arg, argv[idx_number_2]->arg,
562 argv[idx_hhmmss_2]->arg, argv[idx_number_3]->arg,
563 argv[idx_month_2]->arg, argv[idx_number_4]->arg);
718e3744 564}
565
566DEFUN (accept_lifetime_month_day_day_month,
567 accept_lifetime_month_day_day_month_cmd,
6147e2c6 568 "accept-lifetime HH:MM:SS MONTH (1-31) (1993-2035) HH:MM:SS (1-31) MONTH (1993-2035)",
718e3744 569 "Set accept lifetime of the key\n"
570 "Time to start\n"
571 "Month of the year to start\n"
572 "Day of th month to start\n"
573 "Year to start\n"
574 "Time to expire\n"
575 "Day of th month to expire\n"
576 "Month of the year to expire\n"
577 "Year to expire\n")
578{
d62a17ae 579 int idx_hhmmss = 1;
580 int idx_month = 2;
581 int idx_number = 3;
582 int idx_number_2 = 4;
583 int idx_hhmmss_2 = 5;
584 int idx_number_3 = 6;
585 int idx_month_2 = 7;
586 int idx_number_4 = 8;
587 VTY_DECLVAR_CONTEXT_SUB(key, key);
588
589 return key_lifetime_set(
590 vty, &key->accept, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
591 argv[idx_month]->arg, argv[idx_number_2]->arg,
592 argv[idx_hhmmss_2]->arg, argv[idx_number_3]->arg,
593 argv[idx_month_2]->arg, argv[idx_number_4]->arg);
718e3744 594}
595
596DEFUN (accept_lifetime_month_day_month_day,
597 accept_lifetime_month_day_month_day_cmd,
6147e2c6 598 "accept-lifetime HH:MM:SS MONTH (1-31) (1993-2035) HH:MM:SS MONTH (1-31) (1993-2035)",
718e3744 599 "Set accept lifetime of the key\n"
600 "Time to start\n"
601 "Month of the year to start\n"
602 "Day of th month to start\n"
603 "Year to start\n"
604 "Time to expire\n"
605 "Month of the year to expire\n"
606 "Day of th month to expire\n"
607 "Year to expire\n")
608{
d62a17ae 609 int idx_hhmmss = 1;
610 int idx_month = 2;
611 int idx_number = 3;
612 int idx_number_2 = 4;
613 int idx_hhmmss_2 = 5;
614 int idx_month_2 = 6;
615 int idx_number_3 = 7;
616 int idx_number_4 = 8;
617 VTY_DECLVAR_CONTEXT_SUB(key, key);
618
619 return key_lifetime_set(
620 vty, &key->accept, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
621 argv[idx_month]->arg, argv[idx_number_2]->arg,
622 argv[idx_hhmmss_2]->arg, argv[idx_number_3]->arg,
623 argv[idx_month_2]->arg, argv[idx_number_4]->arg);
718e3744 624}
625
626DEFUN (accept_lifetime_infinite_day_month,
627 accept_lifetime_infinite_day_month_cmd,
6147e2c6 628 "accept-lifetime HH:MM:SS (1-31) MONTH (1993-2035) infinite",
718e3744 629 "Set accept lifetime of the key\n"
630 "Time to start\n"
631 "Day of th month to start\n"
632 "Month of the year to start\n"
633 "Year to start\n"
efd7904e 634 "Never expires\n")
718e3744 635{
d62a17ae 636 int idx_hhmmss = 1;
637 int idx_number = 2;
638 int idx_month = 3;
639 int idx_number_2 = 4;
640 VTY_DECLVAR_CONTEXT_SUB(key, key);
641
642 return key_lifetime_infinite_set(
643 vty, &key->accept, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
644 argv[idx_month]->arg, argv[idx_number_2]->arg);
718e3744 645}
646
647DEFUN (accept_lifetime_infinite_month_day,
648 accept_lifetime_infinite_month_day_cmd,
6147e2c6 649 "accept-lifetime HH:MM:SS MONTH (1-31) (1993-2035) infinite",
718e3744 650 "Set accept lifetime of the key\n"
651 "Time to start\n"
652 "Month of the year to start\n"
653 "Day of th month to start\n"
654 "Year to start\n"
efd7904e 655 "Never expires\n")
718e3744 656{
d62a17ae 657 int idx_hhmmss = 1;
658 int idx_month = 2;
659 int idx_number = 3;
660 int idx_number_2 = 4;
661 VTY_DECLVAR_CONTEXT_SUB(key, key);
662
663 return key_lifetime_infinite_set(
664 vty, &key->accept, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
665 argv[idx_month]->arg, argv[idx_number_2]->arg);
718e3744 666}
667
668DEFUN (accept_lifetime_duration_day_month,
669 accept_lifetime_duration_day_month_cmd,
6147e2c6 670 "accept-lifetime HH:MM:SS (1-31) MONTH (1993-2035) duration (1-2147483646)",
718e3744 671 "Set accept lifetime of the key\n"
672 "Time to start\n"
673 "Day of th month to start\n"
674 "Month of the year to start\n"
675 "Year to start\n"
676 "Duration of the key\n"
677 "Duration seconds\n")
678{
d62a17ae 679 int idx_hhmmss = 1;
680 int idx_number = 2;
681 int idx_month = 3;
682 int idx_number_2 = 4;
683 int idx_number_3 = 6;
684 VTY_DECLVAR_CONTEXT_SUB(key, key);
685
686 return key_lifetime_duration_set(
687 vty, &key->accept, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
688 argv[idx_month]->arg, argv[idx_number_2]->arg,
689 argv[idx_number_3]->arg);
718e3744 690}
691
692DEFUN (accept_lifetime_duration_month_day,
693 accept_lifetime_duration_month_day_cmd,
6147e2c6 694 "accept-lifetime HH:MM:SS MONTH (1-31) (1993-2035) duration (1-2147483646)",
718e3744 695 "Set accept lifetime of the key\n"
696 "Time to start\n"
697 "Month of the year to start\n"
698 "Day of th month to start\n"
699 "Year to start\n"
700 "Duration of the key\n"
701 "Duration seconds\n")
702{
d62a17ae 703 int idx_hhmmss = 1;
704 int idx_month = 2;
705 int idx_number = 3;
706 int idx_number_2 = 4;
707 int idx_number_3 = 6;
708 VTY_DECLVAR_CONTEXT_SUB(key, key);
709
710 return key_lifetime_duration_set(
711 vty, &key->accept, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
712 argv[idx_month]->arg, argv[idx_number_2]->arg,
713 argv[idx_number_3]->arg);
718e3744 714}
6b0655a2 715
c50e6abd 716DEFUN (no_accept_lifetime,
717 no_accept_lifetime_cmd,
718 "no accept-lifetime",
719 NO_STR
720 "Unset accept-lifetime\n")
721{
722 VTY_DECLVAR_CONTEXT_SUB(key, key);
723
724 if (key->accept.start)
725 key->accept.start = 0;
726 if (key->accept.end)
727 key->accept.end = 0;
728 if (key->accept.duration)
729 key->accept.duration = 0;
730
731 return CMD_SUCCESS;
732}
733
718e3744 734DEFUN (send_lifetime_day_month_day_month,
735 send_lifetime_day_month_day_month_cmd,
6147e2c6 736 "send-lifetime HH:MM:SS (1-31) MONTH (1993-2035) HH:MM:SS (1-31) MONTH (1993-2035)",
718e3744 737 "Set send lifetime of the key\n"
738 "Time to start\n"
739 "Day of th month to start\n"
740 "Month of the year to start\n"
741 "Year to start\n"
742 "Time to expire\n"
743 "Day of th month to expire\n"
744 "Month of the year to expire\n"
745 "Year to expire\n")
746{
d62a17ae 747 int idx_hhmmss = 1;
748 int idx_number = 2;
749 int idx_month = 3;
750 int idx_number_2 = 4;
751 int idx_hhmmss_2 = 5;
752 int idx_number_3 = 6;
753 int idx_month_2 = 7;
754 int idx_number_4 = 8;
755 VTY_DECLVAR_CONTEXT_SUB(key, key);
756
757 return key_lifetime_set(
758 vty, &key->send, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
759 argv[idx_month]->arg, argv[idx_number_2]->arg,
760 argv[idx_hhmmss_2]->arg, argv[idx_number_3]->arg,
761 argv[idx_month_2]->arg, argv[idx_number_4]->arg);
718e3744 762}
763
764DEFUN (send_lifetime_day_month_month_day,
765 send_lifetime_day_month_month_day_cmd,
6147e2c6 766 "send-lifetime HH:MM:SS (1-31) MONTH (1993-2035) HH:MM:SS MONTH (1-31) (1993-2035)",
718e3744 767 "Set send lifetime of the key\n"
768 "Time to start\n"
769 "Day of th month to start\n"
770 "Month of the year to start\n"
771 "Year to start\n"
772 "Time to expire\n"
773 "Month of the year to expire\n"
774 "Day of th month to expire\n"
775 "Year to expire\n")
776{
d62a17ae 777 int idx_hhmmss = 1;
778 int idx_number = 2;
779 int idx_month = 3;
780 int idx_number_2 = 4;
781 int idx_hhmmss_2 = 5;
782 int idx_month_2 = 6;
783 int idx_number_3 = 7;
784 int idx_number_4 = 8;
785 VTY_DECLVAR_CONTEXT_SUB(key, key);
786
787 return key_lifetime_set(
788 vty, &key->send, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
789 argv[idx_month]->arg, argv[idx_number_2]->arg,
790 argv[idx_hhmmss_2]->arg, argv[idx_number_3]->arg,
791 argv[idx_month_2]->arg, argv[idx_number_4]->arg);
718e3744 792}
793
794DEFUN (send_lifetime_month_day_day_month,
795 send_lifetime_month_day_day_month_cmd,
6147e2c6 796 "send-lifetime HH:MM:SS MONTH (1-31) (1993-2035) HH:MM:SS (1-31) MONTH (1993-2035)",
718e3744 797 "Set send lifetime of the key\n"
798 "Time to start\n"
799 "Month of the year to start\n"
800 "Day of th month to start\n"
801 "Year to start\n"
802 "Time to expire\n"
803 "Day of th month to expire\n"
804 "Month of the year to expire\n"
805 "Year to expire\n")
806{
d62a17ae 807 int idx_hhmmss = 1;
808 int idx_month = 2;
809 int idx_number = 3;
810 int idx_number_2 = 4;
811 int idx_hhmmss_2 = 5;
812 int idx_number_3 = 6;
813 int idx_month_2 = 7;
814 int idx_number_4 = 8;
815 VTY_DECLVAR_CONTEXT_SUB(key, key);
816
817 return key_lifetime_set(
818 vty, &key->send, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
819 argv[idx_month]->arg, argv[idx_number_2]->arg,
820 argv[idx_hhmmss_2]->arg, argv[idx_number_3]->arg,
821 argv[idx_month_2]->arg, argv[idx_number_4]->arg);
718e3744 822}
823
824DEFUN (send_lifetime_month_day_month_day,
825 send_lifetime_month_day_month_day_cmd,
6147e2c6 826 "send-lifetime HH:MM:SS MONTH (1-31) (1993-2035) HH:MM:SS MONTH (1-31) (1993-2035)",
718e3744 827 "Set send lifetime of the key\n"
828 "Time to start\n"
829 "Month of the year to start\n"
830 "Day of th month to start\n"
831 "Year to start\n"
832 "Time to expire\n"
833 "Month of the year to expire\n"
834 "Day of th month to expire\n"
835 "Year to expire\n")
836{
d62a17ae 837 int idx_hhmmss = 1;
838 int idx_month = 2;
839 int idx_number = 3;
840 int idx_number_2 = 4;
841 int idx_hhmmss_2 = 5;
842 int idx_month_2 = 6;
843 int idx_number_3 = 7;
844 int idx_number_4 = 8;
845 VTY_DECLVAR_CONTEXT_SUB(key, key);
846
847 return key_lifetime_set(
848 vty, &key->send, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
849 argv[idx_month]->arg, argv[idx_number_2]->arg,
850 argv[idx_hhmmss_2]->arg, argv[idx_number_3]->arg,
851 argv[idx_month_2]->arg, argv[idx_number_4]->arg);
718e3744 852}
853
854DEFUN (send_lifetime_infinite_day_month,
855 send_lifetime_infinite_day_month_cmd,
6147e2c6 856 "send-lifetime HH:MM:SS (1-31) MONTH (1993-2035) infinite",
718e3744 857 "Set send lifetime of the key\n"
858 "Time to start\n"
859 "Day of th month to start\n"
860 "Month of the year to start\n"
861 "Year to start\n"
efd7904e 862 "Never expires\n")
718e3744 863{
d62a17ae 864 int idx_hhmmss = 1;
865 int idx_number = 2;
866 int idx_month = 3;
867 int idx_number_2 = 4;
868 VTY_DECLVAR_CONTEXT_SUB(key, key);
869
870 return key_lifetime_infinite_set(
871 vty, &key->send, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
872 argv[idx_month]->arg, argv[idx_number_2]->arg);
718e3744 873}
874
875DEFUN (send_lifetime_infinite_month_day,
876 send_lifetime_infinite_month_day_cmd,
6147e2c6 877 "send-lifetime HH:MM:SS MONTH (1-31) (1993-2035) infinite",
718e3744 878 "Set send lifetime of the key\n"
879 "Time to start\n"
880 "Month of the year to start\n"
881 "Day of th month to start\n"
882 "Year to start\n"
efd7904e 883 "Never expires\n")
718e3744 884{
d62a17ae 885 int idx_hhmmss = 1;
886 int idx_month = 2;
887 int idx_number = 3;
888 int idx_number_2 = 4;
889 VTY_DECLVAR_CONTEXT_SUB(key, key);
890
891 return key_lifetime_infinite_set(
892 vty, &key->send, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
893 argv[idx_month]->arg, argv[idx_number_2]->arg);
718e3744 894}
895
896DEFUN (send_lifetime_duration_day_month,
897 send_lifetime_duration_day_month_cmd,
6147e2c6 898 "send-lifetime HH:MM:SS (1-31) MONTH (1993-2035) duration (1-2147483646)",
718e3744 899 "Set send lifetime of the key\n"
900 "Time to start\n"
901 "Day of th month to start\n"
902 "Month of the year to start\n"
903 "Year to start\n"
904 "Duration of the key\n"
905 "Duration seconds\n")
906{
d62a17ae 907 int idx_hhmmss = 1;
908 int idx_number = 2;
909 int idx_month = 3;
910 int idx_number_2 = 4;
911 int idx_number_3 = 6;
912 VTY_DECLVAR_CONTEXT_SUB(key, key);
913
914 return key_lifetime_duration_set(
915 vty, &key->send, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
916 argv[idx_month]->arg, argv[idx_number_2]->arg,
917 argv[idx_number_3]->arg);
718e3744 918}
919
920DEFUN (send_lifetime_duration_month_day,
921 send_lifetime_duration_month_day_cmd,
6147e2c6 922 "send-lifetime HH:MM:SS MONTH (1-31) (1993-2035) duration (1-2147483646)",
718e3744 923 "Set send lifetime of the key\n"
924 "Time to start\n"
925 "Month of the year to start\n"
926 "Day of th month to start\n"
927 "Year to start\n"
928 "Duration of the key\n"
929 "Duration seconds\n")
930{
d62a17ae 931 int idx_hhmmss = 1;
932 int idx_month = 2;
933 int idx_number = 3;
934 int idx_number_2 = 4;
935 int idx_number_3 = 6;
936 VTY_DECLVAR_CONTEXT_SUB(key, key);
937
938 return key_lifetime_duration_set(
939 vty, &key->send, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
940 argv[idx_month]->arg, argv[idx_number_2]->arg,
941 argv[idx_number_3]->arg);
718e3744 942}
6b0655a2 943
c50e6abd 944DEFUN (no_send_lifetime,
945 no_send_lifetime_cmd,
946 "no send-lifetime",
947 NO_STR
948 "Unset send-lifetime\n")
949{
950 VTY_DECLVAR_CONTEXT_SUB(key, key);
951
952 if (key->send.start)
953 key->send.start = 0;
954 if (key->send.end)
955 key->send.end = 0;
956 if (key->send.duration)
957 key->send.duration = 0;
958
959 return CMD_SUCCESS;
960}
961
d62a17ae 962static struct cmd_node keychain_node = {KEYCHAIN_NODE, "%s(config-keychain)# ",
963 1};
718e3744 964
d62a17ae 965static struct cmd_node keychain_key_node = {KEYCHAIN_KEY_NODE,
966 "%s(config-keychain-key)# ", 1};
718e3744 967
d62a17ae 968static int keychain_strftime(char *buf, int bufsiz, time_t *time)
718e3744 969{
d62a17ae 970 struct tm *tm;
971 size_t len;
718e3744 972
d62a17ae 973 tm = localtime(time);
718e3744 974
d62a17ae 975 len = strftime(buf, bufsiz, "%T %b %d %Y", tm);
718e3744 976
d62a17ae 977 return len;
718e3744 978}
979
d62a17ae 980static int keychain_config_write(struct vty *vty)
718e3744 981{
d62a17ae 982 struct keychain *keychain;
983 struct key *key;
984 struct listnode *node;
985 struct listnode *knode;
986 char buf[BUFSIZ];
987
988 for (ALL_LIST_ELEMENTS_RO(keychain_list, node, keychain)) {
989 vty_out(vty, "key chain %s\n", keychain->name);
990
991 for (ALL_LIST_ELEMENTS_RO(keychain->key, knode, key)) {
992 vty_out(vty, " key %d\n", key->index);
993
994 if (key->string)
995 vty_out(vty, " key-string %s\n", key->string);
996
997 if (key->accept.start) {
998 keychain_strftime(buf, BUFSIZ,
999 &key->accept.start);
1000 vty_out(vty, " accept-lifetime %s", buf);
1001
1002 if (key->accept.end == -1)
1003 vty_out(vty, " infinite");
1004 else if (key->accept.duration)
1005 vty_out(vty, " duration %ld",
1006 (long)(key->accept.end
1007 - key->accept.start));
1008 else {
1009 keychain_strftime(buf, BUFSIZ,
1010 &key->accept.end);
1011 vty_out(vty, " %s", buf);
1012 }
1013 vty_out(vty, "\n");
1014 }
1015
1016 if (key->send.start) {
1017 keychain_strftime(buf, BUFSIZ,
1018 &key->send.start);
1019 vty_out(vty, " send-lifetime %s", buf);
1020
1021 if (key->send.end == -1)
1022 vty_out(vty, " infinite");
1023 else if (key->send.duration)
1024 vty_out(vty, " duration %ld",
1025 (long)(key->send.end
1026 - key->send.start));
1027 else {
1028 keychain_strftime(buf, BUFSIZ,
1029 &key->send.end);
1030 vty_out(vty, " %s", buf);
1031 }
1032 vty_out(vty, "\n");
1033 }
718e3744 1034 }
d62a17ae 1035 vty_out(vty, "!\n");
718e3744 1036 }
718e3744 1037
d62a17ae 1038 return 0;
718e3744 1039}
1040
4d762f26 1041void keychain_init(void)
718e3744 1042{
d62a17ae 1043 keychain_list = list_new();
1044
1045 install_node(&keychain_node, keychain_config_write);
1046 install_node(&keychain_key_node, NULL);
1047
1048 install_default(KEYCHAIN_NODE);
1049 install_default(KEYCHAIN_KEY_NODE);
1050
1051 install_element(CONFIG_NODE, &key_chain_cmd);
1052 install_element(CONFIG_NODE, &no_key_chain_cmd);
1053 install_element(KEYCHAIN_NODE, &key_cmd);
1054 install_element(KEYCHAIN_NODE, &no_key_cmd);
1055
1056 install_element(KEYCHAIN_NODE, &key_chain_cmd);
1057 install_element(KEYCHAIN_NODE, &no_key_chain_cmd);
1058
1059 install_element(KEYCHAIN_KEY_NODE, &key_string_cmd);
1060 install_element(KEYCHAIN_KEY_NODE, &no_key_string_cmd);
1061
1062 install_element(KEYCHAIN_KEY_NODE, &key_chain_cmd);
1063 install_element(KEYCHAIN_KEY_NODE, &no_key_chain_cmd);
1064
1065 install_element(KEYCHAIN_KEY_NODE, &key_cmd);
1066 install_element(KEYCHAIN_KEY_NODE, &no_key_cmd);
1067
1068 install_element(KEYCHAIN_KEY_NODE,
1069 &accept_lifetime_day_month_day_month_cmd);
1070 install_element(KEYCHAIN_KEY_NODE,
1071 &accept_lifetime_day_month_month_day_cmd);
1072 install_element(KEYCHAIN_KEY_NODE,
1073 &accept_lifetime_month_day_day_month_cmd);
1074 install_element(KEYCHAIN_KEY_NODE,
1075 &accept_lifetime_month_day_month_day_cmd);
1076 install_element(KEYCHAIN_KEY_NODE,
1077 &accept_lifetime_infinite_day_month_cmd);
1078 install_element(KEYCHAIN_KEY_NODE,
1079 &accept_lifetime_infinite_month_day_cmd);
1080 install_element(KEYCHAIN_KEY_NODE,
1081 &accept_lifetime_duration_day_month_cmd);
1082 install_element(KEYCHAIN_KEY_NODE,
1083 &accept_lifetime_duration_month_day_cmd);
996c9314 1084 install_element(KEYCHAIN_KEY_NODE, &no_accept_lifetime_cmd);
d62a17ae 1085
1086 install_element(KEYCHAIN_KEY_NODE,
1087 &send_lifetime_day_month_day_month_cmd);
1088 install_element(KEYCHAIN_KEY_NODE,
1089 &send_lifetime_day_month_month_day_cmd);
1090 install_element(KEYCHAIN_KEY_NODE,
1091 &send_lifetime_month_day_day_month_cmd);
1092 install_element(KEYCHAIN_KEY_NODE,
1093 &send_lifetime_month_day_month_day_cmd);
1094 install_element(KEYCHAIN_KEY_NODE,
1095 &send_lifetime_infinite_day_month_cmd);
1096 install_element(KEYCHAIN_KEY_NODE,
1097 &send_lifetime_infinite_month_day_cmd);
1098 install_element(KEYCHAIN_KEY_NODE,
1099 &send_lifetime_duration_day_month_cmd);
1100 install_element(KEYCHAIN_KEY_NODE,
1101 &send_lifetime_duration_month_day_cmd);
996c9314 1102 install_element(KEYCHAIN_KEY_NODE, &no_send_lifetime_cmd);
718e3744 1103}
FRRouting mirror