]>
Commit | Line | Data |
---|---|---|
718e3744 | 1 | /* key-chain for authentication. |
896014f4 DL |
2 | * Copyright (C) 2000 Kunihiro Ishiguro |
3 | * | |
4 | * This file is part of GNU Zebra. | |
5 | * | |
6 | * GNU Zebra is free software; you can redistribute it and/or modify | |
7 | * it under the terms of the GNU General Public License as published | |
8 | * by the Free Software Foundation; either version 2, or (at your | |
9 | * option) any later version. | |
10 | * | |
11 | * GNU Zebra is distributed in the hope that it will be useful, but | |
12 | * WITHOUT ANY WARRANTY; without even the implied warranty of | |
13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
14 | * General Public License for more details. | |
15 | * | |
16 | * You should have received a copy of the GNU General Public License along | |
17 | * with this program; see the file COPYING; if not, write to the Free Software | |
18 | * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA | |
19 | */ | |
718e3744 | 20 | |
72000880 | 21 | #include "config.h" |
718e3744 | 22 | #include <zebra.h> |
23 | ||
24 | #include "command.h" | |
25 | #include "memory.h" | |
26 | #include "linklist.h" | |
27 | #include "keychain.h" | |
28 | ||
bf8d3d6a DL |
29 | DEFINE_MTYPE_STATIC(LIB, KEY, "Key"); |
30 | DEFINE_MTYPE_STATIC(LIB, KEYCHAIN, "Key chain"); | |
4a1ab8e4 | 31 | |
96244aca DL |
32 | DEFINE_QOBJ_TYPE(keychain); |
33 | DEFINE_QOBJ_TYPE(key); | |
e80e7cce | 34 | |
718e3744 | 35 | /* Master list of key chain. */ |
c17faa4b | 36 | static struct list *keychain_list; |
718e3744 | 37 | |
d62a17ae | 38 | static struct keychain *keychain_new(void) |
718e3744 | 39 | { |
d62a17ae | 40 | struct keychain *keychain; |
41 | keychain = XCALLOC(MTYPE_KEYCHAIN, sizeof(struct keychain)); | |
42 | QOBJ_REG(keychain, keychain); | |
43 | return keychain; | |
718e3744 | 44 | } |
45 | ||
d62a17ae | 46 | static void keychain_free(struct keychain *keychain) |
718e3744 | 47 | { |
d62a17ae | 48 | QOBJ_UNREG(keychain); |
49 | XFREE(MTYPE_KEYCHAIN, keychain); | |
718e3744 | 50 | } |
51 | ||
d62a17ae | 52 | static struct key *key_new(void) |
718e3744 | 53 | { |
d62a17ae | 54 | struct key *key = XCALLOC(MTYPE_KEY, sizeof(struct key)); |
55 | QOBJ_REG(key, key); | |
56 | return key; | |
718e3744 | 57 | } |
58 | ||
d62a17ae | 59 | static void key_free(struct key *key) |
718e3744 | 60 | { |
d62a17ae | 61 | QOBJ_UNREG(key); |
62 | XFREE(MTYPE_KEY, key); | |
718e3744 | 63 | } |
64 | ||
d62a17ae | 65 | struct keychain *keychain_lookup(const char *name) |
718e3744 | 66 | { |
d62a17ae | 67 | struct listnode *node; |
68 | struct keychain *keychain; | |
718e3744 | 69 | |
d62a17ae | 70 | if (name == NULL) |
71 | return NULL; | |
718e3744 | 72 | |
d62a17ae | 73 | for (ALL_LIST_ELEMENTS_RO(keychain_list, node, keychain)) { |
74 | if (strcmp(keychain->name, name) == 0) | |
75 | return keychain; | |
76 | } | |
77 | return NULL; | |
718e3744 | 78 | } |
79 | ||
d62a17ae | 80 | static int key_cmp_func(void *arg1, void *arg2) |
718e3744 | 81 | { |
d62a17ae | 82 | const struct key *k1 = arg1; |
83 | const struct key *k2 = arg2; | |
84 | ||
85 | if (k1->index > k2->index) | |
86 | return 1; | |
87 | if (k1->index < k2->index) | |
88 | return -1; | |
89 | return 0; | |
718e3744 | 90 | } |
91 | ||
d62a17ae | 92 | static void key_delete_func(struct key *key) |
718e3744 | 93 | { |
d62a17ae | 94 | if (key->string) |
95 | free(key->string); | |
96 | key_free(key); | |
718e3744 | 97 | } |
98 | ||
d62a17ae | 99 | static struct keychain *keychain_get(const char *name) |
718e3744 | 100 | { |
d62a17ae | 101 | struct keychain *keychain; |
718e3744 | 102 | |
d62a17ae | 103 | keychain = keychain_lookup(name); |
718e3744 | 104 | |
d62a17ae | 105 | if (keychain) |
106 | return keychain; | |
718e3744 | 107 | |
d62a17ae | 108 | keychain = keychain_new(); |
109 | keychain->name = XSTRDUP(MTYPE_KEYCHAIN, name); | |
110 | keychain->key = list_new(); | |
111 | keychain->key->cmp = (int (*)(void *, void *))key_cmp_func; | |
112 | keychain->key->del = (void (*)(void *))key_delete_func; | |
113 | listnode_add(keychain_list, keychain); | |
718e3744 | 114 | |
d62a17ae | 115 | return keychain; |
718e3744 | 116 | } |
117 | ||
d62a17ae | 118 | static void keychain_delete(struct keychain *keychain) |
718e3744 | 119 | { |
0a22ddfb | 120 | XFREE(MTYPE_KEYCHAIN, keychain->name); |
718e3744 | 121 | |
6a154c88 | 122 | list_delete(&keychain->key); |
d62a17ae | 123 | listnode_delete(keychain_list, keychain); |
124 | keychain_free(keychain); | |
718e3744 | 125 | } |
126 | ||
d7c0a89a | 127 | static struct key *key_lookup(const struct keychain *keychain, uint32_t index) |
718e3744 | 128 | { |
d62a17ae | 129 | struct listnode *node; |
130 | struct key *key; | |
718e3744 | 131 | |
d62a17ae | 132 | for (ALL_LIST_ELEMENTS_RO(keychain->key, node, key)) { |
133 | if (key->index == index) | |
134 | return key; | |
135 | } | |
136 | return NULL; | |
718e3744 | 137 | } |
138 | ||
d62a17ae | 139 | struct key *key_lookup_for_accept(const struct keychain *keychain, |
d7c0a89a | 140 | uint32_t index) |
718e3744 | 141 | { |
d62a17ae | 142 | struct listnode *node; |
143 | struct key *key; | |
144 | time_t now; | |
145 | ||
146 | now = time(NULL); | |
147 | ||
148 | for (ALL_LIST_ELEMENTS_RO(keychain->key, node, key)) { | |
149 | if (key->index >= index) { | |
150 | if (key->accept.start == 0) | |
151 | return key; | |
152 | ||
153 | if (key->accept.start <= now) | |
154 | if (key->accept.end >= now | |
155 | || key->accept.end == -1) | |
156 | return key; | |
157 | } | |
718e3744 | 158 | } |
d62a17ae | 159 | return NULL; |
718e3744 | 160 | } |
161 | ||
d62a17ae | 162 | struct key *key_match_for_accept(const struct keychain *keychain, |
163 | const char *auth_str) | |
718e3744 | 164 | { |
d62a17ae | 165 | struct listnode *node; |
166 | struct key *key; | |
167 | time_t now; | |
168 | ||
169 | now = time(NULL); | |
170 | ||
171 | for (ALL_LIST_ELEMENTS_RO(keychain->key, node, key)) { | |
172 | if (key->accept.start == 0 | |
173 | || (key->accept.start <= now | |
174 | && (key->accept.end >= now || key->accept.end == -1))) | |
c4efb224 | 175 | if (key->string && (strncmp(key->string, auth_str, 16) == 0)) |
d62a17ae | 176 | return key; |
177 | } | |
178 | return NULL; | |
718e3744 | 179 | } |
180 | ||
d62a17ae | 181 | struct key *key_lookup_for_send(const struct keychain *keychain) |
718e3744 | 182 | { |
d62a17ae | 183 | struct listnode *node; |
184 | struct key *key; | |
185 | time_t now; | |
718e3744 | 186 | |
d62a17ae | 187 | now = time(NULL); |
718e3744 | 188 | |
d62a17ae | 189 | for (ALL_LIST_ELEMENTS_RO(keychain->key, node, key)) { |
190 | if (key->send.start == 0) | |
191 | return key; | |
718e3744 | 192 | |
d62a17ae | 193 | if (key->send.start <= now) |
194 | if (key->send.end >= now || key->send.end == -1) | |
195 | return key; | |
196 | } | |
197 | return NULL; | |
718e3744 | 198 | } |
199 | ||
d7c0a89a | 200 | static struct key *key_get(const struct keychain *keychain, uint32_t index) |
718e3744 | 201 | { |
d62a17ae | 202 | struct key *key; |
718e3744 | 203 | |
d62a17ae | 204 | key = key_lookup(keychain, index); |
718e3744 | 205 | |
d62a17ae | 206 | if (key) |
207 | return key; | |
718e3744 | 208 | |
d62a17ae | 209 | key = key_new(); |
210 | key->index = index; | |
72000880 | 211 | key->hash_algo = KEYCHAIN_ALGO_NULL; |
d62a17ae | 212 | listnode_add_sort(keychain->key, key); |
718e3744 | 213 | |
d62a17ae | 214 | return key; |
718e3744 | 215 | } |
216 | ||
d62a17ae | 217 | static void key_delete(struct keychain *keychain, struct key *key) |
718e3744 | 218 | { |
d62a17ae | 219 | listnode_delete(keychain->key, key); |
718e3744 | 220 | |
0a22ddfb | 221 | XFREE(MTYPE_KEY, key->string); |
d62a17ae | 222 | key_free(key); |
718e3744 | 223 | } |
6b0655a2 | 224 | |
505e5056 | 225 | DEFUN_NOSH (key_chain, |
718e3744 | 226 | key_chain_cmd, |
227 | "key chain WORD", | |
228 | "Authentication key management\n" | |
229 | "Key-chain management\n" | |
230 | "Key-chain name\n") | |
231 | { | |
d62a17ae | 232 | int idx_word = 2; |
233 | struct keychain *keychain; | |
718e3744 | 234 | |
d62a17ae | 235 | keychain = keychain_get(argv[idx_word]->arg); |
236 | VTY_PUSH_CONTEXT(KEYCHAIN_NODE, keychain); | |
718e3744 | 237 | |
d62a17ae | 238 | return CMD_SUCCESS; |
718e3744 | 239 | } |
240 | ||
241 | DEFUN (no_key_chain, | |
242 | no_key_chain_cmd, | |
243 | "no key chain WORD", | |
244 | NO_STR | |
245 | "Authentication key management\n" | |
246 | "Key-chain management\n" | |
247 | "Key-chain name\n") | |
248 | { | |
d62a17ae | 249 | int idx_word = 3; |
250 | struct keychain *keychain; | |
718e3744 | 251 | |
d62a17ae | 252 | keychain = keychain_lookup(argv[idx_word]->arg); |
718e3744 | 253 | |
d62a17ae | 254 | if (!keychain) { |
255 | vty_out(vty, "Can't find keychain %s\n", argv[idx_word]->arg); | |
256 | return CMD_WARNING_CONFIG_FAILED; | |
257 | } | |
718e3744 | 258 | |
d62a17ae | 259 | keychain_delete(keychain); |
718e3744 | 260 | |
d62a17ae | 261 | return CMD_SUCCESS; |
718e3744 | 262 | } |
263 | ||
505e5056 | 264 | DEFUN_NOSH (key, |
718e3744 | 265 | key_cmd, |
6147e2c6 | 266 | "key (0-2147483647)", |
718e3744 | 267 | "Configure a key\n" |
268 | "Key identifier number\n") | |
269 | { | |
d62a17ae | 270 | int idx_number = 1; |
271 | VTY_DECLVAR_CONTEXT(keychain, keychain); | |
272 | struct key *key; | |
d7c0a89a | 273 | uint32_t index; |
d62a17ae | 274 | |
275 | index = strtoul(argv[idx_number]->arg, NULL, 10); | |
276 | key = key_get(keychain, index); | |
277 | VTY_PUSH_CONTEXT_SUB(KEYCHAIN_KEY_NODE, key); | |
278 | ||
279 | return CMD_SUCCESS; | |
718e3744 | 280 | } |
281 | ||
282 | DEFUN (no_key, | |
283 | no_key_cmd, | |
6147e2c6 | 284 | "no key (0-2147483647)", |
718e3744 | 285 | NO_STR |
286 | "Delete a key\n" | |
287 | "Key identifier number\n") | |
288 | { | |
d62a17ae | 289 | int idx_number = 2; |
290 | VTY_DECLVAR_CONTEXT(keychain, keychain); | |
291 | struct key *key; | |
d7c0a89a | 292 | uint32_t index; |
d62a17ae | 293 | |
294 | index = strtoul(argv[idx_number]->arg, NULL, 10); | |
295 | key = key_lookup(keychain, index); | |
296 | if (!key) { | |
297 | vty_out(vty, "Can't find key %d\n", index); | |
298 | return CMD_WARNING_CONFIG_FAILED; | |
299 | } | |
300 | ||
301 | key_delete(keychain, key); | |
302 | ||
303 | vty->node = KEYCHAIN_NODE; | |
304 | ||
305 | return CMD_SUCCESS; | |
718e3744 | 306 | } |
307 | ||
308 | DEFUN (key_string, | |
309 | key_string_cmd, | |
310 | "key-string LINE", | |
311 | "Set key string\n" | |
312 | "The key\n") | |
313 | { | |
d62a17ae | 314 | int idx_line = 1; |
315 | VTY_DECLVAR_CONTEXT_SUB(key, key); | |
718e3744 | 316 | |
d62a17ae | 317 | if (key->string) |
318 | XFREE(MTYPE_KEY, key->string); | |
319 | key->string = XSTRDUP(MTYPE_KEY, argv[idx_line]->arg); | |
718e3744 | 320 | |
d62a17ae | 321 | return CMD_SUCCESS; |
718e3744 | 322 | } |
323 | ||
324 | DEFUN (no_key_string, | |
325 | no_key_string_cmd, | |
326 | "no key-string [LINE]", | |
327 | NO_STR | |
328 | "Unset key string\n" | |
329 | "The key\n") | |
330 | { | |
d62a17ae | 331 | VTY_DECLVAR_CONTEXT_SUB(key, key); |
718e3744 | 332 | |
d62a17ae | 333 | if (key->string) { |
334 | XFREE(MTYPE_KEY, key->string); | |
335 | key->string = NULL; | |
336 | } | |
718e3744 | 337 | |
d62a17ae | 338 | return CMD_SUCCESS; |
718e3744 | 339 | } |
340 | ||
72000880 AR |
341 | const struct keychain_algo_info algo_info[] = { |
342 | {KEYCHAIN_ALGO_NULL, "null", 0, 0, "NULL"}, | |
343 | {KEYCHAIN_ALGO_MD5, "md5", KEYCHAIN_MD5_HASH_SIZE, | |
344 | KEYCHAIN_ALGO_MD5_INTERNAL_BLK_SIZE, "MD5"}, | |
345 | {KEYCHAIN_ALGO_HMAC_SHA1, "hmac-sha-1", KEYCHAIN_HMAC_SHA1_HASH_SIZE, | |
346 | KEYCHAIN_ALGO_SHA1_INTERNAL_BLK_SIZE, "HMAC-SHA-1"}, | |
347 | {KEYCHAIN_ALGO_HMAC_SHA256, "hmac-sha-256", | |
348 | KEYCHAIN_HMAC_SHA256_HASH_SIZE, KEYCHAIN_ALGO_SHA256_INTERNAL_BLK_SIZE, | |
349 | "HMAC-SHA-256"}, | |
350 | {KEYCHAIN_ALGO_HMAC_SHA384, "hmac-sha-384", | |
351 | KEYCHAIN_HMAC_SHA384_HASH_SIZE, KEYCHAIN_ALGO_SHA384_INTERNAL_BLK_SIZE, | |
352 | "HMAC-SHA-384"}, | |
353 | {KEYCHAIN_ALGO_HMAC_SHA512, "hmac-sha-512", | |
354 | KEYCHAIN_HMAC_SHA512_HASH_SIZE, KEYCHAIN_ALGO_SHA512_INTERNAL_BLK_SIZE, | |
355 | "HMAC-SHA-512"}, | |
356 | {KEYCHAIN_ALGO_MAX, "max", KEYCHAIN_MAX_HASH_SIZE, | |
357 | KEYCHAIN_ALGO_MAX_INTERNAL_BLK_SIZE, "Not defined"} | |
358 | }; | |
359 | ||
42bfee18 | 360 | uint16_t keychain_get_block_size(enum keychain_hash_algo key) |
72000880 AR |
361 | { |
362 | return algo_info[key].block; | |
363 | } | |
364 | ||
42bfee18 | 365 | uint16_t keychain_get_hash_len(enum keychain_hash_algo key) |
72000880 AR |
366 | { |
367 | return algo_info[key].length; | |
368 | } | |
369 | ||
370 | const char *keychain_get_description(enum keychain_hash_algo key) | |
371 | { | |
372 | return algo_info[key].desc; | |
373 | } | |
374 | ||
375 | struct keychain_algo_info | |
376 | keychain_get_hash_algo_info(enum keychain_hash_algo key) | |
377 | { | |
378 | return algo_info[key]; | |
379 | } | |
380 | ||
381 | enum keychain_hash_algo keychain_get_algo_id_by_name(const char *name) | |
382 | { | |
383 | #ifdef CRYPTO_INTERNAL | |
384 | if (!strncmp(name, "hmac-sha-2", 10)) | |
385 | return KEYCHAIN_ALGO_HMAC_SHA256; | |
386 | else if (!strncmp(name, "m", 1)) | |
387 | return KEYCHAIN_ALGO_MD5; | |
388 | else | |
389 | return KEYCHAIN_ALGO_NULL; | |
390 | #else | |
391 | if (!strncmp(name, "m", 1)) | |
392 | return KEYCHAIN_ALGO_MD5; | |
393 | else if (!strncmp(name, "hmac-sha-1", 10)) | |
394 | return KEYCHAIN_ALGO_HMAC_SHA1; | |
395 | else if (!strncmp(name, "hmac-sha-2", 10)) | |
396 | return KEYCHAIN_ALGO_HMAC_SHA256; | |
397 | else if (!strncmp(name, "hmac-sha-3", 10)) | |
398 | return KEYCHAIN_ALGO_HMAC_SHA384; | |
399 | else if (!strncmp(name, "hmac-sha-5", 10)) | |
400 | return KEYCHAIN_ALGO_HMAC_SHA512; | |
401 | else | |
402 | return KEYCHAIN_ALGO_NULL; | |
403 | #endif | |
404 | } | |
405 | ||
406 | const char *keychain_get_algo_name_by_id(enum keychain_hash_algo key) | |
407 | { | |
408 | return algo_info[key].name; | |
409 | } | |
410 | ||
411 | DEFUN(cryptographic_algorithm, cryptographic_algorithm_cmd, | |
412 | "cryptographic-algorithm " | |
413 | "<md5|hmac-sha-1|hmac-sha-256|hmac-sha-384|hmac-sha-512>", | |
414 | "Cryptographic-algorithm\n" | |
415 | "Use MD5 algorithm\n" | |
416 | "Use HMAC-SHA-1 algorithm\n" | |
417 | "Use HMAC-SHA-256 algorithm\n" | |
418 | "Use HMAC-SHA-384 algorithm\n" | |
419 | "Use HMAC-SHA-512 algorithm\n") | |
420 | { | |
421 | int algo_idx = 1; | |
422 | uint8_t hash_algo = KEYCHAIN_ALGO_NULL; | |
423 | ||
424 | VTY_DECLVAR_CONTEXT_SUB(key, key); | |
425 | hash_algo = keychain_get_algo_id_by_name(argv[algo_idx]->arg); | |
426 | #ifndef CRYPTO_OPENSSL | |
427 | if (hash_algo == KEYCHAIN_ALGO_NULL) { | |
428 | vty_out(vty, | |
429 | "Hash algorithm not supported, compile with --with-crypto=openssl\n"); | |
430 | return CMD_WARNING_CONFIG_FAILED; | |
431 | } | |
432 | #endif /* CRYPTO_OPENSSL */ | |
433 | key->hash_algo = hash_algo; | |
434 | return CMD_SUCCESS; | |
435 | } | |
436 | ||
437 | DEFUN(no_cryptographic_algorithm, no_cryptographic_algorithm_cmd, | |
438 | "no cryptographic-algorithm " | |
439 | "[<md5|hmac-sha-1|hmac-sha-256|hmac-sha-384|hmac-sha-512>]", | |
440 | NO_STR | |
441 | "Cryptographic-algorithm\n" | |
442 | "Use MD5 algorithm\n" | |
443 | "Use HMAC-SHA-1 algorithm\n" | |
444 | "Use HMAC-SHA-256 algorithm\n" | |
445 | "Use HMAC-SHA-384 algorithm\n" | |
446 | "Use HMAC-SHA-512 algorithm\n") | |
447 | { | |
448 | int algo_idx = 2; | |
449 | uint8_t hash_algo = KEYCHAIN_ALGO_NULL; | |
450 | ||
451 | VTY_DECLVAR_CONTEXT_SUB(key, key); | |
452 | if (argc > algo_idx) { | |
453 | hash_algo = keychain_get_algo_id_by_name(argv[algo_idx]->arg); | |
454 | if (hash_algo == KEYCHAIN_ALGO_NULL) { | |
455 | vty_out(vty, | |
456 | "Hash algorithm not supported, try compiling with --with-crypto=openssl\n"); | |
457 | return CMD_WARNING_CONFIG_FAILED; | |
458 | } | |
459 | } | |
460 | ||
461 | if ((hash_algo != KEYCHAIN_ALGO_NULL) && (hash_algo != key->hash_algo)) | |
462 | return CMD_SUCCESS; | |
463 | ||
464 | key->hash_algo = KEYCHAIN_ALGO_NULL; | |
465 | return CMD_SUCCESS; | |
466 | } | |
467 | ||
718e3744 | 468 | /* Convert HH:MM:SS MON DAY YEAR to time_t value. -1 is returned when |
469 | given string is malformed. */ | |
d62a17ae | 470 | static time_t key_str2time(const char *time_str, const char *day_str, |
471 | const char *month_str, const char *year_str) | |
718e3744 | 472 | { |
d62a17ae | 473 | int i = 0; |
474 | char *colon; | |
475 | struct tm tm; | |
476 | time_t time; | |
477 | unsigned int sec, min, hour; | |
478 | unsigned int day, month, year; | |
479 | ||
480 | const char *month_name[] = { | |
481 | "January", "February", "March", "April", "May", | |
482 | "June", "July", "August", "September", "October", | |
483 | "November", "December", NULL}; | |
484 | ||
485 | #define _GET_LONG_RANGE(V, STR, MMCOND) \ | |
486 | { \ | |
487 | unsigned long tmpl; \ | |
488 | char *endptr = NULL; \ | |
489 | tmpl = strtoul((STR), &endptr, 10); \ | |
490 | if (*endptr != '\0' || tmpl == ULONG_MAX) \ | |
491 | return -1; \ | |
492 | if (MMCOND) \ | |
493 | return -1; \ | |
494 | (V) = tmpl; \ | |
718e3744 | 495 | } |
d62a17ae | 496 | #define GET_LONG_RANGE(V, STR, MIN, MAX) \ |
497 | _GET_LONG_RANGE(V, STR, tmpl<(MIN) || tmpl>(MAX)) | |
498 | #define GET_LONG_RANGE0(V, STR, MAX) _GET_LONG_RANGE(V, STR, tmpl > (MAX)) | |
499 | ||
500 | /* Check hour field of time_str. */ | |
501 | colon = strchr(time_str, ':'); | |
502 | if (colon == NULL) | |
503 | return -1; | |
504 | *colon = '\0'; | |
505 | ||
506 | /* Hour must be between 0 and 23. */ | |
507 | GET_LONG_RANGE0(hour, time_str, 23); | |
508 | ||
509 | /* Check min field of time_str. */ | |
510 | time_str = colon + 1; | |
511 | colon = strchr(time_str, ':'); | |
512 | if (*time_str == '\0' || colon == NULL) | |
513 | return -1; | |
514 | *colon = '\0'; | |
515 | ||
516 | /* Min must be between 0 and 59. */ | |
517 | GET_LONG_RANGE0(min, time_str, 59); | |
518 | ||
519 | /* Check sec field of time_str. */ | |
520 | time_str = colon + 1; | |
521 | if (*time_str == '\0') | |
522 | return -1; | |
523 | ||
524 | /* Sec must be between 0 and 59. */ | |
525 | GET_LONG_RANGE0(sec, time_str, 59); | |
526 | ||
527 | /* Check day_str. Day must be <1-31>. */ | |
528 | GET_LONG_RANGE(day, day_str, 1, 31); | |
529 | ||
530 | /* Check month_str. Month must match month_name. */ | |
531 | month = 0; | |
532 | if (strlen(month_str) >= 3) | |
533 | for (i = 0; month_name[i]; i++) | |
534 | if (strncmp(month_str, month_name[i], strlen(month_str)) | |
535 | == 0) { | |
536 | month = i; | |
537 | break; | |
538 | } | |
539 | if (!month_name[i]) | |
540 | return -1; | |
541 | ||
542 | /* Check year_str. Year must be <1993-2035>. */ | |
543 | GET_LONG_RANGE(year, year_str, 1993, 2035); | |
544 | ||
6006b807 | 545 | memset(&tm, 0, sizeof(tm)); |
d62a17ae | 546 | tm.tm_sec = sec; |
547 | tm.tm_min = min; | |
548 | tm.tm_hour = hour; | |
549 | tm.tm_mon = month; | |
550 | tm.tm_mday = day; | |
551 | tm.tm_year = year - 1900; | |
552 | ||
553 | time = mktime(&tm); | |
554 | ||
555 | return time; | |
8cc4198f | 556 | #undef GET_LONG_RANGE |
718e3744 | 557 | } |
558 | ||
d62a17ae | 559 | static int key_lifetime_set(struct vty *vty, struct key_range *krange, |
560 | const char *stime_str, const char *sday_str, | |
561 | const char *smonth_str, const char *syear_str, | |
562 | const char *etime_str, const char *eday_str, | |
563 | const char *emonth_str, const char *eyear_str) | |
718e3744 | 564 | { |
d62a17ae | 565 | time_t time_start; |
566 | time_t time_end; | |
567 | ||
568 | time_start = key_str2time(stime_str, sday_str, smonth_str, syear_str); | |
569 | if (time_start < 0) { | |
570 | vty_out(vty, "Malformed time value\n"); | |
571 | return CMD_WARNING_CONFIG_FAILED; | |
572 | } | |
573 | time_end = key_str2time(etime_str, eday_str, emonth_str, eyear_str); | |
574 | ||
575 | if (time_end < 0) { | |
576 | vty_out(vty, "Malformed time value\n"); | |
577 | return CMD_WARNING_CONFIG_FAILED; | |
578 | } | |
579 | ||
580 | if (time_end <= time_start) { | |
581 | vty_out(vty, "Expire time is not later than start time\n"); | |
582 | return CMD_WARNING_CONFIG_FAILED; | |
583 | } | |
584 | ||
585 | krange->start = time_start; | |
586 | krange->end = time_end; | |
587 | ||
588 | return CMD_SUCCESS; | |
718e3744 | 589 | } |
590 | ||
d62a17ae | 591 | static int key_lifetime_duration_set(struct vty *vty, struct key_range *krange, |
592 | const char *stime_str, | |
593 | const char *sday_str, | |
594 | const char *smonth_str, | |
595 | const char *syear_str, | |
596 | const char *duration_str) | |
718e3744 | 597 | { |
d62a17ae | 598 | time_t time_start; |
d7c0a89a | 599 | uint32_t duration; |
d62a17ae | 600 | |
601 | time_start = key_str2time(stime_str, sday_str, smonth_str, syear_str); | |
602 | if (time_start < 0) { | |
603 | vty_out(vty, "Malformed time value\n"); | |
604 | return CMD_WARNING_CONFIG_FAILED; | |
605 | } | |
606 | krange->start = time_start; | |
607 | ||
608 | duration = strtoul(duration_str, NULL, 10); | |
609 | krange->duration = 1; | |
610 | krange->end = time_start + duration; | |
611 | ||
612 | return CMD_SUCCESS; | |
718e3744 | 613 | } |
614 | ||
d62a17ae | 615 | static int key_lifetime_infinite_set(struct vty *vty, struct key_range *krange, |
616 | const char *stime_str, | |
617 | const char *sday_str, | |
618 | const char *smonth_str, | |
619 | const char *syear_str) | |
718e3744 | 620 | { |
d62a17ae | 621 | time_t time_start; |
622 | ||
623 | time_start = key_str2time(stime_str, sday_str, smonth_str, syear_str); | |
624 | if (time_start < 0) { | |
625 | vty_out(vty, "Malformed time value\n"); | |
626 | return CMD_WARNING_CONFIG_FAILED; | |
627 | } | |
628 | krange->start = time_start; | |
629 | ||
630 | krange->end = -1; | |
631 | ||
632 | return CMD_SUCCESS; | |
718e3744 | 633 | } |
6b0655a2 | 634 | |
718e3744 | 635 | DEFUN (accept_lifetime_day_month_day_month, |
636 | accept_lifetime_day_month_day_month_cmd, | |
6147e2c6 | 637 | "accept-lifetime HH:MM:SS (1-31) MONTH (1993-2035) HH:MM:SS (1-31) MONTH (1993-2035)", |
718e3744 | 638 | "Set accept lifetime of the key\n" |
639 | "Time to start\n" | |
640 | "Day of th month to start\n" | |
641 | "Month of the year to start\n" | |
642 | "Year to start\n" | |
643 | "Time to expire\n" | |
644 | "Day of th month to expire\n" | |
645 | "Month of the year to expire\n" | |
646 | "Year to expire\n") | |
647 | { | |
d62a17ae | 648 | int idx_hhmmss = 1; |
649 | int idx_number = 2; | |
650 | int idx_month = 3; | |
651 | int idx_number_2 = 4; | |
652 | int idx_hhmmss_2 = 5; | |
653 | int idx_number_3 = 6; | |
654 | int idx_month_2 = 7; | |
655 | int idx_number_4 = 8; | |
656 | VTY_DECLVAR_CONTEXT_SUB(key, key); | |
657 | ||
658 | return key_lifetime_set( | |
659 | vty, &key->accept, argv[idx_hhmmss]->arg, argv[idx_number]->arg, | |
660 | argv[idx_month]->arg, argv[idx_number_2]->arg, | |
661 | argv[idx_hhmmss_2]->arg, argv[idx_number_3]->arg, | |
662 | argv[idx_month_2]->arg, argv[idx_number_4]->arg); | |
718e3744 | 663 | } |
664 | ||
665 | DEFUN (accept_lifetime_day_month_month_day, | |
666 | accept_lifetime_day_month_month_day_cmd, | |
6147e2c6 | 667 | "accept-lifetime HH:MM:SS (1-31) MONTH (1993-2035) HH:MM:SS MONTH (1-31) (1993-2035)", |
718e3744 | 668 | "Set accept lifetime of the key\n" |
669 | "Time to start\n" | |
670 | "Day of th month to start\n" | |
671 | "Month of the year to start\n" | |
672 | "Year to start\n" | |
673 | "Time to expire\n" | |
674 | "Month of the year to expire\n" | |
675 | "Day of th month to expire\n" | |
676 | "Year to expire\n") | |
677 | { | |
d62a17ae | 678 | int idx_hhmmss = 1; |
679 | int idx_number = 2; | |
680 | int idx_month = 3; | |
681 | int idx_number_2 = 4; | |
682 | int idx_hhmmss_2 = 5; | |
683 | int idx_month_2 = 6; | |
684 | int idx_number_3 = 7; | |
685 | int idx_number_4 = 8; | |
686 | VTY_DECLVAR_CONTEXT_SUB(key, key); | |
687 | ||
688 | return key_lifetime_set( | |
689 | vty, &key->accept, argv[idx_hhmmss]->arg, argv[idx_number]->arg, | |
690 | argv[idx_month]->arg, argv[idx_number_2]->arg, | |
691 | argv[idx_hhmmss_2]->arg, argv[idx_number_3]->arg, | |
692 | argv[idx_month_2]->arg, argv[idx_number_4]->arg); | |
718e3744 | 693 | } |
694 | ||
695 | DEFUN (accept_lifetime_month_day_day_month, | |
696 | accept_lifetime_month_day_day_month_cmd, | |
6147e2c6 | 697 | "accept-lifetime HH:MM:SS MONTH (1-31) (1993-2035) HH:MM:SS (1-31) MONTH (1993-2035)", |
718e3744 | 698 | "Set accept lifetime of the key\n" |
699 | "Time to start\n" | |
700 | "Month of the year to start\n" | |
701 | "Day of th month to start\n" | |
702 | "Year to start\n" | |
703 | "Time to expire\n" | |
704 | "Day of th month to expire\n" | |
705 | "Month of the year to expire\n" | |
706 | "Year to expire\n") | |
707 | { | |
d62a17ae | 708 | int idx_hhmmss = 1; |
709 | int idx_month = 2; | |
710 | int idx_number = 3; | |
711 | int idx_number_2 = 4; | |
712 | int idx_hhmmss_2 = 5; | |
713 | int idx_number_3 = 6; | |
714 | int idx_month_2 = 7; | |
715 | int idx_number_4 = 8; | |
716 | VTY_DECLVAR_CONTEXT_SUB(key, key); | |
717 | ||
718 | return key_lifetime_set( | |
719 | vty, &key->accept, argv[idx_hhmmss]->arg, argv[idx_number]->arg, | |
720 | argv[idx_month]->arg, argv[idx_number_2]->arg, | |
721 | argv[idx_hhmmss_2]->arg, argv[idx_number_3]->arg, | |
722 | argv[idx_month_2]->arg, argv[idx_number_4]->arg); | |
718e3744 | 723 | } |
724 | ||
725 | DEFUN (accept_lifetime_month_day_month_day, | |
726 | accept_lifetime_month_day_month_day_cmd, | |
6147e2c6 | 727 | "accept-lifetime HH:MM:SS MONTH (1-31) (1993-2035) HH:MM:SS MONTH (1-31) (1993-2035)", |
718e3744 | 728 | "Set accept lifetime of the key\n" |
729 | "Time to start\n" | |
730 | "Month of the year to start\n" | |
731 | "Day of th month to start\n" | |
732 | "Year to start\n" | |
733 | "Time to expire\n" | |
734 | "Month of the year to expire\n" | |
735 | "Day of th month to expire\n" | |
736 | "Year to expire\n") | |
737 | { | |
d62a17ae | 738 | int idx_hhmmss = 1; |
739 | int idx_month = 2; | |
740 | int idx_number = 3; | |
741 | int idx_number_2 = 4; | |
742 | int idx_hhmmss_2 = 5; | |
743 | int idx_month_2 = 6; | |
744 | int idx_number_3 = 7; | |
745 | int idx_number_4 = 8; | |
746 | VTY_DECLVAR_CONTEXT_SUB(key, key); | |
747 | ||
748 | return key_lifetime_set( | |
749 | vty, &key->accept, argv[idx_hhmmss]->arg, argv[idx_number]->arg, | |
750 | argv[idx_month]->arg, argv[idx_number_2]->arg, | |
751 | argv[idx_hhmmss_2]->arg, argv[idx_number_3]->arg, | |
752 | argv[idx_month_2]->arg, argv[idx_number_4]->arg); | |
718e3744 | 753 | } |
754 | ||
755 | DEFUN (accept_lifetime_infinite_day_month, | |
756 | accept_lifetime_infinite_day_month_cmd, | |
6147e2c6 | 757 | "accept-lifetime HH:MM:SS (1-31) MONTH (1993-2035) infinite", |
718e3744 | 758 | "Set accept lifetime of the key\n" |
759 | "Time to start\n" | |
760 | "Day of th month to start\n" | |
761 | "Month of the year to start\n" | |
762 | "Year to start\n" | |
efd7904e | 763 | "Never expires\n") |
718e3744 | 764 | { |
d62a17ae | 765 | int idx_hhmmss = 1; |
766 | int idx_number = 2; | |
767 | int idx_month = 3; | |
768 | int idx_number_2 = 4; | |
769 | VTY_DECLVAR_CONTEXT_SUB(key, key); | |
770 | ||
771 | return key_lifetime_infinite_set( | |
772 | vty, &key->accept, argv[idx_hhmmss]->arg, argv[idx_number]->arg, | |
773 | argv[idx_month]->arg, argv[idx_number_2]->arg); | |
718e3744 | 774 | } |
775 | ||
776 | DEFUN (accept_lifetime_infinite_month_day, | |
777 | accept_lifetime_infinite_month_day_cmd, | |
6147e2c6 | 778 | "accept-lifetime HH:MM:SS MONTH (1-31) (1993-2035) infinite", |
718e3744 | 779 | "Set accept lifetime of the key\n" |
780 | "Time to start\n" | |
781 | "Month of the year to start\n" | |
782 | "Day of th month to start\n" | |
783 | "Year to start\n" | |
efd7904e | 784 | "Never expires\n") |
718e3744 | 785 | { |
d62a17ae | 786 | int idx_hhmmss = 1; |
787 | int idx_month = 2; | |
788 | int idx_number = 3; | |
789 | int idx_number_2 = 4; | |
790 | VTY_DECLVAR_CONTEXT_SUB(key, key); | |
791 | ||
792 | return key_lifetime_infinite_set( | |
793 | vty, &key->accept, argv[idx_hhmmss]->arg, argv[idx_number]->arg, | |
794 | argv[idx_month]->arg, argv[idx_number_2]->arg); | |
718e3744 | 795 | } |
796 | ||
797 | DEFUN (accept_lifetime_duration_day_month, | |
798 | accept_lifetime_duration_day_month_cmd, | |
6147e2c6 | 799 | "accept-lifetime HH:MM:SS (1-31) MONTH (1993-2035) duration (1-2147483646)", |
718e3744 | 800 | "Set accept lifetime of the key\n" |
801 | "Time to start\n" | |
802 | "Day of th month to start\n" | |
803 | "Month of the year to start\n" | |
804 | "Year to start\n" | |
805 | "Duration of the key\n" | |
806 | "Duration seconds\n") | |
807 | { | |
d62a17ae | 808 | int idx_hhmmss = 1; |
809 | int idx_number = 2; | |
810 | int idx_month = 3; | |
811 | int idx_number_2 = 4; | |
812 | int idx_number_3 = 6; | |
813 | VTY_DECLVAR_CONTEXT_SUB(key, key); | |
814 | ||
815 | return key_lifetime_duration_set( | |
816 | vty, &key->accept, argv[idx_hhmmss]->arg, argv[idx_number]->arg, | |
817 | argv[idx_month]->arg, argv[idx_number_2]->arg, | |
818 | argv[idx_number_3]->arg); | |
718e3744 | 819 | } |
820 | ||
821 | DEFUN (accept_lifetime_duration_month_day, | |
822 | accept_lifetime_duration_month_day_cmd, | |
6147e2c6 | 823 | "accept-lifetime HH:MM:SS MONTH (1-31) (1993-2035) duration (1-2147483646)", |
718e3744 | 824 | "Set accept lifetime of the key\n" |
825 | "Time to start\n" | |
826 | "Month of the year to start\n" | |
827 | "Day of th month to start\n" | |
828 | "Year to start\n" | |
829 | "Duration of the key\n" | |
830 | "Duration seconds\n") | |
831 | { | |
d62a17ae | 832 | int idx_hhmmss = 1; |
833 | int idx_month = 2; | |
834 | int idx_number = 3; | |
835 | int idx_number_2 = 4; | |
836 | int idx_number_3 = 6; | |
837 | VTY_DECLVAR_CONTEXT_SUB(key, key); | |
838 | ||
839 | return key_lifetime_duration_set( | |
840 | vty, &key->accept, argv[idx_hhmmss]->arg, argv[idx_number]->arg, | |
841 | argv[idx_month]->arg, argv[idx_number_2]->arg, | |
842 | argv[idx_number_3]->arg); | |
718e3744 | 843 | } |
6b0655a2 | 844 | |
c50e6abd | 845 | DEFUN (no_accept_lifetime, |
846 | no_accept_lifetime_cmd, | |
847 | "no accept-lifetime", | |
848 | NO_STR | |
849 | "Unset accept-lifetime\n") | |
850 | { | |
851 | VTY_DECLVAR_CONTEXT_SUB(key, key); | |
852 | ||
853 | if (key->accept.start) | |
854 | key->accept.start = 0; | |
855 | if (key->accept.end) | |
856 | key->accept.end = 0; | |
857 | if (key->accept.duration) | |
858 | key->accept.duration = 0; | |
859 | ||
860 | return CMD_SUCCESS; | |
861 | } | |
862 | ||
718e3744 | 863 | DEFUN (send_lifetime_day_month_day_month, |
864 | send_lifetime_day_month_day_month_cmd, | |
6147e2c6 | 865 | "send-lifetime HH:MM:SS (1-31) MONTH (1993-2035) HH:MM:SS (1-31) MONTH (1993-2035)", |
718e3744 | 866 | "Set send lifetime of the key\n" |
867 | "Time to start\n" | |
868 | "Day of th month to start\n" | |
869 | "Month of the year to start\n" | |
870 | "Year to start\n" | |
871 | "Time to expire\n" | |
872 | "Day of th month to expire\n" | |
873 | "Month of the year to expire\n" | |
874 | "Year to expire\n") | |
875 | { | |
d62a17ae | 876 | int idx_hhmmss = 1; |
877 | int idx_number = 2; | |
878 | int idx_month = 3; | |
879 | int idx_number_2 = 4; | |
880 | int idx_hhmmss_2 = 5; | |
881 | int idx_number_3 = 6; | |
882 | int idx_month_2 = 7; | |
883 | int idx_number_4 = 8; | |
884 | VTY_DECLVAR_CONTEXT_SUB(key, key); | |
885 | ||
886 | return key_lifetime_set( | |
887 | vty, &key->send, argv[idx_hhmmss]->arg, argv[idx_number]->arg, | |
888 | argv[idx_month]->arg, argv[idx_number_2]->arg, | |
889 | argv[idx_hhmmss_2]->arg, argv[idx_number_3]->arg, | |
890 | argv[idx_month_2]->arg, argv[idx_number_4]->arg); | |
718e3744 | 891 | } |
892 | ||
893 | DEFUN (send_lifetime_day_month_month_day, | |
894 | send_lifetime_day_month_month_day_cmd, | |
6147e2c6 | 895 | "send-lifetime HH:MM:SS (1-31) MONTH (1993-2035) HH:MM:SS MONTH (1-31) (1993-2035)", |
718e3744 | 896 | "Set send lifetime of the key\n" |
897 | "Time to start\n" | |
898 | "Day of th month to start\n" | |
899 | "Month of the year to start\n" | |
900 | "Year to start\n" | |
901 | "Time to expire\n" | |
902 | "Month of the year to expire\n" | |
903 | "Day of th month to expire\n" | |
904 | "Year to expire\n") | |
905 | { | |
d62a17ae | 906 | int idx_hhmmss = 1; |
907 | int idx_number = 2; | |
908 | int idx_month = 3; | |
909 | int idx_number_2 = 4; | |
910 | int idx_hhmmss_2 = 5; | |
911 | int idx_month_2 = 6; | |
912 | int idx_number_3 = 7; | |
913 | int idx_number_4 = 8; | |
914 | VTY_DECLVAR_CONTEXT_SUB(key, key); | |
915 | ||
916 | return key_lifetime_set( | |
917 | vty, &key->send, argv[idx_hhmmss]->arg, argv[idx_number]->arg, | |
918 | argv[idx_month]->arg, argv[idx_number_2]->arg, | |
919 | argv[idx_hhmmss_2]->arg, argv[idx_number_3]->arg, | |
920 | argv[idx_month_2]->arg, argv[idx_number_4]->arg); | |
718e3744 | 921 | } |
922 | ||
923 | DEFUN (send_lifetime_month_day_day_month, | |
924 | send_lifetime_month_day_day_month_cmd, | |
6147e2c6 | 925 | "send-lifetime HH:MM:SS MONTH (1-31) (1993-2035) HH:MM:SS (1-31) MONTH (1993-2035)", |
718e3744 | 926 | "Set send lifetime of the key\n" |
927 | "Time to start\n" | |
928 | "Month of the year to start\n" | |
929 | "Day of th month to start\n" | |
930 | "Year to start\n" | |
931 | "Time to expire\n" | |
932 | "Day of th month to expire\n" | |
933 | "Month of the year to expire\n" | |
934 | "Year to expire\n") | |
935 | { | |
d62a17ae | 936 | int idx_hhmmss = 1; |
937 | int idx_month = 2; | |
938 | int idx_number = 3; | |
939 | int idx_number_2 = 4; | |
940 | int idx_hhmmss_2 = 5; | |
941 | int idx_number_3 = 6; | |
942 | int idx_month_2 = 7; | |
943 | int idx_number_4 = 8; | |
944 | VTY_DECLVAR_CONTEXT_SUB(key, key); | |
945 | ||
946 | return key_lifetime_set( | |
947 | vty, &key->send, argv[idx_hhmmss]->arg, argv[idx_number]->arg, | |
948 | argv[idx_month]->arg, argv[idx_number_2]->arg, | |
949 | argv[idx_hhmmss_2]->arg, argv[idx_number_3]->arg, | |
950 | argv[idx_month_2]->arg, argv[idx_number_4]->arg); | |
718e3744 | 951 | } |
952 | ||
953 | DEFUN (send_lifetime_month_day_month_day, | |
954 | send_lifetime_month_day_month_day_cmd, | |
6147e2c6 | 955 | "send-lifetime HH:MM:SS MONTH (1-31) (1993-2035) HH:MM:SS MONTH (1-31) (1993-2035)", |
718e3744 | 956 | "Set send lifetime of the key\n" |
957 | "Time to start\n" | |
958 | "Month of the year to start\n" | |
959 | "Day of th month to start\n" | |
960 | "Year to start\n" | |
961 | "Time to expire\n" | |
962 | "Month of the year to expire\n" | |
963 | "Day of th month to expire\n" | |
964 | "Year to expire\n") | |
965 | { | |
d62a17ae | 966 | int idx_hhmmss = 1; |
967 | int idx_month = 2; | |
968 | int idx_number = 3; | |
969 | int idx_number_2 = 4; | |
970 | int idx_hhmmss_2 = 5; | |
971 | int idx_month_2 = 6; | |
972 | int idx_number_3 = 7; | |
973 | int idx_number_4 = 8; | |
974 | VTY_DECLVAR_CONTEXT_SUB(key, key); | |
975 | ||
976 | return key_lifetime_set( | |
977 | vty, &key->send, argv[idx_hhmmss]->arg, argv[idx_number]->arg, | |
978 | argv[idx_month]->arg, argv[idx_number_2]->arg, | |
979 | argv[idx_hhmmss_2]->arg, argv[idx_number_3]->arg, | |
980 | argv[idx_month_2]->arg, argv[idx_number_4]->arg); | |
718e3744 | 981 | } |
982 | ||
983 | DEFUN (send_lifetime_infinite_day_month, | |
984 | send_lifetime_infinite_day_month_cmd, | |
6147e2c6 | 985 | "send-lifetime HH:MM:SS (1-31) MONTH (1993-2035) infinite", |
718e3744 | 986 | "Set send lifetime of the key\n" |
987 | "Time to start\n" | |
988 | "Day of th month to start\n" | |
989 | "Month of the year to start\n" | |
990 | "Year to start\n" | |
efd7904e | 991 | "Never expires\n") |
718e3744 | 992 | { |
d62a17ae | 993 | int idx_hhmmss = 1; |
994 | int idx_number = 2; | |
995 | int idx_month = 3; | |
996 | int idx_number_2 = 4; | |
997 | VTY_DECLVAR_CONTEXT_SUB(key, key); | |
998 | ||
999 | return key_lifetime_infinite_set( | |
1000 | vty, &key->send, argv[idx_hhmmss]->arg, argv[idx_number]->arg, | |
1001 | argv[idx_month]->arg, argv[idx_number_2]->arg); | |
718e3744 | 1002 | } |
1003 | ||
1004 | DEFUN (send_lifetime_infinite_month_day, | |
1005 | send_lifetime_infinite_month_day_cmd, | |
6147e2c6 | 1006 | "send-lifetime HH:MM:SS MONTH (1-31) (1993-2035) infinite", |
718e3744 | 1007 | "Set send lifetime of the key\n" |
1008 | "Time to start\n" | |
1009 | "Month of the year to start\n" | |
1010 | "Day of th month to start\n" | |
1011 | "Year to start\n" | |
efd7904e | 1012 | "Never expires\n") |
718e3744 | 1013 | { |
d62a17ae | 1014 | int idx_hhmmss = 1; |
1015 | int idx_month = 2; | |
1016 | int idx_number = 3; | |
1017 | int idx_number_2 = 4; | |
1018 | VTY_DECLVAR_CONTEXT_SUB(key, key); | |
1019 | ||
1020 | return key_lifetime_infinite_set( | |
1021 | vty, &key->send, argv[idx_hhmmss]->arg, argv[idx_number]->arg, | |
1022 | argv[idx_month]->arg, argv[idx_number_2]->arg); | |
718e3744 | 1023 | } |
1024 | ||
1025 | DEFUN (send_lifetime_duration_day_month, | |
1026 | send_lifetime_duration_day_month_cmd, | |
6147e2c6 | 1027 | "send-lifetime HH:MM:SS (1-31) MONTH (1993-2035) duration (1-2147483646)", |
718e3744 | 1028 | "Set send lifetime of the key\n" |
1029 | "Time to start\n" | |
1030 | "Day of th month to start\n" | |
1031 | "Month of the year to start\n" | |
1032 | "Year to start\n" | |
1033 | "Duration of the key\n" | |
1034 | "Duration seconds\n") | |
1035 | { | |
d62a17ae | 1036 | int idx_hhmmss = 1; |
1037 | int idx_number = 2; | |
1038 | int idx_month = 3; | |
1039 | int idx_number_2 = 4; | |
1040 | int idx_number_3 = 6; | |
1041 | VTY_DECLVAR_CONTEXT_SUB(key, key); | |
1042 | ||
1043 | return key_lifetime_duration_set( | |
1044 | vty, &key->send, argv[idx_hhmmss]->arg, argv[idx_number]->arg, | |
1045 | argv[idx_month]->arg, argv[idx_number_2]->arg, | |
1046 | argv[idx_number_3]->arg); | |
718e3744 | 1047 | } |
1048 | ||
1049 | DEFUN (send_lifetime_duration_month_day, | |
1050 | send_lifetime_duration_month_day_cmd, | |
6147e2c6 | 1051 | "send-lifetime HH:MM:SS MONTH (1-31) (1993-2035) duration (1-2147483646)", |
718e3744 | 1052 | "Set send lifetime of the key\n" |
1053 | "Time to start\n" | |
1054 | "Month of the year to start\n" | |
1055 | "Day of th month to start\n" | |
1056 | "Year to start\n" | |
1057 | "Duration of the key\n" | |
1058 | "Duration seconds\n") | |
1059 | { | |
d62a17ae | 1060 | int idx_hhmmss = 1; |
1061 | int idx_month = 2; | |
1062 | int idx_number = 3; | |
1063 | int idx_number_2 = 4; | |
1064 | int idx_number_3 = 6; | |
1065 | VTY_DECLVAR_CONTEXT_SUB(key, key); | |
1066 | ||
1067 | return key_lifetime_duration_set( | |
1068 | vty, &key->send, argv[idx_hhmmss]->arg, argv[idx_number]->arg, | |
1069 | argv[idx_month]->arg, argv[idx_number_2]->arg, | |
1070 | argv[idx_number_3]->arg); | |
718e3744 | 1071 | } |
6b0655a2 | 1072 | |
c50e6abd | 1073 | DEFUN (no_send_lifetime, |
1074 | no_send_lifetime_cmd, | |
1075 | "no send-lifetime", | |
1076 | NO_STR | |
1077 | "Unset send-lifetime\n") | |
1078 | { | |
1079 | VTY_DECLVAR_CONTEXT_SUB(key, key); | |
1080 | ||
1081 | if (key->send.start) | |
1082 | key->send.start = 0; | |
1083 | if (key->send.end) | |
1084 | key->send.end = 0; | |
1085 | if (key->send.duration) | |
1086 | key->send.duration = 0; | |
1087 | ||
1088 | return CMD_SUCCESS; | |
1089 | } | |
1090 | ||
612c2c15 | 1091 | static int keychain_config_write(struct vty *vty); |
62b346ee | 1092 | static struct cmd_node keychain_node = { |
f4b8291f | 1093 | .name = "keychain", |
62b346ee | 1094 | .node = KEYCHAIN_NODE, |
24389580 | 1095 | .parent_node = CONFIG_NODE, |
62b346ee | 1096 | .prompt = "%s(config-keychain)# ", |
612c2c15 | 1097 | .config_write = keychain_config_write, |
62b346ee DL |
1098 | }; |
1099 | ||
1100 | static struct cmd_node keychain_key_node = { | |
f4b8291f | 1101 | .name = "keychain key", |
62b346ee | 1102 | .node = KEYCHAIN_KEY_NODE, |
24389580 | 1103 | .parent_node = KEYCHAIN_NODE, |
62b346ee | 1104 | .prompt = "%s(config-keychain-key)# ", |
62b346ee | 1105 | }; |
718e3744 | 1106 | |
d62a17ae | 1107 | static int keychain_strftime(char *buf, int bufsiz, time_t *time) |
718e3744 | 1108 | { |
a2700b50 | 1109 | struct tm tm; |
d62a17ae | 1110 | size_t len; |
718e3744 | 1111 | |
a2700b50 | 1112 | localtime_r(time, &tm); |
718e3744 | 1113 | |
a2700b50 | 1114 | len = strftime(buf, bufsiz, "%T %b %d %Y", &tm); |
718e3744 | 1115 | |
d62a17ae | 1116 | return len; |
718e3744 | 1117 | } |
1118 | ||
d62a17ae | 1119 | static int keychain_config_write(struct vty *vty) |
718e3744 | 1120 | { |
d62a17ae | 1121 | struct keychain *keychain; |
1122 | struct key *key; | |
1123 | struct listnode *node; | |
1124 | struct listnode *knode; | |
1125 | char buf[BUFSIZ]; | |
1126 | ||
1127 | for (ALL_LIST_ELEMENTS_RO(keychain_list, node, keychain)) { | |
1128 | vty_out(vty, "key chain %s\n", keychain->name); | |
1129 | ||
1130 | for (ALL_LIST_ELEMENTS_RO(keychain->key, knode, key)) { | |
1131 | vty_out(vty, " key %d\n", key->index); | |
1132 | ||
1133 | if (key->string) | |
1134 | vty_out(vty, " key-string %s\n", key->string); | |
1135 | ||
72000880 AR |
1136 | if (key->hash_algo != KEYCHAIN_ALGO_NULL) |
1137 | vty_out(vty, " cryptographic-algorithm %s\n", | |
1138 | keychain_get_algo_name_by_id( | |
1139 | key->hash_algo)); | |
1140 | ||
d62a17ae | 1141 | if (key->accept.start) { |
1142 | keychain_strftime(buf, BUFSIZ, | |
1143 | &key->accept.start); | |
1144 | vty_out(vty, " accept-lifetime %s", buf); | |
1145 | ||
1146 | if (key->accept.end == -1) | |
1147 | vty_out(vty, " infinite"); | |
1148 | else if (key->accept.duration) | |
1149 | vty_out(vty, " duration %ld", | |
1150 | (long)(key->accept.end | |
1151 | - key->accept.start)); | |
1152 | else { | |
1153 | keychain_strftime(buf, BUFSIZ, | |
1154 | &key->accept.end); | |
1155 | vty_out(vty, " %s", buf); | |
1156 | } | |
1157 | vty_out(vty, "\n"); | |
1158 | } | |
1159 | ||
1160 | if (key->send.start) { | |
1161 | keychain_strftime(buf, BUFSIZ, | |
1162 | &key->send.start); | |
1163 | vty_out(vty, " send-lifetime %s", buf); | |
1164 | ||
1165 | if (key->send.end == -1) | |
1166 | vty_out(vty, " infinite"); | |
1167 | else if (key->send.duration) | |
1168 | vty_out(vty, " duration %ld", | |
1169 | (long)(key->send.end | |
1170 | - key->send.start)); | |
1171 | else { | |
1172 | keychain_strftime(buf, BUFSIZ, | |
1173 | &key->send.end); | |
1174 | vty_out(vty, " %s", buf); | |
1175 | } | |
1176 | vty_out(vty, "\n"); | |
1177 | } | |
deb95b37 AC |
1178 | |
1179 | vty_out(vty, " exit\n"); | |
718e3744 | 1180 | } |
07679ad9 | 1181 | vty_out(vty, "exit\n"); |
d62a17ae | 1182 | vty_out(vty, "!\n"); |
718e3744 | 1183 | } |
718e3744 | 1184 | |
d62a17ae | 1185 | return 0; |
718e3744 | 1186 | } |
1187 | ||
72000880 | 1188 | |
166f9103 AR |
1189 | static void keychain_active_config(vector comps, struct cmd_token *token) |
1190 | { | |
1191 | struct keychain *keychain; | |
1192 | struct listnode *node; | |
1193 | ||
1194 | for (ALL_LIST_ELEMENTS_RO(keychain_list, node, keychain)) | |
1195 | vector_set(comps, XSTRDUP(MTYPE_COMPLETION, keychain->name)); | |
1196 | } | |
1197 | ||
1198 | static const struct cmd_variable_handler keychain_var_handlers[] = { | |
1199 | {.varname = "key_chain", .completions = keychain_active_config}, | |
1200 | {.tokenname = "KEYCHAIN_NAME", .completions = keychain_active_config}, | |
1201 | {.tokenname = "KCHAIN_NAME", .completions = keychain_active_config}, | |
1202 | {.completions = NULL} | |
1203 | }; | |
1204 | ||
4d762f26 | 1205 | void keychain_init(void) |
718e3744 | 1206 | { |
d62a17ae | 1207 | keychain_list = list_new(); |
1208 | ||
166f9103 AR |
1209 | /* Register handler for keychain auto config support */ |
1210 | cmd_variable_handler_register(keychain_var_handlers); | |
612c2c15 DL |
1211 | install_node(&keychain_node); |
1212 | install_node(&keychain_key_node); | |
d62a17ae | 1213 | |
1214 | install_default(KEYCHAIN_NODE); | |
1215 | install_default(KEYCHAIN_KEY_NODE); | |
1216 | ||
1217 | install_element(CONFIG_NODE, &key_chain_cmd); | |
1218 | install_element(CONFIG_NODE, &no_key_chain_cmd); | |
1219 | install_element(KEYCHAIN_NODE, &key_cmd); | |
1220 | install_element(KEYCHAIN_NODE, &no_key_cmd); | |
1221 | ||
1222 | install_element(KEYCHAIN_NODE, &key_chain_cmd); | |
1223 | install_element(KEYCHAIN_NODE, &no_key_chain_cmd); | |
1224 | ||
1225 | install_element(KEYCHAIN_KEY_NODE, &key_string_cmd); | |
1226 | install_element(KEYCHAIN_KEY_NODE, &no_key_string_cmd); | |
1227 | ||
1228 | install_element(KEYCHAIN_KEY_NODE, &key_chain_cmd); | |
1229 | install_element(KEYCHAIN_KEY_NODE, &no_key_chain_cmd); | |
1230 | ||
1231 | install_element(KEYCHAIN_KEY_NODE, &key_cmd); | |
1232 | install_element(KEYCHAIN_KEY_NODE, &no_key_cmd); | |
1233 | ||
1234 | install_element(KEYCHAIN_KEY_NODE, | |
1235 | &accept_lifetime_day_month_day_month_cmd); | |
1236 | install_element(KEYCHAIN_KEY_NODE, | |
1237 | &accept_lifetime_day_month_month_day_cmd); | |
1238 | install_element(KEYCHAIN_KEY_NODE, | |
1239 | &accept_lifetime_month_day_day_month_cmd); | |
1240 | install_element(KEYCHAIN_KEY_NODE, | |
1241 | &accept_lifetime_month_day_month_day_cmd); | |
1242 | install_element(KEYCHAIN_KEY_NODE, | |
1243 | &accept_lifetime_infinite_day_month_cmd); | |
1244 | install_element(KEYCHAIN_KEY_NODE, | |
1245 | &accept_lifetime_infinite_month_day_cmd); | |
1246 | install_element(KEYCHAIN_KEY_NODE, | |
1247 | &accept_lifetime_duration_day_month_cmd); | |
1248 | install_element(KEYCHAIN_KEY_NODE, | |
1249 | &accept_lifetime_duration_month_day_cmd); | |
996c9314 | 1250 | install_element(KEYCHAIN_KEY_NODE, &no_accept_lifetime_cmd); |
d62a17ae | 1251 | |
1252 | install_element(KEYCHAIN_KEY_NODE, | |
1253 | &send_lifetime_day_month_day_month_cmd); | |
1254 | install_element(KEYCHAIN_KEY_NODE, | |
1255 | &send_lifetime_day_month_month_day_cmd); | |
1256 | install_element(KEYCHAIN_KEY_NODE, | |
1257 | &send_lifetime_month_day_day_month_cmd); | |
1258 | install_element(KEYCHAIN_KEY_NODE, | |
1259 | &send_lifetime_month_day_month_day_cmd); | |
1260 | install_element(KEYCHAIN_KEY_NODE, | |
1261 | &send_lifetime_infinite_day_month_cmd); | |
1262 | install_element(KEYCHAIN_KEY_NODE, | |
1263 | &send_lifetime_infinite_month_day_cmd); | |
1264 | install_element(KEYCHAIN_KEY_NODE, | |
1265 | &send_lifetime_duration_day_month_cmd); | |
1266 | install_element(KEYCHAIN_KEY_NODE, | |
1267 | &send_lifetime_duration_month_day_cmd); | |
996c9314 | 1268 | install_element(KEYCHAIN_KEY_NODE, &no_send_lifetime_cmd); |
72000880 AR |
1269 | install_element(KEYCHAIN_KEY_NODE, &cryptographic_algorithm_cmd); |
1270 | install_element(KEYCHAIN_KEY_NODE, &no_cryptographic_algorithm_cmd); | |
718e3744 | 1271 | } |