]>
Commit | Line | Data |
---|---|---|
acddc0ed | 1 | // SPDX-License-Identifier: GPL-2.0-or-later |
718e3744 | 2 | /* key-chain for authentication. |
896014f4 | 3 | * Copyright (C) 2000 Kunihiro Ishiguro |
896014f4 | 4 | */ |
718e3744 | 5 | |
72000880 | 6 | #include "config.h" |
718e3744 | 7 | #include <zebra.h> |
8 | ||
9 | #include "command.h" | |
10 | #include "memory.h" | |
11 | #include "linklist.h" | |
12 | #include "keychain.h" | |
13 | ||
bf8d3d6a DL |
14 | DEFINE_MTYPE_STATIC(LIB, KEY, "Key"); |
15 | DEFINE_MTYPE_STATIC(LIB, KEYCHAIN, "Key chain"); | |
4a1ab8e4 | 16 | |
96244aca DL |
17 | DEFINE_QOBJ_TYPE(keychain); |
18 | DEFINE_QOBJ_TYPE(key); | |
e80e7cce | 19 | |
718e3744 | 20 | /* Master list of key chain. */ |
c17faa4b | 21 | static struct list *keychain_list; |
718e3744 | 22 | |
d62a17ae | 23 | static struct keychain *keychain_new(void) |
718e3744 | 24 | { |
d62a17ae | 25 | struct keychain *keychain; |
26 | keychain = XCALLOC(MTYPE_KEYCHAIN, sizeof(struct keychain)); | |
27 | QOBJ_REG(keychain, keychain); | |
28 | return keychain; | |
718e3744 | 29 | } |
30 | ||
d62a17ae | 31 | static void keychain_free(struct keychain *keychain) |
718e3744 | 32 | { |
d62a17ae | 33 | QOBJ_UNREG(keychain); |
34 | XFREE(MTYPE_KEYCHAIN, keychain); | |
718e3744 | 35 | } |
36 | ||
d62a17ae | 37 | static struct key *key_new(void) |
718e3744 | 38 | { |
d62a17ae | 39 | struct key *key = XCALLOC(MTYPE_KEY, sizeof(struct key)); |
40 | QOBJ_REG(key, key); | |
41 | return key; | |
718e3744 | 42 | } |
43 | ||
d62a17ae | 44 | static void key_free(struct key *key) |
718e3744 | 45 | { |
d62a17ae | 46 | QOBJ_UNREG(key); |
47 | XFREE(MTYPE_KEY, key); | |
718e3744 | 48 | } |
49 | ||
d62a17ae | 50 | struct keychain *keychain_lookup(const char *name) |
718e3744 | 51 | { |
d62a17ae | 52 | struct listnode *node; |
53 | struct keychain *keychain; | |
718e3744 | 54 | |
d62a17ae | 55 | if (name == NULL) |
56 | return NULL; | |
718e3744 | 57 | |
d62a17ae | 58 | for (ALL_LIST_ELEMENTS_RO(keychain_list, node, keychain)) { |
59 | if (strcmp(keychain->name, name) == 0) | |
60 | return keychain; | |
61 | } | |
62 | return NULL; | |
718e3744 | 63 | } |
64 | ||
d62a17ae | 65 | static int key_cmp_func(void *arg1, void *arg2) |
718e3744 | 66 | { |
d62a17ae | 67 | const struct key *k1 = arg1; |
68 | const struct key *k2 = arg2; | |
69 | ||
70 | if (k1->index > k2->index) | |
71 | return 1; | |
72 | if (k1->index < k2->index) | |
73 | return -1; | |
74 | return 0; | |
718e3744 | 75 | } |
76 | ||
d62a17ae | 77 | static void key_delete_func(struct key *key) |
718e3744 | 78 | { |
d62a17ae | 79 | if (key->string) |
80 | free(key->string); | |
81 | key_free(key); | |
718e3744 | 82 | } |
83 | ||
d62a17ae | 84 | static struct keychain *keychain_get(const char *name) |
718e3744 | 85 | { |
d62a17ae | 86 | struct keychain *keychain; |
718e3744 | 87 | |
d62a17ae | 88 | keychain = keychain_lookup(name); |
718e3744 | 89 | |
d62a17ae | 90 | if (keychain) |
91 | return keychain; | |
718e3744 | 92 | |
d62a17ae | 93 | keychain = keychain_new(); |
94 | keychain->name = XSTRDUP(MTYPE_KEYCHAIN, name); | |
95 | keychain->key = list_new(); | |
96 | keychain->key->cmp = (int (*)(void *, void *))key_cmp_func; | |
97 | keychain->key->del = (void (*)(void *))key_delete_func; | |
98 | listnode_add(keychain_list, keychain); | |
718e3744 | 99 | |
d62a17ae | 100 | return keychain; |
718e3744 | 101 | } |
102 | ||
d62a17ae | 103 | static void keychain_delete(struct keychain *keychain) |
718e3744 | 104 | { |
0a22ddfb | 105 | XFREE(MTYPE_KEYCHAIN, keychain->name); |
718e3744 | 106 | |
6a154c88 | 107 | list_delete(&keychain->key); |
d62a17ae | 108 | listnode_delete(keychain_list, keychain); |
109 | keychain_free(keychain); | |
718e3744 | 110 | } |
111 | ||
d7c0a89a | 112 | static struct key *key_lookup(const struct keychain *keychain, uint32_t index) |
718e3744 | 113 | { |
d62a17ae | 114 | struct listnode *node; |
115 | struct key *key; | |
718e3744 | 116 | |
d62a17ae | 117 | for (ALL_LIST_ELEMENTS_RO(keychain->key, node, key)) { |
118 | if (key->index == index) | |
119 | return key; | |
120 | } | |
121 | return NULL; | |
718e3744 | 122 | } |
123 | ||
d62a17ae | 124 | struct key *key_lookup_for_accept(const struct keychain *keychain, |
d7c0a89a | 125 | uint32_t index) |
718e3744 | 126 | { |
d62a17ae | 127 | struct listnode *node; |
128 | struct key *key; | |
129 | time_t now; | |
130 | ||
131 | now = time(NULL); | |
132 | ||
133 | for (ALL_LIST_ELEMENTS_RO(keychain->key, node, key)) { | |
134 | if (key->index >= index) { | |
135 | if (key->accept.start == 0) | |
136 | return key; | |
137 | ||
138 | if (key->accept.start <= now) | |
139 | if (key->accept.end >= now | |
140 | || key->accept.end == -1) | |
141 | return key; | |
142 | } | |
718e3744 | 143 | } |
d62a17ae | 144 | return NULL; |
718e3744 | 145 | } |
146 | ||
d62a17ae | 147 | struct key *key_match_for_accept(const struct keychain *keychain, |
148 | const char *auth_str) | |
718e3744 | 149 | { |
d62a17ae | 150 | struct listnode *node; |
151 | struct key *key; | |
152 | time_t now; | |
153 | ||
154 | now = time(NULL); | |
155 | ||
156 | for (ALL_LIST_ELEMENTS_RO(keychain->key, node, key)) { | |
157 | if (key->accept.start == 0 | |
158 | || (key->accept.start <= now | |
159 | && (key->accept.end >= now || key->accept.end == -1))) | |
c4efb224 | 160 | if (key->string && (strncmp(key->string, auth_str, 16) == 0)) |
d62a17ae | 161 | return key; |
162 | } | |
163 | return NULL; | |
718e3744 | 164 | } |
165 | ||
d62a17ae | 166 | struct key *key_lookup_for_send(const struct keychain *keychain) |
718e3744 | 167 | { |
d62a17ae | 168 | struct listnode *node; |
169 | struct key *key; | |
170 | time_t now; | |
718e3744 | 171 | |
d62a17ae | 172 | now = time(NULL); |
718e3744 | 173 | |
d62a17ae | 174 | for (ALL_LIST_ELEMENTS_RO(keychain->key, node, key)) { |
175 | if (key->send.start == 0) | |
176 | return key; | |
718e3744 | 177 | |
d62a17ae | 178 | if (key->send.start <= now) |
179 | if (key->send.end >= now || key->send.end == -1) | |
180 | return key; | |
181 | } | |
182 | return NULL; | |
718e3744 | 183 | } |
184 | ||
d7c0a89a | 185 | static struct key *key_get(const struct keychain *keychain, uint32_t index) |
718e3744 | 186 | { |
d62a17ae | 187 | struct key *key; |
718e3744 | 188 | |
d62a17ae | 189 | key = key_lookup(keychain, index); |
718e3744 | 190 | |
d62a17ae | 191 | if (key) |
192 | return key; | |
718e3744 | 193 | |
d62a17ae | 194 | key = key_new(); |
195 | key->index = index; | |
72000880 | 196 | key->hash_algo = KEYCHAIN_ALGO_NULL; |
d62a17ae | 197 | listnode_add_sort(keychain->key, key); |
718e3744 | 198 | |
d62a17ae | 199 | return key; |
718e3744 | 200 | } |
201 | ||
d62a17ae | 202 | static void key_delete(struct keychain *keychain, struct key *key) |
718e3744 | 203 | { |
d62a17ae | 204 | listnode_delete(keychain->key, key); |
718e3744 | 205 | |
0a22ddfb | 206 | XFREE(MTYPE_KEY, key->string); |
d62a17ae | 207 | key_free(key); |
718e3744 | 208 | } |
6b0655a2 | 209 | |
505e5056 | 210 | DEFUN_NOSH (key_chain, |
718e3744 | 211 | key_chain_cmd, |
212 | "key chain WORD", | |
213 | "Authentication key management\n" | |
214 | "Key-chain management\n" | |
215 | "Key-chain name\n") | |
216 | { | |
d62a17ae | 217 | int idx_word = 2; |
218 | struct keychain *keychain; | |
718e3744 | 219 | |
d62a17ae | 220 | keychain = keychain_get(argv[idx_word]->arg); |
221 | VTY_PUSH_CONTEXT(KEYCHAIN_NODE, keychain); | |
718e3744 | 222 | |
d62a17ae | 223 | return CMD_SUCCESS; |
718e3744 | 224 | } |
225 | ||
226 | DEFUN (no_key_chain, | |
227 | no_key_chain_cmd, | |
228 | "no key chain WORD", | |
229 | NO_STR | |
230 | "Authentication key management\n" | |
231 | "Key-chain management\n" | |
232 | "Key-chain name\n") | |
233 | { | |
d62a17ae | 234 | int idx_word = 3; |
235 | struct keychain *keychain; | |
718e3744 | 236 | |
d62a17ae | 237 | keychain = keychain_lookup(argv[idx_word]->arg); |
718e3744 | 238 | |
d62a17ae | 239 | if (!keychain) { |
240 | vty_out(vty, "Can't find keychain %s\n", argv[idx_word]->arg); | |
241 | return CMD_WARNING_CONFIG_FAILED; | |
242 | } | |
718e3744 | 243 | |
d62a17ae | 244 | keychain_delete(keychain); |
718e3744 | 245 | |
d62a17ae | 246 | return CMD_SUCCESS; |
718e3744 | 247 | } |
248 | ||
505e5056 | 249 | DEFUN_NOSH (key, |
718e3744 | 250 | key_cmd, |
6147e2c6 | 251 | "key (0-2147483647)", |
718e3744 | 252 | "Configure a key\n" |
253 | "Key identifier number\n") | |
254 | { | |
d62a17ae | 255 | int idx_number = 1; |
256 | VTY_DECLVAR_CONTEXT(keychain, keychain); | |
257 | struct key *key; | |
d7c0a89a | 258 | uint32_t index; |
d62a17ae | 259 | |
260 | index = strtoul(argv[idx_number]->arg, NULL, 10); | |
261 | key = key_get(keychain, index); | |
262 | VTY_PUSH_CONTEXT_SUB(KEYCHAIN_KEY_NODE, key); | |
263 | ||
264 | return CMD_SUCCESS; | |
718e3744 | 265 | } |
266 | ||
267 | DEFUN (no_key, | |
268 | no_key_cmd, | |
6147e2c6 | 269 | "no key (0-2147483647)", |
718e3744 | 270 | NO_STR |
271 | "Delete a key\n" | |
272 | "Key identifier number\n") | |
273 | { | |
d62a17ae | 274 | int idx_number = 2; |
275 | VTY_DECLVAR_CONTEXT(keychain, keychain); | |
276 | struct key *key; | |
d7c0a89a | 277 | uint32_t index; |
d62a17ae | 278 | |
279 | index = strtoul(argv[idx_number]->arg, NULL, 10); | |
280 | key = key_lookup(keychain, index); | |
281 | if (!key) { | |
282 | vty_out(vty, "Can't find key %d\n", index); | |
283 | return CMD_WARNING_CONFIG_FAILED; | |
284 | } | |
285 | ||
286 | key_delete(keychain, key); | |
287 | ||
288 | vty->node = KEYCHAIN_NODE; | |
289 | ||
290 | return CMD_SUCCESS; | |
718e3744 | 291 | } |
292 | ||
293 | DEFUN (key_string, | |
294 | key_string_cmd, | |
295 | "key-string LINE", | |
296 | "Set key string\n" | |
297 | "The key\n") | |
298 | { | |
d62a17ae | 299 | int idx_line = 1; |
300 | VTY_DECLVAR_CONTEXT_SUB(key, key); | |
718e3744 | 301 | |
d62a17ae | 302 | if (key->string) |
303 | XFREE(MTYPE_KEY, key->string); | |
304 | key->string = XSTRDUP(MTYPE_KEY, argv[idx_line]->arg); | |
718e3744 | 305 | |
d62a17ae | 306 | return CMD_SUCCESS; |
718e3744 | 307 | } |
308 | ||
309 | DEFUN (no_key_string, | |
310 | no_key_string_cmd, | |
311 | "no key-string [LINE]", | |
312 | NO_STR | |
313 | "Unset key string\n" | |
314 | "The key\n") | |
315 | { | |
d62a17ae | 316 | VTY_DECLVAR_CONTEXT_SUB(key, key); |
718e3744 | 317 | |
d62a17ae | 318 | if (key->string) { |
319 | XFREE(MTYPE_KEY, key->string); | |
320 | key->string = NULL; | |
321 | } | |
718e3744 | 322 | |
d62a17ae | 323 | return CMD_SUCCESS; |
718e3744 | 324 | } |
325 | ||
72000880 AR |
326 | const struct keychain_algo_info algo_info[] = { |
327 | {KEYCHAIN_ALGO_NULL, "null", 0, 0, "NULL"}, | |
328 | {KEYCHAIN_ALGO_MD5, "md5", KEYCHAIN_MD5_HASH_SIZE, | |
329 | KEYCHAIN_ALGO_MD5_INTERNAL_BLK_SIZE, "MD5"}, | |
330 | {KEYCHAIN_ALGO_HMAC_SHA1, "hmac-sha-1", KEYCHAIN_HMAC_SHA1_HASH_SIZE, | |
331 | KEYCHAIN_ALGO_SHA1_INTERNAL_BLK_SIZE, "HMAC-SHA-1"}, | |
332 | {KEYCHAIN_ALGO_HMAC_SHA256, "hmac-sha-256", | |
333 | KEYCHAIN_HMAC_SHA256_HASH_SIZE, KEYCHAIN_ALGO_SHA256_INTERNAL_BLK_SIZE, | |
334 | "HMAC-SHA-256"}, | |
335 | {KEYCHAIN_ALGO_HMAC_SHA384, "hmac-sha-384", | |
336 | KEYCHAIN_HMAC_SHA384_HASH_SIZE, KEYCHAIN_ALGO_SHA384_INTERNAL_BLK_SIZE, | |
337 | "HMAC-SHA-384"}, | |
338 | {KEYCHAIN_ALGO_HMAC_SHA512, "hmac-sha-512", | |
339 | KEYCHAIN_HMAC_SHA512_HASH_SIZE, KEYCHAIN_ALGO_SHA512_INTERNAL_BLK_SIZE, | |
340 | "HMAC-SHA-512"}, | |
341 | {KEYCHAIN_ALGO_MAX, "max", KEYCHAIN_MAX_HASH_SIZE, | |
342 | KEYCHAIN_ALGO_MAX_INTERNAL_BLK_SIZE, "Not defined"} | |
343 | }; | |
344 | ||
42bfee18 | 345 | uint16_t keychain_get_block_size(enum keychain_hash_algo key) |
72000880 AR |
346 | { |
347 | return algo_info[key].block; | |
348 | } | |
349 | ||
42bfee18 | 350 | uint16_t keychain_get_hash_len(enum keychain_hash_algo key) |
72000880 AR |
351 | { |
352 | return algo_info[key].length; | |
353 | } | |
354 | ||
355 | const char *keychain_get_description(enum keychain_hash_algo key) | |
356 | { | |
357 | return algo_info[key].desc; | |
358 | } | |
359 | ||
360 | struct keychain_algo_info | |
361 | keychain_get_hash_algo_info(enum keychain_hash_algo key) | |
362 | { | |
363 | return algo_info[key]; | |
364 | } | |
365 | ||
366 | enum keychain_hash_algo keychain_get_algo_id_by_name(const char *name) | |
367 | { | |
368 | #ifdef CRYPTO_INTERNAL | |
369 | if (!strncmp(name, "hmac-sha-2", 10)) | |
370 | return KEYCHAIN_ALGO_HMAC_SHA256; | |
371 | else if (!strncmp(name, "m", 1)) | |
372 | return KEYCHAIN_ALGO_MD5; | |
373 | else | |
374 | return KEYCHAIN_ALGO_NULL; | |
375 | #else | |
376 | if (!strncmp(name, "m", 1)) | |
377 | return KEYCHAIN_ALGO_MD5; | |
378 | else if (!strncmp(name, "hmac-sha-1", 10)) | |
379 | return KEYCHAIN_ALGO_HMAC_SHA1; | |
380 | else if (!strncmp(name, "hmac-sha-2", 10)) | |
381 | return KEYCHAIN_ALGO_HMAC_SHA256; | |
382 | else if (!strncmp(name, "hmac-sha-3", 10)) | |
383 | return KEYCHAIN_ALGO_HMAC_SHA384; | |
384 | else if (!strncmp(name, "hmac-sha-5", 10)) | |
385 | return KEYCHAIN_ALGO_HMAC_SHA512; | |
386 | else | |
387 | return KEYCHAIN_ALGO_NULL; | |
388 | #endif | |
389 | } | |
390 | ||
391 | const char *keychain_get_algo_name_by_id(enum keychain_hash_algo key) | |
392 | { | |
393 | return algo_info[key].name; | |
394 | } | |
395 | ||
396 | DEFUN(cryptographic_algorithm, cryptographic_algorithm_cmd, | |
397 | "cryptographic-algorithm " | |
398 | "<md5|hmac-sha-1|hmac-sha-256|hmac-sha-384|hmac-sha-512>", | |
399 | "Cryptographic-algorithm\n" | |
400 | "Use MD5 algorithm\n" | |
401 | "Use HMAC-SHA-1 algorithm\n" | |
402 | "Use HMAC-SHA-256 algorithm\n" | |
403 | "Use HMAC-SHA-384 algorithm\n" | |
404 | "Use HMAC-SHA-512 algorithm\n") | |
405 | { | |
406 | int algo_idx = 1; | |
407 | uint8_t hash_algo = KEYCHAIN_ALGO_NULL; | |
408 | ||
409 | VTY_DECLVAR_CONTEXT_SUB(key, key); | |
410 | hash_algo = keychain_get_algo_id_by_name(argv[algo_idx]->arg); | |
411 | #ifndef CRYPTO_OPENSSL | |
412 | if (hash_algo == KEYCHAIN_ALGO_NULL) { | |
413 | vty_out(vty, | |
414 | "Hash algorithm not supported, compile with --with-crypto=openssl\n"); | |
415 | return CMD_WARNING_CONFIG_FAILED; | |
416 | } | |
417 | #endif /* CRYPTO_OPENSSL */ | |
418 | key->hash_algo = hash_algo; | |
419 | return CMD_SUCCESS; | |
420 | } | |
421 | ||
422 | DEFUN(no_cryptographic_algorithm, no_cryptographic_algorithm_cmd, | |
423 | "no cryptographic-algorithm " | |
424 | "[<md5|hmac-sha-1|hmac-sha-256|hmac-sha-384|hmac-sha-512>]", | |
425 | NO_STR | |
426 | "Cryptographic-algorithm\n" | |
427 | "Use MD5 algorithm\n" | |
428 | "Use HMAC-SHA-1 algorithm\n" | |
429 | "Use HMAC-SHA-256 algorithm\n" | |
430 | "Use HMAC-SHA-384 algorithm\n" | |
431 | "Use HMAC-SHA-512 algorithm\n") | |
432 | { | |
433 | int algo_idx = 2; | |
434 | uint8_t hash_algo = KEYCHAIN_ALGO_NULL; | |
435 | ||
436 | VTY_DECLVAR_CONTEXT_SUB(key, key); | |
437 | if (argc > algo_idx) { | |
438 | hash_algo = keychain_get_algo_id_by_name(argv[algo_idx]->arg); | |
439 | if (hash_algo == KEYCHAIN_ALGO_NULL) { | |
440 | vty_out(vty, | |
441 | "Hash algorithm not supported, try compiling with --with-crypto=openssl\n"); | |
442 | return CMD_WARNING_CONFIG_FAILED; | |
443 | } | |
444 | } | |
445 | ||
446 | if ((hash_algo != KEYCHAIN_ALGO_NULL) && (hash_algo != key->hash_algo)) | |
447 | return CMD_SUCCESS; | |
448 | ||
449 | key->hash_algo = KEYCHAIN_ALGO_NULL; | |
450 | return CMD_SUCCESS; | |
451 | } | |
452 | ||
718e3744 | 453 | /* Convert HH:MM:SS MON DAY YEAR to time_t value. -1 is returned when |
454 | given string is malformed. */ | |
d62a17ae | 455 | static time_t key_str2time(const char *time_str, const char *day_str, |
456 | const char *month_str, const char *year_str) | |
718e3744 | 457 | { |
d62a17ae | 458 | int i = 0; |
459 | char *colon; | |
460 | struct tm tm; | |
461 | time_t time; | |
462 | unsigned int sec, min, hour; | |
463 | unsigned int day, month, year; | |
464 | ||
465 | const char *month_name[] = { | |
466 | "January", "February", "March", "April", "May", | |
467 | "June", "July", "August", "September", "October", | |
468 | "November", "December", NULL}; | |
469 | ||
470 | #define _GET_LONG_RANGE(V, STR, MMCOND) \ | |
471 | { \ | |
472 | unsigned long tmpl; \ | |
473 | char *endptr = NULL; \ | |
474 | tmpl = strtoul((STR), &endptr, 10); \ | |
475 | if (*endptr != '\0' || tmpl == ULONG_MAX) \ | |
476 | return -1; \ | |
477 | if (MMCOND) \ | |
478 | return -1; \ | |
479 | (V) = tmpl; \ | |
718e3744 | 480 | } |
d62a17ae | 481 | #define GET_LONG_RANGE(V, STR, MIN, MAX) \ |
482 | _GET_LONG_RANGE(V, STR, tmpl<(MIN) || tmpl>(MAX)) | |
483 | #define GET_LONG_RANGE0(V, STR, MAX) _GET_LONG_RANGE(V, STR, tmpl > (MAX)) | |
484 | ||
485 | /* Check hour field of time_str. */ | |
486 | colon = strchr(time_str, ':'); | |
487 | if (colon == NULL) | |
488 | return -1; | |
489 | *colon = '\0'; | |
490 | ||
491 | /* Hour must be between 0 and 23. */ | |
492 | GET_LONG_RANGE0(hour, time_str, 23); | |
493 | ||
494 | /* Check min field of time_str. */ | |
495 | time_str = colon + 1; | |
496 | colon = strchr(time_str, ':'); | |
497 | if (*time_str == '\0' || colon == NULL) | |
498 | return -1; | |
499 | *colon = '\0'; | |
500 | ||
501 | /* Min must be between 0 and 59. */ | |
502 | GET_LONG_RANGE0(min, time_str, 59); | |
503 | ||
504 | /* Check sec field of time_str. */ | |
505 | time_str = colon + 1; | |
506 | if (*time_str == '\0') | |
507 | return -1; | |
508 | ||
509 | /* Sec must be between 0 and 59. */ | |
510 | GET_LONG_RANGE0(sec, time_str, 59); | |
511 | ||
512 | /* Check day_str. Day must be <1-31>. */ | |
513 | GET_LONG_RANGE(day, day_str, 1, 31); | |
514 | ||
515 | /* Check month_str. Month must match month_name. */ | |
516 | month = 0; | |
517 | if (strlen(month_str) >= 3) | |
518 | for (i = 0; month_name[i]; i++) | |
519 | if (strncmp(month_str, month_name[i], strlen(month_str)) | |
520 | == 0) { | |
521 | month = i; | |
522 | break; | |
523 | } | |
524 | if (!month_name[i]) | |
525 | return -1; | |
526 | ||
527 | /* Check year_str. Year must be <1993-2035>. */ | |
528 | GET_LONG_RANGE(year, year_str, 1993, 2035); | |
529 | ||
6006b807 | 530 | memset(&tm, 0, sizeof(tm)); |
d62a17ae | 531 | tm.tm_sec = sec; |
532 | tm.tm_min = min; | |
533 | tm.tm_hour = hour; | |
534 | tm.tm_mon = month; | |
535 | tm.tm_mday = day; | |
536 | tm.tm_year = year - 1900; | |
537 | ||
538 | time = mktime(&tm); | |
539 | ||
540 | return time; | |
8cc4198f | 541 | #undef GET_LONG_RANGE |
718e3744 | 542 | } |
543 | ||
d62a17ae | 544 | static int key_lifetime_set(struct vty *vty, struct key_range *krange, |
545 | const char *stime_str, const char *sday_str, | |
546 | const char *smonth_str, const char *syear_str, | |
547 | const char *etime_str, const char *eday_str, | |
548 | const char *emonth_str, const char *eyear_str) | |
718e3744 | 549 | { |
d62a17ae | 550 | time_t time_start; |
551 | time_t time_end; | |
552 | ||
553 | time_start = key_str2time(stime_str, sday_str, smonth_str, syear_str); | |
554 | if (time_start < 0) { | |
555 | vty_out(vty, "Malformed time value\n"); | |
556 | return CMD_WARNING_CONFIG_FAILED; | |
557 | } | |
558 | time_end = key_str2time(etime_str, eday_str, emonth_str, eyear_str); | |
559 | ||
560 | if (time_end < 0) { | |
561 | vty_out(vty, "Malformed time value\n"); | |
562 | return CMD_WARNING_CONFIG_FAILED; | |
563 | } | |
564 | ||
565 | if (time_end <= time_start) { | |
566 | vty_out(vty, "Expire time is not later than start time\n"); | |
567 | return CMD_WARNING_CONFIG_FAILED; | |
568 | } | |
569 | ||
570 | krange->start = time_start; | |
571 | krange->end = time_end; | |
572 | ||
573 | return CMD_SUCCESS; | |
718e3744 | 574 | } |
575 | ||
d62a17ae | 576 | static int key_lifetime_duration_set(struct vty *vty, struct key_range *krange, |
577 | const char *stime_str, | |
578 | const char *sday_str, | |
579 | const char *smonth_str, | |
580 | const char *syear_str, | |
581 | const char *duration_str) | |
718e3744 | 582 | { |
d62a17ae | 583 | time_t time_start; |
d7c0a89a | 584 | uint32_t duration; |
d62a17ae | 585 | |
586 | time_start = key_str2time(stime_str, sday_str, smonth_str, syear_str); | |
587 | if (time_start < 0) { | |
588 | vty_out(vty, "Malformed time value\n"); | |
589 | return CMD_WARNING_CONFIG_FAILED; | |
590 | } | |
591 | krange->start = time_start; | |
592 | ||
593 | duration = strtoul(duration_str, NULL, 10); | |
594 | krange->duration = 1; | |
595 | krange->end = time_start + duration; | |
596 | ||
597 | return CMD_SUCCESS; | |
718e3744 | 598 | } |
599 | ||
d62a17ae | 600 | static int key_lifetime_infinite_set(struct vty *vty, struct key_range *krange, |
601 | const char *stime_str, | |
602 | const char *sday_str, | |
603 | const char *smonth_str, | |
604 | const char *syear_str) | |
718e3744 | 605 | { |
d62a17ae | 606 | time_t time_start; |
607 | ||
608 | time_start = key_str2time(stime_str, sday_str, smonth_str, syear_str); | |
609 | if (time_start < 0) { | |
610 | vty_out(vty, "Malformed time value\n"); | |
611 | return CMD_WARNING_CONFIG_FAILED; | |
612 | } | |
613 | krange->start = time_start; | |
614 | ||
615 | krange->end = -1; | |
616 | ||
617 | return CMD_SUCCESS; | |
718e3744 | 618 | } |
6b0655a2 | 619 | |
718e3744 | 620 | DEFUN (accept_lifetime_day_month_day_month, |
621 | accept_lifetime_day_month_day_month_cmd, | |
6147e2c6 | 622 | "accept-lifetime HH:MM:SS (1-31) MONTH (1993-2035) HH:MM:SS (1-31) MONTH (1993-2035)", |
718e3744 | 623 | "Set accept lifetime of the key\n" |
624 | "Time to start\n" | |
625 | "Day of th month to start\n" | |
626 | "Month of the year to start\n" | |
627 | "Year to start\n" | |
628 | "Time to expire\n" | |
629 | "Day of th month to expire\n" | |
630 | "Month of the year to expire\n" | |
631 | "Year to expire\n") | |
632 | { | |
d62a17ae | 633 | int idx_hhmmss = 1; |
634 | int idx_number = 2; | |
635 | int idx_month = 3; | |
636 | int idx_number_2 = 4; | |
637 | int idx_hhmmss_2 = 5; | |
638 | int idx_number_3 = 6; | |
639 | int idx_month_2 = 7; | |
640 | int idx_number_4 = 8; | |
641 | VTY_DECLVAR_CONTEXT_SUB(key, key); | |
642 | ||
643 | return key_lifetime_set( | |
644 | vty, &key->accept, argv[idx_hhmmss]->arg, argv[idx_number]->arg, | |
645 | argv[idx_month]->arg, argv[idx_number_2]->arg, | |
646 | argv[idx_hhmmss_2]->arg, argv[idx_number_3]->arg, | |
647 | argv[idx_month_2]->arg, argv[idx_number_4]->arg); | |
718e3744 | 648 | } |
649 | ||
650 | DEFUN (accept_lifetime_day_month_month_day, | |
651 | accept_lifetime_day_month_month_day_cmd, | |
6147e2c6 | 652 | "accept-lifetime HH:MM:SS (1-31) MONTH (1993-2035) HH:MM:SS MONTH (1-31) (1993-2035)", |
718e3744 | 653 | "Set accept lifetime of the key\n" |
654 | "Time to start\n" | |
655 | "Day of th month to start\n" | |
656 | "Month of the year to start\n" | |
657 | "Year to start\n" | |
658 | "Time to expire\n" | |
659 | "Month of the year to expire\n" | |
660 | "Day of th month to expire\n" | |
661 | "Year to expire\n") | |
662 | { | |
d62a17ae | 663 | int idx_hhmmss = 1; |
664 | int idx_number = 2; | |
665 | int idx_month = 3; | |
666 | int idx_number_2 = 4; | |
667 | int idx_hhmmss_2 = 5; | |
668 | int idx_month_2 = 6; | |
669 | int idx_number_3 = 7; | |
670 | int idx_number_4 = 8; | |
671 | VTY_DECLVAR_CONTEXT_SUB(key, key); | |
672 | ||
673 | return key_lifetime_set( | |
674 | vty, &key->accept, argv[idx_hhmmss]->arg, argv[idx_number]->arg, | |
675 | argv[idx_month]->arg, argv[idx_number_2]->arg, | |
676 | argv[idx_hhmmss_2]->arg, argv[idx_number_3]->arg, | |
677 | argv[idx_month_2]->arg, argv[idx_number_4]->arg); | |
718e3744 | 678 | } |
679 | ||
680 | DEFUN (accept_lifetime_month_day_day_month, | |
681 | accept_lifetime_month_day_day_month_cmd, | |
6147e2c6 | 682 | "accept-lifetime HH:MM:SS MONTH (1-31) (1993-2035) HH:MM:SS (1-31) MONTH (1993-2035)", |
718e3744 | 683 | "Set accept lifetime of the key\n" |
684 | "Time to start\n" | |
685 | "Month of the year to start\n" | |
686 | "Day of th month to start\n" | |
687 | "Year to start\n" | |
688 | "Time to expire\n" | |
689 | "Day of th month to expire\n" | |
690 | "Month of the year to expire\n" | |
691 | "Year to expire\n") | |
692 | { | |
d62a17ae | 693 | int idx_hhmmss = 1; |
694 | int idx_month = 2; | |
695 | int idx_number = 3; | |
696 | int idx_number_2 = 4; | |
697 | int idx_hhmmss_2 = 5; | |
698 | int idx_number_3 = 6; | |
699 | int idx_month_2 = 7; | |
700 | int idx_number_4 = 8; | |
701 | VTY_DECLVAR_CONTEXT_SUB(key, key); | |
702 | ||
703 | return key_lifetime_set( | |
704 | vty, &key->accept, argv[idx_hhmmss]->arg, argv[idx_number]->arg, | |
705 | argv[idx_month]->arg, argv[idx_number_2]->arg, | |
706 | argv[idx_hhmmss_2]->arg, argv[idx_number_3]->arg, | |
707 | argv[idx_month_2]->arg, argv[idx_number_4]->arg); | |
718e3744 | 708 | } |
709 | ||
710 | DEFUN (accept_lifetime_month_day_month_day, | |
711 | accept_lifetime_month_day_month_day_cmd, | |
6147e2c6 | 712 | "accept-lifetime HH:MM:SS MONTH (1-31) (1993-2035) HH:MM:SS MONTH (1-31) (1993-2035)", |
718e3744 | 713 | "Set accept lifetime of the key\n" |
714 | "Time to start\n" | |
715 | "Month of the year to start\n" | |
716 | "Day of th month to start\n" | |
717 | "Year to start\n" | |
718 | "Time to expire\n" | |
719 | "Month of the year to expire\n" | |
720 | "Day of th month to expire\n" | |
721 | "Year to expire\n") | |
722 | { | |
d62a17ae | 723 | int idx_hhmmss = 1; |
724 | int idx_month = 2; | |
725 | int idx_number = 3; | |
726 | int idx_number_2 = 4; | |
727 | int idx_hhmmss_2 = 5; | |
728 | int idx_month_2 = 6; | |
729 | int idx_number_3 = 7; | |
730 | int idx_number_4 = 8; | |
731 | VTY_DECLVAR_CONTEXT_SUB(key, key); | |
732 | ||
733 | return key_lifetime_set( | |
734 | vty, &key->accept, argv[idx_hhmmss]->arg, argv[idx_number]->arg, | |
735 | argv[idx_month]->arg, argv[idx_number_2]->arg, | |
736 | argv[idx_hhmmss_2]->arg, argv[idx_number_3]->arg, | |
737 | argv[idx_month_2]->arg, argv[idx_number_4]->arg); | |
718e3744 | 738 | } |
739 | ||
740 | DEFUN (accept_lifetime_infinite_day_month, | |
741 | accept_lifetime_infinite_day_month_cmd, | |
6147e2c6 | 742 | "accept-lifetime HH:MM:SS (1-31) MONTH (1993-2035) infinite", |
718e3744 | 743 | "Set accept lifetime of the key\n" |
744 | "Time to start\n" | |
745 | "Day of th month to start\n" | |
746 | "Month of the year to start\n" | |
747 | "Year to start\n" | |
efd7904e | 748 | "Never expires\n") |
718e3744 | 749 | { |
d62a17ae | 750 | int idx_hhmmss = 1; |
751 | int idx_number = 2; | |
752 | int idx_month = 3; | |
753 | int idx_number_2 = 4; | |
754 | VTY_DECLVAR_CONTEXT_SUB(key, key); | |
755 | ||
756 | return key_lifetime_infinite_set( | |
757 | vty, &key->accept, argv[idx_hhmmss]->arg, argv[idx_number]->arg, | |
758 | argv[idx_month]->arg, argv[idx_number_2]->arg); | |
718e3744 | 759 | } |
760 | ||
761 | DEFUN (accept_lifetime_infinite_month_day, | |
762 | accept_lifetime_infinite_month_day_cmd, | |
6147e2c6 | 763 | "accept-lifetime HH:MM:SS MONTH (1-31) (1993-2035) infinite", |
718e3744 | 764 | "Set accept lifetime of the key\n" |
765 | "Time to start\n" | |
766 | "Month of the year to start\n" | |
767 | "Day of th month to start\n" | |
768 | "Year to start\n" | |
efd7904e | 769 | "Never expires\n") |
718e3744 | 770 | { |
d62a17ae | 771 | int idx_hhmmss = 1; |
772 | int idx_month = 2; | |
773 | int idx_number = 3; | |
774 | int idx_number_2 = 4; | |
775 | VTY_DECLVAR_CONTEXT_SUB(key, key); | |
776 | ||
777 | return key_lifetime_infinite_set( | |
778 | vty, &key->accept, argv[idx_hhmmss]->arg, argv[idx_number]->arg, | |
779 | argv[idx_month]->arg, argv[idx_number_2]->arg); | |
718e3744 | 780 | } |
781 | ||
782 | DEFUN (accept_lifetime_duration_day_month, | |
783 | accept_lifetime_duration_day_month_cmd, | |
6147e2c6 | 784 | "accept-lifetime HH:MM:SS (1-31) MONTH (1993-2035) duration (1-2147483646)", |
718e3744 | 785 | "Set accept lifetime of the key\n" |
786 | "Time to start\n" | |
787 | "Day of th month to start\n" | |
788 | "Month of the year to start\n" | |
789 | "Year to start\n" | |
790 | "Duration of the key\n" | |
791 | "Duration seconds\n") | |
792 | { | |
d62a17ae | 793 | int idx_hhmmss = 1; |
794 | int idx_number = 2; | |
795 | int idx_month = 3; | |
796 | int idx_number_2 = 4; | |
797 | int idx_number_3 = 6; | |
798 | VTY_DECLVAR_CONTEXT_SUB(key, key); | |
799 | ||
800 | return key_lifetime_duration_set( | |
801 | vty, &key->accept, argv[idx_hhmmss]->arg, argv[idx_number]->arg, | |
802 | argv[idx_month]->arg, argv[idx_number_2]->arg, | |
803 | argv[idx_number_3]->arg); | |
718e3744 | 804 | } |
805 | ||
806 | DEFUN (accept_lifetime_duration_month_day, | |
807 | accept_lifetime_duration_month_day_cmd, | |
6147e2c6 | 808 | "accept-lifetime HH:MM:SS MONTH (1-31) (1993-2035) duration (1-2147483646)", |
718e3744 | 809 | "Set accept lifetime of the key\n" |
810 | "Time to start\n" | |
811 | "Month of the year to start\n" | |
812 | "Day of th month to start\n" | |
813 | "Year to start\n" | |
814 | "Duration of the key\n" | |
815 | "Duration seconds\n") | |
816 | { | |
d62a17ae | 817 | int idx_hhmmss = 1; |
818 | int idx_month = 2; | |
819 | int idx_number = 3; | |
820 | int idx_number_2 = 4; | |
821 | int idx_number_3 = 6; | |
822 | VTY_DECLVAR_CONTEXT_SUB(key, key); | |
823 | ||
824 | return key_lifetime_duration_set( | |
825 | vty, &key->accept, argv[idx_hhmmss]->arg, argv[idx_number]->arg, | |
826 | argv[idx_month]->arg, argv[idx_number_2]->arg, | |
827 | argv[idx_number_3]->arg); | |
718e3744 | 828 | } |
6b0655a2 | 829 | |
c50e6abd | 830 | DEFUN (no_accept_lifetime, |
831 | no_accept_lifetime_cmd, | |
832 | "no accept-lifetime", | |
833 | NO_STR | |
834 | "Unset accept-lifetime\n") | |
835 | { | |
836 | VTY_DECLVAR_CONTEXT_SUB(key, key); | |
837 | ||
838 | if (key->accept.start) | |
839 | key->accept.start = 0; | |
840 | if (key->accept.end) | |
841 | key->accept.end = 0; | |
842 | if (key->accept.duration) | |
843 | key->accept.duration = 0; | |
844 | ||
845 | return CMD_SUCCESS; | |
846 | } | |
847 | ||
718e3744 | 848 | DEFUN (send_lifetime_day_month_day_month, |
849 | send_lifetime_day_month_day_month_cmd, | |
6147e2c6 | 850 | "send-lifetime HH:MM:SS (1-31) MONTH (1993-2035) HH:MM:SS (1-31) MONTH (1993-2035)", |
718e3744 | 851 | "Set send lifetime of the key\n" |
852 | "Time to start\n" | |
853 | "Day of th month to start\n" | |
854 | "Month of the year to start\n" | |
855 | "Year to start\n" | |
856 | "Time to expire\n" | |
857 | "Day of th month to expire\n" | |
858 | "Month of the year to expire\n" | |
859 | "Year to expire\n") | |
860 | { | |
d62a17ae | 861 | int idx_hhmmss = 1; |
862 | int idx_number = 2; | |
863 | int idx_month = 3; | |
864 | int idx_number_2 = 4; | |
865 | int idx_hhmmss_2 = 5; | |
866 | int idx_number_3 = 6; | |
867 | int idx_month_2 = 7; | |
868 | int idx_number_4 = 8; | |
869 | VTY_DECLVAR_CONTEXT_SUB(key, key); | |
870 | ||
871 | return key_lifetime_set( | |
872 | vty, &key->send, argv[idx_hhmmss]->arg, argv[idx_number]->arg, | |
873 | argv[idx_month]->arg, argv[idx_number_2]->arg, | |
874 | argv[idx_hhmmss_2]->arg, argv[idx_number_3]->arg, | |
875 | argv[idx_month_2]->arg, argv[idx_number_4]->arg); | |
718e3744 | 876 | } |
877 | ||
878 | DEFUN (send_lifetime_day_month_month_day, | |
879 | send_lifetime_day_month_month_day_cmd, | |
6147e2c6 | 880 | "send-lifetime HH:MM:SS (1-31) MONTH (1993-2035) HH:MM:SS MONTH (1-31) (1993-2035)", |
718e3744 | 881 | "Set send lifetime of the key\n" |
882 | "Time to start\n" | |
883 | "Day of th month to start\n" | |
884 | "Month of the year to start\n" | |
885 | "Year to start\n" | |
886 | "Time to expire\n" | |
887 | "Month of the year to expire\n" | |
888 | "Day of th month to expire\n" | |
889 | "Year to expire\n") | |
890 | { | |
d62a17ae | 891 | int idx_hhmmss = 1; |
892 | int idx_number = 2; | |
893 | int idx_month = 3; | |
894 | int idx_number_2 = 4; | |
895 | int idx_hhmmss_2 = 5; | |
896 | int idx_month_2 = 6; | |
897 | int idx_number_3 = 7; | |
898 | int idx_number_4 = 8; | |
899 | VTY_DECLVAR_CONTEXT_SUB(key, key); | |
900 | ||
901 | return key_lifetime_set( | |
902 | vty, &key->send, argv[idx_hhmmss]->arg, argv[idx_number]->arg, | |
903 | argv[idx_month]->arg, argv[idx_number_2]->arg, | |
904 | argv[idx_hhmmss_2]->arg, argv[idx_number_3]->arg, | |
905 | argv[idx_month_2]->arg, argv[idx_number_4]->arg); | |
718e3744 | 906 | } |
907 | ||
908 | DEFUN (send_lifetime_month_day_day_month, | |
909 | send_lifetime_month_day_day_month_cmd, | |
6147e2c6 | 910 | "send-lifetime HH:MM:SS MONTH (1-31) (1993-2035) HH:MM:SS (1-31) MONTH (1993-2035)", |
718e3744 | 911 | "Set send lifetime of the key\n" |
912 | "Time to start\n" | |
913 | "Month of the year to start\n" | |
914 | "Day of th month to start\n" | |
915 | "Year to start\n" | |
916 | "Time to expire\n" | |
917 | "Day of th month to expire\n" | |
918 | "Month of the year to expire\n" | |
919 | "Year to expire\n") | |
920 | { | |
d62a17ae | 921 | int idx_hhmmss = 1; |
922 | int idx_month = 2; | |
923 | int idx_number = 3; | |
924 | int idx_number_2 = 4; | |
925 | int idx_hhmmss_2 = 5; | |
926 | int idx_number_3 = 6; | |
927 | int idx_month_2 = 7; | |
928 | int idx_number_4 = 8; | |
929 | VTY_DECLVAR_CONTEXT_SUB(key, key); | |
930 | ||
931 | return key_lifetime_set( | |
932 | vty, &key->send, argv[idx_hhmmss]->arg, argv[idx_number]->arg, | |
933 | argv[idx_month]->arg, argv[idx_number_2]->arg, | |
934 | argv[idx_hhmmss_2]->arg, argv[idx_number_3]->arg, | |
935 | argv[idx_month_2]->arg, argv[idx_number_4]->arg); | |
718e3744 | 936 | } |
937 | ||
938 | DEFUN (send_lifetime_month_day_month_day, | |
939 | send_lifetime_month_day_month_day_cmd, | |
6147e2c6 | 940 | "send-lifetime HH:MM:SS MONTH (1-31) (1993-2035) HH:MM:SS MONTH (1-31) (1993-2035)", |
718e3744 | 941 | "Set send lifetime of the key\n" |
942 | "Time to start\n" | |
943 | "Month of the year to start\n" | |
944 | "Day of th month to start\n" | |
945 | "Year to start\n" | |
946 | "Time to expire\n" | |
947 | "Month of the year to expire\n" | |
948 | "Day of th month to expire\n" | |
949 | "Year to expire\n") | |
950 | { | |
d62a17ae | 951 | int idx_hhmmss = 1; |
952 | int idx_month = 2; | |
953 | int idx_number = 3; | |
954 | int idx_number_2 = 4; | |
955 | int idx_hhmmss_2 = 5; | |
956 | int idx_month_2 = 6; | |
957 | int idx_number_3 = 7; | |
958 | int idx_number_4 = 8; | |
959 | VTY_DECLVAR_CONTEXT_SUB(key, key); | |
960 | ||
961 | return key_lifetime_set( | |
962 | vty, &key->send, argv[idx_hhmmss]->arg, argv[idx_number]->arg, | |
963 | argv[idx_month]->arg, argv[idx_number_2]->arg, | |
964 | argv[idx_hhmmss_2]->arg, argv[idx_number_3]->arg, | |
965 | argv[idx_month_2]->arg, argv[idx_number_4]->arg); | |
718e3744 | 966 | } |
967 | ||
968 | DEFUN (send_lifetime_infinite_day_month, | |
969 | send_lifetime_infinite_day_month_cmd, | |
6147e2c6 | 970 | "send-lifetime HH:MM:SS (1-31) MONTH (1993-2035) infinite", |
718e3744 | 971 | "Set send lifetime of the key\n" |
972 | "Time to start\n" | |
973 | "Day of th month to start\n" | |
974 | "Month of the year to start\n" | |
975 | "Year to start\n" | |
efd7904e | 976 | "Never expires\n") |
718e3744 | 977 | { |
d62a17ae | 978 | int idx_hhmmss = 1; |
979 | int idx_number = 2; | |
980 | int idx_month = 3; | |
981 | int idx_number_2 = 4; | |
982 | VTY_DECLVAR_CONTEXT_SUB(key, key); | |
983 | ||
984 | return key_lifetime_infinite_set( | |
985 | vty, &key->send, argv[idx_hhmmss]->arg, argv[idx_number]->arg, | |
986 | argv[idx_month]->arg, argv[idx_number_2]->arg); | |
718e3744 | 987 | } |
988 | ||
989 | DEFUN (send_lifetime_infinite_month_day, | |
990 | send_lifetime_infinite_month_day_cmd, | |
6147e2c6 | 991 | "send-lifetime HH:MM:SS MONTH (1-31) (1993-2035) infinite", |
718e3744 | 992 | "Set send lifetime of the key\n" |
993 | "Time to start\n" | |
994 | "Month of the year to start\n" | |
995 | "Day of th month to start\n" | |
996 | "Year to start\n" | |
efd7904e | 997 | "Never expires\n") |
718e3744 | 998 | { |
d62a17ae | 999 | int idx_hhmmss = 1; |
1000 | int idx_month = 2; | |
1001 | int idx_number = 3; | |
1002 | int idx_number_2 = 4; | |
1003 | VTY_DECLVAR_CONTEXT_SUB(key, key); | |
1004 | ||
1005 | return key_lifetime_infinite_set( | |
1006 | vty, &key->send, argv[idx_hhmmss]->arg, argv[idx_number]->arg, | |
1007 | argv[idx_month]->arg, argv[idx_number_2]->arg); | |
718e3744 | 1008 | } |
1009 | ||
1010 | DEFUN (send_lifetime_duration_day_month, | |
1011 | send_lifetime_duration_day_month_cmd, | |
6147e2c6 | 1012 | "send-lifetime HH:MM:SS (1-31) MONTH (1993-2035) duration (1-2147483646)", |
718e3744 | 1013 | "Set send lifetime of the key\n" |
1014 | "Time to start\n" | |
1015 | "Day of th month to start\n" | |
1016 | "Month of the year to start\n" | |
1017 | "Year to start\n" | |
1018 | "Duration of the key\n" | |
1019 | "Duration seconds\n") | |
1020 | { | |
d62a17ae | 1021 | int idx_hhmmss = 1; |
1022 | int idx_number = 2; | |
1023 | int idx_month = 3; | |
1024 | int idx_number_2 = 4; | |
1025 | int idx_number_3 = 6; | |
1026 | VTY_DECLVAR_CONTEXT_SUB(key, key); | |
1027 | ||
1028 | return key_lifetime_duration_set( | |
1029 | vty, &key->send, argv[idx_hhmmss]->arg, argv[idx_number]->arg, | |
1030 | argv[idx_month]->arg, argv[idx_number_2]->arg, | |
1031 | argv[idx_number_3]->arg); | |
718e3744 | 1032 | } |
1033 | ||
1034 | DEFUN (send_lifetime_duration_month_day, | |
1035 | send_lifetime_duration_month_day_cmd, | |
6147e2c6 | 1036 | "send-lifetime HH:MM:SS MONTH (1-31) (1993-2035) duration (1-2147483646)", |
718e3744 | 1037 | "Set send lifetime of the key\n" |
1038 | "Time to start\n" | |
1039 | "Month of the year to start\n" | |
1040 | "Day of th month to start\n" | |
1041 | "Year to start\n" | |
1042 | "Duration of the key\n" | |
1043 | "Duration seconds\n") | |
1044 | { | |
d62a17ae | 1045 | int idx_hhmmss = 1; |
1046 | int idx_month = 2; | |
1047 | int idx_number = 3; | |
1048 | int idx_number_2 = 4; | |
1049 | int idx_number_3 = 6; | |
1050 | VTY_DECLVAR_CONTEXT_SUB(key, key); | |
1051 | ||
1052 | return key_lifetime_duration_set( | |
1053 | vty, &key->send, argv[idx_hhmmss]->arg, argv[idx_number]->arg, | |
1054 | argv[idx_month]->arg, argv[idx_number_2]->arg, | |
1055 | argv[idx_number_3]->arg); | |
718e3744 | 1056 | } |
6b0655a2 | 1057 | |
c50e6abd | 1058 | DEFUN (no_send_lifetime, |
1059 | no_send_lifetime_cmd, | |
1060 | "no send-lifetime", | |
1061 | NO_STR | |
1062 | "Unset send-lifetime\n") | |
1063 | { | |
1064 | VTY_DECLVAR_CONTEXT_SUB(key, key); | |
1065 | ||
1066 | if (key->send.start) | |
1067 | key->send.start = 0; | |
1068 | if (key->send.end) | |
1069 | key->send.end = 0; | |
1070 | if (key->send.duration) | |
1071 | key->send.duration = 0; | |
1072 | ||
1073 | return CMD_SUCCESS; | |
1074 | } | |
1075 | ||
612c2c15 | 1076 | static int keychain_config_write(struct vty *vty); |
62b346ee | 1077 | static struct cmd_node keychain_node = { |
f4b8291f | 1078 | .name = "keychain", |
62b346ee | 1079 | .node = KEYCHAIN_NODE, |
24389580 | 1080 | .parent_node = CONFIG_NODE, |
62b346ee | 1081 | .prompt = "%s(config-keychain)# ", |
612c2c15 | 1082 | .config_write = keychain_config_write, |
62b346ee DL |
1083 | }; |
1084 | ||
1085 | static struct cmd_node keychain_key_node = { | |
f4b8291f | 1086 | .name = "keychain key", |
62b346ee | 1087 | .node = KEYCHAIN_KEY_NODE, |
24389580 | 1088 | .parent_node = KEYCHAIN_NODE, |
62b346ee | 1089 | .prompt = "%s(config-keychain-key)# ", |
62b346ee | 1090 | }; |
718e3744 | 1091 | |
d62a17ae | 1092 | static int keychain_strftime(char *buf, int bufsiz, time_t *time) |
718e3744 | 1093 | { |
a2700b50 | 1094 | struct tm tm; |
d62a17ae | 1095 | size_t len; |
718e3744 | 1096 | |
a2700b50 | 1097 | localtime_r(time, &tm); |
718e3744 | 1098 | |
a2700b50 | 1099 | len = strftime(buf, bufsiz, "%T %b %d %Y", &tm); |
718e3744 | 1100 | |
d62a17ae | 1101 | return len; |
718e3744 | 1102 | } |
1103 | ||
d62a17ae | 1104 | static int keychain_config_write(struct vty *vty) |
718e3744 | 1105 | { |
d62a17ae | 1106 | struct keychain *keychain; |
1107 | struct key *key; | |
1108 | struct listnode *node; | |
1109 | struct listnode *knode; | |
1110 | char buf[BUFSIZ]; | |
1111 | ||
1112 | for (ALL_LIST_ELEMENTS_RO(keychain_list, node, keychain)) { | |
1113 | vty_out(vty, "key chain %s\n", keychain->name); | |
1114 | ||
1115 | for (ALL_LIST_ELEMENTS_RO(keychain->key, knode, key)) { | |
1116 | vty_out(vty, " key %d\n", key->index); | |
1117 | ||
1118 | if (key->string) | |
1119 | vty_out(vty, " key-string %s\n", key->string); | |
1120 | ||
72000880 AR |
1121 | if (key->hash_algo != KEYCHAIN_ALGO_NULL) |
1122 | vty_out(vty, " cryptographic-algorithm %s\n", | |
1123 | keychain_get_algo_name_by_id( | |
1124 | key->hash_algo)); | |
1125 | ||
d62a17ae | 1126 | if (key->accept.start) { |
1127 | keychain_strftime(buf, BUFSIZ, | |
1128 | &key->accept.start); | |
1129 | vty_out(vty, " accept-lifetime %s", buf); | |
1130 | ||
1131 | if (key->accept.end == -1) | |
1132 | vty_out(vty, " infinite"); | |
1133 | else if (key->accept.duration) | |
1134 | vty_out(vty, " duration %ld", | |
1135 | (long)(key->accept.end | |
1136 | - key->accept.start)); | |
1137 | else { | |
1138 | keychain_strftime(buf, BUFSIZ, | |
1139 | &key->accept.end); | |
1140 | vty_out(vty, " %s", buf); | |
1141 | } | |
1142 | vty_out(vty, "\n"); | |
1143 | } | |
1144 | ||
1145 | if (key->send.start) { | |
1146 | keychain_strftime(buf, BUFSIZ, | |
1147 | &key->send.start); | |
1148 | vty_out(vty, " send-lifetime %s", buf); | |
1149 | ||
1150 | if (key->send.end == -1) | |
1151 | vty_out(vty, " infinite"); | |
1152 | else if (key->send.duration) | |
1153 | vty_out(vty, " duration %ld", | |
1154 | (long)(key->send.end | |
1155 | - key->send.start)); | |
1156 | else { | |
1157 | keychain_strftime(buf, BUFSIZ, | |
1158 | &key->send.end); | |
1159 | vty_out(vty, " %s", buf); | |
1160 | } | |
1161 | vty_out(vty, "\n"); | |
1162 | } | |
deb95b37 AC |
1163 | |
1164 | vty_out(vty, " exit\n"); | |
718e3744 | 1165 | } |
07679ad9 | 1166 | vty_out(vty, "exit\n"); |
d62a17ae | 1167 | vty_out(vty, "!\n"); |
718e3744 | 1168 | } |
718e3744 | 1169 | |
d62a17ae | 1170 | return 0; |
718e3744 | 1171 | } |
1172 | ||
72000880 | 1173 | |
166f9103 AR |
1174 | static void keychain_active_config(vector comps, struct cmd_token *token) |
1175 | { | |
1176 | struct keychain *keychain; | |
1177 | struct listnode *node; | |
1178 | ||
1179 | for (ALL_LIST_ELEMENTS_RO(keychain_list, node, keychain)) | |
1180 | vector_set(comps, XSTRDUP(MTYPE_COMPLETION, keychain->name)); | |
1181 | } | |
1182 | ||
1183 | static const struct cmd_variable_handler keychain_var_handlers[] = { | |
1184 | {.varname = "key_chain", .completions = keychain_active_config}, | |
1185 | {.tokenname = "KEYCHAIN_NAME", .completions = keychain_active_config}, | |
1186 | {.tokenname = "KCHAIN_NAME", .completions = keychain_active_config}, | |
1187 | {.completions = NULL} | |
1188 | }; | |
1189 | ||
4d762f26 | 1190 | void keychain_init(void) |
718e3744 | 1191 | { |
d62a17ae | 1192 | keychain_list = list_new(); |
1193 | ||
166f9103 AR |
1194 | /* Register handler for keychain auto config support */ |
1195 | cmd_variable_handler_register(keychain_var_handlers); | |
612c2c15 DL |
1196 | install_node(&keychain_node); |
1197 | install_node(&keychain_key_node); | |
d62a17ae | 1198 | |
1199 | install_default(KEYCHAIN_NODE); | |
1200 | install_default(KEYCHAIN_KEY_NODE); | |
1201 | ||
1202 | install_element(CONFIG_NODE, &key_chain_cmd); | |
1203 | install_element(CONFIG_NODE, &no_key_chain_cmd); | |
1204 | install_element(KEYCHAIN_NODE, &key_cmd); | |
1205 | install_element(KEYCHAIN_NODE, &no_key_cmd); | |
1206 | ||
1207 | install_element(KEYCHAIN_NODE, &key_chain_cmd); | |
1208 | install_element(KEYCHAIN_NODE, &no_key_chain_cmd); | |
1209 | ||
1210 | install_element(KEYCHAIN_KEY_NODE, &key_string_cmd); | |
1211 | install_element(KEYCHAIN_KEY_NODE, &no_key_string_cmd); | |
1212 | ||
1213 | install_element(KEYCHAIN_KEY_NODE, &key_chain_cmd); | |
1214 | install_element(KEYCHAIN_KEY_NODE, &no_key_chain_cmd); | |
1215 | ||
1216 | install_element(KEYCHAIN_KEY_NODE, &key_cmd); | |
1217 | install_element(KEYCHAIN_KEY_NODE, &no_key_cmd); | |
1218 | ||
1219 | install_element(KEYCHAIN_KEY_NODE, | |
1220 | &accept_lifetime_day_month_day_month_cmd); | |
1221 | install_element(KEYCHAIN_KEY_NODE, | |
1222 | &accept_lifetime_day_month_month_day_cmd); | |
1223 | install_element(KEYCHAIN_KEY_NODE, | |
1224 | &accept_lifetime_month_day_day_month_cmd); | |
1225 | install_element(KEYCHAIN_KEY_NODE, | |
1226 | &accept_lifetime_month_day_month_day_cmd); | |
1227 | install_element(KEYCHAIN_KEY_NODE, | |
1228 | &accept_lifetime_infinite_day_month_cmd); | |
1229 | install_element(KEYCHAIN_KEY_NODE, | |
1230 | &accept_lifetime_infinite_month_day_cmd); | |
1231 | install_element(KEYCHAIN_KEY_NODE, | |
1232 | &accept_lifetime_duration_day_month_cmd); | |
1233 | install_element(KEYCHAIN_KEY_NODE, | |
1234 | &accept_lifetime_duration_month_day_cmd); | |
996c9314 | 1235 | install_element(KEYCHAIN_KEY_NODE, &no_accept_lifetime_cmd); |
d62a17ae | 1236 | |
1237 | install_element(KEYCHAIN_KEY_NODE, | |
1238 | &send_lifetime_day_month_day_month_cmd); | |
1239 | install_element(KEYCHAIN_KEY_NODE, | |
1240 | &send_lifetime_day_month_month_day_cmd); | |
1241 | install_element(KEYCHAIN_KEY_NODE, | |
1242 | &send_lifetime_month_day_day_month_cmd); | |
1243 | install_element(KEYCHAIN_KEY_NODE, | |
1244 | &send_lifetime_month_day_month_day_cmd); | |
1245 | install_element(KEYCHAIN_KEY_NODE, | |
1246 | &send_lifetime_infinite_day_month_cmd); | |
1247 | install_element(KEYCHAIN_KEY_NODE, | |
1248 | &send_lifetime_infinite_month_day_cmd); | |
1249 | install_element(KEYCHAIN_KEY_NODE, | |
1250 | &send_lifetime_duration_day_month_cmd); | |
1251 | install_element(KEYCHAIN_KEY_NODE, | |
1252 | &send_lifetime_duration_month_day_cmd); | |
996c9314 | 1253 | install_element(KEYCHAIN_KEY_NODE, &no_send_lifetime_cmd); |
72000880 AR |
1254 | install_element(KEYCHAIN_KEY_NODE, &cryptographic_algorithm_cmd); |
1255 | install_element(KEYCHAIN_KEY_NODE, &no_cryptographic_algorithm_cmd); | |
718e3744 | 1256 | } |