]> git.proxmox.com Git - mirror_frr.git/blame - lib/keychain.c
projects / mirror_frr.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
*: auto-convert to SPDX License IDs
[mirror_frr.git] / lib / keychain.c
CommitLineData
acddc0ed 1// SPDX-License-Identifier: GPL-2.0-or-later
718e3744 2/* key-chain for authentication.
896014f4 3 * Copyright (C) 2000 Kunihiro Ishiguro
896014f4 4 */
718e3744 5
72000880 6#include "config.h"
718e3744 7#include <zebra.h>
8
9#include "command.h"
10#include "memory.h"
11#include "linklist.h"
12#include "keychain.h"
13
bf8d3d6a
DL		 14DEFINE_MTYPE_STATIC(LIB, KEY, "Key");
15DEFINE_MTYPE_STATIC(LIB, KEYCHAIN, "Key chain");
4a1ab8e4 16
96244aca
DL		 17DEFINE_QOBJ_TYPE(keychain);
18DEFINE_QOBJ_TYPE(key);
e80e7cce 19
718e3744 20/* Master list of key chain. */
c17faa4b 21static struct list *keychain_list;
718e3744 22
d62a17ae 23static struct keychain *keychain_new(void)
718e3744 24{
d62a17ae 25 struct keychain *keychain;
26 keychain = XCALLOC(MTYPE_KEYCHAIN, sizeof(struct keychain));
27 QOBJ_REG(keychain, keychain);
28 return keychain;
718e3744 29}
30
d62a17ae 31static void keychain_free(struct keychain *keychain)
718e3744 32{
d62a17ae 33 QOBJ_UNREG(keychain);
34 XFREE(MTYPE_KEYCHAIN, keychain);
718e3744 35}
36
d62a17ae 37static struct key *key_new(void)
718e3744 38{
d62a17ae 39 struct key *key = XCALLOC(MTYPE_KEY, sizeof(struct key));
40 QOBJ_REG(key, key);
41 return key;
718e3744 42}
43
d62a17ae 44static void key_free(struct key *key)
718e3744 45{
d62a17ae 46 QOBJ_UNREG(key);
47 XFREE(MTYPE_KEY, key);
718e3744 48}
49
d62a17ae 50struct keychain *keychain_lookup(const char *name)
718e3744 51{
d62a17ae 52 struct listnode *node;
53 struct keychain *keychain;
718e3744 54
d62a17ae 55 if (name == NULL)
56 return NULL;
718e3744 57
d62a17ae 58 for (ALL_LIST_ELEMENTS_RO(keychain_list, node, keychain)) {
59 if (strcmp(keychain->name, name) == 0)
60 return keychain;
61 }
62 return NULL;
718e3744 63}
64
d62a17ae 65static int key_cmp_func(void *arg1, void *arg2)
718e3744 66{
d62a17ae 67 const struct key *k1 = arg1;
68 const struct key *k2 = arg2;
69
70 if (k1->index > k2->index)
71 return 1;
72 if (k1->index < k2->index)
73 return -1;
74 return 0;
718e3744 75}
76
d62a17ae 77static void key_delete_func(struct key *key)
718e3744 78{
d62a17ae 79 if (key->string)
80 free(key->string);
81 key_free(key);
718e3744 82}
83
d62a17ae 84static struct keychain *keychain_get(const char *name)
718e3744 85{
d62a17ae 86 struct keychain *keychain;
718e3744 87
d62a17ae 88 keychain = keychain_lookup(name);
718e3744 89
d62a17ae 90 if (keychain)
91 return keychain;
718e3744 92
d62a17ae 93 keychain = keychain_new();
94 keychain->name = XSTRDUP(MTYPE_KEYCHAIN, name);
95 keychain->key = list_new();
96 keychain->key->cmp = (int (*)(void *, void *))key_cmp_func;
97 keychain->key->del = (void (*)(void *))key_delete_func;
98 listnode_add(keychain_list, keychain);
718e3744 99
d62a17ae 100 return keychain;
718e3744 101}
102
d62a17ae 103static void keychain_delete(struct keychain *keychain)
718e3744 104{
0a22ddfb 105 XFREE(MTYPE_KEYCHAIN, keychain->name);
718e3744 106
6a154c88 107 list_delete(&keychain->key);
d62a17ae 108 listnode_delete(keychain_list, keychain);
109 keychain_free(keychain);
718e3744 110}
111
d7c0a89a 112static struct key *key_lookup(const struct keychain *keychain, uint32_t index)
718e3744 113{
d62a17ae 114 struct listnode *node;
115 struct key *key;
718e3744 116
d62a17ae 117 for (ALL_LIST_ELEMENTS_RO(keychain->key, node, key)) {
118 if (key->index == index)
119 return key;
120 }
121 return NULL;
718e3744 122}
123
d62a17ae 124struct key *key_lookup_for_accept(const struct keychain *keychain,
d7c0a89a 125 uint32_t index)
718e3744 126{
d62a17ae 127 struct listnode *node;
128 struct key *key;
129 time_t now;
130
131 now = time(NULL);
132
133 for (ALL_LIST_ELEMENTS_RO(keychain->key, node, key)) {
134 if (key->index >= index) {
135 if (key->accept.start == 0)
136 return key;
137
138 if (key->accept.start <= now)
139 if (key->accept.end >= now
140 || key->accept.end == -1)
141 return key;
142 }
718e3744 143 }
d62a17ae 144 return NULL;
718e3744 145}
146
d62a17ae 147struct key *key_match_for_accept(const struct keychain *keychain,
148 const char *auth_str)
718e3744 149{
d62a17ae 150 struct listnode *node;
151 struct key *key;
152 time_t now;
153
154 now = time(NULL);
155
156 for (ALL_LIST_ELEMENTS_RO(keychain->key, node, key)) {
157 if (key->accept.start == 0
158 || (key->accept.start <= now
159 && (key->accept.end >= now || key->accept.end == -1)))
c4efb224 160 if (key->string && (strncmp(key->string, auth_str, 16) == 0))
d62a17ae 161 return key;
162 }
163 return NULL;
718e3744 164}
165
d62a17ae 166struct key *key_lookup_for_send(const struct keychain *keychain)
718e3744 167{
d62a17ae 168 struct listnode *node;
169 struct key *key;
170 time_t now;
718e3744 171
d62a17ae 172 now = time(NULL);
718e3744 173
d62a17ae 174 for (ALL_LIST_ELEMENTS_RO(keychain->key, node, key)) {
175 if (key->send.start == 0)
176 return key;
718e3744 177
d62a17ae 178 if (key->send.start <= now)
179 if (key->send.end >= now || key->send.end == -1)
180 return key;
181 }
182 return NULL;
718e3744 183}
184
d7c0a89a 185static struct key *key_get(const struct keychain *keychain, uint32_t index)
718e3744 186{
d62a17ae 187 struct key *key;
718e3744 188
d62a17ae 189 key = key_lookup(keychain, index);
718e3744 190
d62a17ae 191 if (key)
192 return key;
718e3744 193
d62a17ae 194 key = key_new();
195 key->index = index;
72000880 196 key->hash_algo = KEYCHAIN_ALGO_NULL;
d62a17ae 197 listnode_add_sort(keychain->key, key);
718e3744 198
d62a17ae 199 return key;
718e3744 200}
201
d62a17ae 202static void key_delete(struct keychain *keychain, struct key *key)
718e3744 203{
d62a17ae 204 listnode_delete(keychain->key, key);
718e3744 205
0a22ddfb 206 XFREE(MTYPE_KEY, key->string);
d62a17ae 207 key_free(key);
718e3744 208}
6b0655a2 209
505e5056 210DEFUN_NOSH (key_chain,
718e3744 211 key_chain_cmd,
212 "key chain WORD",
213 "Authentication key management\n"
214 "Key-chain management\n"
215 "Key-chain name\n")
216{
d62a17ae 217 int idx_word = 2;
218 struct keychain *keychain;
718e3744 219
d62a17ae 220 keychain = keychain_get(argv[idx_word]->arg);
221 VTY_PUSH_CONTEXT(KEYCHAIN_NODE, keychain);
718e3744 222
d62a17ae 223 return CMD_SUCCESS;
718e3744 224}
225
226DEFUN (no_key_chain,
227 no_key_chain_cmd,
228 "no key chain WORD",
229 NO_STR
230 "Authentication key management\n"
231 "Key-chain management\n"
232 "Key-chain name\n")
233{
d62a17ae 234 int idx_word = 3;
235 struct keychain *keychain;
718e3744 236
d62a17ae 237 keychain = keychain_lookup(argv[idx_word]->arg);
718e3744 238
d62a17ae 239 if (!keychain) {
240 vty_out(vty, "Can't find keychain %s\n", argv[idx_word]->arg);
241 return CMD_WARNING_CONFIG_FAILED;
242 }
718e3744 243
d62a17ae 244 keychain_delete(keychain);
718e3744 245
d62a17ae 246 return CMD_SUCCESS;
718e3744 247}
248
505e5056 249DEFUN_NOSH (key,
718e3744 250 key_cmd,
6147e2c6 251 "key (0-2147483647)",
718e3744 252 "Configure a key\n"
253 "Key identifier number\n")
254{
d62a17ae 255 int idx_number = 1;
256 VTY_DECLVAR_CONTEXT(keychain, keychain);
257 struct key *key;
d7c0a89a 258 uint32_t index;
d62a17ae 259
260 index = strtoul(argv[idx_number]->arg, NULL, 10);
261 key = key_get(keychain, index);
262 VTY_PUSH_CONTEXT_SUB(KEYCHAIN_KEY_NODE, key);
263
264 return CMD_SUCCESS;
718e3744 265}
266
267DEFUN (no_key,
268 no_key_cmd,
6147e2c6 269 "no key (0-2147483647)",
718e3744 270 NO_STR
271 "Delete a key\n"
272 "Key identifier number\n")
273{
d62a17ae 274 int idx_number = 2;
275 VTY_DECLVAR_CONTEXT(keychain, keychain);
276 struct key *key;
d7c0a89a 277 uint32_t index;
d62a17ae 278
279 index = strtoul(argv[idx_number]->arg, NULL, 10);
280 key = key_lookup(keychain, index);
281 if (!key) {
282 vty_out(vty, "Can't find key %d\n", index);
283 return CMD_WARNING_CONFIG_FAILED;
284 }
285
286 key_delete(keychain, key);
287
288 vty->node = KEYCHAIN_NODE;
289
290 return CMD_SUCCESS;
718e3744 291}
292
293DEFUN (key_string,
294 key_string_cmd,
295 "key-string LINE",
296 "Set key string\n"
297 "The key\n")
298{
d62a17ae 299 int idx_line = 1;
300 VTY_DECLVAR_CONTEXT_SUB(key, key);
718e3744 301
d62a17ae 302 if (key->string)
303 XFREE(MTYPE_KEY, key->string);
304 key->string = XSTRDUP(MTYPE_KEY, argv[idx_line]->arg);
718e3744 305
d62a17ae 306 return CMD_SUCCESS;
718e3744 307}
308
309DEFUN (no_key_string,
310 no_key_string_cmd,
311 "no key-string [LINE]",
312 NO_STR
313 "Unset key string\n"
314 "The key\n")
315{
d62a17ae 316 VTY_DECLVAR_CONTEXT_SUB(key, key);
718e3744 317
d62a17ae 318 if (key->string) {
319 XFREE(MTYPE_KEY, key->string);
320 key->string = NULL;
321 }
718e3744 322
d62a17ae 323 return CMD_SUCCESS;
718e3744 324}
325
72000880
AR		 326const struct keychain_algo_info algo_info[] = {
327 {KEYCHAIN_ALGO_NULL, "null", 0, 0, "NULL"},
328 {KEYCHAIN_ALGO_MD5, "md5", KEYCHAIN_MD5_HASH_SIZE,
329 KEYCHAIN_ALGO_MD5_INTERNAL_BLK_SIZE, "MD5"},
330 {KEYCHAIN_ALGO_HMAC_SHA1, "hmac-sha-1", KEYCHAIN_HMAC_SHA1_HASH_SIZE,
331 KEYCHAIN_ALGO_SHA1_INTERNAL_BLK_SIZE, "HMAC-SHA-1"},
332 {KEYCHAIN_ALGO_HMAC_SHA256, "hmac-sha-256",
333 KEYCHAIN_HMAC_SHA256_HASH_SIZE, KEYCHAIN_ALGO_SHA256_INTERNAL_BLK_SIZE,
334 "HMAC-SHA-256"},
335 {KEYCHAIN_ALGO_HMAC_SHA384, "hmac-sha-384",
336 KEYCHAIN_HMAC_SHA384_HASH_SIZE, KEYCHAIN_ALGO_SHA384_INTERNAL_BLK_SIZE,
337 "HMAC-SHA-384"},
338 {KEYCHAIN_ALGO_HMAC_SHA512, "hmac-sha-512",
339 KEYCHAIN_HMAC_SHA512_HASH_SIZE, KEYCHAIN_ALGO_SHA512_INTERNAL_BLK_SIZE,
340 "HMAC-SHA-512"},
341 {KEYCHAIN_ALGO_MAX, "max", KEYCHAIN_MAX_HASH_SIZE,
342 KEYCHAIN_ALGO_MAX_INTERNAL_BLK_SIZE, "Not defined"}
343};
344
42bfee18 345uint16_t keychain_get_block_size(enum keychain_hash_algo key)
72000880
AR		 346{
347 return algo_info[key].block;
348}
349
42bfee18 350uint16_t keychain_get_hash_len(enum keychain_hash_algo key)
72000880
AR		 351{
352 return algo_info[key].length;
353}
354
355const char *keychain_get_description(enum keychain_hash_algo key)
356{
357 return algo_info[key].desc;
358}
359
360struct keychain_algo_info
361keychain_get_hash_algo_info(enum keychain_hash_algo key)
362{
363 return algo_info[key];
364}
365
366enum keychain_hash_algo keychain_get_algo_id_by_name(const char *name)
367{
368#ifdef CRYPTO_INTERNAL
369 if (!strncmp(name, "hmac-sha-2", 10))
370 return KEYCHAIN_ALGO_HMAC_SHA256;
371 else if (!strncmp(name, "m", 1))
372 return KEYCHAIN_ALGO_MD5;
373 else
374 return KEYCHAIN_ALGO_NULL;
375#else
376 if (!strncmp(name, "m", 1))
377 return KEYCHAIN_ALGO_MD5;
378 else if (!strncmp(name, "hmac-sha-1", 10))
379 return KEYCHAIN_ALGO_HMAC_SHA1;
380 else if (!strncmp(name, "hmac-sha-2", 10))
381 return KEYCHAIN_ALGO_HMAC_SHA256;
382 else if (!strncmp(name, "hmac-sha-3", 10))
383 return KEYCHAIN_ALGO_HMAC_SHA384;
384 else if (!strncmp(name, "hmac-sha-5", 10))
385 return KEYCHAIN_ALGO_HMAC_SHA512;
386 else
387 return KEYCHAIN_ALGO_NULL;
388#endif
389}
390
391const char *keychain_get_algo_name_by_id(enum keychain_hash_algo key)
392{
393 return algo_info[key].name;
394}
395
396DEFUN(cryptographic_algorithm, cryptographic_algorithm_cmd,
397 "cryptographic-algorithm "
398 "<md5|hmac-sha-1|hmac-sha-256|hmac-sha-384|hmac-sha-512>",
399 "Cryptographic-algorithm\n"
400 "Use MD5 algorithm\n"
401 "Use HMAC-SHA-1 algorithm\n"
402 "Use HMAC-SHA-256 algorithm\n"
403 "Use HMAC-SHA-384 algorithm\n"
404 "Use HMAC-SHA-512 algorithm\n")
405{
406 int algo_idx = 1;
407 uint8_t hash_algo = KEYCHAIN_ALGO_NULL;
408
409 VTY_DECLVAR_CONTEXT_SUB(key, key);
410 hash_algo = keychain_get_algo_id_by_name(argv[algo_idx]->arg);
411#ifndef CRYPTO_OPENSSL
412 if (hash_algo == KEYCHAIN_ALGO_NULL) {
413 vty_out(vty,
414 "Hash algorithm not supported, compile with --with-crypto=openssl\n");
415 return CMD_WARNING_CONFIG_FAILED;
416 }
417#endif /* CRYPTO_OPENSSL */
418 key->hash_algo = hash_algo;
419 return CMD_SUCCESS;
420}
421
422DEFUN(no_cryptographic_algorithm, no_cryptographic_algorithm_cmd,
423 "no cryptographic-algorithm "
424 "[<md5|hmac-sha-1|hmac-sha-256|hmac-sha-384|hmac-sha-512>]",
425 NO_STR
426 "Cryptographic-algorithm\n"
427 "Use MD5 algorithm\n"
428 "Use HMAC-SHA-1 algorithm\n"
429 "Use HMAC-SHA-256 algorithm\n"
430 "Use HMAC-SHA-384 algorithm\n"
431 "Use HMAC-SHA-512 algorithm\n")
432{
433 int algo_idx = 2;
434 uint8_t hash_algo = KEYCHAIN_ALGO_NULL;
435
436 VTY_DECLVAR_CONTEXT_SUB(key, key);
437 if (argc > algo_idx) {
438 hash_algo = keychain_get_algo_id_by_name(argv[algo_idx]->arg);
439 if (hash_algo == KEYCHAIN_ALGO_NULL) {
440 vty_out(vty,
441 "Hash algorithm not supported, try compiling with --with-crypto=openssl\n");
442 return CMD_WARNING_CONFIG_FAILED;
443 }
444 }
445
446 if ((hash_algo != KEYCHAIN_ALGO_NULL) && (hash_algo != key->hash_algo))
447 return CMD_SUCCESS;
448
449 key->hash_algo = KEYCHAIN_ALGO_NULL;
450 return CMD_SUCCESS;
451}
452
718e3744 453/* Convert HH:MM:SS MON DAY YEAR to time_t value. -1 is returned when
454 given string is malformed. */
d62a17ae 455static time_t key_str2time(const char *time_str, const char *day_str,
456 const char *month_str, const char *year_str)
718e3744 457{
d62a17ae 458 int i = 0;
459 char *colon;
460 struct tm tm;
461 time_t time;
462 unsigned int sec, min, hour;
463 unsigned int day, month, year;
464
465 const char *month_name[] = {
466 "January", "February", "March", "April", "May",
467 "June", "July", "August", "September", "October",
468 "November", "December", NULL};
469
470#define _GET_LONG_RANGE(V, STR, MMCOND) \
471 { \
472 unsigned long tmpl; \
473 char *endptr = NULL; \
474 tmpl = strtoul((STR), &endptr, 10); \
475 if (*endptr != '\0' || tmpl == ULONG_MAX) \
476 return -1; \
477 if (MMCOND) \
478 return -1; \
479 (V) = tmpl; \
718e3744 480 }
d62a17ae 481#define GET_LONG_RANGE(V, STR, MIN, MAX) \
482 _GET_LONG_RANGE(V, STR, tmpl<(MIN) || tmpl>(MAX))
483#define GET_LONG_RANGE0(V, STR, MAX) _GET_LONG_RANGE(V, STR, tmpl > (MAX))
484
485 /* Check hour field of time_str. */
486 colon = strchr(time_str, ':');
487 if (colon == NULL)
488 return -1;
489 *colon = '\0';
490
491 /* Hour must be between 0 and 23. */
492 GET_LONG_RANGE0(hour, time_str, 23);
493
494 /* Check min field of time_str. */
495 time_str = colon + 1;
496 colon = strchr(time_str, ':');
497 if (*time_str == '\0' || colon == NULL)
498 return -1;
499 *colon = '\0';
500
501 /* Min must be between 0 and 59. */
502 GET_LONG_RANGE0(min, time_str, 59);
503
504 /* Check sec field of time_str. */
505 time_str = colon + 1;
506 if (*time_str == '\0')
507 return -1;
508
509 /* Sec must be between 0 and 59. */
510 GET_LONG_RANGE0(sec, time_str, 59);
511
512 /* Check day_str. Day must be <1-31>. */
513 GET_LONG_RANGE(day, day_str, 1, 31);
514
515 /* Check month_str. Month must match month_name. */
516 month = 0;
517 if (strlen(month_str) >= 3)
518 for (i = 0; month_name[i]; i++)
519 if (strncmp(month_str, month_name[i], strlen(month_str))
520 == 0) {
521 month = i;
522 break;
523 }
524 if (!month_name[i])
525 return -1;
526
527 /* Check year_str. Year must be <1993-2035>. */
528 GET_LONG_RANGE(year, year_str, 1993, 2035);
529
6006b807 530 memset(&tm, 0, sizeof(tm));
d62a17ae 531 tm.tm_sec = sec;
532 tm.tm_min = min;
533 tm.tm_hour = hour;
534 tm.tm_mon = month;
535 tm.tm_mday = day;
536 tm.tm_year = year - 1900;
537
538 time = mktime(&tm);
539
540 return time;
8cc4198f 541#undef GET_LONG_RANGE
718e3744 542}
543
d62a17ae 544static int key_lifetime_set(struct vty *vty, struct key_range *krange,
545 const char *stime_str, const char *sday_str,
546 const char *smonth_str, const char *syear_str,
547 const char *etime_str, const char *eday_str,
548 const char *emonth_str, const char *eyear_str)
718e3744 549{
d62a17ae 550 time_t time_start;
551 time_t time_end;
552
553 time_start = key_str2time(stime_str, sday_str, smonth_str, syear_str);
554 if (time_start < 0) {
555 vty_out(vty, "Malformed time value\n");
556 return CMD_WARNING_CONFIG_FAILED;
557 }
558 time_end = key_str2time(etime_str, eday_str, emonth_str, eyear_str);
559
560 if (time_end < 0) {
561 vty_out(vty, "Malformed time value\n");
562 return CMD_WARNING_CONFIG_FAILED;
563 }
564
565 if (time_end <= time_start) {
566 vty_out(vty, "Expire time is not later than start time\n");
567 return CMD_WARNING_CONFIG_FAILED;
568 }
569
570 krange->start = time_start;
571 krange->end = time_end;
572
573 return CMD_SUCCESS;
718e3744 574}
575
d62a17ae 576static int key_lifetime_duration_set(struct vty *vty, struct key_range *krange,
577 const char *stime_str,
578 const char *sday_str,
579 const char *smonth_str,
580 const char *syear_str,
581 const char *duration_str)
718e3744 582{
d62a17ae 583 time_t time_start;
d7c0a89a 584 uint32_t duration;
d62a17ae 585
586 time_start = key_str2time(stime_str, sday_str, smonth_str, syear_str);
587 if (time_start < 0) {
588 vty_out(vty, "Malformed time value\n");
589 return CMD_WARNING_CONFIG_FAILED;
590 }
591 krange->start = time_start;
592
593 duration = strtoul(duration_str, NULL, 10);
594 krange->duration = 1;
595 krange->end = time_start + duration;
596
597 return CMD_SUCCESS;
718e3744 598}
599
d62a17ae 600static int key_lifetime_infinite_set(struct vty *vty, struct key_range *krange,
601 const char *stime_str,
602 const char *sday_str,
603 const char *smonth_str,
604 const char *syear_str)
718e3744 605{
d62a17ae 606 time_t time_start;
607
608 time_start = key_str2time(stime_str, sday_str, smonth_str, syear_str);
609 if (time_start < 0) {
610 vty_out(vty, "Malformed time value\n");
611 return CMD_WARNING_CONFIG_FAILED;
612 }
613 krange->start = time_start;
614
615 krange->end = -1;
616
617 return CMD_SUCCESS;
718e3744 618}
6b0655a2 619
718e3744 620DEFUN (accept_lifetime_day_month_day_month,
621 accept_lifetime_day_month_day_month_cmd,
6147e2c6 622 "accept-lifetime HH:MM:SS (1-31) MONTH (1993-2035) HH:MM:SS (1-31) MONTH (1993-2035)",
718e3744 623 "Set accept lifetime of the key\n"
624 "Time to start\n"
625 "Day of th month to start\n"
626 "Month of the year to start\n"
627 "Year to start\n"
628 "Time to expire\n"
629 "Day of th month to expire\n"
630 "Month of the year to expire\n"
631 "Year to expire\n")
632{
d62a17ae 633 int idx_hhmmss = 1;
634 int idx_number = 2;
635 int idx_month = 3;
636 int idx_number_2 = 4;
637 int idx_hhmmss_2 = 5;
638 int idx_number_3 = 6;
639 int idx_month_2 = 7;
640 int idx_number_4 = 8;
641 VTY_DECLVAR_CONTEXT_SUB(key, key);
642
643 return key_lifetime_set(
644 vty, &key->accept, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
645 argv[idx_month]->arg, argv[idx_number_2]->arg,
646 argv[idx_hhmmss_2]->arg, argv[idx_number_3]->arg,
647 argv[idx_month_2]->arg, argv[idx_number_4]->arg);
718e3744 648}
649
650DEFUN (accept_lifetime_day_month_month_day,
651 accept_lifetime_day_month_month_day_cmd,
6147e2c6 652 "accept-lifetime HH:MM:SS (1-31) MONTH (1993-2035) HH:MM:SS MONTH (1-31) (1993-2035)",
718e3744 653 "Set accept lifetime of the key\n"
654 "Time to start\n"
655 "Day of th month to start\n"
656 "Month of the year to start\n"
657 "Year to start\n"
658 "Time to expire\n"
659 "Month of the year to expire\n"
660 "Day of th month to expire\n"
661 "Year to expire\n")
662{
d62a17ae 663 int idx_hhmmss = 1;
664 int idx_number = 2;
665 int idx_month = 3;
666 int idx_number_2 = 4;
667 int idx_hhmmss_2 = 5;
668 int idx_month_2 = 6;
669 int idx_number_3 = 7;
670 int idx_number_4 = 8;
671 VTY_DECLVAR_CONTEXT_SUB(key, key);
672
673 return key_lifetime_set(
674 vty, &key->accept, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
675 argv[idx_month]->arg, argv[idx_number_2]->arg,
676 argv[idx_hhmmss_2]->arg, argv[idx_number_3]->arg,
677 argv[idx_month_2]->arg, argv[idx_number_4]->arg);
718e3744 678}
679
680DEFUN (accept_lifetime_month_day_day_month,
681 accept_lifetime_month_day_day_month_cmd,
6147e2c6 682 "accept-lifetime HH:MM:SS MONTH (1-31) (1993-2035) HH:MM:SS (1-31) MONTH (1993-2035)",
718e3744 683 "Set accept lifetime of the key\n"
684 "Time to start\n"
685 "Month of the year to start\n"
686 "Day of th month to start\n"
687 "Year to start\n"
688 "Time to expire\n"
689 "Day of th month to expire\n"
690 "Month of the year to expire\n"
691 "Year to expire\n")
692{
d62a17ae 693 int idx_hhmmss = 1;
694 int idx_month = 2;
695 int idx_number = 3;
696 int idx_number_2 = 4;
697 int idx_hhmmss_2 = 5;
698 int idx_number_3 = 6;
699 int idx_month_2 = 7;
700 int idx_number_4 = 8;
701 VTY_DECLVAR_CONTEXT_SUB(key, key);
702
703 return key_lifetime_set(
704 vty, &key->accept, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
705 argv[idx_month]->arg, argv[idx_number_2]->arg,
706 argv[idx_hhmmss_2]->arg, argv[idx_number_3]->arg,
707 argv[idx_month_2]->arg, argv[idx_number_4]->arg);
718e3744 708}
709
710DEFUN (accept_lifetime_month_day_month_day,
711 accept_lifetime_month_day_month_day_cmd,
6147e2c6 712 "accept-lifetime HH:MM:SS MONTH (1-31) (1993-2035) HH:MM:SS MONTH (1-31) (1993-2035)",
718e3744 713 "Set accept lifetime of the key\n"
714 "Time to start\n"
715 "Month of the year to start\n"
716 "Day of th month to start\n"
717 "Year to start\n"
718 "Time to expire\n"
719 "Month of the year to expire\n"
720 "Day of th month to expire\n"
721 "Year to expire\n")
722{
d62a17ae 723 int idx_hhmmss = 1;
724 int idx_month = 2;
725 int idx_number = 3;
726 int idx_number_2 = 4;
727 int idx_hhmmss_2 = 5;
728 int idx_month_2 = 6;
729 int idx_number_3 = 7;
730 int idx_number_4 = 8;
731 VTY_DECLVAR_CONTEXT_SUB(key, key);
732
733 return key_lifetime_set(
734 vty, &key->accept, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
735 argv[idx_month]->arg, argv[idx_number_2]->arg,
736 argv[idx_hhmmss_2]->arg, argv[idx_number_3]->arg,
737 argv[idx_month_2]->arg, argv[idx_number_4]->arg);
718e3744 738}
739
740DEFUN (accept_lifetime_infinite_day_month,
741 accept_lifetime_infinite_day_month_cmd,
6147e2c6 742 "accept-lifetime HH:MM:SS (1-31) MONTH (1993-2035) infinite",
718e3744 743 "Set accept lifetime of the key\n"
744 "Time to start\n"
745 "Day of th month to start\n"
746 "Month of the year to start\n"
747 "Year to start\n"
efd7904e 748 "Never expires\n")
718e3744 749{
d62a17ae 750 int idx_hhmmss = 1;
751 int idx_number = 2;
752 int idx_month = 3;
753 int idx_number_2 = 4;
754 VTY_DECLVAR_CONTEXT_SUB(key, key);
755
756 return key_lifetime_infinite_set(
757 vty, &key->accept, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
758 argv[idx_month]->arg, argv[idx_number_2]->arg);
718e3744 759}
760
761DEFUN (accept_lifetime_infinite_month_day,
762 accept_lifetime_infinite_month_day_cmd,
6147e2c6 763 "accept-lifetime HH:MM:SS MONTH (1-31) (1993-2035) infinite",
718e3744 764 "Set accept lifetime of the key\n"
765 "Time to start\n"
766 "Month of the year to start\n"
767 "Day of th month to start\n"
768 "Year to start\n"
efd7904e 769 "Never expires\n")
718e3744 770{
d62a17ae 771 int idx_hhmmss = 1;
772 int idx_month = 2;
773 int idx_number = 3;
774 int idx_number_2 = 4;
775 VTY_DECLVAR_CONTEXT_SUB(key, key);
776
777 return key_lifetime_infinite_set(
778 vty, &key->accept, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
779 argv[idx_month]->arg, argv[idx_number_2]->arg);
718e3744 780}
781
782DEFUN (accept_lifetime_duration_day_month,
783 accept_lifetime_duration_day_month_cmd,
6147e2c6 784 "accept-lifetime HH:MM:SS (1-31) MONTH (1993-2035) duration (1-2147483646)",
718e3744 785 "Set accept lifetime of the key\n"
786 "Time to start\n"
787 "Day of th month to start\n"
788 "Month of the year to start\n"
789 "Year to start\n"
790 "Duration of the key\n"
791 "Duration seconds\n")
792{
d62a17ae 793 int idx_hhmmss = 1;
794 int idx_number = 2;
795 int idx_month = 3;
796 int idx_number_2 = 4;
797 int idx_number_3 = 6;
798 VTY_DECLVAR_CONTEXT_SUB(key, key);
799
800 return key_lifetime_duration_set(
801 vty, &key->accept, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
802 argv[idx_month]->arg, argv[idx_number_2]->arg,
803 argv[idx_number_3]->arg);
718e3744 804}
805
806DEFUN (accept_lifetime_duration_month_day,
807 accept_lifetime_duration_month_day_cmd,
6147e2c6 808 "accept-lifetime HH:MM:SS MONTH (1-31) (1993-2035) duration (1-2147483646)",
718e3744 809 "Set accept lifetime of the key\n"
810 "Time to start\n"
811 "Month of the year to start\n"
812 "Day of th month to start\n"
813 "Year to start\n"
814 "Duration of the key\n"
815 "Duration seconds\n")
816{
d62a17ae 817 int idx_hhmmss = 1;
818 int idx_month = 2;
819 int idx_number = 3;
820 int idx_number_2 = 4;
821 int idx_number_3 = 6;
822 VTY_DECLVAR_CONTEXT_SUB(key, key);
823
824 return key_lifetime_duration_set(
825 vty, &key->accept, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
826 argv[idx_month]->arg, argv[idx_number_2]->arg,
827 argv[idx_number_3]->arg);
718e3744 828}
6b0655a2 829
c50e6abd 830DEFUN (no_accept_lifetime,
831 no_accept_lifetime_cmd,
832 "no accept-lifetime",
833 NO_STR
834 "Unset accept-lifetime\n")
835{
836 VTY_DECLVAR_CONTEXT_SUB(key, key);
837
838 if (key->accept.start)
839 key->accept.start = 0;
840 if (key->accept.end)
841 key->accept.end = 0;
842 if (key->accept.duration)
843 key->accept.duration = 0;
844
845 return CMD_SUCCESS;
846}
847
718e3744 848DEFUN (send_lifetime_day_month_day_month,
849 send_lifetime_day_month_day_month_cmd,
6147e2c6 850 "send-lifetime HH:MM:SS (1-31) MONTH (1993-2035) HH:MM:SS (1-31) MONTH (1993-2035)",
718e3744 851 "Set send lifetime of the key\n"
852 "Time to start\n"
853 "Day of th month to start\n"
854 "Month of the year to start\n"
855 "Year to start\n"
856 "Time to expire\n"
857 "Day of th month to expire\n"
858 "Month of the year to expire\n"
859 "Year to expire\n")
860{
d62a17ae 861 int idx_hhmmss = 1;
862 int idx_number = 2;
863 int idx_month = 3;
864 int idx_number_2 = 4;
865 int idx_hhmmss_2 = 5;
866 int idx_number_3 = 6;
867 int idx_month_2 = 7;
868 int idx_number_4 = 8;
869 VTY_DECLVAR_CONTEXT_SUB(key, key);
870
871 return key_lifetime_set(
872 vty, &key->send, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
873 argv[idx_month]->arg, argv[idx_number_2]->arg,
874 argv[idx_hhmmss_2]->arg, argv[idx_number_3]->arg,
875 argv[idx_month_2]->arg, argv[idx_number_4]->arg);
718e3744 876}
877
878DEFUN (send_lifetime_day_month_month_day,
879 send_lifetime_day_month_month_day_cmd,
6147e2c6 880 "send-lifetime HH:MM:SS (1-31) MONTH (1993-2035) HH:MM:SS MONTH (1-31) (1993-2035)",
718e3744 881 "Set send lifetime of the key\n"
882 "Time to start\n"
883 "Day of th month to start\n"
884 "Month of the year to start\n"
885 "Year to start\n"
886 "Time to expire\n"
887 "Month of the year to expire\n"
888 "Day of th month to expire\n"
889 "Year to expire\n")
890{
d62a17ae 891 int idx_hhmmss = 1;
892 int idx_number = 2;
893 int idx_month = 3;
894 int idx_number_2 = 4;
895 int idx_hhmmss_2 = 5;
896 int idx_month_2 = 6;
897 int idx_number_3 = 7;
898 int idx_number_4 = 8;
899 VTY_DECLVAR_CONTEXT_SUB(key, key);
900
901 return key_lifetime_set(
902 vty, &key->send, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
903 argv[idx_month]->arg, argv[idx_number_2]->arg,
904 argv[idx_hhmmss_2]->arg, argv[idx_number_3]->arg,
905 argv[idx_month_2]->arg, argv[idx_number_4]->arg);
718e3744 906}
907
908DEFUN (send_lifetime_month_day_day_month,
909 send_lifetime_month_day_day_month_cmd,
6147e2c6 910 "send-lifetime HH:MM:SS MONTH (1-31) (1993-2035) HH:MM:SS (1-31) MONTH (1993-2035)",
718e3744 911 "Set send lifetime of the key\n"
912 "Time to start\n"
913 "Month of the year to start\n"
914 "Day of th month to start\n"
915 "Year to start\n"
916 "Time to expire\n"
917 "Day of th month to expire\n"
918 "Month of the year to expire\n"
919 "Year to expire\n")
920{
d62a17ae 921 int idx_hhmmss = 1;
922 int idx_month = 2;
923 int idx_number = 3;
924 int idx_number_2 = 4;
925 int idx_hhmmss_2 = 5;
926 int idx_number_3 = 6;
927 int idx_month_2 = 7;
928 int idx_number_4 = 8;
929 VTY_DECLVAR_CONTEXT_SUB(key, key);
930
931 return key_lifetime_set(
932 vty, &key->send, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
933 argv[idx_month]->arg, argv[idx_number_2]->arg,
934 argv[idx_hhmmss_2]->arg, argv[idx_number_3]->arg,
935 argv[idx_month_2]->arg, argv[idx_number_4]->arg);
718e3744 936}
937
938DEFUN (send_lifetime_month_day_month_day,
939 send_lifetime_month_day_month_day_cmd,
6147e2c6 940 "send-lifetime HH:MM:SS MONTH (1-31) (1993-2035) HH:MM:SS MONTH (1-31) (1993-2035)",
718e3744 941 "Set send lifetime of the key\n"
942 "Time to start\n"
943 "Month of the year to start\n"
944 "Day of th month to start\n"
945 "Year to start\n"
946 "Time to expire\n"
947 "Month of the year to expire\n"
948 "Day of th month to expire\n"
949 "Year to expire\n")
950{
d62a17ae 951 int idx_hhmmss = 1;
952 int idx_month = 2;
953 int idx_number = 3;
954 int idx_number_2 = 4;
955 int idx_hhmmss_2 = 5;
956 int idx_month_2 = 6;
957 int idx_number_3 = 7;
958 int idx_number_4 = 8;
959 VTY_DECLVAR_CONTEXT_SUB(key, key);
960
961 return key_lifetime_set(
962 vty, &key->send, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
963 argv[idx_month]->arg, argv[idx_number_2]->arg,
964 argv[idx_hhmmss_2]->arg, argv[idx_number_3]->arg,
965 argv[idx_month_2]->arg, argv[idx_number_4]->arg);
718e3744 966}
967
968DEFUN (send_lifetime_infinite_day_month,
969 send_lifetime_infinite_day_month_cmd,
6147e2c6 970 "send-lifetime HH:MM:SS (1-31) MONTH (1993-2035) infinite",
718e3744 971 "Set send lifetime of the key\n"
972 "Time to start\n"
973 "Day of th month to start\n"
974 "Month of the year to start\n"
975 "Year to start\n"
efd7904e 976 "Never expires\n")
718e3744 977{
d62a17ae 978 int idx_hhmmss = 1;
979 int idx_number = 2;
980 int idx_month = 3;
981 int idx_number_2 = 4;
982 VTY_DECLVAR_CONTEXT_SUB(key, key);
983
984 return key_lifetime_infinite_set(
985 vty, &key->send, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
986 argv[idx_month]->arg, argv[idx_number_2]->arg);
718e3744 987}
988
989DEFUN (send_lifetime_infinite_month_day,
990 send_lifetime_infinite_month_day_cmd,
6147e2c6 991 "send-lifetime HH:MM:SS MONTH (1-31) (1993-2035) infinite",
718e3744 992 "Set send lifetime of the key\n"
993 "Time to start\n"
994 "Month of the year to start\n"
995 "Day of th month to start\n"
996 "Year to start\n"
efd7904e 997 "Never expires\n")
718e3744 998{
d62a17ae 999 int idx_hhmmss = 1;
1000 int idx_month = 2;
1001 int idx_number = 3;
1002 int idx_number_2 = 4;
1003 VTY_DECLVAR_CONTEXT_SUB(key, key);
1004
1005 return key_lifetime_infinite_set(
1006 vty, &key->send, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
1007 argv[idx_month]->arg, argv[idx_number_2]->arg);
718e3744 1008}
1009
1010DEFUN (send_lifetime_duration_day_month,
1011 send_lifetime_duration_day_month_cmd,
6147e2c6 1012 "send-lifetime HH:MM:SS (1-31) MONTH (1993-2035) duration (1-2147483646)",
718e3744 1013 "Set send lifetime of the key\n"
1014 "Time to start\n"
1015 "Day of th month to start\n"
1016 "Month of the year to start\n"
1017 "Year to start\n"
1018 "Duration of the key\n"
1019 "Duration seconds\n")
1020{
d62a17ae 1021 int idx_hhmmss = 1;
1022 int idx_number = 2;
1023 int idx_month = 3;
1024 int idx_number_2 = 4;
1025 int idx_number_3 = 6;
1026 VTY_DECLVAR_CONTEXT_SUB(key, key);
1027
1028 return key_lifetime_duration_set(
1029 vty, &key->send, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
1030 argv[idx_month]->arg, argv[idx_number_2]->arg,
1031 argv[idx_number_3]->arg);
718e3744 1032}
1033
1034DEFUN (send_lifetime_duration_month_day,
1035 send_lifetime_duration_month_day_cmd,
6147e2c6 1036 "send-lifetime HH:MM:SS MONTH (1-31) (1993-2035) duration (1-2147483646)",
718e3744 1037 "Set send lifetime of the key\n"
1038 "Time to start\n"
1039 "Month of the year to start\n"
1040 "Day of th month to start\n"
1041 "Year to start\n"
1042 "Duration of the key\n"
1043 "Duration seconds\n")
1044{
d62a17ae 1045 int idx_hhmmss = 1;
1046 int idx_month = 2;
1047 int idx_number = 3;
1048 int idx_number_2 = 4;
1049 int idx_number_3 = 6;
1050 VTY_DECLVAR_CONTEXT_SUB(key, key);
1051
1052 return key_lifetime_duration_set(
1053 vty, &key->send, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
1054 argv[idx_month]->arg, argv[idx_number_2]->arg,
1055 argv[idx_number_3]->arg);
718e3744 1056}
6b0655a2 1057
c50e6abd 1058DEFUN (no_send_lifetime,
1059 no_send_lifetime_cmd,
1060 "no send-lifetime",
1061 NO_STR
1062 "Unset send-lifetime\n")
1063{
1064 VTY_DECLVAR_CONTEXT_SUB(key, key);
1065
1066 if (key->send.start)
1067 key->send.start = 0;
1068 if (key->send.end)
1069 key->send.end = 0;
1070 if (key->send.duration)
1071 key->send.duration = 0;
1072
1073 return CMD_SUCCESS;
1074}
1075
612c2c15 1076static int keychain_config_write(struct vty *vty);
62b346ee 1077static struct cmd_node keychain_node = {
f4b8291f 1078 .name = "keychain",
62b346ee 1079 .node = KEYCHAIN_NODE,
24389580 1080 .parent_node = CONFIG_NODE,
62b346ee 1081 .prompt = "%s(config-keychain)# ",
612c2c15 1082 .config_write = keychain_config_write,
62b346ee
DL		 1083};
1084
1085static struct cmd_node keychain_key_node = {
f4b8291f 1086 .name = "keychain key",
62b346ee 1087 .node = KEYCHAIN_KEY_NODE,
24389580 1088 .parent_node = KEYCHAIN_NODE,
62b346ee 1089 .prompt = "%s(config-keychain-key)# ",
62b346ee 1090};
718e3744 1091
d62a17ae 1092static int keychain_strftime(char *buf, int bufsiz, time_t *time)
718e3744 1093{
a2700b50 1094 struct tm tm;
d62a17ae 1095 size_t len;
718e3744 1096
a2700b50 1097 localtime_r(time, &tm);
718e3744 1098
a2700b50 1099 len = strftime(buf, bufsiz, "%T %b %d %Y", &tm);
718e3744 1100
d62a17ae 1101 return len;
718e3744 1102}
1103
d62a17ae 1104static int keychain_config_write(struct vty *vty)
718e3744 1105{
d62a17ae 1106 struct keychain *keychain;
1107 struct key *key;
1108 struct listnode *node;
1109 struct listnode *knode;
1110 char buf[BUFSIZ];
1111
1112 for (ALL_LIST_ELEMENTS_RO(keychain_list, node, keychain)) {
1113 vty_out(vty, "key chain %s\n", keychain->name);
1114
1115 for (ALL_LIST_ELEMENTS_RO(keychain->key, knode, key)) {
1116 vty_out(vty, " key %d\n", key->index);
1117
1118 if (key->string)
1119 vty_out(vty, " key-string %s\n", key->string);
1120
72000880
AR		 1121 if (key->hash_algo != KEYCHAIN_ALGO_NULL)
1122 vty_out(vty, " cryptographic-algorithm %s\n",
1123 keychain_get_algo_name_by_id(
1124 key->hash_algo));
1125
d62a17ae 1126 if (key->accept.start) {
1127 keychain_strftime(buf, BUFSIZ,
1128 &key->accept.start);
1129 vty_out(vty, " accept-lifetime %s", buf);
1130
1131 if (key->accept.end == -1)
1132 vty_out(vty, " infinite");
1133 else if (key->accept.duration)
1134 vty_out(vty, " duration %ld",
1135 (long)(key->accept.end
1136 - key->accept.start));
1137 else {
1138 keychain_strftime(buf, BUFSIZ,
1139 &key->accept.end);
1140 vty_out(vty, " %s", buf);
1141 }
1142 vty_out(vty, "\n");
1143 }
1144
1145 if (key->send.start) {
1146 keychain_strftime(buf, BUFSIZ,
1147 &key->send.start);
1148 vty_out(vty, " send-lifetime %s", buf);
1149
1150 if (key->send.end == -1)
1151 vty_out(vty, " infinite");
1152 else if (key->send.duration)
1153 vty_out(vty, " duration %ld",
1154 (long)(key->send.end
1155 - key->send.start));
1156 else {
1157 keychain_strftime(buf, BUFSIZ,
1158 &key->send.end);
1159 vty_out(vty, " %s", buf);
1160 }
1161 vty_out(vty, "\n");
1162 }
deb95b37
AC		 1163
1164 vty_out(vty, " exit\n");
718e3744 1165 }
07679ad9 1166 vty_out(vty, "exit\n");
d62a17ae 1167 vty_out(vty, "!\n");
718e3744 1168 }
718e3744 1169
d62a17ae 1170 return 0;
718e3744 1171}
1172
72000880 1173
166f9103
AR		 1174static void keychain_active_config(vector comps, struct cmd_token *token)
1175{
1176 struct keychain *keychain;
1177 struct listnode *node;
1178
1179 for (ALL_LIST_ELEMENTS_RO(keychain_list, node, keychain))
1180 vector_set(comps, XSTRDUP(MTYPE_COMPLETION, keychain->name));
1181}
1182
1183static const struct cmd_variable_handler keychain_var_handlers[] = {
1184 {.varname = "key_chain", .completions = keychain_active_config},
1185 {.tokenname = "KEYCHAIN_NAME", .completions = keychain_active_config},
1186 {.tokenname = "KCHAIN_NAME", .completions = keychain_active_config},
1187 {.completions = NULL}
1188};
1189
4d762f26 1190void keychain_init(void)
718e3744 1191{
d62a17ae 1192 keychain_list = list_new();
1193
166f9103
AR		 1194 /* Register handler for keychain auto config support */
1195 cmd_variable_handler_register(keychain_var_handlers);
612c2c15
DL		 1196 install_node(&keychain_node);
1197 install_node(&keychain_key_node);
d62a17ae 1198
1199 install_default(KEYCHAIN_NODE);
1200 install_default(KEYCHAIN_KEY_NODE);
1201
1202 install_element(CONFIG_NODE, &key_chain_cmd);
1203 install_element(CONFIG_NODE, &no_key_chain_cmd);
1204 install_element(KEYCHAIN_NODE, &key_cmd);
1205 install_element(KEYCHAIN_NODE, &no_key_cmd);
1206
1207 install_element(KEYCHAIN_NODE, &key_chain_cmd);
1208 install_element(KEYCHAIN_NODE, &no_key_chain_cmd);
1209
1210 install_element(KEYCHAIN_KEY_NODE, &key_string_cmd);
1211 install_element(KEYCHAIN_KEY_NODE, &no_key_string_cmd);
1212
1213 install_element(KEYCHAIN_KEY_NODE, &key_chain_cmd);
1214 install_element(KEYCHAIN_KEY_NODE, &no_key_chain_cmd);
1215
1216 install_element(KEYCHAIN_KEY_NODE, &key_cmd);
1217 install_element(KEYCHAIN_KEY_NODE, &no_key_cmd);
1218
1219 install_element(KEYCHAIN_KEY_NODE,
1220 &accept_lifetime_day_month_day_month_cmd);
1221 install_element(KEYCHAIN_KEY_NODE,
1222 &accept_lifetime_day_month_month_day_cmd);
1223 install_element(KEYCHAIN_KEY_NODE,
1224 &accept_lifetime_month_day_day_month_cmd);
1225 install_element(KEYCHAIN_KEY_NODE,
1226 &accept_lifetime_month_day_month_day_cmd);
1227 install_element(KEYCHAIN_KEY_NODE,
1228 &accept_lifetime_infinite_day_month_cmd);
1229 install_element(KEYCHAIN_KEY_NODE,
1230 &accept_lifetime_infinite_month_day_cmd);
1231 install_element(KEYCHAIN_KEY_NODE,
1232 &accept_lifetime_duration_day_month_cmd);
1233 install_element(KEYCHAIN_KEY_NODE,
1234 &accept_lifetime_duration_month_day_cmd);
996c9314 1235 install_element(KEYCHAIN_KEY_NODE, &no_accept_lifetime_cmd);
d62a17ae 1236
1237 install_element(KEYCHAIN_KEY_NODE,
1238 &send_lifetime_day_month_day_month_cmd);
1239 install_element(KEYCHAIN_KEY_NODE,
1240 &send_lifetime_day_month_month_day_cmd);
1241 install_element(KEYCHAIN_KEY_NODE,
1242 &send_lifetime_month_day_day_month_cmd);
1243 install_element(KEYCHAIN_KEY_NODE,
1244 &send_lifetime_month_day_month_day_cmd);
1245 install_element(KEYCHAIN_KEY_NODE,
1246 &send_lifetime_infinite_day_month_cmd);
1247 install_element(KEYCHAIN_KEY_NODE,
1248 &send_lifetime_infinite_month_day_cmd);
1249 install_element(KEYCHAIN_KEY_NODE,
1250 &send_lifetime_duration_day_month_cmd);
1251 install_element(KEYCHAIN_KEY_NODE,
1252 &send_lifetime_duration_month_day_cmd);
996c9314 1253 install_element(KEYCHAIN_KEY_NODE, &no_send_lifetime_cmd);
72000880
AR		 1254 install_element(KEYCHAIN_KEY_NODE, &cryptographic_algorithm_cmd);
1255 install_element(KEYCHAIN_KEY_NODE, &no_cryptographic_algorithm_cmd);
718e3744 1256}
FRRouting mirror