1 /* key-chain for authentication.
2 * Copyright (C) 2000 Kunihiro Ishiguro
4 * This file is part of GNU Zebra.
6 * GNU Zebra is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published
8 * by the Free Software Foundation; either version 2, or (at your
9 * option) any later version.
11 * GNU Zebra is distributed in the hope that it will be useful, but
12 * WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * General Public License for more details.
16 * You should have received a copy of the GNU General Public License along
17 * with this program; see the file COPYING; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
28 DEFINE_MTYPE_STATIC(LIB
, KEY
, "Key")
29 DEFINE_MTYPE_STATIC(LIB
, KEYCHAIN
, "Key chain")
31 DEFINE_QOBJ_TYPE(keychain
)
34 /* Master list of key chain. */
35 struct list
*keychain_list
;
37 static struct keychain
*keychain_new(void)
39 struct keychain
*keychain
;
40 keychain
= XCALLOC(MTYPE_KEYCHAIN
, sizeof(struct keychain
));
41 QOBJ_REG(keychain
, keychain
);
45 static void keychain_free(struct keychain
*keychain
)
48 XFREE(MTYPE_KEYCHAIN
, keychain
);
51 static struct key
*key_new(void)
53 struct key
*key
= XCALLOC(MTYPE_KEY
, sizeof(struct key
));
58 static void key_free(struct key
*key
)
61 XFREE(MTYPE_KEY
, key
);
64 struct keychain
*keychain_lookup(const char *name
)
66 struct listnode
*node
;
67 struct keychain
*keychain
;
72 for (ALL_LIST_ELEMENTS_RO(keychain_list
, node
, keychain
)) {
73 if (strcmp(keychain
->name
, name
) == 0)
79 static int key_cmp_func(void *arg1
, void *arg2
)
81 const struct key
*k1
= arg1
;
82 const struct key
*k2
= arg2
;
84 if (k1
->index
> k2
->index
)
86 if (k1
->index
< k2
->index
)
91 static void key_delete_func(struct key
*key
)
98 static struct keychain
*keychain_get(const char *name
)
100 struct keychain
*keychain
;
102 keychain
= keychain_lookup(name
);
107 keychain
= keychain_new();
108 keychain
->name
= XSTRDUP(MTYPE_KEYCHAIN
, name
);
109 keychain
->key
= list_new();
110 keychain
->key
->cmp
= (int (*)(void *, void *))key_cmp_func
;
111 keychain
->key
->del
= (void (*)(void *))key_delete_func
;
112 listnode_add(keychain_list
, keychain
);
117 static void keychain_delete(struct keychain
*keychain
)
120 XFREE(MTYPE_KEYCHAIN
, keychain
->name
);
122 list_delete_and_null(&keychain
->key
);
123 listnode_delete(keychain_list
, keychain
);
124 keychain_free(keychain
);
127 static struct key
*key_lookup(const struct keychain
*keychain
, uint32_t index
)
129 struct listnode
*node
;
132 for (ALL_LIST_ELEMENTS_RO(keychain
->key
, node
, key
)) {
133 if (key
->index
== index
)
139 struct key
*key_lookup_for_accept(const struct keychain
*keychain
,
142 struct listnode
*node
;
148 for (ALL_LIST_ELEMENTS_RO(keychain
->key
, node
, key
)) {
149 if (key
->index
>= index
) {
150 if (key
->accept
.start
== 0)
153 if (key
->accept
.start
<= now
)
154 if (key
->accept
.end
>= now
155 || key
->accept
.end
== -1)
162 struct key
*key_match_for_accept(const struct keychain
*keychain
,
163 const char *auth_str
)
165 struct listnode
*node
;
171 for (ALL_LIST_ELEMENTS_RO(keychain
->key
, node
, key
)) {
172 if (key
->accept
.start
== 0
173 || (key
->accept
.start
<= now
174 && (key
->accept
.end
>= now
|| key
->accept
.end
== -1)))
175 if (key
->string
&& (strncmp(key
->string
, auth_str
, 16) == 0))
181 struct key
*key_lookup_for_send(const struct keychain
*keychain
)
183 struct listnode
*node
;
189 for (ALL_LIST_ELEMENTS_RO(keychain
->key
, node
, key
)) {
190 if (key
->send
.start
== 0)
193 if (key
->send
.start
<= now
)
194 if (key
->send
.end
>= now
|| key
->send
.end
== -1)
200 static struct key
*key_get(const struct keychain
*keychain
, uint32_t index
)
204 key
= key_lookup(keychain
, index
);
211 listnode_add_sort(keychain
->key
, key
);
216 static void key_delete(struct keychain
*keychain
, struct key
*key
)
218 listnode_delete(keychain
->key
, key
);
221 XFREE(MTYPE_KEY
, key
->string
);
225 DEFUN_NOSH (key_chain
,
228 "Authentication key management\n"
229 "Key-chain management\n"
233 struct keychain
*keychain
;
235 keychain
= keychain_get(argv
[idx_word
]->arg
);
236 VTY_PUSH_CONTEXT(KEYCHAIN_NODE
, keychain
);
245 "Authentication key management\n"
246 "Key-chain management\n"
250 struct keychain
*keychain
;
252 keychain
= keychain_lookup(argv
[idx_word
]->arg
);
255 vty_out(vty
, "Can't find keychain %s\n", argv
[idx_word
]->arg
);
256 return CMD_WARNING_CONFIG_FAILED
;
259 keychain_delete(keychain
);
266 "key (0-2147483647)",
268 "Key identifier number\n")
271 VTY_DECLVAR_CONTEXT(keychain
, keychain
);
275 index
= strtoul(argv
[idx_number
]->arg
, NULL
, 10);
276 key
= key_get(keychain
, index
);
277 VTY_PUSH_CONTEXT_SUB(KEYCHAIN_KEY_NODE
, key
);
284 "no key (0-2147483647)",
287 "Key identifier number\n")
290 VTY_DECLVAR_CONTEXT(keychain
, keychain
);
294 index
= strtoul(argv
[idx_number
]->arg
, NULL
, 10);
295 key
= key_lookup(keychain
, index
);
297 vty_out(vty
, "Can't find key %d\n", index
);
298 return CMD_WARNING_CONFIG_FAILED
;
301 key_delete(keychain
, key
);
303 vty
->node
= KEYCHAIN_NODE
;
315 VTY_DECLVAR_CONTEXT_SUB(key
, key
);
318 XFREE(MTYPE_KEY
, key
->string
);
319 key
->string
= XSTRDUP(MTYPE_KEY
, argv
[idx_line
]->arg
);
324 DEFUN (no_key_string
,
326 "no key-string [LINE]",
331 VTY_DECLVAR_CONTEXT_SUB(key
, key
);
334 XFREE(MTYPE_KEY
, key
->string
);
341 /* Convert HH:MM:SS MON DAY YEAR to time_t value. -1 is returned when
342 given string is malformed. */
343 static time_t key_str2time(const char *time_str
, const char *day_str
,
344 const char *month_str
, const char *year_str
)
350 unsigned int sec
, min
, hour
;
351 unsigned int day
, month
, year
;
353 const char *month_name
[] = {
354 "January", "February", "March", "April", "May",
355 "June", "July", "August", "September", "October",
356 "November", "December", NULL
};
358 #define _GET_LONG_RANGE(V, STR, MMCOND) \
360 unsigned long tmpl; \
361 char *endptr = NULL; \
362 tmpl = strtoul((STR), &endptr, 10); \
363 if (*endptr != '\0' || tmpl == ULONG_MAX) \
369 #define GET_LONG_RANGE(V, STR, MIN, MAX) \
370 _GET_LONG_RANGE(V, STR, tmpl<(MIN) || tmpl>(MAX))
371 #define GET_LONG_RANGE0(V, STR, MAX) _GET_LONG_RANGE(V, STR, tmpl > (MAX))
373 /* Check hour field of time_str. */
374 colon
= strchr(time_str
, ':');
379 /* Hour must be between 0 and 23. */
380 GET_LONG_RANGE0(hour
, time_str
, 23);
382 /* Check min field of time_str. */
383 time_str
= colon
+ 1;
384 colon
= strchr(time_str
, ':');
385 if (*time_str
== '\0' || colon
== NULL
)
389 /* Min must be between 0 and 59. */
390 GET_LONG_RANGE0(min
, time_str
, 59);
392 /* Check sec field of time_str. */
393 time_str
= colon
+ 1;
394 if (*time_str
== '\0')
397 /* Sec must be between 0 and 59. */
398 GET_LONG_RANGE0(sec
, time_str
, 59);
400 /* Check day_str. Day must be <1-31>. */
401 GET_LONG_RANGE(day
, day_str
, 1, 31);
403 /* Check month_str. Month must match month_name. */
405 if (strlen(month_str
) >= 3)
406 for (i
= 0; month_name
[i
]; i
++)
407 if (strncmp(month_str
, month_name
[i
], strlen(month_str
))
415 /* Check year_str. Year must be <1993-2035>. */
416 GET_LONG_RANGE(year
, year_str
, 1993, 2035);
418 memset(&tm
, 0, sizeof(struct tm
));
424 tm
.tm_year
= year
- 1900;
429 #undef GET_LONG_RANGE
432 static int key_lifetime_set(struct vty
*vty
, struct key_range
*krange
,
433 const char *stime_str
, const char *sday_str
,
434 const char *smonth_str
, const char *syear_str
,
435 const char *etime_str
, const char *eday_str
,
436 const char *emonth_str
, const char *eyear_str
)
441 time_start
= key_str2time(stime_str
, sday_str
, smonth_str
, syear_str
);
442 if (time_start
< 0) {
443 vty_out(vty
, "Malformed time value\n");
444 return CMD_WARNING_CONFIG_FAILED
;
446 time_end
= key_str2time(etime_str
, eday_str
, emonth_str
, eyear_str
);
449 vty_out(vty
, "Malformed time value\n");
450 return CMD_WARNING_CONFIG_FAILED
;
453 if (time_end
<= time_start
) {
454 vty_out(vty
, "Expire time is not later than start time\n");
455 return CMD_WARNING_CONFIG_FAILED
;
458 krange
->start
= time_start
;
459 krange
->end
= time_end
;
464 static int key_lifetime_duration_set(struct vty
*vty
, struct key_range
*krange
,
465 const char *stime_str
,
466 const char *sday_str
,
467 const char *smonth_str
,
468 const char *syear_str
,
469 const char *duration_str
)
474 time_start
= key_str2time(stime_str
, sday_str
, smonth_str
, syear_str
);
475 if (time_start
< 0) {
476 vty_out(vty
, "Malformed time value\n");
477 return CMD_WARNING_CONFIG_FAILED
;
479 krange
->start
= time_start
;
481 duration
= strtoul(duration_str
, NULL
, 10);
482 krange
->duration
= 1;
483 krange
->end
= time_start
+ duration
;
488 static int key_lifetime_infinite_set(struct vty
*vty
, struct key_range
*krange
,
489 const char *stime_str
,
490 const char *sday_str
,
491 const char *smonth_str
,
492 const char *syear_str
)
496 time_start
= key_str2time(stime_str
, sday_str
, smonth_str
, syear_str
);
497 if (time_start
< 0) {
498 vty_out(vty
, "Malformed time value\n");
499 return CMD_WARNING_CONFIG_FAILED
;
501 krange
->start
= time_start
;
508 DEFUN (accept_lifetime_day_month_day_month
,
509 accept_lifetime_day_month_day_month_cmd
,
510 "accept-lifetime HH:MM:SS (1-31) MONTH (1993-2035) HH:MM:SS (1-31) MONTH (1993-2035)",
511 "Set accept lifetime of the key\n"
513 "Day of th month to start\n"
514 "Month of the year to start\n"
517 "Day of th month to expire\n"
518 "Month of the year to expire\n"
524 int idx_number_2
= 4;
525 int idx_hhmmss_2
= 5;
526 int idx_number_3
= 6;
528 int idx_number_4
= 8;
529 VTY_DECLVAR_CONTEXT_SUB(key
, key
);
531 return key_lifetime_set(
532 vty
, &key
->accept
, argv
[idx_hhmmss
]->arg
, argv
[idx_number
]->arg
,
533 argv
[idx_month
]->arg
, argv
[idx_number_2
]->arg
,
534 argv
[idx_hhmmss_2
]->arg
, argv
[idx_number_3
]->arg
,
535 argv
[idx_month_2
]->arg
, argv
[idx_number_4
]->arg
);
538 DEFUN (accept_lifetime_day_month_month_day
,
539 accept_lifetime_day_month_month_day_cmd
,
540 "accept-lifetime HH:MM:SS (1-31) MONTH (1993-2035) HH:MM:SS MONTH (1-31) (1993-2035)",
541 "Set accept lifetime of the key\n"
543 "Day of th month to start\n"
544 "Month of the year to start\n"
547 "Month of the year to expire\n"
548 "Day of th month to expire\n"
554 int idx_number_2
= 4;
555 int idx_hhmmss_2
= 5;
557 int idx_number_3
= 7;
558 int idx_number_4
= 8;
559 VTY_DECLVAR_CONTEXT_SUB(key
, key
);
561 return key_lifetime_set(
562 vty
, &key
->accept
, argv
[idx_hhmmss
]->arg
, argv
[idx_number
]->arg
,
563 argv
[idx_month
]->arg
, argv
[idx_number_2
]->arg
,
564 argv
[idx_hhmmss_2
]->arg
, argv
[idx_number_3
]->arg
,
565 argv
[idx_month_2
]->arg
, argv
[idx_number_4
]->arg
);
568 DEFUN (accept_lifetime_month_day_day_month
,
569 accept_lifetime_month_day_day_month_cmd
,
570 "accept-lifetime HH:MM:SS MONTH (1-31) (1993-2035) HH:MM:SS (1-31) MONTH (1993-2035)",
571 "Set accept lifetime of the key\n"
573 "Month of the year to start\n"
574 "Day of th month to start\n"
577 "Day of th month to expire\n"
578 "Month of the year to expire\n"
584 int idx_number_2
= 4;
585 int idx_hhmmss_2
= 5;
586 int idx_number_3
= 6;
588 int idx_number_4
= 8;
589 VTY_DECLVAR_CONTEXT_SUB(key
, key
);
591 return key_lifetime_set(
592 vty
, &key
->accept
, argv
[idx_hhmmss
]->arg
, argv
[idx_number
]->arg
,
593 argv
[idx_month
]->arg
, argv
[idx_number_2
]->arg
,
594 argv
[idx_hhmmss_2
]->arg
, argv
[idx_number_3
]->arg
,
595 argv
[idx_month_2
]->arg
, argv
[idx_number_4
]->arg
);
598 DEFUN (accept_lifetime_month_day_month_day
,
599 accept_lifetime_month_day_month_day_cmd
,
600 "accept-lifetime HH:MM:SS MONTH (1-31) (1993-2035) HH:MM:SS MONTH (1-31) (1993-2035)",
601 "Set accept lifetime of the key\n"
603 "Month of the year to start\n"
604 "Day of th month to start\n"
607 "Month of the year to expire\n"
608 "Day of th month to expire\n"
614 int idx_number_2
= 4;
615 int idx_hhmmss_2
= 5;
617 int idx_number_3
= 7;
618 int idx_number_4
= 8;
619 VTY_DECLVAR_CONTEXT_SUB(key
, key
);
621 return key_lifetime_set(
622 vty
, &key
->accept
, argv
[idx_hhmmss
]->arg
, argv
[idx_number
]->arg
,
623 argv
[idx_month
]->arg
, argv
[idx_number_2
]->arg
,
624 argv
[idx_hhmmss_2
]->arg
, argv
[idx_number_3
]->arg
,
625 argv
[idx_month_2
]->arg
, argv
[idx_number_4
]->arg
);
628 DEFUN (accept_lifetime_infinite_day_month
,
629 accept_lifetime_infinite_day_month_cmd
,
630 "accept-lifetime HH:MM:SS (1-31) MONTH (1993-2035) infinite",
631 "Set accept lifetime of the key\n"
633 "Day of th month to start\n"
634 "Month of the year to start\n"
641 int idx_number_2
= 4;
642 VTY_DECLVAR_CONTEXT_SUB(key
, key
);
644 return key_lifetime_infinite_set(
645 vty
, &key
->accept
, argv
[idx_hhmmss
]->arg
, argv
[idx_number
]->arg
,
646 argv
[idx_month
]->arg
, argv
[idx_number_2
]->arg
);
649 DEFUN (accept_lifetime_infinite_month_day
,
650 accept_lifetime_infinite_month_day_cmd
,
651 "accept-lifetime HH:MM:SS MONTH (1-31) (1993-2035) infinite",
652 "Set accept lifetime of the key\n"
654 "Month of the year to start\n"
655 "Day of th month to start\n"
662 int idx_number_2
= 4;
663 VTY_DECLVAR_CONTEXT_SUB(key
, key
);
665 return key_lifetime_infinite_set(
666 vty
, &key
->accept
, argv
[idx_hhmmss
]->arg
, argv
[idx_number
]->arg
,
667 argv
[idx_month
]->arg
, argv
[idx_number_2
]->arg
);
670 DEFUN (accept_lifetime_duration_day_month
,
671 accept_lifetime_duration_day_month_cmd
,
672 "accept-lifetime HH:MM:SS (1-31) MONTH (1993-2035) duration (1-2147483646)",
673 "Set accept lifetime of the key\n"
675 "Day of th month to start\n"
676 "Month of the year to start\n"
678 "Duration of the key\n"
679 "Duration seconds\n")
684 int idx_number_2
= 4;
685 int idx_number_3
= 6;
686 VTY_DECLVAR_CONTEXT_SUB(key
, key
);
688 return key_lifetime_duration_set(
689 vty
, &key
->accept
, argv
[idx_hhmmss
]->arg
, argv
[idx_number
]->arg
,
690 argv
[idx_month
]->arg
, argv
[idx_number_2
]->arg
,
691 argv
[idx_number_3
]->arg
);
694 DEFUN (accept_lifetime_duration_month_day
,
695 accept_lifetime_duration_month_day_cmd
,
696 "accept-lifetime HH:MM:SS MONTH (1-31) (1993-2035) duration (1-2147483646)",
697 "Set accept lifetime of the key\n"
699 "Month of the year to start\n"
700 "Day of th month to start\n"
702 "Duration of the key\n"
703 "Duration seconds\n")
708 int idx_number_2
= 4;
709 int idx_number_3
= 6;
710 VTY_DECLVAR_CONTEXT_SUB(key
, key
);
712 return key_lifetime_duration_set(
713 vty
, &key
->accept
, argv
[idx_hhmmss
]->arg
, argv
[idx_number
]->arg
,
714 argv
[idx_month
]->arg
, argv
[idx_number_2
]->arg
,
715 argv
[idx_number_3
]->arg
);
718 DEFUN (no_accept_lifetime
,
719 no_accept_lifetime_cmd
,
720 "no accept-lifetime",
722 "Unset accept-lifetime\n")
724 VTY_DECLVAR_CONTEXT_SUB(key
, key
);
726 if (key
->accept
.start
)
727 key
->accept
.start
= 0;
730 if (key
->accept
.duration
)
731 key
->accept
.duration
= 0;
736 DEFUN (send_lifetime_day_month_day_month
,
737 send_lifetime_day_month_day_month_cmd
,
738 "send-lifetime HH:MM:SS (1-31) MONTH (1993-2035) HH:MM:SS (1-31) MONTH (1993-2035)",
739 "Set send lifetime of the key\n"
741 "Day of th month to start\n"
742 "Month of the year to start\n"
745 "Day of th month to expire\n"
746 "Month of the year to expire\n"
752 int idx_number_2
= 4;
753 int idx_hhmmss_2
= 5;
754 int idx_number_3
= 6;
756 int idx_number_4
= 8;
757 VTY_DECLVAR_CONTEXT_SUB(key
, key
);
759 return key_lifetime_set(
760 vty
, &key
->send
, argv
[idx_hhmmss
]->arg
, argv
[idx_number
]->arg
,
761 argv
[idx_month
]->arg
, argv
[idx_number_2
]->arg
,
762 argv
[idx_hhmmss_2
]->arg
, argv
[idx_number_3
]->arg
,
763 argv
[idx_month_2
]->arg
, argv
[idx_number_4
]->arg
);
766 DEFUN (send_lifetime_day_month_month_day
,
767 send_lifetime_day_month_month_day_cmd
,
768 "send-lifetime HH:MM:SS (1-31) MONTH (1993-2035) HH:MM:SS MONTH (1-31) (1993-2035)",
769 "Set send lifetime of the key\n"
771 "Day of th month to start\n"
772 "Month of the year to start\n"
775 "Month of the year to expire\n"
776 "Day of th month to expire\n"
782 int idx_number_2
= 4;
783 int idx_hhmmss_2
= 5;
785 int idx_number_3
= 7;
786 int idx_number_4
= 8;
787 VTY_DECLVAR_CONTEXT_SUB(key
, key
);
789 return key_lifetime_set(
790 vty
, &key
->send
, argv
[idx_hhmmss
]->arg
, argv
[idx_number
]->arg
,
791 argv
[idx_month
]->arg
, argv
[idx_number_2
]->arg
,
792 argv
[idx_hhmmss_2
]->arg
, argv
[idx_number_3
]->arg
,
793 argv
[idx_month_2
]->arg
, argv
[idx_number_4
]->arg
);
796 DEFUN (send_lifetime_month_day_day_month
,
797 send_lifetime_month_day_day_month_cmd
,
798 "send-lifetime HH:MM:SS MONTH (1-31) (1993-2035) HH:MM:SS (1-31) MONTH (1993-2035)",
799 "Set send lifetime of the key\n"
801 "Month of the year to start\n"
802 "Day of th month to start\n"
805 "Day of th month to expire\n"
806 "Month of the year to expire\n"
812 int idx_number_2
= 4;
813 int idx_hhmmss_2
= 5;
814 int idx_number_3
= 6;
816 int idx_number_4
= 8;
817 VTY_DECLVAR_CONTEXT_SUB(key
, key
);
819 return key_lifetime_set(
820 vty
, &key
->send
, argv
[idx_hhmmss
]->arg
, argv
[idx_number
]->arg
,
821 argv
[idx_month
]->arg
, argv
[idx_number_2
]->arg
,
822 argv
[idx_hhmmss_2
]->arg
, argv
[idx_number_3
]->arg
,
823 argv
[idx_month_2
]->arg
, argv
[idx_number_4
]->arg
);
826 DEFUN (send_lifetime_month_day_month_day
,
827 send_lifetime_month_day_month_day_cmd
,
828 "send-lifetime HH:MM:SS MONTH (1-31) (1993-2035) HH:MM:SS MONTH (1-31) (1993-2035)",
829 "Set send lifetime of the key\n"
831 "Month of the year to start\n"
832 "Day of th month to start\n"
835 "Month of the year to expire\n"
836 "Day of th month to expire\n"
842 int idx_number_2
= 4;
843 int idx_hhmmss_2
= 5;
845 int idx_number_3
= 7;
846 int idx_number_4
= 8;
847 VTY_DECLVAR_CONTEXT_SUB(key
, key
);
849 return key_lifetime_set(
850 vty
, &key
->send
, argv
[idx_hhmmss
]->arg
, argv
[idx_number
]->arg
,
851 argv
[idx_month
]->arg
, argv
[idx_number_2
]->arg
,
852 argv
[idx_hhmmss_2
]->arg
, argv
[idx_number_3
]->arg
,
853 argv
[idx_month_2
]->arg
, argv
[idx_number_4
]->arg
);
856 DEFUN (send_lifetime_infinite_day_month
,
857 send_lifetime_infinite_day_month_cmd
,
858 "send-lifetime HH:MM:SS (1-31) MONTH (1993-2035) infinite",
859 "Set send lifetime of the key\n"
861 "Day of th month to start\n"
862 "Month of the year to start\n"
869 int idx_number_2
= 4;
870 VTY_DECLVAR_CONTEXT_SUB(key
, key
);
872 return key_lifetime_infinite_set(
873 vty
, &key
->send
, argv
[idx_hhmmss
]->arg
, argv
[idx_number
]->arg
,
874 argv
[idx_month
]->arg
, argv
[idx_number_2
]->arg
);
877 DEFUN (send_lifetime_infinite_month_day
,
878 send_lifetime_infinite_month_day_cmd
,
879 "send-lifetime HH:MM:SS MONTH (1-31) (1993-2035) infinite",
880 "Set send lifetime of the key\n"
882 "Month of the year to start\n"
883 "Day of th month to start\n"
890 int idx_number_2
= 4;
891 VTY_DECLVAR_CONTEXT_SUB(key
, key
);
893 return key_lifetime_infinite_set(
894 vty
, &key
->send
, argv
[idx_hhmmss
]->arg
, argv
[idx_number
]->arg
,
895 argv
[idx_month
]->arg
, argv
[idx_number_2
]->arg
);
898 DEFUN (send_lifetime_duration_day_month
,
899 send_lifetime_duration_day_month_cmd
,
900 "send-lifetime HH:MM:SS (1-31) MONTH (1993-2035) duration (1-2147483646)",
901 "Set send lifetime of the key\n"
903 "Day of th month to start\n"
904 "Month of the year to start\n"
906 "Duration of the key\n"
907 "Duration seconds\n")
912 int idx_number_2
= 4;
913 int idx_number_3
= 6;
914 VTY_DECLVAR_CONTEXT_SUB(key
, key
);
916 return key_lifetime_duration_set(
917 vty
, &key
->send
, argv
[idx_hhmmss
]->arg
, argv
[idx_number
]->arg
,
918 argv
[idx_month
]->arg
, argv
[idx_number_2
]->arg
,
919 argv
[idx_number_3
]->arg
);
922 DEFUN (send_lifetime_duration_month_day
,
923 send_lifetime_duration_month_day_cmd
,
924 "send-lifetime HH:MM:SS MONTH (1-31) (1993-2035) duration (1-2147483646)",
925 "Set send lifetime of the key\n"
927 "Month of the year to start\n"
928 "Day of th month to start\n"
930 "Duration of the key\n"
931 "Duration seconds\n")
936 int idx_number_2
= 4;
937 int idx_number_3
= 6;
938 VTY_DECLVAR_CONTEXT_SUB(key
, key
);
940 return key_lifetime_duration_set(
941 vty
, &key
->send
, argv
[idx_hhmmss
]->arg
, argv
[idx_number
]->arg
,
942 argv
[idx_month
]->arg
, argv
[idx_number_2
]->arg
,
943 argv
[idx_number_3
]->arg
);
946 DEFUN (no_send_lifetime
,
947 no_send_lifetime_cmd
,
950 "Unset send-lifetime\n")
952 VTY_DECLVAR_CONTEXT_SUB(key
, key
);
958 if (key
->send
.duration
)
959 key
->send
.duration
= 0;
964 static struct cmd_node keychain_node
= {KEYCHAIN_NODE
, "%s(config-keychain)# ",
967 static struct cmd_node keychain_key_node
= {KEYCHAIN_KEY_NODE
,
968 "%s(config-keychain-key)# ", 1};
970 static int keychain_strftime(char *buf
, int bufsiz
, time_t *time
)
975 tm
= localtime(time
);
977 len
= strftime(buf
, bufsiz
, "%T %b %d %Y", tm
);
982 static int keychain_config_write(struct vty
*vty
)
984 struct keychain
*keychain
;
986 struct listnode
*node
;
987 struct listnode
*knode
;
990 for (ALL_LIST_ELEMENTS_RO(keychain_list
, node
, keychain
)) {
991 vty_out(vty
, "key chain %s\n", keychain
->name
);
993 for (ALL_LIST_ELEMENTS_RO(keychain
->key
, knode
, key
)) {
994 vty_out(vty
, " key %d\n", key
->index
);
997 vty_out(vty
, " key-string %s\n", key
->string
);
999 if (key
->accept
.start
) {
1000 keychain_strftime(buf
, BUFSIZ
,
1001 &key
->accept
.start
);
1002 vty_out(vty
, " accept-lifetime %s", buf
);
1004 if (key
->accept
.end
== -1)
1005 vty_out(vty
, " infinite");
1006 else if (key
->accept
.duration
)
1007 vty_out(vty
, " duration %ld",
1008 (long)(key
->accept
.end
1009 - key
->accept
.start
));
1011 keychain_strftime(buf
, BUFSIZ
,
1013 vty_out(vty
, " %s", buf
);
1018 if (key
->send
.start
) {
1019 keychain_strftime(buf
, BUFSIZ
,
1021 vty_out(vty
, " send-lifetime %s", buf
);
1023 if (key
->send
.end
== -1)
1024 vty_out(vty
, " infinite");
1025 else if (key
->send
.duration
)
1026 vty_out(vty
, " duration %ld",
1027 (long)(key
->send
.end
1028 - key
->send
.start
));
1030 keychain_strftime(buf
, BUFSIZ
,
1032 vty_out(vty
, " %s", buf
);
1037 vty_out(vty
, "!\n");
1043 void keychain_init()
1045 keychain_list
= list_new();
1047 install_node(&keychain_node
, keychain_config_write
);
1048 install_node(&keychain_key_node
, NULL
);
1050 install_default(KEYCHAIN_NODE
);
1051 install_default(KEYCHAIN_KEY_NODE
);
1053 install_element(CONFIG_NODE
, &key_chain_cmd
);
1054 install_element(CONFIG_NODE
, &no_key_chain_cmd
);
1055 install_element(KEYCHAIN_NODE
, &key_cmd
);
1056 install_element(KEYCHAIN_NODE
, &no_key_cmd
);
1058 install_element(KEYCHAIN_NODE
, &key_chain_cmd
);
1059 install_element(KEYCHAIN_NODE
, &no_key_chain_cmd
);
1061 install_element(KEYCHAIN_KEY_NODE
, &key_string_cmd
);
1062 install_element(KEYCHAIN_KEY_NODE
, &no_key_string_cmd
);
1064 install_element(KEYCHAIN_KEY_NODE
, &key_chain_cmd
);
1065 install_element(KEYCHAIN_KEY_NODE
, &no_key_chain_cmd
);
1067 install_element(KEYCHAIN_KEY_NODE
, &key_cmd
);
1068 install_element(KEYCHAIN_KEY_NODE
, &no_key_cmd
);
1070 install_element(KEYCHAIN_KEY_NODE
,
1071 &accept_lifetime_day_month_day_month_cmd
);
1072 install_element(KEYCHAIN_KEY_NODE
,
1073 &accept_lifetime_day_month_month_day_cmd
);
1074 install_element(KEYCHAIN_KEY_NODE
,
1075 &accept_lifetime_month_day_day_month_cmd
);
1076 install_element(KEYCHAIN_KEY_NODE
,
1077 &accept_lifetime_month_day_month_day_cmd
);
1078 install_element(KEYCHAIN_KEY_NODE
,
1079 &accept_lifetime_infinite_day_month_cmd
);
1080 install_element(KEYCHAIN_KEY_NODE
,
1081 &accept_lifetime_infinite_month_day_cmd
);
1082 install_element(KEYCHAIN_KEY_NODE
,
1083 &accept_lifetime_duration_day_month_cmd
);
1084 install_element(KEYCHAIN_KEY_NODE
,
1085 &accept_lifetime_duration_month_day_cmd
);
1086 install_element(KEYCHAIN_KEY_NODE
, &no_accept_lifetime_cmd
);
1088 install_element(KEYCHAIN_KEY_NODE
,
1089 &send_lifetime_day_month_day_month_cmd
);
1090 install_element(KEYCHAIN_KEY_NODE
,
1091 &send_lifetime_day_month_month_day_cmd
);
1092 install_element(KEYCHAIN_KEY_NODE
,
1093 &send_lifetime_month_day_day_month_cmd
);
1094 install_element(KEYCHAIN_KEY_NODE
,
1095 &send_lifetime_month_day_month_day_cmd
);
1096 install_element(KEYCHAIN_KEY_NODE
,
1097 &send_lifetime_infinite_day_month_cmd
);
1098 install_element(KEYCHAIN_KEY_NODE
,
1099 &send_lifetime_infinite_month_day_cmd
);
1100 install_element(KEYCHAIN_KEY_NODE
,
1101 &send_lifetime_duration_day_month_cmd
);
1102 install_element(KEYCHAIN_KEY_NODE
,
1103 &send_lifetime_duration_month_day_cmd
);
1104 install_element(KEYCHAIN_KEY_NODE
, &no_send_lifetime_cmd
);