1 /* key-chain for authentication.
2 * Copyright (C) 2000 Kunihiro Ishiguro
4 * This file is part of GNU Zebra.
6 * GNU Zebra is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published
8 * by the Free Software Foundation; either version 2, or (at your
9 * option) any later version.
11 * GNU Zebra is distributed in the hope that it will be useful, but
12 * WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * General Public License for more details.
16 * You should have received a copy of the GNU General Public License along
17 * with this program; see the file COPYING; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
28 DEFINE_MTYPE_STATIC(LIB
, KEY
, "Key")
29 DEFINE_MTYPE_STATIC(LIB
, KEYCHAIN
, "Key chain")
31 DEFINE_QOBJ_TYPE(keychain
)
34 /* Master list of key chain. */
35 static struct list
*keychain_list
;
37 static struct keychain
*keychain_new(void)
39 struct keychain
*keychain
;
40 keychain
= XCALLOC(MTYPE_KEYCHAIN
, sizeof(struct keychain
));
41 QOBJ_REG(keychain
, keychain
);
45 static void keychain_free(struct keychain
*keychain
)
48 XFREE(MTYPE_KEYCHAIN
, keychain
);
51 static struct key
*key_new(void)
53 struct key
*key
= XCALLOC(MTYPE_KEY
, sizeof(struct key
));
58 static void key_free(struct key
*key
)
61 XFREE(MTYPE_KEY
, key
);
64 struct keychain
*keychain_lookup(const char *name
)
66 struct listnode
*node
;
67 struct keychain
*keychain
;
72 for (ALL_LIST_ELEMENTS_RO(keychain_list
, node
, keychain
)) {
73 if (strcmp(keychain
->name
, name
) == 0)
79 static int key_cmp_func(void *arg1
, void *arg2
)
81 const struct key
*k1
= arg1
;
82 const struct key
*k2
= arg2
;
84 if (k1
->index
> k2
->index
)
86 if (k1
->index
< k2
->index
)
91 static void key_delete_func(struct key
*key
)
98 static struct keychain
*keychain_get(const char *name
)
100 struct keychain
*keychain
;
102 keychain
= keychain_lookup(name
);
107 keychain
= keychain_new();
108 keychain
->name
= XSTRDUP(MTYPE_KEYCHAIN
, name
);
109 keychain
->key
= list_new();
110 keychain
->key
->cmp
= (int (*)(void *, void *))key_cmp_func
;
111 keychain
->key
->del
= (void (*)(void *))key_delete_func
;
112 listnode_add(keychain_list
, keychain
);
117 static void keychain_delete(struct keychain
*keychain
)
119 XFREE(MTYPE_KEYCHAIN
, keychain
->name
);
121 list_delete(&keychain
->key
);
122 listnode_delete(keychain_list
, keychain
);
123 keychain_free(keychain
);
126 static struct key
*key_lookup(const struct keychain
*keychain
, uint32_t index
)
128 struct listnode
*node
;
131 for (ALL_LIST_ELEMENTS_RO(keychain
->key
, node
, key
)) {
132 if (key
->index
== index
)
138 struct key
*key_lookup_for_accept(const struct keychain
*keychain
,
141 struct listnode
*node
;
147 for (ALL_LIST_ELEMENTS_RO(keychain
->key
, node
, key
)) {
148 if (key
->index
>= index
) {
149 if (key
->accept
.start
== 0)
152 if (key
->accept
.start
<= now
)
153 if (key
->accept
.end
>= now
154 || key
->accept
.end
== -1)
161 struct key
*key_match_for_accept(const struct keychain
*keychain
,
162 const char *auth_str
)
164 struct listnode
*node
;
170 for (ALL_LIST_ELEMENTS_RO(keychain
->key
, node
, key
)) {
171 if (key
->accept
.start
== 0
172 || (key
->accept
.start
<= now
173 && (key
->accept
.end
>= now
|| key
->accept
.end
== -1)))
174 if (key
->string
&& (strncmp(key
->string
, auth_str
, 16) == 0))
180 struct key
*key_lookup_for_send(const struct keychain
*keychain
)
182 struct listnode
*node
;
188 for (ALL_LIST_ELEMENTS_RO(keychain
->key
, node
, key
)) {
189 if (key
->send
.start
== 0)
192 if (key
->send
.start
<= now
)
193 if (key
->send
.end
>= now
|| key
->send
.end
== -1)
199 static struct key
*key_get(const struct keychain
*keychain
, uint32_t index
)
203 key
= key_lookup(keychain
, index
);
210 listnode_add_sort(keychain
->key
, key
);
215 static void key_delete(struct keychain
*keychain
, struct key
*key
)
217 listnode_delete(keychain
->key
, key
);
219 XFREE(MTYPE_KEY
, key
->string
);
223 DEFUN_NOSH (key_chain
,
226 "Authentication key management\n"
227 "Key-chain management\n"
231 struct keychain
*keychain
;
233 keychain
= keychain_get(argv
[idx_word
]->arg
);
234 VTY_PUSH_CONTEXT(KEYCHAIN_NODE
, keychain
);
243 "Authentication key management\n"
244 "Key-chain management\n"
248 struct keychain
*keychain
;
250 keychain
= keychain_lookup(argv
[idx_word
]->arg
);
253 vty_out(vty
, "Can't find keychain %s\n", argv
[idx_word
]->arg
);
254 return CMD_WARNING_CONFIG_FAILED
;
257 keychain_delete(keychain
);
264 "key (0-2147483647)",
266 "Key identifier number\n")
269 VTY_DECLVAR_CONTEXT(keychain
, keychain
);
273 index
= strtoul(argv
[idx_number
]->arg
, NULL
, 10);
274 key
= key_get(keychain
, index
);
275 VTY_PUSH_CONTEXT_SUB(KEYCHAIN_KEY_NODE
, key
);
282 "no key (0-2147483647)",
285 "Key identifier number\n")
288 VTY_DECLVAR_CONTEXT(keychain
, keychain
);
292 index
= strtoul(argv
[idx_number
]->arg
, NULL
, 10);
293 key
= key_lookup(keychain
, index
);
295 vty_out(vty
, "Can't find key %d\n", index
);
296 return CMD_WARNING_CONFIG_FAILED
;
299 key_delete(keychain
, key
);
301 vty
->node
= KEYCHAIN_NODE
;
313 VTY_DECLVAR_CONTEXT_SUB(key
, key
);
316 XFREE(MTYPE_KEY
, key
->string
);
317 key
->string
= XSTRDUP(MTYPE_KEY
, argv
[idx_line
]->arg
);
322 DEFUN (no_key_string
,
324 "no key-string [LINE]",
329 VTY_DECLVAR_CONTEXT_SUB(key
, key
);
332 XFREE(MTYPE_KEY
, key
->string
);
339 /* Convert HH:MM:SS MON DAY YEAR to time_t value. -1 is returned when
340 given string is malformed. */
341 static time_t key_str2time(const char *time_str
, const char *day_str
,
342 const char *month_str
, const char *year_str
)
348 unsigned int sec
, min
, hour
;
349 unsigned int day
, month
, year
;
351 const char *month_name
[] = {
352 "January", "February", "March", "April", "May",
353 "June", "July", "August", "September", "October",
354 "November", "December", NULL
};
356 #define _GET_LONG_RANGE(V, STR, MMCOND) \
358 unsigned long tmpl; \
359 char *endptr = NULL; \
360 tmpl = strtoul((STR), &endptr, 10); \
361 if (*endptr != '\0' || tmpl == ULONG_MAX) \
367 #define GET_LONG_RANGE(V, STR, MIN, MAX) \
368 _GET_LONG_RANGE(V, STR, tmpl<(MIN) || tmpl>(MAX))
369 #define GET_LONG_RANGE0(V, STR, MAX) _GET_LONG_RANGE(V, STR, tmpl > (MAX))
371 /* Check hour field of time_str. */
372 colon
= strchr(time_str
, ':');
377 /* Hour must be between 0 and 23. */
378 GET_LONG_RANGE0(hour
, time_str
, 23);
380 /* Check min field of time_str. */
381 time_str
= colon
+ 1;
382 colon
= strchr(time_str
, ':');
383 if (*time_str
== '\0' || colon
== NULL
)
387 /* Min must be between 0 and 59. */
388 GET_LONG_RANGE0(min
, time_str
, 59);
390 /* Check sec field of time_str. */
391 time_str
= colon
+ 1;
392 if (*time_str
== '\0')
395 /* Sec must be between 0 and 59. */
396 GET_LONG_RANGE0(sec
, time_str
, 59);
398 /* Check day_str. Day must be <1-31>. */
399 GET_LONG_RANGE(day
, day_str
, 1, 31);
401 /* Check month_str. Month must match month_name. */
403 if (strlen(month_str
) >= 3)
404 for (i
= 0; month_name
[i
]; i
++)
405 if (strncmp(month_str
, month_name
[i
], strlen(month_str
))
413 /* Check year_str. Year must be <1993-2035>. */
414 GET_LONG_RANGE(year
, year_str
, 1993, 2035);
416 memset(&tm
, 0, sizeof(struct tm
));
422 tm
.tm_year
= year
- 1900;
427 #undef GET_LONG_RANGE
430 static int key_lifetime_set(struct vty
*vty
, struct key_range
*krange
,
431 const char *stime_str
, const char *sday_str
,
432 const char *smonth_str
, const char *syear_str
,
433 const char *etime_str
, const char *eday_str
,
434 const char *emonth_str
, const char *eyear_str
)
439 time_start
= key_str2time(stime_str
, sday_str
, smonth_str
, syear_str
);
440 if (time_start
< 0) {
441 vty_out(vty
, "Malformed time value\n");
442 return CMD_WARNING_CONFIG_FAILED
;
444 time_end
= key_str2time(etime_str
, eday_str
, emonth_str
, eyear_str
);
447 vty_out(vty
, "Malformed time value\n");
448 return CMD_WARNING_CONFIG_FAILED
;
451 if (time_end
<= time_start
) {
452 vty_out(vty
, "Expire time is not later than start time\n");
453 return CMD_WARNING_CONFIG_FAILED
;
456 krange
->start
= time_start
;
457 krange
->end
= time_end
;
462 static int key_lifetime_duration_set(struct vty
*vty
, struct key_range
*krange
,
463 const char *stime_str
,
464 const char *sday_str
,
465 const char *smonth_str
,
466 const char *syear_str
,
467 const char *duration_str
)
472 time_start
= key_str2time(stime_str
, sday_str
, smonth_str
, syear_str
);
473 if (time_start
< 0) {
474 vty_out(vty
, "Malformed time value\n");
475 return CMD_WARNING_CONFIG_FAILED
;
477 krange
->start
= time_start
;
479 duration
= strtoul(duration_str
, NULL
, 10);
480 krange
->duration
= 1;
481 krange
->end
= time_start
+ duration
;
486 static int key_lifetime_infinite_set(struct vty
*vty
, struct key_range
*krange
,
487 const char *stime_str
,
488 const char *sday_str
,
489 const char *smonth_str
,
490 const char *syear_str
)
494 time_start
= key_str2time(stime_str
, sday_str
, smonth_str
, syear_str
);
495 if (time_start
< 0) {
496 vty_out(vty
, "Malformed time value\n");
497 return CMD_WARNING_CONFIG_FAILED
;
499 krange
->start
= time_start
;
506 DEFUN (accept_lifetime_day_month_day_month
,
507 accept_lifetime_day_month_day_month_cmd
,
508 "accept-lifetime HH:MM:SS (1-31) MONTH (1993-2035) HH:MM:SS (1-31) MONTH (1993-2035)",
509 "Set accept lifetime of the key\n"
511 "Day of th month to start\n"
512 "Month of the year to start\n"
515 "Day of th month to expire\n"
516 "Month of the year to expire\n"
522 int idx_number_2
= 4;
523 int idx_hhmmss_2
= 5;
524 int idx_number_3
= 6;
526 int idx_number_4
= 8;
527 VTY_DECLVAR_CONTEXT_SUB(key
, key
);
529 return key_lifetime_set(
530 vty
, &key
->accept
, argv
[idx_hhmmss
]->arg
, argv
[idx_number
]->arg
,
531 argv
[idx_month
]->arg
, argv
[idx_number_2
]->arg
,
532 argv
[idx_hhmmss_2
]->arg
, argv
[idx_number_3
]->arg
,
533 argv
[idx_month_2
]->arg
, argv
[idx_number_4
]->arg
);
536 DEFUN (accept_lifetime_day_month_month_day
,
537 accept_lifetime_day_month_month_day_cmd
,
538 "accept-lifetime HH:MM:SS (1-31) MONTH (1993-2035) HH:MM:SS MONTH (1-31) (1993-2035)",
539 "Set accept lifetime of the key\n"
541 "Day of th month to start\n"
542 "Month of the year to start\n"
545 "Month of the year to expire\n"
546 "Day of th month to expire\n"
552 int idx_number_2
= 4;
553 int idx_hhmmss_2
= 5;
555 int idx_number_3
= 7;
556 int idx_number_4
= 8;
557 VTY_DECLVAR_CONTEXT_SUB(key
, key
);
559 return key_lifetime_set(
560 vty
, &key
->accept
, argv
[idx_hhmmss
]->arg
, argv
[idx_number
]->arg
,
561 argv
[idx_month
]->arg
, argv
[idx_number_2
]->arg
,
562 argv
[idx_hhmmss_2
]->arg
, argv
[idx_number_3
]->arg
,
563 argv
[idx_month_2
]->arg
, argv
[idx_number_4
]->arg
);
566 DEFUN (accept_lifetime_month_day_day_month
,
567 accept_lifetime_month_day_day_month_cmd
,
568 "accept-lifetime HH:MM:SS MONTH (1-31) (1993-2035) HH:MM:SS (1-31) MONTH (1993-2035)",
569 "Set accept lifetime of the key\n"
571 "Month of the year to start\n"
572 "Day of th month to start\n"
575 "Day of th month to expire\n"
576 "Month of the year to expire\n"
582 int idx_number_2
= 4;
583 int idx_hhmmss_2
= 5;
584 int idx_number_3
= 6;
586 int idx_number_4
= 8;
587 VTY_DECLVAR_CONTEXT_SUB(key
, key
);
589 return key_lifetime_set(
590 vty
, &key
->accept
, argv
[idx_hhmmss
]->arg
, argv
[idx_number
]->arg
,
591 argv
[idx_month
]->arg
, argv
[idx_number_2
]->arg
,
592 argv
[idx_hhmmss_2
]->arg
, argv
[idx_number_3
]->arg
,
593 argv
[idx_month_2
]->arg
, argv
[idx_number_4
]->arg
);
596 DEFUN (accept_lifetime_month_day_month_day
,
597 accept_lifetime_month_day_month_day_cmd
,
598 "accept-lifetime HH:MM:SS MONTH (1-31) (1993-2035) HH:MM:SS MONTH (1-31) (1993-2035)",
599 "Set accept lifetime of the key\n"
601 "Month of the year to start\n"
602 "Day of th month to start\n"
605 "Month of the year to expire\n"
606 "Day of th month to expire\n"
612 int idx_number_2
= 4;
613 int idx_hhmmss_2
= 5;
615 int idx_number_3
= 7;
616 int idx_number_4
= 8;
617 VTY_DECLVAR_CONTEXT_SUB(key
, key
);
619 return key_lifetime_set(
620 vty
, &key
->accept
, argv
[idx_hhmmss
]->arg
, argv
[idx_number
]->arg
,
621 argv
[idx_month
]->arg
, argv
[idx_number_2
]->arg
,
622 argv
[idx_hhmmss_2
]->arg
, argv
[idx_number_3
]->arg
,
623 argv
[idx_month_2
]->arg
, argv
[idx_number_4
]->arg
);
626 DEFUN (accept_lifetime_infinite_day_month
,
627 accept_lifetime_infinite_day_month_cmd
,
628 "accept-lifetime HH:MM:SS (1-31) MONTH (1993-2035) infinite",
629 "Set accept lifetime of the key\n"
631 "Day of th month to start\n"
632 "Month of the year to start\n"
639 int idx_number_2
= 4;
640 VTY_DECLVAR_CONTEXT_SUB(key
, key
);
642 return key_lifetime_infinite_set(
643 vty
, &key
->accept
, argv
[idx_hhmmss
]->arg
, argv
[idx_number
]->arg
,
644 argv
[idx_month
]->arg
, argv
[idx_number_2
]->arg
);
647 DEFUN (accept_lifetime_infinite_month_day
,
648 accept_lifetime_infinite_month_day_cmd
,
649 "accept-lifetime HH:MM:SS MONTH (1-31) (1993-2035) infinite",
650 "Set accept lifetime of the key\n"
652 "Month of the year to start\n"
653 "Day of th month to start\n"
660 int idx_number_2
= 4;
661 VTY_DECLVAR_CONTEXT_SUB(key
, key
);
663 return key_lifetime_infinite_set(
664 vty
, &key
->accept
, argv
[idx_hhmmss
]->arg
, argv
[idx_number
]->arg
,
665 argv
[idx_month
]->arg
, argv
[idx_number_2
]->arg
);
668 DEFUN (accept_lifetime_duration_day_month
,
669 accept_lifetime_duration_day_month_cmd
,
670 "accept-lifetime HH:MM:SS (1-31) MONTH (1993-2035) duration (1-2147483646)",
671 "Set accept lifetime of the key\n"
673 "Day of th month to start\n"
674 "Month of the year to start\n"
676 "Duration of the key\n"
677 "Duration seconds\n")
682 int idx_number_2
= 4;
683 int idx_number_3
= 6;
684 VTY_DECLVAR_CONTEXT_SUB(key
, key
);
686 return key_lifetime_duration_set(
687 vty
, &key
->accept
, argv
[idx_hhmmss
]->arg
, argv
[idx_number
]->arg
,
688 argv
[idx_month
]->arg
, argv
[idx_number_2
]->arg
,
689 argv
[idx_number_3
]->arg
);
692 DEFUN (accept_lifetime_duration_month_day
,
693 accept_lifetime_duration_month_day_cmd
,
694 "accept-lifetime HH:MM:SS MONTH (1-31) (1993-2035) duration (1-2147483646)",
695 "Set accept lifetime of the key\n"
697 "Month of the year to start\n"
698 "Day of th month to start\n"
700 "Duration of the key\n"
701 "Duration seconds\n")
706 int idx_number_2
= 4;
707 int idx_number_3
= 6;
708 VTY_DECLVAR_CONTEXT_SUB(key
, key
);
710 return key_lifetime_duration_set(
711 vty
, &key
->accept
, argv
[idx_hhmmss
]->arg
, argv
[idx_number
]->arg
,
712 argv
[idx_month
]->arg
, argv
[idx_number_2
]->arg
,
713 argv
[idx_number_3
]->arg
);
716 DEFUN (no_accept_lifetime
,
717 no_accept_lifetime_cmd
,
718 "no accept-lifetime",
720 "Unset accept-lifetime\n")
722 VTY_DECLVAR_CONTEXT_SUB(key
, key
);
724 if (key
->accept
.start
)
725 key
->accept
.start
= 0;
728 if (key
->accept
.duration
)
729 key
->accept
.duration
= 0;
734 DEFUN (send_lifetime_day_month_day_month
,
735 send_lifetime_day_month_day_month_cmd
,
736 "send-lifetime HH:MM:SS (1-31) MONTH (1993-2035) HH:MM:SS (1-31) MONTH (1993-2035)",
737 "Set send lifetime of the key\n"
739 "Day of th month to start\n"
740 "Month of the year to start\n"
743 "Day of th month to expire\n"
744 "Month of the year to expire\n"
750 int idx_number_2
= 4;
751 int idx_hhmmss_2
= 5;
752 int idx_number_3
= 6;
754 int idx_number_4
= 8;
755 VTY_DECLVAR_CONTEXT_SUB(key
, key
);
757 return key_lifetime_set(
758 vty
, &key
->send
, argv
[idx_hhmmss
]->arg
, argv
[idx_number
]->arg
,
759 argv
[idx_month
]->arg
, argv
[idx_number_2
]->arg
,
760 argv
[idx_hhmmss_2
]->arg
, argv
[idx_number_3
]->arg
,
761 argv
[idx_month_2
]->arg
, argv
[idx_number_4
]->arg
);
764 DEFUN (send_lifetime_day_month_month_day
,
765 send_lifetime_day_month_month_day_cmd
,
766 "send-lifetime HH:MM:SS (1-31) MONTH (1993-2035) HH:MM:SS MONTH (1-31) (1993-2035)",
767 "Set send lifetime of the key\n"
769 "Day of th month to start\n"
770 "Month of the year to start\n"
773 "Month of the year to expire\n"
774 "Day of th month to expire\n"
780 int idx_number_2
= 4;
781 int idx_hhmmss_2
= 5;
783 int idx_number_3
= 7;
784 int idx_number_4
= 8;
785 VTY_DECLVAR_CONTEXT_SUB(key
, key
);
787 return key_lifetime_set(
788 vty
, &key
->send
, argv
[idx_hhmmss
]->arg
, argv
[idx_number
]->arg
,
789 argv
[idx_month
]->arg
, argv
[idx_number_2
]->arg
,
790 argv
[idx_hhmmss_2
]->arg
, argv
[idx_number_3
]->arg
,
791 argv
[idx_month_2
]->arg
, argv
[idx_number_4
]->arg
);
794 DEFUN (send_lifetime_month_day_day_month
,
795 send_lifetime_month_day_day_month_cmd
,
796 "send-lifetime HH:MM:SS MONTH (1-31) (1993-2035) HH:MM:SS (1-31) MONTH (1993-2035)",
797 "Set send lifetime of the key\n"
799 "Month of the year to start\n"
800 "Day of th month to start\n"
803 "Day of th month to expire\n"
804 "Month of the year to expire\n"
810 int idx_number_2
= 4;
811 int idx_hhmmss_2
= 5;
812 int idx_number_3
= 6;
814 int idx_number_4
= 8;
815 VTY_DECLVAR_CONTEXT_SUB(key
, key
);
817 return key_lifetime_set(
818 vty
, &key
->send
, argv
[idx_hhmmss
]->arg
, argv
[idx_number
]->arg
,
819 argv
[idx_month
]->arg
, argv
[idx_number_2
]->arg
,
820 argv
[idx_hhmmss_2
]->arg
, argv
[idx_number_3
]->arg
,
821 argv
[idx_month_2
]->arg
, argv
[idx_number_4
]->arg
);
824 DEFUN (send_lifetime_month_day_month_day
,
825 send_lifetime_month_day_month_day_cmd
,
826 "send-lifetime HH:MM:SS MONTH (1-31) (1993-2035) HH:MM:SS MONTH (1-31) (1993-2035)",
827 "Set send lifetime of the key\n"
829 "Month of the year to start\n"
830 "Day of th month to start\n"
833 "Month of the year to expire\n"
834 "Day of th month to expire\n"
840 int idx_number_2
= 4;
841 int idx_hhmmss_2
= 5;
843 int idx_number_3
= 7;
844 int idx_number_4
= 8;
845 VTY_DECLVAR_CONTEXT_SUB(key
, key
);
847 return key_lifetime_set(
848 vty
, &key
->send
, argv
[idx_hhmmss
]->arg
, argv
[idx_number
]->arg
,
849 argv
[idx_month
]->arg
, argv
[idx_number_2
]->arg
,
850 argv
[idx_hhmmss_2
]->arg
, argv
[idx_number_3
]->arg
,
851 argv
[idx_month_2
]->arg
, argv
[idx_number_4
]->arg
);
854 DEFUN (send_lifetime_infinite_day_month
,
855 send_lifetime_infinite_day_month_cmd
,
856 "send-lifetime HH:MM:SS (1-31) MONTH (1993-2035) infinite",
857 "Set send lifetime of the key\n"
859 "Day of th month to start\n"
860 "Month of the year to start\n"
867 int idx_number_2
= 4;
868 VTY_DECLVAR_CONTEXT_SUB(key
, key
);
870 return key_lifetime_infinite_set(
871 vty
, &key
->send
, argv
[idx_hhmmss
]->arg
, argv
[idx_number
]->arg
,
872 argv
[idx_month
]->arg
, argv
[idx_number_2
]->arg
);
875 DEFUN (send_lifetime_infinite_month_day
,
876 send_lifetime_infinite_month_day_cmd
,
877 "send-lifetime HH:MM:SS MONTH (1-31) (1993-2035) infinite",
878 "Set send lifetime of the key\n"
880 "Month of the year to start\n"
881 "Day of th month to start\n"
888 int idx_number_2
= 4;
889 VTY_DECLVAR_CONTEXT_SUB(key
, key
);
891 return key_lifetime_infinite_set(
892 vty
, &key
->send
, argv
[idx_hhmmss
]->arg
, argv
[idx_number
]->arg
,
893 argv
[idx_month
]->arg
, argv
[idx_number_2
]->arg
);
896 DEFUN (send_lifetime_duration_day_month
,
897 send_lifetime_duration_day_month_cmd
,
898 "send-lifetime HH:MM:SS (1-31) MONTH (1993-2035) duration (1-2147483646)",
899 "Set send lifetime of the key\n"
901 "Day of th month to start\n"
902 "Month of the year to start\n"
904 "Duration of the key\n"
905 "Duration seconds\n")
910 int idx_number_2
= 4;
911 int idx_number_3
= 6;
912 VTY_DECLVAR_CONTEXT_SUB(key
, key
);
914 return key_lifetime_duration_set(
915 vty
, &key
->send
, argv
[idx_hhmmss
]->arg
, argv
[idx_number
]->arg
,
916 argv
[idx_month
]->arg
, argv
[idx_number_2
]->arg
,
917 argv
[idx_number_3
]->arg
);
920 DEFUN (send_lifetime_duration_month_day
,
921 send_lifetime_duration_month_day_cmd
,
922 "send-lifetime HH:MM:SS MONTH (1-31) (1993-2035) duration (1-2147483646)",
923 "Set send lifetime of the key\n"
925 "Month of the year to start\n"
926 "Day of th month to start\n"
928 "Duration of the key\n"
929 "Duration seconds\n")
934 int idx_number_2
= 4;
935 int idx_number_3
= 6;
936 VTY_DECLVAR_CONTEXT_SUB(key
, key
);
938 return key_lifetime_duration_set(
939 vty
, &key
->send
, argv
[idx_hhmmss
]->arg
, argv
[idx_number
]->arg
,
940 argv
[idx_month
]->arg
, argv
[idx_number_2
]->arg
,
941 argv
[idx_number_3
]->arg
);
944 DEFUN (no_send_lifetime
,
945 no_send_lifetime_cmd
,
948 "Unset send-lifetime\n")
950 VTY_DECLVAR_CONTEXT_SUB(key
, key
);
956 if (key
->send
.duration
)
957 key
->send
.duration
= 0;
962 static struct cmd_node keychain_node
= {KEYCHAIN_NODE
, "%s(config-keychain)# ",
965 static struct cmd_node keychain_key_node
= {KEYCHAIN_KEY_NODE
,
966 "%s(config-keychain-key)# ", 1};
968 static int keychain_strftime(char *buf
, int bufsiz
, time_t *time
)
973 tm
= localtime(time
);
975 len
= strftime(buf
, bufsiz
, "%T %b %d %Y", tm
);
980 static int keychain_config_write(struct vty
*vty
)
982 struct keychain
*keychain
;
984 struct listnode
*node
;
985 struct listnode
*knode
;
988 for (ALL_LIST_ELEMENTS_RO(keychain_list
, node
, keychain
)) {
989 vty_out(vty
, "key chain %s\n", keychain
->name
);
991 for (ALL_LIST_ELEMENTS_RO(keychain
->key
, knode
, key
)) {
992 vty_out(vty
, " key %d\n", key
->index
);
995 vty_out(vty
, " key-string %s\n", key
->string
);
997 if (key
->accept
.start
) {
998 keychain_strftime(buf
, BUFSIZ
,
1000 vty_out(vty
, " accept-lifetime %s", buf
);
1002 if (key
->accept
.end
== -1)
1003 vty_out(vty
, " infinite");
1004 else if (key
->accept
.duration
)
1005 vty_out(vty
, " duration %ld",
1006 (long)(key
->accept
.end
1007 - key
->accept
.start
));
1009 keychain_strftime(buf
, BUFSIZ
,
1011 vty_out(vty
, " %s", buf
);
1016 if (key
->send
.start
) {
1017 keychain_strftime(buf
, BUFSIZ
,
1019 vty_out(vty
, " send-lifetime %s", buf
);
1021 if (key
->send
.end
== -1)
1022 vty_out(vty
, " infinite");
1023 else if (key
->send
.duration
)
1024 vty_out(vty
, " duration %ld",
1025 (long)(key
->send
.end
1026 - key
->send
.start
));
1028 keychain_strftime(buf
, BUFSIZ
,
1030 vty_out(vty
, " %s", buf
);
1035 vty_out(vty
, "!\n");
1041 void keychain_init(void)
1043 keychain_list
= list_new();
1045 install_node(&keychain_node
, keychain_config_write
);
1046 install_node(&keychain_key_node
, NULL
);
1048 install_default(KEYCHAIN_NODE
);
1049 install_default(KEYCHAIN_KEY_NODE
);
1051 install_element(CONFIG_NODE
, &key_chain_cmd
);
1052 install_element(CONFIG_NODE
, &no_key_chain_cmd
);
1053 install_element(KEYCHAIN_NODE
, &key_cmd
);
1054 install_element(KEYCHAIN_NODE
, &no_key_cmd
);
1056 install_element(KEYCHAIN_NODE
, &key_chain_cmd
);
1057 install_element(KEYCHAIN_NODE
, &no_key_chain_cmd
);
1059 install_element(KEYCHAIN_KEY_NODE
, &key_string_cmd
);
1060 install_element(KEYCHAIN_KEY_NODE
, &no_key_string_cmd
);
1062 install_element(KEYCHAIN_KEY_NODE
, &key_chain_cmd
);
1063 install_element(KEYCHAIN_KEY_NODE
, &no_key_chain_cmd
);
1065 install_element(KEYCHAIN_KEY_NODE
, &key_cmd
);
1066 install_element(KEYCHAIN_KEY_NODE
, &no_key_cmd
);
1068 install_element(KEYCHAIN_KEY_NODE
,
1069 &accept_lifetime_day_month_day_month_cmd
);
1070 install_element(KEYCHAIN_KEY_NODE
,
1071 &accept_lifetime_day_month_month_day_cmd
);
1072 install_element(KEYCHAIN_KEY_NODE
,
1073 &accept_lifetime_month_day_day_month_cmd
);
1074 install_element(KEYCHAIN_KEY_NODE
,
1075 &accept_lifetime_month_day_month_day_cmd
);
1076 install_element(KEYCHAIN_KEY_NODE
,
1077 &accept_lifetime_infinite_day_month_cmd
);
1078 install_element(KEYCHAIN_KEY_NODE
,
1079 &accept_lifetime_infinite_month_day_cmd
);
1080 install_element(KEYCHAIN_KEY_NODE
,
1081 &accept_lifetime_duration_day_month_cmd
);
1082 install_element(KEYCHAIN_KEY_NODE
,
1083 &accept_lifetime_duration_month_day_cmd
);
1084 install_element(KEYCHAIN_KEY_NODE
, &no_accept_lifetime_cmd
);
1086 install_element(KEYCHAIN_KEY_NODE
,
1087 &send_lifetime_day_month_day_month_cmd
);
1088 install_element(KEYCHAIN_KEY_NODE
,
1089 &send_lifetime_day_month_month_day_cmd
);
1090 install_element(KEYCHAIN_KEY_NODE
,
1091 &send_lifetime_month_day_day_month_cmd
);
1092 install_element(KEYCHAIN_KEY_NODE
,
1093 &send_lifetime_month_day_month_day_cmd
);
1094 install_element(KEYCHAIN_KEY_NODE
,
1095 &send_lifetime_infinite_day_month_cmd
);
1096 install_element(KEYCHAIN_KEY_NODE
,
1097 &send_lifetime_infinite_month_day_cmd
);
1098 install_element(KEYCHAIN_KEY_NODE
,
1099 &send_lifetime_duration_day_month_cmd
);
1100 install_element(KEYCHAIN_KEY_NODE
,
1101 &send_lifetime_duration_month_day_cmd
);
1102 install_element(KEYCHAIN_KEY_NODE
, &no_send_lifetime_cmd
);