]> git.proxmox.com Git - mirror_frr.git/blob - lib/keychain.c
projects / mirror_frr.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge pull request #5473 from yasuhiro-ohara-ntt/ospf6d-self-orig-maxage-fix
[mirror_frr.git] / lib / keychain.c
1 /* key-chain for authentication.
2 * Copyright (C) 2000 Kunihiro Ishiguro
3 *
4 * This file is part of GNU Zebra.
5 *
6 * GNU Zebra is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published
8 * by the Free Software Foundation; either version 2, or (at your
9 * option) any later version.
10 *
11 * GNU Zebra is distributed in the hope that it will be useful, but
12 * WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License along
17 * with this program; see the file COPYING; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
19 */
20
21 #include <zebra.h>
22
23 #include "command.h"
24 #include "memory.h"
25 #include "linklist.h"
26 #include "keychain.h"
27
28 DEFINE_MTYPE_STATIC(LIB, KEY, "Key")
29 DEFINE_MTYPE_STATIC(LIB, KEYCHAIN, "Key chain")
30
31 DEFINE_QOBJ_TYPE(keychain)
32 DEFINE_QOBJ_TYPE(key)
33
34 /* Master list of key chain. */
35 static struct list *keychain_list;
36
37 static struct keychain *keychain_new(void)
38 {
39 struct keychain *keychain;
40 keychain = XCALLOC(MTYPE_KEYCHAIN, sizeof(struct keychain));
41 QOBJ_REG(keychain, keychain);
42 return keychain;
43 }
44
45 static void keychain_free(struct keychain *keychain)
46 {
47 QOBJ_UNREG(keychain);
48 XFREE(MTYPE_KEYCHAIN, keychain);
49 }
50
51 static struct key *key_new(void)
52 {
53 struct key *key = XCALLOC(MTYPE_KEY, sizeof(struct key));
54 QOBJ_REG(key, key);
55 return key;
56 }
57
58 static void key_free(struct key *key)
59 {
60 QOBJ_UNREG(key);
61 XFREE(MTYPE_KEY, key);
62 }
63
64 struct keychain *keychain_lookup(const char *name)
65 {
66 struct listnode *node;
67 struct keychain *keychain;
68
69 if (name == NULL)
70 return NULL;
71
72 for (ALL_LIST_ELEMENTS_RO(keychain_list, node, keychain)) {
73 if (strcmp(keychain->name, name) == 0)
74 return keychain;
75 }
76 return NULL;
77 }
78
79 static int key_cmp_func(void *arg1, void *arg2)
80 {
81 const struct key *k1 = arg1;
82 const struct key *k2 = arg2;
83
84 if (k1->index > k2->index)
85 return 1;
86 if (k1->index < k2->index)
87 return -1;
88 return 0;
89 }
90
91 static void key_delete_func(struct key *key)
92 {
93 if (key->string)
94 free(key->string);
95 key_free(key);
96 }
97
98 static struct keychain *keychain_get(const char *name)
99 {
100 struct keychain *keychain;
101
102 keychain = keychain_lookup(name);
103
104 if (keychain)
105 return keychain;
106
107 keychain = keychain_new();
108 keychain->name = XSTRDUP(MTYPE_KEYCHAIN, name);
109 keychain->key = list_new();
110 keychain->key->cmp = (int (*)(void *, void *))key_cmp_func;
111 keychain->key->del = (void (*)(void *))key_delete_func;
112 listnode_add(keychain_list, keychain);
113
114 return keychain;
115 }
116
117 static void keychain_delete(struct keychain *keychain)
118 {
119 XFREE(MTYPE_KEYCHAIN, keychain->name);
120
121 list_delete(&keychain->key);
122 listnode_delete(keychain_list, keychain);
123 keychain_free(keychain);
124 }
125
126 static struct key *key_lookup(const struct keychain *keychain, uint32_t index)
127 {
128 struct listnode *node;
129 struct key *key;
130
131 for (ALL_LIST_ELEMENTS_RO(keychain->key, node, key)) {
132 if (key->index == index)
133 return key;
134 }
135 return NULL;
136 }
137
138 struct key *key_lookup_for_accept(const struct keychain *keychain,
139 uint32_t index)
140 {
141 struct listnode *node;
142 struct key *key;
143 time_t now;
144
145 now = time(NULL);
146
147 for (ALL_LIST_ELEMENTS_RO(keychain->key, node, key)) {
148 if (key->index >= index) {
149 if (key->accept.start == 0)
150 return key;
151
152 if (key->accept.start <= now)
153 if (key->accept.end >= now
154 || key->accept.end == -1)
155 return key;
156 }
157 }
158 return NULL;
159 }
160
161 struct key *key_match_for_accept(const struct keychain *keychain,
162 const char *auth_str)
163 {
164 struct listnode *node;
165 struct key *key;
166 time_t now;
167
168 now = time(NULL);
169
170 for (ALL_LIST_ELEMENTS_RO(keychain->key, node, key)) {
171 if (key->accept.start == 0
172 || (key->accept.start <= now
173 && (key->accept.end >= now || key->accept.end == -1)))
174 if (key->string && (strncmp(key->string, auth_str, 16) == 0))
175 return key;
176 }
177 return NULL;
178 }
179
180 struct key *key_lookup_for_send(const struct keychain *keychain)
181 {
182 struct listnode *node;
183 struct key *key;
184 time_t now;
185
186 now = time(NULL);
187
188 for (ALL_LIST_ELEMENTS_RO(keychain->key, node, key)) {
189 if (key->send.start == 0)
190 return key;
191
192 if (key->send.start <= now)
193 if (key->send.end >= now || key->send.end == -1)
194 return key;
195 }
196 return NULL;
197 }
198
199 static struct key *key_get(const struct keychain *keychain, uint32_t index)
200 {
201 struct key *key;
202
203 key = key_lookup(keychain, index);
204
205 if (key)
206 return key;
207
208 key = key_new();
209 key->index = index;
210 listnode_add_sort(keychain->key, key);
211
212 return key;
213 }
214
215 static void key_delete(struct keychain *keychain, struct key *key)
216 {
217 listnode_delete(keychain->key, key);
218
219 XFREE(MTYPE_KEY, key->string);
220 key_free(key);
221 }
222
223 DEFUN_NOSH (key_chain,
224 key_chain_cmd,
225 "key chain WORD",
226 "Authentication key management\n"
227 "Key-chain management\n"
228 "Key-chain name\n")
229 {
230 int idx_word = 2;
231 struct keychain *keychain;
232
233 keychain = keychain_get(argv[idx_word]->arg);
234 VTY_PUSH_CONTEXT(KEYCHAIN_NODE, keychain);
235
236 return CMD_SUCCESS;
237 }
238
239 DEFUN (no_key_chain,
240 no_key_chain_cmd,
241 "no key chain WORD",
242 NO_STR
243 "Authentication key management\n"
244 "Key-chain management\n"
245 "Key-chain name\n")
246 {
247 int idx_word = 3;
248 struct keychain *keychain;
249
250 keychain = keychain_lookup(argv[idx_word]->arg);
251
252 if (!keychain) {
253 vty_out(vty, "Can't find keychain %s\n", argv[idx_word]->arg);
254 return CMD_WARNING_CONFIG_FAILED;
255 }
256
257 keychain_delete(keychain);
258
259 return CMD_SUCCESS;
260 }
261
262 DEFUN_NOSH (key,
263 key_cmd,
264 "key (0-2147483647)",
265 "Configure a key\n"
266 "Key identifier number\n")
267 {
268 int idx_number = 1;
269 VTY_DECLVAR_CONTEXT(keychain, keychain);
270 struct key *key;
271 uint32_t index;
272
273 index = strtoul(argv[idx_number]->arg, NULL, 10);
274 key = key_get(keychain, index);
275 VTY_PUSH_CONTEXT_SUB(KEYCHAIN_KEY_NODE, key);
276
277 return CMD_SUCCESS;
278 }
279
280 DEFUN (no_key,
281 no_key_cmd,
282 "no key (0-2147483647)",
283 NO_STR
284 "Delete a key\n"
285 "Key identifier number\n")
286 {
287 int idx_number = 2;
288 VTY_DECLVAR_CONTEXT(keychain, keychain);
289 struct key *key;
290 uint32_t index;
291
292 index = strtoul(argv[idx_number]->arg, NULL, 10);
293 key = key_lookup(keychain, index);
294 if (!key) {
295 vty_out(vty, "Can't find key %d\n", index);
296 return CMD_WARNING_CONFIG_FAILED;
297 }
298
299 key_delete(keychain, key);
300
301 vty->node = KEYCHAIN_NODE;
302
303 return CMD_SUCCESS;
304 }
305
306 DEFUN (key_string,
307 key_string_cmd,
308 "key-string LINE",
309 "Set key string\n"
310 "The key\n")
311 {
312 int idx_line = 1;
313 VTY_DECLVAR_CONTEXT_SUB(key, key);
314
315 if (key->string)
316 XFREE(MTYPE_KEY, key->string);
317 key->string = XSTRDUP(MTYPE_KEY, argv[idx_line]->arg);
318
319 return CMD_SUCCESS;
320 }
321
322 DEFUN (no_key_string,
323 no_key_string_cmd,
324 "no key-string [LINE]",
325 NO_STR
326 "Unset key string\n"
327 "The key\n")
328 {
329 VTY_DECLVAR_CONTEXT_SUB(key, key);
330
331 if (key->string) {
332 XFREE(MTYPE_KEY, key->string);
333 key->string = NULL;
334 }
335
336 return CMD_SUCCESS;
337 }
338
339 /* Convert HH:MM:SS MON DAY YEAR to time_t value. -1 is returned when
340 given string is malformed. */
341 static time_t key_str2time(const char *time_str, const char *day_str,
342 const char *month_str, const char *year_str)
343 {
344 int i = 0;
345 char *colon;
346 struct tm tm;
347 time_t time;
348 unsigned int sec, min, hour;
349 unsigned int day, month, year;
350
351 const char *month_name[] = {
352 "January", "February", "March", "April", "May",
353 "June", "July", "August", "September", "October",
354 "November", "December", NULL};
355
356 #define _GET_LONG_RANGE(V, STR, MMCOND) \
357 { \
358 unsigned long tmpl; \
359 char *endptr = NULL; \
360 tmpl = strtoul((STR), &endptr, 10); \
361 if (*endptr != '\0' || tmpl == ULONG_MAX) \
362 return -1; \
363 if (MMCOND) \
364 return -1; \
365 (V) = tmpl; \
366 }
367 #define GET_LONG_RANGE(V, STR, MIN, MAX) \
368 _GET_LONG_RANGE(V, STR, tmpl<(MIN) || tmpl>(MAX))
369 #define GET_LONG_RANGE0(V, STR, MAX) _GET_LONG_RANGE(V, STR, tmpl > (MAX))
370
371 /* Check hour field of time_str. */
372 colon = strchr(time_str, ':');
373 if (colon == NULL)
374 return -1;
375 *colon = '\0';
376
377 /* Hour must be between 0 and 23. */
378 GET_LONG_RANGE0(hour, time_str, 23);
379
380 /* Check min field of time_str. */
381 time_str = colon + 1;
382 colon = strchr(time_str, ':');
383 if (*time_str == '\0' || colon == NULL)
384 return -1;
385 *colon = '\0';
386
387 /* Min must be between 0 and 59. */
388 GET_LONG_RANGE0(min, time_str, 59);
389
390 /* Check sec field of time_str. */
391 time_str = colon + 1;
392 if (*time_str == '\0')
393 return -1;
394
395 /* Sec must be between 0 and 59. */
396 GET_LONG_RANGE0(sec, time_str, 59);
397
398 /* Check day_str. Day must be <1-31>. */
399 GET_LONG_RANGE(day, day_str, 1, 31);
400
401 /* Check month_str. Month must match month_name. */
402 month = 0;
403 if (strlen(month_str) >= 3)
404 for (i = 0; month_name[i]; i++)
405 if (strncmp(month_str, month_name[i], strlen(month_str))
406 == 0) {
407 month = i;
408 break;
409 }
410 if (!month_name[i])
411 return -1;
412
413 /* Check year_str. Year must be <1993-2035>. */
414 GET_LONG_RANGE(year, year_str, 1993, 2035);
415
416 memset(&tm, 0, sizeof(struct tm));
417 tm.tm_sec = sec;
418 tm.tm_min = min;
419 tm.tm_hour = hour;
420 tm.tm_mon = month;
421 tm.tm_mday = day;
422 tm.tm_year = year - 1900;
423
424 time = mktime(&tm);
425
426 return time;
427 #undef GET_LONG_RANGE
428 }
429
430 static int key_lifetime_set(struct vty *vty, struct key_range *krange,
431 const char *stime_str, const char *sday_str,
432 const char *smonth_str, const char *syear_str,
433 const char *etime_str, const char *eday_str,
434 const char *emonth_str, const char *eyear_str)
435 {
436 time_t time_start;
437 time_t time_end;
438
439 time_start = key_str2time(stime_str, sday_str, smonth_str, syear_str);
440 if (time_start < 0) {
441 vty_out(vty, "Malformed time value\n");
442 return CMD_WARNING_CONFIG_FAILED;
443 }
444 time_end = key_str2time(etime_str, eday_str, emonth_str, eyear_str);
445
446 if (time_end < 0) {
447 vty_out(vty, "Malformed time value\n");
448 return CMD_WARNING_CONFIG_FAILED;
449 }
450
451 if (time_end <= time_start) {
452 vty_out(vty, "Expire time is not later than start time\n");
453 return CMD_WARNING_CONFIG_FAILED;
454 }
455
456 krange->start = time_start;
457 krange->end = time_end;
458
459 return CMD_SUCCESS;
460 }
461
462 static int key_lifetime_duration_set(struct vty *vty, struct key_range *krange,
463 const char *stime_str,
464 const char *sday_str,
465 const char *smonth_str,
466 const char *syear_str,
467 const char *duration_str)
468 {
469 time_t time_start;
470 uint32_t duration;
471
472 time_start = key_str2time(stime_str, sday_str, smonth_str, syear_str);
473 if (time_start < 0) {
474 vty_out(vty, "Malformed time value\n");
475 return CMD_WARNING_CONFIG_FAILED;
476 }
477 krange->start = time_start;
478
479 duration = strtoul(duration_str, NULL, 10);
480 krange->duration = 1;
481 krange->end = time_start + duration;
482
483 return CMD_SUCCESS;
484 }
485
486 static int key_lifetime_infinite_set(struct vty *vty, struct key_range *krange,
487 const char *stime_str,
488 const char *sday_str,
489 const char *smonth_str,
490 const char *syear_str)
491 {
492 time_t time_start;
493
494 time_start = key_str2time(stime_str, sday_str, smonth_str, syear_str);
495 if (time_start < 0) {
496 vty_out(vty, "Malformed time value\n");
497 return CMD_WARNING_CONFIG_FAILED;
498 }
499 krange->start = time_start;
500
501 krange->end = -1;
502
503 return CMD_SUCCESS;
504 }
505
506 DEFUN (accept_lifetime_day_month_day_month,
507 accept_lifetime_day_month_day_month_cmd,
508 "accept-lifetime HH:MM:SS (1-31) MONTH (1993-2035) HH:MM:SS (1-31) MONTH (1993-2035)",
509 "Set accept lifetime of the key\n"
510 "Time to start\n"
511 "Day of th month to start\n"
512 "Month of the year to start\n"
513 "Year to start\n"
514 "Time to expire\n"
515 "Day of th month to expire\n"
516 "Month of the year to expire\n"
517 "Year to expire\n")
518 {
519 int idx_hhmmss = 1;
520 int idx_number = 2;
521 int idx_month = 3;
522 int idx_number_2 = 4;
523 int idx_hhmmss_2 = 5;
524 int idx_number_3 = 6;
525 int idx_month_2 = 7;
526 int idx_number_4 = 8;
527 VTY_DECLVAR_CONTEXT_SUB(key, key);
528
529 return key_lifetime_set(
530 vty, &key->accept, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
531 argv[idx_month]->arg, argv[idx_number_2]->arg,
532 argv[idx_hhmmss_2]->arg, argv[idx_number_3]->arg,
533 argv[idx_month_2]->arg, argv[idx_number_4]->arg);
534 }
535
536 DEFUN (accept_lifetime_day_month_month_day,
537 accept_lifetime_day_month_month_day_cmd,
538 "accept-lifetime HH:MM:SS (1-31) MONTH (1993-2035) HH:MM:SS MONTH (1-31) (1993-2035)",
539 "Set accept lifetime of the key\n"
540 "Time to start\n"
541 "Day of th month to start\n"
542 "Month of the year to start\n"
543 "Year to start\n"
544 "Time to expire\n"
545 "Month of the year to expire\n"
546 "Day of th month to expire\n"
547 "Year to expire\n")
548 {
549 int idx_hhmmss = 1;
550 int idx_number = 2;
551 int idx_month = 3;
552 int idx_number_2 = 4;
553 int idx_hhmmss_2 = 5;
554 int idx_month_2 = 6;
555 int idx_number_3 = 7;
556 int idx_number_4 = 8;
557 VTY_DECLVAR_CONTEXT_SUB(key, key);
558
559 return key_lifetime_set(
560 vty, &key->accept, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
561 argv[idx_month]->arg, argv[idx_number_2]->arg,
562 argv[idx_hhmmss_2]->arg, argv[idx_number_3]->arg,
563 argv[idx_month_2]->arg, argv[idx_number_4]->arg);
564 }
565
566 DEFUN (accept_lifetime_month_day_day_month,
567 accept_lifetime_month_day_day_month_cmd,
568 "accept-lifetime HH:MM:SS MONTH (1-31) (1993-2035) HH:MM:SS (1-31) MONTH (1993-2035)",
569 "Set accept lifetime of the key\n"
570 "Time to start\n"
571 "Month of the year to start\n"
572 "Day of th month to start\n"
573 "Year to start\n"
574 "Time to expire\n"
575 "Day of th month to expire\n"
576 "Month of the year to expire\n"
577 "Year to expire\n")
578 {
579 int idx_hhmmss = 1;
580 int idx_month = 2;
581 int idx_number = 3;
582 int idx_number_2 = 4;
583 int idx_hhmmss_2 = 5;
584 int idx_number_3 = 6;
585 int idx_month_2 = 7;
586 int idx_number_4 = 8;
587 VTY_DECLVAR_CONTEXT_SUB(key, key);
588
589 return key_lifetime_set(
590 vty, &key->accept, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
591 argv[idx_month]->arg, argv[idx_number_2]->arg,
592 argv[idx_hhmmss_2]->arg, argv[idx_number_3]->arg,
593 argv[idx_month_2]->arg, argv[idx_number_4]->arg);
594 }
595
596 DEFUN (accept_lifetime_month_day_month_day,
597 accept_lifetime_month_day_month_day_cmd,
598 "accept-lifetime HH:MM:SS MONTH (1-31) (1993-2035) HH:MM:SS MONTH (1-31) (1993-2035)",
599 "Set accept lifetime of the key\n"
600 "Time to start\n"
601 "Month of the year to start\n"
602 "Day of th month to start\n"
603 "Year to start\n"
604 "Time to expire\n"
605 "Month of the year to expire\n"
606 "Day of th month to expire\n"
607 "Year to expire\n")
608 {
609 int idx_hhmmss = 1;
610 int idx_month = 2;
611 int idx_number = 3;
612 int idx_number_2 = 4;
613 int idx_hhmmss_2 = 5;
614 int idx_month_2 = 6;
615 int idx_number_3 = 7;
616 int idx_number_4 = 8;
617 VTY_DECLVAR_CONTEXT_SUB(key, key);
618
619 return key_lifetime_set(
620 vty, &key->accept, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
621 argv[idx_month]->arg, argv[idx_number_2]->arg,
622 argv[idx_hhmmss_2]->arg, argv[idx_number_3]->arg,
623 argv[idx_month_2]->arg, argv[idx_number_4]->arg);
624 }
625
626 DEFUN (accept_lifetime_infinite_day_month,
627 accept_lifetime_infinite_day_month_cmd,
628 "accept-lifetime HH:MM:SS (1-31) MONTH (1993-2035) infinite",
629 "Set accept lifetime of the key\n"
630 "Time to start\n"
631 "Day of th month to start\n"
632 "Month of the year to start\n"
633 "Year to start\n"
634 "Never expires\n")
635 {
636 int idx_hhmmss = 1;
637 int idx_number = 2;
638 int idx_month = 3;
639 int idx_number_2 = 4;
640 VTY_DECLVAR_CONTEXT_SUB(key, key);
641
642 return key_lifetime_infinite_set(
643 vty, &key->accept, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
644 argv[idx_month]->arg, argv[idx_number_2]->arg);
645 }
646
647 DEFUN (accept_lifetime_infinite_month_day,
648 accept_lifetime_infinite_month_day_cmd,
649 "accept-lifetime HH:MM:SS MONTH (1-31) (1993-2035) infinite",
650 "Set accept lifetime of the key\n"
651 "Time to start\n"
652 "Month of the year to start\n"
653 "Day of th month to start\n"
654 "Year to start\n"
655 "Never expires\n")
656 {
657 int idx_hhmmss = 1;
658 int idx_month = 2;
659 int idx_number = 3;
660 int idx_number_2 = 4;
661 VTY_DECLVAR_CONTEXT_SUB(key, key);
662
663 return key_lifetime_infinite_set(
664 vty, &key->accept, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
665 argv[idx_month]->arg, argv[idx_number_2]->arg);
666 }
667
668 DEFUN (accept_lifetime_duration_day_month,
669 accept_lifetime_duration_day_month_cmd,
670 "accept-lifetime HH:MM:SS (1-31) MONTH (1993-2035) duration (1-2147483646)",
671 "Set accept lifetime of the key\n"
672 "Time to start\n"
673 "Day of th month to start\n"
674 "Month of the year to start\n"
675 "Year to start\n"
676 "Duration of the key\n"
677 "Duration seconds\n")
678 {
679 int idx_hhmmss = 1;
680 int idx_number = 2;
681 int idx_month = 3;
682 int idx_number_2 = 4;
683 int idx_number_3 = 6;
684 VTY_DECLVAR_CONTEXT_SUB(key, key);
685
686 return key_lifetime_duration_set(
687 vty, &key->accept, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
688 argv[idx_month]->arg, argv[idx_number_2]->arg,
689 argv[idx_number_3]->arg);
690 }
691
692 DEFUN (accept_lifetime_duration_month_day,
693 accept_lifetime_duration_month_day_cmd,
694 "accept-lifetime HH:MM:SS MONTH (1-31) (1993-2035) duration (1-2147483646)",
695 "Set accept lifetime of the key\n"
696 "Time to start\n"
697 "Month of the year to start\n"
698 "Day of th month to start\n"
699 "Year to start\n"
700 "Duration of the key\n"
701 "Duration seconds\n")
702 {
703 int idx_hhmmss = 1;
704 int idx_month = 2;
705 int idx_number = 3;
706 int idx_number_2 = 4;
707 int idx_number_3 = 6;
708 VTY_DECLVAR_CONTEXT_SUB(key, key);
709
710 return key_lifetime_duration_set(
711 vty, &key->accept, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
712 argv[idx_month]->arg, argv[idx_number_2]->arg,
713 argv[idx_number_3]->arg);
714 }
715
716 DEFUN (no_accept_lifetime,
717 no_accept_lifetime_cmd,
718 "no accept-lifetime",
719 NO_STR
720 "Unset accept-lifetime\n")
721 {
722 VTY_DECLVAR_CONTEXT_SUB(key, key);
723
724 if (key->accept.start)
725 key->accept.start = 0;
726 if (key->accept.end)
727 key->accept.end = 0;
728 if (key->accept.duration)
729 key->accept.duration = 0;
730
731 return CMD_SUCCESS;
732 }
733
734 DEFUN (send_lifetime_day_month_day_month,
735 send_lifetime_day_month_day_month_cmd,
736 "send-lifetime HH:MM:SS (1-31) MONTH (1993-2035) HH:MM:SS (1-31) MONTH (1993-2035)",
737 "Set send lifetime of the key\n"
738 "Time to start\n"
739 "Day of th month to start\n"
740 "Month of the year to start\n"
741 "Year to start\n"
742 "Time to expire\n"
743 "Day of th month to expire\n"
744 "Month of the year to expire\n"
745 "Year to expire\n")
746 {
747 int idx_hhmmss = 1;
748 int idx_number = 2;
749 int idx_month = 3;
750 int idx_number_2 = 4;
751 int idx_hhmmss_2 = 5;
752 int idx_number_3 = 6;
753 int idx_month_2 = 7;
754 int idx_number_4 = 8;
755 VTY_DECLVAR_CONTEXT_SUB(key, key);
756
757 return key_lifetime_set(
758 vty, &key->send, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
759 argv[idx_month]->arg, argv[idx_number_2]->arg,
760 argv[idx_hhmmss_2]->arg, argv[idx_number_3]->arg,
761 argv[idx_month_2]->arg, argv[idx_number_4]->arg);
762 }
763
764 DEFUN (send_lifetime_day_month_month_day,
765 send_lifetime_day_month_month_day_cmd,
766 "send-lifetime HH:MM:SS (1-31) MONTH (1993-2035) HH:MM:SS MONTH (1-31) (1993-2035)",
767 "Set send lifetime of the key\n"
768 "Time to start\n"
769 "Day of th month to start\n"
770 "Month of the year to start\n"
771 "Year to start\n"
772 "Time to expire\n"
773 "Month of the year to expire\n"
774 "Day of th month to expire\n"
775 "Year to expire\n")
776 {
777 int idx_hhmmss = 1;
778 int idx_number = 2;
779 int idx_month = 3;
780 int idx_number_2 = 4;
781 int idx_hhmmss_2 = 5;
782 int idx_month_2 = 6;
783 int idx_number_3 = 7;
784 int idx_number_4 = 8;
785 VTY_DECLVAR_CONTEXT_SUB(key, key);
786
787 return key_lifetime_set(
788 vty, &key->send, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
789 argv[idx_month]->arg, argv[idx_number_2]->arg,
790 argv[idx_hhmmss_2]->arg, argv[idx_number_3]->arg,
791 argv[idx_month_2]->arg, argv[idx_number_4]->arg);
792 }
793
794 DEFUN (send_lifetime_month_day_day_month,
795 send_lifetime_month_day_day_month_cmd,
796 "send-lifetime HH:MM:SS MONTH (1-31) (1993-2035) HH:MM:SS (1-31) MONTH (1993-2035)",
797 "Set send lifetime of the key\n"
798 "Time to start\n"
799 "Month of the year to start\n"
800 "Day of th month to start\n"
801 "Year to start\n"
802 "Time to expire\n"
803 "Day of th month to expire\n"
804 "Month of the year to expire\n"
805 "Year to expire\n")
806 {
807 int idx_hhmmss = 1;
808 int idx_month = 2;
809 int idx_number = 3;
810 int idx_number_2 = 4;
811 int idx_hhmmss_2 = 5;
812 int idx_number_3 = 6;
813 int idx_month_2 = 7;
814 int idx_number_4 = 8;
815 VTY_DECLVAR_CONTEXT_SUB(key, key);
816
817 return key_lifetime_set(
818 vty, &key->send, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
819 argv[idx_month]->arg, argv[idx_number_2]->arg,
820 argv[idx_hhmmss_2]->arg, argv[idx_number_3]->arg,
821 argv[idx_month_2]->arg, argv[idx_number_4]->arg);
822 }
823
824 DEFUN (send_lifetime_month_day_month_day,
825 send_lifetime_month_day_month_day_cmd,
826 "send-lifetime HH:MM:SS MONTH (1-31) (1993-2035) HH:MM:SS MONTH (1-31) (1993-2035)",
827 "Set send lifetime of the key\n"
828 "Time to start\n"
829 "Month of the year to start\n"
830 "Day of th month to start\n"
831 "Year to start\n"
832 "Time to expire\n"
833 "Month of the year to expire\n"
834 "Day of th month to expire\n"
835 "Year to expire\n")
836 {
837 int idx_hhmmss = 1;
838 int idx_month = 2;
839 int idx_number = 3;
840 int idx_number_2 = 4;
841 int idx_hhmmss_2 = 5;
842 int idx_month_2 = 6;
843 int idx_number_3 = 7;
844 int idx_number_4 = 8;
845 VTY_DECLVAR_CONTEXT_SUB(key, key);
846
847 return key_lifetime_set(
848 vty, &key->send, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
849 argv[idx_month]->arg, argv[idx_number_2]->arg,
850 argv[idx_hhmmss_2]->arg, argv[idx_number_3]->arg,
851 argv[idx_month_2]->arg, argv[idx_number_4]->arg);
852 }
853
854 DEFUN (send_lifetime_infinite_day_month,
855 send_lifetime_infinite_day_month_cmd,
856 "send-lifetime HH:MM:SS (1-31) MONTH (1993-2035) infinite",
857 "Set send lifetime of the key\n"
858 "Time to start\n"
859 "Day of th month to start\n"
860 "Month of the year to start\n"
861 "Year to start\n"
862 "Never expires\n")
863 {
864 int idx_hhmmss = 1;
865 int idx_number = 2;
866 int idx_month = 3;
867 int idx_number_2 = 4;
868 VTY_DECLVAR_CONTEXT_SUB(key, key);
869
870 return key_lifetime_infinite_set(
871 vty, &key->send, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
872 argv[idx_month]->arg, argv[idx_number_2]->arg);
873 }
874
875 DEFUN (send_lifetime_infinite_month_day,
876 send_lifetime_infinite_month_day_cmd,
877 "send-lifetime HH:MM:SS MONTH (1-31) (1993-2035) infinite",
878 "Set send lifetime of the key\n"
879 "Time to start\n"
880 "Month of the year to start\n"
881 "Day of th month to start\n"
882 "Year to start\n"
883 "Never expires\n")
884 {
885 int idx_hhmmss = 1;
886 int idx_month = 2;
887 int idx_number = 3;
888 int idx_number_2 = 4;
889 VTY_DECLVAR_CONTEXT_SUB(key, key);
890
891 return key_lifetime_infinite_set(
892 vty, &key->send, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
893 argv[idx_month]->arg, argv[idx_number_2]->arg);
894 }
895
896 DEFUN (send_lifetime_duration_day_month,
897 send_lifetime_duration_day_month_cmd,
898 "send-lifetime HH:MM:SS (1-31) MONTH (1993-2035) duration (1-2147483646)",
899 "Set send lifetime of the key\n"
900 "Time to start\n"
901 "Day of th month to start\n"
902 "Month of the year to start\n"
903 "Year to start\n"
904 "Duration of the key\n"
905 "Duration seconds\n")
906 {
907 int idx_hhmmss = 1;
908 int idx_number = 2;
909 int idx_month = 3;
910 int idx_number_2 = 4;
911 int idx_number_3 = 6;
912 VTY_DECLVAR_CONTEXT_SUB(key, key);
913
914 return key_lifetime_duration_set(
915 vty, &key->send, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
916 argv[idx_month]->arg, argv[idx_number_2]->arg,
917 argv[idx_number_3]->arg);
918 }
919
920 DEFUN (send_lifetime_duration_month_day,
921 send_lifetime_duration_month_day_cmd,
922 "send-lifetime HH:MM:SS MONTH (1-31) (1993-2035) duration (1-2147483646)",
923 "Set send lifetime of the key\n"
924 "Time to start\n"
925 "Month of the year to start\n"
926 "Day of th month to start\n"
927 "Year to start\n"
928 "Duration of the key\n"
929 "Duration seconds\n")
930 {
931 int idx_hhmmss = 1;
932 int idx_month = 2;
933 int idx_number = 3;
934 int idx_number_2 = 4;
935 int idx_number_3 = 6;
936 VTY_DECLVAR_CONTEXT_SUB(key, key);
937
938 return key_lifetime_duration_set(
939 vty, &key->send, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
940 argv[idx_month]->arg, argv[idx_number_2]->arg,
941 argv[idx_number_3]->arg);
942 }
943
944 DEFUN (no_send_lifetime,
945 no_send_lifetime_cmd,
946 "no send-lifetime",
947 NO_STR
948 "Unset send-lifetime\n")
949 {
950 VTY_DECLVAR_CONTEXT_SUB(key, key);
951
952 if (key->send.start)
953 key->send.start = 0;
954 if (key->send.end)
955 key->send.end = 0;
956 if (key->send.duration)
957 key->send.duration = 0;
958
959 return CMD_SUCCESS;
960 }
961
962 static struct cmd_node keychain_node = {KEYCHAIN_NODE, "%s(config-keychain)# ",
963 1};
964
965 static struct cmd_node keychain_key_node = {KEYCHAIN_KEY_NODE,
966 "%s(config-keychain-key)# ", 1};
967
968 static int keychain_strftime(char *buf, int bufsiz, time_t *time)
969 {
970 struct tm *tm;
971 size_t len;
972
973 tm = localtime(time);
974
975 len = strftime(buf, bufsiz, "%T %b %d %Y", tm);
976
977 return len;
978 }
979
980 static int keychain_config_write(struct vty *vty)
981 {
982 struct keychain *keychain;
983 struct key *key;
984 struct listnode *node;
985 struct listnode *knode;
986 char buf[BUFSIZ];
987
988 for (ALL_LIST_ELEMENTS_RO(keychain_list, node, keychain)) {
989 vty_out(vty, "key chain %s\n", keychain->name);
990
991 for (ALL_LIST_ELEMENTS_RO(keychain->key, knode, key)) {
992 vty_out(vty, " key %d\n", key->index);
993
994 if (key->string)
995 vty_out(vty, " key-string %s\n", key->string);
996
997 if (key->accept.start) {
998 keychain_strftime(buf, BUFSIZ,
999 &key->accept.start);
1000 vty_out(vty, " accept-lifetime %s", buf);
1001
1002 if (key->accept.end == -1)
1003 vty_out(vty, " infinite");
1004 else if (key->accept.duration)
1005 vty_out(vty, " duration %ld",
1006 (long)(key->accept.end
1007 - key->accept.start));
1008 else {
1009 keychain_strftime(buf, BUFSIZ,
1010 &key->accept.end);
1011 vty_out(vty, " %s", buf);
1012 }
1013 vty_out(vty, "\n");
1014 }
1015
1016 if (key->send.start) {
1017 keychain_strftime(buf, BUFSIZ,
1018 &key->send.start);
1019 vty_out(vty, " send-lifetime %s", buf);
1020
1021 if (key->send.end == -1)
1022 vty_out(vty, " infinite");
1023 else if (key->send.duration)
1024 vty_out(vty, " duration %ld",
1025 (long)(key->send.end
1026 - key->send.start));
1027 else {
1028 keychain_strftime(buf, BUFSIZ,
1029 &key->send.end);
1030 vty_out(vty, " %s", buf);
1031 }
1032 vty_out(vty, "\n");
1033 }
1034 }
1035 vty_out(vty, "!\n");
1036 }
1037
1038 return 0;
1039 }
1040
1041 void keychain_init(void)
1042 {
1043 keychain_list = list_new();
1044
1045 install_node(&keychain_node, keychain_config_write);
1046 install_node(&keychain_key_node, NULL);
1047
1048 install_default(KEYCHAIN_NODE);
1049 install_default(KEYCHAIN_KEY_NODE);
1050
1051 install_element(CONFIG_NODE, &key_chain_cmd);
1052 install_element(CONFIG_NODE, &no_key_chain_cmd);
1053 install_element(KEYCHAIN_NODE, &key_cmd);
1054 install_element(KEYCHAIN_NODE, &no_key_cmd);
1055
1056 install_element(KEYCHAIN_NODE, &key_chain_cmd);
1057 install_element(KEYCHAIN_NODE, &no_key_chain_cmd);
1058
1059 install_element(KEYCHAIN_KEY_NODE, &key_string_cmd);
1060 install_element(KEYCHAIN_KEY_NODE, &no_key_string_cmd);
1061
1062 install_element(KEYCHAIN_KEY_NODE, &key_chain_cmd);
1063 install_element(KEYCHAIN_KEY_NODE, &no_key_chain_cmd);
1064
1065 install_element(KEYCHAIN_KEY_NODE, &key_cmd);
1066 install_element(KEYCHAIN_KEY_NODE, &no_key_cmd);
1067
1068 install_element(KEYCHAIN_KEY_NODE,
1069 &accept_lifetime_day_month_day_month_cmd);
1070 install_element(KEYCHAIN_KEY_NODE,
1071 &accept_lifetime_day_month_month_day_cmd);
1072 install_element(KEYCHAIN_KEY_NODE,
1073 &accept_lifetime_month_day_day_month_cmd);
1074 install_element(KEYCHAIN_KEY_NODE,
1075 &accept_lifetime_month_day_month_day_cmd);
1076 install_element(KEYCHAIN_KEY_NODE,
1077 &accept_lifetime_infinite_day_month_cmd);
1078 install_element(KEYCHAIN_KEY_NODE,
1079 &accept_lifetime_infinite_month_day_cmd);
1080 install_element(KEYCHAIN_KEY_NODE,
1081 &accept_lifetime_duration_day_month_cmd);
1082 install_element(KEYCHAIN_KEY_NODE,
1083 &accept_lifetime_duration_month_day_cmd);
1084 install_element(KEYCHAIN_KEY_NODE, &no_accept_lifetime_cmd);
1085
1086 install_element(KEYCHAIN_KEY_NODE,
1087 &send_lifetime_day_month_day_month_cmd);
1088 install_element(KEYCHAIN_KEY_NODE,
1089 &send_lifetime_day_month_month_day_cmd);
1090 install_element(KEYCHAIN_KEY_NODE,
1091 &send_lifetime_month_day_day_month_cmd);
1092 install_element(KEYCHAIN_KEY_NODE,
1093 &send_lifetime_month_day_month_day_cmd);
1094 install_element(KEYCHAIN_KEY_NODE,
1095 &send_lifetime_infinite_day_month_cmd);
1096 install_element(KEYCHAIN_KEY_NODE,
1097 &send_lifetime_infinite_month_day_cmd);
1098 install_element(KEYCHAIN_KEY_NODE,
1099 &send_lifetime_duration_day_month_cmd);
1100 install_element(KEYCHAIN_KEY_NODE,
1101 &send_lifetime_duration_month_day_cmd);
1102 install_element(KEYCHAIN_KEY_NODE, &no_send_lifetime_cmd);
1103 }
FRRouting mirror