]> git.proxmox.com Git - mirror_frr.git/blob - lib/keychain.c
projects / mirror_frr.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge pull request #1290 from qlyoung/doc-commit-msgs
[mirror_frr.git] / lib / keychain.c
1 /* key-chain for authentication.
2 * Copyright (C) 2000 Kunihiro Ishiguro
3 *
4 * This file is part of GNU Zebra.
5 *
6 * GNU Zebra is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published
8 * by the Free Software Foundation; either version 2, or (at your
9 * option) any later version.
10 *
11 * GNU Zebra is distributed in the hope that it will be useful, but
12 * WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License along
17 * with this program; see the file COPYING; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
19 */
20
21 #include <zebra.h>
22
23 #include "command.h"
24 #include "memory.h"
25 #include "linklist.h"
26 #include "keychain.h"
27
28 DEFINE_MTYPE_STATIC(LIB, KEY, "Key")
29 DEFINE_MTYPE_STATIC(LIB, KEYCHAIN, "Key chain")
30
31 DEFINE_QOBJ_TYPE(keychain)
32 DEFINE_QOBJ_TYPE(key)
33
34 /* Master list of key chain. */
35 struct list *keychain_list;
36
37 static struct keychain *keychain_new(void)
38 {
39 struct keychain *keychain;
40 keychain = XCALLOC(MTYPE_KEYCHAIN, sizeof(struct keychain));
41 QOBJ_REG(keychain, keychain);
42 return keychain;
43 }
44
45 static void keychain_free(struct keychain *keychain)
46 {
47 QOBJ_UNREG(keychain);
48 XFREE(MTYPE_KEYCHAIN, keychain);
49 }
50
51 static struct key *key_new(void)
52 {
53 struct key *key = XCALLOC(MTYPE_KEY, sizeof(struct key));
54 QOBJ_REG(key, key);
55 return key;
56 }
57
58 static void key_free(struct key *key)
59 {
60 QOBJ_UNREG(key);
61 XFREE(MTYPE_KEY, key);
62 }
63
64 struct keychain *keychain_lookup(const char *name)
65 {
66 struct listnode *node;
67 struct keychain *keychain;
68
69 if (name == NULL)
70 return NULL;
71
72 for (ALL_LIST_ELEMENTS_RO(keychain_list, node, keychain)) {
73 if (strcmp(keychain->name, name) == 0)
74 return keychain;
75 }
76 return NULL;
77 }
78
79 static int key_cmp_func(void *arg1, void *arg2)
80 {
81 const struct key *k1 = arg1;
82 const struct key *k2 = arg2;
83
84 if (k1->index > k2->index)
85 return 1;
86 if (k1->index < k2->index)
87 return -1;
88 return 0;
89 }
90
91 static void key_delete_func(struct key *key)
92 {
93 if (key->string)
94 free(key->string);
95 key_free(key);
96 }
97
98 static struct keychain *keychain_get(const char *name)
99 {
100 struct keychain *keychain;
101
102 keychain = keychain_lookup(name);
103
104 if (keychain)
105 return keychain;
106
107 keychain = keychain_new();
108 keychain->name = XSTRDUP(MTYPE_KEYCHAIN, name);
109 keychain->key = list_new();
110 keychain->key->cmp = (int (*)(void *, void *))key_cmp_func;
111 keychain->key->del = (void (*)(void *))key_delete_func;
112 listnode_add(keychain_list, keychain);
113
114 return keychain;
115 }
116
117 static void keychain_delete(struct keychain *keychain)
118 {
119 if (keychain->name)
120 XFREE(MTYPE_KEYCHAIN, keychain->name);
121
122 list_delete_and_null(&keychain->key);
123 listnode_delete(keychain_list, keychain);
124 keychain_free(keychain);
125 }
126
127 static struct key *key_lookup(const struct keychain *keychain, u_int32_t index)
128 {
129 struct listnode *node;
130 struct key *key;
131
132 for (ALL_LIST_ELEMENTS_RO(keychain->key, node, key)) {
133 if (key->index == index)
134 return key;
135 }
136 return NULL;
137 }
138
139 struct key *key_lookup_for_accept(const struct keychain *keychain,
140 u_int32_t index)
141 {
142 struct listnode *node;
143 struct key *key;
144 time_t now;
145
146 now = time(NULL);
147
148 for (ALL_LIST_ELEMENTS_RO(keychain->key, node, key)) {
149 if (key->index >= index) {
150 if (key->accept.start == 0)
151 return key;
152
153 if (key->accept.start <= now)
154 if (key->accept.end >= now
155 || key->accept.end == -1)
156 return key;
157 }
158 }
159 return NULL;
160 }
161
162 struct key *key_match_for_accept(const struct keychain *keychain,
163 const char *auth_str)
164 {
165 struct listnode *node;
166 struct key *key;
167 time_t now;
168
169 now = time(NULL);
170
171 for (ALL_LIST_ELEMENTS_RO(keychain->key, node, key)) {
172 if (key->accept.start == 0
173 || (key->accept.start <= now
174 && (key->accept.end >= now || key->accept.end == -1)))
175 if (strncmp(key->string, auth_str, 16) == 0)
176 return key;
177 }
178 return NULL;
179 }
180
181 struct key *key_lookup_for_send(const struct keychain *keychain)
182 {
183 struct listnode *node;
184 struct key *key;
185 time_t now;
186
187 now = time(NULL);
188
189 for (ALL_LIST_ELEMENTS_RO(keychain->key, node, key)) {
190 if (key->send.start == 0)
191 return key;
192
193 if (key->send.start <= now)
194 if (key->send.end >= now || key->send.end == -1)
195 return key;
196 }
197 return NULL;
198 }
199
200 static struct key *key_get(const struct keychain *keychain, u_int32_t index)
201 {
202 struct key *key;
203
204 key = key_lookup(keychain, index);
205
206 if (key)
207 return key;
208
209 key = key_new();
210 key->index = index;
211 listnode_add_sort(keychain->key, key);
212
213 return key;
214 }
215
216 static void key_delete(struct keychain *keychain, struct key *key)
217 {
218 listnode_delete(keychain->key, key);
219
220 if (key->string)
221 XFREE(MTYPE_KEY, key->string);
222 key_free(key);
223 }
224
225 DEFUN_NOSH (key_chain,
226 key_chain_cmd,
227 "key chain WORD",
228 "Authentication key management\n"
229 "Key-chain management\n"
230 "Key-chain name\n")
231 {
232 int idx_word = 2;
233 struct keychain *keychain;
234
235 keychain = keychain_get(argv[idx_word]->arg);
236 VTY_PUSH_CONTEXT(KEYCHAIN_NODE, keychain);
237
238 return CMD_SUCCESS;
239 }
240
241 DEFUN (no_key_chain,
242 no_key_chain_cmd,
243 "no key chain WORD",
244 NO_STR
245 "Authentication key management\n"
246 "Key-chain management\n"
247 "Key-chain name\n")
248 {
249 int idx_word = 3;
250 struct keychain *keychain;
251
252 keychain = keychain_lookup(argv[idx_word]->arg);
253
254 if (!keychain) {
255 vty_out(vty, "Can't find keychain %s\n", argv[idx_word]->arg);
256 return CMD_WARNING_CONFIG_FAILED;
257 }
258
259 keychain_delete(keychain);
260
261 return CMD_SUCCESS;
262 }
263
264 DEFUN_NOSH (key,
265 key_cmd,
266 "key (0-2147483647)",
267 "Configure a key\n"
268 "Key identifier number\n")
269 {
270 int idx_number = 1;
271 VTY_DECLVAR_CONTEXT(keychain, keychain);
272 struct key *key;
273 u_int32_t index;
274
275 index = strtoul(argv[idx_number]->arg, NULL, 10);
276 key = key_get(keychain, index);
277 VTY_PUSH_CONTEXT_SUB(KEYCHAIN_KEY_NODE, key);
278
279 return CMD_SUCCESS;
280 }
281
282 DEFUN (no_key,
283 no_key_cmd,
284 "no key (0-2147483647)",
285 NO_STR
286 "Delete a key\n"
287 "Key identifier number\n")
288 {
289 int idx_number = 2;
290 VTY_DECLVAR_CONTEXT(keychain, keychain);
291 struct key *key;
292 u_int32_t index;
293
294 index = strtoul(argv[idx_number]->arg, NULL, 10);
295 key = key_lookup(keychain, index);
296 if (!key) {
297 vty_out(vty, "Can't find key %d\n", index);
298 return CMD_WARNING_CONFIG_FAILED;
299 }
300
301 key_delete(keychain, key);
302
303 vty->node = KEYCHAIN_NODE;
304
305 return CMD_SUCCESS;
306 }
307
308 DEFUN (key_string,
309 key_string_cmd,
310 "key-string LINE",
311 "Set key string\n"
312 "The key\n")
313 {
314 int idx_line = 1;
315 VTY_DECLVAR_CONTEXT_SUB(key, key);
316
317 if (key->string)
318 XFREE(MTYPE_KEY, key->string);
319 key->string = XSTRDUP(MTYPE_KEY, argv[idx_line]->arg);
320
321 return CMD_SUCCESS;
322 }
323
324 DEFUN (no_key_string,
325 no_key_string_cmd,
326 "no key-string [LINE]",
327 NO_STR
328 "Unset key string\n"
329 "The key\n")
330 {
331 VTY_DECLVAR_CONTEXT_SUB(key, key);
332
333 if (key->string) {
334 XFREE(MTYPE_KEY, key->string);
335 key->string = NULL;
336 }
337
338 return CMD_SUCCESS;
339 }
340
341 /* Convert HH:MM:SS MON DAY YEAR to time_t value. -1 is returned when
342 given string is malformed. */
343 static time_t key_str2time(const char *time_str, const char *day_str,
344 const char *month_str, const char *year_str)
345 {
346 int i = 0;
347 char *colon;
348 struct tm tm;
349 time_t time;
350 unsigned int sec, min, hour;
351 unsigned int day, month, year;
352
353 const char *month_name[] = {
354 "January", "February", "March", "April", "May",
355 "June", "July", "August", "September", "October",
356 "November", "December", NULL};
357
358 #define _GET_LONG_RANGE(V, STR, MMCOND) \
359 { \
360 unsigned long tmpl; \
361 char *endptr = NULL; \
362 tmpl = strtoul((STR), &endptr, 10); \
363 if (*endptr != '\0' || tmpl == ULONG_MAX) \
364 return -1; \
365 if (MMCOND) \
366 return -1; \
367 (V) = tmpl; \
368 }
369 #define GET_LONG_RANGE(V, STR, MIN, MAX) \
370 _GET_LONG_RANGE(V, STR, tmpl<(MIN) || tmpl>(MAX))
371 #define GET_LONG_RANGE0(V, STR, MAX) _GET_LONG_RANGE(V, STR, tmpl > (MAX))
372
373 /* Check hour field of time_str. */
374 colon = strchr(time_str, ':');
375 if (colon == NULL)
376 return -1;
377 *colon = '\0';
378
379 /* Hour must be between 0 and 23. */
380 GET_LONG_RANGE0(hour, time_str, 23);
381
382 /* Check min field of time_str. */
383 time_str = colon + 1;
384 colon = strchr(time_str, ':');
385 if (*time_str == '\0' || colon == NULL)
386 return -1;
387 *colon = '\0';
388
389 /* Min must be between 0 and 59. */
390 GET_LONG_RANGE0(min, time_str, 59);
391
392 /* Check sec field of time_str. */
393 time_str = colon + 1;
394 if (*time_str == '\0')
395 return -1;
396
397 /* Sec must be between 0 and 59. */
398 GET_LONG_RANGE0(sec, time_str, 59);
399
400 /* Check day_str. Day must be <1-31>. */
401 GET_LONG_RANGE(day, day_str, 1, 31);
402
403 /* Check month_str. Month must match month_name. */
404 month = 0;
405 if (strlen(month_str) >= 3)
406 for (i = 0; month_name[i]; i++)
407 if (strncmp(month_str, month_name[i], strlen(month_str))
408 == 0) {
409 month = i;
410 break;
411 }
412 if (!month_name[i])
413 return -1;
414
415 /* Check year_str. Year must be <1993-2035>. */
416 GET_LONG_RANGE(year, year_str, 1993, 2035);
417
418 memset(&tm, 0, sizeof(struct tm));
419 tm.tm_sec = sec;
420 tm.tm_min = min;
421 tm.tm_hour = hour;
422 tm.tm_mon = month;
423 tm.tm_mday = day;
424 tm.tm_year = year - 1900;
425
426 time = mktime(&tm);
427
428 return time;
429 #undef GET_LONG_RANGE
430 }
431
432 static int key_lifetime_set(struct vty *vty, struct key_range *krange,
433 const char *stime_str, const char *sday_str,
434 const char *smonth_str, const char *syear_str,
435 const char *etime_str, const char *eday_str,
436 const char *emonth_str, const char *eyear_str)
437 {
438 time_t time_start;
439 time_t time_end;
440
441 time_start = key_str2time(stime_str, sday_str, smonth_str, syear_str);
442 if (time_start < 0) {
443 vty_out(vty, "Malformed time value\n");
444 return CMD_WARNING_CONFIG_FAILED;
445 }
446 time_end = key_str2time(etime_str, eday_str, emonth_str, eyear_str);
447
448 if (time_end < 0) {
449 vty_out(vty, "Malformed time value\n");
450 return CMD_WARNING_CONFIG_FAILED;
451 }
452
453 if (time_end <= time_start) {
454 vty_out(vty, "Expire time is not later than start time\n");
455 return CMD_WARNING_CONFIG_FAILED;
456 }
457
458 krange->start = time_start;
459 krange->end = time_end;
460
461 return CMD_SUCCESS;
462 }
463
464 static int key_lifetime_duration_set(struct vty *vty, struct key_range *krange,
465 const char *stime_str,
466 const char *sday_str,
467 const char *smonth_str,
468 const char *syear_str,
469 const char *duration_str)
470 {
471 time_t time_start;
472 u_int32_t duration;
473
474 time_start = key_str2time(stime_str, sday_str, smonth_str, syear_str);
475 if (time_start < 0) {
476 vty_out(vty, "Malformed time value\n");
477 return CMD_WARNING_CONFIG_FAILED;
478 }
479 krange->start = time_start;
480
481 duration = strtoul(duration_str, NULL, 10);
482 krange->duration = 1;
483 krange->end = time_start + duration;
484
485 return CMD_SUCCESS;
486 }
487
488 static int key_lifetime_infinite_set(struct vty *vty, struct key_range *krange,
489 const char *stime_str,
490 const char *sday_str,
491 const char *smonth_str,
492 const char *syear_str)
493 {
494 time_t time_start;
495
496 time_start = key_str2time(stime_str, sday_str, smonth_str, syear_str);
497 if (time_start < 0) {
498 vty_out(vty, "Malformed time value\n");
499 return CMD_WARNING_CONFIG_FAILED;
500 }
501 krange->start = time_start;
502
503 krange->end = -1;
504
505 return CMD_SUCCESS;
506 }
507
508 DEFUN (accept_lifetime_day_month_day_month,
509 accept_lifetime_day_month_day_month_cmd,
510 "accept-lifetime HH:MM:SS (1-31) MONTH (1993-2035) HH:MM:SS (1-31) MONTH (1993-2035)",
511 "Set accept lifetime of the key\n"
512 "Time to start\n"
513 "Day of th month to start\n"
514 "Month of the year to start\n"
515 "Year to start\n"
516 "Time to expire\n"
517 "Day of th month to expire\n"
518 "Month of the year to expire\n"
519 "Year to expire\n")
520 {
521 int idx_hhmmss = 1;
522 int idx_number = 2;
523 int idx_month = 3;
524 int idx_number_2 = 4;
525 int idx_hhmmss_2 = 5;
526 int idx_number_3 = 6;
527 int idx_month_2 = 7;
528 int idx_number_4 = 8;
529 VTY_DECLVAR_CONTEXT_SUB(key, key);
530
531 return key_lifetime_set(
532 vty, &key->accept, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
533 argv[idx_month]->arg, argv[idx_number_2]->arg,
534 argv[idx_hhmmss_2]->arg, argv[idx_number_3]->arg,
535 argv[idx_month_2]->arg, argv[idx_number_4]->arg);
536 }
537
538 DEFUN (accept_lifetime_day_month_month_day,
539 accept_lifetime_day_month_month_day_cmd,
540 "accept-lifetime HH:MM:SS (1-31) MONTH (1993-2035) HH:MM:SS MONTH (1-31) (1993-2035)",
541 "Set accept lifetime of the key\n"
542 "Time to start\n"
543 "Day of th month to start\n"
544 "Month of the year to start\n"
545 "Year to start\n"
546 "Time to expire\n"
547 "Month of the year to expire\n"
548 "Day of th month to expire\n"
549 "Year to expire\n")
550 {
551 int idx_hhmmss = 1;
552 int idx_number = 2;
553 int idx_month = 3;
554 int idx_number_2 = 4;
555 int idx_hhmmss_2 = 5;
556 int idx_month_2 = 6;
557 int idx_number_3 = 7;
558 int idx_number_4 = 8;
559 VTY_DECLVAR_CONTEXT_SUB(key, key);
560
561 return key_lifetime_set(
562 vty, &key->accept, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
563 argv[idx_month]->arg, argv[idx_number_2]->arg,
564 argv[idx_hhmmss_2]->arg, argv[idx_number_3]->arg,
565 argv[idx_month_2]->arg, argv[idx_number_4]->arg);
566 }
567
568 DEFUN (accept_lifetime_month_day_day_month,
569 accept_lifetime_month_day_day_month_cmd,
570 "accept-lifetime HH:MM:SS MONTH (1-31) (1993-2035) HH:MM:SS (1-31) MONTH (1993-2035)",
571 "Set accept lifetime of the key\n"
572 "Time to start\n"
573 "Month of the year to start\n"
574 "Day of th month to start\n"
575 "Year to start\n"
576 "Time to expire\n"
577 "Day of th month to expire\n"
578 "Month of the year to expire\n"
579 "Year to expire\n")
580 {
581 int idx_hhmmss = 1;
582 int idx_month = 2;
583 int idx_number = 3;
584 int idx_number_2 = 4;
585 int idx_hhmmss_2 = 5;
586 int idx_number_3 = 6;
587 int idx_month_2 = 7;
588 int idx_number_4 = 8;
589 VTY_DECLVAR_CONTEXT_SUB(key, key);
590
591 return key_lifetime_set(
592 vty, &key->accept, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
593 argv[idx_month]->arg, argv[idx_number_2]->arg,
594 argv[idx_hhmmss_2]->arg, argv[idx_number_3]->arg,
595 argv[idx_month_2]->arg, argv[idx_number_4]->arg);
596 }
597
598 DEFUN (accept_lifetime_month_day_month_day,
599 accept_lifetime_month_day_month_day_cmd,
600 "accept-lifetime HH:MM:SS MONTH (1-31) (1993-2035) HH:MM:SS MONTH (1-31) (1993-2035)",
601 "Set accept lifetime of the key\n"
602 "Time to start\n"
603 "Month of the year to start\n"
604 "Day of th month to start\n"
605 "Year to start\n"
606 "Time to expire\n"
607 "Month of the year to expire\n"
608 "Day of th month to expire\n"
609 "Year to expire\n")
610 {
611 int idx_hhmmss = 1;
612 int idx_month = 2;
613 int idx_number = 3;
614 int idx_number_2 = 4;
615 int idx_hhmmss_2 = 5;
616 int idx_month_2 = 6;
617 int idx_number_3 = 7;
618 int idx_number_4 = 8;
619 VTY_DECLVAR_CONTEXT_SUB(key, key);
620
621 return key_lifetime_set(
622 vty, &key->accept, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
623 argv[idx_month]->arg, argv[idx_number_2]->arg,
624 argv[idx_hhmmss_2]->arg, argv[idx_number_3]->arg,
625 argv[idx_month_2]->arg, argv[idx_number_4]->arg);
626 }
627
628 DEFUN (accept_lifetime_infinite_day_month,
629 accept_lifetime_infinite_day_month_cmd,
630 "accept-lifetime HH:MM:SS (1-31) MONTH (1993-2035) infinite",
631 "Set accept lifetime of the key\n"
632 "Time to start\n"
633 "Day of th month to start\n"
634 "Month of the year to start\n"
635 "Year to start\n"
636 "Never expires")
637 {
638 int idx_hhmmss = 1;
639 int idx_number = 2;
640 int idx_month = 3;
641 int idx_number_2 = 4;
642 VTY_DECLVAR_CONTEXT_SUB(key, key);
643
644 return key_lifetime_infinite_set(
645 vty, &key->accept, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
646 argv[idx_month]->arg, argv[idx_number_2]->arg);
647 }
648
649 DEFUN (accept_lifetime_infinite_month_day,
650 accept_lifetime_infinite_month_day_cmd,
651 "accept-lifetime HH:MM:SS MONTH (1-31) (1993-2035) infinite",
652 "Set accept lifetime of the key\n"
653 "Time to start\n"
654 "Month of the year to start\n"
655 "Day of th month to start\n"
656 "Year to start\n"
657 "Never expires")
658 {
659 int idx_hhmmss = 1;
660 int idx_month = 2;
661 int idx_number = 3;
662 int idx_number_2 = 4;
663 VTY_DECLVAR_CONTEXT_SUB(key, key);
664
665 return key_lifetime_infinite_set(
666 vty, &key->accept, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
667 argv[idx_month]->arg, argv[idx_number_2]->arg);
668 }
669
670 DEFUN (accept_lifetime_duration_day_month,
671 accept_lifetime_duration_day_month_cmd,
672 "accept-lifetime HH:MM:SS (1-31) MONTH (1993-2035) duration (1-2147483646)",
673 "Set accept lifetime of the key\n"
674 "Time to start\n"
675 "Day of th month to start\n"
676 "Month of the year to start\n"
677 "Year to start\n"
678 "Duration of the key\n"
679 "Duration seconds\n")
680 {
681 int idx_hhmmss = 1;
682 int idx_number = 2;
683 int idx_month = 3;
684 int idx_number_2 = 4;
685 int idx_number_3 = 6;
686 VTY_DECLVAR_CONTEXT_SUB(key, key);
687
688 return key_lifetime_duration_set(
689 vty, &key->accept, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
690 argv[idx_month]->arg, argv[idx_number_2]->arg,
691 argv[idx_number_3]->arg);
692 }
693
694 DEFUN (accept_lifetime_duration_month_day,
695 accept_lifetime_duration_month_day_cmd,
696 "accept-lifetime HH:MM:SS MONTH (1-31) (1993-2035) duration (1-2147483646)",
697 "Set accept lifetime of the key\n"
698 "Time to start\n"
699 "Month of the year to start\n"
700 "Day of th month to start\n"
701 "Year to start\n"
702 "Duration of the key\n"
703 "Duration seconds\n")
704 {
705 int idx_hhmmss = 1;
706 int idx_month = 2;
707 int idx_number = 3;
708 int idx_number_2 = 4;
709 int idx_number_3 = 6;
710 VTY_DECLVAR_CONTEXT_SUB(key, key);
711
712 return key_lifetime_duration_set(
713 vty, &key->accept, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
714 argv[idx_month]->arg, argv[idx_number_2]->arg,
715 argv[idx_number_3]->arg);
716 }
717
718 DEFUN (send_lifetime_day_month_day_month,
719 send_lifetime_day_month_day_month_cmd,
720 "send-lifetime HH:MM:SS (1-31) MONTH (1993-2035) HH:MM:SS (1-31) MONTH (1993-2035)",
721 "Set send lifetime of the key\n"
722 "Time to start\n"
723 "Day of th month to start\n"
724 "Month of the year to start\n"
725 "Year to start\n"
726 "Time to expire\n"
727 "Day of th month to expire\n"
728 "Month of the year to expire\n"
729 "Year to expire\n")
730 {
731 int idx_hhmmss = 1;
732 int idx_number = 2;
733 int idx_month = 3;
734 int idx_number_2 = 4;
735 int idx_hhmmss_2 = 5;
736 int idx_number_3 = 6;
737 int idx_month_2 = 7;
738 int idx_number_4 = 8;
739 VTY_DECLVAR_CONTEXT_SUB(key, key);
740
741 return key_lifetime_set(
742 vty, &key->send, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
743 argv[idx_month]->arg, argv[idx_number_2]->arg,
744 argv[idx_hhmmss_2]->arg, argv[idx_number_3]->arg,
745 argv[idx_month_2]->arg, argv[idx_number_4]->arg);
746 }
747
748 DEFUN (send_lifetime_day_month_month_day,
749 send_lifetime_day_month_month_day_cmd,
750 "send-lifetime HH:MM:SS (1-31) MONTH (1993-2035) HH:MM:SS MONTH (1-31) (1993-2035)",
751 "Set send lifetime of the key\n"
752 "Time to start\n"
753 "Day of th month to start\n"
754 "Month of the year to start\n"
755 "Year to start\n"
756 "Time to expire\n"
757 "Month of the year to expire\n"
758 "Day of th month to expire\n"
759 "Year to expire\n")
760 {
761 int idx_hhmmss = 1;
762 int idx_number = 2;
763 int idx_month = 3;
764 int idx_number_2 = 4;
765 int idx_hhmmss_2 = 5;
766 int idx_month_2 = 6;
767 int idx_number_3 = 7;
768 int idx_number_4 = 8;
769 VTY_DECLVAR_CONTEXT_SUB(key, key);
770
771 return key_lifetime_set(
772 vty, &key->send, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
773 argv[idx_month]->arg, argv[idx_number_2]->arg,
774 argv[idx_hhmmss_2]->arg, argv[idx_number_3]->arg,
775 argv[idx_month_2]->arg, argv[idx_number_4]->arg);
776 }
777
778 DEFUN (send_lifetime_month_day_day_month,
779 send_lifetime_month_day_day_month_cmd,
780 "send-lifetime HH:MM:SS MONTH (1-31) (1993-2035) HH:MM:SS (1-31) MONTH (1993-2035)",
781 "Set send lifetime of the key\n"
782 "Time to start\n"
783 "Month of the year to start\n"
784 "Day of th month to start\n"
785 "Year to start\n"
786 "Time to expire\n"
787 "Day of th month to expire\n"
788 "Month of the year to expire\n"
789 "Year to expire\n")
790 {
791 int idx_hhmmss = 1;
792 int idx_month = 2;
793 int idx_number = 3;
794 int idx_number_2 = 4;
795 int idx_hhmmss_2 = 5;
796 int idx_number_3 = 6;
797 int idx_month_2 = 7;
798 int idx_number_4 = 8;
799 VTY_DECLVAR_CONTEXT_SUB(key, key);
800
801 return key_lifetime_set(
802 vty, &key->send, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
803 argv[idx_month]->arg, argv[idx_number_2]->arg,
804 argv[idx_hhmmss_2]->arg, argv[idx_number_3]->arg,
805 argv[idx_month_2]->arg, argv[idx_number_4]->arg);
806 }
807
808 DEFUN (send_lifetime_month_day_month_day,
809 send_lifetime_month_day_month_day_cmd,
810 "send-lifetime HH:MM:SS MONTH (1-31) (1993-2035) HH:MM:SS MONTH (1-31) (1993-2035)",
811 "Set send lifetime of the key\n"
812 "Time to start\n"
813 "Month of the year to start\n"
814 "Day of th month to start\n"
815 "Year to start\n"
816 "Time to expire\n"
817 "Month of the year to expire\n"
818 "Day of th month to expire\n"
819 "Year to expire\n")
820 {
821 int idx_hhmmss = 1;
822 int idx_month = 2;
823 int idx_number = 3;
824 int idx_number_2 = 4;
825 int idx_hhmmss_2 = 5;
826 int idx_month_2 = 6;
827 int idx_number_3 = 7;
828 int idx_number_4 = 8;
829 VTY_DECLVAR_CONTEXT_SUB(key, key);
830
831 return key_lifetime_set(
832 vty, &key->send, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
833 argv[idx_month]->arg, argv[idx_number_2]->arg,
834 argv[idx_hhmmss_2]->arg, argv[idx_number_3]->arg,
835 argv[idx_month_2]->arg, argv[idx_number_4]->arg);
836 }
837
838 DEFUN (send_lifetime_infinite_day_month,
839 send_lifetime_infinite_day_month_cmd,
840 "send-lifetime HH:MM:SS (1-31) MONTH (1993-2035) infinite",
841 "Set send lifetime of the key\n"
842 "Time to start\n"
843 "Day of th month to start\n"
844 "Month of the year to start\n"
845 "Year to start\n"
846 "Never expires")
847 {
848 int idx_hhmmss = 1;
849 int idx_number = 2;
850 int idx_month = 3;
851 int idx_number_2 = 4;
852 VTY_DECLVAR_CONTEXT_SUB(key, key);
853
854 return key_lifetime_infinite_set(
855 vty, &key->send, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
856 argv[idx_month]->arg, argv[idx_number_2]->arg);
857 }
858
859 DEFUN (send_lifetime_infinite_month_day,
860 send_lifetime_infinite_month_day_cmd,
861 "send-lifetime HH:MM:SS MONTH (1-31) (1993-2035) infinite",
862 "Set send lifetime of the key\n"
863 "Time to start\n"
864 "Month of the year to start\n"
865 "Day of th month to start\n"
866 "Year to start\n"
867 "Never expires")
868 {
869 int idx_hhmmss = 1;
870 int idx_month = 2;
871 int idx_number = 3;
872 int idx_number_2 = 4;
873 VTY_DECLVAR_CONTEXT_SUB(key, key);
874
875 return key_lifetime_infinite_set(
876 vty, &key->send, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
877 argv[idx_month]->arg, argv[idx_number_2]->arg);
878 }
879
880 DEFUN (send_lifetime_duration_day_month,
881 send_lifetime_duration_day_month_cmd,
882 "send-lifetime HH:MM:SS (1-31) MONTH (1993-2035) duration (1-2147483646)",
883 "Set send lifetime of the key\n"
884 "Time to start\n"
885 "Day of th month to start\n"
886 "Month of the year to start\n"
887 "Year to start\n"
888 "Duration of the key\n"
889 "Duration seconds\n")
890 {
891 int idx_hhmmss = 1;
892 int idx_number = 2;
893 int idx_month = 3;
894 int idx_number_2 = 4;
895 int idx_number_3 = 6;
896 VTY_DECLVAR_CONTEXT_SUB(key, key);
897
898 return key_lifetime_duration_set(
899 vty, &key->send, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
900 argv[idx_month]->arg, argv[idx_number_2]->arg,
901 argv[idx_number_3]->arg);
902 }
903
904 DEFUN (send_lifetime_duration_month_day,
905 send_lifetime_duration_month_day_cmd,
906 "send-lifetime HH:MM:SS MONTH (1-31) (1993-2035) duration (1-2147483646)",
907 "Set send lifetime of the key\n"
908 "Time to start\n"
909 "Month of the year to start\n"
910 "Day of th month to start\n"
911 "Year to start\n"
912 "Duration of the key\n"
913 "Duration seconds\n")
914 {
915 int idx_hhmmss = 1;
916 int idx_month = 2;
917 int idx_number = 3;
918 int idx_number_2 = 4;
919 int idx_number_3 = 6;
920 VTY_DECLVAR_CONTEXT_SUB(key, key);
921
922 return key_lifetime_duration_set(
923 vty, &key->send, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
924 argv[idx_month]->arg, argv[idx_number_2]->arg,
925 argv[idx_number_3]->arg);
926 }
927
928 static struct cmd_node keychain_node = {KEYCHAIN_NODE, "%s(config-keychain)# ",
929 1};
930
931 static struct cmd_node keychain_key_node = {KEYCHAIN_KEY_NODE,
932 "%s(config-keychain-key)# ", 1};
933
934 static int keychain_strftime(char *buf, int bufsiz, time_t *time)
935 {
936 struct tm *tm;
937 size_t len;
938
939 tm = localtime(time);
940
941 len = strftime(buf, bufsiz, "%T %b %d %Y", tm);
942
943 return len;
944 }
945
946 static int keychain_config_write(struct vty *vty)
947 {
948 struct keychain *keychain;
949 struct key *key;
950 struct listnode *node;
951 struct listnode *knode;
952 char buf[BUFSIZ];
953
954 for (ALL_LIST_ELEMENTS_RO(keychain_list, node, keychain)) {
955 vty_out(vty, "key chain %s\n", keychain->name);
956
957 for (ALL_LIST_ELEMENTS_RO(keychain->key, knode, key)) {
958 vty_out(vty, " key %d\n", key->index);
959
960 if (key->string)
961 vty_out(vty, " key-string %s\n", key->string);
962
963 if (key->accept.start) {
964 keychain_strftime(buf, BUFSIZ,
965 &key->accept.start);
966 vty_out(vty, " accept-lifetime %s", buf);
967
968 if (key->accept.end == -1)
969 vty_out(vty, " infinite");
970 else if (key->accept.duration)
971 vty_out(vty, " duration %ld",
972 (long)(key->accept.end
973 - key->accept.start));
974 else {
975 keychain_strftime(buf, BUFSIZ,
976 &key->accept.end);
977 vty_out(vty, " %s", buf);
978 }
979 vty_out(vty, "\n");
980 }
981
982 if (key->send.start) {
983 keychain_strftime(buf, BUFSIZ,
984 &key->send.start);
985 vty_out(vty, " send-lifetime %s", buf);
986
987 if (key->send.end == -1)
988 vty_out(vty, " infinite");
989 else if (key->send.duration)
990 vty_out(vty, " duration %ld",
991 (long)(key->send.end
992 - key->send.start));
993 else {
994 keychain_strftime(buf, BUFSIZ,
995 &key->send.end);
996 vty_out(vty, " %s", buf);
997 }
998 vty_out(vty, "\n");
999 }
1000 }
1001 vty_out(vty, "!\n");
1002 }
1003
1004 return 0;
1005 }
1006
1007 void keychain_init()
1008 {
1009 keychain_list = list_new();
1010
1011 install_node(&keychain_node, keychain_config_write);
1012 install_node(&keychain_key_node, NULL);
1013
1014 install_default(KEYCHAIN_NODE);
1015 install_default(KEYCHAIN_KEY_NODE);
1016
1017 install_element(CONFIG_NODE, &key_chain_cmd);
1018 install_element(CONFIG_NODE, &no_key_chain_cmd);
1019 install_element(KEYCHAIN_NODE, &key_cmd);
1020 install_element(KEYCHAIN_NODE, &no_key_cmd);
1021
1022 install_element(KEYCHAIN_NODE, &key_chain_cmd);
1023 install_element(KEYCHAIN_NODE, &no_key_chain_cmd);
1024
1025 install_element(KEYCHAIN_KEY_NODE, &key_string_cmd);
1026 install_element(KEYCHAIN_KEY_NODE, &no_key_string_cmd);
1027
1028 install_element(KEYCHAIN_KEY_NODE, &key_chain_cmd);
1029 install_element(KEYCHAIN_KEY_NODE, &no_key_chain_cmd);
1030
1031 install_element(KEYCHAIN_KEY_NODE, &key_cmd);
1032 install_element(KEYCHAIN_KEY_NODE, &no_key_cmd);
1033
1034 install_element(KEYCHAIN_KEY_NODE,
1035 &accept_lifetime_day_month_day_month_cmd);
1036 install_element(KEYCHAIN_KEY_NODE,
1037 &accept_lifetime_day_month_month_day_cmd);
1038 install_element(KEYCHAIN_KEY_NODE,
1039 &accept_lifetime_month_day_day_month_cmd);
1040 install_element(KEYCHAIN_KEY_NODE,
1041 &accept_lifetime_month_day_month_day_cmd);
1042 install_element(KEYCHAIN_KEY_NODE,
1043 &accept_lifetime_infinite_day_month_cmd);
1044 install_element(KEYCHAIN_KEY_NODE,
1045 &accept_lifetime_infinite_month_day_cmd);
1046 install_element(KEYCHAIN_KEY_NODE,
1047 &accept_lifetime_duration_day_month_cmd);
1048 install_element(KEYCHAIN_KEY_NODE,
1049 &accept_lifetime_duration_month_day_cmd);
1050
1051 install_element(KEYCHAIN_KEY_NODE,
1052 &send_lifetime_day_month_day_month_cmd);
1053 install_element(KEYCHAIN_KEY_NODE,
1054 &send_lifetime_day_month_month_day_cmd);
1055 install_element(KEYCHAIN_KEY_NODE,
1056 &send_lifetime_month_day_day_month_cmd);
1057 install_element(KEYCHAIN_KEY_NODE,
1058 &send_lifetime_month_day_month_day_cmd);
1059 install_element(KEYCHAIN_KEY_NODE,
1060 &send_lifetime_infinite_day_month_cmd);
1061 install_element(KEYCHAIN_KEY_NODE,
1062 &send_lifetime_infinite_month_day_cmd);
1063 install_element(KEYCHAIN_KEY_NODE,
1064 &send_lifetime_duration_day_month_cmd);
1065 install_element(KEYCHAIN_KEY_NODE,
1066 &send_lifetime_duration_month_day_cmd);
1067 }
FRRouting mirror