Annotation of embedaddon/quagga/lib/keychain.c, revision 1.1
1.1 ! misho 1: /* key-chain for authentication.
! 2: Copyright (C) 2000 Kunihiro Ishiguro
! 3:
! 4: This file is part of GNU Zebra.
! 5:
! 6: GNU Zebra is free software; you can redistribute it and/or modify
! 7: it under the terms of the GNU General Public License as published
! 8: by the Free Software Foundation; either version 2, or (at your
! 9: option) any later version.
! 10:
! 11: GNU Zebra is distributed in the hope that it will be useful, but
! 12: WITHOUT ANY WARRANTY; without even the implied warranty of
! 13: MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
! 14: General Public License for more details.
! 15:
! 16: You should have received a copy of the GNU General Public License
! 17: along with GNU Zebra; see the file COPYING. If not, write to the
! 18: Free Software Foundation, Inc., 59 Temple Place - Suite 330,
! 19: Boston, MA 02111-1307, USA. */
! 20:
! 21: #include <zebra.h>
! 22:
! 23: #include "command.h"
! 24: #include "memory.h"
! 25: #include "linklist.h"
! 26: #include "keychain.h"
! 27:
! 28: /* Master list of key chain. */
! 29: struct list *keychain_list;
! 30:
! 31: static struct keychain *
! 32: keychain_new (void)
! 33: {
! 34: return XCALLOC (MTYPE_KEYCHAIN, sizeof (struct keychain));
! 35: }
! 36:
! 37: static void
! 38: keychain_free (struct keychain *keychain)
! 39: {
! 40: XFREE (MTYPE_KEYCHAIN, keychain);
! 41: }
! 42:
! 43: static struct key *
! 44: key_new (void)
! 45: {
! 46: return XCALLOC (MTYPE_KEY, sizeof (struct key));
! 47: }
! 48:
! 49: static void
! 50: key_free (struct key *key)
! 51: {
! 52: XFREE (MTYPE_KEY, key);
! 53: }
! 54:
! 55: struct keychain *
! 56: keychain_lookup (const char *name)
! 57: {
! 58: struct listnode *node;
! 59: struct keychain *keychain;
! 60:
! 61: if (name == NULL)
! 62: return NULL;
! 63:
! 64: for (ALL_LIST_ELEMENTS_RO (keychain_list, node, keychain))
! 65: {
! 66: if (strcmp (keychain->name, name) == 0)
! 67: return keychain;
! 68: }
! 69: return NULL;
! 70: }
! 71:
! 72: static int
! 73: key_cmp_func (void *arg1, void *arg2)
! 74: {
! 75: const struct key *k1 = arg1;
! 76: const struct key *k2 = arg2;
! 77:
! 78: if (k1->index > k2->index)
! 79: return 1;
! 80: if (k1->index < k2->index)
! 81: return -1;
! 82: return 0;
! 83: }
! 84:
! 85: static void
! 86: key_delete_func (struct key *key)
! 87: {
! 88: if (key->string)
! 89: free (key->string);
! 90: key_free (key);
! 91: }
! 92:
! 93: static struct keychain *
! 94: keychain_get (const char *name)
! 95: {
! 96: struct keychain *keychain;
! 97:
! 98: keychain = keychain_lookup (name);
! 99:
! 100: if (keychain)
! 101: return keychain;
! 102:
! 103: keychain = keychain_new ();
! 104: keychain->name = strdup (name);
! 105: keychain->key = list_new ();
! 106: keychain->key->cmp = (int (*)(void *, void *)) key_cmp_func;
! 107: keychain->key->del = (void (*)(void *)) key_delete_func;
! 108: listnode_add (keychain_list, keychain);
! 109:
! 110: return keychain;
! 111: }
! 112:
! 113: static void
! 114: keychain_delete (struct keychain *keychain)
! 115: {
! 116: if (keychain->name)
! 117: free (keychain->name);
! 118:
! 119: list_delete (keychain->key);
! 120: listnode_delete (keychain_list, keychain);
! 121: keychain_free (keychain);
! 122: }
! 123:
! 124: static struct key *
! 125: key_lookup (const struct keychain *keychain, u_int32_t index)
! 126: {
! 127: struct listnode *node;
! 128: struct key *key;
! 129:
! 130: for (ALL_LIST_ELEMENTS_RO (keychain->key, node, key))
! 131: {
! 132: if (key->index == index)
! 133: return key;
! 134: }
! 135: return NULL;
! 136: }
! 137:
! 138: struct key *
! 139: key_lookup_for_accept (const struct keychain *keychain, u_int32_t index)
! 140: {
! 141: struct listnode *node;
! 142: struct key *key;
! 143: time_t now;
! 144:
! 145: now = time (NULL);
! 146:
! 147: for (ALL_LIST_ELEMENTS_RO (keychain->key, node, key))
! 148: {
! 149: if (key->index >= index)
! 150: {
! 151: if (key->accept.start == 0)
! 152: return key;
! 153:
! 154: if (key->accept.start <= now)
! 155: if (key->accept.end >= now || key->accept.end == -1)
! 156: return key;
! 157: }
! 158: }
! 159: return NULL;
! 160: }
! 161:
! 162: struct key *
! 163: key_match_for_accept (const struct keychain *keychain, const char *auth_str)
! 164: {
! 165: struct listnode *node;
! 166: struct key *key;
! 167: time_t now;
! 168:
! 169: now = time (NULL);
! 170:
! 171: for (ALL_LIST_ELEMENTS_RO (keychain->key, node, key))
! 172: {
! 173: if (key->accept.start == 0 ||
! 174: (key->accept.start <= now &&
! 175: (key->accept.end >= now || key->accept.end == -1)))
! 176: if (strncmp (key->string, auth_str, 16) == 0)
! 177: return key;
! 178: }
! 179: return NULL;
! 180: }
! 181:
! 182: struct key *
! 183: key_lookup_for_send (const struct keychain *keychain)
! 184: {
! 185: struct listnode *node;
! 186: struct key *key;
! 187: time_t now;
! 188:
! 189: now = time (NULL);
! 190:
! 191: for (ALL_LIST_ELEMENTS_RO (keychain->key, node, key))
! 192: {
! 193: if (key->send.start == 0)
! 194: return key;
! 195:
! 196: if (key->send.start <= now)
! 197: if (key->send.end >= now || key->send.end == -1)
! 198: return key;
! 199: }
! 200: return NULL;
! 201: }
! 202:
! 203: static struct key *
! 204: key_get (const struct keychain *keychain, u_int32_t index)
! 205: {
! 206: struct key *key;
! 207:
! 208: key = key_lookup (keychain, index);
! 209:
! 210: if (key)
! 211: return key;
! 212:
! 213: key = key_new ();
! 214: key->index = index;
! 215: listnode_add_sort (keychain->key, key);
! 216:
! 217: return key;
! 218: }
! 219:
! 220: static void
! 221: key_delete (struct keychain *keychain, struct key *key)
! 222: {
! 223: listnode_delete (keychain->key, key);
! 224:
! 225: if (key->string)
! 226: free (key->string);
! 227: key_free (key);
! 228: }
! 229: �
! 230: DEFUN (key_chain,
! 231: key_chain_cmd,
! 232: "key chain WORD",
! 233: "Authentication key management\n"
! 234: "Key-chain management\n"
! 235: "Key-chain name\n")
! 236: {
! 237: struct keychain *keychain;
! 238:
! 239: keychain = keychain_get (argv[0]);
! 240: vty->index = keychain;
! 241: vty->node = KEYCHAIN_NODE;
! 242:
! 243: return CMD_SUCCESS;
! 244: }
! 245:
! 246: DEFUN (no_key_chain,
! 247: no_key_chain_cmd,
! 248: "no key chain WORD",
! 249: NO_STR
! 250: "Authentication key management\n"
! 251: "Key-chain management\n"
! 252: "Key-chain name\n")
! 253: {
! 254: struct keychain *keychain;
! 255:
! 256: keychain = keychain_lookup (argv[0]);
! 257:
! 258: if (! keychain)
! 259: {
! 260: vty_out (vty, "Can't find keychain %s%s", argv[0], VTY_NEWLINE);
! 261: return CMD_WARNING;
! 262: }
! 263:
! 264: keychain_delete (keychain);
! 265:
! 266: return CMD_SUCCESS;
! 267: }
! 268:
! 269: DEFUN (key,
! 270: key_cmd,
! 271: "key <0-2147483647>",
! 272: "Configure a key\n"
! 273: "Key identifier number\n")
! 274: {
! 275: struct keychain *keychain;
! 276: struct key *key;
! 277: u_int32_t index;
! 278:
! 279: keychain = vty->index;
! 280:
! 281: VTY_GET_INTEGER ("key identifier", index, argv[0]);
! 282: key = key_get (keychain, index);
! 283: vty->index_sub = key;
! 284: vty->node = KEYCHAIN_KEY_NODE;
! 285:
! 286: return CMD_SUCCESS;
! 287: }
! 288:
! 289: DEFUN (no_key,
! 290: no_key_cmd,
! 291: "no key <0-2147483647>",
! 292: NO_STR
! 293: "Delete a key\n"
! 294: "Key identifier number\n")
! 295: {
! 296: struct keychain *keychain;
! 297: struct key *key;
! 298: u_int32_t index;
! 299:
! 300: keychain = vty->index;
! 301:
! 302: VTY_GET_INTEGER ("key identifier", index, argv[0]);
! 303: key = key_lookup (keychain, index);
! 304: if (! key)
! 305: {
! 306: vty_out (vty, "Can't find key %d%s", index, VTY_NEWLINE);
! 307: return CMD_WARNING;
! 308: }
! 309:
! 310: key_delete (keychain, key);
! 311:
! 312: vty->node = KEYCHAIN_NODE;
! 313:
! 314: return CMD_SUCCESS;
! 315: }
! 316:
! 317: DEFUN (key_string,
! 318: key_string_cmd,
! 319: "key-string LINE",
! 320: "Set key string\n"
! 321: "The key\n")
! 322: {
! 323: struct key *key;
! 324:
! 325: key = vty->index_sub;
! 326:
! 327: if (key->string)
! 328: free (key->string);
! 329: key->string = strdup (argv[0]);
! 330:
! 331: return CMD_SUCCESS;
! 332: }
! 333:
! 334: DEFUN (no_key_string,
! 335: no_key_string_cmd,
! 336: "no key-string [LINE]",
! 337: NO_STR
! 338: "Unset key string\n"
! 339: "The key\n")
! 340: {
! 341: struct key *key;
! 342:
! 343: key = vty->index_sub;
! 344:
! 345: if (key->string)
! 346: {
! 347: free (key->string);
! 348: key->string = NULL;
! 349: }
! 350:
! 351: return CMD_SUCCESS;
! 352: }
! 353:
! 354: /* Convert HH:MM:SS MON DAY YEAR to time_t value. -1 is returned when
! 355: given string is malformed. */
! 356: static time_t
! 357: key_str2time (const char *time_str, const char *day_str, const char *month_str,
! 358: const char *year_str)
! 359: {
! 360: int i = 0;
! 361: char *colon;
! 362: struct tm tm;
! 363: time_t time;
! 364: unsigned int sec, min, hour;
! 365: unsigned int day, month, year;
! 366:
! 367: const char *month_name[] =
! 368: {
! 369: "January",
! 370: "February",
! 371: "March",
! 372: "April",
! 373: "May",
! 374: "June",
! 375: "July",
! 376: "August",
! 377: "September",
! 378: "October",
! 379: "November",
! 380: "December",
! 381: NULL
! 382: };
! 383:
! 384: #define GET_LONG_RANGE(V,STR,MIN,MAX) \
! 385: { \
! 386: unsigned long tmpl; \
! 387: char *endptr = NULL; \
! 388: tmpl = strtoul ((STR), &endptr, 10); \
! 389: if (*endptr != '\0' || tmpl == ULONG_MAX) \
! 390: return -1; \
! 391: if ( tmpl < (MIN) || tmpl > (MAX)) \
! 392: return -1; \
! 393: (V) = tmpl; \
! 394: }
! 395:
! 396: /* Check hour field of time_str. */
! 397: colon = strchr (time_str, ':');
! 398: if (colon == NULL)
! 399: return -1;
! 400: *colon = '\0';
! 401:
! 402: /* Hour must be between 0 and 23. */
! 403: GET_LONG_RANGE (hour, time_str, 0, 23);
! 404:
! 405: /* Check min field of time_str. */
! 406: time_str = colon + 1;
! 407: colon = strchr (time_str, ':');
! 408: if (*time_str == '\0' || colon == NULL)
! 409: return -1;
! 410: *colon = '\0';
! 411:
! 412: /* Min must be between 0 and 59. */
! 413: GET_LONG_RANGE (min, time_str, 0, 59);
! 414:
! 415: /* Check sec field of time_str. */
! 416: time_str = colon + 1;
! 417: if (*time_str == '\0')
! 418: return -1;
! 419:
! 420: /* Sec must be between 0 and 59. */
! 421: GET_LONG_RANGE (sec, time_str, 0, 59);
! 422:
! 423: /* Check day_str. Day must be <1-31>. */
! 424: GET_LONG_RANGE (day, day_str, 1, 31);
! 425:
! 426: /* Check month_str. Month must match month_name. */
! 427: month = 0;
! 428: if (strlen (month_str) >= 3)
! 429: for (i = 0; month_name[i]; i++)
! 430: if (strncmp (month_str, month_name[i], strlen (month_str)) == 0)
! 431: {
! 432: month = i;
! 433: break;
! 434: }
! 435: if (! month_name[i])
! 436: return -1;
! 437:
! 438: /* Check year_str. Year must be <1993-2035>. */
! 439: GET_LONG_RANGE (year, year_str, 1993, 2035);
! 440:
! 441: memset (&tm, 0, sizeof (struct tm));
! 442: tm.tm_sec = sec;
! 443: tm.tm_min = min;
! 444: tm.tm_hour = hour;
! 445: tm.tm_mon = month;
! 446: tm.tm_mday = day;
! 447: tm.tm_year = year - 1900;
! 448:
! 449: time = mktime (&tm);
! 450:
! 451: return time;
! 452: #undef GET_LONG_RANGE
! 453: }
! 454:
! 455: static int
! 456: key_lifetime_set (struct vty *vty, struct key_range *krange,
! 457: const char *stime_str, const char *sday_str,
! 458: const char *smonth_str, const char *syear_str,
! 459: const char *etime_str, const char *eday_str,
! 460: const char *emonth_str, const char *eyear_str)
! 461: {
! 462: time_t time_start;
! 463: time_t time_end;
! 464:
! 465: time_start = key_str2time (stime_str, sday_str, smonth_str, syear_str);
! 466: if (time_start < 0)
! 467: {
! 468: vty_out (vty, "Malformed time value%s", VTY_NEWLINE);
! 469: return CMD_WARNING;
! 470: }
! 471: time_end = key_str2time (etime_str, eday_str, emonth_str, eyear_str);
! 472:
! 473: if (time_end < 0)
! 474: {
! 475: vty_out (vty, "Malformed time value%s", VTY_NEWLINE);
! 476: return CMD_WARNING;
! 477: }
! 478:
! 479: if (time_end <= time_start)
! 480: {
! 481: vty_out (vty, "Expire time is not later than start time%s", VTY_NEWLINE);
! 482: return CMD_WARNING;
! 483: }
! 484:
! 485: krange->start = time_start;
! 486: krange->end = time_end;
! 487:
! 488: return CMD_SUCCESS;
! 489: }
! 490:
! 491: static int
! 492: key_lifetime_duration_set (struct vty *vty, struct key_range *krange,
! 493: const char *stime_str, const char *sday_str,
! 494: const char *smonth_str, const char *syear_str,
! 495: const char *duration_str)
! 496: {
! 497: time_t time_start;
! 498: u_int32_t duration;
! 499:
! 500: time_start = key_str2time (stime_str, sday_str, smonth_str, syear_str);
! 501: if (time_start < 0)
! 502: {
! 503: vty_out (vty, "Malformed time value%s", VTY_NEWLINE);
! 504: return CMD_WARNING;
! 505: }
! 506: krange->start = time_start;
! 507:
! 508: VTY_GET_INTEGER ("duration", duration, duration_str);
! 509: krange->duration = 1;
! 510: krange->end = time_start + duration;
! 511:
! 512: return CMD_SUCCESS;
! 513: }
! 514:
! 515: static int
! 516: key_lifetime_infinite_set (struct vty *vty, struct key_range *krange,
! 517: const char *stime_str, const char *sday_str,
! 518: const char *smonth_str, const char *syear_str)
! 519: {
! 520: time_t time_start;
! 521:
! 522: time_start = key_str2time (stime_str, sday_str, smonth_str, syear_str);
! 523: if (time_start < 0)
! 524: {
! 525: vty_out (vty, "Malformed time value%s", VTY_NEWLINE);
! 526: return CMD_WARNING;
! 527: }
! 528: krange->start = time_start;
! 529:
! 530: krange->end = -1;
! 531:
! 532: return CMD_SUCCESS;
! 533: }
! 534: �
! 535: DEFUN (accept_lifetime_day_month_day_month,
! 536: accept_lifetime_day_month_day_month_cmd,
! 537: "accept-lifetime HH:MM:SS <1-31> MONTH <1993-2035> HH:MM:SS <1-31> MONTH <1993-2035>",
! 538: "Set accept lifetime of the key\n"
! 539: "Time to start\n"
! 540: "Day of th month to start\n"
! 541: "Month of the year to start\n"
! 542: "Year to start\n"
! 543: "Time to expire\n"
! 544: "Day of th month to expire\n"
! 545: "Month of the year to expire\n"
! 546: "Year to expire\n")
! 547: {
! 548: struct key *key;
! 549:
! 550: key = vty->index_sub;
! 551:
! 552: return key_lifetime_set (vty, &key->accept, argv[0], argv[1], argv[2],
! 553: argv[3], argv[4], argv[5], argv[6], argv[7]);
! 554: }
! 555:
! 556: DEFUN (accept_lifetime_day_month_month_day,
! 557: accept_lifetime_day_month_month_day_cmd,
! 558: "accept-lifetime HH:MM:SS <1-31> MONTH <1993-2035> HH:MM:SS MONTH <1-31> <1993-2035>",
! 559: "Set accept lifetime of the key\n"
! 560: "Time to start\n"
! 561: "Day of th month to start\n"
! 562: "Month of the year to start\n"
! 563: "Year to start\n"
! 564: "Time to expire\n"
! 565: "Month of the year to expire\n"
! 566: "Day of th month to expire\n"
! 567: "Year to expire\n")
! 568: {
! 569: struct key *key;
! 570:
! 571: key = vty->index_sub;
! 572:
! 573: return key_lifetime_set (vty, &key->accept, argv[0], argv[1], argv[2],
! 574: argv[3], argv[4], argv[6], argv[5], argv[7]);
! 575: }
! 576:
! 577: DEFUN (accept_lifetime_month_day_day_month,
! 578: accept_lifetime_month_day_day_month_cmd,
! 579: "accept-lifetime HH:MM:SS MONTH <1-31> <1993-2035> HH:MM:SS <1-31> MONTH <1993-2035>",
! 580: "Set accept lifetime of the key\n"
! 581: "Time to start\n"
! 582: "Month of the year to start\n"
! 583: "Day of th month to start\n"
! 584: "Year to start\n"
! 585: "Time to expire\n"
! 586: "Day of th month to expire\n"
! 587: "Month of the year to expire\n"
! 588: "Year to expire\n")
! 589: {
! 590: struct key *key;
! 591:
! 592: key = vty->index_sub;
! 593:
! 594: return key_lifetime_set (vty, &key->accept, argv[0], argv[2], argv[1],
! 595: argv[3], argv[4], argv[5], argv[6], argv[7]);
! 596: }
! 597:
! 598: DEFUN (accept_lifetime_month_day_month_day,
! 599: accept_lifetime_month_day_month_day_cmd,
! 600: "accept-lifetime HH:MM:SS MONTH <1-31> <1993-2035> HH:MM:SS MONTH <1-31> <1993-2035>",
! 601: "Set accept lifetime of the key\n"
! 602: "Time to start\n"
! 603: "Month of the year to start\n"
! 604: "Day of th month to start\n"
! 605: "Year to start\n"
! 606: "Time to expire\n"
! 607: "Month of the year to expire\n"
! 608: "Day of th month to expire\n"
! 609: "Year to expire\n")
! 610: {
! 611: struct key *key;
! 612:
! 613: key = vty->index_sub;
! 614:
! 615: return key_lifetime_set (vty, &key->accept, argv[0], argv[2], argv[1],
! 616: argv[3], argv[4], argv[6], argv[5], argv[7]);
! 617: }
! 618:
! 619: DEFUN (accept_lifetime_infinite_day_month,
! 620: accept_lifetime_infinite_day_month_cmd,
! 621: "accept-lifetime HH:MM:SS <1-31> MONTH <1993-2035> infinite",
! 622: "Set accept lifetime of the key\n"
! 623: "Time to start\n"
! 624: "Day of th month to start\n"
! 625: "Month of the year to start\n"
! 626: "Year to start\n"
! 627: "Never expires")
! 628: {
! 629: struct key *key;
! 630:
! 631: key = vty->index_sub;
! 632:
! 633: return key_lifetime_infinite_set (vty, &key->accept, argv[0], argv[1],
! 634: argv[2], argv[3]);
! 635: }
! 636:
! 637: DEFUN (accept_lifetime_infinite_month_day,
! 638: accept_lifetime_infinite_month_day_cmd,
! 639: "accept-lifetime HH:MM:SS MONTH <1-31> <1993-2035> infinite",
! 640: "Set accept lifetime of the key\n"
! 641: "Time to start\n"
! 642: "Month of the year to start\n"
! 643: "Day of th month to start\n"
! 644: "Year to start\n"
! 645: "Never expires")
! 646: {
! 647: struct key *key;
! 648:
! 649: key = vty->index_sub;
! 650:
! 651: return key_lifetime_infinite_set (vty, &key->accept, argv[0], argv[2],
! 652: argv[1], argv[3]);
! 653: }
! 654:
! 655: DEFUN (accept_lifetime_duration_day_month,
! 656: accept_lifetime_duration_day_month_cmd,
! 657: "accept-lifetime HH:MM:SS <1-31> MONTH <1993-2035> duration <1-2147483646>",
! 658: "Set accept lifetime of the key\n"
! 659: "Time to start\n"
! 660: "Day of th month to start\n"
! 661: "Month of the year to start\n"
! 662: "Year to start\n"
! 663: "Duration of the key\n"
! 664: "Duration seconds\n")
! 665: {
! 666: struct key *key;
! 667:
! 668: key = vty->index_sub;
! 669:
! 670: return key_lifetime_duration_set (vty, &key->accept, argv[0], argv[1],
! 671: argv[2], argv[3], argv[4]);
! 672: }
! 673:
! 674: DEFUN (accept_lifetime_duration_month_day,
! 675: accept_lifetime_duration_month_day_cmd,
! 676: "accept-lifetime HH:MM:SS MONTH <1-31> <1993-2035> duration <1-2147483646>",
! 677: "Set accept lifetime of the key\n"
! 678: "Time to start\n"
! 679: "Month of the year to start\n"
! 680: "Day of th month to start\n"
! 681: "Year to start\n"
! 682: "Duration of the key\n"
! 683: "Duration seconds\n")
! 684: {
! 685: struct key *key;
! 686:
! 687: key = vty->index_sub;
! 688:
! 689: return key_lifetime_duration_set (vty, &key->accept, argv[0], argv[2],
! 690: argv[1], argv[3], argv[4]);
! 691: }
! 692: �
! 693: DEFUN (send_lifetime_day_month_day_month,
! 694: send_lifetime_day_month_day_month_cmd,
! 695: "send-lifetime HH:MM:SS <1-31> MONTH <1993-2035> HH:MM:SS <1-31> MONTH <1993-2035>",
! 696: "Set send lifetime of the key\n"
! 697: "Time to start\n"
! 698: "Day of th month to start\n"
! 699: "Month of the year to start\n"
! 700: "Year to start\n"
! 701: "Time to expire\n"
! 702: "Day of th month to expire\n"
! 703: "Month of the year to expire\n"
! 704: "Year to expire\n")
! 705: {
! 706: struct key *key;
! 707:
! 708: key = vty->index_sub;
! 709:
! 710: return key_lifetime_set (vty, &key->send, argv[0], argv[1], argv[2], argv[3],
! 711: argv[4], argv[5], argv[6], argv[7]);
! 712: }
! 713:
! 714: DEFUN (send_lifetime_day_month_month_day,
! 715: send_lifetime_day_month_month_day_cmd,
! 716: "send-lifetime HH:MM:SS <1-31> MONTH <1993-2035> HH:MM:SS MONTH <1-31> <1993-2035>",
! 717: "Set send lifetime of the key\n"
! 718: "Time to start\n"
! 719: "Day of th month to start\n"
! 720: "Month of the year to start\n"
! 721: "Year to start\n"
! 722: "Time to expire\n"
! 723: "Month of the year to expire\n"
! 724: "Day of th month to expire\n"
! 725: "Year to expire\n")
! 726: {
! 727: struct key *key;
! 728:
! 729: key = vty->index_sub;
! 730:
! 731: return key_lifetime_set (vty, &key->send, argv[0], argv[1], argv[2], argv[3],
! 732: argv[4], argv[6], argv[5], argv[7]);
! 733: }
! 734:
! 735: DEFUN (send_lifetime_month_day_day_month,
! 736: send_lifetime_month_day_day_month_cmd,
! 737: "send-lifetime HH:MM:SS MONTH <1-31> <1993-2035> HH:MM:SS <1-31> MONTH <1993-2035>",
! 738: "Set send lifetime of the key\n"
! 739: "Time to start\n"
! 740: "Month of the year to start\n"
! 741: "Day of th month to start\n"
! 742: "Year to start\n"
! 743: "Time to expire\n"
! 744: "Day of th month to expire\n"
! 745: "Month of the year to expire\n"
! 746: "Year to expire\n")
! 747: {
! 748: struct key *key;
! 749:
! 750: key = vty->index_sub;
! 751:
! 752: return key_lifetime_set (vty, &key->send, argv[0], argv[2], argv[1], argv[3],
! 753: argv[4], argv[5], argv[6], argv[7]);
! 754: }
! 755:
! 756: DEFUN (send_lifetime_month_day_month_day,
! 757: send_lifetime_month_day_month_day_cmd,
! 758: "send-lifetime HH:MM:SS MONTH <1-31> <1993-2035> HH:MM:SS MONTH <1-31> <1993-2035>",
! 759: "Set send lifetime of the key\n"
! 760: "Time to start\n"
! 761: "Month of the year to start\n"
! 762: "Day of th month to start\n"
! 763: "Year to start\n"
! 764: "Time to expire\n"
! 765: "Month of the year to expire\n"
! 766: "Day of th month to expire\n"
! 767: "Year to expire\n")
! 768: {
! 769: struct key *key;
! 770:
! 771: key = vty->index_sub;
! 772:
! 773: return key_lifetime_set (vty, &key->send, argv[0], argv[2], argv[1], argv[3],
! 774: argv[4], argv[6], argv[5], argv[7]);
! 775: }
! 776:
! 777: DEFUN (send_lifetime_infinite_day_month,
! 778: send_lifetime_infinite_day_month_cmd,
! 779: "send-lifetime HH:MM:SS <1-31> MONTH <1993-2035> infinite",
! 780: "Set send lifetime of the key\n"
! 781: "Time to start\n"
! 782: "Day of th month to start\n"
! 783: "Month of the year to start\n"
! 784: "Year to start\n"
! 785: "Never expires")
! 786: {
! 787: struct key *key;
! 788:
! 789: key = vty->index_sub;
! 790:
! 791: return key_lifetime_infinite_set (vty, &key->send, argv[0], argv[1], argv[2],
! 792: argv[3]);
! 793: }
! 794:
! 795: DEFUN (send_lifetime_infinite_month_day,
! 796: send_lifetime_infinite_month_day_cmd,
! 797: "send-lifetime HH:MM:SS MONTH <1-31> <1993-2035> infinite",
! 798: "Set send lifetime of the key\n"
! 799: "Time to start\n"
! 800: "Month of the year to start\n"
! 801: "Day of th month to start\n"
! 802: "Year to start\n"
! 803: "Never expires")
! 804: {
! 805: struct key *key;
! 806:
! 807: key = vty->index_sub;
! 808:
! 809: return key_lifetime_infinite_set (vty, &key->send, argv[0], argv[2], argv[1],
! 810: argv[3]);
! 811: }
! 812:
! 813: DEFUN (send_lifetime_duration_day_month,
! 814: send_lifetime_duration_day_month_cmd,
! 815: "send-lifetime HH:MM:SS <1-31> MONTH <1993-2035> duration <1-2147483646>",
! 816: "Set send lifetime of the key\n"
! 817: "Time to start\n"
! 818: "Day of th month to start\n"
! 819: "Month of the year to start\n"
! 820: "Year to start\n"
! 821: "Duration of the key\n"
! 822: "Duration seconds\n")
! 823: {
! 824: struct key *key;
! 825:
! 826: key = vty->index_sub;
! 827:
! 828: return key_lifetime_duration_set (vty, &key->send, argv[0], argv[1], argv[2],
! 829: argv[3], argv[4]);
! 830: }
! 831:
! 832: DEFUN (send_lifetime_duration_month_day,
! 833: send_lifetime_duration_month_day_cmd,
! 834: "send-lifetime HH:MM:SS MONTH <1-31> <1993-2035> duration <1-2147483646>",
! 835: "Set send lifetime of the key\n"
! 836: "Time to start\n"
! 837: "Month of the year to start\n"
! 838: "Day of th month to start\n"
! 839: "Year to start\n"
! 840: "Duration of the key\n"
! 841: "Duration seconds\n")
! 842: {
! 843: struct key *key;
! 844:
! 845: key = vty->index_sub;
! 846:
! 847: return key_lifetime_duration_set (vty, &key->send, argv[0], argv[2], argv[1],
! 848: argv[3], argv[4]);
! 849: }
! 850: �
! 851: static struct cmd_node keychain_node =
! 852: {
! 853: KEYCHAIN_NODE,
! 854: "%s(config-keychain)# ",
! 855: 1
! 856: };
! 857:
! 858: static struct cmd_node keychain_key_node =
! 859: {
! 860: KEYCHAIN_KEY_NODE,
! 861: "%s(config-keychain-key)# ",
! 862: 1
! 863: };
! 864:
! 865: static int
! 866: keychain_strftime (char *buf, int bufsiz, time_t *time)
! 867: {
! 868: struct tm *tm;
! 869: size_t len;
! 870:
! 871: tm = localtime (time);
! 872:
! 873: len = strftime (buf, bufsiz, "%T %b %d %Y", tm);
! 874:
! 875: return len;
! 876: }
! 877:
! 878: static int
! 879: keychain_config_write (struct vty *vty)
! 880: {
! 881: struct keychain *keychain;
! 882: struct key *key;
! 883: struct listnode *node;
! 884: struct listnode *knode;
! 885: char buf[BUFSIZ];
! 886:
! 887: for (ALL_LIST_ELEMENTS_RO (keychain_list, node, keychain))
! 888: {
! 889: vty_out (vty, "key chain %s%s", keychain->name, VTY_NEWLINE);
! 890:
! 891: for (ALL_LIST_ELEMENTS_RO (keychain->key, knode, key))
! 892: {
! 893: vty_out (vty, " key %d%s", key->index, VTY_NEWLINE);
! 894:
! 895: if (key->string)
! 896: vty_out (vty, " key-string %s%s", key->string, VTY_NEWLINE);
! 897:
! 898: if (key->accept.start)
! 899: {
! 900: keychain_strftime (buf, BUFSIZ, &key->accept.start);
! 901: vty_out (vty, " accept-lifetime %s", buf);
! 902:
! 903: if (key->accept.end == -1)
! 904: vty_out (vty, " infinite");
! 905: else if (key->accept.duration)
! 906: vty_out (vty, " duration %ld",
! 907: (long)(key->accept.end - key->accept.start));
! 908: else
! 909: {
! 910: keychain_strftime (buf, BUFSIZ, &key->accept.end);
! 911: vty_out (vty, " %s", buf);
! 912: }
! 913: vty_out (vty, "%s", VTY_NEWLINE);
! 914: }
! 915:
! 916: if (key->send.start)
! 917: {
! 918: keychain_strftime (buf, BUFSIZ, &key->send.start);
! 919: vty_out (vty, " send-lifetime %s", buf);
! 920:
! 921: if (key->send.end == -1)
! 922: vty_out (vty, " infinite");
! 923: else if (key->send.duration)
! 924: vty_out (vty, " duration %ld", (long)(key->send.end - key->send.start));
! 925: else
! 926: {
! 927: keychain_strftime (buf, BUFSIZ, &key->send.end);
! 928: vty_out (vty, " %s", buf);
! 929: }
! 930: vty_out (vty, "%s", VTY_NEWLINE);
! 931: }
! 932: }
! 933: vty_out (vty, "!%s", VTY_NEWLINE);
! 934: }
! 935:
! 936: return 0;
! 937: }
! 938:
! 939: void
! 940: keychain_init ()
! 941: {
! 942: keychain_list = list_new ();
! 943:
! 944: install_node (&keychain_node, keychain_config_write);
! 945: install_node (&keychain_key_node, NULL);
! 946:
! 947: install_default (KEYCHAIN_NODE);
! 948: install_default (KEYCHAIN_KEY_NODE);
! 949:
! 950: install_element (CONFIG_NODE, &key_chain_cmd);
! 951: install_element (CONFIG_NODE, &no_key_chain_cmd);
! 952: install_element (KEYCHAIN_NODE, &key_cmd);
! 953: install_element (KEYCHAIN_NODE, &no_key_cmd);
! 954:
! 955: install_element (KEYCHAIN_NODE, &key_chain_cmd);
! 956: install_element (KEYCHAIN_NODE, &no_key_chain_cmd);
! 957:
! 958: install_element (KEYCHAIN_KEY_NODE, &key_string_cmd);
! 959: install_element (KEYCHAIN_KEY_NODE, &no_key_string_cmd);
! 960:
! 961: install_element (KEYCHAIN_KEY_NODE, &key_chain_cmd);
! 962: install_element (KEYCHAIN_KEY_NODE, &no_key_chain_cmd);
! 963:
! 964: install_element (KEYCHAIN_KEY_NODE, &key_cmd);
! 965: install_element (KEYCHAIN_KEY_NODE, &no_key_cmd);
! 966:
! 967: install_element (KEYCHAIN_KEY_NODE, &accept_lifetime_day_month_day_month_cmd);
! 968: install_element (KEYCHAIN_KEY_NODE, &accept_lifetime_day_month_month_day_cmd);
! 969: install_element (KEYCHAIN_KEY_NODE, &accept_lifetime_month_day_day_month_cmd);
! 970: install_element (KEYCHAIN_KEY_NODE, &accept_lifetime_month_day_month_day_cmd);
! 971: install_element (KEYCHAIN_KEY_NODE, &accept_lifetime_infinite_day_month_cmd);
! 972: install_element (KEYCHAIN_KEY_NODE, &accept_lifetime_infinite_month_day_cmd);
! 973: install_element (KEYCHAIN_KEY_NODE, &accept_lifetime_duration_day_month_cmd);
! 974: install_element (KEYCHAIN_KEY_NODE, &accept_lifetime_duration_month_day_cmd);
! 975:
! 976: install_element (KEYCHAIN_KEY_NODE, &send_lifetime_day_month_day_month_cmd);
! 977: install_element (KEYCHAIN_KEY_NODE, &send_lifetime_day_month_month_day_cmd);
! 978: install_element (KEYCHAIN_KEY_NODE, &send_lifetime_month_day_day_month_cmd);
! 979: install_element (KEYCHAIN_KEY_NODE, &send_lifetime_month_day_month_day_cmd);
! 980: install_element (KEYCHAIN_KEY_NODE, &send_lifetime_infinite_day_month_cmd);
! 981: install_element (KEYCHAIN_KEY_NODE, &send_lifetime_infinite_month_day_cmd);
! 982: install_element (KEYCHAIN_KEY_NODE, &send_lifetime_duration_day_month_cmd);
! 983: install_element (KEYCHAIN_KEY_NODE, &send_lifetime_duration_month_day_cmd);
! 984: }
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to keychain.c CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / quagga / lib