1: /* key-chain for authentication.
2: Copyright (C) 2000 Kunihiro Ishiguro
3:
4: This file is part of GNU Zebra.
5:
6: GNU Zebra is free software; you can redistribute it and/or modify
7: it under the terms of the GNU General Public License as published
8: by the Free Software Foundation; either version 2, or (at your
9: option) any later version.
10:
11: GNU Zebra is distributed in the hope that it will be useful, but
12: WITHOUT ANY WARRANTY; without even the implied warranty of
13: MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14: General Public License for more details.
15:
16: You should have received a copy of the GNU General Public License
17: along with GNU Zebra; see the file COPYING. If not, write to the
18: Free Software Foundation, Inc., 59 Temple Place - Suite 330,
19: Boston, MA 02111-1307, USA. */
20:
21: #include <zebra.h>
22:
23: #include "command.h"
24: #include "memory.h"
25: #include "linklist.h"
26: #include "keychain.h"
27:
28: /* Master list of key chain. */
29: struct list *keychain_list;
30:
31: static struct keychain *
32: keychain_new (void)
33: {
34: return XCALLOC (MTYPE_KEYCHAIN, sizeof (struct keychain));
35: }
36:
37: static void
38: keychain_free (struct keychain *keychain)
39: {
40: XFREE (MTYPE_KEYCHAIN, keychain);
41: }
42:
43: static struct key *
44: key_new (void)
45: {
46: return XCALLOC (MTYPE_KEY, sizeof (struct key));
47: }
48:
49: static void
50: key_free (struct key *key)
51: {
52: XFREE (MTYPE_KEY, key);
53: }
54:
55: struct keychain *
56: keychain_lookup (const char *name)
57: {
58: struct listnode *node;
59: struct keychain *keychain;
60:
61: if (name == NULL)
62: return NULL;
63:
64: for (ALL_LIST_ELEMENTS_RO (keychain_list, node, keychain))
65: {
66: if (strcmp (keychain->name, name) == 0)
67: return keychain;
68: }
69: return NULL;
70: }
71:
72: static int
73: key_cmp_func (void *arg1, void *arg2)
74: {
75: const struct key *k1 = arg1;
76: const struct key *k2 = arg2;
77:
78: if (k1->index > k2->index)
79: return 1;
80: if (k1->index < k2->index)
81: return -1;
82: return 0;
83: }
84:
85: static void
86: key_delete_func (struct key *key)
87: {
88: if (key->string)
89: free (key->string);
90: key_free (key);
91: }
92:
93: static struct keychain *
94: keychain_get (const char *name)
95: {
96: struct keychain *keychain;
97:
98: keychain = keychain_lookup (name);
99:
100: if (keychain)
101: return keychain;
102:
103: keychain = keychain_new ();
104: keychain->name = strdup (name);
105: keychain->key = list_new ();
106: keychain->key->cmp = (int (*)(void *, void *)) key_cmp_func;
107: keychain->key->del = (void (*)(void *)) key_delete_func;
108: listnode_add (keychain_list, keychain);
109:
110: return keychain;
111: }
112:
113: static void
114: keychain_delete (struct keychain *keychain)
115: {
116: if (keychain->name)
117: free (keychain->name);
118:
119: list_delete (keychain->key);
120: listnode_delete (keychain_list, keychain);
121: keychain_free (keychain);
122: }
123:
124: static struct key *
125: key_lookup (const struct keychain *keychain, u_int32_t index)
126: {
127: struct listnode *node;
128: struct key *key;
129:
130: for (ALL_LIST_ELEMENTS_RO (keychain->key, node, key))
131: {
132: if (key->index == index)
133: return key;
134: }
135: return NULL;
136: }
137:
138: struct key *
139: key_lookup_for_accept (const struct keychain *keychain, u_int32_t index)
140: {
141: struct listnode *node;
142: struct key *key;
143: time_t now;
144:
145: now = time (NULL);
146:
147: for (ALL_LIST_ELEMENTS_RO (keychain->key, node, key))
148: {
149: if (key->index >= index)
150: {
151: if (key->accept.start == 0)
152: return key;
153:
154: if (key->accept.start <= now)
155: if (key->accept.end >= now || key->accept.end == -1)
156: return key;
157: }
158: }
159: return NULL;
160: }
161:
162: struct key *
163: key_match_for_accept (const struct keychain *keychain, const char *auth_str)
164: {
165: struct listnode *node;
166: struct key *key;
167: time_t now;
168:
169: now = time (NULL);
170:
171: for (ALL_LIST_ELEMENTS_RO (keychain->key, node, key))
172: {
173: if (key->accept.start == 0 ||
174: (key->accept.start <= now &&
175: (key->accept.end >= now || key->accept.end == -1)))
176: if (strncmp (key->string, auth_str, 16) == 0)
177: return key;
178: }
179: return NULL;
180: }
181:
182: struct key *
183: key_lookup_for_send (const struct keychain *keychain)
184: {
185: struct listnode *node;
186: struct key *key;
187: time_t now;
188:
189: now = time (NULL);
190:
191: for (ALL_LIST_ELEMENTS_RO (keychain->key, node, key))
192: {
193: if (key->send.start == 0)
194: return key;
195:
196: if (key->send.start <= now)
197: if (key->send.end >= now || key->send.end == -1)
198: return key;
199: }
200: return NULL;
201: }
202:
203: static struct key *
204: key_get (const struct keychain *keychain, u_int32_t index)
205: {
206: struct key *key;
207:
208: key = key_lookup (keychain, index);
209:
210: if (key)
211: return key;
212:
213: key = key_new ();
214: key->index = index;
215: listnode_add_sort (keychain->key, key);
216:
217: return key;
218: }
219:
220: static void
221: key_delete (struct keychain *keychain, struct key *key)
222: {
223: listnode_delete (keychain->key, key);
224:
225: if (key->string)
226: free (key->string);
227: key_free (key);
228: }
229: �
230: DEFUN (key_chain,
231: key_chain_cmd,
232: "key chain WORD",
233: "Authentication key management\n"
234: "Key-chain management\n"
235: "Key-chain name\n")
236: {
237: struct keychain *keychain;
238:
239: keychain = keychain_get (argv[0]);
240: vty->index = keychain;
241: vty->node = KEYCHAIN_NODE;
242:
243: return CMD_SUCCESS;
244: }
245:
246: DEFUN (no_key_chain,
247: no_key_chain_cmd,
248: "no key chain WORD",
249: NO_STR
250: "Authentication key management\n"
251: "Key-chain management\n"
252: "Key-chain name\n")
253: {
254: struct keychain *keychain;
255:
256: keychain = keychain_lookup (argv[0]);
257:
258: if (! keychain)
259: {
260: vty_out (vty, "Can't find keychain %s%s", argv[0], VTY_NEWLINE);
261: return CMD_WARNING;
262: }
263:
264: keychain_delete (keychain);
265:
266: return CMD_SUCCESS;
267: }
268:
269: DEFUN (key,
270: key_cmd,
271: "key <0-2147483647>",
272: "Configure a key\n"
273: "Key identifier number\n")
274: {
275: struct keychain *keychain;
276: struct key *key;
277: u_int32_t index;
278:
279: keychain = vty->index;
280:
281: VTY_GET_INTEGER ("key identifier", index, argv[0]);
282: key = key_get (keychain, index);
283: vty->index_sub = key;
284: vty->node = KEYCHAIN_KEY_NODE;
285:
286: return CMD_SUCCESS;
287: }
288:
289: DEFUN (no_key,
290: no_key_cmd,
291: "no key <0-2147483647>",
292: NO_STR
293: "Delete a key\n"
294: "Key identifier number\n")
295: {
296: struct keychain *keychain;
297: struct key *key;
298: u_int32_t index;
299:
300: keychain = vty->index;
301:
302: VTY_GET_INTEGER ("key identifier", index, argv[0]);
303: key = key_lookup (keychain, index);
304: if (! key)
305: {
306: vty_out (vty, "Can't find key %d%s", index, VTY_NEWLINE);
307: return CMD_WARNING;
308: }
309:
310: key_delete (keychain, key);
311:
312: vty->node = KEYCHAIN_NODE;
313:
314: return CMD_SUCCESS;
315: }
316:
317: DEFUN (key_string,
318: key_string_cmd,
319: "key-string LINE",
320: "Set key string\n"
321: "The key\n")
322: {
323: struct key *key;
324:
325: key = vty->index_sub;
326:
327: if (key->string)
328: free (key->string);
329: key->string = strdup (argv[0]);
330:
331: return CMD_SUCCESS;
332: }
333:
334: DEFUN (no_key_string,
335: no_key_string_cmd,
336: "no key-string [LINE]",
337: NO_STR
338: "Unset key string\n"
339: "The key\n")
340: {
341: struct key *key;
342:
343: key = vty->index_sub;
344:
345: if (key->string)
346: {
347: free (key->string);
348: key->string = NULL;
349: }
350:
351: return CMD_SUCCESS;
352: }
353:
354: /* Convert HH:MM:SS MON DAY YEAR to time_t value. -1 is returned when
355: given string is malformed. */
356: static time_t
357: key_str2time (const char *time_str, const char *day_str, const char *month_str,
358: const char *year_str)
359: {
360: int i = 0;
361: char *colon;
362: struct tm tm;
363: time_t time;
364: unsigned int sec, min, hour;
365: unsigned int day, month, year;
366:
367: const char *month_name[] =
368: {
369: "January",
370: "February",
371: "March",
372: "April",
373: "May",
374: "June",
375: "July",
376: "August",
377: "September",
378: "October",
379: "November",
380: "December",
381: NULL
382: };
383:
384: #define GET_LONG_RANGE(V,STR,MIN,MAX) \
385: { \
386: unsigned long tmpl; \
387: char *endptr = NULL; \
388: tmpl = strtoul ((STR), &endptr, 10); \
389: if (*endptr != '\0' || tmpl == ULONG_MAX) \
390: return -1; \
391: if ( tmpl < (MIN) || tmpl > (MAX)) \
392: return -1; \
393: (V) = tmpl; \
394: }
395:
396: /* Check hour field of time_str. */
397: colon = strchr (time_str, ':');
398: if (colon == NULL)
399: return -1;
400: *colon = '\0';
401:
402: /* Hour must be between 0 and 23. */
403: GET_LONG_RANGE (hour, time_str, 0, 23);
404:
405: /* Check min field of time_str. */
406: time_str = colon + 1;
407: colon = strchr (time_str, ':');
408: if (*time_str == '\0' || colon == NULL)
409: return -1;
410: *colon = '\0';
411:
412: /* Min must be between 0 and 59. */
413: GET_LONG_RANGE (min, time_str, 0, 59);
414:
415: /* Check sec field of time_str. */
416: time_str = colon + 1;
417: if (*time_str == '\0')
418: return -1;
419:
420: /* Sec must be between 0 and 59. */
421: GET_LONG_RANGE (sec, time_str, 0, 59);
422:
423: /* Check day_str. Day must be <1-31>. */
424: GET_LONG_RANGE (day, day_str, 1, 31);
425:
426: /* Check month_str. Month must match month_name. */
427: month = 0;
428: if (strlen (month_str) >= 3)
429: for (i = 0; month_name[i]; i++)
430: if (strncmp (month_str, month_name[i], strlen (month_str)) == 0)
431: {
432: month = i;
433: break;
434: }
435: if (! month_name[i])
436: return -1;
437:
438: /* Check year_str. Year must be <1993-2035>. */
439: GET_LONG_RANGE (year, year_str, 1993, 2035);
440:
441: memset (&tm, 0, sizeof (struct tm));
442: tm.tm_sec = sec;
443: tm.tm_min = min;
444: tm.tm_hour = hour;
445: tm.tm_mon = month;
446: tm.tm_mday = day;
447: tm.tm_year = year - 1900;
448:
449: time = mktime (&tm);
450:
451: return time;
452: #undef GET_LONG_RANGE
453: }
454:
455: static int
456: key_lifetime_set (struct vty *vty, struct key_range *krange,
457: const char *stime_str, const char *sday_str,
458: const char *smonth_str, const char *syear_str,
459: const char *etime_str, const char *eday_str,
460: const char *emonth_str, const char *eyear_str)
461: {
462: time_t time_start;
463: time_t time_end;
464:
465: time_start = key_str2time (stime_str, sday_str, smonth_str, syear_str);
466: if (time_start < 0)
467: {
468: vty_out (vty, "Malformed time value%s", VTY_NEWLINE);
469: return CMD_WARNING;
470: }
471: time_end = key_str2time (etime_str, eday_str, emonth_str, eyear_str);
472:
473: if (time_end < 0)
474: {
475: vty_out (vty, "Malformed time value%s", VTY_NEWLINE);
476: return CMD_WARNING;
477: }
478:
479: if (time_end <= time_start)
480: {
481: vty_out (vty, "Expire time is not later than start time%s", VTY_NEWLINE);
482: return CMD_WARNING;
483: }
484:
485: krange->start = time_start;
486: krange->end = time_end;
487:
488: return CMD_SUCCESS;
489: }
490:
491: static int
492: key_lifetime_duration_set (struct vty *vty, struct key_range *krange,
493: const char *stime_str, const char *sday_str,
494: const char *smonth_str, const char *syear_str,
495: const char *duration_str)
496: {
497: time_t time_start;
498: u_int32_t duration;
499:
500: time_start = key_str2time (stime_str, sday_str, smonth_str, syear_str);
501: if (time_start < 0)
502: {
503: vty_out (vty, "Malformed time value%s", VTY_NEWLINE);
504: return CMD_WARNING;
505: }
506: krange->start = time_start;
507:
508: VTY_GET_INTEGER ("duration", duration, duration_str);
509: krange->duration = 1;
510: krange->end = time_start + duration;
511:
512: return CMD_SUCCESS;
513: }
514:
515: static int
516: key_lifetime_infinite_set (struct vty *vty, struct key_range *krange,
517: const char *stime_str, const char *sday_str,
518: const char *smonth_str, const char *syear_str)
519: {
520: time_t time_start;
521:
522: time_start = key_str2time (stime_str, sday_str, smonth_str, syear_str);
523: if (time_start < 0)
524: {
525: vty_out (vty, "Malformed time value%s", VTY_NEWLINE);
526: return CMD_WARNING;
527: }
528: krange->start = time_start;
529:
530: krange->end = -1;
531:
532: return CMD_SUCCESS;
533: }
534: �
535: DEFUN (accept_lifetime_day_month_day_month,
536: accept_lifetime_day_month_day_month_cmd,
537: "accept-lifetime HH:MM:SS <1-31> MONTH <1993-2035> HH:MM:SS <1-31> MONTH <1993-2035>",
538: "Set accept lifetime of the key\n"
539: "Time to start\n"
540: "Day of th month to start\n"
541: "Month of the year to start\n"
542: "Year to start\n"
543: "Time to expire\n"
544: "Day of th month to expire\n"
545: "Month of the year to expire\n"
546: "Year to expire\n")
547: {
548: struct key *key;
549:
550: key = vty->index_sub;
551:
552: return key_lifetime_set (vty, &key->accept, argv[0], argv[1], argv[2],
553: argv[3], argv[4], argv[5], argv[6], argv[7]);
554: }
555:
556: DEFUN (accept_lifetime_day_month_month_day,
557: accept_lifetime_day_month_month_day_cmd,
558: "accept-lifetime HH:MM:SS <1-31> MONTH <1993-2035> HH:MM:SS MONTH <1-31> <1993-2035>",
559: "Set accept lifetime of the key\n"
560: "Time to start\n"
561: "Day of th month to start\n"
562: "Month of the year to start\n"
563: "Year to start\n"
564: "Time to expire\n"
565: "Month of the year to expire\n"
566: "Day of th month to expire\n"
567: "Year to expire\n")
568: {
569: struct key *key;
570:
571: key = vty->index_sub;
572:
573: return key_lifetime_set (vty, &key->accept, argv[0], argv[1], argv[2],
574: argv[3], argv[4], argv[6], argv[5], argv[7]);
575: }
576:
577: DEFUN (accept_lifetime_month_day_day_month,
578: accept_lifetime_month_day_day_month_cmd,
579: "accept-lifetime HH:MM:SS MONTH <1-31> <1993-2035> HH:MM:SS <1-31> MONTH <1993-2035>",
580: "Set accept lifetime of the key\n"
581: "Time to start\n"
582: "Month of the year to start\n"
583: "Day of th month to start\n"
584: "Year to start\n"
585: "Time to expire\n"
586: "Day of th month to expire\n"
587: "Month of the year to expire\n"
588: "Year to expire\n")
589: {
590: struct key *key;
591:
592: key = vty->index_sub;
593:
594: return key_lifetime_set (vty, &key->accept, argv[0], argv[2], argv[1],
595: argv[3], argv[4], argv[5], argv[6], argv[7]);
596: }
597:
598: DEFUN (accept_lifetime_month_day_month_day,
599: accept_lifetime_month_day_month_day_cmd,
600: "accept-lifetime HH:MM:SS MONTH <1-31> <1993-2035> HH:MM:SS MONTH <1-31> <1993-2035>",
601: "Set accept lifetime of the key\n"
602: "Time to start\n"
603: "Month of the year to start\n"
604: "Day of th month to start\n"
605: "Year to start\n"
606: "Time to expire\n"
607: "Month of the year to expire\n"
608: "Day of th month to expire\n"
609: "Year to expire\n")
610: {
611: struct key *key;
612:
613: key = vty->index_sub;
614:
615: return key_lifetime_set (vty, &key->accept, argv[0], argv[2], argv[1],
616: argv[3], argv[4], argv[6], argv[5], argv[7]);
617: }
618:
619: DEFUN (accept_lifetime_infinite_day_month,
620: accept_lifetime_infinite_day_month_cmd,
621: "accept-lifetime HH:MM:SS <1-31> MONTH <1993-2035> infinite",
622: "Set accept lifetime of the key\n"
623: "Time to start\n"
624: "Day of th month to start\n"
625: "Month of the year to start\n"
626: "Year to start\n"
627: "Never expires")
628: {
629: struct key *key;
630:
631: key = vty->index_sub;
632:
633: return key_lifetime_infinite_set (vty, &key->accept, argv[0], argv[1],
634: argv[2], argv[3]);
635: }
636:
637: DEFUN (accept_lifetime_infinite_month_day,
638: accept_lifetime_infinite_month_day_cmd,
639: "accept-lifetime HH:MM:SS MONTH <1-31> <1993-2035> infinite",
640: "Set accept lifetime of the key\n"
641: "Time to start\n"
642: "Month of the year to start\n"
643: "Day of th month to start\n"
644: "Year to start\n"
645: "Never expires")
646: {
647: struct key *key;
648:
649: key = vty->index_sub;
650:
651: return key_lifetime_infinite_set (vty, &key->accept, argv[0], argv[2],
652: argv[1], argv[3]);
653: }
654:
655: DEFUN (accept_lifetime_duration_day_month,
656: accept_lifetime_duration_day_month_cmd,
657: "accept-lifetime HH:MM:SS <1-31> MONTH <1993-2035> duration <1-2147483646>",
658: "Set accept lifetime of the key\n"
659: "Time to start\n"
660: "Day of th month to start\n"
661: "Month of the year to start\n"
662: "Year to start\n"
663: "Duration of the key\n"
664: "Duration seconds\n")
665: {
666: struct key *key;
667:
668: key = vty->index_sub;
669:
670: return key_lifetime_duration_set (vty, &key->accept, argv[0], argv[1],
671: argv[2], argv[3], argv[4]);
672: }
673:
674: DEFUN (accept_lifetime_duration_month_day,
675: accept_lifetime_duration_month_day_cmd,
676: "accept-lifetime HH:MM:SS MONTH <1-31> <1993-2035> duration <1-2147483646>",
677: "Set accept lifetime of the key\n"
678: "Time to start\n"
679: "Month of the year to start\n"
680: "Day of th month to start\n"
681: "Year to start\n"
682: "Duration of the key\n"
683: "Duration seconds\n")
684: {
685: struct key *key;
686:
687: key = vty->index_sub;
688:
689: return key_lifetime_duration_set (vty, &key->accept, argv[0], argv[2],
690: argv[1], argv[3], argv[4]);
691: }
692: �
693: DEFUN (send_lifetime_day_month_day_month,
694: send_lifetime_day_month_day_month_cmd,
695: "send-lifetime HH:MM:SS <1-31> MONTH <1993-2035> HH:MM:SS <1-31> MONTH <1993-2035>",
696: "Set send lifetime of the key\n"
697: "Time to start\n"
698: "Day of th month to start\n"
699: "Month of the year to start\n"
700: "Year to start\n"
701: "Time to expire\n"
702: "Day of th month to expire\n"
703: "Month of the year to expire\n"
704: "Year to expire\n")
705: {
706: struct key *key;
707:
708: key = vty->index_sub;
709:
710: return key_lifetime_set (vty, &key->send, argv[0], argv[1], argv[2], argv[3],
711: argv[4], argv[5], argv[6], argv[7]);
712: }
713:
714: DEFUN (send_lifetime_day_month_month_day,
715: send_lifetime_day_month_month_day_cmd,
716: "send-lifetime HH:MM:SS <1-31> MONTH <1993-2035> HH:MM:SS MONTH <1-31> <1993-2035>",
717: "Set send lifetime of the key\n"
718: "Time to start\n"
719: "Day of th month to start\n"
720: "Month of the year to start\n"
721: "Year to start\n"
722: "Time to expire\n"
723: "Month of the year to expire\n"
724: "Day of th month to expire\n"
725: "Year to expire\n")
726: {
727: struct key *key;
728:
729: key = vty->index_sub;
730:
731: return key_lifetime_set (vty, &key->send, argv[0], argv[1], argv[2], argv[3],
732: argv[4], argv[6], argv[5], argv[7]);
733: }
734:
735: DEFUN (send_lifetime_month_day_day_month,
736: send_lifetime_month_day_day_month_cmd,
737: "send-lifetime HH:MM:SS MONTH <1-31> <1993-2035> HH:MM:SS <1-31> MONTH <1993-2035>",
738: "Set send lifetime of the key\n"
739: "Time to start\n"
740: "Month of the year to start\n"
741: "Day of th month to start\n"
742: "Year to start\n"
743: "Time to expire\n"
744: "Day of th month to expire\n"
745: "Month of the year to expire\n"
746: "Year to expire\n")
747: {
748: struct key *key;
749:
750: key = vty->index_sub;
751:
752: return key_lifetime_set (vty, &key->send, argv[0], argv[2], argv[1], argv[3],
753: argv[4], argv[5], argv[6], argv[7]);
754: }
755:
756: DEFUN (send_lifetime_month_day_month_day,
757: send_lifetime_month_day_month_day_cmd,
758: "send-lifetime HH:MM:SS MONTH <1-31> <1993-2035> HH:MM:SS MONTH <1-31> <1993-2035>",
759: "Set send lifetime of the key\n"
760: "Time to start\n"
761: "Month of the year to start\n"
762: "Day of th month to start\n"
763: "Year to start\n"
764: "Time to expire\n"
765: "Month of the year to expire\n"
766: "Day of th month to expire\n"
767: "Year to expire\n")
768: {
769: struct key *key;
770:
771: key = vty->index_sub;
772:
773: return key_lifetime_set (vty, &key->send, argv[0], argv[2], argv[1], argv[3],
774: argv[4], argv[6], argv[5], argv[7]);
775: }
776:
777: DEFUN (send_lifetime_infinite_day_month,
778: send_lifetime_infinite_day_month_cmd,
779: "send-lifetime HH:MM:SS <1-31> MONTH <1993-2035> infinite",
780: "Set send lifetime of the key\n"
781: "Time to start\n"
782: "Day of th month to start\n"
783: "Month of the year to start\n"
784: "Year to start\n"
785: "Never expires")
786: {
787: struct key *key;
788:
789: key = vty->index_sub;
790:
791: return key_lifetime_infinite_set (vty, &key->send, argv[0], argv[1], argv[2],
792: argv[3]);
793: }
794:
795: DEFUN (send_lifetime_infinite_month_day,
796: send_lifetime_infinite_month_day_cmd,
797: "send-lifetime HH:MM:SS MONTH <1-31> <1993-2035> infinite",
798: "Set send lifetime of the key\n"
799: "Time to start\n"
800: "Month of the year to start\n"
801: "Day of th month to start\n"
802: "Year to start\n"
803: "Never expires")
804: {
805: struct key *key;
806:
807: key = vty->index_sub;
808:
809: return key_lifetime_infinite_set (vty, &key->send, argv[0], argv[2], argv[1],
810: argv[3]);
811: }
812:
813: DEFUN (send_lifetime_duration_day_month,
814: send_lifetime_duration_day_month_cmd,
815: "send-lifetime HH:MM:SS <1-31> MONTH <1993-2035> duration <1-2147483646>",
816: "Set send lifetime of the key\n"
817: "Time to start\n"
818: "Day of th month to start\n"
819: "Month of the year to start\n"
820: "Year to start\n"
821: "Duration of the key\n"
822: "Duration seconds\n")
823: {
824: struct key *key;
825:
826: key = vty->index_sub;
827:
828: return key_lifetime_duration_set (vty, &key->send, argv[0], argv[1], argv[2],
829: argv[3], argv[4]);
830: }
831:
832: DEFUN (send_lifetime_duration_month_day,
833: send_lifetime_duration_month_day_cmd,
834: "send-lifetime HH:MM:SS MONTH <1-31> <1993-2035> duration <1-2147483646>",
835: "Set send lifetime of the key\n"
836: "Time to start\n"
837: "Month of the year to start\n"
838: "Day of th month to start\n"
839: "Year to start\n"
840: "Duration of the key\n"
841: "Duration seconds\n")
842: {
843: struct key *key;
844:
845: key = vty->index_sub;
846:
847: return key_lifetime_duration_set (vty, &key->send, argv[0], argv[2], argv[1],
848: argv[3], argv[4]);
849: }
850: �
851: static struct cmd_node keychain_node =
852: {
853: KEYCHAIN_NODE,
854: "%s(config-keychain)# ",
855: 1
856: };
857:
858: static struct cmd_node keychain_key_node =
859: {
860: KEYCHAIN_KEY_NODE,
861: "%s(config-keychain-key)# ",
862: 1
863: };
864:
865: static int
866: keychain_strftime (char *buf, int bufsiz, time_t *time)
867: {
868: struct tm *tm;
869: size_t len;
870:
871: tm = localtime (time);
872:
873: len = strftime (buf, bufsiz, "%T %b %d %Y", tm);
874:
875: return len;
876: }
877:
878: static int
879: keychain_config_write (struct vty *vty)
880: {
881: struct keychain *keychain;
882: struct key *key;
883: struct listnode *node;
884: struct listnode *knode;
885: char buf[BUFSIZ];
886:
887: for (ALL_LIST_ELEMENTS_RO (keychain_list, node, keychain))
888: {
889: vty_out (vty, "key chain %s%s", keychain->name, VTY_NEWLINE);
890:
891: for (ALL_LIST_ELEMENTS_RO (keychain->key, knode, key))
892: {
893: vty_out (vty, " key %d%s", key->index, VTY_NEWLINE);
894:
895: if (key->string)
896: vty_out (vty, " key-string %s%s", key->string, VTY_NEWLINE);
897:
898: if (key->accept.start)
899: {
900: keychain_strftime (buf, BUFSIZ, &key->accept.start);
901: vty_out (vty, " accept-lifetime %s", buf);
902:
903: if (key->accept.end == -1)
904: vty_out (vty, " infinite");
905: else if (key->accept.duration)
906: vty_out (vty, " duration %ld",
907: (long)(key->accept.end - key->accept.start));
908: else
909: {
910: keychain_strftime (buf, BUFSIZ, &key->accept.end);
911: vty_out (vty, " %s", buf);
912: }
913: vty_out (vty, "%s", VTY_NEWLINE);
914: }
915:
916: if (key->send.start)
917: {
918: keychain_strftime (buf, BUFSIZ, &key->send.start);
919: vty_out (vty, " send-lifetime %s", buf);
920:
921: if (key->send.end == -1)
922: vty_out (vty, " infinite");
923: else if (key->send.duration)
924: vty_out (vty, " duration %ld", (long)(key->send.end - key->send.start));
925: else
926: {
927: keychain_strftime (buf, BUFSIZ, &key->send.end);
928: vty_out (vty, " %s", buf);
929: }
930: vty_out (vty, "%s", VTY_NEWLINE);
931: }
932: }
933: vty_out (vty, "!%s", VTY_NEWLINE);
934: }
935:
936: return 0;
937: }
938:
939: void
940: keychain_init ()
941: {
942: keychain_list = list_new ();
943:
944: install_node (&keychain_node, keychain_config_write);
945: install_node (&keychain_key_node, NULL);
946:
947: install_default (KEYCHAIN_NODE);
948: install_default (KEYCHAIN_KEY_NODE);
949:
950: install_element (CONFIG_NODE, &key_chain_cmd);
951: install_element (CONFIG_NODE, &no_key_chain_cmd);
952: install_element (KEYCHAIN_NODE, &key_cmd);
953: install_element (KEYCHAIN_NODE, &no_key_cmd);
954:
955: install_element (KEYCHAIN_NODE, &key_chain_cmd);
956: install_element (KEYCHAIN_NODE, &no_key_chain_cmd);
957:
958: install_element (KEYCHAIN_KEY_NODE, &key_string_cmd);
959: install_element (KEYCHAIN_KEY_NODE, &no_key_string_cmd);
960:
961: install_element (KEYCHAIN_KEY_NODE, &key_chain_cmd);
962: install_element (KEYCHAIN_KEY_NODE, &no_key_chain_cmd);
963:
964: install_element (KEYCHAIN_KEY_NODE, &key_cmd);
965: install_element (KEYCHAIN_KEY_NODE, &no_key_cmd);
966:
967: install_element (KEYCHAIN_KEY_NODE, &accept_lifetime_day_month_day_month_cmd);
968: install_element (KEYCHAIN_KEY_NODE, &accept_lifetime_day_month_month_day_cmd);
969: install_element (KEYCHAIN_KEY_NODE, &accept_lifetime_month_day_day_month_cmd);
970: install_element (KEYCHAIN_KEY_NODE, &accept_lifetime_month_day_month_day_cmd);
971: install_element (KEYCHAIN_KEY_NODE, &accept_lifetime_infinite_day_month_cmd);
972: install_element (KEYCHAIN_KEY_NODE, &accept_lifetime_infinite_month_day_cmd);
973: install_element (KEYCHAIN_KEY_NODE, &accept_lifetime_duration_day_month_cmd);
974: install_element (KEYCHAIN_KEY_NODE, &accept_lifetime_duration_month_day_cmd);
975:
976: install_element (KEYCHAIN_KEY_NODE, &send_lifetime_day_month_day_month_cmd);
977: install_element (KEYCHAIN_KEY_NODE, &send_lifetime_day_month_month_day_cmd);
978: install_element (KEYCHAIN_KEY_NODE, &send_lifetime_month_day_day_month_cmd);
979: install_element (KEYCHAIN_KEY_NODE, &send_lifetime_month_day_month_day_cmd);
980: install_element (KEYCHAIN_KEY_NODE, &send_lifetime_infinite_day_month_cmd);
981: install_element (KEYCHAIN_KEY_NODE, &send_lifetime_infinite_month_day_cmd);
982: install_element (KEYCHAIN_KEY_NODE, &send_lifetime_duration_day_month_cmd);
983: install_element (KEYCHAIN_KEY_NODE, &send_lifetime_duration_month_day_cmd);
984: }
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to keychain.c CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / quagga / lib