Line data Source code
1 : /* key-chain for authentication.
2 : Copyright (C) 2000 Kunihiro Ishiguro
3 :
4 : This file is part of GNU Zebra.
5 :
6 : GNU Zebra is free software; you can redistribute it and/or modify
7 : it under the terms of the GNU General Public License as published
8 : by the Free Software Foundation; either version 2, or (at your
9 : option) any later version.
10 :
11 : GNU Zebra is distributed in the hope that it will be useful, but
12 : WITHOUT ANY WARRANTY; without even the implied warranty of
13 : MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 : General Public License for more details.
15 :
16 : You should have received a copy of the GNU General Public License
17 : along with GNU Zebra; see the file COPYING. If not, write to the
18 : Free Software Foundation, Inc., 59 Temple Place - Suite 330,
19 : Boston, MA 02111-1307, USA. */
20 :
21 : #include <zebra.h>
22 :
23 : #include "command.h"
24 : #include "memory.h"
25 : #include "linklist.h"
26 : #include "keychain.h"
27 :
28 : /* Master list of key chain. */
29 : struct list *keychain_list;
30 :
31 : static struct keychain *
32 0 : keychain_new (void)
33 : {
34 0 : return XCALLOC (MTYPE_KEYCHAIN, sizeof (struct keychain));
35 : }
36 :
37 : static void
38 0 : keychain_free (struct keychain *keychain)
39 : {
40 0 : XFREE (MTYPE_KEYCHAIN, keychain);
41 0 : }
42 :
43 : static struct key *
44 0 : key_new (void)
45 : {
46 0 : return XCALLOC (MTYPE_KEY, sizeof (struct key));
47 : }
48 :
49 : static void
50 0 : key_free (struct key *key)
51 : {
52 0 : XFREE (MTYPE_KEY, key);
53 0 : }
54 :
55 : struct keychain *
56 0 : keychain_lookup (const char *name)
57 : {
58 : struct listnode *node;
59 : struct keychain *keychain;
60 :
61 0 : if (name == NULL)
62 0 : return NULL;
63 :
64 0 : for (ALL_LIST_ELEMENTS_RO (keychain_list, node, keychain))
65 : {
66 0 : if (strcmp (keychain->name, name) == 0)
67 0 : return keychain;
68 : }
69 0 : return NULL;
70 : }
71 :
72 : static int
73 0 : key_cmp_func (void *arg1, void *arg2)
74 : {
75 0 : const struct key *k1 = arg1;
76 0 : const struct key *k2 = arg2;
77 :
78 0 : if (k1->index > k2->index)
79 0 : return 1;
80 0 : if (k1->index < k2->index)
81 0 : return -1;
82 0 : return 0;
83 : }
84 :
85 : static void
86 0 : key_delete_func (struct key *key)
87 : {
88 0 : if (key->string)
89 0 : free (key->string);
90 0 : key_free (key);
91 0 : }
92 :
93 : static struct keychain *
94 0 : keychain_get (const char *name)
95 : {
96 : struct keychain *keychain;
97 :
98 0 : keychain = keychain_lookup (name);
99 :
100 0 : if (keychain)
101 0 : return keychain;
102 :
103 0 : keychain = keychain_new ();
104 0 : keychain->name = strdup (name);
105 0 : keychain->key = list_new ();
106 0 : keychain->key->cmp = (int (*)(void *, void *)) key_cmp_func;
107 0 : keychain->key->del = (void (*)(void *)) key_delete_func;
108 0 : listnode_add (keychain_list, keychain);
109 :
110 0 : return keychain;
111 : }
112 :
113 : static void
114 0 : keychain_delete (struct keychain *keychain)
115 : {
116 0 : if (keychain->name)
117 0 : free (keychain->name);
118 :
119 0 : list_delete (keychain->key);
120 0 : listnode_delete (keychain_list, keychain);
121 0 : keychain_free (keychain);
122 0 : }
123 :
124 : static struct key *
125 0 : key_lookup (const struct keychain *keychain, u_int32_t index)
126 : {
127 : struct listnode *node;
128 : struct key *key;
129 :
130 0 : for (ALL_LIST_ELEMENTS_RO (keychain->key, node, key))
131 : {
132 0 : if (key->index == index)
133 0 : return key;
134 : }
135 0 : return NULL;
136 : }
137 :
138 : struct key *
139 0 : key_lookup_for_accept (const struct keychain *keychain, u_int32_t index)
140 : {
141 : struct listnode *node;
142 : struct key *key;
143 : time_t now;
144 :
145 0 : now = time (NULL);
146 :
147 0 : for (ALL_LIST_ELEMENTS_RO (keychain->key, node, key))
148 : {
149 0 : if (key->index >= index)
150 : {
151 0 : if (key->accept.start == 0)
152 0 : return key;
153 :
154 0 : if (key->accept.start <= now)
155 0 : if (key->accept.end >= now || key->accept.end == -1)
156 0 : return key;
157 : }
158 : }
159 0 : return NULL;
160 : }
161 :
162 : struct key *
163 0 : key_match_for_accept (const struct keychain *keychain, const char *auth_str)
164 : {
165 : struct listnode *node;
166 : struct key *key;
167 : time_t now;
168 :
169 0 : now = time (NULL);
170 :
171 0 : for (ALL_LIST_ELEMENTS_RO (keychain->key, node, key))
172 : {
173 0 : if (key->accept.start == 0 ||
174 0 : (key->accept.start <= now &&
175 0 : (key->accept.end >= now || key->accept.end == -1)))
176 0 : if (strncmp (key->string, auth_str, 16) == 0)
177 0 : return key;
178 : }
179 0 : return NULL;
180 : }
181 :
182 : struct key *
183 0 : key_lookup_for_send (const struct keychain *keychain)
184 : {
185 : struct listnode *node;
186 : struct key *key;
187 : time_t now;
188 :
189 0 : now = time (NULL);
190 :
191 0 : for (ALL_LIST_ELEMENTS_RO (keychain->key, node, key))
192 : {
193 0 : if (key->send.start == 0)
194 0 : return key;
195 :
196 0 : if (key->send.start <= now)
197 0 : if (key->send.end >= now || key->send.end == -1)
198 0 : return key;
199 : }
200 0 : return NULL;
201 : }
202 :
203 : static struct key *
204 0 : key_get (const struct keychain *keychain, u_int32_t index)
205 : {
206 : struct key *key;
207 :
208 0 : key = key_lookup (keychain, index);
209 :
210 0 : if (key)
211 0 : return key;
212 :
213 0 : key = key_new ();
214 0 : key->index = index;
215 0 : listnode_add_sort (keychain->key, key);
216 :
217 0 : return key;
218 : }
219 :
220 : static void
221 0 : key_delete (struct keychain *keychain, struct key *key)
222 : {
223 0 : listnode_delete (keychain->key, key);
224 :
225 0 : if (key->string)
226 0 : free (key->string);
227 0 : key_free (key);
228 0 : }
229 : �
230 0 : DEFUN (key_chain,
231 : key_chain_cmd,
232 : "key chain WORD",
233 : "Authentication key management\n"
234 : "Key-chain management\n"
235 : "Key-chain name\n")
236 : {
237 : struct keychain *keychain;
238 :
239 0 : keychain = keychain_get (argv[0]);
240 0 : vty->index = keychain;
241 0 : vty->node = KEYCHAIN_NODE;
242 :
243 0 : return CMD_SUCCESS;
244 : }
245 :
246 0 : DEFUN (no_key_chain,
247 : no_key_chain_cmd,
248 : "no key chain WORD",
249 : NO_STR
250 : "Authentication key management\n"
251 : "Key-chain management\n"
252 : "Key-chain name\n")
253 : {
254 : struct keychain *keychain;
255 :
256 0 : keychain = keychain_lookup (argv[0]);
257 :
258 0 : if (! keychain)
259 : {
260 0 : vty_out (vty, "Can't find keychain %s%s", argv[0], VTY_NEWLINE);
261 0 : return CMD_WARNING;
262 : }
263 :
264 0 : keychain_delete (keychain);
265 :
266 0 : return CMD_SUCCESS;
267 : }
268 :
269 0 : DEFUN (key,
270 : key_cmd,
271 : "key <0-2147483647>",
272 : "Configure a key\n"
273 : "Key identifier number\n")
274 : {
275 : struct keychain *keychain;
276 : struct key *key;
277 : u_int32_t index;
278 :
279 0 : keychain = vty->index;
280 :
281 0 : VTY_GET_INTEGER ("key identifier", index, argv[0]);
282 0 : key = key_get (keychain, index);
283 0 : vty->index_sub = key;
284 0 : vty->node = KEYCHAIN_KEY_NODE;
285 :
286 0 : return CMD_SUCCESS;
287 : }
288 :
289 0 : DEFUN (no_key,
290 : no_key_cmd,
291 : "no key <0-2147483647>",
292 : NO_STR
293 : "Delete a key\n"
294 : "Key identifier number\n")
295 : {
296 : struct keychain *keychain;
297 : struct key *key;
298 : u_int32_t index;
299 :
300 0 : keychain = vty->index;
301 :
302 0 : VTY_GET_INTEGER ("key identifier", index, argv[0]);
303 0 : key = key_lookup (keychain, index);
304 0 : if (! key)
305 : {
306 0 : vty_out (vty, "Can't find key %d%s", index, VTY_NEWLINE);
307 0 : return CMD_WARNING;
308 : }
309 :
310 0 : key_delete (keychain, key);
311 :
312 0 : vty->node = KEYCHAIN_NODE;
313 :
314 0 : return CMD_SUCCESS;
315 : }
316 :
317 0 : DEFUN (key_string,
318 : key_string_cmd,
319 : "key-string LINE",
320 : "Set key string\n"
321 : "The key\n")
322 : {
323 : struct key *key;
324 :
325 0 : key = vty->index_sub;
326 :
327 0 : if (key->string)
328 0 : free (key->string);
329 0 : key->string = strdup (argv[0]);
330 :
331 0 : return CMD_SUCCESS;
332 : }
333 :
334 0 : DEFUN (no_key_string,
335 : no_key_string_cmd,
336 : "no key-string [LINE]",
337 : NO_STR
338 : "Unset key string\n"
339 : "The key\n")
340 : {
341 : struct key *key;
342 :
343 0 : key = vty->index_sub;
344 :
345 0 : if (key->string)
346 : {
347 0 : free (key->string);
348 0 : key->string = NULL;
349 : }
350 :
351 0 : return CMD_SUCCESS;
352 : }
353 :
354 : /* Convert HH:MM:SS MON DAY YEAR to time_t value. -1 is returned when
355 : given string is malformed. */
356 : static time_t
357 0 : key_str2time (const char *time_str, const char *day_str, const char *month_str,
358 : const char *year_str)
359 : {
360 0 : int i = 0;
361 : char *colon;
362 : struct tm tm;
363 : time_t time;
364 : unsigned int sec, min, hour;
365 : unsigned int day, month, year;
366 :
367 0 : const char *month_name[] =
368 : {
369 : "January",
370 : "February",
371 : "March",
372 : "April",
373 : "May",
374 : "June",
375 : "July",
376 : "August",
377 : "September",
378 : "October",
379 : "November",
380 : "December",
381 : NULL
382 : };
383 :
384 : #define GET_LONG_RANGE(V,STR,MIN,MAX) \
385 : { \
386 : unsigned long tmpl; \
387 : char *endptr = NULL; \
388 : tmpl = strtoul ((STR), &endptr, 10); \
389 : if (*endptr != '\0' || tmpl == ULONG_MAX) \
390 : return -1; \
391 : if ( tmpl < (MIN) || tmpl > (MAX)) \
392 : return -1; \
393 : (V) = tmpl; \
394 : }
395 :
396 : /* Check hour field of time_str. */
397 0 : colon = strchr (time_str, ':');
398 0 : if (colon == NULL)
399 0 : return -1;
400 0 : *colon = '\0';
401 :
402 : /* Hour must be between 0 and 23. */
403 0 : GET_LONG_RANGE (hour, time_str, 0, 23);
404 :
405 : /* Check min field of time_str. */
406 0 : time_str = colon + 1;
407 0 : colon = strchr (time_str, ':');
408 0 : if (*time_str == '\0' || colon == NULL)
409 0 : return -1;
410 0 : *colon = '\0';
411 :
412 : /* Min must be between 0 and 59. */
413 0 : GET_LONG_RANGE (min, time_str, 0, 59);
414 :
415 : /* Check sec field of time_str. */
416 0 : time_str = colon + 1;
417 0 : if (*time_str == '\0')
418 0 : return -1;
419 :
420 : /* Sec must be between 0 and 59. */
421 0 : GET_LONG_RANGE (sec, time_str, 0, 59);
422 :
423 : /* Check day_str. Day must be <1-31>. */
424 0 : GET_LONG_RANGE (day, day_str, 1, 31);
425 :
426 : /* Check month_str. Month must match month_name. */
427 0 : month = 0;
428 0 : if (strlen (month_str) >= 3)
429 0 : for (i = 0; month_name[i]; i++)
430 0 : if (strncmp (month_str, month_name[i], strlen (month_str)) == 0)
431 : {
432 0 : month = i;
433 0 : break;
434 : }
435 0 : if (! month_name[i])
436 0 : return -1;
437 :
438 : /* Check year_str. Year must be <1993-2035>. */
439 0 : GET_LONG_RANGE (year, year_str, 1993, 2035);
440 :
441 0 : memset (&tm, 0, sizeof (struct tm));
442 0 : tm.tm_sec = sec;
443 0 : tm.tm_min = min;
444 0 : tm.tm_hour = hour;
445 0 : tm.tm_mon = month;
446 0 : tm.tm_mday = day;
447 0 : tm.tm_year = year - 1900;
448 :
449 0 : time = mktime (&tm);
450 :
451 0 : return time;
452 : #undef GET_LONG_RANGE
453 : }
454 :
455 : static int
456 0 : key_lifetime_set (struct vty *vty, struct key_range *krange,
457 : const char *stime_str, const char *sday_str,
458 : const char *smonth_str, const char *syear_str,
459 : const char *etime_str, const char *eday_str,
460 : const char *emonth_str, const char *eyear_str)
461 : {
462 : time_t time_start;
463 : time_t time_end;
464 :
465 0 : time_start = key_str2time (stime_str, sday_str, smonth_str, syear_str);
466 0 : if (time_start < 0)
467 : {
468 0 : vty_out (vty, "Malformed time value%s", VTY_NEWLINE);
469 0 : return CMD_WARNING;
470 : }
471 0 : time_end = key_str2time (etime_str, eday_str, emonth_str, eyear_str);
472 :
473 0 : if (time_end < 0)
474 : {
475 0 : vty_out (vty, "Malformed time value%s", VTY_NEWLINE);
476 0 : return CMD_WARNING;
477 : }
478 :
479 0 : if (time_end <= time_start)
480 : {
481 0 : vty_out (vty, "Expire time is not later than start time%s", VTY_NEWLINE);
482 0 : return CMD_WARNING;
483 : }
484 :
485 0 : krange->start = time_start;
486 0 : krange->end = time_end;
487 :
488 0 : return CMD_SUCCESS;
489 : }
490 :
491 : static int
492 0 : key_lifetime_duration_set (struct vty *vty, struct key_range *krange,
493 : const char *stime_str, const char *sday_str,
494 : const char *smonth_str, const char *syear_str,
495 : const char *duration_str)
496 : {
497 : time_t time_start;
498 : u_int32_t duration;
499 :
500 0 : time_start = key_str2time (stime_str, sday_str, smonth_str, syear_str);
501 0 : if (time_start < 0)
502 : {
503 0 : vty_out (vty, "Malformed time value%s", VTY_NEWLINE);
504 0 : return CMD_WARNING;
505 : }
506 0 : krange->start = time_start;
507 :
508 0 : VTY_GET_INTEGER ("duration", duration, duration_str);
509 0 : krange->duration = 1;
510 0 : krange->end = time_start + duration;
511 :
512 0 : return CMD_SUCCESS;
513 : }
514 :
515 : static int
516 0 : key_lifetime_infinite_set (struct vty *vty, struct key_range *krange,
517 : const char *stime_str, const char *sday_str,
518 : const char *smonth_str, const char *syear_str)
519 : {
520 : time_t time_start;
521 :
522 0 : time_start = key_str2time (stime_str, sday_str, smonth_str, syear_str);
523 0 : if (time_start < 0)
524 : {
525 0 : vty_out (vty, "Malformed time value%s", VTY_NEWLINE);
526 0 : return CMD_WARNING;
527 : }
528 0 : krange->start = time_start;
529 :
530 0 : krange->end = -1;
531 :
532 0 : return CMD_SUCCESS;
533 : }
534 : �
535 0 : DEFUN (accept_lifetime_day_month_day_month,
536 : accept_lifetime_day_month_day_month_cmd,
537 : "accept-lifetime HH:MM:SS <1-31> MONTH <1993-2035> HH:MM:SS <1-31> MONTH <1993-2035>",
538 : "Set accept lifetime of the key\n"
539 : "Time to start\n"
540 : "Day of th month to start\n"
541 : "Month of the year to start\n"
542 : "Year to start\n"
543 : "Time to expire\n"
544 : "Day of th month to expire\n"
545 : "Month of the year to expire\n"
546 : "Year to expire\n")
547 : {
548 : struct key *key;
549 :
550 0 : key = vty->index_sub;
551 :
552 0 : return key_lifetime_set (vty, &key->accept, argv[0], argv[1], argv[2],
553 0 : argv[3], argv[4], argv[5], argv[6], argv[7]);
554 : }
555 :
556 0 : DEFUN (accept_lifetime_day_month_month_day,
557 : accept_lifetime_day_month_month_day_cmd,
558 : "accept-lifetime HH:MM:SS <1-31> MONTH <1993-2035> HH:MM:SS MONTH <1-31> <1993-2035>",
559 : "Set accept lifetime of the key\n"
560 : "Time to start\n"
561 : "Day of th month to start\n"
562 : "Month of the year to start\n"
563 : "Year to start\n"
564 : "Time to expire\n"
565 : "Month of the year to expire\n"
566 : "Day of th month to expire\n"
567 : "Year to expire\n")
568 : {
569 : struct key *key;
570 :
571 0 : key = vty->index_sub;
572 :
573 0 : return key_lifetime_set (vty, &key->accept, argv[0], argv[1], argv[2],
574 0 : argv[3], argv[4], argv[6], argv[5], argv[7]);
575 : }
576 :
577 0 : DEFUN (accept_lifetime_month_day_day_month,
578 : accept_lifetime_month_day_day_month_cmd,
579 : "accept-lifetime HH:MM:SS MONTH <1-31> <1993-2035> HH:MM:SS <1-31> MONTH <1993-2035>",
580 : "Set accept lifetime of the key\n"
581 : "Time to start\n"
582 : "Month of the year to start\n"
583 : "Day of th month to start\n"
584 : "Year to start\n"
585 : "Time to expire\n"
586 : "Day of th month to expire\n"
587 : "Month of the year to expire\n"
588 : "Year to expire\n")
589 : {
590 : struct key *key;
591 :
592 0 : key = vty->index_sub;
593 :
594 0 : return key_lifetime_set (vty, &key->accept, argv[0], argv[2], argv[1],
595 0 : argv[3], argv[4], argv[5], argv[6], argv[7]);
596 : }
597 :
598 0 : DEFUN (accept_lifetime_month_day_month_day,
599 : accept_lifetime_month_day_month_day_cmd,
600 : "accept-lifetime HH:MM:SS MONTH <1-31> <1993-2035> HH:MM:SS MONTH <1-31> <1993-2035>",
601 : "Set accept lifetime of the key\n"
602 : "Time to start\n"
603 : "Month of the year to start\n"
604 : "Day of th month to start\n"
605 : "Year to start\n"
606 : "Time to expire\n"
607 : "Month of the year to expire\n"
608 : "Day of th month to expire\n"
609 : "Year to expire\n")
610 : {
611 : struct key *key;
612 :
613 0 : key = vty->index_sub;
614 :
615 0 : return key_lifetime_set (vty, &key->accept, argv[0], argv[2], argv[1],
616 0 : argv[3], argv[4], argv[6], argv[5], argv[7]);
617 : }
618 :
619 0 : DEFUN (accept_lifetime_infinite_day_month,
620 : accept_lifetime_infinite_day_month_cmd,
621 : "accept-lifetime HH:MM:SS <1-31> MONTH <1993-2035> infinite",
622 : "Set accept lifetime of the key\n"
623 : "Time to start\n"
624 : "Day of th month to start\n"
625 : "Month of the year to start\n"
626 : "Year to start\n"
627 : "Never expires")
628 : {
629 : struct key *key;
630 :
631 0 : key = vty->index_sub;
632 :
633 0 : return key_lifetime_infinite_set (vty, &key->accept, argv[0], argv[1],
634 0 : argv[2], argv[3]);
635 : }
636 :
637 0 : DEFUN (accept_lifetime_infinite_month_day,
638 : accept_lifetime_infinite_month_day_cmd,
639 : "accept-lifetime HH:MM:SS MONTH <1-31> <1993-2035> infinite",
640 : "Set accept lifetime of the key\n"
641 : "Time to start\n"
642 : "Month of the year to start\n"
643 : "Day of th month to start\n"
644 : "Year to start\n"
645 : "Never expires")
646 : {
647 : struct key *key;
648 :
649 0 : key = vty->index_sub;
650 :
651 0 : return key_lifetime_infinite_set (vty, &key->accept, argv[0], argv[2],
652 0 : argv[1], argv[3]);
653 : }
654 :
655 0 : DEFUN (accept_lifetime_duration_day_month,
656 : accept_lifetime_duration_day_month_cmd,
657 : "accept-lifetime HH:MM:SS <1-31> MONTH <1993-2035> duration <1-2147483646>",
658 : "Set accept lifetime of the key\n"
659 : "Time to start\n"
660 : "Day of th month to start\n"
661 : "Month of the year to start\n"
662 : "Year to start\n"
663 : "Duration of the key\n"
664 : "Duration seconds\n")
665 : {
666 : struct key *key;
667 :
668 0 : key = vty->index_sub;
669 :
670 0 : return key_lifetime_duration_set (vty, &key->accept, argv[0], argv[1],
671 0 : argv[2], argv[3], argv[4]);
672 : }
673 :
674 0 : DEFUN (accept_lifetime_duration_month_day,
675 : accept_lifetime_duration_month_day_cmd,
676 : "accept-lifetime HH:MM:SS MONTH <1-31> <1993-2035> duration <1-2147483646>",
677 : "Set accept lifetime of the key\n"
678 : "Time to start\n"
679 : "Month of the year to start\n"
680 : "Day of th month to start\n"
681 : "Year to start\n"
682 : "Duration of the key\n"
683 : "Duration seconds\n")
684 : {
685 : struct key *key;
686 :
687 0 : key = vty->index_sub;
688 :
689 0 : return key_lifetime_duration_set (vty, &key->accept, argv[0], argv[2],
690 0 : argv[1], argv[3], argv[4]);
691 : }
692 : �
693 0 : DEFUN (send_lifetime_day_month_day_month,
694 : send_lifetime_day_month_day_month_cmd,
695 : "send-lifetime HH:MM:SS <1-31> MONTH <1993-2035> HH:MM:SS <1-31> MONTH <1993-2035>",
696 : "Set send lifetime of the key\n"
697 : "Time to start\n"
698 : "Day of th month to start\n"
699 : "Month of the year to start\n"
700 : "Year to start\n"
701 : "Time to expire\n"
702 : "Day of th month to expire\n"
703 : "Month of the year to expire\n"
704 : "Year to expire\n")
705 : {
706 : struct key *key;
707 :
708 0 : key = vty->index_sub;
709 :
710 0 : return key_lifetime_set (vty, &key->send, argv[0], argv[1], argv[2], argv[3],
711 0 : argv[4], argv[5], argv[6], argv[7]);
712 : }
713 :
714 0 : DEFUN (send_lifetime_day_month_month_day,
715 : send_lifetime_day_month_month_day_cmd,
716 : "send-lifetime HH:MM:SS <1-31> MONTH <1993-2035> HH:MM:SS MONTH <1-31> <1993-2035>",
717 : "Set send lifetime of the key\n"
718 : "Time to start\n"
719 : "Day of th month to start\n"
720 : "Month of the year to start\n"
721 : "Year to start\n"
722 : "Time to expire\n"
723 : "Month of the year to expire\n"
724 : "Day of th month to expire\n"
725 : "Year to expire\n")
726 : {
727 : struct key *key;
728 :
729 0 : key = vty->index_sub;
730 :
731 0 : return key_lifetime_set (vty, &key->send, argv[0], argv[1], argv[2], argv[3],
732 0 : argv[4], argv[6], argv[5], argv[7]);
733 : }
734 :
735 0 : DEFUN (send_lifetime_month_day_day_month,
736 : send_lifetime_month_day_day_month_cmd,
737 : "send-lifetime HH:MM:SS MONTH <1-31> <1993-2035> HH:MM:SS <1-31> MONTH <1993-2035>",
738 : "Set send lifetime of the key\n"
739 : "Time to start\n"
740 : "Month of the year to start\n"
741 : "Day of th month to start\n"
742 : "Year to start\n"
743 : "Time to expire\n"
744 : "Day of th month to expire\n"
745 : "Month of the year to expire\n"
746 : "Year to expire\n")
747 : {
748 : struct key *key;
749 :
750 0 : key = vty->index_sub;
751 :
752 0 : return key_lifetime_set (vty, &key->send, argv[0], argv[2], argv[1], argv[3],
753 0 : argv[4], argv[5], argv[6], argv[7]);
754 : }
755 :
756 0 : DEFUN (send_lifetime_month_day_month_day,
757 : send_lifetime_month_day_month_day_cmd,
758 : "send-lifetime HH:MM:SS MONTH <1-31> <1993-2035> HH:MM:SS MONTH <1-31> <1993-2035>",
759 : "Set send lifetime of the key\n"
760 : "Time to start\n"
761 : "Month of the year to start\n"
762 : "Day of th month to start\n"
763 : "Year to start\n"
764 : "Time to expire\n"
765 : "Month of the year to expire\n"
766 : "Day of th month to expire\n"
767 : "Year to expire\n")
768 : {
769 : struct key *key;
770 :
771 0 : key = vty->index_sub;
772 :
773 0 : return key_lifetime_set (vty, &key->send, argv[0], argv[2], argv[1], argv[3],
774 0 : argv[4], argv[6], argv[5], argv[7]);
775 : }
776 :
777 0 : DEFUN (send_lifetime_infinite_day_month,
778 : send_lifetime_infinite_day_month_cmd,
779 : "send-lifetime HH:MM:SS <1-31> MONTH <1993-2035> infinite",
780 : "Set send lifetime of the key\n"
781 : "Time to start\n"
782 : "Day of th month to start\n"
783 : "Month of the year to start\n"
784 : "Year to start\n"
785 : "Never expires")
786 : {
787 : struct key *key;
788 :
789 0 : key = vty->index_sub;
790 :
791 0 : return key_lifetime_infinite_set (vty, &key->send, argv[0], argv[1], argv[2],
792 0 : argv[3]);
793 : }
794 :
795 0 : DEFUN (send_lifetime_infinite_month_day,
796 : send_lifetime_infinite_month_day_cmd,
797 : "send-lifetime HH:MM:SS MONTH <1-31> <1993-2035> infinite",
798 : "Set send lifetime of the key\n"
799 : "Time to start\n"
800 : "Month of the year to start\n"
801 : "Day of th month to start\n"
802 : "Year to start\n"
803 : "Never expires")
804 : {
805 : struct key *key;
806 :
807 0 : key = vty->index_sub;
808 :
809 0 : return key_lifetime_infinite_set (vty, &key->send, argv[0], argv[2], argv[1],
810 0 : argv[3]);
811 : }
812 :
813 0 : DEFUN (send_lifetime_duration_day_month,
814 : send_lifetime_duration_day_month_cmd,
815 : "send-lifetime HH:MM:SS <1-31> MONTH <1993-2035> duration <1-2147483646>",
816 : "Set send lifetime of the key\n"
817 : "Time to start\n"
818 : "Day of th month to start\n"
819 : "Month of the year to start\n"
820 : "Year to start\n"
821 : "Duration of the key\n"
822 : "Duration seconds\n")
823 : {
824 : struct key *key;
825 :
826 0 : key = vty->index_sub;
827 :
828 0 : return key_lifetime_duration_set (vty, &key->send, argv[0], argv[1], argv[2],
829 0 : argv[3], argv[4]);
830 : }
831 :
832 0 : DEFUN (send_lifetime_duration_month_day,
833 : send_lifetime_duration_month_day_cmd,
834 : "send-lifetime HH:MM:SS MONTH <1-31> <1993-2035> duration <1-2147483646>",
835 : "Set send lifetime of the key\n"
836 : "Time to start\n"
837 : "Month of the year to start\n"
838 : "Day of th month to start\n"
839 : "Year to start\n"
840 : "Duration of the key\n"
841 : "Duration seconds\n")
842 : {
843 : struct key *key;
844 :
845 0 : key = vty->index_sub;
846 :
847 0 : return key_lifetime_duration_set (vty, &key->send, argv[0], argv[2], argv[1],
848 0 : argv[3], argv[4]);
849 : }
850 : �
851 : static struct cmd_node keychain_node =
852 : {
853 : KEYCHAIN_NODE,
854 : "%s(config-keychain)# ",
855 : 1
856 : };
857 :
858 : static struct cmd_node keychain_key_node =
859 : {
860 : KEYCHAIN_KEY_NODE,
861 : "%s(config-keychain-key)# ",
862 : 1
863 : };
864 :
865 : static int
866 0 : keychain_strftime (char *buf, int bufsiz, time_t *time)
867 : {
868 : struct tm *tm;
869 : size_t len;
870 :
871 0 : tm = localtime (time);
872 :
873 0 : len = strftime (buf, bufsiz, "%T %b %d %Y", tm);
874 :
875 0 : return len;
876 : }
877 :
878 : static int
879 0 : keychain_config_write (struct vty *vty)
880 : {
881 : struct keychain *keychain;
882 : struct key *key;
883 : struct listnode *node;
884 : struct listnode *knode;
885 : char buf[BUFSIZ];
886 :
887 0 : for (ALL_LIST_ELEMENTS_RO (keychain_list, node, keychain))
888 : {
889 0 : vty_out (vty, "key chain %s%s", keychain->name, VTY_NEWLINE);
890 :
891 0 : for (ALL_LIST_ELEMENTS_RO (keychain->key, knode, key))
892 : {
893 0 : vty_out (vty, " key %d%s", key->index, VTY_NEWLINE);
894 :
895 0 : if (key->string)
896 0 : vty_out (vty, " key-string %s%s", key->string, VTY_NEWLINE);
897 :
898 0 : if (key->accept.start)
899 : {
900 0 : keychain_strftime (buf, BUFSIZ, &key->accept.start);
901 0 : vty_out (vty, " accept-lifetime %s", buf);
902 :
903 0 : if (key->accept.end == -1)
904 0 : vty_out (vty, " infinite");
905 0 : else if (key->accept.duration)
906 0 : vty_out (vty, " duration %ld",
907 0 : (long)(key->accept.end - key->accept.start));
908 : else
909 : {
910 0 : keychain_strftime (buf, BUFSIZ, &key->accept.end);
911 0 : vty_out (vty, " %s", buf);
912 : }
913 0 : vty_out (vty, "%s", VTY_NEWLINE);
914 : }
915 :
916 0 : if (key->send.start)
917 : {
918 0 : keychain_strftime (buf, BUFSIZ, &key->send.start);
919 0 : vty_out (vty, " send-lifetime %s", buf);
920 :
921 0 : if (key->send.end == -1)
922 0 : vty_out (vty, " infinite");
923 0 : else if (key->send.duration)
924 0 : vty_out (vty, " duration %ld", (long)(key->send.end - key->send.start));
925 : else
926 : {
927 0 : keychain_strftime (buf, BUFSIZ, &key->send.end);
928 0 : vty_out (vty, " %s", buf);
929 : }
930 0 : vty_out (vty, "%s", VTY_NEWLINE);
931 : }
932 : }
933 0 : vty_out (vty, "!%s", VTY_NEWLINE);
934 : }
935 :
936 0 : return 0;
937 : }
938 :
939 : void
940 0 : keychain_init ()
941 : {
942 0 : keychain_list = list_new ();
943 :
944 0 : install_node (&keychain_node, keychain_config_write);
945 0 : install_node (&keychain_key_node, NULL);
946 :
947 0 : install_default (KEYCHAIN_NODE);
948 0 : install_default (KEYCHAIN_KEY_NODE);
949 :
950 0 : install_element (CONFIG_NODE, &key_chain_cmd);
951 0 : install_element (CONFIG_NODE, &no_key_chain_cmd);
952 0 : install_element (KEYCHAIN_NODE, &key_cmd);
953 0 : install_element (KEYCHAIN_NODE, &no_key_cmd);
954 :
955 0 : install_element (KEYCHAIN_NODE, &key_chain_cmd);
956 0 : install_element (KEYCHAIN_NODE, &no_key_chain_cmd);
957 :
958 0 : install_element (KEYCHAIN_KEY_NODE, &key_string_cmd);
959 0 : install_element (KEYCHAIN_KEY_NODE, &no_key_string_cmd);
960 :
961 0 : install_element (KEYCHAIN_KEY_NODE, &key_chain_cmd);
962 0 : install_element (KEYCHAIN_KEY_NODE, &no_key_chain_cmd);
963 :
964 0 : install_element (KEYCHAIN_KEY_NODE, &key_cmd);
965 0 : install_element (KEYCHAIN_KEY_NODE, &no_key_cmd);
966 :
967 0 : install_element (KEYCHAIN_KEY_NODE, &accept_lifetime_day_month_day_month_cmd);
968 0 : install_element (KEYCHAIN_KEY_NODE, &accept_lifetime_day_month_month_day_cmd);
969 0 : install_element (KEYCHAIN_KEY_NODE, &accept_lifetime_month_day_day_month_cmd);
970 0 : install_element (KEYCHAIN_KEY_NODE, &accept_lifetime_month_day_month_day_cmd);
971 0 : install_element (KEYCHAIN_KEY_NODE, &accept_lifetime_infinite_day_month_cmd);
972 0 : install_element (KEYCHAIN_KEY_NODE, &accept_lifetime_infinite_month_day_cmd);
973 0 : install_element (KEYCHAIN_KEY_NODE, &accept_lifetime_duration_day_month_cmd);
974 0 : install_element (KEYCHAIN_KEY_NODE, &accept_lifetime_duration_month_day_cmd);
975 :
976 0 : install_element (KEYCHAIN_KEY_NODE, &send_lifetime_day_month_day_month_cmd);
977 0 : install_element (KEYCHAIN_KEY_NODE, &send_lifetime_day_month_month_day_cmd);
978 0 : install_element (KEYCHAIN_KEY_NODE, &send_lifetime_month_day_day_month_cmd);
979 0 : install_element (KEYCHAIN_KEY_NODE, &send_lifetime_month_day_month_day_cmd);
980 0 : install_element (KEYCHAIN_KEY_NODE, &send_lifetime_infinite_day_month_cmd);
981 0 : install_element (KEYCHAIN_KEY_NODE, &send_lifetime_infinite_month_day_cmd);
982 0 : install_element (KEYCHAIN_KEY_NODE, &send_lifetime_duration_day_month_cmd);
983 0 : install_element (KEYCHAIN_KEY_NODE, &send_lifetime_duration_month_day_cmd);
984 0 : }
|
