blob: 10928b11d67a61767a2f64addc0a1792d11c8c2c [file] [log] [blame]
paul718e3742002-12-13 20:15:29 +00001/* key-chain for authentication.
2 Copyright (C) 2000 Kunihiro Ishiguro
3
4This file is part of GNU Zebra.
5
6GNU Zebra is free software; you can redistribute it and/or modify
7it under the terms of the GNU General Public License as published
8by the Free Software Foundation; either version 2, or (at your
9option) any later version.
10
11GNU Zebra is distributed in the hope that it will be useful, but
12WITHOUT ANY WARRANTY; without even the implied warranty of
13MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14General Public License for more details.
15
16You should have received a copy of the GNU General Public License
17along with GNU Zebra; see the file COPYING. If not, write to the
18Free Software Foundation, Inc., 59 Temple Place - Suite 330,
19Boston, MA 02111-1307, USA. */
20
21#include <zebra.h>
22
23#include "command.h"
24#include "memory.h"
25#include "linklist.h"
26#include "keychain.h"
27
28/* Master list of key chain. */
29struct list *keychain_list;
30
paul8cc41982005-05-06 21:25:49 +000031static struct keychain *
32keychain_new (void)
paul718e3742002-12-13 20:15:29 +000033{
34 struct keychain *new;
35 new = XMALLOC (MTYPE_KEYCHAIN, sizeof (struct keychain));
36 memset (new, 0, sizeof (struct keychain));
37 return new;
38}
39
paul8cc41982005-05-06 21:25:49 +000040static void
paul718e3742002-12-13 20:15:29 +000041keychain_free (struct keychain *keychain)
42{
43 XFREE (MTYPE_KEYCHAIN, keychain);
44}
45
paul8cc41982005-05-06 21:25:49 +000046static struct key *
47key_new (void)
paul718e3742002-12-13 20:15:29 +000048{
49 struct key *new;
50 new = XMALLOC (MTYPE_KEY, sizeof (struct key));
51 memset (new, 0, sizeof (struct key));
52 return new;
53}
54
paul8cc41982005-05-06 21:25:49 +000055static void
paul718e3742002-12-13 20:15:29 +000056key_free (struct key *key)
57{
58 XFREE (MTYPE_KEY, key);
59}
60
61struct keychain *
hasso8c328f12004-10-05 21:01:23 +000062keychain_lookup (const char *name)
paul718e3742002-12-13 20:15:29 +000063{
paul1eb8ef22005-04-07 07:30:20 +000064 struct listnode *node;
paul718e3742002-12-13 20:15:29 +000065 struct keychain *keychain;
66
67 if (name == NULL)
68 return NULL;
69
paul1eb8ef22005-04-07 07:30:20 +000070 for (ALL_LIST_ELEMENTS_RO (keychain_list, node, keychain))
paul718e3742002-12-13 20:15:29 +000071 {
72 if (strcmp (keychain->name, name) == 0)
73 return keychain;
74 }
75 return NULL;
76}
77
paul8cc41982005-05-06 21:25:49 +000078static int
79key_cmp_func (void *arg1, void *arg2)
paul718e3742002-12-13 20:15:29 +000080{
paul8cc41982005-05-06 21:25:49 +000081 const struct key *k1 = arg1;
82 const struct key *k2 = arg2;
83
paul718e3742002-12-13 20:15:29 +000084 if (k1->index > k2->index)
85 return 1;
86 if (k1->index < k2->index)
87 return -1;
88 return 0;
89}
90
paul8cc41982005-05-06 21:25:49 +000091static void
paul718e3742002-12-13 20:15:29 +000092key_delete_func (struct key *key)
93{
94 if (key->string)
95 free (key->string);
96 key_free (key);
97}
98
paul8cc41982005-05-06 21:25:49 +000099static struct keychain *
hasso8c328f12004-10-05 21:01:23 +0000100keychain_get (const char *name)
paul718e3742002-12-13 20:15:29 +0000101{
102 struct keychain *keychain;
103
104 keychain = keychain_lookup (name);
105
106 if (keychain)
107 return keychain;
108
109 keychain = keychain_new ();
110 keychain->name = strdup (name);
111 keychain->key = list_new ();
112 keychain->key->cmp = (int (*)(void *, void *)) key_cmp_func;
113 keychain->key->del = (void (*)(void *)) key_delete_func;
114 listnode_add (keychain_list, keychain);
115
116 return keychain;
117}
118
paul8cc41982005-05-06 21:25:49 +0000119static void
paul718e3742002-12-13 20:15:29 +0000120keychain_delete (struct keychain *keychain)
121{
122 if (keychain->name)
123 free (keychain->name);
124
125 list_delete (keychain->key);
126 listnode_delete (keychain_list, keychain);
127 keychain_free (keychain);
128}
129
paul8cc41982005-05-06 21:25:49 +0000130static struct key *
hasso8c328f12004-10-05 21:01:23 +0000131key_lookup (const struct keychain *keychain, u_int32_t index)
paul718e3742002-12-13 20:15:29 +0000132{
paul1eb8ef22005-04-07 07:30:20 +0000133 struct listnode *node;
paul718e3742002-12-13 20:15:29 +0000134 struct key *key;
135
paul1eb8ef22005-04-07 07:30:20 +0000136 for (ALL_LIST_ELEMENTS_RO (keychain->key, node, key))
paul718e3742002-12-13 20:15:29 +0000137 {
138 if (key->index == index)
139 return key;
140 }
141 return NULL;
142}
143
144struct key *
hasso8c328f12004-10-05 21:01:23 +0000145key_lookup_for_accept (const struct keychain *keychain, u_int32_t index)
paul718e3742002-12-13 20:15:29 +0000146{
paul1eb8ef22005-04-07 07:30:20 +0000147 struct listnode *node;
paul718e3742002-12-13 20:15:29 +0000148 struct key *key;
149 time_t now;
150
151 now = time (NULL);
152
paul1eb8ef22005-04-07 07:30:20 +0000153 for (ALL_LIST_ELEMENTS_RO (keychain->key, node, key))
paul718e3742002-12-13 20:15:29 +0000154 {
155 if (key->index >= index)
156 {
157 if (key->accept.start == 0)
158 return key;
159
160 if (key->accept.start <= now)
161 if (key->accept.end >= now || key->accept.end == -1)
162 return key;
163 }
164 }
165 return NULL;
166}
167
168struct key *
hasso8c328f12004-10-05 21:01:23 +0000169key_match_for_accept (const struct keychain *keychain, const char *auth_str)
paul718e3742002-12-13 20:15:29 +0000170{
paul1eb8ef22005-04-07 07:30:20 +0000171 struct listnode *node;
paul718e3742002-12-13 20:15:29 +0000172 struct key *key;
173 time_t now;
174
175 now = time (NULL);
176
paul1eb8ef22005-04-07 07:30:20 +0000177 for (ALL_LIST_ELEMENTS_RO (keychain->key, node, key))
paul718e3742002-12-13 20:15:29 +0000178 {
179 if (key->accept.start == 0 ||
180 (key->accept.start <= now &&
181 (key->accept.end >= now || key->accept.end == -1)))
182 if (strncmp (key->string, auth_str, 16) == 0)
183 return key;
184 }
185 return NULL;
186}
187
188struct key *
hasso8c328f12004-10-05 21:01:23 +0000189key_lookup_for_send (const struct keychain *keychain)
paul718e3742002-12-13 20:15:29 +0000190{
paul1eb8ef22005-04-07 07:30:20 +0000191 struct listnode *node;
paul718e3742002-12-13 20:15:29 +0000192 struct key *key;
193 time_t now;
194
195 now = time (NULL);
196
paul1eb8ef22005-04-07 07:30:20 +0000197 for (ALL_LIST_ELEMENTS_RO (keychain->key, node, key))
paul718e3742002-12-13 20:15:29 +0000198 {
199 if (key->send.start == 0)
200 return key;
201
202 if (key->send.start <= now)
203 if (key->send.end >= now || key->send.end == -1)
204 return key;
205 }
206 return NULL;
207}
208
paul8cc41982005-05-06 21:25:49 +0000209static struct key *
hasso8c328f12004-10-05 21:01:23 +0000210key_get (const struct keychain *keychain, u_int32_t index)
paul718e3742002-12-13 20:15:29 +0000211{
212 struct key *key;
213
214 key = key_lookup (keychain, index);
215
216 if (key)
217 return key;
218
219 key = key_new ();
220 key->index = index;
221 listnode_add_sort (keychain->key, key);
222
223 return key;
224}
225
paul8cc41982005-05-06 21:25:49 +0000226static void
paul718e3742002-12-13 20:15:29 +0000227key_delete (struct keychain *keychain, struct key *key)
228{
229 listnode_delete (keychain->key, key);
230
231 if (key->string)
232 free (key->string);
233 key_free (key);
234}
235
236DEFUN (key_chain,
237 key_chain_cmd,
238 "key chain WORD",
239 "Authentication key management\n"
240 "Key-chain management\n"
241 "Key-chain name\n")
242{
243 struct keychain *keychain;
244
245 keychain = keychain_get (argv[0]);
246 vty->index = keychain;
247 vty->node = KEYCHAIN_NODE;
248
249 return CMD_SUCCESS;
250}
251
252DEFUN (no_key_chain,
253 no_key_chain_cmd,
254 "no key chain WORD",
255 NO_STR
256 "Authentication key management\n"
257 "Key-chain management\n"
258 "Key-chain name\n")
259{
260 struct keychain *keychain;
261
262 keychain = keychain_lookup (argv[0]);
263
264 if (! keychain)
265 {
266 vty_out (vty, "Can't find keychain %s%s", argv[0], VTY_NEWLINE);
267 return CMD_WARNING;
268 }
269
270 keychain_delete (keychain);
271
272 return CMD_SUCCESS;
273}
274
275DEFUN (key,
276 key_cmd,
277 "key <0-2147483647>",
278 "Configure a key\n"
279 "Key identifier number\n")
280{
281 struct keychain *keychain;
282 struct key *key;
283 u_int32_t index;
paul718e3742002-12-13 20:15:29 +0000284
285 keychain = vty->index;
286
paul66cbbce2004-10-31 16:15:33 +0000287 VTY_GET_INTEGER ("key identifier", index, argv[0]);
paul718e3742002-12-13 20:15:29 +0000288 key = key_get (keychain, index);
289 vty->index_sub = key;
290 vty->node = KEYCHAIN_KEY_NODE;
291
292 return CMD_SUCCESS;
293}
294
295DEFUN (no_key,
296 no_key_cmd,
297 "no key <0-2147483647>",
298 NO_STR
299 "Delete a key\n"
300 "Key identifier number\n")
301{
302 struct keychain *keychain;
303 struct key *key;
304 u_int32_t index;
paul718e3742002-12-13 20:15:29 +0000305
306 keychain = vty->index;
307
paul66cbbce2004-10-31 16:15:33 +0000308 VTY_GET_INTEGER ("key identifier", index, argv[0]);
paul718e3742002-12-13 20:15:29 +0000309 key = key_lookup (keychain, index);
310 if (! key)
311 {
312 vty_out (vty, "Can't find key %d%s", index, VTY_NEWLINE);
313 return CMD_WARNING;
314 }
315
316 key_delete (keychain, key);
317
318 vty->node = KEYCHAIN_NODE;
319
320 return CMD_SUCCESS;
321}
322
323DEFUN (key_string,
324 key_string_cmd,
325 "key-string LINE",
326 "Set key string\n"
327 "The key\n")
328{
329 struct key *key;
330
331 key = vty->index_sub;
332
333 if (key->string)
334 free (key->string);
335 key->string = strdup (argv[0]);
336
337 return CMD_SUCCESS;
338}
339
340DEFUN (no_key_string,
341 no_key_string_cmd,
342 "no key-string [LINE]",
343 NO_STR
344 "Unset key string\n"
345 "The key\n")
346{
347 struct key *key;
348
349 key = vty->index_sub;
350
351 if (key->string)
352 {
353 free (key->string);
354 key->string = NULL;
355 }
356
357 return CMD_SUCCESS;
358}
359
360/* Convert HH:MM:SS MON DAY YEAR to time_t value. -1 is returned when
361 given string is malformed. */
paul8cc41982005-05-06 21:25:49 +0000362static time_t
hasso8c328f12004-10-05 21:01:23 +0000363key_str2time (const char *time_str, const char *day_str, const char *month_str,
364 const char *year_str)
paul718e3742002-12-13 20:15:29 +0000365{
366 int i = 0;
367 char *colon;
368 struct tm tm;
369 time_t time;
hasso8c328f12004-10-05 21:01:23 +0000370 unsigned int sec, min, hour;
371 unsigned int day, month, year;
paul718e3742002-12-13 20:15:29 +0000372
hasso8c328f12004-10-05 21:01:23 +0000373 const char *month_name[] =
paul718e3742002-12-13 20:15:29 +0000374 {
375 "January",
376 "February",
377 "March",
378 "April",
379 "May",
380 "June",
381 "July",
382 "August",
383 "September",
384 "October",
385 "November",
386 "December",
387 NULL
388 };
389
paul8cc41982005-05-06 21:25:49 +0000390#define GET_LONG_RANGE(V,STR,MIN,MAX) \
391{ \
392 unsigned long tmpl; \
393 char *endptr = NULL; \
394 tmpl = strtoul ((STR), &endptr, 10); \
395 if (*endptr != '\0' || tmpl == ULONG_MAX) \
396 return -1; \
397 if ( tmpl < (MIN) || tmpl > (MAX)) \
398 return -1; \
399 (V) = tmpl; \
400}
401
paul718e3742002-12-13 20:15:29 +0000402 /* Check hour field of time_str. */
403 colon = strchr (time_str, ':');
404 if (colon == NULL)
405 return -1;
406 *colon = '\0';
407
408 /* Hour must be between 0 and 23. */
paul8cc41982005-05-06 21:25:49 +0000409 GET_LONG_RANGE (hour, time_str, 0, 23);
paul718e3742002-12-13 20:15:29 +0000410
411 /* Check min field of time_str. */
412 time_str = colon + 1;
413 colon = strchr (time_str, ':');
414 if (*time_str == '\0' || colon == NULL)
415 return -1;
416 *colon = '\0';
417
418 /* Min must be between 0 and 59. */
paul8cc41982005-05-06 21:25:49 +0000419 GET_LONG_RANGE (min, time_str, 0, 59);
paul718e3742002-12-13 20:15:29 +0000420
421 /* Check sec field of time_str. */
422 time_str = colon + 1;
423 if (*time_str == '\0')
424 return -1;
425
426 /* Sec must be between 0 and 59. */
paul8cc41982005-05-06 21:25:49 +0000427 GET_LONG_RANGE (sec, time_str, 0, 59);
paul718e3742002-12-13 20:15:29 +0000428
429 /* Check day_str. Day must be <1-31>. */
paul8cc41982005-05-06 21:25:49 +0000430 GET_LONG_RANGE (day, day_str, 1, 31);
paul718e3742002-12-13 20:15:29 +0000431
432 /* Check month_str. Month must match month_name. */
433 month = 0;
434 if (strlen (month_str) >= 3)
435 for (i = 0; month_name[i]; i++)
436 if (strncmp (month_str, month_name[i], strlen (month_str)) == 0)
437 {
438 month = i;
439 break;
440 }
441 if (! month_name[i])
442 return -1;
443
444 /* Check year_str. Year must be <1993-2035>. */
paul8cc41982005-05-06 21:25:49 +0000445 GET_LONG_RANGE (year, year_str, 1993, 2035);
paul718e3742002-12-13 20:15:29 +0000446
447 memset (&tm, 0, sizeof (struct tm));
448 tm.tm_sec = sec;
449 tm.tm_min = min;
450 tm.tm_hour = hour;
451 tm.tm_mon = month;
452 tm.tm_mday = day;
453 tm.tm_year = year - 1900;
454
455 time = mktime (&tm);
paul66cbbce2004-10-31 16:15:33 +0000456
paul718e3742002-12-13 20:15:29 +0000457 return time;
paul8cc41982005-05-06 21:25:49 +0000458#undef GET_LONG_RANGE
paul718e3742002-12-13 20:15:29 +0000459}
460
paul8cc41982005-05-06 21:25:49 +0000461static int
hasso8c328f12004-10-05 21:01:23 +0000462key_lifetime_set (struct vty *vty, struct key_range *krange,
463 const char *stime_str, const char *sday_str,
464 const char *smonth_str, const char *syear_str,
465 const char *etime_str, const char *eday_str,
466 const char *emonth_str, const char *eyear_str)
paul718e3742002-12-13 20:15:29 +0000467{
468 time_t time_start;
469 time_t time_end;
paul66cbbce2004-10-31 16:15:33 +0000470
paul718e3742002-12-13 20:15:29 +0000471 time_start = key_str2time (stime_str, sday_str, smonth_str, syear_str);
472 if (time_start < 0)
473 {
474 vty_out (vty, "Malformed time value%s", VTY_NEWLINE);
475 return CMD_WARNING;
476 }
477 time_end = key_str2time (etime_str, eday_str, emonth_str, eyear_str);
478
479 if (time_end < 0)
480 {
481 vty_out (vty, "Malformed time value%s", VTY_NEWLINE);
482 return CMD_WARNING;
483 }
484
485 if (time_end <= time_start)
486 {
487 vty_out (vty, "Expire time is not later than start time%s", VTY_NEWLINE);
488 return CMD_WARNING;
489 }
490
491 krange->start = time_start;
492 krange->end = time_end;
493
494 return CMD_SUCCESS;
495}
496
paul8cc41982005-05-06 21:25:49 +0000497static int
paul718e3742002-12-13 20:15:29 +0000498key_lifetime_duration_set (struct vty *vty, struct key_range *krange,
hasso8c328f12004-10-05 21:01:23 +0000499 const char *stime_str, const char *sday_str,
500 const char *smonth_str, const char *syear_str,
501 const char *duration_str)
paul718e3742002-12-13 20:15:29 +0000502{
503 time_t time_start;
504 u_int32_t duration;
paul718e3742002-12-13 20:15:29 +0000505
506 time_start = key_str2time (stime_str, sday_str, smonth_str, syear_str);
507 if (time_start < 0)
508 {
509 vty_out (vty, "Malformed time value%s", VTY_NEWLINE);
510 return CMD_WARNING;
511 }
512 krange->start = time_start;
513
paul66cbbce2004-10-31 16:15:33 +0000514 VTY_GET_INTEGER ("duration", duration, duration_str);
paul718e3742002-12-13 20:15:29 +0000515 krange->duration = 1;
516 krange->end = time_start + duration;
517
518 return CMD_SUCCESS;
519}
520
paul8cc41982005-05-06 21:25:49 +0000521static int
paul718e3742002-12-13 20:15:29 +0000522key_lifetime_infinite_set (struct vty *vty, struct key_range *krange,
hasso8c328f12004-10-05 21:01:23 +0000523 const char *stime_str, const char *sday_str,
524 const char *smonth_str, const char *syear_str)
paul718e3742002-12-13 20:15:29 +0000525{
526 time_t time_start;
527
528 time_start = key_str2time (stime_str, sday_str, smonth_str, syear_str);
529 if (time_start < 0)
530 {
531 vty_out (vty, "Malformed time value%s", VTY_NEWLINE);
532 return CMD_WARNING;
533 }
534 krange->start = time_start;
535
536 krange->end = -1;
537
538 return CMD_SUCCESS;
539}
540
541DEFUN (accept_lifetime_day_month_day_month,
542 accept_lifetime_day_month_day_month_cmd,
543 "accept-lifetime HH:MM:SS <1-31> MONTH <1993-2035> HH:MM:SS <1-31> MONTH <1993-2035>",
544 "Set accept lifetime of the key\n"
545 "Time to start\n"
546 "Day of th month to start\n"
547 "Month of the year to start\n"
548 "Year to start\n"
549 "Time to expire\n"
550 "Day of th month to expire\n"
551 "Month of the year to expire\n"
552 "Year to expire\n")
553{
554 struct key *key;
555
556 key = vty->index_sub;
557
558 return key_lifetime_set (vty, &key->accept, argv[0], argv[1], argv[2],
559 argv[3], argv[4], argv[5], argv[6], argv[7]);
560}
561
562DEFUN (accept_lifetime_day_month_month_day,
563 accept_lifetime_day_month_month_day_cmd,
564 "accept-lifetime HH:MM:SS <1-31> MONTH <1993-2035> HH:MM:SS MONTH <1-31> <1993-2035>",
565 "Set accept lifetime of the key\n"
566 "Time to start\n"
567 "Day of th month to start\n"
568 "Month of the year to start\n"
569 "Year to start\n"
570 "Time to expire\n"
571 "Month of the year to expire\n"
572 "Day of th month to expire\n"
573 "Year to expire\n")
574{
575 struct key *key;
576
577 key = vty->index_sub;
578
579 return key_lifetime_set (vty, &key->accept, argv[0], argv[1], argv[2],
580 argv[3], argv[4], argv[6], argv[5], argv[7]);
581}
582
583DEFUN (accept_lifetime_month_day_day_month,
584 accept_lifetime_month_day_day_month_cmd,
585 "accept-lifetime HH:MM:SS MONTH <1-31> <1993-2035> HH:MM:SS <1-31> MONTH <1993-2035>",
586 "Set accept lifetime of the key\n"
587 "Time to start\n"
588 "Month of the year to start\n"
589 "Day of th month to start\n"
590 "Year to start\n"
591 "Time to expire\n"
592 "Day of th month to expire\n"
593 "Month of the year to expire\n"
594 "Year to expire\n")
595{
596 struct key *key;
597
598 key = vty->index_sub;
599
600 return key_lifetime_set (vty, &key->accept, argv[0], argv[2], argv[1],
601 argv[3], argv[4], argv[5], argv[6], argv[7]);
602}
603
604DEFUN (accept_lifetime_month_day_month_day,
605 accept_lifetime_month_day_month_day_cmd,
606 "accept-lifetime HH:MM:SS MONTH <1-31> <1993-2035> HH:MM:SS MONTH <1-31> <1993-2035>",
607 "Set accept lifetime of the key\n"
608 "Time to start\n"
609 "Month of the year to start\n"
610 "Day of th month to start\n"
611 "Year to start\n"
612 "Time to expire\n"
613 "Month of the year to expire\n"
614 "Day of th month to expire\n"
615 "Year to expire\n")
616{
617 struct key *key;
618
619 key = vty->index_sub;
620
621 return key_lifetime_set (vty, &key->accept, argv[0], argv[2], argv[1],
622 argv[3], argv[4], argv[6], argv[5], argv[7]);
623}
624
625DEFUN (accept_lifetime_infinite_day_month,
626 accept_lifetime_infinite_day_month_cmd,
627 "accept-lifetime HH:MM:SS <1-31> MONTH <1993-2035> infinite",
628 "Set accept lifetime of the key\n"
629 "Time to start\n"
630 "Day of th month to start\n"
631 "Month of the year to start\n"
632 "Year to start\n"
633 "Never expires")
634{
635 struct key *key;
636
637 key = vty->index_sub;
638
639 return key_lifetime_infinite_set (vty, &key->accept, argv[0], argv[1],
640 argv[2], argv[3]);
641}
642
643DEFUN (accept_lifetime_infinite_month_day,
644 accept_lifetime_infinite_month_day_cmd,
645 "accept-lifetime HH:MM:SS MONTH <1-31> <1993-2035> infinite",
646 "Set accept lifetime of the key\n"
647 "Time to start\n"
648 "Month of the year to start\n"
649 "Day of th month to start\n"
650 "Year to start\n"
651 "Never expires")
652{
653 struct key *key;
654
655 key = vty->index_sub;
656
657 return key_lifetime_infinite_set (vty, &key->accept, argv[0], argv[2],
658 argv[1], argv[3]);
659}
660
661DEFUN (accept_lifetime_duration_day_month,
662 accept_lifetime_duration_day_month_cmd,
663 "accept-lifetime HH:MM:SS <1-31> MONTH <1993-2035> duration <1-2147483646>",
664 "Set accept lifetime of the key\n"
665 "Time to start\n"
666 "Day of th month to start\n"
667 "Month of the year to start\n"
668 "Year to start\n"
669 "Duration of the key\n"
670 "Duration seconds\n")
671{
672 struct key *key;
673
674 key = vty->index_sub;
675
676 return key_lifetime_duration_set (vty, &key->accept, argv[0], argv[1],
677 argv[2], argv[3], argv[4]);
678}
679
680DEFUN (accept_lifetime_duration_month_day,
681 accept_lifetime_duration_month_day_cmd,
682 "accept-lifetime HH:MM:SS MONTH <1-31> <1993-2035> duration <1-2147483646>",
683 "Set accept lifetime of the key\n"
684 "Time to start\n"
685 "Month of the year to start\n"
686 "Day of th month to start\n"
687 "Year to start\n"
688 "Duration of the key\n"
689 "Duration seconds\n")
690{
691 struct key *key;
692
693 key = vty->index_sub;
694
695 return key_lifetime_duration_set (vty, &key->accept, argv[0], argv[2],
696 argv[1], argv[3], argv[4]);
697}
698
699DEFUN (send_lifetime_day_month_day_month,
700 send_lifetime_day_month_day_month_cmd,
701 "send-lifetime HH:MM:SS <1-31> MONTH <1993-2035> HH:MM:SS <1-31> MONTH <1993-2035>",
702 "Set send lifetime of the key\n"
703 "Time to start\n"
704 "Day of th month to start\n"
705 "Month of the year to start\n"
706 "Year to start\n"
707 "Time to expire\n"
708 "Day of th month to expire\n"
709 "Month of the year to expire\n"
710 "Year to expire\n")
711{
712 struct key *key;
713
714 key = vty->index_sub;
715
716 return key_lifetime_set (vty, &key->send, argv[0], argv[1], argv[2], argv[3],
717 argv[4], argv[5], argv[6], argv[7]);
718}
719
720DEFUN (send_lifetime_day_month_month_day,
721 send_lifetime_day_month_month_day_cmd,
722 "send-lifetime HH:MM:SS <1-31> MONTH <1993-2035> HH:MM:SS MONTH <1-31> <1993-2035>",
723 "Set send lifetime of the key\n"
724 "Time to start\n"
725 "Day of th month to start\n"
726 "Month of the year to start\n"
727 "Year to start\n"
728 "Time to expire\n"
729 "Month of the year to expire\n"
730 "Day of th month to expire\n"
731 "Year to expire\n")
732{
733 struct key *key;
734
735 key = vty->index_sub;
736
737 return key_lifetime_set (vty, &key->send, argv[0], argv[1], argv[2], argv[3],
738 argv[4], argv[6], argv[5], argv[7]);
739}
740
741DEFUN (send_lifetime_month_day_day_month,
742 send_lifetime_month_day_day_month_cmd,
743 "send-lifetime HH:MM:SS MONTH <1-31> <1993-2035> HH:MM:SS <1-31> MONTH <1993-2035>",
744 "Set send lifetime of the key\n"
745 "Time to start\n"
746 "Month of the year to start\n"
747 "Day of th month to start\n"
748 "Year to start\n"
749 "Time to expire\n"
750 "Day of th month to expire\n"
751 "Month of the year to expire\n"
752 "Year to expire\n")
753{
754 struct key *key;
755
756 key = vty->index_sub;
757
758 return key_lifetime_set (vty, &key->send, argv[0], argv[2], argv[1], argv[3],
759 argv[4], argv[5], argv[6], argv[7]);
760}
761
762DEFUN (send_lifetime_month_day_month_day,
763 send_lifetime_month_day_month_day_cmd,
764 "send-lifetime HH:MM:SS MONTH <1-31> <1993-2035> HH:MM:SS MONTH <1-31> <1993-2035>",
765 "Set send lifetime of the key\n"
766 "Time to start\n"
767 "Month of the year to start\n"
768 "Day of th month to start\n"
769 "Year to start\n"
770 "Time to expire\n"
771 "Month of the year to expire\n"
772 "Day of th month to expire\n"
773 "Year to expire\n")
774{
775 struct key *key;
776
777 key = vty->index_sub;
778
779 return key_lifetime_set (vty, &key->send, argv[0], argv[2], argv[1], argv[3],
780 argv[4], argv[6], argv[5], argv[7]);
781}
782
783DEFUN (send_lifetime_infinite_day_month,
784 send_lifetime_infinite_day_month_cmd,
785 "send-lifetime HH:MM:SS <1-31> MONTH <1993-2035> infinite",
786 "Set send lifetime of the key\n"
787 "Time to start\n"
788 "Day of th month to start\n"
789 "Month of the year to start\n"
790 "Year to start\n"
791 "Never expires")
792{
793 struct key *key;
794
795 key = vty->index_sub;
796
797 return key_lifetime_infinite_set (vty, &key->send, argv[0], argv[1], argv[2],
798 argv[3]);
799}
800
801DEFUN (send_lifetime_infinite_month_day,
802 send_lifetime_infinite_month_day_cmd,
803 "send-lifetime HH:MM:SS MONTH <1-31> <1993-2035> infinite",
804 "Set send lifetime of the key\n"
805 "Time to start\n"
806 "Month of the year to start\n"
807 "Day of th month to start\n"
808 "Year to start\n"
809 "Never expires")
810{
811 struct key *key;
812
813 key = vty->index_sub;
814
815 return key_lifetime_infinite_set (vty, &key->send, argv[0], argv[2], argv[1],
816 argv[3]);
817}
818
819DEFUN (send_lifetime_duration_day_month,
820 send_lifetime_duration_day_month_cmd,
821 "send-lifetime HH:MM:SS <1-31> MONTH <1993-2035> duration <1-2147483646>",
822 "Set send lifetime of the key\n"
823 "Time to start\n"
824 "Day of th month to start\n"
825 "Month of the year to start\n"
826 "Year to start\n"
827 "Duration of the key\n"
828 "Duration seconds\n")
829{
830 struct key *key;
831
832 key = vty->index_sub;
833
834 return key_lifetime_duration_set (vty, &key->send, argv[0], argv[1], argv[2],
835 argv[3], argv[4]);
836}
837
838DEFUN (send_lifetime_duration_month_day,
839 send_lifetime_duration_month_day_cmd,
840 "send-lifetime HH:MM:SS MONTH <1-31> <1993-2035> duration <1-2147483646>",
841 "Set send lifetime of the key\n"
842 "Time to start\n"
843 "Month of the year to start\n"
844 "Day of th month to start\n"
845 "Year to start\n"
846 "Duration of the key\n"
847 "Duration seconds\n")
848{
849 struct key *key;
850
851 key = vty->index_sub;
852
853 return key_lifetime_duration_set (vty, &key->send, argv[0], argv[2], argv[1],
854 argv[3], argv[4]);
855}
856
857struct cmd_node keychain_node =
858{
859 KEYCHAIN_NODE,
860 "%s(config-keychain)# ",
861 1
862};
863
864struct cmd_node keychain_key_node =
865{
866 KEYCHAIN_KEY_NODE,
867 "%s(config-keychain-key)# ",
868 1
869};
870
paul8cc41982005-05-06 21:25:49 +0000871static int
paul718e3742002-12-13 20:15:29 +0000872keychain_strftime (char *buf, int bufsiz, time_t *time)
873{
874 struct tm *tm;
875 size_t len;
876
877 tm = localtime (time);
878
879 len = strftime (buf, bufsiz, "%T %b %d %Y", tm);
880
881 return len;
882}
883
paul8cc41982005-05-06 21:25:49 +0000884static int
paul718e3742002-12-13 20:15:29 +0000885keychain_config_write (struct vty *vty)
886{
887 struct keychain *keychain;
888 struct key *key;
paul1eb8ef22005-04-07 07:30:20 +0000889 struct listnode *node;
890 struct listnode *knode;
paul718e3742002-12-13 20:15:29 +0000891 char buf[BUFSIZ];
892
paul1eb8ef22005-04-07 07:30:20 +0000893 for (ALL_LIST_ELEMENTS_RO (keychain_list, node, keychain))
paul718e3742002-12-13 20:15:29 +0000894 {
895 vty_out (vty, "key chain %s%s", keychain->name, VTY_NEWLINE);
896
paul1eb8ef22005-04-07 07:30:20 +0000897 for (ALL_LIST_ELEMENTS_RO (keychain->key, knode, key))
paul718e3742002-12-13 20:15:29 +0000898 {
899 vty_out (vty, " key %d%s", key->index, VTY_NEWLINE);
900
901 if (key->string)
902 vty_out (vty, " key-string %s%s", key->string, VTY_NEWLINE);
903
904 if (key->accept.start)
905 {
906 keychain_strftime (buf, BUFSIZ, &key->accept.start);
907 vty_out (vty, " accept-lifetime %s", buf);
908
909 if (key->accept.end == -1)
910 vty_out (vty, " infinite");
911 else if (key->accept.duration)
912 vty_out (vty, " duration %ld",
hassofa2b17e2004-03-04 17:45:00 +0000913 (long)(key->accept.end - key->accept.start));
paul718e3742002-12-13 20:15:29 +0000914 else
915 {
916 keychain_strftime (buf, BUFSIZ, &key->accept.end);
917 vty_out (vty, " %s", buf);
918 }
919 vty_out (vty, "%s", VTY_NEWLINE);
920 }
921
922 if (key->send.start)
923 {
924 keychain_strftime (buf, BUFSIZ, &key->send.start);
925 vty_out (vty, " send-lifetime %s", buf);
926
927 if (key->send.end == -1)
928 vty_out (vty, " infinite");
929 else if (key->send.duration)
hassofa2b17e2004-03-04 17:45:00 +0000930 vty_out (vty, " duration %ld", (long)(key->send.end - key->send.start));
paul718e3742002-12-13 20:15:29 +0000931 else
932 {
933 keychain_strftime (buf, BUFSIZ, &key->send.end);
934 vty_out (vty, " %s", buf);
935 }
936 vty_out (vty, "%s", VTY_NEWLINE);
937 }
938 }
939 vty_out (vty, "!%s", VTY_NEWLINE);
940 }
941
942 return 0;
943}
944
945void
946keychain_init ()
947{
948 keychain_list = list_new ();
949
950 install_node (&keychain_node, keychain_config_write);
951 install_node (&keychain_key_node, NULL);
952
953 install_default (KEYCHAIN_NODE);
954 install_default (KEYCHAIN_KEY_NODE);
955
956 install_element (CONFIG_NODE, &key_chain_cmd);
957 install_element (CONFIG_NODE, &no_key_chain_cmd);
958 install_element (KEYCHAIN_NODE, &key_cmd);
959 install_element (KEYCHAIN_NODE, &no_key_cmd);
960
961 install_element (KEYCHAIN_NODE, &key_chain_cmd);
962 install_element (KEYCHAIN_NODE, &no_key_chain_cmd);
963
964 install_element (KEYCHAIN_KEY_NODE, &key_string_cmd);
965 install_element (KEYCHAIN_KEY_NODE, &no_key_string_cmd);
966
967 install_element (KEYCHAIN_KEY_NODE, &key_chain_cmd);
968 install_element (KEYCHAIN_KEY_NODE, &no_key_chain_cmd);
969
970 install_element (KEYCHAIN_KEY_NODE, &key_cmd);
971 install_element (KEYCHAIN_KEY_NODE, &no_key_cmd);
972
973 install_element (KEYCHAIN_KEY_NODE, &accept_lifetime_day_month_day_month_cmd);
974 install_element (KEYCHAIN_KEY_NODE, &accept_lifetime_day_month_month_day_cmd);
975 install_element (KEYCHAIN_KEY_NODE, &accept_lifetime_month_day_day_month_cmd);
976 install_element (KEYCHAIN_KEY_NODE, &accept_lifetime_month_day_month_day_cmd);
977 install_element (KEYCHAIN_KEY_NODE, &accept_lifetime_infinite_day_month_cmd);
978 install_element (KEYCHAIN_KEY_NODE, &accept_lifetime_infinite_month_day_cmd);
979 install_element (KEYCHAIN_KEY_NODE, &accept_lifetime_duration_day_month_cmd);
980 install_element (KEYCHAIN_KEY_NODE, &accept_lifetime_duration_month_day_cmd);
981
982 install_element (KEYCHAIN_KEY_NODE, &send_lifetime_day_month_day_month_cmd);
983 install_element (KEYCHAIN_KEY_NODE, &send_lifetime_day_month_month_day_cmd);
984 install_element (KEYCHAIN_KEY_NODE, &send_lifetime_month_day_day_month_cmd);
985 install_element (KEYCHAIN_KEY_NODE, &send_lifetime_month_day_month_day_cmd);
986 install_element (KEYCHAIN_KEY_NODE, &send_lifetime_infinite_day_month_cmd);
987 install_element (KEYCHAIN_KEY_NODE, &send_lifetime_infinite_month_day_cmd);
988 install_element (KEYCHAIN_KEY_NODE, &send_lifetime_duration_day_month_cmd);
989 install_element (KEYCHAIN_KEY_NODE, &send_lifetime_duration_month_day_cmd);
990}