blob: af0a1d74000083500acae6566a7d6680a75e846d [file] [log] [blame]
paul718e3742002-12-13 20:15:29 +00001/* key-chain for authentication.
2 Copyright (C) 2000 Kunihiro Ishiguro
3
4This file is part of GNU Zebra.
5
6GNU Zebra is free software; you can redistribute it and/or modify
7it under the terms of the GNU General Public License as published
8by the Free Software Foundation; either version 2, or (at your
9option) any later version.
10
11GNU Zebra is distributed in the hope that it will be useful, but
12WITHOUT ANY WARRANTY; without even the implied warranty of
13MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14General Public License for more details.
15
16You should have received a copy of the GNU General Public License
17along with GNU Zebra; see the file COPYING. If not, write to the
18Free Software Foundation, Inc., 59 Temple Place - Suite 330,
19Boston, MA 02111-1307, USA. */
20
21#include <zebra.h>
22
23#include "command.h"
24#include "memory.h"
25#include "linklist.h"
26#include "keychain.h"
27
28/* Master list of key chain. */
29struct list *keychain_list;
30
paul8cc41982005-05-06 21:25:49 +000031static struct keychain *
32keychain_new (void)
paul718e3742002-12-13 20:15:29 +000033{
Stephen Hemminger393deb92008-08-18 14:13:29 -070034 return XCALLOC (MTYPE_KEYCHAIN, sizeof (struct keychain));
paul718e3742002-12-13 20:15:29 +000035}
36
paul8cc41982005-05-06 21:25:49 +000037static void
paul718e3742002-12-13 20:15:29 +000038keychain_free (struct keychain *keychain)
39{
40 XFREE (MTYPE_KEYCHAIN, keychain);
41}
42
paul8cc41982005-05-06 21:25:49 +000043static struct key *
44key_new (void)
paul718e3742002-12-13 20:15:29 +000045{
Stephen Hemminger393deb92008-08-18 14:13:29 -070046 return XCALLOC (MTYPE_KEY, sizeof (struct key));
paul718e3742002-12-13 20:15:29 +000047}
48
paul8cc41982005-05-06 21:25:49 +000049static void
paul718e3742002-12-13 20:15:29 +000050key_free (struct key *key)
51{
52 XFREE (MTYPE_KEY, key);
53}
54
55struct keychain *
hasso8c328f12004-10-05 21:01:23 +000056keychain_lookup (const char *name)
paul718e3742002-12-13 20:15:29 +000057{
paul1eb8ef22005-04-07 07:30:20 +000058 struct listnode *node;
paul718e3742002-12-13 20:15:29 +000059 struct keychain *keychain;
60
61 if (name == NULL)
62 return NULL;
63
paul1eb8ef22005-04-07 07:30:20 +000064 for (ALL_LIST_ELEMENTS_RO (keychain_list, node, keychain))
paul718e3742002-12-13 20:15:29 +000065 {
66 if (strcmp (keychain->name, name) == 0)
67 return keychain;
68 }
69 return NULL;
70}
71
paul8cc41982005-05-06 21:25:49 +000072static int
73key_cmp_func (void *arg1, void *arg2)
paul718e3742002-12-13 20:15:29 +000074{
paul8cc41982005-05-06 21:25:49 +000075 const struct key *k1 = arg1;
76 const struct key *k2 = arg2;
77
paul718e3742002-12-13 20:15:29 +000078 if (k1->index > k2->index)
79 return 1;
80 if (k1->index < k2->index)
81 return -1;
82 return 0;
83}
84
paul8cc41982005-05-06 21:25:49 +000085static void
paul718e3742002-12-13 20:15:29 +000086key_delete_func (struct key *key)
87{
88 if (key->string)
89 free (key->string);
90 key_free (key);
91}
92
paul8cc41982005-05-06 21:25:49 +000093static struct keychain *
hasso8c328f12004-10-05 21:01:23 +000094keychain_get (const char *name)
paul718e3742002-12-13 20:15:29 +000095{
96 struct keychain *keychain;
97
98 keychain = keychain_lookup (name);
99
100 if (keychain)
101 return keychain;
102
103 keychain = keychain_new ();
104 keychain->name = strdup (name);
105 keychain->key = list_new ();
106 keychain->key->cmp = (int (*)(void *, void *)) key_cmp_func;
107 keychain->key->del = (void (*)(void *)) key_delete_func;
108 listnode_add (keychain_list, keychain);
109
110 return keychain;
111}
112
paul8cc41982005-05-06 21:25:49 +0000113static void
paul718e3742002-12-13 20:15:29 +0000114keychain_delete (struct keychain *keychain)
115{
116 if (keychain->name)
117 free (keychain->name);
118
119 list_delete (keychain->key);
120 listnode_delete (keychain_list, keychain);
121 keychain_free (keychain);
122}
123
paul8cc41982005-05-06 21:25:49 +0000124static struct key *
hasso8c328f12004-10-05 21:01:23 +0000125key_lookup (const struct keychain *keychain, u_int32_t index)
paul718e3742002-12-13 20:15:29 +0000126{
paul1eb8ef22005-04-07 07:30:20 +0000127 struct listnode *node;
paul718e3742002-12-13 20:15:29 +0000128 struct key *key;
129
paul1eb8ef22005-04-07 07:30:20 +0000130 for (ALL_LIST_ELEMENTS_RO (keychain->key, node, key))
paul718e3742002-12-13 20:15:29 +0000131 {
132 if (key->index == index)
133 return key;
134 }
135 return NULL;
136}
137
138struct key *
hasso8c328f12004-10-05 21:01:23 +0000139key_lookup_for_accept (const struct keychain *keychain, u_int32_t index)
paul718e3742002-12-13 20:15:29 +0000140{
paul1eb8ef22005-04-07 07:30:20 +0000141 struct listnode *node;
paul718e3742002-12-13 20:15:29 +0000142 struct key *key;
143 time_t now;
144
145 now = time (NULL);
146
paul1eb8ef22005-04-07 07:30:20 +0000147 for (ALL_LIST_ELEMENTS_RO (keychain->key, node, key))
paul718e3742002-12-13 20:15:29 +0000148 {
149 if (key->index >= index)
150 {
151 if (key->accept.start == 0)
152 return key;
153
154 if (key->accept.start <= now)
155 if (key->accept.end >= now || key->accept.end == -1)
156 return key;
157 }
158 }
159 return NULL;
160}
161
162struct key *
hasso8c328f12004-10-05 21:01:23 +0000163key_match_for_accept (const struct keychain *keychain, const char *auth_str)
paul718e3742002-12-13 20:15:29 +0000164{
paul1eb8ef22005-04-07 07:30:20 +0000165 struct listnode *node;
paul718e3742002-12-13 20:15:29 +0000166 struct key *key;
167 time_t now;
168
169 now = time (NULL);
170
paul1eb8ef22005-04-07 07:30:20 +0000171 for (ALL_LIST_ELEMENTS_RO (keychain->key, node, key))
paul718e3742002-12-13 20:15:29 +0000172 {
173 if (key->accept.start == 0 ||
174 (key->accept.start <= now &&
175 (key->accept.end >= now || key->accept.end == -1)))
176 if (strncmp (key->string, auth_str, 16) == 0)
177 return key;
178 }
179 return NULL;
180}
181
182struct key *
hasso8c328f12004-10-05 21:01:23 +0000183key_lookup_for_send (const struct keychain *keychain)
paul718e3742002-12-13 20:15:29 +0000184{
paul1eb8ef22005-04-07 07:30:20 +0000185 struct listnode *node;
paul718e3742002-12-13 20:15:29 +0000186 struct key *key;
187 time_t now;
188
189 now = time (NULL);
190
paul1eb8ef22005-04-07 07:30:20 +0000191 for (ALL_LIST_ELEMENTS_RO (keychain->key, node, key))
paul718e3742002-12-13 20:15:29 +0000192 {
193 if (key->send.start == 0)
194 return key;
195
196 if (key->send.start <= now)
197 if (key->send.end >= now || key->send.end == -1)
198 return key;
199 }
200 return NULL;
201}
202
paul8cc41982005-05-06 21:25:49 +0000203static struct key *
hasso8c328f12004-10-05 21:01:23 +0000204key_get (const struct keychain *keychain, u_int32_t index)
paul718e3742002-12-13 20:15:29 +0000205{
206 struct key *key;
207
208 key = key_lookup (keychain, index);
209
210 if (key)
211 return key;
212
213 key = key_new ();
214 key->index = index;
215 listnode_add_sort (keychain->key, key);
216
217 return key;
218}
219
paul8cc41982005-05-06 21:25:49 +0000220static void
paul718e3742002-12-13 20:15:29 +0000221key_delete (struct keychain *keychain, struct key *key)
222{
223 listnode_delete (keychain->key, key);
224
225 if (key->string)
226 free (key->string);
227 key_free (key);
228}
229
230DEFUN (key_chain,
231 key_chain_cmd,
232 "key chain WORD",
233 "Authentication key management\n"
234 "Key-chain management\n"
235 "Key-chain name\n")
236{
237 struct keychain *keychain;
238
239 keychain = keychain_get (argv[0]);
240 vty->index = keychain;
241 vty->node = KEYCHAIN_NODE;
242
243 return CMD_SUCCESS;
244}
245
246DEFUN (no_key_chain,
247 no_key_chain_cmd,
248 "no key chain WORD",
249 NO_STR
250 "Authentication key management\n"
251 "Key-chain management\n"
252 "Key-chain name\n")
253{
254 struct keychain *keychain;
255
256 keychain = keychain_lookup (argv[0]);
257
258 if (! keychain)
259 {
260 vty_out (vty, "Can't find keychain %s%s", argv[0], VTY_NEWLINE);
261 return CMD_WARNING;
262 }
263
264 keychain_delete (keychain);
265
266 return CMD_SUCCESS;
267}
268
269DEFUN (key,
270 key_cmd,
271 "key <0-2147483647>",
272 "Configure a key\n"
273 "Key identifier number\n")
274{
275 struct keychain *keychain;
276 struct key *key;
277 u_int32_t index;
paul718e3742002-12-13 20:15:29 +0000278
279 keychain = vty->index;
280
paul66cbbce2004-10-31 16:15:33 +0000281 VTY_GET_INTEGER ("key identifier", index, argv[0]);
paul718e3742002-12-13 20:15:29 +0000282 key = key_get (keychain, index);
283 vty->index_sub = key;
284 vty->node = KEYCHAIN_KEY_NODE;
285
286 return CMD_SUCCESS;
287}
288
289DEFUN (no_key,
290 no_key_cmd,
291 "no key <0-2147483647>",
292 NO_STR
293 "Delete a key\n"
294 "Key identifier number\n")
295{
296 struct keychain *keychain;
297 struct key *key;
298 u_int32_t index;
paul718e3742002-12-13 20:15:29 +0000299
300 keychain = vty->index;
301
paul66cbbce2004-10-31 16:15:33 +0000302 VTY_GET_INTEGER ("key identifier", index, argv[0]);
paul718e3742002-12-13 20:15:29 +0000303 key = key_lookup (keychain, index);
304 if (! key)
305 {
306 vty_out (vty, "Can't find key %d%s", index, VTY_NEWLINE);
307 return CMD_WARNING;
308 }
309
310 key_delete (keychain, key);
311
312 vty->node = KEYCHAIN_NODE;
313
314 return CMD_SUCCESS;
315}
316
317DEFUN (key_string,
318 key_string_cmd,
319 "key-string LINE",
320 "Set key string\n"
321 "The key\n")
322{
323 struct key *key;
324
325 key = vty->index_sub;
326
327 if (key->string)
328 free (key->string);
329 key->string = strdup (argv[0]);
330
331 return CMD_SUCCESS;
332}
333
334DEFUN (no_key_string,
335 no_key_string_cmd,
336 "no key-string [LINE]",
337 NO_STR
338 "Unset key string\n"
339 "The key\n")
340{
341 struct key *key;
342
343 key = vty->index_sub;
344
345 if (key->string)
346 {
347 free (key->string);
348 key->string = NULL;
349 }
350
351 return CMD_SUCCESS;
352}
353
354/* Convert HH:MM:SS MON DAY YEAR to time_t value. -1 is returned when
355 given string is malformed. */
paul8cc41982005-05-06 21:25:49 +0000356static time_t
hasso8c328f12004-10-05 21:01:23 +0000357key_str2time (const char *time_str, const char *day_str, const char *month_str,
358 const char *year_str)
paul718e3742002-12-13 20:15:29 +0000359{
360 int i = 0;
361 char *colon;
362 struct tm tm;
363 time_t time;
hasso8c328f12004-10-05 21:01:23 +0000364 unsigned int sec, min, hour;
365 unsigned int day, month, year;
paul718e3742002-12-13 20:15:29 +0000366
hasso8c328f12004-10-05 21:01:23 +0000367 const char *month_name[] =
paul718e3742002-12-13 20:15:29 +0000368 {
369 "January",
370 "February",
371 "March",
372 "April",
373 "May",
374 "June",
375 "July",
376 "August",
377 "September",
378 "October",
379 "November",
380 "December",
381 NULL
382 };
383
paul8cc41982005-05-06 21:25:49 +0000384#define GET_LONG_RANGE(V,STR,MIN,MAX) \
385{ \
386 unsigned long tmpl; \
387 char *endptr = NULL; \
388 tmpl = strtoul ((STR), &endptr, 10); \
389 if (*endptr != '\0' || tmpl == ULONG_MAX) \
390 return -1; \
391 if ( tmpl < (MIN) || tmpl > (MAX)) \
392 return -1; \
393 (V) = tmpl; \
394}
395
paul718e3742002-12-13 20:15:29 +0000396 /* Check hour field of time_str. */
397 colon = strchr (time_str, ':');
398 if (colon == NULL)
399 return -1;
400 *colon = '\0';
401
402 /* Hour must be between 0 and 23. */
paul8cc41982005-05-06 21:25:49 +0000403 GET_LONG_RANGE (hour, time_str, 0, 23);
paul718e3742002-12-13 20:15:29 +0000404
405 /* Check min field of time_str. */
406 time_str = colon + 1;
407 colon = strchr (time_str, ':');
408 if (*time_str == '\0' || colon == NULL)
409 return -1;
410 *colon = '\0';
411
412 /* Min must be between 0 and 59. */
paul8cc41982005-05-06 21:25:49 +0000413 GET_LONG_RANGE (min, time_str, 0, 59);
paul718e3742002-12-13 20:15:29 +0000414
415 /* Check sec field of time_str. */
416 time_str = colon + 1;
417 if (*time_str == '\0')
418 return -1;
419
420 /* Sec must be between 0 and 59. */
paul8cc41982005-05-06 21:25:49 +0000421 GET_LONG_RANGE (sec, time_str, 0, 59);
paul718e3742002-12-13 20:15:29 +0000422
423 /* Check day_str. Day must be <1-31>. */
paul8cc41982005-05-06 21:25:49 +0000424 GET_LONG_RANGE (day, day_str, 1, 31);
paul718e3742002-12-13 20:15:29 +0000425
426 /* Check month_str. Month must match month_name. */
427 month = 0;
428 if (strlen (month_str) >= 3)
429 for (i = 0; month_name[i]; i++)
430 if (strncmp (month_str, month_name[i], strlen (month_str)) == 0)
431 {
432 month = i;
433 break;
434 }
435 if (! month_name[i])
436 return -1;
437
438 /* Check year_str. Year must be <1993-2035>. */
paul8cc41982005-05-06 21:25:49 +0000439 GET_LONG_RANGE (year, year_str, 1993, 2035);
paul718e3742002-12-13 20:15:29 +0000440
441 memset (&tm, 0, sizeof (struct tm));
442 tm.tm_sec = sec;
443 tm.tm_min = min;
444 tm.tm_hour = hour;
445 tm.tm_mon = month;
446 tm.tm_mday = day;
447 tm.tm_year = year - 1900;
448
449 time = mktime (&tm);
paul66cbbce2004-10-31 16:15:33 +0000450
paul718e3742002-12-13 20:15:29 +0000451 return time;
paul8cc41982005-05-06 21:25:49 +0000452#undef GET_LONG_RANGE
paul718e3742002-12-13 20:15:29 +0000453}
454
paul8cc41982005-05-06 21:25:49 +0000455static int
hasso8c328f12004-10-05 21:01:23 +0000456key_lifetime_set (struct vty *vty, struct key_range *krange,
457 const char *stime_str, const char *sday_str,
458 const char *smonth_str, const char *syear_str,
459 const char *etime_str, const char *eday_str,
460 const char *emonth_str, const char *eyear_str)
paul718e3742002-12-13 20:15:29 +0000461{
462 time_t time_start;
463 time_t time_end;
paul66cbbce2004-10-31 16:15:33 +0000464
paul718e3742002-12-13 20:15:29 +0000465 time_start = key_str2time (stime_str, sday_str, smonth_str, syear_str);
466 if (time_start < 0)
467 {
468 vty_out (vty, "Malformed time value%s", VTY_NEWLINE);
469 return CMD_WARNING;
470 }
471 time_end = key_str2time (etime_str, eday_str, emonth_str, eyear_str);
472
473 if (time_end < 0)
474 {
475 vty_out (vty, "Malformed time value%s", VTY_NEWLINE);
476 return CMD_WARNING;
477 }
478
479 if (time_end <= time_start)
480 {
481 vty_out (vty, "Expire time is not later than start time%s", VTY_NEWLINE);
482 return CMD_WARNING;
483 }
484
485 krange->start = time_start;
486 krange->end = time_end;
487
488 return CMD_SUCCESS;
489}
490
paul8cc41982005-05-06 21:25:49 +0000491static int
paul718e3742002-12-13 20:15:29 +0000492key_lifetime_duration_set (struct vty *vty, struct key_range *krange,
hasso8c328f12004-10-05 21:01:23 +0000493 const char *stime_str, const char *sday_str,
494 const char *smonth_str, const char *syear_str,
495 const char *duration_str)
paul718e3742002-12-13 20:15:29 +0000496{
497 time_t time_start;
498 u_int32_t duration;
paul718e3742002-12-13 20:15:29 +0000499
500 time_start = key_str2time (stime_str, sday_str, smonth_str, syear_str);
501 if (time_start < 0)
502 {
503 vty_out (vty, "Malformed time value%s", VTY_NEWLINE);
504 return CMD_WARNING;
505 }
506 krange->start = time_start;
507
paul66cbbce2004-10-31 16:15:33 +0000508 VTY_GET_INTEGER ("duration", duration, duration_str);
paul718e3742002-12-13 20:15:29 +0000509 krange->duration = 1;
510 krange->end = time_start + duration;
511
512 return CMD_SUCCESS;
513}
514
paul8cc41982005-05-06 21:25:49 +0000515static int
paul718e3742002-12-13 20:15:29 +0000516key_lifetime_infinite_set (struct vty *vty, struct key_range *krange,
hasso8c328f12004-10-05 21:01:23 +0000517 const char *stime_str, const char *sday_str,
518 const char *smonth_str, const char *syear_str)
paul718e3742002-12-13 20:15:29 +0000519{
520 time_t time_start;
521
522 time_start = key_str2time (stime_str, sday_str, smonth_str, syear_str);
523 if (time_start < 0)
524 {
525 vty_out (vty, "Malformed time value%s", VTY_NEWLINE);
526 return CMD_WARNING;
527 }
528 krange->start = time_start;
529
530 krange->end = -1;
531
532 return CMD_SUCCESS;
533}
534
535DEFUN (accept_lifetime_day_month_day_month,
536 accept_lifetime_day_month_day_month_cmd,
537 "accept-lifetime HH:MM:SS <1-31> MONTH <1993-2035> HH:MM:SS <1-31> MONTH <1993-2035>",
538 "Set accept lifetime of the key\n"
539 "Time to start\n"
540 "Day of th month to start\n"
541 "Month of the year to start\n"
542 "Year to start\n"
543 "Time to expire\n"
544 "Day of th month to expire\n"
545 "Month of the year to expire\n"
546 "Year to expire\n")
547{
548 struct key *key;
549
550 key = vty->index_sub;
551
552 return key_lifetime_set (vty, &key->accept, argv[0], argv[1], argv[2],
553 argv[3], argv[4], argv[5], argv[6], argv[7]);
554}
555
556DEFUN (accept_lifetime_day_month_month_day,
557 accept_lifetime_day_month_month_day_cmd,
558 "accept-lifetime HH:MM:SS <1-31> MONTH <1993-2035> HH:MM:SS MONTH <1-31> <1993-2035>",
559 "Set accept lifetime of the key\n"
560 "Time to start\n"
561 "Day of th month to start\n"
562 "Month of the year to start\n"
563 "Year to start\n"
564 "Time to expire\n"
565 "Month of the year to expire\n"
566 "Day of th month to expire\n"
567 "Year to expire\n")
568{
569 struct key *key;
570
571 key = vty->index_sub;
572
573 return key_lifetime_set (vty, &key->accept, argv[0], argv[1], argv[2],
574 argv[3], argv[4], argv[6], argv[5], argv[7]);
575}
576
577DEFUN (accept_lifetime_month_day_day_month,
578 accept_lifetime_month_day_day_month_cmd,
579 "accept-lifetime HH:MM:SS MONTH <1-31> <1993-2035> HH:MM:SS <1-31> MONTH <1993-2035>",
580 "Set accept lifetime of the key\n"
581 "Time to start\n"
582 "Month of the year to start\n"
583 "Day of th month to start\n"
584 "Year to start\n"
585 "Time to expire\n"
586 "Day of th month to expire\n"
587 "Month of the year to expire\n"
588 "Year to expire\n")
589{
590 struct key *key;
591
592 key = vty->index_sub;
593
594 return key_lifetime_set (vty, &key->accept, argv[0], argv[2], argv[1],
595 argv[3], argv[4], argv[5], argv[6], argv[7]);
596}
597
598DEFUN (accept_lifetime_month_day_month_day,
599 accept_lifetime_month_day_month_day_cmd,
600 "accept-lifetime HH:MM:SS MONTH <1-31> <1993-2035> HH:MM:SS MONTH <1-31> <1993-2035>",
601 "Set accept lifetime of the key\n"
602 "Time to start\n"
603 "Month of the year to start\n"
604 "Day of th month to start\n"
605 "Year to start\n"
606 "Time to expire\n"
607 "Month of the year to expire\n"
608 "Day of th month to expire\n"
609 "Year to expire\n")
610{
611 struct key *key;
612
613 key = vty->index_sub;
614
615 return key_lifetime_set (vty, &key->accept, argv[0], argv[2], argv[1],
616 argv[3], argv[4], argv[6], argv[5], argv[7]);
617}
618
619DEFUN (accept_lifetime_infinite_day_month,
620 accept_lifetime_infinite_day_month_cmd,
621 "accept-lifetime HH:MM:SS <1-31> MONTH <1993-2035> infinite",
622 "Set accept lifetime of the key\n"
623 "Time to start\n"
624 "Day of th month to start\n"
625 "Month of the year to start\n"
626 "Year to start\n"
627 "Never expires")
628{
629 struct key *key;
630
631 key = vty->index_sub;
632
633 return key_lifetime_infinite_set (vty, &key->accept, argv[0], argv[1],
634 argv[2], argv[3]);
635}
636
637DEFUN (accept_lifetime_infinite_month_day,
638 accept_lifetime_infinite_month_day_cmd,
639 "accept-lifetime HH:MM:SS MONTH <1-31> <1993-2035> infinite",
640 "Set accept lifetime of the key\n"
641 "Time to start\n"
642 "Month of the year to start\n"
643 "Day of th month to start\n"
644 "Year to start\n"
645 "Never expires")
646{
647 struct key *key;
648
649 key = vty->index_sub;
650
651 return key_lifetime_infinite_set (vty, &key->accept, argv[0], argv[2],
652 argv[1], argv[3]);
653}
654
655DEFUN (accept_lifetime_duration_day_month,
656 accept_lifetime_duration_day_month_cmd,
657 "accept-lifetime HH:MM:SS <1-31> MONTH <1993-2035> duration <1-2147483646>",
658 "Set accept lifetime of the key\n"
659 "Time to start\n"
660 "Day of th month to start\n"
661 "Month of the year to start\n"
662 "Year to start\n"
663 "Duration of the key\n"
664 "Duration seconds\n")
665{
666 struct key *key;
667
668 key = vty->index_sub;
669
670 return key_lifetime_duration_set (vty, &key->accept, argv[0], argv[1],
671 argv[2], argv[3], argv[4]);
672}
673
674DEFUN (accept_lifetime_duration_month_day,
675 accept_lifetime_duration_month_day_cmd,
676 "accept-lifetime HH:MM:SS MONTH <1-31> <1993-2035> duration <1-2147483646>",
677 "Set accept lifetime of the key\n"
678 "Time to start\n"
679 "Month of the year to start\n"
680 "Day of th month to start\n"
681 "Year to start\n"
682 "Duration of the key\n"
683 "Duration seconds\n")
684{
685 struct key *key;
686
687 key = vty->index_sub;
688
689 return key_lifetime_duration_set (vty, &key->accept, argv[0], argv[2],
690 argv[1], argv[3], argv[4]);
691}
692
693DEFUN (send_lifetime_day_month_day_month,
694 send_lifetime_day_month_day_month_cmd,
695 "send-lifetime HH:MM:SS <1-31> MONTH <1993-2035> HH:MM:SS <1-31> MONTH <1993-2035>",
696 "Set send lifetime of the key\n"
697 "Time to start\n"
698 "Day of th month to start\n"
699 "Month of the year to start\n"
700 "Year to start\n"
701 "Time to expire\n"
702 "Day of th month to expire\n"
703 "Month of the year to expire\n"
704 "Year to expire\n")
705{
706 struct key *key;
707
708 key = vty->index_sub;
709
710 return key_lifetime_set (vty, &key->send, argv[0], argv[1], argv[2], argv[3],
711 argv[4], argv[5], argv[6], argv[7]);
712}
713
714DEFUN (send_lifetime_day_month_month_day,
715 send_lifetime_day_month_month_day_cmd,
716 "send-lifetime HH:MM:SS <1-31> MONTH <1993-2035> HH:MM:SS MONTH <1-31> <1993-2035>",
717 "Set send lifetime of the key\n"
718 "Time to start\n"
719 "Day of th month to start\n"
720 "Month of the year to start\n"
721 "Year to start\n"
722 "Time to expire\n"
723 "Month of the year to expire\n"
724 "Day of th month to expire\n"
725 "Year to expire\n")
726{
727 struct key *key;
728
729 key = vty->index_sub;
730
731 return key_lifetime_set (vty, &key->send, argv[0], argv[1], argv[2], argv[3],
732 argv[4], argv[6], argv[5], argv[7]);
733}
734
735DEFUN (send_lifetime_month_day_day_month,
736 send_lifetime_month_day_day_month_cmd,
737 "send-lifetime HH:MM:SS MONTH <1-31> <1993-2035> HH:MM:SS <1-31> MONTH <1993-2035>",
738 "Set send lifetime of the key\n"
739 "Time to start\n"
740 "Month of the year to start\n"
741 "Day of th month to start\n"
742 "Year to start\n"
743 "Time to expire\n"
744 "Day of th month to expire\n"
745 "Month of the year to expire\n"
746 "Year to expire\n")
747{
748 struct key *key;
749
750 key = vty->index_sub;
751
752 return key_lifetime_set (vty, &key->send, argv[0], argv[2], argv[1], argv[3],
753 argv[4], argv[5], argv[6], argv[7]);
754}
755
756DEFUN (send_lifetime_month_day_month_day,
757 send_lifetime_month_day_month_day_cmd,
758 "send-lifetime HH:MM:SS MONTH <1-31> <1993-2035> HH:MM:SS MONTH <1-31> <1993-2035>",
759 "Set send lifetime of the key\n"
760 "Time to start\n"
761 "Month of the year to start\n"
762 "Day of th month to start\n"
763 "Year to start\n"
764 "Time to expire\n"
765 "Month of the year to expire\n"
766 "Day of th month to expire\n"
767 "Year to expire\n")
768{
769 struct key *key;
770
771 key = vty->index_sub;
772
773 return key_lifetime_set (vty, &key->send, argv[0], argv[2], argv[1], argv[3],
774 argv[4], argv[6], argv[5], argv[7]);
775}
776
777DEFUN (send_lifetime_infinite_day_month,
778 send_lifetime_infinite_day_month_cmd,
779 "send-lifetime HH:MM:SS <1-31> MONTH <1993-2035> infinite",
780 "Set send lifetime of the key\n"
781 "Time to start\n"
782 "Day of th month to start\n"
783 "Month of the year to start\n"
784 "Year to start\n"
785 "Never expires")
786{
787 struct key *key;
788
789 key = vty->index_sub;
790
791 return key_lifetime_infinite_set (vty, &key->send, argv[0], argv[1], argv[2],
792 argv[3]);
793}
794
795DEFUN (send_lifetime_infinite_month_day,
796 send_lifetime_infinite_month_day_cmd,
797 "send-lifetime HH:MM:SS MONTH <1-31> <1993-2035> infinite",
798 "Set send lifetime of the key\n"
799 "Time to start\n"
800 "Month of the year to start\n"
801 "Day of th month to start\n"
802 "Year to start\n"
803 "Never expires")
804{
805 struct key *key;
806
807 key = vty->index_sub;
808
809 return key_lifetime_infinite_set (vty, &key->send, argv[0], argv[2], argv[1],
810 argv[3]);
811}
812
813DEFUN (send_lifetime_duration_day_month,
814 send_lifetime_duration_day_month_cmd,
815 "send-lifetime HH:MM:SS <1-31> MONTH <1993-2035> duration <1-2147483646>",
816 "Set send lifetime of the key\n"
817 "Time to start\n"
818 "Day of th month to start\n"
819 "Month of the year to start\n"
820 "Year to start\n"
821 "Duration of the key\n"
822 "Duration seconds\n")
823{
824 struct key *key;
825
826 key = vty->index_sub;
827
828 return key_lifetime_duration_set (vty, &key->send, argv[0], argv[1], argv[2],
829 argv[3], argv[4]);
830}
831
832DEFUN (send_lifetime_duration_month_day,
833 send_lifetime_duration_month_day_cmd,
834 "send-lifetime HH:MM:SS MONTH <1-31> <1993-2035> duration <1-2147483646>",
835 "Set send lifetime of the key\n"
836 "Time to start\n"
837 "Month of the year to start\n"
838 "Day of th month to start\n"
839 "Year to start\n"
840 "Duration of the key\n"
841 "Duration seconds\n")
842{
843 struct key *key;
844
845 key = vty->index_sub;
846
847 return key_lifetime_duration_set (vty, &key->send, argv[0], argv[2], argv[1],
848 argv[3], argv[4]);
849}
850
851struct cmd_node keychain_node =
852{
853 KEYCHAIN_NODE,
854 "%s(config-keychain)# ",
855 1
856};
857
858struct cmd_node keychain_key_node =
859{
860 KEYCHAIN_KEY_NODE,
861 "%s(config-keychain-key)# ",
862 1
863};
864
paul8cc41982005-05-06 21:25:49 +0000865static int
paul718e3742002-12-13 20:15:29 +0000866keychain_strftime (char *buf, int bufsiz, time_t *time)
867{
868 struct tm *tm;
869 size_t len;
870
871 tm = localtime (time);
872
873 len = strftime (buf, bufsiz, "%T %b %d %Y", tm);
874
875 return len;
876}
877
paul8cc41982005-05-06 21:25:49 +0000878static int
paul718e3742002-12-13 20:15:29 +0000879keychain_config_write (struct vty *vty)
880{
881 struct keychain *keychain;
882 struct key *key;
paul1eb8ef22005-04-07 07:30:20 +0000883 struct listnode *node;
884 struct listnode *knode;
paul718e3742002-12-13 20:15:29 +0000885 char buf[BUFSIZ];
886
paul1eb8ef22005-04-07 07:30:20 +0000887 for (ALL_LIST_ELEMENTS_RO (keychain_list, node, keychain))
paul718e3742002-12-13 20:15:29 +0000888 {
889 vty_out (vty, "key chain %s%s", keychain->name, VTY_NEWLINE);
890
paul1eb8ef22005-04-07 07:30:20 +0000891 for (ALL_LIST_ELEMENTS_RO (keychain->key, knode, key))
paul718e3742002-12-13 20:15:29 +0000892 {
893 vty_out (vty, " key %d%s", key->index, VTY_NEWLINE);
894
895 if (key->string)
896 vty_out (vty, " key-string %s%s", key->string, VTY_NEWLINE);
897
898 if (key->accept.start)
899 {
900 keychain_strftime (buf, BUFSIZ, &key->accept.start);
901 vty_out (vty, " accept-lifetime %s", buf);
902
903 if (key->accept.end == -1)
904 vty_out (vty, " infinite");
905 else if (key->accept.duration)
906 vty_out (vty, " duration %ld",
hassofa2b17e2004-03-04 17:45:00 +0000907 (long)(key->accept.end - key->accept.start));
paul718e3742002-12-13 20:15:29 +0000908 else
909 {
910 keychain_strftime (buf, BUFSIZ, &key->accept.end);
911 vty_out (vty, " %s", buf);
912 }
913 vty_out (vty, "%s", VTY_NEWLINE);
914 }
915
916 if (key->send.start)
917 {
918 keychain_strftime (buf, BUFSIZ, &key->send.start);
919 vty_out (vty, " send-lifetime %s", buf);
920
921 if (key->send.end == -1)
922 vty_out (vty, " infinite");
923 else if (key->send.duration)
hassofa2b17e2004-03-04 17:45:00 +0000924 vty_out (vty, " duration %ld", (long)(key->send.end - key->send.start));
paul718e3742002-12-13 20:15:29 +0000925 else
926 {
927 keychain_strftime (buf, BUFSIZ, &key->send.end);
928 vty_out (vty, " %s", buf);
929 }
930 vty_out (vty, "%s", VTY_NEWLINE);
931 }
932 }
933 vty_out (vty, "!%s", VTY_NEWLINE);
934 }
935
936 return 0;
937}
938
939void
940keychain_init ()
941{
942 keychain_list = list_new ();
943
944 install_node (&keychain_node, keychain_config_write);
945 install_node (&keychain_key_node, NULL);
946
947 install_default (KEYCHAIN_NODE);
948 install_default (KEYCHAIN_KEY_NODE);
949
950 install_element (CONFIG_NODE, &key_chain_cmd);
951 install_element (CONFIG_NODE, &no_key_chain_cmd);
952 install_element (KEYCHAIN_NODE, &key_cmd);
953 install_element (KEYCHAIN_NODE, &no_key_cmd);
954
955 install_element (KEYCHAIN_NODE, &key_chain_cmd);
956 install_element (KEYCHAIN_NODE, &no_key_chain_cmd);
957
958 install_element (KEYCHAIN_KEY_NODE, &key_string_cmd);
959 install_element (KEYCHAIN_KEY_NODE, &no_key_string_cmd);
960
961 install_element (KEYCHAIN_KEY_NODE, &key_chain_cmd);
962 install_element (KEYCHAIN_KEY_NODE, &no_key_chain_cmd);
963
964 install_element (KEYCHAIN_KEY_NODE, &key_cmd);
965 install_element (KEYCHAIN_KEY_NODE, &no_key_cmd);
966
967 install_element (KEYCHAIN_KEY_NODE, &accept_lifetime_day_month_day_month_cmd);
968 install_element (KEYCHAIN_KEY_NODE, &accept_lifetime_day_month_month_day_cmd);
969 install_element (KEYCHAIN_KEY_NODE, &accept_lifetime_month_day_day_month_cmd);
970 install_element (KEYCHAIN_KEY_NODE, &accept_lifetime_month_day_month_day_cmd);
971 install_element (KEYCHAIN_KEY_NODE, &accept_lifetime_infinite_day_month_cmd);
972 install_element (KEYCHAIN_KEY_NODE, &accept_lifetime_infinite_month_day_cmd);
973 install_element (KEYCHAIN_KEY_NODE, &accept_lifetime_duration_day_month_cmd);
974 install_element (KEYCHAIN_KEY_NODE, &accept_lifetime_duration_month_day_cmd);
975
976 install_element (KEYCHAIN_KEY_NODE, &send_lifetime_day_month_day_month_cmd);
977 install_element (KEYCHAIN_KEY_NODE, &send_lifetime_day_month_month_day_cmd);
978 install_element (KEYCHAIN_KEY_NODE, &send_lifetime_month_day_day_month_cmd);
979 install_element (KEYCHAIN_KEY_NODE, &send_lifetime_month_day_month_day_cmd);
980 install_element (KEYCHAIN_KEY_NODE, &send_lifetime_infinite_day_month_cmd);
981 install_element (KEYCHAIN_KEY_NODE, &send_lifetime_infinite_month_day_cmd);
982 install_element (KEYCHAIN_KEY_NODE, &send_lifetime_duration_day_month_cmd);
983 install_element (KEYCHAIN_KEY_NODE, &send_lifetime_duration_month_day_cmd);
984}