blob: a3219ef410ec524a093846e76111871ff341f60c [file] [log] [blame]
paul718e3742002-12-13 20:15:29 +00001/* key-chain for authentication.
2 Copyright (C) 2000 Kunihiro Ishiguro
3
4This file is part of GNU Zebra.
5
6GNU Zebra is free software; you can redistribute it and/or modify
7it under the terms of the GNU General Public License as published
8by the Free Software Foundation; either version 2, or (at your
9option) any later version.
10
11GNU Zebra is distributed in the hope that it will be useful, but
12WITHOUT ANY WARRANTY; without even the implied warranty of
13MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14General Public License for more details.
15
16You should have received a copy of the GNU General Public License
17along with GNU Zebra; see the file COPYING. If not, write to the
18Free Software Foundation, Inc., 59 Temple Place - Suite 330,
19Boston, MA 02111-1307, USA. */
20
21#include <zebra.h>
22
23#include "command.h"
24#include "memory.h"
25#include "linklist.h"
26#include "keychain.h"
27
28/* Master list of key chain. */
29struct list *keychain_list;
30
31struct keychain *
32keychain_new ()
33{
34 struct keychain *new;
35 new = XMALLOC (MTYPE_KEYCHAIN, sizeof (struct keychain));
36 memset (new, 0, sizeof (struct keychain));
37 return new;
38}
39
40void
41keychain_free (struct keychain *keychain)
42{
43 XFREE (MTYPE_KEYCHAIN, keychain);
44}
45
46struct key *
47key_new ()
48{
49 struct key *new;
50 new = XMALLOC (MTYPE_KEY, sizeof (struct key));
51 memset (new, 0, sizeof (struct key));
52 return new;
53}
54
55void
56key_free (struct key *key)
57{
58 XFREE (MTYPE_KEY, key);
59}
60
61struct keychain *
hasso8c328f12004-10-05 21:01:23 +000062keychain_lookup (const char *name)
paul718e3742002-12-13 20:15:29 +000063{
64 struct listnode *nn;
65 struct keychain *keychain;
66
67 if (name == NULL)
68 return NULL;
69
70 LIST_LOOP (keychain_list, keychain, nn)
71 {
72 if (strcmp (keychain->name, name) == 0)
73 return keychain;
74 }
75 return NULL;
76}
77
78int
hasso8c328f12004-10-05 21:01:23 +000079key_cmp_func (const struct key *k1, const struct key *k2)
paul718e3742002-12-13 20:15:29 +000080{
81 if (k1->index > k2->index)
82 return 1;
83 if (k1->index < k2->index)
84 return -1;
85 return 0;
86}
87
88void
89key_delete_func (struct key *key)
90{
91 if (key->string)
92 free (key->string);
93 key_free (key);
94}
95
96struct keychain *
hasso8c328f12004-10-05 21:01:23 +000097keychain_get (const char *name)
paul718e3742002-12-13 20:15:29 +000098{
99 struct keychain *keychain;
100
101 keychain = keychain_lookup (name);
102
103 if (keychain)
104 return keychain;
105
106 keychain = keychain_new ();
107 keychain->name = strdup (name);
108 keychain->key = list_new ();
109 keychain->key->cmp = (int (*)(void *, void *)) key_cmp_func;
110 keychain->key->del = (void (*)(void *)) key_delete_func;
111 listnode_add (keychain_list, keychain);
112
113 return keychain;
114}
115
116void
117keychain_delete (struct keychain *keychain)
118{
119 if (keychain->name)
120 free (keychain->name);
121
122 list_delete (keychain->key);
123 listnode_delete (keychain_list, keychain);
124 keychain_free (keychain);
125}
126
127struct key *
hasso8c328f12004-10-05 21:01:23 +0000128key_lookup (const struct keychain *keychain, u_int32_t index)
paul718e3742002-12-13 20:15:29 +0000129{
130 struct listnode *nn;
131 struct key *key;
132
133 LIST_LOOP (keychain->key, key, nn)
134 {
135 if (key->index == index)
136 return key;
137 }
138 return NULL;
139}
140
141struct key *
hasso8c328f12004-10-05 21:01:23 +0000142key_lookup_for_accept (const struct keychain *keychain, u_int32_t index)
paul718e3742002-12-13 20:15:29 +0000143{
144 struct listnode *nn;
145 struct key *key;
146 time_t now;
147
148 now = time (NULL);
149
150 LIST_LOOP (keychain->key, key, nn)
151 {
152 if (key->index >= index)
153 {
154 if (key->accept.start == 0)
155 return key;
156
157 if (key->accept.start <= now)
158 if (key->accept.end >= now || key->accept.end == -1)
159 return key;
160 }
161 }
162 return NULL;
163}
164
165struct key *
hasso8c328f12004-10-05 21:01:23 +0000166key_match_for_accept (const struct keychain *keychain, const char *auth_str)
paul718e3742002-12-13 20:15:29 +0000167{
168 struct listnode *nn;
169 struct key *key;
170 time_t now;
171
172 now = time (NULL);
173
174 LIST_LOOP (keychain->key, key, nn)
175 {
176 if (key->accept.start == 0 ||
177 (key->accept.start <= now &&
178 (key->accept.end >= now || key->accept.end == -1)))
179 if (strncmp (key->string, auth_str, 16) == 0)
180 return key;
181 }
182 return NULL;
183}
184
185struct key *
hasso8c328f12004-10-05 21:01:23 +0000186key_lookup_for_send (const struct keychain *keychain)
paul718e3742002-12-13 20:15:29 +0000187{
188 struct listnode *nn;
189 struct key *key;
190 time_t now;
191
192 now = time (NULL);
193
194 LIST_LOOP (keychain->key, key, nn)
195 {
196 if (key->send.start == 0)
197 return key;
198
199 if (key->send.start <= now)
200 if (key->send.end >= now || key->send.end == -1)
201 return key;
202 }
203 return NULL;
204}
205
206struct key *
hasso8c328f12004-10-05 21:01:23 +0000207key_get (const struct keychain *keychain, u_int32_t index)
paul718e3742002-12-13 20:15:29 +0000208{
209 struct key *key;
210
211 key = key_lookup (keychain, index);
212
213 if (key)
214 return key;
215
216 key = key_new ();
217 key->index = index;
218 listnode_add_sort (keychain->key, key);
219
220 return key;
221}
222
223void
224key_delete (struct keychain *keychain, struct key *key)
225{
226 listnode_delete (keychain->key, key);
227
228 if (key->string)
229 free (key->string);
230 key_free (key);
231}
232
233DEFUN (key_chain,
234 key_chain_cmd,
235 "key chain WORD",
236 "Authentication key management\n"
237 "Key-chain management\n"
238 "Key-chain name\n")
239{
240 struct keychain *keychain;
241
242 keychain = keychain_get (argv[0]);
243 vty->index = keychain;
244 vty->node = KEYCHAIN_NODE;
245
246 return CMD_SUCCESS;
247}
248
249DEFUN (no_key_chain,
250 no_key_chain_cmd,
251 "no key chain WORD",
252 NO_STR
253 "Authentication key management\n"
254 "Key-chain management\n"
255 "Key-chain name\n")
256{
257 struct keychain *keychain;
258
259 keychain = keychain_lookup (argv[0]);
260
261 if (! keychain)
262 {
263 vty_out (vty, "Can't find keychain %s%s", argv[0], VTY_NEWLINE);
264 return CMD_WARNING;
265 }
266
267 keychain_delete (keychain);
268
269 return CMD_SUCCESS;
270}
271
272DEFUN (key,
273 key_cmd,
274 "key <0-2147483647>",
275 "Configure a key\n"
276 "Key identifier number\n")
277{
278 struct keychain *keychain;
279 struct key *key;
280 u_int32_t index;
paul718e3742002-12-13 20:15:29 +0000281
282 keychain = vty->index;
283
paul66cbbce2004-10-31 16:15:33 +0000284 VTY_GET_INTEGER ("key identifier", index, argv[0]);
paul718e3742002-12-13 20:15:29 +0000285 key = key_get (keychain, index);
286 vty->index_sub = key;
287 vty->node = KEYCHAIN_KEY_NODE;
288
289 return CMD_SUCCESS;
290}
291
292DEFUN (no_key,
293 no_key_cmd,
294 "no key <0-2147483647>",
295 NO_STR
296 "Delete a key\n"
297 "Key identifier number\n")
298{
299 struct keychain *keychain;
300 struct key *key;
301 u_int32_t index;
paul718e3742002-12-13 20:15:29 +0000302
303 keychain = vty->index;
304
paul66cbbce2004-10-31 16:15:33 +0000305 VTY_GET_INTEGER ("key identifier", index, argv[0]);
paul718e3742002-12-13 20:15:29 +0000306 key = key_lookup (keychain, index);
307 if (! key)
308 {
309 vty_out (vty, "Can't find key %d%s", index, VTY_NEWLINE);
310 return CMD_WARNING;
311 }
312
313 key_delete (keychain, key);
314
315 vty->node = KEYCHAIN_NODE;
316
317 return CMD_SUCCESS;
318}
319
320DEFUN (key_string,
321 key_string_cmd,
322 "key-string LINE",
323 "Set key string\n"
324 "The key\n")
325{
326 struct key *key;
327
328 key = vty->index_sub;
329
330 if (key->string)
331 free (key->string);
332 key->string = strdup (argv[0]);
333
334 return CMD_SUCCESS;
335}
336
337DEFUN (no_key_string,
338 no_key_string_cmd,
339 "no key-string [LINE]",
340 NO_STR
341 "Unset key string\n"
342 "The key\n")
343{
344 struct key *key;
345
346 key = vty->index_sub;
347
348 if (key->string)
349 {
350 free (key->string);
351 key->string = NULL;
352 }
353
354 return CMD_SUCCESS;
355}
356
357/* Convert HH:MM:SS MON DAY YEAR to time_t value. -1 is returned when
358 given string is malformed. */
359time_t
hasso8c328f12004-10-05 21:01:23 +0000360key_str2time (const char *time_str, const char *day_str, const char *month_str,
361 const char *year_str)
paul718e3742002-12-13 20:15:29 +0000362{
363 int i = 0;
364 char *colon;
365 struct tm tm;
366 time_t time;
hasso8c328f12004-10-05 21:01:23 +0000367 unsigned int sec, min, hour;
368 unsigned int day, month, year;
paul718e3742002-12-13 20:15:29 +0000369 char *endptr = NULL;
370
hasso8c328f12004-10-05 21:01:23 +0000371 const char *month_name[] =
paul718e3742002-12-13 20:15:29 +0000372 {
373 "January",
374 "February",
375 "March",
376 "April",
377 "May",
378 "June",
379 "July",
380 "August",
381 "September",
382 "October",
383 "November",
384 "December",
385 NULL
386 };
387
388 /* Check hour field of time_str. */
389 colon = strchr (time_str, ':');
390 if (colon == NULL)
391 return -1;
392 *colon = '\0';
393
394 /* Hour must be between 0 and 23. */
395 hour = strtoul (time_str, &endptr, 10);
396 if (hour == ULONG_MAX || *endptr != '\0' || hour < 0 || hour > 23)
397 return -1;
398
399 /* Check min field of time_str. */
400 time_str = colon + 1;
401 colon = strchr (time_str, ':');
402 if (*time_str == '\0' || colon == NULL)
403 return -1;
404 *colon = '\0';
405
406 /* Min must be between 0 and 59. */
407 min = strtoul (time_str, &endptr, 10);
408 if (min == ULONG_MAX || *endptr != '\0' || min < 0 || min > 59)
409 return -1;
410
411 /* Check sec field of time_str. */
412 time_str = colon + 1;
413 if (*time_str == '\0')
414 return -1;
415
416 /* Sec must be between 0 and 59. */
417 sec = strtoul (time_str, &endptr, 10);
418 if (sec == ULONG_MAX || *endptr != '\0' || sec < 0 || sec > 59)
419 return -1;
420
421 /* Check day_str. Day must be <1-31>. */
422 day = strtoul (day_str, &endptr, 10);
423 if (day == ULONG_MAX || *endptr != '\0' || day < 0 || day > 31)
424 return -1;
425
426 /* Check month_str. Month must match month_name. */
427 month = 0;
428 if (strlen (month_str) >= 3)
429 for (i = 0; month_name[i]; i++)
430 if (strncmp (month_str, month_name[i], strlen (month_str)) == 0)
431 {
432 month = i;
433 break;
434 }
435 if (! month_name[i])
436 return -1;
437
438 /* Check year_str. Year must be <1993-2035>. */
439 year = strtoul (year_str, &endptr, 10);
440 if (year == ULONG_MAX || *endptr != '\0' || year < 1993 || year > 2035)
441 return -1;
442
443 memset (&tm, 0, sizeof (struct tm));
444 tm.tm_sec = sec;
445 tm.tm_min = min;
446 tm.tm_hour = hour;
447 tm.tm_mon = month;
448 tm.tm_mday = day;
449 tm.tm_year = year - 1900;
450
451 time = mktime (&tm);
paul66cbbce2004-10-31 16:15:33 +0000452
paul718e3742002-12-13 20:15:29 +0000453 return time;
454}
455
456int
hasso8c328f12004-10-05 21:01:23 +0000457key_lifetime_set (struct vty *vty, struct key_range *krange,
458 const char *stime_str, const char *sday_str,
459 const char *smonth_str, const char *syear_str,
460 const char *etime_str, const char *eday_str,
461 const char *emonth_str, const char *eyear_str)
paul718e3742002-12-13 20:15:29 +0000462{
463 time_t time_start;
464 time_t time_end;
paul66cbbce2004-10-31 16:15:33 +0000465
paul718e3742002-12-13 20:15:29 +0000466 time_start = key_str2time (stime_str, sday_str, smonth_str, syear_str);
467 if (time_start < 0)
468 {
469 vty_out (vty, "Malformed time value%s", VTY_NEWLINE);
470 return CMD_WARNING;
471 }
472 time_end = key_str2time (etime_str, eday_str, emonth_str, eyear_str);
473
474 if (time_end < 0)
475 {
476 vty_out (vty, "Malformed time value%s", VTY_NEWLINE);
477 return CMD_WARNING;
478 }
479
480 if (time_end <= time_start)
481 {
482 vty_out (vty, "Expire time is not later than start time%s", VTY_NEWLINE);
483 return CMD_WARNING;
484 }
485
486 krange->start = time_start;
487 krange->end = time_end;
488
489 return CMD_SUCCESS;
490}
491
492int
493key_lifetime_duration_set (struct vty *vty, struct key_range *krange,
hasso8c328f12004-10-05 21:01:23 +0000494 const char *stime_str, const char *sday_str,
495 const char *smonth_str, const char *syear_str,
496 const char *duration_str)
paul718e3742002-12-13 20:15:29 +0000497{
498 time_t time_start;
499 u_int32_t duration;
paul718e3742002-12-13 20:15:29 +0000500
501 time_start = key_str2time (stime_str, sday_str, smonth_str, syear_str);
502 if (time_start < 0)
503 {
504 vty_out (vty, "Malformed time value%s", VTY_NEWLINE);
505 return CMD_WARNING;
506 }
507 krange->start = time_start;
508
paul66cbbce2004-10-31 16:15:33 +0000509 VTY_GET_INTEGER ("duration", duration, duration_str);
paul718e3742002-12-13 20:15:29 +0000510 krange->duration = 1;
511 krange->end = time_start + duration;
512
513 return CMD_SUCCESS;
514}
515
516int
517key_lifetime_infinite_set (struct vty *vty, struct key_range *krange,
hasso8c328f12004-10-05 21:01:23 +0000518 const char *stime_str, const char *sday_str,
519 const char *smonth_str, const char *syear_str)
paul718e3742002-12-13 20:15:29 +0000520{
521 time_t time_start;
522
523 time_start = key_str2time (stime_str, sday_str, smonth_str, syear_str);
524 if (time_start < 0)
525 {
526 vty_out (vty, "Malformed time value%s", VTY_NEWLINE);
527 return CMD_WARNING;
528 }
529 krange->start = time_start;
530
531 krange->end = -1;
532
533 return CMD_SUCCESS;
534}
535
536DEFUN (accept_lifetime_day_month_day_month,
537 accept_lifetime_day_month_day_month_cmd,
538 "accept-lifetime HH:MM:SS <1-31> MONTH <1993-2035> HH:MM:SS <1-31> MONTH <1993-2035>",
539 "Set accept lifetime of the key\n"
540 "Time to start\n"
541 "Day of th month to start\n"
542 "Month of the year to start\n"
543 "Year to start\n"
544 "Time to expire\n"
545 "Day of th month to expire\n"
546 "Month of the year to expire\n"
547 "Year to expire\n")
548{
549 struct key *key;
550
551 key = vty->index_sub;
552
553 return key_lifetime_set (vty, &key->accept, argv[0], argv[1], argv[2],
554 argv[3], argv[4], argv[5], argv[6], argv[7]);
555}
556
557DEFUN (accept_lifetime_day_month_month_day,
558 accept_lifetime_day_month_month_day_cmd,
559 "accept-lifetime HH:MM:SS <1-31> MONTH <1993-2035> HH:MM:SS MONTH <1-31> <1993-2035>",
560 "Set accept lifetime of the key\n"
561 "Time to start\n"
562 "Day of th month to start\n"
563 "Month of the year to start\n"
564 "Year to start\n"
565 "Time to expire\n"
566 "Month of the year to expire\n"
567 "Day of th month to expire\n"
568 "Year to expire\n")
569{
570 struct key *key;
571
572 key = vty->index_sub;
573
574 return key_lifetime_set (vty, &key->accept, argv[0], argv[1], argv[2],
575 argv[3], argv[4], argv[6], argv[5], argv[7]);
576}
577
578DEFUN (accept_lifetime_month_day_day_month,
579 accept_lifetime_month_day_day_month_cmd,
580 "accept-lifetime HH:MM:SS MONTH <1-31> <1993-2035> HH:MM:SS <1-31> MONTH <1993-2035>",
581 "Set accept lifetime of the key\n"
582 "Time to start\n"
583 "Month of the year to start\n"
584 "Day of th month to start\n"
585 "Year to start\n"
586 "Time to expire\n"
587 "Day of th month to expire\n"
588 "Month of the year to expire\n"
589 "Year to expire\n")
590{
591 struct key *key;
592
593 key = vty->index_sub;
594
595 return key_lifetime_set (vty, &key->accept, argv[0], argv[2], argv[1],
596 argv[3], argv[4], argv[5], argv[6], argv[7]);
597}
598
599DEFUN (accept_lifetime_month_day_month_day,
600 accept_lifetime_month_day_month_day_cmd,
601 "accept-lifetime HH:MM:SS MONTH <1-31> <1993-2035> HH:MM:SS MONTH <1-31> <1993-2035>",
602 "Set accept lifetime of the key\n"
603 "Time to start\n"
604 "Month of the year to start\n"
605 "Day of th month to start\n"
606 "Year to start\n"
607 "Time to expire\n"
608 "Month of the year to expire\n"
609 "Day of th month to expire\n"
610 "Year to expire\n")
611{
612 struct key *key;
613
614 key = vty->index_sub;
615
616 return key_lifetime_set (vty, &key->accept, argv[0], argv[2], argv[1],
617 argv[3], argv[4], argv[6], argv[5], argv[7]);
618}
619
620DEFUN (accept_lifetime_infinite_day_month,
621 accept_lifetime_infinite_day_month_cmd,
622 "accept-lifetime HH:MM:SS <1-31> MONTH <1993-2035> infinite",
623 "Set accept lifetime of the key\n"
624 "Time to start\n"
625 "Day of th month to start\n"
626 "Month of the year to start\n"
627 "Year to start\n"
628 "Never expires")
629{
630 struct key *key;
631
632 key = vty->index_sub;
633
634 return key_lifetime_infinite_set (vty, &key->accept, argv[0], argv[1],
635 argv[2], argv[3]);
636}
637
638DEFUN (accept_lifetime_infinite_month_day,
639 accept_lifetime_infinite_month_day_cmd,
640 "accept-lifetime HH:MM:SS MONTH <1-31> <1993-2035> infinite",
641 "Set accept lifetime of the key\n"
642 "Time to start\n"
643 "Month of the year to start\n"
644 "Day of th month to start\n"
645 "Year to start\n"
646 "Never expires")
647{
648 struct key *key;
649
650 key = vty->index_sub;
651
652 return key_lifetime_infinite_set (vty, &key->accept, argv[0], argv[2],
653 argv[1], argv[3]);
654}
655
656DEFUN (accept_lifetime_duration_day_month,
657 accept_lifetime_duration_day_month_cmd,
658 "accept-lifetime HH:MM:SS <1-31> MONTH <1993-2035> duration <1-2147483646>",
659 "Set accept lifetime of the key\n"
660 "Time to start\n"
661 "Day of th month to start\n"
662 "Month of the year to start\n"
663 "Year to start\n"
664 "Duration of the key\n"
665 "Duration seconds\n")
666{
667 struct key *key;
668
669 key = vty->index_sub;
670
671 return key_lifetime_duration_set (vty, &key->accept, argv[0], argv[1],
672 argv[2], argv[3], argv[4]);
673}
674
675DEFUN (accept_lifetime_duration_month_day,
676 accept_lifetime_duration_month_day_cmd,
677 "accept-lifetime HH:MM:SS MONTH <1-31> <1993-2035> duration <1-2147483646>",
678 "Set accept lifetime of the key\n"
679 "Time to start\n"
680 "Month of the year to start\n"
681 "Day of th month to start\n"
682 "Year to start\n"
683 "Duration of the key\n"
684 "Duration seconds\n")
685{
686 struct key *key;
687
688 key = vty->index_sub;
689
690 return key_lifetime_duration_set (vty, &key->accept, argv[0], argv[2],
691 argv[1], argv[3], argv[4]);
692}
693
694DEFUN (send_lifetime_day_month_day_month,
695 send_lifetime_day_month_day_month_cmd,
696 "send-lifetime HH:MM:SS <1-31> MONTH <1993-2035> HH:MM:SS <1-31> MONTH <1993-2035>",
697 "Set send lifetime of the key\n"
698 "Time to start\n"
699 "Day of th month to start\n"
700 "Month of the year to start\n"
701 "Year to start\n"
702 "Time to expire\n"
703 "Day of th month to expire\n"
704 "Month of the year to expire\n"
705 "Year to expire\n")
706{
707 struct key *key;
708
709 key = vty->index_sub;
710
711 return key_lifetime_set (vty, &key->send, argv[0], argv[1], argv[2], argv[3],
712 argv[4], argv[5], argv[6], argv[7]);
713}
714
715DEFUN (send_lifetime_day_month_month_day,
716 send_lifetime_day_month_month_day_cmd,
717 "send-lifetime HH:MM:SS <1-31> MONTH <1993-2035> HH:MM:SS MONTH <1-31> <1993-2035>",
718 "Set send lifetime of the key\n"
719 "Time to start\n"
720 "Day of th month to start\n"
721 "Month of the year to start\n"
722 "Year to start\n"
723 "Time to expire\n"
724 "Month of the year to expire\n"
725 "Day of th month to expire\n"
726 "Year to expire\n")
727{
728 struct key *key;
729
730 key = vty->index_sub;
731
732 return key_lifetime_set (vty, &key->send, argv[0], argv[1], argv[2], argv[3],
733 argv[4], argv[6], argv[5], argv[7]);
734}
735
736DEFUN (send_lifetime_month_day_day_month,
737 send_lifetime_month_day_day_month_cmd,
738 "send-lifetime HH:MM:SS MONTH <1-31> <1993-2035> HH:MM:SS <1-31> MONTH <1993-2035>",
739 "Set send lifetime of the key\n"
740 "Time to start\n"
741 "Month of the year to start\n"
742 "Day of th month to start\n"
743 "Year to start\n"
744 "Time to expire\n"
745 "Day of th month to expire\n"
746 "Month of the year to expire\n"
747 "Year to expire\n")
748{
749 struct key *key;
750
751 key = vty->index_sub;
752
753 return key_lifetime_set (vty, &key->send, argv[0], argv[2], argv[1], argv[3],
754 argv[4], argv[5], argv[6], argv[7]);
755}
756
757DEFUN (send_lifetime_month_day_month_day,
758 send_lifetime_month_day_month_day_cmd,
759 "send-lifetime HH:MM:SS MONTH <1-31> <1993-2035> HH:MM:SS MONTH <1-31> <1993-2035>",
760 "Set send lifetime of the key\n"
761 "Time to start\n"
762 "Month of the year to start\n"
763 "Day of th month to start\n"
764 "Year to start\n"
765 "Time to expire\n"
766 "Month of the year to expire\n"
767 "Day of th month to expire\n"
768 "Year to expire\n")
769{
770 struct key *key;
771
772 key = vty->index_sub;
773
774 return key_lifetime_set (vty, &key->send, argv[0], argv[2], argv[1], argv[3],
775 argv[4], argv[6], argv[5], argv[7]);
776}
777
778DEFUN (send_lifetime_infinite_day_month,
779 send_lifetime_infinite_day_month_cmd,
780 "send-lifetime HH:MM:SS <1-31> MONTH <1993-2035> infinite",
781 "Set send lifetime of the key\n"
782 "Time to start\n"
783 "Day of th month to start\n"
784 "Month of the year to start\n"
785 "Year to start\n"
786 "Never expires")
787{
788 struct key *key;
789
790 key = vty->index_sub;
791
792 return key_lifetime_infinite_set (vty, &key->send, argv[0], argv[1], argv[2],
793 argv[3]);
794}
795
796DEFUN (send_lifetime_infinite_month_day,
797 send_lifetime_infinite_month_day_cmd,
798 "send-lifetime HH:MM:SS MONTH <1-31> <1993-2035> infinite",
799 "Set send lifetime of the key\n"
800 "Time to start\n"
801 "Month of the year to start\n"
802 "Day of th month to start\n"
803 "Year to start\n"
804 "Never expires")
805{
806 struct key *key;
807
808 key = vty->index_sub;
809
810 return key_lifetime_infinite_set (vty, &key->send, argv[0], argv[2], argv[1],
811 argv[3]);
812}
813
814DEFUN (send_lifetime_duration_day_month,
815 send_lifetime_duration_day_month_cmd,
816 "send-lifetime HH:MM:SS <1-31> MONTH <1993-2035> duration <1-2147483646>",
817 "Set send lifetime of the key\n"
818 "Time to start\n"
819 "Day of th month to start\n"
820 "Month of the year to start\n"
821 "Year to start\n"
822 "Duration of the key\n"
823 "Duration seconds\n")
824{
825 struct key *key;
826
827 key = vty->index_sub;
828
829 return key_lifetime_duration_set (vty, &key->send, argv[0], argv[1], argv[2],
830 argv[3], argv[4]);
831}
832
833DEFUN (send_lifetime_duration_month_day,
834 send_lifetime_duration_month_day_cmd,
835 "send-lifetime HH:MM:SS MONTH <1-31> <1993-2035> duration <1-2147483646>",
836 "Set send lifetime of the key\n"
837 "Time to start\n"
838 "Month of the year to start\n"
839 "Day of th month to start\n"
840 "Year to start\n"
841 "Duration of the key\n"
842 "Duration seconds\n")
843{
844 struct key *key;
845
846 key = vty->index_sub;
847
848 return key_lifetime_duration_set (vty, &key->send, argv[0], argv[2], argv[1],
849 argv[3], argv[4]);
850}
851
852struct cmd_node keychain_node =
853{
854 KEYCHAIN_NODE,
855 "%s(config-keychain)# ",
856 1
857};
858
859struct cmd_node keychain_key_node =
860{
861 KEYCHAIN_KEY_NODE,
862 "%s(config-keychain-key)# ",
863 1
864};
865
866int
867keychain_strftime (char *buf, int bufsiz, time_t *time)
868{
869 struct tm *tm;
870 size_t len;
871
872 tm = localtime (time);
873
874 len = strftime (buf, bufsiz, "%T %b %d %Y", tm);
875
876 return len;
877}
878
879int
880keychain_config_write (struct vty *vty)
881{
882 struct keychain *keychain;
883 struct key *key;
884 struct listnode *nn;
885 struct listnode *nm;
886 char buf[BUFSIZ];
887
888 LIST_LOOP (keychain_list, keychain, nn)
889 {
890 vty_out (vty, "key chain %s%s", keychain->name, VTY_NEWLINE);
891
892 LIST_LOOP (keychain->key, key, nm)
893 {
894 vty_out (vty, " key %d%s", key->index, VTY_NEWLINE);
895
896 if (key->string)
897 vty_out (vty, " key-string %s%s", key->string, VTY_NEWLINE);
898
899 if (key->accept.start)
900 {
901 keychain_strftime (buf, BUFSIZ, &key->accept.start);
902 vty_out (vty, " accept-lifetime %s", buf);
903
904 if (key->accept.end == -1)
905 vty_out (vty, " infinite");
906 else if (key->accept.duration)
907 vty_out (vty, " duration %ld",
hassofa2b17e2004-03-04 17:45:00 +0000908 (long)(key->accept.end - key->accept.start));
paul718e3742002-12-13 20:15:29 +0000909 else
910 {
911 keychain_strftime (buf, BUFSIZ, &key->accept.end);
912 vty_out (vty, " %s", buf);
913 }
914 vty_out (vty, "%s", VTY_NEWLINE);
915 }
916
917 if (key->send.start)
918 {
919 keychain_strftime (buf, BUFSIZ, &key->send.start);
920 vty_out (vty, " send-lifetime %s", buf);
921
922 if (key->send.end == -1)
923 vty_out (vty, " infinite");
924 else if (key->send.duration)
hassofa2b17e2004-03-04 17:45:00 +0000925 vty_out (vty, " duration %ld", (long)(key->send.end - key->send.start));
paul718e3742002-12-13 20:15:29 +0000926 else
927 {
928 keychain_strftime (buf, BUFSIZ, &key->send.end);
929 vty_out (vty, " %s", buf);
930 }
931 vty_out (vty, "%s", VTY_NEWLINE);
932 }
933 }
934 vty_out (vty, "!%s", VTY_NEWLINE);
935 }
936
937 return 0;
938}
939
940void
941keychain_init ()
942{
943 keychain_list = list_new ();
944
945 install_node (&keychain_node, keychain_config_write);
946 install_node (&keychain_key_node, NULL);
947
948 install_default (KEYCHAIN_NODE);
949 install_default (KEYCHAIN_KEY_NODE);
950
951 install_element (CONFIG_NODE, &key_chain_cmd);
952 install_element (CONFIG_NODE, &no_key_chain_cmd);
953 install_element (KEYCHAIN_NODE, &key_cmd);
954 install_element (KEYCHAIN_NODE, &no_key_cmd);
955
956 install_element (KEYCHAIN_NODE, &key_chain_cmd);
957 install_element (KEYCHAIN_NODE, &no_key_chain_cmd);
958
959 install_element (KEYCHAIN_KEY_NODE, &key_string_cmd);
960 install_element (KEYCHAIN_KEY_NODE, &no_key_string_cmd);
961
962 install_element (KEYCHAIN_KEY_NODE, &key_chain_cmd);
963 install_element (KEYCHAIN_KEY_NODE, &no_key_chain_cmd);
964
965 install_element (KEYCHAIN_KEY_NODE, &key_cmd);
966 install_element (KEYCHAIN_KEY_NODE, &no_key_cmd);
967
968 install_element (KEYCHAIN_KEY_NODE, &accept_lifetime_day_month_day_month_cmd);
969 install_element (KEYCHAIN_KEY_NODE, &accept_lifetime_day_month_month_day_cmd);
970 install_element (KEYCHAIN_KEY_NODE, &accept_lifetime_month_day_day_month_cmd);
971 install_element (KEYCHAIN_KEY_NODE, &accept_lifetime_month_day_month_day_cmd);
972 install_element (KEYCHAIN_KEY_NODE, &accept_lifetime_infinite_day_month_cmd);
973 install_element (KEYCHAIN_KEY_NODE, &accept_lifetime_infinite_month_day_cmd);
974 install_element (KEYCHAIN_KEY_NODE, &accept_lifetime_duration_day_month_cmd);
975 install_element (KEYCHAIN_KEY_NODE, &accept_lifetime_duration_month_day_cmd);
976
977 install_element (KEYCHAIN_KEY_NODE, &send_lifetime_day_month_day_month_cmd);
978 install_element (KEYCHAIN_KEY_NODE, &send_lifetime_day_month_month_day_cmd);
979 install_element (KEYCHAIN_KEY_NODE, &send_lifetime_month_day_day_month_cmd);
980 install_element (KEYCHAIN_KEY_NODE, &send_lifetime_month_day_month_day_cmd);
981 install_element (KEYCHAIN_KEY_NODE, &send_lifetime_infinite_day_month_cmd);
982 install_element (KEYCHAIN_KEY_NODE, &send_lifetime_infinite_month_day_cmd);
983 install_element (KEYCHAIN_KEY_NODE, &send_lifetime_duration_day_month_cmd);
984 install_element (KEYCHAIN_KEY_NODE, &send_lifetime_duration_month_day_cmd);
985}