2023-02-08 13:17:09 +01:00
|
|
|
// SPDX-License-Identifier: GPL-2.0-or-later
|
2002-12-13 21:15:29 +01:00
|
|
|
/* key-chain for authentication.
|
2017-05-13 10:25:29 +02:00
|
|
|
* Copyright (C) 2000 Kunihiro Ishiguro
|
|
|
|
|
*/
|
2002-12-13 21:15:29 +01:00
|
|
|
|
2021-05-11 12:00:38 +02:00
|
|
|
#include "config.h"
|
2002-12-13 21:15:29 +01:00
|
|
|
#include <zebra.h>
|
|
|
|
|
|
|
|
|
|
#include "command.h"
|
|
|
|
|
#include "memory.h"
|
|
|
|
|
#include "linklist.h"
|
|
|
|
|
#include "keychain.h"
|
|
|
|
|
|
2015-05-29 05:48:31 +02:00
|
|
|
DEFINE_MTYPE_STATIC(LIB, KEY, "Key");
|
|
|
|
|
DEFINE_MTYPE_STATIC(LIB, KEYCHAIN, "Key chain");
|
|
|
|
|
|
2016-09-27 14:51:08 +02:00
|
|
|
DEFINE_QOBJ_TYPE(keychain);
|
|
|
|
|
DEFINE_QOBJ_TYPE(key);
|
|
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
/* Master list of key chain. */
|
2019-04-03 22:34:18 +02:00
|
|
|
static struct list *keychain_list;
|
2002-12-13 21:15:29 +01:00
|
|
|
|
2005-05-06 Paul Jakma <paul@dishone.st>
* (general) extern and static'ification of functions in code and
header.
Cleanup any definitions with unspecified arguments.
Add casts for callback assignments where the callback is defined,
typically, as passing void *, but the function being assigned has
some other pointer type defined as its argument, as gcc complains
about casts from void * to X* via function arguments.
Fix some old K&R style function argument definitions.
Add noreturn gcc attribute to some functions, as appropriate.
Add unused gcc attribute to some functions (eg ones meant to help
while debugging)
Add guard defines to headers which were missing them.
* command.c: (install_node) add const qualifier, still doesnt shut
up the warning though, because of the double pointer.
(cmp_node) ditto
* keychain.c: (key_str2time) Add GET_LONG_RANGE() macro, derived
fromn vty.h ones to fix some of the (long) < 0 warnings.
* thread.c: (various) use thread_empty
(cpu_record_hash_key) should cast to uintptr_t, a stdint.h type
* vty.h: Add VTY_GET_IPV4_ADDRESS and VTY_GET_IPV4_PREFIX so they
removed from ospfd/ospf_vty.h
* zebra.h: Move definition of ZEBRA_PORT to here, to remove
dependence of lib on zebra/zserv.h
2005-05-06 23:25:49 +02:00
|
|
|
static struct keychain *keychain_new(void)
|
2002-12-13 21:15:29 +01:00
|
|
|
{
|
2016-09-27 14:51:08 +02:00
|
|
|
struct keychain *keychain;
|
|
|
|
|
keychain = XCALLOC(MTYPE_KEYCHAIN, sizeof(struct keychain));
|
|
|
|
|
QOBJ_REG(keychain, keychain);
|
|
|
|
|
return keychain;
|
2002-12-13 21:15:29 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static void keychain_free(struct keychain *keychain)
|
|
|
|
|
{
|
2016-09-27 14:51:08 +02:00
|
|
|
QOBJ_UNREG(keychain);
|
2002-12-13 21:15:29 +01:00
|
|
|
XFREE(MTYPE_KEYCHAIN, keychain);
|
|
|
|
|
}
|
|
|
|
|
|
2005-05-06 Paul Jakma <paul@dishone.st>
* (general) extern and static'ification of functions in code and
header.
Cleanup any definitions with unspecified arguments.
Add casts for callback assignments where the callback is defined,
typically, as passing void *, but the function being assigned has
some other pointer type defined as its argument, as gcc complains
about casts from void * to X* via function arguments.
Fix some old K&R style function argument definitions.
Add noreturn gcc attribute to some functions, as appropriate.
Add unused gcc attribute to some functions (eg ones meant to help
while debugging)
Add guard defines to headers which were missing them.
* command.c: (install_node) add const qualifier, still doesnt shut
up the warning though, because of the double pointer.
(cmp_node) ditto
* keychain.c: (key_str2time) Add GET_LONG_RANGE() macro, derived
fromn vty.h ones to fix some of the (long) < 0 warnings.
* thread.c: (various) use thread_empty
(cpu_record_hash_key) should cast to uintptr_t, a stdint.h type
* vty.h: Add VTY_GET_IPV4_ADDRESS and VTY_GET_IPV4_PREFIX so they
removed from ospfd/ospf_vty.h
* zebra.h: Move definition of ZEBRA_PORT to here, to remove
dependence of lib on zebra/zserv.h
2005-05-06 23:25:49 +02:00
|
|
|
static struct key *key_new(void)
|
2002-12-13 21:15:29 +01:00
|
|
|
{
|
2016-09-27 14:51:08 +02:00
|
|
|
struct key *key = XCALLOC(MTYPE_KEY, sizeof(struct key));
|
|
|
|
|
QOBJ_REG(key, key);
|
|
|
|
|
return key;
|
2002-12-13 21:15:29 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static void key_free(struct key *key)
|
|
|
|
|
{
|
2016-09-27 14:51:08 +02:00
|
|
|
QOBJ_UNREG(key);
|
2002-12-13 21:15:29 +01:00
|
|
|
XFREE(MTYPE_KEY, key);
|
|
|
|
|
}
|
|
|
|
|
|
2004-10-05 23:01:23 +02:00
|
|
|
struct keychain *keychain_lookup(const char *name)
|
2002-12-13 21:15:29 +01:00
|
|
|
{
|
2005-04-07 Paul Jakma <paul.jakma@sun.com>
* (global): Fix up list loops to match changes in lib/linklist,
and some basic auditing of usage.
* configure.ac: define QUAGGA_NO_DEPRECATED_INTERFACES
* HACKING: Add notes about deprecating interfaces and commands.
* lib/linklist.h: Add usage comments.
Rename getdata macro to listgetdata.
Rename nextnode to listnextnode and fix its odd behaviour to be
less dangerous.
Make listgetdata macro assert node is not null, NULL list entries
should be bug condition.
ALL_LIST_ELEMENTS, new macro, forward-referencing macro for use
with for loop, Suggested by Jim Carlson of Sun.
Add ALL_LIST_ELEMENTS_RO for cases which obviously do not need the
"safety" of previous macro.
LISTNODE_ADD and DELETE macros renamed to ATTACH, DETACH, to
distinguish from the similarly named functions, and reflect their
effect better.
Add a QUAGGA_NO_DEPRECATED_INTERFACES define guarded section
with the old defines which were modified above,
for backwards compatibility - guarded to prevent Quagga using it..
* lib/linklist.c: fix up for linklist.h changes.
* ospf6d/ospf6_abr.c: (ospf6_abr_examin_brouter) change to a single
scan of the area list, rather than scanning all areas first for
INTER_ROUTER and then again for INTER_NETWORK. According to
16.2, the scan should be area specific anyway, and further
ospf6d does not seem to implement 16.3 anyway.
2005-04-07 09:30:20 +02:00
|
|
|
struct listnode *node;
|
2002-12-13 21:15:29 +01:00
|
|
|
struct keychain *keychain;
|
|
|
|
|
|
|
|
|
|
if (name == NULL)
|
|
|
|
|
return NULL;
|
|
|
|
|
|
2005-04-07 Paul Jakma <paul.jakma@sun.com>
* (global): Fix up list loops to match changes in lib/linklist,
and some basic auditing of usage.
* configure.ac: define QUAGGA_NO_DEPRECATED_INTERFACES
* HACKING: Add notes about deprecating interfaces and commands.
* lib/linklist.h: Add usage comments.
Rename getdata macro to listgetdata.
Rename nextnode to listnextnode and fix its odd behaviour to be
less dangerous.
Make listgetdata macro assert node is not null, NULL list entries
should be bug condition.
ALL_LIST_ELEMENTS, new macro, forward-referencing macro for use
with for loop, Suggested by Jim Carlson of Sun.
Add ALL_LIST_ELEMENTS_RO for cases which obviously do not need the
"safety" of previous macro.
LISTNODE_ADD and DELETE macros renamed to ATTACH, DETACH, to
distinguish from the similarly named functions, and reflect their
effect better.
Add a QUAGGA_NO_DEPRECATED_INTERFACES define guarded section
with the old defines which were modified above,
for backwards compatibility - guarded to prevent Quagga using it..
* lib/linklist.c: fix up for linklist.h changes.
* ospf6d/ospf6_abr.c: (ospf6_abr_examin_brouter) change to a single
scan of the area list, rather than scanning all areas first for
INTER_ROUTER and then again for INTER_NETWORK. According to
16.2, the scan should be area specific anyway, and further
ospf6d does not seem to implement 16.3 anyway.
2005-04-07 09:30:20 +02:00
|
|
|
for (ALL_LIST_ELEMENTS_RO(keychain_list, node, keychain)) {
|
2002-12-13 21:15:29 +01:00
|
|
|
if (strcmp(keychain->name, name) == 0)
|
|
|
|
|
return keychain;
|
|
|
|
|
}
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
2005-05-06 Paul Jakma <paul@dishone.st>
* (general) extern and static'ification of functions in code and
header.
Cleanup any definitions with unspecified arguments.
Add casts for callback assignments where the callback is defined,
typically, as passing void *, but the function being assigned has
some other pointer type defined as its argument, as gcc complains
about casts from void * to X* via function arguments.
Fix some old K&R style function argument definitions.
Add noreturn gcc attribute to some functions, as appropriate.
Add unused gcc attribute to some functions (eg ones meant to help
while debugging)
Add guard defines to headers which were missing them.
* command.c: (install_node) add const qualifier, still doesnt shut
up the warning though, because of the double pointer.
(cmp_node) ditto
* keychain.c: (key_str2time) Add GET_LONG_RANGE() macro, derived
fromn vty.h ones to fix some of the (long) < 0 warnings.
* thread.c: (various) use thread_empty
(cpu_record_hash_key) should cast to uintptr_t, a stdint.h type
* vty.h: Add VTY_GET_IPV4_ADDRESS and VTY_GET_IPV4_PREFIX so they
removed from ospfd/ospf_vty.h
* zebra.h: Move definition of ZEBRA_PORT to here, to remove
dependence of lib on zebra/zserv.h
2005-05-06 23:25:49 +02:00
|
|
|
static int key_cmp_func(void *arg1, void *arg2)
|
2002-12-13 21:15:29 +01:00
|
|
|
{
|
2005-05-06 Paul Jakma <paul@dishone.st>
* (general) extern and static'ification of functions in code and
header.
Cleanup any definitions with unspecified arguments.
Add casts for callback assignments where the callback is defined,
typically, as passing void *, but the function being assigned has
some other pointer type defined as its argument, as gcc complains
about casts from void * to X* via function arguments.
Fix some old K&R style function argument definitions.
Add noreturn gcc attribute to some functions, as appropriate.
Add unused gcc attribute to some functions (eg ones meant to help
while debugging)
Add guard defines to headers which were missing them.
* command.c: (install_node) add const qualifier, still doesnt shut
up the warning though, because of the double pointer.
(cmp_node) ditto
* keychain.c: (key_str2time) Add GET_LONG_RANGE() macro, derived
fromn vty.h ones to fix some of the (long) < 0 warnings.
* thread.c: (various) use thread_empty
(cpu_record_hash_key) should cast to uintptr_t, a stdint.h type
* vty.h: Add VTY_GET_IPV4_ADDRESS and VTY_GET_IPV4_PREFIX so they
removed from ospfd/ospf_vty.h
* zebra.h: Move definition of ZEBRA_PORT to here, to remove
dependence of lib on zebra/zserv.h
2005-05-06 23:25:49 +02:00
|
|
|
const struct key *k1 = arg1;
|
|
|
|
|
const struct key *k2 = arg2;
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
if (k1->index > k2->index)
|
|
|
|
|
return 1;
|
|
|
|
|
if (k1->index < k2->index)
|
|
|
|
|
return -1;
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static void key_delete_func(struct key *key)
|
|
|
|
|
{
|
|
|
|
|
if (key->string)
|
|
|
|
|
free(key->string);
|
|
|
|
|
key_free(key);
|
|
|
|
|
}
|
|
|
|
|
|
2004-10-05 23:01:23 +02:00
|
|
|
static struct keychain *keychain_get(const char *name)
|
2002-12-13 21:15:29 +01:00
|
|
|
{
|
|
|
|
|
struct keychain *keychain;
|
|
|
|
|
|
|
|
|
|
keychain = keychain_lookup(name);
|
|
|
|
|
|
|
|
|
|
if (keychain)
|
|
|
|
|
return keychain;
|
|
|
|
|
|
|
|
|
|
keychain = keychain_new();
|
2015-08-26 16:44:57 +02:00
|
|
|
keychain->name = XSTRDUP(MTYPE_KEYCHAIN, name);
|
2002-12-13 21:15:29 +01:00
|
|
|
keychain->key = list_new();
|
|
|
|
|
keychain->key->cmp = (int (*)(void *, void *))key_cmp_func;
|
|
|
|
|
keychain->key->del = (void (*)(void *))key_delete_func;
|
|
|
|
|
listnode_add(keychain_list, keychain);
|
|
|
|
|
|
|
|
|
|
return keychain;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static void keychain_delete(struct keychain *keychain)
|
|
|
|
|
{
|
2019-02-25 21:18:13 +01:00
|
|
|
XFREE(MTYPE_KEYCHAIN, keychain->name);
|
2002-12-13 21:15:29 +01:00
|
|
|
|
2018-10-02 11:39:51 +02:00
|
|
|
list_delete(&keychain->key);
|
2002-12-13 21:15:29 +01:00
|
|
|
listnode_delete(keychain_list, keychain);
|
|
|
|
|
keychain_free(keychain);
|
|
|
|
|
}
|
|
|
|
|
|
2018-03-27 21:13:34 +02:00
|
|
|
static struct key *key_lookup(const struct keychain *keychain, uint32_t index)
|
2002-12-13 21:15:29 +01:00
|
|
|
{
|
2005-04-07 Paul Jakma <paul.jakma@sun.com>
* (global): Fix up list loops to match changes in lib/linklist,
and some basic auditing of usage.
* configure.ac: define QUAGGA_NO_DEPRECATED_INTERFACES
* HACKING: Add notes about deprecating interfaces and commands.
* lib/linklist.h: Add usage comments.
Rename getdata macro to listgetdata.
Rename nextnode to listnextnode and fix its odd behaviour to be
less dangerous.
Make listgetdata macro assert node is not null, NULL list entries
should be bug condition.
ALL_LIST_ELEMENTS, new macro, forward-referencing macro for use
with for loop, Suggested by Jim Carlson of Sun.
Add ALL_LIST_ELEMENTS_RO for cases which obviously do not need the
"safety" of previous macro.
LISTNODE_ADD and DELETE macros renamed to ATTACH, DETACH, to
distinguish from the similarly named functions, and reflect their
effect better.
Add a QUAGGA_NO_DEPRECATED_INTERFACES define guarded section
with the old defines which were modified above,
for backwards compatibility - guarded to prevent Quagga using it..
* lib/linklist.c: fix up for linklist.h changes.
* ospf6d/ospf6_abr.c: (ospf6_abr_examin_brouter) change to a single
scan of the area list, rather than scanning all areas first for
INTER_ROUTER and then again for INTER_NETWORK. According to
16.2, the scan should be area specific anyway, and further
ospf6d does not seem to implement 16.3 anyway.
2005-04-07 09:30:20 +02:00
|
|
|
struct listnode *node;
|
2002-12-13 21:15:29 +01:00
|
|
|
struct key *key;
|
|
|
|
|
|
2005-04-07 Paul Jakma <paul.jakma@sun.com>
* (global): Fix up list loops to match changes in lib/linklist,
and some basic auditing of usage.
* configure.ac: define QUAGGA_NO_DEPRECATED_INTERFACES
* HACKING: Add notes about deprecating interfaces and commands.
* lib/linklist.h: Add usage comments.
Rename getdata macro to listgetdata.
Rename nextnode to listnextnode and fix its odd behaviour to be
less dangerous.
Make listgetdata macro assert node is not null, NULL list entries
should be bug condition.
ALL_LIST_ELEMENTS, new macro, forward-referencing macro for use
with for loop, Suggested by Jim Carlson of Sun.
Add ALL_LIST_ELEMENTS_RO for cases which obviously do not need the
"safety" of previous macro.
LISTNODE_ADD and DELETE macros renamed to ATTACH, DETACH, to
distinguish from the similarly named functions, and reflect their
effect better.
Add a QUAGGA_NO_DEPRECATED_INTERFACES define guarded section
with the old defines which were modified above,
for backwards compatibility - guarded to prevent Quagga using it..
* lib/linklist.c: fix up for linklist.h changes.
* ospf6d/ospf6_abr.c: (ospf6_abr_examin_brouter) change to a single
scan of the area list, rather than scanning all areas first for
INTER_ROUTER and then again for INTER_NETWORK. According to
16.2, the scan should be area specific anyway, and further
ospf6d does not seem to implement 16.3 anyway.
2005-04-07 09:30:20 +02:00
|
|
|
for (ALL_LIST_ELEMENTS_RO(keychain->key, node, key)) {
|
2002-12-13 21:15:29 +01:00
|
|
|
if (key->index == index)
|
|
|
|
|
return key;
|
|
|
|
|
}
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
2004-10-05 23:01:23 +02:00
|
|
|
struct key *key_lookup_for_accept(const struct keychain *keychain,
|
2018-03-27 21:13:34 +02:00
|
|
|
uint32_t index)
|
2002-12-13 21:15:29 +01:00
|
|
|
{
|
2005-04-07 Paul Jakma <paul.jakma@sun.com>
* (global): Fix up list loops to match changes in lib/linklist,
and some basic auditing of usage.
* configure.ac: define QUAGGA_NO_DEPRECATED_INTERFACES
* HACKING: Add notes about deprecating interfaces and commands.
* lib/linklist.h: Add usage comments.
Rename getdata macro to listgetdata.
Rename nextnode to listnextnode and fix its odd behaviour to be
less dangerous.
Make listgetdata macro assert node is not null, NULL list entries
should be bug condition.
ALL_LIST_ELEMENTS, new macro, forward-referencing macro for use
with for loop, Suggested by Jim Carlson of Sun.
Add ALL_LIST_ELEMENTS_RO for cases which obviously do not need the
"safety" of previous macro.
LISTNODE_ADD and DELETE macros renamed to ATTACH, DETACH, to
distinguish from the similarly named functions, and reflect their
effect better.
Add a QUAGGA_NO_DEPRECATED_INTERFACES define guarded section
with the old defines which were modified above,
for backwards compatibility - guarded to prevent Quagga using it..
* lib/linklist.c: fix up for linklist.h changes.
* ospf6d/ospf6_abr.c: (ospf6_abr_examin_brouter) change to a single
scan of the area list, rather than scanning all areas first for
INTER_ROUTER and then again for INTER_NETWORK. According to
16.2, the scan should be area specific anyway, and further
ospf6d does not seem to implement 16.3 anyway.
2005-04-07 09:30:20 +02:00
|
|
|
struct listnode *node;
|
2002-12-13 21:15:29 +01:00
|
|
|
struct key *key;
|
|
|
|
|
time_t now;
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
now = time(NULL);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2005-04-07 Paul Jakma <paul.jakma@sun.com>
* (global): Fix up list loops to match changes in lib/linklist,
and some basic auditing of usage.
* configure.ac: define QUAGGA_NO_DEPRECATED_INTERFACES
* HACKING: Add notes about deprecating interfaces and commands.
* lib/linklist.h: Add usage comments.
Rename getdata macro to listgetdata.
Rename nextnode to listnextnode and fix its odd behaviour to be
less dangerous.
Make listgetdata macro assert node is not null, NULL list entries
should be bug condition.
ALL_LIST_ELEMENTS, new macro, forward-referencing macro for use
with for loop, Suggested by Jim Carlson of Sun.
Add ALL_LIST_ELEMENTS_RO for cases which obviously do not need the
"safety" of previous macro.
LISTNODE_ADD and DELETE macros renamed to ATTACH, DETACH, to
distinguish from the similarly named functions, and reflect their
effect better.
Add a QUAGGA_NO_DEPRECATED_INTERFACES define guarded section
with the old defines which were modified above,
for backwards compatibility - guarded to prevent Quagga using it..
* lib/linklist.c: fix up for linklist.h changes.
* ospf6d/ospf6_abr.c: (ospf6_abr_examin_brouter) change to a single
scan of the area list, rather than scanning all areas first for
INTER_ROUTER and then again for INTER_NETWORK. According to
16.2, the scan should be area specific anyway, and further
ospf6d does not seem to implement 16.3 anyway.
2005-04-07 09:30:20 +02:00
|
|
|
for (ALL_LIST_ELEMENTS_RO(keychain->key, node, key)) {
|
2002-12-13 21:15:29 +01:00
|
|
|
if (key->index >= index) {
|
|
|
|
|
if (key->accept.start == 0)
|
|
|
|
|
return key;
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
if (key->accept.start <= now)
|
|
|
|
|
if (key->accept.end >= now
|
|
|
|
|
|| key->accept.end == -1)
|
|
|
|
|
return key;
|
2017-07-17 14:03:14 +02:00
|
|
|
}
|
2002-12-13 21:15:29 +01:00
|
|
|
}
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
2004-10-05 23:01:23 +02:00
|
|
|
struct key *key_match_for_accept(const struct keychain *keychain,
|
|
|
|
|
const char *auth_str)
|
2002-12-13 21:15:29 +01:00
|
|
|
{
|
2005-04-07 Paul Jakma <paul.jakma@sun.com>
* (global): Fix up list loops to match changes in lib/linklist,
and some basic auditing of usage.
* configure.ac: define QUAGGA_NO_DEPRECATED_INTERFACES
* HACKING: Add notes about deprecating interfaces and commands.
* lib/linklist.h: Add usage comments.
Rename getdata macro to listgetdata.
Rename nextnode to listnextnode and fix its odd behaviour to be
less dangerous.
Make listgetdata macro assert node is not null, NULL list entries
should be bug condition.
ALL_LIST_ELEMENTS, new macro, forward-referencing macro for use
with for loop, Suggested by Jim Carlson of Sun.
Add ALL_LIST_ELEMENTS_RO for cases which obviously do not need the
"safety" of previous macro.
LISTNODE_ADD and DELETE macros renamed to ATTACH, DETACH, to
distinguish from the similarly named functions, and reflect their
effect better.
Add a QUAGGA_NO_DEPRECATED_INTERFACES define guarded section
with the old defines which were modified above,
for backwards compatibility - guarded to prevent Quagga using it..
* lib/linklist.c: fix up for linklist.h changes.
* ospf6d/ospf6_abr.c: (ospf6_abr_examin_brouter) change to a single
scan of the area list, rather than scanning all areas first for
INTER_ROUTER and then again for INTER_NETWORK. According to
16.2, the scan should be area specific anyway, and further
ospf6d does not seem to implement 16.3 anyway.
2005-04-07 09:30:20 +02:00
|
|
|
struct listnode *node;
|
2002-12-13 21:15:29 +01:00
|
|
|
struct key *key;
|
|
|
|
|
time_t now;
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
now = time(NULL);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2005-04-07 Paul Jakma <paul.jakma@sun.com>
* (global): Fix up list loops to match changes in lib/linklist,
and some basic auditing of usage.
* configure.ac: define QUAGGA_NO_DEPRECATED_INTERFACES
* HACKING: Add notes about deprecating interfaces and commands.
* lib/linklist.h: Add usage comments.
Rename getdata macro to listgetdata.
Rename nextnode to listnextnode and fix its odd behaviour to be
less dangerous.
Make listgetdata macro assert node is not null, NULL list entries
should be bug condition.
ALL_LIST_ELEMENTS, new macro, forward-referencing macro for use
with for loop, Suggested by Jim Carlson of Sun.
Add ALL_LIST_ELEMENTS_RO for cases which obviously do not need the
"safety" of previous macro.
LISTNODE_ADD and DELETE macros renamed to ATTACH, DETACH, to
distinguish from the similarly named functions, and reflect their
effect better.
Add a QUAGGA_NO_DEPRECATED_INTERFACES define guarded section
with the old defines which were modified above,
for backwards compatibility - guarded to prevent Quagga using it..
* lib/linklist.c: fix up for linklist.h changes.
* ospf6d/ospf6_abr.c: (ospf6_abr_examin_brouter) change to a single
scan of the area list, rather than scanning all areas first for
INTER_ROUTER and then again for INTER_NETWORK. According to
16.2, the scan should be area specific anyway, and further
ospf6d does not seem to implement 16.3 anyway.
2005-04-07 09:30:20 +02:00
|
|
|
for (ALL_LIST_ELEMENTS_RO(keychain->key, node, key)) {
|
2002-12-13 21:15:29 +01:00
|
|
|
if (key->accept.start == 0
|
|
|
|
|
|| (key->accept.start <= now
|
|
|
|
|
&& (key->accept.end >= now || key->accept.end == -1)))
|
2018-08-01 14:48:36 +02:00
|
|
|
if (key->string && (strncmp(key->string, auth_str, 16) == 0))
|
2002-12-13 21:15:29 +01:00
|
|
|
return key;
|
|
|
|
|
}
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
2004-10-05 23:01:23 +02:00
|
|
|
struct key *key_lookup_for_send(const struct keychain *keychain)
|
2002-12-13 21:15:29 +01:00
|
|
|
{
|
2005-04-07 Paul Jakma <paul.jakma@sun.com>
* (global): Fix up list loops to match changes in lib/linklist,
and some basic auditing of usage.
* configure.ac: define QUAGGA_NO_DEPRECATED_INTERFACES
* HACKING: Add notes about deprecating interfaces and commands.
* lib/linklist.h: Add usage comments.
Rename getdata macro to listgetdata.
Rename nextnode to listnextnode and fix its odd behaviour to be
less dangerous.
Make listgetdata macro assert node is not null, NULL list entries
should be bug condition.
ALL_LIST_ELEMENTS, new macro, forward-referencing macro for use
with for loop, Suggested by Jim Carlson of Sun.
Add ALL_LIST_ELEMENTS_RO for cases which obviously do not need the
"safety" of previous macro.
LISTNODE_ADD and DELETE macros renamed to ATTACH, DETACH, to
distinguish from the similarly named functions, and reflect their
effect better.
Add a QUAGGA_NO_DEPRECATED_INTERFACES define guarded section
with the old defines which were modified above,
for backwards compatibility - guarded to prevent Quagga using it..
* lib/linklist.c: fix up for linklist.h changes.
* ospf6d/ospf6_abr.c: (ospf6_abr_examin_brouter) change to a single
scan of the area list, rather than scanning all areas first for
INTER_ROUTER and then again for INTER_NETWORK. According to
16.2, the scan should be area specific anyway, and further
ospf6d does not seem to implement 16.3 anyway.
2005-04-07 09:30:20 +02:00
|
|
|
struct listnode *node;
|
2002-12-13 21:15:29 +01:00
|
|
|
struct key *key;
|
|
|
|
|
time_t now;
|
|
|
|
|
|
|
|
|
|
now = time(NULL);
|
|
|
|
|
|
2005-04-07 Paul Jakma <paul.jakma@sun.com>
* (global): Fix up list loops to match changes in lib/linklist,
and some basic auditing of usage.
* configure.ac: define QUAGGA_NO_DEPRECATED_INTERFACES
* HACKING: Add notes about deprecating interfaces and commands.
* lib/linklist.h: Add usage comments.
Rename getdata macro to listgetdata.
Rename nextnode to listnextnode and fix its odd behaviour to be
less dangerous.
Make listgetdata macro assert node is not null, NULL list entries
should be bug condition.
ALL_LIST_ELEMENTS, new macro, forward-referencing macro for use
with for loop, Suggested by Jim Carlson of Sun.
Add ALL_LIST_ELEMENTS_RO for cases which obviously do not need the
"safety" of previous macro.
LISTNODE_ADD and DELETE macros renamed to ATTACH, DETACH, to
distinguish from the similarly named functions, and reflect their
effect better.
Add a QUAGGA_NO_DEPRECATED_INTERFACES define guarded section
with the old defines which were modified above,
for backwards compatibility - guarded to prevent Quagga using it..
* lib/linklist.c: fix up for linklist.h changes.
* ospf6d/ospf6_abr.c: (ospf6_abr_examin_brouter) change to a single
scan of the area list, rather than scanning all areas first for
INTER_ROUTER and then again for INTER_NETWORK. According to
16.2, the scan should be area specific anyway, and further
ospf6d does not seem to implement 16.3 anyway.
2005-04-07 09:30:20 +02:00
|
|
|
for (ALL_LIST_ELEMENTS_RO(keychain->key, node, key)) {
|
2002-12-13 21:15:29 +01:00
|
|
|
if (key->send.start == 0)
|
|
|
|
|
return key;
|
|
|
|
|
|
|
|
|
|
if (key->send.start <= now)
|
|
|
|
|
if (key->send.end >= now || key->send.end == -1)
|
|
|
|
|
return key;
|
|
|
|
|
}
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
2018-03-27 21:13:34 +02:00
|
|
|
static struct key *key_get(const struct keychain *keychain, uint32_t index)
|
2002-12-13 21:15:29 +01:00
|
|
|
{
|
|
|
|
|
struct key *key;
|
|
|
|
|
|
|
|
|
|
key = key_lookup(keychain, index);
|
|
|
|
|
|
|
|
|
|
if (key)
|
|
|
|
|
return key;
|
|
|
|
|
|
|
|
|
|
key = key_new();
|
|
|
|
|
key->index = index;
|
2021-05-11 12:00:38 +02:00
|
|
|
key->hash_algo = KEYCHAIN_ALGO_NULL;
|
2002-12-13 21:15:29 +01:00
|
|
|
listnode_add_sort(keychain->key, key);
|
|
|
|
|
|
|
|
|
|
return key;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static void key_delete(struct keychain *keychain, struct key *key)
|
|
|
|
|
{
|
|
|
|
|
listnode_delete(keychain->key, key);
|
|
|
|
|
|
2019-02-25 21:18:13 +01:00
|
|
|
XFREE(MTYPE_KEY, key->string);
|
2002-12-13 21:15:29 +01:00
|
|
|
key_free(key);
|
|
|
|
|
}
|
2014-06-04 06:53:35 +02:00
|
|
|
|
2017-03-22 10:38:22 +01:00
|
|
|
DEFUN_NOSH (key_chain,
|
2002-12-13 21:15:29 +01:00
|
|
|
key_chain_cmd,
|
|
|
|
|
"key chain WORD",
|
|
|
|
|
"Authentication key management\n"
|
|
|
|
|
"Key-chain management\n"
|
|
|
|
|
"Key-chain name\n")
|
|
|
|
|
{
|
2016-09-23 22:17:29 +02:00
|
|
|
int idx_word = 2;
|
2002-12-13 21:15:29 +01:00
|
|
|
struct keychain *keychain;
|
|
|
|
|
|
2016-09-23 22:17:29 +02:00
|
|
|
keychain = keychain_get(argv[idx_word]->arg);
|
2016-12-07 17:30:16 +01:00
|
|
|
VTY_PUSH_CONTEXT(KEYCHAIN_NODE, keychain);
|
2002-12-13 21:15:29 +01:00
|
|
|
|
|
|
|
|
return CMD_SUCCESS;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
DEFUN (no_key_chain,
|
|
|
|
|
no_key_chain_cmd,
|
|
|
|
|
"no key chain WORD",
|
|
|
|
|
NO_STR
|
|
|
|
|
"Authentication key management\n"
|
|
|
|
|
"Key-chain management\n"
|
|
|
|
|
"Key-chain name\n")
|
|
|
|
|
{
|
2016-09-23 22:17:29 +02:00
|
|
|
int idx_word = 3;
|
2002-12-13 21:15:29 +01:00
|
|
|
struct keychain *keychain;
|
|
|
|
|
|
2016-09-23 22:17:29 +02:00
|
|
|
keychain = keychain_lookup(argv[idx_word]->arg);
|
2002-12-13 21:15:29 +01:00
|
|
|
|
|
|
|
|
if (!keychain) {
|
2017-07-13 17:49:13 +02:00
|
|
|
vty_out(vty, "Can't find keychain %s\n", argv[idx_word]->arg);
|
2017-07-13 21:56:08 +02:00
|
|
|
return CMD_WARNING_CONFIG_FAILED;
|
2002-12-13 21:15:29 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
keychain_delete(keychain);
|
|
|
|
|
|
|
|
|
|
return CMD_SUCCESS;
|
|
|
|
|
}
|
|
|
|
|
|
2017-03-22 10:38:22 +01:00
|
|
|
DEFUN_NOSH (key,
|
2002-12-13 21:15:29 +01:00
|
|
|
key_cmd,
|
2016-09-23 15:47:20 +02:00
|
|
|
"key (0-2147483647)",
|
2002-12-13 21:15:29 +01:00
|
|
|
"Configure a key\n"
|
|
|
|
|
"Key identifier number\n")
|
|
|
|
|
{
|
2016-09-23 22:17:29 +02:00
|
|
|
int idx_number = 1;
|
2016-09-26 20:17:12 +02:00
|
|
|
VTY_DECLVAR_CONTEXT(keychain, keychain);
|
2002-12-13 21:15:29 +01:00
|
|
|
struct key *key;
|
2018-03-27 21:13:34 +02:00
|
|
|
uint32_t index;
|
2017-07-17 14:03:14 +02:00
|
|
|
|
*: remove VTY_GET_*
CLI validates input tokens, so there's no need to do it in handler
functions anymore.
spatch follows
----------------
@getull@
expression v;
expression str;
@@
<...
- VTY_GET_ULL(..., v, str)
+ v = strtoull (str, NULL, 10)
...>
@getul@
expression v;
expression str;
@@
<...
- VTY_GET_ULONG(..., v, str)
+ v = strtoul (str, NULL, 10)
...>
@getintrange@
expression name;
expression v;
expression str;
@@
<...
- VTY_GET_INTEGER_RANGE(name, v, str, ...)
+ v = strtoul (str, NULL, 10)
...>
@getint@
expression v;
expression str;
@@
<...
- VTY_GET_INTEGER(..., v, str)
+ v = strtoul (str, NULL, 10)
...>
@getv4@
expression v;
expression str;
@@
<...
- VTY_GET_IPV4_ADDRESS(..., v, str)
+ inet_aton (str, &v)
...>
@getv4pfx@
expression v;
expression str;
@@
<...
- VTY_GET_IPV4_PREFIX(..., v, str)
+ str2prefix_ipv4 (str, &v)
...>
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
2017-06-27 20:47:03 +02:00
|
|
|
index = strtoul(argv[idx_number]->arg, NULL, 10);
|
2002-12-13 21:15:29 +01:00
|
|
|
key = key_get(keychain, index);
|
2016-09-27 16:51:58 +02:00
|
|
|
VTY_PUSH_CONTEXT_SUB(KEYCHAIN_KEY_NODE, key);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
return CMD_SUCCESS;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
DEFUN (no_key,
|
|
|
|
|
no_key_cmd,
|
2016-09-23 15:47:20 +02:00
|
|
|
"no key (0-2147483647)",
|
2002-12-13 21:15:29 +01:00
|
|
|
NO_STR
|
|
|
|
|
"Delete a key\n"
|
|
|
|
|
"Key identifier number\n")
|
|
|
|
|
{
|
2016-09-23 22:17:29 +02:00
|
|
|
int idx_number = 2;
|
2016-09-26 20:17:12 +02:00
|
|
|
VTY_DECLVAR_CONTEXT(keychain, keychain);
|
2002-12-13 21:15:29 +01:00
|
|
|
struct key *key;
|
2018-03-27 21:13:34 +02:00
|
|
|
uint32_t index;
|
2017-07-17 14:03:14 +02:00
|
|
|
|
*: remove VTY_GET_*
CLI validates input tokens, so there's no need to do it in handler
functions anymore.
spatch follows
----------------
@getull@
expression v;
expression str;
@@
<...
- VTY_GET_ULL(..., v, str)
+ v = strtoull (str, NULL, 10)
...>
@getul@
expression v;
expression str;
@@
<...
- VTY_GET_ULONG(..., v, str)
+ v = strtoul (str, NULL, 10)
...>
@getintrange@
expression name;
expression v;
expression str;
@@
<...
- VTY_GET_INTEGER_RANGE(name, v, str, ...)
+ v = strtoul (str, NULL, 10)
...>
@getint@
expression v;
expression str;
@@
<...
- VTY_GET_INTEGER(..., v, str)
+ v = strtoul (str, NULL, 10)
...>
@getv4@
expression v;
expression str;
@@
<...
- VTY_GET_IPV4_ADDRESS(..., v, str)
+ inet_aton (str, &v)
...>
@getv4pfx@
expression v;
expression str;
@@
<...
- VTY_GET_IPV4_PREFIX(..., v, str)
+ str2prefix_ipv4 (str, &v)
...>
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
2017-06-27 20:47:03 +02:00
|
|
|
index = strtoul(argv[idx_number]->arg, NULL, 10);
|
2002-12-13 21:15:29 +01:00
|
|
|
key = key_lookup(keychain, index);
|
|
|
|
|
if (!key) {
|
2017-07-13 17:49:13 +02:00
|
|
|
vty_out(vty, "Can't find key %d\n", index);
|
2017-07-13 21:56:08 +02:00
|
|
|
return CMD_WARNING_CONFIG_FAILED;
|
2002-12-13 21:15:29 +01:00
|
|
|
}
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
key_delete(keychain, key);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
vty->node = KEYCHAIN_NODE;
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
return CMD_SUCCESS;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
DEFUN (key_string,
|
|
|
|
|
key_string_cmd,
|
|
|
|
|
"key-string LINE",
|
|
|
|
|
"Set key string\n"
|
|
|
|
|
"The key\n")
|
|
|
|
|
{
|
2016-09-23 22:17:29 +02:00
|
|
|
int idx_line = 1;
|
2016-09-27 16:51:58 +02:00
|
|
|
VTY_DECLVAR_CONTEXT_SUB(key, key);
|
2002-12-13 21:15:29 +01:00
|
|
|
|
|
|
|
|
if (key->string)
|
2015-08-26 16:44:57 +02:00
|
|
|
XFREE(MTYPE_KEY, key->string);
|
2016-09-23 22:17:29 +02:00
|
|
|
key->string = XSTRDUP(MTYPE_KEY, argv[idx_line]->arg);
|
2002-12-13 21:15:29 +01:00
|
|
|
|
|
|
|
|
return CMD_SUCCESS;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
DEFUN (no_key_string,
|
|
|
|
|
no_key_string_cmd,
|
|
|
|
|
"no key-string [LINE]",
|
|
|
|
|
NO_STR
|
|
|
|
|
"Unset key string\n"
|
|
|
|
|
"The key\n")
|
|
|
|
|
{
|
2016-09-27 16:51:58 +02:00
|
|
|
VTY_DECLVAR_CONTEXT_SUB(key, key);
|
2002-12-13 21:15:29 +01:00
|
|
|
|
|
|
|
|
if (key->string) {
|
2015-08-26 16:44:57 +02:00
|
|
|
XFREE(MTYPE_KEY, key->string);
|
2002-12-13 21:15:29 +01:00
|
|
|
key->string = NULL;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return CMD_SUCCESS;
|
|
|
|
|
}
|
|
|
|
|
|
2021-05-11 12:00:38 +02:00
|
|
|
const struct keychain_algo_info algo_info[] = {
|
|
|
|
|
{KEYCHAIN_ALGO_NULL, "null", 0, 0, "NULL"},
|
|
|
|
|
{KEYCHAIN_ALGO_MD5, "md5", KEYCHAIN_MD5_HASH_SIZE,
|
|
|
|
|
KEYCHAIN_ALGO_MD5_INTERNAL_BLK_SIZE, "MD5"},
|
|
|
|
|
{KEYCHAIN_ALGO_HMAC_SHA1, "hmac-sha-1", KEYCHAIN_HMAC_SHA1_HASH_SIZE,
|
|
|
|
|
KEYCHAIN_ALGO_SHA1_INTERNAL_BLK_SIZE, "HMAC-SHA-1"},
|
|
|
|
|
{KEYCHAIN_ALGO_HMAC_SHA256, "hmac-sha-256",
|
|
|
|
|
KEYCHAIN_HMAC_SHA256_HASH_SIZE, KEYCHAIN_ALGO_SHA256_INTERNAL_BLK_SIZE,
|
|
|
|
|
"HMAC-SHA-256"},
|
|
|
|
|
{KEYCHAIN_ALGO_HMAC_SHA384, "hmac-sha-384",
|
|
|
|
|
KEYCHAIN_HMAC_SHA384_HASH_SIZE, KEYCHAIN_ALGO_SHA384_INTERNAL_BLK_SIZE,
|
|
|
|
|
"HMAC-SHA-384"},
|
|
|
|
|
{KEYCHAIN_ALGO_HMAC_SHA512, "hmac-sha-512",
|
|
|
|
|
KEYCHAIN_HMAC_SHA512_HASH_SIZE, KEYCHAIN_ALGO_SHA512_INTERNAL_BLK_SIZE,
|
|
|
|
|
"HMAC-SHA-512"},
|
|
|
|
|
{KEYCHAIN_ALGO_MAX, "max", KEYCHAIN_MAX_HASH_SIZE,
|
|
|
|
|
KEYCHAIN_ALGO_MAX_INTERNAL_BLK_SIZE, "Not defined"}
|
|
|
|
|
};
|
|
|
|
|
|
ospf6d: fix coverity issues.
Fixed below coverity issues
________________________________________________________________________________________________________
*** CID 1511366: (TAINTED_SCALAR)
/ospf6d/ospf6_message.c: 2631 in ospf6_make_lsupdate_list()
2625 + OSPF6_HEADER_SIZE)
2626 > ospf6_packet_max(on->ospf6_if)) {
2627 ospf6_fill_header(on->ospf6_if, (*op)->s,
2628 length + OSPF6_HEADER_SIZE);
2629 (*op)->length = length + OSPF6_HEADER_SIZE;
2630 ospf6_fill_lsupdate_header((*op)->s, *lsa_cnt);
>>> CID 1511366: (TAINTED_SCALAR)
>>> Passing tainted variable "(*op)->length" to a tainted sink.
2631 ospf6_send_lsupdate(on, NULL, *op);
2632
2633 /* refresh packet */
2634 *op = ospf6_packet_new(on->ospf6_if->ifmtu);
2635 length = OSPF6_LS_UPD_MIN_SIZE;
2636 *lsa_cnt = 0;
/ospf6d/ospf6_message.c: 2631 in ospf6_make_lsupdate_list()
2625 + OSPF6_HEADER_SIZE)
2626 > ospf6_packet_max(on->ospf6_if)) {
2627 ospf6_fill_header(on->ospf6_if, (*op)->s,
2628 length + OSPF6_HEADER_SIZE);
2629 (*op)->length = length + OSPF6_HEADER_SIZE;
2630 ospf6_fill_lsupdate_header((*op)->s, *lsa_cnt);
>>> CID 1511366: (TAINTED_SCALAR)
>>> Passing tainted variable "(*op)->length" to a tainted sink.
2631 ospf6_send_lsupdate(on, NULL, *op);
________________________________________________________________________________________________________
*** CID 1511365: (TAINTED_SCALAR)
/ospf6d/ospf6_message.c: 2674 in ospf6_make_ls_retrans_list()
2669 if (on->ospf6_if->state == OSPF6_INTERFACE_POINTTOPOINT)
2670 (*op)->dst = allspfrouters6;
2671 else
2672 (*op)->dst = on->linklocal_addr;
2673
>>> CID 1511365: (TAINTED_SCALAR)
>>> Passing tainted variable "(*op)->length" to a tainted sink.
2674 ospf6_fill_hdr_checksum(on->ospf6_if, *op);
2675 ospf6_packet_add(on->ospf6_if, *op);
2676 OSPF6_MESSAGE_WRITE_ON(on->ospf6_if);
/ospf6d/ospf6_message.c: 2674 in ospf6_make_ls_retrans_list()
2669 if (on->ospf6_if->state == OSPF6_INTERFACE_POINTTOPOINT)
2670 (*op)->dst = allspfrouters6;
2671 else
2672 (*op)->dst = on->linklocal_addr;
2673
>>> CID 1511365: (TAINTED_SCALAR)
>>> Passing tainted variable "(*op)->length" to a tainted sink.
2674 ospf6_fill_hdr_checksum(on->ospf6_if, *op);
2675 ospf6_packet_add(on->ospf6_if, *op);
2676 OSPF6_MESSAGE_WRITE_ON(on->ospf6_if);
/ospf6d/ospf6_message.c: 2674 in ospf6_make_ls_retrans_list()
2668 ospf6_fill_lsupdate_header((*op)->s, *lsa_cnt);
2669 if (on->ospf6_if->state == OSPF6_INTERFACE_POINTTOPOINT)
2670 (*op)->dst = allspfrouters6;
2671 else
2672 (*op)->dst = on->linklocal_addr;
2673
>>> CID 1511365: (TAINTED_SCALAR)
>>> Passing tainted variable "(*op)->length" to a tainted sink.
2674 ospf6_fill_hdr_checksum(on->ospf6_if, *op);
2675 ospf6_packet_add(on->ospf6_if, *op);
2676 OSPF6_MESSAGE_WRITE_ON(on->ospf6_if);
________________________________________________________________________________________________________
*** CID 1511364: Insecure data handling (TAINTED_SCALAR)
/ospf6d/ospf6_message.c: 2125 in ospf6_write()
2120 if (oi->at_data.flags != 0) {
2121 at_len = ospf6_auth_len_get(oi);
2122 if (at_len) {
2123 iovector[0].iov_len =
2124 ntohs(oh->length) + at_len;
>>> CID 1511364: Insecure data handling (TAINTED_SCALAR)
>>> Passing tainted variable "iovector[0].iov_len" to a tainted sink.
2125 ospf6_auth_digest_send(oi->linklocal_addr, oi,
2126 oh, at_len,
2127 iovector[0].iov_len);
2128 } else {
2129 iovector[0].iov_len = ntohs(oh->length);
2130 }
________________________________________________________________________________________________________
*** CID 1511363: (DEADCODE)
/ospf6d/ospf6_auth_trailer.c: 275 in ospf6_hash_hmac_sha_digest()
269 case KEYCHAIN_ALGO_HMAC_SHA512:
270 #ifdef CRYPTO_OPENSSL
271 sha512_digest(mes, len, digest);
272 #endif
273 break;
274 case KEYCHAIN_ALGO_NULL:
>>> CID 1511363: (DEADCODE)
>>> Execution cannot reach this statement: "case KEYCHAIN_ALGO_MAX:".
275 case KEYCHAIN_ALGO_MAX:
276 default:
/ospf6d/ospf6_auth_trailer.c: 274 in ospf6_hash_hmac_sha_digest()
269 case KEYCHAIN_ALGO_HMAC_SHA512:
270 #ifdef CRYPTO_OPENSSL
271 sha512_digest(mes, len, digest);
272 #endif
273 break;
>>> CID 1511363: (DEADCODE)
>>> Execution cannot reach this statement: "case KEYCHAIN_ALGO_NULL:".
274 case KEYCHAIN_ALGO_NULL:
275 case KEYCHAIN_ALGO_MAX:
276 default:
________________________________________________________________________________________________________
*** CID 1511362: Insecure data handling (TAINTED_SCALAR)
/ospf6d/ospf6_auth_trailer.c: 541 in ospf6_auth_check_digest()
535
536 auth_len = ntohs(ospf6_auth->length);
537
538 memcpy(temp_hash, ospf6_auth->data, hash_len);
539 memcpy(ospf6_auth->data, apad, hash_len);
540
>>> CID 1511362: Insecure data handling (TAINTED_SCALAR)
>>> Passing tainted variable "oh_len + auth_len + lls_block_len" to a tainted sink.
541 ospf6_auth_update_digest(oi, oh, ospf6_auth, auth_str,
542 (oh_len + auth_len + lls_block_len),
543 hash_algo);
________________________________________________________________________________________________________
*** CID 1511361: Insecure data handling (TAINTED_SCALAR)
/ospf6d/ospf6_auth_trailer.c: 124 in ospf6_auth_hdr_dump_recv()
118 at_len = length - (oh_len + lls_len);
119 if (at_len > 0) {
120 ospf6_at_hdr =
121 (struct ospf6_auth_hdr *)((uint8_t *)ospfh + oh_len);
122 at_hdr_len = ntohs(ospf6_at_hdr->length);
123 hash_len = at_hdr_len - OSPF6_AUTH_HDR_MIN_SIZE;
>>> CID 1511361: Insecure data handling (TAINTED_SCALAR)
>>> Passing tainted variable "hash_len" to a tainted sink.
124 memcpy(temp, ospf6_at_hdr->data, hash_len);
125 temp[hash_len] = '\0';
________________________________________________________________________________________________________
*** CID 1482146: Insecure data handling (TAINTED_SCALAR)
/ospf6d/ospf6_message.c: 2787 in ospf6_lsupdate_send_neighbor_now()
2781
2782 if (IS_OSPF6_DEBUG_FLOODING
2783 || IS_OSPF6_DEBUG_MESSAGE(OSPF6_MESSAGE_TYPE_LSUPDATE, SEND_HDR))
2784 zlog_debug("%s: Send lsupdate with lsa %s (age %u)", __func__,
2785 lsa->name, ntohs(lsa->header->age));
2786
>>> CID 1482146: Insecure data handling (TAINTED_SCALAR)
>>> Passing tainted variable "op->length" to a tainted sink.
2787 ospf6_send_lsupdate(on, NULL, op);
Signed-off-by: Abhinay Ramesh <rabhinay@vmware.com>
2022-02-12 13:05:57 +01:00
|
|
|
uint16_t keychain_get_block_size(enum keychain_hash_algo key)
|
2021-05-11 12:00:38 +02:00
|
|
|
{
|
|
|
|
|
return algo_info[key].block;
|
|
|
|
|
}
|
|
|
|
|
|
ospf6d: fix coverity issues.
Fixed below coverity issues
________________________________________________________________________________________________________
*** CID 1511366: (TAINTED_SCALAR)
/ospf6d/ospf6_message.c: 2631 in ospf6_make_lsupdate_list()
2625 + OSPF6_HEADER_SIZE)
2626 > ospf6_packet_max(on->ospf6_if)) {
2627 ospf6_fill_header(on->ospf6_if, (*op)->s,
2628 length + OSPF6_HEADER_SIZE);
2629 (*op)->length = length + OSPF6_HEADER_SIZE;
2630 ospf6_fill_lsupdate_header((*op)->s, *lsa_cnt);
>>> CID 1511366: (TAINTED_SCALAR)
>>> Passing tainted variable "(*op)->length" to a tainted sink.
2631 ospf6_send_lsupdate(on, NULL, *op);
2632
2633 /* refresh packet */
2634 *op = ospf6_packet_new(on->ospf6_if->ifmtu);
2635 length = OSPF6_LS_UPD_MIN_SIZE;
2636 *lsa_cnt = 0;
/ospf6d/ospf6_message.c: 2631 in ospf6_make_lsupdate_list()
2625 + OSPF6_HEADER_SIZE)
2626 > ospf6_packet_max(on->ospf6_if)) {
2627 ospf6_fill_header(on->ospf6_if, (*op)->s,
2628 length + OSPF6_HEADER_SIZE);
2629 (*op)->length = length + OSPF6_HEADER_SIZE;
2630 ospf6_fill_lsupdate_header((*op)->s, *lsa_cnt);
>>> CID 1511366: (TAINTED_SCALAR)
>>> Passing tainted variable "(*op)->length" to a tainted sink.
2631 ospf6_send_lsupdate(on, NULL, *op);
________________________________________________________________________________________________________
*** CID 1511365: (TAINTED_SCALAR)
/ospf6d/ospf6_message.c: 2674 in ospf6_make_ls_retrans_list()
2669 if (on->ospf6_if->state == OSPF6_INTERFACE_POINTTOPOINT)
2670 (*op)->dst = allspfrouters6;
2671 else
2672 (*op)->dst = on->linklocal_addr;
2673
>>> CID 1511365: (TAINTED_SCALAR)
>>> Passing tainted variable "(*op)->length" to a tainted sink.
2674 ospf6_fill_hdr_checksum(on->ospf6_if, *op);
2675 ospf6_packet_add(on->ospf6_if, *op);
2676 OSPF6_MESSAGE_WRITE_ON(on->ospf6_if);
/ospf6d/ospf6_message.c: 2674 in ospf6_make_ls_retrans_list()
2669 if (on->ospf6_if->state == OSPF6_INTERFACE_POINTTOPOINT)
2670 (*op)->dst = allspfrouters6;
2671 else
2672 (*op)->dst = on->linklocal_addr;
2673
>>> CID 1511365: (TAINTED_SCALAR)
>>> Passing tainted variable "(*op)->length" to a tainted sink.
2674 ospf6_fill_hdr_checksum(on->ospf6_if, *op);
2675 ospf6_packet_add(on->ospf6_if, *op);
2676 OSPF6_MESSAGE_WRITE_ON(on->ospf6_if);
/ospf6d/ospf6_message.c: 2674 in ospf6_make_ls_retrans_list()
2668 ospf6_fill_lsupdate_header((*op)->s, *lsa_cnt);
2669 if (on->ospf6_if->state == OSPF6_INTERFACE_POINTTOPOINT)
2670 (*op)->dst = allspfrouters6;
2671 else
2672 (*op)->dst = on->linklocal_addr;
2673
>>> CID 1511365: (TAINTED_SCALAR)
>>> Passing tainted variable "(*op)->length" to a tainted sink.
2674 ospf6_fill_hdr_checksum(on->ospf6_if, *op);
2675 ospf6_packet_add(on->ospf6_if, *op);
2676 OSPF6_MESSAGE_WRITE_ON(on->ospf6_if);
________________________________________________________________________________________________________
*** CID 1511364: Insecure data handling (TAINTED_SCALAR)
/ospf6d/ospf6_message.c: 2125 in ospf6_write()
2120 if (oi->at_data.flags != 0) {
2121 at_len = ospf6_auth_len_get(oi);
2122 if (at_len) {
2123 iovector[0].iov_len =
2124 ntohs(oh->length) + at_len;
>>> CID 1511364: Insecure data handling (TAINTED_SCALAR)
>>> Passing tainted variable "iovector[0].iov_len" to a tainted sink.
2125 ospf6_auth_digest_send(oi->linklocal_addr, oi,
2126 oh, at_len,
2127 iovector[0].iov_len);
2128 } else {
2129 iovector[0].iov_len = ntohs(oh->length);
2130 }
________________________________________________________________________________________________________
*** CID 1511363: (DEADCODE)
/ospf6d/ospf6_auth_trailer.c: 275 in ospf6_hash_hmac_sha_digest()
269 case KEYCHAIN_ALGO_HMAC_SHA512:
270 #ifdef CRYPTO_OPENSSL
271 sha512_digest(mes, len, digest);
272 #endif
273 break;
274 case KEYCHAIN_ALGO_NULL:
>>> CID 1511363: (DEADCODE)
>>> Execution cannot reach this statement: "case KEYCHAIN_ALGO_MAX:".
275 case KEYCHAIN_ALGO_MAX:
276 default:
/ospf6d/ospf6_auth_trailer.c: 274 in ospf6_hash_hmac_sha_digest()
269 case KEYCHAIN_ALGO_HMAC_SHA512:
270 #ifdef CRYPTO_OPENSSL
271 sha512_digest(mes, len, digest);
272 #endif
273 break;
>>> CID 1511363: (DEADCODE)
>>> Execution cannot reach this statement: "case KEYCHAIN_ALGO_NULL:".
274 case KEYCHAIN_ALGO_NULL:
275 case KEYCHAIN_ALGO_MAX:
276 default:
________________________________________________________________________________________________________
*** CID 1511362: Insecure data handling (TAINTED_SCALAR)
/ospf6d/ospf6_auth_trailer.c: 541 in ospf6_auth_check_digest()
535
536 auth_len = ntohs(ospf6_auth->length);
537
538 memcpy(temp_hash, ospf6_auth->data, hash_len);
539 memcpy(ospf6_auth->data, apad, hash_len);
540
>>> CID 1511362: Insecure data handling (TAINTED_SCALAR)
>>> Passing tainted variable "oh_len + auth_len + lls_block_len" to a tainted sink.
541 ospf6_auth_update_digest(oi, oh, ospf6_auth, auth_str,
542 (oh_len + auth_len + lls_block_len),
543 hash_algo);
________________________________________________________________________________________________________
*** CID 1511361: Insecure data handling (TAINTED_SCALAR)
/ospf6d/ospf6_auth_trailer.c: 124 in ospf6_auth_hdr_dump_recv()
118 at_len = length - (oh_len + lls_len);
119 if (at_len > 0) {
120 ospf6_at_hdr =
121 (struct ospf6_auth_hdr *)((uint8_t *)ospfh + oh_len);
122 at_hdr_len = ntohs(ospf6_at_hdr->length);
123 hash_len = at_hdr_len - OSPF6_AUTH_HDR_MIN_SIZE;
>>> CID 1511361: Insecure data handling (TAINTED_SCALAR)
>>> Passing tainted variable "hash_len" to a tainted sink.
124 memcpy(temp, ospf6_at_hdr->data, hash_len);
125 temp[hash_len] = '\0';
________________________________________________________________________________________________________
*** CID 1482146: Insecure data handling (TAINTED_SCALAR)
/ospf6d/ospf6_message.c: 2787 in ospf6_lsupdate_send_neighbor_now()
2781
2782 if (IS_OSPF6_DEBUG_FLOODING
2783 || IS_OSPF6_DEBUG_MESSAGE(OSPF6_MESSAGE_TYPE_LSUPDATE, SEND_HDR))
2784 zlog_debug("%s: Send lsupdate with lsa %s (age %u)", __func__,
2785 lsa->name, ntohs(lsa->header->age));
2786
>>> CID 1482146: Insecure data handling (TAINTED_SCALAR)
>>> Passing tainted variable "op->length" to a tainted sink.
2787 ospf6_send_lsupdate(on, NULL, op);
Signed-off-by: Abhinay Ramesh <rabhinay@vmware.com>
2022-02-12 13:05:57 +01:00
|
|
|
uint16_t keychain_get_hash_len(enum keychain_hash_algo key)
|
2021-05-11 12:00:38 +02:00
|
|
|
{
|
|
|
|
|
return algo_info[key].length;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const char *keychain_get_description(enum keychain_hash_algo key)
|
|
|
|
|
{
|
|
|
|
|
return algo_info[key].desc;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
struct keychain_algo_info
|
|
|
|
|
keychain_get_hash_algo_info(enum keychain_hash_algo key)
|
|
|
|
|
{
|
|
|
|
|
return algo_info[key];
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
enum keychain_hash_algo keychain_get_algo_id_by_name(const char *name)
|
|
|
|
|
{
|
|
|
|
|
#ifdef CRYPTO_INTERNAL
|
|
|
|
|
if (!strncmp(name, "hmac-sha-2", 10))
|
|
|
|
|
return KEYCHAIN_ALGO_HMAC_SHA256;
|
|
|
|
|
else if (!strncmp(name, "m", 1))
|
|
|
|
|
return KEYCHAIN_ALGO_MD5;
|
|
|
|
|
else
|
|
|
|
|
return KEYCHAIN_ALGO_NULL;
|
|
|
|
|
#else
|
|
|
|
|
if (!strncmp(name, "m", 1))
|
|
|
|
|
return KEYCHAIN_ALGO_MD5;
|
|
|
|
|
else if (!strncmp(name, "hmac-sha-1", 10))
|
|
|
|
|
return KEYCHAIN_ALGO_HMAC_SHA1;
|
|
|
|
|
else if (!strncmp(name, "hmac-sha-2", 10))
|
|
|
|
|
return KEYCHAIN_ALGO_HMAC_SHA256;
|
|
|
|
|
else if (!strncmp(name, "hmac-sha-3", 10))
|
|
|
|
|
return KEYCHAIN_ALGO_HMAC_SHA384;
|
|
|
|
|
else if (!strncmp(name, "hmac-sha-5", 10))
|
|
|
|
|
return KEYCHAIN_ALGO_HMAC_SHA512;
|
|
|
|
|
else
|
|
|
|
|
return KEYCHAIN_ALGO_NULL;
|
|
|
|
|
#endif
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const char *keychain_get_algo_name_by_id(enum keychain_hash_algo key)
|
|
|
|
|
{
|
|
|
|
|
return algo_info[key].name;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
DEFUN(cryptographic_algorithm, cryptographic_algorithm_cmd,
|
|
|
|
|
"cryptographic-algorithm "
|
|
|
|
|
"<md5|hmac-sha-1|hmac-sha-256|hmac-sha-384|hmac-sha-512>",
|
|
|
|
|
"Cryptographic-algorithm\n"
|
|
|
|
|
"Use MD5 algorithm\n"
|
|
|
|
|
"Use HMAC-SHA-1 algorithm\n"
|
|
|
|
|
"Use HMAC-SHA-256 algorithm\n"
|
|
|
|
|
"Use HMAC-SHA-384 algorithm\n"
|
|
|
|
|
"Use HMAC-SHA-512 algorithm\n")
|
|
|
|
|
{
|
|
|
|
|
int algo_idx = 1;
|
|
|
|
|
uint8_t hash_algo = KEYCHAIN_ALGO_NULL;
|
|
|
|
|
|
|
|
|
|
VTY_DECLVAR_CONTEXT_SUB(key, key);
|
|
|
|
|
hash_algo = keychain_get_algo_id_by_name(argv[algo_idx]->arg);
|
|
|
|
|
#ifndef CRYPTO_OPENSSL
|
|
|
|
|
if (hash_algo == KEYCHAIN_ALGO_NULL) {
|
|
|
|
|
vty_out(vty,
|
|
|
|
|
"Hash algorithm not supported, compile with --with-crypto=openssl\n");
|
|
|
|
|
return CMD_WARNING_CONFIG_FAILED;
|
|
|
|
|
}
|
|
|
|
|
#endif /* CRYPTO_OPENSSL */
|
|
|
|
|
key->hash_algo = hash_algo;
|
|
|
|
|
return CMD_SUCCESS;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
DEFUN(no_cryptographic_algorithm, no_cryptographic_algorithm_cmd,
|
|
|
|
|
"no cryptographic-algorithm "
|
|
|
|
|
"[<md5|hmac-sha-1|hmac-sha-256|hmac-sha-384|hmac-sha-512>]",
|
|
|
|
|
NO_STR
|
|
|
|
|
"Cryptographic-algorithm\n"
|
|
|
|
|
"Use MD5 algorithm\n"
|
|
|
|
|
"Use HMAC-SHA-1 algorithm\n"
|
|
|
|
|
"Use HMAC-SHA-256 algorithm\n"
|
|
|
|
|
"Use HMAC-SHA-384 algorithm\n"
|
|
|
|
|
"Use HMAC-SHA-512 algorithm\n")
|
|
|
|
|
{
|
|
|
|
|
int algo_idx = 2;
|
|
|
|
|
uint8_t hash_algo = KEYCHAIN_ALGO_NULL;
|
|
|
|
|
|
|
|
|
|
VTY_DECLVAR_CONTEXT_SUB(key, key);
|
|
|
|
|
if (argc > algo_idx) {
|
|
|
|
|
hash_algo = keychain_get_algo_id_by_name(argv[algo_idx]->arg);
|
|
|
|
|
if (hash_algo == KEYCHAIN_ALGO_NULL) {
|
|
|
|
|
vty_out(vty,
|
|
|
|
|
"Hash algorithm not supported, try compiling with --with-crypto=openssl\n");
|
|
|
|
|
return CMD_WARNING_CONFIG_FAILED;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if ((hash_algo != KEYCHAIN_ALGO_NULL) && (hash_algo != key->hash_algo))
|
|
|
|
|
return CMD_SUCCESS;
|
|
|
|
|
|
|
|
|
|
key->hash_algo = KEYCHAIN_ALGO_NULL;
|
|
|
|
|
return CMD_SUCCESS;
|
|
|
|
|
}
|
|
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
/* Convert HH:MM:SS MON DAY YEAR to time_t value. -1 is returned when
|
|
|
|
|
given string is malformed. */
|
2004-10-05 23:01:23 +02:00
|
|
|
static time_t key_str2time(const char *time_str, const char *day_str,
|
|
|
|
|
const char *month_str, const char *year_str)
|
2002-12-13 21:15:29 +01:00
|
|
|
{
|
|
|
|
|
int i = 0;
|
|
|
|
|
char *colon;
|
|
|
|
|
struct tm tm;
|
|
|
|
|
time_t time;
|
2004-10-05 23:01:23 +02:00
|
|
|
unsigned int sec, min, hour;
|
2005-05-06 Paul Jakma <paul@dishone.st>
* (general) extern and static'ification of functions in code and
header.
Cleanup any definitions with unspecified arguments.
Add casts for callback assignments where the callback is defined,
typically, as passing void *, but the function being assigned has
some other pointer type defined as its argument, as gcc complains
about casts from void * to X* via function arguments.
Fix some old K&R style function argument definitions.
Add noreturn gcc attribute to some functions, as appropriate.
Add unused gcc attribute to some functions (eg ones meant to help
while debugging)
Add guard defines to headers which were missing them.
* command.c: (install_node) add const qualifier, still doesnt shut
up the warning though, because of the double pointer.
(cmp_node) ditto
* keychain.c: (key_str2time) Add GET_LONG_RANGE() macro, derived
fromn vty.h ones to fix some of the (long) < 0 warnings.
* thread.c: (various) use thread_empty
(cpu_record_hash_key) should cast to uintptr_t, a stdint.h type
* vty.h: Add VTY_GET_IPV4_ADDRESS and VTY_GET_IPV4_PREFIX so they
removed from ospfd/ospf_vty.h
* zebra.h: Move definition of ZEBRA_PORT to here, to remove
dependence of lib on zebra/zserv.h
2005-05-06 23:25:49 +02:00
|
|
|
unsigned int day, month, year;
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2005-05-06 Paul Jakma <paul@dishone.st>
* (general) extern and static'ification of functions in code and
header.
Cleanup any definitions with unspecified arguments.
Add casts for callback assignments where the callback is defined,
typically, as passing void *, but the function being assigned has
some other pointer type defined as its argument, as gcc complains
about casts from void * to X* via function arguments.
Fix some old K&R style function argument definitions.
Add noreturn gcc attribute to some functions, as appropriate.
Add unused gcc attribute to some functions (eg ones meant to help
while debugging)
Add guard defines to headers which were missing them.
* command.c: (install_node) add const qualifier, still doesnt shut
up the warning though, because of the double pointer.
(cmp_node) ditto
* keychain.c: (key_str2time) Add GET_LONG_RANGE() macro, derived
fromn vty.h ones to fix some of the (long) < 0 warnings.
* thread.c: (various) use thread_empty
(cpu_record_hash_key) should cast to uintptr_t, a stdint.h type
* vty.h: Add VTY_GET_IPV4_ADDRESS and VTY_GET_IPV4_PREFIX so they
removed from ospfd/ospf_vty.h
* zebra.h: Move definition of ZEBRA_PORT to here, to remove
dependence of lib on zebra/zserv.h
2005-05-06 23:25:49 +02:00
|
|
|
const char *month_name[] = {
|
|
|
|
|
"January", "February", "March", "April", "May",
|
|
|
|
|
"June", "July", "August", "September", "October",
|
|
|
|
|
"November", "December", NULL};
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2015-03-03 08:56:48 +01:00
|
|
|
#define _GET_LONG_RANGE(V, STR, MMCOND) \
|
|
|
|
|
{ \
|
|
|
|
|
unsigned long tmpl; \
|
2002-12-13 21:15:29 +01:00
|
|
|
char *endptr = NULL; \
|
|
|
|
|
tmpl = strtoul((STR), &endptr, 10); \
|
|
|
|
|
if (*endptr != '\0' || tmpl == ULONG_MAX) \
|
|
|
|
|
return -1; \
|
|
|
|
|
if (MMCOND) \
|
|
|
|
|
return -1; \
|
|
|
|
|
(V) = tmpl; \
|
|
|
|
|
}
|
2015-03-03 08:56:48 +01:00
|
|
|
#define GET_LONG_RANGE(V, STR, MIN, MAX) \
|
|
|
|
|
_GET_LONG_RANGE(V, STR, tmpl<(MIN) || tmpl>(MAX))
|
|
|
|
|
#define GET_LONG_RANGE0(V, STR, MAX) _GET_LONG_RANGE(V, STR, tmpl > (MAX))
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
/* Check hour field of time_str. */
|
|
|
|
|
colon = strchr(time_str, ':');
|
|
|
|
|
if (colon == NULL)
|
2005-05-06 Paul Jakma <paul@dishone.st>
* (general) extern and static'ification of functions in code and
header.
Cleanup any definitions with unspecified arguments.
Add casts for callback assignments where the callback is defined,
typically, as passing void *, but the function being assigned has
some other pointer type defined as its argument, as gcc complains
about casts from void * to X* via function arguments.
Fix some old K&R style function argument definitions.
Add noreturn gcc attribute to some functions, as appropriate.
Add unused gcc attribute to some functions (eg ones meant to help
while debugging)
Add guard defines to headers which were missing them.
* command.c: (install_node) add const qualifier, still doesnt shut
up the warning though, because of the double pointer.
(cmp_node) ditto
* keychain.c: (key_str2time) Add GET_LONG_RANGE() macro, derived
fromn vty.h ones to fix some of the (long) < 0 warnings.
* thread.c: (various) use thread_empty
(cpu_record_hash_key) should cast to uintptr_t, a stdint.h type
* vty.h: Add VTY_GET_IPV4_ADDRESS and VTY_GET_IPV4_PREFIX so they
removed from ospfd/ospf_vty.h
* zebra.h: Move definition of ZEBRA_PORT to here, to remove
dependence of lib on zebra/zserv.h
2005-05-06 23:25:49 +02:00
|
|
|
return -1;
|
2002-12-13 21:15:29 +01:00
|
|
|
*colon = '\0';
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
/* Hour must be between 0 and 23. */
|
2015-03-03 08:56:48 +01:00
|
|
|
GET_LONG_RANGE0(hour, time_str, 23);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
/* Check min field of time_str. */
|
|
|
|
|
time_str = colon + 1;
|
|
|
|
|
colon = strchr(time_str, ':');
|
2005-05-06 Paul Jakma <paul@dishone.st>
* (general) extern and static'ification of functions in code and
header.
Cleanup any definitions with unspecified arguments.
Add casts for callback assignments where the callback is defined,
typically, as passing void *, but the function being assigned has
some other pointer type defined as its argument, as gcc complains
about casts from void * to X* via function arguments.
Fix some old K&R style function argument definitions.
Add noreturn gcc attribute to some functions, as appropriate.
Add unused gcc attribute to some functions (eg ones meant to help
while debugging)
Add guard defines to headers which were missing them.
* command.c: (install_node) add const qualifier, still doesnt shut
up the warning though, because of the double pointer.
(cmp_node) ditto
* keychain.c: (key_str2time) Add GET_LONG_RANGE() macro, derived
fromn vty.h ones to fix some of the (long) < 0 warnings.
* thread.c: (various) use thread_empty
(cpu_record_hash_key) should cast to uintptr_t, a stdint.h type
* vty.h: Add VTY_GET_IPV4_ADDRESS and VTY_GET_IPV4_PREFIX so they
removed from ospfd/ospf_vty.h
* zebra.h: Move definition of ZEBRA_PORT to here, to remove
dependence of lib on zebra/zserv.h
2005-05-06 23:25:49 +02:00
|
|
|
if (*time_str == '\0' || colon == NULL)
|
|
|
|
|
return -1;
|
2002-12-13 21:15:29 +01:00
|
|
|
*colon = '\0';
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
/* Min must be between 0 and 59. */
|
2015-03-03 08:56:48 +01:00
|
|
|
GET_LONG_RANGE0(min, time_str, 59);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
/* Check sec field of time_str. */
|
|
|
|
|
time_str = colon + 1;
|
|
|
|
|
if (*time_str == '\0')
|
2005-05-06 Paul Jakma <paul@dishone.st>
* (general) extern and static'ification of functions in code and
header.
Cleanup any definitions with unspecified arguments.
Add casts for callback assignments where the callback is defined,
typically, as passing void *, but the function being assigned has
some other pointer type defined as its argument, as gcc complains
about casts from void * to X* via function arguments.
Fix some old K&R style function argument definitions.
Add noreturn gcc attribute to some functions, as appropriate.
Add unused gcc attribute to some functions (eg ones meant to help
while debugging)
Add guard defines to headers which were missing them.
* command.c: (install_node) add const qualifier, still doesnt shut
up the warning though, because of the double pointer.
(cmp_node) ditto
* keychain.c: (key_str2time) Add GET_LONG_RANGE() macro, derived
fromn vty.h ones to fix some of the (long) < 0 warnings.
* thread.c: (various) use thread_empty
(cpu_record_hash_key) should cast to uintptr_t, a stdint.h type
* vty.h: Add VTY_GET_IPV4_ADDRESS and VTY_GET_IPV4_PREFIX so they
removed from ospfd/ospf_vty.h
* zebra.h: Move definition of ZEBRA_PORT to here, to remove
dependence of lib on zebra/zserv.h
2005-05-06 23:25:49 +02:00
|
|
|
return -1;
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
/* Sec must be between 0 and 59. */
|
2015-03-03 08:56:48 +01:00
|
|
|
GET_LONG_RANGE0(sec, time_str, 59);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
/* Check day_str. Day must be <1-31>. */
|
2005-05-06 Paul Jakma <paul@dishone.st>
* (general) extern and static'ification of functions in code and
header.
Cleanup any definitions with unspecified arguments.
Add casts for callback assignments where the callback is defined,
typically, as passing void *, but the function being assigned has
some other pointer type defined as its argument, as gcc complains
about casts from void * to X* via function arguments.
Fix some old K&R style function argument definitions.
Add noreturn gcc attribute to some functions, as appropriate.
Add unused gcc attribute to some functions (eg ones meant to help
while debugging)
Add guard defines to headers which were missing them.
* command.c: (install_node) add const qualifier, still doesnt shut
up the warning though, because of the double pointer.
(cmp_node) ditto
* keychain.c: (key_str2time) Add GET_LONG_RANGE() macro, derived
fromn vty.h ones to fix some of the (long) < 0 warnings.
* thread.c: (various) use thread_empty
(cpu_record_hash_key) should cast to uintptr_t, a stdint.h type
* vty.h: Add VTY_GET_IPV4_ADDRESS and VTY_GET_IPV4_PREFIX so they
removed from ospfd/ospf_vty.h
* zebra.h: Move definition of ZEBRA_PORT to here, to remove
dependence of lib on zebra/zserv.h
2005-05-06 23:25:49 +02:00
|
|
|
GET_LONG_RANGE(day, day_str, 1, 31);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
/* Check month_str. Month must match month_name. */
|
|
|
|
|
month = 0;
|
|
|
|
|
if (strlen(month_str) >= 3)
|
|
|
|
|
for (i = 0; month_name[i]; i++)
|
|
|
|
|
if (strncmp(month_str, month_name[i], strlen(month_str))
|
2017-07-17 14:03:14 +02:00
|
|
|
== 0) {
|
2002-12-13 21:15:29 +01:00
|
|
|
month = i;
|
|
|
|
|
break;
|
2017-07-17 14:03:14 +02:00
|
|
|
}
|
2002-12-13 21:15:29 +01:00
|
|
|
if (!month_name[i])
|
|
|
|
|
return -1;
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
/* Check year_str. Year must be <1993-2035>. */
|
2005-05-06 Paul Jakma <paul@dishone.st>
* (general) extern and static'ification of functions in code and
header.
Cleanup any definitions with unspecified arguments.
Add casts for callback assignments where the callback is defined,
typically, as passing void *, but the function being assigned has
some other pointer type defined as its argument, as gcc complains
about casts from void * to X* via function arguments.
Fix some old K&R style function argument definitions.
Add noreturn gcc attribute to some functions, as appropriate.
Add unused gcc attribute to some functions (eg ones meant to help
while debugging)
Add guard defines to headers which were missing them.
* command.c: (install_node) add const qualifier, still doesnt shut
up the warning though, because of the double pointer.
(cmp_node) ditto
* keychain.c: (key_str2time) Add GET_LONG_RANGE() macro, derived
fromn vty.h ones to fix some of the (long) < 0 warnings.
* thread.c: (various) use thread_empty
(cpu_record_hash_key) should cast to uintptr_t, a stdint.h type
* vty.h: Add VTY_GET_IPV4_ADDRESS and VTY_GET_IPV4_PREFIX so they
removed from ospfd/ospf_vty.h
* zebra.h: Move definition of ZEBRA_PORT to here, to remove
dependence of lib on zebra/zserv.h
2005-05-06 23:25:49 +02:00
|
|
|
GET_LONG_RANGE(year, year_str, 1993, 2035);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2022-05-11 12:16:44 +02:00
|
|
|
memset(&tm, 0, sizeof(tm));
|
2002-12-13 21:15:29 +01:00
|
|
|
tm.tm_sec = sec;
|
|
|
|
|
tm.tm_min = min;
|
|
|
|
|
tm.tm_hour = hour;
|
|
|
|
|
tm.tm_mon = month;
|
|
|
|
|
tm.tm_mday = day;
|
|
|
|
|
tm.tm_year = year - 1900;
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
time = mktime(&tm);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
return time;
|
2005-05-06 Paul Jakma <paul@dishone.st>
* (general) extern and static'ification of functions in code and
header.
Cleanup any definitions with unspecified arguments.
Add casts for callback assignments where the callback is defined,
typically, as passing void *, but the function being assigned has
some other pointer type defined as its argument, as gcc complains
about casts from void * to X* via function arguments.
Fix some old K&R style function argument definitions.
Add noreturn gcc attribute to some functions, as appropriate.
Add unused gcc attribute to some functions (eg ones meant to help
while debugging)
Add guard defines to headers which were missing them.
* command.c: (install_node) add const qualifier, still doesnt shut
up the warning though, because of the double pointer.
(cmp_node) ditto
* keychain.c: (key_str2time) Add GET_LONG_RANGE() macro, derived
fromn vty.h ones to fix some of the (long) < 0 warnings.
* thread.c: (various) use thread_empty
(cpu_record_hash_key) should cast to uintptr_t, a stdint.h type
* vty.h: Add VTY_GET_IPV4_ADDRESS and VTY_GET_IPV4_PREFIX so they
removed from ospfd/ospf_vty.h
* zebra.h: Move definition of ZEBRA_PORT to here, to remove
dependence of lib on zebra/zserv.h
2005-05-06 23:25:49 +02:00
|
|
|
#undef GET_LONG_RANGE
|
2002-12-13 21:15:29 +01:00
|
|
|
}
|
|
|
|
|
|
2004-10-05 23:01:23 +02:00
|
|
|
static int key_lifetime_set(struct vty *vty, struct key_range *krange,
|
|
|
|
|
const char *stime_str, const char *sday_str,
|
|
|
|
|
const char *smonth_str, const char *syear_str,
|
|
|
|
|
const char *etime_str, const char *eday_str,
|
|
|
|
|
const char *emonth_str, const char *eyear_str)
|
2002-12-13 21:15:29 +01:00
|
|
|
{
|
|
|
|
|
time_t time_start;
|
|
|
|
|
time_t time_end;
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
time_start = key_str2time(stime_str, sday_str, smonth_str, syear_str);
|
|
|
|
|
if (time_start < 0) {
|
2017-07-13 17:49:13 +02:00
|
|
|
vty_out(vty, "Malformed time value\n");
|
2017-07-13 21:56:08 +02:00
|
|
|
return CMD_WARNING_CONFIG_FAILED;
|
2002-12-13 21:15:29 +01:00
|
|
|
}
|
|
|
|
|
time_end = key_str2time(etime_str, eday_str, emonth_str, eyear_str);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
if (time_end < 0) {
|
2017-07-13 17:49:13 +02:00
|
|
|
vty_out(vty, "Malformed time value\n");
|
2017-07-13 21:56:08 +02:00
|
|
|
return CMD_WARNING_CONFIG_FAILED;
|
2002-12-13 21:15:29 +01:00
|
|
|
}
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
if (time_end <= time_start) {
|
2017-07-13 17:49:13 +02:00
|
|
|
vty_out(vty, "Expire time is not later than start time\n");
|
2017-07-13 21:56:08 +02:00
|
|
|
return CMD_WARNING_CONFIG_FAILED;
|
2002-12-13 21:15:29 +01:00
|
|
|
}
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
krange->start = time_start;
|
|
|
|
|
krange->end = time_end;
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
return CMD_SUCCESS;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static int key_lifetime_duration_set(struct vty *vty, struct key_range *krange,
|
2004-10-05 23:01:23 +02:00
|
|
|
const char *stime_str,
|
|
|
|
|
const char *sday_str,
|
|
|
|
|
const char *smonth_str,
|
|
|
|
|
const char *syear_str,
|
|
|
|
|
const char *duration_str)
|
2002-12-13 21:15:29 +01:00
|
|
|
{
|
|
|
|
|
time_t time_start;
|
2018-03-27 21:13:34 +02:00
|
|
|
uint32_t duration;
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
time_start = key_str2time(stime_str, sday_str, smonth_str, syear_str);
|
|
|
|
|
if (time_start < 0) {
|
2017-07-13 17:49:13 +02:00
|
|
|
vty_out(vty, "Malformed time value\n");
|
2017-07-13 21:56:08 +02:00
|
|
|
return CMD_WARNING_CONFIG_FAILED;
|
2002-12-13 21:15:29 +01:00
|
|
|
}
|
|
|
|
|
krange->start = time_start;
|
2017-07-17 14:03:14 +02:00
|
|
|
|
*: remove VTY_GET_*
CLI validates input tokens, so there's no need to do it in handler
functions anymore.
spatch follows
----------------
@getull@
expression v;
expression str;
@@
<...
- VTY_GET_ULL(..., v, str)
+ v = strtoull (str, NULL, 10)
...>
@getul@
expression v;
expression str;
@@
<...
- VTY_GET_ULONG(..., v, str)
+ v = strtoul (str, NULL, 10)
...>
@getintrange@
expression name;
expression v;
expression str;
@@
<...
- VTY_GET_INTEGER_RANGE(name, v, str, ...)
+ v = strtoul (str, NULL, 10)
...>
@getint@
expression v;
expression str;
@@
<...
- VTY_GET_INTEGER(..., v, str)
+ v = strtoul (str, NULL, 10)
...>
@getv4@
expression v;
expression str;
@@
<...
- VTY_GET_IPV4_ADDRESS(..., v, str)
+ inet_aton (str, &v)
...>
@getv4pfx@
expression v;
expression str;
@@
<...
- VTY_GET_IPV4_PREFIX(..., v, str)
+ str2prefix_ipv4 (str, &v)
...>
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
2017-06-27 20:47:03 +02:00
|
|
|
duration = strtoul(duration_str, NULL, 10);
|
2002-12-13 21:15:29 +01:00
|
|
|
krange->duration = 1;
|
|
|
|
|
krange->end = time_start + duration;
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
return CMD_SUCCESS;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static int key_lifetime_infinite_set(struct vty *vty, struct key_range *krange,
|
2004-10-05 23:01:23 +02:00
|
|
|
const char *stime_str,
|
|
|
|
|
const char *sday_str,
|
|
|
|
|
const char *smonth_str,
|
|
|
|
|
const char *syear_str)
|
2002-12-13 21:15:29 +01:00
|
|
|
{
|
|
|
|
|
time_t time_start;
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
time_start = key_str2time(stime_str, sday_str, smonth_str, syear_str);
|
|
|
|
|
if (time_start < 0) {
|
2017-07-13 17:49:13 +02:00
|
|
|
vty_out(vty, "Malformed time value\n");
|
2017-07-13 21:56:08 +02:00
|
|
|
return CMD_WARNING_CONFIG_FAILED;
|
2002-12-13 21:15:29 +01:00
|
|
|
}
|
|
|
|
|
krange->start = time_start;
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
krange->end = -1;
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
return CMD_SUCCESS;
|
|
|
|
|
}
|
2014-06-04 06:53:35 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
DEFUN (accept_lifetime_day_month_day_month,
|
|
|
|
|
accept_lifetime_day_month_day_month_cmd,
|
2016-09-23 15:47:20 +02:00
|
|
|
"accept-lifetime HH:MM:SS (1-31) MONTH (1993-2035) HH:MM:SS (1-31) MONTH (1993-2035)",
|
2002-12-13 21:15:29 +01:00
|
|
|
"Set accept lifetime of the key\n"
|
|
|
|
|
"Time to start\n"
|
|
|
|
|
"Day of th month to start\n"
|
|
|
|
|
"Month of the year to start\n"
|
|
|
|
|
"Year to start\n"
|
|
|
|
|
"Time to expire\n"
|
|
|
|
|
"Day of th month to expire\n"
|
|
|
|
|
"Month of the year to expire\n"
|
|
|
|
|
"Year to expire\n")
|
|
|
|
|
{
|
2016-09-23 22:17:29 +02:00
|
|
|
int idx_hhmmss = 1;
|
|
|
|
|
int idx_number = 2;
|
|
|
|
|
int idx_month = 3;
|
|
|
|
|
int idx_number_2 = 4;
|
|
|
|
|
int idx_hhmmss_2 = 5;
|
|
|
|
|
int idx_number_3 = 6;
|
|
|
|
|
int idx_month_2 = 7;
|
|
|
|
|
int idx_number_4 = 8;
|
2016-09-27 16:51:58 +02:00
|
|
|
VTY_DECLVAR_CONTEXT_SUB(key, key);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2016-09-23 22:17:29 +02:00
|
|
|
return key_lifetime_set(
|
|
|
|
|
vty, &key->accept, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
|
|
|
|
|
argv[idx_month]->arg, argv[idx_number_2]->arg,
|
|
|
|
|
argv[idx_hhmmss_2]->arg, argv[idx_number_3]->arg,
|
|
|
|
|
argv[idx_month_2]->arg, argv[idx_number_4]->arg);
|
2002-12-13 21:15:29 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
DEFUN (accept_lifetime_day_month_month_day,
|
|
|
|
|
accept_lifetime_day_month_month_day_cmd,
|
2016-09-23 15:47:20 +02:00
|
|
|
"accept-lifetime HH:MM:SS (1-31) MONTH (1993-2035) HH:MM:SS MONTH (1-31) (1993-2035)",
|
2002-12-13 21:15:29 +01:00
|
|
|
"Set accept lifetime of the key\n"
|
|
|
|
|
"Time to start\n"
|
|
|
|
|
"Day of th month to start\n"
|
|
|
|
|
"Month of the year to start\n"
|
|
|
|
|
"Year to start\n"
|
|
|
|
|
"Time to expire\n"
|
|
|
|
|
"Month of the year to expire\n"
|
|
|
|
|
"Day of th month to expire\n"
|
|
|
|
|
"Year to expire\n")
|
|
|
|
|
{
|
2016-09-23 22:17:29 +02:00
|
|
|
int idx_hhmmss = 1;
|
|
|
|
|
int idx_number = 2;
|
|
|
|
|
int idx_month = 3;
|
|
|
|
|
int idx_number_2 = 4;
|
|
|
|
|
int idx_hhmmss_2 = 5;
|
|
|
|
|
int idx_month_2 = 6;
|
|
|
|
|
int idx_number_3 = 7;
|
|
|
|
|
int idx_number_4 = 8;
|
2016-09-27 16:51:58 +02:00
|
|
|
VTY_DECLVAR_CONTEXT_SUB(key, key);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2016-09-23 22:17:29 +02:00
|
|
|
return key_lifetime_set(
|
|
|
|
|
vty, &key->accept, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
|
|
|
|
|
argv[idx_month]->arg, argv[idx_number_2]->arg,
|
|
|
|
|
argv[idx_hhmmss_2]->arg, argv[idx_number_3]->arg,
|
|
|
|
|
argv[idx_month_2]->arg, argv[idx_number_4]->arg);
|
2002-12-13 21:15:29 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
DEFUN (accept_lifetime_month_day_day_month,
|
|
|
|
|
accept_lifetime_month_day_day_month_cmd,
|
2016-09-23 15:47:20 +02:00
|
|
|
"accept-lifetime HH:MM:SS MONTH (1-31) (1993-2035) HH:MM:SS (1-31) MONTH (1993-2035)",
|
2002-12-13 21:15:29 +01:00
|
|
|
"Set accept lifetime of the key\n"
|
|
|
|
|
"Time to start\n"
|
|
|
|
|
"Month of the year to start\n"
|
|
|
|
|
"Day of th month to start\n"
|
|
|
|
|
"Year to start\n"
|
|
|
|
|
"Time to expire\n"
|
|
|
|
|
"Day of th month to expire\n"
|
|
|
|
|
"Month of the year to expire\n"
|
|
|
|
|
"Year to expire\n")
|
|
|
|
|
{
|
2016-09-23 22:17:29 +02:00
|
|
|
int idx_hhmmss = 1;
|
|
|
|
|
int idx_month = 2;
|
|
|
|
|
int idx_number = 3;
|
|
|
|
|
int idx_number_2 = 4;
|
|
|
|
|
int idx_hhmmss_2 = 5;
|
|
|
|
|
int idx_number_3 = 6;
|
|
|
|
|
int idx_month_2 = 7;
|
|
|
|
|
int idx_number_4 = 8;
|
2016-09-27 16:51:58 +02:00
|
|
|
VTY_DECLVAR_CONTEXT_SUB(key, key);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2016-09-23 22:17:29 +02:00
|
|
|
return key_lifetime_set(
|
|
|
|
|
vty, &key->accept, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
|
|
|
|
|
argv[idx_month]->arg, argv[idx_number_2]->arg,
|
|
|
|
|
argv[idx_hhmmss_2]->arg, argv[idx_number_3]->arg,
|
|
|
|
|
argv[idx_month_2]->arg, argv[idx_number_4]->arg);
|
2002-12-13 21:15:29 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
DEFUN (accept_lifetime_month_day_month_day,
|
|
|
|
|
accept_lifetime_month_day_month_day_cmd,
|
2016-09-23 15:47:20 +02:00
|
|
|
"accept-lifetime HH:MM:SS MONTH (1-31) (1993-2035) HH:MM:SS MONTH (1-31) (1993-2035)",
|
2002-12-13 21:15:29 +01:00
|
|
|
"Set accept lifetime of the key\n"
|
|
|
|
|
"Time to start\n"
|
|
|
|
|
"Month of the year to start\n"
|
|
|
|
|
"Day of th month to start\n"
|
|
|
|
|
"Year to start\n"
|
|
|
|
|
"Time to expire\n"
|
|
|
|
|
"Month of the year to expire\n"
|
|
|
|
|
"Day of th month to expire\n"
|
|
|
|
|
"Year to expire\n")
|
|
|
|
|
{
|
2016-09-23 22:17:29 +02:00
|
|
|
int idx_hhmmss = 1;
|
|
|
|
|
int idx_month = 2;
|
|
|
|
|
int idx_number = 3;
|
|
|
|
|
int idx_number_2 = 4;
|
|
|
|
|
int idx_hhmmss_2 = 5;
|
|
|
|
|
int idx_month_2 = 6;
|
|
|
|
|
int idx_number_3 = 7;
|
|
|
|
|
int idx_number_4 = 8;
|
2016-09-27 16:51:58 +02:00
|
|
|
VTY_DECLVAR_CONTEXT_SUB(key, key);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2016-09-23 22:17:29 +02:00
|
|
|
return key_lifetime_set(
|
|
|
|
|
vty, &key->accept, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
|
|
|
|
|
argv[idx_month]->arg, argv[idx_number_2]->arg,
|
|
|
|
|
argv[idx_hhmmss_2]->arg, argv[idx_number_3]->arg,
|
|
|
|
|
argv[idx_month_2]->arg, argv[idx_number_4]->arg);
|
2002-12-13 21:15:29 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
DEFUN (accept_lifetime_infinite_day_month,
|
|
|
|
|
accept_lifetime_infinite_day_month_cmd,
|
2016-09-23 15:47:20 +02:00
|
|
|
"accept-lifetime HH:MM:SS (1-31) MONTH (1993-2035) infinite",
|
2002-12-13 21:15:29 +01:00
|
|
|
"Set accept lifetime of the key\n"
|
|
|
|
|
"Time to start\n"
|
|
|
|
|
"Day of th month to start\n"
|
|
|
|
|
"Month of the year to start\n"
|
|
|
|
|
"Year to start\n"
|
2017-10-21 02:16:57 +02:00
|
|
|
"Never expires\n")
|
2002-12-13 21:15:29 +01:00
|
|
|
{
|
2016-09-23 22:17:29 +02:00
|
|
|
int idx_hhmmss = 1;
|
|
|
|
|
int idx_number = 2;
|
|
|
|
|
int idx_month = 3;
|
|
|
|
|
int idx_number_2 = 4;
|
2016-09-27 16:51:58 +02:00
|
|
|
VTY_DECLVAR_CONTEXT_SUB(key, key);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2016-09-23 22:17:29 +02:00
|
|
|
return key_lifetime_infinite_set(
|
|
|
|
|
vty, &key->accept, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
|
|
|
|
|
argv[idx_month]->arg, argv[idx_number_2]->arg);
|
2002-12-13 21:15:29 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
DEFUN (accept_lifetime_infinite_month_day,
|
|
|
|
|
accept_lifetime_infinite_month_day_cmd,
|
2016-09-23 15:47:20 +02:00
|
|
|
"accept-lifetime HH:MM:SS MONTH (1-31) (1993-2035) infinite",
|
2002-12-13 21:15:29 +01:00
|
|
|
"Set accept lifetime of the key\n"
|
|
|
|
|
"Time to start\n"
|
|
|
|
|
"Month of the year to start\n"
|
|
|
|
|
"Day of th month to start\n"
|
|
|
|
|
"Year to start\n"
|
2017-10-21 02:16:57 +02:00
|
|
|
"Never expires\n")
|
2002-12-13 21:15:29 +01:00
|
|
|
{
|
2016-09-23 22:17:29 +02:00
|
|
|
int idx_hhmmss = 1;
|
|
|
|
|
int idx_month = 2;
|
|
|
|
|
int idx_number = 3;
|
|
|
|
|
int idx_number_2 = 4;
|
2016-09-27 16:51:58 +02:00
|
|
|
VTY_DECLVAR_CONTEXT_SUB(key, key);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2016-09-23 22:17:29 +02:00
|
|
|
return key_lifetime_infinite_set(
|
|
|
|
|
vty, &key->accept, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
|
|
|
|
|
argv[idx_month]->arg, argv[idx_number_2]->arg);
|
2002-12-13 21:15:29 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
DEFUN (accept_lifetime_duration_day_month,
|
|
|
|
|
accept_lifetime_duration_day_month_cmd,
|
2016-09-23 15:47:20 +02:00
|
|
|
"accept-lifetime HH:MM:SS (1-31) MONTH (1993-2035) duration (1-2147483646)",
|
2002-12-13 21:15:29 +01:00
|
|
|
"Set accept lifetime of the key\n"
|
|
|
|
|
"Time to start\n"
|
|
|
|
|
"Day of th month to start\n"
|
|
|
|
|
"Month of the year to start\n"
|
|
|
|
|
"Year to start\n"
|
|
|
|
|
"Duration of the key\n"
|
|
|
|
|
"Duration seconds\n")
|
|
|
|
|
{
|
2016-09-23 22:17:29 +02:00
|
|
|
int idx_hhmmss = 1;
|
|
|
|
|
int idx_number = 2;
|
|
|
|
|
int idx_month = 3;
|
|
|
|
|
int idx_number_2 = 4;
|
|
|
|
|
int idx_number_3 = 6;
|
2016-09-27 16:51:58 +02:00
|
|
|
VTY_DECLVAR_CONTEXT_SUB(key, key);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2016-09-23 22:17:29 +02:00
|
|
|
return key_lifetime_duration_set(
|
|
|
|
|
vty, &key->accept, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
|
|
|
|
|
argv[idx_month]->arg, argv[idx_number_2]->arg,
|
|
|
|
|
argv[idx_number_3]->arg);
|
2002-12-13 21:15:29 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
DEFUN (accept_lifetime_duration_month_day,
|
|
|
|
|
accept_lifetime_duration_month_day_cmd,
|
2016-09-23 15:47:20 +02:00
|
|
|
"accept-lifetime HH:MM:SS MONTH (1-31) (1993-2035) duration (1-2147483646)",
|
2002-12-13 21:15:29 +01:00
|
|
|
"Set accept lifetime of the key\n"
|
|
|
|
|
"Time to start\n"
|
|
|
|
|
"Month of the year to start\n"
|
|
|
|
|
"Day of th month to start\n"
|
|
|
|
|
"Year to start\n"
|
|
|
|
|
"Duration of the key\n"
|
|
|
|
|
"Duration seconds\n")
|
|
|
|
|
{
|
2016-09-23 22:17:29 +02:00
|
|
|
int idx_hhmmss = 1;
|
|
|
|
|
int idx_month = 2;
|
|
|
|
|
int idx_number = 3;
|
|
|
|
|
int idx_number_2 = 4;
|
|
|
|
|
int idx_number_3 = 6;
|
2016-09-27 16:51:58 +02:00
|
|
|
VTY_DECLVAR_CONTEXT_SUB(key, key);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2016-09-23 22:17:29 +02:00
|
|
|
return key_lifetime_duration_set(
|
|
|
|
|
vty, &key->accept, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
|
|
|
|
|
argv[idx_month]->arg, argv[idx_number_2]->arg,
|
|
|
|
|
argv[idx_number_3]->arg);
|
2002-12-13 21:15:29 +01:00
|
|
|
}
|
2014-06-04 06:53:35 +02:00
|
|
|
|
2018-02-07 12:56:06 +01:00
|
|
|
DEFUN (no_accept_lifetime,
|
|
|
|
|
no_accept_lifetime_cmd,
|
|
|
|
|
"no accept-lifetime",
|
|
|
|
|
NO_STR
|
|
|
|
|
"Unset accept-lifetime\n")
|
|
|
|
|
{
|
|
|
|
|
VTY_DECLVAR_CONTEXT_SUB(key, key);
|
|
|
|
|
|
|
|
|
|
if (key->accept.start)
|
|
|
|
|
key->accept.start = 0;
|
|
|
|
|
if (key->accept.end)
|
|
|
|
|
key->accept.end = 0;
|
|
|
|
|
if (key->accept.duration)
|
|
|
|
|
key->accept.duration = 0;
|
|
|
|
|
|
|
|
|
|
return CMD_SUCCESS;
|
|
|
|
|
}
|
|
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
DEFUN (send_lifetime_day_month_day_month,
|
|
|
|
|
send_lifetime_day_month_day_month_cmd,
|
2016-09-23 15:47:20 +02:00
|
|
|
"send-lifetime HH:MM:SS (1-31) MONTH (1993-2035) HH:MM:SS (1-31) MONTH (1993-2035)",
|
2002-12-13 21:15:29 +01:00
|
|
|
"Set send lifetime of the key\n"
|
|
|
|
|
"Time to start\n"
|
|
|
|
|
"Day of th month to start\n"
|
|
|
|
|
"Month of the year to start\n"
|
|
|
|
|
"Year to start\n"
|
|
|
|
|
"Time to expire\n"
|
|
|
|
|
"Day of th month to expire\n"
|
|
|
|
|
"Month of the year to expire\n"
|
|
|
|
|
"Year to expire\n")
|
|
|
|
|
{
|
2016-09-23 22:17:29 +02:00
|
|
|
int idx_hhmmss = 1;
|
|
|
|
|
int idx_number = 2;
|
|
|
|
|
int idx_month = 3;
|
|
|
|
|
int idx_number_2 = 4;
|
|
|
|
|
int idx_hhmmss_2 = 5;
|
|
|
|
|
int idx_number_3 = 6;
|
|
|
|
|
int idx_month_2 = 7;
|
|
|
|
|
int idx_number_4 = 8;
|
2016-09-27 16:51:58 +02:00
|
|
|
VTY_DECLVAR_CONTEXT_SUB(key, key);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2016-09-23 22:17:29 +02:00
|
|
|
return key_lifetime_set(
|
|
|
|
|
vty, &key->send, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
|
|
|
|
|
argv[idx_month]->arg, argv[idx_number_2]->arg,
|
|
|
|
|
argv[idx_hhmmss_2]->arg, argv[idx_number_3]->arg,
|
|
|
|
|
argv[idx_month_2]->arg, argv[idx_number_4]->arg);
|
2002-12-13 21:15:29 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
DEFUN (send_lifetime_day_month_month_day,
|
|
|
|
|
send_lifetime_day_month_month_day_cmd,
|
2016-09-23 15:47:20 +02:00
|
|
|
"send-lifetime HH:MM:SS (1-31) MONTH (1993-2035) HH:MM:SS MONTH (1-31) (1993-2035)",
|
2002-12-13 21:15:29 +01:00
|
|
|
"Set send lifetime of the key\n"
|
|
|
|
|
"Time to start\n"
|
|
|
|
|
"Day of th month to start\n"
|
|
|
|
|
"Month of the year to start\n"
|
|
|
|
|
"Year to start\n"
|
|
|
|
|
"Time to expire\n"
|
|
|
|
|
"Month of the year to expire\n"
|
|
|
|
|
"Day of th month to expire\n"
|
|
|
|
|
"Year to expire\n")
|
|
|
|
|
{
|
2016-09-23 22:17:29 +02:00
|
|
|
int idx_hhmmss = 1;
|
|
|
|
|
int idx_number = 2;
|
|
|
|
|
int idx_month = 3;
|
|
|
|
|
int idx_number_2 = 4;
|
|
|
|
|
int idx_hhmmss_2 = 5;
|
|
|
|
|
int idx_month_2 = 6;
|
|
|
|
|
int idx_number_3 = 7;
|
|
|
|
|
int idx_number_4 = 8;
|
2016-09-27 16:51:58 +02:00
|
|
|
VTY_DECLVAR_CONTEXT_SUB(key, key);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2016-09-23 22:17:29 +02:00
|
|
|
return key_lifetime_set(
|
|
|
|
|
vty, &key->send, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
|
|
|
|
|
argv[idx_month]->arg, argv[idx_number_2]->arg,
|
|
|
|
|
argv[idx_hhmmss_2]->arg, argv[idx_number_3]->arg,
|
|
|
|
|
argv[idx_month_2]->arg, argv[idx_number_4]->arg);
|
2002-12-13 21:15:29 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
DEFUN (send_lifetime_month_day_day_month,
|
|
|
|
|
send_lifetime_month_day_day_month_cmd,
|
2016-09-23 15:47:20 +02:00
|
|
|
"send-lifetime HH:MM:SS MONTH (1-31) (1993-2035) HH:MM:SS (1-31) MONTH (1993-2035)",
|
2002-12-13 21:15:29 +01:00
|
|
|
"Set send lifetime of the key\n"
|
|
|
|
|
"Time to start\n"
|
|
|
|
|
"Month of the year to start\n"
|
|
|
|
|
"Day of th month to start\n"
|
|
|
|
|
"Year to start\n"
|
|
|
|
|
"Time to expire\n"
|
|
|
|
|
"Day of th month to expire\n"
|
|
|
|
|
"Month of the year to expire\n"
|
|
|
|
|
"Year to expire\n")
|
|
|
|
|
{
|
2016-09-23 22:17:29 +02:00
|
|
|
int idx_hhmmss = 1;
|
|
|
|
|
int idx_month = 2;
|
|
|
|
|
int idx_number = 3;
|
|
|
|
|
int idx_number_2 = 4;
|
|
|
|
|
int idx_hhmmss_2 = 5;
|
|
|
|
|
int idx_number_3 = 6;
|
|
|
|
|
int idx_month_2 = 7;
|
|
|
|
|
int idx_number_4 = 8;
|
2016-09-27 16:51:58 +02:00
|
|
|
VTY_DECLVAR_CONTEXT_SUB(key, key);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2016-09-23 22:17:29 +02:00
|
|
|
return key_lifetime_set(
|
|
|
|
|
vty, &key->send, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
|
|
|
|
|
argv[idx_month]->arg, argv[idx_number_2]->arg,
|
|
|
|
|
argv[idx_hhmmss_2]->arg, argv[idx_number_3]->arg,
|
|
|
|
|
argv[idx_month_2]->arg, argv[idx_number_4]->arg);
|
2002-12-13 21:15:29 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
DEFUN (send_lifetime_month_day_month_day,
|
|
|
|
|
send_lifetime_month_day_month_day_cmd,
|
2016-09-23 15:47:20 +02:00
|
|
|
"send-lifetime HH:MM:SS MONTH (1-31) (1993-2035) HH:MM:SS MONTH (1-31) (1993-2035)",
|
2002-12-13 21:15:29 +01:00
|
|
|
"Set send lifetime of the key\n"
|
|
|
|
|
"Time to start\n"
|
|
|
|
|
"Month of the year to start\n"
|
|
|
|
|
"Day of th month to start\n"
|
|
|
|
|
"Year to start\n"
|
|
|
|
|
"Time to expire\n"
|
|
|
|
|
"Month of the year to expire\n"
|
|
|
|
|
"Day of th month to expire\n"
|
|
|
|
|
"Year to expire\n")
|
|
|
|
|
{
|
2016-09-23 22:17:29 +02:00
|
|
|
int idx_hhmmss = 1;
|
|
|
|
|
int idx_month = 2;
|
|
|
|
|
int idx_number = 3;
|
|
|
|
|
int idx_number_2 = 4;
|
|
|
|
|
int idx_hhmmss_2 = 5;
|
|
|
|
|
int idx_month_2 = 6;
|
|
|
|
|
int idx_number_3 = 7;
|
|
|
|
|
int idx_number_4 = 8;
|
2016-09-27 16:51:58 +02:00
|
|
|
VTY_DECLVAR_CONTEXT_SUB(key, key);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2016-09-23 22:17:29 +02:00
|
|
|
return key_lifetime_set(
|
|
|
|
|
vty, &key->send, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
|
|
|
|
|
argv[idx_month]->arg, argv[idx_number_2]->arg,
|
|
|
|
|
argv[idx_hhmmss_2]->arg, argv[idx_number_3]->arg,
|
|
|
|
|
argv[idx_month_2]->arg, argv[idx_number_4]->arg);
|
2002-12-13 21:15:29 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
DEFUN (send_lifetime_infinite_day_month,
|
|
|
|
|
send_lifetime_infinite_day_month_cmd,
|
2016-09-23 15:47:20 +02:00
|
|
|
"send-lifetime HH:MM:SS (1-31) MONTH (1993-2035) infinite",
|
2002-12-13 21:15:29 +01:00
|
|
|
"Set send lifetime of the key\n"
|
|
|
|
|
"Time to start\n"
|
|
|
|
|
"Day of th month to start\n"
|
|
|
|
|
"Month of the year to start\n"
|
|
|
|
|
"Year to start\n"
|
2017-10-21 02:16:57 +02:00
|
|
|
"Never expires\n")
|
2002-12-13 21:15:29 +01:00
|
|
|
{
|
2016-09-23 22:17:29 +02:00
|
|
|
int idx_hhmmss = 1;
|
|
|
|
|
int idx_number = 2;
|
|
|
|
|
int idx_month = 3;
|
|
|
|
|
int idx_number_2 = 4;
|
2016-09-27 16:51:58 +02:00
|
|
|
VTY_DECLVAR_CONTEXT_SUB(key, key);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2016-09-23 22:17:29 +02:00
|
|
|
return key_lifetime_infinite_set(
|
|
|
|
|
vty, &key->send, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
|
|
|
|
|
argv[idx_month]->arg, argv[idx_number_2]->arg);
|
2002-12-13 21:15:29 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
DEFUN (send_lifetime_infinite_month_day,
|
|
|
|
|
send_lifetime_infinite_month_day_cmd,
|
2016-09-23 15:47:20 +02:00
|
|
|
"send-lifetime HH:MM:SS MONTH (1-31) (1993-2035) infinite",
|
2002-12-13 21:15:29 +01:00
|
|
|
"Set send lifetime of the key\n"
|
|
|
|
|
"Time to start\n"
|
|
|
|
|
"Month of the year to start\n"
|
|
|
|
|
"Day of th month to start\n"
|
|
|
|
|
"Year to start\n"
|
2017-10-21 02:16:57 +02:00
|
|
|
"Never expires\n")
|
2002-12-13 21:15:29 +01:00
|
|
|
{
|
2016-09-23 22:17:29 +02:00
|
|
|
int idx_hhmmss = 1;
|
|
|
|
|
int idx_month = 2;
|
|
|
|
|
int idx_number = 3;
|
|
|
|
|
int idx_number_2 = 4;
|
2016-09-27 16:51:58 +02:00
|
|
|
VTY_DECLVAR_CONTEXT_SUB(key, key);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2016-09-23 22:17:29 +02:00
|
|
|
return key_lifetime_infinite_set(
|
|
|
|
|
vty, &key->send, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
|
|
|
|
|
argv[idx_month]->arg, argv[idx_number_2]->arg);
|
2002-12-13 21:15:29 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
DEFUN (send_lifetime_duration_day_month,
|
|
|
|
|
send_lifetime_duration_day_month_cmd,
|
2016-09-23 15:47:20 +02:00
|
|
|
"send-lifetime HH:MM:SS (1-31) MONTH (1993-2035) duration (1-2147483646)",
|
2002-12-13 21:15:29 +01:00
|
|
|
"Set send lifetime of the key\n"
|
|
|
|
|
"Time to start\n"
|
|
|
|
|
"Day of th month to start\n"
|
|
|
|
|
"Month of the year to start\n"
|
|
|
|
|
"Year to start\n"
|
|
|
|
|
"Duration of the key\n"
|
|
|
|
|
"Duration seconds\n")
|
|
|
|
|
{
|
2016-09-23 22:17:29 +02:00
|
|
|
int idx_hhmmss = 1;
|
|
|
|
|
int idx_number = 2;
|
|
|
|
|
int idx_month = 3;
|
|
|
|
|
int idx_number_2 = 4;
|
|
|
|
|
int idx_number_3 = 6;
|
2016-09-27 16:51:58 +02:00
|
|
|
VTY_DECLVAR_CONTEXT_SUB(key, key);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2016-09-23 22:17:29 +02:00
|
|
|
return key_lifetime_duration_set(
|
|
|
|
|
vty, &key->send, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
|
|
|
|
|
argv[idx_month]->arg, argv[idx_number_2]->arg,
|
|
|
|
|
argv[idx_number_3]->arg);
|
2002-12-13 21:15:29 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
DEFUN (send_lifetime_duration_month_day,
|
|
|
|
|
send_lifetime_duration_month_day_cmd,
|
2016-09-23 15:47:20 +02:00
|
|
|
"send-lifetime HH:MM:SS MONTH (1-31) (1993-2035) duration (1-2147483646)",
|
2002-12-13 21:15:29 +01:00
|
|
|
"Set send lifetime of the key\n"
|
|
|
|
|
"Time to start\n"
|
|
|
|
|
"Month of the year to start\n"
|
|
|
|
|
"Day of th month to start\n"
|
|
|
|
|
"Year to start\n"
|
|
|
|
|
"Duration of the key\n"
|
|
|
|
|
"Duration seconds\n")
|
|
|
|
|
{
|
2016-09-23 22:17:29 +02:00
|
|
|
int idx_hhmmss = 1;
|
|
|
|
|
int idx_month = 2;
|
|
|
|
|
int idx_number = 3;
|
|
|
|
|
int idx_number_2 = 4;
|
|
|
|
|
int idx_number_3 = 6;
|
2016-09-27 16:51:58 +02:00
|
|
|
VTY_DECLVAR_CONTEXT_SUB(key, key);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2016-09-23 22:17:29 +02:00
|
|
|
return key_lifetime_duration_set(
|
|
|
|
|
vty, &key->send, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
|
|
|
|
|
argv[idx_month]->arg, argv[idx_number_2]->arg,
|
|
|
|
|
argv[idx_number_3]->arg);
|
2002-12-13 21:15:29 +01:00
|
|
|
}
|
2014-06-04 06:53:35 +02:00
|
|
|
|
2018-02-07 12:56:06 +01:00
|
|
|
DEFUN (no_send_lifetime,
|
|
|
|
|
no_send_lifetime_cmd,
|
|
|
|
|
"no send-lifetime",
|
|
|
|
|
NO_STR
|
|
|
|
|
"Unset send-lifetime\n")
|
|
|
|
|
{
|
|
|
|
|
VTY_DECLVAR_CONTEXT_SUB(key, key);
|
|
|
|
|
|
|
|
|
|
if (key->send.start)
|
|
|
|
|
key->send.start = 0;
|
|
|
|
|
if (key->send.end)
|
|
|
|
|
key->send.end = 0;
|
|
|
|
|
if (key->send.duration)
|
|
|
|
|
key->send.duration = 0;
|
|
|
|
|
|
|
|
|
|
return CMD_SUCCESS;
|
|
|
|
|
}
|
|
|
|
|
|
2018-09-08 22:31:43 +02:00
|
|
|
static int keychain_config_write(struct vty *vty);
|
2018-09-08 21:46:23 +02:00
|
|
|
static struct cmd_node keychain_node = {
|
2018-09-09 00:15:50 +02:00
|
|
|
.name = "keychain",
|
2018-09-08 21:46:23 +02:00
|
|
|
.node = KEYCHAIN_NODE,
|
2018-09-08 23:15:09 +02:00
|
|
|
.parent_node = CONFIG_NODE,
|
2018-09-08 21:46:23 +02:00
|
|
|
.prompt = "%s(config-keychain)# ",
|
2018-09-08 22:31:43 +02:00
|
|
|
.config_write = keychain_config_write,
|
2018-09-08 21:46:23 +02:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
static struct cmd_node keychain_key_node = {
|
2018-09-09 00:15:50 +02:00
|
|
|
.name = "keychain key",
|
2018-09-08 21:46:23 +02:00
|
|
|
.node = KEYCHAIN_KEY_NODE,
|
2018-09-08 23:15:09 +02:00
|
|
|
.parent_node = KEYCHAIN_NODE,
|
2018-09-08 21:46:23 +02:00
|
|
|
.prompt = "%s(config-keychain-key)# ",
|
|
|
|
|
};
|
2002-12-13 21:15:29 +01:00
|
|
|
|
|
|
|
|
static int keychain_strftime(char *buf, int bufsiz, time_t *time)
|
|
|
|
|
{
|
2020-03-05 17:42:12 +01:00
|
|
|
struct tm tm;
|
2002-12-13 21:15:29 +01:00
|
|
|
size_t len;
|
|
|
|
|
|
2020-03-05 17:42:12 +01:00
|
|
|
localtime_r(time, &tm);
|
2002-12-13 21:15:29 +01:00
|
|
|
|
2020-03-05 17:42:12 +01:00
|
|
|
len = strftime(buf, bufsiz, "%T %b %d %Y", &tm);
|
2002-12-13 21:15:29 +01:00
|
|
|
|
|
|
|
|
return len;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static int keychain_config_write(struct vty *vty)
|
|
|
|
|
{
|
|
|
|
|
struct keychain *keychain;
|
|
|
|
|
struct key *key;
|
2005-04-07 Paul Jakma <paul.jakma@sun.com>
* (global): Fix up list loops to match changes in lib/linklist,
and some basic auditing of usage.
* configure.ac: define QUAGGA_NO_DEPRECATED_INTERFACES
* HACKING: Add notes about deprecating interfaces and commands.
* lib/linklist.h: Add usage comments.
Rename getdata macro to listgetdata.
Rename nextnode to listnextnode and fix its odd behaviour to be
less dangerous.
Make listgetdata macro assert node is not null, NULL list entries
should be bug condition.
ALL_LIST_ELEMENTS, new macro, forward-referencing macro for use
with for loop, Suggested by Jim Carlson of Sun.
Add ALL_LIST_ELEMENTS_RO for cases which obviously do not need the
"safety" of previous macro.
LISTNODE_ADD and DELETE macros renamed to ATTACH, DETACH, to
distinguish from the similarly named functions, and reflect their
effect better.
Add a QUAGGA_NO_DEPRECATED_INTERFACES define guarded section
with the old defines which were modified above,
for backwards compatibility - guarded to prevent Quagga using it..
* lib/linklist.c: fix up for linklist.h changes.
* ospf6d/ospf6_abr.c: (ospf6_abr_examin_brouter) change to a single
scan of the area list, rather than scanning all areas first for
INTER_ROUTER and then again for INTER_NETWORK. According to
16.2, the scan should be area specific anyway, and further
ospf6d does not seem to implement 16.3 anyway.
2005-04-07 09:30:20 +02:00
|
|
|
struct listnode *node;
|
|
|
|
|
struct listnode *knode;
|
2002-12-13 21:15:29 +01:00
|
|
|
char buf[BUFSIZ];
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2005-04-07 Paul Jakma <paul.jakma@sun.com>
* (global): Fix up list loops to match changes in lib/linklist,
and some basic auditing of usage.
* configure.ac: define QUAGGA_NO_DEPRECATED_INTERFACES
* HACKING: Add notes about deprecating interfaces and commands.
* lib/linklist.h: Add usage comments.
Rename getdata macro to listgetdata.
Rename nextnode to listnextnode and fix its odd behaviour to be
less dangerous.
Make listgetdata macro assert node is not null, NULL list entries
should be bug condition.
ALL_LIST_ELEMENTS, new macro, forward-referencing macro for use
with for loop, Suggested by Jim Carlson of Sun.
Add ALL_LIST_ELEMENTS_RO for cases which obviously do not need the
"safety" of previous macro.
LISTNODE_ADD and DELETE macros renamed to ATTACH, DETACH, to
distinguish from the similarly named functions, and reflect their
effect better.
Add a QUAGGA_NO_DEPRECATED_INTERFACES define guarded section
with the old defines which were modified above,
for backwards compatibility - guarded to prevent Quagga using it..
* lib/linklist.c: fix up for linklist.h changes.
* ospf6d/ospf6_abr.c: (ospf6_abr_examin_brouter) change to a single
scan of the area list, rather than scanning all areas first for
INTER_ROUTER and then again for INTER_NETWORK. According to
16.2, the scan should be area specific anyway, and further
ospf6d does not seem to implement 16.3 anyway.
2005-04-07 09:30:20 +02:00
|
|
|
for (ALL_LIST_ELEMENTS_RO(keychain_list, node, keychain)) {
|
2017-07-13 17:49:13 +02:00
|
|
|
vty_out(vty, "key chain %s\n", keychain->name);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2005-04-07 Paul Jakma <paul.jakma@sun.com>
* (global): Fix up list loops to match changes in lib/linklist,
and some basic auditing of usage.
* configure.ac: define QUAGGA_NO_DEPRECATED_INTERFACES
* HACKING: Add notes about deprecating interfaces and commands.
* lib/linklist.h: Add usage comments.
Rename getdata macro to listgetdata.
Rename nextnode to listnextnode and fix its odd behaviour to be
less dangerous.
Make listgetdata macro assert node is not null, NULL list entries
should be bug condition.
ALL_LIST_ELEMENTS, new macro, forward-referencing macro for use
with for loop, Suggested by Jim Carlson of Sun.
Add ALL_LIST_ELEMENTS_RO for cases which obviously do not need the
"safety" of previous macro.
LISTNODE_ADD and DELETE macros renamed to ATTACH, DETACH, to
distinguish from the similarly named functions, and reflect their
effect better.
Add a QUAGGA_NO_DEPRECATED_INTERFACES define guarded section
with the old defines which were modified above,
for backwards compatibility - guarded to prevent Quagga using it..
* lib/linklist.c: fix up for linklist.h changes.
* ospf6d/ospf6_abr.c: (ospf6_abr_examin_brouter) change to a single
scan of the area list, rather than scanning all areas first for
INTER_ROUTER and then again for INTER_NETWORK. According to
16.2, the scan should be area specific anyway, and further
ospf6d does not seem to implement 16.3 anyway.
2005-04-07 09:30:20 +02:00
|
|
|
for (ALL_LIST_ELEMENTS_RO(keychain->key, knode, key)) {
|
2017-07-13 17:49:13 +02:00
|
|
|
vty_out(vty, " key %d\n", key->index);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
if (key->string)
|
2017-07-13 17:49:13 +02:00
|
|
|
vty_out(vty, " key-string %s\n", key->string);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2021-05-11 12:00:38 +02:00
|
|
|
if (key->hash_algo != KEYCHAIN_ALGO_NULL)
|
|
|
|
|
vty_out(vty, " cryptographic-algorithm %s\n",
|
|
|
|
|
keychain_get_algo_name_by_id(
|
|
|
|
|
key->hash_algo));
|
|
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
if (key->accept.start) {
|
|
|
|
|
keychain_strftime(buf, BUFSIZ,
|
|
|
|
|
&key->accept.start);
|
|
|
|
|
vty_out(vty, " accept-lifetime %s", buf);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
if (key->accept.end == -1)
|
|
|
|
|
vty_out(vty, " infinite");
|
|
|
|
|
else if (key->accept.duration)
|
|
|
|
|
vty_out(vty, " duration %ld",
|
2004-03-04 18:45:00 +01:00
|
|
|
(long)(key->accept.end
|
|
|
|
|
- key->accept.start));
|
2002-12-13 21:15:29 +01:00
|
|
|
else {
|
|
|
|
|
keychain_strftime(buf, BUFSIZ,
|
|
|
|
|
&key->accept.end);
|
|
|
|
|
vty_out(vty, " %s", buf);
|
|
|
|
|
}
|
2017-07-13 19:04:25 +02:00
|
|
|
vty_out(vty, "\n");
|
2002-12-13 21:15:29 +01:00
|
|
|
}
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
if (key->send.start) {
|
|
|
|
|
keychain_strftime(buf, BUFSIZ,
|
|
|
|
|
&key->send.start);
|
|
|
|
|
vty_out(vty, " send-lifetime %s", buf);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
if (key->send.end == -1)
|
|
|
|
|
vty_out(vty, " infinite");
|
|
|
|
|
else if (key->send.duration)
|
2004-03-04 18:45:00 +01:00
|
|
|
vty_out(vty, " duration %ld",
|
|
|
|
|
(long)(key->send.end
|
|
|
|
|
- key->send.start));
|
2002-12-13 21:15:29 +01:00
|
|
|
else {
|
|
|
|
|
keychain_strftime(buf, BUFSIZ,
|
|
|
|
|
&key->send.end);
|
|
|
|
|
vty_out(vty, " %s", buf);
|
2017-07-17 14:03:14 +02:00
|
|
|
}
|
2017-07-13 19:04:25 +02:00
|
|
|
vty_out(vty, "\n");
|
2017-07-17 14:03:14 +02:00
|
|
|
}
|
2020-08-24 15:28:28 +02:00
|
|
|
|
|
|
|
|
vty_out(vty, " exit\n");
|
2002-12-13 21:15:29 +01:00
|
|
|
}
|
2021-08-08 21:38:50 +02:00
|
|
|
vty_out(vty, "exit\n");
|
2017-07-13 19:04:25 +02:00
|
|
|
vty_out(vty, "!\n");
|
2002-12-13 21:15:29 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2021-05-11 12:00:38 +02:00
|
|
|
|
2021-05-11 10:43:25 +02:00
|
|
|
static void keychain_active_config(vector comps, struct cmd_token *token)
|
|
|
|
|
{
|
|
|
|
|
struct keychain *keychain;
|
|
|
|
|
struct listnode *node;
|
|
|
|
|
|
|
|
|
|
for (ALL_LIST_ELEMENTS_RO(keychain_list, node, keychain))
|
|
|
|
|
vector_set(comps, XSTRDUP(MTYPE_COMPLETION, keychain->name));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static const struct cmd_variable_handler keychain_var_handlers[] = {
|
|
|
|
|
{.varname = "key_chain", .completions = keychain_active_config},
|
|
|
|
|
{.tokenname = "KEYCHAIN_NAME", .completions = keychain_active_config},
|
|
|
|
|
{.tokenname = "KCHAIN_NAME", .completions = keychain_active_config},
|
|
|
|
|
{.completions = NULL}
|
|
|
|
|
};
|
|
|
|
|
|
2019-01-24 10:12:36 +01:00
|
|
|
void keychain_init(void)
|
2002-12-13 21:15:29 +01:00
|
|
|
{
|
|
|
|
|
keychain_list = list_new();
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2021-05-11 10:43:25 +02:00
|
|
|
/* Register handler for keychain auto config support */
|
|
|
|
|
cmd_variable_handler_register(keychain_var_handlers);
|
2018-09-08 22:31:43 +02:00
|
|
|
install_node(&keychain_node);
|
|
|
|
|
install_node(&keychain_key_node);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
install_default(KEYCHAIN_NODE);
|
|
|
|
|
install_default(KEYCHAIN_KEY_NODE);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
install_element(CONFIG_NODE, &key_chain_cmd);
|
|
|
|
|
install_element(CONFIG_NODE, &no_key_chain_cmd);
|
|
|
|
|
install_element(KEYCHAIN_NODE, &key_cmd);
|
|
|
|
|
install_element(KEYCHAIN_NODE, &no_key_cmd);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
install_element(KEYCHAIN_NODE, &key_chain_cmd);
|
|
|
|
|
install_element(KEYCHAIN_NODE, &no_key_chain_cmd);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
install_element(KEYCHAIN_KEY_NODE, &key_string_cmd);
|
|
|
|
|
install_element(KEYCHAIN_KEY_NODE, &no_key_string_cmd);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
install_element(KEYCHAIN_KEY_NODE, &key_chain_cmd);
|
|
|
|
|
install_element(KEYCHAIN_KEY_NODE, &no_key_chain_cmd);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
install_element(KEYCHAIN_KEY_NODE, &key_cmd);
|
|
|
|
|
install_element(KEYCHAIN_KEY_NODE, &no_key_cmd);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
install_element(KEYCHAIN_KEY_NODE,
|
|
|
|
|
&accept_lifetime_day_month_day_month_cmd);
|
|
|
|
|
install_element(KEYCHAIN_KEY_NODE,
|
|
|
|
|
&accept_lifetime_day_month_month_day_cmd);
|
|
|
|
|
install_element(KEYCHAIN_KEY_NODE,
|
|
|
|
|
&accept_lifetime_month_day_day_month_cmd);
|
|
|
|
|
install_element(KEYCHAIN_KEY_NODE,
|
|
|
|
|
&accept_lifetime_month_day_month_day_cmd);
|
|
|
|
|
install_element(KEYCHAIN_KEY_NODE,
|
|
|
|
|
&accept_lifetime_infinite_day_month_cmd);
|
|
|
|
|
install_element(KEYCHAIN_KEY_NODE,
|
|
|
|
|
&accept_lifetime_infinite_month_day_cmd);
|
|
|
|
|
install_element(KEYCHAIN_KEY_NODE,
|
|
|
|
|
&accept_lifetime_duration_day_month_cmd);
|
|
|
|
|
install_element(KEYCHAIN_KEY_NODE,
|
|
|
|
|
&accept_lifetime_duration_month_day_cmd);
|
2018-02-07 12:56:06 +01:00
|
|
|
install_element(KEYCHAIN_KEY_NODE, &no_accept_lifetime_cmd);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
install_element(KEYCHAIN_KEY_NODE,
|
|
|
|
|
&send_lifetime_day_month_day_month_cmd);
|
|
|
|
|
install_element(KEYCHAIN_KEY_NODE,
|
|
|
|
|
&send_lifetime_day_month_month_day_cmd);
|
|
|
|
|
install_element(KEYCHAIN_KEY_NODE,
|
|
|
|
|
&send_lifetime_month_day_day_month_cmd);
|
|
|
|
|
install_element(KEYCHAIN_KEY_NODE,
|
|
|
|
|
&send_lifetime_month_day_month_day_cmd);
|
|
|
|
|
install_element(KEYCHAIN_KEY_NODE,
|
|
|
|
|
&send_lifetime_infinite_day_month_cmd);
|
|
|
|
|
install_element(KEYCHAIN_KEY_NODE,
|
|
|
|
|
&send_lifetime_infinite_month_day_cmd);
|
|
|
|
|
install_element(KEYCHAIN_KEY_NODE,
|
|
|
|
|
&send_lifetime_duration_day_month_cmd);
|
|
|
|
|
install_element(KEYCHAIN_KEY_NODE,
|
|
|
|
|
&send_lifetime_duration_month_day_cmd);
|
2018-02-07 12:56:06 +01:00
|
|
|
install_element(KEYCHAIN_KEY_NODE, &no_send_lifetime_cmd);
|
2021-05-11 12:00:38 +02:00
|
|
|
install_element(KEYCHAIN_KEY_NODE, &cryptographic_algorithm_cmd);
|
|
|
|
|
install_element(KEYCHAIN_KEY_NODE, &no_cryptographic_algorithm_cmd);
|
2002-12-13 21:15:29 +01:00
|
|
|
}
|