summaryrefslogtreecommitdiffstats
path: root/lib/keychain.c
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--lib/keychain.c1011
1 files changed, 28 insertions, 983 deletions
diff --git a/lib/keychain.c b/lib/keychain.c
index 5ff0d1e..1982220 100644
--- a/lib/keychain.c
+++ b/lib/keychain.c
@@ -6,19 +6,19 @@
#include "config.h"
#include <zebra.h>
-#include "command.h"
-#include "memory.h"
-#include "linklist.h"
#include "keychain.h"
+#include "linklist.h"
+#include "memory.h"
-DEFINE_MTYPE_STATIC(LIB, KEY, "Key");
-DEFINE_MTYPE_STATIC(LIB, KEYCHAIN, "Key chain");
+DEFINE_MTYPE(LIB, KEY, "Key");
+DEFINE_MTYPE(LIB, KEYCHAIN, "Key chain");
+DEFINE_MTYPE(LIB, KEYCHAIN_DESC, "Key chain description");
DEFINE_QOBJ_TYPE(keychain);
DEFINE_QOBJ_TYPE(key);
/* Master list of key chain. */
-static struct list *keychain_list;
+struct list *keychain_list;
static struct keychain *keychain_new(void)
{
@@ -82,7 +82,7 @@ static void key_delete_func(struct key *key)
key_free(key);
}
-static struct keychain *keychain_get(const char *name)
+struct keychain *keychain_get(const char *name)
{
struct keychain *keychain;
@@ -101,7 +101,7 @@ static struct keychain *keychain_get(const char *name)
return keychain;
}
-static void keychain_delete(struct keychain *keychain)
+void keychain_delete(struct keychain *keychain)
{
XFREE(MTYPE_KEYCHAIN, keychain->name);
@@ -110,7 +110,7 @@ static void keychain_delete(struct keychain *keychain)
keychain_free(keychain);
}
-static struct key *key_lookup(const struct keychain *keychain, uint32_t index)
+struct key *key_lookup(const struct keychain *keychain, uint32_t index)
{
struct listnode *node;
struct key *key;
@@ -183,7 +183,7 @@ struct key *key_lookup_for_send(const struct keychain *keychain)
return NULL;
}
-static struct key *key_get(const struct keychain *keychain, uint32_t index)
+struct key *key_get(const struct keychain *keychain, uint32_t index)
{
struct key *key;
@@ -200,7 +200,7 @@ static struct key *key_get(const struct keychain *keychain, uint32_t index)
return key;
}
-static void key_delete(struct keychain *keychain, struct key *key)
+void key_delete(struct keychain *keychain, struct key *key)
{
listnode_delete(keychain->key, key);
@@ -208,122 +208,6 @@ static void key_delete(struct keychain *keychain, struct key *key)
key_free(key);
}
-DEFUN_NOSH (key_chain,
- key_chain_cmd,
- "key chain WORD",
- "Authentication key management\n"
- "Key-chain management\n"
- "Key-chain name\n")
-{
- int idx_word = 2;
- struct keychain *keychain;
-
- keychain = keychain_get(argv[idx_word]->arg);
- VTY_PUSH_CONTEXT(KEYCHAIN_NODE, keychain);
-
- return CMD_SUCCESS;
-}
-
-DEFUN (no_key_chain,
- no_key_chain_cmd,
- "no key chain WORD",
- NO_STR
- "Authentication key management\n"
- "Key-chain management\n"
- "Key-chain name\n")
-{
- int idx_word = 3;
- struct keychain *keychain;
-
- keychain = keychain_lookup(argv[idx_word]->arg);
-
- if (!keychain) {
- vty_out(vty, "Can't find keychain %s\n", argv[idx_word]->arg);
- return CMD_WARNING_CONFIG_FAILED;
- }
-
- keychain_delete(keychain);
-
- return CMD_SUCCESS;
-}
-
-DEFUN_NOSH (key,
- key_cmd,
- "key (0-2147483647)",
- "Configure a key\n"
- "Key identifier number\n")
-{
- int idx_number = 1;
- VTY_DECLVAR_CONTEXT(keychain, keychain);
- struct key *key;
- uint32_t index;
-
- index = strtoul(argv[idx_number]->arg, NULL, 10);
- key = key_get(keychain, index);
- VTY_PUSH_CONTEXT_SUB(KEYCHAIN_KEY_NODE, key);
-
- return CMD_SUCCESS;
-}
-
-DEFUN (no_key,
- no_key_cmd,
- "no key (0-2147483647)",
- NO_STR
- "Delete a key\n"
- "Key identifier number\n")
-{
- int idx_number = 2;
- VTY_DECLVAR_CONTEXT(keychain, keychain);
- struct key *key;
- uint32_t index;
-
- index = strtoul(argv[idx_number]->arg, NULL, 10);
- key = key_lookup(keychain, index);
- if (!key) {
- vty_out(vty, "Can't find key %d\n", index);
- return CMD_WARNING_CONFIG_FAILED;
- }
-
- key_delete(keychain, key);
-
- vty->node = KEYCHAIN_NODE;
-
- return CMD_SUCCESS;
-}
-
-DEFUN (key_string,
- key_string_cmd,
- "key-string LINE",
- "Set key string\n"
- "The key\n")
-{
- int idx_line = 1;
- VTY_DECLVAR_CONTEXT_SUB(key, key);
-
- if (key->string)
- XFREE(MTYPE_KEY, key->string);
- key->string = XSTRDUP(MTYPE_KEY, argv[idx_line]->arg);
-
- return CMD_SUCCESS;
-}
-
-DEFUN (no_key_string,
- no_key_string_cmd,
- "no key-string [LINE]",
- NO_STR
- "Unset key string\n"
- "The key\n")
-{
- VTY_DECLVAR_CONTEXT_SUB(key, key);
-
- if (key->string) {
- XFREE(MTYPE_KEY, key->string);
- key->string = NULL;
- }
-
- return CMD_SUCCESS;
-}
-
const struct keychain_algo_info algo_info[] = {
{KEYCHAIN_ALGO_NULL, "null", 0, 0, "NULL"},
{KEYCHAIN_ALGO_MD5, "md5", KEYCHAIN_MD5_HASH_SIZE,
@@ -394,800 +278,6 @@ const char *keychain_get_algo_name_by_id(enum keychain_hash_algo key)
return algo_info[key].name;
}
-DEFUN(cryptographic_algorithm, cryptographic_algorithm_cmd,
- "cryptographic-algorithm "
- "<md5|hmac-sha-1|hmac-sha-256|hmac-sha-384|hmac-sha-512>",
- "Cryptographic-algorithm\n"
- "Use MD5 algorithm\n"
- "Use HMAC-SHA-1 algorithm\n"
- "Use HMAC-SHA-256 algorithm\n"
- "Use HMAC-SHA-384 algorithm\n"
- "Use HMAC-SHA-512 algorithm\n")
-{
- int algo_idx = 1;
- uint8_t hash_algo = KEYCHAIN_ALGO_NULL;
-
- VTY_DECLVAR_CONTEXT_SUB(key, key);
- hash_algo = keychain_get_algo_id_by_name(argv[algo_idx]->arg);
-#ifndef CRYPTO_OPENSSL
- if (hash_algo == KEYCHAIN_ALGO_NULL) {
- vty_out(vty,
- "Hash algorithm not supported, compile with --with-crypto=openssl\n");
- return CMD_WARNING_CONFIG_FAILED;
- }
-#endif /* CRYPTO_OPENSSL */
- key->hash_algo = hash_algo;
- return CMD_SUCCESS;
-}
-
-DEFUN(no_cryptographic_algorithm, no_cryptographic_algorithm_cmd,
- "no cryptographic-algorithm "
- "[<md5|hmac-sha-1|hmac-sha-256|hmac-sha-384|hmac-sha-512>]",
- NO_STR
- "Cryptographic-algorithm\n"
- "Use MD5 algorithm\n"
- "Use HMAC-SHA-1 algorithm\n"
- "Use HMAC-SHA-256 algorithm\n"
- "Use HMAC-SHA-384 algorithm\n"
- "Use HMAC-SHA-512 algorithm\n")
-{
- int algo_idx = 2;
- uint8_t hash_algo = KEYCHAIN_ALGO_NULL;
-
- VTY_DECLVAR_CONTEXT_SUB(key, key);
- if (argc > algo_idx) {
- hash_algo = keychain_get_algo_id_by_name(argv[algo_idx]->arg);
- if (hash_algo == KEYCHAIN_ALGO_NULL) {
- vty_out(vty,
- "Hash algorithm not supported, try compiling with --with-crypto=openssl\n");
- return CMD_WARNING_CONFIG_FAILED;
- }
- }
-
- if ((hash_algo != KEYCHAIN_ALGO_NULL) && (hash_algo != key->hash_algo))
- return CMD_SUCCESS;
-
- key->hash_algo = KEYCHAIN_ALGO_NULL;
- return CMD_SUCCESS;
-}
-
-/* Convert HH:MM:SS MON DAY YEAR to time_t value. -1 is returned when
- given string is malformed. */
-static time_t key_str2time(const char *time_str, const char *day_str,
- const char *month_str, const char *year_str)
-{
- int i = 0;
- char *colon;
- struct tm tm;
- time_t time;
- unsigned int sec, min, hour;
- unsigned int day, month, year;
-
- const char *month_name[] = {
- "January", "February", "March", "April", "May",
- "June", "July", "August", "September", "October",
- "November", "December", NULL};
-
-#define _GET_LONG_RANGE(V, STR, MMCOND) \
- { \
- unsigned long tmpl; \
- char *endptr = NULL; \
- tmpl = strtoul((STR), &endptr, 10); \
- if (*endptr != '\0' || tmpl == ULONG_MAX) \
- return -1; \
- if (MMCOND) \
- return -1; \
- (V) = tmpl; \
- }
-#define GET_LONG_RANGE(V, STR, MIN, MAX) \
- _GET_LONG_RANGE(V, STR, tmpl<(MIN) || tmpl>(MAX))
-#define GET_LONG_RANGE0(V, STR, MAX) _GET_LONG_RANGE(V, STR, tmpl > (MAX))
-
- /* Check hour field of time_str. */
- colon = strchr(time_str, ':');
- if (colon == NULL)
- return -1;
- *colon = '\0';
-
- /* Hour must be between 0 and 23. */
- GET_LONG_RANGE0(hour, time_str, 23);
-
- /* Check min field of time_str. */
- time_str = colon + 1;
- colon = strchr(time_str, ':');
- if (*time_str == '\0' || colon == NULL)
- return -1;
- *colon = '\0';
-
- /* Min must be between 0 and 59. */
- GET_LONG_RANGE0(min, time_str, 59);
-
- /* Check sec field of time_str. */
- time_str = colon + 1;
- if (*time_str == '\0')
- return -1;
-
- /* Sec must be between 0 and 59. */
- GET_LONG_RANGE0(sec, time_str, 59);
-
- /* Check day_str. Day must be <1-31>. */
- GET_LONG_RANGE(day, day_str, 1, 31);
-
- /* Check month_str. Month must match month_name. */
- month = 0;
- if (strlen(month_str) >= 3)
- for (i = 0; month_name[i]; i++)
- if (strncmp(month_str, month_name[i], strlen(month_str))
- == 0) {
- month = i;
- break;
- }
- if (!month_name[i])
- return -1;
-
- /* Check year_str. Year must be <1993-2035>. */
- GET_LONG_RANGE(year, year_str, 1993, 2035);
-
- memset(&tm, 0, sizeof(tm));
- tm.tm_sec = sec;
- tm.tm_min = min;
- tm.tm_hour = hour;
- tm.tm_mon = month;
- tm.tm_mday = day;
- tm.tm_year = year - 1900;
-
- time = mktime(&tm);
-
- return time;
-#undef GET_LONG_RANGE
-}
-
-static int key_lifetime_set(struct vty *vty, struct key_range *krange,
- const char *stime_str, const char *sday_str,
- const char *smonth_str, const char *syear_str,
- const char *etime_str, const char *eday_str,
- const char *emonth_str, const char *eyear_str)
-{
- time_t time_start;
- time_t time_end;
-
- time_start = key_str2time(stime_str, sday_str, smonth_str, syear_str);
- if (time_start < 0) {
- vty_out(vty, "Malformed time value\n");
- return CMD_WARNING_CONFIG_FAILED;
- }
- time_end = key_str2time(etime_str, eday_str, emonth_str, eyear_str);
-
- if (time_end < 0) {
- vty_out(vty, "Malformed time value\n");
- return CMD_WARNING_CONFIG_FAILED;
- }
-
- if (time_end <= time_start) {
- vty_out(vty, "Expire time is not later than start time\n");
- return CMD_WARNING_CONFIG_FAILED;
- }
-
- krange->start = time_start;
- krange->end = time_end;
-
- return CMD_SUCCESS;
-}
-
-static int key_lifetime_duration_set(struct vty *vty, struct key_range *krange,
- const char *stime_str,
- const char *sday_str,
- const char *smonth_str,
- const char *syear_str,
- const char *duration_str)
-{
- time_t time_start;
- uint32_t duration;
-
- time_start = key_str2time(stime_str, sday_str, smonth_str, syear_str);
- if (time_start < 0) {
- vty_out(vty, "Malformed time value\n");
- return CMD_WARNING_CONFIG_FAILED;
- }
- krange->start = time_start;
-
- duration = strtoul(duration_str, NULL, 10);
- krange->duration = 1;
- krange->end = time_start + duration;
-
- return CMD_SUCCESS;
-}
-
-static int key_lifetime_infinite_set(struct vty *vty, struct key_range *krange,
- const char *stime_str,
- const char *sday_str,
- const char *smonth_str,
- const char *syear_str)
-{
- time_t time_start;
-
- time_start = key_str2time(stime_str, sday_str, smonth_str, syear_str);
- if (time_start < 0) {
- vty_out(vty, "Malformed time value\n");
- return CMD_WARNING_CONFIG_FAILED;
- }
- krange->start = time_start;
-
- krange->end = -1;
-
- return CMD_SUCCESS;
-}
-
-DEFUN (accept_lifetime_day_month_day_month,
- accept_lifetime_day_month_day_month_cmd,
- "accept-lifetime HH:MM:SS (1-31) MONTH (1993-2035) HH:MM:SS (1-31) MONTH (1993-2035)",
- "Set accept lifetime of the key\n"
- "Time to start\n"
- "Day of th month to start\n"
- "Month of the year to start\n"
- "Year to start\n"
- "Time to expire\n"
- "Day of th month to expire\n"
- "Month of the year to expire\n"
- "Year to expire\n")
-{
- int idx_hhmmss = 1;
- int idx_number = 2;
- int idx_month = 3;
- int idx_number_2 = 4;
- int idx_hhmmss_2 = 5;
- int idx_number_3 = 6;
- int idx_month_2 = 7;
- int idx_number_4 = 8;
- VTY_DECLVAR_CONTEXT_SUB(key, key);
-
- return key_lifetime_set(
- vty, &key->accept, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
- argv[idx_month]->arg, argv[idx_number_2]->arg,
- argv[idx_hhmmss_2]->arg, argv[idx_number_3]->arg,
- argv[idx_month_2]->arg, argv[idx_number_4]->arg);
-}
-
-DEFUN (accept_lifetime_day_month_month_day,
- accept_lifetime_day_month_month_day_cmd,
- "accept-lifetime HH:MM:SS (1-31) MONTH (1993-2035) HH:MM:SS MONTH (1-31) (1993-2035)",
- "Set accept lifetime of the key\n"
- "Time to start\n"
- "Day of th month to start\n"
- "Month of the year to start\n"
- "Year to start\n"
- "Time to expire\n"
- "Month of the year to expire\n"
- "Day of th month to expire\n"
- "Year to expire\n")
-{
- int idx_hhmmss = 1;
- int idx_number = 2;
- int idx_month = 3;
- int idx_number_2 = 4;
- int idx_hhmmss_2 = 5;
- int idx_month_2 = 6;
- int idx_number_3 = 7;
- int idx_number_4 = 8;
- VTY_DECLVAR_CONTEXT_SUB(key, key);
-
- return key_lifetime_set(
- vty, &key->accept, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
- argv[idx_month]->arg, argv[idx_number_2]->arg,
- argv[idx_hhmmss_2]->arg, argv[idx_number_3]->arg,
- argv[idx_month_2]->arg, argv[idx_number_4]->arg);
-}
-
-DEFUN (accept_lifetime_month_day_day_month,
- accept_lifetime_month_day_day_month_cmd,
- "accept-lifetime HH:MM:SS MONTH (1-31) (1993-2035) HH:MM:SS (1-31) MONTH (1993-2035)",
- "Set accept lifetime of the key\n"
- "Time to start\n"
- "Month of the year to start\n"
- "Day of th month to start\n"
- "Year to start\n"
- "Time to expire\n"
- "Day of th month to expire\n"
- "Month of the year to expire\n"
- "Year to expire\n")
-{
- int idx_hhmmss = 1;
- int idx_month = 2;
- int idx_number = 3;
- int idx_number_2 = 4;
- int idx_hhmmss_2 = 5;
- int idx_number_3 = 6;
- int idx_month_2 = 7;
- int idx_number_4 = 8;
- VTY_DECLVAR_CONTEXT_SUB(key, key);
-
- return key_lifetime_set(
- vty, &key->accept, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
- argv[idx_month]->arg, argv[idx_number_2]->arg,
- argv[idx_hhmmss_2]->arg, argv[idx_number_3]->arg,
- argv[idx_month_2]->arg, argv[idx_number_4]->arg);
-}
-
-DEFUN (accept_lifetime_month_day_month_day,
- accept_lifetime_month_day_month_day_cmd,
- "accept-lifetime HH:MM:SS MONTH (1-31) (1993-2035) HH:MM:SS MONTH (1-31) (1993-2035)",
- "Set accept lifetime of the key\n"
- "Time to start\n"
- "Month of the year to start\n"
- "Day of th month to start\n"
- "Year to start\n"
- "Time to expire\n"
- "Month of the year to expire\n"
- "Day of th month to expire\n"
- "Year to expire\n")
-{
- int idx_hhmmss = 1;
- int idx_month = 2;
- int idx_number = 3;
- int idx_number_2 = 4;
- int idx_hhmmss_2 = 5;
- int idx_month_2 = 6;
- int idx_number_3 = 7;
- int idx_number_4 = 8;
- VTY_DECLVAR_CONTEXT_SUB(key, key);
-
- return key_lifetime_set(
- vty, &key->accept, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
- argv[idx_month]->arg, argv[idx_number_2]->arg,
- argv[idx_hhmmss_2]->arg, argv[idx_number_3]->arg,
- argv[idx_month_2]->arg, argv[idx_number_4]->arg);
-}
-
-DEFUN (accept_lifetime_infinite_day_month,
- accept_lifetime_infinite_day_month_cmd,
- "accept-lifetime HH:MM:SS (1-31) MONTH (1993-2035) infinite",
- "Set accept lifetime of the key\n"
- "Time to start\n"
- "Day of th month to start\n"
- "Month of the year to start\n"
- "Year to start\n"
- "Never expires\n")
-{
- int idx_hhmmss = 1;
- int idx_number = 2;
- int idx_month = 3;
- int idx_number_2 = 4;
- VTY_DECLVAR_CONTEXT_SUB(key, key);
-
- return key_lifetime_infinite_set(
- vty, &key->accept, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
- argv[idx_month]->arg, argv[idx_number_2]->arg);
-}
-
-DEFUN (accept_lifetime_infinite_month_day,
- accept_lifetime_infinite_month_day_cmd,
- "accept-lifetime HH:MM:SS MONTH (1-31) (1993-2035) infinite",
- "Set accept lifetime of the key\n"
- "Time to start\n"
- "Month of the year to start\n"
- "Day of th month to start\n"
- "Year to start\n"
- "Never expires\n")
-{
- int idx_hhmmss = 1;
- int idx_month = 2;
- int idx_number = 3;
- int idx_number_2 = 4;
- VTY_DECLVAR_CONTEXT_SUB(key, key);
-
- return key_lifetime_infinite_set(
- vty, &key->accept, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
- argv[idx_month]->arg, argv[idx_number_2]->arg);
-}
-
-DEFUN (accept_lifetime_duration_day_month,
- accept_lifetime_duration_day_month_cmd,
- "accept-lifetime HH:MM:SS (1-31) MONTH (1993-2035) duration (1-2147483646)",
- "Set accept lifetime of the key\n"
- "Time to start\n"
- "Day of th month to start\n"
- "Month of the year to start\n"
- "Year to start\n"
- "Duration of the key\n"
- "Duration seconds\n")
-{
- int idx_hhmmss = 1;
- int idx_number = 2;
- int idx_month = 3;
- int idx_number_2 = 4;
- int idx_number_3 = 6;
- VTY_DECLVAR_CONTEXT_SUB(key, key);
-
- return key_lifetime_duration_set(
- vty, &key->accept, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
- argv[idx_month]->arg, argv[idx_number_2]->arg,
- argv[idx_number_3]->arg);
-}
-
-DEFUN (accept_lifetime_duration_month_day,
- accept_lifetime_duration_month_day_cmd,
- "accept-lifetime HH:MM:SS MONTH (1-31) (1993-2035) duration (1-2147483646)",
- "Set accept lifetime of the key\n"
- "Time to start\n"
- "Month of the year to start\n"
- "Day of th month to start\n"
- "Year to start\n"
- "Duration of the key\n"
- "Duration seconds\n")
-{
- int idx_hhmmss = 1;
- int idx_month = 2;
- int idx_number = 3;
- int idx_number_2 = 4;
- int idx_number_3 = 6;
- VTY_DECLVAR_CONTEXT_SUB(key, key);
-
- return key_lifetime_duration_set(
- vty, &key->accept, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
- argv[idx_month]->arg, argv[idx_number_2]->arg,
- argv[idx_number_3]->arg);
-}
-
-DEFUN (no_accept_lifetime,
- no_accept_lifetime_cmd,
- "no accept-lifetime",
- NO_STR
- "Unset accept-lifetime\n")
-{
- VTY_DECLVAR_CONTEXT_SUB(key, key);
-
- if (key->accept.start)
- key->accept.start = 0;
- if (key->accept.end)
- key->accept.end = 0;
- if (key->accept.duration)
- key->accept.duration = 0;
-
- return CMD_SUCCESS;
-}
-
-DEFUN (send_lifetime_day_month_day_month,
- send_lifetime_day_month_day_month_cmd,
- "send-lifetime HH:MM:SS (1-31) MONTH (1993-2035) HH:MM:SS (1-31) MONTH (1993-2035)",
- "Set send lifetime of the key\n"
- "Time to start\n"
- "Day of th month to start\n"
- "Month of the year to start\n"
- "Year to start\n"
- "Time to expire\n"
- "Day of th month to expire\n"
- "Month of the year to expire\n"
- "Year to expire\n")
-{
- int idx_hhmmss = 1;
- int idx_number = 2;
- int idx_month = 3;
- int idx_number_2 = 4;
- int idx_hhmmss_2 = 5;
- int idx_number_3 = 6;
- int idx_month_2 = 7;
- int idx_number_4 = 8;
- VTY_DECLVAR_CONTEXT_SUB(key, key);
-
- return key_lifetime_set(
- vty, &key->send, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
- argv[idx_month]->arg, argv[idx_number_2]->arg,
- argv[idx_hhmmss_2]->arg, argv[idx_number_3]->arg,
- argv[idx_month_2]->arg, argv[idx_number_4]->arg);
-}
-
-DEFUN (send_lifetime_day_month_month_day,
- send_lifetime_day_month_month_day_cmd,
- "send-lifetime HH:MM:SS (1-31) MONTH (1993-2035) HH:MM:SS MONTH (1-31) (1993-2035)",
- "Set send lifetime of the key\n"
- "Time to start\n"
- "Day of th month to start\n"
- "Month of the year to start\n"
- "Year to start\n"
- "Time to expire\n"
- "Month of the year to expire\n"
- "Day of th month to expire\n"
- "Year to expire\n")
-{
- int idx_hhmmss = 1;
- int idx_number = 2;
- int idx_month = 3;
- int idx_number_2 = 4;
- int idx_hhmmss_2 = 5;
- int idx_month_2 = 6;
- int idx_number_3 = 7;
- int idx_number_4 = 8;
- VTY_DECLVAR_CONTEXT_SUB(key, key);
-
- return key_lifetime_set(
- vty, &key->send, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
- argv[idx_month]->arg, argv[idx_number_2]->arg,
- argv[idx_hhmmss_2]->arg, argv[idx_number_3]->arg,
- argv[idx_month_2]->arg, argv[idx_number_4]->arg);
-}
-
-DEFUN (send_lifetime_month_day_day_month,
- send_lifetime_month_day_day_month_cmd,
- "send-lifetime HH:MM:SS MONTH (1-31) (1993-2035) HH:MM:SS (1-31) MONTH (1993-2035)",
- "Set send lifetime of the key\n"
- "Time to start\n"
- "Month of the year to start\n"
- "Day of th month to start\n"
- "Year to start\n"
- "Time to expire\n"
- "Day of th month to expire\n"
- "Month of the year to expire\n"
- "Year to expire\n")
-{
- int idx_hhmmss = 1;
- int idx_month = 2;
- int idx_number = 3;
- int idx_number_2 = 4;
- int idx_hhmmss_2 = 5;
- int idx_number_3 = 6;
- int idx_month_2 = 7;
- int idx_number_4 = 8;
- VTY_DECLVAR_CONTEXT_SUB(key, key);
-
- return key_lifetime_set(
- vty, &key->send, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
- argv[idx_month]->arg, argv[idx_number_2]->arg,
- argv[idx_hhmmss_2]->arg, argv[idx_number_3]->arg,
- argv[idx_month_2]->arg, argv[idx_number_4]->arg);
-}
-
-DEFUN (send_lifetime_month_day_month_day,
- send_lifetime_month_day_month_day_cmd,
- "send-lifetime HH:MM:SS MONTH (1-31) (1993-2035) HH:MM:SS MONTH (1-31) (1993-2035)",
- "Set send lifetime of the key\n"
- "Time to start\n"
- "Month of the year to start\n"
- "Day of th month to start\n"
- "Year to start\n"
- "Time to expire\n"
- "Month of the year to expire\n"
- "Day of th month to expire\n"
- "Year to expire\n")
-{
- int idx_hhmmss = 1;
- int idx_month = 2;
- int idx_number = 3;
- int idx_number_2 = 4;
- int idx_hhmmss_2 = 5;
- int idx_month_2 = 6;
- int idx_number_3 = 7;
- int idx_number_4 = 8;
- VTY_DECLVAR_CONTEXT_SUB(key, key);
-
- return key_lifetime_set(
- vty, &key->send, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
- argv[idx_month]->arg, argv[idx_number_2]->arg,
- argv[idx_hhmmss_2]->arg, argv[idx_number_3]->arg,
- argv[idx_month_2]->arg, argv[idx_number_4]->arg);
-}
-
-DEFUN (send_lifetime_infinite_day_month,
- send_lifetime_infinite_day_month_cmd,
- "send-lifetime HH:MM:SS (1-31) MONTH (1993-2035) infinite",
- "Set send lifetime of the key\n"
- "Time to start\n"
- "Day of th month to start\n"
- "Month of the year to start\n"
- "Year to start\n"
- "Never expires\n")
-{
- int idx_hhmmss = 1;
- int idx_number = 2;
- int idx_month = 3;
- int idx_number_2 = 4;
- VTY_DECLVAR_CONTEXT_SUB(key, key);
-
- return key_lifetime_infinite_set(
- vty, &key->send, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
- argv[idx_month]->arg, argv[idx_number_2]->arg);
-}
-
-DEFUN (send_lifetime_infinite_month_day,
- send_lifetime_infinite_month_day_cmd,
- "send-lifetime HH:MM:SS MONTH (1-31) (1993-2035) infinite",
- "Set send lifetime of the key\n"
- "Time to start\n"
- "Month of the year to start\n"
- "Day of th month to start\n"
- "Year to start\n"
- "Never expires\n")
-{
- int idx_hhmmss = 1;
- int idx_month = 2;
- int idx_number = 3;
- int idx_number_2 = 4;
- VTY_DECLVAR_CONTEXT_SUB(key, key);
-
- return key_lifetime_infinite_set(
- vty, &key->send, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
- argv[idx_month]->arg, argv[idx_number_2]->arg);
-}
-
-DEFUN (send_lifetime_duration_day_month,
- send_lifetime_duration_day_month_cmd,
- "send-lifetime HH:MM:SS (1-31) MONTH (1993-2035) duration (1-2147483646)",
- "Set send lifetime of the key\n"
- "Time to start\n"
- "Day of th month to start\n"
- "Month of the year to start\n"
- "Year to start\n"
- "Duration of the key\n"
- "Duration seconds\n")
-{
- int idx_hhmmss = 1;
- int idx_number = 2;
- int idx_month = 3;
- int idx_number_2 = 4;
- int idx_number_3 = 6;
- VTY_DECLVAR_CONTEXT_SUB(key, key);
-
- return key_lifetime_duration_set(
- vty, &key->send, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
- argv[idx_month]->arg, argv[idx_number_2]->arg,
- argv[idx_number_3]->arg);
-}
-
-DEFUN (send_lifetime_duration_month_day,
- send_lifetime_duration_month_day_cmd,
- "send-lifetime HH:MM:SS MONTH (1-31) (1993-2035) duration (1-2147483646)",
- "Set send lifetime of the key\n"
- "Time to start\n"
- "Month of the year to start\n"
- "Day of th month to start\n"
- "Year to start\n"
- "Duration of the key\n"
- "Duration seconds\n")
-{
- int idx_hhmmss = 1;
- int idx_month = 2;
- int idx_number = 3;
- int idx_number_2 = 4;
- int idx_number_3 = 6;
- VTY_DECLVAR_CONTEXT_SUB(key, key);
-
- return key_lifetime_duration_set(
- vty, &key->send, argv[idx_hhmmss]->arg, argv[idx_number]->arg,
- argv[idx_month]->arg, argv[idx_number_2]->arg,
- argv[idx_number_3]->arg);
-}
-
-DEFUN (no_send_lifetime,
- no_send_lifetime_cmd,
- "no send-lifetime",
- NO_STR
- "Unset send-lifetime\n")
-{
- VTY_DECLVAR_CONTEXT_SUB(key, key);
-
- if (key->send.start)
- key->send.start = 0;
- if (key->send.end)
- key->send.end = 0;
- if (key->send.duration)
- key->send.duration = 0;
-
- return CMD_SUCCESS;
-}
-
-static int keychain_config_write(struct vty *vty);
-static struct cmd_node keychain_node = {
- .name = "keychain",
- .node = KEYCHAIN_NODE,
- .parent_node = CONFIG_NODE,
- .prompt = "%s(config-keychain)# ",
- .config_write = keychain_config_write,
-};
-
-static struct cmd_node keychain_key_node = {
- .name = "keychain key",
- .node = KEYCHAIN_KEY_NODE,
- .parent_node = KEYCHAIN_NODE,
- .prompt = "%s(config-keychain-key)# ",
-};
-
-static int keychain_strftime(char *buf, int bufsiz, time_t *time)
-{
- struct tm tm;
- size_t len;
-
- localtime_r(time, &tm);
-
- len = strftime(buf, bufsiz, "%T %b %d %Y", &tm);
-
- return len;
-}
-
-static int keychain_config_write(struct vty *vty)
-{
- struct keychain *keychain;
- struct key *key;
- struct listnode *node;
- struct listnode *knode;
- char buf[BUFSIZ];
-
- for (ALL_LIST_ELEMENTS_RO(keychain_list, node, keychain)) {
- vty_out(vty, "key chain %s\n", keychain->name);
-
- for (ALL_LIST_ELEMENTS_RO(keychain->key, knode, key)) {
- vty_out(vty, " key %d\n", key->index);
-
- if (key->string)
- vty_out(vty, " key-string %s\n", key->string);
-
- if (key->hash_algo != KEYCHAIN_ALGO_NULL)
- vty_out(vty, " cryptographic-algorithm %s\n",
- keychain_get_algo_name_by_id(
- key->hash_algo));
-
- if (key->accept.start) {
- keychain_strftime(buf, BUFSIZ,
- &key->accept.start);
- vty_out(vty, " accept-lifetime %s", buf);
-
- if (key->accept.end == -1)
- vty_out(vty, " infinite");
- else if (key->accept.duration)
- vty_out(vty, " duration %ld",
- (long)(key->accept.end
- - key->accept.start));
- else {
- keychain_strftime(buf, BUFSIZ,
- &key->accept.end);
- vty_out(vty, " %s", buf);
- }
- vty_out(vty, "\n");
- }
-
- if (key->send.start) {
- keychain_strftime(buf, BUFSIZ,
- &key->send.start);
- vty_out(vty, " send-lifetime %s", buf);
-
- if (key->send.end == -1)
- vty_out(vty, " infinite");
- else if (key->send.duration)
- vty_out(vty, " duration %ld",
- (long)(key->send.end
- - key->send.start));
- else {
- keychain_strftime(buf, BUFSIZ,
- &key->send.end);
- vty_out(vty, " %s", buf);
- }
- vty_out(vty, "\n");
- }
-
- vty_out(vty, " exit\n");
- }
- vty_out(vty, "exit\n");
- vty_out(vty, "!\n");
- }
-
- return 0;
-}
-
-
-static void keychain_active_config(vector comps, struct cmd_token *token)
-{
- struct keychain *keychain;
- struct listnode *node;
-
- for (ALL_LIST_ELEMENTS_RO(keychain_list, node, keychain))
- vector_set(comps, XSTRDUP(MTYPE_COMPLETION, keychain->name));
-}
-
-static const struct cmd_variable_handler keychain_var_handlers[] = {
- {.varname = "key_chain", .completions = keychain_active_config},
- {.tokenname = "KEYCHAIN_NAME", .completions = keychain_active_config},
- {.tokenname = "KCHAIN_NAME", .completions = keychain_active_config},
- {.completions = NULL}
-};
-
void keychain_terminate(void)
{
struct keychain *keychain;
@@ -1202,70 +292,25 @@ void keychain_terminate(void)
list_delete(&keychain_list);
}
-void keychain_init(void)
+void keychain_init_new(bool in_backend)
{
keychain_list = list_new();
- /* Register handler for keychain auto config support */
- cmd_variable_handler_register(keychain_var_handlers);
- install_node(&keychain_node);
- install_node(&keychain_key_node);
-
- install_default(KEYCHAIN_NODE);
- install_default(KEYCHAIN_KEY_NODE);
-
- install_element(CONFIG_NODE, &key_chain_cmd);
- install_element(CONFIG_NODE, &no_key_chain_cmd);
- install_element(KEYCHAIN_NODE, &key_cmd);
- install_element(KEYCHAIN_NODE, &no_key_cmd);
-
- install_element(KEYCHAIN_NODE, &key_chain_cmd);
- install_element(KEYCHAIN_NODE, &no_key_chain_cmd);
-
- install_element(KEYCHAIN_KEY_NODE, &key_string_cmd);
- install_element(KEYCHAIN_KEY_NODE, &no_key_string_cmd);
-
- install_element(KEYCHAIN_KEY_NODE, &key_chain_cmd);
- install_element(KEYCHAIN_KEY_NODE, &no_key_chain_cmd);
-
- install_element(KEYCHAIN_KEY_NODE, &key_cmd);
- install_element(KEYCHAIN_KEY_NODE, &no_key_cmd);
-
- install_element(KEYCHAIN_KEY_NODE,
- &accept_lifetime_day_month_day_month_cmd);
- install_element(KEYCHAIN_KEY_NODE,
- &accept_lifetime_day_month_month_day_cmd);
- install_element(KEYCHAIN_KEY_NODE,
- &accept_lifetime_month_day_day_month_cmd);
- install_element(KEYCHAIN_KEY_NODE,
- &accept_lifetime_month_day_month_day_cmd);
- install_element(KEYCHAIN_KEY_NODE,
- &accept_lifetime_infinite_day_month_cmd);
- install_element(KEYCHAIN_KEY_NODE,
- &accept_lifetime_infinite_month_day_cmd);
- install_element(KEYCHAIN_KEY_NODE,
- &accept_lifetime_duration_day_month_cmd);
- install_element(KEYCHAIN_KEY_NODE,
- &accept_lifetime_duration_month_day_cmd);
- install_element(KEYCHAIN_KEY_NODE, &no_accept_lifetime_cmd);
+ if (!in_backend)
+ keychain_cli_init();
+}
- install_element(KEYCHAIN_KEY_NODE,
- &send_lifetime_day_month_day_month_cmd);
- install_element(KEYCHAIN_KEY_NODE,
- &send_lifetime_day_month_month_day_cmd);
- install_element(KEYCHAIN_KEY_NODE,
- &send_lifetime_month_day_day_month_cmd);
- install_element(KEYCHAIN_KEY_NODE,
- &send_lifetime_month_day_month_day_cmd);
- install_element(KEYCHAIN_KEY_NODE,
- &send_lifetime_infinite_day_month_cmd);
- install_element(KEYCHAIN_KEY_NODE,
- &send_lifetime_infinite_month_day_cmd);
- install_element(KEYCHAIN_KEY_NODE,
- &send_lifetime_duration_day_month_cmd);
- install_element(KEYCHAIN_KEY_NODE,
- &send_lifetime_duration_month_day_cmd);
- install_element(KEYCHAIN_KEY_NODE, &no_send_lifetime_cmd);
- install_element(KEYCHAIN_KEY_NODE, &cryptographic_algorithm_cmd);
- install_element(KEYCHAIN_KEY_NODE, &no_cryptographic_algorithm_cmd);
+void keychain_init(void)
+{
+ keychain_init_new(false);
}
+
+const struct frr_yang_module_info ietf_key_chain_deviation_info = {
+ .name = "frr-deviations-ietf-key-chain",
+ .ignore_cfg_cbs = true,
+ .nodes = {
+ {
+ .xpath = NULL,
+ },
+ },
+};