fa_config.c

mobile ip 在linux下的一种实现

/* $Id: fa_config.c,v 1.32 2001/08/11 14:35:44 jm Exp $
 * Foreign Agent - configuration reading routines
 *
 * Dynamic hierarchial IP tunnel
 * Copyright (C) 1998-2001, Dynamics group
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License version 2 as
 * published by the Free Software Foundation. See README and COPYING for
 * more details.
 */

#ifdef HAVE_CONFIG_H
#include <config.h>
#endif

#include <stdlib.h>
#include <stdio.h>
#include <string.h>
#include <syslog.h>
#include <assert.h>

#include "authorized.h"
#include "fileio.h"
#include "auth.h"
#include "fa.h"
#include "util.h"

struct load_fa_data {
	struct fa_config *cfg;
	int process_authorized_networks;
	int process_fa_spi_list;
	int process_interfaces;
	int iface_ups, iface_downs;
};

/* process fa authorized networks list */

static int process_load_fa_authorized_networks(struct load_fa_data *fa,
					       char *key, char *data)
{
        struct fa_config *cfg;
	struct in_addr network;
	struct in_addr netmask;

        if (strcmp(key, "AUTHORIZEDNETWORKS_END") == 0) {
		if (!fa->process_authorized_networks) {
			fprintf(stderr,
				"No AUTHORIZEDNETWORKS_BEGIN before _END\n");
			return -1;
		}
                fa->process_authorized_networks = FALSE;
                return 0;
        }

        cfg = fa->cfg;
	if (load_net_address(key, &network, &netmask) != TRUE) {
		fprintf(stderr, 
		       "process_load_fa_authorized_networks: invalid "
		       "authorized IP network address\n");
		return -1;
	}

	if (authorized_add(cfg->authorized_networks, network,
			   netmask) != TRUE) {
		fprintf(stderr,
			"process_load_fa_authorized_networks: "
			"unable to add address to authorized networks.\n");
		return -1;
	}
        return 0;
}


static int process_load_fa_spi_list(struct load_fa_data *fa, char *key,
				    char *data)
{
	struct fa_config *cfg;
	struct fa_spi_entry *spi;
	char *pos;
	int res;

	if (strcmp(key, "FA_SECURITY_END") == 0) {
		assert(fa->process_fa_spi_list == TRUE);
		fa->process_fa_spi_list = FALSE;
		return 0;
	}

	cfg = fa->cfg;
	spi = malloc(sizeof(struct fa_spi_entry));
	if (spi == NULL) {
		fprintf(stderr,
			"process_load_fa_spi_list: not enough memory for "
			"struct spi_entry\n");
		return -1;
	}

	list_init_node(&spi->node);

	if (key[0] == '0' && key[1] == 'x')
		res = sscanf(key, "%x", &spi->spi);
	else
		res = sscanf(key, "%d", &spi->spi);

	if (res != 1) {
		fprintf(stderr,
			"process_load_fa_spi_list: invalid SPI number\n");
		free(spi);
		return -1;
	}

	pos = data;

	while (*pos == ' ' || *pos == '\t') pos++;
	if (load_ip_address(pos, &spi->addr) != TRUE) {
		fprintf(stderr,
			"process_load_fa_authorized_list: invalid "
			"IP address\n");
		free(spi);
		return -1;
	}

	while (*pos != ' ' && *pos != '\t' && *pos != '\0') pos++;
	while (*pos == ' ' || *pos == '\t') pos++;
	if (*pos == '\0' || sscanf(pos, "%d", &spi->agent_type) != 1) {
		fprintf(stderr,
			"process_load_fa_spi_list: invalid agent type %i\n",
			spi->agent_type);
		free(spi);
		return -1;
	}

	while (*pos != ' ' && *pos != '\t' && *pos != '\0') pos++;
	while (*pos == ' ' || *pos == '\t') pos++;
	if (*pos == '\0' || sscanf(pos, "%d", &spi->alg) != 1) {
		fprintf(stderr,
			"process_load_fa_spi_list: invalid algorithm "
			"number %i\n", spi->alg);
		free(spi);
		return -1;
	}

	if (!auth_supported_auth_alg(spi->alg)) {
		fprintf(stderr, "process_load_fa_spi_list: unsupported "
			"algorithm %i\n", spi->alg);
		free(spi);
		return -1;
	}

	while (*pos != ' ' && *pos != '\t' && *pos != '\0') pos++;
	while (*pos == ' ' || *pos == '\t') pos++;
	if (*pos == '\0' || load_hex_table(pos, spi->shared_secret,
					   MAXSHAREDSECRETLEN,
					   &spi->shared_secret_len) == FALSE) {
		fprintf(stderr,
			"process_load_fa_spi_list: invalid shared secret\n");
		free(spi);
		return -1;
	}

	assert(spi->shared_secret_len >= 0);
	assert(spi->shared_secret_len <= MAXSHAREDSECRETLEN);
	list_add_tail(&cfg->fa_spi_list, &spi->node);

	return 0;
}


static int process_interfaces(struct load_fa_data *fa, char *key,
			      char *data)
{
	struct fa_config *cfg;
	struct interface_entry *iface;
	char *pos;

	if (strcmp(key, "INTERFACES_END") == 0) {
		assert(fa->process_interfaces == TRUE);
		fa->process_interfaces = FALSE;
		return 0;
	}

	cfg = fa->cfg;
	iface = malloc(sizeof(struct interface_entry));
	if (iface == NULL) {
		fprintf(stderr,
			"process_interfaces: not enough memory for "
			"struct interface_entry\n");
		return -1;
	}
	memset(iface, 0, sizeof(iface));
	list_init_node(&iface->node);

	dynamics_strlcpy(iface->dev, key, IFNAMSIZ);

	pos = data;
	while (*pos == ' ' || *pos == '\t') pos++;
	if (*pos == '\0' || sscanf(pos, "%d", &iface->type) != 1 ||
	    (iface->type < 1 || iface->type > 3)) {
		fprintf(stderr,
			"process_interfaces: invalid type (interface=%s)\n",
			iface->dev);
		free(iface);
		return -1;
	}
	if (iface->type == INTERFACE_TYPE_BOTH ||
	    iface->type == INTERFACE_TYPE_UP)
		fa->iface_ups++;
	if (iface->type == INTERFACE_TYPE_BOTH ||
	    iface->type == INTERFACE_TYPE_DOWN)
		fa->iface_downs++;

	while (*pos != ' ' && *pos != '\t' && *pos != '\0') pos++;
	while (*pos == ' ' || *pos == '\t') pos++;
	if (*pos == '\0' || sscanf(pos, "%d", &iface->agentadv) != 1) {
		fprintf(stderr, "process_interfaces: invalid agentadv "
			"(interface=%s)\n", iface->dev);
		free(iface);
		return -1;
	}

	while (*pos != ' ' && *pos != '\t' && *pos != '\0') pos++;
	while (*pos == ' ' || *pos == '\t') pos++;
	if (*pos == '\0' || sscanf(pos, "%d", &iface->interval) != 1) {
		fprintf(stderr, "process_interfaces: invalid interval "
			"(interface=%s)\n", iface->dev);
		free(iface);
		return -1;
	}

	if (iface->interval < 1) {
		fprintf(stderr, "process_interfaces: advertisement interval "
			"too short (must be at least one second)\n");
		free(iface);
		return -1;
	}

	while (*pos != ' ' && *pos != '\t' && *pos != '\0') pos++;
	while (*pos == ' ' || *pos == '\t') pos++;
	iface->force_addr.s_addr = 0;
	if (*pos != '\0' && load_ip_address(pos, &iface->force_addr) != TRUE) {
		fprintf(stderr,	"process_interfaces: invalid IP address "
			"(interface=%s)\n", iface->dev);
		free(iface);
		return -1;
	}

	iface->icmp_sock = -1;
	iface->udp_sock = -1;
	list_add_tail(&cfg->interfaces, &iface->node);

	return 0;
}


/* Process loading of the fa_data
 * Return values: -2: consistency error, -1: error, 0: ok, 1: end */

static int process_load_fa(void *voidptr, char *key, char *data)
{
	struct load_fa_data *fa;
	struct fa_config *cfg;

	fa = voidptr;
	cfg = fa->cfg;

	if (fa->process_authorized_networks == TRUE) {
		return process_load_fa_authorized_networks(fa, key, data);
	}
	if (fa->process_fa_spi_list == TRUE) {
		return process_load_fa_spi_list(fa, key, data);
	}
	if (fa->process_interfaces == TRUE) {
		return process_interfaces(fa, key, data);
	}
	if (strcmp(key, "NetworkAccessIdentifier") == 0) {
		if (load_nai(data, cfg->fa_nai, &cfg->fa_nai_len) == TRUE)
			return 0;
		return -1;
	}
	if (strcmp(key, "HighestFAIPAddress") == 0) {
		if (load_ip_address(data, &cfg->highest_fa_addr) == TRUE) {
			return 0;
		}
		return -1;
	}
	if (strcmp(key, "HighestFAPubKeyHash") == 0) {
		if (load_hex_table(data, cfg->hfa_pubkey_hash, MAX_HASH_LEN,
				   &cfg->hfa_pubkey_hash_len) == TRUE) {
			return 0;
		}
		return -1;
	}
	if (strcmp(key, "UpperFAIPAddress") == 0) {
		if (load_ip_address(data, &cfg->upper_fa_addr) == TRUE) {
			return 0;
		}
		return -1;
	}
	if (strcmp(key, "HighestFA") == 0) {
		if (load_bool(data, &cfg->highest_FA) == TRUE) {
			return 0;
		}
		return -1;
	}
	if (strcmp(key, "UpperFAUDPPort") == 0) {
		if (load_int(data, &cfg->upper_fa_port) == TRUE) {
			return 0;
		}
		return -1;
	}
	if (strcmp(key, "RoutingTableStart") == 0) {
		if (load_int(data, &cfg->routing_table_start) == TRUE) {
			return 0;
		}
		return -1;
	}
	if (strcmp(key, "RoutingTableEnd") == 0) {
		if (load_int(data, &cfg->routing_table_end) == TRUE) {
			return 0;
		}
		return -1;
	}
	if (strcmp(key, "TunnelDevice") == 0) {
		if (load_char_table(data, cfg->tunnel_device,
				    IFNAMSIZ) == TRUE) {
			return 0;
		}
		return -1;
	}
	if (strcmp(key, "UDPPort") == 0) {
		if (load_int(data, &cfg->udp_port) == TRUE) {
			return 0;
		}
		return -1;
	}
	if (strcmp(key, "HAUDPPort") == 0) {
		if (load_int(data, &cfg->ha_udp_port) == TRUE) {
			return 0;
		}
		return -1;
	}
	if (strcmp(key, "FAKeyFile") == 0) {
		if (load_char_table(data, cfg->key_file,
				    MAXFILENAMELEN) == TRUE) {
			return 0;
		}
		return -1;
	}
	if (strcmp(key, "EnableChallengeResponse") == 0) {
		if (load_bool(data, &cfg->enable_challenge_response) == TRUE)
			return 0;
		return -1;
	}
	if (strcmp(key, "ChallengeWindow") == 0) {
		if (load_int(data, &cfg->challenge_window) == TRUE)
			return 0;
		return -1;