fa_config.c

mobile ip 在linux下的一种实现

	}
	if (strcmp(key, "ChallengeLength") == 0) {
		if (load_int(data, &cfg->challenge_length) == TRUE)
			return 0;
		return -1;
	}
	if (strcmp(key, "RequireChallenge") == 0) {
		if (load_bool(data, &cfg->require_challenge) == TRUE)
			return 0;
		return -1;
	}
	if (strcmp(key, "ChallengeInRegReply") == 0) {
		if (load_bool(data, &cfg->challenge_in_reg_reply) == TRUE)
			return 0;
		return -1;
	}
	if (strcmp(key, "RequireMNFASecAssoc") == 0) {
		if (load_bool(data, &cfg->require_mnfa_sec_assoc) == TRUE)
			return 0;
		return -1;
	}
	if (strcmp(key, "MaxBindings") == 0) {
		if (load_int(data, &cfg->max_bindings) == TRUE) return 0;
		return -1;
	}
	if (strcmp(key, "MaxPending") == 0) {
		if (load_int(data, &cfg->max_pending) == TRUE) return 0;
		return -1;
	}
	if (strcmp(key, "DeletePendingAfter") == 0) {
		if (load_int(data, &cfg->delete_pending_after) == TRUE)
			return 0;
		return -1;
	}
	if (strcmp(key, "EnableFADecapsulation") == 0) {
		if (load_bool(data, &cfg->enable_fa_decapsulation) == TRUE) {
			return 0;
		}
		return -1;
	}
	if (strcmp(key, "EnableTriangleTunneling") == 0) {
		if (load_bool(data, &cfg->enable_triangle_tunneling) == TRUE) {
			return 0;
		}
		return -1;
	}
	if (strcmp(key, "ForceReverseTunneling") == 0) {
		if (load_bool(data, &cfg->force_reverse_tunneling) == TRUE) {
			return 0;
		}
		return -1;
	}
	if (strcmp(key, "RegistrationRequired") == 0) {
		if (load_bool(data, &cfg->reg_required) == TRUE) {
			return 0;
		}
		return -1;
	}
	if (strcmp(key, "EnableReverseTunneling") == 0) {
		if (load_bool(data, &cfg->enable_reverse_tunneling) == TRUE) {
			return 0;
		}
		return -1;
	}
	if (strcmp(key, "AllowMobileNodes") == 0) {
		if (load_bool(data, &cfg->allow_mobile_nodes) == TRUE) {
			return 0;
		}
		return -1;
	}
	if (strcmp(key, "FADefaultTunnelLifetime") == 0) {
		if (load_int(data, &cfg->fa_default_tunnel_lifetime) == TRUE) {
			return 0;
		}
		return -1;
	}
	if (strcmp(key, "PacketSocketMode") == 0) {
		if (load_int(data, &cfg->packet_socket_mode) == TRUE)
			return 0;
		return -1;
	}
	if (strcmp(key, "SyslogFacility") == 0) {
		if (load_syslog_facility(data,
					 &cfg->syslog_facility) == TRUE) {
			return 0;
		}
		return -1;
	}
        if (strcmp(key, "FAAPIReadSocketPath") == 0) {
                if (load_char_table(data, cfg->fa_api_read_socket_path,
                                    MAXFILENAMELEN) == TRUE) {
                        return 0;
                }
                return -1;
        }
        if (strcmp(key, "FAAPIReadSocketGroup") == 0) {
                if (load_char_table(data, cfg->fa_api_read_socket_group,
                                    MAXGROUPNAMELEN) == TRUE) {
                        return 0;
                }
                return -1;
        }
        if (strcmp(key, "FAAPIReadSocketOwner") == 0) {
                if (load_char_table(data, cfg->fa_api_read_socket_owner,
                                    MAXOWNERNAMELEN) == TRUE) {
                        return 0;
                }
                return -1;
        }
        if (strcmp(key, "FAAPIReadSocketPermissions") == 0) {
                if (load_int(data,
                             &cfg->fa_api_read_socket_permissions) == TRUE) {
                        return 0;
                }
                return -1;
        }
        if (strcmp(key, "FAAPIAdminSocketPath") == 0) {
                if (load_char_table(data, cfg->fa_api_admin_socket_path,
                                    MAXFILENAMELEN) == TRUE) {
                        return 0;
                }
                return -1;
        }
        if (strcmp(key, "FAAPIAdminSocketGroup") == 0) {
                if (load_char_table(data, cfg->fa_api_admin_socket_group,
                                    MAXGROUPNAMELEN) == TRUE) {
                        return 0;
                }
                return -1;
        }
        if (strcmp(key, "FAAPIAdminSocketOwner") == 0) {
                if (load_char_table(data, cfg->fa_api_admin_socket_owner,
                                    MAXOWNERNAMELEN) == TRUE) {
                        return 0;
                }
                return -1;
        }
        if (strcmp(key, "FAAPIAdminSocketPermissions") == 0) {
                if (load_int(data,
                             &cfg->fa_api_admin_socket_permissions) == TRUE) {
                        return 0;
                }
                return -1;
        }
        if (strcmp(key, "SocketPriority") == 0) {
                if (load_int(data, &cfg->socket_priority) == TRUE) {
                        return 0;
                }
                return -1;
        }
	if (strcmp(key, "SendSFADebugExt") == 0) {
		if (load_bool(data, &cfg->send_sfa_debug_ext) == TRUE)
			return 0;
		return -1;
	}
        if (strcmp(key, "RegistrationTTLCheck") == 0) {
                if (load_int(data, &cfg->reg_ttl_check) == TRUE) {
			if (cfg->reg_ttl_check != TTL_CHECK_NONE &&
			    cfg->reg_ttl_check != TTL_CHECK_REVERSE &&
			    cfg->reg_ttl_check != TTL_CHECK_ALL) {
				fprintf(stderr,
					"Invalid RegistrationTTLCheck: %i\n",
					cfg->reg_ttl_check);
				return -1;
			}
                        return 0;
                }
                return -1;
        }
        if (strcmp(key, "FARegistrationLifetime") == 0) {
                if (load_int(data, &cfg->fa_reg_lifetime) == TRUE)
                        return 0;
                return -1;
        }
#ifdef INCLUDE_IPAY
	if (strcmp(key, "IpayAAAFAddress") == 0) {
		if (load_ip_address(data, &cfg->aaaf_addr) == TRUE) {
			return 0;
		}
		return -1;
	}
        if (strcmp(key, "IpayAAAFPort") == 0) {
                if (load_int(data, &cfg->aaaf_port) == TRUE)
                        return 0;
                return -1;
        }
        if (strcmp(key, "IpayPort") == 0) {
                if (load_int(data, &cfg->ipay_port) == TRUE)
                        return 0;
                return -1;
        }
        if (strcmp(key, "IpayTimePrice") == 0) {
                if (load_int(data, &cfg->timePrice) == TRUE)
                        return 0;
                return -1;
        }
        if (strcmp(key, "IpayBytePrice") == 0) {
                if (load_int(data, &cfg->bytePrice) == TRUE)
                        return 0;
                return -1;
        }
#endif
	if (strcmp(key, "AUTHORIZEDNETWORKS_BEGIN") == 0) {
		if (fa->process_authorized_networks ||
		    fa->process_fa_spi_list || fa->process_interfaces) {
			fprintf(stderr, "List processing error while handling "
				"AUTHORIZEDNETWORKS_BEGIN\n");
			return -1;
		}
		fa->process_authorized_networks = TRUE;
		return 0;
	}
	if (strcmp(key, "FA_SECURITY_BEGIN") == 0) {
		if (fa->process_authorized_networks ||
		    fa->process_fa_spi_list || fa->process_interfaces) {
			fprintf(stderr, "List processing error while handling "
				"FA_SECURITY_BEGIN\n");
			return -1;
		}
		fa->process_fa_spi_list = TRUE;
		return 0;
	}
	if (strcmp(key, "INTERFACES_BEGIN") == 0) {
		if (fa->process_authorized_networks ||
		    fa->process_fa_spi_list || fa->process_interfaces) {
			fprintf(stderr, "List processing error while handling "
				"INTERFACES_BEGIN\n");
			return -1;
		}
		fa->process_interfaces = TRUE;
		return 0;
	}
        if (strcmp(key, "END") == 0) return 1;
	return -1;
}


/* load FA configuration */
int load_fa(struct fa_config *cfg, char *program_name, char *config_file)
{
        FILE *file;
        struct load_fa_data fa;
	int ret;

        fa.cfg = cfg;
	fa.process_authorized_networks = FALSE;
	fa.process_fa_spi_list = FALSE;
	fa.process_interfaces = FALSE;
	fa.iface_ups = 0;
	fa.iface_downs = 0;
        memset(cfg, 0, sizeof(struct fa_config));
	cfg->challenge_window = 2;
	cfg->challenge_length = 4;
        cfg->max_bindings = FA_DEFAULT_MAX_BINDINGS;
        cfg->fa_default_tunnel_lifetime = FA_DEFAULT_TUNNEL_LIFETIME;
        cfg->syslog_facility = FA_DEFAULT_SYSLOG_FACILITY;
	cfg->routing_table_start = FA_DEFAULT_ROUTING_TABLE_START;
	cfg->routing_table_end = FA_DEFAULT_ROUTING_TABLE_END;
	cfg->udp_port = cfg->upper_fa_port = FA_DEFAULT_UDP_PORT;
	cfg->ha_udp_port = cfg->upper_fa_port = FA_DEFAULT_UDP_PORT;
	cfg->highest_FA = TRUE;
	cfg->allow_mobile_nodes = TRUE;
	cfg->reg_required = TRUE;
	cfg->socket_priority = -1;
	cfg->reg_ttl_check = TTL_CHECK_REVERSE;
	cfg->fa_reg_lifetime = 3600;
	cfg->authorized_networks = authorized_init();
	if (cfg->authorized_networks == NULL) {
		fprintf(stderr,
			"load_fa: Error while initializing list of authorized "
			"networks\n");
		return FALSE;
	}
	list_init(&cfg->fa_spi_list);
	list_init(&cfg->interfaces);
	file = fopen(config_file, "r");
        if (file == NULL) {
		fprintf(stderr,
			"%s: Could not open configuration file '%s'.\n",
			program_name, config_file);
		return FALSE;
	}

	ret = TRUE;

        if (load_data(&fa, file, process_load_fa) == FALSE) {
                fprintf(stderr,
                        "%s: Error while interpreting file '%s'!\n",
                        program_name, config_file);
                ret = FALSE;
        }
        fclose(file);

	if (cfg->tunnel_device[0] == '\0') {
		fprintf(stderr, "load_fa: TunnelDevice not set\n");
		return FALSE;
	}

	if (fa.iface_ups != 1) {
		fprintf(stderr, "load_fa: %i interfaces to upper direction "
			"defined - exactly one needed (INTERFACES list)\n",
			fa.iface_ups);
		return FALSE;
	}

	if (fa.iface_downs < 1) {
		fprintf(stderr, "load_fa: no interfaces to lower direction "
			"defined - at least one needed (INTERFACES list)\n");
		return FALSE;
	}

	if (cfg->challenge_length > MAX_CHALLENGE_LEN) {
		fprintf(stderr, "load_fa: Invalid ChallengeLength %i "
			"(range: 0-%i)\n", cfg->challenge_length,
			MAX_CHALLENGE_LEN);
		return FALSE;
	}

	if (cfg->enable_challenge_response && cfg->challenge_window < 1) {
		fprintf(stderr, "load_fa: Invalid ChallengeWindow %i (must be "
			"at least 1)\n", cfg->challenge_window);
	}

	if (ret == FALSE)
		authorized_destroy(cfg->authorized_networks);

        return ret;
}

void cleanup_fa_config(struct fa_config *config)
{
	struct fa_spi_entry *fa_spi;
	struct interface_entry *iface;

	if (config == NULL) return;

	authorized_destroy(config->authorized_networks);

	fa_spi = (struct fa_spi_entry *)
		list_remove_first(&config->fa_spi_list);
	while (fa_spi != NULL) {
		free(fa_spi);
		fa_spi = (struct fa_spi_entry *)
			list_remove_first(&config->fa_spi_list);
	}

	iface = (struct interface_entry *)
		list_remove_first(&config->interfaces);
	while (iface != NULL) {
		close_socket(iface->icmp_sock);
		close_socket(iface->udp_sock);
		free(iface);
		iface = (struct interface_entry *)
			list_remove_first(&config->interfaces);
	}
}