📄 ha_config.c
字号:
MAXOWNERNAMELEN) == TRUE) { return 0; } return -1; } if (strcmp(key, "HAAPIReadSocketPermissions") == 0) { if (load_int(data, &cfg->ha_api_read_socket_permissions) == TRUE) { return 0; } return -1; } if (strcmp(key, "HAAPIAdminSocketPath") == 0) { if (load_char_table(data, cfg->ha_api_admin_socket_path, MAXFILENAMELEN) == TRUE) { return 0; } return -1; } if (strcmp(key, "HAAPIAdminSocketGroup") == 0) { if (load_char_table(data, cfg->ha_api_admin_socket_group, MAXGROUPNAMELEN) == TRUE) { return 0; } return -1; } if (strcmp(key, "HAAPIAdminSocketOwner") == 0) { if (load_char_table(data, cfg->ha_api_admin_socket_owner, MAXOWNERNAMELEN) == TRUE) { return 0; } return -1; } if (strcmp(key, "HAAPIAdminSocketPermissions") == 0) { if (load_int(data, &cfg->ha_api_admin_socket_permissions) == TRUE) { return 0; } return -1; } if (strcmp(key, "UDPPort") == 0) { if (load_int(data, &cfg->udpport) == TRUE) return 0; return -1; } if (strcmp(key, "SocketPriority") == 0) { if (load_int(data, &cfg->socket_priority) == TRUE) { return 0; } return -1; } if (strcmp(key, "EnableTriangleTunneling") == 0) { if (load_bool(data, &cfg->enable_triangle_tunneling) == TRUE) { return 0; } return -1; } if (strcmp(key, "EnableReverseTunneling") == 0) { if (load_bool(data, &cfg->enable_reverse_tunneling) == TRUE) { return 0; } return -1; } if (strcmp(key, "PublicKeyHashMethod") == 0) { if (load_int(data, &cfg->pubkey_hash_method) == TRUE) { if (cfg->pubkey_hash_method != HASH_METHOD_NONE && cfg->pubkey_hash_method != HASH_METHOD_CHECK && cfg->pubkey_hash_method != HASH_METHOD_REQUIRE) { fprintf(stderr, "Invalid PublicKeyHashMethod %i\n", cfg->pubkey_hash_method); return -1; } return 0; } return -1; } if (strcmp(key, "SHAIPAddress") == 0) { if (load_ip_address(data, &cfg->sha_addr) == TRUE) return 0; return -1; } if (strcmp(key, "PrivateHAIdentifier") == 0) { if (load_int(data, (int *) &cfg->priv_ha) == TRUE) return 0; return -1; } if (strcmp(key, "NetworkAccessIdentifier") == 0) { if (load_nai(data, cfg->ha_nai, &cfg->ha_nai_len) == TRUE) return 0; return -1; } if (strcmp(key, "END") == 0) return 1; return -1;}/* process ha spi list */static int process_load_ha_spi_list(struct load_ha_data *ha, char *key, char *data){ struct ha_config *cfg; struct spi_entry *spi; char *pos; int res; if (strcmp(key, "SECURITY_END") == 0) { ASSERT(ha->process_spi_list == TRUE); ha->process_spi_list = FALSE; return 0; } cfg = ha->cfg; spi = malloc(sizeof(struct spi_entry)); if (spi == NULL) { fprintf(stderr, "process_load_ha_spi_list: not enough memory for " "struct spi_entry\n"); return -1; } if (key[0] == '0' && key[1] == 'x') res = sscanf(key, "%x", &spi->spi); else res = sscanf(key, "%d", &spi->spi); if (res != 1) { fprintf(stderr, "process_load_ha_spi_list: invalid SPI number\n"); free(spi); return -1; } list_init_node(&spi->node); pos = data; while (*pos == ' ' || *pos == '\t') pos++; if (*pos == '\0' || sscanf(pos, "%d", &spi->auth_alg) != 1) { fprintf(stderr, "process_load_ha_spi_list: invalid authentication " "algorithm number\n"); free(spi); return -1; } if (!auth_supported_auth_alg(spi->auth_alg)) { fprintf(stderr, "process_load_ha_spi_list: unsupported " "authentication algorithm %i\n", spi->auth_alg); free(spi); return -1; } while (*pos != ' ' && *pos != '\t' && *pos != '\0') pos++; while (*pos == ' ' || *pos == '\t') pos++; if (*pos == '\0' || sscanf(pos, "%d", &spi->replay_method) != 1) { fprintf(stderr, "process_load_ha_spi_list: invalid replay method " "number\n"); free(spi); return -1; } if (spi->replay_method < 0 || spi->replay_method > 2) { fprintf(stderr, "process_load_ha_spi_list: unsupported replay " "method %i\n", spi->replay_method); free(spi); return -1; } while (*pos != ' ' && *pos != '\t' && *pos != '\0') pos++; while (*pos == ' ' || *pos == '\t') pos++; if (*pos == '\0' || sscanf(pos, "%d", &spi->timestamp_tolerance) != 1) { fprintf(stderr, "process_load_ha_spi_list: invalid timestamp " "tolerance\n"); free(spi); return -1; } while (*pos != ' ' && *pos != '\t' && *pos != '\0') pos++; while (*pos == ' ' || *pos == '\t') pos++; if (*pos == '\0' || sscanf(pos, "%d", &spi->max_lifetime) != 1) { fprintf(stderr, "process_load_ha_spi_list: invalid maximum " "lifetime\n"); free(spi); return -1; } while (*pos != ' ' && *pos != '\t' && *pos != '\0') pos++; while (*pos == ' ' || *pos == '\t') pos++; if (*pos == '\0' || load_hex_table(pos, spi->shared_secret, MAXSHAREDSECRETLEN, &spi->shared_secret_len) == FALSE) { fprintf(stderr, "process_load_ha_spi_list: invalid shared secret\n"); free(spi); return -1; } ASSERT(spi->shared_secret_len >= 0); ASSERT(spi->shared_secret_len <= MAXSHAREDSECRETLEN); list_add_tail(&cfg->spi_list, &spi->node); return 0;}/* process ha authenticated list */static int process_load_ha_authorized_list(struct load_ha_data *ha, char *key, char *data){ struct ha_config *cfg; struct authorized_entry *auth; if (strcmp(key, "AUTHORIZEDLIST_END") == 0) { ASSERT(ha->process_authorized_list == TRUE); ha->process_authorized_list = FALSE; return 0; } cfg = ha->cfg; auth = malloc(sizeof(struct authorized_entry)); if (auth == NULL) { fprintf(stderr, "process_load_ha_authorized_list: not enough memory " "for struct authorized_entry\n"); return -1; } list_init_node(&auth->node); if (sscanf(key, "%d-%d", &auth->spi_low, &auth->spi_high) == 2) { if (auth->spi_low > auth->spi_high) { fprintf(stderr, "process_load_ha_authorized_list: lower SPI " "greater than higher SPI\n"); free(auth); return -1; } } else if (sscanf(key, "%d", &auth->spi_low) == 1) { auth->spi_high = auth->spi_low; } else { fprintf(stderr, "process_load_ha_authorized_list: invalid SPI '%s'\n", key); free(auth); return -1; } while(*data == ' ' || *data == '\t') { data++; } if (load_net_address(data, &auth->network, &auth->netmask) != TRUE) { printf("process_load_ha_authorized_list: invalid " "Mobile Node home IP network address\n"); free(auth); return -1; } list_add_tail(&cfg->authorized_list, &auth->node); return 0;}static int process_load_fa_spi_list(struct load_ha_data *ha, char *key, char *data){ struct ha_config *cfg; struct fa_spi_entry *spi; char *pos; int res; if (strcmp(key, "FA_SECURITY_END") == 0) { ASSERT(ha->process_fa_spi_list == TRUE); ha->process_fa_spi_list = FALSE; return 0; } cfg = ha->cfg; spi = malloc(sizeof(struct fa_spi_entry)); if (spi == NULL) { fprintf(stderr, "process_load_fa_spi_list: not enough memory for " "struct spi_entry\n"); return -1; } list_init_node(&spi->node); if (key[0] == '0' && key[1] == 'x') res = sscanf(key, "%x", &spi->spi); else res = sscanf(key, "%d", &spi->spi); if (res != 1) { fprintf(stderr, "process_load_fa_spi_list: invalid SPI number\n"); free(spi); return -1; } pos = data; while (*pos == ' ' || *pos == '\t') pos++; if (load_ip_address(pos, &spi->addr) != TRUE) { fprintf(stderr, "process_load_fa_authorized_list: invalid " "IP address\n"); free(spi); return -1; } while (*pos != ' ' && *pos != '\t' && *pos != '\0') pos++; while (*pos == ' ' || *pos == '\t') pos++; if (*pos == '\0' || sscanf(pos, "%d", &spi->alg) != 1) { fprintf(stderr, "process_load_fa_spi_list: invalid algorithm " "number\n"); free(spi); return -1; } if (!auth_supported_auth_alg(spi->alg)) { fprintf(stderr, "process_load_fa_spi_list: unsupported " "algorithm %i\n", spi->alg); free(spi); return -1; } while (*pos != ' ' && *pos != '\t' && *pos != '\0') pos++; while (*pos == ' ' || *pos == '\t') pos++; if (*pos == '\0' || load_hex_table(pos, spi->shared_secret, MAXSHAREDSECRETLEN, &spi->shared_secret_len) == FALSE) { fprintf(stderr, "process_load_fa_spi_list: invalid shared secret\n"); free(spi); return -1; } ASSERT(spi->shared_secret_len >= 0); ASSERT(spi->shared_secret_len <= MAXSHAREDSECRETLEN); list_add_tail(&cfg->fa_spi_list, &spi->node); return 0;}⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -