sha_config.c

mobile ip 在linux下的一种实现

/* $Id: sha_config.c,v 1.3 2000/04/06 07:26:53 jm Exp $
 * Surrogate Home Agent configuration processing
 *
 * Dynamic hierarchial IP tunnel
 * Copyright (C) 2000, Dynamics group
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License version 2 as
 * published by the Free Software Foundation. See README and COPYING for
 * more details.
 */

#ifdef HAVE_CONFIG_H
#include <config.h>
#endif

#include <stdlib.h>
#include <stdio.h>
#include <string.h>
#include <syslog.h>
#include <assert.h>

#include "fileio.h"
#include "auth.h"
#include "sha_config.h"

static int process_load_sha_spi_list(struct load_sha_data *sha, char *key,
				     char *data)
{
	struct sha_config *cfg;
	struct sha_spi_entry *spi;
	char *pos;
	int res;

	if (strcmp(key, "SHA_SECURITY_END") == 0) {
		assert(sha->process_sha_spi_list == TRUE);
		sha->process_sha_spi_list = FALSE;
		return 0;
	}

	cfg = sha->cfg;
	spi = malloc(sizeof(struct sha_spi_entry));
	if (spi == NULL) {
		fprintf(stderr,
			"process_load_sha_spi_list: not enough memory for "
			"struct spi_entry\n");
		return -1;
	}

	list_init_node(&spi->node);

	if (key[0] == '0' && key[1] == 'x')
		res = sscanf(key, "%x", &spi->spi);
	else
		res = sscanf(key, "%d", &spi->spi);

	if (res != 1) {
		fprintf(stderr,
			"process_load_sha_spi_list: invalid SPI number\n");
		free(spi);
		return -1;
	}

	pos = data;

	while (*pos == ' ' || *pos == '\t') pos++;
	if (load_ip_address(pos, &spi->addr) != TRUE) {
		fprintf(stderr,
			"process_load_sha_authorized_list: invalid "
			"IP address\n");
		free(spi);
		return -1;
	}

	while (*pos != ' ' && *pos != '\t' && *pos != '\0') pos++;
	while (*pos == ' ' || *pos == '\t') pos++;
	if (*pos == '\0' || sscanf(pos, "%u", &spi->priv_ha) != 1) {
		fprintf(stderr, "process_load_sha_spi_list: invalid private "
			"HA ID %u\n", spi->priv_ha);
		free(spi);
		return -1;
	}

	while (*pos != ' ' && *pos != '\t' && *pos != '\0') pos++;
	while (*pos == ' ' || *pos == '\t') pos++;
	if (*pos == '\0' || sscanf(pos, "%d", &spi->alg) != 1) {
		fprintf(stderr,
			"process_load_sha_spi_list: invalid algorithm "
			"number %i\n", spi->alg);
		free(spi);
		return -1;
	}

	if (spi->alg != AUTH_ALG_MD5 && spi->alg != AUTH_ALG_MD5_RFC2002) {
		fprintf(stderr, "process_load_sha_spi_list: unsupport "
			"algorithm %i\n", spi->alg);
		free(spi);
		return -1;
	}

	while (*pos != ' ' && *pos != '\t' && *pos != '\0') pos++;
	while (*pos == ' ' || *pos == '\t') pos++;
	if (*pos == '\0' || load_hex_table(pos, spi->shared_secret,
					   MAXSHAREDSECRETLEN,
					   &spi->shared_secret_len) == FALSE) {
		fprintf(stderr,
			"process_load_sha_spi_list: invalid shared secret\n");
		free(spi);
		return -1;
	}

	assert(spi->shared_secret_len >= 0);
	assert(spi->shared_secret_len <= MAXSHAREDSECRETLEN);
	list_add_tail(&cfg->sha_spi_list, &spi->node);

	return 0;
}


/* Process loading of the sha_data
 * Return values: -2: consistency error, -1: error, 0: ok, 1: end */
static int process_load_sha(void *voidptr, char *key, char *data)
{
	struct load_sha_data *sha;
	struct sha_config *cfg;

	sha = voidptr;
	cfg = sha->cfg;

	if (sha->process_sha_spi_list == TRUE)
		return process_load_sha_spi_list(sha, key, data);

	if (strcmp(key, "SHAIPAddress") == 0) {
		if (load_ip_address(data, &cfg->sha_addr) == TRUE)
			return 0;
		return -1;
	}

	if (strcmp(key, "TunnelDevice") == 0) {
		if (load_char_table(data, cfg->tunnel_device,
				    IFNAMSIZ) == TRUE)
			return 0;
		return -1;
	}

	if (strcmp(key, "UDPPort") == 0) {
		if (load_int(data, &cfg->udp_port) == TRUE)
			return 0;
		return -1;
	}

	if (strcmp(key, "RoutingTableStart") == 0) {
		if (load_int(data, &cfg->routing_table_start) == TRUE)
			return 0;
		return -1;
	}

	if (strcmp(key, "RoutingTableEnd") == 0) {
		if (load_int(data, &cfg->routing_table_end) == TRUE)
			return 0;
		return -1;
	}

	if (strcmp(key, "MaxBindings") == 0) {
		if (load_int(data, &cfg->max_bindings) == TRUE)
			return 0;
		return -1;
	}

	if (strcmp(key, "MaxLifetime") == 0) {
		if (load_int(data, &cfg->max_lifetime) == TRUE)
			return 0;
		return -1;
	}

	if (strcmp(key, "SyslogFacility") == 0) {
		if (load_syslog_facility(data, &cfg->syslog_facility) == TRUE)
			return 0;
		return -1;
	}

        if (strcmp(key, "SocketPriority") == 0) {
                if (load_int(data, &cfg->socket_priority) == TRUE)
                        return 0;
                return -1;
        }

	if (strcmp(key, "SHA_SECURITY_BEGIN") == 0) {
		if (sha->process_sha_spi_list) {
			fprintf(stderr, "List processing error while handling "
				"SHA_SECURITY_BEGIN\n");
			return -1;
		}
		sha->process_sha_spi_list = TRUE;
		return 0;
	}
        if (strcmp(key, "END") == 0) return 1;
	return -1;
}


int load_sha(struct sha_config *cfg, char *program_name, char *config_file)
{
        FILE *file;
        struct load_sha_data sha;
	int ret;

        sha.cfg = cfg;
	sha.process_sha_spi_list = FALSE;
        memset(cfg, 0, sizeof(struct sha_config));
        cfg->max_bindings = 1000;
        cfg->max_lifetime = 600;
        cfg->syslog_facility = LOG_LOCAL0;
	cfg->routing_table_start = 1;
	cfg->routing_table_end = 253;
	cfg->udp_port = 434;
	cfg->socket_priority = -1;
	list_init(&cfg->sha_spi_list);
	file = fopen(config_file, "r");
        if (file == NULL) {
		fprintf(stderr,
			"%s: Could not open configuration file '%s'.\n",
			program_name, config_file);
		return FALSE;
	}

	ret = TRUE;

        if (load_data(&sha, file, process_load_sha) == FALSE) {
                fprintf(stderr, "%s: Error while interpreting file '%s'!\n",
                        program_name, config_file);
                ret = FALSE;
        }
        fclose(file);

	if (cfg->tunnel_device[0] == '\0') {
		fprintf(stderr, "load_shfa: TunnelDevice not set\n");
		return FALSE;
	}

        return ret;
}


void cleanup_sha_config(struct sha_config *config)
{
	struct sha_spi_entry *sha_spi;

	if (config == NULL) return;

	for (;;) {
		sha_spi = (struct sha_spi_entry *)
			list_remove_first(&config->sha_spi_list);
		if (sha_spi == NULL)
			break;
		free(sha_spi);
	}
}