riplib.html

vxworks相关论文

<p>
<pre>    STATUS ripAuthHookRtn (char *pKey, RIP_PKT *pRip);
</pre>
The first argument contains the authentication key for the message
stored in the rip2IfConfAuthKey MIB variable and the second argument 
uses the <b>RIP_PKT</b> structure (defined in <b>rip/ripLib.h</b>) to access the message 
body. The routine must return OK if the message is acceptable, or ERROR 
otherwise. All RIP-2 messages sent to that routine already contain an 
authentication entry, but have not been verified. (Any unauthenticated
RIP-2 messages have already been discarded as required by the RFC 
specification). RIP-1 messages may be accepted or rejected. RIP-2 messages
requesting simple password authentication which match the key are
accepted automatically before the hook is called. The remaining RIP-2
messages either did not match that key or are using an unknown 
authentication type. If any messages are rejected, the MIB-II counters are 
updated appropriately outside of the hook routine.
<p>
The current RIP implementation contains a sample authentication hook which
may be added as follows:
<p>
<pre>    if (ripAuthHookAdd ("90.0.0.1", ripAuthHook) == ERROR)
          logMsg ("Unable to add authorization hook.\n", 0, 0, 0, 0, 0, 0);
</pre>

The sample routine only supports simple password authentication against
the key included in the MIB variable. Since all such messages have already
been accepted, all RIP-2 messages received by the routine are discarded.
All RIP-1 messages are also discarded, so the hook actually has no
effect. The body of that routine is:
<p>
<pre>STATUS ripAuthHook
   (
   char *     pKey,   /* rip2IfConfAuthKey entry from MIB-II family */
   RIP_PKT *  pRip    /* received RIP message */
   )
   {
   if (pRip-&gt;rip_vers == 1)
       {
       /* 
        @ The RFC specification recommends, but does not require, rejecting
        @ version 1 packets when authentication is enabled.
        */

       return (ERROR);
       }

   /*
    @ The authentication type field in the RIP message corresponds to
    @ the first two bytes of the sa_data field overlayed on that
    @ message by the sockaddr structure contained within the RIP_PKT 
    @ structure (see rip/ripLib.h).
    */

   if ( (pRip-&gt;rip_nets[0].rip_dst.sa_data[0] != 0) ||
       (pRip-&gt;rip_nets[0].rip_dst.sa_data[1] !=
       M2_rip2IfConfAuthType_simplePassword))
       {
       /* Unrecognized authentication type. */

       return (ERROR);
       }

   /* 
    @ Discard version 2 packets requesting simple password authentication
    @ which did not match the MIB variable. 
    */

   return (ERROR);
   }
</pre>

A comparison against a different key could be performed as follows:
<p>
<pre> bzero ( (char *)&amp;key, AUTHKEYLEN);    /* AUTHKEYLEN from rip/m2RipLib.h */

  /*
   @ The start of the authorization key corresponds to the third byte
   @ of the sa_data field in the sockaddr structure overlayed on the
   @ body of the RIP message by the RIP_PKT structure. It continues
   @ for the final 14 bytes of that structure and the first two bytes
   @ of the following rip_metric field.
   */

 bcopy ( (char *)(pRip-&gt;rip_nets[0].rip_dst.sa_data + 2),
        (char *)&amp;key, AUTHKEYLEN);

 if (bcmp ( (char *)key, privateKey, AUTHKEYLEN) != 0)
     {
     /* Key does not match: reject message. */

     return (ERROR);
     }
 return (OK);
</pre>

The <b><i><a href="./ripLib.html#ripAuthHookDelete">ripAuthHookDelete</a></i>(&nbsp;)</b> routine will remove the installed function. If
authentication is still enabled for the interface, all incoming messages
which do not use simple password authentication will be rejected until a
routine is provided.
<p>
</blockquote><h4>RETURNS</h4><blockquote><p>
OK if hook added, or ERROR otherwise.
<p>
</blockquote><h4>ERRNO</h4><blockquote><p>
<p>
&nbsp;S_m2Lib_INVALID_PARAMETER<br>
&nbsp;S_m2Lib_ENTRY_NOT_FOUND
</blockquote><h4>SEE ALSO</h4><blockquote><p>
<b><a href="./ripLib.html#top">ripLib</a></b>

<hr>
<a name="ripAuthHookDelete"></a>
<p align=right>
<a href="rtnIndex.html"><i>Libraries :  Routines</i></a></p>

</blockquote><h1><i>ripAuthHookDelete</i>(&nbsp;)</h1> <blockquote></a></blockquote><h4>NAME</h4><blockquote>  
<p><strong><i>ripAuthHookDelete</i>(&nbsp;)</strong> - remove an authentication hook from a RIP interface</p>

</blockquote><h4>SYNOPSIS</h4><blockquote><p>
<pre>STATUS ripAuthHookDelete
    (
    char* pIpAddr /* IP address in dotted decimal notation */
    )</pre>

</blockquote><h4>DESCRIPTION</h4><blockquote><p>
This routine removes an assigned authentication hook from a registered
interface indicated by <i>pIpAddr</i>. (Interfaces created or changed after 
a RIP session has started may be installed/updated with the <b><i><a href="./ripLib.html#ripIfSearch">ripIfSearch</a></i>(&nbsp;)</b> 
and <b><i><a href="./ripLib.html#ripIfReset">ripIfReset</a></i>(&nbsp;)</b> routines). If authentication is still enabled for the 
interface, RIP-2 messages using simple password authentication will be
accepted if they match the key in the MIB variable, but all other incoming 
messages will be rejected until a routine is provided.
<p>
</blockquote><h4>RETURNS</h4><blockquote><p>
OK, or ERROR if the interface could not be found.
<p>
</blockquote><h4>ERRNO</h4><blockquote><p>
<p>
&nbsp;S_m2Lib_INVALID_PARAMETER<br>
&nbsp;S_m2Lib_ENTRY_NOT_FOUND
</blockquote><h4>SEE ALSO</h4><blockquote><p>
<b><a href="./ripLib.html#top">ripLib</a></b>

<hr>
<a name="ripAuthHook"></a>
<p align=right>
<a href="rtnIndex.html"><i>Libraries :  Routines</i></a></p>

</blockquote><h1><i>ripAuthHook</i>(&nbsp;)</h1> <blockquote></a></blockquote><h4>NAME</h4><blockquote>  
<p><strong><i>ripAuthHook</i>(&nbsp;)</strong> - sample authentication hook</p>

</blockquote><h4>SYNOPSIS</h4><blockquote><p>
<pre>STATUS ripAuthHook
    (
    char *    pKey, /* rip2IfConfAuthKey entry from MIB-II family */
    RIP_PKT * pRip  /* received RIP message */
    )</pre>

</blockquote><h4>DESCRIPTION</h4><blockquote><p>
This hook demonstrates one possible authentication mechanism. It rejects
all RIP-2 messages which used simple password authentication since they
did not match the key contained in the MIB variable. All other RIP-2
messages are also rejected since no other authentication type is
supported and all RIP-1 messages are also rejected, as recommended by
the RFC specification. This behavior is the same as if no hook were 
installed.
<p>
</blockquote><h4>RETURNS</h4><blockquote><p>
OK if message is acceptable, or ERROR otherwise.
<p>
</blockquote><h4>ERRNO</h4><blockquote><p>
N/A
</blockquote><h4>SEE ALSO</h4><blockquote><p>
<b><a href="./ripLib.html#top">ripLib</a></b>

<hr>
<a name="ripLeakHookAdd"></a>
<p align=right>
<a href="rtnIndex.html"><i>Libraries :  Routines</i></a></p>

</blockquote><h1><i>ripLeakHookAdd</i>(&nbsp;)</h1> <blockquote></a></blockquote><h4>NAME</h4><blockquote>  
<p><strong><i>ripLeakHookAdd</i>(&nbsp;)</strong> - add a hook to bypass the RIP and kernel routing tables</p>

</blockquote><h4>SYNOPSIS</h4><blockquote><p>
<pre>STATUS ripLeakHookAdd
    (
    char *  pIpAddr,  /* IP address in dotted decimal notation */
    FUNCPTR pLeakHook /* function pointer to hook */
    )</pre>

</blockquote><h4>DESCRIPTION</h4><blockquote><p>
This routine installs a hook routine to support alternative routing
protocols for the registered interface given by <i>pIpAddr</i>. (Interfaces 
created or changed after a RIP session has started may be installed/updated
with the <b><i><a href="./ripLib.html#ripIfSearch">ripIfSearch</a></i>(&nbsp;)</b> and <b><i><a href="./ripLib.html#ripIfReset">ripIfReset</a></i>(&nbsp;)</b> routines). 
<p>
The hook uses the following interface:
<pre>    STATUS ripLeakHookRtn (long dest, long gateway, long netmask)
</pre>

The RIP session will not add the given route to any tables if the hook
routine returns OK, but will create a route entry otherwise.
<p>
The <b><i><a href="./ripLib.html#ripLeakHookDelete">ripLeakHookDelete</a></i>(&nbsp;)</b> will allow the RIP session to add new routes
unconditionally.
<p>
</blockquote><h4>RETURNS</h4><blockquote><p>
OK, or ERROR if the interface could not be found.
<p>
</blockquote><h4>ERRNO</h4><blockquote><p>
<p>
&nbsp;S_m2Lib_INVALID_PARAMETER<br>
&nbsp;S_m2Lib_ENTRY_NOT_FOUND
</blockquote><h4>SEE ALSO</h4><blockquote><p>
<b><a href="./ripLib.html#top">ripLib</a></b>

<hr>
<a name="ripLeakHookDelete"></a>
<p align=right>
<a href="rtnIndex.html"><i>Libraries :  Routines</i></a></p>

</blockquote><h1><i>ripLeakHookDelete</i>(&nbsp;)</h1> <blockquote></a></blockquote><h4>NAME</h4><blockquote>  
<p><strong><i>ripLeakHookDelete</i>(&nbsp;)</strong> - remove a table bypass hook from a RIP interface</p>

</blockquote><h4>SYNOPSIS</h4><blockquote><p>
<pre>STATUS ripLeakHookDelete
    (
    char* pIpAddr /* IP address in dotted decimal notation */
    )</pre>

</blockquote><h4>DESCRIPTION</h4><blockquote><p>
This routine removes the assigned bypass hook from a registered interface
indicated by <i>pIpAddr</i>. (Interfaces created or changed after a RIP
session has started may be installed/updated with the <b><i><a href="./ripLib.html#ripIfSearch">ripIfSearch</a></i>(&nbsp;)</b> 
and <b><i><a href="./ripLib.html#ripIfReset">ripIfReset</a></i>(&nbsp;)</b> routines). The RIP session will return to the default 
behavior and add entries to the internal RIP table and kernel routing 
table unconditionally.
<p>
</blockquote><h4>RETURNS</h4><blockquote><p>
OK, or ERROR if the interface could not be found.
<p>
</blockquote><h4>ERRNO</h4><blockquote><p>
<p>
&nbsp;S_m2Lib_INVALID_PARAMETER<br>
&nbsp;S_m2Lib_ENTRY_NOT_FOUND
</blockquote><h4>SEE ALSO</h4><blockquote><p>
<b><a href="./ripLib.html#top">ripLib</a></b>

<hr>
<a name="ripSendHookAdd"></a>
<p align=right>
<a href="rtnIndex.html"><i>Libraries :  Routines</i></a></p>

</blockquote><h1><i>ripSendHookAdd</i>(&nbsp;)</h1> <blockquote></a></blockquote><h4>NAME</h4><blockquote>  
<p><strong><i>ripSendHookAdd</i>(&nbsp;)</strong> - add an update filter to a RIP interface</p>

</blockquote><h4>SYNOPSIS</h4><blockquote><p>
<pre>STATUS ripSendHookAdd
    (