diff options
| author | paul <paul> | 2004-06-06 22:06:33 +0000 |
|---|---|---|
| committer | paul <paul> | 2004-06-06 22:06:33 +0000 |
| commit | ca5e516c84cc2d35b6f6cd29f8ba9e835d3b72ba (patch) | |
| tree | b0d6c52545e9aeb2e187c6a2c72e296f69deaf9f /ripd/rip_interface.c | |
| parent | d47b7ba10bdd17d9f723a5fc42b2f71668e27a22 (diff) | |
2004-06-06 Paul Jakma <paul.jakma@sun.com>
* ripd.h: Add define for the RIPv2 Authentication Data family
Move the auth type defines up to where other defines live.
Add RIP_AUTH_MD5_COMPAT_SIZE, for backwards compatible
md5->auth_len size. Add md5_auth_len field to struct
rip_interface: (rip_interface_new) Init md5_auth_len to compatible
size.
(ip_rip_authentication_mode_cmd) Extended to handle setting
md5 auth-length. Appropriate aliases added.
(no_ip_rip_authentication_mode_cmd) Reset md5_auth_len to
compatible size.
(rip_interface_config_write) Teach it about md5_auth_len.
_always_ write out the auth-length, so that everyone will get
the setting in their config file, and hence allow for a future
change of default for md5_auth_len to be less painful - every md5
user will have this setting in their config file.
ripd.c: (rip_packet_dump) Change nasty hard coded constants to
symbolic defines. Change various tests of 'ntoh.(variable) ==
constant' to test 'variable == ntoh.(constant)'. Clean up
indentation on some long lines.
(rip_auth_simple_password) ditto.
(rip_auth_md5) ditto, also add length argument and sanity check
md5 data offset field. Sanity check md5 auth length, accept RFC
or old-ripd/cisco lengths.
(rip_auth_md5_set) as per (rip_packet_dump), also write out
the configured md5 auth length for the interface (old-ripd or rfc)
(rip_read) as per (rip_packet_dump)
(rip_write_rte) ditto
(rip_response_process) ditto
(rip_write_rte) ditto
Diffstat (limited to 'ripd/rip_interface.c')
| -rw-r--r-- | ripd/rip_interface.c | 64 |
1 files changed, 63 insertions, 1 deletions
diff --git a/ripd/rip_interface.c b/ripd/rip_interface.c index 3d69d6c6..4daa5b38 100644 --- a/ripd/rip_interface.c +++ b/ripd/rip_interface.c @@ -125,6 +125,7 @@ rip_interface_new () compatibility. */ /* ri->auth_type = RIP_NO_AUTH; */ ri->auth_type = RIP_AUTH_SIMPLE_PASSWORD; + ri->md5_auth_len = RIP_AUTH_MD5_COMPAT_SIZE; /* Set default split-horizon behavior. If the interface is Frame Relay or SMDS is enabled, the default value for split-horizon is @@ -1678,6 +1679,12 @@ DEFUN (ip_rip_authentication_mode, ifp = (struct interface *)vty->index; ri = ifp->info; + if ( (argc < 1) || (argc > 2) ) + { + vty_out (vty, "incorrect argument count%s", VTY_NEWLINE); + return CMD_WARNING; + } + if (strncmp ("md5", argv[0], strlen (argv[0])) == 0) ri->auth_type = RIP_AUTH_MD5; else if (strncmp ("text", argv[0], strlen (argv[0])) == 0) @@ -1688,9 +1695,38 @@ DEFUN (ip_rip_authentication_mode, return CMD_WARNING; } + if (argc == 1) + return CMD_SUCCESS; + + if ( (argc == 2) && (ri->auth_type != RIP_AUTH_MD5) ) + { + vty_out (vty, "auth length argument only valid for md5%s", VTY_NEWLINE); + return CMD_WARNING; +} + + if (strncmp ("r", argv[1], 1) == 0) + ri->md5_auth_len = RIP_AUTH_MD5_SIZE; + else if (strncmp ("o", argv[1], 1) == 0) + ri->md5_auth_len = RIP_AUTH_MD5_COMPAT_SIZE; + else + return CMD_WARNING; + return CMD_SUCCESS; } +ALIAS (ip_rip_authentication_mode, + ip_rip_authentication_mode_authlen_cmd, + "ip rip authentication mode (md5|text) auth-length (rfc|old-ripd)", + IP_STR + "Routing Information Protocol\n" + "Authentication control\n" + "Authentication mode\n" + "Keyed message digest\n" + "Clear text authentication\n" + "MD5 authentication data length\n" + "RFC compatible\n" + "Old ripd compatible\n") + DEFUN (no_ip_rip_authentication_mode, no_ip_rip_authentication_mode_cmd, "no ip rip authentication mode", @@ -1708,6 +1744,7 @@ DEFUN (no_ip_rip_authentication_mode, /* ri->auth_type = RIP_NO_AUTH; */ ri->auth_type = RIP_AUTH_SIMPLE_PASSWORD; + ri->md5_auth_len = RIP_AUTH_MD5_COMPAT_SIZE; return CMD_SUCCESS; } @@ -1723,6 +1760,20 @@ ALIAS (no_ip_rip_authentication_mode, "Keyed message digest\n" "Clear text authentication\n") +ALIAS (no_ip_rip_authentication_mode, + no_ip_rip_authentication_mode_type_authlen_cmd, + "no ip rip authentication mode (md5|text) auth-length (rfc|old-ripd)", + NO_STR + IP_STR + "Routing Information Protocol\n" + "Authentication control\n" + "Authentication mode\n" + "Keyed message digest\n" + "Clear text authentication\n" + "MD5 authentication data length\n" + "RFC compatible\n" + "Old ripd compatible\n") + DEFUN (ip_rip_authentication_string, ip_rip_authentication_string_cmd, "ip rip authentication string LINE", @@ -1988,6 +2039,7 @@ rip_interface_config_write (struct vty *vty) (ri->ri_send == RI_RIP_UNSPEC) && (ri->ri_receive == RI_RIP_UNSPEC) && (ri->auth_type != RIP_AUTH_MD5) && + (ri->md5_auth_len != RIP_AUTH_MD5_SIZE) && (!ri->auth_str) && (!ri->key_chain) ) continue; @@ -2034,8 +2086,16 @@ rip_interface_config_write (struct vty *vty) if (ri->auth_type == RIP_AUTH_SIMPLE_PASSWORD) vty_out (vty, " ip rip authentication mode text%s", VTY_NEWLINE); #endif /* 0 */ + if (ri->auth_type == RIP_AUTH_MD5) - vty_out (vty, " ip rip authentication mode md5%s", VTY_NEWLINE); + { + vty_out (vty, " ip rip authentication mode md5"); + if (ri->md5_auth_len == RIP_AUTH_MD5_COMPAT_SIZE) + vty_out (vty, " auth-length old-ripd"); + else + vty_out (vty, " auth-length rfc"); + vty_out (vty, "%s", VTY_NEWLINE); + } if (ri->auth_str) vty_out (vty, " ip rip authentication string %s%s", @@ -2165,8 +2225,10 @@ rip_if_init () install_element (INTERFACE_NODE, &no_ip_rip_receive_version_num_cmd); install_element (INTERFACE_NODE, &ip_rip_authentication_mode_cmd); + install_element (INTERFACE_NODE, &ip_rip_authentication_mode_authlen_cmd); install_element (INTERFACE_NODE, &no_ip_rip_authentication_mode_cmd); install_element (INTERFACE_NODE, &no_ip_rip_authentication_mode_type_cmd); + install_element (INTERFACE_NODE, &no_ip_rip_authentication_mode_type_authlen_cmd); install_element (INTERFACE_NODE, &ip_rip_authentication_key_chain_cmd); install_element (INTERFACE_NODE, &no_ip_rip_authentication_key_chain_cmd); |