class MD5AuthHandler

RIPv2 Authentication handler for MD5 scheme. More...

 
LOGO
 Annotated List  Files  Globals  Hierarchy  Index  Top

Public Types

Public Methods

Public Static Methods

Protected Members


Detailed Description

Class to check inbound MD5 authenticated packets and add authentication data to outbound RIP packets. The RIP MD5 authentication scheme is described in RFC 2082.

MD5Key (class)

MD5Key

Class to hold MD5 key information.

typedef list<MD5Key> KeyChain

KeyChain

 MD5AuthHandler (EventLoop& eventloop)

MD5AuthHandler

Constructor

Parameters:

eventloopthe EventLoop instance to used for time reference.
const char*  effective_name ()

effective_name

[const]

Get the effective name of the authentication scheme.

Reimplemented from AuthHandlerBase.

const char*  auth_type_name ()

auth_type_name

[static]

Get the method-specific name of the authentication scheme.

Returns: the method-specific name of the authentication scheme.

void  reset ()

reset

Reset the authentication state.

Reimplemented from AuthHandlerBase.

uint32_t  head_entries ()

head_entries

[const]

Get number of routing entries used by authentication scheme at the head of the RIP packet.

Returns: the number of routing entries used by the authentication scheme at the head of the RIP packet: 0 for unauthenticated packets, 1 otherwise.

Reimplemented from AuthHandlerBase.

uint32_t  max_routing_entries ()

max_routing_entries

[const]

Get maximum number of non-authentication scheme use routing entries in a RIP packet.

Reimplemented from AuthHandlerBase.

bool  authenticate_inbound (const uint8_t* packet, size_t packet_bytes, const uint8_t*& entries_ptr, uint32_t& n_entries, const IPv4& src_addr, bool new_peer)

authenticate_inbound

Inbound authentication method.

Parameters:

packetpointer to first byte of RIP packet.
packet_bytesnumber of bytes in RIP packet.
entries_ptroutput variable set to point to first entry in packet. Set to NULL if there are no entries, or on authentication failure.
n_entriesnumber of entries in the packet.
src_addrthe source address of the packet.
new_peertrue if this is a new peer.

Returns: true if packet passes authentication checks, false otherwise.

Reimplemented from AuthHandlerBase.

bool  authenticate_outbound (RipPacket<IPv4>& packet, list<RipPacket<IPv4> *>& auth_packets, size_t& n_routes)

authenticate_outbound

Outbound authentication method.

Create a list of authenticated packets (one for each valid authentication key). Note that the original packet is also modified and authenticated with the first valid key.

Parameters:

packetthe RIP packet to authenticate.
auth_packetsa return-by-reference list with the authenticated RIP packets (one for each valid authentication key).
n_routesthe return-by-reference number of routes in the packet.

Returns: true if packet was successfully authenticated, false when no valid keys are present.

Reimplemented from AuthHandlerBase.

bool  add_key (uint8_t key_id, const string& key, const TimeVal& start_timeval, const TimeVal& end_timeval, string& error_msg)

add_key

Add a key to the MD5 key chain.

If the key already exists, it is updated with the new settings.

Parameters:

key_idunique ID associated with key.
keyphrase used for MD5 digest computation.
start_timevalstart time when key becomes valid.
end_timevalend time when key becomes invalid.
error_msgthe error message (if error).

Returns: true on success, false if end time is less than start time or key has already expired.

bool  remove_key (uint8_t key_id, string& error_msg)

remove_key

Remove a key from the MD5 key chain.

Parameters:

key_idunique ID of key to be removed.
error_msgthe error message (if error).

Returns: true if the key was found and removed, otherwise false.

void  key_start_cb (uint8_t key_id)

key_start_cb

A callback that a key from the MD5 key chain has become valid.

Parameters:

key_idunique ID of the key that has become valid.
void  key_stop_cb (uint8_t key_id)

key_stop_cb

A callback that a key from the MD5 key chain has expired and is invalid.

Parameters:

key_idunique ID of the key that has expired.
void  reset_keys ()

reset_keys

Reset the keys for all sources.

const KeyChain&  valid_key_chain ()

valid_key_chain

[const]

Get all valid keys managed by the MD5AuthHandler.

Returns: list of all valid keys.

const KeyChain&  invalid_key_chain ()

invalid_key_chain

[const]

Get all invalid keys managed by the MD5AuthHandler.

Returns: list of all invalid keys.

bool  empty ()

empty

[const]

Test where the MD5AuthHandler contains any keys.

Returns: if the MD5AuthHandler contains any keys, otherwise false.

EventLoop& _eventloop

_eventloop

[protected]

KeyChain _valid_key_chain

_valid_key_chain

[protected]

KeyChain _invalid_key_chain

_invalid_key_chain

[protected]

NullAuthHandler _null_handler

_null_handler

[protected]


Generated by: pavlin on kobe.xorp.net on Wed Jan 7 19:11:10 2009, using kdoc 2.0a54+XORP.