|
| ||||||||||||||||
|
| ||||||||||||||||
Class to check inbound MD5 authenticated packets and add authentication data to outbound OSPF packets. The OSPFv2 MD5 authentication scheme is described in Section D.3 of RFC 2328.
| static const OspfTypes::AuType AUTH_TYPE | AUTH_TYPE |
| MD5Key (class) | MD5Key |
Class to hold MD5 key information.
| typedef list<MD5Key> KeyChain | KeyChain |
| MD5AuthHandler (EventLoop& eventloop)
| MD5AuthHandler |
Constructor
Parameters:
| eventloop | the EventLoop instance to used for time reference. |
| const char* effective_name ()
| effective_name |
[const]
Get the effective name of the authentication scheme.
Returns: the name of the authentication scheme.
Reimplemented from AuthHandlerBase.
| const char* auth_type_name ()
| auth_type_name |
[static]
Get the method-specific name of the authentication scheme.
Returns: the method-specific name of the authentication scheme.
| void reset ()
| reset |
Reset the authentication state.
Reimplemented from AuthHandlerBase.
| uint32_t additional_payload ()
| additional_payload |
[const]
Additional bytes that will be added to the payload.
Returns: the number of additional bytes that need to be added to the payload.
Reimplemented from AuthHandlerBase.
| bool authenticate_inbound (const vector<uint8_t>& packet,
const IPv4& src_addr,
bool new_peer)
| authenticate_inbound |
Inbound authentication method.
Parameters:
| packet | the packet to verify. |
| src_addr | the source address of the packet. |
| new_peer | true if this is a new peer. |
Returns: true if packet passes authentication checks, false otherwise.
Reimplemented from AuthHandlerBase.
| bool authenticate_outbound (vector<uint8_t>& packet)
| authenticate_outbound |
Outbound authentication method.
Parameters:
| packet | the packet to authenticate. |
Returns: true if packet was successfully authenticated, false when no valid keys are present.
Reimplemented from AuthHandlerBase.
| bool add_key (uint8_t key_id,
const string& key,
const TimeVal& start_timeval,
const TimeVal& end_timeval,
const TimeVal& max_time_drift,
string& error_msg)
| add_key |
Add a key to the MD5 key chain.
If the key already exists, it is updated with the new settings.
Parameters:
| key_id | unique ID associated with key. |
| key | phrase used for MD5 digest computation. |
| start_timeval | start time when key becomes valid. |
| end_timeval | end time when key becomes invalid. |
| max_time_drift | the maximum time drift among all routers. |
| error_msg | the error message (if error). |
Returns: true on success, false if end time is less than start time or key has already expired.
| bool remove_key (uint8_t key_id, string& error_msg)
| remove_key |
Remove a key from the MD5 key chain.
Parameters:
| key_id | unique ID of key to be removed. |
| error_msg | the error message (if error). |
Returns: true if the key was found and removed, otherwise false.
| void key_start_cb (uint8_t key_id)
| key_start_cb |
A callback that a key from the MD5 key chain has become valid.
Parameters:
| key_id | unique ID of the key that has become valid. |
| void key_stop_cb (uint8_t key_id)
| key_stop_cb |
A callback that a key from the MD5 key chain has expired and is invalid.
Parameters:
| key_id | unique ID of the key that has expired. |
| MD5Key* best_outbound_key (const TimeVal& now)
| best_outbound_key |
Select the best key for outbound messages.
The chosen key is the one with most recent start-time in the past. If there is more than one key that matches the criteria, then select the key with greatest ID.
Parameters:
| now | current time. |
| void reset_keys ()
| reset_keys |
Reset the keys for all sources.
| const KeyChain& valid_key_chain ()
| valid_key_chain |
[const]
Get all valid keys managed by the MD5AuthHandler.
Returns: list of all valid keys.
| const KeyChain& invalid_key_chain ()
| invalid_key_chain |
[const]
Get all invalid keys managed by the MD5AuthHandler.
Returns: list of all invalid keys.
| bool empty ()
| empty |
[const]
Test where the MD5AuthHandler contains any keys.
Returns: if the MD5AuthHandler contains any keys, otherwise false.
| EventLoop& _eventloop | _eventloop |
[protected]
| KeyChain _valid_key_chain | _valid_key_chain |
[protected]
| KeyChain _invalid_key_chain | _invalid_key_chain |
[protected]
| NullAuthHandler _null_handler | _null_handler |
[protected]
