|
|
Class to check inbound MD5 authenticated packets and add authentication data to outbound RIP packets. The RIP MD5 authentication scheme is described in RFC 2082.
MD5Key (class) | MD5Key |
Class to hold MD5 key information.
typedef list<MD5Key> KeyChain | KeyChain |
MD5AuthHandler (EventLoop& eventloop)
| MD5AuthHandler |
Constructor
Parameters:
eventloop | the EventLoop instance to used for time reference. |
const char* effective_name ()
| effective_name |
[const]
Get the effective name of the authentication scheme.
Reimplemented from AuthHandlerBase.
const char* auth_type_name ()
| auth_type_name |
[static]
Get the method-specific name of the authentication scheme.
Returns: the method-specific name of the authentication scheme.
void reset ()
| reset |
Reset the authentication state.
Reimplemented from AuthHandlerBase.
uint32_t head_entries ()
| head_entries |
[const]
Get number of routing entries used by authentication scheme at the head of the RIP packet.
Returns: the number of routing entries used by the authentication scheme at the head of the RIP packet: 0 for unauthenticated packets, 1 otherwise.
Reimplemented from AuthHandlerBase.
uint32_t max_routing_entries ()
| max_routing_entries |
[const]
Get maximum number of non-authentication scheme use routing entries in a RIP packet.
Reimplemented from AuthHandlerBase.
bool authenticate_inbound (const uint8_t* packet,
size_t packet_bytes,
const PacketRouteEntry<IPv4>*& entries_start,
uint32_t& n_entries,
const IPv4& src_addr,
bool new_peer)
| authenticate_inbound |
Inbound authentication method.
Parameters:
packet | pointer to first byte of RIP packet. |
packet_bytes | number of bytes in RIP packet. |
entries_start | output variable set to point to first entry in packet. Set to 0 if there are no entries, or on authentication failure. |
n_entries | number of entries in the packet. |
src_addr | the source address of the packet. |
new_peer | true if this is a new peer. |
Returns: true if packet passes authentication checks, false otherwise.
Reimplemented from AuthHandlerBase.
bool authenticate_outbound (RipPacket<IPv4>& packet,
list<RipPacket<IPv4> *>& auth_packets,
size_t& n_routes)
| authenticate_outbound |
Outbound authentication method.
Create a list of authenticated packets (one for each valid authentication key). Note that the original packet is also modified and authenticated with the first valid key.
Parameters:
packet | the RIP packet to authenticate. |
auth_packets | a return-by-reference list with the authenticated RIP packets (one for each valid authentication key). |
n_routes | the return-by-reference number of routes in the packet. |
Returns: true if packet was successfully authenticated, false when no valid keys are present.
Reimplemented from AuthHandlerBase.
bool add_key (uint8_t key_id,
const string& key,
const TimeVal& start_timeval,
const TimeVal& end_timeval,
string& error_msg)
| add_key |
Add a key to the MD5 key chain.
If the key already exists, it is updated with the new settings.
Parameters:
key_id | unique ID associated with key. |
key | phrase used for MD5 digest computation. |
start_timeval | start time when key becomes valid. |
end_timeval | end time when key becomes invalid. |
error_msg | the error message (if error). |
Returns: true on success, false if end time is less than start time or key has already expired.
bool remove_key (uint8_t key_id, string& error_msg)
| remove_key |
Remove a key from the MD5 key chain.
Parameters:
key_id | unique ID of key to be removed. |
error_msg | the error message (if error). |
Returns: true if the key was found and removed, otherwise false.
void key_start_cb (uint8_t key_id)
| key_start_cb |
A callback that a key from the MD5 key chain has become valid.
Parameters:
key_id | unique ID of the key that has become valid. |
void key_stop_cb (uint8_t key_id)
| key_stop_cb |
A callback that a key from the MD5 key chain has expired and is invalid.
Parameters:
key_id | unique ID of the key that has expired. |
void reset_keys ()
| reset_keys |
Reset the keys for all sources.
const KeyChain& valid_key_chain ()
| valid_key_chain |
[const]
Get all valid keys managed by the MD5AuthHandler.
Returns: list of all valid keys.
const KeyChain& invalid_key_chain ()
| invalid_key_chain |
[const]
Get all invalid keys managed by the MD5AuthHandler.
Returns: list of all invalid keys.
bool empty ()
| empty |
[const]
Test where the MD5AuthHandler contains any keys.
Returns: if the MD5AuthHandler contains any keys, otherwise false.
EventLoop& _eventloop | _eventloop |
[protected]
KeyChain _valid_key_chain | _valid_key_chain |
[protected]
KeyChain _invalid_key_chain | _invalid_key_chain |
[protected]
NullAuthHandler _null_handler | _null_handler |
[protected]