Fix parser to match current behaviour and make auth-type et al. part of the

global and per area defaults. With this it is now possible to define one
set of auth-md keys and use them in every defined interface. OK norby@

5 files changed, 70 insertions, 46 deletions

diff --git a/usr.sbin/ospfd/auth.c b/usr.sbin/ospfd/auth.c
index 8a1c1d88d34..02f70a54783 100644
--- a/usr.sbin/ospfd/auth.c
+++ b/usr.sbin/ospfd/auth.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: auth.c,v 1.9 2006/03/08 15:35:07 claudio Exp $ */
+/*	$OpenBSD: auth.c,v 1.10 2006/04/24 20:18:03 claudio Exp $ */
 
 /*
  * Copyright (c) 2004, 2005 Esben Norby <norby@openbsd.org>
@@ -28,6 +28,8 @@
 #include "log.h"
 #include "ospfe.h"
 
+struct auth_md *md_list_find(struct auth_md_head *, u_int8_t);
+
 int
 auth_validate(void *buf, u_int16_t len, struct iface *iface, struct nbr *nbr)
 {
@@ -71,8 +73,8 @@ auth_validate(void *buf, u_int16_t len, struct iface *iface, struct nbr *nbr)
 		 * (iface->auth_keyid). This allows for key rotation to new
 		 * keys without taking down the network.
 		 */
-		if ((md = md_list_find(iface, ospf_hdr->auth_key.crypt.keyid))
-		    == NULL) {
+		if ((md = md_list_find(&iface->auth_md_list,
+		    ospf_hdr->auth_key.crypt.keyid)) == NULL) {
 			log_debug("auth_validate: keyid %d not configured, "
 			    "interface %s", ospf_hdr->auth_key.crypt.keyid,
 			    iface->name);
@@ -170,7 +172,8 @@ auth_gen(struct buf *buf, struct iface *iface)
 		iface->crypt_seq_num++;
 
 		/* insert plaintext key */
-		if ((md = md_list_find(iface, iface->auth_keyid)) == NULL) {
+		if ((md = md_list_find(&iface->auth_md_list,
+		    iface->auth_keyid)) == NULL) {
 			log_debug("auth_validate: keyid %d not configured, "
 			    "interface %s", iface->auth_keyid, iface->name);
 			return (-1);
@@ -197,17 +200,11 @@ auth_gen(struct buf *buf, struct iface *iface)
 
 /* md list */
 void
-md_list_init(struct iface *iface)
+md_list_add(struct auth_md_head *head, u_int8_t keyid, char *key)
 {
-	TAILQ_INIT(&iface->auth_md_list);
-}
-
-void
-md_list_add(struct iface *iface, u_int8_t keyid, char *key)
-{
-	struct auth_md	*m, *md;
+	struct auth_md	*md;
 
-	if ((md = md_list_find(iface, keyid)) != NULL) {
+	if ((md = md_list_find(head, keyid)) != NULL) {
 		/* update key */
 		strncpy(md->key, key, sizeof(md->key));
 		return;
@@ -218,33 +215,43 @@ md_list_add(struct iface *iface, u_int8_t keyid, char *key)
 
 	md->keyid = keyid;
 	strncpy(md->key, key, sizeof(md->key));
+	TAILQ_INSERT_TAIL(head, md, entry);
+}
 
-	TAILQ_FOREACH(m, &iface->auth_md_list, entry) {
-		if (m->keyid > keyid) {
-			TAILQ_INSERT_BEFORE(m, md, entry);
-			return;
-		}
+void
+md_list_copy(struct auth_md_head *to, struct auth_md_head *from)
+{
+	struct auth_md	*m, *md;
+
+	TAILQ_INIT(to);
+	
+	TAILQ_FOREACH(m, from, entry) {
+		if ((md = calloc(1, sizeof(struct auth_md))) == NULL)
+			fatalx("md_list_add");
+
+		md->keyid = m->keyid;
+		strncpy(md->key, m->key, sizeof(md->key));
+		TAILQ_INSERT_TAIL(to, md, entry);
 	}
-	TAILQ_INSERT_TAIL(&iface->auth_md_list, md, entry);
 }
 
 void
-md_list_clr(struct iface *iface)
+md_list_clr(struct auth_md_head *head)
 {
 	struct auth_md	*m;
 
-	while ((m = TAILQ_FIRST(&iface->auth_md_list)) != NULL) {
-		TAILQ_REMOVE(&iface->auth_md_list, m, entry);
+	while ((m = TAILQ_FIRST(head)) != NULL) {
+		TAILQ_REMOVE(head, m, entry);
 		free(m);
 	}
 }
 
 struct auth_md *
-md_list_find(struct iface *iface, u_int8_t keyid)
+md_list_find(struct auth_md_head *head, u_int8_t keyid)
 {
 	struct auth_md	*m;
 
-	TAILQ_FOREACH(m, &iface->auth_md_list, entry)
+	TAILQ_FOREACH(m, head, entry)
 		if (m->keyid == keyid)
 			return (m);
 
diff --git a/usr.sbin/ospfd/interface.c b/usr.sbin/ospfd/interface.c
index f3162e7aa23..f18f93246a0 100644
--- a/usr.sbin/ospfd/interface.c
+++ b/usr.sbin/ospfd/interface.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: interface.c,v 1.50 2006/04/16 11:40:54 henning Exp $ */
+/*	$OpenBSD: interface.c,v 1.51 2006/04/24 20:18:03 claudio Exp $ */
 
 /*
  * Copyright (c) 2005 Claudio Jeker <claudio@openbsd.org>
@@ -162,7 +162,7 @@ if_new(struct kif *kif)
 
 	LIST_INIT(&iface->nbr_list);
 	TAILQ_INIT(&iface->ls_ack_list);
-	md_list_init(iface);
+	TAILQ_INIT(&iface->auth_md_list);
 
 	iface->crypt_seq_num = arc4random() & 0x0fffffff;
 
@@ -241,7 +241,7 @@ if_del(struct iface *iface)
 		nbr_del(nbr);
 
 	ls_ack_list_clr(iface);
-	md_list_clr(iface);
+	md_list_clr(&iface->auth_md_list);
 	free(iface);
 }
 
diff --git a/usr.sbin/ospfd/ospfd.h b/usr.sbin/ospfd/ospfd.h
index a128365cd4f..d15b711a0c4 100644
--- a/usr.sbin/ospfd/ospfd.h
+++ b/usr.sbin/ospfd/ospfd.h
@@ -1,4 +1,4 @@
-/*	$OpenBSD: ospfd.h,v 1.55 2006/04/20 17:04:30 claudio Exp $ */
+/*	$OpenBSD: ospfd.h,v 1.56 2006/04/24 20:18:03 claudio Exp $ */
 
 /*
  * Copyright (c) 2004 Esben Norby <norby@openbsd.org>
@@ -309,6 +309,7 @@ struct auth_md {
 
 /* lsa list used in RDE and OE */
 TAILQ_HEAD(lsa_head, lsa_entry);
+TAILQ_HEAD(auth_md_head, auth_md);
 
 struct iface {
 	LIST_ENTRY(iface)	 entry;
@@ -317,7 +318,7 @@ struct iface {
 	struct event		 lsack_tx_timer;
 
 	LIST_HEAD(, nbr)	 nbr_list;
-	TAILQ_HEAD(, auth_md)	 auth_md_list;
+	struct auth_md_head	 auth_md_list;
 	struct lsa_head		 ls_ack_list;
 
 	char			 name[IF_NAMESIZE];
diff --git a/usr.sbin/ospfd/ospfe.h b/usr.sbin/ospfd/ospfe.h
index 96a072506c7..4f01ee52dd6 100644
--- a/usr.sbin/ospfd/ospfe.h
+++ b/usr.sbin/ospfd/ospfe.h
@@ -1,4 +1,4 @@
-/*	$OpenBSD: ospfe.h,v 1.27 2006/03/13 09:36:06 claudio Exp $ */
+/*	$OpenBSD: ospfe.h,v 1.28 2006/04/24 20:18:03 claudio Exp $ */
 
 /*
  * Copyright (c) 2004, 2005 Esben Norby <norby@openbsd.org>
@@ -97,10 +97,9 @@ struct nbr {
 int		 auth_validate(void *buf, u_int16_t len, struct iface *,
 		     struct nbr *);
 int		 auth_gen(struct buf *, struct iface *);
-void		 md_list_init(struct iface *);
-void		 md_list_add(struct iface *, u_int8_t, char *);
-void		 md_list_clr(struct iface *);
-struct auth_md	*md_list_find(struct iface *, u_int8_t);
+void		 md_list_add(struct auth_md_head *, u_int8_t, char *);
+void		 md_list_copy(struct auth_md_head *, struct auth_md_head *);
+void		 md_list_clr(struct auth_md_head *);
 
 /* database.c */
 int	 send_db_description(struct nbr *);
diff --git a/usr.sbin/ospfd/parse.y b/usr.sbin/ospfd/parse.y
index a7887687c3e..a10ba21eb02 100644
--- a/usr.sbin/ospfd/parse.y
+++ b/usr.sbin/ospfd/parse.y
@@ -1,4 +1,4 @@
-/*	$OpenBSD: parse.y,v 1.28 2006/04/20 17:04:30 claudio Exp $ */
+/*	$OpenBSD: parse.y,v 1.29 2006/04/24 20:18:03 claudio Exp $ */
 
 /*
  * Copyright (c) 2004, 2005 Esben Norby <norby@openbsd.org>
@@ -64,11 +64,15 @@ int	 check_file_secrecy(int fd, const char *fname);
 u_int32_t	get_rtr_id(void);
 
 struct config_defaults {
+	char		auth_key[MAX_SIMPLE_AUTH_LEN];
+	struct auth_md_head	 md_list;
 	u_int32_t	dead_interval;
 	u_int16_t	transmit_delay;
 	u_int16_t	hello_interval;
 	u_int16_t	rxmt_interval;
 	u_int16_t	metric;
+	enum auth_type	auth_type;
+	u_int8_t	auth_keyid;
 	u_int8_t	priority;
 };
 
@@ -243,7 +247,7 @@ authmd		: AUTHMD number STRING {
 				free($3);
 				YYERROR;
 			}
-			md_list_add(iface, $2, $3);
+			md_list_add(&defs->md_list, $2, $3);
 			free($3);
 		}
 
@@ -253,7 +257,7 @@ authmdkeyid	: AUTHMDKEYID number {
 				    "(%d-%d)", MIN_MD_ID, MAX_MD_ID);
 				YYERROR;
 			}
-			iface->auth_keyid = $2;
+			defs->auth_keyid = $2;
 		}
 
 authtype	: AUTHTYPE STRING {
@@ -271,7 +275,7 @@ authtype	: AUTHTYPE STRING {
 				YYERROR;
 			}
 			free($2);
-			iface->auth_type = type;
+			defs->auth_type = type;
 		}
 		;
 
@@ -282,8 +286,8 @@ authkey		: AUTHKEY STRING {
 					free($2);
 					YYERROR;
 			}
-			strncpy(iface->auth_key, $2,
-			    sizeof(iface->auth_key));
+			strncpy(defs->auth_key, $2,
+			    sizeof(defs->auth_key));
 			free($2);
 		}
 		;
@@ -339,6 +343,11 @@ defaults	: METRIC number {
 			}
 			defs->rxmt_interval = $2;
 		}
+		| authtype
+		| authkey
+		| authmdkeyid
+		| authmd
+		;
 
 optnl		: '\n' optnl
 		|
@@ -358,9 +367,11 @@ area		: AREA STRING {
 			area = conf_get_area(id);
 
 			memcpy(&areadefs, defs, sizeof(areadefs));
+			md_list_copy(&areadefs.md_list, &defs->md_list);
 			defs = &areadefs;
 		} '{' optnl areaopts_l '}' {
 			area = NULL;
+			md_list_clr(&defs->md_list);
 			defs = &globaldefs;
 		}
 		;
@@ -390,6 +401,7 @@ interface	: INTERFACE STRING	{
 			    iface, entry);
 
 			memcpy(&ifacedefs, defs, sizeof(ifacedefs));
+			md_list_copy(&ifacedefs.md_list, &defs->md_list);
 			defs = &ifacedefs;
 		} interface_block {
 			iface->dead_interval = defs->dead_interval;
@@ -398,7 +410,12 @@ interface	: INTERFACE STRING	{
 			iface->rxmt_interval = defs->rxmt_interval;
 			iface->metric = defs->metric;
 			iface->priority = defs->priority;
-
+			iface->auth_type = defs->auth_type;
+			iface->auth_keyid = defs->auth_keyid;
+			memcpy(iface->auth_key, defs->auth_key,
+			    sizeof(iface->auth_key));
+			md_list_copy(&iface->auth_md_list, &defs->md_list);
+			md_list_clr(&defs->md_list);
 			iface = NULL;
 			/* interface is always part of an area */
 			defs = &areadefs;
@@ -414,11 +431,7 @@ interfaceopts_l	: interfaceopts_l interfaceoptsl
 		| interfaceoptsl
 		;
 
-interfaceoptsl	: authmd nl
-		| authkey nl
-		| authmdkeyid nl
-		| authtype nl
-		| PASSIVE nl		{ iface->passive = 1; }
+interfaceoptsl	: PASSIVE nl		{ iface->passive = 1; }
 		| defaults nl
 		;
 
@@ -690,6 +703,7 @@ parse_config(char *filename, int opts)
 
 	bzero(&globaldefs, sizeof(globaldefs));
 	defs = &globaldefs;
+	TAILQ_INIT(&defs->md_list);
 	defs->dead_interval = DEFAULT_RTR_DEAD_TIME;
 	defs->transmit_delay = DEFAULT_TRANSMIT_DELAY;
 	defs->hello_interval = DEFAULT_HELLO_INTERVAL;
@@ -737,6 +751,9 @@ parse_config(char *filename, int opts)
 		}
 	}
 
+	/* free global config defaults */
+	md_list_clr(&globaldefs.md_list);
+
 	if (errors) {
 		clear_config(conf);
 		return (NULL);