addr.c revision 7c478bd95313f5f23a4c958a745db2134aa03244
/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License, Version 1.0 only
* (the "License"). You may not use this file except in compliance
* with the License.
*
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information: Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*/
/*
* Copyright (c) 1999 - 2002 by Sun Microsystems, Inc.
* All rights reserved.
*/
#pragma ident "%Z%%M% %I% %E% SMI"
/*
* This source file contains functions that manupilate addresses. Addresses
* are sections in the config file that look like:
*
* [ Address xxx.xxx.xxx.xxx ] or [ Address foo@bar.com ]
* Type = agent
* SPI = 23
* Pool = 7
*
* Valid for "type = agent" entries ONLY (making these valid for type=node
* should be fairly easy):
* IPSecRequest = apply <properties> : permit <properties>
* IPSecReply = apply <properties> : permit <properties>
* IPSecTunnel = apply <properties> : permit <properties>
* IPSecReverseTunnel = apply <properties> : permit <properties>
*/
#include <stdio.h>
#include <unistd.h>
#include <stdlib.h>
#include <string.h>
#include <libintl.h>
#include <conflib.h>
#include "mipagentconfig.h"
#include "utils.h"
#include "addr.h"
/* Private Prototypes */
static int addrTypeFunc(char *, char *, char *, int, int, char **);
static int ipsecFunc(char *, char *, char *, int, int, char **);
/*
* This is the function table for the Addresses. All of the addresses
* use general functions found in utils.c, except the Type.
*/
static FuncEntry addrFunctions[] = {
/* TAG, Section, Label, AddFunc, ChangeFunc, DeleteFunc, GetFunc */
};
/*
* Function: addrFunc
*
* Arguments: char *configFile, char *Section, char *Label, int command
* int argc, char *argv[]
* number of parameters, and call the appropriate function
* based on the command code.
*
* Returns: int (zero on success)
*/
int
{
char DestSection[MAX_SECTION_LEN];
char *validStrings[] = {
"Node-Default",
};
/* Use Section and label to get rid of lint warnings */
/* ARGV[0] should be the Address */
if (argc < 1) {
gettext("Error: address identifier was not specified. "
"Please specify an identifier for the Address section. "
"Identifiers are either a valid IP address, an NAI "
"(e.g. bob@domain.com), or "));
return (-1);
}
/* Validate Address */
/* Ok not a valid address, check for Defaults */
gettext("Error: invalid identifier for "
"Address section. Identifier must "
"be a valid IP address, a valid NAI "
"(e.g. bob@domain.com), or "));
return (-1);
}
}
/* Build our Section */
/* Finally, look up our functions and call them based on the dest */
if (argc > 1) {
if (!funcEntry) {
gettext("Error: command '%s' is not valid "
"for %s.\n"),
return (-1);
}
}
/* Now check the particular function we need. */
switch (command) {
case Add:
if (argc == 1) {
/* A raw add Warn the user */
gettext("Warning: attributes will be created as "
"parameters are added.\n Example: "
"mipagentconfig add addr 192.168.168.1 SPI 5\n "
"will add the address, and add the SPI "
"configuration to it.\n"));
return (0);
}
break;
case Change:
if (argc == 1) {
gettext("Error: cannot change the identifier of an "
"Address section. Delete, and make a new one.\n"));
return (-1);
}
break;
case Delete:
if (argc == 1) {
}
break;
case Get:
if (argc == 1) {
return (0);
}
break;
}
/* Print error if this function is not allowed (null in table) */
if (!function) {
gettext("Error: <%s> is not valid for '%s' command.\n"),
return (-1);
}
/* And finally, call function */
} /* addrFunc */
/*
* Function: addrTypeFunc
*
* Arguments: char *configFile, char *Section, char *Label, int command
* int argc, char *argv[]
* Description: This function verifys the Type option in address sections.
*
* Returns: int
*/
static int
{
char buffer[MAX_VALUE_LEN];
int rc, LabelExists;
char *validStrings[] = {
"Agent",
"Node",
};
/* Check to see if label already exists */
if (!rc)
LabelExists = TRUE;
else
LabelExists = FALSE;
switch (command) {
case Add:
/* Now, check for the parameters. */
if (argc != 1) {
gettext("Error: entry type wasn't specified. "
"Please specify the type of entry for [%s]. "
"The type must be one of ("), Section);
return (-1);
}
if (LabelExists) {
gettext("Error: %s is already configured in [%s]:\n"
"\t%s = %s\n"),
return (-1);
}
/* Add it! */
argv[0], configFile);
if (rc) {
return (rc);
}
return (0);
} else {
gettext("Error: Address type must be one of ("));
return (-1);
}
break;
case Delete:
if (!LabelExists) {
gettext("Error: %s is not configured in [%s].\n"),
return (-1);
}
if (rc) {
return (rc);
}
return (rc);
break;
case Change:
/* Now, check for the parameters. */
if (argc != 1) {
gettext("Error: entry type wasn't specified. "
"Please specify the type [%s] is to be changed to."
" Valid types are one of ("), Section);
return (-1);
}
if (!LabelExists) {
gettext("Error: %s is not configured in [%s].\n"),
return (-1);
}
/* Change it! */
argv[0], configFile);
if (rc) {
return (rc);
}
return (0);
} else {
gettext("Error: type must be one of ("));
return (-1);
}
break;
case Get:
if (!LabelExists) {
gettext("Error: %s is not configured in [%s].\n"),
return (-1);
}
return (0);
break;
default:
gettext("Error: Invalid command code!\n"));
return (-1);
} /* switch (command) */
} /* addrTypeFunc */
/*
* Function: iposecFunc()
*
* Arguments: char *configFile, char *Section, char *Label, int command
* int argc, char *argv[]
* Description: This function verifys the ipsec properties.
*
* Returns: int
*/
static int
{
int rc, LabelExists;
extern char *validIPsecAction[];
/* Check to see if label already exists */
if (!rc)
LabelExists = TRUE;
else
LabelExists = FALSE;
/*
* mipagentconfig differs from mipagent here in that the configuration
* is broken into argv[]'s, where as when we read this in mipagent it
* comes in one string. For the sake of common code, we put all the
* argv[]'s into one buffer
*/
}
switch (command) {
case Add:
/* what are we adding? */
if (argc < 2) {
/*
* Must have at least "<action> {<property>}" = 2.
* Then again, "<action> {<<tag> <alg>>} = 3...
*/
gettext("Error: IPsec policy is incomplete. "
"Please specify the complete IPsec policy. "
"See ipsec(7p).\n"));
return (-1);
}
if (LabelExists) {
gettext("Error: %s is already configured in [%s]:\n"
"\t%s = %s\n"),
return (-1);
}
/*
* Determine if this is a valid policy. Note: we have to do
* this one IPsec Policy at a time.
*/
gettext("Error: policy %s is not valid "
"Policy may only contain <"), policy);
(void) printValidStrings(validIPsecAction);
gettext("> as actions, and valid IPsec"
"<properties>. See ipsec(7P).\n"));
return (-1);
}
}
/* Checks out, so add it */
if (rc) {
return (rc);
}
return (0);
case Delete:
if (!LabelExists) {
gettext("Error: %s is not configured in [%s].\n"),
return (-1);
}
if (rc)
return (rc);
case Change:
if (argc < 2) {
/* must have at least "<action> {<properties>}" = 2 */
gettext("Error: IPsec Policy incomplete. "
"Please specify the complete new IPsec Policy. "
"See ipsec(7P).\n"));
return (-1);
}
if (!LabelExists) {
gettext("Error: %s is not configured in [%s].\n"),
return (-1);
}
/*
* Is the format of this setting valid? Note: we have to do
* this one IPsec Policy at a time.
*/
gettext("Error: %s is not a valid IPsec "
"policy. Policy may only contain <"),
policy);
(void) printValidStrings(validIPsecAction);
gettext("> as actions, and valid IPsec "
"<properties>. See ipsec(7P).\n"));
return (-1);
}
}
/* Checks out, so change it */
if (rc) {
return (rc);
}
return (0);
case Get:
if (!LabelExists) {
gettext("Error: %s is not configigured in [%s].\n"),
return (-1);
}
return (0);
default:
gettext("Error: Invalid command code!\n"));
return (-1);
} /* switch (command) */
} /* ipsecFunc */