2015-09-17 17:15:30 +02:00
|
|
|
/*
|
|
|
|
* BIRD -- The Resource Public Key Infrastructure (RPKI) to Router Protocol
|
|
|
|
*
|
|
|
|
* (c) 2015 CZ.NIC
|
|
|
|
*
|
|
|
|
* Can be freely distributed and used under the terms of the GNU GPL.
|
|
|
|
*/
|
|
|
|
|
|
|
|
CF_HDR
|
|
|
|
|
|
|
|
#include "proto/rpki/rpki.h"
|
|
|
|
|
|
|
|
CF_DEFINES
|
|
|
|
|
|
|
|
#define RPKI_CFG ((struct rpki_config *) this_proto)
|
|
|
|
|
2015-09-28 00:15:52 +02:00
|
|
|
static struct rpki_cache *this_rpki_cache;
|
|
|
|
|
2015-09-17 17:15:30 +02:00
|
|
|
CF_DECLS
|
|
|
|
|
2015-10-14 14:47:01 +02:00
|
|
|
CF_KEYWORDS(RPKI, CACHE, LIST, PREFERENCE, BIRD, PRIVATE, PUBLIC, KEY, SSH, ENCRYPTION, USER)
|
2015-09-17 17:15:30 +02:00
|
|
|
|
|
|
|
CF_GRAMMAR
|
|
|
|
|
|
|
|
CF_ADDTO(proto, rpki_proto)
|
|
|
|
|
2015-09-28 00:15:52 +02:00
|
|
|
rpki_proto:
|
2015-10-07 15:50:43 +02:00
|
|
|
rpki_proto_start proto_name '{' rpki_proto_opts '}' rpki_proto_finish
|
2015-09-29 10:14:32 +02:00
|
|
|
;
|
2015-09-28 00:15:52 +02:00
|
|
|
|
|
|
|
rpki_proto_start:
|
|
|
|
proto_start RPKI {
|
2015-09-17 17:15:30 +02:00
|
|
|
this_proto = proto_config_new(&proto_rpki, $1);
|
2015-09-28 00:15:52 +02:00
|
|
|
init_list(&RPKI_CFG->cache_list);
|
|
|
|
}
|
|
|
|
;
|
|
|
|
|
2015-10-07 15:50:43 +02:00
|
|
|
rpki_proto_finish:
|
|
|
|
{
|
|
|
|
char *rpki_err_buf = rpki_load_rtrlib();
|
|
|
|
if (rpki_err_buf != NULL)
|
|
|
|
cf_error("Cannot use a RPKI protocol: %s", rpki_err_buf);
|
2015-10-14 14:47:01 +02:00
|
|
|
|
|
|
|
if (RPKI_CFG->roa_table_cf == NULL)
|
|
|
|
cf_error("For the RPKI protocol must be specified a roa table");
|
2015-10-07 15:50:43 +02:00
|
|
|
};
|
|
|
|
|
2015-09-28 00:15:52 +02:00
|
|
|
rpki_proto_opts:
|
|
|
|
/* empty */
|
|
|
|
| rpki_proto_opts rpki_proto_item ';'
|
2015-09-17 17:15:30 +02:00
|
|
|
;
|
|
|
|
|
|
|
|
rpki_proto_item:
|
|
|
|
proto_item
|
2015-10-07 15:50:43 +02:00
|
|
|
| CACHE rpki_cache
|
2015-09-29 10:14:32 +02:00
|
|
|
| ROA TABLE roa_table_cf { RPKI_CFG->roa_table_cf = $3; }
|
2015-09-28 00:15:52 +02:00
|
|
|
;
|
|
|
|
|
2015-10-07 15:50:43 +02:00
|
|
|
rpki_cache:
|
2015-10-14 14:47:01 +02:00
|
|
|
rpki_cache_init rpki_cache_addr rpki_optional_cache_opts rpki_cache_finish {
|
2015-09-28 00:15:52 +02:00
|
|
|
add_tail(&RPKI_CFG->cache_list, &this_rpki_cache->n);
|
|
|
|
}
|
|
|
|
;
|
|
|
|
|
2015-10-14 14:47:01 +02:00
|
|
|
rpki_cache_finish:
|
|
|
|
{
|
|
|
|
if (this_rpki_cache->port[0] == 0) /* empty? */
|
|
|
|
{
|
|
|
|
if (this_rpki_cache->ssh != NULL)
|
|
|
|
strcpy(this_rpki_cache->port, RPKI_SSH_PORT);
|
|
|
|
else
|
|
|
|
strcpy(this_rpki_cache->port, RPKI_PORT);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
;
|
|
|
|
|
2015-09-28 00:15:52 +02:00
|
|
|
rpki_cache_init:
|
2015-10-14 14:47:01 +02:00
|
|
|
{
|
|
|
|
this_rpki_cache = rpki_new_cache();
|
|
|
|
}
|
|
|
|
;
|
|
|
|
|
|
|
|
rpki_cache_addr:
|
|
|
|
text {
|
2015-10-07 15:50:43 +02:00
|
|
|
this_rpki_cache = rpki_new_cache();
|
2015-10-14 14:47:01 +02:00
|
|
|
this_rpki_cache->host = $1;
|
|
|
|
}
|
|
|
|
| ipa {
|
|
|
|
this_rpki_cache->host = cfg_alloc(sizeof(INET6_ADDRSTRLEN));
|
|
|
|
bsnprintf(this_rpki_cache->host, INET6_ADDRSTRLEN, "%I", $1);
|
2015-10-07 15:50:43 +02:00
|
|
|
}
|
|
|
|
;
|
|
|
|
|
|
|
|
rpki_optional_cache_opts:
|
|
|
|
/* empty */
|
|
|
|
| '{' rpki_cache_opts '}'
|
2015-09-28 00:15:52 +02:00
|
|
|
;
|
|
|
|
|
|
|
|
rpki_cache_opts:
|
2015-09-17 17:15:30 +02:00
|
|
|
/* empty */
|
2015-09-28 00:15:52 +02:00
|
|
|
| rpki_cache_opts rpki_cache_opts_item ';'
|
2015-09-17 17:15:30 +02:00
|
|
|
;
|
|
|
|
|
2015-09-28 00:15:52 +02:00
|
|
|
rpki_cache_opts_item:
|
2015-10-07 15:50:43 +02:00
|
|
|
PORT expr {
|
|
|
|
check_u16($2);
|
|
|
|
bsnprintf(this_rpki_cache->port, RPKI_PORT_MAX_LENGTH_STR, "%u", (u16) $2);
|
|
|
|
}
|
|
|
|
| PREFERENCE expr {
|
|
|
|
check_u8($2);
|
|
|
|
this_rpki_cache->preference = $2;
|
|
|
|
}
|
2015-10-14 14:47:01 +02:00
|
|
|
| SSH ENCRYPTION rpki_transport_ssh_init '{' rpki_transport_ssh_opts '}' rpki_transport_ssh_finish
|
|
|
|
;
|
|
|
|
|
|
|
|
rpki_transport_ssh_init:
|
|
|
|
{
|
|
|
|
this_rpki_cache->ssh = cfg_allocz(sizeof(struct rpki_ssh_config));
|
|
|
|
if (strncmp(this_rpki_cache->port, RPKI_PORT, RPKI_PORT_MAX_LENGTH_STR) == 0)
|
|
|
|
strcpy(this_rpki_cache->port, RPKI_SSH_PORT);
|
|
|
|
}
|
|
|
|
;
|
|
|
|
|
|
|
|
rpki_transport_ssh_opts:
|
|
|
|
/* empty */
|
|
|
|
| rpki_transport_ssh_opts rpki_transport_ssh_item ';'
|
2015-09-28 00:15:52 +02:00
|
|
|
;
|
2015-09-17 17:15:30 +02:00
|
|
|
|
2015-10-14 14:47:01 +02:00
|
|
|
rpki_transport_ssh_item:
|
|
|
|
BIRD PRIVATE KEY text {
|
|
|
|
check_file_readability($4);
|
|
|
|
this_rpki_cache->ssh->bird_private_key = $4;
|
|
|
|
}
|
|
|
|
| CACHE PUBLIC KEY text {
|
|
|
|
check_file_readability($4);
|
|
|
|
this_rpki_cache->ssh->cache_public_key = $4;
|
|
|
|
}
|
|
|
|
| USER text {
|
|
|
|
this_rpki_cache->ssh->user = $2;
|
|
|
|
}
|
|
|
|
;
|
|
|
|
|
|
|
|
rpki_transport_ssh_finish:
|
|
|
|
{
|
|
|
|
#define RPKI_PARSE_CACHE_MISS_SSH_OPT(what) "Miss '" what ";' option in the %s protocol at cache server %s inside the ssh encryption block"
|
|
|
|
|
|
|
|
if (!this_rpki_cache->ssh->bird_private_key)
|
|
|
|
cf_error(RPKI_PARSE_CACHE_MISS_SSH_OPT("bird private key \"/path/to/ssh_key/id_rsa\""), RPKI_CFG->c.name, this_rpki_cache->host);
|
|
|
|
|
|
|
|
if (!this_rpki_cache->ssh->cache_public_key)
|
|
|
|
cf_error(RPKI_PARSE_CACHE_MISS_SSH_OPT("cache public key \"/path/to/ssh_key/known_hosts\""), RPKI_CFG->c.name, this_rpki_cache->host);
|
|
|
|
|
|
|
|
if (!this_rpki_cache->ssh->user)
|
|
|
|
cf_error(RPKI_PARSE_CACHE_MISS_SSH_OPT("user \"ssh_username\""), RPKI_CFG->c.name, this_rpki_cache->host);
|
|
|
|
}
|
|
|
|
|
2015-09-17 17:15:30 +02:00
|
|
|
CF_CODE
|
|
|
|
|
|
|
|
CF_END
|