mirror of
https://gitlab.nic.cz/labs/bird.git
synced 2024-10-18 18:08:45 +00:00
41f4b5940f
Add the RPKI protocol (RFC 6810) using the RTRLib (http://rpki.realmv6.org/) that is integrated inside the BIRD's code. Implemeted transports are: - unprotected transport over TCP - secure transport over SSHv2 The code should work properly with one or more cache servers per protocol. Example configuration of bird.conf: ... roa4 table roatable; protocol rpki { table roatable; cache 127.0.0.1; # defaults: port 8282, preference 1, no encryption cache 127.0.0.1 { preference 1; port 2222; ssh encryption { bird private key "/home/birdgeek/.ssh/id_rsa"; cache public key "/home/birdgeek/.ssh/known_hosts"; user "birdgeek"; }; }; cache "rpki-validator.realmv6.org" { preference 2; }; } ...
64 lines
1.8 KiB
C
64 lines
1.8 KiB
C
/*
|
|
* BIRD -- The Resource Public Key Infrastructure (RPKI) to Router Protocol
|
|
*
|
|
* (c) 2015 CZ.NIC
|
|
*
|
|
* This file was part of RTRlib: http://rpki.realmv6.org/
|
|
*
|
|
* Can be freely distributed and used under the terms of the GNU GPL.
|
|
*/
|
|
|
|
/**
|
|
* @defgroup mod_ssh_transport_h SSH transport socket
|
|
* @ingroup mod_transport_h
|
|
* @brief An implementation of the SSH protocol for the RTR transport.
|
|
* @details This transport implementation uses libssh
|
|
* (http://www.libssh.org/) for all ssh specific operations.\n
|
|
* See @ref mod_transport_h "transport interface" for a list of supported
|
|
* operations.
|
|
*
|
|
* @{
|
|
*
|
|
* @example ssh_tr.c
|
|
* Example of how to open a SSH transport connection.
|
|
*/
|
|
|
|
#ifndef SSH_TRANSPORT_H
|
|
#define SSH_TRANSPORT_H
|
|
#include "transport.h"
|
|
|
|
/**
|
|
* @brief A tr_ssh_config struct holds configuration data for an tr_ssh socket.
|
|
* @param host Hostname or IP address to connect to.
|
|
* @param port Port to connect to.
|
|
* @param bindaddr Hostname or IP address to connect from. NULL for
|
|
* determination by OS.
|
|
* @param username Username for authentication.
|
|
* @param server_hostkey_path Path to public SSH key of the server or NULL to
|
|
don't verify host authenticity.
|
|
* @param client_privkey_path Path to private key of the authentication keypair
|
|
* or NULL to use ~/.ssh/id_rsa.
|
|
*/
|
|
struct tr_ssh_config {
|
|
char *host;
|
|
unsigned int port;
|
|
char *username;
|
|
};
|
|
|
|
struct tr_ssh_socket {
|
|
struct rpki_cache *cache;
|
|
char *ident;
|
|
};
|
|
|
|
/**
|
|
* @brief Initializes the tr_socket struct for a SSH connection.
|
|
* @param[in] config SSH configuration for the connection.
|
|
* @param[out] socket Initialized transport socket.
|
|
* @returns TR_SUCCESS On success.
|
|
* @returns TR_ERROR On error.
|
|
*/
|
|
int tr_ssh_init(struct rpki_cache *cache);
|
|
|
|
#endif
|
|
/* @} */
|