diff options
| author | Stig Thormodsrud <stig@vyatta.com> | 2008-02-11 17:11:10 -0800 |
|---|---|---|
| committer | Stig Thormodsrud <stig@vyatta.com> | 2008-02-11 17:11:10 -0800 |
| commit | a566e4c18da64a05ef79e9b044ac3b1c5a1ba959 (patch) | |
| tree | 687356f20c6787443b71c354b50455f60bb9b01c /templates | |
| parent | 454891904e38dedca6e2c5f8a6fdf95809e46c21 (diff) | |
| download | vyatta-cfg-quagga-a566e4c18da64a05ef79e9b044ac3b1c5a1ba959.tar.gz vyatta-cfg-quagga-a566e4c18da64a05ef79e9b044ac3b1c5a1ba959.zip | |
Fix 2810 ospf authentications gets truncated to 8 characters
- Add syntax checks to verify length of passwords.
Diffstat (limited to 'templates')
10 files changed, 106 insertions, 39 deletions
diff --git a/templates/interfaces/ethernet/node.tag/ip/ospf/authentication/md5/key-id/node.def b/templates/interfaces/ethernet/node.tag/ip/ospf/authentication/md5/key-id/node.def index 273a974a..33ce3afd 100644 --- a/templates/interfaces/ethernet/node.tag/ip/ospf/authentication/md5/key-id/node.def +++ b/templates/interfaces/ethernet/node.tag/ip/ospf/authentication/md5/key-id/node.def @@ -2,7 +2,7 @@ tag: type: u32 help: Configure MD5 key id syntax:expression: $VAR(@) >= 1 && $VAR(@) <= 255; "ID must be between (1-255)" -commit:expression: $VAR(md5-key/) != ""; "must add the md5-key for key-id $VAR(@)" +commit:expression: $VAR(md5-key/) != ""; "Must add the md5-key for key-id $VAR(@)" delete:expression: "touch /tmp/ospf-md5.$PPID" end:expression: "\ if [ -f \"/tmp/ospf-md5.$PPID\" ]; then \ diff --git a/templates/interfaces/ethernet/node.tag/ip/ospf/authentication/md5/key-id/node.tag/md5-key/node.def b/templates/interfaces/ethernet/node.tag/ip/ospf/authentication/md5/key-id/node.tag/md5-key/node.def index 3efdfdd3..7cbcad83 100644 --- a/templates/interfaces/ethernet/node.tag/ip/ospf/authentication/md5/key-id/node.tag/md5-key/node.def +++ b/templates/interfaces/ethernet/node.tag/ip/ospf/authentication/md5/key-id/node.tag/md5-key/node.def @@ -1,2 +1,9 @@ type: txt help: Configure md5 key +syntax:expression: exec " \ + if [ `echo -n $VAR(@) | wc -c` -gt 16 ]; then \ + echo MD5 key must be 16 characters or less ; \ + exit 1 ; \ + fi ; " +comp_help: possible completions: + <text> MD5 Key (16 characters or less) diff --git a/templates/interfaces/ethernet/node.tag/ip/ospf/authentication/md5/node.def b/templates/interfaces/ethernet/node.tag/ip/ospf/authentication/md5/node.def index ca2e9a86..132ac718 100644 --- a/templates/interfaces/ethernet/node.tag/ip/ospf/authentication/md5/node.def +++ b/templates/interfaces/ethernet/node.tag/ip/ospf/authentication/md5/node.def @@ -1,10 +1,11 @@ help: Configure MD5 key id -update:expression: "${vyatta_sbindir}/vyatta-vtysh.pl -c \"configure terminal\" \ - -c \"interface $VAR(../../../../@) \" \ - -c \"no ip ospf authentication \" \ - -c \"ip ospf authentication message-digest\"; " -delete:expression: "${vyatta_sbindir}/vyatta-vtysh.pl -c \"configure terminal\" \ - -c \"interface $VAR(../../../../@) \" \ - -c \"no ip ospf authentication \"; " - +update:expression: "${vyatta_sbindir}/vyatta-vtysh.pl \ + -c \"configure terminal\" \ + -c \"interface $VAR(../../../../@) \" \ + -c \"no ip ospf authentication \" \ + -c \"ip ospf authentication message-digest\"; " +delete:expression: "${vyatta_sbindir}/vyatta-vtysh.pl \ + -c \"configure terminal\" \ + -c \"interface $VAR(../../../../@) \" \ + -c \"no ip ospf authentication \"; " diff --git a/templates/interfaces/ethernet/node.tag/ip/ospf/authentication/simple/node.def b/templates/interfaces/ethernet/node.tag/ip/ospf/authentication/simple/node.def index 4a8f5729..a2a1ef7a 100644 --- a/templates/interfaces/ethernet/node.tag/ip/ospf/authentication/simple/node.def +++ b/templates/interfaces/ethernet/node.tag/ip/ospf/authentication/simple/node.def @@ -1,12 +1,20 @@ type: txt help: Configure simple password -update:expression: "${vyatta_sbindir}/vyatta-vtysh.pl -c \"configure terminal\" \ - -c \"interface $VAR(../../../../@) \" \ - -c \"no ip ospf authentication \" \ - -c \"ip ospf authentication \" \ +syntax:expression: exec " \ + if [ `echo -n $VAR(@) | wc -c` -gt 8 ]; then \ + echo Password must be 8 characters or less ; \ + exit 1 ; \ + fi ; " +update:expression: "${vyatta_sbindir}/vyatta-vtysh.pl \ + -c \"configure terminal\" \ + -c \"interface $VAR(../../../../@) \" \ + -c \"no ip ospf authentication \" \ + -c \"ip ospf authentication \" \ -c \"ip ospf authentication-key $VAR(@) \"; " -delete:expression: "${vyatta_sbindir}/vyatta-vtysh.pl -c \"configure terminal\" \ - -c \"interface $VAR(../../../../@) \" \ - -c \"no ip ospf authentication \" \ +delete:expression: "${vyatta_sbindir}/vyatta-vtysh.pl \ + -c \"configure terminal\" \ + -c \"interface $VAR(../../../../@) \" \ + -c \"no ip ospf authentication \" \ -c \"no ip ospf authentication-key \"; " - +comp_help: possible completions: + <text> Simple password (8 characters or less) diff --git a/templates/interfaces/ethernet/node.tag/ip/rip/authentication/md5/node.tag/password/node.def b/templates/interfaces/ethernet/node.tag/ip/rip/authentication/md5/node.tag/password/node.def index 29f41aa5..c07b459b 100644 --- a/templates/interfaces/ethernet/node.tag/ip/rip/authentication/md5/node.tag/password/node.def +++ b/templates/interfaces/ethernet/node.tag/ip/rip/authentication/md5/node.tag/password/node.def @@ -1,8 +1,23 @@ type: txt help: Authentication password -update:expression: "${vyatta_sbindir}/vyatta-vtysh.pl -c \"configure terminal\" -c \"interface $VAR(../../../../../@)\" \ - -c \"ip rip authentication mode md5\" -c \"ip rip authentication key-chain $VAR(../../../../../@)-rip\" \ - -c \"key chain $VAR(../../../../../@)-rip\" -c \"key $VAR(../@)\" -c \"key-string $VAR(@)\" " -delete:expression: "${vyatta_sbindir}/vyatta-vtysh.pl -noerr -c \"configure terminal\" -c \"interface $VAR(../../../../../@)\" \ - -c \"no ip rip authentication mode md5\" -c \"no ip rip authentication key-chain $VAR(../../../../../@)-rip\" \ - -c \"no key chain $VAR(../../../../../@)-rip\" " +syntax:expression: exec " \ + if [ `echo -n $VAR(@) | wc -c` -gt 16 ]; then \ + echo MD5 key must be 16 characters or less ; \ + exit 1 ; \ + fi ; " + +update:expression: "${vyatta_sbindir}/vyatta-vtysh.pl \ + -c \"configure terminal\" -c \"interface $VAR(../../../../../@)\" \ + -c \"ip rip authentication mode md5\" \ + -c \"ip rip authentication key-chain $VAR(../../../../../@)-rip\" \ + -c \"key chain $VAR(../../../../../@)-rip\" -c \"key $VAR(../@)\" \ + -c \"key-string $VAR(@)\" " + +delete:expression: "${vyatta_sbindir}/vyatta-vtysh.pl -noerr \ + -c \"configure terminal\" -c \"interface $VAR(../../../../../@)\" \ + -c \"no ip rip authentication mode md5\" \ + -c \"no ip rip authentication key-chain $VAR(../../../../../@)-rip\" \ + -c \"no key chain $VAR(../../../../../@)-rip\" " + +comp_help: possible completions: + <text> MD5 Key (16 characters or less) diff --git a/templates/interfaces/ethernet/node.tag/ip/rip/authentication/simple-password/node.def b/templates/interfaces/ethernet/node.tag/ip/rip/authentication/simple-password/node.def index 82cbc16e..af7a0a1f 100644 --- a/templates/interfaces/ethernet/node.tag/ip/rip/authentication/simple-password/node.def +++ b/templates/interfaces/ethernet/node.tag/ip/rip/authentication/simple-password/node.def @@ -1,6 +1,19 @@ type: txt help: Simple password authentication key -update:expression: "${vyatta_sbindir}/vyatta-vtysh.pl -c \"configure terminal\" -c \"interface $VAR(../../../../@)\" \ - -c \"ip rip authentication mode text\" -c \"ip rip authentication string $VAR(@)\"; " -delete:expression: "${vyatta_sbindir}/vyatta-vtysh.pl -c \"configure terminal\" -c \"interface $VAR(../../../../@)\" \ - -c \"no ip rip authentication mode\" -c \"no ip rip authentication string $VAR(@)\"; " +syntax:expression: exec " \ + if [ `echo -n $VAR(@) | wc -c` -gt 16 ]; then \ + echo Password must be 16 characters or less ; \ + exit 1 ; \ + fi ; " + +update:expression: "${vyatta_sbindir}/vyatta-vtysh.pl \ + -c \"configure terminal\" -c \"interface $VAR(../../../../@)\" \ + -c \"ip rip authentication mode text\" \ + -c \"ip rip authentication string $VAR(@)\"; " + +delete:expression: "${vyatta_sbindir}/vyatta-vtysh.pl \ + -c \"configure terminal\" -c \"interface $VAR(../../../../@)\" \ + -c \"no ip rip authentication mode\" \ + -c \"no ip rip authentication string $VAR(@)\"; " +comp_help: possible completions: + <text> Password (16 characters or less) diff --git a/templates/protocols/ospf/area/node.tag/virtual-link/node.tag/authentication/md5/key-id/node.def b/templates/protocols/ospf/area/node.tag/virtual-link/node.tag/authentication/md5/key-id/node.def index d73b4404..1710e6d2 100644 --- a/templates/protocols/ospf/area/node.tag/virtual-link/node.tag/authentication/md5/key-id/node.def +++ b/templates/protocols/ospf/area/node.tag/virtual-link/node.tag/authentication/md5/key-id/node.def @@ -2,7 +2,7 @@ tag: type: u32 help: Configure MD5 key id syntax:expression: $VAR(@) >= 1 && $VAR(@) <= 255; "ID must be between (1-255)" -commit:expression: $VAR(md5-key/) != ""; "must add the md5-key for key-id $VAR(@)" +commit:expression: $VAR(md5-key/) != ""; "Must add the md5-key for key-id $VAR(@)" delete:expression: "touch /tmp/ospf-md5.$PPID" end:expression: "\ if [ -f \"/tmp/ospf-md5.$PPID\" ]; then \ diff --git a/templates/protocols/ospf/area/node.tag/virtual-link/node.tag/authentication/md5/key-id/node.tag/md5-key/node.def b/templates/protocols/ospf/area/node.tag/virtual-link/node.tag/authentication/md5/key-id/node.tag/md5-key/node.def index 3efdfdd3..7cbcad83 100644 --- a/templates/protocols/ospf/area/node.tag/virtual-link/node.tag/authentication/md5/key-id/node.tag/md5-key/node.def +++ b/templates/protocols/ospf/area/node.tag/virtual-link/node.tag/authentication/md5/key-id/node.tag/md5-key/node.def @@ -1,2 +1,9 @@ type: txt help: Configure md5 key +syntax:expression: exec " \ + if [ `echo -n $VAR(@) | wc -c` -gt 16 ]; then \ + echo MD5 key must be 16 characters or less ; \ + exit 1 ; \ + fi ; " +comp_help: possible completions: + <text> MD5 Key (16 characters or less) diff --git a/templates/protocols/ospf/area/node.tag/virtual-link/node.tag/authentication/md5/node.def b/templates/protocols/ospf/area/node.tag/virtual-link/node.tag/authentication/md5/node.def index d7760159..ec24b76b 100644 --- a/templates/protocols/ospf/area/node.tag/virtual-link/node.tag/authentication/md5/node.def +++ b/templates/protocols/ospf/area/node.tag/virtual-link/node.tag/authentication/md5/node.def @@ -1,11 +1,14 @@ help: Configure MD5 key id -create:expression: "${vyatta_sbindir}/vyatta-vtysh.pl -c \"configure terminal\" \ - -c \"router ospf\" \ +create:expression: "${vyatta_sbindir}/vyatta-vtysh.pl \ + -c \"configure terminal\" \ + -c \"router ospf\" \ -c \"no area $VAR(../../../@) virtual-link $VAR(../../@) \ - authentication-key\" \ - -c \"area $VAR(../../../@) virtual-link $VAR(../../@) \ - authentication message-digest\"; " -delete:expression: "${vyatta_sbindir}/vyatta-vtysh.pl -c \"configure terminal\" \ + authentication-key\" \ + -c \"area $VAR(../../../@) virtual-link $VAR(../../@) \ + authentication message-digest\"; " + +delete:expression: "${vyatta_sbindir}/vyatta-vtysh.pl \ + -c \"configure terminal\" \ -c \"router ospf\" \ -c \"area $VAR(../../../@) virtual-link $VAR(../../@) \ - authentication null\"; " + authentication null\"; " diff --git a/templates/protocols/ospf/area/node.tag/virtual-link/node.tag/authentication/simple/node.def b/templates/protocols/ospf/area/node.tag/virtual-link/node.tag/authentication/simple/node.def index 36a924d2..ab694398 100644 --- a/templates/protocols/ospf/area/node.tag/virtual-link/node.tag/authentication/simple/node.def +++ b/templates/protocols/ospf/area/node.tag/virtual-link/node.tag/authentication/simple/node.def @@ -1,7 +1,20 @@ type: txt help: Configure simple password -update:expression: "${vyatta_sbindir}/vyatta-vtysh.pl -c \"configure terminal\" -c \"router ospf\" \ - -c \"area $VAR(../../../@) virtual-link $VAR(../../@) authentication authentication-key $VAR(@) \"; " -delete:expression: "${vyatta_sbindir}/vyatta-vtysh.pl -c \"configure terminal\" -c \"router ospf\" \ - -c \"no area $VAR(../../../@) virtual-link $VAR(../../@) authentication authentication-key \"; " +syntax:expression: exec " \ + if [ `echo -n $VAR(@) | wc -c` -gt 8 ]; then \ + echo Password must be 8 characters or less ; \ + exit 1 ; \ + fi ; " +update:expression: "${vyatta_sbindir}/vyatta-vtysh.pl \ + -c \"configure terminal\" -c \"router ospf\" \ + -c \"area $VAR(../../../@) virtual-link $VAR(../../@) \ + authentication authentication-key $VAR(@) \"; " + +delete:expression: "${vyatta_sbindir}/vyatta-vtysh.pl \ + -c \"configure terminal\" -c \"router ospf\" \ + -c \"no area $VAR(../../../@) virtual-link $VAR(../../@) \ + authentication authentication-key \"; " + +comp_help: possible completions: + <text> Simple password (8 characters or less) |