static int parse_sa_args(int *argcp, char ***argvp, struct sa_desc *sa)
{
int argc = *argcp;
char **argv = *argvp;
int ret;
bool active_set = false;
while (argc > 0) {
if (strcmp(*argv, "pn") == 0) {
if (sa->pn != 0)
duparg2("pn", "pn");
NEXT_ARG();
ret = get_u32(&sa->pn, *argv, 0);
if (ret)
invarg("expected pn", *argv);
if (sa->pn == 0)
invarg("expected pn != 0", *argv);
} else if (strcmp(*argv, "key") == 0) {
unsigned int len;
NEXT_ARG();
if (!hexstring_a2n(*argv, sa->key_id, MACSEC_KEYID_LEN,
&len))
invarg("expected key id", *argv);
NEXT_ARG();
if (!hexstring_a2n(*argv, sa->key, MACSEC_MAX_KEY_LEN,
&sa->key_len))
invarg("expected key", *argv);
} else if (strcmp(*argv, "on") == 0) {
if (active_set)
duparg2("on/off", "on");
sa->active = true;
active_set = true;
} else if (strcmp(*argv, "off") == 0) {
if (active_set)
duparg2("on/off", "off");
sa->active = false;
active_set = true;
} else {
fprintf(stderr, "macsec: unknown command \"%s\"?\n",
*argv);
ipmacsec_usage();
}
argv++; argc--;
}
*argvp = argv;
*argcp = argc;
return 0;
}
int main(int argc, char **argv)
{
int opt;
int do_list = 0;
char *do_load = NULL;
while ((opt = getopt(argc, argv, "h?b:lf:a:n:kR:B:")) != EOF) {
switch (opt) {
case 'b':
dbname = optarg;
break;
case 'f':
if (do_load) {
fprintf(stderr, "Duplicate option -f\n");
usage();
}
do_load = optarg;
break;
case 'l':
do_list = 1;
break;
case 'a':
active_probing = atoi(optarg);
break;
case 'n':
negative_timeout = atoi(optarg);
break;
case 'k':
no_kernel_broadcasts = 1;
break;
case 'R':
if ((broadcast_rate = atoi(optarg)) <= 0 ||
(broadcast_rate = 1000/broadcast_rate) <= 0) {
fprintf(stderr, "Invalid ARP rate\n");
exit(-1);
}
break;
case 'B':
if ((broadcast_burst = atoi(optarg)) <= 0 ||
(broadcast_burst = 1000*broadcast_burst) <= 0) {
fprintf(stderr, "Invalid ARP burst\n");
exit(-1);
}
break;
case 'h':
case '?':
default:
usage();
}
}
argc -= optind;
argv += optind;
if (argc > 0) {
ifnum = argc;
ifnames = argv;
ifvec = malloc(argc*sizeof(int));
if (!ifvec) {
perror("malloc");
exit(-1);
}
}
if ((udp_sock = socket(AF_INET, SOCK_DGRAM, 0)) < 0) {
perror("socket");
exit(-1);
}
if (ifnum) {
int i;
struct ifreq ifr;
memset(&ifr, 0, sizeof(ifr));
for (i=0; i<ifnum; i++) {
strncpy(ifr.ifr_name, ifnames[i], IFNAMSIZ);
if (ioctl(udp_sock, SIOCGIFINDEX, &ifr)) {
perror("ioctl(SIOCGIFINDEX)");
exit(-1);;
}
ifvec[i] = ifr.ifr_ifindex;
}
}
dbase = dbopen(dbname, O_CREAT|O_RDWR, 0644, DB_HASH, NULL);
if (dbase == NULL) {
perror("db_open");
exit(-1);
}
if (do_load) {
char buf[128];
FILE *fp;
struct dbkey k;
DBT dbkey, dbdat;
dbkey.data = &k;
dbkey.size = sizeof(k);
if (strcmp(do_load, "-") == 0 || strcmp(do_load, "--") == 0) {
fp = stdin;
} else if ((fp = fopen(do_load, "r")) == NULL) {
perror("fopen");
goto do_abort;
}
buf[sizeof(buf)-1] = 0;
while (fgets(buf, sizeof(buf)-1, fp)) {
__u8 b1[6];
char ipbuf[128];
char macbuf[128];
if (buf[0] == '#')
continue;
if (sscanf(buf, "%u%s%s", &k.iface, ipbuf, macbuf) != 3) {
fprintf(stderr, "Wrong format of input file \"%s\"\n", do_load);
goto do_abort;
}
if (strncmp(macbuf, "FAILED:", 7) == 0)
continue;
if (!inet_aton(ipbuf, (struct in_addr*)&k.addr)) {
fprintf(stderr, "Invalid IP address: \"%s\"\n", ipbuf);
goto do_abort;
}
dbdat.data = hexstring_a2n(macbuf, b1, 6);
if (dbdat.data == NULL)
goto do_abort;
dbdat.size = 6;
if (dbase->put(dbase, &dbkey, &dbdat, 0)) {
perror("hash->put");
goto do_abort;
}
}
dbase->sync(dbase, 0);
if (fp != stdin)
fclose(fp);
}
if (do_list) {
DBT dbkey, dbdat;
printf("%-8s %-15s %s\n", "#Ifindex", "IP", "MAC");
while (dbase->seq(dbase, &dbkey, &dbdat, R_NEXT) == 0) {
struct dbkey *key = dbkey.data;
if (handle_if(key->iface)) {
if (!IS_NEG(dbdat.data)) {
char b1[18];
printf("%-8d %-15s %s\n",
key->iface,
inet_ntoa(*(struct in_addr*)&key->addr),
hexstring_n2a(dbdat.data, 6, b1, 18));
} else {
printf("%-8d %-15s FAILED: %dsec ago\n",
key->iface,
inet_ntoa(*(struct in_addr*)&key->addr),
NEG_AGE(dbdat.data));
}
}
}
}
if (do_load || do_list)
goto out;
pset[0].fd = socket(PF_PACKET, SOCK_DGRAM, 0);
if (pset[0].fd < 0) {
perror("socket");
exit(-1);
}
if (1) {
struct sockaddr_ll sll;
memset(&sll, 0, sizeof(sll));
sll.sll_family = AF_PACKET;
sll.sll_protocol = htons(ETH_P_ARP);
sll.sll_ifindex = (ifnum == 1 ? ifvec[0] : 0);
if (bind(pset[0].fd, (struct sockaddr*)&sll, sizeof(sll)) < 0) {
perror("bind");
goto do_abort;
}
}
if (rtnl_open(&rth, RTMGRP_NEIGH) < 0) {
perror("rtnl_open");
goto do_abort;
}
pset[1].fd = rth.fd;
load_initial_table();
if (daemon(0, 0)) {
perror("arpd: daemon");
goto do_abort;
}
openlog("arpd", LOG_PID | LOG_CONS, LOG_DAEMON);
catch_signal(SIGINT, sig_exit);
catch_signal(SIGTERM, sig_exit);
catch_signal(SIGHUP, sig_sync);
catch_signal(SIGUSR1, sig_stats);
#define EVENTS (POLLIN|POLLPRI|POLLERR|POLLHUP)
pset[0].events = EVENTS;
pset[0].revents = 0;
pset[1].events = EVENTS;
pset[1].revents = 0;
sigsetjmp(env, 1);
for (;;) {
in_poll = 1;
if (do_exit)
break;
if (do_sync) {
in_poll = 0;
dbase->sync(dbase, 0);
do_sync = 0;
in_poll = 1;
}
if (do_stats)
send_stats();
if (poll(pset, 2, 30000) > 0) {
in_poll = 0;
if (pset[0].revents&EVENTS)
get_arp_pkt();
if (pset[1].revents&EVENTS)
get_kern_msg();
} else {
do_sync = 1;
}
}
undo_sysctl_adjustments();
out:
dbase->close(dbase);
exit(0);
do_abort:
dbase->close(dbase);
exit(-1);
}
