static int parse_sa_args(int *argcp, char ***argvp, struct sa_desc *sa) { int argc = *argcp; char **argv = *argvp; int ret; bool active_set = false; while (argc > 0) { if (strcmp(*argv, "pn") == 0) { if (sa->pn != 0) duparg2("pn", "pn"); NEXT_ARG(); ret = get_u32(&sa->pn, *argv, 0); if (ret) invarg("expected pn", *argv); if (sa->pn == 0) invarg("expected pn != 0", *argv); } else if (strcmp(*argv, "key") == 0) { unsigned int len; NEXT_ARG(); if (!hexstring_a2n(*argv, sa->key_id, MACSEC_KEYID_LEN, &len)) invarg("expected key id", *argv); NEXT_ARG(); if (!hexstring_a2n(*argv, sa->key, MACSEC_MAX_KEY_LEN, &sa->key_len)) invarg("expected key", *argv); } else if (strcmp(*argv, "on") == 0) { if (active_set) duparg2("on/off", "on"); sa->active = true; active_set = true; } else if (strcmp(*argv, "off") == 0) { if (active_set) duparg2("on/off", "off"); sa->active = false; active_set = true; } else { fprintf(stderr, "macsec: unknown command \"%s\"?\n", *argv); ipmacsec_usage(); } argv++; argc--; } *argvp = argv; *argcp = argc; return 0; }
int main(int argc, char **argv) { int opt; int do_list = 0; char *do_load = NULL; while ((opt = getopt(argc, argv, "h?b:lf:a:n:kR:B:")) != EOF) { switch (opt) { case 'b': dbname = optarg; break; case 'f': if (do_load) { fprintf(stderr, "Duplicate option -f\n"); usage(); } do_load = optarg; break; case 'l': do_list = 1; break; case 'a': active_probing = atoi(optarg); break; case 'n': negative_timeout = atoi(optarg); break; case 'k': no_kernel_broadcasts = 1; break; case 'R': if ((broadcast_rate = atoi(optarg)) <= 0 || (broadcast_rate = 1000/broadcast_rate) <= 0) { fprintf(stderr, "Invalid ARP rate\n"); exit(-1); } break; case 'B': if ((broadcast_burst = atoi(optarg)) <= 0 || (broadcast_burst = 1000*broadcast_burst) <= 0) { fprintf(stderr, "Invalid ARP burst\n"); exit(-1); } break; case 'h': case '?': default: usage(); } } argc -= optind; argv += optind; if (argc > 0) { ifnum = argc; ifnames = argv; ifvec = malloc(argc*sizeof(int)); if (!ifvec) { perror("malloc"); exit(-1); } } if ((udp_sock = socket(AF_INET, SOCK_DGRAM, 0)) < 0) { perror("socket"); exit(-1); } if (ifnum) { int i; struct ifreq ifr; memset(&ifr, 0, sizeof(ifr)); for (i=0; i<ifnum; i++) { strncpy(ifr.ifr_name, ifnames[i], IFNAMSIZ); if (ioctl(udp_sock, SIOCGIFINDEX, &ifr)) { perror("ioctl(SIOCGIFINDEX)"); exit(-1);; } ifvec[i] = ifr.ifr_ifindex; } } dbase = dbopen(dbname, O_CREAT|O_RDWR, 0644, DB_HASH, NULL); if (dbase == NULL) { perror("db_open"); exit(-1); } if (do_load) { char buf[128]; FILE *fp; struct dbkey k; DBT dbkey, dbdat; dbkey.data = &k; dbkey.size = sizeof(k); if (strcmp(do_load, "-") == 0 || strcmp(do_load, "--") == 0) { fp = stdin; } else if ((fp = fopen(do_load, "r")) == NULL) { perror("fopen"); goto do_abort; } buf[sizeof(buf)-1] = 0; while (fgets(buf, sizeof(buf)-1, fp)) { __u8 b1[6]; char ipbuf[128]; char macbuf[128]; if (buf[0] == '#') continue; if (sscanf(buf, "%u%s%s", &k.iface, ipbuf, macbuf) != 3) { fprintf(stderr, "Wrong format of input file \"%s\"\n", do_load); goto do_abort; } if (strncmp(macbuf, "FAILED:", 7) == 0) continue; if (!inet_aton(ipbuf, (struct in_addr*)&k.addr)) { fprintf(stderr, "Invalid IP address: \"%s\"\n", ipbuf); goto do_abort; } dbdat.data = hexstring_a2n(macbuf, b1, 6); if (dbdat.data == NULL) goto do_abort; dbdat.size = 6; if (dbase->put(dbase, &dbkey, &dbdat, 0)) { perror("hash->put"); goto do_abort; } } dbase->sync(dbase, 0); if (fp != stdin) fclose(fp); } if (do_list) { DBT dbkey, dbdat; printf("%-8s %-15s %s\n", "#Ifindex", "IP", "MAC"); while (dbase->seq(dbase, &dbkey, &dbdat, R_NEXT) == 0) { struct dbkey *key = dbkey.data; if (handle_if(key->iface)) { if (!IS_NEG(dbdat.data)) { char b1[18]; printf("%-8d %-15s %s\n", key->iface, inet_ntoa(*(struct in_addr*)&key->addr), hexstring_n2a(dbdat.data, 6, b1, 18)); } else { printf("%-8d %-15s FAILED: %dsec ago\n", key->iface, inet_ntoa(*(struct in_addr*)&key->addr), NEG_AGE(dbdat.data)); } } } } if (do_load || do_list) goto out; pset[0].fd = socket(PF_PACKET, SOCK_DGRAM, 0); if (pset[0].fd < 0) { perror("socket"); exit(-1); } if (1) { struct sockaddr_ll sll; memset(&sll, 0, sizeof(sll)); sll.sll_family = AF_PACKET; sll.sll_protocol = htons(ETH_P_ARP); sll.sll_ifindex = (ifnum == 1 ? ifvec[0] : 0); if (bind(pset[0].fd, (struct sockaddr*)&sll, sizeof(sll)) < 0) { perror("bind"); goto do_abort; } } if (rtnl_open(&rth, RTMGRP_NEIGH) < 0) { perror("rtnl_open"); goto do_abort; } pset[1].fd = rth.fd; load_initial_table(); if (daemon(0, 0)) { perror("arpd: daemon"); goto do_abort; } openlog("arpd", LOG_PID | LOG_CONS, LOG_DAEMON); catch_signal(SIGINT, sig_exit); catch_signal(SIGTERM, sig_exit); catch_signal(SIGHUP, sig_sync); catch_signal(SIGUSR1, sig_stats); #define EVENTS (POLLIN|POLLPRI|POLLERR|POLLHUP) pset[0].events = EVENTS; pset[0].revents = 0; pset[1].events = EVENTS; pset[1].revents = 0; sigsetjmp(env, 1); for (;;) { in_poll = 1; if (do_exit) break; if (do_sync) { in_poll = 0; dbase->sync(dbase, 0); do_sync = 0; in_poll = 1; } if (do_stats) send_stats(); if (poll(pset, 2, 30000) > 0) { in_poll = 0; if (pset[0].revents&EVENTS) get_arp_pkt(); if (pset[1].revents&EVENTS) get_kern_msg(); } else { do_sync = 1; } } undo_sysctl_adjustments(); out: dbase->close(dbase); exit(0); do_abort: dbase->close(dbase); exit(-1); }