In addition to the support of master key in kernel, we add the 'master'
option to the 'tipc node set key' command for user to be able to
specify a key as master key during the key setting. This is carried out
by turning on the new netlink flag - 'TIPC_NLA_NODE_KEY_MASTER'.
For example:
$ tipc node set key "this_is_a_master_key" master
The command's help menu is also updated to give a better description of
all the available options.
Acked-by: Jon Maloy <jma...@redhat.com>
Signed-off-by: Tuong Lien <tuong.t.l...@dektech.com.au>
---
tipc/node.c | 46 +++++++++++++++++++++++++++++-----------------
1 file changed, 29 insertions(+), 17 deletions(-)
diff --git a/tipc/node.c b/tipc/node.c
index ffdaeaea..1ff0baa4 100644
--- a/tipc/node.c
+++ b/tipc/node.c
@@ -160,19 +160,21 @@ static int cmd_node_set_nodeid(struct nlmsghdr *nlh,
const struct cmd *cmd,
static void cmd_node_set_key_help(struct cmdl *cmdl)
{
fprintf(stderr,
- "Usage: %s node set key KEY [algname ALGNAME] [nodeid
NODEID]\n\n"
+ "Usage: %s node set key KEY [algname ALGNAME] [PROPERTIES]\n\n"
+ "KEY\n"
+ " Symmetric KEY & SALT as a composite ASCII or hex string
(0x...) in form:\n"
+ " [KEY: 16, 24 or 32 octets][SALT: 4 octets]\n\n"
+ "ALGNAME\n"
+ " Cipher algorithm [default: \"gcm(aes)\"]\n\n"
"PROPERTIES\n"
- " KEY - Symmetric KEY & SALT as a normal or
hex string\n"
- " that consists of two parts:\n"
- " [KEY: 16, 24 or 32 octets][SALT: 4
octets]\n\n"
- " algname ALGNAME - Default: \"gcm(aes)\"\n\n"
- " nodeid NODEID - Own or peer node identity to which
the key will\n"
- " be attached. If not present, the key
is a cluster\n"
- " key!\n\n"
+ " master - Set KEY as a cluster master key\n"
+ " <empty> - Set KEY as a cluster key\n"
+ " nodeid NODEID - Set KEY as a per-node key for own or
peer\n\n"
"EXAMPLES\n"
- " %s node set key this_is_a_key16_salt algname \"gcm(aes)\"
nodeid node1\n"
- " %s node set key 0x746869735F69735F615F6B657931365F73616C74
nodeid node2\n\n",
- cmdl->argv[0], cmdl->argv[0], cmdl->argv[0]);
+ " %s node set key this_is_a_master_key master\n"
+ " %s node set key 0x746869735F69735F615F6B657931365F73616C74\n"
+ " %s node set key this_is_a_key16_salt algname \"gcm(aes)\"
nodeid 1001002\n\n",
+ cmdl->argv[0], cmdl->argv[0], cmdl->argv[0], cmdl->argv[0]);
}
static int cmd_node_set_key(struct nlmsghdr *nlh, const struct cmd *cmd,
@@ -187,24 +189,21 @@ static int cmd_node_set_key(struct nlmsghdr *nlh, const
struct cmd *cmd,
struct opt opts[] = {
{ "algname", OPT_KEYVAL, NULL },
{ "nodeid", OPT_KEYVAL, NULL },
+ { "master", OPT_KEY, NULL },
{ NULL }
};
struct nlattr *nest;
- struct opt *opt_algname, *opt_nodeid;
+ struct opt *opt_algname, *opt_nodeid, *opt_master;
char buf[MNL_SOCKET_BUFFER_SIZE];
uint8_t id[TIPC_NODEID_LEN] = {0,};
int keysize;
char *str;
- if (help_flag) {
+ if (help_flag || cmdl->optind >= cmdl->argc) {
(cmd->help)(cmdl);
return -EINVAL;
}
- if (cmdl->optind >= cmdl->argc) {
- fprintf(stderr, "error, missing key\n");
- return -EINVAL;
- }
/* Get user key */
str = shift_cmdl(cmdl);
@@ -230,17 +229,30 @@ static int cmd_node_set_key(struct nlmsghdr *nlh, const
struct cmd *cmd,
return -EINVAL;
}
+ /* Get master key indication */
+ opt_master = get_opt(opts, "master");
+
+ /* Sanity check if wrong option */
+ if (opt_nodeid && opt_master) {
+ fprintf(stderr, "error, per-node key cannot be master\n");
+ return -EINVAL;
+ }
+
/* Init & do the command */
nlh = msg_init(buf, TIPC_NL_KEY_SET);
if (!nlh) {
fprintf(stderr, "error, message initialisation failed\n");
return -1;
}
+
nest = mnl_attr_nest_start(nlh, TIPC_NLA_NODE);
keysize = tipc_aead_key_size(&input.key);
mnl_attr_put(nlh, TIPC_NLA_NODE_KEY, keysize, &input.key);
if (opt_nodeid)
mnl_attr_put(nlh, TIPC_NLA_NODE_ID, TIPC_NODEID_LEN, id);
+ if (opt_master)
+ mnl_attr_put(nlh, TIPC_NLA_NODE_KEY_MASTER, 0, NULL);
+
mnl_attr_nest_end(nlh, nest);
return msg_doit(nlh, NULL, NULL);
}
--
2.26.2
