/*

 * seg6.c "ip sr/seg6"

 *

 *	  This program is free software; you can redistribute it and/or

 *	  modify it under the terms of the GNU General Public License

 *	  version 2 as published by the Free Software Foundation;

 *

 * Author: David Lebrun <david.lebrun@uclouvain.be>

 */

#include <stdio.h>

#include <stdlib.h>

#include <string.h>

#include <unistd.h>

#include <errno.h>

#include <sys/types.h>

#include <sys/socket.h>

#include <arpa/inet.h>

#include <sys/ioctl.h>

#include <linux/if.h>

#include <linux/genetlink.h>

#include <linux/seg6_genl.h>

#include <linux/seg6_hmac.h>

#include "utils.h"

#include "ip_common.h"

#include "libgenl.h"

#include "json_print.h"

#define HMAC_KEY_PROMPT "Enter secret for HMAC key ID (blank to delete): "

static void usage(void)

{

	fprintf(stderr,

		"Usage: ip sr { COMMAND | help }\n"

		"	   ip sr hmac show\n"

		"	   ip sr hmac set KEYID ALGO\n"

		"	   ip sr tunsrc show\n"

		"	   ip sr tunsrc set ADDRESS\n"

		"where  ALGO := { sha1 | sha256 }\n");

	exit(-1);

}

static struct rtnl_handle grth = { .fd = -1 };

static int genl_family = -1;

#define SEG6_REQUEST(_req, _bufsiz, _cmd, _flags) \

	GENL_REQUEST(_req, _bufsiz, genl_family, 0, \

				SEG6_GENL_VERSION, _cmd, _flags)

static struct {

	unsigned int cmd;

	inet_prefix addr;

	__u32 keyid;

	const char *pass;

	__u8 alg_id;

} opts;

static void print_dumphmac(struct rtattr *attrs[])

{

	char secret[64];

	char *algstr;

	__u8 slen = rta_getattr_u8(attrs[SEG6_ATTR_SECRETLEN]);

	__u8 alg_id = rta_getattr_u8(attrs[SEG6_ATTR_ALGID]);

	memset(secret, 0, 64);

	if (slen > 63) {

		fprintf(stderr, "HMAC secret length %d > 63, truncated\n", slen);

		slen = 63;

	}

	memcpy(secret, RTA_DATA(attrs[SEG6_ATTR_SECRET]), slen);

	switch (alg_id) {

	case SEG6_HMAC_ALGO_SHA1:

		algstr = "sha1";

		break;

	case SEG6_HMAC_ALGO_SHA256:

		algstr = "sha256";

		break;

	default:

		algstr = "<unknown>";

	}

	print_uint(PRINT_ANY, "hmac", "hmac %u ",

		   rta_getattr_u32(attrs[SEG6_ATTR_HMACKEYID]));

	print_string(PRINT_ANY, "algo", "algo %s ", algstr);

	print_string(PRINT_ANY, "secret", "secret \"%s\"\n", secret);

}

static void print_tunsrc(struct rtattr *attrs[])

{

	const char *dst

		= rt_addr_n2a(AF_INET6, 16,

			      RTA_DATA(attrs[SEG6_ATTR_DST]));

	print_string(PRINT_ANY, "tunsrc",

		     "tunsrc addr %s\n", dst);

}

static int process_msg(struct nlmsghdr *n, void *arg)

{

	struct rtattr *attrs[SEG6_ATTR_MAX + 1];

	struct genlmsghdr *ghdr;

	int len = n->nlmsg_len;

	if (n->nlmsg_type != genl_family)

		return -1;

	len -= NLMSG_LENGTH(GENL_HDRLEN);

	if (len < 0)

		return -1;

	ghdr = NLMSG_DATA(n);

	parse_rtattr(attrs, SEG6_ATTR_MAX, (void *)ghdr + GENL_HDRLEN, len);

	open_json_object(NULL);

	switch (ghdr->cmd) {

	case SEG6_CMD_DUMPHMAC:

		print_dumphmac(attrs);

		break;

	case SEG6_CMD_GET_TUNSRC:

		print_tunsrc(attrs);

		break;

	}

	close_json_object();

	return 0;

}

static int seg6_do_cmd(void)

{

	SEG6_REQUEST(req, 1024, opts.cmd, NLM_F_REQUEST);

	struct nlmsghdr *answer;

	int repl = 0, dump = 0;

	if (genl_family < 0) {

		if (rtnl_open_byproto(&grth, 0, NETLINK_GENERIC) < 0) {

			fprintf(stderr, "Cannot open generic netlink socket\n");

			exit(1);

		}

		genl_family = genl_resolve_family(&grth, SEG6_GENL_NAME);

		if (genl_family < 0)

			exit(1);

		req.n.nlmsg_type = genl_family;

	}

	switch (opts.cmd) {

	case SEG6_CMD_SETHMAC:

	{

		addattr32(&req.n, sizeof(req), SEG6_ATTR_HMACKEYID, opts.keyid);

		addattr8(&req.n, sizeof(req), SEG6_ATTR_SECRETLEN,

			 strlen(opts.pass));

		addattr8(&req.n, sizeof(req), SEG6_ATTR_ALGID, opts.alg_id);

		if (strlen(opts.pass))

			addattr_l(&req.n, sizeof(req), SEG6_ATTR_SECRET,

				  opts.pass, strlen(opts.pass));

		break;

	}

	case SEG6_CMD_SET_TUNSRC:

		addattr_l(&req.n, sizeof(req), SEG6_ATTR_DST, opts.addr.data,

			  sizeof(struct in6_addr));

		break;

	case SEG6_CMD_DUMPHMAC:

		dump = 1;

		break;

	case SEG6_CMD_GET_TUNSRC:

		repl = 1;

		break;

	}

	if (!repl && !dump) {

		if (rtnl_talk(&grth, &req.n, NULL) < 0)

			return -1;

	} else if (repl) {

		if (rtnl_talk(&grth, &req.n, &answer) < 0)

			return -2;

		new_json_obj(json);

		if (process_msg(answer, stdout) < 0) {

			fprintf(stderr, "Error parsing reply\n");

			exit(1);

		}

		delete_json_obj();

		free(answer);

	} else {

		req.n.nlmsg_flags |= NLM_F_DUMP;

		req.n.nlmsg_seq = grth.dump = ++grth.seq;

		if (rtnl_send(&grth, &req, req.n.nlmsg_len) < 0) {

			perror("Failed to send dump request");

			exit(1);

		}

		new_json_obj(json);

		if (rtnl_dump_filter(&grth, process_msg, stdout) < 0) {

			fprintf(stderr, "Dump terminated\n");

			exit(1);

		}

		delete_json_obj();

		fflush(stdout);

	}

	return 0;

}

int do_seg6(int argc, char **argv)

{

	if (argc < 1 || matches(*argv, "help") == 0)

		usage();

	memset(&opts, 0, sizeof(opts));

	if (matches(*argv, "hmac") == 0) {

		NEXT_ARG();

		if (matches(*argv, "show") == 0) {

			opts.cmd = SEG6_CMD_DUMPHMAC;

		} else if (matches(*argv, "set") == 0) {

			NEXT_ARG();

			if (get_u32(&opts.keyid, *argv, 0) || opts.keyid == 0)

				invarg("hmac KEYID value is invalid", *argv);

			NEXT_ARG();

			if (strcmp(*argv, "sha1") == 0) {

				opts.alg_id = SEG6_HMAC_ALGO_SHA1;

			} else if (strcmp(*argv, "sha256") == 0) {

				opts.alg_id = SEG6_HMAC_ALGO_SHA256;

			} else {

				invarg("hmac ALGO value is invalid", *argv);

			}

			opts.cmd = SEG6_CMD_SETHMAC;

			opts.pass = getpass(HMAC_KEY_PROMPT);

		} else {

			invarg("unknown", *argv);

		}

	} else if (matches(*argv, "tunsrc") == 0) {

		NEXT_ARG();

		if (matches(*argv, "show") == 0) {

			opts.cmd = SEG6_CMD_GET_TUNSRC;

		} else if (matches(*argv, "set") == 0) {

			NEXT_ARG();

			opts.cmd = SEG6_CMD_SET_TUNSRC;

			get_addr(&opts.addr, *argv, AF_INET6);

		} else {

			invarg("unknown", *argv);

		}

	} else {

		invarg("unknown", *argv);

	}

	return seg6_do_cmd();

}