diff options
| author | Donald Sharp <sharpd@cumulusnetworks.com> | 2016-03-11 14:27:11 -0500 |
|---|---|---|
| committer | Donald Sharp <sharpd@cumulusnetworks.com> | 2016-10-07 21:05:06 -0400 |
| commit | 3c8ab49fd1edd6c3f6f83abd9d4b8ae97c11ecde (patch) | |
| tree | a45e90de1c4583abc82c1f025d32c9f57c48c068 /lib/command.c | |
| parent | 1796a585f07b76a6855e32f339bfd7346432dd2d (diff) | |
bgpd, lib: Remove RESTRICTED_NODE from code base
The RESTRICTED_NODE command is not used, introduces code
complexity and provides no additional levels of security.
The only way to get into RESTRICTED_NODE is to add, under
vty configuration the command 'anonymous restricted', and
then telnet to a daemon, provide a password, then type
'enable' and fail to enter the password three times.
Then the user can enter a very limited set of commands to
monitor bgp and only bgp behavior.
This commit removes both the RESTRICTED_NODE usage as well
as the lib/* usage of the code
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Diffstat (limited to 'lib/command.c')
| -rw-r--r-- | lib/command.c | 20 |
1 files changed, 0 insertions, 20 deletions
diff --git a/lib/command.c b/lib/command.c index 9d8bd46580..5ebab1450d 100644 --- a/lib/command.c +++ b/lib/command.c @@ -97,12 +97,6 @@ static struct cmd_node view_node = "%s> ", }; -static struct cmd_node restricted_node = -{ - RESTRICTED_NODE, - "%s$ ", -}; - static struct cmd_node auth_enable_node = { AUTH_ENABLE_NODE, @@ -2019,7 +2013,6 @@ cmd_try_do_shortcut (enum node_type node, char* first_word) { node != VIEW_NODE && node != AUTH_ENABLE_NODE && node != ENABLE_NODE && - node != RESTRICTED_NODE && 0 == strcmp( "do", first_word ) ) return 1; return 0; @@ -2918,7 +2911,6 @@ DEFUN (config_exit, { case VIEW_NODE: case ENABLE_NODE: - case RESTRICTED_NODE: if (vty_shell (vty)) exit (0); else @@ -3001,7 +2993,6 @@ DEFUN (config_end, { case VIEW_NODE: case ENABLE_NODE: - case RESTRICTED_NODE: /* Nothing to do. */ break; case CONFIG_NODE: @@ -4206,7 +4197,6 @@ cmd_init (int terminal) install_node (&enable_node, NULL); install_node (&auth_node, NULL); install_node (&auth_enable_node, NULL); - install_node (&restricted_node, NULL); install_node (&config_node, config_write_host); /* Each node's basic commands. */ @@ -4223,15 +4213,6 @@ cmd_init (int terminal) install_element (VIEW_NODE, &show_logging_cmd); install_element (VIEW_NODE, &show_commandtree_cmd); install_element (VIEW_NODE, &echo_cmd); - - install_element (RESTRICTED_NODE, &config_list_cmd); - install_element (RESTRICTED_NODE, &config_exit_cmd); - install_element (RESTRICTED_NODE, &config_quit_cmd); - install_element (RESTRICTED_NODE, &config_help_cmd); - install_element (RESTRICTED_NODE, &config_enable_cmd); - install_element (RESTRICTED_NODE, &config_terminal_length_cmd); - install_element (RESTRICTED_NODE, &config_terminal_no_length_cmd); - install_element (RESTRICTED_NODE, &echo_cmd); } if (terminal) @@ -4300,7 +4281,6 @@ cmd_init (int terminal) install_element (VIEW_NODE, &show_thread_cpu_cmd); install_element (ENABLE_NODE, &show_thread_cpu_cmd); - install_element (RESTRICTED_NODE, &show_thread_cpu_cmd); install_element (ENABLE_NODE, &clear_thread_cpu_cmd); install_element (VIEW_NODE, &show_work_queues_cmd); |