diff options
author | Paul Jakma <paul.jakma@sun.com> | 2006-05-04 07:36:34 +0000 |
---|---|---|
committer | Paul Jakma <paul.jakma@sun.com> | 2006-05-04 07:36:34 +0000 |
commit | 15a2b089ced3f1e956659e9ca88af45d1c48272c (patch) | |
tree | 26ae18cd6cb7021307586a6ed16c3e058a92ebc3 /ripd/ChangeLog | |
parent | 9c27ef9b9c26db0af507869c2866c4a8463f4ae7 (diff) |
[ripd] bugs #261, #262: Fix RIPv1 info-leak and unauthenticated route updates
2006-05-04 Paul Jakma <paul.jakma@sun.com>
* (general) Fixes for bugs #261 and 262. Thanks to
Konstantin V. Gavrilenko <kos@arhont.com> for the problem
reports, testing of a series of proposed patches and comment
on the proposed changes in behaviour.
* rip_interface.c: (ip_rip_authentication_mode_cmd) Parse all
of the command before making any changes to configured state.
* ripd.c: (rip_read) RIP version control should be absolute and
always apply, fixes bug #261 by allowing RIPv1 to be disabled.
Fix bug #262: If authentication is enabled, then
unauthenticated packets should not be accepted. We do however
make an exception for RIPv1 REQUEST packets, to which we will
reply as RIPv1 can now be disabled fully, to allow ripd to
still provide routing /information/ to simple devices.
Diffstat (limited to 'ripd/ChangeLog')
-rw-r--r-- | ripd/ChangeLog | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/ripd/ChangeLog b/ripd/ChangeLog index 89302d55..52fb6d69 100644 --- a/ripd/ChangeLog +++ b/ripd/ChangeLog @@ -1,3 +1,19 @@ +2006-05-04 Paul Jakma <paul.jakma@sun.com> + + * (general) Fixes for bugs #261 and 262. Thanks to + Konstantin V. Gavrilenko <kos@arhont.com> for the problem + reports, testing of a series of proposed patches and comment + on the proposed changes in behaviour. + * rip_interface.c: (ip_rip_authentication_mode_cmd) Parse all + of the command before making any changes to configured state. + * ripd.c: (rip_read) RIP version control should be absolute and + always apply, fixes bug #261 by allowing RIPv1 to be disabled. + Fix bug #262: If authentication is enabled, then + unauthenticated packets should not be accepted. We do however + make an exception for RIPv1 REQUEST packets, to which we will + reply as RIPv1 can now be disabled fully, to allow ripd to + still provide routing /information/ to simple devices. + 2006-04-28 Andrew J. Schorr <ajschorr@alumni.princeton.edu> * ripd.c: (rip_update_process) Try to fix the logic for sending |