Age | Commit message (Collapse) | Author |
|
smux_trap() contains an argument whose use appears to be to set
sysUpTime.0/timestamp field in SNMP trap. However, this value is not
used in smux_trap(). Moreover, it is expected that this field is the
value of sysUpTime.0 when the trap was sent and not any other time
related to the trap. To avoid any confusion, we remove this field from
the signature of the function.
|
|
The correct method to link to NetSNMP is to use net-snmp-config (which
is like pkg-config). Explicit link to libcrypto is also dropped
(NetSNMP libs are linked to libcrypto, no need to link Quagga to
it). Moreover, @SNMP_INCLUDES@ is dropped because useless. Due to a
bug in configure.ac, it was properly populated.
|
|
NetSNMP is the only SNMP implementation for Quagga. We don't need two
different symbols.
|
|
Some .h files in lib/ are autogenerated. The search path should
include the build directory and the source directory. They usually
match but sometimes, they may be different. For example:
$ mkdir build
$ cd build
$ ../configure
$ make
|
|
- And allows to walk the LSDB.
Signed-off-by: Jorge Boncompte [DTI2] <jorge@dti2.net>
|
|
|
|
Protocol version checks fits ospf_packet_examin() better (like it is
implemented in ospf6d), and packet type check is already there.
|
|
The old ospf_check_auth() function did two different jobs depending on
AuType. For Null and Simple cases it actually authenticated the packet,
but for Cryptographic case it only checked declared packet size (not
taking the actual number of bytes on wire into account). The calling
function, ospf_verify_header(), had its own set of MD5/checksum checks
dispatched depending on AuType.
This commit makes the packet size check work against the real number of
bytes and moves it to ospf_packet_examine(). All MD5/checksum
verification is now performed in ospf_check_auth() function.
* ospf_packet.c
* ospf_packet_examin(): check length with MD5 bytes in mind
* ospf_verify_header(): remove all AuType-specific code
* ospf_check_auth(): completely rewrite
|
|
|
|
An OSPFv2 packet with trailing data blocks (authentication and/or
link-local signaling) failed the recently implemented packet length
check, because trailing data length isn't counted in the packet header
"length" field. This commit fixes respective check conditions.
* ospf_packet.c
* ospf_packet_examin(): use "bytesdeclared" instead of "bytesonwire"
|
|
This commit ports more packet checks to OSPFv2, in particular, LSA size
verification and Router-LSA link blocks verification.
* ospf_lsa.h: add LSA size macros
* ospf_packet.h: add struct ospf_ls_update
* ospf_packet.c
* ospf_lsa_minlen[]: a direct equivalent of ospf6_lsa_minlen[]
* ospf_router_lsa_links_examin(): new function, verifies trailing
part of a Router-LSA
* ospf_lsa_examin(): new function like ospf6_lsa_examin()
* ospf_lsaseq_examin(): new function like ospf6_lsaseq_examin()
* ospf_packet_examin(): add type-specific deeper level checks
|
|
Rewrite some pointer arithmetics without the additional variables and
move byte order conversion inside the function.
|
|
1. The only purpose of "ibuf" argument was to get stream size, which
was always equal to OSPF_MAX_PACKET_SIZE + 1, exactly as initialized
in ospf_new().
2. Fix the packet size check condition, which was incorrect for very
large packets, at least in theory.
|
|
This commit ports some of the OSPFv3 packet reception checks
to OSPFv2.
* ospf_packet.c
* ospf_packet_minlen[]: a direct equivalent of ospf6_packet_minlen[]
* ospf_packet_examin(): new function designed after the first part
of ospf6_packet_examin()
* ospf_read(): verify received packet with ospf_packet_examin()
* ospf_packet.h: add convenience macros
|
|
|
|
* ospf_packet.h: add proper str/max extern declarations
* ospf_packet.c
* ospf_packet_type_str: rewrite in "struct message", add max value
* ospf_packet_add(): use LOOKUP()
* ospf_write(): ditto
* ospf_hello(): ditto
* ospf_read(): ditto
* ospf_dump.h: the declaration does not belong here
* ospf_dump.c
* ospf_header_dump(): use LOOKUP()
* show_debugging_ospf(): ditto
|
|
The previous commits modified both zebra and bgpd for additional
SAFI field, but not any other routing daemon, which led to zebra
daemon crashing with failed assertion.
|
|
|
|
The function is implemented in ospf_lsa.c, move its "extern" declaration
to ospf_lsa.h for consistency.
|
|
* ospf_ase.c
* ospf_ase_complete_direct_routes(): dismiss unused variable
|
|
* (general) Move functions in headers into files, to be compiled into
shared object files. Remove inline qualifier from functions. Let the
compiler do the work.
|
|
...otherwise 4294967295 is not a valid value on 32bit systems
|
|
* ospf_abr.c
* ospf_abr_nssa_am_elected(): feed "best" instead of "address of best"
into IPV4_ADDR_CMP(), because "best" is a pointer; also, mean s_addr
field of the structures to get better typed pointers
|
|
* ospf_packet.c (ospf_recv_packet): FreeBSD, starting from version 10, will not
subtract the IP header size from ip_len.
This is the patch from FreeBSD's ports/net/quagga/files/patch-ospfd__ospf_packet.c,
by Boris Kovalenko.
|
|
|
|
this replaces most occurences of routing protocol lists by preprocessor
defines from route_types.h. the latter is autogenerated from
route_types.txt by a perl script (previously awk). adding a routing
protocol now is mostly a matter of changing route_types.txt and log.c.
Conflicts:
lib/route_types.awk
|
|
|
|
|
|
All daemons modified to support custom path to zserv
socket.
lib: generalize a zclient connection
zclient_socket_connect added. zclient_socket and
zclient_socket_un were hidden under static expression.
"zclient_serv_path_set" modified.
|
|
The code for nssa_range and other bits that were written but
never used.
|
|
The old algorithim looked up every node twice as it withdrew
the entry. It looks up entry once in redistribute_withdraw, then
looks it up again info_delete. Use result of first lookup
to do the free directly.
This may explain the slow performance observed in
https://bugzilla.vyatta.com/show_bug.cgi?id=4421
|
|
Make ospf_flood() propagate error returned by ospf_lsa_install() further
to properly discard the malformed LSA, not just prevent the immediate
crash.
|
|
commit '717750433839762d23a5f8d88fe0b4d57c8d490a' causes SEGV error,
when 'oi = ospf_if_lookup_recv_if (ospf, iph->ip_src, ifp);' returns
NULL.
* ospf_packet.c
* ospf_read(): change a place of calling 'ospf_verify_header()'
|
|
|
|
|
|
|
|
* ospf_spf.c
* ROUTER_LSA_TOS_SIZE: prepend OSPF_ and move to ospf_lsa.h
* ROUTER_LSA_MIN_SIZE: replace with existing OSPF_ROUTER_LSA_LINK_SIZE
|
|
* sockopt.[ch] (setsockopt_ipv4_multicast): ifindex is now mandatory (all
non-ancient OSes can use it anyway), and if_addr parameter (the address
of the interface) is now gone. (setsockopt_ipv4_multicast_if):
IP_MULTICAST_IF processing moved to this new function
* ospf_network.c (ospf_if_add_allspfrouters, ospf_if_drop_allspfrouters,
ospf_if_add_alldrouters, ospf_if_drop_alldrouters, ospf_if_ipmulticast),
rip_interface.c (ipv4_multicast_join, ipv4_multicast_leave,
rip_interface_new): adapt to the new interface
|
|
* ospf_route.c: Function ospf_asbr_route_cmp is called uniquely from
ospf_route_cmp() when the flag OSPF_RFC1583_COMPATIBLE is not set.
Therefore, the check that the flag is set doesn't make sense at all
and it can consequently be removed without doing any harm.
Signed-off-by: Alexandre Chappuis <alc@open.ch>
Signed-off-by: Roman Hoog Antink <rha@open.ch>
|
|
This vulnerability (CERT-FI #514838) was reported by CROSS project.
The error is reproducible only when ospfd debugging is enabled:
* debug ospf packet all
* debug ospf zebra
When incoming packet header type field is set to 0x0a, ospfd will crash.
* ospf_packet.c
* ospf_verify_header(): add type field check
* ospf_read(): perform input checks early
|
|
This vulnerability (CERT-FI #514838) was reported by CROSS project.
When only 14 first bytes of a Hello packet is delivered, ospfd crashes.
* ospf_packet.c
* ospf_read(): add size check
|
|
This vulnerability (CERT-FI #514837) was reported by CROSS project.
They have also suggested a fix to the problem, which was found
acceptable.
Quagga ospfd does not seem to handle unknown LSA types in a Link State
Update message correctly. If LSA type is something else than one
supported
by Quagga, the default handling of unknown types leads to an error.
* ospf_flood.c
* ospf_flood(): check return value of ospf_lsa_install()
|
|
|
|
* ospf_apiserver.{c,h}: (ospf_apiserver_lsa_refresher) refreshers must now
return the refreshed LSA.
* ospf_te.{c,h}: (ospf_mpls_te_lsa_refresh) ditto
* ospf_api.c: trivial compiler warning fix
|
|
* ospfd: Refresher logic cleanup broke OSPF opaque, which does its own thing
with regard to refresher logic and which also, in the protocol, requires
implementations to keep state of which OI an LSA is received on (rather
than providing information in the LSA to allow it to be looked up - as
other LSAs requiring such assocation were careful to do).
* ospf_lsa.h: (struct ospf_interface) Add back the pointer to oi, but only
for type-9 now.
* ospf_nsm.c: (ospf_db_summary_add) check the oi actually exists first -
doesn't obviate the need for opaque to ensure oi pointers get cleaned up
when ospf_interfaces disappear.
* ospf_opaque.{c,h}: (ospf_opaque_functab,ospf_opaque_lsa_refresh) Refresher
LSA functions now need to return the LSA to the general refresh logic,
to indicate whether the LSA was refreshed.
|
|
* ospf_lsa.h: (struct ospf_lsa) remove oi pointer
* ospf_lsa.c: (ospf_network_lsa_refresh) instead of keeping a pointer, just
lookup the oi when it's needed. This decouples network LSA from oi lifetime
and avoids having to invalidate pointers in LSAs when an oi changes,
simplifying the code.
|
|
* ospf_lsa.c: (various) unregister LSAs from refresher before flushing.
|
|
2006-05-30 Paul Jakma <paul.jakma@sun.com>
* (general) Fix confusion around MaxAge-ing and problem with
high-latency networks. Analysis and suggested fixes by
Phillip Spagnolo, in [quagga-dev 4132], on which this commit
expands slightly.
* ospf_flood.{c,h}: (ospf_lsa_flush) new function.
Scope-general form of existing flush functions, essentially
the dormant ospf_maxage_flood() but without the ambiguity of
whether it is responsible for flooding.
* ospf_lsa.c: (ospf_lsa_maxage) Role minimised to simply setup
LSA on the Maxage list and schedule removal - no more.
ospf_lsa_flush* being the primary way to kick-off flushes
of LSAs.
Don't hardcode the remover-timer value, which was too
short for very high-latency networks.
(ospf_maxage_lsa_remover) Just do what needs to be done to
remove maxage LSAs from the maxage list, remove the call
to ospf_flood_through().
Don't hardcode remove-timer value.
(ospf_lsa_{install,flush_schedule}) ospf_lsa_flush is the correct
entrypoint to flushing maxaged LSAs.
(lsa_header_set) Use a define for the initial age, useful for
testing.
* ospf_opaque.c: (ospf_opaque_lsa_refresh) ditto.
(ospf_opaque_lsa_flush_schedule) ditto.
* ospfd.h: ({struct ospf,ospf_new}) Add maxage_delay parameter,
interval to wait before running the maxage_remover. Supply a
suitable default.
Add a define for OSPF_LSA_INITIAL_AGE, see lsa_header_set().
|
|
* (general) Get rid of the router and network LSA specific refresh timers
and make the general refresher do this instead. Get rid of the twiddling
of timers for router/network LSA that was spread across the code.
This lays the foundations for future, general LSA refresh improvements,
such as making sequence rollover work, and having generic LSA delays.
* ospfd.h: (struct ospf) Bye bye to the router-lsa update timer thread
pointer.
(struct ospf_area) and to the router-lsa refresh timer.
* ospf_interface.h: Remove the network_lsa_self timer thread pointer
* ospf_lsa.h: (struct ospf_lsa) oi field should always be there, for benefit
of type-2/network LSA processing.
(ospf_{router,network}_lsa_{update_timer,timer_add}) no timers for these
more
(ospf_{router,network}_lsa_update) more generic functions to indicate that some
router/network LSAs need updating
(ospf_router_lsa_update_area) update router lsa in a particular area alone.
(ospf_{summary,summary_asbr,network}_lsa_refresh) replaced by the general
ospf_lsa_refresh function.
(ospf_lsa_refresh) general LSA refresh function
|
|
* ospf_interface.h: (struct ospf_if_params) add field for saved network LSA
seqnum
* ospf_interfa.c: (ospf_new_if_params) init network_lsa_seqnum field to
initial seqnum - doesnt matter though.
* ospf_lsa.c: (ospf_network_lsa_new) check for any saved sequence number,
and use if it exists. Save the result back. This should help avoid needless
round of LSUpdate/LSRequests when a neighbour has to tell the originator
"uhm, i have something newer than that already".
* ospf_vty.c: (show_ip_ospf_interface_sub) Show the saved network LSA seqnum
|