summaryrefslogtreecommitdiff
path: root/ospfd
AgeCommit message (Collapse)Author
2012-06-25smux: remove `tick` argument from smux_trap()Vincent Bernat
smux_trap() contains an argument whose use appears to be to set sysUpTime.0/timestamp field in SNMP trap. However, this value is not used in smux_trap(). Moreover, it is expected that this field is the value of sysUpTime.0 when the trap was sent and not any other time related to the trap. To avoid any confusion, we remove this field from the signature of the function.
2012-06-25build: use net-snmp-config to configure NetSNMPVincent Bernat
The correct method to link to NetSNMP is to use net-snmp-config (which is like pkg-config). Explicit link to libcrypto is also dropped (NetSNMP libs are linked to libcrypto, no need to link Quagga to it). Moreover, @SNMP_INCLUDES@ is dropped because useless. Due to a bug in configure.ac, it was properly populated.
2012-06-25build: only define HAVE_SNMPVincent Bernat
NetSNMP is the only SNMP implementation for Quagga. We don't need two different symbols.
2012-06-25build: allow configure and build in a separate directoryVincent Bernat
Some .h files in lib/ are autogenerated. The search path should include the build directory and the source directory. They usually match but sometimes, they may be different. For example: $ mkdir build $ cd build $ ../configure $ make
2012-04-16ospfd: Fixes a crash of the daemon with a snmp walkJorge Boncompte [DTI2]
- And allows to walk the LSDB. Signed-off-by: Jorge Boncompte [DTI2] <jorge@dti2.net>
2012-04-11ospfd: adjust OSPF_ROUTER_LSA_MIN_SIZE for VL caseDenis Ovsienko
2012-03-12ospfd: reduce ospf_verify_header()Denis Ovsienko
Protocol version checks fits ospf_packet_examin() better (like it is implemented in ospf6d), and packet type check is already there.
2012-03-12ospfd: bring ospf_check_auth() into focusDenis Ovsienko
The old ospf_check_auth() function did two different jobs depending on AuType. For Null and Simple cases it actually authenticated the packet, but for Cryptographic case it only checked declared packet size (not taking the actual number of bytes on wire into account). The calling function, ospf_verify_header(), had its own set of MD5/checksum checks dispatched depending on AuType. This commit makes the packet size check work against the real number of bytes and moves it to ospf_packet_examine(). All MD5/checksum verification is now performed in ospf_check_auth() function. * ospf_packet.c * ospf_packet_examin(): check length with MD5 bytes in mind * ospf_verify_header(): remove all AuType-specific code * ospf_check_auth(): completely rewrite
2012-03-12ospfd: introduce ospf_auth_type_str[]Denis Ovsienko
2012-03-12ospfd: fix packet length check for auth/LLS casesDenis Ovsienko
An OSPFv2 packet with trailing data blocks (authentication and/or link-local signaling) failed the recently implemented packet length check, because trailing data length isn't counted in the packet header "length" field. This commit fixes respective check conditions. * ospf_packet.c * ospf_packet_examin(): use "bytesdeclared" instead of "bytesonwire"
2012-03-12ospfd: introduce ospf_lsa_minlen[] (BZ#705)Denis Ovsienko
This commit ports more packet checks to OSPFv2, in particular, LSA size verification and Router-LSA link blocks verification. * ospf_lsa.h: add LSA size macros * ospf_packet.h: add struct ospf_ls_update * ospf_packet.c * ospf_lsa_minlen[]: a direct equivalent of ospf6_lsa_minlen[] * ospf_router_lsa_links_examin(): new function, verifies trailing part of a Router-LSA * ospf_lsa_examin(): new function like ospf6_lsa_examin() * ospf_lsaseq_examin(): new function like ospf6_lsaseq_examin() * ospf_packet_examin(): add type-specific deeper level checks
2012-03-12ospfd: review ospf_check_md5_digest()Denis Ovsienko
Rewrite some pointer arithmetics without the additional variables and move byte order conversion inside the function.
2012-03-12ospfd: review ospf_check_auth()Denis Ovsienko
1. The only purpose of "ibuf" argument was to get stream size, which was always equal to OSPF_MAX_PACKET_SIZE + 1, exactly as initialized in ospf_new(). 2. Fix the packet size check condition, which was incorrect for very large packets, at least in theory.
2012-03-12ospfd: introduce ospf_packet_minlen[] (BZ#705)Denis Ovsienko
This commit ports some of the OSPFv3 packet reception checks to OSPFv2. * ospf_packet.c * ospf_packet_minlen[]: a direct equivalent of ospf6_packet_minlen[] * ospf_packet_examin(): new function designed after the first part of ospf6_packet_examin() * ospf_read(): verify received packet with ospf_packet_examin() * ospf_packet.h: add convenience macros
2012-03-12ospfd: fix ospf_packet_add_top() to use LOOKUP()Denis Ovsienko
2012-03-12ospfd: use LOOKUP() for ospf_packet_type_strDenis Ovsienko
* ospf_packet.h: add proper str/max extern declarations * ospf_packet.c * ospf_packet_type_str: rewrite in "struct message", add max value * ospf_packet_add(): use LOOKUP() * ospf_write(): ditto * ospf_hello(): ditto * ospf_read(): ditto * ospf_dump.h: the declaration does not belong here * ospf_dump.c * ospf_header_dump(): use LOOKUP() * show_debugging_ospf(): ditto
2012-01-23fix zebra protocol after MP-BGP changesDenis Ovsienko
The previous commits modified both zebra and bgpd for additional SAFI field, but not any other routing daemon, which led to zebra daemon crashing with failed assertion.
2012-01-08ospfd: use IS_LSA_SELF() where appropriateDenis Ovsienko
2012-01-08ospfd: justify ospf_default_originate_timer()Denis Ovsienko
The function is implemented in ospf_lsa.c, move its "extern" declaration to ospf_lsa.h for consistency.
2012-01-08ospfd: address more trivial compiler warningsDenis Ovsienko
* ospf_ase.c * ospf_ase_complete_direct_routes(): dismiss unused variable
2012-01-06general: remove inline qualifiers and move in-header functions to objectsPaul Jakma
* (general) Move functions in headers into files, to be compiled into shared object files. Remove inline qualifier from functions. Let the compiler do the work.
2012-01-02lib: fix some strtoul() use casesUlrich Weber
...otherwise 4294967295 is not a valid value on 32bit systems
2012-01-02ospfd: fix bug in NSSA ABR status checkDenis Ovsienko
* ospf_abr.c * ospf_abr_nssa_am_elected(): feed "best" instead of "address of best" into IPV4_ADDR_CMP(), because "best" is a pointer; also, mean s_addr field of the structures to get better typed pointers
2012-01-02ospfd: fix packet reception for FreeBSD 10.Dmitrij Tejblum
* ospf_packet.c (ospf_recv_packet): FreeBSD, starting from version 10, will not subtract the IP header size from ip_len. This is the patch from FreeBSD's ports/net/quagga/files/patch-ospfd__ospf_packet.c, by Boris Kovalenko.
2011-12-21ospfd: more info in LSA checksum warning (BZ#685)Jaroslav Fojtik
2011-12-13lib: put route_types.txt to real useDavid Lamparter
this replaces most occurences of routing protocol lists by preprocessor defines from route_types.h. the latter is autogenerated from route_types.txt by a perl script (previously awk). adding a routing protocol now is mostly a matter of changing route_types.txt and log.c. Conflicts: lib/route_types.awk
2011-12-13build: delete .cvsignore filesDenis Ovsienko
2011-12-13ospfd: spellingDenis Ovsienko
2011-12-13quagga: option "-z" ("--socket <path>") addedVyacheslav Trushkin
All daemons modified to support custom path to zserv socket. lib: generalize a zclient connection zclient_socket_connect added. zclient_socket and zclient_socket_un were hidden under static expression. "zclient_serv_path_set" modified.
2011-12-07ospfd: remove unused codeStephen Hemminger
The code for nssa_range and other bits that were written but never used.
2011-12-06ospfd: avoid redundant lookup in ospf_redistribute_withdrawStephen Hemminger
The old algorithim looked up every node twice as it withdrew the entry. It looks up entry once in redistribute_withdraw, then looks it up again info_delete. Use result of first lookup to do the free directly. This may explain the slow performance observed in https://bugzilla.vyatta.com/show_bug.cgi?id=4421
2011-11-15ospfd: improve fix to CVE-2011-3326 (BZ#586)Thomas Ries
Make ospf_flood() propagate error returned by ospf_lsa_install() further to properly discard the malformed LSA, not just prevent the immediate crash.
2011-09-29ospfd: fix regression in recent commitYAMAMOTO Shigeru
commit '717750433839762d23a5f8d88fe0b4d57c8d490a' causes SEGV error, when 'oi = ospf_if_lookup_recv_if (ospf, iph->ip_src, ifp);' returns NULL. * ospf_packet.c * ospf_read(): change a place of calling 'ospf_verify_header()'
2011-09-27ospfd: remove unused macroDenis Ovsienko
2011-09-27ospfd: spellingDenis Ovsienko
2011-09-27ospfd: use existing macro for consistencyDenis Ovsienko
2011-09-27ospfd: sizing macros cleanupDenis Ovsienko
* ospf_spf.c * ROUTER_LSA_TOS_SIZE: prepend OSPF_ and move to ospf_lsa.h * ROUTER_LSA_MIN_SIZE: replace with existing OSPF_ROUTER_LSA_LINK_SIZE
2011-09-27lib: simplify interface of setsockopt_multicast_ipv4().Dmitrij Tejblum
* sockopt.[ch] (setsockopt_ipv4_multicast): ifindex is now mandatory (all non-ancient OSes can use it anyway), and if_addr parameter (the address of the interface) is now gone. (setsockopt_ipv4_multicast_if): IP_MULTICAST_IF processing moved to this new function * ospf_network.c (ospf_if_add_allspfrouters, ospf_if_drop_allspfrouters, ospf_if_add_alldrouters, ospf_if_drop_alldrouters, ospf_if_ipmulticast), rip_interface.c (ipv4_multicast_join, ipv4_multicast_leave, rip_interface_new): adapt to the new interface
2011-09-27ospfd: remove useless RFC1583 checkAlexandre Chappuis
* ospf_route.c: Function ospf_asbr_route_cmp is called uniquely from ospf_route_cmp() when the flag OSPF_RFC1583_COMPATIBLE is not set. Therefore, the check that the flag is set doesn't make sense at all and it can consequently be removed without doing any harm. Signed-off-by: Alexandre Chappuis <alc@open.ch> Signed-off-by: Roman Hoog Antink <rha@open.ch>
2011-09-26ospfd: CVE-2011-3325 part 2 (OSPF pkt type segv)Denis Ovsienko
This vulnerability (CERT-FI #514838) was reported by CROSS project. The error is reproducible only when ospfd debugging is enabled: * debug ospf packet all * debug ospf zebra When incoming packet header type field is set to 0x0a, ospfd will crash. * ospf_packet.c * ospf_verify_header(): add type field check * ospf_read(): perform input checks early
2011-09-26ospfd: CVE-2011-3325 part 1 (OSPF header underrun)Denis Ovsienko
This vulnerability (CERT-FI #514838) was reported by CROSS project. When only 14 first bytes of a Hello packet is delivered, ospfd crashes. * ospf_packet.c * ospf_read(): add size check
2011-09-26ospfd: CVE-2011-3326 (uknown LSA type segfault)CROSS
This vulnerability (CERT-FI #514837) was reported by CROSS project. They have also suggested a fix to the problem, which was found acceptable. Quagga ospfd does not seem to handle unknown LSA types in a Link State Update message correctly. If LSA type is something else than one supported by Quagga, the default handling of unknown types leads to an error. * ospf_flood.c * ospf_flood(): check return value of ospf_lsa_install()
2011-07-13Merge remote-tracking branch 'polymorf/master'Greg Troxel
2011-04-13ospf: Fix OSPF API and ospf-te LSA refreshers to match recent API changePaul Jakma
* ospf_apiserver.{c,h}: (ospf_apiserver_lsa_refresher) refreshers must now return the refreshed LSA. * ospf_te.{c,h}: (ospf_mpls_te_lsa_refresh) ditto * ospf_api.c: trivial compiler warning fix
2011-03-22ospfd: Compile fix for opaque supportPaul Jakma
* ospfd: Refresher logic cleanup broke OSPF opaque, which does its own thing with regard to refresher logic and which also, in the protocol, requires implementations to keep state of which OI an LSA is received on (rather than providing information in the LSA to allow it to be looked up - as other LSAs requiring such assocation were careful to do). * ospf_lsa.h: (struct ospf_interface) Add back the pointer to oi, but only for type-9 now. * ospf_nsm.c: (ospf_db_summary_add) check the oi actually exists first - doesn't obviate the need for opaque to ensure oi pointers get cleaned up when ospf_interfaces disappear. * ospf_opaque.{c,h}: (ospf_opaque_functab,ospf_opaque_lsa_refresh) Refresher LSA functions now need to return the LSA to the general refresh logic, to indicate whether the LSA was refreshed.
2010-12-08ospfd: Remove oi field from LSA, have network_lsa_refresh look up when neededPaul Jakma
* ospf_lsa.h: (struct ospf_lsa) remove oi pointer * ospf_lsa.c: (ospf_network_lsa_refresh) instead of keeping a pointer, just lookup the oi when it's needed. This decouples network LSA from oi lifetime and avoids having to invalidate pointers in LSAs when an oi changes, simplifying the code.
2010-12-08ospfd: potential fix for router-id change assert on refresh cleanup patchPaul Jakma
* ospf_lsa.c: (various) unregister LSAs from refresher before flushing.
2010-12-08ospfd: Fix maxage/flush to not try flood twice, remember maxages for longerPaul Jakma
2006-05-30 Paul Jakma <paul.jakma@sun.com> * (general) Fix confusion around MaxAge-ing and problem with high-latency networks. Analysis and suggested fixes by Phillip Spagnolo, in [quagga-dev 4132], on which this commit expands slightly. * ospf_flood.{c,h}: (ospf_lsa_flush) new function. Scope-general form of existing flush functions, essentially the dormant ospf_maxage_flood() but without the ambiguity of whether it is responsible for flooding. * ospf_lsa.c: (ospf_lsa_maxage) Role minimised to simply setup LSA on the Maxage list and schedule removal - no more. ospf_lsa_flush* being the primary way to kick-off flushes of LSAs. Don't hardcode the remover-timer value, which was too short for very high-latency networks. (ospf_maxage_lsa_remover) Just do what needs to be done to remove maxage LSAs from the maxage list, remove the call to ospf_flood_through(). Don't hardcode remove-timer value. (ospf_lsa_{install,flush_schedule}) ospf_lsa_flush is the correct entrypoint to flushing maxaged LSAs. (lsa_header_set) Use a define for the initial age, useful for testing. * ospf_opaque.c: (ospf_opaque_lsa_refresh) ditto. (ospf_opaque_lsa_flush_schedule) ditto. * ospfd.h: ({struct ospf,ospf_new}) Add maxage_delay parameter, interval to wait before running the maxage_remover. Supply a suitable default. Add a define for OSPF_LSA_INITIAL_AGE, see lsa_header_set().
2010-12-08ospfd: Unify router and network LSA refresh logic with general refresherPaul Jakma
* (general) Get rid of the router and network LSA specific refresh timers and make the general refresher do this instead. Get rid of the twiddling of timers for router/network LSA that was spread across the code. This lays the foundations for future, general LSA refresh improvements, such as making sequence rollover work, and having generic LSA delays. * ospfd.h: (struct ospf) Bye bye to the router-lsa update timer thread pointer. (struct ospf_area) and to the router-lsa refresh timer. * ospf_interface.h: Remove the network_lsa_self timer thread pointer * ospf_lsa.h: (struct ospf_lsa) oi field should always be there, for benefit of type-2/network LSA processing. (ospf_{router,network}_lsa_{update_timer,timer_add}) no timers for these more (ospf_{router,network}_lsa_update) more generic functions to indicate that some router/network LSAs need updating (ospf_router_lsa_update_area) update router lsa in a particular area alone. (ospf_{summary,summary_asbr,network}_lsa_refresh) replaced by the general ospf_lsa_refresh function. (ospf_lsa_refresh) general LSA refresh function
2010-12-08ospfd: Remember network LSA sequence numbers across up/downs of an interfacePaul Jakma
* ospf_interface.h: (struct ospf_if_params) add field for saved network LSA seqnum * ospf_interfa.c: (ospf_new_if_params) init network_lsa_seqnum field to initial seqnum - doesnt matter though. * ospf_lsa.c: (ospf_network_lsa_new) check for any saved sequence number, and use if it exists. Save the result back. This should help avoid needless round of LSUpdate/LSRequests when a neighbour has to tell the originator "uhm, i have something newer than that already". * ospf_vty.c: (show_ip_ospf_interface_sub) Show the saved network LSA seqnum