summaryrefslogtreecommitdiff
path: root/ospfd
AgeCommit message (Collapse)Author
2011-09-26ospfd: CVE-2011-3325 part 2 (OSPF pkt type segv)Denis Ovsienko
This vulnerability (CERT-FI #514838) was reported by CROSS project. The error is reproducible only when ospfd debugging is enabled: * debug ospf packet all * debug ospf zebra When incoming packet header type field is set to 0x0a, ospfd will crash. * ospf_packet.c * ospf_verify_header(): add type field check * ospf_read(): perform input checks early
2011-09-26ospfd: CVE-2011-3325 part 1 (OSPF header underrun)Denis Ovsienko
This vulnerability (CERT-FI #514838) was reported by CROSS project. When only 14 first bytes of a Hello packet is delivered, ospfd crashes. * ospf_packet.c * ospf_read(): add size check
2011-09-26ospfd: CVE-2011-3326 (uknown LSA type segfault)CROSS
This vulnerability (CERT-FI #514837) was reported by CROSS project. They have also suggested a fix to the problem, which was found acceptable. Quagga ospfd does not seem to handle unknown LSA types in a Link State Update message correctly. If LSA type is something else than one supported by Quagga, the default handling of unknown types leads to an error. * ospf_flood.c * ospf_flood(): check return value of ospf_lsa_install()
2011-09-25ospfd: remove unused macroDenis Ovsienko
2011-09-10ospfd: spellingDenis Ovsienko
2011-09-10ospfd: use existing macro for consistencyDenis Ovsienko
2011-09-07ospfd: revert recent PIE change to fix amd64 buildDenis Ovsienko
This reverts commit 68575f4babf4d6fc302c366898a1047f13629214.
2011-09-05build: build ospfd as Position-Independed Executable (if appropriate)Dmitrij Tejblum
Since 46bc0e432e75, all the binaries are built as Position-Independed Executables (if available and enabled). ospfd was missed for some unknown reason.
2011-08-28ospfd: address more trivial compiler warningsDenis Ovsienko
* ospf_ase.c * ospf_ase_complete_direct_routes(): dismiss unused variable * ospf_ase_calculate_route(): put assignments into parentheses
2011-08-23ospfd: sizing macros cleanupDenis Ovsienko
* ospf_spf.c * ROUTER_LSA_TOS_SIZE: prepend OSPF_ and move to ospf_lsa.h * ROUTER_LSA_MIN_SIZE: replace with existing OSPF_ROUTER_LSA_LINK_SIZE
2011-08-19lib: simplify interface of setsockopt_multicast_ipv4().Dmitrij Tejblum
* sockopt.[ch] (setsockopt_ipv4_multicast): ifindex is now mandatory (all non-ancient OSes can use it anyway), and if_addr parameter (the address of the interface) is now gone. (setsockopt_ipv4_multicast_if): IP_MULTICAST_IF processing moved to this new function * ospf_network.c (ospf_if_add_allspfrouters, ospf_if_drop_allspfrouters, ospf_if_add_alldrouters, ospf_if_drop_alldrouters, ospf_if_ipmulticast), rip_interface.c (ipv4_multicast_join, ipv4_multicast_leave, rip_interface_new): adapt to the new interface
2011-08-02ospfd: remove useless RFC1583 checkAlexandre Chappuis
* ospf_route.c: Function ospf_asbr_route_cmp is called uniquely from ospf_route_cmp() when the flag OSPF_RFC1583_COMPATIBLE is not set. Therefore, the check that the flag is set doesn't make sense at all and it can consequently be removed without doing any harm. Signed-off-by: Alexandre Chappuis <alc@open.ch> Signed-off-by: Roman Hoog Antink <rha@open.ch>
2011-08-01ospfd: Lower level of some common messages from info to debugPaul Jakma
* ospf_{ism,network}.c: Certain oft-repeated but trivial messages should be debug log level, not info, to avoid spamming 'terminal monitor'
2010-04-18ospfd: Only refresh external default route once.Joakim Tjernlund
* ospf_zebra.c: (ospf_distribute_list_update_timer) forces a refresh of default route each time it finds a default prefix. This is suboptimal, just record that it needs to be done and do it once. Signed-off-by: Joakim Tjernlund <Joakim.Tjernlund@transmode.se>
2010-04-18ospfd: Make sure ospf_distribute_list_update_timer() eventually runs.Joakim Tjernlund
* ospf_zebra.c: (ospf_distribute_list_update_timer) If there are updates to the distribute list every 5 second or less, ospf_distribute_list_update_timer() will never run as the timer gets rearmed for each update. This fixes it by never rearming an active distribute list timer. Signed-off-by: Joakim Tjernlund <Joakim.Tjernlund@transmode.se>
2010-04-18ospfd: Make sure all external routes are updated.Joakim Tjernlund
Roman Hoog Antink <rha@open.ch> reports: When adding a connected route (using vtysh, without restart) to the redistribution access list of ospfd, while static routes already exist, the update timer ospf_distribute_list_update_timer() is being run for static routes only. That way, the connected route never appears in the OSPF database, until quagga is completely restarted. The update timer for connected routes is cancelled in ospfd/ospfd_zebra.c:ospf_distribute_list_update():976, were a new timer is scheduled for static routes, caused by the loop in ospf_filter_update(). * ospf_zebra.c: (ospf_distribute_list_update_timer) make it refresh all external routes. This fixes the problem reported by Roman. Signed-off-by: Joakim Tjernlund <Joakim.Tjernlund@transmode.se>
2010-01-14ospfd: Fix debug messages that were masked by DISCARD_LSAPaul Jakma
* ospf_packet.c: (ospf_ls_upd) DISCARD_LSA continues, and so should be after debug messages, not before them.
2010-01-14ospfd: remove unneeded memset from a very hot functionPaul Jakma
* ospf_lsdb.c: (lsdb_prefix_set) memset is unneeded, as all fields are initialised explicitly, and this function can be in the top-3 of a profile when there are a lot of LSAs.
2009-12-03ospfd: VTY strings cleanupStephen Hemminger
Several bits of text can be local or are unused.
2009-12-03ospfd: comment out unused functionStephen Hemminger
2009-12-03ospfd: make local functions staticStephen Hemminger
This code is only used one place and can be made local. Gcc is smart enough to inline local functions if it wants to. The function also has a big chunk of compatiablity code that is no longer used; since quagga is now in a version control system the source does not need to be used as a historical reference.
2009-09-28[ospfd] enable more OSPF cost command aliasesDenis Ovsienko
The following syntax forms were not historically supported by Quagga, although IOS accepted them w/o a problem: no ip ospf cost <1-65535> no ospf cost <1-65535> no ip ospf cost <1-65535> A.B.C.D no ospf cost <1-65535> A.B.C.D From now on Quagga also supports these variants.
2009-08-28ospfd: Make sure priority is respected.Joakim Tjernlund
* ospf_ism.c (ospf_dr_eligible_routers) should test for priority > 0 instead of != 0 as ospf_nbr_new () initially sets prio to -1
2009-08-28ospfd: Tighten up the connected check for redistributionJoakim Tjernlund
* ospf_zebra.c: (ospf_distribute_check_connected) check to make filter out routes matching connected routes was matching against OSPF networks, which can be far more general than the actual connected interfaces. Fix.
2009-08-13all: check return value from daemon() callStephen Hemminger
* */*main.c: (main) Current versions of Gcc warn if the return value for daemon() is not checked. So add a simple test and exit on failure.
2009-08-13ospfd: fix performance problem with redistribute deleteStephen Hemminger
Doing redistribute delete with full BGP table was taking 30 minutes, this drops it down to less than a second. * ospf_lsa.c: (ospf_lsa_maxage) When flushing lots of entries the performance is terrible because it looks up each LSA entry through ospf_lsa_maxage_exist before deleting causing O(N^2) performance. Use a new OSPF_LSA_MAXAGE flag instead of scan - and maintain it. (ospf_lsa_maxage_exist) removed (ospf_lsa_maxage_delete) maintain OSPF_LSA_MAXAGE flag
2009-08-11ospfd: Make sure route table is recalculated.Joakim Tjernlund
In some cases ospfd does not recalc the route table. This happens when ospfd receives an old LSA which will trigger recalc but the this recalc will fail because all interfaces isn't up yet. Next LSA that is originated matches the old one so no recalc will be performed. This problem has been observed when there are only 2 ppp I/Fs in an area, both go down at the same time, then they come up again with a few seconds apart. * ospf_lsa.c: (ospf_{router,network}_lsa_install) avoid a needless scheduling of SPF. (ospf_lsa_different) fix bug in LSA comparison that would lead to the described failure to schedule SPF.
2009-08-11ospfd: Make "Packet ... received on wrong link" conditional on debugPaul Jakma
* ospf_packet.c: make this message conditional on 'debug ospf event', as it be easily triggered with, e.g., multiple subnets sharing same physical network. E.g, see bug #532.
2009-08-03ospfd: neuter some compiler warningsPaul Jakma
* ospf_lsa.c: (link_info_set) Use %zd for size_t - C99 is old enough now. Lots of similar warnings all over the code. (ospf_lsa_translated_nssa_compare) Unused func - delete.
2009-08-03ospfd: update some commentsPaul Jakma
* ospf_{spf,lsa}.c: remove out of date comment; add comment on some non-obvious code; Make note of a possible scaling problem.
2009-08-03ospfd: Change struct ospf_path *oi to ifindex.Joakim Tjernlund
* global: In struct ospf_path, change struct ospf_interface *oi to int ifindex. It is unsafe to reference *oi as an ospf interface can be deleted under your feet. Use a weak reference instead.
2009-07-30ospfd: Discriminate better when selecting links between vertices in SPFJoakim Tjernlund
* ospf_spf.c: (ospf_get_next_link) One must check the vertex type, Router or Network, to select type link to match against. Link type 1 has neighbour router ID in link_id and link type 2 has IP address of DR. Since router id may have same value as an existing IP address one risks matching a router ID against a DR.
2009-07-28ospfd: Make ospf_if_lookup_recv_if() find the right unnumbered i/fJoakim Tjernlund
This function will return the interface for the first matching remote address for PtP i/f's. That won't work for multiple unnumbered i/f's as these may all have the same address. Pass in the struct interface pointer, ifp, to find the correct set of oi's to search in. This also reduces the size of the search list, making it faster. * ospfd/ospf_interface.c: Add struct interface * param to ospf_if_lookup_recv_if() to select the right list to search in. * ospfd/ospf_interface.h: ditto. * ospfd/ospf_packet.c: Pass new ifp argument to ospf_if_lookup_recv_if()
2009-07-28ospfd: export ospf_if_table_lookup() and use it in ospf_network_run_interface()Joakim Tjernlund
Makes it possible to run OSPF on multiple PtP interfaces with the same remote address. * ospfd/ospf_interface.c: Export ospf_if_table_lookup(). * ospfd/ospf_interface.h: ditto. * ospfd/ospfd.c: (ospf_network_run_interface) Use ospf_if_table_lookup() to determine whether OSPF is already configured for a subnet and interface.
2009-07-28[global] interface flags format warningsStephen Hemminger
*/*: ifp->flags is 64 bit unsigned which can not be handled by %l on 32 bit architectures - requires %ll and the appropriate cast.
2009-06-26[ospfd] Do not use stale Network/Router LSAsJoakim Tjernlund
Should a self originated Network/Router LSA with higher LS seq. nr. be received we should flood and install it in the LSDB but we cannot use it for our internal calculations as it is stale. Reorginate an new LSA to replace the stale one as soon as possible.
2009-06-25[ospfd] compare ifIndex too when matching pathsJoakim Tjernlund
ospf_path_lookup(), ospf_route_match_same() and ospf_ase_route_match_same() needs to compare if the interface matches too.
2009-06-25[ospfd] external LSA route_unlock_node() fixesJoakim Tjernlund
A few route_unlock_node() calls was missing.
2009-06-25[ospfd] Fix a few LSA performance "bugs"Joakim Tjernlund
ospf_lsa_install() will calculate LSA checksum so no need to do it before calling ospf_lsa_install(). Set the OSPF_LSA_SELF_CHECKED flag on own LSA's to save ospf_lsa_is_self_originated() some work. Do not memset() memory that is about to overwritten with memcpy().
2009-06-24Merge remote branch 'origin/master'Paul Jakma
2009-06-24[cleanup] Add log.h includesTomasz Pala
2009-06-24[ospfd] discount IP header size from a new LSA pktDmitry Tejblum
2009-06-23[ospfd] cancel OSPF timer hack in nsm_change_stateDmitry Tejblum
This piece of code causes all Quagga routers on a broadcast link to send a HELLO packet simultaneously if they see a new neighbor. It also resets the HELLO timer, so all the quagga routers will continue to send HELLO packets simultaneously in the future. This is not good (especially on networks with a lot of Quagga routers connected), and is explicitly discouraged by the OSPF standard, RFC 2328 (chapter 4.4.Timers). I suggest to remove the code snippet, it does not provide much benefit anyway.
2009-06-19[ospfd/BSD] add missing UINT16_MAX - picked up from FreeBSD ports patchJeremy Jackson
Should probably have AC_TYPE_UINT16_T in configure.ac to make it really clean... and a fresh import of gnulib, the existing copy of gnulib seems to be manually put some stuff in zebra.h. I'm leaving that alone for now, since a fresh import will probably clean up a lot of cruft and it would be a duplicated effort to fix some things now. The FreeBSD port 0.99.11_1 files/patch-ospfd-ospfd.h can probably go away after this is applied.
2009-06-18[daemons/cleanup] Remove disabled log_mode argument support.Jeremy Jackson
* */*main.c: Seems that the actual code was removed previously, but the argument processing code remained.
2009-06-18[OSPF/cleanup] make message lists read onlyStephen Hemminger
2009-06-18[ospfd] Fix OSPF route refcount leakStephen Hemminger
This may fix vyatta BUG 3096. The reference count for OSPF route table was never completely freed on deleting all neighbors.
2009-06-12[cleanup] Make command nodes staticStephen Hemminger
The cmd_nodes used to configure vty, can mostly be static so (basic data hiding 101).
2009-06-12[cleanup] functions taking no args should be declared with void argsStephen Hemminger
Use Ansi-C prototypes rather than old K&R method of declaring function without arguments
2009-06-12[cleanup] Convert XMALLOC/memset to XCALLOCStephen Hemminger
Simple conversion of XMALLOC/memset to XCALLOC