Age | Commit message (Collapse) | Author |
|
* lib/md5-gnu.h: removed
* lib/md5.h: replaces md5-gnu.h
* lib/Makefile.am: use correct md5.h
* lib/md5.c: import from WIDE
* ospfd/ospf_packet.c: use new md5 API
* ripd/ripd.c: use new md5 API
|
|
* ripd.c: (general) Fix previous commit, broke multicast bind and
hence setting of source port, which broke communication with
non-borken ripd. Fix removes more stuff from rip_interface.c
than it adds to ripd.c ;)
(rip_create_socket) the to argument really is a from argument,
rename it. Set the source port to RIP port unconditionally, it's
required.
(rip_send_packet) Set from address correctly for multicast.
(rip_output_process) trivial: num can be BSS specified, rather
than in body.
* rip_interface.c: (rip_interface_multicast_set) strip out
redundant stuff related to bind, which rip_create_socket does.
Just make it set the multicast socket option, as per the
interface concerned, no more.
|
|
* ripd.c: (rip_create_socket) Make it static.
Remove the getservbyname stuff, as RFC2453 3.9.2 says non-RIP
port messages should be discarded, quagga doesnt accept them,
no need to lookup port.
Take a 'to' argument, if socket should be bound to something else.
setsockopt_so_recvbuf might need privs, move it to the raised
privileges section.
dont forget to close the socket if bind fails.
(rip_send_packet) use strncpy, just in case (address is under
our control anyway, but still).
dont duplicate rip_create_socket - just use it.
(rip_create) rip_create_socket takes an argument now, modify.
|
|
* ripd.c: (rip_create_socket) move it up so rip_send_packet
can use it too.
|
|
* ripd.c: (rip_output_process) fix error which crept in my
previous rip auth untanglement commit - it had become impossible
to not have authentication (even for v1).
|
|
* (global): Fix up list loops to match changes in lib/linklist,
and some basic auditing of usage.
* configure.ac: define QUAGGA_NO_DEPRECATED_INTERFACES
* HACKING: Add notes about deprecating interfaces and commands.
* lib/linklist.h: Add usage comments.
Rename getdata macro to listgetdata.
Rename nextnode to listnextnode and fix its odd behaviour to be
less dangerous.
Make listgetdata macro assert node is not null, NULL list entries
should be bug condition.
ALL_LIST_ELEMENTS, new macro, forward-referencing macro for use
with for loop, Suggested by Jim Carlson of Sun.
Add ALL_LIST_ELEMENTS_RO for cases which obviously do not need the
"safety" of previous macro.
LISTNODE_ADD and DELETE macros renamed to ATTACH, DETACH, to
distinguish from the similarly named functions, and reflect their
effect better.
Add a QUAGGA_NO_DEPRECATED_INTERFACES define guarded section
with the old defines which were modified above,
for backwards compatibility - guarded to prevent Quagga using it..
* lib/linklist.c: fix up for linklist.h changes.
* ospf6d/ospf6_abr.c: (ospf6_abr_examin_brouter) change to a single
scan of the area list, rather than scanning all areas first for
INTER_ROUTER and then again for INTER_NETWORK. According to
16.2, the scan should be area specific anyway, and further
ospf6d does not seem to implement 16.3 anyway.
|
|
* (global) Update code to match stream.h changes.
stream_get_putp effectively replaced with stream_get_endp.
stream_forward renamed to stream_forward_getp.
stream_forward_endp introduced to replace some previous
setting/manual twiddling of putp by daemons.
* lib/stream.h: Remove putp. Update reference to putp with endp.
Add stream_forward_endp, which daemons were doing manually.
Rename stream_forward to stream_forward_getp.
lib/stream.c: Remove/update references to putp.
introduce stream_forward_endp.
|
|
* ripd.c: Untangle the construction of RIP auth data.
(rip_auth_prepare_str_send) new helper function, prepare
correct key string.
(rip_auth_simple_write) new helper, write out the
rip simple password auth psuedo-RTE.
(rip_auth_md5_ah_write) new helper, write out the
MD5 auth-header psuedo-RTE.
(rip_auth_header_write) new helper, write out correct
auth header data / psuedo-RTE.
(rip_auth_md5_set) rip out the memmove and writing of the
auth header psuedo-RTE. So that all that is left is to
write the trailing auth digest, and update digest offset
field in the original header.
(rip_write_rte) rip out writing of RIP header, writing of
simple auth data psuedo-RTE. Make it do what its name suggests,
write out actual RTEs.
(rip_output_process) remove the incorrect additional decrements
of rtemax. Prepare the auth_str, which simple or MD5 auth will
need. Move write out of RIP header and auth data to inside the
loop. Adjust paramaters as required.
|
|
* daemon.c: (daemon) Replace perror with zlog_err.
* vty.c: (vty_serv_un) Replace perror with zlog_err.
* ripd.c: (rip_create_socket) Replace perror with zlog_err.
* ioctl.c: (if_ioctl,if_ioctl_ipv6,if_get_flags) Replace perror with
zlog_err.
* ioctl_solaris.c: (if_ioctl,if_ioctl_ipv6) Replace perror with
zlog_err.
|
|
* ripd.c: (rip_create_socket) Save errno before calling
ripd_privs.change.
|
|
* configure.ac: Added test for broken CMSG_FIRSTHDR macro
(relevant for Solaris 8 and unpatched Solaris 9, don't know
whether other platforms are affected).
* zebra.h: Define ZCMSG_FIRSTHDR appropriately based on whether
config.h indicates HAVE_BROKEN_CMSG_FIRSTHDR (as determined
by the configure test program).
* sockopt.c: (getsockopt_cmsg_data) Use ZCMSG_FIRSTHDR instead
of CMSG_FIRSTHDR.
* rtadv.c: (rtadv_recv_packet,rtadv_send_packet) Use ZCMSG_FIRSTHDR
instead of CMSG_FIRSTHDR.
* ripd.c: (rip_recvmsg) Use ZCMSG_FIRSTHDR instead of CMSG_FIRSTHDR.
* ripngd.c: (ripng_recv_packet) Use ZCMSG_FIRSTHDR instead of
CMSG_FIRSTHDR.
|
|
* ripd.c: (rip_read) Improve 2 error messages to show the source of
the packet when the lookup fails.
|
|
* *.c: Change level of debug messages to LOG_DEBUG.
|
|
* global: Replace strerror with safe_strerror. And vtysh/vtysh.c
needs to include "log.h" to pick up the declaration.
|
|
* ripd.c: Collapse redundant passing of various address structs,
struct interface and struct connected as arguments to functions
down to two key arguments, namely struct connected and, possibly,
address of source/destination. Testing for RIPv1 would be useful.
(rip_read) lookup struct connected for the received packet, pass
it on.
* rip_interface.c: With previous changes, we no longer have to tread
carefully with struct connected, as it will always be there and
valid.
|
|
ripd might need some more testing though.
|
|
|
|
|
|
|
|
|
|
* ripngd/ripngd.c: move setsockopt_so_recvbuf to lib.
* lib/sockopt.{c,h}: Add setsockopt_so_recvbuf, for ripd and ripngd.
* ripd/ripd.c: set receive buffer to a decent size, some systems
have low defaults. Problem noted and fix suggested by Stephan
Schweizer in [zebra 20967].
|
|
* rip_interface.c: (rip_interface_multicast_set) get rid
of extraneous if_pointopoint arg. ifp is accessible via connected.
pass connected->ifp->ifindex to setsockopt_multicast_ipv4.
* ripd.c: (rip_send_packet) update call to
rip_interface_multicast_set
* ripd.h: update rip_interface_multicast_set prototype
|
|
* filter.c: (access_list_remark_cmd) buffer_putstr doesnt need cast
to u_char. (ipv6_access_list_remark_cmd) ditto.
if.c: ditto
* network.c: (readn/writen) pointer arg should be type u_char.
* plist.c: needs to include stream.h, not declare stream functions
internally.
(various) Add static qualifier to internal functions.
(prefix_list_type_str) extraneous breaks in switch statement.
(ip_prefix_list_description_cmd) buffer_putstr doesnt need cast
* stream.h: depends on plist.h and export stream_put_prefix
* vty.c: (vty_<telnet option build functions>) should use
unsigned char, telnet options are 0 -> 255.
* zclient.c: various u_char<->char type cleanups.
* zebra.h: Having to define CMSG_* can apply to more than just
BSDI_NRL.
* ripd.c: (rip_distribute_update_all) distribute list hook
function pointer prototype requires struct prefix_list * arg.
(rip_distribute_update_all_wrapper) update to pass required arg,
NULL.
|
|
* ripd.h: Add define for the RIPv2 Authentication Data family
Move the auth type defines up to where other defines live.
Add RIP_AUTH_MD5_COMPAT_SIZE, for backwards compatible
md5->auth_len size. Add md5_auth_len field to struct
rip_interface: (rip_interface_new) Init md5_auth_len to compatible
size.
(ip_rip_authentication_mode_cmd) Extended to handle setting
md5 auth-length. Appropriate aliases added.
(no_ip_rip_authentication_mode_cmd) Reset md5_auth_len to
compatible size.
(rip_interface_config_write) Teach it about md5_auth_len.
_always_ write out the auth-length, so that everyone will get
the setting in their config file, and hence allow for a future
change of default for md5_auth_len to be less painful - every md5
user will have this setting in their config file.
ripd.c: (rip_packet_dump) Change nasty hard coded constants to
symbolic defines. Change various tests of 'ntoh.(variable) ==
constant' to test 'variable == ntoh.(constant)'. Clean up
indentation on some long lines.
(rip_auth_simple_password) ditto.
(rip_auth_md5) ditto, also add length argument and sanity check
md5 data offset field. Sanity check md5 auth length, accept RFC
or old-ripd/cisco lengths.
(rip_auth_md5_set) as per (rip_packet_dump), also write out
the configured md5 auth length for the interface (old-ripd or rfc)
(rip_read) as per (rip_packet_dump)
(rip_write_rte) ditto
(rip_response_process) ditto
(rip_write_rte) ditto
|
|
* ripd.c: Interoperability fix. Correct value for MD5 auth length
is 16. Accept packets with this set to >= 16, and set to 16
ourselves.
|
|
* ripd.c: Fixup compile warnings
* rip_routemap.c: Ditto
|
|
* ripd.c: (rip_update_jitter) Bound jitter to a more sensible
value, eg 1/4 of update time.
|
|
* ripd.c: (rip_rte_process) fix typo in merge of previous patch
and run function through indent.
|
|
* ripd.c: make ripd also check on administrative distance of his
own links to update routes.
|
|
|
|
|
|
|
|
|
|
* rip_interface.c: obsolete unbind code in
rip_interface_multicast_set, and instead do the more portable
(though slower) method of creating a socket for each outgoing packet
and binding the source address on the new socket.
* rip_interface.c, ripd.c, ripd.h: Modify rip_request_send so that
source address is determined by the caller of rip_request_send for
ripv1 packets and non-multicast interfaces (rip_request_send loops
over all connected address in all other cases).
* rip_send_packet: don't send packets with source set to
ZEBRA_IFA_SECONDARY connected addresses; improved debug messages;
|
|
* ripd/ripd.c: rip_output_process() fixup aspects of split-horizon
route suppression. See [quagga-dev 429].
|
|
* ripd/ripd.c: rip_create_socket() privs were not dropped if bind
failed.
|
|
* ripd/ripd.c: (rip_send_packet) use rip->sock for mcast sends,
instead of creating one socket per send. send source addr to
rip_update_interface.
(rip_update_process) should send an update on every connected
network for each interface.
(rip_request_send) should send a request on every connected
network for each interface.
* ripd/ripd.h: update prototype for rip_interface_multicast_set
* ripd/rip_interface.c: (rip_interface_multicast_set) reorganized
so that it can be called repeatedly for aliased interfaces (on
multiple networks).
|
|
* zebra/connected.c: revert the 'generic PtP' patch as it causes
far too many problems. People who use FreeSWAN should investigate
native linux ipsec.
* zebra/rt_netlink.c: ditto
* lib/if.c: ditto
* ripd/ripd.h: ditto
* ripd/ripd.c: ditto
* ripd/rip_interface.c: ditto
* ospfd/ospfd.c: ditto
* ospfd/ospf_snmp.c: ditto
* bgpd/bgp_nexthop.c: ditto
|
|
Compile and warning fixes for the ripd 'passive-interface default' patch.
|
|
Subject: [zebra 12403] patch for ripd to accept any version of RIP
by default
The default Cisco IOS behavior is to send RIP version 1 packets and receive
version 1 and version 2 packets. But zebra version 0.92a sends and receives
only version 2 packets by default.
I have patched the code to change zebra's default behavior to sending
version 2 packets (same as before) but receiving both versions. While
this is still not identical to Cisco's behavior, it does now accept
packets of both versions and retains backwards compatibility with
zebra configurations.
|
|
Subject: [zebra 12406] patch for ripd to support "passive-interface
default" behavior
In Cisco IOS, the router rip passive-interface subcommand can accept
an interface name of "default". In that cases, all interfaces are set
to be passive by default, and you must explicitly make it non-passive
by using the "no passive-interface <ifname>" command if you want updates
to go to that interface.
<command implemented for zebra>
|
|
* Merge of zebra privileges
|
|
|
|
|
|
|
|
subnet handling
|
|
|