From e52591481ed64e4cf9f26a76ad682ed7e6b451e7 Mon Sep 17 00:00:00 2001 From: Denis Ovsienko Date: Mon, 30 Jan 2012 16:07:18 +0400 Subject: ospfd: review ospf_check_auth() 1. The only purpose of "ibuf" argument was to get stream size, which was always equal to OSPF_MAX_PACKET_SIZE + 1, exactly as initialized in ospf_new(). 2. Fix the packet size check condition, which was incorrect for very large packets, at least in theory. --- ospfd/ospf_packet.c | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/ospfd/ospf_packet.c b/ospfd/ospf_packet.c index d52430a3..b18117b5 100644 --- a/ospfd/ospf_packet.c +++ b/ospfd/ospf_packet.c @@ -2260,8 +2260,7 @@ ospf_check_network_mask (struct ospf_interface *oi, struct in_addr ip_src) } static int -ospf_check_auth (struct ospf_interface *oi, struct stream *ibuf, - struct ospf_header *ospfh) +ospf_check_auth (struct ospf_interface *oi, struct ospf_header *ospfh) { int ret = 0; struct crypt_key *ck; @@ -2287,7 +2286,7 @@ ospf_check_auth (struct ospf_interface *oi, struct stream *ibuf, /* This is very basic, the digest processing is elsewhere */ if (ospfh->u.crypt.auth_data_len == OSPF_AUTH_MD5_SIZE && ospfh->u.crypt.key_id == ck->key_id && - ntohs (ospfh->length) + OSPF_AUTH_SIMPLE_SIZE <= stream_get_size (ibuf)) + ntohs (ospfh->length) + OSPF_AUTH_MD5_SIZE <= OSPF_MAX_PACKET_SIZE) ret = 1; else ret = 0; @@ -2411,7 +2410,7 @@ ospf_verify_header (struct stream *ibuf, struct ospf_interface *oi, return -1; } - if (! ospf_check_auth (oi, ibuf, ospfh)) + if (! ospf_check_auth (oi, ospfh)) { zlog_warn ("interface %s: ospf_read authentication failed.", IF_NAME (oi)); -- cgit v1.2.1