From 98fd1e61212ea98154e7cc4b6deed41a07794523 Mon Sep 17 00:00:00 2001 From: paul Date: Tue, 17 Jan 2006 17:26:25 +0000 Subject: [ripd] Fix verification of received MD5 authenticated packets 2006-01-17 Paul Jakma * ripd.c: (rip_auth_md5) remove pdigest, not needed. Use a local buffer for the auth_str, where it can be properly nul padded. Do so, hence fixing MD5 authentication. Key looked up via key ring should be used in preference to the RIPv1 simple password, not other way around. No need to copy around digests, we can reference them directly. The auth_len received can't be trusted, some implementations lie (e.g. older ripd). (rip_auth_md5_ah_write) rename len local variable to doff to be consistent with other functions. (rip_auth_header_write) add the missing return. (rip_auth_md5_set) use the proper constructs to access stream. --- ripd/ChangeLog | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) (limited to 'ripd/ChangeLog') diff --git a/ripd/ChangeLog b/ripd/ChangeLog index a3c0e24b..2b79a61d 100644 --- a/ripd/ChangeLog +++ b/ripd/ChangeLog @@ -1,3 +1,19 @@ +2006-01-17 Paul Jakma + + * ripd.c: (rip_auth_md5) remove pdigest, not needed. + Use a local buffer for the auth_str, where it can be properly + nul padded. Do so, hence fixing MD5 authentication. + Key looked up via key ring should be used in preference to + the RIPv1 simple password, not other way around. + No need to copy around digests, we can reference them + directly. + The auth_len received can't be trusted, some implementations + lie (e.g. older ripd). + (rip_auth_md5_ah_write) rename len local variable to doff + to be consistent with other functions. + (rip_auth_header_write) add the missing return. + (rip_auth_md5_set) use the proper constructs to access stream. + 2005-10-30 Andrew J. Schorr * ripd.c: (rip_response_process) Instead of calling -- cgit v1.2.1