proxmox-mirrors/mirror_frr
1
0
Fork 0
mirror of https://git.proxmox.com/git/mirror_frr synced 2025-08-06 19:51:58 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

ripd: reject authentication strings with zeros in the middle

Browse Source 
RFC 2453 says:
"If the password is under 16 octets, it must be left-justified and padded
to the right with nulls (0x00)".

Fixes IxANVL RIP test 10.3.

Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
This commit is contained in:
Renato Westphal 2016-11-10 12:53:21 -02:00
parent 18653436b7
commit 1cfaf93c5e
1 changed files with 10 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
ripd/ripd.c
View File

@ -812,7 +812,15 @@ rip_auth_simple_password (struct rte *rte, struct sockaddr_in *from,
struct interface *ifp) struct interface *ifp)
{ {
struct rip_interface *ri; struct rip_interface *ri;
char *auth_str; char *auth_str = (char *) &rte->prefix;
int i;
/* reject passwords with zeros in the middle of the string */
for (i = strlen (auth_str); i < 16; i++)
{
if (auth_str[i] != '\0')
return 0;
}
if (IS_RIP_DEBUG_EVENT) if (IS_RIP_DEBUG_EVENT)
zlog_debug ("RIPv2 simple password authentication from %s", zlog_debug ("RIPv2 simple password authentication from %s",
@ -827,8 +835,6 @@ rip_auth_simple_password (struct rte *rte, struct sockaddr_in *from,
/* Simple password authentication. */ /* Simple password authentication. */
if (ri->auth_str) if (ri->auth_str)
{ {
auth_str = (char *) &rte->prefix;
if (strncmp (auth_str, ri->auth_str, 16) == 0) if (strncmp (auth_str, ri->auth_str, 16) == 0)
return 1; return 1;
} }
@ -841,7 +847,7 @@ rip_auth_simple_password (struct rte *rte, struct sockaddr_in *from,
if (keychain == NULL) if (keychain == NULL)
return 0; return 0;
key = key_match_for_accept (keychain, (char *) &rte->prefix); key = key_match_for_accept (keychain, auth_str);
if (key) if (key)
return 1; return 1;
} }