Most table handlers do not expect to be given an OID whose prefix is
outside what they can handle. This is not a problem with the SMUX
implementation since it always correct the OID such that the prefix
matches. However, this is not the case for the AgentX
implementation. A new function, smux_header_table() is used to do this
normalization.
smux_trap() signature has been changed to provide appropriate level
information to send SNMPv2 notifications. This includes the addition
of the enterprise OID to use (from which is derived the SNMP trap OID)
and the MIB registry to locate the appropriate function for variable
bindings provided by the trap.
The SMUX implementation has been updated but ignore the provided
enterprise OID. Instead, it still uses the SMUX peer OID to keep
compatibility with previous versions of Quagga. The SMUX
implementation also ignores the provided MIB registry since it uses
smux_get() function to grab the appropriate values. This is not
possible with the AgentX implementation since there is no such
function provided by NetSNMP.
smux_trap() contains an argument whose use appears to be to set
sysUpTime.0/timestamp field in SNMP trap. However, this value is not
used in smux_trap(). Moreover, it is expected that this field is the
value of sysUpTime.0 when the trap was sent and not any other time
related to the trap. To avoid any confusion, we remove this field from
the signature of the function.
The correct method to link to NetSNMP is to use net-snmp-config (which
is like pkg-config). Explicit link to libcrypto is also dropped
(NetSNMP libs are linked to libcrypto, no need to link Quagga to
it). Moreover, @SNMP_INCLUDES@ is dropped because useless. Due to a
bug in configure.ac, it was properly populated.
Some .h files in lib/ are autogenerated. The search path should
include the build directory and the source directory. They usually
match but sometimes, they may be different. For example:
$ mkdir build
$ cd build
$ ../configure
$ make
The old ospf_check_auth() function did two different jobs depending on
AuType. For Null and Simple cases it actually authenticated the packet,
but for Cryptographic case it only checked declared packet size (not
taking the actual number of bytes on wire into account). The calling
function, ospf_verify_header(), had its own set of MD5/checksum checks
dispatched depending on AuType.
This commit makes the packet size check work against the real number of
bytes and moves it to ospf_packet_examine(). All MD5/checksum
verification is now performed in ospf_check_auth() function.
* ospf_packet.c
* ospf_packet_examin(): check length with MD5 bytes in mind
* ospf_verify_header(): remove all AuType-specific code
* ospf_check_auth(): completely rewrite
An OSPFv2 packet with trailing data blocks (authentication and/or
link-local signaling) failed the recently implemented packet length
check, because trailing data length isn't counted in the packet header
"length" field. This commit fixes respective check conditions.
* ospf_packet.c
* ospf_packet_examin(): use "bytesdeclared" instead of "bytesonwire"
This commit ports more packet checks to OSPFv2, in particular, LSA size
verification and Router-LSA link blocks verification.
* ospf_lsa.h: add LSA size macros
* ospf_packet.h: add struct ospf_ls_update
* ospf_packet.c
* ospf_lsa_minlen[]: a direct equivalent of ospf6_lsa_minlen[]
* ospf_router_lsa_links_examin(): new function, verifies trailing
part of a Router-LSA
* ospf_lsa_examin(): new function like ospf6_lsa_examin()
* ospf_lsaseq_examin(): new function like ospf6_lsaseq_examin()
* ospf_packet_examin(): add type-specific deeper level checks
1. The only purpose of "ibuf" argument was to get stream size, which
was always equal to OSPF_MAX_PACKET_SIZE + 1, exactly as initialized
in ospf_new().
2. Fix the packet size check condition, which was incorrect for very
large packets, at least in theory.
This commit ports some of the OSPFv3 packet reception checks
to OSPFv2.
* ospf_packet.c
* ospf_packet_minlen[]: a direct equivalent of ospf6_packet_minlen[]
* ospf_packet_examin(): new function designed after the first part
of ospf6_packet_examin()
* ospf_read(): verify received packet with ospf_packet_examin()
* ospf_packet.h: add convenience macros
The previous commits modified both zebra and bgpd for additional
SAFI field, but not any other routing daemon, which led to zebra
daemon crashing with failed assertion.
* (general) Move functions in headers into files, to be compiled into
shared object files. Remove inline qualifier from functions. Let the
compiler do the work.
* ospf_abr.c
* ospf_abr_nssa_am_elected(): feed "best" instead of "address of best"
into IPV4_ADDR_CMP(), because "best" is a pointer; also, mean s_addr
field of the structures to get better typed pointers
* ospf_packet.c (ospf_recv_packet): FreeBSD, starting from version 10, will not
subtract the IP header size from ip_len.
This is the patch from FreeBSD's ports/net/quagga/files/patch-ospfd__ospf_packet.c,
by Boris Kovalenko.
this replaces most occurences of routing protocol lists by preprocessor
defines from route_types.h. the latter is autogenerated from
route_types.txt by a perl script (previously awk). adding a routing
protocol now is mostly a matter of changing route_types.txt and log.c.
Conflicts:
lib/route_types.awk
All daemons modified to support custom path to zserv
socket.
lib: generalize a zclient connection
zclient_socket_connect added. zclient_socket and
zclient_socket_un were hidden under static expression.
"zclient_serv_path_set" modified.
The old algorithim looked up every node twice as it withdrew
the entry. It looks up entry once in redistribute_withdraw, then
looks it up again info_delete. Use result of first lookup
to do the free directly.
This may explain the slow performance observed in
https://bugzilla.vyatta.com/show_bug.cgi?id=4421
* sockopt.[ch] (setsockopt_ipv4_multicast): ifindex is now mandatory (all
non-ancient OSes can use it anyway), and if_addr parameter (the address
of the interface) is now gone. (setsockopt_ipv4_multicast_if):
IP_MULTICAST_IF processing moved to this new function
* ospf_network.c (ospf_if_add_allspfrouters, ospf_if_drop_allspfrouters,
ospf_if_add_alldrouters, ospf_if_drop_alldrouters, ospf_if_ipmulticast),
rip_interface.c (ipv4_multicast_join, ipv4_multicast_leave,
rip_interface_new): adapt to the new interface
* ospf_route.c: Function ospf_asbr_route_cmp is called uniquely from
ospf_route_cmp() when the flag OSPF_RFC1583_COMPATIBLE is not set.
Therefore, the check that the flag is set doesn't make sense at all
and it can consequently be removed without doing any harm.
Signed-off-by: Alexandre Chappuis <alc@open.ch>
Signed-off-by: Roman Hoog Antink <rha@open.ch>
This vulnerability (CERT-FI #514838) was reported by CROSS project.
The error is reproducible only when ospfd debugging is enabled:
* debug ospf packet all
* debug ospf zebra
When incoming packet header type field is set to 0x0a, ospfd will crash.
* ospf_packet.c
* ospf_verify_header(): add type field check
* ospf_read(): perform input checks early
This vulnerability (CERT-FI #514838) was reported by CROSS project.
When only 14 first bytes of a Hello packet is delivered, ospfd crashes.
* ospf_packet.c
* ospf_read(): add size check
This vulnerability (CERT-FI #514837) was reported by CROSS project.
They have also suggested a fix to the problem, which was found
acceptable.
Quagga ospfd does not seem to handle unknown LSA types in a Link State
Update message correctly. If LSA type is something else than one
supported
by Quagga, the default handling of unknown types leads to an error.
* ospf_flood.c
* ospf_flood(): check return value of ospf_lsa_install()
* ospfd: Refresher logic cleanup broke OSPF opaque, which does its own thing
with regard to refresher logic and which also, in the protocol, requires
implementations to keep state of which OI an LSA is received on (rather
than providing information in the LSA to allow it to be looked up - as
other LSAs requiring such assocation were careful to do).
* ospf_lsa.h: (struct ospf_interface) Add back the pointer to oi, but only
for type-9 now.
* ospf_nsm.c: (ospf_db_summary_add) check the oi actually exists first -
doesn't obviate the need for opaque to ensure oi pointers get cleaned up
when ospf_interfaces disappear.
* ospf_opaque.{c,h}: (ospf_opaque_functab,ospf_opaque_lsa_refresh) Refresher
LSA functions now need to return the LSA to the general refresh logic,
to indicate whether the LSA was refreshed.
* ospf_lsa.h: (struct ospf_lsa) remove oi pointer
* ospf_lsa.c: (ospf_network_lsa_refresh) instead of keeping a pointer, just
lookup the oi when it's needed. This decouples network LSA from oi lifetime
and avoids having to invalidate pointers in LSAs when an oi changes,
simplifying the code.
