From 32d3228d864cb6af8c679a7742f4b0a71c2facc0 Mon Sep 17 00:00:00 2001 From: Ondrej Filip Date: Tue, 13 Jul 2004 13:52:54 +0000 Subject: [PATCH] Bugfix in simple authentification. --- nest/password.c | 4 ++-- proto/ospf/config.Y | 3 ++- proto/ospf/packet.c | 25 ++++++++++++++++--------- 3 files changed, 20 insertions(+), 12 deletions(-) diff --git a/nest/password.c b/nest/password.c index 0bc38f10..7f1c8dce 100644 --- a/nest/password.c +++ b/nest/password.c @@ -22,7 +22,7 @@ password_find(list *l) { WALK_LIST(pi, *l) { - if ((pi->genfrom > now) && (pi->gento < now)) + if ((pi->genfrom < now) && (pi->gento > now)) return pi; } } @@ -32,6 +32,6 @@ password_find(list *l) void password_cpy(char *dst, char *src, int size) { bzero(dst, size); - memcpy(dst, src, strlen(src) < (unsigned) size ? strlen(src) : (unsigned) size); + memcpy(dst, src, (strlen(src) < (unsigned) size ? strlen(src) : (unsigned) size)); } diff --git a/proto/ospf/config.Y b/proto/ospf/config.Y index c5951758..87a97bc3 100644 --- a/proto/ospf/config.Y +++ b/proto/ospf/config.Y @@ -1,7 +1,7 @@ /* * BIRD -- OSPF Configuration * - * (c) 1999 - 2000 Ondrej Filip + * (c) 1999--2004 Ondrej Filip * * Can be freely distributed and used under the terms of the GNU GPL. */ @@ -98,6 +98,7 @@ ospf_vlink_item: | DEAD COUNT expr { OSPF_PATT->deadc = $3 ; if ($3<=1) cf_error("Dead count must be greater than one"); } | AUTHENTICATION NONE { OSPF_PATT->autype = OSPF_AUTH_NONE ; } | AUTHENTICATION SIMPLE { OSPF_PATT->autype = OSPF_AUTH_SIMPLE ; } + | AUTHENTICATION CRYPTOGRAPHIC { OSPF_PATT->autype = OSPF_AUTH_CRYPT ; } | password_list {OSPF_PATT->passwords = $1; } ; diff --git a/proto/ospf/packet.c b/proto/ospf/packet.c index 888fa666..9d5a924d 100644 --- a/proto/ospf/packet.c +++ b/proto/ospf/packet.c @@ -48,15 +48,20 @@ ospf_pkt_finalize(struct ospf_iface *ifa, struct ospf_packet *pkt) char password[OSPF_AUTH_CRYPT_SIZE]; pkt->autype = htons(ifa->autype); - bzero(&pkt->u, sizeof(union ospf_auth)); switch(ifa->autype) { case OSPF_AUTH_SIMPLE: - password_cpy(pkt->u.password, passwd->password, 8); + bzero(&pkt->u, sizeof(union ospf_auth)); + if (!passwd) + { + log( L_ERR "No suitable password found for authentication" ); + return; + } + password_cpy(pkt->u.password, passwd->password, sizeof(union ospf_auth)); case OSPF_AUTH_NONE: - pkt->checksum = ipsum_calculate(pkt, sizeof(struct ospf_packet) - 8, - (pkt + 1), + pkt->checksum = ipsum_calculate(pkt, sizeof(struct ospf_packet) - + sizeof(union ospf_auth), (pkt + 1), ntohs(pkt->length) - sizeof(struct ospf_packet), NULL); break; @@ -127,15 +132,17 @@ ospf_pkt_checkauth(struct ospf_neighbor *n, struct ospf_iface *ifa, struct ospf_ OSPF_TRACE(D_PACKETS, "OSPF_auth: no password found"); return 0; } + password_cpy(password, pass->password, sizeof(union ospf_auth)); - if (memcmp(pkt->u.password,pass, 8)) + if (memcmp(pkt->u.password, password, sizeof(union ospf_auth))) { - OSPF_TRACE(D_PACKETS, "OSPF_auth: different passwords"); + char ppass[sizeof(union ospf_auth) + 1]; + bzero(ppass, (sizeof(union ospf_auth) + 1)); + memcpy(ppass, pkt->u.password, sizeof(union ospf_auth)); + OSPF_TRACE(D_PACKETS, "OSPF_auth: different passwords (%s)", ppass); return 0; } - - else - return 1; + return 1; break; case OSPF_AUTH_CRYPT: if (pkt->u.md5.len != OSPF_AUTH_CRYPT_SIZE)