Commit graph

348 commits

Author SHA1 Message Date
Ondrej Zajicek
c8a6b9a3d1 Rewrite of buggy AS path matching.
Old AS path maching supposes thath AS number appears
only once in AS path, but that is not true. It also
contains some bugs related to AS path sets.

New code does not use any assumptions about semantic
structure of AS path. It is asymptotically slower than
the old code, but on real paths it is not significant.

It also allows '?' for matching one arbitrary AS number.
2009-04-17 01:48:36 +02:00
Ondrej Zajicek
024c310b53 Fixes broken cryptographic authentication in OSPF
Cryptographic authentication in OSPF is defective by
design - there might be several packets independently
sent to the network (for example HELLO, LSUPD and LSACK)
where they might be reordered and that causes crypt.
sequence number error.

That can be workarounded by not incresing sequence number
too often. Now we update it only when last packet was sent
before at least one second. This can constitute a risk of
replay attacks, but RFC supposes something similar (like time
in seconds used as CSN).
2009-04-08 20:15:01 +02:00
Ondrej Zajicek
40b65f947a Fixes bug in pipe route filtering.
Routes comming through pipe from primary to secondary table were
filtered by both EXPORT and IMPORT filters, but they should be
only filtered by EXPORT filters.
2009-03-25 19:05:52 +01:00
Ondrej Zajicek
48d79d521c Better handling of AS4 optional attribute errors
AS4 optional attribute errors were handled by session
drop (according to BGP RFC). This patch implements
error handling according to new BGP AS4 draft (*)
 - ignoring invalid AS4 optional attributes.

(*) http://www.ietf.org/internet-drafts/draft-chen-rfc4893bis-02.txt
2009-03-18 20:30:21 +01:00
Ondrej Zajicek
25cb9f1d01 Fix bug in empty bgp mask handling 2009-02-21 16:20:45 +01:00
Ondrej Zajicek
b807ef9a15 Fixes bug in protocol state machine
Scheduling flush must be done before resource pool freeing as it
frees some allocated list nodes from a global list.
2009-02-12 13:43:06 +01:00
Ondrej Zajicek
d6a836f8d6 Fixes core state machine.
The core state machine was broken - it didn't free resources
in START -> DOWN transition and might freed resources after
UP -> STOP transition before protocol turned down. It leads
to deadlock on olock acquisition when lock was not freed
during previous stop.

The current behavior is that resources, allocated during
DOWN -> * transition, are freed in * -> DOWN transition,
and flushing (scheduled in UP -> *) just counteract
feeding (scheduled in * -> UP). Protocol fell down
when both flushing is done (if needed) and protocol
reports DOWN.

BTW, is thera a reason why neighbour cache item acquired
by protocol is not tracked by resource mechanism?
2008-12-08 12:24:55 +01:00
Ondrej Zajicek
fbde6c3908 Fixes race condition leading to memory corruption and crash.
When protocol started, feeding was scheduled. If protocol
got down before feeding was executed, then function
responsible for connecting protocol to kernel routing
tables was called after the function responsible for
disconnecting, then resource pool of protocol was freed,
but freed linked list structures remains in the list.
2008-11-22 01:12:22 +01:00
Ondrej Zajicek
ebacaf6f7b Fix bug in AS path matching 2008-11-16 11:35:30 +01:00
Ondrej Zajicek
258d0ad4ca Fixes feeding of new protocol, only preferred routes are announced. 2008-11-14 23:03:15 +01:00
Ondrej Zajicek
aebe06b40c Proper format functions for ORIGINATOR_ID, CLUSTER_LIST 2008-11-08 23:33:22 +01:00
Ondrej Zajicek
b21f68b4cd Fix bugs in OSPF MD5 authentication. First bug is that default
values for MD5 password ID changed during reconfigure, Second
bug is that BIRD chooses password in first-fit manner, but RFC
says that it should use the one with the latest generate-from.

It also modifies the syntax for multiple passwords.
Now it is possible to just add more 'password' statements
to the interface section and it is not needed to use
'passwords' section. Old syntax can be used too.
2008-11-08 17:24:23 +01:00
Ondrej Zajicek
fd91ae3325 Fix problem with local time changes. 2008-11-05 22:36:49 +01:00
Ondrej Zajicek
b6bf284a90 Bugfixes in MULIT_EXIT_DISC attribute handling.
- Old MED handling was completely different from behavior
   specified in RFCs - for example they havn't been propagated
   to neighboring areas.

 - Update tie-breaking according to RFC 4271.

 - Change default value for 'default bgp_med' configuration
   option according to RFC 4271.
2008-10-26 22:59:21 +01:00
Ondrej Zajicek
4847a894bf Implementation of route reflection for BGP 2008-10-26 22:45:09 +01:00
Ondrej Zajicek
11cb620266 Implementation of 4B ASN support for BGP 2008-10-26 22:36:08 +01:00
Ondrej Filip
030d3b387e Small changed to reduce the number of warnings. 2005-02-14 11:58:46 +00:00
Ondrej Filip
bc956fcab6 MD5 authentication in OSPF works. :-) 2004-07-13 14:46:14 +00:00
Ondrej Filip
32d3228d86 Bugfix in simple authentification. 2004-07-13 13:52:54 +00:00
Ondrej Filip
02ad2737fd Password WALK_LIST bugfix. 2004-07-01 15:01:26 +00:00
Ondrej Filip
5236fb03af Password management redesigned (untested). 2004-06-26 20:11:14 +00:00
Ondrej Filip
98ac61766d A lot of changes:
- metric is 3 byte long now
	- summary lsa originating
	- more OSPF areas possible
	- virtual links
	- better E1/E2 routes handling
	- some bug fixes..

I have to do:
	- md5 auth (last mandatory item from rfc2328)
	- !!!!DEBUG!!!!! (mainly virtual link system has probably a lot of bugs)
	- 2328 appendig E
2004-06-25 16:39:53 +00:00
Ondrej Filip
8bf684eca2 RTS_OSPF_BONDARY is nonsense, RTS_OSPF_IA must have smaller id than RTS_OSPF_EXT 2004-06-11 09:05:06 +00:00
Ondrej Filip
c90ac711bc Cleanup in show route import <p>. 2004-06-07 10:42:24 +00:00
Martin Mares
7c103b1ee1 Marked unused parameters in core code as such. 2004-06-05 09:10:56 +00:00
Martin Mares
277a34eff1 Small correction to va_start/va_end in cli_printf (va_end was missing).
(Andreas)
2004-05-31 18:08:50 +00:00
Ondrej Filip
10af3676ea Grrr, committing too fast.
#include "alloca.h" -> #include "lib/alloca.h"
2004-05-31 17:16:47 +00:00
Ondrej Filip
0e6eef620d Use #include "alloca.h" 2004-05-31 17:07:05 +00:00
Ondrej Filip
a60277b999 Added RTD_NONE /* Just for internal use */ 2004-05-31 13:35:06 +00:00
Ondrej Filip
0c745adc80 #ifdef ALLOCA_H 2004-05-31 13:34:20 +00:00
Martin Mares
13b75bacf7 protocol->import_control() could potentially call rte_cow() as well.
AFAIK it doesn't happen in any of our protocol, but better be sure.
2003-08-13 20:04:39 +00:00
Martin Mares
2adab6ae9c This was a potential memory leak, but not the one Feela observed.
This one could happen when an import filter of some protocol modified
the rte (so that it would be rte_cow()ed) and later rejected it.
2003-08-13 19:31:22 +00:00
Martin Mares
7b7a7b43a6 There can be multiple primary addresses with different scopes
and only the highest scope one has IA_PRIMARY set, so report
the remaining ones as "Unselected".
2003-02-22 22:39:06 +00:00
Martin Mares
7d875e094b Added missing includes. 2002-11-13 08:47:06 +00:00
Martin Mares
de10a974f2 Added missing semicolons. 2002-11-13 08:46:12 +00:00
Martin Mares
e43ae6330e Fix %<something>I format strings. 2001-08-19 11:15:24 +00:00
Martin Mares
8c6ce98b9d Fixed infinite recursion in password_same.
Pavel, please check.
2001-01-08 11:13:01 +00:00
Ondrej Filip
a5096a1bde Yet another nasty bugfix of iface_patts_equal(). 2000-11-08 22:46:54 +00:00
Ondrej Filip
0639f7263a Bugfix in iface_patts_equal.
When both patterns were NULL strcmp it sigfaulted.
2000-11-08 17:06:35 +00:00
Pavel Machek
ad3907559c RIP bugfix 2000-06-21 19:40:46 +00:00
Martin Mares
725270cb1d Fixes for the programmer's manual. 2000-06-08 12:37:21 +00:00
Martin Mares
49569a8b53 Oops! Configuration compiles now. 2000-06-08 10:48:35 +00:00
Pavel Machek
ca77641d07 Use switch' for disabled'. 2000-06-08 10:25:56 +00:00
Martin Mares
ec423cc725 Updated CLI helps. 2000-06-08 10:25:02 +00:00
Martin Mares
58f7d004fd Fixes to the progdoc. 2000-06-07 13:25:53 +00:00
Martin Mares
2e9b24211a Spelling fixes to progdoc. 2000-06-07 12:29:08 +00:00
Ondrej Filip
41ad16e2d5 Added IP protocols. 2000-06-06 11:50:48 +00:00
Martin Mares
5c18880e35 Avoid sentence containing a colon to start new doc subsection. 2000-06-05 21:26:11 +00:00
Martin Mares
525fa2c1f0 Documented sockets, events and timers. 2000-06-05 12:19:12 +00:00
Martin Mares
9238b06a2c Spelling. 2000-06-05 10:01:09 +00:00