Commit graph

397 commits

Author SHA1 Message Date
Ondrej Zajicek
024c310b53 Fixes broken cryptographic authentication in OSPF
Cryptographic authentication in OSPF is defective by
design - there might be several packets independently
sent to the network (for example HELLO, LSUPD and LSACK)
where they might be reordered and that causes crypt.
sequence number error.

That can be workarounded by not incresing sequence number
too often. Now we update it only when last packet was sent
before at least one second. This can constitute a risk of
replay attacks, but RFC supposes something similar (like time
in seconds used as CSN).
2009-04-08 20:15:01 +02:00
Ondrej Zajicek
40b65f947a Fixes bug in pipe route filtering.
Routes comming through pipe from primary to secondary table were
filtered by both EXPORT and IMPORT filters, but they should be
only filtered by EXPORT filters.
2009-03-25 19:05:52 +01:00
Ondrej Zajicek
48d79d521c Better handling of AS4 optional attribute errors
AS4 optional attribute errors were handled by session
drop (according to BGP RFC). This patch implements
error handling according to new BGP AS4 draft (*)
 - ignoring invalid AS4 optional attributes.

(*) http://www.ietf.org/internet-drafts/draft-chen-rfc4893bis-02.txt
2009-03-18 20:30:21 +01:00
Ondrej Zajicek
25cb9f1d01 Fix bug in empty bgp mask handling 2009-02-21 16:20:45 +01:00
Ondrej Zajicek
b807ef9a15 Fixes bug in protocol state machine
Scheduling flush must be done before resource pool freeing as it
frees some allocated list nodes from a global list.
2009-02-12 13:43:06 +01:00
Ondrej Zajicek
d6a836f8d6 Fixes core state machine.
The core state machine was broken - it didn't free resources
in START -> DOWN transition and might freed resources after
UP -> STOP transition before protocol turned down. It leads
to deadlock on olock acquisition when lock was not freed
during previous stop.

The current behavior is that resources, allocated during
DOWN -> * transition, are freed in * -> DOWN transition,
and flushing (scheduled in UP -> *) just counteract
feeding (scheduled in * -> UP). Protocol fell down
when both flushing is done (if needed) and protocol
reports DOWN.

BTW, is thera a reason why neighbour cache item acquired
by protocol is not tracked by resource mechanism?
2008-12-08 12:24:55 +01:00
Ondrej Zajicek
fbde6c3908 Fixes race condition leading to memory corruption and crash.
When protocol started, feeding was scheduled. If protocol
got down before feeding was executed, then function
responsible for connecting protocol to kernel routing
tables was called after the function responsible for
disconnecting, then resource pool of protocol was freed,
but freed linked list structures remains in the list.
2008-11-22 01:12:22 +01:00
Ondrej Zajicek
ebacaf6f7b Fix bug in AS path matching 2008-11-16 11:35:30 +01:00
Ondrej Zajicek
258d0ad4ca Fixes feeding of new protocol, only preferred routes are announced. 2008-11-14 23:03:15 +01:00
Ondrej Zajicek
aebe06b40c Proper format functions for ORIGINATOR_ID, CLUSTER_LIST 2008-11-08 23:33:22 +01:00
Ondrej Zajicek
b21f68b4cd Fix bugs in OSPF MD5 authentication. First bug is that default
values for MD5 password ID changed during reconfigure, Second
bug is that BIRD chooses password in first-fit manner, but RFC
says that it should use the one with the latest generate-from.

It also modifies the syntax for multiple passwords.
Now it is possible to just add more 'password' statements
to the interface section and it is not needed to use
'passwords' section. Old syntax can be used too.
2008-11-08 17:24:23 +01:00
Ondrej Zajicek
fd91ae3325 Fix problem with local time changes. 2008-11-05 22:36:49 +01:00
Ondrej Zajicek
b6bf284a90 Bugfixes in MULIT_EXIT_DISC attribute handling.
- Old MED handling was completely different from behavior
   specified in RFCs - for example they havn't been propagated
   to neighboring areas.

 - Update tie-breaking according to RFC 4271.

 - Change default value for 'default bgp_med' configuration
   option according to RFC 4271.
2008-10-26 22:59:21 +01:00
Ondrej Zajicek
4847a894bf Implementation of route reflection for BGP 2008-10-26 22:45:09 +01:00
Ondrej Zajicek
11cb620266 Implementation of 4B ASN support for BGP 2008-10-26 22:36:08 +01:00
Ondrej Filip
030d3b387e Small changed to reduce the number of warnings. 2005-02-14 11:58:46 +00:00
Ondrej Filip
bc956fcab6 MD5 authentication in OSPF works. :-) 2004-07-13 14:46:14 +00:00
Ondrej Filip
32d3228d86 Bugfix in simple authentification. 2004-07-13 13:52:54 +00:00
Ondrej Filip
02ad2737fd Password WALK_LIST bugfix. 2004-07-01 15:01:26 +00:00
Ondrej Filip
5236fb03af Password management redesigned (untested). 2004-06-26 20:11:14 +00:00
Ondrej Filip
98ac61766d A lot of changes:
- metric is 3 byte long now
	- summary lsa originating
	- more OSPF areas possible
	- virtual links
	- better E1/E2 routes handling
	- some bug fixes..

I have to do:
	- md5 auth (last mandatory item from rfc2328)
	- !!!!DEBUG!!!!! (mainly virtual link system has probably a lot of bugs)
	- 2328 appendig E
2004-06-25 16:39:53 +00:00
Ondrej Filip
8bf684eca2 RTS_OSPF_BONDARY is nonsense, RTS_OSPF_IA must have smaller id than RTS_OSPF_EXT 2004-06-11 09:05:06 +00:00
Ondrej Filip
c90ac711bc Cleanup in show route import <p>. 2004-06-07 10:42:24 +00:00
Martin Mares
7c103b1ee1 Marked unused parameters in core code as such. 2004-06-05 09:10:56 +00:00
Martin Mares
277a34eff1 Small correction to va_start/va_end in cli_printf (va_end was missing).
(Andreas)
2004-05-31 18:08:50 +00:00
Ondrej Filip
10af3676ea Grrr, committing too fast.
#include "alloca.h" -> #include "lib/alloca.h"
2004-05-31 17:16:47 +00:00
Ondrej Filip
0e6eef620d Use #include "alloca.h" 2004-05-31 17:07:05 +00:00
Ondrej Filip
a60277b999 Added RTD_NONE /* Just for internal use */ 2004-05-31 13:35:06 +00:00
Ondrej Filip
0c745adc80 #ifdef ALLOCA_H 2004-05-31 13:34:20 +00:00
Martin Mares
13b75bacf7 protocol->import_control() could potentially call rte_cow() as well.
AFAIK it doesn't happen in any of our protocol, but better be sure.
2003-08-13 20:04:39 +00:00
Martin Mares
2adab6ae9c This was a potential memory leak, but not the one Feela observed.
This one could happen when an import filter of some protocol modified
the rte (so that it would be rte_cow()ed) and later rejected it.
2003-08-13 19:31:22 +00:00
Martin Mares
7b7a7b43a6 There can be multiple primary addresses with different scopes
and only the highest scope one has IA_PRIMARY set, so report
the remaining ones as "Unselected".
2003-02-22 22:39:06 +00:00
Martin Mares
7d875e094b Added missing includes. 2002-11-13 08:47:06 +00:00
Martin Mares
de10a974f2 Added missing semicolons. 2002-11-13 08:46:12 +00:00
Martin Mares
e43ae6330e Fix %<something>I format strings. 2001-08-19 11:15:24 +00:00
Martin Mares
8c6ce98b9d Fixed infinite recursion in password_same.
Pavel, please check.
2001-01-08 11:13:01 +00:00
Ondrej Filip
a5096a1bde Yet another nasty bugfix of iface_patts_equal(). 2000-11-08 22:46:54 +00:00
Ondrej Filip
0639f7263a Bugfix in iface_patts_equal.
When both patterns were NULL strcmp it sigfaulted.
2000-11-08 17:06:35 +00:00
Pavel Machek
ad3907559c RIP bugfix 2000-06-21 19:40:46 +00:00
Martin Mares
725270cb1d Fixes for the programmer's manual. 2000-06-08 12:37:21 +00:00
Martin Mares
49569a8b53 Oops! Configuration compiles now. 2000-06-08 10:48:35 +00:00
Pavel Machek
ca77641d07 Use switch' for disabled'. 2000-06-08 10:25:56 +00:00
Martin Mares
ec423cc725 Updated CLI helps. 2000-06-08 10:25:02 +00:00
Martin Mares
58f7d004fd Fixes to the progdoc. 2000-06-07 13:25:53 +00:00
Martin Mares
2e9b24211a Spelling fixes to progdoc. 2000-06-07 12:29:08 +00:00
Ondrej Filip
41ad16e2d5 Added IP protocols. 2000-06-06 11:50:48 +00:00
Martin Mares
5c18880e35 Avoid sentence containing a colon to start new doc subsection. 2000-06-05 21:26:11 +00:00
Martin Mares
525fa2c1f0 Documented sockets, events and timers. 2000-06-05 12:19:12 +00:00
Martin Mares
9238b06a2c Spelling. 2000-06-05 10:01:09 +00:00
Martin Mares
42b3daa09c Description of protocol module moved to where it belongs. If documentation
of standard modules is stored in their source, such auxilliary files
should be as well.
2000-06-05 09:51:24 +00:00
Martin Mares
47f8e0c216 Document. 2000-06-04 16:16:08 +00:00
Martin Mares
cdb898cfd4 Minor changes to the progdocs. 2000-06-03 18:23:27 +00:00
Martin Mares
3d675cdbe7 More documentation. 2000-06-03 14:40:39 +00:00
Martin Mares
ddbcb927f2 Documented protocol hooks. 2000-06-02 17:24:11 +00:00
Martin Mares
3c6269b8fe Added documentation on protocols.
Protocol hooks deserve an extra chapter (to come soon).
2000-06-02 13:42:36 +00:00
Martin Mares
9a8f20fc0f Better description of the route distribution process. 2000-06-02 12:41:25 +00:00
Martin Mares
3ce8c61000 Documentation on routing tables and route attributes. 2000-06-02 12:29:55 +00:00
Martin Mares
566a0eede7 Removed rta_find() since nobody uses it and it's more convenient
to use ea_find() directly.
2000-06-02 12:29:24 +00:00
Martin Mares
58740ed4c5 Documentation. 2000-06-01 17:12:19 +00:00
Martin Mares
cf318e3cd3 Removed comments about workings of the old neighbor cache which are
(1) obsolete and (2) replaced by the progdoc.
2000-06-01 16:17:29 +00:00
Martin Mares
1f495723c3 Documented. 2000-06-01 16:16:49 +00:00
Martin Mares
ce4aca093a FIB documentation.
I've changed the init callback type to a typedef to work around a bug
in kernel-doc I'm too lazy to hunt now.
2000-06-01 16:16:18 +00:00
Martin Mares
a9aa4c1ebb Inactive sticky neighbors have no scope. 2000-06-01 13:13:49 +00:00
Martin Mares
0f32f2a65a Modified the neighbor cache to remember local addresses as well.
neighbor->scope now contains proper address scope which is zero (SCOPE_HOST)
for local addresses, higher (SCOPE_LINK, ..., SCOPE_UNIVERSE) for remote ones.
2000-06-01 12:58:04 +00:00
Martin Mares
5919c66e8f Route attributes for OSPF. 2000-05-30 21:25:32 +00:00
Martin Mares
2f71123158 Killed bug in merging of dynamic attributes. 2000-05-30 21:24:15 +00:00
Martin Mares
caab3bb374 Better formatting of protocol status. 2000-05-30 21:23:49 +00:00
Pavel Machek
26c09e1d25 Added read-only access to all required fields in rta. 2000-05-30 10:42:39 +00:00
Ondrej Filip
73232f6b18 Better rt dumping. 2000-05-30 10:36:57 +00:00
Martin Mares
4761efdb43 Tracing of CLI connections/commands can be now controlled
by `debug commands <level>' in the configuration. Level 0 means
no tracing, 1 means connections only, 2 includes all commands.
2000-05-29 22:10:18 +00:00
Ondrej Filip
cdc25e8db7 To find out a type of route (external, inter/intra area) 2000-05-28 19:07:39 +00:00
Martin Mares
2eca3b3a9c Routing table garbage collector gets really called. 2000-05-19 19:49:33 +00:00
Martin Mares
0ba8a6147d Fixed a very nasty bug in FIB iterators. 2000-05-19 19:40:12 +00:00
Martin Mares
3ced9b349d Fixed freeing of non-embedded extended attributes. 2000-05-19 18:05:01 +00:00
Martin Mares
075898dea7 No more problems when protocols gets disabled during feeding. 2000-05-19 18:03:53 +00:00
Martin Mares
f49528a3df Added as_path_get_first(). 2000-05-19 11:01:06 +00:00
Martin Mares
76dfda9e74 Fixed a buglet in asynchronous feeding and increased maximum number
of routes allowed per feeding phase.
2000-05-19 10:59:47 +00:00
Martin Mares
ac5d801217 Asynchronous feeding of protocols. 2000-05-19 10:46:26 +00:00
Martin Mares
e79671a72c Fixed incorrect error message about router ID syntax. 2000-05-16 15:08:43 +00:00
Pavel Machek
d6796e7b54 Don't segfault when someone adds passwords. 2000-05-16 15:02:27 +00:00
Pavel Machek
2f2663bdb7 Password same now actually works 2000-05-16 15:00:15 +00:00
Martin Mares
df9f0fb30a Don't log state changes if nothing user-visible has changed. 2000-05-16 13:43:26 +00:00
Martin Mares
e3f2d5fce3 Cleanup of configuration.
o  Use `expr' instead of `NUM' and `ipa' instead of `IPA',
   so that defined symbols work everywhere.
o  `define' now accepts both numbers and IP addresses.
o  Renamed `ipa' in filters to `fipa'.

Pavel, please update filters to accept define'd symbols as well.
2000-05-15 11:48:23 +00:00
Martin Mares
9449c91ab2 Added `show route for <prefix-or-ipa>' which looks up route leading to
given network.
2000-05-13 11:42:42 +00:00
Martin Mares
56d6c530eb Added fib_route() which does (although very slow) lookup of longest-match
routing in a FIB.
2000-05-13 11:42:06 +00:00
Martin Mares
758458be05 Unified parsing of prefixes.
Had to rename `prefix' in filters to `fprefix'.
2000-05-13 11:17:49 +00:00
Martin Mares
08f0290a1e Changed semantics of the rt_update hook. The attribute list we pass now
contains all attributes, not just the temporary ones. This avoids having
to merge the lists inside protocols or doing searches on both of them.

Also, do filtering of routes properly. (I'd like to avoid it, but it's
needed at least in the krt protocol.)
2000-05-13 11:00:37 +00:00
Pavel Machek
ec21aecfdd Fixed nasty segfault in rip. 2000-05-11 10:33:18 +00:00
Pavel Machek
45a48e2de2 password_same utility function 2000-05-10 13:42:46 +00:00
Pavel Machek
c0100454cf Added more convient interface for ea_find.
What is special about int default;? Compiler chokes on that!
2000-05-10 06:54:40 +00:00
Martin Mares
0521e4f684 rt_prune: Don't kill routes from protocols in FS_FEEDING state. If debugging,
call fib_check() on the table's fib.
2000-05-08 22:33:02 +00:00
Martin Mares
8abbde02d4 Several simplifications of the fib iterators. 2000-05-08 19:11:49 +00:00
Martin Mares
33a368ad59 Implemented show route count' which is show route stats' with
exception that it doesn't print the routes themselves.
2000-05-08 14:58:00 +00:00
Martin Mares
e48dae3ed7 Stop feeding the protocol if it suddenly shuts down. 2000-05-08 14:51:26 +00:00
Martin Mares
5d86aefb6c Really free attributes. 2000-05-08 13:12:14 +00:00
Martin Mares
d0126f0bf0 bugs_in_attr_cache_hashing--; 2000-05-08 11:40:30 +00:00
Martin Mares
916c8c0aba Use preferences properly. 2000-05-08 10:40:00 +00:00
Martin Mares
0117d00494 Fixed `show route primary'. 2000-05-08 10:37:45 +00:00
Martin Mares
18c031fae8 Debugged printing and pruning of neighbor cache entries. 2000-05-08 10:13:59 +00:00
Martin Mares
0d3070824d Don't count networks with no routes (they are not displayed at all and
will be removed during the next garbage collection pass).
2000-05-07 11:32:34 +00:00