diff options
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/ChangeLog | 32 | ||||
| -rw-r--r-- | lib/linklist.c | 20 | ||||
| -rw-r--r-- | lib/log.c | 29 | ||||
| -rw-r--r-- | lib/log.h | 6 | ||||
| -rw-r--r-- | lib/memory.c | 2 | ||||
| -rw-r--r-- | lib/smux.c | 25 | ||||
| -rw-r--r-- | lib/smux.h | 2 | ||||
| -rw-r--r-- | lib/sockopt.c | 33 | ||||
| -rw-r--r-- | lib/sockopt.h | 28 | ||||
| -rw-r--r-- | lib/stream.h | 2 |
10 files changed, 152 insertions, 27 deletions
diff --git a/lib/ChangeLog b/lib/ChangeLog index bd66f071..da0fa8ca 100644 --- a/lib/ChangeLog +++ b/lib/ChangeLog @@ -1,3 +1,35 @@ +2008-02-28 Paul Jakma <paul.jakma@sun.com> + + * log.c: (mes_lookup) Sowmini Varadhan diagnosed a problem where + this function can cause a NULL dereference, on lookups for unknown + indices, or messages with NULL strings. Can occur, e.g., debug + logging code when processing received messages. Fixed to accept a + pointer to a default string to be used if there is no match. + * log.h: LOOKUP adjusted to match + +2008-02-28 Paul Jakma <paul.jakma@sun.com> + + * linklist.c: This implementation expects that the data pointer not + be null, e.g. listgetdata() asserts this. The list add methods + don't apply the same sanity check. + + Noted by Jim Carlson in bug #437. + +2008-01-11 Andrew J. Schorr <ajschorr@alumni.princeton.edu> + + * zebra.h: Revert previous change, no need to include <net/if_media.h> + here. + +2008-01-10 Ingo Flaschberger <if@xip.at> + + * zebra.h: If HAVE_BSD_LINK_DETECT is defined, include <net/if_media.h>. + +2008-01-08 Pavol Rusnak <prusnak@suse.cz> + + * memory.c: (mtype_memstr) Fix accidental shift past width of type, + constant should have been forced to UL, rather than being left to + default to int. + 2007-11-12 Denis Ovsienko * linklist.c: (listnode_add_after) Don't forget to increment list diff --git a/lib/linklist.c b/lib/linklist.c index 983da2d1..a16e9e18 100644 --- a/lib/linklist.c +++ b/lib/linklist.c @@ -65,7 +65,9 @@ void listnode_add (struct list *list, void *val) { struct listnode *node; - + + assert (val != NULL); + node = listnode_new (); node->prev = list->tail; @@ -91,7 +93,9 @@ listnode_add_sort (struct list *list, void *val) { struct listnode *n; struct listnode *new; - + + assert (val != NULL); + new = listnode_new (); new->data = val; @@ -130,7 +134,9 @@ void listnode_add_after (struct list *list, struct listnode *pp, void *val) { struct listnode *nn; - + + assert (val != NULL); + nn = listnode_new (); nn->data = val; @@ -266,7 +272,9 @@ void list_add_node_prev (struct list *list, struct listnode *current, void *val) { struct listnode *node; - + + assert (val != NULL); + node = listnode_new (); node->next = current; node->data = val; @@ -287,7 +295,9 @@ void list_add_node_next (struct list *list, struct listnode *current, void *val) { struct listnode *node; - + + assert (val != NULL); + node = listnode_new (); node->prev = current; node->data = val; @@ -752,14 +752,24 @@ lookup (struct message *mes, int key) } /* Older/faster version of message lookup function, but requires caller to pass - in the array size (instead of relying on a 0 key to terminate the search). */ + * in the array size (instead of relying on a 0 key to terminate the search). + * + * The return value is the message string if found, or the 'none' pointer + * provided otherwise. + */ const char * -mes_lookup (struct message *meslist, int max, int index) +mes_lookup (struct message *meslist, int max, int index, const char *none) { + int pos = index - meslist[0].key; + /* first check for best case: index is in range and matches the key - value in that slot */ - if ((index >= 0) && (index < max) && (meslist[index].key == index)) - return meslist[index].str; + * value in that slot. + * NB: key numbering might be offset from 0. E.g. protocol constants + * often start at 1. + */ + if ((pos >= 0) && (pos < max) + && (meslist[pos].key == index)) + return meslist[pos].str; /* fall back to linear search */ { @@ -769,14 +779,17 @@ mes_lookup (struct message *meslist, int max, int index) { if (meslist->key == index) { + const char *str = (meslist->str ? meslist->str : none); + zlog_debug ("message index %d [%s] found in position %d (max is %d)", - index, meslist->str, i, max); - return meslist->str; + index, str, i, max); + return str; } } } zlog_err("message index %d not found (max is %d)", index, max); - return NULL; + assert (none); + return none; } /* Wrapper around strerror to handle case where it returns NULL. */ @@ -142,10 +142,12 @@ extern int zlog_reset_file (struct zlog *zl); extern int zlog_rotate (struct zlog *); /* For hackey massage lookup and check */ -#define LOOKUP(x, y) mes_lookup(x, x ## _max, y) +#define LOOKUP(x, y) mes_lookup(x, x ## _max, y, "(no item found)") extern const char *lookup (struct message *, int); -extern const char *mes_lookup (struct message *meslist, int max, int index); +extern const char *mes_lookup (struct message *meslist, + int max, int index, + const char *no_item); extern const char *zlog_priority[]; extern const char *zlog_proto_names[]; diff --git a/lib/memory.c b/lib/memory.c index eb670722..9ed5e100 100644 --- a/lib/memory.c +++ b/lib/memory.c @@ -501,7 +501,7 @@ mtype_memstr (char *buf, size_t len, unsigned long bytes) * Just hacked to make it not warn on 'smaller' machines. * Static compiler analysis should mean no extra code */ - if (bytes & (1 << (sizeof (unsigned long) >= 8 ? 39 : 0))) + if (bytes & (1UL << (sizeof (unsigned long) >= 8 ? 39 : 0))) t++; snprintf (buf, len, "%4d TiB", t); } @@ -226,7 +226,8 @@ smux_socket () } freeaddrinfo(res0); if (sock < 0) - zlog_warn ("Can't connect to SNMP agent with SMUX"); + if (debug_smux) + zlog_debug ("Can't connect to SNMP agent with SMUX"); #else sock = socket (AF_INET, SOCK_STREAM, 0); if (sock < 0) @@ -257,7 +258,8 @@ smux_socket () { close (sock); smux_sock = -1; - zlog_warn ("Can't connect to SNMP agent with SMUX"); + if (debug_smux) + zlog_debug ("Can't connect to SNMP agent with SMUX"); return -1; } #endif @@ -1179,7 +1181,10 @@ smux_connect (struct thread *t) int ret; if (debug_smux) - zlog_debug ("SMUX connect try %d", fail + 1); + { + fail = fail + 1; + zlog_debug ("SMUX connect try %d", fail); + } /* Clear thread poner of myself. */ smux_connect_thread = NULL; @@ -1188,8 +1193,10 @@ smux_connect (struct thread *t) smux_sock = smux_socket (); if (smux_sock < 0) { - if (++fail < SMUX_MAX_FAILURE) - smux_event (SMUX_CONNECT, 0); + if (debug_smux) + zlog_debug ("SMUX socket/connection creation error"); + // if (++fail < SMUX_MAX_FAILURE) + smux_event (SMUX_CONNECT, 0); return 0; } @@ -1200,8 +1207,8 @@ smux_connect (struct thread *t) zlog_warn ("SMUX open message send failed: %s", safe_strerror (errno)); close (smux_sock); smux_sock = -1; - if (++fail < SMUX_MAX_FAILURE) - smux_event (SMUX_CONNECT, 0); + // if (++fail < SMUX_MAX_FAILURE) + smux_event (SMUX_CONNECT, 0); return -1; } @@ -1212,8 +1219,8 @@ smux_connect (struct thread *t) zlog_warn ("SMUX register message send failed: %s", safe_strerror (errno)); close (smux_sock); smux_sock = -1; - if (++fail < SMUX_MAX_FAILURE) - smux_event (SMUX_CONNECT, 0); + // if (++fail < SMUX_MAX_FAILURE) + smux_event (SMUX_CONNECT, 0); return -1; } @@ -39,7 +39,7 @@ #define SMUX_SET (ASN_CONTEXT | ASN_CONSTRUCTOR | 3) #define SMUX_TRAP (ASN_CONTEXT | ASN_CONSTRUCTOR | 4) -#define SMUX_MAX_FAILURE 3 +// #define SMUX_MAX_FAILURE 3 /* Structures here are mostly compatible with UCD SNMP 4.1.1 */ #define MATCH_FAILED (-1) diff --git a/lib/sockopt.c b/lib/sockopt.c index f8fa946e..985c3a38 100644 --- a/lib/sockopt.c +++ b/lib/sockopt.c @@ -480,3 +480,36 @@ sockopt_iphdrincl_swab_systoh (struct ip *iph) iph->ip_id = ntohs(iph->ip_id); } + +#if defined(HAVE_TCP_MD5SIG) +int +sockopt_tcp_signature (int sock, struct sockaddr_in *sin, const char *password) +{ + int keylen = password ? strlen(password) : 0; + +#if defined(GNU_LINUX) + + struct tcp_md5sig md5sig; + + bzero ((char *)&md5sig, sizeof(md5sig)); + memcpy (&md5sig.tcpm_addr, sin, sizeof(*sin)); + md5sig.tcpm_keylen = keylen; + if (keylen) + memcpy (md5sig.tcpm_key, password, keylen); + + return setsockopt (sock, IPPROTO_TCP, TCP_MD5SIG, &md5sig, sizeof md5sig); + +#else /* !GNU_LINUX */ + + int enable = keylen ? (TCP_SIG_SPI_BASE + sin->sin_port) : 0; + + /* + * XXX Need to do PF_KEY operation here to add/remove an SA entry, + * and add/remove an SP entry for this peer's packet flows also. + */ + return setsockopt (sock, IPPROTO_TCP, TCP_MD5SIG, &enable, + sizeof(enable)); + +#endif /* !GNU_LINUX */ +} +#endif /* HAVE_TCP_MD5SIG */ diff --git a/lib/sockopt.h b/lib/sockopt.h index ebb71430..158f17ac 100644 --- a/lib/sockopt.h +++ b/lib/sockopt.h @@ -98,4 +98,32 @@ extern int getsockopt_ifindex (int, struct msghdr *); extern void sockopt_iphdrincl_swab_htosys (struct ip *iph); extern void sockopt_iphdrincl_swab_systoh (struct ip *iph); +#if defined(HAVE_TCP_MD5SIG) + +#if defined(GNU_LINUX) && !defined(TCP_MD5SIG) + +/* XXX these will come from <linux/tcp.h> eventually */ + +#define TCP_MD5SIG 14 +#define TCP_MD5SIG_MAXKEYLEN 80 + +struct tcp_md5sig { + struct sockaddr_storage tcpm_addr; /* address associated */ + __u16 __tcpm_pad1; /* zero */ + __u16 tcpm_keylen; /* key length */ + __u32 __tcpm_pad2; /* zero */ + __u8 tcpm_key[TCP_MD5SIG_MAXKEYLEN]; /* key (binary) */ +}; + +#endif /* defined(GNU_LINUX) && !defined(TCP_MD5SIG) */ + +#if !defined(GNU_LINUX) && !defined(TCP_SIG_SPI_BASE) +#define TCP_SIG_SPI_BASE 1000 /* XXX this will go away */ +#endif + +extern int sockopt_tcp_signature(int sock, struct sockaddr_in *sin, + const char *password); + +#endif /* HAVE_TCP_MD5SIG */ + #endif /*_ZEBRA_SOCKOPT_H */ diff --git a/lib/stream.h b/lib/stream.h index d2d2e401..715a083d 100644 --- a/lib/stream.h +++ b/lib/stream.h @@ -137,7 +137,7 @@ struct stream_fifo */ extern struct stream *stream_new (size_t); extern void stream_free (struct stream *); -extern struct stream * stream_copy (struct stream *new, struct stream *src); +extern struct stream * stream_copy (struct stream *, struct stream *src); extern struct stream *stream_dup (struct stream *); extern size_t stream_resize (struct stream *, size_t); extern size_t stream_get_getp (struct stream *); |