| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| | | |
| | |
| | |
| | |
| | | |
Recent versions of libc on Linux (Debian Testing) create lots of
compile warnings about direct usage of libutil.h
|
| | | |
| | |
| | |
| | |
| | |
| | | |
* rt_netlink.c
* netlink_route_change(): fetch metric information like
netlink_routing_table() does and pass it further
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* ospf_route.c: Function ospf_asbr_route_cmp is called uniquely from
ospf_route_cmp() when the flag OSPF_RFC1583_COMPATIBLE is not set.
Therefore, the check that the flag is set doesn't make sense at all
and it can consequently be removed without doing any harm.
Signed-off-by: Alexandre Chappuis <alc@open.ch>
Signed-off-by: Roman Hoog Antink <rha@open.ch>
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | | |
* ospfd.texi: Adjust meaning of the rfc1583compatibility option in
order to match the RFC specification and the actual source code.
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This vulnerability (CERT-FI #514840) was reported by CROSS project.
ospf6d processes IPv6 prefix structures in incoming packets without
verifying that the declared prefix length is valid. This leads to a
crash
caused by out of bounds memory access.
* ospf6_abr.h: new macros for size/alignment validation
* ospf6_asbr.h: idem
* ospf6_intra.h: idem
* ospf6_lsa.h: idem
* ospf6_message.h: idem
* ospf6_proto.h: idem
* ospf6_message.c
* ospf6_packet_minlen: helper array for ospf6_packet_examin()
* ospf6_lsa_minlen: helper array for ospf6_lsa_examin()
* ospf6_hello_recv(): do not call ospf6_header_examin(), let upper
layer verify the input data
* ospf6_dbdesc_recv(): idem
* ospf6_lsreq_recv(): idem
* ospf6_lsupdate_recv(): idem
* ospf6_lsack_recv(): idem
* ospf6_prefixes_examin(): new function, implements A.4.1
* ospf6_lsa_examin(): new function, implements A.4
* ospf6_lsaseq_examin(): new function, an interface to above
* ospf6_packet_examin(): new function, implements A.3
* ospf6_rxpacket_examin(): new function, replaces
ospf6_header_examin()
* ospf6_header_examin(): sayonara
* ospf6_receive(): perform passive interface check earliest possible,
employ ospf6_rxpacket_examin()
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This vulnerability (CERT-FI #514839) was reported by CROSS project.
When Database Description LSA header list contains trailing zero octets,
ospf6d tries to process this data as an LSA header. This triggers an
assertion in the code and ospf6d shuts down.
* ospf6_lsa.c
* ospf6_lsa_is_changed(): handle header-only argument(s)
appropriately, do not treat LSA length underrun as a fatal error.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This vulnerability (CERT-FI #514838) was reported by CROSS project.
The error is reproducible only when ospfd debugging is enabled:
* debug ospf packet all
* debug ospf zebra
When incoming packet header type field is set to 0x0a, ospfd will crash.
* ospf_packet.c
* ospf_verify_header(): add type field check
* ospf_read(): perform input checks early
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This vulnerability (CERT-FI #514838) was reported by CROSS project.
When only 14 first bytes of a Hello packet is delivered, ospfd crashes.
* ospf_packet.c
* ospf_read(): add size check
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This vulnerability (CERT-FI #514837) was reported by CROSS project.
They have also suggested a fix to the problem, which was found
acceptable.
Quagga ospfd does not seem to handle unknown LSA types in a Link State
Update message correctly. If LSA type is something else than one
supported
by Quagga, the default handling of unknown types leads to an error.
* ospf_flood.c
* ospf_flood(): check return value of ospf_lsa_install()
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This vulnerability (CERT-FI #513254) was reported by CROSS project.
They have also suggested a fix to the problem, which was found
acceptable.
The problem occurs when bgpd receives an UPDATE message containing
255 unknown AS_PATH attributes in Path Attribute Extended Communities.
This causes a buffer overlow in bgpd.
* bgp_ecommunity.c
* ecommunity_ecom2str(): perform size check earlier
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
Two extern declarations in ospf6_abr.h are based on struct ospf6_route,
which may not be available at the time ospf6_abr.h is included. This may
lead to warnings after including ospf6_abr.h just for the structures
defined in it.
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | | |
* ospf6_abr.c
* ospf6_abr_examin_summary(): only fill "buf" when it is used
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Some changes to symtab.c had broken the symbol reference handling for
prefix-lists in plist.c
This commit further "improves" the symbol table functions, to support
current use rather better. One key change is that the symbol table
supports the notion of a symbol which is "set", so has some value other
than its name.
In the case of prefix-lists, a prefix-list is "set" when there is at
least one (valid) entry or a description has been set.
Changes include:
* small changes in bgpd/bgp_clist.c where symbol table function names
have changed and other small differences.
* similarly in bgpd/bgp_peer_index.c, but here also clarified ownership
of the peer index entries, and ensured that the symbol table stuff
does *not* free same.
* in bgpd/bgp_route.c fixed the handling of references to prefix-lists.
Newer symbol handling more clearly identifies when a symbol has some
value "set".
* in bgpd/bgp_vty.c similarly, when showing state of filtering the "*"
against a prefix-list means it is "set".
* in lib/plist.c -- adjust to newer symbol table stuff. Fix issues
will add_hook and delete_hook. Changed lookup so that if plist
is not set, then lookup will return not-found -- so works as
before (!).
* adjusted test for symbol stuff.
|
| | | |
| | |
| | |
| | | |
Fix was in two parts. One part, correct. Second part, not.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* fix stream_put() to accept NULL src (again).
* changed how vty terminal reports time-out and end-of-file,
and made --more-- show the same as ordinary cli.
* tighten on or two stream functions, to cope if for some
reason the getp > endp or endp > size.
* update documentation in vio_lines.c
* fixed (potential) bug which would have tripped up --more--
if were to be required while outputting notification for a
cancel operation.
* as a new command loop is set up, make sure all start in
vst_cmd_running_executing, so that output will be dispatched.
* fix uty_std_out_push() and uty_vtysh_out_push to take notice
of vst_cmd_running and vst_cmd_executing and change to
vst_cmd_complete as required.
* fix handling of hold_mark in VOUT_TERM obuf an line control.
* fix various state related issues for vtysh server and the
vtysh itself.
* when vtysh connects to a daemon, the daemon responds with
its name and version number.
TBD: the vtysh to check that version is as expected !
* clarified handling of errors in vtysh... distinguishing
errors reported by the client daemon, and errors in the
mechanics of talking to the client daemon.
~
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Revised stream functions and built more throrough test program for same.
Introduced functions in prefix.c to support both stream_put_prefix() and
stream_get_prefix() -- ensuring that does not exceed possible sizes and
does not output or input any bits beyond the prefix length.
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Also, fix compilation of privs.c when HAVE_CAPABILITIES.
Wiping of "--more--" was issuing twice as many BS as required. (Oddly,
some telnet programs tollerated this !)
"no ip prefix-list fred" could hit a SEGV if there are no references to
the prefix-list.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
In particular, do not install in VIEW_NODE, where it prevents "en" being
a short form of "enable".
Also: change privilege handling so that can run bgpd --dryrun without
needing to be a privileged user.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Also:
* re-organise vty output such that never blocks while executing a
command -- but does wait/block between commands, so that all
output associated with a command has completed before starts
to execute the next.
* make raising exception always signal the command loop, and
revise code so that (a) signal is clearly secondary, and
(b) that actual signal value no longer really matters.
* fix timeout handling for pipe returns when only the pipe
return and the pipe stderr return are left.
* simplify the handling of blocking for pipes.
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
NB: this is a partial interim version -- NOT for production.
Reinstate vtysh. In bgpd: cope better with generating oversize messages.
The "pipework" branch is no more. There is now "euro_ix" and "euro_ix_b",
where 'b' stands for 'bleedin'. The "pipework" is currently in 'bleedin'.
Version updated to: 0.99.18ex20b
Major changes in this commit:
* modified bgpd to avoid crashing if an oversize message is created.
At present, any oversize messages are simply discarded. This may be a
mistake... since it is possible that some routes that should have been
withdrawn are not. TBA.
The stream lib facilities have been overhauled to may this easier.
* restoring vtysh.
At present the vtysh is thought to work, except that it does not
currently create integrated configuration files.
For the time being, *only* the following compile:
lib, bgpd, zebra, vtysh, tests
All other daemons will fail to compile, and must be disabled.
|
| |\ \ \ |
|
| | | | |
| | | |
| | | |
| | | | |
Covering corner cases and reducing ambiguity.
|
| | | | | |
|
| |\| | |
| | | |
| | | |
| | | | |
Updated version to v0.99.18ex19b.
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Version advanced to 0.99.18ex19p.
Fixed occasional failure to immediately display prompt after
previous command output was abandonned by ^C, particularly with
"--more--".
Completely removed the "~" temporary prompt, and simplified some
logic.
Added indication of pthread running to "show version".
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Functions to output scaled decimal and binary numbers were implemented
for memory show commands. Those have been generalised and placed in
the qfstring.c.
The memory show commands have been updated to use the newer functions,
and a small test program for those has been implemeted.
Other small updates to qfstring.c, qstring.c and qpath.c.
|
| |\| | | |
|
| | | | | |
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
On GNU_LINUX IPV6_MINHOPCOUNT is defined in linux/in6.h. Unfortunately,
that will not always compile due to clashes with netinet/in.h !! So,
as a work-around -DNO_LINUX_IN6_H disables the inclusion of
linux/in6.h -- which avoids the compilation issue, but turns off
IPV6_MINHOPCOUNT.
|
| | | | | |
|
| |\| | | |
|
| | | | | |
|
| | | | |
| | | |
| | | |
| | | | |
Some small changes to accomodate same.
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Bring in fixes for bgp dumping with pthreaded BGP Engine.
Bring in new "show nexus xxx" command.
Fix removal of '~' prompt.
|
| | | | | |
|
| | |\ \ \ |
|
| | | | | | |
|
| | | | | | |
|
| | | | | | |
|
| | | | | | |
|
| |/ / / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Modified the symbol table so that the name of the symbol is now
a property of its value -- which simplifies some of the semantics,
because the name no longer has a separate existence (a name which
refers to an empty or undefined value is now a matter for the
value, not for the symbol table). It also allows for the symbol
table to be used where the value and the name are almost
indistinguishable.
Introduced AVL tree to support large prefix lists, routemaps,
etc. etc.
Updated testsymtab and added testavl.
Updated exiting use of the symbol table.
|
| |\| | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Merge with euro_ix branch v0.99.18ex17.
Update version to: 0.99.18ex18p
Of particular note:
* includes support for GTSM:
neighbor ... ttl-security hops X
no neighbor ... ttl-security hops X
where X is 1-254. For usual case of immediately connected
peer, X == 1.
Cannot set ttl-security while ebgp-multihop is set, and
vice-versa.
If underlying O/S does not support GTSM, then will set ttl
as per ebgp-multihop.
In passing, have fixed various bugs in the main Quagga branch.
* initial support for draft-ietf-idr-optional-transitive
Does not yet support "neighbor-complete" flag.
* main Quagga now uses TCP_CORK and permanent non-blocking
Do not beleive TCP_CORK to be necessary for euro_ix code...
which has a different buffering strategy.
The euro_ix code already runs sockets permanently non-blocking.
* various fixes to attribute intern/unintern
Trying to remove memory leaks. Nobody seems convinced that
this has been perfected, yet.
* fixes for ospfd and ospf6d issues.
Up to date with master branch up to:
commit 538cb284864c17de66152a5236db4cd80e3e7639
Merge: 036a6e6 8ced4e8
Author: Paul Jakma <paul@quagga.net>
Date: Fri Jul 29 18:21:50 2011 +0100
|
| | |\| |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Create euro_ix branch.
Update version to: 0.99.18ex17
Of particular note:
* includes support for GTSM:
neighbor ... ttl-security hops X
no neighbor ... ttl-security hops X
where X is 1-254. For usual case of immediately connected
peer, X == 1.
Cannot set ttl-security while ebgp-multihop is set, and
vice-versa.
If underlying O/S does not support GTSM, then will set ttl
as per ebgp-multihop.
In passing, have fixed various bugs in the main Quagga branch.
* initial support for draft-ietf-idr-optional-transitive
Does not yet support "neighbor-complete" flag.
* main Quagga now uses TCP_CORK and permanent non-blocking
Do not beleive TCP_CORK to be necessary for euro_ix code...
which has a different buffering strategy.
The euro_ix code already runs sockets permanently non-blocking.
* various fixes to attribute intern/unintern
Trying to remove memory leaks. Nobody seems convinced that
this has been perfected, yet.
* fixes for ospfd and ospf6d issues.
Up to date with master branch up to:
commit 538cb284864c17de66152a5236db4cd80e3e7639
Merge: 036a6e6 8ced4e8
Author: Paul Jakma <paul@quagga.net>
Date: Fri Jul 29 18:21:50 2011 +0100
|
| | | |\ \ |
|
| | | | |\ \ |
|
