summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* | | ospfd: spellingDenis Ovsienko2011-09-271-1/+1
| | |
* | | bgpd: spellingDenis Ovsienko2011-09-271-1/+1
| | |
* | | bgpd: spellingDenis Ovsienko2011-09-271-1/+1
| | |
* | | ospfd: use existing macro for consistencyDenis Ovsienko2011-09-271-2/+2
| | |
* | | zebra: add missing includesDenis Ovsienko2011-09-272-0/+5
| | |
* | | ospf6d: address more trivial compiler warningsDenis Ovsienko2011-09-273-2/+13
| | | | | | | | | | | | | | | | | | | | | * ospf6_main.c: include required headers * ospf6_asbr.h: idem * ospf6_spf.c * ospf6_spf_install(): remove unused variables
* | | ospfd: sizing macros cleanupDenis Ovsienko2011-09-272-10/+8
| | | | | | | | | | | | | | | | | | * ospf_spf.c * ROUTER_LSA_TOS_SIZE: prepend OSPF_ and move to ospf_lsa.h * ROUTER_LSA_MIN_SIZE: replace with existing OSPF_ROUTER_LSA_LINK_SIZE
* | | lib: use "protocol-independed API" from RFC3678, if that is availableDmitrij Tejblum2011-09-272-4/+31
| | | | | | | | | | | | | | | | | | | | | | | | (This commit is based on the patch from BZ#420, and should fix that bug.) * configure.ac: detect availability of that API * sockopt.c (setsockopt_ipv4_multicast): use it for join/leave IPv4 multicast groups
* | | lib: futher simplification of setsockopt_ipv4_multicast()Dmitrij Tejblum2011-09-271-64/+44
| | | | | | | | | | | | | | | * sockopt.c (setsockopt_ipv4_multicast): check for wrong optname with assert(), rather than return an error.
* | | lib: fix omission in the previous commit to lib/sockopt.cDmitrij Tejblum2011-09-271-0/+1
| | | | | | | | | | | | | | | * sockopt.c (setsockopt_ipv4_multicast_if): fix missed line in the previous commit.
* | | lib: simplify interface of setsockopt_multicast_ipv4().Dmitrij Tejblum2011-09-274-60/+63
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * sockopt.[ch] (setsockopt_ipv4_multicast): ifindex is now mandatory (all non-ancient OSes can use it anyway), and if_addr parameter (the address of the interface) is now gone. (setsockopt_ipv4_multicast_if): IP_MULTICAST_IF processing moved to this new function * ospf_network.c (ospf_if_add_allspfrouters, ospf_if_drop_allspfrouters, ospf_if_add_alldrouters, ospf_if_drop_alldrouters, ospf_if_ipmulticast), rip_interface.c (ipv4_multicast_join, ipv4_multicast_leave, rip_interface_new): adapt to the new interface
* | | ospf6d: spellingDenis Ovsienko2011-09-272-12/+12
| | |
* | | lib: remove unused variableDenis Ovsienko2011-09-271-3/+1
| | | | | | | | | | | | * sockopt.c (getsockopt_ifindex): "ifindex" was never used
* | | delete CVS keywordsDenis Ovsienko2011-09-2712-23/+0
| | |
* | | configure: fix OpenPAM detectionDenis Ovsienko2011-09-271-1/+8
| | |
* | | bgpd: check ATOMIC_AGGREGATE attr flags (BZ#678)Denis Ovsienko2011-09-271-2/+38
| | | | | | | | | | | | | | | | | | | | | | | | * bgp_attr.c * bgp_attr_atomic(): accept extra argument, add checks for "optional", "transitive" and "partial" bits, log each error condition independently * bgp_attr_parse(): provide extra argument
* | | bgpd: check MULTI_EXIT_DISC attr flags (BZ#677)Denis Ovsienko2011-09-271-0/+32
| | | | | | | | | | | | | | | | | | * bgp_attr.c * bgp_attr_med(): add checks for "optional", "transitive" and "partial" bits, log each error condition independently
* | | bgpd: check LOCAL_PREF attribute flags (BZ#674)Denis Ovsienko2011-09-271-2/+27
| | | | | | | | | | | | | | | | | | | | | | | | * bgp_attr.c * bgp_attr_local_pref(): accept extra argument, add checks for "optional" and "transitive" bits, log each error condition independently * bgp_attr_parse(): provide extra argument
* | | bgpd: add useful notification logs (BZ#616)heasley2011-09-271-3/+16
| | | | | | | | | | | | | | | * bgp_packet.c * bgp_notify_send_with_data(): add calls to zlog_info()
* | | bgpd: consistent log msg format (BZ#565)heasley2011-09-271-5/+5
| | |
* | | ospf6d: add lost lines to area config blockJon Andersson2011-09-271-0/+12
| | | | | | | | | | | | | | | | | | * ospf6_area.c * ospf6_area_config_write(): write filter-list, import-list and export-list lines
* | | ospf6d: fix crash on filter-list handling (BZ#530)Christian Hammers2011-09-271-8/+8
| | | | | | | | | | | | | | | | | | | | | | | | This essentially merges the fix available from Debian build of Quagga. * ospf6_area.c * area_filter_list(): use correct argv indices * no_area_filter_list(): idem
* | | configure: fix FreeBSD header detection (BZ#408)Denis Ovsienko2011-09-271-9/+30
| | | | | | | | | | | | | | | | | | | | | | | | This change is based on Xavier Beaudouin's patch (which fixes detection of 3 config.h macros on FreeBSD without any impact to Linux build of Quagga) and FreeBSD port patch (which fixes 5 config.h macros, but breaks the Linux build), it fixes 5 macros and works for both FreeBSD 8 and Linux.
* | | isisd: include hash.h, not hash.cPeter Szilagyi2011-09-271-1/+1
| | |
* | | isisd: raise hello rate for DIS (BZ#539)Fritz Reichmann2011-09-271-2/+24
| | | | | | | | | | | | | | | * isis_pdu.c: Divide hello interval by three, depending if we are DIS or not.
* | | isisd: fix crash on "no router isis" (BZ#536)Fritz Reichmann2011-09-276-3/+40
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The crash is due to threads accessing data that gets destroyed during the removal of the configuration. * isis_circuit.c: Destroy adjacencies to stop adjacency expiry thread. Stop PSNP threads. * isisd.c: Change state of circuit back to INIT and reassign the circuit structure to isis->init_circ_list rather than destroying the circuit data structure. Stop SPF threads. Stop LSP generation threads. * isisd.h: Add pointers to LSP threads into area structure in order to stop them in isisd.c * isis_lsp.c: Store pointer to LSP thread in area structure. * isis_pdu.c: Stop PDU generation for a circuit with a removed area. * isis_pfpacket.c: Stop processing received PDUs for a circuit with a removed area.
* | | configure: dismiss libutil.hStephen Hemminger2011-09-272-5/+1
| | | | | | | | | | | | | | | Recent versions of libc on Linux (Debian Testing) create lots of compile warnings about direct usage of libutil.h
* | | zebra: fix loss of metric for Linux routesDmitry Popov2011-09-271-2/+8
| | | | | | | | | | | | | | | | | | * rt_netlink.c * netlink_route_change(): fetch metric information like netlink_routing_table() does and pass it further
* | | ospfd: remove useless RFC1583 checkAlexandre Chappuis2011-09-271-4/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * ospf_route.c: Function ospf_asbr_route_cmp is called uniquely from ospf_route_cmp() when the flag OSPF_RFC1583_COMPATIBLE is not set. Therefore, the check that the flag is set doesn't make sense at all and it can consequently be removed without doing any harm. Signed-off-by: Alexandre Chappuis <alc@open.ch> Signed-off-by: Roman Hoog Antink <rha@open.ch>
* | | doc: BGP route-flap dampeningAlexandre Chappuis2011-09-271-0/+30
| | |
* | | doc: add missing wordAlexandre Chappuis2011-09-271-1/+1
| | | | | | | | | | | | | | | * ospfd.texi: Adjust meaning of the rfc1583compatibility option in order to match the RFC specification and the actual source code.
* | | release: 0.99.19quagga_0_99_19_releaseDenis Ovsienko2011-09-261-1/+1
| | |
* | | ospf6d: CVE-2011-3323 (fortify packet reception)Denis Ovsienko2011-09-267-73/+492
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This vulnerability (CERT-FI #514840) was reported by CROSS project. ospf6d processes IPv6 prefix structures in incoming packets without verifying that the declared prefix length is valid. This leads to a crash caused by out of bounds memory access. * ospf6_abr.h: new macros for size/alignment validation * ospf6_asbr.h: idem * ospf6_intra.h: idem * ospf6_lsa.h: idem * ospf6_message.h: idem * ospf6_proto.h: idem * ospf6_message.c * ospf6_packet_minlen: helper array for ospf6_packet_examin() * ospf6_lsa_minlen: helper array for ospf6_lsa_examin() * ospf6_hello_recv(): do not call ospf6_header_examin(), let upper layer verify the input data * ospf6_dbdesc_recv(): idem * ospf6_lsreq_recv(): idem * ospf6_lsupdate_recv(): idem * ospf6_lsack_recv(): idem * ospf6_prefixes_examin(): new function, implements A.4.1 * ospf6_lsa_examin(): new function, implements A.4 * ospf6_lsaseq_examin(): new function, an interface to above * ospf6_packet_examin(): new function, implements A.3 * ospf6_rxpacket_examin(): new function, replaces ospf6_header_examin() * ospf6_header_examin(): sayonara * ospf6_receive(): perform passive interface check earliest possible, employ ospf6_rxpacket_examin()
* | | ospf6d: CVE-2011-3324 (DD LSA assertion)Denis Ovsienko2011-09-261-1/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This vulnerability (CERT-FI #514839) was reported by CROSS project. When Database Description LSA header list contains trailing zero octets, ospf6d tries to process this data as an LSA header. This triggers an assertion in the code and ospf6d shuts down. * ospf6_lsa.c * ospf6_lsa_is_changed(): handle header-only argument(s) appropriately, do not treat LSA length underrun as a fatal error.
* | | ospfd: CVE-2011-3325 part 2 (OSPF pkt type segv)Denis Ovsienko2011-09-261-14/+18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This vulnerability (CERT-FI #514838) was reported by CROSS project. The error is reproducible only when ospfd debugging is enabled: * debug ospf packet all * debug ospf zebra When incoming packet header type field is set to 0x0a, ospfd will crash. * ospf_packet.c * ospf_verify_header(): add type field check * ospf_read(): perform input checks early
* | | ospfd: CVE-2011-3325 part 1 (OSPF header underrun)Denis Ovsienko2011-09-261-3/+12
| | | | | | | | | | | | | | | | | | | | | | | | | | | This vulnerability (CERT-FI #514838) was reported by CROSS project. When only 14 first bytes of a Hello packet is delivered, ospfd crashes. * ospf_packet.c * ospf_read(): add size check
* | | ospfd: CVE-2011-3326 (uknown LSA type segfault)CROSS2011-09-261-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This vulnerability (CERT-FI #514837) was reported by CROSS project. They have also suggested a fix to the problem, which was found acceptable. Quagga ospfd does not seem to handle unknown LSA types in a Link State Update message correctly. If LSA type is something else than one supported by Quagga, the default handling of unknown types leads to an error. * ospf_flood.c * ospf_flood(): check return value of ospf_lsa_install()
* | | bgpd: CVE-2011-3327 (ext. comm. buffer overflow)CROSS2011-09-261-7/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This vulnerability (CERT-FI #513254) was reported by CROSS project. They have also suggested a fix to the problem, which was found acceptable. The problem occurs when bgpd receives an UPDATE message containing 255 unknown AS_PATH attributes in Path Attribute Extended Communities. This causes a buffer overlow in bgpd. * bgp_ecommunity.c * ecommunity_ecom2str(): perform size check earlier
* | | ospf6d: add missing includeDenis Ovsienko2011-08-271-0/+3
| | | | | | | | | | | | | | | | | | | | | Two extern declarations in ospf6_abr.h are based on struct ospf6_route, which may not be available at the time ospf6_abr.h is included. This may lead to warnings after including ospf6_abr.h just for the structures defined in it.
* | | ospf6d: move named constants to ospf6d.hDenis Ovsienko2011-08-272-2/+3
| | |
* | | ospf6d: justify some ABR debug codeDenis Ovsienko2011-08-271-2/+4
| | | | | | | | | | | | | | | * ospf6_abr.c * ospf6_abr_examin_summary(): only fill "buf" when it is used
* | | Merge remote-tracking branch 'origin/master'Paul Jakma2011-07-296-3/+82
|\ \ \ | | |/ | |/|
| * | Merge remote-tracking branch 'polymorf/master'Greg Troxel2011-07-131-0/+16
| |\ \
| | * | Fix ip_len byte order in DragonFly's raw socketDavid BÉRARD2010-05-111-0/+16
| | | |
| * | | fix typoRoman Hoog Antink2011-06-281-1/+1
| | | |
| * | | Omit --opaque-lsa from build (now default).Greg Troxel2011-06-281-1/+3
| | | |
| * | | ospf6d: copy "mtu-ignore" option from ospfdDmitrij Tejblum2011-04-223-1/+62
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | "mtu-ignore" is an option ospfd used to mimic from the vendor's implementation, now ospf6d will also implement it. * ospf6_interface.h: extend ospf6_interface structure by one flag * ospf6_interface.c: (ipv6_ospf6_mtu_ignore, no_ipv6_ospf6_mtu_ignore): new declarations; (ospf6_interface_create): show initial value for consistency; (ospf6_interface_show): print flag status * ospf6_message.c: (ospf6_dbdesc_recv): consider interface-specific flag when checking MTU
* | | | Merge branch 'attr-errors'Paul Jakma2011-07-2915-455/+880
|\ \ \ \ | |/ / / |/| | | | | | | | | | | | | | | | | | | | | | | Contains BGP fixes: - set extcommunity crash: tihs patch tries to make the refcounting more robust but does not fully solve the problem, sadly. - BGP attribute error handling: Little testing.
| * | | bgpd: Implement revised error handling for partial optional/trans. attributesPaul Jakma2011-03-215-239/+393
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * BGP error handling generally boils down to "reset session". This was fine when all BGP speakers pretty much understood all BGP messages. However the increasing deployment of new attribute types has shown this approach to cause problems, in particular where a new attribute type is "tunneled" over some speakers which do not understand it, and then arrives at a speaker which does but considers it malformed (e.g. corruption along the way, or because of early implementation bugs/interop issues). To mitigate this drafts before the IDR (likely to be adopted) propose to treat errors in partial (i.e. not understood by neighbour), optional transitive attributes, when received from eBGP peers, as withdrawing only the NLRIs in the affected UPDATE, rather than causing the entire session to be reset. See: http://tools.ietf.org/html/draft-scudder-idr-optional-transitive * bgp_aspath.c: (assegments_parse) Replace the "NULL means valid, 0-length OR an error" return value with an error code - instead taking pointer to result structure as arg. (aspath_parse) adjust to suit previous change, but here NULL really does mean error in the external interface. * bgp_attr.h (bgp_attr_parse) use an explictly typed and enumerated value to indicate return result. (bgp_attr_unintern_sub) cleans up just the members of an attr, but not the attr itself, for benefit of those who use a stack-local attr. * bgp_attr.c: (bgp_attr_unintern_sub) split out from bgp_attr_unintern (bgp_attr_unintern) as previous. (bgp_attr_malformed) helper function to centralise decisions on how to handle errors in attributes. (bgp_attr_{aspathlimit,origin,etc..}) Use bgp_attr_malformed. (bgp_attr_aspathlimit) Subcode for error specifc to this attr should be BGP_NOTIFY_UPDATE_OPT_ATTR_ERR. (bgp_attr_as4_path) be more rigorous about checks, ala bgp_attr_as_path. (bgp_attr_parse) Adjust to deal with the additional error level that bgp_attr_ parsers can raise, and also similarly return appropriate error back up to (bgp_update_receive). Try to avoid leaking as4_path. * bgp_packet.c: (bgp_update_receive) Adjust to deal with BGP_ATTR_PARSE_WITHDRAW error level from bgp_attr_parse, which should lead to a withdraw, by making the attribute parameter in call to (bgp_nlri_parse) conditional on the error, so the update case morphs also into a withdraw. Use bgp_attr_unintern_sub from above, instead of doing this itself. Fix error case returns which were not calling bgp_attr_unintern_sub and probably leaking memory. * tests/aspath_test.c: Fix to work for null return with bad segments
| * | | tools/multiple-bgpd.sh: set some community attributes to help test themPaul Jakma2011-03-211-1/+8
| | | |