Commit 32d3228d authored by Ondřej Filip's avatar Ondřej Filip

Bugfix in simple authentification.

parent 12dd8dc8
...@@ -22,7 +22,7 @@ password_find(list *l) ...@@ -22,7 +22,7 @@ password_find(list *l)
{ {
WALK_LIST(pi, *l) WALK_LIST(pi, *l)
{ {
if ((pi->genfrom > now) && (pi->gento < now)) if ((pi->genfrom < now) && (pi->gento > now))
return pi; return pi;
} }
} }
...@@ -32,6 +32,6 @@ password_find(list *l) ...@@ -32,6 +32,6 @@ password_find(list *l)
void password_cpy(char *dst, char *src, int size) void password_cpy(char *dst, char *src, int size)
{ {
bzero(dst, size); bzero(dst, size);
memcpy(dst, src, strlen(src) < (unsigned) size ? strlen(src) : (unsigned) size); memcpy(dst, src, (strlen(src) < (unsigned) size ? strlen(src) : (unsigned) size));
} }
/* /*
* BIRD -- OSPF Configuration * BIRD -- OSPF Configuration
* *
* (c) 1999 - 2000 Ondrej Filip <feela@network.cz> * (c) 1999--2004 Ondrej Filip <feela@network.cz>
* *
* Can be freely distributed and used under the terms of the GNU GPL. * Can be freely distributed and used under the terms of the GNU GPL.
*/ */
...@@ -98,6 +98,7 @@ ospf_vlink_item: ...@@ -98,6 +98,7 @@ ospf_vlink_item:
| DEAD COUNT expr { OSPF_PATT->deadc = $3 ; if ($3<=1) cf_error("Dead count must be greater than one"); } | DEAD COUNT expr { OSPF_PATT->deadc = $3 ; if ($3<=1) cf_error("Dead count must be greater than one"); }
| AUTHENTICATION NONE { OSPF_PATT->autype = OSPF_AUTH_NONE ; } | AUTHENTICATION NONE { OSPF_PATT->autype = OSPF_AUTH_NONE ; }
| AUTHENTICATION SIMPLE { OSPF_PATT->autype = OSPF_AUTH_SIMPLE ; } | AUTHENTICATION SIMPLE { OSPF_PATT->autype = OSPF_AUTH_SIMPLE ; }
| AUTHENTICATION CRYPTOGRAPHIC { OSPF_PATT->autype = OSPF_AUTH_CRYPT ; }
| password_list {OSPF_PATT->passwords = $1; } | password_list {OSPF_PATT->passwords = $1; }
; ;
......
...@@ -48,15 +48,20 @@ ospf_pkt_finalize(struct ospf_iface *ifa, struct ospf_packet *pkt) ...@@ -48,15 +48,20 @@ ospf_pkt_finalize(struct ospf_iface *ifa, struct ospf_packet *pkt)
char password[OSPF_AUTH_CRYPT_SIZE]; char password[OSPF_AUTH_CRYPT_SIZE];
pkt->autype = htons(ifa->autype); pkt->autype = htons(ifa->autype);
bzero(&pkt->u, sizeof(union ospf_auth));
switch(ifa->autype) switch(ifa->autype)
{ {
case OSPF_AUTH_SIMPLE: case OSPF_AUTH_SIMPLE:
password_cpy(pkt->u.password, passwd->password, 8); bzero(&pkt->u, sizeof(union ospf_auth));
if (!passwd)
{
log( L_ERR "No suitable password found for authentication" );
return;
}
password_cpy(pkt->u.password, passwd->password, sizeof(union ospf_auth));
case OSPF_AUTH_NONE: case OSPF_AUTH_NONE:
pkt->checksum = ipsum_calculate(pkt, sizeof(struct ospf_packet) - 8, pkt->checksum = ipsum_calculate(pkt, sizeof(struct ospf_packet) -
(pkt + 1), sizeof(union ospf_auth), (pkt + 1),
ntohs(pkt->length) - ntohs(pkt->length) -
sizeof(struct ospf_packet), NULL); sizeof(struct ospf_packet), NULL);
break; break;
...@@ -127,15 +132,17 @@ ospf_pkt_checkauth(struct ospf_neighbor *n, struct ospf_iface *ifa, struct ospf_ ...@@ -127,15 +132,17 @@ ospf_pkt_checkauth(struct ospf_neighbor *n, struct ospf_iface *ifa, struct ospf_
OSPF_TRACE(D_PACKETS, "OSPF_auth: no password found"); OSPF_TRACE(D_PACKETS, "OSPF_auth: no password found");
return 0; return 0;
} }
password_cpy(password, pass->password, sizeof(union ospf_auth));
if (memcmp(pkt->u.password,pass, 8)) if (memcmp(pkt->u.password, password, sizeof(union ospf_auth)))
{ {
OSPF_TRACE(D_PACKETS, "OSPF_auth: different passwords"); char ppass[sizeof(union ospf_auth) + 1];
bzero(ppass, (sizeof(union ospf_auth) + 1));
memcpy(ppass, pkt->u.password, sizeof(union ospf_auth));
OSPF_TRACE(D_PACKETS, "OSPF_auth: different passwords (%s)", ppass);
return 0; return 0;
} }
return 1;
else
return 1;
break; break;
case OSPF_AUTH_CRYPT: case OSPF_AUTH_CRYPT:
if (pkt->u.md5.len != OSPF_AUTH_CRYPT_SIZE) if (pkt->u.md5.len != OSPF_AUTH_CRYPT_SIZE)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment