summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorOndrej Zajicek (work) <santiago@crfreenet.org>2020-05-19 02:50:47 +0200
committerOndrej Zajicek (work) <santiago@crfreenet.org>2020-05-19 02:50:47 +0200
commit1ca7665fa4a9858a6d4c591ccff5b61e5e6aed13 (patch)
treeaac6be32d98012cece79b4d690c11c74cb8caccd
parentb729e731f99aa6ece085597091618ed559a9f656 (diff)
Nest: Allow key id 0
There is nothing in RFCs specifying that id 0 is not allowed. Some implementations does not support it, while some other use key id 0 by default. We allow it but start with key id 1 by default. Thanks to Kenth Eriksson for the bugreport.
-rw-r--r--doc/bird.sgml11
-rw-r--r--nest/config.Y2
2 files changed, 7 insertions, 6 deletions
diff --git a/doc/bird.sgml b/doc/bird.sgml
index 33f6418f..401b4035 100644
--- a/doc/bird.sgml
+++ b/doc/bird.sgml
@@ -783,11 +783,12 @@ agreement").
<descrip>
<tag><label id="proto-pass-id">id <M>num</M></tag>
- ID of the password, (1-255). If it is not used, BIRD will choose ID based
- on an order of the password item in the interface. For example, second
- password item in one interface will have default ID 2. ID is used by
- some routing protocols to identify which password was used to
- authenticate protocol packets.
+ ID of the password, (0-255). If it is not specified, BIRD will choose ID
+ based on an order of the password item in the interface, starting from
+ 1. For example, second password item in one interface will have default
+ ID 2. ID 0 is allowed by BIRD, but some other implementations may not
+ allow it. ID is used by some routing protocols to identify which
+ password was used to authenticate protocol packets.
<tag><label id="proto-pass-gen-from">generate from "<m/time/"</tag>
The start time of the usage of the password for packet signing.
diff --git a/nest/config.Y b/nest/config.Y
index bd1157c6..f2f1df34 100644
--- a/nest/config.Y
+++ b/nest/config.Y
@@ -480,7 +480,7 @@ password_item_params:
| ACCEPT TO time ';' password_item_params { this_p_item->accto = $3; }
| FROM time ';' password_item_params { this_p_item->genfrom = this_p_item->accfrom = $2; }
| TO time ';' password_item_params { this_p_item->gento = this_p_item->accto = $2; }
- | ID expr ';' password_item_params { this_p_item->id = $2; if ($2 <= 0) cf_error("Password ID has to be greated than zero."); }
+ | ID expr ';' password_item_params { this_p_item->id = $2; if ($2 > 255) cf_error("Password ID must be in range 0-255"); }
| ALGORITHM password_algorithm ';' password_item_params { this_p_item->alg = $2; }
;