summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorOndrej Filip <feela@network.cz>2000-06-06 01:23:03 +0000
committerOndrej Filip <feela@network.cz>2000-06-06 01:23:03 +0000
commitc1824c4d4c7753246ba26d27c7a3b7be3006d46b (patch)
tree428682b51c5ae4ed3f5d2523ab24a35d78cfde68
parentfef1badfcfb0519cca10f3561e5cb79ef9f9e969 (diff)
Simple autentication added.
-rw-r--r--doc/bird.conf.example3
-rw-r--r--proto/ospf/config.Y6
-rw-r--r--proto/ospf/iface.c4
-rw-r--r--proto/ospf/ospf.h5
-rw-r--r--proto/ospf/packet.c28
5 files changed, 41 insertions, 5 deletions
diff --git a/doc/bird.conf.example b/doc/bird.conf.example
index ca7546e9..4de53cf5 100644
--- a/doc/bird.conf.example
+++ b/doc/bird.conf.example
@@ -117,6 +117,8 @@ protocol static {
# dead count 5;
# wait 50;
# type broadcast;
+# authentication simple;
+# password "pass";
# };
# interface "arc0" {
# type nonbroadcast;
@@ -130,6 +132,7 @@ protocol static {
# stub 1;
# interface "ppp1" {
# hello 8;
+# authentication none;
# };
# };
#}
diff --git a/proto/ospf/config.Y b/proto/ospf/config.Y
index e678a262..f22361cb 100644
--- a/proto/ospf/config.Y
+++ b/proto/ospf/config.Y
@@ -23,7 +23,7 @@ CF_DECLS
CF_KEYWORDS(OSPF, AREA, OSPF_METRIC1, OSPF_METRIC2, OSPF_TAG)
CF_KEYWORDS(NEIGHBORS, RFC1583COMPAT, STUB, TICK, COST, RETRANSMIT)
CF_KEYWORDS(HELLO, TRANSIT, PRIORITY, DEAD, NONBROADCAST, POINTOPOINT, TYPE)
-CF_KEYWORDS(NEIGHBORS)
+CF_KEYWORDS(NEIGHBORS, NONE, SIMPLE, AUTHENTICATION, PASSWORD)
%type <t> opttext
@@ -86,6 +86,9 @@ ospf_iface_item:
| TYPE NONBROADCAST { OSPF_PATT->type = OSPF_IT_NBMA ; }
| TYPE POINTOPOINT { OSPF_PATT->type = OSPF_IT_PTP ; }
| NEIGHBORS '{' ipa_list '}'
+ | AUTHENTICATION NONE { OSPF_PATT->autype=AU_NONE ; }
+ | AUTHENTICATION SIMPLE { OSPF_PATT->autype=AU_SIMPLE ; }
+ | PASSWORD TEXT { memcpy(OSPF_PATT->password, $2, 8); }
|
;
@@ -116,6 +119,7 @@ ospf_iface_start:
OSPF_PATT->deadc = DEADC_D;
OSPF_PATT->type = OSPF_IT_UNDEF;
init_list(&OSPF_PATT->nbma_list);
+ OSPF_PATT->autype=AU_NONE;
}
;
diff --git a/proto/ospf/iface.c b/proto/ospf/iface.c
index ff29a1fd..7658f436 100644
--- a/proto/ospf/iface.c
+++ b/proto/ospf/iface.c
@@ -398,8 +398,8 @@ ospf_ifa_add(struct object_lock *lock)
ifa->helloint=ip->helloint;
ifa->waitint=ip->waitint;
ifa->deadc=ip->deadc;
- ifa->autype=0; /* FIXME add authentification */
- for(i=0;i<8;i++) ifa->aukey[i]=0;
+ ifa->autype=ip->autype;
+ memcpy(ifa->aukey,ip->password,8);
ifa->options=2; /* FIXME what options? */
if(ip->type==OSPF_IT_UNDEF)
diff --git a/proto/ospf/ospf.h b/proto/ospf/ospf.h
index 65bb6058..3d5d1df8 100644
--- a/proto/ospf/ospf.h
+++ b/proto/ospf/ospf.h
@@ -377,6 +377,11 @@ struct ospf_iface_patt {
int waitint;
int deadc;
int type;
+ int autype;
+#define AU_NONE 0
+#define AU_SIMPLE 1
+#define AU_CRYPT 2
+ u8 password[8];
list nbma_list;
};
diff --git a/proto/ospf/packet.c b/proto/ospf/packet.c
index 88234da1..4b2e7727 100644
--- a/proto/ospf/packet.c
+++ b/proto/ospf/packet.c
@@ -31,10 +31,29 @@ fill_ospf_pkt_hdr(struct ospf_iface *ifa, void *buf, u8 h_type)
void
ospf_tx_authenticate(struct ospf_iface *ifa, struct ospf_packet *pkt)
{
- /* FIXME */
+ int i;
+ pkt->autype=ifa->autype;
+ memcpy(pkt->authetication, ifa->aukey, 8);
return;
}
+int
+ospf_rx_authenticate(struct ospf_iface *ifa, struct ospf_packet *pkt)
+{
+ int i;
+ if(pkt->autype!=ifa->autype) return 0;
+ if(ifa->autype==AU_NONE) return 1;
+ if(ifa->autype==AU_SIMPLE)
+ {
+ for(i=0;i<8;i++)
+ {
+ if(pkt->authetication[i]!=ifa->aukey[i]) return 0;
+ }
+ return 1;
+ }
+ return 0;
+}
+
void
ospf_pkt_finalize(struct ospf_iface *ifa, struct ospf_packet *pkt)
{
@@ -95,7 +114,12 @@ ospf_rx_hook(sock *sk, int size)
return(1);
}
- /* FIXME: Do authetification */
+ if(!ospf_rx_authenticate(ifa,ps))
+ {
+ log("%s: Bad OSPF packet received: bad password", p->name);
+ return(1);
+ }
+
if(ps->areaid!=ifa->an)
{