summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorOndrej Zajicek (work) <santiago@crfreenet.org>2021-03-16 16:34:42 +0100
committerOndrej Zajicek (work) <santiago@crfreenet.org>2021-03-16 16:34:42 +0100
commitae9ae864d3fec20a74ce2567536e186ce178d032 (patch)
treebfb839f7c2fcfe868343867ddf5f00c1874e48ed
parent94abefc00bb22b93493831798391d5d5b21f9d4c (diff)
OSPFv3: Update neighbor authentication state from Hello packets
In OSPFv3, only Hello and DBDes packets contain flags specifying whether RFC 7166 authentication trailer is used. Other packets are processed based on stored authentication state in neighbor structure. Update this state with each received Hello to handle authentication change from reconfigurations. Thanks to Joakim Tjernlund and Kenth Eriksson for the bugreport.
-rw-r--r--proto/ospf/hello.c11
1 files changed, 11 insertions, 0 deletions
diff --git a/proto/ospf/hello.c b/proto/ospf/hello.c
index d094f934..1c987e54 100644
--- a/proto/ospf/hello.c
+++ b/proto/ospf/hello.c
@@ -294,6 +294,14 @@ ospf_receive_hello(struct ospf_packet *pkt, struct ospf_iface *ifa,
n->ip = faddr;
}
}
+
+ /* Update RFC 7166 authentication trailer flag */
+ if (ospf_is_v3(p) && ((rcv_options ^ n->options) & OPT_AT))
+ {
+ OSPF_TRACE(D_EVENTS, "Neighbor %R on %s %s authentication",
+ n->rid, ifa->ifname, (rcv_options & OPT_AT) ? "enabled" : "disabled");
+ n->options = (n->options & ~OPT_AT) | (rcv_options & OPT_AT);
+ }
}
if (!n)
@@ -326,6 +334,9 @@ ospf_receive_hello(struct ospf_packet *pkt, struct ospf_iface *ifa,
n->priority = rcv_priority;
n->iface_id = rcv_iface_id;
+ if (ospf_is_v3(p))
+ n->options = rcv_options & OPT_AT;
+
if (n->ifa->cf->bfd)
ospf_neigh_update_bfd(n, n->ifa->bfd);
}