OSPF: Use message authentication interface

Based on former commit from Pavel Tvrdik
author: Ondrej Zajicek (work) <santiago@crfreenet.org> 2016-10-27 20:58:21 +0200
committer: Ondrej Zajicek (work) <santiago@crfreenet.org> 2016-11-02 17:53:22 +0100
commit: 29239ba2bbee3e9ec7d17793b25936a1bfc795ca (patch)
tree: 3e0b5a6d76d9bc508a86b45fb222bcd57999a277 /proto/ospf/config.Y
parent: 390601f038b69d5de3841c691f92af0fcd088454 (diff)
1 files changed, 14 insertions, 0 deletions
diff --git a/proto/ospf/config.Y b/proto/ospf/config.Y
index c859960f..7b35b191 100644
--- a/proto/ospf/config.Y
+++ b/proto/ospf/config.Y
@@ -42,6 +42,20 @@ ospf_iface_finish(void)
 
   if ((ip->autype == OSPF_AUTH_NONE) && (ip->passwords != NULL))
     log(L_WARN "Password option without authentication option does not make sense");
+
+  if (ip->passwords)
+  {
+    struct password_item *pass;
+    WALK_LIST(pass, *ip->passwords)
+    {
+      if (pass->alg && (ip->autype != OSPF_AUTH_CRYPT))
+	cf_error("Password algorithm option requires cryptographic authentication");
+
+      /* Set default OSPF crypto algorithms */
+      if (!pass->alg && (ip->autype == OSPF_AUTH_CRYPT))
+	pass->alg = ospf_cfg_is_v2() ? ALG_MD5 : ALG_HMAC_SHA256;
+    }
+  }
 }
 
 static void
author	Ondrej Zajicek (work) <santiago@crfreenet.org>	2016-10-27 20:58:21 +0200
committer	Ondrej Zajicek (work) <santiago@crfreenet.org>	2016-11-02 17:53:22 +0100
commit	29239ba2bbee3e9ec7d17793b25936a1bfc795ca (patch)
tree	3e0b5a6d76d9bc508a86b45fb222bcd57999a277 /proto/ospf/config.Y
parent	390601f038b69d5de3841c691f92af0fcd088454 (diff)