diff options
author | Pavel Machek <pavel@ucw.cz> | 1999-12-01 12:52:57 +0000 |
---|---|---|
committer | Pavel Machek <pavel@ucw.cz> | 1999-12-01 12:52:57 +0000 |
commit | 639e62855495fcf461c177373d8f5eb0d5d87332 (patch) | |
tree | 4d68acba497cb62f733914d5cb2652d30cb8e18d /proto/rip/auth.c | |
parent | 3daf783f95790682025ef03ac5b2f486943e6214 (diff) |
Actually check sequence numbers.
Diffstat (limited to 'proto/rip/auth.c')
-rw-r--r-- | proto/rip/auth.c | 14 |
1 files changed, 13 insertions, 1 deletions
diff --git a/proto/rip/auth.c b/proto/rip/auth.c index 17c8d3a6..5337268c 100644 --- a/proto/rip/auth.c +++ b/proto/rip/auth.c @@ -31,7 +31,7 @@ /* 1 == failed, 0 == ok */ int -rip_incoming_authentication( struct proto *p, struct rip_block_auth *block, struct rip_packet *packet, int num ) +rip_incoming_authentication( struct proto *p, struct rip_block_auth *block, struct rip_packet *packet, int num, ip_addr whotoldme ) { DBG( "Incoming authentication: " ); switch (block->authtype) { /* Authentication type */ @@ -73,6 +73,18 @@ rip_incoming_authentication( struct proto *p, struct rip_block_auth *block, stru DBG( "time, " ); if ((head->from > now) || (head->to < now)) goto skip; + if (block->seq) { + struct neighbor *neigh = neigh_find(p, &whotoldme, 0); + if (!neigh) { + log( L_AUTH "Non-neighbour md5 checksummed packet?\n" ); + } else { + if (neigh->aux > block->seq) { + log( L_AUTH "md5 prottected packet with lower numbers\n" ); + return 0; + } + neigh->aux = block->seq; + } + } DBG( "check, " ); if (head->id == block->keyid) { struct MD5Context ctxt; |