Sync HEAD sources to vendor branch import of routed v2.27 from rhyolite.com.

Update <protocols/routed.h> for the MD5 changes requested in bin/35843.
Preserve local changes.

Education by:	obrien, markm, pointy-stick
PR:		bin/35843 (and doubtless others)
This commit is contained in:
bms 2004-02-25 23:45:57 +00:00
parent 6ddedbe653
commit 38e644abc2
15 changed files with 373 additions and 164 deletions

View File

@ -33,6 +33,7 @@
* @(#)routed.h 8.1 (Berkeley) 6/2/93
*
* $FreeBSD$
* $Revision: 2.26 $
*/
#ifndef _ROUTED_H_
@ -98,7 +99,9 @@ struct netauth {
int8_t md5_auth_len; /* 16 */
u_int32_t md5_seqno; /* sequence number */
u_int32_t rsvd[2]; /* must be 0 */
#define RIP_AUTH_MD5_LEN RIP_AUTH_PW_LEN
#define RIP_AUTH_MD5_KEY_LEN RIP_AUTH_PW_LEN
#define RIP_AUTH_MD5_HASH_XTRA (sizeof(struct netauth)-sizeof(struct a_md5))
#define RIP_AUTH_MD5_HASH_LEN (RIP_AUTH_MD5_KEY_LEN+RIP_AUTH_MD5_HASH_XTRA)
} a_md5;
} au;
};

View File

@ -100,6 +100,12 @@
#define RIPVERSION RIPv2
#include <protocols/routed.h>
#ifndef __RCSID
#define __RCSID(_s) static const char rcsid[] UNUSED = _s
#endif
#ifndef __COPYRIGHT
#define __COPYRIGHT(_s) static const char copyright[] UNUSED = _s
#endif
/* Type of an IP address.
* Some systems do not like to pass structures, so do not use in_addr.
@ -119,11 +125,19 @@
#define _HAVE_SIN_LEN
#endif
/* Turn on if IP_DROP_MEMBERSHIP and IP_ADD_MEMBERSHIP do not look at
* the dstaddr of point-to-point interfaces.
/* Turn on if IP_{ADD,DROP}_MEMBERSHIP and IP_MULTICAST_IF considers address
* within 0.0.0.0/8 as interface index.
*/
#ifdef __NetBSD__
#define MCAST_PPP_BUG
#define MCAST_IFINDEX
#endif
/* Turn on if IP_DROP_MEMBERSHIP and IP_ADD_MEMBERSHIP do not look at
* the dstaddr of point-to-point interfaces.
* #define MCAST_PPP_BUG
*/
#ifdef MCAST_IFINDEX
#undef MCAST_PPP_BUG
#endif
#define DAY (24*60*60)
@ -290,7 +304,9 @@ struct interface {
time_t int_query_time;
u_short int_transitions; /* times gone up-down */
char int_metric;
char int_d_metric; /* for faked default route */
u_char int_d_metric; /* for faked default route */
u_char int_adj_inmetric; /* adjust advertised metrics */
u_char int_adj_outmetric; /* instead of interface metric */
struct int_data {
u_int ipackets; /* previous network stats */
u_int ierrors;
@ -399,7 +415,9 @@ extern struct parm {
naddr parm_net;
naddr parm_mask;
char parm_d_metric;
u_char parm_d_metric;
u_char parm_adj_inmetric;
char parm_adj_outmetric;
u_int parm_int_state;
int parm_rdisc_pref; /* signed IRDP preference */
int parm_rdisc_int; /* IRDP advertising interval */
@ -645,6 +663,9 @@ extern struct interface *iflookup(naddr);
extern struct auth *find_auth(struct interface *);
extern void end_md5_auth(struct ws_buf *, struct auth *);
#if defined(__FreeBSD__) || defined(__NetBSD__)
#include <md5.h>
#else
#define MD5_DIGEST_LEN 16
typedef struct {
u_int32_t state[4]; /* state (ABCD) */
@ -654,3 +675,4 @@ typedef struct {
extern void MD5Init(MD5_CTX*);
extern void MD5Update(MD5_CTX*, u_char*, u_int);
extern void MD5Final(u_char[MD5_DIGEST_LEN], MD5_CTX*);
#endif

View File

@ -36,14 +36,15 @@
#include "defs.h"
#include "pathnames.h"
#if !defined(sgi) && !defined(__NetBSD__)
static char sccsid[] __attribute__((unused)) = "@(#)if.c 8.1 (Berkeley) 6/5/93";
#elif defined(__NetBSD__)
#include <sys/cdefs.h>
#ifdef __NetBSD__
__RCSID("$NetBSD$");
#elif defined(__FreeBSD__)
__RCSID("$FreeBSD$");
#else
__RCSID("$Revision: 2.27 $");
#ident "$Revision: 2.27 $"
#endif
#ident "$FreeBSD$"
struct interface *ifnet; /* all interfaces */
/* hash table for all interfaces, big enough to tolerate ridiculous
@ -214,14 +215,14 @@ ifwithname(char *name, /* "ec0" or whatever */
struct interface *
ifwithindex(u_short index,
ifwithindex(u_short ifindex,
int rescan_ok)
{
struct interface *ifp;
for (;;) {
for (ifp = ifnet; 0 != ifp; ifp = ifp->int_next) {
if (ifp->int_index == index)
if (ifp->int_index == ifindex)
return ifp;
}
@ -244,6 +245,7 @@ struct interface *
iflookup(naddr addr)
{
struct interface *ifp, *maybe;
int once = 0;
maybe = 0;
for (;;) {
@ -267,9 +269,9 @@ iflookup(naddr addr)
}
}
if (maybe != 0
|| IF_RESCAN_DELAY())
if (maybe != 0 || once || IF_RESCAN_DELAY())
return maybe;
once = 1;
/* If there is no known interface, maybe there is a
* new interface. So just once look for new interfaces.
@ -406,7 +408,8 @@ check_dup(naddr addr, /* IP address, so network byte order */
/* The local address can only be shared with a point-to-point
* link.
*/
if (ifp->int_addr == addr
if ((!(ifp->int_state & IS_REMOTE) || !(if_flags & IS_REMOTE))
&& ifp->int_addr == addr
&& (((if_flags|ifp->int_if_flags) & IFF_POINTOPOINT) == 0))
return ifp;
@ -498,10 +501,14 @@ ifdel(struct interface *ifp)
#endif
&& rip_sock >= 0) {
m.imr_multiaddr.s_addr = htonl(INADDR_RIP_GROUP);
#ifdef MCAST_IFINDEX
m.imr_interface.s_addr = htonl(ifp->int_index);
#else
m.imr_interface.s_addr = ((ifp->int_if_flags
& IFF_POINTOPOINT)
? ifp->int_dstaddr
: ifp->int_addr);
#endif
if (setsockopt(rip_sock,IPPROTO_IP,IP_DROP_MEMBERSHIP,
&m, sizeof(m)) < 0
&& errno != EADDRNOTAVAIL
@ -737,6 +744,10 @@ ifinit(void)
ifam2 = (struct ifa_msghdr*)((char*)ifam + ifam->ifam_msglen);
#ifdef RTM_OIFINFO
if (ifam->ifam_type == RTM_OIFINFO)
continue; /* just ignore compat message */
#endif
if (ifam->ifam_type == RTM_IFINFO) {
struct sockaddr_dl *sdl;

View File

@ -35,11 +35,13 @@
#include "defs.h"
#if !defined(sgi) && !defined(__NetBSD__)
static char sccsid[] __attribute__((unused)) = "@(#)input.c 8.1 (Berkeley) 6/5/93";
#elif defined(__NetBSD__)
#include <sys/cdefs.h>
#ifdef __NetBSD__
__RCSID("$NetBSD$");
#elif defined(__FreeBSD__)
__RCSID("$FreeBSD$");
#else
__RCSID("$Revision: 2.26 $");
#ident "$Revision: 2.26 $"
#endif
#ident "$FreeBSD$"
@ -328,9 +330,14 @@ input(struct sockaddr_in *from, /* received from this IP address */
v12buf.n->n_family = RIP_AF_INET;
v12buf.n->n_dst = RIP_DEFAULT;
i = aifp->int_d_metric;
if (0 != (rt = rtget(RIP_DEFAULT, 0)))
i = MIN(i, (rt->rt_metric
+aifp->int_metric+1));
if (0 != (rt = rtget(RIP_DEFAULT, 0))) {
j = (rt->rt_metric
+aifp->int_metric
+aifp->int_adj_outmetric
+1);
if (i > j)
i = j;
}
v12buf.n->n_metric = htonl(i);
v12buf.n++;
break;
@ -396,11 +403,15 @@ input(struct sockaddr_in *from, /* received from this IP address */
*/
v12buf.n->n_family = RIP_AF_INET;
v12buf.n->n_dst = dst;
v12buf.n->n_metric = (rt->rt_metric+1
+ ((aifp!=0)
? aifp->int_metric
: 1));
if (v12buf.n->n_metric > HOPCNT_INFINITY)
j = rt->rt_metric+1;
if (!aifp)
++j;
else
j += (aifp->int_metric
+ aifp->int_adj_outmetric);
if (j < HOPCNT_INFINITY)
v12buf.n->n_metric = j;
else
v12buf.n->n_metric = HOPCNT_INFINITY;
if (v12buf.buf->rip_vers != RIPv1) {
v12buf.n->n_tag = rt->rt_tag;
@ -484,8 +495,8 @@ input(struct sockaddr_in *from, /* received from this IP address */
if (from->sin_port != ntohs(RIP_PORT)) {
msglim(&bad_router, FROM_NADDR,
" discard RIP response from unknown port"
" %d on host %s", ntohs(from->sin_port),
naddr_ntoa(FROM_NADDR));
" %d on %s",
ntohs(from->sin_port), naddr_ntoa(FROM_NADDR));
return;
}
@ -654,7 +665,8 @@ input(struct sockaddr_in *from, /* received from this IP address */
/* Adjust metric according to incoming interface..
*/
n->n_metric += aifp->int_metric;
n->n_metric += (aifp->int_metric
+ aifp->int_adj_inmetric);
if (n->n_metric > HOPCNT_INFINITY)
n->n_metric = HOPCNT_INFINITY;
@ -967,12 +979,12 @@ ck_passwd(struct interface *aifp,
*/
if (TRACEPACKETS) {
if (NA->au.a_md5.md5_auth_len
!= RIP_AUTH_MD5_LEN)
!= RIP_AUTH_MD5_HASH_LEN)
msglim(use_authp, from,
"unknown MD5 RIPv2 auth len %#x"
" instead of %#x from %s",
NA->au.a_md5.md5_auth_len,
RIP_AUTH_MD5_LEN,
RIP_AUTH_MD5_HASH_LEN,
naddr_ntoa(from));
if (na2->a_family != RIP_AF_AUTH)
msglim(use_authp, from,
@ -989,8 +1001,9 @@ ck_passwd(struct interface *aifp,
}
MD5Init(&md5_ctx);
MD5Update(&md5_ctx, (u_char *)rip, len);
MD5Update(&md5_ctx, ap->key, RIP_AUTH_MD5_LEN);
MD5Update(&md5_ctx, (u_char *)rip,
len + RIP_AUTH_MD5_HASH_XTRA);
MD5Update(&md5_ctx, ap->key, RIP_AUTH_MD5_KEY_LEN);
MD5Final(hash, &md5_ctx);
if (!memcmp(hash, na2->au.au_pw, sizeof(hash)))
return 1;

View File

@ -42,19 +42,20 @@
#include <fcntl.h>
#include <sys/file.h>
#if !defined(sgi) && !defined(__NetBSD__)
char copyright[] =
"@(#) Copyright (c) 1983, 1988, 1993\n\
The Regents of the University of California. All rights reserved.\n";
static char sccsid[] __attribute__((unused)) = "@(#)main.c 8.1 (Berkeley) 6/5/93";
#elif defined(__NetBSD__)
__COPYRIGHT("@(#) Copyright (c) 1983, 1988, 1993\n"
"The Regents of the University of California."
" All rights reserved.\n");
#ifdef __NetBSD__
__RCSID("$NetBSD$");
__COPYRIGHT("@(#) Copyright (c) 1983, 1988, 1993\n\
The Regents of the University of California. All rights reserved.\n");
#include <util.h>
#elif defined(__FreeBSD__)
__RCSID("$FreeBSD$");
#else
__RCSID("$Revision: 2.27 $");
#ident "$Revision: 2.27 $"
#endif
#ident "$FreeBSD$"
pid_t mypid;
naddr myaddr; /* system address */
@ -121,7 +122,7 @@ main(int argc,
*/
signal(SIGHUP, SIG_IGN);
openlog("routed", LOG_PID | LOG_ODELAY, LOG_DAEMON);
openlog("routed", LOG_PID, LOG_DAEMON);
ftrace = stdout;
gettimeofday(&clk, 0);
@ -223,7 +224,7 @@ main(int argc,
case 'v':
/* display version */
verbose++;
msglog("version 2.22");
msglog("version 2.25");
break;
default:
@ -296,6 +297,9 @@ main(int argc,
BADERR(0,"daemon()");
#endif
#if defined(__NetBSD__)
pidfile(0);
#endif
mypid = getpid();
#ifdef __FreeBSD__
srandomdev();
@ -644,7 +648,7 @@ static int /* <0 or file descriptor */
get_rip_sock(naddr addr,
int serious) /* 1=failure to bind is serious */
{
struct sockaddr_in sin;
struct sockaddr_in rsin;
unsigned char ttl;
int s;
@ -652,14 +656,14 @@ get_rip_sock(naddr addr,
if ((s = socket(AF_INET, SOCK_DGRAM, 0)) < 0)
BADERR(1,"rip_sock = socket()");
memset(&sin, 0, sizeof(sin));
memset(&rsin, 0, sizeof(rsin));
#ifdef _HAVE_SIN_LEN
sin.sin_len = sizeof(sin);
rsin.sin_len = sizeof(rsin);
#endif
sin.sin_family = AF_INET;
sin.sin_port = htons(RIP_PORT);
sin.sin_addr.s_addr = addr;
if (bind(s, (struct sockaddr *)&sin, sizeof(sin)) < 0) {
rsin.sin_family = AF_INET;
rsin.sin_port = htons(RIP_PORT);
rsin.sin_addr.s_addr = addr;
if (bind(s, (struct sockaddr *)&rsin, sizeof(rsin)) < 0) {
if (serious)
BADERR(errno != EADDRINUSE, "bind(rip_sock)");
return -1;
@ -723,9 +727,13 @@ rip_mcast_on(struct interface *ifp)
#endif
&& !(ifp->int_state & IS_ALIAS)) {
m.imr_multiaddr.s_addr = htonl(INADDR_RIP_GROUP);
#ifdef MCAST_IFINDEX
m.imr_interface.s_addr = htonl(ifp->int_index);
#else
m.imr_interface.s_addr = ((ifp->int_if_flags & IFF_POINTOPOINT)
? ifp->int_dstaddr
: ifp->int_addr);
#endif
if (setsockopt(rip_sock,IPPROTO_IP, IP_ADD_MEMBERSHIP,
&m, sizeof(m)) < 0)
LOGERR("setsockopt(IP_ADD_MEMBERSHIP RIP)");
@ -867,6 +875,7 @@ msglog(const char *p, ...)
(void)vfprintf(ftrace, p, args);
(void)fputc('\n', ftrace);
}
va_end(args);
}
@ -929,6 +938,7 @@ msglim(struct msg_limit *lim, naddr addr, const char *p, ...)
(void)vfprintf(ftrace, p, args);
(void)fputc('\n', ftrace);
}
va_end(args);
}
@ -946,6 +956,7 @@ logbad(int dump, const char *p, ...)
(void)vfprintf(stderr, p, args);
(void)fputs("; giving up\n",stderr);
(void)fflush(stderr);
va_end(args);
if (dump)
abort();

View File

@ -35,10 +35,13 @@
#include "defs.h"
#if !defined(sgi) && !defined(__NetBSD__)
static char sccsid[] __attribute__((unused)) = "@(#)output.c 8.1 (Berkeley) 6/5/93";
#elif defined(__NetBSD__)
#ifdef __NetBSD__
__RCSID("$NetBSD$");
#elif defined(__FreeBSD__)
__RCSID("$FreeBSD$");
#else
__RCSID("$Revision: 2.27 $");
#ident "$Revision: 2.27 $"
#endif
#ident "$FreeBSD$"
@ -102,7 +105,7 @@ output(enum output_type type,
struct rip *buf,
int size) /* this many bytes */
{
struct sockaddr_in sin;
struct sockaddr_in osin;
int flags;
const char *msg;
int res;
@ -110,12 +113,12 @@ output(enum output_type type,
int soc;
int serrno;
sin = *dst;
if (sin.sin_port == 0)
sin.sin_port = htons(RIP_PORT);
osin = *dst;
if (osin.sin_port == 0)
osin.sin_port = htons(RIP_PORT);
#ifdef _HAVE_SIN_LEN
if (sin.sin_len == 0)
sin.sin_len = sizeof(sin);
if (osin.sin_len == 0)
osin.sin_len = sizeof(osin);
#endif
soc = rip_sock;
@ -152,6 +155,10 @@ output(enum output_type type,
} else {
msg = "Send mcast";
if (rip_sock_mcast != ifp) {
#ifdef MCAST_IFINDEX
/* specify ifindex */
tgt_mcast = htonl(ifp->int_index);
#else
#ifdef MCAST_PPP_BUG
/* Do not specify the primary interface
* explicitly if we have the multicast
@ -166,6 +173,7 @@ output(enum output_type type,
} else
#endif
tgt_mcast = ifp->int_addr;
#endif
if (0 > setsockopt(rip_sock,
IPPROTO_IP, IP_MULTICAST_IF,
&tgt_mcast,
@ -179,7 +187,7 @@ output(enum output_type type,
}
rip_sock_mcast = ifp;
}
sin.sin_addr.s_addr = htonl(INADDR_RIP_GROUP);
osin.sin_addr.s_addr = htonl(INADDR_RIP_GROUP);
}
break;
@ -192,18 +200,18 @@ output(enum output_type type,
return -1;
}
trace_rip(msg, "to", &sin, ifp, buf, size);
trace_rip(msg, "to", &osin, ifp, buf, size);
res = sendto(soc, buf, size, flags,
(struct sockaddr *)&sin, sizeof(sin));
(struct sockaddr *)&osin, sizeof(osin));
if (res < 0
&& (ifp == 0 || !(ifp->int_state & IS_BROKE))) {
serrno = errno;
msglog("%s sendto(%s%s%s.%d): %s", msg,
ifp != 0 ? ifp->int_name : "",
ifp != 0 ? ", " : "",
inet_ntoa(sin.sin_addr),
ntohs(sin.sin_port),
inet_ntoa(osin.sin_addr),
ntohs(osin.sin_port),
strerror(errno));
errno = serrno;
}
@ -279,7 +287,7 @@ clr_ws_buf(struct ws_buf *wb,
na->a_family = RIP_AF_AUTH;
na->a_type = RIP_AUTH_MD5;
na->au.a_md5.md5_keyid = ap->keyid;
na->au.a_md5.md5_auth_len = RIP_AUTH_MD5_LEN;
na->au.a_md5.md5_auth_len = RIP_AUTH_MD5_KEY_LEN;
na->au.a_md5.md5_seqno = htonl(clk.tv_sec);
wb->n++;
wb->lim--; /* make room for trailer */
@ -303,8 +311,8 @@ end_md5_auth(struct ws_buf *wb,
na2->a_type = htons(1);
na->au.a_md5.md5_pkt_len = htons(len);
MD5Init(&md5_ctx);
MD5Update(&md5_ctx, (u_char *)wb->buf, len);
MD5Update(&md5_ctx, ap->key, RIP_AUTH_MD5_LEN);
MD5Update(&md5_ctx, (u_char *)wb->buf, len + RIP_AUTH_MD5_HASH_XTRA);
MD5Update(&md5_ctx, ap->key, RIP_AUTH_MD5_KEY_LEN);
MD5Final(na2->au.au_pw, &md5_ctx);
wb->n++;
}
@ -547,8 +555,7 @@ walk_supply(struct radix_node *rn,
* without confusing RIPv1 listeners into thinking the
* network routes are host routes.
*/
if ((ws.state & WS_ST_AG)
&& !(ws.state & WS_ST_RIP2_ALL))
if ((ws.state & WS_ST_AG) && (ws.state & WS_ST_RIP2_ALL))
ags |= AGS_AGGREGATE;
} else {
@ -592,6 +599,11 @@ walk_supply(struct radix_node *rn,
*
* Notice spare routes with the same metric that we are about to
* advertise, to split the horizon on redundant, inactive paths.
*
* Do not suppress advertisements of interface-related addresses on
* non-point-to-point interfaces. This ensures that we have something
* to say every 30 seconds to help detect broken Ethernets or
* other interfaces where one packet every 30 seconds costs nothing.
*/
if (ws.ifp != 0
&& !(ws.state & WS_ST_QUERY)
@ -711,7 +723,7 @@ supply(struct sockaddr_in *dst,
/* Adjust the advertised metric by the outgoing interface
* metric.
*/
ws.metric = ifp->int_metric+1;
ws.metric = ifp->int_metric + 1 + ifp->int_adj_outmetric;
}
ripv12_buf.rip.rip_vers = vers;

View File

@ -37,10 +37,13 @@
#include "pathnames.h"
#include <sys/stat.h>
#if !defined(sgi) && !defined(__NetBSD__)
static char sccsid[] __attribute__((unused)) = "@(#)if.c 8.1 (Berkeley) 6/5/93";
#elif defined(__NetBSD__)
#ifdef __NetBSD__
__RCSID("$NetBSD$");
#elif defined(__FreeBSD__)
__RCSID("$FreeBSD$");
#else
__RCSID("$Revision: 2.26 $");
#ident "$Revision: 2.26 $"
#endif
#ident "$FreeBSD$"
@ -85,8 +88,10 @@ get_parms(struct interface *ifp)
ifp->int_rdisc_pref = parmp->parm_rdisc_pref;
if (parmp->parm_rdisc_int != 0)
ifp->int_rdisc_int = parmp->parm_rdisc_int;
if (parmp->parm_d_metric != 0)
ifp->int_d_metric = parmp->parm_d_metric;
if (parmp->parm_adj_inmetric != 0)
ifp->int_adj_inmetric = parmp->parm_adj_inmetric;
if (parmp->parm_adj_outmetric != 0)
ifp->int_adj_outmetric = parmp->parm_adj_outmetric;
}
}
@ -314,7 +319,7 @@ gwkludge(void)
if (state & IS_PASSIVE)
state |= IS_NO_RIP;
ifp = check_dup(gate,dst,netmask,0);
ifp = check_dup(gate,dst,netmask,state);
if (ifp != 0) {
msglog("duplicate "_PATH_GATEWAYS" entry \"%s\"",lptr);
continue;
@ -761,7 +766,7 @@ parse_parms(char *line,
} else if (PARS("passive")) {
CKF((GROUP_IS_SOL_OUT|GROUP_IS_ADV_OUT), IS_NO_RDISC);
parm.parm_int_state |= IS_NO_RIP| IS_PASSIVE;
parm.parm_int_state |= IS_NO_RIP | IS_PASSIVE;
} else if (PARSEQ("rdisc_pref")) {
if (parm.parm_rdisc_pref != 0
@ -785,10 +790,24 @@ parse_parms(char *line,
} else if (PARSEQ("fake_default")) {
if (parm.parm_d_metric != 0
|| IS_RIP_OUT_OFF(parm.parm_int_state)
|| (parm.parm_d_metric = (int)strtoul(buf,&p,0),
*p != '\0')
|| parm.parm_d_metric > HOPCNT_INFINITY-1)
|| (i = strtoul(buf,&p,0), *p != '\0')
|| i > HOPCNT_INFINITY-1)
return bad_str(tgt);
parm.parm_d_metric = i;
} else if (PARSEQ("adj_inmetric")) {
if (parm.parm_adj_inmetric != 0
|| (i = strtoul(buf,&p,0), *p != '\0')
|| i > HOPCNT_INFINITY-1)
return bad_str(tgt);
parm.parm_adj_inmetric = i;
} else if (PARSEQ("adj_outmetric")) {
if (parm.parm_adj_outmetric != 0
|| (i = strtoul(buf,&p,0), *p != '\0')
|| i > HOPCNT_INFINITY-1)
return bad_str(tgt);
parm.parm_adj_outmetric = i;
} else if (PARSEQ("trust_gateway")) {
/* look for trust_gateway=x.y.z|net/mask|...) */
@ -898,9 +917,23 @@ check_parms(struct parm *new)
return ("conflicting, duplicate poor man's router"
" discovery or fake default metric");
}
if (new->parm_adj_inmetric != 0
&& parmp->parm_adj_inmetric != 0
&& new->parm_adj_inmetric != parmp->parm_adj_inmetric) {
return ("conflicting interface input "
"metric adjustments");
}
if (new->parm_adj_outmetric != 0
&& parmp->parm_adj_outmetric != 0
&& new->parm_adj_outmetric != parmp->parm_adj_outmetric) {
return ("conflicting interface output "
"metric adjustments");
}
}
/* link new entry on the so that when the entries are scanned,
/* link new entry on the list so that when the entries are scanned,
* they affect the result in the order the operator specified.
*/
parmp = (struct parm*)rtmalloc(sizeof(*parmp), "check_parms");

View File

@ -42,7 +42,9 @@
/* All remotely requested trace files must either start with this prefix
* or be the same as the tracefile specified when the daemon was started.
* If this is a directory, routed will create log files in it. That
* might be a security problem.
* might be a security problem. However, if bad guys can write in the
* default value, /etc, you have far worse security problems than anything
* this might do. In other words, it makes no sense to turn this off.
*
* Leave this undefined, and only the trace file originally specified
* when routed was started, if any, will be appended to.

View File

@ -41,10 +41,13 @@
#include "defs.h"
#if !defined(sgi) && !defined(__NetBSD__)
static char sccsid[] __attribute__((unused)) = "@(#)rdisc.c 8.1 (Berkeley) x/y/95";
#elif defined(__NetBSD__)
#ifdef __NetBSD__
__RCSID("$NetBSD$");
#elif defined(__FreeBSD__)
__RCSID("$FreeBSD$");
#else
__RCSID("$Revision: 2.23 $");
#ident "$Revision: 2.23 $"
#endif
#ident "$FreeBSD$"

View File

@ -38,10 +38,13 @@
#include <netinet/ip.h>
#include <netinet/ip_icmp.h>
#if !defined(sgi) && !defined(__NetBSD__)
static char sccsid[] __attribute__((unused)) = "@(#)rdisc.c 8.1 (Berkeley) x/y/95";
#elif defined(__NetBSD__)
#ifdef __NetBSD__
__RCSID("$NetBSD$");
#elif defined(__FreeBSD__)
__RCSID("$FreeBSD$");
#else
__RCSID("$Revision: 2.27 $");
#ident "$Revision: 2.27 $"
#endif
#ident "$FreeBSD$"
@ -97,8 +100,9 @@ struct dr { /* accumulated advertisements */
#define UNSIGN_PREF(p) SIGN_PREF(p)
/* adjust unsigned preference by interface metric,
* without driving it to infinity */
#define PREF(p, ifp) ((int)(p) <= (ifp)->int_metric ? ((p) != 0 ? 1 : 0) \
: (p) - ((ifp)->int_metric))
#define PREF(p, ifp) ((int)(p) <= ((ifp)->int_metric+(ifp)->int_adj_outmetric)\
? ((p) != 0 ? 1 : 0) \
: (p) - ((ifp)->int_metric+(ifp)->int_adj_outmetric))
static void rdisc_sort(void);
@ -191,9 +195,13 @@ set_rdisc_mg(struct interface *ifp,
return;
#endif
memset(&m, 0, sizeof(m));
#ifdef MCAST_IFINDEX
m.imr_interface.s_addr = htonl(ifp->int_index);
#else
m.imr_interface.s_addr = ((ifp->int_if_flags & IFF_POINTOPOINT)
? ifp->int_dstaddr
: ifp->int_addr);
#endif
if (supplier
|| (ifp->int_state & IS_NO_ADV_IN)
|| !on) {
@ -693,17 +701,17 @@ send_rdisc(union ad_u *p,
naddr dst, /* 0 or unicast destination */
int type) /* 0=unicast, 1=bcast, 2=mcast */
{
struct sockaddr_in sin;
struct sockaddr_in rsin;
int flags;
const char *msg;
naddr tgt_mcast;
memset(&sin, 0, sizeof(sin));
sin.sin_addr.s_addr = dst;
sin.sin_family = AF_INET;
memset(&rsin, 0, sizeof(rsin));
rsin.sin_addr.s_addr = dst;
rsin.sin_family = AF_INET;
#ifdef _HAVE_SIN_LEN
sin.sin_len = sizeof(sin);
rsin.sin_len = sizeof(rsin);
#endif
flags = MSG_DONTROUTE;
@ -716,10 +724,10 @@ send_rdisc(union ad_u *p,
case 1: /* broadcast */
if (ifp->int_if_flags & IFF_POINTOPOINT) {
msg = "Send pt-to-pt";
sin.sin_addr.s_addr = ifp->int_dstaddr;
rsin.sin_addr.s_addr = ifp->int_dstaddr;
} else {
msg = "Send broadcast";
sin.sin_addr.s_addr = ifp->int_brdaddr;
rsin.sin_addr.s_addr = ifp->int_brdaddr;
}
break;
@ -733,6 +741,10 @@ send_rdisc(union ad_u *p,
}
if (rdisc_sock_mcast != ifp) {
/* select the right interface. */
#ifdef MCAST_IFINDEX
/* specify ifindex */
tgt_mcast = htonl(ifp->int_index);
#else
#ifdef MCAST_PPP_BUG
/* Do not specify the primary interface explicitly
* if we have the multicast point-to-point kernel
@ -746,6 +758,7 @@ send_rdisc(union ad_u *p,
} else
#endif
tgt_mcast = ifp->int_addr;
#endif
if (0 > setsockopt(rdisc_sock,
IPPROTO_IP, IP_MULTICAST_IF,
&tgt_mcast, sizeof(tgt_mcast))) {
@ -763,16 +776,16 @@ send_rdisc(union ad_u *p,
if (rdisc_sock < 0)
get_rdisc_sock();
trace_rdisc(msg, ifp->int_addr, sin.sin_addr.s_addr, ifp,
trace_rdisc(msg, ifp->int_addr, rsin.sin_addr.s_addr, ifp,
p, p_size);
if (0 > sendto(rdisc_sock, p, p_size, flags,
(struct sockaddr *)&sin, sizeof(sin))) {
(struct sockaddr *)&rsin, sizeof(rsin))) {
if (ifp == 0 || !(ifp->int_state & IS_BROKE))
msglog("sendto(%s%s%s): %s",
ifp != 0 ? ifp->int_name : "",
ifp != 0 ? ", " : "",
inet_ntoa(sin.sin_addr),
inet_ntoa(rsin.sin_addr),
strerror(errno));
if (ifp != 0)
if_sick(ifp);

View File

@ -1,3 +1,5 @@
.\" $Revision: 2.26 $
.\"
.\" Copyright (c) 1983, 1991, 1993
.\" The Regents of the University of California. All rights reserved.
.\"
@ -114,11 +116,18 @@ The
packet generated contains a list of known routes, each marked
with a "hop count" metric (a count of 16 or greater is
considered "infinite").
Advertised metrics reflect the metric associated with interface
Th advertised metric for a route reflects the metrics associated
with interfaces
(see
.Xr ifconfig 8 ) ,
.Xr ifconfig 8 )
though which it is received and sent,
so setting the metric on an interface
is an effective way to steer traffic.
See also
.Cm adj_inmetric
and
.Cm adj_outmetric
parameters below.
.Pp
Responses do not include routes with a first hop on the requesting
network to implement in part
@ -155,7 +164,7 @@ also periodically checks the routing table entries.
If an entry has not been updated for 3 minutes, the entry's metric
is set to infinity and marked for deletion.
Deletions are delayed until the route has been advertised with
an infinite metric to insure the invalidation
an infinite metric to ensure the invalidation
is propagated throughout the local internet.
This is a form of
.Em poison reverse .
@ -508,6 +517,7 @@ a line starting with
.Cm if=alias(Hname) ,
.Cm if=remote(Hname) ,
etc. should be used.
.Ss Parameters
.Pp
Lines that start with neither "net" nor "host" must consist of one
or more of the following parameter settings, separated by commas or
@ -560,7 +570,8 @@ all passwords have expired, in which case the password that expired most
recently is used, or unless no passwords are valid yet, in which case
no password is output.
Incoming packets can carry any password that is valid, will
be valid within 24 hours, or that was valid within 24 hours.
be valid within the next 24 hours, or that was valid within the preceding
24 hours.
To protect the secrets, the passwd settings are valid only in the
.Em /etc/gateways
file and only when that file is readable only by UID 0.
@ -649,17 +660,47 @@ Unless modified with
.Cm fake_default ,
the default route is broadcast with a metric of 14.
That serves as a "poor man's router discovery" protocol.
.It Cm adj_inmetric Ns \&= Ns Ar delta
adjusts the hop count or metric of received RIP routes by
.Ar delta .
The metric of every received RIP route is increased by the sum
of two values associated with the interface.
One is the adj_inmetric value and the other is the interface
metric set with
.Xr ifconfig 8 .
.It Cm adj_outmetric Ns \&= Ns Ar delta
adjusts the hop count or metric of advertised RIP routes by
.Ar delta .
The metric of every received RIP route is increased by the metric
associated with the interface by which it was received, or by 1 if
the interface does not have a non-zero metric.
The metric of the received route is then increased by the
adj_outmetric associated with the interface.
Every advertised route is increased by a total of four
values,
the metric set for the interface by which it was received with
.Xr ifconfig 8 ,
the
.Cm adj_inmetric Ar delta
of the receiving interface,
the metric set for the interface by which it is transmitted with
.Xr ifconfig 8 ,
and the
.Cm adj_outmetric Ar delta
of the transmitting interface.
.It Cm trust_gateway Ns \&= Ns Ar rname[|net1/mask1|net2/mask2|...]
causes RIP packets from that router and other routers named in
other
causes RIP packets from router
.Ar rname
and other routers named in other
.Cm trust_gateway
keywords to be accepted, and packets from other routers to be ignored.
If networks are specified, then routes to other networks will be ignored
from that router.
.It Cm redirect_ok
causes RIP to allow ICMP Redirect messages when the system is acting
allows the kernel to listen ICMP Redirect messages when the system is acting
as a router and forwarding packets.
Otherwise, ICMP Redirect messages are overridden.
Otherwise, ICMP Redirect messages are overridden and deleted when the
system is acting as a router.
.El
.Sh FILES
.Bl -tag -width /etc/gateways -compact
@ -683,3 +724,5 @@ The
.Nm
utility appeared in
.Bx 4.2 .
\" LocalWords: loopback ICMP rtquery ifconfig multicasting Solicitations RIPv
\" LocalWords: netstat rdisc

View File

@ -1,4 +1,4 @@
.\" $Revision: 1.10 $
.\" $Revision: 2.27 $
.\" $FreeBSD$
.\"
.Dd June 1, 1996

View File

@ -33,10 +33,6 @@
* $FreeBSD$
*/
char copyright[] =
"@(#) Copyright (c) 1982, 1986, 1993\n\
The Regents of the University of California. All rights reserved.\n";
#include <sys/cdefs.h>
#include <sys/param.h>
#include <sys/protosw.h>
@ -57,17 +53,32 @@ char copyright[] =
#include <bstring.h>
#endif
#if !defined(sgi) && !defined(__NetBSD__)
static char sccsid[] __attribute__((unused))= "@(#)query.c 8.1 (Berkeley) 6/5/93";
#elif defined(__NetBSD__)
__RCSID("$NetBSD: rtquery.c,v 1.10 1999/02/23 10:47:41 christos Exp $");
#define UNUSED __attribute__((unused))
#ifndef __RCSID
#define __RCSID(_s) static const char rcsid[] UNUSED = _s
#endif
#ifndef __COPYRIGHT
#define __COPYRIGHT(_s) static const char copyright[] UNUSED = _s
#endif
__COPYRIGHT("@(#) Copyright (c) 1983, 1988, 1993\n"
"The Regents of the University of California."
" All rights reserved.\n");
#ifdef __NetBSD__
__RCSID("$NetBSD$");
#elif defined(__FreeBSD__)
__RCSID("$FreeBSD$");
#else
__RCSID("$Revision: 2.26 $");
#ident "$Revision: 2.26 $"
#endif
#ident "$Revision: 1.12 $"
#ifndef sgi
#define _HAVE_SIN_LEN
#endif
#ifdef __NetBSD__
#include <md5.h>
#else
#define MD5_DIGEST_LEN 16
typedef struct {
u_int32_t state[4]; /* state (ABCD) */
@ -77,6 +88,7 @@ typedef struct {
extern void MD5Init(MD5_CTX*);
extern void MD5Update(MD5_CTX*, u_char*, u_int);
extern void MD5Final(u_char[MD5_DIGEST_LEN], MD5_CTX*);
#endif
#define WTIME 15 /* Time to wait for all responses */
@ -388,7 +400,7 @@ query_loop(char *argv[], int argc)
NA0.a_family = RIP_AF_AUTH;
NA0.a_type = RIP_AUTH_MD5;
NA0.au.a_md5.md5_keyid = (int8_t)keyid;
NA0.au.a_md5.md5_auth_len = RIP_AUTH_MD5_LEN;
NA0.au.a_md5.md5_auth_len = RIP_AUTH_MD5_KEY_LEN;
NA0.au.a_md5.md5_seqno = 0;
cc = (char *)&NA2-(char *)&OMSG;
NA0.au.a_md5.md5_pkt_len = htons(cc);
@ -398,7 +410,7 @@ query_loop(char *argv[], int argc)
MD5Update(&md5_ctx,
(u_char *)&OMSG, cc);
MD5Update(&md5_ctx,
(u_char *)passwd, RIP_AUTH_MD5_LEN);
(u_char *)passwd, RIP_AUTH_MD5_HASH_LEN);
MD5Final(NA2.au.au_pw, &md5_ctx);
omsg_len += 2*sizeof(OMSG.rip_nets[0]);
}
@ -412,7 +424,7 @@ query_loop(char *argv[], int argc)
seen = 0;
while (0 > out(*argv++)) {
if (*argv == 0)
exit(-1);
exit(1);
answered++;
}
@ -595,7 +607,7 @@ rip_input(struct sockaddr_in *from,
struct in_addr in;
const char *name;
char net_buf[80];
u_char hash[RIP_AUTH_MD5_LEN];
u_char hash[RIP_AUTH_MD5_KEY_LEN];
MD5_CTX md5_ctx;
u_char md5_authed = 0;
u_int mask, dmask;
@ -735,9 +747,10 @@ rip_input(struct sockaddr_in *from,
&& na->a_type == ntohs(1)) {
MD5Init(&md5_ctx);
MD5Update(&md5_ctx, (u_char *)&IMSG,
(char *)na-(char *)&IMSG);
(char *)na-(char *)&IMSG
+RIP_AUTH_MD5_HASH_XTRA);
MD5Update(&md5_ctx, (u_char *)passwd,
RIP_AUTH_MD5_LEN);
RIP_AUTH_MD5_KEY_LEN);
MD5Final(hash, &md5_ctx);
(void)printf(" %s hash\n",
memcmp(hash, na->au.au_pw,
@ -749,10 +762,10 @@ rip_input(struct sockaddr_in *from,
} else {
(void)sprintf(net_buf, "(af %#x) %d.%d.%d.%d",
ntohs(n->n_family),
(char)(n->n_dst >> 24),
(char)(n->n_dst >> 16),
(char)(n->n_dst >> 8),
(char)n->n_dst);
(u_char)(n->n_dst >> 24),
(u_char)(n->n_dst >> 16),
(u_char)(n->n_dst >> 8),
(u_char)n->n_dst);
}
(void)printf(" %-18s metric %2d %-10s",

View File

@ -35,10 +35,13 @@
#include "defs.h"
#if !defined(sgi) && !defined(__NetBSD__)
static char sccsid[] __attribute__((unused)) = "@(#)tables.c 8.1 (Berkeley) 6/5/93";
#elif defined(__NetBSD__)
#ifdef __NetBSD__
__RCSID("$NetBSD$");
#elif defined(__FreeBSD__)
__RCSID("$FreeBSD$");
#else
__RCSID("$Revision: 2.27 $");
#ident "$Revision: 2.27 $"
#endif
#ident "$FreeBSD$"
@ -253,8 +256,6 @@ ag_flush(naddr lim_dst_h, /* flush routes to here */
* then mark the suppressor redundant.
*/
if (ag_cors->ag_pref <= ag->ag_pref) {
if (ag_cors->ag_seqno > ag->ag_seqno)
ag_cors->ag_seqno = ag->ag_seqno;
if (AG_IS_REDUN(ag->ag_state)
&& ag_cors->ag_mask==ag->ag_mask<<1) {
if (ag_cors->ag_dst_h == dst_h)
@ -289,7 +290,7 @@ ag_check(naddr dst,
naddr nhop,
char metric,
char pref,
u_int seqno,
u_int new_seqno,
u_short tag,
u_short state,
void (*out)(struct ag_info *)) /* output using this */
@ -316,7 +317,7 @@ ag_check(naddr dst,
nc_ag.ag_pref = pref;
nc_ag.ag_tag = tag;
nc_ag.ag_state = state;
nc_ag.ag_seqno = seqno;
nc_ag.ag_seqno = new_seqno;
out(&nc_ag);
return;
}
@ -346,8 +347,6 @@ ag_check(naddr dst,
&& (ag_cors->ag_gate == ag->ag_gate
|| (ag->ag_state & AGS_FINE_GATE)
|| (ag_cors->ag_state & AGS_CORS_GATE))) {
if (ag_cors->ag_seqno > ag->ag_seqno)
ag_cors->ag_seqno = ag->ag_seqno;
/* If the suppressed target was redundant,
* then mark the suppressor redundant.
*/
@ -406,17 +405,13 @@ ag_check(naddr dst,
ag->ag_tag = tag;
ag->ag_metric = metric;
ag->ag_pref = pref;
if (ag->ag_seqno < new_seqno)
ag->ag_seqno = new_seqno;
x = ag->ag_state;
ag->ag_state = state;
state = x;
}
/* The sequence number controls flash updating,
* and should be the smaller of the two.
*/
if (ag->ag_seqno > seqno)
ag->ag_seqno = seqno;
/* Some bits are set if they are set on either route,
* except when the route is for an interface.
*/
@ -456,8 +451,8 @@ ag_check(naddr dst,
*
* Combine and promote (aggregate) the pair of routes.
*/
if (seqno > ag->ag_seqno)
seqno = ag->ag_seqno;
if (new_seqno < ag->ag_seqno)
new_seqno = ag->ag_seqno;
if (!AG_IS_REDUN(state))
state &= ~AGS_REDUN1;
if (AG_IS_REDUN(ag->ag_state))
@ -518,10 +513,10 @@ ag_check(naddr dst,
pref = x;
/* take the newest sequence number */
if (seqno >= ag->ag_seqno)
seqno = ag->ag_seqno;
if (new_seqno <= ag->ag_seqno)
new_seqno = ag->ag_seqno;
else
ag->ag_seqno = seqno;
ag->ag_seqno = new_seqno;
} else {
if (!(state & AGS_AGGREGATE))
@ -537,10 +532,10 @@ ag_check(naddr dst,
if (!AG_IS_REDUN(state))
state &= ~AGS_REDUN1;
state &= ~AGS_REDUN0;
if (seqno > ag->ag_seqno)
seqno = ag->ag_seqno;
if (new_seqno < ag->ag_seqno)
new_seqno = ag->ag_seqno;
else
ag->ag_seqno = seqno;
ag->ag_seqno = new_seqno;
}
mask <<= 1;
@ -601,7 +596,7 @@ ag_check(naddr dst,
nag->ag_pref = pref;
nag->ag_tag = tag;
nag->ag_state = state;
nag->ag_seqno = seqno;
nag->ag_seqno = new_seqno;
nag->ag_fine = ag;
if (ag != 0)
@ -635,6 +630,9 @@ rtm_type_name(u_char type)
"RTM_RESOLVE",
"RTM_NEWADDR",
"RTM_DELADDR",
#ifdef RTM_OIFINFO
"RTM_OIFINFO",
#endif
"RTM_IFINFO",
"RTM_NEWMADDR",
"RTM_DELMADDR"
@ -1014,7 +1012,7 @@ rtm_lose(struct rt_msghdr *rtm,
*/
static int
get_info_gate(struct sockaddr **sap,
struct sockaddr_in *sin)
struct sockaddr_in *rsin)
{
struct sockaddr_dl *sdl = (struct sockaddr_dl *)*sap;
struct interface *ifp;
@ -1030,12 +1028,12 @@ get_info_gate(struct sockaddr **sap,
if (ifp == 0)
return 0;
sin->sin_addr.s_addr = ifp->int_addr;
rsin->sin_addr.s_addr = ifp->int_addr;
#ifdef _HAVE_SA_LEN
sin->sin_len = sizeof(*sin);
rsin->sin_len = sizeof(*rsin);
#endif
sin->sin_family = AF_INET;
*sap = (struct sockaddr*)sin;
rsin->sin_family = AF_INET;
*sap = (struct sockaddr*)rsin;
return 1;
}
@ -1116,6 +1114,13 @@ flush_kern(void)
if (rtm->rtm_flags & RTF_LLINFO)
continue;
#if defined(RTF_CLONED) && defined(__bsdi__)
/* ignore cloned routes
*/
if (rtm->rtm_flags & RTF_CLONED)
continue;
#endif
/* ignore multicast addresses
*/
if (IN_MULTICAST(ntohl(S_ADDR(INFO_DST(&info)))))
@ -1223,6 +1228,10 @@ read_rt(void)
ifinit_timer.tv_sec = now.tv_sec;
continue;
}
#ifdef RTM_OIFINFO
if (m.r.rtm.rtm_type == RTM_OIFINFO)
continue; /* ignore compat message */
#endif
strcpy(str, rtm_type_name(m.r.rtm.rtm_type));
strp = &str[strlen(str)];
@ -1262,6 +1271,13 @@ read_rt(void)
continue;
}
#if defined(RTF_CLONED) && defined(__bsdi__)
if (m.r.rtm.rtm_flags & RTF_CLONED) {
trace_act("ignore cloned %s", str);
continue;
}
#endif
if (get_info_gate(&INFO_GATE(&info), &gate_sin)) {
gate = S_ADDR(INFO_GATE(&info));
strp += sprintf(strp, " --> %s", naddr_ntoa(gate));

View File

@ -40,10 +40,13 @@
#include <sys/signal.h>
#include <fcntl.h>
#if !defined(sgi) && !defined(__NetBSD__)
static char sccsid[] __attribute__((unused)) = "@(#)trace.c 8.1 (Berkeley) 6/5/93";
#elif defined(__NetBSD__)
#ifdef __NetBSD__
__RCSID("$NetBSD$");
#elif defined(__FreeBSD__)
__RCSID("$FreeBSD$");
#else
__RCSID("$Revision: 2.27 $");
#ident "$Revision: 2.27 $"
#endif
#ident "$FreeBSD$"
@ -188,6 +191,7 @@ tmsg(const char *p, ...)
lastlog();
va_start(args, p);
vfprintf(ftrace, p, args);
va_end(args);
(void)fputc('\n',ftrace);
fflush(ftrace);
}
@ -241,6 +245,7 @@ trace_off(const char *p, ...)
lastlog();
va_start(args, p);
vfprintf(ftrace, p, args);
va_end(args);
(void)fputc('\n',ftrace);
}
trace_close(file_trace);
@ -643,9 +648,15 @@ trace_if(const char *act,
ifp->int_mask, 1));
if (ifp->int_metric != 0)
(void)fprintf(ftrace, "metric=%d ", ifp->int_metric);
if (ifp->int_adj_inmetric != 0)
(void)fprintf(ftrace, "adj_inmetric=%u ",
ifp->int_adj_inmetric);
if (ifp->int_adj_outmetric != 0)
(void)fprintf(ftrace, "adj_outmetric=%u ",
ifp->int_adj_outmetric);
if (!IS_RIP_OUT_OFF(ifp->int_state)
&& ifp->int_d_metric != 0)
(void)fprintf(ftrace, "fake_default=%d ", ifp->int_d_metric);
(void)fprintf(ftrace, "fake_default=%u ", ifp->int_d_metric);
trace_bits(if_bits, ifp->int_if_flags, 0);
trace_bits(is_bits, ifp->int_state, 0);
(void)fputc('\n',ftrace);
@ -723,6 +734,7 @@ trace_misc(const char *p, ...)
lastlog();
va_start(args, p);
vfprintf(ftrace, p, args);
va_end(args);
(void)fputc('\n',ftrace);
}
@ -740,6 +752,7 @@ trace_act(const char *p, ...)
lastlog();
va_start(args, p);
vfprintf(ftrace, p, args);
va_end(args);
(void)fputc('\n',ftrace);
}
@ -757,6 +770,7 @@ trace_pkt(const char *p, ...)
lastlog();
va_start(args, p);
vfprintf(ftrace, p, args);
va_end(args);
(void)fputc('\n',ftrace);
}