1. 29 May, 2009 2 commits
  2. 28 May, 2009 1 commit
  3. 26 May, 2009 1 commit
  4. 25 May, 2009 1 commit
  5. 24 May, 2009 2 commits
  6. 22 May, 2009 7 commits
  7. 21 May, 2009 1 commit
  8. 13 May, 2009 1 commit
  9. 11 May, 2009 2 commits
  10. 10 May, 2009 2 commits
  11. 08 May, 2009 1 commit
  12. 06 May, 2009 2 commits
  13. 04 May, 2009 2 commits
  14. 29 Apr, 2009 2 commits
  15. 28 Apr, 2009 5 commits
  16. 23 Apr, 2009 4 commits
  17. 17 Apr, 2009 2 commits
    • Ondřej Zajíček's avatar
      Fixes mixed-up messages on netlink socket · e366625c
      Ondřej Zajíček authored
      Under specific circumstances there might be two mixed-up
      netlink sessions (one for scan, the other for route change
      request). This patch separates netlink scans and requests
      to two fds (and seq counters).
      
      This should fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=428865
      e366625c
    • Ondřej Zajíček's avatar
      Rewrite of buggy AS path matching. · c8a6b9a3
      Ondřej Zajíček authored
      Old AS path maching supposes thath AS number appears
      only once in AS path, but that is not true. It also
      contains some bugs related to AS path sets.
      
      New code does not use any assumptions about semantic
      structure of AS path. It is asymptotically slower than
      the old code, but on real paths it is not significant.
      
      It also allows '?' for matching one arbitrary AS number.
      c8a6b9a3
  18. 08 Apr, 2009 1 commit
    • Ondřej Zajíček's avatar
      Fixes broken cryptographic authentication in OSPF · 024c310b
      Ondřej Zajíček authored
      Cryptographic authentication in OSPF is defective by
      design - there might be several packets independently
      sent to the network (for example HELLO, LSUPD and LSACK)
      where they might be reordered and that causes crypt.
      sequence number error.
      
      That can be workarounded by not incresing sequence number
      too often. Now we update it only when last packet was sent
      before at least one second. This can constitute a risk of
      replay attacks, but RFC supposes something similar (like time
      in seconds used as CSN).
      024c310b
  19. 06 Apr, 2009 1 commit
    • Ondřej Zajíček's avatar
      Fixes bug in OSPF packet retransmission. · b722fe7e
      Ondřej Zajíček authored
      If a DBDES packet from a master to a slave is lost, then the old code
      does not retransmit it and instead send a next one with the same
      sequence number. That leads to silent desynchronization of LSA
      databases.
      b722fe7e