1. 28 May, 2009 1 commit
  2. 26 May, 2009 1 commit
  3. 25 May, 2009 1 commit
  4. 24 May, 2009 2 commits
  5. 22 May, 2009 7 commits
  6. 21 May, 2009 1 commit
  7. 13 May, 2009 1 commit
  8. 11 May, 2009 2 commits
  9. 10 May, 2009 2 commits
  10. 08 May, 2009 1 commit
  11. 06 May, 2009 2 commits
  12. 04 May, 2009 2 commits
  13. 29 Apr, 2009 2 commits
  14. 28 Apr, 2009 5 commits
  15. 23 Apr, 2009 4 commits
  16. 17 Apr, 2009 2 commits
    • Ondřej Zajíček's avatar
      Fixes mixed-up messages on netlink socket · e366625c
      Ondřej Zajíček authored
      Under specific circumstances there might be two mixed-up
      netlink sessions (one for scan, the other for route change
      request). This patch separates netlink scans and requests
      to two fds (and seq counters).
      
      This should fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=428865
      e366625c
    • Ondřej Zajíček's avatar
      Rewrite of buggy AS path matching. · c8a6b9a3
      Ondřej Zajíček authored
      Old AS path maching supposes thath AS number appears
      only once in AS path, but that is not true. It also
      contains some bugs related to AS path sets.
      
      New code does not use any assumptions about semantic
      structure of AS path. It is asymptotically slower than
      the old code, but on real paths it is not significant.
      
      It also allows '?' for matching one arbitrary AS number.
      c8a6b9a3
  17. 08 Apr, 2009 1 commit
    • Ondřej Zajíček's avatar
      Fixes broken cryptographic authentication in OSPF · 024c310b
      Ondřej Zajíček authored
      Cryptographic authentication in OSPF is defective by
      design - there might be several packets independently
      sent to the network (for example HELLO, LSUPD and LSACK)
      where they might be reordered and that causes crypt.
      sequence number error.
      
      That can be workarounded by not incresing sequence number
      too often. Now we update it only when last packet was sent
      before at least one second. This can constitute a risk of
      replay attacks, but RFC supposes something similar (like time
      in seconds used as CSN).
      024c310b
  18. 06 Apr, 2009 2 commits
  19. 31 Mar, 2009 1 commit