1. 10 May, 2009 1 commit
  2. 08 Apr, 2009 1 commit
    • Ondřej Zajíček's avatar
      Fixes broken cryptographic authentication in OSPF · 024c310b
      Ondřej Zajíček authored
      Cryptographic authentication in OSPF is defective by
      design - there might be several packets independently
      sent to the network (for example HELLO, LSUPD and LSACK)
      where they might be reordered and that causes crypt.
      sequence number error.
      
      That can be workarounded by not incresing sequence number
      too often. Now we update it only when last packet was sent
      before at least one second. This can constitute a risk of
      replay attacks, but RFC supposes something similar (like time
      in seconds used as CSN).
      024c310b
  3. 08 Nov, 2008 1 commit
    • Ondřej Zajíček's avatar
      Fix bugs in OSPF MD5 authentication. First bug is that default · b21f68b4
      Ondřej Zajíček authored
      values for MD5 password ID changed during reconfigure, Second
      bug is that BIRD chooses password in first-fit manner, but RFC
      says that it should use the one with the latest generate-from.
      
      It also modifies the syntax for multiple passwords.
      Now it is possible to just add more 'password' statements
      to the interface section and it is not needed to use
      'passwords' section. Old syntax can be used too.
      b21f68b4
  4. 14 Feb, 2005 1 commit
  5. 13 Jul, 2004 1 commit
  6. 26 Jun, 2004 1 commit
  7. 25 Jun, 2004 1 commit
    • Ondřej Filip's avatar
      A lot of changes: · 98ac6176
      Ondřej Filip authored
      	- metric is 3 byte long now
      	- summary lsa originating
      	- more OSPF areas possible
      	- virtual links
      	- better E1/E2 routes handling
      	- some bug fixes..
      
      I have to do:
      	- md5 auth (last mandatory item from rfc2328)
      	- !!!!DEBUG!!!!! (mainly virtual link system has probably a lot of bugs)
      	- 2328 appendig E
      98ac6176
  8. 11 Jun, 2004 1 commit
  9. 07 Jun, 2004 1 commit
  10. 13 Nov, 2002 1 commit
  11. 08 Jun, 2000 3 commits
  12. 30 May, 2000 2 commits
  13. 16 May, 2000 1 commit
  14. 15 May, 2000 1 commit
    • Martin Mareš's avatar
      Cleanup of configuration. · e3f2d5fc
      Martin Mareš authored
      o  Use `expr' instead of `NUM' and `ipa' instead of `IPA',
         so that defined symbols work everywhere.
      o  `define' now accepts both numbers and IP addresses.
      o  Renamed `ipa' in filters to `fipa'.
      
      Pavel, please update filters to accept define'd symbols as well.
      e3f2d5fc
  15. 13 May, 2000 2 commits
  16. 08 May, 2000 1 commit
  17. 07 May, 2000 2 commits
  18. 04 May, 2000 1 commit
  19. 28 Apr, 2000 1 commit
  20. 01 Apr, 2000 1 commit
  21. 12 Mar, 2000 1 commit
  22. 07 Mar, 2000 2 commits
    • Martin Mareš's avatar
      f30b86f9
    • Martin Mareš's avatar
      Added protocol debugging flags (protocol.h: D_xxx), parsing of them · 96d8e3bf
      Martin Mareš authored
      in configuration files and commands for manipulating them.
      
      Current debug message policy:
      
         o  D_STATES, D_ROUTES and D_FILTERS are handled in generic code.
         o  Other debug flags should be handled in the protocols and whenever
            the flag is set, the corresponding messages should be printed
            using calls to log(L_TRACE, ...), each message prefixed with
            the name of the protocol instance. These messages should cover
            the whole normal operation of the protocol and should be useful
            for an administrator trying to understand what does the protocol
            behave on his network or who is attempting to diagnose network
            problems. If your messages don't fit to the categories I've defined,
            feel free to add your own ones (by adding them to protocol.h
            and on two places in nest/config.Y), but please try to keep the
            categories as general as possible (i.e., not tied to your protocol).
         o  Internal debug messages not interesting even to an experienced
            user should be printed by calling DBG() which is either void or
            a call to debug() depending on setting of the LOCAL_DEBUG symbol
            at the top of your source.
         o  Dump functions (proto->dump etc.) should call debug() to print
            their messages.
         o  If you are doing any internal consistency checks, use ASSERT
            or bug().
         o  Nobody shall ever call printf() or any other stdio functions.
      
      Also please try to log any protocol errors you encounter and tag them
      with the appropriate message category (usually L_REMOTE or L_AUTH). Always
      carefully check contents of any message field you receive and verify all
      IP addresses you work with (by calling ipa_classify() or by using the
      neighbour cache if you want to check direct connectedness as well).
      96d8e3bf
  23. 04 Mar, 2000 1 commit
  24. 18 Feb, 2000 1 commit
  25. 19 Jan, 2000 1 commit
  26. 17 Jan, 2000 2 commits
  27. 06 Dec, 1999 1 commit
  28. 05 Dec, 1999 2 commits
  29. 03 Dec, 1999 1 commit
  30. 02 Dec, 1999 1 commit
  31. 01 Dec, 1999 1 commit
  32. 30 Nov, 1999 1 commit