Bugfix in simple authentification.

diff --git a/nest/password.c b/nest/password.c
index 0bc38f108d77059539d0644e871722fe0405a38c..7f1c8dce19858506b322be6275cfe4f8122cf09b 100644 (file)
--- a/nest/password.c
+++ b/nest/password.c
@@ -22,7 +22,7 @@ password_find(list *l)
   {
     WALK_LIST(pi, *l)
     {
-      if ((pi->genfrom > now) && (pi->gento < now))
+      if ((pi->genfrom < now) && (pi->gento > now))
         return pi;
     }
   }
@@ -32,6 +32,6 @@ password_find(list *l)
 void password_cpy(char *dst, char *src, int size)
 {
   bzero(dst, size);
-  memcpy(dst, src, strlen(src) < (unsigned) size ? strlen(src) : (unsigned) size);
+  memcpy(dst, src, (strlen(src) < (unsigned) size ? strlen(src) : (unsigned) size));
 }
 

diff --git a/proto/ospf/config.Y b/proto/ospf/config.Y
index c59517581a42d46ec9df5c39703644a1aed1033f..87a97bc3a634c2d83553add1cf1c7a3326da7c5f 100644 (file)
--- a/proto/ospf/config.Y
+++ b/proto/ospf/config.Y
@@ -1,7 +1,7 @@
 /*
  *     BIRD -- OSPF Configuration
  *
- *     (c) 1999 - 2000 Ondrej Filip <feela@network.cz>
+ *     (c) 1999--2004 Ondrej Filip <feela@network.cz>
  *
  *     Can be freely distributed and used under the terms of the GNU GPL.
  */
@@ -98,6 +98,7 @@ ospf_vlink_item:
  | DEAD COUNT expr { OSPF_PATT->deadc = $3 ; if ($3<=1) cf_error("Dead count must be greater than one"); }
  | AUTHENTICATION NONE { OSPF_PATT->autype = OSPF_AUTH_NONE ; }
  | AUTHENTICATION SIMPLE { OSPF_PATT->autype = OSPF_AUTH_SIMPLE ; }
+ | AUTHENTICATION CRYPTOGRAPHIC { OSPF_PATT->autype = OSPF_AUTH_CRYPT ; }
  | password_list {OSPF_PATT->passwords = $1; }
  ;
 

diff --git a/proto/ospf/packet.c b/proto/ospf/packet.c
index 888fa666d6f589c53a2118450209aa3079fc31fc..9d5a924d29bd6b7573a2efb66b14c73a1cf45b6c 100644 (file)
--- a/proto/ospf/packet.c
+++ b/proto/ospf/packet.c
@@ -48,15 +48,20 @@ ospf_pkt_finalize(struct ospf_iface *ifa, struct ospf_packet *pkt)
   char password[OSPF_AUTH_CRYPT_SIZE];
 
   pkt->autype = htons(ifa->autype);
-  bzero(&pkt->u, sizeof(union ospf_auth));
 
   switch(ifa->autype)
   {
     case OSPF_AUTH_SIMPLE:
-      password_cpy(pkt->u.password, passwd->password, 8);
+      bzero(&pkt->u, sizeof(union ospf_auth));
+      if (!passwd)
+      {
+        log( L_ERR "No suitable password found for authentication" );
+        return;
+      }
+      password_cpy(pkt->u.password, passwd->password, sizeof(union ospf_auth));
     case OSPF_AUTH_NONE:
-      pkt->checksum = ipsum_calculate(pkt, sizeof(struct ospf_packet) - 8,
-                                 (pkt + 1),
+      pkt->checksum = ipsum_calculate(pkt, sizeof(struct ospf_packet) -
+                                  sizeof(union ospf_auth), (pkt + 1),
                                  ntohs(pkt->length) -
                                  sizeof(struct ospf_packet), NULL);
       break;
@@ -127,15 +132,17 @@ ospf_pkt_checkauth(struct ospf_neighbor *n, struct ospf_iface *ifa, struct ospf_
         OSPF_TRACE(D_PACKETS, "OSPF_auth: no password found");
        return 0;
       }
+      password_cpy(password, pass->password, sizeof(union ospf_auth));
 
-      if (memcmp(pkt->u.password,pass, 8))
+      if (memcmp(pkt->u.password, password, sizeof(union ospf_auth)))
       {
-        OSPF_TRACE(D_PACKETS, "OSPF_auth: different passwords");
+        char ppass[sizeof(union ospf_auth) + 1];
+        bzero(ppass, (sizeof(union ospf_auth) + 1));
+        memcpy(ppass, pkt->u.password, sizeof(union ospf_auth));
+        OSPF_TRACE(D_PACKETS, "OSPF_auth: different passwords (%s)", ppass);
        return 0;
       }
-
-      else
-        return 1;
+      return 1;
       break;
     case OSPF_AUTH_CRYPT:
       if (pkt->u.md5.len != OSPF_AUTH_CRYPT_SIZE)