From: Ondrej Zajicek (work) <santiago@crfreenet.org>
Date: Mon, 9 Oct 2017 19:11:53 +0000 (+0200)
Subject: OSPF: Fix minor issue in TTL check
X-Git-Tag: v2.0.0~53
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=2549300b54f262932dd14e6d465926627e6dc8ef;p=thirdparty%2Fbird.git

OSPF: Fix minor issue in TTL check

The TTL check must be done after instance ID dispatch to avoid warnings
when a physical iface is shared by multiple instances and some use TTL
security and some not.
---

diff --git a/proto/ospf/packet.c b/proto/ospf/packet.c
index b84780d34..7f9f3b39c 100644
--- a/proto/ospf/packet.c
+++ b/proto/ospf/packet.c
@@ -270,9 +270,6 @@ ospf_rx_hook(sock *sk, uint len)
   if (pkt == NULL)
     DROP("bad IP header", len);
 
-  if (ifa->check_ttl && (sk->rcv_ttl < 255))
-    DROP("wrong TTL", sk->rcv_ttl);
-
   if (len < sizeof(struct ospf_packet))
     DROP("too short", len);
 
@@ -379,6 +376,10 @@ found:
   if (ipa_equal(sk->laddr, ifa->des_routers) && (ifa->sk_dr == 0))
     return 1;
 
+  /* TTL check must be done after instance dispatch */
+  if (ifa->check_ttl && (sk->rcv_ttl < 255))
+    DROP("wrong TTL", sk->rcv_ttl);
+
   if (rid == p->router_id)
     DROP1("my own router ID");