input.c revision 1.23 1 1.23 christos /* $NetBSD: input.c,v 1.23 1998/10/24 18:30:23 christos Exp $ */
2 1.9 cgd
3 1.1 cgd /*
4 1.5 mycroft * Copyright (c) 1983, 1988, 1993
5 1.5 mycroft * The Regents of the University of California. All rights reserved.
6 1.1 cgd *
7 1.1 cgd * Redistribution and use in source and binary forms, with or without
8 1.1 cgd * modification, are permitted provided that the following conditions
9 1.1 cgd * are met:
10 1.1 cgd * 1. Redistributions of source code must retain the above copyright
11 1.1 cgd * notice, this list of conditions and the following disclaimer.
12 1.1 cgd * 2. Redistributions in binary form must reproduce the above copyright
13 1.1 cgd * notice, this list of conditions and the following disclaimer in the
14 1.1 cgd * documentation and/or other materials provided with the distribution.
15 1.1 cgd * 3. All advertising materials mentioning features or use of this software
16 1.1 cgd * must display the following acknowledgement:
17 1.1 cgd * This product includes software developed by the University of
18 1.1 cgd * California, Berkeley and its contributors.
19 1.1 cgd * 4. Neither the name of the University nor the names of its contributors
20 1.1 cgd * may be used to endorse or promote products derived from this software
21 1.1 cgd * without specific prior written permission.
22 1.1 cgd *
23 1.1 cgd * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
24 1.1 cgd * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
25 1.1 cgd * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
26 1.1 cgd * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
27 1.1 cgd * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
28 1.1 cgd * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
29 1.1 cgd * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
30 1.1 cgd * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
31 1.1 cgd * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
32 1.1 cgd * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
33 1.1 cgd * SUCH DAMAGE.
34 1.1 cgd */
35 1.1 cgd
36 1.18 christos #if !defined(lint) && !defined(sgi) && !defined(__NetBSD__)
37 1.9 cgd static char sccsid[] = "@(#)input.c 8.1 (Berkeley) 6/5/93";
38 1.18 christos #elif defined(__NetBSD__)
39 1.20 lukem #include <sys/cdefs.h>
40 1.23 christos __RCSID("$NetBSD: input.c,v 1.23 1998/10/24 18:30:23 christos Exp $");
41 1.9 cgd #endif
42 1.1 cgd
43 1.1 cgd #include "defs.h"
44 1.17 thorpej
45 1.19 christos static void input(struct sockaddr_in *, struct interface *, struct interface *,
46 1.19 christos struct rip *, int);
47 1.22 thorpej static void input_route(naddr, naddr, struct rt_spare *, struct netinfo *);
48 1.19 christos static int ck_passwd(struct interface *, struct rip *, void *,
49 1.19 christos naddr, struct msg_limit *);
50 1.1 cgd
51 1.15 christos
52 1.17 thorpej /* process RIP input
53 1.15 christos */
54 1.17 thorpej void
55 1.17 thorpej read_rip(int sock,
56 1.19 christos struct interface *sifp)
57 1.15 christos {
58 1.17 thorpej struct sockaddr_in from;
59 1.19 christos struct interface *aifp;
60 1.17 thorpej int fromlen, cc;
61 1.19 christos #ifdef USE_PASSIFNAME
62 1.19 christos static struct msg_limit bad_name;
63 1.19 christos struct {
64 1.19 christos char ifname[IFNAMSIZ];
65 1.19 christos union pkt_buf pbuf;
66 1.19 christos } inbuf;
67 1.19 christos #else
68 1.19 christos struct {
69 1.19 christos union pkt_buf pbuf;
70 1.19 christos } inbuf;
71 1.19 christos #endif
72 1.15 christos
73 1.15 christos
74 1.17 thorpej for (;;) {
75 1.17 thorpej fromlen = sizeof(from);
76 1.17 thorpej cc = recvfrom(sock, &inbuf, sizeof(inbuf), 0,
77 1.17 thorpej (struct sockaddr*)&from, &fromlen);
78 1.17 thorpej if (cc <= 0) {
79 1.17 thorpej if (cc < 0 && errno != EWOULDBLOCK)
80 1.17 thorpej LOGERR("recvfrom(rip)");
81 1.17 thorpej break;
82 1.17 thorpej }
83 1.17 thorpej if (fromlen != sizeof(struct sockaddr_in))
84 1.17 thorpej logbad(1,"impossible recvfrom(rip) fromlen=%d",
85 1.17 thorpej fromlen);
86 1.17 thorpej
87 1.19 christos /* aifp is the "authenticated" interface via which the packet
88 1.19 christos * arrived. In fact, it is only the interface on which
89 1.19 christos * the packet should have arrived based on is source
90 1.19 christos * address.
91 1.19 christos * sifp is interface associated with the socket through which
92 1.19 christos * the packet was received.
93 1.19 christos */
94 1.19 christos #ifdef USE_PASSIFNAME
95 1.19 christos if ((cc -= sizeof(inbuf.ifname)) < 0)
96 1.19 christos logbad(0,"missing USE_PASSIFNAME; only %d bytes",
97 1.19 christos cc+sizeof(inbuf.ifname));
98 1.19 christos
99 1.19 christos /* check the remote interfaces first */
100 1.19 christos for (aifp = remote_if; aifp; aifp = aifp->int_rlink) {
101 1.19 christos if (aifp->int_addr == from.sin_addr.s_addr)
102 1.19 christos break;
103 1.19 christos }
104 1.19 christos if (aifp == 0) {
105 1.19 christos aifp = ifwithname(inbuf.ifname, 0);
106 1.19 christos if (aifp == 0) {
107 1.19 christos msglim(&bad_name, from.sin_addr.s_addr,
108 1.19 christos "impossible interface name %.*s",
109 1.19 christos IFNAMSIZ, inbuf.ifname);
110 1.19 christos } else if (((aifp->int_if_flags & IFF_POINTOPOINT)
111 1.19 christos && aifp->int_dstaddr!=from.sin_addr.s_addr)
112 1.19 christos || (!(aifp->int_if_flags & IFF_POINTOPOINT)
113 1.19 christos && !on_net(from.sin_addr.s_addr,
114 1.19 christos aifp->int_net,
115 1.19 christos aifp->int_mask))) {
116 1.19 christos /* If it came via the wrong interface, do not
117 1.19 christos * trust it.
118 1.19 christos */
119 1.19 christos aifp = 0;
120 1.19 christos }
121 1.19 christos }
122 1.19 christos #else
123 1.19 christos aifp = iflookup(from.sin_addr.s_addr);
124 1.19 christos #endif
125 1.19 christos if (sifp == 0)
126 1.19 christos sifp = aifp;
127 1.19 christos
128 1.19 christos input(&from, sifp, aifp, &inbuf.pbuf.rip, cc);
129 1.15 christos }
130 1.15 christos }
131 1.15 christos
132 1.15 christos
133 1.17 thorpej /* Process a RIP packet
134 1.1 cgd */
135 1.17 thorpej static void
136 1.17 thorpej input(struct sockaddr_in *from, /* received from this IP address */
137 1.19 christos struct interface *sifp, /* interface of incoming socket */
138 1.19 christos struct interface *aifp, /* "authenticated" interface */
139 1.17 thorpej struct rip *rip,
140 1.19 christos int cc)
141 1.1 cgd {
142 1.17 thorpej # define FROM_NADDR from->sin_addr.s_addr
143 1.19 christos static struct msg_limit use_auth, bad_len, bad_mask;
144 1.22 thorpej static struct msg_limit unk_router, bad_router, bad_nhop;
145 1.17 thorpej
146 1.17 thorpej struct rt_entry *rt;
147 1.22 thorpej struct rt_spare new;
148 1.17 thorpej struct netinfo *n, *lim;
149 1.17 thorpej struct interface *ifp1;
150 1.20 lukem naddr gate, mask, v1_mask, dst, ddst_h = 0;
151 1.19 christos struct auth *ap;
152 1.22 thorpej struct tgate *tg = 0;
153 1.22 thorpej struct tgate_net *tn;
154 1.22 thorpej int i, j;
155 1.17 thorpej
156 1.19 christos /* Notice when we hear from a remote gateway
157 1.19 christos */
158 1.19 christos if (aifp != 0
159 1.19 christos && (aifp->int_state & IS_REMOTE))
160 1.19 christos aifp->int_act_time = now.tv_sec;
161 1.17 thorpej
162 1.19 christos trace_rip("Recv", "from", from, sifp, rip, cc);
163 1.17 thorpej
164 1.17 thorpej if (rip->rip_vers == 0) {
165 1.19 christos msglim(&bad_router, FROM_NADDR,
166 1.19 christos "RIP version 0, cmd %d, packet received from %s",
167 1.19 christos rip->rip_cmd, naddr_ntoa(FROM_NADDR));
168 1.17 thorpej return;
169 1.18 christos } else if (rip->rip_vers > RIPv2) {
170 1.18 christos rip->rip_vers = RIPv2;
171 1.17 thorpej }
172 1.19 christos if (cc > OVER_MAXPACKETSIZE) {
173 1.19 christos msglim(&bad_router, FROM_NADDR,
174 1.19 christos "packet at least %d bytes too long received from %s",
175 1.19 christos cc-MAXPACKETSIZE, naddr_ntoa(FROM_NADDR));
176 1.1 cgd return;
177 1.1 cgd }
178 1.17 thorpej
179 1.17 thorpej n = rip->rip_nets;
180 1.19 christos lim = (struct netinfo *)((char*)rip + cc);
181 1.17 thorpej
182 1.17 thorpej /* Notice authentication.
183 1.17 thorpej * As required by section 4.2 in RFC 1723, discard authenticated
184 1.17 thorpej * RIPv2 messages, but only if configured for that silliness.
185 1.17 thorpej *
186 1.19 christos * RIPv2 authentication is lame. Why authenticate queries?
187 1.17 thorpej * Why should a RIPv2 implementation with authentication disabled
188 1.17 thorpej * not be able to listen to RIPv2 packets with authenication, while
189 1.17 thorpej * RIPv1 systems will listen? Crazy!
190 1.17 thorpej */
191 1.17 thorpej if (!auth_ok
192 1.18 christos && rip->rip_vers == RIPv2
193 1.17 thorpej && n < lim && n->n_family == RIP_AF_AUTH) {
194 1.19 christos msglim(&use_auth, FROM_NADDR,
195 1.19 christos "RIPv2 message with authentication from %s discarded",
196 1.19 christos naddr_ntoa(FROM_NADDR));
197 1.1 cgd return;
198 1.1 cgd }
199 1.15 christos
200 1.1 cgd switch (rip->rip_cmd) {
201 1.17 thorpej case RIPCMD_REQUEST:
202 1.19 christos /* For mere requests, be a little sloppy about the source
203 1.19 christos */
204 1.19 christos if (aifp == 0)
205 1.19 christos aifp = sifp;
206 1.19 christos
207 1.19 christos /* Are we talking to ourself or a remote gateway?
208 1.17 thorpej */
209 1.19 christos ifp1 = ifwithaddr(FROM_NADDR, 0, 1);
210 1.19 christos if (ifp1) {
211 1.19 christos if (ifp1->int_state & IS_REMOTE) {
212 1.19 christos /* remote gateway */
213 1.19 christos aifp = ifp1;
214 1.19 christos if (check_remote(aifp)) {
215 1.19 christos aifp->int_act_time = now.tv_sec;
216 1.19 christos (void)if_ok(aifp, "remote ");
217 1.19 christos }
218 1.19 christos } else if (from->sin_port == htons(RIP_PORT)) {
219 1.19 christos trace_pkt(" discard our own RIP request");
220 1.17 thorpej return;
221 1.17 thorpej }
222 1.19 christos }
223 1.1 cgd
224 1.19 christos /* did the request come from a router?
225 1.19 christos */
226 1.19 christos if (from->sin_port == htons(RIP_PORT)) {
227 1.19 christos /* yes, ignore the request if RIP is off so that
228 1.19 christos * the router does not depend on us.
229 1.17 thorpej */
230 1.19 christos if (rip_sock < 0
231 1.19 christos || (aifp != 0
232 1.19 christos && IS_RIP_OUT_OFF(aifp->int_state))) {
233 1.19 christos trace_pkt(" discard request while RIP off");
234 1.17 thorpej return;
235 1.17 thorpej }
236 1.17 thorpej }
237 1.17 thorpej
238 1.17 thorpej /* According to RFC 1723, we should ignore unathenticated
239 1.17 thorpej * queries. That is too silly to bother with. Sheesh!
240 1.19 christos * Are forwarding tables supposed to be secret, when
241 1.19 christos * a bad guy can infer them with test traffic? When RIP
242 1.19 christos * is still the most common router-discovery protocol
243 1.19 christos * and so hosts need to send queries that will be answered?
244 1.19 christos * What about `rtquery`?
245 1.17 thorpej * Maybe on firewalls you'd care, but not enough to
246 1.17 thorpej * give up the diagnostic facilities of remote probing.
247 1.17 thorpej */
248 1.17 thorpej
249 1.19 christos if (n >= lim) {
250 1.19 christos msglim(&bad_len, FROM_NADDR, "empty request from %s",
251 1.19 christos naddr_ntoa(FROM_NADDR));
252 1.19 christos return;
253 1.17 thorpej }
254 1.19 christos if (cc%sizeof(*n) != sizeof(struct rip)%sizeof(*n)) {
255 1.19 christos msglim(&bad_len, FROM_NADDR,
256 1.19 christos "request of bad length (%d) from %s",
257 1.19 christos cc, naddr_ntoa(FROM_NADDR));
258 1.19 christos }
259 1.19 christos
260 1.19 christos if (rip->rip_vers == RIPv2
261 1.19 christos && (aifp == 0 || (aifp->int_state & IS_NO_RIPV1_OUT))) {
262 1.19 christos v12buf.buf->rip_vers = RIPv2;
263 1.19 christos /* If we have a secret but it is a cleartext secret,
264 1.19 christos * do not disclose our secret unless the other guy
265 1.19 christos * already knows it.
266 1.19 christos */
267 1.19 christos ap = find_auth(aifp);
268 1.19 christos if (ap != 0 && ap->type == RIP_AUTH_PW
269 1.19 christos && n->n_family == RIP_AF_AUTH
270 1.19 christos && !ck_passwd(aifp,rip,lim,FROM_NADDR,&use_auth))
271 1.19 christos ap = 0;
272 1.19 christos } else {
273 1.19 christos v12buf.buf->rip_vers = RIPv1;
274 1.19 christos ap = 0;
275 1.19 christos }
276 1.19 christos clr_ws_buf(&v12buf, ap);
277 1.19 christos
278 1.19 christos do {
279 1.19 christos NTOHL(n->n_metric);
280 1.17 thorpej
281 1.17 thorpej /* A single entry with family RIP_AF_UNSPEC and
282 1.17 thorpej * metric HOPCNT_INFINITY means "all routes".
283 1.1 cgd * We respond to routers only if we are acting
284 1.1 cgd * as a supplier, or to anyone other than a router
285 1.17 thorpej * (i.e. a query).
286 1.1 cgd */
287 1.17 thorpej if (n->n_family == RIP_AF_UNSPEC
288 1.19 christos && n->n_metric == HOPCNT_INFINITY) {
289 1.22 thorpej /* Answer a query from a utility program
290 1.22 thorpej * with all we know.
291 1.22 thorpej */
292 1.17 thorpej if (from->sin_port != htons(RIP_PORT)) {
293 1.19 christos supply(from, aifp, OUT_QUERY, 0,
294 1.19 christos rip->rip_vers, ap != 0);
295 1.18 christos return;
296 1.17 thorpej }
297 1.19 christos
298 1.18 christos /* A router trying to prime its tables.
299 1.18 christos * Filter the answer in the about same way
300 1.18 christos * broadcasts are filtered.
301 1.18 christos *
302 1.18 christos * Only answer a router if we are a supplier
303 1.18 christos * to keep an unwary host that is just starting
304 1.22 thorpej * from picking us as a router.
305 1.18 christos */
306 1.19 christos if (aifp == 0) {
307 1.19 christos trace_pkt("ignore distant router");
308 1.19 christos return;
309 1.19 christos }
310 1.18 christos if (!supplier
311 1.19 christos || IS_RIP_OFF(aifp->int_state)) {
312 1.19 christos trace_pkt("ignore; not supplying");
313 1.18 christos return;
314 1.19 christos }
315 1.18 christos
316 1.22 thorpej /* Do not answer a RIPv1 router if
317 1.22 thorpej * we are sending RIPv2. But do offer
318 1.22 thorpej * poor man's router discovery.
319 1.22 thorpej */
320 1.22 thorpej if ((aifp->int_state & IS_NO_RIPV1_OUT)
321 1.22 thorpej && rip->rip_vers == RIPv1) {
322 1.22 thorpej if (!(aifp->int_state & IS_PM_RDISC)) {
323 1.22 thorpej trace_pkt("ignore; sending RIPv2");
324 1.22 thorpej return;
325 1.22 thorpej }
326 1.22 thorpej
327 1.22 thorpej v12buf.n->n_family = RIP_AF_INET;
328 1.22 thorpej v12buf.n->n_dst = RIP_DEFAULT;
329 1.22 thorpej i = aifp->int_d_metric;
330 1.22 thorpej if (0 != (rt = rtget(RIP_DEFAULT, 0)))
331 1.22 thorpej i = MIN(i, (rt->rt_metric
332 1.22 thorpej +aifp->int_metric+1));
333 1.22 thorpej v12buf.n->n_metric = htonl(i);
334 1.22 thorpej v12buf.n++;
335 1.22 thorpej break;
336 1.22 thorpej }
337 1.22 thorpej
338 1.22 thorpej /* Respond with RIPv1 instead of RIPv2 if
339 1.22 thorpej * that is what we are broadcasting on the
340 1.22 thorpej * interface to keep the remote router from
341 1.22 thorpej * getting the wrong initial idea of the
342 1.22 thorpej * routes we send.
343 1.22 thorpej */
344 1.18 christos supply(from, aifp, OUT_UNICAST, 0,
345 1.22 thorpej (aifp->int_state & IS_NO_RIPV1_OUT)
346 1.19 christos ? RIPv2 : RIPv1,
347 1.19 christos ap != 0);
348 1.17 thorpej return;
349 1.17 thorpej }
350 1.17 thorpej
351 1.19 christos /* Ignore authentication */
352 1.19 christos if (n->n_family == RIP_AF_AUTH)
353 1.19 christos continue;
354 1.19 christos
355 1.17 thorpej if (n->n_family != RIP_AF_INET) {
356 1.19 christos msglim(&bad_router, FROM_NADDR,
357 1.22 thorpej "request from %s for unsupported"
358 1.22 thorpej " (af %d) %s",
359 1.19 christos naddr_ntoa(FROM_NADDR),
360 1.19 christos ntohs(n->n_family),
361 1.19 christos naddr_ntoa(n->n_dst));
362 1.17 thorpej return;
363 1.17 thorpej }
364 1.17 thorpej
365 1.19 christos /* We are being asked about a specific destination.
366 1.19 christos */
367 1.17 thorpej dst = n->n_dst;
368 1.17 thorpej if (!check_dst(dst)) {
369 1.19 christos msglim(&bad_router, FROM_NADDR,
370 1.19 christos "bad queried destination %s from %s",
371 1.19 christos naddr_ntoa(dst),
372 1.19 christos naddr_ntoa(FROM_NADDR));
373 1.1 cgd return;
374 1.1 cgd }
375 1.17 thorpej
376 1.19 christos /* decide what mask was intended */
377 1.17 thorpej if (rip->rip_vers == RIPv1
378 1.17 thorpej || 0 == (mask = ntohl(n->n_mask))
379 1.17 thorpej || 0 != (ntohl(dst) & ~mask))
380 1.19 christos mask = ripv1_mask_host(dst, aifp);
381 1.17 thorpej
382 1.19 christos /* try to find the answer */
383 1.17 thorpej rt = rtget(dst, mask);
384 1.17 thorpej if (!rt && dst != RIP_DEFAULT)
385 1.17 thorpej rt = rtfind(n->n_dst);
386 1.17 thorpej
387 1.19 christos if (v12buf.buf->rip_vers != RIPv1)
388 1.19 christos v12buf.n->n_mask = mask;
389 1.17 thorpej if (rt == 0) {
390 1.19 christos /* we do not have the answer */
391 1.19 christos v12buf.n->n_metric = HOPCNT_INFINITY;
392 1.17 thorpej } else {
393 1.19 christos /* we have the answer, so compute the
394 1.19 christos * right metric and next hop.
395 1.19 christos */
396 1.19 christos v12buf.n->n_family = RIP_AF_INET;
397 1.19 christos v12buf.n->n_dst = dst;
398 1.19 christos v12buf.n->n_metric = (rt->rt_metric+1
399 1.19 christos + ((aifp!=0)
400 1.19 christos ? aifp->int_metric
401 1.19 christos : 1));
402 1.19 christos if (v12buf.n->n_metric > HOPCNT_INFINITY)
403 1.19 christos v12buf.n->n_metric = HOPCNT_INFINITY;
404 1.19 christos if (v12buf.buf->rip_vers != RIPv1) {
405 1.19 christos v12buf.n->n_tag = rt->rt_tag;
406 1.19 christos v12buf.n->n_mask = mask;
407 1.19 christos if (aifp != 0
408 1.17 thorpej && on_net(rt->rt_gate,
409 1.19 christos aifp->int_net,
410 1.19 christos aifp->int_mask)
411 1.19 christos && rt->rt_gate != aifp->int_addr)
412 1.19 christos v12buf.n->n_nhop = rt->rt_gate;
413 1.17 thorpej }
414 1.17 thorpej }
415 1.19 christos HTONL(v12buf.n->n_metric);
416 1.19 christos
417 1.19 christos /* Stop paying attention if we fill the output buffer.
418 1.19 christos */
419 1.19 christos if (++v12buf.n >= v12buf.lim)
420 1.19 christos break;
421 1.19 christos } while (++n < lim);
422 1.19 christos
423 1.19 christos /* Send the answer about specific routes.
424 1.19 christos */
425 1.19 christos if (ap != 0 && ap->type == RIP_AUTH_MD5)
426 1.19 christos end_md5_auth(&v12buf, ap);
427 1.19 christos
428 1.17 thorpej if (from->sin_port != htons(RIP_PORT)) {
429 1.17 thorpej /* query */
430 1.19 christos (void)output(OUT_QUERY, from, aifp,
431 1.19 christos v12buf.buf,
432 1.19 christos ((char *)v12buf.n - (char*)v12buf.buf));
433 1.17 thorpej } else if (supplier) {
434 1.19 christos (void)output(OUT_UNICAST, from, aifp,
435 1.19 christos v12buf.buf,
436 1.19 christos ((char *)v12buf.n - (char*)v12buf.buf));
437 1.19 christos } else {
438 1.19 christos /* Only answer a router if we are a supplier
439 1.19 christos * to keep an unwary host that is just starting
440 1.19 christos * from picking us an a router.
441 1.19 christos */
442 1.19 christos ;
443 1.17 thorpej }
444 1.1 cgd return;
445 1.1 cgd
446 1.1 cgd case RIPCMD_TRACEON:
447 1.1 cgd case RIPCMD_TRACEOFF:
448 1.1 cgd /* verify message came from a privileged port */
449 1.17 thorpej if (ntohs(from->sin_port) > IPPORT_RESERVED) {
450 1.17 thorpej msglog("trace command from untrusted port on %s",
451 1.17 thorpej naddr_ntoa(FROM_NADDR));
452 1.1 cgd return;
453 1.17 thorpej }
454 1.18 christos if (aifp == 0) {
455 1.17 thorpej msglog("trace command from unknown router %s",
456 1.17 thorpej naddr_ntoa(FROM_NADDR));
457 1.12 christos return;
458 1.17 thorpej }
459 1.17 thorpej if (rip->rip_cmd == RIPCMD_TRACEON) {
460 1.19 christos rip->rip_tracefile[cc-4] = '\0';
461 1.23 christos #if 0
462 1.19 christos set_tracefile((char*)rip->rip_tracefile,
463 1.19 christos "trace command: %s\n", 0);
464 1.23 christos #else
465 1.23 christos msglog("RIP_TRACEON for `%s' from %s ignored",
466 1.23 christos (char *) rip->rip_tracefile,
467 1.23 christos naddr_ntoa(FROM_NADDR));
468 1.23 christos #endif
469 1.17 thorpej } else {
470 1.23 christos #if 0
471 1.19 christos trace_off("tracing turned off by %s",
472 1.17 thorpej naddr_ntoa(FROM_NADDR));
473 1.23 christos #else
474 1.23 christos msglog("RIP_TRACEOFF from %s ignored",
475 1.23 christos naddr_ntoa(FROM_NADDR));
476 1.23 christos #endif
477 1.17 thorpej }
478 1.1 cgd return;
479 1.1 cgd
480 1.1 cgd case RIPCMD_RESPONSE:
481 1.19 christos if (cc%sizeof(*n) != sizeof(struct rip)%sizeof(*n)) {
482 1.19 christos msglim(&bad_len, FROM_NADDR,
483 1.19 christos "response of bad length (%d) from %s",
484 1.19 christos cc, naddr_ntoa(FROM_NADDR));
485 1.17 thorpej }
486 1.17 thorpej
487 1.1 cgd /* verify message came from a router */
488 1.17 thorpej if (from->sin_port != ntohs(RIP_PORT)) {
489 1.19 christos msglim(&bad_router, FROM_NADDR,
490 1.19 christos " discard RIP response from unknown port"
491 1.19 christos " %d", from->sin_port);
492 1.1 cgd return;
493 1.17 thorpej }
494 1.17 thorpej
495 1.17 thorpej if (rip_sock < 0) {
496 1.19 christos trace_pkt(" discard response while RIP off");
497 1.17 thorpej return;
498 1.17 thorpej }
499 1.17 thorpej
500 1.17 thorpej /* Are we talking to ourself or a remote gateway?
501 1.17 thorpej */
502 1.17 thorpej ifp1 = ifwithaddr(FROM_NADDR, 0, 1);
503 1.17 thorpej if (ifp1) {
504 1.17 thorpej if (ifp1->int_state & IS_REMOTE) {
505 1.19 christos /* remote gateway */
506 1.19 christos aifp = ifp1;
507 1.19 christos if (check_remote(aifp)) {
508 1.19 christos aifp->int_act_time = now.tv_sec;
509 1.19 christos (void)if_ok(aifp, "remote ");
510 1.17 thorpej }
511 1.17 thorpej } else {
512 1.19 christos trace_pkt(" discard our own RIP response");
513 1.19 christos return;
514 1.1 cgd }
515 1.17 thorpej }
516 1.17 thorpej
517 1.19 christos /* Accept routing packets from routers directly connected
518 1.19 christos * via broadcast or point-to-point networks, and from
519 1.17 thorpej * those listed in /etc/gateways.
520 1.17 thorpej */
521 1.19 christos if (aifp == 0) {
522 1.19 christos msglim(&unk_router, FROM_NADDR,
523 1.19 christos " discard response from %s"
524 1.19 christos " via unexpected interface",
525 1.19 christos naddr_ntoa(FROM_NADDR));
526 1.19 christos return;
527 1.19 christos }
528 1.19 christos if (IS_RIP_IN_OFF(aifp->int_state)) {
529 1.19 christos trace_pkt(" discard RIPv%d response"
530 1.19 christos " via disabled interface %s",
531 1.19 christos rip->rip_vers, aifp->int_name);
532 1.17 thorpej return;
533 1.17 thorpej }
534 1.19 christos
535 1.19 christos if (n >= lim) {
536 1.19 christos msglim(&bad_len, FROM_NADDR, "empty response from %s",
537 1.19 christos naddr_ntoa(FROM_NADDR));
538 1.17 thorpej return;
539 1.17 thorpej }
540 1.17 thorpej
541 1.18 christos if (((aifp->int_state & IS_NO_RIPV1_IN)
542 1.17 thorpej && rip->rip_vers == RIPv1)
543 1.18 christos || ((aifp->int_state & IS_NO_RIPV2_IN)
544 1.17 thorpej && rip->rip_vers != RIPv1)) {
545 1.19 christos trace_pkt(" discard RIPv%d response",
546 1.17 thorpej rip->rip_vers);
547 1.17 thorpej return;
548 1.17 thorpej }
549 1.17 thorpej
550 1.17 thorpej /* Ignore routes via dead interface.
551 1.17 thorpej */
552 1.18 christos if (aifp->int_state & IS_BROKE) {
553 1.22 thorpej trace_pkt("discard response via broken interface %s",
554 1.18 christos aifp->int_name);
555 1.17 thorpej return;
556 1.17 thorpej }
557 1.17 thorpej
558 1.19 christos /* If the interface cares, ignore bad routers.
559 1.19 christos * Trace but do not log this problem, because where it
560 1.19 christos * happens, it happens frequently.
561 1.19 christos */
562 1.19 christos if (aifp->int_state & IS_DISTRUST) {
563 1.22 thorpej tg = tgates;
564 1.19 christos while (tg->tgate_addr != FROM_NADDR) {
565 1.19 christos tg = tg->tgate_next;
566 1.19 christos if (tg == 0) {
567 1.19 christos trace_pkt(" discard RIP response"
568 1.19 christos " from untrusted router %s",
569 1.19 christos naddr_ntoa(FROM_NADDR));
570 1.19 christos return;
571 1.19 christos }
572 1.18 christos }
573 1.17 thorpej }
574 1.17 thorpej
575 1.19 christos /* Authenticate the packet if we have a secret.
576 1.19 christos * If we do not have any secrets, ignore the error in
577 1.19 christos * RFC 1723 and accept it regardless.
578 1.19 christos */
579 1.19 christos if (aifp->int_auth[0].type != RIP_AUTH_NONE
580 1.19 christos && rip->rip_vers != RIPv1
581 1.19 christos && !ck_passwd(aifp,rip,lim,FROM_NADDR,&use_auth))
582 1.19 christos return;
583 1.17 thorpej
584 1.19 christos do {
585 1.17 thorpej if (n->n_family == RIP_AF_AUTH)
586 1.15 christos continue;
587 1.17 thorpej
588 1.17 thorpej NTOHL(n->n_metric);
589 1.17 thorpej dst = n->n_dst;
590 1.17 thorpej if (n->n_family != RIP_AF_INET
591 1.17 thorpej && (n->n_family != RIP_AF_UNSPEC
592 1.17 thorpej || dst != RIP_DEFAULT)) {
593 1.19 christos msglim(&bad_router, FROM_NADDR,
594 1.19 christos "route from %s to unsupported"
595 1.19 christos " address family=%d destination=%s",
596 1.19 christos naddr_ntoa(FROM_NADDR),
597 1.19 christos n->n_family,
598 1.19 christos naddr_ntoa(dst));
599 1.1 cgd continue;
600 1.1 cgd }
601 1.17 thorpej if (!check_dst(dst)) {
602 1.19 christos msglim(&bad_router, FROM_NADDR,
603 1.19 christos "bad destination %s from %s",
604 1.19 christos naddr_ntoa(dst),
605 1.19 christos naddr_ntoa(FROM_NADDR));
606 1.17 thorpej return;
607 1.1 cgd }
608 1.17 thorpej if (n->n_metric == 0
609 1.17 thorpej || n->n_metric > HOPCNT_INFINITY) {
610 1.19 christos msglim(&bad_router, FROM_NADDR,
611 1.19 christos "bad metric %d from %s"
612 1.19 christos " for destination %s",
613 1.19 christos n->n_metric,
614 1.19 christos naddr_ntoa(FROM_NADDR),
615 1.19 christos naddr_ntoa(dst));
616 1.17 thorpej return;
617 1.1 cgd }
618 1.17 thorpej
619 1.17 thorpej /* Notice the next-hop.
620 1.1 cgd */
621 1.19 christos gate = FROM_NADDR;
622 1.18 christos if (n->n_nhop != 0) {
623 1.18 christos if (rip->rip_vers == RIPv2) {
624 1.18 christos n->n_nhop = 0;
625 1.17 thorpej } else {
626 1.18 christos /* Use it only if it is valid. */
627 1.18 christos if (on_net(n->n_nhop,
628 1.18 christos aifp->int_net, aifp->int_mask)
629 1.18 christos && check_dst(n->n_nhop)) {
630 1.18 christos gate = n->n_nhop;
631 1.18 christos } else {
632 1.19 christos msglim(&bad_nhop, FROM_NADDR,
633 1.19 christos "router %s to %s"
634 1.19 christos " has bad next hop %s",
635 1.19 christos naddr_ntoa(FROM_NADDR),
636 1.19 christos naddr_ntoa(dst),
637 1.19 christos naddr_ntoa(n->n_nhop));
638 1.19 christos n->n_nhop = 0;
639 1.18 christos }
640 1.17 thorpej }
641 1.17 thorpej }
642 1.17 thorpej
643 1.17 thorpej if (rip->rip_vers == RIPv1
644 1.17 thorpej || 0 == (mask = ntohl(n->n_mask))) {
645 1.18 christos mask = ripv1_mask_host(dst,aifp);
646 1.17 thorpej } else if ((ntohl(dst) & ~mask) != 0) {
647 1.19 christos msglim(&bad_mask, FROM_NADDR,
648 1.19 christos "router %s sent bad netmask"
649 1.19 christos " %#x with %s",
650 1.19 christos naddr_ntoa(FROM_NADDR),
651 1.19 christos mask,
652 1.19 christos naddr_ntoa(dst));
653 1.1 cgd continue;
654 1.1 cgd }
655 1.17 thorpej if (rip->rip_vers == RIPv1)
656 1.17 thorpej n->n_tag = 0;
657 1.1 cgd
658 1.17 thorpej /* Adjust metric according to incoming interface..
659 1.17 thorpej */
660 1.18 christos n->n_metric += aifp->int_metric;
661 1.17 thorpej if (n->n_metric > HOPCNT_INFINITY)
662 1.17 thorpej n->n_metric = HOPCNT_INFINITY;
663 1.17 thorpej
664 1.22 thorpej /* Should we trust this route from this router? */
665 1.22 thorpej if (tg && (tn = tg->tgate_nets)->mask != 0) {
666 1.22 thorpej for (i = 0; i < MAX_TGATE_NETS; i++, tn++) {
667 1.22 thorpej if (on_net(dst, tn->net, tn->mask)
668 1.22 thorpej && tn->mask <= mask)
669 1.22 thorpej break;
670 1.22 thorpej }
671 1.22 thorpej if (i >= MAX_TGATE_NETS || tn->mask == 0) {
672 1.22 thorpej trace_pkt(" ignored unauthorized %s",
673 1.22 thorpej addrname(dst,mask,0));
674 1.22 thorpej continue;
675 1.22 thorpej }
676 1.22 thorpej }
677 1.22 thorpej
678 1.17 thorpej /* Recognize and ignore a default route we faked
679 1.17 thorpej * which is being sent back to us by a machine with
680 1.17 thorpej * broken split-horizon.
681 1.17 thorpej * Be a little more paranoid than that, and reject
682 1.17 thorpej * default routes with the same metric we advertised.
683 1.17 thorpej */
684 1.18 christos if (aifp->int_d_metric != 0
685 1.17 thorpej && dst == RIP_DEFAULT
686 1.18 christos && n->n_metric >= aifp->int_d_metric)
687 1.17 thorpej continue;
688 1.17 thorpej
689 1.17 thorpej /* We can receive aggregated RIPv2 routes that must
690 1.17 thorpej * be broken down before they are transmitted by
691 1.17 thorpej * RIPv1 via an interface on a subnet.
692 1.17 thorpej * We might also receive the same routes aggregated
693 1.17 thorpej * via other RIPv2 interfaces.
694 1.17 thorpej * This could cause duplicate routes to be sent on
695 1.17 thorpej * the RIPv1 interfaces. "Longest matching variable
696 1.17 thorpej * length netmasks" lets RIPv2 listeners understand,
697 1.17 thorpej * but breaking down the aggregated routes for RIPv1
698 1.17 thorpej * listeners can produce duplicate routes.
699 1.17 thorpej *
700 1.17 thorpej * Breaking down aggregated routes here bloats
701 1.17 thorpej * the daemon table, but does not hurt the kernel
702 1.17 thorpej * table, since routes are always aggregated for
703 1.17 thorpej * the kernel.
704 1.17 thorpej *
705 1.17 thorpej * Notice that this does not break down network
706 1.17 thorpej * routes corresponding to subnets. This is part
707 1.17 thorpej * of the defense against RS_NET_SYN.
708 1.1 cgd */
709 1.17 thorpej if (have_ripv1_out
710 1.17 thorpej && (((rt = rtget(dst,mask)) == 0
711 1.19 christos || !(rt->rt_state & RS_NET_SYN)))
712 1.19 christos && (v1_mask = ripv1_mask_net(dst,0)) > mask) {
713 1.17 thorpej ddst_h = v1_mask & -v1_mask;
714 1.17 thorpej i = (v1_mask & ~mask)/ddst_h;
715 1.18 christos if (i >= 511) {
716 1.17 thorpej /* Punt if we would have to generate
717 1.17 thorpej * an unreasonable number of routes.
718 1.17 thorpej */
719 1.22 thorpej if (TRACECONTENTS)
720 1.22 thorpej trace_misc("accept %s-->%s as 1"
721 1.22 thorpej " instead of %d routes",
722 1.22 thorpej addrname(dst,mask,0),
723 1.22 thorpej naddr_ntoa(FROM_NADDR),
724 1.22 thorpej i+1);
725 1.17 thorpej i = 0;
726 1.17 thorpej } else {
727 1.17 thorpej mask = v1_mask;
728 1.17 thorpej }
729 1.17 thorpej } else {
730 1.17 thorpej i = 0;
731 1.17 thorpej }
732 1.17 thorpej
733 1.22 thorpej new.rts_gate = gate;
734 1.22 thorpej new.rts_router = FROM_NADDR;
735 1.22 thorpej new.rts_metric = n->n_metric;
736 1.22 thorpej new.rts_tag = n->n_tag;
737 1.22 thorpej new.rts_time = now.tv_sec;
738 1.22 thorpej new.rts_ifp = aifp;
739 1.22 thorpej new.rts_de_ag = i;
740 1.22 thorpej j = 0;
741 1.17 thorpej for (;;) {
742 1.22 thorpej input_route(dst, mask, &new, n);
743 1.22 thorpej if (++j > i)
744 1.17 thorpej break;
745 1.17 thorpej dst = htonl(ntohl(dst) + ddst_h);
746 1.1 cgd }
747 1.19 christos } while (++n < lim);
748 1.1 cgd break;
749 1.1 cgd }
750 1.19 christos #undef FROM_NADDR
751 1.17 thorpej }
752 1.17 thorpej
753 1.17 thorpej
754 1.17 thorpej /* Process a single input route.
755 1.17 thorpej */
756 1.17 thorpej static void
757 1.22 thorpej input_route(naddr dst, /* network order */
758 1.17 thorpej naddr mask,
759 1.22 thorpej struct rt_spare *new,
760 1.17 thorpej struct netinfo *n)
761 1.17 thorpej {
762 1.17 thorpej int i;
763 1.17 thorpej struct rt_entry *rt;
764 1.17 thorpej struct rt_spare *rts, *rts0;
765 1.17 thorpej struct interface *ifp1;
766 1.17 thorpej
767 1.17 thorpej
768 1.17 thorpej /* See if the other guy is telling us to send our packets to him.
769 1.17 thorpej * Sometimes network routes arrive over a point-to-point link for
770 1.17 thorpej * the network containing the address(es) of the link.
771 1.17 thorpej *
772 1.17 thorpej * If our interface is broken, switch to using the other guy.
773 1.17 thorpej */
774 1.17 thorpej ifp1 = ifwithaddr(dst, 1, 1);
775 1.17 thorpej if (ifp1 != 0
776 1.19 christos && (!(ifp1->int_state & IS_BROKE)
777 1.19 christos || (ifp1->int_state & IS_PASSIVE)))
778 1.17 thorpej return;
779 1.17 thorpej
780 1.17 thorpej /* Look for the route in our table.
781 1.17 thorpej */
782 1.17 thorpej rt = rtget(dst, mask);
783 1.17 thorpej
784 1.17 thorpej /* Consider adding the route if we do not already have it.
785 1.17 thorpej */
786 1.17 thorpej if (rt == 0) {
787 1.17 thorpej /* Ignore unknown routes being poisoned.
788 1.17 thorpej */
789 1.22 thorpej if (new->rts_metric == HOPCNT_INFINITY)
790 1.17 thorpej return;
791 1.17 thorpej
792 1.18 christos /* Ignore the route if it points to us */
793 1.18 christos if (n->n_nhop != 0
794 1.18 christos && 0 != ifwithaddr(n->n_nhop, 1, 0))
795 1.18 christos return;
796 1.18 christos
797 1.18 christos /* If something has not gone crazy and tried to fill
798 1.18 christos * our memory, accept the new route.
799 1.18 christos */
800 1.18 christos if (total_routes < MAX_ROUTES)
801 1.22 thorpej rtadd(dst, mask, 0, new);
802 1.17 thorpej return;
803 1.17 thorpej }
804 1.1 cgd
805 1.17 thorpej /* We already know about the route. Consider this update.
806 1.17 thorpej *
807 1.17 thorpej * If (rt->rt_state & RS_NET_SYN), then this route
808 1.17 thorpej * is the same as a network route we have inferred
809 1.17 thorpej * for subnets we know, in order to tell RIPv1 routers
810 1.17 thorpej * about the subnets.
811 1.17 thorpej *
812 1.17 thorpej * It is impossible to tell if the route is coming
813 1.17 thorpej * from a distant RIPv2 router with the standard
814 1.17 thorpej * netmask because that router knows about the entire
815 1.17 thorpej * network, or if it is a round-about echo of a
816 1.17 thorpej * synthetic, RIPv1 network route of our own.
817 1.17 thorpej * The worst is that both kinds of routes might be
818 1.17 thorpej * received, and the bad one might have the smaller
819 1.18 christos * metric. Partly solve this problem by never
820 1.18 christos * aggregating into such a route. Also keep it
821 1.17 thorpej * around as long as the interface exists.
822 1.1 cgd */
823 1.17 thorpej
824 1.17 thorpej rts0 = rt->rt_spares;
825 1.17 thorpej for (rts = rts0, i = NUM_SPARES; i != 0; i--, rts++) {
826 1.22 thorpej if (rts->rts_router == new->rts_router)
827 1.17 thorpej break;
828 1.17 thorpej /* Note the worst slot to reuse,
829 1.17 thorpej * other than the current slot.
830 1.17 thorpej */
831 1.17 thorpej if (rts0 == rt->rt_spares
832 1.17 thorpej || BETTER_LINK(rt, rts0, rts))
833 1.17 thorpej rts0 = rts;
834 1.17 thorpej }
835 1.17 thorpej if (i != 0) {
836 1.22 thorpej /* Found a route from the router already in the table.
837 1.17 thorpej */
838 1.22 thorpej
839 1.22 thorpej /* If the new route is a route broken down from an
840 1.22 thorpej * aggregated route, and if the previous route is either
841 1.22 thorpej * not a broken down route or was broken down from a finer
842 1.22 thorpej * netmask, and if the previous route is current,
843 1.22 thorpej * then forget this one.
844 1.22 thorpej */
845 1.22 thorpej if (new->rts_de_ag > rts->rts_de_ag
846 1.22 thorpej && now_stale <= rts->rts_time)
847 1.22 thorpej return;
848 1.17 thorpej
849 1.18 christos /* Keep poisoned routes around only long enough to pass
850 1.22 thorpej * the poison on. Use a new timestamp for good routes.
851 1.17 thorpej */
852 1.22 thorpej if (rts->rts_metric == HOPCNT_INFINITY
853 1.22 thorpej && new->rts_metric == HOPCNT_INFINITY)
854 1.22 thorpej new->rts_time = rts->rts_time;
855 1.17 thorpej
856 1.17 thorpej /* If this is an update for the router we currently prefer,
857 1.17 thorpej * then note it.
858 1.17 thorpej */
859 1.17 thorpej if (i == NUM_SPARES) {
860 1.22 thorpej rtchange(rt, rt->rt_state, new, 0);
861 1.17 thorpej /* If the route got worse, check for something better.
862 1.1 cgd */
863 1.22 thorpej if (new->rts_metric > rts->rts_metric)
864 1.17 thorpej rtswitch(rt, 0);
865 1.17 thorpej return;
866 1.17 thorpej }
867 1.17 thorpej
868 1.17 thorpej /* This is an update for a spare route.
869 1.17 thorpej * Finished if the route is unchanged.
870 1.17 thorpej */
871 1.22 thorpej if (rts->rts_gate == new->rts_gate
872 1.22 thorpej && rts->rts_metric == new->rts_metric
873 1.22 thorpej && rts->rts_tag == new->rts_tag) {
874 1.22 thorpej trace_upslot(rt, rts, new);
875 1.22 thorpej *rts = *new;
876 1.17 thorpej return;
877 1.22 thorpej }
878 1.22 thorpej /* Forget it if it has gone bad.
879 1.22 thorpej */
880 1.22 thorpej if (new->rts_metric == HOPCNT_INFINITY) {
881 1.19 christos rts_delete(rt, rts);
882 1.19 christos return;
883 1.1 cgd }
884 1.17 thorpej
885 1.17 thorpej } else {
886 1.17 thorpej /* The update is for a route we know about,
887 1.17 thorpej * but not from a familiar router.
888 1.18 christos *
889 1.18 christos * Ignore the route if it points to us.
890 1.17 thorpej */
891 1.18 christos if (n->n_nhop != 0
892 1.18 christos && 0 != ifwithaddr(n->n_nhop, 1, 0))
893 1.18 christos return;
894 1.18 christos
895 1.22 thorpej /* the loop above set rts0=worst spare */
896 1.17 thorpej rts = rts0;
897 1.17 thorpej
898 1.17 thorpej /* Save the route as a spare only if it has
899 1.17 thorpej * a better metric than our worst spare.
900 1.17 thorpej * This also ignores poisoned routes (those
901 1.17 thorpej * received with metric HOPCNT_INFINITY).
902 1.17 thorpej */
903 1.22 thorpej if (new->rts_metric >= rts->rts_metric)
904 1.17 thorpej return;
905 1.1 cgd }
906 1.17 thorpej
907 1.22 thorpej trace_upslot(rt, rts, new);
908 1.22 thorpej *rts = *new;
909 1.17 thorpej
910 1.17 thorpej /* try to switch to a better route */
911 1.17 thorpej rtswitch(rt, rts);
912 1.19 christos }
913 1.19 christos
914 1.19 christos
915 1.19 christos static int /* 0 if bad */
916 1.19 christos ck_passwd(struct interface *aifp,
917 1.19 christos struct rip *rip,
918 1.19 christos void *lim,
919 1.19 christos naddr from,
920 1.19 christos struct msg_limit *use_authp)
921 1.19 christos {
922 1.19 christos # define NA (rip->rip_auths)
923 1.19 christos struct netauth *na2;
924 1.19 christos struct auth *ap;
925 1.19 christos MD5_CTX md5_ctx;
926 1.19 christos u_char hash[RIP_AUTH_PW_LEN];
927 1.19 christos int i;
928 1.19 christos
929 1.19 christos
930 1.19 christos if ((void *)NA >= lim || NA->a_family != RIP_AF_AUTH) {
931 1.19 christos msglim(use_authp, from, "missing password from %s",
932 1.19 christos naddr_ntoa(from));
933 1.19 christos return 0;
934 1.19 christos }
935 1.19 christos
936 1.19 christos /* accept any current (+/- 24 hours) password
937 1.19 christos */
938 1.19 christos for (ap = aifp->int_auth, i = 0; i < MAX_AUTH_KEYS; i++, ap++) {
939 1.19 christos if (ap->type != NA->a_type
940 1.19 christos || (u_long)ap->start > (u_long)clk.tv_sec+DAY
941 1.19 christos || (u_long)ap->end+DAY < (u_long)clk.tv_sec)
942 1.19 christos continue;
943 1.19 christos
944 1.19 christos if (NA->a_type == RIP_AUTH_PW) {
945 1.21 lukem if (!memcmp(ap->key, NA->au.au_pw, RIP_AUTH_PW_LEN))
946 1.19 christos return 1;
947 1.19 christos
948 1.19 christos } else {
949 1.19 christos /* accept MD5 secret with the right key ID
950 1.19 christos */
951 1.19 christos if (NA->au.a_md5.md5_keyid != ap->keyid)
952 1.19 christos continue;
953 1.19 christos
954 1.19 christos na2 = (struct netauth *)((char *)(NA+1)
955 1.19 christos + NA->au.a_md5.md5_pkt_len);
956 1.19 christos if (NA->au.a_md5.md5_pkt_len % sizeof(*NA) != 0
957 1.19 christos || lim < (void *)(na2+1)) {
958 1.19 christos msglim(use_authp, from,
959 1.19 christos "bad MD5 RIP-II pkt length %d from %s",
960 1.19 christos NA->au.a_md5.md5_pkt_len,
961 1.19 christos naddr_ntoa(from));
962 1.19 christos return 0;
963 1.19 christos }
964 1.19 christos MD5Init(&md5_ctx);
965 1.19 christos MD5Update(&md5_ctx, (u_char *)NA,
966 1.19 christos (char *)na2->au.au_pw - (char *)NA);
967 1.19 christos MD5Update(&md5_ctx,
968 1.19 christos (u_char *)ap->key, sizeof(ap->key));
969 1.19 christos MD5Final(hash, &md5_ctx);
970 1.19 christos if (na2->a_family != RIP_AF_AUTH
971 1.19 christos || na2->a_type != 1
972 1.19 christos || NA->au.a_md5.md5_auth_len != RIP_AUTH_PW_LEN
973 1.21 lukem || memcmp(hash, na2->au.au_pw, sizeof(hash)))
974 1.19 christos return 0;
975 1.19 christos return 1;
976 1.19 christos }
977 1.19 christos }
978 1.19 christos
979 1.19 christos msglim(use_authp, from, "bad password from %s",
980 1.19 christos naddr_ntoa(from));
981 1.19 christos return 0;
982 1.19 christos #undef NA
983 1.1 cgd }
984