Module Name: src Committed By: kefren Date: Mon Jan 28 21:35:35 UTC 2013
Modified Files: src/usr.sbin/ldpd: ldp_errors.h ldp_peer.c pdu.c socketops.c Log Message: Be a little more strict when sending notifications and checking PDU To generate a diff of this commit: cvs rdiff -u -r1.4 -r1.5 src/usr.sbin/ldpd/ldp_errors.h cvs rdiff -u -r1.7 -r1.8 src/usr.sbin/ldpd/ldp_peer.c cvs rdiff -u -r1.2 -r1.3 src/usr.sbin/ldpd/pdu.c cvs rdiff -u -r1.22 -r1.23 src/usr.sbin/ldpd/socketops.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Modified files: Index: src/usr.sbin/ldpd/ldp_errors.h diff -u src/usr.sbin/ldpd/ldp_errors.h:1.4 src/usr.sbin/ldpd/ldp_errors.h:1.5 --- src/usr.sbin/ldpd/ldp_errors.h:1.4 Sat Jan 26 17:29:55 2013 +++ src/usr.sbin/ldpd/ldp_errors.h Mon Jan 28 21:35:34 2013 @@ -1,4 +1,4 @@ -/* $NetBSD: ldp_errors.h,v 1.4 2013/01/26 17:29:55 kefren Exp $ */ +/* $NetBSD: ldp_errors.h,v 1.5 2013/01/28 21:35:34 kefren Exp $ */ /* * Copyright (c) 2010 The NetBSD Foundation, Inc. @@ -48,6 +48,7 @@ #define LDP_E_TOO_MANY_LABELS 13 #define LDP_E_INVAL 14 #define LDP_E_TOO_MANY_FDS 15 +#define LDP_E_BAD_ID 16 #define LDP_E_GENERIC 255 void printtime(void); Index: src/usr.sbin/ldpd/ldp_peer.c diff -u src/usr.sbin/ldpd/ldp_peer.c:1.7 src/usr.sbin/ldpd/ldp_peer.c:1.8 --- src/usr.sbin/ldpd/ldp_peer.c:1.7 Mon Jan 28 21:08:14 2013 +++ src/usr.sbin/ldpd/ldp_peer.c Mon Jan 28 21:35:34 2013 @@ -1,4 +1,4 @@ -/* $NetBSD: ldp_peer.c,v 1.7 2013/01/28 21:08:14 kefren Exp $ */ +/* $NetBSD: ldp_peer.c,v 1.8 2013/01/28 21:35:34 kefren Exp $ */ /* * Copyright (c) 2010 The NetBSD Foundation, Inc. @@ -193,7 +193,8 @@ ldp_peer_holddown_all() SLIST_FOREACH(p, &ldp_peer_head, peers) { if ((p->state == LDP_PEER_ESTABLISHED) || (p->state == LDP_PEER_CONNECTED)) - send_notification(p, get_message_id(), NOTIF_SHUTDOWN); + send_notification(p, get_message_id(), + NOTIF_FATAL | NOTIF_SHUTDOWN); ldp_peer_holddown(p); } } Index: src/usr.sbin/ldpd/pdu.c diff -u src/usr.sbin/ldpd/pdu.c:1.2 src/usr.sbin/ldpd/pdu.c:1.3 --- src/usr.sbin/ldpd/pdu.c:1.2 Sat Jan 26 17:29:55 2013 +++ src/usr.sbin/ldpd/pdu.c Mon Jan 28 21:35:35 2013 @@ -1,4 +1,4 @@ -/* $NetBSD: pdu.c,v 1.2 2013/01/26 17:29:55 kefren Exp $ */ +/* $NetBSD: pdu.c,v 1.3 2013/01/28 21:35:35 kefren Exp $ */ /*- * Copyright (c) 2010 The NetBSD Foundation, Inc. @@ -66,12 +66,22 @@ check_recv_pdu(struct ldp_peer * p, stru if (c < MIN_PDU_SIZE) return LDP_E_BAD_LENGTH; + if (p->ldp_id.s_addr != rpdu->ldp_id.s_addr) { + fatalp("Invalid LDP ID received from %s\n", + inet_ntoa(p->ldp_id)); + notiftlv = build_notification(0, + NOTIF_FATAL | NOTIF_BAD_LDP_ID); + send_tlv(p, (struct tlv *) notiftlv); + free(notiftlv); + return LDP_E_BAD_ID; + } /* Check PDU for right LDP version */ if (ntohs(rpdu->version) != LDP_VERSION) { fatalp("Invalid PDU version received from %s (%d)\n", satos(p->address), ntohs(rpdu->version)); - notiftlv = build_notification(0, NOTIF_BAD_LDP_VER); + notiftlv = build_notification(0, + NOTIF_FATAL | NOTIF_BAD_LDP_VER); send_tlv(p, (struct tlv *) notiftlv); free(notiftlv); return LDP_E_BAD_VERSION; @@ -81,7 +91,8 @@ check_recv_pdu(struct ldp_peer * p, stru fatalp("Invalid PDU length received from %s (announced %d, " "received %d)\n", satos(p->address), ntohs(rpdu->length), (int) (c - PDU_VER_LENGTH)); - notiftlv = build_notification(0, NOTIF_BAD_PDU_LEN); + notiftlv = build_notification(0, + NOTIF_FATAL | NOTIF_BAD_PDU_LEN); send_tlv(p, (struct tlv *) notiftlv); free(notiftlv); return LDP_E_BAD_LENGTH; Index: src/usr.sbin/ldpd/socketops.c diff -u src/usr.sbin/ldpd/socketops.c:1.22 src/usr.sbin/ldpd/socketops.c:1.23 --- src/usr.sbin/ldpd/socketops.c:1.22 Mon Jan 28 20:32:04 2013 +++ src/usr.sbin/ldpd/socketops.c Mon Jan 28 21:35:35 2013 @@ -1,4 +1,4 @@ -/* $NetBSD: socketops.c,v 1.22 2013/01/28 20:32:04 kefren Exp $ */ +/* $NetBSD: socketops.c,v 1.23 2013/01/28 21:35:35 kefren Exp $ */ /* * Copyright (c) 2010 The NetBSD Foundation, Inc. @@ -734,7 +734,7 @@ send_hello_alarm(int unused) case LDP_PEER_ESTABLISHED: case LDP_PEER_CONNECTED: send_notification(p, 0, - NOTIF_KEEP_ALIVE_TIMER_EXPIRED); + NOTIF_FATAL|NOTIF_KEEP_ALIVE_TIMER_EXPIRED); warnp("Keepalive expired for %s\n", inet_ntoa(p->ldp_id)); ldp_peer_holddown(p);