mirror of
https://git.FreeBSD.org/src.git
synced 2025-01-08 13:28:05 +00:00
Fix a bug which could make routed(8) daemon exit by sending a special RIP
query from a remote machine, and disable accepting it by default. This requests a routed(8) daemon to dump routing information base for debugging purpose. An -i flag to enable it has been added.
This commit is contained in:
parent
89c58b73e0
commit
b9f70ced25
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/head/; revision=271919
@ -462,6 +462,7 @@ extern int ridhosts; /* 1=reduce host routes */
|
|||||||
extern int mhome; /* 1=want multi-homed host route */
|
extern int mhome; /* 1=want multi-homed host route */
|
||||||
extern int advertise_mhome; /* 1=must continue advertising it */
|
extern int advertise_mhome; /* 1=must continue advertising it */
|
||||||
extern int auth_ok; /* 1=ignore auth if we do not care */
|
extern int auth_ok; /* 1=ignore auth if we do not care */
|
||||||
|
extern int insecure; /* Reply to special queries or not */
|
||||||
|
|
||||||
extern struct timeval clk; /* system clock's idea of time */
|
extern struct timeval clk; /* system clock's idea of time */
|
||||||
extern struct timeval epoch; /* system clock when started */
|
extern struct timeval epoch; /* system clock when started */
|
||||||
|
@ -289,8 +289,19 @@ input(struct sockaddr_in *from, /* received from this IP address */
|
|||||||
* with all we know.
|
* with all we know.
|
||||||
*/
|
*/
|
||||||
if (from->sin_port != htons(RIP_PORT)) {
|
if (from->sin_port != htons(RIP_PORT)) {
|
||||||
|
/*
|
||||||
|
* insecure: query from non-router node
|
||||||
|
* > 1: allow from distant node
|
||||||
|
* > 0: allow from neighbor node
|
||||||
|
* == 0: deny
|
||||||
|
*/
|
||||||
|
if ((aifp != NULL && insecure > 0) ||
|
||||||
|
(aifp == NULL && insecure > 1))
|
||||||
supply(from, aifp, OUT_QUERY, 0,
|
supply(from, aifp, OUT_QUERY, 0,
|
||||||
rip->rip_vers, ap != 0);
|
rip->rip_vers, ap != 0);
|
||||||
|
else
|
||||||
|
trace_pkt("Warning: "
|
||||||
|
"possible attack detected");
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -68,6 +68,7 @@ int ridhosts; /* 1=reduce host routes */
|
|||||||
int mhome; /* 1=want multi-homed host route */
|
int mhome; /* 1=want multi-homed host route */
|
||||||
int advertise_mhome; /* 1=must continue advertising it */
|
int advertise_mhome; /* 1=must continue advertising it */
|
||||||
int auth_ok = 1; /* 1=ignore auth if we do not care */
|
int auth_ok = 1; /* 1=ignore auth if we do not care */
|
||||||
|
int insecure; /* Reply to special queries or not */
|
||||||
|
|
||||||
struct timeval epoch; /* when started */
|
struct timeval epoch; /* when started */
|
||||||
struct timeval clk;
|
struct timeval clk;
|
||||||
@ -136,8 +137,11 @@ main(int argc,
|
|||||||
(void)gethostname(myname, sizeof(myname)-1);
|
(void)gethostname(myname, sizeof(myname)-1);
|
||||||
(void)gethost(myname, &myaddr);
|
(void)gethost(myname, &myaddr);
|
||||||
|
|
||||||
while ((n = getopt(argc, argv, "sqdghmAtvT:F:P:")) != -1) {
|
while ((n = getopt(argc, argv, "isqdghmAtvT:F:P:")) != -1) {
|
||||||
switch (n) {
|
switch (n) {
|
||||||
|
case 'i':
|
||||||
|
insecure++;
|
||||||
|
break;
|
||||||
case 's':
|
case 's':
|
||||||
supplier = 1;
|
supplier = 1;
|
||||||
supplier_set = 1;
|
supplier_set = 1;
|
||||||
|
@ -673,8 +673,6 @@ supply(struct sockaddr_in *dst,
|
|||||||
struct rt_entry *rt;
|
struct rt_entry *rt;
|
||||||
int def_metric;
|
int def_metric;
|
||||||
|
|
||||||
assert(ifp != NULL);
|
|
||||||
|
|
||||||
ws.state = 0;
|
ws.state = 0;
|
||||||
ws.gen_limit = 1024;
|
ws.gen_limit = 1024;
|
||||||
|
|
||||||
|
@ -30,7 +30,7 @@
|
|||||||
.\" @(#)routed.8 8.2 (Berkeley) 12/11/93
|
.\" @(#)routed.8 8.2 (Berkeley) 12/11/93
|
||||||
.\" $FreeBSD$
|
.\" $FreeBSD$
|
||||||
.\"
|
.\"
|
||||||
.Dd June 1, 1996
|
.Dd August 26, 2014
|
||||||
.Dt ROUTED 8
|
.Dt ROUTED 8
|
||||||
.Os
|
.Os
|
||||||
.Sh NAME
|
.Sh NAME
|
||||||
@ -39,7 +39,7 @@
|
|||||||
.Nd network RIP and router discovery routing daemon
|
.Nd network RIP and router discovery routing daemon
|
||||||
.Sh SYNOPSIS
|
.Sh SYNOPSIS
|
||||||
.Nm
|
.Nm
|
||||||
.Op Fl sqdghmpAtv
|
.Op Fl isqdghmpAtv
|
||||||
.Op Fl T Ar tracefile
|
.Op Fl T Ar tracefile
|
||||||
.Oo
|
.Oo
|
||||||
.Fl F
|
.Fl F
|
||||||
@ -250,6 +250,20 @@ to infer the netmask used by the remote system when RIPv1 is used.
|
|||||||
.Pp
|
.Pp
|
||||||
The following options are available:
|
The following options are available:
|
||||||
.Bl -tag -width indent
|
.Bl -tag -width indent
|
||||||
|
.It Fl i
|
||||||
|
allow
|
||||||
|
.Nm
|
||||||
|
to accept a RIP request from non-router node.
|
||||||
|
When specified once,
|
||||||
|
.Nm
|
||||||
|
replies to a route information query from neighbor nodes.
|
||||||
|
When specified twice,
|
||||||
|
it replies to a query from remote nodes in addition.
|
||||||
|
.Xr rtquery 8
|
||||||
|
utility can be used to send a request.
|
||||||
|
.Pp
|
||||||
|
This feature is disabled by default because of a risk of reflection attack
|
||||||
|
though it useful for debugging purpose,
|
||||||
.It Fl s
|
.It Fl s
|
||||||
force
|
force
|
||||||
.Nm
|
.Nm
|
||||||
|
Loading…
Reference in New Issue
Block a user