Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
B
babeld
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
nexedi
babeld
Commits
a1afd51b
Commit
a1afd51b
authored
Jun 24, 2019
by
Etienne MARAIS
Committed by
Juliusz Chroboczek
May 20, 2021
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Add no_hmac_verify flag.
Flag to allow empty or wrong hmac in the packet trailer.
parent
b4e28f27
Changes
5
Show whitespace changes
Inline
Side-by-side
Showing
5 changed files
with
19 additions
and
4 deletions
+19
-4
babeld.man
babeld.man
+5
-0
configuration.c
configuration.c
+7
-0
interface.c
interface.c
+2
-1
interface.h
interface.h
+3
-0
message.c
message.c
+2
-3
No files found.
babeld.man
View file @
a1afd51b
...
...
@@ -404,6 +404,11 @@ otherwise.
Send multiple copies of TLVs other than Hellos to all neighbours rather
than sending a single multicast packet. The default is false.
.TP
.BR no_hmac_verify " {" true | false }
Do not check packet signatures, accept unsigned or incorrectly signed packets
even if one or more keys are configured on the interface. The default is
.BR false .
.TP
.BR rfc6126\-compatible " {" true | false }
Disable some features that are incompatible with RFC 6126 (the older
version of the Babel protocol), such as source-specific routing and RTT
...
...
configuration.c
View file @
a1afd51b
...
...
@@ -606,6 +606,12 @@ parse_anonymous_ifconf(int c, gnc_t gnc, void *closure,
if
(
c
<
-
1
)
goto
error
;
if_conf
->
unicast
=
v
;
}
else
if
(
strcmp
(
token
,
"no_hmac_verify"
)
==
0
)
{
int
v
;
c
=
getbool
(
c
,
&
v
,
gnc
,
closure
);
if
(
c
<
-
1
)
goto
error
;
if_conf
->
no_hmac_verify
=
v
;
}
else
if
(
strcmp
(
token
,
"link-quality"
)
==
0
)
{
int
v
;
c
=
getbool
(
c
,
&
v
,
gnc
,
closure
);
...
...
@@ -831,6 +837,7 @@ merge_ifconf(struct interface_conf *dest,
MERGE
(
lq
);
MERGE
(
faraway
);
MERGE
(
unicast
);
MERGE
(
no_hmac_verify
);
MERGE
(
channel
);
MERGE
(
enable_timestamps
);
MERGE
(
rfc6126
);
...
...
interface.c
View file @
a1afd51b
...
...
@@ -397,7 +397,8 @@ interface_updown(struct interface *ifp, int up)
if
(
IF_CONF
(
ifp
,
unicast
)
==
CONFIG_YES
)
ifp
->
flags
|=
IF_UNICAST
;
if
(
IF_CONF
(
ifp
,
no_hmac_verify
)
==
CONFIG_YES
)
ifp
->
flags
|=
IF_NO_HMAC_VERIFY
;
if
(
IF_CONF
(
ifp
,
hello_interval
)
>
0
)
ifp
->
hello_interval
=
IF_CONF
(
ifp
,
hello_interval
);
else
if
(
type
==
IF_TYPE_WIRELESS
)
...
...
interface.h
View file @
a1afd51b
...
...
@@ -55,6 +55,7 @@ struct interface_conf {
char
unicast
;
char
enable_timestamps
;
char
rfc6126
;
char
no_hmac_verify
;
int
channel
;
unsigned
int
rtt_decay
;
unsigned
int
rtt_min
;
...
...
@@ -84,6 +85,8 @@ struct interface_conf {
#define IF_TIMESTAMPS (1 << 6)
/* Remain compatible with RFC 6126. */
#define IF_RFC6126 (1 << 7)
/* Packets with a wrong or empty packet trailer are accepted */
#define IF_NO_HMAC_VERIFY (1 << 8)
/* Use Babel over DTLS on this interface. */
#define IF_DTLS (1 << 9)
...
...
message.c
View file @
a1afd51b
...
...
@@ -593,9 +593,8 @@ parse_packet(const unsigned char *from, struct interface *ifp,
return
;
}
if
(
ifp
->
key
!=
NULL
)
{
if
(
check_hmac
(
packet
,
packetlen
,
bodylen
,
neigh
->
address
,
to
)
!=
1
)
{
if
(
ifp
->
key
!=
NULL
&&
!
(
ifp
->
flags
&
IF_NO_HMAC_VERIFY
))
{
if
(
check_hmac
(
packet
,
packetlen
,
bodylen
,
neigh
->
address
,
to
)
!=
1
)
{
fprintf
(
stderr
,
"Received wrong hmac.
\n
"
);
return
;
}
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment