proto/rip/auth.c

/*
 *	Rest in pieces - RIP protocol
 *
 *	Copyright (c) 1999 Pavel Machek <pavel@ucw.cz>
 *	Copyright (c) 2004 Ondrej Filip <feela@network.cz>
 *
 *	Bug fixes by Eric Leblond <eleblond@init-sys.com>, April 2003
 * 
 *	Can be freely distributed and used under the terms of the GNU GPL.
 */

#undef LOCAL_DEBUG

#include "nest/bird.h"
#include "nest/iface.h"
#include "nest/protocol.h"
#include "nest/route.h"
#include "lib/socket.h"
#include "lib/resource.h"
#include "lib/lists.h"
#include "lib/timer.h"
#include "lib/md5.h"
#include "lib/string.h"

#include "rip.h"

#define P ((struct rip_proto *) p)
#define P_CF ((struct rip_proto_config *)p->cf)

#define PACKETLEN(num) (num * sizeof(struct rip_block) + sizeof(struct rip_packet_heading))

/*
 * rip_incoming_authentication - check authentication of incomming packet and return 1 if there's problem.
 */
int
rip_incoming_authentication( struct proto *p, struct rip_block_auth *block, struct rip_packet *packet, int num, ip_addr whotoldme )
{
  DBG( "Incoming authentication: " );
  switch (ntohs(block->authtype)) {	/* Authentication type */
  case AT_PLAINTEXT: 
    {
      struct password_item *passwd = password_find(P_CF->passwords, 1);
      DBG( "Plaintext passwd" );
      if (!passwd) {
	log( L_AUTH "No passwords set and password authentication came" );
	return 1;
      }
      if (strncmp( (char *) (&block->packetlen), passwd->password, 16)) {
	log( L_AUTH "Passwd authentication failed!" );
	DBG( "Expected %s, got %.16s\n", passwd->password, &block->packetlen );
	return 1;
      }
    }
    break;
  case AT_MD5:
    DBG( "md5 password" );
    {
      struct password_item *pass = NULL, *ptmp;
      struct rip_md5_tail *tail;
      struct MD5Context ctxt;
      char md5sum_packet[16];
      char md5sum_computed[16];
      struct neighbor *neigh = neigh_find(p, &whotoldme, 0);
      list *l = P_CF->passwords;

      if (ntohs(block->packetlen) != PACKETLEN(num) - sizeof(struct rip_md5_tail) ) {
	log( L_ERR "Packet length in MD5 does not match computed value" );
	return 1;
      }

      tail = (struct rip_md5_tail *) ((char *) packet + (ntohs(block->packetlen) ));
      if ((tail->mustbeFFFF != 0xffff) || (tail->mustbe0001 != 0x0100)) {
	log( L_ERR "MD5 tail signature is not there" );
	return 1;
      }

      WALK_LIST(ptmp, *l)
      {
        if (block->keyid != ptmp->id) continue;
        if ((ptmp->genfrom > now_real) || (ptmp->gento < now_real)) continue;
        pass = ptmp;
        break;
      }

      if(!pass) return 1;

      if (!neigh) {
        log( L_AUTH "Non-neighbour MD5 checksummed packet?" );
      } else {
	if (neigh->aux > block->seq) {
	  log( L_AUTH "MD5 protected packet with lower numbers" );
	  return 1;
        }
	neigh->aux = block->seq;
      }

      memcpy(md5sum_packet, tail->md5, 16);
      password_cpy(tail->md5, pass->password, 16);

      MD5Init(&ctxt);
      MD5Update(&ctxt, (char *) packet, ntohs(block->packetlen) +  sizeof(struct rip_block_auth) );
      MD5Final(md5sum_computed, &ctxt);
      if (memcmp(md5sum_packet, md5sum_computed, 16))
        return 1;
    }
  }
    
  return 0;
}

/*
 * rip_outgoing_authentication - append authentication information to the packet.
 * %num: number of rip_blocks already in packets. This function returns size of packet to send.
 */
int
rip_outgoing_authentication( struct proto *p, struct rip_block_auth *block, struct rip_packet *packet, int num )
{
  struct password_item *passwd = password_find(P_CF->passwords, 1);

  if (!P_CF->authtype)
    return PACKETLEN(num);

  DBG( "Outgoing authentication: " );

  if (!passwd) {
    log( L_ERR "No suitable password found for authentication" );
    return PACKETLEN(num);
  }

  block->authtype = htons(P_CF->authtype);
  block->mustbeFFFF = 0xffff;
  switch (P_CF->authtype) {
  case AT_PLAINTEXT:
    password_cpy( (char *) (&block->packetlen), passwd->password, 16);
    return PACKETLEN(num);
  case AT_MD5:
    {
      struct rip_md5_tail *tail;
      struct MD5Context ctxt;
      static u32 sequence = 0;

      if (num > PACKET_MD5_MAX)
	bug(  "We can not add MD5 authentication to this long packet" );

      /* need to preset the sequence number to a sane value */
      if (!sequence)
	sequence = (u32) time(NULL);

      block->keyid = passwd->id;
      block->authlen = sizeof(struct rip_block_auth);
      block->seq = sequence++;
      block->zero0 = 0;
      block->zero1 = 0;
      block->packetlen = htons(PACKETLEN(num));
      tail = (struct rip_md5_tail *) ((char *) packet + PACKETLEN(num) );
      tail->mustbeFFFF = 0xffff;
      tail->mustbe0001 = 0x0100;

      password_cpy(tail->md5, passwd->password, 16);
      MD5Init(&ctxt);
      MD5Update(&ctxt, (char *) packet, PACKETLEN(num) + sizeof(struct  rip_md5_tail));
      MD5Final(tail->md5, &ctxt);
      return PACKETLEN(num) + block->authlen;
    }
  default:
    bug( "Unknown authtype in outgoing authentication?" );
  }
}
Mensi updaty do ripu. Pridana passwd autentikace (netestovano). 1999-05-11 09:53:45 +00:00			`/*`
			`* Rest in pieces - RIP protocol`
			`*`
			`* Copyright (c) 1999 Pavel Machek <pavel@ucw.cz>`
Password management redesigned (untested). 2004-06-26 20:11:14 +00:00			`* Copyright (c) 2004 Ondrej Filip <feela@network.cz>`
Mensi updaty do ripu. Pridana passwd autentikace (netestovano). 1999-05-11 09:53:45 +00:00			`*`
Bug fixes to authentication code by Eric Leblond <eleblond@init-sys.com>. 2003-04-06 18:38:01 +00:00			`* Bug fixes by Eric Leblond <eleblond@init-sys.com>, April 2003`
			`*`
Mensi updaty do ripu. Pridana passwd autentikace (netestovano). 1999-05-11 09:53:45 +00:00			`* Can be freely distributed and used under the terms of the GNU GPL.`
			`*/`

Bug fixes to authentication code by Eric Leblond <eleblond@init-sys.com>. 2003-04-06 18:38:01 +00:00			`#undef LOCAL_DEBUG`
Mensi updaty do ripu. Pridana passwd autentikace (netestovano). 1999-05-11 09:53:45 +00:00
			`#include "nest/bird.h"`
			`#include "nest/iface.h"`
			`#include "nest/protocol.h"`
			`#include "nest/route.h"`
			`#include "lib/socket.h"`
			`#include "lib/resource.h"`
			`#include "lib/lists.h"`
			`#include "lib/timer.h"`
Incoming side of authentication done but untested. Right handling of filters in rip. 1999-05-31 19:16:22 +00:00			`#include "lib/md5.h"`
Include "lib/string.h" instead of <string.h>. It should give us bzero() and other non-portable functions on all systems. 2000-03-31 23:30:21 +00:00			`#include "lib/string.h"`
Mensi updaty do ripu. Pridana passwd autentikace (netestovano). 1999-05-11 09:53:45 +00:00
			`#include "rip.h"`

			`#define P ((struct rip_proto *) p)`
			`#define P_CF ((struct rip_proto_config *)p->cf)`

Few FIXME's removed from auth, few FIXME's added to filter. 1999-08-20 09:59:39 +00:00			`#define PACKETLEN(num) (num * sizeof(struct rip_block) + sizeof(struct rip_packet_heading))`

Better documentation. There are functions whose description is good when reading source but whose documentation does not belong to progdocs. 2000-06-05 17:13:36 +00:00			`/*`
Updates to both programmers and users doc 2000-06-05 12:52:57 +00:00			`* rip_incoming_authentication - check authentication of incomming packet and return 1 if there's problem.`
			`*/`
Mensi updaty do ripu. Pridana passwd autentikace (netestovano). 1999-05-11 09:53:45 +00:00			`int`
Actually check sequence numbers. 1999-12-01 12:52:57 +00:00			`rip_incoming_authentication( struct proto p, struct rip_block_auth block, struct rip_packet *packet, int num, ip_addr whotoldme )`
Mensi updaty do ripu. Pridana passwd autentikace (netestovano). 1999-05-11 09:53:45 +00:00			`{`
			`DBG( "Incoming authentication: " );`
Bug fixes to authentication code by Eric Leblond <eleblond@init-sys.com>. 2003-04-06 18:38:01 +00:00			`switch (ntohs(block->authtype)) { /* Authentication type */`
Bugfixes: select right password for password authentication, do not try to process authentication blocks as datablocks, make it possible to add data at end of packet. Password authentication should actually work. 1999-11-25 14:54:08 +00:00			`case AT_PLAINTEXT:`
			`{`
Fix bugs in OSPF MD5 authentication. First bug is that default values for MD5 password ID changed during reconfigure, Second bug is that BIRD chooses password in first-fit manner, but RFC says that it should use the one with the latest generate-from. It also modifies the syntax for multiple passwords. Now it is possible to just add more 'password' statements to the interface section and it is not needed to use 'passwords' section. Old syntax can be used too. 2008-11-08 17:24:23 +01:00			`struct password_item *passwd = password_find(P_CF->passwords, 1);`
Bugfixes: select right password for password authentication, do not try to process authentication blocks as datablocks, make it possible to add data at end of packet. Password authentication should actually work. 1999-11-25 14:54:08 +00:00			`DBG( "Plaintext passwd" );`
			`if (!passwd) {`
Removed lots of trailing newlines in log messages. Please note that the only calls which don't add newlines automatically (i.e., don't print a full line of output) are debug() and DBG(). 2000-06-04 19:56:06 +00:00			`log( L_AUTH "No passwords set and password authentication came" );`
Bugfixes: select right password for password authentication, do not try to process authentication blocks as datablocks, make it possible to add data at end of packet. Password authentication should actually work. 1999-11-25 14:54:08 +00:00			`return 1;`
			`}`
			`if (strncmp( (char *) (&block->packetlen), passwd->password, 16)) {`
Removed lots of trailing newlines in log messages. Please note that the only calls which don't add newlines automatically (i.e., don't print a full line of output) are debug() and DBG(). 2000-06-04 19:56:06 +00:00			`log( L_AUTH "Passwd authentication failed!" );`
Password does not need to be null-terminated, do not print garbage in such case. Thanks to silvio@big.net. 2002-09-21 13:57:48 +00:00			`DBG( "Expected %s, got %.16s\n", passwd->password, &block->packetlen );`
Bugfixes: select right password for password authentication, do not try to process authentication blocks as datablocks, make it possible to add data at end of packet. Password authentication should actually work. 1999-11-25 14:54:08 +00:00			`return 1;`
			`}`
Mensi updaty do ripu. Pridana passwd autentikace (netestovano). 1999-05-11 09:53:45 +00:00			`}`
Password management redesigned (untested). 2004-06-26 20:11:14 +00:00			`break;`
Modified rip to new password handling in nest. Now it at least compiles. 1999-05-31 17:12:38 +00:00			`case AT_MD5:`
			`DBG( "md5 password" );`
			`{`
Password management redesigned (untested). 2004-06-26 20:11:14 +00:00			`struct password_item pass = NULL, ptmp;`
Incoming side of authentication done but untested. Right handling of filters in rip. 1999-05-31 19:16:22 +00:00			`struct rip_md5_tail *tail;`
Password management redesigned (untested). 2004-06-26 20:11:14 +00:00			`struct MD5Context ctxt;`
			`char md5sum_packet[16];`
			`char md5sum_computed[16];`
			`struct neighbor *neigh = neigh_find(p, &whotoldme, 0);`
			`list *l = P_CF->passwords;`

Bug fixes to authentication code by Eric Leblond <eleblond@init-sys.com>. 2003-04-06 18:38:01 +00:00			`if (ntohs(block->packetlen) != PACKETLEN(num) - sizeof(struct rip_md5_tail) ) {`
Removed lots of trailing newlines in log messages. Please note that the only calls which don't add newlines automatically (i.e., don't print a full line of output) are debug() and DBG(). 2000-06-04 19:56:06 +00:00			`log( L_ERR "Packet length in MD5 does not match computed value" );`
Few FIXME's removed from auth, few FIXME's added to filter. 1999-08-20 09:59:39 +00:00			`return 1;`
			`}`
Few fixme's fixed in rip (will not crash any more on request for sending routing table - hopefully). Next few steps in md5 authentication (not yet complete). 1999-08-18 13:19:33 +00:00
Bug fixes to authentication code by Eric Leblond <eleblond@init-sys.com>. 2003-04-06 18:38:01 +00:00			`tail = (struct rip_md5_tail ) ((char ) packet + (ntohs(block->packetlen) ));`
			`if ((tail->mustbeFFFF != 0xffff) \|\| (tail->mustbe0001 != 0x0100)) {`
Removed lots of trailing newlines in log messages. Please note that the only calls which don't add newlines automatically (i.e., don't print a full line of output) are debug() and DBG(). 2000-06-04 19:56:06 +00:00			`log( L_ERR "MD5 tail signature is not there" );`
Bugfixes: select right password for password authentication, do not try to process authentication blocks as datablocks, make it possible to add data at end of packet. Password authentication should actually work. 1999-11-25 14:54:08 +00:00			`return 1;`
			`}`
Incoming side of authentication done but untested. Right handling of filters in rip. 1999-05-31 19:16:22 +00:00
Password management redesigned (untested). 2004-06-26 20:11:14 +00:00			`WALK_LIST(ptmp, *l)`
			`{`
Bugfix. 2004-09-08 16:04:02 +00:00			`if (block->keyid != ptmp->id) continue;`
Fix problem with local time changes. 2008-11-05 22:36:49 +01:00			`if ((ptmp->genfrom > now_real) \|\| (ptmp->gento < now_real)) continue;`
Password management redesigned (untested). 2004-06-26 20:11:14 +00:00			`pass = ptmp;`
			`break;`
			`}`

			`if(!pass) return 1;`

			`if (!neigh) {`
			`log( L_AUTH "Non-neighbour MD5 checksummed packet?" );`
			`} else {`
			`if (neigh->aux > block->seq) {`
			`log( L_AUTH "MD5 protected packet with lower numbers" );`
			`return 1;`
			`}`
			`neigh->aux = block->seq;`
Modified rip to new password handling in nest. Now it at least compiles. 1999-05-31 17:12:38 +00:00			`}`
Password management redesigned (untested). 2004-06-26 20:11:14 +00:00
			`memcpy(md5sum_packet, tail->md5, 16);`
			`password_cpy(tail->md5, pass->password, 16);`

			`MD5Init(&ctxt);`
			`MD5Update(&ctxt, (char *) packet, ntohs(block->packetlen) + sizeof(struct rip_block_auth) );`
			`MD5Final(md5sum_computed, &ctxt);`
			`if (memcmp(md5sum_packet, md5sum_computed, 16))`
			`return 1;`
Modified rip to new password handling in nest. Now it at least compiles. 1999-05-31 17:12:38 +00:00			`}`
Mensi updaty do ripu. Pridana passwd autentikace (netestovano). 1999-05-11 09:53:45 +00:00			`}`

			`return 0;`
			`}`

Better documentation. There are functions whose description is good when reading source but whose documentation does not belong to progdocs. 2000-06-05 17:13:36 +00:00			`/*`
Updates to both programmers and users doc 2000-06-05 12:52:57 +00:00			`* rip_outgoing_authentication - append authentication information to the packet.`
			`* %num: number of rip_blocks already in packets. This function returns size of packet to send.`
			`*/`
Bugfixes: select right password for password authentication, do not try to process authentication blocks as datablocks, make it possible to add data at end of packet. Password authentication should actually work. 1999-11-25 14:54:08 +00:00			`int`
Modified rip to new password handling in nest. Now it at least compiles. 1999-05-31 17:12:38 +00:00			`rip_outgoing_authentication( struct proto p, struct rip_block_auth block, struct rip_packet *packet, int num )`
Mensi updaty do ripu. Pridana passwd autentikace (netestovano). 1999-05-11 09:53:45 +00:00			`{`
Fix bugs in OSPF MD5 authentication. First bug is that default values for MD5 password ID changed during reconfigure, Second bug is that BIRD chooses password in first-fit manner, but RFC says that it should use the one with the latest generate-from. It also modifies the syntax for multiple passwords. Now it is possible to just add more 'password' statements to the interface section and it is not needed to use 'passwords' section. Old syntax can be used too. 2008-11-08 17:24:23 +01:00			`struct password_item *passwd = password_find(P_CF->passwords, 1);`
Bugfixes: select right password for password authentication, do not try to process authentication blocks as datablocks, make it possible to add data at end of packet. Password authentication should actually work. 1999-11-25 14:54:08 +00:00
			`if (!P_CF->authtype)`
			`return PACKETLEN(num);`

Mensi updaty do ripu. Pridana passwd autentikace (netestovano). 1999-05-11 09:53:45 +00:00			`DBG( "Outgoing authentication: " );`

Few fixme's fixed in rip (will not crash any more on request for sending routing table - hopefully). Next few steps in md5 authentication (not yet complete). 1999-08-18 13:19:33 +00:00			`if (!passwd) {`
Removed lots of trailing newlines in log messages. Please note that the only calls which don't add newlines automatically (i.e., don't print a full line of output) are debug() and DBG(). 2000-06-04 19:56:06 +00:00			`log( L_ERR "No suitable password found for authentication" );`
Bugfixes: select right password for password authentication, do not try to process authentication blocks as datablocks, make it possible to add data at end of packet. Password authentication should actually work. 1999-11-25 14:54:08 +00:00			`return PACKETLEN(num);`
Few fixme's fixed in rip (will not crash any more on request for sending routing table - hopefully). Next few steps in md5 authentication (not yet complete). 1999-08-18 13:19:33 +00:00			`}`

Bug fixes to authentication code by Eric Leblond <eleblond@init-sys.com>. 2003-04-06 18:38:01 +00:00			`block->authtype = htons(P_CF->authtype);`
Few fixme's fixed in rip (will not crash any more on request for sending routing table - hopefully). Next few steps in md5 authentication (not yet complete). 1999-08-18 13:19:33 +00:00			`block->mustbeFFFF = 0xffff;`
Mensi updaty do ripu. Pridana passwd autentikace (netestovano). 1999-05-11 09:53:45 +00:00			`switch (P_CF->authtype) {`
			`case AT_PLAINTEXT:`
Password management redesigned (untested). 2004-06-26 20:11:14 +00:00			`password_cpy( (char *) (&block->packetlen), passwd->password, 16);`
Bugfixes: select right password for password authentication, do not try to process authentication blocks as datablocks, make it possible to add data at end of packet. Password authentication should actually work. 1999-11-25 14:54:08 +00:00			`return PACKETLEN(num);`
Few fixme's fixed in rip (will not crash any more on request for sending routing table - hopefully). Next few steps in md5 authentication (not yet complete). 1999-08-18 13:19:33 +00:00			`case AT_MD5:`
			`{`
			`struct rip_md5_tail *tail;`
			`struct MD5Context ctxt;`
The initial sequence number for RIP md5 authentication was always zero. Bad as when bird e.g. was running for two weeks and then restarted it would take another two weeks until the peers of this router would accept data again from this router, as the sequence number would be too low. Changed to use the the current system time as the starting sequence number which is a more sane start value. (by Andreas, cleaned up by me) 2004-05-31 18:11:16 +00:00			`static u32 sequence = 0;`
Few fixme's fixed in rip (will not crash any more on request for sending routing table - hopefully). Next few steps in md5 authentication (not yet complete). 1999-08-18 13:19:33 +00:00
			`if (num > PACKET_MD5_MAX)`
Removed lots of trailing newlines in log messages. Please note that the only calls which don't add newlines automatically (i.e., don't print a full line of output) are debug() and DBG(). 2000-06-04 19:56:06 +00:00			`bug( "We can not add MD5 authentication to this long packet" );`
Few fixme's fixed in rip (will not crash any more on request for sending routing table - hopefully). Next few steps in md5 authentication (not yet complete). 1999-08-18 13:19:33 +00:00
The initial sequence number for RIP md5 authentication was always zero. Bad as when bird e.g. was running for two weeks and then restarted it would take another two weeks until the peers of this router would accept data again from this router, as the sequence number would be too low. Changed to use the the current system time as the starting sequence number which is a more sane start value. (by Andreas, cleaned up by me) 2004-05-31 18:11:16 +00:00			`/* need to preset the sequence number to a sane value */`
One space more. 2004-05-31 20:35:19 +00:00			`if (!sequence)`
The initial sequence number for RIP md5 authentication was always zero. Bad as when bird e.g. was running for two weeks and then restarted it would take another two weeks until the peers of this router would accept data again from this router, as the sequence number would be too low. Changed to use the the current system time as the starting sequence number which is a more sane start value. (by Andreas, cleaned up by me) 2004-05-31 18:11:16 +00:00			`sequence = (u32) time(NULL);`

Few fixme's fixed in rip (will not crash any more on request for sending routing table - hopefully). Next few steps in md5 authentication (not yet complete). 1999-08-18 13:19:33 +00:00			`block->keyid = passwd->id;`
Bug fixes to authentication code by Eric Leblond <eleblond@init-sys.com>. 2003-04-06 18:38:01 +00:00			`block->authlen = sizeof(struct rip_block_auth);`
Few fixme's fixed in rip (will not crash any more on request for sending routing table - hopefully). Next few steps in md5 authentication (not yet complete). 1999-08-18 13:19:33 +00:00			`block->seq = sequence++;`
			`block->zero0 = 0;`
Bugfixes: select right password for password authentication, do not try to process authentication blocks as datablocks, make it possible to add data at end of packet. Password authentication should actually work. 1999-11-25 14:54:08 +00:00			`block->zero1 = 0;`
Bug fixes to authentication code by Eric Leblond <eleblond@init-sys.com>. 2003-04-06 18:38:01 +00:00			`block->packetlen = htons(PACKETLEN(num));`
			`tail = (struct rip_md5_tail ) ((char ) packet + PACKETLEN(num) );`
Few fixme's fixed in rip (will not crash any more on request for sending routing table - hopefully). Next few steps in md5 authentication (not yet complete). 1999-08-18 13:19:33 +00:00			`tail->mustbeFFFF = 0xffff;`
Bug fixes to authentication code by Eric Leblond <eleblond@init-sys.com>. 2003-04-06 18:38:01 +00:00			`tail->mustbe0001 = 0x0100;`
Few fixme's fixed in rip (will not crash any more on request for sending routing table - hopefully). Next few steps in md5 authentication (not yet complete). 1999-08-18 13:19:33 +00:00
Password management redesigned (untested). 2004-06-26 20:11:14 +00:00			`password_cpy(tail->md5, passwd->password, 16);`
Few fixme's fixed in rip (will not crash any more on request for sending routing table - hopefully). Next few steps in md5 authentication (not yet complete). 1999-08-18 13:19:33 +00:00			`MD5Init(&ctxt);`
Bug fixes to authentication code by Eric Leblond <eleblond@init-sys.com>. 2003-04-06 18:38:01 +00:00			`MD5Update(&ctxt, (char *) packet, PACKETLEN(num) + sizeof(struct rip_md5_tail));`
			`MD5Final(tail->md5, &ctxt);`
md5 authentication seems to work. 1999-11-25 15:03:12 +00:00			`return PACKETLEN(num) + block->authlen;`
Modified rip to new password handling in nest. Now it at least compiles. 1999-05-31 17:12:38 +00:00			`}`
Bugfixes: select right password for password authentication, do not try to process authentication blocks as datablocks, make it possible to add data at end of packet. Password authentication should actually work. 1999-11-25 14:54:08 +00:00			`default:`
Removed lots of trailing newlines in log messages. Please note that the only calls which don't add newlines automatically (i.e., don't print a full line of output) are debug() and DBG(). 2000-06-04 19:56:06 +00:00			`bug( "Unknown authtype in outgoing authentication?" );`
Mensi updaty do ripu. Pridana passwd autentikace (netestovano). 1999-05-11 09:53:45 +00:00			`}`
			`}`