Tree - rpms/frr - CentOS Git server

rpms / frr

Blame SOURCES/0003-disable-eigrp-crypto.patch

Blob History Raw

		4d1074	`diff --git a/eigrpd/eigrp_vty.c b/eigrpd/eigrp_vty.c`
		4d1074	`index fc5bdbd..56ebac6 100644`
		4d1074	`--- a/eigrpd/eigrp_vty.c`
		4d1074	`+++ b/eigrpd/eigrp_vty.c`
		4d1074	`@@ -968,6 +968,9 @@ DEFUN (eigrp_authentication_mode,`
		4d1074	`"Keyed message digest\n"`
		4d1074	`"HMAC SHA256 algorithm \n")`
		4d1074	`{`
		4d1074	`+ vty_out(vty, " EIGRP Authentication is disabled\n");`
		4d1074	`+ return CMD_WARNING_CONFIG_FAILED;`
		4d1074	`+`
		4d1074	`VTY_DECLVAR_CONTEXT(interface, ifp);`
		4d1074	`struct eigrp_interface *ei = ifp->info;`
		4d1074	`struct eigrp *eigrp;`
		4d1074	`@@ -1003,6 +1006,9 @@ DEFUN (no_eigrp_authentication_mode,`
		4d1074	`"Keyed message digest\n"`
		4d1074	`"HMAC SHA256 algorithm \n")`
		4d1074	`{`
		4d1074	`+ vty_out(vty, " EIGRP Authentication is disabled\n");`
		4d1074	`+ return CMD_WARNING_CONFIG_FAILED;`
		4d1074	`+`
		4d1074	`VTY_DECLVAR_CONTEXT(interface, ifp);`
		4d1074	`struct eigrp_interface *ei = ifp->info;`
		4d1074	`struct eigrp *eigrp;`
		4d1074	`@@ -1034,6 +1040,9 @@ DEFPY (eigrp_authentication_keychain,`
		4d1074	`"Autonomous system number\n"`
		4d1074	`"Name of key-chain\n")`
		4d1074	`{`
		4d1074	`+ vty_out(vty, " EIGRP Authentication is disabled\n");`
		4d1074	`+ return CMD_WARNING_CONFIG_FAILED;`
		4d1074	`+`
		4d1074	`VTY_DECLVAR_CONTEXT(interface, ifp);`
		4d1074	`struct eigrp_interface *ei = ifp->info;`
		4d1074	`struct eigrp *eigrp;`
		4d1074	`diff --git a/eigrpd/eigrp_packet.c b/eigrpd/eigrp_packet.c`
		4d1074	`index bedaf15..8dc09bf 100644`
		4d1074	`--- a/eigrpd/eigrp_packet.c`
		4d1074	`+++ b/eigrpd/eigrp_packet.c`
		4d1074	`@@ -40,8 +40,10 @@`
		4d1074	`#include "log.h"`
		4d1074	`#include "sockopt.h"`
		4d1074	`#include "checksum.h"`
		4d1074	`+#ifdef CRYPTO_INTERNAL`
		4d1074	`#include "md5.h"`
		4d1074	`#include "sha256.h"`
		4d1074	`+#endif`
		4d1074	`#include "lib_errors.h"`
		4d1074
		4d1074	`#include "eigrpd/eigrp_structs.h"`
		4d1074	`@@ -95,8 +97,12 @@ int eigrp_make_md5_digest(struct eigrp_interface ei, struct stream s,`
		4d1074	`struct key *key = NULL;`
		4d1074	`struct keychain *keychain;`
		4d1074
		4d1074	`+`
		4d1074	`unsigned char digest[EIGRP_AUTH_TYPE_MD5_LEN];`
		4d1074	`+#ifdef CRYPTO_OPENSSL`
		4d1074	`+#elif CRYPTO_INTERNAL`
		4d1074	`MD5_CTX ctx;`
		4d1074	`+#endif`
		4d1074	`uint8_t *ibuf;`
		4d1074	`size_t backup_get, backup_end;`
		4d1074	`struct TLV_MD5_Authentication_Type *auth_TLV;`
		4d1074	`@@ -119,6 +125,9 @@ int eigrp_make_md5_digest(struct eigrp_interface ei, struct stream s,`
		4d1074	`return EIGRP_AUTH_TYPE_NONE;`
		4d1074	`}`
		4d1074
		4d1074	`+#ifdef CRYPTO_OPENSSL`
		4d1074	`+//TBD when this is fixed in upstream`
		4d1074	`+#elif CRYPTO_INTERNAL`
		4d1074	`memset(&ctx, 0, sizeof(ctx));`
		4d1074	`MD5Init(&ctx;;`
		4d1074
		4d1074	`@@ -146,7 +155,7 @@ int eigrp_make_md5_digest(struct eigrp_interface ei, struct stream s,`
		4d1074	`}`
		4d1074
		4d1074	`MD5Final(digest, &ctx;;`
		4d1074	`-`
		4d1074	`+#endif`
		4d1074	`/* Append md5 digest to the end of the stream. */`
		4d1074	`memcpy(auth_TLV->digest, digest, EIGRP_AUTH_TYPE_MD5_LEN);`
		4d1074
		4d1074	`@@ -162,7 +171,10 @@ int eigrp_check_md5_digest(struct stream *s,`
		4d1074	`struct TLV_MD5_Authentication_Type *authTLV,`
		4d1074	`struct eigrp_neighbor *nbr, uint8_t flags)`
		4d1074	`{`
		4d1074	`+#ifdef CRYPTO_OPENSSL`
		4d1074	`+#elif CRYPTO_INTERNAL`
		4d1074	`MD5_CTX ctx;`
		4d1074	`+#endif`
		4d1074	`unsigned char digest[EIGRP_AUTH_TYPE_MD5_LEN];`
		4d1074	`unsigned char orig[EIGRP_AUTH_TYPE_MD5_LEN];`
		4d1074	`struct key *key = NULL;`
		4d1074	`@@ -203,6 +215,9 @@ int eigrp_check_md5_digest(struct stream *s,`
		4d1074	`return 0;`
		4d1074	`}`
		4d1074
		4d1074	`+#ifdef CRYPTO_OPENSSL`
		4d1074	`+ //TBD when eigrpd crypto is fixed in upstream`
		4d1074	`+#elif CRYPTO_INTERNAL`
		4d1074	`memset(&ctx, 0, sizeof(ctx));`
		4d1074	`MD5Init(&ctx;;`
		4d1074
		4d1074	`@@ -230,6 +245,7 @@ int eigrp_check_md5_digest(struct stream *s,`
		4d1074	`}`
		4d1074
		4d1074	`MD5Final(digest, &ctx;;`
		4d1074	`+#endif`
		4d1074
		4d1074	`/* compare the two */`
		4d1074	`if (memcmp(orig, digest, EIGRP_AUTH_TYPE_MD5_LEN) != 0) {`
		4d1074	`@@ -254,7 +270,11 @@ int eigrp_make_sha256_digest(struct eigrp_interface ei, struct stream s,`
		4d1074	`unsigned char digest[EIGRP_AUTH_TYPE_SHA256_LEN];`
		4d1074	`unsigned char buffer[1 + PLAINTEXT_LENGTH + 45 + 1] = {0};`
		4d1074
		4d1074	`+#ifdef CRYPTO_OPENSSL`
		4d1074	`+ //TBD when eigrpd crypto is fixed in upstream`
		4d1074	`+#elif CRYPTO_INTERNAL`
		4d1074	`HMAC_SHA256_CTX ctx;`
		4d1074	`+#endif`
		4d1074	`void *ibuf;`
		4d1074	`size_t backup_get, backup_end;`
		4d1074	`struct TLV_SHA256_Authentication_Type *auth_TLV;`
		4d1074	`@@ -283,6 +303,9 @@ int eigrp_make_sha256_digest(struct eigrp_interface ei, struct stream s,`
		4d1074
		4d1074	`inet_ntop(AF_INET, &ei->address->u.prefix4, source_ip, PREFIX_STRLEN);`
		4d1074
		4d1074	`+#ifdef CRYPTO_OPENSSL`
		4d1074	`+ //TBD when eigrpd crypto is fixed in upstream`
		4d1074	`+#elif CRYPTO_INTERNAL`
		4d1074	`memset(&ctx, 0, sizeof(ctx));`
		4d1074	`buffer[0] = '\n';`
		4d1074	`memcpy(buffer + 1, key, strlen(key->string));`
		4d1074	`@@ -291,7 +314,7 @@ int eigrp_make_sha256_digest(struct eigrp_interface ei, struct stream s,`
		4d1074	`1 + strlen(key->string) + strlen(source_ip));`
		4d1074	`HMAC__SHA256_Update(&ctx, ibuf, strlen(ibuf));`
		4d1074	`HMAC__SHA256_Final(digest, &ctx;;`
		4d1074	`-`
		4d1074	`+#endif`
		4d1074
		4d1074	`/* Put hmac-sha256 digest to it's place */`
		4d1074	`memcpy(auth_TLV->digest, digest, EIGRP_AUTH_TYPE_SHA256_LEN);`
		4d1074	`diff --git a/eigrpd/eigrp_filter.c b/eigrpd/eigrp_filter.c`
		4d1074	`index 93eed94..f1c7347 100644`
		4d1074	`--- a/eigrpd/eigrp_filter.c`
		4d1074	`+++ b/eigrpd/eigrp_filter.c`
		4d1074	`@@ -47,7 +47,9 @@`
		4d1074	`#include "if_rmap.h"`
		4d1074	`#include "plist.h"`
		4d1074	`#include "distribute.h"`
		4d1074	`+#ifdef CRYPTO_INTERNAL`
		4d1074	`#include "md5.h"`
		4d1074	`+#endif`
		4d1074	`#include "keychain.h"`
		4d1074	`#include "privs.h"`
		4d1074	`#include "vrf.h"`
		4d1074	`diff --git a/eigrpd/eigrp_hello.c b/eigrpd/eigrp_hello.c`
		4d1074	`index dacd5ca..b232cc5 100644`
		4d1074	`--- a/eigrpd/eigrp_hello.c`
		4d1074	`+++ b/eigrpd/eigrp_hello.c`
		4d1074	`@@ -43,7 +43,9 @@`
		4d1074	`#include "sockopt.h"`
		4d1074	`#include "checksum.h"`
		4d1074	`#include "vty.h"`
		4d1074	`+#ifdef CRYPTO_INTERNAL`
		4d1074	`#include "md5.h"`
		4d1074	`+#endif`
		4d1074
		4d1074	`#include "eigrpd/eigrp_structs.h"`
		4d1074	`#include "eigrpd/eigrpd.h"`
		4d1074	`diff --git a/eigrpd/eigrp_query.c b/eigrpd/eigrp_query.c`
		4d1074	`index 84dcf5e..a2575e3 100644`
		4d1074	`--- a/eigrpd/eigrp_query.c`
		4d1074	`+++ b/eigrpd/eigrp_query.c`
		4d1074	`@@ -38,7 +38,9 @@`
		4d1074	`#include "log.h"`
		4d1074	`#include "sockopt.h"`
		4d1074	`#include "checksum.h"`
		4d1074	`+#ifdef CRYPTO_INTERNAL`
		4d1074	`#include "md5.h"`
		4d1074	`+#endif`
		4d1074	`#include "vty.h"`
		4d1074
		4d1074	`#include "eigrpd/eigrp_structs.h"`
		4d1074	`diff --git a/eigrpd/eigrp_reply.c b/eigrpd/eigrp_reply.c`
		4d1074	`index ccf0496..2902365 100644`
		4d1074	`--- a/eigrpd/eigrp_reply.c`
		4d1074	`+++ b/eigrpd/eigrp_reply.c`
		4d1074	`@@ -42,7 +42,9 @@`
		4d1074	`#include "log.h"`
		4d1074	`#include "sockopt.h"`
		4d1074	`#include "checksum.h"`
		4d1074	`+#ifdef CRYPTO_INTERNAL`
		4d1074	`#include "md5.h"`
		4d1074	`+#endif`
		4d1074	`#include "vty.h"`
		4d1074	`#include "keychain.h"`
		4d1074	`#include "plist.h"`
		4d1074	`diff --git a/eigrpd/eigrp_siaquery.c b/eigrpd/eigrp_siaquery.c`
		4d1074	`index ff38325..09b9369 100644`
		4d1074	`--- a/eigrpd/eigrp_siaquery.c`
		4d1074	`+++ b/eigrpd/eigrp_siaquery.c`
		4d1074	`@@ -38,7 +38,9 @@`
		4d1074	`#include "log.h"`
		4d1074	`#include "sockopt.h"`
		4d1074	`#include "checksum.h"`
		4d1074	`+#ifdef CRYPTO_INTERNAL`
		4d1074	`#include "md5.h"`
		4d1074	`+#endif`
		4d1074	`#include "vty.h"`
		4d1074
		4d1074	`#include "eigrpd/eigrp_structs.h"`
		4d1074	`diff --git a/eigrpd/eigrp_siareply.c b/eigrpd/eigrp_siareply.c`
		4d1074	`index d3dd123..f6a2bd6 100644`
		4d1074	`--- a/eigrpd/eigrp_siareply.c`
		4d1074	`+++ b/eigrpd/eigrp_siareply.c`
		4d1074	`@@ -37,7 +37,9 @@`
		4d1074	`#include "log.h"`
		4d1074	`#include "sockopt.h"`
		4d1074	`#include "checksum.h"`
		4d1074	`+#ifdef CRYPTO_INTERNAL`
		4d1074	`#include "md5.h"`
		4d1074	`+#endif`
		4d1074	`#include "vty.h"`
		4d1074
		4d1074	`#include "eigrpd/eigrp_structs.h"`
		4d1074	`diff --git a/eigrpd/eigrp_snmp.c b/eigrpd/eigrp_snmp.c`
		4d1074	`index 21c9238..cfb8890 100644`
		4d1074	`--- a/eigrpd/eigrp_snmp.c`
		4d1074	`+++ b/eigrpd/eigrp_snmp.c`
		4d1074	`@@ -42,7 +42,9 @@`
		4d1074	`#include "log.h"`
		4d1074	`#include "sockopt.h"`
		4d1074	`#include "checksum.h"`
		4d1074	`+#ifdef CRYPTO_INTERNAL`
		4d1074	`#include "md5.h"`
		4d1074	`+#endif`
		4d1074	`#include "keychain.h"`
		4d1074	`#include "smux.h"`
		4d1074
		4d1074	`diff --git a/eigrpd/eigrp_update.c b/eigrpd/eigrp_update.c`
		4d1074	`index 8db4903..2a4f0bb 100644`
		4d1074	`--- a/eigrpd/eigrp_update.c`
		4d1074	`+++ b/eigrpd/eigrp_update.c`
		4d1074	`@@ -42,7 +42,9 @@`
		4d1074	`#include "log.h"`
		4d1074	`#include "sockopt.h"`
		4d1074	`#include "checksum.h"`
		4d1074	`+#ifdef CRYPTO_INTERNAL`
		4d1074	`#include "md5.h"`
		4d1074	`+#endif`
		4d1074	`#include "vty.h"`
		4d1074	`#include "plist.h"`
		4d1074	`#include "plist_int.h"`

rpms / frr

Source Code

Blame SOURCES/0003-disable-eigrp-crypto.patch