The initial sequence number for RIP md5 authentication was always zero.
Bad as when bird e.g. was running for two weeks and then restarted it would take another two weeks until the peers of this router would accept data again from this router, as the sequence number would be too low. Changed to use the the current system time as the starting sequence number which is a more sane start value. (by Andreas, cleaned up by me)
This commit is contained in:
parent
277a34eff1
commit
3cb96cd343
1 changed files with 5 additions and 1 deletions
|
@ -140,11 +140,15 @@ rip_outgoing_authentication( struct proto *p, struct rip_block_auth *block, stru
|
|||
{
|
||||
struct rip_md5_tail *tail;
|
||||
struct MD5Context ctxt;
|
||||
static uint32_t sequence = 0;
|
||||
static u32 sequence = 0;
|
||||
|
||||
if (num > PACKET_MD5_MAX)
|
||||
bug( "We can not add MD5 authentication to this long packet" );
|
||||
|
||||
/* need to preset the sequence number to a sane value */
|
||||
if(!sequence)
|
||||
sequence = (u32) time(NULL);
|
||||
|
||||
block->keyid = passwd->id;
|
||||
block->authlen = sizeof(struct rip_block_auth);
|
||||
block->seq = sequence++;
|
||||
|
|
Loading…
Reference in a new issue