Mirror/frr
0
0
Fork 1
mirror of https://github.com/FRRouting/frr.git synced 2025-04-30 13:37:17 +02:00
Code Issues Actions 4 Packages Projects Releases Wiki Activity

nhrpd: Incomplete uniqueness bit handling

Browse source 
No storage/checking of uniqueness flag. No rejection of duplicate unique registrations

Signed-off-by: zmw12306 <zmw12306@gmail.com>
This commit is contained in:
zmw12306 2025-04-07 17:40:14 -04:00
parent 44c4743e08
commit 882ce9321a
1 changed files with 16 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
nhrpd/nhrp_peer.c
View file

@ -629,6 +629,8 @@ static void nhrp_handle_registration_request(struct nhrp_packet_parser *p)
int holdtime, prefix_len, hostprefix_len, natted = 0;
size_t paylen;
void *pay;
bool is_unique = p->hdr->flags & htons(NHRP_FLAG_REGISTRATION_UNIQUE);
int cie_count = 0;
debugf(NHRP_DEBUG_COMMON, "Parsing and replying to Registration Req");
hostprefix_len = 8 * sockunion_get_addrlen(&p->if_ad->addr);
@ -656,7 +658,21 @@ static void nhrp_handle_registration_request(struct nhrp_packet_parser *p)
while ((cie = nhrp_cie_pull(&payload, hdr, &cie_nbma, &cie_proto))
!= NULL) {
cie_count++;
if (cie_count > 1 && is_unique) {
debugf(NHRP_DEBUG_COMMON, "RFC violation: More than one CIE in unique registration");
cie->code = NHRP_CODE_ADMINISTRATIVELY_PROHIBITED;
continue;
}
prefix_len = cie->prefix_length;
if (is_unique && prefix_len != 0xFF) {
debugf(NHRP_DEBUG_COMMON, "RFC violation: Prefix length must be 0xFF for unique registration");
cie->code = NHRP_CODE_ADMINISTRATIVELY_PROHIBITED;
continue;
}
if (prefix_len == 0 || prefix_len >= hostprefix_len)
prefix_len = hostprefix_len;