On Tue, Jun 08, 2021 at 11:42:25AM +0200, Toke Høiland-Jørgensen wrote: > > Hi > > > > Merged to master. There are few more issues i noticed during testing, see > > b174cc0abc0a9d7e84cc6fae46d9e19b714fbcfb for details. Two of these issues > > were related to bad value of auth_tx_overhead, which has an ugly fail mode > > where only large route updates had bad/no signature, but small IHU packets > > had good signature, so the link looks like OK. > > Awesome! Many thanks, also for the bug fixes :) > > > I would like to have better fail mode in case of bugs, but not sure if > > that could be reasonably done. > > Hmm, one thought would be to do an explicit sanity check on link > bring-up by padding the initial Hello to the full packet length? That > should at least flush out any bugs inside Bird and (if we also actually > start checking the return value of the socket call) the OS. Big packets > could still be dropped on the wire, of course, but not much we can do > about that unless we want to do very extensive probing...
That is probably overkill. I thought about stopping signing of remaining packets for a neighbor after some error during signing happened. But that has some other problems, so i will likely just ignore this and keep it as it is. > >> > I also changed 'key' config option to 'password' (so it is 'password' > >> > with either ASCII string or hex-string). In future, we should probably > >> > switch to 'key' for both variants, as that is the name generally used for > >> > that. But using different keywords just for different notation of the > >> > same concept seems confusing to me. > >> > >> OK. But why not just support both 'key' and 'password' for both formats > >> straight away, then? > > > > OK with me. Will change that. Done -- Elen sila lumenn' omentielvo Ondrej 'Santiago' Zajicek (email: [email protected]) OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net) "To err is human -- to blame it on a computer is even more so."
