[PATCH v3 6/7] babel: Refactor TLV parsing code for easier reuse

From: Toke Høiland-Jørgensen In preparation for adding authentication checks, refactor the TLV walking code so it can be reused for a separate pass of the packet for authentication checks. Signed-off-by: Toke Høiland-Jørgensen --- proto/babel/packets.c | 166 +++---

[PATCH v3 2/7] nest: Add Blake2s and Blake2b hash functions

From: Toke Høiland-Jørgensen The Babel MAC authentication draft recommends implementing Blake2s as one of the supported algorithms. In order to achieve do this, add the blake2b and blake2s hash functions for MAC authentication. The hashing function implementations are the reference implementation

[PATCH v3 5/7] config: Allow MAC algorithms to specify a function to validate their keys

From: Toke Høiland-Jørgensen This adds a new field to the MAC algorithm description which is a pointer that will allow an algorithm to validate a key before it is used. Add this validate to the Blake algorithms, validating that the key length is exactly equal to their respective output sizes. Si

[PATCH v3 7/7] babel: Add MAC authentication support

From: Toke Høiland-Jørgensen This implements support for MAC authentication in the Babel protocol, as specified by draft-babel-hmac-10. The implementation seeks to follow the draft as close as possible, with the only deliberate deviation being the addition of support for all the HMAC algorithms a

[PATCH v3 4/7] nest: Allow specifying security keys as hex bytes as well as strings

From: Toke Høiland-Jørgensen This adds support for specifying a password in raw hexadecimal bytes form, via the 'key' keyword. The result is the same whether a password is specified as a quoted string or a hex-encoded byte string, this just makes it more convenient to input high-entropy byte stri

[PATCH v3 0/7] Add MAC authentication support to the Babel protocol

This series adds MAC authentication support to the Babel protocol as specified in by the IETF Babel working group in draft-babel-hmac-10: https://tools.ietf.org/html/draft-ietf-babel-hmac-10 I have performed basic interoperability testing between this implementation and the current babeld HMAC im

[PATCH v3 1/7] sysdep: Add wrapper to get random bytes

From: Toke Høiland-Jørgensen The Babel authentication code added by a subsequent commit needs a way to get random bytes for generating nonces. This patch adds a wrapper function in sysdep to get random bytes, and the required checks in configure.ac to select how to do it. The configure script tr

Re: [PATCH v2] lib/slab: introduce sl_allocz() function and use it in Babel

Ondrej Zajicek writes: > On Mon, Nov 23, 2020 at 11:07:04AM +0100, Toke Høiland-Jørgensen wrote: >> The babel protocol code was initialising objects returned from the slab >> allocator by assigning to each of the struct members individually, but >> wasn't touching the NODE member while doing so.

[PATCH 1/2] sysdep/unix/log: reinitialize the static logging structs

This is required as they otherwise point to already (invalid) existing lists and add_tail will fail (during a debug build). Re-initializing these should be fine as the list they belong to is being re-initialized on entry to the very same function. This became mandatory as of baac7009063d the next a

[PATCH 2/2] proto/bgp: zero the newly allocated bucket memory

I did observe crashes when running BIRD as a debug build when memory returned from the allocator was supposedly not being zeroed. This became mandatory as of baac7009063d the next and prev pointers of nodes in a list are checked against NULL in debug builds. --- proto/bgp/attrs.c | 2 +- 1 file ch

[PATCH] more list node initialisation

Hi, In addition to those list node initialisation patches that went into master so far I still have these two commits in my local tree. One of them is about the logging configuration that I described in my initial email on the topic. The other patch is about new memory buckets in the BGP implement