From: Toke Høiland-Jørgensen
In preparation for adding authentication checks, refactor the TLV walking
code so it can be reused for a separate pass of the packet for
authentication checks.
Signed-off-by: Toke Høiland-Jørgensen
---
proto/babel/packets.c | 166 +++---
From: Toke Høiland-Jørgensen
The Babel MAC authentication draft recommends implementing Blake2s as one
of the supported algorithms. In order to achieve do this, add the blake2b
and blake2s hash functions for MAC authentication. The hashing function
implementations are the reference implementation
From: Toke Høiland-Jørgensen
This adds a new field to the MAC algorithm description which is a pointer
that will allow an algorithm to validate a key before it is used. Add this
validate to the Blake algorithms, validating that the key length is exactly
equal to their respective output sizes.
Si
From: Toke Høiland-Jørgensen
This implements support for MAC authentication in the Babel protocol, as
specified by draft-babel-hmac-10. The implementation seeks to follow the
draft as close as possible, with the only deliberate deviation being the
addition of support for all the HMAC algorithms a
From: Toke Høiland-Jørgensen
This adds support for specifying a password in raw hexadecimal bytes form,
via the 'key' keyword. The result is the same whether a password is
specified as a quoted string or a hex-encoded byte string, this just makes
it more convenient to input high-entropy byte stri
This series adds MAC authentication support to the Babel protocol as specified
in by the IETF Babel working group in draft-babel-hmac-10:
https://tools.ietf.org/html/draft-ietf-babel-hmac-10
I have performed basic interoperability testing between this implementation and
the current babeld HMAC im
From: Toke Høiland-Jørgensen
The Babel authentication code added by a subsequent commit needs a way to
get random bytes for generating nonces.
This patch adds a wrapper function in sysdep to get random bytes, and the
required checks in configure.ac to select how to do it. The configure
script tr
Ondrej Zajicek writes:
> On Mon, Nov 23, 2020 at 11:07:04AM +0100, Toke Høiland-Jørgensen wrote:
>> The babel protocol code was initialising objects returned from the slab
>> allocator by assigning to each of the struct members individually, but
>> wasn't touching the NODE member while doing so.
This is required as they otherwise point to already (invalid) existing
lists and add_tail will fail (during a debug build). Re-initializing
these should be fine as the list they belong to is being re-initialized
on entry to the very same function. This became mandatory as of
baac7009063d the next a
I did observe crashes when running BIRD as a debug build when memory
returned from the allocator was supposedly not being zeroed. This became
mandatory as of baac7009063d the next and prev pointers of nodes in a
list are checked against NULL in debug builds.
---
proto/bgp/attrs.c | 2 +-
1 file ch
Hi,
In addition to those list node initialisation patches that went into
master so far I still have these two commits in my local tree. One of
them is about the logging configuration that I described in my initial
email on the topic. The other patch is about new memory buckets in the
BGP implement
11 matches
Mail list logo