Re: ripd(8) fails on P2P links

[Piotr Durlej]

On 2016-12-06 00:12, Piotr Durlej wrote:

Hi,

I dislike cross-posting/repeated posting but I was advised to do so by
mpi@.

I just want to make sure my previous mail sent to bugs@ hasn't gone
unnoticed.

The problem is that ripd(8) is unable to determine the interface on
which a RIP packet was received when the source and destination
addresses of the interface do not share the same subnet.

Additionally, when ran with the -d switch, ripd(8) produces the
following error message every time a valid RIP packet is received on
the interface in question:

"recv_packet: cannot find a matching interface".

Here is an example:

Script started on Wed Nov 23 08:58:36 2016
# ifconfig gre0

gre0: flags=9011<UP,POINTOPOINT,LINK0,MULTICAST> mtu 1476
index 5 priority 0 llprio 3
groups: gre
tunnel: inet 192.168.0.1 -> 192.168.0.2
inet 192.168.1.1 --> 192.168.1.2 netmask 0xffffffff
# ripd -dv

startup
[...]
recv_packet: cannot find a matching interface
^C
[...]
terminating
# tcpdump -s1500 -vnlpi gre0

tcpdump: listening on gre0, link-type LOOP
08:59:37.627530 192.168.1.2.520 > 224.0.0.9.520: [udp sum ok]
RIPv2-resp [items 2]: {172.22.1.0/255.255.255.0}(1)
{192.168.0.0/255.255.255.0}(1) [tos 0xc0] [ttl 1] (id 47684, len 72)
^C
1 packets received by filter
0 packets dropped by kernel
# ^D

Script done on Wed Nov 23 09:00:10 2016

And here is a patch:

diff --git a/usr.sbin/ripd/packet.c b/usr.sbin/ripd/packet.c
index 37b4a91..b956ec0 100644
--- a/usr.sbin/ripd/packet.c
+++ b/usr.sbin/ripd/packet.c

@@ -232,15 +232,17 @@ find_iface(struct ripd_conf *xconf, unsigned int ifindex, struct in_addr src)

/* returned interface needs to be active */
LIST_FOREACH(iface, &xconf->iface_list, entry) {
-        if (ifindex != 0 && ifindex == iface->ifindex &&
-            !iface->passive && (iface->addr.s_addr &
+        if (ifindex == 0 || ifindex != iface->ifindex)
+            continue;
+
+        if (iface->passive)
+            continue;
+
+        if ((iface->addr.s_addr &
iface->mask.s_addr) == (src.s_addr & iface->mask.s_addr))
-            /*
-             * XXX may fail on P2P links because src and dst don't
-             * have to share a common subnet on the otherhand
-             * checking something like this will help to support
-             * multiple networks configured on one interface.
-             */
+            return (iface);
+
+        if (iface->dst.s_addr && iface->dst.s_addr == src.s_addr)
return (iface);
}

Kind regards,
Piotr

Any thoughts? Is the patch ok, wrong, accepted, rejected or unnoticed?

Kind regards,
Piotr