diff options
| author | Theo de Raadt <deraadt@cvs.openbsd.org> | 1997-07-30 23:28:59 +0000 |
|---|---|---|
| committer | Theo de Raadt <deraadt@cvs.openbsd.org> | 1997-07-30 23:28:59 +0000 |
| commit | c8e8720d9608e1d404551392fa626de1242145cc (patch) | |
| tree | 93650b27a6ea7ea404bf54a763998664b8899ff1 /sbin/routed/parms.c | |
| parent | 8f8968006824e23ac888c36b119b28a019d1faa2 (diff) | |
new routed DOES NOT EVEN COMPILE LET ALONE WORK. TEST YOUR WORK!
Also, put back the damn security check in input.c that has been deleted
TWO SEPERATE TIMES NOW! I CURSE anyone who deletes that check again.
Diffstat (limited to 'sbin/routed/parms.c')
| -rw-r--r-- | sbin/routed/parms.c | 640 |
1 files changed, 177 insertions, 463 deletions
diff --git a/sbin/routed/parms.c b/sbin/routed/parms.c index f175e38f745..18c305705d5 100644 --- a/sbin/routed/parms.c +++ b/sbin/routed/parms.c @@ -1,4 +1,4 @@ -/* $OpenBSD: parms.c,v 1.5 1997/07/30 22:24:44 mickey Exp $ */ +/* $OpenBSD: parms.c,v 1.6 1997/07/30 23:28:43 deraadt Exp $ */ /* * Copyright (c) 1983, 1993 @@ -39,12 +39,10 @@ static char sccsid[] = "@(#)if.c 8.1 (Berkeley) 6/5/93"; #include "defs.h" #include "pathnames.h" -#include <sys/stat.h> struct parm *parms; struct intnet *intnets; -struct tgate *tgates; /* use configured parameters @@ -52,55 +50,49 @@ struct tgate *tgates; void get_parms(struct interface *ifp) { - static warned_auth_in, warned_auth_out; struct parm *parmp; - int i, num_passwds = 0; /* get all relevant parameters */ for (parmp = parms; parmp != 0; parmp = parmp->parm_next) { - if (parmp->parm_name[0] == '\0' - || !strcmp(ifp->int_name, parmp->parm_name) - || (parmp->parm_name[0] == '\n' - && on_net(ifp->int_addr, - parmp->parm_net, parmp->parm_mask))) { - - /* This group of parameters is relevant, + if ((parmp->parm_name[0] == '\0' + && on_net(ifp->int_addr, + parmp->parm_addr_h, parmp->parm_mask)) + || (parmp->parm_name[0] != '\0' + && !strcmp(ifp->int_name, parmp->parm_name))) { + /* this group of parameters is relevant, * so get its settings */ ifp->int_state |= parmp->parm_int_state; - for (i = 0; i < MAX_AUTH_KEYS; i++) { - if (parmp->parm_auth[0].type == RIP_AUTH_NONE - || num_passwds >= MAX_AUTH_KEYS) - break; - bcopy(&parmp->parm_auth[i], - &ifp->int_auth[num_passwds++], - sizeof(ifp->int_auth[0])); - } + if (parmp->parm_passwd[0] != '\0') + bcopy(parmp->parm_passwd, ifp->int_passwd, + sizeof(ifp->int_passwd)); if (parmp->parm_rdisc_pref != 0) ifp->int_rdisc_pref = parmp->parm_rdisc_pref; if (parmp->parm_rdisc_int != 0) ifp->int_rdisc_int = parmp->parm_rdisc_int; if (parmp->parm_d_metric != 0) ifp->int_d_metric = parmp->parm_d_metric; - } + } } - - /* Set general defaults. - * - * Default poor-man's router discovery to a metric that will - * be heard by old versions of `routed`. They ignored received - * routes with metric 15. + /* default poor-man's router discovery to a metric that will + * be heard by old versions of routed. */ if ((ifp->int_state & IS_PM_RDISC) && ifp->int_d_metric == 0) - ifp->int_d_metric = FAKE_METRIC; + ifp->int_d_metric = HOPCNT_INFINITY-2; + + if (IS_RIP_IN_OFF(ifp->int_state)) + ifp->int_state |= IS_NO_RIP_OUT; if (ifp->int_rdisc_int == 0) ifp->int_rdisc_int = DefMaxAdvertiseInterval; if (!(ifp->int_if_flags & IFF_MULTICAST) - && !(ifp->int_state & IS_REMOTE)) + && !(ifp->int_if_flags & IFF_POINTOPOINT)) + ifp->int_state |= IS_NO_RIPV2_OUT; + + if (!(ifp->int_if_flags & IFF_MULTICAST)) ifp->int_state |= IS_BCAST_RDISC; if (ifp->int_if_flags & IFF_POINTOPOINT) { @@ -117,27 +109,10 @@ get_parms(struct interface *ifp) if (0 != (ifp->int_state & (IS_PASSIVE | IS_REMOTE))) ifp->int_state |= IS_NO_RDISC; if (ifp->int_state & IS_PASSIVE) - ifp->int_state |= IS_NO_RIP; - - if (!IS_RIP_IN_OFF(ifp->int_state) - && ifp->int_auth[0].type != RIP_AUTH_NONE - && !(ifp->int_state & IS_NO_RIPV1_IN) - && !warned_auth_in) { - msglog("Warning: RIPv1 input via %s" - " will be accepted without authentication", - ifp->int_name); - warned_auth_in = 1; - } - if (!IS_RIP_OUT_OFF(ifp->int_state) - && ifp->int_auth[0].type != RIP_AUTH_NONE - && !(ifp->int_state & IS_NO_RIPV1_OUT)) { - if (!warned_auth_out) { - msglog("Warning: RIPv1 output via %s" - " will be sent without authentication", - ifp->int_name); - warned_auth_out = 1; - } - } + ifp->int_state |= (IS_NO_RIP | IS_NO_RDISC); + if ((ifp->int_state & (IS_NO_RIP | IS_NO_RDISC)) + == (IS_NO_RIP|IS_NO_RDISC)) + ifp->int_state |= IS_PASSIVE; } @@ -166,21 +141,15 @@ gwkludge(void) struct interface *ifp; naddr dst, netmask, gate; int metric, n; - struct stat sb; u_int state; char *type; + struct parm *parmp; fp = fopen(_PATH_GATEWAYS, "r"); if (fp == 0) return; - if (0 > fstat(fileno(fp), &sb)) { - msglog("could not stat() "_PATH_GATEWAYS); - (void)fclose(fp); - return; - } - for (;;) { if (0 == fgets(lbuf, sizeof(lbuf)-1, fp)) break; @@ -191,20 +160,19 @@ gwkludge(void) || *lptr == '#') continue; p = lptr+strlen(lptr)-1; - while (*p == '\n' || *p == ' ') + while (*p == '\n' + || *p == ' ') *p-- = '\0'; /* notice newfangled parameter lines */ if (strncasecmp("net", lptr, 3) && strncasecmp("host", lptr, 4)) { - p = parse_parms(lptr, - (sb.st_uid == 0 - && !(sb.st_mode&(S_IRWXG|S_IRWXO)))); + p = parse_parms(lptr); if (p != 0) { - if (strcasecmp(p,lptr)) - msglog("%s in "_PATH_GATEWAYS - " entry \"%s\"", p, lptr); + if (strcmp(p,lptr)) + msglog("bad \"%s\" in "_PATH_GATEWAYS + " entry \"%s\"", lptr, p); else msglog("bad \"%s\" in "_PATH_GATEWAYS, lptr); @@ -213,34 +181,31 @@ gwkludge(void) } /* {net | host} XX[/M] XX gateway XX metric DD [passive | external]\n */ - qual[0] = '\0'; n = sscanf(lptr, "%4s %129[^ \t] gateway" - " %64[^ / \t] metric %u %8s\n", + " %64[^ / \t] metric %d %8s\n", net_host, dname, gname, &metric, qual); - if (n != 4 && n != 5) { - msglog("bad "_PATH_GATEWAYS" entry \"%s\"; %d values", - lptr, n); + if (n != 5) { + msglog("bad "_PATH_GATEWAYS" entry \"%s\"", lptr); continue; } - if (metric >= HOPCNT_INFINITY) { + if (metric < 0 || metric >= HOPCNT_INFINITY) { msglog("bad metric in "_PATH_GATEWAYS" entry \"%s\"", lptr); continue; } - if (!strcasecmp(net_host, "host")) { + if (!strcmp(net_host, "host")) { if (!gethost(dname, &dst)) { msglog("bad host \"%s\" in "_PATH_GATEWAYS " entry \"%s\"", dname, lptr); continue; } netmask = HOST_MASK; - } else if (!strcasecmp(net_host, "net")) { + } else if (!strcmp(net_host, "net")) { if (!getnet(dname, &dst, &netmask)) { msglog("bad net \"%s\" in "_PATH_GATEWAYS " entry \"%s\"", dname, lptr); continue; } - HTONL(dst); /* make network # into IP address */ } else { msglog("bad \"%s\" in "_PATH_GATEWAYS " entry \"%s\"", lptr); @@ -253,7 +218,7 @@ gwkludge(void) continue; } - if (!strcasecmp(qual, type = "passive")) { + if (strcmp(qual, type = "passive") == 0) { /* Passive entries are not placed in our tables, * only the kernel's, so we don't copy all of the * external routing information within a net. @@ -264,19 +229,17 @@ gwkludge(void) if (metric == 0) metric = 1; - } else if (!strcasecmp(qual, type = "external")) { + } else if (strcmp(qual, type = "external") == 0) { /* External entries are handled by other means * such as EGP, and are placed only in the daemon * tables to prevent overriding them with something * else. */ - strcpy(qual,"external"); state = IS_REMOTE | IS_PASSIVE | IS_EXTERNAL; if (metric == 0) metric = 1; - } else if (!strcasecmp(qual, "active") - || qual[0] == '\0') { + } else if (qual[0] == '\0') { if (metric != 0) { /* Entries that are neither "passive" nor * "external" are "remote" and must behave @@ -289,277 +252,110 @@ gwkludge(void) /* "remote" entries with a metric of 0 * are aliases for our own interfaces */ - state = IS_REMOTE | IS_PASSIVE | IS_ALIAS; + state = IS_REMOTE | IS_PASSIVE; type = "alias"; } } else { - msglog("bad "_PATH_GATEWAYS" entry \"%s\";" - " unknown type %s", lptr, qual); + msglog("bad "_PATH_GATEWAYS" entry \"%s\"", lptr); continue; } + /* Remember to advertise the corresponding logical network. + */ + if (!(state & IS_EXTERNAL) + && netmask != std_mask(dst)) + state |= IS_SUBNET; + if (0 != (state & (IS_PASSIVE | IS_REMOTE))) state |= IS_NO_RDISC; if (state & IS_PASSIVE) - state |= IS_NO_RIP; - - ifp = check_dup(gate,dst,netmask,0); + state |= (IS_NO_RIP | IS_NO_RDISC); + if ((state & (IS_NO_RIP | IS_NO_RDISC)) + == (IS_NO_RIP|IS_NO_RDISC)) + state |= IS_PASSIVE; + + parmp = (struct parm*)malloc(sizeof(*parmp)); + bzero(parmp, sizeof(*parmp)); + parmp->parm_next = parms; + parms = parmp; + parmp->parm_addr_h = ntohl(dst); + parmp->parm_mask = -1; + parmp->parm_d_metric = 0; + parmp->parm_int_state = state; + + /* See if this new interface duplicates an existing + * interface. + */ + for (ifp = ifnet; 0 != ifp; ifp = ifp->int_next) { + if (ifp->int_mask == netmask + && ((ifp->int_addr == dst + && netmask != HOST_MASK) + || (ifp->int_dstaddr == dst + && netmask == HOST_MASK))) + break; + } if (ifp != 0) { - msglog("duplicate "_PATH_GATEWAYS" entry \"%s\"",lptr); + /* Let one of our real interfaces be marked passive. + */ + if ((state & IS_PASSIVE) && !(state & IS_EXTERNAL)) { + ifp->int_state |= state; + } else { + msglog("%s is duplicated in "_PATH_GATEWAYS + " by %s", + ifp->int_name, lptr); + } continue; } + tot_interfaces++; + ifp = (struct interface *)malloc(sizeof(*ifp)); bzero(ifp, sizeof(*ifp)); + if (ifnet != 0) { + ifp->int_next = ifnet; + ifnet->int_prev = ifp; + } + ifnet = ifp; ifp->int_state = state; + ifp->int_net = ntohl(dst) & netmask; + ifp->int_mask = netmask; if (netmask == HOST_MASK) - ifp->int_if_flags = IFF_POINTOPOINT | IFF_UP_RUNNING; - else - ifp->int_if_flags = IFF_UP_RUNNING; - ifp->int_act_time = NEVER; - ifp->int_addr = gate; + ifp->int_if_flags |= IFF_POINTOPOINT; ifp->int_dstaddr = dst; - ifp->int_mask = netmask; - ifp->int_ripv1_mask = netmask; - ifp->int_std_mask = std_mask(gate); - ifp->int_net = ntohl(dst); - ifp->int_std_net = ifp->int_net & ifp->int_std_mask; - ifp->int_std_addr = htonl(ifp->int_std_net); + ifp->int_addr = gate; ifp->int_metric = metric; - if (!(state & IS_EXTERNAL) - && ifp->int_mask != ifp->int_std_mask) - ifp->int_state |= IS_SUBNET; - (void)sprintf(ifp->int_name, "%s(%s)", type, gname); + (void)sprintf(ifp->int_name, "%s-%s", type, naddr_ntoa(dst)); ifp->int_index = -1; - if_link(ifp); - } - - /* After all of the parameter lines have been read, - * apply them to any remote interfaces. - */ - for (ifp = ifnet; 0 != ifp; ifp = ifp->int_next) { get_parms(ifp); - tot_interfaces++; - if (!IS_RIP_OFF(ifp->int_state)) - rip_interfaces++; - trace_if("Add", ifp); } - - (void)fclose(fp); -} - - -/* strtok(), but honoring backslash - */ -static int /* 0=ok, -1=bad */ -parse_quote(char **linep, - char *delims, - char *delimp, - char *buf, - int lim) -{ - char c, *pc, *p; - - - pc = *linep; - if (*pc == '\0') - return -1; - - while (lim != 0) { - c = *pc++; - if (c == '\0') - break; - - if (c == '\\' && pc != '\0') { - if ((c = *pc++) == 'n') { - c = '\n'; - } else if (c == 'r') { - c = '\r'; - } else if (c == 't') { - c = '\t'; - } else if (c == 'b') { - c = '\b'; - } else if (c >= '0' && c <= '7') { - c -= '0'; - if (*pc >= '0' && *pc <= '7') { - c = (c<<3)+(*pc++ - '0'); - if (*pc >= '0' && *pc <= '7') - c = (c<<3)+(*pc++ - '0'); - } - } - - } else { - for (p = delims; *p != '\0'; ++p) { - if (*p == c) - goto exit; - } - } - - *buf++ = c; - --lim; - } -exit: - if (lim == 0) - return -1; - - *buf = '\0'; - if (delimp != 0) - *delimp = c; - *linep = pc-1; - return 0; -} - - -/* Parse password timestamp - */ -static char * -parse_ts(time_t *tp, - char **valp, - char *val0, - char *delimp, - char *buf, - u_int bufsize) -{ - struct tm tm; - - if (0 > parse_quote(valp, "| ,\n\r", delimp, - buf,bufsize) - || buf[bufsize-1] != '\0' - || buf[bufsize-2] != '\0') { - sprintf(buf,"bad timestamp %.25s", val0); - return buf; - } - strcat(buf,"\n"); - bzero(&tm, sizeof(tm)); - if (5 != sscanf(buf, "%u/%u/%u@%u:%u\n", - &tm.tm_year, &tm.tm_mon, &tm.tm_mday, - &tm.tm_hour, &tm.tm_min)) { - sprintf(buf,"bad timestamp %.25s", val0); - return buf; - } - if (tm.tm_year <= 37) - tm.tm_year += 100; - - if ((*tp = mktime(&tm)) == -1) { - sprintf(buf,"bad timestamp %.25s", val0); - return buf; - } - - return 0; } -/* Get a password, key ID, and expiration date in the format - * passwd|keyID|year/mon/day@hour:min|year/mon/day@hour:min - */ -static char * /* 0 or error message */ -get_passwd(char *tgt, - char *val, - struct parm *parmp, - u_char type, - int safe) /* 1=from secure file */ -{ - static char buf[80]; - char *val0, *p, delim; - struct auth k, *ap, *ap2; - int i; - u_long l; - - - if (!safe) - return "ignore unsafe password"; - - for (ap = parmp->parm_auth, i = 0; - ap->type != RIP_AUTH_NONE; i++, ap++) { - if (i >= MAX_AUTH_KEYS) - return "too many passwords"; - } - - bzero(&k, sizeof(k)); - k.type = type; - k.end = -1-DAY; - - val0 = val; - if (0 > parse_quote(&val, "| ,\n\r", &delim, - (char *)k.key, sizeof(k.key))) - return tgt; - - if (delim != '|') { - if (type == RIP_AUTH_MD5) - return "missing Keyid"; - } else { - val0 = ++val; - buf[sizeof(buf)-1] = '\0'; - if (0 > parse_quote(&val, "| ,\n\r", &delim, buf,sizeof(buf)) - || buf[sizeof(buf)-1] != '\0' - || (l = strtoul(buf,&p,0)) > 255 - || *p != '\0') { - sprintf(buf,"bad KeyID \"%.20s\"", val0); - return buf; - } - for (ap2 = parmp->parm_auth; ap2 < ap; ap2++) { - if (ap2->keyid == l) { - sprintf(buf,"duplicate KeyID \"%.20s\"", val0); - return buf; - } - } - k.keyid = (int)l; - - if (delim == '|') { - val0 = ++val; - if (0 != (p = parse_ts(&k.start,&val,val0,&delim, - buf,sizeof(buf)))) - return p; - if (delim != '|') - return "missing second timestamp"; - val0 = ++val; - if (0 != (p = parse_ts(&k.end,&val,val0,&delim, - buf,sizeof(buf)))) - return p; - if ((u_long)k.start > (u_long)k.end) { - sprintf(buf,"out of order timestamp %.30s", - val0); - return buf; - } - } - } - if (delim != '\0') - return tgt; - - bcopy(&k, ap, sizeof(*ap)); - return 0; -} - - -/* Parse a set of parameters for an interface. +/* parse a set of parameters for an interface */ char * /* 0 or error message */ -parse_parms(char *line, - int safe) /* 1=from secure file */ +parse_parms(char *line) { -#define PARS(str) (!strcasecmp(tgt, str)) -#define PARSEQ(str) (!strncasecmp(tgt, str"=", sizeof(str))) +#define PARS(str) (0 == (tgt = str, strcasecmp(tok, tgt))) +#define PARSE(str) (0 == (tgt = str, strncasecmp(tok, str "=", sizeof(str)))) #define CKF(g,b) {if (0 != (parm.parm_int_state & ((g) & ~(b)))) break; \ parm.parm_int_state |= (b);} +#define DELIMS " ,\t\n" struct parm parm; struct intnet *intnetp; - struct tgate *tg; - naddr addr, mask; - char delim, *val0, *tgt, *val, *p; - char buf[64]; + char *tok, *tgt, *p; - /* "subnet=x.y.z.u/mask,metric" must be alone on the line */ - if (!strncasecmp(line, "subnet=", sizeof("subnet=")-1) - && *(val = &line[sizeof("subnet=")-1]) != '\0') { + /* "subnet=x.y.z.u/mask" must be alone on the line */ + if (!strncasecmp("subnet=",line,7)) { intnetp = (struct intnet*)malloc(sizeof(*intnetp)); intnetp->intnet_metric = 1; - if ((p = strrchr(val,','))) { + if ((p = strrchr(line,','))) { *p++ = '\0'; intnetp->intnet_metric = (int)strtol(p,&p,0); if (*p != '\0' @@ -567,13 +363,13 @@ parse_parms(char *line, || intnetp->intnet_metric >= HOPCNT_INFINITY) return line; } - if (!getnet(val, &intnetp->intnet_addr, &intnetp->intnet_mask) + if (!getnet(&line[7], &intnetp->intnet_addr, + &intnetp->intnet_mask) || intnetp->intnet_mask == HOST_MASK || intnetp->intnet_addr == RIP_DEFAULT) { free(intnetp); return line; } - HTONL(intnetp->intnet_addr); intnetp->intnet_next = intnets; intnets = intnetp; return 0; @@ -582,58 +378,21 @@ parse_parms(char *line, bzero(&parm, sizeof(parm)); tgt = "null"; - for (;;) { - tgt = line + strspn(line, " ,\n\r"); - if (*tgt == '\0') - break; - - line += strcspn(tgt, "= ,\n\r"); - delim = *line; - if (delim == '=') { - val0 = ++line; - if (0 > parse_quote(&line," ,\n\r",&delim, - buf,sizeof(buf))) - return tgt; - } - if (delim != '\0') - *line++ = '\0'; - - if (PARSEQ("if")) { + for (tok = strtok(line, DELIMS); + tok != 0 && tok[0] != '\0'; + tgt = 0, tok = strtok(0,DELIMS)) { + if (PARSE("if")) { if (parm.parm_name[0] != '\0' - || strlen(buf) > IFNAMSIZ) - return tgt; - strcpy(parm.parm_name, buf); - - } else if (PARSEQ("addr")) { - /* This is a bad idea, because the address based - * sets of parameters cannot be checked for - * consistency with the interface name parameters. - * The parm_net stuff is needed to allow several - * -F settings. - */ - if (!getnet(val0, &addr, &mask) - || parm.parm_name[0] != '\0') - return tgt; - parm.parm_net = addr; - parm.parm_mask = mask; - parm.parm_name[0] = '\n'; - - } else if (PARSEQ("passwd")) { - /* since cleartext passwords are so weak allow - * them anywhere - */ - tgt = get_passwd(tgt,val0,&parm,RIP_AUTH_PW,1); - if (tgt) { - *val0 = '\0'; - return tgt; - } + || tok[3] == '\0' + || strlen(tok) > IFNAMSIZ+3) + break; + strcpy(parm.parm_name, tok+3); - } else if (PARSEQ("md5_passwd")) { - tgt = get_passwd(tgt,val0,&parm,RIP_AUTH_MD5,safe); - if (tgt) { - *val0 = '\0'; - return tgt; - } + } else if (PARSE("passwd")) { + if (tok[7] == '\0' + || strlen(tok) > RIP_AUTH_PW_LEN+7) + break; + strcpy(parm.parm_passwd, tok+7); } else if (PARS("no_ag")) { parm.parm_int_state |= (IS_NO_AG | IS_NO_SUPER_AG); @@ -649,18 +408,11 @@ parse_parms(char *line, } else if (PARS("ripv2_out")) { if (parm.parm_int_state & IS_NO_RIPV2_OUT) - return tgt; + break; parm.parm_int_state |= IS_NO_RIPV1_OUT; - } else if (PARS("ripv2")) { - if ((parm.parm_int_state & IS_NO_RIPV2_OUT) - || (parm.parm_int_state & IS_NO_RIPV2_IN)) - return tgt; - parm.parm_int_state |= (IS_NO_RIPV1_IN - | IS_NO_RIPV1_OUT); - } else if (PARS("no_rip")) { - CKF(IS_PM_RDISC, IS_NO_RIP); + parm.parm_int_state |= IS_NO_RIP; } else if (PARS("no_rdisc")) { CKF((GROUP_IS_SOL|GROUP_IS_ADV), IS_NO_RDISC); @@ -684,53 +436,47 @@ parse_parms(char *line, CKF((GROUP_IS_SOL|GROUP_IS_ADV), IS_NO_RDISC); parm.parm_int_state |= IS_NO_RIP; - } else if (PARSEQ("rdisc_pref")) { + } else if (PARSE("rdisc_pref")) { if (parm.parm_rdisc_pref != 0 - || (parm.parm_rdisc_pref = (int)strtoul(buf, &p,0), + || tok[11] == '\0' + || (parm.parm_rdisc_pref = (int)strtol(&tok[11], + &p,0), *p != '\0')) - return tgt; + break; } else if (PARS("pm_rdisc")) { - if (IS_RIP_OUT_OFF(parm.parm_int_state)) - return tgt; parm.parm_int_state |= IS_PM_RDISC; - } else if (PARSEQ("rdisc_interval")) { + } else if (PARSE("rdisc_interval")) { if (parm.parm_rdisc_int != 0 - || (parm.parm_rdisc_int = (int)strtoul(buf,&p,0), + || tok[15] == '\0' + || (parm.parm_rdisc_int = (int)strtol(&tok[15], + &p,0), *p != '\0') || parm.parm_rdisc_int < MinMaxAdvertiseInterval || parm.parm_rdisc_int > MaxMaxAdvertiseInterval) - return tgt; + break; - } else if (PARSEQ("fake_default")) { + } else if (PARSE("fake_default")) { if (parm.parm_d_metric != 0 - || IS_RIP_OUT_OFF(parm.parm_int_state) - || (parm.parm_d_metric = (int)strtoul(buf,&p,0), + || tok[13] == '\0' + || (parm.parm_d_metric=(int)strtol(&tok[13],&p,0), *p != '\0') || parm.parm_d_metric > HOPCNT_INFINITY-1) - return tgt; - - } else if (PARSEQ("trust_gateway")) { - if (!gethost(buf,&addr)) - return tgt; - tg = (struct tgate *)malloc(sizeof(*tg)); - tg->tgate_next = tgates; - tg->tgate_addr = addr; - tgates = tg; - parm.parm_int_state |= IS_DISTRUST; - - } else if (PARS("redirect_ok")) { - parm.parm_int_state |= IS_REDIRECT_OK; + break; } else { - return tgt; /* error */ + tgt = tok; + break; } } + if (tgt != 0) + return tgt; return check_parms(&parm); +#undef DELIMS #undef PARS -#undef PARSEQ +#undef PARSE } @@ -738,43 +484,38 @@ parse_parms(char *line, char * /* 0 or error message */ check_parms(struct parm *new) { - struct parm *parmp, **parmpp; - int i, num_passwds; + struct parm *parmp; + /* set implicit values */ + if (!supplier && supplier_set) + new->parm_int_state |= (IS_NO_RIPV1_OUT + | IS_NO_RIPV2_OUT + | IS_NO_ADV_OUT); if (new->parm_int_state & IS_NO_ADV_IN) new->parm_int_state |= IS_NO_SOL_OUT; - for (i = num_passwds = 0; i < MAX_AUTH_KEYS; i++) { - if (new->parm_auth[i].type != RIP_AUTH_NONE) - num_passwds++; - } + if ((new->parm_int_state & (IS_NO_RIP | IS_NO_RDISC)) + == (IS_NO_RIP | IS_NO_RDISC)) + new->parm_int_state |= IS_PASSIVE; /* compare with existing sets of parameters */ - for (parmpp = &parms; - (parmp = *parmpp) != 0; - parmpp = &parmp->parm_next) { + for (parmp = parms; parmp != 0; parmp = parmp->parm_next) { if (strcmp(new->parm_name, parmp->parm_name)) continue; - if (!on_net(htonl(parmp->parm_net), - new->parm_net, new->parm_mask) - && !on_net(htonl(new->parm_net), - parmp->parm_net, parmp->parm_mask)) + if (!on_net(htonl(parmp->parm_addr_h), + new->parm_addr_h, new->parm_mask) + && !on_net(htonl(new->parm_addr_h), + parmp->parm_addr_h, parmp->parm_mask)) continue; - for (i = 0; i < MAX_AUTH_KEYS; i++) { - if (parmp->parm_auth[i].type != RIP_AUTH_NONE) - num_passwds++; - } - if (num_passwds > MAX_AUTH_KEYS) - return "too many conflicting passwords"; - - if ((0 != (new->parm_int_state & GROUP_IS_SOL) - && 0 != (parmp->parm_int_state & GROUP_IS_SOL) - && 0 != ((new->parm_int_state ^ parmp->parm_int_state) - && GROUP_IS_SOL)) + if (strcmp(parmp->parm_passwd, new->parm_passwd) + || (0 != (new->parm_int_state & GROUP_IS_SOL) + && 0 != (parmp->parm_int_state & GROUP_IS_SOL) + && 0 != ((new->parm_int_state ^ parmp->parm_int_state) + && GROUP_IS_SOL)) || (0 != (new->parm_int_state & GROUP_IS_ADV) && 0 != (parmp->parm_int_state & GROUP_IS_ADV) && 0 != ((new->parm_int_state ^ parmp->parm_int_state) @@ -784,26 +525,17 @@ check_parms(struct parm *new) && new->parm_rdisc_pref != parmp->parm_rdisc_pref) || (new->parm_rdisc_int != 0 && parmp->parm_rdisc_int != 0 - && new->parm_rdisc_int != parmp->parm_rdisc_int)) { - return ("conflicting, duplicate router discovery" - " parameters"); - - } - - if (new->parm_d_metric != 0 - && parmp->parm_d_metric != 0 - && new->parm_d_metric != parmp->parm_d_metric) { - return ("conflicting, duplicate poor man's router" - " discovery or fake default metric"); - } + && new->parm_rdisc_int != parmp->parm_rdisc_int) + || (new->parm_d_metric != 0 + && parmp->parm_d_metric != 0 + && new->parm_d_metric != parmp->parm_d_metric)) + return "duplicate"; } - /* link new entry on the so that when the entries are scanned, - * they affect the result in the order the operator specified. - */ parmp = (struct parm*)malloc(sizeof(*parmp)); bcopy(new, parmp, sizeof(*parmp)); - *parmpp = parmp; + parmp->parm_next = parms; + parms = parmp; return 0; } @@ -814,13 +546,13 @@ check_parms(struct parm *new) */ int /* 0=bad */ getnet(char *name, - naddr *netp, /* a network so host byte order */ - naddr *maskp) /* masks are always in host order */ + naddr *addrp, /* host byte order */ + naddr *maskp) { int i; struct netent *np; - naddr mask; /* in host byte order */ - struct in_addr in; /* a network and so host byte order */ + naddr mask; + struct in_addr in; char hname[MAXHOSTNAMELEN+1]; char *mname, *p; @@ -841,19 +573,17 @@ getnet(char *name, if (np != 0) { in.s_addr = (naddr)np->n_net; } else if (inet_aton(name, &in) == 1) { - NTOHL(in.s_addr); - } else if (!mname && !strcasecmp(name,"default")) { - in.s_addr = RIP_DEFAULT; + HTONL(in.s_addr); } else { return 0; } - if (!mname) { + if (mname == 0) { /* we cannot use the interfaces here because we have not * looked at them yet. */ - mask = std_mask(htonl(in.s_addr)); - if ((~mask & in.s_addr) != 0) + mask = std_mask(in.s_addr); + if ((~mask & ntohl(in.s_addr)) != 0) mask = HOST_MASK; } else { mask = (naddr)strtoul(mname, &p, 0); @@ -861,22 +591,12 @@ getnet(char *name, return 0; mask = HOST_MASK << (32-mask); } - - /* must have mask of 0 with default */ if (mask != 0 && in.s_addr == RIP_DEFAULT) return 0; - /* no host bits allowed in a network number */ - if ((~mask & in.s_addr) != 0) - return 0; - /* require non-zero network number */ - if ((mask & in.s_addr) == 0 && in.s_addr != RIP_DEFAULT) - return 0; - if (in.s_addr>>24 == 0 && in.s_addr != RIP_DEFAULT) - return 0; - if (in.s_addr>>24 == 0xff) + if ((~mask & ntohl(in.s_addr)) != 0) return 0; - *netp = in.s_addr; + *addrp = in.s_addr; *maskp = mask; return 1; } @@ -895,12 +615,6 @@ gethost(char *name, * might be sick because routing is. */ if (inet_aton(name, &in) == 1) { - /* get a good number, but check that it it makes some - * sense. - */ - if (ntohl(in.s_addr)>>24 == 0 - || ntohl(in.s_addr)>>24 == 0xff) - return 0; *addrp = in.s_addr; return 1; } |