create a temporary neighbor instead of a permanent one when a request is received

7 files changed, 24 insertions, 18 deletions

diff --git a/usr.sbin/ripd/log.c b/usr.sbin/ripd/log.c
index e581250f667..f91405608f2 100644
--- a/usr.sbin/ripd/log.c
+++ b/usr.sbin/ripd/log.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: log.c,v 1.1 2006/10/18 16:11:58 norby Exp $ */
+/*	$OpenBSD: log.c,v 1.2 2006/10/31 23:43:11 michele Exp $ */
 
 /*
  * Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org>
@@ -169,6 +169,8 @@ nbr_state_name(int state)
 	switch (state) {
 	case NBR_STA_DOWN:
 		return ("DOWN");
+	case NBR_STA_REQ_RCVD:
+		return ("REQUEST RCVD");
 	case NBR_STA_ACTIVE:
 		return ("ACTIVE");
 	default:
diff --git a/usr.sbin/ripd/message.c b/usr.sbin/ripd/message.c
index e55bf08bb8f..7d86d174de8 100644
--- a/usr.sbin/ripd/message.c
+++ b/usr.sbin/ripd/message.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: message.c,v 1.2 2006/10/24 16:37:48 david Exp $ */
+/*	$OpenBSD: message.c,v 1.3 2006/10/31 23:43:11 michele Exp $ */
 
 /*
  * Copyright (c) 2006 Michele Marchetto <mydecay@openbeer.it>
@@ -172,7 +172,7 @@ send_request(struct packet_head *r_list, struct iface *i, struct nbr *nbr)
 		if (TAILQ_FIRST(r_list) == TAILQ_LAST(r_list, packet_head))
 			single_entry = 1;
 		while (((entry = TAILQ_FIRST(r_list)) != NULL) &&
-		    nentries < 25) {
+		    nentries < MAX_RIP_ENTRIES) {
 			afi = htons(AF_INET);
 
 			address = entry->rr->address.s_addr;
diff --git a/usr.sbin/ripd/neighbor.c b/usr.sbin/ripd/neighbor.c
index edd33019bc2..4dfcf5b3a76 100644
--- a/usr.sbin/ripd/neighbor.c
+++ b/usr.sbin/ripd/neighbor.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: neighbor.c,v 1.1 2006/10/18 16:11:58 norby Exp $ */
+/*	$OpenBSD: neighbor.c,v 1.2 2006/10/31 23:43:11 michele Exp $ */
 
 /*
  * Copyright (c) 2006 Michele Marchetto <mydecay@openbeer.it>
@@ -61,11 +61,13 @@ struct {
 	int		new_state;
 } nbr_fsm_tbl[] = {
     /* current state	event that happened	action to take		resulting state */
-    {NBR_STA_DOWN,	NBR_EVT_REQUEST_RCVD,	NBR_ACT_STRT_TIMER,	NBR_STA_ACTIVE},
+    {NBR_STA_DOWN,	NBR_EVT_REQUEST_RCVD,	NBR_ACT_NOTHING,	NBR_STA_REQ_RCVD},
     {NBR_STA_DOWN,	NBR_EVT_RESPONSE_RCVD,	NBR_ACT_STRT_TIMER,	NBR_STA_ACTIVE},
     {NBR_STA_ACTIVE,	NBR_EVT_RESPONSE_RCVD,	NBR_ACT_RST_TIMER,	NBR_STA_ACTIVE},
     {NBR_STA_ACTIVE,	NBR_EVT_REQUEST_RCVD,	NBR_ACT_NOTHING,	NBR_STA_ACTIVE},
     {NBR_STA_ACTIVE,	NBR_EVT_TIMEOUT,	NBR_ACT_DEL,		NBR_STA_DOWN},
+    {NBR_STA_REQ_RCVD,	NBR_EVT_RESPONSE_SENT,	NBR_ACT_DEL,		NBR_STA_DOWN},
+    {NBR_STA_ACTIVE,	NBR_EVT_RESPONSE_SENT,	NBR_ACT_NOTHING,	NBR_STA_ACTIVE},	
     {NBR_STA_ANY,	NBR_EVT_KILL_NBR,	NBR_ACT_DEL,		NBR_STA_DOWN},
     {-1,		NBR_EVT_NOTHING,	NBR_ACT_NOTHING,	0},
 };
@@ -73,6 +75,7 @@ struct {
 const char * const nbr_event_names[] = {
 	"RESPONSE RCVD",
 	"REQUEST RCVD",
+	"RESPONSE SENT",
 	"NBR TIMEOUT",
 	"NBR KILL",
 	"NOTHING"
@@ -202,7 +205,10 @@ nbr_act_del(struct nbr *nbr)
 	struct nbr_failed	*nbr_failed;
 	struct iface		*iface;
 
-	if (nbr->iface->auth_type == AUTH_CRYPT) {
+	/* If there is no authentication or it is just a route request
+	 * there is no need to keep track of the failed neighbors */
+	if (nbr->iface->auth_type == AUTH_CRYPT &&
+	    nbr->state != NBR_STA_REQ_RCVD) {
 		if ((nbr_failed = calloc(1, sizeof(*nbr_failed))) == NULL)
 			fatal("nbr_act_del");
 
diff --git a/usr.sbin/ripd/packet.c b/usr.sbin/ripd/packet.c
index 50a9ba6f789..e39bc20dae0 100644
--- a/usr.sbin/ripd/packet.c
+++ b/usr.sbin/ripd/packet.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: packet.c,v 1.3 2006/10/24 16:37:48 david Exp $ */
+/*	$OpenBSD: packet.c,v 1.4 2006/10/31 23:43:11 michele Exp $ */
 
 /*
  * Copyright (c) 2006 Michele Marchetto <mydecay@openbeer.it>
@@ -165,19 +165,14 @@ recv_packet(int fd, short event, void *bula)
 	/* switch RIP command */
 	switch (rip_hdr->command) {
 	case COMMAND_REQUEST:
+		/* Requests don't create a real neighbor, just a temporary
+		 * one to build the response.
+		 */
 		if ((msg.msg_flags & MSG_MCAST) == 0 && srcport == RIP_PORT)
 			return;
 
-		/* XXX: it would be better to not create a nbr on request
-		 * because this could lead to DoS even on a authenticated
-		 * environment.
-		 */
 		if (nbr == NULL) {
 			nbr = nbr_new(src.sin_addr.s_addr, iface, 0);
-			if (nbr_failed != NULL) {
-				nbr->auth_seq_num = nbr_failed->auth_seq_num;
-				nbr_failed_delete(iface, nbr_failed);
-			}
 			nbr->addr = src.sin_addr;
 		}
 		nbr->port = srcport;
diff --git a/usr.sbin/ripd/ripd.h b/usr.sbin/ripd/ripd.h
index 0e594645cc6..ebeda9617ad 100644
--- a/usr.sbin/ripd/ripd.h
+++ b/usr.sbin/ripd/ripd.h
@@ -1,4 +1,4 @@
-/*	$OpenBSD: ripd.h,v 1.2 2006/10/31 07:16:45 mcbride Exp $ */
+/*	$OpenBSD: ripd.h,v 1.3 2006/10/31 23:43:11 michele Exp $ */
 
 /*
  * Copyright (c) 2004 Esben Norby <norby@openbsd.org>
@@ -180,6 +180,7 @@ enum iface_type {
 
 /* neighbor states */
 #define NBR_STA_DOWN		0x01
+#define	NBR_STA_REQ_RCVD	0x02
 #define NBR_STA_ACTIVE		(~NBR_STA_DOWN)
 #define NBR_STA_ANY		0xff
 
diff --git a/usr.sbin/ripd/ripe.c b/usr.sbin/ripd/ripe.c
index 2da0d3311f3..1d760bb263a 100644
--- a/usr.sbin/ripd/ripe.c
+++ b/usr.sbin/ripd/ripe.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: ripe.c,v 1.2 2006/10/19 12:29:58 mcbride Exp $ */
+/*	$OpenBSD: ripe.c,v 1.3 2006/10/31 23:43:11 michele Exp $ */
 
 /*
  * Copyright (c) 2006 Michele Marchetto <mydecay@openbeer.it>
@@ -411,6 +411,7 @@ ripe_dispatch_rde(int fd, short event, void *bula)
 				break;
 			}
 			send_response(&nbr->rp_list, NULL, nbr);
+			nbr_fsm(nbr, NBR_EVT_RESPONSE_SENT);
 			break;
 		case IMSG_SEND_TRIGGERED_UPDATE:
 			if (imsg.hdr.len - IMSG_HEADER_SIZE != sizeof(struct
diff --git a/usr.sbin/ripd/ripe.h b/usr.sbin/ripd/ripe.h
index cf7b8a1ea94..b7ef8d9abb6 100644
--- a/usr.sbin/ripd/ripe.h
+++ b/usr.sbin/ripd/ripe.h
@@ -1,4 +1,4 @@
-/*	$OpenBSD: ripe.h,v 1.1 2006/10/18 16:11:58 norby Exp $ */
+/*	$OpenBSD: ripe.h,v 1.2 2006/10/31 23:43:11 michele Exp $ */
 
 /*
  * Copyright (c) 2006 Michele Marchetto <mydecay@openbeer.it>
@@ -33,6 +33,7 @@ char	*pkt_ptr;
 enum nbr_event {
 	NBR_EVT_RESPONSE_RCVD,
 	NBR_EVT_REQUEST_RCVD,
+	NBR_EVT_RESPONSE_SENT,
 	NBR_EVT_TIMEOUT,
 	NBR_EVT_KILL_NBR,
 	NBR_EVT_NOTHING