Age | Commit message (Collapse) | Author |
|
Fixes a pfctl crash with an anchor name containing
an embedded nul found with the afl fuzzer.
pfctl parse.y patch from and ok deraadt@
|
|
ok deraadt@ millert@ tedu@
|
|
No yyerror() calls needed to be changed.
ok bluhm@
|
|
format string, create a temporary message.
OK claudio@
|
|
ok millert@
|
|
ok claudio@
|
|
ok claudio@
|
|
ok henning@
|
|
inconsistent usage in route(8) noted by Gregor Best (gbe (at) ring0.de)
|
|
default permissions and mtree NOT changed.
prodded by benno, ok phessler benno jmatthew theo pelikan florian
|
|
|
|
found by millert@, ok deraadt@
|
|
|
|
|
|
a single generic function.
|
|
functions into a single generic function.
Add a few error checks and implement parsing of optional tlvs.
Putting it all together helps avoid to code duplication and improve
maintainability.
|
|
After discussing with claudio@ we came to the conclusion that it's
more safe to ignore the default route and don't bind a label for
it.
OK @claudio
|
|
if_del(): this function is always called after an IF_EVT_DOWN event so
there's no need to cleanup things here;
nbr_new(): C structs shouldn't be copied directly.
OK claudio@
|
|
There's no need the pass a whole lde_nbr structure as argument if we
want only the neighbor IP address.
Also, remove the lde_nbr_del() prototype on lde.h because it's a
duplicate.
OK claudio@
|
|
OK claudio@
|
|
OK claudio@
|
|
OK claudio@
|
|
OK claudio@
|
|
on runtime, the ldpd_conf structure used should be passed as an
argument to avoid segfaults.
|
|
Add more sanity checks and send proper notification messages on error
conditions.
OK claudio@
|
|
OK claudio@
|
|
|
|
|
|
|
|
|
|
* Send an extra Hello message before attempting to connect to a remote
peer to guarantee that it formed an adjacency with us as well;
* Don't wait for the first timeout to send the first Hello message.
Both tricks together will allow for fast session establish since with both
optimizations passive role neighbors can open the connection immediatly by
sending and receiving the hellos at the same time as the TCP session.
From Renato Westphal
|
|
it belongs only _after_ receiving an Initialization message containing
the information we need. Before an Initialization message is received,
the TCP connection shouldn't be associated with any neighbor/adjacency.
Therefor refactor that part into a own module.
From Renato Westphal
|
|
|
|
From Renato Westphal
|
|
Refactor adjacencies out of the neighbor handling so that it is possible to
have more complex topologies with targeted sessions.
From Renato Westphal
|
|
According with the section 2.5.3 of RFC 5036, an LSR must throttle its
session setup retry attempts with an exponential backoff in situations
where Initialization messages are being NAK'd (because of disagreements
on session parameters). It doesn't mention using this procedure for TCP
connection failures. With that said, start the inactive delay timer only
after receiving an appropriate notification message.
When playing the active role of the initialization process, throttle the
session setup retry attempts by not connecting to the remote peer. When
playing the passive role, throttle the session setup retry attempts by
delaying the processing of the received Initialization message.
Diff by Renato Westphal, adjusted by myself
|
|
* Remove the unused NBR_EVT_DOWN event;
* Print the FSM transitions before performing the appropriate actions. In
this way nested calls to nbr_fsm() won't print the state transitions in
reverse order;
* When playing the active role of the initialization process, transition
from NBA_STA_PRESENT to NBR_STA_INITIAL before going to NBR_STA_OPENSENT;
* Call session_shutdown() on nbr_ktimeout() to remove duplicated code;
* Notify the lde process when a neighbor is deleted (discovery timeout);
* Fix a few memory leaks on nbr_del().
Diff from Renato Westphal.
|
|
The 'ldpd_process' variable should be set as soon as possible in the
initialization of each process. In that way if something goes wrong in
the initialization we will know in which process the problem happened.
Diff by Renato Westphal
|
|
Renato Westphal. Diff by Renato Westphal
|
|
Unlike OSPF, LDP has no concept of intermediate states. A session is
either operational or not operational as far as the label distribution
engine (lde) is concerned. In this case, the IMSG_NEIGHBOR_UP and
IMSG_NEIGHBOR_DOWN messages are enough.
Diff by Renato Westphal
|
|
The "fib-update" directive wasn't accepting "no" as an option.
Diff by Renato Westphal
|
|
interfaces to guarantee PHP. With this 'fib-update no' is not totaly
broken because of missing mappings for the loopbacks.
Diff by Renato Westphal
|
|
This replaces the way addresses and interface are chained together.
In ospfd there was a 1 to 1 mapping (with iface clones) but LDP does
not have that limitation.
Diff from Renato Westphal
|
|
super verbose mode.
From Renato Westphal
|
|
|
|
to send a keepalive packet when a other PDU was sent out.
Also add a missing NBR_EVT_PDU_RCVD call to recv_address() which restarts
the session keepalive timeout. All other places already do that.
Diff by Renato Westphal
|
|
interface.
Remove the iface pointer from the 'nbr' structure because it's not
needed anymore.
Diff from Renato Westphal
|
|
* Don't try to send a Shutdown message if the connection is already
closed or a read error occured;
* As per RFC 5036, send a Shutdown message if an unexpected message is
received during the initialization process;
* Check if the whole LSR ID of received messages is correct;
* On ldpe_dispatch_main(), ignore the messages from the lde process
whose associated neighbor is not in the operational state.
Diff from Renato Westphal
|
|
Support for per-interface labelspaces is only necessary for legacy ATM/FR
interfaces running in cell-mode. We shouldn't worry about this.
For platform-wide label spaces the label space id is always 0.
Diff by Renato Westphal
|
|
Support for passive interfaces was inherited from ospfd but it doesn't
make any sense at all for ldpd.
Diff from Renato Westphal
|