git.puffer.fish Git - mirror/frr.git/commit

author	Mobashshera Rasool <mrasool@vmware.com>
	Fri, 3 Sep 2021 11:52:23 +0000 (04:52 -0700)
committer	Mobashshera Rasool <mrasool@vmware.com>
	Fri, 3 Sep 2021 13:44:39 +0000 (06:44 -0700)
commit	44d1115ad6e7c01090d95480a27bd4484c91ffc5
tree	28f51c8aebdc69a7dec4eaa8cd185be047124647	tree \| snapshot
parent	3cb67fef98c9869a2d2f3bf1be86c3b29cb0405e	commit \| diff

ospfd: ANVL Test case 25.22, 25.23 and 28.11 fixes

ANVL Test case 28.11
If the database copy has LS age equal to MaxAge and LS sequence number
equal to MaxSequenceNumber, simply discard the received LSA
without acknowledging it.

ANVL Test Case 25.22
When an attempt is made to increment the sequence number past the maximum
value of N - 1 (0x7fffffff; also referred to as MaxSequenceNumber),
the current instance of the LSA must first be flushed from the routing domain.

ANVL Test Case 25.23
As soon as this flooding of a LSA with LS sequence number MaxSequenceNumber
has been acknowledged by all adjacent neighbors, a new instance can be
originated with sequence number of InitialSequenceNumber.

RCA:
When IXIA sent LS Seq num as MAX and LS Age as (MAX - 3),
DUT dropped the packet instead of sending ACK.
In function ospf_ls_upd, at Line 2106 the code is there to drop the LSA.
Hence its failing.

Fix:
LSAs ACK must be sent when received LSA is having max sequence number
but not max-aged.
Considering /* CVE-2017-3224 */ issue, have corrected the existing
code to prevent attacker from sending LSAs with max sequence number
and higher checksum and blocking the flooding of the Max-sequence numbered LSAs.

Signed-off-by: Mobashshera Rasool <mrasool@vmware.com>

ospfd/ospf_lsa.h		diff \| blob \| history
ospfd/ospf_packet.c		diff \| blob \| history