- 30 May, 2021 14 commits
-
-
Antonin Décimo authored
-
Julien Muchembled authored
Nodes with default mac-verify would not accept packets from nodes with non-default mac-verify. Co-authored-by: Julien Muchembled <jm@jmuchemb.eu> Co-authored-by: Antonin Décimo <antonin.decimo@gmail.com>
-
Antonin Décimo authored
Don’t call `start_message()` since it may cause an infinite loop.
-
Antonin Décimo authored
The exact narration is implemented, with all the specified optimisations. - neighbour creation is delayed; - if multiple PCs are found, only the first one is processed, the remaining ones are be silently ignored; - a node ignores all challenge requests contained in a packet except the last one; - and it ignores a challenge request in the case where it is contained in a packet with an Index that matches the one in the Neighbour Table and a PC that is smaller or equal to the one contained in the Neighbour Table.
-
Antonin Décimo authored
s/crypto seqno/pc/g s/challenge response/challenge reply/g s/challenge req/challenge request/g
-
Antonin Décimo authored
-
Antonin Décimo authored
-
Antonin Décimo authored
-
Antonin Décimo authored
Macros starting with __ are reserved for the implementation, it should not appear in code.
-
Antonin Décimo authored
-
Antonin Décimo authored
-
Antonin Décimo authored
-
Antonin Décimo authored
-
Juliusz Chroboczek authored
-
- 20 May, 2021 16 commits
-
-
Juliusz Chroboczek authored
We used to accept packets signed by any key.
-
Etienne MARAIS authored
-
Juliusz Chroboczek authored
-
Juliusz Chroboczek authored
This was completely wrong.
-
Juliusz Chroboczek authored
Also rename DIGEST_LEN to MAX_DIGEST_LEN.
-
Juliusz Chroboczek authored
-
Juliusz Chroboczek authored
-
Antonin Décimo authored
-
Antonin Décimo authored
-
Etienne MARAIS authored
Flag to allow empty or wrong hmac in the packet trailer.
-
Juliusz Chroboczek authored
-
Juliusz Chroboczek authored
-
Juliusz Chroboczek authored
Known issues: - we create a neighbour entry before the first successful challenge; - we compute HMAC for each HMAC TLV rather than just once; - we only support sending one HMAC TLV; - we don't support key rotation. Co-authored-by: Clara Do <clarado_perso@yahoo.fr> Co-authored-by: Weronika Kolodziejak <weronika.kolodziejak@gmail.com>
-
Juliusz Chroboczek authored
-
Juliusz Chroboczek authored
-
Juliusz Chroboczek authored
-
- 25 Apr, 2021 1 commit
-
-
Juliusz Chroboczek authored
-
- 24 Apr, 2021 1 commit
-
-
Antonin Décimo authored
This is triggered when flushing an interface. 4 bytes in 1 blocks are definitely lost in loss record 1 of 6 at 0x483A77F: malloc (vg_replace_malloc.c:307) by 0x11155E: check_interface_ipv4 (interface.c:161) by 0x110FCD: interface_updown (interface.c:460) by 0x1116E2: check_interfaces (interface.c:550) by 0x10AFAA: main (babeld.c:546)
-
- 23 Apr, 2021 1 commit
-
-
Juliusz Chroboczek authored
RFC 8966 Section 3.2.6 says that the route table is indexed by triples of the form (prefix, plen, neigh). Our indexing used to be incorrect, we'd sometimes include the next hop address, which made it impossible to interpret retractions with no next hop.
-
- 16 Jan, 2021 1 commit
-
-
Nick Hainke authored
The kind-definitions are contained in the header file: LOCAL_FLUSH 0 LOCAL_ADD 1 LOCAL_CHANGE 2 The function (local_kind) that converts them into strings again is private. New addons (for example openwrt ubus bindings) that make use of babeld should also use the same function to convert the kind to string format. This allows to ensure uniformity over all addons. Signed-off-by: Nick Hainke <vincent@systemli.org>
-
- 20 Dec, 2020 3 commits
-
-
Juliusz Chroboczek authored
This reverts commit 580257c7.
-
Juliusz Chroboczek authored
Thanks to Fabian Blaese.
-
Martin Weinelt authored
Setting sysctls is not allowed for unprivileged users, so let's not try to set per interface rp_filter when `skip-kernel-setup` is set. After this change babeld can run as an unprivileged users with CAP_NET_ADMIN. The user needs to take care of setting up the sysctls themselves.
-
- 10 Oct, 2020 3 commits
-
-
Juliusz Chroboczek authored
This means we no longer need to keep source-specific routes at the beginning, so remove the debugging check (which should never have made it into production anyway).
-
Juliusz Chroboczek authored
-
Juliusz Chroboczek authored
-