nhrpd: fix passphrase handling, add topotest for resolution request (backport #17115) #17345
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![mergify[bot]](https://avatars.githubusercontent.com/in/10562?s=60&v=4){kind=small}
Modified nhrp_topo topotest to test for newly added resolution request retry feature. Changes to the topotest include adding a spoke to the existing nhrp_topo topotest so that a topology with two spokes and hub can be used to create shortcuts and test the sending/resending of resolution requests and responses between spoke and hub. The resolution request retry feature was tested by blocking incoming resolution requests on a receiving nodes to stop the creation of a successful shortcut - which then triggered the sending spoke to retry sending resolution requests Signed-off-by: Joshua Muthii <[email protected]> (cherry picked from commit d599aa1)
Modified nhrp_connection_authorized(). Initially, when writing debug information about incoming NHRP packets with authentication enabled, the nhrp_connection_authorized() function would print the passphrase of the incoming packet as if it were a null terminated string. This meant that if the passphrase on the incoming packet had non ASCII-complient bytes in it, it would attempt to print those bytes anyway. There was also no check that the size of the passphrase in the incoming packet matched the size of the passphrase on the interface. The changes in this commit log the passphrase on the incoming packet as well as the passphrase on interface in HEX to avoid issues with ASCII. It also performs a check that accounts for the sizes of the two different passphrases Moved CISCO_PASS_LENGTH_LEN from nhrp_vty.c to nhrp_protocol.h for easier access to the macro in other files Signed-off-by: Joshua Muthii <[email protected]> (cherry picked from commit 5718ee3)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Modified nhrp_topo topotest to test for newly added resolution request retry feature
Modified nhrp_connection_authorized() function so that debugging messages don't read into NHRP authentication extension as if it were a null-terminated string - which can lead to printing of non ASCII-compliant bytes.
Moved CISCO_PASS_LENGTH_LEN from nhrp_vty.c to nhrp_protocol.h for easier access to the macro in other files
This is an automatic backport of pull request #17115 done by Mergify.