From os@brain.cc.rsu.ru  Tue Mar 12 23:52:03 2002
Return-Path: <os@brain.cc.rsu.ru>
Received: from brain.cc.rsu.ru (brain.cc.rsu.ru [195.208.252.154])
	by hub.freebsd.org (Postfix) with ESMTP id 623D237B404
	for <FreeBSD-gnats-submit@freebsd.org>; Tue, 12 Mar 2002 23:51:53 -0800 (PST)
Received: (from os@localhost)
	by brain.cc.rsu.ru (8.11.6/8.11.4) id g2D7pfb06812;
	Wed, 13 Mar 2002 10:51:41 +0300 (MSK)
	(envelope-from os)
Message-Id: <200203130751.g2D7pfb06812@brain.cc.rsu.ru>
Date: Wed, 13 Mar 2002 10:51:41 +0300 (MSK)
From: Oleg Sharoiko <os@rsu.ru>
Reply-To: Oleg Sharoiko <os@rsu.ru>
To: FreeBSD-gnats-submit@freebsd.org
Cc:
Subject: [PATCH] MD5 auth implemented in routed is incompatible with cisco's/zebra'a/rfc
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         35843
>Category:       bin
>Synopsis:       [PATCH] MD5 auth implemented in routed is incompatible with cisco's/zebra'a/rfc
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    bms
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Wed Mar 13 00:00:08 PST 2002
>Closed-Date:    Thu Feb 26 00:56:08 PST 2004
>Last-Modified:  Thu Feb 26 00:56:08 PST 2004
>Originator:     Oleg Sharoiko
>Release:        FreeBSD 4.5-STABLE i386
>Organization:
Computer Center of Rostov State University
>Environment:
System: FreeBSD brain.cc.rsu.ru 4.5-STABLE FreeBSD 4.5-STABLE #0: Tue Feb 19 08:52:13 GMT 2002 os@make.cc.rsu.ru:/usr/obj/usr/src/sys/brain.k7.RELENG_4.2002-02-19 i386


	
>Description:
While computing MD5 digest of RIPv2 packet routed skips two fileds.
Due to this routed is unable to communicate with cisco and zebra routers if the authenticaction is enabled.
	
>How-To-Repeat:
Enable RIPv2 with MD5 auth in cisco router similar to the following:

key chain RIPKey
 key 0
  key-string SomePass

interface FastEthernet0/0.1
 ip rip authentication mode md5
 ip rip authentication key-chain RIPKey

router rip
 version 2
 network 10.0.0.0

The enable RIPv2 with MD5 auth in routed.
Sample /etc/gateways (don't forget to chmod 0600 /etc/gateways as routed checks file mode):
md5_passwd=SomePass|0
ripv2

check the debug of cisco and routed
cisco: debug ip rip 
routed: routed -d -t -t -t -t -t

	
>Fix:

Patches bellow solve the problem.
One adds #define RIP_AUTH_HDR_LEN 4 to the include/protocols/routed.h
Another one modifies routed.

	

--- routed.diff begins here ---
--- include/protocols/routed.h	Sun Sep  5 17:43:31 1999
+++ include/protocols/routed.h	Wed Feb 27 11:58:16 2002
@@ -84,6 +84,7 @@
 
 /* RIPv2 authentication */
 struct netauth {
+#define     RIP_AUTH_HDR_LEN 4
 	u_int16_t   a_family;		/* always RIP_AF_AUTH */
 	u_int16_t   a_type;
 #define	    RIP_AUTH_NONE   0
--- sbin/routed.org/input.c	Wed Feb 20 10:48:56 2002
+++ sbin/routed/input.c	Wed Feb 20 11:15:21 2002
@@ -967,7 +967,7 @@
 			 */
 			if (TRACEPACKETS) {
 				if (NA->au.a_md5.md5_auth_len
-				    != RIP_AUTH_MD5_LEN)
+				    != RIP_AUTH_HDR_LEN + RIP_AUTH_MD5_LEN)
 					msglim(use_authp, from,
 					       "unknown MD5 RIPv2 auth len %#x"
 					       " instead of %#x from %s",
@@ -989,7 +989,7 @@
 			}
 
 			MD5Init(&md5_ctx);
-			MD5Update(&md5_ctx, (u_char *)rip, len);
+			MD5Update(&md5_ctx, (u_char *)rip, len+RIP_AUTH_HDR_LEN);
 			MD5Update(&md5_ctx, ap->key, RIP_AUTH_MD5_LEN);
 			MD5Final(hash, &md5_ctx);
 			if (!memcmp(hash, na2->au.au_pw, sizeof(hash)))
--- sbin/routed.org/output.c	Wed Feb 20 10:47:48 2002
+++ sbin/routed/output.c	Wed Feb 20 10:50:01 2002
@@ -303,7 +303,7 @@
 	na2->a_type = htons(1);
 	na->au.a_md5.md5_pkt_len = htons(len);
 	MD5Init(&md5_ctx);
-	MD5Update(&md5_ctx, (u_char *)wb->buf, len);
+	MD5Update(&md5_ctx, (u_char *)wb->buf, len + RIP_AUTH_HDR_LEN);
 	MD5Update(&md5_ctx, ap->key, RIP_AUTH_MD5_LEN);
 	MD5Final(na2->au.au_pw, &md5_ctx);
 	wb->n++;
--- routed.diff ends here ---


>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-bugs->maxim 
Responsible-Changed-By: maxim 
Responsible-Changed-When: Wed Mar 13 03:29:25 PST 2002 
Responsible-Changed-Why:  
I have given a promise to look at it. 

http://www.FreeBSD.org/cgi/query-pr.cgi?pr=35843 

From: Oleg Sharoiko <os@rsu.ru>
To: freebsd-gnats-submit@FreeBSD.org
Cc:  
Subject: Re: bin/35843: [PATCH] MD5 auth implemented in routed is incompatible
 with cisco's/zebra'a/rfc
Date: Mon, 4 Nov 2002 10:54:34 +0300 (MSK)

 Hello!
 
 Please upgrade routed to the lateset version (2.27)
 http://www.rhyolite.com/src/
 
 The problem has been fixed there.
 
 -- 
 Oleg Sharoiko.
 Software and Network Engineer
 Computer Center of Rostov State University.
 
State-Changed-From-To: open->feedback 
State-Changed-By: bms 
State-Changed-When: Wed Feb 25 15:48:56 PST 2004 
State-Changed-Why:  
We just imported rhyolite.com routed v2.27 with the MD5 update. 

Please let me know if this fixes your problem. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=35843 
Responsible-Changed-From-To: maxim->bms 
Responsible-Changed-By: bms 
Responsible-Changed-When: Wed Feb 25 17:11:33 PST 2004 
Responsible-Changed-Why:  
I'll take this as my starter for 10 

http://www.freebsd.org/cgi/query-pr.cgi?pr=35843 
State-Changed-From-To: feedback->closed 
State-Changed-By: bms 
State-Changed-When: Thu Feb 26 00:55:55 PST 2004 
State-Changed-Why:  
Closed at submitter's request. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=35843 
>Unformatted:
