use underscore in key name for libubox/jshn.sh compat
Fix: openwrt/luci/issues/6342
Fix: openwrt/routing/issues/966
Signed-off-by: Patrick Grimm <patrick@lunatiki.de>
Announcement:
https://alioth-lists.debian.net/pipermail/babel-users/2023-July/004100.html
Babeld removed diversity routing [0], so we need to adjust ubus
bindings. Further. we need to add a patch that makes local_kind
accessible again: "100-local-make-local_kind-function-accessible.patch"
Refresh patches:
- 600-add-ubus.patch
[0] - a081608335
Signed-off-by: Nick Hainke <vincent@systemli.org>
Changelog:
916d3d9 Update CHANGES for babeld-1.12.1
3d8aec4 Schedule an interface check after adding an interface.
f13602b Split last PC into unicast and multicast values
Signed-off-by: Nick Hainke <vincent@systemli.org>
Changelog:
5 May 2022: babeld-1.12
* Implement v4-via-v6 routing (RFC 9229), which allows a router with
IPv4 addresses only to route IPv4. Thanks to Théophile Bastian.
* Enable extended Netlink acks when available.
Thanks to Toke Høyland-Jørgensen.
* Fix restoring of interface configuration to avoid unbounded memory
consumption. Thanks to andrew-hoff.
* Fix handling of deny filters in the install chain.
Refreshed patches:
- 600-add-ubus.patch
Signed-off-by: Nick Hainke <vincent@systemli.org>
30 March 2022: babeld-1.11
* Implemented MAC authentication (RFC 8967). Thanks to Clara Dô,
Weronika Kołodziejak and Antonin Décimo.
* Changed the interface of the add_filter function in order to simplify
integration in OpenWRT. Thanks to Nick Hainke.
Detailed List:
7c053fe Export add_filters and simplify interface.
91c44f8 Rename blake2s to blake2s128.
dda8d63 Update CHANGES.
43a0066 Allow Blake2s keys up to 32 bytes.
375ea5f Rename interface option hmac to key.
1b9abc4 Replace hmac-verify with accept-bad-signatures.
3777eb4 Ignore .gitmodules when releasing an archive.
3551b45 Simplify and fix preparse phase.
ba8f116 Add rate limitations for challenges.
6d44238 Show PC number.
ceda3a0 Expire Index and challenge timer.
d66a4d2 Ignore a Challenge Request received on multicast.
024c17a Fix confusion between INDEX_LEN and NONCE_LEN when sending PC TLV.
ceb021f Fix double-free in error path.
1e08aed Change no_hmac_verify to hmac-verify.
c7ad387 Use 'hmac-sha256' and not 'sha256'.
5a15957 Fix nodes incorrectly rejecting packets.
af02039 Append a PC message if Babel-MAC is enabled.
46fc7da Follow the spec closely for the preparse phase.
87f39d0 Rename MAC functions and constants to match the spec.
02b14e3 Helpful error messages in key configuration.
d763f3e Error if configured key can't be found.
3cb0ab7 Use RFC3542 for IPv6 on macOS.
69df1cb Use _GNU_SOURCE instead of __USE_GNU.
ef3a113 Don't copy nonce, suppress VLA.
c243769 Move key validation in parse_key.
b06b2fc Constify source argument of fromhex.
9529941 Use AUTH_TYPE_NONE consistently.
d922b64 Document the HMAC options in manual page.
0c4afc2 Only allow keys configured on a given interface.
7de6715 Create neighbour after checking HMAC.
ecd1f42 Fix typo in compare_hmac.
9a5de34 Fix HMAC-SHA-256 computation.
f1051fd Fix constants to be consistent with SHA-256.
9688b68 Fix memory leaks in error-handling paths in configuration parser.
4d8a831 Fix some more (read-only) buffer overflows.
ebda926 Fix potential memory leaks.
d53fec0 Use AUTH_TYPE_* consistently.
a1afd51 Add no_hmac_verify flag.
b4e28f2 Fix ordering of fields in pseudo-header.
c8ace8b Use IANA-assigned TLV numbers.
739f76a Implement HMAC authentication.
e3adf47 Compile with SHA-256 and Blake2s.
ca0a512 Add SHA-2 and Blake2 submodules.
756783e Untabify
Remove upstreamed patches:
- 000-export-add-filters-and-simplify-interface.patch
Signed-off-by: Nick Hainke <vincent@systemli.org>
You can define filter functions in babeld by:
in if eth0 metric 128
This commit adds the ubus equivalent to dynamically add filter on
runtime:
ubus call babeld add_filter '{"ifname":"eth0", "type":"input",
"metric":128}'
Signed-off-by: Nick Hainke <vincent@systemli.org>
There is an unused variable in the function. Remove it.
Fixes: 3852004435 ("babeld: add add_interface function").
Signed-off-by: Nick Hainke <vincent@systemli.org>
An interface can be added dynmiacally to babeld by starting babeld with
the local management interface (-G) and saying:
interface eth0
Add the ubus equivalent of this function:
ubus call babeld add_interface '{"ifname":"eth0"}'
Signed-off-by: Nick Hainke <vincent@systemli.org>
For some reason the buffer is initialized twice before filling it.
This does not break anything but is useless. Reduce the initialization
to only one.
Signed-off-by: Nick Hainke <vincent@systemli.org>
As Felix mentioned:
If a buffer was already allocated, blob_buf_init reuses it. You can
keep reusing it as many times as you want. You only need to call
blob_buf_free if you explicitly want to free the buffer memory
(e.g. on exit, or if the blob_buf is on stack).
http://lists.openwrt.org/pipermail/openwrt-devel/2021-October/036722.html
This PR frees the blob-buffers that are on the stack.
Signed-off-by: Nick Hainke <vincent@systemli.org>
I am maintaining the ubus bindings and also the luci-app-babeld.
I am very glad that ubus is included and that is why I do not want
babeld maintainer to have extra work.
Signed-off-by: Nick Hainke <vincent@systemli.org>
25 April 2021: babeld-1.10
* Removed the disambiguation code: source-specific routing is no longer
supported for IPv4, and for IPv6 only on Linux 3.11 or later.
* Fixed an issue handling of retractions with no next hop, which caused
interoperability problems with BIRD. Thanks to Fabian Bläse.
* If skip-kernel-setup is set, we no longer disable the rp_filter, which
makes babeld work in containers. Thanks to Martin Weinelt.
Remove upstreamed part of ubus patch:
- local: make local_kind function accessible
Signed-off-by: Nick Hainke <vincent@systemli.org>
babeld: adopt to upstream header-style
Instead of including the headerfiles that define the structs, we add
forward definitions to our headerfile.
Fixes warning:
ubus.h:67:32: warning: 'struct xroute' declared inside parameter list will not be visible outside of this definition or declaration
void ubus_notify_xroute(struct xroute *xroute, int kind);
^~~~~~
Signed-off-by: Nick Hainke <vincent@systemli.org>
babeld: fix compiler warnings
Fixes:
- "route_list_entry" points to "struct babel_route"
- "format_thousands" returns a string pointer
- "UBUS_METHOD_NOARG" wants a function returning an integer
Signed-off-by: Nick Hainke <vincent@systemli.org>
* babeld: send events via ubus
Send a notification via the ubus bus if we experience any changes in
neighbours, routes or xroutes.
The format looks like this:
{route,xroute,neighbour}.add: Object was added
{route,xroute,neighbour}.change: Object was changed
{route,xroute,neighbour}.flush: Object was flushed
If ubus_bindings is turned off, it will minimally effect performance,
since only an if-statement has to be evaluated.
If no subscriber is available, it will minimally change the performance,
since only an if-statmenet that checks for subscribers has to be
evaluated.
Signed-off-by: Nick Hainke <vincent@systemli.org>
21 April 2020: babeld-1.9.2
* Fixed two issues that could cause IPv4 routes to be represented
incorrectly, with a range of confusing symptoms. Thanks to
Fabian Bläse.
* Fixed incorrect parsing of TLVs with an unknown Address Encoding.
Thanks to Théophile Bastian.
* Fixed access to mis-aligned data structure. Thanks to Antonin Décimo.
Signed-off-by: Fabian Bläse <fabian@blaese.de>
More example filters are provided, and new options such as "type" or
"pref_src" are given as example.
Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org>
20 August 2019: babeld-1.9.1
* Fixed a crash that could happen when unicast and RTT estimation are
both enabled on an interface. Thanks to Dave Taht.
* Fixed compilation under BSD. Thanks to Dave Taht.
4 August 2019: babeld-1.9.0
* Reworked buffering of unicast packets to use a per-neighbour buffer
rather than a single buffer per interface. This makes unicast as
efficient as multicast, at the cost of slightly higher memory usage.
* Added option "unicast" that allows sending most TLVs over unicast.
This is necessary for the DTLS extension.
* Implemented parsing of unicast Hellos. This makes it possible to
interoperate with neighbours that only speak unicast (e.g. over some
kinds of tunnels that only do unicast).
* Implemented sending of unscheduled unicast Hellos. This makes the
RTT extension work over unicast too.
* Reworked the xroute data structures to use binary search and
linear-time comparison.
* Don't attempt to modify the rp_filter sysctl if it already has the
desired value; this makes it possible to run babeld in an
unpriviledged container. Thanks to Christof Schulze.
* Reinstated logging of late hellos. Thanks to Dave Taht.
* Don't send wildcard requests or Hellos to newish nodes. This makes
acquisition of new neighbours slower, but drastically reduces noise at
startup. Thanks to Teco Boot.
* Remove an arbitrary limit on the number of interfaces. Thanks to
Christof Schulze.
* Removed class E from martian filter. Thanks to Dave Taht.
* Added the ability to set the preferred source address in install filters.
Thanks to Killian Lufau.
* Fixed a number of read-only buffer overflows. Thanks to Leo Stefanesco.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
This applies some style improvements to make this ready for
migration to openwrt/packages.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Changes:
* Fixed a bug that caused confustion between learned routes and
imported routes (thanks to Fabian Bläse).
* Fixed a bug that prevented install filters from being evaluated
(thanks to Killian Lufau).
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Killing anything with -9 is a bad idea. When killed this way, babeld
won't be able to properly disassociate from its neighbours, withdraw its
announced routes or remove routes from the kernel.
This got introduced in bab933d4ca ("babeld: Update to version 1.8.3 +
fix init") with an unrelated change. The purpose of the change is unclear
because stopping and restarting babeld worked fine without this change.
Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org>
9 November 2018: babeld-1.8.4
* Fixed a bug that discarded pipelined commands received on the local
configuration interface.
* Added the per-interface option rfc6126-compatible.
Signed-off-by: Robert Marko <robimarko@gmail.com>
24 September 2018: babeld-1.8.3
* Fixed a read-only two byte buffer overflow in the packet parser.
This is a read-only overflow, and hence most probably not exploitable.
* Fixed an issue with creating unreachable routes on recent kernels
(4.16 and up). Thanks to Christof Schulze.
* Notice interface changes faster by listening to more netlink events.
Thanks to Christof Schulze.
* Fixed a local interface issue when an interface has no link-local
address. Thanks to Christof Schulze.
Also, the init script was edited to kill babeld on stop; restart works properly now, as well.
Signed-off-by: Michael Adams <unquietwiki@gmail.com>
This is a very basic cleanup, several packages needs more work
but this at least drops git for https and removes the use of
PKG_MD5SUM and some minor fixes.
Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
It makes the init script more readable. It has been more than two years
since babeld 1.5.1, let's hope nobody is still using the old
(undocumented) option names.
Incidentally, this commit fixes support for the "conf_dir" option,
introduced by ac643416dc ("babeld: allow changing alternative
configuration file and directory"). The default value of $OTHERCONFIGDIR
was always used, because the variable was used *before* it was (possibly)
redefined when parsing the UCI config.
Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org>
This way, "/etc/init.d/babeld reload" will detect when one of these
dynamic config files has changed, and restart babeld only if that is the
case.
Dynamic config files where introduced by 82d9002689 ("babeld: add support
for dynamic config files").
Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org>
This avoids running out of flash or RAM space if babeld logs too much.
The system log is stored on RAM by default and has a controlled size.
It is still possible to tell babeld to log to a file, by using the
following in /etc/config/babeld:
config general
option log_file "/var/log/babeld.log"
Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org>
There is a HTTP redirection in place from the old URL to the new URL, but
better change it now than waiting for the redirection to disappear.
Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org>
The symbol IPV6 is a global config symbol, don't select it because it
will override the user decision of IPV6 as all other package in base do
it. A select (+) will also create a recursive dependency error.
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
When parsing list options using config_load option_cb will be called
with additional options ending in _ITEM$x and _LENGTH. This ignores any
option containing _LENGTH or _ITEM as they can't possible be a valid
babeld option making a config like
config general
list import_table 23
list import_table 42
work.
Signed-off-by: Nils Schneider <nils@nilsschneider.net>
16 June 2015: babeld-1.6.1.
* Fixed a buffer overflow in zone_equal. This is probably not
exploitable, but might cause incorrect routing tables in the presence
of source-specific routing.
* Added support for defaulting ipv6-subtrees automatically based on the
kernel version.
* Fixed compilation under musl.
Signed-off-by: Gabriel Kerneis <kerneis@google.com>
