nhrp: add cisco-authentication password support#14788
Closed
1337kerberos wants to merge 1 commit intoFRRouting:masterfrom
Closed
nhrp: add cisco-authentication password support#147881337kerberos wants to merge 1 commit intoFRRouting:masterfrom
cisco-authentication password support#147881337kerberos wants to merge 1 commit intoFRRouting:masterfrom
Conversation
ton31337
requested changes
Nov 14, 2023
Member
ton31337
left a comment
ton31337
left a comment
There was a problem hiding this comment.
Missing documentation, some contributing guidelines, and styling issues yet.
Member
|
general remark: apply 'git clang-format HEAD^' and squash the proposed changes. |
Member
|
@louberger can you take a look at this? |
1337kerberos
force-pushed
the
NHRP_CISCO_AUTH
branch
from
eebc70a to
aaf720c
Compare
1337kerberos
force-pushed
the
NHRP_CISCO_AUTH
branch
2 times, most recently
from
eeae138 to
282a6e5
Compare
Contributor
Author
|
The latest update:
The internal testing by my team has shown issues when connecting with Cisco Spoke; keep PR as a draft until addressed |
Implemented: - handling 8 char long password, aka Cisco style. - minimal error inidication routine - test case, password change affects conection Signed-off-by: Volodymyr Huti <[email protected]>
1337kerberos
force-pushed
the
NHRP_CISCO_AUTH
branch
from
282a6e5 to
41b4a29
Compare
|
@ton31337 @pguibert6WIND is anything else needed to tmerge this PR ? |
Member
|
It won't be reviewed until it's marked as a draft. |
Contributor
|
@volodymyrhuti I also have an interest in seeing this committed. I tested your PR against a Cisco router as spoke and found/fixed a few issues. (see attached file). Wireshark is still complaining. I'm wondering if its because the packet causing the error indication does not include the extensions when copying the packet that caused the indication. Wireshark just recursively parses the included original packet, so the checksum and length would be incorrect. Issues I found/fixed:
Happy to discuss, let me know if you have any questions. |
dleroy
added a commit
to LabNConsulting/frr
that referenced
this pull request
Jun 5, 2024
Taking over this development from FRRouting#14788 This commit addresses 4 issues found in the previous PR 1) FRR would accept messages from a spoke without authentication when FRR NHRP had auth configured. 2) The error indication was not being sent in network byte order 3) The debug print in nhrp_connection_authorized was not correctly printing the received password 4) The addresses portion of the mandatory part of the error indication was invalid on the wire (confirmed in wireshark) Signed-off-by: Dave LeRoy <[email protected]>
Contributor
|
I have coordinated with @volodymyrhuti and he has agreed to let me carry this work forward. I am closing this PR and taking up the work in #16172 |
Member
|
Replaced by #16172 |
dleroy
added a commit
to LabNConsulting/frr
that referenced
this pull request
Jun 6, 2024
Taking over this development from FRRouting#14788 This commit addresses 4 issues found in the previous PR 1) FRR would accept messages from a spoke without authentication when FRR NHRP had auth configured. 2) The error indication was not being sent in network byte order 3) The debug print in nhrp_connection_authorized was not correctly printing the received password 4) The addresses portion of the mandatory part of the error indication was invalid on the wire (confirmed in wireshark) Signed-off-by: Dave LeRoy <[email protected]>
dleroy
added a commit
to LabNConsulting/frr
that referenced
this pull request
Jun 6, 2024
Taking over this development from FRRouting#14788 This commit addresses 4 issues found in the previous PR 1) FRR would accept messages from a spoke without authentication when FRR NHRP had auth configured. 2) The error indication was not being sent in network byte order 3) The debug print in nhrp_connection_authorized was not correctly printing the received password 4) The addresses portion of the mandatory part of the error indication was invalid on the wire (confirmed in wireshark) Signed-off-by: Dave LeRoy <[email protected]>
dleroy
added a commit
to LabNConsulting/frr
that referenced
this pull request
Jun 10, 2024
Taking over this development from FRRouting#14788 This commit addresses 4 issues found in the previous PR 1) FRR would accept messages from a spoke without authentication when FRR NHRP had auth configured. 2) The error indication was not being sent in network byte order 3) The debug print in nhrp_connection_authorized was not correctly printing the received password 4) The addresses portion of the mandatory part of the error indication was invalid on the wire (confirmed in wireshark) Signed-off-by: Dave LeRoy <[email protected]> Co-authored-by: Volodymyr Huti <[email protected]>
dleroy
added a commit
to LabNConsulting/frr
that referenced
this pull request
Jun 11, 2024
Taking over this development from FRRouting#14788 This commit addresses 4 issues found in the previous PR 1) FRR would accept messages from a spoke without authentication when FRR NHRP had auth configured. 2) The error indication was not being sent in network byte order 3) The debug print in nhrp_connection_authorized was not correctly printing the received password 4) The addresses portion of the mandatory part of the error indication was invalid on the wire (confirmed in wireshark) Signed-off-by: Dave LeRoy <[email protected]> Co-authored-by: Volodymyr Huti <[email protected]>
2 tasks
aapostoliuk
pushed a commit
to aapostoliuk/frr
that referenced
this pull request
Sep 17, 2024
Taking over this development from FRRouting#14788 This commit addresses 4 issues found in the previous PR 1) FRR would accept messages from a spoke without authentication when FRR NHRP had auth configured. 2) The error indication was not being sent in network byte order 3) The debug print in nhrp_connection_authorized was not correctly printing the received password 4) The addresses portion of the mandatory part of the error indication was invalid on the wire (confirmed in wireshark) Signed-off-by: Dave LeRoy <[email protected]> Co-authored-by: Volodymyr Huti <[email protected]>
aapostoliuk
pushed a commit
to aapostoliuk/frr
that referenced
this pull request
Sep 19, 2024
Taking over this development from FRRouting#14788 This commit addresses 4 issues found in the previous PR 1) FRR would accept messages from a spoke without authentication when FRR NHRP had auth configured. 2) The error indication was not being sent in network byte order 3) The debug print in nhrp_connection_authorized was not correctly printing the received password 4) The addresses portion of the mandatory part of the error indication was invalid on the wire (confirmed in wireshark) Signed-off-by: Dave LeRoy <[email protected]> Co-authored-by: Volodymyr Huti <[email protected]>
aapostoliuk
pushed a commit
to aapostoliuk/frr
that referenced
this pull request
Sep 19, 2024
Taking over this development from FRRouting#14788 This commit addresses 4 issues found in the previous PR 1) FRR would accept messages from a spoke without authentication when FRR NHRP had auth configured. 2) The error indication was not being sent in network byte order 3) The debug print in nhrp_connection_authorized was not correctly printing the received password 4) The addresses portion of the mandatory part of the error indication was invalid on the wire (confirmed in wireshark) Signed-off-by: Dave LeRoy <[email protected]> Co-authored-by: Volodymyr Huti <[email protected]>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
7 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Implemented:
Implemented in the context - https://vyos.dev/T2326