RIP MD5 authentication

jp jp12100 at yahoo.fr
Thu Apr 8 11:56:09 CEST 2010 

Hello,
If it can help, the MD5 trailer modification appeared in the following
message in bird mailing list :

regards,
Jean


List:       bird-users
Subject:    Re: RIP authentication problem with cisco
From:       Eric Leblond <eleblond () init-sys ! com>
Date:       2003-04-04 8:46:53
[Download message RAW]

On Fri, 2003-04-04 at 10:40, Eric Leblond wrote:
> Hi,
> 
> I've modified the code to make RIP V2 with auth (passsword and md5)
> work.

Well the diff was not well done, I send you an other one.

-- 
Eric Leblond <eleblond at init-sys.com>
Init-Sys

["diff-bird-ripv2-auth" (diff-bird-ripv2-auth)]

Only in bird/CVS: Root~
diff -ru bird/proto/rip/auth.c bird.auth/proto/rip/auth.c
--- bird/proto/rip/auth.c	Sat Sep 21 13:57:48 2002
+++ bird.auth/proto/rip/auth.c	Fri Apr  4 08:44:44 2003
@@ -3,6 +3,9 @@
  *
  *	Copyright (c) 1999 Pavel Machek <pavel at ucw.cz>
  *
+ *      Eric Leblond 04/04/2002 <eleblond at init-sys.com> :
+ *	auth modifications
+ * 
  *	Can be freely distributed and used under the terms of the GNU GPL.
  */
 
@@ -33,7 +36,7 @@
 rip_incoming_authentication( struct proto *p, struct rip_block_auth *block, struct \
rip_packet *packet, int num, ip_addr whotoldme )  {
   DBG( "Incoming authentication: " );
-  switch (block->authtype) {	/* Authentication type */
+  switch (ntohs(block->authtype)) {	/* Authentication type */
   case AT_PLAINTEXT: 
     {
       struct password_item *passwd = get_best_password( P_CF->passwords, 0 );
@@ -54,14 +57,13 @@
     {
       struct password_item *head;
       struct rip_md5_tail *tail;
-
-      if (block->packetlen != PACKETLEN(num)) {
+      if (ntohs(block->packetlen) != PACKETLEN(num) - sizeof(struct rip_md5_tail) ) \
{  log( L_ERR "Packet length in MD5 does not match computed value" );
 	return 1;
       }
 
-      tail = (struct rip_md5_tail *) ((char *) packet + (block->packetlen - \
                sizeof(struct rip_block_auth)));
-      if ((tail->mustbeFFFF != 0xffff) || (tail->mustbe0001 != 0x0001)) {
+      tail = (struct rip_md5_tail *) ((char *) packet + (ntohs(block->packetlen) ));
+      if ((tail->mustbeFFFF != 0xffff) || (tail->mustbe0001 != 0x0100)) {
 	log( L_ERR "MD5 tail signature is not there" );
 	return 1;
       }
@@ -89,13 +91,13 @@
 	  char md5sum_packet[16];
 	  char md5sum_computed[16];
 
+	  memset(md5sum_packet,0,16);
 	  memcpy(md5sum_packet, tail->md5, 16);
 	  password_strncpy(tail->md5, head->password, 16);
 
 	  MD5Init(&ctxt);
-	  MD5Update(&ctxt, (char *) packet, block->packetlen );
+	  MD5Update(&ctxt, (char *) packet, ntohs(block->packetlen) +  sizeof(struct \
rip_block_auth) );  MD5Final(md5sum_computed, &ctxt);
-
 	  if (memcmp(md5sum_packet, md5sum_computed, 16))
 	    return 1;
 	  return 0;
@@ -129,7 +131,7 @@
     return PACKETLEN(num);
   }
 
-  block->authtype = P_CF->authtype;
+  block->authtype = htons(P_CF->authtype);
   block->mustbeFFFF = 0xffff;
   switch (P_CF->authtype) {
   case AT_PLAINTEXT:
@@ -139,26 +141,26 @@
     {
       struct rip_md5_tail *tail;
       struct MD5Context ctxt;
-      static int sequence = 0;
+      static uint32_t sequence = 0;
 
       if (num > PACKET_MD5_MAX)
 	bug(  "We can not add MD5 authentication to this long packet" );
 
       block->keyid = passwd->id;
-      block->authlen = 20;
+      block->authlen = sizeof(struct rip_block_auth);
       block->seq = sequence++;
       block->zero0 = 0;
       block->zero1 = 0;
-      block->packetlen = PACKETLEN(num) + block->authlen;
-
-      tail = (struct rip_md5_tail *) ((char *) packet + (block->packetlen - \
sizeof(struct rip_block_auth))); +      block->packetlen = htons(PACKETLEN(num));
+      tail = (struct rip_md5_tail *) ((char *) packet + PACKETLEN(num) );
       tail->mustbeFFFF = 0xffff;
-      tail->mustbe0001 = 0x0001;
-      password_strncpy( (char *) (&tail->md5), passwd->password, 16 );
+      tail->mustbe0001 = 0x0100;
 
+      memset(tail->md5,0,16);
+      password_strncpy( tail->md5, passwd->password, 16 );
       MD5Init(&ctxt);
-      MD5Update(&ctxt, (char *) packet, block->packetlen );
-      MD5Final((char *) (&tail->md5), &ctxt);
+      MD5Update(&ctxt, (char *) packet, PACKETLEN(num) + sizeof(struct  \
rip_md5_tail)); +      MD5Final(tail->md5, &ctxt);
       return PACKETLEN(num) + block->authlen;
     }
   default:



Le jeudi 08 avril 2010 à 10:20 +0200, Ondrej Zajicek a écrit :
> On Fri, Apr 02, 2010 at 03:51:32PM +0200, jp wrote:
> > Hi all,
> > I'm trying to use the RIP protocol of BIRD in MD5 authentication mode. I
> > use bird version 1.2.1.
> 
> > historically, the value "FFFF 0001" was used by bird but this was
> > changed to "FFFF 0100" in a patch resolving "RIP authentication problem
> > with cisco".
> 
> Hello
> Thank you for a note. Unfortunately, i don't know anything about
> that patch. I will check that to make it compatible with both
> Quagga and Cisco.
>

More information about the Bird-users mailing list