XIA-for-Linux icon indicating copy to clipboard operation
XIA-for-Linux copied to clipboard

Published 20 hours ago verified publisher icon AltraMayor

Strengthening verifications of Ethernet principal

Open AltraMayor opened this issue 6 years ago • 0 comments

The Ethernet principal is not properly verifying its XIDs that come from userland to its local and main tables.

The Ethernet principal does not check that the interface associated to a local Ethernet XID exists, is up, or has the proper format (e.g. having the correct number of zeros after the Ethernet address). local_newroute() in net/xia/ppal_ether/main.c should do these verifications. Most of the code for this fix can be copied from another function in the same file, namely main_newroute().

Finally, main_newroute() should verify that the Ethernet address part of the Ethernet XID being added is not the Ethernet address of the interface referred in the XID. Putting in simpler language, the neighbor represented by the new XID should not be the host itself because it would mean that the XID is local instead of main. Notice that analogous test is not needed in local_newroute() because one may want to force a neighbor XID to behave as a local XID.

AltraMayor avatar Jan 30 '18 19:01 AltraMayor