summaryrefslogtreecommitdiff
path: root/community/quagga
diff options
context:
space:
mode:
authorroot <root@rshg054.dnsready.net>2012-07-17 00:01:52 +0000
committerroot <root@rshg054.dnsready.net>2012-07-17 00:01:52 +0000
commit412d061bfbf23d1e908eed3f8405b1af46fb1ba8 (patch)
treeee137173c889a2b7279200c20b168f9d9b9fdd64 /community/quagga
parent50a1eb604b2d5503a06d56b76347faa581160245 (diff)
Tue Jul 17 00:01:52 UTC 2012
Diffstat (limited to 'community/quagga')
-rw-r--r--community/quagga/0002-CVE-2012-1820.patch74
-rw-r--r--community/quagga/PKGBUILD60
-rw-r--r--community/quagga/babeld.service12
-rw-r--r--community/quagga/bgpd.service12
-rw-r--r--community/quagga/isisd.service12
-rw-r--r--community/quagga/ospf6d.service12
-rw-r--r--community/quagga/ospfd.service12
-rw-r--r--community/quagga/ripd.service12
-rw-r--r--community/quagga/ripngd.service12
-rw-r--r--community/quagga/zebra.service12
10 files changed, 217 insertions, 13 deletions
diff --git a/community/quagga/0002-CVE-2012-1820.patch b/community/quagga/0002-CVE-2012-1820.patch
new file mode 100644
index 000000000..aae2d7b18
--- /dev/null
+++ b/community/quagga/0002-CVE-2012-1820.patch
@@ -0,0 +1,74 @@
+@@ -, +, @@
+ bgpd: CVE-2012-1820, DoS in bgp_capability_orf()
+
+ An ORF (code 3) capability TLV is defined to contain exactly one
+ AFI/SAFI block. Function bgp_capability_orf(), which parses ORF
+ capability TLV, uses do-while cycle to call its helper function
+ bgp_capability_orf_entry(), which actually processes the AFI/SAFI data
+ block. The call is made at least once and repeated as long as the input
+ buffer has enough data for the next call.
+
+ The helper function, bgp_capability_orf_entry(), uses "Number of ORFs"
+ field of the provided AFI/SAFI block to verify, if it fits the input
+ buffer. However, the check is made based on the total length of the ORF
+ TLV regardless of the data already consumed by the previous helper
+ function call(s). This way, the check condition is only valid for the
+ first AFI/SAFI block inside an ORF capability TLV.
+
+ For the subsequent calls of the helper function, if any are made, the
+ check condition may erroneously tell, that the current "Number of ORFs"
+ field fits the buffer boundary, where in fact it does not. This makes it
+ possible to trigger an assertion by feeding an OPEN message with a
+ specially-crafted malformed ORF capability TLV.
+
+ This commit fixes the vulnerability by making the implementation follow
+ the spec.
+--- a/bgpd/bgp_open.c
++++ a/bgpd/bgp_open.c
+@@ -231,7 +231,7 @@ bgp_capability_orf_entry (struct peer *peer, struct capability_header *hdr)
+ }
+
+ /* validate number field */
+- if (sizeof (struct capability_orf_entry) + (entry.num * 2) > hdr->length)
++ if (sizeof (struct capability_orf_entry) + (entry.num * 2) != hdr->length)
+ {
+ zlog_info ("%s ORF Capability entry length error,"
+ " Cap length %u, num %u",
+@@ -335,28 +335,6 @@ bgp_capability_orf_entry (struct peer *peer, struct capability_header *hdr)
+ }
+
+ static int
+-bgp_capability_orf (struct peer *peer, struct capability_header *hdr)
+-{
+- struct stream *s = BGP_INPUT (peer);
+- size_t end = stream_get_getp (s) + hdr->length;
+-
+- assert (stream_get_getp(s) + sizeof(struct capability_orf_entry) <= end);
+-
+- /* We must have at least one ORF entry, as the caller has already done
+- * minimum length validation for the capability code - for ORF there must
+- * at least one ORF entry (header and unknown number of pairs of bytes).
+- */
+- do
+- {
+- if (bgp_capability_orf_entry (peer, hdr) == -1)
+- return -1;
+- }
+- while (stream_get_getp(s) + sizeof(struct capability_orf_entry) < end);
+-
+- return 0;
+-}
+-
+-static int
+ bgp_capability_restart (struct peer *peer, struct capability_header *caphdr)
+ {
+ struct stream *s = BGP_INPUT (peer);
+@@ -573,7 +551,7 @@ bgp_capability_parse (struct peer *peer, size_t length, int *mp_capability,
+ break;
+ case CAPABILITY_CODE_ORF:
+ case CAPABILITY_CODE_ORF_OLD:
+- if (bgp_capability_orf (peer, &caphdr))
++ if (bgp_capability_orf_entry (peer, &caphdr))
+ return -1;
+ break;
+ case CAPABILITY_CODE_RESTART:
diff --git a/community/quagga/PKGBUILD b/community/quagga/PKGBUILD
index 68590da61..d24c91df3 100644
--- a/community/quagga/PKGBUILD
+++ b/community/quagga/PKGBUILD
@@ -1,9 +1,9 @@
-# $Id: PKGBUILD 72737 2012-06-21 19:55:00Z seblu $
+# $Id: PKGBUILD 73818 2012-07-15 23:51:42Z seblu $
# Maintainer: Sébastien Luttringer <seblu@aur.archlinux.org>
pkgname=quagga
pkgver=0.99.21
-pkgrel=1
+pkgrel=2
pkgdesc='BGP/OSPF/ISIS/RIP/RIPNG routing daemon suite'
arch=('i686' 'x86_64')
url='http://www.quagga.net'
@@ -15,16 +15,41 @@ install=quagga.install
source=("http://download.savannah.gnu.org/releases/$pkgname/$pkgname-$pkgver.tar.gz"
'quagga.rc'
'quagga.conf'
- '0001-isisd-fix-typo-in-topology-generator-BZ-731.patch')
+ 'babeld.service'
+ 'bgpd.service'
+ 'isisd.service'
+ 'ospf6d.service'
+ 'ospfd.service'
+ 'ripd.service'
+ 'ripngd.service'
+ 'zebra.service'
+ '0001-isisd-fix-typo-in-topology-generator-BZ-731.patch'
+ '0002-CVE-2012-1820.patch')
md5sums=('99840adbe57047c90dfba6b6ed9aec7f'
'71d474228a1e02d698cd24e9fd55ca38'
'0c4f2dd13c7dac1b73de923d1d5e4e17'
- 'c80174f7bdd32cd84550d52451e8f495')
+ '45d8bf56a426b0e7ebe429547be8a27a'
+ 'ab31ed8dafd7a92137f4f00ad0937b4f'
+ '4c05d0105cd0db23a2583bd75a1bde4d'
+ 'd087dce5eeba78ac64541157c7e04dfd'
+ 'c5f8a729685cebf8fc5b1a1552d37b6d'
+ 'e721b334bb0b31983642b307033c63d0'
+ 'effeb26ff78ffcafe7808596ddc5d3fc'
+ 'a4bf0a090747bd7dc4094a1e6e96e6ad'
+ 'c80174f7bdd32cd84550d52451e8f495'
+ '44f39016d81f3b13b2744f7dcd93289d')
build() {
cd $pkgname-$pkgver
- patch -p 1 -i "$srcdir/0001-isisd-fix-typo-in-topology-generator-BZ-731.patch"
- ./configure --prefix=/usr --sysconfdir=/etc/quagga --localstatedir=/run/quagga \
+ shopt -s nullglob
+ for _p in "$srcdir"/*.patch; do
+ msg2 "Applying ${_p##*/}"
+ patch -p 1 -i "$_p"
+ done
+ ./configure \
+ --prefix=/usr \
+ --sysconfdir=/etc/quagga \
+ --localstatedir=/run/quagga \
--enable-exampledir=/usr/share/doc/quagga/examples \
--enable-vtysh \
--enable-isisd \
@@ -35,28 +60,37 @@ build() {
--enable-irdp \
--enable-pcreposix \
--enable-multipath=64 \
- --enable-user=nobody \
- --enable-group=nobody \
+ --enable-user=quagga \
+ --enable-group=quagga \
--enable-configfile-mask=0640 \
--enable-logfile-mask=0640
make
}
package() {
+ # upstream install
+ cd $pkgname-$pkgver
+ make DESTDIR="$pkgdir" install
+
+ # logrotate stuff
+ install -D -m 644 redhat/$pkgname.logrotate "$pkgdir/etc/logrotate.d/$pkgname"
+ sed -ri 's,/var/run/quagga,/run/quagga,g' "$pkgdir/etc/logrotate.d/$pkgname"
+
# initscripts files
- for d in zebra ripd ripngd bgpd ospfd ospf6d isisd; do
+ cd "$srcdir"
+ for d in zebra ripd ripngd bgpd ospfd ospf6d isisd babeld; do
install -D -m 755 $pkgname.rc "$pkgdir/etc/rc.d/$d"
install -D -m 644 $pkgname.conf "$pkgdir/etc/conf.d/$d"
backup+=("etc/conf.d/$d")
done
- # create /run/quagga directory at startup
+ # systemd stuff
+ for d in zebra ripd ripngd bgpd ospfd ospf6d isisd babeld; do
+ install -D -m 644 $d.service "$pkgdir/usr/lib/systemd/system/$d.service"
+ done
install -D -m 644 /dev/null "$pkgdir/usr/lib/tmpfiles.d/$pkgname.conf"
echo "d /run/$pkgname 0750 $pkgname $pkgname" > "$pkgdir/usr/lib/tmpfiles.d/$pkgname.conf"
- # soft
- cd $pkgname-$pkgver
- make DESTDIR="$pkgdir" install
}
# vim:set ts=2 sw=2 ft=sh et:
diff --git a/community/quagga/babeld.service b/community/quagga/babeld.service
new file mode 100644
index 000000000..5b2848042
--- /dev/null
+++ b/community/quagga/babeld.service
@@ -0,0 +1,12 @@
+[Unit]
+Description=Babel routing daemon
+BindTo=zebra.service
+After=network.target zebra.service
+ConditionPathExists=/etc/quagga/babeld.conf
+
+[Service]
+ExecStart=/usr/sbin/babeld
+Restart=on-abort
+
+[Install]
+WantedBy=multi-user.target
diff --git a/community/quagga/bgpd.service b/community/quagga/bgpd.service
new file mode 100644
index 000000000..21ac18c8a
--- /dev/null
+++ b/community/quagga/bgpd.service
@@ -0,0 +1,12 @@
+[Unit]
+Description=BGP routing daemon
+BindTo=zebra.service
+After=network.target zebra.service
+ConditionPathExists=/etc/quagga/bgpd.conf
+
+[Service]
+ExecStart=/usr/sbin/bgpd
+Restart=on-abort
+
+[Install]
+WantedBy=multi-user.target
diff --git a/community/quagga/isisd.service b/community/quagga/isisd.service
new file mode 100644
index 000000000..298946998
--- /dev/null
+++ b/community/quagga/isisd.service
@@ -0,0 +1,12 @@
+[Unit]
+Description=IS-IS routing daemon
+BindTo=zebra.service
+After=network.target zebra.service
+ConditionPathExists=/etc/quagga/isisd.conf
+
+[Service]
+ExecStart=/usr/sbin/isisd
+Restart=on-abort
+
+[Install]
+WantedBy=multi-user.target
diff --git a/community/quagga/ospf6d.service b/community/quagga/ospf6d.service
new file mode 100644
index 000000000..31194fc6e
--- /dev/null
+++ b/community/quagga/ospf6d.service
@@ -0,0 +1,12 @@
+[Unit]
+Description=OSPF routing daemon for IPv6
+BindTo=zebra.service
+After=network.target zebra.service
+ConditionPathExists=/etc/quagga/ospf6d.conf
+
+[Service]
+ExecStart=/usr/sbin/ospf6d
+Restart=on-abort
+
+[Install]
+WantedBy=multi-user.target
diff --git a/community/quagga/ospfd.service b/community/quagga/ospfd.service
new file mode 100644
index 000000000..f864aa258
--- /dev/null
+++ b/community/quagga/ospfd.service
@@ -0,0 +1,12 @@
+[Unit]
+Description=OSPF routing daemon
+BindTo=zebra.service
+After=network.target zebra.service
+ConditionPathExists=/etc/quagga/ospfd.conf
+
+[Service]
+ExecStart=/usr/sbin/ospfd
+Restart=on-abort
+
+[Install]
+WantedBy=multi-user.target
diff --git a/community/quagga/ripd.service b/community/quagga/ripd.service
new file mode 100644
index 000000000..22716e2c9
--- /dev/null
+++ b/community/quagga/ripd.service
@@ -0,0 +1,12 @@
+[Unit]
+Description=RIP routing daemon
+BindTo=zebra.service
+After=network.target zebra.service
+ConditionPathExists=/etc/quagga/ripd.conf
+
+[Service]
+ExecStart=/usr/sbin/ripd
+Restart=on-abort
+
+[Install]
+WantedBy=multi-user.target
diff --git a/community/quagga/ripngd.service b/community/quagga/ripngd.service
new file mode 100644
index 000000000..9ac51bd1c
--- /dev/null
+++ b/community/quagga/ripngd.service
@@ -0,0 +1,12 @@
+[Unit]
+Description=RIP routing daemon for IPv6
+BindTo=zebra.service
+After=network.target zebra.service
+ConditionPathExists=/etc/quagga/ripngd.conf
+
+[Service]
+ExecStart=/usr/sbin/ripngd
+Restart=on-abort
+
+[Install]
+WantedBy=multi-user.target
diff --git a/community/quagga/zebra.service b/community/quagga/zebra.service
new file mode 100644
index 000000000..e0f87f9bc
--- /dev/null
+++ b/community/quagga/zebra.service
@@ -0,0 +1,12 @@
+[Unit]
+Description=GNU Zebra routing manager
+After=network.target
+ConditionPathExists=/etc/quagga/zebra.conf
+
+[Service]
+ExecStartPre=/sbin/ip route flush proto zebra
+ExecStart=/usr/sbin/zebra
+Restart=on-abort
+
+[Install]
+WantedBy=multi-user.target