From owner-p4-projects@FreeBSD.ORG  Wed Jul 12 16:18:40 2006
Return-Path: <owner-p4-projects@FreeBSD.ORG>
X-Original-To: p4-projects@freebsd.org
Delivered-To: p4-projects@freebsd.org
Received: by hub.freebsd.org (Postfix, from userid 32767)
	id AE10F16A4DE; Wed, 12 Jul 2006 16:18:40 +0000 (UTC)
X-Original-To: perforce@FreeBSD.org
Delivered-To: perforce@FreeBSD.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 7249B16A4DA
	for <perforce@FreeBSD.org>; Wed, 12 Jul 2006 16:18:40 +0000 (UTC)
	(envelope-from clem1@FreeBSD.org)
Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 2CD4A43D66
	for <perforce@FreeBSD.org>; Wed, 12 Jul 2006 16:18:38 +0000 (GMT)
	(envelope-from clem1@FreeBSD.org)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.13.6/8.13.6) with ESMTP id k6CGIcZc052817
	for <perforce@FreeBSD.org>; Wed, 12 Jul 2006 16:18:38 GMT
	(envelope-from clem1@FreeBSD.org)
Received: (from perforce@localhost)
	by repoman.freebsd.org (8.13.6/8.13.4/Submit) id k6CGIb1P052814
	for perforce@freebsd.org; Wed, 12 Jul 2006 16:18:37 GMT
	(envelope-from clem1@FreeBSD.org)
Date: Wed, 12 Jul 2006 16:18:37 GMT
Message-Id: <200607121618.k6CGIb1P052814@repoman.freebsd.org>
X-Authentication-Warning: repoman.freebsd.org: perforce set sender to
	clem1@FreeBSD.org using -f
From: Clément Lecigne <clem1@FreeBSD.org>
To: Perforce Change Reviews <perforce@FreeBSD.org>
Cc: 
Subject: PERFORCE change 101395 for review
X-BeenThere: p4-projects@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: p4 projects tree changes <p4-projects.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/p4-projects>
List-Post: <mailto:p4-projects@freebsd.org>
List-Help: <mailto:p4-projects-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 12 Jul 2006 16:18:40 -0000

http://perforce.freebsd.org/chv.cgi?CH=101395

Change 101395 by clem1@clem1_ipv6vulns on 2006/07/12 16:18:23

	syslog DAD messages and print if the node claims to be a router or not.	

Affected files ...

.. //depot/projects/soc2006/clem1_ipv6vulns/preventing-tools/ndpwatch/db.c#2 edit
.. //depot/projects/soc2006/clem1_ipv6vulns/preventing-tools/ndpwatch/ndpwatch.c#2 edit
.. //depot/projects/soc2006/clem1_ipv6vulns/preventing-tools/ndpwatch/report.c#2 edit
.. //depot/projects/soc2006/clem1_ipv6vulns/preventing-tools/ndpwatch/report.h#2 edit

Differences ...

==== //depot/projects/soc2006/clem1_ipv6vulns/preventing-tools/ndpwatch/db.c#2 (text+ko) ====

@@ -90,7 +90,7 @@
 	register u_int len;
 	u_char *e2;
 	time_t t2;
-    
+
 	/* Lookup ipv6 address */
 	ap = ainfo_find(a);
     
@@ -99,7 +99,7 @@
 		ep = ap->elist[0];
 		if (MEMCMP(e, ep->e, 6) == 0) {
 			if (t - ep->t > NEWACTIVITY_DELTA) {
-                report("new activity", a, e, NULL, &t, &ep->t);
+                report("new activity", a, e, NULL, r, &t, &ep->t);
 			}
 			ep->t = t;
 			return (1);
@@ -110,7 +110,7 @@
 	if (ap->ecount == 0) {
 		ap->ecount = 1;
 		ap->elist[0] = elist_alloc(a, e, t, h);
-		report("new station", a, e, NULL, &t, NULL);
+		report("new station", a, e, NULL, r, &t, NULL);
 		return (1);
 	}
 
@@ -134,7 +134,7 @@
 	/* New ether address */
 	e2 = ap->elist[0]->e;
 	t2 = ap->elist[0]->t;
-	report("changed ethernet address", a, e, e2, &t, &t2);
+	report("changed ethernet address", a, e, e2, r, &t, &t2);
 	/* Make room at head of list */
 	alist_alloc(ap);
 	len = ap->ecount * sizeof(ap->elist[0]);

==== //depot/projects/soc2006/clem1_ipv6vulns/preventing-tools/ndpwatch/ndpwatch.c#2 (text+ko) ====

@@ -239,6 +239,15 @@
     ndp = (struct ndp_header *)(pk + ph->len - NDP_S - NDP_OPT_S);
     opt = (struct ndp_option *)(pk + ph->len - NDP_OPT_S);
 
+    /* is it a DAD message ? */
+    if (IN6_IS_ADDR_UNSPECIFIED(&ip6->src) && ndp->type == 135)
+    {
+        syslog(LOG_NOTICE, "Duplicated address detection asked for "
+                "%s from %s\n", inet_ntop(AF_INET6, &ndp->target, ip, 
+                    INET6_ADDRSTRLEN), e2str(opt->mac));
+        return;
+    }
+
     if (!sanity_icmp6(ndp, opt))
     {
         /* syslog has been filled */
@@ -254,7 +263,7 @@
         return;
     }
     t = ph->ts.tv_sec;
-    if (!ent_add(&ndp->target, opt->mac, ndp->reserved >> 31, t, NULL))
+    if (!ent_add(&ndp->target, opt->mac, ndp->reserved >> 7, t, NULL))
     {
         syslog(LOG_ERR, "ent_addr(%s, %s, ...) failed\n",
                 inet_ntop(AF_INET6, &ndp->target, ip, INET6_ADDRSTRLEN),

==== //depot/projects/soc2006/clem1_ipv6vulns/preventing-tools/ndpwatch/report.c#2 (text+ko) ====

@@ -220,7 +220,8 @@
 
 void
 report(register char *title, struct in6_addr *a, register u_char *e1,
-    register u_char *e2, register time_t *t1p, register time_t *t2p)
+    register u_char *e2, register u_int8_t r, register time_t *t1p, 
+    register time_t *t2p)
 {
 	register char *cp;
 	register int fd, pid;
@@ -293,6 +294,7 @@
 	(void)fprintf(f, fmt, "ip address", inet_ntop(AF_INET6, a, ip, 
                                                   INET6_ADDRSTRLEN));
 	(void)fprintf(f, fmt, "ethernet address", e2str(e1));
+    (void)fprintf(f, fmt, "router", (r) ? "YES" : "no");
 	if (e2) (void)fprintf(f, fmt, "old ethernet address", e2str(e2));
     
 	if (t1p)

==== //depot/projects/soc2006/clem1_ipv6vulns/preventing-tools/ndpwatch/report.h#2 (text+ko) ====

@@ -1,2 +1,2 @@
 
-void report(char *, struct in6_addr *, u_char *, u_char *, time_t *, time_t *);
+void report(char *, struct in6_addr *, u_char *, u_char *, u_int8_t r, time_t *, time_t *);