Hi all, The quagga ospfd module in pfSense 2.0.1 amd64 has a flaw in how it writes the config file, which causes MD5 authentication to fail. Basically, it puts quotes around the message-digest-key supplied, which is not required, and is taken by quagga as part of the password. This causes a mismatch with other (non-pfSense) OSPF routers. e.g. If my other systems use asdf1234 as the password, they get a mismatch, because pfSense uses "asdf1234".
I've prepared a one-line patch to quagga_ospfd.inc to fix this, but i'm wondering about input validation. I've had a look through the quagga source code trying to find out what it accepts as valid characters in an MD5 key, and i can't follow their code well enough to work out where the input validation is done. Nothing in RFC2328 suggests that there are any restrictions whatsoever on the characters in the key, but presumably quagga must have some restrictions in order to read it from an ASCII or UTF-8 (not sure which) config file. Any thoughts? Thanks in advance, Paul _______________________________________________ List mailing list [email protected] http://lists.pfsense.org/mailman/listinfo/list
