All of lore.kernel.org
 help / color / mirror / Atom feed
* [B.A.T.M.A.N.] [PATCH] alfred: Don't accept user defined dataset source address in slave mode
@ 2016-04-03 17:21 Sven Eckelmann
  2016-04-04 15:48 ` Simon Wunderlich
  0 siblings, 1 reply; 2+ messages in thread
From: Sven Eckelmann @ 2016-04-03 17:21 UTC (permalink / raw)
  To: b.a.t.m.a.n

The dataset source is used by master servers to identify if it has to be
forwarded to other master servers. The data::source of an incoming UDP
push_data is checked and compared against the address of the node sending
the dataset. If both are same then the dataset is marked as
SOURCE_FIRST_HAND. Otherwise it is already synced dataset (SOURCE_SYNCED).
Only datasets marked as SOURCE_FIRST_HAND or SOURCE_LOCAL will be forwarded
by master servers.

Allowing slave servers to accept push_data packets via unix socket with a
modified data::source would break the synchronization of datasets between
the master servers. The slave server would forward data to the master
server as always but the master would now mark the packet as SOURCE_SYNCED.
The synchronization process would end here. Parts of the alfred servers
would therefore have access to the dataset and some not.

Instead drop the incoming push_data with a set data::source on the slave.
No alfred server will have the dataset and the stable inconsistency is
avoided.

Fixes: 58e109973bbe ("alfred: Allow setting the source mac via unix sock")
Signed-off-by: Sven Eckelmann <sven@narfation.org>
---
Depends on the patch https://patchwork.open-mesh.org/patch/15954/
---
 unix_sock.c | 14 +++++++++++---
 1 file changed, 11 insertions(+), 3 deletions(-)

diff --git a/unix_sock.c b/unix_sock.c
index ee6dd8f..150ad32 100644
--- a/unix_sock.c
+++ b/unix_sock.c
@@ -122,10 +122,18 @@ static int unix_sock_add_data(struct globals *globals,
 
 	/* clients should set the source mac to 00:00:00:00:00:00
 	 * to make the server set the source for them
+	 *
+	 * Only alfred in master mode can accept a user defined
+	 * source addresses. Otherwise the data would not be
+	 * synced between master servers.
 	 */
-	if (!is_valid_ether_addr(data->source))
-		memcpy(data->source, &interface->hwaddr,
-		       sizeof(interface->hwaddr));
+	if (is_valid_ether_addr(data->source)) {
+		if (memcmp(data->source, &interface->hwaddr, ETH_ALEN) != 0 &&
+		    globals->opmode != OPMODE_MASTER)
+			goto err;
+	} else {
+		memcpy(data->source, &interface->hwaddr, ETH_ALEN);
+	}
 
 	if ((int)(data_len + sizeof(*data)) > len)
 		goto err;
-- 
2.8.0.rc3


^ permalink raw reply related	[flat|nested] 2+ messages in thread
* Re: [B.A.T.M.A.N.] [PATCH] alfred: Don't accept user defined dataset source address in slave mode
  2016-04-03 17:21 [B.A.T.M.A.N.] [PATCH] alfred: Don't accept user defined dataset source address in slave mode Sven Eckelmann
@ 2016-04-04 15:48 ` Simon Wunderlich
  0 siblings, 0 replies; 2+ messages in thread
From: Simon Wunderlich @ 2016-04-04 15:48 UTC (permalink / raw)
  To: b.a.t.m.a.n

[-- Attachment #1: Type: text/plain, Size: 1467 bytes --]

On Sunday 03 April 2016 19:21:47 Sven Eckelmann wrote:
> The dataset source is used by master servers to identify if it has to be
> forwarded to other master servers. The data::source of an incoming UDP
> push_data is checked and compared against the address of the node sending
> the dataset. If both are same then the dataset is marked as
> SOURCE_FIRST_HAND. Otherwise it is already synced dataset (SOURCE_SYNCED).
> Only datasets marked as SOURCE_FIRST_HAND or SOURCE_LOCAL will be forwarded
> by master servers.
> 
> Allowing slave servers to accept push_data packets via unix socket with a
> modified data::source would break the synchronization of datasets between
> the master servers. The slave server would forward data to the master
> server as always but the master would now mark the packet as SOURCE_SYNCED.
> The synchronization process would end here. Parts of the alfred servers
> would therefore have access to the dataset and some not.
> 
> Instead drop the incoming push_data with a set data::source on the slave.
> No alfred server will have the dataset and the stable inconsistency is
> avoided.
> 
> Fixes: 58e109973bbe ("alfred: Allow setting the source mac via unix sock")
> Signed-off-by: Sven Eckelmann <sven@narfation.org>
> ---
> Depends on the patch https://patchwork.open-mesh.org/patch/15954/
> ---
>  unix_sock.c | 14 +++++++++++---
>  1 file changed, 11 insertions(+), 3 deletions(-)

Applied in revision 7782e61.

Thanks!
     Simon

[-- Attachment #2: This is a digitally signed message part. --]
[-- Type: application/pgp-signature, Size: 819 bytes --]

^ permalink raw reply	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2016-04-04 15:48 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2016-04-03 17:21 [B.A.T.M.A.N.] [PATCH] alfred: Don't accept user defined dataset source address in slave mode Sven Eckelmann
2016-04-04 15:48 ` Simon Wunderlich

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.