[olsr-dev] olsrd secure plugin

[Andreas Tønnesen]

Hi Sven,

The secure plugin only uses a SHA-1 hash function from openSSL as far as I
can remember. I just used the openSSL lib since it is the most widespread
lib for theese things. I think it's a good idea to use a much smaller lib,
(or perhaps include hashing code in the plugin?). All you really need is a
hashing function, so if MatrixSSL supports SHA-1/MD5 etc. (which I guess
it does), it should work fine :)

Regarding your HNA blocking question that is a rather tricky one. This has
been discussed before and I belive we came to the conclusion that it would
not be supported in officcial olsrd code. The problem is that this kind of
functionallity has to be distributed if we are to avoid routing loops.
I think the best way is to create a plugin that will broadcast a set of
IPs to ignore when parsing HNA messages. But then there is the security
issue...
I fully agree that this would be a useful feature but IMO it can only be
done if it is distributed.

- Andreas


> Hello oncemore,
>
> while I'am in questioning mode - the secure olsr plugin rely on the
> OpenSSL
> library which is really huge (in terms of flash/disk space usage). Is
> there
> a chance to link it against MatrixSSL?
>
> Regards,
> Sven-Ola
>
>
> _______________________________________________
> olsr-dev mailing list
> (spam-protected)
> https://www.olsr.org/mailman/listinfo/olsr-dev
>


---------
Andreas Tønnesen
http://www.olsr.org