[OLSR-users] Fwd:Secure Plugin problem (0.4.10)

Andreas Tønnesen (spam-protected)
Thu Mar 9 12:15:31 CET 2006


I don't think that is the way to go around this. It would require some
rewrites to make sure nobody could force andy IP to reconfigure simply by
sending a spoofed challenge.
There obviously is a bug somewhere that cases the enties not to time out
and hopefully it shouldn't be too hard to fix.

- Andreas

> Hi Andreas, you think can be a good idea to simply never drop a challenge?
> Or you think is a bad idea on security stuff?
>
>>
>> Yes, that was a longshot and I can see now that it was totally wrong :)
>> Well, I'll just have to put this on my todo-list.
>>
>> - Andreas
>>
>> > Hi Andreas, now node A and node B can see each other only if i start
>> the
>> > daemon together.
>> > If one node start daemon after 2 or 3 second the plughin drop the
>> > challenge.
>> > However if the protocol go up at start, if one daemon go down and up,
>> the
>> > previous problem persist, the database never delete the entry.
>> >
>> > Ciao
>> > Giovanni
>> >
>> >
>> >> The timeout_timestamps function is supposed to clean up the database.
>> >> However, I suspect the conftime might create trouble(this plugin has
>> >> been
>> >> subject to a lot of untested updates to keep building(/working)).
>> >>
>> >> Could you try to apply the attatched patch and see if that helps?
>> >>
>> >> - Andreas
>> >>
>> >>
>> >> > Hi guys, i have a problem with the Secure plugin.
>> >> > I'm running olsr on wrt54g with Freifunk firmware.
>> >> > My problem is: the Timestamp database never delete entry.
>> >> >
>> >> > If the A node restart the olsr daemon, node B drop the challenge
>> >> because
>> >> > the previous entry in the database will never deleted.  At this
>> point
>> >> node
>> >> > consider node B a not validated Host.
>> >> >
>> >> > If i have a complete node A restart node B detect a Timestamp scew,
>> >> drop
>> >> > the challenge and reject the olsr packet.
>> >> >
>> >> > I'm try to wait 4 hours, but the Secure plugin never delete the
>> >> previous
>> >> > entry.
>> >> >
>> >> > Can someone help me???
>> >> >
>> >> > Thank you in advance.
>> >> > Giovanni
>> >> >
>> >> > P.S. sorry for my bad english
>> >> >
>> >> >
>> >> > _______________________________________________
>> >> > olsr-users mailing list
>> >> > (spam-protected)
>> >> > https://www.olsr.org/mailman/listinfo/olsr-users
>> >> >
>> >>
>> >
>> >
>> > _______________________________________________
>> > olsr-users mailing list
>> > (spam-protected)
>> > https://www.olsr.org/mailman/listinfo/olsr-users
>> >
>>
>>
>>
>> _______________________________________________
>> olsr-users mailing list
>> (spam-protected)
>> https://www.olsr.org/mailman/listinfo/olsr-users
>>
>
>
> _______________________________________________
> olsr-users mailing list
> (spam-protected)
> https://www.olsr.org/mailman/listinfo/olsr-users
>






More information about the Olsr-users mailing list