From patchwork Sun Apr  3 17:21:47 2016
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Sven Eckelmann <sven@narfation.org>
X-Patchwork-Id: 15955
X-Patchwork-Delegate: sw@simonwunderlich.de
Return-Path: <b.a.t.m.a.n-bounces@lists.open-mesh.org>
X-Original-To: patchwork@open-mesh.org
Delivered-To: patchwork@open-mesh.org
Received: from open-mesh.org (localhost [IPv6:::1])
	by open-mesh.org (Postfix) with ESMTP id B05D8819CD;
	Sun,  3 Apr 2016 19:22:04 +0200 (CEST)
Authentication-Results: open-mesh.org; dmarc=none header.from=narfation.org
Authentication-Results: open-mesh.org; dkim=fail
	reason="verification failed; unprotected key"
	header.d=narfation.org header.i=@narfation.org header.b=smv2GaI4;
	dkim-adsp=fail (unprotected policy); dkim-atps=neutral
Received-SPF: Pass (sender SPF authorized) identity=mailfrom;
	client-ip=79.140.41.39; helo=v3-1039.vlinux.de;
	envelope-from=sven@narfation.org;
	receiver=b.a.t.m.a.n@lists.open-mesh.org
Authentication-Results: open-mesh.org; dmarc=pass header.from=narfation.org
Received: from v3-1039.vlinux.de (narfation.org [79.140.41.39])
	by open-mesh.org (Postfix) with ESMTPS id 9AC028189B
	for <b.a.t.m.a.n@lists.open-mesh.org>;
	Sun,  3 Apr 2016 19:22:02 +0200 (CEST)
Received: from sven-desktop.home.narfation.org
	(p200300C593C418FDC09657F66CC51919.dip0.t-ipconnect.de
	[IPv6:2003:c5:93c4:18fd:c096:57f6:6cc5:1919])
	by v3-1039.vlinux.de (Postfix) with ESMTPSA id F29AD110100;
	Sun,  3 Apr 2016 19:22:01 +0200 (CEST)
Authentication-Results: v3-1039.vlinux.de;
	dmarc=none header.from=narfation.org
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=narfation.org;
	s=20121; t=1459704122;
	bh=3pvK2iwZYnbaHheC5wZblNryIxZ7tgYiwF0VUZOa4ag=;
	h=From:To:Cc:Subject:Date:From;
	b=smv2GaI4FJ/OHYSoDgsFdY6/lTCSBP6gtQWkz+6b7UNU/7e4zaRVE/yUfCTl1O0fL
	IvTxBQU17cYiRx80fyitb8ne5iHYOF/uDCvjY9gIUOB8ohv09qZt81/WMPCpsKInDU
	qXc+CFAn/Fdk1nBUPpQhK1rLXgQQtxcadv0WXGzY=
From: Sven Eckelmann <sven@narfation.org>
To: b.a.t.m.a.n@lists.open-mesh.org
Date: Sun,  3 Apr 2016 19:21:47 +0200
Message-Id: <1459704107-11844-1-git-send-email-sven@narfation.org>
X-Mailer: git-send-email 2.8.0.rc3
Subject: [B.A.T.M.A.N.] [PATCH] alfred: Don't accept user defined dataset
	source address in slave mode
X-BeenThere: b.a.t.m.a.n@lists.open-mesh.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: The list for a Better Approach To Mobile Ad-hoc Networking
	<b.a.t.m.a.n.lists.open-mesh.org>
List-Unsubscribe: <https://lists.open-mesh.org/mm/options/b.a.t.m.a.n>,
	<mailto:b.a.t.m.a.n-request@lists.open-mesh.org?subject=unsubscribe>
List-Archive: <http://lists.open-mesh.org/pipermail/b.a.t.m.a.n/>
List-Post: <mailto:b.a.t.m.a.n@lists.open-mesh.org>
List-Help: <mailto:b.a.t.m.a.n-request@lists.open-mesh.org?subject=help>
List-Subscribe: <https://lists.open-mesh.org/mm/listinfo/b.a.t.m.a.n>,
	<mailto:b.a.t.m.a.n-request@lists.open-mesh.org?subject=subscribe>
Reply-To: The list for a Better Approach To Mobile Ad-hoc Networking
	<b.a.t.m.a.n@lists.open-mesh.org>
Errors-To: b.a.t.m.a.n-bounces@lists.open-mesh.org
Sender: "B.A.T.M.A.N" <b.a.t.m.a.n-bounces@lists.open-mesh.org>

The dataset source is used by master servers to identify if it has to be
forwarded to other master servers. The data::source of an incoming UDP
push_data is checked and compared against the address of the node sending
the dataset. If both are same then the dataset is marked as
SOURCE_FIRST_HAND. Otherwise it is already synced dataset (SOURCE_SYNCED).
Only datasets marked as SOURCE_FIRST_HAND or SOURCE_LOCAL will be forwarded
by master servers.

Allowing slave servers to accept push_data packets via unix socket with a
modified data::source would break the synchronization of datasets between
the master servers. The slave server would forward data to the master
server as always but the master would now mark the packet as SOURCE_SYNCED.
The synchronization process would end here. Parts of the alfred servers
would therefore have access to the dataset and some not.

Instead drop the incoming push_data with a set data::source on the slave.
No alfred server will have the dataset and the stable inconsistency is
avoided.

Fixes: 58e109973bbe ("alfred: Allow setting the source mac via unix sock")
Signed-off-by: Sven Eckelmann <sven@narfation.org>
---
Depends on the patch https://patchwork.open-mesh.org/patch/15954/
---
 unix_sock.c | 14 +++++++++++---
 1 file changed, 11 insertions(+), 3 deletions(-)

diff --git a/unix_sock.c b/unix_sock.c
index ee6dd8f..150ad32 100644
--- a/unix_sock.c
+++ b/unix_sock.c
@@ -122,10 +122,18 @@ static int unix_sock_add_data(struct globals *globals,
 
 	/* clients should set the source mac to 00:00:00:00:00:00
 	 * to make the server set the source for them
+	 *
+	 * Only alfred in master mode can accept a user defined
+	 * source addresses. Otherwise the data would not be
+	 * synced between master servers.
 	 */
-	if (!is_valid_ether_addr(data->source))
-		memcpy(data->source, &interface->hwaddr,
-		       sizeof(interface->hwaddr));
+	if (is_valid_ether_addr(data->source)) {
+		if (memcmp(data->source, &interface->hwaddr, ETH_ALEN) != 0 &&
+		    globals->opmode != OPMODE_MASTER)
+			goto err;
+	} else {
+		memcpy(data->source, &interface->hwaddr, ETH_ALEN);
+	}
 
 	if ((int)(data_len + sizeof(*data)) > len)
 		goto err;