Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

NRTM parser accepts partial NRTM content #546

Closed
mxsasha opened this issue Sep 4, 2021 · 1 comment · Fixed by #547
Closed

NRTM parser accepts partial NRTM content #546

mxsasha opened this issue Sep 4, 2021 · 1 comment · Fixed by #547
Assignees
@mxsasha
Labels
backport Should be backported to previous releases bug Something isn't working release blocker blocks the next release
Milestone
Release 4.2

Comments

@mxsasha
Copy link
Collaborator

mxsasha commented Sep 4, 2021

The NRTM response parser does not check whether the NRTM responded had %END <source> at the end. This can cause missing data in mirroring when the TCP connection is disrupted, causing only part of the NRTM response to arrive in IRRd.

Legacy IRRd, IRRd 4 and RIPE db all include the %END <source> marker, so we can require that in all NRTM responses. Without it, the entire NRTM response should be logged and rejected, with the assumption that the response is incomplete.
@mxsasha mxsasha added bug Something isn't working release blocker blocks the next release backport Should be backported to previous releases labels Sep 4, 2021
@mxsasha mxsasha added this to the Release 4.2 milestone Sep 4, 2021
@mxsasha mxsasha self-assigned this Sep 4, 2021
mxsasha added a commit that referenced this issue Sep 4, 2021
@mxsasha
Fix #546 - Make NRTM parser reject partial content
d1aeb0c
@mxsasha mxsasha linked a pull request Sep 4, 2021 that will close this issue
Fix #546 - Make NRTM parser reject partial content #547
Merged
mxsasha added a commit that referenced this issue Sep 4, 2021
@mxsasha
Fix #546 - Make NRTM parser reject partial content (#547)

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode
8395e85
@mxsasha mxsasha reopened this Sep 4, 2021
mxsasha added a commit that referenced this issue Sep 7, 2021
@mxsasha
Ref #546 - Small clarification in error message
36e9a4b
mxsasha added a commit that referenced this issue Sep 7, 2021
@mxsasha
Ref #546 - Small clarification in error message
8bb93a2
mxsasha added a commit that referenced this issue Sep 7, 2021
@mxsasha
[4.1.x] Fix #546 - Make NRTM parser reject partial content (#547)
83435d2 
(cherry picked from commit 8395e85)
@mxsasha
Copy link
Collaborator Author

mxsasha commented Sep 7, 2021

Backport released in 4.1.7

@mxsasha mxsasha closed this as completed Sep 7, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@mxsasha mxsasha

Labels
backport Should be backported to previous releases bug Something isn't working release blocker blocks the next release
Projects
None yet
Milestone
Release 4.2
Development

Successfully merging a pull request may close this issue.

Fix #546 - Make NRTM parser reject partial content irrdnet/irrd
1 participant
@mxsasha