Fix for CVE-2018-1000155
Denial of Service, Improper Authentication and Authorization,
and Covert Channel in the OpenFlow 1.0+ handshake
Change-Id: Ifd285208266a1f331f3b802cb656349aad1782a9
diff --git a/protocols/openflow/ctl/src/main/java/org/onosproject/openflow/controller/impl/OpenFlowControllerImpl.java b/protocols/openflow/ctl/src/main/java/org/onosproject/openflow/controller/impl/OpenFlowControllerImpl.java
index ab7009f..9113e5c 100644
--- a/protocols/openflow/ctl/src/main/java/org/onosproject/openflow/controller/impl/OpenFlowControllerImpl.java
+++ b/protocols/openflow/ctl/src/main/java/org/onosproject/openflow/controller/impl/OpenFlowControllerImpl.java
@@ -28,7 +28,12 @@
import org.apache.felix.scr.annotations.Service;
import org.onosproject.cfg.ComponentConfigService;
import org.onosproject.core.CoreService;
+import org.onosproject.net.DeviceId;
+import org.onosproject.net.config.ConfigFactory;
+import org.onosproject.net.config.NetworkConfigRegistry;
+import org.onosproject.net.config.basics.SubjectFactories;
import org.onosproject.net.driver.DriverService;
+import org.onosproject.openflow.config.OpenFlowDeviceConfig;
import org.onosproject.openflow.controller.DefaultOpenFlowPacketContext;
import org.onosproject.openflow.controller.Dpid;
import org.onosproject.openflow.controller.OpenFlowController;
@@ -107,6 +112,9 @@
@Reference(cardinality = ReferenceCardinality.MANDATORY_UNARY)
protected ComponentConfigService cfgService;
+ @Reference(cardinality = ReferenceCardinality.MANDATORY_UNARY)
+ protected NetworkConfigRegistry netCfgService;
+
@Property(name = "openflowPorts", value = DEFAULT_OFPORT,
label = "Port numbers (comma separated) used by OpenFlow protocol; default is 6633,6653")
private String openflowPorts = DEFAULT_OFPORT;
@@ -173,14 +181,25 @@
protected Multimap<Dpid, OFQueueStatsEntry> fullQueueStats =
ArrayListMultimap.create();
+ protected final ConfigFactory factory =
+ new ConfigFactory<DeviceId, OpenFlowDeviceConfig>(
+ SubjectFactories.DEVICE_SUBJECT_FACTORY,
+ OpenFlowDeviceConfig.class, OpenFlowDeviceConfig.CONFIG_KEY) {
+ @Override
+ public OpenFlowDeviceConfig createConfig() {
+ return new OpenFlowDeviceConfig();
+ }
+ };
+
private final Controller ctrl = new Controller();
@Activate
public void activate(ComponentContext context) {
coreService.registerApplication(APP_ID, this::cleanup);
cfgService.registerProperties(getClass());
+ netCfgService.registerConfigFactory(factory);
ctrl.setConfigParams(context.getProperties());
- ctrl.start(agent, driverService);
+ ctrl.start(agent, driverService, netCfgService);
}
private void cleanup() {
@@ -197,13 +216,14 @@
public void deactivate() {
cleanup();
cfgService.unregisterProperties(getClass(), false);
+ netCfgService.unregisterConfigFactory(factory);
}
@Modified
public void modified(ComponentContext context) {
ctrl.stop();
ctrl.setConfigParams(context.getProperties());
- ctrl.start(agent, driverService);
+ ctrl.start(agent, driverService, netCfgService);
}
@Override