BUG 2723 - Topology spoofing via LLDP - hash check in topology-discovery
Checking of CustomSec (TLV field in LLDP packet). Value of CustomSec from LLDP
packet has to be equal to hash value which is computed in
topology-lldp-discovery artifact. Hash value is obtained as MD5 value
calculated from concatenation of strings:
- node connector ID
- pseudo PID of running JAVA karaf
Method getValueForLLDPPacketIntegrityEnsuring() prepare array of bytes which
will be after hashing used to check integrity of LLDP packets. Ensuring that
LLDP packet wasn't modified. (extra authenticator; CVE-2015-1611 CVE-2015-1612)
Change-Id: Ic8f50c88e7d8e3722d8d83a01ffa94a96bde313f
Signed-off-by: Jozef Gloncak <jgloncak@cisco.com>
(cherry picked from commit
67eed66d24b20d03645140d40b44d16ce53e1210)