[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Recovering from multiple routers advertising routes

On Wed, May 21, 2003 at 11:31:48PM -0400, Anthony DeRobertis wrote:
> On Wed, 2003-05-21 at 21:32, Peter Cordes wrote:
> > On Wed, May 14, 2003 at 03:41:44PM -0400, Anthony DeRobertis wrote:
> 
> >  Couldn't you do (b) the way SSH handles server public keys?
> 
> Sure, I suppose so, at least on hosts that can keep enough state. Though
> replacing a DHCP server would be a royal PITA!

 If you could get the private key out and use it in the new one, it would be
ok.  Otherwise, you might need to issue a "forget about this key" message,
like I suggested might be necessary.  As long as nobody picked that time to
set up a bogus DHCP server, the clients would all get the public key of the
new DHCP server and then be able to reject attacks once again.  Still, all
that increased complexity leaves a lot of room for something to go wrong and
leave an admin with the task of needing to doing something to a whole bunch
of machines, maybe manually because their network interfaces are down.
Running around with a floppy with a shell script on it doesn't sound like a
lot of fun...


> >#define X(x,y) x##y
> >Peter Cordes ;  e-mail: X(peter@llama.nslug. , ns.ca)
> 
> <stdin>:2:53: warning: pasting "." and "ns" does not give a valid
> preprocessing token
> 
> /me thinks that should be "#define X(x,y) #x#y"

 Uh oh, my .sig was dependent on non-standard behaviour of old gcc versions
:(.  (it works with gcc-2.95 -E -).  x##y gives a warning message and leave
a space between the . and the ns, but #x#y leaves double quotes floating
around.  To get rid of the extra space, it has to be ...nslug.,ns.ca, but
that still gives a warning.  Here's on that works: ...nslug.n , s.ca.  I'll
go with that for now, but it's even more obtuse to people who have never
heard of C (I sometimes wonder what non-techies think of my .sig, but I do
assume they can figure out what my email addr is from it.  Now even that
might be a problem.)

 I might just give up on the CPP macro.  Actually, I'm curious why my old
.sig generated a warning from gcc;  I didn't know the preprocessor had such
high standards for its tokens.  Maybe it's a bug in gcc, but I'm not going
to try to figure that out, so it would be good if someone who recently
memorized the C standard could tell me whether it deserves a warning or
not, and if so, why :)

-- 
#define X(x,y) x##y
Peter Cordes ;  e-mail: X(peter@llama.nslug.n , s.ca)

"The gods confound the man who first found out how to distinguish the hours!
 Confound him, too, who in this place set up a sundial, to cut and hack
 my day so wretchedly into small pieces!" -- Plautus, 200 BC
Reply to: