summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2011-11-15bgpd: justify capabilities for TOS settingChris Luke
To set the TOS bits on TCP connections, platforms that restrict capabilities need the priv level to be raised before the sockopt is set, and this requires the ZCAP_NET_ADMIN priv. * bgp_main.c: update _caps_p to include ZCAP_NET_ADMIN * bgp_network.c * bgp_connect(): request ZPRIVS_RAISE/ZPRIVS_LOWER * bgp_listener(): request ZPRIVS_RAISE earlier
2011-11-15ospfd: improve fix to CVE-2011-3326 (BZ#586)Thomas Ries
Make ospf_flood() propagate error returned by ospf_lsa_install() further to properly discard the malformed LSA, not just prevent the immediate crash.
2011-11-15bgpd: revised fix to --dryrun (BZ#622)Sergey Y. Afonin
2011-10-26bgpd: fix 2 more cases of length error reportingDenis Ovsienko
* bgp_attr.c (bgp_attr_originator_id, bgp_attr_cluster_list): provide required arguments to bgp_attr_malformed()
2011-10-22bgpd: check AGGREGATOR attr flags (BZ#678)Denis Ovsienko
* bgp_attr.c * bgp_attr_aggregator(): check Optional/Transitive flag bits
2011-10-19bgpd: fix more regressions in attr flag checksDenis Ovsienko
Commit 05a4936b713b9882171d0f7fb20b8439df23939e fixed some of the attributes involved, but not all. This commit should do it. * bgp_attr.c * bgp_attr_originator_id() * bgp_attr_cluster_list() * bgp_mp_reach_parse() * bgp_mp_unreach_parse()
2011-10-18bgpd: use bgp_attr_malformed()Denis Ovsienko
Some of the recent attribute flags/length checks copied from QRE use bgp_notify_send_with_data() directly, but master branch assumes using bgp_attr_malformed(). * bgp_attr.c * bgp_attr_med() * bgp_attr_local_pref() * bgp_attr_atomic() * bgp_attr_originator_id() * bgp_attr_cluster_list() * bgp_mp_reach_parse() * bgp_mp_unreach_parse()
2011-10-17bgpd: add flag checks for MP_(UN)REACH_NLRIDenis Ovsienko
* bgp_attr.[ch] * bgp_mp_reach_parse(): add extra arguments and a uniform flag check block * bgp_mp_unreach_parse(): idem * bgp_attr_parse(): provide extra arguments * bgp_mp_attr_test.c * parse_test(): justify respective calls
2011-10-17bgpd: fix spelling of CLUSTER_LISTDenis Ovsienko
2011-10-17bgpd: check CLUSTER_LIST attribute flagsDenis Ovsienko
* bgp_attr.c * bgp_attr_cluster_list(): accept extra argument, add checks for "optional", "transitive" and "partial" bits, log each error condition independently * bgp_attr_parse(): provide extra arguments
2011-10-17bgpd: check ORIGINATOR_ID attribute flagsDenis Ovsienko
* bgp_attr.c * bgp_attr_originator_id(): accept extra argument, add checks for "optional", "transitive" and "partial" bits, log each error condition independently * bgp_attr_parse(): provide extra arguments
2011-10-17vtysh: [build] silence preprocessor errors in some casesDmitrij Tejblum
* extract.pl.in: use configured CPPFLAGS in cpp invocation.
2011-10-17lib: compile even without IPV6_TCLASSDenis Ovsienko
2011-10-17IPv6 transport class suppportStephen Hemminger
IPv6 supports the same concept of differentiated service for routing protocols as IPv4, but like too many things, the standards committee decided that having two names for the same thing wasn't good enough and introduced a third more generic term transport class. The socket option to set transport class works the same as IPv4, but the arguments are different. * lib/sockopt.[ch] * setsockopt_ipv6_tclass(): new function * bgpd/bgp_network.c * bgp_connect(): set socket option * bgp_listener(): set socket option * ospf6d/ospf6_network.c * ospf6_set_transport_class(): new function * ospf6_serv_sock(): set socket option * ripngd/ripngd.c * ripng_make_socket(): set socket option
2011-10-12bgpd: fix regression in improved attr flag checksDenis Ovsienko
Commit 2febf323411c1aed9d7694898f852ce2ef36a7e5 assumed every flag bit except optional/transitive/partial unset, which at times could not be true for "extended length" bit. * bgp_attr.c * bgp_attr_origin(): exclude BGP_ATTR_FLAG_EXTLEN from comparison * bgp_attr_nexthop(): idem * bgp_attr_med(): idem * bgp_attr_local_pref(): idem * bgp_attr_atomic(): idem
2011-10-08bgpd: fix parsing of graceful restart cap. (#663)Peter Pentchev
"While setting up a testbed, I ran across a little problem in the parsing of the "graceful restart" BGP capability that resulted in Quagga not actually activating it for the peer in question - when the peer sent a single AFI/SAFI block." * bgp_open.c * bgp_capability_restart(): actually process the last AFI/SAFI block
2011-10-08bgpd: improve attr length error handling (BZ#679)Denis Ovsienko
* bgp_attr.c * bgp_attr_parse(): provide extra argument to bgp_attr_aggregator() * bgp_attr_local_pref(): use bgp_notify_send_with_data() * bgp_attr_atomic(): idem * bgp_attr_aggregator(): idem Conflicts: bgpd/bgp_attr.c
2011-09-30bgpd: improve attr flags checksDenis Ovsienko
Do not check each of the Optional/Transitive/Partial attribute flag bits, when their only valid combination is known in advance, but still perform bit-deep error message logging. This change assumes unused (low-order) 4 bits of the flag octet cleared. * bgp_attr.c * bgp_attr_origin(): rewrite check * bgp_attr_nexthop(): idem * bgp_attr_med(): idem * bgp_attr_local_pref(): idem * bgp_attr_atomic(): idem Conflicts: bgpd/bgp_attr.c
2011-09-30bgpd: ignore 4 bits of attribute flags byteDenis Ovsienko
2011-09-30bgpd: add missing "partial" flag checks (BZ#676)Denis Ovsienko
ORIGIN handling function used to have "partial" bit check and recent commits added it for NEXT_HOP, MULTI_EXIT_DISC and ATOMIC_AGGREGATE cases. This commit adds "partial" check for AS_PATH and LOCAL_PREF cases, which should leave attributes 1 through 6 inclusive completely covered with attribute flags checks. * bgp_attr.c * bgp_attr_origin(): use bit-by-bit checks for better diagnostics * bgp_attr_aspath(): add flag check * bgp_attr_local_pref(): idem Conflicts: bgpd/bgp_attr.c
2011-09-30bgpd: improve NEXT_HOP attribute checks (BZ#680)Denis Ovsienko
* lib/prefix.h * IPV4_CLASS_DE(): new helper macro * bgp_attr.c * bgp_attr_nexthop(): add check for "partial" bit, refresh flag error reporting, explain meaning of RFC4271 section 6.3 and implement it Conflicts: bgpd/bgp_attr.c
2011-09-29bgpd: rename SAFI 3 according to RFC4760Denis Ovsienko
- SAFI value 3 is reserved. It was assigned by RFC 2858 for a use that was never fully implemented, so it is deprecated by this document. * zebra.h: rename macro * bgp_fsm.c: (bgp_graceful_restart_timer_expire, bgp_graceful_stale_timer_expire, bgp_stop, bgp_establish): update * bgpd.c: (peer_nsf_stop): update * bgp_open.c: (bgp_capability_vty_out): SAFI 3 isn't a recognized case any more
2011-09-29bgpd: more SAFI fixesDenis Ovsienko
(with resolved conflict in bgpd/bgp_packet.c) Two macros resolving to the same integer constant broke a case block and a more thorough merge of BGP_SAFI_VPNV4 and BGP_SAFI_VPNV6 was performed. * bgpd.h: MPLS-labeled VPN SAFI is AFI-independent, switch to single * macro * bgp_capability_test.c: update test data * bgp_mp_attr_test.c: idem * bgp_route.c: (bgp_maximum_prefix_overflow, bgp_table_stats_vty) update macro and check conditions (where appropriate) * bgp_packet.c: (bgp_route_refresh_send, bgp_capability_send, bgp_update_receive, bgp_route_refresh_receive): idem * bgp_open.c: (bgp_capability_vty_out, bgp_afi_safi_valid_indices, bgp_open_capability_orf, bgp_open_capability): idem * bgp_attr.c: (bgp_mp_reach_parse, bgp_packet_attribute, bgp_packet_withdraw): idem
2011-09-29bgpd: fix SAFI for for MPLS labeled VPN-IPv6Denis Ovsienko
* bgpd.h: change value of BGP_SAFI_VPNV6 to 128 (RFC4659, BZ#659) * bgp_route.c: (bgp_table_stats_vty) fix length argument to strncmp()
2011-09-29release: 0.99.20Denis Ovsienko
2011-09-29ospfd: fix regression in recent commitYAMAMOTO Shigeru
commit '717750433839762d23a5f8d88fe0b4d57c8d490a' causes SEGV error, when 'oi = ospf_if_lookup_recv_if (ospf, iph->ip_src, ifp);' returns NULL. * ospf_packet.c * ospf_read(): change a place of calling 'ospf_verify_header()'
2011-09-27ospfd: remove unused macroDenis Ovsienko
2011-09-27bgpd: don't be confused by "unspecific" subcode in the NOTIFY message.Dmitrij Tejblum
* bgp_debug.c (bgp_notify_open_msg, bgp_notify_update_msg, bgp_notify_cease_msg, bgp_notify_capability_msg): add messages for "unspecific" subcode.
2011-09-27lib: provide more information in case of failed LOOKUP.Dmitrij Tejblum
* log.[ch] * mes_lookup: add a parameter with the name of the message list, print the name in case of failure. * LOOKUP macro: pass the name of the message list.
2011-09-27configure: test for glibc backtrace even without glibc.Dmitrij Tejblum
Other platform may have compatible facilities.
2011-09-27ospfd: spellingDenis Ovsienko
2011-09-27bgpd: spellingDenis Ovsienko
2011-09-27bgpd: spellingDenis Ovsienko
2011-09-27ospfd: use existing macro for consistencyDenis Ovsienko
2011-09-27zebra: add missing includesDenis Ovsienko
2011-09-27ospf6d: address more trivial compiler warningsDenis Ovsienko
* ospf6_main.c: include required headers * ospf6_asbr.h: idem * ospf6_spf.c * ospf6_spf_install(): remove unused variables
2011-09-27ospfd: sizing macros cleanupDenis Ovsienko
* ospf_spf.c * ROUTER_LSA_TOS_SIZE: prepend OSPF_ and move to ospf_lsa.h * ROUTER_LSA_MIN_SIZE: replace with existing OSPF_ROUTER_LSA_LINK_SIZE
2011-09-27lib: use "protocol-independed API" from RFC3678, if that is availableDmitrij Tejblum
(This commit is based on the patch from BZ#420, and should fix that bug.) * configure.ac: detect availability of that API * sockopt.c (setsockopt_ipv4_multicast): use it for join/leave IPv4 multicast groups
2011-09-27lib: futher simplification of setsockopt_ipv4_multicast()Dmitrij Tejblum
* sockopt.c (setsockopt_ipv4_multicast): check for wrong optname with assert(), rather than return an error.
2011-09-27lib: fix omission in the previous commit to lib/sockopt.cDmitrij Tejblum
* sockopt.c (setsockopt_ipv4_multicast_if): fix missed line in the previous commit.
2011-09-27lib: simplify interface of setsockopt_multicast_ipv4().Dmitrij Tejblum
* sockopt.[ch] (setsockopt_ipv4_multicast): ifindex is now mandatory (all non-ancient OSes can use it anyway), and if_addr parameter (the address of the interface) is now gone. (setsockopt_ipv4_multicast_if): IP_MULTICAST_IF processing moved to this new function * ospf_network.c (ospf_if_add_allspfrouters, ospf_if_drop_allspfrouters, ospf_if_add_alldrouters, ospf_if_drop_alldrouters, ospf_if_ipmulticast), rip_interface.c (ipv4_multicast_join, ipv4_multicast_leave, rip_interface_new): adapt to the new interface
2011-09-27ospf6d: spellingDenis Ovsienko
2011-09-27lib: remove unused variableDenis Ovsienko
* sockopt.c (getsockopt_ifindex): "ifindex" was never used
2011-09-27delete CVS keywordsDenis Ovsienko
2011-09-27configure: fix OpenPAM detectionDenis Ovsienko
2011-09-27bgpd: check ATOMIC_AGGREGATE attr flags (BZ#678)Denis Ovsienko
* bgp_attr.c * bgp_attr_atomic(): accept extra argument, add checks for "optional", "transitive" and "partial" bits, log each error condition independently * bgp_attr_parse(): provide extra argument
2011-09-27bgpd: check MULTI_EXIT_DISC attr flags (BZ#677)Denis Ovsienko
* bgp_attr.c * bgp_attr_med(): add checks for "optional", "transitive" and "partial" bits, log each error condition independently
2011-09-27bgpd: check LOCAL_PREF attribute flags (BZ#674)Denis Ovsienko
* bgp_attr.c * bgp_attr_local_pref(): accept extra argument, add checks for "optional" and "transitive" bits, log each error condition independently * bgp_attr_parse(): provide extra argument
2011-09-27bgpd: add useful notification logs (BZ#616)heasley
* bgp_packet.c * bgp_notify_send_with_data(): add calls to zlog_info()
2011-09-27bgpd: consistent log msg format (BZ#565)heasley