summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2012-03-25babeld: clean kernel_zebra (old functions, fields...).Matthieu Boutier
2012-03-25babeld: Initial import, for Babel routing protocol.Paul Jakma
* Initial import of the Babel routing protocol, ported to Quagga. * LICENCE: Update the original LICENCE file to include all known potentially applicable copyright claims. Ask that any future contributors to babeld/ grant MIT/X11 licence to their work. * *.{c,h}: Add GPL headers, in according with the SFLC guidance on dealing with potentially mixed GPL/other licensed work, at: https://www.softwarefreedom.org/resources/2007/gpl-non-gpl-collaboration.html
2012-03-23lib: fix endianness bug in prefix.cRenato Westphal
While defining two "maskbytes" arrays for the respective endiannesses, the code was unconditionally using one that only worked on little endian systems. Use preprocessor macros to avoid the somewhat expensive htonl/ntohl macros. From: Renato Westphal <renatowestphal@gmail.com> Signed-off-by: David Lamparter <equinox@diac24.net>
2012-03-12ospfd: reduce ospf_verify_header()Denis Ovsienko
Protocol version checks fits ospf_packet_examin() better (like it is implemented in ospf6d), and packet type check is already there.
2012-03-12ospfd: bring ospf_check_auth() into focusDenis Ovsienko
The old ospf_check_auth() function did two different jobs depending on AuType. For Null and Simple cases it actually authenticated the packet, but for Cryptographic case it only checked declared packet size (not taking the actual number of bytes on wire into account). The calling function, ospf_verify_header(), had its own set of MD5/checksum checks dispatched depending on AuType. This commit makes the packet size check work against the real number of bytes and moves it to ospf_packet_examine(). All MD5/checksum verification is now performed in ospf_check_auth() function. * ospf_packet.c * ospf_packet_examin(): check length with MD5 bytes in mind * ospf_verify_header(): remove all AuType-specific code * ospf_check_auth(): completely rewrite
2012-03-12ospfd: introduce ospf_auth_type_str[]Denis Ovsienko
2012-03-12ospfd: fix packet length check for auth/LLS casesDenis Ovsienko
An OSPFv2 packet with trailing data blocks (authentication and/or link-local signaling) failed the recently implemented packet length check, because trailing data length isn't counted in the packet header "length" field. This commit fixes respective check conditions. * ospf_packet.c * ospf_packet_examin(): use "bytesdeclared" instead of "bytesonwire"
2012-03-12ospfd: introduce ospf_lsa_minlen[] (BZ#705)Denis Ovsienko
This commit ports more packet checks to OSPFv2, in particular, LSA size verification and Router-LSA link blocks verification. * ospf_lsa.h: add LSA size macros * ospf_packet.h: add struct ospf_ls_update * ospf_packet.c * ospf_lsa_minlen[]: a direct equivalent of ospf6_lsa_minlen[] * ospf_router_lsa_links_examin(): new function, verifies trailing part of a Router-LSA * ospf_lsa_examin(): new function like ospf6_lsa_examin() * ospf_lsaseq_examin(): new function like ospf6_lsaseq_examin() * ospf_packet_examin(): add type-specific deeper level checks
2012-03-12ospfd: review ospf_check_md5_digest()Denis Ovsienko
Rewrite some pointer arithmetics without the additional variables and move byte order conversion inside the function.
2012-03-12ospfd: review ospf_check_auth()Denis Ovsienko
1. The only purpose of "ibuf" argument was to get stream size, which was always equal to OSPF_MAX_PACKET_SIZE + 1, exactly as initialized in ospf_new(). 2. Fix the packet size check condition, which was incorrect for very large packets, at least in theory.
2012-03-12ospfd: introduce ospf_packet_minlen[] (BZ#705)Denis Ovsienko
This commit ports some of the OSPFv3 packet reception checks to OSPFv2. * ospf_packet.c * ospf_packet_minlen[]: a direct equivalent of ospf6_packet_minlen[] * ospf_packet_examin(): new function designed after the first part of ospf6_packet_examin() * ospf_read(): verify received packet with ospf_packet_examin() * ospf_packet.h: add convenience macros
2012-03-12ospfd: fix ospf_packet_add_top() to use LOOKUP()Denis Ovsienko
2012-03-12ospfd: use LOOKUP() for ospf_packet_type_strDenis Ovsienko
* ospf_packet.h: add proper str/max extern declarations * ospf_packet.c * ospf_packet_type_str: rewrite in "struct message", add max value * ospf_packet_add(): use LOOKUP() * ospf_write(): ditto * ospf_hello(): ditto * ospf_read(): ditto * ospf_dump.h: the declaration does not belong here * ospf_dump.c * ospf_header_dump(): use LOOKUP() * show_debugging_ospf(): ditto
2012-03-08doc: Fix an apparently no longer legal @itemize @asisPaul Jakma
* basic.texi: @asis isn't legal with @itemize apparently, should be @w according to docs, but @w{} seems to be needed. Fixes doc build error.
2012-03-08HACKING.tex: Change to a LaTeX version of HACKINGPaul Jakma
* configure.ac: Check for latexmk and pdflatex * Makefile.am: Add a conditional target to build HACKING.pdf, as a convenience * HACKING.tex: A slightly more structured HACKING, is readable on its own. * HACKING: removed
2012-03-07HACKING: Typo fixPaul Jakma
2012-03-07HACKING: Updates that have some initial consensus, for further iteration.Paul Jakma
2012-03-05Merge remote-tracking branch 'quagga-gnu.org/master'Paul Jakma
2012-03-04bgpd: Open option parse errors don't NOTIFY, resulting in abort & DoSPaul Jakma
* bgp_packet.c: (bgp_open_receive) Errors from bgp_open_option_parse are detected, and the code will stop processing the OPEN and return. However it does so without calling bgp_notify_send to send a NOTIFY - which means the peer FSM doesn't get stopped, and bgp_read will be called again later. Because it returns, it doesn't go through the code near the end of the function that removes the current message from the peer input streaam. Thus the next call to bgp_read will try to parse a half-parsed stream as if it were a new BGP message, leading to an assert later in the code when it tries to read stuff that isn't there. Add the required call to bgp_notify_send before returning. * bgp_open.c: (bgp_capability_as4) Be a bit stricter, check the length field corresponds to the only value it can be, which is the amount we're going to read off the stream. And make sure the capability flag gets set, so callers can know this capability was read, regardless. (peek_for_as4_capability) Let bgp_capability_as4 do the length check.
2012-03-04tools/multiple-bgpd: Fix the PREV calculation so it works for <4 bgpdPaul Jakma
* tools/multiple-bgpd: Make PREV more general and correct. Add comment to route-map about why rt/soo sets are there - cause it's still broken.
2012-03-02HACKING.pending: Add Quagga-RE detailsPaul Jakma
2012-02-28lib: fix incorrect thread list processing loopsPaul Jakma
* thread.c: (thread_timer_process,thread_process) thread_list_delete nulls thread->next. Loops need to save next first, or will only process the head. Problem noted by Lou Berger <lberger@labn.net>.
2012-02-28bgpd: Move up flag-check calls, parcel up attr-parser args, and other cleanupsPaul Jakma
* bgp_attr.h: (struct bgp_attr_parser_args) Attribute parsing context, containing common arguments. * bgp_attr.c: (general) Move the bgp_attr_flag_invalid flag-check calls up, out of each individual attr parser function, to be done once in attr_parse. Similarly move the calculation of the 'total' attribute length field up to attr_parse. Bundle together common arguments to attr-parsing functions and helpers into (struct bgp_attr_parser_args), so it can be passed by reference down the stack & also de-clutter the argument lists & make it easier to add/modify the context for attr-parsing - add local const aliases to avoid modifying body of code too much. This also should help avoid cut & paste errors, where calls to helpers with hard-coded attribute types are pasted to other functions but the code isn't changed. (bgp_attr_flags_diagnose) as above. (bgp_attr_flag_invalid) as above. (bgp_attr_{origin,aspath,as4_path,nexthop,med,local_pref,atomic}) as above. (bgp_attr_{aggregator,as4_aggregator,community,originator_id}) as above (bgp_attr_{cluster_list,ext_communities},bgp_mp_{un,}reach_parse) as above (bgp_attr_unknown) as above. (bgp_attr_malformed) as above. Also, startp and length have to be special-cased, because whether or not to send attribute data depends on the particular error - a separate length argument, distinct from args->length, indicates whether or not the attribute data should be sent in the NOTIFY. (bgp_attr_aspath_check) Call to bgp_attr_malformed is wrong here, there is no attribute parsing context - e.g. the 'flag' argument is unlikely to be right, remove it. Explicitly handle the error instead. (bgp_attr_munge_as4_attrs) Flag argument is pointless. As the comment notes, the check here is pointless as AS_PATH presence already checked elsewhere. (bgp_attr_parse) Do bgp_attr_flag_invalid call here. Use (struct bgp_attr_parser_args) for args to attr parser functions. Remove out-of-context 'flag' argument to as4 checking functions.
2012-02-28bgpd: consolidate attribute flag checksPaul Jakma
* bgpd/bgp_attr.c: (attr_flags_values []) array of required flags for attributes, EXTLEN & PARTIAL masked off as "dont care" as appropriate. (bgp_attr_flag_invalid) check if flags may be invalid, according to the above table & RFC rules. (bgp_attr_*) Use bgp_attr_flag_invalid. (bgp_attr_as4_aggregator) ditto, also take startp argument for the NOTIFY data. (bgp_attr_parse) pass startp to bgp_attr_as4_aggregator
2012-02-21ospf6d: remove defaults from iface config (BZ#550)Vyacheslav Trushkin
2012-02-21ospf6d: remove own routes on SIGTERM (BZ#448)Phil Laverdiere
2012-02-21lib: fix logging of ZEBRA_HELLO messageDenis Ovsienko
2012-02-16lib: add THREAD_TIMER_MSEC_ON()Everton Marques
* lib/thread.h: new timer macro, millisecond precision (this was cherrypicked from pimd to isolate all non-contained changes) From: Everton Marques <everton.marques@gmail.com> Signed-off-by: David Lamparter <equinox@diac24.net>
2012-02-14isisd: implement MD5 circuit authenticationFritz Reichmann
* Replace command "isis passwd" with "isis passwd {clear|md5}" * Verify HMAC MD5 on ISIS Hello PDUs * Add HMAC MD5 authentication to md5.h/md5.c from RFC2104
2012-02-14isisd: unexpected kernel routing table (BZ#544)Fritz Reichmann
Fix bug 544: isisd produces an unexpected routing table for wide-metric. * isis_spf.c: Accept VTYPE_PSEUDO_TE_IS and VTYPE_NONPSEUDO_TE_IS vertex types for SPF calculation * isis_pdu.c: Change order of TLVs to match Cisco to make bitwise comparison easier for Wireshark * isis_tlv.c: EXTREME_TLV_DEBUG for TLV debugging instead of EXTREME_DEBUG
2012-02-14isisd: fix wrong next-hops from SPFPeter Szilagyi
The forwarding table was filled with wrong next-hops, and which is even worse, it was done in a totally non-deterministic way. The next-hop set for an IP prefix by isisd was the neighbor IS from which the flooded LSP about the IP prefix was arrived. So, if an IS received all the LSPs through its, say, eth0 interface, all entries in the forwarding table contained the next IS reachable via eth0 as the next-hop. The solution is to propagate the correct next-hop further from node to node as the SPF algorithm traverses the graph and selects the next node to be added to the set of already covered nodes. Also, the construction of the tentative node list (the nodes where the shortest path is not known yet) was buggy: if a node was already a member of this list with a certain path cost, and an alternative path was found to it with a lower cost while processing a pseudo-node LSP, it was not added to the list. This way, the path selected by isisd for a certain prefix was the first one it encountered during the LSDB processing. Signed-off-by: Fritz Reichmann <fritz@reichmann.nl>
2012-02-14isisd: send proper LSP after DIS electionPeter Szilagyi
After an IS has been elected as the Designated IS for a LAN, it did not refresh the content of the pseudo-node after a new node has been connected to the same LAN. Instead, the periodically reoriginated pseudo-node LSP still contained only those IS neighbors that were already present when the DIS election process was commenced. The fix for the problem schedules an LSP regeneration rather than just reoriginating the same LSP with the old content. Signed-off-by: Fritz Reichmann <fritz@reichmann.nl>
2012-02-14isisd: fix circuit state machinePeter Szilagyi
isisd has a so-called circuit state machine that takes care about the interface state changes, such as initializing, down, up. When an interface was brought down by a link failure, the interface information was deleted and set to NULL. When the link was restored later, the interface was looked up by the old pointer, but since it was cleared, it was never found again, resulting in an interface never entering the up state again. Also, the program regularly crashed because of a deleted pointer in the same context which was later accessed without any further checking. Signed-off-by: Fritz Reichmann <fritz@reichmann.nl>
2012-02-11ospf6d: fix out of bounds write in ospf6_prefix_apply_maskDavid Lamparter
ospf6_prefix_apply_mask would write one byte beyond the 4/8/12 bytes allocated for prefixes of length 32/64/96. based on report and patch by Jon Andersson <jon.andersson@thales.no> Reported-by: Jon Andersson <jon.andersson@thales.no> Signed-off-by: David Lamparter <equinox@diac24.net>
2012-01-26zebra: justify rtadv VTY commands with argumentsDenis Ovsienko
ipv6 nd ra-interval ipv6 nd ra-lifetime ipv6 nd reachable-time ipv6 nd home-agent-preference ipv6 nd home-agent-lifetime ipv6 nd router-preference Calls to atoi() and atol() are replaced with VTY_GET_INTEGER_RANGE() macro, command patterns are clarified and aliases of some commands are added for consistency. Other changes are listed below. * zebra/rtadv.c * ipv6_nd_ra_interval_msec(): resolve -Wsign-compare * ipv6_nd_ra_interval(): idem * rtadv_init(): update to list new aliases * doc/ipv6.texi: update to match current implementation
2012-01-26zebra: freshen RFC references in rtadvDenis Ovsienko
RFC2461 was replaced by RFC4861 RFC3775 was replaced by RFC6275 draft-ietf-mip6-mipext-advapi-03 was replaced by RFC4584
2012-01-26zebra: use prefix_ipv6 in rtadv_prefixDenis Ovsienko
rtadv_prefix.prefix was casted to "struct prefix_ipv6" and had the same size, make it exactly this type to make the code a bit cleaner.
2012-01-26zebra: clear host bits of ND RA prefix optionDenis Ovsienko
RFC4861 4.6.2. Prefix Information Prefix An IP address or a prefix of an IP address. The Prefix Length field contains the number of valid leading bits in the prefix. The bits in the prefix after the prefix length are reserved and MUST be initialized to zero by the sender and ignored by the receiver. * rtadv.c * ipv6_nd_prefix(): add missing call to apply_mask_ipv6() * no_ipv6_nd_prefix(): idem
2012-01-26zebra: justify some IPv6 ND RA timers wrt RFCDenis Ovsienko
There was a regression introduced with the previous commit: "ipv6 nd home-agent-lifetime 1800000" appeared by default in every interface section of running-config, although this command is invalid in this context. Troubleshooting and bugfixing of the issue tracked out several bugs in router advertisement procedures, some of which are fixed in this commit. * zebra/interface.c * if_zebra_new_hook(): update to treat -1 as "uninitialized" * nd_dump_vty(): idem * zebra/rtadv.c * rtadv_send_packet(): update processing of "router lifetime" field, "home agent" option and "home agent lifetime" field to conform to RFC6275 better * ipv6_nd_ra_interval_msec(): update MaxRtrAdvInterval range check, make sure it never exceeds (initialized) AdvDefaultLifetime * ipv6_nd_ra_interval(): idem * ipv6_nd_ra_lifetime(): update AdvDefaultLifetime range check, make sure it never falls below MaxRtrAdvInterval * ipv6_nd_homeagent_lifetime(): update HomeAgentLifetime range check * no_ipv6_nd_ra_lifetime(): update to treat -1 as "uninitialized" * no_ipv6_nd_homeagent_lifetime(): idem * rtadv_config_write(): idem
2012-01-26zebra: fix output of IPv6 ND RA optionsDenis Ovsienko
The following options could be configured for an interface, but were never visible in the config text: ipv6 nd adv-interval-option ipv6 nd home-agent-preference ipv6 nd home-agent-lifetime ipv6 nd home-agent-config-flag
2012-01-23fix zebra protocol after MP-BGP changesDenis Ovsienko
The previous commits modified both zebra and bgpd for additional SAFI field, but not any other routing daemon, which led to zebra daemon crashing with failed assertion.
2012-01-23zebra: fix recent MP-BGP commits for FreeBSDDenis Ovsienko
2012-01-23zebra: Removal of the following warning messagesG.Balaji
warning: too many arguments for format [-Wformat-extra-args]
2012-01-23bgpd: Addition of ipv6 network command in Multicast address family mode.G.Balaji
The patch adds the ipv6 network command in the BGP multicast address family mode.
2012-01-23zebra: IPv6 MP-BGP Routes addition and deletionG.Balaji
This patch contains the following: 1. Addition of IPv6 SAFI_MULTICAST BGP routes into the RTM's RIB. 2. Deletion of IPv6 SAFI_MULTICAST BGP routes from the RTM's RIB.
2012-01-23bgpd: IPv6 MP-BGP Routes addition and deletionG.Balaji
This patch contains the following: 1. Addition of IPv6 SAFI_MULTICAST BGP routes into the BGP Multicast RIB. 2. Deletion of IPv6 SAFI_MULTICAST BGP routes from the BGP Multicast RIB.
2012-01-23zebra: IPv4 MP-BGP Routes addition and deletionG.Balaji
This patch contains the following: 1. Addition of IPv4 SAFI_MULTICAST BGP routes into the RTM's RIB. 2. Deletion of IPv4 SAFI_MULTICAST BGP routes from the RTM's RIB.
2012-01-23bgpd: IPv4 MP-BGP Routes addition and deletionG.Balaji
This patch contains the following: 1. Addition of IPv4 SAFI_MULTICAST BGP routes into the BGP Multicast RIB. 2. Deletion of IPv4 SAFI_MULTICAST BGP routes from the BGP Multicast RIB.
2012-01-20zebra: include MTU option in RA on request (BZ#665)Denis Ovsienko
This implements a new "ipv6 nd mtu <1-65535>" interface-level command. * doc/ipv6.texi: add description * zebra/rtadv.c * rtadv_send_packet(): send option type 5, when configured * ipv6_nd_mtu(): new VTY helper * no_ipv6_nd_mtu(): ditto * rtadv_config_write(): add new option * rtadv_init(): list new helpers
2012-01-09bgpd: reinstate zlookup checks, required for BGP without zebraPaul Jakma
* bgp_nexthop.c: The nexthop lookup cache has to return success for queried nexthops if bgpd isn't connected to zebra, or else BGP without zebra doesn't work.