summaryrefslogtreecommitdiff
path: root/bgpd/ChangeLog
AgeCommit message (Collapse)Author
2008-07-22[bgpd] Fix triggerable crash when compiled with --disable-bgp-announcePaul Jakma
2008-07-22 Paul Jakma <paul.jakma@sun.com> * HACKING: Document preference for compiler conditional code, over cpp conditional. * configure.ac: DISABLE_BGP_ANNOUNCE always should be defined. * bgp_{packet,route,advertise}.c: change to compiler testing of DISABLE_BGP_ANNOUNCE, rather than cpp. 2008-07-22 MIYAJIMA Mitsuharu <miyajima.mitsuharu@anchor.jp> * bgp_packet.c: (bgp_update_packet_eor) Fix crash triggerable if a bgpd was compiled with --disable-bgp-announce and if GR is advertised by peer.
2008-07-22[bgpd] fix a couple of trivial compiler warningsPaul Jakma
2008-07-22 Paul Jakma <paul.jakma@sun.com> * bgp_community.c: (community_str2com) assigns defaults to local vars * bgp_attr.c: (bgp_attr_parse) match format specifier to arg * bgp_table.{c,h}: (bgp_table_top) can take a * to a const, quelling warning in bgp_route.c
2008-07-21[bgpd] TCP-MD5: password vty configuration and initial Linux supportPaul Jakma
2008-07-21 Paul Jakma <paul.jakma@sun.com> * bgp_packet.c: (bgp_open_receive) fix warning in a zlog call * bgp_vty.c: (bgp_vty_return) add return code * bgpd.c: (bgp_master_init) setup the socket list. * bgp_network.c: Remove the dual IPv4/6 socket thing for now, which was implemented by Michael, until such time as its clear its required for Linux (see sockopt comments). IPv6 support, including IPv4 sessions on AF_INET6 sockets, therefore is broken, and the '-l 0.0.0.0' arguments would need to be given to bgpd to make things work here. 2008-07-21 Michael H. Warfield <mhw@wittsend.com> YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org> Tomohiko Kusuda <kusuda@inetcore.com> Leigh Brown <leigh@solinno.co.uk> * bgp_network.c: (bgp_md5_set_one) shim between libzebra tcp-md5 sockopt and bgpd. (bgp_md5_set_socket) Helper for bgp_connect (bgp_md5_set) setup TCP-MD5SIG for the given peer. (bgp_connect) call out to bgp_md5_set_socket for the outgoing connect socket. (bgp_socket) save references to the listen sockets, needed if TCP-MD5SIG is applied later or changed. * bgp_vty.c: (*neighbor_password_cmd) New 'neighbor ... password' commands. * bgpd.c: (peer_{new,delete) manage TCP-MD5 password (peer_group2peer_config_copy) inherit TCP-MD5 password (peer_password_{un,}set) orchestrate the whole add/remove of TCP-MD5 passwords: applying checks, stopping peers, and trying to return errors to UI, etc. (bgp_config_write_peer) save password. Fix missing newline in writeout of neighbor ... port. 2008-07-21 Paul Jakma <paul.jakma@sun.com> * sockunion.c: ifdef out various places that converted v4mapped sockets to pure v4. Doesn't seem necessary at all, presumably a workaround for now historical inet_ntop bugs (?) 2008-07-21 Michael H. Warfield <mhw@wittsend.com> YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org> * sockopt.{c,h}: (sockopt_tcp_signature) Add TCP-MD5SIG support.
2008-07-02[vty] CMD_AS_RANGE accidently quoted and so not expanded in vtyPaul Jakma
2008-07-02 MIYAJIMA Mitsuharu <miyajima.mitsuharu@anchor.jp> * *.c: CMD_AS_RANGE was being used inside command strings, and thus not being expanded, fix by dequoting.
2008-07-02[bgpd] Fix double-free crash in bgp_table_finish, seen with rs-clientPaul Jakma
2008-07-02 Stephen Hemminger <stephen.hemminger@vyatta.com> * bgp_table.{c,h}: (bgp_table_finish) Take a double pointer and scrub pointer in caller, so fixing double-free crashes seen with route-server-client configuration. * *.c: Adjust all callers of bgp_table_finish 2008-07-02 Paul Jakma <paul.jakma@sun.com> * bgp_table.{c,h}: (bgp_node_delete, bgp_table_free) shouldn't be exported.
2008-06-07[bgpd] minor changes to bgp_mp_reach_parsePaul Jakma
2008-06-07 Paul Jakma <paul@jakma.org> * bgp_attr.{c,h}: (bgp_mp_{un,}reach_parse) export, for unit tests. * bgp_attr.c: (bgp_mp_reach_parse) Add logging. Tighten length test to bounds check against the attribute length rather than the stream length..
2008-06-01[bgpd] bug #419: partial aspath-limit incorrectly causes session resetPaul Jakma
2008-06-01 jfletche@gmail.com * bgp_attr.c: (bgp_attr_aspathlimit) fix silly bug in flags check that was causing BGP to drop sessions if it received a aspath-limit with partial set. Fixes bug #419.
2008-04-10+ [bgpd] Added new route-map set statement: "as-path ignore"Denis Ovsienko
2008-03-13[bgpd] remove unnecessary 0 entries from struct message'sPaul Jakma
2008-03-13 Paul Jakma <paul.jakma@sun.com> * (various) Remove 0 entries from struct message's, unneeded due to recent improvements in mes_lookup/LOOKUP.
2008-01-29[bgpd] fix crash on startup if compiled IPv4-onlyPaul Jakma
2008-01-29 Jorge Boncompte <jorge@dti2.net> * bgp_network.c: (bgp_socket) IPv4-only version crashes if -l is not used as address will be null.
2007-12-22[bgpd] Fix number of DoS security issues, restricted to configured peers.Paul Jakma
2007-12-22 Paul Jakma <paul.jakma@sun.com> * Fix series of vulnerabilities reported by "Mu Security Research Team", where bgpd can be made to crash by sending malformed packets - requires that bgpd be configured with a session to the peer. * bgp_attr.c: (bgp_attr_as4_path) aspath_parse may fail, only set the attribute flag indicating AS4_PATH if we actually managed to parse one. (bgp_attr_munge_as4_attrs) Assert was too general, it is possible to receive AS4_AGGREGATOR before AGGREGATOR. (bgp_attr_parse) Check that we have actually received the extra byte of header for Extended-Length attributes. * bgp_attr.h: Fix BGP_ATTR_MIN_LEN to account for the length byte. * bgp_open.c: (cap_minsizes) Fix size of CAPABILITY_CODE_RESTART, incorrect -2 left in place from a development version of as4-path patch. * bgp_packet.c: (bgp_route_refresh_receive) ORF length parameter needs to be properly sanity checked. * tests/bgp_capability_test.c: Test for empty capabilities.
2007-12-18+ fixed no_set_aspath_prepend() to correctly match existing "set" statementDenis Ovsienko
2007-11-13[bgpd] small fix for crash if 'listenon' argument is not givenPaul Jakma
2007-11-13 Paul Jakma <paul.jakma@sun.com> * bgp_main.c: Small fix, format string parameters should never be NULL - it's not strictly valid and some libc's don't let you away with.
2007-11-012007-10-30 Nick Hilliard <nick@inex.ie>Paul Jakma
* bgp_main.c: Add 'listenon' argument, to pass address to bind to. * bgp_network.c: (bgp_socket) Extend to take bind address. * bgpd.c: (bgp_init) Pass stored address. * bgpd.h: (struct bgp_master) storage for bind address 2007-11-01 Paul Jakma <paul.jakma@sun.com> * tools/multiple-bgpd.sh: New, quick script to launch a bunch of bgpds.
2007-10-14[bgpd] Merge AS4 supportPaul Jakma
2007-10-14 Paul Jakma <paul.jakma@sun.com> * NEWS: Note that MRT dumps are now version 2 * (general) Merge in Juergen Kammer's AS4 patch. 2007-09-27 Paul Jakma <paul.jakma@sun.com> * bgp_aspath.c: (assegment_normalise) remove duplicates from from sets. (aspath_reconcile_as4) disregard a broken part of the RFC around error handling in path reconciliation. * aspath_test.c: Test dupe-weeding from sets. Test that reconciliation merges AS_PATH and AS4_PATH where former is shorter than latter. 2007-09-26 Paul Jakma <paul.jakma@sun.com> * aspath_test.c: Test AS4_PATH reconcilation where length of AS_PATH and AS4_PATH is same. 2007-09-25 Paul Jakma <paul.jakma@sun.com> * bgp_open.c: (peek_for_as4_capability) Fix to work. * bgp_packet.c: (bgp_open_receive) Fix sanity check of as4. * tests/bgp_capability_test.c: (general) Extend tests to validate peek_for_as4_capability. Add test of full OPEN Option block, with multiple capabilities, both as a series of Option, and a single option. Add some crap to beginning of stream, to prevent code depending on getp == 0. 2007-09-18 Paul Jakma <paul.jakma@sun.com> * bgp_open.c: (bgp_capability_as4) debug printf inline with others. (peek_for_as4_capability) There's no need to signal failure, as failure is better dealt with through full capability parser - just return the AS4, simpler. * bgp_packet.c: (bgp_open_receive) Update to match peek_for_as4_capability change. Allow use of BGP_AS_TRANS by 2b speakers. Use NOTIFY_OPEN_ERR rather than CEASE for OPEN parsing errors. (bgp_capability_msg_parse) missing argument to debug print (bgp_capability_receive) missing return values. * tests/bgp_capability_test.c: (parse_test) update for changes to peek_for_as4_capability 2007-07-25 Paul Jakma <paul.jakma@sun.com> * Remove 2-byte size macros, just make existing macros take argument to indicate which size to use. Adjust all users - typically they want '1'. * bgp_aspath.c: (aspath_has_as4) New, return 1 if there are any as4's in a path. (aspath_put) Return the number of bytes actually written, to fix the bug Juergen noted: Splitting of segments will change the number of bytes written from that already written to the AS_PATH header. (aspath_snmp_pathseg) Pass 2-byte flag to aspath_put. SNMP is still defined as 2b. (aspath_aggregate) fix latent bug. (aspath_reconcile_as4) AS_PATH+NEW_AS_PATH reconciliation function. (aspath_key_make) Hash the AS_PATH string, rather than just taking the addition of assegment ASes as the hash value, hopefully sligthly more collision resistant. (bgp_attr_munge_as4_attrs) Collide the NEW_ attributes together with the OLD 2-byte forms, code Juergen had in bgp_attr_parse but re-organised a bit. (bgp_attr_parse) Bunch of code from Juergen moves to previous function. (bgp_packet_attribute) Compact significantly by just /always/ using extended-length attr header. Fix bug Juergen noted, by using aspath_put's (new) returned size value for the attr header rather than the (guesstimate) of aspath_size() - the two could differ when aspath_put had to split large segments, unlikely this bug was ever hit in the 'wild'. (bgp_dump_routes_attr) Always use extended-len and use aspath_put return for header length. Output 4b ASN for AS_PATH and AGGREGATOR. * bgp_ecommunity.c: (ecommunity_{hash_make,cmp}) fix hash callback declarations to match prototypes. (ecommunity_gettoken) Updated for ECOMMUNITY_ENCODE_AS4, complete rewrite of Juergen's changes (no asdot support) * bgp_open.c: (bgp_capability_as4) New, does what it says on the tin. (peek_for_as4_capability) Rewritten to use streams and bgp_capability_as4. * bgp_packet.c: (bgp_open_send) minor edit checked (in the abstract at least) with Juergen. Changes are to be more accepting, e.g, allow AS_TRANS on a 2-byte session. * (general) Update all commands to use CMD_AS_RANGE. * bgp_vty.c: (bgp_clear) Fix return vals to use CMD_.. Remove stuff replicated by VTY_GET_LONG (bgp_clear_vty) Return bgp_clear directly to vty. * tests/aspath_test.c: Exercise 32bit parsing. Test reconcile function. * tests/ecommunity_test.c: New, test AS4 ecommunity changes, positive test only at this time, error cases not tested yet. 2007-07-25 Juergen Kammer <j.kammer@eurodata.de> * (general) AS4 support. * bgpd.h: as_t changes to 4-bytes. * bgp_aspath.h: Add BGP_AS4_MAX and BGP_AS_TRANS defines. * bgp_aspath.c: AS_VALUE_SIZE becomes 4-byte, AS16_VALUE_SIZE added for 2-byte. Add AS16 versions of length calc macros. (aspath_count_numas) New, count number of ASes. (aspath_has_as4) New, return 1 if there are any as4's in a path. (assegments_parse) Interpret assegment as 4 or 2 byte, according to how the caller instructs us, with a new argument. (aspath_parse) Add use32bit argument to pass to assegments_parse. Adjust all its callers to pass 1, unless otherwise noted. (assegment_data_put) Adjust to be able to write 2 or 4 byte AS, according to new use32bit argument. (aspath_put) Adjust to write 2 or 4. (aspath_gettoken) Use a long for passed in asno. * bgp_attr.c: (attr_str) Add BGP_ATTR_AS4_PATH and BGP_ATTR_AS4_AGGREGATOR. (bgp_attr_aspath) Call aspath_parse with right 2/4 arg, as determined by received-capability flag. (bgp_attr_aspath_check) New, code previously in attr_aspath but moved to new func so it can be run after NEW_AS_PATH reconciliation. (bgp_attr_as4_path) New, handle NEW_AS_PATH. (bgp_attr_aggregator) Adjust to cope with 2/4 byte ASes. (bgp_attr_as4_aggregator) New, read NEW_AGGREGATOR. (bgp_attr_parse) Add handoffs to previous parsers for the two new AS4 NEW_ attributes. Various checks added for NEW/OLD reconciliation. (bgp_packet_attribute) Support 2/4 for AS_PATH and AGGREGATOR, detect when NEW_ attrs need to be sent. * bgp_debug.{c,h}: Add 'debug bgp as4'. * bgp_dump.c: MRTv2 support, unconditionally enabled, which supports AS4. Based on patches from Erik (RIPE?). * bgp_ecommunity.c: (ecommunity_ecom2str) ECOMMUNITY_ENCODE_AS4 support. * bgp_open.c: (peek_for_as4_capability) New, peek for AS4 capability prior to full capability parsing, so we know which ASN to use for struct peer lookup. (bgp_open_capability) Always send AS4 capability. * bgp_packet.c: (bgp_open_send) AS4 handling for AS field (bgp_open_receive) Peek for AS4 capability first, and figure out which AS to believe. * bgp_vty.c: (bgp_show_peer) Print AS4 cap * tests/aspath_test.c: Support asn32 changes, call aspath_parse with 16 bit. * vtysh/extract.pl: AS4 compatibility for router bgp ASNUMBER * vtysh/extract.pl.in: AS4 compatibility for router bgp ASNUMBER * vtysh/vtysh.c: AS4 compatibility for router bgp ASNUMBER
2007-09-18[bgpd] Fix typo, which prevented advertisement of MP (non-IPv4) prefixesPaul Jakma
2007-09-17 Paul Jakma <paul.jakma@sun.com> * bgp_open.c: (bgp_capability_mp) We were setting afc_nego[safi][safi] rather than afc_nego[afi][safi], thus failling to announce any non-IPv4 prefixes. Remove the extra, typo-ed character. * bgp_capability_test.c: Test that peer's adv_recv and adv_nego get set correctly for MP capability and given AFI/SAFI. Colour OK/failed result so it's easier to find them.
2007-09-07[bgpd] low-impact DoS: crash on malformed community with debug setPaul Jakma
2007-09-07 Paul Jakma <paul.jakma@sun.com> * (general) bgpd can be made crash by remote peers if debug bgp updates is set, due to NULL pointer dereference. Reported by "Mu Security Research Team", <security@musecurity.com>. * bgp_attr.c: (bgp_attr_community) If community length is 0, don't set the community-present attribute bit, just return early. * bgp_debug.c: (community_str,community_com2str) Check com pointer before dereferencing.
2007-08-30[bgpd] bug #398 Bogus free on out route-map, and assert() with rsclientsPaul Jakma
2007-08-27 Paul Jakma <paul.jakma@sun.com> * bgp_route.c: (bgp_announce_check) Fix bug #398, slight modification of Vladimir Ivanov's suggested fix - to keep memory alloc conditional. (bgp_process_announce_selected) Don't take struct attr as argument, none of the callers need it and it needlessly distances allocation from use. Free the extended attr, the attr itself is on the stack. Fix bad indentation. * bgp_attr.c: (bgp_packet_attribute) Remove incorrect assert, and adjust conditional to test attr->extra, diagnosis by Vladimir Ivanov in bug #398. 2007-08-27 Vladimir Ivanov <wawa@yandex-team.ru> * bgp_route.c: (bgp_announce_check_rsclient) copy of ri->attr is no longer deep enough, due to addition of attr->extra. It should use bgp_attr_dup, as bgp_announce_check() does.
2007-08-23[bgpd] Pass NOSUB to regexecPaul Jakma
2007-08-23 Paul Jakma <paul.jakma@sun.com> * bgp_regex.c: (bgp_regcomp) Pass NOSUB flag to regcomp to prevent parsing of substitutions, which can have profound performance effects on bgpd and are of no use to the CLI anyway. How much it helps depends on the regex implementation.
2007-08-06[bgpd] Add support for AS_PATHLIMIT / draft-ietf-idr-as-pathlimitPaul Jakma
2007-07-31 Paul Jakma <paul.jakma@sun.com> * (general) Support for draft-ietf-idr-as-pathlimit-03. * bgp_attr.h: (struct attr) Add pathlimit struct bgp_attr.c: (attr_str) Add BGP_ATTR_AS_PATHLIMIT string. (attrhash_key_make) tally pathlimit too (attrhash_cmp) cmp pathlimit attr (bgp_attr_aspathlimit) New, parse AS_PATHLIMIT attr. (bgp_attr_parse) ditto (bgp_packet_attribute) Write out AS_PATHLIMIT when set (bgp_dump_routes_attr) ditto * bgp_route.h: (struct bgp_static) Add TTL field * bgp_route.c: (bgp_announce_check) Drop paths that are over their hop-count TTL before sending via EBGP. Mangle ASN in pathlimit for confeds/private as best we can. (bgp_static_update_{rsclient,main}) Add any configure pathlimit information. (bgp_pathlimit_update_parents) New, update atomic-aggr setting for parents of an aspathlimit'ed static. (bgp_static_set) Add TTL argument, for all the 'bgp network' commands. Call previous for TTL changed statics. (bgp_static_unset) Call pathlimit_update_parents. (various bgp network commands) Add 'pathlimit <0-255>' qualifier to all the various forms, bar route-map - which can set ttl itself. * bgp_routemap.c: (general) Add support for 'set pathlimit ttl' and 'match pathlimit as'. * doc/bgpd.texi: Document 'network ... pathlimit <ttl>'
2007-08-06[bgpd] cleanup, compact and consolidate capability parsing codePaul Jakma
2007-07-26 Paul Jakma <paul.jakma@sun.com> * (general) Clean up and compact capability parsing slightly. Consolidate validation of length and logging of generic TLV, and memcpy of capability data, thus removing such from cap specifc code (not always present or correct). * bgp_open.h: Add structures for the generic capability TLV header and for the data formats of the various specific capabilities we support. Hence remove the badly named, or else misdefined, struct capability. * bgp_open.c: (bgp_capability_vty_out) Use struct capability_mp_data. Do the length checks *before* memcpy()'ing based on that length (stored capability - should have been validated anyway on input, but..). (bgp_afi_safi_valid_indices) new function to validate (afi,safi) which is about to be used as index into arrays, consolidates several instances of same, at least one of which appeared to be incomplete.. (bgp_capability_mp) Much condensed. (bgp_capability_orf_entry) New, process one ORF entry (bgp_capability_orf) Condensed. Fixed to process all ORF entries. (bgp_capability_restart) Condensed, and fixed to use a cap-specific type, rather than abusing capability_mp. (struct message capcode_str) added to aid generic logging. (size_t cap_minsizes[]) added to aid generic validation of capability length field. (bgp_capability_parse) Generic logging and validation of TLV consolidated here. Code compacted as much as possible. * bgp_packet.c: (bgp_open_receive) Capability parsers now use streams, so no more need here to manually fudge the input stream getp. (bgp_capability_msg_parse) use struct capability_mp_data. Validate lengths /before/ memcpy. Use bgp_afi_safi_valid_indices. (bgp_capability_receive) Exported for use by test harness. * bgp_vty.c: (bgp_show_summary) fix conversion warning (bgp_show_peer) ditto * bgp_debug.h: Fix storage 'extern' after type 'const'. * lib/log.c: (mes_lookup) warning about code not being in same-number array slot should be debug, not warning. E.g. BGP has several discontigious number spaces, allocating from different parts of a space is not uncommon (e.g. IANA assigned versus vendor-assigned code points in some number space).
2007-07-31[bgpd] Dont schedule dumps multiple times for same commandPaul Jakma
2007-07-31 Lorenzo Colitti <lorenzo@colitti.com> * bgp_dump.c: (general) Add comments to code. (bgp_dump_interval_add) remove some redundant lines. (bgp_dump_set) Use enum for type argument. Avoid scheduling dump twice if exact same command is given twice..
2007-06-22[bgpd] bug #368: Fix possible loop between peers going Idle<->OpenSentPaul Jakma
2007-06-22 Paul Jakma <paul.jakma@sun.com> * bgp_fsm.c: (struct FSM) Bug #368. TCP Errors during OpenSent should cycle to Active, not to Idle or else peer bringup can race and cycle Idle<->Active. Reported and fix tested by Mukesh Agrawal.
2007-06-14[bgpd] bug #370, default-originate was broken by a silly thinkoPaul Jakma
2007-05-25 Paul Jakma <paul.jakma@sun.com> * bgp_route.c: (bgp_default_originate) Sanity check added previously was broken and always failed, thus this function never could run, bug #370.
2007-05-04[bgpd] Trim memory usage of BGP routesPaul Jakma
2007-05-03 Paul Jakma <paul.jakma@sun.com> * bgp_route.h: (struct info) Move less frequently used fields to a lazily allocated struct info_extra. Export bgp_info_extra_get * bgp_route.c: (bgp_info_extra_new) allocate extra (bgp_info_extra_free) Free damp info and the info_extra. (bgp_info_extra_get) Retrieve the info_extra of a struct info, allocating as required. (generally) adjust to use info->extra * bgp_damp.c: (generally) use bgp_info_extra_get to access dampinfo * bgp_attr.h: Move rarely allocated attributes from struct attr to a struct attr_extra, for a substantial saving in size of struct attr. * bgp_attr.c: (bgp_attr_extra_{new,free}), new, self-explanatory. (bgp_attr_extra_get) Get the attr_extra for a given struct attr, allocating it if needs be. (bgp_attr_dup) Shallow copy the struct attr and its attr_extra. (generally) adjust to know about attr->extra. * bgp_debug.c: (bgp_dump_attr) ditto * bgp_vty.c: (show_bgp_memory) print attr and info extra sizes. * bgp_nexthop.c: (generally) adjust to know about attr->extra and info->extra. * bgp_{packet,routemap,snmp,zebra}.c: ditto * lib/memtypes.c: Add MTYPE_ATTR_EXTRA and MTYPE_BGP_ROUTE_EXTRA
2007-04-29[bgpd] Use defines for default weightPaul Jakma
2007-04-22 Sebastien Tandel <sebastien@tandel.be> * bgp_attr.h : Definition of BGP_ATTR_DEFAULT_WEIGHT. * bgp_attr.c : (bgp_attr_default_intern) now uses bgp_attr_default_set instead of duplicating the same code. (general) Use of BGP_ATTR_DEFAULT_WEIGHT. Replace two 16 by IPV6_MAX_BYTELEN.
2007-04-29[bgpd] Fix warnings: hash callbacks should match hash API declarationsPaul Jakma
2007-04-22 Sebastien Tandel <sebastien@tandel.be> * bgp_advertise.c : (baa_hash_alloc, baa_hash_key, baa_hash_cmp) conforms to quagga hash API. Defines _hash_[alloc|key|cmp] with void * arguments as defined by the API. * bgp_aspath.c,h : (aspath_key_make) conforms to quagga hash API. Defines _hash_[alloc|key|cmp] with void * arguments as defined by the API. * bgp_attr.c,h : (cluster_hash_alloc, cluster_hash_key_make, cluster_hash_cmp, transit_hash_alloc, transit_hash_key_make, transit_hash_cmp, attrhash_key_make, attrhash_cmp, bgp_attr_hash_alloc) conforms to quagga hash API. Defines _hash_[alloc|key|cmp] with void * arguments as defined by the API.
2007-04-15[bgpd] Minor performance improvement patchAndrew J. Schorr
2007-04-15 Sebastien Tandel <sebastien@tandel.be> * bgp_aspath.c: (aspath_as_add, aspath_segment_add) Minor performance optimization: while loop should test one pointer instead of two.
2007-04-10[bgpd] Bug #354: Take care to keep reads of MP_(UN)REACH_NLRI in boundsPaul Jakma
2007-04-08 Paul Jakma <paul.jakma@sun.com> * bgp_attr.c: (general) Bug #354: parsing of MP_REACH_NLRI and MP_UNREACH_NLRI does not take sufficient care to ensure reads from stream buffer stay in-bounds. Hence bgpd may attempt to read beyond end of stream, if given a crafted packet. As it uses the stream access methods to do so, this will typically result in assert() being hit in stream.c. Where code is compiled without assert() enabled, result is unknown. (struct message attr_str) should be static. (bgp_mp_reach_parse) Carefully check length remaining in stream against amount desired to read from stream, prior to each read, particularly where lengths are conditional on data obtained from stream - using STREAM_READABLE. Remove code to parse SNPA-number, it's a defunct field and changed to a fixed size in latest BGP MP update RFC - log warning if SNPA-number is not 0. (bgp_mp_unreach_parse) Check withdraw_length carefully against STREAM_READABLE. (bgp_attr_parse) If attribute-parser function returns error, log warning. Log attribute type on mismatch.
2007-04-10[bgpd] V. quick route flap gets mistaken for duplicate, route is then ignoredPaul Jakma
2007-04-08 Paul Jakma <paul.jakma@sun.com> * bgp_route.c: (general) Same bug as fixed on 2006-11-28 by ajs for bgp static routes, but for main BGP RIB: Quick 'flap' of routes can cause bgpd to mistake a new route for a duplicate route, due to presence of removed, but not yet processed BGP RIB entry. (bgp_update_rsclient) Ignore REMOVED bgp_info for duplicate, restore route instead. (bgp_update_main) Ditto.
2007-04-10[bgpd] bug #352: IPv6/Multicast address-family config not written outPaul Jakma
2007-04-07 Paul Jakma <paul.jakma@sun.com> * bgpd.c: (general) Fix bug #352 (bgp_config_write_family_header) write ipv6/multicast address family header. (bgp_config_write) write out ipv6 multicast AF config.
2007-02-22[bgpd] Peer delete can race with reconfig leading to crashPaul Jakma
2007-02-22 Paul Jakma <paul.jakma@sun.com> * bgp_fsm.c: (bgp_fsm_change_status) Handle state change into clearing or greater here. Simpler. (bgp_event) Clearing state change work moved to previous * bgp_route.c: (bgp_clear_route_node) Clearing adj-in here is too late, as it leaves a race between a peer being deleted and an identical peer being configured before clearing completes, leading to a crash. Simplest fix is to clean peers Adj-in up-front, rather than queueing such work. (bgp_clear_route_table) Clear peer's Adj-In and Adj-Out up-front here, rather than queueing such work. Extensive comment added on the various bits of indexed data that exist and how they need to be dealt with. (bgp_clear_route) Update comment.
2006-12-12[PtP over ethernet] New peer flag allows much more addressing flexibilityAndrew J. Schorr
2006-12-12 Andrew J. Schorr <ajschorr@alumni.princeton.edu> * if.h: (struct connected) Add new ZEBRA_IFA_PEER flag indicating whether a peer address has been configured. Comment now shows the new interpretation of the destination addr: if ZEBRA_IFA_PEER is set, then it must contain the destination address, otherwise it may contain the broadcast address or be NULL. (CONNECTED_DEST_HOST,CONNECTED_POINTOPOINT_HOST) Remove obsolete macros that were specific to IPv4 and not fully general. (CONNECTED_PEER) New macro to check ZEBRA_IFA_PEER flag. (CONNECTED_PREFIX) New macro giving the prefix to insert into the RIB: if CONNECTED_PEER, then use the destination (peer) address, else use the address field. (CONNECTED_ID) New macro to come up with an identifying address for the struct connected. * if.c: (if_lookup_address, connected_lookup_address) Streamline logic with new CONNECTED_PREFIX macro. * prefix.h: (PREFIX_COPY_IPV4, PREFIX_COPY_IPV6) New macros for better performance than the general prefix_copy function. * zclient.c: (zebra_interface_address_read) For non-null destination addresses, set prefixlen to equal the address prefixlen. This is needed to get the new CONNECTED_PREFIX macro to work properly. * connected.c: (connected_up_ipv4, connected_down_ipv4, connected_up_ipv6, connected_down_ipv6) Simplify logic using the new CONNECTED_PREFIX macro. (connected_add_ipv4) Set prefixlen in destination addresses (required by the CONNECTED_PREFIX macro). Use CONNECTED_PEER macro instead of testing for IFF_POINTOPOINT. Delete invalid warning message. Warn about cases where the ZEBRA_IFA_PEER is set but no destination address has been supplied (and turn off the flag). (connected_add_ipv6) Add new flags argument so callers may set the ZEBRA_IFA_PEER flag. If peer/broadcast address satisfies IN6_IS_ADDR_UNSPECIFIED, then reject it with a warning. Set prefixlen in destination address so CONNECTED_PREFIX will work. * connected.h: (connected_add_ipv6) Add new flags argument so callers may set the ZEBRA_IFA_PEER flag. * interface.c: (connected_dump_vty) Use CONNECTED_PEER macro to decide whether the destination address is a peer or broadcast address (instead of checking IFF_BROADCAST and IFF_POINTOPOINT). * if_ioctl.c: (if_getaddrs) Instead of setting a peer address only when the IFF_POINTOPOINT is set, we now accept a peer address whenever it is available and not the same as the local address. Otherwise (no peer address assigned), we check for a broadcast address (regardless of the IFF_BROADCAST flag). And must now pass a flags value of ZEBRA_IFA_PEER to connected_add_ipv4 when a peer address is assigned. The same new logic is used with the IPv6 code as well (and we pass the new flags argument to connected_add_ipv6). (if_get_addr) Do not bother to check IFF_POINTOPOINT: just issue the SIOCGIFDSTADDR ioctl and see if we get back a peer address not matching the local address (and set the ZEBRA_IFA_PEER in that case). If there's no peer address, try to grab SIOCGIFBRDADDR regardless of whether IFF_BROADCAST is set. * if_ioctl_solaris.c: (if_get_addr) Just try the SIOCGLIFDSTADDR ioctl without bothering to check the IFF_POINTOPOINT flag. And if no peer address was found, just try the SIOCGLIFBRDADDR ioctl without checking the IFF_BROADCAST flag. Call connected_add_ipv4 and connected_add_ipv6 with appropriate flags. * if_proc.c: (ifaddr_proc_ipv6) Must pass new flags argument to connected_add_ipv6. * kernel_socket.c: (ifam_read) Must pass new flags argument to connected_add_ipv6. * rt_netlink.c: (netlink_interface_addr) Copy logic from iproute2 to determine local and possible peer address (so there's no longer a test for IFF_POINTOPOINT). Set ZEBRA_IFA_PEER flag appropriately. Pass new flags argument to connected_add_ipv6. (netlink_address) Test !CONNECTED_PEER instead of if_is_broadcast to determine whether the connected destination address is a broadcast address. * bgp_nexthop.c: (bgp_connected_add, bgp_connected_delete) Simplify logic by using new CONNECTED_PREFIX macro. * ospf_interface.c: (ospf_if_is_configured, ospf_if_lookup_by_prefix, ospf_if_lookup_recv_if) Simplify logic using new CONNECTED_PREFIX macro. * ospf_lsa.c: (lsa_link_ptop_set) Using the new CONNECTED_PREFIX macro, both options collapse into the same code. * ospf_snmp.c: (ospf_snmp_if_update) Simplify logic using new CONNECTED_ID macro. (ospf_snmp_is_if_have_addr) Simplify logic using new CONNECTED_PREFIX macro. * ospf_vty.c: (show_ip_ospf_interface_sub) Use new CONNECTED_PEER macro instead of testing the IFF_POINTOPOINT flag. * ospfd.c: (ospf_network_match_iface) Use new CONNECTED_PEER macro instead of testing with if_is_pointopoint. And add commented-out code to implement alternative (in my opinion) more elegant behavior that has no special-case treatment for PtP addresses. (ospf_network_run) Use new CONNECTED_ID macro to simplify logic. * rip_interface.c: (rip_interface_multicast_set) Use new CONNECTED_ID macro to simplify logic. (rip_request_interface_send) Fix minor bug: ipv4_broadcast_addr does not give a useful result if prefixlen is 32 (we require a peer address in such cases). * ripd.c: (rip_update_interface) Fix same bug as above.
2006-12-08[bgpd] Bug #302, bgpd can get stuck in state ClearingPaul Jakma
2006-12-07 Paul Jakma <paul.jakma@sun.com> * bgp_fsm.c: Bug #302 fix, diagnosis, suggestions and testing by Juergen Kammer <j.kammer@eurodata.de>. Fix follows from his suggested fix, just made in a slightly different way. (bgp_event) Transitions into Clearing always must call bgp_clear_route_all(). (bgp_stop) No need to clear routes here, BGP FSM should do it.
2006-11-30[bgpd] Implement 'debug bgp zebra' to log all messages to and from zebra.Andrew J. Schorr
2006-11-30 Andrew J. Schorr <ajschorr@alumni.princeton.edu> * bgp_debug.h: Declare new bgp_debug_zebra conf and term flags, and define BGP_DEBUG_ZEBRA. * bgp_debug.c: Declare conf_bgp_debug_zebra and term_bgp_debug_zebra. (debug_bgp_zebra, no_debug_bgp_zebra, undebug_bgp_zebra) New functions to enable/disable bgp zebra debugging. (no_debug_bgp_all) Turn off zebra debugging. (show_debugging_bgp) Show whether zebra debugging is on. (bgp_config_write_debug) Add 'debug bgp zebra' if configured. (bgp_debug_init) Add new zebra debugging commands. * bgp_zebra.c: (bgp_router_id_update, bgp_interface_add, bgp_interface_delete, bgp_interface_up, bgp_interface_down, bgp_interface_address_add, bgp_interface_address_delete, zebra_read_ipv4, zebra_read_ipv6, bgp_zebra_announce, bgp_zebra_withdraw, bgp_redistribute_set, bgp_redistribute_unset) If zebra debugging is enabled, log an appropriate debug message.
2006-11-28[bgpd] Fix bug where a deleted route that was quickly re-added was being lostAndrew J. Schorr
2006-11-28 Andrew J. Schorr <ajschorr@alumni.princeton.edu> * bgp_route.c: (bgp_info_restore) New function that undoes the effects of a previous call to bgp_info_delete. This is used when a route is deleted and quickly re-added before the deletion has been processed. (bgp_static_update_rsclient, bgp_static_update_main, bgp_redistribute_add) Check whether a pre-existing route has the BGP_INFO_REMOVED set, and, if so, we need to call bgp_info_restore to resurrect it.
2006-10-27[bgpd] trivial: non C99 u_int.._t should be uint.._tPaul Jakma
2006-10-27 Paul Jakma <paul.jakma@sun.com> * bgp_route.c: (bgp_table_stats) oops, u_intXX_t should be uintXX_t
2006-10-22[bgpd] struct peer must have bgp field valid (redistribute crash)Paul Jakma
2006-10-19 Paul Jakma <paul.jakma@sun.com> * bgpd.c: (peer_new) bgp element of peer absolutely must be filled in, make peer_new() require it as argument and update all callers. Fixes a crash reported by Jan 'yanek' Bortl and Andrew Schorr where bgpd would crash in bgp_pcount_adjust trying to dereference the bgp member of bgp->peer_self, triggered through redistribution. * bgp_route.c: (bgp_pcount_adjust) assert sanity of arguments.
2006-10-15[bgpd] Coverity CID #64: Needless NULL check, CID #64: Deref of potentially ↵Paul Jakma
NULL pointer. 2006-10-15 Paul Jakma <paul.jakma@sun.com> * bgp_packet.c: (bgp_update_packet) adv->rn can not be NULL, check is bogus - changed to assert(), CID#64. binfo is checked for NULL, but then dereferenced unconditionally, fix, CID #63. (bgp_withdraw_packet) Assert adv->rn is valid, as with bgp_update_packet().
2006-10-15[bgpd] CID#73, potential crash in bgp statistics if called for AFI/SAFI with ↵Paul Jakma
emtpy table 2006-10-15 Paul Jakma <paul.jakma@sun.com> * bgp_route.c: (bgp_table_stats_walker) NULL deref if table is empty, bgp_table_top may return NULL, Coverity CID#73.
2006-10-15[bgpd] Bug #302 fixes. ClearingCompleted event gets flushed, leaving peers ↵Paul Jakma
stuck in Clearing. 2006-10-14 Paul Jakma <paul.jakma@sun.com> * bgp_fsm.h: Remove BGP_EVENT_FLUSH_ADD, dangerous and not needed. * bgp_fsm.c: (bgp_stop) Move BGP_EVENT_FLUSH to the top of the of the function, otherwise it could flush a ClearingCompleted event, bug #302. * bgp_packet.c: Replace all BGP_EVENT_FLUSH_ADD with BGP_EVENT_ADD, fixing bug #302.
2006-09-19[bgpd] Trivial fix of printf format/arg mismatchAndrew J. Schorr
2006-09-19 Andrew J. Schorr <ajschorr@alumni.princeton.edu> * bgpd.c: (peer_uptime) Fix printf format/arg mismatch in zlog_warn message (%ld/size_t -> %lu/u_long).
2006-09-14[bgpd] reduce the process queue hold time to something more sensiblePaul Jakma
2006-09-14 Paul Jakma <paul.jakma@sun.com> * bgp_route.c: (bgp_process_queue_init) process queue hold time too high, adds extra memory load. Change to be much lower, until such time as it's made configurable.
2006-09-14[bgpd] RIB statistics address space size shouldnt double count spacePaul Jakma
2006-09-14 Paul Jakma <paul.jakma@sun.com> * bgp_route.c: (bgp_table_stats_walker) Address space announced should only count top-level unaggregateable prefixes, to avoid falling afoul of anti-dodgy-accounting regulations in various jurisdictions.. ;)
2006-09-14[bgpd] simplify peer refcounts, squash slow peer leakPaul Jakma
2006-09-14 Paul Jakma <paul.jakma@sun.com> * (general) fix the peer refcount issue exposed by previous, by just removing refcounting of peer threads, which is mostly senseless as they're references leading from struct peer, which peer_free cancels anyway. No need to muck around.. * bgp_fsm.h: Just remove the refcounting from the various TIMER/READ/WRITE/EVENT ON/OFF/ADD macros. * bgp_fsm.c: (bgp_stop) use BGP_EVENT_FLUSH, no refcounts attached to events anymore. (bgp_event) remove peer_unlock, events not refcounted. * bgpd.c: (peer_free) flush events before free.
2006-09-14[bgpd] Fix 0.99 shutdown regression, introduce Clearing and Deleted statesPaul Jakma
2006-09-14 Paul Jakma <paul.jakma@sun.com> * (general) Fix some niggly issues around 'shutdown' and clearing by adding a Clearing FSM wait-state and a hidden 'Deleted' FSM state, to allow deleted peers to 'cool off' and hit 0 references. This introduces a slow memory leak of struct peer, however that's more a testament to the fragility of the reference counting than a bug in this patch, cleanup of reference counting to fix this is to follow. * bgpd.h: Add Clearing, Deleted states and Clearing_Completed and event. * bgp_debug.c: (bgp_status_msg[]) Add strings for Clearing and Deleted. * bgp_fsm.h: Don't allow timer/event threads to set anything for Deleted peers. * bgp_fsm.c: (bgp_timer_set) Add Clearing and Deleted. Deleted needs to stop everything. (bgp_stop) Remove explicit fsm_change_status call, the general framework handles the transition. (bgp_start) Log a warning if a start is attempted on a peer that should stay down, trying to start a peer. (struct .. FSM) Add Clearing_Completed events, has little influence except when in state Clearing to signal wait-state can end. Add Clearing and Deleted states, former is a wait-state, latter is a placeholder state to allow peers to disappear quietly once refcounts settle. (bgp_event) Try reduce verbosity of FSM state-change debug, changes to same state are not interesting (Established->Established) Allow NULL action functions in FSM. * bgp_packet.c: (bgp_write) Use FSM events, rather than trying to twiddle directly with FSM state behind the back of FSM. (bgp_write_notify) ditto. (bgp_read) Remove the vague ACCEPT_PEER peer_unlock, or else this patch crashes, now it leaks instead. * bgp_route.c: (bgp_clear_node_complete) Clearing_Completed event, to end clearing. (bgp_clear_route) See extensive comments. * bgpd.c: (peer_free) should only be called while in Deleted, peer refcounting controls when peer_free is called. bgp_sync_delete should be here, not in peer_delete. (peer_delete) Initiate delete. Transition to Deleted state manually. When removing peer from indices that provide visibility of it, take great care to be idempotent wrt the reference counting of struct peer through those indices. Use bgp_timer_set, rather than replicating. Call to bgp_sync_delete isn't appropriate here, sync can be referenced while shutting down and finishing deletion. (peer_group_bind) Take care to be idempotent wrt list references indexing peers.
2006-09-14[bgpd] Add RIB reporting commands, show bgp ... statisticsPaul Jakma
2006-09-13 Paul Jakma <paul.jakma@sun.com> * bgp_aspath.c: (aspath_highest) new, return highest ASN in an aspath. * bgp_route.c: (bgp_peer_count_walker) new, do the walk done in bgp_peer_counts as a thread. (bgp_peer_counts) move walk to previous and call it via thread_execute so this RIB walk shows up in thread stats. (bgp_table_stats) New, gather some statistics for a given RIB. (bgp_table_stats_walker) New, RIB walker thread for former. (bgp_table_stats_vty) Parsing front-end for 'show bgp ...', useful model for future rationalisation of 'show ... bgp'. (bgp_route_init) Add new RIB stats commands.
2006-09-07[bgpd] Handle pcount as flags are changed, fixing pcount issuesPaul Jakma
2006-09-06 Paul Jakma <paul.jakma@sun.com> * (general) Squash any and all prefix-count issues by abstracting route flag changes, and maintaining count as and when flags are modified (rather than relying on explicit modifications of count being sprinkled in just the right places throughout the code). * bgp_route.c: (bgp_pcount_{dec,inc}rement) removed. (bgp_pcount_adjust) new, update prefix count as needed for a given route. (bgp_info_{uns,s}et_flag) set/unset a BGP_INFO route status flag, calling previous function when appropriate. (general) Update all set/unsets of flags to use previous. Remove pcount_{dec,inc}rement calls. No need to unset BGP_INFO_VALID in places where bgp_info_delete is called, it does that anyway. * bgp_{damp,nexthop}.c: Update to use bgp_info_{un,}set_flag. * bgp_route.h: Export bgp_info_{un,}set_flag. Add a 'meta' BGP_INFO flag, BGP_INFO_UNUSEABLE. Move BGP_INFO_HOLDDOWN macro to here from bgpd.h
2006-09-04[bgpd] Add 'show ... neighbor .... prefix-counts' commandPaul Jakma
2006-09-03 Paul Jakma <paul.jakma@sun.com> * bgp_route.c: Add 'show ... bgp ... <neighbour> prefix-count' commands, to provide detailed counts of prefixes for a peer. Informative, and should help pin down to pfxcnt drift problems.
2006-08-27[bgpd] fix mtype in XFREE and NULL out freed pointerPaul Jakma
2006-08-27 Paul Jakma <paul.jakma@sun.com> * bgp_advertise.c: (bgp_sync_delete) fix mtype in XFREE. NULL out peer->hash after free, to be sure.