summaryrefslogtreecommitdiff
path: root/bgpd/bgp_attr.h
AgeCommit message (Collapse)Author
2011-03-21bgpd: Implement revised error handling for partial optional/trans. attributesPaul Jakma
* BGP error handling generally boils down to "reset session". This was fine when all BGP speakers pretty much understood all BGP messages. However the increasing deployment of new attribute types has shown this approach to cause problems, in particular where a new attribute type is "tunneled" over some speakers which do not understand it, and then arrives at a speaker which does but considers it malformed (e.g. corruption along the way, or because of early implementation bugs/interop issues). To mitigate this drafts before the IDR (likely to be adopted) propose to treat errors in partial (i.e. not understood by neighbour), optional transitive attributes, when received from eBGP peers, as withdrawing only the NLRIs in the affected UPDATE, rather than causing the entire session to be reset. See: http://tools.ietf.org/html/draft-scudder-idr-optional-transitive * bgp_aspath.c: (assegments_parse) Replace the "NULL means valid, 0-length OR an error" return value with an error code - instead taking pointer to result structure as arg. (aspath_parse) adjust to suit previous change, but here NULL really does mean error in the external interface. * bgp_attr.h (bgp_attr_parse) use an explictly typed and enumerated value to indicate return result. (bgp_attr_unintern_sub) cleans up just the members of an attr, but not the attr itself, for benefit of those who use a stack-local attr. * bgp_attr.c: (bgp_attr_unintern_sub) split out from bgp_attr_unintern (bgp_attr_unintern) as previous. (bgp_attr_malformed) helper function to centralise decisions on how to handle errors in attributes. (bgp_attr_{aspathlimit,origin,etc..}) Use bgp_attr_malformed. (bgp_attr_aspathlimit) Subcode for error specifc to this attr should be BGP_NOTIFY_UPDATE_OPT_ATTR_ERR. (bgp_attr_as4_path) be more rigorous about checks, ala bgp_attr_as_path. (bgp_attr_parse) Adjust to deal with the additional error level that bgp_attr_ parsers can raise, and also similarly return appropriate error back up to (bgp_update_receive). Try to avoid leaking as4_path. * bgp_packet.c: (bgp_update_receive) Adjust to deal with BGP_ATTR_PARSE_WITHDRAW error level from bgp_attr_parse, which should lead to a withdraw, by making the attribute parameter in call to (bgp_nlri_parse) conditional on the error, so the update case morphs also into a withdraw. Use bgp_attr_unintern_sub from above, instead of doing this itself. Fix error case returns which were not calling bgp_attr_unintern_sub and probably leaking memory. * tests/aspath_test.c: Fix to work for null return with bad segments
2011-03-21bgpd: Try fix extcommunity resource allocation probs, particularly with 'set ↵Paul Jakma
extcom..' * Extended communities has some kind of resource allocation problem which causes a double-free if the 'set extcommunity ...' command is used. Try fix by properly interning extcommunities. Also, more generally, make unintern functions take a double pointer so they can NULL out callers references - a usefully defensive programming pattern for functions which make refs invalid. Sadly, this patch doesn't fix the problem entirely - crashes still occur on session clear. * bgp_ecommunity.h: (ecommunity_{free,unintern}) take double pointer args. * bgp_community.h: (community_unintern) ditto * bgp_attr.h: (bgp_attr_intern) ditto * bgp_aspath.h: (bgp_aspath.h) ditto * (general) update all callers of above * bgp_routemap.c: (route_set_ecommunity_{rt,soo}) intern the new extcom added to the attr, and unintern any old one. (route_set_ecommunity_{rt,soo}_compile) intern the extcom to be used for the route-map set. (route_set_ecommunity_*_free) unintern to match, instead of free (route_set_ecommunity_soo) Do as _rt does and don't just leak any pre-existing community, add to it (is additive right though?)
2011-03-21bgpd: Remove AS Path limit/TTL functionalityPaul Jakma
* draft-ietf-idr-as-pathlimit doesn't seem to have gone anywhere, and its author does not think it will make progress in IDR. Remove all support introduced for it, but leave stubs for the commands to avoid breaking any configurations. Basically reverts cecab5e9725792e60a5e4b473e238a14cd85815d.
2009-07-19[bgpd] Stability fixes including bugs 397, 492Chris Caputo
I've spent the last several weeks working on stability fixes to bgpd. These patches fix all of the numerous crashes, assertion failures, memory leaks and memory stomping I could find. Valgrind was used extensively. Added new function bgp_exit() to help catch problems. If "debug bgp" is configured and bgpd exits with status of 0, statistics on remaining lib/memory.c allocations are printed to stderr. It is my hope that other developers will use this to stay on top of memory issues. Example questionable exit: bgpd: memstats: Current memory utilization in module LIB: bgpd: memstats: Link List : 6 bgpd: memstats: Link Node : 5 bgpd: memstats: Hash : 8 bgpd: memstats: Hash Bucket : 2 bgpd: memstats: Hash Index : 8 bgpd: memstats: Work queue : 3 bgpd: memstats: Work queue item : 2 bgpd: memstats: Work queue name string : 3 bgpd: memstats: Current memory utilization in module BGP: bgpd: memstats: BGP instance : 1 bgpd: memstats: BGP peer : 1 bgpd: memstats: BGP peer hostname : 1 bgpd: memstats: BGP attribute : 1 bgpd: memstats: BGP extra attributes : 1 bgpd: memstats: BGP aspath : 1 bgpd: memstats: BGP aspath str : 1 bgpd: memstats: BGP table : 24 bgpd: memstats: BGP node : 1 bgpd: memstats: BGP route : 1 bgpd: memstats: BGP synchronise : 8 bgpd: memstats: BGP Process queue : 1 bgpd: memstats: BGP node clear queue : 1 bgpd: memstats: NOTE: If configuration exists, utilization may be expected. Example clean exit: bgpd: memstats: No remaining tracked memory utilization. This patch fixes bug #397: "Invalid free in bgp_announce_check()". This patch fixes bug #492: "SIGBUS in bgpd/bgp_route.c: bgp_clear_route_node()". My apologies for not separating out these changes into individual patches. The complexity of doing so boggled what is left of my brain. I hope this is all still useful to the community. This code has been production tested, in non-route-server-client mode, on a linux 32-bit box and a 64-bit box. Release/reset functions, used by bgp_exit(), added to: bgpd/bgp_attr.c,h bgpd/bgp_community.c,h bgpd/bgp_dump.c,h bgpd/bgp_ecommunity.c,h bgpd/bgp_filter.c,h bgpd/bgp_nexthop.c,h bgpd/bgp_route.c,h lib/routemap.c,h File by file analysis: * bgpd/bgp_aspath.c: Prevent re-use of ashash after it is released. * bgpd/bgp_attr.c: #if removed uncalled cluster_dup(). * bgpd/bgp_clist.c,h: Allow community_list_terminate() to be called from bgp_exit(). * bgpd/bgp_filter.c: Fix aslist->name use without allocation check, and also fix memory leak. * bgpd/bgp_main.c: Created bgp_exit() exit routine. This function frees allocations made as part of bgpd initialization and, to some extent, configuration. If "debug bgp" is configured, memory stats are printed as described above. * bgpd/bgp_nexthop.c: zclient_new() already allocates stream for ibuf/obuf, so bgp_scan_init() shouldn't do it too. Also, made it so zlookup is global so bgp_exit() can use it. * bgpd/bgp_packet.c: bgp_capability_msg_parse() call to bgp_clear_route() adjusted to use new BGP_CLEAR_ROUTE_NORMAL flag. * bgpd/bgp_route.h: Correct reference counter "lock" to be signed. bgp_clear_route() now accepts a bgp_clear_route_type of either BGP_CLEAR_ROUTE_NORMAL or BGP_CLEAR_ROUTE_MY_RSCLIENT. * bgpd/bgp_route.c: - bgp_process_rsclient(): attr was being zero'ed and then bgp_attr_extra_free() was being called with it, even though it was never filled with valid data. - bgp_process_rsclient(): Make sure rsclient->group is not NULL before use. - bgp_processq_del(): Add call to bgp_table_unlock(). - bgp_process(): Add call to bgp_table_lock(). - bgp_update_rsclient(): memset clearing of new_attr not needed since declarationw with "= { 0 }" does it. memset was already commented out. - bgp_update_rsclient(): Fix screwed up misleading indentation. - bgp_withdraw_rsclient(): Fix screwed up misleading indentation. - bgp_clear_route_node(): Support BGP_CLEAR_ROUTE_MY_RSCLIENT. - bgp_clear_node_queue_del(): Add call to bgp_table_unlock() and also free struct bgp_clear_node_queue used for work item. - bgp_clear_node_complete(): Do peer_unlock() after BGP_EVENT_ADD() in case peer is released by peer_unlock() call. - bgp_clear_route_table(): Support BGP_CLEAR_ROUTE_MY_RSCLIENT. Use struct bgp_clear_node_queue to supply data to worker. Add call to bgp_table_lock(). - bgp_clear_route(): Add support for BGP_CLEAR_ROUTE_NORMAL or BGP_CLEAR_ROUTE_MY_RSCLIENT. - bgp_clear_route_all(): Use BGP_CLEAR_ROUTE_NORMAL. Bug 397 fixes: - bgp_default_originate() - bgp_announce_table() * bgpd/bgp_table.h: - struct bgp_table: Added reference count. Changed type of owner to be "struct peer *" rather than "void *". - struct bgp_node: Correct reference counter "lock" to be signed. * bgpd/bgp_table.c: - Added bgp_table reference counting. - bgp_table_free(): Fixed cleanup code. Call peer_unlock() on owner if set. - bgp_unlock_node(): Added assertion. - bgp_node_get(): Added call to bgp_lock_node() to code path that it was missing from. * bgpd/bgp_vty.c: - peer_rsclient_set_vty(): Call peer_lock() as part of peer assignment to owner. Handle failure gracefully. - peer_rsclient_unset_vty(): Add call to bgp_clear_route() with BGP_CLEAR_ROUTE_MY_RSCLIENT purpose. * bgpd/bgp_zebra.c: Made it so zclient is global so bgp_exit() can use it. * bgpd/bgpd.c: - peer_lock(): Allow to be called when status is "Deleted". - peer_deactivate(): Supply BGP_CLEAR_ROUTE_NORMAL purpose to bgp_clear_route() call. - peer_delete(): Common variable listnode pn. Fix bug in which rsclient was only dealt with if not part of a peer group. Call bgp_clear_route() for rsclient, if appropriate, and do so with BGP_CLEAR_ROUTE_MY_RSCLIENT purpose. - peer_group_get(): Use XSTRDUP() instead of strdup() for conf->host. - peer_group_bind(): Call bgp_clear_route() for rsclient, and do so with BGP_CLEAR_ROUTE_MY_RSCLIENT purpose. - bgp_create(): Use XSTRDUP() instead of strdup() for peer_self->host. - bgp_delete(): Delete peers before groups, rather than after. And then rather than deleting rsclients, verify that there are none at this point. - bgp_unlock(): Add assertion. - bgp_free(): Call bgp_table_finish() rather than doing XFREE() itself. * lib/command.c,h: Compiler warning fixes. Add cmd_terminate(). Fixed massive leak in install_element() in which cmd_make_descvec() was being called more than once for the same cmd->strvec/string/doc. * lib/log.c: Make closezlog() check fp before calling fclose(). * lib/memory.c: Catch when alloc count goes negative by using signed counts. Correct #endif comment. Add log_memstats_stderr(). * lib/memory.h: Add log_memstats_stderr(). * lib/thread.c: thread->funcname was being accessed in thread_call() after it had been freed. Rearranged things so that thread_call() frees funcname. Also made it so thread_master_free() cleans up cpu_record. * lib/vty.c,h: Use global command_cr. Add vty_terminate(). * lib/zclient.c,h: Re-enable zclient_free().
2008-08-22[lib] hash compare function arguments ought to be const qualifiedStephen Hemminger
2008-08-14 Stephen Hemminger <stephen.hemminger@vyatta.com> * lib/hash.h: (struct hash) Hash comparator callback really ought to treat storage behind arguments as constant - a compare function with side-effects would be evil. * */*.c: Adjust comparator functions similarly, thus fixing at least a few compiler warnings about const qualifier being dropped. Signed-off-by: Paul Jakma <paul@quagga.net>
2008-06-07[bgpd] minor changes to bgp_mp_reach_parsePaul Jakma
2008-06-07 Paul Jakma <paul@jakma.org> * bgp_attr.{c,h}: (bgp_mp_{un,}reach_parse) export, for unit tests. * bgp_attr.c: (bgp_mp_reach_parse) Add logging. Tighten length test to bounds check against the attribute length rather than the stream length..
2007-12-22[bgpd] Fix number of DoS security issues, restricted to configured peers.Paul Jakma
2007-12-22 Paul Jakma <paul.jakma@sun.com> * Fix series of vulnerabilities reported by "Mu Security Research Team", where bgpd can be made to crash by sending malformed packets - requires that bgpd be configured with a session to the peer. * bgp_attr.c: (bgp_attr_as4_path) aspath_parse may fail, only set the attribute flag indicating AS4_PATH if we actually managed to parse one. (bgp_attr_munge_as4_attrs) Assert was too general, it is possible to receive AS4_AGGREGATOR before AGGREGATOR. (bgp_attr_parse) Check that we have actually received the extra byte of header for Extended-Length attributes. * bgp_attr.h: Fix BGP_ATTR_MIN_LEN to account for the length byte. * bgp_open.c: (cap_minsizes) Fix size of CAPABILITY_CODE_RESTART, incorrect -2 left in place from a development version of as4-path patch. * bgp_packet.c: (bgp_route_refresh_receive) ORF length parameter needs to be properly sanity checked. * tests/bgp_capability_test.c: Test for empty capabilities.
2007-08-06[bgpd] Add support for AS_PATHLIMIT / draft-ietf-idr-as-pathlimitPaul Jakma
2007-07-31 Paul Jakma <paul.jakma@sun.com> * (general) Support for draft-ietf-idr-as-pathlimit-03. * bgp_attr.h: (struct attr) Add pathlimit struct bgp_attr.c: (attr_str) Add BGP_ATTR_AS_PATHLIMIT string. (attrhash_key_make) tally pathlimit too (attrhash_cmp) cmp pathlimit attr (bgp_attr_aspathlimit) New, parse AS_PATHLIMIT attr. (bgp_attr_parse) ditto (bgp_packet_attribute) Write out AS_PATHLIMIT when set (bgp_dump_routes_attr) ditto * bgp_route.h: (struct bgp_static) Add TTL field * bgp_route.c: (bgp_announce_check) Drop paths that are over their hop-count TTL before sending via EBGP. Mangle ASN in pathlimit for confeds/private as best we can. (bgp_static_update_{rsclient,main}) Add any configure pathlimit information. (bgp_pathlimit_update_parents) New, update atomic-aggr setting for parents of an aspathlimit'ed static. (bgp_static_set) Add TTL argument, for all the 'bgp network' commands. Call previous for TTL changed statics. (bgp_static_unset) Call pathlimit_update_parents. (various bgp network commands) Add 'pathlimit <0-255>' qualifier to all the various forms, bar route-map - which can set ttl itself. * bgp_routemap.c: (general) Add support for 'set pathlimit ttl' and 'match pathlimit as'. * doc/bgpd.texi: Document 'network ... pathlimit <ttl>'
2007-05-04[bgpd] Trim memory usage of BGP routesPaul Jakma
2007-05-03 Paul Jakma <paul.jakma@sun.com> * bgp_route.h: (struct info) Move less frequently used fields to a lazily allocated struct info_extra. Export bgp_info_extra_get * bgp_route.c: (bgp_info_extra_new) allocate extra (bgp_info_extra_free) Free damp info and the info_extra. (bgp_info_extra_get) Retrieve the info_extra of a struct info, allocating as required. (generally) adjust to use info->extra * bgp_damp.c: (generally) use bgp_info_extra_get to access dampinfo * bgp_attr.h: Move rarely allocated attributes from struct attr to a struct attr_extra, for a substantial saving in size of struct attr. * bgp_attr.c: (bgp_attr_extra_{new,free}), new, self-explanatory. (bgp_attr_extra_get) Get the attr_extra for a given struct attr, allocating it if needs be. (bgp_attr_dup) Shallow copy the struct attr and its attr_extra. (generally) adjust to know about attr->extra. * bgp_debug.c: (bgp_dump_attr) ditto * bgp_vty.c: (show_bgp_memory) print attr and info extra sizes. * bgp_nexthop.c: (generally) adjust to know about attr->extra and info->extra. * bgp_{packet,routemap,snmp,zebra}.c: ditto * lib/memtypes.c: Add MTYPE_ATTR_EXTRA and MTYPE_BGP_ROUTE_EXTRA
2007-04-29[bgpd] Use defines for default weightPaul Jakma
2007-04-22 Sebastien Tandel <sebastien@tandel.be> * bgp_attr.h : Definition of BGP_ATTR_DEFAULT_WEIGHT. * bgp_attr.c : (bgp_attr_default_intern) now uses bgp_attr_default_set instead of duplicating the same code. (general) Use of BGP_ATTR_DEFAULT_WEIGHT. Replace two 16 by IPV6_MAX_BYTELEN.
2007-04-29[bgpd] Fix warnings: hash callbacks should match hash API declarationsPaul Jakma
2007-04-22 Sebastien Tandel <sebastien@tandel.be> * bgp_advertise.c : (baa_hash_alloc, baa_hash_key, baa_hash_cmp) conforms to quagga hash API. Defines _hash_[alloc|key|cmp] with void * arguments as defined by the API. * bgp_aspath.c,h : (aspath_key_make) conforms to quagga hash API. Defines _hash_[alloc|key|cmp] with void * arguments as defined by the API. * bgp_attr.c,h : (cluster_hash_alloc, cluster_hash_key_make, cluster_hash_cmp, transit_hash_alloc, transit_hash_key_make, transit_hash_cmp, attrhash_key_make, attrhash_cmp, bgp_attr_hash_alloc) conforms to quagga hash API. Defines _hash_[alloc|key|cmp] with void * arguments as defined by the API.
2006-05-04[bgpd] bug #210: Enable crucial VPNv4 code which was disabledPaul Jakma
2006-05-04 Paul Jakma <paul.jakma@sun.com> * (general) VPNv4 fixes. Certain VPNv4 code was not enabled. See bug #210. * bgp_attr.{c,h}: (bgp_packet_{withdraw,attribute}) Tag should be u_char really. * bgp_packet.c: (bgp_{update,withdraw}_packet) Enable some VPNv4 code which inexplicably was ifdef'd out. comments from a tester on IRC suggest this fixes bug #210.
2006-03-30[bgpd] rearrange some structs for less padding, stats for table/attrs.Paul Jakma
2006-03-12 Paul Jakma <paul.jakma@sun.com> * bgp_attr.h: (struct attr) rearrange fields to avoid wasted padding between them as much as possible. (attr_count,attr_unknown_count) export new functions to return number of counts of cached attributes. * bgp_attr.c: (attr_count,attr_unknown_count) new functions to return number of counts of cached attributes. * bgp_route.h: (struct bgp_info) rearrange fields to avoid wasted padding. * bgp_table.h: (struct bgp_table) Add a count field, of number of nodes in the table. (struct bgp_node) rearrange fields to avoid wasted padding between them, though I don't think there was any in this case. * bgp_table.c: (bgp_node_{delete,get}) Maintain the table node count. (bgp_table_count) new function to access the table count.
2005-06-282005-06-28 Paul Jakma <paul.jakma@sun.com>paul
* (global) The great bgpd extern and static'ification. * bgp_routemap.c: remove unused ROUTE_MATCH_ASPATH_OLD code (route_set_metric_compile) fix u_int32_t to ULONG_MAX comparison warnings. * bgp_route.h: (bgp_process, bgp_withdraw, bgp_update) export these used by various files which had their own private declarations, in the case of mplsvpn - incorrect.
2005-05-232005-05-23 Paul Jakma <paul@dishone.st>paul
* bgp_fsm.h: Add extern qualifier to exported functions * bgp_nexthop.c: add static to nexthop specific globals * *.h: Add guard defines
2004-06-042004-06-04 Paul Jakma <paul@dishone.st>paul
* type mismatch fixes
2003-10-182003-10-18 Lorenzo Colitti <lorenzo@ripe.net>paul
2003-10-18 Lorenzo Colitti <lorenzo@ripe.net> * bgpd/bgp_attr.c: (bgp_dump_routes_attr) Dont dump IPv4 nexthop for IP. Dump MP_NLRI attr with IPv6 next-hop for AF_INET6 address family prefixes. Accept prefix as argument. * bgpd/bgp_attr.c: modify bgp_dump_routes_attr declaration. * bgpd/bgp_dump.c: (bgp_dump_routes_entry) Modify calls to bgp_dump_routes_attr. (bgp_dump_common) Go by the family of the peering socket, not configured address family when dumping peering information. Add HAVE_IPV6 conditionals, eg missing from previous bgp interval patch.
2003-10-132003-10-13 Jay Fenlason <fenlason@redhat.com>paul
* lib/zebra.h: define UINT32_MAX for those systems which do not provide it. * bgp_attr.h: define BGP_MED_MAX. * bgp_route.c: update defines/constants to BGP_MED_MAX. * bgp_routemap.c: ditto. clean up route_match_metric_compile slightly to avoid unneccesary XMALLOC.
2002-12-13Initial revisionpaul