Age | Commit message (Collapse) | Author |
|
- aspath_gettoken(): use as_t to fix 4-byte ASN scanning (bug #484)
- set_aspath_prepend_cmd(): use CMD_AS_RANGE in message to match
actual range
- no_set_aspath_prepend_val_cmd(): idem
- set_aspath_exclude_cmd(): idem
- no_set_aspath_exclude_val_cmd(): idem
|
|
|
|
Compiled on 32-bit and 64-bit linux gcc 4.1.2 platforms.
No run-time testing on 32-bit and limited run-time testing on 64-bit.
|
|
* lib/workqueue.c: free-ing workqueues had never been tested obviously,
queue's thread was not being stopped
* bgpd/bgpd.c: null out freed workqueues, to prevent acting on freed
workqueues
|
|
|
|
* bgpd/bgp_community.c: (community_del_val) Fix bug in memcpy that was
using the wrong size on architectures where a pointer is not 32 bits.
|
|
When bgp calls getaddrinfo, it gets both ipv6 and ipv4 addresses.
Unless IPV6_ONLY is set on Linux, only the ipv6 bind will succeed,
and the IPV4 connections will come in as mapped connections on the
IPV6 socket.
|
|
* bgpd/bgp_aspath.c: (aspath_make_str_count) "assert (len < str_size)" was
getting hit under certain 4-byte ASN conditions. New realloc strategy.
* bgpd/bgp_aspath.c: (aspath_key_make) const warning fix.
"%d" -> "%u" 4-byte ASN corrections. Prevent negative number when ASN is
above 2^31.
|
|
* bgp_vty.c: (show_bgp_views_cmd) new command to list all defined
views.
(with small edits by Paul Jakma)
Signed-off-by: Paul Jakma <paul@quagga.net>
|
|
|
|
* bgp_route.c: (show_ip_bgp_view_rsclient_route_cmd) Add the missing "ip"
to the command string.
Signed-off-by: Paul Jakma <paul@quagga.net>
|
|
* bgpd/bgp_packet.c: (bgp_open_receive) Try fix the little race in the FSM,
where a accept-peer that progress faster than realpeer gets closed down if
realpeer is still just in Connect, by allowing the realpeer to be
bgp_stop'ed and doing the regular swapping-of-FSM state.
|
|
* bgp_packet.c: (bgp_open_receive) the accept-peer hack can sometimes
cause a race between two peers that try to establish sessions to each other,
causing session setup to fail when it should have succeeded. In the worst
case, the race can 'loop', causing prolonged failure to establish sessions.
|
|
|
|
'remotes/jocke/snmp_crosscompile'
|
|
accepted conns"
Revert commit d664ae1182c29b74b409bc8594b7bd0575e91ce9. An experimental
patch which violates RFC4271 quite badly, but managed to accidently sneak
its way in.
|
|
--without-crypto
Autoconfig work by me, the rest was done by
"Kirill K. Smirnov" <lich@math.spbu.ru>
|
|
* lib/command.h: Add a RESTRICTED_NODE, intended for use with
anonymous, 'no login' vtys, to provide a subset of 'view' mode
commands.
* lib/command.c: Add RESTRICTED_NODE bits, nothing special, just
following VIEW_NODE.
* lib/vty.c: (vty_auth) enable authentication should fall back to
restricted/view node as appropriate.
(vty_create) init vty's to restricted/view node as appropriate,
for the 'no login' case.
(vty_{no_,}restricted_mode_cmd) config commands to enable
'anonymous restricted' in vty configuration.
(vty_config_write) 'anonymous restricted' config.
(vty_init) Install some commands to restricted mode, and the
'anonymous restricted' config commands into VTY_NODE.
* bgpd/*.c: Install some of the safe(r) BGP commands into
'restricted mode', i.e. lookup commands of non-sensitive data.
Useful with looking-glass route-servers.
|
|
- Add more stuff, archive libraries, etc..
|
|
|
|
|
|
2008-08-17 Stephen Hemminger <stephen.hemminger@vyatta.com>
* bgp_damp.?: (bgp_config_write_damp) remove useless check
of statically allocated config storage, and useless return
value
Signed-off-by: Paul Jakma <paul@quagga.net>
|
|
2008-08-15 Paul Jakma <paul.jakma@sun.com>
* */*: Fix various problems flagged by Sun Studio compiler.
- '<qualifier> <storage>' obsolescent in declarations
- empty statements (';' after ALIAS definitions)
- implicit declarations (e.g printstack in lib/log.c)
- "\%" in printf string instead of "%%"
- loops that return on the first iteration (legitimately, but
compiler can't really know), e.g. bgp_routemap.c
- internal declarations which mask prototypes.
|
|
2008-08-14 Stephen Hemminger <stephen.hemminger@vyatta.com>
* lib/log.{c,h}: struct message argument should point to const
* */*.c: adjust to suit,
Signed-off-by: Paul Jakma <paul@quagga.net>
|
|
2008-08-14 Stephen Hemminger <stephen.hemminger@vyatta.com>
* lib/hash.h: (struct hash) Hash comparator callback really
ought to treat storage behind arguments as constant - a compare
function with side-effects would be evil.
* */*.c: Adjust comparator functions similarly, thus fixing at least
a few compiler warnings about const qualifier being dropped.
Signed-off-by: Paul Jakma <paul@quagga.net>
|
|
2008-08-13 Paul P Komkoff Jr <i@stingr.net>
* configure.ac: add a configure flag and autoconf macro, which will
determine if your toolchain supports PIE.
* */Makefile.am: add corresponding CFLAGS and LDFLAGS into
appropriate places.
Signed-off-by: Paul Jakma <paul@quagga.net>
|
|
2007-08-31 Paul Jakma <paul.jakma@sun.com>
* (general) Add 'bgp open-accept' option, to allow bgpd to send OPEN
on accepted connections, i.e. to not wait till after
collision-detect to send OPEN, which appears to be allowed in
RFC4271. This may help speed up establishing sessions, or help
avoid FSM problems with sessions to certain peers. Not enabled by
default though.
|
|
|
|
2008-07-22 Paul Jakma <paul.jakma@sun.com>
* HACKING: Document preference for compiler conditional code, over
cpp conditional.
* configure.ac: DISABLE_BGP_ANNOUNCE always should be defined.
* bgp_{packet,route,advertise}.c: change to compiler testing of
DISABLE_BGP_ANNOUNCE, rather than cpp.
2008-07-22 MIYAJIMA Mitsuharu <miyajima.mitsuharu@anchor.jp>
* bgp_packet.c: (bgp_update_packet_eor) Fix crash triggerable
if a bgpd was compiled with --disable-bgp-announce and if GR is
advertised by peer.
|
|
2008-07-22 Paul Jakma <paul.jakma@sun.com>
* bgp_community.c: (community_str2com) assigns defaults to local
vars
* bgp_attr.c: (bgp_attr_parse) match format specifier to arg
* bgp_table.{c,h}: (bgp_table_top) can take a * to a const, quelling
warning in bgp_route.c
|
|
2008-07-21 Paul Jakma <paul.jakma@sun.com>
* bgp_packet.c: (bgp_open_receive) fix warning in a zlog call
* bgp_vty.c: (bgp_vty_return) add return code
* bgpd.c: (bgp_master_init) setup the socket list.
* bgp_network.c: Remove the dual IPv4/6 socket thing for now, which
was implemented by Michael, until such time as its clear its
required for Linux (see sockopt comments). IPv6 support, including
IPv4 sessions on AF_INET6 sockets, therefore is broken, and the
'-l 0.0.0.0' arguments would need to be given to bgpd to make
things work here.
2008-07-21 Michael H. Warfield <mhw@wittsend.com>
YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
Tomohiko Kusuda <kusuda@inetcore.com>
Leigh Brown <leigh@solinno.co.uk>
* bgp_network.c: (bgp_md5_set_one) shim between libzebra tcp-md5
sockopt and bgpd.
(bgp_md5_set_socket) Helper for bgp_connect
(bgp_md5_set) setup TCP-MD5SIG for the given peer.
(bgp_connect) call out to bgp_md5_set_socket for the outgoing
connect socket.
(bgp_socket) save references to the listen sockets, needed if
TCP-MD5SIG is applied later or changed.
* bgp_vty.c: (*neighbor_password_cmd) New 'neighbor ... password'
commands.
* bgpd.c: (peer_{new,delete) manage TCP-MD5 password
(peer_group2peer_config_copy) inherit TCP-MD5 password
(peer_password_{un,}set) orchestrate the whole add/remove of TCP-MD5
passwords: applying checks, stopping peers, and trying to return
errors to UI, etc.
(bgp_config_write_peer) save password.
Fix missing newline in writeout of neighbor ... port.
2008-07-21 Paul Jakma <paul.jakma@sun.com>
* sockunion.c: ifdef out various places that converted
v4mapped sockets to pure v4. Doesn't seem necessary at all,
presumably a workaround for now historical inet_ntop bugs (?)
2008-07-21 Michael H. Warfield <mhw@wittsend.com>
YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
* sockopt.{c,h}: (sockopt_tcp_signature) Add TCP-MD5SIG support.
|
|
2008-07-02 MIYAJIMA Mitsuharu <miyajima.mitsuharu@anchor.jp>
* *.c: CMD_AS_RANGE was being used inside command strings, and thus
not being expanded, fix by dequoting.
|
|
2008-07-02 Stephen Hemminger <stephen.hemminger@vyatta.com>
* bgp_table.{c,h}: (bgp_table_finish) Take a double pointer and
scrub pointer in caller, so fixing double-free crashes seen
with route-server-client configuration.
* *.c: Adjust all callers of bgp_table_finish
2008-07-02 Paul Jakma <paul.jakma@sun.com>
* bgp_table.{c,h}: (bgp_node_delete, bgp_table_free) shouldn't be
exported.
|
|
2008-06-07 Paul Jakma <paul@jakma.org>
* bgp_attr.{c,h}: (bgp_mp_{un,}reach_parse) export, for unit tests.
* bgp_attr.c: (bgp_mp_reach_parse) Add logging. Tighten length test
to bounds check against the attribute length rather than the
stream length..
|
|
2008-06-01 jfletche@gmail.com
* bgp_attr.c: (bgp_attr_aspathlimit) fix silly bug in flags check
that was causing BGP to drop sessions if it received a
aspath-limit with partial set. Fixes bug #419.
|
|
2008-05-29 Martin Nagy <mnagy@redhat.com>
* */*main.c: Sanity check port numbers before using.
|
|
|
|
2008-03-13 Paul Jakma <paul.jakma@sun.com>
* (various) Remove 0 entries from struct message's, unneeded due to
recent improvements in mes_lookup/LOOKUP.
|
|
2008-01-29 Jorge Boncompte <jorge@dti2.net>
* bgp_network.c: (bgp_socket) IPv4-only version crashes if -l is not
used as address will be null.
|
|
2007-12-22 Paul Jakma <paul.jakma@sun.com>
* Fix series of vulnerabilities reported by "Mu Security
Research Team", where bgpd can be made to crash by sending
malformed packets - requires that bgpd be configured with a
session to the peer.
* bgp_attr.c: (bgp_attr_as4_path) aspath_parse may fail, only
set the attribute flag indicating AS4_PATH if we actually managed
to parse one.
(bgp_attr_munge_as4_attrs) Assert was too general, it is possible
to receive AS4_AGGREGATOR before AGGREGATOR.
(bgp_attr_parse) Check that we have actually received the extra
byte of header for Extended-Length attributes.
* bgp_attr.h: Fix BGP_ATTR_MIN_LEN to account for the length byte.
* bgp_open.c: (cap_minsizes) Fix size of CAPABILITY_CODE_RESTART,
incorrect -2 left in place from a development version of as4-path
patch.
* bgp_packet.c: (bgp_route_refresh_receive) ORF length parameter
needs to be properly sanity checked.
* tests/bgp_capability_test.c: Test for empty capabilities.
|
|
|
|
|
|
2007-11-13 Paul Jakma <paul.jakma@sun.com>
* bgp_main.c: Small fix, format string parameters should never
be NULL - it's not strictly valid and some libc's don't let
you away with.
|
|
* bgp_main.c: Add 'listenon' argument, to pass address to bind
to.
* bgp_network.c: (bgp_socket) Extend to take bind address.
* bgpd.c: (bgp_init) Pass stored address.
* bgpd.h: (struct bgp_master) storage for bind address
2007-11-01 Paul Jakma <paul.jakma@sun.com>
* tools/multiple-bgpd.sh: New, quick script to launch a bunch of
bgpds.
|
|
2007-10-14 Paul Jakma <paul.jakma@sun.com>
* NEWS: Note that MRT dumps are now version 2
* (general) Merge in Juergen Kammer's AS4 patch.
2007-09-27 Paul Jakma <paul.jakma@sun.com>
* bgp_aspath.c: (assegment_normalise) remove duplicates from
from sets.
(aspath_reconcile_as4) disregard a broken part of the RFC around
error handling in path reconciliation.
* aspath_test.c: Test dupe-weeding from sets.
Test that reconciliation merges AS_PATH and AS4_PATH where
former is shorter than latter.
2007-09-26 Paul Jakma <paul.jakma@sun.com>
* aspath_test.c: Test AS4_PATH reconcilation where length
of AS_PATH and AS4_PATH is same.
2007-09-25 Paul Jakma <paul.jakma@sun.com>
* bgp_open.c: (peek_for_as4_capability) Fix to work.
* bgp_packet.c: (bgp_open_receive) Fix sanity check of as4.
* tests/bgp_capability_test.c: (general) Extend tests to validate
peek_for_as4_capability.
Add test of full OPEN Option block, with multiple capabilities,
both as a series of Option, and a single option.
Add some crap to beginning of stream, to prevent code depending
on getp == 0.
2007-09-18 Paul Jakma <paul.jakma@sun.com>
* bgp_open.c: (bgp_capability_as4) debug printf inline with others.
(peek_for_as4_capability) There's no need to signal failure, as
failure is better dealt with through full capability parser -
just return the AS4, simpler.
* bgp_packet.c: (bgp_open_receive) Update to match
peek_for_as4_capability change.
Allow use of BGP_AS_TRANS by 2b speakers.
Use NOTIFY_OPEN_ERR rather than CEASE for OPEN parsing errors.
(bgp_capability_msg_parse) missing argument to debug print
(bgp_capability_receive) missing return values.
* tests/bgp_capability_test.c: (parse_test) update for changes to
peek_for_as4_capability
2007-07-25 Paul Jakma <paul.jakma@sun.com>
* Remove 2-byte size macros, just make existing macros take
argument to indicate which size to use.
Adjust all users - typically they want '1'.
* bgp_aspath.c: (aspath_has_as4) New, return 1 if there are any
as4's in a path.
(aspath_put) Return the number of bytes actually written, to
fix the bug Juergen noted: Splitting of segments will change
the number of bytes written from that already written to the
AS_PATH header.
(aspath_snmp_pathseg) Pass 2-byte flag to aspath_put. SNMP
is still defined as 2b.
(aspath_aggregate) fix latent bug.
(aspath_reconcile_as4) AS_PATH+NEW_AS_PATH reconciliation
function.
(aspath_key_make) Hash the AS_PATH string, rather than
just taking the addition of assegment ASes as the hash value,
hopefully sligthly more collision resistant.
(bgp_attr_munge_as4_attrs) Collide the NEW_ attributes
together with the OLD 2-byte forms, code Juergen
had in bgp_attr_parse but re-organised a bit.
(bgp_attr_parse) Bunch of code from Juergen moves
to previous function.
(bgp_packet_attribute) Compact significantly by
just /always/ using extended-length attr header.
Fix bug Juergen noted, by using aspath_put's
(new) returned size value for the attr header rather
than the (guesstimate) of aspath_size() - the two could
differ when aspath_put had to split large segments, unlikely
this bug was ever hit in the 'wild'.
(bgp_dump_routes_attr) Always use extended-len and
use aspath_put return for header length. Output 4b ASN
for AS_PATH and AGGREGATOR.
* bgp_ecommunity.c: (ecommunity_{hash_make,cmp}) fix
hash callback declarations to match prototypes.
(ecommunity_gettoken) Updated for ECOMMUNITY_ENCODE_AS4,
complete rewrite of Juergen's changes (no asdot support)
* bgp_open.c: (bgp_capability_as4) New, does what it says
on the tin.
(peek_for_as4_capability) Rewritten to use streams and
bgp_capability_as4.
* bgp_packet.c: (bgp_open_send) minor edit
checked (in the abstract at least) with Juergen.
Changes are to be more accepting, e.g, allow AS_TRANS on
a 2-byte session.
* (general) Update all commands to use CMD_AS_RANGE.
* bgp_vty.c: (bgp_clear) Fix return vals to use CMD_..
Remove stuff replicated by VTY_GET_LONG
(bgp_clear_vty) Return bgp_clear directly to vty.
* tests/aspath_test.c: Exercise 32bit parsing. Test reconcile
function.
* tests/ecommunity_test.c: New, test AS4 ecommunity changes,
positive test only at this time, error cases not tested yet.
2007-07-25 Juergen Kammer <j.kammer@eurodata.de>
* (general) AS4 support.
* bgpd.h: as_t changes to 4-bytes.
* bgp_aspath.h: Add BGP_AS4_MAX and BGP_AS_TRANS defines.
* bgp_aspath.c: AS_VALUE_SIZE becomes 4-byte, AS16_VALUE_SIZE
added for 2-byte.
Add AS16 versions of length calc macros.
(aspath_count_numas) New, count number of ASes.
(aspath_has_as4) New, return 1 if there are any as4's in a
path.
(assegments_parse) Interpret assegment as 4 or 2 byte,
according to how the caller instructs us, with a new
argument.
(aspath_parse) Add use32bit argument to pass to
assegments_parse. Adjust all its callers to pass 1, unless
otherwise noted.
(assegment_data_put) Adjust to be able to write 2 or 4 byte
AS, according to new use32bit argument.
(aspath_put) Adjust to write 2 or 4.
(aspath_gettoken) Use a long for passed in asno.
* bgp_attr.c: (attr_str) Add BGP_ATTR_AS4_PATH and
BGP_ATTR_AS4_AGGREGATOR.
(bgp_attr_aspath) Call aspath_parse with right 2/4 arg, as
determined by received-capability flag.
(bgp_attr_aspath_check) New, code previously in attr_aspath
but moved to new func so it can be run after NEW_AS_PATH
reconciliation.
(bgp_attr_as4_path) New, handle NEW_AS_PATH.
(bgp_attr_aggregator) Adjust to cope with 2/4 byte ASes.
(bgp_attr_as4_aggregator) New, read NEW_AGGREGATOR.
(bgp_attr_parse) Add handoffs to previous parsers for the two
new AS4 NEW_ attributes.
Various checks added for NEW/OLD reconciliation.
(bgp_packet_attribute) Support 2/4 for AS_PATH and
AGGREGATOR, detect when NEW_ attrs need to be sent.
* bgp_debug.{c,h}: Add 'debug bgp as4'.
* bgp_dump.c: MRTv2 support, unconditionally enabled, which
supports AS4. Based on patches from Erik (RIPE?).
* bgp_ecommunity.c: (ecommunity_ecom2str) ECOMMUNITY_ENCODE_AS4
support.
* bgp_open.c: (peek_for_as4_capability) New, peek for AS4
capability prior to full capability parsing, so we know which
ASN to use for struct peer lookup.
(bgp_open_capability) Always send AS4 capability.
* bgp_packet.c: (bgp_open_send) AS4 handling for AS field
(bgp_open_receive) Peek for AS4 capability first, and figure
out which AS to believe.
* bgp_vty.c: (bgp_show_peer) Print AS4 cap
* tests/aspath_test.c: Support asn32 changes, call aspath_parse
with 16 bit.
* vtysh/extract.pl: AS4 compatibility for router bgp ASNUMBER
* vtysh/extract.pl.in: AS4 compatibility for router bgp ASNUMBER
* vtysh/vtysh.c: AS4 compatibility for router bgp ASNUMBER
|
|
2007-09-17 Paul Jakma <paul.jakma@sun.com>
* bgp_open.c: (bgp_capability_mp) We were setting
afc_nego[safi][safi] rather than afc_nego[afi][safi], thus
failling to announce any non-IPv4 prefixes. Remove the extra,
typo-ed character.
* bgp_capability_test.c: Test that peer's adv_recv and adv_nego get
set correctly for MP capability and given AFI/SAFI.
Colour OK/failed result so it's easier to find them.
|
|
2007-09-07 Paul Jakma <paul.jakma@sun.com>
* (general) bgpd can be made crash by remote peers if debug
bgp updates is set, due to NULL pointer dereference.
Reported by "Mu Security Research Team",
<security@musecurity.com>.
* bgp_attr.c: (bgp_attr_community) If community length is 0,
don't set the community-present attribute bit, just return
early.
* bgp_debug.c: (community_str,community_com2str) Check com
pointer before dereferencing.
|
|
2007-08-27 Paul Jakma <paul.jakma@sun.com>
* bgp_route.c: (bgp_announce_check) Fix bug #398, slight
modification of Vladimir Ivanov's suggested fix - to keep
memory alloc conditional.
(bgp_process_announce_selected) Don't take struct attr as
argument, none of the callers need it and it needlessly
distances allocation from use.
Free the extended attr, the attr itself is on the stack.
Fix bad indentation.
* bgp_attr.c: (bgp_packet_attribute) Remove incorrect assert,
and adjust conditional to test attr->extra, diagnosis by
Vladimir Ivanov in bug #398.
2007-08-27 Vladimir Ivanov <wawa@yandex-team.ru>
* bgp_route.c: (bgp_announce_check_rsclient) copy of
ri->attr is no longer deep enough, due to addition of
attr->extra. It should use bgp_attr_dup, as
bgp_announce_check() does.
|
|
2007-08-23 Paul Jakma <paul.jakma@sun.com>
* bgp_regex.c: (bgp_regcomp) Pass NOSUB flag to regcomp to
prevent parsing of substitutions, which can have profound
performance effects on bgpd and are of no use to the CLI
anyway. How much it helps depends on the regex
implementation.
|
|
2007-07-31 Paul Jakma <paul.jakma@sun.com>
* (general) Support for draft-ietf-idr-as-pathlimit-03.
* bgp_attr.h: (struct attr) Add pathlimit struct
bgp_attr.c: (attr_str) Add BGP_ATTR_AS_PATHLIMIT string.
(attrhash_key_make) tally pathlimit too
(attrhash_cmp) cmp pathlimit attr
(bgp_attr_aspathlimit) New, parse AS_PATHLIMIT attr.
(bgp_attr_parse) ditto
(bgp_packet_attribute) Write out AS_PATHLIMIT when set
(bgp_dump_routes_attr) ditto
* bgp_route.h: (struct bgp_static) Add TTL field
* bgp_route.c: (bgp_announce_check) Drop paths that are over
their hop-count TTL before sending via EBGP.
Mangle ASN in pathlimit for confeds/private as best we can.
(bgp_static_update_{rsclient,main}) Add any configure pathlimit
information.
(bgp_pathlimit_update_parents) New, update atomic-aggr setting for
parents of an aspathlimit'ed static.
(bgp_static_set) Add TTL argument, for all the 'bgp network'
commands.
Call previous for TTL changed statics.
(bgp_static_unset) Call pathlimit_update_parents.
(various bgp network commands) Add 'pathlimit <0-255>' qualifier
to all the various forms, bar route-map - which can set ttl
itself.
* bgp_routemap.c: (general) Add support for 'set pathlimit ttl' and
'match pathlimit as'.
* doc/bgpd.texi: Document 'network ... pathlimit <ttl>'
|